From: Jakub Kicinski <kuba@kernel.org>
Date: Thu, 16 Dec 2021 01:29:27 +0000 (-0800)
Subject: Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next
X-Git-Url: http://git.maquefel.me/?a=commitdiff_plain;h=bd1d97d861e4f222c98a2418243e987fefe4de4e;p=linux.git

Merge git://git./linux/kernel/git/pablo/nf-next

Pablo Neira Ayuso says:

====================
Netfilter updates for net-next

The following patchset contains Netfilter updates for net-next, mostly
rather small housekeeping patches:

1) Remove unused variable in IPVS, from GuoYong Zheng.

2) Use memset_after in conntrack, from Kees Cook.

3) Remove leftover function in nfnetlink_queue, from Florian Westphal.

4) Remove redundant test on bool in conntrack, from Bernard Zhao.

5) egress support for nft_fwd, from Lukas Wunner.

6) Make pppoe work for br_netfilter, from Florian Westphal.

7) Remove unused variable in conntrack resize routine, from luo penghao.

* git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next:
  netfilter: conntrack: Remove useless assignment statements
  netfilter: bridge: add support for pppoe filtering
  netfilter: nft_fwd_netdev: Support egress hook
  netfilter: ctnetlink: remove useless type conversion to bool
  netfilter: nf_queue: remove leftover synchronize_rcu
  netfilter: conntrack: Use memset_startat() to zero struct nf_conn
  ipvs: remove unused variable for ip_vs_new_dest
====================

Link: https://lore.kernel.org/r/20211215234911.170741-1-pablo@netfilter.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
---

bd1d97d861e4f222c98a2418243e987fefe4de4e
diff --cc net/netfilter/nf_conntrack_core.c
index 9fbce31baf755,b622ef143415d..d7e3135480667
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@@ -1560,11 -1560,9 +1560,9 @@@ __nf_conntrack_alloc(struct net *net
  	/* save hash for reusing when confirming */
  	*(unsigned long *)(&ct->tuplehash[IP_CT_DIR_REPLY].hnnode.pprev) = hash;
  	ct->status = 0;
 -	ct->timeout = 0;
 +	WRITE_ONCE(ct->timeout, 0);
  	write_pnet(&ct->ct_net, net);
- 	memset(&ct->__nfct_init_offset, 0,
- 	       offsetof(struct nf_conn, proto) -
- 	       offsetof(struct nf_conn, __nfct_init_offset));
+ 	memset_after(ct, 0, __nfct_init_offset);
  
  	nf_ct_zone_add(ct, zone);