From d4be4d08abf3850a9f7d8e9047bece564897d437 Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@suse.de>
Date: Thu, 1 Oct 2009 13:49:10 -0700
Subject: [PATCH] .30 patches

---
 ...x-null-ptr-regression-in-powernow-k8.patch | 77 +++++++++++++++++++
 .../netfilter-bridge-refcount-fix.patch       | 42 ++++++++++
 ...ebt_ulog-fix-checkentry-return-value.patch | 37 +++++++++
 ...ed-logic-for-persistent-nat-mappings.patch | 46 +++++++++++
 queue-2.6.30/series                           |  4 +
 5 files changed, 206 insertions(+)
 create mode 100644 queue-2.6.30/fix-null-ptr-regression-in-powernow-k8.patch
 create mode 100644 queue-2.6.30/netfilter-bridge-refcount-fix.patch
 create mode 100644 queue-2.6.30/netfilter-ebt_ulog-fix-checkentry-return-value.patch
 create mode 100644 queue-2.6.30/netfilter-nf_nat-fix-inverted-logic-for-persistent-nat-mappings.patch

diff --git a/queue-2.6.30/fix-null-ptr-regression-in-powernow-k8.patch b/queue-2.6.30/fix-null-ptr-regression-in-powernow-k8.patch
new file mode 100644
index 00000000000..56c9f718478
--- /dev/null
+++ b/queue-2.6.30/fix-null-ptr-regression-in-powernow-k8.patch
@@ -0,0 +1,77 @@
+From f0adb134d8dc9993a9998dc50845ec4f6ff4fadc Mon Sep 17 00:00:00 2001
+From: Kurt Roeckx <kurt@roeckx.be>
+Date: Wed, 16 Sep 2009 11:09:32 -0400
+Subject: [CPUFREQ] Fix NULL ptr regression in powernow-k8
+
+From: Kurt Roeckx <kurt@roeckx.be>
+
+commit f0adb134d8dc9993a9998dc50845ec4f6ff4fadc upstream.
+
+Fixes bugzilla #13780
+
+From: Kurt Roeckx <kurt@roeckx.be>
+Signed-off-by: Dave Jones <davej@redhat.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ arch/x86/kernel/cpu/cpufreq/powernow-k8.c |   15 ++++++++-------
+ 1 file changed, 8 insertions(+), 7 deletions(-)
+
+--- a/arch/x86/kernel/cpu/cpufreq/powernow-k8.c
++++ b/arch/x86/kernel/cpu/cpufreq/powernow-k8.c
+@@ -618,9 +618,10 @@ static int check_pst_table(struct powern
+ 	return 0;
+ }
+ 
+-static void invalidate_entry(struct powernow_k8_data *data, unsigned int entry)
++static void invalidate_entry(struct cpufreq_frequency_table *powernow_table,
++		unsigned int entry)
+ {
+-	data->powernow_table[entry].frequency = CPUFREQ_ENTRY_INVALID;
++	powernow_table[entry].frequency = CPUFREQ_ENTRY_INVALID;
+ }
+ 
+ static void print_basics(struct powernow_k8_data *data)
+@@ -926,13 +927,13 @@ static int fill_powernow_table_pstate(st
+ 					"bad value %d.\n", i, index);
+ 			printk(KERN_ERR PFX "Please report to BIOS "
+ 					"manufacturer\n");
+-			invalidate_entry(data, i);
++			invalidate_entry(powernow_table, i);
+ 			continue;
+ 		}
+ 		rdmsr(MSR_PSTATE_DEF_BASE + index, lo, hi);
+ 		if (!(hi & HW_PSTATE_VALID_MASK)) {
+ 			dprintk("invalid pstate %d, ignoring\n", index);
+-			invalidate_entry(data, i);
++			invalidate_entry(powernow_table, i);
+ 			continue;
+ 		}
+ 
+@@ -982,7 +983,7 @@ static int fill_powernow_table_fidvid(st
+ 		/* verify frequency is OK */
+ 		if ((freq > (MAX_FREQ * 1000)) || (freq < (MIN_FREQ * 1000))) {
+ 			dprintk("invalid freq %u kHz, ignoring\n", freq);
+-			invalidate_entry(data, i);
++			invalidate_entry(powernow_table, i);
+ 			continue;
+ 		}
+ 
+@@ -990,7 +991,7 @@ static int fill_powernow_table_fidvid(st
+ 		 * BIOSs are using "off" to indicate invalid */
+ 		if (vid == VID_OFF) {
+ 			dprintk("invalid vid %u, ignoring\n", vid);
+-			invalidate_entry(data, i);
++			invalidate_entry(powernow_table, i);
+ 			continue;
+ 		}
+ 
+@@ -1021,7 +1022,7 @@ static int fill_powernow_table_fidvid(st
+ 				(unsigned int)
+ 				(data->acpi_data.states[i].core_frequency
+ 				 * 1000));
+-			invalidate_entry(data, i);
++			invalidate_entry(powernow_table, i);
+ 			continue;
+ 		}
+ 	}
diff --git a/queue-2.6.30/netfilter-bridge-refcount-fix.patch b/queue-2.6.30/netfilter-bridge-refcount-fix.patch
new file mode 100644
index 00000000000..dd773841ea4
--- /dev/null
+++ b/queue-2.6.30/netfilter-bridge-refcount-fix.patch
@@ -0,0 +1,42 @@
+From kaber@trash.net  Thu Oct  1 13:35:28 2009
+From: Patrick McHardy <kaber@trash.net>
+Date: Thu, 17 Sep 2009 13:58:29 +0200 (MEST)
+Subject: netfilter: bridge: refcount fix
+To: stable@kernel.org
+Cc: netdev@vger.kernel.org, netfilter-devel@vger.kernel.org, Patrick McHardy <kaber@trash.net>, davem@davemloft.net
+Message-ID: <20090917115827.12728.41214.sendpatchset@x2.localnet>
+
+
+From: Patrick McHardy <kaber@trash.net>
+
+netfilter: bridge: refcount fix
+
+Upstream commit f3abc9b9:
+
+commit f216f082b2b37c4943f1e7c393e2786648d48f6f
+([NETFILTER]: bridge netfilter: deal with martians correctly)
+added a refcount leak on in_dev.
+
+Instead of using in_dev_get(), we can use __in_dev_get_rcu(),
+as netfilter hooks are running under rcu_read_lock(), as pointed
+by Patrick.
+
+Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
+Signed-off-by: Patrick McHardy <kaber@trash.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ net/bridge/br_netfilter.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/net/bridge/br_netfilter.c
++++ b/net/bridge/br_netfilter.c
+@@ -357,7 +357,7 @@ static int br_nf_pre_routing_finish(stru
+ 				},
+ 				.proto = 0,
+ 			};
+-			struct in_device *in_dev = in_dev_get(dev);
++			struct in_device *in_dev = __in_dev_get_rcu(dev);
+ 
+ 			/* If err equals -EHOSTUNREACH the error is due to a
+ 			 * martian destination or due to the fact that
diff --git a/queue-2.6.30/netfilter-ebt_ulog-fix-checkentry-return-value.patch b/queue-2.6.30/netfilter-ebt_ulog-fix-checkentry-return-value.patch
new file mode 100644
index 00000000000..47491476481
--- /dev/null
+++ b/queue-2.6.30/netfilter-ebt_ulog-fix-checkentry-return-value.patch
@@ -0,0 +1,37 @@
+From kaber@trash.net  Thu Oct  1 13:36:34 2009
+From: Patrick McHardy <kaber@trash.net>
+Date: Thu, 17 Sep 2009 13:58:30 +0200 (MEST)
+Subject: netfilter: ebt_ulog: fix checkentry return value
+To: stable@kernel.org
+Cc: netdev@vger.kernel.org, netfilter-devel@vger.kernel.org, Patrick McHardy <kaber@trash.net>, davem@davemloft.net
+Message-ID: <20090917115828.12728.63548.sendpatchset@x2.localnet>
+
+
+From: Patrick McHardy <kaber@trash.net>
+
+netfilter: ebt_ulog: fix checkentry return value
+
+Upstream commit 8a56df0a:
+
+Commit 19eda87 (netfilter: change return types of check functions for
+Ebtables extensions) broke the ebtables ulog module by missing a return
+value conversion.
+
+Signed-off-by: Patrick McHardy <kaber@trash.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ net/bridge/netfilter/ebt_ulog.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/net/bridge/netfilter/ebt_ulog.c
++++ b/net/bridge/netfilter/ebt_ulog.c
+@@ -266,7 +266,7 @@ static bool ebt_ulog_tg_check(const stru
+ 	if (uloginfo->qthreshold > EBT_ULOG_MAX_QLEN)
+ 		uloginfo->qthreshold = EBT_ULOG_MAX_QLEN;
+ 
+-	return 0;
++	return true;
+ }
+ 
+ static struct xt_target ebt_ulog_tg_reg __read_mostly = {
diff --git a/queue-2.6.30/netfilter-nf_nat-fix-inverted-logic-for-persistent-nat-mappings.patch b/queue-2.6.30/netfilter-nf_nat-fix-inverted-logic-for-persistent-nat-mappings.patch
new file mode 100644
index 00000000000..8dea1d592bb
--- /dev/null
+++ b/queue-2.6.30/netfilter-nf_nat-fix-inverted-logic-for-persistent-nat-mappings.patch
@@ -0,0 +1,46 @@
+From kaber@trash.net  Thu Oct  1 13:33:05 2009
+From: Patrick McHardy <kaber@trash.net>
+Date: Thu, 17 Sep 2009 13:58:26 +0200 (MEST)
+Subject: netfilter: nf_nat: fix inverted logic for persistent NAT mappings
+To: stable@kernel.org
+Cc: netdev@vger.kernel.org, netfilter-devel@vger.kernel.org, Patrick McHardy <kaber@trash.net>, davem@davemloft.net
+Message-ID: <20090917115824.12728.59451.sendpatchset@x2.localnet>
+
+
+From: Patrick McHardy <kaber@trash.net>
+
+netfilter: nf_nat: fix inverted logic for persistent NAT mappings
+
+Upstream commit cce5a5c3:
+
+Kernel 2.6.30 introduced a patch [1] for the persistent option in the
+netfilter SNAT target. This is exactly what we need here so I had a quick look
+at the code and noticed that the patch is wrong. The logic is simply inverted.
+The patch below fixes this.
+
+Also note that because of this the default behavior of the SNAT target has
+changed since kernel 2.6.30 as it now ignores the destination IP in choosing
+the source IP for nating (which should only be the case if the persistent
+option is set).
+
+[1] http://git.eu.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=98d500d66cb7940747b424b245fc6a51ecfbf005
+
+Signed-off-by: Maximilian Engelhardt <maxi@daemonizer.de>
+Signed-off-by: Patrick McHardy <kaber@trash.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ net/ipv4/netfilter/nf_nat_core.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/net/ipv4/netfilter/nf_nat_core.c
++++ b/net/ipv4/netfilter/nf_nat_core.c
+@@ -212,7 +212,7 @@ find_best_ips_proto(struct nf_conntrack_
+ 	maxip = ntohl(range->max_ip);
+ 	j = jhash_2words((__force u32)tuple->src.u3.ip,
+ 			 range->flags & IP_NAT_RANGE_PERSISTENT ?
+-				(__force u32)tuple->dst.u3.ip : 0, 0);
++				0 : (__force u32)tuple->dst.u3.ip, 0);
+ 	j = ((u64)j * (maxip - minip + 1)) >> 32;
+ 	*var_ipp = htonl(minip + j);
+ }
diff --git a/queue-2.6.30/series b/queue-2.6.30/series
index a6934b6e0da..3aa73d478a4 100644
--- a/queue-2.6.30/series
+++ b/queue-2.6.30/series
@@ -17,3 +17,7 @@ revert-kvm-x86-check-for-cr3-validity-in-ioctl_set_sregs.patch
 ahci-restore-pci_intx-handling.patch
 net-ax25-fix-signed-comparison-in-the-sockopt-handler.patch
 net-make-the-copy-length-in-af_packet-sockopt-handler-unsigned.patch
+fix-null-ptr-regression-in-powernow-k8.patch
+netfilter-bridge-refcount-fix.patch
+netfilter-ebt_ulog-fix-checkentry-return-value.patch
+netfilter-nf_nat-fix-inverted-logic-for-persistent-nat-mappings.patch
-- 
2.47.3