5 files changed, 4 insertions, 27 deletions
diff --git a/include/linux/netfilter/nf_conntrack_common.h b/include/linux/netfilter/nf_conntrack_common.h
index 9e3a2838291b..0d3dd66322ec 100644
--- a/include/linux/netfilter/nf_conntrack_common.h
+++ b/include/linux/netfilter/nf_conntrack_common.h
@@ -83,10 +83,6 @@ enum ip_conntrack_status {
        /* Conntrack is a fake untracked entry */
        IPS_UNTRACKED_BIT = 12,
        IPS_UNTRACKED = (1 << IPS_UNTRACKED_BIT),
-        /* Conntrack has a userspace helper. */
-        IPS_USERSPACE_HELPER_BIT = 13,
-        IPS_USERSPACE_HELPER = (1 << IPS_USERSPACE_HELPER_BIT),
 };
 /* Connection tracking event types */
diff --git a/include/linux/netfilter/xt_CT.h b/include/linux/netfilter/xt_CT.h
index 6390f0992f36..b56e76811c04 100644
--- a/include/linux/netfilter/xt_CT.h
+++ b/include/linux/netfilter/xt_CT.h
@@ -3,8 +3,7 @@
 #include <linux/types.h>
-#define XT_CT_NOTRACK           0x1
+#define XT_CT_NOTRACK   0x1
-#define XT_CT_USERSPACE_HELPER  0x2
 struct xt_ct_target_info {
        __u16 flags;
diff --git a/net/netfilter/nf_conntrack_helper.c b/net/netfilter/nf_conntrack_helper.c
index 299fec91f741..bbe23baa19b6 100644
--- a/net/netfilter/nf_conntrack_helper.c
+++ b/net/netfilter/nf_conntrack_helper.c
@@ -121,18 +121,6 @@ int __nf_ct_try_assign_helper(struct nf_conn *ct, struct nf_conn *tmpl,
        int ret = 0;
        if (tmpl != NULL) {
-                /* we've got a userspace helper. */
-                if (tmpl->status & IPS_USERSPACE_HELPER) {
-                        help = nf_ct_helper_ext_add(ct, flags);
-                        if (help == NULL) {
-                                ret = -ENOMEM;
-                                goto out;
-                        }
-                        rcu_assign_pointer(help->helper, NULL);
-                        __set_bit(IPS_USERSPACE_HELPER_BIT, &ct->status);
-                        ret = 0;
-                        goto out;
-                }
                help = nfct_help(tmpl);
                if (help != NULL)
                        helper = help->helper;
diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c
index 2a4834b83332..9307b033c0c9 100644
--- a/net/netfilter/nf_conntrack_netlink.c
+++ b/net/netfilter/nf_conntrack_netlink.c
@@ -2042,10 +2042,6 @@ ctnetlink_create_expect(struct net *net, u16 zone,
        }
        help = nfct_help(ct);
        if (!help) {
-                err = -EOPNOTSUPP;
-                goto out;
-        }
-        if (test_bit(IPS_USERSPACE_HELPER_BIT, &ct->status)) {
                if (!cda[CTA_EXPECT_TIMEOUT]) {
                        err = -EINVAL;
                        goto out;
diff --git a/net/netfilter/xt_CT.c b/net/netfilter/xt_CT.c
index 8e87123f1373..0221d10de75a 100644
--- a/net/netfilter/xt_CT.c
+++ b/net/netfilter/xt_CT.c
@@ -62,8 +62,8 @@ static int xt_ct_tg_check(const struct xt_tgchk_param *par)
        int ret = 0;
        u8 proto;
-        if (info->flags & ~(XT_CT_NOTRACK | XT_CT_USERSPACE_HELPER))
+        if (info->flags & ~XT_CT_NOTRACK)
-                return -EOPNOTSUPP;
+                return -EINVAL;
        if (info->flags & XT_CT_NOTRACK) {
                ct = nf_ct_untracked_get();
@@ -92,9 +92,7 @@ static int xt_ct_tg_check(const struct xt_tgchk_param *par)
                                  GFP_KERNEL))
                goto err3;
-        if (info->flags & XT_CT_USERSPACE_HELPER) {
+        if (info->helper[0]) {
-                __set_bit(IPS_USERSPACE_HELPER_BIT, &ct->status);
-        } else if (info->helper[0]) {
                ret = -ENOENT;
                proto = xt_ct_find_proto(par);
                if (!proto) {