Commit 4fbb97ba authored by David S. Miller's avatar David S. Miller
Browse files

Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf 



Pablo Neira Ayuso says:

====================
Netfilter fixes for net

The following patchset contains Netfilter fixes for net:

1) Remove the skb_ext_del from nf_reset, and renames it to a more
   fitting nf_reset_ct(). Patch from Florian Westphal.

2) Fix deadlock in nft_connlimit between packet path updates and
   the garbage collector.
====================

Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parents db34a471 34a4c95a

drivers/net/ppp/pptp.c

+2 −2
Original line number Diff line number Diff line
@@ -238,7 +238,7 @@ static int pptp_xmit(struct ppp_channel *chan, struct sk_buff *skb) 
	skb_dst_drop(skb);

	skb_dst_set(skb, &rt->dst);



	nf_reset(skb);

	nf_reset_ct(skb);



	skb->ip_summed = CHECKSUM_NONE;

	ip_select_ident(net, skb, NULL);
@@ -358,7 +358,7 @@ static int pptp_rcv(struct sk_buff *skb) 
	po = lookup_chan(htons(header->call_id), iph->saddr);

	if (po) {

		skb_dst_drop(skb);

		nf_reset(skb);

		nf_reset_ct(skb);

		return sk_receive_skb(sk_pppox(po), skb, 0);

	}

drop:

drivers/net/tun.c

+1 −1
Original line number Diff line number Diff line
@@ -1104,7 +1104,7 @@ static netdev_tx_t tun_net_xmit(struct sk_buff *skb, struct net_device *dev) 
	 */

	skb_orphan(skb);



	nf_reset(skb);

	nf_reset_ct(skb);



	if (ptr_ring_produce(&tfile->tx_ring, skb))

		goto drop;

drivers/net/virtio_net.c

+1 −1
Original line number Diff line number Diff line
@@ -1585,7 +1585,7 @@ static netdev_tx_t start_xmit(struct sk_buff *skb, struct net_device *dev) 
	/* Don't wait up for transmitted skbs to be freed. */

	if (!use_napi) {

		skb_orphan(skb);

		nf_reset(skb);

		nf_reset_ct(skb);

	}



	/* If running out of space, stop queue to avoid getting packets that we

drivers/net/vrf.c

+4 −4
Original line number Diff line number Diff line
@@ -366,7 +366,7 @@ static int vrf_finish_output6(struct net *net, struct sock *sk, 
	struct neighbour *neigh;

	int ret;



	nf_reset(skb);

	nf_reset_ct(skb);



	skb->protocol = htons(ETH_P_IPV6);

	skb->dev = dev;
@@ -459,7 +459,7 @@ static struct sk_buff *vrf_ip6_out_direct(struct net_device *vrf_dev, 


	/* reset skb device */

	if (likely(err == 1))

		nf_reset(skb);

		nf_reset_ct(skb);

	else

		skb = NULL;
@@ -560,7 +560,7 @@ static int vrf_finish_output(struct net *net, struct sock *sk, struct sk_buff *s 
	bool is_v6gw = false;

	int ret = -EINVAL;



	nf_reset(skb);

	nf_reset_ct(skb);



	/* Be paranoid, rather than too clever. */

	if (unlikely(skb_headroom(skb) < hh_len && dev->header_ops)) {
@@ -670,7 +670,7 @@ static struct sk_buff *vrf_ip_out_direct(struct net_device *vrf_dev, 


	/* reset skb device */

	if (likely(err == 1))

		nf_reset(skb);

		nf_reset_ct(skb);

	else

		skb = NULL;

drivers/net/wireless/mac80211_hwsim.c

+2 −2
Original line number Diff line number Diff line
@@ -1261,8 +1261,8 @@ static bool mac80211_hwsim_tx_frame_no_nl(struct ieee80211_hw *hw, 
	skb_orphan(skb);

	skb_dst_drop(skb);

	skb->mark = 0;

	secpath_reset(skb);

	nf_reset(skb);

	skb_ext_reset(skb);

	nf_reset_ct(skb);



	/*

	 * Get absolute mactime here so all HWs RX at the "same time", and

CRA Git | Maintained and supported by SUSTech CRA and CCSE