Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 12011962 authored by David S. Miller's avatar David S. Miller
Browse files

Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next 



Pablo Neira Ayuso says:

====================
Netfilter updates for net-next

The following patchset contains a final Netfilter pull request for net-next
4.2. This mostly addresses some fallout from the previous pull request, small
netns updates and a couple of new features for nfnetlink_log and the socket
match that didn't get in time for the previous pull request. More specifically
they are:

1) Add security context information to nfnetlink_queue, from Roman Kubiak.

2) Add support to restore the sk_mark into skb->mark through xt_socket,
   from Harout Hedeshian.

3) Force alignment of 16 bytes of per cpu xt_counters, from Eric Dumazet.

4) Rename br_netfilter.c to br_netfilter_hooks.c to prepare split of IPv6 code
   into a separated file.

5) Move the IPv6 code in br_netfilter into a separated file.

6) Remove unused RCV_SKB_FAIL() in nfnetlink_queue and nfetlink_log, from Eric
   Biederman.

7) Two liner to simplify netns logic in em_ipset_match().

8) Add missing includes to net/net_namespace.h to avoid compilation problems
   that result from not including linux/netfilter.h in netns headers.

9) Use a forward declaration instead of including linux/proc_fs.h from
   netns/netfilter.h

10) Add a new linux/netfilter_defs.h to replace the linux/netfilter.h inclusion
    in netns headers.

11) Remove spurious netfilter.h file included in the net tree, also from Eric
    Biederman.

12) Fix x_tables compilation warnings on 32 bits platforms that resulted from
    recent changes in x_tables counters, from Florian Westphal.
====================

Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parents b67ea97f dcb8f5c8

drivers/net/hamradio/bpqether.c

+0 −1
Original line number Diff line number Diff line
@@ -76,7 +76,6 @@ 
#include <linux/proc_fs.h>

#include <linux/seq_file.h>

#include <linux/stat.h>

#include <linux/netfilter.h>

#include <linux/module.h>

#include <linux/init.h>

#include <linux/rtnetlink.h>

drivers/net/ppp/pptp.c

+0 −2
Original line number Diff line number Diff line
@@ -28,8 +28,6 @@ 
#include <linux/file.h>

#include <linux/in.h>

#include <linux/ip.h>

#include <linux/netfilter.h>

#include <linux/netfilter_ipv4.h>

#include <linux/rcupdate.h>

#include <linux/spinlock.h>

drivers/net/wan/lapbether.c

+0 −1
Original line number Diff line number Diff line
@@ -40,7 +40,6 @@ 
#include <linux/interrupt.h>

#include <linux/notifier.h>

#include <linux/stat.h>

#include <linux/netfilter.h>

#include <linux/module.h>

#include <linux/lapb.h>

#include <linux/init.h>

include/linux/netfilter.h

+2 −4
Original line number Diff line number Diff line
@@ -10,7 +10,8 @@ 
#include <linux/wait.h>

#include <linux/list.h>

#include <linux/static_key.h>

#include <uapi/linux/netfilter.h>

#include <linux/netfilter_defs.h>



#ifdef CONFIG_NETFILTER

static inline int NF_DROP_GETERR(int verdict)

{
@@ -38,9 +39,6 @@ static inline void nf_inet_addr_mask(const union nf_inet_addr *a1, 


int netfilter_init(void);



/* Largest hook number + 1 */

#define NF_MAX_HOOKS 8



struct sk_buff;



struct nf_hook_ops;

include/linux/netfilter/x_tables.h

+8 −6
Original line number Diff line number Diff line
@@ -356,7 +356,8 @@ static inline unsigned long ifname_compare_aligned(const char *_a, 
 * so nothing needs to be done there.

 *

 * xt_percpu_counter_alloc returns the address of the percpu

 * counter, or 0 on !SMP.

 * counter, or 0 on !SMP. We force an alignment of 16 bytes

 * so that bytes/packets share a common cache line.

 *

 * Hence caller must use IS_ERR_VALUE to check for error, this

 * allows us to return 0 for single core systems without forcing
@@ -365,12 +366,13 @@ static inline unsigned long ifname_compare_aligned(const char *_a, 
static inline u64 xt_percpu_counter_alloc(void)

{

	if (nr_cpu_ids > 1) {

		void __percpu *res = alloc_percpu(struct xt_counters);

		void __percpu *res = __alloc_percpu(sizeof(struct xt_counters),

						    sizeof(struct xt_counters));



		if (res == NULL)

			return (u64) -ENOMEM;



		return (__force u64) res;

		return (u64) (__force unsigned long) res;

	}



	return 0;
@@ -378,14 +380,14 @@ static inline u64 xt_percpu_counter_alloc(void) 
static inline void xt_percpu_counter_free(u64 pcnt)

{

	if (nr_cpu_ids > 1)

		free_percpu((void __percpu *) pcnt);

		free_percpu((void __percpu *) (unsigned long) pcnt);

}



static inline struct xt_counters *

xt_get_this_cpu_counter(struct xt_counters *cnt)

{

	if (nr_cpu_ids > 1)

		return this_cpu_ptr((void __percpu *) cnt->pcnt);

		return this_cpu_ptr((void __percpu *) (unsigned long) cnt->pcnt);



	return cnt;

}
@@ -394,7 +396,7 @@ static inline struct xt_counters * 
xt_get_per_cpu_counter(struct xt_counters *cnt, unsigned int cpu)

{

	if (nr_cpu_ids > 1)

		return per_cpu_ptr((void __percpu *) cnt->pcnt, cpu);

		return per_cpu_ptr((void __percpu *) (unsigned long) cnt->pcnt, cpu);



	return cnt;

}