Patched in Tegra support.

8 files changed, 45 insertions, 44 deletions

diff --git a/net/bridge/netfilter/ebt_ip6.c b/net/bridge/netfilter/ebt_ip6.c
index 99c85668f55..2ed0056a39a 100644
--- a/net/bridge/netfilter/ebt_ip6.c
+++ b/net/bridge/netfilter/ebt_ip6.c
@@ -55,10 +55,9 @@ ebt_ip6_mt(const struct sk_buff *skb, struct xt_action_param *par)
                 return false;
         if (info->bitmask & EBT_IP6_PROTO) {
                 uint8_t nexthdr = ih6->nexthdr;
-                __be16 frag_off;
                 int offset_ph;
 
-                offset_ph = ipv6_skip_exthdr(skb, sizeof(_ip6h), &nexthdr, &frag_off);
+                offset_ph = ipv6_skip_exthdr(skb, sizeof(_ip6h), &nexthdr);
                 if (offset_ph == -1)
                         return false;
                 if (FWINV(info->protocol != nexthdr, EBT_IP6_PROTO))
diff --git a/net/bridge/netfilter/ebt_log.c b/net/bridge/netfilter/ebt_log.c
index 92de5e5f9db..6e5a8bb9b94 100644
--- a/net/bridge/netfilter/ebt_log.c
+++ b/net/bridge/netfilter/ebt_log.c
@@ -80,7 +80,7 @@ ebt_log_packet(u_int8_t pf, unsigned int hooknum,
         unsigned int bitmask;
 
         spin_lock_bh(&ebt_log_lock);
-        printk(KERN_SOH "%c%s IN=%s OUT=%s MAC source = %pM MAC dest = %pM proto = 0x%04x",
+        printk("<%c>%s IN=%s OUT=%s MAC source = %pM MAC dest = %pM proto = 0x%04x",
                '0' + loginfo->u.log.level, prefix,
                in ? in->name : "", out ? out->name : "",
                eth_hdr(skb)->h_source, eth_hdr(skb)->h_dest,
@@ -107,13 +107,12 @@ ebt_log_packet(u_int8_t pf, unsigned int hooknum,
                 goto out;
         }
 
-#if IS_ENABLED(CONFIG_BRIDGE_EBT_IP6)
+#if defined(CONFIG_BRIDGE_EBT_IP6) || defined(CONFIG_BRIDGE_EBT_IP6_MODULE)
         if ((bitmask & EBT_LOG_IP6) && eth_hdr(skb)->h_proto ==
            htons(ETH_P_IPV6)) {
                 const struct ipv6hdr *ih;
                 struct ipv6hdr _iph;
                 uint8_t nexthdr;
-                __be16 frag_off;
                 int offset_ph;
 
                 ih = skb_header_pointer(skb, 0, sizeof(_iph), &_iph);
@@ -124,7 +123,7 @@ ebt_log_packet(u_int8_t pf, unsigned int hooknum,
                 printk(" IPv6 SRC=%pI6 IPv6 DST=%pI6, IPv6 priority=0x%01X, Next Header=%d",
                        &ih->saddr, &ih->daddr, ih->priority, ih->nexthdr);
                 nexthdr = ih->nexthdr;
-                offset_ph = ipv6_skip_exthdr(skb, sizeof(_iph), &nexthdr, &frag_off);
+                offset_ph = ipv6_skip_exthdr(skb, sizeof(_iph), &nexthdr);
                 if (offset_ph == -1)
                         goto out;
                 print_ports(skb, nexthdr, offset_ph);
diff --git a/net/bridge/netfilter/ebt_stp.c b/net/bridge/netfilter/ebt_stp.c
index 071d87214dd..5b33a2e634a 100644
--- a/net/bridge/netfilter/ebt_stp.c
+++ b/net/bridge/netfilter/ebt_stp.c
@@ -164,8 +164,8 @@ static int ebt_stp_mt_check(const struct xt_mtchk_param *par)
             !(info->bitmask & EBT_STP_MASK))
                 return -EINVAL;
         /* Make sure the match only receives stp frames */
-        if (!ether_addr_equal(e->destmac, bridge_ula) ||
-            !ether_addr_equal(e->destmsk, msk) || !(e->bitmask & EBT_DESTMAC))
+        if (compare_ether_addr(e->destmac, bridge_ula) ||
+            compare_ether_addr(e->destmsk, msk) || !(e->bitmask & EBT_DESTMAC))
                 return -EINVAL;
 
         return 0;
diff --git a/net/bridge/netfilter/ebt_ulog.c b/net/bridge/netfilter/ebt_ulog.c
index 3476ec46974..bf2a333ca7c 100644
--- a/net/bridge/netfilter/ebt_ulog.c
+++ b/net/bridge/netfilter/ebt_ulog.c
@@ -102,15 +102,16 @@ static struct sk_buff *ulog_alloc_skb(unsigned int size)
         unsigned int n;
 
         n = max(size, nlbufsiz);
-        skb = alloc_skb(n, GFP_ATOMIC | __GFP_NOWARN);
+        skb = alloc_skb(n, GFP_ATOMIC);
         if (!skb) {
+                pr_debug("cannot alloc whole buffer of size %ub!\n", n);
                 if (n > size) {
                         /* try to allocate only as much as we need for
                          * current packet */
                         skb = alloc_skb(size, GFP_ATOMIC);
                         if (!skb)
-                                pr_debug("cannot even allocate buffer of size %ub\n",
-                                         size);
+                                pr_debug("cannot even allocate "
+                                         "buffer of size %ub\n", size);
                 }
         }
 
@@ -145,24 +146,19 @@ static void ebt_ulog_packet(unsigned int hooknr, const struct sk_buff *skb,
 
         if (!ub->skb) {
                 if (!(ub->skb = ulog_alloc_skb(size)))
-                        goto unlock;
+                        goto alloc_failure;
         } else if (size > skb_tailroom(ub->skb)) {
                 ulog_send(group);
 
                 if (!(ub->skb = ulog_alloc_skb(size)))
-                        goto unlock;
+                        goto alloc_failure;
         }
 
-        nlh = nlmsg_put(ub->skb, 0, ub->qlen, 0,
-                        size - NLMSG_ALIGN(sizeof(*nlh)), 0);
-        if (!nlh) {
-                kfree_skb(ub->skb);
-                ub->skb = NULL;
-                goto unlock;
-        }
+        nlh = NLMSG_PUT(ub->skb, 0, ub->qlen, 0,
+                        size - NLMSG_ALIGN(sizeof(*nlh)));
         ub->qlen++;
 
-        pm = nlmsg_data(nlh);
+        pm = NLMSG_DATA(nlh);
 
         /* Fill in the ulog data */
         pm->version = EBT_ULOG_VERSION;
@@ -214,6 +210,14 @@ static void ebt_ulog_packet(unsigned int hooknr, const struct sk_buff *skb,
 
 unlock:
         spin_unlock_bh(lock);
+
+        return;
+
+nlmsg_failure:
+        pr_debug("error during NLMSG_PUT. This should "
+                 "not happen, please report to author.\n");
+alloc_failure:
+        goto unlock;
 }
 
 /* this function is registered with the netfilter core */
@@ -282,9 +286,6 @@ static int __init ebt_ulog_init(void)
 {
         int ret;
         int i;
-        struct netlink_kernel_cfg cfg = {
-                .groups = EBT_ULOG_MAXNLGROUPS,
-        };
 
         if (nlbufsiz >= 128*1024) {
                 pr_warning("Netlink buffer has to be <= 128kB,"
@@ -298,7 +299,9 @@ static int __init ebt_ulog_init(void)
                 spin_lock_init(&ulog_buffers[i].lock);
         }
 
-        ebtulognl = netlink_kernel_create(&init_net, NETLINK_NFLOG, &cfg);
+        ebtulognl = netlink_kernel_create(&init_net, NETLINK_NFLOG,
+                                          EBT_ULOG_MAXNLGROUPS, NULL, NULL,
+                                          THIS_MODULE);
         if (!ebtulognl)
                 ret = -ENOMEM;
         else if ((ret = xt_register_target(&ebt_ulog_tg_reg)) != 0)
diff --git a/net/bridge/netfilter/ebtable_broute.c b/net/bridge/netfilter/ebtable_broute.c
index 40d8258bf74..1bcaf36ad61 100644
--- a/net/bridge/netfilter/ebtable_broute.c
+++ b/net/bridge/netfilter/ebtable_broute.c
@@ -87,14 +87,14 @@ static int __init ebtable_broute_init(void)
         if (ret < 0)
                 return ret;
         /* see br_input.c */
-        RCU_INIT_POINTER(br_should_route_hook,
+        rcu_assign_pointer(br_should_route_hook,
                            (br_should_route_hook_t *)ebt_broute);
         return 0;
 }
 
 static void __exit ebtable_broute_fini(void)
 {
-        RCU_INIT_POINTER(br_should_route_hook, NULL);
+        rcu_assign_pointer(br_should_route_hook, NULL);
         synchronize_net();
         unregister_pernet_subsys(&broute_net_ops);
 }
diff --git a/net/bridge/netfilter/ebtable_filter.c b/net/bridge/netfilter/ebtable_filter.c
index 3c2e9dced9e..42e6bd09457 100644
--- a/net/bridge/netfilter/ebtable_filter.c
+++ b/net/bridge/netfilter/ebtable_filter.c
@@ -100,7 +100,9 @@ static struct nf_hook_ops ebt_ops_filter[] __read_mostly = {
 static int __net_init frame_filter_net_init(struct net *net)
 {
         net->xt.frame_filter = ebt_register_table(net, &frame_filter);
-        return PTR_RET(net->xt.frame_filter);
+        if (IS_ERR(net->xt.frame_filter))
+                return PTR_ERR(net->xt.frame_filter);
+        return 0;
 }
 
 static void __net_exit frame_filter_net_exit(struct net *net)
diff --git a/net/bridge/netfilter/ebtable_nat.c b/net/bridge/netfilter/ebtable_nat.c
index 10871bc7790..6dc2f878ae0 100644
--- a/net/bridge/netfilter/ebtable_nat.c
+++ b/net/bridge/netfilter/ebtable_nat.c
@@ -100,7 +100,9 @@ static struct nf_hook_ops ebt_ops_nat[] __read_mostly = {
 static int __net_init frame_nat_net_init(struct net *net)
 {
         net->xt.frame_nat = ebt_register_table(net, &frame_nat);
-        return PTR_RET(net->xt.frame_nat);
+        if (IS_ERR(net->xt.frame_nat))
+                return PTR_ERR(net->xt.frame_nat);
+        return 0;
 }
 
 static void __net_exit frame_nat_net_exit(struct net *net)
diff --git a/net/bridge/netfilter/ebtables.c b/net/bridge/netfilter/ebtables.c
index 5fe2ff3b01e..5864cc49136 100644
--- a/net/bridge/netfilter/ebtables.c
+++ b/net/bridge/netfilter/ebtables.c
@@ -1335,12 +1335,7 @@ static inline int ebt_make_matchname(const struct ebt_entry_match *m,
     const char *base, char __user *ubase)
 {
         char __user *hlp = ubase + ((char *)m - base);
-        char name[EBT_FUNCTION_MAXNAMELEN] = {};
-
-        /* ebtables expects 32 bytes long names but xt_match names are 29 bytes
-           long. Copy 29 bytes and fill remaining bytes with zeroes. */
-        strncpy(name, m->u.match->name, sizeof(name));
-        if (copy_to_user(hlp, name, EBT_FUNCTION_MAXNAMELEN))
+        if (copy_to_user(hlp, m->u.match->name, EBT_FUNCTION_MAXNAMELEN))
                 return -EFAULT;
         return 0;
 }
@@ -1349,10 +1344,7 @@ static inline int ebt_make_watchername(const struct ebt_entry_watcher *w,
     const char *base, char __user *ubase)
 {
         char __user *hlp = ubase + ((char *)w - base);
-        char name[EBT_FUNCTION_MAXNAMELEN] = {};
-
-        strncpy(name, w->u.watcher->name, sizeof(name));
-        if (copy_to_user(hlp , name, EBT_FUNCTION_MAXNAMELEN))
+        if (copy_to_user(hlp , w->u.watcher->name, EBT_FUNCTION_MAXNAMELEN))
                 return -EFAULT;
         return 0;
 }
@@ -1363,7 +1355,6 @@ ebt_make_names(struct ebt_entry *e, const char *base, char __user *ubase)
         int ret;
         char __user *hlp;
         const struct ebt_entry_target *t;
-        char name[EBT_FUNCTION_MAXNAMELEN] = {};
 
         if (e->bitmask == 0)
                 return 0;
@@ -1377,8 +1368,7 @@ ebt_make_names(struct ebt_entry *e, const char *base, char __user *ubase)
         ret = EBT_WATCHER_ITERATE(e, ebt_make_watchername, base, ubase);
         if (ret != 0)
                 return ret;
-        strncpy(name, t->u.target->name, sizeof(name));
-        if (copy_to_user(hlp, name, EBT_FUNCTION_MAXNAMELEN))
+        if (copy_to_user(hlp, t->u.target->name, EBT_FUNCTION_MAXNAMELEN))
                 return -EFAULT;
         return 0;
 }
@@ -1903,7 +1893,10 @@ static int compat_mtw_from_user(struct compat_ebt_entry_mwt *mwt,
 
         switch (compat_mwt) {
         case EBT_COMPAT_MATCH:
-                match = xt_request_find_match(NFPROTO_BRIDGE, name, 0);
+                match = try_then_request_module(xt_find_match(NFPROTO_BRIDGE,
+                                                name, 0), "ebt_%s", name);
+                if (match == NULL)
+                        return -ENOENT;
                 if (IS_ERR(match))
                         return PTR_ERR(match);
 
@@ -1922,7 +1915,10 @@ static int compat_mtw_from_user(struct compat_ebt_entry_mwt *mwt,
                 break;
         case EBT_COMPAT_WATCHER: /* fallthrough */
         case EBT_COMPAT_TARGET:
-                wt = xt_request_find_target(NFPROTO_BRIDGE, name, 0);
+                wt = try_then_request_module(xt_find_target(NFPROTO_BRIDGE,
+                                                name, 0), "ebt_%s", name);
+                if (wt == NULL)
+                        return -ENOENT;
                 if (IS_ERR(wt))
                         return PTR_ERR(wt);
                 off = xt_compat_target_offset(wt);