From 95acc4fe0e31ae91d485635c021d259e06785b5d Mon Sep 17 00:00:00 2001
From: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Date: Fri, 7 Aug 2020 14:29:11 +0200
Subject: kernel: remove support for kernel 4.14

No target uses kernel 4.14 anymore.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
---
 ...f_tables-remove-hooks-from-family-definit.patch | 233 ---------------------
 1 file changed, 233 deletions(-)
 delete mode 100644 target/linux/generic/backport-4.14/312-v4.16-netfilter-nf_tables-remove-hooks-from-family-definit.patch

(limited to 'target/linux/generic/backport-4.14/312-v4.16-netfilter-nf_tables-remove-hooks-from-family-definit.patch')

diff --git a/target/linux/generic/backport-4.14/312-v4.16-netfilter-nf_tables-remove-hooks-from-family-definit.patch b/target/linux/generic/backport-4.14/312-v4.16-netfilter-nf_tables-remove-hooks-from-family-definit.patch
deleted file mode 100644
index a12679db43..0000000000
--- a/target/linux/generic/backport-4.14/312-v4.16-netfilter-nf_tables-remove-hooks-from-family-definit.patch
+++ /dev/null
@@ -1,233 +0,0 @@
-From: Pablo Neira Ayuso <pablo@netfilter.org>
-Date: Sat, 9 Dec 2017 15:43:17 +0100
-Subject: [PATCH] netfilter: nf_tables: remove hooks from family definition
-
-They don't belong to the family definition, move them to the filter
-chain type definition instead.
-
-Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
----
-
---- a/include/net/netfilter/nf_tables.h
-+++ b/include/net/netfilter/nf_tables.h
-@@ -876,7 +876,7 @@ enum nft_chain_type {
-  * 	@family: address family
-  * 	@owner: module owner
-  * 	@hook_mask: mask of valid hooks
-- * 	@hooks: hookfn overrides
-+ * 	@hooks: array of hook functions
-  */
- struct nf_chain_type {
- 	const char			*name;
-@@ -970,7 +970,6 @@ enum nft_af_flags {
-  *	@owner: module owner
-  *	@tables: used internally
-  *	@flags: family flags
-- *	@hooks: hookfn overrides for packet validation
-  */
- struct nft_af_info {
- 	struct list_head		list;
-@@ -979,7 +978,6 @@ struct nft_af_info {
- 	struct module			*owner;
- 	struct list_head		tables;
- 	u32				flags;
--	nf_hookfn			*hooks[NF_MAX_HOOKS];
- };
- 
- int nft_register_afinfo(struct net *, struct nft_af_info *);
---- a/net/bridge/netfilter/nf_tables_bridge.c
-+++ b/net/bridge/netfilter/nf_tables_bridge.c
-@@ -46,13 +46,6 @@ static struct nft_af_info nft_af_bridge
- 	.family		= NFPROTO_BRIDGE,
- 	.nhooks		= NF_BR_NUMHOOKS,
- 	.owner		= THIS_MODULE,
--	.hooks		= {
--		[NF_BR_PRE_ROUTING]	= nft_do_chain_bridge,
--		[NF_BR_LOCAL_IN]	= nft_do_chain_bridge,
--		[NF_BR_FORWARD]		= nft_do_chain_bridge,
--		[NF_BR_LOCAL_OUT]	= nft_do_chain_bridge,
--		[NF_BR_POST_ROUTING]	= nft_do_chain_bridge,
--	},
- };
- 
- static int nf_tables_bridge_init_net(struct net *net)
-@@ -93,6 +86,13 @@ static const struct nf_chain_type filter
- 			  (1 << NF_BR_FORWARD) |
- 			  (1 << NF_BR_LOCAL_OUT) |
- 			  (1 << NF_BR_POST_ROUTING),
-+	.hooks		= {
-+		[NF_BR_PRE_ROUTING]	= nft_do_chain_bridge,
-+		[NF_BR_LOCAL_IN]	= nft_do_chain_bridge,
-+		[NF_BR_FORWARD]		= nft_do_chain_bridge,
-+		[NF_BR_LOCAL_OUT]	= nft_do_chain_bridge,
-+		[NF_BR_POST_ROUTING]	= nft_do_chain_bridge,
-+	},
- };
- 
- static int __init nf_tables_bridge_init(void)
---- a/net/ipv4/netfilter/nf_tables_arp.c
-+++ b/net/ipv4/netfilter/nf_tables_arp.c
-@@ -31,10 +31,6 @@ static struct nft_af_info nft_af_arp __r
- 	.family		= NFPROTO_ARP,
- 	.nhooks		= NF_ARP_NUMHOOKS,
- 	.owner		= THIS_MODULE,
--	.hooks		= {
--		[NF_ARP_IN]		= nft_do_chain_arp,
--		[NF_ARP_OUT]		= nft_do_chain_arp,
--	},
- };
- 
- static int nf_tables_arp_init_net(struct net *net)
-@@ -72,6 +68,10 @@ static const struct nf_chain_type filter
- 	.owner		= THIS_MODULE,
- 	.hook_mask	= (1 << NF_ARP_IN) |
- 			  (1 << NF_ARP_OUT),
-+	.hooks		= {
-+		[NF_ARP_IN]		= nft_do_chain_arp,
-+		[NF_ARP_OUT]		= nft_do_chain_arp,
-+	},
- };
- 
- static int __init nf_tables_arp_init(void)
---- a/net/ipv4/netfilter/nf_tables_ipv4.c
-+++ b/net/ipv4/netfilter/nf_tables_ipv4.c
-@@ -49,13 +49,6 @@ static struct nft_af_info nft_af_ipv4 __
- 	.family		= NFPROTO_IPV4,
- 	.nhooks		= NF_INET_NUMHOOKS,
- 	.owner		= THIS_MODULE,
--	.hooks		= {
--		[NF_INET_LOCAL_IN]	= nft_do_chain_ipv4,
--		[NF_INET_LOCAL_OUT]	= nft_ipv4_output,
--		[NF_INET_FORWARD]	= nft_do_chain_ipv4,
--		[NF_INET_PRE_ROUTING]	= nft_do_chain_ipv4,
--		[NF_INET_POST_ROUTING]	= nft_do_chain_ipv4,
--	},
- };
- 
- static int nf_tables_ipv4_init_net(struct net *net)
-@@ -96,6 +89,13 @@ static const struct nf_chain_type filter
- 			  (1 << NF_INET_FORWARD) |
- 			  (1 << NF_INET_PRE_ROUTING) |
- 			  (1 << NF_INET_POST_ROUTING),
-+	.hooks		= {
-+		[NF_INET_LOCAL_IN]	= nft_do_chain_ipv4,
-+		[NF_INET_LOCAL_OUT]	= nft_ipv4_output,
-+		[NF_INET_FORWARD]	= nft_do_chain_ipv4,
-+		[NF_INET_PRE_ROUTING]	= nft_do_chain_ipv4,
-+		[NF_INET_POST_ROUTING]	= nft_do_chain_ipv4,
-+	},
- };
- 
- static int __init nf_tables_ipv4_init(void)
---- a/net/ipv6/netfilter/nf_tables_ipv6.c
-+++ b/net/ipv6/netfilter/nf_tables_ipv6.c
-@@ -46,13 +46,6 @@ static struct nft_af_info nft_af_ipv6 __
- 	.family		= NFPROTO_IPV6,
- 	.nhooks		= NF_INET_NUMHOOKS,
- 	.owner		= THIS_MODULE,
--	.hooks		= {
--		[NF_INET_LOCAL_IN]	= nft_do_chain_ipv6,
--		[NF_INET_LOCAL_OUT]	= nft_ipv6_output,
--		[NF_INET_FORWARD]	= nft_do_chain_ipv6,
--		[NF_INET_PRE_ROUTING]	= nft_do_chain_ipv6,
--		[NF_INET_POST_ROUTING]	= nft_do_chain_ipv6,
--	},
- };
- 
- static int nf_tables_ipv6_init_net(struct net *net)
-@@ -93,6 +86,13 @@ static const struct nf_chain_type filter
- 			  (1 << NF_INET_FORWARD) |
- 			  (1 << NF_INET_PRE_ROUTING) |
- 			  (1 << NF_INET_POST_ROUTING),
-+	.hooks		= {
-+		[NF_INET_LOCAL_IN]	= nft_do_chain_ipv6,
-+		[NF_INET_LOCAL_OUT]	= nft_ipv6_output,
-+		[NF_INET_FORWARD]	= nft_do_chain_ipv6,
-+		[NF_INET_PRE_ROUTING]	= nft_do_chain_ipv6,
-+		[NF_INET_POST_ROUTING]	= nft_do_chain_ipv6,
-+	},
- };
- 
- static int __init nf_tables_ipv6_init(void)
---- a/net/netfilter/nf_tables_api.c
-+++ b/net/netfilter/nf_tables_api.c
-@@ -1398,7 +1398,6 @@ static int nf_tables_addchain(struct nft
- 	if (nla[NFTA_CHAIN_HOOK]) {
- 		struct nft_chain_hook hook;
- 		struct nf_hook_ops *ops;
--		nf_hookfn *hookfn;
- 
- 		err = nft_chain_parse_hook(net, nla, afi, &hook, create);
- 		if (err < 0)
-@@ -1424,7 +1423,6 @@ static int nf_tables_addchain(struct nft
- 			static_branch_inc(&nft_counters_enabled);
- 		}
- 
--		hookfn = hook.type->hooks[hook.num];
- 		basechain->type = hook.type;
- 		chain = &basechain->chain;
- 
-@@ -1433,10 +1431,8 @@ static int nf_tables_addchain(struct nft
- 		ops->hooknum	= hook.num;
- 		ops->priority	= hook.priority;
- 		ops->priv	= chain;
--		ops->hook	= afi->hooks[ops->hooknum];
-+		ops->hook	= hook.type->hooks[ops->hooknum];
- 		ops->dev	= hook.dev;
--		if (hookfn)
--			ops->hook = hookfn;
- 
- 		if (basechain->type->type == NFT_CHAIN_T_NAT)
- 			ops->nat_hook = true;
---- a/net/netfilter/nf_tables_inet.c
-+++ b/net/netfilter/nf_tables_inet.c
-@@ -74,13 +74,6 @@ static struct nft_af_info nft_af_inet __
- 	.family		= NFPROTO_INET,
- 	.nhooks		= NF_INET_NUMHOOKS,
- 	.owner		= THIS_MODULE,
--	.hooks		= {
--		[NF_INET_LOCAL_IN]	= nft_do_chain_inet,
--		[NF_INET_LOCAL_OUT]	= nft_inet_output,
--		[NF_INET_FORWARD]	= nft_do_chain_inet,
--		[NF_INET_PRE_ROUTING]	= nft_do_chain_inet,
--		[NF_INET_POST_ROUTING]	= nft_do_chain_inet,
--        },
- };
- 
- static int __net_init nf_tables_inet_init_net(struct net *net)
-@@ -121,6 +114,13 @@ static const struct nf_chain_type filter
- 			  (1 << NF_INET_FORWARD) |
- 			  (1 << NF_INET_PRE_ROUTING) |
- 			  (1 << NF_INET_POST_ROUTING),
-+	.hooks		= {
-+		[NF_INET_LOCAL_IN]	= nft_do_chain_inet,
-+		[NF_INET_LOCAL_OUT]	= nft_inet_output,
-+		[NF_INET_FORWARD]	= nft_do_chain_inet,
-+		[NF_INET_PRE_ROUTING]	= nft_do_chain_inet,
-+		[NF_INET_POST_ROUTING]	= nft_do_chain_inet,
-+        },
- };
- 
- static int __init nf_tables_inet_init(void)
---- a/net/netfilter/nf_tables_netdev.c
-+++ b/net/netfilter/nf_tables_netdev.c
-@@ -43,9 +43,6 @@ static struct nft_af_info nft_af_netdev
- 	.nhooks		= NF_NETDEV_NUMHOOKS,
- 	.owner		= THIS_MODULE,
- 	.flags		= NFT_AF_NEEDS_DEV,
--	.hooks		= {
--		[NF_NETDEV_INGRESS]	= nft_do_chain_netdev,
--	},
- };
- 
- static int nf_tables_netdev_init_net(struct net *net)
-@@ -82,6 +79,9 @@ static const struct nf_chain_type nft_fi
- 	.family		= NFPROTO_NETDEV,
- 	.owner		= THIS_MODULE,
- 	.hook_mask	= (1 << NF_NETDEV_INGRESS),
-+	.hooks		= {
-+		[NF_NETDEV_INGRESS]	= nft_do_chain_netdev,
-+	},
- };
- 
- static void nft_netdev_event(unsigned long event, struct net_device *dev,
-- 
cgit v1.2.3