netfilter: move nat hlist_head to nf_conn

	/* Extensions */

	struct nf_ct_ext *ext;

#if IS_ENABLED(CONFIG_NF_NAT)

	struct hlist_node	nat_bysource;

#endif

	/* Storage reserved for other modules, must be the last member */

	union nf_conntrack_proto proto;

};

struct nf_ct_ext_type {

	/* Destroys relationships (can be NULL). */

	void (*destroy)(struct nf_conn *ct);

	/* Called when realloacted (can be NULL).

	   Contents has already been moved. */

	void (*move)(void *new, void *old);

	enum nf_ct_ext_id id;

/* The structure embedded in the conntrack structure. */

struct nf_conn_nat {

	struct hlist_node bysource;

	struct nf_conn *ct;

	union nf_conntrack_nat_help help;

#if IS_ENABLED(CONFIG_NF_NAT_MASQUERADE_IPV4) || \

    IS_ENABLED(CONFIG_NF_NAT_MASQUERADE_IPV6)

			     size_t var_alloc_len, gfp_t gfp)

{

	struct nf_ct_ext *old, *new;

	int i, newlen, newoff;

	int newlen, newoff;

	struct nf_ct_ext_type *t;

	/* Conntrack must not be confirmed to avoid races on reallocation. */

		return NULL;

	if (new != old) {

		for (i = 0; i < NF_CT_EXT_NUM; i++) {

			if (!__nf_ct_ext_exist(old, i))

				continue;

			rcu_read_lock();

			t = rcu_dereference(nf_ct_ext_types[i]);

			if (t && t->move)

				t->move((void *)new + new->offset[i],

					(void *)old + old->offset[i]);

			rcu_read_unlock();

		}

		kfree_rcu(old, rcu);

		ct->ext = new;

		rcu_assign_pointer(ct->ext, new);

	}

	new->offset[id] = newoff;

		     const struct nf_nat_range *range)

{

	unsigned int h = hash_by_src(net, tuple);

	const struct nf_conn_nat *nat;

	const struct nf_conn *ct;

	hlist_for_each_entry_rcu(nat, &nf_nat_bysource[h], bysource) {

		ct = nat->ct;

	hlist_for_each_entry_rcu(ct, &nf_nat_bysource[h], nat_bysource) {

		if (same_src(ct, tuple) &&

		    net_eq(net, nf_ct_net(ct)) &&

		    nf_ct_zone_equal(ct, zone, IP_CT_DIR_ORIGINAL)) {

		spin_lock_bh(&nf_nat_lock);

		/* nf_conntrack_alter_reply might re-allocate extension aera */

		nat = nfct_nat(ct);

		nat->ct = ct;

		hlist_add_head_rcu(&nat->bysource,

		hlist_add_head_rcu(&ct->nat_bysource,

				   &nf_nat_bysource[srchash]);

		spin_unlock_bh(&nf_nat_lock);

	}

	if (nf_nat_proto_remove(ct, data))

		return 1;

	if (!nat || !nat->ct)

	if (!nat)

		return 0;

	/* This netns is being destroyed, and conntrack has nat null binding.

		return 1;

	spin_lock_bh(&nf_nat_lock);

	hlist_del_rcu(&nat->bysource);

	hlist_del_rcu(&ct->nat_bysource);

	ct->status &= ~IPS_NAT_DONE_MASK;

	nat->ct = NULL;

	spin_unlock_bh(&nf_nat_lock);

	add_timer(&ct->timeout);

{

	struct nf_conn_nat *nat = nf_ct_ext_find(ct, NF_CT_EXT_NAT);

	if (nat == NULL || nat->ct == NULL)

	if (!nat)

		return;

	NF_CT_ASSERT(nat->ct->status & IPS_SRC_NAT_DONE);

	spin_lock_bh(&nf_nat_lock);

	hlist_del_rcu(&nat->bysource);

	spin_unlock_bh(&nf_nat_lock);

}

static void nf_nat_move_storage(void *new, void *old)

{

	struct nf_conn_nat *new_nat = new;

	struct nf_conn_nat *old_nat = old;

	struct nf_conn *ct = old_nat->ct;

	if (!ct || !(ct->status & IPS_SRC_NAT_DONE))

		return;

	NF_CT_ASSERT(ct->status & IPS_SRC_NAT_DONE);

	spin_lock_bh(&nf_nat_lock);

	hlist_replace_rcu(&old_nat->bysource, &new_nat->bysource);

	hlist_del_rcu(&ct->nat_bysource);

	spin_unlock_bh(&nf_nat_lock);

}

	.len		= sizeof(struct nf_conn_nat),

	.align		= __alignof__(struct nf_conn_nat),

	.destroy	= nf_nat_cleanup_conntrack,

	.move		= nf_nat_move_storage,

	.id		= NF_CT_EXT_NAT,

	.flags		= NF_CT_EXT_F_PREALLOC,

};