kernel: bump 4.14 to 4.14.164

[openwrt/staging/wigyori.git] / target / linux / generic / backport-4.14 / 321-v4.16-netfilter-nf_tables-add-flow-table-netlink-frontend.patch

diff --git a/target/linux/generic/backport-4.14/321-v4.16-netfilter-nf_tables-add-flow-table-netlink-frontend.patch b/target/linux/generic/backport-4.14/321-v4.16-netfilter-nf_tables-add-flow-table-netlink-frontend.patch
index bce3914effd6a362aafb57d65bf09b8e6ea7aadf..f0109e4823606fc790dccc6ffaa750d628bdeccc 100644 (file)
--- a/target/linux/generic/backport-4.14/321-v4.16-netfilter-nf_tables-add-flow-table-netlink-frontend.patch
+++ b/target/linux/generic/backport-4.14/321-v4.16-netfilter-nf_tables-add-flow-table-netlink-frontend.patch
@@ -50,7 +50,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  #include <net/netlink.h>
  
  #define NFT_JUMP_STACK_SIZE   16
-@@ -938,6 +939,7 @@ unsigned int nft_do_chain(struct nft_pkt
+@@ -939,6 +940,7 @@ unsigned int nft_do_chain(struct nft_pkt
   *    @chains: chains in the table
   *    @sets: sets in the table
   *    @objects: stateful objects in the table
@@ -58,7 +58,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   *    @hgenerator: handle generator state
   *    @use: number of chain references to this table
   *    @flags: table flag (see enum nft_table_flags)
-@@ -949,6 +951,7 @@ struct nft_table {
+@@ -950,6 +952,7 @@ struct nft_table {
        struct list_head                chains;
        struct list_head                sets;
        struct list_head                objects;
@@ -66,7 +66,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
        u64                             hgenerator;
        u32                             use;
        u16                             flags:14,
-@@ -1080,6 +1083,44 @@ int nft_register_obj(struct nft_object_t
+@@ -1081,6 +1084,44 @@ int nft_register_obj(struct nft_object_t
  void nft_unregister_obj(struct nft_object_type *obj_type);
  
  /**
@@ -111,7 +111,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   *    struct nft_traceinfo - nft tracing information and state
   *
   *    @pkt: pktinfo currently processed
-@@ -1315,4 +1356,11 @@ struct nft_trans_obj {
+@@ -1316,4 +1357,11 @@ struct nft_trans_obj {
  #define nft_trans_obj(trans)  \
        (((struct nft_trans_obj *)trans->data)->obj)
  
@@ -217,7 +217,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  
  /**
   *    nft_register_afinfo - register nf_tables address family info
-@@ -377,6 +379,40 @@ static int nft_delobj(struct nft_ctx *ct
+@@ -389,6 +391,40 @@ static int nft_delobj(struct nft_ctx *ct
        return err;
  }
  
@@ -258,7 +258,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  /*
   * Tables
   */
-@@ -760,6 +796,7 @@ static int nf_tables_newtable(struct net
+@@ -772,6 +808,7 @@ static int nf_tables_newtable(struct net
        INIT_LIST_HEAD(&table->chains);
        INIT_LIST_HEAD(&table->sets);
        INIT_LIST_HEAD(&table->objects);
@@ -266,7 +266,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
        table->flags = flags;
  
        nft_ctx_init(&ctx, net, skb, nlh, afi, table, NULL, nla);
-@@ -781,10 +818,11 @@ err1:
+@@ -793,10 +830,11 @@ err1:
  
  static int nft_flush_table(struct nft_ctx *ctx)
  {
@@ -279,7 +279,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  
        list_for_each_entry(chain, &ctx->table->chains, list) {
                if (!nft_is_active_next(ctx->net, chain))
-@@ -810,6 +848,12 @@ static int nft_flush_table(struct nft_ct
+@@ -822,6 +860,12 @@ static int nft_flush_table(struct nft_ct
                        goto out;
        }
  
@@ -292,7 +292,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
        list_for_each_entry_safe(obj, ne, &ctx->table->objects, list) {
                err = nft_delobj(ctx, obj);
                if (err < 0)
-@@ -4834,6 +4878,605 @@ static void nf_tables_obj_notify(const s
+@@ -4862,6 +4906,605 @@ static void nf_tables_obj_notify(const s
                       ctx->afi->family, ctx->report, GFP_KERNEL);
  }
  
@@ -898,7 +898,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  static int nf_tables_fill_gen_info(struct sk_buff *skb, struct net *net,
                                   u32 portid, u32 seq)
  {
-@@ -4864,6 +5507,49 @@ nla_put_failure:
+@@ -4892,6 +5535,49 @@ nla_put_failure:
        return -EMSGSIZE;
  }
  
@@ -948,7 +948,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  static void nf_tables_gen_notify(struct net *net, struct sk_buff *skb,
                                 int event)
  {
-@@ -5016,6 +5702,21 @@ static const struct nfnl_callback nf_tab
+@@ -5044,6 +5730,21 @@ static const struct nfnl_callback nf_tab
                .attr_count     = NFTA_OBJ_MAX,
                .policy         = nft_obj_policy,
        },
@@ -970,7 +970,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  };
  
  static void nft_chain_commit_update(struct nft_trans *trans)
-@@ -5064,6 +5765,9 @@ static void nf_tables_commit_release(str
+@@ -5092,6 +5793,9 @@ static void nf_tables_commit_release(str
        case NFT_MSG_DELOBJ:
                nft_obj_destroy(nft_trans_obj(trans));
                break;
@@ -980,7 +980,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
        }
        kfree(trans);
  }
-@@ -5183,6 +5887,21 @@ static int nf_tables_commit(struct net *
+@@ -5211,6 +5915,21 @@ static int nf_tables_commit(struct net *
                        nf_tables_obj_notify(&trans->ctx, nft_trans_obj(trans),
                                             NFT_MSG_DELOBJ);
                        break;
@@ -1002,7 +1002,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                }
        }
  
-@@ -5220,6 +5939,9 @@ static void nf_tables_abort_release(stru
+@@ -5248,6 +5967,9 @@ static void nf_tables_abort_release(stru
        case NFT_MSG_NEWOBJ:
                nft_obj_destroy(nft_trans_obj(trans));
                break;
@@ -1012,7 +1012,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
        }
        kfree(trans);
  }
-@@ -5311,6 +6033,17 @@ static int nf_tables_abort(struct net *n
+@@ -5339,6 +6061,17 @@ static int nf_tables_abort(struct net *n
                        nft_clear(trans->ctx.net, nft_trans_obj(trans));
                        nft_trans_destroy(trans);
                        break;
@@ -1030,7 +1030,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                }
        }
  
-@@ -5861,6 +6594,7 @@ EXPORT_SYMBOL_GPL(__nft_release_basechai
+@@ -5889,6 +6622,7 @@ EXPORT_SYMBOL_GPL(__nft_release_basechai
  /* Called by nft_unregister_afinfo() from __net_exit path, nfnl_lock is held. */
  static void __nft_release_afinfo(struct net *net, struct nft_af_info *afi)
  {
@@ -1038,7 +1038,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
        struct nft_table *table, *nt;
        struct nft_chain *chain, *nc;
        struct nft_object *obj, *ne;
-@@ -5874,6 +6608,9 @@ static void __nft_release_afinfo(struct
+@@ -5902,6 +6636,9 @@ static void __nft_release_afinfo(struct
        list_for_each_entry_safe(table, nt, &afi->tables, list) {
                list_for_each_entry(chain, &table->chains, list)
                        nf_tables_unregister_hook(net, table, chain);
@@ -1048,7 +1048,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                /* No packets are walking on these chains anymore. */
                ctx.table = table;
                list_for_each_entry(chain, &table->chains, list) {
-@@ -5884,6 +6621,11 @@ static void __nft_release_afinfo(struct
+@@ -5912,6 +6649,11 @@ static void __nft_release_afinfo(struct
                                nf_tables_rule_release(&ctx, rule);
                        }
                }
@@ -1060,7 +1060,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                list_for_each_entry_safe(set, ns, &table->sets, list) {
                        list_del(&set->list);
                        table->use--;
-@@ -5927,6 +6669,8 @@ static int __init nf_tables_module_init(
+@@ -5955,6 +6697,8 @@ static int __init nf_tables_module_init(
        if (err < 0)
                goto err3;
  
@@ -1069,7 +1069,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
        pr_info("nf_tables: (c) 2007-2009 Patrick McHardy <kaber@trash.net>\n");
        return register_pernet_subsys(&nf_tables_net_ops);
  err3:
-@@ -5941,6 +6685,7 @@ static void __exit nf_tables_module_exit
+@@ -5969,6 +6713,7 @@ static void __exit nf_tables_module_exit
  {
        unregister_pernet_subsys(&nf_tables_net_ops);
        nfnetlink_subsys_unregister(&nf_tables_subsys);