From: Rusty Russell <rusty@rustcorp.com.au>

After changing firewall rules, we try to return the counters to userspace.  We
didn't fail at that point if the copy failed, but it doesn't really matter. 
Someone added a warn_unused_result attribute to copy_to_user, so we get bogus
warnings.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Andrew Morton <akpm@osdl.org>
---

 25-akpm/net/ipv4/netfilter/arp_tables.c |    8 ++++----
 25-akpm/net/ipv4/netfilter/ip_tables.c  |    8 ++++----
 25-akpm/net/ipv6/netfilter/ip6_tables.c |    7 ++++---
 3 files changed, 12 insertions(+), 11 deletions(-)

diff -puN net/ipv4/netfilter/arp_tables.c~netfilter-remove-copy_to_user-warnings-in-netfilter net/ipv4/netfilter/arp_tables.c
--- 25/net/ipv4/netfilter/arp_tables.c~netfilter-remove-copy_to_user-warnings-in-netfilter	2004-12-31 03:58:55.800813208 -0800
+++ 25-akpm/net/ipv4/netfilter/arp_tables.c	2004-12-31 03:58:55.811811536 -0800
@@ -948,12 +948,12 @@ static int do_replace(void __user *user,
 	/* Decrease module usage counts and free resource */
 	ARPT_ENTRY_ITERATE(oldinfo->entries, oldinfo->size, cleanup_entry,NULL);
 	vfree(oldinfo);
-	/* Silent error: too late now. */
-	copy_to_user(tmp.counters, counters,
-		     sizeof(struct arpt_counters) * tmp.num_counters);
+	if (copy_to_user(tmp.counters, counters,
+			 sizeof(struct arpt_counters) * tmp.num_counters) != 0)
+		ret = -EFAULT;
 	vfree(counters);
 	up(&arpt_mutex);
-	return 0;
+	return ret;
 
  put_module:
 	module_put(t->me);
diff -puN net/ipv4/netfilter/ip_tables.c~netfilter-remove-copy_to_user-warnings-in-netfilter net/ipv4/netfilter/ip_tables.c
--- 25/net/ipv4/netfilter/ip_tables.c~netfilter-remove-copy_to_user-warnings-in-netfilter	2004-12-31 03:58:55.801813056 -0800
+++ 25-akpm/net/ipv4/netfilter/ip_tables.c	2004-12-31 03:58:55.808811992 -0800
@@ -1141,12 +1141,12 @@ do_replace(void __user *user, unsigned i
 	/* Decrease module usage counts and free resource */
 	IPT_ENTRY_ITERATE(oldinfo->entries, oldinfo->size, cleanup_entry,NULL);
 	vfree(oldinfo);
-	/* Silent error: too late now. */
-	copy_to_user(tmp.counters, counters,
-		     sizeof(struct ipt_counters) * tmp.num_counters);
+	if (copy_to_user(tmp.counters, counters,
+			 sizeof(struct ipt_counters) * tmp.num_counters) != 0)
+		ret = -EFAULT;
 	vfree(counters);
 	up(&ipt_mutex);
-	return 0;
+	return ret;
 
  put_module:
 	module_put(t->me);
diff -puN net/ipv6/netfilter/ip6_tables.c~netfilter-remove-copy_to_user-warnings-in-netfilter net/ipv6/netfilter/ip6_tables.c
--- 25/net/ipv6/netfilter/ip6_tables.c~netfilter-remove-copy_to_user-warnings-in-netfilter	2004-12-31 03:58:55.803812752 -0800
+++ 25-akpm/net/ipv6/netfilter/ip6_tables.c	2004-12-31 03:58:55.810811688 -0800
@@ -1222,11 +1222,12 @@ do_replace(void __user *user, unsigned i
 	IP6T_ENTRY_ITERATE(oldinfo->entries, oldinfo->size, cleanup_entry,NULL);
 	vfree(oldinfo);
 	/* Silent error: too late now. */
-	copy_to_user(tmp.counters, counters,
-		     sizeof(struct ip6t_counters) * tmp.num_counters);
+	if (copy_to_user(tmp.counters, counters,
+			 sizeof(struct ip6t_counters) * tmp.num_counters) != 0)
+		ret = -EFAULT;
 	vfree(counters);
 	up(&ip6t_mutex);
-	return 0;
+	return ret;
 
  put_module:
 	module_put(t->me);
_