bridge: move mac header copying into br_netfilter

		skb->protocol = htons(ETH_P_PPP_SES);

		skb->protocol = htons(ETH_P_PPP_SES);

}

}

/* Fill in the header for fragmented IP packets handled by

 * the IPv4 connection tracking code.

 *

 * Only used in br_forward.c

 */

static inline int nf_bridge_copy_header(struct sk_buff *skb)

{

	int err;

	unsigned int header_size;

	nf_bridge_update_protocol(skb);

	header_size = ETH_HLEN + nf_bridge_encap_header_len(skb);

	err = skb_cow_head(skb, header_size);

	if (err)

		return err;

	skb_copy_to_linear_data_offset(skb, -header_size,

				       skb->nf_bridge->data, header_size);

	__skb_push(skb, nf_bridge_encap_header_len(skb));

	return 0;

}

static inline int nf_bridge_maybe_copy_header(struct sk_buff *skb)

{

	if (skb->nf_bridge &&

	    skb->nf_bridge->mask & (BRNF_BRIDGED | BRNF_BRIDGED_DNAT))

		return nf_bridge_copy_header(skb);

  	return 0;

}

static inline unsigned int nf_bridge_mtu_reduction(const struct sk_buff *skb)

static inline unsigned int nf_bridge_mtu_reduction(const struct sk_buff *skb)

{

{

	if (unlikely(skb->nf_bridge->mask & BRNF_PPPoE))

	if (unlikely(skb->nf_bridge->mask & BRNF_PPPoE))

}

}

#else

#else

#define nf_bridge_maybe_copy_header(skb)	(0)

#define nf_bridge_pad(skb)			(0)

#define nf_bridge_pad(skb)			(0)

#define br_drop_fake_rtable(skb)	        do { } while (0)

#define br_drop_fake_rtable(skb)	        do { } while (0)

#endif /* CONFIG_BRIDGE_NETFILTER */

#endif /* CONFIG_BRIDGE_NETFILTER */

int br_dev_queue_push_xmit(struct sk_buff *skb)

int br_dev_queue_push_xmit(struct sk_buff *skb)

{

{

	/* ip_fragment doesn't copy the MAC header */

	if (!is_skb_forwardable(skb->dev, skb)) {

	if (nf_bridge_maybe_copy_header(skb) ||

	    !is_skb_forwardable(skb->dev, skb)) {

		kfree_skb(skb);

		kfree_skb(skb);

	} else {

	} else {

		skb_push(skb, ETH_HLEN);

		skb_push(skb, ETH_HLEN);

}

}

#if IS_ENABLED(CONFIG_NF_DEFRAG_IPV4)

#if IS_ENABLED(CONFIG_NF_DEFRAG_IPV4)

static bool nf_bridge_copy_header(struct sk_buff *skb)

{

	int err;

	unsigned int header_size;

	nf_bridge_update_protocol(skb);

	header_size = ETH_HLEN + nf_bridge_encap_header_len(skb);

	err = skb_cow_head(skb, header_size);

	if (err)

		return false;

	skb_copy_to_linear_data_offset(skb, -header_size,

				       skb->nf_bridge->data, header_size);

	__skb_push(skb, nf_bridge_encap_header_len(skb));

	return true;

}

static int br_nf_push_frag_xmit(struct sk_buff *skb)

{

	if (!nf_bridge_copy_header(skb)) {

		kfree_skb(skb);

		return 0;

	}

	return br_dev_queue_push_xmit(skb);

}

static int br_nf_dev_queue_xmit(struct sk_buff *skb)

static int br_nf_dev_queue_xmit(struct sk_buff *skb)

{

{

	int ret;

	int ret;

			/* Drop invalid packet */

			/* Drop invalid packet */

			return NF_DROP;

			return NF_DROP;

		IPCB(skb)->frag_max_size = frag_max_size;

		IPCB(skb)->frag_max_size = frag_max_size;

		ret = ip_fragment(skb, br_dev_queue_push_xmit);

		ret = ip_fragment(skb, br_nf_push_frag_xmit);

	} else

	} else

		ret = br_dev_queue_push_xmit(skb);

		ret = br_dev_queue_push_xmit(skb);