From: Florian Westphal <fw@strlen.de>
Date: Mon, 14 Sep 2015 15:06:27 +0000 (+0200)
Subject: netfilter: bridge: fix routing of bridge frames with call-iptables=1
X-Git-Tag: omap-for-v4.3/fixes-rc5~84^2~44^2~2
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=63cdbc06b357dcb3a7104a421ee4a4550d7fadfd;p=pandora-kernel.git

netfilter: bridge: fix routing of bridge frames with call-iptables=1

We can't re-use the physoutdev storage area.

1.  When using NFQUEUE in PREROUTING, we attempt to bump a bogus
refcnt since nf_bridge->physoutdev is garbage (ipv4/ipv6 address)

2. for same reason, we crash in physdev match in FORWARD or later if
skb is routed instead of bridged.

This increases nf_bridge_info to 40 bytes, but we have no other choice.

Fixes: 72b1e5e4cac7 ("netfilter: bridge: reduce nf_bridge_info to 32 bytes again")
Reported-by: Sander Eikelenboom <linux@eikelenboom.it>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---

Reading git-diff-tree failed