Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next

Pablo Neira Ayuso says:

====================
The following patchset contains fixes for recently applied
Netfilter/IPVS updates to the net-next tree, most relevantly
they are:

* Fix sparse warnings introduced in the RCU conversion, from
  Julian Anastasov.

* Fix wrong endianness in the size field of IPVS sync messages,
  from Simon Horman.

* Fix missing if checking in nf_xfrm_me_harder, from Dan Carpenter.

* Fix off by one access in the IPVS SCTP tracking code, again from
  Dan Carpenter.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>

diff --combined net/netfilter/nf_nat_core.c
index 2e469ca2ca553acd9076c0ee3b9c35fc3b561262,cf1c731cdc3ec035618e309a63645e334fa8e6e8..038eee5c8f8548787bff468c40256d52bb6655fd
--- 1/net/netfilter/nf_nat_core.c
--- 2/net/netfilter/nf_nat_core.c
+++ b/net/netfilter/nf_nat_core.c
@@@ -90,6 -90,7 +90,7 @@@ int nf_xfrm_me_harder(struct sk_buff *s
        int err;
  
        err = xfrm_decode_session(skb, &fl, family);
+       if (err < 0)
                return err;
  
        dst = skb_dst(skb);
@@@ -468,22 -469,33 +469,22 @@@ EXPORT_SYMBOL_GPL(nf_nat_packet)
  struct nf_nat_proto_clean {
        u8      l3proto;
        u8      l4proto;
 -      bool    hash;
  };
  
 -/* Clear NAT section of all conntracks, in case we're loaded again. */
 -static int nf_nat_proto_clean(struct nf_conn *i, void *data)
 +/* kill conntracks with affected NAT section */
 +static int nf_nat_proto_remove(struct nf_conn *i, void *data)
  {
        const struct nf_nat_proto_clean *clean = data;
        struct nf_conn_nat *nat = nfct_nat(i);
  
        if (!nat)
                return 0;
 -      if (!(i->status & IPS_SRC_NAT_DONE))
 -              return 0;
 +
        if ((clean->l3proto && nf_ct_l3num(i) != clean->l3proto) ||
            (clean->l4proto && nf_ct_protonum(i) != clean->l4proto))
                return 0;
  
 -      if (clean->hash) {
 -              spin_lock_bh(&nf_nat_lock);
 -              hlist_del_rcu(&nat->bysource);
 -              spin_unlock_bh(&nf_nat_lock);
 -      } else {
 -              memset(nat, 0, sizeof(*nat));
 -              i->status &= ~(IPS_NAT_MASK | IPS_NAT_DONE_MASK |
 -                             IPS_SEQ_ADJUST);
 -      }
 -      return 0;
 +      return i->status & IPS_NAT_MASK ? 1 : 0;
  }
  
  static void nf_nat_l4proto_clean(u8 l3proto, u8 l4proto)
@@@ -495,8 -507,16 +496,8 @@@
        struct net *net;
  
        rtnl_lock();
 -      /* Step 1 - remove from bysource hash */
 -      clean.hash = true;
        for_each_net(net)
 -              nf_ct_iterate_cleanup(net, nf_nat_proto_clean, &clean);
 -      synchronize_rcu();
 -
 -      /* Step 2 - clean NAT section */
 -      clean.hash = false;
 -      for_each_net(net)
 -              nf_ct_iterate_cleanup(net, nf_nat_proto_clean, &clean);
 +              nf_ct_iterate_cleanup(net, nf_nat_proto_remove, &clean);
        rtnl_unlock();
  }
  
@@@ -508,9 -528,16 +509,9 @@@ static void nf_nat_l3proto_clean(u8 l3p
        struct net *net;
  
        rtnl_lock();
 -      /* Step 1 - remove from bysource hash */
 -      clean.hash = true;
 -      for_each_net(net)
 -              nf_ct_iterate_cleanup(net, nf_nat_proto_clean, &clean);
 -      synchronize_rcu();
  
 -      /* Step 2 - clean NAT section */
 -      clean.hash = false;
        for_each_net(net)
 -              nf_ct_iterate_cleanup(net, nf_nat_proto_clean, &clean);
 +              nf_ct_iterate_cleanup(net, nf_nat_proto_remove, &clean);
        rtnl_unlock();
  }
  
@@@ -748,7 -775,7 +749,7 @@@ static void __net_exit nf_nat_net_exit(
  {
        struct nf_nat_proto_clean clean = {};
  
 -      nf_ct_iterate_cleanup(net, &nf_nat_proto_clean, &clean);
 +      nf_ct_iterate_cleanup(net, &nf_nat_proto_remove, &clean);
        synchronize_rcu();
        nf_ct_free_hashtable(net->ct.nat_bysource, net->ct.nat_htable_size);
  }