kernel: copy kernel 4.19 code to 5.4

No changes were done to the patches while coping them. Currently they do
not apply on top of kernel 5.4.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

1 files changed, 24 insertions, 0 deletions

diff --git a/target/linux/generic/backport-5.4/371-netfilter-nf_flow_table-fix-up-ct-state-of-flows-aft.patch b/target/linux/generic/backport-5.4/371-netfilter-nf_flow_table-fix-up-ct-state-of-flows-aft.patch
new file mode 100644
index 0000000000..2e25066499
--- /dev/null
+++ b/target/linux/generic/backport-5.4/371-netfilter-nf_flow_table-fix-up-ct-state-of-flows-aft.patch
@@ -0,0 +1,24 @@
+From: Felix Fietkau <nbd@nbd.name>
+Date: Thu, 14 Jun 2018 11:20:09 +0200
+Subject: [PATCH] netfilter: nf_flow_table: fix up ct state of flows after
+ timeout
+
+If a connection simply times out instead of being torn down, it is left
+active with a long timeout. Fix this by calling flow_offload_fixup_ct_state
+here as well.
+
+Signed-off-by: Felix Fietkau <nbd@nbd.name>
+---
+
+--- a/net/netfilter/nf_flow_table_core.c
++++ b/net/netfilter/nf_flow_table_core.c
+@@ -243,6 +243,9 @@ static void flow_offload_del(struct nf_f
+ 	e = container_of(flow, struct flow_offload_entry, flow);
+ 	clear_bit(IPS_OFFLOAD_BIT, &e->ct->status);
+ 
++	if (!(flow->flags & FLOW_OFFLOAD_TEARDOWN))
++		flow_offload_fixup_ct_state(e->ct);
++
+ 	flow_offload_free(flow);
+ }
+