~hc/RK356X_SDK_RELEASE.git

..	..	@@ -90,7 +90,7 @@
90	90
91	91	switch (ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.protonum) {
92	92	case IPPROTO_TCP:
93		- tcph = skb_header_pointer(pkt->skb, pkt->xt.thoff,
	93	+ tcph = skb_header_pointer(pkt->skb, nft_thoff(pkt),
94	94	sizeof(_tcph), &_tcph);
95	95	if (unlikely(!tcph \|\| tcph->fin \|\| tcph->rst))
96	96	goto out;
..	..	@@ -174,8 +174,10 @@
174	174	if (IS_ERR(flowtable))
175	175	return PTR_ERR(flowtable);
176	176
	177	+ if (!nft_use_inc(&flowtable->use))
	178	+ return -EMFILE;
	179	+
177	180	priv->flowtable = flowtable;
178		- flowtable->use++;
179	181
180	182	return nf_ct_netns_get(ctx->net, ctx->family);
181	183	}
..	..	@@ -194,7 +196,7 @@
194	196	{
195	197	struct nft_flow_offload *priv = nft_expr_priv(expr);
196	198
197		- priv->flowtable->use++;
	199	+ nft_use_inc_restore(&priv->flowtable->use);
198	200	}
199	201
200	202	static void nft_flow_offload_destroy(const struct nft_ctx *ctx,