diff options
| author | Hauke Mehrtens <hauke@hauke-m.de> | 2018-11-01 17:57:55 +0100 |
|---|---|---|
| committer | Hauke Mehrtens <hauke@hauke-m.de> | 2018-12-15 12:50:06 +0100 |
| commit | 52a82ce3dd901a1536c7d7d9d963e9c2d761c816 (patch) | |
| tree | 79020fb59420fcea7bdc4b12272f7251e101fe64 /target/linux/generic/backport-4.19/359-v4.18-netfilter-nf_flow_table-track-flow-tables-in-nf_flow.patch | |
| parent | a272af75cd8c67d265400f96c1e6bb172315c23c (diff) | |
| download | upstream-52a82ce3dd901a1536c7d7d9d963e9c2d761c816.tar.gz upstream-52a82ce3dd901a1536c7d7d9d963e9c2d761c816.tar.bz2 upstream-52a82ce3dd901a1536c7d7d9d963e9c2d761c816.zip | |
kernel: Copy patches from kernel 4.14 to 4.19
This just copies the files from the kernel 4.14 specific folders into
the kernel 4.19 specific folder, no changes are done to the files in
this commit.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Diffstat (limited to 'target/linux/generic/backport-4.19/359-v4.18-netfilter-nf_flow_table-track-flow-tables-in-nf_flow.patch')
| -rw-r--r-- | target/linux/generic/backport-4.19/359-v4.18-netfilter-nf_flow_table-track-flow-tables-in-nf_flow.patch | 114 |
1 files changed, 114 insertions, 0 deletions
diff --git a/target/linux/generic/backport-4.19/359-v4.18-netfilter-nf_flow_table-track-flow-tables-in-nf_flow.patch b/target/linux/generic/backport-4.19/359-v4.18-netfilter-nf_flow_table-track-flow-tables-in-nf_flow.patch new file mode 100644 index 0000000000..84048a0be8 --- /dev/null +++ b/target/linux/generic/backport-4.19/359-v4.18-netfilter-nf_flow_table-track-flow-tables-in-nf_flow.patch @@ -0,0 +1,114 @@ +From: Felix Fietkau <nbd@nbd.name> +Date: Tue, 20 Feb 2018 14:08:14 +0100 +Subject: [PATCH] netfilter: nf_flow_table: track flow tables in nf_flow_table + directly + +Avoids having nf_flow_table depend on nftables (useful for future +iptables backport work) + +Signed-off-by: Felix Fietkau <nbd@nbd.name> +--- + +--- a/include/net/netfilter/nf_flow_table.h ++++ b/include/net/netfilter/nf_flow_table.h +@@ -21,6 +21,7 @@ struct nf_flowtable_type { + }; + + struct nf_flowtable { ++ struct list_head list; + struct rhashtable rhashtable; + const struct nf_flowtable_type *type; + struct delayed_work gc_work; +--- a/include/net/netfilter/nf_tables.h ++++ b/include/net/netfilter/nf_tables.h +@@ -1096,9 +1096,6 @@ struct nft_flowtable { + struct nft_flowtable *nf_tables_flowtable_lookup(const struct nft_table *table, + const struct nlattr *nla, + u8 genmask); +-void nft_flow_table_iterate(struct net *net, +- void (*iter)(struct nf_flowtable *flowtable, void *data), +- void *data); + + void nft_register_flowtable_type(struct nf_flowtable_type *type); + void nft_unregister_flowtable_type(struct nf_flowtable_type *type); +--- a/net/netfilter/nf_flow_table_core.c ++++ b/net/netfilter/nf_flow_table_core.c +@@ -18,6 +18,9 @@ struct flow_offload_entry { + struct rcu_head rcu_head; + }; + ++static DEFINE_MUTEX(flowtable_lock); ++static LIST_HEAD(flowtables); ++ + static void + flow_offload_fill_dir(struct flow_offload *flow, struct nf_conn *ct, + struct nf_flow_route *route, +@@ -410,6 +413,10 @@ int nf_flow_table_init(struct nf_flowtab + queue_delayed_work(system_power_efficient_wq, + &flowtable->gc_work, HZ); + ++ mutex_lock(&flowtable_lock); ++ list_add(&flowtable->list, &flowtables); ++ mutex_unlock(&flowtable_lock); ++ + return 0; + } + EXPORT_SYMBOL_GPL(nf_flow_table_init); +@@ -425,20 +432,28 @@ static void nf_flow_table_do_cleanup(str + } + + static void nf_flow_table_iterate_cleanup(struct nf_flowtable *flowtable, +- void *data) ++ struct net_device *dev) + { +- nf_flow_table_iterate(flowtable, nf_flow_table_do_cleanup, data); ++ nf_flow_table_iterate(flowtable, nf_flow_table_do_cleanup, dev); + flush_delayed_work(&flowtable->gc_work); + } + + void nf_flow_table_cleanup(struct net *net, struct net_device *dev) + { +- nft_flow_table_iterate(net, nf_flow_table_iterate_cleanup, dev); ++ struct nf_flowtable *flowtable; ++ ++ mutex_lock(&flowtable_lock); ++ list_for_each_entry(flowtable, &flowtables, list) ++ nf_flow_table_iterate_cleanup(flowtable, dev); ++ mutex_unlock(&flowtable_lock); + } + EXPORT_SYMBOL_GPL(nf_flow_table_cleanup); + + void nf_flow_table_free(struct nf_flowtable *flow_table) + { ++ mutex_lock(&flowtable_lock); ++ list_del(&flow_table->list); ++ mutex_unlock(&flowtable_lock); + cancel_delayed_work_sync(&flow_table->gc_work); + nf_flow_table_iterate(flow_table, nf_flow_table_do_cleanup, NULL); + WARN_ON(!nf_flow_offload_gc_step(flow_table)); +--- a/net/netfilter/nf_tables_api.c ++++ b/net/netfilter/nf_tables_api.c +@@ -4991,23 +4991,6 @@ static const struct nf_flowtable_type *n + return ERR_PTR(-ENOENT); + } + +-void nft_flow_table_iterate(struct net *net, +- void (*iter)(struct nf_flowtable *flowtable, void *data), +- void *data) +-{ +- struct nft_flowtable *flowtable; +- const struct nft_table *table; +- +- nfnl_lock(NFNL_SUBSYS_NFTABLES); +- list_for_each_entry(table, &net->nft.tables, list) { +- list_for_each_entry(flowtable, &table->flowtables, list) { +- iter(&flowtable->data, data); +- } +- } +- nfnl_unlock(NFNL_SUBSYS_NFTABLES); +-} +-EXPORT_SYMBOL_GPL(nft_flow_table_iterate); +- + static void nft_unregister_flowtable_net_hooks(struct net *net, + struct nft_flowtable *flowtable) + { |