kernel: fix xtables flow offload issues

- avoid using garbage stack values as dst pointer if lookup fails
- provide the source address for ipv6 dst lookup

Signed-off-by: Felix Fietkau <nbd@nbd.name>

target/linux/generic/hack-4.14/650-netfilter-add-xt_OFFLOAD-target.patch

@@ -70,7 +70,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  	help
  	  This option adds the flow table core infrastructure.
  
-@@ -959,6 +958,15 @@ config NETFILTER_XT_TARGET_NOTRACK
+@@ -968,6 +967,15 @@ config NETFILTER_XT_TARGET_NOTRACK
  	depends on NETFILTER_ADVANCED
  	select NETFILTER_XT_TARGET_CT
  
@@ -88,7 +88,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  	depends on NETFILTER_ADVANCED
 --- a/net/netfilter/Makefile
 +++ b/net/netfilter/Makefile
-@@ -133,6 +133,7 @@ obj-$(CONFIG_NETFILTER_XT_TARGET_CLASSIF
+@@ -134,6 +134,7 @@ obj-$(CONFIG_NETFILTER_XT_TARGET_CLASSIF
  obj-$(CONFIG_NETFILTER_XT_TARGET_CONNSECMARK) += xt_CONNSECMARK.o
  obj-$(CONFIG_NETFILTER_XT_TARGET_CT) += xt_CT.o
  obj-$(CONFIG_NETFILTER_XT_TARGET_DSCP) += xt_DSCP.o
@@ -98,7 +98,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  obj-$(CONFIG_NETFILTER_XT_TARGET_LED) += xt_LED.o
 --- /dev/null
 +++ b/net/netfilter/xt_FLOWOFFLOAD.c
-@@ -0,0 +1,364 @@
+@@ -0,0 +1,365 @@
 +/*
 + * Copyright (C) 2018 Felix Fietkau <nbd@nbd.name>
 + *
@@ -295,7 +295,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 +xt_flowoffload_dst(const struct nf_conn *ct, enum ip_conntrack_dir dir,
 +		   const struct xt_action_param *par)
 +{
-+	struct dst_entry *dst;
++	struct dst_entry *dst = NULL;
 +	struct flowi fl;
 +
 +	memset(&fl, 0, sizeof(fl));
@@ -304,6 +304,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 +		fl.u.ip4.daddr = ct->tuplehash[dir].tuple.src.u3.ip;
 +		break;
 +	case NFPROTO_IPV6:
++		fl.u.ip6.saddr = ct->tuplehash[dir].tuple.dst.u3.in6;
 +		fl.u.ip6.daddr = ct->tuplehash[dir].tuple.src.u3.in6;
 +		break;
 +	}