From fa67f8e0700a57f81f467abd99e9753cc13a5cc0 Mon Sep 17 00:00:00 2001
From: Joe Stringer <joe@ovn.org>
Date: Mon, 2 May 2016 11:19:10 -0700
Subject: [PATCH] compat: Add a struct net parameter to l4_pkt_to_tuple.

Upstream commit:
    netfilter: nf_conntrack: Add a struct net parameter to l4_pkt_to_tuple

    As gre does not have the srckey in the packet gre_pkt_to_tuple
    needs to perform a lookup in it's per network namespace tables.

    Pass in the proper network namespace to all pkt_to_tuple
    implementations to ensure gre (and any similar protocols) can get this
    right.

    Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
    Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

Upstream: a31f1adc0948 ("netfilter: nf_conntrack: Add a struct net
parameter to l4_pkt_to_tuple")
Signed-off-by: Joe Stringer <joe@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>
---
 acinclude.m4                                    |  3 +++
 datapath/conntrack.c                            |  2 +-
 datapath/linux/Modules.mk                       |  1 +
 .../compat/include/net/netfilter/nf_conntrack.h | 17 +++++++++++++++++
 4 files changed, 22 insertions(+), 1 deletion(-)
 create mode 100644 datapath/linux/compat/include/net/netfilter/nf_conntrack.h

diff --git a/acinclude.m4 b/acinclude.m4
index acd7ce7c1..398205673 100644
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -426,6 +426,9 @@ AC_DEFUN([OVS_CHECK_LINUX_COMPAT], [
   OVS_GREP_IFELSE([$KSRC/include/net/netfilter/nf_conntrack.h],
                   [tmpl_alloc.*conntrack_zone],
                   [OVS_DEFINE([HAVE_NF_CT_TMPL_ALLOC_TAKES_STRUCT_ZONE])])
+  OVS_GREP_IFELSE([$KSRC/include/net/netfilter/nf_conntrack.h],
+                  [l3num.*struct.net],
+                  [OVS_DEFINE([HAVE_NF_CT_GET_TUPLEPR_TAKES_STRUCT_NET])])
   OVS_GREP_IFELSE([$KSRC/include/net/netfilter/nf_conntrack_zones.h],
                   [nf_ct_zone_init])
   OVS_GREP_IFELSE([$KSRC/include/net/netfilter/nf_conntrack_labels.h],
diff --git a/datapath/conntrack.c b/datapath/conntrack.c
index 0338f9f0c..c365e2e20 100644
--- a/datapath/conntrack.c
+++ b/datapath/conntrack.c
@@ -373,7 +373,7 @@ ovs_ct_expect_find(struct net *net, const struct nf_conntrack_zone *zone,
 {
 	struct nf_conntrack_tuple tuple;
 
-	if (!nf_ct_get_tuplepr(skb, skb_network_offset(skb), proto, &tuple))
+	if (!nf_ct_get_tuplepr(skb, skb_network_offset(skb), proto, net, &tuple))
 		return NULL;
 	return __nf_ct_expect_find(net, zone, &tuple);
 }
diff --git a/datapath/linux/Modules.mk b/datapath/linux/Modules.mk
index 6ab52a76c..7e334cbf0 100644
--- a/datapath/linux/Modules.mk
+++ b/datapath/linux/Modules.mk
@@ -99,6 +99,7 @@ openvswitch_headers += \
 	linux/compat/include/net/stt.h \
 	linux/compat/include/net/vrf.h \
 	linux/compat/include/net/vxlan.h \
+	linux/compat/include/net/netfilter/nf_conntrack.h \
 	linux/compat/include/net/netfilter/nf_conntrack_core.h \
 	linux/compat/include/net/netfilter/nf_conntrack_expect.h \
 	linux/compat/include/net/netfilter/nf_conntrack_labels.h \
diff --git a/datapath/linux/compat/include/net/netfilter/nf_conntrack.h b/datapath/linux/compat/include/net/netfilter/nf_conntrack.h
new file mode 100644
index 000000000..e02e20b28
--- /dev/null
+++ b/datapath/linux/compat/include/net/netfilter/nf_conntrack.h
@@ -0,0 +1,17 @@
+#ifndef _NF_CONNTRACK_WRAPPER_H
+#define _NF_CONNTRACK_WRAPPER_H
+
+#include_next <net/netfilter/nf_conntrack.h>
+
+#ifndef HAVE_NF_CT_GET_TUPLEPR_TAKES_STRUCT_NET
+static inline bool rpl_nf_ct_get_tuplepr(const struct sk_buff *skb,
+					 unsigned int nhoff,
+					 u_int16_t l3num, struct net *net,
+					 struct nf_conntrack_tuple *tuple)
+{
+	return nf_ct_get_tuplepr(skb, nhoff, l3num, tuple);
+}
+#define nf_ct_get_tuplepr rpl_nf_ct_get_tuplepr
+#endif
+
+#endif /* _NF_CONNTRACK_WRAPPER_H */
-- 
2.20.1