aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2012-10-02 16:38:27 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2012-10-02 16:38:27 -0400
commitaecdc33e111b2c447b622e287c6003726daa1426 (patch)
tree3e7657eae4b785e1a1fb5dfb225dbae0b2f0cfc6 /net
parenta20acf99f75e49271381d65db097c9763060a1e8 (diff)
parenta3a6cab5ea10cca64d036851fe0d932448f2fe4f (diff)
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
Pull networking changes from David Miller: 1) GRE now works over ipv6, from Dmitry Kozlov. 2) Make SCTP more network namespace aware, from Eric Biederman. 3) TEAM driver now works with non-ethernet devices, from Jiri Pirko. 4) Make openvswitch network namespace aware, from Pravin B Shelar. 5) IPV6 NAT implementation, from Patrick McHardy. 6) Server side support for TCP Fast Open, from Jerry Chu and others. 7) Packet BPF filter supports MOD and XOR, from Eric Dumazet and Daniel Borkmann. 8) Increate the loopback default MTU to 64K, from Eric Dumazet. 9) Use a per-task rather than per-socket page fragment allocator for outgoing networking traffic. This benefits processes that have very many mostly idle sockets, which is quite common. From Eric Dumazet. 10) Use up to 32K for page fragment allocations, with fallbacks to smaller sizes when higher order page allocations fail. Benefits are a) less segments for driver to process b) less calls to page allocator c) less waste of space. From Eric Dumazet. 11) Allow GRO to be used on GRE tunnels, from Eric Dumazet. 12) VXLAN device driver, one way to handle VLAN issues such as the limitation of 4096 VLAN IDs yet still have some level of isolation. From Stephen Hemminger. 13) As usual there is a large boatload of driver changes, with the scale perhaps tilted towards the wireless side this time around. Fix up various fairly trivial conflicts, mostly caused by the user namespace changes. * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next: (1012 commits) hyperv: Add buffer for extended info after the RNDIS response message. hyperv: Report actual status in receive completion packet hyperv: Remove extra allocated space for recv_pkt_list elements hyperv: Fix page buffer handling in rndis_filter_send_request() hyperv: Fix the missing return value in rndis_filter_set_packet_filter() hyperv: Fix the max_xfer_size in RNDIS initialization vxlan: put UDP socket in correct namespace vxlan: Depend on CONFIG_INET sfc: Fix the reported priorities of different filter types sfc: Remove EFX_FILTER_FLAG_RX_OVERRIDE_IP sfc: Fix loopback self-test with separate_tx_channels=1 sfc: Fix MCDI structure field lookup sfc: Add parentheses around use of bitfield macro arguments sfc: Fix null function pointer in efx_sriov_channel_type vxlan: virtual extensible lan igmp: export symbol ip_mc_leave_group netlink: add attributes to fdb interface tg3: unconditionally select HWMON support when tg3 is enabled. Revert "net: ti cpsw ethernet: allow reading phy interface mode from DT" gre: fix sparse warning ...
Diffstat (limited to 'net')
-rw-r--r--net/8021q/vlan_core.c6
-rw-r--r--net/Kconfig2
-rw-r--r--net/atm/resources.c2
-rw-r--r--net/batman-adv/bat_iv_ogm.c86
-rw-r--r--net/batman-adv/bridge_loop_avoidance.c214
-rw-r--r--net/batman-adv/bridge_loop_avoidance.h11
-rw-r--r--net/batman-adv/debugfs.c12
-rw-r--r--net/batman-adv/gateway_client.c53
-rw-r--r--net/batman-adv/hard-interface.c13
-rw-r--r--net/batman-adv/main.c27
-rw-r--r--net/batman-adv/main.h29
-rw-r--r--net/batman-adv/packet.h35
-rw-r--r--net/batman-adv/routing.c85
-rw-r--r--net/batman-adv/send.c8
-rw-r--r--net/batman-adv/soft-interface.c79
-rw-r--r--net/batman-adv/soft-interface.h5
-rw-r--r--net/batman-adv/translation-table.c416
-rw-r--r--net/batman-adv/translation-table.h4
-rw-r--r--net/batman-adv/types.h120
-rw-r--r--net/batman-adv/unicast.c16
-rw-r--r--net/batman-adv/vis.c144
-rw-r--r--net/batman-adv/vis.h2
-rw-r--r--net/bluetooth/a2mp.c16
-rw-r--r--net/bluetooth/af_bluetooth.c139
-rw-r--r--net/bluetooth/bnep/sock.c22
-rw-r--r--net/bluetooth/cmtp/sock.c23
-rw-r--r--net/bluetooth/hci_conn.c100
-rw-r--r--net/bluetooth/hci_core.c12
-rw-r--r--net/bluetooth/hci_event.c190
-rw-r--r--net/bluetooth/hci_sock.c13
-rw-r--r--net/bluetooth/hidp/sock.c22
-rw-r--r--net/bluetooth/l2cap_core.c37
-rw-r--r--net/bluetooth/l2cap_sock.c22
-rw-r--r--net/bluetooth/mgmt.c62
-rw-r--r--net/bluetooth/rfcomm/sock.c14
-rw-r--r--net/bluetooth/sco.c16
-rw-r--r--net/bridge/br_fdb.c17
-rw-r--r--net/bridge/br_netlink.c2
-rw-r--r--net/bridge/br_private.h6
-rw-r--r--net/bridge/br_stp_timer.c2
-rw-r--r--net/bridge/netfilter/ebt_ulog.c3
-rw-r--r--net/bridge/netfilter/ebtable_filter.c4
-rw-r--r--net/bridge/netfilter/ebtable_nat.c4
-rw-r--r--net/can/gw.c2
-rw-r--r--net/core/dev.c109
-rw-r--r--net/core/dev_addr_lists.c40
-rw-r--r--net/core/dst.c2
-rw-r--r--net/core/ethtool.c12
-rw-r--r--net/core/fib_rules.c6
-rw-r--r--net/core/filter.c27
-rw-r--r--net/core/link_watch.c8
-rw-r--r--net/core/neighbour.c8
-rw-r--r--net/core/net-sysfs.c18
-rw-r--r--net/core/netpoll.c5
-rw-r--r--net/core/netprio_cgroup.c41
-rw-r--r--net/core/request_sock.c95
-rw-r--r--net/core/rtnetlink.c38
-rw-r--r--net/core/scm.c17
-rw-r--r--net/core/secure_seq.c1
-rw-r--r--net/core/skbuff.c86
-rw-r--r--net/core/sock.c64
-rw-r--r--net/core/sock_diag.c3
-rw-r--r--net/core/utils.c20
-rw-r--r--net/dcb/dcbnl.c18
-rw-r--r--net/decnet/af_decnet.c4
-rw-r--r--net/decnet/dn_dev.c6
-rw-r--r--net/decnet/dn_route.c16
-rw-r--r--net/decnet/dn_table.c12
-rw-r--r--net/decnet/netfilter/dn_rtmsg.c3
-rw-r--r--net/ieee802154/6lowpan.c53
-rw-r--r--net/ieee802154/nl-mac.c6
-rw-r--r--net/ieee802154/nl-phy.c6
-rw-r--r--net/ipv4/af_inet.c27
-rw-r--r--net/ipv4/devinet.c67
-rw-r--r--net/ipv4/fib_frontend.c25
-rw-r--r--net/ipv4/fib_semantics.c8
-rw-r--r--net/ipv4/fib_trie.c15
-rw-r--r--net/ipv4/igmp.c38
-rw-r--r--net/ipv4/inet_connection_sock.c57
-rw-r--r--net/ipv4/inet_diag.c32
-rw-r--r--net/ipv4/inet_fragment.c9
-rw-r--r--net/ipv4/ip_fragment.c13
-rw-r--r--net/ipv4/ip_gre.c128
-rw-r--r--net/ipv4/ip_output.c74
-rw-r--r--net/ipv4/ip_vti.c5
-rw-r--r--net/ipv4/ipconfig.c43
-rw-r--r--net/ipv4/ipip.c51
-rw-r--r--net/ipv4/ipmr.c12
-rw-r--r--net/ipv4/netfilter.c41
-rw-r--r--net/ipv4/netfilter/Kconfig90
-rw-r--r--net/ipv4/netfilter/Makefile18
-rw-r--r--net/ipv4/netfilter/ipt_MASQUERADE.c18
-rw-r--r--net/ipv4/netfilter/ipt_NETMAP.c98
-rw-r--r--net/ipv4/netfilter/ipt_REDIRECT.c110
-rw-r--r--net/ipv4/netfilter/ipt_ULOG.c3
-rw-r--r--net/ipv4/netfilter/ipt_rpfilter.c2
-rw-r--r--net/ipv4/netfilter/iptable_filter.c10
-rw-r--r--net/ipv4/netfilter/iptable_mangle.c10
-rw-r--r--net/ipv4/netfilter/iptable_nat.c (renamed from net/ipv4/netfilter/nf_nat_standalone.c)264
-rw-r--r--net/ipv4/netfilter/iptable_raw.c10
-rw-r--r--net/ipv4/netfilter/iptable_security.c5
-rw-r--r--net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c8
-rw-r--r--net/ipv4/netfilter/nf_nat_h323.c71
-rw-r--r--net/ipv4/netfilter/nf_nat_l3proto_ipv4.c281
-rw-r--r--net/ipv4/netfilter/nf_nat_pptp.c21
-rw-r--r--net/ipv4/netfilter/nf_nat_proto_gre.c30
-rw-r--r--net/ipv4/netfilter/nf_nat_proto_icmp.c24
-rw-r--r--net/ipv4/netfilter/nf_nat_rule.c214
-rw-r--r--net/ipv4/proc.c4
-rw-r--r--net/ipv4/route.c30
-rw-r--r--net/ipv4/syncookies.c1
-rw-r--r--net/ipv4/sysctl_net_ipv4.c45
-rw-r--r--net/ipv4/tcp.c135
-rw-r--r--net/ipv4/tcp_fastopen.c83
-rw-r--r--net/ipv4/tcp_input.c281
-rw-r--r--net/ipv4/tcp_ipv4.c326
-rw-r--r--net/ipv4/tcp_metrics.c354
-rw-r--r--net/ipv4/tcp_minisocks.c75
-rw-r--r--net/ipv4/tcp_output.c27
-rw-r--r--net/ipv4/tcp_timer.c39
-rw-r--r--net/ipv4/udp_diag.c6
-rw-r--r--net/ipv6/Kconfig16
-rw-r--r--net/ipv6/Makefile1
-rw-r--r--net/ipv6/addrconf.c83
-rw-r--r--net/ipv6/addrlabel.c24
-rw-r--r--net/ipv6/ip6_fib.c20
-rw-r--r--net/ipv6/ip6_gre.c1770
-rw-r--r--net/ipv6/ip6_output.c85
-rw-r--r--net/ipv6/ip6_tunnel.c91
-rw-r--r--net/ipv6/ip6mr.c10
-rw-r--r--net/ipv6/netfilter.c8
-rw-r--r--net/ipv6/netfilter/Kconfig37
-rw-r--r--net/ipv6/netfilter/Makefile6
-rw-r--r--net/ipv6/netfilter/ip6t_MASQUERADE.c135
-rw-r--r--net/ipv6/netfilter/ip6t_NPT.c165
-rw-r--r--net/ipv6/netfilter/ip6table_filter.c4
-rw-r--r--net/ipv6/netfilter/ip6table_mangle.c4
-rw-r--r--net/ipv6/netfilter/ip6table_nat.c321
-rw-r--r--net/ipv6/netfilter/ip6table_raw.c4
-rw-r--r--net/ipv6/netfilter/ip6table_security.c5
-rw-r--r--net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c137
-rw-r--r--net/ipv6/netfilter/nf_conntrack_reasm.c218
-rw-r--r--net/ipv6/netfilter/nf_nat_l3proto_ipv6.c288
-rw-r--r--net/ipv6/netfilter/nf_nat_proto_icmpv6.c90
-rw-r--r--net/ipv6/reassembly.c89
-rw-r--r--net/ipv6/route.c96
-rw-r--r--net/ipv6/sit.c6
-rw-r--r--net/ipv6/syncookies.c1
-rw-r--r--net/ipv6/tcp_ipv6.c40
-rw-r--r--net/irda/irnetlink.c2
-rw-r--r--net/key/af_key.c39
-rw-r--r--net/l2tp/Kconfig1
-rw-r--r--net/l2tp/l2tp_eth.c3
-rw-r--r--net/l2tp/l2tp_netlink.c24
-rw-r--r--net/llc/llc_station.c600
-rw-r--r--net/llc/sysctl_net_llc.c7
-rw-r--r--net/mac80211/aes_cmac.c6
-rw-r--r--net/mac80211/agg-tx.c2
-rw-r--r--net/mac80211/cfg.c103
-rw-r--r--net/mac80211/chan.c67
-rw-r--r--net/mac80211/debugfs.c36
-rw-r--r--net/mac80211/driver-ops.h11
-rw-r--r--net/mac80211/ibss.c50
-rw-r--r--net/mac80211/ieee80211_i.h53
-rw-r--r--net/mac80211/iface.c316
-rw-r--r--net/mac80211/key.c2
-rw-r--r--net/mac80211/main.c31
-rw-r--r--net/mac80211/mesh.c49
-rw-r--r--net/mac80211/mesh.h5
-rw-r--r--net/mac80211/mesh_hwmp.c2
-rw-r--r--net/mac80211/mesh_pathtbl.c44
-rw-r--r--net/mac80211/mesh_plink.c85
-rw-r--r--net/mac80211/mlme.c443
-rw-r--r--net/mac80211/offchannel.c9
-rw-r--r--net/mac80211/rate.h2
-rw-r--r--net/mac80211/rx.c60
-rw-r--r--net/mac80211/scan.c53
-rw-r--r--net/mac80211/sta_info.c123
-rw-r--r--net/mac80211/sta_info.h2
-rw-r--r--net/mac80211/status.c42
-rw-r--r--net/mac80211/trace.h11
-rw-r--r--net/mac80211/tx.c73
-rw-r--r--net/mac80211/util.c108
-rw-r--r--net/netfilter/Kconfig83
-rw-r--r--net/netfilter/Makefile21
-rw-r--r--net/netfilter/core.c21
-rw-r--r--net/netfilter/ipset/ip_set_bitmap_ip.c19
-rw-r--r--net/netfilter/ipset/ip_set_bitmap_ipmac.c18
-rw-r--r--net/netfilter/ipset/ip_set_bitmap_port.c9
-rw-r--r--net/netfilter/ipset/ip_set_core.c39
-rw-r--r--net/netfilter/ipset/ip_set_hash_ip.c15
-rw-r--r--net/netfilter/ipset/ip_set_hash_ipport.c24
-rw-r--r--net/netfilter/ipset/ip_set_hash_ipportip.c24
-rw-r--r--net/netfilter/ipset/ip_set_hash_ipportnet.c47
-rw-r--r--net/netfilter/ipset/ip_set_hash_net.c25
-rw-r--r--net/netfilter/ipset/ip_set_hash_netiface.c66
-rw-r--r--net/netfilter/ipset/ip_set_hash_netport.c36
-rw-r--r--net/netfilter/ipset/ip_set_list_set.c9
-rw-r--r--net/netfilter/ipvs/Kconfig3
-rw-r--r--net/netfilter/ipvs/ip_vs_app.c58
-rw-r--r--net/netfilter/ipvs/ip_vs_core.c76
-rw-r--r--net/netfilter/ipvs/ip_vs_ctl.c25
-rw-r--r--net/netfilter/ipvs/ip_vs_ftp.c22
-rw-r--r--net/netfilter/ipvs/ip_vs_xmit.c111
-rw-r--r--net/netfilter/nf_conntrack_amanda.c5
-rw-r--r--net/netfilter/nf_conntrack_core.c15
-rw-r--r--net/netfilter/nf_conntrack_ecache.c2
-rw-r--r--net/netfilter/nf_conntrack_ftp.c24
-rw-r--r--net/netfilter/nf_conntrack_h323_main.c232
-rw-r--r--net/netfilter/nf_conntrack_irc.c3
-rw-r--r--net/netfilter/nf_conntrack_netlink.c114
-rw-r--r--net/netfilter/nf_conntrack_pptp.c18
-rw-r--r--net/netfilter/nf_conntrack_proto.c5
-rw-r--r--net/netfilter/nf_conntrack_proto_tcp.c8
-rw-r--r--net/netfilter/nf_conntrack_sip.c143
-rw-r--r--net/netfilter/nf_internals.h4
-rw-r--r--net/netfilter/nf_nat_amanda.c (renamed from net/ipv4/netfilter/nf_nat_amanda.c)4
-rw-r--r--net/netfilter/nf_nat_core.c (renamed from net/ipv4/netfilter/nf_nat_core.c)679
-rw-r--r--net/netfilter/nf_nat_ftp.c (renamed from net/ipv4/netfilter/nf_nat_ftp.c)34
-rw-r--r--net/netfilter/nf_nat_helper.c (renamed from net/ipv4/netfilter/nf_nat_helper.c)109
-rw-r--r--net/netfilter/nf_nat_irc.c (renamed from net/ipv4/netfilter/nf_nat_irc.c)10
-rw-r--r--net/netfilter/nf_nat_proto_common.c (renamed from net/ipv4/netfilter/nf_nat_proto_common.c)54
-rw-r--r--net/netfilter/nf_nat_proto_dccp.c (renamed from net/ipv4/netfilter/nf_nat_proto_dccp.c)56
-rw-r--r--net/netfilter/nf_nat_proto_sctp.c (renamed from net/ipv4/netfilter/nf_nat_proto_sctp.c)53
-rw-r--r--net/netfilter/nf_nat_proto_tcp.c (renamed from net/ipv4/netfilter/nf_nat_proto_tcp.c)40
-rw-r--r--net/netfilter/nf_nat_proto_udp.c (renamed from net/ipv4/netfilter/nf_nat_proto_udp.c)42
-rw-r--r--net/netfilter/nf_nat_proto_udplite.c (renamed from net/ipv4/netfilter/nf_nat_proto_udplite.c)58
-rw-r--r--net/netfilter/nf_nat_proto_unknown.c (renamed from net/ipv4/netfilter/nf_nat_proto_unknown.c)16
-rw-r--r--net/netfilter/nf_nat_sip.c (renamed from net/ipv4/netfilter/nf_nat_sip.c)270
-rw-r--r--net/netfilter/nf_nat_tftp.c (renamed from net/ipv4/netfilter/nf_nat_tftp.c)1
-rw-r--r--net/netfilter/nf_queue.c10
-rw-r--r--net/netfilter/nfnetlink.c2
-rw-r--r--net/netfilter/nfnetlink_acct.c16
-rw-r--r--net/netfilter/nfnetlink_cthelper.c17
-rw-r--r--net/netfilter/nfnetlink_cttimeout.c12
-rw-r--r--net/netfilter/nfnetlink_log.c18
-rw-r--r--net/netfilter/nfnetlink_queue_core.c50
-rw-r--r--net/netfilter/xt_CT.c262
-rw-r--r--net/netfilter/xt_NETMAP.c165
-rw-r--r--net/netfilter/xt_NFQUEUE.c8
-rw-r--r--net/netfilter/xt_NOTRACK.c53
-rw-r--r--net/netfilter/xt_REDIRECT.c190
-rw-r--r--net/netfilter/xt_nat.c170
-rw-r--r--net/netfilter/xt_osf.c2
-rw-r--r--net/netfilter/xt_set.c22
-rw-r--r--net/netfilter/xt_socket.c12
-rw-r--r--net/netfilter/xt_time.c24
-rw-r--r--net/netlabel/netlabel_cipso_v4.c2
-rw-r--r--net/netlabel/netlabel_mgmt.c4
-rw-r--r--net/netlabel/netlabel_unlabeled.c2
-rw-r--r--net/netlink/af_netlink.c210
-rw-r--r--net/netlink/genetlink.c48
-rw-r--r--net/nfc/core.c13
-rw-r--r--net/nfc/hci/Makefile4
-rw-r--r--net/nfc/hci/command.c45
-rw-r--r--net/nfc/hci/core.c336
-rw-r--r--net/nfc/hci/hci.h15
-rw-r--r--net/nfc/hci/hcp.c6
-rw-r--r--net/nfc/hci/llc.c170
-rw-r--r--net/nfc/hci/llc.h69
-rw-r--r--net/nfc/hci/llc_nop.c99
-rw-r--r--net/nfc/hci/llc_shdlc.c (renamed from net/nfc/hci/shdlc.c)544
-rw-r--r--net/nfc/llcp/commands.c2
-rw-r--r--net/nfc/llcp/llcp.c131
-rw-r--r--net/nfc/llcp/llcp.h6
-rw-r--r--net/nfc/llcp/sock.c93
-rw-r--r--net/nfc/nci/core.c91
-rw-r--r--net/nfc/nci/ntf.c52
-rw-r--r--net/nfc/nci/rsp.c14
-rw-r--r--net/nfc/netlink.c68
-rw-r--r--net/openvswitch/actions.c6
-rw-r--r--net/openvswitch/datapath.c453
-rw-r--r--net/openvswitch/datapath.h52
-rw-r--r--net/openvswitch/dp_notify.c8
-rw-r--r--net/openvswitch/flow.c21
-rw-r--r--net/openvswitch/flow.h3
-rw-r--r--net/openvswitch/vport-internal_dev.c7
-rw-r--r--net/openvswitch/vport-netdev.c2
-rw-r--r--net/openvswitch/vport.c27
-rw-r--r--net/openvswitch/vport.h13
-rw-r--r--net/packet/Kconfig8
-rw-r--r--net/packet/Makefile2
-rw-r--r--net/packet/af_packet.c143
-rw-r--r--net/packet/diag.c242
-rw-r--r--net/packet/internal.h121
-rw-r--r--net/phonet/pn_netlink.c14
-rw-r--r--net/rds/tcp_connect.c4
-rw-r--r--net/rds/tcp_listen.c4
-rw-r--r--net/rds/tcp_recv.c4
-rw-r--r--net/rds/tcp_send.c4
-rw-r--r--net/rfkill/core.c22
-rw-r--r--net/sched/act_api.c52
-rw-r--r--net/sched/cls_api.c14
-rw-r--r--net/sched/em_meta.c2
-rw-r--r--net/sched/sch_api.c44
-rw-r--r--net/sched/sch_drr.c2
-rw-r--r--net/sched/sch_generic.c27
-rw-r--r--net/sched/sch_qfq.c2
-rw-r--r--net/sctp/associola.c25
-rw-r--r--net/sctp/auth.c20
-rw-r--r--net/sctp/bind_addr.c20
-rw-r--r--net/sctp/chunk.c2
-rw-r--r--net/sctp/endpointola.c25
-rw-r--r--net/sctp/input.c115
-rw-r--r--net/sctp/ipv6.c36
-rw-r--r--net/sctp/objcnt.c8
-rw-r--r--net/sctp/output.c2
-rw-r--r--net/sctp/outqueue.c28
-rw-r--r--net/sctp/primitive.c4
-rw-r--r--net/sctp/proc.c55
-rw-r--r--net/sctp/protocol.c454
-rw-r--r--net/sctp/sm_make_chunk.c61
-rw-r--r--net/sctp/sm_sideeffect.c26
-rw-r--r--net/sctp/sm_statefuns.c725
-rw-r--r--net/sctp/sm_statetable.c17
-rw-r--r--net/sctp/socket.c119
-rw-r--r--net/sctp/sysctl.c198
-rw-r--r--net/sctp/transport.c23
-rw-r--r--net/sctp/ulpqueue.c18
-rw-r--r--net/socket.c89
-rw-r--r--net/tipc/bearer.c21
-rw-r--r--net/tipc/config.c48
-rw-r--r--net/tipc/core.c22
-rw-r--r--net/tipc/core.h18
-rw-r--r--net/tipc/eth_media.c29
-rw-r--r--net/tipc/handler.c2
-rw-r--r--net/tipc/link.c4
-rw-r--r--net/tipc/name_table.c16
-rw-r--r--net/tipc/net.c3
-rw-r--r--net/tipc/net.h2
-rw-r--r--net/tipc/netlink.c2
-rw-r--r--net/tipc/subscr.c4
-rw-r--r--net/unix/af_unix.c17
-rw-r--r--net/unix/diag.c14
-rw-r--r--net/wireless/chan.c7
-rw-r--r--net/wireless/core.c53
-rw-r--r--net/wireless/core.h2
-rw-r--r--net/wireless/mlme.c37
-rw-r--r--net/wireless/nl80211.c266
-rw-r--r--net/wireless/nl80211.h5
-rw-r--r--net/wireless/radiotap.c2
-rw-r--r--net/wireless/reg.c45
-rw-r--r--net/wireless/scan.c2
-rw-r--r--net/wireless/util.c36
-rw-r--r--net/wireless/wext-core.c8
-rw-r--r--net/xfrm/xfrm_policy.c83
-rw-r--r--net/xfrm/xfrm_state.c12
-rw-r--r--net/xfrm/xfrm_user.c77
348 files changed, 14603 insertions, 7791 deletions
diff --git a/net/8021q/vlan_core.c b/net/8021q/vlan_core.c
index 8ca533c95de0..b258da88f675 100644
--- a/net/8021q/vlan_core.c
+++ b/net/8021q/vlan_core.c
@@ -368,3 +368,9 @@ void vlan_vids_del_by_dev(struct net_device *dev,
368 vlan_vid_del(dev, vid_info->vid); 368 vlan_vid_del(dev, vid_info->vid);
369} 369}
370EXPORT_SYMBOL(vlan_vids_del_by_dev); 370EXPORT_SYMBOL(vlan_vids_del_by_dev);
371
372bool vlan_uses_dev(const struct net_device *dev)
373{
374 return rtnl_dereference(dev->vlan_info) ? true : false;
375}
376EXPORT_SYMBOL(vlan_uses_dev);
diff --git a/net/Kconfig b/net/Kconfig
index 245831bec09a..30b48f523135 100644
--- a/net/Kconfig
+++ b/net/Kconfig
@@ -52,6 +52,8 @@ source "net/iucv/Kconfig"
52 52
53config INET 53config INET
54 bool "TCP/IP networking" 54 bool "TCP/IP networking"
55 select CRYPTO
56 select CRYPTO_AES
55 ---help--- 57 ---help---
56 These are the protocols used on the Internet and on most local 58 These are the protocols used on the Internet and on most local
57 Ethernets. It is highly recommended to say Y here (this will enlarge 59 Ethernets. It is highly recommended to say Y here (this will enlarge
diff --git a/net/atm/resources.c b/net/atm/resources.c
index 23f45ce6f351..0447d5d0b639 100644
--- a/net/atm/resources.c
+++ b/net/atm/resources.c
@@ -432,7 +432,7 @@ int atm_dev_ioctl(unsigned int cmd, void __user *arg, int compat)
432 size = dev->ops->ioctl(dev, cmd, buf); 432 size = dev->ops->ioctl(dev, cmd, buf);
433 } 433 }
434 if (size < 0) { 434 if (size < 0) {
435 error = (size == -ENOIOCTLCMD ? -EINVAL : size); 435 error = (size == -ENOIOCTLCMD ? -ENOTTY : size);
436 goto done; 436 goto done;
437 } 437 }
438 } 438 }
diff --git a/net/batman-adv/bat_iv_ogm.c b/net/batman-adv/bat_iv_ogm.c
index 469daabd90c7..b02b75dae3a8 100644
--- a/net/batman-adv/bat_iv_ogm.c
+++ b/net/batman-adv/bat_iv_ogm.c
@@ -166,13 +166,15 @@ static void batadv_iv_ogm_send_to_if(struct batadv_forw_packet *forw_packet,
166 int16_t buff_pos; 166 int16_t buff_pos;
167 struct batadv_ogm_packet *batadv_ogm_packet; 167 struct batadv_ogm_packet *batadv_ogm_packet;
168 struct sk_buff *skb; 168 struct sk_buff *skb;
169 uint8_t *packet_pos;
169 170
170 if (hard_iface->if_status != BATADV_IF_ACTIVE) 171 if (hard_iface->if_status != BATADV_IF_ACTIVE)
171 return; 172 return;
172 173
173 packet_num = 0; 174 packet_num = 0;
174 buff_pos = 0; 175 buff_pos = 0;
175 batadv_ogm_packet = (struct batadv_ogm_packet *)forw_packet->skb->data; 176 packet_pos = forw_packet->skb->data;
177 batadv_ogm_packet = (struct batadv_ogm_packet *)packet_pos;
176 178
177 /* adjust all flags and log packets */ 179 /* adjust all flags and log packets */
178 while (batadv_iv_ogm_aggr_packet(buff_pos, forw_packet->packet_len, 180 while (batadv_iv_ogm_aggr_packet(buff_pos, forw_packet->packet_len,
@@ -181,15 +183,17 @@ static void batadv_iv_ogm_send_to_if(struct batadv_forw_packet *forw_packet,
181 /* we might have aggregated direct link packets with an 183 /* we might have aggregated direct link packets with an
182 * ordinary base packet 184 * ordinary base packet
183 */ 185 */
184 if ((forw_packet->direct_link_flags & (1 << packet_num)) && 186 if (forw_packet->direct_link_flags & BIT(packet_num) &&
185 (forw_packet->if_incoming == hard_iface)) 187 forw_packet->if_incoming == hard_iface)
186 batadv_ogm_packet->flags |= BATADV_DIRECTLINK; 188 batadv_ogm_packet->flags |= BATADV_DIRECTLINK;
187 else 189 else
188 batadv_ogm_packet->flags &= ~BATADV_DIRECTLINK; 190 batadv_ogm_packet->flags &= ~BATADV_DIRECTLINK;
189 191
190 fwd_str = (packet_num > 0 ? "Forwarding" : (forw_packet->own ? 192 if (packet_num > 0 || !forw_packet->own)
191 "Sending own" : 193 fwd_str = "Forwarding";
192 "Forwarding")); 194 else
195 fwd_str = "Sending own";
196
193 batadv_dbg(BATADV_DBG_BATMAN, bat_priv, 197 batadv_dbg(BATADV_DBG_BATMAN, bat_priv,
194 "%s %spacket (originator %pM, seqno %u, TQ %d, TTL %d, IDF %s, ttvn %d) on interface %s [%pM]\n", 198 "%s %spacket (originator %pM, seqno %u, TQ %d, TTL %d, IDF %s, ttvn %d) on interface %s [%pM]\n",
195 fwd_str, (packet_num > 0 ? "aggregated " : ""), 199 fwd_str, (packet_num > 0 ? "aggregated " : ""),
@@ -204,8 +208,8 @@ static void batadv_iv_ogm_send_to_if(struct batadv_forw_packet *forw_packet,
204 buff_pos += BATADV_OGM_HLEN; 208 buff_pos += BATADV_OGM_HLEN;
205 buff_pos += batadv_tt_len(batadv_ogm_packet->tt_num_changes); 209 buff_pos += batadv_tt_len(batadv_ogm_packet->tt_num_changes);
206 packet_num++; 210 packet_num++;
207 batadv_ogm_packet = (struct batadv_ogm_packet *) 211 packet_pos = forw_packet->skb->data + buff_pos;
208 (forw_packet->skb->data + buff_pos); 212 batadv_ogm_packet = (struct batadv_ogm_packet *)packet_pos;
209 } 213 }
210 214
211 /* create clone because function is called more than once */ 215 /* create clone because function is called more than once */
@@ -227,9 +231,10 @@ static void batadv_iv_ogm_emit(struct batadv_forw_packet *forw_packet)
227 struct batadv_hard_iface *primary_if = NULL; 231 struct batadv_hard_iface *primary_if = NULL;
228 struct batadv_ogm_packet *batadv_ogm_packet; 232 struct batadv_ogm_packet *batadv_ogm_packet;
229 unsigned char directlink; 233 unsigned char directlink;
234 uint8_t *packet_pos;
230 235
231 batadv_ogm_packet = (struct batadv_ogm_packet *) 236 packet_pos = forw_packet->skb->data;
232 (forw_packet->skb->data); 237 batadv_ogm_packet = (struct batadv_ogm_packet *)packet_pos;
233 directlink = (batadv_ogm_packet->flags & BATADV_DIRECTLINK ? 1 : 0); 238 directlink = (batadv_ogm_packet->flags & BATADV_DIRECTLINK ? 1 : 0);
234 239
235 if (!forw_packet->if_incoming) { 240 if (!forw_packet->if_incoming) {
@@ -454,6 +459,7 @@ static void batadv_iv_ogm_aggregate(struct batadv_forw_packet *forw_packet_aggr,
454 int packet_len, bool direct_link) 459 int packet_len, bool direct_link)
455{ 460{
456 unsigned char *skb_buff; 461 unsigned char *skb_buff;
462 unsigned long new_direct_link_flag;
457 463
458 skb_buff = skb_put(forw_packet_aggr->skb, packet_len); 464 skb_buff = skb_put(forw_packet_aggr->skb, packet_len);
459 memcpy(skb_buff, packet_buff, packet_len); 465 memcpy(skb_buff, packet_buff, packet_len);
@@ -461,9 +467,10 @@ static void batadv_iv_ogm_aggregate(struct batadv_forw_packet *forw_packet_aggr,
461 forw_packet_aggr->num_packets++; 467 forw_packet_aggr->num_packets++;
462 468
463 /* save packet direct link flag status */ 469 /* save packet direct link flag status */
464 if (direct_link) 470 if (direct_link) {
465 forw_packet_aggr->direct_link_flags |= 471 new_direct_link_flag = BIT(forw_packet_aggr->num_packets);
466 (1 << forw_packet_aggr->num_packets); 472 forw_packet_aggr->direct_link_flags |= new_direct_link_flag;
473 }
467} 474}
468 475
469static void batadv_iv_ogm_queue_add(struct batadv_priv *bat_priv, 476static void batadv_iv_ogm_queue_add(struct batadv_priv *bat_priv,
@@ -586,6 +593,8 @@ static void batadv_iv_ogm_schedule(struct batadv_hard_iface *hard_iface)
586 struct batadv_ogm_packet *batadv_ogm_packet; 593 struct batadv_ogm_packet *batadv_ogm_packet;
587 struct batadv_hard_iface *primary_if; 594 struct batadv_hard_iface *primary_if;
588 int vis_server, tt_num_changes = 0; 595 int vis_server, tt_num_changes = 0;
596 uint32_t seqno;
597 uint8_t bandwidth;
589 598
590 vis_server = atomic_read(&bat_priv->vis_mode); 599 vis_server = atomic_read(&bat_priv->vis_mode);
591 primary_if = batadv_primary_if_get_selected(bat_priv); 600 primary_if = batadv_primary_if_get_selected(bat_priv);
@@ -599,12 +608,12 @@ static void batadv_iv_ogm_schedule(struct batadv_hard_iface *hard_iface)
599 batadv_ogm_packet = (struct batadv_ogm_packet *)hard_iface->packet_buff; 608 batadv_ogm_packet = (struct batadv_ogm_packet *)hard_iface->packet_buff;
600 609
601 /* change sequence number to network order */ 610 /* change sequence number to network order */
602 batadv_ogm_packet->seqno = 611 seqno = (uint32_t)atomic_read(&hard_iface->seqno);
603 htonl((uint32_t)atomic_read(&hard_iface->seqno)); 612 batadv_ogm_packet->seqno = htonl(seqno);
604 atomic_inc(&hard_iface->seqno); 613 atomic_inc(&hard_iface->seqno);
605 614
606 batadv_ogm_packet->ttvn = atomic_read(&bat_priv->ttvn); 615 batadv_ogm_packet->ttvn = atomic_read(&bat_priv->tt.vn);
607 batadv_ogm_packet->tt_crc = htons(bat_priv->tt_crc); 616 batadv_ogm_packet->tt_crc = htons(bat_priv->tt.local_crc);
608 if (tt_num_changes >= 0) 617 if (tt_num_changes >= 0)
609 batadv_ogm_packet->tt_num_changes = tt_num_changes; 618 batadv_ogm_packet->tt_num_changes = tt_num_changes;
610 619
@@ -613,12 +622,13 @@ static void batadv_iv_ogm_schedule(struct batadv_hard_iface *hard_iface)
613 else 622 else
614 batadv_ogm_packet->flags &= ~BATADV_VIS_SERVER; 623 batadv_ogm_packet->flags &= ~BATADV_VIS_SERVER;
615 624
616 if ((hard_iface == primary_if) && 625 if (hard_iface == primary_if &&
617 (atomic_read(&bat_priv->gw_mode) == BATADV_GW_MODE_SERVER)) 626 atomic_read(&bat_priv->gw_mode) == BATADV_GW_MODE_SERVER) {
618 batadv_ogm_packet->gw_flags = 627 bandwidth = (uint8_t)atomic_read(&bat_priv->gw_bandwidth);
619 (uint8_t)atomic_read(&bat_priv->gw_bandwidth); 628 batadv_ogm_packet->gw_flags = bandwidth;
620 else 629 } else {
621 batadv_ogm_packet->gw_flags = BATADV_NO_FLAGS; 630 batadv_ogm_packet->gw_flags = BATADV_NO_FLAGS;
631 }
622 632
623 batadv_slide_own_bcast_window(hard_iface); 633 batadv_slide_own_bcast_window(hard_iface);
624 batadv_iv_ogm_queue_add(bat_priv, hard_iface->packet_buff, 634 batadv_iv_ogm_queue_add(bat_priv, hard_iface->packet_buff,
@@ -645,6 +655,7 @@ batadv_iv_ogm_orig_update(struct batadv_priv *bat_priv,
645 int if_num; 655 int if_num;
646 uint8_t sum_orig, sum_neigh; 656 uint8_t sum_orig, sum_neigh;
647 uint8_t *neigh_addr; 657 uint8_t *neigh_addr;
658 uint8_t tq_avg;
648 659
649 batadv_dbg(BATADV_DBG_BATMAN, bat_priv, 660 batadv_dbg(BATADV_DBG_BATMAN, bat_priv,
650 "update_originator(): Searching and updating originator entry of received packet\n"); 661 "update_originator(): Searching and updating originator entry of received packet\n");
@@ -668,8 +679,8 @@ batadv_iv_ogm_orig_update(struct batadv_priv *bat_priv,
668 spin_lock_bh(&tmp_neigh_node->lq_update_lock); 679 spin_lock_bh(&tmp_neigh_node->lq_update_lock);
669 batadv_ring_buffer_set(tmp_neigh_node->tq_recv, 680 batadv_ring_buffer_set(tmp_neigh_node->tq_recv,
670 &tmp_neigh_node->tq_index, 0); 681 &tmp_neigh_node->tq_index, 0);
671 tmp_neigh_node->tq_avg = 682 tq_avg = batadv_ring_buffer_avg(tmp_neigh_node->tq_recv);
672 batadv_ring_buffer_avg(tmp_neigh_node->tq_recv); 683 tmp_neigh_node->tq_avg = tq_avg;
673 spin_unlock_bh(&tmp_neigh_node->lq_update_lock); 684 spin_unlock_bh(&tmp_neigh_node->lq_update_lock);
674 } 685 }
675 686
@@ -836,8 +847,10 @@ static int batadv_iv_ogm_calc_tq(struct batadv_orig_node *orig_node,
836 spin_unlock_bh(&orig_node->ogm_cnt_lock); 847 spin_unlock_bh(&orig_node->ogm_cnt_lock);
837 848
838 /* pay attention to not get a value bigger than 100 % */ 849 /* pay attention to not get a value bigger than 100 % */
839 total_count = (orig_eq_count > neigh_rq_count ? 850 if (orig_eq_count > neigh_rq_count)
840 neigh_rq_count : orig_eq_count); 851 total_count = neigh_rq_count;
852 else
853 total_count = orig_eq_count;
841 854
842 /* if we have too few packets (too less data) we set tq_own to zero 855 /* if we have too few packets (too less data) we set tq_own to zero
843 * if we receive too few packets it is not considered bidirectional 856 * if we receive too few packets it is not considered bidirectional
@@ -911,6 +924,7 @@ batadv_iv_ogm_update_seqnos(const struct ethhdr *ethhdr,
911 int set_mark, ret = -1; 924 int set_mark, ret = -1;
912 uint32_t seqno = ntohl(batadv_ogm_packet->seqno); 925 uint32_t seqno = ntohl(batadv_ogm_packet->seqno);
913 uint8_t *neigh_addr; 926 uint8_t *neigh_addr;
927 uint8_t packet_count;
914 928
915 orig_node = batadv_get_orig_node(bat_priv, batadv_ogm_packet->orig); 929 orig_node = batadv_get_orig_node(bat_priv, batadv_ogm_packet->orig);
916 if (!orig_node) 930 if (!orig_node)
@@ -945,9 +959,9 @@ batadv_iv_ogm_update_seqnos(const struct ethhdr *ethhdr,
945 tmp_neigh_node->real_bits, 959 tmp_neigh_node->real_bits,
946 seq_diff, set_mark); 960 seq_diff, set_mark);
947 961
948 tmp_neigh_node->real_packet_count = 962 packet_count = bitmap_weight(tmp_neigh_node->real_bits,
949 bitmap_weight(tmp_neigh_node->real_bits, 963 BATADV_TQ_LOCAL_WINDOW_SIZE);
950 BATADV_TQ_LOCAL_WINDOW_SIZE); 964 tmp_neigh_node->real_packet_count = packet_count;
951 } 965 }
952 rcu_read_unlock(); 966 rcu_read_unlock();
953 967
@@ -1164,9 +1178,12 @@ static void batadv_iv_ogm_process(const struct ethhdr *ethhdr,
1164 /* if sender is a direct neighbor the sender mac equals 1178 /* if sender is a direct neighbor the sender mac equals
1165 * originator mac 1179 * originator mac
1166 */ 1180 */
1167 orig_neigh_node = (is_single_hop_neigh ? 1181 if (is_single_hop_neigh)
1168 orig_node : 1182 orig_neigh_node = orig_node;
1169 batadv_get_orig_node(bat_priv, ethhdr->h_source)); 1183 else
1184 orig_neigh_node = batadv_get_orig_node(bat_priv,
1185 ethhdr->h_source);
1186
1170 if (!orig_neigh_node) 1187 if (!orig_neigh_node)
1171 goto out; 1188 goto out;
1172 1189
@@ -1252,6 +1269,7 @@ static int batadv_iv_ogm_receive(struct sk_buff *skb,
1252 int buff_pos = 0, packet_len; 1269 int buff_pos = 0, packet_len;
1253 unsigned char *tt_buff, *packet_buff; 1270 unsigned char *tt_buff, *packet_buff;
1254 bool ret; 1271 bool ret;
1272 uint8_t *packet_pos;
1255 1273
1256 ret = batadv_check_management_packet(skb, if_incoming, BATADV_OGM_HLEN); 1274 ret = batadv_check_management_packet(skb, if_incoming, BATADV_OGM_HLEN);
1257 if (!ret) 1275 if (!ret)
@@ -1282,8 +1300,8 @@ static int batadv_iv_ogm_receive(struct sk_buff *skb,
1282 buff_pos += BATADV_OGM_HLEN; 1300 buff_pos += BATADV_OGM_HLEN;
1283 buff_pos += batadv_tt_len(batadv_ogm_packet->tt_num_changes); 1301 buff_pos += batadv_tt_len(batadv_ogm_packet->tt_num_changes);
1284 1302
1285 batadv_ogm_packet = (struct batadv_ogm_packet *) 1303 packet_pos = packet_buff + buff_pos;
1286 (packet_buff + buff_pos); 1304 batadv_ogm_packet = (struct batadv_ogm_packet *)packet_pos;
1287 } while (batadv_iv_ogm_aggr_packet(buff_pos, packet_len, 1305 } while (batadv_iv_ogm_aggr_packet(buff_pos, packet_len,
1288 batadv_ogm_packet->tt_num_changes)); 1306 batadv_ogm_packet->tt_num_changes));
1289 1307
diff --git a/net/batman-adv/bridge_loop_avoidance.c b/net/batman-adv/bridge_loop_avoidance.c
index 6705d35b17ce..0a9084ad19a6 100644
--- a/net/batman-adv/bridge_loop_avoidance.c
+++ b/net/batman-adv/bridge_loop_avoidance.c
@@ -133,7 +133,7 @@ static void batadv_claim_free_ref(struct batadv_claim *claim)
133static struct batadv_claim *batadv_claim_hash_find(struct batadv_priv *bat_priv, 133static struct batadv_claim *batadv_claim_hash_find(struct batadv_priv *bat_priv,
134 struct batadv_claim *data) 134 struct batadv_claim *data)
135{ 135{
136 struct batadv_hashtable *hash = bat_priv->claim_hash; 136 struct batadv_hashtable *hash = bat_priv->bla.claim_hash;
137 struct hlist_head *head; 137 struct hlist_head *head;
138 struct hlist_node *node; 138 struct hlist_node *node;
139 struct batadv_claim *claim; 139 struct batadv_claim *claim;
@@ -174,7 +174,7 @@ static struct batadv_backbone_gw *
174batadv_backbone_hash_find(struct batadv_priv *bat_priv, 174batadv_backbone_hash_find(struct batadv_priv *bat_priv,
175 uint8_t *addr, short vid) 175 uint8_t *addr, short vid)
176{ 176{
177 struct batadv_hashtable *hash = bat_priv->backbone_hash; 177 struct batadv_hashtable *hash = bat_priv->bla.backbone_hash;
178 struct hlist_head *head; 178 struct hlist_head *head;
179 struct hlist_node *node; 179 struct hlist_node *node;
180 struct batadv_backbone_gw search_entry, *backbone_gw; 180 struct batadv_backbone_gw search_entry, *backbone_gw;
@@ -218,7 +218,7 @@ batadv_bla_del_backbone_claims(struct batadv_backbone_gw *backbone_gw)
218 int i; 218 int i;
219 spinlock_t *list_lock; /* protects write access to the hash lists */ 219 spinlock_t *list_lock; /* protects write access to the hash lists */
220 220
221 hash = backbone_gw->bat_priv->claim_hash; 221 hash = backbone_gw->bat_priv->bla.claim_hash;
222 if (!hash) 222 if (!hash)
223 return; 223 return;
224 224
@@ -265,7 +265,7 @@ static void batadv_bla_send_claim(struct batadv_priv *bat_priv, uint8_t *mac,
265 if (!primary_if) 265 if (!primary_if)
266 return; 266 return;
267 267
268 memcpy(&local_claim_dest, &bat_priv->claim_dest, 268 memcpy(&local_claim_dest, &bat_priv->bla.claim_dest,
269 sizeof(local_claim_dest)); 269 sizeof(local_claim_dest));
270 local_claim_dest.type = claimtype; 270 local_claim_dest.type = claimtype;
271 271
@@ -281,7 +281,7 @@ static void batadv_bla_send_claim(struct batadv_priv *bat_priv, uint8_t *mac,
281 NULL, 281 NULL,
282 /* Ethernet SRC/HW SRC: originator mac */ 282 /* Ethernet SRC/HW SRC: originator mac */
283 primary_if->net_dev->dev_addr, 283 primary_if->net_dev->dev_addr,
284 /* HW DST: FF:43:05:XX:00:00 284 /* HW DST: FF:43:05:XX:YY:YY
285 * with XX = claim type 285 * with XX = claim type
286 * and YY:YY = group id 286 * and YY:YY = group id
287 */ 287 */
@@ -295,7 +295,7 @@ static void batadv_bla_send_claim(struct batadv_priv *bat_priv, uint8_t *mac,
295 295
296 /* now we pretend that the client would have sent this ... */ 296 /* now we pretend that the client would have sent this ... */
297 switch (claimtype) { 297 switch (claimtype) {
298 case BATADV_CLAIM_TYPE_ADD: 298 case BATADV_CLAIM_TYPE_CLAIM:
299 /* normal claim frame 299 /* normal claim frame
300 * set Ethernet SRC to the clients mac 300 * set Ethernet SRC to the clients mac
301 */ 301 */
@@ -303,7 +303,7 @@ static void batadv_bla_send_claim(struct batadv_priv *bat_priv, uint8_t *mac,
303 batadv_dbg(BATADV_DBG_BLA, bat_priv, 303 batadv_dbg(BATADV_DBG_BLA, bat_priv,
304 "bla_send_claim(): CLAIM %pM on vid %d\n", mac, vid); 304 "bla_send_claim(): CLAIM %pM on vid %d\n", mac, vid);
305 break; 305 break;
306 case BATADV_CLAIM_TYPE_DEL: 306 case BATADV_CLAIM_TYPE_UNCLAIM:
307 /* unclaim frame 307 /* unclaim frame
308 * set HW SRC to the clients mac 308 * set HW SRC to the clients mac
309 */ 309 */
@@ -323,7 +323,8 @@ static void batadv_bla_send_claim(struct batadv_priv *bat_priv, uint8_t *mac,
323 break; 323 break;
324 case BATADV_CLAIM_TYPE_REQUEST: 324 case BATADV_CLAIM_TYPE_REQUEST:
325 /* request frame 325 /* request frame
326 * set HW SRC to the special mac containg the crc 326 * set HW SRC and header destination to the receiving backbone
327 * gws mac
327 */ 328 */
328 memcpy(hw_src, mac, ETH_ALEN); 329 memcpy(hw_src, mac, ETH_ALEN);
329 memcpy(ethhdr->h_dest, mac, ETH_ALEN); 330 memcpy(ethhdr->h_dest, mac, ETH_ALEN);
@@ -339,8 +340,9 @@ static void batadv_bla_send_claim(struct batadv_priv *bat_priv, uint8_t *mac,
339 340
340 skb_reset_mac_header(skb); 341 skb_reset_mac_header(skb);
341 skb->protocol = eth_type_trans(skb, soft_iface); 342 skb->protocol = eth_type_trans(skb, soft_iface);
342 bat_priv->stats.rx_packets++; 343 batadv_inc_counter(bat_priv, BATADV_CNT_RX);
343 bat_priv->stats.rx_bytes += skb->len + ETH_HLEN; 344 batadv_add_counter(bat_priv, BATADV_CNT_RX_BYTES,
345 skb->len + ETH_HLEN);
344 soft_iface->last_rx = jiffies; 346 soft_iface->last_rx = jiffies;
345 347
346 netif_rx(skb); 348 netif_rx(skb);
@@ -389,7 +391,7 @@ batadv_bla_get_backbone_gw(struct batadv_priv *bat_priv, uint8_t *orig,
389 /* one for the hash, one for returning */ 391 /* one for the hash, one for returning */
390 atomic_set(&entry->refcount, 2); 392 atomic_set(&entry->refcount, 2);
391 393
392 hash_added = batadv_hash_add(bat_priv->backbone_hash, 394 hash_added = batadv_hash_add(bat_priv->bla.backbone_hash,
393 batadv_compare_backbone_gw, 395 batadv_compare_backbone_gw,
394 batadv_choose_backbone_gw, entry, 396 batadv_choose_backbone_gw, entry,
395 &entry->hash_entry); 397 &entry->hash_entry);
@@ -456,7 +458,7 @@ static void batadv_bla_answer_request(struct batadv_priv *bat_priv,
456 if (!backbone_gw) 458 if (!backbone_gw)
457 return; 459 return;
458 460
459 hash = bat_priv->claim_hash; 461 hash = bat_priv->bla.claim_hash;
460 for (i = 0; i < hash->size; i++) { 462 for (i = 0; i < hash->size; i++) {
461 head = &hash->table[i]; 463 head = &hash->table[i];
462 464
@@ -467,7 +469,7 @@ static void batadv_bla_answer_request(struct batadv_priv *bat_priv,
467 continue; 469 continue;
468 470
469 batadv_bla_send_claim(bat_priv, claim->addr, claim->vid, 471 batadv_bla_send_claim(bat_priv, claim->addr, claim->vid,
470 BATADV_CLAIM_TYPE_ADD); 472 BATADV_CLAIM_TYPE_CLAIM);
471 } 473 }
472 rcu_read_unlock(); 474 rcu_read_unlock();
473 } 475 }
@@ -497,7 +499,7 @@ static void batadv_bla_send_request(struct batadv_backbone_gw *backbone_gw)
497 499
498 /* no local broadcasts should be sent or received, for now. */ 500 /* no local broadcasts should be sent or received, for now. */
499 if (!atomic_read(&backbone_gw->request_sent)) { 501 if (!atomic_read(&backbone_gw->request_sent)) {
500 atomic_inc(&backbone_gw->bat_priv->bla_num_requests); 502 atomic_inc(&backbone_gw->bat_priv->bla.num_requests);
501 atomic_set(&backbone_gw->request_sent, 1); 503 atomic_set(&backbone_gw->request_sent, 1);
502 } 504 }
503} 505}
@@ -557,7 +559,7 @@ static void batadv_bla_add_claim(struct batadv_priv *bat_priv,
557 batadv_dbg(BATADV_DBG_BLA, bat_priv, 559 batadv_dbg(BATADV_DBG_BLA, bat_priv,
558 "bla_add_claim(): adding new entry %pM, vid %d to hash ...\n", 560 "bla_add_claim(): adding new entry %pM, vid %d to hash ...\n",
559 mac, vid); 561 mac, vid);
560 hash_added = batadv_hash_add(bat_priv->claim_hash, 562 hash_added = batadv_hash_add(bat_priv->bla.claim_hash,
561 batadv_compare_claim, 563 batadv_compare_claim,
562 batadv_choose_claim, claim, 564 batadv_choose_claim, claim,
563 &claim->hash_entry); 565 &claim->hash_entry);
@@ -577,8 +579,7 @@ static void batadv_bla_add_claim(struct batadv_priv *bat_priv,
577 "bla_add_claim(): changing ownership for %pM, vid %d\n", 579 "bla_add_claim(): changing ownership for %pM, vid %d\n",
578 mac, vid); 580 mac, vid);
579 581
580 claim->backbone_gw->crc ^= 582 claim->backbone_gw->crc ^= crc16(0, claim->addr, ETH_ALEN);
581 crc16(0, claim->addr, ETH_ALEN);
582 batadv_backbone_gw_free_ref(claim->backbone_gw); 583 batadv_backbone_gw_free_ref(claim->backbone_gw);
583 584
584 } 585 }
@@ -610,7 +611,7 @@ static void batadv_bla_del_claim(struct batadv_priv *bat_priv,
610 batadv_dbg(BATADV_DBG_BLA, bat_priv, "bla_del_claim(): %pM, vid %d\n", 611 batadv_dbg(BATADV_DBG_BLA, bat_priv, "bla_del_claim(): %pM, vid %d\n",
611 mac, vid); 612 mac, vid);
612 613
613 batadv_hash_remove(bat_priv->claim_hash, batadv_compare_claim, 614 batadv_hash_remove(bat_priv->bla.claim_hash, batadv_compare_claim,
614 batadv_choose_claim, claim); 615 batadv_choose_claim, claim);
615 batadv_claim_free_ref(claim); /* reference from the hash is gone */ 616 batadv_claim_free_ref(claim); /* reference from the hash is gone */
616 617
@@ -657,7 +658,7 @@ static int batadv_handle_announce(struct batadv_priv *bat_priv,
657 * we can allow traffic again. 658 * we can allow traffic again.
658 */ 659 */
659 if (atomic_read(&backbone_gw->request_sent)) { 660 if (atomic_read(&backbone_gw->request_sent)) {
660 atomic_dec(&backbone_gw->bat_priv->bla_num_requests); 661 atomic_dec(&backbone_gw->bat_priv->bla.num_requests);
661 atomic_set(&backbone_gw->request_sent, 0); 662 atomic_set(&backbone_gw->request_sent, 0);
662 } 663 }
663 } 664 }
@@ -702,7 +703,7 @@ static int batadv_handle_unclaim(struct batadv_priv *bat_priv,
702 if (primary_if && batadv_compare_eth(backbone_addr, 703 if (primary_if && batadv_compare_eth(backbone_addr,
703 primary_if->net_dev->dev_addr)) 704 primary_if->net_dev->dev_addr))
704 batadv_bla_send_claim(bat_priv, claim_addr, vid, 705 batadv_bla_send_claim(bat_priv, claim_addr, vid,
705 BATADV_CLAIM_TYPE_DEL); 706 BATADV_CLAIM_TYPE_UNCLAIM);
706 707
707 backbone_gw = batadv_backbone_hash_find(bat_priv, backbone_addr, vid); 708 backbone_gw = batadv_backbone_hash_find(bat_priv, backbone_addr, vid);
708 709
@@ -738,7 +739,7 @@ static int batadv_handle_claim(struct batadv_priv *bat_priv,
738 batadv_bla_add_claim(bat_priv, claim_addr, vid, backbone_gw); 739 batadv_bla_add_claim(bat_priv, claim_addr, vid, backbone_gw);
739 if (batadv_compare_eth(backbone_addr, primary_if->net_dev->dev_addr)) 740 if (batadv_compare_eth(backbone_addr, primary_if->net_dev->dev_addr))
740 batadv_bla_send_claim(bat_priv, claim_addr, vid, 741 batadv_bla_send_claim(bat_priv, claim_addr, vid,
741 BATADV_CLAIM_TYPE_ADD); 742 BATADV_CLAIM_TYPE_CLAIM);
742 743
743 /* TODO: we could call something like tt_local_del() here. */ 744 /* TODO: we could call something like tt_local_del() here. */
744 745
@@ -772,7 +773,7 @@ static int batadv_check_claim_group(struct batadv_priv *bat_priv,
772 struct batadv_bla_claim_dst *bla_dst, *bla_dst_own; 773 struct batadv_bla_claim_dst *bla_dst, *bla_dst_own;
773 774
774 bla_dst = (struct batadv_bla_claim_dst *)hw_dst; 775 bla_dst = (struct batadv_bla_claim_dst *)hw_dst;
775 bla_dst_own = &bat_priv->claim_dest; 776 bla_dst_own = &bat_priv->bla.claim_dest;
776 777
777 /* check if it is a claim packet in general */ 778 /* check if it is a claim packet in general */
778 if (memcmp(bla_dst->magic, bla_dst_own->magic, 779 if (memcmp(bla_dst->magic, bla_dst_own->magic,
@@ -783,12 +784,12 @@ static int batadv_check_claim_group(struct batadv_priv *bat_priv,
783 * otherwise assume it is in the hw_src 784 * otherwise assume it is in the hw_src
784 */ 785 */
785 switch (bla_dst->type) { 786 switch (bla_dst->type) {
786 case BATADV_CLAIM_TYPE_ADD: 787 case BATADV_CLAIM_TYPE_CLAIM:
787 backbone_addr = hw_src; 788 backbone_addr = hw_src;
788 break; 789 break;
789 case BATADV_CLAIM_TYPE_REQUEST: 790 case BATADV_CLAIM_TYPE_REQUEST:
790 case BATADV_CLAIM_TYPE_ANNOUNCE: 791 case BATADV_CLAIM_TYPE_ANNOUNCE:
791 case BATADV_CLAIM_TYPE_DEL: 792 case BATADV_CLAIM_TYPE_UNCLAIM:
792 backbone_addr = ethhdr->h_source; 793 backbone_addr = ethhdr->h_source;
793 break; 794 break;
794 default: 795 default:
@@ -904,12 +905,12 @@ static int batadv_bla_process_claim(struct batadv_priv *bat_priv,
904 905
905 /* check for the different types of claim frames ... */ 906 /* check for the different types of claim frames ... */
906 switch (bla_dst->type) { 907 switch (bla_dst->type) {
907 case BATADV_CLAIM_TYPE_ADD: 908 case BATADV_CLAIM_TYPE_CLAIM:
908 if (batadv_handle_claim(bat_priv, primary_if, hw_src, 909 if (batadv_handle_claim(bat_priv, primary_if, hw_src,
909 ethhdr->h_source, vid)) 910 ethhdr->h_source, vid))
910 return 1; 911 return 1;
911 break; 912 break;
912 case BATADV_CLAIM_TYPE_DEL: 913 case BATADV_CLAIM_TYPE_UNCLAIM:
913 if (batadv_handle_unclaim(bat_priv, primary_if, 914 if (batadv_handle_unclaim(bat_priv, primary_if,
914 ethhdr->h_source, hw_src, vid)) 915 ethhdr->h_source, hw_src, vid))
915 return 1; 916 return 1;
@@ -945,7 +946,7 @@ static void batadv_bla_purge_backbone_gw(struct batadv_priv *bat_priv, int now)
945 spinlock_t *list_lock; /* protects write access to the hash lists */ 946 spinlock_t *list_lock; /* protects write access to the hash lists */
946 int i; 947 int i;
947 948
948 hash = bat_priv->backbone_hash; 949 hash = bat_priv->bla.backbone_hash;
949 if (!hash) 950 if (!hash)
950 return; 951 return;
951 952
@@ -969,7 +970,7 @@ static void batadv_bla_purge_backbone_gw(struct batadv_priv *bat_priv, int now)
969purge_now: 970purge_now:
970 /* don't wait for the pending request anymore */ 971 /* don't wait for the pending request anymore */
971 if (atomic_read(&backbone_gw->request_sent)) 972 if (atomic_read(&backbone_gw->request_sent))
972 atomic_dec(&bat_priv->bla_num_requests); 973 atomic_dec(&bat_priv->bla.num_requests);
973 974
974 batadv_bla_del_backbone_claims(backbone_gw); 975 batadv_bla_del_backbone_claims(backbone_gw);
975 976
@@ -999,7 +1000,7 @@ static void batadv_bla_purge_claims(struct batadv_priv *bat_priv,
999 struct batadv_hashtable *hash; 1000 struct batadv_hashtable *hash;
1000 int i; 1001 int i;
1001 1002
1002 hash = bat_priv->claim_hash; 1003 hash = bat_priv->bla.claim_hash;
1003 if (!hash) 1004 if (!hash)
1004 return; 1005 return;
1005 1006
@@ -1046,11 +1047,12 @@ void batadv_bla_update_orig_address(struct batadv_priv *bat_priv,
1046 struct hlist_node *node; 1047 struct hlist_node *node;
1047 struct hlist_head *head; 1048 struct hlist_head *head;
1048 struct batadv_hashtable *hash; 1049 struct batadv_hashtable *hash;
1050 __be16 group;
1049 int i; 1051 int i;
1050 1052
1051 /* reset bridge loop avoidance group id */ 1053 /* reset bridge loop avoidance group id */
1052 bat_priv->claim_dest.group = 1054 group = htons(crc16(0, primary_if->net_dev->dev_addr, ETH_ALEN));
1053 htons(crc16(0, primary_if->net_dev->dev_addr, ETH_ALEN)); 1055 bat_priv->bla.claim_dest.group = group;
1054 1056
1055 if (!oldif) { 1057 if (!oldif) {
1056 batadv_bla_purge_claims(bat_priv, NULL, 1); 1058 batadv_bla_purge_claims(bat_priv, NULL, 1);
@@ -1058,7 +1060,7 @@ void batadv_bla_update_orig_address(struct batadv_priv *bat_priv,
1058 return; 1060 return;
1059 } 1061 }
1060 1062
1061 hash = bat_priv->backbone_hash; 1063 hash = bat_priv->bla.backbone_hash;
1062 if (!hash) 1064 if (!hash)
1063 return; 1065 return;
1064 1066
@@ -1088,8 +1090,8 @@ void batadv_bla_update_orig_address(struct batadv_priv *bat_priv,
1088/* (re)start the timer */ 1090/* (re)start the timer */
1089static void batadv_bla_start_timer(struct batadv_priv *bat_priv) 1091static void batadv_bla_start_timer(struct batadv_priv *bat_priv)
1090{ 1092{
1091 INIT_DELAYED_WORK(&bat_priv->bla_work, batadv_bla_periodic_work); 1093 INIT_DELAYED_WORK(&bat_priv->bla.work, batadv_bla_periodic_work);
1092 queue_delayed_work(batadv_event_workqueue, &bat_priv->bla_work, 1094 queue_delayed_work(batadv_event_workqueue, &bat_priv->bla.work,
1093 msecs_to_jiffies(BATADV_BLA_PERIOD_LENGTH)); 1095 msecs_to_jiffies(BATADV_BLA_PERIOD_LENGTH));
1094} 1096}
1095 1097
@@ -1099,9 +1101,9 @@ static void batadv_bla_start_timer(struct batadv_priv *bat_priv)
1099 */ 1101 */
1100static void batadv_bla_periodic_work(struct work_struct *work) 1102static void batadv_bla_periodic_work(struct work_struct *work)
1101{ 1103{
1102 struct delayed_work *delayed_work = 1104 struct delayed_work *delayed_work;
1103 container_of(work, struct delayed_work, work);
1104 struct batadv_priv *bat_priv; 1105 struct batadv_priv *bat_priv;
1106 struct batadv_priv_bla *priv_bla;
1105 struct hlist_node *node; 1107 struct hlist_node *node;
1106 struct hlist_head *head; 1108 struct hlist_head *head;
1107 struct batadv_backbone_gw *backbone_gw; 1109 struct batadv_backbone_gw *backbone_gw;
@@ -1109,7 +1111,9 @@ static void batadv_bla_periodic_work(struct work_struct *work)
1109 struct batadv_hard_iface *primary_if; 1111 struct batadv_hard_iface *primary_if;
1110 int i; 1112 int i;
1111 1113
1112 bat_priv = container_of(delayed_work, struct batadv_priv, bla_work); 1114 delayed_work = container_of(work, struct delayed_work, work);
1115 priv_bla = container_of(delayed_work, struct batadv_priv_bla, work);
1116 bat_priv = container_of(priv_bla, struct batadv_priv, bla);
1113 primary_if = batadv_primary_if_get_selected(bat_priv); 1117 primary_if = batadv_primary_if_get_selected(bat_priv);
1114 if (!primary_if) 1118 if (!primary_if)
1115 goto out; 1119 goto out;
@@ -1120,7 +1124,7 @@ static void batadv_bla_periodic_work(struct work_struct *work)
1120 if (!atomic_read(&bat_priv->bridge_loop_avoidance)) 1124 if (!atomic_read(&bat_priv->bridge_loop_avoidance))
1121 goto out; 1125 goto out;
1122 1126
1123 hash = bat_priv->backbone_hash; 1127 hash = bat_priv->bla.backbone_hash;
1124 if (!hash) 1128 if (!hash)
1125 goto out; 1129 goto out;
1126 1130
@@ -1160,40 +1164,41 @@ int batadv_bla_init(struct batadv_priv *bat_priv)
1160 int i; 1164 int i;
1161 uint8_t claim_dest[ETH_ALEN] = {0xff, 0x43, 0x05, 0x00, 0x00, 0x00}; 1165 uint8_t claim_dest[ETH_ALEN] = {0xff, 0x43, 0x05, 0x00, 0x00, 0x00};
1162 struct batadv_hard_iface *primary_if; 1166 struct batadv_hard_iface *primary_if;
1167 uint16_t crc;
1168 unsigned long entrytime;
1163 1169
1164 batadv_dbg(BATADV_DBG_BLA, bat_priv, "bla hash registering\n"); 1170 batadv_dbg(BATADV_DBG_BLA, bat_priv, "bla hash registering\n");
1165 1171
1166 /* setting claim destination address */ 1172 /* setting claim destination address */
1167 memcpy(&bat_priv->claim_dest.magic, claim_dest, 3); 1173 memcpy(&bat_priv->bla.claim_dest.magic, claim_dest, 3);
1168 bat_priv->claim_dest.type = 0; 1174 bat_priv->bla.claim_dest.type = 0;
1169 primary_if = batadv_primary_if_get_selected(bat_priv); 1175 primary_if = batadv_primary_if_get_selected(bat_priv);
1170 if (primary_if) { 1176 if (primary_if) {
1171 bat_priv->claim_dest.group = 1177 crc = crc16(0, primary_if->net_dev->dev_addr, ETH_ALEN);
1172 htons(crc16(0, primary_if->net_dev->dev_addr, 1178 bat_priv->bla.claim_dest.group = htons(crc);
1173 ETH_ALEN));
1174 batadv_hardif_free_ref(primary_if); 1179 batadv_hardif_free_ref(primary_if);
1175 } else { 1180 } else {
1176 bat_priv->claim_dest.group = 0; /* will be set later */ 1181 bat_priv->bla.claim_dest.group = 0; /* will be set later */
1177 } 1182 }
1178 1183
1179 /* initialize the duplicate list */ 1184 /* initialize the duplicate list */
1185 entrytime = jiffies - msecs_to_jiffies(BATADV_DUPLIST_TIMEOUT);
1180 for (i = 0; i < BATADV_DUPLIST_SIZE; i++) 1186 for (i = 0; i < BATADV_DUPLIST_SIZE; i++)
1181 bat_priv->bcast_duplist[i].entrytime = 1187 bat_priv->bla.bcast_duplist[i].entrytime = entrytime;
1182 jiffies - msecs_to_jiffies(BATADV_DUPLIST_TIMEOUT); 1188 bat_priv->bla.bcast_duplist_curr = 0;
1183 bat_priv->bcast_duplist_curr = 0;
1184 1189
1185 if (bat_priv->claim_hash) 1190 if (bat_priv->bla.claim_hash)
1186 return 0; 1191 return 0;
1187 1192
1188 bat_priv->claim_hash = batadv_hash_new(128); 1193 bat_priv->bla.claim_hash = batadv_hash_new(128);
1189 bat_priv->backbone_hash = batadv_hash_new(32); 1194 bat_priv->bla.backbone_hash = batadv_hash_new(32);
1190 1195
1191 if (!bat_priv->claim_hash || !bat_priv->backbone_hash) 1196 if (!bat_priv->bla.claim_hash || !bat_priv->bla.backbone_hash)
1192 return -ENOMEM; 1197 return -ENOMEM;
1193 1198
1194 batadv_hash_set_lock_class(bat_priv->claim_hash, 1199 batadv_hash_set_lock_class(bat_priv->bla.claim_hash,
1195 &batadv_claim_hash_lock_class_key); 1200 &batadv_claim_hash_lock_class_key);
1196 batadv_hash_set_lock_class(bat_priv->backbone_hash, 1201 batadv_hash_set_lock_class(bat_priv->bla.backbone_hash,
1197 &batadv_backbone_hash_lock_class_key); 1202 &batadv_backbone_hash_lock_class_key);
1198 1203
1199 batadv_dbg(BATADV_DBG_BLA, bat_priv, "bla hashes initialized\n"); 1204 batadv_dbg(BATADV_DBG_BLA, bat_priv, "bla hashes initialized\n");
@@ -1234,8 +1239,9 @@ int batadv_bla_check_bcast_duplist(struct batadv_priv *bat_priv,
1234 crc = crc16(0, content, length); 1239 crc = crc16(0, content, length);
1235 1240
1236 for (i = 0; i < BATADV_DUPLIST_SIZE; i++) { 1241 for (i = 0; i < BATADV_DUPLIST_SIZE; i++) {
1237 curr = (bat_priv->bcast_duplist_curr + i) % BATADV_DUPLIST_SIZE; 1242 curr = (bat_priv->bla.bcast_duplist_curr + i);
1238 entry = &bat_priv->bcast_duplist[curr]; 1243 curr %= BATADV_DUPLIST_SIZE;
1244 entry = &bat_priv->bla.bcast_duplist[curr];
1239 1245
1240 /* we can stop searching if the entry is too old ; 1246 /* we can stop searching if the entry is too old ;
1241 * later entries will be even older 1247 * later entries will be even older
@@ -1256,13 +1262,13 @@ int batadv_bla_check_bcast_duplist(struct batadv_priv *bat_priv,
1256 return 1; 1262 return 1;
1257 } 1263 }
1258 /* not found, add a new entry (overwrite the oldest entry) */ 1264 /* not found, add a new entry (overwrite the oldest entry) */
1259 curr = (bat_priv->bcast_duplist_curr + BATADV_DUPLIST_SIZE - 1); 1265 curr = (bat_priv->bla.bcast_duplist_curr + BATADV_DUPLIST_SIZE - 1);
1260 curr %= BATADV_DUPLIST_SIZE; 1266 curr %= BATADV_DUPLIST_SIZE;
1261 entry = &bat_priv->bcast_duplist[curr]; 1267 entry = &bat_priv->bla.bcast_duplist[curr];
1262 entry->crc = crc; 1268 entry->crc = crc;
1263 entry->entrytime = jiffies; 1269 entry->entrytime = jiffies;
1264 memcpy(entry->orig, bcast_packet->orig, ETH_ALEN); 1270 memcpy(entry->orig, bcast_packet->orig, ETH_ALEN);
1265 bat_priv->bcast_duplist_curr = curr; 1271 bat_priv->bla.bcast_duplist_curr = curr;
1266 1272
1267 /* allow it, its the first occurence. */ 1273 /* allow it, its the first occurence. */
1268 return 0; 1274 return 0;
@@ -1279,7 +1285,7 @@ int batadv_bla_check_bcast_duplist(struct batadv_priv *bat_priv,
1279 */ 1285 */
1280int batadv_bla_is_backbone_gw_orig(struct batadv_priv *bat_priv, uint8_t *orig) 1286int batadv_bla_is_backbone_gw_orig(struct batadv_priv *bat_priv, uint8_t *orig)
1281{ 1287{
1282 struct batadv_hashtable *hash = bat_priv->backbone_hash; 1288 struct batadv_hashtable *hash = bat_priv->bla.backbone_hash;
1283 struct hlist_head *head; 1289 struct hlist_head *head;
1284 struct hlist_node *node; 1290 struct hlist_node *node;
1285 struct batadv_backbone_gw *backbone_gw; 1291 struct batadv_backbone_gw *backbone_gw;
@@ -1339,8 +1345,7 @@ int batadv_bla_is_backbone_gw(struct sk_buff *skb,
1339 if (!pskb_may_pull(skb, hdr_size + sizeof(struct vlan_ethhdr))) 1345 if (!pskb_may_pull(skb, hdr_size + sizeof(struct vlan_ethhdr)))
1340 return 0; 1346 return 0;
1341 1347
1342 vhdr = (struct vlan_ethhdr *)(((uint8_t *)skb->data) + 1348 vhdr = (struct vlan_ethhdr *)(skb->data + hdr_size);
1343 hdr_size);
1344 vid = ntohs(vhdr->h_vlan_TCI) & VLAN_VID_MASK; 1349 vid = ntohs(vhdr->h_vlan_TCI) & VLAN_VID_MASK;
1345 } 1350 }
1346 1351
@@ -1359,18 +1364,18 @@ void batadv_bla_free(struct batadv_priv *bat_priv)
1359{ 1364{
1360 struct batadv_hard_iface *primary_if; 1365 struct batadv_hard_iface *primary_if;
1361 1366
1362 cancel_delayed_work_sync(&bat_priv->bla_work); 1367 cancel_delayed_work_sync(&bat_priv->bla.work);
1363 primary_if = batadv_primary_if_get_selected(bat_priv); 1368 primary_if = batadv_primary_if_get_selected(bat_priv);
1364 1369
1365 if (bat_priv->claim_hash) { 1370 if (bat_priv->bla.claim_hash) {
1366 batadv_bla_purge_claims(bat_priv, primary_if, 1); 1371 batadv_bla_purge_claims(bat_priv, primary_if, 1);
1367 batadv_hash_destroy(bat_priv->claim_hash); 1372 batadv_hash_destroy(bat_priv->bla.claim_hash);
1368 bat_priv->claim_hash = NULL; 1373 bat_priv->bla.claim_hash = NULL;
1369 } 1374 }
1370 if (bat_priv->backbone_hash) { 1375 if (bat_priv->bla.backbone_hash) {
1371 batadv_bla_purge_backbone_gw(bat_priv, 1); 1376 batadv_bla_purge_backbone_gw(bat_priv, 1);
1372 batadv_hash_destroy(bat_priv->backbone_hash); 1377 batadv_hash_destroy(bat_priv->bla.backbone_hash);
1373 bat_priv->backbone_hash = NULL; 1378 bat_priv->bla.backbone_hash = NULL;
1374 } 1379 }
1375 if (primary_if) 1380 if (primary_if)
1376 batadv_hardif_free_ref(primary_if); 1381 batadv_hardif_free_ref(primary_if);
@@ -1409,7 +1414,7 @@ int batadv_bla_rx(struct batadv_priv *bat_priv, struct sk_buff *skb, short vid,
1409 goto allow; 1414 goto allow;
1410 1415
1411 1416
1412 if (unlikely(atomic_read(&bat_priv->bla_num_requests))) 1417 if (unlikely(atomic_read(&bat_priv->bla.num_requests)))
1413 /* don't allow broadcasts while requests are in flight */ 1418 /* don't allow broadcasts while requests are in flight */
1414 if (is_multicast_ether_addr(ethhdr->h_dest) && is_bcast) 1419 if (is_multicast_ether_addr(ethhdr->h_dest) && is_bcast)
1415 goto handled; 1420 goto handled;
@@ -1508,7 +1513,7 @@ int batadv_bla_tx(struct batadv_priv *bat_priv, struct sk_buff *skb, short vid)
1508 1513
1509 ethhdr = (struct ethhdr *)skb_mac_header(skb); 1514 ethhdr = (struct ethhdr *)skb_mac_header(skb);
1510 1515
1511 if (unlikely(atomic_read(&bat_priv->bla_num_requests))) 1516 if (unlikely(atomic_read(&bat_priv->bla.num_requests)))
1512 /* don't allow broadcasts while requests are in flight */ 1517 /* don't allow broadcasts while requests are in flight */
1513 if (is_multicast_ether_addr(ethhdr->h_dest)) 1518 if (is_multicast_ether_addr(ethhdr->h_dest))
1514 goto handled; 1519 goto handled;
@@ -1564,7 +1569,7 @@ int batadv_bla_claim_table_seq_print_text(struct seq_file *seq, void *offset)
1564{ 1569{
1565 struct net_device *net_dev = (struct net_device *)seq->private; 1570 struct net_device *net_dev = (struct net_device *)seq->private;
1566 struct batadv_priv *bat_priv = netdev_priv(net_dev); 1571 struct batadv_priv *bat_priv = netdev_priv(net_dev);
1567 struct batadv_hashtable *hash = bat_priv->claim_hash; 1572 struct batadv_hashtable *hash = bat_priv->bla.claim_hash;
1568 struct batadv_claim *claim; 1573 struct batadv_claim *claim;
1569 struct batadv_hard_iface *primary_if; 1574 struct batadv_hard_iface *primary_if;
1570 struct hlist_node *node; 1575 struct hlist_node *node;
@@ -1593,7 +1598,7 @@ int batadv_bla_claim_table_seq_print_text(struct seq_file *seq, void *offset)
1593 seq_printf(seq, 1598 seq_printf(seq,
1594 "Claims announced for the mesh %s (orig %pM, group id %04x)\n", 1599 "Claims announced for the mesh %s (orig %pM, group id %04x)\n",
1595 net_dev->name, primary_addr, 1600 net_dev->name, primary_addr,
1596 ntohs(bat_priv->claim_dest.group)); 1601 ntohs(bat_priv->bla.claim_dest.group));
1597 seq_printf(seq, " %-17s %-5s %-17s [o] (%-4s)\n", 1602 seq_printf(seq, " %-17s %-5s %-17s [o] (%-4s)\n",
1598 "Client", "VID", "Originator", "CRC"); 1603 "Client", "VID", "Originator", "CRC");
1599 for (i = 0; i < hash->size; i++) { 1604 for (i = 0; i < hash->size; i++) {
@@ -1616,3 +1621,68 @@ out:
1616 batadv_hardif_free_ref(primary_if); 1621 batadv_hardif_free_ref(primary_if);
1617 return ret; 1622 return ret;
1618} 1623}
1624
1625int batadv_bla_backbone_table_seq_print_text(struct seq_file *seq, void *offset)
1626{
1627 struct net_device *net_dev = (struct net_device *)seq->private;
1628 struct batadv_priv *bat_priv = netdev_priv(net_dev);
1629 struct batadv_hashtable *hash = bat_priv->bla.backbone_hash;
1630 struct batadv_backbone_gw *backbone_gw;
1631 struct batadv_hard_iface *primary_if;
1632 struct hlist_node *node;
1633 struct hlist_head *head;
1634 int secs, msecs;
1635 uint32_t i;
1636 bool is_own;
1637 int ret = 0;
1638 uint8_t *primary_addr;
1639
1640 primary_if = batadv_primary_if_get_selected(bat_priv);
1641 if (!primary_if) {
1642 ret = seq_printf(seq,
1643 "BATMAN mesh %s disabled - please specify interfaces to enable it\n",
1644 net_dev->name);
1645 goto out;
1646 }
1647
1648 if (primary_if->if_status != BATADV_IF_ACTIVE) {
1649 ret = seq_printf(seq,
1650 "BATMAN mesh %s disabled - primary interface not active\n",
1651 net_dev->name);
1652 goto out;
1653 }
1654
1655 primary_addr = primary_if->net_dev->dev_addr;
1656 seq_printf(seq,
1657 "Backbones announced for the mesh %s (orig %pM, group id %04x)\n",
1658 net_dev->name, primary_addr,
1659 ntohs(bat_priv->bla.claim_dest.group));
1660 seq_printf(seq, " %-17s %-5s %-9s (%-4s)\n",
1661 "Originator", "VID", "last seen", "CRC");
1662 for (i = 0; i < hash->size; i++) {
1663 head = &hash->table[i];
1664
1665 rcu_read_lock();
1666 hlist_for_each_entry_rcu(backbone_gw, node, head, hash_entry) {
1667 msecs = jiffies_to_msecs(jiffies -
1668 backbone_gw->lasttime);
1669 secs = msecs / 1000;
1670 msecs = msecs % 1000;
1671
1672 is_own = batadv_compare_eth(backbone_gw->orig,
1673 primary_addr);
1674 if (is_own)
1675 continue;
1676
1677 seq_printf(seq,
1678 " * %pM on % 5d % 4i.%03is (%04x)\n",
1679 backbone_gw->orig, backbone_gw->vid,
1680 secs, msecs, backbone_gw->crc);
1681 }
1682 rcu_read_unlock();
1683 }
1684out:
1685 if (primary_if)
1686 batadv_hardif_free_ref(primary_if);
1687 return ret;
1688}
diff --git a/net/batman-adv/bridge_loop_avoidance.h b/net/batman-adv/bridge_loop_avoidance.h
index 563cfbf94a7f..789cb73bde67 100644
--- a/net/batman-adv/bridge_loop_avoidance.h
+++ b/net/batman-adv/bridge_loop_avoidance.h
@@ -27,6 +27,8 @@ int batadv_bla_tx(struct batadv_priv *bat_priv, struct sk_buff *skb, short vid);
27int batadv_bla_is_backbone_gw(struct sk_buff *skb, 27int batadv_bla_is_backbone_gw(struct sk_buff *skb,
28 struct batadv_orig_node *orig_node, int hdr_size); 28 struct batadv_orig_node *orig_node, int hdr_size);
29int batadv_bla_claim_table_seq_print_text(struct seq_file *seq, void *offset); 29int batadv_bla_claim_table_seq_print_text(struct seq_file *seq, void *offset);
30int batadv_bla_backbone_table_seq_print_text(struct seq_file *seq,
31 void *offset);
30int batadv_bla_is_backbone_gw_orig(struct batadv_priv *bat_priv, uint8_t *orig); 32int batadv_bla_is_backbone_gw_orig(struct batadv_priv *bat_priv, uint8_t *orig);
31int batadv_bla_check_bcast_duplist(struct batadv_priv *bat_priv, 33int batadv_bla_check_bcast_duplist(struct batadv_priv *bat_priv,
32 struct batadv_bcast_packet *bcast_packet, 34 struct batadv_bcast_packet *bcast_packet,
@@ -41,8 +43,7 @@ void batadv_bla_free(struct batadv_priv *bat_priv);
41#else /* ifdef CONFIG_BATMAN_ADV_BLA */ 43#else /* ifdef CONFIG_BATMAN_ADV_BLA */
42 44
43static inline int batadv_bla_rx(struct batadv_priv *bat_priv, 45static inline int batadv_bla_rx(struct batadv_priv *bat_priv,
44 struct sk_buff *skb, short vid, 46 struct sk_buff *skb, short vid, bool is_bcast)
45 bool is_bcast)
46{ 47{
47 return 0; 48 return 0;
48} 49}
@@ -66,6 +67,12 @@ static inline int batadv_bla_claim_table_seq_print_text(struct seq_file *seq,
66 return 0; 67 return 0;
67} 68}
68 69
70static inline int batadv_bla_backbone_table_seq_print_text(struct seq_file *seq,
71 void *offset)
72{
73 return 0;
74}
75
69static inline int batadv_bla_is_backbone_gw_orig(struct batadv_priv *bat_priv, 76static inline int batadv_bla_is_backbone_gw_orig(struct batadv_priv *bat_priv,
70 uint8_t *orig) 77 uint8_t *orig)
71{ 78{
diff --git a/net/batman-adv/debugfs.c b/net/batman-adv/debugfs.c
index 34fbb1667bcd..391d4fb2026f 100644
--- a/net/batman-adv/debugfs.c
+++ b/net/batman-adv/debugfs.c
@@ -267,6 +267,15 @@ static int batadv_bla_claim_table_open(struct inode *inode, struct file *file)
267 return single_open(file, batadv_bla_claim_table_seq_print_text, 267 return single_open(file, batadv_bla_claim_table_seq_print_text,
268 net_dev); 268 net_dev);
269} 269}
270
271static int batadv_bla_backbone_table_open(struct inode *inode,
272 struct file *file)
273{
274 struct net_device *net_dev = (struct net_device *)inode->i_private;
275 return single_open(file, batadv_bla_backbone_table_seq_print_text,
276 net_dev);
277}
278
270#endif 279#endif
271 280
272static int batadv_transtable_local_open(struct inode *inode, struct file *file) 281static int batadv_transtable_local_open(struct inode *inode, struct file *file)
@@ -305,6 +314,8 @@ static BATADV_DEBUGINFO(transtable_global, S_IRUGO,
305 batadv_transtable_global_open); 314 batadv_transtable_global_open);
306#ifdef CONFIG_BATMAN_ADV_BLA 315#ifdef CONFIG_BATMAN_ADV_BLA
307static BATADV_DEBUGINFO(bla_claim_table, S_IRUGO, batadv_bla_claim_table_open); 316static BATADV_DEBUGINFO(bla_claim_table, S_IRUGO, batadv_bla_claim_table_open);
317static BATADV_DEBUGINFO(bla_backbone_table, S_IRUGO,
318 batadv_bla_backbone_table_open);
308#endif 319#endif
309static BATADV_DEBUGINFO(transtable_local, S_IRUGO, 320static BATADV_DEBUGINFO(transtable_local, S_IRUGO,
310 batadv_transtable_local_open); 321 batadv_transtable_local_open);
@@ -316,6 +327,7 @@ static struct batadv_debuginfo *batadv_mesh_debuginfos[] = {
316 &batadv_debuginfo_transtable_global, 327 &batadv_debuginfo_transtable_global,
317#ifdef CONFIG_BATMAN_ADV_BLA 328#ifdef CONFIG_BATMAN_ADV_BLA
318 &batadv_debuginfo_bla_claim_table, 329 &batadv_debuginfo_bla_claim_table,
330 &batadv_debuginfo_bla_backbone_table,
319#endif 331#endif
320 &batadv_debuginfo_transtable_local, 332 &batadv_debuginfo_transtable_local,
321 &batadv_debuginfo_vis_data, 333 &batadv_debuginfo_vis_data,
diff --git a/net/batman-adv/gateway_client.c b/net/batman-adv/gateway_client.c
index fc866f2e4528..15d67abc10a4 100644
--- a/net/batman-adv/gateway_client.c
+++ b/net/batman-adv/gateway_client.c
@@ -48,7 +48,7 @@ batadv_gw_get_selected_gw_node(struct batadv_priv *bat_priv)
48 struct batadv_gw_node *gw_node; 48 struct batadv_gw_node *gw_node;
49 49
50 rcu_read_lock(); 50 rcu_read_lock();
51 gw_node = rcu_dereference(bat_priv->curr_gw); 51 gw_node = rcu_dereference(bat_priv->gw.curr_gw);
52 if (!gw_node) 52 if (!gw_node)
53 goto out; 53 goto out;
54 54
@@ -91,23 +91,23 @@ static void batadv_gw_select(struct batadv_priv *bat_priv,
91{ 91{
92 struct batadv_gw_node *curr_gw_node; 92 struct batadv_gw_node *curr_gw_node;
93 93
94 spin_lock_bh(&bat_priv->gw_list_lock); 94 spin_lock_bh(&bat_priv->gw.list_lock);
95 95
96 if (new_gw_node && !atomic_inc_not_zero(&new_gw_node->refcount)) 96 if (new_gw_node && !atomic_inc_not_zero(&new_gw_node->refcount))
97 new_gw_node = NULL; 97 new_gw_node = NULL;
98 98
99 curr_gw_node = rcu_dereference_protected(bat_priv->curr_gw, 1); 99 curr_gw_node = rcu_dereference_protected(bat_priv->gw.curr_gw, 1);
100 rcu_assign_pointer(bat_priv->curr_gw, new_gw_node); 100 rcu_assign_pointer(bat_priv->gw.curr_gw, new_gw_node);
101 101
102 if (curr_gw_node) 102 if (curr_gw_node)
103 batadv_gw_node_free_ref(curr_gw_node); 103 batadv_gw_node_free_ref(curr_gw_node);
104 104
105 spin_unlock_bh(&bat_priv->gw_list_lock); 105 spin_unlock_bh(&bat_priv->gw.list_lock);
106} 106}
107 107
108void batadv_gw_deselect(struct batadv_priv *bat_priv) 108void batadv_gw_deselect(struct batadv_priv *bat_priv)
109{ 109{
110 atomic_set(&bat_priv->gw_reselect, 1); 110 atomic_set(&bat_priv->gw.reselect, 1);
111} 111}
112 112
113static struct batadv_gw_node * 113static struct batadv_gw_node *
@@ -117,12 +117,17 @@ batadv_gw_get_best_gw_node(struct batadv_priv *bat_priv)
117 struct hlist_node *node; 117 struct hlist_node *node;
118 struct batadv_gw_node *gw_node, *curr_gw = NULL; 118 struct batadv_gw_node *gw_node, *curr_gw = NULL;
119 uint32_t max_gw_factor = 0, tmp_gw_factor = 0; 119 uint32_t max_gw_factor = 0, tmp_gw_factor = 0;
120 uint32_t gw_divisor;
120 uint8_t max_tq = 0; 121 uint8_t max_tq = 0;
121 int down, up; 122 int down, up;
123 uint8_t tq_avg;
122 struct batadv_orig_node *orig_node; 124 struct batadv_orig_node *orig_node;
123 125
126 gw_divisor = BATADV_TQ_LOCAL_WINDOW_SIZE * BATADV_TQ_LOCAL_WINDOW_SIZE;
127 gw_divisor *= 64;
128
124 rcu_read_lock(); 129 rcu_read_lock();
125 hlist_for_each_entry_rcu(gw_node, node, &bat_priv->gw_list, list) { 130 hlist_for_each_entry_rcu(gw_node, node, &bat_priv->gw.list, list) {
126 if (gw_node->deleted) 131 if (gw_node->deleted)
127 continue; 132 continue;
128 133
@@ -134,19 +139,19 @@ batadv_gw_get_best_gw_node(struct batadv_priv *bat_priv)
134 if (!atomic_inc_not_zero(&gw_node->refcount)) 139 if (!atomic_inc_not_zero(&gw_node->refcount))
135 goto next; 140 goto next;
136 141
142 tq_avg = router->tq_avg;
143
137 switch (atomic_read(&bat_priv->gw_sel_class)) { 144 switch (atomic_read(&bat_priv->gw_sel_class)) {
138 case 1: /* fast connection */ 145 case 1: /* fast connection */
139 batadv_gw_bandwidth_to_kbit(orig_node->gw_flags, 146 batadv_gw_bandwidth_to_kbit(orig_node->gw_flags,
140 &down, &up); 147 &down, &up);
141 148
142 tmp_gw_factor = (router->tq_avg * router->tq_avg * 149 tmp_gw_factor = tq_avg * tq_avg * down * 100 * 100;
143 down * 100 * 100) / 150 tmp_gw_factor /= gw_divisor;
144 (BATADV_TQ_LOCAL_WINDOW_SIZE *
145 BATADV_TQ_LOCAL_WINDOW_SIZE * 64);
146 151
147 if ((tmp_gw_factor > max_gw_factor) || 152 if ((tmp_gw_factor > max_gw_factor) ||
148 ((tmp_gw_factor == max_gw_factor) && 153 ((tmp_gw_factor == max_gw_factor) &&
149 (router->tq_avg > max_tq))) { 154 (tq_avg > max_tq))) {
150 if (curr_gw) 155 if (curr_gw)
151 batadv_gw_node_free_ref(curr_gw); 156 batadv_gw_node_free_ref(curr_gw);
152 curr_gw = gw_node; 157 curr_gw = gw_node;
@@ -161,7 +166,7 @@ batadv_gw_get_best_gw_node(struct batadv_priv *bat_priv)
161 * soon as a better gateway appears which has 166 * soon as a better gateway appears which has
162 * $routing_class more tq points) 167 * $routing_class more tq points)
163 */ 168 */
164 if (router->tq_avg > max_tq) { 169 if (tq_avg > max_tq) {
165 if (curr_gw) 170 if (curr_gw)
166 batadv_gw_node_free_ref(curr_gw); 171 batadv_gw_node_free_ref(curr_gw);
167 curr_gw = gw_node; 172 curr_gw = gw_node;
@@ -170,8 +175,8 @@ batadv_gw_get_best_gw_node(struct batadv_priv *bat_priv)
170 break; 175 break;
171 } 176 }
172 177
173 if (router->tq_avg > max_tq) 178 if (tq_avg > max_tq)
174 max_tq = router->tq_avg; 179 max_tq = tq_avg;
175 180
176 if (tmp_gw_factor > max_gw_factor) 181 if (tmp_gw_factor > max_gw_factor)
177 max_gw_factor = tmp_gw_factor; 182 max_gw_factor = tmp_gw_factor;
@@ -202,7 +207,7 @@ void batadv_gw_election(struct batadv_priv *bat_priv)
202 207
203 curr_gw = batadv_gw_get_selected_gw_node(bat_priv); 208 curr_gw = batadv_gw_get_selected_gw_node(bat_priv);
204 209
205 if (!batadv_atomic_dec_not_zero(&bat_priv->gw_reselect) && curr_gw) 210 if (!batadv_atomic_dec_not_zero(&bat_priv->gw.reselect) && curr_gw)
206 goto out; 211 goto out;
207 212
208 next_gw = batadv_gw_get_best_gw_node(bat_priv); 213 next_gw = batadv_gw_get_best_gw_node(bat_priv);
@@ -321,9 +326,9 @@ static void batadv_gw_node_add(struct batadv_priv *bat_priv,
321 gw_node->orig_node = orig_node; 326 gw_node->orig_node = orig_node;
322 atomic_set(&gw_node->refcount, 1); 327 atomic_set(&gw_node->refcount, 1);
323 328
324 spin_lock_bh(&bat_priv->gw_list_lock); 329 spin_lock_bh(&bat_priv->gw.list_lock);
325 hlist_add_head_rcu(&gw_node->list, &bat_priv->gw_list); 330 hlist_add_head_rcu(&gw_node->list, &bat_priv->gw.list);
326 spin_unlock_bh(&bat_priv->gw_list_lock); 331 spin_unlock_bh(&bat_priv->gw.list_lock);
327 332
328 batadv_gw_bandwidth_to_kbit(new_gwflags, &down, &up); 333 batadv_gw_bandwidth_to_kbit(new_gwflags, &down, &up);
329 batadv_dbg(BATADV_DBG_BATMAN, bat_priv, 334 batadv_dbg(BATADV_DBG_BATMAN, bat_priv,
@@ -350,7 +355,7 @@ void batadv_gw_node_update(struct batadv_priv *bat_priv,
350 curr_gw = batadv_gw_get_selected_gw_node(bat_priv); 355 curr_gw = batadv_gw_get_selected_gw_node(bat_priv);
351 356
352 rcu_read_lock(); 357 rcu_read_lock();
353 hlist_for_each_entry_rcu(gw_node, node, &bat_priv->gw_list, list) { 358 hlist_for_each_entry_rcu(gw_node, node, &bat_priv->gw.list, list) {
354 if (gw_node->orig_node != orig_node) 359 if (gw_node->orig_node != orig_node)
355 continue; 360 continue;
356 361
@@ -404,10 +409,10 @@ void batadv_gw_node_purge(struct batadv_priv *bat_priv)
404 409
405 curr_gw = batadv_gw_get_selected_gw_node(bat_priv); 410 curr_gw = batadv_gw_get_selected_gw_node(bat_priv);
406 411
407 spin_lock_bh(&bat_priv->gw_list_lock); 412 spin_lock_bh(&bat_priv->gw.list_lock);
408 413
409 hlist_for_each_entry_safe(gw_node, node, node_tmp, 414 hlist_for_each_entry_safe(gw_node, node, node_tmp,
410 &bat_priv->gw_list, list) { 415 &bat_priv->gw.list, list) {
411 if (((!gw_node->deleted) || 416 if (((!gw_node->deleted) ||
412 (time_before(jiffies, gw_node->deleted + timeout))) && 417 (time_before(jiffies, gw_node->deleted + timeout))) &&
413 atomic_read(&bat_priv->mesh_state) == BATADV_MESH_ACTIVE) 418 atomic_read(&bat_priv->mesh_state) == BATADV_MESH_ACTIVE)
@@ -420,7 +425,7 @@ void batadv_gw_node_purge(struct batadv_priv *bat_priv)
420 batadv_gw_node_free_ref(gw_node); 425 batadv_gw_node_free_ref(gw_node);
421 } 426 }
422 427
423 spin_unlock_bh(&bat_priv->gw_list_lock); 428 spin_unlock_bh(&bat_priv->gw.list_lock);
424 429
425 /* gw_deselect() needs to acquire the gw_list_lock */ 430 /* gw_deselect() needs to acquire the gw_list_lock */
426 if (do_deselect) 431 if (do_deselect)
@@ -496,7 +501,7 @@ int batadv_gw_client_seq_print_text(struct seq_file *seq, void *offset)
496 primary_if->net_dev->dev_addr, net_dev->name); 501 primary_if->net_dev->dev_addr, net_dev->name);
497 502
498 rcu_read_lock(); 503 rcu_read_lock();
499 hlist_for_each_entry_rcu(gw_node, node, &bat_priv->gw_list, list) { 504 hlist_for_each_entry_rcu(gw_node, node, &bat_priv->gw.list, list) {
500 if (gw_node->deleted) 505 if (gw_node->deleted)
501 continue; 506 continue;
502 507
diff --git a/net/batman-adv/hard-interface.c b/net/batman-adv/hard-interface.c
index 282bf6e9353e..d112fd6750b0 100644
--- a/net/batman-adv/hard-interface.c
+++ b/net/batman-adv/hard-interface.c
@@ -103,13 +103,14 @@ static void batadv_primary_if_update_addr(struct batadv_priv *bat_priv,
103{ 103{
104 struct batadv_vis_packet *vis_packet; 104 struct batadv_vis_packet *vis_packet;
105 struct batadv_hard_iface *primary_if; 105 struct batadv_hard_iface *primary_if;
106 struct sk_buff *skb;
106 107
107 primary_if = batadv_primary_if_get_selected(bat_priv); 108 primary_if = batadv_primary_if_get_selected(bat_priv);
108 if (!primary_if) 109 if (!primary_if)
109 goto out; 110 goto out;
110 111
111 vis_packet = (struct batadv_vis_packet *) 112 skb = bat_priv->vis.my_info->skb_packet;
112 bat_priv->my_vis_info->skb_packet->data; 113 vis_packet = (struct batadv_vis_packet *)skb->data;
113 memcpy(vis_packet->vis_orig, primary_if->net_dev->dev_addr, ETH_ALEN); 114 memcpy(vis_packet->vis_orig, primary_if->net_dev->dev_addr, ETH_ALEN);
114 memcpy(vis_packet->sender_orig, 115 memcpy(vis_packet->sender_orig,
115 primary_if->net_dev->dev_addr, ETH_ALEN); 116 primary_if->net_dev->dev_addr, ETH_ALEN);
@@ -313,7 +314,13 @@ int batadv_hardif_enable_interface(struct batadv_hard_iface *hard_iface,
313 hard_iface->if_num = bat_priv->num_ifaces; 314 hard_iface->if_num = bat_priv->num_ifaces;
314 bat_priv->num_ifaces++; 315 bat_priv->num_ifaces++;
315 hard_iface->if_status = BATADV_IF_INACTIVE; 316 hard_iface->if_status = BATADV_IF_INACTIVE;
316 batadv_orig_hash_add_if(hard_iface, bat_priv->num_ifaces); 317 ret = batadv_orig_hash_add_if(hard_iface, bat_priv->num_ifaces);
318 if (ret < 0) {
319 bat_priv->bat_algo_ops->bat_iface_disable(hard_iface);
320 bat_priv->num_ifaces--;
321 hard_iface->if_status = BATADV_IF_NOT_IN_USE;
322 goto err_dev;
323 }
317 324
318 hard_iface->batman_adv_ptype.type = ethertype; 325 hard_iface->batman_adv_ptype.type = ethertype;
319 hard_iface->batman_adv_ptype.func = batadv_batman_skb_recv; 326 hard_iface->batman_adv_ptype.func = batadv_batman_skb_recv;
diff --git a/net/batman-adv/main.c b/net/batman-adv/main.c
index 13c88b25ab31..b4aa470bc4a6 100644
--- a/net/batman-adv/main.c
+++ b/net/batman-adv/main.c
@@ -58,9 +58,6 @@ static int __init batadv_init(void)
58 58
59 batadv_iv_init(); 59 batadv_iv_init();
60 60
61 /* the name should not be longer than 10 chars - see
62 * http://lwn.net/Articles/23634/
63 */
64 batadv_event_workqueue = create_singlethread_workqueue("bat_events"); 61 batadv_event_workqueue = create_singlethread_workqueue("bat_events");
65 62
66 if (!batadv_event_workqueue) 63 if (!batadv_event_workqueue)
@@ -97,20 +94,20 @@ int batadv_mesh_init(struct net_device *soft_iface)
97 94
98 spin_lock_init(&bat_priv->forw_bat_list_lock); 95 spin_lock_init(&bat_priv->forw_bat_list_lock);
99 spin_lock_init(&bat_priv->forw_bcast_list_lock); 96 spin_lock_init(&bat_priv->forw_bcast_list_lock);
100 spin_lock_init(&bat_priv->tt_changes_list_lock); 97 spin_lock_init(&bat_priv->tt.changes_list_lock);
101 spin_lock_init(&bat_priv->tt_req_list_lock); 98 spin_lock_init(&bat_priv->tt.req_list_lock);
102 spin_lock_init(&bat_priv->tt_roam_list_lock); 99 spin_lock_init(&bat_priv->tt.roam_list_lock);
103 spin_lock_init(&bat_priv->tt_buff_lock); 100 spin_lock_init(&bat_priv->tt.last_changeset_lock);
104 spin_lock_init(&bat_priv->gw_list_lock); 101 spin_lock_init(&bat_priv->gw.list_lock);
105 spin_lock_init(&bat_priv->vis_hash_lock); 102 spin_lock_init(&bat_priv->vis.hash_lock);
106 spin_lock_init(&bat_priv->vis_list_lock); 103 spin_lock_init(&bat_priv->vis.list_lock);
107 104
108 INIT_HLIST_HEAD(&bat_priv->forw_bat_list); 105 INIT_HLIST_HEAD(&bat_priv->forw_bat_list);
109 INIT_HLIST_HEAD(&bat_priv->forw_bcast_list); 106 INIT_HLIST_HEAD(&bat_priv->forw_bcast_list);
110 INIT_HLIST_HEAD(&bat_priv->gw_list); 107 INIT_HLIST_HEAD(&bat_priv->gw.list);
111 INIT_LIST_HEAD(&bat_priv->tt_changes_list); 108 INIT_LIST_HEAD(&bat_priv->tt.changes_list);
112 INIT_LIST_HEAD(&bat_priv->tt_req_list); 109 INIT_LIST_HEAD(&bat_priv->tt.req_list);
113 INIT_LIST_HEAD(&bat_priv->tt_roam_list); 110 INIT_LIST_HEAD(&bat_priv->tt.roam_list);
114 111
115 ret = batadv_originator_init(bat_priv); 112 ret = batadv_originator_init(bat_priv);
116 if (ret < 0) 113 if (ret < 0)
@@ -131,7 +128,7 @@ int batadv_mesh_init(struct net_device *soft_iface)
131 if (ret < 0) 128 if (ret < 0)
132 goto err; 129 goto err;
133 130
134 atomic_set(&bat_priv->gw_reselect, 0); 131 atomic_set(&bat_priv->gw.reselect, 0);
135 atomic_set(&bat_priv->mesh_state, BATADV_MESH_ACTIVE); 132 atomic_set(&bat_priv->mesh_state, BATADV_MESH_ACTIVE);
136 133
137 return 0; 134 return 0;
diff --git a/net/batman-adv/main.h b/net/batman-adv/main.h
index 5d8fa0757947..d57b746219de 100644
--- a/net/batman-adv/main.h
+++ b/net/batman-adv/main.h
@@ -26,7 +26,7 @@
26#define BATADV_DRIVER_DEVICE "batman-adv" 26#define BATADV_DRIVER_DEVICE "batman-adv"
27 27
28#ifndef BATADV_SOURCE_VERSION 28#ifndef BATADV_SOURCE_VERSION
29#define BATADV_SOURCE_VERSION "2012.3.0" 29#define BATADV_SOURCE_VERSION "2012.4.0"
30#endif 30#endif
31 31
32/* B.A.T.M.A.N. parameters */ 32/* B.A.T.M.A.N. parameters */
@@ -41,13 +41,14 @@
41 * -> TODO: check influence on BATADV_TQ_LOCAL_WINDOW_SIZE 41 * -> TODO: check influence on BATADV_TQ_LOCAL_WINDOW_SIZE
42 */ 42 */
43#define BATADV_PURGE_TIMEOUT 200000 /* 200 seconds */ 43#define BATADV_PURGE_TIMEOUT 200000 /* 200 seconds */
44#define BATADV_TT_LOCAL_TIMEOUT 3600000 /* in miliseconds */ 44#define BATADV_TT_LOCAL_TIMEOUT 3600000 /* in milliseconds */
45#define BATADV_TT_CLIENT_ROAM_TIMEOUT 600000 /* in miliseconds */ 45#define BATADV_TT_CLIENT_ROAM_TIMEOUT 600000 /* in milliseconds */
46#define BATADV_TT_CLIENT_TEMP_TIMEOUT 600000 /* in milliseconds */
46/* sliding packet range of received originator messages in sequence numbers 47/* sliding packet range of received originator messages in sequence numbers
47 * (should be a multiple of our word size) 48 * (should be a multiple of our word size)
48 */ 49 */
49#define BATADV_TQ_LOCAL_WINDOW_SIZE 64 50#define BATADV_TQ_LOCAL_WINDOW_SIZE 64
50/* miliseconds we have to keep pending tt_req */ 51/* milliseconds we have to keep pending tt_req */
51#define BATADV_TT_REQUEST_TIMEOUT 3000 52#define BATADV_TT_REQUEST_TIMEOUT 3000
52 53
53#define BATADV_TQ_GLOBAL_WINDOW_SIZE 5 54#define BATADV_TQ_GLOBAL_WINDOW_SIZE 5
@@ -59,7 +60,7 @@
59#define BATADV_TT_OGM_APPEND_MAX 3 60#define BATADV_TT_OGM_APPEND_MAX 3
60 61
61/* Time in which a client can roam at most ROAMING_MAX_COUNT times in 62/* Time in which a client can roam at most ROAMING_MAX_COUNT times in
62 * miliseconds 63 * milliseconds
63 */ 64 */
64#define BATADV_ROAMING_MAX_TIME 20000 65#define BATADV_ROAMING_MAX_TIME 20000
65#define BATADV_ROAMING_MAX_COUNT 5 66#define BATADV_ROAMING_MAX_COUNT 5
@@ -123,15 +124,6 @@ enum batadv_uev_type {
123/* Append 'batman-adv: ' before kernel messages */ 124/* Append 'batman-adv: ' before kernel messages */
124#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 125#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
125 126
126/* all messages related to routing / flooding / broadcasting / etc */
127enum batadv_dbg_level {
128 BATADV_DBG_BATMAN = 1 << 0,
129 BATADV_DBG_ROUTES = 1 << 1, /* route added / changed / deleted */
130 BATADV_DBG_TT = 1 << 2, /* translation table operations */
131 BATADV_DBG_BLA = 1 << 3, /* bridge loop avoidance */
132 BATADV_DBG_ALL = 15,
133};
134
135/* Kernel headers */ 127/* Kernel headers */
136 128
137#include <linux/mutex.h> /* mutex */ 129#include <linux/mutex.h> /* mutex */
@@ -173,6 +165,15 @@ int batadv_algo_register(struct batadv_algo_ops *bat_algo_ops);
173int batadv_algo_select(struct batadv_priv *bat_priv, char *name); 165int batadv_algo_select(struct batadv_priv *bat_priv, char *name);
174int batadv_algo_seq_print_text(struct seq_file *seq, void *offset); 166int batadv_algo_seq_print_text(struct seq_file *seq, void *offset);
175 167
168/* all messages related to routing / flooding / broadcasting / etc */
169enum batadv_dbg_level {
170 BATADV_DBG_BATMAN = BIT(0),
171 BATADV_DBG_ROUTES = BIT(1), /* route added / changed / deleted */
172 BATADV_DBG_TT = BIT(2), /* translation table operations */
173 BATADV_DBG_BLA = BIT(3), /* bridge loop avoidance */
174 BATADV_DBG_ALL = 15,
175};
176
176#ifdef CONFIG_BATMAN_ADV_DEBUG 177#ifdef CONFIG_BATMAN_ADV_DEBUG
177int batadv_debug_log(struct batadv_priv *bat_priv, const char *fmt, ...) 178int batadv_debug_log(struct batadv_priv *bat_priv, const char *fmt, ...)
178__printf(2, 3); 179__printf(2, 3);
diff --git a/net/batman-adv/packet.h b/net/batman-adv/packet.h
index 8d3e55a96adc..2d23a14c220e 100644
--- a/net/batman-adv/packet.h
+++ b/net/batman-adv/packet.h
@@ -37,10 +37,10 @@ enum batadv_packettype {
37#define BATADV_COMPAT_VERSION 14 37#define BATADV_COMPAT_VERSION 14
38 38
39enum batadv_iv_flags { 39enum batadv_iv_flags {
40 BATADV_NOT_BEST_NEXT_HOP = 1 << 3, 40 BATADV_NOT_BEST_NEXT_HOP = BIT(3),
41 BATADV_PRIMARIES_FIRST_HOP = 1 << 4, 41 BATADV_PRIMARIES_FIRST_HOP = BIT(4),
42 BATADV_VIS_SERVER = 1 << 5, 42 BATADV_VIS_SERVER = BIT(5),
43 BATADV_DIRECTLINK = 1 << 6, 43 BATADV_DIRECTLINK = BIT(6),
44}; 44};
45 45
46/* ICMP message types */ 46/* ICMP message types */
@@ -60,8 +60,8 @@ enum batadv_vis_packettype {
60 60
61/* fragmentation defines */ 61/* fragmentation defines */
62enum batadv_unicast_frag_flags { 62enum batadv_unicast_frag_flags {
63 BATADV_UNI_FRAG_HEAD = 1 << 0, 63 BATADV_UNI_FRAG_HEAD = BIT(0),
64 BATADV_UNI_FRAG_LARGETAIL = 1 << 1, 64 BATADV_UNI_FRAG_LARGETAIL = BIT(1),
65}; 65};
66 66
67/* TT_QUERY subtypes */ 67/* TT_QUERY subtypes */
@@ -74,26 +74,27 @@ enum batadv_tt_query_packettype {
74 74
75/* TT_QUERY flags */ 75/* TT_QUERY flags */
76enum batadv_tt_query_flags { 76enum batadv_tt_query_flags {
77 BATADV_TT_FULL_TABLE = 1 << 2, 77 BATADV_TT_FULL_TABLE = BIT(2),
78}; 78};
79 79
80/* BATADV_TT_CLIENT flags. 80/* BATADV_TT_CLIENT flags.
81 * Flags from 1 to 1 << 7 are sent on the wire, while flags from 1 << 8 to 81 * Flags from BIT(0) to BIT(7) are sent on the wire, while flags from BIT(8) to
82 * 1 << 15 are used for local computation only 82 * BIT(15) are used for local computation only
83 */ 83 */
84enum batadv_tt_client_flags { 84enum batadv_tt_client_flags {
85 BATADV_TT_CLIENT_DEL = 1 << 0, 85 BATADV_TT_CLIENT_DEL = BIT(0),
86 BATADV_TT_CLIENT_ROAM = 1 << 1, 86 BATADV_TT_CLIENT_ROAM = BIT(1),
87 BATADV_TT_CLIENT_WIFI = 1 << 2, 87 BATADV_TT_CLIENT_WIFI = BIT(2),
88 BATADV_TT_CLIENT_NOPURGE = 1 << 8, 88 BATADV_TT_CLIENT_TEMP = BIT(3),
89 BATADV_TT_CLIENT_NEW = 1 << 9, 89 BATADV_TT_CLIENT_NOPURGE = BIT(8),
90 BATADV_TT_CLIENT_PENDING = 1 << 10, 90 BATADV_TT_CLIENT_NEW = BIT(9),
91 BATADV_TT_CLIENT_PENDING = BIT(10),
91}; 92};
92 93
93/* claim frame types for the bridge loop avoidance */ 94/* claim frame types for the bridge loop avoidance */
94enum batadv_bla_claimframe { 95enum batadv_bla_claimframe {
95 BATADV_CLAIM_TYPE_ADD = 0x00, 96 BATADV_CLAIM_TYPE_CLAIM = 0x00,
96 BATADV_CLAIM_TYPE_DEL = 0x01, 97 BATADV_CLAIM_TYPE_UNCLAIM = 0x01,
97 BATADV_CLAIM_TYPE_ANNOUNCE = 0x02, 98 BATADV_CLAIM_TYPE_ANNOUNCE = 0x02,
98 BATADV_CLAIM_TYPE_REQUEST = 0x03, 99 BATADV_CLAIM_TYPE_REQUEST = 0x03,
99}; 100};
diff --git a/net/batman-adv/routing.c b/net/batman-adv/routing.c
index bc2b88bbea1f..939fc01371df 100644
--- a/net/batman-adv/routing.c
+++ b/net/batman-adv/routing.c
@@ -579,32 +579,45 @@ batadv_find_ifalter_router(struct batadv_orig_node *primary_orig,
579 return router; 579 return router;
580} 580}
581 581
582int batadv_recv_tt_query(struct sk_buff *skb, struct batadv_hard_iface *recv_if) 582static int batadv_check_unicast_packet(struct sk_buff *skb, int hdr_size)
583{ 583{
584 struct batadv_priv *bat_priv = netdev_priv(recv_if->soft_iface);
585 struct batadv_tt_query_packet *tt_query;
586 uint16_t tt_size;
587 struct ethhdr *ethhdr; 584 struct ethhdr *ethhdr;
588 char tt_flag;
589 size_t packet_size;
590 585
591 /* drop packet if it has not necessary minimum size */ 586 /* drop packet if it has not necessary minimum size */
592 if (unlikely(!pskb_may_pull(skb, 587 if (unlikely(!pskb_may_pull(skb, hdr_size)))
593 sizeof(struct batadv_tt_query_packet)))) 588 return -1;
594 goto out;
595
596 /* I could need to modify it */
597 if (skb_cow(skb, sizeof(struct batadv_tt_query_packet)) < 0)
598 goto out;
599 589
600 ethhdr = (struct ethhdr *)skb_mac_header(skb); 590 ethhdr = (struct ethhdr *)skb_mac_header(skb);
601 591
602 /* packet with unicast indication but broadcast recipient */ 592 /* packet with unicast indication but broadcast recipient */
603 if (is_broadcast_ether_addr(ethhdr->h_dest)) 593 if (is_broadcast_ether_addr(ethhdr->h_dest))
604 goto out; 594 return -1;
605 595
606 /* packet with broadcast sender address */ 596 /* packet with broadcast sender address */
607 if (is_broadcast_ether_addr(ethhdr->h_source)) 597 if (is_broadcast_ether_addr(ethhdr->h_source))
598 return -1;
599
600 /* not for me */
601 if (!batadv_is_my_mac(ethhdr->h_dest))
602 return -1;
603
604 return 0;
605}
606
607int batadv_recv_tt_query(struct sk_buff *skb, struct batadv_hard_iface *recv_if)
608{
609 struct batadv_priv *bat_priv = netdev_priv(recv_if->soft_iface);
610 struct batadv_tt_query_packet *tt_query;
611 uint16_t tt_size;
612 int hdr_size = sizeof(*tt_query);
613 char tt_flag;
614 size_t packet_size;
615
616 if (batadv_check_unicast_packet(skb, hdr_size) < 0)
617 return NET_RX_DROP;
618
619 /* I could need to modify it */
620 if (skb_cow(skb, sizeof(struct batadv_tt_query_packet)) < 0)
608 goto out; 621 goto out;
609 622
610 tt_query = (struct batadv_tt_query_packet *)skb->data; 623 tt_query = (struct batadv_tt_query_packet *)skb->data;
@@ -721,7 +734,7 @@ int batadv_recv_roam_adv(struct sk_buff *skb, struct batadv_hard_iface *recv_if)
721 * been incremented yet. This flag will make me check all the incoming 734 * been incremented yet. This flag will make me check all the incoming
722 * packets for the correct destination. 735 * packets for the correct destination.
723 */ 736 */
724 bat_priv->tt_poss_change = true; 737 bat_priv->tt.poss_change = true;
725 738
726 batadv_orig_node_free_ref(orig_node); 739 batadv_orig_node_free_ref(orig_node);
727out: 740out:
@@ -819,31 +832,6 @@ err:
819 return NULL; 832 return NULL;
820} 833}
821 834
822static int batadv_check_unicast_packet(struct sk_buff *skb, int hdr_size)
823{
824 struct ethhdr *ethhdr;
825
826 /* drop packet if it has not necessary minimum size */
827 if (unlikely(!pskb_may_pull(skb, hdr_size)))
828 return -1;
829
830 ethhdr = (struct ethhdr *)skb_mac_header(skb);
831
832 /* packet with unicast indication but broadcast recipient */
833 if (is_broadcast_ether_addr(ethhdr->h_dest))
834 return -1;
835
836 /* packet with broadcast sender address */
837 if (is_broadcast_ether_addr(ethhdr->h_source))
838 return -1;
839
840 /* not for me */
841 if (!batadv_is_my_mac(ethhdr->h_dest))
842 return -1;
843
844 return 0;
845}
846
847static int batadv_route_unicast_packet(struct sk_buff *skb, 835static int batadv_route_unicast_packet(struct sk_buff *skb,
848 struct batadv_hard_iface *recv_if) 836 struct batadv_hard_iface *recv_if)
849{ 837{
@@ -947,8 +935,8 @@ static int batadv_check_unicast_ttvn(struct batadv_priv *bat_priv,
947 unicast_packet = (struct batadv_unicast_packet *)skb->data; 935 unicast_packet = (struct batadv_unicast_packet *)skb->data;
948 936
949 if (batadv_is_my_mac(unicast_packet->dest)) { 937 if (batadv_is_my_mac(unicast_packet->dest)) {
950 tt_poss_change = bat_priv->tt_poss_change; 938 tt_poss_change = bat_priv->tt.poss_change;
951 curr_ttvn = (uint8_t)atomic_read(&bat_priv->ttvn); 939 curr_ttvn = (uint8_t)atomic_read(&bat_priv->tt.vn);
952 } else { 940 } else {
953 orig_node = batadv_orig_hash_find(bat_priv, 941 orig_node = batadv_orig_hash_find(bat_priv,
954 unicast_packet->dest); 942 unicast_packet->dest);
@@ -993,8 +981,7 @@ static int batadv_check_unicast_ttvn(struct batadv_priv *bat_priv,
993 } else { 981 } else {
994 memcpy(unicast_packet->dest, orig_node->orig, 982 memcpy(unicast_packet->dest, orig_node->orig,
995 ETH_ALEN); 983 ETH_ALEN);
996 curr_ttvn = (uint8_t) 984 curr_ttvn = (uint8_t)atomic_read(&orig_node->last_ttvn);
997 atomic_read(&orig_node->last_ttvn);
998 batadv_orig_node_free_ref(orig_node); 985 batadv_orig_node_free_ref(orig_node);
999 } 986 }
1000 987
@@ -1025,8 +1012,9 @@ int batadv_recv_unicast_packet(struct sk_buff *skb,
1025 1012
1026 /* packet for me */ 1013 /* packet for me */
1027 if (batadv_is_my_mac(unicast_packet->dest)) { 1014 if (batadv_is_my_mac(unicast_packet->dest)) {
1028 batadv_interface_rx(recv_if->soft_iface, skb, recv_if, 1015 batadv_interface_rx(recv_if->soft_iface, skb, recv_if, hdr_size,
1029 hdr_size); 1016 NULL);
1017
1030 return NET_RX_SUCCESS; 1018 return NET_RX_SUCCESS;
1031 } 1019 }
1032 1020
@@ -1063,7 +1051,7 @@ int batadv_recv_ucast_frag_packet(struct sk_buff *skb,
1063 return NET_RX_SUCCESS; 1051 return NET_RX_SUCCESS;
1064 1052
1065 batadv_interface_rx(recv_if->soft_iface, new_skb, recv_if, 1053 batadv_interface_rx(recv_if->soft_iface, new_skb, recv_if,
1066 sizeof(struct batadv_unicast_packet)); 1054 sizeof(struct batadv_unicast_packet), NULL);
1067 return NET_RX_SUCCESS; 1055 return NET_RX_SUCCESS;
1068 } 1056 }
1069 1057
@@ -1150,7 +1138,8 @@ int batadv_recv_bcast_packet(struct sk_buff *skb,
1150 goto out; 1138 goto out;
1151 1139
1152 /* broadcast for me */ 1140 /* broadcast for me */
1153 batadv_interface_rx(recv_if->soft_iface, skb, recv_if, hdr_size); 1141 batadv_interface_rx(recv_if->soft_iface, skb, recv_if, hdr_size,
1142 orig_node);
1154 ret = NET_RX_SUCCESS; 1143 ret = NET_RX_SUCCESS;
1155 goto out; 1144 goto out;
1156 1145
diff --git a/net/batman-adv/send.c b/net/batman-adv/send.c
index 3b4b2daa3b3e..570a8bce0364 100644
--- a/net/batman-adv/send.c
+++ b/net/batman-adv/send.c
@@ -190,13 +190,13 @@ out:
190static void batadv_send_outstanding_bcast_packet(struct work_struct *work) 190static void batadv_send_outstanding_bcast_packet(struct work_struct *work)
191{ 191{
192 struct batadv_hard_iface *hard_iface; 192 struct batadv_hard_iface *hard_iface;
193 struct delayed_work *delayed_work = 193 struct delayed_work *delayed_work;
194 container_of(work, struct delayed_work, work);
195 struct batadv_forw_packet *forw_packet; 194 struct batadv_forw_packet *forw_packet;
196 struct sk_buff *skb1; 195 struct sk_buff *skb1;
197 struct net_device *soft_iface; 196 struct net_device *soft_iface;
198 struct batadv_priv *bat_priv; 197 struct batadv_priv *bat_priv;
199 198
199 delayed_work = container_of(work, struct delayed_work, work);
200 forw_packet = container_of(delayed_work, struct batadv_forw_packet, 200 forw_packet = container_of(delayed_work, struct batadv_forw_packet,
201 delayed_work); 201 delayed_work);
202 soft_iface = forw_packet->if_incoming->soft_iface; 202 soft_iface = forw_packet->if_incoming->soft_iface;
@@ -239,11 +239,11 @@ out:
239 239
240void batadv_send_outstanding_bat_ogm_packet(struct work_struct *work) 240void batadv_send_outstanding_bat_ogm_packet(struct work_struct *work)
241{ 241{
242 struct delayed_work *delayed_work = 242 struct delayed_work *delayed_work;
243 container_of(work, struct delayed_work, work);
244 struct batadv_forw_packet *forw_packet; 243 struct batadv_forw_packet *forw_packet;
245 struct batadv_priv *bat_priv; 244 struct batadv_priv *bat_priv;
246 245
246 delayed_work = container_of(work, struct delayed_work, work);
247 forw_packet = container_of(delayed_work, struct batadv_forw_packet, 247 forw_packet = container_of(delayed_work, struct batadv_forw_packet,
248 delayed_work); 248 delayed_work);
249 bat_priv = netdev_priv(forw_packet->if_incoming->soft_iface); 249 bat_priv = netdev_priv(forw_packet->if_incoming->soft_iface);
diff --git a/net/batman-adv/soft-interface.c b/net/batman-adv/soft-interface.c
index 21c53577c8d6..b9a28d2dd3e8 100644
--- a/net/batman-adv/soft-interface.c
+++ b/net/batman-adv/soft-interface.c
@@ -93,7 +93,14 @@ static int batadv_interface_release(struct net_device *dev)
93static struct net_device_stats *batadv_interface_stats(struct net_device *dev) 93static struct net_device_stats *batadv_interface_stats(struct net_device *dev)
94{ 94{
95 struct batadv_priv *bat_priv = netdev_priv(dev); 95 struct batadv_priv *bat_priv = netdev_priv(dev);
96 return &bat_priv->stats; 96 struct net_device_stats *stats = &bat_priv->stats;
97
98 stats->tx_packets = batadv_sum_counter(bat_priv, BATADV_CNT_TX);
99 stats->tx_bytes = batadv_sum_counter(bat_priv, BATADV_CNT_TX_BYTES);
100 stats->tx_dropped = batadv_sum_counter(bat_priv, BATADV_CNT_TX_DROPPED);
101 stats->rx_packets = batadv_sum_counter(bat_priv, BATADV_CNT_RX);
102 stats->rx_bytes = batadv_sum_counter(bat_priv, BATADV_CNT_RX_BYTES);
103 return stats;
97} 104}
98 105
99static int batadv_interface_set_mac_addr(struct net_device *dev, void *p) 106static int batadv_interface_set_mac_addr(struct net_device *dev, void *p)
@@ -145,6 +152,7 @@ static int batadv_interface_tx(struct sk_buff *skb,
145 int data_len = skb->len, ret; 152 int data_len = skb->len, ret;
146 short vid __maybe_unused = -1; 153 short vid __maybe_unused = -1;
147 bool do_bcast = false; 154 bool do_bcast = false;
155 uint32_t seqno;
148 156
149 if (atomic_read(&bat_priv->mesh_state) != BATADV_MESH_ACTIVE) 157 if (atomic_read(&bat_priv->mesh_state) != BATADV_MESH_ACTIVE)
150 goto dropped; 158 goto dropped;
@@ -226,8 +234,8 @@ static int batadv_interface_tx(struct sk_buff *skb,
226 primary_if->net_dev->dev_addr, ETH_ALEN); 234 primary_if->net_dev->dev_addr, ETH_ALEN);
227 235
228 /* set broadcast sequence number */ 236 /* set broadcast sequence number */
229 bcast_packet->seqno = 237 seqno = atomic_inc_return(&bat_priv->bcast_seqno);
230 htonl(atomic_inc_return(&bat_priv->bcast_seqno)); 238 bcast_packet->seqno = htonl(seqno);
231 239
232 batadv_add_bcast_packet_to_list(bat_priv, skb, 1); 240 batadv_add_bcast_packet_to_list(bat_priv, skb, 1);
233 241
@@ -249,14 +257,14 @@ static int batadv_interface_tx(struct sk_buff *skb,
249 goto dropped_freed; 257 goto dropped_freed;
250 } 258 }
251 259
252 bat_priv->stats.tx_packets++; 260 batadv_inc_counter(bat_priv, BATADV_CNT_TX);
253 bat_priv->stats.tx_bytes += data_len; 261 batadv_add_counter(bat_priv, BATADV_CNT_TX_BYTES, data_len);
254 goto end; 262 goto end;
255 263
256dropped: 264dropped:
257 kfree_skb(skb); 265 kfree_skb(skb);
258dropped_freed: 266dropped_freed:
259 bat_priv->stats.tx_dropped++; 267 batadv_inc_counter(bat_priv, BATADV_CNT_TX_DROPPED);
260end: 268end:
261 if (primary_if) 269 if (primary_if)
262 batadv_hardif_free_ref(primary_if); 270 batadv_hardif_free_ref(primary_if);
@@ -265,7 +273,7 @@ end:
265 273
266void batadv_interface_rx(struct net_device *soft_iface, 274void batadv_interface_rx(struct net_device *soft_iface,
267 struct sk_buff *skb, struct batadv_hard_iface *recv_if, 275 struct sk_buff *skb, struct batadv_hard_iface *recv_if,
268 int hdr_size) 276 int hdr_size, struct batadv_orig_node *orig_node)
269{ 277{
270 struct batadv_priv *bat_priv = netdev_priv(soft_iface); 278 struct batadv_priv *bat_priv = netdev_priv(soft_iface);
271 struct ethhdr *ethhdr; 279 struct ethhdr *ethhdr;
@@ -311,11 +319,16 @@ void batadv_interface_rx(struct net_device *soft_iface,
311 319
312 /* skb->ip_summed = CHECKSUM_UNNECESSARY; */ 320 /* skb->ip_summed = CHECKSUM_UNNECESSARY; */
313 321
314 bat_priv->stats.rx_packets++; 322 batadv_inc_counter(bat_priv, BATADV_CNT_RX);
315 bat_priv->stats.rx_bytes += skb->len + ETH_HLEN; 323 batadv_add_counter(bat_priv, BATADV_CNT_RX_BYTES,
324 skb->len + ETH_HLEN);
316 325
317 soft_iface->last_rx = jiffies; 326 soft_iface->last_rx = jiffies;
318 327
328 if (orig_node)
329 batadv_tt_add_temporary_global_entry(bat_priv, orig_node,
330 ethhdr->h_source);
331
319 if (batadv_is_ap_isolated(bat_priv, ethhdr->h_source, ethhdr->h_dest)) 332 if (batadv_is_ap_isolated(bat_priv, ethhdr->h_source, ethhdr->h_dest))
320 goto dropped; 333 goto dropped;
321 334
@@ -382,15 +395,22 @@ struct net_device *batadv_softif_create(const char *name)
382 if (!soft_iface) 395 if (!soft_iface)
383 goto out; 396 goto out;
384 397
398 bat_priv = netdev_priv(soft_iface);
399
400 /* batadv_interface_stats() needs to be available as soon as
401 * register_netdevice() has been called
402 */
403 bat_priv->bat_counters = __alloc_percpu(cnt_len, __alignof__(uint64_t));
404 if (!bat_priv->bat_counters)
405 goto free_soft_iface;
406
385 ret = register_netdevice(soft_iface); 407 ret = register_netdevice(soft_iface);
386 if (ret < 0) { 408 if (ret < 0) {
387 pr_err("Unable to register the batman interface '%s': %i\n", 409 pr_err("Unable to register the batman interface '%s': %i\n",
388 name, ret); 410 name, ret);
389 goto free_soft_iface; 411 goto free_bat_counters;
390 } 412 }
391 413
392 bat_priv = netdev_priv(soft_iface);
393
394 atomic_set(&bat_priv->aggregated_ogms, 1); 414 atomic_set(&bat_priv->aggregated_ogms, 1);
395 atomic_set(&bat_priv->bonding, 0); 415 atomic_set(&bat_priv->bonding, 0);
396 atomic_set(&bat_priv->bridge_loop_avoidance, 0); 416 atomic_set(&bat_priv->bridge_loop_avoidance, 0);
@@ -408,29 +428,26 @@ struct net_device *batadv_softif_create(const char *name)
408 428
409 atomic_set(&bat_priv->mesh_state, BATADV_MESH_INACTIVE); 429 atomic_set(&bat_priv->mesh_state, BATADV_MESH_INACTIVE);
410 atomic_set(&bat_priv->bcast_seqno, 1); 430 atomic_set(&bat_priv->bcast_seqno, 1);
411 atomic_set(&bat_priv->ttvn, 0); 431 atomic_set(&bat_priv->tt.vn, 0);
412 atomic_set(&bat_priv->tt_local_changes, 0); 432 atomic_set(&bat_priv->tt.local_changes, 0);
413 atomic_set(&bat_priv->tt_ogm_append_cnt, 0); 433 atomic_set(&bat_priv->tt.ogm_append_cnt, 0);
414 atomic_set(&bat_priv->bla_num_requests, 0); 434#ifdef CONFIG_BATMAN_ADV_BLA
415 435 atomic_set(&bat_priv->bla.num_requests, 0);
416 bat_priv->tt_buff = NULL; 436#endif
417 bat_priv->tt_buff_len = 0; 437 bat_priv->tt.last_changeset = NULL;
418 bat_priv->tt_poss_change = false; 438 bat_priv->tt.last_changeset_len = 0;
439 bat_priv->tt.poss_change = false;
419 440
420 bat_priv->primary_if = NULL; 441 bat_priv->primary_if = NULL;
421 bat_priv->num_ifaces = 0; 442 bat_priv->num_ifaces = 0;
422 443
423 bat_priv->bat_counters = __alloc_percpu(cnt_len, __alignof__(uint64_t));
424 if (!bat_priv->bat_counters)
425 goto unreg_soft_iface;
426
427 ret = batadv_algo_select(bat_priv, batadv_routing_algo); 444 ret = batadv_algo_select(bat_priv, batadv_routing_algo);
428 if (ret < 0) 445 if (ret < 0)
429 goto free_bat_counters; 446 goto unreg_soft_iface;
430 447
431 ret = batadv_sysfs_add_meshif(soft_iface); 448 ret = batadv_sysfs_add_meshif(soft_iface);
432 if (ret < 0) 449 if (ret < 0)
433 goto free_bat_counters; 450 goto unreg_soft_iface;
434 451
435 ret = batadv_debugfs_add_meshif(soft_iface); 452 ret = batadv_debugfs_add_meshif(soft_iface);
436 if (ret < 0) 453 if (ret < 0)
@@ -446,12 +463,13 @@ unreg_debugfs:
446 batadv_debugfs_del_meshif(soft_iface); 463 batadv_debugfs_del_meshif(soft_iface);
447unreg_sysfs: 464unreg_sysfs:
448 batadv_sysfs_del_meshif(soft_iface); 465 batadv_sysfs_del_meshif(soft_iface);
449free_bat_counters:
450 free_percpu(bat_priv->bat_counters);
451unreg_soft_iface: 466unreg_soft_iface:
467 free_percpu(bat_priv->bat_counters);
452 unregister_netdevice(soft_iface); 468 unregister_netdevice(soft_iface);
453 return NULL; 469 return NULL;
454 470
471free_bat_counters:
472 free_percpu(bat_priv->bat_counters);
455free_soft_iface: 473free_soft_iface:
456 free_netdev(soft_iface); 474 free_netdev(soft_iface);
457out: 475out:
@@ -521,6 +539,11 @@ static u32 batadv_get_link(struct net_device *dev)
521static const struct { 539static const struct {
522 const char name[ETH_GSTRING_LEN]; 540 const char name[ETH_GSTRING_LEN];
523} batadv_counters_strings[] = { 541} batadv_counters_strings[] = {
542 { "tx" },
543 { "tx_bytes" },
544 { "tx_dropped" },
545 { "rx" },
546 { "rx_bytes" },
524 { "forward" }, 547 { "forward" },
525 { "forward_bytes" }, 548 { "forward_bytes" },
526 { "mgmt_tx" }, 549 { "mgmt_tx" },
diff --git a/net/batman-adv/soft-interface.h b/net/batman-adv/soft-interface.h
index 852c683b06a1..07a08fed28b9 100644
--- a/net/batman-adv/soft-interface.h
+++ b/net/batman-adv/soft-interface.h
@@ -21,8 +21,9 @@
21#define _NET_BATMAN_ADV_SOFT_INTERFACE_H_ 21#define _NET_BATMAN_ADV_SOFT_INTERFACE_H_
22 22
23int batadv_skb_head_push(struct sk_buff *skb, unsigned int len); 23int batadv_skb_head_push(struct sk_buff *skb, unsigned int len);
24void batadv_interface_rx(struct net_device *soft_iface, struct sk_buff *skb, 24void batadv_interface_rx(struct net_device *soft_iface,
25 struct batadv_hard_iface *recv_if, int hdr_size); 25 struct sk_buff *skb, struct batadv_hard_iface *recv_if,
26 int hdr_size, struct batadv_orig_node *orig_node);
26struct net_device *batadv_softif_create(const char *name); 27struct net_device *batadv_softif_create(const char *name);
27void batadv_softif_destroy(struct net_device *soft_iface); 28void batadv_softif_destroy(struct net_device *soft_iface);
28int batadv_softif_is_valid(const struct net_device *net_dev); 29int batadv_softif_is_valid(const struct net_device *net_dev);
diff --git a/net/batman-adv/translation-table.c b/net/batman-adv/translation-table.c
index 99dd8f75b3ff..112edd371b2f 100644
--- a/net/batman-adv/translation-table.c
+++ b/net/batman-adv/translation-table.c
@@ -34,6 +34,10 @@ static void batadv_send_roam_adv(struct batadv_priv *bat_priv, uint8_t *client,
34static void batadv_tt_purge(struct work_struct *work); 34static void batadv_tt_purge(struct work_struct *work);
35static void 35static void
36batadv_tt_global_del_orig_list(struct batadv_tt_global_entry *tt_global_entry); 36batadv_tt_global_del_orig_list(struct batadv_tt_global_entry *tt_global_entry);
37static void batadv_tt_global_del(struct batadv_priv *bat_priv,
38 struct batadv_orig_node *orig_node,
39 const unsigned char *addr,
40 const char *message, bool roaming);
37 41
38/* returns 1 if they are the same mac addr */ 42/* returns 1 if they are the same mac addr */
39static int batadv_compare_tt(const struct hlist_node *node, const void *data2) 43static int batadv_compare_tt(const struct hlist_node *node, const void *data2)
@@ -46,8 +50,8 @@ static int batadv_compare_tt(const struct hlist_node *node, const void *data2)
46 50
47static void batadv_tt_start_timer(struct batadv_priv *bat_priv) 51static void batadv_tt_start_timer(struct batadv_priv *bat_priv)
48{ 52{
49 INIT_DELAYED_WORK(&bat_priv->tt_work, batadv_tt_purge); 53 INIT_DELAYED_WORK(&bat_priv->tt.work, batadv_tt_purge);
50 queue_delayed_work(batadv_event_workqueue, &bat_priv->tt_work, 54 queue_delayed_work(batadv_event_workqueue, &bat_priv->tt.work,
51 msecs_to_jiffies(5000)); 55 msecs_to_jiffies(5000));
52} 56}
53 57
@@ -88,7 +92,7 @@ batadv_tt_local_hash_find(struct batadv_priv *bat_priv, const void *data)
88 struct batadv_tt_common_entry *tt_common_entry; 92 struct batadv_tt_common_entry *tt_common_entry;
89 struct batadv_tt_local_entry *tt_local_entry = NULL; 93 struct batadv_tt_local_entry *tt_local_entry = NULL;
90 94
91 tt_common_entry = batadv_tt_hash_find(bat_priv->tt_local_hash, data); 95 tt_common_entry = batadv_tt_hash_find(bat_priv->tt.local_hash, data);
92 if (tt_common_entry) 96 if (tt_common_entry)
93 tt_local_entry = container_of(tt_common_entry, 97 tt_local_entry = container_of(tt_common_entry,
94 struct batadv_tt_local_entry, 98 struct batadv_tt_local_entry,
@@ -102,7 +106,7 @@ batadv_tt_global_hash_find(struct batadv_priv *bat_priv, const void *data)
102 struct batadv_tt_common_entry *tt_common_entry; 106 struct batadv_tt_common_entry *tt_common_entry;
103 struct batadv_tt_global_entry *tt_global_entry = NULL; 107 struct batadv_tt_global_entry *tt_global_entry = NULL;
104 108
105 tt_common_entry = batadv_tt_hash_find(bat_priv->tt_global_hash, data); 109 tt_common_entry = batadv_tt_hash_find(bat_priv->tt.global_hash, data);
106 if (tt_common_entry) 110 if (tt_common_entry)
107 tt_global_entry = container_of(tt_common_entry, 111 tt_global_entry = container_of(tt_common_entry,
108 struct batadv_tt_global_entry, 112 struct batadv_tt_global_entry,
@@ -152,6 +156,8 @@ static void batadv_tt_orig_list_entry_free_rcu(struct rcu_head *rcu)
152static void 156static void
153batadv_tt_orig_list_entry_free_ref(struct batadv_tt_orig_list_entry *orig_entry) 157batadv_tt_orig_list_entry_free_ref(struct batadv_tt_orig_list_entry *orig_entry)
154{ 158{
159 if (!atomic_dec_and_test(&orig_entry->refcount))
160 return;
155 /* to avoid race conditions, immediately decrease the tt counter */ 161 /* to avoid race conditions, immediately decrease the tt counter */
156 atomic_dec(&orig_entry->orig_node->tt_size); 162 atomic_dec(&orig_entry->orig_node->tt_size);
157 call_rcu(&orig_entry->rcu, batadv_tt_orig_list_entry_free_rcu); 163 call_rcu(&orig_entry->rcu, batadv_tt_orig_list_entry_free_rcu);
@@ -175,8 +181,8 @@ static void batadv_tt_local_event(struct batadv_priv *bat_priv,
175 del_op_requested = flags & BATADV_TT_CLIENT_DEL; 181 del_op_requested = flags & BATADV_TT_CLIENT_DEL;
176 182
177 /* check for ADD+DEL or DEL+ADD events */ 183 /* check for ADD+DEL or DEL+ADD events */
178 spin_lock_bh(&bat_priv->tt_changes_list_lock); 184 spin_lock_bh(&bat_priv->tt.changes_list_lock);
179 list_for_each_entry_safe(entry, safe, &bat_priv->tt_changes_list, 185 list_for_each_entry_safe(entry, safe, &bat_priv->tt.changes_list,
180 list) { 186 list) {
181 if (!batadv_compare_eth(entry->change.addr, addr)) 187 if (!batadv_compare_eth(entry->change.addr, addr))
182 continue; 188 continue;
@@ -203,15 +209,15 @@ del:
203 } 209 }
204 210
205 /* track the change in the OGMinterval list */ 211 /* track the change in the OGMinterval list */
206 list_add_tail(&tt_change_node->list, &bat_priv->tt_changes_list); 212 list_add_tail(&tt_change_node->list, &bat_priv->tt.changes_list);
207 213
208unlock: 214unlock:
209 spin_unlock_bh(&bat_priv->tt_changes_list_lock); 215 spin_unlock_bh(&bat_priv->tt.changes_list_lock);
210 216
211 if (event_removed) 217 if (event_removed)
212 atomic_dec(&bat_priv->tt_local_changes); 218 atomic_dec(&bat_priv->tt.local_changes);
213 else 219 else
214 atomic_inc(&bat_priv->tt_local_changes); 220 atomic_inc(&bat_priv->tt.local_changes);
215} 221}
216 222
217int batadv_tt_len(int changes_num) 223int batadv_tt_len(int changes_num)
@@ -221,12 +227,12 @@ int batadv_tt_len(int changes_num)
221 227
222static int batadv_tt_local_init(struct batadv_priv *bat_priv) 228static int batadv_tt_local_init(struct batadv_priv *bat_priv)
223{ 229{
224 if (bat_priv->tt_local_hash) 230 if (bat_priv->tt.local_hash)
225 return 0; 231 return 0;
226 232
227 bat_priv->tt_local_hash = batadv_hash_new(1024); 233 bat_priv->tt.local_hash = batadv_hash_new(1024);
228 234
229 if (!bat_priv->tt_local_hash) 235 if (!bat_priv->tt.local_hash)
230 return -ENOMEM; 236 return -ENOMEM;
231 237
232 return 0; 238 return 0;
@@ -258,7 +264,7 @@ void batadv_tt_local_add(struct net_device *soft_iface, const uint8_t *addr,
258 264
259 batadv_dbg(BATADV_DBG_TT, bat_priv, 265 batadv_dbg(BATADV_DBG_TT, bat_priv,
260 "Creating new local tt entry: %pM (ttvn: %d)\n", addr, 266 "Creating new local tt entry: %pM (ttvn: %d)\n", addr,
261 (uint8_t)atomic_read(&bat_priv->ttvn)); 267 (uint8_t)atomic_read(&bat_priv->tt.vn));
262 268
263 memcpy(tt_local_entry->common.addr, addr, ETH_ALEN); 269 memcpy(tt_local_entry->common.addr, addr, ETH_ALEN);
264 tt_local_entry->common.flags = BATADV_NO_FLAGS; 270 tt_local_entry->common.flags = BATADV_NO_FLAGS;
@@ -266,6 +272,7 @@ void batadv_tt_local_add(struct net_device *soft_iface, const uint8_t *addr,
266 tt_local_entry->common.flags |= BATADV_TT_CLIENT_WIFI; 272 tt_local_entry->common.flags |= BATADV_TT_CLIENT_WIFI;
267 atomic_set(&tt_local_entry->common.refcount, 2); 273 atomic_set(&tt_local_entry->common.refcount, 2);
268 tt_local_entry->last_seen = jiffies; 274 tt_local_entry->last_seen = jiffies;
275 tt_local_entry->common.added_at = tt_local_entry->last_seen;
269 276
270 /* the batman interface mac address should never be purged */ 277 /* the batman interface mac address should never be purged */
271 if (batadv_compare_eth(addr, soft_iface->dev_addr)) 278 if (batadv_compare_eth(addr, soft_iface->dev_addr))
@@ -277,7 +284,7 @@ void batadv_tt_local_add(struct net_device *soft_iface, const uint8_t *addr,
277 */ 284 */
278 tt_local_entry->common.flags |= BATADV_TT_CLIENT_NEW; 285 tt_local_entry->common.flags |= BATADV_TT_CLIENT_NEW;
279 286
280 hash_added = batadv_hash_add(bat_priv->tt_local_hash, batadv_compare_tt, 287 hash_added = batadv_hash_add(bat_priv->tt.local_hash, batadv_compare_tt,
281 batadv_choose_orig, 288 batadv_choose_orig,
282 &tt_local_entry->common, 289 &tt_local_entry->common,
283 &tt_local_entry->common.hash_entry); 290 &tt_local_entry->common.hash_entry);
@@ -348,7 +355,7 @@ static void batadv_tt_prepare_packet_buff(struct batadv_priv *bat_priv,
348 primary_if = batadv_primary_if_get_selected(bat_priv); 355 primary_if = batadv_primary_if_get_selected(bat_priv);
349 356
350 req_len = min_packet_len; 357 req_len = min_packet_len;
351 req_len += batadv_tt_len(atomic_read(&bat_priv->tt_local_changes)); 358 req_len += batadv_tt_len(atomic_read(&bat_priv->tt.local_changes));
352 359
353 /* if we have too many changes for one packet don't send any 360 /* if we have too many changes for one packet don't send any
354 * and wait for the tt table request which will be fragmented 361 * and wait for the tt table request which will be fragmented
@@ -381,10 +388,10 @@ static int batadv_tt_changes_fill_buff(struct batadv_priv *bat_priv,
381 if (new_len > 0) 388 if (new_len > 0)
382 tot_changes = new_len / batadv_tt_len(1); 389 tot_changes = new_len / batadv_tt_len(1);
383 390
384 spin_lock_bh(&bat_priv->tt_changes_list_lock); 391 spin_lock_bh(&bat_priv->tt.changes_list_lock);
385 atomic_set(&bat_priv->tt_local_changes, 0); 392 atomic_set(&bat_priv->tt.local_changes, 0);
386 393
387 list_for_each_entry_safe(entry, safe, &bat_priv->tt_changes_list, 394 list_for_each_entry_safe(entry, safe, &bat_priv->tt.changes_list,
388 list) { 395 list) {
389 if (count < tot_changes) { 396 if (count < tot_changes) {
390 memcpy(tt_buff + batadv_tt_len(count), 397 memcpy(tt_buff + batadv_tt_len(count),
@@ -394,25 +401,25 @@ static int batadv_tt_changes_fill_buff(struct batadv_priv *bat_priv,
394 list_del(&entry->list); 401 list_del(&entry->list);
395 kfree(entry); 402 kfree(entry);
396 } 403 }
397 spin_unlock_bh(&bat_priv->tt_changes_list_lock); 404 spin_unlock_bh(&bat_priv->tt.changes_list_lock);
398 405
399 /* Keep the buffer for possible tt_request */ 406 /* Keep the buffer for possible tt_request */
400 spin_lock_bh(&bat_priv->tt_buff_lock); 407 spin_lock_bh(&bat_priv->tt.last_changeset_lock);
401 kfree(bat_priv->tt_buff); 408 kfree(bat_priv->tt.last_changeset);
402 bat_priv->tt_buff_len = 0; 409 bat_priv->tt.last_changeset_len = 0;
403 bat_priv->tt_buff = NULL; 410 bat_priv->tt.last_changeset = NULL;
404 /* check whether this new OGM has no changes due to size problems */ 411 /* check whether this new OGM has no changes due to size problems */
405 if (new_len > 0) { 412 if (new_len > 0) {
406 /* if kmalloc() fails we will reply with the full table 413 /* if kmalloc() fails we will reply with the full table
407 * instead of providing the diff 414 * instead of providing the diff
408 */ 415 */
409 bat_priv->tt_buff = kmalloc(new_len, GFP_ATOMIC); 416 bat_priv->tt.last_changeset = kmalloc(new_len, GFP_ATOMIC);
410 if (bat_priv->tt_buff) { 417 if (bat_priv->tt.last_changeset) {
411 memcpy(bat_priv->tt_buff, tt_buff, new_len); 418 memcpy(bat_priv->tt.last_changeset, tt_buff, new_len);
412 bat_priv->tt_buff_len = new_len; 419 bat_priv->tt.last_changeset_len = new_len;
413 } 420 }
414 } 421 }
415 spin_unlock_bh(&bat_priv->tt_buff_lock); 422 spin_unlock_bh(&bat_priv->tt.last_changeset_lock);
416 423
417 return count; 424 return count;
418} 425}
@@ -421,7 +428,7 @@ int batadv_tt_local_seq_print_text(struct seq_file *seq, void *offset)
421{ 428{
422 struct net_device *net_dev = (struct net_device *)seq->private; 429 struct net_device *net_dev = (struct net_device *)seq->private;
423 struct batadv_priv *bat_priv = netdev_priv(net_dev); 430 struct batadv_priv *bat_priv = netdev_priv(net_dev);
424 struct batadv_hashtable *hash = bat_priv->tt_local_hash; 431 struct batadv_hashtable *hash = bat_priv->tt.local_hash;
425 struct batadv_tt_common_entry *tt_common_entry; 432 struct batadv_tt_common_entry *tt_common_entry;
426 struct batadv_hard_iface *primary_if; 433 struct batadv_hard_iface *primary_if;
427 struct hlist_node *node; 434 struct hlist_node *node;
@@ -446,7 +453,7 @@ int batadv_tt_local_seq_print_text(struct seq_file *seq, void *offset)
446 453
447 seq_printf(seq, 454 seq_printf(seq,
448 "Locally retrieved addresses (from %s) announced via TT (TTVN: %u):\n", 455 "Locally retrieved addresses (from %s) announced via TT (TTVN: %u):\n",
449 net_dev->name, (uint8_t)atomic_read(&bat_priv->ttvn)); 456 net_dev->name, (uint8_t)atomic_read(&bat_priv->tt.vn));
450 457
451 for (i = 0; i < hash->size; i++) { 458 for (i = 0; i < hash->size; i++) {
452 head = &hash->table[i]; 459 head = &hash->table[i];
@@ -544,7 +551,7 @@ static void batadv_tt_local_purge_list(struct batadv_priv *bat_priv,
544 551
545static void batadv_tt_local_purge(struct batadv_priv *bat_priv) 552static void batadv_tt_local_purge(struct batadv_priv *bat_priv)
546{ 553{
547 struct batadv_hashtable *hash = bat_priv->tt_local_hash; 554 struct batadv_hashtable *hash = bat_priv->tt.local_hash;
548 struct hlist_head *head; 555 struct hlist_head *head;
549 spinlock_t *list_lock; /* protects write access to the hash lists */ 556 spinlock_t *list_lock; /* protects write access to the hash lists */
550 uint32_t i; 557 uint32_t i;
@@ -570,10 +577,10 @@ static void batadv_tt_local_table_free(struct batadv_priv *bat_priv)
570 struct hlist_head *head; 577 struct hlist_head *head;
571 uint32_t i; 578 uint32_t i;
572 579
573 if (!bat_priv->tt_local_hash) 580 if (!bat_priv->tt.local_hash)
574 return; 581 return;
575 582
576 hash = bat_priv->tt_local_hash; 583 hash = bat_priv->tt.local_hash;
577 584
578 for (i = 0; i < hash->size; i++) { 585 for (i = 0; i < hash->size; i++) {
579 head = &hash->table[i]; 586 head = &hash->table[i];
@@ -593,17 +600,17 @@ static void batadv_tt_local_table_free(struct batadv_priv *bat_priv)
593 600
594 batadv_hash_destroy(hash); 601 batadv_hash_destroy(hash);
595 602
596 bat_priv->tt_local_hash = NULL; 603 bat_priv->tt.local_hash = NULL;
597} 604}
598 605
599static int batadv_tt_global_init(struct batadv_priv *bat_priv) 606static int batadv_tt_global_init(struct batadv_priv *bat_priv)
600{ 607{
601 if (bat_priv->tt_global_hash) 608 if (bat_priv->tt.global_hash)
602 return 0; 609 return 0;
603 610
604 bat_priv->tt_global_hash = batadv_hash_new(1024); 611 bat_priv->tt.global_hash = batadv_hash_new(1024);
605 612
606 if (!bat_priv->tt_global_hash) 613 if (!bat_priv->tt.global_hash)
607 return -ENOMEM; 614 return -ENOMEM;
608 615
609 return 0; 616 return 0;
@@ -613,62 +620,99 @@ static void batadv_tt_changes_list_free(struct batadv_priv *bat_priv)
613{ 620{
614 struct batadv_tt_change_node *entry, *safe; 621 struct batadv_tt_change_node *entry, *safe;
615 622
616 spin_lock_bh(&bat_priv->tt_changes_list_lock); 623 spin_lock_bh(&bat_priv->tt.changes_list_lock);
617 624
618 list_for_each_entry_safe(entry, safe, &bat_priv->tt_changes_list, 625 list_for_each_entry_safe(entry, safe, &bat_priv->tt.changes_list,
619 list) { 626 list) {
620 list_del(&entry->list); 627 list_del(&entry->list);
621 kfree(entry); 628 kfree(entry);
622 } 629 }
623 630
624 atomic_set(&bat_priv->tt_local_changes, 0); 631 atomic_set(&bat_priv->tt.local_changes, 0);
625 spin_unlock_bh(&bat_priv->tt_changes_list_lock); 632 spin_unlock_bh(&bat_priv->tt.changes_list_lock);
626} 633}
627 634
628/* find out if an orig_node is already in the list of a tt_global_entry. 635/* retrieves the orig_tt_list_entry belonging to orig_node from the
629 * returns 1 if found, 0 otherwise 636 * batadv_tt_global_entry list
637 *
638 * returns it with an increased refcounter, NULL if not found
630 */ 639 */
631static bool 640static struct batadv_tt_orig_list_entry *
632batadv_tt_global_entry_has_orig(const struct batadv_tt_global_entry *entry, 641batadv_tt_global_orig_entry_find(const struct batadv_tt_global_entry *entry,
633 const struct batadv_orig_node *orig_node) 642 const struct batadv_orig_node *orig_node)
634{ 643{
635 struct batadv_tt_orig_list_entry *tmp_orig_entry; 644 struct batadv_tt_orig_list_entry *tmp_orig_entry, *orig_entry = NULL;
636 const struct hlist_head *head; 645 const struct hlist_head *head;
637 struct hlist_node *node; 646 struct hlist_node *node;
638 bool found = false;
639 647
640 rcu_read_lock(); 648 rcu_read_lock();
641 head = &entry->orig_list; 649 head = &entry->orig_list;
642 hlist_for_each_entry_rcu(tmp_orig_entry, node, head, list) { 650 hlist_for_each_entry_rcu(tmp_orig_entry, node, head, list) {
643 if (tmp_orig_entry->orig_node == orig_node) { 651 if (tmp_orig_entry->orig_node != orig_node)
644 found = true; 652 continue;
645 break; 653 if (!atomic_inc_not_zero(&tmp_orig_entry->refcount))
646 } 654 continue;
655
656 orig_entry = tmp_orig_entry;
657 break;
647 } 658 }
648 rcu_read_unlock(); 659 rcu_read_unlock();
660
661 return orig_entry;
662}
663
664/* find out if an orig_node is already in the list of a tt_global_entry.
665 * returns true if found, false otherwise
666 */
667static bool
668batadv_tt_global_entry_has_orig(const struct batadv_tt_global_entry *entry,
669 const struct batadv_orig_node *orig_node)
670{
671 struct batadv_tt_orig_list_entry *orig_entry;
672 bool found = false;
673
674 orig_entry = batadv_tt_global_orig_entry_find(entry, orig_node);
675 if (orig_entry) {
676 found = true;
677 batadv_tt_orig_list_entry_free_ref(orig_entry);
678 }
679
649 return found; 680 return found;
650} 681}
651 682
652static void 683static void
653batadv_tt_global_add_orig_entry(struct batadv_tt_global_entry *tt_global_entry, 684batadv_tt_global_orig_entry_add(struct batadv_tt_global_entry *tt_global,
654 struct batadv_orig_node *orig_node, int ttvn) 685 struct batadv_orig_node *orig_node, int ttvn)
655{ 686{
656 struct batadv_tt_orig_list_entry *orig_entry; 687 struct batadv_tt_orig_list_entry *orig_entry;
657 688
689 orig_entry = batadv_tt_global_orig_entry_find(tt_global, orig_node);
690 if (orig_entry) {
691 /* refresh the ttvn: the current value could be a bogus one that
692 * was added during a "temporary client detection"
693 */
694 orig_entry->ttvn = ttvn;
695 goto out;
696 }
697
658 orig_entry = kzalloc(sizeof(*orig_entry), GFP_ATOMIC); 698 orig_entry = kzalloc(sizeof(*orig_entry), GFP_ATOMIC);
659 if (!orig_entry) 699 if (!orig_entry)
660 return; 700 goto out;
661 701
662 INIT_HLIST_NODE(&orig_entry->list); 702 INIT_HLIST_NODE(&orig_entry->list);
663 atomic_inc(&orig_node->refcount); 703 atomic_inc(&orig_node->refcount);
664 atomic_inc(&orig_node->tt_size); 704 atomic_inc(&orig_node->tt_size);
665 orig_entry->orig_node = orig_node; 705 orig_entry->orig_node = orig_node;
666 orig_entry->ttvn = ttvn; 706 orig_entry->ttvn = ttvn;
707 atomic_set(&orig_entry->refcount, 2);
667 708
668 spin_lock_bh(&tt_global_entry->list_lock); 709 spin_lock_bh(&tt_global->list_lock);
669 hlist_add_head_rcu(&orig_entry->list, 710 hlist_add_head_rcu(&orig_entry->list,
670 &tt_global_entry->orig_list); 711 &tt_global->orig_list);
671 spin_unlock_bh(&tt_global_entry->list_lock); 712 spin_unlock_bh(&tt_global->list_lock);
713out:
714 if (orig_entry)
715 batadv_tt_orig_list_entry_free_ref(orig_entry);
672} 716}
673 717
674/* caller must hold orig_node refcount */ 718/* caller must hold orig_node refcount */
@@ -695,11 +739,12 @@ int batadv_tt_global_add(struct batadv_priv *bat_priv,
695 common->flags = flags; 739 common->flags = flags;
696 tt_global_entry->roam_at = 0; 740 tt_global_entry->roam_at = 0;
697 atomic_set(&common->refcount, 2); 741 atomic_set(&common->refcount, 2);
742 common->added_at = jiffies;
698 743
699 INIT_HLIST_HEAD(&tt_global_entry->orig_list); 744 INIT_HLIST_HEAD(&tt_global_entry->orig_list);
700 spin_lock_init(&tt_global_entry->list_lock); 745 spin_lock_init(&tt_global_entry->list_lock);
701 746
702 hash_added = batadv_hash_add(bat_priv->tt_global_hash, 747 hash_added = batadv_hash_add(bat_priv->tt.global_hash,
703 batadv_compare_tt, 748 batadv_compare_tt,
704 batadv_choose_orig, common, 749 batadv_choose_orig, common,
705 &common->hash_entry); 750 &common->hash_entry);
@@ -709,11 +754,20 @@ int batadv_tt_global_add(struct batadv_priv *bat_priv,
709 batadv_tt_global_entry_free_ref(tt_global_entry); 754 batadv_tt_global_entry_free_ref(tt_global_entry);
710 goto out_remove; 755 goto out_remove;
711 } 756 }
712
713 batadv_tt_global_add_orig_entry(tt_global_entry, orig_node,
714 ttvn);
715 } else { 757 } else {
716 /* there is already a global entry, use this one. */ 758 /* If there is already a global entry, we can use this one for
759 * our processing.
760 * But if we are trying to add a temporary client we can exit
761 * directly because the temporary information should never
762 * override any already known client state (whatever it is)
763 */
764 if (flags & BATADV_TT_CLIENT_TEMP)
765 goto out;
766
767 /* if the client was temporary added before receiving the first
768 * OGM announcing it, we have to clear the TEMP flag
769 */
770 tt_global_entry->common.flags &= ~BATADV_TT_CLIENT_TEMP;
717 771
718 /* If there is the BATADV_TT_CLIENT_ROAM flag set, there is only 772 /* If there is the BATADV_TT_CLIENT_ROAM flag set, there is only
719 * one originator left in the list and we previously received a 773 * one originator left in the list and we previously received a
@@ -727,12 +781,9 @@ int batadv_tt_global_add(struct batadv_priv *bat_priv,
727 tt_global_entry->common.flags &= ~BATADV_TT_CLIENT_ROAM; 781 tt_global_entry->common.flags &= ~BATADV_TT_CLIENT_ROAM;
728 tt_global_entry->roam_at = 0; 782 tt_global_entry->roam_at = 0;
729 } 783 }
730
731 if (!batadv_tt_global_entry_has_orig(tt_global_entry,
732 orig_node))
733 batadv_tt_global_add_orig_entry(tt_global_entry,
734 orig_node, ttvn);
735 } 784 }
785 /* add the new orig_entry (if needed) or update it */
786 batadv_tt_global_orig_entry_add(tt_global_entry, orig_node, ttvn);
736 787
737 batadv_dbg(BATADV_DBG_TT, bat_priv, 788 batadv_dbg(BATADV_DBG_TT, bat_priv,
738 "Creating new global tt entry: %pM (via %pM)\n", 789 "Creating new global tt entry: %pM (via %pM)\n",
@@ -771,11 +822,12 @@ batadv_tt_global_print_entry(struct batadv_tt_global_entry *tt_global_entry,
771 hlist_for_each_entry_rcu(orig_entry, node, head, list) { 822 hlist_for_each_entry_rcu(orig_entry, node, head, list) {
772 flags = tt_common_entry->flags; 823 flags = tt_common_entry->flags;
773 last_ttvn = atomic_read(&orig_entry->orig_node->last_ttvn); 824 last_ttvn = atomic_read(&orig_entry->orig_node->last_ttvn);
774 seq_printf(seq, " * %pM (%3u) via %pM (%3u) [%c%c]\n", 825 seq_printf(seq, " * %pM (%3u) via %pM (%3u) [%c%c%c]\n",
775 tt_global_entry->common.addr, orig_entry->ttvn, 826 tt_global_entry->common.addr, orig_entry->ttvn,
776 orig_entry->orig_node->orig, last_ttvn, 827 orig_entry->orig_node->orig, last_ttvn,
777 (flags & BATADV_TT_CLIENT_ROAM ? 'R' : '.'), 828 (flags & BATADV_TT_CLIENT_ROAM ? 'R' : '.'),
778 (flags & BATADV_TT_CLIENT_WIFI ? 'W' : '.')); 829 (flags & BATADV_TT_CLIENT_WIFI ? 'W' : '.'),
830 (flags & BATADV_TT_CLIENT_TEMP ? 'T' : '.'));
779 } 831 }
780} 832}
781 833
@@ -783,7 +835,7 @@ int batadv_tt_global_seq_print_text(struct seq_file *seq, void *offset)
783{ 835{
784 struct net_device *net_dev = (struct net_device *)seq->private; 836 struct net_device *net_dev = (struct net_device *)seq->private;
785 struct batadv_priv *bat_priv = netdev_priv(net_dev); 837 struct batadv_priv *bat_priv = netdev_priv(net_dev);
786 struct batadv_hashtable *hash = bat_priv->tt_global_hash; 838 struct batadv_hashtable *hash = bat_priv->tt.global_hash;
787 struct batadv_tt_common_entry *tt_common_entry; 839 struct batadv_tt_common_entry *tt_common_entry;
788 struct batadv_tt_global_entry *tt_global; 840 struct batadv_tt_global_entry *tt_global;
789 struct batadv_hard_iface *primary_if; 841 struct batadv_hard_iface *primary_if;
@@ -884,7 +936,7 @@ batadv_tt_global_del_struct(struct batadv_priv *bat_priv,
884 "Deleting global tt entry %pM: %s\n", 936 "Deleting global tt entry %pM: %s\n",
885 tt_global_entry->common.addr, message); 937 tt_global_entry->common.addr, message);
886 938
887 batadv_hash_remove(bat_priv->tt_global_hash, batadv_compare_tt, 939 batadv_hash_remove(bat_priv->tt.global_hash, batadv_compare_tt,
888 batadv_choose_orig, tt_global_entry->common.addr); 940 batadv_choose_orig, tt_global_entry->common.addr);
889 batadv_tt_global_entry_free_ref(tt_global_entry); 941 batadv_tt_global_entry_free_ref(tt_global_entry);
890 942
@@ -995,7 +1047,7 @@ void batadv_tt_global_del_orig(struct batadv_priv *bat_priv,
995 struct batadv_tt_global_entry *tt_global; 1047 struct batadv_tt_global_entry *tt_global;
996 struct batadv_tt_common_entry *tt_common_entry; 1048 struct batadv_tt_common_entry *tt_common_entry;
997 uint32_t i; 1049 uint32_t i;
998 struct batadv_hashtable *hash = bat_priv->tt_global_hash; 1050 struct batadv_hashtable *hash = bat_priv->tt.global_hash;
999 struct hlist_node *node, *safe; 1051 struct hlist_node *node, *safe;
1000 struct hlist_head *head; 1052 struct hlist_head *head;
1001 spinlock_t *list_lock; /* protects write access to the hash lists */ 1053 spinlock_t *list_lock; /* protects write access to the hash lists */
@@ -1030,49 +1082,63 @@ void batadv_tt_global_del_orig(struct batadv_priv *bat_priv,
1030 orig_node->tt_initialised = false; 1082 orig_node->tt_initialised = false;
1031} 1083}
1032 1084
1033static void batadv_tt_global_roam_purge_list(struct batadv_priv *bat_priv, 1085static bool batadv_tt_global_to_purge(struct batadv_tt_global_entry *tt_global,
1034 struct hlist_head *head) 1086 char **msg)
1035{ 1087{
1036 struct batadv_tt_common_entry *tt_common_entry; 1088 bool purge = false;
1037 struct batadv_tt_global_entry *tt_global_entry; 1089 unsigned long roam_timeout = BATADV_TT_CLIENT_ROAM_TIMEOUT;
1038 struct hlist_node *node, *node_tmp; 1090 unsigned long temp_timeout = BATADV_TT_CLIENT_TEMP_TIMEOUT;
1039
1040 hlist_for_each_entry_safe(tt_common_entry, node, node_tmp, head,
1041 hash_entry) {
1042 tt_global_entry = container_of(tt_common_entry,
1043 struct batadv_tt_global_entry,
1044 common);
1045 if (!(tt_global_entry->common.flags & BATADV_TT_CLIENT_ROAM))
1046 continue;
1047 if (!batadv_has_timed_out(tt_global_entry->roam_at,
1048 BATADV_TT_CLIENT_ROAM_TIMEOUT))
1049 continue;
1050 1091
1051 batadv_dbg(BATADV_DBG_TT, bat_priv, 1092 if ((tt_global->common.flags & BATADV_TT_CLIENT_ROAM) &&
1052 "Deleting global tt entry (%pM): Roaming timeout\n", 1093 batadv_has_timed_out(tt_global->roam_at, roam_timeout)) {
1053 tt_global_entry->common.addr); 1094 purge = true;
1095 *msg = "Roaming timeout\n";
1096 }
1054 1097
1055 hlist_del_rcu(node); 1098 if ((tt_global->common.flags & BATADV_TT_CLIENT_TEMP) &&
1056 batadv_tt_global_entry_free_ref(tt_global_entry); 1099 batadv_has_timed_out(tt_global->common.added_at, temp_timeout)) {
1100 purge = true;
1101 *msg = "Temporary client timeout\n";
1057 } 1102 }
1103
1104 return purge;
1058} 1105}
1059 1106
1060static void batadv_tt_global_roam_purge(struct batadv_priv *bat_priv) 1107static void batadv_tt_global_purge(struct batadv_priv *bat_priv)
1061{ 1108{
1062 struct batadv_hashtable *hash = bat_priv->tt_global_hash; 1109 struct batadv_hashtable *hash = bat_priv->tt.global_hash;
1063 struct hlist_head *head; 1110 struct hlist_head *head;
1111 struct hlist_node *node, *node_tmp;
1064 spinlock_t *list_lock; /* protects write access to the hash lists */ 1112 spinlock_t *list_lock; /* protects write access to the hash lists */
1065 uint32_t i; 1113 uint32_t i;
1114 char *msg = NULL;
1115 struct batadv_tt_common_entry *tt_common;
1116 struct batadv_tt_global_entry *tt_global;
1066 1117
1067 for (i = 0; i < hash->size; i++) { 1118 for (i = 0; i < hash->size; i++) {
1068 head = &hash->table[i]; 1119 head = &hash->table[i];
1069 list_lock = &hash->list_locks[i]; 1120 list_lock = &hash->list_locks[i];
1070 1121
1071 spin_lock_bh(list_lock); 1122 spin_lock_bh(list_lock);
1072 batadv_tt_global_roam_purge_list(bat_priv, head); 1123 hlist_for_each_entry_safe(tt_common, node, node_tmp, head,
1124 hash_entry) {
1125 tt_global = container_of(tt_common,
1126 struct batadv_tt_global_entry,
1127 common);
1128
1129 if (!batadv_tt_global_to_purge(tt_global, &msg))
1130 continue;
1131
1132 batadv_dbg(BATADV_DBG_TT, bat_priv,
1133 "Deleting global tt entry (%pM): %s\n",
1134 tt_global->common.addr, msg);
1135
1136 hlist_del_rcu(node);
1137
1138 batadv_tt_global_entry_free_ref(tt_global);
1139 }
1073 spin_unlock_bh(list_lock); 1140 spin_unlock_bh(list_lock);
1074 } 1141 }
1075
1076} 1142}
1077 1143
1078static void batadv_tt_global_table_free(struct batadv_priv *bat_priv) 1144static void batadv_tt_global_table_free(struct batadv_priv *bat_priv)
@@ -1085,10 +1151,10 @@ static void batadv_tt_global_table_free(struct batadv_priv *bat_priv)
1085 struct hlist_head *head; 1151 struct hlist_head *head;
1086 uint32_t i; 1152 uint32_t i;
1087 1153
1088 if (!bat_priv->tt_global_hash) 1154 if (!bat_priv->tt.global_hash)
1089 return; 1155 return;
1090 1156
1091 hash = bat_priv->tt_global_hash; 1157 hash = bat_priv->tt.global_hash;
1092 1158
1093 for (i = 0; i < hash->size; i++) { 1159 for (i = 0; i < hash->size; i++) {
1094 head = &hash->table[i]; 1160 head = &hash->table[i];
@@ -1108,7 +1174,7 @@ static void batadv_tt_global_table_free(struct batadv_priv *bat_priv)
1108 1174
1109 batadv_hash_destroy(hash); 1175 batadv_hash_destroy(hash);
1110 1176
1111 bat_priv->tt_global_hash = NULL; 1177 bat_priv->tt.global_hash = NULL;
1112} 1178}
1113 1179
1114static bool 1180static bool
@@ -1187,7 +1253,7 @@ static uint16_t batadv_tt_global_crc(struct batadv_priv *bat_priv,
1187 struct batadv_orig_node *orig_node) 1253 struct batadv_orig_node *orig_node)
1188{ 1254{
1189 uint16_t total = 0, total_one; 1255 uint16_t total = 0, total_one;
1190 struct batadv_hashtable *hash = bat_priv->tt_global_hash; 1256 struct batadv_hashtable *hash = bat_priv->tt.global_hash;
1191 struct batadv_tt_common_entry *tt_common; 1257 struct batadv_tt_common_entry *tt_common;
1192 struct batadv_tt_global_entry *tt_global; 1258 struct batadv_tt_global_entry *tt_global;
1193 struct hlist_node *node; 1259 struct hlist_node *node;
@@ -1210,6 +1276,12 @@ static uint16_t batadv_tt_global_crc(struct batadv_priv *bat_priv,
1210 */ 1276 */
1211 if (tt_common->flags & BATADV_TT_CLIENT_ROAM) 1277 if (tt_common->flags & BATADV_TT_CLIENT_ROAM)
1212 continue; 1278 continue;
1279 /* Temporary clients have not been announced yet, so
1280 * they have to be skipped while computing the global
1281 * crc
1282 */
1283 if (tt_common->flags & BATADV_TT_CLIENT_TEMP)
1284 continue;
1213 1285
1214 /* find out if this global entry is announced by this 1286 /* find out if this global entry is announced by this
1215 * originator 1287 * originator
@@ -1234,7 +1306,7 @@ static uint16_t batadv_tt_global_crc(struct batadv_priv *bat_priv,
1234static uint16_t batadv_tt_local_crc(struct batadv_priv *bat_priv) 1306static uint16_t batadv_tt_local_crc(struct batadv_priv *bat_priv)
1235{ 1307{
1236 uint16_t total = 0, total_one; 1308 uint16_t total = 0, total_one;
1237 struct batadv_hashtable *hash = bat_priv->tt_local_hash; 1309 struct batadv_hashtable *hash = bat_priv->tt.local_hash;
1238 struct batadv_tt_common_entry *tt_common; 1310 struct batadv_tt_common_entry *tt_common;
1239 struct hlist_node *node; 1311 struct hlist_node *node;
1240 struct hlist_head *head; 1312 struct hlist_head *head;
@@ -1267,14 +1339,14 @@ static void batadv_tt_req_list_free(struct batadv_priv *bat_priv)
1267{ 1339{
1268 struct batadv_tt_req_node *node, *safe; 1340 struct batadv_tt_req_node *node, *safe;
1269 1341
1270 spin_lock_bh(&bat_priv->tt_req_list_lock); 1342 spin_lock_bh(&bat_priv->tt.req_list_lock);
1271 1343
1272 list_for_each_entry_safe(node, safe, &bat_priv->tt_req_list, list) { 1344 list_for_each_entry_safe(node, safe, &bat_priv->tt.req_list, list) {
1273 list_del(&node->list); 1345 list_del(&node->list);
1274 kfree(node); 1346 kfree(node);
1275 } 1347 }
1276 1348
1277 spin_unlock_bh(&bat_priv->tt_req_list_lock); 1349 spin_unlock_bh(&bat_priv->tt.req_list_lock);
1278} 1350}
1279 1351
1280static void batadv_tt_save_orig_buffer(struct batadv_priv *bat_priv, 1352static void batadv_tt_save_orig_buffer(struct batadv_priv *bat_priv,
@@ -1304,15 +1376,15 @@ static void batadv_tt_req_purge(struct batadv_priv *bat_priv)
1304{ 1376{
1305 struct batadv_tt_req_node *node, *safe; 1377 struct batadv_tt_req_node *node, *safe;
1306 1378
1307 spin_lock_bh(&bat_priv->tt_req_list_lock); 1379 spin_lock_bh(&bat_priv->tt.req_list_lock);
1308 list_for_each_entry_safe(node, safe, &bat_priv->tt_req_list, list) { 1380 list_for_each_entry_safe(node, safe, &bat_priv->tt.req_list, list) {
1309 if (batadv_has_timed_out(node->issued_at, 1381 if (batadv_has_timed_out(node->issued_at,
1310 BATADV_TT_REQUEST_TIMEOUT)) { 1382 BATADV_TT_REQUEST_TIMEOUT)) {
1311 list_del(&node->list); 1383 list_del(&node->list);
1312 kfree(node); 1384 kfree(node);
1313 } 1385 }
1314 } 1386 }
1315 spin_unlock_bh(&bat_priv->tt_req_list_lock); 1387 spin_unlock_bh(&bat_priv->tt.req_list_lock);
1316} 1388}
1317 1389
1318/* returns the pointer to the new tt_req_node struct if no request 1390/* returns the pointer to the new tt_req_node struct if no request
@@ -1324,8 +1396,8 @@ batadv_new_tt_req_node(struct batadv_priv *bat_priv,
1324{ 1396{
1325 struct batadv_tt_req_node *tt_req_node_tmp, *tt_req_node = NULL; 1397 struct batadv_tt_req_node *tt_req_node_tmp, *tt_req_node = NULL;
1326 1398
1327 spin_lock_bh(&bat_priv->tt_req_list_lock); 1399 spin_lock_bh(&bat_priv->tt.req_list_lock);
1328 list_for_each_entry(tt_req_node_tmp, &bat_priv->tt_req_list, list) { 1400 list_for_each_entry(tt_req_node_tmp, &bat_priv->tt.req_list, list) {
1329 if (batadv_compare_eth(tt_req_node_tmp, orig_node) && 1401 if (batadv_compare_eth(tt_req_node_tmp, orig_node) &&
1330 !batadv_has_timed_out(tt_req_node_tmp->issued_at, 1402 !batadv_has_timed_out(tt_req_node_tmp->issued_at,
1331 BATADV_TT_REQUEST_TIMEOUT)) 1403 BATADV_TT_REQUEST_TIMEOUT))
@@ -1339,9 +1411,9 @@ batadv_new_tt_req_node(struct batadv_priv *bat_priv,
1339 memcpy(tt_req_node->addr, orig_node->orig, ETH_ALEN); 1411 memcpy(tt_req_node->addr, orig_node->orig, ETH_ALEN);
1340 tt_req_node->issued_at = jiffies; 1412 tt_req_node->issued_at = jiffies;
1341 1413
1342 list_add(&tt_req_node->list, &bat_priv->tt_req_list); 1414 list_add(&tt_req_node->list, &bat_priv->tt.req_list);
1343unlock: 1415unlock:
1344 spin_unlock_bh(&bat_priv->tt_req_list_lock); 1416 spin_unlock_bh(&bat_priv->tt.req_list_lock);
1345 return tt_req_node; 1417 return tt_req_node;
1346} 1418}
1347 1419
@@ -1363,7 +1435,8 @@ static int batadv_tt_global_valid(const void *entry_ptr,
1363 const struct batadv_tt_global_entry *tt_global_entry; 1435 const struct batadv_tt_global_entry *tt_global_entry;
1364 const struct batadv_orig_node *orig_node = data_ptr; 1436 const struct batadv_orig_node *orig_node = data_ptr;
1365 1437
1366 if (tt_common_entry->flags & BATADV_TT_CLIENT_ROAM) 1438 if (tt_common_entry->flags & BATADV_TT_CLIENT_ROAM ||
1439 tt_common_entry->flags & BATADV_TT_CLIENT_TEMP)
1367 return 0; 1440 return 0;
1368 1441
1369 tt_global_entry = container_of(tt_common_entry, 1442 tt_global_entry = container_of(tt_common_entry,
@@ -1507,9 +1580,9 @@ out:
1507 if (ret) 1580 if (ret)
1508 kfree_skb(skb); 1581 kfree_skb(skb);
1509 if (ret && tt_req_node) { 1582 if (ret && tt_req_node) {
1510 spin_lock_bh(&bat_priv->tt_req_list_lock); 1583 spin_lock_bh(&bat_priv->tt.req_list_lock);
1511 list_del(&tt_req_node->list); 1584 list_del(&tt_req_node->list);
1512 spin_unlock_bh(&bat_priv->tt_req_list_lock); 1585 spin_unlock_bh(&bat_priv->tt.req_list_lock);
1513 kfree(tt_req_node); 1586 kfree(tt_req_node);
1514 } 1587 }
1515 return ret; 1588 return ret;
@@ -1530,6 +1603,7 @@ batadv_send_other_tt_response(struct batadv_priv *bat_priv,
1530 uint16_t tt_len, tt_tot; 1603 uint16_t tt_len, tt_tot;
1531 struct sk_buff *skb = NULL; 1604 struct sk_buff *skb = NULL;
1532 struct batadv_tt_query_packet *tt_response; 1605 struct batadv_tt_query_packet *tt_response;
1606 uint8_t *packet_pos;
1533 size_t len; 1607 size_t len;
1534 1608
1535 batadv_dbg(BATADV_DBG_TT, bat_priv, 1609 batadv_dbg(BATADV_DBG_TT, bat_priv,
@@ -1583,8 +1657,8 @@ batadv_send_other_tt_response(struct batadv_priv *bat_priv,
1583 goto unlock; 1657 goto unlock;
1584 1658
1585 skb_reserve(skb, ETH_HLEN); 1659 skb_reserve(skb, ETH_HLEN);
1586 tt_response = (struct batadv_tt_query_packet *)skb_put(skb, 1660 packet_pos = skb_put(skb, len);
1587 len); 1661 tt_response = (struct batadv_tt_query_packet *)packet_pos;
1588 tt_response->ttvn = req_ttvn; 1662 tt_response->ttvn = req_ttvn;
1589 tt_response->tt_data = htons(tt_tot); 1663 tt_response->tt_data = htons(tt_tot);
1590 1664
@@ -1600,7 +1674,7 @@ batadv_send_other_tt_response(struct batadv_priv *bat_priv,
1600 ttvn = (uint8_t)atomic_read(&req_dst_orig_node->last_ttvn); 1674 ttvn = (uint8_t)atomic_read(&req_dst_orig_node->last_ttvn);
1601 1675
1602 skb = batadv_tt_response_fill_table(tt_len, ttvn, 1676 skb = batadv_tt_response_fill_table(tt_len, ttvn,
1603 bat_priv->tt_global_hash, 1677 bat_priv->tt.global_hash,
1604 primary_if, 1678 primary_if,
1605 batadv_tt_global_valid, 1679 batadv_tt_global_valid,
1606 req_dst_orig_node); 1680 req_dst_orig_node);
@@ -1663,6 +1737,7 @@ batadv_send_my_tt_response(struct batadv_priv *bat_priv,
1663 uint16_t tt_len, tt_tot; 1737 uint16_t tt_len, tt_tot;
1664 struct sk_buff *skb = NULL; 1738 struct sk_buff *skb = NULL;
1665 struct batadv_tt_query_packet *tt_response; 1739 struct batadv_tt_query_packet *tt_response;
1740 uint8_t *packet_pos;
1666 size_t len; 1741 size_t len;
1667 1742
1668 batadv_dbg(BATADV_DBG_TT, bat_priv, 1743 batadv_dbg(BATADV_DBG_TT, bat_priv,
@@ -1671,7 +1746,7 @@ batadv_send_my_tt_response(struct batadv_priv *bat_priv,
1671 (tt_request->flags & BATADV_TT_FULL_TABLE ? 'F' : '.')); 1746 (tt_request->flags & BATADV_TT_FULL_TABLE ? 'F' : '.'));
1672 1747
1673 1748
1674 my_ttvn = (uint8_t)atomic_read(&bat_priv->ttvn); 1749 my_ttvn = (uint8_t)atomic_read(&bat_priv->tt.vn);
1675 req_ttvn = tt_request->ttvn; 1750 req_ttvn = tt_request->ttvn;
1676 1751
1677 orig_node = batadv_orig_hash_find(bat_priv, tt_request->src); 1752 orig_node = batadv_orig_hash_find(bat_priv, tt_request->src);
@@ -1690,7 +1765,7 @@ batadv_send_my_tt_response(struct batadv_priv *bat_priv,
1690 * is too big send the whole local translation table 1765 * is too big send the whole local translation table
1691 */ 1766 */
1692 if (tt_request->flags & BATADV_TT_FULL_TABLE || my_ttvn != req_ttvn || 1767 if (tt_request->flags & BATADV_TT_FULL_TABLE || my_ttvn != req_ttvn ||
1693 !bat_priv->tt_buff) 1768 !bat_priv->tt.last_changeset)
1694 full_table = true; 1769 full_table = true;
1695 else 1770 else
1696 full_table = false; 1771 full_table = false;
@@ -1699,8 +1774,8 @@ batadv_send_my_tt_response(struct batadv_priv *bat_priv,
1699 * I'll send only one packet with as much TT entries as I can 1774 * I'll send only one packet with as much TT entries as I can
1700 */ 1775 */
1701 if (!full_table) { 1776 if (!full_table) {
1702 spin_lock_bh(&bat_priv->tt_buff_lock); 1777 spin_lock_bh(&bat_priv->tt.last_changeset_lock);
1703 tt_len = bat_priv->tt_buff_len; 1778 tt_len = bat_priv->tt.last_changeset_len;
1704 tt_tot = tt_len / sizeof(struct batadv_tt_change); 1779 tt_tot = tt_len / sizeof(struct batadv_tt_change);
1705 1780
1706 len = sizeof(*tt_response) + tt_len; 1781 len = sizeof(*tt_response) + tt_len;
@@ -1709,22 +1784,22 @@ batadv_send_my_tt_response(struct batadv_priv *bat_priv,
1709 goto unlock; 1784 goto unlock;
1710 1785
1711 skb_reserve(skb, ETH_HLEN); 1786 skb_reserve(skb, ETH_HLEN);
1712 tt_response = (struct batadv_tt_query_packet *)skb_put(skb, 1787 packet_pos = skb_put(skb, len);
1713 len); 1788 tt_response = (struct batadv_tt_query_packet *)packet_pos;
1714 tt_response->ttvn = req_ttvn; 1789 tt_response->ttvn = req_ttvn;
1715 tt_response->tt_data = htons(tt_tot); 1790 tt_response->tt_data = htons(tt_tot);
1716 1791
1717 tt_buff = skb->data + sizeof(*tt_response); 1792 tt_buff = skb->data + sizeof(*tt_response);
1718 memcpy(tt_buff, bat_priv->tt_buff, 1793 memcpy(tt_buff, bat_priv->tt.last_changeset,
1719 bat_priv->tt_buff_len); 1794 bat_priv->tt.last_changeset_len);
1720 spin_unlock_bh(&bat_priv->tt_buff_lock); 1795 spin_unlock_bh(&bat_priv->tt.last_changeset_lock);
1721 } else { 1796 } else {
1722 tt_len = (uint16_t)atomic_read(&bat_priv->num_local_tt); 1797 tt_len = (uint16_t)atomic_read(&bat_priv->tt.local_entry_num);
1723 tt_len *= sizeof(struct batadv_tt_change); 1798 tt_len *= sizeof(struct batadv_tt_change);
1724 ttvn = (uint8_t)atomic_read(&bat_priv->ttvn); 1799 ttvn = (uint8_t)atomic_read(&bat_priv->tt.vn);
1725 1800
1726 skb = batadv_tt_response_fill_table(tt_len, ttvn, 1801 skb = batadv_tt_response_fill_table(tt_len, ttvn,
1727 bat_priv->tt_local_hash, 1802 bat_priv->tt.local_hash,
1728 primary_if, 1803 primary_if,
1729 batadv_tt_local_valid_entry, 1804 batadv_tt_local_valid_entry,
1730 NULL); 1805 NULL);
@@ -1756,7 +1831,7 @@ batadv_send_my_tt_response(struct batadv_priv *bat_priv,
1756 goto out; 1831 goto out;
1757 1832
1758unlock: 1833unlock:
1759 spin_unlock_bh(&bat_priv->tt_buff_lock); 1834 spin_unlock_bh(&bat_priv->tt.last_changeset_lock);
1760out: 1835out:
1761 if (orig_node) 1836 if (orig_node)
1762 batadv_orig_node_free_ref(orig_node); 1837 batadv_orig_node_free_ref(orig_node);
@@ -1909,14 +1984,14 @@ void batadv_handle_tt_response(struct batadv_priv *bat_priv,
1909 } 1984 }
1910 1985
1911 /* Delete the tt_req_node from pending tt_requests list */ 1986 /* Delete the tt_req_node from pending tt_requests list */
1912 spin_lock_bh(&bat_priv->tt_req_list_lock); 1987 spin_lock_bh(&bat_priv->tt.req_list_lock);
1913 list_for_each_entry_safe(node, safe, &bat_priv->tt_req_list, list) { 1988 list_for_each_entry_safe(node, safe, &bat_priv->tt.req_list, list) {
1914 if (!batadv_compare_eth(node->addr, tt_response->src)) 1989 if (!batadv_compare_eth(node->addr, tt_response->src))
1915 continue; 1990 continue;
1916 list_del(&node->list); 1991 list_del(&node->list);
1917 kfree(node); 1992 kfree(node);
1918 } 1993 }
1919 spin_unlock_bh(&bat_priv->tt_req_list_lock); 1994 spin_unlock_bh(&bat_priv->tt.req_list_lock);
1920 1995
1921 /* Recalculate the CRC for this orig_node and store it */ 1996 /* Recalculate the CRC for this orig_node and store it */
1922 orig_node->tt_crc = batadv_tt_global_crc(bat_priv, orig_node); 1997 orig_node->tt_crc = batadv_tt_global_crc(bat_priv, orig_node);
@@ -1950,22 +2025,22 @@ static void batadv_tt_roam_list_free(struct batadv_priv *bat_priv)
1950{ 2025{
1951 struct batadv_tt_roam_node *node, *safe; 2026 struct batadv_tt_roam_node *node, *safe;
1952 2027
1953 spin_lock_bh(&bat_priv->tt_roam_list_lock); 2028 spin_lock_bh(&bat_priv->tt.roam_list_lock);
1954 2029
1955 list_for_each_entry_safe(node, safe, &bat_priv->tt_roam_list, list) { 2030 list_for_each_entry_safe(node, safe, &bat_priv->tt.roam_list, list) {
1956 list_del(&node->list); 2031 list_del(&node->list);
1957 kfree(node); 2032 kfree(node);
1958 } 2033 }
1959 2034
1960 spin_unlock_bh(&bat_priv->tt_roam_list_lock); 2035 spin_unlock_bh(&bat_priv->tt.roam_list_lock);
1961} 2036}
1962 2037
1963static void batadv_tt_roam_purge(struct batadv_priv *bat_priv) 2038static void batadv_tt_roam_purge(struct batadv_priv *bat_priv)
1964{ 2039{
1965 struct batadv_tt_roam_node *node, *safe; 2040 struct batadv_tt_roam_node *node, *safe;
1966 2041
1967 spin_lock_bh(&bat_priv->tt_roam_list_lock); 2042 spin_lock_bh(&bat_priv->tt.roam_list_lock);
1968 list_for_each_entry_safe(node, safe, &bat_priv->tt_roam_list, list) { 2043 list_for_each_entry_safe(node, safe, &bat_priv->tt.roam_list, list) {
1969 if (!batadv_has_timed_out(node->first_time, 2044 if (!batadv_has_timed_out(node->first_time,
1970 BATADV_ROAMING_MAX_TIME)) 2045 BATADV_ROAMING_MAX_TIME))
1971 continue; 2046 continue;
@@ -1973,7 +2048,7 @@ static void batadv_tt_roam_purge(struct batadv_priv *bat_priv)
1973 list_del(&node->list); 2048 list_del(&node->list);
1974 kfree(node); 2049 kfree(node);
1975 } 2050 }
1976 spin_unlock_bh(&bat_priv->tt_roam_list_lock); 2051 spin_unlock_bh(&bat_priv->tt.roam_list_lock);
1977} 2052}
1978 2053
1979/* This function checks whether the client already reached the 2054/* This function checks whether the client already reached the
@@ -1988,11 +2063,11 @@ static bool batadv_tt_check_roam_count(struct batadv_priv *bat_priv,
1988 struct batadv_tt_roam_node *tt_roam_node; 2063 struct batadv_tt_roam_node *tt_roam_node;
1989 bool ret = false; 2064 bool ret = false;
1990 2065
1991 spin_lock_bh(&bat_priv->tt_roam_list_lock); 2066 spin_lock_bh(&bat_priv->tt.roam_list_lock);
1992 /* The new tt_req will be issued only if I'm not waiting for a 2067 /* The new tt_req will be issued only if I'm not waiting for a
1993 * reply from the same orig_node yet 2068 * reply from the same orig_node yet
1994 */ 2069 */
1995 list_for_each_entry(tt_roam_node, &bat_priv->tt_roam_list, list) { 2070 list_for_each_entry(tt_roam_node, &bat_priv->tt.roam_list, list) {
1996 if (!batadv_compare_eth(tt_roam_node->addr, client)) 2071 if (!batadv_compare_eth(tt_roam_node->addr, client))
1997 continue; 2072 continue;
1998 2073
@@ -2017,12 +2092,12 @@ static bool batadv_tt_check_roam_count(struct batadv_priv *bat_priv,
2017 BATADV_ROAMING_MAX_COUNT - 1); 2092 BATADV_ROAMING_MAX_COUNT - 1);
2018 memcpy(tt_roam_node->addr, client, ETH_ALEN); 2093 memcpy(tt_roam_node->addr, client, ETH_ALEN);
2019 2094
2020 list_add(&tt_roam_node->list, &bat_priv->tt_roam_list); 2095 list_add(&tt_roam_node->list, &bat_priv->tt.roam_list);
2021 ret = true; 2096 ret = true;
2022 } 2097 }
2023 2098
2024unlock: 2099unlock:
2025 spin_unlock_bh(&bat_priv->tt_roam_list_lock); 2100 spin_unlock_bh(&bat_priv->tt.roam_list_lock);
2026 return ret; 2101 return ret;
2027} 2102}
2028 2103
@@ -2086,13 +2161,15 @@ out:
2086static void batadv_tt_purge(struct work_struct *work) 2161static void batadv_tt_purge(struct work_struct *work)
2087{ 2162{
2088 struct delayed_work *delayed_work; 2163 struct delayed_work *delayed_work;
2164 struct batadv_priv_tt *priv_tt;
2089 struct batadv_priv *bat_priv; 2165 struct batadv_priv *bat_priv;
2090 2166
2091 delayed_work = container_of(work, struct delayed_work, work); 2167 delayed_work = container_of(work, struct delayed_work, work);
2092 bat_priv = container_of(delayed_work, struct batadv_priv, tt_work); 2168 priv_tt = container_of(delayed_work, struct batadv_priv_tt, work);
2169 bat_priv = container_of(priv_tt, struct batadv_priv, tt);
2093 2170
2094 batadv_tt_local_purge(bat_priv); 2171 batadv_tt_local_purge(bat_priv);
2095 batadv_tt_global_roam_purge(bat_priv); 2172 batadv_tt_global_purge(bat_priv);
2096 batadv_tt_req_purge(bat_priv); 2173 batadv_tt_req_purge(bat_priv);
2097 batadv_tt_roam_purge(bat_priv); 2174 batadv_tt_roam_purge(bat_priv);
2098 2175
@@ -2101,7 +2178,7 @@ static void batadv_tt_purge(struct work_struct *work)
2101 2178
2102void batadv_tt_free(struct batadv_priv *bat_priv) 2179void batadv_tt_free(struct batadv_priv *bat_priv)
2103{ 2180{
2104 cancel_delayed_work_sync(&bat_priv->tt_work); 2181 cancel_delayed_work_sync(&bat_priv->tt.work);
2105 2182
2106 batadv_tt_local_table_free(bat_priv); 2183 batadv_tt_local_table_free(bat_priv);
2107 batadv_tt_global_table_free(bat_priv); 2184 batadv_tt_global_table_free(bat_priv);
@@ -2109,7 +2186,7 @@ void batadv_tt_free(struct batadv_priv *bat_priv)
2109 batadv_tt_changes_list_free(bat_priv); 2186 batadv_tt_changes_list_free(bat_priv);
2110 batadv_tt_roam_list_free(bat_priv); 2187 batadv_tt_roam_list_free(bat_priv);
2111 2188
2112 kfree(bat_priv->tt_buff); 2189 kfree(bat_priv->tt.last_changeset);
2113} 2190}
2114 2191
2115/* This function will enable or disable the specified flags for all the entries 2192/* This function will enable or disable the specified flags for all the entries
@@ -2153,7 +2230,7 @@ out:
2153/* Purge out all the tt local entries marked with BATADV_TT_CLIENT_PENDING */ 2230/* Purge out all the tt local entries marked with BATADV_TT_CLIENT_PENDING */
2154static void batadv_tt_local_purge_pending_clients(struct batadv_priv *bat_priv) 2231static void batadv_tt_local_purge_pending_clients(struct batadv_priv *bat_priv)
2155{ 2232{
2156 struct batadv_hashtable *hash = bat_priv->tt_local_hash; 2233 struct batadv_hashtable *hash = bat_priv->tt.local_hash;
2157 struct batadv_tt_common_entry *tt_common; 2234 struct batadv_tt_common_entry *tt_common;
2158 struct batadv_tt_local_entry *tt_local; 2235 struct batadv_tt_local_entry *tt_local;
2159 struct hlist_node *node, *node_tmp; 2236 struct hlist_node *node, *node_tmp;
@@ -2178,7 +2255,7 @@ static void batadv_tt_local_purge_pending_clients(struct batadv_priv *bat_priv)
2178 "Deleting local tt entry (%pM): pending\n", 2255 "Deleting local tt entry (%pM): pending\n",
2179 tt_common->addr); 2256 tt_common->addr);
2180 2257
2181 atomic_dec(&bat_priv->num_local_tt); 2258 atomic_dec(&bat_priv->tt.local_entry_num);
2182 hlist_del_rcu(node); 2259 hlist_del_rcu(node);
2183 tt_local = container_of(tt_common, 2260 tt_local = container_of(tt_common,
2184 struct batadv_tt_local_entry, 2261 struct batadv_tt_local_entry,
@@ -2196,26 +2273,26 @@ static int batadv_tt_commit_changes(struct batadv_priv *bat_priv,
2196{ 2273{
2197 uint16_t changed_num = 0; 2274 uint16_t changed_num = 0;
2198 2275
2199 if (atomic_read(&bat_priv->tt_local_changes) < 1) 2276 if (atomic_read(&bat_priv->tt.local_changes) < 1)
2200 return -ENOENT; 2277 return -ENOENT;
2201 2278
2202 changed_num = batadv_tt_set_flags(bat_priv->tt_local_hash, 2279 changed_num = batadv_tt_set_flags(bat_priv->tt.local_hash,
2203 BATADV_TT_CLIENT_NEW, false); 2280 BATADV_TT_CLIENT_NEW, false);
2204 2281
2205 /* all reset entries have to be counted as local entries */ 2282 /* all reset entries have to be counted as local entries */
2206 atomic_add(changed_num, &bat_priv->num_local_tt); 2283 atomic_add(changed_num, &bat_priv->tt.local_entry_num);
2207 batadv_tt_local_purge_pending_clients(bat_priv); 2284 batadv_tt_local_purge_pending_clients(bat_priv);
2208 bat_priv->tt_crc = batadv_tt_local_crc(bat_priv); 2285 bat_priv->tt.local_crc = batadv_tt_local_crc(bat_priv);
2209 2286
2210 /* Increment the TTVN only once per OGM interval */ 2287 /* Increment the TTVN only once per OGM interval */
2211 atomic_inc(&bat_priv->ttvn); 2288 atomic_inc(&bat_priv->tt.vn);
2212 batadv_dbg(BATADV_DBG_TT, bat_priv, 2289 batadv_dbg(BATADV_DBG_TT, bat_priv,
2213 "Local changes committed, updating to ttvn %u\n", 2290 "Local changes committed, updating to ttvn %u\n",
2214 (uint8_t)atomic_read(&bat_priv->ttvn)); 2291 (uint8_t)atomic_read(&bat_priv->tt.vn));
2215 bat_priv->tt_poss_change = false; 2292 bat_priv->tt.poss_change = false;
2216 2293
2217 /* reset the sending counter */ 2294 /* reset the sending counter */
2218 atomic_set(&bat_priv->tt_ogm_append_cnt, BATADV_TT_OGM_APPEND_MAX); 2295 atomic_set(&bat_priv->tt.ogm_append_cnt, BATADV_TT_OGM_APPEND_MAX);
2219 2296
2220 return batadv_tt_changes_fill_buff(bat_priv, packet_buff, 2297 return batadv_tt_changes_fill_buff(bat_priv, packet_buff,
2221 packet_buff_len, packet_min_len); 2298 packet_buff_len, packet_min_len);
@@ -2235,7 +2312,7 @@ int batadv_tt_append_diff(struct batadv_priv *bat_priv,
2235 2312
2236 /* if the changes have been sent often enough */ 2313 /* if the changes have been sent often enough */
2237 if ((tt_num_changes < 0) && 2314 if ((tt_num_changes < 0) &&
2238 (!batadv_atomic_dec_not_zero(&bat_priv->tt_ogm_append_cnt))) { 2315 (!batadv_atomic_dec_not_zero(&bat_priv->tt.ogm_append_cnt))) {
2239 batadv_tt_realloc_packet_buff(packet_buff, packet_buff_len, 2316 batadv_tt_realloc_packet_buff(packet_buff, packet_buff_len,
2240 packet_min_len, packet_min_len); 2317 packet_min_len, packet_min_len);
2241 tt_num_changes = 0; 2318 tt_num_changes = 0;
@@ -2366,3 +2443,22 @@ bool batadv_tt_global_client_is_roaming(struct batadv_priv *bat_priv,
2366out: 2443out:
2367 return ret; 2444 return ret;
2368} 2445}
2446
2447bool batadv_tt_add_temporary_global_entry(struct batadv_priv *bat_priv,
2448 struct batadv_orig_node *orig_node,
2449 const unsigned char *addr)
2450{
2451 bool ret = false;
2452
2453 if (!batadv_tt_global_add(bat_priv, orig_node, addr,
2454 BATADV_TT_CLIENT_TEMP,
2455 atomic_read(&orig_node->last_ttvn)))
2456 goto out;
2457
2458 batadv_dbg(BATADV_DBG_TT, bat_priv,
2459 "Added temporary global client (addr: %pM orig: %pM)\n",
2460 addr, orig_node->orig);
2461 ret = true;
2462out:
2463 return ret;
2464}
diff --git a/net/batman-adv/translation-table.h b/net/batman-adv/translation-table.h
index ffa87355096b..811fffd4760c 100644
--- a/net/batman-adv/translation-table.h
+++ b/net/batman-adv/translation-table.h
@@ -59,6 +59,8 @@ int batadv_tt_append_diff(struct batadv_priv *bat_priv,
59 int packet_min_len); 59 int packet_min_len);
60bool batadv_tt_global_client_is_roaming(struct batadv_priv *bat_priv, 60bool batadv_tt_global_client_is_roaming(struct batadv_priv *bat_priv,
61 uint8_t *addr); 61 uint8_t *addr);
62 62bool batadv_tt_add_temporary_global_entry(struct batadv_priv *bat_priv,
63 struct batadv_orig_node *orig_node,
64 const unsigned char *addr);
63 65
64#endif /* _NET_BATMAN_ADV_TRANSLATION_TABLE_H_ */ 66#endif /* _NET_BATMAN_ADV_TRANSLATION_TABLE_H_ */
diff --git a/net/batman-adv/types.h b/net/batman-adv/types.h
index 12635fd2c3d3..2ed82caacdca 100644
--- a/net/batman-adv/types.h
+++ b/net/batman-adv/types.h
@@ -145,6 +145,11 @@ struct batadv_bcast_duplist_entry {
145#endif 145#endif
146 146
147enum batadv_counters { 147enum batadv_counters {
148 BATADV_CNT_TX,
149 BATADV_CNT_TX_BYTES,
150 BATADV_CNT_TX_DROPPED,
151 BATADV_CNT_RX,
152 BATADV_CNT_RX_BYTES,
148 BATADV_CNT_FORWARD, 153 BATADV_CNT_FORWARD,
149 BATADV_CNT_FORWARD_BYTES, 154 BATADV_CNT_FORWARD_BYTES,
150 BATADV_CNT_MGMT_TX, 155 BATADV_CNT_MGMT_TX,
@@ -160,6 +165,67 @@ enum batadv_counters {
160 BATADV_CNT_NUM, 165 BATADV_CNT_NUM,
161}; 166};
162 167
168/**
169 * struct batadv_priv_tt - per mesh interface translation table data
170 * @vn: translation table version number
171 * @local_changes: changes registered in an originator interval
172 * @poss_change: Detect an ongoing roaming phase. If true, then this node
173 * received a roaming_adv and has to inspect every packet directed to it to
174 * check whether it still is the true destination or not. This flag will be
175 * reset to false as soon as the this node's ttvn is increased
176 * @changes_list: tracks tt local changes within an originator interval
177 * @req_list: list of pending tt_requests
178 * @local_crc: Checksum of the local table, recomputed before sending a new OGM
179 */
180struct batadv_priv_tt {
181 atomic_t vn;
182 atomic_t ogm_append_cnt;
183 atomic_t local_changes;
184 bool poss_change;
185 struct list_head changes_list;
186 struct batadv_hashtable *local_hash;
187 struct batadv_hashtable *global_hash;
188 struct list_head req_list;
189 struct list_head roam_list;
190 spinlock_t changes_list_lock; /* protects changes */
191 spinlock_t req_list_lock; /* protects req_list */
192 spinlock_t roam_list_lock; /* protects roam_list */
193 atomic_t local_entry_num;
194 uint16_t local_crc;
195 unsigned char *last_changeset;
196 int16_t last_changeset_len;
197 spinlock_t last_changeset_lock; /* protects last_changeset */
198 struct delayed_work work;
199};
200
201#ifdef CONFIG_BATMAN_ADV_BLA
202struct batadv_priv_bla {
203 atomic_t num_requests; /* number of bla requests in flight */
204 struct batadv_hashtable *claim_hash;
205 struct batadv_hashtable *backbone_hash;
206 struct batadv_bcast_duplist_entry bcast_duplist[BATADV_DUPLIST_SIZE];
207 int bcast_duplist_curr;
208 struct batadv_bla_claim_dst claim_dest;
209 struct delayed_work work;
210};
211#endif
212
213struct batadv_priv_gw {
214 struct hlist_head list;
215 spinlock_t list_lock; /* protects gw_list and curr_gw */
216 struct batadv_gw_node __rcu *curr_gw; /* rcu protected pointer */
217 atomic_t reselect;
218};
219
220struct batadv_priv_vis {
221 struct list_head send_list;
222 struct batadv_hashtable *hash;
223 spinlock_t hash_lock; /* protects hash */
224 spinlock_t list_lock; /* protects info::recv_list */
225 struct delayed_work work;
226 struct batadv_vis_info *my_info;
227};
228
163struct batadv_priv { 229struct batadv_priv {
164 atomic_t mesh_state; 230 atomic_t mesh_state;
165 struct net_device_stats stats; 231 struct net_device_stats stats;
@@ -179,64 +245,24 @@ struct batadv_priv {
179 atomic_t bcast_seqno; 245 atomic_t bcast_seqno;
180 atomic_t bcast_queue_left; 246 atomic_t bcast_queue_left;
181 atomic_t batman_queue_left; 247 atomic_t batman_queue_left;
182 atomic_t ttvn; /* translation table version number */
183 atomic_t tt_ogm_append_cnt;
184 atomic_t tt_local_changes; /* changes registered in a OGM interval */
185 atomic_t bla_num_requests; /* number of bla requests in flight */
186 /* The tt_poss_change flag is used to detect an ongoing roaming phase.
187 * If true, then I received a Roaming_adv and I have to inspect every
188 * packet directed to me to check whether I am still the true
189 * destination or not. This flag will be reset to false as soon as I
190 * increase my TTVN
191 */
192 bool tt_poss_change;
193 char num_ifaces; 248 char num_ifaces;
194 struct batadv_debug_log *debug_log; 249 struct batadv_debug_log *debug_log;
195 struct kobject *mesh_obj; 250 struct kobject *mesh_obj;
196 struct dentry *debug_dir; 251 struct dentry *debug_dir;
197 struct hlist_head forw_bat_list; 252 struct hlist_head forw_bat_list;
198 struct hlist_head forw_bcast_list; 253 struct hlist_head forw_bcast_list;
199 struct hlist_head gw_list;
200 struct list_head tt_changes_list; /* tracks changes in a OGM int */
201 struct list_head vis_send_list;
202 struct batadv_hashtable *orig_hash; 254 struct batadv_hashtable *orig_hash;
203 struct batadv_hashtable *tt_local_hash;
204 struct batadv_hashtable *tt_global_hash;
205#ifdef CONFIG_BATMAN_ADV_BLA
206 struct batadv_hashtable *claim_hash;
207 struct batadv_hashtable *backbone_hash;
208#endif
209 struct list_head tt_req_list; /* list of pending tt_requests */
210 struct list_head tt_roam_list;
211 struct batadv_hashtable *vis_hash;
212#ifdef CONFIG_BATMAN_ADV_BLA
213 struct batadv_bcast_duplist_entry bcast_duplist[BATADV_DUPLIST_SIZE];
214 int bcast_duplist_curr;
215 struct batadv_bla_claim_dst claim_dest;
216#endif
217 spinlock_t forw_bat_list_lock; /* protects forw_bat_list */ 255 spinlock_t forw_bat_list_lock; /* protects forw_bat_list */
218 spinlock_t forw_bcast_list_lock; /* protects */ 256 spinlock_t forw_bcast_list_lock; /* protects */
219 spinlock_t tt_changes_list_lock; /* protects tt_changes */
220 spinlock_t tt_req_list_lock; /* protects tt_req_list */
221 spinlock_t tt_roam_list_lock; /* protects tt_roam_list */
222 spinlock_t gw_list_lock; /* protects gw_list and curr_gw */
223 spinlock_t vis_hash_lock; /* protects vis_hash */
224 spinlock_t vis_list_lock; /* protects vis_info::recv_list */
225 atomic_t num_local_tt;
226 /* Checksum of the local table, recomputed before sending a new OGM */
227 uint16_t tt_crc;
228 unsigned char *tt_buff;
229 int16_t tt_buff_len;
230 spinlock_t tt_buff_lock; /* protects tt_buff */
231 struct delayed_work tt_work;
232 struct delayed_work orig_work; 257 struct delayed_work orig_work;
233 struct delayed_work vis_work;
234 struct delayed_work bla_work;
235 struct batadv_gw_node __rcu *curr_gw; /* rcu protected pointer */
236 atomic_t gw_reselect;
237 struct batadv_hard_iface __rcu *primary_if; /* rcu protected pointer */ 258 struct batadv_hard_iface __rcu *primary_if; /* rcu protected pointer */
238 struct batadv_vis_info *my_vis_info;
239 struct batadv_algo_ops *bat_algo_ops; 259 struct batadv_algo_ops *bat_algo_ops;
260#ifdef CONFIG_BATMAN_ADV_BLA
261 struct batadv_priv_bla bla;
262#endif
263 struct batadv_priv_gw gw;
264 struct batadv_priv_tt tt;
265 struct batadv_priv_vis vis;
240}; 266};
241 267
242struct batadv_socket_client { 268struct batadv_socket_client {
@@ -258,6 +284,7 @@ struct batadv_tt_common_entry {
258 uint8_t addr[ETH_ALEN]; 284 uint8_t addr[ETH_ALEN];
259 struct hlist_node hash_entry; 285 struct hlist_node hash_entry;
260 uint16_t flags; 286 uint16_t flags;
287 unsigned long added_at;
261 atomic_t refcount; 288 atomic_t refcount;
262 struct rcu_head rcu; 289 struct rcu_head rcu;
263}; 290};
@@ -277,6 +304,7 @@ struct batadv_tt_global_entry {
277struct batadv_tt_orig_list_entry { 304struct batadv_tt_orig_list_entry {
278 struct batadv_orig_node *orig_node; 305 struct batadv_orig_node *orig_node;
279 uint8_t ttvn; 306 uint8_t ttvn;
307 atomic_t refcount;
280 struct rcu_head rcu; 308 struct rcu_head rcu;
281 struct hlist_node list; 309 struct hlist_node list;
282}; 310};
diff --git a/net/batman-adv/unicast.c b/net/batman-adv/unicast.c
index 00164645b3f7..f39723281ca1 100644
--- a/net/batman-adv/unicast.c
+++ b/net/batman-adv/unicast.c
@@ -39,6 +39,7 @@ batadv_frag_merge_packet(struct list_head *head,
39 struct batadv_unicast_packet *unicast_packet; 39 struct batadv_unicast_packet *unicast_packet;
40 int hdr_len = sizeof(*unicast_packet); 40 int hdr_len = sizeof(*unicast_packet);
41 int uni_diff = sizeof(*up) - hdr_len; 41 int uni_diff = sizeof(*up) - hdr_len;
42 uint8_t *packet_pos;
42 43
43 up = (struct batadv_unicast_frag_packet *)skb->data; 44 up = (struct batadv_unicast_frag_packet *)skb->data;
44 /* set skb to the first part and tmp_skb to the second part */ 45 /* set skb to the first part and tmp_skb to the second part */
@@ -65,8 +66,8 @@ batadv_frag_merge_packet(struct list_head *head,
65 kfree_skb(tmp_skb); 66 kfree_skb(tmp_skb);
66 67
67 memmove(skb->data + uni_diff, skb->data, hdr_len); 68 memmove(skb->data + uni_diff, skb->data, hdr_len);
68 unicast_packet = (struct batadv_unicast_packet *)skb_pull(skb, 69 packet_pos = skb_pull(skb, uni_diff);
69 uni_diff); 70 unicast_packet = (struct batadv_unicast_packet *)packet_pos;
70 unicast_packet->header.packet_type = BATADV_UNICAST; 71 unicast_packet->header.packet_type = BATADV_UNICAST;
71 72
72 return skb; 73 return skb;
@@ -121,6 +122,7 @@ batadv_frag_search_packet(struct list_head *head,
121{ 122{
122 struct batadv_frag_packet_list_entry *tfp; 123 struct batadv_frag_packet_list_entry *tfp;
123 struct batadv_unicast_frag_packet *tmp_up = NULL; 124 struct batadv_unicast_frag_packet *tmp_up = NULL;
125 int is_head_tmp, is_head;
124 uint16_t search_seqno; 126 uint16_t search_seqno;
125 127
126 if (up->flags & BATADV_UNI_FRAG_HEAD) 128 if (up->flags & BATADV_UNI_FRAG_HEAD)
@@ -128,6 +130,8 @@ batadv_frag_search_packet(struct list_head *head,
128 else 130 else
129 search_seqno = ntohs(up->seqno)-1; 131 search_seqno = ntohs(up->seqno)-1;
130 132
133 is_head = !!(up->flags & BATADV_UNI_FRAG_HEAD);
134
131 list_for_each_entry(tfp, head, list) { 135 list_for_each_entry(tfp, head, list) {
132 136
133 if (!tfp->skb) 137 if (!tfp->skb)
@@ -139,9 +143,8 @@ batadv_frag_search_packet(struct list_head *head,
139 tmp_up = (struct batadv_unicast_frag_packet *)tfp->skb->data; 143 tmp_up = (struct batadv_unicast_frag_packet *)tfp->skb->data;
140 144
141 if (tfp->seqno == search_seqno) { 145 if (tfp->seqno == search_seqno) {
142 146 is_head_tmp = !!(tmp_up->flags & BATADV_UNI_FRAG_HEAD);
143 if ((tmp_up->flags & BATADV_UNI_FRAG_HEAD) != 147 if (is_head_tmp != is_head)
144 (up->flags & BATADV_UNI_FRAG_HEAD))
145 return tfp; 148 return tfp;
146 else 149 else
147 goto mov_tail; 150 goto mov_tail;
@@ -334,8 +337,7 @@ find_router:
334 /* copy the destination for faster routing */ 337 /* copy the destination for faster routing */
335 memcpy(unicast_packet->dest, orig_node->orig, ETH_ALEN); 338 memcpy(unicast_packet->dest, orig_node->orig, ETH_ALEN);
336 /* set the destination tt version number */ 339 /* set the destination tt version number */
337 unicast_packet->ttvn = 340 unicast_packet->ttvn = (uint8_t)atomic_read(&orig_node->last_ttvn);
338 (uint8_t)atomic_read(&orig_node->last_ttvn);
339 341
340 /* inform the destination node that we are still missing a correct route 342 /* inform the destination node that we are still missing a correct route
341 * for this client. The destination will receive this packet and will 343 * for this client. The destination will receive this packet and will
diff --git a/net/batman-adv/vis.c b/net/batman-adv/vis.c
index 2a2ea0681469..5abd1454fb07 100644
--- a/net/batman-adv/vis.c
+++ b/net/batman-adv/vis.c
@@ -41,13 +41,13 @@ static void batadv_free_info(struct kref *ref)
41 bat_priv = info->bat_priv; 41 bat_priv = info->bat_priv;
42 42
43 list_del_init(&info->send_list); 43 list_del_init(&info->send_list);
44 spin_lock_bh(&bat_priv->vis_list_lock); 44 spin_lock_bh(&bat_priv->vis.list_lock);
45 list_for_each_entry_safe(entry, tmp, &info->recv_list, list) { 45 list_for_each_entry_safe(entry, tmp, &info->recv_list, list) {
46 list_del(&entry->list); 46 list_del(&entry->list);
47 kfree(entry); 47 kfree(entry);
48 } 48 }
49 49
50 spin_unlock_bh(&bat_priv->vis_list_lock); 50 spin_unlock_bh(&bat_priv->vis.list_lock);
51 kfree_skb(info->skb_packet); 51 kfree_skb(info->skb_packet);
52 kfree(info); 52 kfree(info);
53} 53}
@@ -94,7 +94,7 @@ static uint32_t batadv_vis_info_choose(const void *data, uint32_t size)
94static struct batadv_vis_info * 94static struct batadv_vis_info *
95batadv_vis_hash_find(struct batadv_priv *bat_priv, const void *data) 95batadv_vis_hash_find(struct batadv_priv *bat_priv, const void *data)
96{ 96{
97 struct batadv_hashtable *hash = bat_priv->vis_hash; 97 struct batadv_hashtable *hash = bat_priv->vis.hash;
98 struct hlist_head *head; 98 struct hlist_head *head;
99 struct hlist_node *node; 99 struct hlist_node *node;
100 struct batadv_vis_info *vis_info, *vis_info_tmp = NULL; 100 struct batadv_vis_info *vis_info, *vis_info_tmp = NULL;
@@ -252,7 +252,7 @@ int batadv_vis_seq_print_text(struct seq_file *seq, void *offset)
252 struct hlist_head *head; 252 struct hlist_head *head;
253 struct net_device *net_dev = (struct net_device *)seq->private; 253 struct net_device *net_dev = (struct net_device *)seq->private;
254 struct batadv_priv *bat_priv = netdev_priv(net_dev); 254 struct batadv_priv *bat_priv = netdev_priv(net_dev);
255 struct batadv_hashtable *hash = bat_priv->vis_hash; 255 struct batadv_hashtable *hash = bat_priv->vis.hash;
256 uint32_t i; 256 uint32_t i;
257 int ret = 0; 257 int ret = 0;
258 int vis_server = atomic_read(&bat_priv->vis_mode); 258 int vis_server = atomic_read(&bat_priv->vis_mode);
@@ -264,12 +264,12 @@ int batadv_vis_seq_print_text(struct seq_file *seq, void *offset)
264 if (vis_server == BATADV_VIS_TYPE_CLIENT_UPDATE) 264 if (vis_server == BATADV_VIS_TYPE_CLIENT_UPDATE)
265 goto out; 265 goto out;
266 266
267 spin_lock_bh(&bat_priv->vis_hash_lock); 267 spin_lock_bh(&bat_priv->vis.hash_lock);
268 for (i = 0; i < hash->size; i++) { 268 for (i = 0; i < hash->size; i++) {
269 head = &hash->table[i]; 269 head = &hash->table[i];
270 batadv_vis_seq_print_text_bucket(seq, head); 270 batadv_vis_seq_print_text_bucket(seq, head);
271 } 271 }
272 spin_unlock_bh(&bat_priv->vis_hash_lock); 272 spin_unlock_bh(&bat_priv->vis.hash_lock);
273 273
274out: 274out:
275 if (primary_if) 275 if (primary_if)
@@ -285,7 +285,7 @@ static void batadv_send_list_add(struct batadv_priv *bat_priv,
285{ 285{
286 if (list_empty(&info->send_list)) { 286 if (list_empty(&info->send_list)) {
287 kref_get(&info->refcount); 287 kref_get(&info->refcount);
288 list_add_tail(&info->send_list, &bat_priv->vis_send_list); 288 list_add_tail(&info->send_list, &bat_priv->vis.send_list);
289 } 289 }
290} 290}
291 291
@@ -311,9 +311,9 @@ static void batadv_recv_list_add(struct batadv_priv *bat_priv,
311 return; 311 return;
312 312
313 memcpy(entry->mac, mac, ETH_ALEN); 313 memcpy(entry->mac, mac, ETH_ALEN);
314 spin_lock_bh(&bat_priv->vis_list_lock); 314 spin_lock_bh(&bat_priv->vis.list_lock);
315 list_add_tail(&entry->list, recv_list); 315 list_add_tail(&entry->list, recv_list);
316 spin_unlock_bh(&bat_priv->vis_list_lock); 316 spin_unlock_bh(&bat_priv->vis.list_lock);
317} 317}
318 318
319/* returns 1 if this mac is in the recv_list */ 319/* returns 1 if this mac is in the recv_list */
@@ -323,14 +323,14 @@ static int batadv_recv_list_is_in(struct batadv_priv *bat_priv,
323{ 323{
324 const struct batadv_recvlist_node *entry; 324 const struct batadv_recvlist_node *entry;
325 325
326 spin_lock_bh(&bat_priv->vis_list_lock); 326 spin_lock_bh(&bat_priv->vis.list_lock);
327 list_for_each_entry(entry, recv_list, list) { 327 list_for_each_entry(entry, recv_list, list) {
328 if (batadv_compare_eth(entry->mac, mac)) { 328 if (batadv_compare_eth(entry->mac, mac)) {
329 spin_unlock_bh(&bat_priv->vis_list_lock); 329 spin_unlock_bh(&bat_priv->vis.list_lock);
330 return 1; 330 return 1;
331 } 331 }
332 } 332 }
333 spin_unlock_bh(&bat_priv->vis_list_lock); 333 spin_unlock_bh(&bat_priv->vis.list_lock);
334 return 0; 334 return 0;
335} 335}
336 336
@@ -354,7 +354,7 @@ batadv_add_packet(struct batadv_priv *bat_priv,
354 354
355 *is_new = 0; 355 *is_new = 0;
356 /* sanity check */ 356 /* sanity check */
357 if (!bat_priv->vis_hash) 357 if (!bat_priv->vis.hash)
358 return NULL; 358 return NULL;
359 359
360 /* see if the packet is already in vis_hash */ 360 /* see if the packet is already in vis_hash */
@@ -385,7 +385,7 @@ batadv_add_packet(struct batadv_priv *bat_priv,
385 } 385 }
386 } 386 }
387 /* remove old entry */ 387 /* remove old entry */
388 batadv_hash_remove(bat_priv->vis_hash, batadv_vis_info_cmp, 388 batadv_hash_remove(bat_priv->vis.hash, batadv_vis_info_cmp,
389 batadv_vis_info_choose, old_info); 389 batadv_vis_info_choose, old_info);
390 batadv_send_list_del(old_info); 390 batadv_send_list_del(old_info);
391 kref_put(&old_info->refcount, batadv_free_info); 391 kref_put(&old_info->refcount, batadv_free_info);
@@ -426,7 +426,7 @@ batadv_add_packet(struct batadv_priv *bat_priv,
426 batadv_recv_list_add(bat_priv, &info->recv_list, packet->sender_orig); 426 batadv_recv_list_add(bat_priv, &info->recv_list, packet->sender_orig);
427 427
428 /* try to add it */ 428 /* try to add it */
429 hash_added = batadv_hash_add(bat_priv->vis_hash, batadv_vis_info_cmp, 429 hash_added = batadv_hash_add(bat_priv->vis.hash, batadv_vis_info_cmp,
430 batadv_vis_info_choose, info, 430 batadv_vis_info_choose, info,
431 &info->hash_entry); 431 &info->hash_entry);
432 if (hash_added != 0) { 432 if (hash_added != 0) {
@@ -449,7 +449,7 @@ void batadv_receive_server_sync_packet(struct batadv_priv *bat_priv,
449 449
450 make_broadcast = (vis_server == BATADV_VIS_TYPE_SERVER_SYNC); 450 make_broadcast = (vis_server == BATADV_VIS_TYPE_SERVER_SYNC);
451 451
452 spin_lock_bh(&bat_priv->vis_hash_lock); 452 spin_lock_bh(&bat_priv->vis.hash_lock);
453 info = batadv_add_packet(bat_priv, vis_packet, vis_info_len, 453 info = batadv_add_packet(bat_priv, vis_packet, vis_info_len,
454 &is_new, make_broadcast); 454 &is_new, make_broadcast);
455 if (!info) 455 if (!info)
@@ -461,7 +461,7 @@ void batadv_receive_server_sync_packet(struct batadv_priv *bat_priv,
461 if (vis_server == BATADV_VIS_TYPE_SERVER_SYNC && is_new) 461 if (vis_server == BATADV_VIS_TYPE_SERVER_SYNC && is_new)
462 batadv_send_list_add(bat_priv, info); 462 batadv_send_list_add(bat_priv, info);
463end: 463end:
464 spin_unlock_bh(&bat_priv->vis_hash_lock); 464 spin_unlock_bh(&bat_priv->vis.hash_lock);
465} 465}
466 466
467/* handle an incoming client update packet and schedule forward if needed. */ 467/* handle an incoming client update packet and schedule forward if needed. */
@@ -484,7 +484,7 @@ void batadv_receive_client_update_packet(struct batadv_priv *bat_priv,
484 batadv_is_my_mac(vis_packet->target_orig)) 484 batadv_is_my_mac(vis_packet->target_orig))
485 are_target = 1; 485 are_target = 1;
486 486
487 spin_lock_bh(&bat_priv->vis_hash_lock); 487 spin_lock_bh(&bat_priv->vis.hash_lock);
488 info = batadv_add_packet(bat_priv, vis_packet, vis_info_len, 488 info = batadv_add_packet(bat_priv, vis_packet, vis_info_len,
489 &is_new, are_target); 489 &is_new, are_target);
490 490
@@ -505,7 +505,7 @@ void batadv_receive_client_update_packet(struct batadv_priv *bat_priv,
505 } 505 }
506 506
507end: 507end:
508 spin_unlock_bh(&bat_priv->vis_hash_lock); 508 spin_unlock_bh(&bat_priv->vis.hash_lock);
509} 509}
510 510
511/* Walk the originators and find the VIS server with the best tq. Set the packet 511/* Walk the originators and find the VIS server with the best tq. Set the packet
@@ -574,10 +574,11 @@ static int batadv_generate_vis_packet(struct batadv_priv *bat_priv)
574 struct hlist_head *head; 574 struct hlist_head *head;
575 struct batadv_orig_node *orig_node; 575 struct batadv_orig_node *orig_node;
576 struct batadv_neigh_node *router; 576 struct batadv_neigh_node *router;
577 struct batadv_vis_info *info = bat_priv->my_vis_info; 577 struct batadv_vis_info *info = bat_priv->vis.my_info;
578 struct batadv_vis_packet *packet; 578 struct batadv_vis_packet *packet;
579 struct batadv_vis_info_entry *entry; 579 struct batadv_vis_info_entry *entry;
580 struct batadv_tt_common_entry *tt_common_entry; 580 struct batadv_tt_common_entry *tt_common_entry;
581 uint8_t *packet_pos;
581 int best_tq = -1; 582 int best_tq = -1;
582 uint32_t i; 583 uint32_t i;
583 584
@@ -618,8 +619,8 @@ static int batadv_generate_vis_packet(struct batadv_priv *bat_priv)
618 goto next; 619 goto next;
619 620
620 /* fill one entry into buffer. */ 621 /* fill one entry into buffer. */
621 entry = (struct batadv_vis_info_entry *) 622 packet_pos = skb_put(info->skb_packet, sizeof(*entry));
622 skb_put(info->skb_packet, sizeof(*entry)); 623 entry = (struct batadv_vis_info_entry *)packet_pos;
623 memcpy(entry->src, 624 memcpy(entry->src,
624 router->if_incoming->net_dev->dev_addr, 625 router->if_incoming->net_dev->dev_addr,
625 ETH_ALEN); 626 ETH_ALEN);
@@ -636,7 +637,7 @@ next:
636 rcu_read_unlock(); 637 rcu_read_unlock();
637 } 638 }
638 639
639 hash = bat_priv->tt_local_hash; 640 hash = bat_priv->tt.local_hash;
640 641
641 for (i = 0; i < hash->size; i++) { 642 for (i = 0; i < hash->size; i++) {
642 head = &hash->table[i]; 643 head = &hash->table[i];
@@ -644,9 +645,8 @@ next:
644 rcu_read_lock(); 645 rcu_read_lock();
645 hlist_for_each_entry_rcu(tt_common_entry, node, head, 646 hlist_for_each_entry_rcu(tt_common_entry, node, head,
646 hash_entry) { 647 hash_entry) {
647 entry = (struct batadv_vis_info_entry *) 648 packet_pos = skb_put(info->skb_packet, sizeof(*entry));
648 skb_put(info->skb_packet, 649 entry = (struct batadv_vis_info_entry *)packet_pos;
649 sizeof(*entry));
650 memset(entry->src, 0, ETH_ALEN); 650 memset(entry->src, 0, ETH_ALEN);
651 memcpy(entry->dest, tt_common_entry->addr, ETH_ALEN); 651 memcpy(entry->dest, tt_common_entry->addr, ETH_ALEN);
652 entry->quality = 0; /* 0 means TT */ 652 entry->quality = 0; /* 0 means TT */
@@ -671,7 +671,7 @@ unlock:
671static void batadv_purge_vis_packets(struct batadv_priv *bat_priv) 671static void batadv_purge_vis_packets(struct batadv_priv *bat_priv)
672{ 672{
673 uint32_t i; 673 uint32_t i;
674 struct batadv_hashtable *hash = bat_priv->vis_hash; 674 struct batadv_hashtable *hash = bat_priv->vis.hash;
675 struct hlist_node *node, *node_tmp; 675 struct hlist_node *node, *node_tmp;
676 struct hlist_head *head; 676 struct hlist_head *head;
677 struct batadv_vis_info *info; 677 struct batadv_vis_info *info;
@@ -682,7 +682,7 @@ static void batadv_purge_vis_packets(struct batadv_priv *bat_priv)
682 hlist_for_each_entry_safe(info, node, node_tmp, 682 hlist_for_each_entry_safe(info, node, node_tmp,
683 head, hash_entry) { 683 head, hash_entry) {
684 /* never purge own data. */ 684 /* never purge own data. */
685 if (info == bat_priv->my_vis_info) 685 if (info == bat_priv->vis.my_info)
686 continue; 686 continue;
687 687
688 if (batadv_has_timed_out(info->first_seen, 688 if (batadv_has_timed_out(info->first_seen,
@@ -814,34 +814,36 @@ out:
814/* called from timer; send (and maybe generate) vis packet. */ 814/* called from timer; send (and maybe generate) vis packet. */
815static void batadv_send_vis_packets(struct work_struct *work) 815static void batadv_send_vis_packets(struct work_struct *work)
816{ 816{
817 struct delayed_work *delayed_work = 817 struct delayed_work *delayed_work;
818 container_of(work, struct delayed_work, work);
819 struct batadv_priv *bat_priv; 818 struct batadv_priv *bat_priv;
819 struct batadv_priv_vis *priv_vis;
820 struct batadv_vis_info *info; 820 struct batadv_vis_info *info;
821 821
822 bat_priv = container_of(delayed_work, struct batadv_priv, vis_work); 822 delayed_work = container_of(work, struct delayed_work, work);
823 spin_lock_bh(&bat_priv->vis_hash_lock); 823 priv_vis = container_of(delayed_work, struct batadv_priv_vis, work);
824 bat_priv = container_of(priv_vis, struct batadv_priv, vis);
825 spin_lock_bh(&bat_priv->vis.hash_lock);
824 batadv_purge_vis_packets(bat_priv); 826 batadv_purge_vis_packets(bat_priv);
825 827
826 if (batadv_generate_vis_packet(bat_priv) == 0) { 828 if (batadv_generate_vis_packet(bat_priv) == 0) {
827 /* schedule if generation was successful */ 829 /* schedule if generation was successful */
828 batadv_send_list_add(bat_priv, bat_priv->my_vis_info); 830 batadv_send_list_add(bat_priv, bat_priv->vis.my_info);
829 } 831 }
830 832
831 while (!list_empty(&bat_priv->vis_send_list)) { 833 while (!list_empty(&bat_priv->vis.send_list)) {
832 info = list_first_entry(&bat_priv->vis_send_list, 834 info = list_first_entry(&bat_priv->vis.send_list,
833 typeof(*info), send_list); 835 typeof(*info), send_list);
834 836
835 kref_get(&info->refcount); 837 kref_get(&info->refcount);
836 spin_unlock_bh(&bat_priv->vis_hash_lock); 838 spin_unlock_bh(&bat_priv->vis.hash_lock);
837 839
838 batadv_send_vis_packet(bat_priv, info); 840 batadv_send_vis_packet(bat_priv, info);
839 841
840 spin_lock_bh(&bat_priv->vis_hash_lock); 842 spin_lock_bh(&bat_priv->vis.hash_lock);
841 batadv_send_list_del(info); 843 batadv_send_list_del(info);
842 kref_put(&info->refcount, batadv_free_info); 844 kref_put(&info->refcount, batadv_free_info);
843 } 845 }
844 spin_unlock_bh(&bat_priv->vis_hash_lock); 846 spin_unlock_bh(&bat_priv->vis.hash_lock);
845 batadv_start_vis_timer(bat_priv); 847 batadv_start_vis_timer(bat_priv);
846} 848}
847 849
@@ -856,37 +858,37 @@ int batadv_vis_init(struct batadv_priv *bat_priv)
856 unsigned long first_seen; 858 unsigned long first_seen;
857 struct sk_buff *tmp_skb; 859 struct sk_buff *tmp_skb;
858 860
859 if (bat_priv->vis_hash) 861 if (bat_priv->vis.hash)
860 return 0; 862 return 0;
861 863
862 spin_lock_bh(&bat_priv->vis_hash_lock); 864 spin_lock_bh(&bat_priv->vis.hash_lock);
863 865
864 bat_priv->vis_hash = batadv_hash_new(256); 866 bat_priv->vis.hash = batadv_hash_new(256);
865 if (!bat_priv->vis_hash) { 867 if (!bat_priv->vis.hash) {
866 pr_err("Can't initialize vis_hash\n"); 868 pr_err("Can't initialize vis_hash\n");
867 goto err; 869 goto err;
868 } 870 }
869 871
870 bat_priv->my_vis_info = kmalloc(BATADV_MAX_VIS_PACKET_SIZE, GFP_ATOMIC); 872 bat_priv->vis.my_info = kmalloc(BATADV_MAX_VIS_PACKET_SIZE, GFP_ATOMIC);
871 if (!bat_priv->my_vis_info) 873 if (!bat_priv->vis.my_info)
872 goto err; 874 goto err;
873 875
874 len = sizeof(*packet) + BATADV_MAX_VIS_PACKET_SIZE + ETH_HLEN; 876 len = sizeof(*packet) + BATADV_MAX_VIS_PACKET_SIZE + ETH_HLEN;
875 bat_priv->my_vis_info->skb_packet = dev_alloc_skb(len); 877 bat_priv->vis.my_info->skb_packet = dev_alloc_skb(len);
876 if (!bat_priv->my_vis_info->skb_packet) 878 if (!bat_priv->vis.my_info->skb_packet)
877 goto free_info; 879 goto free_info;
878 880
879 skb_reserve(bat_priv->my_vis_info->skb_packet, ETH_HLEN); 881 skb_reserve(bat_priv->vis.my_info->skb_packet, ETH_HLEN);
880 tmp_skb = bat_priv->my_vis_info->skb_packet; 882 tmp_skb = bat_priv->vis.my_info->skb_packet;
881 packet = (struct batadv_vis_packet *)skb_put(tmp_skb, sizeof(*packet)); 883 packet = (struct batadv_vis_packet *)skb_put(tmp_skb, sizeof(*packet));
882 884
883 /* prefill the vis info */ 885 /* prefill the vis info */
884 first_seen = jiffies - msecs_to_jiffies(BATADV_VIS_INTERVAL); 886 first_seen = jiffies - msecs_to_jiffies(BATADV_VIS_INTERVAL);
885 bat_priv->my_vis_info->first_seen = first_seen; 887 bat_priv->vis.my_info->first_seen = first_seen;
886 INIT_LIST_HEAD(&bat_priv->my_vis_info->recv_list); 888 INIT_LIST_HEAD(&bat_priv->vis.my_info->recv_list);
887 INIT_LIST_HEAD(&bat_priv->my_vis_info->send_list); 889 INIT_LIST_HEAD(&bat_priv->vis.my_info->send_list);
888 kref_init(&bat_priv->my_vis_info->refcount); 890 kref_init(&bat_priv->vis.my_info->refcount);
889 bat_priv->my_vis_info->bat_priv = bat_priv; 891 bat_priv->vis.my_info->bat_priv = bat_priv;
890 packet->header.version = BATADV_COMPAT_VERSION; 892 packet->header.version = BATADV_COMPAT_VERSION;
891 packet->header.packet_type = BATADV_VIS; 893 packet->header.packet_type = BATADV_VIS;
892 packet->header.ttl = BATADV_TTL; 894 packet->header.ttl = BATADV_TTL;
@@ -894,28 +896,28 @@ int batadv_vis_init(struct batadv_priv *bat_priv)
894 packet->reserved = 0; 896 packet->reserved = 0;
895 packet->entries = 0; 897 packet->entries = 0;
896 898
897 INIT_LIST_HEAD(&bat_priv->vis_send_list); 899 INIT_LIST_HEAD(&bat_priv->vis.send_list);
898 900
899 hash_added = batadv_hash_add(bat_priv->vis_hash, batadv_vis_info_cmp, 901 hash_added = batadv_hash_add(bat_priv->vis.hash, batadv_vis_info_cmp,
900 batadv_vis_info_choose, 902 batadv_vis_info_choose,
901 bat_priv->my_vis_info, 903 bat_priv->vis.my_info,
902 &bat_priv->my_vis_info->hash_entry); 904 &bat_priv->vis.my_info->hash_entry);
903 if (hash_added != 0) { 905 if (hash_added != 0) {
904 pr_err("Can't add own vis packet into hash\n"); 906 pr_err("Can't add own vis packet into hash\n");
905 /* not in hash, need to remove it manually. */ 907 /* not in hash, need to remove it manually. */
906 kref_put(&bat_priv->my_vis_info->refcount, batadv_free_info); 908 kref_put(&bat_priv->vis.my_info->refcount, batadv_free_info);
907 goto err; 909 goto err;
908 } 910 }
909 911
910 spin_unlock_bh(&bat_priv->vis_hash_lock); 912 spin_unlock_bh(&bat_priv->vis.hash_lock);
911 batadv_start_vis_timer(bat_priv); 913 batadv_start_vis_timer(bat_priv);
912 return 0; 914 return 0;
913 915
914free_info: 916free_info:
915 kfree(bat_priv->my_vis_info); 917 kfree(bat_priv->vis.my_info);
916 bat_priv->my_vis_info = NULL; 918 bat_priv->vis.my_info = NULL;
917err: 919err:
918 spin_unlock_bh(&bat_priv->vis_hash_lock); 920 spin_unlock_bh(&bat_priv->vis.hash_lock);
919 batadv_vis_quit(bat_priv); 921 batadv_vis_quit(bat_priv);
920 return -ENOMEM; 922 return -ENOMEM;
921} 923}
@@ -933,23 +935,23 @@ static void batadv_free_info_ref(struct hlist_node *node, void *arg)
933/* shutdown vis-server */ 935/* shutdown vis-server */
934void batadv_vis_quit(struct batadv_priv *bat_priv) 936void batadv_vis_quit(struct batadv_priv *bat_priv)
935{ 937{
936 if (!bat_priv->vis_hash) 938 if (!bat_priv->vis.hash)
937 return; 939 return;
938 940
939 cancel_delayed_work_sync(&bat_priv->vis_work); 941 cancel_delayed_work_sync(&bat_priv->vis.work);
940 942
941 spin_lock_bh(&bat_priv->vis_hash_lock); 943 spin_lock_bh(&bat_priv->vis.hash_lock);
942 /* properly remove, kill timers ... */ 944 /* properly remove, kill timers ... */
943 batadv_hash_delete(bat_priv->vis_hash, batadv_free_info_ref, NULL); 945 batadv_hash_delete(bat_priv->vis.hash, batadv_free_info_ref, NULL);
944 bat_priv->vis_hash = NULL; 946 bat_priv->vis.hash = NULL;
945 bat_priv->my_vis_info = NULL; 947 bat_priv->vis.my_info = NULL;
946 spin_unlock_bh(&bat_priv->vis_hash_lock); 948 spin_unlock_bh(&bat_priv->vis.hash_lock);
947} 949}
948 950
949/* schedule packets for (re)transmission */ 951/* schedule packets for (re)transmission */
950static void batadv_start_vis_timer(struct batadv_priv *bat_priv) 952static void batadv_start_vis_timer(struct batadv_priv *bat_priv)
951{ 953{
952 INIT_DELAYED_WORK(&bat_priv->vis_work, batadv_send_vis_packets); 954 INIT_DELAYED_WORK(&bat_priv->vis.work, batadv_send_vis_packets);
953 queue_delayed_work(batadv_event_workqueue, &bat_priv->vis_work, 955 queue_delayed_work(batadv_event_workqueue, &bat_priv->vis.work,
954 msecs_to_jiffies(BATADV_VIS_INTERVAL)); 956 msecs_to_jiffies(BATADV_VIS_INTERVAL));
955} 957}
diff --git a/net/batman-adv/vis.h b/net/batman-adv/vis.h
index 84e716ed8963..873282fa86da 100644
--- a/net/batman-adv/vis.h
+++ b/net/batman-adv/vis.h
@@ -20,7 +20,7 @@
20#ifndef _NET_BATMAN_ADV_VIS_H_ 20#ifndef _NET_BATMAN_ADV_VIS_H_
21#define _NET_BATMAN_ADV_VIS_H_ 21#define _NET_BATMAN_ADV_VIS_H_
22 22
23/* timeout of vis packets in miliseconds */ 23/* timeout of vis packets in milliseconds */
24#define BATADV_VIS_TIMEOUT 200000 24#define BATADV_VIS_TIMEOUT 200000
25 25
26int batadv_vis_seq_print_text(struct seq_file *seq, void *offset); 26int batadv_vis_seq_print_text(struct seq_file *seq, void *offset);
diff --git a/net/bluetooth/a2mp.c b/net/bluetooth/a2mp.c
index 4ff0bf3ba9a5..0760d1fed6f0 100644
--- a/net/bluetooth/a2mp.c
+++ b/net/bluetooth/a2mp.c
@@ -316,7 +316,7 @@ send_rsp:
316static inline int a2mp_cmd_rsp(struct amp_mgr *mgr, struct sk_buff *skb, 316static inline int a2mp_cmd_rsp(struct amp_mgr *mgr, struct sk_buff *skb,
317 struct a2mp_cmd *hdr) 317 struct a2mp_cmd *hdr)
318{ 318{
319 BT_DBG("ident %d code %d", hdr->ident, hdr->code); 319 BT_DBG("ident %d code 0x%2.2x", hdr->ident, hdr->code);
320 320
321 skb_pull(skb, le16_to_cpu(hdr->len)); 321 skb_pull(skb, le16_to_cpu(hdr->len));
322 return 0; 322 return 0;
@@ -325,17 +325,19 @@ static inline int a2mp_cmd_rsp(struct amp_mgr *mgr, struct sk_buff *skb,
325/* Handle A2MP signalling */ 325/* Handle A2MP signalling */
326static int a2mp_chan_recv_cb(struct l2cap_chan *chan, struct sk_buff *skb) 326static int a2mp_chan_recv_cb(struct l2cap_chan *chan, struct sk_buff *skb)
327{ 327{
328 struct a2mp_cmd *hdr = (void *) skb->data; 328 struct a2mp_cmd *hdr;
329 struct amp_mgr *mgr = chan->data; 329 struct amp_mgr *mgr = chan->data;
330 int err = 0; 330 int err = 0;
331 331
332 amp_mgr_get(mgr); 332 amp_mgr_get(mgr);
333 333
334 while (skb->len >= sizeof(*hdr)) { 334 while (skb->len >= sizeof(*hdr)) {
335 struct a2mp_cmd *hdr = (void *) skb->data; 335 u16 len;
336 u16 len = le16_to_cpu(hdr->len);
337 336
338 BT_DBG("code 0x%02x id %d len %d", hdr->code, hdr->ident, len); 337 hdr = (void *) skb->data;
338 len = le16_to_cpu(hdr->len);
339
340 BT_DBG("code 0x%2.2x id %d len %u", hdr->code, hdr->ident, len);
339 341
340 skb_pull(skb, sizeof(*hdr)); 342 skb_pull(skb, sizeof(*hdr));
341 343
@@ -393,7 +395,9 @@ static int a2mp_chan_recv_cb(struct l2cap_chan *chan, struct sk_buff *skb)
393 395
394 if (err) { 396 if (err) {
395 struct a2mp_cmd_rej rej; 397 struct a2mp_cmd_rej rej;
398
396 rej.reason = __constant_cpu_to_le16(0); 399 rej.reason = __constant_cpu_to_le16(0);
400 hdr = (void *) skb->data;
397 401
398 BT_DBG("Send A2MP Rej: cmd 0x%2.2x err %d", hdr->code, err); 402 BT_DBG("Send A2MP Rej: cmd 0x%2.2x err %d", hdr->code, err);
399 403
@@ -412,7 +416,7 @@ static int a2mp_chan_recv_cb(struct l2cap_chan *chan, struct sk_buff *skb)
412 416
413static void a2mp_chan_close_cb(struct l2cap_chan *chan) 417static void a2mp_chan_close_cb(struct l2cap_chan *chan)
414{ 418{
415 l2cap_chan_destroy(chan); 419 l2cap_chan_put(chan);
416} 420}
417 421
418static void a2mp_chan_state_change_cb(struct l2cap_chan *chan, int state) 422static void a2mp_chan_state_change_cb(struct l2cap_chan *chan, int state)
diff --git a/net/bluetooth/af_bluetooth.c b/net/bluetooth/af_bluetooth.c
index f7db5792ec64..9d49ee6d7219 100644
--- a/net/bluetooth/af_bluetooth.c
+++ b/net/bluetooth/af_bluetooth.c
@@ -28,6 +28,7 @@
28#include <asm/ioctls.h> 28#include <asm/ioctls.h>
29 29
30#include <net/bluetooth/bluetooth.h> 30#include <net/bluetooth/bluetooth.h>
31#include <linux/proc_fs.h>
31 32
32#define VERSION "2.16" 33#define VERSION "2.16"
33 34
@@ -532,6 +533,144 @@ int bt_sock_wait_state(struct sock *sk, int state, unsigned long timeo)
532} 533}
533EXPORT_SYMBOL(bt_sock_wait_state); 534EXPORT_SYMBOL(bt_sock_wait_state);
534 535
536#ifdef CONFIG_PROC_FS
537struct bt_seq_state {
538 struct bt_sock_list *l;
539};
540
541static void *bt_seq_start(struct seq_file *seq, loff_t *pos)
542 __acquires(seq->private->l->lock)
543{
544 struct bt_seq_state *s = seq->private;
545 struct bt_sock_list *l = s->l;
546
547 read_lock(&l->lock);
548 return seq_hlist_start_head(&l->head, *pos);
549}
550
551static void *bt_seq_next(struct seq_file *seq, void *v, loff_t *pos)
552{
553 struct bt_seq_state *s = seq->private;
554 struct bt_sock_list *l = s->l;
555
556 return seq_hlist_next(v, &l->head, pos);
557}
558
559static void bt_seq_stop(struct seq_file *seq, void *v)
560 __releases(seq->private->l->lock)
561{
562 struct bt_seq_state *s = seq->private;
563 struct bt_sock_list *l = s->l;
564
565 read_unlock(&l->lock);
566}
567
568static int bt_seq_show(struct seq_file *seq, void *v)
569{
570 struct bt_seq_state *s = seq->private;
571 struct bt_sock_list *l = s->l;
572 bdaddr_t src_baswapped, dst_baswapped;
573
574 if (v == SEQ_START_TOKEN) {
575 seq_puts(seq ,"sk RefCnt Rmem Wmem User Inode Src Dst Parent");
576
577 if (l->custom_seq_show) {
578 seq_putc(seq, ' ');
579 l->custom_seq_show(seq, v);
580 }
581
582 seq_putc(seq, '\n');
583 } else {
584 struct sock *sk = sk_entry(v);
585 struct bt_sock *bt = bt_sk(sk);
586 baswap(&src_baswapped, &bt->src);
587 baswap(&dst_baswapped, &bt->dst);
588
589 seq_printf(seq, "%pK %-6d %-6u %-6u %-6u %-6lu %pM %pM %-6lu",
590 sk,
591 atomic_read(&sk->sk_refcnt),
592 sk_rmem_alloc_get(sk),
593 sk_wmem_alloc_get(sk),
594 sock_i_uid(sk),
595 sock_i_ino(sk),
596 &src_baswapped,
597 &dst_baswapped,
598 bt->parent? sock_i_ino(bt->parent): 0LU);
599
600 if (l->custom_seq_show) {
601 seq_putc(seq, ' ');
602 l->custom_seq_show(seq, v);
603 }
604
605 seq_putc(seq, '\n');
606 }
607 return 0;
608}
609
610static struct seq_operations bt_seq_ops = {
611 .start = bt_seq_start,
612 .next = bt_seq_next,
613 .stop = bt_seq_stop,
614 .show = bt_seq_show,
615};
616
617static int bt_seq_open(struct inode *inode, struct file *file)
618{
619 struct bt_sock_list *sk_list;
620 struct bt_seq_state *s;
621
622 sk_list = PDE(inode)->data;
623 s = __seq_open_private(file, &bt_seq_ops,
624 sizeof(struct bt_seq_state));
625 if (!s)
626 return -ENOMEM;
627
628 s->l = sk_list;
629 return 0;
630}
631
632int bt_procfs_init(struct module* module, struct net *net, const char *name,
633 struct bt_sock_list* sk_list,
634 int (* seq_show)(struct seq_file *, void *))
635{
636 struct proc_dir_entry * pde;
637
638 sk_list->custom_seq_show = seq_show;
639
640 sk_list->fops.owner = module;
641 sk_list->fops.open = bt_seq_open;
642 sk_list->fops.read = seq_read;
643 sk_list->fops.llseek = seq_lseek;
644 sk_list->fops.release = seq_release_private;
645
646 pde = proc_net_fops_create(net, name, 0, &sk_list->fops);
647 if (!pde)
648 return -ENOMEM;
649
650 pde->data = sk_list;
651
652 return 0;
653}
654
655void bt_procfs_cleanup(struct net *net, const char *name)
656{
657 proc_net_remove(net, name);
658}
659#else
660int bt_procfs_init(struct module* module, struct net *net, const char *name,
661 struct bt_sock_list* sk_list,
662 int (* seq_show)(struct seq_file *, void *))
663{
664 return 0;
665}
666
667void bt_procfs_cleanup(struct net *net, const char *name)
668{
669}
670#endif
671EXPORT_SYMBOL(bt_procfs_init);
672EXPORT_SYMBOL(bt_procfs_cleanup);
673
535static struct net_proto_family bt_sock_family_ops = { 674static struct net_proto_family bt_sock_family_ops = {
536 .owner = THIS_MODULE, 675 .owner = THIS_MODULE,
537 .family = PF_BLUETOOTH, 676 .family = PF_BLUETOOTH,
diff --git a/net/bluetooth/bnep/sock.c b/net/bluetooth/bnep/sock.c
index 1eaacf10d19d..e7154a58465f 100644
--- a/net/bluetooth/bnep/sock.c
+++ b/net/bluetooth/bnep/sock.c
@@ -29,6 +29,10 @@
29 29
30#include "bnep.h" 30#include "bnep.h"
31 31
32static struct bt_sock_list bnep_sk_list = {
33 .lock = __RW_LOCK_UNLOCKED(bnep_sk_list.lock)
34};
35
32static int bnep_sock_release(struct socket *sock) 36static int bnep_sock_release(struct socket *sock)
33{ 37{
34 struct sock *sk = sock->sk; 38 struct sock *sk = sock->sk;
@@ -38,6 +42,8 @@ static int bnep_sock_release(struct socket *sock)
38 if (!sk) 42 if (!sk)
39 return 0; 43 return 0;
40 44
45 bt_sock_unlink(&bnep_sk_list, sk);
46
41 sock_orphan(sk); 47 sock_orphan(sk);
42 sock_put(sk); 48 sock_put(sk);
43 return 0; 49 return 0;
@@ -204,6 +210,7 @@ static int bnep_sock_create(struct net *net, struct socket *sock, int protocol,
204 sk->sk_protocol = protocol; 210 sk->sk_protocol = protocol;
205 sk->sk_state = BT_OPEN; 211 sk->sk_state = BT_OPEN;
206 212
213 bt_sock_link(&bnep_sk_list, sk);
207 return 0; 214 return 0;
208} 215}
209 216
@@ -222,19 +229,30 @@ int __init bnep_sock_init(void)
222 return err; 229 return err;
223 230
224 err = bt_sock_register(BTPROTO_BNEP, &bnep_sock_family_ops); 231 err = bt_sock_register(BTPROTO_BNEP, &bnep_sock_family_ops);
225 if (err < 0) 232 if (err < 0) {
233 BT_ERR("Can't register BNEP socket");
226 goto error; 234 goto error;
235 }
236
237 err = bt_procfs_init(THIS_MODULE, &init_net, "bnep", &bnep_sk_list, NULL);
238 if (err < 0) {
239 BT_ERR("Failed to create BNEP proc file");
240 bt_sock_unregister(BTPROTO_BNEP);
241 goto error;
242 }
243
244 BT_INFO("BNEP socket layer initialized");
227 245
228 return 0; 246 return 0;
229 247
230error: 248error:
231 BT_ERR("Can't register BNEP socket");
232 proto_unregister(&bnep_proto); 249 proto_unregister(&bnep_proto);
233 return err; 250 return err;
234} 251}
235 252
236void __exit bnep_sock_cleanup(void) 253void __exit bnep_sock_cleanup(void)
237{ 254{
255 bt_procfs_cleanup(&init_net, "bnep");
238 if (bt_sock_unregister(BTPROTO_BNEP) < 0) 256 if (bt_sock_unregister(BTPROTO_BNEP) < 0)
239 BT_ERR("Can't unregister BNEP socket"); 257 BT_ERR("Can't unregister BNEP socket");
240 258
diff --git a/net/bluetooth/cmtp/sock.c b/net/bluetooth/cmtp/sock.c
index 32dc83dcb6b2..aacb802d1ee4 100644
--- a/net/bluetooth/cmtp/sock.c
+++ b/net/bluetooth/cmtp/sock.c
@@ -42,6 +42,10 @@
42 42
43#include "cmtp.h" 43#include "cmtp.h"
44 44
45static struct bt_sock_list cmtp_sk_list = {
46 .lock = __RW_LOCK_UNLOCKED(cmtp_sk_list.lock)
47};
48
45static int cmtp_sock_release(struct socket *sock) 49static int cmtp_sock_release(struct socket *sock)
46{ 50{
47 struct sock *sk = sock->sk; 51 struct sock *sk = sock->sk;
@@ -51,6 +55,8 @@ static int cmtp_sock_release(struct socket *sock)
51 if (!sk) 55 if (!sk)
52 return 0; 56 return 0;
53 57
58 bt_sock_unlink(&cmtp_sk_list, sk);
59
54 sock_orphan(sk); 60 sock_orphan(sk);
55 sock_put(sk); 61 sock_put(sk);
56 62
@@ -214,6 +220,8 @@ static int cmtp_sock_create(struct net *net, struct socket *sock, int protocol,
214 sk->sk_protocol = protocol; 220 sk->sk_protocol = protocol;
215 sk->sk_state = BT_OPEN; 221 sk->sk_state = BT_OPEN;
216 222
223 bt_sock_link(&cmtp_sk_list, sk);
224
217 return 0; 225 return 0;
218} 226}
219 227
@@ -232,19 +240,30 @@ int cmtp_init_sockets(void)
232 return err; 240 return err;
233 241
234 err = bt_sock_register(BTPROTO_CMTP, &cmtp_sock_family_ops); 242 err = bt_sock_register(BTPROTO_CMTP, &cmtp_sock_family_ops);
235 if (err < 0) 243 if (err < 0) {
244 BT_ERR("Can't register CMTP socket");
236 goto error; 245 goto error;
246 }
247
248 err = bt_procfs_init(THIS_MODULE, &init_net, "cmtp", &cmtp_sk_list, NULL);
249 if (err < 0) {
250 BT_ERR("Failed to create CMTP proc file");
251 bt_sock_unregister(BTPROTO_HIDP);
252 goto error;
253 }
254
255 BT_INFO("CMTP socket layer initialized");
237 256
238 return 0; 257 return 0;
239 258
240error: 259error:
241 BT_ERR("Can't register CMTP socket");
242 proto_unregister(&cmtp_proto); 260 proto_unregister(&cmtp_proto);
243 return err; 261 return err;
244} 262}
245 263
246void cmtp_cleanup_sockets(void) 264void cmtp_cleanup_sockets(void)
247{ 265{
266 bt_procfs_cleanup(&init_net, "cmtp");
248 if (bt_sock_unregister(BTPROTO_CMTP) < 0) 267 if (bt_sock_unregister(BTPROTO_CMTP) < 0)
249 BT_ERR("Can't unregister CMTP socket"); 268 BT_ERR("Can't unregister CMTP socket");
250 269
diff --git a/net/bluetooth/hci_conn.c b/net/bluetooth/hci_conn.c
index 3c094e78dde9..b9196a44f759 100644
--- a/net/bluetooth/hci_conn.c
+++ b/net/bluetooth/hci_conn.c
@@ -31,7 +31,7 @@
31#include <net/bluetooth/a2mp.h> 31#include <net/bluetooth/a2mp.h>
32#include <net/bluetooth/smp.h> 32#include <net/bluetooth/smp.h>
33 33
34static void hci_le_connect(struct hci_conn *conn) 34static void hci_le_create_connection(struct hci_conn *conn)
35{ 35{
36 struct hci_dev *hdev = conn->hdev; 36 struct hci_dev *hdev = conn->hdev;
37 struct hci_cp_le_create_conn cp; 37 struct hci_cp_le_create_conn cp;
@@ -55,12 +55,12 @@ static void hci_le_connect(struct hci_conn *conn)
55 hci_send_cmd(hdev, HCI_OP_LE_CREATE_CONN, sizeof(cp), &cp); 55 hci_send_cmd(hdev, HCI_OP_LE_CREATE_CONN, sizeof(cp), &cp);
56} 56}
57 57
58static void hci_le_connect_cancel(struct hci_conn *conn) 58static void hci_le_create_connection_cancel(struct hci_conn *conn)
59{ 59{
60 hci_send_cmd(conn->hdev, HCI_OP_LE_CREATE_CONN_CANCEL, 0, NULL); 60 hci_send_cmd(conn->hdev, HCI_OP_LE_CREATE_CONN_CANCEL, 0, NULL);
61} 61}
62 62
63void hci_acl_connect(struct hci_conn *conn) 63static void hci_acl_create_connection(struct hci_conn *conn)
64{ 64{
65 struct hci_dev *hdev = conn->hdev; 65 struct hci_dev *hdev = conn->hdev;
66 struct inquiry_entry *ie; 66 struct inquiry_entry *ie;
@@ -104,7 +104,7 @@ void hci_acl_connect(struct hci_conn *conn)
104 hci_send_cmd(hdev, HCI_OP_CREATE_CONN, sizeof(cp), &cp); 104 hci_send_cmd(hdev, HCI_OP_CREATE_CONN, sizeof(cp), &cp);
105} 105}
106 106
107static void hci_acl_connect_cancel(struct hci_conn *conn) 107static void hci_acl_create_connection_cancel(struct hci_conn *conn)
108{ 108{
109 struct hci_cp_create_conn_cancel cp; 109 struct hci_cp_create_conn_cancel cp;
110 110
@@ -130,7 +130,7 @@ void hci_acl_disconn(struct hci_conn *conn, __u8 reason)
130 hci_send_cmd(conn->hdev, HCI_OP_DISCONNECT, sizeof(cp), &cp); 130 hci_send_cmd(conn->hdev, HCI_OP_DISCONNECT, sizeof(cp), &cp);
131} 131}
132 132
133void hci_add_sco(struct hci_conn *conn, __u16 handle) 133static void hci_add_sco(struct hci_conn *conn, __u16 handle)
134{ 134{
135 struct hci_dev *hdev = conn->hdev; 135 struct hci_dev *hdev = conn->hdev;
136 struct hci_cp_add_sco cp; 136 struct hci_cp_add_sco cp;
@@ -246,9 +246,9 @@ static void hci_conn_timeout(struct work_struct *work)
246 case BT_CONNECT2: 246 case BT_CONNECT2:
247 if (conn->out) { 247 if (conn->out) {
248 if (conn->type == ACL_LINK) 248 if (conn->type == ACL_LINK)
249 hci_acl_connect_cancel(conn); 249 hci_acl_create_connection_cancel(conn);
250 else if (conn->type == LE_LINK) 250 else if (conn->type == LE_LINK)
251 hci_le_connect_cancel(conn); 251 hci_le_create_connection_cancel(conn);
252 } 252 }
253 break; 253 break;
254 case BT_CONFIG: 254 case BT_CONFIG:
@@ -471,40 +471,37 @@ struct hci_dev *hci_get_route(bdaddr_t *dst, bdaddr_t *src)
471} 471}
472EXPORT_SYMBOL(hci_get_route); 472EXPORT_SYMBOL(hci_get_route);
473 473
474/* Create SCO, ACL or LE connection. 474static struct hci_conn *hci_connect_le(struct hci_dev *hdev, bdaddr_t *dst,
475 * Device _must_ be locked */ 475 u8 dst_type, u8 sec_level, u8 auth_type)
476struct hci_conn *hci_connect(struct hci_dev *hdev, int type, bdaddr_t *dst,
477 __u8 dst_type, __u8 sec_level, __u8 auth_type)
478{ 476{
479 struct hci_conn *acl;
480 struct hci_conn *sco;
481 struct hci_conn *le; 477 struct hci_conn *le;
482 478
483 BT_DBG("%s dst %s", hdev->name, batostr(dst)); 479 le = hci_conn_hash_lookup_ba(hdev, LE_LINK, dst);
480 if (!le) {
481 le = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
482 if (le)
483 return ERR_PTR(-EBUSY);
484 484
485 if (type == LE_LINK) { 485 le = hci_conn_add(hdev, LE_LINK, dst);
486 le = hci_conn_hash_lookup_ba(hdev, LE_LINK, dst); 486 if (!le)
487 if (!le) { 487 return ERR_PTR(-ENOMEM);
488 le = hci_conn_hash_lookup_state(hdev, LE_LINK,
489 BT_CONNECT);
490 if (le)
491 return ERR_PTR(-EBUSY);
492 488
493 le = hci_conn_add(hdev, LE_LINK, dst); 489 le->dst_type = bdaddr_to_le(dst_type);
494 if (!le) 490 hci_le_create_connection(le);
495 return ERR_PTR(-ENOMEM); 491 }
496 492
497 le->dst_type = bdaddr_to_le(dst_type); 493 le->pending_sec_level = sec_level;
498 hci_le_connect(le); 494 le->auth_type = auth_type;
499 }
500 495
501 le->pending_sec_level = sec_level; 496 hci_conn_hold(le);
502 le->auth_type = auth_type;
503 497
504 hci_conn_hold(le); 498 return le;
499}
505 500
506 return le; 501static struct hci_conn *hci_connect_acl(struct hci_dev *hdev, bdaddr_t *dst,
507 } 502 u8 sec_level, u8 auth_type)
503{
504 struct hci_conn *acl;
508 505
509 acl = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst); 506 acl = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst);
510 if (!acl) { 507 if (!acl) {
@@ -519,10 +516,20 @@ struct hci_conn *hci_connect(struct hci_dev *hdev, int type, bdaddr_t *dst,
519 acl->sec_level = BT_SECURITY_LOW; 516 acl->sec_level = BT_SECURITY_LOW;
520 acl->pending_sec_level = sec_level; 517 acl->pending_sec_level = sec_level;
521 acl->auth_type = auth_type; 518 acl->auth_type = auth_type;
522 hci_acl_connect(acl); 519 hci_acl_create_connection(acl);
523 } 520 }
524 521
525 if (type == ACL_LINK) 522 return acl;
523}
524
525static struct hci_conn *hci_connect_sco(struct hci_dev *hdev, int type,
526 bdaddr_t *dst, u8 sec_level, u8 auth_type)
527{
528 struct hci_conn *acl;
529 struct hci_conn *sco;
530
531 acl = hci_connect_acl(hdev, dst, sec_level, auth_type);
532 if (IS_ERR(acl))
526 return acl; 533 return acl;
527 534
528 sco = hci_conn_hash_lookup_ba(hdev, type, dst); 535 sco = hci_conn_hash_lookup_ba(hdev, type, dst);
@@ -556,6 +563,25 @@ struct hci_conn *hci_connect(struct hci_dev *hdev, int type, bdaddr_t *dst,
556 return sco; 563 return sco;
557} 564}
558 565
566/* Create SCO, ACL or LE connection. */
567struct hci_conn *hci_connect(struct hci_dev *hdev, int type, bdaddr_t *dst,
568 __u8 dst_type, __u8 sec_level, __u8 auth_type)
569{
570 BT_DBG("%s dst %s type 0x%x", hdev->name, batostr(dst), type);
571
572 switch (type) {
573 case LE_LINK:
574 return hci_connect_le(hdev, dst, dst_type, sec_level, auth_type);
575 case ACL_LINK:
576 return hci_connect_acl(hdev, dst, sec_level, auth_type);
577 case SCO_LINK:
578 case ESCO_LINK:
579 return hci_connect_sco(hdev, type, dst, sec_level, auth_type);
580 }
581
582 return ERR_PTR(-EINVAL);
583}
584
559/* Check link security requirement */ 585/* Check link security requirement */
560int hci_conn_check_link_mode(struct hci_conn *conn) 586int hci_conn_check_link_mode(struct hci_conn *conn)
561{ 587{
@@ -775,7 +801,7 @@ void hci_conn_check_pending(struct hci_dev *hdev)
775 801
776 conn = hci_conn_hash_lookup_state(hdev, ACL_LINK, BT_CONNECT2); 802 conn = hci_conn_hash_lookup_state(hdev, ACL_LINK, BT_CONNECT2);
777 if (conn) 803 if (conn)
778 hci_acl_connect(conn); 804 hci_acl_create_connection(conn);
779 805
780 hci_dev_unlock(hdev); 806 hci_dev_unlock(hdev);
781} 807}
@@ -913,7 +939,7 @@ struct hci_chan *hci_chan_create(struct hci_conn *conn)
913 return chan; 939 return chan;
914} 940}
915 941
916int hci_chan_del(struct hci_chan *chan) 942void hci_chan_del(struct hci_chan *chan)
917{ 943{
918 struct hci_conn *conn = chan->conn; 944 struct hci_conn *conn = chan->conn;
919 struct hci_dev *hdev = conn->hdev; 945 struct hci_dev *hdev = conn->hdev;
@@ -926,8 +952,6 @@ int hci_chan_del(struct hci_chan *chan)
926 952
927 skb_queue_purge(&chan->data_q); 953 skb_queue_purge(&chan->data_q);
928 kfree(chan); 954 kfree(chan);
929
930 return 0;
931} 955}
932 956
933void hci_chan_list_flush(struct hci_conn *conn) 957void hci_chan_list_flush(struct hci_conn *conn)
diff --git a/net/bluetooth/hci_core.c b/net/bluetooth/hci_core.c
index 0b997c8f9655..8a0ce706aebd 100644
--- a/net/bluetooth/hci_core.c
+++ b/net/bluetooth/hci_core.c
@@ -231,6 +231,9 @@ static void amp_init(struct hci_dev *hdev)
231 231
232 /* Read Local AMP Info */ 232 /* Read Local AMP Info */
233 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_AMP_INFO, 0, NULL); 233 hci_send_cmd(hdev, HCI_OP_READ_LOCAL_AMP_INFO, 0, NULL);
234
235 /* Read Data Blk size */
236 hci_send_cmd(hdev, HCI_OP_READ_DATA_BLOCK_SIZE, 0, NULL);
234} 237}
235 238
236static void hci_init_req(struct hci_dev *hdev, unsigned long opt) 239static void hci_init_req(struct hci_dev *hdev, unsigned long opt)
@@ -268,7 +271,6 @@ static void hci_init_req(struct hci_dev *hdev, unsigned long opt)
268 BT_ERR("Unknown device type %d", hdev->dev_type); 271 BT_ERR("Unknown device type %d", hdev->dev_type);
269 break; 272 break;
270 } 273 }
271
272} 274}
273 275
274static void hci_le_init_req(struct hci_dev *hdev, unsigned long opt) 276static void hci_le_init_req(struct hci_dev *hdev, unsigned long opt)
@@ -696,7 +698,8 @@ int hci_dev_open(__u16 dev)
696 hci_dev_hold(hdev); 698 hci_dev_hold(hdev);
697 set_bit(HCI_UP, &hdev->flags); 699 set_bit(HCI_UP, &hdev->flags);
698 hci_notify(hdev, HCI_DEV_UP); 700 hci_notify(hdev, HCI_DEV_UP);
699 if (!test_bit(HCI_SETUP, &hdev->dev_flags)) { 701 if (!test_bit(HCI_SETUP, &hdev->dev_flags) &&
702 mgmt_valid_hdev(hdev)) {
700 hci_dev_lock(hdev); 703 hci_dev_lock(hdev);
701 mgmt_powered(hdev, 1); 704 mgmt_powered(hdev, 1);
702 hci_dev_unlock(hdev); 705 hci_dev_unlock(hdev);
@@ -799,7 +802,8 @@ static int hci_dev_do_close(struct hci_dev *hdev)
799 * and no tasks are scheduled. */ 802 * and no tasks are scheduled. */
800 hdev->close(hdev); 803 hdev->close(hdev);
801 804
802 if (!test_and_clear_bit(HCI_AUTO_OFF, &hdev->dev_flags)) { 805 if (!test_and_clear_bit(HCI_AUTO_OFF, &hdev->dev_flags) &&
806 mgmt_valid_hdev(hdev)) {
803 hci_dev_lock(hdev); 807 hci_dev_lock(hdev);
804 mgmt_powered(hdev, 0); 808 mgmt_powered(hdev, 0);
805 hci_dev_unlock(hdev); 809 hci_dev_unlock(hdev);
@@ -1652,6 +1656,7 @@ struct hci_dev *hci_alloc_dev(void)
1652 INIT_LIST_HEAD(&hdev->link_keys); 1656 INIT_LIST_HEAD(&hdev->link_keys);
1653 INIT_LIST_HEAD(&hdev->long_term_keys); 1657 INIT_LIST_HEAD(&hdev->long_term_keys);
1654 INIT_LIST_HEAD(&hdev->remote_oob_data); 1658 INIT_LIST_HEAD(&hdev->remote_oob_data);
1659 INIT_LIST_HEAD(&hdev->conn_hash.list);
1655 1660
1656 INIT_WORK(&hdev->rx_work, hci_rx_work); 1661 INIT_WORK(&hdev->rx_work, hci_rx_work);
1657 INIT_WORK(&hdev->cmd_work, hci_cmd_work); 1662 INIT_WORK(&hdev->cmd_work, hci_cmd_work);
@@ -1674,7 +1679,6 @@ struct hci_dev *hci_alloc_dev(void)
1674 1679
1675 hci_init_sysfs(hdev); 1680 hci_init_sysfs(hdev);
1676 discovery_init(hdev); 1681 discovery_init(hdev);
1677 hci_conn_hash_init(hdev);
1678 1682
1679 return hdev; 1683 return hdev;
1680} 1684}
diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
index 715d7e33fba0..2022b43c7353 100644
--- a/net/bluetooth/hci_event.c
+++ b/net/bluetooth/hci_event.c
@@ -29,6 +29,7 @@
29 29
30#include <net/bluetooth/bluetooth.h> 30#include <net/bluetooth/bluetooth.h>
31#include <net/bluetooth/hci_core.h> 31#include <net/bluetooth/hci_core.h>
32#include <net/bluetooth/mgmt.h>
32 33
33/* Handle HCI Event packets */ 34/* Handle HCI Event packets */
34 35
@@ -303,7 +304,7 @@ static void hci_cc_write_scan_enable(struct hci_dev *hdev, struct sk_buff *skb)
303 304
304 hci_dev_lock(hdev); 305 hci_dev_lock(hdev);
305 306
306 if (status != 0) { 307 if (status) {
307 mgmt_write_scan_failed(hdev, param, status); 308 mgmt_write_scan_failed(hdev, param, status);
308 hdev->discov_timeout = 0; 309 hdev->discov_timeout = 0;
309 goto done; 310 goto done;
@@ -513,7 +514,7 @@ static void hci_setup_event_mask(struct hci_dev *hdev)
513 if (hdev->features[3] & LMP_RSSI_INQ) 514 if (hdev->features[3] & LMP_RSSI_INQ)
514 events[4] |= 0x02; /* Inquiry Result with RSSI */ 515 events[4] |= 0x02; /* Inquiry Result with RSSI */
515 516
516 if (hdev->features[5] & LMP_SNIFF_SUBR) 517 if (lmp_sniffsubr_capable(hdev))
517 events[5] |= 0x20; /* Sniff Subrating */ 518 events[5] |= 0x20; /* Sniff Subrating */
518 519
519 if (hdev->features[5] & LMP_PAUSE_ENC) 520 if (hdev->features[5] & LMP_PAUSE_ENC)
@@ -522,13 +523,13 @@ static void hci_setup_event_mask(struct hci_dev *hdev)
522 if (hdev->features[6] & LMP_EXT_INQ) 523 if (hdev->features[6] & LMP_EXT_INQ)
523 events[5] |= 0x40; /* Extended Inquiry Result */ 524 events[5] |= 0x40; /* Extended Inquiry Result */
524 525
525 if (hdev->features[6] & LMP_NO_FLUSH) 526 if (lmp_no_flush_capable(hdev))
526 events[7] |= 0x01; /* Enhanced Flush Complete */ 527 events[7] |= 0x01; /* Enhanced Flush Complete */
527 528
528 if (hdev->features[7] & LMP_LSTO) 529 if (hdev->features[7] & LMP_LSTO)
529 events[6] |= 0x80; /* Link Supervision Timeout Changed */ 530 events[6] |= 0x80; /* Link Supervision Timeout Changed */
530 531
531 if (hdev->features[6] & LMP_SIMPLE_PAIR) { 532 if (lmp_ssp_capable(hdev)) {
532 events[6] |= 0x01; /* IO Capability Request */ 533 events[6] |= 0x01; /* IO Capability Request */
533 events[6] |= 0x02; /* IO Capability Response */ 534 events[6] |= 0x02; /* IO Capability Response */
534 events[6] |= 0x04; /* User Confirmation Request */ 535 events[6] |= 0x04; /* User Confirmation Request */
@@ -541,7 +542,7 @@ static void hci_setup_event_mask(struct hci_dev *hdev)
541 * Features Notification */ 542 * Features Notification */
542 } 543 }
543 544
544 if (hdev->features[4] & LMP_LE) 545 if (lmp_le_capable(hdev))
545 events[7] |= 0x20; /* LE Meta-Event */ 546 events[7] |= 0x20; /* LE Meta-Event */
546 547
547 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events); 548 hci_send_cmd(hdev, HCI_OP_SET_EVENT_MASK, sizeof(events), events);
@@ -623,11 +624,11 @@ static void hci_setup_link_policy(struct hci_dev *hdev)
623 struct hci_cp_write_def_link_policy cp; 624 struct hci_cp_write_def_link_policy cp;
624 u16 link_policy = 0; 625 u16 link_policy = 0;
625 626
626 if (hdev->features[0] & LMP_RSWITCH) 627 if (lmp_rswitch_capable(hdev))
627 link_policy |= HCI_LP_RSWITCH; 628 link_policy |= HCI_LP_RSWITCH;
628 if (hdev->features[0] & LMP_HOLD) 629 if (hdev->features[0] & LMP_HOLD)
629 link_policy |= HCI_LP_HOLD; 630 link_policy |= HCI_LP_HOLD;
630 if (hdev->features[0] & LMP_SNIFF) 631 if (lmp_sniff_capable(hdev))
631 link_policy |= HCI_LP_SNIFF; 632 link_policy |= HCI_LP_SNIFF;
632 if (hdev->features[1] & LMP_PARK) 633 if (hdev->features[1] & LMP_PARK)
633 link_policy |= HCI_LP_PARK; 634 link_policy |= HCI_LP_PARK;
@@ -686,7 +687,7 @@ static void hci_cc_read_local_features(struct hci_dev *hdev,
686 hdev->esco_type |= (ESCO_HV3); 687 hdev->esco_type |= (ESCO_HV3);
687 } 688 }
688 689
689 if (hdev->features[3] & LMP_ESCO) 690 if (lmp_esco_capable(hdev))
690 hdev->esco_type |= (ESCO_EV3); 691 hdev->esco_type |= (ESCO_EV3);
691 692
692 if (hdev->features[4] & LMP_EV4) 693 if (hdev->features[4] & LMP_EV4)
@@ -746,7 +747,7 @@ static void hci_cc_read_local_ext_features(struct hci_dev *hdev,
746 break; 747 break;
747 } 748 }
748 749
749 if (test_bit(HCI_INIT, &hdev->flags) && hdev->features[4] & LMP_LE) 750 if (test_bit(HCI_INIT, &hdev->flags) && lmp_le_capable(hdev))
750 hci_set_le_support(hdev); 751 hci_set_le_support(hdev);
751 752
752done: 753done:
@@ -925,7 +926,7 @@ static void hci_cc_pin_code_reply(struct hci_dev *hdev, struct sk_buff *skb)
925 if (test_bit(HCI_MGMT, &hdev->dev_flags)) 926 if (test_bit(HCI_MGMT, &hdev->dev_flags))
926 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status); 927 mgmt_pin_code_reply_complete(hdev, &rp->bdaddr, rp->status);
927 928
928 if (rp->status != 0) 929 if (rp->status)
929 goto unlock; 930 goto unlock;
930 931
931 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY); 932 cp = hci_sent_cmd_data(hdev, HCI_OP_PIN_CODE_REPLY);
@@ -1625,43 +1626,30 @@ static void hci_cs_disconnect(struct hci_dev *hdev, u8 status)
1625 1626
1626static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status) 1627static void hci_cs_le_create_conn(struct hci_dev *hdev, __u8 status)
1627{ 1628{
1628 struct hci_cp_le_create_conn *cp;
1629 struct hci_conn *conn; 1629 struct hci_conn *conn;
1630 1630
1631 BT_DBG("%s status 0x%2.2x", hdev->name, status); 1631 BT_DBG("%s status 0x%2.2x", hdev->name, status);
1632 1632
1633 cp = hci_sent_cmd_data(hdev, HCI_OP_LE_CREATE_CONN); 1633 if (status) {
1634 if (!cp) 1634 hci_dev_lock(hdev);
1635 return;
1636 1635
1637 hci_dev_lock(hdev); 1636 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
1637 if (!conn) {
1638 hci_dev_unlock(hdev);
1639 return;
1640 }
1638 1641
1639 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &cp->peer_addr); 1642 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&conn->dst),
1643 conn);
1640 1644
1641 BT_DBG("%s bdaddr %s conn %p", hdev->name, batostr(&cp->peer_addr), 1645 conn->state = BT_CLOSED;
1642 conn); 1646 mgmt_connect_failed(hdev, &conn->dst, conn->type,
1647 conn->dst_type, status);
1648 hci_proto_connect_cfm(conn, status);
1649 hci_conn_del(conn);
1643 1650
1644 if (status) { 1651 hci_dev_unlock(hdev);
1645 if (conn && conn->state == BT_CONNECT) {
1646 conn->state = BT_CLOSED;
1647 mgmt_connect_failed(hdev, &cp->peer_addr, conn->type,
1648 conn->dst_type, status);
1649 hci_proto_connect_cfm(conn, status);
1650 hci_conn_del(conn);
1651 }
1652 } else {
1653 if (!conn) {
1654 conn = hci_conn_add(hdev, LE_LINK, &cp->peer_addr);
1655 if (conn) {
1656 conn->dst_type = cp->peer_addr_type;
1657 conn->out = true;
1658 } else {
1659 BT_ERR("No memory for new connection");
1660 }
1661 }
1662 } 1652 }
1663
1664 hci_dev_unlock(hdev);
1665} 1653}
1666 1654
1667static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status) 1655static void hci_cs_le_start_enc(struct hci_dev *hdev, u8 status)
@@ -1904,6 +1892,22 @@ static void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
1904 } 1892 }
1905} 1893}
1906 1894
1895static u8 hci_to_mgmt_reason(u8 err)
1896{
1897 switch (err) {
1898 case HCI_ERROR_CONNECTION_TIMEOUT:
1899 return MGMT_DEV_DISCONN_TIMEOUT;
1900 case HCI_ERROR_REMOTE_USER_TERM:
1901 case HCI_ERROR_REMOTE_LOW_RESOURCES:
1902 case HCI_ERROR_REMOTE_POWER_OFF:
1903 return MGMT_DEV_DISCONN_REMOTE;
1904 case HCI_ERROR_LOCAL_HOST_TERM:
1905 return MGMT_DEV_DISCONN_LOCAL_HOST;
1906 default:
1907 return MGMT_DEV_DISCONN_UNKNOWN;
1908 }
1909}
1910
1907static void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 1911static void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1908{ 1912{
1909 struct hci_ev_disconn_complete *ev = (void *) skb->data; 1913 struct hci_ev_disconn_complete *ev = (void *) skb->data;
@@ -1922,12 +1926,15 @@ static void hci_disconn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
1922 1926
1923 if (test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags) && 1927 if (test_and_clear_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags) &&
1924 (conn->type == ACL_LINK || conn->type == LE_LINK)) { 1928 (conn->type == ACL_LINK || conn->type == LE_LINK)) {
1925 if (ev->status != 0) 1929 if (ev->status) {
1926 mgmt_disconnect_failed(hdev, &conn->dst, conn->type, 1930 mgmt_disconnect_failed(hdev, &conn->dst, conn->type,
1927 conn->dst_type, ev->status); 1931 conn->dst_type, ev->status);
1928 else 1932 } else {
1933 u8 reason = hci_to_mgmt_reason(ev->reason);
1934
1929 mgmt_device_disconnected(hdev, &conn->dst, conn->type, 1935 mgmt_device_disconnected(hdev, &conn->dst, conn->type,
1930 conn->dst_type); 1936 conn->dst_type, reason);
1937 }
1931 } 1938 }
1932 1939
1933 if (ev->status == 0) { 1940 if (ev->status == 0) {
@@ -3268,12 +3275,67 @@ static void hci_user_passkey_request_evt(struct hci_dev *hdev,
3268 3275
3269 BT_DBG("%s", hdev->name); 3276 BT_DBG("%s", hdev->name);
3270 3277
3271 hci_dev_lock(hdev);
3272
3273 if (test_bit(HCI_MGMT, &hdev->dev_flags)) 3278 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3274 mgmt_user_passkey_request(hdev, &ev->bdaddr, ACL_LINK, 0); 3279 mgmt_user_passkey_request(hdev, &ev->bdaddr, ACL_LINK, 0);
3280}
3275 3281
3276 hci_dev_unlock(hdev); 3282static void hci_user_passkey_notify_evt(struct hci_dev *hdev,
3283 struct sk_buff *skb)
3284{
3285 struct hci_ev_user_passkey_notify *ev = (void *) skb->data;
3286 struct hci_conn *conn;
3287
3288 BT_DBG("%s", hdev->name);
3289
3290 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3291 if (!conn)
3292 return;
3293
3294 conn->passkey_notify = __le32_to_cpu(ev->passkey);
3295 conn->passkey_entered = 0;
3296
3297 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3298 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
3299 conn->dst_type, conn->passkey_notify,
3300 conn->passkey_entered);
3301}
3302
3303static void hci_keypress_notify_evt(struct hci_dev *hdev, struct sk_buff *skb)
3304{
3305 struct hci_ev_keypress_notify *ev = (void *) skb->data;
3306 struct hci_conn *conn;
3307
3308 BT_DBG("%s", hdev->name);
3309
3310 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
3311 if (!conn)
3312 return;
3313
3314 switch (ev->type) {
3315 case HCI_KEYPRESS_STARTED:
3316 conn->passkey_entered = 0;
3317 return;
3318
3319 case HCI_KEYPRESS_ENTERED:
3320 conn->passkey_entered++;
3321 break;
3322
3323 case HCI_KEYPRESS_ERASED:
3324 conn->passkey_entered--;
3325 break;
3326
3327 case HCI_KEYPRESS_CLEARED:
3328 conn->passkey_entered = 0;
3329 break;
3330
3331 case HCI_KEYPRESS_COMPLETED:
3332 return;
3333 }
3334
3335 if (test_bit(HCI_MGMT, &hdev->dev_flags))
3336 mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
3337 conn->dst_type, conn->passkey_notify,
3338 conn->passkey_entered);
3277} 3339}
3278 3340
3279static void hci_simple_pair_complete_evt(struct hci_dev *hdev, 3341static void hci_simple_pair_complete_evt(struct hci_dev *hdev,
@@ -3295,7 +3357,7 @@ static void hci_simple_pair_complete_evt(struct hci_dev *hdev,
3295 * initiated the authentication. A traditional auth_complete 3357 * initiated the authentication. A traditional auth_complete
3296 * event gets always produced as initiator and is also mapped to 3358 * event gets always produced as initiator and is also mapped to
3297 * the mgmt_auth_failed event */ 3359 * the mgmt_auth_failed event */
3298 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status != 0) 3360 if (!test_bit(HCI_CONN_AUTH_PEND, &conn->flags) && ev->status)
3299 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type, 3361 mgmt_auth_failed(hdev, &conn->dst, conn->type, conn->dst_type,
3300 ev->status); 3362 ev->status);
3301 3363
@@ -3366,11 +3428,23 @@ static void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3366 3428
3367 hci_dev_lock(hdev); 3429 hci_dev_lock(hdev);
3368 3430
3369 if (ev->status) { 3431 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
3370 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT); 3432 if (!conn) {
3371 if (!conn) 3433 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
3434 if (!conn) {
3435 BT_ERR("No memory for new connection");
3372 goto unlock; 3436 goto unlock;
3437 }
3438
3439 conn->dst_type = ev->bdaddr_type;
3373 3440
3441 if (ev->role == LE_CONN_ROLE_MASTER) {
3442 conn->out = true;
3443 conn->link_mode |= HCI_LM_MASTER;
3444 }
3445 }
3446
3447 if (ev->status) {
3374 mgmt_connect_failed(hdev, &conn->dst, conn->type, 3448 mgmt_connect_failed(hdev, &conn->dst, conn->type,
3375 conn->dst_type, ev->status); 3449 conn->dst_type, ev->status);
3376 hci_proto_connect_cfm(conn, ev->status); 3450 hci_proto_connect_cfm(conn, ev->status);
@@ -3379,18 +3453,6 @@ static void hci_le_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
3379 goto unlock; 3453 goto unlock;
3380 } 3454 }
3381 3455
3382 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, &ev->bdaddr);
3383 if (!conn) {
3384 conn = hci_conn_add(hdev, LE_LINK, &ev->bdaddr);
3385 if (!conn) {
3386 BT_ERR("No memory for new connection");
3387 hci_dev_unlock(hdev);
3388 return;
3389 }
3390
3391 conn->dst_type = ev->bdaddr_type;
3392 }
3393
3394 if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags)) 3456 if (!test_and_set_bit(HCI_CONN_MGMT_CONNECTED, &conn->flags))
3395 mgmt_device_connected(hdev, &ev->bdaddr, conn->type, 3457 mgmt_device_connected(hdev, &ev->bdaddr, conn->type,
3396 conn->dst_type, 0, NULL, 0, NULL); 3458 conn->dst_type, 0, NULL, 0, NULL);
@@ -3640,6 +3702,14 @@ void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb)
3640 hci_user_passkey_request_evt(hdev, skb); 3702 hci_user_passkey_request_evt(hdev, skb);
3641 break; 3703 break;
3642 3704
3705 case HCI_EV_USER_PASSKEY_NOTIFY:
3706 hci_user_passkey_notify_evt(hdev, skb);
3707 break;
3708
3709 case HCI_EV_KEYPRESS_NOTIFY:
3710 hci_keypress_notify_evt(hdev, skb);
3711 break;
3712
3643 case HCI_EV_SIMPLE_PAIR_COMPLETE: 3713 case HCI_EV_SIMPLE_PAIR_COMPLETE:
3644 hci_simple_pair_complete_evt(hdev, skb); 3714 hci_simple_pair_complete_evt(hdev, skb);
3645 break; 3715 break;
diff --git a/net/bluetooth/hci_sock.c b/net/bluetooth/hci_sock.c
index d5ace1eda3ed..07f073935811 100644
--- a/net/bluetooth/hci_sock.c
+++ b/net/bluetooth/hci_sock.c
@@ -1102,21 +1102,30 @@ int __init hci_sock_init(void)
1102 return err; 1102 return err;
1103 1103
1104 err = bt_sock_register(BTPROTO_HCI, &hci_sock_family_ops); 1104 err = bt_sock_register(BTPROTO_HCI, &hci_sock_family_ops);
1105 if (err < 0) 1105 if (err < 0) {
1106 BT_ERR("HCI socket registration failed");
1106 goto error; 1107 goto error;
1108 }
1109
1110 err = bt_procfs_init(THIS_MODULE, &init_net, "hci", &hci_sk_list, NULL);
1111 if (err < 0) {
1112 BT_ERR("Failed to create HCI proc file");
1113 bt_sock_unregister(BTPROTO_HCI);
1114 goto error;
1115 }
1107 1116
1108 BT_INFO("HCI socket layer initialized"); 1117 BT_INFO("HCI socket layer initialized");
1109 1118
1110 return 0; 1119 return 0;
1111 1120
1112error: 1121error:
1113 BT_ERR("HCI socket registration failed");
1114 proto_unregister(&hci_sk_proto); 1122 proto_unregister(&hci_sk_proto);
1115 return err; 1123 return err;
1116} 1124}
1117 1125
1118void hci_sock_cleanup(void) 1126void hci_sock_cleanup(void)
1119{ 1127{
1128 bt_procfs_cleanup(&init_net, "hci");
1120 if (bt_sock_unregister(BTPROTO_HCI) < 0) 1129 if (bt_sock_unregister(BTPROTO_HCI) < 0)
1121 BT_ERR("HCI socket unregistration failed"); 1130 BT_ERR("HCI socket unregistration failed");
1122 1131
diff --git a/net/bluetooth/hidp/sock.c b/net/bluetooth/hidp/sock.c
index b24fb3bd8625..82a829d90b0f 100644
--- a/net/bluetooth/hidp/sock.c
+++ b/net/bluetooth/hidp/sock.c
@@ -25,6 +25,10 @@
25 25
26#include "hidp.h" 26#include "hidp.h"
27 27
28static struct bt_sock_list hidp_sk_list = {
29 .lock = __RW_LOCK_UNLOCKED(hidp_sk_list.lock)
30};
31
28static int hidp_sock_release(struct socket *sock) 32static int hidp_sock_release(struct socket *sock)
29{ 33{
30 struct sock *sk = sock->sk; 34 struct sock *sk = sock->sk;
@@ -34,6 +38,8 @@ static int hidp_sock_release(struct socket *sock)
34 if (!sk) 38 if (!sk)
35 return 0; 39 return 0;
36 40
41 bt_sock_unlink(&hidp_sk_list, sk);
42
37 sock_orphan(sk); 43 sock_orphan(sk);
38 sock_put(sk); 44 sock_put(sk);
39 45
@@ -253,6 +259,8 @@ static int hidp_sock_create(struct net *net, struct socket *sock, int protocol,
253 sk->sk_protocol = protocol; 259 sk->sk_protocol = protocol;
254 sk->sk_state = BT_OPEN; 260 sk->sk_state = BT_OPEN;
255 261
262 bt_sock_link(&hidp_sk_list, sk);
263
256 return 0; 264 return 0;
257} 265}
258 266
@@ -271,8 +279,19 @@ int __init hidp_init_sockets(void)
271 return err; 279 return err;
272 280
273 err = bt_sock_register(BTPROTO_HIDP, &hidp_sock_family_ops); 281 err = bt_sock_register(BTPROTO_HIDP, &hidp_sock_family_ops);
274 if (err < 0) 282 if (err < 0) {
283 BT_ERR("Can't register HIDP socket");
275 goto error; 284 goto error;
285 }
286
287 err = bt_procfs_init(THIS_MODULE, &init_net, "hidp", &hidp_sk_list, NULL);
288 if (err < 0) {
289 BT_ERR("Failed to create HIDP proc file");
290 bt_sock_unregister(BTPROTO_HIDP);
291 goto error;
292 }
293
294 BT_INFO("HIDP socket layer initialized");
276 295
277 return 0; 296 return 0;
278 297
@@ -284,6 +303,7 @@ error:
284 303
285void __exit hidp_cleanup_sockets(void) 304void __exit hidp_cleanup_sockets(void)
286{ 305{
306 bt_procfs_cleanup(&init_net, "hidp");
287 if (bt_sock_unregister(BTPROTO_HIDP) < 0) 307 if (bt_sock_unregister(BTPROTO_HIDP) < 0)
288 BT_ERR("Can't unregister HIDP socket"); 308 BT_ERR("Can't unregister HIDP socket");
289 309
diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c
index 38c00f142203..a91239dcda41 100644
--- a/net/bluetooth/l2cap_core.c
+++ b/net/bluetooth/l2cap_core.c
@@ -406,7 +406,7 @@ struct l2cap_chan *l2cap_chan_create(void)
406 406
407 chan->state = BT_OPEN; 407 chan->state = BT_OPEN;
408 408
409 atomic_set(&chan->refcnt, 1); 409 kref_init(&chan->kref);
410 410
411 /* This flag is cleared in l2cap_chan_ready() */ 411 /* This flag is cleared in l2cap_chan_ready() */
412 set_bit(CONF_NOT_COMPLETE, &chan->conf_state); 412 set_bit(CONF_NOT_COMPLETE, &chan->conf_state);
@@ -416,13 +416,31 @@ struct l2cap_chan *l2cap_chan_create(void)
416 return chan; 416 return chan;
417} 417}
418 418
419void l2cap_chan_destroy(struct l2cap_chan *chan) 419static void l2cap_chan_destroy(struct kref *kref)
420{ 420{
421 struct l2cap_chan *chan = container_of(kref, struct l2cap_chan, kref);
422
423 BT_DBG("chan %p", chan);
424
421 write_lock(&chan_list_lock); 425 write_lock(&chan_list_lock);
422 list_del(&chan->global_l); 426 list_del(&chan->global_l);
423 write_unlock(&chan_list_lock); 427 write_unlock(&chan_list_lock);
424 428
425 l2cap_chan_put(chan); 429 kfree(chan);
430}
431
432void l2cap_chan_hold(struct l2cap_chan *c)
433{
434 BT_DBG("chan %p orig refcnt %d", c, atomic_read(&c->kref.refcount));
435
436 kref_get(&c->kref);
437}
438
439void l2cap_chan_put(struct l2cap_chan *c)
440{
441 BT_DBG("chan %p orig refcnt %d", c, atomic_read(&c->kref.refcount));
442
443 kref_put(&c->kref, l2cap_chan_destroy);
426} 444}
427 445
428void l2cap_chan_set_defaults(struct l2cap_chan *chan) 446void l2cap_chan_set_defaults(struct l2cap_chan *chan)
@@ -1431,7 +1449,7 @@ int l2cap_chan_connect(struct l2cap_chan *chan, __le16 psm, u16 cid,
1431 int err; 1449 int err;
1432 1450
1433 BT_DBG("%s -> %s (type %u) psm 0x%2.2x", batostr(src), batostr(dst), 1451 BT_DBG("%s -> %s (type %u) psm 0x%2.2x", batostr(src), batostr(dst),
1434 dst_type, __le16_to_cpu(chan->psm)); 1452 dst_type, __le16_to_cpu(psm));
1435 1453
1436 hdev = hci_get_route(dst, src); 1454 hdev = hci_get_route(dst, src);
1437 if (!hdev) 1455 if (!hdev)
@@ -5331,7 +5349,7 @@ int l2cap_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr)
5331 return exact ? lm1 : lm2; 5349 return exact ? lm1 : lm2;
5332} 5350}
5333 5351
5334int l2cap_connect_cfm(struct hci_conn *hcon, u8 status) 5352void l2cap_connect_cfm(struct hci_conn *hcon, u8 status)
5335{ 5353{
5336 struct l2cap_conn *conn; 5354 struct l2cap_conn *conn;
5337 5355
@@ -5344,7 +5362,6 @@ int l2cap_connect_cfm(struct hci_conn *hcon, u8 status)
5344 } else 5362 } else
5345 l2cap_conn_del(hcon, bt_to_errno(status)); 5363 l2cap_conn_del(hcon, bt_to_errno(status));
5346 5364
5347 return 0;
5348} 5365}
5349 5366
5350int l2cap_disconn_ind(struct hci_conn *hcon) 5367int l2cap_disconn_ind(struct hci_conn *hcon)
@@ -5358,12 +5375,11 @@ int l2cap_disconn_ind(struct hci_conn *hcon)
5358 return conn->disc_reason; 5375 return conn->disc_reason;
5359} 5376}
5360 5377
5361int l2cap_disconn_cfm(struct hci_conn *hcon, u8 reason) 5378void l2cap_disconn_cfm(struct hci_conn *hcon, u8 reason)
5362{ 5379{
5363 BT_DBG("hcon %p reason %d", hcon, reason); 5380 BT_DBG("hcon %p reason %d", hcon, reason);
5364 5381
5365 l2cap_conn_del(hcon, bt_to_errno(reason)); 5382 l2cap_conn_del(hcon, bt_to_errno(reason));
5366 return 0;
5367} 5383}
5368 5384
5369static inline void l2cap_check_encryption(struct l2cap_chan *chan, u8 encrypt) 5385static inline void l2cap_check_encryption(struct l2cap_chan *chan, u8 encrypt)
@@ -5406,6 +5422,11 @@ int l2cap_security_cfm(struct hci_conn *hcon, u8 status, u8 encrypt)
5406 BT_DBG("chan %p scid 0x%4.4x state %s", chan, chan->scid, 5422 BT_DBG("chan %p scid 0x%4.4x state %s", chan, chan->scid,
5407 state_to_string(chan->state)); 5423 state_to_string(chan->state));
5408 5424
5425 if (chan->chan_type == L2CAP_CHAN_CONN_FIX_A2MP) {
5426 l2cap_chan_unlock(chan);
5427 continue;
5428 }
5429
5409 if (chan->scid == L2CAP_CID_LE_DATA) { 5430 if (chan->scid == L2CAP_CID_LE_DATA) {
5410 if (!status && encrypt) { 5431 if (!status && encrypt) {
5411 chan->sec_level = hcon->sec_level; 5432 chan->sec_level = hcon->sec_level;
diff --git a/net/bluetooth/l2cap_sock.c b/net/bluetooth/l2cap_sock.c
index 34bbe1c5e389..083f2bf065d4 100644
--- a/net/bluetooth/l2cap_sock.c
+++ b/net/bluetooth/l2cap_sock.c
@@ -34,6 +34,10 @@
34#include <net/bluetooth/l2cap.h> 34#include <net/bluetooth/l2cap.h>
35#include <net/bluetooth/smp.h> 35#include <net/bluetooth/smp.h>
36 36
37static struct bt_sock_list l2cap_sk_list = {
38 .lock = __RW_LOCK_UNLOCKED(l2cap_sk_list.lock)
39};
40
37static const struct proto_ops l2cap_sock_ops; 41static const struct proto_ops l2cap_sock_ops;
38static void l2cap_sock_init(struct sock *sk, struct sock *parent); 42static void l2cap_sock_init(struct sock *sk, struct sock *parent);
39static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio); 43static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio);
@@ -824,7 +828,7 @@ static void l2cap_sock_kill(struct sock *sk)
824 828
825 /* Kill poor orphan */ 829 /* Kill poor orphan */
826 830
827 l2cap_chan_destroy(l2cap_pi(sk)->chan); 831 l2cap_chan_put(l2cap_pi(sk)->chan);
828 sock_set_flag(sk, SOCK_DEAD); 832 sock_set_flag(sk, SOCK_DEAD);
829 sock_put(sk); 833 sock_put(sk);
830} 834}
@@ -887,6 +891,8 @@ static int l2cap_sock_release(struct socket *sock)
887 if (!sk) 891 if (!sk)
888 return 0; 892 return 0;
889 893
894 bt_sock_unlink(&l2cap_sk_list, sk);
895
890 err = l2cap_sock_shutdown(sock, 2); 896 err = l2cap_sock_shutdown(sock, 2);
891 897
892 sock_orphan(sk); 898 sock_orphan(sk);
@@ -1211,6 +1217,7 @@ static int l2cap_sock_create(struct net *net, struct socket *sock, int protocol,
1211 return -ENOMEM; 1217 return -ENOMEM;
1212 1218
1213 l2cap_sock_init(sk, NULL); 1219 l2cap_sock_init(sk, NULL);
1220 bt_sock_link(&l2cap_sk_list, sk);
1214 return 0; 1221 return 0;
1215} 1222}
1216 1223
@@ -1249,21 +1256,30 @@ int __init l2cap_init_sockets(void)
1249 return err; 1256 return err;
1250 1257
1251 err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops); 1258 err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops);
1252 if (err < 0) 1259 if (err < 0) {
1260 BT_ERR("L2CAP socket registration failed");
1253 goto error; 1261 goto error;
1262 }
1263
1264 err = bt_procfs_init(THIS_MODULE, &init_net, "l2cap", &l2cap_sk_list, NULL);
1265 if (err < 0) {
1266 BT_ERR("Failed to create L2CAP proc file");
1267 bt_sock_unregister(BTPROTO_L2CAP);
1268 goto error;
1269 }
1254 1270
1255 BT_INFO("L2CAP socket layer initialized"); 1271 BT_INFO("L2CAP socket layer initialized");
1256 1272
1257 return 0; 1273 return 0;
1258 1274
1259error: 1275error:
1260 BT_ERR("L2CAP socket registration failed");
1261 proto_unregister(&l2cap_proto); 1276 proto_unregister(&l2cap_proto);
1262 return err; 1277 return err;
1263} 1278}
1264 1279
1265void l2cap_cleanup_sockets(void) 1280void l2cap_cleanup_sockets(void)
1266{ 1281{
1282 bt_procfs_cleanup(&init_net, "l2cap");
1267 if (bt_sock_unregister(BTPROTO_L2CAP) < 0) 1283 if (bt_sock_unregister(BTPROTO_L2CAP) < 0)
1268 BT_ERR("L2CAP socket unregistration failed"); 1284 BT_ERR("L2CAP socket unregistration failed");
1269 1285
diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c
index eba022de3c20..aa2ea0a8142c 100644
--- a/net/bluetooth/mgmt.c
+++ b/net/bluetooth/mgmt.c
@@ -35,7 +35,7 @@
35bool enable_hs; 35bool enable_hs;
36 36
37#define MGMT_VERSION 1 37#define MGMT_VERSION 1
38#define MGMT_REVISION 1 38#define MGMT_REVISION 2
39 39
40static const u16 mgmt_commands[] = { 40static const u16 mgmt_commands[] = {
41 MGMT_OP_READ_INDEX_LIST, 41 MGMT_OP_READ_INDEX_LIST,
@@ -99,6 +99,7 @@ static const u16 mgmt_events[] = {
99 MGMT_EV_DEVICE_BLOCKED, 99 MGMT_EV_DEVICE_BLOCKED,
100 MGMT_EV_DEVICE_UNBLOCKED, 100 MGMT_EV_DEVICE_UNBLOCKED,
101 MGMT_EV_DEVICE_UNPAIRED, 101 MGMT_EV_DEVICE_UNPAIRED,
102 MGMT_EV_PASSKEY_NOTIFY,
102}; 103};
103 104
104/* 105/*
@@ -193,6 +194,11 @@ static u8 mgmt_status_table[] = {
193 MGMT_STATUS_CONNECT_FAILED, /* MAC Connection Failed */ 194 MGMT_STATUS_CONNECT_FAILED, /* MAC Connection Failed */
194}; 195};
195 196
197bool mgmt_valid_hdev(struct hci_dev *hdev)
198{
199 return hdev->dev_type == HCI_BREDR;
200}
201
196static u8 mgmt_status(u8 hci_status) 202static u8 mgmt_status(u8 hci_status)
197{ 203{
198 if (hci_status < ARRAY_SIZE(mgmt_status_table)) 204 if (hci_status < ARRAY_SIZE(mgmt_status_table))
@@ -317,7 +323,6 @@ static int read_index_list(struct sock *sk, struct hci_dev *hdev, void *data,
317 u16 data_len) 323 u16 data_len)
318{ 324{
319 struct mgmt_rp_read_index_list *rp; 325 struct mgmt_rp_read_index_list *rp;
320 struct list_head *p;
321 struct hci_dev *d; 326 struct hci_dev *d;
322 size_t rp_len; 327 size_t rp_len;
323 u16 count; 328 u16 count;
@@ -328,7 +333,10 @@ static int read_index_list(struct sock *sk, struct hci_dev *hdev, void *data,
328 read_lock(&hci_dev_list_lock); 333 read_lock(&hci_dev_list_lock);
329 334
330 count = 0; 335 count = 0;
331 list_for_each(p, &hci_dev_list) { 336 list_for_each_entry(d, &hci_dev_list, list) {
337 if (!mgmt_valid_hdev(d))
338 continue;
339
332 count++; 340 count++;
333 } 341 }
334 342
@@ -346,6 +354,9 @@ static int read_index_list(struct sock *sk, struct hci_dev *hdev, void *data,
346 if (test_bit(HCI_SETUP, &d->dev_flags)) 354 if (test_bit(HCI_SETUP, &d->dev_flags))
347 continue; 355 continue;
348 356
357 if (!mgmt_valid_hdev(d))
358 continue;
359
349 rp->index[i++] = cpu_to_le16(d->id); 360 rp->index[i++] = cpu_to_le16(d->id);
350 BT_DBG("Added hci%u", d->id); 361 BT_DBG("Added hci%u", d->id);
351 } 362 }
@@ -370,10 +381,10 @@ static u32 get_supported_settings(struct hci_dev *hdev)
370 settings |= MGMT_SETTING_DISCOVERABLE; 381 settings |= MGMT_SETTING_DISCOVERABLE;
371 settings |= MGMT_SETTING_PAIRABLE; 382 settings |= MGMT_SETTING_PAIRABLE;
372 383
373 if (hdev->features[6] & LMP_SIMPLE_PAIR) 384 if (lmp_ssp_capable(hdev))
374 settings |= MGMT_SETTING_SSP; 385 settings |= MGMT_SETTING_SSP;
375 386
376 if (!(hdev->features[4] & LMP_NO_BREDR)) { 387 if (lmp_bredr_capable(hdev)) {
377 settings |= MGMT_SETTING_BREDR; 388 settings |= MGMT_SETTING_BREDR;
378 settings |= MGMT_SETTING_LINK_SECURITY; 389 settings |= MGMT_SETTING_LINK_SECURITY;
379 } 390 }
@@ -381,7 +392,7 @@ static u32 get_supported_settings(struct hci_dev *hdev)
381 if (enable_hs) 392 if (enable_hs)
382 settings |= MGMT_SETTING_HS; 393 settings |= MGMT_SETTING_HS;
383 394
384 if (hdev->features[4] & LMP_LE) 395 if (lmp_le_capable(hdev))
385 settings |= MGMT_SETTING_LE; 396 settings |= MGMT_SETTING_LE;
386 397
387 return settings; 398 return settings;
@@ -403,7 +414,7 @@ static u32 get_current_settings(struct hci_dev *hdev)
403 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags)) 414 if (test_bit(HCI_PAIRABLE, &hdev->dev_flags))
404 settings |= MGMT_SETTING_PAIRABLE; 415 settings |= MGMT_SETTING_PAIRABLE;
405 416
406 if (!(hdev->features[4] & LMP_NO_BREDR)) 417 if (lmp_bredr_capable(hdev))
407 settings |= MGMT_SETTING_BREDR; 418 settings |= MGMT_SETTING_BREDR;
408 419
409 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags)) 420 if (test_bit(HCI_LE_ENABLED, &hdev->dev_flags))
@@ -1111,7 +1122,7 @@ static int set_ssp(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
1111 1122
1112 hci_dev_lock(hdev); 1123 hci_dev_lock(hdev);
1113 1124
1114 if (!(hdev->features[6] & LMP_SIMPLE_PAIR)) { 1125 if (!lmp_ssp_capable(hdev)) {
1115 err = cmd_status(sk, hdev->id, MGMT_OP_SET_SSP, 1126 err = cmd_status(sk, hdev->id, MGMT_OP_SET_SSP,
1116 MGMT_STATUS_NOT_SUPPORTED); 1127 MGMT_STATUS_NOT_SUPPORTED);
1117 goto failed; 1128 goto failed;
@@ -1195,7 +1206,7 @@ static int set_le(struct sock *sk, struct hci_dev *hdev, void *data, u16 len)
1195 1206
1196 hci_dev_lock(hdev); 1207 hci_dev_lock(hdev);
1197 1208
1198 if (!(hdev->features[4] & LMP_LE)) { 1209 if (!lmp_le_capable(hdev)) {
1199 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LE, 1210 err = cmd_status(sk, hdev->id, MGMT_OP_SET_LE,
1200 MGMT_STATUS_NOT_SUPPORTED); 1211 MGMT_STATUS_NOT_SUPPORTED);
1201 goto unlock; 1212 goto unlock;
@@ -2191,7 +2202,7 @@ static int read_local_oob_data(struct sock *sk, struct hci_dev *hdev,
2191 goto unlock; 2202 goto unlock;
2192 } 2203 }
2193 2204
2194 if (!(hdev->features[6] & LMP_SIMPLE_PAIR)) { 2205 if (!lmp_ssp_capable(hdev)) {
2195 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA, 2206 err = cmd_status(sk, hdev->id, MGMT_OP_READ_LOCAL_OOB_DATA,
2196 MGMT_STATUS_NOT_SUPPORTED); 2207 MGMT_STATUS_NOT_SUPPORTED);
2197 goto unlock; 2208 goto unlock;
@@ -2820,6 +2831,9 @@ static void cmd_status_rsp(struct pending_cmd *cmd, void *data)
2820 2831
2821int mgmt_index_added(struct hci_dev *hdev) 2832int mgmt_index_added(struct hci_dev *hdev)
2822{ 2833{
2834 if (!mgmt_valid_hdev(hdev))
2835 return -ENOTSUPP;
2836
2823 return mgmt_event(MGMT_EV_INDEX_ADDED, hdev, NULL, 0, NULL); 2837 return mgmt_event(MGMT_EV_INDEX_ADDED, hdev, NULL, 0, NULL);
2824} 2838}
2825 2839
@@ -2827,6 +2841,9 @@ int mgmt_index_removed(struct hci_dev *hdev)
2827{ 2841{
2828 u8 status = MGMT_STATUS_INVALID_INDEX; 2842 u8 status = MGMT_STATUS_INVALID_INDEX;
2829 2843
2844 if (!mgmt_valid_hdev(hdev))
2845 return -ENOTSUPP;
2846
2830 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status); 2847 mgmt_pending_foreach(0, hdev, cmd_status_rsp, &status);
2831 2848
2832 return mgmt_event(MGMT_EV_INDEX_REMOVED, hdev, NULL, 0, NULL); 2849 return mgmt_event(MGMT_EV_INDEX_REMOVED, hdev, NULL, 0, NULL);
@@ -3077,16 +3094,17 @@ static void unpair_device_rsp(struct pending_cmd *cmd, void *data)
3077} 3094}
3078 3095
3079int mgmt_device_disconnected(struct hci_dev *hdev, bdaddr_t *bdaddr, 3096int mgmt_device_disconnected(struct hci_dev *hdev, bdaddr_t *bdaddr,
3080 u8 link_type, u8 addr_type) 3097 u8 link_type, u8 addr_type, u8 reason)
3081{ 3098{
3082 struct mgmt_addr_info ev; 3099 struct mgmt_ev_device_disconnected ev;
3083 struct sock *sk = NULL; 3100 struct sock *sk = NULL;
3084 int err; 3101 int err;
3085 3102
3086 mgmt_pending_foreach(MGMT_OP_DISCONNECT, hdev, disconnect_rsp, &sk); 3103 mgmt_pending_foreach(MGMT_OP_DISCONNECT, hdev, disconnect_rsp, &sk);
3087 3104
3088 bacpy(&ev.bdaddr, bdaddr); 3105 bacpy(&ev.addr.bdaddr, bdaddr);
3089 ev.type = link_to_bdaddr(link_type, addr_type); 3106 ev.addr.type = link_to_bdaddr(link_type, addr_type);
3107 ev.reason = reason;
3090 3108
3091 err = mgmt_event(MGMT_EV_DEVICE_DISCONNECTED, hdev, &ev, sizeof(ev), 3109 err = mgmt_event(MGMT_EV_DEVICE_DISCONNECTED, hdev, &ev, sizeof(ev),
3092 sk); 3110 sk);
@@ -3275,6 +3293,22 @@ int mgmt_user_passkey_neg_reply_complete(struct hci_dev *hdev, bdaddr_t *bdaddr,
3275 MGMT_OP_USER_PASSKEY_NEG_REPLY); 3293 MGMT_OP_USER_PASSKEY_NEG_REPLY);
3276} 3294}
3277 3295
3296int mgmt_user_passkey_notify(struct hci_dev *hdev, bdaddr_t *bdaddr,
3297 u8 link_type, u8 addr_type, u32 passkey,
3298 u8 entered)
3299{
3300 struct mgmt_ev_passkey_notify ev;
3301
3302 BT_DBG("%s", hdev->name);
3303
3304 bacpy(&ev.addr.bdaddr, bdaddr);
3305 ev.addr.type = link_to_bdaddr(link_type, addr_type);
3306 ev.passkey = __cpu_to_le32(passkey);
3307 ev.entered = entered;
3308
3309 return mgmt_event(MGMT_EV_PASSKEY_NOTIFY, hdev, &ev, sizeof(ev), NULL);
3310}
3311
3278int mgmt_auth_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type, 3312int mgmt_auth_failed(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
3279 u8 addr_type, u8 status) 3313 u8 addr_type, u8 status)
3280{ 3314{
diff --git a/net/bluetooth/rfcomm/sock.c b/net/bluetooth/rfcomm/sock.c
index 1a17850d093c..b3226f3658cf 100644
--- a/net/bluetooth/rfcomm/sock.c
+++ b/net/bluetooth/rfcomm/sock.c
@@ -1035,8 +1035,17 @@ int __init rfcomm_init_sockets(void)
1035 return err; 1035 return err;
1036 1036
1037 err = bt_sock_register(BTPROTO_RFCOMM, &rfcomm_sock_family_ops); 1037 err = bt_sock_register(BTPROTO_RFCOMM, &rfcomm_sock_family_ops);
1038 if (err < 0) 1038 if (err < 0) {
1039 BT_ERR("RFCOMM socket layer registration failed");
1040 goto error;
1041 }
1042
1043 err = bt_procfs_init(THIS_MODULE, &init_net, "rfcomm", &rfcomm_sk_list, NULL);
1044 if (err < 0) {
1045 BT_ERR("Failed to create RFCOMM proc file");
1046 bt_sock_unregister(BTPROTO_RFCOMM);
1039 goto error; 1047 goto error;
1048 }
1040 1049
1041 if (bt_debugfs) { 1050 if (bt_debugfs) {
1042 rfcomm_sock_debugfs = debugfs_create_file("rfcomm", 0444, 1051 rfcomm_sock_debugfs = debugfs_create_file("rfcomm", 0444,
@@ -1050,13 +1059,14 @@ int __init rfcomm_init_sockets(void)
1050 return 0; 1059 return 0;
1051 1060
1052error: 1061error:
1053 BT_ERR("RFCOMM socket layer registration failed");
1054 proto_unregister(&rfcomm_proto); 1062 proto_unregister(&rfcomm_proto);
1055 return err; 1063 return err;
1056} 1064}
1057 1065
1058void __exit rfcomm_cleanup_sockets(void) 1066void __exit rfcomm_cleanup_sockets(void)
1059{ 1067{
1068 bt_procfs_cleanup(&init_net, "rfcomm");
1069
1060 debugfs_remove(rfcomm_sock_debugfs); 1070 debugfs_remove(rfcomm_sock_debugfs);
1061 1071
1062 if (bt_sock_unregister(BTPROTO_RFCOMM) < 0) 1072 if (bt_sock_unregister(BTPROTO_RFCOMM) < 0)
diff --git a/net/bluetooth/sco.c b/net/bluetooth/sco.c
index 3589e21edb09..dc42b917aaaf 100644
--- a/net/bluetooth/sco.c
+++ b/net/bluetooth/sco.c
@@ -912,7 +912,7 @@ int sco_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr)
912 return lm; 912 return lm;
913} 913}
914 914
915int sco_connect_cfm(struct hci_conn *hcon, __u8 status) 915void sco_connect_cfm(struct hci_conn *hcon, __u8 status)
916{ 916{
917 BT_DBG("hcon %p bdaddr %s status %d", hcon, batostr(&hcon->dst), status); 917 BT_DBG("hcon %p bdaddr %s status %d", hcon, batostr(&hcon->dst), status);
918 if (!status) { 918 if (!status) {
@@ -923,16 +923,13 @@ int sco_connect_cfm(struct hci_conn *hcon, __u8 status)
923 sco_conn_ready(conn); 923 sco_conn_ready(conn);
924 } else 924 } else
925 sco_conn_del(hcon, bt_to_errno(status)); 925 sco_conn_del(hcon, bt_to_errno(status));
926
927 return 0;
928} 926}
929 927
930int sco_disconn_cfm(struct hci_conn *hcon, __u8 reason) 928void sco_disconn_cfm(struct hci_conn *hcon, __u8 reason)
931{ 929{
932 BT_DBG("hcon %p reason %d", hcon, reason); 930 BT_DBG("hcon %p reason %d", hcon, reason);
933 931
934 sco_conn_del(hcon, bt_to_errno(reason)); 932 sco_conn_del(hcon, bt_to_errno(reason));
935 return 0;
936} 933}
937 934
938int sco_recv_scodata(struct hci_conn *hcon, struct sk_buff *skb) 935int sco_recv_scodata(struct hci_conn *hcon, struct sk_buff *skb)
@@ -1025,6 +1022,13 @@ int __init sco_init(void)
1025 goto error; 1022 goto error;
1026 } 1023 }
1027 1024
1025 err = bt_procfs_init(THIS_MODULE, &init_net, "sco", &sco_sk_list, NULL);
1026 if (err < 0) {
1027 BT_ERR("Failed to create SCO proc file");
1028 bt_sock_unregister(BTPROTO_SCO);
1029 goto error;
1030 }
1031
1028 if (bt_debugfs) { 1032 if (bt_debugfs) {
1029 sco_debugfs = debugfs_create_file("sco", 0444, bt_debugfs, 1033 sco_debugfs = debugfs_create_file("sco", 0444, bt_debugfs,
1030 NULL, &sco_debugfs_fops); 1034 NULL, &sco_debugfs_fops);
@@ -1043,6 +1047,8 @@ error:
1043 1047
1044void __exit sco_exit(void) 1048void __exit sco_exit(void)
1045{ 1049{
1050 bt_procfs_cleanup(&init_net, "sco");
1051
1046 debugfs_remove(sco_debugfs); 1052 debugfs_remove(sco_debugfs);
1047 1053
1048 if (bt_sock_unregister(BTPROTO_SCO) < 0) 1054 if (bt_sock_unregister(BTPROTO_SCO) < 0)
diff --git a/net/bridge/br_fdb.c b/net/bridge/br_fdb.c
index d21f32383517..d9576e6de2b8 100644
--- a/net/bridge/br_fdb.c
+++ b/net/bridge/br_fdb.c
@@ -312,7 +312,7 @@ int br_fdb_fillbuf(struct net_bridge *br, void *buf,
312 312
313 fe->is_local = f->is_local; 313 fe->is_local = f->is_local;
314 if (!f->is_static) 314 if (!f->is_static)
315 fe->ageing_timer_value = jiffies_to_clock_t(jiffies - f->updated); 315 fe->ageing_timer_value = jiffies_delta_to_clock_t(jiffies - f->updated);
316 ++fe; 316 ++fe;
317 ++num; 317 ++num;
318 } 318 }
@@ -467,14 +467,14 @@ static int fdb_to_nud(const struct net_bridge_fdb_entry *fdb)
467 467
468static int fdb_fill_info(struct sk_buff *skb, const struct net_bridge *br, 468static int fdb_fill_info(struct sk_buff *skb, const struct net_bridge *br,
469 const struct net_bridge_fdb_entry *fdb, 469 const struct net_bridge_fdb_entry *fdb,
470 u32 pid, u32 seq, int type, unsigned int flags) 470 u32 portid, u32 seq, int type, unsigned int flags)
471{ 471{
472 unsigned long now = jiffies; 472 unsigned long now = jiffies;
473 struct nda_cacheinfo ci; 473 struct nda_cacheinfo ci;
474 struct nlmsghdr *nlh; 474 struct nlmsghdr *nlh;
475 struct ndmsg *ndm; 475 struct ndmsg *ndm;
476 476
477 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndm), flags); 477 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*ndm), flags);
478 if (nlh == NULL) 478 if (nlh == NULL)
479 return -EMSGSIZE; 479 return -EMSGSIZE;
480 480
@@ -555,7 +555,7 @@ int br_fdb_dump(struct sk_buff *skb,
555 goto skip; 555 goto skip;
556 556
557 if (fdb_fill_info(skb, br, f, 557 if (fdb_fill_info(skb, br, f,
558 NETLINK_CB(cb->skb).pid, 558 NETLINK_CB(cb->skb).portid,
559 cb->nlh->nlmsg_seq, 559 cb->nlh->nlmsg_seq,
560 RTM_NEWNEIGH, 560 RTM_NEWNEIGH,
561 NLM_F_MULTI) < 0) 561 NLM_F_MULTI) < 0)
@@ -608,8 +608,9 @@ static int fdb_add_entry(struct net_bridge_port *source, const __u8 *addr,
608} 608}
609 609
610/* Add new permanent fdb entry with RTM_NEWNEIGH */ 610/* Add new permanent fdb entry with RTM_NEWNEIGH */
611int br_fdb_add(struct ndmsg *ndm, struct net_device *dev, 611int br_fdb_add(struct ndmsg *ndm, struct nlattr *tb[],
612 unsigned char *addr, u16 nlh_flags) 612 struct net_device *dev,
613 const unsigned char *addr, u16 nlh_flags)
613{ 614{
614 struct net_bridge_port *p; 615 struct net_bridge_port *p;
615 int err = 0; 616 int err = 0;
@@ -639,7 +640,7 @@ int br_fdb_add(struct ndmsg *ndm, struct net_device *dev,
639 return err; 640 return err;
640} 641}
641 642
642static int fdb_delete_by_addr(struct net_bridge_port *p, u8 *addr) 643static int fdb_delete_by_addr(struct net_bridge_port *p, const u8 *addr)
643{ 644{
644 struct net_bridge *br = p->br; 645 struct net_bridge *br = p->br;
645 struct hlist_head *head = &br->hash[br_mac_hash(addr)]; 646 struct hlist_head *head = &br->hash[br_mac_hash(addr)];
@@ -655,7 +656,7 @@ static int fdb_delete_by_addr(struct net_bridge_port *p, u8 *addr)
655 656
656/* Remove neighbor entry with RTM_DELNEIGH */ 657/* Remove neighbor entry with RTM_DELNEIGH */
657int br_fdb_delete(struct ndmsg *ndm, struct net_device *dev, 658int br_fdb_delete(struct ndmsg *ndm, struct net_device *dev,
658 unsigned char *addr) 659 const unsigned char *addr)
659{ 660{
660 struct net_bridge_port *p; 661 struct net_bridge_port *p;
661 int err; 662 int err;
diff --git a/net/bridge/br_netlink.c b/net/bridge/br_netlink.c
index fe41260fbf38..093f527276a3 100644
--- a/net/bridge/br_netlink.c
+++ b/net/bridge/br_netlink.c
@@ -127,7 +127,7 @@ static int br_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb)
127 goto skip; 127 goto skip;
128 128
129 if (br_fill_ifinfo(skb, port, 129 if (br_fill_ifinfo(skb, port,
130 NETLINK_CB(cb->skb).pid, 130 NETLINK_CB(cb->skb).portid,
131 cb->nlh->nlmsg_seq, RTM_NEWLINK, 131 cb->nlh->nlmsg_seq, RTM_NEWLINK,
132 NLM_F_MULTI) < 0) 132 NLM_F_MULTI) < 0)
133 break; 133 break;
diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h
index f507d2af9646..9b278c4ebee1 100644
--- a/net/bridge/br_private.h
+++ b/net/bridge/br_private.h
@@ -363,10 +363,10 @@ extern void br_fdb_update(struct net_bridge *br,
363 363
364extern int br_fdb_delete(struct ndmsg *ndm, 364extern int br_fdb_delete(struct ndmsg *ndm,
365 struct net_device *dev, 365 struct net_device *dev,
366 unsigned char *addr); 366 const unsigned char *addr);
367extern int br_fdb_add(struct ndmsg *nlh, 367extern int br_fdb_add(struct ndmsg *nlh, struct nlattr *tb[],
368 struct net_device *dev, 368 struct net_device *dev,
369 unsigned char *addr, 369 const unsigned char *addr,
370 u16 nlh_flags); 370 u16 nlh_flags);
371extern int br_fdb_dump(struct sk_buff *skb, 371extern int br_fdb_dump(struct sk_buff *skb,
372 struct netlink_callback *cb, 372 struct netlink_callback *cb,
diff --git a/net/bridge/br_stp_timer.c b/net/bridge/br_stp_timer.c
index a6747e673426..c3530a81a33b 100644
--- a/net/bridge/br_stp_timer.c
+++ b/net/bridge/br_stp_timer.c
@@ -170,5 +170,5 @@ void br_stp_port_timer_init(struct net_bridge_port *p)
170unsigned long br_timer_value(const struct timer_list *timer) 170unsigned long br_timer_value(const struct timer_list *timer)
171{ 171{
172 return timer_pending(timer) 172 return timer_pending(timer)
173 ? jiffies_to_clock_t(timer->expires - jiffies) : 0; 173 ? jiffies_delta_to_clock_t(timer->expires - jiffies) : 0;
174} 174}
diff --git a/net/bridge/netfilter/ebt_ulog.c b/net/bridge/netfilter/ebt_ulog.c
index 19063473c71f..3476ec469740 100644
--- a/net/bridge/netfilter/ebt_ulog.c
+++ b/net/bridge/netfilter/ebt_ulog.c
@@ -298,8 +298,7 @@ static int __init ebt_ulog_init(void)
298 spin_lock_init(&ulog_buffers[i].lock); 298 spin_lock_init(&ulog_buffers[i].lock);
299 } 299 }
300 300
301 ebtulognl = netlink_kernel_create(&init_net, NETLINK_NFLOG, 301 ebtulognl = netlink_kernel_create(&init_net, NETLINK_NFLOG, &cfg);
302 THIS_MODULE, &cfg);
303 if (!ebtulognl) 302 if (!ebtulognl)
304 ret = -ENOMEM; 303 ret = -ENOMEM;
305 else if ((ret = xt_register_target(&ebt_ulog_tg_reg)) != 0) 304 else if ((ret = xt_register_target(&ebt_ulog_tg_reg)) != 0)
diff --git a/net/bridge/netfilter/ebtable_filter.c b/net/bridge/netfilter/ebtable_filter.c
index 42e6bd094574..3c2e9dced9e0 100644
--- a/net/bridge/netfilter/ebtable_filter.c
+++ b/net/bridge/netfilter/ebtable_filter.c
@@ -100,9 +100,7 @@ static struct nf_hook_ops ebt_ops_filter[] __read_mostly = {
100static int __net_init frame_filter_net_init(struct net *net) 100static int __net_init frame_filter_net_init(struct net *net)
101{ 101{
102 net->xt.frame_filter = ebt_register_table(net, &frame_filter); 102 net->xt.frame_filter = ebt_register_table(net, &frame_filter);
103 if (IS_ERR(net->xt.frame_filter)) 103 return PTR_RET(net->xt.frame_filter);
104 return PTR_ERR(net->xt.frame_filter);
105 return 0;
106} 104}
107 105
108static void __net_exit frame_filter_net_exit(struct net *net) 106static void __net_exit frame_filter_net_exit(struct net *net)
diff --git a/net/bridge/netfilter/ebtable_nat.c b/net/bridge/netfilter/ebtable_nat.c
index 6dc2f878ae05..10871bc77908 100644
--- a/net/bridge/netfilter/ebtable_nat.c
+++ b/net/bridge/netfilter/ebtable_nat.c
@@ -100,9 +100,7 @@ static struct nf_hook_ops ebt_ops_nat[] __read_mostly = {
100static int __net_init frame_nat_net_init(struct net *net) 100static int __net_init frame_nat_net_init(struct net *net)
101{ 101{
102 net->xt.frame_nat = ebt_register_table(net, &frame_nat); 102 net->xt.frame_nat = ebt_register_table(net, &frame_nat);
103 if (IS_ERR(net->xt.frame_nat)) 103 return PTR_RET(net->xt.frame_nat);
104 return PTR_ERR(net->xt.frame_nat);
105 return 0;
106} 104}
107 105
108static void __net_exit frame_nat_net_exit(struct net *net) 106static void __net_exit frame_nat_net_exit(struct net *net)
diff --git a/net/can/gw.c b/net/can/gw.c
index b54d5e695b03..127879c55fb6 100644
--- a/net/can/gw.c
+++ b/net/can/gw.c
@@ -549,7 +549,7 @@ static int cgw_dump_jobs(struct sk_buff *skb, struct netlink_callback *cb)
549 if (idx < s_idx) 549 if (idx < s_idx)
550 goto cont; 550 goto cont;
551 551
552 if (cgw_put_job(skb, gwj, RTM_NEWROUTE, NETLINK_CB(cb->skb).pid, 552 if (cgw_put_job(skb, gwj, RTM_NEWROUTE, NETLINK_CB(cb->skb).portid,
553 cb->nlh->nlmsg_seq, NLM_F_MULTI) < 0) 553 cb->nlh->nlmsg_seq, NLM_F_MULTI) < 0)
554 break; 554 break;
555cont: 555cont:
diff --git a/net/core/dev.c b/net/core/dev.c
index 17e912f9b711..1e0a1847c3bb 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -959,18 +959,30 @@ int dev_alloc_name(struct net_device *dev, const char *name)
959} 959}
960EXPORT_SYMBOL(dev_alloc_name); 960EXPORT_SYMBOL(dev_alloc_name);
961 961
962static int dev_get_valid_name(struct net_device *dev, const char *name) 962static int dev_alloc_name_ns(struct net *net,
963 struct net_device *dev,
964 const char *name)
963{ 965{
964 struct net *net; 966 char buf[IFNAMSIZ];
967 int ret;
965 968
966 BUG_ON(!dev_net(dev)); 969 ret = __dev_alloc_name(net, name, buf);
967 net = dev_net(dev); 970 if (ret >= 0)
971 strlcpy(dev->name, buf, IFNAMSIZ);
972 return ret;
973}
974
975static int dev_get_valid_name(struct net *net,
976 struct net_device *dev,
977 const char *name)
978{
979 BUG_ON(!net);
968 980
969 if (!dev_valid_name(name)) 981 if (!dev_valid_name(name))
970 return -EINVAL; 982 return -EINVAL;
971 983
972 if (strchr(name, '%')) 984 if (strchr(name, '%'))
973 return dev_alloc_name(dev, name); 985 return dev_alloc_name_ns(net, dev, name);
974 else if (__dev_get_by_name(net, name)) 986 else if (__dev_get_by_name(net, name))
975 return -EEXIST; 987 return -EEXIST;
976 else if (dev->name != name) 988 else if (dev->name != name)
@@ -1006,7 +1018,7 @@ int dev_change_name(struct net_device *dev, const char *newname)
1006 1018
1007 memcpy(oldname, dev->name, IFNAMSIZ); 1019 memcpy(oldname, dev->name, IFNAMSIZ);
1008 1020
1009 err = dev_get_valid_name(dev, newname); 1021 err = dev_get_valid_name(net, dev, newname);
1010 if (err < 0) 1022 if (err < 0)
1011 return err; 1023 return err;
1012 1024
@@ -1109,11 +1121,23 @@ void netdev_state_change(struct net_device *dev)
1109} 1121}
1110EXPORT_SYMBOL(netdev_state_change); 1122EXPORT_SYMBOL(netdev_state_change);
1111 1123
1112int netdev_bonding_change(struct net_device *dev, unsigned long event) 1124/**
1125 * netdev_notify_peers - notify network peers about existence of @dev
1126 * @dev: network device
1127 *
1128 * Generate traffic such that interested network peers are aware of
1129 * @dev, such as by generating a gratuitous ARP. This may be used when
1130 * a device wants to inform the rest of the network about some sort of
1131 * reconfiguration such as a failover event or virtual machine
1132 * migration.
1133 */
1134void netdev_notify_peers(struct net_device *dev)
1113{ 1135{
1114 return call_netdevice_notifiers(event, dev); 1136 rtnl_lock();
1137 call_netdevice_notifiers(NETDEV_NOTIFY_PEERS, dev);
1138 rtnl_unlock();
1115} 1139}
1116EXPORT_SYMBOL(netdev_bonding_change); 1140EXPORT_SYMBOL(netdev_notify_peers);
1117 1141
1118/** 1142/**
1119 * dev_load - load a network module 1143 * dev_load - load a network module
@@ -1394,7 +1418,6 @@ rollback:
1394 nb->notifier_call(nb, NETDEV_DOWN, dev); 1418 nb->notifier_call(nb, NETDEV_DOWN, dev);
1395 } 1419 }
1396 nb->notifier_call(nb, NETDEV_UNREGISTER, dev); 1420 nb->notifier_call(nb, NETDEV_UNREGISTER, dev);
1397 nb->notifier_call(nb, NETDEV_UNREGISTER_BATCH, dev);
1398 } 1421 }
1399 } 1422 }
1400 1423
@@ -1436,7 +1459,6 @@ int unregister_netdevice_notifier(struct notifier_block *nb)
1436 nb->notifier_call(nb, NETDEV_DOWN, dev); 1459 nb->notifier_call(nb, NETDEV_DOWN, dev);
1437 } 1460 }
1438 nb->notifier_call(nb, NETDEV_UNREGISTER, dev); 1461 nb->notifier_call(nb, NETDEV_UNREGISTER, dev);
1439 nb->notifier_call(nb, NETDEV_UNREGISTER_BATCH, dev);
1440 } 1462 }
1441 } 1463 }
1442unlock: 1464unlock:
@@ -2175,9 +2197,7 @@ EXPORT_SYMBOL(netif_skb_features);
2175/* 2197/*
2176 * Returns true if either: 2198 * Returns true if either:
2177 * 1. skb has frag_list and the device doesn't support FRAGLIST, or 2199 * 1. skb has frag_list and the device doesn't support FRAGLIST, or
2178 * 2. skb is fragmented and the device does not support SG, or if 2200 * 2. skb is fragmented and the device does not support SG.
2179 * at least one of fragments is in highmem and device does not
2180 * support DMA from it.
2181 */ 2201 */
2182static inline int skb_needs_linearize(struct sk_buff *skb, 2202static inline int skb_needs_linearize(struct sk_buff *skb,
2183 int features) 2203 int features)
@@ -2206,9 +2226,6 @@ int dev_hard_start_xmit(struct sk_buff *skb, struct net_device *dev,
2206 if (dev->priv_flags & IFF_XMIT_DST_RELEASE) 2226 if (dev->priv_flags & IFF_XMIT_DST_RELEASE)
2207 skb_dst_drop(skb); 2227 skb_dst_drop(skb);
2208 2228
2209 if (!list_empty(&ptype_all))
2210 dev_queue_xmit_nit(skb, dev);
2211
2212 features = netif_skb_features(skb); 2229 features = netif_skb_features(skb);
2213 2230
2214 if (vlan_tx_tag_present(skb) && 2231 if (vlan_tx_tag_present(skb) &&
@@ -2243,6 +2260,9 @@ int dev_hard_start_xmit(struct sk_buff *skb, struct net_device *dev,
2243 } 2260 }
2244 } 2261 }
2245 2262
2263 if (!list_empty(&ptype_all))
2264 dev_queue_xmit_nit(skb, dev);
2265
2246 skb_len = skb->len; 2266 skb_len = skb->len;
2247 rc = ops->ndo_start_xmit(skb, dev); 2267 rc = ops->ndo_start_xmit(skb, dev);
2248 trace_net_dev_xmit(skb, rc, dev, skb_len); 2268 trace_net_dev_xmit(skb, rc, dev, skb_len);
@@ -2265,6 +2285,9 @@ gso:
2265 if (dev->priv_flags & IFF_XMIT_DST_RELEASE) 2285 if (dev->priv_flags & IFF_XMIT_DST_RELEASE)
2266 skb_dst_drop(nskb); 2286 skb_dst_drop(nskb);
2267 2287
2288 if (!list_empty(&ptype_all))
2289 dev_queue_xmit_nit(nskb, dev);
2290
2268 skb_len = nskb->len; 2291 skb_len = nskb->len;
2269 rc = ops->ndo_start_xmit(nskb, dev); 2292 rc = ops->ndo_start_xmit(nskb, dev);
2270 trace_net_dev_xmit(nskb, rc, dev, skb_len); 2293 trace_net_dev_xmit(nskb, rc, dev, skb_len);
@@ -2374,8 +2397,8 @@ static inline int get_xps_queue(struct net_device *dev, struct sk_buff *skb)
2374#endif 2397#endif
2375} 2398}
2376 2399
2377static struct netdev_queue *dev_pick_tx(struct net_device *dev, 2400struct netdev_queue *netdev_pick_tx(struct net_device *dev,
2378 struct sk_buff *skb) 2401 struct sk_buff *skb)
2379{ 2402{
2380 int queue_index; 2403 int queue_index;
2381 const struct net_device_ops *ops = dev->netdev_ops; 2404 const struct net_device_ops *ops = dev->netdev_ops;
@@ -2549,7 +2572,7 @@ int dev_queue_xmit(struct sk_buff *skb)
2549 2572
2550 skb_update_prio(skb); 2573 skb_update_prio(skb);
2551 2574
2552 txq = dev_pick_tx(dev, skb); 2575 txq = netdev_pick_tx(dev, skb);
2553 q = rcu_dereference_bh(txq->qdisc); 2576 q = rcu_dereference_bh(txq->qdisc);
2554 2577
2555#ifdef CONFIG_NET_CLS_ACT 2578#ifdef CONFIG_NET_CLS_ACT
@@ -2622,6 +2645,8 @@ EXPORT_SYMBOL(dev_queue_xmit);
2622 =======================================================================*/ 2645 =======================================================================*/
2623 2646
2624int netdev_max_backlog __read_mostly = 1000; 2647int netdev_max_backlog __read_mostly = 1000;
2648EXPORT_SYMBOL(netdev_max_backlog);
2649
2625int netdev_tstamp_prequeue __read_mostly = 1; 2650int netdev_tstamp_prequeue __read_mostly = 1;
2626int netdev_budget __read_mostly = 300; 2651int netdev_budget __read_mostly = 300;
2627int weight_p __read_mostly = 64; /* old backlog weight */ 2652int weight_p __read_mostly = 64; /* old backlog weight */
@@ -5239,12 +5264,12 @@ int dev_ioctl(struct net *net, unsigned int cmd, void __user *arg)
5239 */ 5264 */
5240static int dev_new_index(struct net *net) 5265static int dev_new_index(struct net *net)
5241{ 5266{
5242 static int ifindex; 5267 int ifindex = net->ifindex;
5243 for (;;) { 5268 for (;;) {
5244 if (++ifindex <= 0) 5269 if (++ifindex <= 0)
5245 ifindex = 1; 5270 ifindex = 1;
5246 if (!__dev_get_by_index(net, ifindex)) 5271 if (!__dev_get_by_index(net, ifindex))
5247 return ifindex; 5272 return net->ifindex = ifindex;
5248 } 5273 }
5249} 5274}
5250 5275
@@ -5322,10 +5347,6 @@ static void rollback_registered_many(struct list_head *head)
5322 netdev_unregister_kobject(dev); 5347 netdev_unregister_kobject(dev);
5323 } 5348 }
5324 5349
5325 /* Process any work delayed until the end of the batch */
5326 dev = list_first_entry(head, struct net_device, unreg_list);
5327 call_netdevice_notifiers(NETDEV_UNREGISTER_BATCH, dev);
5328
5329 synchronize_net(); 5350 synchronize_net();
5330 5351
5331 list_for_each_entry(dev, head, unreg_list) 5352 list_for_each_entry(dev, head, unreg_list)
@@ -5583,7 +5604,7 @@ int register_netdevice(struct net_device *dev)
5583 5604
5584 dev->iflink = -1; 5605 dev->iflink = -1;
5585 5606
5586 ret = dev_get_valid_name(dev, dev->name); 5607 ret = dev_get_valid_name(net, dev, dev->name);
5587 if (ret < 0) 5608 if (ret < 0)
5588 goto out; 5609 goto out;
5589 5610
@@ -5597,7 +5618,12 @@ int register_netdevice(struct net_device *dev)
5597 } 5618 }
5598 } 5619 }
5599 5620
5600 dev->ifindex = dev_new_index(net); 5621 ret = -EBUSY;
5622 if (!dev->ifindex)
5623 dev->ifindex = dev_new_index(net);
5624 else if (__dev_get_by_index(net, dev->ifindex))
5625 goto err_uninit;
5626
5601 if (dev->iflink == -1) 5627 if (dev->iflink == -1)
5602 dev->iflink = dev->ifindex; 5628 dev->iflink = dev->ifindex;
5603 5629
@@ -5640,6 +5666,8 @@ int register_netdevice(struct net_device *dev)
5640 5666
5641 set_bit(__LINK_STATE_PRESENT, &dev->state); 5667 set_bit(__LINK_STATE_PRESENT, &dev->state);
5642 5668
5669 linkwatch_init_dev(dev);
5670
5643 dev_init_scheduler(dev); 5671 dev_init_scheduler(dev);
5644 dev_hold(dev); 5672 dev_hold(dev);
5645 list_netdevice(dev); 5673 list_netdevice(dev);
@@ -5773,9 +5801,12 @@ static void netdev_wait_allrefs(struct net_device *dev)
5773 5801
5774 /* Rebroadcast unregister notification */ 5802 /* Rebroadcast unregister notification */
5775 call_netdevice_notifiers(NETDEV_UNREGISTER, dev); 5803 call_netdevice_notifiers(NETDEV_UNREGISTER, dev);
5776 /* don't resend NETDEV_UNREGISTER_BATCH, _BATCH users
5777 * should have already handle it the first time */
5778 5804
5805 __rtnl_unlock();
5806 rcu_barrier();
5807 rtnl_lock();
5808
5809 call_netdevice_notifiers(NETDEV_UNREGISTER_FINAL, dev);
5779 if (test_bit(__LINK_STATE_LINKWATCH_PENDING, 5810 if (test_bit(__LINK_STATE_LINKWATCH_PENDING,
5780 &dev->state)) { 5811 &dev->state)) {
5781 /* We must not have linkwatch events 5812 /* We must not have linkwatch events
@@ -5837,9 +5868,8 @@ void netdev_run_todo(void)
5837 5868
5838 __rtnl_unlock(); 5869 __rtnl_unlock();
5839 5870
5840 /* Wait for rcu callbacks to finish before attempting to drain 5871
5841 * the device list. This usually avoids a 250ms wait. 5872 /* Wait for rcu callbacks to finish before next phase */
5842 */
5843 if (!list_empty(&list)) 5873 if (!list_empty(&list))
5844 rcu_barrier(); 5874 rcu_barrier();
5845 5875
@@ -5848,6 +5878,10 @@ void netdev_run_todo(void)
5848 = list_first_entry(&list, struct net_device, todo_list); 5878 = list_first_entry(&list, struct net_device, todo_list);
5849 list_del(&dev->todo_list); 5879 list_del(&dev->todo_list);
5850 5880
5881 rtnl_lock();
5882 call_netdevice_notifiers(NETDEV_UNREGISTER_FINAL, dev);
5883 __rtnl_unlock();
5884
5851 if (unlikely(dev->reg_state != NETREG_UNREGISTERING)) { 5885 if (unlikely(dev->reg_state != NETREG_UNREGISTERING)) {
5852 pr_err("network todo '%s' but state %d\n", 5886 pr_err("network todo '%s' but state %d\n",
5853 dev->name, dev->reg_state); 5887 dev->name, dev->reg_state);
@@ -5943,6 +5977,8 @@ struct netdev_queue *dev_ingress_queue_create(struct net_device *dev)
5943 return queue; 5977 return queue;
5944} 5978}
5945 5979
5980static const struct ethtool_ops default_ethtool_ops;
5981
5946/** 5982/**
5947 * alloc_netdev_mqs - allocate network device 5983 * alloc_netdev_mqs - allocate network device
5948 * @sizeof_priv: size of private data to allocate space for 5984 * @sizeof_priv: size of private data to allocate space for
@@ -6030,6 +6066,8 @@ struct net_device *alloc_netdev_mqs(int sizeof_priv, const char *name,
6030 6066
6031 strcpy(dev->name, name); 6067 strcpy(dev->name, name);
6032 dev->group = INIT_NETDEV_GROUP; 6068 dev->group = INIT_NETDEV_GROUP;
6069 if (!dev->ethtool_ops)
6070 dev->ethtool_ops = &default_ethtool_ops;
6033 return dev; 6071 return dev;
6034 6072
6035free_all: 6073free_all:
@@ -6214,7 +6252,7 @@ int dev_change_net_namespace(struct net_device *dev, struct net *net, const char
6214 /* We get here if we can't use the current device name */ 6252 /* We get here if we can't use the current device name */
6215 if (!pat) 6253 if (!pat)
6216 goto out; 6254 goto out;
6217 if (dev_get_valid_name(dev, pat) < 0) 6255 if (dev_get_valid_name(net, dev, pat) < 0)
6218 goto out; 6256 goto out;
6219 } 6257 }
6220 6258
@@ -6242,7 +6280,8 @@ int dev_change_net_namespace(struct net_device *dev, struct net *net, const char
6242 the device is just moving and can keep their slaves up. 6280 the device is just moving and can keep their slaves up.
6243 */ 6281 */
6244 call_netdevice_notifiers(NETDEV_UNREGISTER, dev); 6282 call_netdevice_notifiers(NETDEV_UNREGISTER, dev);
6245 call_netdevice_notifiers(NETDEV_UNREGISTER_BATCH, dev); 6283 rcu_barrier();
6284 call_netdevice_notifiers(NETDEV_UNREGISTER_FINAL, dev);
6246 rtmsg_ifinfo(RTM_DELLINK, dev, ~0U); 6285 rtmsg_ifinfo(RTM_DELLINK, dev, ~0U);
6247 6286
6248 /* 6287 /*
diff --git a/net/core/dev_addr_lists.c b/net/core/dev_addr_lists.c
index c4cc2bc49f06..87cc17db2d56 100644
--- a/net/core/dev_addr_lists.c
+++ b/net/core/dev_addr_lists.c
@@ -22,7 +22,7 @@
22 */ 22 */
23 23
24static int __hw_addr_create_ex(struct netdev_hw_addr_list *list, 24static int __hw_addr_create_ex(struct netdev_hw_addr_list *list,
25 unsigned char *addr, int addr_len, 25 const unsigned char *addr, int addr_len,
26 unsigned char addr_type, bool global) 26 unsigned char addr_type, bool global)
27{ 27{
28 struct netdev_hw_addr *ha; 28 struct netdev_hw_addr *ha;
@@ -46,7 +46,7 @@ static int __hw_addr_create_ex(struct netdev_hw_addr_list *list,
46} 46}
47 47
48static int __hw_addr_add_ex(struct netdev_hw_addr_list *list, 48static int __hw_addr_add_ex(struct netdev_hw_addr_list *list,
49 unsigned char *addr, int addr_len, 49 const unsigned char *addr, int addr_len,
50 unsigned char addr_type, bool global) 50 unsigned char addr_type, bool global)
51{ 51{
52 struct netdev_hw_addr *ha; 52 struct netdev_hw_addr *ha;
@@ -72,14 +72,15 @@ static int __hw_addr_add_ex(struct netdev_hw_addr_list *list,
72 return __hw_addr_create_ex(list, addr, addr_len, addr_type, global); 72 return __hw_addr_create_ex(list, addr, addr_len, addr_type, global);
73} 73}
74 74
75static int __hw_addr_add(struct netdev_hw_addr_list *list, unsigned char *addr, 75static int __hw_addr_add(struct netdev_hw_addr_list *list,
76 int addr_len, unsigned char addr_type) 76 const unsigned char *addr, int addr_len,
77 unsigned char addr_type)
77{ 78{
78 return __hw_addr_add_ex(list, addr, addr_len, addr_type, false); 79 return __hw_addr_add_ex(list, addr, addr_len, addr_type, false);
79} 80}
80 81
81static int __hw_addr_del_ex(struct netdev_hw_addr_list *list, 82static int __hw_addr_del_ex(struct netdev_hw_addr_list *list,
82 unsigned char *addr, int addr_len, 83 const unsigned char *addr, int addr_len,
83 unsigned char addr_type, bool global) 84 unsigned char addr_type, bool global)
84{ 85{
85 struct netdev_hw_addr *ha; 86 struct netdev_hw_addr *ha;
@@ -104,8 +105,9 @@ static int __hw_addr_del_ex(struct netdev_hw_addr_list *list,
104 return -ENOENT; 105 return -ENOENT;
105} 106}
106 107
107static int __hw_addr_del(struct netdev_hw_addr_list *list, unsigned char *addr, 108static int __hw_addr_del(struct netdev_hw_addr_list *list,
108 int addr_len, unsigned char addr_type) 109 const unsigned char *addr, int addr_len,
110 unsigned char addr_type)
109{ 111{
110 return __hw_addr_del_ex(list, addr, addr_len, addr_type, false); 112 return __hw_addr_del_ex(list, addr, addr_len, addr_type, false);
111} 113}
@@ -278,7 +280,7 @@ EXPORT_SYMBOL(dev_addr_init);
278 * 280 *
279 * The caller must hold the rtnl_mutex. 281 * The caller must hold the rtnl_mutex.
280 */ 282 */
281int dev_addr_add(struct net_device *dev, unsigned char *addr, 283int dev_addr_add(struct net_device *dev, const unsigned char *addr,
282 unsigned char addr_type) 284 unsigned char addr_type)
283{ 285{
284 int err; 286 int err;
@@ -303,7 +305,7 @@ EXPORT_SYMBOL(dev_addr_add);
303 * 305 *
304 * The caller must hold the rtnl_mutex. 306 * The caller must hold the rtnl_mutex.
305 */ 307 */
306int dev_addr_del(struct net_device *dev, unsigned char *addr, 308int dev_addr_del(struct net_device *dev, const unsigned char *addr,
307 unsigned char addr_type) 309 unsigned char addr_type)
308{ 310{
309 int err; 311 int err;
@@ -390,7 +392,7 @@ EXPORT_SYMBOL(dev_addr_del_multiple);
390 * @dev: device 392 * @dev: device
391 * @addr: address to add 393 * @addr: address to add
392 */ 394 */
393int dev_uc_add_excl(struct net_device *dev, unsigned char *addr) 395int dev_uc_add_excl(struct net_device *dev, const unsigned char *addr)
394{ 396{
395 struct netdev_hw_addr *ha; 397 struct netdev_hw_addr *ha;
396 int err; 398 int err;
@@ -421,7 +423,7 @@ EXPORT_SYMBOL(dev_uc_add_excl);
421 * Add a secondary unicast address to the device or increase 423 * Add a secondary unicast address to the device or increase
422 * the reference count if it already exists. 424 * the reference count if it already exists.
423 */ 425 */
424int dev_uc_add(struct net_device *dev, unsigned char *addr) 426int dev_uc_add(struct net_device *dev, const unsigned char *addr)
425{ 427{
426 int err; 428 int err;
427 429
@@ -443,7 +445,7 @@ EXPORT_SYMBOL(dev_uc_add);
443 * Release reference to a secondary unicast address and remove it 445 * Release reference to a secondary unicast address and remove it
444 * from the device if the reference count drops to zero. 446 * from the device if the reference count drops to zero.
445 */ 447 */
446int dev_uc_del(struct net_device *dev, unsigned char *addr) 448int dev_uc_del(struct net_device *dev, const unsigned char *addr)
447{ 449{
448 int err; 450 int err;
449 451
@@ -543,7 +545,7 @@ EXPORT_SYMBOL(dev_uc_init);
543 * @dev: device 545 * @dev: device
544 * @addr: address to add 546 * @addr: address to add
545 */ 547 */
546int dev_mc_add_excl(struct net_device *dev, unsigned char *addr) 548int dev_mc_add_excl(struct net_device *dev, const unsigned char *addr)
547{ 549{
548 struct netdev_hw_addr *ha; 550 struct netdev_hw_addr *ha;
549 int err; 551 int err;
@@ -566,7 +568,7 @@ out:
566} 568}
567EXPORT_SYMBOL(dev_mc_add_excl); 569EXPORT_SYMBOL(dev_mc_add_excl);
568 570
569static int __dev_mc_add(struct net_device *dev, unsigned char *addr, 571static int __dev_mc_add(struct net_device *dev, const unsigned char *addr,
570 bool global) 572 bool global)
571{ 573{
572 int err; 574 int err;
@@ -587,7 +589,7 @@ static int __dev_mc_add(struct net_device *dev, unsigned char *addr,
587 * Add a multicast address to the device or increase 589 * Add a multicast address to the device or increase
588 * the reference count if it already exists. 590 * the reference count if it already exists.
589 */ 591 */
590int dev_mc_add(struct net_device *dev, unsigned char *addr) 592int dev_mc_add(struct net_device *dev, const unsigned char *addr)
591{ 593{
592 return __dev_mc_add(dev, addr, false); 594 return __dev_mc_add(dev, addr, false);
593} 595}
@@ -600,13 +602,13 @@ EXPORT_SYMBOL(dev_mc_add);
600 * 602 *
601 * Add a global multicast address to the device. 603 * Add a global multicast address to the device.
602 */ 604 */
603int dev_mc_add_global(struct net_device *dev, unsigned char *addr) 605int dev_mc_add_global(struct net_device *dev, const unsigned char *addr)
604{ 606{
605 return __dev_mc_add(dev, addr, true); 607 return __dev_mc_add(dev, addr, true);
606} 608}
607EXPORT_SYMBOL(dev_mc_add_global); 609EXPORT_SYMBOL(dev_mc_add_global);
608 610
609static int __dev_mc_del(struct net_device *dev, unsigned char *addr, 611static int __dev_mc_del(struct net_device *dev, const unsigned char *addr,
610 bool global) 612 bool global)
611{ 613{
612 int err; 614 int err;
@@ -628,7 +630,7 @@ static int __dev_mc_del(struct net_device *dev, unsigned char *addr,
628 * Release reference to a multicast address and remove it 630 * Release reference to a multicast address and remove it
629 * from the device if the reference count drops to zero. 631 * from the device if the reference count drops to zero.
630 */ 632 */
631int dev_mc_del(struct net_device *dev, unsigned char *addr) 633int dev_mc_del(struct net_device *dev, const unsigned char *addr)
632{ 634{
633 return __dev_mc_del(dev, addr, false); 635 return __dev_mc_del(dev, addr, false);
634} 636}
@@ -642,7 +644,7 @@ EXPORT_SYMBOL(dev_mc_del);
642 * Release reference to a multicast address and remove it 644 * Release reference to a multicast address and remove it
643 * from the device if the reference count drops to zero. 645 * from the device if the reference count drops to zero.
644 */ 646 */
645int dev_mc_del_global(struct net_device *dev, unsigned char *addr) 647int dev_mc_del_global(struct net_device *dev, const unsigned char *addr)
646{ 648{
647 return __dev_mc_del(dev, addr, true); 649 return __dev_mc_del(dev, addr, true);
648} 650}
diff --git a/net/core/dst.c b/net/core/dst.c
index b8d7c700541d..ee6153e2cf43 100644
--- a/net/core/dst.c
+++ b/net/core/dst.c
@@ -374,7 +374,7 @@ static int dst_dev_event(struct notifier_block *this, unsigned long event,
374 struct dst_entry *dst, *last = NULL; 374 struct dst_entry *dst, *last = NULL;
375 375
376 switch (event) { 376 switch (event) {
377 case NETDEV_UNREGISTER: 377 case NETDEV_UNREGISTER_FINAL:
378 case NETDEV_DOWN: 378 case NETDEV_DOWN:
379 mutex_lock(&dst_gc_mutex); 379 mutex_lock(&dst_gc_mutex);
380 for (dst = dst_busy_list; dst; dst = dst->next) { 380 for (dst = dst_busy_list; dst; dst = dst->next) {
diff --git a/net/core/ethtool.c b/net/core/ethtool.c
index cbf033dcaf1f..4d64cc2e3fa9 100644
--- a/net/core/ethtool.c
+++ b/net/core/ethtool.c
@@ -1426,18 +1426,6 @@ int dev_ethtool(struct net *net, struct ifreq *ifr)
1426 if (copy_from_user(&ethcmd, useraddr, sizeof(ethcmd))) 1426 if (copy_from_user(&ethcmd, useraddr, sizeof(ethcmd)))
1427 return -EFAULT; 1427 return -EFAULT;
1428 1428
1429 if (!dev->ethtool_ops) {
1430 /* A few commands do not require any driver support,
1431 * are unprivileged, and do not change anything, so we
1432 * can take a shortcut to them. */
1433 if (ethcmd == ETHTOOL_GDRVINFO)
1434 return ethtool_get_drvinfo(dev, useraddr);
1435 else if (ethcmd == ETHTOOL_GET_TS_INFO)
1436 return ethtool_get_ts_info(dev, useraddr);
1437 else
1438 return -EOPNOTSUPP;
1439 }
1440
1441 /* Allow some commands to be done by anyone */ 1429 /* Allow some commands to be done by anyone */
1442 switch (ethcmd) { 1430 switch (ethcmd) {
1443 case ETHTOOL_GSET: 1431 case ETHTOOL_GSET:
diff --git a/net/core/fib_rules.c b/net/core/fib_rules.c
index ab7db83236c9..58a4ba27dfe3 100644
--- a/net/core/fib_rules.c
+++ b/net/core/fib_rules.c
@@ -402,7 +402,7 @@ static int fib_nl_newrule(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg)
402 if (unresolved) 402 if (unresolved)
403 ops->unresolved_rules++; 403 ops->unresolved_rules++;
404 404
405 notify_rule_change(RTM_NEWRULE, rule, ops, nlh, NETLINK_CB(skb).pid); 405 notify_rule_change(RTM_NEWRULE, rule, ops, nlh, NETLINK_CB(skb).portid);
406 flush_route_cache(ops); 406 flush_route_cache(ops);
407 rules_ops_put(ops); 407 rules_ops_put(ops);
408 return 0; 408 return 0;
@@ -500,7 +500,7 @@ static int fib_nl_delrule(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg)
500 } 500 }
501 501
502 notify_rule_change(RTM_DELRULE, rule, ops, nlh, 502 notify_rule_change(RTM_DELRULE, rule, ops, nlh,
503 NETLINK_CB(skb).pid); 503 NETLINK_CB(skb).portid);
504 if (ops->delete) 504 if (ops->delete)
505 ops->delete(rule); 505 ops->delete(rule);
506 fib_rule_put(rule); 506 fib_rule_put(rule);
@@ -601,7 +601,7 @@ static int dump_rules(struct sk_buff *skb, struct netlink_callback *cb,
601 if (idx < cb->args[1]) 601 if (idx < cb->args[1])
602 goto skip; 602 goto skip;
603 603
604 if (fib_nl_fill_rule(skb, rule, NETLINK_CB(cb->skb).pid, 604 if (fib_nl_fill_rule(skb, rule, NETLINK_CB(cb->skb).portid,
605 cb->nlh->nlmsg_seq, RTM_NEWRULE, 605 cb->nlh->nlmsg_seq, RTM_NEWRULE,
606 NLM_F_MULTI, ops) < 0) 606 NLM_F_MULTI, ops) < 0)
607 break; 607 break;
diff --git a/net/core/filter.c b/net/core/filter.c
index 907efd27ec77..3d92ebb7fbcf 100644
--- a/net/core/filter.c
+++ b/net/core/filter.c
@@ -167,6 +167,14 @@ unsigned int sk_run_filter(const struct sk_buff *skb,
167 case BPF_S_ALU_DIV_K: 167 case BPF_S_ALU_DIV_K:
168 A = reciprocal_divide(A, K); 168 A = reciprocal_divide(A, K);
169 continue; 169 continue;
170 case BPF_S_ALU_MOD_X:
171 if (X == 0)
172 return 0;
173 A %= X;
174 continue;
175 case BPF_S_ALU_MOD_K:
176 A %= K;
177 continue;
170 case BPF_S_ALU_AND_X: 178 case BPF_S_ALU_AND_X:
171 A &= X; 179 A &= X;
172 continue; 180 continue;
@@ -179,6 +187,13 @@ unsigned int sk_run_filter(const struct sk_buff *skb,
179 case BPF_S_ALU_OR_K: 187 case BPF_S_ALU_OR_K:
180 A |= K; 188 A |= K;
181 continue; 189 continue;
190 case BPF_S_ANC_ALU_XOR_X:
191 case BPF_S_ALU_XOR_X:
192 A ^= X;
193 continue;
194 case BPF_S_ALU_XOR_K:
195 A ^= K;
196 continue;
182 case BPF_S_ALU_LSH_X: 197 case BPF_S_ALU_LSH_X:
183 A <<= X; 198 A <<= X;
184 continue; 199 continue;
@@ -326,9 +341,6 @@ load_b:
326 case BPF_S_ANC_CPU: 341 case BPF_S_ANC_CPU:
327 A = raw_smp_processor_id(); 342 A = raw_smp_processor_id();
328 continue; 343 continue;
329 case BPF_S_ANC_ALU_XOR_X:
330 A ^= X;
331 continue;
332 case BPF_S_ANC_NLATTR: { 344 case BPF_S_ANC_NLATTR: {
333 struct nlattr *nla; 345 struct nlattr *nla;
334 346
@@ -469,10 +481,14 @@ int sk_chk_filter(struct sock_filter *filter, unsigned int flen)
469 [BPF_ALU|BPF_MUL|BPF_K] = BPF_S_ALU_MUL_K, 481 [BPF_ALU|BPF_MUL|BPF_K] = BPF_S_ALU_MUL_K,
470 [BPF_ALU|BPF_MUL|BPF_X] = BPF_S_ALU_MUL_X, 482 [BPF_ALU|BPF_MUL|BPF_X] = BPF_S_ALU_MUL_X,
471 [BPF_ALU|BPF_DIV|BPF_X] = BPF_S_ALU_DIV_X, 483 [BPF_ALU|BPF_DIV|BPF_X] = BPF_S_ALU_DIV_X,
484 [BPF_ALU|BPF_MOD|BPF_K] = BPF_S_ALU_MOD_K,
485 [BPF_ALU|BPF_MOD|BPF_X] = BPF_S_ALU_MOD_X,
472 [BPF_ALU|BPF_AND|BPF_K] = BPF_S_ALU_AND_K, 486 [BPF_ALU|BPF_AND|BPF_K] = BPF_S_ALU_AND_K,
473 [BPF_ALU|BPF_AND|BPF_X] = BPF_S_ALU_AND_X, 487 [BPF_ALU|BPF_AND|BPF_X] = BPF_S_ALU_AND_X,
474 [BPF_ALU|BPF_OR|BPF_K] = BPF_S_ALU_OR_K, 488 [BPF_ALU|BPF_OR|BPF_K] = BPF_S_ALU_OR_K,
475 [BPF_ALU|BPF_OR|BPF_X] = BPF_S_ALU_OR_X, 489 [BPF_ALU|BPF_OR|BPF_X] = BPF_S_ALU_OR_X,
490 [BPF_ALU|BPF_XOR|BPF_K] = BPF_S_ALU_XOR_K,
491 [BPF_ALU|BPF_XOR|BPF_X] = BPF_S_ALU_XOR_X,
476 [BPF_ALU|BPF_LSH|BPF_K] = BPF_S_ALU_LSH_K, 492 [BPF_ALU|BPF_LSH|BPF_K] = BPF_S_ALU_LSH_K,
477 [BPF_ALU|BPF_LSH|BPF_X] = BPF_S_ALU_LSH_X, 493 [BPF_ALU|BPF_LSH|BPF_X] = BPF_S_ALU_LSH_X,
478 [BPF_ALU|BPF_RSH|BPF_K] = BPF_S_ALU_RSH_K, 494 [BPF_ALU|BPF_RSH|BPF_K] = BPF_S_ALU_RSH_K,
@@ -531,6 +547,11 @@ int sk_chk_filter(struct sock_filter *filter, unsigned int flen)
531 return -EINVAL; 547 return -EINVAL;
532 ftest->k = reciprocal_value(ftest->k); 548 ftest->k = reciprocal_value(ftest->k);
533 break; 549 break;
550 case BPF_S_ALU_MOD_K:
551 /* check for division by zero */
552 if (ftest->k == 0)
553 return -EINVAL;
554 break;
534 case BPF_S_LD_MEM: 555 case BPF_S_LD_MEM:
535 case BPF_S_LDX_MEM: 556 case BPF_S_LDX_MEM:
536 case BPF_S_ST: 557 case BPF_S_ST:
diff --git a/net/core/link_watch.c b/net/core/link_watch.c
index 8e397a69005a..8f82a5cc3851 100644
--- a/net/core/link_watch.c
+++ b/net/core/link_watch.c
@@ -76,6 +76,14 @@ static void rfc2863_policy(struct net_device *dev)
76} 76}
77 77
78 78
79void linkwatch_init_dev(struct net_device *dev)
80{
81 /* Handle pre-registration link state changes */
82 if (!netif_carrier_ok(dev) || netif_dormant(dev))
83 rfc2863_policy(dev);
84}
85
86
79static bool linkwatch_urgent_event(struct net_device *dev) 87static bool linkwatch_urgent_event(struct net_device *dev)
80{ 88{
81 if (!netif_running(dev)) 89 if (!netif_running(dev))
diff --git a/net/core/neighbour.c b/net/core/neighbour.c
index 112c6e2266e9..baca771caae2 100644
--- a/net/core/neighbour.c
+++ b/net/core/neighbour.c
@@ -2102,7 +2102,7 @@ static int neightbl_dump_info(struct sk_buff *skb, struct netlink_callback *cb)
2102 if (tidx < tbl_skip || (family && tbl->family != family)) 2102 if (tidx < tbl_skip || (family && tbl->family != family))
2103 continue; 2103 continue;
2104 2104
2105 if (neightbl_fill_info(skb, tbl, NETLINK_CB(cb->skb).pid, 2105 if (neightbl_fill_info(skb, tbl, NETLINK_CB(cb->skb).portid,
2106 cb->nlh->nlmsg_seq, RTM_NEWNEIGHTBL, 2106 cb->nlh->nlmsg_seq, RTM_NEWNEIGHTBL,
2107 NLM_F_MULTI) <= 0) 2107 NLM_F_MULTI) <= 0)
2108 break; 2108 break;
@@ -2115,7 +2115,7 @@ static int neightbl_dump_info(struct sk_buff *skb, struct netlink_callback *cb)
2115 goto next; 2115 goto next;
2116 2116
2117 if (neightbl_fill_param_info(skb, tbl, p, 2117 if (neightbl_fill_param_info(skb, tbl, p,
2118 NETLINK_CB(cb->skb).pid, 2118 NETLINK_CB(cb->skb).portid,
2119 cb->nlh->nlmsg_seq, 2119 cb->nlh->nlmsg_seq,
2120 RTM_NEWNEIGHTBL, 2120 RTM_NEWNEIGHTBL,
2121 NLM_F_MULTI) <= 0) 2121 NLM_F_MULTI) <= 0)
@@ -2244,7 +2244,7 @@ static int neigh_dump_table(struct neigh_table *tbl, struct sk_buff *skb,
2244 continue; 2244 continue;
2245 if (idx < s_idx) 2245 if (idx < s_idx)
2246 goto next; 2246 goto next;
2247 if (neigh_fill_info(skb, n, NETLINK_CB(cb->skb).pid, 2247 if (neigh_fill_info(skb, n, NETLINK_CB(cb->skb).portid,
2248 cb->nlh->nlmsg_seq, 2248 cb->nlh->nlmsg_seq,
2249 RTM_NEWNEIGH, 2249 RTM_NEWNEIGH,
2250 NLM_F_MULTI) <= 0) { 2250 NLM_F_MULTI) <= 0) {
@@ -2281,7 +2281,7 @@ static int pneigh_dump_table(struct neigh_table *tbl, struct sk_buff *skb,
2281 continue; 2281 continue;
2282 if (idx < s_idx) 2282 if (idx < s_idx)
2283 goto next; 2283 goto next;
2284 if (pneigh_fill_info(skb, n, NETLINK_CB(cb->skb).pid, 2284 if (pneigh_fill_info(skb, n, NETLINK_CB(cb->skb).portid,
2285 cb->nlh->nlmsg_seq, 2285 cb->nlh->nlmsg_seq,
2286 RTM_NEWNEIGH, 2286 RTM_NEWNEIGH,
2287 NLM_F_MULTI, tbl) <= 0) { 2287 NLM_F_MULTI, tbl) <= 0) {
diff --git a/net/core/net-sysfs.c b/net/core/net-sysfs.c
index 72607174ea5a..bcf02f608cbf 100644
--- a/net/core/net-sysfs.c
+++ b/net/core/net-sysfs.c
@@ -166,9 +166,21 @@ static ssize_t show_duplex(struct device *dev,
166 166
167 if (netif_running(netdev)) { 167 if (netif_running(netdev)) {
168 struct ethtool_cmd cmd; 168 struct ethtool_cmd cmd;
169 if (!__ethtool_get_settings(netdev, &cmd)) 169 if (!__ethtool_get_settings(netdev, &cmd)) {
170 ret = sprintf(buf, "%s\n", 170 const char *duplex;
171 cmd.duplex ? "full" : "half"); 171 switch (cmd.duplex) {
172 case DUPLEX_HALF:
173 duplex = "half";
174 break;
175 case DUPLEX_FULL:
176 duplex = "full";
177 break;
178 default:
179 duplex = "unknown";
180 break;
181 }
182 ret = sprintf(buf, "%s\n", duplex);
183 }
172 } 184 }
173 rtnl_unlock(); 185 rtnl_unlock();
174 return ret; 186 return ret;
diff --git a/net/core/netpoll.c b/net/core/netpoll.c
index e4ba3e70c174..77a0388fc3be 100644
--- a/net/core/netpoll.c
+++ b/net/core/netpoll.c
@@ -328,7 +328,7 @@ void netpoll_send_skb_on_dev(struct netpoll *np, struct sk_buff *skb,
328 if (skb_queue_len(&npinfo->txq) == 0 && !netpoll_owner_active(dev)) { 328 if (skb_queue_len(&npinfo->txq) == 0 && !netpoll_owner_active(dev)) {
329 struct netdev_queue *txq; 329 struct netdev_queue *txq;
330 330
331 txq = netdev_get_tx_queue(dev, skb_get_queue_mapping(skb)); 331 txq = netdev_pick_tx(dev, skb);
332 332
333 /* try until next clock tick */ 333 /* try until next clock tick */
334 for (tries = jiffies_to_usecs(1)/USEC_PER_POLL; 334 for (tries = jiffies_to_usecs(1)/USEC_PER_POLL;
@@ -380,6 +380,7 @@ void netpoll_send_udp(struct netpoll *np, const char *msg, int len)
380 struct udphdr *udph; 380 struct udphdr *udph;
381 struct iphdr *iph; 381 struct iphdr *iph;
382 struct ethhdr *eth; 382 struct ethhdr *eth;
383 static atomic_t ip_ident;
383 384
384 udp_len = len + sizeof(*udph); 385 udp_len = len + sizeof(*udph);
385 ip_len = udp_len + sizeof(*iph); 386 ip_len = udp_len + sizeof(*iph);
@@ -415,7 +416,7 @@ void netpoll_send_udp(struct netpoll *np, const char *msg, int len)
415 put_unaligned(0x45, (unsigned char *)iph); 416 put_unaligned(0x45, (unsigned char *)iph);
416 iph->tos = 0; 417 iph->tos = 0;
417 put_unaligned(htons(ip_len), &(iph->tot_len)); 418 put_unaligned(htons(ip_len), &(iph->tot_len));
418 iph->id = 0; 419 iph->id = htons(atomic_inc_return(&ip_ident));
419 iph->frag_off = 0; 420 iph->frag_off = 0;
420 iph->ttl = 64; 421 iph->ttl = 64;
421 iph->protocol = IPPROTO_UDP; 422 iph->protocol = IPPROTO_UDP;
diff --git a/net/core/netprio_cgroup.c b/net/core/netprio_cgroup.c
index 39e7e4d3cdb4..4a83fb3c8e87 100644
--- a/net/core/netprio_cgroup.c
+++ b/net/core/netprio_cgroup.c
@@ -73,7 +73,6 @@ static int extend_netdev_table(struct net_device *dev, u32 new_len)
73 ((sizeof(u32) * new_len)); 73 ((sizeof(u32) * new_len));
74 struct netprio_map *new_priomap = kzalloc(new_size, GFP_KERNEL); 74 struct netprio_map *new_priomap = kzalloc(new_size, GFP_KERNEL);
75 struct netprio_map *old_priomap; 75 struct netprio_map *old_priomap;
76 int i;
77 76
78 old_priomap = rtnl_dereference(dev->priomap); 77 old_priomap = rtnl_dereference(dev->priomap);
79 78
@@ -82,10 +81,10 @@ static int extend_netdev_table(struct net_device *dev, u32 new_len)
82 return -ENOMEM; 81 return -ENOMEM;
83 } 82 }
84 83
85 for (i = 0; 84 if (old_priomap)
86 old_priomap && (i < old_priomap->priomap_len); 85 memcpy(new_priomap->priomap, old_priomap->priomap,
87 i++) 86 old_priomap->priomap_len *
88 new_priomap->priomap[i] = old_priomap->priomap[i]; 87 sizeof(old_priomap->priomap[0]));
89 88
90 new_priomap->priomap_len = new_len; 89 new_priomap->priomap_len = new_len;
91 90
@@ -109,32 +108,6 @@ static int write_update_netdev_table(struct net_device *dev)
109 return ret; 108 return ret;
110} 109}
111 110
112static int update_netdev_tables(void)
113{
114 int ret = 0;
115 struct net_device *dev;
116 u32 max_len;
117 struct netprio_map *map;
118
119 rtnl_lock();
120 max_len = atomic_read(&max_prioidx) + 1;
121 for_each_netdev(&init_net, dev) {
122 map = rtnl_dereference(dev->priomap);
123 /*
124 * don't allocate priomap if we didn't
125 * change net_prio.ifpriomap (map == NULL),
126 * this will speed up skb_update_prio.
127 */
128 if (map && map->priomap_len < max_len) {
129 ret = extend_netdev_table(dev, max_len);
130 if (ret < 0)
131 break;
132 }
133 }
134 rtnl_unlock();
135 return ret;
136}
137
138static struct cgroup_subsys_state *cgrp_create(struct cgroup *cgrp) 111static struct cgroup_subsys_state *cgrp_create(struct cgroup *cgrp)
139{ 112{
140 struct cgroup_netprio_state *cs; 113 struct cgroup_netprio_state *cs;
@@ -153,12 +126,6 @@ static struct cgroup_subsys_state *cgrp_create(struct cgroup *cgrp)
153 goto out; 126 goto out;
154 } 127 }
155 128
156 ret = update_netdev_tables();
157 if (ret < 0) {
158 put_prioidx(cs->prioidx);
159 goto out;
160 }
161
162 return &cs->css; 129 return &cs->css;
163out: 130out:
164 kfree(cs); 131 kfree(cs);
diff --git a/net/core/request_sock.c b/net/core/request_sock.c
index 9b570a6a33c5..c31d9e8668c3 100644
--- a/net/core/request_sock.c
+++ b/net/core/request_sock.c
@@ -15,6 +15,7 @@
15#include <linux/random.h> 15#include <linux/random.h>
16#include <linux/slab.h> 16#include <linux/slab.h>
17#include <linux/string.h> 17#include <linux/string.h>
18#include <linux/tcp.h>
18#include <linux/vmalloc.h> 19#include <linux/vmalloc.h>
19 20
20#include <net/request_sock.h> 21#include <net/request_sock.h>
@@ -130,3 +131,97 @@ void reqsk_queue_destroy(struct request_sock_queue *queue)
130 kfree(lopt); 131 kfree(lopt);
131} 132}
132 133
134/*
135 * This function is called to set a Fast Open socket's "fastopen_rsk" field
136 * to NULL when a TFO socket no longer needs to access the request_sock.
137 * This happens only after 3WHS has been either completed or aborted (e.g.,
138 * RST is received).
139 *
140 * Before TFO, a child socket is created only after 3WHS is completed,
141 * hence it never needs to access the request_sock. things get a lot more
142 * complex with TFO. A child socket, accepted or not, has to access its
143 * request_sock for 3WHS processing, e.g., to retransmit SYN-ACK pkts,
144 * until 3WHS is either completed or aborted. Afterwards the req will stay
145 * until either the child socket is accepted, or in the rare case when the
146 * listener is closed before the child is accepted.
147 *
148 * In short, a request socket is only freed after BOTH 3WHS has completed
149 * (or aborted) and the child socket has been accepted (or listener closed).
150 * When a child socket is accepted, its corresponding req->sk is set to
151 * NULL since it's no longer needed. More importantly, "req->sk == NULL"
152 * will be used by the code below to determine if a child socket has been
153 * accepted or not, and the check is protected by the fastopenq->lock
154 * described below.
155 *
156 * Note that fastopen_rsk is only accessed from the child socket's context
157 * with its socket lock held. But a request_sock (req) can be accessed by
158 * both its child socket through fastopen_rsk, and a listener socket through
159 * icsk_accept_queue.rskq_accept_head. To protect the access a simple spin
160 * lock per listener "icsk->icsk_accept_queue.fastopenq->lock" is created.
161 * only in the rare case when both the listener and the child locks are held,
162 * e.g., in inet_csk_listen_stop() do we not need to acquire the lock.
163 * The lock also protects other fields such as fastopenq->qlen, which is
164 * decremented by this function when fastopen_rsk is no longer needed.
165 *
166 * Note that another solution was to simply use the existing socket lock
167 * from the listener. But first socket lock is difficult to use. It is not
168 * a simple spin lock - one must consider sock_owned_by_user() and arrange
169 * to use sk_add_backlog() stuff. But what really makes it infeasible is the
170 * locking hierarchy violation. E.g., inet_csk_listen_stop() may try to
171 * acquire a child's lock while holding listener's socket lock. A corner
172 * case might also exist in tcp_v4_hnd_req() that will trigger this locking
173 * order.
174 *
175 * When a TFO req is created, it needs to sock_hold its listener to prevent
176 * the latter data structure from going away.
177 *
178 * This function also sets "treq->listener" to NULL and unreference listener
179 * socket. treq->listener is used by the listener so it is protected by the
180 * fastopenq->lock in this function.
181 */
182void reqsk_fastopen_remove(struct sock *sk, struct request_sock *req,
183 bool reset)
184{
185 struct sock *lsk = tcp_rsk(req)->listener;
186 struct fastopen_queue *fastopenq =
187 inet_csk(lsk)->icsk_accept_queue.fastopenq;
188
189 BUG_ON(!spin_is_locked(&sk->sk_lock.slock) && !sock_owned_by_user(sk));
190
191 tcp_sk(sk)->fastopen_rsk = NULL;
192 spin_lock_bh(&fastopenq->lock);
193 fastopenq->qlen--;
194 tcp_rsk(req)->listener = NULL;
195 if (req->sk) /* the child socket hasn't been accepted yet */
196 goto out;
197
198 if (!reset || lsk->sk_state != TCP_LISTEN) {
199 /* If the listener has been closed don't bother with the
200 * special RST handling below.
201 */
202 spin_unlock_bh(&fastopenq->lock);
203 sock_put(lsk);
204 reqsk_free(req);
205 return;
206 }
207 /* Wait for 60secs before removing a req that has triggered RST.
208 * This is a simple defense against TFO spoofing attack - by
209 * counting the req against fastopen.max_qlen, and disabling
210 * TFO when the qlen exceeds max_qlen.
211 *
212 * For more details see CoNext'11 "TCP Fast Open" paper.
213 */
214 req->expires = jiffies + 60*HZ;
215 if (fastopenq->rskq_rst_head == NULL)
216 fastopenq->rskq_rst_head = req;
217 else
218 fastopenq->rskq_rst_tail->dl_next = req;
219
220 req->dl_next = NULL;
221 fastopenq->rskq_rst_tail = req;
222 fastopenq->qlen++;
223out:
224 spin_unlock_bh(&fastopenq->lock);
225 sock_put(lsk);
226 return;
227}
diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
index 2c5a0a06c4ce..76d4c2c3c89b 100644
--- a/net/core/rtnetlink.c
+++ b/net/core/rtnetlink.c
@@ -618,7 +618,7 @@ int rtnl_put_cacheinfo(struct sk_buff *skb, struct dst_entry *dst, u32 id,
618 long expires, u32 error) 618 long expires, u32 error)
619{ 619{
620 struct rta_cacheinfo ci = { 620 struct rta_cacheinfo ci = {
621 .rta_lastuse = jiffies_to_clock_t(jiffies - dst->lastuse), 621 .rta_lastuse = jiffies_delta_to_clock_t(jiffies - dst->lastuse),
622 .rta_used = dst->__use, 622 .rta_used = dst->__use,
623 .rta_clntref = atomic_read(&(dst->__refcnt)), 623 .rta_clntref = atomic_read(&(dst->__refcnt)),
624 .rta_error = error, 624 .rta_error = error,
@@ -1081,7 +1081,7 @@ static int rtnl_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb)
1081 if (idx < s_idx) 1081 if (idx < s_idx)
1082 goto cont; 1082 goto cont;
1083 if (rtnl_fill_ifinfo(skb, dev, RTM_NEWLINK, 1083 if (rtnl_fill_ifinfo(skb, dev, RTM_NEWLINK,
1084 NETLINK_CB(cb->skb).pid, 1084 NETLINK_CB(cb->skb).portid,
1085 cb->nlh->nlmsg_seq, 0, 1085 cb->nlh->nlmsg_seq, 0,
1086 NLM_F_MULTI, 1086 NLM_F_MULTI,
1087 ext_filter_mask) <= 0) 1087 ext_filter_mask) <= 0)
@@ -1812,8 +1812,6 @@ replay:
1812 return -ENODEV; 1812 return -ENODEV;
1813 } 1813 }
1814 1814
1815 if (ifm->ifi_index)
1816 return -EOPNOTSUPP;
1817 if (tb[IFLA_MAP] || tb[IFLA_MASTER] || tb[IFLA_PROTINFO]) 1815 if (tb[IFLA_MAP] || tb[IFLA_MASTER] || tb[IFLA_PROTINFO])
1818 return -EOPNOTSUPP; 1816 return -EOPNOTSUPP;
1819 1817
@@ -1839,10 +1837,14 @@ replay:
1839 return PTR_ERR(dest_net); 1837 return PTR_ERR(dest_net);
1840 1838
1841 dev = rtnl_create_link(net, dest_net, ifname, ops, tb); 1839 dev = rtnl_create_link(net, dest_net, ifname, ops, tb);
1842 1840 if (IS_ERR(dev)) {
1843 if (IS_ERR(dev))
1844 err = PTR_ERR(dev); 1841 err = PTR_ERR(dev);
1845 else if (ops->newlink) 1842 goto out;
1843 }
1844
1845 dev->ifindex = ifm->ifi_index;
1846
1847 if (ops->newlink)
1846 err = ops->newlink(net, dev, tb, data); 1848 err = ops->newlink(net, dev, tb, data);
1847 else 1849 else
1848 err = register_netdevice(dev); 1850 err = register_netdevice(dev);
@@ -1897,14 +1899,14 @@ static int rtnl_getlink(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg)
1897 if (nskb == NULL) 1899 if (nskb == NULL)
1898 return -ENOBUFS; 1900 return -ENOBUFS;
1899 1901
1900 err = rtnl_fill_ifinfo(nskb, dev, RTM_NEWLINK, NETLINK_CB(skb).pid, 1902 err = rtnl_fill_ifinfo(nskb, dev, RTM_NEWLINK, NETLINK_CB(skb).portid,
1901 nlh->nlmsg_seq, 0, 0, ext_filter_mask); 1903 nlh->nlmsg_seq, 0, 0, ext_filter_mask);
1902 if (err < 0) { 1904 if (err < 0) {
1903 /* -EMSGSIZE implies BUG in if_nlmsg_size */ 1905 /* -EMSGSIZE implies BUG in if_nlmsg_size */
1904 WARN_ON(err == -EMSGSIZE); 1906 WARN_ON(err == -EMSGSIZE);
1905 kfree_skb(nskb); 1907 kfree_skb(nskb);
1906 } else 1908 } else
1907 err = rtnl_unicast(nskb, net, NETLINK_CB(skb).pid); 1909 err = rtnl_unicast(nskb, net, NETLINK_CB(skb).portid);
1908 1910
1909 return err; 1911 return err;
1910} 1912}
@@ -2088,7 +2090,8 @@ static int rtnl_fdb_add(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
2088 if ((!ndm->ndm_flags || ndm->ndm_flags & NTF_MASTER) && 2090 if ((!ndm->ndm_flags || ndm->ndm_flags & NTF_MASTER) &&
2089 (dev->priv_flags & IFF_BRIDGE_PORT)) { 2091 (dev->priv_flags & IFF_BRIDGE_PORT)) {
2090 master = dev->master; 2092 master = dev->master;
2091 err = master->netdev_ops->ndo_fdb_add(ndm, dev, addr, 2093 err = master->netdev_ops->ndo_fdb_add(ndm, tb,
2094 dev, addr,
2092 nlh->nlmsg_flags); 2095 nlh->nlmsg_flags);
2093 if (err) 2096 if (err)
2094 goto out; 2097 goto out;
@@ -2098,7 +2101,8 @@ static int rtnl_fdb_add(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
2098 2101
2099 /* Embedded bridge, macvlan, and any other device support */ 2102 /* Embedded bridge, macvlan, and any other device support */
2100 if ((ndm->ndm_flags & NTF_SELF) && dev->netdev_ops->ndo_fdb_add) { 2103 if ((ndm->ndm_flags & NTF_SELF) && dev->netdev_ops->ndo_fdb_add) {
2101 err = dev->netdev_ops->ndo_fdb_add(ndm, dev, addr, 2104 err = dev->netdev_ops->ndo_fdb_add(ndm, tb,
2105 dev, addr,
2102 nlh->nlmsg_flags); 2106 nlh->nlmsg_flags);
2103 2107
2104 if (!err) { 2108 if (!err) {
@@ -2178,9 +2182,9 @@ static int nlmsg_populate_fdb(struct sk_buff *skb,
2178{ 2182{
2179 struct netdev_hw_addr *ha; 2183 struct netdev_hw_addr *ha;
2180 int err; 2184 int err;
2181 u32 pid, seq; 2185 u32 portid, seq;
2182 2186
2183 pid = NETLINK_CB(cb->skb).pid; 2187 portid = NETLINK_CB(cb->skb).portid;
2184 seq = cb->nlh->nlmsg_seq; 2188 seq = cb->nlh->nlmsg_seq;
2185 2189
2186 list_for_each_entry(ha, &list->list, list) { 2190 list_for_each_entry(ha, &list->list, list) {
@@ -2188,7 +2192,7 @@ static int nlmsg_populate_fdb(struct sk_buff *skb,
2188 goto skip; 2192 goto skip;
2189 2193
2190 err = nlmsg_populate_fdb_fill(skb, dev, ha->addr, 2194 err = nlmsg_populate_fdb_fill(skb, dev, ha->addr,
2191 pid, seq, 0, NTF_SELF); 2195 portid, seq, 0, NTF_SELF);
2192 if (err < 0) 2196 if (err < 0)
2193 return err; 2197 return err;
2194skip: 2198skip:
@@ -2356,7 +2360,7 @@ static int rtnetlink_event(struct notifier_block *this, unsigned long event, voi
2356 case NETDEV_PRE_TYPE_CHANGE: 2360 case NETDEV_PRE_TYPE_CHANGE:
2357 case NETDEV_GOING_DOWN: 2361 case NETDEV_GOING_DOWN:
2358 case NETDEV_UNREGISTER: 2362 case NETDEV_UNREGISTER:
2359 case NETDEV_UNREGISTER_BATCH: 2363 case NETDEV_UNREGISTER_FINAL:
2360 case NETDEV_RELEASE: 2364 case NETDEV_RELEASE:
2361 case NETDEV_JOIN: 2365 case NETDEV_JOIN:
2362 break; 2366 break;
@@ -2379,9 +2383,10 @@ static int __net_init rtnetlink_net_init(struct net *net)
2379 .groups = RTNLGRP_MAX, 2383 .groups = RTNLGRP_MAX,
2380 .input = rtnetlink_rcv, 2384 .input = rtnetlink_rcv,
2381 .cb_mutex = &rtnl_mutex, 2385 .cb_mutex = &rtnl_mutex,
2386 .flags = NL_CFG_F_NONROOT_RECV,
2382 }; 2387 };
2383 2388
2384 sk = netlink_kernel_create(net, NETLINK_ROUTE, THIS_MODULE, &cfg); 2389 sk = netlink_kernel_create(net, NETLINK_ROUTE, &cfg);
2385 if (!sk) 2390 if (!sk)
2386 return -ENOMEM; 2391 return -ENOMEM;
2387 net->rtnl = sk; 2392 net->rtnl = sk;
@@ -2414,7 +2419,6 @@ void __init rtnetlink_init(void)
2414 if (register_pernet_subsys(&rtnetlink_net_ops)) 2419 if (register_pernet_subsys(&rtnetlink_net_ops))
2415 panic("rtnetlink_init: cannot initialize rtnetlink\n"); 2420 panic("rtnetlink_init: cannot initialize rtnetlink\n");
2416 2421
2417 netlink_set_nonroot(NETLINK_ROUTE, NL_NONROOT_RECV);
2418 register_netdevice_notifier(&rtnetlink_dev_notifier); 2422 register_netdevice_notifier(&rtnetlink_dev_notifier);
2419 2423
2420 rtnl_register(PF_UNSPEC, RTM_GETLINK, rtnl_getlink, 2424 rtnl_register(PF_UNSPEC, RTM_GETLINK, rtnl_getlink,
diff --git a/net/core/scm.c b/net/core/scm.c
index 6ab491d6c26f..9c1c63da3ca8 100644
--- a/net/core/scm.c
+++ b/net/core/scm.c
@@ -155,19 +155,21 @@ int __scm_send(struct socket *sock, struct msghdr *msg, struct scm_cookie *p)
155 break; 155 break;
156 case SCM_CREDENTIALS: 156 case SCM_CREDENTIALS:
157 { 157 {
158 struct ucred creds;
158 kuid_t uid; 159 kuid_t uid;
159 kgid_t gid; 160 kgid_t gid;
160 if (cmsg->cmsg_len != CMSG_LEN(sizeof(struct ucred))) 161 if (cmsg->cmsg_len != CMSG_LEN(sizeof(struct ucred)))
161 goto error; 162 goto error;
162 memcpy(&p->creds, CMSG_DATA(cmsg), sizeof(struct ucred)); 163 memcpy(&creds, CMSG_DATA(cmsg), sizeof(struct ucred));
163 err = scm_check_creds(&p->creds); 164 err = scm_check_creds(&creds);
164 if (err) 165 if (err)
165 goto error; 166 goto error;
166 167
167 if (!p->pid || pid_vnr(p->pid) != p->creds.pid) { 168 p->creds.pid = creds.pid;
169 if (!p->pid || pid_vnr(p->pid) != creds.pid) {
168 struct pid *pid; 170 struct pid *pid;
169 err = -ESRCH; 171 err = -ESRCH;
170 pid = find_get_pid(p->creds.pid); 172 pid = find_get_pid(creds.pid);
171 if (!pid) 173 if (!pid)
172 goto error; 174 goto error;
173 put_pid(p->pid); 175 put_pid(p->pid);
@@ -175,11 +177,14 @@ int __scm_send(struct socket *sock, struct msghdr *msg, struct scm_cookie *p)
175 } 177 }
176 178
177 err = -EINVAL; 179 err = -EINVAL;
178 uid = make_kuid(current_user_ns(), p->creds.uid); 180 uid = make_kuid(current_user_ns(), creds.uid);
179 gid = make_kgid(current_user_ns(), p->creds.gid); 181 gid = make_kgid(current_user_ns(), creds.gid);
180 if (!uid_valid(uid) || !gid_valid(gid)) 182 if (!uid_valid(uid) || !gid_valid(gid))
181 goto error; 183 goto error;
182 184
185 p->creds.uid = uid;
186 p->creds.gid = gid;
187
183 if (!p->cred || 188 if (!p->cred ||
184 !uid_eq(p->cred->euid, uid) || 189 !uid_eq(p->cred->euid, uid) ||
185 !gid_eq(p->cred->egid, gid)) { 190 !gid_eq(p->cred->egid, gid)) {
diff --git a/net/core/secure_seq.c b/net/core/secure_seq.c
index 99b2596531bb..e61a8bb7fce7 100644
--- a/net/core/secure_seq.c
+++ b/net/core/secure_seq.c
@@ -76,6 +76,7 @@ u32 secure_ipv6_port_ephemeral(const __be32 *saddr, const __be32 *daddr,
76 76
77 return hash[0]; 77 return hash[0];
78} 78}
79EXPORT_SYMBOL(secure_ipv6_port_ephemeral);
79#endif 80#endif
80 81
81#ifdef CONFIG_INET 82#ifdef CONFIG_INET
diff --git a/net/core/skbuff.c b/net/core/skbuff.c
index e33ebae519c8..cdc28598f4ef 100644
--- a/net/core/skbuff.c
+++ b/net/core/skbuff.c
@@ -340,43 +340,57 @@ struct sk_buff *build_skb(void *data, unsigned int frag_size)
340EXPORT_SYMBOL(build_skb); 340EXPORT_SYMBOL(build_skb);
341 341
342struct netdev_alloc_cache { 342struct netdev_alloc_cache {
343 struct page *page; 343 struct page_frag frag;
344 unsigned int offset; 344 /* we maintain a pagecount bias, so that we dont dirty cache line
345 unsigned int pagecnt_bias; 345 * containing page->_count every time we allocate a fragment.
346 */
347 unsigned int pagecnt_bias;
346}; 348};
347static DEFINE_PER_CPU(struct netdev_alloc_cache, netdev_alloc_cache); 349static DEFINE_PER_CPU(struct netdev_alloc_cache, netdev_alloc_cache);
348 350
349#define NETDEV_PAGECNT_BIAS (PAGE_SIZE / SMP_CACHE_BYTES) 351#define NETDEV_FRAG_PAGE_MAX_ORDER get_order(32768)
352#define NETDEV_FRAG_PAGE_MAX_SIZE (PAGE_SIZE << NETDEV_FRAG_PAGE_MAX_ORDER)
353#define NETDEV_PAGECNT_MAX_BIAS NETDEV_FRAG_PAGE_MAX_SIZE
350 354
351static void *__netdev_alloc_frag(unsigned int fragsz, gfp_t gfp_mask) 355static void *__netdev_alloc_frag(unsigned int fragsz, gfp_t gfp_mask)
352{ 356{
353 struct netdev_alloc_cache *nc; 357 struct netdev_alloc_cache *nc;
354 void *data = NULL; 358 void *data = NULL;
359 int order;
355 unsigned long flags; 360 unsigned long flags;
356 361
357 local_irq_save(flags); 362 local_irq_save(flags);
358 nc = &__get_cpu_var(netdev_alloc_cache); 363 nc = &__get_cpu_var(netdev_alloc_cache);
359 if (unlikely(!nc->page)) { 364 if (unlikely(!nc->frag.page)) {
360refill: 365refill:
361 nc->page = alloc_page(gfp_mask); 366 for (order = NETDEV_FRAG_PAGE_MAX_ORDER; ;) {
362 if (unlikely(!nc->page)) 367 gfp_t gfp = gfp_mask;
363 goto end; 368
369 if (order)
370 gfp |= __GFP_COMP | __GFP_NOWARN;
371 nc->frag.page = alloc_pages(gfp, order);
372 if (likely(nc->frag.page))
373 break;
374 if (--order < 0)
375 goto end;
376 }
377 nc->frag.size = PAGE_SIZE << order;
364recycle: 378recycle:
365 atomic_set(&nc->page->_count, NETDEV_PAGECNT_BIAS); 379 atomic_set(&nc->frag.page->_count, NETDEV_PAGECNT_MAX_BIAS);
366 nc->pagecnt_bias = NETDEV_PAGECNT_BIAS; 380 nc->pagecnt_bias = NETDEV_PAGECNT_MAX_BIAS;
367 nc->offset = 0; 381 nc->frag.offset = 0;
368 } 382 }
369 383
370 if (nc->offset + fragsz > PAGE_SIZE) { 384 if (nc->frag.offset + fragsz > nc->frag.size) {
371 /* avoid unnecessary locked operations if possible */ 385 /* avoid unnecessary locked operations if possible */
372 if ((atomic_read(&nc->page->_count) == nc->pagecnt_bias) || 386 if ((atomic_read(&nc->frag.page->_count) == nc->pagecnt_bias) ||
373 atomic_sub_and_test(nc->pagecnt_bias, &nc->page->_count)) 387 atomic_sub_and_test(nc->pagecnt_bias, &nc->frag.page->_count))
374 goto recycle; 388 goto recycle;
375 goto refill; 389 goto refill;
376 } 390 }
377 391
378 data = page_address(nc->page) + nc->offset; 392 data = page_address(nc->frag.page) + nc->frag.offset;
379 nc->offset += fragsz; 393 nc->frag.offset += fragsz;
380 nc->pagecnt_bias--; 394 nc->pagecnt_bias--;
381end: 395end:
382 local_irq_restore(flags); 396 local_irq_restore(flags);
@@ -1655,38 +1669,19 @@ static struct page *linear_to_page(struct page *page, unsigned int *len,
1655 unsigned int *offset, 1669 unsigned int *offset,
1656 struct sk_buff *skb, struct sock *sk) 1670 struct sk_buff *skb, struct sock *sk)
1657{ 1671{
1658 struct page *p = sk->sk_sndmsg_page; 1672 struct page_frag *pfrag = sk_page_frag(sk);
1659 unsigned int off;
1660
1661 if (!p) {
1662new_page:
1663 p = sk->sk_sndmsg_page = alloc_pages(sk->sk_allocation, 0);
1664 if (!p)
1665 return NULL;
1666 1673
1667 off = sk->sk_sndmsg_off = 0; 1674 if (!sk_page_frag_refill(sk, pfrag))
1668 /* hold one ref to this page until it's full */ 1675 return NULL;
1669 } else {
1670 unsigned int mlen;
1671
1672 /* If we are the only user of the page, we can reset offset */
1673 if (page_count(p) == 1)
1674 sk->sk_sndmsg_off = 0;
1675 off = sk->sk_sndmsg_off;
1676 mlen = PAGE_SIZE - off;
1677 if (mlen < 64 && mlen < *len) {
1678 put_page(p);
1679 goto new_page;
1680 }
1681 1676
1682 *len = min_t(unsigned int, *len, mlen); 1677 *len = min_t(unsigned int, *len, pfrag->size - pfrag->offset);
1683 }
1684 1678
1685 memcpy(page_address(p) + off, page_address(page) + *offset, *len); 1679 memcpy(page_address(pfrag->page) + pfrag->offset,
1686 sk->sk_sndmsg_off += *len; 1680 page_address(page) + *offset, *len);
1687 *offset = off; 1681 *offset = pfrag->offset;
1682 pfrag->offset += *len;
1688 1683
1689 return p; 1684 return pfrag->page;
1690} 1685}
1691 1686
1692static bool spd_can_coalesce(const struct splice_pipe_desc *spd, 1687static bool spd_can_coalesce(const struct splice_pipe_desc *spd,
@@ -3488,8 +3483,7 @@ bool skb_try_coalesce(struct sk_buff *to, struct sk_buff *from,
3488 skb_shinfo(from)->nr_frags > MAX_SKB_FRAGS) 3483 skb_shinfo(from)->nr_frags > MAX_SKB_FRAGS)
3489 return false; 3484 return false;
3490 3485
3491 delta = from->truesize - 3486 delta = from->truesize - SKB_TRUESIZE(skb_end_offset(from));
3492 SKB_TRUESIZE(skb_end_pointer(from) - from->head);
3493 } 3487 }
3494 3488
3495 WARN_ON_ONCE(delta < len); 3489 WARN_ON_ONCE(delta < len);
diff --git a/net/core/sock.c b/net/core/sock.c
index 12cddd037bce..8a146cfcc366 100644
--- a/net/core/sock.c
+++ b/net/core/sock.c
@@ -1221,7 +1221,7 @@ void sock_update_classid(struct sock *sk)
1221 rcu_read_lock(); /* doing current task, which cannot vanish. */ 1221 rcu_read_lock(); /* doing current task, which cannot vanish. */
1222 classid = task_cls_classid(current); 1222 classid = task_cls_classid(current);
1223 rcu_read_unlock(); 1223 rcu_read_unlock();
1224 if (classid && classid != sk->sk_classid) 1224 if (classid != sk->sk_classid)
1225 sk->sk_classid = classid; 1225 sk->sk_classid = classid;
1226} 1226}
1227EXPORT_SYMBOL(sock_update_classid); 1227EXPORT_SYMBOL(sock_update_classid);
@@ -1458,19 +1458,6 @@ void sk_setup_caps(struct sock *sk, struct dst_entry *dst)
1458} 1458}
1459EXPORT_SYMBOL_GPL(sk_setup_caps); 1459EXPORT_SYMBOL_GPL(sk_setup_caps);
1460 1460
1461void __init sk_init(void)
1462{
1463 if (totalram_pages <= 4096) {
1464 sysctl_wmem_max = 32767;
1465 sysctl_rmem_max = 32767;
1466 sysctl_wmem_default = 32767;
1467 sysctl_rmem_default = 32767;
1468 } else if (totalram_pages >= 131072) {
1469 sysctl_wmem_max = 131071;
1470 sysctl_rmem_max = 131071;
1471 }
1472}
1473
1474/* 1461/*
1475 * Simple resource managers for sockets. 1462 * Simple resource managers for sockets.
1476 */ 1463 */
@@ -1738,6 +1725,45 @@ struct sk_buff *sock_alloc_send_skb(struct sock *sk, unsigned long size,
1738} 1725}
1739EXPORT_SYMBOL(sock_alloc_send_skb); 1726EXPORT_SYMBOL(sock_alloc_send_skb);
1740 1727
1728/* On 32bit arches, an skb frag is limited to 2^15 */
1729#define SKB_FRAG_PAGE_ORDER get_order(32768)
1730
1731bool sk_page_frag_refill(struct sock *sk, struct page_frag *pfrag)
1732{
1733 int order;
1734
1735 if (pfrag->page) {
1736 if (atomic_read(&pfrag->page->_count) == 1) {
1737 pfrag->offset = 0;
1738 return true;
1739 }
1740 if (pfrag->offset < pfrag->size)
1741 return true;
1742 put_page(pfrag->page);
1743 }
1744
1745 /* We restrict high order allocations to users that can afford to wait */
1746 order = (sk->sk_allocation & __GFP_WAIT) ? SKB_FRAG_PAGE_ORDER : 0;
1747
1748 do {
1749 gfp_t gfp = sk->sk_allocation;
1750
1751 if (order)
1752 gfp |= __GFP_COMP | __GFP_NOWARN;
1753 pfrag->page = alloc_pages(gfp, order);
1754 if (likely(pfrag->page)) {
1755 pfrag->offset = 0;
1756 pfrag->size = PAGE_SIZE << order;
1757 return true;
1758 }
1759 } while (--order >= 0);
1760
1761 sk_enter_memory_pressure(sk);
1762 sk_stream_moderate_sndbuf(sk);
1763 return false;
1764}
1765EXPORT_SYMBOL(sk_page_frag_refill);
1766
1741static void __lock_sock(struct sock *sk) 1767static void __lock_sock(struct sock *sk)
1742 __releases(&sk->sk_lock.slock) 1768 __releases(&sk->sk_lock.slock)
1743 __acquires(&sk->sk_lock.slock) 1769 __acquires(&sk->sk_lock.slock)
@@ -2167,8 +2193,8 @@ void sock_init_data(struct socket *sock, struct sock *sk)
2167 sk->sk_error_report = sock_def_error_report; 2193 sk->sk_error_report = sock_def_error_report;
2168 sk->sk_destruct = sock_def_destruct; 2194 sk->sk_destruct = sock_def_destruct;
2169 2195
2170 sk->sk_sndmsg_page = NULL; 2196 sk->sk_frag.page = NULL;
2171 sk->sk_sndmsg_off = 0; 2197 sk->sk_frag.offset = 0;
2172 sk->sk_peek_off = -1; 2198 sk->sk_peek_off = -1;
2173 2199
2174 sk->sk_peer_pid = NULL; 2200 sk->sk_peer_pid = NULL;
@@ -2411,6 +2437,12 @@ void sk_common_release(struct sock *sk)
2411 xfrm_sk_free_policy(sk); 2437 xfrm_sk_free_policy(sk);
2412 2438
2413 sk_refcnt_debug_release(sk); 2439 sk_refcnt_debug_release(sk);
2440
2441 if (sk->sk_frag.page) {
2442 put_page(sk->sk_frag.page);
2443 sk->sk_frag.page = NULL;
2444 }
2445
2414 sock_put(sk); 2446 sock_put(sk);
2415} 2447}
2416EXPORT_SYMBOL(sk_common_release); 2448EXPORT_SYMBOL(sk_common_release);
diff --git a/net/core/sock_diag.c b/net/core/sock_diag.c
index 9d8755e4a7a5..602cd637182e 100644
--- a/net/core/sock_diag.c
+++ b/net/core/sock_diag.c
@@ -172,8 +172,7 @@ static int __net_init diag_net_init(struct net *net)
172 .input = sock_diag_rcv, 172 .input = sock_diag_rcv,
173 }; 173 };
174 174
175 net->diag_nlsk = netlink_kernel_create(net, NETLINK_SOCK_DIAG, 175 net->diag_nlsk = netlink_kernel_create(net, NETLINK_SOCK_DIAG, &cfg);
176 THIS_MODULE, &cfg);
177 return net->diag_nlsk == NULL ? -ENOMEM : 0; 176 return net->diag_nlsk == NULL ? -ENOMEM : 0;
178} 177}
179 178
diff --git a/net/core/utils.c b/net/core/utils.c
index 39895a65e54a..f5613d569c23 100644
--- a/net/core/utils.c
+++ b/net/core/utils.c
@@ -294,6 +294,26 @@ void inet_proto_csum_replace4(__sum16 *sum, struct sk_buff *skb,
294} 294}
295EXPORT_SYMBOL(inet_proto_csum_replace4); 295EXPORT_SYMBOL(inet_proto_csum_replace4);
296 296
297void inet_proto_csum_replace16(__sum16 *sum, struct sk_buff *skb,
298 const __be32 *from, const __be32 *to,
299 int pseudohdr)
300{
301 __be32 diff[] = {
302 ~from[0], ~from[1], ~from[2], ~from[3],
303 to[0], to[1], to[2], to[3],
304 };
305 if (skb->ip_summed != CHECKSUM_PARTIAL) {
306 *sum = csum_fold(csum_partial(diff, sizeof(diff),
307 ~csum_unfold(*sum)));
308 if (skb->ip_summed == CHECKSUM_COMPLETE && pseudohdr)
309 skb->csum = ~csum_partial(diff, sizeof(diff),
310 ~skb->csum);
311 } else if (pseudohdr)
312 *sum = ~csum_fold(csum_partial(diff, sizeof(diff),
313 csum_unfold(*sum)));
314}
315EXPORT_SYMBOL(inet_proto_csum_replace16);
316
297int mac_pton(const char *s, u8 *mac) 317int mac_pton(const char *s, u8 *mac)
298{ 318{
299 int i; 319 int i;
diff --git a/net/dcb/dcbnl.c b/net/dcb/dcbnl.c
index 81f2bb62dea3..70989e672304 100644
--- a/net/dcb/dcbnl.c
+++ b/net/dcb/dcbnl.c
@@ -1319,7 +1319,7 @@ nla_put_failure:
1319} 1319}
1320 1320
1321static int dcbnl_notify(struct net_device *dev, int event, int cmd, 1321static int dcbnl_notify(struct net_device *dev, int event, int cmd,
1322 u32 seq, u32 pid, int dcbx_ver) 1322 u32 seq, u32 portid, int dcbx_ver)
1323{ 1323{
1324 struct net *net = dev_net(dev); 1324 struct net *net = dev_net(dev);
1325 struct sk_buff *skb; 1325 struct sk_buff *skb;
@@ -1330,7 +1330,7 @@ static int dcbnl_notify(struct net_device *dev, int event, int cmd,
1330 if (!ops) 1330 if (!ops)
1331 return -EOPNOTSUPP; 1331 return -EOPNOTSUPP;
1332 1332
1333 skb = dcbnl_newmsg(event, cmd, pid, seq, 0, &nlh); 1333 skb = dcbnl_newmsg(event, cmd, portid, seq, 0, &nlh);
1334 if (!skb) 1334 if (!skb)
1335 return -ENOBUFS; 1335 return -ENOBUFS;
1336 1336
@@ -1353,16 +1353,16 @@ static int dcbnl_notify(struct net_device *dev, int event, int cmd,
1353} 1353}
1354 1354
1355int dcbnl_ieee_notify(struct net_device *dev, int event, int cmd, 1355int dcbnl_ieee_notify(struct net_device *dev, int event, int cmd,
1356 u32 seq, u32 pid) 1356 u32 seq, u32 portid)
1357{ 1357{
1358 return dcbnl_notify(dev, event, cmd, seq, pid, DCB_CAP_DCBX_VER_IEEE); 1358 return dcbnl_notify(dev, event, cmd, seq, portid, DCB_CAP_DCBX_VER_IEEE);
1359} 1359}
1360EXPORT_SYMBOL(dcbnl_ieee_notify); 1360EXPORT_SYMBOL(dcbnl_ieee_notify);
1361 1361
1362int dcbnl_cee_notify(struct net_device *dev, int event, int cmd, 1362int dcbnl_cee_notify(struct net_device *dev, int event, int cmd,
1363 u32 seq, u32 pid) 1363 u32 seq, u32 portid)
1364{ 1364{
1365 return dcbnl_notify(dev, event, cmd, seq, pid, DCB_CAP_DCBX_VER_CEE); 1365 return dcbnl_notify(dev, event, cmd, seq, portid, DCB_CAP_DCBX_VER_CEE);
1366} 1366}
1367EXPORT_SYMBOL(dcbnl_cee_notify); 1367EXPORT_SYMBOL(dcbnl_cee_notify);
1368 1368
@@ -1656,7 +1656,7 @@ static int dcb_doit(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
1656 struct net_device *netdev; 1656 struct net_device *netdev;
1657 struct dcbmsg *dcb = nlmsg_data(nlh); 1657 struct dcbmsg *dcb = nlmsg_data(nlh);
1658 struct nlattr *tb[DCB_ATTR_MAX + 1]; 1658 struct nlattr *tb[DCB_ATTR_MAX + 1];
1659 u32 pid = skb ? NETLINK_CB(skb).pid : 0; 1659 u32 portid = skb ? NETLINK_CB(skb).portid : 0;
1660 int ret = -EINVAL; 1660 int ret = -EINVAL;
1661 struct sk_buff *reply_skb; 1661 struct sk_buff *reply_skb;
1662 struct nlmsghdr *reply_nlh = NULL; 1662 struct nlmsghdr *reply_nlh = NULL;
@@ -1690,7 +1690,7 @@ static int dcb_doit(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
1690 goto out; 1690 goto out;
1691 } 1691 }
1692 1692
1693 reply_skb = dcbnl_newmsg(fn->type, dcb->cmd, pid, nlh->nlmsg_seq, 1693 reply_skb = dcbnl_newmsg(fn->type, dcb->cmd, portid, nlh->nlmsg_seq,
1694 nlh->nlmsg_flags, &reply_nlh); 1694 nlh->nlmsg_flags, &reply_nlh);
1695 if (!reply_skb) { 1695 if (!reply_skb) {
1696 ret = -ENOBUFS; 1696 ret = -ENOBUFS;
@@ -1705,7 +1705,7 @@ static int dcb_doit(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
1705 1705
1706 nlmsg_end(reply_skb, reply_nlh); 1706 nlmsg_end(reply_skb, reply_nlh);
1707 1707
1708 ret = rtnl_unicast(reply_skb, &init_net, pid); 1708 ret = rtnl_unicast(reply_skb, &init_net, portid);
1709out: 1709out:
1710 dev_put(netdev); 1710 dev_put(netdev);
1711 return ret; 1711 return ret;
diff --git a/net/decnet/af_decnet.c b/net/decnet/af_decnet.c
index 2ba1a2814c24..307c322d53bb 100644
--- a/net/decnet/af_decnet.c
+++ b/net/decnet/af_decnet.c
@@ -1313,10 +1313,10 @@ static int dn_shutdown(struct socket *sock, int how)
1313 if (scp->state == DN_O) 1313 if (scp->state == DN_O)
1314 goto out; 1314 goto out;
1315 1315
1316 if (how != SHUTDOWN_MASK) 1316 if (how != SHUT_RDWR)
1317 goto out; 1317 goto out;
1318 1318
1319 sk->sk_shutdown = how; 1319 sk->sk_shutdown = SHUTDOWN_MASK;
1320 dn_destroy_sock(sk); 1320 dn_destroy_sock(sk);
1321 err = 0; 1321 err = 0;
1322 1322
diff --git a/net/decnet/dn_dev.c b/net/decnet/dn_dev.c
index f3924ab1e019..7b7e561412d3 100644
--- a/net/decnet/dn_dev.c
+++ b/net/decnet/dn_dev.c
@@ -667,12 +667,12 @@ static inline size_t dn_ifaddr_nlmsg_size(void)
667} 667}
668 668
669static int dn_nl_fill_ifaddr(struct sk_buff *skb, struct dn_ifaddr *ifa, 669static int dn_nl_fill_ifaddr(struct sk_buff *skb, struct dn_ifaddr *ifa,
670 u32 pid, u32 seq, int event, unsigned int flags) 670 u32 portid, u32 seq, int event, unsigned int flags)
671{ 671{
672 struct ifaddrmsg *ifm; 672 struct ifaddrmsg *ifm;
673 struct nlmsghdr *nlh; 673 struct nlmsghdr *nlh;
674 674
675 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*ifm), flags); 675 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*ifm), flags);
676 if (nlh == NULL) 676 if (nlh == NULL)
677 return -EMSGSIZE; 677 return -EMSGSIZE;
678 678
@@ -753,7 +753,7 @@ static int dn_nl_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
753 if (dn_idx < skip_naddr) 753 if (dn_idx < skip_naddr)
754 continue; 754 continue;
755 755
756 if (dn_nl_fill_ifaddr(skb, ifa, NETLINK_CB(cb->skb).pid, 756 if (dn_nl_fill_ifaddr(skb, ifa, NETLINK_CB(cb->skb).portid,
757 cb->nlh->nlmsg_seq, RTM_NEWADDR, 757 cb->nlh->nlmsg_seq, RTM_NEWADDR,
758 NLM_F_MULTI) < 0) 758 NLM_F_MULTI) < 0)
759 goto done; 759 goto done;
diff --git a/net/decnet/dn_route.c b/net/decnet/dn_route.c
index 85a3604c87c8..b57419cc41a4 100644
--- a/net/decnet/dn_route.c
+++ b/net/decnet/dn_route.c
@@ -961,7 +961,7 @@ static int dn_route_output_slow(struct dst_entry **pprt, const struct flowidn *o
961 .saddr = oldflp->saddr, 961 .saddr = oldflp->saddr,
962 .flowidn_scope = RT_SCOPE_UNIVERSE, 962 .flowidn_scope = RT_SCOPE_UNIVERSE,
963 .flowidn_mark = oldflp->flowidn_mark, 963 .flowidn_mark = oldflp->flowidn_mark,
964 .flowidn_iif = init_net.loopback_dev->ifindex, 964 .flowidn_iif = LOOPBACK_IFINDEX,
965 .flowidn_oif = oldflp->flowidn_oif, 965 .flowidn_oif = oldflp->flowidn_oif,
966 }; 966 };
967 struct dn_route *rt = NULL; 967 struct dn_route *rt = NULL;
@@ -979,7 +979,7 @@ static int dn_route_output_slow(struct dst_entry **pprt, const struct flowidn *o
979 "dn_route_output_slow: dst=%04x src=%04x mark=%d" 979 "dn_route_output_slow: dst=%04x src=%04x mark=%d"
980 " iif=%d oif=%d\n", le16_to_cpu(oldflp->daddr), 980 " iif=%d oif=%d\n", le16_to_cpu(oldflp->daddr),
981 le16_to_cpu(oldflp->saddr), 981 le16_to_cpu(oldflp->saddr),
982 oldflp->flowidn_mark, init_net.loopback_dev->ifindex, 982 oldflp->flowidn_mark, LOOPBACK_IFINDEX,
983 oldflp->flowidn_oif); 983 oldflp->flowidn_oif);
984 984
985 /* If we have an output interface, verify its a DECnet device */ 985 /* If we have an output interface, verify its a DECnet device */
@@ -1042,7 +1042,7 @@ source_ok:
1042 if (!fld.daddr) 1042 if (!fld.daddr)
1043 goto out; 1043 goto out;
1044 } 1044 }
1045 fld.flowidn_oif = init_net.loopback_dev->ifindex; 1045 fld.flowidn_oif = LOOPBACK_IFINDEX;
1046 res.type = RTN_LOCAL; 1046 res.type = RTN_LOCAL;
1047 goto make_route; 1047 goto make_route;
1048 } 1048 }
@@ -1543,7 +1543,7 @@ static int dn_route_input(struct sk_buff *skb)
1543 return dn_route_input_slow(skb); 1543 return dn_route_input_slow(skb);
1544} 1544}
1545 1545
1546static int dn_rt_fill_info(struct sk_buff *skb, u32 pid, u32 seq, 1546static int dn_rt_fill_info(struct sk_buff *skb, u32 portid, u32 seq,
1547 int event, int nowait, unsigned int flags) 1547 int event, int nowait, unsigned int flags)
1548{ 1548{
1549 struct dn_route *rt = (struct dn_route *)skb_dst(skb); 1549 struct dn_route *rt = (struct dn_route *)skb_dst(skb);
@@ -1551,7 +1551,7 @@ static int dn_rt_fill_info(struct sk_buff *skb, u32 pid, u32 seq,
1551 struct nlmsghdr *nlh; 1551 struct nlmsghdr *nlh;
1552 long expires; 1552 long expires;
1553 1553
1554 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*r), flags); 1554 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*r), flags);
1555 if (!nlh) 1555 if (!nlh)
1556 return -EMSGSIZE; 1556 return -EMSGSIZE;
1557 1557
@@ -1685,7 +1685,7 @@ static int dn_cache_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh, void
1685 if (rtm->rtm_flags & RTM_F_NOTIFY) 1685 if (rtm->rtm_flags & RTM_F_NOTIFY)
1686 rt->rt_flags |= RTCF_NOTIFY; 1686 rt->rt_flags |= RTCF_NOTIFY;
1687 1687
1688 err = dn_rt_fill_info(skb, NETLINK_CB(in_skb).pid, nlh->nlmsg_seq, RTM_NEWROUTE, 0, 0); 1688 err = dn_rt_fill_info(skb, NETLINK_CB(in_skb).portid, nlh->nlmsg_seq, RTM_NEWROUTE, 0, 0);
1689 1689
1690 if (err == 0) 1690 if (err == 0)
1691 goto out_free; 1691 goto out_free;
@@ -1694,7 +1694,7 @@ static int dn_cache_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh, void
1694 goto out_free; 1694 goto out_free;
1695 } 1695 }
1696 1696
1697 return rtnl_unicast(skb, &init_net, NETLINK_CB(in_skb).pid); 1697 return rtnl_unicast(skb, &init_net, NETLINK_CB(in_skb).portid);
1698 1698
1699out_free: 1699out_free:
1700 kfree_skb(skb); 1700 kfree_skb(skb);
@@ -1737,7 +1737,7 @@ int dn_cache_dump(struct sk_buff *skb, struct netlink_callback *cb)
1737 if (idx < s_idx) 1737 if (idx < s_idx)
1738 continue; 1738 continue;
1739 skb_dst_set(skb, dst_clone(&rt->dst)); 1739 skb_dst_set(skb, dst_clone(&rt->dst));
1740 if (dn_rt_fill_info(skb, NETLINK_CB(cb->skb).pid, 1740 if (dn_rt_fill_info(skb, NETLINK_CB(cb->skb).portid,
1741 cb->nlh->nlmsg_seq, RTM_NEWROUTE, 1741 cb->nlh->nlmsg_seq, RTM_NEWROUTE,
1742 1, NLM_F_MULTI) <= 0) { 1742 1, NLM_F_MULTI) <= 0) {
1743 skb_dst_drop(skb); 1743 skb_dst_drop(skb);
diff --git a/net/decnet/dn_table.c b/net/decnet/dn_table.c
index 16c986ab1228..f968c1b58f47 100644
--- a/net/decnet/dn_table.c
+++ b/net/decnet/dn_table.c
@@ -291,14 +291,14 @@ static inline size_t dn_fib_nlmsg_size(struct dn_fib_info *fi)
291 return payload; 291 return payload;
292} 292}
293 293
294static int dn_fib_dump_info(struct sk_buff *skb, u32 pid, u32 seq, int event, 294static int dn_fib_dump_info(struct sk_buff *skb, u32 portid, u32 seq, int event,
295 u32 tb_id, u8 type, u8 scope, void *dst, int dst_len, 295 u32 tb_id, u8 type, u8 scope, void *dst, int dst_len,
296 struct dn_fib_info *fi, unsigned int flags) 296 struct dn_fib_info *fi, unsigned int flags)
297{ 297{
298 struct rtmsg *rtm; 298 struct rtmsg *rtm;
299 struct nlmsghdr *nlh; 299 struct nlmsghdr *nlh;
300 300
301 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*rtm), flags); 301 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*rtm), flags);
302 if (!nlh) 302 if (!nlh)
303 return -EMSGSIZE; 303 return -EMSGSIZE;
304 304
@@ -374,14 +374,14 @@ static void dn_rtmsg_fib(int event, struct dn_fib_node *f, int z, u32 tb_id,
374 struct nlmsghdr *nlh, struct netlink_skb_parms *req) 374 struct nlmsghdr *nlh, struct netlink_skb_parms *req)
375{ 375{
376 struct sk_buff *skb; 376 struct sk_buff *skb;
377 u32 pid = req ? req->pid : 0; 377 u32 portid = req ? req->portid : 0;
378 int err = -ENOBUFS; 378 int err = -ENOBUFS;
379 379
380 skb = nlmsg_new(dn_fib_nlmsg_size(DN_FIB_INFO(f)), GFP_KERNEL); 380 skb = nlmsg_new(dn_fib_nlmsg_size(DN_FIB_INFO(f)), GFP_KERNEL);
381 if (skb == NULL) 381 if (skb == NULL)
382 goto errout; 382 goto errout;
383 383
384 err = dn_fib_dump_info(skb, pid, nlh->nlmsg_seq, event, tb_id, 384 err = dn_fib_dump_info(skb, portid, nlh->nlmsg_seq, event, tb_id,
385 f->fn_type, f->fn_scope, &f->fn_key, z, 385 f->fn_type, f->fn_scope, &f->fn_key, z,
386 DN_FIB_INFO(f), 0); 386 DN_FIB_INFO(f), 0);
387 if (err < 0) { 387 if (err < 0) {
@@ -390,7 +390,7 @@ static void dn_rtmsg_fib(int event, struct dn_fib_node *f, int z, u32 tb_id,
390 kfree_skb(skb); 390 kfree_skb(skb);
391 goto errout; 391 goto errout;
392 } 392 }
393 rtnl_notify(skb, &init_net, pid, RTNLGRP_DECnet_ROUTE, nlh, GFP_KERNEL); 393 rtnl_notify(skb, &init_net, portid, RTNLGRP_DECnet_ROUTE, nlh, GFP_KERNEL);
394 return; 394 return;
395errout: 395errout:
396 if (err < 0) 396 if (err < 0)
@@ -411,7 +411,7 @@ static __inline__ int dn_hash_dump_bucket(struct sk_buff *skb,
411 continue; 411 continue;
412 if (f->fn_state & DN_S_ZOMBIE) 412 if (f->fn_state & DN_S_ZOMBIE)
413 continue; 413 continue;
414 if (dn_fib_dump_info(skb, NETLINK_CB(cb->skb).pid, 414 if (dn_fib_dump_info(skb, NETLINK_CB(cb->skb).portid,
415 cb->nlh->nlmsg_seq, 415 cb->nlh->nlmsg_seq,
416 RTM_NEWROUTE, 416 RTM_NEWROUTE,
417 tb->n, 417 tb->n,
diff --git a/net/decnet/netfilter/dn_rtmsg.c b/net/decnet/netfilter/dn_rtmsg.c
index 11db0ecf342f..dfe42012a044 100644
--- a/net/decnet/netfilter/dn_rtmsg.c
+++ b/net/decnet/netfilter/dn_rtmsg.c
@@ -130,8 +130,7 @@ static int __init dn_rtmsg_init(void)
130 .input = dnrmg_receive_user_skb, 130 .input = dnrmg_receive_user_skb,
131 }; 131 };
132 132
133 dnrmg = netlink_kernel_create(&init_net, 133 dnrmg = netlink_kernel_create(&init_net, NETLINK_DNRTMSG, &cfg);
134 NETLINK_DNRTMSG, THIS_MODULE, &cfg);
135 if (dnrmg == NULL) { 134 if (dnrmg == NULL) {
136 printk(KERN_ERR "dn_rtmsg: Cannot create netlink socket"); 135 printk(KERN_ERR "dn_rtmsg: Cannot create netlink socket");
137 return -ENOMEM; 136 return -ENOMEM;
diff --git a/net/ieee802154/6lowpan.c b/net/ieee802154/6lowpan.c
index 6a095225148e..6d42c17af96b 100644
--- a/net/ieee802154/6lowpan.c
+++ b/net/ieee802154/6lowpan.c
@@ -1063,12 +1063,6 @@ out:
1063 return (err < 0 ? NETDEV_TX_BUSY : NETDEV_TX_OK); 1063 return (err < 0 ? NETDEV_TX_BUSY : NETDEV_TX_OK);
1064} 1064}
1065 1065
1066static void lowpan_dev_free(struct net_device *dev)
1067{
1068 dev_put(lowpan_dev_info(dev)->real_dev);
1069 free_netdev(dev);
1070}
1071
1072static struct wpan_phy *lowpan_get_phy(const struct net_device *dev) 1066static struct wpan_phy *lowpan_get_phy(const struct net_device *dev)
1073{ 1067{
1074 struct net_device *real_dev = lowpan_dev_info(dev)->real_dev; 1068 struct net_device *real_dev = lowpan_dev_info(dev)->real_dev;
@@ -1118,7 +1112,7 @@ static void lowpan_setup(struct net_device *dev)
1118 dev->netdev_ops = &lowpan_netdev_ops; 1112 dev->netdev_ops = &lowpan_netdev_ops;
1119 dev->header_ops = &lowpan_header_ops; 1113 dev->header_ops = &lowpan_header_ops;
1120 dev->ml_priv = &lowpan_mlme; 1114 dev->ml_priv = &lowpan_mlme;
1121 dev->destructor = lowpan_dev_free; 1115 dev->destructor = free_netdev;
1122} 1116}
1123 1117
1124static int lowpan_validate(struct nlattr *tb[], struct nlattr *data[]) 1118static int lowpan_validate(struct nlattr *tb[], struct nlattr *data[])
@@ -1133,6 +1127,8 @@ static int lowpan_validate(struct nlattr *tb[], struct nlattr *data[])
1133static int lowpan_rcv(struct sk_buff *skb, struct net_device *dev, 1127static int lowpan_rcv(struct sk_buff *skb, struct net_device *dev,
1134 struct packet_type *pt, struct net_device *orig_dev) 1128 struct packet_type *pt, struct net_device *orig_dev)
1135{ 1129{
1130 struct sk_buff *local_skb;
1131
1136 if (!netif_running(dev)) 1132 if (!netif_running(dev))
1137 goto drop; 1133 goto drop;
1138 1134
@@ -1144,7 +1140,12 @@ static int lowpan_rcv(struct sk_buff *skb, struct net_device *dev,
1144 case LOWPAN_DISPATCH_IPHC: /* ipv6 datagram */ 1140 case LOWPAN_DISPATCH_IPHC: /* ipv6 datagram */
1145 case LOWPAN_DISPATCH_FRAG1: /* first fragment header */ 1141 case LOWPAN_DISPATCH_FRAG1: /* first fragment header */
1146 case LOWPAN_DISPATCH_FRAGN: /* next fragments headers */ 1142 case LOWPAN_DISPATCH_FRAGN: /* next fragments headers */
1147 lowpan_process_data(skb); 1143 local_skb = skb_clone(skb, GFP_ATOMIC);
1144 if (!local_skb)
1145 goto drop;
1146 lowpan_process_data(local_skb);
1147
1148 kfree_skb(skb);
1148 break; 1149 break;
1149 default: 1150 default:
1150 break; 1151 break;
@@ -1237,6 +1238,34 @@ static inline void __init lowpan_netlink_fini(void)
1237 rtnl_link_unregister(&lowpan_link_ops); 1238 rtnl_link_unregister(&lowpan_link_ops);
1238} 1239}
1239 1240
1241static int lowpan_device_event(struct notifier_block *unused,
1242 unsigned long event,
1243 void *ptr)
1244{
1245 struct net_device *dev = ptr;
1246 LIST_HEAD(del_list);
1247 struct lowpan_dev_record *entry, *tmp;
1248
1249 if (dev->type != ARPHRD_IEEE802154)
1250 goto out;
1251
1252 if (event == NETDEV_UNREGISTER) {
1253 list_for_each_entry_safe(entry, tmp, &lowpan_devices, list) {
1254 if (lowpan_dev_info(entry->ldev)->real_dev == dev)
1255 lowpan_dellink(entry->ldev, &del_list);
1256 }
1257
1258 unregister_netdevice_many(&del_list);
1259 }
1260
1261out:
1262 return NOTIFY_DONE;
1263}
1264
1265static struct notifier_block lowpan_dev_notifier = {
1266 .notifier_call = lowpan_device_event,
1267};
1268
1240static struct packet_type lowpan_packet_type = { 1269static struct packet_type lowpan_packet_type = {
1241 .type = __constant_htons(ETH_P_IEEE802154), 1270 .type = __constant_htons(ETH_P_IEEE802154),
1242 .func = lowpan_rcv, 1271 .func = lowpan_rcv,
@@ -1251,6 +1280,12 @@ static int __init lowpan_init_module(void)
1251 goto out; 1280 goto out;
1252 1281
1253 dev_add_pack(&lowpan_packet_type); 1282 dev_add_pack(&lowpan_packet_type);
1283
1284 err = register_netdevice_notifier(&lowpan_dev_notifier);
1285 if (err < 0) {
1286 dev_remove_pack(&lowpan_packet_type);
1287 lowpan_netlink_fini();
1288 }
1254out: 1289out:
1255 return err; 1290 return err;
1256} 1291}
@@ -1263,6 +1298,8 @@ static void __exit lowpan_cleanup_module(void)
1263 1298
1264 dev_remove_pack(&lowpan_packet_type); 1299 dev_remove_pack(&lowpan_packet_type);
1265 1300
1301 unregister_netdevice_notifier(&lowpan_dev_notifier);
1302
1266 /* Now 6lowpan packet_type is removed, so no new fragments are 1303 /* Now 6lowpan packet_type is removed, so no new fragments are
1267 * expected on RX, therefore that's the time to clean incomplete 1304 * expected on RX, therefore that's the time to clean incomplete
1268 * fragments. 1305 * fragments.
diff --git a/net/ieee802154/nl-mac.c b/net/ieee802154/nl-mac.c
index 1e9917124e75..96bb08abece2 100644
--- a/net/ieee802154/nl-mac.c
+++ b/net/ieee802154/nl-mac.c
@@ -246,7 +246,7 @@ nla_put_failure:
246} 246}
247EXPORT_SYMBOL(ieee802154_nl_start_confirm); 247EXPORT_SYMBOL(ieee802154_nl_start_confirm);
248 248
249static int ieee802154_nl_fill_iface(struct sk_buff *msg, u32 pid, 249static int ieee802154_nl_fill_iface(struct sk_buff *msg, u32 portid,
250 u32 seq, int flags, struct net_device *dev) 250 u32 seq, int flags, struct net_device *dev)
251{ 251{
252 void *hdr; 252 void *hdr;
@@ -534,7 +534,7 @@ static int ieee802154_list_iface(struct sk_buff *skb,
534 if (!msg) 534 if (!msg)
535 goto out_dev; 535 goto out_dev;
536 536
537 rc = ieee802154_nl_fill_iface(msg, info->snd_pid, info->snd_seq, 537 rc = ieee802154_nl_fill_iface(msg, info->snd_portid, info->snd_seq,
538 0, dev); 538 0, dev);
539 if (rc < 0) 539 if (rc < 0)
540 goto out_free; 540 goto out_free;
@@ -565,7 +565,7 @@ static int ieee802154_dump_iface(struct sk_buff *skb,
565 if (idx < s_idx || (dev->type != ARPHRD_IEEE802154)) 565 if (idx < s_idx || (dev->type != ARPHRD_IEEE802154))
566 goto cont; 566 goto cont;
567 567
568 if (ieee802154_nl_fill_iface(skb, NETLINK_CB(cb->skb).pid, 568 if (ieee802154_nl_fill_iface(skb, NETLINK_CB(cb->skb).portid,
569 cb->nlh->nlmsg_seq, NLM_F_MULTI, dev) < 0) 569 cb->nlh->nlmsg_seq, NLM_F_MULTI, dev) < 0)
570 break; 570 break;
571cont: 571cont:
diff --git a/net/ieee802154/nl-phy.c b/net/ieee802154/nl-phy.c
index d54be34cca94..22b1a7058fd3 100644
--- a/net/ieee802154/nl-phy.c
+++ b/net/ieee802154/nl-phy.c
@@ -35,7 +35,7 @@
35 35
36#include "ieee802154.h" 36#include "ieee802154.h"
37 37
38static int ieee802154_nl_fill_phy(struct sk_buff *msg, u32 pid, 38static int ieee802154_nl_fill_phy(struct sk_buff *msg, u32 portid,
39 u32 seq, int flags, struct wpan_phy *phy) 39 u32 seq, int flags, struct wpan_phy *phy)
40{ 40{
41 void *hdr; 41 void *hdr;
@@ -105,7 +105,7 @@ static int ieee802154_list_phy(struct sk_buff *skb,
105 if (!msg) 105 if (!msg)
106 goto out_dev; 106 goto out_dev;
107 107
108 rc = ieee802154_nl_fill_phy(msg, info->snd_pid, info->snd_seq, 108 rc = ieee802154_nl_fill_phy(msg, info->snd_portid, info->snd_seq,
109 0, phy); 109 0, phy);
110 if (rc < 0) 110 if (rc < 0)
111 goto out_free; 111 goto out_free;
@@ -138,7 +138,7 @@ static int ieee802154_dump_phy_iter(struct wpan_phy *phy, void *_data)
138 return 0; 138 return 0;
139 139
140 rc = ieee802154_nl_fill_phy(data->skb, 140 rc = ieee802154_nl_fill_phy(data->skb,
141 NETLINK_CB(data->cb->skb).pid, 141 NETLINK_CB(data->cb->skb).portid,
142 data->cb->nlh->nlmsg_seq, 142 data->cb->nlh->nlmsg_seq,
143 NLM_F_MULTI, 143 NLM_F_MULTI,
144 phy); 144 phy);
diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c
index fe4582ca969a..766c59658563 100644
--- a/net/ipv4/af_inet.c
+++ b/net/ipv4/af_inet.c
@@ -212,6 +212,26 @@ int inet_listen(struct socket *sock, int backlog)
212 * we can only allow the backlog to be adjusted. 212 * we can only allow the backlog to be adjusted.
213 */ 213 */
214 if (old_state != TCP_LISTEN) { 214 if (old_state != TCP_LISTEN) {
215 /* Check special setups for testing purpose to enable TFO w/o
216 * requiring TCP_FASTOPEN sockopt.
217 * Note that only TCP sockets (SOCK_STREAM) will reach here.
218 * Also fastopenq may already been allocated because this
219 * socket was in TCP_LISTEN state previously but was
220 * shutdown() (rather than close()).
221 */
222 if ((sysctl_tcp_fastopen & TFO_SERVER_ENABLE) != 0 &&
223 inet_csk(sk)->icsk_accept_queue.fastopenq == NULL) {
224 if ((sysctl_tcp_fastopen & TFO_SERVER_WO_SOCKOPT1) != 0)
225 err = fastopen_init_queue(sk, backlog);
226 else if ((sysctl_tcp_fastopen &
227 TFO_SERVER_WO_SOCKOPT2) != 0)
228 err = fastopen_init_queue(sk,
229 ((uint)sysctl_tcp_fastopen) >> 16);
230 else
231 err = 0;
232 if (err)
233 goto out;
234 }
215 err = inet_csk_listen_start(sk, backlog); 235 err = inet_csk_listen_start(sk, backlog);
216 if (err) 236 if (err)
217 goto out; 237 goto out;
@@ -701,7 +721,8 @@ int inet_accept(struct socket *sock, struct socket *newsock, int flags)
701 721
702 sock_rps_record_flow(sk2); 722 sock_rps_record_flow(sk2);
703 WARN_ON(!((1 << sk2->sk_state) & 723 WARN_ON(!((1 << sk2->sk_state) &
704 (TCPF_ESTABLISHED | TCPF_CLOSE_WAIT | TCPF_CLOSE))); 724 (TCPF_ESTABLISHED | TCPF_SYN_RECV |
725 TCPF_CLOSE_WAIT | TCPF_CLOSE)));
705 726
706 sock_graft(sk2, newsock); 727 sock_graft(sk2, newsock);
707 728
@@ -1364,7 +1385,7 @@ static struct sk_buff **inet_gro_receive(struct sk_buff **head,
1364 if (*(u8 *)iph != 0x45) 1385 if (*(u8 *)iph != 0x45)
1365 goto out_unlock; 1386 goto out_unlock;
1366 1387
1367 if (unlikely(ip_fast_csum((u8 *)iph, iph->ihl))) 1388 if (unlikely(ip_fast_csum((u8 *)iph, 5)))
1368 goto out_unlock; 1389 goto out_unlock;
1369 1390
1370 id = ntohl(*(__be32 *)&iph->id); 1391 id = ntohl(*(__be32 *)&iph->id);
@@ -1380,7 +1401,6 @@ static struct sk_buff **inet_gro_receive(struct sk_buff **head,
1380 iph2 = ip_hdr(p); 1401 iph2 = ip_hdr(p);
1381 1402
1382 if ((iph->protocol ^ iph2->protocol) | 1403 if ((iph->protocol ^ iph2->protocol) |
1383 (iph->tos ^ iph2->tos) |
1384 ((__force u32)iph->saddr ^ (__force u32)iph2->saddr) | 1404 ((__force u32)iph->saddr ^ (__force u32)iph2->saddr) |
1385 ((__force u32)iph->daddr ^ (__force u32)iph2->daddr)) { 1405 ((__force u32)iph->daddr ^ (__force u32)iph2->daddr)) {
1386 NAPI_GRO_CB(p)->same_flow = 0; 1406 NAPI_GRO_CB(p)->same_flow = 0;
@@ -1390,6 +1410,7 @@ static struct sk_buff **inet_gro_receive(struct sk_buff **head,
1390 /* All fields must match except length and checksum. */ 1410 /* All fields must match except length and checksum. */
1391 NAPI_GRO_CB(p)->flush |= 1411 NAPI_GRO_CB(p)->flush |=
1392 (iph->ttl ^ iph2->ttl) | 1412 (iph->ttl ^ iph2->ttl) |
1413 (iph->tos ^ iph2->tos) |
1393 ((u16)(ntohs(iph2->id) + NAPI_GRO_CB(p)->count) ^ id); 1414 ((u16)(ntohs(iph2->id) + NAPI_GRO_CB(p)->count) ^ id);
1394 1415
1395 NAPI_GRO_CB(p)->flush |= flush; 1416 NAPI_GRO_CB(p)->flush |= flush;
diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c
index e12fad773852..2a6abc163ed2 100644
--- a/net/ipv4/devinet.c
+++ b/net/ipv4/devinet.c
@@ -94,25 +94,22 @@ static const struct nla_policy ifa_ipv4_policy[IFA_MAX+1] = {
94 [IFA_LABEL] = { .type = NLA_STRING, .len = IFNAMSIZ - 1 }, 94 [IFA_LABEL] = { .type = NLA_STRING, .len = IFNAMSIZ - 1 },
95}; 95};
96 96
97/* inet_addr_hash's shifting is dependent upon this IN4_ADDR_HSIZE 97#define IN4_ADDR_HSIZE_SHIFT 8
98 * value. So if you change this define, make appropriate changes to 98#define IN4_ADDR_HSIZE (1U << IN4_ADDR_HSIZE_SHIFT)
99 * inet_addr_hash as well. 99
100 */
101#define IN4_ADDR_HSIZE 256
102static struct hlist_head inet_addr_lst[IN4_ADDR_HSIZE]; 100static struct hlist_head inet_addr_lst[IN4_ADDR_HSIZE];
103static DEFINE_SPINLOCK(inet_addr_hash_lock); 101static DEFINE_SPINLOCK(inet_addr_hash_lock);
104 102
105static inline unsigned int inet_addr_hash(struct net *net, __be32 addr) 103static u32 inet_addr_hash(struct net *net, __be32 addr)
106{ 104{
107 u32 val = (__force u32) addr ^ hash_ptr(net, 8); 105 u32 val = (__force u32) addr ^ net_hash_mix(net);
108 106
109 return ((val ^ (val >> 8) ^ (val >> 16) ^ (val >> 24)) & 107 return hash_32(val, IN4_ADDR_HSIZE_SHIFT);
110 (IN4_ADDR_HSIZE - 1));
111} 108}
112 109
113static void inet_hash_insert(struct net *net, struct in_ifaddr *ifa) 110static void inet_hash_insert(struct net *net, struct in_ifaddr *ifa)
114{ 111{
115 unsigned int hash = inet_addr_hash(net, ifa->ifa_local); 112 u32 hash = inet_addr_hash(net, ifa->ifa_local);
116 113
117 spin_lock(&inet_addr_hash_lock); 114 spin_lock(&inet_addr_hash_lock);
118 hlist_add_head_rcu(&ifa->hash, &inet_addr_lst[hash]); 115 hlist_add_head_rcu(&ifa->hash, &inet_addr_lst[hash]);
@@ -136,18 +133,18 @@ static void inet_hash_remove(struct in_ifaddr *ifa)
136 */ 133 */
137struct net_device *__ip_dev_find(struct net *net, __be32 addr, bool devref) 134struct net_device *__ip_dev_find(struct net *net, __be32 addr, bool devref)
138{ 135{
139 unsigned int hash = inet_addr_hash(net, addr); 136 u32 hash = inet_addr_hash(net, addr);
140 struct net_device *result = NULL; 137 struct net_device *result = NULL;
141 struct in_ifaddr *ifa; 138 struct in_ifaddr *ifa;
142 struct hlist_node *node; 139 struct hlist_node *node;
143 140
144 rcu_read_lock(); 141 rcu_read_lock();
145 hlist_for_each_entry_rcu(ifa, node, &inet_addr_lst[hash], hash) { 142 hlist_for_each_entry_rcu(ifa, node, &inet_addr_lst[hash], hash) {
146 struct net_device *dev = ifa->ifa_dev->dev;
147
148 if (!net_eq(dev_net(dev), net))
149 continue;
150 if (ifa->ifa_local == addr) { 143 if (ifa->ifa_local == addr) {
144 struct net_device *dev = ifa->ifa_dev->dev;
145
146 if (!net_eq(dev_net(dev), net))
147 continue;
151 result = dev; 148 result = dev;
152 break; 149 break;
153 } 150 }
@@ -182,10 +179,10 @@ static void inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap,
182static void devinet_sysctl_register(struct in_device *idev); 179static void devinet_sysctl_register(struct in_device *idev);
183static void devinet_sysctl_unregister(struct in_device *idev); 180static void devinet_sysctl_unregister(struct in_device *idev);
184#else 181#else
185static inline void devinet_sysctl_register(struct in_device *idev) 182static void devinet_sysctl_register(struct in_device *idev)
186{ 183{
187} 184}
188static inline void devinet_sysctl_unregister(struct in_device *idev) 185static void devinet_sysctl_unregister(struct in_device *idev)
189{ 186{
190} 187}
191#endif 188#endif
@@ -205,7 +202,7 @@ static void inet_rcu_free_ifa(struct rcu_head *head)
205 kfree(ifa); 202 kfree(ifa);
206} 203}
207 204
208static inline void inet_free_ifa(struct in_ifaddr *ifa) 205static void inet_free_ifa(struct in_ifaddr *ifa)
209{ 206{
210 call_rcu(&ifa->rcu_head, inet_rcu_free_ifa); 207 call_rcu(&ifa->rcu_head, inet_rcu_free_ifa);
211} 208}
@@ -314,7 +311,7 @@ int inet_addr_onlink(struct in_device *in_dev, __be32 a, __be32 b)
314} 311}
315 312
316static void __inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap, 313static void __inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap,
317 int destroy, struct nlmsghdr *nlh, u32 pid) 314 int destroy, struct nlmsghdr *nlh, u32 portid)
318{ 315{
319 struct in_ifaddr *promote = NULL; 316 struct in_ifaddr *promote = NULL;
320 struct in_ifaddr *ifa, *ifa1 = *ifap; 317 struct in_ifaddr *ifa, *ifa1 = *ifap;
@@ -348,7 +345,7 @@ static void __inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap,
348 inet_hash_remove(ifa); 345 inet_hash_remove(ifa);
349 *ifap1 = ifa->ifa_next; 346 *ifap1 = ifa->ifa_next;
350 347
351 rtmsg_ifa(RTM_DELADDR, ifa, nlh, pid); 348 rtmsg_ifa(RTM_DELADDR, ifa, nlh, portid);
352 blocking_notifier_call_chain(&inetaddr_chain, 349 blocking_notifier_call_chain(&inetaddr_chain,
353 NETDEV_DOWN, ifa); 350 NETDEV_DOWN, ifa);
354 inet_free_ifa(ifa); 351 inet_free_ifa(ifa);
@@ -385,7 +382,7 @@ static void __inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap,
385 is valid, it will try to restore deleted routes... Grr. 382 is valid, it will try to restore deleted routes... Grr.
386 So that, this order is correct. 383 So that, this order is correct.
387 */ 384 */
388 rtmsg_ifa(RTM_DELADDR, ifa1, nlh, pid); 385 rtmsg_ifa(RTM_DELADDR, ifa1, nlh, portid);
389 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_DOWN, ifa1); 386 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_DOWN, ifa1);
390 387
391 if (promote) { 388 if (promote) {
@@ -398,7 +395,7 @@ static void __inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap,
398 } 395 }
399 396
400 promote->ifa_flags &= ~IFA_F_SECONDARY; 397 promote->ifa_flags &= ~IFA_F_SECONDARY;
401 rtmsg_ifa(RTM_NEWADDR, promote, nlh, pid); 398 rtmsg_ifa(RTM_NEWADDR, promote, nlh, portid);
402 blocking_notifier_call_chain(&inetaddr_chain, 399 blocking_notifier_call_chain(&inetaddr_chain,
403 NETDEV_UP, promote); 400 NETDEV_UP, promote);
404 for (ifa = next_sec; ifa; ifa = ifa->ifa_next) { 401 for (ifa = next_sec; ifa; ifa = ifa->ifa_next) {
@@ -420,7 +417,7 @@ static void inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap,
420} 417}
421 418
422static int __inet_insert_ifa(struct in_ifaddr *ifa, struct nlmsghdr *nlh, 419static int __inet_insert_ifa(struct in_ifaddr *ifa, struct nlmsghdr *nlh,
423 u32 pid) 420 u32 portid)
424{ 421{
425 struct in_device *in_dev = ifa->ifa_dev; 422 struct in_device *in_dev = ifa->ifa_dev;
426 struct in_ifaddr *ifa1, **ifap, **last_primary; 423 struct in_ifaddr *ifa1, **ifap, **last_primary;
@@ -467,7 +464,7 @@ static int __inet_insert_ifa(struct in_ifaddr *ifa, struct nlmsghdr *nlh,
467 /* Send message first, then call notifier. 464 /* Send message first, then call notifier.
468 Notifier will trigger FIB update, so that 465 Notifier will trigger FIB update, so that
469 listeners of netlink will know about new ifaddr */ 466 listeners of netlink will know about new ifaddr */
470 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, pid); 467 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, portid);
471 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_UP, ifa); 468 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_UP, ifa);
472 469
473 return 0; 470 return 0;
@@ -566,7 +563,7 @@ static int inet_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg
566 !inet_ifa_match(nla_get_be32(tb[IFA_ADDRESS]), ifa))) 563 !inet_ifa_match(nla_get_be32(tb[IFA_ADDRESS]), ifa)))
567 continue; 564 continue;
568 565
569 __inet_del_ifa(in_dev, ifap, 1, nlh, NETLINK_CB(skb).pid); 566 __inet_del_ifa(in_dev, ifap, 1, nlh, NETLINK_CB(skb).portid);
570 return 0; 567 return 0;
571 } 568 }
572 569
@@ -652,14 +649,14 @@ static int inet_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg
652 if (IS_ERR(ifa)) 649 if (IS_ERR(ifa))
653 return PTR_ERR(ifa); 650 return PTR_ERR(ifa);
654 651
655 return __inet_insert_ifa(ifa, nlh, NETLINK_CB(skb).pid); 652 return __inet_insert_ifa(ifa, nlh, NETLINK_CB(skb).portid);
656} 653}
657 654
658/* 655/*
659 * Determine a default network mask, based on the IP address. 656 * Determine a default network mask, based on the IP address.
660 */ 657 */
661 658
662static inline int inet_abc_len(__be32 addr) 659static int inet_abc_len(__be32 addr)
663{ 660{
664 int rc = -1; /* Something else, probably a multicast. */ 661 int rc = -1; /* Something else, probably a multicast. */
665 662
@@ -1124,7 +1121,7 @@ skip:
1124 } 1121 }
1125} 1122}
1126 1123
1127static inline bool inetdev_valid_mtu(unsigned int mtu) 1124static bool inetdev_valid_mtu(unsigned int mtu)
1128{ 1125{
1129 return mtu >= 68; 1126 return mtu >= 68;
1130} 1127}
@@ -1239,7 +1236,7 @@ static struct notifier_block ip_netdev_notifier = {
1239 .notifier_call = inetdev_event, 1236 .notifier_call = inetdev_event,
1240}; 1237};
1241 1238
1242static inline size_t inet_nlmsg_size(void) 1239static size_t inet_nlmsg_size(void)
1243{ 1240{
1244 return NLMSG_ALIGN(sizeof(struct ifaddrmsg)) 1241 return NLMSG_ALIGN(sizeof(struct ifaddrmsg))
1245 + nla_total_size(4) /* IFA_ADDRESS */ 1242 + nla_total_size(4) /* IFA_ADDRESS */
@@ -1249,12 +1246,12 @@ static inline size_t inet_nlmsg_size(void)
1249} 1246}
1250 1247
1251static int inet_fill_ifaddr(struct sk_buff *skb, struct in_ifaddr *ifa, 1248static int inet_fill_ifaddr(struct sk_buff *skb, struct in_ifaddr *ifa,
1252 u32 pid, u32 seq, int event, unsigned int flags) 1249 u32 portid, u32 seq, int event, unsigned int flags)
1253{ 1250{
1254 struct ifaddrmsg *ifm; 1251 struct ifaddrmsg *ifm;
1255 struct nlmsghdr *nlh; 1252 struct nlmsghdr *nlh;
1256 1253
1257 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*ifm), flags); 1254 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*ifm), flags);
1258 if (nlh == NULL) 1255 if (nlh == NULL)
1259 return -EMSGSIZE; 1256 return -EMSGSIZE;
1260 1257
@@ -1316,7 +1313,7 @@ static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
1316 if (ip_idx < s_ip_idx) 1313 if (ip_idx < s_ip_idx)
1317 continue; 1314 continue;
1318 if (inet_fill_ifaddr(skb, ifa, 1315 if (inet_fill_ifaddr(skb, ifa,
1319 NETLINK_CB(cb->skb).pid, 1316 NETLINK_CB(cb->skb).portid,
1320 cb->nlh->nlmsg_seq, 1317 cb->nlh->nlmsg_seq,
1321 RTM_NEWADDR, NLM_F_MULTI) <= 0) { 1318 RTM_NEWADDR, NLM_F_MULTI) <= 0) {
1322 rcu_read_unlock(); 1319 rcu_read_unlock();
@@ -1338,7 +1335,7 @@ done:
1338} 1335}
1339 1336
1340static void rtmsg_ifa(int event, struct in_ifaddr *ifa, struct nlmsghdr *nlh, 1337static void rtmsg_ifa(int event, struct in_ifaddr *ifa, struct nlmsghdr *nlh,
1341 u32 pid) 1338 u32 portid)
1342{ 1339{
1343 struct sk_buff *skb; 1340 struct sk_buff *skb;
1344 u32 seq = nlh ? nlh->nlmsg_seq : 0; 1341 u32 seq = nlh ? nlh->nlmsg_seq : 0;
@@ -1350,14 +1347,14 @@ static void rtmsg_ifa(int event, struct in_ifaddr *ifa, struct nlmsghdr *nlh,
1350 if (skb == NULL) 1347 if (skb == NULL)
1351 goto errout; 1348 goto errout;
1352 1349
1353 err = inet_fill_ifaddr(skb, ifa, pid, seq, event, 0); 1350 err = inet_fill_ifaddr(skb, ifa, portid, seq, event, 0);
1354 if (err < 0) { 1351 if (err < 0) {
1355 /* -EMSGSIZE implies BUG in inet_nlmsg_size() */ 1352 /* -EMSGSIZE implies BUG in inet_nlmsg_size() */
1356 WARN_ON(err == -EMSGSIZE); 1353 WARN_ON(err == -EMSGSIZE);
1357 kfree_skb(skb); 1354 kfree_skb(skb);
1358 goto errout; 1355 goto errout;
1359 } 1356 }
1360 rtnl_notify(skb, net, pid, RTNLGRP_IPV4_IFADDR, nlh, GFP_KERNEL); 1357 rtnl_notify(skb, net, portid, RTNLGRP_IPV4_IFADDR, nlh, GFP_KERNEL);
1361 return; 1358 return;
1362errout: 1359errout:
1363 if (err < 0) 1360 if (err < 0)
diff --git a/net/ipv4/fib_frontend.c b/net/ipv4/fib_frontend.c
index 8e2b475da9fa..68c93d1bb03a 100644
--- a/net/ipv4/fib_frontend.c
+++ b/net/ipv4/fib_frontend.c
@@ -218,7 +218,7 @@ __be32 fib_compute_spec_dst(struct sk_buff *skb)
218 scope = RT_SCOPE_UNIVERSE; 218 scope = RT_SCOPE_UNIVERSE;
219 if (!ipv4_is_zeronet(ip_hdr(skb)->saddr)) { 219 if (!ipv4_is_zeronet(ip_hdr(skb)->saddr)) {
220 fl4.flowi4_oif = 0; 220 fl4.flowi4_oif = 0;
221 fl4.flowi4_iif = net->loopback_dev->ifindex; 221 fl4.flowi4_iif = LOOPBACK_IFINDEX;
222 fl4.daddr = ip_hdr(skb)->saddr; 222 fl4.daddr = ip_hdr(skb)->saddr;
223 fl4.saddr = 0; 223 fl4.saddr = 0;
224 fl4.flowi4_tos = RT_TOS(ip_hdr(skb)->tos); 224 fl4.flowi4_tos = RT_TOS(ip_hdr(skb)->tos);
@@ -557,7 +557,7 @@ static int rtm_to_fib_config(struct net *net, struct sk_buff *skb,
557 cfg->fc_flags = rtm->rtm_flags; 557 cfg->fc_flags = rtm->rtm_flags;
558 cfg->fc_nlflags = nlh->nlmsg_flags; 558 cfg->fc_nlflags = nlh->nlmsg_flags;
559 559
560 cfg->fc_nlinfo.pid = NETLINK_CB(skb).pid; 560 cfg->fc_nlinfo.portid = NETLINK_CB(skb).portid;
561 cfg->fc_nlinfo.nlh = nlh; 561 cfg->fc_nlinfo.nlh = nlh;
562 cfg->fc_nlinfo.nl_net = net; 562 cfg->fc_nlinfo.nl_net = net;
563 563
@@ -955,7 +955,7 @@ static void nl_fib_input(struct sk_buff *skb)
955 struct fib_result_nl *frn; 955 struct fib_result_nl *frn;
956 struct nlmsghdr *nlh; 956 struct nlmsghdr *nlh;
957 struct fib_table *tb; 957 struct fib_table *tb;
958 u32 pid; 958 u32 portid;
959 959
960 net = sock_net(skb->sk); 960 net = sock_net(skb->sk);
961 nlh = nlmsg_hdr(skb); 961 nlh = nlmsg_hdr(skb);
@@ -973,10 +973,10 @@ static void nl_fib_input(struct sk_buff *skb)
973 973
974 nl_fib_lookup(frn, tb); 974 nl_fib_lookup(frn, tb);
975 975
976 pid = NETLINK_CB(skb).pid; /* pid of sending process */ 976 portid = NETLINK_CB(skb).portid; /* pid of sending process */
977 NETLINK_CB(skb).pid = 0; /* from kernel */ 977 NETLINK_CB(skb).portid = 0; /* from kernel */
978 NETLINK_CB(skb).dst_group = 0; /* unicast */ 978 NETLINK_CB(skb).dst_group = 0; /* unicast */
979 netlink_unicast(net->ipv4.fibnl, skb, pid, MSG_DONTWAIT); 979 netlink_unicast(net->ipv4.fibnl, skb, portid, MSG_DONTWAIT);
980} 980}
981 981
982static int __net_init nl_fib_lookup_init(struct net *net) 982static int __net_init nl_fib_lookup_init(struct net *net)
@@ -986,7 +986,7 @@ static int __net_init nl_fib_lookup_init(struct net *net)
986 .input = nl_fib_input, 986 .input = nl_fib_input,
987 }; 987 };
988 988
989 sk = netlink_kernel_create(net, NETLINK_FIB_LOOKUP, THIS_MODULE, &cfg); 989 sk = netlink_kernel_create(net, NETLINK_FIB_LOOKUP, &cfg);
990 if (sk == NULL) 990 if (sk == NULL)
991 return -EAFNOSUPPORT; 991 return -EAFNOSUPPORT;
992 net->ipv4.fibnl = sk; 992 net->ipv4.fibnl = sk;
@@ -1041,7 +1041,7 @@ static int fib_inetaddr_event(struct notifier_block *this, unsigned long event,
1041static int fib_netdev_event(struct notifier_block *this, unsigned long event, void *ptr) 1041static int fib_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1042{ 1042{
1043 struct net_device *dev = ptr; 1043 struct net_device *dev = ptr;
1044 struct in_device *in_dev = __in_dev_get_rtnl(dev); 1044 struct in_device *in_dev;
1045 struct net *net = dev_net(dev); 1045 struct net *net = dev_net(dev);
1046 1046
1047 if (event == NETDEV_UNREGISTER) { 1047 if (event == NETDEV_UNREGISTER) {
@@ -1050,8 +1050,7 @@ static int fib_netdev_event(struct notifier_block *this, unsigned long event, vo
1050 return NOTIFY_DONE; 1050 return NOTIFY_DONE;
1051 } 1051 }
1052 1052
1053 if (!in_dev) 1053 in_dev = __in_dev_get_rtnl(dev);
1054 return NOTIFY_DONE;
1055 1054
1056 switch (event) { 1055 switch (event) {
1057 case NETDEV_UP: 1056 case NETDEV_UP:
@@ -1062,16 +1061,14 @@ static int fib_netdev_event(struct notifier_block *this, unsigned long event, vo
1062 fib_sync_up(dev); 1061 fib_sync_up(dev);
1063#endif 1062#endif
1064 atomic_inc(&net->ipv4.dev_addr_genid); 1063 atomic_inc(&net->ipv4.dev_addr_genid);
1065 rt_cache_flush(dev_net(dev)); 1064 rt_cache_flush(net);
1066 break; 1065 break;
1067 case NETDEV_DOWN: 1066 case NETDEV_DOWN:
1068 fib_disable_ip(dev, 0); 1067 fib_disable_ip(dev, 0);
1069 break; 1068 break;
1070 case NETDEV_CHANGEMTU: 1069 case NETDEV_CHANGEMTU:
1071 case NETDEV_CHANGE: 1070 case NETDEV_CHANGE:
1072 rt_cache_flush(dev_net(dev)); 1071 rt_cache_flush(net);
1073 break;
1074 case NETDEV_UNREGISTER_BATCH:
1075 break; 1072 break;
1076 } 1073 }
1077 return NOTIFY_DONE; 1074 return NOTIFY_DONE;
diff --git a/net/ipv4/fib_semantics.c b/net/ipv4/fib_semantics.c
index da80dc14cc76..3509065e409a 100644
--- a/net/ipv4/fib_semantics.c
+++ b/net/ipv4/fib_semantics.c
@@ -391,7 +391,7 @@ void rtmsg_fib(int event, __be32 key, struct fib_alias *fa,
391 if (skb == NULL) 391 if (skb == NULL)
392 goto errout; 392 goto errout;
393 393
394 err = fib_dump_info(skb, info->pid, seq, event, tb_id, 394 err = fib_dump_info(skb, info->portid, seq, event, tb_id,
395 fa->fa_type, key, dst_len, 395 fa->fa_type, key, dst_len,
396 fa->fa_tos, fa->fa_info, nlm_flags); 396 fa->fa_tos, fa->fa_info, nlm_flags);
397 if (err < 0) { 397 if (err < 0) {
@@ -400,7 +400,7 @@ void rtmsg_fib(int event, __be32 key, struct fib_alias *fa,
400 kfree_skb(skb); 400 kfree_skb(skb);
401 goto errout; 401 goto errout;
402 } 402 }
403 rtnl_notify(skb, info->nl_net, info->pid, RTNLGRP_IPV4_ROUTE, 403 rtnl_notify(skb, info->nl_net, info->portid, RTNLGRP_IPV4_ROUTE,
404 info->nlh, GFP_KERNEL); 404 info->nlh, GFP_KERNEL);
405 return; 405 return;
406errout: 406errout:
@@ -989,14 +989,14 @@ failure:
989 return ERR_PTR(err); 989 return ERR_PTR(err);
990} 990}
991 991
992int fib_dump_info(struct sk_buff *skb, u32 pid, u32 seq, int event, 992int fib_dump_info(struct sk_buff *skb, u32 portid, u32 seq, int event,
993 u32 tb_id, u8 type, __be32 dst, int dst_len, u8 tos, 993 u32 tb_id, u8 type, __be32 dst, int dst_len, u8 tos,
994 struct fib_info *fi, unsigned int flags) 994 struct fib_info *fi, unsigned int flags)
995{ 995{
996 struct nlmsghdr *nlh; 996 struct nlmsghdr *nlh;
997 struct rtmsg *rtm; 997 struct rtmsg *rtm;
998 998
999 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*rtm), flags); 999 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*rtm), flags);
1000 if (nlh == NULL) 1000 if (nlh == NULL)
1001 return -EMSGSIZE; 1001 return -EMSGSIZE;
1002 1002
diff --git a/net/ipv4/fib_trie.c b/net/ipv4/fib_trie.c
index d1b93595b4a7..31d771ca9a70 100644
--- a/net/ipv4/fib_trie.c
+++ b/net/ipv4/fib_trie.c
@@ -1550,7 +1550,8 @@ int fib_table_lookup(struct fib_table *tb, const struct flowi4 *flp,
1550 * state.directly. 1550 * state.directly.
1551 */ 1551 */
1552 if (pref_mismatch) { 1552 if (pref_mismatch) {
1553 int mp = KEYLENGTH - fls(pref_mismatch); 1553 /* fls(x) = __fls(x) + 1 */
1554 int mp = KEYLENGTH - __fls(pref_mismatch) - 1;
1554 1555
1555 if (tkey_extract_bits(cn->key, mp, cn->pos - mp) != 0) 1556 if (tkey_extract_bits(cn->key, mp, cn->pos - mp) != 0)
1556 goto backtrace; 1557 goto backtrace;
@@ -1655,7 +1656,12 @@ int fib_table_delete(struct fib_table *tb, struct fib_config *cfg)
1655 if (!l) 1656 if (!l)
1656 return -ESRCH; 1657 return -ESRCH;
1657 1658
1658 fa_head = get_fa_head(l, plen); 1659 li = find_leaf_info(l, plen);
1660
1661 if (!li)
1662 return -ESRCH;
1663
1664 fa_head = &li->falh;
1659 fa = fib_find_alias(fa_head, tos, 0); 1665 fa = fib_find_alias(fa_head, tos, 0);
1660 1666
1661 if (!fa) 1667 if (!fa)
@@ -1691,9 +1697,6 @@ int fib_table_delete(struct fib_table *tb, struct fib_config *cfg)
1691 rtmsg_fib(RTM_DELROUTE, htonl(key), fa, plen, tb->tb_id, 1697 rtmsg_fib(RTM_DELROUTE, htonl(key), fa, plen, tb->tb_id,
1692 &cfg->fc_nlinfo, 0); 1698 &cfg->fc_nlinfo, 0);
1693 1699
1694 l = fib_find_node(t, key);
1695 li = find_leaf_info(l, plen);
1696
1697 list_del_rcu(&fa->fa_list); 1700 list_del_rcu(&fa->fa_list);
1698 1701
1699 if (!plen) 1702 if (!plen)
@@ -1870,7 +1873,7 @@ static int fn_trie_dump_fa(t_key key, int plen, struct list_head *fah,
1870 continue; 1873 continue;
1871 } 1874 }
1872 1875
1873 if (fib_dump_info(skb, NETLINK_CB(cb->skb).pid, 1876 if (fib_dump_info(skb, NETLINK_CB(cb->skb).portid,
1874 cb->nlh->nlmsg_seq, 1877 cb->nlh->nlmsg_seq,
1875 RTM_NEWROUTE, 1878 RTM_NEWROUTE,
1876 tb->tb_id, 1879 tb->tb_id,
diff --git a/net/ipv4/igmp.c b/net/ipv4/igmp.c
index 6699f23e6f55..736ab70fd179 100644
--- a/net/ipv4/igmp.c
+++ b/net/ipv4/igmp.c
@@ -815,14 +815,15 @@ static int igmp_marksources(struct ip_mc_list *pmc, int nsrcs, __be32 *srcs)
815 return 1; 815 return 1;
816} 816}
817 817
818static void igmp_heard_report(struct in_device *in_dev, __be32 group) 818/* return true if packet was dropped */
819static bool igmp_heard_report(struct in_device *in_dev, __be32 group)
819{ 820{
820 struct ip_mc_list *im; 821 struct ip_mc_list *im;
821 822
822 /* Timers are only set for non-local groups */ 823 /* Timers are only set for non-local groups */
823 824
824 if (group == IGMP_ALL_HOSTS) 825 if (group == IGMP_ALL_HOSTS)
825 return; 826 return false;
826 827
827 rcu_read_lock(); 828 rcu_read_lock();
828 for_each_pmc_rcu(in_dev, im) { 829 for_each_pmc_rcu(in_dev, im) {
@@ -832,9 +833,11 @@ static void igmp_heard_report(struct in_device *in_dev, __be32 group)
832 } 833 }
833 } 834 }
834 rcu_read_unlock(); 835 rcu_read_unlock();
836 return false;
835} 837}
836 838
837static void igmp_heard_query(struct in_device *in_dev, struct sk_buff *skb, 839/* return true if packet was dropped */
840static bool igmp_heard_query(struct in_device *in_dev, struct sk_buff *skb,
838 int len) 841 int len)
839{ 842{
840 struct igmphdr *ih = igmp_hdr(skb); 843 struct igmphdr *ih = igmp_hdr(skb);
@@ -866,7 +869,7 @@ static void igmp_heard_query(struct in_device *in_dev, struct sk_buff *skb,
866 /* clear deleted report items */ 869 /* clear deleted report items */
867 igmpv3_clear_delrec(in_dev); 870 igmpv3_clear_delrec(in_dev);
868 } else if (len < 12) { 871 } else if (len < 12) {
869 return; /* ignore bogus packet; freed by caller */ 872 return true; /* ignore bogus packet; freed by caller */
870 } else if (IGMP_V1_SEEN(in_dev)) { 873 } else if (IGMP_V1_SEEN(in_dev)) {
871 /* This is a v3 query with v1 queriers present */ 874 /* This is a v3 query with v1 queriers present */
872 max_delay = IGMP_Query_Response_Interval; 875 max_delay = IGMP_Query_Response_Interval;
@@ -883,13 +886,13 @@ static void igmp_heard_query(struct in_device *in_dev, struct sk_buff *skb,
883 max_delay = 1; /* can't mod w/ 0 */ 886 max_delay = 1; /* can't mod w/ 0 */
884 } else { /* v3 */ 887 } else { /* v3 */
885 if (!pskb_may_pull(skb, sizeof(struct igmpv3_query))) 888 if (!pskb_may_pull(skb, sizeof(struct igmpv3_query)))
886 return; 889 return true;
887 890
888 ih3 = igmpv3_query_hdr(skb); 891 ih3 = igmpv3_query_hdr(skb);
889 if (ih3->nsrcs) { 892 if (ih3->nsrcs) {
890 if (!pskb_may_pull(skb, sizeof(struct igmpv3_query) 893 if (!pskb_may_pull(skb, sizeof(struct igmpv3_query)
891 + ntohs(ih3->nsrcs)*sizeof(__be32))) 894 + ntohs(ih3->nsrcs)*sizeof(__be32)))
892 return; 895 return true;
893 ih3 = igmpv3_query_hdr(skb); 896 ih3 = igmpv3_query_hdr(skb);
894 } 897 }
895 898
@@ -901,9 +904,9 @@ static void igmp_heard_query(struct in_device *in_dev, struct sk_buff *skb,
901 in_dev->mr_qrv = ih3->qrv; 904 in_dev->mr_qrv = ih3->qrv;
902 if (!group) { /* general query */ 905 if (!group) { /* general query */
903 if (ih3->nsrcs) 906 if (ih3->nsrcs)
904 return; /* no sources allowed */ 907 return false; /* no sources allowed */
905 igmp_gq_start_timer(in_dev); 908 igmp_gq_start_timer(in_dev);
906 return; 909 return false;
907 } 910 }
908 /* mark sources to include, if group & source-specific */ 911 /* mark sources to include, if group & source-specific */
909 mark = ih3->nsrcs != 0; 912 mark = ih3->nsrcs != 0;
@@ -939,6 +942,7 @@ static void igmp_heard_query(struct in_device *in_dev, struct sk_buff *skb,
939 igmp_mod_timer(im, max_delay); 942 igmp_mod_timer(im, max_delay);
940 } 943 }
941 rcu_read_unlock(); 944 rcu_read_unlock();
945 return false;
942} 946}
943 947
944/* called in rcu_read_lock() section */ 948/* called in rcu_read_lock() section */
@@ -948,6 +952,7 @@ int igmp_rcv(struct sk_buff *skb)
948 struct igmphdr *ih; 952 struct igmphdr *ih;
949 struct in_device *in_dev = __in_dev_get_rcu(skb->dev); 953 struct in_device *in_dev = __in_dev_get_rcu(skb->dev);
950 int len = skb->len; 954 int len = skb->len;
955 bool dropped = true;
951 956
952 if (in_dev == NULL) 957 if (in_dev == NULL)
953 goto drop; 958 goto drop;
@@ -969,7 +974,7 @@ int igmp_rcv(struct sk_buff *skb)
969 ih = igmp_hdr(skb); 974 ih = igmp_hdr(skb);
970 switch (ih->type) { 975 switch (ih->type) {
971 case IGMP_HOST_MEMBERSHIP_QUERY: 976 case IGMP_HOST_MEMBERSHIP_QUERY:
972 igmp_heard_query(in_dev, skb, len); 977 dropped = igmp_heard_query(in_dev, skb, len);
973 break; 978 break;
974 case IGMP_HOST_MEMBERSHIP_REPORT: 979 case IGMP_HOST_MEMBERSHIP_REPORT:
975 case IGMPV2_HOST_MEMBERSHIP_REPORT: 980 case IGMPV2_HOST_MEMBERSHIP_REPORT:
@@ -979,7 +984,7 @@ int igmp_rcv(struct sk_buff *skb)
979 /* don't rely on MC router hearing unicast reports */ 984 /* don't rely on MC router hearing unicast reports */
980 if (skb->pkt_type == PACKET_MULTICAST || 985 if (skb->pkt_type == PACKET_MULTICAST ||
981 skb->pkt_type == PACKET_BROADCAST) 986 skb->pkt_type == PACKET_BROADCAST)
982 igmp_heard_report(in_dev, ih->group); 987 dropped = igmp_heard_report(in_dev, ih->group);
983 break; 988 break;
984 case IGMP_PIM: 989 case IGMP_PIM:
985#ifdef CONFIG_IP_PIMSM_V1 990#ifdef CONFIG_IP_PIMSM_V1
@@ -997,7 +1002,10 @@ int igmp_rcv(struct sk_buff *skb)
997 } 1002 }
998 1003
999drop: 1004drop:
1000 kfree_skb(skb); 1005 if (dropped)
1006 kfree_skb(skb);
1007 else
1008 consume_skb(skb);
1001 return 0; 1009 return 0;
1002} 1010}
1003 1011
@@ -1896,6 +1904,7 @@ int ip_mc_leave_group(struct sock *sk, struct ip_mreqn *imr)
1896 rtnl_unlock(); 1904 rtnl_unlock();
1897 return ret; 1905 return ret;
1898} 1906}
1907EXPORT_SYMBOL(ip_mc_leave_group);
1899 1908
1900int ip_mc_source(int add, int omode, struct sock *sk, struct 1909int ip_mc_source(int add, int omode, struct sock *sk, struct
1901 ip_mreq_source *mreqs, int ifindex) 1910 ip_mreq_source *mreqs, int ifindex)
@@ -2435,6 +2444,8 @@ static int igmp_mc_seq_show(struct seq_file *seq, void *v)
2435 struct ip_mc_list *im = (struct ip_mc_list *)v; 2444 struct ip_mc_list *im = (struct ip_mc_list *)v;
2436 struct igmp_mc_iter_state *state = igmp_mc_seq_private(seq); 2445 struct igmp_mc_iter_state *state = igmp_mc_seq_private(seq);
2437 char *querier; 2446 char *querier;
2447 long delta;
2448
2438#ifdef CONFIG_IP_MULTICAST 2449#ifdef CONFIG_IP_MULTICAST
2439 querier = IGMP_V1_SEEN(state->in_dev) ? "V1" : 2450 querier = IGMP_V1_SEEN(state->in_dev) ? "V1" :
2440 IGMP_V2_SEEN(state->in_dev) ? "V2" : 2451 IGMP_V2_SEEN(state->in_dev) ? "V2" :
@@ -2448,11 +2459,12 @@ static int igmp_mc_seq_show(struct seq_file *seq, void *v)
2448 state->dev->ifindex, state->dev->name, state->in_dev->mc_count, querier); 2459 state->dev->ifindex, state->dev->name, state->in_dev->mc_count, querier);
2449 } 2460 }
2450 2461
2462 delta = im->timer.expires - jiffies;
2451 seq_printf(seq, 2463 seq_printf(seq,
2452 "\t\t\t\t%08X %5d %d:%08lX\t\t%d\n", 2464 "\t\t\t\t%08X %5d %d:%08lX\t\t%d\n",
2453 im->multiaddr, im->users, 2465 im->multiaddr, im->users,
2454 im->tm_running, im->tm_running ? 2466 im->tm_running,
2455 jiffies_to_clock_t(im->timer.expires-jiffies) : 0, 2467 im->tm_running ? jiffies_delta_to_clock_t(delta) : 0,
2456 im->reporter); 2468 im->reporter);
2457 } 2469 }
2458 return 0; 2470 return 0;
diff --git a/net/ipv4/inet_connection_sock.c b/net/ipv4/inet_connection_sock.c
index 7f75f21d7b83..f0c5b9c1a957 100644
--- a/net/ipv4/inet_connection_sock.c
+++ b/net/ipv4/inet_connection_sock.c
@@ -283,7 +283,9 @@ static int inet_csk_wait_for_connect(struct sock *sk, long timeo)
283struct sock *inet_csk_accept(struct sock *sk, int flags, int *err) 283struct sock *inet_csk_accept(struct sock *sk, int flags, int *err)
284{ 284{
285 struct inet_connection_sock *icsk = inet_csk(sk); 285 struct inet_connection_sock *icsk = inet_csk(sk);
286 struct request_sock_queue *queue = &icsk->icsk_accept_queue;
286 struct sock *newsk; 287 struct sock *newsk;
288 struct request_sock *req;
287 int error; 289 int error;
288 290
289 lock_sock(sk); 291 lock_sock(sk);
@@ -296,7 +298,7 @@ struct sock *inet_csk_accept(struct sock *sk, int flags, int *err)
296 goto out_err; 298 goto out_err;
297 299
298 /* Find already established connection */ 300 /* Find already established connection */
299 if (reqsk_queue_empty(&icsk->icsk_accept_queue)) { 301 if (reqsk_queue_empty(queue)) {
300 long timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK); 302 long timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
301 303
302 /* If this is a non blocking socket don't sleep */ 304 /* If this is a non blocking socket don't sleep */
@@ -308,14 +310,32 @@ struct sock *inet_csk_accept(struct sock *sk, int flags, int *err)
308 if (error) 310 if (error)
309 goto out_err; 311 goto out_err;
310 } 312 }
311 313 req = reqsk_queue_remove(queue);
312 newsk = reqsk_queue_get_child(&icsk->icsk_accept_queue, sk); 314 newsk = req->sk;
313 WARN_ON(newsk->sk_state == TCP_SYN_RECV); 315
316 sk_acceptq_removed(sk);
317 if (sk->sk_protocol == IPPROTO_TCP && queue->fastopenq != NULL) {
318 spin_lock_bh(&queue->fastopenq->lock);
319 if (tcp_rsk(req)->listener) {
320 /* We are still waiting for the final ACK from 3WHS
321 * so can't free req now. Instead, we set req->sk to
322 * NULL to signify that the child socket is taken
323 * so reqsk_fastopen_remove() will free the req
324 * when 3WHS finishes (or is aborted).
325 */
326 req->sk = NULL;
327 req = NULL;
328 }
329 spin_unlock_bh(&queue->fastopenq->lock);
330 }
314out: 331out:
315 release_sock(sk); 332 release_sock(sk);
333 if (req)
334 __reqsk_free(req);
316 return newsk; 335 return newsk;
317out_err: 336out_err:
318 newsk = NULL; 337 newsk = NULL;
338 req = NULL;
319 *err = error; 339 *err = error;
320 goto out; 340 goto out;
321} 341}
@@ -720,13 +740,14 @@ EXPORT_SYMBOL_GPL(inet_csk_listen_start);
720void inet_csk_listen_stop(struct sock *sk) 740void inet_csk_listen_stop(struct sock *sk)
721{ 741{
722 struct inet_connection_sock *icsk = inet_csk(sk); 742 struct inet_connection_sock *icsk = inet_csk(sk);
743 struct request_sock_queue *queue = &icsk->icsk_accept_queue;
723 struct request_sock *acc_req; 744 struct request_sock *acc_req;
724 struct request_sock *req; 745 struct request_sock *req;
725 746
726 inet_csk_delete_keepalive_timer(sk); 747 inet_csk_delete_keepalive_timer(sk);
727 748
728 /* make all the listen_opt local to us */ 749 /* make all the listen_opt local to us */
729 acc_req = reqsk_queue_yank_acceptq(&icsk->icsk_accept_queue); 750 acc_req = reqsk_queue_yank_acceptq(queue);
730 751
731 /* Following specs, it would be better either to send FIN 752 /* Following specs, it would be better either to send FIN
732 * (and enter FIN-WAIT-1, it is normal close) 753 * (and enter FIN-WAIT-1, it is normal close)
@@ -736,7 +757,7 @@ void inet_csk_listen_stop(struct sock *sk)
736 * To be honest, we are not able to make either 757 * To be honest, we are not able to make either
737 * of the variants now. --ANK 758 * of the variants now. --ANK
738 */ 759 */
739 reqsk_queue_destroy(&icsk->icsk_accept_queue); 760 reqsk_queue_destroy(queue);
740 761
741 while ((req = acc_req) != NULL) { 762 while ((req = acc_req) != NULL) {
742 struct sock *child = req->sk; 763 struct sock *child = req->sk;
@@ -754,6 +775,19 @@ void inet_csk_listen_stop(struct sock *sk)
754 775
755 percpu_counter_inc(sk->sk_prot->orphan_count); 776 percpu_counter_inc(sk->sk_prot->orphan_count);
756 777
778 if (sk->sk_protocol == IPPROTO_TCP && tcp_rsk(req)->listener) {
779 BUG_ON(tcp_sk(child)->fastopen_rsk != req);
780 BUG_ON(sk != tcp_rsk(req)->listener);
781
782 /* Paranoid, to prevent race condition if
783 * an inbound pkt destined for child is
784 * blocked by sock lock in tcp_v4_rcv().
785 * Also to satisfy an assertion in
786 * tcp_v4_destroy_sock().
787 */
788 tcp_sk(child)->fastopen_rsk = NULL;
789 sock_put(sk);
790 }
757 inet_csk_destroy_sock(child); 791 inet_csk_destroy_sock(child);
758 792
759 bh_unlock_sock(child); 793 bh_unlock_sock(child);
@@ -763,6 +797,17 @@ void inet_csk_listen_stop(struct sock *sk)
763 sk_acceptq_removed(sk); 797 sk_acceptq_removed(sk);
764 __reqsk_free(req); 798 __reqsk_free(req);
765 } 799 }
800 if (queue->fastopenq != NULL) {
801 /* Free all the reqs queued in rskq_rst_head. */
802 spin_lock_bh(&queue->fastopenq->lock);
803 acc_req = queue->fastopenq->rskq_rst_head;
804 queue->fastopenq->rskq_rst_head = NULL;
805 spin_unlock_bh(&queue->fastopenq->lock);
806 while ((req = acc_req) != NULL) {
807 acc_req = req->dl_next;
808 __reqsk_free(req);
809 }
810 }
766 WARN_ON(sk->sk_ack_backlog); 811 WARN_ON(sk->sk_ack_backlog);
767} 812}
768EXPORT_SYMBOL_GPL(inet_csk_listen_stop); 813EXPORT_SYMBOL_GPL(inet_csk_listen_stop);
diff --git a/net/ipv4/inet_diag.c b/net/ipv4/inet_diag.c
index 8bc005b1435f..535584c00f91 100644
--- a/net/ipv4/inet_diag.c
+++ b/net/ipv4/inet_diag.c
@@ -70,7 +70,7 @@ static inline void inet_diag_unlock_handler(
70int inet_sk_diag_fill(struct sock *sk, struct inet_connection_sock *icsk, 70int inet_sk_diag_fill(struct sock *sk, struct inet_connection_sock *icsk,
71 struct sk_buff *skb, struct inet_diag_req_v2 *req, 71 struct sk_buff *skb, struct inet_diag_req_v2 *req,
72 struct user_namespace *user_ns, 72 struct user_namespace *user_ns,
73 u32 pid, u32 seq, u16 nlmsg_flags, 73 u32 portid, u32 seq, u16 nlmsg_flags,
74 const struct nlmsghdr *unlh) 74 const struct nlmsghdr *unlh)
75{ 75{
76 const struct inet_sock *inet = inet_sk(sk); 76 const struct inet_sock *inet = inet_sk(sk);
@@ -84,7 +84,7 @@ int inet_sk_diag_fill(struct sock *sk, struct inet_connection_sock *icsk,
84 handler = inet_diag_table[req->sdiag_protocol]; 84 handler = inet_diag_table[req->sdiag_protocol];
85 BUG_ON(handler == NULL); 85 BUG_ON(handler == NULL);
86 86
87 nlh = nlmsg_put(skb, pid, seq, unlh->nlmsg_type, sizeof(*r), 87 nlh = nlmsg_put(skb, portid, seq, unlh->nlmsg_type, sizeof(*r),
88 nlmsg_flags); 88 nlmsg_flags);
89 if (!nlh) 89 if (!nlh)
90 return -EMSGSIZE; 90 return -EMSGSIZE;
@@ -201,23 +201,23 @@ EXPORT_SYMBOL_GPL(inet_sk_diag_fill);
201static int inet_csk_diag_fill(struct sock *sk, 201static int inet_csk_diag_fill(struct sock *sk,
202 struct sk_buff *skb, struct inet_diag_req_v2 *req, 202 struct sk_buff *skb, struct inet_diag_req_v2 *req,
203 struct user_namespace *user_ns, 203 struct user_namespace *user_ns,
204 u32 pid, u32 seq, u16 nlmsg_flags, 204 u32 portid, u32 seq, u16 nlmsg_flags,
205 const struct nlmsghdr *unlh) 205 const struct nlmsghdr *unlh)
206{ 206{
207 return inet_sk_diag_fill(sk, inet_csk(sk), 207 return inet_sk_diag_fill(sk, inet_csk(sk),
208 skb, req, user_ns, pid, seq, nlmsg_flags, unlh); 208 skb, req, user_ns, portid, seq, nlmsg_flags, unlh);
209} 209}
210 210
211static int inet_twsk_diag_fill(struct inet_timewait_sock *tw, 211static int inet_twsk_diag_fill(struct inet_timewait_sock *tw,
212 struct sk_buff *skb, struct inet_diag_req_v2 *req, 212 struct sk_buff *skb, struct inet_diag_req_v2 *req,
213 u32 pid, u32 seq, u16 nlmsg_flags, 213 u32 portid, u32 seq, u16 nlmsg_flags,
214 const struct nlmsghdr *unlh) 214 const struct nlmsghdr *unlh)
215{ 215{
216 long tmo; 216 long tmo;
217 struct inet_diag_msg *r; 217 struct inet_diag_msg *r;
218 struct nlmsghdr *nlh; 218 struct nlmsghdr *nlh;
219 219
220 nlh = nlmsg_put(skb, pid, seq, unlh->nlmsg_type, sizeof(*r), 220 nlh = nlmsg_put(skb, portid, seq, unlh->nlmsg_type, sizeof(*r),
221 nlmsg_flags); 221 nlmsg_flags);
222 if (!nlh) 222 if (!nlh)
223 return -EMSGSIZE; 223 return -EMSGSIZE;
@@ -260,14 +260,14 @@ static int inet_twsk_diag_fill(struct inet_timewait_sock *tw,
260static int sk_diag_fill(struct sock *sk, struct sk_buff *skb, 260static int sk_diag_fill(struct sock *sk, struct sk_buff *skb,
261 struct inet_diag_req_v2 *r, 261 struct inet_diag_req_v2 *r,
262 struct user_namespace *user_ns, 262 struct user_namespace *user_ns,
263 u32 pid, u32 seq, u16 nlmsg_flags, 263 u32 portid, u32 seq, u16 nlmsg_flags,
264 const struct nlmsghdr *unlh) 264 const struct nlmsghdr *unlh)
265{ 265{
266 if (sk->sk_state == TCP_TIME_WAIT) 266 if (sk->sk_state == TCP_TIME_WAIT)
267 return inet_twsk_diag_fill((struct inet_timewait_sock *)sk, 267 return inet_twsk_diag_fill((struct inet_timewait_sock *)sk,
268 skb, r, pid, seq, nlmsg_flags, 268 skb, r, portid, seq, nlmsg_flags,
269 unlh); 269 unlh);
270 return inet_csk_diag_fill(sk, skb, r, user_ns, pid, seq, nlmsg_flags, unlh); 270 return inet_csk_diag_fill(sk, skb, r, user_ns, portid, seq, nlmsg_flags, unlh);
271} 271}
272 272
273int inet_diag_dump_one_icsk(struct inet_hashinfo *hashinfo, struct sk_buff *in_skb, 273int inet_diag_dump_one_icsk(struct inet_hashinfo *hashinfo, struct sk_buff *in_skb,
@@ -316,14 +316,14 @@ int inet_diag_dump_one_icsk(struct inet_hashinfo *hashinfo, struct sk_buff *in_s
316 316
317 err = sk_diag_fill(sk, rep, req, 317 err = sk_diag_fill(sk, rep, req,
318 sk_user_ns(NETLINK_CB(in_skb).ssk), 318 sk_user_ns(NETLINK_CB(in_skb).ssk),
319 NETLINK_CB(in_skb).pid, 319 NETLINK_CB(in_skb).portid,
320 nlh->nlmsg_seq, 0, nlh); 320 nlh->nlmsg_seq, 0, nlh);
321 if (err < 0) { 321 if (err < 0) {
322 WARN_ON(err == -EMSGSIZE); 322 WARN_ON(err == -EMSGSIZE);
323 nlmsg_free(rep); 323 nlmsg_free(rep);
324 goto out; 324 goto out;
325 } 325 }
326 err = netlink_unicast(net->diag_nlsk, rep, NETLINK_CB(in_skb).pid, 326 err = netlink_unicast(net->diag_nlsk, rep, NETLINK_CB(in_skb).portid,
327 MSG_DONTWAIT); 327 MSG_DONTWAIT);
328 if (err > 0) 328 if (err > 0)
329 err = 0; 329 err = 0;
@@ -557,7 +557,7 @@ static int inet_csk_diag_dump(struct sock *sk,
557 557
558 return inet_csk_diag_fill(sk, skb, r, 558 return inet_csk_diag_fill(sk, skb, r,
559 sk_user_ns(NETLINK_CB(cb->skb).ssk), 559 sk_user_ns(NETLINK_CB(cb->skb).ssk),
560 NETLINK_CB(cb->skb).pid, 560 NETLINK_CB(cb->skb).portid,
561 cb->nlh->nlmsg_seq, NLM_F_MULTI, cb->nlh); 561 cb->nlh->nlmsg_seq, NLM_F_MULTI, cb->nlh);
562} 562}
563 563
@@ -592,14 +592,14 @@ static int inet_twsk_diag_dump(struct inet_timewait_sock *tw,
592 } 592 }
593 593
594 return inet_twsk_diag_fill(tw, skb, r, 594 return inet_twsk_diag_fill(tw, skb, r,
595 NETLINK_CB(cb->skb).pid, 595 NETLINK_CB(cb->skb).portid,
596 cb->nlh->nlmsg_seq, NLM_F_MULTI, cb->nlh); 596 cb->nlh->nlmsg_seq, NLM_F_MULTI, cb->nlh);
597} 597}
598 598
599static int inet_diag_fill_req(struct sk_buff *skb, struct sock *sk, 599static int inet_diag_fill_req(struct sk_buff *skb, struct sock *sk,
600 struct request_sock *req, 600 struct request_sock *req,
601 struct user_namespace *user_ns, 601 struct user_namespace *user_ns,
602 u32 pid, u32 seq, 602 u32 portid, u32 seq,
603 const struct nlmsghdr *unlh) 603 const struct nlmsghdr *unlh)
604{ 604{
605 const struct inet_request_sock *ireq = inet_rsk(req); 605 const struct inet_request_sock *ireq = inet_rsk(req);
@@ -608,7 +608,7 @@ static int inet_diag_fill_req(struct sk_buff *skb, struct sock *sk,
608 struct nlmsghdr *nlh; 608 struct nlmsghdr *nlh;
609 long tmo; 609 long tmo;
610 610
611 nlh = nlmsg_put(skb, pid, seq, unlh->nlmsg_type, sizeof(*r), 611 nlh = nlmsg_put(skb, portid, seq, unlh->nlmsg_type, sizeof(*r),
612 NLM_F_MULTI); 612 NLM_F_MULTI);
613 if (!nlh) 613 if (!nlh)
614 return -EMSGSIZE; 614 return -EMSGSIZE;
@@ -711,7 +711,7 @@ static int inet_diag_dump_reqs(struct sk_buff *skb, struct sock *sk,
711 711
712 err = inet_diag_fill_req(skb, sk, req, 712 err = inet_diag_fill_req(skb, sk, req,
713 sk_user_ns(NETLINK_CB(cb->skb).ssk), 713 sk_user_ns(NETLINK_CB(cb->skb).ssk),
714 NETLINK_CB(cb->skb).pid, 714 NETLINK_CB(cb->skb).portid,
715 cb->nlh->nlmsg_seq, cb->nlh); 715 cb->nlh->nlmsg_seq, cb->nlh);
716 if (err < 0) { 716 if (err < 0) {
717 cb->args[3] = j + 1; 717 cb->args[3] = j + 1;
diff --git a/net/ipv4/inet_fragment.c b/net/ipv4/inet_fragment.c
index 85190e69297b..4750d2b74d79 100644
--- a/net/ipv4/inet_fragment.c
+++ b/net/ipv4/inet_fragment.c
@@ -89,7 +89,7 @@ void inet_frags_exit_net(struct netns_frags *nf, struct inet_frags *f)
89 nf->low_thresh = 0; 89 nf->low_thresh = 0;
90 90
91 local_bh_disable(); 91 local_bh_disable();
92 inet_frag_evictor(nf, f); 92 inet_frag_evictor(nf, f, true);
93 local_bh_enable(); 93 local_bh_enable();
94} 94}
95EXPORT_SYMBOL(inet_frags_exit_net); 95EXPORT_SYMBOL(inet_frags_exit_net);
@@ -158,11 +158,16 @@ void inet_frag_destroy(struct inet_frag_queue *q, struct inet_frags *f,
158} 158}
159EXPORT_SYMBOL(inet_frag_destroy); 159EXPORT_SYMBOL(inet_frag_destroy);
160 160
161int inet_frag_evictor(struct netns_frags *nf, struct inet_frags *f) 161int inet_frag_evictor(struct netns_frags *nf, struct inet_frags *f, bool force)
162{ 162{
163 struct inet_frag_queue *q; 163 struct inet_frag_queue *q;
164 int work, evicted = 0; 164 int work, evicted = 0;
165 165
166 if (!force) {
167 if (atomic_read(&nf->mem) <= nf->high_thresh)
168 return 0;
169 }
170
166 work = atomic_read(&nf->mem) - nf->low_thresh; 171 work = atomic_read(&nf->mem) - nf->low_thresh;
167 while (work > 0) { 172 while (work > 0) {
168 read_lock(&f->lock); 173 read_lock(&f->lock);
diff --git a/net/ipv4/ip_fragment.c b/net/ipv4/ip_fragment.c
index 8d07c973409c..448e68546827 100644
--- a/net/ipv4/ip_fragment.c
+++ b/net/ipv4/ip_fragment.c
@@ -219,7 +219,7 @@ static void ip_evictor(struct net *net)
219{ 219{
220 int evicted; 220 int evicted;
221 221
222 evicted = inet_frag_evictor(&net->ipv4.frags, &ip4_frags); 222 evicted = inet_frag_evictor(&net->ipv4.frags, &ip4_frags, false);
223 if (evicted) 223 if (evicted)
224 IP_ADD_STATS_BH(net, IPSTATS_MIB_REASMFAILS, evicted); 224 IP_ADD_STATS_BH(net, IPSTATS_MIB_REASMFAILS, evicted);
225} 225}
@@ -523,6 +523,10 @@ found:
523 if (offset == 0) 523 if (offset == 0)
524 qp->q.last_in |= INET_FRAG_FIRST_IN; 524 qp->q.last_in |= INET_FRAG_FIRST_IN;
525 525
526 if (ip_hdr(skb)->frag_off & htons(IP_DF) &&
527 skb->len + ihl > qp->q.max_size)
528 qp->q.max_size = skb->len + ihl;
529
526 if (qp->q.last_in == (INET_FRAG_FIRST_IN | INET_FRAG_LAST_IN) && 530 if (qp->q.last_in == (INET_FRAG_FIRST_IN | INET_FRAG_LAST_IN) &&
527 qp->q.meat == qp->q.len) 531 qp->q.meat == qp->q.len)
528 return ip_frag_reasm(qp, prev, dev); 532 return ip_frag_reasm(qp, prev, dev);
@@ -646,9 +650,11 @@ static int ip_frag_reasm(struct ipq *qp, struct sk_buff *prev,
646 head->next = NULL; 650 head->next = NULL;
647 head->dev = dev; 651 head->dev = dev;
648 head->tstamp = qp->q.stamp; 652 head->tstamp = qp->q.stamp;
653 IPCB(head)->frag_max_size = qp->q.max_size;
649 654
650 iph = ip_hdr(head); 655 iph = ip_hdr(head);
651 iph->frag_off = 0; 656 /* max_size != 0 implies at least one fragment had IP_DF set */
657 iph->frag_off = qp->q.max_size ? htons(IP_DF) : 0;
652 iph->tot_len = htons(len); 658 iph->tot_len = htons(len);
653 iph->tos |= ecn; 659 iph->tos |= ecn;
654 IP_INC_STATS_BH(net, IPSTATS_MIB_REASMOKS); 660 IP_INC_STATS_BH(net, IPSTATS_MIB_REASMOKS);
@@ -678,8 +684,7 @@ int ip_defrag(struct sk_buff *skb, u32 user)
678 IP_INC_STATS_BH(net, IPSTATS_MIB_REASMREQDS); 684 IP_INC_STATS_BH(net, IPSTATS_MIB_REASMREQDS);
679 685
680 /* Start by cleaning up the memory. */ 686 /* Start by cleaning up the memory. */
681 if (atomic_read(&net->ipv4.frags.mem) > net->ipv4.frags.high_thresh) 687 ip_evictor(net);
682 ip_evictor(net);
683 688
684 /* Lookup (or create) queue header */ 689 /* Lookup (or create) queue header */
685 if ((qp = ip_find(net, ip_hdr(skb), user)) != NULL) { 690 if ((qp = ip_find(net, ip_hdr(skb), user)) != NULL) {
diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c
index b062a98574f2..7240f8e2dd45 100644
--- a/net/ipv4/ip_gre.c
+++ b/net/ipv4/ip_gre.c
@@ -120,6 +120,10 @@
120 Alexey Kuznetsov. 120 Alexey Kuznetsov.
121 */ 121 */
122 122
123static bool log_ecn_error = true;
124module_param(log_ecn_error, bool, 0644);
125MODULE_PARM_DESC(log_ecn_error, "Log packets received with corrupted ECN");
126
123static struct rtnl_link_ops ipgre_link_ops __read_mostly; 127static struct rtnl_link_ops ipgre_link_ops __read_mostly;
124static int ipgre_tunnel_init(struct net_device *dev); 128static int ipgre_tunnel_init(struct net_device *dev);
125static void ipgre_tunnel_setup(struct net_device *dev); 129static void ipgre_tunnel_setup(struct net_device *dev);
@@ -204,7 +208,9 @@ static struct rtnl_link_stats64 *ipgre_get_stats64(struct net_device *dev,
204 tot->rx_crc_errors = dev->stats.rx_crc_errors; 208 tot->rx_crc_errors = dev->stats.rx_crc_errors;
205 tot->rx_fifo_errors = dev->stats.rx_fifo_errors; 209 tot->rx_fifo_errors = dev->stats.rx_fifo_errors;
206 tot->rx_length_errors = dev->stats.rx_length_errors; 210 tot->rx_length_errors = dev->stats.rx_length_errors;
211 tot->rx_frame_errors = dev->stats.rx_frame_errors;
207 tot->rx_errors = dev->stats.rx_errors; 212 tot->rx_errors = dev->stats.rx_errors;
213
208 tot->tx_fifo_errors = dev->stats.tx_fifo_errors; 214 tot->tx_fifo_errors = dev->stats.tx_fifo_errors;
209 tot->tx_carrier_errors = dev->stats.tx_carrier_errors; 215 tot->tx_carrier_errors = dev->stats.tx_carrier_errors;
210 tot->tx_dropped = dev->stats.tx_dropped; 216 tot->tx_dropped = dev->stats.tx_dropped;
@@ -214,11 +220,25 @@ static struct rtnl_link_stats64 *ipgre_get_stats64(struct net_device *dev,
214 return tot; 220 return tot;
215} 221}
216 222
223/* Does key in tunnel parameters match packet */
224static bool ipgre_key_match(const struct ip_tunnel_parm *p,
225 __be16 flags, __be32 key)
226{
227 if (p->i_flags & GRE_KEY) {
228 if (flags & GRE_KEY)
229 return key == p->i_key;
230 else
231 return false; /* key expected, none present */
232 } else
233 return !(flags & GRE_KEY);
234}
235
217/* Given src, dst and key, find appropriate for input tunnel. */ 236/* Given src, dst and key, find appropriate for input tunnel. */
218 237
219static struct ip_tunnel *ipgre_tunnel_lookup(struct net_device *dev, 238static struct ip_tunnel *ipgre_tunnel_lookup(struct net_device *dev,
220 __be32 remote, __be32 local, 239 __be32 remote, __be32 local,
221 __be32 key, __be16 gre_proto) 240 __be16 flags, __be32 key,
241 __be16 gre_proto)
222{ 242{
223 struct net *net = dev_net(dev); 243 struct net *net = dev_net(dev);
224 int link = dev->ifindex; 244 int link = dev->ifindex;
@@ -233,10 +253,12 @@ static struct ip_tunnel *ipgre_tunnel_lookup(struct net_device *dev,
233 for_each_ip_tunnel_rcu(ign->tunnels_r_l[h0 ^ h1]) { 253 for_each_ip_tunnel_rcu(ign->tunnels_r_l[h0 ^ h1]) {
234 if (local != t->parms.iph.saddr || 254 if (local != t->parms.iph.saddr ||
235 remote != t->parms.iph.daddr || 255 remote != t->parms.iph.daddr ||
236 key != t->parms.i_key ||
237 !(t->dev->flags & IFF_UP)) 256 !(t->dev->flags & IFF_UP))
238 continue; 257 continue;
239 258
259 if (!ipgre_key_match(&t->parms, flags, key))
260 continue;
261
240 if (t->dev->type != ARPHRD_IPGRE && 262 if (t->dev->type != ARPHRD_IPGRE &&
241 t->dev->type != dev_type) 263 t->dev->type != dev_type)
242 continue; 264 continue;
@@ -257,10 +279,12 @@ static struct ip_tunnel *ipgre_tunnel_lookup(struct net_device *dev,
257 279
258 for_each_ip_tunnel_rcu(ign->tunnels_r[h0 ^ h1]) { 280 for_each_ip_tunnel_rcu(ign->tunnels_r[h0 ^ h1]) {
259 if (remote != t->parms.iph.daddr || 281 if (remote != t->parms.iph.daddr ||
260 key != t->parms.i_key ||
261 !(t->dev->flags & IFF_UP)) 282 !(t->dev->flags & IFF_UP))
262 continue; 283 continue;
263 284
285 if (!ipgre_key_match(&t->parms, flags, key))
286 continue;
287
264 if (t->dev->type != ARPHRD_IPGRE && 288 if (t->dev->type != ARPHRD_IPGRE &&
265 t->dev->type != dev_type) 289 t->dev->type != dev_type)
266 continue; 290 continue;
@@ -283,10 +307,12 @@ static struct ip_tunnel *ipgre_tunnel_lookup(struct net_device *dev,
283 if ((local != t->parms.iph.saddr && 307 if ((local != t->parms.iph.saddr &&
284 (local != t->parms.iph.daddr || 308 (local != t->parms.iph.daddr ||
285 !ipv4_is_multicast(local))) || 309 !ipv4_is_multicast(local))) ||
286 key != t->parms.i_key ||
287 !(t->dev->flags & IFF_UP)) 310 !(t->dev->flags & IFF_UP))
288 continue; 311 continue;
289 312
313 if (!ipgre_key_match(&t->parms, flags, key))
314 continue;
315
290 if (t->dev->type != ARPHRD_IPGRE && 316 if (t->dev->type != ARPHRD_IPGRE &&
291 t->dev->type != dev_type) 317 t->dev->type != dev_type)
292 continue; 318 continue;
@@ -489,6 +515,7 @@ static void ipgre_err(struct sk_buff *skb, u32 info)
489 const int code = icmp_hdr(skb)->code; 515 const int code = icmp_hdr(skb)->code;
490 struct ip_tunnel *t; 516 struct ip_tunnel *t;
491 __be16 flags; 517 __be16 flags;
518 __be32 key = 0;
492 519
493 flags = p[0]; 520 flags = p[0];
494 if (flags&(GRE_CSUM|GRE_KEY|GRE_SEQ|GRE_ROUTING|GRE_VERSION)) { 521 if (flags&(GRE_CSUM|GRE_KEY|GRE_SEQ|GRE_ROUTING|GRE_VERSION)) {
@@ -505,6 +532,9 @@ static void ipgre_err(struct sk_buff *skb, u32 info)
505 if (skb_headlen(skb) < grehlen) 532 if (skb_headlen(skb) < grehlen)
506 return; 533 return;
507 534
535 if (flags & GRE_KEY)
536 key = *(((__be32 *)p) + (grehlen / 4) - 1);
537
508 switch (type) { 538 switch (type) {
509 default: 539 default:
510 case ICMP_PARAMETERPROB: 540 case ICMP_PARAMETERPROB:
@@ -533,49 +563,34 @@ static void ipgre_err(struct sk_buff *skb, u32 info)
533 break; 563 break;
534 } 564 }
535 565
536 rcu_read_lock();
537 t = ipgre_tunnel_lookup(skb->dev, iph->daddr, iph->saddr, 566 t = ipgre_tunnel_lookup(skb->dev, iph->daddr, iph->saddr,
538 flags & GRE_KEY ? 567 flags, key, p[1]);
539 *(((__be32 *)p) + (grehlen / 4) - 1) : 0, 568
540 p[1]);
541 if (t == NULL) 569 if (t == NULL)
542 goto out; 570 return;
543 571
544 if (type == ICMP_DEST_UNREACH && code == ICMP_FRAG_NEEDED) { 572 if (type == ICMP_DEST_UNREACH && code == ICMP_FRAG_NEEDED) {
545 ipv4_update_pmtu(skb, dev_net(skb->dev), info, 573 ipv4_update_pmtu(skb, dev_net(skb->dev), info,
546 t->parms.link, 0, IPPROTO_GRE, 0); 574 t->parms.link, 0, IPPROTO_GRE, 0);
547 goto out; 575 return;
548 } 576 }
549 if (type == ICMP_REDIRECT) { 577 if (type == ICMP_REDIRECT) {
550 ipv4_redirect(skb, dev_net(skb->dev), t->parms.link, 0, 578 ipv4_redirect(skb, dev_net(skb->dev), t->parms.link, 0,
551 IPPROTO_GRE, 0); 579 IPPROTO_GRE, 0);
552 goto out; 580 return;
553 } 581 }
554 if (t->parms.iph.daddr == 0 || 582 if (t->parms.iph.daddr == 0 ||
555 ipv4_is_multicast(t->parms.iph.daddr)) 583 ipv4_is_multicast(t->parms.iph.daddr))
556 goto out; 584 return;
557 585
558 if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED) 586 if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED)
559 goto out; 587 return;
560 588
561 if (time_before(jiffies, t->err_time + IPTUNNEL_ERR_TIMEO)) 589 if (time_before(jiffies, t->err_time + IPTUNNEL_ERR_TIMEO))
562 t->err_count++; 590 t->err_count++;
563 else 591 else
564 t->err_count = 1; 592 t->err_count = 1;
565 t->err_time = jiffies; 593 t->err_time = jiffies;
566out:
567 rcu_read_unlock();
568}
569
570static inline void ipgre_ecn_decapsulate(const struct iphdr *iph, struct sk_buff *skb)
571{
572 if (INET_ECN_is_ce(iph->tos)) {
573 if (skb->protocol == htons(ETH_P_IP)) {
574 IP_ECN_set_ce(ip_hdr(skb));
575 } else if (skb->protocol == htons(ETH_P_IPV6)) {
576 IP6_ECN_set_ce(ipv6_hdr(skb));
577 }
578 }
579} 594}
580 595
581static inline u8 596static inline u8
@@ -600,9 +615,10 @@ static int ipgre_rcv(struct sk_buff *skb)
600 struct ip_tunnel *tunnel; 615 struct ip_tunnel *tunnel;
601 int offset = 4; 616 int offset = 4;
602 __be16 gre_proto; 617 __be16 gre_proto;
618 int err;
603 619
604 if (!pskb_may_pull(skb, 16)) 620 if (!pskb_may_pull(skb, 16))
605 goto drop_nolock; 621 goto drop;
606 622
607 iph = ip_hdr(skb); 623 iph = ip_hdr(skb);
608 h = skb->data; 624 h = skb->data;
@@ -613,7 +629,7 @@ static int ipgre_rcv(struct sk_buff *skb)
613 - We do not support routing headers. 629 - We do not support routing headers.
614 */ 630 */
615 if (flags&(GRE_VERSION|GRE_ROUTING)) 631 if (flags&(GRE_VERSION|GRE_ROUTING))
616 goto drop_nolock; 632 goto drop;
617 633
618 if (flags&GRE_CSUM) { 634 if (flags&GRE_CSUM) {
619 switch (skb->ip_summed) { 635 switch (skb->ip_summed) {
@@ -641,10 +657,10 @@ static int ipgre_rcv(struct sk_buff *skb)
641 657
642 gre_proto = *(__be16 *)(h + 2); 658 gre_proto = *(__be16 *)(h + 2);
643 659
644 rcu_read_lock(); 660 tunnel = ipgre_tunnel_lookup(skb->dev,
645 if ((tunnel = ipgre_tunnel_lookup(skb->dev, 661 iph->saddr, iph->daddr, flags, key,
646 iph->saddr, iph->daddr, key, 662 gre_proto);
647 gre_proto))) { 663 if (tunnel) {
648 struct pcpu_tstats *tstats; 664 struct pcpu_tstats *tstats;
649 665
650 secpath_reset(skb); 666 secpath_reset(skb);
@@ -703,27 +719,33 @@ static int ipgre_rcv(struct sk_buff *skb)
703 skb_postpull_rcsum(skb, eth_hdr(skb), ETH_HLEN); 719 skb_postpull_rcsum(skb, eth_hdr(skb), ETH_HLEN);
704 } 720 }
705 721
722 __skb_tunnel_rx(skb, tunnel->dev);
723
724 skb_reset_network_header(skb);
725 err = IP_ECN_decapsulate(iph, skb);
726 if (unlikely(err)) {
727 if (log_ecn_error)
728 net_info_ratelimited("non-ECT from %pI4 with TOS=%#x\n",
729 &iph->saddr, iph->tos);
730 if (err > 1) {
731 ++tunnel->dev->stats.rx_frame_errors;
732 ++tunnel->dev->stats.rx_errors;
733 goto drop;
734 }
735 }
736
706 tstats = this_cpu_ptr(tunnel->dev->tstats); 737 tstats = this_cpu_ptr(tunnel->dev->tstats);
707 u64_stats_update_begin(&tstats->syncp); 738 u64_stats_update_begin(&tstats->syncp);
708 tstats->rx_packets++; 739 tstats->rx_packets++;
709 tstats->rx_bytes += skb->len; 740 tstats->rx_bytes += skb->len;
710 u64_stats_update_end(&tstats->syncp); 741 u64_stats_update_end(&tstats->syncp);
711 742
712 __skb_tunnel_rx(skb, tunnel->dev); 743 gro_cells_receive(&tunnel->gro_cells, skb);
713
714 skb_reset_network_header(skb);
715 ipgre_ecn_decapsulate(iph, skb);
716
717 netif_rx(skb);
718
719 rcu_read_unlock();
720 return 0; 744 return 0;
721 } 745 }
722 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH, 0); 746 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH, 0);
723 747
724drop: 748drop:
725 rcu_read_unlock();
726drop_nolock:
727 kfree_skb(skb); 749 kfree_skb(skb);
728 return 0; 750 return 0;
729} 751}
@@ -745,6 +767,10 @@ static netdev_tx_t ipgre_tunnel_xmit(struct sk_buff *skb, struct net_device *dev
745 __be32 dst; 767 __be32 dst;
746 int mtu; 768 int mtu;
747 769
770 if (skb->ip_summed == CHECKSUM_PARTIAL &&
771 skb_checksum_help(skb))
772 goto tx_error;
773
748 if (dev->type == ARPHRD_ETHER) 774 if (dev->type == ARPHRD_ETHER)
749 IPCB(skb)->flags = 0; 775 IPCB(skb)->flags = 0;
750 776
@@ -1292,10 +1318,18 @@ static const struct net_device_ops ipgre_netdev_ops = {
1292 1318
1293static void ipgre_dev_free(struct net_device *dev) 1319static void ipgre_dev_free(struct net_device *dev)
1294{ 1320{
1321 struct ip_tunnel *tunnel = netdev_priv(dev);
1322
1323 gro_cells_destroy(&tunnel->gro_cells);
1295 free_percpu(dev->tstats); 1324 free_percpu(dev->tstats);
1296 free_netdev(dev); 1325 free_netdev(dev);
1297} 1326}
1298 1327
1328#define GRE_FEATURES (NETIF_F_SG | \
1329 NETIF_F_FRAGLIST | \
1330 NETIF_F_HIGHDMA | \
1331 NETIF_F_HW_CSUM)
1332
1299static void ipgre_tunnel_setup(struct net_device *dev) 1333static void ipgre_tunnel_setup(struct net_device *dev)
1300{ 1334{
1301 dev->netdev_ops = &ipgre_netdev_ops; 1335 dev->netdev_ops = &ipgre_netdev_ops;
@@ -1309,12 +1343,16 @@ static void ipgre_tunnel_setup(struct net_device *dev)
1309 dev->addr_len = 4; 1343 dev->addr_len = 4;
1310 dev->features |= NETIF_F_NETNS_LOCAL; 1344 dev->features |= NETIF_F_NETNS_LOCAL;
1311 dev->priv_flags &= ~IFF_XMIT_DST_RELEASE; 1345 dev->priv_flags &= ~IFF_XMIT_DST_RELEASE;
1346
1347 dev->features |= GRE_FEATURES;
1348 dev->hw_features |= GRE_FEATURES;
1312} 1349}
1313 1350
1314static int ipgre_tunnel_init(struct net_device *dev) 1351static int ipgre_tunnel_init(struct net_device *dev)
1315{ 1352{
1316 struct ip_tunnel *tunnel; 1353 struct ip_tunnel *tunnel;
1317 struct iphdr *iph; 1354 struct iphdr *iph;
1355 int err;
1318 1356
1319 tunnel = netdev_priv(dev); 1357 tunnel = netdev_priv(dev);
1320 iph = &tunnel->parms.iph; 1358 iph = &tunnel->parms.iph;
@@ -1341,6 +1379,12 @@ static int ipgre_tunnel_init(struct net_device *dev)
1341 if (!dev->tstats) 1379 if (!dev->tstats)
1342 return -ENOMEM; 1380 return -ENOMEM;
1343 1381
1382 err = gro_cells_init(&tunnel->gro_cells, dev);
1383 if (err) {
1384 free_percpu(dev->tstats);
1385 return err;
1386 }
1387
1344 return 0; 1388 return 0;
1345} 1389}
1346 1390
diff --git a/net/ipv4/ip_output.c b/net/ipv4/ip_output.c
index c196d749daf2..24a29a39e9a8 100644
--- a/net/ipv4/ip_output.c
+++ b/net/ipv4/ip_output.c
@@ -467,7 +467,9 @@ int ip_fragment(struct sk_buff *skb, int (*output)(struct sk_buff *))
467 467
468 iph = ip_hdr(skb); 468 iph = ip_hdr(skb);
469 469
470 if (unlikely((iph->frag_off & htons(IP_DF)) && !skb->local_df)) { 470 if (unlikely(((iph->frag_off & htons(IP_DF)) && !skb->local_df) ||
471 (IPCB(skb)->frag_max_size &&
472 IPCB(skb)->frag_max_size > dst_mtu(&rt->dst)))) {
471 IP_INC_STATS(dev_net(dev), IPSTATS_MIB_FRAGFAILS); 473 IP_INC_STATS(dev_net(dev), IPSTATS_MIB_FRAGFAILS);
472 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, 474 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED,
473 htonl(ip_skb_dst_mtu(skb))); 475 htonl(ip_skb_dst_mtu(skb)));
@@ -791,6 +793,7 @@ static int __ip_append_data(struct sock *sk,
791 struct flowi4 *fl4, 793 struct flowi4 *fl4,
792 struct sk_buff_head *queue, 794 struct sk_buff_head *queue,
793 struct inet_cork *cork, 795 struct inet_cork *cork,
796 struct page_frag *pfrag,
794 int getfrag(void *from, char *to, int offset, 797 int getfrag(void *from, char *to, int offset,
795 int len, int odd, struct sk_buff *skb), 798 int len, int odd, struct sk_buff *skb),
796 void *from, int length, int transhdrlen, 799 void *from, int length, int transhdrlen,
@@ -985,47 +988,30 @@ alloc_new_skb:
985 } 988 }
986 } else { 989 } else {
987 int i = skb_shinfo(skb)->nr_frags; 990 int i = skb_shinfo(skb)->nr_frags;
988 skb_frag_t *frag = &skb_shinfo(skb)->frags[i-1];
989 struct page *page = cork->page;
990 int off = cork->off;
991 unsigned int left;
992
993 if (page && (left = PAGE_SIZE - off) > 0) {
994 if (copy >= left)
995 copy = left;
996 if (page != skb_frag_page(frag)) {
997 if (i == MAX_SKB_FRAGS) {
998 err = -EMSGSIZE;
999 goto error;
1000 }
1001 skb_fill_page_desc(skb, i, page, off, 0);
1002 skb_frag_ref(skb, i);
1003 frag = &skb_shinfo(skb)->frags[i];
1004 }
1005 } else if (i < MAX_SKB_FRAGS) {
1006 if (copy > PAGE_SIZE)
1007 copy = PAGE_SIZE;
1008 page = alloc_pages(sk->sk_allocation, 0);
1009 if (page == NULL) {
1010 err = -ENOMEM;
1011 goto error;
1012 }
1013 cork->page = page;
1014 cork->off = 0;
1015 991
1016 skb_fill_page_desc(skb, i, page, 0, 0); 992 err = -ENOMEM;
1017 frag = &skb_shinfo(skb)->frags[i]; 993 if (!sk_page_frag_refill(sk, pfrag))
1018 } else {
1019 err = -EMSGSIZE;
1020 goto error;
1021 }
1022 if (getfrag(from, skb_frag_address(frag)+skb_frag_size(frag),
1023 offset, copy, skb->len, skb) < 0) {
1024 err = -EFAULT;
1025 goto error; 994 goto error;
995
996 if (!skb_can_coalesce(skb, i, pfrag->page,
997 pfrag->offset)) {
998 err = -EMSGSIZE;
999 if (i == MAX_SKB_FRAGS)
1000 goto error;
1001
1002 __skb_fill_page_desc(skb, i, pfrag->page,
1003 pfrag->offset, 0);
1004 skb_shinfo(skb)->nr_frags = ++i;
1005 get_page(pfrag->page);
1026 } 1006 }
1027 cork->off += copy; 1007 copy = min_t(int, copy, pfrag->size - pfrag->offset);
1028 skb_frag_size_add(frag, copy); 1008 if (getfrag(from,
1009 page_address(pfrag->page) + pfrag->offset,
1010 offset, copy, skb->len, skb) < 0)
1011 goto error_efault;
1012
1013 pfrag->offset += copy;
1014 skb_frag_size_add(&skb_shinfo(skb)->frags[i - 1], copy);
1029 skb->len += copy; 1015 skb->len += copy;
1030 skb->data_len += copy; 1016 skb->data_len += copy;
1031 skb->truesize += copy; 1017 skb->truesize += copy;
@@ -1037,6 +1023,8 @@ alloc_new_skb:
1037 1023
1038 return 0; 1024 return 0;
1039 1025
1026error_efault:
1027 err = -EFAULT;
1040error: 1028error:
1041 cork->length -= length; 1029 cork->length -= length;
1042 IP_INC_STATS(sock_net(sk), IPSTATS_MIB_OUTDISCARDS); 1030 IP_INC_STATS(sock_net(sk), IPSTATS_MIB_OUTDISCARDS);
@@ -1077,8 +1065,6 @@ static int ip_setup_cork(struct sock *sk, struct inet_cork *cork,
1077 cork->dst = &rt->dst; 1065 cork->dst = &rt->dst;
1078 cork->length = 0; 1066 cork->length = 0;
1079 cork->tx_flags = ipc->tx_flags; 1067 cork->tx_flags = ipc->tx_flags;
1080 cork->page = NULL;
1081 cork->off = 0;
1082 1068
1083 return 0; 1069 return 0;
1084} 1070}
@@ -1115,7 +1101,8 @@ int ip_append_data(struct sock *sk, struct flowi4 *fl4,
1115 transhdrlen = 0; 1101 transhdrlen = 0;
1116 } 1102 }
1117 1103
1118 return __ip_append_data(sk, fl4, &sk->sk_write_queue, &inet->cork.base, getfrag, 1104 return __ip_append_data(sk, fl4, &sk->sk_write_queue, &inet->cork.base,
1105 sk_page_frag(sk), getfrag,
1119 from, length, transhdrlen, flags); 1106 from, length, transhdrlen, flags);
1120} 1107}
1121 1108
@@ -1437,7 +1424,8 @@ struct sk_buff *ip_make_skb(struct sock *sk,
1437 if (err) 1424 if (err)
1438 return ERR_PTR(err); 1425 return ERR_PTR(err);
1439 1426
1440 err = __ip_append_data(sk, fl4, &queue, &cork, getfrag, 1427 err = __ip_append_data(sk, fl4, &queue, &cork,
1428 &current->task_frag, getfrag,
1441 from, length, transhdrlen, flags); 1429 from, length, transhdrlen, flags);
1442 if (err) { 1430 if (err) {
1443 __ip_flush_pending_frames(sk, &queue, &cork); 1431 __ip_flush_pending_frames(sk, &queue, &cork);
diff --git a/net/ipv4/ip_vti.c b/net/ipv4/ip_vti.c
index 3511ffba7bd4..978bca4818ae 100644
--- a/net/ipv4/ip_vti.c
+++ b/net/ipv4/ip_vti.c
@@ -304,7 +304,6 @@ static int vti_err(struct sk_buff *skb, u32 info)
304 304
305 err = -ENOENT; 305 err = -ENOENT;
306 306
307 rcu_read_lock();
308 t = vti_tunnel_lookup(dev_net(skb->dev), iph->daddr, iph->saddr); 307 t = vti_tunnel_lookup(dev_net(skb->dev), iph->daddr, iph->saddr);
309 if (t == NULL) 308 if (t == NULL)
310 goto out; 309 goto out;
@@ -326,7 +325,6 @@ static int vti_err(struct sk_buff *skb, u32 info)
326 t->err_count = 1; 325 t->err_count = 1;
327 t->err_time = jiffies; 326 t->err_time = jiffies;
328out: 327out:
329 rcu_read_unlock();
330 return err; 328 return err;
331} 329}
332 330
@@ -336,7 +334,6 @@ static int vti_rcv(struct sk_buff *skb)
336 struct ip_tunnel *tunnel; 334 struct ip_tunnel *tunnel;
337 const struct iphdr *iph = ip_hdr(skb); 335 const struct iphdr *iph = ip_hdr(skb);
338 336
339 rcu_read_lock();
340 tunnel = vti_tunnel_lookup(dev_net(skb->dev), iph->saddr, iph->daddr); 337 tunnel = vti_tunnel_lookup(dev_net(skb->dev), iph->saddr, iph->daddr);
341 if (tunnel != NULL) { 338 if (tunnel != NULL) {
342 struct pcpu_tstats *tstats; 339 struct pcpu_tstats *tstats;
@@ -348,10 +345,8 @@ static int vti_rcv(struct sk_buff *skb)
348 u64_stats_update_end(&tstats->syncp); 345 u64_stats_update_end(&tstats->syncp);
349 346
350 skb->dev = tunnel->dev; 347 skb->dev = tunnel->dev;
351 rcu_read_unlock();
352 return 1; 348 return 1;
353 } 349 }
354 rcu_read_unlock();
355 350
356 return -1; 351 return -1;
357} 352}
diff --git a/net/ipv4/ipconfig.c b/net/ipv4/ipconfig.c
index 67e8a6b086ea..798358b10717 100644
--- a/net/ipv4/ipconfig.c
+++ b/net/ipv4/ipconfig.c
@@ -583,6 +583,17 @@ static void __init ic_rarp_send_if(struct ic_device *d)
583#endif 583#endif
584 584
585/* 585/*
586 * Predefine Nameservers
587 */
588static inline void __init ic_nameservers_predef(void)
589{
590 int i;
591
592 for (i = 0; i < CONF_NAMESERVERS_MAX; i++)
593 ic_nameservers[i] = NONE;
594}
595
596/*
586 * DHCP/BOOTP support. 597 * DHCP/BOOTP support.
587 */ 598 */
588 599
@@ -747,10 +758,7 @@ static void __init ic_bootp_init_ext(u8 *e)
747 */ 758 */
748static inline void __init ic_bootp_init(void) 759static inline void __init ic_bootp_init(void)
749{ 760{
750 int i; 761 ic_nameservers_predef();
751
752 for (i = 0; i < CONF_NAMESERVERS_MAX; i++)
753 ic_nameservers[i] = NONE;
754 762
755 dev_add_pack(&bootp_packet_type); 763 dev_add_pack(&bootp_packet_type);
756} 764}
@@ -1379,6 +1387,7 @@ static int __init ip_auto_config(void)
1379 int retries = CONF_OPEN_RETRIES; 1387 int retries = CONF_OPEN_RETRIES;
1380#endif 1388#endif
1381 int err; 1389 int err;
1390 unsigned int i;
1382 1391
1383#ifdef CONFIG_PROC_FS 1392#ifdef CONFIG_PROC_FS
1384 proc_net_fops_create(&init_net, "pnp", S_IRUGO, &pnp_seq_fops); 1393 proc_net_fops_create(&init_net, "pnp", S_IRUGO, &pnp_seq_fops);
@@ -1499,7 +1508,15 @@ static int __init ip_auto_config(void)
1499 &ic_servaddr, &root_server_addr, root_server_path); 1508 &ic_servaddr, &root_server_addr, root_server_path);
1500 if (ic_dev_mtu) 1509 if (ic_dev_mtu)
1501 pr_cont(", mtu=%d", ic_dev_mtu); 1510 pr_cont(", mtu=%d", ic_dev_mtu);
1502 pr_cont("\n"); 1511 for (i = 0; i < CONF_NAMESERVERS_MAX; i++)
1512 if (ic_nameservers[i] != NONE) {
1513 pr_info(" nameserver%u=%pI4",
1514 i, &ic_nameservers[i]);
1515 break;
1516 }
1517 for (i++; i < CONF_NAMESERVERS_MAX; i++)
1518 if (ic_nameservers[i] != NONE)
1519 pr_cont(", nameserver%u=%pI4\n", i, &ic_nameservers[i]);
1503#endif /* !SILENT */ 1520#endif /* !SILENT */
1504 1521
1505 return 0; 1522 return 0;
@@ -1570,6 +1587,8 @@ static int __init ip_auto_config_setup(char *addrs)
1570 return 1; 1587 return 1;
1571 } 1588 }
1572 1589
1590 ic_nameservers_predef();
1591
1573 /* Parse string for static IP assignment. */ 1592 /* Parse string for static IP assignment. */
1574 ip = addrs; 1593 ip = addrs;
1575 while (ip && *ip) { 1594 while (ip && *ip) {
@@ -1613,6 +1632,20 @@ static int __init ip_auto_config_setup(char *addrs)
1613 ic_enable = 0; 1632 ic_enable = 0;
1614 } 1633 }
1615 break; 1634 break;
1635 case 7:
1636 if (CONF_NAMESERVERS_MAX >= 1) {
1637 ic_nameservers[0] = in_aton(ip);
1638 if (ic_nameservers[0] == ANY)
1639 ic_nameservers[0] = NONE;
1640 }
1641 break;
1642 case 8:
1643 if (CONF_NAMESERVERS_MAX >= 2) {
1644 ic_nameservers[1] = in_aton(ip);
1645 if (ic_nameservers[1] == ANY)
1646 ic_nameservers[1] = NONE;
1647 }
1648 break;
1616 } 1649 }
1617 } 1650 }
1618 ip = cp; 1651 ip = cp;
diff --git a/net/ipv4/ipip.c b/net/ipv4/ipip.c
index 99af1f0cc658..e15b45297c09 100644
--- a/net/ipv4/ipip.c
+++ b/net/ipv4/ipip.c
@@ -120,6 +120,10 @@
120#define HASH_SIZE 16 120#define HASH_SIZE 16
121#define HASH(addr) (((__force u32)addr^((__force u32)addr>>4))&0xF) 121#define HASH(addr) (((__force u32)addr^((__force u32)addr>>4))&0xF)
122 122
123static bool log_ecn_error = true;
124module_param(log_ecn_error, bool, 0644);
125MODULE_PARM_DESC(log_ecn_error, "Log packets received with corrupted ECN");
126
123static int ipip_net_id __read_mostly; 127static int ipip_net_id __read_mostly;
124struct ipip_net { 128struct ipip_net {
125 struct ip_tunnel __rcu *tunnels_r_l[HASH_SIZE]; 129 struct ip_tunnel __rcu *tunnels_r_l[HASH_SIZE];
@@ -365,8 +369,6 @@ static int ipip_err(struct sk_buff *skb, u32 info)
365 } 369 }
366 370
367 err = -ENOENT; 371 err = -ENOENT;
368
369 rcu_read_lock();
370 t = ipip_tunnel_lookup(dev_net(skb->dev), iph->daddr, iph->saddr); 372 t = ipip_tunnel_lookup(dev_net(skb->dev), iph->daddr, iph->saddr);
371 if (t == NULL) 373 if (t == NULL)
372 goto out; 374 goto out;
@@ -398,34 +400,22 @@ static int ipip_err(struct sk_buff *skb, u32 info)
398 t->err_count = 1; 400 t->err_count = 1;
399 t->err_time = jiffies; 401 t->err_time = jiffies;
400out: 402out:
401 rcu_read_unlock();
402 return err;
403}
404
405static inline void ipip_ecn_decapsulate(const struct iphdr *outer_iph,
406 struct sk_buff *skb)
407{
408 struct iphdr *inner_iph = ip_hdr(skb);
409 403
410 if (INET_ECN_is_ce(outer_iph->tos)) 404 return err;
411 IP_ECN_set_ce(inner_iph);
412} 405}
413 406
414static int ipip_rcv(struct sk_buff *skb) 407static int ipip_rcv(struct sk_buff *skb)
415{ 408{
416 struct ip_tunnel *tunnel; 409 struct ip_tunnel *tunnel;
417 const struct iphdr *iph = ip_hdr(skb); 410 const struct iphdr *iph = ip_hdr(skb);
411 int err;
418 412
419 rcu_read_lock();
420 tunnel = ipip_tunnel_lookup(dev_net(skb->dev), iph->saddr, iph->daddr); 413 tunnel = ipip_tunnel_lookup(dev_net(skb->dev), iph->saddr, iph->daddr);
421 if (tunnel != NULL) { 414 if (tunnel != NULL) {
422 struct pcpu_tstats *tstats; 415 struct pcpu_tstats *tstats;
423 416
424 if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb)) { 417 if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb))
425 rcu_read_unlock(); 418 goto drop;
426 kfree_skb(skb);
427 return 0;
428 }
429 419
430 secpath_reset(skb); 420 secpath_reset(skb);
431 421
@@ -434,24 +424,35 @@ static int ipip_rcv(struct sk_buff *skb)
434 skb->protocol = htons(ETH_P_IP); 424 skb->protocol = htons(ETH_P_IP);
435 skb->pkt_type = PACKET_HOST; 425 skb->pkt_type = PACKET_HOST;
436 426
427 __skb_tunnel_rx(skb, tunnel->dev);
428
429 err = IP_ECN_decapsulate(iph, skb);
430 if (unlikely(err)) {
431 if (log_ecn_error)
432 net_info_ratelimited("non-ECT from %pI4 with TOS=%#x\n",
433 &iph->saddr, iph->tos);
434 if (err > 1) {
435 ++tunnel->dev->stats.rx_frame_errors;
436 ++tunnel->dev->stats.rx_errors;
437 goto drop;
438 }
439 }
440
437 tstats = this_cpu_ptr(tunnel->dev->tstats); 441 tstats = this_cpu_ptr(tunnel->dev->tstats);
438 u64_stats_update_begin(&tstats->syncp); 442 u64_stats_update_begin(&tstats->syncp);
439 tstats->rx_packets++; 443 tstats->rx_packets++;
440 tstats->rx_bytes += skb->len; 444 tstats->rx_bytes += skb->len;
441 u64_stats_update_end(&tstats->syncp); 445 u64_stats_update_end(&tstats->syncp);
442 446
443 __skb_tunnel_rx(skb, tunnel->dev);
444
445 ipip_ecn_decapsulate(iph, skb);
446
447 netif_rx(skb); 447 netif_rx(skb);
448
449 rcu_read_unlock();
450 return 0; 448 return 0;
451 } 449 }
452 rcu_read_unlock();
453 450
454 return -1; 451 return -1;
452
453drop:
454 kfree_skb(skb);
455 return 0;
455} 456}
456 457
457/* 458/*
diff --git a/net/ipv4/ipmr.c b/net/ipv4/ipmr.c
index ebdf06f938bf..1daa95c2a0ba 100644
--- a/net/ipv4/ipmr.c
+++ b/net/ipv4/ipmr.c
@@ -626,7 +626,7 @@ static void ipmr_destroy_unres(struct mr_table *mrt, struct mfc_cache *c)
626 e->error = -ETIMEDOUT; 626 e->error = -ETIMEDOUT;
627 memset(&e->msg, 0, sizeof(e->msg)); 627 memset(&e->msg, 0, sizeof(e->msg));
628 628
629 rtnl_unicast(skb, net, NETLINK_CB(skb).pid); 629 rtnl_unicast(skb, net, NETLINK_CB(skb).portid);
630 } else { 630 } else {
631 kfree_skb(skb); 631 kfree_skb(skb);
632 } 632 }
@@ -870,7 +870,7 @@ static void ipmr_cache_resolve(struct net *net, struct mr_table *mrt,
870 memset(&e->msg, 0, sizeof(e->msg)); 870 memset(&e->msg, 0, sizeof(e->msg));
871 } 871 }
872 872
873 rtnl_unicast(skb, net, NETLINK_CB(skb).pid); 873 rtnl_unicast(skb, net, NETLINK_CB(skb).portid);
874 } else { 874 } else {
875 ip_mr_forward(net, mrt, skb, c, 0); 875 ip_mr_forward(net, mrt, skb, c, 0);
876 } 876 }
@@ -1808,7 +1808,7 @@ static struct mr_table *ipmr_rt_fib_lookup(struct net *net, struct sk_buff *skb)
1808 .flowi4_oif = (rt_is_output_route(rt) ? 1808 .flowi4_oif = (rt_is_output_route(rt) ?
1809 skb->dev->ifindex : 0), 1809 skb->dev->ifindex : 0),
1810 .flowi4_iif = (rt_is_output_route(rt) ? 1810 .flowi4_iif = (rt_is_output_route(rt) ?
1811 net->loopback_dev->ifindex : 1811 LOOPBACK_IFINDEX :
1812 skb->dev->ifindex), 1812 skb->dev->ifindex),
1813 .flowi4_mark = skb->mark, 1813 .flowi4_mark = skb->mark,
1814 }; 1814 };
@@ -2117,12 +2117,12 @@ int ipmr_get_route(struct net *net, struct sk_buff *skb,
2117} 2117}
2118 2118
2119static int ipmr_fill_mroute(struct mr_table *mrt, struct sk_buff *skb, 2119static int ipmr_fill_mroute(struct mr_table *mrt, struct sk_buff *skb,
2120 u32 pid, u32 seq, struct mfc_cache *c) 2120 u32 portid, u32 seq, struct mfc_cache *c)
2121{ 2121{
2122 struct nlmsghdr *nlh; 2122 struct nlmsghdr *nlh;
2123 struct rtmsg *rtm; 2123 struct rtmsg *rtm;
2124 2124
2125 nlh = nlmsg_put(skb, pid, seq, RTM_NEWROUTE, sizeof(*rtm), NLM_F_MULTI); 2125 nlh = nlmsg_put(skb, portid, seq, RTM_NEWROUTE, sizeof(*rtm), NLM_F_MULTI);
2126 if (nlh == NULL) 2126 if (nlh == NULL)
2127 return -EMSGSIZE; 2127 return -EMSGSIZE;
2128 2128
@@ -2176,7 +2176,7 @@ static int ipmr_rtm_dumproute(struct sk_buff *skb, struct netlink_callback *cb)
2176 if (e < s_e) 2176 if (e < s_e)
2177 goto next_entry; 2177 goto next_entry;
2178 if (ipmr_fill_mroute(mrt, skb, 2178 if (ipmr_fill_mroute(mrt, skb,
2179 NETLINK_CB(cb->skb).pid, 2179 NETLINK_CB(cb->skb).portid,
2180 cb->nlh->nlmsg_seq, 2180 cb->nlh->nlmsg_seq,
2181 mfc) < 0) 2181 mfc) < 0)
2182 goto done; 2182 goto done;
diff --git a/net/ipv4/netfilter.c b/net/ipv4/netfilter.c
index ed1b36783192..4c0cf63dd92e 100644
--- a/net/ipv4/netfilter.c
+++ b/net/ipv4/netfilter.c
@@ -72,43 +72,6 @@ int ip_route_me_harder(struct sk_buff *skb, unsigned int addr_type)
72} 72}
73EXPORT_SYMBOL(ip_route_me_harder); 73EXPORT_SYMBOL(ip_route_me_harder);
74 74
75#ifdef CONFIG_XFRM
76int ip_xfrm_me_harder(struct sk_buff *skb)
77{
78 struct flowi fl;
79 unsigned int hh_len;
80 struct dst_entry *dst;
81
82 if (IPCB(skb)->flags & IPSKB_XFRM_TRANSFORMED)
83 return 0;
84 if (xfrm_decode_session(skb, &fl, AF_INET) < 0)
85 return -1;
86
87 dst = skb_dst(skb);
88 if (dst->xfrm)
89 dst = ((struct xfrm_dst *)dst)->route;
90 dst_hold(dst);
91
92 dst = xfrm_lookup(dev_net(dst->dev), dst, &fl, skb->sk, 0);
93 if (IS_ERR(dst))
94 return -1;
95
96 skb_dst_drop(skb);
97 skb_dst_set(skb, dst);
98
99 /* Change in oif may mean change in hh_len. */
100 hh_len = skb_dst(skb)->dev->hard_header_len;
101 if (skb_headroom(skb) < hh_len &&
102 pskb_expand_head(skb, hh_len - skb_headroom(skb), 0, GFP_ATOMIC))
103 return -1;
104 return 0;
105}
106EXPORT_SYMBOL(ip_xfrm_me_harder);
107#endif
108
109void (*ip_nat_decode_session)(struct sk_buff *, struct flowi *);
110EXPORT_SYMBOL(ip_nat_decode_session);
111
112/* 75/*
113 * Extra routing may needed on local out, as the QUEUE target never 76 * Extra routing may needed on local out, as the QUEUE target never
114 * returns control to the table. 77 * returns control to the table.
@@ -225,12 +188,12 @@ static const struct nf_afinfo nf_ip_afinfo = {
225 .route_key_size = sizeof(struct ip_rt_info), 188 .route_key_size = sizeof(struct ip_rt_info),
226}; 189};
227 190
228static int ipv4_netfilter_init(void) 191static int __init ipv4_netfilter_init(void)
229{ 192{
230 return nf_register_afinfo(&nf_ip_afinfo); 193 return nf_register_afinfo(&nf_ip_afinfo);
231} 194}
232 195
233static void ipv4_netfilter_fini(void) 196static void __exit ipv4_netfilter_fini(void)
234{ 197{
235 nf_unregister_afinfo(&nf_ip_afinfo); 198 nf_unregister_afinfo(&nf_ip_afinfo);
236} 199}
diff --git a/net/ipv4/netfilter/Kconfig b/net/ipv4/netfilter/Kconfig
index fcc543cd987a..d8d6f2a5bf12 100644
--- a/net/ipv4/netfilter/Kconfig
+++ b/net/ipv4/netfilter/Kconfig
@@ -143,25 +143,22 @@ config IP_NF_TARGET_ULOG
143 To compile it as a module, choose M here. If unsure, say N. 143 To compile it as a module, choose M here. If unsure, say N.
144 144
145# NAT + specific targets: nf_conntrack 145# NAT + specific targets: nf_conntrack
146config NF_NAT 146config NF_NAT_IPV4
147 tristate "Full NAT" 147 tristate "IPv4 NAT"
148 depends on NF_CONNTRACK_IPV4 148 depends on NF_CONNTRACK_IPV4
149 default m if NETFILTER_ADVANCED=n 149 default m if NETFILTER_ADVANCED=n
150 select NF_NAT
150 help 151 help
151 The Full NAT option allows masquerading, port forwarding and other 152 The IPv4 NAT option allows masquerading, port forwarding and other
152 forms of full Network Address Port Translation. It is controlled by 153 forms of full Network Address Port Translation. It is controlled by
153 the `nat' table in iptables: see the man page for iptables(8). 154 the `nat' table in iptables: see the man page for iptables(8).
154 155
155 To compile it as a module, choose M here. If unsure, say N. 156 To compile it as a module, choose M here. If unsure, say N.
156 157
157config NF_NAT_NEEDED 158if NF_NAT_IPV4
158 bool
159 depends on NF_NAT
160 default y
161 159
162config IP_NF_TARGET_MASQUERADE 160config IP_NF_TARGET_MASQUERADE
163 tristate "MASQUERADE target support" 161 tristate "MASQUERADE target support"
164 depends on NF_NAT
165 default m if NETFILTER_ADVANCED=n 162 default m if NETFILTER_ADVANCED=n
166 help 163 help
167 Masquerading is a special case of NAT: all outgoing connections are 164 Masquerading is a special case of NAT: all outgoing connections are
@@ -174,30 +171,27 @@ config IP_NF_TARGET_MASQUERADE
174 171
175config IP_NF_TARGET_NETMAP 172config IP_NF_TARGET_NETMAP
176 tristate "NETMAP target support" 173 tristate "NETMAP target support"
177 depends on NF_NAT
178 depends on NETFILTER_ADVANCED 174 depends on NETFILTER_ADVANCED
179 help 175 select NETFILTER_XT_TARGET_NETMAP
180 NETMAP is an implementation of static 1:1 NAT mapping of network 176 ---help---
181 addresses. It maps the network address part, while keeping the host 177 This is a backwards-compat option for the user's convenience
182 address part intact. 178 (e.g. when running oldconfig). It selects
183 179 CONFIG_NETFILTER_XT_TARGET_NETMAP.
184 To compile it as a module, choose M here. If unsure, say N.
185 180
186config IP_NF_TARGET_REDIRECT 181config IP_NF_TARGET_REDIRECT
187 tristate "REDIRECT target support" 182 tristate "REDIRECT target support"
188 depends on NF_NAT
189 depends on NETFILTER_ADVANCED 183 depends on NETFILTER_ADVANCED
190 help 184 select NETFILTER_XT_TARGET_REDIRECT
191 REDIRECT is a special case of NAT: all incoming connections are 185 ---help---
192 mapped onto the incoming interface's address, causing the packets to 186 This is a backwards-compat option for the user's convenience
193 come to the local machine instead of passing through. This is 187 (e.g. when running oldconfig). It selects
194 useful for transparent proxies. 188 CONFIG_NETFILTER_XT_TARGET_REDIRECT.
195 189
196 To compile it as a module, choose M here. If unsure, say N. 190endif
197 191
198config NF_NAT_SNMP_BASIC 192config NF_NAT_SNMP_BASIC
199 tristate "Basic SNMP-ALG support" 193 tristate "Basic SNMP-ALG support"
200 depends on NF_CONNTRACK_SNMP && NF_NAT 194 depends on NF_CONNTRACK_SNMP && NF_NAT_IPV4
201 depends on NETFILTER_ADVANCED 195 depends on NETFILTER_ADVANCED
202 default NF_NAT && NF_CONNTRACK_SNMP 196 default NF_NAT && NF_CONNTRACK_SNMP
203 ---help--- 197 ---help---
@@ -219,61 +213,21 @@ config NF_NAT_SNMP_BASIC
219# <expr> '&&' <expr> (6) 213# <expr> '&&' <expr> (6)
220# 214#
221# (6) Returns the result of min(/expr/, /expr/). 215# (6) Returns the result of min(/expr/, /expr/).
222config NF_NAT_PROTO_DCCP
223 tristate
224 depends on NF_NAT && NF_CT_PROTO_DCCP
225 default NF_NAT && NF_CT_PROTO_DCCP
226 216
227config NF_NAT_PROTO_GRE 217config NF_NAT_PROTO_GRE
228 tristate 218 tristate
229 depends on NF_NAT && NF_CT_PROTO_GRE 219 depends on NF_NAT_IPV4 && NF_CT_PROTO_GRE
230
231config NF_NAT_PROTO_UDPLITE
232 tristate
233 depends on NF_NAT && NF_CT_PROTO_UDPLITE
234 default NF_NAT && NF_CT_PROTO_UDPLITE
235
236config NF_NAT_PROTO_SCTP
237 tristate
238 default NF_NAT && NF_CT_PROTO_SCTP
239 depends on NF_NAT && NF_CT_PROTO_SCTP
240 select LIBCRC32C
241
242config NF_NAT_FTP
243 tristate
244 depends on NF_CONNTRACK && NF_NAT
245 default NF_NAT && NF_CONNTRACK_FTP
246
247config NF_NAT_IRC
248 tristate
249 depends on NF_CONNTRACK && NF_NAT
250 default NF_NAT && NF_CONNTRACK_IRC
251
252config NF_NAT_TFTP
253 tristate
254 depends on NF_CONNTRACK && NF_NAT
255 default NF_NAT && NF_CONNTRACK_TFTP
256
257config NF_NAT_AMANDA
258 tristate
259 depends on NF_CONNTRACK && NF_NAT
260 default NF_NAT && NF_CONNTRACK_AMANDA
261 220
262config NF_NAT_PPTP 221config NF_NAT_PPTP
263 tristate 222 tristate
264 depends on NF_CONNTRACK && NF_NAT 223 depends on NF_CONNTRACK && NF_NAT_IPV4
265 default NF_NAT && NF_CONNTRACK_PPTP 224 default NF_NAT_IPV4 && NF_CONNTRACK_PPTP
266 select NF_NAT_PROTO_GRE 225 select NF_NAT_PROTO_GRE
267 226
268config NF_NAT_H323 227config NF_NAT_H323
269 tristate 228 tristate
270 depends on NF_CONNTRACK && NF_NAT 229 depends on NF_CONNTRACK && NF_NAT_IPV4
271 default NF_NAT && NF_CONNTRACK_H323 230 default NF_NAT_IPV4 && NF_CONNTRACK_H323
272
273config NF_NAT_SIP
274 tristate
275 depends on NF_CONNTRACK && NF_NAT
276 default NF_NAT && NF_CONNTRACK_SIP
277 231
278# mangle + specific targets 232# mangle + specific targets
279config IP_NF_MANGLE 233config IP_NF_MANGLE
diff --git a/net/ipv4/netfilter/Makefile b/net/ipv4/netfilter/Makefile
index c20674dc9452..007b128eecc9 100644
--- a/net/ipv4/netfilter/Makefile
+++ b/net/ipv4/netfilter/Makefile
@@ -10,32 +10,22 @@ nf_conntrack_ipv4-objs += nf_conntrack_l3proto_ipv4_compat.o
10endif 10endif
11endif 11endif
12 12
13nf_nat-y := nf_nat_core.o nf_nat_helper.o nf_nat_proto_unknown.o nf_nat_proto_common.o nf_nat_proto_tcp.o nf_nat_proto_udp.o nf_nat_proto_icmp.o
14iptable_nat-y := nf_nat_rule.o nf_nat_standalone.o
15
16# connection tracking 13# connection tracking
17obj-$(CONFIG_NF_CONNTRACK_IPV4) += nf_conntrack_ipv4.o 14obj-$(CONFIG_NF_CONNTRACK_IPV4) += nf_conntrack_ipv4.o
18 15
19obj-$(CONFIG_NF_NAT) += nf_nat.o 16nf_nat_ipv4-y := nf_nat_l3proto_ipv4.o nf_nat_proto_icmp.o
17obj-$(CONFIG_NF_NAT_IPV4) += nf_nat_ipv4.o
20 18
21# defrag 19# defrag
22obj-$(CONFIG_NF_DEFRAG_IPV4) += nf_defrag_ipv4.o 20obj-$(CONFIG_NF_DEFRAG_IPV4) += nf_defrag_ipv4.o
23 21
24# NAT helpers (nf_conntrack) 22# NAT helpers (nf_conntrack)
25obj-$(CONFIG_NF_NAT_AMANDA) += nf_nat_amanda.o
26obj-$(CONFIG_NF_NAT_FTP) += nf_nat_ftp.o
27obj-$(CONFIG_NF_NAT_H323) += nf_nat_h323.o 23obj-$(CONFIG_NF_NAT_H323) += nf_nat_h323.o
28obj-$(CONFIG_NF_NAT_IRC) += nf_nat_irc.o
29obj-$(CONFIG_NF_NAT_PPTP) += nf_nat_pptp.o 24obj-$(CONFIG_NF_NAT_PPTP) += nf_nat_pptp.o
30obj-$(CONFIG_NF_NAT_SIP) += nf_nat_sip.o
31obj-$(CONFIG_NF_NAT_SNMP_BASIC) += nf_nat_snmp_basic.o 25obj-$(CONFIG_NF_NAT_SNMP_BASIC) += nf_nat_snmp_basic.o
32obj-$(CONFIG_NF_NAT_TFTP) += nf_nat_tftp.o
33 26
34# NAT protocols (nf_nat) 27# NAT protocols (nf_nat)
35obj-$(CONFIG_NF_NAT_PROTO_DCCP) += nf_nat_proto_dccp.o
36obj-$(CONFIG_NF_NAT_PROTO_GRE) += nf_nat_proto_gre.o 28obj-$(CONFIG_NF_NAT_PROTO_GRE) += nf_nat_proto_gre.o
37obj-$(CONFIG_NF_NAT_PROTO_UDPLITE) += nf_nat_proto_udplite.o
38obj-$(CONFIG_NF_NAT_PROTO_SCTP) += nf_nat_proto_sctp.o
39 29
40# generic IP tables 30# generic IP tables
41obj-$(CONFIG_IP_NF_IPTABLES) += ip_tables.o 31obj-$(CONFIG_IP_NF_IPTABLES) += ip_tables.o
@@ -43,7 +33,7 @@ obj-$(CONFIG_IP_NF_IPTABLES) += ip_tables.o
43# the three instances of ip_tables 33# the three instances of ip_tables
44obj-$(CONFIG_IP_NF_FILTER) += iptable_filter.o 34obj-$(CONFIG_IP_NF_FILTER) += iptable_filter.o
45obj-$(CONFIG_IP_NF_MANGLE) += iptable_mangle.o 35obj-$(CONFIG_IP_NF_MANGLE) += iptable_mangle.o
46obj-$(CONFIG_NF_NAT) += iptable_nat.o 36obj-$(CONFIG_NF_NAT_IPV4) += iptable_nat.o
47obj-$(CONFIG_IP_NF_RAW) += iptable_raw.o 37obj-$(CONFIG_IP_NF_RAW) += iptable_raw.o
48obj-$(CONFIG_IP_NF_SECURITY) += iptable_security.o 38obj-$(CONFIG_IP_NF_SECURITY) += iptable_security.o
49 39
@@ -55,8 +45,6 @@ obj-$(CONFIG_IP_NF_MATCH_RPFILTER) += ipt_rpfilter.o
55obj-$(CONFIG_IP_NF_TARGET_CLUSTERIP) += ipt_CLUSTERIP.o 45obj-$(CONFIG_IP_NF_TARGET_CLUSTERIP) += ipt_CLUSTERIP.o
56obj-$(CONFIG_IP_NF_TARGET_ECN) += ipt_ECN.o 46obj-$(CONFIG_IP_NF_TARGET_ECN) += ipt_ECN.o
57obj-$(CONFIG_IP_NF_TARGET_MASQUERADE) += ipt_MASQUERADE.o 47obj-$(CONFIG_IP_NF_TARGET_MASQUERADE) += ipt_MASQUERADE.o
58obj-$(CONFIG_IP_NF_TARGET_NETMAP) += ipt_NETMAP.o
59obj-$(CONFIG_IP_NF_TARGET_REDIRECT) += ipt_REDIRECT.o
60obj-$(CONFIG_IP_NF_TARGET_REJECT) += ipt_REJECT.o 48obj-$(CONFIG_IP_NF_TARGET_REJECT) += ipt_REJECT.o
61obj-$(CONFIG_IP_NF_TARGET_ULOG) += ipt_ULOG.o 49obj-$(CONFIG_IP_NF_TARGET_ULOG) += ipt_ULOG.o
62 50
diff --git a/net/ipv4/netfilter/ipt_MASQUERADE.c b/net/ipv4/netfilter/ipt_MASQUERADE.c
index cbb6a1a6f6f7..5d5d4d1be9c2 100644
--- a/net/ipv4/netfilter/ipt_MASQUERADE.c
+++ b/net/ipv4/netfilter/ipt_MASQUERADE.c
@@ -19,9 +19,9 @@
19#include <net/ip.h> 19#include <net/ip.h>
20#include <net/checksum.h> 20#include <net/checksum.h>
21#include <net/route.h> 21#include <net/route.h>
22#include <net/netfilter/nf_nat_rule.h>
23#include <linux/netfilter_ipv4.h> 22#include <linux/netfilter_ipv4.h>
24#include <linux/netfilter/x_tables.h> 23#include <linux/netfilter/x_tables.h>
24#include <net/netfilter/nf_nat.h>
25 25
26MODULE_LICENSE("GPL"); 26MODULE_LICENSE("GPL");
27MODULE_AUTHOR("Netfilter Core Team <coreteam@netfilter.org>"); 27MODULE_AUTHOR("Netfilter Core Team <coreteam@netfilter.org>");
@@ -49,7 +49,7 @@ masquerade_tg(struct sk_buff *skb, const struct xt_action_param *par)
49 struct nf_conn *ct; 49 struct nf_conn *ct;
50 struct nf_conn_nat *nat; 50 struct nf_conn_nat *nat;
51 enum ip_conntrack_info ctinfo; 51 enum ip_conntrack_info ctinfo;
52 struct nf_nat_ipv4_range newrange; 52 struct nf_nat_range newrange;
53 const struct nf_nat_ipv4_multi_range_compat *mr; 53 const struct nf_nat_ipv4_multi_range_compat *mr;
54 const struct rtable *rt; 54 const struct rtable *rt;
55 __be32 newsrc, nh; 55 __be32 newsrc, nh;
@@ -80,10 +80,13 @@ masquerade_tg(struct sk_buff *skb, const struct xt_action_param *par)
80 nat->masq_index = par->out->ifindex; 80 nat->masq_index = par->out->ifindex;
81 81
82 /* Transfer from original range. */ 82 /* Transfer from original range. */
83 newrange = ((struct nf_nat_ipv4_range) 83 memset(&newrange.min_addr, 0, sizeof(newrange.min_addr));
84 { mr->range[0].flags | NF_NAT_RANGE_MAP_IPS, 84 memset(&newrange.max_addr, 0, sizeof(newrange.max_addr));
85 newsrc, newsrc, 85 newrange.flags = mr->range[0].flags | NF_NAT_RANGE_MAP_IPS;
86 mr->range[0].min, mr->range[0].max }); 86 newrange.min_addr.ip = newsrc;
87 newrange.max_addr.ip = newsrc;
88 newrange.min_proto = mr->range[0].min;
89 newrange.max_proto = mr->range[0].max;
87 90
88 /* Hand modified range to generic setup. */ 91 /* Hand modified range to generic setup. */
89 return nf_nat_setup_info(ct, &newrange, NF_NAT_MANIP_SRC); 92 return nf_nat_setup_info(ct, &newrange, NF_NAT_MANIP_SRC);
@@ -96,7 +99,8 @@ device_cmp(struct nf_conn *i, void *ifindex)
96 99
97 if (!nat) 100 if (!nat)
98 return 0; 101 return 0;
99 102 if (nf_ct_l3num(i) != NFPROTO_IPV4)
103 return 0;
100 return nat->masq_index == (int)(long)ifindex; 104 return nat->masq_index == (int)(long)ifindex;
101} 105}
102 106
diff --git a/net/ipv4/netfilter/ipt_NETMAP.c b/net/ipv4/netfilter/ipt_NETMAP.c
deleted file mode 100644
index b5bfbbabf70d..000000000000
--- a/net/ipv4/netfilter/ipt_NETMAP.c
+++ /dev/null
@@ -1,98 +0,0 @@
1/* NETMAP - static NAT mapping of IP network addresses (1:1).
2 * The mapping can be applied to source (POSTROUTING),
3 * destination (PREROUTING), or both (with separate rules).
4 */
5
6/* (C) 2000-2001 Svenning Soerensen <svenning@post5.tele.dk>
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License version 2 as
10 * published by the Free Software Foundation.
11 */
12#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
13#include <linux/ip.h>
14#include <linux/module.h>
15#include <linux/netdevice.h>
16#include <linux/netfilter.h>
17#include <linux/netfilter_ipv4.h>
18#include <linux/netfilter/x_tables.h>
19#include <net/netfilter/nf_nat_rule.h>
20
21MODULE_LICENSE("GPL");
22MODULE_AUTHOR("Svenning Soerensen <svenning@post5.tele.dk>");
23MODULE_DESCRIPTION("Xtables: 1:1 NAT mapping of IPv4 subnets");
24
25static int netmap_tg_check(const struct xt_tgchk_param *par)
26{
27 const struct nf_nat_ipv4_multi_range_compat *mr = par->targinfo;
28
29 if (!(mr->range[0].flags & NF_NAT_RANGE_MAP_IPS)) {
30 pr_debug("bad MAP_IPS.\n");
31 return -EINVAL;
32 }
33 if (mr->rangesize != 1) {
34 pr_debug("bad rangesize %u.\n", mr->rangesize);
35 return -EINVAL;
36 }
37 return 0;
38}
39
40static unsigned int
41netmap_tg(struct sk_buff *skb, const struct xt_action_param *par)
42{
43 struct nf_conn *ct;
44 enum ip_conntrack_info ctinfo;
45 __be32 new_ip, netmask;
46 const struct nf_nat_ipv4_multi_range_compat *mr = par->targinfo;
47 struct nf_nat_ipv4_range newrange;
48
49 NF_CT_ASSERT(par->hooknum == NF_INET_PRE_ROUTING ||
50 par->hooknum == NF_INET_POST_ROUTING ||
51 par->hooknum == NF_INET_LOCAL_OUT ||
52 par->hooknum == NF_INET_LOCAL_IN);
53 ct = nf_ct_get(skb, &ctinfo);
54
55 netmask = ~(mr->range[0].min_ip ^ mr->range[0].max_ip);
56
57 if (par->hooknum == NF_INET_PRE_ROUTING ||
58 par->hooknum == NF_INET_LOCAL_OUT)
59 new_ip = ip_hdr(skb)->daddr & ~netmask;
60 else
61 new_ip = ip_hdr(skb)->saddr & ~netmask;
62 new_ip |= mr->range[0].min_ip & netmask;
63
64 newrange = ((struct nf_nat_ipv4_range)
65 { mr->range[0].flags | NF_NAT_RANGE_MAP_IPS,
66 new_ip, new_ip,
67 mr->range[0].min, mr->range[0].max });
68
69 /* Hand modified range to generic setup. */
70 return nf_nat_setup_info(ct, &newrange, HOOK2MANIP(par->hooknum));
71}
72
73static struct xt_target netmap_tg_reg __read_mostly = {
74 .name = "NETMAP",
75 .family = NFPROTO_IPV4,
76 .target = netmap_tg,
77 .targetsize = sizeof(struct nf_nat_ipv4_multi_range_compat),
78 .table = "nat",
79 .hooks = (1 << NF_INET_PRE_ROUTING) |
80 (1 << NF_INET_POST_ROUTING) |
81 (1 << NF_INET_LOCAL_OUT) |
82 (1 << NF_INET_LOCAL_IN),
83 .checkentry = netmap_tg_check,
84 .me = THIS_MODULE
85};
86
87static int __init netmap_tg_init(void)
88{
89 return xt_register_target(&netmap_tg_reg);
90}
91
92static void __exit netmap_tg_exit(void)
93{
94 xt_unregister_target(&netmap_tg_reg);
95}
96
97module_init(netmap_tg_init);
98module_exit(netmap_tg_exit);
diff --git a/net/ipv4/netfilter/ipt_REDIRECT.c b/net/ipv4/netfilter/ipt_REDIRECT.c
deleted file mode 100644
index 7c0103a5203e..000000000000
--- a/net/ipv4/netfilter/ipt_REDIRECT.c
+++ /dev/null
@@ -1,110 +0,0 @@
1/* Redirect. Simple mapping which alters dst to a local IP address. */
2/* (C) 1999-2001 Paul `Rusty' Russell
3 * (C) 2002-2006 Netfilter Core Team <coreteam@netfilter.org>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
10#include <linux/types.h>
11#include <linux/ip.h>
12#include <linux/timer.h>
13#include <linux/module.h>
14#include <linux/netfilter.h>
15#include <linux/netdevice.h>
16#include <linux/if.h>
17#include <linux/inetdevice.h>
18#include <net/protocol.h>
19#include <net/checksum.h>
20#include <linux/netfilter_ipv4.h>
21#include <linux/netfilter/x_tables.h>
22#include <net/netfilter/nf_nat_rule.h>
23
24MODULE_LICENSE("GPL");
25MODULE_AUTHOR("Netfilter Core Team <coreteam@netfilter.org>");
26MODULE_DESCRIPTION("Xtables: Connection redirection to localhost");
27
28/* FIXME: Take multiple ranges --RR */
29static int redirect_tg_check(const struct xt_tgchk_param *par)
30{
31 const struct nf_nat_ipv4_multi_range_compat *mr = par->targinfo;
32
33 if (mr->range[0].flags & NF_NAT_RANGE_MAP_IPS) {
34 pr_debug("bad MAP_IPS.\n");
35 return -EINVAL;
36 }
37 if (mr->rangesize != 1) {
38 pr_debug("bad rangesize %u.\n", mr->rangesize);
39 return -EINVAL;
40 }
41 return 0;
42}
43
44static unsigned int
45redirect_tg(struct sk_buff *skb, const struct xt_action_param *par)
46{
47 struct nf_conn *ct;
48 enum ip_conntrack_info ctinfo;
49 __be32 newdst;
50 const struct nf_nat_ipv4_multi_range_compat *mr = par->targinfo;
51 struct nf_nat_ipv4_range newrange;
52
53 NF_CT_ASSERT(par->hooknum == NF_INET_PRE_ROUTING ||
54 par->hooknum == NF_INET_LOCAL_OUT);
55
56 ct = nf_ct_get(skb, &ctinfo);
57 NF_CT_ASSERT(ct && (ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED));
58
59 /* Local packets: make them go to loopback */
60 if (par->hooknum == NF_INET_LOCAL_OUT)
61 newdst = htonl(0x7F000001);
62 else {
63 struct in_device *indev;
64 struct in_ifaddr *ifa;
65
66 newdst = 0;
67
68 rcu_read_lock();
69 indev = __in_dev_get_rcu(skb->dev);
70 if (indev && (ifa = indev->ifa_list))
71 newdst = ifa->ifa_local;
72 rcu_read_unlock();
73
74 if (!newdst)
75 return NF_DROP;
76 }
77
78 /* Transfer from original range. */
79 newrange = ((struct nf_nat_ipv4_range)
80 { mr->range[0].flags | NF_NAT_RANGE_MAP_IPS,
81 newdst, newdst,
82 mr->range[0].min, mr->range[0].max });
83
84 /* Hand modified range to generic setup. */
85 return nf_nat_setup_info(ct, &newrange, NF_NAT_MANIP_DST);
86}
87
88static struct xt_target redirect_tg_reg __read_mostly = {
89 .name = "REDIRECT",
90 .family = NFPROTO_IPV4,
91 .target = redirect_tg,
92 .targetsize = sizeof(struct nf_nat_ipv4_multi_range_compat),
93 .table = "nat",
94 .hooks = (1 << NF_INET_PRE_ROUTING) | (1 << NF_INET_LOCAL_OUT),
95 .checkentry = redirect_tg_check,
96 .me = THIS_MODULE,
97};
98
99static int __init redirect_tg_init(void)
100{
101 return xt_register_target(&redirect_tg_reg);
102}
103
104static void __exit redirect_tg_exit(void)
105{
106 xt_unregister_target(&redirect_tg_reg);
107}
108
109module_init(redirect_tg_init);
110module_exit(redirect_tg_exit);
diff --git a/net/ipv4/netfilter/ipt_ULOG.c b/net/ipv4/netfilter/ipt_ULOG.c
index 1109f7f6c254..b5ef3cba2250 100644
--- a/net/ipv4/netfilter/ipt_ULOG.c
+++ b/net/ipv4/netfilter/ipt_ULOG.c
@@ -396,8 +396,7 @@ static int __init ulog_tg_init(void)
396 for (i = 0; i < ULOG_MAXNLGROUPS; i++) 396 for (i = 0; i < ULOG_MAXNLGROUPS; i++)
397 setup_timer(&ulog_buffers[i].timer, ulog_timer, i); 397 setup_timer(&ulog_buffers[i].timer, ulog_timer, i);
398 398
399 nflognl = netlink_kernel_create(&init_net, NETLINK_NFLOG, 399 nflognl = netlink_kernel_create(&init_net, NETLINK_NFLOG, &cfg);
400 THIS_MODULE, &cfg);
401 if (!nflognl) 400 if (!nflognl)
402 return -ENOMEM; 401 return -ENOMEM;
403 402
diff --git a/net/ipv4/netfilter/ipt_rpfilter.c b/net/ipv4/netfilter/ipt_rpfilter.c
index 31371be8174b..c30130062cd6 100644
--- a/net/ipv4/netfilter/ipt_rpfilter.c
+++ b/net/ipv4/netfilter/ipt_rpfilter.c
@@ -85,7 +85,7 @@ static bool rpfilter_mt(const struct sk_buff *skb, struct xt_action_param *par)
85 return ipv4_is_local_multicast(iph->daddr) ^ invert; 85 return ipv4_is_local_multicast(iph->daddr) ^ invert;
86 flow.flowi4_iif = 0; 86 flow.flowi4_iif = 0;
87 } else { 87 } else {
88 flow.flowi4_iif = dev_net(par->in)->loopback_dev->ifindex; 88 flow.flowi4_iif = LOOPBACK_IFINDEX;
89 } 89 }
90 90
91 flow.daddr = iph->saddr; 91 flow.daddr = iph->saddr;
diff --git a/net/ipv4/netfilter/iptable_filter.c b/net/ipv4/netfilter/iptable_filter.c
index 851acec852d2..6b3da5cf54e9 100644
--- a/net/ipv4/netfilter/iptable_filter.c
+++ b/net/ipv4/netfilter/iptable_filter.c
@@ -69,9 +69,7 @@ static int __net_init iptable_filter_net_init(struct net *net)
69 net->ipv4.iptable_filter = 69 net->ipv4.iptable_filter =
70 ipt_register_table(net, &packet_filter, repl); 70 ipt_register_table(net, &packet_filter, repl);
71 kfree(repl); 71 kfree(repl);
72 if (IS_ERR(net->ipv4.iptable_filter)) 72 return PTR_RET(net->ipv4.iptable_filter);
73 return PTR_ERR(net->ipv4.iptable_filter);
74 return 0;
75} 73}
76 74
77static void __net_exit iptable_filter_net_exit(struct net *net) 75static void __net_exit iptable_filter_net_exit(struct net *net)
@@ -96,14 +94,10 @@ static int __init iptable_filter_init(void)
96 filter_ops = xt_hook_link(&packet_filter, iptable_filter_hook); 94 filter_ops = xt_hook_link(&packet_filter, iptable_filter_hook);
97 if (IS_ERR(filter_ops)) { 95 if (IS_ERR(filter_ops)) {
98 ret = PTR_ERR(filter_ops); 96 ret = PTR_ERR(filter_ops);
99 goto cleanup_table; 97 unregister_pernet_subsys(&iptable_filter_net_ops);
100 } 98 }
101 99
102 return ret; 100 return ret;
103
104 cleanup_table:
105 unregister_pernet_subsys(&iptable_filter_net_ops);
106 return ret;
107} 101}
108 102
109static void __exit iptable_filter_fini(void) 103static void __exit iptable_filter_fini(void)
diff --git a/net/ipv4/netfilter/iptable_mangle.c b/net/ipv4/netfilter/iptable_mangle.c
index aef5d1fbe77d..85d88f206447 100644
--- a/net/ipv4/netfilter/iptable_mangle.c
+++ b/net/ipv4/netfilter/iptable_mangle.c
@@ -104,9 +104,7 @@ static int __net_init iptable_mangle_net_init(struct net *net)
104 net->ipv4.iptable_mangle = 104 net->ipv4.iptable_mangle =
105 ipt_register_table(net, &packet_mangler, repl); 105 ipt_register_table(net, &packet_mangler, repl);
106 kfree(repl); 106 kfree(repl);
107 if (IS_ERR(net->ipv4.iptable_mangle)) 107 return PTR_RET(net->ipv4.iptable_mangle);
108 return PTR_ERR(net->ipv4.iptable_mangle);
109 return 0;
110} 108}
111 109
112static void __net_exit iptable_mangle_net_exit(struct net *net) 110static void __net_exit iptable_mangle_net_exit(struct net *net)
@@ -131,14 +129,10 @@ static int __init iptable_mangle_init(void)
131 mangle_ops = xt_hook_link(&packet_mangler, iptable_mangle_hook); 129 mangle_ops = xt_hook_link(&packet_mangler, iptable_mangle_hook);
132 if (IS_ERR(mangle_ops)) { 130 if (IS_ERR(mangle_ops)) {
133 ret = PTR_ERR(mangle_ops); 131 ret = PTR_ERR(mangle_ops);
134 goto cleanup_table; 132 unregister_pernet_subsys(&iptable_mangle_net_ops);
135 } 133 }
136 134
137 return ret; 135 return ret;
138
139 cleanup_table:
140 unregister_pernet_subsys(&iptable_mangle_net_ops);
141 return ret;
142} 136}
143 137
144static void __exit iptable_mangle_fini(void) 138static void __exit iptable_mangle_fini(void)
diff --git a/net/ipv4/netfilter/nf_nat_standalone.c b/net/ipv4/netfilter/iptable_nat.c
index 3828a4229822..9e0ffaf1d942 100644
--- a/net/ipv4/netfilter/nf_nat_standalone.c
+++ b/net/ipv4/netfilter/iptable_nat.c
@@ -1,84 +1,71 @@
1/* (C) 1999-2001 Paul `Rusty' Russell 1/* (C) 1999-2001 Paul `Rusty' Russell
2 * (C) 2002-2006 Netfilter Core Team <coreteam@netfilter.org> 2 * (C) 2002-2006 Netfilter Core Team <coreteam@netfilter.org>
3 * (C) 2011 Patrick McHardy <kaber@trash.net>
3 * 4 *
4 * This program is free software; you can redistribute it and/or modify 5 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as 6 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation. 7 * published by the Free Software Foundation.
7 */ 8 */
8#include <linux/types.h> 9
9#include <linux/icmp.h> 10#include <linux/module.h>
10#include <linux/gfp.h>
11#include <linux/ip.h>
12#include <linux/netfilter.h> 11#include <linux/netfilter.h>
13#include <linux/netfilter_ipv4.h> 12#include <linux/netfilter_ipv4.h>
14#include <linux/module.h> 13#include <linux/netfilter_ipv4/ip_tables.h>
15#include <linux/skbuff.h> 14#include <linux/ip.h>
16#include <linux/proc_fs.h>
17#include <net/ip.h> 15#include <net/ip.h>
18#include <net/checksum.h>
19#include <linux/spinlock.h>
20 16
21#include <net/netfilter/nf_conntrack.h>
22#include <net/netfilter/nf_conntrack_core.h>
23#include <net/netfilter/nf_conntrack_extend.h>
24#include <net/netfilter/nf_nat.h> 17#include <net/netfilter/nf_nat.h>
25#include <net/netfilter/nf_nat_rule.h>
26#include <net/netfilter/nf_nat_protocol.h>
27#include <net/netfilter/nf_nat_core.h> 18#include <net/netfilter/nf_nat_core.h>
28#include <net/netfilter/nf_nat_helper.h> 19#include <net/netfilter/nf_nat_l3proto.h>
29#include <linux/netfilter_ipv4/ip_tables.h> 20
21static const struct xt_table nf_nat_ipv4_table = {
22 .name = "nat",
23 .valid_hooks = (1 << NF_INET_PRE_ROUTING) |
24 (1 << NF_INET_POST_ROUTING) |
25 (1 << NF_INET_LOCAL_OUT) |
26 (1 << NF_INET_LOCAL_IN),
27 .me = THIS_MODULE,
28 .af = NFPROTO_IPV4,
29};
30 30
31#ifdef CONFIG_XFRM 31static unsigned int alloc_null_binding(struct nf_conn *ct, unsigned int hooknum)
32static void nat_decode_session(struct sk_buff *skb, struct flowi *fl)
33{ 32{
34 struct flowi4 *fl4 = &fl->u.ip4; 33 /* Force range to this IP; let proto decide mapping for
35 const struct nf_conn *ct; 34 * per-proto parts (hence not IP_NAT_RANGE_PROTO_SPECIFIED).
36 const struct nf_conntrack_tuple *t; 35 */
37 enum ip_conntrack_info ctinfo; 36 struct nf_nat_range range;
38 enum ip_conntrack_dir dir; 37
39 unsigned long statusbit; 38 range.flags = 0;
40 39 pr_debug("Allocating NULL binding for %p (%pI4)\n", ct,
41 ct = nf_ct_get(skb, &ctinfo); 40 HOOK2MANIP(hooknum) == NF_NAT_MANIP_SRC ?
42 if (ct == NULL) 41 &ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u3.ip :
43 return; 42 &ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u3.ip);
44 dir = CTINFO2DIR(ctinfo); 43
45 t = &ct->tuplehash[dir].tuple; 44 return nf_nat_setup_info(ct, &range, HOOK2MANIP(hooknum));
46 45}
47 if (dir == IP_CT_DIR_ORIGINAL)
48 statusbit = IPS_DST_NAT;
49 else
50 statusbit = IPS_SRC_NAT;
51
52 if (ct->status & statusbit) {
53 fl4->daddr = t->dst.u3.ip;
54 if (t->dst.protonum == IPPROTO_TCP ||
55 t->dst.protonum == IPPROTO_UDP ||
56 t->dst.protonum == IPPROTO_UDPLITE ||
57 t->dst.protonum == IPPROTO_DCCP ||
58 t->dst.protonum == IPPROTO_SCTP)
59 fl4->fl4_dport = t->dst.u.tcp.port;
60 }
61 46
62 statusbit ^= IPS_NAT_MASK; 47static unsigned int nf_nat_rule_find(struct sk_buff *skb, unsigned int hooknum,
48 const struct net_device *in,
49 const struct net_device *out,
50 struct nf_conn *ct)
51{
52 struct net *net = nf_ct_net(ct);
53 unsigned int ret;
63 54
64 if (ct->status & statusbit) { 55 ret = ipt_do_table(skb, hooknum, in, out, net->ipv4.nat_table);
65 fl4->saddr = t->src.u3.ip; 56 if (ret == NF_ACCEPT) {
66 if (t->dst.protonum == IPPROTO_TCP || 57 if (!nf_nat_initialized(ct, HOOK2MANIP(hooknum)))
67 t->dst.protonum == IPPROTO_UDP || 58 ret = alloc_null_binding(ct, hooknum);
68 t->dst.protonum == IPPROTO_UDPLITE ||
69 t->dst.protonum == IPPROTO_DCCP ||
70 t->dst.protonum == IPPROTO_SCTP)
71 fl4->fl4_sport = t->src.u.tcp.port;
72 } 59 }
60 return ret;
73} 61}
74#endif
75 62
76static unsigned int 63static unsigned int
77nf_nat_fn(unsigned int hooknum, 64nf_nat_ipv4_fn(unsigned int hooknum,
78 struct sk_buff *skb, 65 struct sk_buff *skb,
79 const struct net_device *in, 66 const struct net_device *in,
80 const struct net_device *out, 67 const struct net_device *out,
81 int (*okfn)(struct sk_buff *)) 68 int (*okfn)(struct sk_buff *))
82{ 69{
83 struct nf_conn *ct; 70 struct nf_conn *ct;
84 enum ip_conntrack_info ctinfo; 71 enum ip_conntrack_info ctinfo;
@@ -87,14 +74,16 @@ nf_nat_fn(unsigned int hooknum,
87 enum nf_nat_manip_type maniptype = HOOK2MANIP(hooknum); 74 enum nf_nat_manip_type maniptype = HOOK2MANIP(hooknum);
88 75
89 /* We never see fragments: conntrack defrags on pre-routing 76 /* We never see fragments: conntrack defrags on pre-routing
90 and local-out, and nf_nat_out protects post-routing. */ 77 * and local-out, and nf_nat_out protects post-routing.
78 */
91 NF_CT_ASSERT(!ip_is_fragment(ip_hdr(skb))); 79 NF_CT_ASSERT(!ip_is_fragment(ip_hdr(skb)));
92 80
93 ct = nf_ct_get(skb, &ctinfo); 81 ct = nf_ct_get(skb, &ctinfo);
94 /* Can't track? It's not due to stress, or conntrack would 82 /* Can't track? It's not due to stress, or conntrack would
95 have dropped it. Hence it's the user's responsibilty to 83 * have dropped it. Hence it's the user's responsibilty to
96 packet filter it out, or implement conntrack/NAT for that 84 * packet filter it out, or implement conntrack/NAT for that
97 protocol. 8) --RR */ 85 * protocol. 8) --RR
86 */
98 if (!ct) 87 if (!ct)
99 return NF_ACCEPT; 88 return NF_ACCEPT;
100 89
@@ -118,17 +107,17 @@ nf_nat_fn(unsigned int hooknum,
118 case IP_CT_RELATED: 107 case IP_CT_RELATED:
119 case IP_CT_RELATED_REPLY: 108 case IP_CT_RELATED_REPLY:
120 if (ip_hdr(skb)->protocol == IPPROTO_ICMP) { 109 if (ip_hdr(skb)->protocol == IPPROTO_ICMP) {
121 if (!nf_nat_icmp_reply_translation(ct, ctinfo, 110 if (!nf_nat_icmp_reply_translation(skb, ct, ctinfo,
122 hooknum, skb)) 111 hooknum))
123 return NF_DROP; 112 return NF_DROP;
124 else 113 else
125 return NF_ACCEPT; 114 return NF_ACCEPT;
126 } 115 }
127 /* Fall thru... (Only ICMPs can be IP_CT_IS_REPLY) */ 116 /* Fall thru... (Only ICMPs can be IP_CT_IS_REPLY) */
128 case IP_CT_NEW: 117 case IP_CT_NEW:
129
130 /* Seen it before? This can happen for loopback, retrans, 118 /* Seen it before? This can happen for loopback, retrans,
131 or local packets.. */ 119 * or local packets.
120 */
132 if (!nf_nat_initialized(ct, maniptype)) { 121 if (!nf_nat_initialized(ct, maniptype)) {
133 unsigned int ret; 122 unsigned int ret;
134 123
@@ -151,16 +140,16 @@ nf_nat_fn(unsigned int hooknum,
151} 140}
152 141
153static unsigned int 142static unsigned int
154nf_nat_in(unsigned int hooknum, 143nf_nat_ipv4_in(unsigned int hooknum,
155 struct sk_buff *skb, 144 struct sk_buff *skb,
156 const struct net_device *in, 145 const struct net_device *in,
157 const struct net_device *out, 146 const struct net_device *out,
158 int (*okfn)(struct sk_buff *)) 147 int (*okfn)(struct sk_buff *))
159{ 148{
160 unsigned int ret; 149 unsigned int ret;
161 __be32 daddr = ip_hdr(skb)->daddr; 150 __be32 daddr = ip_hdr(skb)->daddr;
162 151
163 ret = nf_nat_fn(hooknum, skb, in, out, okfn); 152 ret = nf_nat_ipv4_fn(hooknum, skb, in, out, okfn);
164 if (ret != NF_DROP && ret != NF_STOLEN && 153 if (ret != NF_DROP && ret != NF_STOLEN &&
165 daddr != ip_hdr(skb)->daddr) 154 daddr != ip_hdr(skb)->daddr)
166 skb_dst_drop(skb); 155 skb_dst_drop(skb);
@@ -169,11 +158,11 @@ nf_nat_in(unsigned int hooknum,
169} 158}
170 159
171static unsigned int 160static unsigned int
172nf_nat_out(unsigned int hooknum, 161nf_nat_ipv4_out(unsigned int hooknum,
173 struct sk_buff *skb, 162 struct sk_buff *skb,
174 const struct net_device *in, 163 const struct net_device *in,
175 const struct net_device *out, 164 const struct net_device *out,
176 int (*okfn)(struct sk_buff *)) 165 int (*okfn)(struct sk_buff *))
177{ 166{
178#ifdef CONFIG_XFRM 167#ifdef CONFIG_XFRM
179 const struct nf_conn *ct; 168 const struct nf_conn *ct;
@@ -186,29 +175,30 @@ nf_nat_out(unsigned int hooknum,
186 ip_hdrlen(skb) < sizeof(struct iphdr)) 175 ip_hdrlen(skb) < sizeof(struct iphdr))
187 return NF_ACCEPT; 176 return NF_ACCEPT;
188 177
189 ret = nf_nat_fn(hooknum, skb, in, out, okfn); 178 ret = nf_nat_ipv4_fn(hooknum, skb, in, out, okfn);
190#ifdef CONFIG_XFRM 179#ifdef CONFIG_XFRM
191 if (ret != NF_DROP && ret != NF_STOLEN && 180 if (ret != NF_DROP && ret != NF_STOLEN &&
181 !(IPCB(skb)->flags & IPSKB_XFRM_TRANSFORMED) &&
192 (ct = nf_ct_get(skb, &ctinfo)) != NULL) { 182 (ct = nf_ct_get(skb, &ctinfo)) != NULL) {
193 enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo); 183 enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo);
194 184
195 if ((ct->tuplehash[dir].tuple.src.u3.ip != 185 if ((ct->tuplehash[dir].tuple.src.u3.ip !=
196 ct->tuplehash[!dir].tuple.dst.u3.ip) || 186 ct->tuplehash[!dir].tuple.dst.u3.ip) ||
197 (ct->tuplehash[dir].tuple.src.u.all != 187 (ct->tuplehash[dir].tuple.src.u.all !=
198 ct->tuplehash[!dir].tuple.dst.u.all) 188 ct->tuplehash[!dir].tuple.dst.u.all))
199 ) 189 if (nf_xfrm_me_harder(skb, AF_INET) < 0)
200 return ip_xfrm_me_harder(skb) == 0 ? ret : NF_DROP; 190 ret = NF_DROP;
201 } 191 }
202#endif 192#endif
203 return ret; 193 return ret;
204} 194}
205 195
206static unsigned int 196static unsigned int
207nf_nat_local_fn(unsigned int hooknum, 197nf_nat_ipv4_local_fn(unsigned int hooknum,
208 struct sk_buff *skb, 198 struct sk_buff *skb,
209 const struct net_device *in, 199 const struct net_device *in,
210 const struct net_device *out, 200 const struct net_device *out,
211 int (*okfn)(struct sk_buff *)) 201 int (*okfn)(struct sk_buff *))
212{ 202{
213 const struct nf_conn *ct; 203 const struct nf_conn *ct;
214 enum ip_conntrack_info ctinfo; 204 enum ip_conntrack_info ctinfo;
@@ -219,7 +209,7 @@ nf_nat_local_fn(unsigned int hooknum,
219 ip_hdrlen(skb) < sizeof(struct iphdr)) 209 ip_hdrlen(skb) < sizeof(struct iphdr))
220 return NF_ACCEPT; 210 return NF_ACCEPT;
221 211
222 ret = nf_nat_fn(hooknum, skb, in, out, okfn); 212 ret = nf_nat_ipv4_fn(hooknum, skb, in, out, okfn);
223 if (ret != NF_DROP && ret != NF_STOLEN && 213 if (ret != NF_DROP && ret != NF_STOLEN &&
224 (ct = nf_ct_get(skb, &ctinfo)) != NULL) { 214 (ct = nf_ct_get(skb, &ctinfo)) != NULL) {
225 enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo); 215 enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo);
@@ -230,21 +220,20 @@ nf_nat_local_fn(unsigned int hooknum,
230 ret = NF_DROP; 220 ret = NF_DROP;
231 } 221 }
232#ifdef CONFIG_XFRM 222#ifdef CONFIG_XFRM
233 else if (ct->tuplehash[dir].tuple.dst.u.all != 223 else if (!(IPCB(skb)->flags & IPSKB_XFRM_TRANSFORMED) &&
224 ct->tuplehash[dir].tuple.dst.u.all !=
234 ct->tuplehash[!dir].tuple.src.u.all) 225 ct->tuplehash[!dir].tuple.src.u.all)
235 if (ip_xfrm_me_harder(skb)) 226 if (nf_xfrm_me_harder(skb, AF_INET) < 0)
236 ret = NF_DROP; 227 ret = NF_DROP;
237#endif 228#endif
238 } 229 }
239 return ret; 230 return ret;
240} 231}
241 232
242/* We must be after connection tracking and before packet filtering. */ 233static struct nf_hook_ops nf_nat_ipv4_ops[] __read_mostly = {
243
244static struct nf_hook_ops nf_nat_ops[] __read_mostly = {
245 /* Before packet filtering, change destination */ 234 /* Before packet filtering, change destination */
246 { 235 {
247 .hook = nf_nat_in, 236 .hook = nf_nat_ipv4_in,
248 .owner = THIS_MODULE, 237 .owner = THIS_MODULE,
249 .pf = NFPROTO_IPV4, 238 .pf = NFPROTO_IPV4,
250 .hooknum = NF_INET_PRE_ROUTING, 239 .hooknum = NF_INET_PRE_ROUTING,
@@ -252,7 +241,7 @@ static struct nf_hook_ops nf_nat_ops[] __read_mostly = {
252 }, 241 },
253 /* After packet filtering, change source */ 242 /* After packet filtering, change source */
254 { 243 {
255 .hook = nf_nat_out, 244 .hook = nf_nat_ipv4_out,
256 .owner = THIS_MODULE, 245 .owner = THIS_MODULE,
257 .pf = NFPROTO_IPV4, 246 .pf = NFPROTO_IPV4,
258 .hooknum = NF_INET_POST_ROUTING, 247 .hooknum = NF_INET_POST_ROUTING,
@@ -260,7 +249,7 @@ static struct nf_hook_ops nf_nat_ops[] __read_mostly = {
260 }, 249 },
261 /* Before packet filtering, change destination */ 250 /* Before packet filtering, change destination */
262 { 251 {
263 .hook = nf_nat_local_fn, 252 .hook = nf_nat_ipv4_local_fn,
264 .owner = THIS_MODULE, 253 .owner = THIS_MODULE,
265 .pf = NFPROTO_IPV4, 254 .pf = NFPROTO_IPV4,
266 .hooknum = NF_INET_LOCAL_OUT, 255 .hooknum = NF_INET_LOCAL_OUT,
@@ -268,7 +257,7 @@ static struct nf_hook_ops nf_nat_ops[] __read_mostly = {
268 }, 257 },
269 /* After packet filtering, change source */ 258 /* After packet filtering, change source */
270 { 259 {
271 .hook = nf_nat_fn, 260 .hook = nf_nat_ipv4_fn,
272 .owner = THIS_MODULE, 261 .owner = THIS_MODULE,
273 .pf = NFPROTO_IPV4, 262 .pf = NFPROTO_IPV4,
274 .hooknum = NF_INET_LOCAL_IN, 263 .hooknum = NF_INET_LOCAL_IN,
@@ -276,51 +265,56 @@ static struct nf_hook_ops nf_nat_ops[] __read_mostly = {
276 }, 265 },
277}; 266};
278 267
279static int __init nf_nat_standalone_init(void) 268static int __net_init iptable_nat_net_init(struct net *net)
280{ 269{
281 int ret = 0; 270 struct ipt_replace *repl;
271
272 repl = ipt_alloc_initial_table(&nf_nat_ipv4_table);
273 if (repl == NULL)
274 return -ENOMEM;
275 net->ipv4.nat_table = ipt_register_table(net, &nf_nat_ipv4_table, repl);
276 kfree(repl);
277 if (IS_ERR(net->ipv4.nat_table))
278 return PTR_ERR(net->ipv4.nat_table);
279 return 0;
280}
282 281
283 need_ipv4_conntrack(); 282static void __net_exit iptable_nat_net_exit(struct net *net)
283{
284 ipt_unregister_table(net, net->ipv4.nat_table);
285}
284 286
285#ifdef CONFIG_XFRM 287static struct pernet_operations iptable_nat_net_ops = {
286 BUG_ON(ip_nat_decode_session != NULL); 288 .init = iptable_nat_net_init,
287 RCU_INIT_POINTER(ip_nat_decode_session, nat_decode_session); 289 .exit = iptable_nat_net_exit,
288#endif 290};
289 ret = nf_nat_rule_init();
290 if (ret < 0) {
291 pr_err("nf_nat_init: can't setup rules.\n");
292 goto cleanup_decode_session;
293 }
294 ret = nf_register_hooks(nf_nat_ops, ARRAY_SIZE(nf_nat_ops));
295 if (ret < 0) {
296 pr_err("nf_nat_init: can't register hooks.\n");
297 goto cleanup_rule_init;
298 }
299 return ret;
300 291
301 cleanup_rule_init: 292static int __init iptable_nat_init(void)
302 nf_nat_rule_cleanup(); 293{
303 cleanup_decode_session: 294 int err;
304#ifdef CONFIG_XFRM 295
305 RCU_INIT_POINTER(ip_nat_decode_session, NULL); 296 err = register_pernet_subsys(&iptable_nat_net_ops);
306 synchronize_net(); 297 if (err < 0)
307#endif 298 goto err1;
308 return ret; 299
300 err = nf_register_hooks(nf_nat_ipv4_ops, ARRAY_SIZE(nf_nat_ipv4_ops));
301 if (err < 0)
302 goto err2;
303 return 0;
304
305err2:
306 unregister_pernet_subsys(&iptable_nat_net_ops);
307err1:
308 return err;
309} 309}
310 310
311static void __exit nf_nat_standalone_fini(void) 311static void __exit iptable_nat_exit(void)
312{ 312{
313 nf_unregister_hooks(nf_nat_ops, ARRAY_SIZE(nf_nat_ops)); 313 nf_unregister_hooks(nf_nat_ipv4_ops, ARRAY_SIZE(nf_nat_ipv4_ops));
314 nf_nat_rule_cleanup(); 314 unregister_pernet_subsys(&iptable_nat_net_ops);
315#ifdef CONFIG_XFRM
316 RCU_INIT_POINTER(ip_nat_decode_session, NULL);
317 synchronize_net();
318#endif
319 /* Conntrack caches are unregistered in nf_conntrack_cleanup */
320} 315}
321 316
322module_init(nf_nat_standalone_init); 317module_init(iptable_nat_init);
323module_exit(nf_nat_standalone_fini); 318module_exit(iptable_nat_exit);
324 319
325MODULE_LICENSE("GPL"); 320MODULE_LICENSE("GPL");
326MODULE_ALIAS("ip_nat");
diff --git a/net/ipv4/netfilter/iptable_raw.c b/net/ipv4/netfilter/iptable_raw.c
index 07fb710cd722..03d9696d3c6e 100644
--- a/net/ipv4/netfilter/iptable_raw.c
+++ b/net/ipv4/netfilter/iptable_raw.c
@@ -48,9 +48,7 @@ static int __net_init iptable_raw_net_init(struct net *net)
48 net->ipv4.iptable_raw = 48 net->ipv4.iptable_raw =
49 ipt_register_table(net, &packet_raw, repl); 49 ipt_register_table(net, &packet_raw, repl);
50 kfree(repl); 50 kfree(repl);
51 if (IS_ERR(net->ipv4.iptable_raw)) 51 return PTR_RET(net->ipv4.iptable_raw);
52 return PTR_ERR(net->ipv4.iptable_raw);
53 return 0;
54} 52}
55 53
56static void __net_exit iptable_raw_net_exit(struct net *net) 54static void __net_exit iptable_raw_net_exit(struct net *net)
@@ -75,14 +73,10 @@ static int __init iptable_raw_init(void)
75 rawtable_ops = xt_hook_link(&packet_raw, iptable_raw_hook); 73 rawtable_ops = xt_hook_link(&packet_raw, iptable_raw_hook);
76 if (IS_ERR(rawtable_ops)) { 74 if (IS_ERR(rawtable_ops)) {
77 ret = PTR_ERR(rawtable_ops); 75 ret = PTR_ERR(rawtable_ops);
78 goto cleanup_table; 76 unregister_pernet_subsys(&iptable_raw_net_ops);
79 } 77 }
80 78
81 return ret; 79 return ret;
82
83 cleanup_table:
84 unregister_pernet_subsys(&iptable_raw_net_ops);
85 return ret;
86} 80}
87 81
88static void __exit iptable_raw_fini(void) 82static void __exit iptable_raw_fini(void)
diff --git a/net/ipv4/netfilter/iptable_security.c b/net/ipv4/netfilter/iptable_security.c
index be45bdc4c602..b283d8e2601a 100644
--- a/net/ipv4/netfilter/iptable_security.c
+++ b/net/ipv4/netfilter/iptable_security.c
@@ -66,10 +66,7 @@ static int __net_init iptable_security_net_init(struct net *net)
66 net->ipv4.iptable_security = 66 net->ipv4.iptable_security =
67 ipt_register_table(net, &security_table, repl); 67 ipt_register_table(net, &security_table, repl);
68 kfree(repl); 68 kfree(repl);
69 if (IS_ERR(net->ipv4.iptable_security)) 69 return PTR_RET(net->ipv4.iptable_security);
70 return PTR_ERR(net->ipv4.iptable_security);
71
72 return 0;
73} 70}
74 71
75static void __net_exit iptable_security_net_exit(struct net *net) 72static void __net_exit iptable_security_net_exit(struct net *net)
diff --git a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
index e7ff2dcab6ce..fcdd0c2406e6 100644
--- a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
+++ b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
@@ -29,11 +29,6 @@
29#include <net/netfilter/ipv4/nf_defrag_ipv4.h> 29#include <net/netfilter/ipv4/nf_defrag_ipv4.h>
30#include <net/netfilter/nf_log.h> 30#include <net/netfilter/nf_log.h>
31 31
32int (*nf_nat_seq_adjust_hook)(struct sk_buff *skb,
33 struct nf_conn *ct,
34 enum ip_conntrack_info ctinfo);
35EXPORT_SYMBOL_GPL(nf_nat_seq_adjust_hook);
36
37static bool ipv4_pkt_to_tuple(const struct sk_buff *skb, unsigned int nhoff, 32static bool ipv4_pkt_to_tuple(const struct sk_buff *skb, unsigned int nhoff,
38 struct nf_conntrack_tuple *tuple) 33 struct nf_conntrack_tuple *tuple)
39{ 34{
@@ -149,7 +144,8 @@ static unsigned int ipv4_confirm(unsigned int hooknum,
149 typeof(nf_nat_seq_adjust_hook) seq_adjust; 144 typeof(nf_nat_seq_adjust_hook) seq_adjust;
150 145
151 seq_adjust = rcu_dereference(nf_nat_seq_adjust_hook); 146 seq_adjust = rcu_dereference(nf_nat_seq_adjust_hook);
152 if (!seq_adjust || !seq_adjust(skb, ct, ctinfo)) { 147 if (!seq_adjust ||
148 !seq_adjust(skb, ct, ctinfo, ip_hdrlen(skb))) {
153 NF_CT_STAT_INC_ATOMIC(nf_ct_net(ct), drop); 149 NF_CT_STAT_INC_ATOMIC(nf_ct_net(ct), drop);
154 return NF_DROP; 150 return NF_DROP;
155 } 151 }
diff --git a/net/ipv4/netfilter/nf_nat_h323.c b/net/ipv4/netfilter/nf_nat_h323.c
index c6784a18c1c4..9c3db10b22d3 100644
--- a/net/ipv4/netfilter/nf_nat_h323.c
+++ b/net/ipv4/netfilter/nf_nat_h323.c
@@ -15,13 +15,12 @@
15 15
16#include <net/netfilter/nf_nat.h> 16#include <net/netfilter/nf_nat.h>
17#include <net/netfilter/nf_nat_helper.h> 17#include <net/netfilter/nf_nat_helper.h>
18#include <net/netfilter/nf_nat_rule.h>
19#include <net/netfilter/nf_conntrack_helper.h> 18#include <net/netfilter/nf_conntrack_helper.h>
20#include <net/netfilter/nf_conntrack_expect.h> 19#include <net/netfilter/nf_conntrack_expect.h>
21#include <linux/netfilter/nf_conntrack_h323.h> 20#include <linux/netfilter/nf_conntrack_h323.h>
22 21
23/****************************************************************************/ 22/****************************************************************************/
24static int set_addr(struct sk_buff *skb, 23static int set_addr(struct sk_buff *skb, unsigned int protoff,
25 unsigned char **data, int dataoff, 24 unsigned char **data, int dataoff,
26 unsigned int addroff, __be32 ip, __be16 port) 25 unsigned int addroff, __be32 ip, __be16 port)
27{ 26{
@@ -40,7 +39,7 @@ static int set_addr(struct sk_buff *skb,
40 39
41 if (ip_hdr(skb)->protocol == IPPROTO_TCP) { 40 if (ip_hdr(skb)->protocol == IPPROTO_TCP) {
42 if (!nf_nat_mangle_tcp_packet(skb, ct, ctinfo, 41 if (!nf_nat_mangle_tcp_packet(skb, ct, ctinfo,
43 addroff, sizeof(buf), 42 protoff, addroff, sizeof(buf),
44 (char *) &buf, sizeof(buf))) { 43 (char *) &buf, sizeof(buf))) {
45 net_notice_ratelimited("nf_nat_h323: nf_nat_mangle_tcp_packet error\n"); 44 net_notice_ratelimited("nf_nat_h323: nf_nat_mangle_tcp_packet error\n");
46 return -1; 45 return -1;
@@ -54,7 +53,7 @@ static int set_addr(struct sk_buff *skb,
54 *data = skb->data + ip_hdrlen(skb) + th->doff * 4 + dataoff; 53 *data = skb->data + ip_hdrlen(skb) + th->doff * 4 + dataoff;
55 } else { 54 } else {
56 if (!nf_nat_mangle_udp_packet(skb, ct, ctinfo, 55 if (!nf_nat_mangle_udp_packet(skb, ct, ctinfo,
57 addroff, sizeof(buf), 56 protoff, addroff, sizeof(buf),
58 (char *) &buf, sizeof(buf))) { 57 (char *) &buf, sizeof(buf))) {
59 net_notice_ratelimited("nf_nat_h323: nf_nat_mangle_udp_packet error\n"); 58 net_notice_ratelimited("nf_nat_h323: nf_nat_mangle_udp_packet error\n");
60 return -1; 59 return -1;
@@ -69,22 +68,22 @@ static int set_addr(struct sk_buff *skb,
69} 68}
70 69
71/****************************************************************************/ 70/****************************************************************************/
72static int set_h225_addr(struct sk_buff *skb, 71static int set_h225_addr(struct sk_buff *skb, unsigned int protoff,
73 unsigned char **data, int dataoff, 72 unsigned char **data, int dataoff,
74 TransportAddress *taddr, 73 TransportAddress *taddr,
75 union nf_inet_addr *addr, __be16 port) 74 union nf_inet_addr *addr, __be16 port)
76{ 75{
77 return set_addr(skb, data, dataoff, taddr->ipAddress.ip, 76 return set_addr(skb, protoff, data, dataoff, taddr->ipAddress.ip,
78 addr->ip, port); 77 addr->ip, port);
79} 78}
80 79
81/****************************************************************************/ 80/****************************************************************************/
82static int set_h245_addr(struct sk_buff *skb, 81static int set_h245_addr(struct sk_buff *skb, unsigned protoff,
83 unsigned char **data, int dataoff, 82 unsigned char **data, int dataoff,
84 H245_TransportAddress *taddr, 83 H245_TransportAddress *taddr,
85 union nf_inet_addr *addr, __be16 port) 84 union nf_inet_addr *addr, __be16 port)
86{ 85{
87 return set_addr(skb, data, dataoff, 86 return set_addr(skb, protoff, data, dataoff,
88 taddr->unicastAddress.iPAddress.network, 87 taddr->unicastAddress.iPAddress.network,
89 addr->ip, port); 88 addr->ip, port);
90} 89}
@@ -92,7 +91,7 @@ static int set_h245_addr(struct sk_buff *skb,
92/****************************************************************************/ 91/****************************************************************************/
93static int set_sig_addr(struct sk_buff *skb, struct nf_conn *ct, 92static int set_sig_addr(struct sk_buff *skb, struct nf_conn *ct,
94 enum ip_conntrack_info ctinfo, 93 enum ip_conntrack_info ctinfo,
95 unsigned char **data, 94 unsigned int protoff, unsigned char **data,
96 TransportAddress *taddr, int count) 95 TransportAddress *taddr, int count)
97{ 96{
98 const struct nf_ct_h323_master *info = nfct_help_data(ct); 97 const struct nf_ct_h323_master *info = nfct_help_data(ct);
@@ -118,7 +117,8 @@ static int set_sig_addr(struct sk_buff *skb, struct nf_conn *ct,
118 &addr.ip, port, 117 &addr.ip, port,
119 &ct->tuplehash[!dir].tuple.dst.u3.ip, 118 &ct->tuplehash[!dir].tuple.dst.u3.ip,
120 info->sig_port[!dir]); 119 info->sig_port[!dir]);
121 return set_h225_addr(skb, data, 0, &taddr[i], 120 return set_h225_addr(skb, protoff, data, 0,
121 &taddr[i],
122 &ct->tuplehash[!dir]. 122 &ct->tuplehash[!dir].
123 tuple.dst.u3, 123 tuple.dst.u3,
124 info->sig_port[!dir]); 124 info->sig_port[!dir]);
@@ -129,7 +129,8 @@ static int set_sig_addr(struct sk_buff *skb, struct nf_conn *ct,
129 &addr.ip, port, 129 &addr.ip, port,
130 &ct->tuplehash[!dir].tuple.src.u3.ip, 130 &ct->tuplehash[!dir].tuple.src.u3.ip,
131 info->sig_port[!dir]); 131 info->sig_port[!dir]);
132 return set_h225_addr(skb, data, 0, &taddr[i], 132 return set_h225_addr(skb, protoff, data, 0,
133 &taddr[i],
133 &ct->tuplehash[!dir]. 134 &ct->tuplehash[!dir].
134 tuple.src.u3, 135 tuple.src.u3,
135 info->sig_port[!dir]); 136 info->sig_port[!dir]);
@@ -143,7 +144,7 @@ static int set_sig_addr(struct sk_buff *skb, struct nf_conn *ct,
143/****************************************************************************/ 144/****************************************************************************/
144static int set_ras_addr(struct sk_buff *skb, struct nf_conn *ct, 145static int set_ras_addr(struct sk_buff *skb, struct nf_conn *ct,
145 enum ip_conntrack_info ctinfo, 146 enum ip_conntrack_info ctinfo,
146 unsigned char **data, 147 unsigned int protoff, unsigned char **data,
147 TransportAddress *taddr, int count) 148 TransportAddress *taddr, int count)
148{ 149{
149 int dir = CTINFO2DIR(ctinfo); 150 int dir = CTINFO2DIR(ctinfo);
@@ -159,7 +160,7 @@ static int set_ras_addr(struct sk_buff *skb, struct nf_conn *ct,
159 &addr.ip, ntohs(port), 160 &addr.ip, ntohs(port),
160 &ct->tuplehash[!dir].tuple.dst.u3.ip, 161 &ct->tuplehash[!dir].tuple.dst.u3.ip,
161 ntohs(ct->tuplehash[!dir].tuple.dst.u.udp.port)); 162 ntohs(ct->tuplehash[!dir].tuple.dst.u.udp.port));
162 return set_h225_addr(skb, data, 0, &taddr[i], 163 return set_h225_addr(skb, protoff, data, 0, &taddr[i],
163 &ct->tuplehash[!dir].tuple.dst.u3, 164 &ct->tuplehash[!dir].tuple.dst.u3,
164 ct->tuplehash[!dir].tuple. 165 ct->tuplehash[!dir].tuple.
165 dst.u.udp.port); 166 dst.u.udp.port);
@@ -172,7 +173,7 @@ static int set_ras_addr(struct sk_buff *skb, struct nf_conn *ct,
172/****************************************************************************/ 173/****************************************************************************/
173static int nat_rtp_rtcp(struct sk_buff *skb, struct nf_conn *ct, 174static int nat_rtp_rtcp(struct sk_buff *skb, struct nf_conn *ct,
174 enum ip_conntrack_info ctinfo, 175 enum ip_conntrack_info ctinfo,
175 unsigned char **data, int dataoff, 176 unsigned int protoff, unsigned char **data, int dataoff,
176 H245_TransportAddress *taddr, 177 H245_TransportAddress *taddr,
177 __be16 port, __be16 rtp_port, 178 __be16 port, __be16 rtp_port,
178 struct nf_conntrack_expect *rtp_exp, 179 struct nf_conntrack_expect *rtp_exp,
@@ -244,7 +245,7 @@ static int nat_rtp_rtcp(struct sk_buff *skb, struct nf_conn *ct,
244 } 245 }
245 246
246 /* Modify signal */ 247 /* Modify signal */
247 if (set_h245_addr(skb, data, dataoff, taddr, 248 if (set_h245_addr(skb, protoff, data, dataoff, taddr,
248 &ct->tuplehash[!dir].tuple.dst.u3, 249 &ct->tuplehash[!dir].tuple.dst.u3,
249 htons((port & htons(1)) ? nated_port + 1 : 250 htons((port & htons(1)) ? nated_port + 1 :
250 nated_port)) == 0) { 251 nated_port)) == 0) {
@@ -275,7 +276,7 @@ static int nat_rtp_rtcp(struct sk_buff *skb, struct nf_conn *ct,
275/****************************************************************************/ 276/****************************************************************************/
276static int nat_t120(struct sk_buff *skb, struct nf_conn *ct, 277static int nat_t120(struct sk_buff *skb, struct nf_conn *ct,
277 enum ip_conntrack_info ctinfo, 278 enum ip_conntrack_info ctinfo,
278 unsigned char **data, int dataoff, 279 unsigned int protoff, unsigned char **data, int dataoff,
279 H245_TransportAddress *taddr, __be16 port, 280 H245_TransportAddress *taddr, __be16 port,
280 struct nf_conntrack_expect *exp) 281 struct nf_conntrack_expect *exp)
281{ 282{
@@ -307,7 +308,7 @@ static int nat_t120(struct sk_buff *skb, struct nf_conn *ct,
307 } 308 }
308 309
309 /* Modify signal */ 310 /* Modify signal */
310 if (set_h245_addr(skb, data, dataoff, taddr, 311 if (set_h245_addr(skb, protoff, data, dataoff, taddr,
311 &ct->tuplehash[!dir].tuple.dst.u3, 312 &ct->tuplehash[!dir].tuple.dst.u3,
312 htons(nated_port)) < 0) { 313 htons(nated_port)) < 0) {
313 nf_ct_unexpect_related(exp); 314 nf_ct_unexpect_related(exp);
@@ -326,7 +327,7 @@ static int nat_t120(struct sk_buff *skb, struct nf_conn *ct,
326/****************************************************************************/ 327/****************************************************************************/
327static int nat_h245(struct sk_buff *skb, struct nf_conn *ct, 328static int nat_h245(struct sk_buff *skb, struct nf_conn *ct,
328 enum ip_conntrack_info ctinfo, 329 enum ip_conntrack_info ctinfo,
329 unsigned char **data, int dataoff, 330 unsigned int protoff, unsigned char **data, int dataoff,
330 TransportAddress *taddr, __be16 port, 331 TransportAddress *taddr, __be16 port,
331 struct nf_conntrack_expect *exp) 332 struct nf_conntrack_expect *exp)
332{ 333{
@@ -363,7 +364,7 @@ static int nat_h245(struct sk_buff *skb, struct nf_conn *ct,
363 } 364 }
364 365
365 /* Modify signal */ 366 /* Modify signal */
366 if (set_h225_addr(skb, data, dataoff, taddr, 367 if (set_h225_addr(skb, protoff, data, dataoff, taddr,
367 &ct->tuplehash[!dir].tuple.dst.u3, 368 &ct->tuplehash[!dir].tuple.dst.u3,
368 htons(nated_port)) == 0) { 369 htons(nated_port)) == 0) {
369 /* Save ports */ 370 /* Save ports */
@@ -390,7 +391,7 @@ static int nat_h245(struct sk_buff *skb, struct nf_conn *ct,
390static void ip_nat_q931_expect(struct nf_conn *new, 391static void ip_nat_q931_expect(struct nf_conn *new,
391 struct nf_conntrack_expect *this) 392 struct nf_conntrack_expect *this)
392{ 393{
393 struct nf_nat_ipv4_range range; 394 struct nf_nat_range range;
394 395
395 if (this->tuple.src.u3.ip != 0) { /* Only accept calls from GK */ 396 if (this->tuple.src.u3.ip != 0) { /* Only accept calls from GK */
396 nf_nat_follow_master(new, this); 397 nf_nat_follow_master(new, this);
@@ -402,21 +403,23 @@ static void ip_nat_q931_expect(struct nf_conn *new,
402 403
403 /* Change src to where master sends to */ 404 /* Change src to where master sends to */
404 range.flags = NF_NAT_RANGE_MAP_IPS; 405 range.flags = NF_NAT_RANGE_MAP_IPS;
405 range.min_ip = range.max_ip = new->tuplehash[!this->dir].tuple.src.u3.ip; 406 range.min_addr = range.max_addr =
407 new->tuplehash[!this->dir].tuple.src.u3;
406 nf_nat_setup_info(new, &range, NF_NAT_MANIP_SRC); 408 nf_nat_setup_info(new, &range, NF_NAT_MANIP_SRC);
407 409
408 /* For DST manip, map port here to where it's expected. */ 410 /* For DST manip, map port here to where it's expected. */
409 range.flags = (NF_NAT_RANGE_MAP_IPS | NF_NAT_RANGE_PROTO_SPECIFIED); 411 range.flags = (NF_NAT_RANGE_MAP_IPS | NF_NAT_RANGE_PROTO_SPECIFIED);
410 range.min = range.max = this->saved_proto; 412 range.min_proto = range.max_proto = this->saved_proto;
411 range.min_ip = range.max_ip = 413 range.min_addr = range.max_addr =
412 new->master->tuplehash[!this->dir].tuple.src.u3.ip; 414 new->master->tuplehash[!this->dir].tuple.src.u3;
413 nf_nat_setup_info(new, &range, NF_NAT_MANIP_DST); 415 nf_nat_setup_info(new, &range, NF_NAT_MANIP_DST);
414} 416}
415 417
416/****************************************************************************/ 418/****************************************************************************/
417static int nat_q931(struct sk_buff *skb, struct nf_conn *ct, 419static int nat_q931(struct sk_buff *skb, struct nf_conn *ct,
418 enum ip_conntrack_info ctinfo, 420 enum ip_conntrack_info ctinfo,
419 unsigned char **data, TransportAddress *taddr, int idx, 421 unsigned int protoff, unsigned char **data,
422 TransportAddress *taddr, int idx,
420 __be16 port, struct nf_conntrack_expect *exp) 423 __be16 port, struct nf_conntrack_expect *exp)
421{ 424{
422 struct nf_ct_h323_master *info = nfct_help_data(ct); 425 struct nf_ct_h323_master *info = nfct_help_data(ct);
@@ -453,7 +456,7 @@ static int nat_q931(struct sk_buff *skb, struct nf_conn *ct,
453 } 456 }
454 457
455 /* Modify signal */ 458 /* Modify signal */
456 if (set_h225_addr(skb, data, 0, &taddr[idx], 459 if (set_h225_addr(skb, protoff, data, 0, &taddr[idx],
457 &ct->tuplehash[!dir].tuple.dst.u3, 460 &ct->tuplehash[!dir].tuple.dst.u3,
458 htons(nated_port)) == 0) { 461 htons(nated_port)) == 0) {
459 /* Save ports */ 462 /* Save ports */
@@ -464,7 +467,7 @@ static int nat_q931(struct sk_buff *skb, struct nf_conn *ct,
464 if (idx > 0 && 467 if (idx > 0 &&
465 get_h225_addr(ct, *data, &taddr[0], &addr, &port) && 468 get_h225_addr(ct, *data, &taddr[0], &addr, &port) &&
466 (ntohl(addr.ip) & 0xff000000) == 0x7f000000) { 469 (ntohl(addr.ip) & 0xff000000) == 0x7f000000) {
467 set_h225_addr(skb, data, 0, &taddr[0], 470 set_h225_addr(skb, protoff, data, 0, &taddr[0],
468 &ct->tuplehash[!dir].tuple.dst.u3, 471 &ct->tuplehash[!dir].tuple.dst.u3,
469 info->sig_port[!dir]); 472 info->sig_port[!dir]);
470 } 473 }
@@ -487,26 +490,28 @@ static int nat_q931(struct sk_buff *skb, struct nf_conn *ct,
487static void ip_nat_callforwarding_expect(struct nf_conn *new, 490static void ip_nat_callforwarding_expect(struct nf_conn *new,
488 struct nf_conntrack_expect *this) 491 struct nf_conntrack_expect *this)
489{ 492{
490 struct nf_nat_ipv4_range range; 493 struct nf_nat_range range;
491 494
492 /* This must be a fresh one. */ 495 /* This must be a fresh one. */
493 BUG_ON(new->status & IPS_NAT_DONE_MASK); 496 BUG_ON(new->status & IPS_NAT_DONE_MASK);
494 497
495 /* Change src to where master sends to */ 498 /* Change src to where master sends to */
496 range.flags = NF_NAT_RANGE_MAP_IPS; 499 range.flags = NF_NAT_RANGE_MAP_IPS;
497 range.min_ip = range.max_ip = new->tuplehash[!this->dir].tuple.src.u3.ip; 500 range.min_addr = range.max_addr =
501 new->tuplehash[!this->dir].tuple.src.u3;
498 nf_nat_setup_info(new, &range, NF_NAT_MANIP_SRC); 502 nf_nat_setup_info(new, &range, NF_NAT_MANIP_SRC);
499 503
500 /* For DST manip, map port here to where it's expected. */ 504 /* For DST manip, map port here to where it's expected. */
501 range.flags = (NF_NAT_RANGE_MAP_IPS | NF_NAT_RANGE_PROTO_SPECIFIED); 505 range.flags = (NF_NAT_RANGE_MAP_IPS | NF_NAT_RANGE_PROTO_SPECIFIED);
502 range.min = range.max = this->saved_proto; 506 range.min_proto = range.max_proto = this->saved_proto;
503 range.min_ip = range.max_ip = this->saved_ip; 507 range.min_addr = range.max_addr = this->saved_addr;
504 nf_nat_setup_info(new, &range, NF_NAT_MANIP_DST); 508 nf_nat_setup_info(new, &range, NF_NAT_MANIP_DST);
505} 509}
506 510
507/****************************************************************************/ 511/****************************************************************************/
508static int nat_callforwarding(struct sk_buff *skb, struct nf_conn *ct, 512static int nat_callforwarding(struct sk_buff *skb, struct nf_conn *ct,
509 enum ip_conntrack_info ctinfo, 513 enum ip_conntrack_info ctinfo,
514 unsigned int protoff,
510 unsigned char **data, int dataoff, 515 unsigned char **data, int dataoff,
511 TransportAddress *taddr, __be16 port, 516 TransportAddress *taddr, __be16 port,
512 struct nf_conntrack_expect *exp) 517 struct nf_conntrack_expect *exp)
@@ -515,7 +520,7 @@ static int nat_callforwarding(struct sk_buff *skb, struct nf_conn *ct,
515 u_int16_t nated_port; 520 u_int16_t nated_port;
516 521
517 /* Set expectations for NAT */ 522 /* Set expectations for NAT */
518 exp->saved_ip = exp->tuple.dst.u3.ip; 523 exp->saved_addr = exp->tuple.dst.u3;
519 exp->tuple.dst.u3.ip = ct->tuplehash[!dir].tuple.dst.u3.ip; 524 exp->tuple.dst.u3.ip = ct->tuplehash[!dir].tuple.dst.u3.ip;
520 exp->saved_proto.tcp.port = exp->tuple.dst.u.tcp.port; 525 exp->saved_proto.tcp.port = exp->tuple.dst.u.tcp.port;
521 exp->expectfn = ip_nat_callforwarding_expect; 526 exp->expectfn = ip_nat_callforwarding_expect;
@@ -541,7 +546,7 @@ static int nat_callforwarding(struct sk_buff *skb, struct nf_conn *ct,
541 } 546 }
542 547
543 /* Modify signal */ 548 /* Modify signal */
544 if (!set_h225_addr(skb, data, dataoff, taddr, 549 if (!set_h225_addr(skb, protoff, data, dataoff, taddr,
545 &ct->tuplehash[!dir].tuple.dst.u3, 550 &ct->tuplehash[!dir].tuple.dst.u3,
546 htons(nated_port)) == 0) { 551 htons(nated_port)) == 0) {
547 nf_ct_unexpect_related(exp); 552 nf_ct_unexpect_related(exp);
diff --git a/net/ipv4/netfilter/nf_nat_l3proto_ipv4.c b/net/ipv4/netfilter/nf_nat_l3proto_ipv4.c
new file mode 100644
index 000000000000..d8b2e14efddc
--- /dev/null
+++ b/net/ipv4/netfilter/nf_nat_l3proto_ipv4.c
@@ -0,0 +1,281 @@
1/*
2 * (C) 1999-2001 Paul `Rusty' Russell
3 * (C) 2002-2006 Netfilter Core Team <coreteam@netfilter.org>
4 * (C) 2011 Patrick McHardy <kaber@trash.net>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 */
10
11#include <linux/types.h>
12#include <linux/module.h>
13#include <linux/skbuff.h>
14#include <linux/ip.h>
15#include <linux/icmp.h>
16#include <linux/netfilter.h>
17#include <linux/netfilter_ipv4.h>
18#include <net/secure_seq.h>
19#include <net/checksum.h>
20#include <net/route.h>
21#include <net/ip.h>
22
23#include <net/netfilter/nf_conntrack_core.h>
24#include <net/netfilter/nf_conntrack.h>
25#include <net/netfilter/nf_nat_core.h>
26#include <net/netfilter/nf_nat_l3proto.h>
27#include <net/netfilter/nf_nat_l4proto.h>
28
29static const struct nf_nat_l3proto nf_nat_l3proto_ipv4;
30
31#ifdef CONFIG_XFRM
32static void nf_nat_ipv4_decode_session(struct sk_buff *skb,
33 const struct nf_conn *ct,
34 enum ip_conntrack_dir dir,
35 unsigned long statusbit,
36 struct flowi *fl)
37{
38 const struct nf_conntrack_tuple *t = &ct->tuplehash[dir].tuple;
39 struct flowi4 *fl4 = &fl->u.ip4;
40
41 if (ct->status & statusbit) {
42 fl4->daddr = t->dst.u3.ip;
43 if (t->dst.protonum == IPPROTO_TCP ||
44 t->dst.protonum == IPPROTO_UDP ||
45 t->dst.protonum == IPPROTO_UDPLITE ||
46 t->dst.protonum == IPPROTO_DCCP ||
47 t->dst.protonum == IPPROTO_SCTP)
48 fl4->fl4_dport = t->dst.u.all;
49 }
50
51 statusbit ^= IPS_NAT_MASK;
52
53 if (ct->status & statusbit) {
54 fl4->saddr = t->src.u3.ip;
55 if (t->dst.protonum == IPPROTO_TCP ||
56 t->dst.protonum == IPPROTO_UDP ||
57 t->dst.protonum == IPPROTO_UDPLITE ||
58 t->dst.protonum == IPPROTO_DCCP ||
59 t->dst.protonum == IPPROTO_SCTP)
60 fl4->fl4_sport = t->src.u.all;
61 }
62}
63#endif /* CONFIG_XFRM */
64
65static bool nf_nat_ipv4_in_range(const struct nf_conntrack_tuple *t,
66 const struct nf_nat_range *range)
67{
68 return ntohl(t->src.u3.ip) >= ntohl(range->min_addr.ip) &&
69 ntohl(t->src.u3.ip) <= ntohl(range->max_addr.ip);
70}
71
72static u32 nf_nat_ipv4_secure_port(const struct nf_conntrack_tuple *t,
73 __be16 dport)
74{
75 return secure_ipv4_port_ephemeral(t->src.u3.ip, t->dst.u3.ip, dport);
76}
77
78static bool nf_nat_ipv4_manip_pkt(struct sk_buff *skb,
79 unsigned int iphdroff,
80 const struct nf_nat_l4proto *l4proto,
81 const struct nf_conntrack_tuple *target,
82 enum nf_nat_manip_type maniptype)
83{
84 struct iphdr *iph;
85 unsigned int hdroff;
86
87 if (!skb_make_writable(skb, iphdroff + sizeof(*iph)))
88 return false;
89
90 iph = (void *)skb->data + iphdroff;
91 hdroff = iphdroff + iph->ihl * 4;
92
93 if (!l4proto->manip_pkt(skb, &nf_nat_l3proto_ipv4, iphdroff, hdroff,
94 target, maniptype))
95 return false;
96 iph = (void *)skb->data + iphdroff;
97
98 if (maniptype == NF_NAT_MANIP_SRC) {
99 csum_replace4(&iph->check, iph->saddr, target->src.u3.ip);
100 iph->saddr = target->src.u3.ip;
101 } else {
102 csum_replace4(&iph->check, iph->daddr, target->dst.u3.ip);
103 iph->daddr = target->dst.u3.ip;
104 }
105 return true;
106}
107
108static void nf_nat_ipv4_csum_update(struct sk_buff *skb,
109 unsigned int iphdroff, __sum16 *check,
110 const struct nf_conntrack_tuple *t,
111 enum nf_nat_manip_type maniptype)
112{
113 struct iphdr *iph = (struct iphdr *)(skb->data + iphdroff);
114 __be32 oldip, newip;
115
116 if (maniptype == NF_NAT_MANIP_SRC) {
117 oldip = iph->saddr;
118 newip = t->src.u3.ip;
119 } else {
120 oldip = iph->daddr;
121 newip = t->dst.u3.ip;
122 }
123 inet_proto_csum_replace4(check, skb, oldip, newip, 1);
124}
125
126static void nf_nat_ipv4_csum_recalc(struct sk_buff *skb,
127 u8 proto, void *data, __sum16 *check,
128 int datalen, int oldlen)
129{
130 const struct iphdr *iph = ip_hdr(skb);
131 struct rtable *rt = skb_rtable(skb);
132
133 if (skb->ip_summed != CHECKSUM_PARTIAL) {
134 if (!(rt->rt_flags & RTCF_LOCAL) &&
135 (!skb->dev || skb->dev->features & NETIF_F_V4_CSUM)) {
136 skb->ip_summed = CHECKSUM_PARTIAL;
137 skb->csum_start = skb_headroom(skb) +
138 skb_network_offset(skb) +
139 ip_hdrlen(skb);
140 skb->csum_offset = (void *)check - data;
141 *check = ~csum_tcpudp_magic(iph->saddr, iph->daddr,
142 datalen, proto, 0);
143 } else {
144 *check = 0;
145 *check = csum_tcpudp_magic(iph->saddr, iph->daddr,
146 datalen, proto,
147 csum_partial(data, datalen,
148 0));
149 if (proto == IPPROTO_UDP && !*check)
150 *check = CSUM_MANGLED_0;
151 }
152 } else
153 inet_proto_csum_replace2(check, skb,
154 htons(oldlen), htons(datalen), 1);
155}
156
157static int nf_nat_ipv4_nlattr_to_range(struct nlattr *tb[],
158 struct nf_nat_range *range)
159{
160 if (tb[CTA_NAT_V4_MINIP]) {
161 range->min_addr.ip = nla_get_be32(tb[CTA_NAT_V4_MINIP]);
162 range->flags |= NF_NAT_RANGE_MAP_IPS;
163 }
164
165 if (tb[CTA_NAT_V4_MAXIP])
166 range->max_addr.ip = nla_get_be32(tb[CTA_NAT_V4_MAXIP]);
167 else
168 range->max_addr.ip = range->min_addr.ip;
169
170 return 0;
171}
172
173static const struct nf_nat_l3proto nf_nat_l3proto_ipv4 = {
174 .l3proto = NFPROTO_IPV4,
175 .in_range = nf_nat_ipv4_in_range,
176 .secure_port = nf_nat_ipv4_secure_port,
177 .manip_pkt = nf_nat_ipv4_manip_pkt,
178 .csum_update = nf_nat_ipv4_csum_update,
179 .csum_recalc = nf_nat_ipv4_csum_recalc,
180 .nlattr_to_range = nf_nat_ipv4_nlattr_to_range,
181#ifdef CONFIG_XFRM
182 .decode_session = nf_nat_ipv4_decode_session,
183#endif
184};
185
186int nf_nat_icmp_reply_translation(struct sk_buff *skb,
187 struct nf_conn *ct,
188 enum ip_conntrack_info ctinfo,
189 unsigned int hooknum)
190{
191 struct {
192 struct icmphdr icmp;
193 struct iphdr ip;
194 } *inside;
195 enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo);
196 enum nf_nat_manip_type manip = HOOK2MANIP(hooknum);
197 unsigned int hdrlen = ip_hdrlen(skb);
198 const struct nf_nat_l4proto *l4proto;
199 struct nf_conntrack_tuple target;
200 unsigned long statusbit;
201
202 NF_CT_ASSERT(ctinfo == IP_CT_RELATED || ctinfo == IP_CT_RELATED_REPLY);
203
204 if (!skb_make_writable(skb, hdrlen + sizeof(*inside)))
205 return 0;
206 if (nf_ip_checksum(skb, hooknum, hdrlen, 0))
207 return 0;
208
209 inside = (void *)skb->data + hdrlen;
210 if (inside->icmp.type == ICMP_REDIRECT) {
211 if ((ct->status & IPS_NAT_DONE_MASK) != IPS_NAT_DONE_MASK)
212 return 0;
213 if (ct->status & IPS_NAT_MASK)
214 return 0;
215 }
216
217 if (manip == NF_NAT_MANIP_SRC)
218 statusbit = IPS_SRC_NAT;
219 else
220 statusbit = IPS_DST_NAT;
221
222 /* Invert if this is reply direction */
223 if (dir == IP_CT_DIR_REPLY)
224 statusbit ^= IPS_NAT_MASK;
225
226 if (!(ct->status & statusbit))
227 return 1;
228
229 l4proto = __nf_nat_l4proto_find(NFPROTO_IPV4, inside->ip.protocol);
230 if (!nf_nat_ipv4_manip_pkt(skb, hdrlen + sizeof(inside->icmp),
231 l4proto, &ct->tuplehash[!dir].tuple, !manip))
232 return 0;
233
234 if (skb->ip_summed != CHECKSUM_PARTIAL) {
235 /* Reloading "inside" here since manip_pkt may reallocate */
236 inside = (void *)skb->data + hdrlen;
237 inside->icmp.checksum = 0;
238 inside->icmp.checksum =
239 csum_fold(skb_checksum(skb, hdrlen,
240 skb->len - hdrlen, 0));
241 }
242
243 /* Change outer to look like the reply to an incoming packet */
244 nf_ct_invert_tuplepr(&target, &ct->tuplehash[!dir].tuple);
245 l4proto = __nf_nat_l4proto_find(NFPROTO_IPV4, 0);
246 if (!nf_nat_ipv4_manip_pkt(skb, 0, l4proto, &target, manip))
247 return 0;
248
249 return 1;
250}
251EXPORT_SYMBOL_GPL(nf_nat_icmp_reply_translation);
252
253static int __init nf_nat_l3proto_ipv4_init(void)
254{
255 int err;
256
257 err = nf_nat_l4proto_register(NFPROTO_IPV4, &nf_nat_l4proto_icmp);
258 if (err < 0)
259 goto err1;
260 err = nf_nat_l3proto_register(&nf_nat_l3proto_ipv4);
261 if (err < 0)
262 goto err2;
263 return err;
264
265err2:
266 nf_nat_l4proto_unregister(NFPROTO_IPV4, &nf_nat_l4proto_icmp);
267err1:
268 return err;
269}
270
271static void __exit nf_nat_l3proto_ipv4_exit(void)
272{
273 nf_nat_l3proto_unregister(&nf_nat_l3proto_ipv4);
274 nf_nat_l4proto_unregister(NFPROTO_IPV4, &nf_nat_l4proto_icmp);
275}
276
277MODULE_LICENSE("GPL");
278MODULE_ALIAS("nf-nat-" __stringify(AF_INET));
279
280module_init(nf_nat_l3proto_ipv4_init);
281module_exit(nf_nat_l3proto_ipv4_exit);
diff --git a/net/ipv4/netfilter/nf_nat_pptp.c b/net/ipv4/netfilter/nf_nat_pptp.c
index 388140881ebe..a06d7d74817d 100644
--- a/net/ipv4/netfilter/nf_nat_pptp.c
+++ b/net/ipv4/netfilter/nf_nat_pptp.c
@@ -22,7 +22,6 @@
22 22
23#include <net/netfilter/nf_nat.h> 23#include <net/netfilter/nf_nat.h>
24#include <net/netfilter/nf_nat_helper.h> 24#include <net/netfilter/nf_nat_helper.h>
25#include <net/netfilter/nf_nat_rule.h>
26#include <net/netfilter/nf_conntrack_helper.h> 25#include <net/netfilter/nf_conntrack_helper.h>
27#include <net/netfilter/nf_conntrack_expect.h> 26#include <net/netfilter/nf_conntrack_expect.h>
28#include <net/netfilter/nf_conntrack_zones.h> 27#include <net/netfilter/nf_conntrack_zones.h>
@@ -47,7 +46,7 @@ static void pptp_nat_expected(struct nf_conn *ct,
47 struct nf_conntrack_tuple t; 46 struct nf_conntrack_tuple t;
48 const struct nf_ct_pptp_master *ct_pptp_info; 47 const struct nf_ct_pptp_master *ct_pptp_info;
49 const struct nf_nat_pptp *nat_pptp_info; 48 const struct nf_nat_pptp *nat_pptp_info;
50 struct nf_nat_ipv4_range range; 49 struct nf_nat_range range;
51 50
52 ct_pptp_info = nfct_help_data(master); 51 ct_pptp_info = nfct_help_data(master);
53 nat_pptp_info = &nfct_nat(master)->help.nat_pptp_info; 52 nat_pptp_info = &nfct_nat(master)->help.nat_pptp_info;
@@ -89,21 +88,21 @@ static void pptp_nat_expected(struct nf_conn *ct,
89 88
90 /* Change src to where master sends to */ 89 /* Change src to where master sends to */
91 range.flags = NF_NAT_RANGE_MAP_IPS; 90 range.flags = NF_NAT_RANGE_MAP_IPS;
92 range.min_ip = range.max_ip 91 range.min_addr = range.max_addr
93 = ct->master->tuplehash[!exp->dir].tuple.dst.u3.ip; 92 = ct->master->tuplehash[!exp->dir].tuple.dst.u3;
94 if (exp->dir == IP_CT_DIR_ORIGINAL) { 93 if (exp->dir == IP_CT_DIR_ORIGINAL) {
95 range.flags |= NF_NAT_RANGE_PROTO_SPECIFIED; 94 range.flags |= NF_NAT_RANGE_PROTO_SPECIFIED;
96 range.min = range.max = exp->saved_proto; 95 range.min_proto = range.max_proto = exp->saved_proto;
97 } 96 }
98 nf_nat_setup_info(ct, &range, NF_NAT_MANIP_SRC); 97 nf_nat_setup_info(ct, &range, NF_NAT_MANIP_SRC);
99 98
100 /* For DST manip, map port here to where it's expected. */ 99 /* For DST manip, map port here to where it's expected. */
101 range.flags = NF_NAT_RANGE_MAP_IPS; 100 range.flags = NF_NAT_RANGE_MAP_IPS;
102 range.min_ip = range.max_ip 101 range.min_addr = range.max_addr
103 = ct->master->tuplehash[!exp->dir].tuple.src.u3.ip; 102 = ct->master->tuplehash[!exp->dir].tuple.src.u3;
104 if (exp->dir == IP_CT_DIR_REPLY) { 103 if (exp->dir == IP_CT_DIR_REPLY) {
105 range.flags |= NF_NAT_RANGE_PROTO_SPECIFIED; 104 range.flags |= NF_NAT_RANGE_PROTO_SPECIFIED;
106 range.min = range.max = exp->saved_proto; 105 range.min_proto = range.max_proto = exp->saved_proto;
107 } 106 }
108 nf_nat_setup_info(ct, &range, NF_NAT_MANIP_DST); 107 nf_nat_setup_info(ct, &range, NF_NAT_MANIP_DST);
109} 108}
@@ -113,6 +112,7 @@ static int
113pptp_outbound_pkt(struct sk_buff *skb, 112pptp_outbound_pkt(struct sk_buff *skb,
114 struct nf_conn *ct, 113 struct nf_conn *ct,
115 enum ip_conntrack_info ctinfo, 114 enum ip_conntrack_info ctinfo,
115 unsigned int protoff,
116 struct PptpControlHeader *ctlh, 116 struct PptpControlHeader *ctlh,
117 union pptp_ctrl_union *pptpReq) 117 union pptp_ctrl_union *pptpReq)
118 118
@@ -175,7 +175,7 @@ pptp_outbound_pkt(struct sk_buff *skb,
175 ntohs(REQ_CID(pptpReq, cid_off)), ntohs(new_callid)); 175 ntohs(REQ_CID(pptpReq, cid_off)), ntohs(new_callid));
176 176
177 /* mangle packet */ 177 /* mangle packet */
178 if (nf_nat_mangle_tcp_packet(skb, ct, ctinfo, 178 if (nf_nat_mangle_tcp_packet(skb, ct, ctinfo, protoff,
179 cid_off + sizeof(struct pptp_pkt_hdr) + 179 cid_off + sizeof(struct pptp_pkt_hdr) +
180 sizeof(struct PptpControlHeader), 180 sizeof(struct PptpControlHeader),
181 sizeof(new_callid), (char *)&new_callid, 181 sizeof(new_callid), (char *)&new_callid,
@@ -216,6 +216,7 @@ static int
216pptp_inbound_pkt(struct sk_buff *skb, 216pptp_inbound_pkt(struct sk_buff *skb,
217 struct nf_conn *ct, 217 struct nf_conn *ct,
218 enum ip_conntrack_info ctinfo, 218 enum ip_conntrack_info ctinfo,
219 unsigned int protoff,
219 struct PptpControlHeader *ctlh, 220 struct PptpControlHeader *ctlh,
220 union pptp_ctrl_union *pptpReq) 221 union pptp_ctrl_union *pptpReq)
221{ 222{
@@ -268,7 +269,7 @@ pptp_inbound_pkt(struct sk_buff *skb,
268 pr_debug("altering peer call id from 0x%04x to 0x%04x\n", 269 pr_debug("altering peer call id from 0x%04x to 0x%04x\n",
269 ntohs(REQ_CID(pptpReq, pcid_off)), ntohs(new_pcid)); 270 ntohs(REQ_CID(pptpReq, pcid_off)), ntohs(new_pcid));
270 271
271 if (nf_nat_mangle_tcp_packet(skb, ct, ctinfo, 272 if (nf_nat_mangle_tcp_packet(skb, ct, ctinfo, protoff,
272 pcid_off + sizeof(struct pptp_pkt_hdr) + 273 pcid_off + sizeof(struct pptp_pkt_hdr) +
273 sizeof(struct PptpControlHeader), 274 sizeof(struct PptpControlHeader),
274 sizeof(new_pcid), (char *)&new_pcid, 275 sizeof(new_pcid), (char *)&new_pcid,
diff --git a/net/ipv4/netfilter/nf_nat_proto_gre.c b/net/ipv4/netfilter/nf_nat_proto_gre.c
index 46ba0b9ab985..ea44f02563b5 100644
--- a/net/ipv4/netfilter/nf_nat_proto_gre.c
+++ b/net/ipv4/netfilter/nf_nat_proto_gre.c
@@ -28,8 +28,7 @@
28#include <linux/ip.h> 28#include <linux/ip.h>
29 29
30#include <net/netfilter/nf_nat.h> 30#include <net/netfilter/nf_nat.h>
31#include <net/netfilter/nf_nat_rule.h> 31#include <net/netfilter/nf_nat_l4proto.h>
32#include <net/netfilter/nf_nat_protocol.h>
33#include <linux/netfilter/nf_conntrack_proto_gre.h> 32#include <linux/netfilter/nf_conntrack_proto_gre.h>
34 33
35MODULE_LICENSE("GPL"); 34MODULE_LICENSE("GPL");
@@ -38,8 +37,9 @@ MODULE_DESCRIPTION("Netfilter NAT protocol helper module for GRE");
38 37
39/* generate unique tuple ... */ 38/* generate unique tuple ... */
40static void 39static void
41gre_unique_tuple(struct nf_conntrack_tuple *tuple, 40gre_unique_tuple(const struct nf_nat_l3proto *l3proto,
42 const struct nf_nat_ipv4_range *range, 41 struct nf_conntrack_tuple *tuple,
42 const struct nf_nat_range *range,
43 enum nf_nat_manip_type maniptype, 43 enum nf_nat_manip_type maniptype,
44 const struct nf_conn *ct) 44 const struct nf_conn *ct)
45{ 45{
@@ -62,8 +62,8 @@ gre_unique_tuple(struct nf_conntrack_tuple *tuple,
62 min = 1; 62 min = 1;
63 range_size = 0xffff; 63 range_size = 0xffff;
64 } else { 64 } else {
65 min = ntohs(range->min.gre.key); 65 min = ntohs(range->min_proto.gre.key);
66 range_size = ntohs(range->max.gre.key) - min + 1; 66 range_size = ntohs(range->max_proto.gre.key) - min + 1;
67 } 67 }
68 68
69 pr_debug("min = %u, range_size = %u\n", min, range_size); 69 pr_debug("min = %u, range_size = %u\n", min, range_size);
@@ -80,14 +80,14 @@ gre_unique_tuple(struct nf_conntrack_tuple *tuple,
80 80
81/* manipulate a GRE packet according to maniptype */ 81/* manipulate a GRE packet according to maniptype */
82static bool 82static bool
83gre_manip_pkt(struct sk_buff *skb, unsigned int iphdroff, 83gre_manip_pkt(struct sk_buff *skb,
84 const struct nf_nat_l3proto *l3proto,
85 unsigned int iphdroff, unsigned int hdroff,
84 const struct nf_conntrack_tuple *tuple, 86 const struct nf_conntrack_tuple *tuple,
85 enum nf_nat_manip_type maniptype) 87 enum nf_nat_manip_type maniptype)
86{ 88{
87 const struct gre_hdr *greh; 89 const struct gre_hdr *greh;
88 struct gre_hdr_pptp *pgreh; 90 struct gre_hdr_pptp *pgreh;
89 const struct iphdr *iph = (struct iphdr *)(skb->data + iphdroff);
90 unsigned int hdroff = iphdroff + iph->ihl * 4;
91 91
92 /* pgreh includes two optional 32bit fields which are not required 92 /* pgreh includes two optional 32bit fields which are not required
93 * to be there. That's where the magic '8' comes from */ 93 * to be there. That's where the magic '8' comes from */
@@ -117,24 +117,24 @@ gre_manip_pkt(struct sk_buff *skb, unsigned int iphdroff,
117 return true; 117 return true;
118} 118}
119 119
120static const struct nf_nat_protocol gre = { 120static const struct nf_nat_l4proto gre = {
121 .protonum = IPPROTO_GRE, 121 .l4proto = IPPROTO_GRE,
122 .manip_pkt = gre_manip_pkt, 122 .manip_pkt = gre_manip_pkt,
123 .in_range = nf_nat_proto_in_range, 123 .in_range = nf_nat_l4proto_in_range,
124 .unique_tuple = gre_unique_tuple, 124 .unique_tuple = gre_unique_tuple,
125#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) 125#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
126 .nlattr_to_range = nf_nat_proto_nlattr_to_range, 126 .nlattr_to_range = nf_nat_l4proto_nlattr_to_range,
127#endif 127#endif
128}; 128};
129 129
130static int __init nf_nat_proto_gre_init(void) 130static int __init nf_nat_proto_gre_init(void)
131{ 131{
132 return nf_nat_protocol_register(&gre); 132 return nf_nat_l4proto_register(NFPROTO_IPV4, &gre);
133} 133}
134 134
135static void __exit nf_nat_proto_gre_fini(void) 135static void __exit nf_nat_proto_gre_fini(void)
136{ 136{
137 nf_nat_protocol_unregister(&gre); 137 nf_nat_l4proto_unregister(NFPROTO_IPV4, &gre);
138} 138}
139 139
140module_init(nf_nat_proto_gre_init); 140module_init(nf_nat_proto_gre_init);
diff --git a/net/ipv4/netfilter/nf_nat_proto_icmp.c b/net/ipv4/netfilter/nf_nat_proto_icmp.c
index b35172851bae..eb303471bcf6 100644
--- a/net/ipv4/netfilter/nf_nat_proto_icmp.c
+++ b/net/ipv4/netfilter/nf_nat_proto_icmp.c
@@ -15,8 +15,7 @@
15#include <linux/netfilter.h> 15#include <linux/netfilter.h>
16#include <net/netfilter/nf_nat.h> 16#include <net/netfilter/nf_nat.h>
17#include <net/netfilter/nf_nat_core.h> 17#include <net/netfilter/nf_nat_core.h>
18#include <net/netfilter/nf_nat_rule.h> 18#include <net/netfilter/nf_nat_l4proto.h>
19#include <net/netfilter/nf_nat_protocol.h>
20 19
21static bool 20static bool
22icmp_in_range(const struct nf_conntrack_tuple *tuple, 21icmp_in_range(const struct nf_conntrack_tuple *tuple,
@@ -29,8 +28,9 @@ icmp_in_range(const struct nf_conntrack_tuple *tuple,
29} 28}
30 29
31static void 30static void
32icmp_unique_tuple(struct nf_conntrack_tuple *tuple, 31icmp_unique_tuple(const struct nf_nat_l3proto *l3proto,
33 const struct nf_nat_ipv4_range *range, 32 struct nf_conntrack_tuple *tuple,
33 const struct nf_nat_range *range,
34 enum nf_nat_manip_type maniptype, 34 enum nf_nat_manip_type maniptype,
35 const struct nf_conn *ct) 35 const struct nf_conn *ct)
36{ 36{
@@ -38,13 +38,14 @@ icmp_unique_tuple(struct nf_conntrack_tuple *tuple,
38 unsigned int range_size; 38 unsigned int range_size;
39 unsigned int i; 39 unsigned int i;
40 40
41 range_size = ntohs(range->max.icmp.id) - ntohs(range->min.icmp.id) + 1; 41 range_size = ntohs(range->max_proto.icmp.id) -
42 ntohs(range->min_proto.icmp.id) + 1;
42 /* If no range specified... */ 43 /* If no range specified... */
43 if (!(range->flags & NF_NAT_RANGE_PROTO_SPECIFIED)) 44 if (!(range->flags & NF_NAT_RANGE_PROTO_SPECIFIED))
44 range_size = 0xFFFF; 45 range_size = 0xFFFF;
45 46
46 for (i = 0; ; ++id) { 47 for (i = 0; ; ++id) {
47 tuple->src.u.icmp.id = htons(ntohs(range->min.icmp.id) + 48 tuple->src.u.icmp.id = htons(ntohs(range->min_proto.icmp.id) +
48 (id % range_size)); 49 (id % range_size));
49 if (++i == range_size || !nf_nat_used_tuple(tuple, ct)) 50 if (++i == range_size || !nf_nat_used_tuple(tuple, ct))
50 return; 51 return;
@@ -54,13 +55,12 @@ icmp_unique_tuple(struct nf_conntrack_tuple *tuple,
54 55
55static bool 56static bool
56icmp_manip_pkt(struct sk_buff *skb, 57icmp_manip_pkt(struct sk_buff *skb,
57 unsigned int iphdroff, 58 const struct nf_nat_l3proto *l3proto,
59 unsigned int iphdroff, unsigned int hdroff,
58 const struct nf_conntrack_tuple *tuple, 60 const struct nf_conntrack_tuple *tuple,
59 enum nf_nat_manip_type maniptype) 61 enum nf_nat_manip_type maniptype)
60{ 62{
61 const struct iphdr *iph = (struct iphdr *)(skb->data + iphdroff);
62 struct icmphdr *hdr; 63 struct icmphdr *hdr;
63 unsigned int hdroff = iphdroff + iph->ihl*4;
64 64
65 if (!skb_make_writable(skb, hdroff + sizeof(*hdr))) 65 if (!skb_make_writable(skb, hdroff + sizeof(*hdr)))
66 return false; 66 return false;
@@ -72,12 +72,12 @@ icmp_manip_pkt(struct sk_buff *skb,
72 return true; 72 return true;
73} 73}
74 74
75const struct nf_nat_protocol nf_nat_protocol_icmp = { 75const struct nf_nat_l4proto nf_nat_l4proto_icmp = {
76 .protonum = IPPROTO_ICMP, 76 .l4proto = IPPROTO_ICMP,
77 .manip_pkt = icmp_manip_pkt, 77 .manip_pkt = icmp_manip_pkt,
78 .in_range = icmp_in_range, 78 .in_range = icmp_in_range,
79 .unique_tuple = icmp_unique_tuple, 79 .unique_tuple = icmp_unique_tuple,
80#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) 80#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
81 .nlattr_to_range = nf_nat_proto_nlattr_to_range, 81 .nlattr_to_range = nf_nat_l4proto_nlattr_to_range,
82#endif 82#endif
83}; 83};
diff --git a/net/ipv4/netfilter/nf_nat_rule.c b/net/ipv4/netfilter/nf_nat_rule.c
deleted file mode 100644
index d2a9dc314e0e..000000000000
--- a/net/ipv4/netfilter/nf_nat_rule.c
+++ /dev/null
@@ -1,214 +0,0 @@
1/* (C) 1999-2001 Paul `Rusty' Russell
2 * (C) 2002-2006 Netfilter Core Team <coreteam@netfilter.org>
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
7 */
8
9/* Everything about the rules for NAT. */
10#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
11#include <linux/types.h>
12#include <linux/ip.h>
13#include <linux/netfilter.h>
14#include <linux/netfilter_ipv4.h>
15#include <linux/module.h>
16#include <linux/kmod.h>
17#include <linux/skbuff.h>
18#include <linux/proc_fs.h>
19#include <linux/slab.h>
20#include <net/checksum.h>
21#include <net/route.h>
22#include <linux/bitops.h>
23
24#include <linux/netfilter_ipv4/ip_tables.h>
25#include <net/netfilter/nf_nat.h>
26#include <net/netfilter/nf_nat_core.h>
27#include <net/netfilter/nf_nat_rule.h>
28
29#define NAT_VALID_HOOKS ((1 << NF_INET_PRE_ROUTING) | \
30 (1 << NF_INET_POST_ROUTING) | \
31 (1 << NF_INET_LOCAL_OUT) | \
32 (1 << NF_INET_LOCAL_IN))
33
34static const struct xt_table nat_table = {
35 .name = "nat",
36 .valid_hooks = NAT_VALID_HOOKS,
37 .me = THIS_MODULE,
38 .af = NFPROTO_IPV4,
39};
40
41/* Source NAT */
42static unsigned int
43ipt_snat_target(struct sk_buff *skb, const struct xt_action_param *par)
44{
45 struct nf_conn *ct;
46 enum ip_conntrack_info ctinfo;
47 const struct nf_nat_ipv4_multi_range_compat *mr = par->targinfo;
48
49 NF_CT_ASSERT(par->hooknum == NF_INET_POST_ROUTING ||
50 par->hooknum == NF_INET_LOCAL_IN);
51
52 ct = nf_ct_get(skb, &ctinfo);
53
54 /* Connection must be valid and new. */
55 NF_CT_ASSERT(ct && (ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED ||
56 ctinfo == IP_CT_RELATED_REPLY));
57 NF_CT_ASSERT(par->out != NULL);
58
59 return nf_nat_setup_info(ct, &mr->range[0], NF_NAT_MANIP_SRC);
60}
61
62static unsigned int
63ipt_dnat_target(struct sk_buff *skb, const struct xt_action_param *par)
64{
65 struct nf_conn *ct;
66 enum ip_conntrack_info ctinfo;
67 const struct nf_nat_ipv4_multi_range_compat *mr = par->targinfo;
68
69 NF_CT_ASSERT(par->hooknum == NF_INET_PRE_ROUTING ||
70 par->hooknum == NF_INET_LOCAL_OUT);
71
72 ct = nf_ct_get(skb, &ctinfo);
73
74 /* Connection must be valid and new. */
75 NF_CT_ASSERT(ct && (ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED));
76
77 return nf_nat_setup_info(ct, &mr->range[0], NF_NAT_MANIP_DST);
78}
79
80static int ipt_snat_checkentry(const struct xt_tgchk_param *par)
81{
82 const struct nf_nat_ipv4_multi_range_compat *mr = par->targinfo;
83
84 /* Must be a valid range */
85 if (mr->rangesize != 1) {
86 pr_info("SNAT: multiple ranges no longer supported\n");
87 return -EINVAL;
88 }
89 return 0;
90}
91
92static int ipt_dnat_checkentry(const struct xt_tgchk_param *par)
93{
94 const struct nf_nat_ipv4_multi_range_compat *mr = par->targinfo;
95
96 /* Must be a valid range */
97 if (mr->rangesize != 1) {
98 pr_info("DNAT: multiple ranges no longer supported\n");
99 return -EINVAL;
100 }
101 return 0;
102}
103
104static unsigned int
105alloc_null_binding(struct nf_conn *ct, unsigned int hooknum)
106{
107 /* Force range to this IP; let proto decide mapping for
108 per-proto parts (hence not NF_NAT_RANGE_PROTO_SPECIFIED).
109 */
110 struct nf_nat_ipv4_range range;
111
112 range.flags = 0;
113 pr_debug("Allocating NULL binding for %p (%pI4)\n", ct,
114 HOOK2MANIP(hooknum) == NF_NAT_MANIP_SRC ?
115 &ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u3.ip :
116 &ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u3.ip);
117
118 return nf_nat_setup_info(ct, &range, HOOK2MANIP(hooknum));
119}
120
121int nf_nat_rule_find(struct sk_buff *skb,
122 unsigned int hooknum,
123 const struct net_device *in,
124 const struct net_device *out,
125 struct nf_conn *ct)
126{
127 struct net *net = nf_ct_net(ct);
128 int ret;
129
130 ret = ipt_do_table(skb, hooknum, in, out, net->ipv4.nat_table);
131
132 if (ret == NF_ACCEPT) {
133 if (!nf_nat_initialized(ct, HOOK2MANIP(hooknum)))
134 /* NUL mapping */
135 ret = alloc_null_binding(ct, hooknum);
136 }
137 return ret;
138}
139
140static struct xt_target ipt_snat_reg __read_mostly = {
141 .name = "SNAT",
142 .target = ipt_snat_target,
143 .targetsize = sizeof(struct nf_nat_ipv4_multi_range_compat),
144 .table = "nat",
145 .hooks = (1 << NF_INET_POST_ROUTING) | (1 << NF_INET_LOCAL_IN),
146 .checkentry = ipt_snat_checkentry,
147 .family = AF_INET,
148};
149
150static struct xt_target ipt_dnat_reg __read_mostly = {
151 .name = "DNAT",
152 .target = ipt_dnat_target,
153 .targetsize = sizeof(struct nf_nat_ipv4_multi_range_compat),
154 .table = "nat",
155 .hooks = (1 << NF_INET_PRE_ROUTING) | (1 << NF_INET_LOCAL_OUT),
156 .checkentry = ipt_dnat_checkentry,
157 .family = AF_INET,
158};
159
160static int __net_init nf_nat_rule_net_init(struct net *net)
161{
162 struct ipt_replace *repl;
163
164 repl = ipt_alloc_initial_table(&nat_table);
165 if (repl == NULL)
166 return -ENOMEM;
167 net->ipv4.nat_table = ipt_register_table(net, &nat_table, repl);
168 kfree(repl);
169 if (IS_ERR(net->ipv4.nat_table))
170 return PTR_ERR(net->ipv4.nat_table);
171 return 0;
172}
173
174static void __net_exit nf_nat_rule_net_exit(struct net *net)
175{
176 ipt_unregister_table(net, net->ipv4.nat_table);
177}
178
179static struct pernet_operations nf_nat_rule_net_ops = {
180 .init = nf_nat_rule_net_init,
181 .exit = nf_nat_rule_net_exit,
182};
183
184int __init nf_nat_rule_init(void)
185{
186 int ret;
187
188 ret = register_pernet_subsys(&nf_nat_rule_net_ops);
189 if (ret != 0)
190 goto out;
191 ret = xt_register_target(&ipt_snat_reg);
192 if (ret != 0)
193 goto unregister_table;
194
195 ret = xt_register_target(&ipt_dnat_reg);
196 if (ret != 0)
197 goto unregister_snat;
198
199 return ret;
200
201 unregister_snat:
202 xt_unregister_target(&ipt_snat_reg);
203 unregister_table:
204 unregister_pernet_subsys(&nf_nat_rule_net_ops);
205 out:
206 return ret;
207}
208
209void nf_nat_rule_cleanup(void)
210{
211 xt_unregister_target(&ipt_dnat_reg);
212 xt_unregister_target(&ipt_snat_reg);
213 unregister_pernet_subsys(&nf_nat_rule_net_ops);
214}
diff --git a/net/ipv4/proc.c b/net/ipv4/proc.c
index 957acd12250b..8de53e1ddd54 100644
--- a/net/ipv4/proc.c
+++ b/net/ipv4/proc.c
@@ -263,6 +263,10 @@ static const struct snmp_mib snmp4_net_list[] = {
263 SNMP_MIB_ITEM("TCPChallengeACK", LINUX_MIB_TCPCHALLENGEACK), 263 SNMP_MIB_ITEM("TCPChallengeACK", LINUX_MIB_TCPCHALLENGEACK),
264 SNMP_MIB_ITEM("TCPSYNChallenge", LINUX_MIB_TCPSYNCHALLENGE), 264 SNMP_MIB_ITEM("TCPSYNChallenge", LINUX_MIB_TCPSYNCHALLENGE),
265 SNMP_MIB_ITEM("TCPFastOpenActive", LINUX_MIB_TCPFASTOPENACTIVE), 265 SNMP_MIB_ITEM("TCPFastOpenActive", LINUX_MIB_TCPFASTOPENACTIVE),
266 SNMP_MIB_ITEM("TCPFastOpenPassive", LINUX_MIB_TCPFASTOPENPASSIVE),
267 SNMP_MIB_ITEM("TCPFastOpenPassiveFail", LINUX_MIB_TCPFASTOPENPASSIVEFAIL),
268 SNMP_MIB_ITEM("TCPFastOpenListenOverflow", LINUX_MIB_TCPFASTOPENLISTENOVERFLOW),
269 SNMP_MIB_ITEM("TCPFastOpenCookieReqd", LINUX_MIB_TCPFASTOPENCOOKIEREQD),
266 SNMP_MIB_SENTINEL 270 SNMP_MIB_SENTINEL
267}; 271};
268 272
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index fd9af60397b5..ff622069fcef 100644
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -1111,10 +1111,7 @@ static unsigned int ipv4_mtu(const struct dst_entry *dst)
1111 const struct rtable *rt = (const struct rtable *) dst; 1111 const struct rtable *rt = (const struct rtable *) dst;
1112 unsigned int mtu = rt->rt_pmtu; 1112 unsigned int mtu = rt->rt_pmtu;
1113 1113
1114 if (mtu && time_after_eq(jiffies, rt->dst.expires)) 1114 if (!mtu || time_after_eq(jiffies, rt->dst.expires))
1115 mtu = 0;
1116
1117 if (!mtu)
1118 mtu = dst_metric_raw(dst, RTAX_MTU); 1115 mtu = dst_metric_raw(dst, RTAX_MTU);
1119 1116
1120 if (mtu && rt_is_output_route(rt)) 1117 if (mtu && rt_is_output_route(rt))
@@ -1566,11 +1563,14 @@ static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr,
1566 if (ipv4_is_zeronet(daddr)) 1563 if (ipv4_is_zeronet(daddr))
1567 goto martian_destination; 1564 goto martian_destination;
1568 1565
1569 if (likely(!IN_DEV_ROUTE_LOCALNET(in_dev))) { 1566 /* Following code try to avoid calling IN_DEV_NET_ROUTE_LOCALNET(),
1570 if (ipv4_is_loopback(daddr)) 1567 * and call it once if daddr or/and saddr are loopback addresses
1568 */
1569 if (ipv4_is_loopback(daddr)) {
1570 if (!IN_DEV_NET_ROUTE_LOCALNET(in_dev, net))
1571 goto martian_destination; 1571 goto martian_destination;
1572 1572 } else if (ipv4_is_loopback(saddr)) {
1573 if (ipv4_is_loopback(saddr)) 1573 if (!IN_DEV_NET_ROUTE_LOCALNET(in_dev, net))
1574 goto martian_source; 1574 goto martian_source;
1575 } 1575 }
1576 1576
@@ -1595,7 +1595,7 @@ static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr,
1595 1595
1596 if (res.type == RTN_LOCAL) { 1596 if (res.type == RTN_LOCAL) {
1597 err = fib_validate_source(skb, saddr, daddr, tos, 1597 err = fib_validate_source(skb, saddr, daddr, tos,
1598 net->loopback_dev->ifindex, 1598 LOOPBACK_IFINDEX,
1599 dev, in_dev, &itag); 1599 dev, in_dev, &itag);
1600 if (err < 0) 1600 if (err < 0)
1601 goto martian_source_keep_err; 1601 goto martian_source_keep_err;
@@ -1871,7 +1871,7 @@ struct rtable *__ip_route_output_key(struct net *net, struct flowi4 *fl4)
1871 1871
1872 orig_oif = fl4->flowi4_oif; 1872 orig_oif = fl4->flowi4_oif;
1873 1873
1874 fl4->flowi4_iif = net->loopback_dev->ifindex; 1874 fl4->flowi4_iif = LOOPBACK_IFINDEX;
1875 fl4->flowi4_tos = tos & IPTOS_RT_MASK; 1875 fl4->flowi4_tos = tos & IPTOS_RT_MASK;
1876 fl4->flowi4_scope = ((tos & RTO_ONLINK) ? 1876 fl4->flowi4_scope = ((tos & RTO_ONLINK) ?
1877 RT_SCOPE_LINK : RT_SCOPE_UNIVERSE); 1877 RT_SCOPE_LINK : RT_SCOPE_UNIVERSE);
@@ -1960,7 +1960,7 @@ struct rtable *__ip_route_output_key(struct net *net, struct flowi4 *fl4)
1960 if (!fl4->daddr) 1960 if (!fl4->daddr)
1961 fl4->daddr = fl4->saddr = htonl(INADDR_LOOPBACK); 1961 fl4->daddr = fl4->saddr = htonl(INADDR_LOOPBACK);
1962 dev_out = net->loopback_dev; 1962 dev_out = net->loopback_dev;
1963 fl4->flowi4_oif = net->loopback_dev->ifindex; 1963 fl4->flowi4_oif = LOOPBACK_IFINDEX;
1964 res.type = RTN_LOCAL; 1964 res.type = RTN_LOCAL;
1965 flags |= RTCF_LOCAL; 1965 flags |= RTCF_LOCAL;
1966 goto make_route; 1966 goto make_route;
@@ -2131,7 +2131,7 @@ struct rtable *ip_route_output_flow(struct net *net, struct flowi4 *flp4,
2131EXPORT_SYMBOL_GPL(ip_route_output_flow); 2131EXPORT_SYMBOL_GPL(ip_route_output_flow);
2132 2132
2133static int rt_fill_info(struct net *net, __be32 dst, __be32 src, 2133static int rt_fill_info(struct net *net, __be32 dst, __be32 src,
2134 struct flowi4 *fl4, struct sk_buff *skb, u32 pid, 2134 struct flowi4 *fl4, struct sk_buff *skb, u32 portid,
2135 u32 seq, int event, int nowait, unsigned int flags) 2135 u32 seq, int event, int nowait, unsigned int flags)
2136{ 2136{
2137 struct rtable *rt = skb_rtable(skb); 2137 struct rtable *rt = skb_rtable(skb);
@@ -2141,7 +2141,7 @@ static int rt_fill_info(struct net *net, __be32 dst, __be32 src,
2141 u32 error; 2141 u32 error;
2142 u32 metrics[RTAX_MAX]; 2142 u32 metrics[RTAX_MAX];
2143 2143
2144 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*r), flags); 2144 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*r), flags);
2145 if (nlh == NULL) 2145 if (nlh == NULL)
2146 return -EMSGSIZE; 2146 return -EMSGSIZE;
2147 2147
@@ -2301,12 +2301,12 @@ static int inet_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh, void
2301 rt->rt_flags |= RTCF_NOTIFY; 2301 rt->rt_flags |= RTCF_NOTIFY;
2302 2302
2303 err = rt_fill_info(net, dst, src, &fl4, skb, 2303 err = rt_fill_info(net, dst, src, &fl4, skb,
2304 NETLINK_CB(in_skb).pid, nlh->nlmsg_seq, 2304 NETLINK_CB(in_skb).portid, nlh->nlmsg_seq,
2305 RTM_NEWROUTE, 0, 0); 2305 RTM_NEWROUTE, 0, 0);
2306 if (err <= 0) 2306 if (err <= 0)
2307 goto errout_free; 2307 goto errout_free;
2308 2308
2309 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).pid); 2309 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
2310errout: 2310errout:
2311 return err; 2311 return err;
2312 2312
diff --git a/net/ipv4/syncookies.c b/net/ipv4/syncookies.c
index 650e1528e1e6..ba48e799b031 100644
--- a/net/ipv4/syncookies.c
+++ b/net/ipv4/syncookies.c
@@ -319,6 +319,7 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb,
319 ireq->tstamp_ok = tcp_opt.saw_tstamp; 319 ireq->tstamp_ok = tcp_opt.saw_tstamp;
320 req->ts_recent = tcp_opt.saw_tstamp ? tcp_opt.rcv_tsval : 0; 320 req->ts_recent = tcp_opt.saw_tstamp ? tcp_opt.rcv_tsval : 0;
321 treq->snt_synack = tcp_opt.saw_tstamp ? tcp_opt.rcv_tsecr : 0; 321 treq->snt_synack = tcp_opt.saw_tstamp ? tcp_opt.rcv_tsecr : 0;
322 treq->listener = NULL;
322 323
323 /* We throwed the options of the initial SYN away, so we hope 324 /* We throwed the options of the initial SYN away, so we hope
324 * the ACK carries the same options again (see RFC1122 4.2.3.8) 325 * the ACK carries the same options again (see RFC1122 4.2.3.8)
diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c
index 3e78c79b5586..9205e492dc9d 100644
--- a/net/ipv4/sysctl_net_ipv4.c
+++ b/net/ipv4/sysctl_net_ipv4.c
@@ -232,6 +232,45 @@ static int ipv4_tcp_mem(ctl_table *ctl, int write,
232 return 0; 232 return 0;
233} 233}
234 234
235int proc_tcp_fastopen_key(ctl_table *ctl, int write, void __user *buffer,
236 size_t *lenp, loff_t *ppos)
237{
238 ctl_table tbl = { .maxlen = (TCP_FASTOPEN_KEY_LENGTH * 2 + 10) };
239 struct tcp_fastopen_context *ctxt;
240 int ret;
241 u32 user_key[4]; /* 16 bytes, matching TCP_FASTOPEN_KEY_LENGTH */
242
243 tbl.data = kmalloc(tbl.maxlen, GFP_KERNEL);
244 if (!tbl.data)
245 return -ENOMEM;
246
247 rcu_read_lock();
248 ctxt = rcu_dereference(tcp_fastopen_ctx);
249 if (ctxt)
250 memcpy(user_key, ctxt->key, TCP_FASTOPEN_KEY_LENGTH);
251 rcu_read_unlock();
252
253 snprintf(tbl.data, tbl.maxlen, "%08x-%08x-%08x-%08x",
254 user_key[0], user_key[1], user_key[2], user_key[3]);
255 ret = proc_dostring(&tbl, write, buffer, lenp, ppos);
256
257 if (write && ret == 0) {
258 if (sscanf(tbl.data, "%x-%x-%x-%x", user_key, user_key + 1,
259 user_key + 2, user_key + 3) != 4) {
260 ret = -EINVAL;
261 goto bad_key;
262 }
263 tcp_fastopen_reset_cipher(user_key, TCP_FASTOPEN_KEY_LENGTH);
264 }
265
266bad_key:
267 pr_debug("proc FO key set 0x%x-%x-%x-%x <- 0x%s: %u\n",
268 user_key[0], user_key[1], user_key[2], user_key[3],
269 (char *)tbl.data, ret);
270 kfree(tbl.data);
271 return ret;
272}
273
235static struct ctl_table ipv4_table[] = { 274static struct ctl_table ipv4_table[] = {
236 { 275 {
237 .procname = "tcp_timestamps", 276 .procname = "tcp_timestamps",
@@ -386,6 +425,12 @@ static struct ctl_table ipv4_table[] = {
386 .proc_handler = proc_dointvec, 425 .proc_handler = proc_dointvec,
387 }, 426 },
388 { 427 {
428 .procname = "tcp_fastopen_key",
429 .mode = 0600,
430 .maxlen = ((TCP_FASTOPEN_KEY_LENGTH * 2) + 10),
431 .proc_handler = proc_tcp_fastopen_key,
432 },
433 {
389 .procname = "tcp_tw_recycle", 434 .procname = "tcp_tw_recycle",
390 .data = &tcp_death_row.sysctl_tw_recycle, 435 .data = &tcp_death_row.sysctl_tw_recycle,
391 .maxlen = sizeof(int), 436 .maxlen = sizeof(int),
diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
index 5f6419341821..f32c02e2a543 100644
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -486,8 +486,9 @@ unsigned int tcp_poll(struct file *file, struct socket *sock, poll_table *wait)
486 if (sk->sk_shutdown & RCV_SHUTDOWN) 486 if (sk->sk_shutdown & RCV_SHUTDOWN)
487 mask |= POLLIN | POLLRDNORM | POLLRDHUP; 487 mask |= POLLIN | POLLRDNORM | POLLRDHUP;
488 488
489 /* Connected? */ 489 /* Connected or passive Fast Open socket? */
490 if ((1 << sk->sk_state) & ~(TCPF_SYN_SENT | TCPF_SYN_RECV)) { 490 if (sk->sk_state != TCP_SYN_SENT &&
491 (sk->sk_state != TCP_SYN_RECV || tp->fastopen_rsk != NULL)) {
491 int target = sock_rcvlowat(sk, 0, INT_MAX); 492 int target = sock_rcvlowat(sk, 0, INT_MAX);
492 493
493 if (tp->urg_seq == tp->copied_seq && 494 if (tp->urg_seq == tp->copied_seq &&
@@ -840,10 +841,15 @@ static ssize_t do_tcp_sendpages(struct sock *sk, struct page **pages, int poffse
840 ssize_t copied; 841 ssize_t copied;
841 long timeo = sock_sndtimeo(sk, flags & MSG_DONTWAIT); 842 long timeo = sock_sndtimeo(sk, flags & MSG_DONTWAIT);
842 843
843 /* Wait for a connection to finish. */ 844 /* Wait for a connection to finish. One exception is TCP Fast Open
844 if ((1 << sk->sk_state) & ~(TCPF_ESTABLISHED | TCPF_CLOSE_WAIT)) 845 * (passive side) where data is allowed to be sent before a connection
846 * is fully established.
847 */
848 if (((1 << sk->sk_state) & ~(TCPF_ESTABLISHED | TCPF_CLOSE_WAIT)) &&
849 !tcp_passive_fastopen(sk)) {
845 if ((err = sk_stream_wait_connect(sk, &timeo)) != 0) 850 if ((err = sk_stream_wait_connect(sk, &timeo)) != 0)
846 goto out_err; 851 goto out_err;
852 }
847 853
848 clear_bit(SOCK_ASYNC_NOSPACE, &sk->sk_socket->flags); 854 clear_bit(SOCK_ASYNC_NOSPACE, &sk->sk_socket->flags);
849 855
@@ -1042,10 +1048,15 @@ int tcp_sendmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg,
1042 1048
1043 timeo = sock_sndtimeo(sk, flags & MSG_DONTWAIT); 1049 timeo = sock_sndtimeo(sk, flags & MSG_DONTWAIT);
1044 1050
1045 /* Wait for a connection to finish. */ 1051 /* Wait for a connection to finish. One exception is TCP Fast Open
1046 if ((1 << sk->sk_state) & ~(TCPF_ESTABLISHED | TCPF_CLOSE_WAIT)) 1052 * (passive side) where data is allowed to be sent before a connection
1053 * is fully established.
1054 */
1055 if (((1 << sk->sk_state) & ~(TCPF_ESTABLISHED | TCPF_CLOSE_WAIT)) &&
1056 !tcp_passive_fastopen(sk)) {
1047 if ((err = sk_stream_wait_connect(sk, &timeo)) != 0) 1057 if ((err = sk_stream_wait_connect(sk, &timeo)) != 0)
1048 goto do_error; 1058 goto do_error;
1059 }
1049 1060
1050 if (unlikely(tp->repair)) { 1061 if (unlikely(tp->repair)) {
1051 if (tp->repair_queue == TCP_RECV_QUEUE) { 1062 if (tp->repair_queue == TCP_RECV_QUEUE) {
@@ -1139,78 +1150,43 @@ new_segment:
1139 if (err) 1150 if (err)
1140 goto do_fault; 1151 goto do_fault;
1141 } else { 1152 } else {
1142 bool merge = false; 1153 bool merge = true;
1143 int i = skb_shinfo(skb)->nr_frags; 1154 int i = skb_shinfo(skb)->nr_frags;
1144 struct page *page = sk->sk_sndmsg_page; 1155 struct page_frag *pfrag = sk_page_frag(sk);
1145 int off; 1156
1146 1157 if (!sk_page_frag_refill(sk, pfrag))
1147 if (page && page_count(page) == 1) 1158 goto wait_for_memory;
1148 sk->sk_sndmsg_off = 0; 1159
1149 1160 if (!skb_can_coalesce(skb, i, pfrag->page,
1150 off = sk->sk_sndmsg_off; 1161 pfrag->offset)) {
1151 1162 if (i == MAX_SKB_FRAGS || !sg) {
1152 if (skb_can_coalesce(skb, i, page, off) && 1163 tcp_mark_push(tp, skb);
1153 off != PAGE_SIZE) { 1164 goto new_segment;
1154 /* We can extend the last page
1155 * fragment. */
1156 merge = true;
1157 } else if (i == MAX_SKB_FRAGS || !sg) {
1158 /* Need to add new fragment and cannot
1159 * do this because interface is non-SG,
1160 * or because all the page slots are
1161 * busy. */
1162 tcp_mark_push(tp, skb);
1163 goto new_segment;
1164 } else if (page) {
1165 if (off == PAGE_SIZE) {
1166 put_page(page);
1167 sk->sk_sndmsg_page = page = NULL;
1168 off = 0;
1169 } 1165 }
1170 } else 1166 merge = false;
1171 off = 0; 1167 }
1172 1168
1173 if (copy > PAGE_SIZE - off) 1169 copy = min_t(int, copy, pfrag->size - pfrag->offset);
1174 copy = PAGE_SIZE - off;
1175 1170
1176 if (!sk_wmem_schedule(sk, copy)) 1171 if (!sk_wmem_schedule(sk, copy))
1177 goto wait_for_memory; 1172 goto wait_for_memory;
1178 1173
1179 if (!page) {
1180 /* Allocate new cache page. */
1181 if (!(page = sk_stream_alloc_page(sk)))
1182 goto wait_for_memory;
1183 }
1184
1185 /* Time to copy data. We are close to
1186 * the end! */
1187 err = skb_copy_to_page_nocache(sk, from, skb, 1174 err = skb_copy_to_page_nocache(sk, from, skb,
1188 page, off, copy); 1175 pfrag->page,
1189 if (err) { 1176 pfrag->offset,
1190 /* If this page was new, give it to the 1177 copy);
1191 * socket so it does not get leaked. 1178 if (err)
1192 */
1193 if (!sk->sk_sndmsg_page) {
1194 sk->sk_sndmsg_page = page;
1195 sk->sk_sndmsg_off = 0;
1196 }
1197 goto do_error; 1179 goto do_error;
1198 }
1199 1180
1200 /* Update the skb. */ 1181 /* Update the skb. */
1201 if (merge) { 1182 if (merge) {
1202 skb_frag_size_add(&skb_shinfo(skb)->frags[i - 1], copy); 1183 skb_frag_size_add(&skb_shinfo(skb)->frags[i - 1], copy);
1203 } else { 1184 } else {
1204 skb_fill_page_desc(skb, i, page, off, copy); 1185 skb_fill_page_desc(skb, i, pfrag->page,
1205 if (sk->sk_sndmsg_page) { 1186 pfrag->offset, copy);
1206 get_page(page); 1187 get_page(pfrag->page);
1207 } else if (off + copy < PAGE_SIZE) {
1208 get_page(page);
1209 sk->sk_sndmsg_page = page;
1210 }
1211 } 1188 }
1212 1189 pfrag->offset += copy;
1213 sk->sk_sndmsg_off = off + copy;
1214 } 1190 }
1215 1191
1216 if (!copied) 1192 if (!copied)
@@ -2150,6 +2126,10 @@ void tcp_close(struct sock *sk, long timeout)
2150 * they look as CLOSING or LAST_ACK for Linux) 2126 * they look as CLOSING or LAST_ACK for Linux)
2151 * Probably, I missed some more holelets. 2127 * Probably, I missed some more holelets.
2152 * --ANK 2128 * --ANK
2129 * XXX (TFO) - To start off we don't support SYN+ACK+FIN
2130 * in a single packet! (May consider it later but will
2131 * probably need API support or TCP_CORK SYN-ACK until
2132 * data is written and socket is closed.)
2153 */ 2133 */
2154 tcp_send_fin(sk); 2134 tcp_send_fin(sk);
2155 } 2135 }
@@ -2221,8 +2201,16 @@ adjudge_to_death:
2221 } 2201 }
2222 } 2202 }
2223 2203
2224 if (sk->sk_state == TCP_CLOSE) 2204 if (sk->sk_state == TCP_CLOSE) {
2205 struct request_sock *req = tcp_sk(sk)->fastopen_rsk;
2206 /* We could get here with a non-NULL req if the socket is
2207 * aborted (e.g., closed with unread data) before 3WHS
2208 * finishes.
2209 */
2210 if (req != NULL)
2211 reqsk_fastopen_remove(sk, req, false);
2225 inet_csk_destroy_sock(sk); 2212 inet_csk_destroy_sock(sk);
2213 }
2226 /* Otherwise, socket is reprieved until protocol close. */ 2214 /* Otherwise, socket is reprieved until protocol close. */
2227 2215
2228out: 2216out:
@@ -2308,6 +2296,13 @@ int tcp_disconnect(struct sock *sk, int flags)
2308} 2296}
2309EXPORT_SYMBOL(tcp_disconnect); 2297EXPORT_SYMBOL(tcp_disconnect);
2310 2298
2299void tcp_sock_destruct(struct sock *sk)
2300{
2301 inet_sock_destruct(sk);
2302
2303 kfree(inet_csk(sk)->icsk_accept_queue.fastopenq);
2304}
2305
2311static inline bool tcp_can_repair_sock(const struct sock *sk) 2306static inline bool tcp_can_repair_sock(const struct sock *sk)
2312{ 2307{
2313 return capable(CAP_NET_ADMIN) && 2308 return capable(CAP_NET_ADMIN) &&
@@ -2701,6 +2696,14 @@ static int do_tcp_setsockopt(struct sock *sk, int level,
2701 else 2696 else
2702 icsk->icsk_user_timeout = msecs_to_jiffies(val); 2697 icsk->icsk_user_timeout = msecs_to_jiffies(val);
2703 break; 2698 break;
2699
2700 case TCP_FASTOPEN:
2701 if (val >= 0 && ((1 << sk->sk_state) & (TCPF_CLOSE |
2702 TCPF_LISTEN)))
2703 err = fastopen_init_queue(sk, val);
2704 else
2705 err = -EINVAL;
2706 break;
2704 default: 2707 default:
2705 err = -ENOPROTOOPT; 2708 err = -ENOPROTOOPT;
2706 break; 2709 break;
@@ -3514,11 +3517,15 @@ EXPORT_SYMBOL(tcp_cookie_generator);
3514 3517
3515void tcp_done(struct sock *sk) 3518void tcp_done(struct sock *sk)
3516{ 3519{
3520 struct request_sock *req = tcp_sk(sk)->fastopen_rsk;
3521
3517 if (sk->sk_state == TCP_SYN_SENT || sk->sk_state == TCP_SYN_RECV) 3522 if (sk->sk_state == TCP_SYN_SENT || sk->sk_state == TCP_SYN_RECV)
3518 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_ATTEMPTFAILS); 3523 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_ATTEMPTFAILS);
3519 3524
3520 tcp_set_state(sk, TCP_CLOSE); 3525 tcp_set_state(sk, TCP_CLOSE);
3521 tcp_clear_xmit_timers(sk); 3526 tcp_clear_xmit_timers(sk);
3527 if (req != NULL)
3528 reqsk_fastopen_remove(sk, req, false);
3522 3529
3523 sk->sk_shutdown = SHUTDOWN_MASK; 3530 sk->sk_shutdown = SHUTDOWN_MASK;
3524 3531
diff --git a/net/ipv4/tcp_fastopen.c b/net/ipv4/tcp_fastopen.c
index a7f729c409d7..8f7ef0ad80e5 100644
--- a/net/ipv4/tcp_fastopen.c
+++ b/net/ipv4/tcp_fastopen.c
@@ -1,10 +1,91 @@
1#include <linux/err.h>
1#include <linux/init.h> 2#include <linux/init.h>
2#include <linux/kernel.h> 3#include <linux/kernel.h>
4#include <linux/list.h>
5#include <linux/tcp.h>
6#include <linux/rcupdate.h>
7#include <linux/rculist.h>
8#include <net/inetpeer.h>
9#include <net/tcp.h>
3 10
4int sysctl_tcp_fastopen; 11int sysctl_tcp_fastopen __read_mostly;
12
13struct tcp_fastopen_context __rcu *tcp_fastopen_ctx;
14
15static DEFINE_SPINLOCK(tcp_fastopen_ctx_lock);
16
17static void tcp_fastopen_ctx_free(struct rcu_head *head)
18{
19 struct tcp_fastopen_context *ctx =
20 container_of(head, struct tcp_fastopen_context, rcu);
21 crypto_free_cipher(ctx->tfm);
22 kfree(ctx);
23}
24
25int tcp_fastopen_reset_cipher(void *key, unsigned int len)
26{
27 int err;
28 struct tcp_fastopen_context *ctx, *octx;
29
30 ctx = kmalloc(sizeof(*ctx), GFP_KERNEL);
31 if (!ctx)
32 return -ENOMEM;
33 ctx->tfm = crypto_alloc_cipher("aes", 0, 0);
34
35 if (IS_ERR(ctx->tfm)) {
36 err = PTR_ERR(ctx->tfm);
37error: kfree(ctx);
38 pr_err("TCP: TFO aes cipher alloc error: %d\n", err);
39 return err;
40 }
41 err = crypto_cipher_setkey(ctx->tfm, key, len);
42 if (err) {
43 pr_err("TCP: TFO cipher key error: %d\n", err);
44 crypto_free_cipher(ctx->tfm);
45 goto error;
46 }
47 memcpy(ctx->key, key, len);
48
49 spin_lock(&tcp_fastopen_ctx_lock);
50
51 octx = rcu_dereference_protected(tcp_fastopen_ctx,
52 lockdep_is_held(&tcp_fastopen_ctx_lock));
53 rcu_assign_pointer(tcp_fastopen_ctx, ctx);
54 spin_unlock(&tcp_fastopen_ctx_lock);
55
56 if (octx)
57 call_rcu(&octx->rcu, tcp_fastopen_ctx_free);
58 return err;
59}
60
61/* Computes the fastopen cookie for the peer.
62 * The peer address is a 128 bits long (pad with zeros for IPv4).
63 *
64 * The caller must check foc->len to determine if a valid cookie
65 * has been generated successfully.
66*/
67void tcp_fastopen_cookie_gen(__be32 addr, struct tcp_fastopen_cookie *foc)
68{
69 __be32 peer_addr[4] = { addr, 0, 0, 0 };
70 struct tcp_fastopen_context *ctx;
71
72 rcu_read_lock();
73 ctx = rcu_dereference(tcp_fastopen_ctx);
74 if (ctx) {
75 crypto_cipher_encrypt_one(ctx->tfm,
76 foc->val,
77 (__u8 *)peer_addr);
78 foc->len = TCP_FASTOPEN_COOKIE_SIZE;
79 }
80 rcu_read_unlock();
81}
5 82
6static int __init tcp_fastopen_init(void) 83static int __init tcp_fastopen_init(void)
7{ 84{
85 __u8 key[TCP_FASTOPEN_KEY_LENGTH];
86
87 get_random_bytes(key, sizeof(key));
88 tcp_fastopen_reset_cipher(key, sizeof(key));
8 return 0; 89 return 0;
9} 90}
10 91
diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c
index d377f4854cb8..432c36649db3 100644
--- a/net/ipv4/tcp_input.c
+++ b/net/ipv4/tcp_input.c
@@ -237,7 +237,11 @@ static inline void TCP_ECN_check_ce(struct tcp_sock *tp, const struct sk_buff *s
237 tcp_enter_quickack_mode((struct sock *)tp); 237 tcp_enter_quickack_mode((struct sock *)tp);
238 break; 238 break;
239 case INET_ECN_CE: 239 case INET_ECN_CE:
240 tp->ecn_flags |= TCP_ECN_DEMAND_CWR; 240 if (!(tp->ecn_flags & TCP_ECN_DEMAND_CWR)) {
241 /* Better not delay acks, sender can have a very low cwnd */
242 tcp_enter_quickack_mode((struct sock *)tp);
243 tp->ecn_flags |= TCP_ECN_DEMAND_CWR;
244 }
241 /* fallinto */ 245 /* fallinto */
242 default: 246 default:
243 tp->ecn_flags |= TCP_ECN_SEEN; 247 tp->ecn_flags |= TCP_ECN_SEEN;
@@ -374,7 +378,7 @@ static void tcp_fixup_rcvbuf(struct sock *sk)
374/* 4. Try to fixup all. It is made immediately after connection enters 378/* 4. Try to fixup all. It is made immediately after connection enters
375 * established state. 379 * established state.
376 */ 380 */
377static void tcp_init_buffer_space(struct sock *sk) 381void tcp_init_buffer_space(struct sock *sk)
378{ 382{
379 struct tcp_sock *tp = tcp_sk(sk); 383 struct tcp_sock *tp = tcp_sk(sk);
380 int maxwin; 384 int maxwin;
@@ -739,29 +743,6 @@ __u32 tcp_init_cwnd(const struct tcp_sock *tp, const struct dst_entry *dst)
739 return min_t(__u32, cwnd, tp->snd_cwnd_clamp); 743 return min_t(__u32, cwnd, tp->snd_cwnd_clamp);
740} 744}
741 745
742/* Set slow start threshold and cwnd not falling to slow start */
743void tcp_enter_cwr(struct sock *sk, const int set_ssthresh)
744{
745 struct tcp_sock *tp = tcp_sk(sk);
746 const struct inet_connection_sock *icsk = inet_csk(sk);
747
748 tp->prior_ssthresh = 0;
749 tp->bytes_acked = 0;
750 if (icsk->icsk_ca_state < TCP_CA_CWR) {
751 tp->undo_marker = 0;
752 if (set_ssthresh)
753 tp->snd_ssthresh = icsk->icsk_ca_ops->ssthresh(sk);
754 tp->snd_cwnd = min(tp->snd_cwnd,
755 tcp_packets_in_flight(tp) + 1U);
756 tp->snd_cwnd_cnt = 0;
757 tp->high_seq = tp->snd_nxt;
758 tp->snd_cwnd_stamp = tcp_time_stamp;
759 TCP_ECN_queue_cwr(tp);
760
761 tcp_set_ca_state(sk, TCP_CA_CWR);
762 }
763}
764
765/* 746/*
766 * Packet counting of FACK is based on in-order assumptions, therefore TCP 747 * Packet counting of FACK is based on in-order assumptions, therefore TCP
767 * disables it when reordering is detected 748 * disables it when reordering is detected
@@ -2489,35 +2470,6 @@ static inline void tcp_moderate_cwnd(struct tcp_sock *tp)
2489 tp->snd_cwnd_stamp = tcp_time_stamp; 2470 tp->snd_cwnd_stamp = tcp_time_stamp;
2490} 2471}
2491 2472
2492/* Lower bound on congestion window is slow start threshold
2493 * unless congestion avoidance choice decides to overide it.
2494 */
2495static inline u32 tcp_cwnd_min(const struct sock *sk)
2496{
2497 const struct tcp_congestion_ops *ca_ops = inet_csk(sk)->icsk_ca_ops;
2498
2499 return ca_ops->min_cwnd ? ca_ops->min_cwnd(sk) : tcp_sk(sk)->snd_ssthresh;
2500}
2501
2502/* Decrease cwnd each second ack. */
2503static void tcp_cwnd_down(struct sock *sk, int flag)
2504{
2505 struct tcp_sock *tp = tcp_sk(sk);
2506 int decr = tp->snd_cwnd_cnt + 1;
2507
2508 if ((flag & (FLAG_ANY_PROGRESS | FLAG_DSACKING_ACK)) ||
2509 (tcp_is_reno(tp) && !(flag & FLAG_NOT_DUP))) {
2510 tp->snd_cwnd_cnt = decr & 1;
2511 decr >>= 1;
2512
2513 if (decr && tp->snd_cwnd > tcp_cwnd_min(sk))
2514 tp->snd_cwnd -= decr;
2515
2516 tp->snd_cwnd = min(tp->snd_cwnd, tcp_packets_in_flight(tp) + 1);
2517 tp->snd_cwnd_stamp = tcp_time_stamp;
2518 }
2519}
2520
2521/* Nothing was retransmitted or returned timestamp is less 2473/* Nothing was retransmitted or returned timestamp is less
2522 * than timestamp of the first retransmission. 2474 * than timestamp of the first retransmission.
2523 */ 2475 */
@@ -2719,24 +2671,80 @@ static bool tcp_try_undo_loss(struct sock *sk)
2719 return false; 2671 return false;
2720} 2672}
2721 2673
2722static inline void tcp_complete_cwr(struct sock *sk) 2674/* The cwnd reduction in CWR and Recovery use the PRR algorithm
2675 * https://datatracker.ietf.org/doc/draft-ietf-tcpm-proportional-rate-reduction/
2676 * It computes the number of packets to send (sndcnt) based on packets newly
2677 * delivered:
2678 * 1) If the packets in flight is larger than ssthresh, PRR spreads the
2679 * cwnd reductions across a full RTT.
2680 * 2) If packets in flight is lower than ssthresh (such as due to excess
2681 * losses and/or application stalls), do not perform any further cwnd
2682 * reductions, but instead slow start up to ssthresh.
2683 */
2684static void tcp_init_cwnd_reduction(struct sock *sk, const bool set_ssthresh)
2723{ 2685{
2724 struct tcp_sock *tp = tcp_sk(sk); 2686 struct tcp_sock *tp = tcp_sk(sk);
2725 2687
2726 /* Do not moderate cwnd if it's already undone in cwr or recovery. */ 2688 tp->high_seq = tp->snd_nxt;
2727 if (tp->undo_marker) { 2689 tp->bytes_acked = 0;
2728 if (inet_csk(sk)->icsk_ca_state == TCP_CA_CWR) { 2690 tp->snd_cwnd_cnt = 0;
2729 tp->snd_cwnd = min(tp->snd_cwnd, tp->snd_ssthresh); 2691 tp->prior_cwnd = tp->snd_cwnd;
2730 tp->snd_cwnd_stamp = tcp_time_stamp; 2692 tp->prr_delivered = 0;
2731 } else if (tp->snd_ssthresh < TCP_INFINITE_SSTHRESH) { 2693 tp->prr_out = 0;
2732 /* PRR algorithm. */ 2694 if (set_ssthresh)
2733 tp->snd_cwnd = tp->snd_ssthresh; 2695 tp->snd_ssthresh = inet_csk(sk)->icsk_ca_ops->ssthresh(sk);
2734 tp->snd_cwnd_stamp = tcp_time_stamp; 2696 TCP_ECN_queue_cwr(tp);
2735 } 2697}
2698
2699static void tcp_cwnd_reduction(struct sock *sk, int newly_acked_sacked,
2700 int fast_rexmit)
2701{
2702 struct tcp_sock *tp = tcp_sk(sk);
2703 int sndcnt = 0;
2704 int delta = tp->snd_ssthresh - tcp_packets_in_flight(tp);
2705
2706 tp->prr_delivered += newly_acked_sacked;
2707 if (tcp_packets_in_flight(tp) > tp->snd_ssthresh) {
2708 u64 dividend = (u64)tp->snd_ssthresh * tp->prr_delivered +
2709 tp->prior_cwnd - 1;
2710 sndcnt = div_u64(dividend, tp->prior_cwnd) - tp->prr_out;
2711 } else {
2712 sndcnt = min_t(int, delta,
2713 max_t(int, tp->prr_delivered - tp->prr_out,
2714 newly_acked_sacked) + 1);
2715 }
2716
2717 sndcnt = max(sndcnt, (fast_rexmit ? 1 : 0));
2718 tp->snd_cwnd = tcp_packets_in_flight(tp) + sndcnt;
2719}
2720
2721static inline void tcp_end_cwnd_reduction(struct sock *sk)
2722{
2723 struct tcp_sock *tp = tcp_sk(sk);
2724
2725 /* Reset cwnd to ssthresh in CWR or Recovery (unless it's undone) */
2726 if (inet_csk(sk)->icsk_ca_state == TCP_CA_CWR ||
2727 (tp->undo_marker && tp->snd_ssthresh < TCP_INFINITE_SSTHRESH)) {
2728 tp->snd_cwnd = tp->snd_ssthresh;
2729 tp->snd_cwnd_stamp = tcp_time_stamp;
2736 } 2730 }
2737 tcp_ca_event(sk, CA_EVENT_COMPLETE_CWR); 2731 tcp_ca_event(sk, CA_EVENT_COMPLETE_CWR);
2738} 2732}
2739 2733
2734/* Enter CWR state. Disable cwnd undo since congestion is proven with ECN */
2735void tcp_enter_cwr(struct sock *sk, const int set_ssthresh)
2736{
2737 struct tcp_sock *tp = tcp_sk(sk);
2738
2739 tp->prior_ssthresh = 0;
2740 tp->bytes_acked = 0;
2741 if (inet_csk(sk)->icsk_ca_state < TCP_CA_CWR) {
2742 tp->undo_marker = 0;
2743 tcp_init_cwnd_reduction(sk, set_ssthresh);
2744 tcp_set_ca_state(sk, TCP_CA_CWR);
2745 }
2746}
2747
2740static void tcp_try_keep_open(struct sock *sk) 2748static void tcp_try_keep_open(struct sock *sk)
2741{ 2749{
2742 struct tcp_sock *tp = tcp_sk(sk); 2750 struct tcp_sock *tp = tcp_sk(sk);
@@ -2751,7 +2759,7 @@ static void tcp_try_keep_open(struct sock *sk)
2751 } 2759 }
2752} 2760}
2753 2761
2754static void tcp_try_to_open(struct sock *sk, int flag) 2762static void tcp_try_to_open(struct sock *sk, int flag, int newly_acked_sacked)
2755{ 2763{
2756 struct tcp_sock *tp = tcp_sk(sk); 2764 struct tcp_sock *tp = tcp_sk(sk);
2757 2765
@@ -2768,7 +2776,7 @@ static void tcp_try_to_open(struct sock *sk, int flag)
2768 if (inet_csk(sk)->icsk_ca_state != TCP_CA_Open) 2776 if (inet_csk(sk)->icsk_ca_state != TCP_CA_Open)
2769 tcp_moderate_cwnd(tp); 2777 tcp_moderate_cwnd(tp);
2770 } else { 2778 } else {
2771 tcp_cwnd_down(sk, flag); 2779 tcp_cwnd_reduction(sk, newly_acked_sacked, 0);
2772 } 2780 }
2773} 2781}
2774 2782
@@ -2850,38 +2858,6 @@ void tcp_simple_retransmit(struct sock *sk)
2850} 2858}
2851EXPORT_SYMBOL(tcp_simple_retransmit); 2859EXPORT_SYMBOL(tcp_simple_retransmit);
2852 2860
2853/* This function implements the PRR algorithm, specifcally the PRR-SSRB
2854 * (proportional rate reduction with slow start reduction bound) as described in
2855 * http://www.ietf.org/id/draft-mathis-tcpm-proportional-rate-reduction-01.txt.
2856 * It computes the number of packets to send (sndcnt) based on packets newly
2857 * delivered:
2858 * 1) If the packets in flight is larger than ssthresh, PRR spreads the
2859 * cwnd reductions across a full RTT.
2860 * 2) If packets in flight is lower than ssthresh (such as due to excess
2861 * losses and/or application stalls), do not perform any further cwnd
2862 * reductions, but instead slow start up to ssthresh.
2863 */
2864static void tcp_update_cwnd_in_recovery(struct sock *sk, int newly_acked_sacked,
2865 int fast_rexmit, int flag)
2866{
2867 struct tcp_sock *tp = tcp_sk(sk);
2868 int sndcnt = 0;
2869 int delta = tp->snd_ssthresh - tcp_packets_in_flight(tp);
2870
2871 if (tcp_packets_in_flight(tp) > tp->snd_ssthresh) {
2872 u64 dividend = (u64)tp->snd_ssthresh * tp->prr_delivered +
2873 tp->prior_cwnd - 1;
2874 sndcnt = div_u64(dividend, tp->prior_cwnd) - tp->prr_out;
2875 } else {
2876 sndcnt = min_t(int, delta,
2877 max_t(int, tp->prr_delivered - tp->prr_out,
2878 newly_acked_sacked) + 1);
2879 }
2880
2881 sndcnt = max(sndcnt, (fast_rexmit ? 1 : 0));
2882 tp->snd_cwnd = tcp_packets_in_flight(tp) + sndcnt;
2883}
2884
2885static void tcp_enter_recovery(struct sock *sk, bool ece_ack) 2861static void tcp_enter_recovery(struct sock *sk, bool ece_ack)
2886{ 2862{
2887 struct tcp_sock *tp = tcp_sk(sk); 2863 struct tcp_sock *tp = tcp_sk(sk);
@@ -2894,7 +2870,6 @@ static void tcp_enter_recovery(struct sock *sk, bool ece_ack)
2894 2870
2895 NET_INC_STATS_BH(sock_net(sk), mib_idx); 2871 NET_INC_STATS_BH(sock_net(sk), mib_idx);
2896 2872
2897 tp->high_seq = tp->snd_nxt;
2898 tp->prior_ssthresh = 0; 2873 tp->prior_ssthresh = 0;
2899 tp->undo_marker = tp->snd_una; 2874 tp->undo_marker = tp->snd_una;
2900 tp->undo_retrans = tp->retrans_out; 2875 tp->undo_retrans = tp->retrans_out;
@@ -2902,15 +2877,8 @@ static void tcp_enter_recovery(struct sock *sk, bool ece_ack)
2902 if (inet_csk(sk)->icsk_ca_state < TCP_CA_CWR) { 2877 if (inet_csk(sk)->icsk_ca_state < TCP_CA_CWR) {
2903 if (!ece_ack) 2878 if (!ece_ack)
2904 tp->prior_ssthresh = tcp_current_ssthresh(sk); 2879 tp->prior_ssthresh = tcp_current_ssthresh(sk);
2905 tp->snd_ssthresh = inet_csk(sk)->icsk_ca_ops->ssthresh(sk); 2880 tcp_init_cwnd_reduction(sk, true);
2906 TCP_ECN_queue_cwr(tp);
2907 } 2881 }
2908
2909 tp->bytes_acked = 0;
2910 tp->snd_cwnd_cnt = 0;
2911 tp->prior_cwnd = tp->snd_cwnd;
2912 tp->prr_delivered = 0;
2913 tp->prr_out = 0;
2914 tcp_set_ca_state(sk, TCP_CA_Recovery); 2882 tcp_set_ca_state(sk, TCP_CA_Recovery);
2915} 2883}
2916 2884
@@ -2970,7 +2938,7 @@ static void tcp_fastretrans_alert(struct sock *sk, int pkts_acked,
2970 /* CWR is to be held something *above* high_seq 2938 /* CWR is to be held something *above* high_seq
2971 * is ACKed for CWR bit to reach receiver. */ 2939 * is ACKed for CWR bit to reach receiver. */
2972 if (tp->snd_una != tp->high_seq) { 2940 if (tp->snd_una != tp->high_seq) {
2973 tcp_complete_cwr(sk); 2941 tcp_end_cwnd_reduction(sk);
2974 tcp_set_ca_state(sk, TCP_CA_Open); 2942 tcp_set_ca_state(sk, TCP_CA_Open);
2975 } 2943 }
2976 break; 2944 break;
@@ -2980,7 +2948,7 @@ static void tcp_fastretrans_alert(struct sock *sk, int pkts_acked,
2980 tcp_reset_reno_sack(tp); 2948 tcp_reset_reno_sack(tp);
2981 if (tcp_try_undo_recovery(sk)) 2949 if (tcp_try_undo_recovery(sk))
2982 return; 2950 return;
2983 tcp_complete_cwr(sk); 2951 tcp_end_cwnd_reduction(sk);
2984 break; 2952 break;
2985 } 2953 }
2986 } 2954 }
@@ -3021,7 +2989,7 @@ static void tcp_fastretrans_alert(struct sock *sk, int pkts_acked,
3021 tcp_try_undo_dsack(sk); 2989 tcp_try_undo_dsack(sk);
3022 2990
3023 if (!tcp_time_to_recover(sk, flag)) { 2991 if (!tcp_time_to_recover(sk, flag)) {
3024 tcp_try_to_open(sk, flag); 2992 tcp_try_to_open(sk, flag, newly_acked_sacked);
3025 return; 2993 return;
3026 } 2994 }
3027 2995
@@ -3043,8 +3011,7 @@ static void tcp_fastretrans_alert(struct sock *sk, int pkts_acked,
3043 3011
3044 if (do_lost || (tcp_is_fack(tp) && tcp_head_timedout(sk))) 3012 if (do_lost || (tcp_is_fack(tp) && tcp_head_timedout(sk)))
3045 tcp_update_scoreboard(sk, fast_rexmit); 3013 tcp_update_scoreboard(sk, fast_rexmit);
3046 tp->prr_delivered += newly_acked_sacked; 3014 tcp_cwnd_reduction(sk, newly_acked_sacked, fast_rexmit);
3047 tcp_update_cwnd_in_recovery(sk, newly_acked_sacked, fast_rexmit, flag);
3048 tcp_xmit_retransmit_queue(sk); 3015 tcp_xmit_retransmit_queue(sk);
3049} 3016}
3050 3017
@@ -3123,6 +3090,12 @@ void tcp_rearm_rto(struct sock *sk)
3123{ 3090{
3124 struct tcp_sock *tp = tcp_sk(sk); 3091 struct tcp_sock *tp = tcp_sk(sk);
3125 3092
3093 /* If the retrans timer is currently being used by Fast Open
3094 * for SYN-ACK retrans purpose, stay put.
3095 */
3096 if (tp->fastopen_rsk)
3097 return;
3098
3126 if (!tp->packets_out) { 3099 if (!tp->packets_out) {
3127 inet_csk_clear_xmit_timer(sk, ICSK_TIME_RETRANS); 3100 inet_csk_clear_xmit_timer(sk, ICSK_TIME_RETRANS);
3128 } else { 3101 } else {
@@ -3384,7 +3357,7 @@ static inline bool tcp_may_raise_cwnd(const struct sock *sk, const int flag)
3384{ 3357{
3385 const struct tcp_sock *tp = tcp_sk(sk); 3358 const struct tcp_sock *tp = tcp_sk(sk);
3386 return (!(flag & FLAG_ECE) || tp->snd_cwnd < tp->snd_ssthresh) && 3359 return (!(flag & FLAG_ECE) || tp->snd_cwnd < tp->snd_ssthresh) &&
3387 !((1 << inet_csk(sk)->icsk_ca_state) & (TCPF_CA_Recovery | TCPF_CA_CWR)); 3360 !tcp_in_cwnd_reduction(sk);
3388} 3361}
3389 3362
3390/* Check that window update is acceptable. 3363/* Check that window update is acceptable.
@@ -3452,9 +3425,9 @@ static void tcp_conservative_spur_to_response(struct tcp_sock *tp)
3452} 3425}
3453 3426
3454/* A conservative spurious RTO response algorithm: reduce cwnd using 3427/* A conservative spurious RTO response algorithm: reduce cwnd using
3455 * rate halving and continue in congestion avoidance. 3428 * PRR and continue in congestion avoidance.
3456 */ 3429 */
3457static void tcp_ratehalving_spur_to_response(struct sock *sk) 3430static void tcp_cwr_spur_to_response(struct sock *sk)
3458{ 3431{
3459 tcp_enter_cwr(sk, 0); 3432 tcp_enter_cwr(sk, 0);
3460} 3433}
@@ -3462,7 +3435,7 @@ static void tcp_ratehalving_spur_to_response(struct sock *sk)
3462static void tcp_undo_spur_to_response(struct sock *sk, int flag) 3435static void tcp_undo_spur_to_response(struct sock *sk, int flag)
3463{ 3436{
3464 if (flag & FLAG_ECE) 3437 if (flag & FLAG_ECE)
3465 tcp_ratehalving_spur_to_response(sk); 3438 tcp_cwr_spur_to_response(sk);
3466 else 3439 else
3467 tcp_undo_cwr(sk, true); 3440 tcp_undo_cwr(sk, true);
3468} 3441}
@@ -3569,7 +3542,7 @@ static bool tcp_process_frto(struct sock *sk, int flag)
3569 tcp_conservative_spur_to_response(tp); 3542 tcp_conservative_spur_to_response(tp);
3570 break; 3543 break;
3571 default: 3544 default:
3572 tcp_ratehalving_spur_to_response(sk); 3545 tcp_cwr_spur_to_response(sk);
3573 break; 3546 break;
3574 } 3547 }
3575 tp->frto_counter = 0; 3548 tp->frto_counter = 0;
@@ -4034,7 +4007,7 @@ static inline bool tcp_sequence(const struct tcp_sock *tp, u32 seq, u32 end_seq)
4034} 4007}
4035 4008
4036/* When we get a reset we do this. */ 4009/* When we get a reset we do this. */
4037static void tcp_reset(struct sock *sk) 4010void tcp_reset(struct sock *sk)
4038{ 4011{
4039 /* We want the right error as BSD sees it (and indeed as we do). */ 4012 /* We want the right error as BSD sees it (and indeed as we do). */
4040 switch (sk->sk_state) { 4013 switch (sk->sk_state) {
@@ -5740,7 +5713,7 @@ static int tcp_rcv_synsent_state_process(struct sock *sk, struct sk_buff *skb,
5740 5713
5741 TCP_ECN_rcv_synack(tp, th); 5714 TCP_ECN_rcv_synack(tp, th);
5742 5715
5743 tp->snd_wl1 = TCP_SKB_CB(skb)->seq; 5716 tcp_init_wl(tp, TCP_SKB_CB(skb)->seq);
5744 tcp_ack(sk, skb, FLAG_SLOWPATH); 5717 tcp_ack(sk, skb, FLAG_SLOWPATH);
5745 5718
5746 /* Ok.. it's good. Set up sequence numbers and 5719 /* Ok.. it's good. Set up sequence numbers and
@@ -5753,7 +5726,6 @@ static int tcp_rcv_synsent_state_process(struct sock *sk, struct sk_buff *skb,
5753 * never scaled. 5726 * never scaled.
5754 */ 5727 */
5755 tp->snd_wnd = ntohs(th->window); 5728 tp->snd_wnd = ntohs(th->window);
5756 tcp_init_wl(tp, TCP_SKB_CB(skb)->seq);
5757 5729
5758 if (!tp->rx_opt.wscale_ok) { 5730 if (!tp->rx_opt.wscale_ok) {
5759 tp->rx_opt.snd_wscale = tp->rx_opt.rcv_wscale = 0; 5731 tp->rx_opt.snd_wscale = tp->rx_opt.rcv_wscale = 0;
@@ -5891,7 +5863,9 @@ discard:
5891 tcp_send_synack(sk); 5863 tcp_send_synack(sk);
5892#if 0 5864#if 0
5893 /* Note, we could accept data and URG from this segment. 5865 /* Note, we could accept data and URG from this segment.
5894 * There are no obstacles to make this. 5866 * There are no obstacles to make this (except that we must
5867 * either change tcp_recvmsg() to prevent it from returning data
5868 * before 3WHS completes per RFC793, or employ TCP Fast Open).
5895 * 5869 *
5896 * However, if we ignore data in ACKless segments sometimes, 5870 * However, if we ignore data in ACKless segments sometimes,
5897 * we have no reasons to accept it sometimes. 5871 * we have no reasons to accept it sometimes.
@@ -5931,6 +5905,7 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb,
5931{ 5905{
5932 struct tcp_sock *tp = tcp_sk(sk); 5906 struct tcp_sock *tp = tcp_sk(sk);
5933 struct inet_connection_sock *icsk = inet_csk(sk); 5907 struct inet_connection_sock *icsk = inet_csk(sk);
5908 struct request_sock *req;
5934 int queued = 0; 5909 int queued = 0;
5935 5910
5936 tp->rx_opt.saw_tstamp = 0; 5911 tp->rx_opt.saw_tstamp = 0;
@@ -5986,6 +5961,14 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb,
5986 return 0; 5961 return 0;
5987 } 5962 }
5988 5963
5964 req = tp->fastopen_rsk;
5965 if (req != NULL) {
5966 BUG_ON(sk->sk_state != TCP_SYN_RECV &&
5967 sk->sk_state != TCP_FIN_WAIT1);
5968
5969 if (tcp_check_req(sk, skb, req, NULL, true) == NULL)
5970 goto discard;
5971 }
5989 if (!tcp_validate_incoming(sk, skb, th, 0)) 5972 if (!tcp_validate_incoming(sk, skb, th, 0))
5990 return 0; 5973 return 0;
5991 5974
@@ -5996,7 +5979,25 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb,
5996 switch (sk->sk_state) { 5979 switch (sk->sk_state) {
5997 case TCP_SYN_RECV: 5980 case TCP_SYN_RECV:
5998 if (acceptable) { 5981 if (acceptable) {
5999 tp->copied_seq = tp->rcv_nxt; 5982 /* Once we leave TCP_SYN_RECV, we no longer
5983 * need req so release it.
5984 */
5985 if (req) {
5986 tcp_synack_rtt_meas(sk, req);
5987 tp->total_retrans = req->retrans;
5988
5989 reqsk_fastopen_remove(sk, req, false);
5990 } else {
5991 /* Make sure socket is routed, for
5992 * correct metrics.
5993 */
5994 icsk->icsk_af_ops->rebuild_header(sk);
5995 tcp_init_congestion_control(sk);
5996
5997 tcp_mtup_init(sk);
5998 tcp_init_buffer_space(sk);
5999 tp->copied_seq = tp->rcv_nxt;
6000 }
6000 smp_mb(); 6001 smp_mb();
6001 tcp_set_state(sk, TCP_ESTABLISHED); 6002 tcp_set_state(sk, TCP_ESTABLISHED);
6002 sk->sk_state_change(sk); 6003 sk->sk_state_change(sk);
@@ -6018,23 +6019,27 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb,
6018 if (tp->rx_opt.tstamp_ok) 6019 if (tp->rx_opt.tstamp_ok)
6019 tp->advmss -= TCPOLEN_TSTAMP_ALIGNED; 6020 tp->advmss -= TCPOLEN_TSTAMP_ALIGNED;
6020 6021
6021 /* Make sure socket is routed, for 6022 if (req) {
6022 * correct metrics. 6023 /* Re-arm the timer because data may
6023 */ 6024 * have been sent out. This is similar
6024 icsk->icsk_af_ops->rebuild_header(sk); 6025 * to the regular data transmission case
6025 6026 * when new data has just been ack'ed.
6026 tcp_init_metrics(sk); 6027 *
6027 6028 * (TFO) - we could try to be more
6028 tcp_init_congestion_control(sk); 6029 * aggressive and retranmitting any data
6030 * sooner based on when they were sent
6031 * out.
6032 */
6033 tcp_rearm_rto(sk);
6034 } else
6035 tcp_init_metrics(sk);
6029 6036
6030 /* Prevent spurious tcp_cwnd_restart() on 6037 /* Prevent spurious tcp_cwnd_restart() on
6031 * first data packet. 6038 * first data packet.
6032 */ 6039 */
6033 tp->lsndtime = tcp_time_stamp; 6040 tp->lsndtime = tcp_time_stamp;
6034 6041
6035 tcp_mtup_init(sk);
6036 tcp_initialize_rcv_mss(sk); 6042 tcp_initialize_rcv_mss(sk);
6037 tcp_init_buffer_space(sk);
6038 tcp_fast_path_on(tp); 6043 tcp_fast_path_on(tp);
6039 } else { 6044 } else {
6040 return 1; 6045 return 1;
@@ -6042,6 +6047,16 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb,
6042 break; 6047 break;
6043 6048
6044 case TCP_FIN_WAIT1: 6049 case TCP_FIN_WAIT1:
6050 /* If we enter the TCP_FIN_WAIT1 state and we are a
6051 * Fast Open socket and this is the first acceptable
6052 * ACK we have received, this would have acknowledged
6053 * our SYNACK so stop the SYNACK timer.
6054 */
6055 if (acceptable && req != NULL) {
6056 /* We no longer need the request sock. */
6057 reqsk_fastopen_remove(sk, req, false);
6058 tcp_rearm_rto(sk);
6059 }
6045 if (tp->snd_una == tp->write_seq) { 6060 if (tp->snd_una == tp->write_seq) {
6046 struct dst_entry *dst; 6061 struct dst_entry *dst;
6047 6062
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
index be23a0b7b89e..75735c9a6a9d 100644
--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c
@@ -352,6 +352,7 @@ void tcp_v4_err(struct sk_buff *icmp_skb, u32 info)
352 const int code = icmp_hdr(icmp_skb)->code; 352 const int code = icmp_hdr(icmp_skb)->code;
353 struct sock *sk; 353 struct sock *sk;
354 struct sk_buff *skb; 354 struct sk_buff *skb;
355 struct request_sock *req;
355 __u32 seq; 356 __u32 seq;
356 __u32 remaining; 357 __u32 remaining;
357 int err; 358 int err;
@@ -394,9 +395,12 @@ void tcp_v4_err(struct sk_buff *icmp_skb, u32 info)
394 395
395 icsk = inet_csk(sk); 396 icsk = inet_csk(sk);
396 tp = tcp_sk(sk); 397 tp = tcp_sk(sk);
398 req = tp->fastopen_rsk;
397 seq = ntohl(th->seq); 399 seq = ntohl(th->seq);
398 if (sk->sk_state != TCP_LISTEN && 400 if (sk->sk_state != TCP_LISTEN &&
399 !between(seq, tp->snd_una, tp->snd_nxt)) { 401 !between(seq, tp->snd_una, tp->snd_nxt) &&
402 (req == NULL || seq != tcp_rsk(req)->snt_isn)) {
403 /* For a Fast Open socket, allow seq to be snt_isn. */
400 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS); 404 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
401 goto out; 405 goto out;
402 } 406 }
@@ -435,6 +439,8 @@ void tcp_v4_err(struct sk_buff *icmp_skb, u32 info)
435 !icsk->icsk_backoff) 439 !icsk->icsk_backoff)
436 break; 440 break;
437 441
442 /* XXX (TFO) - revisit the following logic for TFO */
443
438 if (sock_owned_by_user(sk)) 444 if (sock_owned_by_user(sk))
439 break; 445 break;
440 446
@@ -466,6 +472,14 @@ void tcp_v4_err(struct sk_buff *icmp_skb, u32 info)
466 goto out; 472 goto out;
467 } 473 }
468 474
475 /* XXX (TFO) - if it's a TFO socket and has been accepted, rather
476 * than following the TCP_SYN_RECV case and closing the socket,
477 * we ignore the ICMP error and keep trying like a fully established
478 * socket. Is this the right thing to do?
479 */
480 if (req && req->sk == NULL)
481 goto out;
482
469 switch (sk->sk_state) { 483 switch (sk->sk_state) {
470 struct request_sock *req, **prev; 484 struct request_sock *req, **prev;
471 case TCP_LISTEN: 485 case TCP_LISTEN:
@@ -498,7 +512,8 @@ void tcp_v4_err(struct sk_buff *icmp_skb, u32 info)
498 512
499 case TCP_SYN_SENT: 513 case TCP_SYN_SENT:
500 case TCP_SYN_RECV: /* Cannot happen. 514 case TCP_SYN_RECV: /* Cannot happen.
501 It can f.e. if SYNs crossed. 515 It can f.e. if SYNs crossed,
516 or Fast Open.
502 */ 517 */
503 if (!sock_owned_by_user(sk)) { 518 if (!sock_owned_by_user(sk)) {
504 sk->sk_err = err; 519 sk->sk_err = err;
@@ -809,8 +824,12 @@ static void tcp_v4_timewait_ack(struct sock *sk, struct sk_buff *skb)
809static void tcp_v4_reqsk_send_ack(struct sock *sk, struct sk_buff *skb, 824static void tcp_v4_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
810 struct request_sock *req) 825 struct request_sock *req)
811{ 826{
812 tcp_v4_send_ack(skb, tcp_rsk(req)->snt_isn + 1, 827 /* sk->sk_state == TCP_LISTEN -> for regular TCP_SYN_RECV
813 tcp_rsk(req)->rcv_isn + 1, req->rcv_wnd, 828 * sk->sk_state == TCP_SYN_RECV -> for Fast Open.
829 */
830 tcp_v4_send_ack(skb, (sk->sk_state == TCP_LISTEN) ?
831 tcp_rsk(req)->snt_isn + 1 : tcp_sk(sk)->snd_nxt,
832 tcp_rsk(req)->rcv_nxt, req->rcv_wnd,
814 req->ts_recent, 833 req->ts_recent,
815 0, 834 0,
816 tcp_md5_do_lookup(sk, (union tcp_md5_addr *)&ip_hdr(skb)->daddr, 835 tcp_md5_do_lookup(sk, (union tcp_md5_addr *)&ip_hdr(skb)->daddr,
@@ -839,7 +858,7 @@ static int tcp_v4_send_synack(struct sock *sk, struct dst_entry *dst,
839 if (!dst && (dst = inet_csk_route_req(sk, &fl4, req)) == NULL) 858 if (!dst && (dst = inet_csk_route_req(sk, &fl4, req)) == NULL)
840 return -1; 859 return -1;
841 860
842 skb = tcp_make_synack(sk, dst, req, rvp); 861 skb = tcp_make_synack(sk, dst, req, rvp, NULL);
843 862
844 if (skb) { 863 if (skb) {
845 __tcp_v4_send_check(skb, ireq->loc_addr, ireq->rmt_addr); 864 __tcp_v4_send_check(skb, ireq->loc_addr, ireq->rmt_addr);
@@ -849,6 +868,8 @@ static int tcp_v4_send_synack(struct sock *sk, struct dst_entry *dst,
849 ireq->rmt_addr, 868 ireq->rmt_addr,
850 ireq->opt); 869 ireq->opt);
851 err = net_xmit_eval(err); 870 err = net_xmit_eval(err);
871 if (!tcp_rsk(req)->snt_synack && !err)
872 tcp_rsk(req)->snt_synack = tcp_time_stamp;
852 } 873 }
853 874
854 return err; 875 return err;
@@ -904,8 +925,7 @@ EXPORT_SYMBOL(tcp_syn_flood_action);
904/* 925/*
905 * Save and compile IPv4 options into the request_sock if needed. 926 * Save and compile IPv4 options into the request_sock if needed.
906 */ 927 */
907static struct ip_options_rcu *tcp_v4_save_options(struct sock *sk, 928static struct ip_options_rcu *tcp_v4_save_options(struct sk_buff *skb)
908 struct sk_buff *skb)
909{ 929{
910 const struct ip_options *opt = &(IPCB(skb)->opt); 930 const struct ip_options *opt = &(IPCB(skb)->opt);
911 struct ip_options_rcu *dopt = NULL; 931 struct ip_options_rcu *dopt = NULL;
@@ -1272,6 +1292,182 @@ static const struct tcp_request_sock_ops tcp_request_sock_ipv4_ops = {
1272}; 1292};
1273#endif 1293#endif
1274 1294
1295static bool tcp_fastopen_check(struct sock *sk, struct sk_buff *skb,
1296 struct request_sock *req,
1297 struct tcp_fastopen_cookie *foc,
1298 struct tcp_fastopen_cookie *valid_foc)
1299{
1300 bool skip_cookie = false;
1301 struct fastopen_queue *fastopenq;
1302
1303 if (likely(!fastopen_cookie_present(foc))) {
1304 /* See include/net/tcp.h for the meaning of these knobs */
1305 if ((sysctl_tcp_fastopen & TFO_SERVER_ALWAYS) ||
1306 ((sysctl_tcp_fastopen & TFO_SERVER_COOKIE_NOT_REQD) &&
1307 (TCP_SKB_CB(skb)->end_seq != TCP_SKB_CB(skb)->seq + 1)))
1308 skip_cookie = true; /* no cookie to validate */
1309 else
1310 return false;
1311 }
1312 fastopenq = inet_csk(sk)->icsk_accept_queue.fastopenq;
1313 /* A FO option is present; bump the counter. */
1314 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPFASTOPENPASSIVE);
1315
1316 /* Make sure the listener has enabled fastopen, and we don't
1317 * exceed the max # of pending TFO requests allowed before trying
1318 * to validating the cookie in order to avoid burning CPU cycles
1319 * unnecessarily.
1320 *
1321 * XXX (TFO) - The implication of checking the max_qlen before
1322 * processing a cookie request is that clients can't differentiate
1323 * between qlen overflow causing Fast Open to be disabled
1324 * temporarily vs a server not supporting Fast Open at all.
1325 */
1326 if ((sysctl_tcp_fastopen & TFO_SERVER_ENABLE) == 0 ||
1327 fastopenq == NULL || fastopenq->max_qlen == 0)
1328 return false;
1329
1330 if (fastopenq->qlen >= fastopenq->max_qlen) {
1331 struct request_sock *req1;
1332 spin_lock(&fastopenq->lock);
1333 req1 = fastopenq->rskq_rst_head;
1334 if ((req1 == NULL) || time_after(req1->expires, jiffies)) {
1335 spin_unlock(&fastopenq->lock);
1336 NET_INC_STATS_BH(sock_net(sk),
1337 LINUX_MIB_TCPFASTOPENLISTENOVERFLOW);
1338 /* Avoid bumping LINUX_MIB_TCPFASTOPENPASSIVEFAIL*/
1339 foc->len = -1;
1340 return false;
1341 }
1342 fastopenq->rskq_rst_head = req1->dl_next;
1343 fastopenq->qlen--;
1344 spin_unlock(&fastopenq->lock);
1345 reqsk_free(req1);
1346 }
1347 if (skip_cookie) {
1348 tcp_rsk(req)->rcv_nxt = TCP_SKB_CB(skb)->end_seq;
1349 return true;
1350 }
1351 if (foc->len == TCP_FASTOPEN_COOKIE_SIZE) {
1352 if ((sysctl_tcp_fastopen & TFO_SERVER_COOKIE_NOT_CHKED) == 0) {
1353 tcp_fastopen_cookie_gen(ip_hdr(skb)->saddr, valid_foc);
1354 if ((valid_foc->len != TCP_FASTOPEN_COOKIE_SIZE) ||
1355 memcmp(&foc->val[0], &valid_foc->val[0],
1356 TCP_FASTOPEN_COOKIE_SIZE) != 0)
1357 return false;
1358 valid_foc->len = -1;
1359 }
1360 /* Acknowledge the data received from the peer. */
1361 tcp_rsk(req)->rcv_nxt = TCP_SKB_CB(skb)->end_seq;
1362 return true;
1363 } else if (foc->len == 0) { /* Client requesting a cookie */
1364 tcp_fastopen_cookie_gen(ip_hdr(skb)->saddr, valid_foc);
1365 NET_INC_STATS_BH(sock_net(sk),
1366 LINUX_MIB_TCPFASTOPENCOOKIEREQD);
1367 } else {
1368 /* Client sent a cookie with wrong size. Treat it
1369 * the same as invalid and return a valid one.
1370 */
1371 tcp_fastopen_cookie_gen(ip_hdr(skb)->saddr, valid_foc);
1372 }
1373 return false;
1374}
1375
1376static int tcp_v4_conn_req_fastopen(struct sock *sk,
1377 struct sk_buff *skb,
1378 struct sk_buff *skb_synack,
1379 struct request_sock *req,
1380 struct request_values *rvp)
1381{
1382 struct tcp_sock *tp = tcp_sk(sk);
1383 struct request_sock_queue *queue = &inet_csk(sk)->icsk_accept_queue;
1384 const struct inet_request_sock *ireq = inet_rsk(req);
1385 struct sock *child;
1386 int err;
1387
1388 req->retrans = 0;
1389 req->sk = NULL;
1390
1391 child = inet_csk(sk)->icsk_af_ops->syn_recv_sock(sk, skb, req, NULL);
1392 if (child == NULL) {
1393 NET_INC_STATS_BH(sock_net(sk),
1394 LINUX_MIB_TCPFASTOPENPASSIVEFAIL);
1395 kfree_skb(skb_synack);
1396 return -1;
1397 }
1398 err = ip_build_and_send_pkt(skb_synack, sk, ireq->loc_addr,
1399 ireq->rmt_addr, ireq->opt);
1400 err = net_xmit_eval(err);
1401 if (!err)
1402 tcp_rsk(req)->snt_synack = tcp_time_stamp;
1403 /* XXX (TFO) - is it ok to ignore error and continue? */
1404
1405 spin_lock(&queue->fastopenq->lock);
1406 queue->fastopenq->qlen++;
1407 spin_unlock(&queue->fastopenq->lock);
1408
1409 /* Initialize the child socket. Have to fix some values to take
1410 * into account the child is a Fast Open socket and is created
1411 * only out of the bits carried in the SYN packet.
1412 */
1413 tp = tcp_sk(child);
1414
1415 tp->fastopen_rsk = req;
1416 /* Do a hold on the listner sk so that if the listener is being
1417 * closed, the child that has been accepted can live on and still
1418 * access listen_lock.
1419 */
1420 sock_hold(sk);
1421 tcp_rsk(req)->listener = sk;
1422
1423 /* RFC1323: The window in SYN & SYN/ACK segments is never
1424 * scaled. So correct it appropriately.
1425 */
1426 tp->snd_wnd = ntohs(tcp_hdr(skb)->window);
1427
1428 /* Activate the retrans timer so that SYNACK can be retransmitted.
1429 * The request socket is not added to the SYN table of the parent
1430 * because it's been added to the accept queue directly.
1431 */
1432 inet_csk_reset_xmit_timer(child, ICSK_TIME_RETRANS,
1433 TCP_TIMEOUT_INIT, TCP_RTO_MAX);
1434
1435 /* Add the child socket directly into the accept queue */
1436 inet_csk_reqsk_queue_add(sk, req, child);
1437
1438 /* Now finish processing the fastopen child socket. */
1439 inet_csk(child)->icsk_af_ops->rebuild_header(child);
1440 tcp_init_congestion_control(child);
1441 tcp_mtup_init(child);
1442 tcp_init_buffer_space(child);
1443 tcp_init_metrics(child);
1444
1445 /* Queue the data carried in the SYN packet. We need to first
1446 * bump skb's refcnt because the caller will attempt to free it.
1447 *
1448 * XXX (TFO) - we honor a zero-payload TFO request for now.
1449 * (Any reason not to?)
1450 */
1451 if (TCP_SKB_CB(skb)->end_seq == TCP_SKB_CB(skb)->seq + 1) {
1452 /* Don't queue the skb if there is no payload in SYN.
1453 * XXX (TFO) - How about SYN+FIN?
1454 */
1455 tp->rcv_nxt = TCP_SKB_CB(skb)->end_seq;
1456 } else {
1457 skb = skb_get(skb);
1458 skb_dst_drop(skb);
1459 __skb_pull(skb, tcp_hdr(skb)->doff * 4);
1460 skb_set_owner_r(skb, child);
1461 __skb_queue_tail(&child->sk_receive_queue, skb);
1462 tp->rcv_nxt = TCP_SKB_CB(skb)->end_seq;
1463 }
1464 sk->sk_data_ready(sk, 0);
1465 bh_unlock_sock(child);
1466 sock_put(child);
1467 WARN_ON(req->sk == NULL);
1468 return 0;
1469}
1470
1275int tcp_v4_conn_request(struct sock *sk, struct sk_buff *skb) 1471int tcp_v4_conn_request(struct sock *sk, struct sk_buff *skb)
1276{ 1472{
1277 struct tcp_extend_values tmp_ext; 1473 struct tcp_extend_values tmp_ext;
@@ -1285,6 +1481,11 @@ int tcp_v4_conn_request(struct sock *sk, struct sk_buff *skb)
1285 __be32 daddr = ip_hdr(skb)->daddr; 1481 __be32 daddr = ip_hdr(skb)->daddr;
1286 __u32 isn = TCP_SKB_CB(skb)->when; 1482 __u32 isn = TCP_SKB_CB(skb)->when;
1287 bool want_cookie = false; 1483 bool want_cookie = false;
1484 struct flowi4 fl4;
1485 struct tcp_fastopen_cookie foc = { .len = -1 };
1486 struct tcp_fastopen_cookie valid_foc = { .len = -1 };
1487 struct sk_buff *skb_synack;
1488 int do_fastopen;
1288 1489
1289 /* Never answer to SYNs send to broadcast or multicast */ 1490 /* Never answer to SYNs send to broadcast or multicast */
1290 if (skb_rtable(skb)->rt_flags & (RTCF_BROADCAST | RTCF_MULTICAST)) 1491 if (skb_rtable(skb)->rt_flags & (RTCF_BROADCAST | RTCF_MULTICAST))
@@ -1319,7 +1520,8 @@ int tcp_v4_conn_request(struct sock *sk, struct sk_buff *skb)
1319 tcp_clear_options(&tmp_opt); 1520 tcp_clear_options(&tmp_opt);
1320 tmp_opt.mss_clamp = TCP_MSS_DEFAULT; 1521 tmp_opt.mss_clamp = TCP_MSS_DEFAULT;
1321 tmp_opt.user_mss = tp->rx_opt.user_mss; 1522 tmp_opt.user_mss = tp->rx_opt.user_mss;
1322 tcp_parse_options(skb, &tmp_opt, &hash_location, 0, NULL); 1523 tcp_parse_options(skb, &tmp_opt, &hash_location, 0,
1524 want_cookie ? NULL : &foc);
1323 1525
1324 if (tmp_opt.cookie_plus > 0 && 1526 if (tmp_opt.cookie_plus > 0 &&
1325 tmp_opt.saw_tstamp && 1527 tmp_opt.saw_tstamp &&
@@ -1365,7 +1567,7 @@ int tcp_v4_conn_request(struct sock *sk, struct sk_buff *skb)
1365 ireq->loc_addr = daddr; 1567 ireq->loc_addr = daddr;
1366 ireq->rmt_addr = saddr; 1568 ireq->rmt_addr = saddr;
1367 ireq->no_srccheck = inet_sk(sk)->transparent; 1569 ireq->no_srccheck = inet_sk(sk)->transparent;
1368 ireq->opt = tcp_v4_save_options(sk, skb); 1570 ireq->opt = tcp_v4_save_options(skb);
1369 1571
1370 if (security_inet_conn_request(sk, skb, req)) 1572 if (security_inet_conn_request(sk, skb, req))
1371 goto drop_and_free; 1573 goto drop_and_free;
@@ -1377,8 +1579,6 @@ int tcp_v4_conn_request(struct sock *sk, struct sk_buff *skb)
1377 isn = cookie_v4_init_sequence(sk, skb, &req->mss); 1579 isn = cookie_v4_init_sequence(sk, skb, &req->mss);
1378 req->cookie_ts = tmp_opt.tstamp_ok; 1580 req->cookie_ts = tmp_opt.tstamp_ok;
1379 } else if (!isn) { 1581 } else if (!isn) {
1380 struct flowi4 fl4;
1381
1382 /* VJ's idea. We save last timestamp seen 1582 /* VJ's idea. We save last timestamp seen
1383 * from the destination in peer table, when entering 1583 * from the destination in peer table, when entering
1384 * state TIME-WAIT, and check against it before 1584 * state TIME-WAIT, and check against it before
@@ -1417,16 +1617,54 @@ int tcp_v4_conn_request(struct sock *sk, struct sk_buff *skb)
1417 isn = tcp_v4_init_sequence(skb); 1617 isn = tcp_v4_init_sequence(skb);
1418 } 1618 }
1419 tcp_rsk(req)->snt_isn = isn; 1619 tcp_rsk(req)->snt_isn = isn;
1420 tcp_rsk(req)->snt_synack = tcp_time_stamp;
1421 1620
1422 if (tcp_v4_send_synack(sk, dst, req, 1621 if (dst == NULL) {
1423 (struct request_values *)&tmp_ext, 1622 dst = inet_csk_route_req(sk, &fl4, req);
1424 skb_get_queue_mapping(skb), 1623 if (dst == NULL)
1425 want_cookie) || 1624 goto drop_and_free;
1426 want_cookie) 1625 }
1626 do_fastopen = tcp_fastopen_check(sk, skb, req, &foc, &valid_foc);
1627
1628 /* We don't call tcp_v4_send_synack() directly because we need
1629 * to make sure a child socket can be created successfully before
1630 * sending back synack!
1631 *
1632 * XXX (TFO) - Ideally one would simply call tcp_v4_send_synack()
1633 * (or better yet, call tcp_send_synack() in the child context
1634 * directly, but will have to fix bunch of other code first)
1635 * after syn_recv_sock() except one will need to first fix the
1636 * latter to remove its dependency on the current implementation
1637 * of tcp_v4_send_synack()->tcp_select_initial_window().
1638 */
1639 skb_synack = tcp_make_synack(sk, dst, req,
1640 (struct request_values *)&tmp_ext,
1641 fastopen_cookie_present(&valid_foc) ? &valid_foc : NULL);
1642
1643 if (skb_synack) {
1644 __tcp_v4_send_check(skb_synack, ireq->loc_addr, ireq->rmt_addr);
1645 skb_set_queue_mapping(skb_synack, skb_get_queue_mapping(skb));
1646 } else
1647 goto drop_and_free;
1648
1649 if (likely(!do_fastopen)) {
1650 int err;
1651 err = ip_build_and_send_pkt(skb_synack, sk, ireq->loc_addr,
1652 ireq->rmt_addr, ireq->opt);
1653 err = net_xmit_eval(err);
1654 if (err || want_cookie)
1655 goto drop_and_free;
1656
1657 tcp_rsk(req)->snt_synack = tcp_time_stamp;
1658 tcp_rsk(req)->listener = NULL;
1659 /* Add the request_sock to the SYN table */
1660 inet_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT);
1661 if (fastopen_cookie_present(&foc) && foc.len != 0)
1662 NET_INC_STATS_BH(sock_net(sk),
1663 LINUX_MIB_TCPFASTOPENPASSIVEFAIL);
1664 } else if (tcp_v4_conn_req_fastopen(sk, skb, skb_synack, req,
1665 (struct request_values *)&tmp_ext))
1427 goto drop_and_free; 1666 goto drop_and_free;
1428 1667
1429 inet_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT);
1430 return 0; 1668 return 0;
1431 1669
1432drop_and_release: 1670drop_and_release:
@@ -1500,9 +1738,7 @@ struct sock *tcp_v4_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
1500 newtp->advmss = tcp_sk(sk)->rx_opt.user_mss; 1738 newtp->advmss = tcp_sk(sk)->rx_opt.user_mss;
1501 1739
1502 tcp_initialize_rcv_mss(newsk); 1740 tcp_initialize_rcv_mss(newsk);
1503 if (tcp_rsk(req)->snt_synack) 1741 tcp_synack_rtt_meas(newsk, req);
1504 tcp_valid_rtt_meas(newsk,
1505 tcp_time_stamp - tcp_rsk(req)->snt_synack);
1506 newtp->total_retrans = req->retrans; 1742 newtp->total_retrans = req->retrans;
1507 1743
1508#ifdef CONFIG_TCP_MD5SIG 1744#ifdef CONFIG_TCP_MD5SIG
@@ -1554,7 +1790,7 @@ static struct sock *tcp_v4_hnd_req(struct sock *sk, struct sk_buff *skb)
1554 struct request_sock *req = inet_csk_search_req(sk, &prev, th->source, 1790 struct request_sock *req = inet_csk_search_req(sk, &prev, th->source,
1555 iph->saddr, iph->daddr); 1791 iph->saddr, iph->daddr);
1556 if (req) 1792 if (req)
1557 return tcp_check_req(sk, skb, req, prev); 1793 return tcp_check_req(sk, skb, req, prev, false);
1558 1794
1559 nsk = inet_lookup_established(sock_net(sk), &tcp_hashinfo, iph->saddr, 1795 nsk = inet_lookup_established(sock_net(sk), &tcp_hashinfo, iph->saddr,
1560 th->source, iph->daddr, th->dest, inet_iif(skb)); 1796 th->source, iph->daddr, th->dest, inet_iif(skb));
@@ -1963,20 +2199,13 @@ void tcp_v4_destroy_sock(struct sock *sk)
1963 if (inet_csk(sk)->icsk_bind_hash) 2199 if (inet_csk(sk)->icsk_bind_hash)
1964 inet_put_port(sk); 2200 inet_put_port(sk);
1965 2201
1966 /*
1967 * If sendmsg cached page exists, toss it.
1968 */
1969 if (sk->sk_sndmsg_page) {
1970 __free_page(sk->sk_sndmsg_page);
1971 sk->sk_sndmsg_page = NULL;
1972 }
1973
1974 /* TCP Cookie Transactions */ 2202 /* TCP Cookie Transactions */
1975 if (tp->cookie_values != NULL) { 2203 if (tp->cookie_values != NULL) {
1976 kref_put(&tp->cookie_values->kref, 2204 kref_put(&tp->cookie_values->kref,
1977 tcp_cookie_values_release); 2205 tcp_cookie_values_release);
1978 tp->cookie_values = NULL; 2206 tp->cookie_values = NULL;
1979 } 2207 }
2208 BUG_ON(tp->fastopen_rsk != NULL);
1980 2209
1981 /* If socket is aborted during connect operation */ 2210 /* If socket is aborted during connect operation */
1982 tcp_free_fastopen_req(tp); 2211 tcp_free_fastopen_req(tp);
@@ -2396,7 +2625,7 @@ static void get_openreq4(const struct sock *sk, const struct request_sock *req,
2396 struct seq_file *f, int i, kuid_t uid, int *len) 2625 struct seq_file *f, int i, kuid_t uid, int *len)
2397{ 2626{
2398 const struct inet_request_sock *ireq = inet_rsk(req); 2627 const struct inet_request_sock *ireq = inet_rsk(req);
2399 int ttd = req->expires - jiffies; 2628 long delta = req->expires - jiffies;
2400 2629
2401 seq_printf(f, "%4d: %08X:%04X %08X:%04X" 2630 seq_printf(f, "%4d: %08X:%04X %08X:%04X"
2402 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %u %d %pK%n", 2631 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %u %d %pK%n",
@@ -2408,7 +2637,7 @@ static void get_openreq4(const struct sock *sk, const struct request_sock *req,
2408 TCP_SYN_RECV, 2637 TCP_SYN_RECV,
2409 0, 0, /* could print option size, but that is af dependent. */ 2638 0, 0, /* could print option size, but that is af dependent. */
2410 1, /* timers active (only the expire timer) */ 2639 1, /* timers active (only the expire timer) */
2411 jiffies_to_clock_t(ttd), 2640 jiffies_delta_to_clock_t(delta),
2412 req->retrans, 2641 req->retrans,
2413 from_kuid_munged(seq_user_ns(f), uid), 2642 from_kuid_munged(seq_user_ns(f), uid),
2414 0, /* non standard timer */ 2643 0, /* non standard timer */
@@ -2425,6 +2654,7 @@ static void get_tcp4_sock(struct sock *sk, struct seq_file *f, int i, int *len)
2425 const struct tcp_sock *tp = tcp_sk(sk); 2654 const struct tcp_sock *tp = tcp_sk(sk);
2426 const struct inet_connection_sock *icsk = inet_csk(sk); 2655 const struct inet_connection_sock *icsk = inet_csk(sk);
2427 const struct inet_sock *inet = inet_sk(sk); 2656 const struct inet_sock *inet = inet_sk(sk);
2657 struct fastopen_queue *fastopenq = icsk->icsk_accept_queue.fastopenq;
2428 __be32 dest = inet->inet_daddr; 2658 __be32 dest = inet->inet_daddr;
2429 __be32 src = inet->inet_rcv_saddr; 2659 __be32 src = inet->inet_rcv_saddr;
2430 __u16 destp = ntohs(inet->inet_dport); 2660 __u16 destp = ntohs(inet->inet_dport);
@@ -2459,7 +2689,7 @@ static void get_tcp4_sock(struct sock *sk, struct seq_file *f, int i, int *len)
2459 tp->write_seq - tp->snd_una, 2689 tp->write_seq - tp->snd_una,
2460 rx_queue, 2690 rx_queue,
2461 timer_active, 2691 timer_active,
2462 jiffies_to_clock_t(timer_expires - jiffies), 2692 jiffies_delta_to_clock_t(timer_expires - jiffies),
2463 icsk->icsk_retransmits, 2693 icsk->icsk_retransmits,
2464 from_kuid_munged(seq_user_ns(f), sock_i_uid(sk)), 2694 from_kuid_munged(seq_user_ns(f), sock_i_uid(sk)),
2465 icsk->icsk_probes_out, 2695 icsk->icsk_probes_out,
@@ -2469,7 +2699,9 @@ static void get_tcp4_sock(struct sock *sk, struct seq_file *f, int i, int *len)
2469 jiffies_to_clock_t(icsk->icsk_ack.ato), 2699 jiffies_to_clock_t(icsk->icsk_ack.ato),
2470 (icsk->icsk_ack.quick << 1) | icsk->icsk_ack.pingpong, 2700 (icsk->icsk_ack.quick << 1) | icsk->icsk_ack.pingpong,
2471 tp->snd_cwnd, 2701 tp->snd_cwnd,
2472 tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh, 2702 sk->sk_state == TCP_LISTEN ?
2703 (fastopenq ? fastopenq->max_qlen : 0) :
2704 (tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh),
2473 len); 2705 len);
2474} 2706}
2475 2707
@@ -2478,10 +2710,7 @@ static void get_timewait4_sock(const struct inet_timewait_sock *tw,
2478{ 2710{
2479 __be32 dest, src; 2711 __be32 dest, src;
2480 __u16 destp, srcp; 2712 __u16 destp, srcp;
2481 int ttd = tw->tw_ttd - jiffies; 2713 long delta = tw->tw_ttd - jiffies;
2482
2483 if (ttd < 0)
2484 ttd = 0;
2485 2714
2486 dest = tw->tw_daddr; 2715 dest = tw->tw_daddr;
2487 src = tw->tw_rcv_saddr; 2716 src = tw->tw_rcv_saddr;
@@ -2491,7 +2720,7 @@ static void get_timewait4_sock(const struct inet_timewait_sock *tw,
2491 seq_printf(f, "%4d: %08X:%04X %08X:%04X" 2720 seq_printf(f, "%4d: %08X:%04X %08X:%04X"
2492 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK%n", 2721 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK%n",
2493 i, src, srcp, dest, destp, tw->tw_substate, 0, 0, 2722 i, src, srcp, dest, destp, tw->tw_substate, 0, 0,
2494 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0, 2723 3, jiffies_delta_to_clock_t(delta), 0, 0, 0, 0,
2495 atomic_read(&tw->tw_refcnt), tw, len); 2724 atomic_read(&tw->tw_refcnt), tw, len);
2496} 2725}
2497 2726
@@ -2574,6 +2803,8 @@ void tcp4_proc_exit(void)
2574struct sk_buff **tcp4_gro_receive(struct sk_buff **head, struct sk_buff *skb) 2803struct sk_buff **tcp4_gro_receive(struct sk_buff **head, struct sk_buff *skb)
2575{ 2804{
2576 const struct iphdr *iph = skb_gro_network_header(skb); 2805 const struct iphdr *iph = skb_gro_network_header(skb);
2806 __wsum wsum;
2807 __sum16 sum;
2577 2808
2578 switch (skb->ip_summed) { 2809 switch (skb->ip_summed) {
2579 case CHECKSUM_COMPLETE: 2810 case CHECKSUM_COMPLETE:
@@ -2582,11 +2813,22 @@ struct sk_buff **tcp4_gro_receive(struct sk_buff **head, struct sk_buff *skb)
2582 skb->ip_summed = CHECKSUM_UNNECESSARY; 2813 skb->ip_summed = CHECKSUM_UNNECESSARY;
2583 break; 2814 break;
2584 } 2815 }
2585 2816flush:
2586 /* fall through */
2587 case CHECKSUM_NONE:
2588 NAPI_GRO_CB(skb)->flush = 1; 2817 NAPI_GRO_CB(skb)->flush = 1;
2589 return NULL; 2818 return NULL;
2819
2820 case CHECKSUM_NONE:
2821 wsum = csum_tcpudp_nofold(iph->saddr, iph->daddr,
2822 skb_gro_len(skb), IPPROTO_TCP, 0);
2823 sum = csum_fold(skb_checksum(skb,
2824 skb_gro_offset(skb),
2825 skb_gro_len(skb),
2826 wsum));
2827 if (sum)
2828 goto flush;
2829
2830 skb->ip_summed = CHECKSUM_UNNECESSARY;
2831 break;
2590 } 2832 }
2591 2833
2592 return tcp_gro_receive(head, skb); 2834 return tcp_gro_receive(head, skb);
diff --git a/net/ipv4/tcp_metrics.c b/net/ipv4/tcp_metrics.c
index 0abe67bb4d3a..4c752a6e0bcd 100644
--- a/net/ipv4/tcp_metrics.c
+++ b/net/ipv4/tcp_metrics.c
@@ -8,6 +8,7 @@
8#include <linux/init.h> 8#include <linux/init.h>
9#include <linux/tcp.h> 9#include <linux/tcp.h>
10#include <linux/hash.h> 10#include <linux/hash.h>
11#include <linux/tcp_metrics.h>
11 12
12#include <net/inet_connection_sock.h> 13#include <net/inet_connection_sock.h>
13#include <net/net_namespace.h> 14#include <net/net_namespace.h>
@@ -17,20 +18,10 @@
17#include <net/ipv6.h> 18#include <net/ipv6.h>
18#include <net/dst.h> 19#include <net/dst.h>
19#include <net/tcp.h> 20#include <net/tcp.h>
21#include <net/genetlink.h>
20 22
21int sysctl_tcp_nometrics_save __read_mostly; 23int sysctl_tcp_nometrics_save __read_mostly;
22 24
23enum tcp_metric_index {
24 TCP_METRIC_RTT,
25 TCP_METRIC_RTTVAR,
26 TCP_METRIC_SSTHRESH,
27 TCP_METRIC_CWND,
28 TCP_METRIC_REORDERING,
29
30 /* Always last. */
31 TCP_METRIC_MAX,
32};
33
34struct tcp_fastopen_metrics { 25struct tcp_fastopen_metrics {
35 u16 mss; 26 u16 mss;
36 u16 syn_loss:10; /* Recurring Fast Open SYN losses */ 27 u16 syn_loss:10; /* Recurring Fast Open SYN losses */
@@ -45,8 +36,10 @@ struct tcp_metrics_block {
45 u32 tcpm_ts; 36 u32 tcpm_ts;
46 u32 tcpm_ts_stamp; 37 u32 tcpm_ts_stamp;
47 u32 tcpm_lock; 38 u32 tcpm_lock;
48 u32 tcpm_vals[TCP_METRIC_MAX]; 39 u32 tcpm_vals[TCP_METRIC_MAX + 1];
49 struct tcp_fastopen_metrics tcpm_fastopen; 40 struct tcp_fastopen_metrics tcpm_fastopen;
41
42 struct rcu_head rcu_head;
50}; 43};
51 44
52static bool tcp_metric_locked(struct tcp_metrics_block *tm, 45static bool tcp_metric_locked(struct tcp_metrics_block *tm,
@@ -690,6 +683,325 @@ void tcp_fastopen_cache_set(struct sock *sk, u16 mss,
690 rcu_read_unlock(); 683 rcu_read_unlock();
691} 684}
692 685
686static struct genl_family tcp_metrics_nl_family = {
687 .id = GENL_ID_GENERATE,
688 .hdrsize = 0,
689 .name = TCP_METRICS_GENL_NAME,
690 .version = TCP_METRICS_GENL_VERSION,
691 .maxattr = TCP_METRICS_ATTR_MAX,
692 .netnsok = true,
693};
694
695static struct nla_policy tcp_metrics_nl_policy[TCP_METRICS_ATTR_MAX + 1] = {
696 [TCP_METRICS_ATTR_ADDR_IPV4] = { .type = NLA_U32, },
697 [TCP_METRICS_ATTR_ADDR_IPV6] = { .type = NLA_BINARY,
698 .len = sizeof(struct in6_addr), },
699 /* Following attributes are not received for GET/DEL,
700 * we keep them for reference
701 */
702#if 0
703 [TCP_METRICS_ATTR_AGE] = { .type = NLA_MSECS, },
704 [TCP_METRICS_ATTR_TW_TSVAL] = { .type = NLA_U32, },
705 [TCP_METRICS_ATTR_TW_TS_STAMP] = { .type = NLA_S32, },
706 [TCP_METRICS_ATTR_VALS] = { .type = NLA_NESTED, },
707 [TCP_METRICS_ATTR_FOPEN_MSS] = { .type = NLA_U16, },
708 [TCP_METRICS_ATTR_FOPEN_SYN_DROPS] = { .type = NLA_U16, },
709 [TCP_METRICS_ATTR_FOPEN_SYN_DROP_TS] = { .type = NLA_MSECS, },
710 [TCP_METRICS_ATTR_FOPEN_COOKIE] = { .type = NLA_BINARY,
711 .len = TCP_FASTOPEN_COOKIE_MAX, },
712#endif
713};
714
715/* Add attributes, caller cancels its header on failure */
716static int tcp_metrics_fill_info(struct sk_buff *msg,
717 struct tcp_metrics_block *tm)
718{
719 struct nlattr *nest;
720 int i;
721
722 switch (tm->tcpm_addr.family) {
723 case AF_INET:
724 if (nla_put_be32(msg, TCP_METRICS_ATTR_ADDR_IPV4,
725 tm->tcpm_addr.addr.a4) < 0)
726 goto nla_put_failure;
727 break;
728 case AF_INET6:
729 if (nla_put(msg, TCP_METRICS_ATTR_ADDR_IPV6, 16,
730 tm->tcpm_addr.addr.a6) < 0)
731 goto nla_put_failure;
732 break;
733 default:
734 return -EAFNOSUPPORT;
735 }
736
737 if (nla_put_msecs(msg, TCP_METRICS_ATTR_AGE,
738 jiffies - tm->tcpm_stamp) < 0)
739 goto nla_put_failure;
740 if (tm->tcpm_ts_stamp) {
741 if (nla_put_s32(msg, TCP_METRICS_ATTR_TW_TS_STAMP,
742 (s32) (get_seconds() - tm->tcpm_ts_stamp)) < 0)
743 goto nla_put_failure;
744 if (nla_put_u32(msg, TCP_METRICS_ATTR_TW_TSVAL,
745 tm->tcpm_ts) < 0)
746 goto nla_put_failure;
747 }
748
749 {
750 int n = 0;
751
752 nest = nla_nest_start(msg, TCP_METRICS_ATTR_VALS);
753 if (!nest)
754 goto nla_put_failure;
755 for (i = 0; i < TCP_METRIC_MAX + 1; i++) {
756 if (!tm->tcpm_vals[i])
757 continue;
758 if (nla_put_u32(msg, i + 1, tm->tcpm_vals[i]) < 0)
759 goto nla_put_failure;
760 n++;
761 }
762 if (n)
763 nla_nest_end(msg, nest);
764 else
765 nla_nest_cancel(msg, nest);
766 }
767
768 {
769 struct tcp_fastopen_metrics tfom_copy[1], *tfom;
770 unsigned int seq;
771
772 do {
773 seq = read_seqbegin(&fastopen_seqlock);
774 tfom_copy[0] = tm->tcpm_fastopen;
775 } while (read_seqretry(&fastopen_seqlock, seq));
776
777 tfom = tfom_copy;
778 if (tfom->mss &&
779 nla_put_u16(msg, TCP_METRICS_ATTR_FOPEN_MSS,
780 tfom->mss) < 0)
781 goto nla_put_failure;
782 if (tfom->syn_loss &&
783 (nla_put_u16(msg, TCP_METRICS_ATTR_FOPEN_SYN_DROPS,
784 tfom->syn_loss) < 0 ||
785 nla_put_msecs(msg, TCP_METRICS_ATTR_FOPEN_SYN_DROP_TS,
786 jiffies - tfom->last_syn_loss) < 0))
787 goto nla_put_failure;
788 if (tfom->cookie.len > 0 &&
789 nla_put(msg, TCP_METRICS_ATTR_FOPEN_COOKIE,
790 tfom->cookie.len, tfom->cookie.val) < 0)
791 goto nla_put_failure;
792 }
793
794 return 0;
795
796nla_put_failure:
797 return -EMSGSIZE;
798}
799
800static int tcp_metrics_dump_info(struct sk_buff *skb,
801 struct netlink_callback *cb,
802 struct tcp_metrics_block *tm)
803{
804 void *hdr;
805
806 hdr = genlmsg_put(skb, NETLINK_CB(cb->skb).portid, cb->nlh->nlmsg_seq,
807 &tcp_metrics_nl_family, NLM_F_MULTI,
808 TCP_METRICS_CMD_GET);
809 if (!hdr)
810 return -EMSGSIZE;
811
812 if (tcp_metrics_fill_info(skb, tm) < 0)
813 goto nla_put_failure;
814
815 return genlmsg_end(skb, hdr);
816
817nla_put_failure:
818 genlmsg_cancel(skb, hdr);
819 return -EMSGSIZE;
820}
821
822static int tcp_metrics_nl_dump(struct sk_buff *skb,
823 struct netlink_callback *cb)
824{
825 struct net *net = sock_net(skb->sk);
826 unsigned int max_rows = 1U << net->ipv4.tcp_metrics_hash_log;
827 unsigned int row, s_row = cb->args[0];
828 int s_col = cb->args[1], col = s_col;
829
830 for (row = s_row; row < max_rows; row++, s_col = 0) {
831 struct tcp_metrics_block *tm;
832 struct tcpm_hash_bucket *hb = net->ipv4.tcp_metrics_hash + row;
833
834 rcu_read_lock();
835 for (col = 0, tm = rcu_dereference(hb->chain); tm;
836 tm = rcu_dereference(tm->tcpm_next), col++) {
837 if (col < s_col)
838 continue;
839 if (tcp_metrics_dump_info(skb, cb, tm) < 0) {
840 rcu_read_unlock();
841 goto done;
842 }
843 }
844 rcu_read_unlock();
845 }
846
847done:
848 cb->args[0] = row;
849 cb->args[1] = col;
850 return skb->len;
851}
852
853static int parse_nl_addr(struct genl_info *info, struct inetpeer_addr *addr,
854 unsigned int *hash, int optional)
855{
856 struct nlattr *a;
857
858 a = info->attrs[TCP_METRICS_ATTR_ADDR_IPV4];
859 if (a) {
860 addr->family = AF_INET;
861 addr->addr.a4 = nla_get_be32(a);
862 *hash = (__force unsigned int) addr->addr.a4;
863 return 0;
864 }
865 a = info->attrs[TCP_METRICS_ATTR_ADDR_IPV6];
866 if (a) {
867 if (nla_len(a) != sizeof(sizeof(struct in6_addr)))
868 return -EINVAL;
869 addr->family = AF_INET6;
870 memcpy(addr->addr.a6, nla_data(a), sizeof(addr->addr.a6));
871 *hash = ipv6_addr_hash((struct in6_addr *) addr->addr.a6);
872 return 0;
873 }
874 return optional ? 1 : -EAFNOSUPPORT;
875}
876
877static int tcp_metrics_nl_cmd_get(struct sk_buff *skb, struct genl_info *info)
878{
879 struct tcp_metrics_block *tm;
880 struct inetpeer_addr addr;
881 unsigned int hash;
882 struct sk_buff *msg;
883 struct net *net = genl_info_net(info);
884 void *reply;
885 int ret;
886
887 ret = parse_nl_addr(info, &addr, &hash, 0);
888 if (ret < 0)
889 return ret;
890
891 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
892 if (!msg)
893 return -ENOMEM;
894
895 reply = genlmsg_put_reply(msg, info, &tcp_metrics_nl_family, 0,
896 info->genlhdr->cmd);
897 if (!reply)
898 goto nla_put_failure;
899
900 hash = hash_32(hash, net->ipv4.tcp_metrics_hash_log);
901 ret = -ESRCH;
902 rcu_read_lock();
903 for (tm = rcu_dereference(net->ipv4.tcp_metrics_hash[hash].chain); tm;
904 tm = rcu_dereference(tm->tcpm_next)) {
905 if (addr_same(&tm->tcpm_addr, &addr)) {
906 ret = tcp_metrics_fill_info(msg, tm);
907 break;
908 }
909 }
910 rcu_read_unlock();
911 if (ret < 0)
912 goto out_free;
913
914 genlmsg_end(msg, reply);
915 return genlmsg_reply(msg, info);
916
917nla_put_failure:
918 ret = -EMSGSIZE;
919
920out_free:
921 nlmsg_free(msg);
922 return ret;
923}
924
925#define deref_locked_genl(p) \
926 rcu_dereference_protected(p, lockdep_genl_is_held() && \
927 lockdep_is_held(&tcp_metrics_lock))
928
929#define deref_genl(p) rcu_dereference_protected(p, lockdep_genl_is_held())
930
931static int tcp_metrics_flush_all(struct net *net)
932{
933 unsigned int max_rows = 1U << net->ipv4.tcp_metrics_hash_log;
934 struct tcpm_hash_bucket *hb = net->ipv4.tcp_metrics_hash;
935 struct tcp_metrics_block *tm;
936 unsigned int row;
937
938 for (row = 0; row < max_rows; row++, hb++) {
939 spin_lock_bh(&tcp_metrics_lock);
940 tm = deref_locked_genl(hb->chain);
941 if (tm)
942 hb->chain = NULL;
943 spin_unlock_bh(&tcp_metrics_lock);
944 while (tm) {
945 struct tcp_metrics_block *next;
946
947 next = deref_genl(tm->tcpm_next);
948 kfree_rcu(tm, rcu_head);
949 tm = next;
950 }
951 }
952 return 0;
953}
954
955static int tcp_metrics_nl_cmd_del(struct sk_buff *skb, struct genl_info *info)
956{
957 struct tcpm_hash_bucket *hb;
958 struct tcp_metrics_block *tm;
959 struct tcp_metrics_block __rcu **pp;
960 struct inetpeer_addr addr;
961 unsigned int hash;
962 struct net *net = genl_info_net(info);
963 int ret;
964
965 ret = parse_nl_addr(info, &addr, &hash, 1);
966 if (ret < 0)
967 return ret;
968 if (ret > 0)
969 return tcp_metrics_flush_all(net);
970
971 hash = hash_32(hash, net->ipv4.tcp_metrics_hash_log);
972 hb = net->ipv4.tcp_metrics_hash + hash;
973 pp = &hb->chain;
974 spin_lock_bh(&tcp_metrics_lock);
975 for (tm = deref_locked_genl(*pp); tm;
976 pp = &tm->tcpm_next, tm = deref_locked_genl(*pp)) {
977 if (addr_same(&tm->tcpm_addr, &addr)) {
978 *pp = tm->tcpm_next;
979 break;
980 }
981 }
982 spin_unlock_bh(&tcp_metrics_lock);
983 if (!tm)
984 return -ESRCH;
985 kfree_rcu(tm, rcu_head);
986 return 0;
987}
988
989static struct genl_ops tcp_metrics_nl_ops[] = {
990 {
991 .cmd = TCP_METRICS_CMD_GET,
992 .doit = tcp_metrics_nl_cmd_get,
993 .dumpit = tcp_metrics_nl_dump,
994 .policy = tcp_metrics_nl_policy,
995 .flags = GENL_ADMIN_PERM,
996 },
997 {
998 .cmd = TCP_METRICS_CMD_DEL,
999 .doit = tcp_metrics_nl_cmd_del,
1000 .policy = tcp_metrics_nl_policy,
1001 .flags = GENL_ADMIN_PERM,
1002 },
1003};
1004
693static unsigned int tcpmhash_entries; 1005static unsigned int tcpmhash_entries;
694static int __init set_tcpmhash_entries(char *str) 1006static int __init set_tcpmhash_entries(char *str)
695{ 1007{
@@ -753,5 +1065,21 @@ static __net_initdata struct pernet_operations tcp_net_metrics_ops = {
753 1065
754void __init tcp_metrics_init(void) 1066void __init tcp_metrics_init(void)
755{ 1067{
756 register_pernet_subsys(&tcp_net_metrics_ops); 1068 int ret;
1069
1070 ret = register_pernet_subsys(&tcp_net_metrics_ops);
1071 if (ret < 0)
1072 goto cleanup;
1073 ret = genl_register_family_with_ops(&tcp_metrics_nl_family,
1074 tcp_metrics_nl_ops,
1075 ARRAY_SIZE(tcp_metrics_nl_ops));
1076 if (ret < 0)
1077 goto cleanup_subsys;
1078 return;
1079
1080cleanup_subsys:
1081 unregister_pernet_subsys(&tcp_net_metrics_ops);
1082
1083cleanup:
1084 return;
757} 1085}
diff --git a/net/ipv4/tcp_minisocks.c b/net/ipv4/tcp_minisocks.c
index 6ff7f10dce9d..27536ba16c9d 100644
--- a/net/ipv4/tcp_minisocks.c
+++ b/net/ipv4/tcp_minisocks.c
@@ -85,6 +85,8 @@ static bool tcp_in_window(u32 seq, u32 end_seq, u32 s_win, u32 e_win)
85 * spinlock it. I do not want! Well, probability of misbehaviour 85 * spinlock it. I do not want! Well, probability of misbehaviour
86 * is ridiculously low and, seems, we could use some mb() tricks 86 * is ridiculously low and, seems, we could use some mb() tricks
87 * to avoid misread sequence numbers, states etc. --ANK 87 * to avoid misread sequence numbers, states etc. --ANK
88 *
89 * We don't need to initialize tmp_out.sack_ok as we don't use the results
88 */ 90 */
89enum tcp_tw_status 91enum tcp_tw_status
90tcp_timewait_state_process(struct inet_timewait_sock *tw, struct sk_buff *skb, 92tcp_timewait_state_process(struct inet_timewait_sock *tw, struct sk_buff *skb,
@@ -507,6 +509,7 @@ struct sock *tcp_create_openreq_child(struct sock *sk, struct request_sock *req,
507 newicsk->icsk_ack.last_seg_size = skb->len - newtp->tcp_header_len; 509 newicsk->icsk_ack.last_seg_size = skb->len - newtp->tcp_header_len;
508 newtp->rx_opt.mss_clamp = req->mss; 510 newtp->rx_opt.mss_clamp = req->mss;
509 TCP_ECN_openreq_child(newtp, req); 511 TCP_ECN_openreq_child(newtp, req);
512 newtp->fastopen_rsk = NULL;
510 513
511 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_PASSIVEOPENS); 514 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_PASSIVEOPENS);
512 } 515 }
@@ -515,13 +518,20 @@ struct sock *tcp_create_openreq_child(struct sock *sk, struct request_sock *req,
515EXPORT_SYMBOL(tcp_create_openreq_child); 518EXPORT_SYMBOL(tcp_create_openreq_child);
516 519
517/* 520/*
518 * Process an incoming packet for SYN_RECV sockets represented 521 * Process an incoming packet for SYN_RECV sockets represented as a
519 * as a request_sock. 522 * request_sock. Normally sk is the listener socket but for TFO it
523 * points to the child socket.
524 *
525 * XXX (TFO) - The current impl contains a special check for ack
526 * validation and inside tcp_v4_reqsk_send_ack(). Can we do better?
527 *
528 * We don't need to initialize tmp_opt.sack_ok as we don't use the results
520 */ 529 */
521 530
522struct sock *tcp_check_req(struct sock *sk, struct sk_buff *skb, 531struct sock *tcp_check_req(struct sock *sk, struct sk_buff *skb,
523 struct request_sock *req, 532 struct request_sock *req,
524 struct request_sock **prev) 533 struct request_sock **prev,
534 bool fastopen)
525{ 535{
526 struct tcp_options_received tmp_opt; 536 struct tcp_options_received tmp_opt;
527 const u8 *hash_location; 537 const u8 *hash_location;
@@ -530,6 +540,8 @@ struct sock *tcp_check_req(struct sock *sk, struct sk_buff *skb,
530 __be32 flg = tcp_flag_word(th) & (TCP_FLAG_RST|TCP_FLAG_SYN|TCP_FLAG_ACK); 540 __be32 flg = tcp_flag_word(th) & (TCP_FLAG_RST|TCP_FLAG_SYN|TCP_FLAG_ACK);
531 bool paws_reject = false; 541 bool paws_reject = false;
532 542
543 BUG_ON(fastopen == (sk->sk_state == TCP_LISTEN));
544
533 tmp_opt.saw_tstamp = 0; 545 tmp_opt.saw_tstamp = 0;
534 if (th->doff > (sizeof(struct tcphdr)>>2)) { 546 if (th->doff > (sizeof(struct tcphdr)>>2)) {
535 tcp_parse_options(skb, &tmp_opt, &hash_location, 0, NULL); 547 tcp_parse_options(skb, &tmp_opt, &hash_location, 0, NULL);
@@ -565,6 +577,9 @@ struct sock *tcp_check_req(struct sock *sk, struct sk_buff *skb,
565 * 577 *
566 * Enforce "SYN-ACK" according to figure 8, figure 6 578 * Enforce "SYN-ACK" according to figure 8, figure 6
567 * of RFC793, fixed by RFC1122. 579 * of RFC793, fixed by RFC1122.
580 *
581 * Note that even if there is new data in the SYN packet
582 * they will be thrown away too.
568 */ 583 */
569 req->rsk_ops->rtx_syn_ack(sk, req, NULL); 584 req->rsk_ops->rtx_syn_ack(sk, req, NULL);
570 return NULL; 585 return NULL;
@@ -622,9 +637,12 @@ struct sock *tcp_check_req(struct sock *sk, struct sk_buff *skb,
622 * sent (the segment carries an unacceptable ACK) ... 637 * sent (the segment carries an unacceptable ACK) ...
623 * a reset is sent." 638 * a reset is sent."
624 * 639 *
625 * Invalid ACK: reset will be sent by listening socket 640 * Invalid ACK: reset will be sent by listening socket.
641 * Note that the ACK validity check for a Fast Open socket is done
642 * elsewhere and is checked directly against the child socket rather
643 * than req because user data may have been sent out.
626 */ 644 */
627 if ((flg & TCP_FLAG_ACK) && 645 if ((flg & TCP_FLAG_ACK) && !fastopen &&
628 (TCP_SKB_CB(skb)->ack_seq != 646 (TCP_SKB_CB(skb)->ack_seq !=
629 tcp_rsk(req)->snt_isn + 1 + tcp_s_data_size(tcp_sk(sk)))) 647 tcp_rsk(req)->snt_isn + 1 + tcp_s_data_size(tcp_sk(sk))))
630 return sk; 648 return sk;
@@ -637,7 +655,7 @@ struct sock *tcp_check_req(struct sock *sk, struct sk_buff *skb,
637 /* RFC793: "first check sequence number". */ 655 /* RFC793: "first check sequence number". */
638 656
639 if (paws_reject || !tcp_in_window(TCP_SKB_CB(skb)->seq, TCP_SKB_CB(skb)->end_seq, 657 if (paws_reject || !tcp_in_window(TCP_SKB_CB(skb)->seq, TCP_SKB_CB(skb)->end_seq,
640 tcp_rsk(req)->rcv_isn + 1, tcp_rsk(req)->rcv_isn + 1 + req->rcv_wnd)) { 658 tcp_rsk(req)->rcv_nxt, tcp_rsk(req)->rcv_nxt + req->rcv_wnd)) {
641 /* Out of window: send ACK and drop. */ 659 /* Out of window: send ACK and drop. */
642 if (!(flg & TCP_FLAG_RST)) 660 if (!(flg & TCP_FLAG_RST))
643 req->rsk_ops->send_ack(sk, skb, req); 661 req->rsk_ops->send_ack(sk, skb, req);
@@ -648,7 +666,7 @@ struct sock *tcp_check_req(struct sock *sk, struct sk_buff *skb,
648 666
649 /* In sequence, PAWS is OK. */ 667 /* In sequence, PAWS is OK. */
650 668
651 if (tmp_opt.saw_tstamp && !after(TCP_SKB_CB(skb)->seq, tcp_rsk(req)->rcv_isn + 1)) 669 if (tmp_opt.saw_tstamp && !after(TCP_SKB_CB(skb)->seq, tcp_rsk(req)->rcv_nxt))
652 req->ts_recent = tmp_opt.rcv_tsval; 670 req->ts_recent = tmp_opt.rcv_tsval;
653 671
654 if (TCP_SKB_CB(skb)->seq == tcp_rsk(req)->rcv_isn) { 672 if (TCP_SKB_CB(skb)->seq == tcp_rsk(req)->rcv_isn) {
@@ -667,10 +685,25 @@ struct sock *tcp_check_req(struct sock *sk, struct sk_buff *skb,
667 685
668 /* ACK sequence verified above, just make sure ACK is 686 /* ACK sequence verified above, just make sure ACK is
669 * set. If ACK not set, just silently drop the packet. 687 * set. If ACK not set, just silently drop the packet.
688 *
689 * XXX (TFO) - if we ever allow "data after SYN", the
690 * following check needs to be removed.
670 */ 691 */
671 if (!(flg & TCP_FLAG_ACK)) 692 if (!(flg & TCP_FLAG_ACK))
672 return NULL; 693 return NULL;
673 694
695 /* Got ACK for our SYNACK, so update baseline for SYNACK RTT sample. */
696 if (tmp_opt.saw_tstamp && tmp_opt.rcv_tsecr)
697 tcp_rsk(req)->snt_synack = tmp_opt.rcv_tsecr;
698 else if (req->retrans) /* don't take RTT sample if retrans && ~TS */
699 tcp_rsk(req)->snt_synack = 0;
700
701 /* For Fast Open no more processing is needed (sk is the
702 * child socket).
703 */
704 if (fastopen)
705 return sk;
706
674 /* While TCP_DEFER_ACCEPT is active, drop bare ACK. */ 707 /* While TCP_DEFER_ACCEPT is active, drop bare ACK. */
675 if (req->retrans < inet_csk(sk)->icsk_accept_queue.rskq_defer_accept && 708 if (req->retrans < inet_csk(sk)->icsk_accept_queue.rskq_defer_accept &&
676 TCP_SKB_CB(skb)->end_seq == tcp_rsk(req)->rcv_isn + 1) { 709 TCP_SKB_CB(skb)->end_seq == tcp_rsk(req)->rcv_isn + 1) {
@@ -678,10 +711,6 @@ struct sock *tcp_check_req(struct sock *sk, struct sk_buff *skb,
678 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPDEFERACCEPTDROP); 711 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPDEFERACCEPTDROP);
679 return NULL; 712 return NULL;
680 } 713 }
681 if (tmp_opt.saw_tstamp && tmp_opt.rcv_tsecr)
682 tcp_rsk(req)->snt_synack = tmp_opt.rcv_tsecr;
683 else if (req->retrans) /* don't take RTT sample if retrans && ~TS */
684 tcp_rsk(req)->snt_synack = 0;
685 714
686 /* OK, ACK is valid, create big socket and 715 /* OK, ACK is valid, create big socket and
687 * feed this segment to it. It will repeat all 716 * feed this segment to it. It will repeat all
@@ -706,11 +735,21 @@ listen_overflow:
706 } 735 }
707 736
708embryonic_reset: 737embryonic_reset:
709 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_EMBRYONICRSTS); 738 if (!(flg & TCP_FLAG_RST)) {
710 if (!(flg & TCP_FLAG_RST)) 739 /* Received a bad SYN pkt - for TFO We try not to reset
740 * the local connection unless it's really necessary to
741 * avoid becoming vulnerable to outside attack aiming at
742 * resetting legit local connections.
743 */
711 req->rsk_ops->send_reset(sk, skb); 744 req->rsk_ops->send_reset(sk, skb);
712 745 } else if (fastopen) { /* received a valid RST pkt */
713 inet_csk_reqsk_queue_drop(sk, req, prev); 746 reqsk_fastopen_remove(sk, req, true);
747 tcp_reset(sk);
748 }
749 if (!fastopen) {
750 inet_csk_reqsk_queue_drop(sk, req, prev);
751 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_EMBRYONICRSTS);
752 }
714 return NULL; 753 return NULL;
715} 754}
716EXPORT_SYMBOL(tcp_check_req); 755EXPORT_SYMBOL(tcp_check_req);
@@ -719,6 +758,12 @@ EXPORT_SYMBOL(tcp_check_req);
719 * Queue segment on the new socket if the new socket is active, 758 * Queue segment on the new socket if the new socket is active,
720 * otherwise we just shortcircuit this and continue with 759 * otherwise we just shortcircuit this and continue with
721 * the new socket. 760 * the new socket.
761 *
762 * For the vast majority of cases child->sk_state will be TCP_SYN_RECV
763 * when entering. But other states are possible due to a race condition
764 * where after __inet_lookup_established() fails but before the listener
765 * locked is obtained, other packets cause the same connection to
766 * be created.
722 */ 767 */
723 768
724int tcp_child_process(struct sock *parent, struct sock *child, 769int tcp_child_process(struct sock *parent, struct sock *child,
diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c
index d04632673a9e..cfe6ffe1c177 100644
--- a/net/ipv4/tcp_output.c
+++ b/net/ipv4/tcp_output.c
@@ -702,7 +702,8 @@ static unsigned int tcp_synack_options(struct sock *sk,
702 unsigned int mss, struct sk_buff *skb, 702 unsigned int mss, struct sk_buff *skb,
703 struct tcp_out_options *opts, 703 struct tcp_out_options *opts,
704 struct tcp_md5sig_key **md5, 704 struct tcp_md5sig_key **md5,
705 struct tcp_extend_values *xvp) 705 struct tcp_extend_values *xvp,
706 struct tcp_fastopen_cookie *foc)
706{ 707{
707 struct inet_request_sock *ireq = inet_rsk(req); 708 struct inet_request_sock *ireq = inet_rsk(req);
708 unsigned int remaining = MAX_TCP_OPTION_SPACE; 709 unsigned int remaining = MAX_TCP_OPTION_SPACE;
@@ -747,7 +748,15 @@ static unsigned int tcp_synack_options(struct sock *sk,
747 if (unlikely(!ireq->tstamp_ok)) 748 if (unlikely(!ireq->tstamp_ok))
748 remaining -= TCPOLEN_SACKPERM_ALIGNED; 749 remaining -= TCPOLEN_SACKPERM_ALIGNED;
749 } 750 }
750 751 if (foc != NULL) {
752 u32 need = TCPOLEN_EXP_FASTOPEN_BASE + foc->len;
753 need = (need + 3) & ~3U; /* Align to 32 bits */
754 if (remaining >= need) {
755 opts->options |= OPTION_FAST_OPEN_COOKIE;
756 opts->fastopen_cookie = foc;
757 remaining -= need;
758 }
759 }
751 /* Similar rationale to tcp_syn_options() applies here, too. 760 /* Similar rationale to tcp_syn_options() applies here, too.
752 * If the <SYN> options fit, the same options should fit now! 761 * If the <SYN> options fit, the same options should fit now!
753 */ 762 */
@@ -2028,10 +2037,10 @@ static bool tcp_write_xmit(struct sock *sk, unsigned int mss_now, int nonagle,
2028 if (push_one) 2037 if (push_one)
2029 break; 2038 break;
2030 } 2039 }
2031 if (inet_csk(sk)->icsk_ca_state == TCP_CA_Recovery)
2032 tp->prr_out += sent_pkts;
2033 2040
2034 if (likely(sent_pkts)) { 2041 if (likely(sent_pkts)) {
2042 if (tcp_in_cwnd_reduction(sk))
2043 tp->prr_out += sent_pkts;
2035 tcp_cwnd_validate(sk); 2044 tcp_cwnd_validate(sk);
2036 return false; 2045 return false;
2037 } 2046 }
@@ -2533,7 +2542,7 @@ begin_fwd:
2533 } 2542 }
2534 NET_INC_STATS_BH(sock_net(sk), mib_idx); 2543 NET_INC_STATS_BH(sock_net(sk), mib_idx);
2535 2544
2536 if (inet_csk(sk)->icsk_ca_state == TCP_CA_Recovery) 2545 if (tcp_in_cwnd_reduction(sk))
2537 tp->prr_out += tcp_skb_pcount(skb); 2546 tp->prr_out += tcp_skb_pcount(skb);
2538 2547
2539 if (skb == tcp_write_queue_head(sk)) 2548 if (skb == tcp_write_queue_head(sk))
@@ -2658,7 +2667,8 @@ int tcp_send_synack(struct sock *sk)
2658 */ 2667 */
2659struct sk_buff *tcp_make_synack(struct sock *sk, struct dst_entry *dst, 2668struct sk_buff *tcp_make_synack(struct sock *sk, struct dst_entry *dst,
2660 struct request_sock *req, 2669 struct request_sock *req,
2661 struct request_values *rvp) 2670 struct request_values *rvp,
2671 struct tcp_fastopen_cookie *foc)
2662{ 2672{
2663 struct tcp_out_options opts; 2673 struct tcp_out_options opts;
2664 struct tcp_extend_values *xvp = tcp_xv(rvp); 2674 struct tcp_extend_values *xvp = tcp_xv(rvp);
@@ -2718,7 +2728,7 @@ struct sk_buff *tcp_make_synack(struct sock *sk, struct dst_entry *dst,
2718#endif 2728#endif
2719 TCP_SKB_CB(skb)->when = tcp_time_stamp; 2729 TCP_SKB_CB(skb)->when = tcp_time_stamp;
2720 tcp_header_size = tcp_synack_options(sk, req, mss, 2730 tcp_header_size = tcp_synack_options(sk, req, mss,
2721 skb, &opts, &md5, xvp) 2731 skb, &opts, &md5, xvp, foc)
2722 + sizeof(*th); 2732 + sizeof(*th);
2723 2733
2724 skb_push(skb, tcp_header_size); 2734 skb_push(skb, tcp_header_size);
@@ -2772,7 +2782,8 @@ struct sk_buff *tcp_make_synack(struct sock *sk, struct dst_entry *dst,
2772 } 2782 }
2773 2783
2774 th->seq = htonl(TCP_SKB_CB(skb)->seq); 2784 th->seq = htonl(TCP_SKB_CB(skb)->seq);
2775 th->ack_seq = htonl(tcp_rsk(req)->rcv_isn + 1); 2785 /* XXX data is queued and acked as is. No buffer/window check */
2786 th->ack_seq = htonl(tcp_rsk(req)->rcv_nxt);
2776 2787
2777 /* RFC1323: The window in SYN & SYN/ACK segments is never scaled. */ 2788 /* RFC1323: The window in SYN & SYN/ACK segments is never scaled. */
2778 th->window = htons(min(req->rcv_wnd, 65535U)); 2789 th->window = htons(min(req->rcv_wnd, 65535U));
diff --git a/net/ipv4/tcp_timer.c b/net/ipv4/tcp_timer.c
index b774a03bd1dc..fc04711e80c8 100644
--- a/net/ipv4/tcp_timer.c
+++ b/net/ipv4/tcp_timer.c
@@ -305,6 +305,35 @@ static void tcp_probe_timer(struct sock *sk)
305} 305}
306 306
307/* 307/*
308 * Timer for Fast Open socket to retransmit SYNACK. Note that the
309 * sk here is the child socket, not the parent (listener) socket.
310 */
311static void tcp_fastopen_synack_timer(struct sock *sk)
312{
313 struct inet_connection_sock *icsk = inet_csk(sk);
314 int max_retries = icsk->icsk_syn_retries ? :
315 sysctl_tcp_synack_retries + 1; /* add one more retry for fastopen */
316 struct request_sock *req;
317
318 req = tcp_sk(sk)->fastopen_rsk;
319 req->rsk_ops->syn_ack_timeout(sk, req);
320
321 if (req->retrans >= max_retries) {
322 tcp_write_err(sk);
323 return;
324 }
325 /* XXX (TFO) - Unlike regular SYN-ACK retransmit, we ignore error
326 * returned from rtx_syn_ack() to make it more persistent like
327 * regular retransmit because if the child socket has been accepted
328 * it's not good to give up too easily.
329 */
330 req->rsk_ops->rtx_syn_ack(sk, req, NULL);
331 req->retrans++;
332 inet_csk_reset_xmit_timer(sk, ICSK_TIME_RETRANS,
333 TCP_TIMEOUT_INIT << req->retrans, TCP_RTO_MAX);
334}
335
336/*
308 * The TCP retransmit timer. 337 * The TCP retransmit timer.
309 */ 338 */
310 339
@@ -317,7 +346,15 @@ void tcp_retransmit_timer(struct sock *sk)
317 tcp_resume_early_retransmit(sk); 346 tcp_resume_early_retransmit(sk);
318 return; 347 return;
319 } 348 }
320 349 if (tp->fastopen_rsk) {
350 BUG_ON(sk->sk_state != TCP_SYN_RECV &&
351 sk->sk_state != TCP_FIN_WAIT1);
352 tcp_fastopen_synack_timer(sk);
353 /* Before we receive ACK to our SYN-ACK don't retransmit
354 * anything else (e.g., data or FIN segments).
355 */
356 return;
357 }
321 if (!tp->packets_out) 358 if (!tp->packets_out)
322 goto out; 359 goto out;
323 360
diff --git a/net/ipv4/udp_diag.c b/net/ipv4/udp_diag.c
index d2f336ea82ca..505b30ad9182 100644
--- a/net/ipv4/udp_diag.c
+++ b/net/ipv4/udp_diag.c
@@ -26,7 +26,7 @@ static int sk_diag_dump(struct sock *sk, struct sk_buff *skb,
26 26
27 return inet_sk_diag_fill(sk, NULL, skb, req, 27 return inet_sk_diag_fill(sk, NULL, skb, req,
28 sk_user_ns(NETLINK_CB(cb->skb).ssk), 28 sk_user_ns(NETLINK_CB(cb->skb).ssk),
29 NETLINK_CB(cb->skb).pid, 29 NETLINK_CB(cb->skb).portid,
30 cb->nlh->nlmsg_seq, NLM_F_MULTI, cb->nlh); 30 cb->nlh->nlmsg_seq, NLM_F_MULTI, cb->nlh);
31} 31}
32 32
@@ -72,14 +72,14 @@ static int udp_dump_one(struct udp_table *tbl, struct sk_buff *in_skb,
72 72
73 err = inet_sk_diag_fill(sk, NULL, rep, req, 73 err = inet_sk_diag_fill(sk, NULL, rep, req,
74 sk_user_ns(NETLINK_CB(in_skb).ssk), 74 sk_user_ns(NETLINK_CB(in_skb).ssk),
75 NETLINK_CB(in_skb).pid, 75 NETLINK_CB(in_skb).portid,
76 nlh->nlmsg_seq, 0, nlh); 76 nlh->nlmsg_seq, 0, nlh);
77 if (err < 0) { 77 if (err < 0) {
78 WARN_ON(err == -EMSGSIZE); 78 WARN_ON(err == -EMSGSIZE);
79 kfree_skb(rep); 79 kfree_skb(rep);
80 goto out; 80 goto out;
81 } 81 }
82 err = netlink_unicast(net->diag_nlsk, rep, NETLINK_CB(in_skb).pid, 82 err = netlink_unicast(net->diag_nlsk, rep, NETLINK_CB(in_skb).portid,
83 MSG_DONTWAIT); 83 MSG_DONTWAIT);
84 if (err > 0) 84 if (err > 0)
85 err = 0; 85 err = 0;
diff --git a/net/ipv6/Kconfig b/net/ipv6/Kconfig
index 5728695b5449..4f7fe7270e37 100644
--- a/net/ipv6/Kconfig
+++ b/net/ipv6/Kconfig
@@ -201,6 +201,22 @@ config IPV6_TUNNEL
201 201
202 If unsure, say N. 202 If unsure, say N.
203 203
204config IPV6_GRE
205 tristate "IPv6: GRE tunnel"
206 select IPV6_TUNNEL
207 ---help---
208 Tunneling means encapsulating data of one protocol type within
209 another protocol and sending it over a channel that understands the
210 encapsulating protocol. This particular tunneling driver implements
211 GRE (Generic Routing Encapsulation) and at this time allows
212 encapsulating of IPv4 or IPv6 over existing IPv6 infrastructure.
213 This driver is useful if the other endpoint is a Cisco router: Cisco
214 likes GRE much better than the other Linux tunneling driver ("IP
215 tunneling" above). In addition, GRE allows multicast redistribution
216 through the tunnel.
217
218 Saying M here will produce a module called ip6_gre. If unsure, say N.
219
204config IPV6_MULTIPLE_TABLES 220config IPV6_MULTIPLE_TABLES
205 bool "IPv6: Multiple Routing Tables" 221 bool "IPv6: Multiple Routing Tables"
206 depends on EXPERIMENTAL 222 depends on EXPERIMENTAL
diff --git a/net/ipv6/Makefile b/net/ipv6/Makefile
index 686934acfac1..b6d3f79151e2 100644
--- a/net/ipv6/Makefile
+++ b/net/ipv6/Makefile
@@ -36,6 +36,7 @@ obj-$(CONFIG_NETFILTER) += netfilter/
36 36
37obj-$(CONFIG_IPV6_SIT) += sit.o 37obj-$(CONFIG_IPV6_SIT) += sit.o
38obj-$(CONFIG_IPV6_TUNNEL) += ip6_tunnel.o 38obj-$(CONFIG_IPV6_TUNNEL) += ip6_tunnel.o
39obj-$(CONFIG_IPV6_GRE) += ip6_gre.o
39 40
40obj-y += addrconf_core.o exthdrs_core.o 41obj-y += addrconf_core.o exthdrs_core.o
41 42
diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
index 6bc85f7c31e3..480e68422efb 100644
--- a/net/ipv6/addrconf.c
+++ b/net/ipv6/addrconf.c
@@ -127,8 +127,8 @@ static inline void addrconf_sysctl_unregister(struct inet6_dev *idev)
127#endif 127#endif
128 128
129#ifdef CONFIG_IPV6_PRIVACY 129#ifdef CONFIG_IPV6_PRIVACY
130static int __ipv6_regen_rndid(struct inet6_dev *idev); 130static void __ipv6_regen_rndid(struct inet6_dev *idev);
131static int __ipv6_try_regen_rndid(struct inet6_dev *idev, struct in6_addr *tmpaddr); 131static void __ipv6_try_regen_rndid(struct inet6_dev *idev, struct in6_addr *tmpaddr);
132static void ipv6_regen_rndid(unsigned long data); 132static void ipv6_regen_rndid(unsigned long data);
133#endif 133#endif
134 134
@@ -788,10 +788,16 @@ static void ipv6_del_addr(struct inet6_ifaddr *ifp)
788 struct in6_addr prefix; 788 struct in6_addr prefix;
789 struct rt6_info *rt; 789 struct rt6_info *rt;
790 struct net *net = dev_net(ifp->idev->dev); 790 struct net *net = dev_net(ifp->idev->dev);
791 struct flowi6 fl6 = {};
792
791 ipv6_addr_prefix(&prefix, &ifp->addr, ifp->prefix_len); 793 ipv6_addr_prefix(&prefix, &ifp->addr, ifp->prefix_len);
792 rt = rt6_lookup(net, &prefix, NULL, ifp->idev->dev->ifindex, 1); 794 fl6.flowi6_oif = ifp->idev->dev->ifindex;
795 fl6.daddr = prefix;
796 rt = (struct rt6_info *)ip6_route_lookup(net, &fl6,
797 RT6_LOOKUP_F_IFACE);
793 798
794 if (rt && addrconf_is_prefix_route(rt)) { 799 if (rt != net->ipv6.ip6_null_entry &&
800 addrconf_is_prefix_route(rt)) {
795 if (onlink == 0) { 801 if (onlink == 0) {
796 ip6_del_rt(rt); 802 ip6_del_rt(rt);
797 rt = NULL; 803 rt = NULL;
@@ -852,16 +858,7 @@ retry:
852 } 858 }
853 in6_ifa_hold(ifp); 859 in6_ifa_hold(ifp);
854 memcpy(addr.s6_addr, ifp->addr.s6_addr, 8); 860 memcpy(addr.s6_addr, ifp->addr.s6_addr, 8);
855 if (__ipv6_try_regen_rndid(idev, tmpaddr) < 0) { 861 __ipv6_try_regen_rndid(idev, tmpaddr);
856 spin_unlock_bh(&ifp->lock);
857 write_unlock(&idev->lock);
858 pr_warn("%s: regeneration of randomized interface id failed\n",
859 __func__);
860 in6_ifa_put(ifp);
861 in6_dev_put(idev);
862 ret = -1;
863 goto out;
864 }
865 memcpy(&addr.s6_addr[8], idev->rndid, 8); 862 memcpy(&addr.s6_addr[8], idev->rndid, 8);
866 age = (now - ifp->tstamp) / HZ; 863 age = (now - ifp->tstamp) / HZ;
867 tmp_valid_lft = min_t(__u32, 864 tmp_valid_lft = min_t(__u32,
@@ -1079,8 +1076,10 @@ static int ipv6_get_saddr_eval(struct net *net,
1079 break; 1076 break;
1080 case IPV6_SADDR_RULE_PREFIX: 1077 case IPV6_SADDR_RULE_PREFIX:
1081 /* Rule 8: Use longest matching prefix */ 1078 /* Rule 8: Use longest matching prefix */
1082 score->matchlen = ret = ipv6_addr_diff(&score->ifa->addr, 1079 ret = ipv6_addr_diff(&score->ifa->addr, dst->addr);
1083 dst->addr); 1080 if (ret > score->ifa->prefix_len)
1081 ret = score->ifa->prefix_len;
1082 score->matchlen = ret;
1084 break; 1083 break;
1085 default: 1084 default:
1086 ret = 0; 1085 ret = 0;
@@ -1093,7 +1092,7 @@ out:
1093 return ret; 1092 return ret;
1094} 1093}
1095 1094
1096int ipv6_dev_get_saddr(struct net *net, struct net_device *dst_dev, 1095int ipv6_dev_get_saddr(struct net *net, const struct net_device *dst_dev,
1097 const struct in6_addr *daddr, unsigned int prefs, 1096 const struct in6_addr *daddr, unsigned int prefs,
1098 struct in6_addr *saddr) 1097 struct in6_addr *saddr)
1099{ 1098{
@@ -1600,7 +1599,7 @@ static int ipv6_inherit_eui64(u8 *eui, struct inet6_dev *idev)
1600 1599
1601#ifdef CONFIG_IPV6_PRIVACY 1600#ifdef CONFIG_IPV6_PRIVACY
1602/* (re)generation of randomized interface identifier (RFC 3041 3.2, 3.5) */ 1601/* (re)generation of randomized interface identifier (RFC 3041 3.2, 3.5) */
1603static int __ipv6_regen_rndid(struct inet6_dev *idev) 1602static void __ipv6_regen_rndid(struct inet6_dev *idev)
1604{ 1603{
1605regen: 1604regen:
1606 get_random_bytes(idev->rndid, sizeof(idev->rndid)); 1605 get_random_bytes(idev->rndid, sizeof(idev->rndid));
@@ -1627,8 +1626,6 @@ regen:
1627 if ((idev->rndid[2]|idev->rndid[3]|idev->rndid[4]|idev->rndid[5]|idev->rndid[6]|idev->rndid[7]) == 0x00) 1626 if ((idev->rndid[2]|idev->rndid[3]|idev->rndid[4]|idev->rndid[5]|idev->rndid[6]|idev->rndid[7]) == 0x00)
1628 goto regen; 1627 goto regen;
1629 } 1628 }
1630
1631 return 0;
1632} 1629}
1633 1630
1634static void ipv6_regen_rndid(unsigned long data) 1631static void ipv6_regen_rndid(unsigned long data)
@@ -1642,8 +1639,7 @@ static void ipv6_regen_rndid(unsigned long data)
1642 if (idev->dead) 1639 if (idev->dead)
1643 goto out; 1640 goto out;
1644 1641
1645 if (__ipv6_regen_rndid(idev) < 0) 1642 __ipv6_regen_rndid(idev);
1646 goto out;
1647 1643
1648 expires = jiffies + 1644 expires = jiffies +
1649 idev->cnf.temp_prefered_lft * HZ - 1645 idev->cnf.temp_prefered_lft * HZ -
@@ -1664,13 +1660,10 @@ out:
1664 in6_dev_put(idev); 1660 in6_dev_put(idev);
1665} 1661}
1666 1662
1667static int __ipv6_try_regen_rndid(struct inet6_dev *idev, struct in6_addr *tmpaddr) 1663static void __ipv6_try_regen_rndid(struct inet6_dev *idev, struct in6_addr *tmpaddr)
1668{ 1664{
1669 int ret = 0;
1670
1671 if (tmpaddr && memcmp(idev->rndid, &tmpaddr->s6_addr[8], 8) == 0) 1665 if (tmpaddr && memcmp(idev->rndid, &tmpaddr->s6_addr[8], 8) == 0)
1672 ret = __ipv6_regen_rndid(idev); 1666 __ipv6_regen_rndid(idev);
1673 return ret;
1674} 1667}
1675#endif 1668#endif
1676 1669
@@ -1721,7 +1714,7 @@ static struct rt6_info *addrconf_get_prefix_route(const struct in6_addr *pfx,
1721 if (table == NULL) 1714 if (table == NULL)
1722 return NULL; 1715 return NULL;
1723 1716
1724 write_lock_bh(&table->tb6_lock); 1717 read_lock_bh(&table->tb6_lock);
1725 fn = fib6_locate(&table->tb6_root, pfx, plen, NULL, 0); 1718 fn = fib6_locate(&table->tb6_root, pfx, plen, NULL, 0);
1726 if (!fn) 1719 if (!fn)
1727 goto out; 1720 goto out;
@@ -1736,7 +1729,7 @@ static struct rt6_info *addrconf_get_prefix_route(const struct in6_addr *pfx,
1736 break; 1729 break;
1737 } 1730 }
1738out: 1731out:
1739 write_unlock_bh(&table->tb6_lock); 1732 read_unlock_bh(&table->tb6_lock);
1740 return rt; 1733 return rt;
1741} 1734}
1742 1735
@@ -3549,12 +3542,12 @@ static inline int inet6_ifaddr_msgsize(void)
3549} 3542}
3550 3543
3551static int inet6_fill_ifaddr(struct sk_buff *skb, struct inet6_ifaddr *ifa, 3544static int inet6_fill_ifaddr(struct sk_buff *skb, struct inet6_ifaddr *ifa,
3552 u32 pid, u32 seq, int event, unsigned int flags) 3545 u32 portid, u32 seq, int event, unsigned int flags)
3553{ 3546{
3554 struct nlmsghdr *nlh; 3547 struct nlmsghdr *nlh;
3555 u32 preferred, valid; 3548 u32 preferred, valid;
3556 3549
3557 nlh = nlmsg_put(skb, pid, seq, event, sizeof(struct ifaddrmsg), flags); 3550 nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct ifaddrmsg), flags);
3558 if (nlh == NULL) 3551 if (nlh == NULL)
3559 return -EMSGSIZE; 3552 return -EMSGSIZE;
3560 3553
@@ -3592,7 +3585,7 @@ static int inet6_fill_ifaddr(struct sk_buff *skb, struct inet6_ifaddr *ifa,
3592} 3585}
3593 3586
3594static int inet6_fill_ifmcaddr(struct sk_buff *skb, struct ifmcaddr6 *ifmca, 3587static int inet6_fill_ifmcaddr(struct sk_buff *skb, struct ifmcaddr6 *ifmca,
3595 u32 pid, u32 seq, int event, u16 flags) 3588 u32 portid, u32 seq, int event, u16 flags)
3596{ 3589{
3597 struct nlmsghdr *nlh; 3590 struct nlmsghdr *nlh;
3598 u8 scope = RT_SCOPE_UNIVERSE; 3591 u8 scope = RT_SCOPE_UNIVERSE;
@@ -3601,7 +3594,7 @@ static int inet6_fill_ifmcaddr(struct sk_buff *skb, struct ifmcaddr6 *ifmca,
3601 if (ipv6_addr_scope(&ifmca->mca_addr) & IFA_SITE) 3594 if (ipv6_addr_scope(&ifmca->mca_addr) & IFA_SITE)
3602 scope = RT_SCOPE_SITE; 3595 scope = RT_SCOPE_SITE;
3603 3596
3604 nlh = nlmsg_put(skb, pid, seq, event, sizeof(struct ifaddrmsg), flags); 3597 nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct ifaddrmsg), flags);
3605 if (nlh == NULL) 3598 if (nlh == NULL)
3606 return -EMSGSIZE; 3599 return -EMSGSIZE;
3607 3600
@@ -3617,7 +3610,7 @@ static int inet6_fill_ifmcaddr(struct sk_buff *skb, struct ifmcaddr6 *ifmca,
3617} 3610}
3618 3611
3619static int inet6_fill_ifacaddr(struct sk_buff *skb, struct ifacaddr6 *ifaca, 3612static int inet6_fill_ifacaddr(struct sk_buff *skb, struct ifacaddr6 *ifaca,
3620 u32 pid, u32 seq, int event, unsigned int flags) 3613 u32 portid, u32 seq, int event, unsigned int flags)
3621{ 3614{
3622 struct nlmsghdr *nlh; 3615 struct nlmsghdr *nlh;
3623 u8 scope = RT_SCOPE_UNIVERSE; 3616 u8 scope = RT_SCOPE_UNIVERSE;
@@ -3626,7 +3619,7 @@ static int inet6_fill_ifacaddr(struct sk_buff *skb, struct ifacaddr6 *ifaca,
3626 if (ipv6_addr_scope(&ifaca->aca_addr) & IFA_SITE) 3619 if (ipv6_addr_scope(&ifaca->aca_addr) & IFA_SITE)
3627 scope = RT_SCOPE_SITE; 3620 scope = RT_SCOPE_SITE;
3628 3621
3629 nlh = nlmsg_put(skb, pid, seq, event, sizeof(struct ifaddrmsg), flags); 3622 nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct ifaddrmsg), flags);
3630 if (nlh == NULL) 3623 if (nlh == NULL)
3631 return -EMSGSIZE; 3624 return -EMSGSIZE;
3632 3625
@@ -3667,7 +3660,7 @@ static int in6_dump_addrs(struct inet6_dev *idev, struct sk_buff *skb,
3667 if (++ip_idx < s_ip_idx) 3660 if (++ip_idx < s_ip_idx)
3668 continue; 3661 continue;
3669 err = inet6_fill_ifaddr(skb, ifa, 3662 err = inet6_fill_ifaddr(skb, ifa,
3670 NETLINK_CB(cb->skb).pid, 3663 NETLINK_CB(cb->skb).portid,
3671 cb->nlh->nlmsg_seq, 3664 cb->nlh->nlmsg_seq,
3672 RTM_NEWADDR, 3665 RTM_NEWADDR,
3673 NLM_F_MULTI); 3666 NLM_F_MULTI);
@@ -3683,7 +3676,7 @@ static int in6_dump_addrs(struct inet6_dev *idev, struct sk_buff *skb,
3683 if (ip_idx < s_ip_idx) 3676 if (ip_idx < s_ip_idx)
3684 continue; 3677 continue;
3685 err = inet6_fill_ifmcaddr(skb, ifmca, 3678 err = inet6_fill_ifmcaddr(skb, ifmca,
3686 NETLINK_CB(cb->skb).pid, 3679 NETLINK_CB(cb->skb).portid,
3687 cb->nlh->nlmsg_seq, 3680 cb->nlh->nlmsg_seq,
3688 RTM_GETMULTICAST, 3681 RTM_GETMULTICAST,
3689 NLM_F_MULTI); 3682 NLM_F_MULTI);
@@ -3698,7 +3691,7 @@ static int in6_dump_addrs(struct inet6_dev *idev, struct sk_buff *skb,
3698 if (ip_idx < s_ip_idx) 3691 if (ip_idx < s_ip_idx)
3699 continue; 3692 continue;
3700 err = inet6_fill_ifacaddr(skb, ifaca, 3693 err = inet6_fill_ifacaddr(skb, ifaca,
3701 NETLINK_CB(cb->skb).pid, 3694 NETLINK_CB(cb->skb).portid,
3702 cb->nlh->nlmsg_seq, 3695 cb->nlh->nlmsg_seq,
3703 RTM_GETANYCAST, 3696 RTM_GETANYCAST,
3704 NLM_F_MULTI); 3697 NLM_F_MULTI);
@@ -3820,7 +3813,7 @@ static int inet6_rtm_getaddr(struct sk_buff *in_skb, struct nlmsghdr *nlh,
3820 goto errout_ifa; 3813 goto errout_ifa;
3821 } 3814 }
3822 3815
3823 err = inet6_fill_ifaddr(skb, ifa, NETLINK_CB(in_skb).pid, 3816 err = inet6_fill_ifaddr(skb, ifa, NETLINK_CB(in_skb).portid,
3824 nlh->nlmsg_seq, RTM_NEWADDR, 0); 3817 nlh->nlmsg_seq, RTM_NEWADDR, 0);
3825 if (err < 0) { 3818 if (err < 0) {
3826 /* -EMSGSIZE implies BUG in inet6_ifaddr_msgsize() */ 3819 /* -EMSGSIZE implies BUG in inet6_ifaddr_msgsize() */
@@ -3828,7 +3821,7 @@ static int inet6_rtm_getaddr(struct sk_buff *in_skb, struct nlmsghdr *nlh,
3828 kfree_skb(skb); 3821 kfree_skb(skb);
3829 goto errout_ifa; 3822 goto errout_ifa;
3830 } 3823 }
3831 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).pid); 3824 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
3832errout_ifa: 3825errout_ifa:
3833 in6_ifa_put(ifa); 3826 in6_ifa_put(ifa);
3834errout: 3827errout:
@@ -4030,14 +4023,14 @@ static int inet6_fill_link_af(struct sk_buff *skb, const struct net_device *dev)
4030} 4023}
4031 4024
4032static int inet6_fill_ifinfo(struct sk_buff *skb, struct inet6_dev *idev, 4025static int inet6_fill_ifinfo(struct sk_buff *skb, struct inet6_dev *idev,
4033 u32 pid, u32 seq, int event, unsigned int flags) 4026 u32 portid, u32 seq, int event, unsigned int flags)
4034{ 4027{
4035 struct net_device *dev = idev->dev; 4028 struct net_device *dev = idev->dev;
4036 struct ifinfomsg *hdr; 4029 struct ifinfomsg *hdr;
4037 struct nlmsghdr *nlh; 4030 struct nlmsghdr *nlh;
4038 void *protoinfo; 4031 void *protoinfo;
4039 4032
4040 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*hdr), flags); 4033 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*hdr), flags);
4041 if (nlh == NULL) 4034 if (nlh == NULL)
4042 return -EMSGSIZE; 4035 return -EMSGSIZE;
4043 4036
@@ -4095,7 +4088,7 @@ static int inet6_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb)
4095 if (!idev) 4088 if (!idev)
4096 goto cont; 4089 goto cont;
4097 if (inet6_fill_ifinfo(skb, idev, 4090 if (inet6_fill_ifinfo(skb, idev,
4098 NETLINK_CB(cb->skb).pid, 4091 NETLINK_CB(cb->skb).portid,
4099 cb->nlh->nlmsg_seq, 4092 cb->nlh->nlmsg_seq,
4100 RTM_NEWLINK, NLM_F_MULTI) <= 0) 4093 RTM_NEWLINK, NLM_F_MULTI) <= 0)
4101 goto out; 4094 goto out;
@@ -4143,14 +4136,14 @@ static inline size_t inet6_prefix_nlmsg_size(void)
4143} 4136}
4144 4137
4145static int inet6_fill_prefix(struct sk_buff *skb, struct inet6_dev *idev, 4138static int inet6_fill_prefix(struct sk_buff *skb, struct inet6_dev *idev,
4146 struct prefix_info *pinfo, u32 pid, u32 seq, 4139 struct prefix_info *pinfo, u32 portid, u32 seq,
4147 int event, unsigned int flags) 4140 int event, unsigned int flags)
4148{ 4141{
4149 struct prefixmsg *pmsg; 4142 struct prefixmsg *pmsg;
4150 struct nlmsghdr *nlh; 4143 struct nlmsghdr *nlh;
4151 struct prefix_cacheinfo ci; 4144 struct prefix_cacheinfo ci;
4152 4145
4153 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*pmsg), flags); 4146 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*pmsg), flags);
4154 if (nlh == NULL) 4147 if (nlh == NULL)
4155 return -EMSGSIZE; 4148 return -EMSGSIZE;
4156 4149
diff --git a/net/ipv6/addrlabel.c b/net/ipv6/addrlabel.c
index eb6a63632d3c..4be23da32b89 100644
--- a/net/ipv6/addrlabel.c
+++ b/net/ipv6/addrlabel.c
@@ -57,7 +57,7 @@ struct net *ip6addrlbl_net(const struct ip6addrlbl_entry *lbl)
57} 57}
58 58
59/* 59/*
60 * Default policy table (RFC3484 + extensions) 60 * Default policy table (RFC6724 + extensions)
61 * 61 *
62 * prefix addr_type label 62 * prefix addr_type label
63 * ------------------------------------------------------------------------- 63 * -------------------------------------------------------------------------
@@ -69,8 +69,12 @@ struct net *ip6addrlbl_net(const struct ip6addrlbl_entry *lbl)
69 * fc00::/7 N/A 5 ULA (RFC 4193) 69 * fc00::/7 N/A 5 ULA (RFC 4193)
70 * 2001::/32 N/A 6 Teredo (RFC 4380) 70 * 2001::/32 N/A 6 Teredo (RFC 4380)
71 * 2001:10::/28 N/A 7 ORCHID (RFC 4843) 71 * 2001:10::/28 N/A 7 ORCHID (RFC 4843)
72 * fec0::/10 N/A 11 Site-local
73 * (deprecated by RFC3879)
74 * 3ffe::/16 N/A 12 6bone
72 * 75 *
73 * Note: 0xffffffff is used if we do not have any policies. 76 * Note: 0xffffffff is used if we do not have any policies.
77 * Note: Labels for ULA and 6to4 are different from labels listed in RFC6724.
74 */ 78 */
75 79
76#define IPV6_ADDR_LABEL_DEFAULT 0xffffffffUL 80#define IPV6_ADDR_LABEL_DEFAULT 0xffffffffUL
@@ -88,10 +92,18 @@ static const __net_initdata struct ip6addrlbl_init_table
88 .prefix = &(struct in6_addr){{{ 0xfc }}}, 92 .prefix = &(struct in6_addr){{{ 0xfc }}},
89 .prefixlen = 7, 93 .prefixlen = 7,
90 .label = 5, 94 .label = 5,
95 },{ /* fec0::/10 */
96 .prefix = &(struct in6_addr){{{ 0xfe, 0xc0 }}},
97 .prefixlen = 10,
98 .label = 11,
91 },{ /* 2002::/16 */ 99 },{ /* 2002::/16 */
92 .prefix = &(struct in6_addr){{{ 0x20, 0x02 }}}, 100 .prefix = &(struct in6_addr){{{ 0x20, 0x02 }}},
93 .prefixlen = 16, 101 .prefixlen = 16,
94 .label = 2, 102 .label = 2,
103 },{ /* 3ffe::/16 */
104 .prefix = &(struct in6_addr){{{ 0x3f, 0xfe }}},
105 .prefixlen = 16,
106 .label = 12,
95 },{ /* 2001::/32 */ 107 },{ /* 2001::/32 */
96 .prefix = &(struct in6_addr){{{ 0x20, 0x01 }}}, 108 .prefix = &(struct in6_addr){{{ 0x20, 0x01 }}},
97 .prefixlen = 32, 109 .prefixlen = 32,
@@ -470,10 +482,10 @@ static void ip6addrlbl_putmsg(struct nlmsghdr *nlh,
470static int ip6addrlbl_fill(struct sk_buff *skb, 482static int ip6addrlbl_fill(struct sk_buff *skb,
471 struct ip6addrlbl_entry *p, 483 struct ip6addrlbl_entry *p,
472 u32 lseq, 484 u32 lseq,
473 u32 pid, u32 seq, int event, 485 u32 portid, u32 seq, int event,
474 unsigned int flags) 486 unsigned int flags)
475{ 487{
476 struct nlmsghdr *nlh = nlmsg_put(skb, pid, seq, event, 488 struct nlmsghdr *nlh = nlmsg_put(skb, portid, seq, event,
477 sizeof(struct ifaddrlblmsg), flags); 489 sizeof(struct ifaddrlblmsg), flags);
478 if (!nlh) 490 if (!nlh)
479 return -EMSGSIZE; 491 return -EMSGSIZE;
@@ -503,7 +515,7 @@ static int ip6addrlbl_dump(struct sk_buff *skb, struct netlink_callback *cb)
503 net_eq(ip6addrlbl_net(p), net)) { 515 net_eq(ip6addrlbl_net(p), net)) {
504 if ((err = ip6addrlbl_fill(skb, p, 516 if ((err = ip6addrlbl_fill(skb, p,
505 ip6addrlbl_table.seq, 517 ip6addrlbl_table.seq,
506 NETLINK_CB(cb->skb).pid, 518 NETLINK_CB(cb->skb).portid,
507 cb->nlh->nlmsg_seq, 519 cb->nlh->nlmsg_seq,
508 RTM_NEWADDRLABEL, 520 RTM_NEWADDRLABEL,
509 NLM_F_MULTI)) <= 0) 521 NLM_F_MULTI)) <= 0)
@@ -574,7 +586,7 @@ static int ip6addrlbl_get(struct sk_buff *in_skb, struct nlmsghdr* nlh,
574 } 586 }
575 587
576 err = ip6addrlbl_fill(skb, p, lseq, 588 err = ip6addrlbl_fill(skb, p, lseq,
577 NETLINK_CB(in_skb).pid, nlh->nlmsg_seq, 589 NETLINK_CB(in_skb).portid, nlh->nlmsg_seq,
578 RTM_NEWADDRLABEL, 0); 590 RTM_NEWADDRLABEL, 0);
579 591
580 ip6addrlbl_put(p); 592 ip6addrlbl_put(p);
@@ -585,7 +597,7 @@ static int ip6addrlbl_get(struct sk_buff *in_skb, struct nlmsghdr* nlh,
585 goto out; 597 goto out;
586 } 598 }
587 599
588 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).pid); 600 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
589out: 601out:
590 return err; 602 return err;
591} 603}
diff --git a/net/ipv6/ip6_fib.c b/net/ipv6/ip6_fib.c
index 286acfc21250..24995a93ef8c 100644
--- a/net/ipv6/ip6_fib.c
+++ b/net/ipv6/ip6_fib.c
@@ -514,7 +514,7 @@ static struct fib6_node * fib6_add_1(struct fib6_node *root, void *addr,
514 ln = node_alloc(); 514 ln = node_alloc();
515 515
516 if (!ln) 516 if (!ln)
517 return NULL; 517 return ERR_PTR(-ENOMEM);
518 ln->fn_bit = plen; 518 ln->fn_bit = plen;
519 519
520 ln->parent = pn; 520 ln->parent = pn;
@@ -561,7 +561,7 @@ insert_above:
561 node_free(in); 561 node_free(in);
562 if (ln) 562 if (ln)
563 node_free(ln); 563 node_free(ln);
564 return NULL; 564 return ERR_PTR(-ENOMEM);
565 } 565 }
566 566
567 /* 567 /*
@@ -611,7 +611,7 @@ insert_above:
611 ln = node_alloc(); 611 ln = node_alloc();
612 612
613 if (!ln) 613 if (!ln)
614 return NULL; 614 return ERR_PTR(-ENOMEM);
615 615
616 ln->fn_bit = plen; 616 ln->fn_bit = plen;
617 617
@@ -777,11 +777,8 @@ int fib6_add(struct fib6_node *root, struct rt6_info *rt, struct nl_info *info)
777 777
778 if (IS_ERR(fn)) { 778 if (IS_ERR(fn)) {
779 err = PTR_ERR(fn); 779 err = PTR_ERR(fn);
780 fn = NULL;
781 }
782
783 if (!fn)
784 goto out; 780 goto out;
781 }
785 782
786 pn = fn; 783 pn = fn;
787 784
@@ -820,15 +817,12 @@ int fib6_add(struct fib6_node *root, struct rt6_info *rt, struct nl_info *info)
820 allow_create, replace_required); 817 allow_create, replace_required);
821 818
822 if (IS_ERR(sn)) { 819 if (IS_ERR(sn)) {
823 err = PTR_ERR(sn);
824 sn = NULL;
825 }
826 if (!sn) {
827 /* If it is failed, discard just allocated 820 /* If it is failed, discard just allocated
828 root, and then (in st_failure) stale node 821 root, and then (in st_failure) stale node
829 in main tree. 822 in main tree.
830 */ 823 */
831 node_free(sfn); 824 node_free(sfn);
825 err = PTR_ERR(sn);
832 goto st_failure; 826 goto st_failure;
833 } 827 }
834 828
@@ -843,10 +837,8 @@ int fib6_add(struct fib6_node *root, struct rt6_info *rt, struct nl_info *info)
843 837
844 if (IS_ERR(sn)) { 838 if (IS_ERR(sn)) {
845 err = PTR_ERR(sn); 839 err = PTR_ERR(sn);
846 sn = NULL;
847 }
848 if (!sn)
849 goto st_failure; 840 goto st_failure;
841 }
850 } 842 }
851 843
852 if (!fn->leaf) { 844 if (!fn->leaf) {
diff --git a/net/ipv6/ip6_gre.c b/net/ipv6/ip6_gre.c
new file mode 100644
index 000000000000..0185679c5f53
--- /dev/null
+++ b/net/ipv6/ip6_gre.c
@@ -0,0 +1,1770 @@
1/*
2 * GRE over IPv6 protocol decoder.
3 *
4 * Authors: Dmitry Kozlov (xeb@mail.ru)
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 *
11 */
12
13#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
14
15#include <linux/capability.h>
16#include <linux/module.h>
17#include <linux/types.h>
18#include <linux/kernel.h>
19#include <linux/slab.h>
20#include <linux/uaccess.h>
21#include <linux/skbuff.h>
22#include <linux/netdevice.h>
23#include <linux/in.h>
24#include <linux/tcp.h>
25#include <linux/udp.h>
26#include <linux/if_arp.h>
27#include <linux/mroute.h>
28#include <linux/init.h>
29#include <linux/in6.h>
30#include <linux/inetdevice.h>
31#include <linux/igmp.h>
32#include <linux/netfilter_ipv4.h>
33#include <linux/etherdevice.h>
34#include <linux/if_ether.h>
35#include <linux/hash.h>
36#include <linux/if_tunnel.h>
37#include <linux/ip6_tunnel.h>
38
39#include <net/sock.h>
40#include <net/ip.h>
41#include <net/icmp.h>
42#include <net/protocol.h>
43#include <net/addrconf.h>
44#include <net/arp.h>
45#include <net/checksum.h>
46#include <net/dsfield.h>
47#include <net/inet_ecn.h>
48#include <net/xfrm.h>
49#include <net/net_namespace.h>
50#include <net/netns/generic.h>
51#include <net/rtnetlink.h>
52
53#include <net/ipv6.h>
54#include <net/ip6_fib.h>
55#include <net/ip6_route.h>
56#include <net/ip6_tunnel.h>
57
58
59static bool log_ecn_error = true;
60module_param(log_ecn_error, bool, 0644);
61MODULE_PARM_DESC(log_ecn_error, "Log packets received with corrupted ECN");
62
63#define IPV6_TCLASS_MASK (IPV6_FLOWINFO_MASK & ~IPV6_FLOWLABEL_MASK)
64#define IPV6_TCLASS_SHIFT 20
65
66#define HASH_SIZE_SHIFT 5
67#define HASH_SIZE (1 << HASH_SIZE_SHIFT)
68
69static int ip6gre_net_id __read_mostly;
70struct ip6gre_net {
71 struct ip6_tnl __rcu *tunnels[4][HASH_SIZE];
72
73 struct net_device *fb_tunnel_dev;
74};
75
76static struct rtnl_link_ops ip6gre_link_ops __read_mostly;
77static int ip6gre_tunnel_init(struct net_device *dev);
78static void ip6gre_tunnel_setup(struct net_device *dev);
79static void ip6gre_tunnel_link(struct ip6gre_net *ign, struct ip6_tnl *t);
80static void ip6gre_tnl_link_config(struct ip6_tnl *t, int set_mtu);
81
82/* Tunnel hash table */
83
84/*
85 4 hash tables:
86
87 3: (remote,local)
88 2: (remote,*)
89 1: (*,local)
90 0: (*,*)
91
92 We require exact key match i.e. if a key is present in packet
93 it will match only tunnel with the same key; if it is not present,
94 it will match only keyless tunnel.
95
96 All keysless packets, if not matched configured keyless tunnels
97 will match fallback tunnel.
98 */
99
100#define HASH_KEY(key) (((__force u32)key^((__force u32)key>>4))&(HASH_SIZE - 1))
101static u32 HASH_ADDR(const struct in6_addr *addr)
102{
103 u32 hash = ipv6_addr_hash(addr);
104
105 return hash_32(hash, HASH_SIZE_SHIFT);
106}
107
108#define tunnels_r_l tunnels[3]
109#define tunnels_r tunnels[2]
110#define tunnels_l tunnels[1]
111#define tunnels_wc tunnels[0]
112/*
113 * Locking : hash tables are protected by RCU and RTNL
114 */
115
116#define for_each_ip_tunnel_rcu(start) \
117 for (t = rcu_dereference(start); t; t = rcu_dereference(t->next))
118
119/* often modified stats are per cpu, other are shared (netdev->stats) */
120struct pcpu_tstats {
121 u64 rx_packets;
122 u64 rx_bytes;
123 u64 tx_packets;
124 u64 tx_bytes;
125 struct u64_stats_sync syncp;
126};
127
128static struct rtnl_link_stats64 *ip6gre_get_stats64(struct net_device *dev,
129 struct rtnl_link_stats64 *tot)
130{
131 int i;
132
133 for_each_possible_cpu(i) {
134 const struct pcpu_tstats *tstats = per_cpu_ptr(dev->tstats, i);
135 u64 rx_packets, rx_bytes, tx_packets, tx_bytes;
136 unsigned int start;
137
138 do {
139 start = u64_stats_fetch_begin_bh(&tstats->syncp);
140 rx_packets = tstats->rx_packets;
141 tx_packets = tstats->tx_packets;
142 rx_bytes = tstats->rx_bytes;
143 tx_bytes = tstats->tx_bytes;
144 } while (u64_stats_fetch_retry_bh(&tstats->syncp, start));
145
146 tot->rx_packets += rx_packets;
147 tot->tx_packets += tx_packets;
148 tot->rx_bytes += rx_bytes;
149 tot->tx_bytes += tx_bytes;
150 }
151
152 tot->multicast = dev->stats.multicast;
153 tot->rx_crc_errors = dev->stats.rx_crc_errors;
154 tot->rx_fifo_errors = dev->stats.rx_fifo_errors;
155 tot->rx_length_errors = dev->stats.rx_length_errors;
156 tot->rx_frame_errors = dev->stats.rx_frame_errors;
157 tot->rx_errors = dev->stats.rx_errors;
158
159 tot->tx_fifo_errors = dev->stats.tx_fifo_errors;
160 tot->tx_carrier_errors = dev->stats.tx_carrier_errors;
161 tot->tx_dropped = dev->stats.tx_dropped;
162 tot->tx_aborted_errors = dev->stats.tx_aborted_errors;
163 tot->tx_errors = dev->stats.tx_errors;
164
165 return tot;
166}
167
168/* Given src, dst and key, find appropriate for input tunnel. */
169
170static struct ip6_tnl *ip6gre_tunnel_lookup(struct net_device *dev,
171 const struct in6_addr *remote, const struct in6_addr *local,
172 __be32 key, __be16 gre_proto)
173{
174 struct net *net = dev_net(dev);
175 int link = dev->ifindex;
176 unsigned int h0 = HASH_ADDR(remote);
177 unsigned int h1 = HASH_KEY(key);
178 struct ip6_tnl *t, *cand = NULL;
179 struct ip6gre_net *ign = net_generic(net, ip6gre_net_id);
180 int dev_type = (gre_proto == htons(ETH_P_TEB)) ?
181 ARPHRD_ETHER : ARPHRD_IP6GRE;
182 int score, cand_score = 4;
183
184 for_each_ip_tunnel_rcu(ign->tunnels_r_l[h0 ^ h1]) {
185 if (!ipv6_addr_equal(local, &t->parms.laddr) ||
186 !ipv6_addr_equal(remote, &t->parms.raddr) ||
187 key != t->parms.i_key ||
188 !(t->dev->flags & IFF_UP))
189 continue;
190
191 if (t->dev->type != ARPHRD_IP6GRE &&
192 t->dev->type != dev_type)
193 continue;
194
195 score = 0;
196 if (t->parms.link != link)
197 score |= 1;
198 if (t->dev->type != dev_type)
199 score |= 2;
200 if (score == 0)
201 return t;
202
203 if (score < cand_score) {
204 cand = t;
205 cand_score = score;
206 }
207 }
208
209 for_each_ip_tunnel_rcu(ign->tunnels_r[h0 ^ h1]) {
210 if (!ipv6_addr_equal(remote, &t->parms.raddr) ||
211 key != t->parms.i_key ||
212 !(t->dev->flags & IFF_UP))
213 continue;
214
215 if (t->dev->type != ARPHRD_IP6GRE &&
216 t->dev->type != dev_type)
217 continue;
218
219 score = 0;
220 if (t->parms.link != link)
221 score |= 1;
222 if (t->dev->type != dev_type)
223 score |= 2;
224 if (score == 0)
225 return t;
226
227 if (score < cand_score) {
228 cand = t;
229 cand_score = score;
230 }
231 }
232
233 for_each_ip_tunnel_rcu(ign->tunnels_l[h1]) {
234 if ((!ipv6_addr_equal(local, &t->parms.laddr) &&
235 (!ipv6_addr_equal(local, &t->parms.raddr) ||
236 !ipv6_addr_is_multicast(local))) ||
237 key != t->parms.i_key ||
238 !(t->dev->flags & IFF_UP))
239 continue;
240
241 if (t->dev->type != ARPHRD_IP6GRE &&
242 t->dev->type != dev_type)
243 continue;
244
245 score = 0;
246 if (t->parms.link != link)
247 score |= 1;
248 if (t->dev->type != dev_type)
249 score |= 2;
250 if (score == 0)
251 return t;
252
253 if (score < cand_score) {
254 cand = t;
255 cand_score = score;
256 }
257 }
258
259 for_each_ip_tunnel_rcu(ign->tunnels_wc[h1]) {
260 if (t->parms.i_key != key ||
261 !(t->dev->flags & IFF_UP))
262 continue;
263
264 if (t->dev->type != ARPHRD_IP6GRE &&
265 t->dev->type != dev_type)
266 continue;
267
268 score = 0;
269 if (t->parms.link != link)
270 score |= 1;
271 if (t->dev->type != dev_type)
272 score |= 2;
273 if (score == 0)
274 return t;
275
276 if (score < cand_score) {
277 cand = t;
278 cand_score = score;
279 }
280 }
281
282 if (cand != NULL)
283 return cand;
284
285 dev = ign->fb_tunnel_dev;
286 if (dev->flags & IFF_UP)
287 return netdev_priv(dev);
288
289 return NULL;
290}
291
292static struct ip6_tnl __rcu **__ip6gre_bucket(struct ip6gre_net *ign,
293 const struct __ip6_tnl_parm *p)
294{
295 const struct in6_addr *remote = &p->raddr;
296 const struct in6_addr *local = &p->laddr;
297 unsigned int h = HASH_KEY(p->i_key);
298 int prio = 0;
299
300 if (!ipv6_addr_any(local))
301 prio |= 1;
302 if (!ipv6_addr_any(remote) && !ipv6_addr_is_multicast(remote)) {
303 prio |= 2;
304 h ^= HASH_ADDR(remote);
305 }
306
307 return &ign->tunnels[prio][h];
308}
309
310static inline struct ip6_tnl __rcu **ip6gre_bucket(struct ip6gre_net *ign,
311 const struct ip6_tnl *t)
312{
313 return __ip6gre_bucket(ign, &t->parms);
314}
315
316static void ip6gre_tunnel_link(struct ip6gre_net *ign, struct ip6_tnl *t)
317{
318 struct ip6_tnl __rcu **tp = ip6gre_bucket(ign, t);
319
320 rcu_assign_pointer(t->next, rtnl_dereference(*tp));
321 rcu_assign_pointer(*tp, t);
322}
323
324static void ip6gre_tunnel_unlink(struct ip6gre_net *ign, struct ip6_tnl *t)
325{
326 struct ip6_tnl __rcu **tp;
327 struct ip6_tnl *iter;
328
329 for (tp = ip6gre_bucket(ign, t);
330 (iter = rtnl_dereference(*tp)) != NULL;
331 tp = &iter->next) {
332 if (t == iter) {
333 rcu_assign_pointer(*tp, t->next);
334 break;
335 }
336 }
337}
338
339static struct ip6_tnl *ip6gre_tunnel_find(struct net *net,
340 const struct __ip6_tnl_parm *parms,
341 int type)
342{
343 const struct in6_addr *remote = &parms->raddr;
344 const struct in6_addr *local = &parms->laddr;
345 __be32 key = parms->i_key;
346 int link = parms->link;
347 struct ip6_tnl *t;
348 struct ip6_tnl __rcu **tp;
349 struct ip6gre_net *ign = net_generic(net, ip6gre_net_id);
350
351 for (tp = __ip6gre_bucket(ign, parms);
352 (t = rtnl_dereference(*tp)) != NULL;
353 tp = &t->next)
354 if (ipv6_addr_equal(local, &t->parms.laddr) &&
355 ipv6_addr_equal(remote, &t->parms.raddr) &&
356 key == t->parms.i_key &&
357 link == t->parms.link &&
358 type == t->dev->type)
359 break;
360
361 return t;
362}
363
364static struct ip6_tnl *ip6gre_tunnel_locate(struct net *net,
365 const struct __ip6_tnl_parm *parms, int create)
366{
367 struct ip6_tnl *t, *nt;
368 struct net_device *dev;
369 char name[IFNAMSIZ];
370 struct ip6gre_net *ign = net_generic(net, ip6gre_net_id);
371
372 t = ip6gre_tunnel_find(net, parms, ARPHRD_IP6GRE);
373 if (t || !create)
374 return t;
375
376 if (parms->name[0])
377 strlcpy(name, parms->name, IFNAMSIZ);
378 else
379 strcpy(name, "ip6gre%d");
380
381 dev = alloc_netdev(sizeof(*t), name, ip6gre_tunnel_setup);
382 if (!dev)
383 return NULL;
384
385 dev_net_set(dev, net);
386
387 nt = netdev_priv(dev);
388 nt->parms = *parms;
389 dev->rtnl_link_ops = &ip6gre_link_ops;
390
391 nt->dev = dev;
392 ip6gre_tnl_link_config(nt, 1);
393
394 if (register_netdevice(dev) < 0)
395 goto failed_free;
396
397 /* Can use a lockless transmit, unless we generate output sequences */
398 if (!(nt->parms.o_flags & GRE_SEQ))
399 dev->features |= NETIF_F_LLTX;
400
401 dev_hold(dev);
402 ip6gre_tunnel_link(ign, nt);
403 return nt;
404
405failed_free:
406 free_netdev(dev);
407 return NULL;
408}
409
410static void ip6gre_tunnel_uninit(struct net_device *dev)
411{
412 struct net *net = dev_net(dev);
413 struct ip6gre_net *ign = net_generic(net, ip6gre_net_id);
414
415 ip6gre_tunnel_unlink(ign, netdev_priv(dev));
416 dev_put(dev);
417}
418
419
420static void ip6gre_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
421 u8 type, u8 code, int offset, __be32 info)
422{
423 const struct ipv6hdr *ipv6h = (const struct ipv6hdr *)skb->data;
424 __be16 *p = (__be16 *)(skb->data + offset);
425 int grehlen = offset + 4;
426 struct ip6_tnl *t;
427 __be16 flags;
428
429 flags = p[0];
430 if (flags&(GRE_CSUM|GRE_KEY|GRE_SEQ|GRE_ROUTING|GRE_VERSION)) {
431 if (flags&(GRE_VERSION|GRE_ROUTING))
432 return;
433 if (flags&GRE_KEY) {
434 grehlen += 4;
435 if (flags&GRE_CSUM)
436 grehlen += 4;
437 }
438 }
439
440 /* If only 8 bytes returned, keyed message will be dropped here */
441 if (!pskb_may_pull(skb, grehlen))
442 return;
443 ipv6h = (const struct ipv6hdr *)skb->data;
444 p = (__be16 *)(skb->data + offset);
445
446 t = ip6gre_tunnel_lookup(skb->dev, &ipv6h->daddr, &ipv6h->saddr,
447 flags & GRE_KEY ?
448 *(((__be32 *)p) + (grehlen / 4) - 1) : 0,
449 p[1]);
450 if (t == NULL)
451 return;
452
453 switch (type) {
454 __u32 teli;
455 struct ipv6_tlv_tnl_enc_lim *tel;
456 __u32 mtu;
457 case ICMPV6_DEST_UNREACH:
458 net_warn_ratelimited("%s: Path to destination invalid or inactive!\n",
459 t->parms.name);
460 break;
461 case ICMPV6_TIME_EXCEED:
462 if (code == ICMPV6_EXC_HOPLIMIT) {
463 net_warn_ratelimited("%s: Too small hop limit or routing loop in tunnel!\n",
464 t->parms.name);
465 }
466 break;
467 case ICMPV6_PARAMPROB:
468 teli = 0;
469 if (code == ICMPV6_HDR_FIELD)
470 teli = ip6_tnl_parse_tlv_enc_lim(skb, skb->data);
471
472 if (teli && teli == info - 2) {
473 tel = (struct ipv6_tlv_tnl_enc_lim *) &skb->data[teli];
474 if (tel->encap_limit == 0) {
475 net_warn_ratelimited("%s: Too small encapsulation limit or routing loop in tunnel!\n",
476 t->parms.name);
477 }
478 } else {
479 net_warn_ratelimited("%s: Recipient unable to parse tunneled packet!\n",
480 t->parms.name);
481 }
482 break;
483 case ICMPV6_PKT_TOOBIG:
484 mtu = info - offset;
485 if (mtu < IPV6_MIN_MTU)
486 mtu = IPV6_MIN_MTU;
487 t->dev->mtu = mtu;
488 break;
489 }
490
491 if (time_before(jiffies, t->err_time + IP6TUNNEL_ERR_TIMEO))
492 t->err_count++;
493 else
494 t->err_count = 1;
495 t->err_time = jiffies;
496}
497
498static int ip6gre_rcv(struct sk_buff *skb)
499{
500 const struct ipv6hdr *ipv6h;
501 u8 *h;
502 __be16 flags;
503 __sum16 csum = 0;
504 __be32 key = 0;
505 u32 seqno = 0;
506 struct ip6_tnl *tunnel;
507 int offset = 4;
508 __be16 gre_proto;
509 int err;
510
511 if (!pskb_may_pull(skb, sizeof(struct in6_addr)))
512 goto drop;
513
514 ipv6h = ipv6_hdr(skb);
515 h = skb->data;
516 flags = *(__be16 *)h;
517
518 if (flags&(GRE_CSUM|GRE_KEY|GRE_ROUTING|GRE_SEQ|GRE_VERSION)) {
519 /* - Version must be 0.
520 - We do not support routing headers.
521 */
522 if (flags&(GRE_VERSION|GRE_ROUTING))
523 goto drop;
524
525 if (flags&GRE_CSUM) {
526 switch (skb->ip_summed) {
527 case CHECKSUM_COMPLETE:
528 csum = csum_fold(skb->csum);
529 if (!csum)
530 break;
531 /* fall through */
532 case CHECKSUM_NONE:
533 skb->csum = 0;
534 csum = __skb_checksum_complete(skb);
535 skb->ip_summed = CHECKSUM_COMPLETE;
536 }
537 offset += 4;
538 }
539 if (flags&GRE_KEY) {
540 key = *(__be32 *)(h + offset);
541 offset += 4;
542 }
543 if (flags&GRE_SEQ) {
544 seqno = ntohl(*(__be32 *)(h + offset));
545 offset += 4;
546 }
547 }
548
549 gre_proto = *(__be16 *)(h + 2);
550
551 tunnel = ip6gre_tunnel_lookup(skb->dev,
552 &ipv6h->saddr, &ipv6h->daddr, key,
553 gre_proto);
554 if (tunnel) {
555 struct pcpu_tstats *tstats;
556
557 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
558 goto drop;
559
560 if (!ip6_tnl_rcv_ctl(tunnel, &ipv6h->daddr, &ipv6h->saddr)) {
561 tunnel->dev->stats.rx_dropped++;
562 goto drop;
563 }
564
565 secpath_reset(skb);
566
567 skb->protocol = gre_proto;
568 /* WCCP version 1 and 2 protocol decoding.
569 * - Change protocol to IP
570 * - When dealing with WCCPv2, Skip extra 4 bytes in GRE header
571 */
572 if (flags == 0 && gre_proto == htons(ETH_P_WCCP)) {
573 skb->protocol = htons(ETH_P_IP);
574 if ((*(h + offset) & 0xF0) != 0x40)
575 offset += 4;
576 }
577
578 skb->mac_header = skb->network_header;
579 __pskb_pull(skb, offset);
580 skb_postpull_rcsum(skb, skb_transport_header(skb), offset);
581 skb->pkt_type = PACKET_HOST;
582
583 if (((flags&GRE_CSUM) && csum) ||
584 (!(flags&GRE_CSUM) && tunnel->parms.i_flags&GRE_CSUM)) {
585 tunnel->dev->stats.rx_crc_errors++;
586 tunnel->dev->stats.rx_errors++;
587 goto drop;
588 }
589 if (tunnel->parms.i_flags&GRE_SEQ) {
590 if (!(flags&GRE_SEQ) ||
591 (tunnel->i_seqno &&
592 (s32)(seqno - tunnel->i_seqno) < 0)) {
593 tunnel->dev->stats.rx_fifo_errors++;
594 tunnel->dev->stats.rx_errors++;
595 goto drop;
596 }
597 tunnel->i_seqno = seqno + 1;
598 }
599
600 /* Warning: All skb pointers will be invalidated! */
601 if (tunnel->dev->type == ARPHRD_ETHER) {
602 if (!pskb_may_pull(skb, ETH_HLEN)) {
603 tunnel->dev->stats.rx_length_errors++;
604 tunnel->dev->stats.rx_errors++;
605 goto drop;
606 }
607
608 ipv6h = ipv6_hdr(skb);
609 skb->protocol = eth_type_trans(skb, tunnel->dev);
610 skb_postpull_rcsum(skb, eth_hdr(skb), ETH_HLEN);
611 }
612
613 __skb_tunnel_rx(skb, tunnel->dev);
614
615 skb_reset_network_header(skb);
616
617 err = IP6_ECN_decapsulate(ipv6h, skb);
618 if (unlikely(err)) {
619 if (log_ecn_error)
620 net_info_ratelimited("non-ECT from %pI6 with dsfield=%#x\n",
621 &ipv6h->saddr,
622 ipv6_get_dsfield(ipv6h));
623 if (err > 1) {
624 ++tunnel->dev->stats.rx_frame_errors;
625 ++tunnel->dev->stats.rx_errors;
626 goto drop;
627 }
628 }
629
630 tstats = this_cpu_ptr(tunnel->dev->tstats);
631 u64_stats_update_begin(&tstats->syncp);
632 tstats->rx_packets++;
633 tstats->rx_bytes += skb->len;
634 u64_stats_update_end(&tstats->syncp);
635
636 netif_rx(skb);
637
638 return 0;
639 }
640 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_PORT_UNREACH, 0);
641
642drop:
643 kfree_skb(skb);
644 return 0;
645}
646
647struct ipv6_tel_txoption {
648 struct ipv6_txoptions ops;
649 __u8 dst_opt[8];
650};
651
652static void init_tel_txopt(struct ipv6_tel_txoption *opt, __u8 encap_limit)
653{
654 memset(opt, 0, sizeof(struct ipv6_tel_txoption));
655
656 opt->dst_opt[2] = IPV6_TLV_TNL_ENCAP_LIMIT;
657 opt->dst_opt[3] = 1;
658 opt->dst_opt[4] = encap_limit;
659 opt->dst_opt[5] = IPV6_TLV_PADN;
660 opt->dst_opt[6] = 1;
661
662 opt->ops.dst0opt = (struct ipv6_opt_hdr *) opt->dst_opt;
663 opt->ops.opt_nflen = 8;
664}
665
666static netdev_tx_t ip6gre_xmit2(struct sk_buff *skb,
667 struct net_device *dev,
668 __u8 dsfield,
669 struct flowi6 *fl6,
670 int encap_limit,
671 __u32 *pmtu)
672{
673 struct net *net = dev_net(dev);
674 struct ip6_tnl *tunnel = netdev_priv(dev);
675 struct net_device *tdev; /* Device to other host */
676 struct ipv6hdr *ipv6h; /* Our new IP header */
677 unsigned int max_headroom; /* The extra header space needed */
678 int gre_hlen;
679 struct ipv6_tel_txoption opt;
680 int mtu;
681 struct dst_entry *dst = NULL, *ndst = NULL;
682 struct net_device_stats *stats = &tunnel->dev->stats;
683 int err = -1;
684 u8 proto;
685 int pkt_len;
686 struct sk_buff *new_skb;
687
688 if (dev->type == ARPHRD_ETHER)
689 IPCB(skb)->flags = 0;
690
691 if (dev->header_ops && dev->type == ARPHRD_IP6GRE) {
692 gre_hlen = 0;
693 ipv6h = (struct ipv6hdr *)skb->data;
694 fl6->daddr = ipv6h->daddr;
695 } else {
696 gre_hlen = tunnel->hlen;
697 fl6->daddr = tunnel->parms.raddr;
698 }
699
700 if (!fl6->flowi6_mark)
701 dst = ip6_tnl_dst_check(tunnel);
702
703 if (!dst) {
704 ndst = ip6_route_output(net, NULL, fl6);
705
706 if (ndst->error)
707 goto tx_err_link_failure;
708 ndst = xfrm_lookup(net, ndst, flowi6_to_flowi(fl6), NULL, 0);
709 if (IS_ERR(ndst)) {
710 err = PTR_ERR(ndst);
711 ndst = NULL;
712 goto tx_err_link_failure;
713 }
714 dst = ndst;
715 }
716
717 tdev = dst->dev;
718
719 if (tdev == dev) {
720 stats->collisions++;
721 net_warn_ratelimited("%s: Local routing loop detected!\n",
722 tunnel->parms.name);
723 goto tx_err_dst_release;
724 }
725
726 mtu = dst_mtu(dst) - sizeof(*ipv6h);
727 if (encap_limit >= 0) {
728 max_headroom += 8;
729 mtu -= 8;
730 }
731 if (mtu < IPV6_MIN_MTU)
732 mtu = IPV6_MIN_MTU;
733 if (skb_dst(skb))
734 skb_dst(skb)->ops->update_pmtu(skb_dst(skb), NULL, skb, mtu);
735 if (skb->len > mtu) {
736 *pmtu = mtu;
737 err = -EMSGSIZE;
738 goto tx_err_dst_release;
739 }
740
741 if (tunnel->err_count > 0) {
742 if (time_before(jiffies,
743 tunnel->err_time + IP6TUNNEL_ERR_TIMEO)) {
744 tunnel->err_count--;
745
746 dst_link_failure(skb);
747 } else
748 tunnel->err_count = 0;
749 }
750
751 max_headroom = LL_RESERVED_SPACE(tdev) + gre_hlen + dst->header_len;
752
753 if (skb_headroom(skb) < max_headroom || skb_shared(skb) ||
754 (skb_cloned(skb) && !skb_clone_writable(skb, 0))) {
755 new_skb = skb_realloc_headroom(skb, max_headroom);
756 if (max_headroom > dev->needed_headroom)
757 dev->needed_headroom = max_headroom;
758 if (!new_skb)
759 goto tx_err_dst_release;
760
761 if (skb->sk)
762 skb_set_owner_w(new_skb, skb->sk);
763 consume_skb(skb);
764 skb = new_skb;
765 }
766
767 skb_dst_drop(skb);
768
769 if (fl6->flowi6_mark) {
770 skb_dst_set(skb, dst);
771 ndst = NULL;
772 } else {
773 skb_dst_set_noref(skb, dst);
774 }
775
776 skb->transport_header = skb->network_header;
777
778 proto = NEXTHDR_GRE;
779 if (encap_limit >= 0) {
780 init_tel_txopt(&opt, encap_limit);
781 ipv6_push_nfrag_opts(skb, &opt.ops, &proto, NULL);
782 }
783
784 skb_push(skb, gre_hlen);
785 skb_reset_network_header(skb);
786
787 /*
788 * Push down and install the IP header.
789 */
790 ipv6h = ipv6_hdr(skb);
791 *(__be32 *)ipv6h = fl6->flowlabel | htonl(0x60000000);
792 dsfield = INET_ECN_encapsulate(0, dsfield);
793 ipv6_change_dsfield(ipv6h, ~INET_ECN_MASK, dsfield);
794 ipv6h->hop_limit = tunnel->parms.hop_limit;
795 ipv6h->nexthdr = proto;
796 ipv6h->saddr = fl6->saddr;
797 ipv6h->daddr = fl6->daddr;
798
799 ((__be16 *)(ipv6h + 1))[0] = tunnel->parms.o_flags;
800 ((__be16 *)(ipv6h + 1))[1] = (dev->type == ARPHRD_ETHER) ?
801 htons(ETH_P_TEB) : skb->protocol;
802
803 if (tunnel->parms.o_flags&(GRE_KEY|GRE_CSUM|GRE_SEQ)) {
804 __be32 *ptr = (__be32 *)(((u8 *)ipv6h) + tunnel->hlen - 4);
805
806 if (tunnel->parms.o_flags&GRE_SEQ) {
807 ++tunnel->o_seqno;
808 *ptr = htonl(tunnel->o_seqno);
809 ptr--;
810 }
811 if (tunnel->parms.o_flags&GRE_KEY) {
812 *ptr = tunnel->parms.o_key;
813 ptr--;
814 }
815 if (tunnel->parms.o_flags&GRE_CSUM) {
816 *ptr = 0;
817 *(__sum16 *)ptr = ip_compute_csum((void *)(ipv6h+1),
818 skb->len - sizeof(struct ipv6hdr));
819 }
820 }
821
822 nf_reset(skb);
823 pkt_len = skb->len;
824 err = ip6_local_out(skb);
825
826 if (net_xmit_eval(err) == 0) {
827 struct pcpu_tstats *tstats = this_cpu_ptr(tunnel->dev->tstats);
828
829 tstats->tx_bytes += pkt_len;
830 tstats->tx_packets++;
831 } else {
832 stats->tx_errors++;
833 stats->tx_aborted_errors++;
834 }
835
836 if (ndst)
837 ip6_tnl_dst_store(tunnel, ndst);
838
839 return 0;
840tx_err_link_failure:
841 stats->tx_carrier_errors++;
842 dst_link_failure(skb);
843tx_err_dst_release:
844 dst_release(ndst);
845 return err;
846}
847
848static inline int ip6gre_xmit_ipv4(struct sk_buff *skb, struct net_device *dev)
849{
850 struct ip6_tnl *t = netdev_priv(dev);
851 const struct iphdr *iph = ip_hdr(skb);
852 int encap_limit = -1;
853 struct flowi6 fl6;
854 __u8 dsfield;
855 __u32 mtu;
856 int err;
857
858 if (!(t->parms.flags & IP6_TNL_F_IGN_ENCAP_LIMIT))
859 encap_limit = t->parms.encap_limit;
860
861 memcpy(&fl6, &t->fl.u.ip6, sizeof(fl6));
862 fl6.flowi6_proto = IPPROTO_IPIP;
863
864 dsfield = ipv4_get_dsfield(iph);
865
866 if (t->parms.flags & IP6_TNL_F_USE_ORIG_TCLASS)
867 fl6.flowlabel |= htonl((__u32)iph->tos << IPV6_TCLASS_SHIFT)
868 & IPV6_TCLASS_MASK;
869 if (t->parms.flags & IP6_TNL_F_USE_ORIG_FWMARK)
870 fl6.flowi6_mark = skb->mark;
871
872 err = ip6gre_xmit2(skb, dev, dsfield, &fl6, encap_limit, &mtu);
873 if (err != 0) {
874 /* XXX: send ICMP error even if DF is not set. */
875 if (err == -EMSGSIZE)
876 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED,
877 htonl(mtu));
878 return -1;
879 }
880
881 return 0;
882}
883
884static inline int ip6gre_xmit_ipv6(struct sk_buff *skb, struct net_device *dev)
885{
886 struct ip6_tnl *t = netdev_priv(dev);
887 struct ipv6hdr *ipv6h = ipv6_hdr(skb);
888 int encap_limit = -1;
889 __u16 offset;
890 struct flowi6 fl6;
891 __u8 dsfield;
892 __u32 mtu;
893 int err;
894
895 if (ipv6_addr_equal(&t->parms.raddr, &ipv6h->saddr))
896 return -1;
897
898 offset = ip6_tnl_parse_tlv_enc_lim(skb, skb_network_header(skb));
899 if (offset > 0) {
900 struct ipv6_tlv_tnl_enc_lim *tel;
901 tel = (struct ipv6_tlv_tnl_enc_lim *)&skb_network_header(skb)[offset];
902 if (tel->encap_limit == 0) {
903 icmpv6_send(skb, ICMPV6_PARAMPROB,
904 ICMPV6_HDR_FIELD, offset + 2);
905 return -1;
906 }
907 encap_limit = tel->encap_limit - 1;
908 } else if (!(t->parms.flags & IP6_TNL_F_IGN_ENCAP_LIMIT))
909 encap_limit = t->parms.encap_limit;
910
911 memcpy(&fl6, &t->fl.u.ip6, sizeof(fl6));
912 fl6.flowi6_proto = IPPROTO_IPV6;
913
914 dsfield = ipv6_get_dsfield(ipv6h);
915 if (t->parms.flags & IP6_TNL_F_USE_ORIG_TCLASS)
916 fl6.flowlabel |= (*(__be32 *) ipv6h & IPV6_TCLASS_MASK);
917 if (t->parms.flags & IP6_TNL_F_USE_ORIG_FLOWLABEL)
918 fl6.flowlabel |= (*(__be32 *) ipv6h & IPV6_FLOWLABEL_MASK);
919 if (t->parms.flags & IP6_TNL_F_USE_ORIG_FWMARK)
920 fl6.flowi6_mark = skb->mark;
921
922 err = ip6gre_xmit2(skb, dev, dsfield, &fl6, encap_limit, &mtu);
923 if (err != 0) {
924 if (err == -EMSGSIZE)
925 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
926 return -1;
927 }
928
929 return 0;
930}
931
932/**
933 * ip6_tnl_addr_conflict - compare packet addresses to tunnel's own
934 * @t: the outgoing tunnel device
935 * @hdr: IPv6 header from the incoming packet
936 *
937 * Description:
938 * Avoid trivial tunneling loop by checking that tunnel exit-point
939 * doesn't match source of incoming packet.
940 *
941 * Return:
942 * 1 if conflict,
943 * 0 else
944 **/
945
946static inline bool ip6gre_tnl_addr_conflict(const struct ip6_tnl *t,
947 const struct ipv6hdr *hdr)
948{
949 return ipv6_addr_equal(&t->parms.raddr, &hdr->saddr);
950}
951
952static int ip6gre_xmit_other(struct sk_buff *skb, struct net_device *dev)
953{
954 struct ip6_tnl *t = netdev_priv(dev);
955 int encap_limit = -1;
956 struct flowi6 fl6;
957 __u32 mtu;
958 int err;
959
960 if (!(t->parms.flags & IP6_TNL_F_IGN_ENCAP_LIMIT))
961 encap_limit = t->parms.encap_limit;
962
963 memcpy(&fl6, &t->fl.u.ip6, sizeof(fl6));
964 fl6.flowi6_proto = skb->protocol;
965
966 err = ip6gre_xmit2(skb, dev, 0, &fl6, encap_limit, &mtu);
967
968 return err;
969}
970
971static netdev_tx_t ip6gre_tunnel_xmit(struct sk_buff *skb,
972 struct net_device *dev)
973{
974 struct ip6_tnl *t = netdev_priv(dev);
975 struct net_device_stats *stats = &t->dev->stats;
976 int ret;
977
978 if (!ip6_tnl_xmit_ctl(t))
979 return -1;
980
981 switch (skb->protocol) {
982 case htons(ETH_P_IP):
983 ret = ip6gre_xmit_ipv4(skb, dev);
984 break;
985 case htons(ETH_P_IPV6):
986 ret = ip6gre_xmit_ipv6(skb, dev);
987 break;
988 default:
989 ret = ip6gre_xmit_other(skb, dev);
990 break;
991 }
992
993 if (ret < 0)
994 goto tx_err;
995
996 return NETDEV_TX_OK;
997
998tx_err:
999 stats->tx_errors++;
1000 stats->tx_dropped++;
1001 kfree_skb(skb);
1002 return NETDEV_TX_OK;
1003}
1004
1005static void ip6gre_tnl_link_config(struct ip6_tnl *t, int set_mtu)
1006{
1007 struct net_device *dev = t->dev;
1008 struct __ip6_tnl_parm *p = &t->parms;
1009 struct flowi6 *fl6 = &t->fl.u.ip6;
1010 int addend = sizeof(struct ipv6hdr) + 4;
1011
1012 if (dev->type != ARPHRD_ETHER) {
1013 memcpy(dev->dev_addr, &p->laddr, sizeof(struct in6_addr));
1014 memcpy(dev->broadcast, &p->raddr, sizeof(struct in6_addr));
1015 }
1016
1017 /* Set up flowi template */
1018 fl6->saddr = p->laddr;
1019 fl6->daddr = p->raddr;
1020 fl6->flowi6_oif = p->link;
1021 fl6->flowlabel = 0;
1022
1023 if (!(p->flags&IP6_TNL_F_USE_ORIG_TCLASS))
1024 fl6->flowlabel |= IPV6_TCLASS_MASK & p->flowinfo;
1025 if (!(p->flags&IP6_TNL_F_USE_ORIG_FLOWLABEL))
1026 fl6->flowlabel |= IPV6_FLOWLABEL_MASK & p->flowinfo;
1027
1028 p->flags &= ~(IP6_TNL_F_CAP_XMIT|IP6_TNL_F_CAP_RCV|IP6_TNL_F_CAP_PER_PACKET);
1029 p->flags |= ip6_tnl_get_cap(t, &p->laddr, &p->raddr);
1030
1031 if (p->flags&IP6_TNL_F_CAP_XMIT &&
1032 p->flags&IP6_TNL_F_CAP_RCV && dev->type != ARPHRD_ETHER)
1033 dev->flags |= IFF_POINTOPOINT;
1034 else
1035 dev->flags &= ~IFF_POINTOPOINT;
1036
1037 dev->iflink = p->link;
1038
1039 /* Precalculate GRE options length */
1040 if (t->parms.o_flags&(GRE_CSUM|GRE_KEY|GRE_SEQ)) {
1041 if (t->parms.o_flags&GRE_CSUM)
1042 addend += 4;
1043 if (t->parms.o_flags&GRE_KEY)
1044 addend += 4;
1045 if (t->parms.o_flags&GRE_SEQ)
1046 addend += 4;
1047 }
1048
1049 if (p->flags & IP6_TNL_F_CAP_XMIT) {
1050 int strict = (ipv6_addr_type(&p->raddr) &
1051 (IPV6_ADDR_MULTICAST|IPV6_ADDR_LINKLOCAL));
1052
1053 struct rt6_info *rt = rt6_lookup(dev_net(dev),
1054 &p->raddr, &p->laddr,
1055 p->link, strict);
1056
1057 if (rt == NULL)
1058 return;
1059
1060 if (rt->dst.dev) {
1061 dev->hard_header_len = rt->dst.dev->hard_header_len + addend;
1062
1063 if (set_mtu) {
1064 dev->mtu = rt->dst.dev->mtu - addend;
1065 if (!(t->parms.flags & IP6_TNL_F_IGN_ENCAP_LIMIT))
1066 dev->mtu -= 8;
1067
1068 if (dev->mtu < IPV6_MIN_MTU)
1069 dev->mtu = IPV6_MIN_MTU;
1070 }
1071 }
1072 dst_release(&rt->dst);
1073 }
1074
1075 t->hlen = addend;
1076}
1077
1078static int ip6gre_tnl_change(struct ip6_tnl *t,
1079 const struct __ip6_tnl_parm *p, int set_mtu)
1080{
1081 t->parms.laddr = p->laddr;
1082 t->parms.raddr = p->raddr;
1083 t->parms.flags = p->flags;
1084 t->parms.hop_limit = p->hop_limit;
1085 t->parms.encap_limit = p->encap_limit;
1086 t->parms.flowinfo = p->flowinfo;
1087 t->parms.link = p->link;
1088 t->parms.proto = p->proto;
1089 t->parms.i_key = p->i_key;
1090 t->parms.o_key = p->o_key;
1091 t->parms.i_flags = p->i_flags;
1092 t->parms.o_flags = p->o_flags;
1093 ip6_tnl_dst_reset(t);
1094 ip6gre_tnl_link_config(t, set_mtu);
1095 return 0;
1096}
1097
1098static void ip6gre_tnl_parm_from_user(struct __ip6_tnl_parm *p,
1099 const struct ip6_tnl_parm2 *u)
1100{
1101 p->laddr = u->laddr;
1102 p->raddr = u->raddr;
1103 p->flags = u->flags;
1104 p->hop_limit = u->hop_limit;
1105 p->encap_limit = u->encap_limit;
1106 p->flowinfo = u->flowinfo;
1107 p->link = u->link;
1108 p->i_key = u->i_key;
1109 p->o_key = u->o_key;
1110 p->i_flags = u->i_flags;
1111 p->o_flags = u->o_flags;
1112 memcpy(p->name, u->name, sizeof(u->name));
1113}
1114
1115static void ip6gre_tnl_parm_to_user(struct ip6_tnl_parm2 *u,
1116 const struct __ip6_tnl_parm *p)
1117{
1118 u->proto = IPPROTO_GRE;
1119 u->laddr = p->laddr;
1120 u->raddr = p->raddr;
1121 u->flags = p->flags;
1122 u->hop_limit = p->hop_limit;
1123 u->encap_limit = p->encap_limit;
1124 u->flowinfo = p->flowinfo;
1125 u->link = p->link;
1126 u->i_key = p->i_key;
1127 u->o_key = p->o_key;
1128 u->i_flags = p->i_flags;
1129 u->o_flags = p->o_flags;
1130 memcpy(u->name, p->name, sizeof(u->name));
1131}
1132
1133static int ip6gre_tunnel_ioctl(struct net_device *dev,
1134 struct ifreq *ifr, int cmd)
1135{
1136 int err = 0;
1137 struct ip6_tnl_parm2 p;
1138 struct __ip6_tnl_parm p1;
1139 struct ip6_tnl *t;
1140 struct net *net = dev_net(dev);
1141 struct ip6gre_net *ign = net_generic(net, ip6gre_net_id);
1142
1143 switch (cmd) {
1144 case SIOCGETTUNNEL:
1145 t = NULL;
1146 if (dev == ign->fb_tunnel_dev) {
1147 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) {
1148 err = -EFAULT;
1149 break;
1150 }
1151 ip6gre_tnl_parm_from_user(&p1, &p);
1152 t = ip6gre_tunnel_locate(net, &p1, 0);
1153 }
1154 if (t == NULL)
1155 t = netdev_priv(dev);
1156 ip6gre_tnl_parm_to_user(&p, &t->parms);
1157 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p)))
1158 err = -EFAULT;
1159 break;
1160
1161 case SIOCADDTUNNEL:
1162 case SIOCCHGTUNNEL:
1163 err = -EPERM;
1164 if (!capable(CAP_NET_ADMIN))
1165 goto done;
1166
1167 err = -EFAULT;
1168 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
1169 goto done;
1170
1171 err = -EINVAL;
1172 if ((p.i_flags|p.o_flags)&(GRE_VERSION|GRE_ROUTING))
1173 goto done;
1174
1175 if (!(p.i_flags&GRE_KEY))
1176 p.i_key = 0;
1177 if (!(p.o_flags&GRE_KEY))
1178 p.o_key = 0;
1179
1180 ip6gre_tnl_parm_from_user(&p1, &p);
1181 t = ip6gre_tunnel_locate(net, &p1, cmd == SIOCADDTUNNEL);
1182
1183 if (dev != ign->fb_tunnel_dev && cmd == SIOCCHGTUNNEL) {
1184 if (t != NULL) {
1185 if (t->dev != dev) {
1186 err = -EEXIST;
1187 break;
1188 }
1189 } else {
1190 t = netdev_priv(dev);
1191
1192 ip6gre_tunnel_unlink(ign, t);
1193 synchronize_net();
1194 ip6gre_tnl_change(t, &p1, 1);
1195 ip6gre_tunnel_link(ign, t);
1196 netdev_state_change(dev);
1197 }
1198 }
1199
1200 if (t) {
1201 err = 0;
1202
1203 ip6gre_tnl_parm_to_user(&p, &t->parms);
1204 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p)))
1205 err = -EFAULT;
1206 } else
1207 err = (cmd == SIOCADDTUNNEL ? -ENOBUFS : -ENOENT);
1208 break;
1209
1210 case SIOCDELTUNNEL:
1211 err = -EPERM;
1212 if (!capable(CAP_NET_ADMIN))
1213 goto done;
1214
1215 if (dev == ign->fb_tunnel_dev) {
1216 err = -EFAULT;
1217 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
1218 goto done;
1219 err = -ENOENT;
1220 ip6gre_tnl_parm_from_user(&p1, &p);
1221 t = ip6gre_tunnel_locate(net, &p1, 0);
1222 if (t == NULL)
1223 goto done;
1224 err = -EPERM;
1225 if (t == netdev_priv(ign->fb_tunnel_dev))
1226 goto done;
1227 dev = t->dev;
1228 }
1229 unregister_netdevice(dev);
1230 err = 0;
1231 break;
1232
1233 default:
1234 err = -EINVAL;
1235 }
1236
1237done:
1238 return err;
1239}
1240
1241static int ip6gre_tunnel_change_mtu(struct net_device *dev, int new_mtu)
1242{
1243 struct ip6_tnl *tunnel = netdev_priv(dev);
1244 if (new_mtu < 68 ||
1245 new_mtu > 0xFFF8 - dev->hard_header_len - tunnel->hlen)
1246 return -EINVAL;
1247 dev->mtu = new_mtu;
1248 return 0;
1249}
1250
1251static int ip6gre_header(struct sk_buff *skb, struct net_device *dev,
1252 unsigned short type,
1253 const void *daddr, const void *saddr, unsigned int len)
1254{
1255 struct ip6_tnl *t = netdev_priv(dev);
1256 struct ipv6hdr *ipv6h = (struct ipv6hdr *)skb_push(skb, t->hlen);
1257 __be16 *p = (__be16 *)(ipv6h+1);
1258
1259 *(__be32 *)ipv6h = t->fl.u.ip6.flowlabel | htonl(0x60000000);
1260 ipv6h->hop_limit = t->parms.hop_limit;
1261 ipv6h->nexthdr = NEXTHDR_GRE;
1262 ipv6h->saddr = t->parms.laddr;
1263 ipv6h->daddr = t->parms.raddr;
1264
1265 p[0] = t->parms.o_flags;
1266 p[1] = htons(type);
1267
1268 /*
1269 * Set the source hardware address.
1270 */
1271
1272 if (saddr)
1273 memcpy(&ipv6h->saddr, saddr, sizeof(struct in6_addr));
1274 if (daddr)
1275 memcpy(&ipv6h->daddr, daddr, sizeof(struct in6_addr));
1276 if (!ipv6_addr_any(&ipv6h->daddr))
1277 return t->hlen;
1278
1279 return -t->hlen;
1280}
1281
1282static const struct header_ops ip6gre_header_ops = {
1283 .create = ip6gre_header,
1284};
1285
1286static const struct net_device_ops ip6gre_netdev_ops = {
1287 .ndo_init = ip6gre_tunnel_init,
1288 .ndo_uninit = ip6gre_tunnel_uninit,
1289 .ndo_start_xmit = ip6gre_tunnel_xmit,
1290 .ndo_do_ioctl = ip6gre_tunnel_ioctl,
1291 .ndo_change_mtu = ip6gre_tunnel_change_mtu,
1292 .ndo_get_stats64 = ip6gre_get_stats64,
1293};
1294
1295static void ip6gre_dev_free(struct net_device *dev)
1296{
1297 free_percpu(dev->tstats);
1298 free_netdev(dev);
1299}
1300
1301static void ip6gre_tunnel_setup(struct net_device *dev)
1302{
1303 struct ip6_tnl *t;
1304
1305 dev->netdev_ops = &ip6gre_netdev_ops;
1306 dev->destructor = ip6gre_dev_free;
1307
1308 dev->type = ARPHRD_IP6GRE;
1309 dev->hard_header_len = LL_MAX_HEADER + sizeof(struct ipv6hdr) + 4;
1310 dev->mtu = ETH_DATA_LEN - sizeof(struct ipv6hdr) - 4;
1311 t = netdev_priv(dev);
1312 if (!(t->parms.flags & IP6_TNL_F_IGN_ENCAP_LIMIT))
1313 dev->mtu -= 8;
1314 dev->flags |= IFF_NOARP;
1315 dev->iflink = 0;
1316 dev->addr_len = sizeof(struct in6_addr);
1317 dev->features |= NETIF_F_NETNS_LOCAL;
1318 dev->priv_flags &= ~IFF_XMIT_DST_RELEASE;
1319}
1320
1321static int ip6gre_tunnel_init(struct net_device *dev)
1322{
1323 struct ip6_tnl *tunnel;
1324
1325 tunnel = netdev_priv(dev);
1326
1327 tunnel->dev = dev;
1328 strcpy(tunnel->parms.name, dev->name);
1329
1330 memcpy(dev->dev_addr, &tunnel->parms.laddr, sizeof(struct in6_addr));
1331 memcpy(dev->broadcast, &tunnel->parms.raddr, sizeof(struct in6_addr));
1332
1333 if (ipv6_addr_any(&tunnel->parms.raddr))
1334 dev->header_ops = &ip6gre_header_ops;
1335
1336 dev->tstats = alloc_percpu(struct pcpu_tstats);
1337 if (!dev->tstats)
1338 return -ENOMEM;
1339
1340 return 0;
1341}
1342
1343static void ip6gre_fb_tunnel_init(struct net_device *dev)
1344{
1345 struct ip6_tnl *tunnel = netdev_priv(dev);
1346
1347 tunnel->dev = dev;
1348 strcpy(tunnel->parms.name, dev->name);
1349
1350 tunnel->hlen = sizeof(struct ipv6hdr) + 4;
1351
1352 dev_hold(dev);
1353}
1354
1355
1356static struct inet6_protocol ip6gre_protocol __read_mostly = {
1357 .handler = ip6gre_rcv,
1358 .err_handler = ip6gre_err,
1359 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
1360};
1361
1362static void ip6gre_destroy_tunnels(struct ip6gre_net *ign,
1363 struct list_head *head)
1364{
1365 int prio;
1366
1367 for (prio = 0; prio < 4; prio++) {
1368 int h;
1369 for (h = 0; h < HASH_SIZE; h++) {
1370 struct ip6_tnl *t;
1371
1372 t = rtnl_dereference(ign->tunnels[prio][h]);
1373
1374 while (t != NULL) {
1375 unregister_netdevice_queue(t->dev, head);
1376 t = rtnl_dereference(t->next);
1377 }
1378 }
1379 }
1380}
1381
1382static int __net_init ip6gre_init_net(struct net *net)
1383{
1384 struct ip6gre_net *ign = net_generic(net, ip6gre_net_id);
1385 int err;
1386
1387 ign->fb_tunnel_dev = alloc_netdev(sizeof(struct ip6_tnl), "ip6gre0",
1388 ip6gre_tunnel_setup);
1389 if (!ign->fb_tunnel_dev) {
1390 err = -ENOMEM;
1391 goto err_alloc_dev;
1392 }
1393 dev_net_set(ign->fb_tunnel_dev, net);
1394
1395 ip6gre_fb_tunnel_init(ign->fb_tunnel_dev);
1396 ign->fb_tunnel_dev->rtnl_link_ops = &ip6gre_link_ops;
1397
1398 err = register_netdev(ign->fb_tunnel_dev);
1399 if (err)
1400 goto err_reg_dev;
1401
1402 rcu_assign_pointer(ign->tunnels_wc[0],
1403 netdev_priv(ign->fb_tunnel_dev));
1404 return 0;
1405
1406err_reg_dev:
1407 ip6gre_dev_free(ign->fb_tunnel_dev);
1408err_alloc_dev:
1409 return err;
1410}
1411
1412static void __net_exit ip6gre_exit_net(struct net *net)
1413{
1414 struct ip6gre_net *ign;
1415 LIST_HEAD(list);
1416
1417 ign = net_generic(net, ip6gre_net_id);
1418 rtnl_lock();
1419 ip6gre_destroy_tunnels(ign, &list);
1420 unregister_netdevice_many(&list);
1421 rtnl_unlock();
1422}
1423
1424static struct pernet_operations ip6gre_net_ops = {
1425 .init = ip6gre_init_net,
1426 .exit = ip6gre_exit_net,
1427 .id = &ip6gre_net_id,
1428 .size = sizeof(struct ip6gre_net),
1429};
1430
1431static int ip6gre_tunnel_validate(struct nlattr *tb[], struct nlattr *data[])
1432{
1433 __be16 flags;
1434
1435 if (!data)
1436 return 0;
1437
1438 flags = 0;
1439 if (data[IFLA_GRE_IFLAGS])
1440 flags |= nla_get_be16(data[IFLA_GRE_IFLAGS]);
1441 if (data[IFLA_GRE_OFLAGS])
1442 flags |= nla_get_be16(data[IFLA_GRE_OFLAGS]);
1443 if (flags & (GRE_VERSION|GRE_ROUTING))
1444 return -EINVAL;
1445
1446 return 0;
1447}
1448
1449static int ip6gre_tap_validate(struct nlattr *tb[], struct nlattr *data[])
1450{
1451 struct in6_addr daddr;
1452
1453 if (tb[IFLA_ADDRESS]) {
1454 if (nla_len(tb[IFLA_ADDRESS]) != ETH_ALEN)
1455 return -EINVAL;
1456 if (!is_valid_ether_addr(nla_data(tb[IFLA_ADDRESS])))
1457 return -EADDRNOTAVAIL;
1458 }
1459
1460 if (!data)
1461 goto out;
1462
1463 if (data[IFLA_GRE_REMOTE]) {
1464 nla_memcpy(&daddr, data[IFLA_GRE_REMOTE], sizeof(struct in6_addr));
1465 if (ipv6_addr_any(&daddr))
1466 return -EINVAL;
1467 }
1468
1469out:
1470 return ip6gre_tunnel_validate(tb, data);
1471}
1472
1473
1474static void ip6gre_netlink_parms(struct nlattr *data[],
1475 struct __ip6_tnl_parm *parms)
1476{
1477 memset(parms, 0, sizeof(*parms));
1478
1479 if (!data)
1480 return;
1481
1482 if (data[IFLA_GRE_LINK])
1483 parms->link = nla_get_u32(data[IFLA_GRE_LINK]);
1484
1485 if (data[IFLA_GRE_IFLAGS])
1486 parms->i_flags = nla_get_be16(data[IFLA_GRE_IFLAGS]);
1487
1488 if (data[IFLA_GRE_OFLAGS])
1489 parms->o_flags = nla_get_be16(data[IFLA_GRE_OFLAGS]);
1490
1491 if (data[IFLA_GRE_IKEY])
1492 parms->i_key = nla_get_be32(data[IFLA_GRE_IKEY]);
1493
1494 if (data[IFLA_GRE_OKEY])
1495 parms->o_key = nla_get_be32(data[IFLA_GRE_OKEY]);
1496
1497 if (data[IFLA_GRE_LOCAL])
1498 nla_memcpy(&parms->laddr, data[IFLA_GRE_LOCAL], sizeof(struct in6_addr));
1499
1500 if (data[IFLA_GRE_REMOTE])
1501 nla_memcpy(&parms->raddr, data[IFLA_GRE_REMOTE], sizeof(struct in6_addr));
1502
1503 if (data[IFLA_GRE_TTL])
1504 parms->hop_limit = nla_get_u8(data[IFLA_GRE_TTL]);
1505
1506 if (data[IFLA_GRE_ENCAP_LIMIT])
1507 parms->encap_limit = nla_get_u8(data[IFLA_GRE_ENCAP_LIMIT]);
1508
1509 if (data[IFLA_GRE_FLOWINFO])
1510 parms->flowinfo = nla_get_u32(data[IFLA_GRE_FLOWINFO]);
1511
1512 if (data[IFLA_GRE_FLAGS])
1513 parms->flags = nla_get_u32(data[IFLA_GRE_FLAGS]);
1514}
1515
1516static int ip6gre_tap_init(struct net_device *dev)
1517{
1518 struct ip6_tnl *tunnel;
1519
1520 tunnel = netdev_priv(dev);
1521
1522 tunnel->dev = dev;
1523 strcpy(tunnel->parms.name, dev->name);
1524
1525 ip6gre_tnl_link_config(tunnel, 1);
1526
1527 dev->tstats = alloc_percpu(struct pcpu_tstats);
1528 if (!dev->tstats)
1529 return -ENOMEM;
1530
1531 return 0;
1532}
1533
1534static const struct net_device_ops ip6gre_tap_netdev_ops = {
1535 .ndo_init = ip6gre_tap_init,
1536 .ndo_uninit = ip6gre_tunnel_uninit,
1537 .ndo_start_xmit = ip6gre_tunnel_xmit,
1538 .ndo_set_mac_address = eth_mac_addr,
1539 .ndo_validate_addr = eth_validate_addr,
1540 .ndo_change_mtu = ip6gre_tunnel_change_mtu,
1541 .ndo_get_stats64 = ip6gre_get_stats64,
1542};
1543
1544static void ip6gre_tap_setup(struct net_device *dev)
1545{
1546
1547 ether_setup(dev);
1548
1549 dev->netdev_ops = &ip6gre_tap_netdev_ops;
1550 dev->destructor = ip6gre_dev_free;
1551
1552 dev->iflink = 0;
1553 dev->features |= NETIF_F_NETNS_LOCAL;
1554}
1555
1556static int ip6gre_newlink(struct net *src_net, struct net_device *dev,
1557 struct nlattr *tb[], struct nlattr *data[])
1558{
1559 struct ip6_tnl *nt;
1560 struct net *net = dev_net(dev);
1561 struct ip6gre_net *ign = net_generic(net, ip6gre_net_id);
1562 int err;
1563
1564 nt = netdev_priv(dev);
1565 ip6gre_netlink_parms(data, &nt->parms);
1566
1567 if (ip6gre_tunnel_find(net, &nt->parms, dev->type))
1568 return -EEXIST;
1569
1570 if (dev->type == ARPHRD_ETHER && !tb[IFLA_ADDRESS])
1571 eth_hw_addr_random(dev);
1572
1573 nt->dev = dev;
1574 ip6gre_tnl_link_config(nt, !tb[IFLA_MTU]);
1575
1576 /* Can use a lockless transmit, unless we generate output sequences */
1577 if (!(nt->parms.o_flags & GRE_SEQ))
1578 dev->features |= NETIF_F_LLTX;
1579
1580 err = register_netdevice(dev);
1581 if (err)
1582 goto out;
1583
1584 dev_hold(dev);
1585 ip6gre_tunnel_link(ign, nt);
1586
1587out:
1588 return err;
1589}
1590
1591static int ip6gre_changelink(struct net_device *dev, struct nlattr *tb[],
1592 struct nlattr *data[])
1593{
1594 struct ip6_tnl *t, *nt;
1595 struct net *net = dev_net(dev);
1596 struct ip6gre_net *ign = net_generic(net, ip6gre_net_id);
1597 struct __ip6_tnl_parm p;
1598
1599 if (dev == ign->fb_tunnel_dev)
1600 return -EINVAL;
1601
1602 nt = netdev_priv(dev);
1603 ip6gre_netlink_parms(data, &p);
1604
1605 t = ip6gre_tunnel_locate(net, &p, 0);
1606
1607 if (t) {
1608 if (t->dev != dev)
1609 return -EEXIST;
1610 } else {
1611 t = nt;
1612
1613 ip6gre_tunnel_unlink(ign, t);
1614 ip6gre_tnl_change(t, &p, !tb[IFLA_MTU]);
1615 ip6gre_tunnel_link(ign, t);
1616 netdev_state_change(dev);
1617 }
1618
1619 return 0;
1620}
1621
1622static size_t ip6gre_get_size(const struct net_device *dev)
1623{
1624 return
1625 /* IFLA_GRE_LINK */
1626 nla_total_size(4) +
1627 /* IFLA_GRE_IFLAGS */
1628 nla_total_size(2) +
1629 /* IFLA_GRE_OFLAGS */
1630 nla_total_size(2) +
1631 /* IFLA_GRE_IKEY */
1632 nla_total_size(4) +
1633 /* IFLA_GRE_OKEY */
1634 nla_total_size(4) +
1635 /* IFLA_GRE_LOCAL */
1636 nla_total_size(4) +
1637 /* IFLA_GRE_REMOTE */
1638 nla_total_size(4) +
1639 /* IFLA_GRE_TTL */
1640 nla_total_size(1) +
1641 /* IFLA_GRE_TOS */
1642 nla_total_size(1) +
1643 /* IFLA_GRE_ENCAP_LIMIT */
1644 nla_total_size(1) +
1645 /* IFLA_GRE_FLOWINFO */
1646 nla_total_size(4) +
1647 /* IFLA_GRE_FLAGS */
1648 nla_total_size(4) +
1649 0;
1650}
1651
1652static int ip6gre_fill_info(struct sk_buff *skb, const struct net_device *dev)
1653{
1654 struct ip6_tnl *t = netdev_priv(dev);
1655 struct __ip6_tnl_parm *p = &t->parms;
1656
1657 if (nla_put_u32(skb, IFLA_GRE_LINK, p->link) ||
1658 nla_put_be16(skb, IFLA_GRE_IFLAGS, p->i_flags) ||
1659 nla_put_be16(skb, IFLA_GRE_OFLAGS, p->o_flags) ||
1660 nla_put_be32(skb, IFLA_GRE_IKEY, p->i_key) ||
1661 nla_put_be32(skb, IFLA_GRE_OKEY, p->o_key) ||
1662 nla_put(skb, IFLA_GRE_LOCAL, sizeof(struct in6_addr), &p->raddr) ||
1663 nla_put(skb, IFLA_GRE_REMOTE, sizeof(struct in6_addr), &p->laddr) ||
1664 nla_put_u8(skb, IFLA_GRE_TTL, p->hop_limit) ||
1665 /*nla_put_u8(skb, IFLA_GRE_TOS, t->priority) ||*/
1666 nla_put_u8(skb, IFLA_GRE_ENCAP_LIMIT, p->encap_limit) ||
1667 nla_put_be32(skb, IFLA_GRE_FLOWINFO, p->flowinfo) ||
1668 nla_put_u32(skb, IFLA_GRE_FLAGS, p->flags))
1669 goto nla_put_failure;
1670 return 0;
1671
1672nla_put_failure:
1673 return -EMSGSIZE;
1674}
1675
1676static const struct nla_policy ip6gre_policy[IFLA_GRE_MAX + 1] = {
1677 [IFLA_GRE_LINK] = { .type = NLA_U32 },
1678 [IFLA_GRE_IFLAGS] = { .type = NLA_U16 },
1679 [IFLA_GRE_OFLAGS] = { .type = NLA_U16 },
1680 [IFLA_GRE_IKEY] = { .type = NLA_U32 },
1681 [IFLA_GRE_OKEY] = { .type = NLA_U32 },
1682 [IFLA_GRE_LOCAL] = { .len = FIELD_SIZEOF(struct ipv6hdr, saddr) },
1683 [IFLA_GRE_REMOTE] = { .len = FIELD_SIZEOF(struct ipv6hdr, daddr) },
1684 [IFLA_GRE_TTL] = { .type = NLA_U8 },
1685 [IFLA_GRE_ENCAP_LIMIT] = { .type = NLA_U8 },
1686 [IFLA_GRE_FLOWINFO] = { .type = NLA_U32 },
1687 [IFLA_GRE_FLAGS] = { .type = NLA_U32 },
1688};
1689
1690static struct rtnl_link_ops ip6gre_link_ops __read_mostly = {
1691 .kind = "ip6gre",
1692 .maxtype = IFLA_GRE_MAX,
1693 .policy = ip6gre_policy,
1694 .priv_size = sizeof(struct ip6_tnl),
1695 .setup = ip6gre_tunnel_setup,
1696 .validate = ip6gre_tunnel_validate,
1697 .newlink = ip6gre_newlink,
1698 .changelink = ip6gre_changelink,
1699 .get_size = ip6gre_get_size,
1700 .fill_info = ip6gre_fill_info,
1701};
1702
1703static struct rtnl_link_ops ip6gre_tap_ops __read_mostly = {
1704 .kind = "ip6gretap",
1705 .maxtype = IFLA_GRE_MAX,
1706 .policy = ip6gre_policy,
1707 .priv_size = sizeof(struct ip6_tnl),
1708 .setup = ip6gre_tap_setup,
1709 .validate = ip6gre_tap_validate,
1710 .newlink = ip6gre_newlink,
1711 .changelink = ip6gre_changelink,
1712 .get_size = ip6gre_get_size,
1713 .fill_info = ip6gre_fill_info,
1714};
1715
1716/*
1717 * And now the modules code and kernel interface.
1718 */
1719
1720static int __init ip6gre_init(void)
1721{
1722 int err;
1723
1724 pr_info("GRE over IPv6 tunneling driver\n");
1725
1726 err = register_pernet_device(&ip6gre_net_ops);
1727 if (err < 0)
1728 return err;
1729
1730 err = inet6_add_protocol(&ip6gre_protocol, IPPROTO_GRE);
1731 if (err < 0) {
1732 pr_info("%s: can't add protocol\n", __func__);
1733 goto add_proto_failed;
1734 }
1735
1736 err = rtnl_link_register(&ip6gre_link_ops);
1737 if (err < 0)
1738 goto rtnl_link_failed;
1739
1740 err = rtnl_link_register(&ip6gre_tap_ops);
1741 if (err < 0)
1742 goto tap_ops_failed;
1743
1744out:
1745 return err;
1746
1747tap_ops_failed:
1748 rtnl_link_unregister(&ip6gre_link_ops);
1749rtnl_link_failed:
1750 inet6_del_protocol(&ip6gre_protocol, IPPROTO_GRE);
1751add_proto_failed:
1752 unregister_pernet_device(&ip6gre_net_ops);
1753 goto out;
1754}
1755
1756static void __exit ip6gre_fini(void)
1757{
1758 rtnl_link_unregister(&ip6gre_tap_ops);
1759 rtnl_link_unregister(&ip6gre_link_ops);
1760 inet6_del_protocol(&ip6gre_protocol, IPPROTO_GRE);
1761 unregister_pernet_device(&ip6gre_net_ops);
1762}
1763
1764module_init(ip6gre_init);
1765module_exit(ip6gre_fini);
1766MODULE_LICENSE("GPL");
1767MODULE_AUTHOR("D. Kozlov (xeb@mail.ru)");
1768MODULE_DESCRIPTION("GRE over IPv6 tunneling device");
1769MODULE_ALIAS_RTNL_LINK("ip6gre");
1770MODULE_ALIAS_NETDEV("ip6gre0");
diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c
index 5b2d63ed793e..aece3e792f84 100644
--- a/net/ipv6/ip6_output.c
+++ b/net/ipv6/ip6_output.c
@@ -123,16 +123,11 @@ static int ip6_finish_output2(struct sk_buff *skb)
123 skb->len); 123 skb->len);
124 } 124 }
125 125
126 rcu_read_lock();
127 rt = (struct rt6_info *) dst; 126 rt = (struct rt6_info *) dst;
128 neigh = rt->n; 127 neigh = rt->n;
129 if (neigh) { 128 if (neigh)
130 int res = dst_neigh_output(dst, neigh, skb); 129 return dst_neigh_output(dst, neigh, skb);
131 130
132 rcu_read_unlock();
133 return res;
134 }
135 rcu_read_unlock();
136 IP6_INC_STATS_BH(dev_net(dst->dev), 131 IP6_INC_STATS_BH(dev_net(dst->dev),
137 ip6_dst_idev(dst), IPSTATS_MIB_OUTNOROUTES); 132 ip6_dst_idev(dst), IPSTATS_MIB_OUTNOROUTES);
138 kfree_skb(skb); 133 kfree_skb(skb);
@@ -493,7 +488,8 @@ int ip6_forward(struct sk_buff *skb)
493 if (mtu < IPV6_MIN_MTU) 488 if (mtu < IPV6_MIN_MTU)
494 mtu = IPV6_MIN_MTU; 489 mtu = IPV6_MIN_MTU;
495 490
496 if (skb->len > mtu && !skb_is_gso(skb)) { 491 if ((!skb->local_df && skb->len > mtu && !skb_is_gso(skb)) ||
492 (IP6CB(skb)->frag_max_size && IP6CB(skb)->frag_max_size > mtu)) {
497 /* Again, force OUTPUT device used as source address */ 493 /* Again, force OUTPUT device used as source address */
498 skb->dev = dst->dev; 494 skb->dev = dst->dev;
499 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu); 495 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
@@ -636,7 +632,9 @@ int ip6_fragment(struct sk_buff *skb, int (*output)(struct sk_buff *))
636 /* We must not fragment if the socket is set to force MTU discovery 632 /* We must not fragment if the socket is set to force MTU discovery
637 * or if the skb it not generated by a local socket. 633 * or if the skb it not generated by a local socket.
638 */ 634 */
639 if (unlikely(!skb->local_df && skb->len > mtu)) { 635 if (unlikely(!skb->local_df && skb->len > mtu) ||
636 (IP6CB(skb)->frag_max_size &&
637 IP6CB(skb)->frag_max_size > mtu)) {
640 if (skb->sk && dst_allfrag(skb_dst(skb))) 638 if (skb->sk && dst_allfrag(skb_dst(skb)))
641 sk_nocaps_add(skb->sk, NETIF_F_GSO_MASK); 639 sk_nocaps_add(skb->sk, NETIF_F_GSO_MASK);
642 640
@@ -980,7 +978,6 @@ static int ip6_dst_lookup_tail(struct sock *sk,
980 * dst entry and replace it instead with the 978 * dst entry and replace it instead with the
981 * dst entry of the nexthop router 979 * dst entry of the nexthop router
982 */ 980 */
983 rcu_read_lock();
984 rt = (struct rt6_info *) *dst; 981 rt = (struct rt6_info *) *dst;
985 n = rt->n; 982 n = rt->n;
986 if (n && !(n->nud_state & NUD_VALID)) { 983 if (n && !(n->nud_state & NUD_VALID)) {
@@ -988,7 +985,6 @@ static int ip6_dst_lookup_tail(struct sock *sk,
988 struct flowi6 fl_gw6; 985 struct flowi6 fl_gw6;
989 int redirect; 986 int redirect;
990 987
991 rcu_read_unlock();
992 ifp = ipv6_get_ifaddr(net, &fl6->saddr, 988 ifp = ipv6_get_ifaddr(net, &fl6->saddr,
993 (*dst)->dev, 1); 989 (*dst)->dev, 1);
994 990
@@ -1008,8 +1004,6 @@ static int ip6_dst_lookup_tail(struct sock *sk,
1008 if ((err = (*dst)->error)) 1004 if ((err = (*dst)->error))
1009 goto out_err_release; 1005 goto out_err_release;
1010 } 1006 }
1011 } else {
1012 rcu_read_unlock();
1013 } 1007 }
1014#endif 1008#endif
1015 1009
@@ -1285,8 +1279,6 @@ int ip6_append_data(struct sock *sk, int getfrag(void *from, char *to,
1285 if (dst_allfrag(rt->dst.path)) 1279 if (dst_allfrag(rt->dst.path))
1286 cork->flags |= IPCORK_ALLFRAG; 1280 cork->flags |= IPCORK_ALLFRAG;
1287 cork->length = 0; 1281 cork->length = 0;
1288 sk->sk_sndmsg_page = NULL;
1289 sk->sk_sndmsg_off = 0;
1290 exthdrlen = (opt ? opt->opt_flen : 0) - rt->rt6i_nfheader_len; 1282 exthdrlen = (opt ? opt->opt_flen : 0) - rt->rt6i_nfheader_len;
1291 length += exthdrlen; 1283 length += exthdrlen;
1292 transhdrlen += exthdrlen; 1284 transhdrlen += exthdrlen;
@@ -1510,48 +1502,31 @@ alloc_new_skb:
1510 } 1502 }
1511 } else { 1503 } else {
1512 int i = skb_shinfo(skb)->nr_frags; 1504 int i = skb_shinfo(skb)->nr_frags;
1513 skb_frag_t *frag = &skb_shinfo(skb)->frags[i-1]; 1505 struct page_frag *pfrag = sk_page_frag(sk);
1514 struct page *page = sk->sk_sndmsg_page;
1515 int off = sk->sk_sndmsg_off;
1516 unsigned int left;
1517
1518 if (page && (left = PAGE_SIZE - off) > 0) {
1519 if (copy >= left)
1520 copy = left;
1521 if (page != skb_frag_page(frag)) {
1522 if (i == MAX_SKB_FRAGS) {
1523 err = -EMSGSIZE;
1524 goto error;
1525 }
1526 skb_fill_page_desc(skb, i, page, sk->sk_sndmsg_off, 0);
1527 skb_frag_ref(skb, i);
1528 frag = &skb_shinfo(skb)->frags[i];
1529 }
1530 } else if(i < MAX_SKB_FRAGS) {
1531 if (copy > PAGE_SIZE)
1532 copy = PAGE_SIZE;
1533 page = alloc_pages(sk->sk_allocation, 0);
1534 if (page == NULL) {
1535 err = -ENOMEM;
1536 goto error;
1537 }
1538 sk->sk_sndmsg_page = page;
1539 sk->sk_sndmsg_off = 0;
1540 1506
1541 skb_fill_page_desc(skb, i, page, 0, 0); 1507 err = -ENOMEM;
1542 frag = &skb_shinfo(skb)->frags[i]; 1508 if (!sk_page_frag_refill(sk, pfrag))
1543 } else {
1544 err = -EMSGSIZE;
1545 goto error; 1509 goto error;
1510
1511 if (!skb_can_coalesce(skb, i, pfrag->page,
1512 pfrag->offset)) {
1513 err = -EMSGSIZE;
1514 if (i == MAX_SKB_FRAGS)
1515 goto error;
1516
1517 __skb_fill_page_desc(skb, i, pfrag->page,
1518 pfrag->offset, 0);
1519 skb_shinfo(skb)->nr_frags = ++i;
1520 get_page(pfrag->page);
1546 } 1521 }
1522 copy = min_t(int, copy, pfrag->size - pfrag->offset);
1547 if (getfrag(from, 1523 if (getfrag(from,
1548 skb_frag_address(frag) + skb_frag_size(frag), 1524 page_address(pfrag->page) + pfrag->offset,
1549 offset, copy, skb->len, skb) < 0) { 1525 offset, copy, skb->len, skb) < 0)
1550 err = -EFAULT; 1526 goto error_efault;
1551 goto error; 1527
1552 } 1528 pfrag->offset += copy;
1553 sk->sk_sndmsg_off += copy; 1529 skb_frag_size_add(&skb_shinfo(skb)->frags[i - 1], copy);
1554 skb_frag_size_add(frag, copy);
1555 skb->len += copy; 1530 skb->len += copy;
1556 skb->data_len += copy; 1531 skb->data_len += copy;
1557 skb->truesize += copy; 1532 skb->truesize += copy;
@@ -1560,7 +1535,11 @@ alloc_new_skb:
1560 offset += copy; 1535 offset += copy;
1561 length -= copy; 1536 length -= copy;
1562 } 1537 }
1538
1563 return 0; 1539 return 0;
1540
1541error_efault:
1542 err = -EFAULT;
1564error: 1543error:
1565 cork->length -= length; 1544 cork->length -= length;
1566 IP6_INC_STATS(sock_net(sk), rt->rt6i_idev, IPSTATS_MIB_OUTDISCARDS); 1545 IP6_INC_STATS(sock_net(sk), rt->rt6i_idev, IPSTATS_MIB_OUTDISCARDS);
diff --git a/net/ipv6/ip6_tunnel.c b/net/ipv6/ip6_tunnel.c
index 9a1d5fe6aef8..cb7e2ded6f08 100644
--- a/net/ipv6/ip6_tunnel.c
+++ b/net/ipv6/ip6_tunnel.c
@@ -126,7 +126,7 @@ static struct net_device_stats *ip6_get_stats(struct net_device *dev)
126 * Locking : hash tables are protected by RCU and RTNL 126 * Locking : hash tables are protected by RCU and RTNL
127 */ 127 */
128 128
129static inline struct dst_entry *ip6_tnl_dst_check(struct ip6_tnl *t) 129struct dst_entry *ip6_tnl_dst_check(struct ip6_tnl *t)
130{ 130{
131 struct dst_entry *dst = t->dst_cache; 131 struct dst_entry *dst = t->dst_cache;
132 132
@@ -139,20 +139,23 @@ static inline struct dst_entry *ip6_tnl_dst_check(struct ip6_tnl *t)
139 139
140 return dst; 140 return dst;
141} 141}
142EXPORT_SYMBOL_GPL(ip6_tnl_dst_check);
142 143
143static inline void ip6_tnl_dst_reset(struct ip6_tnl *t) 144void ip6_tnl_dst_reset(struct ip6_tnl *t)
144{ 145{
145 dst_release(t->dst_cache); 146 dst_release(t->dst_cache);
146 t->dst_cache = NULL; 147 t->dst_cache = NULL;
147} 148}
149EXPORT_SYMBOL_GPL(ip6_tnl_dst_reset);
148 150
149static inline void ip6_tnl_dst_store(struct ip6_tnl *t, struct dst_entry *dst) 151void ip6_tnl_dst_store(struct ip6_tnl *t, struct dst_entry *dst)
150{ 152{
151 struct rt6_info *rt = (struct rt6_info *) dst; 153 struct rt6_info *rt = (struct rt6_info *) dst;
152 t->dst_cookie = rt->rt6i_node ? rt->rt6i_node->fn_sernum : 0; 154 t->dst_cookie = rt->rt6i_node ? rt->rt6i_node->fn_sernum : 0;
153 dst_release(t->dst_cache); 155 dst_release(t->dst_cache);
154 t->dst_cache = dst; 156 t->dst_cache = dst;
155} 157}
158EXPORT_SYMBOL_GPL(ip6_tnl_dst_store);
156 159
157/** 160/**
158 * ip6_tnl_lookup - fetch tunnel matching the end-point addresses 161 * ip6_tnl_lookup - fetch tunnel matching the end-point addresses
@@ -200,7 +203,7 @@ ip6_tnl_lookup(struct net *net, const struct in6_addr *remote, const struct in6_
200 **/ 203 **/
201 204
202static struct ip6_tnl __rcu ** 205static struct ip6_tnl __rcu **
203ip6_tnl_bucket(struct ip6_tnl_net *ip6n, const struct ip6_tnl_parm *p) 206ip6_tnl_bucket(struct ip6_tnl_net *ip6n, const struct __ip6_tnl_parm *p)
204{ 207{
205 const struct in6_addr *remote = &p->raddr; 208 const struct in6_addr *remote = &p->raddr;
206 const struct in6_addr *local = &p->laddr; 209 const struct in6_addr *local = &p->laddr;
@@ -267,7 +270,7 @@ static void ip6_dev_free(struct net_device *dev)
267 * created tunnel or NULL 270 * created tunnel or NULL
268 **/ 271 **/
269 272
270static struct ip6_tnl *ip6_tnl_create(struct net *net, struct ip6_tnl_parm *p) 273static struct ip6_tnl *ip6_tnl_create(struct net *net, struct __ip6_tnl_parm *p)
271{ 274{
272 struct net_device *dev; 275 struct net_device *dev;
273 struct ip6_tnl *t; 276 struct ip6_tnl *t;
@@ -322,7 +325,7 @@ failed:
322 **/ 325 **/
323 326
324static struct ip6_tnl *ip6_tnl_locate(struct net *net, 327static struct ip6_tnl *ip6_tnl_locate(struct net *net,
325 struct ip6_tnl_parm *p, int create) 328 struct __ip6_tnl_parm *p, int create)
326{ 329{
327 const struct in6_addr *remote = &p->raddr; 330 const struct in6_addr *remote = &p->raddr;
328 const struct in6_addr *local = &p->laddr; 331 const struct in6_addr *local = &p->laddr;
@@ -374,8 +377,7 @@ ip6_tnl_dev_uninit(struct net_device *dev)
374 * else index to encapsulation limit 377 * else index to encapsulation limit
375 **/ 378 **/
376 379
377static __u16 380__u16 ip6_tnl_parse_tlv_enc_lim(struct sk_buff *skb, __u8 *raw)
378parse_tlv_tnl_enc_lim(struct sk_buff *skb, __u8 * raw)
379{ 381{
380 const struct ipv6hdr *ipv6h = (const struct ipv6hdr *) raw; 382 const struct ipv6hdr *ipv6h = (const struct ipv6hdr *) raw;
381 __u8 nexthdr = ipv6h->nexthdr; 383 __u8 nexthdr = ipv6h->nexthdr;
@@ -425,6 +427,7 @@ parse_tlv_tnl_enc_lim(struct sk_buff *skb, __u8 * raw)
425 } 427 }
426 return 0; 428 return 0;
427} 429}
430EXPORT_SYMBOL(ip6_tnl_parse_tlv_enc_lim);
428 431
429/** 432/**
430 * ip6_tnl_err - tunnel error handler 433 * ip6_tnl_err - tunnel error handler
@@ -480,7 +483,7 @@ ip6_tnl_err(struct sk_buff *skb, __u8 ipproto, struct inet6_skb_parm *opt,
480 case ICMPV6_PARAMPROB: 483 case ICMPV6_PARAMPROB:
481 teli = 0; 484 teli = 0;
482 if ((*code) == ICMPV6_HDR_FIELD) 485 if ((*code) == ICMPV6_HDR_FIELD)
483 teli = parse_tlv_tnl_enc_lim(skb, skb->data); 486 teli = ip6_tnl_parse_tlv_enc_lim(skb, skb->data);
484 487
485 if (teli && teli == *info - 2) { 488 if (teli && teli == *info - 2) {
486 tel = (struct ipv6_tlv_tnl_enc_lim *) &skb->data[teli]; 489 tel = (struct ipv6_tlv_tnl_enc_lim *) &skb->data[teli];
@@ -693,11 +696,11 @@ static void ip6ip6_dscp_ecn_decapsulate(const struct ip6_tnl *t,
693 IP6_ECN_set_ce(ipv6_hdr(skb)); 696 IP6_ECN_set_ce(ipv6_hdr(skb));
694} 697}
695 698
696static __u32 ip6_tnl_get_cap(struct ip6_tnl *t, 699__u32 ip6_tnl_get_cap(struct ip6_tnl *t,
697 const struct in6_addr *laddr, 700 const struct in6_addr *laddr,
698 const struct in6_addr *raddr) 701 const struct in6_addr *raddr)
699{ 702{
700 struct ip6_tnl_parm *p = &t->parms; 703 struct __ip6_tnl_parm *p = &t->parms;
701 int ltype = ipv6_addr_type(laddr); 704 int ltype = ipv6_addr_type(laddr);
702 int rtype = ipv6_addr_type(raddr); 705 int rtype = ipv6_addr_type(raddr);
703 __u32 flags = 0; 706 __u32 flags = 0;
@@ -715,13 +718,14 @@ static __u32 ip6_tnl_get_cap(struct ip6_tnl *t,
715 } 718 }
716 return flags; 719 return flags;
717} 720}
721EXPORT_SYMBOL(ip6_tnl_get_cap);
718 722
719/* called with rcu_read_lock() */ 723/* called with rcu_read_lock() */
720static inline int ip6_tnl_rcv_ctl(struct ip6_tnl *t, 724int ip6_tnl_rcv_ctl(struct ip6_tnl *t,
721 const struct in6_addr *laddr, 725 const struct in6_addr *laddr,
722 const struct in6_addr *raddr) 726 const struct in6_addr *raddr)
723{ 727{
724 struct ip6_tnl_parm *p = &t->parms; 728 struct __ip6_tnl_parm *p = &t->parms;
725 int ret = 0; 729 int ret = 0;
726 struct net *net = dev_net(t->dev); 730 struct net *net = dev_net(t->dev);
727 731
@@ -740,6 +744,7 @@ static inline int ip6_tnl_rcv_ctl(struct ip6_tnl *t,
740 } 744 }
741 return ret; 745 return ret;
742} 746}
747EXPORT_SYMBOL_GPL(ip6_tnl_rcv_ctl);
743 748
744/** 749/**
745 * ip6_tnl_rcv - decapsulate IPv6 packet and retransmit it locally 750 * ip6_tnl_rcv - decapsulate IPv6 packet and retransmit it locally
@@ -859,9 +864,9 @@ ip6_tnl_addr_conflict(const struct ip6_tnl *t, const struct ipv6hdr *hdr)
859 return ipv6_addr_equal(&t->parms.raddr, &hdr->saddr); 864 return ipv6_addr_equal(&t->parms.raddr, &hdr->saddr);
860} 865}
861 866
862static inline int ip6_tnl_xmit_ctl(struct ip6_tnl *t) 867int ip6_tnl_xmit_ctl(struct ip6_tnl *t)
863{ 868{
864 struct ip6_tnl_parm *p = &t->parms; 869 struct __ip6_tnl_parm *p = &t->parms;
865 int ret = 0; 870 int ret = 0;
866 struct net *net = dev_net(t->dev); 871 struct net *net = dev_net(t->dev);
867 872
@@ -885,6 +890,8 @@ static inline int ip6_tnl_xmit_ctl(struct ip6_tnl *t)
885 } 890 }
886 return ret; 891 return ret;
887} 892}
893EXPORT_SYMBOL_GPL(ip6_tnl_xmit_ctl);
894
888/** 895/**
889 * ip6_tnl_xmit2 - encapsulate packet and send 896 * ip6_tnl_xmit2 - encapsulate packet and send
890 * @skb: the outgoing socket buffer 897 * @skb: the outgoing socket buffer
@@ -1085,7 +1092,7 @@ ip6ip6_tnl_xmit(struct sk_buff *skb, struct net_device *dev)
1085 !ip6_tnl_xmit_ctl(t) || ip6_tnl_addr_conflict(t, ipv6h)) 1092 !ip6_tnl_xmit_ctl(t) || ip6_tnl_addr_conflict(t, ipv6h))
1086 return -1; 1093 return -1;
1087 1094
1088 offset = parse_tlv_tnl_enc_lim(skb, skb_network_header(skb)); 1095 offset = ip6_tnl_parse_tlv_enc_lim(skb, skb_network_header(skb));
1089 if (offset > 0) { 1096 if (offset > 0) {
1090 struct ipv6_tlv_tnl_enc_lim *tel; 1097 struct ipv6_tlv_tnl_enc_lim *tel;
1091 tel = (struct ipv6_tlv_tnl_enc_lim *)&skb_network_header(skb)[offset]; 1098 tel = (struct ipv6_tlv_tnl_enc_lim *)&skb_network_header(skb)[offset];
@@ -1152,7 +1159,7 @@ tx_err:
1152static void ip6_tnl_link_config(struct ip6_tnl *t) 1159static void ip6_tnl_link_config(struct ip6_tnl *t)
1153{ 1160{
1154 struct net_device *dev = t->dev; 1161 struct net_device *dev = t->dev;
1155 struct ip6_tnl_parm *p = &t->parms; 1162 struct __ip6_tnl_parm *p = &t->parms;
1156 struct flowi6 *fl6 = &t->fl.u.ip6; 1163 struct flowi6 *fl6 = &t->fl.u.ip6;
1157 1164
1158 memcpy(dev->dev_addr, &p->laddr, sizeof(struct in6_addr)); 1165 memcpy(dev->dev_addr, &p->laddr, sizeof(struct in6_addr));
@@ -1215,7 +1222,7 @@ static void ip6_tnl_link_config(struct ip6_tnl *t)
1215 **/ 1222 **/
1216 1223
1217static int 1224static int
1218ip6_tnl_change(struct ip6_tnl *t, struct ip6_tnl_parm *p) 1225ip6_tnl_change(struct ip6_tnl *t, const struct __ip6_tnl_parm *p)
1219{ 1226{
1220 t->parms.laddr = p->laddr; 1227 t->parms.laddr = p->laddr;
1221 t->parms.raddr = p->raddr; 1228 t->parms.raddr = p->raddr;
@@ -1230,6 +1237,34 @@ ip6_tnl_change(struct ip6_tnl *t, struct ip6_tnl_parm *p)
1230 return 0; 1237 return 0;
1231} 1238}
1232 1239
1240static void
1241ip6_tnl_parm_from_user(struct __ip6_tnl_parm *p, const struct ip6_tnl_parm *u)
1242{
1243 p->laddr = u->laddr;
1244 p->raddr = u->raddr;
1245 p->flags = u->flags;
1246 p->hop_limit = u->hop_limit;
1247 p->encap_limit = u->encap_limit;
1248 p->flowinfo = u->flowinfo;
1249 p->link = u->link;
1250 p->proto = u->proto;
1251 memcpy(p->name, u->name, sizeof(u->name));
1252}
1253
1254static void
1255ip6_tnl_parm_to_user(struct ip6_tnl_parm *u, const struct __ip6_tnl_parm *p)
1256{
1257 u->laddr = p->laddr;
1258 u->raddr = p->raddr;
1259 u->flags = p->flags;
1260 u->hop_limit = p->hop_limit;
1261 u->encap_limit = p->encap_limit;
1262 u->flowinfo = p->flowinfo;
1263 u->link = p->link;
1264 u->proto = p->proto;
1265 memcpy(u->name, p->name, sizeof(u->name));
1266}
1267
1233/** 1268/**
1234 * ip6_tnl_ioctl - configure ipv6 tunnels from userspace 1269 * ip6_tnl_ioctl - configure ipv6 tunnels from userspace
1235 * @dev: virtual device associated with tunnel 1270 * @dev: virtual device associated with tunnel
@@ -1263,6 +1298,7 @@ ip6_tnl_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
1263{ 1298{
1264 int err = 0; 1299 int err = 0;
1265 struct ip6_tnl_parm p; 1300 struct ip6_tnl_parm p;
1301 struct __ip6_tnl_parm p1;
1266 struct ip6_tnl *t = NULL; 1302 struct ip6_tnl *t = NULL;
1267 struct net *net = dev_net(dev); 1303 struct net *net = dev_net(dev);
1268 struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id); 1304 struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id);
@@ -1274,11 +1310,14 @@ ip6_tnl_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
1274 err = -EFAULT; 1310 err = -EFAULT;
1275 break; 1311 break;
1276 } 1312 }
1277 t = ip6_tnl_locate(net, &p, 0); 1313 ip6_tnl_parm_from_user(&p1, &p);
1314 t = ip6_tnl_locate(net, &p1, 0);
1315 } else {
1316 memset(&p, 0, sizeof(p));
1278 } 1317 }
1279 if (t == NULL) 1318 if (t == NULL)
1280 t = netdev_priv(dev); 1319 t = netdev_priv(dev);
1281 memcpy(&p, &t->parms, sizeof (p)); 1320 ip6_tnl_parm_to_user(&p, &t->parms);
1282 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof (p))) { 1321 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof (p))) {
1283 err = -EFAULT; 1322 err = -EFAULT;
1284 } 1323 }
@@ -1295,7 +1334,8 @@ ip6_tnl_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
1295 if (p.proto != IPPROTO_IPV6 && p.proto != IPPROTO_IPIP && 1334 if (p.proto != IPPROTO_IPV6 && p.proto != IPPROTO_IPIP &&
1296 p.proto != 0) 1335 p.proto != 0)
1297 break; 1336 break;
1298 t = ip6_tnl_locate(net, &p, cmd == SIOCADDTUNNEL); 1337 ip6_tnl_parm_from_user(&p1, &p);
1338 t = ip6_tnl_locate(net, &p1, cmd == SIOCADDTUNNEL);
1299 if (dev != ip6n->fb_tnl_dev && cmd == SIOCCHGTUNNEL) { 1339 if (dev != ip6n->fb_tnl_dev && cmd == SIOCCHGTUNNEL) {
1300 if (t != NULL) { 1340 if (t != NULL) {
1301 if (t->dev != dev) { 1341 if (t->dev != dev) {
@@ -1307,13 +1347,14 @@ ip6_tnl_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
1307 1347
1308 ip6_tnl_unlink(ip6n, t); 1348 ip6_tnl_unlink(ip6n, t);
1309 synchronize_net(); 1349 synchronize_net();
1310 err = ip6_tnl_change(t, &p); 1350 err = ip6_tnl_change(t, &p1);
1311 ip6_tnl_link(ip6n, t); 1351 ip6_tnl_link(ip6n, t);
1312 netdev_state_change(dev); 1352 netdev_state_change(dev);
1313 } 1353 }
1314 if (t) { 1354 if (t) {
1315 err = 0; 1355 err = 0;
1316 if (copy_to_user(ifr->ifr_ifru.ifru_data, &t->parms, sizeof (p))) 1356 ip6_tnl_parm_to_user(&p, &t->parms);
1357 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p)))
1317 err = -EFAULT; 1358 err = -EFAULT;
1318 1359
1319 } else 1360 } else
@@ -1329,7 +1370,9 @@ ip6_tnl_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
1329 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof (p))) 1370 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof (p)))
1330 break; 1371 break;
1331 err = -ENOENT; 1372 err = -ENOENT;
1332 if ((t = ip6_tnl_locate(net, &p, 0)) == NULL) 1373 ip6_tnl_parm_from_user(&p1, &p);
1374 t = ip6_tnl_locate(net, &p1, 0);
1375 if (t == NULL)
1333 break; 1376 break;
1334 err = -EPERM; 1377 err = -EPERM;
1335 if (t->dev == ip6n->fb_tnl_dev) 1378 if (t->dev == ip6n->fb_tnl_dev)
diff --git a/net/ipv6/ip6mr.c b/net/ipv6/ip6mr.c
index 4532973f0dd4..08ea3f0b6e55 100644
--- a/net/ipv6/ip6mr.c
+++ b/net/ipv6/ip6mr.c
@@ -838,7 +838,7 @@ static void ip6mr_destroy_unres(struct mr6_table *mrt, struct mfc6_cache *c)
838 nlh->nlmsg_len = NLMSG_LENGTH(sizeof(struct nlmsgerr)); 838 nlh->nlmsg_len = NLMSG_LENGTH(sizeof(struct nlmsgerr));
839 skb_trim(skb, nlh->nlmsg_len); 839 skb_trim(skb, nlh->nlmsg_len);
840 ((struct nlmsgerr *)NLMSG_DATA(nlh))->error = -ETIMEDOUT; 840 ((struct nlmsgerr *)NLMSG_DATA(nlh))->error = -ETIMEDOUT;
841 rtnl_unicast(skb, net, NETLINK_CB(skb).pid); 841 rtnl_unicast(skb, net, NETLINK_CB(skb).portid);
842 } else 842 } else
843 kfree_skb(skb); 843 kfree_skb(skb);
844 } 844 }
@@ -1052,7 +1052,7 @@ static void ip6mr_cache_resolve(struct net *net, struct mr6_table *mrt,
1052 skb_trim(skb, nlh->nlmsg_len); 1052 skb_trim(skb, nlh->nlmsg_len);
1053 ((struct nlmsgerr *)NLMSG_DATA(nlh))->error = -EMSGSIZE; 1053 ((struct nlmsgerr *)NLMSG_DATA(nlh))->error = -EMSGSIZE;
1054 } 1054 }
1055 rtnl_unicast(skb, net, NETLINK_CB(skb).pid); 1055 rtnl_unicast(skb, net, NETLINK_CB(skb).portid);
1056 } else 1056 } else
1057 ip6_mr_forward(net, mrt, skb, c); 1057 ip6_mr_forward(net, mrt, skb, c);
1058 } 1058 }
@@ -2202,12 +2202,12 @@ int ip6mr_get_route(struct net *net,
2202} 2202}
2203 2203
2204static int ip6mr_fill_mroute(struct mr6_table *mrt, struct sk_buff *skb, 2204static int ip6mr_fill_mroute(struct mr6_table *mrt, struct sk_buff *skb,
2205 u32 pid, u32 seq, struct mfc6_cache *c) 2205 u32 portid, u32 seq, struct mfc6_cache *c)
2206{ 2206{
2207 struct nlmsghdr *nlh; 2207 struct nlmsghdr *nlh;
2208 struct rtmsg *rtm; 2208 struct rtmsg *rtm;
2209 2209
2210 nlh = nlmsg_put(skb, pid, seq, RTM_NEWROUTE, sizeof(*rtm), NLM_F_MULTI); 2210 nlh = nlmsg_put(skb, portid, seq, RTM_NEWROUTE, sizeof(*rtm), NLM_F_MULTI);
2211 if (nlh == NULL) 2211 if (nlh == NULL)
2212 return -EMSGSIZE; 2212 return -EMSGSIZE;
2213 2213
@@ -2260,7 +2260,7 @@ static int ip6mr_rtm_dumproute(struct sk_buff *skb, struct netlink_callback *cb)
2260 if (e < s_e) 2260 if (e < s_e)
2261 goto next_entry; 2261 goto next_entry;
2262 if (ip6mr_fill_mroute(mrt, skb, 2262 if (ip6mr_fill_mroute(mrt, skb,
2263 NETLINK_CB(cb->skb).pid, 2263 NETLINK_CB(cb->skb).portid,
2264 cb->nlh->nlmsg_seq, 2264 cb->nlh->nlmsg_seq,
2265 mfc) < 0) 2265 mfc) < 0)
2266 goto done; 2266 goto done;
diff --git a/net/ipv6/netfilter.c b/net/ipv6/netfilter.c
index db31561cc8df..429089cb073d 100644
--- a/net/ipv6/netfilter.c
+++ b/net/ipv6/netfilter.c
@@ -15,6 +15,7 @@ int ip6_route_me_harder(struct sk_buff *skb)
15{ 15{
16 struct net *net = dev_net(skb_dst(skb)->dev); 16 struct net *net = dev_net(skb_dst(skb)->dev);
17 const struct ipv6hdr *iph = ipv6_hdr(skb); 17 const struct ipv6hdr *iph = ipv6_hdr(skb);
18 unsigned int hh_len;
18 struct dst_entry *dst; 19 struct dst_entry *dst;
19 struct flowi6 fl6 = { 20 struct flowi6 fl6 = {
20 .flowi6_oif = skb->sk ? skb->sk->sk_bound_dev_if : 0, 21 .flowi6_oif = skb->sk ? skb->sk->sk_bound_dev_if : 0,
@@ -47,6 +48,13 @@ int ip6_route_me_harder(struct sk_buff *skb)
47 } 48 }
48#endif 49#endif
49 50
51 /* Change in oif may mean change in hh_len. */
52 hh_len = skb_dst(skb)->dev->hard_header_len;
53 if (skb_headroom(skb) < hh_len &&
54 pskb_expand_head(skb, HH_DATA_ALIGN(hh_len - skb_headroom(skb)),
55 0, GFP_ATOMIC))
56 return -1;
57
50 return 0; 58 return 0;
51} 59}
52EXPORT_SYMBOL(ip6_route_me_harder); 60EXPORT_SYMBOL(ip6_route_me_harder);
diff --git a/net/ipv6/netfilter/Kconfig b/net/ipv6/netfilter/Kconfig
index 10135342799e..c72532a60d88 100644
--- a/net/ipv6/netfilter/Kconfig
+++ b/net/ipv6/netfilter/Kconfig
@@ -181,9 +181,44 @@ config IP6_NF_SECURITY
181 help 181 help
182 This option adds a `security' table to iptables, for use 182 This option adds a `security' table to iptables, for use
183 with Mandatory Access Control (MAC) policy. 183 with Mandatory Access Control (MAC) policy.
184 184
185 If unsure, say N. 185 If unsure, say N.
186 186
187config NF_NAT_IPV6
188 tristate "IPv6 NAT"
189 depends on NF_CONNTRACK_IPV6
190 depends on NETFILTER_ADVANCED
191 select NF_NAT
192 help
193 The IPv6 NAT option allows masquerading, port forwarding and other
194 forms of full Network Address Port Translation. It is controlled by
195 the `nat' table in ip6tables, see the man page for ip6tables(8).
196
197 To compile it as a module, choose M here. If unsure, say N.
198
199if NF_NAT_IPV6
200
201config IP6_NF_TARGET_MASQUERADE
202 tristate "MASQUERADE target support"
203 help
204 Masquerading is a special case of NAT: all outgoing connections are
205 changed to seem to come from a particular interface's address, and
206 if the interface goes down, those connections are lost. This is
207 only useful for dialup accounts with dynamic IP address (ie. your IP
208 address will be different on next dialup).
209
210 To compile it as a module, choose M here. If unsure, say N.
211
212config IP6_NF_TARGET_NPT
213 tristate "NPT (Network Prefix translation) target support"
214 help
215 This option adds the `SNPT' and `DNPT' target, which perform
216 stateless IPv6-to-IPv6 Network Prefix Translation per RFC 6296.
217
218 To compile it as a module, choose M here. If unsure, say N.
219
220endif # NF_NAT_IPV6
221
187endif # IP6_NF_IPTABLES 222endif # IP6_NF_IPTABLES
188 223
189endmenu 224endmenu
diff --git a/net/ipv6/netfilter/Makefile b/net/ipv6/netfilter/Makefile
index 534d3f216f7b..2d11fcc2cf3c 100644
--- a/net/ipv6/netfilter/Makefile
+++ b/net/ipv6/netfilter/Makefile
@@ -8,6 +8,7 @@ obj-$(CONFIG_IP6_NF_FILTER) += ip6table_filter.o
8obj-$(CONFIG_IP6_NF_MANGLE) += ip6table_mangle.o 8obj-$(CONFIG_IP6_NF_MANGLE) += ip6table_mangle.o
9obj-$(CONFIG_IP6_NF_RAW) += ip6table_raw.o 9obj-$(CONFIG_IP6_NF_RAW) += ip6table_raw.o
10obj-$(CONFIG_IP6_NF_SECURITY) += ip6table_security.o 10obj-$(CONFIG_IP6_NF_SECURITY) += ip6table_security.o
11obj-$(CONFIG_NF_NAT_IPV6) += ip6table_nat.o
11 12
12# objects for l3 independent conntrack 13# objects for l3 independent conntrack
13nf_conntrack_ipv6-y := nf_conntrack_l3proto_ipv6.o nf_conntrack_proto_icmpv6.o 14nf_conntrack_ipv6-y := nf_conntrack_l3proto_ipv6.o nf_conntrack_proto_icmpv6.o
@@ -15,6 +16,9 @@ nf_conntrack_ipv6-y := nf_conntrack_l3proto_ipv6.o nf_conntrack_proto_icmpv6.o
15# l3 independent conntrack 16# l3 independent conntrack
16obj-$(CONFIG_NF_CONNTRACK_IPV6) += nf_conntrack_ipv6.o nf_defrag_ipv6.o 17obj-$(CONFIG_NF_CONNTRACK_IPV6) += nf_conntrack_ipv6.o nf_defrag_ipv6.o
17 18
19nf_nat_ipv6-y := nf_nat_l3proto_ipv6.o nf_nat_proto_icmpv6.o
20obj-$(CONFIG_NF_NAT_IPV6) += nf_nat_ipv6.o
21
18# defrag 22# defrag
19nf_defrag_ipv6-y := nf_defrag_ipv6_hooks.o nf_conntrack_reasm.o 23nf_defrag_ipv6-y := nf_defrag_ipv6_hooks.o nf_conntrack_reasm.o
20obj-$(CONFIG_NF_DEFRAG_IPV6) += nf_defrag_ipv6.o 24obj-$(CONFIG_NF_DEFRAG_IPV6) += nf_defrag_ipv6.o
@@ -30,4 +34,6 @@ obj-$(CONFIG_IP6_NF_MATCH_RPFILTER) += ip6t_rpfilter.o
30obj-$(CONFIG_IP6_NF_MATCH_RT) += ip6t_rt.o 34obj-$(CONFIG_IP6_NF_MATCH_RT) += ip6t_rt.o
31 35
32# targets 36# targets
37obj-$(CONFIG_IP6_NF_TARGET_MASQUERADE) += ip6t_MASQUERADE.o
38obj-$(CONFIG_IP6_NF_TARGET_NPT) += ip6t_NPT.o
33obj-$(CONFIG_IP6_NF_TARGET_REJECT) += ip6t_REJECT.o 39obj-$(CONFIG_IP6_NF_TARGET_REJECT) += ip6t_REJECT.o
diff --git a/net/ipv6/netfilter/ip6t_MASQUERADE.c b/net/ipv6/netfilter/ip6t_MASQUERADE.c
new file mode 100644
index 000000000000..60e9053bab05
--- /dev/null
+++ b/net/ipv6/netfilter/ip6t_MASQUERADE.c
@@ -0,0 +1,135 @@
1/*
2 * Copyright (c) 2011 Patrick McHardy <kaber@trash.net>
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
7 *
8 * Based on Rusty Russell's IPv6 MASQUERADE target. Development of IPv6
9 * NAT funded by Astaro.
10 */
11
12#include <linux/kernel.h>
13#include <linux/module.h>
14#include <linux/netdevice.h>
15#include <linux/ipv6.h>
16#include <linux/netfilter.h>
17#include <linux/netfilter_ipv6.h>
18#include <linux/netfilter/x_tables.h>
19#include <net/netfilter/nf_nat.h>
20#include <net/addrconf.h>
21#include <net/ipv6.h>
22
23static unsigned int
24masquerade_tg6(struct sk_buff *skb, const struct xt_action_param *par)
25{
26 const struct nf_nat_range *range = par->targinfo;
27 enum ip_conntrack_info ctinfo;
28 struct in6_addr src;
29 struct nf_conn *ct;
30 struct nf_nat_range newrange;
31
32 ct = nf_ct_get(skb, &ctinfo);
33 NF_CT_ASSERT(ct && (ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED ||
34 ctinfo == IP_CT_RELATED_REPLY));
35
36 if (ipv6_dev_get_saddr(dev_net(par->out), par->out,
37 &ipv6_hdr(skb)->daddr, 0, &src) < 0)
38 return NF_DROP;
39
40 nfct_nat(ct)->masq_index = par->out->ifindex;
41
42 newrange.flags = range->flags | NF_NAT_RANGE_MAP_IPS;
43 newrange.min_addr.in6 = src;
44 newrange.max_addr.in6 = src;
45 newrange.min_proto = range->min_proto;
46 newrange.max_proto = range->max_proto;
47
48 return nf_nat_setup_info(ct, &newrange, NF_NAT_MANIP_SRC);
49}
50
51static int masquerade_tg6_checkentry(const struct xt_tgchk_param *par)
52{
53 const struct nf_nat_range *range = par->targinfo;
54
55 if (range->flags & NF_NAT_RANGE_MAP_IPS)
56 return -EINVAL;
57 return 0;
58}
59
60static int device_cmp(struct nf_conn *ct, void *ifindex)
61{
62 const struct nf_conn_nat *nat = nfct_nat(ct);
63
64 if (!nat)
65 return 0;
66 if (nf_ct_l3num(ct) != NFPROTO_IPV6)
67 return 0;
68 return nat->masq_index == (int)(long)ifindex;
69}
70
71static int masq_device_event(struct notifier_block *this,
72 unsigned long event, void *ptr)
73{
74 const struct net_device *dev = ptr;
75 struct net *net = dev_net(dev);
76
77 if (event == NETDEV_DOWN)
78 nf_ct_iterate_cleanup(net, device_cmp,
79 (void *)(long)dev->ifindex);
80
81 return NOTIFY_DONE;
82}
83
84static struct notifier_block masq_dev_notifier = {
85 .notifier_call = masq_device_event,
86};
87
88static int masq_inet_event(struct notifier_block *this,
89 unsigned long event, void *ptr)
90{
91 struct inet6_ifaddr *ifa = ptr;
92
93 return masq_device_event(this, event, ifa->idev->dev);
94}
95
96static struct notifier_block masq_inet_notifier = {
97 .notifier_call = masq_inet_event,
98};
99
100static struct xt_target masquerade_tg6_reg __read_mostly = {
101 .name = "MASQUERADE",
102 .family = NFPROTO_IPV6,
103 .checkentry = masquerade_tg6_checkentry,
104 .target = masquerade_tg6,
105 .targetsize = sizeof(struct nf_nat_range),
106 .table = "nat",
107 .hooks = 1 << NF_INET_POST_ROUTING,
108 .me = THIS_MODULE,
109};
110
111static int __init masquerade_tg6_init(void)
112{
113 int err;
114
115 err = xt_register_target(&masquerade_tg6_reg);
116 if (err == 0) {
117 register_netdevice_notifier(&masq_dev_notifier);
118 register_inet6addr_notifier(&masq_inet_notifier);
119 }
120
121 return err;
122}
123static void __exit masquerade_tg6_exit(void)
124{
125 unregister_inet6addr_notifier(&masq_inet_notifier);
126 unregister_netdevice_notifier(&masq_dev_notifier);
127 xt_unregister_target(&masquerade_tg6_reg);
128}
129
130module_init(masquerade_tg6_init);
131module_exit(masquerade_tg6_exit);
132
133MODULE_LICENSE("GPL");
134MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");
135MODULE_DESCRIPTION("Xtables: automatic address SNAT");
diff --git a/net/ipv6/netfilter/ip6t_NPT.c b/net/ipv6/netfilter/ip6t_NPT.c
new file mode 100644
index 000000000000..e9486915eff6
--- /dev/null
+++ b/net/ipv6/netfilter/ip6t_NPT.c
@@ -0,0 +1,165 @@
1/*
2 * Copyright (c) 2011, 2012 Patrick McHardy <kaber@trash.net>
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
7 */
8
9#include <linux/module.h>
10#include <linux/skbuff.h>
11#include <linux/ipv6.h>
12#include <linux/netfilter.h>
13#include <linux/netfilter_ipv6.h>
14#include <linux/netfilter_ipv6/ip6t_NPT.h>
15#include <linux/netfilter/x_tables.h>
16
17static __sum16 csum16_complement(__sum16 a)
18{
19 return (__force __sum16)(0xffff - (__force u16)a);
20}
21
22static __sum16 csum16_add(__sum16 a, __sum16 b)
23{
24 u16 sum;
25
26 sum = (__force u16)a + (__force u16)b;
27 sum += (__force u16)a < (__force u16)b;
28 return (__force __sum16)sum;
29}
30
31static __sum16 csum16_sub(__sum16 a, __sum16 b)
32{
33 return csum16_add(a, csum16_complement(b));
34}
35
36static int ip6t_npt_checkentry(const struct xt_tgchk_param *par)
37{
38 struct ip6t_npt_tginfo *npt = par->targinfo;
39 __sum16 src_sum = 0, dst_sum = 0;
40 unsigned int i;
41
42 if (npt->src_pfx_len > 64 || npt->dst_pfx_len > 64)
43 return -EINVAL;
44
45 for (i = 0; i < ARRAY_SIZE(npt->src_pfx.in6.s6_addr16); i++) {
46 src_sum = csum16_add(src_sum,
47 (__force __sum16)npt->src_pfx.in6.s6_addr16[i]);
48 dst_sum = csum16_add(dst_sum,
49 (__force __sum16)npt->dst_pfx.in6.s6_addr16[i]);
50 }
51
52 npt->adjustment = csum16_sub(src_sum, dst_sum);
53 return 0;
54}
55
56static bool ip6t_npt_map_pfx(const struct ip6t_npt_tginfo *npt,
57 struct in6_addr *addr)
58{
59 unsigned int pfx_len;
60 unsigned int i, idx;
61 __be32 mask;
62 __sum16 sum;
63
64 pfx_len = max(npt->src_pfx_len, npt->dst_pfx_len);
65 for (i = 0; i < pfx_len; i += 32) {
66 if (pfx_len - i >= 32)
67 mask = 0;
68 else
69 mask = htonl(~((1 << (pfx_len - i)) - 1));
70
71 idx = i / 32;
72 addr->s6_addr32[idx] &= mask;
73 addr->s6_addr32[idx] |= npt->dst_pfx.in6.s6_addr32[idx];
74 }
75
76 if (pfx_len <= 48)
77 idx = 3;
78 else {
79 for (idx = 4; idx < ARRAY_SIZE(addr->s6_addr16); idx++) {
80 if ((__force __sum16)addr->s6_addr16[idx] !=
81 CSUM_MANGLED_0)
82 break;
83 }
84 if (idx == ARRAY_SIZE(addr->s6_addr16))
85 return false;
86 }
87
88 sum = csum16_add((__force __sum16)addr->s6_addr16[idx],
89 npt->adjustment);
90 if (sum == CSUM_MANGLED_0)
91 sum = 0;
92 *(__force __sum16 *)&addr->s6_addr16[idx] = sum;
93
94 return true;
95}
96
97static unsigned int
98ip6t_snpt_tg(struct sk_buff *skb, const struct xt_action_param *par)
99{
100 const struct ip6t_npt_tginfo *npt = par->targinfo;
101
102 if (!ip6t_npt_map_pfx(npt, &ipv6_hdr(skb)->saddr)) {
103 icmpv6_send(skb, ICMPV6_PARAMPROB, ICMPV6_HDR_FIELD,
104 offsetof(struct ipv6hdr, saddr));
105 return NF_DROP;
106 }
107 return XT_CONTINUE;
108}
109
110static unsigned int
111ip6t_dnpt_tg(struct sk_buff *skb, const struct xt_action_param *par)
112{
113 const struct ip6t_npt_tginfo *npt = par->targinfo;
114
115 if (!ip6t_npt_map_pfx(npt, &ipv6_hdr(skb)->daddr)) {
116 icmpv6_send(skb, ICMPV6_PARAMPROB, ICMPV6_HDR_FIELD,
117 offsetof(struct ipv6hdr, daddr));
118 return NF_DROP;
119 }
120 return XT_CONTINUE;
121}
122
123static struct xt_target ip6t_npt_target_reg[] __read_mostly = {
124 {
125 .name = "SNPT",
126 .target = ip6t_snpt_tg,
127 .targetsize = sizeof(struct ip6t_npt_tginfo),
128 .checkentry = ip6t_npt_checkentry,
129 .family = NFPROTO_IPV6,
130 .hooks = (1 << NF_INET_LOCAL_IN) |
131 (1 << NF_INET_POST_ROUTING),
132 .me = THIS_MODULE,
133 },
134 {
135 .name = "DNPT",
136 .target = ip6t_dnpt_tg,
137 .targetsize = sizeof(struct ip6t_npt_tginfo),
138 .checkentry = ip6t_npt_checkentry,
139 .family = NFPROTO_IPV6,
140 .hooks = (1 << NF_INET_PRE_ROUTING) |
141 (1 << NF_INET_LOCAL_OUT),
142 .me = THIS_MODULE,
143 },
144};
145
146static int __init ip6t_npt_init(void)
147{
148 return xt_register_targets(ip6t_npt_target_reg,
149 ARRAY_SIZE(ip6t_npt_target_reg));
150}
151
152static void __exit ip6t_npt_exit(void)
153{
154 xt_unregister_targets(ip6t_npt_target_reg,
155 ARRAY_SIZE(ip6t_npt_target_reg));
156}
157
158module_init(ip6t_npt_init);
159module_exit(ip6t_npt_exit);
160
161MODULE_LICENSE("GPL");
162MODULE_DESCRIPTION("IPv6-to-IPv6 Network Prefix Translation (RFC 6296)");
163MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");
164MODULE_ALIAS("ip6t_SNPT");
165MODULE_ALIAS("ip6t_DNPT");
diff --git a/net/ipv6/netfilter/ip6table_filter.c b/net/ipv6/netfilter/ip6table_filter.c
index 325e59a0224f..beb5777d2043 100644
--- a/net/ipv6/netfilter/ip6table_filter.c
+++ b/net/ipv6/netfilter/ip6table_filter.c
@@ -61,9 +61,7 @@ static int __net_init ip6table_filter_net_init(struct net *net)
61 net->ipv6.ip6table_filter = 61 net->ipv6.ip6table_filter =
62 ip6t_register_table(net, &packet_filter, repl); 62 ip6t_register_table(net, &packet_filter, repl);
63 kfree(repl); 63 kfree(repl);
64 if (IS_ERR(net->ipv6.ip6table_filter)) 64 return PTR_RET(net->ipv6.ip6table_filter);
65 return PTR_ERR(net->ipv6.ip6table_filter);
66 return 0;
67} 65}
68 66
69static void __net_exit ip6table_filter_net_exit(struct net *net) 67static void __net_exit ip6table_filter_net_exit(struct net *net)
diff --git a/net/ipv6/netfilter/ip6table_mangle.c b/net/ipv6/netfilter/ip6table_mangle.c
index 4d782405f125..7431121b87de 100644
--- a/net/ipv6/netfilter/ip6table_mangle.c
+++ b/net/ipv6/netfilter/ip6table_mangle.c
@@ -97,9 +97,7 @@ static int __net_init ip6table_mangle_net_init(struct net *net)
97 net->ipv6.ip6table_mangle = 97 net->ipv6.ip6table_mangle =
98 ip6t_register_table(net, &packet_mangler, repl); 98 ip6t_register_table(net, &packet_mangler, repl);
99 kfree(repl); 99 kfree(repl);
100 if (IS_ERR(net->ipv6.ip6table_mangle)) 100 return PTR_RET(net->ipv6.ip6table_mangle);
101 return PTR_ERR(net->ipv6.ip6table_mangle);
102 return 0;
103} 101}
104 102
105static void __net_exit ip6table_mangle_net_exit(struct net *net) 103static void __net_exit ip6table_mangle_net_exit(struct net *net)
diff --git a/net/ipv6/netfilter/ip6table_nat.c b/net/ipv6/netfilter/ip6table_nat.c
new file mode 100644
index 000000000000..e418bd6350a4
--- /dev/null
+++ b/net/ipv6/netfilter/ip6table_nat.c
@@ -0,0 +1,321 @@
1/*
2 * Copyright (c) 2011 Patrick McHardy <kaber@trash.net>
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
7 *
8 * Based on Rusty Russell's IPv4 NAT code. Development of IPv6 NAT
9 * funded by Astaro.
10 */
11
12#include <linux/module.h>
13#include <linux/netfilter.h>
14#include <linux/netfilter_ipv6.h>
15#include <linux/netfilter_ipv6/ip6_tables.h>
16#include <linux/ipv6.h>
17#include <net/ipv6.h>
18
19#include <net/netfilter/nf_nat.h>
20#include <net/netfilter/nf_nat_core.h>
21#include <net/netfilter/nf_nat_l3proto.h>
22
23static const struct xt_table nf_nat_ipv6_table = {
24 .name = "nat",
25 .valid_hooks = (1 << NF_INET_PRE_ROUTING) |
26 (1 << NF_INET_POST_ROUTING) |
27 (1 << NF_INET_LOCAL_OUT) |
28 (1 << NF_INET_LOCAL_IN),
29 .me = THIS_MODULE,
30 .af = NFPROTO_IPV6,
31};
32
33static unsigned int alloc_null_binding(struct nf_conn *ct, unsigned int hooknum)
34{
35 /* Force range to this IP; let proto decide mapping for
36 * per-proto parts (hence not IP_NAT_RANGE_PROTO_SPECIFIED).
37 */
38 struct nf_nat_range range;
39
40 range.flags = 0;
41 pr_debug("Allocating NULL binding for %p (%pI6)\n", ct,
42 HOOK2MANIP(hooknum) == NF_NAT_MANIP_SRC ?
43 &ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u3.ip6 :
44 &ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u3.ip6);
45
46 return nf_nat_setup_info(ct, &range, HOOK2MANIP(hooknum));
47}
48
49static unsigned int nf_nat_rule_find(struct sk_buff *skb, unsigned int hooknum,
50 const struct net_device *in,
51 const struct net_device *out,
52 struct nf_conn *ct)
53{
54 struct net *net = nf_ct_net(ct);
55 unsigned int ret;
56
57 ret = ip6t_do_table(skb, hooknum, in, out, net->ipv6.ip6table_nat);
58 if (ret == NF_ACCEPT) {
59 if (!nf_nat_initialized(ct, HOOK2MANIP(hooknum)))
60 ret = alloc_null_binding(ct, hooknum);
61 }
62 return ret;
63}
64
65static unsigned int
66nf_nat_ipv6_fn(unsigned int hooknum,
67 struct sk_buff *skb,
68 const struct net_device *in,
69 const struct net_device *out,
70 int (*okfn)(struct sk_buff *))
71{
72 struct nf_conn *ct;
73 enum ip_conntrack_info ctinfo;
74 struct nf_conn_nat *nat;
75 enum nf_nat_manip_type maniptype = HOOK2MANIP(hooknum);
76 __be16 frag_off;
77 int hdrlen;
78 u8 nexthdr;
79
80 ct = nf_ct_get(skb, &ctinfo);
81 /* Can't track? It's not due to stress, or conntrack would
82 * have dropped it. Hence it's the user's responsibilty to
83 * packet filter it out, or implement conntrack/NAT for that
84 * protocol. 8) --RR
85 */
86 if (!ct)
87 return NF_ACCEPT;
88
89 /* Don't try to NAT if this packet is not conntracked */
90 if (nf_ct_is_untracked(ct))
91 return NF_ACCEPT;
92
93 nat = nfct_nat(ct);
94 if (!nat) {
95 /* NAT module was loaded late. */
96 if (nf_ct_is_confirmed(ct))
97 return NF_ACCEPT;
98 nat = nf_ct_ext_add(ct, NF_CT_EXT_NAT, GFP_ATOMIC);
99 if (nat == NULL) {
100 pr_debug("failed to add NAT extension\n");
101 return NF_ACCEPT;
102 }
103 }
104
105 switch (ctinfo) {
106 case IP_CT_RELATED:
107 case IP_CT_RELATED_REPLY:
108 nexthdr = ipv6_hdr(skb)->nexthdr;
109 hdrlen = ipv6_skip_exthdr(skb, sizeof(struct ipv6hdr),
110 &nexthdr, &frag_off);
111
112 if (hdrlen >= 0 && nexthdr == IPPROTO_ICMPV6) {
113 if (!nf_nat_icmpv6_reply_translation(skb, ct, ctinfo,
114 hooknum, hdrlen))
115 return NF_DROP;
116 else
117 return NF_ACCEPT;
118 }
119 /* Fall thru... (Only ICMPs can be IP_CT_IS_REPLY) */
120 case IP_CT_NEW:
121 /* Seen it before? This can happen for loopback, retrans,
122 * or local packets.
123 */
124 if (!nf_nat_initialized(ct, maniptype)) {
125 unsigned int ret;
126
127 ret = nf_nat_rule_find(skb, hooknum, in, out, ct);
128 if (ret != NF_ACCEPT)
129 return ret;
130 } else
131 pr_debug("Already setup manip %s for ct %p\n",
132 maniptype == NF_NAT_MANIP_SRC ? "SRC" : "DST",
133 ct);
134 break;
135
136 default:
137 /* ESTABLISHED */
138 NF_CT_ASSERT(ctinfo == IP_CT_ESTABLISHED ||
139 ctinfo == IP_CT_ESTABLISHED_REPLY);
140 }
141
142 return nf_nat_packet(ct, ctinfo, hooknum, skb);
143}
144
145static unsigned int
146nf_nat_ipv6_in(unsigned int hooknum,
147 struct sk_buff *skb,
148 const struct net_device *in,
149 const struct net_device *out,
150 int (*okfn)(struct sk_buff *))
151{
152 unsigned int ret;
153 struct in6_addr daddr = ipv6_hdr(skb)->daddr;
154
155 ret = nf_nat_ipv6_fn(hooknum, skb, in, out, okfn);
156 if (ret != NF_DROP && ret != NF_STOLEN &&
157 ipv6_addr_cmp(&daddr, &ipv6_hdr(skb)->daddr))
158 skb_dst_drop(skb);
159
160 return ret;
161}
162
163static unsigned int
164nf_nat_ipv6_out(unsigned int hooknum,
165 struct sk_buff *skb,
166 const struct net_device *in,
167 const struct net_device *out,
168 int (*okfn)(struct sk_buff *))
169{
170#ifdef CONFIG_XFRM
171 const struct nf_conn *ct;
172 enum ip_conntrack_info ctinfo;
173#endif
174 unsigned int ret;
175
176 /* root is playing with raw sockets. */
177 if (skb->len < sizeof(struct ipv6hdr))
178 return NF_ACCEPT;
179
180 ret = nf_nat_ipv6_fn(hooknum, skb, in, out, okfn);
181#ifdef CONFIG_XFRM
182 if (ret != NF_DROP && ret != NF_STOLEN &&
183 !(IP6CB(skb)->flags & IP6SKB_XFRM_TRANSFORMED) &&
184 (ct = nf_ct_get(skb, &ctinfo)) != NULL) {
185 enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo);
186
187 if (!nf_inet_addr_cmp(&ct->tuplehash[dir].tuple.src.u3,
188 &ct->tuplehash[!dir].tuple.dst.u3) ||
189 (ct->tuplehash[dir].tuple.src.u.all !=
190 ct->tuplehash[!dir].tuple.dst.u.all))
191 if (nf_xfrm_me_harder(skb, AF_INET6) < 0)
192 ret = NF_DROP;
193 }
194#endif
195 return ret;
196}
197
198static unsigned int
199nf_nat_ipv6_local_fn(unsigned int hooknum,
200 struct sk_buff *skb,
201 const struct net_device *in,
202 const struct net_device *out,
203 int (*okfn)(struct sk_buff *))
204{
205 const struct nf_conn *ct;
206 enum ip_conntrack_info ctinfo;
207 unsigned int ret;
208
209 /* root is playing with raw sockets. */
210 if (skb->len < sizeof(struct ipv6hdr))
211 return NF_ACCEPT;
212
213 ret = nf_nat_ipv6_fn(hooknum, skb, in, out, okfn);
214 if (ret != NF_DROP && ret != NF_STOLEN &&
215 (ct = nf_ct_get(skb, &ctinfo)) != NULL) {
216 enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo);
217
218 if (!nf_inet_addr_cmp(&ct->tuplehash[dir].tuple.dst.u3,
219 &ct->tuplehash[!dir].tuple.src.u3)) {
220 if (ip6_route_me_harder(skb))
221 ret = NF_DROP;
222 }
223#ifdef CONFIG_XFRM
224 else if (!(IP6CB(skb)->flags & IP6SKB_XFRM_TRANSFORMED) &&
225 ct->tuplehash[dir].tuple.dst.u.all !=
226 ct->tuplehash[!dir].tuple.src.u.all)
227 if (nf_xfrm_me_harder(skb, AF_INET6))
228 ret = NF_DROP;
229#endif
230 }
231 return ret;
232}
233
234static struct nf_hook_ops nf_nat_ipv6_ops[] __read_mostly = {
235 /* Before packet filtering, change destination */
236 {
237 .hook = nf_nat_ipv6_in,
238 .owner = THIS_MODULE,
239 .pf = NFPROTO_IPV6,
240 .hooknum = NF_INET_PRE_ROUTING,
241 .priority = NF_IP6_PRI_NAT_DST,
242 },
243 /* After packet filtering, change source */
244 {
245 .hook = nf_nat_ipv6_out,
246 .owner = THIS_MODULE,
247 .pf = NFPROTO_IPV6,
248 .hooknum = NF_INET_POST_ROUTING,
249 .priority = NF_IP6_PRI_NAT_SRC,
250 },
251 /* Before packet filtering, change destination */
252 {
253 .hook = nf_nat_ipv6_local_fn,
254 .owner = THIS_MODULE,
255 .pf = NFPROTO_IPV6,
256 .hooknum = NF_INET_LOCAL_OUT,
257 .priority = NF_IP6_PRI_NAT_DST,
258 },
259 /* After packet filtering, change source */
260 {
261 .hook = nf_nat_ipv6_fn,
262 .owner = THIS_MODULE,
263 .pf = NFPROTO_IPV6,
264 .hooknum = NF_INET_LOCAL_IN,
265 .priority = NF_IP6_PRI_NAT_SRC,
266 },
267};
268
269static int __net_init ip6table_nat_net_init(struct net *net)
270{
271 struct ip6t_replace *repl;
272
273 repl = ip6t_alloc_initial_table(&nf_nat_ipv6_table);
274 if (repl == NULL)
275 return -ENOMEM;
276 net->ipv6.ip6table_nat = ip6t_register_table(net, &nf_nat_ipv6_table, repl);
277 kfree(repl);
278 if (IS_ERR(net->ipv6.ip6table_nat))
279 return PTR_ERR(net->ipv6.ip6table_nat);
280 return 0;
281}
282
283static void __net_exit ip6table_nat_net_exit(struct net *net)
284{
285 ip6t_unregister_table(net, net->ipv6.ip6table_nat);
286}
287
288static struct pernet_operations ip6table_nat_net_ops = {
289 .init = ip6table_nat_net_init,
290 .exit = ip6table_nat_net_exit,
291};
292
293static int __init ip6table_nat_init(void)
294{
295 int err;
296
297 err = register_pernet_subsys(&ip6table_nat_net_ops);
298 if (err < 0)
299 goto err1;
300
301 err = nf_register_hooks(nf_nat_ipv6_ops, ARRAY_SIZE(nf_nat_ipv6_ops));
302 if (err < 0)
303 goto err2;
304 return 0;
305
306err2:
307 unregister_pernet_subsys(&ip6table_nat_net_ops);
308err1:
309 return err;
310}
311
312static void __exit ip6table_nat_exit(void)
313{
314 nf_unregister_hooks(nf_nat_ipv6_ops, ARRAY_SIZE(nf_nat_ipv6_ops));
315 unregister_pernet_subsys(&ip6table_nat_net_ops);
316}
317
318module_init(ip6table_nat_init);
319module_exit(ip6table_nat_exit);
320
321MODULE_LICENSE("GPL");
diff --git a/net/ipv6/netfilter/ip6table_raw.c b/net/ipv6/netfilter/ip6table_raw.c
index 5b9926a011bd..60d1bddff7a0 100644
--- a/net/ipv6/netfilter/ip6table_raw.c
+++ b/net/ipv6/netfilter/ip6table_raw.c
@@ -40,9 +40,7 @@ static int __net_init ip6table_raw_net_init(struct net *net)
40 net->ipv6.ip6table_raw = 40 net->ipv6.ip6table_raw =
41 ip6t_register_table(net, &packet_raw, repl); 41 ip6t_register_table(net, &packet_raw, repl);
42 kfree(repl); 42 kfree(repl);
43 if (IS_ERR(net->ipv6.ip6table_raw)) 43 return PTR_RET(net->ipv6.ip6table_raw);
44 return PTR_ERR(net->ipv6.ip6table_raw);
45 return 0;
46} 44}
47 45
48static void __net_exit ip6table_raw_net_exit(struct net *net) 46static void __net_exit ip6table_raw_net_exit(struct net *net)
diff --git a/net/ipv6/netfilter/ip6table_security.c b/net/ipv6/netfilter/ip6table_security.c
index 91aa2b4d83c9..db155351339c 100644
--- a/net/ipv6/netfilter/ip6table_security.c
+++ b/net/ipv6/netfilter/ip6table_security.c
@@ -58,10 +58,7 @@ static int __net_init ip6table_security_net_init(struct net *net)
58 net->ipv6.ip6table_security = 58 net->ipv6.ip6table_security =
59 ip6t_register_table(net, &security_table, repl); 59 ip6t_register_table(net, &security_table, repl);
60 kfree(repl); 60 kfree(repl);
61 if (IS_ERR(net->ipv6.ip6table_security)) 61 return PTR_RET(net->ipv6.ip6table_security);
62 return PTR_ERR(net->ipv6.ip6table_security);
63
64 return 0;
65} 62}
66 63
67static void __net_exit ip6table_security_net_exit(struct net *net) 64static void __net_exit ip6table_security_net_exit(struct net *net)
diff --git a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
index 4794f96cf2e0..8860d23e61cf 100644
--- a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
+++ b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
@@ -28,6 +28,7 @@
28#include <net/netfilter/nf_conntrack_core.h> 28#include <net/netfilter/nf_conntrack_core.h>
29#include <net/netfilter/nf_conntrack_zones.h> 29#include <net/netfilter/nf_conntrack_zones.h>
30#include <net/netfilter/ipv6/nf_conntrack_ipv6.h> 30#include <net/netfilter/ipv6/nf_conntrack_ipv6.h>
31#include <net/netfilter/nf_nat_helper.h>
31#include <net/netfilter/ipv6/nf_defrag_ipv6.h> 32#include <net/netfilter/ipv6/nf_defrag_ipv6.h>
32#include <net/netfilter/nf_log.h> 33#include <net/netfilter/nf_log.h>
33 34
@@ -64,82 +65,31 @@ static int ipv6_print_tuple(struct seq_file *s,
64 tuple->src.u3.ip6, tuple->dst.u3.ip6); 65 tuple->src.u3.ip6, tuple->dst.u3.ip6);
65} 66}
66 67
67/*
68 * Based on ipv6_skip_exthdr() in net/ipv6/exthdr.c
69 *
70 * This function parses (probably truncated) exthdr set "hdr"
71 * of length "len". "nexthdrp" initially points to some place,
72 * where type of the first header can be found.
73 *
74 * It skips all well-known exthdrs, and returns pointer to the start
75 * of unparsable area i.e. the first header with unknown type.
76 * if success, *nexthdr is updated by type/protocol of this header.
77 *
78 * NOTES: - it may return pointer pointing beyond end of packet,
79 * if the last recognized header is truncated in the middle.
80 * - if packet is truncated, so that all parsed headers are skipped,
81 * it returns -1.
82 * - if packet is fragmented, return pointer of the fragment header.
83 * - ESP is unparsable for now and considered like
84 * normal payload protocol.
85 * - Note also special handling of AUTH header. Thanks to IPsec wizards.
86 */
87
88static int nf_ct_ipv6_skip_exthdr(const struct sk_buff *skb, int start,
89 u8 *nexthdrp, int len)
90{
91 u8 nexthdr = *nexthdrp;
92
93 while (ipv6_ext_hdr(nexthdr)) {
94 struct ipv6_opt_hdr hdr;
95 int hdrlen;
96
97 if (len < (int)sizeof(struct ipv6_opt_hdr))
98 return -1;
99 if (nexthdr == NEXTHDR_NONE)
100 break;
101 if (nexthdr == NEXTHDR_FRAGMENT)
102 break;
103 if (skb_copy_bits(skb, start, &hdr, sizeof(hdr)))
104 BUG();
105 if (nexthdr == NEXTHDR_AUTH)
106 hdrlen = (hdr.hdrlen+2)<<2;
107 else
108 hdrlen = ipv6_optlen(&hdr);
109
110 nexthdr = hdr.nexthdr;
111 len -= hdrlen;
112 start += hdrlen;
113 }
114
115 *nexthdrp = nexthdr;
116 return start;
117}
118
119static int ipv6_get_l4proto(const struct sk_buff *skb, unsigned int nhoff, 68static int ipv6_get_l4proto(const struct sk_buff *skb, unsigned int nhoff,
120 unsigned int *dataoff, u_int8_t *protonum) 69 unsigned int *dataoff, u_int8_t *protonum)
121{ 70{
122 unsigned int extoff = nhoff + sizeof(struct ipv6hdr); 71 unsigned int extoff = nhoff + sizeof(struct ipv6hdr);
123 unsigned char pnum; 72 __be16 frag_off;
124 int protoff; 73 int protoff;
74 u8 nexthdr;
125 75
126 if (skb_copy_bits(skb, nhoff + offsetof(struct ipv6hdr, nexthdr), 76 if (skb_copy_bits(skb, nhoff + offsetof(struct ipv6hdr, nexthdr),
127 &pnum, sizeof(pnum)) != 0) { 77 &nexthdr, sizeof(nexthdr)) != 0) {
128 pr_debug("ip6_conntrack_core: can't get nexthdr\n"); 78 pr_debug("ip6_conntrack_core: can't get nexthdr\n");
129 return -NF_ACCEPT; 79 return -NF_ACCEPT;
130 } 80 }
131 protoff = nf_ct_ipv6_skip_exthdr(skb, extoff, &pnum, skb->len - extoff); 81 protoff = ipv6_skip_exthdr(skb, extoff, &nexthdr, &frag_off);
132 /* 82 /*
133 * (protoff == skb->len) mean that the packet doesn't have no data 83 * (protoff == skb->len) mean that the packet doesn't have no data
134 * except of IPv6 & ext headers. but it's tracked anyway. - YK 84 * except of IPv6 & ext headers. but it's tracked anyway. - YK
135 */ 85 */
136 if ((protoff < 0) || (protoff > skb->len)) { 86 if (protoff < 0 || (frag_off & htons(~0x7)) != 0) {
137 pr_debug("ip6_conntrack_core: can't find proto in pkt\n"); 87 pr_debug("ip6_conntrack_core: can't find proto in pkt\n");
138 return -NF_ACCEPT; 88 return -NF_ACCEPT;
139 } 89 }
140 90
141 *dataoff = protoff; 91 *dataoff = protoff;
142 *protonum = pnum; 92 *protonum = nexthdr;
143 return NF_ACCEPT; 93 return NF_ACCEPT;
144} 94}
145 95
@@ -153,10 +103,10 @@ static unsigned int ipv6_helper(unsigned int hooknum,
153 const struct nf_conn_help *help; 103 const struct nf_conn_help *help;
154 const struct nf_conntrack_helper *helper; 104 const struct nf_conntrack_helper *helper;
155 enum ip_conntrack_info ctinfo; 105 enum ip_conntrack_info ctinfo;
156 unsigned int ret, protoff; 106 unsigned int ret;
157 unsigned int extoff = (u8 *)(ipv6_hdr(skb) + 1) - skb->data; 107 __be16 frag_off;
158 unsigned char pnum = ipv6_hdr(skb)->nexthdr; 108 int protoff;
159 109 u8 nexthdr;
160 110
161 /* This is where we call the helper: as the packet goes out. */ 111 /* This is where we call the helper: as the packet goes out. */
162 ct = nf_ct_get(skb, &ctinfo); 112 ct = nf_ct_get(skb, &ctinfo);
@@ -171,9 +121,10 @@ static unsigned int ipv6_helper(unsigned int hooknum,
171 if (!helper) 121 if (!helper)
172 return NF_ACCEPT; 122 return NF_ACCEPT;
173 123
174 protoff = nf_ct_ipv6_skip_exthdr(skb, extoff, &pnum, 124 nexthdr = ipv6_hdr(skb)->nexthdr;
175 skb->len - extoff); 125 protoff = ipv6_skip_exthdr(skb, sizeof(struct ipv6hdr), &nexthdr,
176 if (protoff > skb->len || pnum == NEXTHDR_FRAGMENT) { 126 &frag_off);
127 if (protoff < 0 || (frag_off & htons(~0x7)) != 0) {
177 pr_debug("proto header not found\n"); 128 pr_debug("proto header not found\n");
178 return NF_ACCEPT; 129 return NF_ACCEPT;
179 } 130 }
@@ -192,6 +143,36 @@ static unsigned int ipv6_confirm(unsigned int hooknum,
192 const struct net_device *out, 143 const struct net_device *out,
193 int (*okfn)(struct sk_buff *)) 144 int (*okfn)(struct sk_buff *))
194{ 145{
146 struct nf_conn *ct;
147 enum ip_conntrack_info ctinfo;
148 unsigned char pnum = ipv6_hdr(skb)->nexthdr;
149 int protoff;
150 __be16 frag_off;
151
152 ct = nf_ct_get(skb, &ctinfo);
153 if (!ct || ctinfo == IP_CT_RELATED_REPLY)
154 goto out;
155
156 protoff = ipv6_skip_exthdr(skb, sizeof(struct ipv6hdr), &pnum,
157 &frag_off);
158 if (protoff < 0 || (frag_off & htons(~0x7)) != 0) {
159 pr_debug("proto header not found\n");
160 goto out;
161 }
162
163 /* adjust seqs for loopback traffic only in outgoing direction */
164 if (test_bit(IPS_SEQ_ADJUST_BIT, &ct->status) &&
165 !nf_is_loopback_packet(skb)) {
166 typeof(nf_nat_seq_adjust_hook) seq_adjust;
167
168 seq_adjust = rcu_dereference(nf_nat_seq_adjust_hook);
169 if (!seq_adjust ||
170 !seq_adjust(skb, ct, ctinfo, protoff)) {
171 NF_CT_STAT_INC_ATOMIC(nf_ct_net(ct), drop);
172 return NF_DROP;
173 }
174 }
175out:
195 /* We've seen it coming out the other side: confirm it */ 176 /* We've seen it coming out the other side: confirm it */
196 return nf_conntrack_confirm(skb); 177 return nf_conntrack_confirm(skb);
197} 178}
@@ -199,9 +180,14 @@ static unsigned int ipv6_confirm(unsigned int hooknum,
199static unsigned int __ipv6_conntrack_in(struct net *net, 180static unsigned int __ipv6_conntrack_in(struct net *net,
200 unsigned int hooknum, 181 unsigned int hooknum,
201 struct sk_buff *skb, 182 struct sk_buff *skb,
183 const struct net_device *in,
184 const struct net_device *out,
202 int (*okfn)(struct sk_buff *)) 185 int (*okfn)(struct sk_buff *))
203{ 186{
204 struct sk_buff *reasm = skb->nfct_reasm; 187 struct sk_buff *reasm = skb->nfct_reasm;
188 const struct nf_conn_help *help;
189 struct nf_conn *ct;
190 enum ip_conntrack_info ctinfo;
205 191
206 /* This packet is fragmented and has reassembled packet. */ 192 /* This packet is fragmented and has reassembled packet. */
207 if (reasm) { 193 if (reasm) {
@@ -213,6 +199,25 @@ static unsigned int __ipv6_conntrack_in(struct net *net,
213 if (ret != NF_ACCEPT) 199 if (ret != NF_ACCEPT)
214 return ret; 200 return ret;
215 } 201 }
202
203 /* Conntrack helpers need the entire reassembled packet in the
204 * POST_ROUTING hook. In case of unconfirmed connections NAT
205 * might reassign a helper, so the entire packet is also
206 * required.
207 */
208 ct = nf_ct_get(reasm, &ctinfo);
209 if (ct != NULL && !nf_ct_is_untracked(ct)) {
210 help = nfct_help(ct);
211 if ((help && help->helper) || !nf_ct_is_confirmed(ct)) {
212 nf_conntrack_get_reasm(skb);
213 NF_HOOK_THRESH(NFPROTO_IPV6, hooknum, reasm,
214 (struct net_device *)in,
215 (struct net_device *)out,
216 okfn, NF_IP6_PRI_CONNTRACK + 1);
217 return NF_DROP_ERR(-ECANCELED);
218 }
219 }
220
216 nf_conntrack_get(reasm->nfct); 221 nf_conntrack_get(reasm->nfct);
217 skb->nfct = reasm->nfct; 222 skb->nfct = reasm->nfct;
218 skb->nfctinfo = reasm->nfctinfo; 223 skb->nfctinfo = reasm->nfctinfo;
@@ -228,7 +233,7 @@ static unsigned int ipv6_conntrack_in(unsigned int hooknum,
228 const struct net_device *out, 233 const struct net_device *out,
229 int (*okfn)(struct sk_buff *)) 234 int (*okfn)(struct sk_buff *))
230{ 235{
231 return __ipv6_conntrack_in(dev_net(in), hooknum, skb, okfn); 236 return __ipv6_conntrack_in(dev_net(in), hooknum, skb, in, out, okfn);
232} 237}
233 238
234static unsigned int ipv6_conntrack_local(unsigned int hooknum, 239static unsigned int ipv6_conntrack_local(unsigned int hooknum,
@@ -242,7 +247,7 @@ static unsigned int ipv6_conntrack_local(unsigned int hooknum,
242 net_notice_ratelimited("ipv6_conntrack_local: packet too short\n"); 247 net_notice_ratelimited("ipv6_conntrack_local: packet too short\n");
243 return NF_ACCEPT; 248 return NF_ACCEPT;
244 } 249 }
245 return __ipv6_conntrack_in(dev_net(out), hooknum, skb, okfn); 250 return __ipv6_conntrack_in(dev_net(out), hooknum, skb, in, out, okfn);
246} 251}
247 252
248static struct nf_hook_ops ipv6_conntrack_ops[] __read_mostly = { 253static struct nf_hook_ops ipv6_conntrack_ops[] __read_mostly = {
diff --git a/net/ipv6/netfilter/nf_conntrack_reasm.c b/net/ipv6/netfilter/nf_conntrack_reasm.c
index c9c78c2e666b..18bd9bbbd1c6 100644
--- a/net/ipv6/netfilter/nf_conntrack_reasm.c
+++ b/net/ipv6/netfilter/nf_conntrack_reasm.c
@@ -57,41 +57,27 @@ struct nf_ct_frag6_skb_cb
57 57
58#define NFCT_FRAG6_CB(skb) ((struct nf_ct_frag6_skb_cb*)((skb)->cb)) 58#define NFCT_FRAG6_CB(skb) ((struct nf_ct_frag6_skb_cb*)((skb)->cb))
59 59
60struct nf_ct_frag6_queue
61{
62 struct inet_frag_queue q;
63
64 __be32 id; /* fragment id */
65 u32 user;
66 struct in6_addr saddr;
67 struct in6_addr daddr;
68
69 unsigned int csum;
70 __u16 nhoffset;
71};
72
73static struct inet_frags nf_frags; 60static struct inet_frags nf_frags;
74static struct netns_frags nf_init_frags;
75 61
76#ifdef CONFIG_SYSCTL 62#ifdef CONFIG_SYSCTL
77static struct ctl_table nf_ct_frag6_sysctl_table[] = { 63static struct ctl_table nf_ct_frag6_sysctl_table[] = {
78 { 64 {
79 .procname = "nf_conntrack_frag6_timeout", 65 .procname = "nf_conntrack_frag6_timeout",
80 .data = &nf_init_frags.timeout, 66 .data = &init_net.nf_frag.frags.timeout,
81 .maxlen = sizeof(unsigned int), 67 .maxlen = sizeof(unsigned int),
82 .mode = 0644, 68 .mode = 0644,
83 .proc_handler = proc_dointvec_jiffies, 69 .proc_handler = proc_dointvec_jiffies,
84 }, 70 },
85 { 71 {
86 .procname = "nf_conntrack_frag6_low_thresh", 72 .procname = "nf_conntrack_frag6_low_thresh",
87 .data = &nf_init_frags.low_thresh, 73 .data = &init_net.nf_frag.frags.low_thresh,
88 .maxlen = sizeof(unsigned int), 74 .maxlen = sizeof(unsigned int),
89 .mode = 0644, 75 .mode = 0644,
90 .proc_handler = proc_dointvec, 76 .proc_handler = proc_dointvec,
91 }, 77 },
92 { 78 {
93 .procname = "nf_conntrack_frag6_high_thresh", 79 .procname = "nf_conntrack_frag6_high_thresh",
94 .data = &nf_init_frags.high_thresh, 80 .data = &init_net.nf_frag.frags.high_thresh,
95 .maxlen = sizeof(unsigned int), 81 .maxlen = sizeof(unsigned int),
96 .mode = 0644, 82 .mode = 0644,
97 .proc_handler = proc_dointvec, 83 .proc_handler = proc_dointvec,
@@ -99,68 +85,86 @@ static struct ctl_table nf_ct_frag6_sysctl_table[] = {
99 { } 85 { }
100}; 86};
101 87
102static struct ctl_table_header *nf_ct_frag6_sysctl_header; 88static int __net_init nf_ct_frag6_sysctl_register(struct net *net)
103#endif
104
105static unsigned int nf_hashfn(struct inet_frag_queue *q)
106{ 89{
107 const struct nf_ct_frag6_queue *nq; 90 struct ctl_table *table;
91 struct ctl_table_header *hdr;
92
93 table = nf_ct_frag6_sysctl_table;
94 if (!net_eq(net, &init_net)) {
95 table = kmemdup(table, sizeof(nf_ct_frag6_sysctl_table),
96 GFP_KERNEL);
97 if (table == NULL)
98 goto err_alloc;
99
100 table[0].data = &net->ipv6.frags.high_thresh;
101 table[1].data = &net->ipv6.frags.low_thresh;
102 table[2].data = &net->ipv6.frags.timeout;
103 }
108 104
109 nq = container_of(q, struct nf_ct_frag6_queue, q); 105 hdr = register_net_sysctl(net, "net/netfilter", table);
110 return inet6_hash_frag(nq->id, &nq->saddr, &nq->daddr, nf_frags.rnd); 106 if (hdr == NULL)
107 goto err_reg;
108
109 net->nf_frag.sysctl.frags_hdr = hdr;
110 return 0;
111
112err_reg:
113 if (!net_eq(net, &init_net))
114 kfree(table);
115err_alloc:
116 return -ENOMEM;
111} 117}
112 118
113static void nf_skb_free(struct sk_buff *skb) 119static void __net_exit nf_ct_frags6_sysctl_unregister(struct net *net)
114{ 120{
115 if (NFCT_FRAG6_CB(skb)->orig) 121 struct ctl_table *table;
116 kfree_skb(NFCT_FRAG6_CB(skb)->orig);
117}
118 122
119/* Destruction primitives. */ 123 table = net->nf_frag.sysctl.frags_hdr->ctl_table_arg;
124 unregister_net_sysctl_table(net->nf_frag.sysctl.frags_hdr);
125 if (!net_eq(net, &init_net))
126 kfree(table);
127}
120 128
121static __inline__ void fq_put(struct nf_ct_frag6_queue *fq) 129#else
130static int __net_init nf_ct_frag6_sysctl_register(struct net *net)
122{ 131{
123 inet_frag_put(&fq->q, &nf_frags); 132 return 0;
124} 133}
134static void __net_exit nf_ct_frags6_sysctl_unregister(struct net *net)
135{
136}
137#endif
125 138
126/* Kill fq entry. It is not destroyed immediately, 139static unsigned int nf_hashfn(struct inet_frag_queue *q)
127 * because caller (and someone more) holds reference count.
128 */
129static __inline__ void fq_kill(struct nf_ct_frag6_queue *fq)
130{ 140{
131 inet_frag_kill(&fq->q, &nf_frags); 141 const struct frag_queue *nq;
142
143 nq = container_of(q, struct frag_queue, q);
144 return inet6_hash_frag(nq->id, &nq->saddr, &nq->daddr, nf_frags.rnd);
132} 145}
133 146
134static void nf_ct_frag6_evictor(void) 147static void nf_skb_free(struct sk_buff *skb)
135{ 148{
136 local_bh_disable(); 149 if (NFCT_FRAG6_CB(skb)->orig)
137 inet_frag_evictor(&nf_init_frags, &nf_frags); 150 kfree_skb(NFCT_FRAG6_CB(skb)->orig);
138 local_bh_enable();
139} 151}
140 152
141static void nf_ct_frag6_expire(unsigned long data) 153static void nf_ct_frag6_expire(unsigned long data)
142{ 154{
143 struct nf_ct_frag6_queue *fq; 155 struct frag_queue *fq;
144 156 struct net *net;
145 fq = container_of((struct inet_frag_queue *)data,
146 struct nf_ct_frag6_queue, q);
147
148 spin_lock(&fq->q.lock);
149 157
150 if (fq->q.last_in & INET_FRAG_COMPLETE) 158 fq = container_of((struct inet_frag_queue *)data, struct frag_queue, q);
151 goto out; 159 net = container_of(fq->q.net, struct net, nf_frag.frags);
152 160
153 fq_kill(fq); 161 ip6_expire_frag_queue(net, fq, &nf_frags);
154
155out:
156 spin_unlock(&fq->q.lock);
157 fq_put(fq);
158} 162}
159 163
160/* Creation primitives. */ 164/* Creation primitives. */
161 165static inline struct frag_queue *fq_find(struct net *net, __be32 id,
162static __inline__ struct nf_ct_frag6_queue * 166 u32 user, struct in6_addr *src,
163fq_find(__be32 id, u32 user, struct in6_addr *src, struct in6_addr *dst) 167 struct in6_addr *dst)
164{ 168{
165 struct inet_frag_queue *q; 169 struct inet_frag_queue *q;
166 struct ip6_create_arg arg; 170 struct ip6_create_arg arg;
@@ -174,22 +178,23 @@ fq_find(__be32 id, u32 user, struct in6_addr *src, struct in6_addr *dst)
174 read_lock_bh(&nf_frags.lock); 178 read_lock_bh(&nf_frags.lock);
175 hash = inet6_hash_frag(id, src, dst, nf_frags.rnd); 179 hash = inet6_hash_frag(id, src, dst, nf_frags.rnd);
176 180
177 q = inet_frag_find(&nf_init_frags, &nf_frags, &arg, hash); 181 q = inet_frag_find(&net->nf_frag.frags, &nf_frags, &arg, hash);
178 local_bh_enable(); 182 local_bh_enable();
179 if (q == NULL) 183 if (q == NULL)
180 goto oom; 184 goto oom;
181 185
182 return container_of(q, struct nf_ct_frag6_queue, q); 186 return container_of(q, struct frag_queue, q);
183 187
184oom: 188oom:
185 return NULL; 189 return NULL;
186} 190}
187 191
188 192
189static int nf_ct_frag6_queue(struct nf_ct_frag6_queue *fq, struct sk_buff *skb, 193static int nf_ct_frag6_queue(struct frag_queue *fq, struct sk_buff *skb,
190 const struct frag_hdr *fhdr, int nhoff) 194 const struct frag_hdr *fhdr, int nhoff)
191{ 195{
192 struct sk_buff *prev, *next; 196 struct sk_buff *prev, *next;
197 unsigned int payload_len;
193 int offset, end; 198 int offset, end;
194 199
195 if (fq->q.last_in & INET_FRAG_COMPLETE) { 200 if (fq->q.last_in & INET_FRAG_COMPLETE) {
@@ -197,8 +202,10 @@ static int nf_ct_frag6_queue(struct nf_ct_frag6_queue *fq, struct sk_buff *skb,
197 goto err; 202 goto err;
198 } 203 }
199 204
205 payload_len = ntohs(ipv6_hdr(skb)->payload_len);
206
200 offset = ntohs(fhdr->frag_off) & ~0x7; 207 offset = ntohs(fhdr->frag_off) & ~0x7;
201 end = offset + (ntohs(ipv6_hdr(skb)->payload_len) - 208 end = offset + (payload_len -
202 ((u8 *)(fhdr + 1) - (u8 *)(ipv6_hdr(skb) + 1))); 209 ((u8 *)(fhdr + 1) - (u8 *)(ipv6_hdr(skb) + 1)));
203 210
204 if ((unsigned int)end > IPV6_MAXPLEN) { 211 if ((unsigned int)end > IPV6_MAXPLEN) {
@@ -307,7 +314,9 @@ found:
307 skb->dev = NULL; 314 skb->dev = NULL;
308 fq->q.stamp = skb->tstamp; 315 fq->q.stamp = skb->tstamp;
309 fq->q.meat += skb->len; 316 fq->q.meat += skb->len;
310 atomic_add(skb->truesize, &nf_init_frags.mem); 317 if (payload_len > fq->q.max_size)
318 fq->q.max_size = payload_len;
319 atomic_add(skb->truesize, &fq->q.net->mem);
311 320
312 /* The first fragment. 321 /* The first fragment.
313 * nhoffset is obtained from the first fragment, of course. 322 * nhoffset is obtained from the first fragment, of course.
@@ -317,12 +326,12 @@ found:
317 fq->q.last_in |= INET_FRAG_FIRST_IN; 326 fq->q.last_in |= INET_FRAG_FIRST_IN;
318 } 327 }
319 write_lock(&nf_frags.lock); 328 write_lock(&nf_frags.lock);
320 list_move_tail(&fq->q.lru_list, &nf_init_frags.lru_list); 329 list_move_tail(&fq->q.lru_list, &fq->q.net->lru_list);
321 write_unlock(&nf_frags.lock); 330 write_unlock(&nf_frags.lock);
322 return 0; 331 return 0;
323 332
324discard_fq: 333discard_fq:
325 fq_kill(fq); 334 inet_frag_kill(&fq->q, &nf_frags);
326err: 335err:
327 return -1; 336 return -1;
328} 337}
@@ -337,12 +346,12 @@ err:
337 * the last and the first frames arrived and all the bits are here. 346 * the last and the first frames arrived and all the bits are here.
338 */ 347 */
339static struct sk_buff * 348static struct sk_buff *
340nf_ct_frag6_reasm(struct nf_ct_frag6_queue *fq, struct net_device *dev) 349nf_ct_frag6_reasm(struct frag_queue *fq, struct net_device *dev)
341{ 350{
342 struct sk_buff *fp, *op, *head = fq->q.fragments; 351 struct sk_buff *fp, *op, *head = fq->q.fragments;
343 int payload_len; 352 int payload_len;
344 353
345 fq_kill(fq); 354 inet_frag_kill(&fq->q, &nf_frags);
346 355
347 WARN_ON(head == NULL); 356 WARN_ON(head == NULL);
348 WARN_ON(NFCT_FRAG6_CB(head)->offset != 0); 357 WARN_ON(NFCT_FRAG6_CB(head)->offset != 0);
@@ -386,7 +395,7 @@ nf_ct_frag6_reasm(struct nf_ct_frag6_queue *fq, struct net_device *dev)
386 clone->ip_summed = head->ip_summed; 395 clone->ip_summed = head->ip_summed;
387 396
388 NFCT_FRAG6_CB(clone)->orig = NULL; 397 NFCT_FRAG6_CB(clone)->orig = NULL;
389 atomic_add(clone->truesize, &nf_init_frags.mem); 398 atomic_add(clone->truesize, &fq->q.net->mem);
390 } 399 }
391 400
392 /* We have to remove fragment header from datagram and to relocate 401 /* We have to remove fragment header from datagram and to relocate
@@ -410,12 +419,14 @@ nf_ct_frag6_reasm(struct nf_ct_frag6_queue *fq, struct net_device *dev)
410 head->csum = csum_add(head->csum, fp->csum); 419 head->csum = csum_add(head->csum, fp->csum);
411 head->truesize += fp->truesize; 420 head->truesize += fp->truesize;
412 } 421 }
413 atomic_sub(head->truesize, &nf_init_frags.mem); 422 atomic_sub(head->truesize, &fq->q.net->mem);
414 423
424 head->local_df = 1;
415 head->next = NULL; 425 head->next = NULL;
416 head->dev = dev; 426 head->dev = dev;
417 head->tstamp = fq->q.stamp; 427 head->tstamp = fq->q.stamp;
418 ipv6_hdr(head)->payload_len = htons(payload_len); 428 ipv6_hdr(head)->payload_len = htons(payload_len);
429 IP6CB(head)->frag_max_size = sizeof(struct ipv6hdr) + fq->q.max_size;
419 430
420 /* Yes, and fold redundant checksum back. 8) */ 431 /* Yes, and fold redundant checksum back. 8) */
421 if (head->ip_summed == CHECKSUM_COMPLETE) 432 if (head->ip_summed == CHECKSUM_COMPLETE)
@@ -520,8 +531,10 @@ struct sk_buff *nf_ct_frag6_gather(struct sk_buff *skb, u32 user)
520{ 531{
521 struct sk_buff *clone; 532 struct sk_buff *clone;
522 struct net_device *dev = skb->dev; 533 struct net_device *dev = skb->dev;
534 struct net *net = skb_dst(skb) ? dev_net(skb_dst(skb)->dev)
535 : dev_net(skb->dev);
523 struct frag_hdr *fhdr; 536 struct frag_hdr *fhdr;
524 struct nf_ct_frag6_queue *fq; 537 struct frag_queue *fq;
525 struct ipv6hdr *hdr; 538 struct ipv6hdr *hdr;
526 int fhoff, nhoff; 539 int fhoff, nhoff;
527 u8 prevhdr; 540 u8 prevhdr;
@@ -553,10 +566,11 @@ struct sk_buff *nf_ct_frag6_gather(struct sk_buff *skb, u32 user)
553 hdr = ipv6_hdr(clone); 566 hdr = ipv6_hdr(clone);
554 fhdr = (struct frag_hdr *)skb_transport_header(clone); 567 fhdr = (struct frag_hdr *)skb_transport_header(clone);
555 568
556 if (atomic_read(&nf_init_frags.mem) > nf_init_frags.high_thresh) 569 local_bh_disable();
557 nf_ct_frag6_evictor(); 570 inet_frag_evictor(&net->nf_frag.frags, &nf_frags, false);
571 local_bh_enable();
558 572
559 fq = fq_find(fhdr->identification, user, &hdr->saddr, &hdr->daddr); 573 fq = fq_find(net, fhdr->identification, user, &hdr->saddr, &hdr->daddr);
560 if (fq == NULL) { 574 if (fq == NULL) {
561 pr_debug("Can't find and can't create new queue\n"); 575 pr_debug("Can't find and can't create new queue\n");
562 goto ret_orig; 576 goto ret_orig;
@@ -567,7 +581,7 @@ struct sk_buff *nf_ct_frag6_gather(struct sk_buff *skb, u32 user)
567 if (nf_ct_frag6_queue(fq, clone, fhdr, nhoff) < 0) { 581 if (nf_ct_frag6_queue(fq, clone, fhdr, nhoff) < 0) {
568 spin_unlock_bh(&fq->q.lock); 582 spin_unlock_bh(&fq->q.lock);
569 pr_debug("Can't insert skb to queue\n"); 583 pr_debug("Can't insert skb to queue\n");
570 fq_put(fq); 584 inet_frag_put(&fq->q, &nf_frags);
571 goto ret_orig; 585 goto ret_orig;
572 } 586 }
573 587
@@ -579,7 +593,7 @@ struct sk_buff *nf_ct_frag6_gather(struct sk_buff *skb, u32 user)
579 } 593 }
580 spin_unlock_bh(&fq->q.lock); 594 spin_unlock_bh(&fq->q.lock);
581 595
582 fq_put(fq); 596 inet_frag_put(&fq->q, &nf_frags);
583 return ret_skb; 597 return ret_skb;
584 598
585ret_orig: 599ret_orig:
@@ -592,6 +606,7 @@ void nf_ct_frag6_output(unsigned int hooknum, struct sk_buff *skb,
592 int (*okfn)(struct sk_buff *)) 606 int (*okfn)(struct sk_buff *))
593{ 607{
594 struct sk_buff *s, *s2; 608 struct sk_buff *s, *s2;
609 unsigned int ret = 0;
595 610
596 for (s = NFCT_FRAG6_CB(skb)->orig; s;) { 611 for (s = NFCT_FRAG6_CB(skb)->orig; s;) {
597 nf_conntrack_put_reasm(s->nfct_reasm); 612 nf_conntrack_put_reasm(s->nfct_reasm);
@@ -601,49 +616,62 @@ void nf_ct_frag6_output(unsigned int hooknum, struct sk_buff *skb,
601 s2 = s->next; 616 s2 = s->next;
602 s->next = NULL; 617 s->next = NULL;
603 618
604 NF_HOOK_THRESH(NFPROTO_IPV6, hooknum, s, in, out, okfn, 619 if (ret != -ECANCELED)
605 NF_IP6_PRI_CONNTRACK_DEFRAG + 1); 620 ret = NF_HOOK_THRESH(NFPROTO_IPV6, hooknum, s,
621 in, out, okfn,
622 NF_IP6_PRI_CONNTRACK_DEFRAG + 1);
623 else
624 kfree_skb(s);
625
606 s = s2; 626 s = s2;
607 } 627 }
608 nf_conntrack_put_reasm(skb); 628 nf_conntrack_put_reasm(skb);
609} 629}
610 630
631static int nf_ct_net_init(struct net *net)
632{
633 net->nf_frag.frags.high_thresh = IPV6_FRAG_HIGH_THRESH;
634 net->nf_frag.frags.low_thresh = IPV6_FRAG_LOW_THRESH;
635 net->nf_frag.frags.timeout = IPV6_FRAG_TIMEOUT;
636 inet_frags_init_net(&net->nf_frag.frags);
637
638 return nf_ct_frag6_sysctl_register(net);
639}
640
641static void nf_ct_net_exit(struct net *net)
642{
643 nf_ct_frags6_sysctl_unregister(net);
644 inet_frags_exit_net(&net->nf_frag.frags, &nf_frags);
645}
646
647static struct pernet_operations nf_ct_net_ops = {
648 .init = nf_ct_net_init,
649 .exit = nf_ct_net_exit,
650};
651
611int nf_ct_frag6_init(void) 652int nf_ct_frag6_init(void)
612{ 653{
654 int ret = 0;
655
613 nf_frags.hashfn = nf_hashfn; 656 nf_frags.hashfn = nf_hashfn;
614 nf_frags.constructor = ip6_frag_init; 657 nf_frags.constructor = ip6_frag_init;
615 nf_frags.destructor = NULL; 658 nf_frags.destructor = NULL;
616 nf_frags.skb_free = nf_skb_free; 659 nf_frags.skb_free = nf_skb_free;
617 nf_frags.qsize = sizeof(struct nf_ct_frag6_queue); 660 nf_frags.qsize = sizeof(struct frag_queue);
618 nf_frags.match = ip6_frag_match; 661 nf_frags.match = ip6_frag_match;
619 nf_frags.frag_expire = nf_ct_frag6_expire; 662 nf_frags.frag_expire = nf_ct_frag6_expire;
620 nf_frags.secret_interval = 10 * 60 * HZ; 663 nf_frags.secret_interval = 10 * 60 * HZ;
621 nf_init_frags.timeout = IPV6_FRAG_TIMEOUT;
622 nf_init_frags.high_thresh = IPV6_FRAG_HIGH_THRESH;
623 nf_init_frags.low_thresh = IPV6_FRAG_LOW_THRESH;
624 inet_frags_init_net(&nf_init_frags);
625 inet_frags_init(&nf_frags); 664 inet_frags_init(&nf_frags);
626 665
627#ifdef CONFIG_SYSCTL 666 ret = register_pernet_subsys(&nf_ct_net_ops);
628 nf_ct_frag6_sysctl_header = register_net_sysctl(&init_net, "net/netfilter", 667 if (ret)
629 nf_ct_frag6_sysctl_table);
630 if (!nf_ct_frag6_sysctl_header) {
631 inet_frags_fini(&nf_frags); 668 inet_frags_fini(&nf_frags);
632 return -ENOMEM;
633 }
634#endif
635 669
636 return 0; 670 return ret;
637} 671}
638 672
639void nf_ct_frag6_cleanup(void) 673void nf_ct_frag6_cleanup(void)
640{ 674{
641#ifdef CONFIG_SYSCTL 675 unregister_pernet_subsys(&nf_ct_net_ops);
642 unregister_net_sysctl_table(nf_ct_frag6_sysctl_header);
643 nf_ct_frag6_sysctl_header = NULL;
644#endif
645 inet_frags_fini(&nf_frags); 676 inet_frags_fini(&nf_frags);
646
647 nf_init_frags.low_thresh = 0;
648 nf_ct_frag6_evictor();
649} 677}
diff --git a/net/ipv6/netfilter/nf_nat_l3proto_ipv6.c b/net/ipv6/netfilter/nf_nat_l3proto_ipv6.c
new file mode 100644
index 000000000000..abfe75a2e316
--- /dev/null
+++ b/net/ipv6/netfilter/nf_nat_l3proto_ipv6.c
@@ -0,0 +1,288 @@
1/*
2 * Copyright (c) 2011 Patrick McHardy <kaber@trash.net>
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
7 *
8 * Development of IPv6 NAT funded by Astaro.
9 */
10#include <linux/types.h>
11#include <linux/module.h>
12#include <linux/skbuff.h>
13#include <linux/ipv6.h>
14#include <linux/netfilter.h>
15#include <linux/netfilter_ipv6.h>
16#include <net/secure_seq.h>
17#include <net/checksum.h>
18#include <net/ip6_checksum.h>
19#include <net/ip6_route.h>
20#include <net/ipv6.h>
21
22#include <net/netfilter/nf_conntrack_core.h>
23#include <net/netfilter/nf_conntrack.h>
24#include <net/netfilter/nf_nat_core.h>
25#include <net/netfilter/nf_nat_l3proto.h>
26#include <net/netfilter/nf_nat_l4proto.h>
27
28static const struct nf_nat_l3proto nf_nat_l3proto_ipv6;
29
30#ifdef CONFIG_XFRM
31static void nf_nat_ipv6_decode_session(struct sk_buff *skb,
32 const struct nf_conn *ct,
33 enum ip_conntrack_dir dir,
34 unsigned long statusbit,
35 struct flowi *fl)
36{
37 const struct nf_conntrack_tuple *t = &ct->tuplehash[dir].tuple;
38 struct flowi6 *fl6 = &fl->u.ip6;
39
40 if (ct->status & statusbit) {
41 fl6->daddr = t->dst.u3.in6;
42 if (t->dst.protonum == IPPROTO_TCP ||
43 t->dst.protonum == IPPROTO_UDP ||
44 t->dst.protonum == IPPROTO_UDPLITE ||
45 t->dst.protonum == IPPROTO_DCCP ||
46 t->dst.protonum == IPPROTO_SCTP)
47 fl6->fl6_dport = t->dst.u.all;
48 }
49
50 statusbit ^= IPS_NAT_MASK;
51
52 if (ct->status & statusbit) {
53 fl6->saddr = t->src.u3.in6;
54 if (t->dst.protonum == IPPROTO_TCP ||
55 t->dst.protonum == IPPROTO_UDP ||
56 t->dst.protonum == IPPROTO_UDPLITE ||
57 t->dst.protonum == IPPROTO_DCCP ||
58 t->dst.protonum == IPPROTO_SCTP)
59 fl6->fl6_sport = t->src.u.all;
60 }
61}
62#endif
63
64static bool nf_nat_ipv6_in_range(const struct nf_conntrack_tuple *t,
65 const struct nf_nat_range *range)
66{
67 return ipv6_addr_cmp(&t->src.u3.in6, &range->min_addr.in6) >= 0 &&
68 ipv6_addr_cmp(&t->src.u3.in6, &range->max_addr.in6) <= 0;
69}
70
71static u32 nf_nat_ipv6_secure_port(const struct nf_conntrack_tuple *t,
72 __be16 dport)
73{
74 return secure_ipv6_port_ephemeral(t->src.u3.ip6, t->dst.u3.ip6, dport);
75}
76
77static bool nf_nat_ipv6_manip_pkt(struct sk_buff *skb,
78 unsigned int iphdroff,
79 const struct nf_nat_l4proto *l4proto,
80 const struct nf_conntrack_tuple *target,
81 enum nf_nat_manip_type maniptype)
82{
83 struct ipv6hdr *ipv6h;
84 __be16 frag_off;
85 int hdroff;
86 u8 nexthdr;
87
88 if (!skb_make_writable(skb, iphdroff + sizeof(*ipv6h)))
89 return false;
90
91 ipv6h = (void *)skb->data + iphdroff;
92 nexthdr = ipv6h->nexthdr;
93 hdroff = ipv6_skip_exthdr(skb, iphdroff + sizeof(*ipv6h),
94 &nexthdr, &frag_off);
95 if (hdroff < 0)
96 goto manip_addr;
97
98 if ((frag_off & htons(~0x7)) == 0 &&
99 !l4proto->manip_pkt(skb, &nf_nat_l3proto_ipv6, iphdroff, hdroff,
100 target, maniptype))
101 return false;
102manip_addr:
103 if (maniptype == NF_NAT_MANIP_SRC)
104 ipv6h->saddr = target->src.u3.in6;
105 else
106 ipv6h->daddr = target->dst.u3.in6;
107
108 return true;
109}
110
111static void nf_nat_ipv6_csum_update(struct sk_buff *skb,
112 unsigned int iphdroff, __sum16 *check,
113 const struct nf_conntrack_tuple *t,
114 enum nf_nat_manip_type maniptype)
115{
116 const struct ipv6hdr *ipv6h = (struct ipv6hdr *)(skb->data + iphdroff);
117 const struct in6_addr *oldip, *newip;
118
119 if (maniptype == NF_NAT_MANIP_SRC) {
120 oldip = &ipv6h->saddr;
121 newip = &t->src.u3.in6;
122 } else {
123 oldip = &ipv6h->daddr;
124 newip = &t->dst.u3.in6;
125 }
126 inet_proto_csum_replace16(check, skb, oldip->s6_addr32,
127 newip->s6_addr32, 1);
128}
129
130static void nf_nat_ipv6_csum_recalc(struct sk_buff *skb,
131 u8 proto, void *data, __sum16 *check,
132 int datalen, int oldlen)
133{
134 const struct ipv6hdr *ipv6h = ipv6_hdr(skb);
135 struct rt6_info *rt = (struct rt6_info *)skb_dst(skb);
136
137 if (skb->ip_summed != CHECKSUM_PARTIAL) {
138 if (!(rt->rt6i_flags & RTF_LOCAL) &&
139 (!skb->dev || skb->dev->features & NETIF_F_V6_CSUM)) {
140 skb->ip_summed = CHECKSUM_PARTIAL;
141 skb->csum_start = skb_headroom(skb) +
142 skb_network_offset(skb) +
143 (data - (void *)skb->data);
144 skb->csum_offset = (void *)check - data;
145 *check = ~csum_ipv6_magic(&ipv6h->saddr, &ipv6h->daddr,
146 datalen, proto, 0);
147 } else {
148 *check = 0;
149 *check = csum_ipv6_magic(&ipv6h->saddr, &ipv6h->daddr,
150 datalen, proto,
151 csum_partial(data, datalen,
152 0));
153 if (proto == IPPROTO_UDP && !*check)
154 *check = CSUM_MANGLED_0;
155 }
156 } else
157 inet_proto_csum_replace2(check, skb,
158 htons(oldlen), htons(datalen), 1);
159}
160
161static int nf_nat_ipv6_nlattr_to_range(struct nlattr *tb[],
162 struct nf_nat_range *range)
163{
164 if (tb[CTA_NAT_V6_MINIP]) {
165 nla_memcpy(&range->min_addr.ip6, tb[CTA_NAT_V6_MINIP],
166 sizeof(struct in6_addr));
167 range->flags |= NF_NAT_RANGE_MAP_IPS;
168 }
169
170 if (tb[CTA_NAT_V6_MAXIP])
171 nla_memcpy(&range->max_addr.ip6, tb[CTA_NAT_V6_MAXIP],
172 sizeof(struct in6_addr));
173 else
174 range->max_addr = range->min_addr;
175
176 return 0;
177}
178
179static const struct nf_nat_l3proto nf_nat_l3proto_ipv6 = {
180 .l3proto = NFPROTO_IPV6,
181 .secure_port = nf_nat_ipv6_secure_port,
182 .in_range = nf_nat_ipv6_in_range,
183 .manip_pkt = nf_nat_ipv6_manip_pkt,
184 .csum_update = nf_nat_ipv6_csum_update,
185 .csum_recalc = nf_nat_ipv6_csum_recalc,
186 .nlattr_to_range = nf_nat_ipv6_nlattr_to_range,
187#ifdef CONFIG_XFRM
188 .decode_session = nf_nat_ipv6_decode_session,
189#endif
190};
191
192int nf_nat_icmpv6_reply_translation(struct sk_buff *skb,
193 struct nf_conn *ct,
194 enum ip_conntrack_info ctinfo,
195 unsigned int hooknum,
196 unsigned int hdrlen)
197{
198 struct {
199 struct icmp6hdr icmp6;
200 struct ipv6hdr ip6;
201 } *inside;
202 enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo);
203 enum nf_nat_manip_type manip = HOOK2MANIP(hooknum);
204 const struct nf_nat_l4proto *l4proto;
205 struct nf_conntrack_tuple target;
206 unsigned long statusbit;
207
208 NF_CT_ASSERT(ctinfo == IP_CT_RELATED || ctinfo == IP_CT_RELATED_REPLY);
209
210 if (!skb_make_writable(skb, hdrlen + sizeof(*inside)))
211 return 0;
212 if (nf_ip6_checksum(skb, hooknum, hdrlen, IPPROTO_ICMPV6))
213 return 0;
214
215 inside = (void *)skb->data + hdrlen;
216 if (inside->icmp6.icmp6_type == NDISC_REDIRECT) {
217 if ((ct->status & IPS_NAT_DONE_MASK) != IPS_NAT_DONE_MASK)
218 return 0;
219 if (ct->status & IPS_NAT_MASK)
220 return 0;
221 }
222
223 if (manip == NF_NAT_MANIP_SRC)
224 statusbit = IPS_SRC_NAT;
225 else
226 statusbit = IPS_DST_NAT;
227
228 /* Invert if this is reply direction */
229 if (dir == IP_CT_DIR_REPLY)
230 statusbit ^= IPS_NAT_MASK;
231
232 if (!(ct->status & statusbit))
233 return 1;
234
235 l4proto = __nf_nat_l4proto_find(NFPROTO_IPV6, inside->ip6.nexthdr);
236 if (!nf_nat_ipv6_manip_pkt(skb, hdrlen + sizeof(inside->icmp6),
237 l4proto, &ct->tuplehash[!dir].tuple, !manip))
238 return 0;
239
240 if (skb->ip_summed != CHECKSUM_PARTIAL) {
241 struct ipv6hdr *ipv6h = ipv6_hdr(skb);
242 inside = (void *)skb->data + hdrlen;
243 inside->icmp6.icmp6_cksum = 0;
244 inside->icmp6.icmp6_cksum =
245 csum_ipv6_magic(&ipv6h->saddr, &ipv6h->daddr,
246 skb->len - hdrlen, IPPROTO_ICMPV6,
247 csum_partial(&inside->icmp6,
248 skb->len - hdrlen, 0));
249 }
250
251 nf_ct_invert_tuplepr(&target, &ct->tuplehash[!dir].tuple);
252 l4proto = __nf_nat_l4proto_find(NFPROTO_IPV6, IPPROTO_ICMPV6);
253 if (!nf_nat_ipv6_manip_pkt(skb, 0, l4proto, &target, manip))
254 return 0;
255
256 return 1;
257}
258EXPORT_SYMBOL_GPL(nf_nat_icmpv6_reply_translation);
259
260static int __init nf_nat_l3proto_ipv6_init(void)
261{
262 int err;
263
264 err = nf_nat_l4proto_register(NFPROTO_IPV6, &nf_nat_l4proto_icmpv6);
265 if (err < 0)
266 goto err1;
267 err = nf_nat_l3proto_register(&nf_nat_l3proto_ipv6);
268 if (err < 0)
269 goto err2;
270 return err;
271
272err2:
273 nf_nat_l4proto_unregister(NFPROTO_IPV6, &nf_nat_l4proto_icmpv6);
274err1:
275 return err;
276}
277
278static void __exit nf_nat_l3proto_ipv6_exit(void)
279{
280 nf_nat_l3proto_unregister(&nf_nat_l3proto_ipv6);
281 nf_nat_l4proto_unregister(NFPROTO_IPV6, &nf_nat_l4proto_icmpv6);
282}
283
284MODULE_LICENSE("GPL");
285MODULE_ALIAS("nf-nat-" __stringify(AF_INET6));
286
287module_init(nf_nat_l3proto_ipv6_init);
288module_exit(nf_nat_l3proto_ipv6_exit);
diff --git a/net/ipv6/netfilter/nf_nat_proto_icmpv6.c b/net/ipv6/netfilter/nf_nat_proto_icmpv6.c
new file mode 100644
index 000000000000..5d6da784305b
--- /dev/null
+++ b/net/ipv6/netfilter/nf_nat_proto_icmpv6.c
@@ -0,0 +1,90 @@
1/*
2 * Copyright (c) 2011 Patrick Mchardy <kaber@trash.net>
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
7 *
8 * Based on Rusty Russell's IPv4 ICMP NAT code. Development of IPv6
9 * NAT funded by Astaro.
10 */
11
12#include <linux/types.h>
13#include <linux/init.h>
14#include <linux/icmpv6.h>
15
16#include <linux/netfilter.h>
17#include <net/netfilter/nf_nat.h>
18#include <net/netfilter/nf_nat_core.h>
19#include <net/netfilter/nf_nat_l3proto.h>
20#include <net/netfilter/nf_nat_l4proto.h>
21
22static bool
23icmpv6_in_range(const struct nf_conntrack_tuple *tuple,
24 enum nf_nat_manip_type maniptype,
25 const union nf_conntrack_man_proto *min,
26 const union nf_conntrack_man_proto *max)
27{
28 return ntohs(tuple->src.u.icmp.id) >= ntohs(min->icmp.id) &&
29 ntohs(tuple->src.u.icmp.id) <= ntohs(max->icmp.id);
30}
31
32static void
33icmpv6_unique_tuple(const struct nf_nat_l3proto *l3proto,
34 struct nf_conntrack_tuple *tuple,
35 const struct nf_nat_range *range,
36 enum nf_nat_manip_type maniptype,
37 const struct nf_conn *ct)
38{
39 static u16 id;
40 unsigned int range_size;
41 unsigned int i;
42
43 range_size = ntohs(range->max_proto.icmp.id) -
44 ntohs(range->min_proto.icmp.id) + 1;
45
46 if (!(range->flags & NF_NAT_RANGE_PROTO_SPECIFIED))
47 range_size = 0xffff;
48
49 for (i = 0; ; ++id) {
50 tuple->src.u.icmp.id = htons(ntohs(range->min_proto.icmp.id) +
51 (id % range_size));
52 if (++i == range_size || !nf_nat_used_tuple(tuple, ct))
53 return;
54 }
55}
56
57static bool
58icmpv6_manip_pkt(struct sk_buff *skb,
59 const struct nf_nat_l3proto *l3proto,
60 unsigned int iphdroff, unsigned int hdroff,
61 const struct nf_conntrack_tuple *tuple,
62 enum nf_nat_manip_type maniptype)
63{
64 struct icmp6hdr *hdr;
65
66 if (!skb_make_writable(skb, hdroff + sizeof(*hdr)))
67 return false;
68
69 hdr = (struct icmp6hdr *)(skb->data + hdroff);
70 l3proto->csum_update(skb, iphdroff, &hdr->icmp6_cksum,
71 tuple, maniptype);
72 if (hdr->icmp6_code == ICMPV6_ECHO_REQUEST ||
73 hdr->icmp6_code == ICMPV6_ECHO_REPLY) {
74 inet_proto_csum_replace2(&hdr->icmp6_cksum, skb,
75 hdr->icmp6_identifier,
76 tuple->src.u.icmp.id, 0);
77 hdr->icmp6_identifier = tuple->src.u.icmp.id;
78 }
79 return true;
80}
81
82const struct nf_nat_l4proto nf_nat_l4proto_icmpv6 = {
83 .l4proto = IPPROTO_ICMPV6,
84 .manip_pkt = icmpv6_manip_pkt,
85 .in_range = icmpv6_in_range,
86 .unique_tuple = icmpv6_unique_tuple,
87#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
88 .nlattr_to_range = nf_nat_l4proto_nlattr_to_range,
89#endif
90};
diff --git a/net/ipv6/reassembly.c b/net/ipv6/reassembly.c
index 4ff9af628e72..da8a4e301b1b 100644
--- a/net/ipv6/reassembly.c
+++ b/net/ipv6/reassembly.c
@@ -65,36 +65,8 @@ struct ip6frag_skb_cb
65#define FRAG6_CB(skb) ((struct ip6frag_skb_cb*)((skb)->cb)) 65#define FRAG6_CB(skb) ((struct ip6frag_skb_cb*)((skb)->cb))
66 66
67 67
68/*
69 * Equivalent of ipv4 struct ipq
70 */
71
72struct frag_queue
73{
74 struct inet_frag_queue q;
75
76 __be32 id; /* fragment id */
77 u32 user;
78 struct in6_addr saddr;
79 struct in6_addr daddr;
80
81 int iif;
82 unsigned int csum;
83 __u16 nhoffset;
84};
85
86static struct inet_frags ip6_frags; 68static struct inet_frags ip6_frags;
87 69
88int ip6_frag_nqueues(struct net *net)
89{
90 return net->ipv6.frags.nqueues;
91}
92
93int ip6_frag_mem(struct net *net)
94{
95 return atomic_read(&net->ipv6.frags.mem);
96}
97
98static int ip6_frag_reasm(struct frag_queue *fq, struct sk_buff *prev, 70static int ip6_frag_reasm(struct frag_queue *fq, struct sk_buff *prev,
99 struct net_device *dev); 71 struct net_device *dev);
100 72
@@ -159,46 +131,18 @@ void ip6_frag_init(struct inet_frag_queue *q, void *a)
159} 131}
160EXPORT_SYMBOL(ip6_frag_init); 132EXPORT_SYMBOL(ip6_frag_init);
161 133
162/* Destruction primitives. */ 134void ip6_expire_frag_queue(struct net *net, struct frag_queue *fq,
163 135 struct inet_frags *frags)
164static __inline__ void fq_put(struct frag_queue *fq)
165{
166 inet_frag_put(&fq->q, &ip6_frags);
167}
168
169/* Kill fq entry. It is not destroyed immediately,
170 * because caller (and someone more) holds reference count.
171 */
172static __inline__ void fq_kill(struct frag_queue *fq)
173{
174 inet_frag_kill(&fq->q, &ip6_frags);
175}
176
177static void ip6_evictor(struct net *net, struct inet6_dev *idev)
178{ 136{
179 int evicted;
180
181 evicted = inet_frag_evictor(&net->ipv6.frags, &ip6_frags);
182 if (evicted)
183 IP6_ADD_STATS_BH(net, idev, IPSTATS_MIB_REASMFAILS, evicted);
184}
185
186static void ip6_frag_expire(unsigned long data)
187{
188 struct frag_queue *fq;
189 struct net_device *dev = NULL; 137 struct net_device *dev = NULL;
190 struct net *net;
191
192 fq = container_of((struct inet_frag_queue *)data, struct frag_queue, q);
193 138
194 spin_lock(&fq->q.lock); 139 spin_lock(&fq->q.lock);
195 140
196 if (fq->q.last_in & INET_FRAG_COMPLETE) 141 if (fq->q.last_in & INET_FRAG_COMPLETE)
197 goto out; 142 goto out;
198 143
199 fq_kill(fq); 144 inet_frag_kill(&fq->q, frags);
200 145
201 net = container_of(fq->q.net, struct net, ipv6.frags);
202 rcu_read_lock(); 146 rcu_read_lock();
203 dev = dev_get_by_index_rcu(net, fq->iif); 147 dev = dev_get_by_index_rcu(net, fq->iif);
204 if (!dev) 148 if (!dev)
@@ -222,7 +166,19 @@ out_rcu_unlock:
222 rcu_read_unlock(); 166 rcu_read_unlock();
223out: 167out:
224 spin_unlock(&fq->q.lock); 168 spin_unlock(&fq->q.lock);
225 fq_put(fq); 169 inet_frag_put(&fq->q, frags);
170}
171EXPORT_SYMBOL(ip6_expire_frag_queue);
172
173static void ip6_frag_expire(unsigned long data)
174{
175 struct frag_queue *fq;
176 struct net *net;
177
178 fq = container_of((struct inet_frag_queue *)data, struct frag_queue, q);
179 net = container_of(fq->q.net, struct net, ipv6.frags);
180
181 ip6_expire_frag_queue(net, fq, &ip6_frags);
226} 182}
227 183
228static __inline__ struct frag_queue * 184static __inline__ struct frag_queue *
@@ -391,7 +347,7 @@ found:
391 return -1; 347 return -1;
392 348
393discard_fq: 349discard_fq:
394 fq_kill(fq); 350 inet_frag_kill(&fq->q, &ip6_frags);
395err: 351err:
396 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)), 352 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)),
397 IPSTATS_MIB_REASMFAILS); 353 IPSTATS_MIB_REASMFAILS);
@@ -417,7 +373,7 @@ static int ip6_frag_reasm(struct frag_queue *fq, struct sk_buff *prev,
417 unsigned int nhoff; 373 unsigned int nhoff;
418 int sum_truesize; 374 int sum_truesize;
419 375
420 fq_kill(fq); 376 inet_frag_kill(&fq->q, &ip6_frags);
421 377
422 /* Make the one we just received the head. */ 378 /* Make the one we just received the head. */
423 if (prev) { 379 if (prev) {
@@ -550,6 +506,7 @@ static int ipv6_frag_rcv(struct sk_buff *skb)
550 struct frag_queue *fq; 506 struct frag_queue *fq;
551 const struct ipv6hdr *hdr = ipv6_hdr(skb); 507 const struct ipv6hdr *hdr = ipv6_hdr(skb);
552 struct net *net = dev_net(skb_dst(skb)->dev); 508 struct net *net = dev_net(skb_dst(skb)->dev);
509 int evicted;
553 510
554 IP6_INC_STATS_BH(net, ip6_dst_idev(skb_dst(skb)), IPSTATS_MIB_REASMREQDS); 511 IP6_INC_STATS_BH(net, ip6_dst_idev(skb_dst(skb)), IPSTATS_MIB_REASMREQDS);
555 512
@@ -574,8 +531,10 @@ static int ipv6_frag_rcv(struct sk_buff *skb)
574 return 1; 531 return 1;
575 } 532 }
576 533
577 if (atomic_read(&net->ipv6.frags.mem) > net->ipv6.frags.high_thresh) 534 evicted = inet_frag_evictor(&net->ipv6.frags, &ip6_frags, false);
578 ip6_evictor(net, ip6_dst_idev(skb_dst(skb))); 535 if (evicted)
536 IP6_ADD_STATS_BH(net, ip6_dst_idev(skb_dst(skb)),
537 IPSTATS_MIB_REASMFAILS, evicted);
579 538
580 fq = fq_find(net, fhdr->identification, &hdr->saddr, &hdr->daddr); 539 fq = fq_find(net, fhdr->identification, &hdr->saddr, &hdr->daddr);
581 if (fq != NULL) { 540 if (fq != NULL) {
@@ -586,7 +545,7 @@ static int ipv6_frag_rcv(struct sk_buff *skb)
586 ret = ip6_frag_queue(fq, skb, fhdr, IP6CB(skb)->nhoff); 545 ret = ip6_frag_queue(fq, skb, fhdr, IP6CB(skb)->nhoff);
587 546
588 spin_unlock(&fq->q.lock); 547 spin_unlock(&fq->q.lock);
589 fq_put(fq); 548 inet_frag_put(&fq->q, &ip6_frags);
590 return ret; 549 return ret;
591 } 550 }
592 551
diff --git a/net/ipv6/route.c b/net/ipv6/route.c
index 854e4018d205..d1ddbc6ddac5 100644
--- a/net/ipv6/route.c
+++ b/net/ipv6/route.c
@@ -222,7 +222,7 @@ static const u32 ip6_template_metrics[RTAX_MAX] = {
222 [RTAX_HOPLIMIT - 1] = 255, 222 [RTAX_HOPLIMIT - 1] = 255,
223}; 223};
224 224
225static struct rt6_info ip6_null_entry_template = { 225static const struct rt6_info ip6_null_entry_template = {
226 .dst = { 226 .dst = {
227 .__refcnt = ATOMIC_INIT(1), 227 .__refcnt = ATOMIC_INIT(1),
228 .__use = 1, 228 .__use = 1,
@@ -242,7 +242,7 @@ static struct rt6_info ip6_null_entry_template = {
242static int ip6_pkt_prohibit(struct sk_buff *skb); 242static int ip6_pkt_prohibit(struct sk_buff *skb);
243static int ip6_pkt_prohibit_out(struct sk_buff *skb); 243static int ip6_pkt_prohibit_out(struct sk_buff *skb);
244 244
245static struct rt6_info ip6_prohibit_entry_template = { 245static const struct rt6_info ip6_prohibit_entry_template = {
246 .dst = { 246 .dst = {
247 .__refcnt = ATOMIC_INIT(1), 247 .__refcnt = ATOMIC_INIT(1),
248 .__use = 1, 248 .__use = 1,
@@ -257,7 +257,7 @@ static struct rt6_info ip6_prohibit_entry_template = {
257 .rt6i_ref = ATOMIC_INIT(1), 257 .rt6i_ref = ATOMIC_INIT(1),
258}; 258};
259 259
260static struct rt6_info ip6_blk_hole_entry_template = { 260static const struct rt6_info ip6_blk_hole_entry_template = {
261 .dst = { 261 .dst = {
262 .__refcnt = ATOMIC_INIT(1), 262 .__refcnt = ATOMIC_INIT(1),
263 .__use = 1, 263 .__use = 1,
@@ -370,15 +370,11 @@ static void ip6_dst_ifdown(struct dst_entry *dst, struct net_device *dev,
370 370
371static bool rt6_check_expired(const struct rt6_info *rt) 371static bool rt6_check_expired(const struct rt6_info *rt)
372{ 372{
373 struct rt6_info *ort = NULL;
374
375 if (rt->rt6i_flags & RTF_EXPIRES) { 373 if (rt->rt6i_flags & RTF_EXPIRES) {
376 if (time_after(jiffies, rt->dst.expires)) 374 if (time_after(jiffies, rt->dst.expires))
377 return true; 375 return true;
378 } else if (rt->dst.from) { 376 } else if (rt->dst.from) {
379 ort = (struct rt6_info *) rt->dst.from; 377 return rt6_check_expired((struct rt6_info *) rt->dst.from);
380 return (ort->rt6i_flags & RTF_EXPIRES) &&
381 time_after(jiffies, ort->dst.expires);
382 } 378 }
383 return false; 379 return false;
384} 380}
@@ -452,10 +448,9 @@ static void rt6_probe(struct rt6_info *rt)
452 * Router Reachability Probe MUST be rate-limited 448 * Router Reachability Probe MUST be rate-limited
453 * to no more than one per minute. 449 * to no more than one per minute.
454 */ 450 */
455 rcu_read_lock();
456 neigh = rt ? rt->n : NULL; 451 neigh = rt ? rt->n : NULL;
457 if (!neigh || (neigh->nud_state & NUD_VALID)) 452 if (!neigh || (neigh->nud_state & NUD_VALID))
458 goto out; 453 return;
459 read_lock_bh(&neigh->lock); 454 read_lock_bh(&neigh->lock);
460 if (!(neigh->nud_state & NUD_VALID) && 455 if (!(neigh->nud_state & NUD_VALID) &&
461 time_after(jiffies, neigh->updated + rt->rt6i_idev->cnf.rtr_probe_interval)) { 456 time_after(jiffies, neigh->updated + rt->rt6i_idev->cnf.rtr_probe_interval)) {
@@ -471,8 +466,6 @@ static void rt6_probe(struct rt6_info *rt)
471 } else { 466 } else {
472 read_unlock_bh(&neigh->lock); 467 read_unlock_bh(&neigh->lock);
473 } 468 }
474out:
475 rcu_read_unlock();
476} 469}
477#else 470#else
478static inline void rt6_probe(struct rt6_info *rt) 471static inline void rt6_probe(struct rt6_info *rt)
@@ -499,7 +492,6 @@ static inline int rt6_check_neigh(struct rt6_info *rt)
499 struct neighbour *neigh; 492 struct neighbour *neigh;
500 int m; 493 int m;
501 494
502 rcu_read_lock();
503 neigh = rt->n; 495 neigh = rt->n;
504 if (rt->rt6i_flags & RTF_NONEXTHOP || 496 if (rt->rt6i_flags & RTF_NONEXTHOP ||
505 !(rt->rt6i_flags & RTF_GATEWAY)) 497 !(rt->rt6i_flags & RTF_GATEWAY))
@@ -517,7 +509,6 @@ static inline int rt6_check_neigh(struct rt6_info *rt)
517 read_unlock_bh(&neigh->lock); 509 read_unlock_bh(&neigh->lock);
518 } else 510 } else
519 m = 0; 511 m = 0;
520 rcu_read_unlock();
521 return m; 512 return m;
522} 513}
523 514
@@ -966,7 +957,7 @@ struct dst_entry * ip6_route_output(struct net *net, const struct sock *sk,
966{ 957{
967 int flags = 0; 958 int flags = 0;
968 959
969 fl6->flowi6_iif = net->loopback_dev->ifindex; 960 fl6->flowi6_iif = LOOPBACK_IFINDEX;
970 961
971 if ((sk && sk->sk_bound_dev_if) || rt6_need_strict(&fl6->daddr)) 962 if ((sk && sk->sk_bound_dev_if) || rt6_need_strict(&fl6->daddr))
972 flags |= RT6_LOOKUP_F_IFACE; 963 flags |= RT6_LOOKUP_F_IFACE;
@@ -1469,8 +1460,21 @@ int ip6_route_add(struct fib6_config *cfg)
1469 } 1460 }
1470 rt->dst.output = ip6_pkt_discard_out; 1461 rt->dst.output = ip6_pkt_discard_out;
1471 rt->dst.input = ip6_pkt_discard; 1462 rt->dst.input = ip6_pkt_discard;
1472 rt->dst.error = -ENETUNREACH;
1473 rt->rt6i_flags = RTF_REJECT|RTF_NONEXTHOP; 1463 rt->rt6i_flags = RTF_REJECT|RTF_NONEXTHOP;
1464 switch (cfg->fc_type) {
1465 case RTN_BLACKHOLE:
1466 rt->dst.error = -EINVAL;
1467 break;
1468 case RTN_PROHIBIT:
1469 rt->dst.error = -EACCES;
1470 break;
1471 case RTN_THROW:
1472 rt->dst.error = -EAGAIN;
1473 break;
1474 default:
1475 rt->dst.error = -ENETUNREACH;
1476 break;
1477 }
1474 goto install_route; 1478 goto install_route;
1475 } 1479 }
1476 1480
@@ -1835,7 +1839,7 @@ static struct rt6_info *rt6_get_route_info(struct net *net,
1835 if (!table) 1839 if (!table)
1836 return NULL; 1840 return NULL;
1837 1841
1838 write_lock_bh(&table->tb6_lock); 1842 read_lock_bh(&table->tb6_lock);
1839 fn = fib6_locate(&table->tb6_root, prefix ,prefixlen, NULL, 0); 1843 fn = fib6_locate(&table->tb6_root, prefix ,prefixlen, NULL, 0);
1840 if (!fn) 1844 if (!fn)
1841 goto out; 1845 goto out;
@@ -1851,7 +1855,7 @@ static struct rt6_info *rt6_get_route_info(struct net *net,
1851 break; 1855 break;
1852 } 1856 }
1853out: 1857out:
1854 write_unlock_bh(&table->tb6_lock); 1858 read_unlock_bh(&table->tb6_lock);
1855 return rt; 1859 return rt;
1856} 1860}
1857 1861
@@ -1867,7 +1871,7 @@ static struct rt6_info *rt6_add_route_info(struct net *net,
1867 .fc_dst_len = prefixlen, 1871 .fc_dst_len = prefixlen,
1868 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_ROUTEINFO | 1872 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_ROUTEINFO |
1869 RTF_UP | RTF_PREF(pref), 1873 RTF_UP | RTF_PREF(pref),
1870 .fc_nlinfo.pid = 0, 1874 .fc_nlinfo.portid = 0,
1871 .fc_nlinfo.nlh = NULL, 1875 .fc_nlinfo.nlh = NULL,
1872 .fc_nlinfo.nl_net = net, 1876 .fc_nlinfo.nl_net = net,
1873 }; 1877 };
@@ -1894,7 +1898,7 @@ struct rt6_info *rt6_get_dflt_router(const struct in6_addr *addr, struct net_dev
1894 if (!table) 1898 if (!table)
1895 return NULL; 1899 return NULL;
1896 1900
1897 write_lock_bh(&table->tb6_lock); 1901 read_lock_bh(&table->tb6_lock);
1898 for (rt = table->tb6_root.leaf; rt; rt=rt->dst.rt6_next) { 1902 for (rt = table->tb6_root.leaf; rt; rt=rt->dst.rt6_next) {
1899 if (dev == rt->dst.dev && 1903 if (dev == rt->dst.dev &&
1900 ((rt->rt6i_flags & (RTF_ADDRCONF | RTF_DEFAULT)) == (RTF_ADDRCONF | RTF_DEFAULT)) && 1904 ((rt->rt6i_flags & (RTF_ADDRCONF | RTF_DEFAULT)) == (RTF_ADDRCONF | RTF_DEFAULT)) &&
@@ -1903,7 +1907,7 @@ struct rt6_info *rt6_get_dflt_router(const struct in6_addr *addr, struct net_dev
1903 } 1907 }
1904 if (rt) 1908 if (rt)
1905 dst_hold(&rt->dst); 1909 dst_hold(&rt->dst);
1906 write_unlock_bh(&table->tb6_lock); 1910 read_unlock_bh(&table->tb6_lock);
1907 return rt; 1911 return rt;
1908} 1912}
1909 1913
@@ -1917,7 +1921,7 @@ struct rt6_info *rt6_add_dflt_router(const struct in6_addr *gwaddr,
1917 .fc_ifindex = dev->ifindex, 1921 .fc_ifindex = dev->ifindex,
1918 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_DEFAULT | 1922 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_DEFAULT |
1919 RTF_UP | RTF_EXPIRES | RTF_PREF(pref), 1923 RTF_UP | RTF_EXPIRES | RTF_PREF(pref),
1920 .fc_nlinfo.pid = 0, 1924 .fc_nlinfo.portid = 0,
1921 .fc_nlinfo.nlh = NULL, 1925 .fc_nlinfo.nlh = NULL,
1922 .fc_nlinfo.nl_net = dev_net(dev), 1926 .fc_nlinfo.nl_net = dev_net(dev),
1923 }; 1927 };
@@ -2266,14 +2270,18 @@ static int rtm_to_fib6_config(struct sk_buff *skb, struct nlmsghdr *nlh,
2266 cfg->fc_src_len = rtm->rtm_src_len; 2270 cfg->fc_src_len = rtm->rtm_src_len;
2267 cfg->fc_flags = RTF_UP; 2271 cfg->fc_flags = RTF_UP;
2268 cfg->fc_protocol = rtm->rtm_protocol; 2272 cfg->fc_protocol = rtm->rtm_protocol;
2273 cfg->fc_type = rtm->rtm_type;
2269 2274
2270 if (rtm->rtm_type == RTN_UNREACHABLE) 2275 if (rtm->rtm_type == RTN_UNREACHABLE ||
2276 rtm->rtm_type == RTN_BLACKHOLE ||
2277 rtm->rtm_type == RTN_PROHIBIT ||
2278 rtm->rtm_type == RTN_THROW)
2271 cfg->fc_flags |= RTF_REJECT; 2279 cfg->fc_flags |= RTF_REJECT;
2272 2280
2273 if (rtm->rtm_type == RTN_LOCAL) 2281 if (rtm->rtm_type == RTN_LOCAL)
2274 cfg->fc_flags |= RTF_LOCAL; 2282 cfg->fc_flags |= RTF_LOCAL;
2275 2283
2276 cfg->fc_nlinfo.pid = NETLINK_CB(skb).pid; 2284 cfg->fc_nlinfo.portid = NETLINK_CB(skb).portid;
2277 cfg->fc_nlinfo.nlh = nlh; 2285 cfg->fc_nlinfo.nlh = nlh;
2278 cfg->fc_nlinfo.nl_net = sock_net(skb->sk); 2286 cfg->fc_nlinfo.nl_net = sock_net(skb->sk);
2279 2287
@@ -2364,7 +2372,7 @@ static inline size_t rt6_nlmsg_size(void)
2364static int rt6_fill_node(struct net *net, 2372static int rt6_fill_node(struct net *net,
2365 struct sk_buff *skb, struct rt6_info *rt, 2373 struct sk_buff *skb, struct rt6_info *rt,
2366 struct in6_addr *dst, struct in6_addr *src, 2374 struct in6_addr *dst, struct in6_addr *src,
2367 int iif, int type, u32 pid, u32 seq, 2375 int iif, int type, u32 portid, u32 seq,
2368 int prefix, int nowait, unsigned int flags) 2376 int prefix, int nowait, unsigned int flags)
2369{ 2377{
2370 struct rtmsg *rtm; 2378 struct rtmsg *rtm;
@@ -2380,7 +2388,7 @@ static int rt6_fill_node(struct net *net,
2380 } 2388 }
2381 } 2389 }
2382 2390
2383 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*rtm), flags); 2391 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*rtm), flags);
2384 if (!nlh) 2392 if (!nlh)
2385 return -EMSGSIZE; 2393 return -EMSGSIZE;
2386 2394
@@ -2396,8 +2404,22 @@ static int rt6_fill_node(struct net *net,
2396 rtm->rtm_table = table; 2404 rtm->rtm_table = table;
2397 if (nla_put_u32(skb, RTA_TABLE, table)) 2405 if (nla_put_u32(skb, RTA_TABLE, table))
2398 goto nla_put_failure; 2406 goto nla_put_failure;
2399 if (rt->rt6i_flags & RTF_REJECT) 2407 if (rt->rt6i_flags & RTF_REJECT) {
2400 rtm->rtm_type = RTN_UNREACHABLE; 2408 switch (rt->dst.error) {
2409 case -EINVAL:
2410 rtm->rtm_type = RTN_BLACKHOLE;
2411 break;
2412 case -EACCES:
2413 rtm->rtm_type = RTN_PROHIBIT;
2414 break;
2415 case -EAGAIN:
2416 rtm->rtm_type = RTN_THROW;
2417 break;
2418 default:
2419 rtm->rtm_type = RTN_UNREACHABLE;
2420 break;
2421 }
2422 }
2401 else if (rt->rt6i_flags & RTF_LOCAL) 2423 else if (rt->rt6i_flags & RTF_LOCAL)
2402 rtm->rtm_type = RTN_LOCAL; 2424 rtm->rtm_type = RTN_LOCAL;
2403 else if (rt->dst.dev && (rt->dst.dev->flags & IFF_LOOPBACK)) 2425 else if (rt->dst.dev && (rt->dst.dev->flags & IFF_LOOPBACK))
@@ -2470,15 +2492,11 @@ static int rt6_fill_node(struct net *net,
2470 if (rtnetlink_put_metrics(skb, dst_metrics_ptr(&rt->dst)) < 0) 2492 if (rtnetlink_put_metrics(skb, dst_metrics_ptr(&rt->dst)) < 0)
2471 goto nla_put_failure; 2493 goto nla_put_failure;
2472 2494
2473 rcu_read_lock();
2474 n = rt->n; 2495 n = rt->n;
2475 if (n) { 2496 if (n) {
2476 if (nla_put(skb, RTA_GATEWAY, 16, &n->primary_key) < 0) { 2497 if (nla_put(skb, RTA_GATEWAY, 16, &n->primary_key) < 0)
2477 rcu_read_unlock();
2478 goto nla_put_failure; 2498 goto nla_put_failure;
2479 }
2480 } 2499 }
2481 rcu_read_unlock();
2482 2500
2483 if (rt->dst.dev && 2501 if (rt->dst.dev &&
2484 nla_put_u32(skb, RTA_OIF, rt->dst.dev->ifindex)) 2502 nla_put_u32(skb, RTA_OIF, rt->dst.dev->ifindex))
@@ -2511,7 +2529,7 @@ int rt6_dump_route(struct rt6_info *rt, void *p_arg)
2511 2529
2512 return rt6_fill_node(arg->net, 2530 return rt6_fill_node(arg->net,
2513 arg->skb, rt, NULL, NULL, 0, RTM_NEWROUTE, 2531 arg->skb, rt, NULL, NULL, 0, RTM_NEWROUTE,
2514 NETLINK_CB(arg->cb->skb).pid, arg->cb->nlh->nlmsg_seq, 2532 NETLINK_CB(arg->cb->skb).portid, arg->cb->nlh->nlmsg_seq,
2515 prefix, 0, NLM_F_MULTI); 2533 prefix, 0, NLM_F_MULTI);
2516} 2534}
2517 2535
@@ -2591,14 +2609,14 @@ static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh, void
2591 skb_dst_set(skb, &rt->dst); 2609 skb_dst_set(skb, &rt->dst);
2592 2610
2593 err = rt6_fill_node(net, skb, rt, &fl6.daddr, &fl6.saddr, iif, 2611 err = rt6_fill_node(net, skb, rt, &fl6.daddr, &fl6.saddr, iif,
2594 RTM_NEWROUTE, NETLINK_CB(in_skb).pid, 2612 RTM_NEWROUTE, NETLINK_CB(in_skb).portid,
2595 nlh->nlmsg_seq, 0, 0, 0); 2613 nlh->nlmsg_seq, 0, 0, 0);
2596 if (err < 0) { 2614 if (err < 0) {
2597 kfree_skb(skb); 2615 kfree_skb(skb);
2598 goto errout; 2616 goto errout;
2599 } 2617 }
2600 2618
2601 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).pid); 2619 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
2602errout: 2620errout:
2603 return err; 2621 return err;
2604} 2622}
@@ -2618,14 +2636,14 @@ void inet6_rt_notify(int event, struct rt6_info *rt, struct nl_info *info)
2618 goto errout; 2636 goto errout;
2619 2637
2620 err = rt6_fill_node(net, skb, rt, NULL, NULL, 0, 2638 err = rt6_fill_node(net, skb, rt, NULL, NULL, 0,
2621 event, info->pid, seq, 0, 0, 0); 2639 event, info->portid, seq, 0, 0, 0);
2622 if (err < 0) { 2640 if (err < 0) {
2623 /* -EMSGSIZE implies BUG in rt6_nlmsg_size() */ 2641 /* -EMSGSIZE implies BUG in rt6_nlmsg_size() */
2624 WARN_ON(err == -EMSGSIZE); 2642 WARN_ON(err == -EMSGSIZE);
2625 kfree_skb(skb); 2643 kfree_skb(skb);
2626 goto errout; 2644 goto errout;
2627 } 2645 }
2628 rtnl_notify(skb, net, info->pid, RTNLGRP_IPV6_ROUTE, 2646 rtnl_notify(skb, net, info->portid, RTNLGRP_IPV6_ROUTE,
2629 info->nlh, gfp_any()); 2647 info->nlh, gfp_any());
2630 return; 2648 return;
2631errout: 2649errout:
@@ -2680,14 +2698,12 @@ static int rt6_info_route(struct rt6_info *rt, void *p_arg)
2680#else 2698#else
2681 seq_puts(m, "00000000000000000000000000000000 00 "); 2699 seq_puts(m, "00000000000000000000000000000000 00 ");
2682#endif 2700#endif
2683 rcu_read_lock();
2684 n = rt->n; 2701 n = rt->n;
2685 if (n) { 2702 if (n) {
2686 seq_printf(m, "%pi6", n->primary_key); 2703 seq_printf(m, "%pi6", n->primary_key);
2687 } else { 2704 } else {
2688 seq_puts(m, "00000000000000000000000000000000"); 2705 seq_puts(m, "00000000000000000000000000000000");
2689 } 2706 }
2690 rcu_read_unlock();
2691 seq_printf(m, " %08x %08x %08x %08x %8s\n", 2707 seq_printf(m, " %08x %08x %08x %08x %8s\n",
2692 rt->rt6i_metric, atomic_read(&rt->dst.__refcnt), 2708 rt->rt6i_metric, atomic_read(&rt->dst.__refcnt),
2693 rt->dst.__use, rt->rt6i_flags, 2709 rt->dst.__use, rt->rt6i_flags,
diff --git a/net/ipv6/sit.c b/net/ipv6/sit.c
index 3bd1bfc01f85..3ed54ffd8d50 100644
--- a/net/ipv6/sit.c
+++ b/net/ipv6/sit.c
@@ -545,7 +545,6 @@ static int ipip6_err(struct sk_buff *skb, u32 info)
545 545
546 err = -ENOENT; 546 err = -ENOENT;
547 547
548 rcu_read_lock();
549 t = ipip6_tunnel_lookup(dev_net(skb->dev), 548 t = ipip6_tunnel_lookup(dev_net(skb->dev),
550 skb->dev, 549 skb->dev,
551 iph->daddr, 550 iph->daddr,
@@ -579,7 +578,6 @@ static int ipip6_err(struct sk_buff *skb, u32 info)
579 t->err_count = 1; 578 t->err_count = 1;
580 t->err_time = jiffies; 579 t->err_time = jiffies;
581out: 580out:
582 rcu_read_unlock();
583 return err; 581 return err;
584} 582}
585 583
@@ -599,7 +597,6 @@ static int ipip6_rcv(struct sk_buff *skb)
599 597
600 iph = ip_hdr(skb); 598 iph = ip_hdr(skb);
601 599
602 rcu_read_lock();
603 tunnel = ipip6_tunnel_lookup(dev_net(skb->dev), skb->dev, 600 tunnel = ipip6_tunnel_lookup(dev_net(skb->dev), skb->dev,
604 iph->saddr, iph->daddr); 601 iph->saddr, iph->daddr);
605 if (tunnel != NULL) { 602 if (tunnel != NULL) {
@@ -615,7 +612,6 @@ static int ipip6_rcv(struct sk_buff *skb)
615 if ((tunnel->dev->priv_flags & IFF_ISATAP) && 612 if ((tunnel->dev->priv_flags & IFF_ISATAP) &&
616 !isatap_chksrc(skb, iph, tunnel)) { 613 !isatap_chksrc(skb, iph, tunnel)) {
617 tunnel->dev->stats.rx_errors++; 614 tunnel->dev->stats.rx_errors++;
618 rcu_read_unlock();
619 kfree_skb(skb); 615 kfree_skb(skb);
620 return 0; 616 return 0;
621 } 617 }
@@ -630,12 +626,10 @@ static int ipip6_rcv(struct sk_buff *skb)
630 626
631 netif_rx(skb); 627 netif_rx(skb);
632 628
633 rcu_read_unlock();
634 return 0; 629 return 0;
635 } 630 }
636 631
637 /* no tunnel matched, let upstream know, ipsec may handle it */ 632 /* no tunnel matched, let upstream know, ipsec may handle it */
638 rcu_read_unlock();
639 return 1; 633 return 1;
640out: 634out:
641 kfree_skb(skb); 635 kfree_skb(skb);
diff --git a/net/ipv6/syncookies.c b/net/ipv6/syncookies.c
index bb46061c813a..182ab9a85d6c 100644
--- a/net/ipv6/syncookies.c
+++ b/net/ipv6/syncookies.c
@@ -190,6 +190,7 @@ struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb)
190 ireq = inet_rsk(req); 190 ireq = inet_rsk(req);
191 ireq6 = inet6_rsk(req); 191 ireq6 = inet6_rsk(req);
192 treq = tcp_rsk(req); 192 treq = tcp_rsk(req);
193 treq->listener = NULL;
193 194
194 if (security_inet_conn_request(sk, skb, req)) 195 if (security_inet_conn_request(sk, skb, req))
195 goto out_free; 196 goto out_free;
diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c
index 342ec62cdbde..49c890386ce9 100644
--- a/net/ipv6/tcp_ipv6.c
+++ b/net/ipv6/tcp_ipv6.c
@@ -476,7 +476,7 @@ static int tcp_v6_send_synack(struct sock *sk, struct dst_entry *dst,
476 if (!dst && (dst = inet6_csk_route_req(sk, fl6, req)) == NULL) 476 if (!dst && (dst = inet6_csk_route_req(sk, fl6, req)) == NULL)
477 goto done; 477 goto done;
478 478
479 skb = tcp_make_synack(sk, dst, req, rvp); 479 skb = tcp_make_synack(sk, dst, req, rvp, NULL);
480 480
481 if (skb) { 481 if (skb) {
482 __tcp_v6_send_check(skb, &treq->loc_addr, &treq->rmt_addr); 482 __tcp_v6_send_check(skb, &treq->loc_addr, &treq->rmt_addr);
@@ -763,6 +763,8 @@ static struct sk_buff **tcp6_gro_receive(struct sk_buff **head,
763 struct sk_buff *skb) 763 struct sk_buff *skb)
764{ 764{
765 const struct ipv6hdr *iph = skb_gro_network_header(skb); 765 const struct ipv6hdr *iph = skb_gro_network_header(skb);
766 __wsum wsum;
767 __sum16 sum;
766 768
767 switch (skb->ip_summed) { 769 switch (skb->ip_summed) {
768 case CHECKSUM_COMPLETE: 770 case CHECKSUM_COMPLETE:
@@ -771,11 +773,23 @@ static struct sk_buff **tcp6_gro_receive(struct sk_buff **head,
771 skb->ip_summed = CHECKSUM_UNNECESSARY; 773 skb->ip_summed = CHECKSUM_UNNECESSARY;
772 break; 774 break;
773 } 775 }
774 776flush:
775 /* fall through */
776 case CHECKSUM_NONE:
777 NAPI_GRO_CB(skb)->flush = 1; 777 NAPI_GRO_CB(skb)->flush = 1;
778 return NULL; 778 return NULL;
779
780 case CHECKSUM_NONE:
781 wsum = ~csum_unfold(csum_ipv6_magic(&iph->saddr, &iph->daddr,
782 skb_gro_len(skb),
783 IPPROTO_TCP, 0));
784 sum = csum_fold(skb_checksum(skb,
785 skb_gro_offset(skb),
786 skb_gro_len(skb),
787 wsum));
788 if (sum)
789 goto flush;
790
791 skb->ip_summed = CHECKSUM_UNNECESSARY;
792 break;
779 } 793 }
780 794
781 return tcp_gro_receive(head, skb); 795 return tcp_gro_receive(head, skb);
@@ -988,7 +1002,7 @@ static struct sock *tcp_v6_hnd_req(struct sock *sk,struct sk_buff *skb)
988 &ipv6_hdr(skb)->saddr, 1002 &ipv6_hdr(skb)->saddr,
989 &ipv6_hdr(skb)->daddr, inet6_iif(skb)); 1003 &ipv6_hdr(skb)->daddr, inet6_iif(skb));
990 if (req) 1004 if (req)
991 return tcp_check_req(sk, skb, req, prev); 1005 return tcp_check_req(sk, skb, req, prev, false);
992 1006
993 nsk = __inet6_lookup_established(sock_net(sk), &tcp_hashinfo, 1007 nsk = __inet6_lookup_established(sock_net(sk), &tcp_hashinfo,
994 &ipv6_hdr(skb)->saddr, th->source, 1008 &ipv6_hdr(skb)->saddr, th->source,
@@ -1169,7 +1183,6 @@ static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1169 } 1183 }
1170have_isn: 1184have_isn:
1171 tcp_rsk(req)->snt_isn = isn; 1185 tcp_rsk(req)->snt_isn = isn;
1172 tcp_rsk(req)->snt_synack = tcp_time_stamp;
1173 1186
1174 if (security_inet_conn_request(sk, skb, req)) 1187 if (security_inet_conn_request(sk, skb, req))
1175 goto drop_and_release; 1188 goto drop_and_release;
@@ -1180,6 +1193,8 @@ have_isn:
1180 want_cookie) 1193 want_cookie)
1181 goto drop_and_free; 1194 goto drop_and_free;
1182 1195
1196 tcp_rsk(req)->snt_synack = tcp_time_stamp;
1197 tcp_rsk(req)->listener = NULL;
1183 inet6_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT); 1198 inet6_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT);
1184 return 0; 1199 return 0;
1185 1200
@@ -1347,9 +1362,7 @@ static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
1347 newtp->advmss = tcp_sk(sk)->rx_opt.user_mss; 1362 newtp->advmss = tcp_sk(sk)->rx_opt.user_mss;
1348 1363
1349 tcp_initialize_rcv_mss(newsk); 1364 tcp_initialize_rcv_mss(newsk);
1350 if (tcp_rsk(req)->snt_synack) 1365 tcp_synack_rtt_meas(newsk, req);
1351 tcp_valid_rtt_meas(newsk,
1352 tcp_time_stamp - tcp_rsk(req)->snt_synack);
1353 newtp->total_retrans = req->retrans; 1366 newtp->total_retrans = req->retrans;
1354 1367
1355 newinet->inet_daddr = newinet->inet_saddr = LOOPBACK4_IPV6; 1368 newinet->inet_daddr = newinet->inet_saddr = LOOPBACK4_IPV6;
@@ -1901,7 +1914,7 @@ static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1901 tp->write_seq-tp->snd_una, 1914 tp->write_seq-tp->snd_una,
1902 (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq), 1915 (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq),
1903 timer_active, 1916 timer_active,
1904 jiffies_to_clock_t(timer_expires - jiffies), 1917 jiffies_delta_to_clock_t(timer_expires - jiffies),
1905 icsk->icsk_retransmits, 1918 icsk->icsk_retransmits,
1906 from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)), 1919 from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)),
1907 icsk->icsk_probes_out, 1920 icsk->icsk_probes_out,
@@ -1921,10 +1934,7 @@ static void get_timewait6_sock(struct seq_file *seq,
1921 const struct in6_addr *dest, *src; 1934 const struct in6_addr *dest, *src;
1922 __u16 destp, srcp; 1935 __u16 destp, srcp;
1923 const struct inet6_timewait_sock *tw6 = inet6_twsk((struct sock *)tw); 1936 const struct inet6_timewait_sock *tw6 = inet6_twsk((struct sock *)tw);
1924 int ttd = tw->tw_ttd - jiffies; 1937 long delta = tw->tw_ttd - jiffies;
1925
1926 if (ttd < 0)
1927 ttd = 0;
1928 1938
1929 dest = &tw6->tw_v6_daddr; 1939 dest = &tw6->tw_v6_daddr;
1930 src = &tw6->tw_v6_rcv_saddr; 1940 src = &tw6->tw_v6_rcv_saddr;
@@ -1940,7 +1950,7 @@ static void get_timewait6_sock(struct seq_file *seq,
1940 dest->s6_addr32[0], dest->s6_addr32[1], 1950 dest->s6_addr32[0], dest->s6_addr32[1],
1941 dest->s6_addr32[2], dest->s6_addr32[3], destp, 1951 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1942 tw->tw_substate, 0, 0, 1952 tw->tw_substate, 0, 0,
1943 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0, 1953 3, jiffies_delta_to_clock_t(delta), 0, 0, 0, 0,
1944 atomic_read(&tw->tw_refcnt), tw); 1954 atomic_read(&tw->tw_refcnt), tw);
1945} 1955}
1946 1956
diff --git a/net/irda/irnetlink.c b/net/irda/irnetlink.c
index 6c7c4b92e4f8..c32971269280 100644
--- a/net/irda/irnetlink.c
+++ b/net/irda/irnetlink.c
@@ -100,7 +100,7 @@ static int irda_nl_get_mode(struct sk_buff *skb, struct genl_info *info)
100 goto err_out; 100 goto err_out;
101 } 101 }
102 102
103 hdr = genlmsg_put(msg, info->snd_pid, info->snd_seq, 103 hdr = genlmsg_put(msg, info->snd_portid, info->snd_seq,
104 &irda_nl_family, 0, IRDA_NL_CMD_GET_MODE); 104 &irda_nl_family, 0, IRDA_NL_CMD_GET_MODE);
105 if (hdr == NULL) { 105 if (hdr == NULL) {
106 ret = -EMSGSIZE; 106 ret = -EMSGSIZE;
diff --git a/net/key/af_key.c b/net/key/af_key.c
index 0481d4b51476..08897a3c7ec7 100644
--- a/net/key/af_key.c
+++ b/net/key/af_key.c
@@ -54,7 +54,7 @@ struct pfkey_sock {
54 54
55 struct { 55 struct {
56 uint8_t msg_version; 56 uint8_t msg_version;
57 uint32_t msg_pid; 57 uint32_t msg_portid;
58 int (*dump)(struct pfkey_sock *sk); 58 int (*dump)(struct pfkey_sock *sk);
59 void (*done)(struct pfkey_sock *sk); 59 void (*done)(struct pfkey_sock *sk);
60 union { 60 union {
@@ -1447,7 +1447,7 @@ static int key_notify_sa(struct xfrm_state *x, const struct km_event *c)
1447 hdr->sadb_msg_errno = 0; 1447 hdr->sadb_msg_errno = 0;
1448 hdr->sadb_msg_reserved = 0; 1448 hdr->sadb_msg_reserved = 0;
1449 hdr->sadb_msg_seq = c->seq; 1449 hdr->sadb_msg_seq = c->seq;
1450 hdr->sadb_msg_pid = c->pid; 1450 hdr->sadb_msg_pid = c->portid;
1451 1451
1452 pfkey_broadcast(skb, GFP_ATOMIC, BROADCAST_ALL, NULL, xs_net(x)); 1452 pfkey_broadcast(skb, GFP_ATOMIC, BROADCAST_ALL, NULL, xs_net(x));
1453 1453
@@ -1486,7 +1486,7 @@ static int pfkey_add(struct sock *sk, struct sk_buff *skb, const struct sadb_msg
1486 else 1486 else
1487 c.event = XFRM_MSG_UPDSA; 1487 c.event = XFRM_MSG_UPDSA;
1488 c.seq = hdr->sadb_msg_seq; 1488 c.seq = hdr->sadb_msg_seq;
1489 c.pid = hdr->sadb_msg_pid; 1489 c.portid = hdr->sadb_msg_pid;
1490 km_state_notify(x, &c); 1490 km_state_notify(x, &c);
1491out: 1491out:
1492 xfrm_state_put(x); 1492 xfrm_state_put(x);
@@ -1523,7 +1523,7 @@ static int pfkey_delete(struct sock *sk, struct sk_buff *skb, const struct sadb_
1523 goto out; 1523 goto out;
1524 1524
1525 c.seq = hdr->sadb_msg_seq; 1525 c.seq = hdr->sadb_msg_seq;
1526 c.pid = hdr->sadb_msg_pid; 1526 c.portid = hdr->sadb_msg_pid;
1527 c.event = XFRM_MSG_DELSA; 1527 c.event = XFRM_MSG_DELSA;
1528 km_state_notify(x, &c); 1528 km_state_notify(x, &c);
1529out: 1529out:
@@ -1701,7 +1701,7 @@ static int key_notify_sa_flush(const struct km_event *c)
1701 hdr->sadb_msg_satype = pfkey_proto2satype(c->data.proto); 1701 hdr->sadb_msg_satype = pfkey_proto2satype(c->data.proto);
1702 hdr->sadb_msg_type = SADB_FLUSH; 1702 hdr->sadb_msg_type = SADB_FLUSH;
1703 hdr->sadb_msg_seq = c->seq; 1703 hdr->sadb_msg_seq = c->seq;
1704 hdr->sadb_msg_pid = c->pid; 1704 hdr->sadb_msg_pid = c->portid;
1705 hdr->sadb_msg_version = PF_KEY_V2; 1705 hdr->sadb_msg_version = PF_KEY_V2;
1706 hdr->sadb_msg_errno = (uint8_t) 0; 1706 hdr->sadb_msg_errno = (uint8_t) 0;
1707 hdr->sadb_msg_len = (sizeof(struct sadb_msg) / sizeof(uint64_t)); 1707 hdr->sadb_msg_len = (sizeof(struct sadb_msg) / sizeof(uint64_t));
@@ -1736,7 +1736,7 @@ static int pfkey_flush(struct sock *sk, struct sk_buff *skb, const struct sadb_m
1736 1736
1737 c.data.proto = proto; 1737 c.data.proto = proto;
1738 c.seq = hdr->sadb_msg_seq; 1738 c.seq = hdr->sadb_msg_seq;
1739 c.pid = hdr->sadb_msg_pid; 1739 c.portid = hdr->sadb_msg_pid;
1740 c.event = XFRM_MSG_FLUSHSA; 1740 c.event = XFRM_MSG_FLUSHSA;
1741 c.net = net; 1741 c.net = net;
1742 km_state_notify(NULL, &c); 1742 km_state_notify(NULL, &c);
@@ -1764,7 +1764,7 @@ static int dump_sa(struct xfrm_state *x, int count, void *ptr)
1764 out_hdr->sadb_msg_errno = 0; 1764 out_hdr->sadb_msg_errno = 0;
1765 out_hdr->sadb_msg_reserved = 0; 1765 out_hdr->sadb_msg_reserved = 0;
1766 out_hdr->sadb_msg_seq = count + 1; 1766 out_hdr->sadb_msg_seq = count + 1;
1767 out_hdr->sadb_msg_pid = pfk->dump.msg_pid; 1767 out_hdr->sadb_msg_pid = pfk->dump.msg_portid;
1768 1768
1769 if (pfk->dump.skb) 1769 if (pfk->dump.skb)
1770 pfkey_broadcast(pfk->dump.skb, GFP_ATOMIC, BROADCAST_ONE, 1770 pfkey_broadcast(pfk->dump.skb, GFP_ATOMIC, BROADCAST_ONE,
@@ -1798,7 +1798,7 @@ static int pfkey_dump(struct sock *sk, struct sk_buff *skb, const struct sadb_ms
1798 return -EINVAL; 1798 return -EINVAL;
1799 1799
1800 pfk->dump.msg_version = hdr->sadb_msg_version; 1800 pfk->dump.msg_version = hdr->sadb_msg_version;
1801 pfk->dump.msg_pid = hdr->sadb_msg_pid; 1801 pfk->dump.msg_portid = hdr->sadb_msg_pid;
1802 pfk->dump.dump = pfkey_dump_sa; 1802 pfk->dump.dump = pfkey_dump_sa;
1803 pfk->dump.done = pfkey_dump_sa_done; 1803 pfk->dump.done = pfkey_dump_sa_done;
1804 xfrm_state_walk_init(&pfk->dump.u.state, proto); 1804 xfrm_state_walk_init(&pfk->dump.u.state, proto);
@@ -1923,6 +1923,9 @@ parse_ipsecrequests(struct xfrm_policy *xp, struct sadb_x_policy *pol)
1923 int len = pol->sadb_x_policy_len*8 - sizeof(struct sadb_x_policy); 1923 int len = pol->sadb_x_policy_len*8 - sizeof(struct sadb_x_policy);
1924 struct sadb_x_ipsecrequest *rq = (void*)(pol+1); 1924 struct sadb_x_ipsecrequest *rq = (void*)(pol+1);
1925 1925
1926 if (pol->sadb_x_policy_len * 8 < sizeof(struct sadb_x_policy))
1927 return -EINVAL;
1928
1926 while (len >= sizeof(struct sadb_x_ipsecrequest)) { 1929 while (len >= sizeof(struct sadb_x_ipsecrequest)) {
1927 if ((err = parse_ipsecrequest(xp, rq)) < 0) 1930 if ((err = parse_ipsecrequest(xp, rq)) < 0)
1928 return err; 1931 return err;
@@ -2157,7 +2160,7 @@ static int key_notify_policy(struct xfrm_policy *xp, int dir, const struct km_ev
2157 out_hdr->sadb_msg_type = event2poltype(c->event); 2160 out_hdr->sadb_msg_type = event2poltype(c->event);
2158 out_hdr->sadb_msg_errno = 0; 2161 out_hdr->sadb_msg_errno = 0;
2159 out_hdr->sadb_msg_seq = c->seq; 2162 out_hdr->sadb_msg_seq = c->seq;
2160 out_hdr->sadb_msg_pid = c->pid; 2163 out_hdr->sadb_msg_pid = c->portid;
2161 pfkey_broadcast(out_skb, GFP_ATOMIC, BROADCAST_ALL, NULL, xp_net(xp)); 2164 pfkey_broadcast(out_skb, GFP_ATOMIC, BROADCAST_ALL, NULL, xp_net(xp));
2162 return 0; 2165 return 0;
2163 2166
@@ -2272,7 +2275,7 @@ static int pfkey_spdadd(struct sock *sk, struct sk_buff *skb, const struct sadb_
2272 c.event = XFRM_MSG_NEWPOLICY; 2275 c.event = XFRM_MSG_NEWPOLICY;
2273 2276
2274 c.seq = hdr->sadb_msg_seq; 2277 c.seq = hdr->sadb_msg_seq;
2275 c.pid = hdr->sadb_msg_pid; 2278 c.portid = hdr->sadb_msg_pid;
2276 2279
2277 km_policy_notify(xp, pol->sadb_x_policy_dir-1, &c); 2280 km_policy_notify(xp, pol->sadb_x_policy_dir-1, &c);
2278 xfrm_pol_put(xp); 2281 xfrm_pol_put(xp);
@@ -2351,7 +2354,7 @@ static int pfkey_spddelete(struct sock *sk, struct sk_buff *skb, const struct sa
2351 goto out; 2354 goto out;
2352 2355
2353 c.seq = hdr->sadb_msg_seq; 2356 c.seq = hdr->sadb_msg_seq;
2354 c.pid = hdr->sadb_msg_pid; 2357 c.portid = hdr->sadb_msg_pid;
2355 c.data.byid = 0; 2358 c.data.byid = 0;
2356 c.event = XFRM_MSG_DELPOLICY; 2359 c.event = XFRM_MSG_DELPOLICY;
2357 km_policy_notify(xp, pol->sadb_x_policy_dir-1, &c); 2360 km_policy_notify(xp, pol->sadb_x_policy_dir-1, &c);
@@ -2597,7 +2600,7 @@ static int pfkey_spdget(struct sock *sk, struct sk_buff *skb, const struct sadb_
2597 if (err) 2600 if (err)
2598 goto out; 2601 goto out;
2599 c.seq = hdr->sadb_msg_seq; 2602 c.seq = hdr->sadb_msg_seq;
2600 c.pid = hdr->sadb_msg_pid; 2603 c.portid = hdr->sadb_msg_pid;
2601 c.data.byid = 1; 2604 c.data.byid = 1;
2602 c.event = XFRM_MSG_DELPOLICY; 2605 c.event = XFRM_MSG_DELPOLICY;
2603 km_policy_notify(xp, dir, &c); 2606 km_policy_notify(xp, dir, &c);
@@ -2634,7 +2637,7 @@ static int dump_sp(struct xfrm_policy *xp, int dir, int count, void *ptr)
2634 out_hdr->sadb_msg_satype = SADB_SATYPE_UNSPEC; 2637 out_hdr->sadb_msg_satype = SADB_SATYPE_UNSPEC;
2635 out_hdr->sadb_msg_errno = 0; 2638 out_hdr->sadb_msg_errno = 0;
2636 out_hdr->sadb_msg_seq = count + 1; 2639 out_hdr->sadb_msg_seq = count + 1;
2637 out_hdr->sadb_msg_pid = pfk->dump.msg_pid; 2640 out_hdr->sadb_msg_pid = pfk->dump.msg_portid;
2638 2641
2639 if (pfk->dump.skb) 2642 if (pfk->dump.skb)
2640 pfkey_broadcast(pfk->dump.skb, GFP_ATOMIC, BROADCAST_ONE, 2643 pfkey_broadcast(pfk->dump.skb, GFP_ATOMIC, BROADCAST_ONE,
@@ -2663,7 +2666,7 @@ static int pfkey_spddump(struct sock *sk, struct sk_buff *skb, const struct sadb
2663 return -EBUSY; 2666 return -EBUSY;
2664 2667
2665 pfk->dump.msg_version = hdr->sadb_msg_version; 2668 pfk->dump.msg_version = hdr->sadb_msg_version;
2666 pfk->dump.msg_pid = hdr->sadb_msg_pid; 2669 pfk->dump.msg_portid = hdr->sadb_msg_pid;
2667 pfk->dump.dump = pfkey_dump_sp; 2670 pfk->dump.dump = pfkey_dump_sp;
2668 pfk->dump.done = pfkey_dump_sp_done; 2671 pfk->dump.done = pfkey_dump_sp_done;
2669 xfrm_policy_walk_init(&pfk->dump.u.policy, XFRM_POLICY_TYPE_MAIN); 2672 xfrm_policy_walk_init(&pfk->dump.u.policy, XFRM_POLICY_TYPE_MAIN);
@@ -2682,7 +2685,7 @@ static int key_notify_policy_flush(const struct km_event *c)
2682 hdr = (struct sadb_msg *) skb_put(skb_out, sizeof(struct sadb_msg)); 2685 hdr = (struct sadb_msg *) skb_put(skb_out, sizeof(struct sadb_msg));
2683 hdr->sadb_msg_type = SADB_X_SPDFLUSH; 2686 hdr->sadb_msg_type = SADB_X_SPDFLUSH;
2684 hdr->sadb_msg_seq = c->seq; 2687 hdr->sadb_msg_seq = c->seq;
2685 hdr->sadb_msg_pid = c->pid; 2688 hdr->sadb_msg_pid = c->portid;
2686 hdr->sadb_msg_version = PF_KEY_V2; 2689 hdr->sadb_msg_version = PF_KEY_V2;
2687 hdr->sadb_msg_errno = (uint8_t) 0; 2690 hdr->sadb_msg_errno = (uint8_t) 0;
2688 hdr->sadb_msg_len = (sizeof(struct sadb_msg) / sizeof(uint64_t)); 2691 hdr->sadb_msg_len = (sizeof(struct sadb_msg) / sizeof(uint64_t));
@@ -2711,7 +2714,7 @@ static int pfkey_spdflush(struct sock *sk, struct sk_buff *skb, const struct sad
2711 2714
2712 c.data.type = XFRM_POLICY_TYPE_MAIN; 2715 c.data.type = XFRM_POLICY_TYPE_MAIN;
2713 c.event = XFRM_MSG_FLUSHPOLICY; 2716 c.event = XFRM_MSG_FLUSHPOLICY;
2714 c.pid = hdr->sadb_msg_pid; 2717 c.portid = hdr->sadb_msg_pid;
2715 c.seq = hdr->sadb_msg_seq; 2718 c.seq = hdr->sadb_msg_seq;
2716 c.net = net; 2719 c.net = net;
2717 km_policy_notify(NULL, 0, &c); 2720 km_policy_notify(NULL, 0, &c);
@@ -3024,7 +3027,7 @@ static u32 get_acqseq(void)
3024 return res; 3027 return res;
3025} 3028}
3026 3029
3027static int pfkey_send_acquire(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *xp, int dir) 3030static int pfkey_send_acquire(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *xp)
3028{ 3031{
3029 struct sk_buff *skb; 3032 struct sk_buff *skb;
3030 struct sadb_msg *hdr; 3033 struct sadb_msg *hdr;
@@ -3105,7 +3108,7 @@ static int pfkey_send_acquire(struct xfrm_state *x, struct xfrm_tmpl *t, struct
3105 pol->sadb_x_policy_len = sizeof(struct sadb_x_policy)/sizeof(uint64_t); 3108 pol->sadb_x_policy_len = sizeof(struct sadb_x_policy)/sizeof(uint64_t);
3106 pol->sadb_x_policy_exttype = SADB_X_EXT_POLICY; 3109 pol->sadb_x_policy_exttype = SADB_X_EXT_POLICY;
3107 pol->sadb_x_policy_type = IPSEC_POLICY_IPSEC; 3110 pol->sadb_x_policy_type = IPSEC_POLICY_IPSEC;
3108 pol->sadb_x_policy_dir = dir+1; 3111 pol->sadb_x_policy_dir = XFRM_POLICY_OUT + 1;
3109 pol->sadb_x_policy_id = xp->index; 3112 pol->sadb_x_policy_id = xp->index;
3110 3113
3111 /* Set sadb_comb's. */ 3114 /* Set sadb_comb's. */
diff --git a/net/l2tp/Kconfig b/net/l2tp/Kconfig
index 4b1e71751e10..147a8fd47a17 100644
--- a/net/l2tp/Kconfig
+++ b/net/l2tp/Kconfig
@@ -4,6 +4,7 @@
4 4
5menuconfig L2TP 5menuconfig L2TP
6 tristate "Layer Two Tunneling Protocol (L2TP)" 6 tristate "Layer Two Tunneling Protocol (L2TP)"
7 depends on (IPV6 || IPV6=n)
7 depends on INET 8 depends on INET
8 ---help--- 9 ---help---
9 Layer Two Tunneling Protocol 10 Layer Two Tunneling Protocol
diff --git a/net/l2tp/l2tp_eth.c b/net/l2tp/l2tp_eth.c
index 3bfb34aaee29..37b8b8ba31f7 100644
--- a/net/l2tp/l2tp_eth.c
+++ b/net/l2tp/l2tp_eth.c
@@ -67,6 +67,7 @@ static inline struct l2tp_eth_net *l2tp_eth_pernet(struct net *net)
67 return net_generic(net, l2tp_eth_net_id); 67 return net_generic(net, l2tp_eth_net_id);
68} 68}
69 69
70static struct lock_class_key l2tp_eth_tx_busylock;
70static int l2tp_eth_dev_init(struct net_device *dev) 71static int l2tp_eth_dev_init(struct net_device *dev)
71{ 72{
72 struct l2tp_eth *priv = netdev_priv(dev); 73 struct l2tp_eth *priv = netdev_priv(dev);
@@ -74,7 +75,7 @@ static int l2tp_eth_dev_init(struct net_device *dev)
74 priv->dev = dev; 75 priv->dev = dev;
75 eth_hw_addr_random(dev); 76 eth_hw_addr_random(dev);
76 memset(&dev->broadcast[0], 0xff, 6); 77 memset(&dev->broadcast[0], 0xff, 6);
77 78 dev->qdisc_tx_busylock = &l2tp_eth_tx_busylock;
78 return 0; 79 return 0;
79} 80}
80 81
diff --git a/net/l2tp/l2tp_netlink.c b/net/l2tp/l2tp_netlink.c
index 6f936358d664..6c4cc12c7414 100644
--- a/net/l2tp/l2tp_netlink.c
+++ b/net/l2tp/l2tp_netlink.c
@@ -78,7 +78,7 @@ static int l2tp_nl_cmd_noop(struct sk_buff *skb, struct genl_info *info)
78 goto out; 78 goto out;
79 } 79 }
80 80
81 hdr = genlmsg_put(msg, info->snd_pid, info->snd_seq, 81 hdr = genlmsg_put(msg, info->snd_portid, info->snd_seq,
82 &l2tp_nl_family, 0, L2TP_CMD_NOOP); 82 &l2tp_nl_family, 0, L2TP_CMD_NOOP);
83 if (!hdr) { 83 if (!hdr) {
84 ret = -EMSGSIZE; 84 ret = -EMSGSIZE;
@@ -87,7 +87,7 @@ static int l2tp_nl_cmd_noop(struct sk_buff *skb, struct genl_info *info)
87 87
88 genlmsg_end(msg, hdr); 88 genlmsg_end(msg, hdr);
89 89
90 return genlmsg_unicast(genl_info_net(info), msg, info->snd_pid); 90 return genlmsg_unicast(genl_info_net(info), msg, info->snd_portid);
91 91
92err_out: 92err_out:
93 nlmsg_free(msg); 93 nlmsg_free(msg);
@@ -235,7 +235,7 @@ out:
235 return ret; 235 return ret;
236} 236}
237 237
238static int l2tp_nl_tunnel_send(struct sk_buff *skb, u32 pid, u32 seq, int flags, 238static int l2tp_nl_tunnel_send(struct sk_buff *skb, u32 portid, u32 seq, int flags,
239 struct l2tp_tunnel *tunnel) 239 struct l2tp_tunnel *tunnel)
240{ 240{
241 void *hdr; 241 void *hdr;
@@ -248,7 +248,7 @@ static int l2tp_nl_tunnel_send(struct sk_buff *skb, u32 pid, u32 seq, int flags,
248 struct l2tp_stats stats; 248 struct l2tp_stats stats;
249 unsigned int start; 249 unsigned int start;
250 250
251 hdr = genlmsg_put(skb, pid, seq, &l2tp_nl_family, flags, 251 hdr = genlmsg_put(skb, portid, seq, &l2tp_nl_family, flags,
252 L2TP_CMD_TUNNEL_GET); 252 L2TP_CMD_TUNNEL_GET);
253 if (!hdr) 253 if (!hdr)
254 return -EMSGSIZE; 254 return -EMSGSIZE;
@@ -359,12 +359,12 @@ static int l2tp_nl_cmd_tunnel_get(struct sk_buff *skb, struct genl_info *info)
359 goto out; 359 goto out;
360 } 360 }
361 361
362 ret = l2tp_nl_tunnel_send(msg, info->snd_pid, info->snd_seq, 362 ret = l2tp_nl_tunnel_send(msg, info->snd_portid, info->snd_seq,
363 NLM_F_ACK, tunnel); 363 NLM_F_ACK, tunnel);
364 if (ret < 0) 364 if (ret < 0)
365 goto err_out; 365 goto err_out;
366 366
367 return genlmsg_unicast(net, msg, info->snd_pid); 367 return genlmsg_unicast(net, msg, info->snd_portid);
368 368
369err_out: 369err_out:
370 nlmsg_free(msg); 370 nlmsg_free(msg);
@@ -384,7 +384,7 @@ static int l2tp_nl_cmd_tunnel_dump(struct sk_buff *skb, struct netlink_callback
384 if (tunnel == NULL) 384 if (tunnel == NULL)
385 goto out; 385 goto out;
386 386
387 if (l2tp_nl_tunnel_send(skb, NETLINK_CB(cb->skb).pid, 387 if (l2tp_nl_tunnel_send(skb, NETLINK_CB(cb->skb).portid,
388 cb->nlh->nlmsg_seq, NLM_F_MULTI, 388 cb->nlh->nlmsg_seq, NLM_F_MULTI,
389 tunnel) <= 0) 389 tunnel) <= 0)
390 goto out; 390 goto out;
@@ -604,7 +604,7 @@ out:
604 return ret; 604 return ret;
605} 605}
606 606
607static int l2tp_nl_session_send(struct sk_buff *skb, u32 pid, u32 seq, int flags, 607static int l2tp_nl_session_send(struct sk_buff *skb, u32 portid, u32 seq, int flags,
608 struct l2tp_session *session) 608 struct l2tp_session *session)
609{ 609{
610 void *hdr; 610 void *hdr;
@@ -616,7 +616,7 @@ static int l2tp_nl_session_send(struct sk_buff *skb, u32 pid, u32 seq, int flags
616 616
617 sk = tunnel->sock; 617 sk = tunnel->sock;
618 618
619 hdr = genlmsg_put(skb, pid, seq, &l2tp_nl_family, flags, L2TP_CMD_SESSION_GET); 619 hdr = genlmsg_put(skb, portid, seq, &l2tp_nl_family, flags, L2TP_CMD_SESSION_GET);
620 if (!hdr) 620 if (!hdr)
621 return -EMSGSIZE; 621 return -EMSGSIZE;
622 622
@@ -705,12 +705,12 @@ static int l2tp_nl_cmd_session_get(struct sk_buff *skb, struct genl_info *info)
705 goto out; 705 goto out;
706 } 706 }
707 707
708 ret = l2tp_nl_session_send(msg, info->snd_pid, info->snd_seq, 708 ret = l2tp_nl_session_send(msg, info->snd_portid, info->snd_seq,
709 0, session); 709 0, session);
710 if (ret < 0) 710 if (ret < 0)
711 goto err_out; 711 goto err_out;
712 712
713 return genlmsg_unicast(genl_info_net(info), msg, info->snd_pid); 713 return genlmsg_unicast(genl_info_net(info), msg, info->snd_portid);
714 714
715err_out: 715err_out:
716 nlmsg_free(msg); 716 nlmsg_free(msg);
@@ -742,7 +742,7 @@ static int l2tp_nl_cmd_session_dump(struct sk_buff *skb, struct netlink_callback
742 continue; 742 continue;
743 } 743 }
744 744
745 if (l2tp_nl_session_send(skb, NETLINK_CB(cb->skb).pid, 745 if (l2tp_nl_session_send(skb, NETLINK_CB(cb->skb).portid,
746 cb->nlh->nlmsg_seq, NLM_F_MULTI, 746 cb->nlh->nlmsg_seq, NLM_F_MULTI,
747 session) <= 0) 747 session) <= 0)
748 break; 748 break;
diff --git a/net/llc/llc_station.c b/net/llc/llc_station.c
index b2f2bac2c2a2..204a8351efff 100644
--- a/net/llc/llc_station.c
+++ b/net/llc/llc_station.c
@@ -25,253 +25,26 @@
25#include <net/llc_s_st.h> 25#include <net/llc_s_st.h>
26#include <net/llc_pdu.h> 26#include <net/llc_pdu.h>
27 27
28/**
29 * struct llc_station - LLC station component
30 *
31 * SAP and connection resource manager, one per adapter.
32 *
33 * @state: state of station
34 * @xid_r_count: XID response PDU counter
35 * @mac_sa: MAC source address
36 * @sap_list: list of related SAPs
37 * @ev_q: events entering state mach.
38 * @mac_pdu_q: PDUs ready to send to MAC
39 */
40struct llc_station {
41 u8 state;
42 u8 xid_r_count;
43 struct timer_list ack_timer;
44 u8 retry_count;
45 u8 maximum_retry;
46 struct {
47 struct sk_buff_head list;
48 spinlock_t lock;
49 } ev_q;
50 struct sk_buff_head mac_pdu_q;
51};
52
53#define LLC_STATION_ACK_TIME (3 * HZ)
54
55int sysctl_llc_station_ack_timeout = LLC_STATION_ACK_TIME;
56
57/* Types of events (possible values in 'ev->type') */
58#define LLC_STATION_EV_TYPE_SIMPLE 1
59#define LLC_STATION_EV_TYPE_CONDITION 2
60#define LLC_STATION_EV_TYPE_PRIM 3
61#define LLC_STATION_EV_TYPE_PDU 4 /* command/response PDU */
62#define LLC_STATION_EV_TYPE_ACK_TMR 5
63#define LLC_STATION_EV_TYPE_RPT_STATUS 6
64
65/* Events */
66#define LLC_STATION_EV_ENABLE_WITH_DUP_ADDR_CHECK 1
67#define LLC_STATION_EV_ENABLE_WITHOUT_DUP_ADDR_CHECK 2
68#define LLC_STATION_EV_ACK_TMR_EXP_LT_RETRY_CNT_MAX_RETRY 3
69#define LLC_STATION_EV_ACK_TMR_EXP_EQ_RETRY_CNT_MAX_RETRY 4
70#define LLC_STATION_EV_RX_NULL_DSAP_XID_C 5
71#define LLC_STATION_EV_RX_NULL_DSAP_0_XID_R_XID_R_CNT_EQ 6
72#define LLC_STATION_EV_RX_NULL_DSAP_1_XID_R_XID_R_CNT_EQ 7
73#define LLC_STATION_EV_RX_NULL_DSAP_TEST_C 8
74#define LLC_STATION_EV_DISABLE_REQ 9
75
76struct llc_station_state_ev {
77 u8 type;
78 u8 prim;
79 u8 prim_type;
80 u8 reason;
81 struct list_head node; /* node in station->ev_q.list */
82};
83
84static __inline__ struct llc_station_state_ev *
85 llc_station_ev(struct sk_buff *skb)
86{
87 return (struct llc_station_state_ev *)skb->cb;
88}
89
90typedef int (*llc_station_ev_t)(struct sk_buff *skb);
91
92#define LLC_STATION_STATE_DOWN 1 /* initial state */
93#define LLC_STATION_STATE_DUP_ADDR_CHK 2
94#define LLC_STATION_STATE_UP 3
95
96#define LLC_NBR_STATION_STATES 3 /* size of state table */
97
98typedef int (*llc_station_action_t)(struct sk_buff *skb);
99
100/* Station component state table structure */
101struct llc_station_state_trans {
102 llc_station_ev_t ev;
103 u8 next_state;
104 llc_station_action_t *ev_actions;
105};
106
107struct llc_station_state {
108 u8 curr_state;
109 struct llc_station_state_trans **transitions;
110};
111
112static struct llc_station llc_main_station;
113
114static int llc_stat_ev_enable_with_dup_addr_check(struct sk_buff *skb)
115{
116 struct llc_station_state_ev *ev = llc_station_ev(skb);
117
118 return ev->type == LLC_STATION_EV_TYPE_SIMPLE &&
119 ev->prim_type ==
120 LLC_STATION_EV_ENABLE_WITH_DUP_ADDR_CHECK ? 0 : 1;
121}
122
123static int llc_stat_ev_enable_without_dup_addr_check(struct sk_buff *skb)
124{
125 struct llc_station_state_ev *ev = llc_station_ev(skb);
126
127 return ev->type == LLC_STATION_EV_TYPE_SIMPLE &&
128 ev->prim_type ==
129 LLC_STATION_EV_ENABLE_WITHOUT_DUP_ADDR_CHECK ? 0 : 1;
130}
131
132static int llc_stat_ev_ack_tmr_exp_lt_retry_cnt_max_retry(struct sk_buff *skb)
133{
134 struct llc_station_state_ev *ev = llc_station_ev(skb);
135
136 return ev->type == LLC_STATION_EV_TYPE_ACK_TMR &&
137 llc_main_station.retry_count <
138 llc_main_station.maximum_retry ? 0 : 1;
139}
140
141static int llc_stat_ev_ack_tmr_exp_eq_retry_cnt_max_retry(struct sk_buff *skb)
142{
143 struct llc_station_state_ev *ev = llc_station_ev(skb);
144
145 return ev->type == LLC_STATION_EV_TYPE_ACK_TMR &&
146 llc_main_station.retry_count ==
147 llc_main_station.maximum_retry ? 0 : 1;
148}
149
150static int llc_stat_ev_rx_null_dsap_xid_c(struct sk_buff *skb) 28static int llc_stat_ev_rx_null_dsap_xid_c(struct sk_buff *skb)
151{ 29{
152 struct llc_station_state_ev *ev = llc_station_ev(skb);
153 struct llc_pdu_un *pdu = llc_pdu_un_hdr(skb); 30 struct llc_pdu_un *pdu = llc_pdu_un_hdr(skb);
154 31
155 return ev->type == LLC_STATION_EV_TYPE_PDU && 32 return LLC_PDU_IS_CMD(pdu) && /* command PDU */
156 LLC_PDU_IS_CMD(pdu) && /* command PDU */
157 LLC_PDU_TYPE_IS_U(pdu) && /* U type PDU */ 33 LLC_PDU_TYPE_IS_U(pdu) && /* U type PDU */
158 LLC_U_PDU_CMD(pdu) == LLC_1_PDU_CMD_XID && 34 LLC_U_PDU_CMD(pdu) == LLC_1_PDU_CMD_XID &&
159 !pdu->dsap ? 0 : 1; /* NULL DSAP value */ 35 !pdu->dsap ? 0 : 1; /* NULL DSAP value */
160} 36}
161 37
162static int llc_stat_ev_rx_null_dsap_0_xid_r_xid_r_cnt_eq(struct sk_buff *skb)
163{
164 struct llc_station_state_ev *ev = llc_station_ev(skb);
165 struct llc_pdu_un *pdu = llc_pdu_un_hdr(skb);
166
167 return ev->type == LLC_STATION_EV_TYPE_PDU &&
168 LLC_PDU_IS_RSP(pdu) && /* response PDU */
169 LLC_PDU_TYPE_IS_U(pdu) && /* U type PDU */
170 LLC_U_PDU_RSP(pdu) == LLC_1_PDU_CMD_XID &&
171 !pdu->dsap && /* NULL DSAP value */
172 !llc_main_station.xid_r_count ? 0 : 1;
173}
174
175static int llc_stat_ev_rx_null_dsap_1_xid_r_xid_r_cnt_eq(struct sk_buff *skb)
176{
177 struct llc_station_state_ev *ev = llc_station_ev(skb);
178 struct llc_pdu_un *pdu = llc_pdu_un_hdr(skb);
179
180 return ev->type == LLC_STATION_EV_TYPE_PDU &&
181 LLC_PDU_IS_RSP(pdu) && /* response PDU */
182 LLC_PDU_TYPE_IS_U(pdu) && /* U type PDU */
183 LLC_U_PDU_RSP(pdu) == LLC_1_PDU_CMD_XID &&
184 !pdu->dsap && /* NULL DSAP value */
185 llc_main_station.xid_r_count == 1 ? 0 : 1;
186}
187
188static int llc_stat_ev_rx_null_dsap_test_c(struct sk_buff *skb) 38static int llc_stat_ev_rx_null_dsap_test_c(struct sk_buff *skb)
189{ 39{
190 struct llc_station_state_ev *ev = llc_station_ev(skb);
191 struct llc_pdu_un *pdu = llc_pdu_un_hdr(skb); 40 struct llc_pdu_un *pdu = llc_pdu_un_hdr(skb);
192 41
193 return ev->type == LLC_STATION_EV_TYPE_PDU && 42 return LLC_PDU_IS_CMD(pdu) && /* command PDU */
194 LLC_PDU_IS_CMD(pdu) && /* command PDU */
195 LLC_PDU_TYPE_IS_U(pdu) && /* U type PDU */ 43 LLC_PDU_TYPE_IS_U(pdu) && /* U type PDU */
196 LLC_U_PDU_CMD(pdu) == LLC_1_PDU_CMD_TEST && 44 LLC_U_PDU_CMD(pdu) == LLC_1_PDU_CMD_TEST &&
197 !pdu->dsap ? 0 : 1; /* NULL DSAP */ 45 !pdu->dsap ? 0 : 1; /* NULL DSAP */
198} 46}
199 47
200static int llc_stat_ev_disable_req(struct sk_buff *skb)
201{
202 struct llc_station_state_ev *ev = llc_station_ev(skb);
203
204 return ev->type == LLC_STATION_EV_TYPE_PRIM &&
205 ev->prim == LLC_DISABLE_PRIM &&
206 ev->prim_type == LLC_PRIM_TYPE_REQ ? 0 : 1;
207}
208
209/**
210 * llc_station_send_pdu - queues PDU to send
211 * @skb: Address of the PDU
212 *
213 * Queues a PDU to send to the MAC layer.
214 */
215static void llc_station_send_pdu(struct sk_buff *skb)
216{
217 skb_queue_tail(&llc_main_station.mac_pdu_q, skb);
218 while ((skb = skb_dequeue(&llc_main_station.mac_pdu_q)) != NULL)
219 if (dev_queue_xmit(skb))
220 break;
221}
222
223static int llc_station_ac_start_ack_timer(struct sk_buff *skb)
224{
225 mod_timer(&llc_main_station.ack_timer,
226 jiffies + sysctl_llc_station_ack_timeout);
227 return 0;
228}
229
230static int llc_station_ac_set_retry_cnt_0(struct sk_buff *skb)
231{
232 llc_main_station.retry_count = 0;
233 return 0;
234}
235
236static int llc_station_ac_inc_retry_cnt_by_1(struct sk_buff *skb)
237{
238 llc_main_station.retry_count++;
239 return 0;
240}
241
242static int llc_station_ac_set_xid_r_cnt_0(struct sk_buff *skb)
243{
244 llc_main_station.xid_r_count = 0;
245 return 0;
246}
247
248static int llc_station_ac_inc_xid_r_cnt_by_1(struct sk_buff *skb)
249{
250 llc_main_station.xid_r_count++;
251 return 0;
252}
253
254static int llc_station_ac_send_null_dsap_xid_c(struct sk_buff *skb)
255{
256 int rc = 1;
257 struct sk_buff *nskb = llc_alloc_frame(NULL, skb->dev, LLC_PDU_TYPE_U,
258 sizeof(struct llc_xid_info));
259
260 if (!nskb)
261 goto out;
262 llc_pdu_header_init(nskb, LLC_PDU_TYPE_U, 0, 0, LLC_PDU_CMD);
263 llc_pdu_init_as_xid_cmd(nskb, LLC_XID_NULL_CLASS_2, 127);
264 rc = llc_mac_hdr_init(nskb, skb->dev->dev_addr, skb->dev->dev_addr);
265 if (unlikely(rc))
266 goto free;
267 llc_station_send_pdu(nskb);
268out:
269 return rc;
270free:
271 kfree_skb(nskb);
272 goto out;
273}
274
275static int llc_station_ac_send_xid_r(struct sk_buff *skb) 48static int llc_station_ac_send_xid_r(struct sk_buff *skb)
276{ 49{
277 u8 mac_da[ETH_ALEN], dsap; 50 u8 mac_da[ETH_ALEN], dsap;
@@ -289,7 +62,7 @@ static int llc_station_ac_send_xid_r(struct sk_buff *skb)
289 rc = llc_mac_hdr_init(nskb, skb->dev->dev_addr, mac_da); 62 rc = llc_mac_hdr_init(nskb, skb->dev->dev_addr, mac_da);
290 if (unlikely(rc)) 63 if (unlikely(rc))
291 goto free; 64 goto free;
292 llc_station_send_pdu(nskb); 65 dev_queue_xmit(nskb);
293out: 66out:
294 return rc; 67 return rc;
295free: 68free:
@@ -318,7 +91,7 @@ static int llc_station_ac_send_test_r(struct sk_buff *skb)
318 rc = llc_mac_hdr_init(nskb, skb->dev->dev_addr, mac_da); 91 rc = llc_mac_hdr_init(nskb, skb->dev->dev_addr, mac_da);
319 if (unlikely(rc)) 92 if (unlikely(rc))
320 goto free; 93 goto free;
321 llc_station_send_pdu(nskb); 94 dev_queue_xmit(nskb);
322out: 95out:
323 return rc; 96 return rc;
324free: 97free:
@@ -326,352 +99,6 @@ free:
326 goto out; 99 goto out;
327} 100}
328 101
329static int llc_station_ac_report_status(struct sk_buff *skb)
330{
331 return 0;
332}
333
334/* COMMON STATION STATE transitions */
335
336/* dummy last-transition indicator; common to all state transition groups
337 * last entry for this state
338 * all members are zeros, .bss zeroes it
339 */
340static struct llc_station_state_trans llc_stat_state_trans_end;
341
342/* DOWN STATE transitions */
343
344/* state transition for LLC_STATION_EV_ENABLE_WITH_DUP_ADDR_CHECK event */
345static llc_station_action_t llc_stat_down_state_actions_1[] = {
346 [0] = llc_station_ac_start_ack_timer,
347 [1] = llc_station_ac_set_retry_cnt_0,
348 [2] = llc_station_ac_set_xid_r_cnt_0,
349 [3] = llc_station_ac_send_null_dsap_xid_c,
350 [4] = NULL,
351};
352
353static struct llc_station_state_trans llc_stat_down_state_trans_1 = {
354 .ev = llc_stat_ev_enable_with_dup_addr_check,
355 .next_state = LLC_STATION_STATE_DUP_ADDR_CHK,
356 .ev_actions = llc_stat_down_state_actions_1,
357};
358
359/* state transition for LLC_STATION_EV_ENABLE_WITHOUT_DUP_ADDR_CHECK event */
360static llc_station_action_t llc_stat_down_state_actions_2[] = {
361 [0] = llc_station_ac_report_status, /* STATION UP */
362 [1] = NULL,
363};
364
365static struct llc_station_state_trans llc_stat_down_state_trans_2 = {
366 .ev = llc_stat_ev_enable_without_dup_addr_check,
367 .next_state = LLC_STATION_STATE_UP,
368 .ev_actions = llc_stat_down_state_actions_2,
369};
370
371/* array of pointers; one to each transition */
372static struct llc_station_state_trans *llc_stat_dwn_state_trans[] = {
373 [0] = &llc_stat_down_state_trans_1,
374 [1] = &llc_stat_down_state_trans_2,
375 [2] = &llc_stat_state_trans_end,
376};
377
378/* UP STATE transitions */
379/* state transition for LLC_STATION_EV_DISABLE_REQ event */
380static llc_station_action_t llc_stat_up_state_actions_1[] = {
381 [0] = llc_station_ac_report_status, /* STATION DOWN */
382 [1] = NULL,
383};
384
385static struct llc_station_state_trans llc_stat_up_state_trans_1 = {
386 .ev = llc_stat_ev_disable_req,
387 .next_state = LLC_STATION_STATE_DOWN,
388 .ev_actions = llc_stat_up_state_actions_1,
389};
390
391/* state transition for LLC_STATION_EV_RX_NULL_DSAP_XID_C event */
392static llc_station_action_t llc_stat_up_state_actions_2[] = {
393 [0] = llc_station_ac_send_xid_r,
394 [1] = NULL,
395};
396
397static struct llc_station_state_trans llc_stat_up_state_trans_2 = {
398 .ev = llc_stat_ev_rx_null_dsap_xid_c,
399 .next_state = LLC_STATION_STATE_UP,
400 .ev_actions = llc_stat_up_state_actions_2,
401};
402
403/* state transition for LLC_STATION_EV_RX_NULL_DSAP_TEST_C event */
404static llc_station_action_t llc_stat_up_state_actions_3[] = {
405 [0] = llc_station_ac_send_test_r,
406 [1] = NULL,
407};
408
409static struct llc_station_state_trans llc_stat_up_state_trans_3 = {
410 .ev = llc_stat_ev_rx_null_dsap_test_c,
411 .next_state = LLC_STATION_STATE_UP,
412 .ev_actions = llc_stat_up_state_actions_3,
413};
414
415/* array of pointers; one to each transition */
416static struct llc_station_state_trans *llc_stat_up_state_trans [] = {
417 [0] = &llc_stat_up_state_trans_1,
418 [1] = &llc_stat_up_state_trans_2,
419 [2] = &llc_stat_up_state_trans_3,
420 [3] = &llc_stat_state_trans_end,
421};
422
423/* DUP ADDR CHK STATE transitions */
424/* state transition for LLC_STATION_EV_RX_NULL_DSAP_0_XID_R_XID_R_CNT_EQ
425 * event
426 */
427static llc_station_action_t llc_stat_dupaddr_state_actions_1[] = {
428 [0] = llc_station_ac_inc_xid_r_cnt_by_1,
429 [1] = NULL,
430};
431
432static struct llc_station_state_trans llc_stat_dupaddr_state_trans_1 = {
433 .ev = llc_stat_ev_rx_null_dsap_0_xid_r_xid_r_cnt_eq,
434 .next_state = LLC_STATION_STATE_DUP_ADDR_CHK,
435 .ev_actions = llc_stat_dupaddr_state_actions_1,
436};
437
438/* state transition for LLC_STATION_EV_RX_NULL_DSAP_1_XID_R_XID_R_CNT_EQ
439 * event
440 */
441static llc_station_action_t llc_stat_dupaddr_state_actions_2[] = {
442 [0] = llc_station_ac_report_status, /* DUPLICATE ADDRESS FOUND */
443 [1] = NULL,
444};
445
446static struct llc_station_state_trans llc_stat_dupaddr_state_trans_2 = {
447 .ev = llc_stat_ev_rx_null_dsap_1_xid_r_xid_r_cnt_eq,
448 .next_state = LLC_STATION_STATE_DOWN,
449 .ev_actions = llc_stat_dupaddr_state_actions_2,
450};
451
452/* state transition for LLC_STATION_EV_RX_NULL_DSAP_XID_C event */
453static llc_station_action_t llc_stat_dupaddr_state_actions_3[] = {
454 [0] = llc_station_ac_send_xid_r,
455 [1] = NULL,
456};
457
458static struct llc_station_state_trans llc_stat_dupaddr_state_trans_3 = {
459 .ev = llc_stat_ev_rx_null_dsap_xid_c,
460 .next_state = LLC_STATION_STATE_DUP_ADDR_CHK,
461 .ev_actions = llc_stat_dupaddr_state_actions_3,
462};
463
464/* state transition for LLC_STATION_EV_ACK_TMR_EXP_LT_RETRY_CNT_MAX_RETRY
465 * event
466 */
467static llc_station_action_t llc_stat_dupaddr_state_actions_4[] = {
468 [0] = llc_station_ac_start_ack_timer,
469 [1] = llc_station_ac_inc_retry_cnt_by_1,
470 [2] = llc_station_ac_set_xid_r_cnt_0,
471 [3] = llc_station_ac_send_null_dsap_xid_c,
472 [4] = NULL,
473};
474
475static struct llc_station_state_trans llc_stat_dupaddr_state_trans_4 = {
476 .ev = llc_stat_ev_ack_tmr_exp_lt_retry_cnt_max_retry,
477 .next_state = LLC_STATION_STATE_DUP_ADDR_CHK,
478 .ev_actions = llc_stat_dupaddr_state_actions_4,
479};
480
481/* state transition for LLC_STATION_EV_ACK_TMR_EXP_EQ_RETRY_CNT_MAX_RETRY
482 * event
483 */
484static llc_station_action_t llc_stat_dupaddr_state_actions_5[] = {
485 [0] = llc_station_ac_report_status, /* STATION UP */
486 [1] = NULL,
487};
488
489static struct llc_station_state_trans llc_stat_dupaddr_state_trans_5 = {
490 .ev = llc_stat_ev_ack_tmr_exp_eq_retry_cnt_max_retry,
491 .next_state = LLC_STATION_STATE_UP,
492 .ev_actions = llc_stat_dupaddr_state_actions_5,
493};
494
495/* state transition for LLC_STATION_EV_DISABLE_REQ event */
496static llc_station_action_t llc_stat_dupaddr_state_actions_6[] = {
497 [0] = llc_station_ac_report_status, /* STATION DOWN */
498 [1] = NULL,
499};
500
501static struct llc_station_state_trans llc_stat_dupaddr_state_trans_6 = {
502 .ev = llc_stat_ev_disable_req,
503 .next_state = LLC_STATION_STATE_DOWN,
504 .ev_actions = llc_stat_dupaddr_state_actions_6,
505};
506
507/* array of pointers; one to each transition */
508static struct llc_station_state_trans *llc_stat_dupaddr_state_trans[] = {
509 [0] = &llc_stat_dupaddr_state_trans_6, /* Request */
510 [1] = &llc_stat_dupaddr_state_trans_4, /* Timer */
511 [2] = &llc_stat_dupaddr_state_trans_5,
512 [3] = &llc_stat_dupaddr_state_trans_1, /* Receive frame */
513 [4] = &llc_stat_dupaddr_state_trans_2,
514 [5] = &llc_stat_dupaddr_state_trans_3,
515 [6] = &llc_stat_state_trans_end,
516};
517
518static struct llc_station_state
519 llc_station_state_table[LLC_NBR_STATION_STATES] = {
520 [LLC_STATION_STATE_DOWN - 1] = {
521 .curr_state = LLC_STATION_STATE_DOWN,
522 .transitions = llc_stat_dwn_state_trans,
523 },
524 [LLC_STATION_STATE_DUP_ADDR_CHK - 1] = {
525 .curr_state = LLC_STATION_STATE_DUP_ADDR_CHK,
526 .transitions = llc_stat_dupaddr_state_trans,
527 },
528 [LLC_STATION_STATE_UP - 1] = {
529 .curr_state = LLC_STATION_STATE_UP,
530 .transitions = llc_stat_up_state_trans,
531 },
532};
533
534/**
535 * llc_exec_station_trans_actions - executes actions for transition
536 * @trans: Address of the transition
537 * @skb: Address of the event that caused the transition
538 *
539 * Executes actions of a transition of the station state machine. Returns
540 * 0 if all actions complete successfully, nonzero otherwise.
541 */
542static u16 llc_exec_station_trans_actions(struct llc_station_state_trans *trans,
543 struct sk_buff *skb)
544{
545 u16 rc = 0;
546 llc_station_action_t *next_action = trans->ev_actions;
547
548 for (; next_action && *next_action; next_action++)
549 if ((*next_action)(skb))
550 rc = 1;
551 return rc;
552}
553
554/**
555 * llc_find_station_trans - finds transition for this event
556 * @skb: Address of the event
557 *
558 * Search thru events of the current state of the station until list
559 * exhausted or it's obvious that the event is not valid for the current
560 * state. Returns the address of the transition if cound, %NULL otherwise.
561 */
562static struct llc_station_state_trans *
563 llc_find_station_trans(struct sk_buff *skb)
564{
565 int i = 0;
566 struct llc_station_state_trans *rc = NULL;
567 struct llc_station_state_trans **next_trans;
568 struct llc_station_state *curr_state =
569 &llc_station_state_table[llc_main_station.state - 1];
570
571 for (next_trans = curr_state->transitions; next_trans[i]->ev; i++)
572 if (!next_trans[i]->ev(skb)) {
573 rc = next_trans[i];
574 break;
575 }
576 return rc;
577}
578
579/**
580 * llc_station_free_ev - frees an event
581 * @skb: Address of the event
582 *
583 * Frees an event.
584 */
585static void llc_station_free_ev(struct sk_buff *skb)
586{
587 struct llc_station_state_ev *ev = llc_station_ev(skb);
588
589 if (ev->type == LLC_STATION_EV_TYPE_PDU)
590 kfree_skb(skb);
591}
592
593/**
594 * llc_station_next_state - processes event and goes to the next state
595 * @skb: Address of the event
596 *
597 * Processes an event, executes any transitions related to that event and
598 * updates the state of the station.
599 */
600static u16 llc_station_next_state(struct sk_buff *skb)
601{
602 u16 rc = 1;
603 struct llc_station_state_trans *trans;
604
605 if (llc_main_station.state > LLC_NBR_STATION_STATES)
606 goto out;
607 trans = llc_find_station_trans(skb);
608 if (trans) {
609 /* got the state to which we next transition; perform the
610 * actions associated with this transition before actually
611 * transitioning to the next state
612 */
613 rc = llc_exec_station_trans_actions(trans, skb);
614 if (!rc)
615 /* transition station to next state if all actions
616 * execute successfully; done; wait for next event
617 */
618 llc_main_station.state = trans->next_state;
619 } else
620 /* event not recognized in current state; re-queue it for
621 * processing again at a later time; return failure
622 */
623 rc = 0;
624out:
625 llc_station_free_ev(skb);
626 return rc;
627}
628
629/**
630 * llc_station_service_events - service events in the queue
631 *
632 * Get an event from the station event queue (if any); attempt to service
633 * the event; if event serviced, get the next event (if any) on the event
634 * queue; if event not service, re-queue the event on the event queue and
635 * attempt to service the next event; when serviced all events in queue,
636 * finished; if don't transition to different state, just service all
637 * events once; if transition to new state, service all events again.
638 * Caller must hold llc_main_station.ev_q.lock.
639 */
640static void llc_station_service_events(void)
641{
642 struct sk_buff *skb;
643
644 while ((skb = skb_dequeue(&llc_main_station.ev_q.list)) != NULL)
645 llc_station_next_state(skb);
646}
647
648/**
649 * llc_station_state_process - queue event and try to process queue.
650 * @skb: Address of the event
651 *
652 * Queues an event (on the station event queue) for handling by the
653 * station state machine and attempts to process any queued-up events.
654 */
655static void llc_station_state_process(struct sk_buff *skb)
656{
657 spin_lock_bh(&llc_main_station.ev_q.lock);
658 skb_queue_tail(&llc_main_station.ev_q.list, skb);
659 llc_station_service_events();
660 spin_unlock_bh(&llc_main_station.ev_q.lock);
661}
662
663static void llc_station_ack_tmr_cb(unsigned long timeout_data)
664{
665 struct sk_buff *skb = alloc_skb(0, GFP_ATOMIC);
666
667 if (skb) {
668 struct llc_station_state_ev *ev = llc_station_ev(skb);
669
670 ev->type = LLC_STATION_EV_TYPE_ACK_TMR;
671 llc_station_state_process(skb);
672 }
673}
674
675/** 102/**
676 * llc_station_rcv - send received pdu to the station state machine 103 * llc_station_rcv - send received pdu to the station state machine
677 * @skb: received frame. 104 * @skb: received frame.
@@ -680,24 +107,15 @@ static void llc_station_ack_tmr_cb(unsigned long timeout_data)
680 */ 107 */
681static void llc_station_rcv(struct sk_buff *skb) 108static void llc_station_rcv(struct sk_buff *skb)
682{ 109{
683 struct llc_station_state_ev *ev = llc_station_ev(skb); 110 if (llc_stat_ev_rx_null_dsap_xid_c(skb))
684 111 llc_station_ac_send_xid_r(skb);
685 ev->type = LLC_STATION_EV_TYPE_PDU; 112 else if (llc_stat_ev_rx_null_dsap_test_c(skb))
686 ev->reason = 0; 113 llc_station_ac_send_test_r(skb);
687 llc_station_state_process(skb); 114 kfree_skb(skb);
688} 115}
689 116
690void __init llc_station_init(void) 117void __init llc_station_init(void)
691{ 118{
692 skb_queue_head_init(&llc_main_station.mac_pdu_q);
693 skb_queue_head_init(&llc_main_station.ev_q.list);
694 spin_lock_init(&llc_main_station.ev_q.lock);
695 setup_timer(&llc_main_station.ack_timer, llc_station_ack_tmr_cb,
696 (unsigned long)&llc_main_station);
697 llc_main_station.ack_timer.expires = jiffies +
698 sysctl_llc_station_ack_timeout;
699 llc_main_station.maximum_retry = 1;
700 llc_main_station.state = LLC_STATION_STATE_UP;
701 llc_set_station_handler(llc_station_rcv); 119 llc_set_station_handler(llc_station_rcv);
702} 120}
703 121
diff --git a/net/llc/sysctl_net_llc.c b/net/llc/sysctl_net_llc.c
index d75306b9c2f3..612a5ddaf93b 100644
--- a/net/llc/sysctl_net_llc.c
+++ b/net/llc/sysctl_net_llc.c
@@ -47,13 +47,6 @@ static struct ctl_table llc2_timeout_table[] = {
47}; 47};
48 48
49static struct ctl_table llc_station_table[] = { 49static struct ctl_table llc_station_table[] = {
50 {
51 .procname = "ack_timeout",
52 .data = &sysctl_llc_station_ack_timeout,
53 .maxlen = sizeof(long),
54 .mode = 0644,
55 .proc_handler = proc_dointvec_jiffies,
56 },
57 { }, 50 { },
58}; 51};
59 52
diff --git a/net/mac80211/aes_cmac.c b/net/mac80211/aes_cmac.c
index 8dfd70d8fcfb..a04752e91023 100644
--- a/net/mac80211/aes_cmac.c
+++ b/net/mac80211/aes_cmac.c
@@ -38,14 +38,10 @@ static void gf_mulx(u8 *pad)
38static void aes_128_cmac_vector(struct crypto_cipher *tfm, size_t num_elem, 38static void aes_128_cmac_vector(struct crypto_cipher *tfm, size_t num_elem,
39 const u8 *addr[], const size_t *len, u8 *mac) 39 const u8 *addr[], const size_t *len, u8 *mac)
40{ 40{
41 u8 scratch[2 * AES_BLOCK_SIZE]; 41 u8 cbc[AES_BLOCK_SIZE], pad[AES_BLOCK_SIZE];
42 u8 *cbc, *pad;
43 const u8 *pos, *end; 42 const u8 *pos, *end;
44 size_t i, e, left, total_len; 43 size_t i, e, left, total_len;
45 44
46 cbc = scratch;
47 pad = scratch + AES_BLOCK_SIZE;
48
49 memset(cbc, 0, AES_BLOCK_SIZE); 45 memset(cbc, 0, AES_BLOCK_SIZE);
50 46
51 total_len = 0; 47 total_len = 0;
diff --git a/net/mac80211/agg-tx.c b/net/mac80211/agg-tx.c
index d0deb3edae21..3195a6307f50 100644
--- a/net/mac80211/agg-tx.c
+++ b/net/mac80211/agg-tx.c
@@ -869,7 +869,7 @@ void ieee80211_process_addba_resp(struct ieee80211_local *local,
869 869
870 } else { 870 } else {
871 ___ieee80211_stop_tx_ba_session(sta, tid, WLAN_BACK_INITIATOR, 871 ___ieee80211_stop_tx_ba_session(sta, tid, WLAN_BACK_INITIATOR,
872 true); 872 false);
873 } 873 }
874 874
875 out: 875 out:
diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c
index a58c0b649ba1..05f3a313db88 100644
--- a/net/mac80211/cfg.c
+++ b/net/mac80211/cfg.c
@@ -20,7 +20,8 @@
20#include "rate.h" 20#include "rate.h"
21#include "mesh.h" 21#include "mesh.h"
22 22
23static struct wireless_dev *ieee80211_add_iface(struct wiphy *wiphy, char *name, 23static struct wireless_dev *ieee80211_add_iface(struct wiphy *wiphy,
24 const char *name,
24 enum nl80211_iftype type, 25 enum nl80211_iftype type,
25 u32 *flags, 26 u32 *flags,
26 struct vif_params *params) 27 struct vif_params *params)
@@ -102,6 +103,18 @@ static int ieee80211_change_iface(struct wiphy *wiphy,
102 return 0; 103 return 0;
103} 104}
104 105
106static int ieee80211_start_p2p_device(struct wiphy *wiphy,
107 struct wireless_dev *wdev)
108{
109 return ieee80211_do_open(wdev, true);
110}
111
112static void ieee80211_stop_p2p_device(struct wiphy *wiphy,
113 struct wireless_dev *wdev)
114{
115 ieee80211_sdata_stop(IEEE80211_WDEV_TO_SUB_IF(wdev));
116}
117
105static int ieee80211_set_noack_map(struct wiphy *wiphy, 118static int ieee80211_set_noack_map(struct wiphy *wiphy,
106 struct net_device *dev, 119 struct net_device *dev,
107 u16 noack_map) 120 u16 noack_map)
@@ -158,6 +171,38 @@ static int ieee80211_add_key(struct wiphy *wiphy, struct net_device *dev,
158 } 171 }
159 } 172 }
160 173
174 switch (sdata->vif.type) {
175 case NL80211_IFTYPE_STATION:
176 if (sdata->u.mgd.mfp != IEEE80211_MFP_DISABLED)
177 key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT;
178 break;
179 case NL80211_IFTYPE_AP:
180 case NL80211_IFTYPE_AP_VLAN:
181 /* Keys without a station are used for TX only */
182 if (key->sta && test_sta_flag(key->sta, WLAN_STA_MFP))
183 key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT;
184 break;
185 case NL80211_IFTYPE_ADHOC:
186 /* no MFP (yet) */
187 break;
188 case NL80211_IFTYPE_MESH_POINT:
189#ifdef CONFIG_MAC80211_MESH
190 if (sdata->u.mesh.security != IEEE80211_MESH_SEC_NONE)
191 key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT;
192 break;
193#endif
194 case NL80211_IFTYPE_WDS:
195 case NL80211_IFTYPE_MONITOR:
196 case NL80211_IFTYPE_P2P_DEVICE:
197 case NL80211_IFTYPE_UNSPECIFIED:
198 case NUM_NL80211_IFTYPES:
199 case NL80211_IFTYPE_P2P_CLIENT:
200 case NL80211_IFTYPE_P2P_GO:
201 /* shouldn't happen */
202 WARN_ON_ONCE(1);
203 break;
204 }
205
161 err = ieee80211_key_link(key, sdata, sta); 206 err = ieee80211_key_link(key, sdata, sta);
162 if (err) 207 if (err)
163 ieee80211_key_free(sdata->local, key); 208 ieee80211_key_free(sdata->local, key);
@@ -330,7 +375,7 @@ static void rate_idx_to_bitrate(struct rate_info *rate, struct sta_info *sta, in
330 if (!(rate->flags & RATE_INFO_FLAGS_MCS)) { 375 if (!(rate->flags & RATE_INFO_FLAGS_MCS)) {
331 struct ieee80211_supported_band *sband; 376 struct ieee80211_supported_band *sband;
332 sband = sta->local->hw.wiphy->bands[ 377 sband = sta->local->hw.wiphy->bands[
333 sta->local->hw.conf.channel->band]; 378 sta->local->oper_channel->band];
334 rate->legacy = sband->bitrates[idx].bitrate; 379 rate->legacy = sband->bitrates[idx].bitrate;
335 } else 380 } else
336 rate->mcs = idx; 381 rate->mcs = idx;
@@ -725,25 +770,23 @@ static int ieee80211_set_monitor_channel(struct wiphy *wiphy,
725static int ieee80211_set_probe_resp(struct ieee80211_sub_if_data *sdata, 770static int ieee80211_set_probe_resp(struct ieee80211_sub_if_data *sdata,
726 const u8 *resp, size_t resp_len) 771 const u8 *resp, size_t resp_len)
727{ 772{
728 struct sk_buff *new, *old; 773 struct probe_resp *new, *old;
729 774
730 if (!resp || !resp_len) 775 if (!resp || !resp_len)
731 return 1; 776 return 1;
732 777
733 old = rtnl_dereference(sdata->u.ap.probe_resp); 778 old = rtnl_dereference(sdata->u.ap.probe_resp);
734 779
735 new = dev_alloc_skb(resp_len); 780 new = kzalloc(sizeof(struct probe_resp) + resp_len, GFP_KERNEL);
736 if (!new) 781 if (!new)
737 return -ENOMEM; 782 return -ENOMEM;
738 783
739 memcpy(skb_put(new, resp_len), resp, resp_len); 784 new->len = resp_len;
785 memcpy(new->data, resp, resp_len);
740 786
741 rcu_assign_pointer(sdata->u.ap.probe_resp, new); 787 rcu_assign_pointer(sdata->u.ap.probe_resp, new);
742 if (old) { 788 if (old)
743 /* TODO: use call_rcu() */ 789 kfree_rcu(old, rcu_head);
744 synchronize_rcu();
745 dev_kfree_skb(old);
746 }
747 790
748 return 0; 791 return 0;
749} 792}
@@ -950,7 +993,7 @@ static void ieee80211_send_layer2_update(struct sta_info *sta)
950 /* 802.2 Type 1 Logical Link Control (LLC) Exchange Identifier (XID) 993 /* 802.2 Type 1 Logical Link Control (LLC) Exchange Identifier (XID)
951 * Update response frame; IEEE Std 802.2-1998, 5.4.1.2.1 */ 994 * Update response frame; IEEE Std 802.2-1998, 5.4.1.2.1 */
952 995
953 memset(msg->da, 0xff, ETH_ALEN); 996 eth_broadcast_addr(msg->da);
954 memcpy(msg->sa, sta->sta.addr, ETH_ALEN); 997 memcpy(msg->sa, sta->sta.addr, ETH_ALEN);
955 msg->len = htons(6); 998 msg->len = htons(6);
956 msg->dsap = 0; 999 msg->dsap = 0;
@@ -1285,9 +1328,10 @@ static int ieee80211_change_station(struct wiphy *wiphy,
1285 mutex_unlock(&local->sta_mtx); 1328 mutex_unlock(&local->sta_mtx);
1286 1329
1287 if (sdata->vif.type == NL80211_IFTYPE_STATION && 1330 if (sdata->vif.type == NL80211_IFTYPE_STATION &&
1288 params->sta_flags_mask & BIT(NL80211_STA_FLAG_AUTHORIZED)) 1331 params->sta_flags_mask & BIT(NL80211_STA_FLAG_AUTHORIZED)) {
1289 ieee80211_recalc_ps(local, -1); 1332 ieee80211_recalc_ps(local, -1);
1290 1333 ieee80211_recalc_ps_vif(sdata);
1334 }
1291 return 0; 1335 return 0;
1292} 1336}
1293 1337
@@ -1660,7 +1704,7 @@ static int ieee80211_change_bss(struct wiphy *wiphy,
1660 } 1704 }
1661 1705
1662 if (!sdata->vif.bss_conf.use_short_slot && 1706 if (!sdata->vif.bss_conf.use_short_slot &&
1663 sdata->local->hw.conf.channel->band == IEEE80211_BAND_5GHZ) { 1707 sdata->local->oper_channel->band == IEEE80211_BAND_5GHZ) {
1664 sdata->vif.bss_conf.use_short_slot = true; 1708 sdata->vif.bss_conf.use_short_slot = true;
1665 changed |= BSS_CHANGED_ERP_SLOT; 1709 changed |= BSS_CHANGED_ERP_SLOT;
1666 } 1710 }
@@ -1774,6 +1818,7 @@ static int ieee80211_scan(struct wiphy *wiphy,
1774 case NL80211_IFTYPE_ADHOC: 1818 case NL80211_IFTYPE_ADHOC:
1775 case NL80211_IFTYPE_MESH_POINT: 1819 case NL80211_IFTYPE_MESH_POINT:
1776 case NL80211_IFTYPE_P2P_CLIENT: 1820 case NL80211_IFTYPE_P2P_CLIENT:
1821 case NL80211_IFTYPE_P2P_DEVICE:
1777 break; 1822 break;
1778 case NL80211_IFTYPE_P2P_GO: 1823 case NL80211_IFTYPE_P2P_GO:
1779 if (sdata->local->ops->hw_scan) 1824 if (sdata->local->ops->hw_scan)
@@ -1926,7 +1971,7 @@ static int ieee80211_set_tx_power(struct wiphy *wiphy,
1926 enum nl80211_tx_power_setting type, int mbm) 1971 enum nl80211_tx_power_setting type, int mbm)
1927{ 1972{
1928 struct ieee80211_local *local = wiphy_priv(wiphy); 1973 struct ieee80211_local *local = wiphy_priv(wiphy);
1929 struct ieee80211_channel *chan = local->hw.conf.channel; 1974 struct ieee80211_channel *chan = local->oper_channel;
1930 u32 changes = 0; 1975 u32 changes = 0;
1931 1976
1932 switch (type) { 1977 switch (type) {
@@ -2026,9 +2071,7 @@ int __ieee80211_request_smps(struct ieee80211_sub_if_data *sdata,
2026 */ 2071 */
2027 if (!sdata->u.mgd.associated || 2072 if (!sdata->u.mgd.associated ||
2028 sdata->vif.bss_conf.channel_type == NL80211_CHAN_NO_HT) { 2073 sdata->vif.bss_conf.channel_type == NL80211_CHAN_NO_HT) {
2029 mutex_lock(&sdata->local->iflist_mtx);
2030 ieee80211_recalc_smps(sdata->local); 2074 ieee80211_recalc_smps(sdata->local);
2031 mutex_unlock(&sdata->local->iflist_mtx);
2032 return 0; 2075 return 0;
2033 } 2076 }
2034 2077
@@ -2078,6 +2121,7 @@ static int ieee80211_set_power_mgmt(struct wiphy *wiphy, struct net_device *dev,
2078 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS); 2121 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
2079 2122
2080 ieee80211_recalc_ps(local, -1); 2123 ieee80211_recalc_ps(local, -1);
2124 ieee80211_recalc_ps_vif(sdata);
2081 2125
2082 return 0; 2126 return 0;
2083} 2127}
@@ -2460,6 +2504,9 @@ static int ieee80211_mgmt_tx(struct wiphy *wiphy, struct wireless_dev *wdev,
2460 if (!sdata->u.mgd.associated) 2504 if (!sdata->u.mgd.associated)
2461 need_offchan = true; 2505 need_offchan = true;
2462 break; 2506 break;
2507 case NL80211_IFTYPE_P2P_DEVICE:
2508 need_offchan = true;
2509 break;
2463 default: 2510 default:
2464 return -EOPNOTSUPP; 2511 return -EOPNOTSUPP;
2465 } 2512 }
@@ -2652,6 +2699,7 @@ ieee80211_prep_tdls_encap_data(struct wiphy *wiphy, struct net_device *dev,
2652 u16 status_code, struct sk_buff *skb) 2699 u16 status_code, struct sk_buff *skb)
2653{ 2700{
2654 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 2701 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2702 struct ieee80211_local *local = sdata->local;
2655 struct ieee80211_tdls_data *tf; 2703 struct ieee80211_tdls_data *tf;
2656 2704
2657 tf = (void *)skb_put(skb, offsetof(struct ieee80211_tdls_data, u)); 2705 tf = (void *)skb_put(skb, offsetof(struct ieee80211_tdls_data, u));
@@ -2671,8 +2719,10 @@ ieee80211_prep_tdls_encap_data(struct wiphy *wiphy, struct net_device *dev,
2671 tf->u.setup_req.capability = 2719 tf->u.setup_req.capability =
2672 cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata)); 2720 cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata));
2673 2721
2674 ieee80211_add_srates_ie(sdata, skb, false); 2722 ieee80211_add_srates_ie(sdata, skb, false,
2675 ieee80211_add_ext_srates_ie(sdata, skb, false); 2723 local->oper_channel->band);
2724 ieee80211_add_ext_srates_ie(sdata, skb, false,
2725 local->oper_channel->band);
2676 ieee80211_tdls_add_ext_capab(skb); 2726 ieee80211_tdls_add_ext_capab(skb);
2677 break; 2727 break;
2678 case WLAN_TDLS_SETUP_RESPONSE: 2728 case WLAN_TDLS_SETUP_RESPONSE:
@@ -2685,8 +2735,10 @@ ieee80211_prep_tdls_encap_data(struct wiphy *wiphy, struct net_device *dev,
2685 tf->u.setup_resp.capability = 2735 tf->u.setup_resp.capability =
2686 cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata)); 2736 cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata));
2687 2737
2688 ieee80211_add_srates_ie(sdata, skb, false); 2738 ieee80211_add_srates_ie(sdata, skb, false,
2689 ieee80211_add_ext_srates_ie(sdata, skb, false); 2739 local->oper_channel->band);
2740 ieee80211_add_ext_srates_ie(sdata, skb, false,
2741 local->oper_channel->band);
2690 ieee80211_tdls_add_ext_capab(skb); 2742 ieee80211_tdls_add_ext_capab(skb);
2691 break; 2743 break;
2692 case WLAN_TDLS_SETUP_CONFIRM: 2744 case WLAN_TDLS_SETUP_CONFIRM:
@@ -2724,6 +2776,7 @@ ieee80211_prep_tdls_direct(struct wiphy *wiphy, struct net_device *dev,
2724 u16 status_code, struct sk_buff *skb) 2776 u16 status_code, struct sk_buff *skb)
2725{ 2777{
2726 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 2778 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2779 struct ieee80211_local *local = sdata->local;
2727 struct ieee80211_mgmt *mgmt; 2780 struct ieee80211_mgmt *mgmt;
2728 2781
2729 mgmt = (void *)skb_put(skb, 24); 2782 mgmt = (void *)skb_put(skb, 24);
@@ -2746,8 +2799,10 @@ ieee80211_prep_tdls_direct(struct wiphy *wiphy, struct net_device *dev,
2746 mgmt->u.action.u.tdls_discover_resp.capability = 2799 mgmt->u.action.u.tdls_discover_resp.capability =
2747 cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata)); 2800 cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata));
2748 2801
2749 ieee80211_add_srates_ie(sdata, skb, false); 2802 ieee80211_add_srates_ie(sdata, skb, false,
2750 ieee80211_add_ext_srates_ie(sdata, skb, false); 2803 local->oper_channel->band);
2804 ieee80211_add_ext_srates_ie(sdata, skb, false,
2805 local->oper_channel->band);
2751 ieee80211_tdls_add_ext_capab(skb); 2806 ieee80211_tdls_add_ext_capab(skb);
2752 break; 2807 break;
2753 default: 2808 default:
@@ -3004,6 +3059,8 @@ struct cfg80211_ops mac80211_config_ops = {
3004 .add_virtual_intf = ieee80211_add_iface, 3059 .add_virtual_intf = ieee80211_add_iface,
3005 .del_virtual_intf = ieee80211_del_iface, 3060 .del_virtual_intf = ieee80211_del_iface,
3006 .change_virtual_intf = ieee80211_change_iface, 3061 .change_virtual_intf = ieee80211_change_iface,
3062 .start_p2p_device = ieee80211_start_p2p_device,
3063 .stop_p2p_device = ieee80211_stop_p2p_device,
3007 .add_key = ieee80211_add_key, 3064 .add_key = ieee80211_add_key,
3008 .del_key = ieee80211_del_key, 3065 .del_key = ieee80211_del_key,
3009 .get_key = ieee80211_get_key, 3066 .get_key = ieee80211_get_key,
diff --git a/net/mac80211/chan.c b/net/mac80211/chan.c
index f0f87e5a1d35..0bfc914ddd15 100644
--- a/net/mac80211/chan.c
+++ b/net/mac80211/chan.c
@@ -68,16 +68,14 @@ ieee80211_get_channel_mode(struct ieee80211_local *local,
68 return mode; 68 return mode;
69} 69}
70 70
71bool ieee80211_set_channel_type(struct ieee80211_local *local, 71static enum nl80211_channel_type
72 struct ieee80211_sub_if_data *sdata, 72ieee80211_get_superchan(struct ieee80211_local *local,
73 enum nl80211_channel_type chantype) 73 struct ieee80211_sub_if_data *sdata)
74{ 74{
75 struct ieee80211_sub_if_data *tmp;
76 enum nl80211_channel_type superchan = NL80211_CHAN_NO_HT; 75 enum nl80211_channel_type superchan = NL80211_CHAN_NO_HT;
77 bool result; 76 struct ieee80211_sub_if_data *tmp;
78 77
79 mutex_lock(&local->iflist_mtx); 78 mutex_lock(&local->iflist_mtx);
80
81 list_for_each_entry(tmp, &local->interfaces, list) { 79 list_for_each_entry(tmp, &local->interfaces, list) {
82 if (tmp == sdata) 80 if (tmp == sdata)
83 continue; 81 continue;
@@ -103,39 +101,70 @@ bool ieee80211_set_channel_type(struct ieee80211_local *local,
103 break; 101 break;
104 } 102 }
105 } 103 }
104 mutex_unlock(&local->iflist_mtx);
106 105
107 switch (superchan) { 106 return superchan;
107}
108
109static bool
110ieee80211_channel_types_are_compatible(enum nl80211_channel_type chantype1,
111 enum nl80211_channel_type chantype2,
112 enum nl80211_channel_type *compat)
113{
114 /*
115 * start out with chantype1 being the result,
116 * overwriting later if needed
117 */
118 if (compat)
119 *compat = chantype1;
120
121 switch (chantype1) {
108 case NL80211_CHAN_NO_HT: 122 case NL80211_CHAN_NO_HT:
123 if (compat)
124 *compat = chantype2;
125 break;
109 case NL80211_CHAN_HT20: 126 case NL80211_CHAN_HT20:
110 /* 127 /*
111 * allow any change that doesn't go to no-HT 128 * allow any change that doesn't go to no-HT
112 * (if it already is no-HT no change is needed) 129 * (if it already is no-HT no change is needed)
113 */ 130 */
114 if (chantype == NL80211_CHAN_NO_HT) 131 if (chantype2 == NL80211_CHAN_NO_HT)
115 break; 132 break;
116 superchan = chantype; 133 if (compat)
134 *compat = chantype2;
117 break; 135 break;
118 case NL80211_CHAN_HT40PLUS: 136 case NL80211_CHAN_HT40PLUS:
119 case NL80211_CHAN_HT40MINUS: 137 case NL80211_CHAN_HT40MINUS:
120 /* allow smaller bandwidth and same */ 138 /* allow smaller bandwidth and same */
121 if (chantype == NL80211_CHAN_NO_HT) 139 if (chantype2 == NL80211_CHAN_NO_HT)
122 break; 140 break;
123 if (chantype == NL80211_CHAN_HT20) 141 if (chantype2 == NL80211_CHAN_HT20)
124 break; 142 break;
125 if (superchan == chantype) 143 if (chantype2 == chantype1)
126 break; 144 break;
127 result = false; 145 return false;
128 goto out;
129 } 146 }
130 147
131 local->_oper_channel_type = superchan; 148 return true;
149}
150
151bool ieee80211_set_channel_type(struct ieee80211_local *local,
152 struct ieee80211_sub_if_data *sdata,
153 enum nl80211_channel_type chantype)
154{
155 enum nl80211_channel_type superchan;
156 enum nl80211_channel_type compatchan;
157
158 superchan = ieee80211_get_superchan(local, sdata);
159 if (!ieee80211_channel_types_are_compatible(superchan, chantype,
160 &compatchan))
161 return false;
162
163 local->_oper_channel_type = compatchan;
132 164
133 if (sdata) 165 if (sdata)
134 sdata->vif.bss_conf.channel_type = chantype; 166 sdata->vif.bss_conf.channel_type = chantype;
135 167
136 result = true; 168 return true;
137 out:
138 mutex_unlock(&local->iflist_mtx);
139 169
140 return result;
141} 170}
diff --git a/net/mac80211/debugfs.c b/net/mac80211/debugfs.c
index b8dfb440c8ef..466f4b45dd94 100644
--- a/net/mac80211/debugfs.c
+++ b/net/mac80211/debugfs.c
@@ -63,8 +63,6 @@ DEBUGFS_READONLY_FILE(user_power, "%d",
63 local->user_power_level); 63 local->user_power_level);
64DEBUGFS_READONLY_FILE(power, "%d", 64DEBUGFS_READONLY_FILE(power, "%d",
65 local->hw.conf.power_level); 65 local->hw.conf.power_level);
66DEBUGFS_READONLY_FILE(frequency, "%d",
67 local->hw.conf.channel->center_freq);
68DEBUGFS_READONLY_FILE(total_ps_buffered, "%d", 66DEBUGFS_READONLY_FILE(total_ps_buffered, "%d",
69 local->total_ps_buffered); 67 local->total_ps_buffered);
70DEBUGFS_READONLY_FILE(wep_iv, "%#08x", 68DEBUGFS_READONLY_FILE(wep_iv, "%#08x",
@@ -72,6 +70,7 @@ DEBUGFS_READONLY_FILE(wep_iv, "%#08x",
72DEBUGFS_READONLY_FILE(rate_ctrl_alg, "%s", 70DEBUGFS_READONLY_FILE(rate_ctrl_alg, "%s",
73 local->rate_ctrl ? local->rate_ctrl->ops->name : "hw/driver"); 71 local->rate_ctrl ? local->rate_ctrl->ops->name : "hw/driver");
74 72
73#ifdef CONFIG_PM
75static ssize_t reset_write(struct file *file, const char __user *user_buf, 74static ssize_t reset_write(struct file *file, const char __user *user_buf,
76 size_t count, loff_t *ppos) 75 size_t count, loff_t *ppos)
77{ 76{
@@ -90,33 +89,7 @@ static const struct file_operations reset_ops = {
90 .open = simple_open, 89 .open = simple_open,
91 .llseek = noop_llseek, 90 .llseek = noop_llseek,
92}; 91};
93 92#endif
94static ssize_t channel_type_read(struct file *file, char __user *user_buf,
95 size_t count, loff_t *ppos)
96{
97 struct ieee80211_local *local = file->private_data;
98 const char *buf;
99
100 switch (local->hw.conf.channel_type) {
101 case NL80211_CHAN_NO_HT:
102 buf = "no ht\n";
103 break;
104 case NL80211_CHAN_HT20:
105 buf = "ht20\n";
106 break;
107 case NL80211_CHAN_HT40MINUS:
108 buf = "ht40-\n";
109 break;
110 case NL80211_CHAN_HT40PLUS:
111 buf = "ht40+\n";
112 break;
113 default:
114 buf = "???";
115 break;
116 }
117
118 return simple_read_from_buffer(user_buf, count, ppos, buf, strlen(buf));
119}
120 93
121static ssize_t hwflags_read(struct file *file, char __user *user_buf, 94static ssize_t hwflags_read(struct file *file, char __user *user_buf,
122 size_t count, loff_t *ppos) 95 size_t count, loff_t *ppos)
@@ -205,7 +178,6 @@ static ssize_t queues_read(struct file *file, char __user *user_buf,
205} 178}
206 179
207DEBUGFS_READONLY_FILE_OPS(hwflags); 180DEBUGFS_READONLY_FILE_OPS(hwflags);
208DEBUGFS_READONLY_FILE_OPS(channel_type);
209DEBUGFS_READONLY_FILE_OPS(queues); 181DEBUGFS_READONLY_FILE_OPS(queues);
210 182
211/* statistics stuff */ 183/* statistics stuff */
@@ -272,12 +244,12 @@ void debugfs_hw_add(struct ieee80211_local *local)
272 244
273 local->debugfs.keys = debugfs_create_dir("keys", phyd); 245 local->debugfs.keys = debugfs_create_dir("keys", phyd);
274 246
275 DEBUGFS_ADD(frequency);
276 DEBUGFS_ADD(total_ps_buffered); 247 DEBUGFS_ADD(total_ps_buffered);
277 DEBUGFS_ADD(wep_iv); 248 DEBUGFS_ADD(wep_iv);
278 DEBUGFS_ADD(queues); 249 DEBUGFS_ADD(queues);
250#ifdef CONFIG_PM
279 DEBUGFS_ADD_MODE(reset, 0200); 251 DEBUGFS_ADD_MODE(reset, 0200);
280 DEBUGFS_ADD(channel_type); 252#endif
281 DEBUGFS_ADD(hwflags); 253 DEBUGFS_ADD(hwflags);
282 DEBUGFS_ADD(user_power); 254 DEBUGFS_ADD(user_power);
283 DEBUGFS_ADD(power); 255 DEBUGFS_ADD(power);
diff --git a/net/mac80211/driver-ops.h b/net/mac80211/driver-ops.h
index df9203199102..da9003b20004 100644
--- a/net/mac80211/driver-ops.h
+++ b/net/mac80211/driver-ops.h
@@ -9,7 +9,7 @@ static inline void check_sdata_in_driver(struct ieee80211_sub_if_data *sdata)
9{ 9{
10 WARN(!(sdata->flags & IEEE80211_SDATA_IN_DRIVER), 10 WARN(!(sdata->flags & IEEE80211_SDATA_IN_DRIVER),
11 "%s: Failed check-sdata-in-driver check, flags: 0x%x\n", 11 "%s: Failed check-sdata-in-driver check, flags: 0x%x\n",
12 sdata->dev->name, sdata->flags); 12 sdata->dev ? sdata->dev->name : sdata->name, sdata->flags);
13} 13}
14 14
15static inline struct ieee80211_sub_if_data * 15static inline struct ieee80211_sub_if_data *
@@ -22,9 +22,11 @@ get_bss_sdata(struct ieee80211_sub_if_data *sdata)
22 return sdata; 22 return sdata;
23} 23}
24 24
25static inline void drv_tx(struct ieee80211_local *local, struct sk_buff *skb) 25static inline void drv_tx(struct ieee80211_local *local,
26 struct ieee80211_tx_control *control,
27 struct sk_buff *skb)
26{ 28{
27 local->ops->tx(&local->hw, skb); 29 local->ops->tx(&local->hw, control, skb);
28} 30}
29 31
30static inline void drv_get_et_strings(struct ieee80211_sub_if_data *sdata, 32static inline void drv_get_et_strings(struct ieee80211_sub_if_data *sdata,
@@ -526,6 +528,9 @@ static inline void drv_sta_rc_update(struct ieee80211_local *local,
526 sdata = get_bss_sdata(sdata); 528 sdata = get_bss_sdata(sdata);
527 check_sdata_in_driver(sdata); 529 check_sdata_in_driver(sdata);
528 530
531 WARN_ON(changed & IEEE80211_RC_SUPP_RATES_CHANGED &&
532 sdata->vif.type != NL80211_IFTYPE_ADHOC);
533
529 trace_drv_sta_rc_update(local, sdata, sta, changed); 534 trace_drv_sta_rc_update(local, sdata, sta, changed);
530 if (local->ops->sta_rc_update) 535 if (local->ops->sta_rc_update)
531 local->ops->sta_rc_update(&local->hw, &sdata->vif, 536 local->ops->sta_rc_update(&local->hw, &sdata->vif,
diff --git a/net/mac80211/ibss.c b/net/mac80211/ibss.c
index 5746d62faba1..5f3620f0bc0a 100644
--- a/net/mac80211/ibss.c
+++ b/net/mac80211/ibss.c
@@ -109,7 +109,7 @@ static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
109 memset(mgmt, 0, 24 + sizeof(mgmt->u.beacon)); 109 memset(mgmt, 0, 24 + sizeof(mgmt->u.beacon));
110 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 110 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
111 IEEE80211_STYPE_PROBE_RESP); 111 IEEE80211_STYPE_PROBE_RESP);
112 memset(mgmt->da, 0xff, ETH_ALEN); 112 eth_broadcast_addr(mgmt->da);
113 memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN); 113 memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN);
114 memcpy(mgmt->bssid, ifibss->bssid, ETH_ALEN); 114 memcpy(mgmt->bssid, ifibss->bssid, ETH_ALEN);
115 mgmt->u.beacon.beacon_int = cpu_to_le16(beacon_int); 115 mgmt->u.beacon.beacon_int = cpu_to_le16(beacon_int);
@@ -205,7 +205,7 @@ static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
205 mod_timer(&ifibss->timer, 205 mod_timer(&ifibss->timer,
206 round_jiffies(jiffies + IEEE80211_IBSS_MERGE_INTERVAL)); 206 round_jiffies(jiffies + IEEE80211_IBSS_MERGE_INTERVAL));
207 207
208 bss = cfg80211_inform_bss_frame(local->hw.wiphy, local->hw.conf.channel, 208 bss = cfg80211_inform_bss_frame(local->hw.wiphy, chan,
209 mgmt, skb->len, 0, GFP_KERNEL); 209 mgmt, skb->len, 0, GFP_KERNEL);
210 cfg80211_put_bss(bss); 210 cfg80211_put_bss(bss);
211 netif_carrier_on(sdata->dev); 211 netif_carrier_on(sdata->dev);
@@ -278,7 +278,7 @@ static struct sta_info *ieee80211_ibss_finish_sta(struct sta_info *sta,
278 if (auth && !sdata->u.ibss.auth_frame_registrations) { 278 if (auth && !sdata->u.ibss.auth_frame_registrations) {
279 ibss_dbg(sdata, 279 ibss_dbg(sdata,
280 "TX Auth SA=%pM DA=%pM BSSID=%pM (auth_transaction=1)\n", 280 "TX Auth SA=%pM DA=%pM BSSID=%pM (auth_transaction=1)\n",
281 sdata->vif.addr, sdata->u.ibss.bssid, addr); 281 sdata->vif.addr, addr, sdata->u.ibss.bssid);
282 ieee80211_send_auth(sdata, 1, WLAN_AUTH_OPEN, NULL, 0, 282 ieee80211_send_auth(sdata, 1, WLAN_AUTH_OPEN, NULL, 0,
283 addr, sdata->u.ibss.bssid, NULL, 0, 0); 283 addr, sdata->u.ibss.bssid, NULL, 0, 0);
284 } 284 }
@@ -294,7 +294,7 @@ ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata,
294 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 294 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
295 struct ieee80211_local *local = sdata->local; 295 struct ieee80211_local *local = sdata->local;
296 struct sta_info *sta; 296 struct sta_info *sta;
297 int band = local->hw.conf.channel->band; 297 int band = local->oper_channel->band;
298 298
299 /* 299 /*
300 * XXX: Consider removing the least recently used entry and 300 * XXX: Consider removing the least recently used entry and
@@ -332,11 +332,27 @@ ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata,
332 return ieee80211_ibss_finish_sta(sta, auth); 332 return ieee80211_ibss_finish_sta(sta, auth);
333} 333}
334 334
335static void ieee80211_rx_mgmt_deauth_ibss(struct ieee80211_sub_if_data *sdata,
336 struct ieee80211_mgmt *mgmt,
337 size_t len)
338{
339 u16 reason = le16_to_cpu(mgmt->u.deauth.reason_code);
340
341 if (len < IEEE80211_DEAUTH_FRAME_LEN)
342 return;
343
344 ibss_dbg(sdata, "RX DeAuth SA=%pM DA=%pM BSSID=%pM (reason: %d)\n",
345 mgmt->sa, mgmt->da, mgmt->bssid, reason);
346 sta_info_destroy_addr(sdata, mgmt->sa);
347}
348
335static void ieee80211_rx_mgmt_auth_ibss(struct ieee80211_sub_if_data *sdata, 349static void ieee80211_rx_mgmt_auth_ibss(struct ieee80211_sub_if_data *sdata,
336 struct ieee80211_mgmt *mgmt, 350 struct ieee80211_mgmt *mgmt,
337 size_t len) 351 size_t len)
338{ 352{
339 u16 auth_alg, auth_transaction; 353 u16 auth_alg, auth_transaction;
354 struct sta_info *sta;
355 u8 deauth_frame_buf[IEEE80211_DEAUTH_FRAME_LEN];
340 356
341 lockdep_assert_held(&sdata->u.ibss.mtx); 357 lockdep_assert_held(&sdata->u.ibss.mtx);
342 358
@@ -352,10 +368,22 @@ static void ieee80211_rx_mgmt_auth_ibss(struct ieee80211_sub_if_data *sdata,
352 "RX Auth SA=%pM DA=%pM BSSID=%pM (auth_transaction=%d)\n", 368 "RX Auth SA=%pM DA=%pM BSSID=%pM (auth_transaction=%d)\n",
353 mgmt->sa, mgmt->da, mgmt->bssid, auth_transaction); 369 mgmt->sa, mgmt->da, mgmt->bssid, auth_transaction);
354 sta_info_destroy_addr(sdata, mgmt->sa); 370 sta_info_destroy_addr(sdata, mgmt->sa);
355 ieee80211_ibss_add_sta(sdata, mgmt->bssid, mgmt->sa, 0, false); 371 sta = ieee80211_ibss_add_sta(sdata, mgmt->bssid, mgmt->sa, 0, false);
356 rcu_read_unlock(); 372 rcu_read_unlock();
357 373
358 /* 374 /*
375 * if we have any problem in allocating the new station, we reply with a
376 * DEAUTH frame to tell the other end that we had a problem
377 */
378 if (!sta) {
379 ieee80211_send_deauth_disassoc(sdata, sdata->u.ibss.bssid,
380 IEEE80211_STYPE_DEAUTH,
381 WLAN_REASON_UNSPECIFIED, true,
382 deauth_frame_buf);
383 return;
384 }
385
386 /*
359 * IEEE 802.11 standard does not require authentication in IBSS 387 * IEEE 802.11 standard does not require authentication in IBSS
360 * networks and most implementations do not seem to use it. 388 * networks and most implementations do not seem to use it.
361 * However, try to reply to authentication attempts if someone 389 * However, try to reply to authentication attempts if someone
@@ -459,8 +487,11 @@ static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
459 } 487 }
460 } 488 }
461 489
462 if (sta && rates_updated) 490 if (sta && rates_updated) {
491 drv_sta_rc_update(local, sdata, &sta->sta,
492 IEEE80211_RC_SUPP_RATES_CHANGED);
463 rate_control_rate_init(sta); 493 rate_control_rate_init(sta);
494 }
464 495
465 rcu_read_unlock(); 496 rcu_read_unlock();
466 } 497 }
@@ -561,7 +592,7 @@ void ieee80211_ibss_rx_no_sta(struct ieee80211_sub_if_data *sdata,
561 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 592 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
562 struct ieee80211_local *local = sdata->local; 593 struct ieee80211_local *local = sdata->local;
563 struct sta_info *sta; 594 struct sta_info *sta;
564 int band = local->hw.conf.channel->band; 595 int band = local->oper_channel->band;
565 596
566 /* 597 /*
567 * XXX: Consider removing the least recently used entry and 598 * XXX: Consider removing the least recently used entry and
@@ -759,7 +790,7 @@ static void ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata)
759 return; 790 return;
760 } 791 }
761 sdata_info(sdata, "IBSS not allowed on %d MHz\n", 792 sdata_info(sdata, "IBSS not allowed on %d MHz\n",
762 local->hw.conf.channel->center_freq); 793 local->oper_channel->center_freq);
763 794
764 /* No IBSS found - decrease scan interval and continue 795 /* No IBSS found - decrease scan interval and continue
765 * scanning. */ 796 * scanning. */
@@ -899,6 +930,9 @@ void ieee80211_ibss_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
899 case IEEE80211_STYPE_AUTH: 930 case IEEE80211_STYPE_AUTH:
900 ieee80211_rx_mgmt_auth_ibss(sdata, mgmt, skb->len); 931 ieee80211_rx_mgmt_auth_ibss(sdata, mgmt, skb->len);
901 break; 932 break;
933 case IEEE80211_STYPE_DEAUTH:
934 ieee80211_rx_mgmt_deauth_ibss(sdata, mgmt, skb->len);
935 break;
902 } 936 }
903 937
904 mgmt_out: 938 mgmt_out:
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h
index bb61f7718c4c..8c804550465b 100644
--- a/net/mac80211/ieee80211_i.h
+++ b/net/mac80211/ieee80211_i.h
@@ -68,6 +68,8 @@ struct ieee80211_local;
68#define IEEE80211_DEFAULT_MAX_SP_LEN \ 68#define IEEE80211_DEFAULT_MAX_SP_LEN \
69 IEEE80211_WMM_IE_STA_QOSINFO_SP_ALL 69 IEEE80211_WMM_IE_STA_QOSINFO_SP_ALL
70 70
71#define IEEE80211_DEAUTH_FRAME_LEN (24 /* hdr */ + 2 /* reason */)
72
71struct ieee80211_fragment_entry { 73struct ieee80211_fragment_entry {
72 unsigned long first_frag_time; 74 unsigned long first_frag_time;
73 unsigned int seq; 75 unsigned int seq;
@@ -193,8 +195,6 @@ struct ieee80211_tx_data {
193 struct sta_info *sta; 195 struct sta_info *sta;
194 struct ieee80211_key *key; 196 struct ieee80211_key *key;
195 197
196 struct ieee80211_channel *channel;
197
198 unsigned int flags; 198 unsigned int flags;
199}; 199};
200 200
@@ -274,9 +274,15 @@ struct beacon_data {
274 struct rcu_head rcu_head; 274 struct rcu_head rcu_head;
275}; 275};
276 276
277struct probe_resp {
278 struct rcu_head rcu_head;
279 int len;
280 u8 data[0];
281};
282
277struct ieee80211_if_ap { 283struct ieee80211_if_ap {
278 struct beacon_data __rcu *beacon; 284 struct beacon_data __rcu *beacon;
279 struct sk_buff __rcu *probe_resp; 285 struct probe_resp __rcu *probe_resp;
280 286
281 struct list_head vlans; 287 struct list_head vlans;
282 288
@@ -359,6 +365,7 @@ enum ieee80211_sta_flags {
359 IEEE80211_STA_NULLFUNC_ACKED = BIT(8), 365 IEEE80211_STA_NULLFUNC_ACKED = BIT(8),
360 IEEE80211_STA_RESET_SIGNAL_AVE = BIT(9), 366 IEEE80211_STA_RESET_SIGNAL_AVE = BIT(9),
361 IEEE80211_STA_DISABLE_40MHZ = BIT(10), 367 IEEE80211_STA_DISABLE_40MHZ = BIT(10),
368 IEEE80211_STA_DISABLE_VHT = BIT(11),
362}; 369};
363 370
364struct ieee80211_mgd_auth_data { 371struct ieee80211_mgd_auth_data {
@@ -406,6 +413,7 @@ struct ieee80211_if_managed {
406 struct work_struct monitor_work; 413 struct work_struct monitor_work;
407 struct work_struct chswitch_work; 414 struct work_struct chswitch_work;
408 struct work_struct beacon_connection_loss_work; 415 struct work_struct beacon_connection_loss_work;
416 struct work_struct csa_connection_drop_work;
409 417
410 unsigned long beacon_timeout; 418 unsigned long beacon_timeout;
411 unsigned long probe_timeout; 419 unsigned long probe_timeout;
@@ -965,7 +973,6 @@ struct ieee80211_local {
965 int scan_channel_idx; 973 int scan_channel_idx;
966 int scan_ies_len; 974 int scan_ies_len;
967 975
968 struct ieee80211_sched_scan_ies sched_scan_ies;
969 struct work_struct sched_scan_stopped_work; 976 struct work_struct sched_scan_stopped_work;
970 struct ieee80211_sub_if_data __rcu *sched_scan_sdata; 977 struct ieee80211_sub_if_data __rcu *sched_scan_sdata;
971 978
@@ -1052,7 +1059,7 @@ struct ieee80211_local {
1052 bool disable_dynamic_ps; 1059 bool disable_dynamic_ps;
1053 1060
1054 int user_power_level; /* in dBm */ 1061 int user_power_level; /* in dBm */
1055 int power_constr_level; /* in dBm */ 1062 int ap_power_level; /* in dBm */
1056 1063
1057 enum ieee80211_smps_mode smps_mode; 1064 enum ieee80211_smps_mode smps_mode;
1058 1065
@@ -1075,6 +1082,8 @@ struct ieee80211_local {
1075 struct idr ack_status_frames; 1082 struct idr ack_status_frames;
1076 spinlock_t ack_status_lock; 1083 spinlock_t ack_status_lock;
1077 1084
1085 struct ieee80211_sub_if_data __rcu *p2p_sdata;
1086
1078 /* dummy netdev for use w/ NAPI */ 1087 /* dummy netdev for use w/ NAPI */
1079 struct net_device napi_dev; 1088 struct net_device napi_dev;
1080 1089
@@ -1131,7 +1140,7 @@ struct ieee802_11_elems {
1131 u8 *prep; 1140 u8 *prep;
1132 u8 *perr; 1141 u8 *perr;
1133 struct ieee80211_rann_ie *rann; 1142 struct ieee80211_rann_ie *rann;
1134 u8 *ch_switch_elem; 1143 struct ieee80211_channel_sw_ie *ch_switch_ie;
1135 u8 *country_elem; 1144 u8 *country_elem;
1136 u8 *pwr_constr_elem; 1145 u8 *pwr_constr_elem;
1137 u8 *quiet_elem; /* first quite element */ 1146 u8 *quiet_elem; /* first quite element */
@@ -1157,9 +1166,7 @@ struct ieee802_11_elems {
1157 u8 preq_len; 1166 u8 preq_len;
1158 u8 prep_len; 1167 u8 prep_len;
1159 u8 perr_len; 1168 u8 perr_len;
1160 u8 ch_switch_elem_len;
1161 u8 country_elem_len; 1169 u8 country_elem_len;
1162 u8 pwr_constr_elem_len;
1163 u8 quiet_elem_len; 1170 u8 quiet_elem_len;
1164 u8 num_of_quiet_elem; /* can be more the one */ 1171 u8 num_of_quiet_elem; /* can be more the one */
1165 u8 timeout_int_len; 1172 u8 timeout_int_len;
@@ -1202,6 +1209,7 @@ int ieee80211_mgd_disassoc(struct ieee80211_sub_if_data *sdata,
1202void ieee80211_send_pspoll(struct ieee80211_local *local, 1209void ieee80211_send_pspoll(struct ieee80211_local *local,
1203 struct ieee80211_sub_if_data *sdata); 1210 struct ieee80211_sub_if_data *sdata);
1204void ieee80211_recalc_ps(struct ieee80211_local *local, s32 latency); 1211void ieee80211_recalc_ps(struct ieee80211_local *local, s32 latency);
1212void ieee80211_recalc_ps_vif(struct ieee80211_sub_if_data *sdata);
1205int ieee80211_max_network_latency(struct notifier_block *nb, 1213int ieee80211_max_network_latency(struct notifier_block *nb,
1206 unsigned long data, void *dummy); 1214 unsigned long data, void *dummy);
1207int ieee80211_set_arp_filter(struct ieee80211_sub_if_data *sdata); 1215int ieee80211_set_arp_filter(struct ieee80211_sub_if_data *sdata);
@@ -1291,6 +1299,8 @@ void ieee80211_remove_interfaces(struct ieee80211_local *local);
1291void ieee80211_recalc_idle(struct ieee80211_local *local); 1299void ieee80211_recalc_idle(struct ieee80211_local *local);
1292void ieee80211_adjust_monitor_flags(struct ieee80211_sub_if_data *sdata, 1300void ieee80211_adjust_monitor_flags(struct ieee80211_sub_if_data *sdata,
1293 const int offset); 1301 const int offset);
1302int ieee80211_do_open(struct wireless_dev *wdev, bool coming_up);
1303void ieee80211_sdata_stop(struct ieee80211_sub_if_data *sdata);
1294 1304
1295static inline bool ieee80211_sdata_running(struct ieee80211_sub_if_data *sdata) 1305static inline bool ieee80211_sdata_running(struct ieee80211_sub_if_data *sdata)
1296{ 1306{
@@ -1358,7 +1368,6 @@ void ieee80211_process_measurement_req(struct ieee80211_sub_if_data *sdata,
1358int ieee80211_reconfig(struct ieee80211_local *local); 1368int ieee80211_reconfig(struct ieee80211_local *local);
1359void ieee80211_stop_device(struct ieee80211_local *local); 1369void ieee80211_stop_device(struct ieee80211_local *local);
1360 1370
1361#ifdef CONFIG_PM
1362int __ieee80211_suspend(struct ieee80211_hw *hw, 1371int __ieee80211_suspend(struct ieee80211_hw *hw,
1363 struct cfg80211_wowlan *wowlan); 1372 struct cfg80211_wowlan *wowlan);
1364 1373
@@ -1372,18 +1381,6 @@ static inline int __ieee80211_resume(struct ieee80211_hw *hw)
1372 1381
1373 return ieee80211_reconfig(hw_to_local(hw)); 1382 return ieee80211_reconfig(hw_to_local(hw));
1374} 1383}
1375#else
1376static inline int __ieee80211_suspend(struct ieee80211_hw *hw,
1377 struct cfg80211_wowlan *wowlan)
1378{
1379 return 0;
1380}
1381
1382static inline int __ieee80211_resume(struct ieee80211_hw *hw)
1383{
1384 return 0;
1385}
1386#endif
1387 1384
1388/* utility functions/constants */ 1385/* utility functions/constants */
1389extern void *mac80211_wiphy_privid; /* for wiphy privid */ 1386extern void *mac80211_wiphy_privid; /* for wiphy privid */
@@ -1425,7 +1422,6 @@ void ieee80211_sta_rx_notify(struct ieee80211_sub_if_data *sdata,
1425 struct ieee80211_hdr *hdr); 1422 struct ieee80211_hdr *hdr);
1426void ieee80211_sta_tx_notify(struct ieee80211_sub_if_data *sdata, 1423void ieee80211_sta_tx_notify(struct ieee80211_sub_if_data *sdata,
1427 struct ieee80211_hdr *hdr, bool ack); 1424 struct ieee80211_hdr *hdr, bool ack);
1428void ieee80211_beacon_connection_loss_work(struct work_struct *work);
1429 1425
1430void ieee80211_wake_queues_by_reason(struct ieee80211_hw *hw, 1426void ieee80211_wake_queues_by_reason(struct ieee80211_hw *hw,
1431 enum queue_stop_reason reason); 1427 enum queue_stop_reason reason);
@@ -1451,19 +1447,24 @@ void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata,
1451 u16 transaction, u16 auth_alg, 1447 u16 transaction, u16 auth_alg,
1452 u8 *extra, size_t extra_len, const u8 *bssid, 1448 u8 *extra, size_t extra_len, const u8 *bssid,
1453 const u8 *da, const u8 *key, u8 key_len, u8 key_idx); 1449 const u8 *da, const u8 *key, u8 key_len, u8 key_idx);
1450void ieee80211_send_deauth_disassoc(struct ieee80211_sub_if_data *sdata,
1451 const u8 *bssid, u16 stype, u16 reason,
1452 bool send_frame, u8 *frame_buf);
1454int ieee80211_build_preq_ies(struct ieee80211_local *local, u8 *buffer, 1453int ieee80211_build_preq_ies(struct ieee80211_local *local, u8 *buffer,
1455 const u8 *ie, size_t ie_len, 1454 const u8 *ie, size_t ie_len,
1456 enum ieee80211_band band, u32 rate_mask, 1455 enum ieee80211_band band, u32 rate_mask,
1457 u8 channel); 1456 u8 channel);
1458struct sk_buff *ieee80211_build_probe_req(struct ieee80211_sub_if_data *sdata, 1457struct sk_buff *ieee80211_build_probe_req(struct ieee80211_sub_if_data *sdata,
1459 u8 *dst, u32 ratemask, 1458 u8 *dst, u32 ratemask,
1459 struct ieee80211_channel *chan,
1460 const u8 *ssid, size_t ssid_len, 1460 const u8 *ssid, size_t ssid_len,
1461 const u8 *ie, size_t ie_len, 1461 const u8 *ie, size_t ie_len,
1462 bool directed); 1462 bool directed);
1463void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst, 1463void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
1464 const u8 *ssid, size_t ssid_len, 1464 const u8 *ssid, size_t ssid_len,
1465 const u8 *ie, size_t ie_len, 1465 const u8 *ie, size_t ie_len,
1466 u32 ratemask, bool directed, bool no_cck); 1466 u32 ratemask, bool directed, bool no_cck,
1467 struct ieee80211_channel *channel);
1467 1468
1468void ieee80211_sta_def_wmm_params(struct ieee80211_sub_if_data *sdata, 1469void ieee80211_sta_def_wmm_params(struct ieee80211_sub_if_data *sdata,
1469 const size_t supp_rates_len, 1470 const size_t supp_rates_len,
@@ -1487,9 +1488,11 @@ u8 *ieee80211_ie_build_ht_oper(u8 *pos, struct ieee80211_sta_ht_cap *ht_cap,
1487u8 *ieee80211_ie_build_vht_cap(u8 *pos, struct ieee80211_sta_vht_cap *vht_cap, 1488u8 *ieee80211_ie_build_vht_cap(u8 *pos, struct ieee80211_sta_vht_cap *vht_cap,
1488 u32 cap); 1489 u32 cap);
1489int ieee80211_add_srates_ie(struct ieee80211_sub_if_data *sdata, 1490int ieee80211_add_srates_ie(struct ieee80211_sub_if_data *sdata,
1490 struct sk_buff *skb, bool need_basic); 1491 struct sk_buff *skb, bool need_basic,
1492 enum ieee80211_band band);
1491int ieee80211_add_ext_srates_ie(struct ieee80211_sub_if_data *sdata, 1493int ieee80211_add_ext_srates_ie(struct ieee80211_sub_if_data *sdata,
1492 struct sk_buff *skb, bool need_basic); 1494 struct sk_buff *skb, bool need_basic,
1495 enum ieee80211_band band);
1493 1496
1494/* channel management */ 1497/* channel management */
1495enum ieee80211_chan_mode { 1498enum ieee80211_chan_mode {
diff --git a/net/mac80211/iface.c b/net/mac80211/iface.c
index bfb57dcc1538..6f8a73c64fb3 100644
--- a/net/mac80211/iface.c
+++ b/net/mac80211/iface.c
@@ -100,6 +100,10 @@ static u32 __ieee80211_recalc_idle(struct ieee80211_local *local)
100 sdata->vif.bss_conf.idle = true; 100 sdata->vif.bss_conf.idle = true;
101 continue; 101 continue;
102 } 102 }
103
104 if (sdata->vif.type == NL80211_IFTYPE_P2P_DEVICE)
105 continue;
106
103 /* count everything else */ 107 /* count everything else */
104 sdata->vif.bss_conf.idle = false; 108 sdata->vif.bss_conf.idle = false;
105 count++; 109 count++;
@@ -121,7 +125,8 @@ static u32 __ieee80211_recalc_idle(struct ieee80211_local *local)
121 125
122 list_for_each_entry(sdata, &local->interfaces, list) { 126 list_for_each_entry(sdata, &local->interfaces, list) {
123 if (sdata->vif.type == NL80211_IFTYPE_MONITOR || 127 if (sdata->vif.type == NL80211_IFTYPE_MONITOR ||
124 sdata->vif.type == NL80211_IFTYPE_AP_VLAN) 128 sdata->vif.type == NL80211_IFTYPE_AP_VLAN ||
129 sdata->vif.type == NL80211_IFTYPE_P2P_DEVICE)
125 continue; 130 continue;
126 if (sdata->old_idle == sdata->vif.bss_conf.idle) 131 if (sdata->old_idle == sdata->vif.bss_conf.idle)
127 continue; 132 continue;
@@ -204,6 +209,8 @@ static inline int identical_mac_addr_allowed(int type1, int type2)
204{ 209{
205 return type1 == NL80211_IFTYPE_MONITOR || 210 return type1 == NL80211_IFTYPE_MONITOR ||
206 type2 == NL80211_IFTYPE_MONITOR || 211 type2 == NL80211_IFTYPE_MONITOR ||
212 type1 == NL80211_IFTYPE_P2P_DEVICE ||
213 type2 == NL80211_IFTYPE_P2P_DEVICE ||
207 (type1 == NL80211_IFTYPE_AP && type2 == NL80211_IFTYPE_WDS) || 214 (type1 == NL80211_IFTYPE_AP && type2 == NL80211_IFTYPE_WDS) ||
208 (type1 == NL80211_IFTYPE_WDS && 215 (type1 == NL80211_IFTYPE_WDS &&
209 (type2 == NL80211_IFTYPE_WDS || 216 (type2 == NL80211_IFTYPE_WDS ||
@@ -271,13 +278,15 @@ static int ieee80211_check_queues(struct ieee80211_sub_if_data *sdata)
271 int n_queues = sdata->local->hw.queues; 278 int n_queues = sdata->local->hw.queues;
272 int i; 279 int i;
273 280
274 for (i = 0; i < IEEE80211_NUM_ACS; i++) { 281 if (sdata->vif.type != NL80211_IFTYPE_P2P_DEVICE) {
275 if (WARN_ON_ONCE(sdata->vif.hw_queue[i] == 282 for (i = 0; i < IEEE80211_NUM_ACS; i++) {
276 IEEE80211_INVAL_HW_QUEUE)) 283 if (WARN_ON_ONCE(sdata->vif.hw_queue[i] ==
277 return -EINVAL; 284 IEEE80211_INVAL_HW_QUEUE))
278 if (WARN_ON_ONCE(sdata->vif.hw_queue[i] >= 285 return -EINVAL;
279 n_queues)) 286 if (WARN_ON_ONCE(sdata->vif.hw_queue[i] >=
280 return -EINVAL; 287 n_queues))
288 return -EINVAL;
289 }
281 } 290 }
282 291
283 if ((sdata->vif.type != NL80211_IFTYPE_AP) || 292 if ((sdata->vif.type != NL80211_IFTYPE_AP) ||
@@ -406,9 +415,10 @@ static void ieee80211_del_virtual_monitor(struct ieee80211_local *local)
406 * an error on interface type changes that have been pre-checked, so most 415 * an error on interface type changes that have been pre-checked, so most
407 * checks should be in ieee80211_check_concurrent_iface. 416 * checks should be in ieee80211_check_concurrent_iface.
408 */ 417 */
409static int ieee80211_do_open(struct net_device *dev, bool coming_up) 418int ieee80211_do_open(struct wireless_dev *wdev, bool coming_up)
410{ 419{
411 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 420 struct ieee80211_sub_if_data *sdata = IEEE80211_WDEV_TO_SUB_IF(wdev);
421 struct net_device *dev = wdev->netdev;
412 struct ieee80211_local *local = sdata->local; 422 struct ieee80211_local *local = sdata->local;
413 struct sta_info *sta; 423 struct sta_info *sta;
414 u32 changed = 0; 424 u32 changed = 0;
@@ -443,6 +453,7 @@ static int ieee80211_do_open(struct net_device *dev, bool coming_up)
443 case NL80211_IFTYPE_STATION: 453 case NL80211_IFTYPE_STATION:
444 case NL80211_IFTYPE_MONITOR: 454 case NL80211_IFTYPE_MONITOR:
445 case NL80211_IFTYPE_ADHOC: 455 case NL80211_IFTYPE_ADHOC:
456 case NL80211_IFTYPE_P2P_DEVICE:
446 /* no special treatment */ 457 /* no special treatment */
447 break; 458 break;
448 case NL80211_IFTYPE_UNSPECIFIED: 459 case NL80211_IFTYPE_UNSPECIFIED:
@@ -471,7 +482,7 @@ static int ieee80211_do_open(struct net_device *dev, bool coming_up)
471 * Copy the hopefully now-present MAC address to 482 * Copy the hopefully now-present MAC address to
472 * this interface, if it has the special null one. 483 * this interface, if it has the special null one.
473 */ 484 */
474 if (is_zero_ether_addr(dev->dev_addr)) { 485 if (dev && is_zero_ether_addr(dev->dev_addr)) {
475 memcpy(dev->dev_addr, 486 memcpy(dev->dev_addr,
476 local->hw.wiphy->perm_addr, 487 local->hw.wiphy->perm_addr,
477 ETH_ALEN); 488 ETH_ALEN);
@@ -536,15 +547,23 @@ static int ieee80211_do_open(struct net_device *dev, bool coming_up)
536 local->fif_probe_req++; 547 local->fif_probe_req++;
537 } 548 }
538 549
539 changed |= ieee80211_reset_erp_info(sdata); 550 if (sdata->vif.type != NL80211_IFTYPE_P2P_DEVICE)
551 changed |= ieee80211_reset_erp_info(sdata);
540 ieee80211_bss_info_change_notify(sdata, changed); 552 ieee80211_bss_info_change_notify(sdata, changed);
541 553
542 if (sdata->vif.type == NL80211_IFTYPE_STATION || 554 switch (sdata->vif.type) {
543 sdata->vif.type == NL80211_IFTYPE_ADHOC || 555 case NL80211_IFTYPE_STATION:
544 sdata->vif.type == NL80211_IFTYPE_AP) 556 case NL80211_IFTYPE_ADHOC:
557 case NL80211_IFTYPE_AP:
558 case NL80211_IFTYPE_MESH_POINT:
545 netif_carrier_off(dev); 559 netif_carrier_off(dev);
546 else 560 break;
561 case NL80211_IFTYPE_WDS:
562 case NL80211_IFTYPE_P2P_DEVICE:
563 break;
564 default:
547 netif_carrier_on(dev); 565 netif_carrier_on(dev);
566 }
548 567
549 /* 568 /*
550 * set default queue parameters so drivers don't 569 * set default queue parameters so drivers don't
@@ -576,6 +595,9 @@ static int ieee80211_do_open(struct net_device *dev, bool coming_up)
576 } 595 }
577 596
578 rate_control_rate_init(sta); 597 rate_control_rate_init(sta);
598 netif_carrier_on(dev);
599 } else if (sdata->vif.type == NL80211_IFTYPE_P2P_DEVICE) {
600 rcu_assign_pointer(local->p2p_sdata, sdata);
579 } 601 }
580 602
581 /* 603 /*
@@ -601,7 +623,8 @@ static int ieee80211_do_open(struct net_device *dev, bool coming_up)
601 623
602 ieee80211_recalc_ps(local, -1); 624 ieee80211_recalc_ps(local, -1);
603 625
604 netif_tx_start_all_queues(dev); 626 if (dev)
627 netif_tx_start_all_queues(dev);
605 628
606 return 0; 629 return 0;
607 err_del_interface: 630 err_del_interface:
@@ -631,7 +654,7 @@ static int ieee80211_open(struct net_device *dev)
631 if (err) 654 if (err)
632 return err; 655 return err;
633 656
634 return ieee80211_do_open(dev, true); 657 return ieee80211_do_open(&sdata->wdev, true);
635} 658}
636 659
637static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata, 660static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata,
@@ -652,7 +675,8 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata,
652 /* 675 /*
653 * Stop TX on this interface first. 676 * Stop TX on this interface first.
654 */ 677 */
655 netif_tx_stop_all_queues(sdata->dev); 678 if (sdata->dev)
679 netif_tx_stop_all_queues(sdata->dev);
656 680
657 ieee80211_roc_purge(sdata); 681 ieee80211_roc_purge(sdata);
658 682
@@ -691,14 +715,16 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata,
691 local->fif_probe_req--; 715 local->fif_probe_req--;
692 } 716 }
693 717
694 netif_addr_lock_bh(sdata->dev); 718 if (sdata->dev) {
695 spin_lock_bh(&local->filter_lock); 719 netif_addr_lock_bh(sdata->dev);
696 __hw_addr_unsync(&local->mc_list, &sdata->dev->mc, 720 spin_lock_bh(&local->filter_lock);
697 sdata->dev->addr_len); 721 __hw_addr_unsync(&local->mc_list, &sdata->dev->mc,
698 spin_unlock_bh(&local->filter_lock); 722 sdata->dev->addr_len);
699 netif_addr_unlock_bh(sdata->dev); 723 spin_unlock_bh(&local->filter_lock);
724 netif_addr_unlock_bh(sdata->dev);
700 725
701 ieee80211_configure_filter(local); 726 ieee80211_configure_filter(local);
727 }
702 728
703 del_timer_sync(&local->dynamic_ps_timer); 729 del_timer_sync(&local->dynamic_ps_timer);
704 cancel_work_sync(&local->dynamic_ps_enable_work); 730 cancel_work_sync(&local->dynamic_ps_enable_work);
@@ -708,7 +734,7 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata,
708 struct ieee80211_sub_if_data *vlan, *tmpsdata; 734 struct ieee80211_sub_if_data *vlan, *tmpsdata;
709 struct beacon_data *old_beacon = 735 struct beacon_data *old_beacon =
710 rtnl_dereference(sdata->u.ap.beacon); 736 rtnl_dereference(sdata->u.ap.beacon);
711 struct sk_buff *old_probe_resp = 737 struct probe_resp *old_probe_resp =
712 rtnl_dereference(sdata->u.ap.probe_resp); 738 rtnl_dereference(sdata->u.ap.probe_resp);
713 739
714 /* sdata_running will return false, so this will disable */ 740 /* sdata_running will return false, so this will disable */
@@ -720,7 +746,7 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata,
720 RCU_INIT_POINTER(sdata->u.ap.probe_resp, NULL); 746 RCU_INIT_POINTER(sdata->u.ap.probe_resp, NULL);
721 synchronize_rcu(); 747 synchronize_rcu();
722 kfree(old_beacon); 748 kfree(old_beacon);
723 kfree_skb(old_probe_resp); 749 kfree(old_probe_resp);
724 750
725 /* down all dependent devices, that is VLANs */ 751 /* down all dependent devices, that is VLANs */
726 list_for_each_entry_safe(vlan, tmpsdata, &sdata->u.ap.vlans, 752 list_for_each_entry_safe(vlan, tmpsdata, &sdata->u.ap.vlans,
@@ -759,24 +785,29 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata,
759 ieee80211_adjust_monitor_flags(sdata, -1); 785 ieee80211_adjust_monitor_flags(sdata, -1);
760 ieee80211_configure_filter(local); 786 ieee80211_configure_filter(local);
761 break; 787 break;
788 case NL80211_IFTYPE_P2P_DEVICE:
789 /* relies on synchronize_rcu() below */
790 rcu_assign_pointer(local->p2p_sdata, NULL);
791 /* fall through */
762 default: 792 default:
763 flush_work(&sdata->work); 793 flush_work(&sdata->work);
764 /* 794 /*
765 * When we get here, the interface is marked down. 795 * When we get here, the interface is marked down.
766 * Call synchronize_rcu() to wait for the RX path 796 * Call rcu_barrier() to wait both for the RX path
767 * should it be using the interface and enqueuing 797 * should it be using the interface and enqueuing
768 * frames at this very time on another CPU. 798 * frames at this very time on another CPU, and
799 * for the sta free call_rcu callbacks.
769 */ 800 */
770 synchronize_rcu(); 801 rcu_barrier();
771 skb_queue_purge(&sdata->skb_queue);
772 802
773 /* 803 /*
774 * Disable beaconing here for mesh only, AP and IBSS 804 * free_sta_rcu() enqueues a work for the actual
775 * are already taken care of. 805 * sta cleanup, so we need to flush it while
806 * sdata is still valid.
776 */ 807 */
777 if (sdata->vif.type == NL80211_IFTYPE_MESH_POINT) 808 flush_workqueue(local->workqueue);
778 ieee80211_bss_info_change_notify(sdata, 809
779 BSS_CHANGED_BEACON_ENABLED); 810 skb_queue_purge(&sdata->skb_queue);
780 811
781 /* 812 /*
782 * Free all remaining keys, there shouldn't be any, 813 * Free all remaining keys, there shouldn't be any,
@@ -877,9 +908,8 @@ static void ieee80211_set_multicast_list(struct net_device *dev)
877 * Called when the netdev is removed or, by the code below, before 908 * Called when the netdev is removed or, by the code below, before
878 * the interface type changes. 909 * the interface type changes.
879 */ 910 */
880static void ieee80211_teardown_sdata(struct net_device *dev) 911static void ieee80211_teardown_sdata(struct ieee80211_sub_if_data *sdata)
881{ 912{
882 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
883 struct ieee80211_local *local = sdata->local; 913 struct ieee80211_local *local = sdata->local;
884 int flushed; 914 int flushed;
885 int i; 915 int i;
@@ -900,6 +930,11 @@ static void ieee80211_teardown_sdata(struct net_device *dev)
900 WARN_ON(flushed); 930 WARN_ON(flushed);
901} 931}
902 932
933static void ieee80211_uninit(struct net_device *dev)
934{
935 ieee80211_teardown_sdata(IEEE80211_DEV_TO_SUB_IF(dev));
936}
937
903static u16 ieee80211_netdev_select_queue(struct net_device *dev, 938static u16 ieee80211_netdev_select_queue(struct net_device *dev,
904 struct sk_buff *skb) 939 struct sk_buff *skb)
905{ 940{
@@ -909,7 +944,7 @@ static u16 ieee80211_netdev_select_queue(struct net_device *dev,
909static const struct net_device_ops ieee80211_dataif_ops = { 944static const struct net_device_ops ieee80211_dataif_ops = {
910 .ndo_open = ieee80211_open, 945 .ndo_open = ieee80211_open,
911 .ndo_stop = ieee80211_stop, 946 .ndo_stop = ieee80211_stop,
912 .ndo_uninit = ieee80211_teardown_sdata, 947 .ndo_uninit = ieee80211_uninit,
913 .ndo_start_xmit = ieee80211_subif_start_xmit, 948 .ndo_start_xmit = ieee80211_subif_start_xmit,
914 .ndo_set_rx_mode = ieee80211_set_multicast_list, 949 .ndo_set_rx_mode = ieee80211_set_multicast_list,
915 .ndo_change_mtu = ieee80211_change_mtu, 950 .ndo_change_mtu = ieee80211_change_mtu,
@@ -940,7 +975,7 @@ static u16 ieee80211_monitor_select_queue(struct net_device *dev,
940static const struct net_device_ops ieee80211_monitorif_ops = { 975static const struct net_device_ops ieee80211_monitorif_ops = {
941 .ndo_open = ieee80211_open, 976 .ndo_open = ieee80211_open,
942 .ndo_stop = ieee80211_stop, 977 .ndo_stop = ieee80211_stop,
943 .ndo_uninit = ieee80211_teardown_sdata, 978 .ndo_uninit = ieee80211_uninit,
944 .ndo_start_xmit = ieee80211_monitor_start_xmit, 979 .ndo_start_xmit = ieee80211_monitor_start_xmit,
945 .ndo_set_rx_mode = ieee80211_set_multicast_list, 980 .ndo_set_rx_mode = ieee80211_set_multicast_list,
946 .ndo_change_mtu = ieee80211_change_mtu, 981 .ndo_change_mtu = ieee80211_change_mtu,
@@ -1099,7 +1134,6 @@ static void ieee80211_setup_sdata(struct ieee80211_sub_if_data *sdata,
1099 /* and set some type-dependent values */ 1134 /* and set some type-dependent values */
1100 sdata->vif.type = type; 1135 sdata->vif.type = type;
1101 sdata->vif.p2p = false; 1136 sdata->vif.p2p = false;
1102 sdata->dev->netdev_ops = &ieee80211_dataif_ops;
1103 sdata->wdev.iftype = type; 1137 sdata->wdev.iftype = type;
1104 1138
1105 sdata->control_port_protocol = cpu_to_be16(ETH_P_PAE); 1139 sdata->control_port_protocol = cpu_to_be16(ETH_P_PAE);
@@ -1107,8 +1141,11 @@ static void ieee80211_setup_sdata(struct ieee80211_sub_if_data *sdata,
1107 1141
1108 sdata->noack_map = 0; 1142 sdata->noack_map = 0;
1109 1143
1110 /* only monitor differs */ 1144 /* only monitor/p2p-device differ */
1111 sdata->dev->type = ARPHRD_ETHER; 1145 if (sdata->dev) {
1146 sdata->dev->netdev_ops = &ieee80211_dataif_ops;
1147 sdata->dev->type = ARPHRD_ETHER;
1148 }
1112 1149
1113 skb_queue_head_init(&sdata->skb_queue); 1150 skb_queue_head_init(&sdata->skb_queue);
1114 INIT_WORK(&sdata->work, ieee80211_iface_work); 1151 INIT_WORK(&sdata->work, ieee80211_iface_work);
@@ -1146,6 +1183,7 @@ static void ieee80211_setup_sdata(struct ieee80211_sub_if_data *sdata,
1146 break; 1183 break;
1147 case NL80211_IFTYPE_WDS: 1184 case NL80211_IFTYPE_WDS:
1148 case NL80211_IFTYPE_AP_VLAN: 1185 case NL80211_IFTYPE_AP_VLAN:
1186 case NL80211_IFTYPE_P2P_DEVICE:
1149 break; 1187 break;
1150 case NL80211_IFTYPE_UNSPECIFIED: 1188 case NL80211_IFTYPE_UNSPECIFIED:
1151 case NUM_NL80211_IFTYPES: 1189 case NUM_NL80211_IFTYPES:
@@ -1156,18 +1194,6 @@ static void ieee80211_setup_sdata(struct ieee80211_sub_if_data *sdata,
1156 ieee80211_debugfs_add_netdev(sdata); 1194 ieee80211_debugfs_add_netdev(sdata);
1157} 1195}
1158 1196
1159static void ieee80211_clean_sdata(struct ieee80211_sub_if_data *sdata)
1160{
1161 switch (sdata->vif.type) {
1162 case NL80211_IFTYPE_MESH_POINT:
1163 mesh_path_flush_by_iface(sdata);
1164 break;
1165
1166 default:
1167 break;
1168 }
1169}
1170
1171static int ieee80211_runtime_change_iftype(struct ieee80211_sub_if_data *sdata, 1197static int ieee80211_runtime_change_iftype(struct ieee80211_sub_if_data *sdata,
1172 enum nl80211_iftype type) 1198 enum nl80211_iftype type)
1173{ 1199{
@@ -1225,7 +1251,7 @@ static int ieee80211_runtime_change_iftype(struct ieee80211_sub_if_data *sdata,
1225 1251
1226 ieee80211_do_stop(sdata, false); 1252 ieee80211_do_stop(sdata, false);
1227 1253
1228 ieee80211_teardown_sdata(sdata->dev); 1254 ieee80211_teardown_sdata(sdata);
1229 1255
1230 ret = drv_change_interface(local, sdata, internal_type, p2p); 1256 ret = drv_change_interface(local, sdata, internal_type, p2p);
1231 if (ret) 1257 if (ret)
@@ -1240,7 +1266,7 @@ static int ieee80211_runtime_change_iftype(struct ieee80211_sub_if_data *sdata,
1240 1266
1241 ieee80211_setup_sdata(sdata, type); 1267 ieee80211_setup_sdata(sdata, type);
1242 1268
1243 err = ieee80211_do_open(sdata->dev, false); 1269 err = ieee80211_do_open(&sdata->wdev, false);
1244 WARN(err, "type change: do_open returned %d", err); 1270 WARN(err, "type change: do_open returned %d", err);
1245 1271
1246 return ret; 1272 return ret;
@@ -1267,14 +1293,14 @@ int ieee80211_if_change_type(struct ieee80211_sub_if_data *sdata,
1267 return ret; 1293 return ret;
1268 } else { 1294 } else {
1269 /* Purge and reset type-dependent state. */ 1295 /* Purge and reset type-dependent state. */
1270 ieee80211_teardown_sdata(sdata->dev); 1296 ieee80211_teardown_sdata(sdata);
1271 ieee80211_setup_sdata(sdata, type); 1297 ieee80211_setup_sdata(sdata, type);
1272 } 1298 }
1273 1299
1274 /* reset some values that shouldn't be kept across type changes */ 1300 /* reset some values that shouldn't be kept across type changes */
1275 sdata->vif.bss_conf.basic_rates = 1301 sdata->vif.bss_conf.basic_rates =
1276 ieee80211_mandatory_rates(sdata->local, 1302 ieee80211_mandatory_rates(sdata->local,
1277 sdata->local->hw.conf.channel->band); 1303 sdata->local->oper_channel->band);
1278 sdata->drop_unencrypted = 0; 1304 sdata->drop_unencrypted = 0;
1279 if (type == NL80211_IFTYPE_STATION) 1305 if (type == NL80211_IFTYPE_STATION)
1280 sdata->u.mgd.use_4addr = false; 1306 sdata->u.mgd.use_4addr = false;
@@ -1283,8 +1309,7 @@ int ieee80211_if_change_type(struct ieee80211_sub_if_data *sdata,
1283} 1309}
1284 1310
1285static void ieee80211_assign_perm_addr(struct ieee80211_local *local, 1311static void ieee80211_assign_perm_addr(struct ieee80211_local *local,
1286 struct net_device *dev, 1312 u8 *perm_addr, enum nl80211_iftype type)
1287 enum nl80211_iftype type)
1288{ 1313{
1289 struct ieee80211_sub_if_data *sdata; 1314 struct ieee80211_sub_if_data *sdata;
1290 u64 mask, start, addr, val, inc; 1315 u64 mask, start, addr, val, inc;
@@ -1293,13 +1318,12 @@ static void ieee80211_assign_perm_addr(struct ieee80211_local *local,
1293 int i; 1318 int i;
1294 1319
1295 /* default ... something at least */ 1320 /* default ... something at least */
1296 memcpy(dev->perm_addr, local->hw.wiphy->perm_addr, ETH_ALEN); 1321 memcpy(perm_addr, local->hw.wiphy->perm_addr, ETH_ALEN);
1297 1322
1298 if (is_zero_ether_addr(local->hw.wiphy->addr_mask) && 1323 if (is_zero_ether_addr(local->hw.wiphy->addr_mask) &&
1299 local->hw.wiphy->n_addresses <= 1) 1324 local->hw.wiphy->n_addresses <= 1)
1300 return; 1325 return;
1301 1326
1302
1303 mutex_lock(&local->iflist_mtx); 1327 mutex_lock(&local->iflist_mtx);
1304 1328
1305 switch (type) { 1329 switch (type) {
@@ -1312,11 +1336,24 @@ static void ieee80211_assign_perm_addr(struct ieee80211_local *local,
1312 list_for_each_entry(sdata, &local->interfaces, list) { 1336 list_for_each_entry(sdata, &local->interfaces, list) {
1313 if (sdata->vif.type != NL80211_IFTYPE_AP) 1337 if (sdata->vif.type != NL80211_IFTYPE_AP)
1314 continue; 1338 continue;
1315 memcpy(dev->perm_addr, sdata->vif.addr, ETH_ALEN); 1339 memcpy(perm_addr, sdata->vif.addr, ETH_ALEN);
1316 break; 1340 break;
1317 } 1341 }
1318 /* keep default if no AP interface present */ 1342 /* keep default if no AP interface present */
1319 break; 1343 break;
1344 case NL80211_IFTYPE_P2P_CLIENT:
1345 case NL80211_IFTYPE_P2P_GO:
1346 if (local->hw.flags & IEEE80211_HW_P2P_DEV_ADDR_FOR_INTF) {
1347 list_for_each_entry(sdata, &local->interfaces, list) {
1348 if (sdata->vif.type != NL80211_IFTYPE_P2P_DEVICE)
1349 continue;
1350 if (!ieee80211_sdata_running(sdata))
1351 continue;
1352 memcpy(perm_addr, sdata->vif.addr, ETH_ALEN);
1353 goto out_unlock;
1354 }
1355 }
1356 /* otherwise fall through */
1320 default: 1357 default:
1321 /* assign a new address if possible -- try n_addresses first */ 1358 /* assign a new address if possible -- try n_addresses first */
1322 for (i = 0; i < local->hw.wiphy->n_addresses; i++) { 1359 for (i = 0; i < local->hw.wiphy->n_addresses; i++) {
@@ -1331,7 +1368,7 @@ static void ieee80211_assign_perm_addr(struct ieee80211_local *local,
1331 } 1368 }
1332 1369
1333 if (!used) { 1370 if (!used) {
1334 memcpy(dev->perm_addr, 1371 memcpy(perm_addr,
1335 local->hw.wiphy->addresses[i].addr, 1372 local->hw.wiphy->addresses[i].addr,
1336 ETH_ALEN); 1373 ETH_ALEN);
1337 break; 1374 break;
@@ -1382,7 +1419,7 @@ static void ieee80211_assign_perm_addr(struct ieee80211_local *local,
1382 } 1419 }
1383 1420
1384 if (!used) { 1421 if (!used) {
1385 memcpy(dev->perm_addr, tmp_addr, ETH_ALEN); 1422 memcpy(perm_addr, tmp_addr, ETH_ALEN);
1386 break; 1423 break;
1387 } 1424 }
1388 addr = (start & ~mask) | (val & mask); 1425 addr = (start & ~mask) | (val & mask);
@@ -1391,6 +1428,7 @@ static void ieee80211_assign_perm_addr(struct ieee80211_local *local,
1391 break; 1428 break;
1392 } 1429 }
1393 1430
1431 out_unlock:
1394 mutex_unlock(&local->iflist_mtx); 1432 mutex_unlock(&local->iflist_mtx);
1395} 1433}
1396 1434
@@ -1398,49 +1436,68 @@ int ieee80211_if_add(struct ieee80211_local *local, const char *name,
1398 struct wireless_dev **new_wdev, enum nl80211_iftype type, 1436 struct wireless_dev **new_wdev, enum nl80211_iftype type,
1399 struct vif_params *params) 1437 struct vif_params *params)
1400{ 1438{
1401 struct net_device *ndev; 1439 struct net_device *ndev = NULL;
1402 struct ieee80211_sub_if_data *sdata = NULL; 1440 struct ieee80211_sub_if_data *sdata = NULL;
1403 int ret, i; 1441 int ret, i;
1404 int txqs = 1; 1442 int txqs = 1;
1405 1443
1406 ASSERT_RTNL(); 1444 ASSERT_RTNL();
1407 1445
1408 if (local->hw.queues >= IEEE80211_NUM_ACS) 1446 if (type == NL80211_IFTYPE_P2P_DEVICE) {
1409 txqs = IEEE80211_NUM_ACS; 1447 struct wireless_dev *wdev;
1410 1448
1411 ndev = alloc_netdev_mqs(sizeof(*sdata) + local->hw.vif_data_size, 1449 sdata = kzalloc(sizeof(*sdata) + local->hw.vif_data_size,
1412 name, ieee80211_if_setup, txqs, 1); 1450 GFP_KERNEL);
1413 if (!ndev) 1451 if (!sdata)
1414 return -ENOMEM; 1452 return -ENOMEM;
1415 dev_net_set(ndev, wiphy_net(local->hw.wiphy)); 1453 wdev = &sdata->wdev;
1416 1454
1417 ndev->needed_headroom = local->tx_headroom + 1455 sdata->dev = NULL;
1418 4*6 /* four MAC addresses */ 1456 strlcpy(sdata->name, name, IFNAMSIZ);
1419 + 2 + 2 + 2 + 2 /* ctl, dur, seq, qos */ 1457 ieee80211_assign_perm_addr(local, wdev->address, type);
1420 + 6 /* mesh */ 1458 memcpy(sdata->vif.addr, wdev->address, ETH_ALEN);
1421 + 8 /* rfc1042/bridge tunnel */ 1459 } else {
1422 - ETH_HLEN /* ethernet hard_header_len */ 1460 if (local->hw.queues >= IEEE80211_NUM_ACS)
1423 + IEEE80211_ENCRYPT_HEADROOM; 1461 txqs = IEEE80211_NUM_ACS;
1424 ndev->needed_tailroom = IEEE80211_ENCRYPT_TAILROOM; 1462
1425 1463 ndev = alloc_netdev_mqs(sizeof(*sdata) +
1426 ret = dev_alloc_name(ndev, ndev->name); 1464 local->hw.vif_data_size,
1427 if (ret < 0) 1465 name, ieee80211_if_setup, txqs, 1);
1428 goto fail; 1466 if (!ndev)
1429 1467 return -ENOMEM;
1430 ieee80211_assign_perm_addr(local, ndev, type); 1468 dev_net_set(ndev, wiphy_net(local->hw.wiphy));
1431 memcpy(ndev->dev_addr, ndev->perm_addr, ETH_ALEN); 1469
1432 SET_NETDEV_DEV(ndev, wiphy_dev(local->hw.wiphy)); 1470 ndev->needed_headroom = local->tx_headroom +
1433 1471 4*6 /* four MAC addresses */
1434 /* don't use IEEE80211_DEV_TO_SUB_IF because it checks too much */ 1472 + 2 + 2 + 2 + 2 /* ctl, dur, seq, qos */
1435 sdata = netdev_priv(ndev); 1473 + 6 /* mesh */
1436 ndev->ieee80211_ptr = &sdata->wdev; 1474 + 8 /* rfc1042/bridge tunnel */
1437 memcpy(sdata->vif.addr, ndev->dev_addr, ETH_ALEN); 1475 - ETH_HLEN /* ethernet hard_header_len */
1438 memcpy(sdata->name, ndev->name, IFNAMSIZ); 1476 + IEEE80211_ENCRYPT_HEADROOM;
1477 ndev->needed_tailroom = IEEE80211_ENCRYPT_TAILROOM;
1478
1479 ret = dev_alloc_name(ndev, ndev->name);
1480 if (ret < 0) {
1481 free_netdev(ndev);
1482 return ret;
1483 }
1484
1485 ieee80211_assign_perm_addr(local, ndev->perm_addr, type);
1486 memcpy(ndev->dev_addr, ndev->perm_addr, ETH_ALEN);
1487 SET_NETDEV_DEV(ndev, wiphy_dev(local->hw.wiphy));
1488
1489 /* don't use IEEE80211_DEV_TO_SUB_IF -- it checks too much */
1490 sdata = netdev_priv(ndev);
1491 ndev->ieee80211_ptr = &sdata->wdev;
1492 memcpy(sdata->vif.addr, ndev->dev_addr, ETH_ALEN);
1493 memcpy(sdata->name, ndev->name, IFNAMSIZ);
1494
1495 sdata->dev = ndev;
1496 }
1439 1497
1440 /* initialise type-independent data */ 1498 /* initialise type-independent data */
1441 sdata->wdev.wiphy = local->hw.wiphy; 1499 sdata->wdev.wiphy = local->hw.wiphy;
1442 sdata->local = local; 1500 sdata->local = local;
1443 sdata->dev = ndev;
1444#ifdef CONFIG_INET 1501#ifdef CONFIG_INET
1445 sdata->arp_filter_state = true; 1502 sdata->arp_filter_state = true;
1446#endif 1503#endif
@@ -1469,17 +1526,21 @@ int ieee80211_if_add(struct ieee80211_local *local, const char *name,
1469 /* setup type-dependent data */ 1526 /* setup type-dependent data */
1470 ieee80211_setup_sdata(sdata, type); 1527 ieee80211_setup_sdata(sdata, type);
1471 1528
1472 if (params) { 1529 if (ndev) {
1473 ndev->ieee80211_ptr->use_4addr = params->use_4addr; 1530 if (params) {
1474 if (type == NL80211_IFTYPE_STATION) 1531 ndev->ieee80211_ptr->use_4addr = params->use_4addr;
1475 sdata->u.mgd.use_4addr = params->use_4addr; 1532 if (type == NL80211_IFTYPE_STATION)
1476 } 1533 sdata->u.mgd.use_4addr = params->use_4addr;
1534 }
1477 1535
1478 ndev->features |= local->hw.netdev_features; 1536 ndev->features |= local->hw.netdev_features;
1479 1537
1480 ret = register_netdevice(ndev); 1538 ret = register_netdevice(ndev);
1481 if (ret) 1539 if (ret) {
1482 goto fail; 1540 free_netdev(ndev);
1541 return ret;
1542 }
1543 }
1483 1544
1484 mutex_lock(&local->iflist_mtx); 1545 mutex_lock(&local->iflist_mtx);
1485 list_add_tail_rcu(&sdata->list, &local->interfaces); 1546 list_add_tail_rcu(&sdata->list, &local->interfaces);
@@ -1489,10 +1550,6 @@ int ieee80211_if_add(struct ieee80211_local *local, const char *name,
1489 *new_wdev = &sdata->wdev; 1550 *new_wdev = &sdata->wdev;
1490 1551
1491 return 0; 1552 return 0;
1492
1493 fail:
1494 free_netdev(ndev);
1495 return ret;
1496} 1553}
1497 1554
1498void ieee80211_if_remove(struct ieee80211_sub_if_data *sdata) 1555void ieee80211_if_remove(struct ieee80211_sub_if_data *sdata)
@@ -1503,11 +1560,22 @@ void ieee80211_if_remove(struct ieee80211_sub_if_data *sdata)
1503 list_del_rcu(&sdata->list); 1560 list_del_rcu(&sdata->list);
1504 mutex_unlock(&sdata->local->iflist_mtx); 1561 mutex_unlock(&sdata->local->iflist_mtx);
1505 1562
1506 /* clean up type-dependent data */
1507 ieee80211_clean_sdata(sdata);
1508
1509 synchronize_rcu(); 1563 synchronize_rcu();
1510 unregister_netdevice(sdata->dev); 1564
1565 if (sdata->dev) {
1566 unregister_netdevice(sdata->dev);
1567 } else {
1568 cfg80211_unregister_wdev(&sdata->wdev);
1569 kfree(sdata);
1570 }
1571}
1572
1573void ieee80211_sdata_stop(struct ieee80211_sub_if_data *sdata)
1574{
1575 if (WARN_ON_ONCE(!test_bit(SDATA_STATE_RUNNING, &sdata->state)))
1576 return;
1577 ieee80211_do_stop(sdata, true);
1578 ieee80211_teardown_sdata(sdata);
1511} 1579}
1512 1580
1513/* 1581/*
@@ -1518,6 +1586,7 @@ void ieee80211_remove_interfaces(struct ieee80211_local *local)
1518{ 1586{
1519 struct ieee80211_sub_if_data *sdata, *tmp; 1587 struct ieee80211_sub_if_data *sdata, *tmp;
1520 LIST_HEAD(unreg_list); 1588 LIST_HEAD(unreg_list);
1589 LIST_HEAD(wdev_list);
1521 1590
1522 ASSERT_RTNL(); 1591 ASSERT_RTNL();
1523 1592
@@ -1525,13 +1594,20 @@ void ieee80211_remove_interfaces(struct ieee80211_local *local)
1525 list_for_each_entry_safe(sdata, tmp, &local->interfaces, list) { 1594 list_for_each_entry_safe(sdata, tmp, &local->interfaces, list) {
1526 list_del(&sdata->list); 1595 list_del(&sdata->list);
1527 1596
1528 ieee80211_clean_sdata(sdata); 1597 if (sdata->dev)
1529 1598 unregister_netdevice_queue(sdata->dev, &unreg_list);
1530 unregister_netdevice_queue(sdata->dev, &unreg_list); 1599 else
1600 list_add(&sdata->list, &wdev_list);
1531 } 1601 }
1532 mutex_unlock(&local->iflist_mtx); 1602 mutex_unlock(&local->iflist_mtx);
1533 unregister_netdevice_many(&unreg_list); 1603 unregister_netdevice_many(&unreg_list);
1534 list_del(&unreg_list); 1604 list_del(&unreg_list);
1605
1606 list_for_each_entry_safe(sdata, tmp, &wdev_list, list) {
1607 list_del(&sdata->list);
1608 cfg80211_unregister_wdev(&sdata->wdev);
1609 kfree(sdata);
1610 }
1535} 1611}
1536 1612
1537static int netdev_notify(struct notifier_block *nb, 1613static int netdev_notify(struct notifier_block *nb,
diff --git a/net/mac80211/key.c b/net/mac80211/key.c
index 7ae678ba5d67..d27e61aaa71b 100644
--- a/net/mac80211/key.c
+++ b/net/mac80211/key.c
@@ -402,7 +402,7 @@ static void __ieee80211_key_destroy(struct ieee80211_key *key)
402 * Synchronize so the TX path can no longer be using 402 * Synchronize so the TX path can no longer be using
403 * this key before we free/remove it. 403 * this key before we free/remove it.
404 */ 404 */
405 synchronize_rcu(); 405 synchronize_net();
406 406
407 if (key->local) 407 if (key->local)
408 ieee80211_key_disable_hw_accel(key); 408 ieee80211_key_disable_hw_accel(key);
diff --git a/net/mac80211/main.c b/net/mac80211/main.c
index c26e231c733a..c80c4490351c 100644
--- a/net/mac80211/main.c
+++ b/net/mac80211/main.c
@@ -150,13 +150,11 @@ int ieee80211_hw_config(struct ieee80211_local *local, u32 changed)
150 150
151 if (test_bit(SCAN_SW_SCANNING, &local->scanning) || 151 if (test_bit(SCAN_SW_SCANNING, &local->scanning) ||
152 test_bit(SCAN_ONCHANNEL_SCANNING, &local->scanning) || 152 test_bit(SCAN_ONCHANNEL_SCANNING, &local->scanning) ||
153 test_bit(SCAN_HW_SCANNING, &local->scanning)) 153 test_bit(SCAN_HW_SCANNING, &local->scanning) ||
154 !local->ap_power_level)
154 power = chan->max_power; 155 power = chan->max_power;
155 else 156 else
156 power = local->power_constr_level ? 157 power = min(chan->max_power, local->ap_power_level);
157 min(chan->max_power,
158 (chan->max_reg_power - local->power_constr_level)) :
159 chan->max_power;
160 158
161 if (local->user_power_level >= 0) 159 if (local->user_power_level >= 0)
162 power = min(power, local->user_power_level); 160 power = min(power, local->user_power_level);
@@ -207,6 +205,10 @@ void ieee80211_bss_info_change_notify(struct ieee80211_sub_if_data *sdata,
207 sdata->vif.bss_conf.bssid = NULL; 205 sdata->vif.bss_conf.bssid = NULL;
208 else if (ieee80211_vif_is_mesh(&sdata->vif)) { 206 else if (ieee80211_vif_is_mesh(&sdata->vif)) {
209 sdata->vif.bss_conf.bssid = zero; 207 sdata->vif.bss_conf.bssid = zero;
208 } else if (sdata->vif.type == NL80211_IFTYPE_P2P_DEVICE) {
209 sdata->vif.bss_conf.bssid = sdata->vif.addr;
210 WARN_ONCE(changed & ~(BSS_CHANGED_IDLE),
211 "P2P Device BSS changed %#x", changed);
210 } else { 212 } else {
211 WARN_ON(1); 213 WARN_ON(1);
212 return; 214 return;
@@ -362,9 +364,7 @@ static void ieee80211_recalc_smps_work(struct work_struct *work)
362 struct ieee80211_local *local = 364 struct ieee80211_local *local =
363 container_of(work, struct ieee80211_local, recalc_smps); 365 container_of(work, struct ieee80211_local, recalc_smps);
364 366
365 mutex_lock(&local->iflist_mtx);
366 ieee80211_recalc_smps(local); 367 ieee80211_recalc_smps(local);
367 mutex_unlock(&local->iflist_mtx);
368} 368}
369 369
370#ifdef CONFIG_INET 370#ifdef CONFIG_INET
@@ -514,6 +514,11 @@ ieee80211_default_mgmt_stypes[NUM_NL80211_IFTYPES] = {
514 BIT(IEEE80211_STYPE_AUTH >> 4) | 514 BIT(IEEE80211_STYPE_AUTH >> 4) |
515 BIT(IEEE80211_STYPE_DEAUTH >> 4), 515 BIT(IEEE80211_STYPE_DEAUTH >> 4),
516 }, 516 },
517 [NL80211_IFTYPE_P2P_DEVICE] = {
518 .tx = 0xffff,
519 .rx = BIT(IEEE80211_STYPE_ACTION >> 4) |
520 BIT(IEEE80211_STYPE_PROBE_REQ >> 4),
521 },
517}; 522};
518 523
519static const struct ieee80211_ht_cap mac80211_ht_capa_mod_mask = { 524static const struct ieee80211_ht_cap mac80211_ht_capa_mod_mask = {
@@ -536,6 +541,11 @@ struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
536 int priv_size, i; 541 int priv_size, i;
537 struct wiphy *wiphy; 542 struct wiphy *wiphy;
538 543
544 if (WARN_ON(!ops->tx || !ops->start || !ops->stop || !ops->config ||
545 !ops->add_interface || !ops->remove_interface ||
546 !ops->configure_filter))
547 return NULL;
548
539 if (WARN_ON(ops->sta_state && (ops->sta_add || ops->sta_remove))) 549 if (WARN_ON(ops->sta_state && (ops->sta_add || ops->sta_remove)))
540 return NULL; 550 return NULL;
541 551
@@ -588,13 +598,6 @@ struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
588 598
589 local->hw.priv = (char *)local + ALIGN(sizeof(*local), NETDEV_ALIGN); 599 local->hw.priv = (char *)local + ALIGN(sizeof(*local), NETDEV_ALIGN);
590 600
591 BUG_ON(!ops->tx);
592 BUG_ON(!ops->start);
593 BUG_ON(!ops->stop);
594 BUG_ON(!ops->config);
595 BUG_ON(!ops->add_interface);
596 BUG_ON(!ops->remove_interface);
597 BUG_ON(!ops->configure_filter);
598 local->ops = ops; 601 local->ops = ops;
599 602
600 /* set up some defaults */ 603 /* set up some defaults */
diff --git a/net/mac80211/mesh.c b/net/mac80211/mesh.c
index 85572353a7e3..ff0296c7bab8 100644
--- a/net/mac80211/mesh.c
+++ b/net/mac80211/mesh.c
@@ -109,11 +109,11 @@ bool mesh_matches_local(struct ieee80211_sub_if_data *sdata,
109 109
110 /* Disallow HT40+/- mismatch */ 110 /* Disallow HT40+/- mismatch */
111 if (ie->ht_operation && 111 if (ie->ht_operation &&
112 (local->_oper_channel_type == NL80211_CHAN_HT40MINUS || 112 (sdata->vif.bss_conf.channel_type == NL80211_CHAN_HT40MINUS ||
113 local->_oper_channel_type == NL80211_CHAN_HT40PLUS) && 113 sdata->vif.bss_conf.channel_type == NL80211_CHAN_HT40PLUS) &&
114 (sta_channel_type == NL80211_CHAN_HT40MINUS || 114 (sta_channel_type == NL80211_CHAN_HT40MINUS ||
115 sta_channel_type == NL80211_CHAN_HT40PLUS) && 115 sta_channel_type == NL80211_CHAN_HT40PLUS) &&
116 local->_oper_channel_type != sta_channel_type) 116 sdata->vif.bss_conf.channel_type != sta_channel_type)
117 goto mismatch; 117 goto mismatch;
118 118
119 return true; 119 return true;
@@ -136,10 +136,13 @@ bool mesh_peer_accepts_plinks(struct ieee802_11_elems *ie)
136 * mesh_accept_plinks_update - update accepting_plink in local mesh beacons 136 * mesh_accept_plinks_update - update accepting_plink in local mesh beacons
137 * 137 *
138 * @sdata: mesh interface in which mesh beacons are going to be updated 138 * @sdata: mesh interface in which mesh beacons are going to be updated
139 *
140 * Returns: beacon changed flag if the beacon content changed.
139 */ 141 */
140void mesh_accept_plinks_update(struct ieee80211_sub_if_data *sdata) 142u32 mesh_accept_plinks_update(struct ieee80211_sub_if_data *sdata)
141{ 143{
142 bool free_plinks; 144 bool free_plinks;
145 u32 changed = 0;
143 146
144 /* In case mesh_plink_free_count > 0 and mesh_plinktbl_capacity == 0, 147 /* In case mesh_plink_free_count > 0 and mesh_plinktbl_capacity == 0,
145 * the mesh interface might be able to establish plinks with peers that 148 * the mesh interface might be able to establish plinks with peers that
@@ -149,8 +152,12 @@ void mesh_accept_plinks_update(struct ieee80211_sub_if_data *sdata)
149 */ 152 */
150 free_plinks = mesh_plink_availables(sdata); 153 free_plinks = mesh_plink_availables(sdata);
151 154
152 if (free_plinks != sdata->u.mesh.accepting_plinks) 155 if (free_plinks != sdata->u.mesh.accepting_plinks) {
153 ieee80211_mesh_housekeeping_timer((unsigned long) sdata); 156 sdata->u.mesh.accepting_plinks = free_plinks;
157 changed = BSS_CHANGED_BEACON;
158 }
159
160 return changed;
154} 161}
155 162
156int mesh_rmc_init(struct ieee80211_sub_if_data *sdata) 163int mesh_rmc_init(struct ieee80211_sub_if_data *sdata)
@@ -262,7 +269,6 @@ mesh_add_meshconf_ie(struct sk_buff *skb, struct ieee80211_sub_if_data *sdata)
262 neighbors = (neighbors > 15) ? 15 : neighbors; 269 neighbors = (neighbors > 15) ? 15 : neighbors;
263 *pos++ = neighbors << 1; 270 *pos++ = neighbors << 1;
264 /* Mesh capability */ 271 /* Mesh capability */
265 ifmsh->accepting_plinks = mesh_plink_availables(sdata);
266 *pos = MESHCONF_CAPAB_FORWARDING; 272 *pos = MESHCONF_CAPAB_FORWARDING;
267 *pos |= ifmsh->accepting_plinks ? 273 *pos |= ifmsh->accepting_plinks ?
268 MESHCONF_CAPAB_ACCEPT_PLINKS : 0x00; 274 MESHCONF_CAPAB_ACCEPT_PLINKS : 0x00;
@@ -349,17 +355,18 @@ int mesh_add_ds_params_ie(struct sk_buff *skb,
349{ 355{
350 struct ieee80211_local *local = sdata->local; 356 struct ieee80211_local *local = sdata->local;
351 struct ieee80211_supported_band *sband; 357 struct ieee80211_supported_band *sband;
358 struct ieee80211_channel *chan = local->oper_channel;
352 u8 *pos; 359 u8 *pos;
353 360
354 if (skb_tailroom(skb) < 3) 361 if (skb_tailroom(skb) < 3)
355 return -ENOMEM; 362 return -ENOMEM;
356 363
357 sband = local->hw.wiphy->bands[local->hw.conf.channel->band]; 364 sband = local->hw.wiphy->bands[chan->band];
358 if (sband->band == IEEE80211_BAND_2GHZ) { 365 if (sband->band == IEEE80211_BAND_2GHZ) {
359 pos = skb_put(skb, 2 + 1); 366 pos = skb_put(skb, 2 + 1);
360 *pos++ = WLAN_EID_DS_PARAMS; 367 *pos++ = WLAN_EID_DS_PARAMS;
361 *pos++ = 1; 368 *pos++ = 1;
362 *pos++ = ieee80211_frequency_to_channel(local->hw.conf.channel->center_freq); 369 *pos++ = ieee80211_frequency_to_channel(chan->center_freq);
363 } 370 }
364 371
365 return 0; 372 return 0;
@@ -374,7 +381,7 @@ int mesh_add_ht_cap_ie(struct sk_buff *skb,
374 381
375 sband = local->hw.wiphy->bands[local->oper_channel->band]; 382 sband = local->hw.wiphy->bands[local->oper_channel->band];
376 if (!sband->ht_cap.ht_supported || 383 if (!sband->ht_cap.ht_supported ||
377 local->_oper_channel_type == NL80211_CHAN_NO_HT) 384 sdata->vif.bss_conf.channel_type == NL80211_CHAN_NO_HT)
378 return 0; 385 return 0;
379 386
380 if (skb_tailroom(skb) < 2 + sizeof(struct ieee80211_ht_cap)) 387 if (skb_tailroom(skb) < 2 + sizeof(struct ieee80211_ht_cap))
@@ -391,7 +398,8 @@ int mesh_add_ht_oper_ie(struct sk_buff *skb,
391{ 398{
392 struct ieee80211_local *local = sdata->local; 399 struct ieee80211_local *local = sdata->local;
393 struct ieee80211_channel *channel = local->oper_channel; 400 struct ieee80211_channel *channel = local->oper_channel;
394 enum nl80211_channel_type channel_type = local->_oper_channel_type; 401 enum nl80211_channel_type channel_type =
402 sdata->vif.bss_conf.channel_type;
395 struct ieee80211_supported_band *sband = 403 struct ieee80211_supported_band *sband =
396 local->hw.wiphy->bands[channel->band]; 404 local->hw.wiphy->bands[channel->band];
397 struct ieee80211_sta_ht_cap *ht_cap = &sband->ht_cap; 405 struct ieee80211_sta_ht_cap *ht_cap = &sband->ht_cap;
@@ -521,14 +529,13 @@ int ieee80211_new_mesh_header(struct ieee80211s_hdr *meshhdr,
521static void ieee80211_mesh_housekeeping(struct ieee80211_sub_if_data *sdata, 529static void ieee80211_mesh_housekeeping(struct ieee80211_sub_if_data *sdata,
522 struct ieee80211_if_mesh *ifmsh) 530 struct ieee80211_if_mesh *ifmsh)
523{ 531{
524 bool free_plinks; 532 u32 changed;
525 533
526 ieee80211_sta_expire(sdata, IEEE80211_MESH_PEER_INACTIVITY_LIMIT); 534 ieee80211_sta_expire(sdata, IEEE80211_MESH_PEER_INACTIVITY_LIMIT);
527 mesh_path_expire(sdata); 535 mesh_path_expire(sdata);
528 536
529 free_plinks = mesh_plink_availables(sdata); 537 changed = mesh_accept_plinks_update(sdata);
530 if (free_plinks != sdata->u.mesh.accepting_plinks) 538 ieee80211_bss_info_change_notify(sdata, changed);
531 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON);
532 539
533 mod_timer(&ifmsh->housekeeping_timer, 540 mod_timer(&ifmsh->housekeeping_timer,
534 round_jiffies(jiffies + IEEE80211_MESH_HOUSEKEEPING_INTERVAL)); 541 round_jiffies(jiffies + IEEE80211_MESH_HOUSEKEEPING_INTERVAL));
@@ -603,12 +610,14 @@ void ieee80211_start_mesh(struct ieee80211_sub_if_data *sdata)
603 sdata->vif.bss_conf.beacon_int = MESH_DEFAULT_BEACON_INTERVAL; 610 sdata->vif.bss_conf.beacon_int = MESH_DEFAULT_BEACON_INTERVAL;
604 sdata->vif.bss_conf.basic_rates = 611 sdata->vif.bss_conf.basic_rates =
605 ieee80211_mandatory_rates(sdata->local, 612 ieee80211_mandatory_rates(sdata->local,
606 sdata->local->hw.conf.channel->band); 613 sdata->local->oper_channel->band);
607 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON | 614 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON |
608 BSS_CHANGED_BEACON_ENABLED | 615 BSS_CHANGED_BEACON_ENABLED |
609 BSS_CHANGED_HT | 616 BSS_CHANGED_HT |
610 BSS_CHANGED_BASIC_RATES | 617 BSS_CHANGED_BASIC_RATES |
611 BSS_CHANGED_BEACON_INT); 618 BSS_CHANGED_BEACON_INT);
619
620 netif_carrier_on(sdata->dev);
612} 621}
613 622
614void ieee80211_stop_mesh(struct ieee80211_sub_if_data *sdata) 623void ieee80211_stop_mesh(struct ieee80211_sub_if_data *sdata)
@@ -616,9 +625,15 @@ void ieee80211_stop_mesh(struct ieee80211_sub_if_data *sdata)
616 struct ieee80211_local *local = sdata->local; 625 struct ieee80211_local *local = sdata->local;
617 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh; 626 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
618 627
628 netif_carrier_off(sdata->dev);
629
630 /* stop the beacon */
619 ifmsh->mesh_id_len = 0; 631 ifmsh->mesh_id_len = 0;
620 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON_ENABLED); 632 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON_ENABLED);
621 sta_info_flush(local, NULL); 633
634 /* flush STAs and mpaths on this iface */
635 sta_info_flush(sdata->local, sdata);
636 mesh_path_flush_by_iface(sdata);
622 637
623 del_timer_sync(&sdata->u.mesh.housekeeping_timer); 638 del_timer_sync(&sdata->u.mesh.housekeeping_timer);
624 del_timer_sync(&sdata->u.mesh.mesh_path_root_timer); 639 del_timer_sync(&sdata->u.mesh.mesh_path_root_timer);
diff --git a/net/mac80211/mesh.h b/net/mac80211/mesh.h
index faaa39bcfd10..25d0f17dec71 100644
--- a/net/mac80211/mesh.h
+++ b/net/mac80211/mesh.h
@@ -215,6 +215,9 @@ struct mesh_rmc {
215/* Maximum number of paths per interface */ 215/* Maximum number of paths per interface */
216#define MESH_MAX_MPATHS 1024 216#define MESH_MAX_MPATHS 1024
217 217
218/* Number of frames buffered per destination for unresolved destinations */
219#define MESH_FRAME_QUEUE_LEN 10
220
218/* Public interfaces */ 221/* Public interfaces */
219/* Various */ 222/* Various */
220int ieee80211_fill_mesh_addresses(struct ieee80211_hdr *hdr, __le16 *fc, 223int ieee80211_fill_mesh_addresses(struct ieee80211_hdr *hdr, __le16 *fc,
@@ -282,7 +285,7 @@ void mesh_neighbour_update(struct ieee80211_sub_if_data *sdata,
282 u8 *hw_addr, 285 u8 *hw_addr,
283 struct ieee802_11_elems *ie); 286 struct ieee802_11_elems *ie);
284bool mesh_peer_accepts_plinks(struct ieee802_11_elems *ie); 287bool mesh_peer_accepts_plinks(struct ieee802_11_elems *ie);
285void mesh_accept_plinks_update(struct ieee80211_sub_if_data *sdata); 288u32 mesh_accept_plinks_update(struct ieee80211_sub_if_data *sdata);
286void mesh_plink_broken(struct sta_info *sta); 289void mesh_plink_broken(struct sta_info *sta);
287void mesh_plink_deactivate(struct sta_info *sta); 290void mesh_plink_deactivate(struct sta_info *sta);
288int mesh_plink_open(struct sta_info *sta); 291int mesh_plink_open(struct sta_info *sta);
diff --git a/net/mac80211/mesh_hwmp.c b/net/mac80211/mesh_hwmp.c
index 494bc39f61a4..47aeee2d8db1 100644
--- a/net/mac80211/mesh_hwmp.c
+++ b/net/mac80211/mesh_hwmp.c
@@ -17,8 +17,6 @@
17#define MAX_METRIC 0xffffffff 17#define MAX_METRIC 0xffffffff
18#define ARITH_SHIFT 8 18#define ARITH_SHIFT 8
19 19
20/* Number of frames buffered per destination for unresolved destinations */
21#define MESH_FRAME_QUEUE_LEN 10
22#define MAX_PREQ_QUEUE_LEN 64 20#define MAX_PREQ_QUEUE_LEN 64
23 21
24/* Destination only */ 22/* Destination only */
diff --git a/net/mac80211/mesh_pathtbl.c b/net/mac80211/mesh_pathtbl.c
index 075bc535c601..aa749818860e 100644
--- a/net/mac80211/mesh_pathtbl.c
+++ b/net/mac80211/mesh_pathtbl.c
@@ -203,23 +203,17 @@ void mesh_path_assign_nexthop(struct mesh_path *mpath, struct sta_info *sta)
203{ 203{
204 struct sk_buff *skb; 204 struct sk_buff *skb;
205 struct ieee80211_hdr *hdr; 205 struct ieee80211_hdr *hdr;
206 struct sk_buff_head tmpq;
207 unsigned long flags; 206 unsigned long flags;
208 207
209 rcu_assign_pointer(mpath->next_hop, sta); 208 rcu_assign_pointer(mpath->next_hop, sta);
210 209
211 __skb_queue_head_init(&tmpq);
212
213 spin_lock_irqsave(&mpath->frame_queue.lock, flags); 210 spin_lock_irqsave(&mpath->frame_queue.lock, flags);
214 211 skb_queue_walk(&mpath->frame_queue, skb) {
215 while ((skb = __skb_dequeue(&mpath->frame_queue)) != NULL) {
216 hdr = (struct ieee80211_hdr *) skb->data; 212 hdr = (struct ieee80211_hdr *) skb->data;
217 memcpy(hdr->addr1, sta->sta.addr, ETH_ALEN); 213 memcpy(hdr->addr1, sta->sta.addr, ETH_ALEN);
218 memcpy(hdr->addr2, mpath->sdata->vif.addr, ETH_ALEN); 214 memcpy(hdr->addr2, mpath->sdata->vif.addr, ETH_ALEN);
219 __skb_queue_tail(&tmpq, skb);
220 } 215 }
221 216
222 skb_queue_splice(&tmpq, &mpath->frame_queue);
223 spin_unlock_irqrestore(&mpath->frame_queue.lock, flags); 217 spin_unlock_irqrestore(&mpath->frame_queue.lock, flags);
224} 218}
225 219
@@ -285,40 +279,42 @@ static void mesh_path_move_to_queue(struct mesh_path *gate_mpath,
285 struct mesh_path *from_mpath, 279 struct mesh_path *from_mpath,
286 bool copy) 280 bool copy)
287{ 281{
288 struct sk_buff *skb, *cp_skb = NULL; 282 struct sk_buff *skb, *fskb, *tmp;
289 struct sk_buff_head gateq, failq; 283 struct sk_buff_head failq;
290 unsigned long flags; 284 unsigned long flags;
291 int num_skbs;
292 285
293 BUG_ON(gate_mpath == from_mpath); 286 BUG_ON(gate_mpath == from_mpath);
294 BUG_ON(!gate_mpath->next_hop); 287 BUG_ON(!gate_mpath->next_hop);
295 288
296 __skb_queue_head_init(&gateq);
297 __skb_queue_head_init(&failq); 289 __skb_queue_head_init(&failq);
298 290
299 spin_lock_irqsave(&from_mpath->frame_queue.lock, flags); 291 spin_lock_irqsave(&from_mpath->frame_queue.lock, flags);
300 skb_queue_splice_init(&from_mpath->frame_queue, &failq); 292 skb_queue_splice_init(&from_mpath->frame_queue, &failq);
301 spin_unlock_irqrestore(&from_mpath->frame_queue.lock, flags); 293 spin_unlock_irqrestore(&from_mpath->frame_queue.lock, flags);
302 294
303 num_skbs = skb_queue_len(&failq); 295 skb_queue_walk_safe(&failq, fskb, tmp) {
304 296 if (skb_queue_len(&gate_mpath->frame_queue) >=
305 while (num_skbs--) { 297 MESH_FRAME_QUEUE_LEN) {
306 skb = __skb_dequeue(&failq); 298 mpath_dbg(gate_mpath->sdata, "mpath queue full!\n");
307 if (copy) { 299 break;
308 cp_skb = skb_copy(skb, GFP_ATOMIC);
309 if (cp_skb)
310 __skb_queue_tail(&failq, cp_skb);
311 } 300 }
312 301
302 skb = skb_copy(fskb, GFP_ATOMIC);
303 if (WARN_ON(!skb))
304 break;
305
313 prepare_for_gate(skb, gate_mpath->dst, gate_mpath); 306 prepare_for_gate(skb, gate_mpath->dst, gate_mpath);
314 __skb_queue_tail(&gateq, skb); 307 skb_queue_tail(&gate_mpath->frame_queue, skb);
308
309 if (copy)
310 continue;
311
312 __skb_unlink(fskb, &failq);
313 kfree_skb(fskb);
315 } 314 }
316 315
317 spin_lock_irqsave(&gate_mpath->frame_queue.lock, flags);
318 skb_queue_splice(&gateq, &gate_mpath->frame_queue);
319 mpath_dbg(gate_mpath->sdata, "Mpath queue for gate %pM has %d frames\n", 316 mpath_dbg(gate_mpath->sdata, "Mpath queue for gate %pM has %d frames\n",
320 gate_mpath->dst, skb_queue_len(&gate_mpath->frame_queue)); 317 gate_mpath->dst, skb_queue_len(&gate_mpath->frame_queue));
321 spin_unlock_irqrestore(&gate_mpath->frame_queue.lock, flags);
322 318
323 if (!copy) 319 if (!copy)
324 return; 320 return;
@@ -531,7 +527,7 @@ int mesh_path_add(u8 *dst, struct ieee80211_sub_if_data *sdata)
531 527
532 read_lock_bh(&pathtbl_resize_lock); 528 read_lock_bh(&pathtbl_resize_lock);
533 memcpy(new_mpath->dst, dst, ETH_ALEN); 529 memcpy(new_mpath->dst, dst, ETH_ALEN);
534 memset(new_mpath->rann_snd_addr, 0xff, ETH_ALEN); 530 eth_broadcast_addr(new_mpath->rann_snd_addr);
535 new_mpath->is_root = false; 531 new_mpath->is_root = false;
536 new_mpath->sdata = sdata; 532 new_mpath->sdata = sdata;
537 new_mpath->flags = 0; 533 new_mpath->flags = 0;
diff --git a/net/mac80211/mesh_plink.c b/net/mac80211/mesh_plink.c
index af671b984df3..3ab34d816897 100644
--- a/net/mac80211/mesh_plink.c
+++ b/net/mac80211/mesh_plink.c
@@ -48,17 +48,17 @@ static int mesh_plink_frame_tx(struct ieee80211_sub_if_data *sdata,
48 u8 *da, __le16 llid, __le16 plid, __le16 reason); 48 u8 *da, __le16 llid, __le16 plid, __le16 reason);
49 49
50static inline 50static inline
51void mesh_plink_inc_estab_count(struct ieee80211_sub_if_data *sdata) 51u32 mesh_plink_inc_estab_count(struct ieee80211_sub_if_data *sdata)
52{ 52{
53 atomic_inc(&sdata->u.mesh.mshstats.estab_plinks); 53 atomic_inc(&sdata->u.mesh.mshstats.estab_plinks);
54 mesh_accept_plinks_update(sdata); 54 return mesh_accept_plinks_update(sdata);
55} 55}
56 56
57static inline 57static inline
58void mesh_plink_dec_estab_count(struct ieee80211_sub_if_data *sdata) 58u32 mesh_plink_dec_estab_count(struct ieee80211_sub_if_data *sdata)
59{ 59{
60 atomic_dec(&sdata->u.mesh.mshstats.estab_plinks); 60 atomic_dec(&sdata->u.mesh.mshstats.estab_plinks);
61 mesh_accept_plinks_update(sdata); 61 return mesh_accept_plinks_update(sdata);
62} 62}
63 63
64/** 64/**
@@ -117,7 +117,7 @@ static u32 mesh_set_ht_prot_mode(struct ieee80211_sub_if_data *sdata)
117 u16 ht_opmode; 117 u16 ht_opmode;
118 bool non_ht_sta = false, ht20_sta = false; 118 bool non_ht_sta = false, ht20_sta = false;
119 119
120 if (local->_oper_channel_type == NL80211_CHAN_NO_HT) 120 if (sdata->vif.bss_conf.channel_type == NL80211_CHAN_NO_HT)
121 return 0; 121 return 0;
122 122
123 rcu_read_lock(); 123 rcu_read_lock();
@@ -147,7 +147,8 @@ out:
147 147
148 if (non_ht_sta) 148 if (non_ht_sta)
149 ht_opmode = IEEE80211_HT_OP_MODE_PROTECTION_NONHT_MIXED; 149 ht_opmode = IEEE80211_HT_OP_MODE_PROTECTION_NONHT_MIXED;
150 else if (ht20_sta && local->_oper_channel_type > NL80211_CHAN_HT20) 150 else if (ht20_sta &&
151 sdata->vif.bss_conf.channel_type > NL80211_CHAN_HT20)
151 ht_opmode = IEEE80211_HT_OP_MODE_PROTECTION_20MHZ; 152 ht_opmode = IEEE80211_HT_OP_MODE_PROTECTION_20MHZ;
152 else 153 else
153 ht_opmode = IEEE80211_HT_OP_MODE_PROTECTION_NONE; 154 ht_opmode = IEEE80211_HT_OP_MODE_PROTECTION_NONE;
@@ -170,22 +171,21 @@ out:
170 * @sta: mesh peer link to deactivate 171 * @sta: mesh peer link to deactivate
171 * 172 *
172 * All mesh paths with this peer as next hop will be flushed 173 * All mesh paths with this peer as next hop will be flushed
174 * Returns beacon changed flag if the beacon content changed.
173 * 175 *
174 * Locking: the caller must hold sta->lock 176 * Locking: the caller must hold sta->lock
175 */ 177 */
176static bool __mesh_plink_deactivate(struct sta_info *sta) 178static u32 __mesh_plink_deactivate(struct sta_info *sta)
177{ 179{
178 struct ieee80211_sub_if_data *sdata = sta->sdata; 180 struct ieee80211_sub_if_data *sdata = sta->sdata;
179 bool deactivated = false; 181 u32 changed = 0;
180 182
181 if (sta->plink_state == NL80211_PLINK_ESTAB) { 183 if (sta->plink_state == NL80211_PLINK_ESTAB)
182 mesh_plink_dec_estab_count(sdata); 184 changed = mesh_plink_dec_estab_count(sdata);
183 deactivated = true;
184 }
185 sta->plink_state = NL80211_PLINK_BLOCKED; 185 sta->plink_state = NL80211_PLINK_BLOCKED;
186 mesh_path_flush_by_nexthop(sta); 186 mesh_path_flush_by_nexthop(sta);
187 187
188 return deactivated; 188 return changed;
189} 189}
190 190
191/** 191/**
@@ -198,18 +198,17 @@ static bool __mesh_plink_deactivate(struct sta_info *sta)
198void mesh_plink_deactivate(struct sta_info *sta) 198void mesh_plink_deactivate(struct sta_info *sta)
199{ 199{
200 struct ieee80211_sub_if_data *sdata = sta->sdata; 200 struct ieee80211_sub_if_data *sdata = sta->sdata;
201 bool deactivated; 201 u32 changed;
202 202
203 spin_lock_bh(&sta->lock); 203 spin_lock_bh(&sta->lock);
204 deactivated = __mesh_plink_deactivate(sta); 204 changed = __mesh_plink_deactivate(sta);
205 sta->reason = cpu_to_le16(WLAN_REASON_MESH_PEER_CANCELED); 205 sta->reason = cpu_to_le16(WLAN_REASON_MESH_PEER_CANCELED);
206 mesh_plink_frame_tx(sdata, WLAN_SP_MESH_PEERING_CLOSE, 206 mesh_plink_frame_tx(sdata, WLAN_SP_MESH_PEERING_CLOSE,
207 sta->sta.addr, sta->llid, sta->plid, 207 sta->sta.addr, sta->llid, sta->plid,
208 sta->reason); 208 sta->reason);
209 spin_unlock_bh(&sta->lock); 209 spin_unlock_bh(&sta->lock);
210 210
211 if (deactivated) 211 ieee80211_bss_info_change_notify(sdata, changed);
212 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON);
213} 212}
214 213
215static int mesh_plink_frame_tx(struct ieee80211_sub_if_data *sdata, 214static int mesh_plink_frame_tx(struct ieee80211_sub_if_data *sdata,
@@ -217,12 +216,14 @@ static int mesh_plink_frame_tx(struct ieee80211_sub_if_data *sdata,
217 u8 *da, __le16 llid, __le16 plid, __le16 reason) { 216 u8 *da, __le16 llid, __le16 plid, __le16 reason) {
218 struct ieee80211_local *local = sdata->local; 217 struct ieee80211_local *local = sdata->local;
219 struct sk_buff *skb; 218 struct sk_buff *skb;
219 struct ieee80211_tx_info *info;
220 struct ieee80211_mgmt *mgmt; 220 struct ieee80211_mgmt *mgmt;
221 bool include_plid = false; 221 bool include_plid = false;
222 u16 peering_proto = 0; 222 u16 peering_proto = 0;
223 u8 *pos, ie_len = 4; 223 u8 *pos, ie_len = 4;
224 int hdr_len = offsetof(struct ieee80211_mgmt, u.action.u.self_prot) + 224 int hdr_len = offsetof(struct ieee80211_mgmt, u.action.u.self_prot) +
225 sizeof(mgmt->u.action.u.self_prot); 225 sizeof(mgmt->u.action.u.self_prot);
226 int err = -ENOMEM;
226 227
227 skb = dev_alloc_skb(local->tx_headroom + 228 skb = dev_alloc_skb(local->tx_headroom +
228 hdr_len + 229 hdr_len +
@@ -238,6 +239,7 @@ static int mesh_plink_frame_tx(struct ieee80211_sub_if_data *sdata,
238 sdata->u.mesh.ie_len); 239 sdata->u.mesh.ie_len);
239 if (!skb) 240 if (!skb)
240 return -1; 241 return -1;
242 info = IEEE80211_SKB_CB(skb);
241 skb_reserve(skb, local->tx_headroom); 243 skb_reserve(skb, local->tx_headroom);
242 mgmt = (struct ieee80211_mgmt *) skb_put(skb, hdr_len); 244 mgmt = (struct ieee80211_mgmt *) skb_put(skb, hdr_len);
243 memset(mgmt, 0, hdr_len); 245 memset(mgmt, 0, hdr_len);
@@ -258,15 +260,18 @@ static int mesh_plink_frame_tx(struct ieee80211_sub_if_data *sdata,
258 pos = skb_put(skb, 2); 260 pos = skb_put(skb, 2);
259 memcpy(pos + 2, &plid, 2); 261 memcpy(pos + 2, &plid, 2);
260 } 262 }
261 if (ieee80211_add_srates_ie(sdata, skb, true) || 263 if (ieee80211_add_srates_ie(sdata, skb, true,
262 ieee80211_add_ext_srates_ie(sdata, skb, true) || 264 local->oper_channel->band) ||
265 ieee80211_add_ext_srates_ie(sdata, skb, true,
266 local->oper_channel->band) ||
263 mesh_add_rsn_ie(skb, sdata) || 267 mesh_add_rsn_ie(skb, sdata) ||
264 mesh_add_meshid_ie(skb, sdata) || 268 mesh_add_meshid_ie(skb, sdata) ||
265 mesh_add_meshconf_ie(skb, sdata)) 269 mesh_add_meshconf_ie(skb, sdata))
266 return -1; 270 goto free;
267 } else { /* WLAN_SP_MESH_PEERING_CLOSE */ 271 } else { /* WLAN_SP_MESH_PEERING_CLOSE */
272 info->flags |= IEEE80211_TX_CTL_NO_ACK;
268 if (mesh_add_meshid_ie(skb, sdata)) 273 if (mesh_add_meshid_ie(skb, sdata))
269 return -1; 274 goto free;
270 } 275 }
271 276
272 /* Add Mesh Peering Management element */ 277 /* Add Mesh Peering Management element */
@@ -285,11 +290,12 @@ static int mesh_plink_frame_tx(struct ieee80211_sub_if_data *sdata,
285 ie_len += 2; /* reason code */ 290 ie_len += 2; /* reason code */
286 break; 291 break;
287 default: 292 default:
288 return -EINVAL; 293 err = -EINVAL;
294 goto free;
289 } 295 }
290 296
291 if (WARN_ON(skb_tailroom(skb) < 2 + ie_len)) 297 if (WARN_ON(skb_tailroom(skb) < 2 + ie_len))
292 return -ENOMEM; 298 goto free;
293 299
294 pos = skb_put(skb, 2 + ie_len); 300 pos = skb_put(skb, 2 + ie_len);
295 *pos++ = WLAN_EID_PEER_MGMT; 301 *pos++ = WLAN_EID_PEER_MGMT;
@@ -310,14 +316,17 @@ static int mesh_plink_frame_tx(struct ieee80211_sub_if_data *sdata,
310 if (action != WLAN_SP_MESH_PEERING_CLOSE) { 316 if (action != WLAN_SP_MESH_PEERING_CLOSE) {
311 if (mesh_add_ht_cap_ie(skb, sdata) || 317 if (mesh_add_ht_cap_ie(skb, sdata) ||
312 mesh_add_ht_oper_ie(skb, sdata)) 318 mesh_add_ht_oper_ie(skb, sdata))
313 return -1; 319 goto free;
314 } 320 }
315 321
316 if (mesh_add_vendor_ies(skb, sdata)) 322 if (mesh_add_vendor_ies(skb, sdata))
317 return -1; 323 goto free;
318 324
319 ieee80211_tx_skb(sdata, skb); 325 ieee80211_tx_skb(sdata, skb);
320 return 0; 326 return 0;
327free:
328 kfree_skb(skb);
329 return err;
321} 330}
322 331
323/** 332/**
@@ -362,9 +371,14 @@ static struct sta_info *mesh_peer_init(struct ieee80211_sub_if_data *sdata,
362 371
363 spin_lock_bh(&sta->lock); 372 spin_lock_bh(&sta->lock);
364 sta->last_rx = jiffies; 373 sta->last_rx = jiffies;
374 if (sta->plink_state == NL80211_PLINK_ESTAB) {
375 spin_unlock_bh(&sta->lock);
376 return sta;
377 }
378
365 sta->sta.supp_rates[band] = rates; 379 sta->sta.supp_rates[band] = rates;
366 if (elems->ht_cap_elem && 380 if (elems->ht_cap_elem &&
367 sdata->local->_oper_channel_type != NL80211_CHAN_NO_HT) 381 sdata->vif.bss_conf.channel_type != NL80211_CHAN_NO_HT)
368 ieee80211_ht_cap_ie_to_sta_ht_cap(sdata, sband, 382 ieee80211_ht_cap_ie_to_sta_ht_cap(sdata, sband,
369 elems->ht_cap_elem, 383 elems->ht_cap_elem,
370 &sta->sta.ht_cap); 384 &sta->sta.ht_cap);
@@ -523,7 +537,8 @@ int mesh_plink_open(struct sta_info *sta)
523 spin_lock_bh(&sta->lock); 537 spin_lock_bh(&sta->lock);
524 get_random_bytes(&llid, 2); 538 get_random_bytes(&llid, 2);
525 sta->llid = llid; 539 sta->llid = llid;
526 if (sta->plink_state != NL80211_PLINK_LISTEN) { 540 if (sta->plink_state != NL80211_PLINK_LISTEN &&
541 sta->plink_state != NL80211_PLINK_BLOCKED) {
527 spin_unlock_bh(&sta->lock); 542 spin_unlock_bh(&sta->lock);
528 return -EBUSY; 543 return -EBUSY;
529 } 544 }
@@ -541,15 +556,14 @@ int mesh_plink_open(struct sta_info *sta)
541void mesh_plink_block(struct sta_info *sta) 556void mesh_plink_block(struct sta_info *sta)
542{ 557{
543 struct ieee80211_sub_if_data *sdata = sta->sdata; 558 struct ieee80211_sub_if_data *sdata = sta->sdata;
544 bool deactivated; 559 u32 changed;
545 560
546 spin_lock_bh(&sta->lock); 561 spin_lock_bh(&sta->lock);
547 deactivated = __mesh_plink_deactivate(sta); 562 changed = __mesh_plink_deactivate(sta);
548 sta->plink_state = NL80211_PLINK_BLOCKED; 563 sta->plink_state = NL80211_PLINK_BLOCKED;
549 spin_unlock_bh(&sta->lock); 564 spin_unlock_bh(&sta->lock);
550 565
551 if (deactivated) 566 ieee80211_bss_info_change_notify(sdata, changed);
552 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON);
553} 567}
554 568
555 569
@@ -852,9 +866,8 @@ void mesh_rx_plink_frame(struct ieee80211_sub_if_data *sdata, struct ieee80211_m
852 del_timer(&sta->plink_timer); 866 del_timer(&sta->plink_timer);
853 sta->plink_state = NL80211_PLINK_ESTAB; 867 sta->plink_state = NL80211_PLINK_ESTAB;
854 spin_unlock_bh(&sta->lock); 868 spin_unlock_bh(&sta->lock);
855 mesh_plink_inc_estab_count(sdata); 869 changed |= mesh_plink_inc_estab_count(sdata);
856 changed |= mesh_set_ht_prot_mode(sdata); 870 changed |= mesh_set_ht_prot_mode(sdata);
857 changed |= BSS_CHANGED_BEACON;
858 mpl_dbg(sdata, "Mesh plink with %pM ESTABLISHED\n", 871 mpl_dbg(sdata, "Mesh plink with %pM ESTABLISHED\n",
859 sta->sta.addr); 872 sta->sta.addr);
860 break; 873 break;
@@ -888,9 +901,8 @@ void mesh_rx_plink_frame(struct ieee80211_sub_if_data *sdata, struct ieee80211_m
888 del_timer(&sta->plink_timer); 901 del_timer(&sta->plink_timer);
889 sta->plink_state = NL80211_PLINK_ESTAB; 902 sta->plink_state = NL80211_PLINK_ESTAB;
890 spin_unlock_bh(&sta->lock); 903 spin_unlock_bh(&sta->lock);
891 mesh_plink_inc_estab_count(sdata); 904 changed |= mesh_plink_inc_estab_count(sdata);
892 changed |= mesh_set_ht_prot_mode(sdata); 905 changed |= mesh_set_ht_prot_mode(sdata);
893 changed |= BSS_CHANGED_BEACON;
894 mpl_dbg(sdata, "Mesh plink with %pM ESTABLISHED\n", 906 mpl_dbg(sdata, "Mesh plink with %pM ESTABLISHED\n",
895 sta->sta.addr); 907 sta->sta.addr);
896 mesh_plink_frame_tx(sdata, 908 mesh_plink_frame_tx(sdata,
@@ -908,13 +920,12 @@ void mesh_rx_plink_frame(struct ieee80211_sub_if_data *sdata, struct ieee80211_m
908 case CLS_ACPT: 920 case CLS_ACPT:
909 reason = cpu_to_le16(WLAN_REASON_MESH_CLOSE); 921 reason = cpu_to_le16(WLAN_REASON_MESH_CLOSE);
910 sta->reason = reason; 922 sta->reason = reason;
911 __mesh_plink_deactivate(sta); 923 changed |= __mesh_plink_deactivate(sta);
912 sta->plink_state = NL80211_PLINK_HOLDING; 924 sta->plink_state = NL80211_PLINK_HOLDING;
913 llid = sta->llid; 925 llid = sta->llid;
914 mod_plink_timer(sta, dot11MeshHoldingTimeout(sdata)); 926 mod_plink_timer(sta, dot11MeshHoldingTimeout(sdata));
915 spin_unlock_bh(&sta->lock); 927 spin_unlock_bh(&sta->lock);
916 changed |= mesh_set_ht_prot_mode(sdata); 928 changed |= mesh_set_ht_prot_mode(sdata);
917 changed |= BSS_CHANGED_BEACON;
918 mesh_plink_frame_tx(sdata, WLAN_SP_MESH_PEERING_CLOSE, 929 mesh_plink_frame_tx(sdata, WLAN_SP_MESH_PEERING_CLOSE,
919 sta->sta.addr, llid, plid, reason); 930 sta->sta.addr, llid, plid, reason);
920 break; 931 break;
diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
index f76b83341cf9..e714ed8bb198 100644
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -88,8 +88,6 @@ MODULE_PARM_DESC(probe_wait_ms,
88#define TMR_RUNNING_TIMER 0 88#define TMR_RUNNING_TIMER 0
89#define TMR_RUNNING_CHANSW 1 89#define TMR_RUNNING_CHANSW 1
90 90
91#define DEAUTH_DISASSOC_LEN (24 /* hdr */ + 2 /* reason */)
92
93/* 91/*
94 * All cfg80211 functions have to be called outside a locked 92 * All cfg80211 functions have to be called outside a locked
95 * section so that they can acquire a lock themselves... This 93 * section so that they can acquire a lock themselves... This
@@ -146,6 +144,9 @@ void ieee80211_sta_reset_beacon_monitor(struct ieee80211_sub_if_data *sdata)
146 if (sdata->vif.driver_flags & IEEE80211_VIF_BEACON_FILTER) 144 if (sdata->vif.driver_flags & IEEE80211_VIF_BEACON_FILTER)
147 return; 145 return;
148 146
147 if (sdata->local->hw.flags & IEEE80211_HW_CONNECTION_MONITOR)
148 return;
149
149 mod_timer(&sdata->u.mgd.bcn_mon_timer, 150 mod_timer(&sdata->u.mgd.bcn_mon_timer,
150 round_jiffies_up(jiffies + sdata->u.mgd.beacon_timeout)); 151 round_jiffies_up(jiffies + sdata->u.mgd.beacon_timeout));
151} 152}
@@ -182,15 +183,15 @@ static u32 ieee80211_config_ht_tx(struct ieee80211_sub_if_data *sdata,
182 u16 ht_opmode; 183 u16 ht_opmode;
183 bool disable_40 = false; 184 bool disable_40 = false;
184 185
185 sband = local->hw.wiphy->bands[local->hw.conf.channel->band]; 186 sband = local->hw.wiphy->bands[local->oper_channel->band];
186 187
187 switch (sdata->vif.bss_conf.channel_type) { 188 switch (sdata->vif.bss_conf.channel_type) {
188 case NL80211_CHAN_HT40PLUS: 189 case NL80211_CHAN_HT40PLUS:
189 if (local->hw.conf.channel->flags & IEEE80211_CHAN_NO_HT40PLUS) 190 if (local->oper_channel->flags & IEEE80211_CHAN_NO_HT40PLUS)
190 disable_40 = true; 191 disable_40 = true;
191 break; 192 break;
192 case NL80211_CHAN_HT40MINUS: 193 case NL80211_CHAN_HT40MINUS:
193 if (local->hw.conf.channel->flags & IEEE80211_CHAN_NO_HT40MINUS) 194 if (local->oper_channel->flags & IEEE80211_CHAN_NO_HT40MINUS)
194 disable_40 = true; 195 disable_40 = true;
195 break; 196 break;
196 default: 197 default:
@@ -326,6 +327,26 @@ static void ieee80211_add_ht_ie(struct ieee80211_sub_if_data *sdata,
326 ieee80211_ie_build_ht_cap(pos, &ht_cap, cap); 327 ieee80211_ie_build_ht_cap(pos, &ht_cap, cap);
327} 328}
328 329
330static void ieee80211_add_vht_ie(struct ieee80211_sub_if_data *sdata,
331 struct sk_buff *skb,
332 struct ieee80211_supported_band *sband)
333{
334 u8 *pos;
335 u32 cap;
336 struct ieee80211_sta_vht_cap vht_cap;
337
338 BUILD_BUG_ON(sizeof(vht_cap) != sizeof(sband->vht_cap));
339
340 memcpy(&vht_cap, &sband->vht_cap, sizeof(vht_cap));
341
342 /* determine capability flags */
343 cap = vht_cap.cap;
344
345 /* reserve and fill IE */
346 pos = skb_put(skb, sizeof(struct ieee80211_vht_capabilities) + 2);
347 ieee80211_ie_build_vht_cap(pos, &vht_cap, cap);
348}
349
329static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata) 350static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata)
330{ 351{
331 struct ieee80211_local *local = sdata->local; 352 struct ieee80211_local *local = sdata->local;
@@ -371,6 +392,7 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata)
371 4 + /* power capability */ 392 4 + /* power capability */
372 2 + 2 * sband->n_channels + /* supported channels */ 393 2 + 2 * sband->n_channels + /* supported channels */
373 2 + sizeof(struct ieee80211_ht_cap) + /* HT */ 394 2 + sizeof(struct ieee80211_ht_cap) + /* HT */
395 2 + sizeof(struct ieee80211_vht_capabilities) + /* VHT */
374 assoc_data->ie_len + /* extra IEs */ 396 assoc_data->ie_len + /* extra IEs */
375 9, /* WMM */ 397 9, /* WMM */
376 GFP_KERNEL); 398 GFP_KERNEL);
@@ -503,6 +525,9 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata)
503 ieee80211_add_ht_ie(sdata, skb, assoc_data->ap_ht_param, 525 ieee80211_add_ht_ie(sdata, skb, assoc_data->ap_ht_param,
504 sband, local->oper_channel, ifmgd->ap_smps); 526 sband, local->oper_channel, ifmgd->ap_smps);
505 527
528 if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT))
529 ieee80211_add_vht_ie(sdata, skb, sband);
530
506 /* if present, add any custom non-vendor IEs that go after HT */ 531 /* if present, add any custom non-vendor IEs that go after HT */
507 if (assoc_data->ie_len && assoc_data->ie) { 532 if (assoc_data->ie_len && assoc_data->ie) {
508 noffset = ieee80211_ie_split_vendor(assoc_data->ie, 533 noffset = ieee80211_ie_split_vendor(assoc_data->ie,
@@ -547,48 +572,6 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata)
547 ieee80211_tx_skb(sdata, skb); 572 ieee80211_tx_skb(sdata, skb);
548} 573}
549 574
550static void ieee80211_send_deauth_disassoc(struct ieee80211_sub_if_data *sdata,
551 const u8 *bssid, u16 stype,
552 u16 reason, bool send_frame,
553 u8 *frame_buf)
554{
555 struct ieee80211_local *local = sdata->local;
556 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
557 struct sk_buff *skb;
558 struct ieee80211_mgmt *mgmt = (void *)frame_buf;
559
560 /* build frame */
561 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | stype);
562 mgmt->duration = 0; /* initialize only */
563 mgmt->seq_ctrl = 0; /* initialize only */
564 memcpy(mgmt->da, bssid, ETH_ALEN);
565 memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN);
566 memcpy(mgmt->bssid, bssid, ETH_ALEN);
567 /* u.deauth.reason_code == u.disassoc.reason_code */
568 mgmt->u.deauth.reason_code = cpu_to_le16(reason);
569
570 if (send_frame) {
571 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
572 DEAUTH_DISASSOC_LEN);
573 if (!skb)
574 return;
575
576 skb_reserve(skb, local->hw.extra_tx_headroom);
577
578 /* copy in frame */
579 memcpy(skb_put(skb, DEAUTH_DISASSOC_LEN),
580 mgmt, DEAUTH_DISASSOC_LEN);
581
582 if (!(ifmgd->flags & IEEE80211_STA_MFP_ENABLED))
583 IEEE80211_SKB_CB(skb)->flags |=
584 IEEE80211_TX_INTFL_DONT_ENCRYPT;
585
586 drv_mgd_prepare_tx(local, sdata);
587
588 ieee80211_tx_skb(sdata, skb);
589 }
590}
591
592void ieee80211_send_pspoll(struct ieee80211_local *local, 575void ieee80211_send_pspoll(struct ieee80211_local *local,
593 struct ieee80211_sub_if_data *sdata) 576 struct ieee80211_sub_if_data *sdata)
594{ 577{
@@ -687,6 +670,7 @@ static void ieee80211_chswitch_work(struct work_struct *work)
687 /* XXX: shouldn't really modify cfg80211-owned data! */ 670 /* XXX: shouldn't really modify cfg80211-owned data! */
688 ifmgd->associated->channel = sdata->local->oper_channel; 671 ifmgd->associated->channel = sdata->local->oper_channel;
689 672
673 /* XXX: wait for a beacon first? */
690 ieee80211_wake_queues_by_reason(&sdata->local->hw, 674 ieee80211_wake_queues_by_reason(&sdata->local->hw,
691 IEEE80211_QUEUE_STOP_REASON_CSA); 675 IEEE80211_QUEUE_STOP_REASON_CSA);
692 out: 676 out:
@@ -704,16 +688,13 @@ void ieee80211_chswitch_done(struct ieee80211_vif *vif, bool success)
704 688
705 trace_api_chswitch_done(sdata, success); 689 trace_api_chswitch_done(sdata, success);
706 if (!success) { 690 if (!success) {
707 /* 691 sdata_info(sdata,
708 * If the channel switch was not successful, stay 692 "driver channel switch failed, disconnecting\n");
709 * around on the old channel. We currently lack 693 ieee80211_queue_work(&sdata->local->hw,
710 * good handling of this situation, possibly we 694 &ifmgd->csa_connection_drop_work);
711 * should just drop the association. 695 } else {
712 */ 696 ieee80211_queue_work(&sdata->local->hw, &ifmgd->chswitch_work);
713 sdata->local->csa_channel = sdata->local->oper_channel;
714 } 697 }
715
716 ieee80211_queue_work(&sdata->local->hw, &ifmgd->chswitch_work);
717} 698}
718EXPORT_SYMBOL(ieee80211_chswitch_done); 699EXPORT_SYMBOL(ieee80211_chswitch_done);
719 700
@@ -758,61 +739,111 @@ void ieee80211_sta_process_chanswitch(struct ieee80211_sub_if_data *sdata,
758 return; 739 return;
759 740
760 new_ch = ieee80211_get_channel(sdata->local->hw.wiphy, new_freq); 741 new_ch = ieee80211_get_channel(sdata->local->hw.wiphy, new_freq);
761 if (!new_ch || new_ch->flags & IEEE80211_CHAN_DISABLED) 742 if (!new_ch || new_ch->flags & IEEE80211_CHAN_DISABLED) {
743 sdata_info(sdata,
744 "AP %pM switches to unsupported channel (%d MHz), disconnecting\n",
745 ifmgd->associated->bssid, new_freq);
746 ieee80211_queue_work(&sdata->local->hw,
747 &ifmgd->csa_connection_drop_work);
762 return; 748 return;
749 }
763 750
764 sdata->local->csa_channel = new_ch; 751 sdata->local->csa_channel = new_ch;
765 752
753 ifmgd->flags |= IEEE80211_STA_CSA_RECEIVED;
754
755 if (sw_elem->mode)
756 ieee80211_stop_queues_by_reason(&sdata->local->hw,
757 IEEE80211_QUEUE_STOP_REASON_CSA);
758
766 if (sdata->local->ops->channel_switch) { 759 if (sdata->local->ops->channel_switch) {
767 /* use driver's channel switch callback */ 760 /* use driver's channel switch callback */
768 struct ieee80211_channel_switch ch_switch; 761 struct ieee80211_channel_switch ch_switch = {
769 memset(&ch_switch, 0, sizeof(ch_switch)); 762 .timestamp = timestamp,
770 ch_switch.timestamp = timestamp; 763 .block_tx = sw_elem->mode,
771 if (sw_elem->mode) { 764 .channel = new_ch,
772 ch_switch.block_tx = true; 765 .count = sw_elem->count,
773 ieee80211_stop_queues_by_reason(&sdata->local->hw, 766 };
774 IEEE80211_QUEUE_STOP_REASON_CSA); 767
775 }
776 ch_switch.channel = new_ch;
777 ch_switch.count = sw_elem->count;
778 ifmgd->flags |= IEEE80211_STA_CSA_RECEIVED;
779 drv_channel_switch(sdata->local, &ch_switch); 768 drv_channel_switch(sdata->local, &ch_switch);
780 return; 769 return;
781 } 770 }
782 771
783 /* channel switch handled in software */ 772 /* channel switch handled in software */
784 if (sw_elem->count <= 1) { 773 if (sw_elem->count <= 1)
785 ieee80211_queue_work(&sdata->local->hw, &ifmgd->chswitch_work); 774 ieee80211_queue_work(&sdata->local->hw, &ifmgd->chswitch_work);
786 } else { 775 else
787 if (sw_elem->mode)
788 ieee80211_stop_queues_by_reason(&sdata->local->hw,
789 IEEE80211_QUEUE_STOP_REASON_CSA);
790 ifmgd->flags |= IEEE80211_STA_CSA_RECEIVED;
791 mod_timer(&ifmgd->chswitch_timer, 776 mod_timer(&ifmgd->chswitch_timer,
792 jiffies + 777 TU_TO_EXP_TIME(sw_elem->count *
793 msecs_to_jiffies(sw_elem->count * 778 cbss->beacon_interval));
794 cbss->beacon_interval));
795 }
796} 779}
797 780
798static void ieee80211_handle_pwr_constr(struct ieee80211_sub_if_data *sdata, 781static void ieee80211_handle_pwr_constr(struct ieee80211_sub_if_data *sdata,
799 u16 capab_info, u8 *pwr_constr_elem, 782 struct ieee80211_channel *channel,
800 u8 pwr_constr_elem_len) 783 const u8 *country_ie, u8 country_ie_len,
784 const u8 *pwr_constr_elem)
801{ 785{
802 struct ieee80211_conf *conf = &sdata->local->hw.conf; 786 struct ieee80211_country_ie_triplet *triplet;
787 int chan = ieee80211_frequency_to_channel(channel->center_freq);
788 int i, chan_pwr, chan_increment, new_ap_level;
789 bool have_chan_pwr = false;
803 790
804 if (!(capab_info & WLAN_CAPABILITY_SPECTRUM_MGMT)) 791 /* Invalid IE */
792 if (country_ie_len % 2 || country_ie_len < IEEE80211_COUNTRY_IE_MIN_LEN)
805 return; 793 return;
806 794
807 /* Power constraint IE length should be 1 octet */ 795 triplet = (void *)(country_ie + 3);
808 if (pwr_constr_elem_len != 1) 796 country_ie_len -= 3;
809 return; 797
798 switch (channel->band) {
799 default:
800 WARN_ON_ONCE(1);
801 /* fall through */
802 case IEEE80211_BAND_2GHZ:
803 case IEEE80211_BAND_60GHZ:
804 chan_increment = 1;
805 break;
806 case IEEE80211_BAND_5GHZ:
807 chan_increment = 4;
808 break;
809 }
810
811 /* find channel */
812 while (country_ie_len >= 3) {
813 u8 first_channel = triplet->chans.first_channel;
810 814
811 if ((*pwr_constr_elem <= conf->channel->max_reg_power) && 815 if (first_channel >= IEEE80211_COUNTRY_EXTENSION_ID)
812 (*pwr_constr_elem != sdata->local->power_constr_level)) { 816 goto next;
813 sdata->local->power_constr_level = *pwr_constr_elem; 817
814 ieee80211_hw_config(sdata->local, 0); 818 for (i = 0; i < triplet->chans.num_channels; i++) {
819 if (first_channel + i * chan_increment == chan) {
820 have_chan_pwr = true;
821 chan_pwr = triplet->chans.max_power;
822 break;
823 }
824 }
825 if (have_chan_pwr)
826 break;
827
828 next:
829 triplet++;
830 country_ie_len -= 3;
815 } 831 }
832
833 if (!have_chan_pwr)
834 return;
835
836 new_ap_level = max_t(int, 0, chan_pwr - *pwr_constr_elem);
837
838 if (sdata->local->ap_power_level == new_ap_level)
839 return;
840
841 sdata_info(sdata,
842 "Limiting TX power to %d (%d - %d) dBm as advertised by %pM\n",
843 new_ap_level, chan_pwr, *pwr_constr_elem,
844 sdata->u.mgd.bssid);
845 sdata->local->ap_power_level = new_ap_level;
846 ieee80211_hw_config(sdata->local, 0);
816} 847}
817 848
818void ieee80211_enable_dyn_ps(struct ieee80211_vif *vif) 849void ieee80211_enable_dyn_ps(struct ieee80211_vif *vif)
@@ -1007,6 +1038,16 @@ void ieee80211_recalc_ps(struct ieee80211_local *local, s32 latency)
1007 ieee80211_change_ps(local); 1038 ieee80211_change_ps(local);
1008} 1039}
1009 1040
1041void ieee80211_recalc_ps_vif(struct ieee80211_sub_if_data *sdata)
1042{
1043 bool ps_allowed = ieee80211_powersave_allowed(sdata);
1044
1045 if (sdata->vif.bss_conf.ps != ps_allowed) {
1046 sdata->vif.bss_conf.ps = ps_allowed;
1047 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_PS);
1048 }
1049}
1050
1010void ieee80211_dynamic_ps_disable_work(struct work_struct *work) 1051void ieee80211_dynamic_ps_disable_work(struct work_struct *work)
1011{ 1052{
1012 struct ieee80211_local *local = 1053 struct ieee80211_local *local =
@@ -1239,7 +1280,7 @@ static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
1239 } 1280 }
1240 1281
1241 use_short_slot = !!(capab & WLAN_CAPABILITY_SHORT_SLOT_TIME); 1282 use_short_slot = !!(capab & WLAN_CAPABILITY_SHORT_SLOT_TIME);
1242 if (sdata->local->hw.conf.channel->band == IEEE80211_BAND_5GHZ) 1283 if (sdata->local->oper_channel->band == IEEE80211_BAND_5GHZ)
1243 use_short_slot = true; 1284 use_short_slot = true;
1244 1285
1245 if (use_protection != bss_conf->use_cts_prot) { 1286 if (use_protection != bss_conf->use_cts_prot) {
@@ -1307,9 +1348,11 @@ static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata,
1307 1348
1308 mutex_lock(&local->iflist_mtx); 1349 mutex_lock(&local->iflist_mtx);
1309 ieee80211_recalc_ps(local, -1); 1350 ieee80211_recalc_ps(local, -1);
1310 ieee80211_recalc_smps(local);
1311 mutex_unlock(&local->iflist_mtx); 1351 mutex_unlock(&local->iflist_mtx);
1312 1352
1353 ieee80211_recalc_smps(local);
1354 ieee80211_recalc_ps_vif(sdata);
1355
1313 netif_tx_start_all_queues(sdata->dev); 1356 netif_tx_start_all_queues(sdata->dev);
1314 netif_carrier_on(sdata->dev); 1357 netif_carrier_on(sdata->dev);
1315} 1358}
@@ -1356,7 +1399,7 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
1356 sta = sta_info_get(sdata, ifmgd->bssid); 1399 sta = sta_info_get(sdata, ifmgd->bssid);
1357 if (sta) { 1400 if (sta) {
1358 set_sta_flag(sta, WLAN_STA_BLOCK_BA); 1401 set_sta_flag(sta, WLAN_STA_BLOCK_BA);
1359 ieee80211_sta_tear_down_BA_sessions(sta, tx); 1402 ieee80211_sta_tear_down_BA_sessions(sta, false);
1360 } 1403 }
1361 mutex_unlock(&local->sta_mtx); 1404 mutex_unlock(&local->sta_mtx);
1362 1405
@@ -1371,6 +1414,9 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
1371 } 1414 }
1372 local->ps_sdata = NULL; 1415 local->ps_sdata = NULL;
1373 1416
1417 /* disable per-vif ps */
1418 ieee80211_recalc_ps_vif(sdata);
1419
1374 /* flush out any pending frame (e.g. DELBA) before deauth/disassoc */ 1420 /* flush out any pending frame (e.g. DELBA) before deauth/disassoc */
1375 if (tx) 1421 if (tx)
1376 drv_flush(local, false); 1422 drv_flush(local, false);
@@ -1401,7 +1447,7 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
1401 memset(&ifmgd->ht_capa, 0, sizeof(ifmgd->ht_capa)); 1447 memset(&ifmgd->ht_capa, 0, sizeof(ifmgd->ht_capa));
1402 memset(&ifmgd->ht_capa_mask, 0, sizeof(ifmgd->ht_capa_mask)); 1448 memset(&ifmgd->ht_capa_mask, 0, sizeof(ifmgd->ht_capa_mask));
1403 1449
1404 local->power_constr_level = 0; 1450 local->ap_power_level = 0;
1405 1451
1406 del_timer_sync(&local->dynamic_ps_timer); 1452 del_timer_sync(&local->dynamic_ps_timer);
1407 cancel_work_sync(&local->dynamic_ps_enable_work); 1453 cancel_work_sync(&local->dynamic_ps_enable_work);
@@ -1542,7 +1588,8 @@ static void ieee80211_mgd_probe_ap_send(struct ieee80211_sub_if_data *sdata)
1542 ssid_len = ssid[1]; 1588 ssid_len = ssid[1];
1543 1589
1544 ieee80211_send_probe_req(sdata, dst, ssid + 2, ssid_len, NULL, 1590 ieee80211_send_probe_req(sdata, dst, ssid + 2, ssid_len, NULL,
1545 0, (u32) -1, true, false); 1591 0, (u32) -1, true, false,
1592 ifmgd->associated->channel);
1546 } 1593 }
1547 1594
1548 ifmgd->probe_timeout = jiffies + msecs_to_jiffies(probe_wait_ms); 1595 ifmgd->probe_timeout = jiffies + msecs_to_jiffies(probe_wait_ms);
@@ -1645,19 +1692,21 @@ struct sk_buff *ieee80211_ap_probereq_get(struct ieee80211_hw *hw,
1645 ssid_len = ssid[1]; 1692 ssid_len = ssid[1];
1646 1693
1647 skb = ieee80211_build_probe_req(sdata, cbss->bssid, 1694 skb = ieee80211_build_probe_req(sdata, cbss->bssid,
1648 (u32) -1, ssid + 2, ssid_len, 1695 (u32) -1,
1696 sdata->local->oper_channel,
1697 ssid + 2, ssid_len,
1649 NULL, 0, true); 1698 NULL, 0, true);
1650 1699
1651 return skb; 1700 return skb;
1652} 1701}
1653EXPORT_SYMBOL(ieee80211_ap_probereq_get); 1702EXPORT_SYMBOL(ieee80211_ap_probereq_get);
1654 1703
1655static void __ieee80211_connection_loss(struct ieee80211_sub_if_data *sdata) 1704static void __ieee80211_disconnect(struct ieee80211_sub_if_data *sdata,
1705 bool transmit_frame)
1656{ 1706{
1657 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 1707 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1658 struct ieee80211_local *local = sdata->local; 1708 struct ieee80211_local *local = sdata->local;
1659 u8 bssid[ETH_ALEN]; 1709 u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN];
1660 u8 frame_buf[DEAUTH_DISASSOC_LEN];
1661 1710
1662 mutex_lock(&ifmgd->mtx); 1711 mutex_lock(&ifmgd->mtx);
1663 if (!ifmgd->associated) { 1712 if (!ifmgd->associated) {
@@ -1665,27 +1714,24 @@ static void __ieee80211_connection_loss(struct ieee80211_sub_if_data *sdata)
1665 return; 1714 return;
1666 } 1715 }
1667 1716
1668 memcpy(bssid, ifmgd->associated->bssid, ETH_ALEN);
1669
1670 sdata_info(sdata, "Connection to AP %pM lost\n", bssid);
1671
1672 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH, 1717 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH,
1673 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY, 1718 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY,
1674 false, frame_buf); 1719 transmit_frame, frame_buf);
1720 ifmgd->flags &= ~IEEE80211_STA_CSA_RECEIVED;
1675 mutex_unlock(&ifmgd->mtx); 1721 mutex_unlock(&ifmgd->mtx);
1676 1722
1677 /* 1723 /*
1678 * must be outside lock due to cfg80211, 1724 * must be outside lock due to cfg80211,
1679 * but that's not a problem. 1725 * but that's not a problem.
1680 */ 1726 */
1681 cfg80211_send_deauth(sdata->dev, frame_buf, DEAUTH_DISASSOC_LEN); 1727 cfg80211_send_deauth(sdata->dev, frame_buf, IEEE80211_DEAUTH_FRAME_LEN);
1682 1728
1683 mutex_lock(&local->mtx); 1729 mutex_lock(&local->mtx);
1684 ieee80211_recalc_idle(local); 1730 ieee80211_recalc_idle(local);
1685 mutex_unlock(&local->mtx); 1731 mutex_unlock(&local->mtx);
1686} 1732}
1687 1733
1688void ieee80211_beacon_connection_loss_work(struct work_struct *work) 1734static void ieee80211_beacon_connection_loss_work(struct work_struct *work)
1689{ 1735{
1690 struct ieee80211_sub_if_data *sdata = 1736 struct ieee80211_sub_if_data *sdata =
1691 container_of(work, struct ieee80211_sub_if_data, 1737 container_of(work, struct ieee80211_sub_if_data,
@@ -1701,10 +1747,24 @@ void ieee80211_beacon_connection_loss_work(struct work_struct *work)
1701 rcu_read_unlock(); 1747 rcu_read_unlock();
1702 } 1748 }
1703 1749
1704 if (sdata->local->hw.flags & IEEE80211_HW_CONNECTION_MONITOR) 1750 if (sdata->local->hw.flags & IEEE80211_HW_CONNECTION_MONITOR) {
1705 __ieee80211_connection_loss(sdata); 1751 sdata_info(sdata, "Connection to AP %pM lost\n",
1706 else 1752 ifmgd->bssid);
1753 __ieee80211_disconnect(sdata, false);
1754 } else {
1707 ieee80211_mgd_probe_ap(sdata, true); 1755 ieee80211_mgd_probe_ap(sdata, true);
1756 }
1757}
1758
1759static void ieee80211_csa_connection_drop_work(struct work_struct *work)
1760{
1761 struct ieee80211_sub_if_data *sdata =
1762 container_of(work, struct ieee80211_sub_if_data,
1763 u.mgd.csa_connection_drop_work);
1764
1765 ieee80211_wake_queues_by_reason(&sdata->local->hw,
1766 IEEE80211_QUEUE_STOP_REASON_CSA);
1767 __ieee80211_disconnect(sdata, true);
1708} 1768}
1709 1769
1710void ieee80211_beacon_loss(struct ieee80211_vif *vif) 1770void ieee80211_beacon_loss(struct ieee80211_vif *vif)
@@ -2232,14 +2292,10 @@ static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
2232 mutex_unlock(&local->iflist_mtx); 2292 mutex_unlock(&local->iflist_mtx);
2233 } 2293 }
2234 2294
2235 if (elems->ch_switch_elem && (elems->ch_switch_elem_len == 3) && 2295 if (elems->ch_switch_ie &&
2236 (memcmp(mgmt->bssid, sdata->u.mgd.associated->bssid, 2296 memcmp(mgmt->bssid, sdata->u.mgd.associated->bssid, ETH_ALEN) == 0)
2237 ETH_ALEN) == 0)) { 2297 ieee80211_sta_process_chanswitch(sdata, elems->ch_switch_ie,
2238 struct ieee80211_channel_sw_ie *sw_elem =
2239 (struct ieee80211_channel_sw_ie *)elems->ch_switch_elem;
2240 ieee80211_sta_process_chanswitch(sdata, sw_elem,
2241 bss, rx_status->mactime); 2298 bss, rx_status->mactime);
2242 }
2243} 2299}
2244 2300
2245 2301
@@ -2326,7 +2382,7 @@ static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
2326 if (baselen > len) 2382 if (baselen > len)
2327 return; 2383 return;
2328 2384
2329 if (rx_status->freq != local->hw.conf.channel->center_freq) 2385 if (rx_status->freq != local->oper_channel->center_freq)
2330 return; 2386 return;
2331 2387
2332 if (ifmgd->assoc_data && !ifmgd->assoc_data->have_beacon && 2388 if (ifmgd->assoc_data && !ifmgd->assoc_data->have_beacon &&
@@ -2490,21 +2546,19 @@ static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
2490 !(ifmgd->flags & IEEE80211_STA_DISABLE_11N)) { 2546 !(ifmgd->flags & IEEE80211_STA_DISABLE_11N)) {
2491 struct ieee80211_supported_band *sband; 2547 struct ieee80211_supported_band *sband;
2492 2548
2493 sband = local->hw.wiphy->bands[local->hw.conf.channel->band]; 2549 sband = local->hw.wiphy->bands[local->oper_channel->band];
2494 2550
2495 changed |= ieee80211_config_ht_tx(sdata, elems.ht_operation, 2551 changed |= ieee80211_config_ht_tx(sdata, elems.ht_operation,
2496 bssid, true); 2552 bssid, true);
2497 } 2553 }
2498 2554
2499 /* Note: country IE parsing is done for us by cfg80211 */ 2555 if (elems.country_elem && elems.pwr_constr_elem &&
2500 if (elems.country_elem) { 2556 mgmt->u.probe_resp.capab_info &
2501 /* TODO: IBSS also needs this */ 2557 cpu_to_le16(WLAN_CAPABILITY_SPECTRUM_MGMT))
2502 if (elems.pwr_constr_elem) 2558 ieee80211_handle_pwr_constr(sdata, local->oper_channel,
2503 ieee80211_handle_pwr_constr(sdata, 2559 elems.country_elem,
2504 le16_to_cpu(mgmt->u.probe_resp.capab_info), 2560 elems.country_elem_len,
2505 elems.pwr_constr_elem, 2561 elems.pwr_constr_elem);
2506 elems.pwr_constr_elem_len);
2507 }
2508 2562
2509 ieee80211_bss_info_change_notify(sdata, changed); 2563 ieee80211_bss_info_change_notify(sdata, changed);
2510} 2564}
@@ -2601,7 +2655,7 @@ static void ieee80211_sta_connection_lost(struct ieee80211_sub_if_data *sdata,
2601{ 2655{
2602 struct ieee80211_local *local = sdata->local; 2656 struct ieee80211_local *local = sdata->local;
2603 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 2657 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2604 u8 frame_buf[DEAUTH_DISASSOC_LEN]; 2658 u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN];
2605 2659
2606 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH, reason, 2660 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH, reason,
2607 false, frame_buf); 2661 false, frame_buf);
@@ -2611,7 +2665,7 @@ static void ieee80211_sta_connection_lost(struct ieee80211_sub_if_data *sdata,
2611 * must be outside lock due to cfg80211, 2665 * must be outside lock due to cfg80211,
2612 * but that's not a problem. 2666 * but that's not a problem.
2613 */ 2667 */
2614 cfg80211_send_deauth(sdata->dev, frame_buf, DEAUTH_DISASSOC_LEN); 2668 cfg80211_send_deauth(sdata->dev, frame_buf, IEEE80211_DEAUTH_FRAME_LEN);
2615 2669
2616 mutex_lock(&local->mtx); 2670 mutex_lock(&local->mtx);
2617 ieee80211_recalc_idle(local); 2671 ieee80211_recalc_idle(local);
@@ -2673,7 +2727,8 @@ static int ieee80211_probe_auth(struct ieee80211_sub_if_data *sdata)
2673 * will not answer to direct packet in unassociated state. 2727 * will not answer to direct packet in unassociated state.
2674 */ 2728 */
2675 ieee80211_send_probe_req(sdata, NULL, ssidie + 2, ssidie[1], 2729 ieee80211_send_probe_req(sdata, NULL, ssidie + 2, ssidie[1],
2676 NULL, 0, (u32) -1, true, false); 2730 NULL, 0, (u32) -1, true, false,
2731 auth_data->bss->channel);
2677 } 2732 }
2678 2733
2679 auth_data->timeout = jiffies + IEEE80211_AUTH_TIMEOUT; 2734 auth_data->timeout = jiffies + IEEE80211_AUTH_TIMEOUT;
@@ -2894,6 +2949,7 @@ void ieee80211_sta_quiesce(struct ieee80211_sub_if_data *sdata)
2894 2949
2895 cancel_work_sync(&ifmgd->monitor_work); 2950 cancel_work_sync(&ifmgd->monitor_work);
2896 cancel_work_sync(&ifmgd->beacon_connection_loss_work); 2951 cancel_work_sync(&ifmgd->beacon_connection_loss_work);
2952 cancel_work_sync(&ifmgd->csa_connection_drop_work);
2897 if (del_timer_sync(&ifmgd->timer)) 2953 if (del_timer_sync(&ifmgd->timer))
2898 set_bit(TMR_RUNNING_TIMER, &ifmgd->timers_running); 2954 set_bit(TMR_RUNNING_TIMER, &ifmgd->timers_running);
2899 2955
@@ -2950,6 +3006,8 @@ void ieee80211_sta_setup_sdata(struct ieee80211_sub_if_data *sdata)
2950 INIT_WORK(&ifmgd->chswitch_work, ieee80211_chswitch_work); 3006 INIT_WORK(&ifmgd->chswitch_work, ieee80211_chswitch_work);
2951 INIT_WORK(&ifmgd->beacon_connection_loss_work, 3007 INIT_WORK(&ifmgd->beacon_connection_loss_work,
2952 ieee80211_beacon_connection_loss_work); 3008 ieee80211_beacon_connection_loss_work);
3009 INIT_WORK(&ifmgd->csa_connection_drop_work,
3010 ieee80211_csa_connection_drop_work);
2953 INIT_WORK(&ifmgd->request_smps_work, ieee80211_request_smps_work); 3011 INIT_WORK(&ifmgd->request_smps_work, ieee80211_request_smps_work);
2954 setup_timer(&ifmgd->timer, ieee80211_sta_timer, 3012 setup_timer(&ifmgd->timer, ieee80211_sta_timer,
2955 (unsigned long) sdata); 3013 (unsigned long) sdata);
@@ -3000,41 +3058,17 @@ int ieee80211_max_network_latency(struct notifier_block *nb,
3000 return 0; 3058 return 0;
3001} 3059}
3002 3060
3003static int ieee80211_prep_connection(struct ieee80211_sub_if_data *sdata, 3061static int ieee80211_prep_channel(struct ieee80211_sub_if_data *sdata,
3004 struct cfg80211_bss *cbss, bool assoc) 3062 struct cfg80211_bss *cbss)
3005{ 3063{
3006 struct ieee80211_local *local = sdata->local; 3064 struct ieee80211_local *local = sdata->local;
3007 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3065 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
3008 struct ieee80211_bss *bss = (void *)cbss->priv;
3009 struct sta_info *sta = NULL;
3010 bool have_sta = false;
3011 int err;
3012 int ht_cfreq; 3066 int ht_cfreq;
3013 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT; 3067 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT;
3014 const u8 *ht_oper_ie; 3068 const u8 *ht_oper_ie;
3015 const struct ieee80211_ht_operation *ht_oper = NULL; 3069 const struct ieee80211_ht_operation *ht_oper = NULL;
3016 struct ieee80211_supported_band *sband; 3070 struct ieee80211_supported_band *sband;
3017 3071
3018 if (WARN_ON(!ifmgd->auth_data && !ifmgd->assoc_data))
3019 return -EINVAL;
3020
3021 if (assoc) {
3022 rcu_read_lock();
3023 have_sta = sta_info_get(sdata, cbss->bssid);
3024 rcu_read_unlock();
3025 }
3026
3027 if (!have_sta) {
3028 sta = sta_info_alloc(sdata, cbss->bssid, GFP_KERNEL);
3029 if (!sta)
3030 return -ENOMEM;
3031 }
3032
3033 mutex_lock(&local->mtx);
3034 ieee80211_recalc_idle(sdata->local);
3035 mutex_unlock(&local->mtx);
3036
3037 /* switch to the right channel */
3038 sband = local->hw.wiphy->bands[cbss->channel->band]; 3072 sband = local->hw.wiphy->bands[cbss->channel->band];
3039 3073
3040 ifmgd->flags &= ~IEEE80211_STA_DISABLE_40MHZ; 3074 ifmgd->flags &= ~IEEE80211_STA_DISABLE_40MHZ;
@@ -3097,10 +3131,51 @@ static int ieee80211_prep_connection(struct ieee80211_sub_if_data *sdata,
3097 local->oper_channel = cbss->channel; 3131 local->oper_channel = cbss->channel;
3098 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL); 3132 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL);
3099 3133
3100 if (sta) { 3134 return 0;
3135}
3136
3137static int ieee80211_prep_connection(struct ieee80211_sub_if_data *sdata,
3138 struct cfg80211_bss *cbss, bool assoc)
3139{
3140 struct ieee80211_local *local = sdata->local;
3141 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
3142 struct ieee80211_bss *bss = (void *)cbss->priv;
3143 struct sta_info *new_sta = NULL;
3144 bool have_sta = false;
3145 int err;
3146
3147 if (WARN_ON(!ifmgd->auth_data && !ifmgd->assoc_data))
3148 return -EINVAL;
3149
3150 if (assoc) {
3151 rcu_read_lock();
3152 have_sta = sta_info_get(sdata, cbss->bssid);
3153 rcu_read_unlock();
3154 }
3155
3156 if (!have_sta) {
3157 new_sta = sta_info_alloc(sdata, cbss->bssid, GFP_KERNEL);
3158 if (!new_sta)
3159 return -ENOMEM;
3160 }
3161
3162 mutex_lock(&local->mtx);
3163 ieee80211_recalc_idle(sdata->local);
3164 mutex_unlock(&local->mtx);
3165
3166 if (new_sta) {
3101 u32 rates = 0, basic_rates = 0; 3167 u32 rates = 0, basic_rates = 0;
3102 bool have_higher_than_11mbit; 3168 bool have_higher_than_11mbit;
3103 int min_rate = INT_MAX, min_rate_index = -1; 3169 int min_rate = INT_MAX, min_rate_index = -1;
3170 struct ieee80211_supported_band *sband;
3171
3172 sband = local->hw.wiphy->bands[cbss->channel->band];
3173
3174 err = ieee80211_prep_channel(sdata, cbss);
3175 if (err) {
3176 sta_info_free(local, new_sta);
3177 return err;
3178 }
3104 3179
3105 ieee80211_get_rates(sband, bss->supp_rates, 3180 ieee80211_get_rates(sband, bss->supp_rates,
3106 bss->supp_rates_len, 3181 bss->supp_rates_len,
@@ -3122,7 +3197,7 @@ static int ieee80211_prep_connection(struct ieee80211_sub_if_data *sdata,
3122 basic_rates = BIT(min_rate_index); 3197 basic_rates = BIT(min_rate_index);
3123 } 3198 }
3124 3199
3125 sta->sta.supp_rates[cbss->channel->band] = rates; 3200 new_sta->sta.supp_rates[cbss->channel->band] = rates;
3126 sdata->vif.bss_conf.basic_rates = basic_rates; 3201 sdata->vif.bss_conf.basic_rates = basic_rates;
3127 3202
3128 /* cf. IEEE 802.11 9.2.12 */ 3203 /* cf. IEEE 802.11 9.2.12 */
@@ -3145,10 +3220,10 @@ static int ieee80211_prep_connection(struct ieee80211_sub_if_data *sdata,
3145 BSS_CHANGED_BEACON_INT); 3220 BSS_CHANGED_BEACON_INT);
3146 3221
3147 if (assoc) 3222 if (assoc)
3148 sta_info_pre_move_state(sta, IEEE80211_STA_AUTH); 3223 sta_info_pre_move_state(new_sta, IEEE80211_STA_AUTH);
3149 3224
3150 err = sta_info_insert(sta); 3225 err = sta_info_insert(new_sta);
3151 sta = NULL; 3226 new_sta = NULL;
3152 if (err) { 3227 if (err) {
3153 sdata_info(sdata, 3228 sdata_info(sdata,
3154 "failed to insert STA entry for the AP (error %d)\n", 3229 "failed to insert STA entry for the AP (error %d)\n",
@@ -3302,9 +3377,13 @@ int ieee80211_mgd_assoc(struct ieee80211_sub_if_data *sdata,
3302 } 3377 }
3303 3378
3304 /* prepare assoc data */ 3379 /* prepare assoc data */
3305 3380
3306 ifmgd->flags &= ~IEEE80211_STA_DISABLE_11N; 3381 /*
3307 ifmgd->flags &= ~IEEE80211_STA_NULLFUNC_ACKED; 3382 * keep only the 40 MHz disable bit set as it might have
3383 * been set during authentication already, all other bits
3384 * should be reset for a new connection
3385 */
3386 ifmgd->flags &= IEEE80211_STA_DISABLE_40MHZ;
3308 3387
3309 ifmgd->beacon_crc_valid = false; 3388 ifmgd->beacon_crc_valid = false;
3310 3389
@@ -3320,21 +3399,34 @@ int ieee80211_mgd_assoc(struct ieee80211_sub_if_data *sdata,
3320 req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_TKIP || 3399 req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_TKIP ||
3321 req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_WEP104) { 3400 req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_WEP104) {
3322 ifmgd->flags |= IEEE80211_STA_DISABLE_11N; 3401 ifmgd->flags |= IEEE80211_STA_DISABLE_11N;
3402 ifmgd->flags |= IEEE80211_STA_DISABLE_VHT;
3323 netdev_info(sdata->dev, 3403 netdev_info(sdata->dev,
3324 "disabling HT due to WEP/TKIP use\n"); 3404 "disabling HT/VHT due to WEP/TKIP use\n");
3325 } 3405 }
3326 } 3406 }
3327 3407
3328 if (req->flags & ASSOC_REQ_DISABLE_HT) 3408 if (req->flags & ASSOC_REQ_DISABLE_HT) {
3329 ifmgd->flags |= IEEE80211_STA_DISABLE_11N; 3409 ifmgd->flags |= IEEE80211_STA_DISABLE_11N;
3410 ifmgd->flags |= IEEE80211_STA_DISABLE_VHT;
3411 }
3330 3412
3331 /* Also disable HT if we don't support it or the AP doesn't use WMM */ 3413 /* Also disable HT if we don't support it or the AP doesn't use WMM */
3332 sband = local->hw.wiphy->bands[req->bss->channel->band]; 3414 sband = local->hw.wiphy->bands[req->bss->channel->band];
3333 if (!sband->ht_cap.ht_supported || 3415 if (!sband->ht_cap.ht_supported ||
3334 local->hw.queues < IEEE80211_NUM_ACS || !bss->wmm_used) { 3416 local->hw.queues < IEEE80211_NUM_ACS || !bss->wmm_used) {
3335 ifmgd->flags |= IEEE80211_STA_DISABLE_11N; 3417 ifmgd->flags |= IEEE80211_STA_DISABLE_11N;
3336 netdev_info(sdata->dev, 3418 if (!bss->wmm_used)
3337 "disabling HT as WMM/QoS is not supported\n"); 3419 netdev_info(sdata->dev,
3420 "disabling HT as WMM/QoS is not supported by the AP\n");
3421 }
3422
3423 /* disable VHT if we don't support it or the AP doesn't use WMM */
3424 if (!sband->vht_cap.vht_supported ||
3425 local->hw.queues < IEEE80211_NUM_ACS || !bss->wmm_used) {
3426 ifmgd->flags |= IEEE80211_STA_DISABLE_VHT;
3427 if (!bss->wmm_used)
3428 netdev_info(sdata->dev,
3429 "disabling VHT as WMM/QoS is not supported by the AP\n");
3338 } 3430 }
3339 3431
3340 memcpy(&ifmgd->ht_capa, &req->ht_capa, sizeof(ifmgd->ht_capa)); 3432 memcpy(&ifmgd->ht_capa, &req->ht_capa, sizeof(ifmgd->ht_capa));
@@ -3456,7 +3548,7 @@ int ieee80211_mgd_deauth(struct ieee80211_sub_if_data *sdata,
3456 struct cfg80211_deauth_request *req) 3548 struct cfg80211_deauth_request *req)
3457{ 3549{
3458 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3550 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
3459 u8 frame_buf[DEAUTH_DISASSOC_LEN]; 3551 u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN];
3460 3552
3461 mutex_lock(&ifmgd->mtx); 3553 mutex_lock(&ifmgd->mtx);
3462 3554
@@ -3471,17 +3563,21 @@ int ieee80211_mgd_deauth(struct ieee80211_sub_if_data *sdata,
3471 req->bssid, req->reason_code); 3563 req->bssid, req->reason_code);
3472 3564
3473 if (ifmgd->associated && 3565 if (ifmgd->associated &&
3474 ether_addr_equal(ifmgd->associated->bssid, req->bssid)) 3566 ether_addr_equal(ifmgd->associated->bssid, req->bssid)) {
3475 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH, 3567 ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH,
3476 req->reason_code, true, frame_buf); 3568 req->reason_code, true, frame_buf);
3477 else 3569 } else {
3570 drv_mgd_prepare_tx(sdata->local, sdata);
3478 ieee80211_send_deauth_disassoc(sdata, req->bssid, 3571 ieee80211_send_deauth_disassoc(sdata, req->bssid,
3479 IEEE80211_STYPE_DEAUTH, 3572 IEEE80211_STYPE_DEAUTH,
3480 req->reason_code, true, 3573 req->reason_code, true,
3481 frame_buf); 3574 frame_buf);
3575 }
3576
3482 mutex_unlock(&ifmgd->mtx); 3577 mutex_unlock(&ifmgd->mtx);
3483 3578
3484 __cfg80211_send_deauth(sdata->dev, frame_buf, DEAUTH_DISASSOC_LEN); 3579 __cfg80211_send_deauth(sdata->dev, frame_buf,
3580 IEEE80211_DEAUTH_FRAME_LEN);
3485 3581
3486 mutex_lock(&sdata->local->mtx); 3582 mutex_lock(&sdata->local->mtx);
3487 ieee80211_recalc_idle(sdata->local); 3583 ieee80211_recalc_idle(sdata->local);
@@ -3495,7 +3591,7 @@ int ieee80211_mgd_disassoc(struct ieee80211_sub_if_data *sdata,
3495{ 3591{
3496 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; 3592 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
3497 u8 bssid[ETH_ALEN]; 3593 u8 bssid[ETH_ALEN];
3498 u8 frame_buf[DEAUTH_DISASSOC_LEN]; 3594 u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN];
3499 3595
3500 mutex_lock(&ifmgd->mtx); 3596 mutex_lock(&ifmgd->mtx);
3501 3597
@@ -3520,7 +3616,8 @@ int ieee80211_mgd_disassoc(struct ieee80211_sub_if_data *sdata,
3520 frame_buf); 3616 frame_buf);
3521 mutex_unlock(&ifmgd->mtx); 3617 mutex_unlock(&ifmgd->mtx);
3522 3618
3523 __cfg80211_send_disassoc(sdata->dev, frame_buf, DEAUTH_DISASSOC_LEN); 3619 __cfg80211_send_disassoc(sdata->dev, frame_buf,
3620 IEEE80211_DEAUTH_FRAME_LEN);
3524 3621
3525 mutex_lock(&sdata->local->mtx); 3622 mutex_lock(&sdata->local->mtx);
3526 ieee80211_recalc_idle(sdata->local); 3623 ieee80211_recalc_idle(sdata->local);
diff --git a/net/mac80211/offchannel.c b/net/mac80211/offchannel.c
index 635c3250c668..83608ac16780 100644
--- a/net/mac80211/offchannel.c
+++ b/net/mac80211/offchannel.c
@@ -116,6 +116,9 @@ void ieee80211_offchannel_stop_vifs(struct ieee80211_local *local,
116 if (!ieee80211_sdata_running(sdata)) 116 if (!ieee80211_sdata_running(sdata))
117 continue; 117 continue;
118 118
119 if (sdata->vif.type == NL80211_IFTYPE_P2P_DEVICE)
120 continue;
121
119 if (sdata->vif.type != NL80211_IFTYPE_MONITOR) 122 if (sdata->vif.type != NL80211_IFTYPE_MONITOR)
120 set_bit(SDATA_STATE_OFFCHANNEL, &sdata->state); 123 set_bit(SDATA_STATE_OFFCHANNEL, &sdata->state);
121 124
@@ -144,6 +147,9 @@ void ieee80211_offchannel_return(struct ieee80211_local *local,
144 147
145 mutex_lock(&local->iflist_mtx); 148 mutex_lock(&local->iflist_mtx);
146 list_for_each_entry(sdata, &local->interfaces, list) { 149 list_for_each_entry(sdata, &local->interfaces, list) {
150 if (sdata->vif.type == NL80211_IFTYPE_P2P_DEVICE)
151 continue;
152
147 if (sdata->vif.type != NL80211_IFTYPE_MONITOR) 153 if (sdata->vif.type != NL80211_IFTYPE_MONITOR)
148 clear_bit(SDATA_STATE_OFFCHANNEL, &sdata->state); 154 clear_bit(SDATA_STATE_OFFCHANNEL, &sdata->state);
149 155
@@ -227,8 +233,7 @@ static void ieee80211_hw_roc_start(struct work_struct *work)
227 u32 dur = dep->duration; 233 u32 dur = dep->duration;
228 dep->duration = dur - roc->duration; 234 dep->duration = dur - roc->duration;
229 roc->duration = dur; 235 roc->duration = dur;
230 list_del(&dep->list); 236 list_move(&dep->list, &roc->list);
231 list_add(&dep->list, &roc->list);
232 } 237 }
233 } 238 }
234 out_unlock: 239 out_unlock:
diff --git a/net/mac80211/rate.h b/net/mac80211/rate.h
index 6e4fd32c6617..10de668eb9f6 100644
--- a/net/mac80211/rate.h
+++ b/net/mac80211/rate.h
@@ -56,7 +56,7 @@ static inline void rate_control_rate_init(struct sta_info *sta)
56 if (!ref) 56 if (!ref)
57 return; 57 return;
58 58
59 sband = local->hw.wiphy->bands[local->hw.conf.channel->band]; 59 sband = local->hw.wiphy->bands[local->oper_channel->band];
60 60
61 ref->ops->rate_init(ref->priv, sband, ista, priv_sta); 61 ref->ops->rate_init(ref->priv, sband, ista, priv_sta);
62 set_sta_flag(sta, WLAN_STA_RATE_CONTROL); 62 set_sta_flag(sta, WLAN_STA_RATE_CONTROL);
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index 0cb4edee6af5..61c621e9273f 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -60,7 +60,9 @@ static inline int should_drop_frame(struct sk_buff *skb,
60 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb); 60 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
61 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; 61 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
62 62
63 if (status->flag & (RX_FLAG_FAILED_FCS_CRC | RX_FLAG_FAILED_PLCP_CRC)) 63 if (status->flag & (RX_FLAG_FAILED_FCS_CRC |
64 RX_FLAG_FAILED_PLCP_CRC |
65 RX_FLAG_AMPDU_IS_ZEROLEN))
64 return 1; 66 return 1;
65 if (unlikely(skb->len < 16 + present_fcs_len)) 67 if (unlikely(skb->len < 16 + present_fcs_len))
66 return 1; 68 return 1;
@@ -91,10 +93,17 @@ ieee80211_rx_radiotap_len(struct ieee80211_local *local,
91 if (status->flag & RX_FLAG_HT) /* HT info */ 93 if (status->flag & RX_FLAG_HT) /* HT info */
92 len += 3; 94 len += 3;
93 95
96 if (status->flag & RX_FLAG_AMPDU_DETAILS) {
97 /* padding */
98 while (len & 3)
99 len++;
100 len += 8;
101 }
102
94 return len; 103 return len;
95} 104}
96 105
97/** 106/*
98 * ieee80211_add_rx_radiotap_header - add radiotap header 107 * ieee80211_add_rx_radiotap_header - add radiotap header
99 * 108 *
100 * add a radiotap header containing all the fields which the hardware provided. 109 * add a radiotap header containing all the fields which the hardware provided.
@@ -215,6 +224,37 @@ ieee80211_add_rx_radiotap_header(struct ieee80211_local *local,
215 pos++; 224 pos++;
216 *pos++ = status->rate_idx; 225 *pos++ = status->rate_idx;
217 } 226 }
227
228 if (status->flag & RX_FLAG_AMPDU_DETAILS) {
229 u16 flags = 0;
230
231 /* ensure 4 byte alignment */
232 while ((pos - (u8 *)rthdr) & 3)
233 pos++;
234 rthdr->it_present |=
235 cpu_to_le32(1 << IEEE80211_RADIOTAP_AMPDU_STATUS);
236 put_unaligned_le32(status->ampdu_reference, pos);
237 pos += 4;
238 if (status->flag & RX_FLAG_AMPDU_REPORT_ZEROLEN)
239 flags |= IEEE80211_RADIOTAP_AMPDU_REPORT_ZEROLEN;
240 if (status->flag & RX_FLAG_AMPDU_IS_ZEROLEN)
241 flags |= IEEE80211_RADIOTAP_AMPDU_IS_ZEROLEN;
242 if (status->flag & RX_FLAG_AMPDU_LAST_KNOWN)
243 flags |= IEEE80211_RADIOTAP_AMPDU_LAST_KNOWN;
244 if (status->flag & RX_FLAG_AMPDU_IS_LAST)
245 flags |= IEEE80211_RADIOTAP_AMPDU_IS_LAST;
246 if (status->flag & RX_FLAG_AMPDU_DELIM_CRC_ERROR)
247 flags |= IEEE80211_RADIOTAP_AMPDU_DELIM_CRC_ERR;
248 if (status->flag & RX_FLAG_AMPDU_DELIM_CRC_KNOWN)
249 flags |= IEEE80211_RADIOTAP_AMPDU_DELIM_CRC_KNOWN;
250 put_unaligned_le16(flags, pos);
251 pos += 2;
252 if (status->flag & RX_FLAG_AMPDU_DELIM_CRC_KNOWN)
253 *pos++ = status->ampdu_delimiter_crc;
254 else
255 *pos++ = 0;
256 *pos++ = 0;
257 }
218} 258}
219 259
220/* 260/*
@@ -2268,7 +2308,7 @@ ieee80211_rx_h_action(struct ieee80211_rx_data *rx)
2268 2308
2269 goto queue; 2309 goto queue;
2270 case WLAN_CATEGORY_SPECTRUM_MGMT: 2310 case WLAN_CATEGORY_SPECTRUM_MGMT:
2271 if (local->hw.conf.channel->band != IEEE80211_BAND_5GHZ) 2311 if (status->band != IEEE80211_BAND_5GHZ)
2272 break; 2312 break;
2273 2313
2274 if (sdata->vif.type != NL80211_IFTYPE_STATION) 2314 if (sdata->vif.type != NL80211_IFTYPE_STATION)
@@ -2772,8 +2812,7 @@ static int prepare_for_handlers(struct ieee80211_rx_data *rx,
2772 if (!bssid) { 2812 if (!bssid) {
2773 if (!ether_addr_equal(sdata->vif.addr, hdr->addr1)) 2813 if (!ether_addr_equal(sdata->vif.addr, hdr->addr1))
2774 return 0; 2814 return 0;
2775 } else if (!ieee80211_bssid_match(bssid, 2815 } else if (!ieee80211_bssid_match(bssid, sdata->vif.addr)) {
2776 sdata->vif.addr)) {
2777 /* 2816 /*
2778 * Accept public action frames even when the 2817 * Accept public action frames even when the
2779 * BSSID doesn't match, this is used for P2P 2818 * BSSID doesn't match, this is used for P2P
@@ -2793,9 +2832,18 @@ static int prepare_for_handlers(struct ieee80211_rx_data *rx,
2793 if (!ether_addr_equal(sdata->u.wds.remote_addr, hdr->addr2)) 2832 if (!ether_addr_equal(sdata->u.wds.remote_addr, hdr->addr2))
2794 return 0; 2833 return 0;
2795 break; 2834 break;
2835 case NL80211_IFTYPE_P2P_DEVICE:
2836 if (!ieee80211_is_public_action(hdr, skb->len) &&
2837 !ieee80211_is_probe_req(hdr->frame_control) &&
2838 !ieee80211_is_probe_resp(hdr->frame_control) &&
2839 !ieee80211_is_beacon(hdr->frame_control))
2840 return 0;
2841 if (!ether_addr_equal(sdata->vif.addr, hdr->addr1))
2842 status->rx_flags &= ~IEEE80211_RX_RA_MATCH;
2843 break;
2796 default: 2844 default:
2797 /* should never get here */ 2845 /* should never get here */
2798 WARN_ON(1); 2846 WARN_ON_ONCE(1);
2799 break; 2847 break;
2800 } 2848 }
2801 2849
diff --git a/net/mac80211/scan.c b/net/mac80211/scan.c
index 839dd9737989..c4cdbde24fd3 100644
--- a/net/mac80211/scan.c
+++ b/net/mac80211/scan.c
@@ -407,7 +407,7 @@ static void ieee80211_scan_state_send_probe(struct ieee80211_local *local,
407 enum ieee80211_band band = local->hw.conf.channel->band; 407 enum ieee80211_band band = local->hw.conf.channel->band;
408 408
409 sdata = rcu_dereference_protected(local->scan_sdata, 409 sdata = rcu_dereference_protected(local->scan_sdata,
410 lockdep_is_held(&local->mtx));; 410 lockdep_is_held(&local->mtx));
411 411
412 for (i = 0; i < local->scan_req->n_ssids; i++) 412 for (i = 0; i < local->scan_req->n_ssids; i++)
413 ieee80211_send_probe_req( 413 ieee80211_send_probe_req(
@@ -416,7 +416,8 @@ static void ieee80211_scan_state_send_probe(struct ieee80211_local *local,
416 local->scan_req->ssids[i].ssid_len, 416 local->scan_req->ssids[i].ssid_len,
417 local->scan_req->ie, local->scan_req->ie_len, 417 local->scan_req->ie, local->scan_req->ie_len,
418 local->scan_req->rates[band], false, 418 local->scan_req->rates[band], false,
419 local->scan_req->no_cck); 419 local->scan_req->no_cck,
420 local->hw.conf.channel);
420 421
421 /* 422 /*
422 * After sending probe requests, wait for probe responses 423 * After sending probe requests, wait for probe responses
@@ -479,11 +480,10 @@ static int __ieee80211_start_scan(struct ieee80211_sub_if_data *sdata,
479 if (local->ops->hw_scan) { 480 if (local->ops->hw_scan) {
480 __set_bit(SCAN_HW_SCANNING, &local->scanning); 481 __set_bit(SCAN_HW_SCANNING, &local->scanning);
481 } else if ((req->n_channels == 1) && 482 } else if ((req->n_channels == 1) &&
482 (req->channels[0]->center_freq == 483 (req->channels[0] == local->oper_channel)) {
483 local->hw.conf.channel->center_freq)) { 484 /*
484 485 * If we are scanning only on the operating channel
485 /* If we are scanning only on the current channel, then 486 * then we do not need to stop normal activities
486 * we do not need to stop normal activities
487 */ 487 */
488 unsigned long next_delay; 488 unsigned long next_delay;
489 489
@@ -917,6 +917,7 @@ int ieee80211_request_sched_scan_start(struct ieee80211_sub_if_data *sdata,
917 struct cfg80211_sched_scan_request *req) 917 struct cfg80211_sched_scan_request *req)
918{ 918{
919 struct ieee80211_local *local = sdata->local; 919 struct ieee80211_local *local = sdata->local;
920 struct ieee80211_sched_scan_ies sched_scan_ies;
920 int ret, i; 921 int ret, i;
921 922
922 mutex_lock(&local->mtx); 923 mutex_lock(&local->mtx);
@@ -935,33 +936,28 @@ int ieee80211_request_sched_scan_start(struct ieee80211_sub_if_data *sdata,
935 if (!local->hw.wiphy->bands[i]) 936 if (!local->hw.wiphy->bands[i])
936 continue; 937 continue;
937 938
938 local->sched_scan_ies.ie[i] = kzalloc(2 + 939 sched_scan_ies.ie[i] = kzalloc(2 + IEEE80211_MAX_SSID_LEN +
939 IEEE80211_MAX_SSID_LEN + 940 local->scan_ies_len +
940 local->scan_ies_len + 941 req->ie_len,
941 req->ie_len, 942 GFP_KERNEL);
942 GFP_KERNEL); 943 if (!sched_scan_ies.ie[i]) {
943 if (!local->sched_scan_ies.ie[i]) {
944 ret = -ENOMEM; 944 ret = -ENOMEM;
945 goto out_free; 945 goto out_free;
946 } 946 }
947 947
948 local->sched_scan_ies.len[i] = 948 sched_scan_ies.len[i] =
949 ieee80211_build_preq_ies(local, 949 ieee80211_build_preq_ies(local, sched_scan_ies.ie[i],
950 local->sched_scan_ies.ie[i],
951 req->ie, req->ie_len, i, 950 req->ie, req->ie_len, i,
952 (u32) -1, 0); 951 (u32) -1, 0);
953 } 952 }
954 953
955 ret = drv_sched_scan_start(local, sdata, req, 954 ret = drv_sched_scan_start(local, sdata, req, &sched_scan_ies);
956 &local->sched_scan_ies); 955 if (ret == 0)
957 if (ret == 0) {
958 rcu_assign_pointer(local->sched_scan_sdata, sdata); 956 rcu_assign_pointer(local->sched_scan_sdata, sdata);
959 goto out;
960 }
961 957
962out_free: 958out_free:
963 while (i > 0) 959 while (i > 0)
964 kfree(local->sched_scan_ies.ie[--i]); 960 kfree(sched_scan_ies.ie[--i]);
965out: 961out:
966 mutex_unlock(&local->mtx); 962 mutex_unlock(&local->mtx);
967 return ret; 963 return ret;
@@ -970,7 +966,7 @@ out:
970int ieee80211_request_sched_scan_stop(struct ieee80211_sub_if_data *sdata) 966int ieee80211_request_sched_scan_stop(struct ieee80211_sub_if_data *sdata)
971{ 967{
972 struct ieee80211_local *local = sdata->local; 968 struct ieee80211_local *local = sdata->local;
973 int ret = 0, i; 969 int ret = 0;
974 970
975 mutex_lock(&local->mtx); 971 mutex_lock(&local->mtx);
976 972
@@ -979,12 +975,9 @@ int ieee80211_request_sched_scan_stop(struct ieee80211_sub_if_data *sdata)
979 goto out; 975 goto out;
980 } 976 }
981 977
982 if (rcu_access_pointer(local->sched_scan_sdata)) { 978 if (rcu_access_pointer(local->sched_scan_sdata))
983 for (i = 0; i < IEEE80211_NUM_BANDS; i++)
984 kfree(local->sched_scan_ies.ie[i]);
985
986 drv_sched_scan_stop(local, sdata); 979 drv_sched_scan_stop(local, sdata);
987 } 980
988out: 981out:
989 mutex_unlock(&local->mtx); 982 mutex_unlock(&local->mtx);
990 983
@@ -1006,7 +999,6 @@ void ieee80211_sched_scan_stopped_work(struct work_struct *work)
1006 struct ieee80211_local *local = 999 struct ieee80211_local *local =
1007 container_of(work, struct ieee80211_local, 1000 container_of(work, struct ieee80211_local,
1008 sched_scan_stopped_work); 1001 sched_scan_stopped_work);
1009 int i;
1010 1002
1011 mutex_lock(&local->mtx); 1003 mutex_lock(&local->mtx);
1012 1004
@@ -1015,9 +1007,6 @@ void ieee80211_sched_scan_stopped_work(struct work_struct *work)
1015 return; 1007 return;
1016 } 1008 }
1017 1009
1018 for (i = 0; i < IEEE80211_NUM_BANDS; i++)
1019 kfree(local->sched_scan_ies.ie[i]);
1020
1021 rcu_assign_pointer(local->sched_scan_sdata, NULL); 1010 rcu_assign_pointer(local->sched_scan_sdata, NULL);
1022 1011
1023 mutex_unlock(&local->mtx); 1012 mutex_unlock(&local->mtx);
diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c
index 06fa75ceb025..797dd36a220d 100644
--- a/net/mac80211/sta_info.c
+++ b/net/mac80211/sta_info.c
@@ -91,6 +91,70 @@ static int sta_info_hash_del(struct ieee80211_local *local,
91 return -ENOENT; 91 return -ENOENT;
92} 92}
93 93
94static void free_sta_work(struct work_struct *wk)
95{
96 struct sta_info *sta = container_of(wk, struct sta_info, free_sta_wk);
97 int ac, i;
98 struct tid_ampdu_tx *tid_tx;
99 struct ieee80211_sub_if_data *sdata = sta->sdata;
100 struct ieee80211_local *local = sdata->local;
101
102 /*
103 * At this point, when being called as call_rcu callback,
104 * neither mac80211 nor the driver can reference this
105 * sta struct any more except by still existing timers
106 * associated with this station that we clean up below.
107 */
108
109 if (test_sta_flag(sta, WLAN_STA_PS_STA)) {
110 BUG_ON(!sdata->bss);
111
112 clear_sta_flag(sta, WLAN_STA_PS_STA);
113
114 atomic_dec(&sdata->bss->num_sta_ps);
115 sta_info_recalc_tim(sta);
116 }
117
118 for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) {
119 local->total_ps_buffered -= skb_queue_len(&sta->ps_tx_buf[ac]);
120 __skb_queue_purge(&sta->ps_tx_buf[ac]);
121 __skb_queue_purge(&sta->tx_filtered[ac]);
122 }
123
124#ifdef CONFIG_MAC80211_MESH
125 if (ieee80211_vif_is_mesh(&sdata->vif)) {
126 mesh_accept_plinks_update(sdata);
127 mesh_plink_deactivate(sta);
128 del_timer_sync(&sta->plink_timer);
129 }
130#endif
131
132 cancel_work_sync(&sta->drv_unblock_wk);
133
134 /*
135 * Destroy aggregation state here. It would be nice to wait for the
136 * driver to finish aggregation stop and then clean up, but for now
137 * drivers have to handle aggregation stop being requested, followed
138 * directly by station destruction.
139 */
140 for (i = 0; i < STA_TID_NUM; i++) {
141 tid_tx = rcu_dereference_raw(sta->ampdu_mlme.tid_tx[i]);
142 if (!tid_tx)
143 continue;
144 __skb_queue_purge(&tid_tx->pending);
145 kfree(tid_tx);
146 }
147
148 sta_info_free(local, sta);
149}
150
151static void free_sta_rcu(struct rcu_head *h)
152{
153 struct sta_info *sta = container_of(h, struct sta_info, rcu_head);
154
155 ieee80211_queue_work(&sta->local->hw, &sta->free_sta_wk);
156}
157
94/* protected by RCU */ 158/* protected by RCU */
95struct sta_info *sta_info_get(struct ieee80211_sub_if_data *sdata, 159struct sta_info *sta_info_get(struct ieee80211_sub_if_data *sdata,
96 const u8 *addr) 160 const u8 *addr)
@@ -241,6 +305,7 @@ struct sta_info *sta_info_alloc(struct ieee80211_sub_if_data *sdata,
241 305
242 spin_lock_init(&sta->lock); 306 spin_lock_init(&sta->lock);
243 INIT_WORK(&sta->drv_unblock_wk, sta_unblock); 307 INIT_WORK(&sta->drv_unblock_wk, sta_unblock);
308 INIT_WORK(&sta->free_sta_wk, free_sta_work);
244 INIT_WORK(&sta->ampdu_mlme.work, ieee80211_ba_session_work); 309 INIT_WORK(&sta->ampdu_mlme.work, ieee80211_ba_session_work);
245 mutex_init(&sta->ampdu_mlme.mtx); 310 mutex_init(&sta->ampdu_mlme.mtx);
246 311
@@ -654,8 +719,7 @@ int __must_check __sta_info_destroy(struct sta_info *sta)
654{ 719{
655 struct ieee80211_local *local; 720 struct ieee80211_local *local;
656 struct ieee80211_sub_if_data *sdata; 721 struct ieee80211_sub_if_data *sdata;
657 int ret, i, ac; 722 int ret, i;
658 struct tid_ampdu_tx *tid_tx;
659 723
660 might_sleep(); 724 might_sleep();
661 725
@@ -674,7 +738,7 @@ int __must_check __sta_info_destroy(struct sta_info *sta)
674 * will be sufficient. 738 * will be sufficient.
675 */ 739 */
676 set_sta_flag(sta, WLAN_STA_BLOCK_BA); 740 set_sta_flag(sta, WLAN_STA_BLOCK_BA);
677 ieee80211_sta_tear_down_BA_sessions(sta, true); 741 ieee80211_sta_tear_down_BA_sessions(sta, false);
678 742
679 ret = sta_info_hash_del(local, sta); 743 ret = sta_info_hash_del(local, sta);
680 if (ret) 744 if (ret)
@@ -711,65 +775,14 @@ int __must_check __sta_info_destroy(struct sta_info *sta)
711 WARN_ON_ONCE(ret != 0); 775 WARN_ON_ONCE(ret != 0);
712 } 776 }
713 777
714 /*
715 * At this point, after we wait for an RCU grace period,
716 * neither mac80211 nor the driver can reference this
717 * sta struct any more except by still existing timers
718 * associated with this station that we clean up below.
719 */
720 synchronize_rcu();
721
722 if (test_sta_flag(sta, WLAN_STA_PS_STA)) {
723 BUG_ON(!sdata->bss);
724
725 clear_sta_flag(sta, WLAN_STA_PS_STA);
726
727 atomic_dec(&sdata->bss->num_sta_ps);
728 sta_info_recalc_tim(sta);
729 }
730
731 for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) {
732 local->total_ps_buffered -= skb_queue_len(&sta->ps_tx_buf[ac]);
733 __skb_queue_purge(&sta->ps_tx_buf[ac]);
734 __skb_queue_purge(&sta->tx_filtered[ac]);
735 }
736
737#ifdef CONFIG_MAC80211_MESH
738 if (ieee80211_vif_is_mesh(&sdata->vif))
739 mesh_accept_plinks_update(sdata);
740#endif
741
742 sta_dbg(sdata, "Removed STA %pM\n", sta->sta.addr); 778 sta_dbg(sdata, "Removed STA %pM\n", sta->sta.addr);
743 779
744 cancel_work_sync(&sta->drv_unblock_wk);
745
746 cfg80211_del_sta(sdata->dev, sta->sta.addr, GFP_KERNEL); 780 cfg80211_del_sta(sdata->dev, sta->sta.addr, GFP_KERNEL);
747 781
748 rate_control_remove_sta_debugfs(sta); 782 rate_control_remove_sta_debugfs(sta);
749 ieee80211_sta_debugfs_remove(sta); 783 ieee80211_sta_debugfs_remove(sta);
750 784
751#ifdef CONFIG_MAC80211_MESH 785 call_rcu(&sta->rcu_head, free_sta_rcu);
752 if (ieee80211_vif_is_mesh(&sta->sdata->vif)) {
753 mesh_plink_deactivate(sta);
754 del_timer_sync(&sta->plink_timer);
755 }
756#endif
757
758 /*
759 * Destroy aggregation state here. It would be nice to wait for the
760 * driver to finish aggregation stop and then clean up, but for now
761 * drivers have to handle aggregation stop being requested, followed
762 * directly by station destruction.
763 */
764 for (i = 0; i < STA_TID_NUM; i++) {
765 tid_tx = rcu_dereference_raw(sta->ampdu_mlme.tid_tx[i]);
766 if (!tid_tx)
767 continue;
768 __skb_queue_purge(&tid_tx->pending);
769 kfree(tid_tx);
770 }
771
772 sta_info_free(local, sta);
773 786
774 return 0; 787 return 0;
775} 788}
diff --git a/net/mac80211/sta_info.h b/net/mac80211/sta_info.h
index a470e1123a55..c88f161f8118 100644
--- a/net/mac80211/sta_info.h
+++ b/net/mac80211/sta_info.h
@@ -287,6 +287,7 @@ struct sta_ampdu_mlme {
287struct sta_info { 287struct sta_info {
288 /* General information, mostly static */ 288 /* General information, mostly static */
289 struct list_head list; 289 struct list_head list;
290 struct rcu_head rcu_head;
290 struct sta_info __rcu *hnext; 291 struct sta_info __rcu *hnext;
291 struct ieee80211_local *local; 292 struct ieee80211_local *local;
292 struct ieee80211_sub_if_data *sdata; 293 struct ieee80211_sub_if_data *sdata;
@@ -297,6 +298,7 @@ struct sta_info {
297 spinlock_t lock; 298 spinlock_t lock;
298 299
299 struct work_struct drv_unblock_wk; 300 struct work_struct drv_unblock_wk;
301 struct work_struct free_sta_wk;
300 302
301 u16 listen_interval; 303 u16 listen_interval;
302 304
diff --git a/net/mac80211/status.c b/net/mac80211/status.c
index 8cd72914cdaf..2ce89732d0f2 100644
--- a/net/mac80211/status.c
+++ b/net/mac80211/status.c
@@ -517,21 +517,41 @@ void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb)
517 517
518 if (info->flags & IEEE80211_TX_INTFL_NL80211_FRAME_TX) { 518 if (info->flags & IEEE80211_TX_INTFL_NL80211_FRAME_TX) {
519 u64 cookie = (unsigned long)skb; 519 u64 cookie = (unsigned long)skb;
520 bool found = false;
521
520 acked = info->flags & IEEE80211_TX_STAT_ACK; 522 acked = info->flags & IEEE80211_TX_STAT_ACK;
521 523
522 /* 524 rcu_read_lock();
523 * TODO: When we have non-netdev frame TX, 525
524 * we cannot use skb->dev->ieee80211_ptr 526 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
525 */ 527 if (!sdata->dev)
528 continue;
529
530 if (skb->dev != sdata->dev)
531 continue;
526 532
527 if (ieee80211_is_nullfunc(hdr->frame_control) || 533 found = true;
528 ieee80211_is_qos_nullfunc(hdr->frame_control)) 534 break;
529 cfg80211_probe_status(skb->dev, hdr->addr1, 535 }
536
537 if (!skb->dev) {
538 sdata = rcu_dereference(local->p2p_sdata);
539 if (sdata)
540 found = true;
541 }
542
543 if (!found)
544 skb->dev = NULL;
545 else if (ieee80211_is_nullfunc(hdr->frame_control) ||
546 ieee80211_is_qos_nullfunc(hdr->frame_control)) {
547 cfg80211_probe_status(sdata->dev, hdr->addr1,
530 cookie, acked, GFP_ATOMIC); 548 cookie, acked, GFP_ATOMIC);
531 else 549 } else {
532 cfg80211_mgmt_tx_status( 550 cfg80211_mgmt_tx_status(&sdata->wdev, cookie, skb->data,
533 skb->dev->ieee80211_ptr, cookie, skb->data, 551 skb->len, acked, GFP_ATOMIC);
534 skb->len, acked, GFP_ATOMIC); 552 }
553
554 rcu_read_unlock();
535 } 555 }
536 556
537 if (unlikely(info->ack_frame_id)) { 557 if (unlikely(info->ack_frame_id)) {
diff --git a/net/mac80211/trace.h b/net/mac80211/trace.h
index c6d33b55b2df..18d9c8a52e9e 100644
--- a/net/mac80211/trace.h
+++ b/net/mac80211/trace.h
@@ -24,7 +24,7 @@
24 __string(vif_name, sdata->dev ? sdata->dev->name : "<nodev>") 24 __string(vif_name, sdata->dev ? sdata->dev->name : "<nodev>")
25#define VIF_ASSIGN __entry->vif_type = sdata->vif.type; __entry->sdata = sdata; \ 25#define VIF_ASSIGN __entry->vif_type = sdata->vif.type; __entry->sdata = sdata; \
26 __entry->p2p = sdata->vif.p2p; \ 26 __entry->p2p = sdata->vif.p2p; \
27 __assign_str(vif_name, sdata->dev ? sdata->dev->name : "<nodev>") 27 __assign_str(vif_name, sdata->dev ? sdata->dev->name : sdata->name)
28#define VIF_PR_FMT " vif:%s(%d%s)" 28#define VIF_PR_FMT " vif:%s(%d%s)"
29#define VIF_PR_ARG __get_str(vif_name), __entry->vif_type, __entry->p2p ? "/p2p" : "" 29#define VIF_PR_ARG __get_str(vif_name), __entry->vif_type, __entry->p2p ? "/p2p" : ""
30 30
@@ -274,9 +274,12 @@ TRACE_EVENT(drv_config,
274 __entry->dynamic_ps_timeout = local->hw.conf.dynamic_ps_timeout; 274 __entry->dynamic_ps_timeout = local->hw.conf.dynamic_ps_timeout;
275 __entry->max_sleep_period = local->hw.conf.max_sleep_period; 275 __entry->max_sleep_period = local->hw.conf.max_sleep_period;
276 __entry->listen_interval = local->hw.conf.listen_interval; 276 __entry->listen_interval = local->hw.conf.listen_interval;
277 __entry->long_frame_max_tx_count = local->hw.conf.long_frame_max_tx_count; 277 __entry->long_frame_max_tx_count =
278 __entry->short_frame_max_tx_count = local->hw.conf.short_frame_max_tx_count; 278 local->hw.conf.long_frame_max_tx_count;
279 __entry->center_freq = local->hw.conf.channel->center_freq; 279 __entry->short_frame_max_tx_count =
280 local->hw.conf.short_frame_max_tx_count;
281 __entry->center_freq = local->hw.conf.channel ?
282 local->hw.conf.channel->center_freq : 0;
280 __entry->channel_type = local->hw.conf.channel_type; 283 __entry->channel_type = local->hw.conf.channel_type;
281 __entry->smps = local->hw.conf.smps_mode; 284 __entry->smps = local->hw.conf.smps_mode;
282 ), 285 ),
diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c
index c5e8c9c31f76..e0e0d1d0e830 100644
--- a/net/mac80211/tx.c
+++ b/net/mac80211/tx.c
@@ -55,7 +55,7 @@ static __le16 ieee80211_duration(struct ieee80211_tx_data *tx,
55 if (WARN_ON_ONCE(info->control.rates[0].idx < 0)) 55 if (WARN_ON_ONCE(info->control.rates[0].idx < 0))
56 return 0; 56 return 0;
57 57
58 sband = local->hw.wiphy->bands[tx->channel->band]; 58 sband = local->hw.wiphy->bands[info->band];
59 txrate = &sband->bitrates[info->control.rates[0].idx]; 59 txrate = &sband->bitrates[info->control.rates[0].idx];
60 60
61 erp = txrate->flags & IEEE80211_RATE_ERP_G; 61 erp = txrate->flags & IEEE80211_RATE_ERP_G;
@@ -580,7 +580,7 @@ ieee80211_tx_h_select_key(struct ieee80211_tx_data *tx)
580 tx->key = NULL; 580 tx->key = NULL;
581 else 581 else
582 skip_hw = (tx->key->conf.flags & 582 skip_hw = (tx->key->conf.flags &
583 IEEE80211_KEY_FLAG_SW_MGMT) && 583 IEEE80211_KEY_FLAG_SW_MGMT_TX) &&
584 ieee80211_is_mgmt(hdr->frame_control); 584 ieee80211_is_mgmt(hdr->frame_control);
585 break; 585 break;
586 case WLAN_CIPHER_SUITE_AES_CMAC: 586 case WLAN_CIPHER_SUITE_AES_CMAC:
@@ -615,7 +615,7 @@ ieee80211_tx_h_rate_ctrl(struct ieee80211_tx_data *tx)
615 615
616 memset(&txrc, 0, sizeof(txrc)); 616 memset(&txrc, 0, sizeof(txrc));
617 617
618 sband = tx->local->hw.wiphy->bands[tx->channel->band]; 618 sband = tx->local->hw.wiphy->bands[info->band];
619 619
620 len = min_t(u32, tx->skb->len + FCS_LEN, 620 len = min_t(u32, tx->skb->len + FCS_LEN,
621 tx->local->hw.wiphy->frag_threshold); 621 tx->local->hw.wiphy->frag_threshold);
@@ -626,13 +626,13 @@ ieee80211_tx_h_rate_ctrl(struct ieee80211_tx_data *tx)
626 txrc.bss_conf = &tx->sdata->vif.bss_conf; 626 txrc.bss_conf = &tx->sdata->vif.bss_conf;
627 txrc.skb = tx->skb; 627 txrc.skb = tx->skb;
628 txrc.reported_rate.idx = -1; 628 txrc.reported_rate.idx = -1;
629 txrc.rate_idx_mask = tx->sdata->rc_rateidx_mask[tx->channel->band]; 629 txrc.rate_idx_mask = tx->sdata->rc_rateidx_mask[info->band];
630 if (txrc.rate_idx_mask == (1 << sband->n_bitrates) - 1) 630 if (txrc.rate_idx_mask == (1 << sband->n_bitrates) - 1)
631 txrc.max_rate_idx = -1; 631 txrc.max_rate_idx = -1;
632 else 632 else
633 txrc.max_rate_idx = fls(txrc.rate_idx_mask) - 1; 633 txrc.max_rate_idx = fls(txrc.rate_idx_mask) - 1;
634 memcpy(txrc.rate_idx_mcs_mask, 634 memcpy(txrc.rate_idx_mcs_mask,
635 tx->sdata->rc_rateidx_mcs_mask[tx->channel->band], 635 tx->sdata->rc_rateidx_mcs_mask[info->band],
636 sizeof(txrc.rate_idx_mcs_mask)); 636 sizeof(txrc.rate_idx_mcs_mask));
637 txrc.bss = (tx->sdata->vif.type == NL80211_IFTYPE_AP || 637 txrc.bss = (tx->sdata->vif.type == NL80211_IFTYPE_AP ||
638 tx->sdata->vif.type == NL80211_IFTYPE_MESH_POINT || 638 tx->sdata->vif.type == NL80211_IFTYPE_MESH_POINT ||
@@ -667,7 +667,7 @@ ieee80211_tx_h_rate_ctrl(struct ieee80211_tx_data *tx)
667 "scanning and associated. Target station: " 667 "scanning and associated. Target station: "
668 "%pM on %d GHz band\n", 668 "%pM on %d GHz band\n",
669 tx->sdata->name, hdr->addr1, 669 tx->sdata->name, hdr->addr1,
670 tx->channel->band ? 5 : 2)) 670 info->band ? 5 : 2))
671 return TX_DROP; 671 return TX_DROP;
672 672
673 /* 673 /*
@@ -1131,7 +1131,6 @@ ieee80211_tx_prepare(struct ieee80211_sub_if_data *sdata,
1131 tx->skb = skb; 1131 tx->skb = skb;
1132 tx->local = local; 1132 tx->local = local;
1133 tx->sdata = sdata; 1133 tx->sdata = sdata;
1134 tx->channel = local->hw.conf.channel;
1135 __skb_queue_head_init(&tx->skbs); 1134 __skb_queue_head_init(&tx->skbs);
1136 1135
1137 /* 1136 /*
@@ -1204,6 +1203,7 @@ static bool ieee80211_tx_frags(struct ieee80211_local *local,
1204 struct sk_buff_head *skbs, 1203 struct sk_buff_head *skbs,
1205 bool txpending) 1204 bool txpending)
1206{ 1205{
1206 struct ieee80211_tx_control control;
1207 struct sk_buff *skb, *tmp; 1207 struct sk_buff *skb, *tmp;
1208 unsigned long flags; 1208 unsigned long flags;
1209 1209
@@ -1240,10 +1240,10 @@ static bool ieee80211_tx_frags(struct ieee80211_local *local,
1240 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags); 1240 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags);
1241 1241
1242 info->control.vif = vif; 1242 info->control.vif = vif;
1243 info->control.sta = sta; 1243 control.sta = sta;
1244 1244
1245 __skb_unlink(skb, skbs); 1245 __skb_unlink(skb, skbs);
1246 drv_tx(local, skb); 1246 drv_tx(local, &control, skb);
1247 } 1247 }
1248 1248
1249 return true; 1249 return true;
@@ -1399,8 +1399,7 @@ static bool ieee80211_tx(struct ieee80211_sub_if_data *sdata,
1399 goto out; 1399 goto out;
1400 } 1400 }
1401 1401
1402 tx.channel = local->hw.conf.channel; 1402 info->band = local->hw.conf.channel->band;
1403 info->band = tx.channel->band;
1404 1403
1405 /* set up hw_queue value early */ 1404 /* set up hw_queue value early */
1406 if (!(info->flags & IEEE80211_TX_CTL_TX_OFFCHAN) || 1405 if (!(info->flags & IEEE80211_TX_CTL_TX_OFFCHAN) ||
@@ -1720,7 +1719,7 @@ netdev_tx_t ieee80211_subif_start_xmit(struct sk_buff *skb,
1720 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 1719 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1721 struct ieee80211_local *local = sdata->local; 1720 struct ieee80211_local *local = sdata->local;
1722 struct ieee80211_tx_info *info; 1721 struct ieee80211_tx_info *info;
1723 int ret = NETDEV_TX_BUSY, head_need; 1722 int head_need;
1724 u16 ethertype, hdrlen, meshhdrlen = 0; 1723 u16 ethertype, hdrlen, meshhdrlen = 0;
1725 __le16 fc; 1724 __le16 fc;
1726 struct ieee80211_hdr hdr; 1725 struct ieee80211_hdr hdr;
@@ -1736,10 +1735,8 @@ netdev_tx_t ieee80211_subif_start_xmit(struct sk_buff *skb,
1736 u32 info_flags = 0; 1735 u32 info_flags = 0;
1737 u16 info_id = 0; 1736 u16 info_id = 0;
1738 1737
1739 if (unlikely(skb->len < ETH_HLEN)) { 1738 if (unlikely(skb->len < ETH_HLEN))
1740 ret = NETDEV_TX_OK;
1741 goto fail; 1739 goto fail;
1742 }
1743 1740
1744 /* convert Ethernet header to proper 802.11 header (based on 1741 /* convert Ethernet header to proper 802.11 header (based on
1745 * operation mode) */ 1742 * operation mode) */
@@ -1787,7 +1784,6 @@ netdev_tx_t ieee80211_subif_start_xmit(struct sk_buff *skb,
1787 if (!sdata->u.mesh.mshcfg.dot11MeshTTL) { 1784 if (!sdata->u.mesh.mshcfg.dot11MeshTTL) {
1788 /* Do not send frames with mesh_ttl == 0 */ 1785 /* Do not send frames with mesh_ttl == 0 */
1789 sdata->u.mesh.mshstats.dropped_frames_ttl++; 1786 sdata->u.mesh.mshstats.dropped_frames_ttl++;
1790 ret = NETDEV_TX_OK;
1791 goto fail; 1787 goto fail;
1792 } 1788 }
1793 rcu_read_lock(); 1789 rcu_read_lock();
@@ -1874,10 +1870,8 @@ netdev_tx_t ieee80211_subif_start_xmit(struct sk_buff *skb,
1874 1870
1875 if (tdls_direct) { 1871 if (tdls_direct) {
1876 /* link during setup - throw out frames to peer */ 1872 /* link during setup - throw out frames to peer */
1877 if (!tdls_auth) { 1873 if (!tdls_auth)
1878 ret = NETDEV_TX_OK;
1879 goto fail; 1874 goto fail;
1880 }
1881 1875
1882 /* DA SA BSSID */ 1876 /* DA SA BSSID */
1883 memcpy(hdr.addr1, skb->data, ETH_ALEN); 1877 memcpy(hdr.addr1, skb->data, ETH_ALEN);
@@ -1911,7 +1905,6 @@ netdev_tx_t ieee80211_subif_start_xmit(struct sk_buff *skb,
1911 hdrlen = 24; 1905 hdrlen = 24;
1912 break; 1906 break;
1913 default: 1907 default:
1914 ret = NETDEV_TX_OK;
1915 goto fail; 1908 goto fail;
1916 } 1909 }
1917 1910
@@ -1956,7 +1949,6 @@ netdev_tx_t ieee80211_subif_start_xmit(struct sk_buff *skb,
1956 1949
1957 I802_DEBUG_INC(local->tx_handlers_drop_unauth_port); 1950 I802_DEBUG_INC(local->tx_handlers_drop_unauth_port);
1958 1951
1959 ret = NETDEV_TX_OK;
1960 goto fail; 1952 goto fail;
1961 } 1953 }
1962 1954
@@ -2011,10 +2003,8 @@ netdev_tx_t ieee80211_subif_start_xmit(struct sk_buff *skb,
2011 skb = skb_clone(skb, GFP_ATOMIC); 2003 skb = skb_clone(skb, GFP_ATOMIC);
2012 kfree_skb(tmp_skb); 2004 kfree_skb(tmp_skb);
2013 2005
2014 if (!skb) { 2006 if (!skb)
2015 ret = NETDEV_TX_OK;
2016 goto fail; 2007 goto fail;
2017 }
2018 } 2008 }
2019 2009
2020 hdr.frame_control = fc; 2010 hdr.frame_control = fc;
@@ -2117,10 +2107,8 @@ netdev_tx_t ieee80211_subif_start_xmit(struct sk_buff *skb,
2117 return NETDEV_TX_OK; 2107 return NETDEV_TX_OK;
2118 2108
2119 fail: 2109 fail:
2120 if (ret == NETDEV_TX_OK) 2110 dev_kfree_skb(skb);
2121 dev_kfree_skb(skb); 2111 return NETDEV_TX_OK;
2122
2123 return ret;
2124} 2112}
2125 2113
2126 2114
@@ -2295,12 +2283,9 @@ struct sk_buff *ieee80211_beacon_get_tim(struct ieee80211_hw *hw,
2295 struct ieee80211_sub_if_data *sdata = NULL; 2283 struct ieee80211_sub_if_data *sdata = NULL;
2296 struct ieee80211_if_ap *ap = NULL; 2284 struct ieee80211_if_ap *ap = NULL;
2297 struct beacon_data *beacon; 2285 struct beacon_data *beacon;
2298 struct ieee80211_supported_band *sband; 2286 enum ieee80211_band band = local->oper_channel->band;
2299 enum ieee80211_band band = local->hw.conf.channel->band;
2300 struct ieee80211_tx_rate_control txrc; 2287 struct ieee80211_tx_rate_control txrc;
2301 2288
2302 sband = local->hw.wiphy->bands[band];
2303
2304 rcu_read_lock(); 2289 rcu_read_lock();
2305 2290
2306 sdata = vif_to_sdata(vif); 2291 sdata = vif_to_sdata(vif);
@@ -2410,7 +2395,7 @@ struct sk_buff *ieee80211_beacon_get_tim(struct ieee80211_hw *hw,
2410 memset(mgmt, 0, hdr_len); 2395 memset(mgmt, 0, hdr_len);
2411 mgmt->frame_control = 2396 mgmt->frame_control =
2412 cpu_to_le16(IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_BEACON); 2397 cpu_to_le16(IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_BEACON);
2413 memset(mgmt->da, 0xff, ETH_ALEN); 2398 eth_broadcast_addr(mgmt->da);
2414 memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN); 2399 memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN);
2415 memcpy(mgmt->bssid, sdata->vif.addr, ETH_ALEN); 2400 memcpy(mgmt->bssid, sdata->vif.addr, ETH_ALEN);
2416 mgmt->u.beacon.beacon_int = 2401 mgmt->u.beacon.beacon_int =
@@ -2422,9 +2407,9 @@ struct sk_buff *ieee80211_beacon_get_tim(struct ieee80211_hw *hw,
2422 *pos++ = WLAN_EID_SSID; 2407 *pos++ = WLAN_EID_SSID;
2423 *pos++ = 0x0; 2408 *pos++ = 0x0;
2424 2409
2425 if (ieee80211_add_srates_ie(sdata, skb, true) || 2410 if (ieee80211_add_srates_ie(sdata, skb, true, band) ||
2426 mesh_add_ds_params_ie(skb, sdata) || 2411 mesh_add_ds_params_ie(skb, sdata) ||
2427 ieee80211_add_ext_srates_ie(sdata, skb, true) || 2412 ieee80211_add_ext_srates_ie(sdata, skb, true, band) ||
2428 mesh_add_rsn_ie(skb, sdata) || 2413 mesh_add_rsn_ie(skb, sdata) ||
2429 mesh_add_ht_cap_ie(skb, sdata) || 2414 mesh_add_ht_cap_ie(skb, sdata) ||
2430 mesh_add_ht_oper_ie(skb, sdata) || 2415 mesh_add_ht_oper_ie(skb, sdata) ||
@@ -2447,12 +2432,12 @@ struct sk_buff *ieee80211_beacon_get_tim(struct ieee80211_hw *hw,
2447 2432
2448 memset(&txrc, 0, sizeof(txrc)); 2433 memset(&txrc, 0, sizeof(txrc));
2449 txrc.hw = hw; 2434 txrc.hw = hw;
2450 txrc.sband = sband; 2435 txrc.sband = local->hw.wiphy->bands[band];
2451 txrc.bss_conf = &sdata->vif.bss_conf; 2436 txrc.bss_conf = &sdata->vif.bss_conf;
2452 txrc.skb = skb; 2437 txrc.skb = skb;
2453 txrc.reported_rate.idx = -1; 2438 txrc.reported_rate.idx = -1;
2454 txrc.rate_idx_mask = sdata->rc_rateidx_mask[band]; 2439 txrc.rate_idx_mask = sdata->rc_rateidx_mask[band];
2455 if (txrc.rate_idx_mask == (1 << sband->n_bitrates) - 1) 2440 if (txrc.rate_idx_mask == (1 << txrc.sband->n_bitrates) - 1)
2456 txrc.max_rate_idx = -1; 2441 txrc.max_rate_idx = -1;
2457 else 2442 else
2458 txrc.max_rate_idx = fls(txrc.rate_idx_mask) - 1; 2443 txrc.max_rate_idx = fls(txrc.rate_idx_mask) - 1;
@@ -2476,7 +2461,8 @@ struct sk_buff *ieee80211_proberesp_get(struct ieee80211_hw *hw,
2476 struct ieee80211_vif *vif) 2461 struct ieee80211_vif *vif)
2477{ 2462{
2478 struct ieee80211_if_ap *ap = NULL; 2463 struct ieee80211_if_ap *ap = NULL;
2479 struct sk_buff *presp = NULL, *skb = NULL; 2464 struct sk_buff *skb = NULL;
2465 struct probe_resp *presp = NULL;
2480 struct ieee80211_hdr *hdr; 2466 struct ieee80211_hdr *hdr;
2481 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 2467 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
2482 2468
@@ -2490,10 +2476,12 @@ struct sk_buff *ieee80211_proberesp_get(struct ieee80211_hw *hw,
2490 if (!presp) 2476 if (!presp)
2491 goto out; 2477 goto out;
2492 2478
2493 skb = skb_copy(presp, GFP_ATOMIC); 2479 skb = dev_alloc_skb(presp->len);
2494 if (!skb) 2480 if (!skb)
2495 goto out; 2481 goto out;
2496 2482
2483 memcpy(skb_put(skb, presp->len), presp->data, presp->len);
2484
2497 hdr = (struct ieee80211_hdr *) skb->data; 2485 hdr = (struct ieee80211_hdr *) skb->data;
2498 memset(hdr->addr1, 0, sizeof(hdr->addr1)); 2486 memset(hdr->addr1, 0, sizeof(hdr->addr1));
2499 2487
@@ -2604,9 +2592,9 @@ struct sk_buff *ieee80211_probereq_get(struct ieee80211_hw *hw,
2604 memset(hdr, 0, sizeof(*hdr)); 2592 memset(hdr, 0, sizeof(*hdr));
2605 hdr->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 2593 hdr->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
2606 IEEE80211_STYPE_PROBE_REQ); 2594 IEEE80211_STYPE_PROBE_REQ);
2607 memset(hdr->addr1, 0xff, ETH_ALEN); 2595 eth_broadcast_addr(hdr->addr1);
2608 memcpy(hdr->addr2, vif->addr, ETH_ALEN); 2596 memcpy(hdr->addr2, vif->addr, ETH_ALEN);
2609 memset(hdr->addr3, 0xff, ETH_ALEN); 2597 eth_broadcast_addr(hdr->addr3);
2610 2598
2611 pos = skb_put(skb, ie_ssid_len); 2599 pos = skb_put(skb, ie_ssid_len);
2612 *pos++ = WLAN_EID_SSID; 2600 *pos++ = WLAN_EID_SSID;
@@ -2703,8 +2691,7 @@ ieee80211_get_buffered_bc(struct ieee80211_hw *hw,
2703 info = IEEE80211_SKB_CB(skb); 2691 info = IEEE80211_SKB_CB(skb);
2704 2692
2705 tx.flags |= IEEE80211_TX_PS_BUFFERED; 2693 tx.flags |= IEEE80211_TX_PS_BUFFERED;
2706 tx.channel = local->hw.conf.channel; 2694 info->band = local->oper_channel->band;
2707 info->band = tx.channel->band;
2708 2695
2709 if (invoke_tx_handlers(&tx)) 2696 if (invoke_tx_handlers(&tx))
2710 skb = NULL; 2697 skb = NULL;
diff --git a/net/mac80211/util.c b/net/mac80211/util.c
index 39b82fee4904..22ca35054dd0 100644
--- a/net/mac80211/util.c
+++ b/net/mac80211/util.c
@@ -276,6 +276,9 @@ void ieee80211_propagate_queue_wake(struct ieee80211_local *local, int queue)
276 list_for_each_entry_rcu(sdata, &local->interfaces, list) { 276 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
277 int ac; 277 int ac;
278 278
279 if (!sdata->dev)
280 continue;
281
279 if (test_bit(SDATA_STATE_OFFCHANNEL, &sdata->state)) 282 if (test_bit(SDATA_STATE_OFFCHANNEL, &sdata->state))
280 continue; 283 continue;
281 284
@@ -364,6 +367,9 @@ static void __ieee80211_stop_queue(struct ieee80211_hw *hw, int queue,
364 list_for_each_entry_rcu(sdata, &local->interfaces, list) { 367 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
365 int ac; 368 int ac;
366 369
370 if (!sdata->dev)
371 continue;
372
367 for (ac = 0; ac < n_acs; ac++) { 373 for (ac = 0; ac < n_acs; ac++) {
368 if (sdata->vif.hw_queue[ac] == queue || 374 if (sdata->vif.hw_queue[ac] == queue ||
369 sdata->vif.cab_queue == queue) 375 sdata->vif.cab_queue == queue)
@@ -768,8 +774,11 @@ u32 ieee802_11_parse_elems_crc(u8 *start, size_t len,
768 elem_parse_failed = true; 774 elem_parse_failed = true;
769 break; 775 break;
770 case WLAN_EID_CHANNEL_SWITCH: 776 case WLAN_EID_CHANNEL_SWITCH:
771 elems->ch_switch_elem = pos; 777 if (elen != sizeof(struct ieee80211_channel_sw_ie)) {
772 elems->ch_switch_elem_len = elen; 778 elem_parse_failed = true;
779 break;
780 }
781 elems->ch_switch_ie = (void *)pos;
773 break; 782 break;
774 case WLAN_EID_QUIET: 783 case WLAN_EID_QUIET:
775 if (!elems->quiet_elem) { 784 if (!elems->quiet_elem) {
@@ -783,8 +792,11 @@ u32 ieee802_11_parse_elems_crc(u8 *start, size_t len,
783 elems->country_elem_len = elen; 792 elems->country_elem_len = elen;
784 break; 793 break;
785 case WLAN_EID_PWR_CONSTRAINT: 794 case WLAN_EID_PWR_CONSTRAINT:
795 if (elen != 1) {
796 elem_parse_failed = true;
797 break;
798 }
786 elems->pwr_constr_elem = pos; 799 elems->pwr_constr_elem = pos;
787 elems->pwr_constr_elem_len = elen;
788 break; 800 break;
789 case WLAN_EID_TIMEOUT_INTERVAL: 801 case WLAN_EID_TIMEOUT_INTERVAL:
790 elems->timeout_int = pos; 802 elems->timeout_int = pos;
@@ -832,7 +844,7 @@ void ieee80211_set_wmm_default(struct ieee80211_sub_if_data *sdata,
832 844
833 memset(&qparam, 0, sizeof(qparam)); 845 memset(&qparam, 0, sizeof(qparam));
834 846
835 use_11b = (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ) && 847 use_11b = (local->oper_channel->band == IEEE80211_BAND_2GHZ) &&
836 !(sdata->flags & IEEE80211_SDATA_OPERATING_GMODE); 848 !(sdata->flags & IEEE80211_SDATA_OPERATING_GMODE);
837 849
838 /* 850 /*
@@ -899,7 +911,8 @@ void ieee80211_set_wmm_default(struct ieee80211_sub_if_data *sdata,
899 drv_conf_tx(local, sdata, ac, &qparam); 911 drv_conf_tx(local, sdata, ac, &qparam);
900 } 912 }
901 913
902 if (sdata->vif.type != NL80211_IFTYPE_MONITOR) { 914 if (sdata->vif.type != NL80211_IFTYPE_MONITOR &&
915 sdata->vif.type != NL80211_IFTYPE_P2P_DEVICE) {
903 sdata->vif.bss_conf.qos = enable_qos; 916 sdata->vif.bss_conf.qos = enable_qos;
904 if (bss_notify) 917 if (bss_notify)
905 ieee80211_bss_info_change_notify(sdata, 918 ieee80211_bss_info_change_notify(sdata,
@@ -919,7 +932,7 @@ void ieee80211_sta_def_wmm_params(struct ieee80211_sub_if_data *sdata,
919 if ((supp_rates[i] & 0x7f) * 5 > 110) 932 if ((supp_rates[i] & 0x7f) * 5 > 110)
920 have_higher_than_11mbit = 1; 933 have_higher_than_11mbit = 1;
921 934
922 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ && 935 if (local->oper_channel->band == IEEE80211_BAND_2GHZ &&
923 have_higher_than_11mbit) 936 have_higher_than_11mbit)
924 sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE; 937 sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE;
925 else 938 else
@@ -994,6 +1007,45 @@ void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata,
994 ieee80211_tx_skb(sdata, skb); 1007 ieee80211_tx_skb(sdata, skb);
995} 1008}
996 1009
1010void ieee80211_send_deauth_disassoc(struct ieee80211_sub_if_data *sdata,
1011 const u8 *bssid, u16 stype, u16 reason,
1012 bool send_frame, u8 *frame_buf)
1013{
1014 struct ieee80211_local *local = sdata->local;
1015 struct sk_buff *skb;
1016 struct ieee80211_mgmt *mgmt = (void *)frame_buf;
1017
1018 /* build frame */
1019 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | stype);
1020 mgmt->duration = 0; /* initialize only */
1021 mgmt->seq_ctrl = 0; /* initialize only */
1022 memcpy(mgmt->da, bssid, ETH_ALEN);
1023 memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN);
1024 memcpy(mgmt->bssid, bssid, ETH_ALEN);
1025 /* u.deauth.reason_code == u.disassoc.reason_code */
1026 mgmt->u.deauth.reason_code = cpu_to_le16(reason);
1027
1028 if (send_frame) {
1029 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
1030 IEEE80211_DEAUTH_FRAME_LEN);
1031 if (!skb)
1032 return;
1033
1034 skb_reserve(skb, local->hw.extra_tx_headroom);
1035
1036 /* copy in frame */
1037 memcpy(skb_put(skb, IEEE80211_DEAUTH_FRAME_LEN),
1038 mgmt, IEEE80211_DEAUTH_FRAME_LEN);
1039
1040 if (sdata->vif.type != NL80211_IFTYPE_STATION ||
1041 !(sdata->u.mgd.flags & IEEE80211_STA_MFP_ENABLED))
1042 IEEE80211_SKB_CB(skb)->flags |=
1043 IEEE80211_TX_INTFL_DONT_ENCRYPT;
1044
1045 ieee80211_tx_skb(sdata, skb);
1046 }
1047}
1048
997int ieee80211_build_preq_ies(struct ieee80211_local *local, u8 *buffer, 1049int ieee80211_build_preq_ies(struct ieee80211_local *local, u8 *buffer,
998 const u8 *ie, size_t ie_len, 1050 const u8 *ie, size_t ie_len,
999 enum ieee80211_band band, u32 rate_mask, 1051 enum ieee80211_band band, u32 rate_mask,
@@ -1100,6 +1152,7 @@ int ieee80211_build_preq_ies(struct ieee80211_local *local, u8 *buffer,
1100 1152
1101struct sk_buff *ieee80211_build_probe_req(struct ieee80211_sub_if_data *sdata, 1153struct sk_buff *ieee80211_build_probe_req(struct ieee80211_sub_if_data *sdata,
1102 u8 *dst, u32 ratemask, 1154 u8 *dst, u32 ratemask,
1155 struct ieee80211_channel *chan,
1103 const u8 *ssid, size_t ssid_len, 1156 const u8 *ssid, size_t ssid_len,
1104 const u8 *ie, size_t ie_len, 1157 const u8 *ie, size_t ie_len,
1105 bool directed) 1158 bool directed)
@@ -1109,7 +1162,7 @@ struct sk_buff *ieee80211_build_probe_req(struct ieee80211_sub_if_data *sdata,
1109 struct ieee80211_mgmt *mgmt; 1162 struct ieee80211_mgmt *mgmt;
1110 size_t buf_len; 1163 size_t buf_len;
1111 u8 *buf; 1164 u8 *buf;
1112 u8 chan; 1165 u8 chan_no;
1113 1166
1114 /* FIXME: come up with a proper value */ 1167 /* FIXME: come up with a proper value */
1115 buf = kmalloc(200 + ie_len, GFP_KERNEL); 1168 buf = kmalloc(200 + ie_len, GFP_KERNEL);
@@ -1122,14 +1175,12 @@ struct sk_buff *ieee80211_build_probe_req(struct ieee80211_sub_if_data *sdata,
1122 * badly-behaved APs don't respond when this parameter is included. 1175 * badly-behaved APs don't respond when this parameter is included.
1123 */ 1176 */
1124 if (directed) 1177 if (directed)
1125 chan = 0; 1178 chan_no = 0;
1126 else 1179 else
1127 chan = ieee80211_frequency_to_channel( 1180 chan_no = ieee80211_frequency_to_channel(chan->center_freq);
1128 local->hw.conf.channel->center_freq);
1129 1181
1130 buf_len = ieee80211_build_preq_ies(local, buf, ie, ie_len, 1182 buf_len = ieee80211_build_preq_ies(local, buf, ie, ie_len, chan->band,
1131 local->hw.conf.channel->band, 1183 ratemask, chan_no);
1132 ratemask, chan);
1133 1184
1134 skb = ieee80211_probereq_get(&local->hw, &sdata->vif, 1185 skb = ieee80211_probereq_get(&local->hw, &sdata->vif,
1135 ssid, ssid_len, 1186 ssid, ssid_len,
@@ -1154,11 +1205,13 @@ struct sk_buff *ieee80211_build_probe_req(struct ieee80211_sub_if_data *sdata,
1154void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst, 1205void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
1155 const u8 *ssid, size_t ssid_len, 1206 const u8 *ssid, size_t ssid_len,
1156 const u8 *ie, size_t ie_len, 1207 const u8 *ie, size_t ie_len,
1157 u32 ratemask, bool directed, bool no_cck) 1208 u32 ratemask, bool directed, bool no_cck,
1209 struct ieee80211_channel *channel)
1158{ 1210{
1159 struct sk_buff *skb; 1211 struct sk_buff *skb;
1160 1212
1161 skb = ieee80211_build_probe_req(sdata, dst, ratemask, ssid, ssid_len, 1213 skb = ieee80211_build_probe_req(sdata, dst, ratemask, channel,
1214 ssid, ssid_len,
1162 ie, ie_len, directed); 1215 ie, ie_len, directed);
1163 if (skb) { 1216 if (skb) {
1164 if (no_cck) 1217 if (no_cck)
@@ -1359,7 +1412,8 @@ int ieee80211_reconfig(struct ieee80211_local *local)
1359 switch (sdata->vif.type) { 1412 switch (sdata->vif.type) {
1360 case NL80211_IFTYPE_STATION: 1413 case NL80211_IFTYPE_STATION:
1361 changed |= BSS_CHANGED_ASSOC | 1414 changed |= BSS_CHANGED_ASSOC |
1362 BSS_CHANGED_ARP_FILTER; 1415 BSS_CHANGED_ARP_FILTER |
1416 BSS_CHANGED_PS;
1363 mutex_lock(&sdata->u.mgd.mtx); 1417 mutex_lock(&sdata->u.mgd.mtx);
1364 ieee80211_bss_info_change_notify(sdata, changed); 1418 ieee80211_bss_info_change_notify(sdata, changed);
1365 mutex_unlock(&sdata->u.mgd.mtx); 1419 mutex_unlock(&sdata->u.mgd.mtx);
@@ -1385,6 +1439,9 @@ int ieee80211_reconfig(struct ieee80211_local *local)
1385 case NL80211_IFTYPE_MONITOR: 1439 case NL80211_IFTYPE_MONITOR:
1386 /* ignore virtual */ 1440 /* ignore virtual */
1387 break; 1441 break;
1442 case NL80211_IFTYPE_P2P_DEVICE:
1443 changed = BSS_CHANGED_IDLE;
1444 break;
1388 case NL80211_IFTYPE_UNSPECIFIED: 1445 case NL80211_IFTYPE_UNSPECIFIED:
1389 case NUM_NL80211_IFTYPES: 1446 case NUM_NL80211_IFTYPES:
1390 case NL80211_IFTYPE_P2P_CLIENT: 1447 case NL80211_IFTYPE_P2P_CLIENT:
@@ -1549,14 +1606,13 @@ static int check_mgd_smps(struct ieee80211_if_managed *ifmgd,
1549 return 0; 1606 return 0;
1550} 1607}
1551 1608
1552/* must hold iflist_mtx */
1553void ieee80211_recalc_smps(struct ieee80211_local *local) 1609void ieee80211_recalc_smps(struct ieee80211_local *local)
1554{ 1610{
1555 struct ieee80211_sub_if_data *sdata; 1611 struct ieee80211_sub_if_data *sdata;
1556 enum ieee80211_smps_mode smps_mode = IEEE80211_SMPS_OFF; 1612 enum ieee80211_smps_mode smps_mode = IEEE80211_SMPS_OFF;
1557 int count = 0; 1613 int count = 0;
1558 1614
1559 lockdep_assert_held(&local->iflist_mtx); 1615 mutex_lock(&local->iflist_mtx);
1560 1616
1561 /* 1617 /*
1562 * This function could be improved to handle multiple 1618 * This function could be improved to handle multiple
@@ -1571,6 +1627,8 @@ void ieee80211_recalc_smps(struct ieee80211_local *local)
1571 list_for_each_entry(sdata, &local->interfaces, list) { 1627 list_for_each_entry(sdata, &local->interfaces, list) {
1572 if (!ieee80211_sdata_running(sdata)) 1628 if (!ieee80211_sdata_running(sdata))
1573 continue; 1629 continue;
1630 if (sdata->vif.type == NL80211_IFTYPE_P2P_DEVICE)
1631 continue;
1574 if (sdata->vif.type != NL80211_IFTYPE_STATION) 1632 if (sdata->vif.type != NL80211_IFTYPE_STATION)
1575 goto set; 1633 goto set;
1576 1634
@@ -1583,12 +1641,14 @@ void ieee80211_recalc_smps(struct ieee80211_local *local)
1583 } 1641 }
1584 1642
1585 if (smps_mode == local->smps_mode) 1643 if (smps_mode == local->smps_mode)
1586 return; 1644 goto unlock;
1587 1645
1588 set: 1646 set:
1589 local->smps_mode = smps_mode; 1647 local->smps_mode = smps_mode;
1590 /* changed flag is auto-detected for this */ 1648 /* changed flag is auto-detected for this */
1591 ieee80211_hw_config(local, 0); 1649 ieee80211_hw_config(local, 0);
1650 unlock:
1651 mutex_unlock(&local->iflist_mtx);
1592} 1652}
1593 1653
1594static bool ieee80211_id_in_list(const u8 *ids, int n_ids, u8 id) 1654static bool ieee80211_id_in_list(const u8 *ids, int n_ids, u8 id)
@@ -1809,7 +1869,8 @@ ieee80211_ht_oper_to_channel_type(struct ieee80211_ht_operation *ht_oper)
1809} 1869}
1810 1870
1811int ieee80211_add_srates_ie(struct ieee80211_sub_if_data *sdata, 1871int ieee80211_add_srates_ie(struct ieee80211_sub_if_data *sdata,
1812 struct sk_buff *skb, bool need_basic) 1872 struct sk_buff *skb, bool need_basic,
1873 enum ieee80211_band band)
1813{ 1874{
1814 struct ieee80211_local *local = sdata->local; 1875 struct ieee80211_local *local = sdata->local;
1815 struct ieee80211_supported_band *sband; 1876 struct ieee80211_supported_band *sband;
@@ -1817,7 +1878,7 @@ int ieee80211_add_srates_ie(struct ieee80211_sub_if_data *sdata,
1817 u8 i, rates, *pos; 1878 u8 i, rates, *pos;
1818 u32 basic_rates = sdata->vif.bss_conf.basic_rates; 1879 u32 basic_rates = sdata->vif.bss_conf.basic_rates;
1819 1880
1820 sband = local->hw.wiphy->bands[local->hw.conf.channel->band]; 1881 sband = local->hw.wiphy->bands[band];
1821 rates = sband->n_bitrates; 1882 rates = sband->n_bitrates;
1822 if (rates > 8) 1883 if (rates > 8)
1823 rates = 8; 1884 rates = 8;
@@ -1840,7 +1901,8 @@ int ieee80211_add_srates_ie(struct ieee80211_sub_if_data *sdata,
1840} 1901}
1841 1902
1842int ieee80211_add_ext_srates_ie(struct ieee80211_sub_if_data *sdata, 1903int ieee80211_add_ext_srates_ie(struct ieee80211_sub_if_data *sdata,
1843 struct sk_buff *skb, bool need_basic) 1904 struct sk_buff *skb, bool need_basic,
1905 enum ieee80211_band band)
1844{ 1906{
1845 struct ieee80211_local *local = sdata->local; 1907 struct ieee80211_local *local = sdata->local;
1846 struct ieee80211_supported_band *sband; 1908 struct ieee80211_supported_band *sband;
@@ -1848,7 +1910,7 @@ int ieee80211_add_ext_srates_ie(struct ieee80211_sub_if_data *sdata,
1848 u8 i, exrates, *pos; 1910 u8 i, exrates, *pos;
1849 u32 basic_rates = sdata->vif.bss_conf.basic_rates; 1911 u32 basic_rates = sdata->vif.bss_conf.basic_rates;
1850 1912
1851 sband = local->hw.wiphy->bands[local->hw.conf.channel->band]; 1913 sband = local->hw.wiphy->bands[band];
1852 exrates = sband->n_bitrates; 1914 exrates = sband->n_bitrates;
1853 if (exrates > 8) 1915 if (exrates > 8)
1854 exrates -= 8; 1916 exrates -= 8;
diff --git a/net/netfilter/Kconfig b/net/netfilter/Kconfig
index c19b214ffd57..fefa514b9917 100644
--- a/net/netfilter/Kconfig
+++ b/net/netfilter/Kconfig
@@ -356,6 +356,55 @@ config NETFILTER_NETLINK_QUEUE_CT
356 If this option is enabled, NFQUEUE can include Connection Tracking 356 If this option is enabled, NFQUEUE can include Connection Tracking
357 information together with the packet is the enqueued via NFNETLINK. 357 information together with the packet is the enqueued via NFNETLINK.
358 358
359config NF_NAT
360 tristate
361
362config NF_NAT_NEEDED
363 bool
364 depends on NF_NAT
365 default y
366
367config NF_NAT_PROTO_DCCP
368 tristate
369 depends on NF_NAT && NF_CT_PROTO_DCCP
370 default NF_NAT && NF_CT_PROTO_DCCP
371
372config NF_NAT_PROTO_UDPLITE
373 tristate
374 depends on NF_NAT && NF_CT_PROTO_UDPLITE
375 default NF_NAT && NF_CT_PROTO_UDPLITE
376
377config NF_NAT_PROTO_SCTP
378 tristate
379 default NF_NAT && NF_CT_PROTO_SCTP
380 depends on NF_NAT && NF_CT_PROTO_SCTP
381 select LIBCRC32C
382
383config NF_NAT_AMANDA
384 tristate
385 depends on NF_CONNTRACK && NF_NAT
386 default NF_NAT && NF_CONNTRACK_AMANDA
387
388config NF_NAT_FTP
389 tristate
390 depends on NF_CONNTRACK && NF_NAT
391 default NF_NAT && NF_CONNTRACK_FTP
392
393config NF_NAT_IRC
394 tristate
395 depends on NF_CONNTRACK && NF_NAT
396 default NF_NAT && NF_CONNTRACK_IRC
397
398config NF_NAT_SIP
399 tristate
400 depends on NF_CONNTRACK && NF_NAT
401 default NF_NAT && NF_CONNTRACK_SIP
402
403config NF_NAT_TFTP
404 tristate
405 depends on NF_CONNTRACK && NF_NAT
406 default NF_NAT && NF_CONNTRACK_TFTP
407
359endif # NF_CONNTRACK 408endif # NF_CONNTRACK
360 409
361# transparent proxy support 410# transparent proxy support
@@ -599,6 +648,16 @@ config NETFILTER_XT_TARGET_MARK
599 (e.g. when running oldconfig). It selects 648 (e.g. when running oldconfig). It selects
600 CONFIG_NETFILTER_XT_MARK (combined mark/MARK module). 649 CONFIG_NETFILTER_XT_MARK (combined mark/MARK module).
601 650
651config NETFILTER_XT_TARGET_NETMAP
652 tristate '"NETMAP" target support'
653 depends on NF_NAT
654 ---help---
655 NETMAP is an implementation of static 1:1 NAT mapping of network
656 addresses. It maps the network address part, while keeping the host
657 address part intact.
658
659 To compile it as a module, choose M here. If unsure, say N.
660
602config NETFILTER_XT_TARGET_NFLOG 661config NETFILTER_XT_TARGET_NFLOG
603 tristate '"NFLOG" target support' 662 tristate '"NFLOG" target support'
604 default m if NETFILTER_ADVANCED=n 663 default m if NETFILTER_ADVANCED=n
@@ -621,19 +680,6 @@ config NETFILTER_XT_TARGET_NFQUEUE
621 680
622 To compile it as a module, choose M here. If unsure, say N. 681 To compile it as a module, choose M here. If unsure, say N.
623 682
624config NETFILTER_XT_TARGET_NOTRACK
625 tristate '"NOTRACK" target support'
626 depends on IP_NF_RAW || IP6_NF_RAW
627 depends on NF_CONNTRACK
628 help
629 The NOTRACK target allows a select rule to specify
630 which packets *not* to enter the conntrack/NAT
631 subsystem with all the consequences (no ICMP error tracking,
632 no protocol helpers for the selected packets).
633
634 If you want to compile it as a module, say M here and read
635 <file:Documentation/kbuild/modules.txt>. If unsure, say `N'.
636
637config NETFILTER_XT_TARGET_RATEEST 683config NETFILTER_XT_TARGET_RATEEST
638 tristate '"RATEEST" target support' 684 tristate '"RATEEST" target support'
639 depends on NETFILTER_ADVANCED 685 depends on NETFILTER_ADVANCED
@@ -644,6 +690,17 @@ config NETFILTER_XT_TARGET_RATEEST
644 690
645 To compile it as a module, choose M here. If unsure, say N. 691 To compile it as a module, choose M here. If unsure, say N.
646 692
693config NETFILTER_XT_TARGET_REDIRECT
694 tristate "REDIRECT target support"
695 depends on NF_NAT
696 ---help---
697 REDIRECT is a special case of NAT: all incoming connections are
698 mapped onto the incoming interface's address, causing the packets to
699 come to the local machine instead of passing through. This is
700 useful for transparent proxies.
701
702 To compile it as a module, choose M here. If unsure, say N.
703
647config NETFILTER_XT_TARGET_TEE 704config NETFILTER_XT_TARGET_TEE
648 tristate '"TEE" - packet cloning to alternate destination' 705 tristate '"TEE" - packet cloning to alternate destination'
649 depends on NETFILTER_ADVANCED 706 depends on NETFILTER_ADVANCED
diff --git a/net/netfilter/Makefile b/net/netfilter/Makefile
index 1c5160f2278e..32596978df1d 100644
--- a/net/netfilter/Makefile
+++ b/net/netfilter/Makefile
@@ -43,6 +43,23 @@ obj-$(CONFIG_NF_CONNTRACK_SANE) += nf_conntrack_sane.o
43obj-$(CONFIG_NF_CONNTRACK_SIP) += nf_conntrack_sip.o 43obj-$(CONFIG_NF_CONNTRACK_SIP) += nf_conntrack_sip.o
44obj-$(CONFIG_NF_CONNTRACK_TFTP) += nf_conntrack_tftp.o 44obj-$(CONFIG_NF_CONNTRACK_TFTP) += nf_conntrack_tftp.o
45 45
46nf_nat-y := nf_nat_core.o nf_nat_proto_unknown.o nf_nat_proto_common.o \
47 nf_nat_proto_udp.o nf_nat_proto_tcp.o nf_nat_helper.o
48
49obj-$(CONFIG_NF_NAT) += nf_nat.o
50
51# NAT protocols (nf_nat)
52obj-$(CONFIG_NF_NAT_PROTO_DCCP) += nf_nat_proto_dccp.o
53obj-$(CONFIG_NF_NAT_PROTO_UDPLITE) += nf_nat_proto_udplite.o
54obj-$(CONFIG_NF_NAT_PROTO_SCTP) += nf_nat_proto_sctp.o
55
56# NAT helpers
57obj-$(CONFIG_NF_NAT_AMANDA) += nf_nat_amanda.o
58obj-$(CONFIG_NF_NAT_FTP) += nf_nat_ftp.o
59obj-$(CONFIG_NF_NAT_IRC) += nf_nat_irc.o
60obj-$(CONFIG_NF_NAT_SIP) += nf_nat_sip.o
61obj-$(CONFIG_NF_NAT_TFTP) += nf_nat_tftp.o
62
46# transparent proxy support 63# transparent proxy support
47obj-$(CONFIG_NETFILTER_TPROXY) += nf_tproxy_core.o 64obj-$(CONFIG_NETFILTER_TPROXY) += nf_tproxy_core.o
48 65
@@ -53,6 +70,7 @@ obj-$(CONFIG_NETFILTER_XTABLES) += x_tables.o xt_tcpudp.o
53obj-$(CONFIG_NETFILTER_XT_MARK) += xt_mark.o 70obj-$(CONFIG_NETFILTER_XT_MARK) += xt_mark.o
54obj-$(CONFIG_NETFILTER_XT_CONNMARK) += xt_connmark.o 71obj-$(CONFIG_NETFILTER_XT_CONNMARK) += xt_connmark.o
55obj-$(CONFIG_NETFILTER_XT_SET) += xt_set.o 72obj-$(CONFIG_NETFILTER_XT_SET) += xt_set.o
73obj-$(CONFIG_NF_NAT) += xt_nat.o
56 74
57# targets 75# targets
58obj-$(CONFIG_NETFILTER_XT_TARGET_AUDIT) += xt_AUDIT.o 76obj-$(CONFIG_NETFILTER_XT_TARGET_AUDIT) += xt_AUDIT.o
@@ -65,10 +83,11 @@ obj-$(CONFIG_NETFILTER_XT_TARGET_HL) += xt_HL.o
65obj-$(CONFIG_NETFILTER_XT_TARGET_HMARK) += xt_HMARK.o 83obj-$(CONFIG_NETFILTER_XT_TARGET_HMARK) += xt_HMARK.o
66obj-$(CONFIG_NETFILTER_XT_TARGET_LED) += xt_LED.o 84obj-$(CONFIG_NETFILTER_XT_TARGET_LED) += xt_LED.o
67obj-$(CONFIG_NETFILTER_XT_TARGET_LOG) += xt_LOG.o 85obj-$(CONFIG_NETFILTER_XT_TARGET_LOG) += xt_LOG.o
86obj-$(CONFIG_NETFILTER_XT_TARGET_NETMAP) += xt_NETMAP.o
68obj-$(CONFIG_NETFILTER_XT_TARGET_NFLOG) += xt_NFLOG.o 87obj-$(CONFIG_NETFILTER_XT_TARGET_NFLOG) += xt_NFLOG.o
69obj-$(CONFIG_NETFILTER_XT_TARGET_NFQUEUE) += xt_NFQUEUE.o 88obj-$(CONFIG_NETFILTER_XT_TARGET_NFQUEUE) += xt_NFQUEUE.o
70obj-$(CONFIG_NETFILTER_XT_TARGET_NOTRACK) += xt_NOTRACK.o
71obj-$(CONFIG_NETFILTER_XT_TARGET_RATEEST) += xt_RATEEST.o 89obj-$(CONFIG_NETFILTER_XT_TARGET_RATEEST) += xt_RATEEST.o
90obj-$(CONFIG_NETFILTER_XT_TARGET_REDIRECT) += xt_REDIRECT.o
72obj-$(CONFIG_NETFILTER_XT_TARGET_SECMARK) += xt_SECMARK.o 91obj-$(CONFIG_NETFILTER_XT_TARGET_SECMARK) += xt_SECMARK.o
73obj-$(CONFIG_NETFILTER_XT_TARGET_TPROXY) += xt_TPROXY.o 92obj-$(CONFIG_NETFILTER_XT_TARGET_TPROXY) += xt_TPROXY.o
74obj-$(CONFIG_NETFILTER_XT_TARGET_TCPMSS) += xt_TCPMSS.o 93obj-$(CONFIG_NETFILTER_XT_TARGET_TCPMSS) += xt_TCPMSS.o
diff --git a/net/netfilter/core.c b/net/netfilter/core.c
index 0bc6b60db4df..68912dadf13d 100644
--- a/net/netfilter/core.c
+++ b/net/netfilter/core.c
@@ -126,7 +126,7 @@ unsigned int nf_iterate(struct list_head *head,
126 unsigned int hook, 126 unsigned int hook,
127 const struct net_device *indev, 127 const struct net_device *indev,
128 const struct net_device *outdev, 128 const struct net_device *outdev,
129 struct list_head **i, 129 struct nf_hook_ops **elemp,
130 int (*okfn)(struct sk_buff *), 130 int (*okfn)(struct sk_buff *),
131 int hook_thresh) 131 int hook_thresh)
132{ 132{
@@ -136,22 +136,20 @@ unsigned int nf_iterate(struct list_head *head,
136 * The caller must not block between calls to this 136 * The caller must not block between calls to this
137 * function because of risk of continuing from deleted element. 137 * function because of risk of continuing from deleted element.
138 */ 138 */
139 list_for_each_continue_rcu(*i, head) { 139 list_for_each_entry_continue_rcu((*elemp), head, list) {
140 struct nf_hook_ops *elem = (struct nf_hook_ops *)*i; 140 if (hook_thresh > (*elemp)->priority)
141
142 if (hook_thresh > elem->priority)
143 continue; 141 continue;
144 142
145 /* Optimization: we don't need to hold module 143 /* Optimization: we don't need to hold module
146 reference here, since function can't sleep. --RR */ 144 reference here, since function can't sleep. --RR */
147repeat: 145repeat:
148 verdict = elem->hook(hook, skb, indev, outdev, okfn); 146 verdict = (*elemp)->hook(hook, skb, indev, outdev, okfn);
149 if (verdict != NF_ACCEPT) { 147 if (verdict != NF_ACCEPT) {
150#ifdef CONFIG_NETFILTER_DEBUG 148#ifdef CONFIG_NETFILTER_DEBUG
151 if (unlikely((verdict & NF_VERDICT_MASK) 149 if (unlikely((verdict & NF_VERDICT_MASK)
152 > NF_MAX_VERDICT)) { 150 > NF_MAX_VERDICT)) {
153 NFDEBUG("Evil return from %p(%u).\n", 151 NFDEBUG("Evil return from %p(%u).\n",
154 elem->hook, hook); 152 (*elemp)->hook, hook);
155 continue; 153 continue;
156 } 154 }
157#endif 155#endif
@@ -172,14 +170,14 @@ int nf_hook_slow(u_int8_t pf, unsigned int hook, struct sk_buff *skb,
172 int (*okfn)(struct sk_buff *), 170 int (*okfn)(struct sk_buff *),
173 int hook_thresh) 171 int hook_thresh)
174{ 172{
175 struct list_head *elem; 173 struct nf_hook_ops *elem;
176 unsigned int verdict; 174 unsigned int verdict;
177 int ret = 0; 175 int ret = 0;
178 176
179 /* We may already have this, but read-locks nest anyway */ 177 /* We may already have this, but read-locks nest anyway */
180 rcu_read_lock(); 178 rcu_read_lock();
181 179
182 elem = &nf_hooks[pf][hook]; 180 elem = list_entry_rcu(&nf_hooks[pf][hook], struct nf_hook_ops, list);
183next_hook: 181next_hook:
184 verdict = nf_iterate(&nf_hooks[pf][hook], skb, hook, indev, 182 verdict = nf_iterate(&nf_hooks[pf][hook], skb, hook, indev,
185 outdev, &elem, okfn, hook_thresh); 183 outdev, &elem, okfn, hook_thresh);
@@ -273,6 +271,11 @@ EXPORT_SYMBOL_GPL(nfq_ct_nat_hook);
273 271
274#endif /* CONFIG_NF_CONNTRACK */ 272#endif /* CONFIG_NF_CONNTRACK */
275 273
274#ifdef CONFIG_NF_NAT_NEEDED
275void (*nf_nat_decode_session_hook)(struct sk_buff *, struct flowi *);
276EXPORT_SYMBOL(nf_nat_decode_session_hook);
277#endif
278
276#ifdef CONFIG_PROC_FS 279#ifdef CONFIG_PROC_FS
277struct proc_dir_entry *proc_net_netfilter; 280struct proc_dir_entry *proc_net_netfilter;
278EXPORT_SYMBOL(proc_net_netfilter); 281EXPORT_SYMBOL(proc_net_netfilter);
diff --git a/net/netfilter/ipset/ip_set_bitmap_ip.c b/net/netfilter/ipset/ip_set_bitmap_ip.c
index 7e1b061aeeba..4a92fd47bd4c 100644
--- a/net/netfilter/ipset/ip_set_bitmap_ip.c
+++ b/net/netfilter/ipset/ip_set_bitmap_ip.c
@@ -27,9 +27,12 @@
27#define IP_SET_BITMAP_TIMEOUT 27#define IP_SET_BITMAP_TIMEOUT
28#include <linux/netfilter/ipset/ip_set_timeout.h> 28#include <linux/netfilter/ipset/ip_set_timeout.h>
29 29
30#define REVISION_MIN 0
31#define REVISION_MAX 0
32
30MODULE_LICENSE("GPL"); 33MODULE_LICENSE("GPL");
31MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>"); 34MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
32MODULE_DESCRIPTION("bitmap:ip type of IP sets"); 35IP_SET_MODULE_DESC("bitmap:ip", REVISION_MIN, REVISION_MAX);
33MODULE_ALIAS("ip_set_bitmap:ip"); 36MODULE_ALIAS("ip_set_bitmap:ip");
34 37
35/* Type structure */ 38/* Type structure */
@@ -284,7 +287,7 @@ bitmap_ip_uadt(struct ip_set *set, struct nlattr *tb[],
284 } else if (tb[IPSET_ATTR_CIDR]) { 287 } else if (tb[IPSET_ATTR_CIDR]) {
285 u8 cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]); 288 u8 cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]);
286 289
287 if (cidr > 32) 290 if (!cidr || cidr > 32)
288 return -IPSET_ERR_INVALID_CIDR; 291 return -IPSET_ERR_INVALID_CIDR;
289 ip_set_mask_from_to(ip, ip_to, cidr); 292 ip_set_mask_from_to(ip, ip_to, cidr);
290 } else 293 } else
@@ -454,7 +457,8 @@ static int
454bitmap_ip_create(struct ip_set *set, struct nlattr *tb[], u32 flags) 457bitmap_ip_create(struct ip_set *set, struct nlattr *tb[], u32 flags)
455{ 458{
456 struct bitmap_ip *map; 459 struct bitmap_ip *map;
457 u32 first_ip, last_ip, hosts, elements; 460 u32 first_ip, last_ip, hosts;
461 u64 elements;
458 u8 netmask = 32; 462 u8 netmask = 32;
459 int ret; 463 int ret;
460 464
@@ -497,7 +501,7 @@ bitmap_ip_create(struct ip_set *set, struct nlattr *tb[], u32 flags)
497 501
498 if (netmask == 32) { 502 if (netmask == 32) {
499 hosts = 1; 503 hosts = 1;
500 elements = last_ip - first_ip + 1; 504 elements = (u64)last_ip - first_ip + 1;
501 } else { 505 } else {
502 u8 mask_bits; 506 u8 mask_bits;
503 u32 mask; 507 u32 mask;
@@ -515,7 +519,8 @@ bitmap_ip_create(struct ip_set *set, struct nlattr *tb[], u32 flags)
515 if (elements > IPSET_BITMAP_MAX_RANGE + 1) 519 if (elements > IPSET_BITMAP_MAX_RANGE + 1)
516 return -IPSET_ERR_BITMAP_RANGE_SIZE; 520 return -IPSET_ERR_BITMAP_RANGE_SIZE;
517 521
518 pr_debug("hosts %u, elements %u\n", hosts, elements); 522 pr_debug("hosts %u, elements %llu\n",
523 hosts, (unsigned long long)elements);
519 524
520 map = kzalloc(sizeof(*map), GFP_KERNEL); 525 map = kzalloc(sizeof(*map), GFP_KERNEL);
521 if (!map) 526 if (!map)
@@ -554,8 +559,8 @@ static struct ip_set_type bitmap_ip_type __read_mostly = {
554 .features = IPSET_TYPE_IP, 559 .features = IPSET_TYPE_IP,
555 .dimension = IPSET_DIM_ONE, 560 .dimension = IPSET_DIM_ONE,
556 .family = NFPROTO_IPV4, 561 .family = NFPROTO_IPV4,
557 .revision_min = 0, 562 .revision_min = REVISION_MIN,
558 .revision_max = 0, 563 .revision_max = REVISION_MAX,
559 .create = bitmap_ip_create, 564 .create = bitmap_ip_create,
560 .create_policy = { 565 .create_policy = {
561 [IPSET_ATTR_IP] = { .type = NLA_NESTED }, 566 [IPSET_ATTR_IP] = { .type = NLA_NESTED },
diff --git a/net/netfilter/ipset/ip_set_bitmap_ipmac.c b/net/netfilter/ipset/ip_set_bitmap_ipmac.c
index d7eaf10edb6d..0f92dc24cb89 100644
--- a/net/netfilter/ipset/ip_set_bitmap_ipmac.c
+++ b/net/netfilter/ipset/ip_set_bitmap_ipmac.c
@@ -26,9 +26,12 @@
26#include <linux/netfilter/ipset/ip_set_timeout.h> 26#include <linux/netfilter/ipset/ip_set_timeout.h>
27#include <linux/netfilter/ipset/ip_set_bitmap.h> 27#include <linux/netfilter/ipset/ip_set_bitmap.h>
28 28
29#define REVISION_MIN 0
30#define REVISION_MAX 0
31
29MODULE_LICENSE("GPL"); 32MODULE_LICENSE("GPL");
30MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>"); 33MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
31MODULE_DESCRIPTION("bitmap:ip,mac type of IP sets"); 34IP_SET_MODULE_DESC("bitmap:ip,mac", REVISION_MIN, REVISION_MAX);
32MODULE_ALIAS("ip_set_bitmap:ip,mac"); 35MODULE_ALIAS("ip_set_bitmap:ip,mac");
33 36
34enum { 37enum {
@@ -320,11 +323,11 @@ bitmap_ipmac_tlist(const struct ip_set *set,
320 (elem->match == MAC_FILLED && 323 (elem->match == MAC_FILLED &&
321 nla_put(skb, IPSET_ATTR_ETHER, ETH_ALEN, 324 nla_put(skb, IPSET_ATTR_ETHER, ETH_ALEN,
322 elem->ether))) 325 elem->ether)))
323 goto nla_put_failure; 326 goto nla_put_failure;
324 timeout = elem->match == MAC_UNSET ? elem->timeout 327 timeout = elem->match == MAC_UNSET ? elem->timeout
325 : ip_set_timeout_get(elem->timeout); 328 : ip_set_timeout_get(elem->timeout);
326 if (nla_put_net32(skb, IPSET_ATTR_TIMEOUT, htonl(timeout))) 329 if (nla_put_net32(skb, IPSET_ATTR_TIMEOUT, htonl(timeout)))
327 goto nla_put_failure; 330 goto nla_put_failure;
328 ipset_nest_end(skb, nested); 331 ipset_nest_end(skb, nested);
329 } 332 }
330 ipset_nest_end(skb, atd); 333 ipset_nest_end(skb, atd);
@@ -557,7 +560,8 @@ static int
557bitmap_ipmac_create(struct ip_set *set, struct nlattr *tb[], 560bitmap_ipmac_create(struct ip_set *set, struct nlattr *tb[],
558 u32 flags) 561 u32 flags)
559{ 562{
560 u32 first_ip, last_ip, elements; 563 u32 first_ip, last_ip;
564 u64 elements;
561 struct bitmap_ipmac *map; 565 struct bitmap_ipmac *map;
562 int ret; 566 int ret;
563 567
@@ -588,7 +592,7 @@ bitmap_ipmac_create(struct ip_set *set, struct nlattr *tb[],
588 } else 592 } else
589 return -IPSET_ERR_PROTOCOL; 593 return -IPSET_ERR_PROTOCOL;
590 594
591 elements = last_ip - first_ip + 1; 595 elements = (u64)last_ip - first_ip + 1;
592 596
593 if (elements > IPSET_BITMAP_MAX_RANGE + 1) 597 if (elements > IPSET_BITMAP_MAX_RANGE + 1)
594 return -IPSET_ERR_BITMAP_RANGE_SIZE; 598 return -IPSET_ERR_BITMAP_RANGE_SIZE;
@@ -629,8 +633,8 @@ static struct ip_set_type bitmap_ipmac_type = {
629 .features = IPSET_TYPE_IP | IPSET_TYPE_MAC, 633 .features = IPSET_TYPE_IP | IPSET_TYPE_MAC,
630 .dimension = IPSET_DIM_TWO, 634 .dimension = IPSET_DIM_TWO,
631 .family = NFPROTO_IPV4, 635 .family = NFPROTO_IPV4,
632 .revision_min = 0, 636 .revision_min = REVISION_MIN,
633 .revision_max = 0, 637 .revision_max = REVISION_MAX,
634 .create = bitmap_ipmac_create, 638 .create = bitmap_ipmac_create,
635 .create_policy = { 639 .create_policy = {
636 [IPSET_ATTR_IP] = { .type = NLA_NESTED }, 640 [IPSET_ATTR_IP] = { .type = NLA_NESTED },
diff --git a/net/netfilter/ipset/ip_set_bitmap_port.c b/net/netfilter/ipset/ip_set_bitmap_port.c
index b9f1fce7053b..e6b2db76f4c3 100644
--- a/net/netfilter/ipset/ip_set_bitmap_port.c
+++ b/net/netfilter/ipset/ip_set_bitmap_port.c
@@ -22,9 +22,12 @@
22#define IP_SET_BITMAP_TIMEOUT 22#define IP_SET_BITMAP_TIMEOUT
23#include <linux/netfilter/ipset/ip_set_timeout.h> 23#include <linux/netfilter/ipset/ip_set_timeout.h>
24 24
25#define REVISION_MIN 0
26#define REVISION_MAX 0
27
25MODULE_LICENSE("GPL"); 28MODULE_LICENSE("GPL");
26MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>"); 29MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
27MODULE_DESCRIPTION("bitmap:port type of IP sets"); 30IP_SET_MODULE_DESC("bitmap:port", REVISION_MIN, REVISION_MAX);
28MODULE_ALIAS("ip_set_bitmap:port"); 31MODULE_ALIAS("ip_set_bitmap:port");
29 32
30/* Type structure */ 33/* Type structure */
@@ -487,8 +490,8 @@ static struct ip_set_type bitmap_port_type = {
487 .features = IPSET_TYPE_PORT, 490 .features = IPSET_TYPE_PORT,
488 .dimension = IPSET_DIM_ONE, 491 .dimension = IPSET_DIM_ONE,
489 .family = NFPROTO_UNSPEC, 492 .family = NFPROTO_UNSPEC,
490 .revision_min = 0, 493 .revision_min = REVISION_MIN,
491 .revision_max = 0, 494 .revision_max = REVISION_MAX,
492 .create = bitmap_port_create, 495 .create = bitmap_port_create,
493 .create_policy = { 496 .create_policy = {
494 [IPSET_ATTR_PORT] = { .type = NLA_U16 }, 497 [IPSET_ATTR_PORT] = { .type = NLA_U16 },
diff --git a/net/netfilter/ipset/ip_set_core.c b/net/netfilter/ipset/ip_set_core.c
index 9730882697aa..778465f217fa 100644
--- a/net/netfilter/ipset/ip_set_core.c
+++ b/net/netfilter/ipset/ip_set_core.c
@@ -69,7 +69,8 @@ find_set_type(const char *name, u8 family, u8 revision)
69 69
70 list_for_each_entry_rcu(type, &ip_set_type_list, list) 70 list_for_each_entry_rcu(type, &ip_set_type_list, list)
71 if (STREQ(type->name, name) && 71 if (STREQ(type->name, name) &&
72 (type->family == family || type->family == NFPROTO_UNSPEC) && 72 (type->family == family ||
73 type->family == NFPROTO_UNSPEC) &&
73 revision >= type->revision_min && 74 revision >= type->revision_min &&
74 revision <= type->revision_max) 75 revision <= type->revision_max)
75 return type; 76 return type;
@@ -149,7 +150,8 @@ __find_set_type_minmax(const char *name, u8 family, u8 *min, u8 *max,
149 rcu_read_lock(); 150 rcu_read_lock();
150 list_for_each_entry_rcu(type, &ip_set_type_list, list) 151 list_for_each_entry_rcu(type, &ip_set_type_list, list)
151 if (STREQ(type->name, name) && 152 if (STREQ(type->name, name) &&
152 (type->family == family || type->family == NFPROTO_UNSPEC)) { 153 (type->family == family ||
154 type->family == NFPROTO_UNSPEC)) {
153 found = true; 155 found = true;
154 if (type->revision_min < *min) 156 if (type->revision_min < *min)
155 *min = type->revision_min; 157 *min = type->revision_min;
@@ -368,6 +370,12 @@ ip_set_test(ip_set_id_t index, const struct sk_buff *skb,
368 set->variant->kadt(set, skb, par, IPSET_ADD, opt); 370 set->variant->kadt(set, skb, par, IPSET_ADD, opt);
369 write_unlock_bh(&set->lock); 371 write_unlock_bh(&set->lock);
370 ret = 1; 372 ret = 1;
373 } else {
374 /* --return-nomatch: invert matched element */
375 if ((opt->flags & IPSET_RETURN_NOMATCH) &&
376 (set->type->features & IPSET_TYPE_NOMATCH) &&
377 (ret > 0 || ret == -ENOTEMPTY))
378 ret = -ret;
371 } 379 }
372 380
373 /* Convert error codes to nomatch */ 381 /* Convert error codes to nomatch */
@@ -563,13 +571,13 @@ flag_exist(const struct nlmsghdr *nlh)
563} 571}
564 572
565static struct nlmsghdr * 573static struct nlmsghdr *
566start_msg(struct sk_buff *skb, u32 pid, u32 seq, unsigned int flags, 574start_msg(struct sk_buff *skb, u32 portid, u32 seq, unsigned int flags,
567 enum ipset_cmd cmd) 575 enum ipset_cmd cmd)
568{ 576{
569 struct nlmsghdr *nlh; 577 struct nlmsghdr *nlh;
570 struct nfgenmsg *nfmsg; 578 struct nfgenmsg *nfmsg;
571 579
572 nlh = nlmsg_put(skb, pid, seq, cmd | (NFNL_SUBSYS_IPSET << 8), 580 nlh = nlmsg_put(skb, portid, seq, cmd | (NFNL_SUBSYS_IPSET << 8),
573 sizeof(*nfmsg), flags); 581 sizeof(*nfmsg), flags);
574 if (nlh == NULL) 582 if (nlh == NULL)
575 return NULL; 583 return NULL;
@@ -721,7 +729,8 @@ ip_set_create(struct sock *ctnl, struct sk_buff *skb,
721 * by the nfnl mutex. Find the first free index in ip_set_list 729 * by the nfnl mutex. Find the first free index in ip_set_list
722 * and check clashing. 730 * and check clashing.
723 */ 731 */
724 if ((ret = find_free_id(set->name, &index, &clash)) != 0) { 732 ret = find_free_id(set->name, &index, &clash);
733 if (ret != 0) {
725 /* If this is the same set and requested, ignore error */ 734 /* If this is the same set and requested, ignore error */
726 if (ret == -EEXIST && 735 if (ret == -EEXIST &&
727 (flags & IPSET_FLAG_EXIST) && 736 (flags & IPSET_FLAG_EXIST) &&
@@ -1045,7 +1054,7 @@ ip_set_dump_start(struct sk_buff *skb, struct netlink_callback *cb)
1045 ip_set_id_t index = IPSET_INVALID_ID, max; 1054 ip_set_id_t index = IPSET_INVALID_ID, max;
1046 struct ip_set *set = NULL; 1055 struct ip_set *set = NULL;
1047 struct nlmsghdr *nlh = NULL; 1056 struct nlmsghdr *nlh = NULL;
1048 unsigned int flags = NETLINK_CB(cb->skb).pid ? NLM_F_MULTI : 0; 1057 unsigned int flags = NETLINK_CB(cb->skb).portid ? NLM_F_MULTI : 0;
1049 u32 dump_type, dump_flags; 1058 u32 dump_type, dump_flags;
1050 int ret = 0; 1059 int ret = 0;
1051 1060
@@ -1093,7 +1102,7 @@ dump_last:
1093 pr_debug("reference set\n"); 1102 pr_debug("reference set\n");
1094 __ip_set_get(index); 1103 __ip_set_get(index);
1095 } 1104 }
1096 nlh = start_msg(skb, NETLINK_CB(cb->skb).pid, 1105 nlh = start_msg(skb, NETLINK_CB(cb->skb).portid,
1097 cb->nlh->nlmsg_seq, flags, 1106 cb->nlh->nlmsg_seq, flags,
1098 IPSET_CMD_LIST); 1107 IPSET_CMD_LIST);
1099 if (!nlh) { 1108 if (!nlh) {
@@ -1226,7 +1235,7 @@ call_ad(struct sock *ctnl, struct sk_buff *skb, struct ip_set *set,
1226 skb2 = nlmsg_new(payload, GFP_KERNEL); 1235 skb2 = nlmsg_new(payload, GFP_KERNEL);
1227 if (skb2 == NULL) 1236 if (skb2 == NULL)
1228 return -ENOMEM; 1237 return -ENOMEM;
1229 rep = __nlmsg_put(skb2, NETLINK_CB(skb).pid, 1238 rep = __nlmsg_put(skb2, NETLINK_CB(skb).portid,
1230 nlh->nlmsg_seq, NLMSG_ERROR, payload, 0); 1239 nlh->nlmsg_seq, NLMSG_ERROR, payload, 0);
1231 errmsg = nlmsg_data(rep); 1240 errmsg = nlmsg_data(rep);
1232 errmsg->error = ret; 1241 errmsg->error = ret;
@@ -1241,7 +1250,7 @@ call_ad(struct sock *ctnl, struct sk_buff *skb, struct ip_set *set,
1241 1250
1242 *errline = lineno; 1251 *errline = lineno;
1243 1252
1244 netlink_unicast(ctnl, skb2, NETLINK_CB(skb).pid, MSG_DONTWAIT); 1253 netlink_unicast(ctnl, skb2, NETLINK_CB(skb).portid, MSG_DONTWAIT);
1245 /* Signal netlink not to send its ACK/errmsg. */ 1254 /* Signal netlink not to send its ACK/errmsg. */
1246 return -EINTR; 1255 return -EINTR;
1247 } 1256 }
@@ -1416,7 +1425,7 @@ ip_set_header(struct sock *ctnl, struct sk_buff *skb,
1416 if (skb2 == NULL) 1425 if (skb2 == NULL)
1417 return -ENOMEM; 1426 return -ENOMEM;
1418 1427
1419 nlh2 = start_msg(skb2, NETLINK_CB(skb).pid, nlh->nlmsg_seq, 0, 1428 nlh2 = start_msg(skb2, NETLINK_CB(skb).portid, nlh->nlmsg_seq, 0,
1420 IPSET_CMD_HEADER); 1429 IPSET_CMD_HEADER);
1421 if (!nlh2) 1430 if (!nlh2)
1422 goto nlmsg_failure; 1431 goto nlmsg_failure;
@@ -1428,7 +1437,7 @@ ip_set_header(struct sock *ctnl, struct sk_buff *skb,
1428 goto nla_put_failure; 1437 goto nla_put_failure;
1429 nlmsg_end(skb2, nlh2); 1438 nlmsg_end(skb2, nlh2);
1430 1439
1431 ret = netlink_unicast(ctnl, skb2, NETLINK_CB(skb).pid, MSG_DONTWAIT); 1440 ret = netlink_unicast(ctnl, skb2, NETLINK_CB(skb).portid, MSG_DONTWAIT);
1432 if (ret < 0) 1441 if (ret < 0)
1433 return ret; 1442 return ret;
1434 1443
@@ -1476,7 +1485,7 @@ ip_set_type(struct sock *ctnl, struct sk_buff *skb,
1476 if (skb2 == NULL) 1485 if (skb2 == NULL)
1477 return -ENOMEM; 1486 return -ENOMEM;
1478 1487
1479 nlh2 = start_msg(skb2, NETLINK_CB(skb).pid, nlh->nlmsg_seq, 0, 1488 nlh2 = start_msg(skb2, NETLINK_CB(skb).portid, nlh->nlmsg_seq, 0,
1480 IPSET_CMD_TYPE); 1489 IPSET_CMD_TYPE);
1481 if (!nlh2) 1490 if (!nlh2)
1482 goto nlmsg_failure; 1491 goto nlmsg_failure;
@@ -1489,7 +1498,7 @@ ip_set_type(struct sock *ctnl, struct sk_buff *skb,
1489 nlmsg_end(skb2, nlh2); 1498 nlmsg_end(skb2, nlh2);
1490 1499
1491 pr_debug("Send TYPE, nlmsg_len: %u\n", nlh2->nlmsg_len); 1500 pr_debug("Send TYPE, nlmsg_len: %u\n", nlh2->nlmsg_len);
1492 ret = netlink_unicast(ctnl, skb2, NETLINK_CB(skb).pid, MSG_DONTWAIT); 1501 ret = netlink_unicast(ctnl, skb2, NETLINK_CB(skb).portid, MSG_DONTWAIT);
1493 if (ret < 0) 1502 if (ret < 0)
1494 return ret; 1503 return ret;
1495 1504
@@ -1525,7 +1534,7 @@ ip_set_protocol(struct sock *ctnl, struct sk_buff *skb,
1525 if (skb2 == NULL) 1534 if (skb2 == NULL)
1526 return -ENOMEM; 1535 return -ENOMEM;
1527 1536
1528 nlh2 = start_msg(skb2, NETLINK_CB(skb).pid, nlh->nlmsg_seq, 0, 1537 nlh2 = start_msg(skb2, NETLINK_CB(skb).portid, nlh->nlmsg_seq, 0,
1529 IPSET_CMD_PROTOCOL); 1538 IPSET_CMD_PROTOCOL);
1530 if (!nlh2) 1539 if (!nlh2)
1531 goto nlmsg_failure; 1540 goto nlmsg_failure;
@@ -1533,7 +1542,7 @@ ip_set_protocol(struct sock *ctnl, struct sk_buff *skb,
1533 goto nla_put_failure; 1542 goto nla_put_failure;
1534 nlmsg_end(skb2, nlh2); 1543 nlmsg_end(skb2, nlh2);
1535 1544
1536 ret = netlink_unicast(ctnl, skb2, NETLINK_CB(skb).pid, MSG_DONTWAIT); 1545 ret = netlink_unicast(ctnl, skb2, NETLINK_CB(skb).portid, MSG_DONTWAIT);
1537 if (ret < 0) 1546 if (ret < 0)
1538 return ret; 1547 return ret;
1539 1548
diff --git a/net/netfilter/ipset/ip_set_hash_ip.c b/net/netfilter/ipset/ip_set_hash_ip.c
index a68dbd4f1e4e..ec3dba5dcd62 100644
--- a/net/netfilter/ipset/ip_set_hash_ip.c
+++ b/net/netfilter/ipset/ip_set_hash_ip.c
@@ -24,9 +24,12 @@
24#include <linux/netfilter/ipset/ip_set_timeout.h> 24#include <linux/netfilter/ipset/ip_set_timeout.h>
25#include <linux/netfilter/ipset/ip_set_hash.h> 25#include <linux/netfilter/ipset/ip_set_hash.h>
26 26
27#define REVISION_MIN 0
28#define REVISION_MAX 0
29
27MODULE_LICENSE("GPL"); 30MODULE_LICENSE("GPL");
28MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>"); 31MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
29MODULE_DESCRIPTION("hash:ip type of IP sets"); 32IP_SET_MODULE_DESC("hash:ip", REVISION_MIN, REVISION_MAX);
30MODULE_ALIAS("ip_set_hash:ip"); 33MODULE_ALIAS("ip_set_hash:ip");
31 34
32/* Type specific function prefix */ 35/* Type specific function prefix */
@@ -114,7 +117,7 @@ nla_put_failure:
114static inline void 117static inline void
115hash_ip4_data_next(struct ip_set_hash *h, const struct hash_ip4_elem *d) 118hash_ip4_data_next(struct ip_set_hash *h, const struct hash_ip4_elem *d)
116{ 119{
117 h->next.ip = ntohl(d->ip); 120 h->next.ip = d->ip;
118} 121}
119 122
120static int 123static int
@@ -179,7 +182,7 @@ hash_ip4_uadt(struct ip_set *set, struct nlattr *tb[],
179 } else if (tb[IPSET_ATTR_CIDR]) { 182 } else if (tb[IPSET_ATTR_CIDR]) {
180 u8 cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]); 183 u8 cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]);
181 184
182 if (cidr > 32) 185 if (!cidr || cidr > 32)
183 return -IPSET_ERR_INVALID_CIDR; 186 return -IPSET_ERR_INVALID_CIDR;
184 ip_set_mask_from_to(ip, ip_to, cidr); 187 ip_set_mask_from_to(ip, ip_to, cidr);
185 } else 188 } else
@@ -188,7 +191,7 @@ hash_ip4_uadt(struct ip_set *set, struct nlattr *tb[],
188 hosts = h->netmask == 32 ? 1 : 2 << (32 - h->netmask - 1); 191 hosts = h->netmask == 32 ? 1 : 2 << (32 - h->netmask - 1);
189 192
190 if (retried) 193 if (retried)
191 ip = h->next.ip; 194 ip = ntohl(h->next.ip);
192 for (; !before(ip_to, ip); ip += hosts) { 195 for (; !before(ip_to, ip); ip += hosts) {
193 nip = htonl(ip); 196 nip = htonl(ip);
194 if (nip == 0) 197 if (nip == 0)
@@ -452,8 +455,8 @@ static struct ip_set_type hash_ip_type __read_mostly = {
452 .features = IPSET_TYPE_IP, 455 .features = IPSET_TYPE_IP,
453 .dimension = IPSET_DIM_ONE, 456 .dimension = IPSET_DIM_ONE,
454 .family = NFPROTO_UNSPEC, 457 .family = NFPROTO_UNSPEC,
455 .revision_min = 0, 458 .revision_min = REVISION_MIN,
456 .revision_max = 0, 459 .revision_max = REVISION_MAX,
457 .create = hash_ip_create, 460 .create = hash_ip_create,
458 .create_policy = { 461 .create_policy = {
459 [IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 }, 462 [IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 },
diff --git a/net/netfilter/ipset/ip_set_hash_ipport.c b/net/netfilter/ipset/ip_set_hash_ipport.c
index 92722bb82eea..0171f7502fa5 100644
--- a/net/netfilter/ipset/ip_set_hash_ipport.c
+++ b/net/netfilter/ipset/ip_set_hash_ipport.c
@@ -25,9 +25,12 @@
25#include <linux/netfilter/ipset/ip_set_getport.h> 25#include <linux/netfilter/ipset/ip_set_getport.h>
26#include <linux/netfilter/ipset/ip_set_hash.h> 26#include <linux/netfilter/ipset/ip_set_hash.h>
27 27
28#define REVISION_MIN 0
29#define REVISION_MAX 1 /* SCTP and UDPLITE support added */
30
28MODULE_LICENSE("GPL"); 31MODULE_LICENSE("GPL");
29MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>"); 32MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
30MODULE_DESCRIPTION("hash:ip,port type of IP sets"); 33IP_SET_MODULE_DESC("hash:ip,port", REVISION_MIN, REVISION_MAX);
31MODULE_ALIAS("ip_set_hash:ip,port"); 34MODULE_ALIAS("ip_set_hash:ip,port");
32 35
33/* Type specific function prefix */ 36/* Type specific function prefix */
@@ -130,8 +133,8 @@ static inline void
130hash_ipport4_data_next(struct ip_set_hash *h, 133hash_ipport4_data_next(struct ip_set_hash *h,
131 const struct hash_ipport4_elem *d) 134 const struct hash_ipport4_elem *d)
132{ 135{
133 h->next.ip = ntohl(d->ip); 136 h->next.ip = d->ip;
134 h->next.port = ntohs(d->port); 137 h->next.port = d->port;
135} 138}
136 139
137static int 140static int
@@ -217,7 +220,7 @@ hash_ipport4_uadt(struct ip_set *set, struct nlattr *tb[],
217 } else if (tb[IPSET_ATTR_CIDR]) { 220 } else if (tb[IPSET_ATTR_CIDR]) {
218 u8 cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]); 221 u8 cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]);
219 222
220 if (cidr > 32) 223 if (!cidr || cidr > 32)
221 return -IPSET_ERR_INVALID_CIDR; 224 return -IPSET_ERR_INVALID_CIDR;
222 ip_set_mask_from_to(ip, ip_to, cidr); 225 ip_set_mask_from_to(ip, ip_to, cidr);
223 } else 226 } else
@@ -231,9 +234,10 @@ hash_ipport4_uadt(struct ip_set *set, struct nlattr *tb[],
231 } 234 }
232 235
233 if (retried) 236 if (retried)
234 ip = h->next.ip; 237 ip = ntohl(h->next.ip);
235 for (; !before(ip_to, ip); ip++) { 238 for (; !before(ip_to, ip); ip++) {
236 p = retried && ip == h->next.ip ? h->next.port : port; 239 p = retried && ip == ntohl(h->next.ip) ? ntohs(h->next.port)
240 : port;
237 for (; p <= port_to; p++) { 241 for (; p <= port_to; p++) {
238 data.ip = htonl(ip); 242 data.ip = htonl(ip);
239 data.port = htons(p); 243 data.port = htons(p);
@@ -349,7 +353,7 @@ static inline void
349hash_ipport6_data_next(struct ip_set_hash *h, 353hash_ipport6_data_next(struct ip_set_hash *h,
350 const struct hash_ipport6_elem *d) 354 const struct hash_ipport6_elem *d)
351{ 355{
352 h->next.port = ntohs(d->port); 356 h->next.port = d->port;
353} 357}
354 358
355static int 359static int
@@ -431,7 +435,7 @@ hash_ipport6_uadt(struct ip_set *set, struct nlattr *tb[],
431 swap(port, port_to); 435 swap(port, port_to);
432 436
433 if (retried) 437 if (retried)
434 port = h->next.port; 438 port = ntohs(h->next.port);
435 for (; port <= port_to; port++) { 439 for (; port <= port_to; port++) {
436 data.port = htons(port); 440 data.port = htons(port);
437 ret = adtfn(set, &data, timeout, flags); 441 ret = adtfn(set, &data, timeout, flags);
@@ -522,8 +526,8 @@ static struct ip_set_type hash_ipport_type __read_mostly = {
522 .features = IPSET_TYPE_IP | IPSET_TYPE_PORT, 526 .features = IPSET_TYPE_IP | IPSET_TYPE_PORT,
523 .dimension = IPSET_DIM_TWO, 527 .dimension = IPSET_DIM_TWO,
524 .family = NFPROTO_UNSPEC, 528 .family = NFPROTO_UNSPEC,
525 .revision_min = 0, 529 .revision_min = REVISION_MIN,
526 .revision_max = 1, /* SCTP and UDPLITE support added */ 530 .revision_max = REVISION_MAX,
527 .create = hash_ipport_create, 531 .create = hash_ipport_create,
528 .create_policy = { 532 .create_policy = {
529 [IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 }, 533 [IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 },
diff --git a/net/netfilter/ipset/ip_set_hash_ipportip.c b/net/netfilter/ipset/ip_set_hash_ipportip.c
index 0637ce096def..6344ef551ec8 100644
--- a/net/netfilter/ipset/ip_set_hash_ipportip.c
+++ b/net/netfilter/ipset/ip_set_hash_ipportip.c
@@ -25,9 +25,12 @@
25#include <linux/netfilter/ipset/ip_set_getport.h> 25#include <linux/netfilter/ipset/ip_set_getport.h>
26#include <linux/netfilter/ipset/ip_set_hash.h> 26#include <linux/netfilter/ipset/ip_set_hash.h>
27 27
28#define REVISION_MIN 0
29#define REVISION_MAX 1 /* SCTP and UDPLITE support added */
30
28MODULE_LICENSE("GPL"); 31MODULE_LICENSE("GPL");
29MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>"); 32MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
30MODULE_DESCRIPTION("hash:ip,port,ip type of IP sets"); 33IP_SET_MODULE_DESC("hash:ip,port,ip", REVISION_MIN, REVISION_MAX);
31MODULE_ALIAS("ip_set_hash:ip,port,ip"); 34MODULE_ALIAS("ip_set_hash:ip,port,ip");
32 35
33/* Type specific function prefix */ 36/* Type specific function prefix */
@@ -133,8 +136,8 @@ static inline void
133hash_ipportip4_data_next(struct ip_set_hash *h, 136hash_ipportip4_data_next(struct ip_set_hash *h,
134 const struct hash_ipportip4_elem *d) 137 const struct hash_ipportip4_elem *d)
135{ 138{
136 h->next.ip = ntohl(d->ip); 139 h->next.ip = d->ip;
137 h->next.port = ntohs(d->port); 140 h->next.port = d->port;
138} 141}
139 142
140static int 143static int
@@ -225,7 +228,7 @@ hash_ipportip4_uadt(struct ip_set *set, struct nlattr *tb[],
225 } else if (tb[IPSET_ATTR_CIDR]) { 228 } else if (tb[IPSET_ATTR_CIDR]) {
226 u8 cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]); 229 u8 cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]);
227 230
228 if (cidr > 32) 231 if (!cidr || cidr > 32)
229 return -IPSET_ERR_INVALID_CIDR; 232 return -IPSET_ERR_INVALID_CIDR;
230 ip_set_mask_from_to(ip, ip_to, cidr); 233 ip_set_mask_from_to(ip, ip_to, cidr);
231 } else 234 } else
@@ -239,9 +242,10 @@ hash_ipportip4_uadt(struct ip_set *set, struct nlattr *tb[],
239 } 242 }
240 243
241 if (retried) 244 if (retried)
242 ip = h->next.ip; 245 ip = ntohl(h->next.ip);
243 for (; !before(ip_to, ip); ip++) { 246 for (; !before(ip_to, ip); ip++) {
244 p = retried && ip == h->next.ip ? h->next.port : port; 247 p = retried && ip == ntohl(h->next.ip) ? ntohs(h->next.port)
248 : port;
245 for (; p <= port_to; p++) { 249 for (; p <= port_to; p++) {
246 data.ip = htonl(ip); 250 data.ip = htonl(ip);
247 data.port = htons(p); 251 data.port = htons(p);
@@ -362,7 +366,7 @@ static inline void
362hash_ipportip6_data_next(struct ip_set_hash *h, 366hash_ipportip6_data_next(struct ip_set_hash *h,
363 const struct hash_ipportip6_elem *d) 367 const struct hash_ipportip6_elem *d)
364{ 368{
365 h->next.port = ntohs(d->port); 369 h->next.port = d->port;
366} 370}
367 371
368static int 372static int
@@ -449,7 +453,7 @@ hash_ipportip6_uadt(struct ip_set *set, struct nlattr *tb[],
449 swap(port, port_to); 453 swap(port, port_to);
450 454
451 if (retried) 455 if (retried)
452 port = h->next.port; 456 port = ntohs(h->next.port);
453 for (; port <= port_to; port++) { 457 for (; port <= port_to; port++) {
454 data.port = htons(port); 458 data.port = htons(port);
455 ret = adtfn(set, &data, timeout, flags); 459 ret = adtfn(set, &data, timeout, flags);
@@ -540,8 +544,8 @@ static struct ip_set_type hash_ipportip_type __read_mostly = {
540 .features = IPSET_TYPE_IP | IPSET_TYPE_PORT | IPSET_TYPE_IP2, 544 .features = IPSET_TYPE_IP | IPSET_TYPE_PORT | IPSET_TYPE_IP2,
541 .dimension = IPSET_DIM_THREE, 545 .dimension = IPSET_DIM_THREE,
542 .family = NFPROTO_UNSPEC, 546 .family = NFPROTO_UNSPEC,
543 .revision_min = 0, 547 .revision_min = REVISION_MIN,
544 .revision_max = 1, /* SCTP and UDPLITE support added */ 548 .revision_max = REVISION_MAX,
545 .create = hash_ipportip_create, 549 .create = hash_ipportip_create,
546 .create_policy = { 550 .create_policy = {
547 [IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 }, 551 [IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 },
diff --git a/net/netfilter/ipset/ip_set_hash_ipportnet.c b/net/netfilter/ipset/ip_set_hash_ipportnet.c
index 1ce21ca976e1..cb71f9a774e7 100644
--- a/net/netfilter/ipset/ip_set_hash_ipportnet.c
+++ b/net/netfilter/ipset/ip_set_hash_ipportnet.c
@@ -25,9 +25,14 @@
25#include <linux/netfilter/ipset/ip_set_getport.h> 25#include <linux/netfilter/ipset/ip_set_getport.h>
26#include <linux/netfilter/ipset/ip_set_hash.h> 26#include <linux/netfilter/ipset/ip_set_hash.h>
27 27
28#define REVISION_MIN 0
29/* 1 SCTP and UDPLITE support added */
30/* 2 Range as input support for IPv4 added */
31#define REVISION_MAX 3 /* nomatch flag support added */
32
28MODULE_LICENSE("GPL"); 33MODULE_LICENSE("GPL");
29MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>"); 34MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
30MODULE_DESCRIPTION("hash:ip,port,net type of IP sets"); 35IP_SET_MODULE_DESC("hash:ip,port,net", REVISION_MIN, REVISION_MAX);
31MODULE_ALIAS("ip_set_hash:ip,port,net"); 36MODULE_ALIAS("ip_set_hash:ip,port,net");
32 37
33/* Type specific function prefix */ 38/* Type specific function prefix */
@@ -99,10 +104,10 @@ hash_ipportnet4_data_flags(struct hash_ipportnet4_elem *dst, u32 flags)
99 dst->nomatch = !!(flags & IPSET_FLAG_NOMATCH); 104 dst->nomatch = !!(flags & IPSET_FLAG_NOMATCH);
100} 105}
101 106
102static inline bool 107static inline int
103hash_ipportnet4_data_match(const struct hash_ipportnet4_elem *elem) 108hash_ipportnet4_data_match(const struct hash_ipportnet4_elem *elem)
104{ 109{
105 return !elem->nomatch; 110 return elem->nomatch ? -ENOTEMPTY : 1;
106} 111}
107 112
108static inline void 113static inline void
@@ -173,9 +178,9 @@ static inline void
173hash_ipportnet4_data_next(struct ip_set_hash *h, 178hash_ipportnet4_data_next(struct ip_set_hash *h,
174 const struct hash_ipportnet4_elem *d) 179 const struct hash_ipportnet4_elem *d)
175{ 180{
176 h->next.ip = ntohl(d->ip); 181 h->next.ip = d->ip;
177 h->next.port = ntohs(d->port); 182 h->next.port = d->port;
178 h->next.ip2 = ntohl(d->ip2); 183 h->next.ip2 = d->ip2;
179} 184}
180 185
181static int 186static int
@@ -290,7 +295,7 @@ hash_ipportnet4_uadt(struct ip_set *set, struct nlattr *tb[],
290 } else if (tb[IPSET_ATTR_CIDR]) { 295 } else if (tb[IPSET_ATTR_CIDR]) {
291 u8 cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]); 296 u8 cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]);
292 297
293 if (cidr > 32) 298 if (!cidr || cidr > 32)
294 return -IPSET_ERR_INVALID_CIDR; 299 return -IPSET_ERR_INVALID_CIDR;
295 ip_set_mask_from_to(ip, ip_to, cidr); 300 ip_set_mask_from_to(ip, ip_to, cidr);
296 } 301 }
@@ -314,14 +319,17 @@ hash_ipportnet4_uadt(struct ip_set *set, struct nlattr *tb[],
314 } 319 }
315 320
316 if (retried) 321 if (retried)
317 ip = h->next.ip; 322 ip = ntohl(h->next.ip);
318 for (; !before(ip_to, ip); ip++) { 323 for (; !before(ip_to, ip); ip++) {
319 data.ip = htonl(ip); 324 data.ip = htonl(ip);
320 p = retried && ip == h->next.ip ? h->next.port : port; 325 p = retried && ip == ntohl(h->next.ip) ? ntohs(h->next.port)
326 : port;
321 for (; p <= port_to; p++) { 327 for (; p <= port_to; p++) {
322 data.port = htons(p); 328 data.port = htons(p);
323 ip2 = retried && ip == h->next.ip && p == h->next.port 329 ip2 = retried
324 ? h->next.ip2 : ip2_from; 330 && ip == ntohl(h->next.ip)
331 && p == ntohs(h->next.port)
332 ? ntohl(h->next.ip2) : ip2_from;
325 while (!after(ip2, ip2_to)) { 333 while (!after(ip2, ip2_to)) {
326 data.ip2 = htonl(ip2); 334 data.ip2 = htonl(ip2);
327 ip2_last = ip_set_range_to_cidr(ip2, ip2_to, 335 ip2_last = ip_set_range_to_cidr(ip2, ip2_to,
@@ -403,10 +411,10 @@ hash_ipportnet6_data_flags(struct hash_ipportnet6_elem *dst, u32 flags)
403 dst->nomatch = !!(flags & IPSET_FLAG_NOMATCH); 411 dst->nomatch = !!(flags & IPSET_FLAG_NOMATCH);
404} 412}
405 413
406static inline bool 414static inline int
407hash_ipportnet6_data_match(const struct hash_ipportnet6_elem *elem) 415hash_ipportnet6_data_match(const struct hash_ipportnet6_elem *elem)
408{ 416{
409 return !elem->nomatch; 417 return elem->nomatch ? -ENOTEMPTY : 1;
410} 418}
411 419
412static inline void 420static inline void
@@ -486,7 +494,7 @@ static inline void
486hash_ipportnet6_data_next(struct ip_set_hash *h, 494hash_ipportnet6_data_next(struct ip_set_hash *h,
487 const struct hash_ipportnet6_elem *d) 495 const struct hash_ipportnet6_elem *d)
488{ 496{
489 h->next.port = ntohs(d->port); 497 h->next.port = d->port;
490} 498}
491 499
492static int 500static int
@@ -598,7 +606,7 @@ hash_ipportnet6_uadt(struct ip_set *set, struct nlattr *tb[],
598 swap(port, port_to); 606 swap(port, port_to);
599 607
600 if (retried) 608 if (retried)
601 port = h->next.port; 609 port = ntohs(h->next.port);
602 for (; port <= port_to; port++) { 610 for (; port <= port_to; port++) {
603 data.port = htons(port); 611 data.port = htons(port);
604 ret = adtfn(set, &data, timeout, flags); 612 ret = adtfn(set, &data, timeout, flags);
@@ -689,13 +697,12 @@ hash_ipportnet_create(struct ip_set *set, struct nlattr *tb[], u32 flags)
689static struct ip_set_type hash_ipportnet_type __read_mostly = { 697static struct ip_set_type hash_ipportnet_type __read_mostly = {
690 .name = "hash:ip,port,net", 698 .name = "hash:ip,port,net",
691 .protocol = IPSET_PROTOCOL, 699 .protocol = IPSET_PROTOCOL,
692 .features = IPSET_TYPE_IP | IPSET_TYPE_PORT | IPSET_TYPE_IP2, 700 .features = IPSET_TYPE_IP | IPSET_TYPE_PORT | IPSET_TYPE_IP2 |
701 IPSET_TYPE_NOMATCH,
693 .dimension = IPSET_DIM_THREE, 702 .dimension = IPSET_DIM_THREE,
694 .family = NFPROTO_UNSPEC, 703 .family = NFPROTO_UNSPEC,
695 .revision_min = 0, 704 .revision_min = REVISION_MIN,
696 /* 1 SCTP and UDPLITE support added */ 705 .revision_max = REVISION_MAX,
697 /* 2 Range as input support for IPv4 added */
698 .revision_max = 3, /* nomatch flag support added */
699 .create = hash_ipportnet_create, 706 .create = hash_ipportnet_create,
700 .create_policy = { 707 .create_policy = {
701 [IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 }, 708 [IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 },
diff --git a/net/netfilter/ipset/ip_set_hash_net.c b/net/netfilter/ipset/ip_set_hash_net.c
index c57a6a09906d..29e94b981f3f 100644
--- a/net/netfilter/ipset/ip_set_hash_net.c
+++ b/net/netfilter/ipset/ip_set_hash_net.c
@@ -23,9 +23,13 @@
23#include <linux/netfilter/ipset/ip_set_timeout.h> 23#include <linux/netfilter/ipset/ip_set_timeout.h>
24#include <linux/netfilter/ipset/ip_set_hash.h> 24#include <linux/netfilter/ipset/ip_set_hash.h>
25 25
26#define REVISION_MIN 0
27/* 1 Range as input support for IPv4 added */
28#define REVISION_MAX 2 /* nomatch flag support added */
29
26MODULE_LICENSE("GPL"); 30MODULE_LICENSE("GPL");
27MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>"); 31MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
28MODULE_DESCRIPTION("hash:net type of IP sets"); 32IP_SET_MODULE_DESC("hash:net", REVISION_MIN, REVISION_MAX);
29MODULE_ALIAS("ip_set_hash:net"); 33MODULE_ALIAS("ip_set_hash:net");
30 34
31/* Type specific function prefix */ 35/* Type specific function prefix */
@@ -86,10 +90,10 @@ hash_net4_data_flags(struct hash_net4_elem *dst, u32 flags)
86 dst->nomatch = flags & IPSET_FLAG_NOMATCH; 90 dst->nomatch = flags & IPSET_FLAG_NOMATCH;
87} 91}
88 92
89static inline bool 93static inline int
90hash_net4_data_match(const struct hash_net4_elem *elem) 94hash_net4_data_match(const struct hash_net4_elem *elem)
91{ 95{
92 return !elem->nomatch; 96 return elem->nomatch ? -ENOTEMPTY : 1;
93} 97}
94 98
95static inline void 99static inline void
@@ -152,7 +156,7 @@ static inline void
152hash_net4_data_next(struct ip_set_hash *h, 156hash_net4_data_next(struct ip_set_hash *h,
153 const struct hash_net4_elem *d) 157 const struct hash_net4_elem *d)
154{ 158{
155 h->next.ip = ntohl(d->ip); 159 h->next.ip = d->ip;
156} 160}
157 161
158static int 162static int
@@ -235,7 +239,7 @@ hash_net4_uadt(struct ip_set *set, struct nlattr *tb[],
235 return -IPSET_ERR_HASH_RANGE; 239 return -IPSET_ERR_HASH_RANGE;
236 } 240 }
237 if (retried) 241 if (retried)
238 ip = h->next.ip; 242 ip = ntohl(h->next.ip);
239 while (!after(ip, ip_to)) { 243 while (!after(ip, ip_to)) {
240 data.ip = htonl(ip); 244 data.ip = htonl(ip);
241 last = ip_set_range_to_cidr(ip, ip_to, &data.cidr); 245 last = ip_set_range_to_cidr(ip, ip_to, &data.cidr);
@@ -307,10 +311,10 @@ hash_net6_data_flags(struct hash_net6_elem *dst, u32 flags)
307 dst->nomatch = flags & IPSET_FLAG_NOMATCH; 311 dst->nomatch = flags & IPSET_FLAG_NOMATCH;
308} 312}
309 313
310static inline bool 314static inline int
311hash_net6_data_match(const struct hash_net6_elem *elem) 315hash_net6_data_match(const struct hash_net6_elem *elem)
312{ 316{
313 return !elem->nomatch; 317 return elem->nomatch ? -ENOTEMPTY : 1;
314} 318}
315 319
316static inline void 320static inline void
@@ -532,12 +536,11 @@ hash_net_create(struct ip_set *set, struct nlattr *tb[], u32 flags)
532static struct ip_set_type hash_net_type __read_mostly = { 536static struct ip_set_type hash_net_type __read_mostly = {
533 .name = "hash:net", 537 .name = "hash:net",
534 .protocol = IPSET_PROTOCOL, 538 .protocol = IPSET_PROTOCOL,
535 .features = IPSET_TYPE_IP, 539 .features = IPSET_TYPE_IP | IPSET_TYPE_NOMATCH,
536 .dimension = IPSET_DIM_ONE, 540 .dimension = IPSET_DIM_ONE,
537 .family = NFPROTO_UNSPEC, 541 .family = NFPROTO_UNSPEC,
538 .revision_min = 0, 542 .revision_min = REVISION_MIN,
539 /* = 1 Range as input support for IPv4 added */ 543 .revision_max = REVISION_MAX,
540 .revision_max = 2, /* nomatch flag support added */
541 .create = hash_net_create, 544 .create = hash_net_create,
542 .create_policy = { 545 .create_policy = {
543 [IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 }, 546 [IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 },
diff --git a/net/netfilter/ipset/ip_set_hash_netiface.c b/net/netfilter/ipset/ip_set_hash_netiface.c
index d5d3607ae7bc..b9a63381e349 100644
--- a/net/netfilter/ipset/ip_set_hash_netiface.c
+++ b/net/netfilter/ipset/ip_set_hash_netiface.c
@@ -24,9 +24,13 @@
24#include <linux/netfilter/ipset/ip_set_timeout.h> 24#include <linux/netfilter/ipset/ip_set_timeout.h>
25#include <linux/netfilter/ipset/ip_set_hash.h> 25#include <linux/netfilter/ipset/ip_set_hash.h>
26 26
27#define REVISION_MIN 0
28/* 1 nomatch flag support added */
29#define REVISION_MAX 2 /* /0 support added */
30
27MODULE_LICENSE("GPL"); 31MODULE_LICENSE("GPL");
28MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>"); 32MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
29MODULE_DESCRIPTION("hash:net,iface type of IP sets"); 33IP_SET_MODULE_DESC("hash:net,iface", REVISION_MIN, REVISION_MAX);
30MODULE_ALIAS("ip_set_hash:net,iface"); 34MODULE_ALIAS("ip_set_hash:net,iface");
31 35
32/* Interface name rbtree */ 36/* Interface name rbtree */
@@ -140,7 +144,7 @@ struct hash_netiface4_elem_hashed {
140 u8 physdev; 144 u8 physdev;
141 u8 cidr; 145 u8 cidr;
142 u8 nomatch; 146 u8 nomatch;
143 u8 padding; 147 u8 elem;
144}; 148};
145 149
146#define HKEY_DATALEN sizeof(struct hash_netiface4_elem_hashed) 150#define HKEY_DATALEN sizeof(struct hash_netiface4_elem_hashed)
@@ -151,7 +155,7 @@ struct hash_netiface4_elem {
151 u8 physdev; 155 u8 physdev;
152 u8 cidr; 156 u8 cidr;
153 u8 nomatch; 157 u8 nomatch;
154 u8 padding; 158 u8 elem;
155 const char *iface; 159 const char *iface;
156}; 160};
157 161
@@ -161,7 +165,7 @@ struct hash_netiface4_telem {
161 u8 physdev; 165 u8 physdev;
162 u8 cidr; 166 u8 cidr;
163 u8 nomatch; 167 u8 nomatch;
164 u8 padding; 168 u8 elem;
165 const char *iface; 169 const char *iface;
166 unsigned long timeout; 170 unsigned long timeout;
167}; 171};
@@ -181,18 +185,14 @@ hash_netiface4_data_equal(const struct hash_netiface4_elem *ip1,
181static inline bool 185static inline bool
182hash_netiface4_data_isnull(const struct hash_netiface4_elem *elem) 186hash_netiface4_data_isnull(const struct hash_netiface4_elem *elem)
183{ 187{
184 return elem->cidr == 0; 188 return elem->elem == 0;
185} 189}
186 190
187static inline void 191static inline void
188hash_netiface4_data_copy(struct hash_netiface4_elem *dst, 192hash_netiface4_data_copy(struct hash_netiface4_elem *dst,
189 const struct hash_netiface4_elem *src) 193 const struct hash_netiface4_elem *src)
190{ 194{
191 dst->ip = src->ip; 195 memcpy(dst, src, sizeof(*dst));
192 dst->cidr = src->cidr;
193 dst->physdev = src->physdev;
194 dst->iface = src->iface;
195 dst->nomatch = src->nomatch;
196} 196}
197 197
198static inline void 198static inline void
@@ -201,10 +201,10 @@ hash_netiface4_data_flags(struct hash_netiface4_elem *dst, u32 flags)
201 dst->nomatch = flags & IPSET_FLAG_NOMATCH; 201 dst->nomatch = flags & IPSET_FLAG_NOMATCH;
202} 202}
203 203
204static inline bool 204static inline int
205hash_netiface4_data_match(const struct hash_netiface4_elem *elem) 205hash_netiface4_data_match(const struct hash_netiface4_elem *elem)
206{ 206{
207 return !elem->nomatch; 207 return elem->nomatch ? -ENOTEMPTY : 1;
208} 208}
209 209
210static inline void 210static inline void
@@ -217,7 +217,7 @@ hash_netiface4_data_netmask(struct hash_netiface4_elem *elem, u8 cidr)
217static inline void 217static inline void
218hash_netiface4_data_zero_out(struct hash_netiface4_elem *elem) 218hash_netiface4_data_zero_out(struct hash_netiface4_elem *elem)
219{ 219{
220 elem->cidr = 0; 220 elem->elem = 0;
221} 221}
222 222
223static bool 223static bool
@@ -277,7 +277,7 @@ static inline void
277hash_netiface4_data_next(struct ip_set_hash *h, 277hash_netiface4_data_next(struct ip_set_hash *h,
278 const struct hash_netiface4_elem *d) 278 const struct hash_netiface4_elem *d)
279{ 279{
280 h->next.ip = ntohl(d->ip); 280 h->next.ip = d->ip;
281} 281}
282 282
283static int 283static int
@@ -288,7 +288,8 @@ hash_netiface4_kadt(struct ip_set *set, const struct sk_buff *skb,
288 struct ip_set_hash *h = set->data; 288 struct ip_set_hash *h = set->data;
289 ipset_adtfn adtfn = set->variant->adt[adt]; 289 ipset_adtfn adtfn = set->variant->adt[adt];
290 struct hash_netiface4_elem data = { 290 struct hash_netiface4_elem data = {
291 .cidr = h->nets[0].cidr ? h->nets[0].cidr : HOST_MASK 291 .cidr = h->nets[0].cidr ? h->nets[0].cidr : HOST_MASK,
292 .elem = 1,
292 }; 293 };
293 int ret; 294 int ret;
294 295
@@ -339,7 +340,7 @@ hash_netiface4_uadt(struct ip_set *set, struct nlattr *tb[],
339{ 340{
340 struct ip_set_hash *h = set->data; 341 struct ip_set_hash *h = set->data;
341 ipset_adtfn adtfn = set->variant->adt[adt]; 342 ipset_adtfn adtfn = set->variant->adt[adt];
342 struct hash_netiface4_elem data = { .cidr = HOST_MASK }; 343 struct hash_netiface4_elem data = { .cidr = HOST_MASK, .elem = 1 };
343 u32 ip = 0, ip_to, last; 344 u32 ip = 0, ip_to, last;
344 u32 timeout = h->timeout; 345 u32 timeout = h->timeout;
345 char iface[IFNAMSIZ]; 346 char iface[IFNAMSIZ];
@@ -360,7 +361,7 @@ hash_netiface4_uadt(struct ip_set *set, struct nlattr *tb[],
360 361
361 if (tb[IPSET_ATTR_CIDR]) { 362 if (tb[IPSET_ATTR_CIDR]) {
362 data.cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]); 363 data.cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]);
363 if (!data.cidr || data.cidr > HOST_MASK) 364 if (data.cidr > HOST_MASK)
364 return -IPSET_ERR_INVALID_CIDR; 365 return -IPSET_ERR_INVALID_CIDR;
365 } 366 }
366 367
@@ -389,7 +390,6 @@ hash_netiface4_uadt(struct ip_set *set, struct nlattr *tb[],
389 if (adt == IPSET_ADD && (cadt_flags & IPSET_FLAG_NOMATCH)) 390 if (adt == IPSET_ADD && (cadt_flags & IPSET_FLAG_NOMATCH))
390 flags |= (cadt_flags << 16); 391 flags |= (cadt_flags << 16);
391 } 392 }
392
393 if (adt == IPSET_TEST || !tb[IPSET_ATTR_IP_TO]) { 393 if (adt == IPSET_TEST || !tb[IPSET_ATTR_IP_TO]) {
394 data.ip = htonl(ip & ip_set_hostmask(data.cidr)); 394 data.ip = htonl(ip & ip_set_hostmask(data.cidr));
395 ret = adtfn(set, &data, timeout, flags); 395 ret = adtfn(set, &data, timeout, flags);
@@ -409,7 +409,7 @@ hash_netiface4_uadt(struct ip_set *set, struct nlattr *tb[],
409 } 409 }
410 410
411 if (retried) 411 if (retried)
412 ip = h->next.ip; 412 ip = ntohl(h->next.ip);
413 while (!after(ip, ip_to)) { 413 while (!after(ip, ip_to)) {
414 data.ip = htonl(ip); 414 data.ip = htonl(ip);
415 last = ip_set_range_to_cidr(ip, ip_to, &data.cidr); 415 last = ip_set_range_to_cidr(ip, ip_to, &data.cidr);
@@ -442,7 +442,7 @@ struct hash_netiface6_elem_hashed {
442 u8 physdev; 442 u8 physdev;
443 u8 cidr; 443 u8 cidr;
444 u8 nomatch; 444 u8 nomatch;
445 u8 padding; 445 u8 elem;
446}; 446};
447 447
448#define HKEY_DATALEN sizeof(struct hash_netiface6_elem_hashed) 448#define HKEY_DATALEN sizeof(struct hash_netiface6_elem_hashed)
@@ -452,7 +452,7 @@ struct hash_netiface6_elem {
452 u8 physdev; 452 u8 physdev;
453 u8 cidr; 453 u8 cidr;
454 u8 nomatch; 454 u8 nomatch;
455 u8 padding; 455 u8 elem;
456 const char *iface; 456 const char *iface;
457}; 457};
458 458
@@ -461,7 +461,7 @@ struct hash_netiface6_telem {
461 u8 physdev; 461 u8 physdev;
462 u8 cidr; 462 u8 cidr;
463 u8 nomatch; 463 u8 nomatch;
464 u8 padding; 464 u8 elem;
465 const char *iface; 465 const char *iface;
466 unsigned long timeout; 466 unsigned long timeout;
467}; 467};
@@ -481,7 +481,7 @@ hash_netiface6_data_equal(const struct hash_netiface6_elem *ip1,
481static inline bool 481static inline bool
482hash_netiface6_data_isnull(const struct hash_netiface6_elem *elem) 482hash_netiface6_data_isnull(const struct hash_netiface6_elem *elem)
483{ 483{
484 return elem->cidr == 0; 484 return elem->elem == 0;
485} 485}
486 486
487static inline void 487static inline void
@@ -497,16 +497,16 @@ hash_netiface6_data_flags(struct hash_netiface6_elem *dst, u32 flags)
497 dst->nomatch = flags & IPSET_FLAG_NOMATCH; 497 dst->nomatch = flags & IPSET_FLAG_NOMATCH;
498} 498}
499 499
500static inline bool 500static inline int
501hash_netiface6_data_match(const struct hash_netiface6_elem *elem) 501hash_netiface6_data_match(const struct hash_netiface6_elem *elem)
502{ 502{
503 return !elem->nomatch; 503 return elem->nomatch ? -ENOTEMPTY : 1;
504} 504}
505 505
506static inline void 506static inline void
507hash_netiface6_data_zero_out(struct hash_netiface6_elem *elem) 507hash_netiface6_data_zero_out(struct hash_netiface6_elem *elem)
508{ 508{
509 elem->cidr = 0; 509 elem->elem = 0;
510} 510}
511 511
512static inline void 512static inline void
@@ -590,7 +590,8 @@ hash_netiface6_kadt(struct ip_set *set, const struct sk_buff *skb,
590 struct ip_set_hash *h = set->data; 590 struct ip_set_hash *h = set->data;
591 ipset_adtfn adtfn = set->variant->adt[adt]; 591 ipset_adtfn adtfn = set->variant->adt[adt];
592 struct hash_netiface6_elem data = { 592 struct hash_netiface6_elem data = {
593 .cidr = h->nets[0].cidr ? h->nets[0].cidr : HOST_MASK 593 .cidr = h->nets[0].cidr ? h->nets[0].cidr : HOST_MASK,
594 .elem = 1,
594 }; 595 };
595 int ret; 596 int ret;
596 597
@@ -637,7 +638,7 @@ hash_netiface6_uadt(struct ip_set *set, struct nlattr *tb[],
637{ 638{
638 struct ip_set_hash *h = set->data; 639 struct ip_set_hash *h = set->data;
639 ipset_adtfn adtfn = set->variant->adt[adt]; 640 ipset_adtfn adtfn = set->variant->adt[adt];
640 struct hash_netiface6_elem data = { .cidr = HOST_MASK }; 641 struct hash_netiface6_elem data = { .cidr = HOST_MASK, .elem = 1 };
641 u32 timeout = h->timeout; 642 u32 timeout = h->timeout;
642 char iface[IFNAMSIZ]; 643 char iface[IFNAMSIZ];
643 int ret; 644 int ret;
@@ -659,7 +660,7 @@ hash_netiface6_uadt(struct ip_set *set, struct nlattr *tb[],
659 660
660 if (tb[IPSET_ATTR_CIDR]) 661 if (tb[IPSET_ATTR_CIDR])
661 data.cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]); 662 data.cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]);
662 if (!data.cidr || data.cidr > HOST_MASK) 663 if (data.cidr > HOST_MASK)
663 return -IPSET_ERR_INVALID_CIDR; 664 return -IPSET_ERR_INVALID_CIDR;
664 ip6_netmask(&data.ip, data.cidr); 665 ip6_netmask(&data.ip, data.cidr);
665 666
@@ -773,11 +774,12 @@ hash_netiface_create(struct ip_set *set, struct nlattr *tb[], u32 flags)
773static struct ip_set_type hash_netiface_type __read_mostly = { 774static struct ip_set_type hash_netiface_type __read_mostly = {
774 .name = "hash:net,iface", 775 .name = "hash:net,iface",
775 .protocol = IPSET_PROTOCOL, 776 .protocol = IPSET_PROTOCOL,
776 .features = IPSET_TYPE_IP | IPSET_TYPE_IFACE, 777 .features = IPSET_TYPE_IP | IPSET_TYPE_IFACE |
778 IPSET_TYPE_NOMATCH,
777 .dimension = IPSET_DIM_TWO, 779 .dimension = IPSET_DIM_TWO,
778 .family = NFPROTO_UNSPEC, 780 .family = NFPROTO_UNSPEC,
779 .revision_min = 0, 781 .revision_min = REVISION_MIN,
780 .revision_max = 1, /* nomatch flag support added */ 782 .revision_max = REVISION_MAX,
781 .create = hash_netiface_create, 783 .create = hash_netiface_create,
782 .create_policy = { 784 .create_policy = {
783 [IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 }, 785 [IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 },
diff --git a/net/netfilter/ipset/ip_set_hash_netport.c b/net/netfilter/ipset/ip_set_hash_netport.c
index fc3143a2d41b..7ef700de596c 100644
--- a/net/netfilter/ipset/ip_set_hash_netport.c
+++ b/net/netfilter/ipset/ip_set_hash_netport.c
@@ -24,9 +24,14 @@
24#include <linux/netfilter/ipset/ip_set_getport.h> 24#include <linux/netfilter/ipset/ip_set_getport.h>
25#include <linux/netfilter/ipset/ip_set_hash.h> 25#include <linux/netfilter/ipset/ip_set_hash.h>
26 26
27#define REVISION_MIN 0
28/* 1 SCTP and UDPLITE support added */
29/* 2 Range as input support for IPv4 added */
30#define REVISION_MAX 3 /* nomatch flag support added */
31
27MODULE_LICENSE("GPL"); 32MODULE_LICENSE("GPL");
28MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>"); 33MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
29MODULE_DESCRIPTION("hash:net,port type of IP sets"); 34IP_SET_MODULE_DESC("hash:net,port", REVISION_MIN, REVISION_MAX);
30MODULE_ALIAS("ip_set_hash:net,port"); 35MODULE_ALIAS("ip_set_hash:net,port");
31 36
32/* Type specific function prefix */ 37/* Type specific function prefix */
@@ -99,10 +104,10 @@ hash_netport4_data_flags(struct hash_netport4_elem *dst, u32 flags)
99 dst->nomatch = !!(flags & IPSET_FLAG_NOMATCH); 104 dst->nomatch = !!(flags & IPSET_FLAG_NOMATCH);
100} 105}
101 106
102static inline bool 107static inline int
103hash_netport4_data_match(const struct hash_netport4_elem *elem) 108hash_netport4_data_match(const struct hash_netport4_elem *elem)
104{ 109{
105 return !elem->nomatch; 110 return elem->nomatch ? -ENOTEMPTY : 1;
106} 111}
107 112
108static inline void 113static inline void
@@ -171,8 +176,8 @@ static inline void
171hash_netport4_data_next(struct ip_set_hash *h, 176hash_netport4_data_next(struct ip_set_hash *h,
172 const struct hash_netport4_elem *d) 177 const struct hash_netport4_elem *d)
173{ 178{
174 h->next.ip = ntohl(d->ip); 179 h->next.ip = d->ip;
175 h->next.port = ntohs(d->port); 180 h->next.port = d->port;
176} 181}
177 182
178static int 183static int
@@ -289,12 +294,13 @@ hash_netport4_uadt(struct ip_set *set, struct nlattr *tb[],
289 } 294 }
290 295
291 if (retried) 296 if (retried)
292 ip = h->next.ip; 297 ip = ntohl(h->next.ip);
293 while (!after(ip, ip_to)) { 298 while (!after(ip, ip_to)) {
294 data.ip = htonl(ip); 299 data.ip = htonl(ip);
295 last = ip_set_range_to_cidr(ip, ip_to, &cidr); 300 last = ip_set_range_to_cidr(ip, ip_to, &cidr);
296 data.cidr = cidr - 1; 301 data.cidr = cidr - 1;
297 p = retried && ip == h->next.ip ? h->next.port : port; 302 p = retried && ip == ntohl(h->next.ip) ? ntohs(h->next.port)
303 : port;
298 for (; p <= port_to; p++) { 304 for (; p <= port_to; p++) {
299 data.port = htons(p); 305 data.port = htons(p);
300 ret = adtfn(set, &data, timeout, flags); 306 ret = adtfn(set, &data, timeout, flags);
@@ -369,10 +375,10 @@ hash_netport6_data_flags(struct hash_netport6_elem *dst, u32 flags)
369 dst->nomatch = !!(flags & IPSET_FLAG_NOMATCH); 375 dst->nomatch = !!(flags & IPSET_FLAG_NOMATCH);
370} 376}
371 377
372static inline bool 378static inline int
373hash_netport6_data_match(const struct hash_netport6_elem *elem) 379hash_netport6_data_match(const struct hash_netport6_elem *elem)
374{ 380{
375 return !elem->nomatch; 381 return elem->nomatch ? -ENOTEMPTY : 1;
376} 382}
377 383
378static inline void 384static inline void
@@ -450,7 +456,7 @@ static inline void
450hash_netport6_data_next(struct ip_set_hash *h, 456hash_netport6_data_next(struct ip_set_hash *h,
451 const struct hash_netport6_elem *d) 457 const struct hash_netport6_elem *d)
452{ 458{
453 h->next.port = ntohs(d->port); 459 h->next.port = d->port;
454} 460}
455 461
456static int 462static int
@@ -554,7 +560,7 @@ hash_netport6_uadt(struct ip_set *set, struct nlattr *tb[],
554 swap(port, port_to); 560 swap(port, port_to);
555 561
556 if (retried) 562 if (retried)
557 port = h->next.port; 563 port = ntohs(h->next.port);
558 for (; port <= port_to; port++) { 564 for (; port <= port_to; port++) {
559 data.port = htons(port); 565 data.port = htons(port);
560 ret = adtfn(set, &data, timeout, flags); 566 ret = adtfn(set, &data, timeout, flags);
@@ -644,13 +650,11 @@ hash_netport_create(struct ip_set *set, struct nlattr *tb[], u32 flags)
644static struct ip_set_type hash_netport_type __read_mostly = { 650static struct ip_set_type hash_netport_type __read_mostly = {
645 .name = "hash:net,port", 651 .name = "hash:net,port",
646 .protocol = IPSET_PROTOCOL, 652 .protocol = IPSET_PROTOCOL,
647 .features = IPSET_TYPE_IP | IPSET_TYPE_PORT, 653 .features = IPSET_TYPE_IP | IPSET_TYPE_PORT | IPSET_TYPE_NOMATCH,
648 .dimension = IPSET_DIM_TWO, 654 .dimension = IPSET_DIM_TWO,
649 .family = NFPROTO_UNSPEC, 655 .family = NFPROTO_UNSPEC,
650 .revision_min = 0, 656 .revision_min = REVISION_MIN,
651 /* 1 SCTP and UDPLITE support added */ 657 .revision_max = REVISION_MAX,
652 /* 2, Range as input support for IPv4 added */
653 .revision_max = 3, /* nomatch flag support added */
654 .create = hash_netport_create, 658 .create = hash_netport_create,
655 .create_policy = { 659 .create_policy = {
656 [IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 }, 660 [IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 },
diff --git a/net/netfilter/ipset/ip_set_list_set.c b/net/netfilter/ipset/ip_set_list_set.c
index 6cb1225765f9..8371c2bac2e4 100644
--- a/net/netfilter/ipset/ip_set_list_set.c
+++ b/net/netfilter/ipset/ip_set_list_set.c
@@ -16,9 +16,12 @@
16#include <linux/netfilter/ipset/ip_set_timeout.h> 16#include <linux/netfilter/ipset/ip_set_timeout.h>
17#include <linux/netfilter/ipset/ip_set_list.h> 17#include <linux/netfilter/ipset/ip_set_list.h>
18 18
19#define REVISION_MIN 0
20#define REVISION_MAX 0
21
19MODULE_LICENSE("GPL"); 22MODULE_LICENSE("GPL");
20MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>"); 23MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
21MODULE_DESCRIPTION("list:set type of IP sets"); 24IP_SET_MODULE_DESC("list:set", REVISION_MIN, REVISION_MAX);
22MODULE_ALIAS("ip_set_list:set"); 25MODULE_ALIAS("ip_set_list:set");
23 26
24/* Member elements without and with timeout */ 27/* Member elements without and with timeout */
@@ -579,8 +582,8 @@ static struct ip_set_type list_set_type __read_mostly = {
579 .features = IPSET_TYPE_NAME | IPSET_DUMP_LAST, 582 .features = IPSET_TYPE_NAME | IPSET_DUMP_LAST,
580 .dimension = IPSET_DIM_ONE, 583 .dimension = IPSET_DIM_ONE,
581 .family = NFPROTO_UNSPEC, 584 .family = NFPROTO_UNSPEC,
582 .revision_min = 0, 585 .revision_min = REVISION_MIN,
583 .revision_max = 0, 586 .revision_max = REVISION_MAX,
584 .create = list_set_create, 587 .create = list_set_create,
585 .create_policy = { 588 .create_policy = {
586 [IPSET_ATTR_SIZE] = { .type = NLA_U32 }, 589 [IPSET_ATTR_SIZE] = { .type = NLA_U32 },
diff --git a/net/netfilter/ipvs/Kconfig b/net/netfilter/ipvs/Kconfig
index f9871385a65e..8b2cffdfdd99 100644
--- a/net/netfilter/ipvs/Kconfig
+++ b/net/netfilter/ipvs/Kconfig
@@ -250,7 +250,8 @@ comment 'IPVS application helper'
250 250
251config IP_VS_FTP 251config IP_VS_FTP
252 tristate "FTP protocol helper" 252 tristate "FTP protocol helper"
253 depends on IP_VS_PROTO_TCP && NF_CONNTRACK && NF_NAT 253 depends on IP_VS_PROTO_TCP && NF_CONNTRACK && NF_NAT && \
254 NF_CONNTRACK_FTP
254 select IP_VS_NFCT 255 select IP_VS_NFCT
255 ---help--- 256 ---help---
256 FTP is a protocol that transfers IP address and/or port number in 257 FTP is a protocol that transfers IP address and/or port number in
diff --git a/net/netfilter/ipvs/ip_vs_app.c b/net/netfilter/ipvs/ip_vs_app.c
index 64f9e8f13207..9713e6e86d47 100644
--- a/net/netfilter/ipvs/ip_vs_app.c
+++ b/net/netfilter/ipvs/ip_vs_app.c
@@ -180,22 +180,38 @@ register_ip_vs_app_inc(struct net *net, struct ip_vs_app *app, __u16 proto,
180} 180}
181 181
182 182
183/* 183/* Register application for netns */
184 * ip_vs_app registration routine 184struct ip_vs_app *register_ip_vs_app(struct net *net, struct ip_vs_app *app)
185 */
186int register_ip_vs_app(struct net *net, struct ip_vs_app *app)
187{ 185{
188 struct netns_ipvs *ipvs = net_ipvs(net); 186 struct netns_ipvs *ipvs = net_ipvs(net);
189 /* increase the module use count */ 187 struct ip_vs_app *a;
190 ip_vs_use_count_inc(); 188 int err = 0;
189
190 if (!ipvs)
191 return ERR_PTR(-ENOENT);
191 192
192 mutex_lock(&__ip_vs_app_mutex); 193 mutex_lock(&__ip_vs_app_mutex);
193 194
194 list_add(&app->a_list, &ipvs->app_list); 195 list_for_each_entry(a, &ipvs->app_list, a_list) {
196 if (!strcmp(app->name, a->name)) {
197 err = -EEXIST;
198 goto out_unlock;
199 }
200 }
201 a = kmemdup(app, sizeof(*app), GFP_KERNEL);
202 if (!a) {
203 err = -ENOMEM;
204 goto out_unlock;
205 }
206 INIT_LIST_HEAD(&a->incs_list);
207 list_add(&a->a_list, &ipvs->app_list);
208 /* increase the module use count */
209 ip_vs_use_count_inc();
195 210
211out_unlock:
196 mutex_unlock(&__ip_vs_app_mutex); 212 mutex_unlock(&__ip_vs_app_mutex);
197 213
198 return 0; 214 return err ? ERR_PTR(err) : a;
199} 215}
200 216
201 217
@@ -205,20 +221,29 @@ int register_ip_vs_app(struct net *net, struct ip_vs_app *app)
205 */ 221 */
206void unregister_ip_vs_app(struct net *net, struct ip_vs_app *app) 222void unregister_ip_vs_app(struct net *net, struct ip_vs_app *app)
207{ 223{
208 struct ip_vs_app *inc, *nxt; 224 struct netns_ipvs *ipvs = net_ipvs(net);
225 struct ip_vs_app *a, *anxt, *inc, *nxt;
226
227 if (!ipvs)
228 return;
209 229
210 mutex_lock(&__ip_vs_app_mutex); 230 mutex_lock(&__ip_vs_app_mutex);
211 231
212 list_for_each_entry_safe(inc, nxt, &app->incs_list, a_list) { 232 list_for_each_entry_safe(a, anxt, &ipvs->app_list, a_list) {
213 ip_vs_app_inc_release(net, inc); 233 if (app && strcmp(app->name, a->name))
214 } 234 continue;
235 list_for_each_entry_safe(inc, nxt, &a->incs_list, a_list) {
236 ip_vs_app_inc_release(net, inc);
237 }
215 238
216 list_del(&app->a_list); 239 list_del(&a->a_list);
240 kfree(a);
217 241
218 mutex_unlock(&__ip_vs_app_mutex); 242 /* decrease the module use count */
243 ip_vs_use_count_dec();
244 }
219 245
220 /* decrease the module use count */ 246 mutex_unlock(&__ip_vs_app_mutex);
221 ip_vs_use_count_dec();
222} 247}
223 248
224 249
@@ -586,5 +611,6 @@ int __net_init ip_vs_app_net_init(struct net *net)
586 611
587void __net_exit ip_vs_app_net_cleanup(struct net *net) 612void __net_exit ip_vs_app_net_cleanup(struct net *net)
588{ 613{
614 unregister_ip_vs_app(net, NULL /* all */);
589 proc_net_remove(net, "ip_vs_app"); 615 proc_net_remove(net, "ip_vs_app");
590} 616}
diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/ipvs/ip_vs_core.c
index b54eccef40b5..58918e20f9d5 100644
--- a/net/netfilter/ipvs/ip_vs_core.c
+++ b/net/netfilter/ipvs/ip_vs_core.c
@@ -1303,7 +1303,8 @@ ip_vs_in_icmp(struct sk_buff *skb, int *related, unsigned int hooknum)
1303 struct ip_vs_conn *cp; 1303 struct ip_vs_conn *cp;
1304 struct ip_vs_protocol *pp; 1304 struct ip_vs_protocol *pp;
1305 struct ip_vs_proto_data *pd; 1305 struct ip_vs_proto_data *pd;
1306 unsigned int offset, ihl, verdict; 1306 unsigned int offset, offset2, ihl, verdict;
1307 bool ipip;
1307 1308
1308 *related = 1; 1309 *related = 1;
1309 1310
@@ -1345,6 +1346,21 @@ ip_vs_in_icmp(struct sk_buff *skb, int *related, unsigned int hooknum)
1345 1346
1346 net = skb_net(skb); 1347 net = skb_net(skb);
1347 1348
1349 /* Special case for errors for IPIP packets */
1350 ipip = false;
1351 if (cih->protocol == IPPROTO_IPIP) {
1352 if (unlikely(cih->frag_off & htons(IP_OFFSET)))
1353 return NF_ACCEPT;
1354 /* Error for our IPIP must arrive at LOCAL_IN */
1355 if (!(skb_rtable(skb)->rt_flags & RTCF_LOCAL))
1356 return NF_ACCEPT;
1357 offset += cih->ihl * 4;
1358 cih = skb_header_pointer(skb, offset, sizeof(_ciph), &_ciph);
1359 if (cih == NULL)
1360 return NF_ACCEPT; /* The packet looks wrong, ignore */
1361 ipip = true;
1362 }
1363
1348 pd = ip_vs_proto_data_get(net, cih->protocol); 1364 pd = ip_vs_proto_data_get(net, cih->protocol);
1349 if (!pd) 1365 if (!pd)
1350 return NF_ACCEPT; 1366 return NF_ACCEPT;
@@ -1358,11 +1374,14 @@ ip_vs_in_icmp(struct sk_buff *skb, int *related, unsigned int hooknum)
1358 IP_VS_DBG_PKT(11, AF_INET, pp, skb, offset, 1374 IP_VS_DBG_PKT(11, AF_INET, pp, skb, offset,
1359 "Checking incoming ICMP for"); 1375 "Checking incoming ICMP for");
1360 1376
1377 offset2 = offset;
1361 offset += cih->ihl * 4; 1378 offset += cih->ihl * 4;
1362 1379
1363 ip_vs_fill_iphdr(AF_INET, cih, &ciph); 1380 ip_vs_fill_iphdr(AF_INET, cih, &ciph);
1364 /* The embedded headers contain source and dest in reverse order */ 1381 /* The embedded headers contain source and dest in reverse order.
1365 cp = pp->conn_in_get(AF_INET, skb, &ciph, offset, 1); 1382 * For IPIP this is error for request, not for reply.
1383 */
1384 cp = pp->conn_in_get(AF_INET, skb, &ciph, offset, ipip ? 0 : 1);
1366 if (!cp) 1385 if (!cp)
1367 return NF_ACCEPT; 1386 return NF_ACCEPT;
1368 1387
@@ -1376,6 +1395,57 @@ ip_vs_in_icmp(struct sk_buff *skb, int *related, unsigned int hooknum)
1376 goto out; 1395 goto out;
1377 } 1396 }
1378 1397
1398 if (ipip) {
1399 __be32 info = ic->un.gateway;
1400
1401 /* Update the MTU */
1402 if (ic->type == ICMP_DEST_UNREACH &&
1403 ic->code == ICMP_FRAG_NEEDED) {
1404 struct ip_vs_dest *dest = cp->dest;
1405 u32 mtu = ntohs(ic->un.frag.mtu);
1406
1407 /* Strip outer IP and ICMP, go to IPIP header */
1408 __skb_pull(skb, ihl + sizeof(_icmph));
1409 offset2 -= ihl + sizeof(_icmph);
1410 skb_reset_network_header(skb);
1411 IP_VS_DBG(12, "ICMP for IPIP %pI4->%pI4: mtu=%u\n",
1412 &ip_hdr(skb)->saddr, &ip_hdr(skb)->daddr, mtu);
1413 rcu_read_lock();
1414 ipv4_update_pmtu(skb, dev_net(skb->dev),
1415 mtu, 0, 0, 0, 0);
1416 rcu_read_unlock();
1417 /* Client uses PMTUD? */
1418 if (!(cih->frag_off & htons(IP_DF)))
1419 goto ignore_ipip;
1420 /* Prefer the resulting PMTU */
1421 if (dest) {
1422 spin_lock(&dest->dst_lock);
1423 if (dest->dst_cache)
1424 mtu = dst_mtu(dest->dst_cache);
1425 spin_unlock(&dest->dst_lock);
1426 }
1427 if (mtu > 68 + sizeof(struct iphdr))
1428 mtu -= sizeof(struct iphdr);
1429 info = htonl(mtu);
1430 }
1431 /* Strip outer IP, ICMP and IPIP, go to IP header of
1432 * original request.
1433 */
1434 __skb_pull(skb, offset2);
1435 skb_reset_network_header(skb);
1436 IP_VS_DBG(12, "Sending ICMP for %pI4->%pI4: t=%u, c=%u, i=%u\n",
1437 &ip_hdr(skb)->saddr, &ip_hdr(skb)->daddr,
1438 ic->type, ic->code, ntohl(info));
1439 icmp_send(skb, ic->type, ic->code, info);
1440 /* ICMP can be shorter but anyways, account it */
1441 ip_vs_out_stats(cp, skb);
1442
1443ignore_ipip:
1444 consume_skb(skb);
1445 verdict = NF_STOLEN;
1446 goto out;
1447 }
1448
1379 /* do the statistics and put it back */ 1449 /* do the statistics and put it back */
1380 ip_vs_in_stats(cp, skb); 1450 ip_vs_in_stats(cp, skb);
1381 if (IPPROTO_TCP == cih->protocol || IPPROTO_UDP == cih->protocol) 1451 if (IPPROTO_TCP == cih->protocol || IPPROTO_UDP == cih->protocol)
diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c
index f51013c07b9f..7e7198b51c06 100644
--- a/net/netfilter/ipvs/ip_vs_ctl.c
+++ b/net/netfilter/ipvs/ip_vs_ctl.c
@@ -539,8 +539,7 @@ static int ip_vs_rs_unhash(struct ip_vs_dest *dest)
539 * Remove it from the rs_table table. 539 * Remove it from the rs_table table.
540 */ 540 */
541 if (!list_empty(&dest->d_list)) { 541 if (!list_empty(&dest->d_list)) {
542 list_del(&dest->d_list); 542 list_del_init(&dest->d_list);
543 INIT_LIST_HEAD(&dest->d_list);
544 } 543 }
545 544
546 return 1; 545 return 1;
@@ -1803,6 +1802,12 @@ static struct ctl_table vs_vars[] = {
1803 .mode = 0644, 1802 .mode = 0644,
1804 .proc_handler = proc_dointvec, 1803 .proc_handler = proc_dointvec,
1805 }, 1804 },
1805 {
1806 .procname = "pmtu_disc",
1807 .maxlen = sizeof(int),
1808 .mode = 0644,
1809 .proc_handler = proc_dointvec,
1810 },
1806#ifdef CONFIG_IP_VS_DEBUG 1811#ifdef CONFIG_IP_VS_DEBUG
1807 { 1812 {
1808 .procname = "debug_level", 1813 .procname = "debug_level",
@@ -2933,7 +2938,7 @@ static int ip_vs_genl_dump_service(struct sk_buff *skb,
2933{ 2938{
2934 void *hdr; 2939 void *hdr;
2935 2940
2936 hdr = genlmsg_put(skb, NETLINK_CB(cb->skb).pid, cb->nlh->nlmsg_seq, 2941 hdr = genlmsg_put(skb, NETLINK_CB(cb->skb).portid, cb->nlh->nlmsg_seq,
2937 &ip_vs_genl_family, NLM_F_MULTI, 2942 &ip_vs_genl_family, NLM_F_MULTI,
2938 IPVS_CMD_NEW_SERVICE); 2943 IPVS_CMD_NEW_SERVICE);
2939 if (!hdr) 2944 if (!hdr)
@@ -3122,7 +3127,7 @@ static int ip_vs_genl_dump_dest(struct sk_buff *skb, struct ip_vs_dest *dest,
3122{ 3127{
3123 void *hdr; 3128 void *hdr;
3124 3129
3125 hdr = genlmsg_put(skb, NETLINK_CB(cb->skb).pid, cb->nlh->nlmsg_seq, 3130 hdr = genlmsg_put(skb, NETLINK_CB(cb->skb).portid, cb->nlh->nlmsg_seq,
3126 &ip_vs_genl_family, NLM_F_MULTI, 3131 &ip_vs_genl_family, NLM_F_MULTI,
3127 IPVS_CMD_NEW_DEST); 3132 IPVS_CMD_NEW_DEST);
3128 if (!hdr) 3133 if (!hdr)
@@ -3251,7 +3256,7 @@ static int ip_vs_genl_dump_daemon(struct sk_buff *skb, __be32 state,
3251 struct netlink_callback *cb) 3256 struct netlink_callback *cb)
3252{ 3257{
3253 void *hdr; 3258 void *hdr;
3254 hdr = genlmsg_put(skb, NETLINK_CB(cb->skb).pid, cb->nlh->nlmsg_seq, 3259 hdr = genlmsg_put(skb, NETLINK_CB(cb->skb).portid, cb->nlh->nlmsg_seq,
3255 &ip_vs_genl_family, NLM_F_MULTI, 3260 &ip_vs_genl_family, NLM_F_MULTI,
3256 IPVS_CMD_NEW_DAEMON); 3261 IPVS_CMD_NEW_DAEMON);
3257 if (!hdr) 3262 if (!hdr)
@@ -3678,7 +3683,7 @@ static void ip_vs_genl_unregister(void)
3678 * per netns intit/exit func. 3683 * per netns intit/exit func.
3679 */ 3684 */
3680#ifdef CONFIG_SYSCTL 3685#ifdef CONFIG_SYSCTL
3681int __net_init ip_vs_control_net_init_sysctl(struct net *net) 3686static int __net_init ip_vs_control_net_init_sysctl(struct net *net)
3682{ 3687{
3683 int idx; 3688 int idx;
3684 struct netns_ipvs *ipvs = net_ipvs(net); 3689 struct netns_ipvs *ipvs = net_ipvs(net);
@@ -3729,6 +3734,8 @@ int __net_init ip_vs_control_net_init_sysctl(struct net *net)
3729 ipvs->sysctl_sync_retries = clamp_t(int, DEFAULT_SYNC_RETRIES, 0, 3); 3734 ipvs->sysctl_sync_retries = clamp_t(int, DEFAULT_SYNC_RETRIES, 0, 3);
3730 tbl[idx++].data = &ipvs->sysctl_sync_retries; 3735 tbl[idx++].data = &ipvs->sysctl_sync_retries;
3731 tbl[idx++].data = &ipvs->sysctl_nat_icmp_send; 3736 tbl[idx++].data = &ipvs->sysctl_nat_icmp_send;
3737 ipvs->sysctl_pmtu_disc = 1;
3738 tbl[idx++].data = &ipvs->sysctl_pmtu_disc;
3732 3739
3733 3740
3734 ipvs->sysctl_hdr = register_net_sysctl(net, "net/ipv4/vs", tbl); 3741 ipvs->sysctl_hdr = register_net_sysctl(net, "net/ipv4/vs", tbl);
@@ -3746,7 +3753,7 @@ int __net_init ip_vs_control_net_init_sysctl(struct net *net)
3746 return 0; 3753 return 0;
3747} 3754}
3748 3755
3749void __net_exit ip_vs_control_net_cleanup_sysctl(struct net *net) 3756static void __net_exit ip_vs_control_net_cleanup_sysctl(struct net *net)
3750{ 3757{
3751 struct netns_ipvs *ipvs = net_ipvs(net); 3758 struct netns_ipvs *ipvs = net_ipvs(net);
3752 3759
@@ -3757,8 +3764,8 @@ void __net_exit ip_vs_control_net_cleanup_sysctl(struct net *net)
3757 3764
3758#else 3765#else
3759 3766
3760int __net_init ip_vs_control_net_init_sysctl(struct net *net) { return 0; } 3767static int __net_init ip_vs_control_net_init_sysctl(struct net *net) { return 0; }
3761void __net_exit ip_vs_control_net_cleanup_sysctl(struct net *net) { } 3768static void __net_exit ip_vs_control_net_cleanup_sysctl(struct net *net) { }
3762 3769
3763#endif 3770#endif
3764 3771
diff --git a/net/netfilter/ipvs/ip_vs_ftp.c b/net/netfilter/ipvs/ip_vs_ftp.c
index b20b29c903ef..4f53a5f04437 100644
--- a/net/netfilter/ipvs/ip_vs_ftp.c
+++ b/net/netfilter/ipvs/ip_vs_ftp.c
@@ -268,6 +268,7 @@ static int ip_vs_ftp_out(struct ip_vs_app *app, struct ip_vs_conn *cp,
268 * packet. 268 * packet.
269 */ 269 */
270 ret = nf_nat_mangle_tcp_packet(skb, ct, ctinfo, 270 ret = nf_nat_mangle_tcp_packet(skb, ct, ctinfo,
271 iph->ihl * 4,
271 start-data, end-start, 272 start-data, end-start,
272 buf, buf_len); 273 buf, buf_len);
273 if (ret) { 274 if (ret) {
@@ -441,16 +442,10 @@ static int __net_init __ip_vs_ftp_init(struct net *net)
441 442
442 if (!ipvs) 443 if (!ipvs)
443 return -ENOENT; 444 return -ENOENT;
444 app = kmemdup(&ip_vs_ftp, sizeof(struct ip_vs_app), GFP_KERNEL);
445 if (!app)
446 return -ENOMEM;
447 INIT_LIST_HEAD(&app->a_list);
448 INIT_LIST_HEAD(&app->incs_list);
449 ipvs->ftp_app = app;
450 445
451 ret = register_ip_vs_app(net, app); 446 app = register_ip_vs_app(net, &ip_vs_ftp);
452 if (ret) 447 if (IS_ERR(app))
453 goto err_exit; 448 return PTR_ERR(app);
454 449
455 for (i = 0; i < ports_count; i++) { 450 for (i = 0; i < ports_count; i++) {
456 if (!ports[i]) 451 if (!ports[i])
@@ -464,9 +459,7 @@ static int __net_init __ip_vs_ftp_init(struct net *net)
464 return 0; 459 return 0;
465 460
466err_unreg: 461err_unreg:
467 unregister_ip_vs_app(net, app); 462 unregister_ip_vs_app(net, &ip_vs_ftp);
468err_exit:
469 kfree(ipvs->ftp_app);
470 return ret; 463 return ret;
471} 464}
472/* 465/*
@@ -474,10 +467,7 @@ err_exit:
474 */ 467 */
475static void __ip_vs_ftp_exit(struct net *net) 468static void __ip_vs_ftp_exit(struct net *net)
476{ 469{
477 struct netns_ipvs *ipvs = net_ipvs(net); 470 unregister_ip_vs_app(net, &ip_vs_ftp);
478
479 unregister_ip_vs_app(net, ipvs->ftp_app);
480 kfree(ipvs->ftp_app);
481} 471}
482 472
483static struct pernet_operations ip_vs_ftp_ops = { 473static struct pernet_operations ip_vs_ftp_ops = {
diff --git a/net/netfilter/ipvs/ip_vs_xmit.c b/net/netfilter/ipvs/ip_vs_xmit.c
index 65b616ae1716..56f6d5d81a77 100644
--- a/net/netfilter/ipvs/ip_vs_xmit.c
+++ b/net/netfilter/ipvs/ip_vs_xmit.c
@@ -49,6 +49,7 @@ enum {
49 IP_VS_RT_MODE_RDR = 4, /* Allow redirect from remote daddr to 49 IP_VS_RT_MODE_RDR = 4, /* Allow redirect from remote daddr to
50 * local 50 * local
51 */ 51 */
52 IP_VS_RT_MODE_CONNECT = 8, /* Always bind route to saddr */
52}; 53};
53 54
54/* 55/*
@@ -84,6 +85,58 @@ __ip_vs_dst_check(struct ip_vs_dest *dest, u32 rtos)
84 return dst; 85 return dst;
85} 86}
86 87
88static inline bool
89__mtu_check_toobig_v6(const struct sk_buff *skb, u32 mtu)
90{
91 if (IP6CB(skb)->frag_max_size) {
92 /* frag_max_size tell us that, this packet have been
93 * defragmented by netfilter IPv6 conntrack module.
94 */
95 if (IP6CB(skb)->frag_max_size > mtu)
96 return true; /* largest fragment violate MTU */
97 }
98 else if (skb->len > mtu && !skb_is_gso(skb)) {
99 return true; /* Packet size violate MTU size */
100 }
101 return false;
102}
103
104/* Get route to daddr, update *saddr, optionally bind route to saddr */
105static struct rtable *do_output_route4(struct net *net, __be32 daddr,
106 u32 rtos, int rt_mode, __be32 *saddr)
107{
108 struct flowi4 fl4;
109 struct rtable *rt;
110 int loop = 0;
111
112 memset(&fl4, 0, sizeof(fl4));
113 fl4.daddr = daddr;
114 fl4.saddr = (rt_mode & IP_VS_RT_MODE_CONNECT) ? *saddr : 0;
115 fl4.flowi4_tos = rtos;
116
117retry:
118 rt = ip_route_output_key(net, &fl4);
119 if (IS_ERR(rt)) {
120 /* Invalid saddr ? */
121 if (PTR_ERR(rt) == -EINVAL && *saddr &&
122 rt_mode & IP_VS_RT_MODE_CONNECT && !loop) {
123 *saddr = 0;
124 flowi4_update_output(&fl4, 0, rtos, daddr, 0);
125 goto retry;
126 }
127 IP_VS_DBG_RL("ip_route_output error, dest: %pI4\n", &daddr);
128 return NULL;
129 } else if (!*saddr && rt_mode & IP_VS_RT_MODE_CONNECT && fl4.saddr) {
130 ip_rt_put(rt);
131 *saddr = fl4.saddr;
132 flowi4_update_output(&fl4, 0, rtos, daddr, fl4.saddr);
133 loop++;
134 goto retry;
135 }
136 *saddr = fl4.saddr;
137 return rt;
138}
139
87/* Get route to destination or remote server */ 140/* Get route to destination or remote server */
88static struct rtable * 141static struct rtable *
89__ip_vs_get_out_rt(struct sk_buff *skb, struct ip_vs_dest *dest, 142__ip_vs_get_out_rt(struct sk_buff *skb, struct ip_vs_dest *dest,
@@ -98,20 +151,13 @@ __ip_vs_get_out_rt(struct sk_buff *skb, struct ip_vs_dest *dest,
98 spin_lock(&dest->dst_lock); 151 spin_lock(&dest->dst_lock);
99 if (!(rt = (struct rtable *) 152 if (!(rt = (struct rtable *)
100 __ip_vs_dst_check(dest, rtos))) { 153 __ip_vs_dst_check(dest, rtos))) {
101 struct flowi4 fl4; 154 rt = do_output_route4(net, dest->addr.ip, rtos,
102 155 rt_mode, &dest->dst_saddr.ip);
103 memset(&fl4, 0, sizeof(fl4)); 156 if (!rt) {
104 fl4.daddr = dest->addr.ip;
105 fl4.flowi4_tos = rtos;
106 rt = ip_route_output_key(net, &fl4);
107 if (IS_ERR(rt)) {
108 spin_unlock(&dest->dst_lock); 157 spin_unlock(&dest->dst_lock);
109 IP_VS_DBG_RL("ip_route_output error, dest: %pI4\n",
110 &dest->addr.ip);
111 return NULL; 158 return NULL;
112 } 159 }
113 __ip_vs_dst_set(dest, rtos, dst_clone(&rt->dst), 0); 160 __ip_vs_dst_set(dest, rtos, dst_clone(&rt->dst), 0);
114 dest->dst_saddr.ip = fl4.saddr;
115 IP_VS_DBG(10, "new dst %pI4, src %pI4, refcnt=%d, " 161 IP_VS_DBG(10, "new dst %pI4, src %pI4, refcnt=%d, "
116 "rtos=%X\n", 162 "rtos=%X\n",
117 &dest->addr.ip, &dest->dst_saddr.ip, 163 &dest->addr.ip, &dest->dst_saddr.ip,
@@ -122,19 +168,17 @@ __ip_vs_get_out_rt(struct sk_buff *skb, struct ip_vs_dest *dest,
122 *ret_saddr = dest->dst_saddr.ip; 168 *ret_saddr = dest->dst_saddr.ip;
123 spin_unlock(&dest->dst_lock); 169 spin_unlock(&dest->dst_lock);
124 } else { 170 } else {
125 struct flowi4 fl4; 171 __be32 saddr = htonl(INADDR_ANY);
126 172
127 memset(&fl4, 0, sizeof(fl4)); 173 /* For such unconfigured boxes avoid many route lookups
128 fl4.daddr = daddr; 174 * for performance reasons because we do not remember saddr
129 fl4.flowi4_tos = rtos; 175 */
130 rt = ip_route_output_key(net, &fl4); 176 rt_mode &= ~IP_VS_RT_MODE_CONNECT;
131 if (IS_ERR(rt)) { 177 rt = do_output_route4(net, daddr, rtos, rt_mode, &saddr);
132 IP_VS_DBG_RL("ip_route_output error, dest: %pI4\n", 178 if (!rt)
133 &daddr);
134 return NULL; 179 return NULL;
135 }
136 if (ret_saddr) 180 if (ret_saddr)
137 *ret_saddr = fl4.saddr; 181 *ret_saddr = saddr;
138 } 182 }
139 183
140 local = rt->rt_flags & RTCF_LOCAL; 184 local = rt->rt_flags & RTCF_LOCAL;
@@ -331,6 +375,7 @@ ip_vs_dst_reset(struct ip_vs_dest *dest)
331 old_dst = dest->dst_cache; 375 old_dst = dest->dst_cache;
332 dest->dst_cache = NULL; 376 dest->dst_cache = NULL;
333 dst_release(old_dst); 377 dst_release(old_dst);
378 dest->dst_saddr.ip = 0;
334} 379}
335 380
336#define IP_VS_XMIT_TUNNEL(skb, cp) \ 381#define IP_VS_XMIT_TUNNEL(skb, cp) \
@@ -462,7 +507,7 @@ ip_vs_bypass_xmit_v6(struct sk_buff *skb, struct ip_vs_conn *cp,
462 507
463 /* MTU checking */ 508 /* MTU checking */
464 mtu = dst_mtu(&rt->dst); 509 mtu = dst_mtu(&rt->dst);
465 if (skb->len > mtu && !skb_is_gso(skb)) { 510 if (__mtu_check_toobig_v6(skb, mtu)) {
466 if (!skb->dev) { 511 if (!skb->dev) {
467 struct net *net = dev_net(skb_dst(skb)->dev); 512 struct net *net = dev_net(skb_dst(skb)->dev);
468 513
@@ -683,7 +728,7 @@ ip_vs_nat_xmit_v6(struct sk_buff *skb, struct ip_vs_conn *cp,
683 728
684 /* MTU checking */ 729 /* MTU checking */
685 mtu = dst_mtu(&rt->dst); 730 mtu = dst_mtu(&rt->dst);
686 if (skb->len > mtu && !skb_is_gso(skb)) { 731 if (__mtu_check_toobig_v6(skb, mtu)) {
687 if (!skb->dev) { 732 if (!skb->dev) {
688 struct net *net = dev_net(skb_dst(skb)->dev); 733 struct net *net = dev_net(skb_dst(skb)->dev);
689 734
@@ -766,12 +811,13 @@ int
766ip_vs_tunnel_xmit(struct sk_buff *skb, struct ip_vs_conn *cp, 811ip_vs_tunnel_xmit(struct sk_buff *skb, struct ip_vs_conn *cp,
767 struct ip_vs_protocol *pp) 812 struct ip_vs_protocol *pp)
768{ 813{
814 struct netns_ipvs *ipvs = net_ipvs(skb_net(skb));
769 struct rtable *rt; /* Route to the other host */ 815 struct rtable *rt; /* Route to the other host */
770 __be32 saddr; /* Source for tunnel */ 816 __be32 saddr; /* Source for tunnel */
771 struct net_device *tdev; /* Device to other host */ 817 struct net_device *tdev; /* Device to other host */
772 struct iphdr *old_iph = ip_hdr(skb); 818 struct iphdr *old_iph = ip_hdr(skb);
773 u8 tos = old_iph->tos; 819 u8 tos = old_iph->tos;
774 __be16 df = old_iph->frag_off; 820 __be16 df;
775 struct iphdr *iph; /* Our new IP header */ 821 struct iphdr *iph; /* Our new IP header */
776 unsigned int max_headroom; /* The extra header space needed */ 822 unsigned int max_headroom; /* The extra header space needed */
777 int mtu; 823 int mtu;
@@ -781,7 +827,8 @@ ip_vs_tunnel_xmit(struct sk_buff *skb, struct ip_vs_conn *cp,
781 827
782 if (!(rt = __ip_vs_get_out_rt(skb, cp->dest, cp->daddr.ip, 828 if (!(rt = __ip_vs_get_out_rt(skb, cp->dest, cp->daddr.ip,
783 RT_TOS(tos), IP_VS_RT_MODE_LOCAL | 829 RT_TOS(tos), IP_VS_RT_MODE_LOCAL |
784 IP_VS_RT_MODE_NON_LOCAL, 830 IP_VS_RT_MODE_NON_LOCAL |
831 IP_VS_RT_MODE_CONNECT,
785 &saddr))) 832 &saddr)))
786 goto tx_error_icmp; 833 goto tx_error_icmp;
787 if (rt->rt_flags & RTCF_LOCAL) { 834 if (rt->rt_flags & RTCF_LOCAL) {
@@ -796,13 +843,13 @@ ip_vs_tunnel_xmit(struct sk_buff *skb, struct ip_vs_conn *cp,
796 IP_VS_DBG_RL("%s(): mtu less than 68\n", __func__); 843 IP_VS_DBG_RL("%s(): mtu less than 68\n", __func__);
797 goto tx_error_put; 844 goto tx_error_put;
798 } 845 }
799 if (skb_dst(skb)) 846 if (rt_is_output_route(skb_rtable(skb)))
800 skb_dst(skb)->ops->update_pmtu(skb_dst(skb), NULL, skb, mtu); 847 skb_dst(skb)->ops->update_pmtu(skb_dst(skb), NULL, skb, mtu);
801 848
802 df |= (old_iph->frag_off & htons(IP_DF)); 849 /* Copy DF, reset fragment offset and MF */
850 df = sysctl_pmtu_disc(ipvs) ? old_iph->frag_off & htons(IP_DF) : 0;
803 851
804 if ((old_iph->frag_off & htons(IP_DF) && 852 if (df && mtu < ntohs(old_iph->tot_len) && !skb_is_gso(skb)) {
805 mtu < ntohs(old_iph->tot_len) && !skb_is_gso(skb))) {
806 icmp_send(skb, ICMP_DEST_UNREACH,ICMP_FRAG_NEEDED, htonl(mtu)); 853 icmp_send(skb, ICMP_DEST_UNREACH,ICMP_FRAG_NEEDED, htonl(mtu));
807 IP_VS_DBG_RL("%s(): frag needed\n", __func__); 854 IP_VS_DBG_RL("%s(): frag needed\n", __func__);
808 goto tx_error_put; 855 goto tx_error_put;
@@ -915,8 +962,8 @@ ip_vs_tunnel_xmit_v6(struct sk_buff *skb, struct ip_vs_conn *cp,
915 if (skb_dst(skb)) 962 if (skb_dst(skb))
916 skb_dst(skb)->ops->update_pmtu(skb_dst(skb), NULL, skb, mtu); 963 skb_dst(skb)->ops->update_pmtu(skb_dst(skb), NULL, skb, mtu);
917 964
918 if (mtu < ntohs(old_iph->payload_len) + sizeof(struct ipv6hdr) && 965 /* MTU checking: Notice that 'mtu' have been adjusted before hand */
919 !skb_is_gso(skb)) { 966 if (__mtu_check_toobig_v6(skb, mtu)) {
920 if (!skb->dev) { 967 if (!skb->dev) {
921 struct net *net = dev_net(skb_dst(skb)->dev); 968 struct net *net = dev_net(skb_dst(skb)->dev);
922 969
@@ -1082,7 +1129,7 @@ ip_vs_dr_xmit_v6(struct sk_buff *skb, struct ip_vs_conn *cp,
1082 1129
1083 /* MTU checking */ 1130 /* MTU checking */
1084 mtu = dst_mtu(&rt->dst); 1131 mtu = dst_mtu(&rt->dst);
1085 if (skb->len > mtu) { 1132 if (__mtu_check_toobig_v6(skb, mtu)) {
1086 if (!skb->dev) { 1133 if (!skb->dev) {
1087 struct net *net = dev_net(skb_dst(skb)->dev); 1134 struct net *net = dev_net(skb_dst(skb)->dev);
1088 1135
@@ -1318,7 +1365,7 @@ ip_vs_icmp_xmit_v6(struct sk_buff *skb, struct ip_vs_conn *cp,
1318 1365
1319 /* MTU checking */ 1366 /* MTU checking */
1320 mtu = dst_mtu(&rt->dst); 1367 mtu = dst_mtu(&rt->dst);
1321 if (skb->len > mtu && !skb_is_gso(skb)) { 1368 if (__mtu_check_toobig_v6(skb, mtu)) {
1322 if (!skb->dev) { 1369 if (!skb->dev) {
1323 struct net *net = dev_net(skb_dst(skb)->dev); 1370 struct net *net = dev_net(skb_dst(skb)->dev);
1324 1371
diff --git a/net/netfilter/nf_conntrack_amanda.c b/net/netfilter/nf_conntrack_amanda.c
index f2de8c55ac50..c514fe6033d2 100644
--- a/net/netfilter/nf_conntrack_amanda.c
+++ b/net/netfilter/nf_conntrack_amanda.c
@@ -40,6 +40,7 @@ MODULE_PARM_DESC(ts_algo, "textsearch algorithm to use (default kmp)");
40 40
41unsigned int (*nf_nat_amanda_hook)(struct sk_buff *skb, 41unsigned int (*nf_nat_amanda_hook)(struct sk_buff *skb,
42 enum ip_conntrack_info ctinfo, 42 enum ip_conntrack_info ctinfo,
43 unsigned int protoff,
43 unsigned int matchoff, 44 unsigned int matchoff,
44 unsigned int matchlen, 45 unsigned int matchlen,
45 struct nf_conntrack_expect *exp) 46 struct nf_conntrack_expect *exp)
@@ -155,8 +156,8 @@ static int amanda_help(struct sk_buff *skb,
155 156
156 nf_nat_amanda = rcu_dereference(nf_nat_amanda_hook); 157 nf_nat_amanda = rcu_dereference(nf_nat_amanda_hook);
157 if (nf_nat_amanda && ct->status & IPS_NAT_MASK) 158 if (nf_nat_amanda && ct->status & IPS_NAT_MASK)
158 ret = nf_nat_amanda(skb, ctinfo, off - dataoff, 159 ret = nf_nat_amanda(skb, ctinfo, protoff,
159 len, exp); 160 off - dataoff, len, exp);
160 else if (nf_ct_expect_related(exp) != 0) 161 else if (nf_ct_expect_related(exp) != 0)
161 ret = NF_DROP; 162 ret = NF_DROP;
162 nf_ct_expect_put(exp); 163 nf_ct_expect_put(exp);
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
index 2ceec64b19f9..0f241be28f9e 100644
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -55,6 +55,12 @@ int (*nfnetlink_parse_nat_setup_hook)(struct nf_conn *ct,
55 const struct nlattr *attr) __read_mostly; 55 const struct nlattr *attr) __read_mostly;
56EXPORT_SYMBOL_GPL(nfnetlink_parse_nat_setup_hook); 56EXPORT_SYMBOL_GPL(nfnetlink_parse_nat_setup_hook);
57 57
58int (*nf_nat_seq_adjust_hook)(struct sk_buff *skb,
59 struct nf_conn *ct,
60 enum ip_conntrack_info ctinfo,
61 unsigned int protoff);
62EXPORT_SYMBOL_GPL(nf_nat_seq_adjust_hook);
63
58DEFINE_SPINLOCK(nf_conntrack_lock); 64DEFINE_SPINLOCK(nf_conntrack_lock);
59EXPORT_SYMBOL_GPL(nf_conntrack_lock); 65EXPORT_SYMBOL_GPL(nf_conntrack_lock);
60 66
@@ -930,7 +936,6 @@ nf_conntrack_in(struct net *net, u_int8_t pf, unsigned int hooknum,
930 enum ip_conntrack_info ctinfo; 936 enum ip_conntrack_info ctinfo;
931 struct nf_conntrack_l3proto *l3proto; 937 struct nf_conntrack_l3proto *l3proto;
932 struct nf_conntrack_l4proto *l4proto; 938 struct nf_conntrack_l4proto *l4proto;
933 struct nf_conn_timeout *timeout_ext;
934 unsigned int *timeouts; 939 unsigned int *timeouts;
935 unsigned int dataoff; 940 unsigned int dataoff;
936 u_int8_t protonum; 941 u_int8_t protonum;
@@ -997,11 +1002,7 @@ nf_conntrack_in(struct net *net, u_int8_t pf, unsigned int hooknum,
997 NF_CT_ASSERT(skb->nfct); 1002 NF_CT_ASSERT(skb->nfct);
998 1003
999 /* Decide what timeout policy we want to apply to this flow. */ 1004 /* Decide what timeout policy we want to apply to this flow. */
1000 timeout_ext = nf_ct_timeout_find(ct); 1005 timeouts = nf_ct_timeout_lookup(net, ct, l4proto);
1001 if (timeout_ext)
1002 timeouts = NF_CT_TIMEOUT_EXT_DATA(timeout_ext);
1003 else
1004 timeouts = l4proto->get_timeouts(net);
1005 1006
1006 ret = l4proto->packet(ct, skb, dataoff, ctinfo, pf, hooknum, timeouts); 1007 ret = l4proto->packet(ct, skb, dataoff, ctinfo, pf, hooknum, timeouts);
1007 if (ret <= 0) { 1008 if (ret <= 0) {
@@ -1223,6 +1224,8 @@ get_next_corpse(struct net *net, int (*iter)(struct nf_conn *i, void *data),
1223 spin_lock_bh(&nf_conntrack_lock); 1224 spin_lock_bh(&nf_conntrack_lock);
1224 for (; *bucket < net->ct.htable_size; (*bucket)++) { 1225 for (; *bucket < net->ct.htable_size; (*bucket)++) {
1225 hlist_nulls_for_each_entry(h, n, &net->ct.hash[*bucket], hnnode) { 1226 hlist_nulls_for_each_entry(h, n, &net->ct.hash[*bucket], hnnode) {
1227 if (NF_CT_DIRECTION(h) != IP_CT_DIR_ORIGINAL)
1228 continue;
1226 ct = nf_ct_tuplehash_to_ctrack(h); 1229 ct = nf_ct_tuplehash_to_ctrack(h);
1227 if (iter(ct, data)) 1230 if (iter(ct, data))
1228 goto found; 1231 goto found;
diff --git a/net/netfilter/nf_conntrack_ecache.c b/net/netfilter/nf_conntrack_ecache.c
index e7be79e640de..de9781b6464f 100644
--- a/net/netfilter/nf_conntrack_ecache.c
+++ b/net/netfilter/nf_conntrack_ecache.c
@@ -61,7 +61,7 @@ void nf_ct_deliver_cached_events(struct nf_conn *ct)
61 goto out_unlock; 61 goto out_unlock;
62 62
63 item.ct = ct; 63 item.ct = ct;
64 item.pid = 0; 64 item.portid = 0;
65 item.report = 0; 65 item.report = 0;
66 66
67 ret = notify->fcn(events | missed, &item); 67 ret = notify->fcn(events | missed, &item);
diff --git a/net/netfilter/nf_conntrack_ftp.c b/net/netfilter/nf_conntrack_ftp.c
index 4bb771d1f57a..1ce3befb7c8a 100644
--- a/net/netfilter/nf_conntrack_ftp.c
+++ b/net/netfilter/nf_conntrack_ftp.c
@@ -48,6 +48,7 @@ module_param(loose, bool, 0600);
48unsigned int (*nf_nat_ftp_hook)(struct sk_buff *skb, 48unsigned int (*nf_nat_ftp_hook)(struct sk_buff *skb,
49 enum ip_conntrack_info ctinfo, 49 enum ip_conntrack_info ctinfo,
50 enum nf_ct_ftp_type type, 50 enum nf_ct_ftp_type type,
51 unsigned int protoff,
51 unsigned int matchoff, 52 unsigned int matchoff,
52 unsigned int matchlen, 53 unsigned int matchlen,
53 struct nf_conntrack_expect *exp); 54 struct nf_conntrack_expect *exp);
@@ -395,6 +396,12 @@ static int help(struct sk_buff *skb,
395 396
396 /* Look up to see if we're just after a \n. */ 397 /* Look up to see if we're just after a \n. */
397 if (!find_nl_seq(ntohl(th->seq), ct_ftp_info, dir)) { 398 if (!find_nl_seq(ntohl(th->seq), ct_ftp_info, dir)) {
399 /* We're picking up this, clear flags and let it continue */
400 if (unlikely(ct_ftp_info->flags[dir] & NF_CT_FTP_SEQ_PICKUP)) {
401 ct_ftp_info->flags[dir] ^= NF_CT_FTP_SEQ_PICKUP;
402 goto skip_nl_seq;
403 }
404
398 /* Now if this ends in \n, update ftp info. */ 405 /* Now if this ends in \n, update ftp info. */
399 pr_debug("nf_conntrack_ftp: wrong seq pos %s(%u) or %s(%u)\n", 406 pr_debug("nf_conntrack_ftp: wrong seq pos %s(%u) or %s(%u)\n",
400 ct_ftp_info->seq_aft_nl_num[dir] > 0 ? "" : "(UNSET)", 407 ct_ftp_info->seq_aft_nl_num[dir] > 0 ? "" : "(UNSET)",
@@ -405,6 +412,7 @@ static int help(struct sk_buff *skb,
405 goto out_update_nl; 412 goto out_update_nl;
406 } 413 }
407 414
415skip_nl_seq:
408 /* Initialize IP/IPv6 addr to expected address (it's not mentioned 416 /* Initialize IP/IPv6 addr to expected address (it's not mentioned
409 in EPSV responses) */ 417 in EPSV responses) */
410 cmd.l3num = nf_ct_l3num(ct); 418 cmd.l3num = nf_ct_l3num(ct);
@@ -489,7 +497,7 @@ static int help(struct sk_buff *skb,
489 nf_nat_ftp = rcu_dereference(nf_nat_ftp_hook); 497 nf_nat_ftp = rcu_dereference(nf_nat_ftp_hook);
490 if (nf_nat_ftp && ct->status & IPS_NAT_MASK) 498 if (nf_nat_ftp && ct->status & IPS_NAT_MASK)
491 ret = nf_nat_ftp(skb, ctinfo, search[dir][i].ftptype, 499 ret = nf_nat_ftp(skb, ctinfo, search[dir][i].ftptype,
492 matchoff, matchlen, exp); 500 protoff, matchoff, matchlen, exp);
493 else { 501 else {
494 /* Can't expect this? Best to drop packet now. */ 502 /* Can't expect this? Best to drop packet now. */
495 if (nf_ct_expect_related(exp) != 0) 503 if (nf_ct_expect_related(exp) != 0)
@@ -511,6 +519,19 @@ out_update_nl:
511 return ret; 519 return ret;
512} 520}
513 521
522static int nf_ct_ftp_from_nlattr(struct nlattr *attr, struct nf_conn *ct)
523{
524 struct nf_ct_ftp_master *ftp = nfct_help_data(ct);
525
526 /* This conntrack has been injected from user-space, always pick up
527 * sequence tracking. Otherwise, the first FTP command after the
528 * failover breaks.
529 */
530 ftp->flags[IP_CT_DIR_ORIGINAL] |= NF_CT_FTP_SEQ_PICKUP;
531 ftp->flags[IP_CT_DIR_REPLY] |= NF_CT_FTP_SEQ_PICKUP;
532 return 0;
533}
534
514static struct nf_conntrack_helper ftp[MAX_PORTS][2] __read_mostly; 535static struct nf_conntrack_helper ftp[MAX_PORTS][2] __read_mostly;
515 536
516static const struct nf_conntrack_expect_policy ftp_exp_policy = { 537static const struct nf_conntrack_expect_policy ftp_exp_policy = {
@@ -560,6 +581,7 @@ static int __init nf_conntrack_ftp_init(void)
560 ftp[i][j].expect_policy = &ftp_exp_policy; 581 ftp[i][j].expect_policy = &ftp_exp_policy;
561 ftp[i][j].me = THIS_MODULE; 582 ftp[i][j].me = THIS_MODULE;
562 ftp[i][j].help = help; 583 ftp[i][j].help = help;
584 ftp[i][j].from_nlattr = nf_ct_ftp_from_nlattr;
563 if (ports[i] == FTP_PORT) 585 if (ports[i] == FTP_PORT)
564 sprintf(ftp[i][j].name, "ftp"); 586 sprintf(ftp[i][j].name, "ftp");
565 else 587 else
diff --git a/net/netfilter/nf_conntrack_h323_main.c b/net/netfilter/nf_conntrack_h323_main.c
index 4283b207e63b..1b30b0dee708 100644
--- a/net/netfilter/nf_conntrack_h323_main.c
+++ b/net/netfilter/nf_conntrack_h323_main.c
@@ -49,12 +49,12 @@ MODULE_PARM_DESC(callforward_filter, "only create call forwarding expectations "
49 "(determined by routing information)"); 49 "(determined by routing information)");
50 50
51/* Hooks for NAT */ 51/* Hooks for NAT */
52int (*set_h245_addr_hook) (struct sk_buff *skb, 52int (*set_h245_addr_hook) (struct sk_buff *skb, unsigned int protoff,
53 unsigned char **data, int dataoff, 53 unsigned char **data, int dataoff,
54 H245_TransportAddress *taddr, 54 H245_TransportAddress *taddr,
55 union nf_inet_addr *addr, __be16 port) 55 union nf_inet_addr *addr, __be16 port)
56 __read_mostly; 56 __read_mostly;
57int (*set_h225_addr_hook) (struct sk_buff *skb, 57int (*set_h225_addr_hook) (struct sk_buff *skb, unsigned int protoff,
58 unsigned char **data, int dataoff, 58 unsigned char **data, int dataoff,
59 TransportAddress *taddr, 59 TransportAddress *taddr,
60 union nf_inet_addr *addr, __be16 port) 60 union nf_inet_addr *addr, __be16 port)
@@ -62,16 +62,17 @@ int (*set_h225_addr_hook) (struct sk_buff *skb,
62int (*set_sig_addr_hook) (struct sk_buff *skb, 62int (*set_sig_addr_hook) (struct sk_buff *skb,
63 struct nf_conn *ct, 63 struct nf_conn *ct,
64 enum ip_conntrack_info ctinfo, 64 enum ip_conntrack_info ctinfo,
65 unsigned char **data, 65 unsigned int protoff, unsigned char **data,
66 TransportAddress *taddr, int count) __read_mostly; 66 TransportAddress *taddr, int count) __read_mostly;
67int (*set_ras_addr_hook) (struct sk_buff *skb, 67int (*set_ras_addr_hook) (struct sk_buff *skb,
68 struct nf_conn *ct, 68 struct nf_conn *ct,
69 enum ip_conntrack_info ctinfo, 69 enum ip_conntrack_info ctinfo,
70 unsigned char **data, 70 unsigned int protoff, unsigned char **data,
71 TransportAddress *taddr, int count) __read_mostly; 71 TransportAddress *taddr, int count) __read_mostly;
72int (*nat_rtp_rtcp_hook) (struct sk_buff *skb, 72int (*nat_rtp_rtcp_hook) (struct sk_buff *skb,
73 struct nf_conn *ct, 73 struct nf_conn *ct,
74 enum ip_conntrack_info ctinfo, 74 enum ip_conntrack_info ctinfo,
75 unsigned int protoff,
75 unsigned char **data, int dataoff, 76 unsigned char **data, int dataoff,
76 H245_TransportAddress *taddr, 77 H245_TransportAddress *taddr,
77 __be16 port, __be16 rtp_port, 78 __be16 port, __be16 rtp_port,
@@ -80,24 +81,28 @@ int (*nat_rtp_rtcp_hook) (struct sk_buff *skb,
80int (*nat_t120_hook) (struct sk_buff *skb, 81int (*nat_t120_hook) (struct sk_buff *skb,
81 struct nf_conn *ct, 82 struct nf_conn *ct,
82 enum ip_conntrack_info ctinfo, 83 enum ip_conntrack_info ctinfo,
84 unsigned int protoff,
83 unsigned char **data, int dataoff, 85 unsigned char **data, int dataoff,
84 H245_TransportAddress *taddr, __be16 port, 86 H245_TransportAddress *taddr, __be16 port,
85 struct nf_conntrack_expect *exp) __read_mostly; 87 struct nf_conntrack_expect *exp) __read_mostly;
86int (*nat_h245_hook) (struct sk_buff *skb, 88int (*nat_h245_hook) (struct sk_buff *skb,
87 struct nf_conn *ct, 89 struct nf_conn *ct,
88 enum ip_conntrack_info ctinfo, 90 enum ip_conntrack_info ctinfo,
91 unsigned int protoff,
89 unsigned char **data, int dataoff, 92 unsigned char **data, int dataoff,
90 TransportAddress *taddr, __be16 port, 93 TransportAddress *taddr, __be16 port,
91 struct nf_conntrack_expect *exp) __read_mostly; 94 struct nf_conntrack_expect *exp) __read_mostly;
92int (*nat_callforwarding_hook) (struct sk_buff *skb, 95int (*nat_callforwarding_hook) (struct sk_buff *skb,
93 struct nf_conn *ct, 96 struct nf_conn *ct,
94 enum ip_conntrack_info ctinfo, 97 enum ip_conntrack_info ctinfo,
98 unsigned int protoff,
95 unsigned char **data, int dataoff, 99 unsigned char **data, int dataoff,
96 TransportAddress *taddr, __be16 port, 100 TransportAddress *taddr, __be16 port,
97 struct nf_conntrack_expect *exp) __read_mostly; 101 struct nf_conntrack_expect *exp) __read_mostly;
98int (*nat_q931_hook) (struct sk_buff *skb, 102int (*nat_q931_hook) (struct sk_buff *skb,
99 struct nf_conn *ct, 103 struct nf_conn *ct,
100 enum ip_conntrack_info ctinfo, 104 enum ip_conntrack_info ctinfo,
105 unsigned int protoff,
101 unsigned char **data, TransportAddress *taddr, int idx, 106 unsigned char **data, TransportAddress *taddr, int idx,
102 __be16 port, struct nf_conntrack_expect *exp) 107 __be16 port, struct nf_conntrack_expect *exp)
103 __read_mostly; 108 __read_mostly;
@@ -251,6 +256,7 @@ static int get_h245_addr(struct nf_conn *ct, const unsigned char *data,
251/****************************************************************************/ 256/****************************************************************************/
252static int expect_rtp_rtcp(struct sk_buff *skb, struct nf_conn *ct, 257static int expect_rtp_rtcp(struct sk_buff *skb, struct nf_conn *ct,
253 enum ip_conntrack_info ctinfo, 258 enum ip_conntrack_info ctinfo,
259 unsigned int protoff,
254 unsigned char **data, int dataoff, 260 unsigned char **data, int dataoff,
255 H245_TransportAddress *taddr) 261 H245_TransportAddress *taddr)
256{ 262{
@@ -295,9 +301,10 @@ static int expect_rtp_rtcp(struct sk_buff *skb, struct nf_conn *ct,
295 &ct->tuplehash[!dir].tuple.dst.u3, 301 &ct->tuplehash[!dir].tuple.dst.u3,
296 sizeof(ct->tuplehash[dir].tuple.src.u3)) && 302 sizeof(ct->tuplehash[dir].tuple.src.u3)) &&
297 (nat_rtp_rtcp = rcu_dereference(nat_rtp_rtcp_hook)) && 303 (nat_rtp_rtcp = rcu_dereference(nat_rtp_rtcp_hook)) &&
304 nf_ct_l3num(ct) == NFPROTO_IPV4 &&
298 ct->status & IPS_NAT_MASK) { 305 ct->status & IPS_NAT_MASK) {
299 /* NAT needed */ 306 /* NAT needed */
300 ret = nat_rtp_rtcp(skb, ct, ctinfo, data, dataoff, 307 ret = nat_rtp_rtcp(skb, ct, ctinfo, protoff, data, dataoff,
301 taddr, port, rtp_port, rtp_exp, rtcp_exp); 308 taddr, port, rtp_port, rtp_exp, rtcp_exp);
302 } else { /* Conntrack only */ 309 } else { /* Conntrack only */
303 if (nf_ct_expect_related(rtp_exp) == 0) { 310 if (nf_ct_expect_related(rtp_exp) == 0) {
@@ -324,6 +331,7 @@ static int expect_rtp_rtcp(struct sk_buff *skb, struct nf_conn *ct,
324static int expect_t120(struct sk_buff *skb, 331static int expect_t120(struct sk_buff *skb,
325 struct nf_conn *ct, 332 struct nf_conn *ct,
326 enum ip_conntrack_info ctinfo, 333 enum ip_conntrack_info ctinfo,
334 unsigned int protoff,
327 unsigned char **data, int dataoff, 335 unsigned char **data, int dataoff,
328 H245_TransportAddress *taddr) 336 H245_TransportAddress *taddr)
329{ 337{
@@ -353,9 +361,10 @@ static int expect_t120(struct sk_buff *skb,
353 &ct->tuplehash[!dir].tuple.dst.u3, 361 &ct->tuplehash[!dir].tuple.dst.u3,
354 sizeof(ct->tuplehash[dir].tuple.src.u3)) && 362 sizeof(ct->tuplehash[dir].tuple.src.u3)) &&
355 (nat_t120 = rcu_dereference(nat_t120_hook)) && 363 (nat_t120 = rcu_dereference(nat_t120_hook)) &&
364 nf_ct_l3num(ct) == NFPROTO_IPV4 &&
356 ct->status & IPS_NAT_MASK) { 365 ct->status & IPS_NAT_MASK) {
357 /* NAT needed */ 366 /* NAT needed */
358 ret = nat_t120(skb, ct, ctinfo, data, dataoff, taddr, 367 ret = nat_t120(skb, ct, ctinfo, protoff, data, dataoff, taddr,
359 port, exp); 368 port, exp);
360 } else { /* Conntrack only */ 369 } else { /* Conntrack only */
361 if (nf_ct_expect_related(exp) == 0) { 370 if (nf_ct_expect_related(exp) == 0) {
@@ -374,6 +383,7 @@ static int expect_t120(struct sk_buff *skb,
374static int process_h245_channel(struct sk_buff *skb, 383static int process_h245_channel(struct sk_buff *skb,
375 struct nf_conn *ct, 384 struct nf_conn *ct,
376 enum ip_conntrack_info ctinfo, 385 enum ip_conntrack_info ctinfo,
386 unsigned int protoff,
377 unsigned char **data, int dataoff, 387 unsigned char **data, int dataoff,
378 H2250LogicalChannelParameters *channel) 388 H2250LogicalChannelParameters *channel)
379{ 389{
@@ -381,7 +391,7 @@ static int process_h245_channel(struct sk_buff *skb,
381 391
382 if (channel->options & eH2250LogicalChannelParameters_mediaChannel) { 392 if (channel->options & eH2250LogicalChannelParameters_mediaChannel) {
383 /* RTP */ 393 /* RTP */
384 ret = expect_rtp_rtcp(skb, ct, ctinfo, data, dataoff, 394 ret = expect_rtp_rtcp(skb, ct, ctinfo, protoff, data, dataoff,
385 &channel->mediaChannel); 395 &channel->mediaChannel);
386 if (ret < 0) 396 if (ret < 0)
387 return -1; 397 return -1;
@@ -390,7 +400,7 @@ static int process_h245_channel(struct sk_buff *skb,
390 if (channel-> 400 if (channel->
391 options & eH2250LogicalChannelParameters_mediaControlChannel) { 401 options & eH2250LogicalChannelParameters_mediaControlChannel) {
392 /* RTCP */ 402 /* RTCP */
393 ret = expect_rtp_rtcp(skb, ct, ctinfo, data, dataoff, 403 ret = expect_rtp_rtcp(skb, ct, ctinfo, protoff, data, dataoff,
394 &channel->mediaControlChannel); 404 &channel->mediaControlChannel);
395 if (ret < 0) 405 if (ret < 0)
396 return -1; 406 return -1;
@@ -402,6 +412,7 @@ static int process_h245_channel(struct sk_buff *skb,
402/****************************************************************************/ 412/****************************************************************************/
403static int process_olc(struct sk_buff *skb, struct nf_conn *ct, 413static int process_olc(struct sk_buff *skb, struct nf_conn *ct,
404 enum ip_conntrack_info ctinfo, 414 enum ip_conntrack_info ctinfo,
415 unsigned int protoff,
405 unsigned char **data, int dataoff, 416 unsigned char **data, int dataoff,
406 OpenLogicalChannel *olc) 417 OpenLogicalChannel *olc)
407{ 418{
@@ -412,7 +423,8 @@ static int process_olc(struct sk_buff *skb, struct nf_conn *ct,
412 if (olc->forwardLogicalChannelParameters.multiplexParameters.choice == 423 if (olc->forwardLogicalChannelParameters.multiplexParameters.choice ==
413 eOpenLogicalChannel_forwardLogicalChannelParameters_multiplexParameters_h2250LogicalChannelParameters) 424 eOpenLogicalChannel_forwardLogicalChannelParameters_multiplexParameters_h2250LogicalChannelParameters)
414 { 425 {
415 ret = process_h245_channel(skb, ct, ctinfo, data, dataoff, 426 ret = process_h245_channel(skb, ct, ctinfo,
427 protoff, data, dataoff,
416 &olc-> 428 &olc->
417 forwardLogicalChannelParameters. 429 forwardLogicalChannelParameters.
418 multiplexParameters. 430 multiplexParameters.
@@ -430,7 +442,8 @@ static int process_olc(struct sk_buff *skb, struct nf_conn *ct,
430 eOpenLogicalChannel_reverseLogicalChannelParameters_multiplexParameters_h2250LogicalChannelParameters)) 442 eOpenLogicalChannel_reverseLogicalChannelParameters_multiplexParameters_h2250LogicalChannelParameters))
431 { 443 {
432 ret = 444 ret =
433 process_h245_channel(skb, ct, ctinfo, data, dataoff, 445 process_h245_channel(skb, ct, ctinfo,
446 protoff, data, dataoff,
434 &olc-> 447 &olc->
435 reverseLogicalChannelParameters. 448 reverseLogicalChannelParameters.
436 multiplexParameters. 449 multiplexParameters.
@@ -448,7 +461,7 @@ static int process_olc(struct sk_buff *skb, struct nf_conn *ct,
448 t120.choice == eDataProtocolCapability_separateLANStack && 461 t120.choice == eDataProtocolCapability_separateLANStack &&
449 olc->separateStack.networkAddress.choice == 462 olc->separateStack.networkAddress.choice ==
450 eNetworkAccessParameters_networkAddress_localAreaAddress) { 463 eNetworkAccessParameters_networkAddress_localAreaAddress) {
451 ret = expect_t120(skb, ct, ctinfo, data, dataoff, 464 ret = expect_t120(skb, ct, ctinfo, protoff, data, dataoff,
452 &olc->separateStack.networkAddress. 465 &olc->separateStack.networkAddress.
453 localAreaAddress); 466 localAreaAddress);
454 if (ret < 0) 467 if (ret < 0)
@@ -461,7 +474,7 @@ static int process_olc(struct sk_buff *skb, struct nf_conn *ct,
461/****************************************************************************/ 474/****************************************************************************/
462static int process_olca(struct sk_buff *skb, struct nf_conn *ct, 475static int process_olca(struct sk_buff *skb, struct nf_conn *ct,
463 enum ip_conntrack_info ctinfo, 476 enum ip_conntrack_info ctinfo,
464 unsigned char **data, int dataoff, 477 unsigned int protoff, unsigned char **data, int dataoff,
465 OpenLogicalChannelAck *olca) 478 OpenLogicalChannelAck *olca)
466{ 479{
467 H2250LogicalChannelAckParameters *ack; 480 H2250LogicalChannelAckParameters *ack;
@@ -477,7 +490,8 @@ static int process_olca(struct sk_buff *skb, struct nf_conn *ct,
477 choice == 490 choice ==
478 eOpenLogicalChannelAck_reverseLogicalChannelParameters_multiplexParameters_h2250LogicalChannelParameters)) 491 eOpenLogicalChannelAck_reverseLogicalChannelParameters_multiplexParameters_h2250LogicalChannelParameters))
479 { 492 {
480 ret = process_h245_channel(skb, ct, ctinfo, data, dataoff, 493 ret = process_h245_channel(skb, ct, ctinfo,
494 protoff, data, dataoff,
481 &olca-> 495 &olca->
482 reverseLogicalChannelParameters. 496 reverseLogicalChannelParameters.
483 multiplexParameters. 497 multiplexParameters.
@@ -496,7 +510,8 @@ static int process_olca(struct sk_buff *skb, struct nf_conn *ct,
496 if (ack->options & 510 if (ack->options &
497 eH2250LogicalChannelAckParameters_mediaChannel) { 511 eH2250LogicalChannelAckParameters_mediaChannel) {
498 /* RTP */ 512 /* RTP */
499 ret = expect_rtp_rtcp(skb, ct, ctinfo, data, dataoff, 513 ret = expect_rtp_rtcp(skb, ct, ctinfo,
514 protoff, data, dataoff,
500 &ack->mediaChannel); 515 &ack->mediaChannel);
501 if (ret < 0) 516 if (ret < 0)
502 return -1; 517 return -1;
@@ -505,7 +520,8 @@ static int process_olca(struct sk_buff *skb, struct nf_conn *ct,
505 if (ack->options & 520 if (ack->options &
506 eH2250LogicalChannelAckParameters_mediaControlChannel) { 521 eH2250LogicalChannelAckParameters_mediaControlChannel) {
507 /* RTCP */ 522 /* RTCP */
508 ret = expect_rtp_rtcp(skb, ct, ctinfo, data, dataoff, 523 ret = expect_rtp_rtcp(skb, ct, ctinfo,
524 protoff, data, dataoff,
509 &ack->mediaControlChannel); 525 &ack->mediaControlChannel);
510 if (ret < 0) 526 if (ret < 0)
511 return -1; 527 return -1;
@@ -515,7 +531,7 @@ static int process_olca(struct sk_buff *skb, struct nf_conn *ct,
515 if ((olca->options & eOpenLogicalChannelAck_separateStack) && 531 if ((olca->options & eOpenLogicalChannelAck_separateStack) &&
516 olca->separateStack.networkAddress.choice == 532 olca->separateStack.networkAddress.choice ==
517 eNetworkAccessParameters_networkAddress_localAreaAddress) { 533 eNetworkAccessParameters_networkAddress_localAreaAddress) {
518 ret = expect_t120(skb, ct, ctinfo, data, dataoff, 534 ret = expect_t120(skb, ct, ctinfo, protoff, data, dataoff,
519 &olca->separateStack.networkAddress. 535 &olca->separateStack.networkAddress.
520 localAreaAddress); 536 localAreaAddress);
521 if (ret < 0) 537 if (ret < 0)
@@ -528,14 +544,15 @@ static int process_olca(struct sk_buff *skb, struct nf_conn *ct,
528/****************************************************************************/ 544/****************************************************************************/
529static int process_h245(struct sk_buff *skb, struct nf_conn *ct, 545static int process_h245(struct sk_buff *skb, struct nf_conn *ct,
530 enum ip_conntrack_info ctinfo, 546 enum ip_conntrack_info ctinfo,
531 unsigned char **data, int dataoff, 547 unsigned int protoff, unsigned char **data, int dataoff,
532 MultimediaSystemControlMessage *mscm) 548 MultimediaSystemControlMessage *mscm)
533{ 549{
534 switch (mscm->choice) { 550 switch (mscm->choice) {
535 case eMultimediaSystemControlMessage_request: 551 case eMultimediaSystemControlMessage_request:
536 if (mscm->request.choice == 552 if (mscm->request.choice ==
537 eRequestMessage_openLogicalChannel) { 553 eRequestMessage_openLogicalChannel) {
538 return process_olc(skb, ct, ctinfo, data, dataoff, 554 return process_olc(skb, ct, ctinfo,
555 protoff, data, dataoff,
539 &mscm->request.openLogicalChannel); 556 &mscm->request.openLogicalChannel);
540 } 557 }
541 pr_debug("nf_ct_h323: H.245 Request %d\n", 558 pr_debug("nf_ct_h323: H.245 Request %d\n",
@@ -544,7 +561,8 @@ static int process_h245(struct sk_buff *skb, struct nf_conn *ct,
544 case eMultimediaSystemControlMessage_response: 561 case eMultimediaSystemControlMessage_response:
545 if (mscm->response.choice == 562 if (mscm->response.choice ==
546 eResponseMessage_openLogicalChannelAck) { 563 eResponseMessage_openLogicalChannelAck) {
547 return process_olca(skb, ct, ctinfo, data, dataoff, 564 return process_olca(skb, ct, ctinfo,
565 protoff, data, dataoff,
548 &mscm->response. 566 &mscm->response.
549 openLogicalChannelAck); 567 openLogicalChannelAck);
550 } 568 }
@@ -595,7 +613,8 @@ static int h245_help(struct sk_buff *skb, unsigned int protoff,
595 } 613 }
596 614
597 /* Process H.245 signal */ 615 /* Process H.245 signal */
598 if (process_h245(skb, ct, ctinfo, &data, dataoff, &mscm) < 0) 616 if (process_h245(skb, ct, ctinfo, protoff,
617 &data, dataoff, &mscm) < 0)
599 goto drop; 618 goto drop;
600 } 619 }
601 620
@@ -659,7 +678,7 @@ int get_h225_addr(struct nf_conn *ct, unsigned char *data,
659/****************************************************************************/ 678/****************************************************************************/
660static int expect_h245(struct sk_buff *skb, struct nf_conn *ct, 679static int expect_h245(struct sk_buff *skb, struct nf_conn *ct,
661 enum ip_conntrack_info ctinfo, 680 enum ip_conntrack_info ctinfo,
662 unsigned char **data, int dataoff, 681 unsigned int protoff, unsigned char **data, int dataoff,
663 TransportAddress *taddr) 682 TransportAddress *taddr)
664{ 683{
665 int dir = CTINFO2DIR(ctinfo); 684 int dir = CTINFO2DIR(ctinfo);
@@ -688,9 +707,10 @@ static int expect_h245(struct sk_buff *skb, struct nf_conn *ct,
688 &ct->tuplehash[!dir].tuple.dst.u3, 707 &ct->tuplehash[!dir].tuple.dst.u3,
689 sizeof(ct->tuplehash[dir].tuple.src.u3)) && 708 sizeof(ct->tuplehash[dir].tuple.src.u3)) &&
690 (nat_h245 = rcu_dereference(nat_h245_hook)) && 709 (nat_h245 = rcu_dereference(nat_h245_hook)) &&
710 nf_ct_l3num(ct) == NFPROTO_IPV4 &&
691 ct->status & IPS_NAT_MASK) { 711 ct->status & IPS_NAT_MASK) {
692 /* NAT needed */ 712 /* NAT needed */
693 ret = nat_h245(skb, ct, ctinfo, data, dataoff, taddr, 713 ret = nat_h245(skb, ct, ctinfo, protoff, data, dataoff, taddr,
694 port, exp); 714 port, exp);
695 } else { /* Conntrack only */ 715 } else { /* Conntrack only */
696 if (nf_ct_expect_related(exp) == 0) { 716 if (nf_ct_expect_related(exp) == 0) {
@@ -776,6 +796,7 @@ static int callforward_do_filter(const union nf_inet_addr *src,
776static int expect_callforwarding(struct sk_buff *skb, 796static int expect_callforwarding(struct sk_buff *skb,
777 struct nf_conn *ct, 797 struct nf_conn *ct,
778 enum ip_conntrack_info ctinfo, 798 enum ip_conntrack_info ctinfo,
799 unsigned int protoff,
779 unsigned char **data, int dataoff, 800 unsigned char **data, int dataoff,
780 TransportAddress *taddr) 801 TransportAddress *taddr)
781{ 802{
@@ -811,9 +832,11 @@ static int expect_callforwarding(struct sk_buff *skb,
811 &ct->tuplehash[!dir].tuple.dst.u3, 832 &ct->tuplehash[!dir].tuple.dst.u3,
812 sizeof(ct->tuplehash[dir].tuple.src.u3)) && 833 sizeof(ct->tuplehash[dir].tuple.src.u3)) &&
813 (nat_callforwarding = rcu_dereference(nat_callforwarding_hook)) && 834 (nat_callforwarding = rcu_dereference(nat_callforwarding_hook)) &&
835 nf_ct_l3num(ct) == NFPROTO_IPV4 &&
814 ct->status & IPS_NAT_MASK) { 836 ct->status & IPS_NAT_MASK) {
815 /* Need NAT */ 837 /* Need NAT */
816 ret = nat_callforwarding(skb, ct, ctinfo, data, dataoff, 838 ret = nat_callforwarding(skb, ct, ctinfo,
839 protoff, data, dataoff,
817 taddr, port, exp); 840 taddr, port, exp);
818 } else { /* Conntrack only */ 841 } else { /* Conntrack only */
819 if (nf_ct_expect_related(exp) == 0) { 842 if (nf_ct_expect_related(exp) == 0) {
@@ -831,6 +854,7 @@ static int expect_callforwarding(struct sk_buff *skb,
831/****************************************************************************/ 854/****************************************************************************/
832static int process_setup(struct sk_buff *skb, struct nf_conn *ct, 855static int process_setup(struct sk_buff *skb, struct nf_conn *ct,
833 enum ip_conntrack_info ctinfo, 856 enum ip_conntrack_info ctinfo,
857 unsigned int protoff,
834 unsigned char **data, int dataoff, 858 unsigned char **data, int dataoff,
835 Setup_UUIE *setup) 859 Setup_UUIE *setup)
836{ 860{
@@ -844,7 +868,7 @@ static int process_setup(struct sk_buff *skb, struct nf_conn *ct,
844 pr_debug("nf_ct_q931: Setup\n"); 868 pr_debug("nf_ct_q931: Setup\n");
845 869
846 if (setup->options & eSetup_UUIE_h245Address) { 870 if (setup->options & eSetup_UUIE_h245Address) {
847 ret = expect_h245(skb, ct, ctinfo, data, dataoff, 871 ret = expect_h245(skb, ct, ctinfo, protoff, data, dataoff,
848 &setup->h245Address); 872 &setup->h245Address);
849 if (ret < 0) 873 if (ret < 0)
850 return -1; 874 return -1;
@@ -852,14 +876,15 @@ static int process_setup(struct sk_buff *skb, struct nf_conn *ct,
852 876
853 set_h225_addr = rcu_dereference(set_h225_addr_hook); 877 set_h225_addr = rcu_dereference(set_h225_addr_hook);
854 if ((setup->options & eSetup_UUIE_destCallSignalAddress) && 878 if ((setup->options & eSetup_UUIE_destCallSignalAddress) &&
855 (set_h225_addr) && ct->status & IPS_NAT_MASK && 879 (set_h225_addr) && nf_ct_l3num(ct) == NFPROTO_IPV4 &&
880 ct->status & IPS_NAT_MASK &&
856 get_h225_addr(ct, *data, &setup->destCallSignalAddress, 881 get_h225_addr(ct, *data, &setup->destCallSignalAddress,
857 &addr, &port) && 882 &addr, &port) &&
858 memcmp(&addr, &ct->tuplehash[!dir].tuple.src.u3, sizeof(addr))) { 883 memcmp(&addr, &ct->tuplehash[!dir].tuple.src.u3, sizeof(addr))) {
859 pr_debug("nf_ct_q931: set destCallSignalAddress %pI6:%hu->%pI6:%hu\n", 884 pr_debug("nf_ct_q931: set destCallSignalAddress %pI6:%hu->%pI6:%hu\n",
860 &addr, ntohs(port), &ct->tuplehash[!dir].tuple.src.u3, 885 &addr, ntohs(port), &ct->tuplehash[!dir].tuple.src.u3,
861 ntohs(ct->tuplehash[!dir].tuple.src.u.tcp.port)); 886 ntohs(ct->tuplehash[!dir].tuple.src.u.tcp.port));
862 ret = set_h225_addr(skb, data, dataoff, 887 ret = set_h225_addr(skb, protoff, data, dataoff,
863 &setup->destCallSignalAddress, 888 &setup->destCallSignalAddress,
864 &ct->tuplehash[!dir].tuple.src.u3, 889 &ct->tuplehash[!dir].tuple.src.u3,
865 ct->tuplehash[!dir].tuple.src.u.tcp.port); 890 ct->tuplehash[!dir].tuple.src.u.tcp.port);
@@ -868,14 +893,15 @@ static int process_setup(struct sk_buff *skb, struct nf_conn *ct,
868 } 893 }
869 894
870 if ((setup->options & eSetup_UUIE_sourceCallSignalAddress) && 895 if ((setup->options & eSetup_UUIE_sourceCallSignalAddress) &&
871 (set_h225_addr) && ct->status & IPS_NAT_MASK && 896 (set_h225_addr) && nf_ct_l3num(ct) == NFPROTO_IPV4 &&
897 ct->status & IPS_NAT_MASK &&
872 get_h225_addr(ct, *data, &setup->sourceCallSignalAddress, 898 get_h225_addr(ct, *data, &setup->sourceCallSignalAddress,
873 &addr, &port) && 899 &addr, &port) &&
874 memcmp(&addr, &ct->tuplehash[!dir].tuple.dst.u3, sizeof(addr))) { 900 memcmp(&addr, &ct->tuplehash[!dir].tuple.dst.u3, sizeof(addr))) {
875 pr_debug("nf_ct_q931: set sourceCallSignalAddress %pI6:%hu->%pI6:%hu\n", 901 pr_debug("nf_ct_q931: set sourceCallSignalAddress %pI6:%hu->%pI6:%hu\n",
876 &addr, ntohs(port), &ct->tuplehash[!dir].tuple.dst.u3, 902 &addr, ntohs(port), &ct->tuplehash[!dir].tuple.dst.u3,
877 ntohs(ct->tuplehash[!dir].tuple.dst.u.tcp.port)); 903 ntohs(ct->tuplehash[!dir].tuple.dst.u.tcp.port));
878 ret = set_h225_addr(skb, data, dataoff, 904 ret = set_h225_addr(skb, protoff, data, dataoff,
879 &setup->sourceCallSignalAddress, 905 &setup->sourceCallSignalAddress,
880 &ct->tuplehash[!dir].tuple.dst.u3, 906 &ct->tuplehash[!dir].tuple.dst.u3,
881 ct->tuplehash[!dir].tuple.dst.u.tcp.port); 907 ct->tuplehash[!dir].tuple.dst.u.tcp.port);
@@ -885,7 +911,8 @@ static int process_setup(struct sk_buff *skb, struct nf_conn *ct,
885 911
886 if (setup->options & eSetup_UUIE_fastStart) { 912 if (setup->options & eSetup_UUIE_fastStart) {
887 for (i = 0; i < setup->fastStart.count; i++) { 913 for (i = 0; i < setup->fastStart.count; i++) {
888 ret = process_olc(skb, ct, ctinfo, data, dataoff, 914 ret = process_olc(skb, ct, ctinfo,
915 protoff, data, dataoff,
889 &setup->fastStart.item[i]); 916 &setup->fastStart.item[i]);
890 if (ret < 0) 917 if (ret < 0)
891 return -1; 918 return -1;
@@ -899,6 +926,7 @@ static int process_setup(struct sk_buff *skb, struct nf_conn *ct,
899static int process_callproceeding(struct sk_buff *skb, 926static int process_callproceeding(struct sk_buff *skb,
900 struct nf_conn *ct, 927 struct nf_conn *ct,
901 enum ip_conntrack_info ctinfo, 928 enum ip_conntrack_info ctinfo,
929 unsigned int protoff,
902 unsigned char **data, int dataoff, 930 unsigned char **data, int dataoff,
903 CallProceeding_UUIE *callproc) 931 CallProceeding_UUIE *callproc)
904{ 932{
@@ -908,7 +936,7 @@ static int process_callproceeding(struct sk_buff *skb,
908 pr_debug("nf_ct_q931: CallProceeding\n"); 936 pr_debug("nf_ct_q931: CallProceeding\n");
909 937
910 if (callproc->options & eCallProceeding_UUIE_h245Address) { 938 if (callproc->options & eCallProceeding_UUIE_h245Address) {
911 ret = expect_h245(skb, ct, ctinfo, data, dataoff, 939 ret = expect_h245(skb, ct, ctinfo, protoff, data, dataoff,
912 &callproc->h245Address); 940 &callproc->h245Address);
913 if (ret < 0) 941 if (ret < 0)
914 return -1; 942 return -1;
@@ -916,7 +944,8 @@ static int process_callproceeding(struct sk_buff *skb,
916 944
917 if (callproc->options & eCallProceeding_UUIE_fastStart) { 945 if (callproc->options & eCallProceeding_UUIE_fastStart) {
918 for (i = 0; i < callproc->fastStart.count; i++) { 946 for (i = 0; i < callproc->fastStart.count; i++) {
919 ret = process_olc(skb, ct, ctinfo, data, dataoff, 947 ret = process_olc(skb, ct, ctinfo,
948 protoff, data, dataoff,
920 &callproc->fastStart.item[i]); 949 &callproc->fastStart.item[i]);
921 if (ret < 0) 950 if (ret < 0)
922 return -1; 951 return -1;
@@ -929,6 +958,7 @@ static int process_callproceeding(struct sk_buff *skb,
929/****************************************************************************/ 958/****************************************************************************/
930static int process_connect(struct sk_buff *skb, struct nf_conn *ct, 959static int process_connect(struct sk_buff *skb, struct nf_conn *ct,
931 enum ip_conntrack_info ctinfo, 960 enum ip_conntrack_info ctinfo,
961 unsigned int protoff,
932 unsigned char **data, int dataoff, 962 unsigned char **data, int dataoff,
933 Connect_UUIE *connect) 963 Connect_UUIE *connect)
934{ 964{
@@ -938,7 +968,7 @@ static int process_connect(struct sk_buff *skb, struct nf_conn *ct,
938 pr_debug("nf_ct_q931: Connect\n"); 968 pr_debug("nf_ct_q931: Connect\n");
939 969
940 if (connect->options & eConnect_UUIE_h245Address) { 970 if (connect->options & eConnect_UUIE_h245Address) {
941 ret = expect_h245(skb, ct, ctinfo, data, dataoff, 971 ret = expect_h245(skb, ct, ctinfo, protoff, data, dataoff,
942 &connect->h245Address); 972 &connect->h245Address);
943 if (ret < 0) 973 if (ret < 0)
944 return -1; 974 return -1;
@@ -946,7 +976,8 @@ static int process_connect(struct sk_buff *skb, struct nf_conn *ct,
946 976
947 if (connect->options & eConnect_UUIE_fastStart) { 977 if (connect->options & eConnect_UUIE_fastStart) {
948 for (i = 0; i < connect->fastStart.count; i++) { 978 for (i = 0; i < connect->fastStart.count; i++) {
949 ret = process_olc(skb, ct, ctinfo, data, dataoff, 979 ret = process_olc(skb, ct, ctinfo,
980 protoff, data, dataoff,
950 &connect->fastStart.item[i]); 981 &connect->fastStart.item[i]);
951 if (ret < 0) 982 if (ret < 0)
952 return -1; 983 return -1;
@@ -959,6 +990,7 @@ static int process_connect(struct sk_buff *skb, struct nf_conn *ct,
959/****************************************************************************/ 990/****************************************************************************/
960static int process_alerting(struct sk_buff *skb, struct nf_conn *ct, 991static int process_alerting(struct sk_buff *skb, struct nf_conn *ct,
961 enum ip_conntrack_info ctinfo, 992 enum ip_conntrack_info ctinfo,
993 unsigned int protoff,
962 unsigned char **data, int dataoff, 994 unsigned char **data, int dataoff,
963 Alerting_UUIE *alert) 995 Alerting_UUIE *alert)
964{ 996{
@@ -968,7 +1000,7 @@ static int process_alerting(struct sk_buff *skb, struct nf_conn *ct,
968 pr_debug("nf_ct_q931: Alerting\n"); 1000 pr_debug("nf_ct_q931: Alerting\n");
969 1001
970 if (alert->options & eAlerting_UUIE_h245Address) { 1002 if (alert->options & eAlerting_UUIE_h245Address) {
971 ret = expect_h245(skb, ct, ctinfo, data, dataoff, 1003 ret = expect_h245(skb, ct, ctinfo, protoff, data, dataoff,
972 &alert->h245Address); 1004 &alert->h245Address);
973 if (ret < 0) 1005 if (ret < 0)
974 return -1; 1006 return -1;
@@ -976,7 +1008,8 @@ static int process_alerting(struct sk_buff *skb, struct nf_conn *ct,
976 1008
977 if (alert->options & eAlerting_UUIE_fastStart) { 1009 if (alert->options & eAlerting_UUIE_fastStart) {
978 for (i = 0; i < alert->fastStart.count; i++) { 1010 for (i = 0; i < alert->fastStart.count; i++) {
979 ret = process_olc(skb, ct, ctinfo, data, dataoff, 1011 ret = process_olc(skb, ct, ctinfo,
1012 protoff, data, dataoff,
980 &alert->fastStart.item[i]); 1013 &alert->fastStart.item[i]);
981 if (ret < 0) 1014 if (ret < 0)
982 return -1; 1015 return -1;
@@ -989,6 +1022,7 @@ static int process_alerting(struct sk_buff *skb, struct nf_conn *ct,
989/****************************************************************************/ 1022/****************************************************************************/
990static int process_facility(struct sk_buff *skb, struct nf_conn *ct, 1023static int process_facility(struct sk_buff *skb, struct nf_conn *ct,
991 enum ip_conntrack_info ctinfo, 1024 enum ip_conntrack_info ctinfo,
1025 unsigned int protoff,
992 unsigned char **data, int dataoff, 1026 unsigned char **data, int dataoff,
993 Facility_UUIE *facility) 1027 Facility_UUIE *facility)
994{ 1028{
@@ -999,15 +1033,15 @@ static int process_facility(struct sk_buff *skb, struct nf_conn *ct,
999 1033
1000 if (facility->reason.choice == eFacilityReason_callForwarded) { 1034 if (facility->reason.choice == eFacilityReason_callForwarded) {
1001 if (facility->options & eFacility_UUIE_alternativeAddress) 1035 if (facility->options & eFacility_UUIE_alternativeAddress)
1002 return expect_callforwarding(skb, ct, ctinfo, data, 1036 return expect_callforwarding(skb, ct, ctinfo,
1003 dataoff, 1037 protoff, data, dataoff,
1004 &facility-> 1038 &facility->
1005 alternativeAddress); 1039 alternativeAddress);
1006 return 0; 1040 return 0;
1007 } 1041 }
1008 1042
1009 if (facility->options & eFacility_UUIE_h245Address) { 1043 if (facility->options & eFacility_UUIE_h245Address) {
1010 ret = expect_h245(skb, ct, ctinfo, data, dataoff, 1044 ret = expect_h245(skb, ct, ctinfo, protoff, data, dataoff,
1011 &facility->h245Address); 1045 &facility->h245Address);
1012 if (ret < 0) 1046 if (ret < 0)
1013 return -1; 1047 return -1;
@@ -1015,7 +1049,8 @@ static int process_facility(struct sk_buff *skb, struct nf_conn *ct,
1015 1049
1016 if (facility->options & eFacility_UUIE_fastStart) { 1050 if (facility->options & eFacility_UUIE_fastStart) {
1017 for (i = 0; i < facility->fastStart.count; i++) { 1051 for (i = 0; i < facility->fastStart.count; i++) {
1018 ret = process_olc(skb, ct, ctinfo, data, dataoff, 1052 ret = process_olc(skb, ct, ctinfo,
1053 protoff, data, dataoff,
1019 &facility->fastStart.item[i]); 1054 &facility->fastStart.item[i]);
1020 if (ret < 0) 1055 if (ret < 0)
1021 return -1; 1056 return -1;
@@ -1028,6 +1063,7 @@ static int process_facility(struct sk_buff *skb, struct nf_conn *ct,
1028/****************************************************************************/ 1063/****************************************************************************/
1029static int process_progress(struct sk_buff *skb, struct nf_conn *ct, 1064static int process_progress(struct sk_buff *skb, struct nf_conn *ct,
1030 enum ip_conntrack_info ctinfo, 1065 enum ip_conntrack_info ctinfo,
1066 unsigned int protoff,
1031 unsigned char **data, int dataoff, 1067 unsigned char **data, int dataoff,
1032 Progress_UUIE *progress) 1068 Progress_UUIE *progress)
1033{ 1069{
@@ -1037,7 +1073,7 @@ static int process_progress(struct sk_buff *skb, struct nf_conn *ct,
1037 pr_debug("nf_ct_q931: Progress\n"); 1073 pr_debug("nf_ct_q931: Progress\n");
1038 1074
1039 if (progress->options & eProgress_UUIE_h245Address) { 1075 if (progress->options & eProgress_UUIE_h245Address) {
1040 ret = expect_h245(skb, ct, ctinfo, data, dataoff, 1076 ret = expect_h245(skb, ct, ctinfo, protoff, data, dataoff,
1041 &progress->h245Address); 1077 &progress->h245Address);
1042 if (ret < 0) 1078 if (ret < 0)
1043 return -1; 1079 return -1;
@@ -1045,7 +1081,8 @@ static int process_progress(struct sk_buff *skb, struct nf_conn *ct,
1045 1081
1046 if (progress->options & eProgress_UUIE_fastStart) { 1082 if (progress->options & eProgress_UUIE_fastStart) {
1047 for (i = 0; i < progress->fastStart.count; i++) { 1083 for (i = 0; i < progress->fastStart.count; i++) {
1048 ret = process_olc(skb, ct, ctinfo, data, dataoff, 1084 ret = process_olc(skb, ct, ctinfo,
1085 protoff, data, dataoff,
1049 &progress->fastStart.item[i]); 1086 &progress->fastStart.item[i]);
1050 if (ret < 0) 1087 if (ret < 0)
1051 return -1; 1088 return -1;
@@ -1058,7 +1095,8 @@ static int process_progress(struct sk_buff *skb, struct nf_conn *ct,
1058/****************************************************************************/ 1095/****************************************************************************/
1059static int process_q931(struct sk_buff *skb, struct nf_conn *ct, 1096static int process_q931(struct sk_buff *skb, struct nf_conn *ct,
1060 enum ip_conntrack_info ctinfo, 1097 enum ip_conntrack_info ctinfo,
1061 unsigned char **data, int dataoff, Q931 *q931) 1098 unsigned int protoff, unsigned char **data, int dataoff,
1099 Q931 *q931)
1062{ 1100{
1063 H323_UU_PDU *pdu = &q931->UUIE.h323_uu_pdu; 1101 H323_UU_PDU *pdu = &q931->UUIE.h323_uu_pdu;
1064 int i; 1102 int i;
@@ -1066,28 +1104,29 @@ static int process_q931(struct sk_buff *skb, struct nf_conn *ct,
1066 1104
1067 switch (pdu->h323_message_body.choice) { 1105 switch (pdu->h323_message_body.choice) {
1068 case eH323_UU_PDU_h323_message_body_setup: 1106 case eH323_UU_PDU_h323_message_body_setup:
1069 ret = process_setup(skb, ct, ctinfo, data, dataoff, 1107 ret = process_setup(skb, ct, ctinfo, protoff, data, dataoff,
1070 &pdu->h323_message_body.setup); 1108 &pdu->h323_message_body.setup);
1071 break; 1109 break;
1072 case eH323_UU_PDU_h323_message_body_callProceeding: 1110 case eH323_UU_PDU_h323_message_body_callProceeding:
1073 ret = process_callproceeding(skb, ct, ctinfo, data, dataoff, 1111 ret = process_callproceeding(skb, ct, ctinfo,
1112 protoff, data, dataoff,
1074 &pdu->h323_message_body. 1113 &pdu->h323_message_body.
1075 callProceeding); 1114 callProceeding);
1076 break; 1115 break;
1077 case eH323_UU_PDU_h323_message_body_connect: 1116 case eH323_UU_PDU_h323_message_body_connect:
1078 ret = process_connect(skb, ct, ctinfo, data, dataoff, 1117 ret = process_connect(skb, ct, ctinfo, protoff, data, dataoff,
1079 &pdu->h323_message_body.connect); 1118 &pdu->h323_message_body.connect);
1080 break; 1119 break;
1081 case eH323_UU_PDU_h323_message_body_alerting: 1120 case eH323_UU_PDU_h323_message_body_alerting:
1082 ret = process_alerting(skb, ct, ctinfo, data, dataoff, 1121 ret = process_alerting(skb, ct, ctinfo, protoff, data, dataoff,
1083 &pdu->h323_message_body.alerting); 1122 &pdu->h323_message_body.alerting);
1084 break; 1123 break;
1085 case eH323_UU_PDU_h323_message_body_facility: 1124 case eH323_UU_PDU_h323_message_body_facility:
1086 ret = process_facility(skb, ct, ctinfo, data, dataoff, 1125 ret = process_facility(skb, ct, ctinfo, protoff, data, dataoff,
1087 &pdu->h323_message_body.facility); 1126 &pdu->h323_message_body.facility);
1088 break; 1127 break;
1089 case eH323_UU_PDU_h323_message_body_progress: 1128 case eH323_UU_PDU_h323_message_body_progress:
1090 ret = process_progress(skb, ct, ctinfo, data, dataoff, 1129 ret = process_progress(skb, ct, ctinfo, protoff, data, dataoff,
1091 &pdu->h323_message_body.progress); 1130 &pdu->h323_message_body.progress);
1092 break; 1131 break;
1093 default: 1132 default:
@@ -1101,7 +1140,8 @@ static int process_q931(struct sk_buff *skb, struct nf_conn *ct,
1101 1140
1102 if (pdu->options & eH323_UU_PDU_h245Control) { 1141 if (pdu->options & eH323_UU_PDU_h245Control) {
1103 for (i = 0; i < pdu->h245Control.count; i++) { 1142 for (i = 0; i < pdu->h245Control.count; i++) {
1104 ret = process_h245(skb, ct, ctinfo, data, dataoff, 1143 ret = process_h245(skb, ct, ctinfo,
1144 protoff, data, dataoff,
1105 &pdu->h245Control.item[i]); 1145 &pdu->h245Control.item[i]);
1106 if (ret < 0) 1146 if (ret < 0)
1107 return -1; 1147 return -1;
@@ -1146,7 +1186,8 @@ static int q931_help(struct sk_buff *skb, unsigned int protoff,
1146 } 1186 }
1147 1187
1148 /* Process Q.931 signal */ 1188 /* Process Q.931 signal */
1149 if (process_q931(skb, ct, ctinfo, &data, dataoff, &q931) < 0) 1189 if (process_q931(skb, ct, ctinfo, protoff,
1190 &data, dataoff, &q931) < 0)
1150 goto drop; 1191 goto drop;
1151 } 1192 }
1152 1193
@@ -1243,7 +1284,7 @@ static int set_expect_timeout(struct nf_conntrack_expect *exp,
1243/****************************************************************************/ 1284/****************************************************************************/
1244static int expect_q931(struct sk_buff *skb, struct nf_conn *ct, 1285static int expect_q931(struct sk_buff *skb, struct nf_conn *ct,
1245 enum ip_conntrack_info ctinfo, 1286 enum ip_conntrack_info ctinfo,
1246 unsigned char **data, 1287 unsigned int protoff, unsigned char **data,
1247 TransportAddress *taddr, int count) 1288 TransportAddress *taddr, int count)
1248{ 1289{
1249 struct nf_ct_h323_master *info = nfct_help_data(ct); 1290 struct nf_ct_h323_master *info = nfct_help_data(ct);
@@ -1278,8 +1319,10 @@ static int expect_q931(struct sk_buff *skb, struct nf_conn *ct,
1278 exp->flags = NF_CT_EXPECT_PERMANENT; /* Accept multiple calls */ 1319 exp->flags = NF_CT_EXPECT_PERMANENT; /* Accept multiple calls */
1279 1320
1280 nat_q931 = rcu_dereference(nat_q931_hook); 1321 nat_q931 = rcu_dereference(nat_q931_hook);
1281 if (nat_q931 && ct->status & IPS_NAT_MASK) { /* Need NAT */ 1322 if (nat_q931 && nf_ct_l3num(ct) == NFPROTO_IPV4 &&
1282 ret = nat_q931(skb, ct, ctinfo, data, taddr, i, port, exp); 1323 ct->status & IPS_NAT_MASK) { /* Need NAT */
1324 ret = nat_q931(skb, ct, ctinfo, protoff, data,
1325 taddr, i, port, exp);
1283 } else { /* Conntrack only */ 1326 } else { /* Conntrack only */
1284 if (nf_ct_expect_related(exp) == 0) { 1327 if (nf_ct_expect_related(exp) == 0) {
1285 pr_debug("nf_ct_ras: expect Q.931 "); 1328 pr_debug("nf_ct_ras: expect Q.931 ");
@@ -1299,6 +1342,7 @@ static int expect_q931(struct sk_buff *skb, struct nf_conn *ct,
1299/****************************************************************************/ 1342/****************************************************************************/
1300static int process_grq(struct sk_buff *skb, struct nf_conn *ct, 1343static int process_grq(struct sk_buff *skb, struct nf_conn *ct,
1301 enum ip_conntrack_info ctinfo, 1344 enum ip_conntrack_info ctinfo,
1345 unsigned int protoff,
1302 unsigned char **data, GatekeeperRequest *grq) 1346 unsigned char **data, GatekeeperRequest *grq)
1303{ 1347{
1304 typeof(set_ras_addr_hook) set_ras_addr; 1348 typeof(set_ras_addr_hook) set_ras_addr;
@@ -1306,8 +1350,9 @@ static int process_grq(struct sk_buff *skb, struct nf_conn *ct,
1306 pr_debug("nf_ct_ras: GRQ\n"); 1350 pr_debug("nf_ct_ras: GRQ\n");
1307 1351
1308 set_ras_addr = rcu_dereference(set_ras_addr_hook); 1352 set_ras_addr = rcu_dereference(set_ras_addr_hook);
1309 if (set_ras_addr && ct->status & IPS_NAT_MASK) /* NATed */ 1353 if (set_ras_addr && nf_ct_l3num(ct) == NFPROTO_IPV4 &&
1310 return set_ras_addr(skb, ct, ctinfo, data, 1354 ct->status & IPS_NAT_MASK) /* NATed */
1355 return set_ras_addr(skb, ct, ctinfo, protoff, data,
1311 &grq->rasAddress, 1); 1356 &grq->rasAddress, 1);
1312 return 0; 1357 return 0;
1313} 1358}
@@ -1315,6 +1360,7 @@ static int process_grq(struct sk_buff *skb, struct nf_conn *ct,
1315/****************************************************************************/ 1360/****************************************************************************/
1316static int process_gcf(struct sk_buff *skb, struct nf_conn *ct, 1361static int process_gcf(struct sk_buff *skb, struct nf_conn *ct,
1317 enum ip_conntrack_info ctinfo, 1362 enum ip_conntrack_info ctinfo,
1363 unsigned int protoff,
1318 unsigned char **data, GatekeeperConfirm *gcf) 1364 unsigned char **data, GatekeeperConfirm *gcf)
1319{ 1365{
1320 int dir = CTINFO2DIR(ctinfo); 1366 int dir = CTINFO2DIR(ctinfo);
@@ -1359,6 +1405,7 @@ static int process_gcf(struct sk_buff *skb, struct nf_conn *ct,
1359/****************************************************************************/ 1405/****************************************************************************/
1360static int process_rrq(struct sk_buff *skb, struct nf_conn *ct, 1406static int process_rrq(struct sk_buff *skb, struct nf_conn *ct,
1361 enum ip_conntrack_info ctinfo, 1407 enum ip_conntrack_info ctinfo,
1408 unsigned int protoff,
1362 unsigned char **data, RegistrationRequest *rrq) 1409 unsigned char **data, RegistrationRequest *rrq)
1363{ 1410{
1364 struct nf_ct_h323_master *info = nfct_help_data(ct); 1411 struct nf_ct_h323_master *info = nfct_help_data(ct);
@@ -1367,15 +1414,16 @@ static int process_rrq(struct sk_buff *skb, struct nf_conn *ct,
1367 1414
1368 pr_debug("nf_ct_ras: RRQ\n"); 1415 pr_debug("nf_ct_ras: RRQ\n");
1369 1416
1370 ret = expect_q931(skb, ct, ctinfo, data, 1417 ret = expect_q931(skb, ct, ctinfo, protoff, data,
1371 rrq->callSignalAddress.item, 1418 rrq->callSignalAddress.item,
1372 rrq->callSignalAddress.count); 1419 rrq->callSignalAddress.count);
1373 if (ret < 0) 1420 if (ret < 0)
1374 return -1; 1421 return -1;
1375 1422
1376 set_ras_addr = rcu_dereference(set_ras_addr_hook); 1423 set_ras_addr = rcu_dereference(set_ras_addr_hook);
1377 if (set_ras_addr && ct->status & IPS_NAT_MASK) { 1424 if (set_ras_addr && nf_ct_l3num(ct) == NFPROTO_IPV4 &&
1378 ret = set_ras_addr(skb, ct, ctinfo, data, 1425 ct->status & IPS_NAT_MASK) {
1426 ret = set_ras_addr(skb, ct, ctinfo, protoff, data,
1379 rrq->rasAddress.item, 1427 rrq->rasAddress.item,
1380 rrq->rasAddress.count); 1428 rrq->rasAddress.count);
1381 if (ret < 0) 1429 if (ret < 0)
@@ -1394,6 +1442,7 @@ static int process_rrq(struct sk_buff *skb, struct nf_conn *ct,
1394/****************************************************************************/ 1442/****************************************************************************/
1395static int process_rcf(struct sk_buff *skb, struct nf_conn *ct, 1443static int process_rcf(struct sk_buff *skb, struct nf_conn *ct,
1396 enum ip_conntrack_info ctinfo, 1444 enum ip_conntrack_info ctinfo,
1445 unsigned int protoff,
1397 unsigned char **data, RegistrationConfirm *rcf) 1446 unsigned char **data, RegistrationConfirm *rcf)
1398{ 1447{
1399 struct nf_ct_h323_master *info = nfct_help_data(ct); 1448 struct nf_ct_h323_master *info = nfct_help_data(ct);
@@ -1405,8 +1454,9 @@ static int process_rcf(struct sk_buff *skb, struct nf_conn *ct,
1405 pr_debug("nf_ct_ras: RCF\n"); 1454 pr_debug("nf_ct_ras: RCF\n");
1406 1455
1407 set_sig_addr = rcu_dereference(set_sig_addr_hook); 1456 set_sig_addr = rcu_dereference(set_sig_addr_hook);
1408 if (set_sig_addr && ct->status & IPS_NAT_MASK) { 1457 if (set_sig_addr && nf_ct_l3num(ct) == NFPROTO_IPV4 &&
1409 ret = set_sig_addr(skb, ct, ctinfo, data, 1458 ct->status & IPS_NAT_MASK) {
1459 ret = set_sig_addr(skb, ct, ctinfo, protoff, data,
1410 rcf->callSignalAddress.item, 1460 rcf->callSignalAddress.item,
1411 rcf->callSignalAddress.count); 1461 rcf->callSignalAddress.count);
1412 if (ret < 0) 1462 if (ret < 0)
@@ -1443,6 +1493,7 @@ static int process_rcf(struct sk_buff *skb, struct nf_conn *ct,
1443/****************************************************************************/ 1493/****************************************************************************/
1444static int process_urq(struct sk_buff *skb, struct nf_conn *ct, 1494static int process_urq(struct sk_buff *skb, struct nf_conn *ct,
1445 enum ip_conntrack_info ctinfo, 1495 enum ip_conntrack_info ctinfo,
1496 unsigned int protoff,
1446 unsigned char **data, UnregistrationRequest *urq) 1497 unsigned char **data, UnregistrationRequest *urq)
1447{ 1498{
1448 struct nf_ct_h323_master *info = nfct_help_data(ct); 1499 struct nf_ct_h323_master *info = nfct_help_data(ct);
@@ -1453,8 +1504,9 @@ static int process_urq(struct sk_buff *skb, struct nf_conn *ct,
1453 pr_debug("nf_ct_ras: URQ\n"); 1504 pr_debug("nf_ct_ras: URQ\n");
1454 1505
1455 set_sig_addr = rcu_dereference(set_sig_addr_hook); 1506 set_sig_addr = rcu_dereference(set_sig_addr_hook);
1456 if (set_sig_addr && ct->status & IPS_NAT_MASK) { 1507 if (set_sig_addr && nf_ct_l3num(ct) == NFPROTO_IPV4 &&
1457 ret = set_sig_addr(skb, ct, ctinfo, data, 1508 ct->status & IPS_NAT_MASK) {
1509 ret = set_sig_addr(skb, ct, ctinfo, protoff, data,
1458 urq->callSignalAddress.item, 1510 urq->callSignalAddress.item,
1459 urq->callSignalAddress.count); 1511 urq->callSignalAddress.count);
1460 if (ret < 0) 1512 if (ret < 0)
@@ -1475,6 +1527,7 @@ static int process_urq(struct sk_buff *skb, struct nf_conn *ct,
1475/****************************************************************************/ 1527/****************************************************************************/
1476static int process_arq(struct sk_buff *skb, struct nf_conn *ct, 1528static int process_arq(struct sk_buff *skb, struct nf_conn *ct,
1477 enum ip_conntrack_info ctinfo, 1529 enum ip_conntrack_info ctinfo,
1530 unsigned int protoff,
1478 unsigned char **data, AdmissionRequest *arq) 1531 unsigned char **data, AdmissionRequest *arq)
1479{ 1532{
1480 const struct nf_ct_h323_master *info = nfct_help_data(ct); 1533 const struct nf_ct_h323_master *info = nfct_help_data(ct);
@@ -1491,9 +1544,10 @@ static int process_arq(struct sk_buff *skb, struct nf_conn *ct,
1491 &addr, &port) && 1544 &addr, &port) &&
1492 !memcmp(&addr, &ct->tuplehash[dir].tuple.src.u3, sizeof(addr)) && 1545 !memcmp(&addr, &ct->tuplehash[dir].tuple.src.u3, sizeof(addr)) &&
1493 port == info->sig_port[dir] && 1546 port == info->sig_port[dir] &&
1547 nf_ct_l3num(ct) == NFPROTO_IPV4 &&
1494 set_h225_addr && ct->status & IPS_NAT_MASK) { 1548 set_h225_addr && ct->status & IPS_NAT_MASK) {
1495 /* Answering ARQ */ 1549 /* Answering ARQ */
1496 return set_h225_addr(skb, data, 0, 1550 return set_h225_addr(skb, protoff, data, 0,
1497 &arq->destCallSignalAddress, 1551 &arq->destCallSignalAddress,
1498 &ct->tuplehash[!dir].tuple.dst.u3, 1552 &ct->tuplehash[!dir].tuple.dst.u3,
1499 info->sig_port[!dir]); 1553 info->sig_port[!dir]);
@@ -1503,9 +1557,10 @@ static int process_arq(struct sk_buff *skb, struct nf_conn *ct,
1503 get_h225_addr(ct, *data, &arq->srcCallSignalAddress, 1557 get_h225_addr(ct, *data, &arq->srcCallSignalAddress,
1504 &addr, &port) && 1558 &addr, &port) &&
1505 !memcmp(&addr, &ct->tuplehash[dir].tuple.src.u3, sizeof(addr)) && 1559 !memcmp(&addr, &ct->tuplehash[dir].tuple.src.u3, sizeof(addr)) &&
1506 set_h225_addr && ct->status & IPS_NAT_MASK) { 1560 set_h225_addr && nf_ct_l3num(ct) == NFPROTO_IPV4 &&
1561 ct->status & IPS_NAT_MASK) {
1507 /* Calling ARQ */ 1562 /* Calling ARQ */
1508 return set_h225_addr(skb, data, 0, 1563 return set_h225_addr(skb, protoff, data, 0,
1509 &arq->srcCallSignalAddress, 1564 &arq->srcCallSignalAddress,
1510 &ct->tuplehash[!dir].tuple.dst.u3, 1565 &ct->tuplehash[!dir].tuple.dst.u3,
1511 port); 1566 port);
@@ -1517,6 +1572,7 @@ static int process_arq(struct sk_buff *skb, struct nf_conn *ct,
1517/****************************************************************************/ 1572/****************************************************************************/
1518static int process_acf(struct sk_buff *skb, struct nf_conn *ct, 1573static int process_acf(struct sk_buff *skb, struct nf_conn *ct,
1519 enum ip_conntrack_info ctinfo, 1574 enum ip_conntrack_info ctinfo,
1575 unsigned int protoff,
1520 unsigned char **data, AdmissionConfirm *acf) 1576 unsigned char **data, AdmissionConfirm *acf)
1521{ 1577{
1522 int dir = CTINFO2DIR(ctinfo); 1578 int dir = CTINFO2DIR(ctinfo);
@@ -1535,8 +1591,9 @@ static int process_acf(struct sk_buff *skb, struct nf_conn *ct,
1535 if (!memcmp(&addr, &ct->tuplehash[dir].tuple.dst.u3, sizeof(addr))) { 1591 if (!memcmp(&addr, &ct->tuplehash[dir].tuple.dst.u3, sizeof(addr))) {
1536 /* Answering ACF */ 1592 /* Answering ACF */
1537 set_sig_addr = rcu_dereference(set_sig_addr_hook); 1593 set_sig_addr = rcu_dereference(set_sig_addr_hook);
1538 if (set_sig_addr && ct->status & IPS_NAT_MASK) 1594 if (set_sig_addr && nf_ct_l3num(ct) == NFPROTO_IPV4 &&
1539 return set_sig_addr(skb, ct, ctinfo, data, 1595 ct->status & IPS_NAT_MASK)
1596 return set_sig_addr(skb, ct, ctinfo, protoff, data,
1540 &acf->destCallSignalAddress, 1); 1597 &acf->destCallSignalAddress, 1);
1541 return 0; 1598 return 0;
1542 } 1599 }
@@ -1564,6 +1621,7 @@ static int process_acf(struct sk_buff *skb, struct nf_conn *ct,
1564/****************************************************************************/ 1621/****************************************************************************/
1565static int process_lrq(struct sk_buff *skb, struct nf_conn *ct, 1622static int process_lrq(struct sk_buff *skb, struct nf_conn *ct,
1566 enum ip_conntrack_info ctinfo, 1623 enum ip_conntrack_info ctinfo,
1624 unsigned int protoff,
1567 unsigned char **data, LocationRequest *lrq) 1625 unsigned char **data, LocationRequest *lrq)
1568{ 1626{
1569 typeof(set_ras_addr_hook) set_ras_addr; 1627 typeof(set_ras_addr_hook) set_ras_addr;
@@ -1571,8 +1629,9 @@ static int process_lrq(struct sk_buff *skb, struct nf_conn *ct,
1571 pr_debug("nf_ct_ras: LRQ\n"); 1629 pr_debug("nf_ct_ras: LRQ\n");
1572 1630
1573 set_ras_addr = rcu_dereference(set_ras_addr_hook); 1631 set_ras_addr = rcu_dereference(set_ras_addr_hook);
1574 if (set_ras_addr && ct->status & IPS_NAT_MASK) 1632 if (set_ras_addr && nf_ct_l3num(ct) == NFPROTO_IPV4 &&
1575 return set_ras_addr(skb, ct, ctinfo, data, 1633 ct->status & IPS_NAT_MASK)
1634 return set_ras_addr(skb, ct, ctinfo, protoff, data,
1576 &lrq->replyAddress, 1); 1635 &lrq->replyAddress, 1);
1577 return 0; 1636 return 0;
1578} 1637}
@@ -1580,6 +1639,7 @@ static int process_lrq(struct sk_buff *skb, struct nf_conn *ct,
1580/****************************************************************************/ 1639/****************************************************************************/
1581static int process_lcf(struct sk_buff *skb, struct nf_conn *ct, 1640static int process_lcf(struct sk_buff *skb, struct nf_conn *ct,
1582 enum ip_conntrack_info ctinfo, 1641 enum ip_conntrack_info ctinfo,
1642 unsigned int protoff,
1583 unsigned char **data, LocationConfirm *lcf) 1643 unsigned char **data, LocationConfirm *lcf)
1584{ 1644{
1585 int dir = CTINFO2DIR(ctinfo); 1645 int dir = CTINFO2DIR(ctinfo);
@@ -1619,6 +1679,7 @@ static int process_lcf(struct sk_buff *skb, struct nf_conn *ct,
1619/****************************************************************************/ 1679/****************************************************************************/
1620static int process_irr(struct sk_buff *skb, struct nf_conn *ct, 1680static int process_irr(struct sk_buff *skb, struct nf_conn *ct,
1621 enum ip_conntrack_info ctinfo, 1681 enum ip_conntrack_info ctinfo,
1682 unsigned int protoff,
1622 unsigned char **data, InfoRequestResponse *irr) 1683 unsigned char **data, InfoRequestResponse *irr)
1623{ 1684{
1624 int ret; 1685 int ret;
@@ -1628,16 +1689,18 @@ static int process_irr(struct sk_buff *skb, struct nf_conn *ct,
1628 pr_debug("nf_ct_ras: IRR\n"); 1689 pr_debug("nf_ct_ras: IRR\n");
1629 1690
1630 set_ras_addr = rcu_dereference(set_ras_addr_hook); 1691 set_ras_addr = rcu_dereference(set_ras_addr_hook);
1631 if (set_ras_addr && ct->status & IPS_NAT_MASK) { 1692 if (set_ras_addr && nf_ct_l3num(ct) == NFPROTO_IPV4 &&
1632 ret = set_ras_addr(skb, ct, ctinfo, data, 1693 ct->status & IPS_NAT_MASK) {
1694 ret = set_ras_addr(skb, ct, ctinfo, protoff, data,
1633 &irr->rasAddress, 1); 1695 &irr->rasAddress, 1);
1634 if (ret < 0) 1696 if (ret < 0)
1635 return -1; 1697 return -1;
1636 } 1698 }
1637 1699
1638 set_sig_addr = rcu_dereference(set_sig_addr_hook); 1700 set_sig_addr = rcu_dereference(set_sig_addr_hook);
1639 if (set_sig_addr && ct->status & IPS_NAT_MASK) { 1701 if (set_sig_addr && nf_ct_l3num(ct) == NFPROTO_IPV4 &&
1640 ret = set_sig_addr(skb, ct, ctinfo, data, 1702 ct->status & IPS_NAT_MASK) {
1703 ret = set_sig_addr(skb, ct, ctinfo, protoff, data,
1641 irr->callSignalAddress.item, 1704 irr->callSignalAddress.item,
1642 irr->callSignalAddress.count); 1705 irr->callSignalAddress.count);
1643 if (ret < 0) 1706 if (ret < 0)
@@ -1650,38 +1713,39 @@ static int process_irr(struct sk_buff *skb, struct nf_conn *ct,
1650/****************************************************************************/ 1713/****************************************************************************/
1651static int process_ras(struct sk_buff *skb, struct nf_conn *ct, 1714static int process_ras(struct sk_buff *skb, struct nf_conn *ct,
1652 enum ip_conntrack_info ctinfo, 1715 enum ip_conntrack_info ctinfo,
1716 unsigned int protoff,
1653 unsigned char **data, RasMessage *ras) 1717 unsigned char **data, RasMessage *ras)
1654{ 1718{
1655 switch (ras->choice) { 1719 switch (ras->choice) {
1656 case eRasMessage_gatekeeperRequest: 1720 case eRasMessage_gatekeeperRequest:
1657 return process_grq(skb, ct, ctinfo, data, 1721 return process_grq(skb, ct, ctinfo, protoff, data,
1658 &ras->gatekeeperRequest); 1722 &ras->gatekeeperRequest);
1659 case eRasMessage_gatekeeperConfirm: 1723 case eRasMessage_gatekeeperConfirm:
1660 return process_gcf(skb, ct, ctinfo, data, 1724 return process_gcf(skb, ct, ctinfo, protoff, data,
1661 &ras->gatekeeperConfirm); 1725 &ras->gatekeeperConfirm);
1662 case eRasMessage_registrationRequest: 1726 case eRasMessage_registrationRequest:
1663 return process_rrq(skb, ct, ctinfo, data, 1727 return process_rrq(skb, ct, ctinfo, protoff, data,
1664 &ras->registrationRequest); 1728 &ras->registrationRequest);
1665 case eRasMessage_registrationConfirm: 1729 case eRasMessage_registrationConfirm:
1666 return process_rcf(skb, ct, ctinfo, data, 1730 return process_rcf(skb, ct, ctinfo, protoff, data,
1667 &ras->registrationConfirm); 1731 &ras->registrationConfirm);
1668 case eRasMessage_unregistrationRequest: 1732 case eRasMessage_unregistrationRequest:
1669 return process_urq(skb, ct, ctinfo, data, 1733 return process_urq(skb, ct, ctinfo, protoff, data,
1670 &ras->unregistrationRequest); 1734 &ras->unregistrationRequest);
1671 case eRasMessage_admissionRequest: 1735 case eRasMessage_admissionRequest:
1672 return process_arq(skb, ct, ctinfo, data, 1736 return process_arq(skb, ct, ctinfo, protoff, data,
1673 &ras->admissionRequest); 1737 &ras->admissionRequest);
1674 case eRasMessage_admissionConfirm: 1738 case eRasMessage_admissionConfirm:
1675 return process_acf(skb, ct, ctinfo, data, 1739 return process_acf(skb, ct, ctinfo, protoff, data,
1676 &ras->admissionConfirm); 1740 &ras->admissionConfirm);
1677 case eRasMessage_locationRequest: 1741 case eRasMessage_locationRequest:
1678 return process_lrq(skb, ct, ctinfo, data, 1742 return process_lrq(skb, ct, ctinfo, protoff, data,
1679 &ras->locationRequest); 1743 &ras->locationRequest);
1680 case eRasMessage_locationConfirm: 1744 case eRasMessage_locationConfirm:
1681 return process_lcf(skb, ct, ctinfo, data, 1745 return process_lcf(skb, ct, ctinfo, protoff, data,
1682 &ras->locationConfirm); 1746 &ras->locationConfirm);
1683 case eRasMessage_infoRequestResponse: 1747 case eRasMessage_infoRequestResponse:
1684 return process_irr(skb, ct, ctinfo, data, 1748 return process_irr(skb, ct, ctinfo, protoff, data,
1685 &ras->infoRequestResponse); 1749 &ras->infoRequestResponse);
1686 default: 1750 default:
1687 pr_debug("nf_ct_ras: RAS message %d\n", ras->choice); 1751 pr_debug("nf_ct_ras: RAS message %d\n", ras->choice);
@@ -1721,7 +1785,7 @@ static int ras_help(struct sk_buff *skb, unsigned int protoff,
1721 } 1785 }
1722 1786
1723 /* Process RAS message */ 1787 /* Process RAS message */
1724 if (process_ras(skb, ct, ctinfo, &data, &ras) < 0) 1788 if (process_ras(skb, ct, ctinfo, protoff, &data, &ras) < 0)
1725 goto drop; 1789 goto drop;
1726 1790
1727 accept: 1791 accept:
diff --git a/net/netfilter/nf_conntrack_irc.c b/net/netfilter/nf_conntrack_irc.c
index 009c52cfd1ec..3b20aa77cfc8 100644
--- a/net/netfilter/nf_conntrack_irc.c
+++ b/net/netfilter/nf_conntrack_irc.c
@@ -33,6 +33,7 @@ static DEFINE_SPINLOCK(irc_buffer_lock);
33 33
34unsigned int (*nf_nat_irc_hook)(struct sk_buff *skb, 34unsigned int (*nf_nat_irc_hook)(struct sk_buff *skb,
35 enum ip_conntrack_info ctinfo, 35 enum ip_conntrack_info ctinfo,
36 unsigned int protoff,
36 unsigned int matchoff, 37 unsigned int matchoff,
37 unsigned int matchlen, 38 unsigned int matchlen,
38 struct nf_conntrack_expect *exp) __read_mostly; 39 struct nf_conntrack_expect *exp) __read_mostly;
@@ -205,7 +206,7 @@ static int help(struct sk_buff *skb, unsigned int protoff,
205 206
206 nf_nat_irc = rcu_dereference(nf_nat_irc_hook); 207 nf_nat_irc = rcu_dereference(nf_nat_irc_hook);
207 if (nf_nat_irc && ct->status & IPS_NAT_MASK) 208 if (nf_nat_irc && ct->status & IPS_NAT_MASK)
208 ret = nf_nat_irc(skb, ctinfo, 209 ret = nf_nat_irc(skb, ctinfo, protoff,
209 addr_beg_p - ib_ptr, 210 addr_beg_p - ib_ptr,
210 addr_end_p - addr_beg_p, 211 addr_end_p - addr_beg_p,
211 exp); 212 exp);
diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c
index 9807f3278fcb..7bbfb3deea30 100644
--- a/net/netfilter/nf_conntrack_netlink.c
+++ b/net/netfilter/nf_conntrack_netlink.c
@@ -45,7 +45,7 @@
45#include <net/netfilter/nf_conntrack_timestamp.h> 45#include <net/netfilter/nf_conntrack_timestamp.h>
46#ifdef CONFIG_NF_NAT_NEEDED 46#ifdef CONFIG_NF_NAT_NEEDED
47#include <net/netfilter/nf_nat_core.h> 47#include <net/netfilter/nf_nat_core.h>
48#include <net/netfilter/nf_nat_protocol.h> 48#include <net/netfilter/nf_nat_l4proto.h>
49#include <net/netfilter/nf_nat_helper.h> 49#include <net/netfilter/nf_nat_helper.h>
50#endif 50#endif
51 51
@@ -418,16 +418,16 @@ nla_put_failure:
418} 418}
419 419
420static int 420static int
421ctnetlink_fill_info(struct sk_buff *skb, u32 pid, u32 seq, u32 type, 421ctnetlink_fill_info(struct sk_buff *skb, u32 portid, u32 seq, u32 type,
422 struct nf_conn *ct) 422 struct nf_conn *ct)
423{ 423{
424 struct nlmsghdr *nlh; 424 struct nlmsghdr *nlh;
425 struct nfgenmsg *nfmsg; 425 struct nfgenmsg *nfmsg;
426 struct nlattr *nest_parms; 426 struct nlattr *nest_parms;
427 unsigned int flags = pid ? NLM_F_MULTI : 0, event; 427 unsigned int flags = portid ? NLM_F_MULTI : 0, event;
428 428
429 event = (NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_CT_NEW); 429 event = (NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_CT_NEW);
430 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*nfmsg), flags); 430 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
431 if (nlh == NULL) 431 if (nlh == NULL)
432 goto nlmsg_failure; 432 goto nlmsg_failure;
433 433
@@ -604,7 +604,7 @@ ctnetlink_conntrack_event(unsigned int events, struct nf_ct_event *item)
604 goto errout; 604 goto errout;
605 605
606 type |= NFNL_SUBSYS_CTNETLINK << 8; 606 type |= NFNL_SUBSYS_CTNETLINK << 8;
607 nlh = nlmsg_put(skb, item->pid, 0, type, sizeof(*nfmsg), flags); 607 nlh = nlmsg_put(skb, item->portid, 0, type, sizeof(*nfmsg), flags);
608 if (nlh == NULL) 608 if (nlh == NULL)
609 goto nlmsg_failure; 609 goto nlmsg_failure;
610 610
@@ -680,7 +680,7 @@ ctnetlink_conntrack_event(unsigned int events, struct nf_ct_event *item)
680 rcu_read_unlock(); 680 rcu_read_unlock();
681 681
682 nlmsg_end(skb, nlh); 682 nlmsg_end(skb, nlh);
683 err = nfnetlink_send(skb, net, item->pid, group, item->report, 683 err = nfnetlink_send(skb, net, item->portid, group, item->report,
684 GFP_ATOMIC); 684 GFP_ATOMIC);
685 if (err == -ENOBUFS || err == -EAGAIN) 685 if (err == -ENOBUFS || err == -EAGAIN)
686 return -ENOBUFS; 686 return -ENOBUFS;
@@ -757,7 +757,7 @@ restart:
757#endif 757#endif
758 rcu_read_lock(); 758 rcu_read_lock();
759 res = 759 res =
760 ctnetlink_fill_info(skb, NETLINK_CB(cb->skb).pid, 760 ctnetlink_fill_info(skb, NETLINK_CB(cb->skb).portid,
761 cb->nlh->nlmsg_seq, 761 cb->nlh->nlmsg_seq,
762 NFNL_MSG_TYPE(cb->nlh->nlmsg_type), 762 NFNL_MSG_TYPE(cb->nlh->nlmsg_type),
763 ct); 763 ct);
@@ -961,7 +961,7 @@ ctnetlink_del_conntrack(struct sock *ctnl, struct sk_buff *skb,
961 else { 961 else {
962 /* Flush the whole table */ 962 /* Flush the whole table */
963 nf_conntrack_flush_report(net, 963 nf_conntrack_flush_report(net,
964 NETLINK_CB(skb).pid, 964 NETLINK_CB(skb).portid,
965 nlmsg_report(nlh)); 965 nlmsg_report(nlh));
966 return 0; 966 return 0;
967 } 967 }
@@ -985,7 +985,7 @@ ctnetlink_del_conntrack(struct sock *ctnl, struct sk_buff *skb,
985 985
986 if (del_timer(&ct->timeout)) { 986 if (del_timer(&ct->timeout)) {
987 if (nf_conntrack_event_report(IPCT_DESTROY, ct, 987 if (nf_conntrack_event_report(IPCT_DESTROY, ct,
988 NETLINK_CB(skb).pid, 988 NETLINK_CB(skb).portid,
989 nlmsg_report(nlh)) < 0) { 989 nlmsg_report(nlh)) < 0) {
990 nf_ct_delete_from_lists(ct); 990 nf_ct_delete_from_lists(ct);
991 /* we failed to report the event, try later */ 991 /* we failed to report the event, try later */
@@ -1069,14 +1069,14 @@ ctnetlink_get_conntrack(struct sock *ctnl, struct sk_buff *skb,
1069 } 1069 }
1070 1070
1071 rcu_read_lock(); 1071 rcu_read_lock();
1072 err = ctnetlink_fill_info(skb2, NETLINK_CB(skb).pid, nlh->nlmsg_seq, 1072 err = ctnetlink_fill_info(skb2, NETLINK_CB(skb).portid, nlh->nlmsg_seq,
1073 NFNL_MSG_TYPE(nlh->nlmsg_type), ct); 1073 NFNL_MSG_TYPE(nlh->nlmsg_type), ct);
1074 rcu_read_unlock(); 1074 rcu_read_unlock();
1075 nf_ct_put(ct); 1075 nf_ct_put(ct);
1076 if (err <= 0) 1076 if (err <= 0)
1077 goto free; 1077 goto free;
1078 1078
1079 err = netlink_unicast(ctnl, skb2, NETLINK_CB(skb).pid, MSG_DONTWAIT); 1079 err = netlink_unicast(ctnl, skb2, NETLINK_CB(skb).portid, MSG_DONTWAIT);
1080 if (err < 0) 1080 if (err < 0)
1081 goto out; 1081 goto out;
1082 1082
@@ -1096,13 +1096,14 @@ ctnetlink_parse_nat_setup(struct nf_conn *ct,
1096 const struct nlattr *attr) 1096 const struct nlattr *attr)
1097{ 1097{
1098 typeof(nfnetlink_parse_nat_setup_hook) parse_nat_setup; 1098 typeof(nfnetlink_parse_nat_setup_hook) parse_nat_setup;
1099 int err;
1099 1100
1100 parse_nat_setup = rcu_dereference(nfnetlink_parse_nat_setup_hook); 1101 parse_nat_setup = rcu_dereference(nfnetlink_parse_nat_setup_hook);
1101 if (!parse_nat_setup) { 1102 if (!parse_nat_setup) {
1102#ifdef CONFIG_MODULES 1103#ifdef CONFIG_MODULES
1103 rcu_read_unlock(); 1104 rcu_read_unlock();
1104 nfnl_unlock(); 1105 nfnl_unlock();
1105 if (request_module("nf-nat-ipv4") < 0) { 1106 if (request_module("nf-nat") < 0) {
1106 nfnl_lock(); 1107 nfnl_lock();
1107 rcu_read_lock(); 1108 rcu_read_lock();
1108 return -EOPNOTSUPP; 1109 return -EOPNOTSUPP;
@@ -1115,7 +1116,23 @@ ctnetlink_parse_nat_setup(struct nf_conn *ct,
1115 return -EOPNOTSUPP; 1116 return -EOPNOTSUPP;
1116 } 1117 }
1117 1118
1118 return parse_nat_setup(ct, manip, attr); 1119 err = parse_nat_setup(ct, manip, attr);
1120 if (err == -EAGAIN) {
1121#ifdef CONFIG_MODULES
1122 rcu_read_unlock();
1123 nfnl_unlock();
1124 if (request_module("nf-nat-%u", nf_ct_l3num(ct)) < 0) {
1125 nfnl_lock();
1126 rcu_read_lock();
1127 return -EOPNOTSUPP;
1128 }
1129 nfnl_lock();
1130 rcu_read_lock();
1131#else
1132 err = -EOPNOTSUPP;
1133#endif
1134 }
1135 return err;
1119} 1136}
1120#endif 1137#endif
1121 1138
@@ -1221,7 +1238,7 @@ ctnetlink_change_helper(struct nf_conn *ct, const struct nlattr * const cda[])
1221 if (help) { 1238 if (help) {
1222 if (help->helper == helper) { 1239 if (help->helper == helper) {
1223 /* update private helper data if allowed. */ 1240 /* update private helper data if allowed. */
1224 if (helper->from_nlattr && helpinfo) 1241 if (helper->from_nlattr)
1225 helper->from_nlattr(helpinfo, ct); 1242 helper->from_nlattr(helpinfo, ct);
1226 return 0; 1243 return 0;
1227 } else 1244 } else
@@ -1450,7 +1467,7 @@ ctnetlink_create_conntrack(struct net *net, u16 zone,
1450 goto err2; 1467 goto err2;
1451 } 1468 }
1452 /* set private helper data if allowed. */ 1469 /* set private helper data if allowed. */
1453 if (helper->from_nlattr && helpinfo) 1470 if (helper->from_nlattr)
1454 helper->from_nlattr(helpinfo, ct); 1471 helper->from_nlattr(helpinfo, ct);
1455 1472
1456 /* not in hash table yet so not strictly necessary */ 1473 /* not in hash table yet so not strictly necessary */
@@ -1596,7 +1613,7 @@ ctnetlink_new_conntrack(struct sock *ctnl, struct sk_buff *skb,
1596 (1 << IPCT_PROTOINFO) | 1613 (1 << IPCT_PROTOINFO) |
1597 (1 << IPCT_NATSEQADJ) | 1614 (1 << IPCT_NATSEQADJ) |
1598 (1 << IPCT_MARK) | events, 1615 (1 << IPCT_MARK) | events,
1599 ct, NETLINK_CB(skb).pid, 1616 ct, NETLINK_CB(skb).portid,
1600 nlmsg_report(nlh)); 1617 nlmsg_report(nlh));
1601 nf_ct_put(ct); 1618 nf_ct_put(ct);
1602 } 1619 }
@@ -1618,7 +1635,7 @@ ctnetlink_new_conntrack(struct sock *ctnl, struct sk_buff *skb,
1618 (1 << IPCT_PROTOINFO) | 1635 (1 << IPCT_PROTOINFO) |
1619 (1 << IPCT_NATSEQADJ) | 1636 (1 << IPCT_NATSEQADJ) |
1620 (1 << IPCT_MARK), 1637 (1 << IPCT_MARK),
1621 ct, NETLINK_CB(skb).pid, 1638 ct, NETLINK_CB(skb).portid,
1622 nlmsg_report(nlh)); 1639 nlmsg_report(nlh));
1623 } 1640 }
1624 } 1641 }
@@ -1628,15 +1645,15 @@ ctnetlink_new_conntrack(struct sock *ctnl, struct sk_buff *skb,
1628} 1645}
1629 1646
1630static int 1647static int
1631ctnetlink_ct_stat_cpu_fill_info(struct sk_buff *skb, u32 pid, u32 seq, 1648ctnetlink_ct_stat_cpu_fill_info(struct sk_buff *skb, u32 portid, u32 seq,
1632 __u16 cpu, const struct ip_conntrack_stat *st) 1649 __u16 cpu, const struct ip_conntrack_stat *st)
1633{ 1650{
1634 struct nlmsghdr *nlh; 1651 struct nlmsghdr *nlh;
1635 struct nfgenmsg *nfmsg; 1652 struct nfgenmsg *nfmsg;
1636 unsigned int flags = pid ? NLM_F_MULTI : 0, event; 1653 unsigned int flags = portid ? NLM_F_MULTI : 0, event;
1637 1654
1638 event = (NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_CT_GET_STATS_CPU); 1655 event = (NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_CT_GET_STATS_CPU);
1639 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*nfmsg), flags); 1656 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
1640 if (nlh == NULL) 1657 if (nlh == NULL)
1641 goto nlmsg_failure; 1658 goto nlmsg_failure;
1642 1659
@@ -1688,7 +1705,7 @@ ctnetlink_ct_stat_cpu_dump(struct sk_buff *skb, struct netlink_callback *cb)
1688 1705
1689 st = per_cpu_ptr(net->ct.stat, cpu); 1706 st = per_cpu_ptr(net->ct.stat, cpu);
1690 if (ctnetlink_ct_stat_cpu_fill_info(skb, 1707 if (ctnetlink_ct_stat_cpu_fill_info(skb,
1691 NETLINK_CB(cb->skb).pid, 1708 NETLINK_CB(cb->skb).portid,
1692 cb->nlh->nlmsg_seq, 1709 cb->nlh->nlmsg_seq,
1693 cpu, st) < 0) 1710 cpu, st) < 0)
1694 break; 1711 break;
@@ -1714,16 +1731,16 @@ ctnetlink_stat_ct_cpu(struct sock *ctnl, struct sk_buff *skb,
1714} 1731}
1715 1732
1716static int 1733static int
1717ctnetlink_stat_ct_fill_info(struct sk_buff *skb, u32 pid, u32 seq, u32 type, 1734ctnetlink_stat_ct_fill_info(struct sk_buff *skb, u32 portid, u32 seq, u32 type,
1718 struct net *net) 1735 struct net *net)
1719{ 1736{
1720 struct nlmsghdr *nlh; 1737 struct nlmsghdr *nlh;
1721 struct nfgenmsg *nfmsg; 1738 struct nfgenmsg *nfmsg;
1722 unsigned int flags = pid ? NLM_F_MULTI : 0, event; 1739 unsigned int flags = portid ? NLM_F_MULTI : 0, event;
1723 unsigned int nr_conntracks = atomic_read(&net->ct.count); 1740 unsigned int nr_conntracks = atomic_read(&net->ct.count);
1724 1741
1725 event = (NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_CT_GET_STATS); 1742 event = (NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_CT_GET_STATS);
1726 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*nfmsg), flags); 1743 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
1727 if (nlh == NULL) 1744 if (nlh == NULL)
1728 goto nlmsg_failure; 1745 goto nlmsg_failure;
1729 1746
@@ -1756,14 +1773,14 @@ ctnetlink_stat_ct(struct sock *ctnl, struct sk_buff *skb,
1756 if (skb2 == NULL) 1773 if (skb2 == NULL)
1757 return -ENOMEM; 1774 return -ENOMEM;
1758 1775
1759 err = ctnetlink_stat_ct_fill_info(skb2, NETLINK_CB(skb).pid, 1776 err = ctnetlink_stat_ct_fill_info(skb2, NETLINK_CB(skb).portid,
1760 nlh->nlmsg_seq, 1777 nlh->nlmsg_seq,
1761 NFNL_MSG_TYPE(nlh->nlmsg_type), 1778 NFNL_MSG_TYPE(nlh->nlmsg_type),
1762 sock_net(skb->sk)); 1779 sock_net(skb->sk));
1763 if (err <= 0) 1780 if (err <= 0)
1764 goto free; 1781 goto free;
1765 1782
1766 err = netlink_unicast(ctnl, skb2, NETLINK_CB(skb).pid, MSG_DONTWAIT); 1783 err = netlink_unicast(ctnl, skb2, NETLINK_CB(skb).portid, MSG_DONTWAIT);
1767 if (err < 0) 1784 if (err < 0)
1768 goto out; 1785 goto out;
1769 1786
@@ -1979,6 +1996,8 @@ nla_put_failure:
1979 return -1; 1996 return -1;
1980} 1997}
1981 1998
1999static const union nf_inet_addr any_addr;
2000
1982static int 2001static int
1983ctnetlink_exp_dump_expect(struct sk_buff *skb, 2002ctnetlink_exp_dump_expect(struct sk_buff *skb,
1984 const struct nf_conntrack_expect *exp) 2003 const struct nf_conntrack_expect *exp)
@@ -2005,7 +2024,8 @@ ctnetlink_exp_dump_expect(struct sk_buff *skb,
2005 goto nla_put_failure; 2024 goto nla_put_failure;
2006 2025
2007#ifdef CONFIG_NF_NAT_NEEDED 2026#ifdef CONFIG_NF_NAT_NEEDED
2008 if (exp->saved_ip || exp->saved_proto.all) { 2027 if (!nf_inet_addr_cmp(&exp->saved_addr, &any_addr) ||
2028 exp->saved_proto.all) {
2009 nest_parms = nla_nest_start(skb, CTA_EXPECT_NAT | NLA_F_NESTED); 2029 nest_parms = nla_nest_start(skb, CTA_EXPECT_NAT | NLA_F_NESTED);
2010 if (!nest_parms) 2030 if (!nest_parms)
2011 goto nla_put_failure; 2031 goto nla_put_failure;
@@ -2014,7 +2034,7 @@ ctnetlink_exp_dump_expect(struct sk_buff *skb,
2014 goto nla_put_failure; 2034 goto nla_put_failure;
2015 2035
2016 nat_tuple.src.l3num = nf_ct_l3num(master); 2036 nat_tuple.src.l3num = nf_ct_l3num(master);
2017 nat_tuple.src.u3.ip = exp->saved_ip; 2037 nat_tuple.src.u3 = exp->saved_addr;
2018 nat_tuple.dst.protonum = nf_ct_protonum(master); 2038 nat_tuple.dst.protonum = nf_ct_protonum(master);
2019 nat_tuple.src.u = exp->saved_proto; 2039 nat_tuple.src.u = exp->saved_proto;
2020 2040
@@ -2050,15 +2070,15 @@ nla_put_failure:
2050} 2070}
2051 2071
2052static int 2072static int
2053ctnetlink_exp_fill_info(struct sk_buff *skb, u32 pid, u32 seq, 2073ctnetlink_exp_fill_info(struct sk_buff *skb, u32 portid, u32 seq,
2054 int event, const struct nf_conntrack_expect *exp) 2074 int event, const struct nf_conntrack_expect *exp)
2055{ 2075{
2056 struct nlmsghdr *nlh; 2076 struct nlmsghdr *nlh;
2057 struct nfgenmsg *nfmsg; 2077 struct nfgenmsg *nfmsg;
2058 unsigned int flags = pid ? NLM_F_MULTI : 0; 2078 unsigned int flags = portid ? NLM_F_MULTI : 0;
2059 2079
2060 event |= NFNL_SUBSYS_CTNETLINK_EXP << 8; 2080 event |= NFNL_SUBSYS_CTNETLINK_EXP << 8;
2061 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*nfmsg), flags); 2081 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
2062 if (nlh == NULL) 2082 if (nlh == NULL)
2063 goto nlmsg_failure; 2083 goto nlmsg_failure;
2064 2084
@@ -2109,7 +2129,7 @@ ctnetlink_expect_event(unsigned int events, struct nf_exp_event *item)
2109 goto errout; 2129 goto errout;
2110 2130
2111 type |= NFNL_SUBSYS_CTNETLINK_EXP << 8; 2131 type |= NFNL_SUBSYS_CTNETLINK_EXP << 8;
2112 nlh = nlmsg_put(skb, item->pid, 0, type, sizeof(*nfmsg), flags); 2132 nlh = nlmsg_put(skb, item->portid, 0, type, sizeof(*nfmsg), flags);
2113 if (nlh == NULL) 2133 if (nlh == NULL)
2114 goto nlmsg_failure; 2134 goto nlmsg_failure;
2115 2135
@@ -2124,7 +2144,7 @@ ctnetlink_expect_event(unsigned int events, struct nf_exp_event *item)
2124 rcu_read_unlock(); 2144 rcu_read_unlock();
2125 2145
2126 nlmsg_end(skb, nlh); 2146 nlmsg_end(skb, nlh);
2127 nfnetlink_send(skb, net, item->pid, group, item->report, GFP_ATOMIC); 2147 nfnetlink_send(skb, net, item->portid, group, item->report, GFP_ATOMIC);
2128 return 0; 2148 return 0;
2129 2149
2130nla_put_failure: 2150nla_put_failure:
@@ -2167,7 +2187,7 @@ restart:
2167 cb->args[1] = 0; 2187 cb->args[1] = 0;
2168 } 2188 }
2169 if (ctnetlink_exp_fill_info(skb, 2189 if (ctnetlink_exp_fill_info(skb,
2170 NETLINK_CB(cb->skb).pid, 2190 NETLINK_CB(cb->skb).portid,
2171 cb->nlh->nlmsg_seq, 2191 cb->nlh->nlmsg_seq,
2172 IPCTNL_MSG_EXP_NEW, 2192 IPCTNL_MSG_EXP_NEW,
2173 exp) < 0) { 2193 exp) < 0) {
@@ -2260,14 +2280,14 @@ ctnetlink_get_expect(struct sock *ctnl, struct sk_buff *skb,
2260 } 2280 }
2261 2281
2262 rcu_read_lock(); 2282 rcu_read_lock();
2263 err = ctnetlink_exp_fill_info(skb2, NETLINK_CB(skb).pid, 2283 err = ctnetlink_exp_fill_info(skb2, NETLINK_CB(skb).portid,
2264 nlh->nlmsg_seq, IPCTNL_MSG_EXP_NEW, exp); 2284 nlh->nlmsg_seq, IPCTNL_MSG_EXP_NEW, exp);
2265 rcu_read_unlock(); 2285 rcu_read_unlock();
2266 nf_ct_expect_put(exp); 2286 nf_ct_expect_put(exp);
2267 if (err <= 0) 2287 if (err <= 0)
2268 goto free; 2288 goto free;
2269 2289
2270 err = netlink_unicast(ctnl, skb2, NETLINK_CB(skb).pid, MSG_DONTWAIT); 2290 err = netlink_unicast(ctnl, skb2, NETLINK_CB(skb).portid, MSG_DONTWAIT);
2271 if (err < 0) 2291 if (err < 0)
2272 goto out; 2292 goto out;
2273 2293
@@ -2321,7 +2341,7 @@ ctnetlink_del_expect(struct sock *ctnl, struct sk_buff *skb,
2321 /* after list removal, usage count == 1 */ 2341 /* after list removal, usage count == 1 */
2322 spin_lock_bh(&nf_conntrack_lock); 2342 spin_lock_bh(&nf_conntrack_lock);
2323 if (del_timer(&exp->timeout)) { 2343 if (del_timer(&exp->timeout)) {
2324 nf_ct_unlink_expect_report(exp, NETLINK_CB(skb).pid, 2344 nf_ct_unlink_expect_report(exp, NETLINK_CB(skb).portid,
2325 nlmsg_report(nlh)); 2345 nlmsg_report(nlh));
2326 nf_ct_expect_put(exp); 2346 nf_ct_expect_put(exp);
2327 } 2347 }
@@ -2343,7 +2363,7 @@ ctnetlink_del_expect(struct sock *ctnl, struct sk_buff *skb,
2343 if (!strcmp(m_help->helper->name, name) && 2363 if (!strcmp(m_help->helper->name, name) &&
2344 del_timer(&exp->timeout)) { 2364 del_timer(&exp->timeout)) {
2345 nf_ct_unlink_expect_report(exp, 2365 nf_ct_unlink_expect_report(exp,
2346 NETLINK_CB(skb).pid, 2366 NETLINK_CB(skb).portid,
2347 nlmsg_report(nlh)); 2367 nlmsg_report(nlh));
2348 nf_ct_expect_put(exp); 2368 nf_ct_expect_put(exp);
2349 } 2369 }
@@ -2359,7 +2379,7 @@ ctnetlink_del_expect(struct sock *ctnl, struct sk_buff *skb,
2359 hnode) { 2379 hnode) {
2360 if (del_timer(&exp->timeout)) { 2380 if (del_timer(&exp->timeout)) {
2361 nf_ct_unlink_expect_report(exp, 2381 nf_ct_unlink_expect_report(exp,
2362 NETLINK_CB(skb).pid, 2382 NETLINK_CB(skb).portid,
2363 nlmsg_report(nlh)); 2383 nlmsg_report(nlh));
2364 nf_ct_expect_put(exp); 2384 nf_ct_expect_put(exp);
2365 } 2385 }
@@ -2410,7 +2430,7 @@ ctnetlink_parse_expect_nat(const struct nlattr *attr,
2410 if (err < 0) 2430 if (err < 0)
2411 return err; 2431 return err;
2412 2432
2413 exp->saved_ip = nat_tuple.src.u3.ip; 2433 exp->saved_addr = nat_tuple.src.u3;
2414 exp->saved_proto = nat_tuple.src.u; 2434 exp->saved_proto = nat_tuple.src.u;
2415 exp->dir = ntohl(nla_get_be32(tb[CTA_EXPECT_NAT_DIR])); 2435 exp->dir = ntohl(nla_get_be32(tb[CTA_EXPECT_NAT_DIR]));
2416 2436
@@ -2424,7 +2444,7 @@ static int
2424ctnetlink_create_expect(struct net *net, u16 zone, 2444ctnetlink_create_expect(struct net *net, u16 zone,
2425 const struct nlattr * const cda[], 2445 const struct nlattr * const cda[],
2426 u_int8_t u3, 2446 u_int8_t u3,
2427 u32 pid, int report) 2447 u32 portid, int report)
2428{ 2448{
2429 struct nf_conntrack_tuple tuple, mask, master_tuple; 2449 struct nf_conntrack_tuple tuple, mask, master_tuple;
2430 struct nf_conntrack_tuple_hash *h = NULL; 2450 struct nf_conntrack_tuple_hash *h = NULL;
@@ -2537,7 +2557,7 @@ ctnetlink_create_expect(struct net *net, u16 zone,
2537 if (err < 0) 2557 if (err < 0)
2538 goto err_out; 2558 goto err_out;
2539 } 2559 }
2540 err = nf_ct_expect_related_report(exp, pid, report); 2560 err = nf_ct_expect_related_report(exp, portid, report);
2541err_out: 2561err_out:
2542 nf_ct_expect_put(exp); 2562 nf_ct_expect_put(exp);
2543out: 2563out:
@@ -2580,7 +2600,7 @@ ctnetlink_new_expect(struct sock *ctnl, struct sk_buff *skb,
2580 if (nlh->nlmsg_flags & NLM_F_CREATE) { 2600 if (nlh->nlmsg_flags & NLM_F_CREATE) {
2581 err = ctnetlink_create_expect(net, zone, cda, 2601 err = ctnetlink_create_expect(net, zone, cda,
2582 u3, 2602 u3,
2583 NETLINK_CB(skb).pid, 2603 NETLINK_CB(skb).portid,
2584 nlmsg_report(nlh)); 2604 nlmsg_report(nlh));
2585 } 2605 }
2586 return err; 2606 return err;
@@ -2595,15 +2615,15 @@ ctnetlink_new_expect(struct sock *ctnl, struct sk_buff *skb,
2595} 2615}
2596 2616
2597static int 2617static int
2598ctnetlink_exp_stat_fill_info(struct sk_buff *skb, u32 pid, u32 seq, int cpu, 2618ctnetlink_exp_stat_fill_info(struct sk_buff *skb, u32 portid, u32 seq, int cpu,
2599 const struct ip_conntrack_stat *st) 2619 const struct ip_conntrack_stat *st)
2600{ 2620{
2601 struct nlmsghdr *nlh; 2621 struct nlmsghdr *nlh;
2602 struct nfgenmsg *nfmsg; 2622 struct nfgenmsg *nfmsg;
2603 unsigned int flags = pid ? NLM_F_MULTI : 0, event; 2623 unsigned int flags = portid ? NLM_F_MULTI : 0, event;
2604 2624
2605 event = (NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_EXP_GET_STATS_CPU); 2625 event = (NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_EXP_GET_STATS_CPU);
2606 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*nfmsg), flags); 2626 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
2607 if (nlh == NULL) 2627 if (nlh == NULL)
2608 goto nlmsg_failure; 2628 goto nlmsg_failure;
2609 2629
@@ -2642,7 +2662,7 @@ ctnetlink_exp_stat_cpu_dump(struct sk_buff *skb, struct netlink_callback *cb)
2642 continue; 2662 continue;
2643 2663
2644 st = per_cpu_ptr(net->ct.stat, cpu); 2664 st = per_cpu_ptr(net->ct.stat, cpu);
2645 if (ctnetlink_exp_stat_fill_info(skb, NETLINK_CB(cb->skb).pid, 2665 if (ctnetlink_exp_stat_fill_info(skb, NETLINK_CB(cb->skb).portid,
2646 cb->nlh->nlmsg_seq, 2666 cb->nlh->nlmsg_seq,
2647 cpu, st) < 0) 2667 cpu, st) < 0)
2648 break; 2668 break;
diff --git a/net/netfilter/nf_conntrack_pptp.c b/net/netfilter/nf_conntrack_pptp.c
index 6fed9ec35248..cc7669ef0b95 100644
--- a/net/netfilter/nf_conntrack_pptp.c
+++ b/net/netfilter/nf_conntrack_pptp.c
@@ -45,14 +45,14 @@ static DEFINE_SPINLOCK(nf_pptp_lock);
45int 45int
46(*nf_nat_pptp_hook_outbound)(struct sk_buff *skb, 46(*nf_nat_pptp_hook_outbound)(struct sk_buff *skb,
47 struct nf_conn *ct, enum ip_conntrack_info ctinfo, 47 struct nf_conn *ct, enum ip_conntrack_info ctinfo,
48 struct PptpControlHeader *ctlh, 48 unsigned int protoff, struct PptpControlHeader *ctlh,
49 union pptp_ctrl_union *pptpReq) __read_mostly; 49 union pptp_ctrl_union *pptpReq) __read_mostly;
50EXPORT_SYMBOL_GPL(nf_nat_pptp_hook_outbound); 50EXPORT_SYMBOL_GPL(nf_nat_pptp_hook_outbound);
51 51
52int 52int
53(*nf_nat_pptp_hook_inbound)(struct sk_buff *skb, 53(*nf_nat_pptp_hook_inbound)(struct sk_buff *skb,
54 struct nf_conn *ct, enum ip_conntrack_info ctinfo, 54 struct nf_conn *ct, enum ip_conntrack_info ctinfo,
55 struct PptpControlHeader *ctlh, 55 unsigned int protoff, struct PptpControlHeader *ctlh,
56 union pptp_ctrl_union *pptpReq) __read_mostly; 56 union pptp_ctrl_union *pptpReq) __read_mostly;
57EXPORT_SYMBOL_GPL(nf_nat_pptp_hook_inbound); 57EXPORT_SYMBOL_GPL(nf_nat_pptp_hook_inbound);
58 58
@@ -262,7 +262,7 @@ out_unexpect_orig:
262} 262}
263 263
264static inline int 264static inline int
265pptp_inbound_pkt(struct sk_buff *skb, 265pptp_inbound_pkt(struct sk_buff *skb, unsigned int protoff,
266 struct PptpControlHeader *ctlh, 266 struct PptpControlHeader *ctlh,
267 union pptp_ctrl_union *pptpReq, 267 union pptp_ctrl_union *pptpReq,
268 unsigned int reqlen, 268 unsigned int reqlen,
@@ -376,7 +376,8 @@ pptp_inbound_pkt(struct sk_buff *skb,
376 376
377 nf_nat_pptp_inbound = rcu_dereference(nf_nat_pptp_hook_inbound); 377 nf_nat_pptp_inbound = rcu_dereference(nf_nat_pptp_hook_inbound);
378 if (nf_nat_pptp_inbound && ct->status & IPS_NAT_MASK) 378 if (nf_nat_pptp_inbound && ct->status & IPS_NAT_MASK)
379 return nf_nat_pptp_inbound(skb, ct, ctinfo, ctlh, pptpReq); 379 return nf_nat_pptp_inbound(skb, ct, ctinfo,
380 protoff, ctlh, pptpReq);
380 return NF_ACCEPT; 381 return NF_ACCEPT;
381 382
382invalid: 383invalid:
@@ -389,7 +390,7 @@ invalid:
389} 390}
390 391
391static inline int 392static inline int
392pptp_outbound_pkt(struct sk_buff *skb, 393pptp_outbound_pkt(struct sk_buff *skb, unsigned int protoff,
393 struct PptpControlHeader *ctlh, 394 struct PptpControlHeader *ctlh,
394 union pptp_ctrl_union *pptpReq, 395 union pptp_ctrl_union *pptpReq,
395 unsigned int reqlen, 396 unsigned int reqlen,
@@ -471,7 +472,8 @@ pptp_outbound_pkt(struct sk_buff *skb,
471 472
472 nf_nat_pptp_outbound = rcu_dereference(nf_nat_pptp_hook_outbound); 473 nf_nat_pptp_outbound = rcu_dereference(nf_nat_pptp_hook_outbound);
473 if (nf_nat_pptp_outbound && ct->status & IPS_NAT_MASK) 474 if (nf_nat_pptp_outbound && ct->status & IPS_NAT_MASK)
474 return nf_nat_pptp_outbound(skb, ct, ctinfo, ctlh, pptpReq); 475 return nf_nat_pptp_outbound(skb, ct, ctinfo,
476 protoff, ctlh, pptpReq);
475 return NF_ACCEPT; 477 return NF_ACCEPT;
476 478
477invalid: 479invalid:
@@ -570,11 +572,11 @@ conntrack_pptp_help(struct sk_buff *skb, unsigned int protoff,
570 * established from PNS->PAC. However, RFC makes no guarantee */ 572 * established from PNS->PAC. However, RFC makes no guarantee */
571 if (dir == IP_CT_DIR_ORIGINAL) 573 if (dir == IP_CT_DIR_ORIGINAL)
572 /* client -> server (PNS -> PAC) */ 574 /* client -> server (PNS -> PAC) */
573 ret = pptp_outbound_pkt(skb, ctlh, pptpReq, reqlen, ct, 575 ret = pptp_outbound_pkt(skb, protoff, ctlh, pptpReq, reqlen, ct,
574 ctinfo); 576 ctinfo);
575 else 577 else
576 /* server -> client (PAC -> PNS) */ 578 /* server -> client (PAC -> PNS) */
577 ret = pptp_inbound_pkt(skb, ctlh, pptpReq, reqlen, ct, 579 ret = pptp_inbound_pkt(skb, protoff, ctlh, pptpReq, reqlen, ct,
578 ctinfo); 580 ctinfo);
579 pr_debug("sstate: %d->%d, cstate: %d->%d\n", 581 pr_debug("sstate: %d->%d, cstate: %d->%d\n",
580 oldsstate, info->sstate, oldcstate, info->cstate); 582 oldsstate, info->sstate, oldcstate, info->cstate);
diff --git a/net/netfilter/nf_conntrack_proto.c b/net/netfilter/nf_conntrack_proto.c
index 0dc63854390f..51e928db48c8 100644
--- a/net/netfilter/nf_conntrack_proto.c
+++ b/net/netfilter/nf_conntrack_proto.c
@@ -21,7 +21,6 @@
21#include <linux/notifier.h> 21#include <linux/notifier.h>
22#include <linux/kernel.h> 22#include <linux/kernel.h>
23#include <linux/netdevice.h> 23#include <linux/netdevice.h>
24#include <linux/rtnetlink.h>
25 24
26#include <net/netfilter/nf_conntrack.h> 25#include <net/netfilter/nf_conntrack.h>
27#include <net/netfilter/nf_conntrack_l3proto.h> 26#include <net/netfilter/nf_conntrack_l3proto.h>
@@ -294,9 +293,7 @@ void nf_conntrack_l3proto_unregister(struct net *net,
294 nf_ct_l3proto_unregister_sysctl(net, proto); 293 nf_ct_l3proto_unregister_sysctl(net, proto);
295 294
296 /* Remove all contrack entries for this protocol */ 295 /* Remove all contrack entries for this protocol */
297 rtnl_lock();
298 nf_ct_iterate_cleanup(net, kill_l3proto, proto); 296 nf_ct_iterate_cleanup(net, kill_l3proto, proto);
299 rtnl_unlock();
300} 297}
301EXPORT_SYMBOL_GPL(nf_conntrack_l3proto_unregister); 298EXPORT_SYMBOL_GPL(nf_conntrack_l3proto_unregister);
302 299
@@ -502,9 +499,7 @@ void nf_conntrack_l4proto_unregister(struct net *net,
502 nf_ct_l4proto_unregister_sysctl(net, pn, l4proto); 499 nf_ct_l4proto_unregister_sysctl(net, pn, l4proto);
503 500
504 /* Remove all contrack entries for this protocol */ 501 /* Remove all contrack entries for this protocol */
505 rtnl_lock();
506 nf_ct_iterate_cleanup(net, kill_l4proto, l4proto); 502 nf_ct_iterate_cleanup(net, kill_l4proto, l4proto);
507 rtnl_unlock();
508} 503}
509EXPORT_SYMBOL_GPL(nf_conntrack_l4proto_unregister); 504EXPORT_SYMBOL_GPL(nf_conntrack_l4proto_unregister);
510 505
diff --git a/net/netfilter/nf_conntrack_proto_tcp.c b/net/netfilter/nf_conntrack_proto_tcp.c
index e046b3756aab..61f9285111d1 100644
--- a/net/netfilter/nf_conntrack_proto_tcp.c
+++ b/net/netfilter/nf_conntrack_proto_tcp.c
@@ -502,10 +502,10 @@ static inline s16 nat_offset(const struct nf_conn *ct,
502 502
503 return get_offset != NULL ? get_offset(ct, dir, seq) : 0; 503 return get_offset != NULL ? get_offset(ct, dir, seq) : 0;
504} 504}
505#define NAT_OFFSET(pf, ct, dir, seq) \ 505#define NAT_OFFSET(ct, dir, seq) \
506 (pf == NFPROTO_IPV4 ? nat_offset(ct, dir, seq) : 0) 506 (nat_offset(ct, dir, seq))
507#else 507#else
508#define NAT_OFFSET(pf, ct, dir, seq) 0 508#define NAT_OFFSET(ct, dir, seq) 0
509#endif 509#endif
510 510
511static bool tcp_in_window(const struct nf_conn *ct, 511static bool tcp_in_window(const struct nf_conn *ct,
@@ -538,7 +538,7 @@ static bool tcp_in_window(const struct nf_conn *ct,
538 tcp_sack(skb, dataoff, tcph, &sack); 538 tcp_sack(skb, dataoff, tcph, &sack);
539 539
540 /* Take into account NAT sequence number mangling */ 540 /* Take into account NAT sequence number mangling */
541 receiver_offset = NAT_OFFSET(pf, ct, !dir, ack - 1); 541 receiver_offset = NAT_OFFSET(ct, !dir, ack - 1);
542 ack -= receiver_offset; 542 ack -= receiver_offset;
543 sack -= receiver_offset; 543 sack -= receiver_offset;
544 544
diff --git a/net/netfilter/nf_conntrack_sip.c b/net/netfilter/nf_conntrack_sip.c
index 5c0a112aeee6..df8f4f284481 100644
--- a/net/netfilter/nf_conntrack_sip.c
+++ b/net/netfilter/nf_conntrack_sip.c
@@ -52,15 +52,17 @@ module_param(sip_direct_media, int, 0600);
52MODULE_PARM_DESC(sip_direct_media, "Expect Media streams between signalling " 52MODULE_PARM_DESC(sip_direct_media, "Expect Media streams between signalling "
53 "endpoints only (default 1)"); 53 "endpoints only (default 1)");
54 54
55unsigned int (*nf_nat_sip_hook)(struct sk_buff *skb, unsigned int dataoff, 55unsigned int (*nf_nat_sip_hook)(struct sk_buff *skb, unsigned int protoff,
56 const char **dptr, 56 unsigned int dataoff, const char **dptr,
57 unsigned int *datalen) __read_mostly; 57 unsigned int *datalen) __read_mostly;
58EXPORT_SYMBOL_GPL(nf_nat_sip_hook); 58EXPORT_SYMBOL_GPL(nf_nat_sip_hook);
59 59
60void (*nf_nat_sip_seq_adjust_hook)(struct sk_buff *skb, s16 off) __read_mostly; 60void (*nf_nat_sip_seq_adjust_hook)(struct sk_buff *skb, unsigned int protoff,
61 s16 off) __read_mostly;
61EXPORT_SYMBOL_GPL(nf_nat_sip_seq_adjust_hook); 62EXPORT_SYMBOL_GPL(nf_nat_sip_seq_adjust_hook);
62 63
63unsigned int (*nf_nat_sip_expect_hook)(struct sk_buff *skb, 64unsigned int (*nf_nat_sip_expect_hook)(struct sk_buff *skb,
65 unsigned int protoff,
64 unsigned int dataoff, 66 unsigned int dataoff,
65 const char **dptr, 67 const char **dptr,
66 unsigned int *datalen, 68 unsigned int *datalen,
@@ -69,7 +71,8 @@ unsigned int (*nf_nat_sip_expect_hook)(struct sk_buff *skb,
69 unsigned int matchlen) __read_mostly; 71 unsigned int matchlen) __read_mostly;
70EXPORT_SYMBOL_GPL(nf_nat_sip_expect_hook); 72EXPORT_SYMBOL_GPL(nf_nat_sip_expect_hook);
71 73
72unsigned int (*nf_nat_sdp_addr_hook)(struct sk_buff *skb, unsigned int dataoff, 74unsigned int (*nf_nat_sdp_addr_hook)(struct sk_buff *skb, unsigned int protoff,
75 unsigned int dataoff,
73 const char **dptr, 76 const char **dptr,
74 unsigned int *datalen, 77 unsigned int *datalen,
75 unsigned int sdpoff, 78 unsigned int sdpoff,
@@ -79,7 +82,8 @@ unsigned int (*nf_nat_sdp_addr_hook)(struct sk_buff *skb, unsigned int dataoff,
79 __read_mostly; 82 __read_mostly;
80EXPORT_SYMBOL_GPL(nf_nat_sdp_addr_hook); 83EXPORT_SYMBOL_GPL(nf_nat_sdp_addr_hook);
81 84
82unsigned int (*nf_nat_sdp_port_hook)(struct sk_buff *skb, unsigned int dataoff, 85unsigned int (*nf_nat_sdp_port_hook)(struct sk_buff *skb, unsigned int protoff,
86 unsigned int dataoff,
83 const char **dptr, 87 const char **dptr,
84 unsigned int *datalen, 88 unsigned int *datalen,
85 unsigned int matchoff, 89 unsigned int matchoff,
@@ -88,6 +92,7 @@ unsigned int (*nf_nat_sdp_port_hook)(struct sk_buff *skb, unsigned int dataoff,
88EXPORT_SYMBOL_GPL(nf_nat_sdp_port_hook); 92EXPORT_SYMBOL_GPL(nf_nat_sdp_port_hook);
89 93
90unsigned int (*nf_nat_sdp_session_hook)(struct sk_buff *skb, 94unsigned int (*nf_nat_sdp_session_hook)(struct sk_buff *skb,
95 unsigned int protoff,
91 unsigned int dataoff, 96 unsigned int dataoff,
92 const char **dptr, 97 const char **dptr,
93 unsigned int *datalen, 98 unsigned int *datalen,
@@ -96,7 +101,8 @@ unsigned int (*nf_nat_sdp_session_hook)(struct sk_buff *skb,
96 __read_mostly; 101 __read_mostly;
97EXPORT_SYMBOL_GPL(nf_nat_sdp_session_hook); 102EXPORT_SYMBOL_GPL(nf_nat_sdp_session_hook);
98 103
99unsigned int (*nf_nat_sdp_media_hook)(struct sk_buff *skb, unsigned int dataoff, 104unsigned int (*nf_nat_sdp_media_hook)(struct sk_buff *skb, unsigned int protoff,
105 unsigned int dataoff,
100 const char **dptr, 106 const char **dptr,
101 unsigned int *datalen, 107 unsigned int *datalen,
102 struct nf_conntrack_expect *rtp_exp, 108 struct nf_conntrack_expect *rtp_exp,
@@ -737,13 +743,18 @@ static int sdp_addr_len(const struct nf_conn *ct, const char *dptr,
737 * be tolerant and also accept records terminated with a single newline 743 * be tolerant and also accept records terminated with a single newline
738 * character". We handle both cases. 744 * character". We handle both cases.
739 */ 745 */
740static const struct sip_header ct_sdp_hdrs[] = { 746static const struct sip_header ct_sdp_hdrs_v4[] = {
741 [SDP_HDR_VERSION] = SDP_HDR("v=", NULL, digits_len), 747 [SDP_HDR_VERSION] = SDP_HDR("v=", NULL, digits_len),
742 [SDP_HDR_OWNER_IP4] = SDP_HDR("o=", "IN IP4 ", sdp_addr_len), 748 [SDP_HDR_OWNER] = SDP_HDR("o=", "IN IP4 ", sdp_addr_len),
743 [SDP_HDR_CONNECTION_IP4] = SDP_HDR("c=", "IN IP4 ", sdp_addr_len), 749 [SDP_HDR_CONNECTION] = SDP_HDR("c=", "IN IP4 ", sdp_addr_len),
744 [SDP_HDR_OWNER_IP6] = SDP_HDR("o=", "IN IP6 ", sdp_addr_len), 750 [SDP_HDR_MEDIA] = SDP_HDR("m=", NULL, media_len),
745 [SDP_HDR_CONNECTION_IP6] = SDP_HDR("c=", "IN IP6 ", sdp_addr_len), 751};
746 [SDP_HDR_MEDIA] = SDP_HDR("m=", NULL, media_len), 752
753static const struct sip_header ct_sdp_hdrs_v6[] = {
754 [SDP_HDR_VERSION] = SDP_HDR("v=", NULL, digits_len),
755 [SDP_HDR_OWNER] = SDP_HDR("o=", "IN IP6 ", sdp_addr_len),
756 [SDP_HDR_CONNECTION] = SDP_HDR("c=", "IN IP6 ", sdp_addr_len),
757 [SDP_HDR_MEDIA] = SDP_HDR("m=", NULL, media_len),
747}; 758};
748 759
749/* Linear string search within SDP header values */ 760/* Linear string search within SDP header values */
@@ -769,11 +780,14 @@ int ct_sip_get_sdp_header(const struct nf_conn *ct, const char *dptr,
769 enum sdp_header_types term, 780 enum sdp_header_types term,
770 unsigned int *matchoff, unsigned int *matchlen) 781 unsigned int *matchoff, unsigned int *matchlen)
771{ 782{
772 const struct sip_header *hdr = &ct_sdp_hdrs[type]; 783 const struct sip_header *hdrs, *hdr, *thdr;
773 const struct sip_header *thdr = &ct_sdp_hdrs[term];
774 const char *start = dptr, *limit = dptr + datalen; 784 const char *start = dptr, *limit = dptr + datalen;
775 int shift = 0; 785 int shift = 0;
776 786
787 hdrs = nf_ct_l3num(ct) == NFPROTO_IPV4 ? ct_sdp_hdrs_v4 : ct_sdp_hdrs_v6;
788 hdr = &hdrs[type];
789 thdr = &hdrs[term];
790
777 for (dptr += dataoff; dptr < limit; dptr++) { 791 for (dptr += dataoff; dptr < limit; dptr++) {
778 /* Find beginning of line */ 792 /* Find beginning of line */
779 if (*dptr != '\r' && *dptr != '\n') 793 if (*dptr != '\r' && *dptr != '\n')
@@ -883,7 +897,8 @@ static void flush_expectations(struct nf_conn *ct, bool media)
883 spin_unlock_bh(&nf_conntrack_lock); 897 spin_unlock_bh(&nf_conntrack_lock);
884} 898}
885 899
886static int set_expected_rtp_rtcp(struct sk_buff *skb, unsigned int dataoff, 900static int set_expected_rtp_rtcp(struct sk_buff *skb, unsigned int protoff,
901 unsigned int dataoff,
887 const char **dptr, unsigned int *datalen, 902 const char **dptr, unsigned int *datalen,
888 union nf_inet_addr *daddr, __be16 port, 903 union nf_inet_addr *daddr, __be16 port,
889 enum sip_expectation_classes class, 904 enum sip_expectation_classes class,
@@ -939,12 +954,12 @@ static int set_expected_rtp_rtcp(struct sk_buff *skb, unsigned int dataoff,
939 exp->class != class) 954 exp->class != class)
940 break; 955 break;
941#ifdef CONFIG_NF_NAT_NEEDED 956#ifdef CONFIG_NF_NAT_NEEDED
942 if (exp->tuple.src.l3num == AF_INET && !direct_rtp && 957 if (!direct_rtp &&
943 (exp->saved_ip != exp->tuple.dst.u3.ip || 958 (!nf_inet_addr_cmp(&exp->saved_addr, &exp->tuple.dst.u3) ||
944 exp->saved_proto.udp.port != exp->tuple.dst.u.udp.port) && 959 exp->saved_proto.udp.port != exp->tuple.dst.u.udp.port) &&
945 ct->status & IPS_NAT_MASK) { 960 ct->status & IPS_NAT_MASK) {
946 daddr->ip = exp->saved_ip; 961 *daddr = exp->saved_addr;
947 tuple.dst.u3.ip = exp->saved_ip; 962 tuple.dst.u3 = exp->saved_addr;
948 tuple.dst.u.udp.port = exp->saved_proto.udp.port; 963 tuple.dst.u.udp.port = exp->saved_proto.udp.port;
949 direct_rtp = 1; 964 direct_rtp = 1;
950 } else 965 } else
@@ -960,7 +975,7 @@ static int set_expected_rtp_rtcp(struct sk_buff *skb, unsigned int dataoff,
960 if (direct_rtp) { 975 if (direct_rtp) {
961 nf_nat_sdp_port = rcu_dereference(nf_nat_sdp_port_hook); 976 nf_nat_sdp_port = rcu_dereference(nf_nat_sdp_port_hook);
962 if (nf_nat_sdp_port && 977 if (nf_nat_sdp_port &&
963 !nf_nat_sdp_port(skb, dataoff, dptr, datalen, 978 !nf_nat_sdp_port(skb, protoff, dataoff, dptr, datalen,
964 mediaoff, medialen, ntohs(rtp_port))) 979 mediaoff, medialen, ntohs(rtp_port)))
965 goto err1; 980 goto err1;
966 } 981 }
@@ -982,7 +997,7 @@ static int set_expected_rtp_rtcp(struct sk_buff *skb, unsigned int dataoff,
982 997
983 nf_nat_sdp_media = rcu_dereference(nf_nat_sdp_media_hook); 998 nf_nat_sdp_media = rcu_dereference(nf_nat_sdp_media_hook);
984 if (nf_nat_sdp_media && ct->status & IPS_NAT_MASK && !direct_rtp) 999 if (nf_nat_sdp_media && ct->status & IPS_NAT_MASK && !direct_rtp)
985 ret = nf_nat_sdp_media(skb, dataoff, dptr, datalen, 1000 ret = nf_nat_sdp_media(skb, protoff, dataoff, dptr, datalen,
986 rtp_exp, rtcp_exp, 1001 rtp_exp, rtcp_exp,
987 mediaoff, medialen, daddr); 1002 mediaoff, medialen, daddr);
988 else { 1003 else {
@@ -1023,7 +1038,8 @@ static const struct sdp_media_type *sdp_media_type(const char *dptr,
1023 return NULL; 1038 return NULL;
1024} 1039}
1025 1040
1026static int process_sdp(struct sk_buff *skb, unsigned int dataoff, 1041static int process_sdp(struct sk_buff *skb, unsigned int protoff,
1042 unsigned int dataoff,
1027 const char **dptr, unsigned int *datalen, 1043 const char **dptr, unsigned int *datalen,
1028 unsigned int cseq) 1044 unsigned int cseq)
1029{ 1045{
@@ -1036,15 +1052,12 @@ static int process_sdp(struct sk_buff *skb, unsigned int dataoff,
1036 unsigned int i; 1052 unsigned int i;
1037 union nf_inet_addr caddr, maddr, rtp_addr; 1053 union nf_inet_addr caddr, maddr, rtp_addr;
1038 unsigned int port; 1054 unsigned int port;
1039 enum sdp_header_types c_hdr;
1040 const struct sdp_media_type *t; 1055 const struct sdp_media_type *t;
1041 int ret = NF_ACCEPT; 1056 int ret = NF_ACCEPT;
1042 typeof(nf_nat_sdp_addr_hook) nf_nat_sdp_addr; 1057 typeof(nf_nat_sdp_addr_hook) nf_nat_sdp_addr;
1043 typeof(nf_nat_sdp_session_hook) nf_nat_sdp_session; 1058 typeof(nf_nat_sdp_session_hook) nf_nat_sdp_session;
1044 1059
1045 nf_nat_sdp_addr = rcu_dereference(nf_nat_sdp_addr_hook); 1060 nf_nat_sdp_addr = rcu_dereference(nf_nat_sdp_addr_hook);
1046 c_hdr = nf_ct_l3num(ct) == AF_INET ? SDP_HDR_CONNECTION_IP4 :
1047 SDP_HDR_CONNECTION_IP6;
1048 1061
1049 /* Find beginning of session description */ 1062 /* Find beginning of session description */
1050 if (ct_sip_get_sdp_header(ct, *dptr, 0, *datalen, 1063 if (ct_sip_get_sdp_header(ct, *dptr, 0, *datalen,
@@ -1058,7 +1071,7 @@ static int process_sdp(struct sk_buff *skb, unsigned int dataoff,
1058 * the end of the session description. */ 1071 * the end of the session description. */
1059 caddr_len = 0; 1072 caddr_len = 0;
1060 if (ct_sip_parse_sdp_addr(ct, *dptr, sdpoff, *datalen, 1073 if (ct_sip_parse_sdp_addr(ct, *dptr, sdpoff, *datalen,
1061 c_hdr, SDP_HDR_MEDIA, 1074 SDP_HDR_CONNECTION, SDP_HDR_MEDIA,
1062 &matchoff, &matchlen, &caddr) > 0) 1075 &matchoff, &matchlen, &caddr) > 0)
1063 caddr_len = matchlen; 1076 caddr_len = matchlen;
1064 1077
@@ -1088,7 +1101,7 @@ static int process_sdp(struct sk_buff *skb, unsigned int dataoff,
1088 /* The media description overrides the session description. */ 1101 /* The media description overrides the session description. */
1089 maddr_len = 0; 1102 maddr_len = 0;
1090 if (ct_sip_parse_sdp_addr(ct, *dptr, mediaoff, *datalen, 1103 if (ct_sip_parse_sdp_addr(ct, *dptr, mediaoff, *datalen,
1091 c_hdr, SDP_HDR_MEDIA, 1104 SDP_HDR_CONNECTION, SDP_HDR_MEDIA,
1092 &matchoff, &matchlen, &maddr) > 0) { 1105 &matchoff, &matchlen, &maddr) > 0) {
1093 maddr_len = matchlen; 1106 maddr_len = matchlen;
1094 memcpy(&rtp_addr, &maddr, sizeof(rtp_addr)); 1107 memcpy(&rtp_addr, &maddr, sizeof(rtp_addr));
@@ -1097,7 +1110,8 @@ static int process_sdp(struct sk_buff *skb, unsigned int dataoff,
1097 else 1110 else
1098 return NF_DROP; 1111 return NF_DROP;
1099 1112
1100 ret = set_expected_rtp_rtcp(skb, dataoff, dptr, datalen, 1113 ret = set_expected_rtp_rtcp(skb, protoff, dataoff,
1114 dptr, datalen,
1101 &rtp_addr, htons(port), t->class, 1115 &rtp_addr, htons(port), t->class,
1102 mediaoff, medialen); 1116 mediaoff, medialen);
1103 if (ret != NF_ACCEPT) 1117 if (ret != NF_ACCEPT)
@@ -1105,8 +1119,9 @@ static int process_sdp(struct sk_buff *skb, unsigned int dataoff,
1105 1119
1106 /* Update media connection address if present */ 1120 /* Update media connection address if present */
1107 if (maddr_len && nf_nat_sdp_addr && ct->status & IPS_NAT_MASK) { 1121 if (maddr_len && nf_nat_sdp_addr && ct->status & IPS_NAT_MASK) {
1108 ret = nf_nat_sdp_addr(skb, dataoff, dptr, datalen, 1122 ret = nf_nat_sdp_addr(skb, protoff, dataoff,
1109 mediaoff, c_hdr, SDP_HDR_MEDIA, 1123 dptr, datalen, mediaoff,
1124 SDP_HDR_CONNECTION, SDP_HDR_MEDIA,
1110 &rtp_addr); 1125 &rtp_addr);
1111 if (ret != NF_ACCEPT) 1126 if (ret != NF_ACCEPT)
1112 return ret; 1127 return ret;
@@ -1117,12 +1132,13 @@ static int process_sdp(struct sk_buff *skb, unsigned int dataoff,
1117 /* Update session connection and owner addresses */ 1132 /* Update session connection and owner addresses */
1118 nf_nat_sdp_session = rcu_dereference(nf_nat_sdp_session_hook); 1133 nf_nat_sdp_session = rcu_dereference(nf_nat_sdp_session_hook);
1119 if (nf_nat_sdp_session && ct->status & IPS_NAT_MASK) 1134 if (nf_nat_sdp_session && ct->status & IPS_NAT_MASK)
1120 ret = nf_nat_sdp_session(skb, dataoff, dptr, datalen, sdpoff, 1135 ret = nf_nat_sdp_session(skb, protoff, dataoff,
1121 &rtp_addr); 1136 dptr, datalen, sdpoff, &rtp_addr);
1122 1137
1123 return ret; 1138 return ret;
1124} 1139}
1125static int process_invite_response(struct sk_buff *skb, unsigned int dataoff, 1140static int process_invite_response(struct sk_buff *skb, unsigned int protoff,
1141 unsigned int dataoff,
1126 const char **dptr, unsigned int *datalen, 1142 const char **dptr, unsigned int *datalen,
1127 unsigned int cseq, unsigned int code) 1143 unsigned int cseq, unsigned int code)
1128{ 1144{
@@ -1132,13 +1148,14 @@ static int process_invite_response(struct sk_buff *skb, unsigned int dataoff,
1132 1148
1133 if ((code >= 100 && code <= 199) || 1149 if ((code >= 100 && code <= 199) ||
1134 (code >= 200 && code <= 299)) 1150 (code >= 200 && code <= 299))
1135 return process_sdp(skb, dataoff, dptr, datalen, cseq); 1151 return process_sdp(skb, protoff, dataoff, dptr, datalen, cseq);
1136 else if (ct_sip_info->invite_cseq == cseq) 1152 else if (ct_sip_info->invite_cseq == cseq)
1137 flush_expectations(ct, true); 1153 flush_expectations(ct, true);
1138 return NF_ACCEPT; 1154 return NF_ACCEPT;
1139} 1155}
1140 1156
1141static int process_update_response(struct sk_buff *skb, unsigned int dataoff, 1157static int process_update_response(struct sk_buff *skb, unsigned int protoff,
1158 unsigned int dataoff,
1142 const char **dptr, unsigned int *datalen, 1159 const char **dptr, unsigned int *datalen,
1143 unsigned int cseq, unsigned int code) 1160 unsigned int cseq, unsigned int code)
1144{ 1161{
@@ -1148,13 +1165,14 @@ static int process_update_response(struct sk_buff *skb, unsigned int dataoff,
1148 1165
1149 if ((code >= 100 && code <= 199) || 1166 if ((code >= 100 && code <= 199) ||
1150 (code >= 200 && code <= 299)) 1167 (code >= 200 && code <= 299))
1151 return process_sdp(skb, dataoff, dptr, datalen, cseq); 1168 return process_sdp(skb, protoff, dataoff, dptr, datalen, cseq);
1152 else if (ct_sip_info->invite_cseq == cseq) 1169 else if (ct_sip_info->invite_cseq == cseq)
1153 flush_expectations(ct, true); 1170 flush_expectations(ct, true);
1154 return NF_ACCEPT; 1171 return NF_ACCEPT;
1155} 1172}
1156 1173
1157static int process_prack_response(struct sk_buff *skb, unsigned int dataoff, 1174static int process_prack_response(struct sk_buff *skb, unsigned int protoff,
1175 unsigned int dataoff,
1158 const char **dptr, unsigned int *datalen, 1176 const char **dptr, unsigned int *datalen,
1159 unsigned int cseq, unsigned int code) 1177 unsigned int cseq, unsigned int code)
1160{ 1178{
@@ -1164,13 +1182,14 @@ static int process_prack_response(struct sk_buff *skb, unsigned int dataoff,
1164 1182
1165 if ((code >= 100 && code <= 199) || 1183 if ((code >= 100 && code <= 199) ||
1166 (code >= 200 && code <= 299)) 1184 (code >= 200 && code <= 299))
1167 return process_sdp(skb, dataoff, dptr, datalen, cseq); 1185 return process_sdp(skb, protoff, dataoff, dptr, datalen, cseq);
1168 else if (ct_sip_info->invite_cseq == cseq) 1186 else if (ct_sip_info->invite_cseq == cseq)
1169 flush_expectations(ct, true); 1187 flush_expectations(ct, true);
1170 return NF_ACCEPT; 1188 return NF_ACCEPT;
1171} 1189}
1172 1190
1173static int process_invite_request(struct sk_buff *skb, unsigned int dataoff, 1191static int process_invite_request(struct sk_buff *skb, unsigned int protoff,
1192 unsigned int dataoff,
1174 const char **dptr, unsigned int *datalen, 1193 const char **dptr, unsigned int *datalen,
1175 unsigned int cseq) 1194 unsigned int cseq)
1176{ 1195{
@@ -1180,13 +1199,14 @@ static int process_invite_request(struct sk_buff *skb, unsigned int dataoff,
1180 unsigned int ret; 1199 unsigned int ret;
1181 1200
1182 flush_expectations(ct, true); 1201 flush_expectations(ct, true);
1183 ret = process_sdp(skb, dataoff, dptr, datalen, cseq); 1202 ret = process_sdp(skb, protoff, dataoff, dptr, datalen, cseq);
1184 if (ret == NF_ACCEPT) 1203 if (ret == NF_ACCEPT)
1185 ct_sip_info->invite_cseq = cseq; 1204 ct_sip_info->invite_cseq = cseq;
1186 return ret; 1205 return ret;
1187} 1206}
1188 1207
1189static int process_bye_request(struct sk_buff *skb, unsigned int dataoff, 1208static int process_bye_request(struct sk_buff *skb, unsigned int protoff,
1209 unsigned int dataoff,
1190 const char **dptr, unsigned int *datalen, 1210 const char **dptr, unsigned int *datalen,
1191 unsigned int cseq) 1211 unsigned int cseq)
1192{ 1212{
@@ -1201,7 +1221,8 @@ static int process_bye_request(struct sk_buff *skb, unsigned int dataoff,
1201 * signalling connections. The expectation is marked inactive and is activated 1221 * signalling connections. The expectation is marked inactive and is activated
1202 * when receiving a response indicating success from the registrar. 1222 * when receiving a response indicating success from the registrar.
1203 */ 1223 */
1204static int process_register_request(struct sk_buff *skb, unsigned int dataoff, 1224static int process_register_request(struct sk_buff *skb, unsigned int protoff,
1225 unsigned int dataoff,
1205 const char **dptr, unsigned int *datalen, 1226 const char **dptr, unsigned int *datalen,
1206 unsigned int cseq) 1227 unsigned int cseq)
1207{ 1228{
@@ -1276,8 +1297,8 @@ static int process_register_request(struct sk_buff *skb, unsigned int dataoff,
1276 1297
1277 nf_nat_sip_expect = rcu_dereference(nf_nat_sip_expect_hook); 1298 nf_nat_sip_expect = rcu_dereference(nf_nat_sip_expect_hook);
1278 if (nf_nat_sip_expect && ct->status & IPS_NAT_MASK) 1299 if (nf_nat_sip_expect && ct->status & IPS_NAT_MASK)
1279 ret = nf_nat_sip_expect(skb, dataoff, dptr, datalen, exp, 1300 ret = nf_nat_sip_expect(skb, protoff, dataoff, dptr, datalen,
1280 matchoff, matchlen); 1301 exp, matchoff, matchlen);
1281 else { 1302 else {
1282 if (nf_ct_expect_related(exp) != 0) 1303 if (nf_ct_expect_related(exp) != 0)
1283 ret = NF_DROP; 1304 ret = NF_DROP;
@@ -1292,7 +1313,8 @@ store_cseq:
1292 return ret; 1313 return ret;
1293} 1314}
1294 1315
1295static int process_register_response(struct sk_buff *skb, unsigned int dataoff, 1316static int process_register_response(struct sk_buff *skb, unsigned int protoff,
1317 unsigned int dataoff,
1296 const char **dptr, unsigned int *datalen, 1318 const char **dptr, unsigned int *datalen,
1297 unsigned int cseq, unsigned int code) 1319 unsigned int cseq, unsigned int code)
1298{ 1320{
@@ -1374,7 +1396,8 @@ static const struct sip_handler sip_handlers[] = {
1374 SIP_HANDLER("REGISTER", process_register_request, process_register_response), 1396 SIP_HANDLER("REGISTER", process_register_request, process_register_response),
1375}; 1397};
1376 1398
1377static int process_sip_response(struct sk_buff *skb, unsigned int dataoff, 1399static int process_sip_response(struct sk_buff *skb, unsigned int protoff,
1400 unsigned int dataoff,
1378 const char **dptr, unsigned int *datalen) 1401 const char **dptr, unsigned int *datalen)
1379{ 1402{
1380 enum ip_conntrack_info ctinfo; 1403 enum ip_conntrack_info ctinfo;
@@ -1405,13 +1428,14 @@ static int process_sip_response(struct sk_buff *skb, unsigned int dataoff,
1405 if (*datalen < matchend + handler->len || 1428 if (*datalen < matchend + handler->len ||
1406 strnicmp(*dptr + matchend, handler->method, handler->len)) 1429 strnicmp(*dptr + matchend, handler->method, handler->len))
1407 continue; 1430 continue;
1408 return handler->response(skb, dataoff, dptr, datalen, 1431 return handler->response(skb, protoff, dataoff, dptr, datalen,
1409 cseq, code); 1432 cseq, code);
1410 } 1433 }
1411 return NF_ACCEPT; 1434 return NF_ACCEPT;
1412} 1435}
1413 1436
1414static int process_sip_request(struct sk_buff *skb, unsigned int dataoff, 1437static int process_sip_request(struct sk_buff *skb, unsigned int protoff,
1438 unsigned int dataoff,
1415 const char **dptr, unsigned int *datalen) 1439 const char **dptr, unsigned int *datalen)
1416{ 1440{
1417 enum ip_conntrack_info ctinfo; 1441 enum ip_conntrack_info ctinfo;
@@ -1436,26 +1460,28 @@ static int process_sip_request(struct sk_buff *skb, unsigned int dataoff,
1436 if (!cseq) 1460 if (!cseq)
1437 return NF_DROP; 1461 return NF_DROP;
1438 1462
1439 return handler->request(skb, dataoff, dptr, datalen, cseq); 1463 return handler->request(skb, protoff, dataoff, dptr, datalen,
1464 cseq);
1440 } 1465 }
1441 return NF_ACCEPT; 1466 return NF_ACCEPT;
1442} 1467}
1443 1468
1444static int process_sip_msg(struct sk_buff *skb, struct nf_conn *ct, 1469static int process_sip_msg(struct sk_buff *skb, struct nf_conn *ct,
1445 unsigned int dataoff, const char **dptr, 1470 unsigned int protoff, unsigned int dataoff,
1446 unsigned int *datalen) 1471 const char **dptr, unsigned int *datalen)
1447{ 1472{
1448 typeof(nf_nat_sip_hook) nf_nat_sip; 1473 typeof(nf_nat_sip_hook) nf_nat_sip;
1449 int ret; 1474 int ret;
1450 1475
1451 if (strnicmp(*dptr, "SIP/2.0 ", strlen("SIP/2.0 ")) != 0) 1476 if (strnicmp(*dptr, "SIP/2.0 ", strlen("SIP/2.0 ")) != 0)
1452 ret = process_sip_request(skb, dataoff, dptr, datalen); 1477 ret = process_sip_request(skb, protoff, dataoff, dptr, datalen);
1453 else 1478 else
1454 ret = process_sip_response(skb, dataoff, dptr, datalen); 1479 ret = process_sip_response(skb, protoff, dataoff, dptr, datalen);
1455 1480
1456 if (ret == NF_ACCEPT && ct->status & IPS_NAT_MASK) { 1481 if (ret == NF_ACCEPT && ct->status & IPS_NAT_MASK) {
1457 nf_nat_sip = rcu_dereference(nf_nat_sip_hook); 1482 nf_nat_sip = rcu_dereference(nf_nat_sip_hook);
1458 if (nf_nat_sip && !nf_nat_sip(skb, dataoff, dptr, datalen)) 1483 if (nf_nat_sip && !nf_nat_sip(skb, protoff, dataoff,
1484 dptr, datalen))
1459 ret = NF_DROP; 1485 ret = NF_DROP;
1460 } 1486 }
1461 1487
@@ -1523,7 +1549,8 @@ static int sip_help_tcp(struct sk_buff *skb, unsigned int protoff,
1523 if (msglen > datalen) 1549 if (msglen > datalen)
1524 return NF_DROP; 1550 return NF_DROP;
1525 1551
1526 ret = process_sip_msg(skb, ct, dataoff, &dptr, &msglen); 1552 ret = process_sip_msg(skb, ct, protoff, dataoff,
1553 &dptr, &msglen);
1527 if (ret != NF_ACCEPT) 1554 if (ret != NF_ACCEPT)
1528 break; 1555 break;
1529 diff = msglen - origlen; 1556 diff = msglen - origlen;
@@ -1537,7 +1564,7 @@ static int sip_help_tcp(struct sk_buff *skb, unsigned int protoff,
1537 if (ret == NF_ACCEPT && ct->status & IPS_NAT_MASK) { 1564 if (ret == NF_ACCEPT && ct->status & IPS_NAT_MASK) {
1538 nf_nat_sip_seq_adjust = rcu_dereference(nf_nat_sip_seq_adjust_hook); 1565 nf_nat_sip_seq_adjust = rcu_dereference(nf_nat_sip_seq_adjust_hook);
1539 if (nf_nat_sip_seq_adjust) 1566 if (nf_nat_sip_seq_adjust)
1540 nf_nat_sip_seq_adjust(skb, tdiff); 1567 nf_nat_sip_seq_adjust(skb, protoff, tdiff);
1541 } 1568 }
1542 1569
1543 return ret; 1570 return ret;
@@ -1564,7 +1591,7 @@ static int sip_help_udp(struct sk_buff *skb, unsigned int protoff,
1564 if (datalen < strlen("SIP/2.0 200")) 1591 if (datalen < strlen("SIP/2.0 200"))
1565 return NF_ACCEPT; 1592 return NF_ACCEPT;
1566 1593
1567 return process_sip_msg(skb, ct, dataoff, &dptr, &datalen); 1594 return process_sip_msg(skb, ct, protoff, dataoff, &dptr, &datalen);
1568} 1595}
1569 1596
1570static struct nf_conntrack_helper sip[MAX_PORTS][4] __read_mostly; 1597static struct nf_conntrack_helper sip[MAX_PORTS][4] __read_mostly;
diff --git a/net/netfilter/nf_internals.h b/net/netfilter/nf_internals.h
index 770f76432ad0..3deec997be89 100644
--- a/net/netfilter/nf_internals.h
+++ b/net/netfilter/nf_internals.h
@@ -18,13 +18,13 @@ extern unsigned int nf_iterate(struct list_head *head,
18 unsigned int hook, 18 unsigned int hook,
19 const struct net_device *indev, 19 const struct net_device *indev,
20 const struct net_device *outdev, 20 const struct net_device *outdev,
21 struct list_head **i, 21 struct nf_hook_ops **elemp,
22 int (*okfn)(struct sk_buff *), 22 int (*okfn)(struct sk_buff *),
23 int hook_thresh); 23 int hook_thresh);
24 24
25/* nf_queue.c */ 25/* nf_queue.c */
26extern int nf_queue(struct sk_buff *skb, 26extern int nf_queue(struct sk_buff *skb,
27 struct list_head *elem, 27 struct nf_hook_ops *elem,
28 u_int8_t pf, unsigned int hook, 28 u_int8_t pf, unsigned int hook,
29 struct net_device *indev, 29 struct net_device *indev,
30 struct net_device *outdev, 30 struct net_device *outdev,
diff --git a/net/ipv4/netfilter/nf_nat_amanda.c b/net/netfilter/nf_nat_amanda.c
index 3c04d24e2976..42d337881171 100644
--- a/net/ipv4/netfilter/nf_nat_amanda.c
+++ b/net/netfilter/nf_nat_amanda.c
@@ -16,7 +16,6 @@
16#include <net/netfilter/nf_conntrack_helper.h> 16#include <net/netfilter/nf_conntrack_helper.h>
17#include <net/netfilter/nf_conntrack_expect.h> 17#include <net/netfilter/nf_conntrack_expect.h>
18#include <net/netfilter/nf_nat_helper.h> 18#include <net/netfilter/nf_nat_helper.h>
19#include <net/netfilter/nf_nat_rule.h>
20#include <linux/netfilter/nf_conntrack_amanda.h> 19#include <linux/netfilter/nf_conntrack_amanda.h>
21 20
22MODULE_AUTHOR("Brian J. Murrell <netfilter@interlinx.bc.ca>"); 21MODULE_AUTHOR("Brian J. Murrell <netfilter@interlinx.bc.ca>");
@@ -26,6 +25,7 @@ MODULE_ALIAS("ip_nat_amanda");
26 25
27static unsigned int help(struct sk_buff *skb, 26static unsigned int help(struct sk_buff *skb,
28 enum ip_conntrack_info ctinfo, 27 enum ip_conntrack_info ctinfo,
28 unsigned int protoff,
29 unsigned int matchoff, 29 unsigned int matchoff,
30 unsigned int matchlen, 30 unsigned int matchlen,
31 struct nf_conntrack_expect *exp) 31 struct nf_conntrack_expect *exp)
@@ -61,7 +61,7 @@ static unsigned int help(struct sk_buff *skb,
61 61
62 sprintf(buffer, "%u", port); 62 sprintf(buffer, "%u", port);
63 ret = nf_nat_mangle_udp_packet(skb, exp->master, ctinfo, 63 ret = nf_nat_mangle_udp_packet(skb, exp->master, ctinfo,
64 matchoff, matchlen, 64 protoff, matchoff, matchlen,
65 buffer, strlen(buffer)); 65 buffer, strlen(buffer));
66 if (ret != NF_ACCEPT) 66 if (ret != NF_ACCEPT)
67 nf_ct_unexpect_related(exp); 67 nf_ct_unexpect_related(exp);
diff --git a/net/ipv4/netfilter/nf_nat_core.c b/net/netfilter/nf_nat_core.c
index 44b082fd48ab..5f2f9109f461 100644
--- a/net/ipv4/netfilter/nf_nat_core.c
+++ b/net/netfilter/nf_nat_core.c
@@ -1,7 +1,7 @@
1/* NAT for netfilter; shared with compatibility layer. */ 1/*
2 2 * (C) 1999-2001 Paul `Rusty' Russell
3/* (C) 1999-2001 Paul `Rusty' Russell
4 * (C) 2002-2006 Netfilter Core Team <coreteam@netfilter.org> 3 * (C) 2002-2006 Netfilter Core Team <coreteam@netfilter.org>
4 * (C) 2011 Patrick McHardy <kaber@trash.net>
5 * 5 *
6 * This program is free software; you can redistribute it and/or modify 6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as 7 * it under the terms of the GNU General Public License version 2 as
@@ -13,38 +13,105 @@
13#include <linux/timer.h> 13#include <linux/timer.h>
14#include <linux/skbuff.h> 14#include <linux/skbuff.h>
15#include <linux/gfp.h> 15#include <linux/gfp.h>
16#include <net/checksum.h> 16#include <net/xfrm.h>
17#include <net/icmp.h>
18#include <net/ip.h>
19#include <net/tcp.h> /* For tcp_prot in getorigdst */
20#include <linux/icmp.h>
21#include <linux/udp.h>
22#include <linux/jhash.h> 17#include <linux/jhash.h>
18#include <linux/rtnetlink.h>
23 19
24#include <linux/netfilter_ipv4.h>
25#include <net/netfilter/nf_conntrack.h> 20#include <net/netfilter/nf_conntrack.h>
26#include <net/netfilter/nf_conntrack_core.h> 21#include <net/netfilter/nf_conntrack_core.h>
27#include <net/netfilter/nf_nat.h> 22#include <net/netfilter/nf_nat.h>
28#include <net/netfilter/nf_nat_protocol.h> 23#include <net/netfilter/nf_nat_l3proto.h>
24#include <net/netfilter/nf_nat_l4proto.h>
29#include <net/netfilter/nf_nat_core.h> 25#include <net/netfilter/nf_nat_core.h>
30#include <net/netfilter/nf_nat_helper.h> 26#include <net/netfilter/nf_nat_helper.h>
31#include <net/netfilter/nf_conntrack_helper.h> 27#include <net/netfilter/nf_conntrack_helper.h>
32#include <net/netfilter/nf_conntrack_l3proto.h> 28#include <net/netfilter/nf_conntrack_l3proto.h>
33#include <net/netfilter/nf_conntrack_zones.h> 29#include <net/netfilter/nf_conntrack_zones.h>
30#include <linux/netfilter/nf_nat.h>
34 31
35static DEFINE_SPINLOCK(nf_nat_lock); 32static DEFINE_SPINLOCK(nf_nat_lock);
36 33
37static struct nf_conntrack_l3proto *l3proto __read_mostly; 34static DEFINE_MUTEX(nf_nat_proto_mutex);
38 35static const struct nf_nat_l3proto __rcu *nf_nat_l3protos[NFPROTO_NUMPROTO]
39#define MAX_IP_NAT_PROTO 256 36 __read_mostly;
40static const struct nf_nat_protocol __rcu *nf_nat_protos[MAX_IP_NAT_PROTO] 37static const struct nf_nat_l4proto __rcu **nf_nat_l4protos[NFPROTO_NUMPROTO]
41 __read_mostly; 38 __read_mostly;
42 39
43static inline const struct nf_nat_protocol * 40
44__nf_nat_proto_find(u_int8_t protonum) 41inline const struct nf_nat_l3proto *
42__nf_nat_l3proto_find(u8 family)
43{
44 return rcu_dereference(nf_nat_l3protos[family]);
45}
46
47inline const struct nf_nat_l4proto *
48__nf_nat_l4proto_find(u8 family, u8 protonum)
49{
50 return rcu_dereference(nf_nat_l4protos[family][protonum]);
51}
52EXPORT_SYMBOL_GPL(__nf_nat_l4proto_find);
53
54#ifdef CONFIG_XFRM
55static void __nf_nat_decode_session(struct sk_buff *skb, struct flowi *fl)
56{
57 const struct nf_nat_l3proto *l3proto;
58 const struct nf_conn *ct;
59 enum ip_conntrack_info ctinfo;
60 enum ip_conntrack_dir dir;
61 unsigned long statusbit;
62 u8 family;
63
64 ct = nf_ct_get(skb, &ctinfo);
65 if (ct == NULL)
66 return;
67
68 family = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.l3num;
69 rcu_read_lock();
70 l3proto = __nf_nat_l3proto_find(family);
71 if (l3proto == NULL)
72 goto out;
73
74 dir = CTINFO2DIR(ctinfo);
75 if (dir == IP_CT_DIR_ORIGINAL)
76 statusbit = IPS_DST_NAT;
77 else
78 statusbit = IPS_SRC_NAT;
79
80 l3proto->decode_session(skb, ct, dir, statusbit, fl);
81out:
82 rcu_read_unlock();
83}
84
85int nf_xfrm_me_harder(struct sk_buff *skb, unsigned int family)
45{ 86{
46 return rcu_dereference(nf_nat_protos[protonum]); 87 struct flowi fl;
88 unsigned int hh_len;
89 struct dst_entry *dst;
90
91 if (xfrm_decode_session(skb, &fl, family) < 0)
92 return -1;
93
94 dst = skb_dst(skb);
95 if (dst->xfrm)
96 dst = ((struct xfrm_dst *)dst)->route;
97 dst_hold(dst);
98
99 dst = xfrm_lookup(dev_net(dst->dev), dst, &fl, skb->sk, 0);
100 if (IS_ERR(dst))
101 return -1;
102
103 skb_dst_drop(skb);
104 skb_dst_set(skb, dst);
105
106 /* Change in oif may mean change in hh_len. */
107 hh_len = skb_dst(skb)->dev->hard_header_len;
108 if (skb_headroom(skb) < hh_len &&
109 pskb_expand_head(skb, hh_len - skb_headroom(skb), 0, GFP_ATOMIC))
110 return -1;
111 return 0;
47} 112}
113EXPORT_SYMBOL(nf_xfrm_me_harder);
114#endif /* CONFIG_XFRM */
48 115
49/* We keep an extra hash for each conntrack, for fast searching. */ 116/* We keep an extra hash for each conntrack, for fast searching. */
50static inline unsigned int 117static inline unsigned int
@@ -54,10 +121,9 @@ hash_by_src(const struct net *net, u16 zone,
54 unsigned int hash; 121 unsigned int hash;
55 122
56 /* Original src, to ensure we map it consistently if poss. */ 123 /* Original src, to ensure we map it consistently if poss. */
57 hash = jhash_3words((__force u32)tuple->src.u3.ip, 124 hash = jhash2((u32 *)&tuple->src, sizeof(tuple->src) / sizeof(u32),
58 (__force u32)tuple->src.u.all ^ zone, 125 tuple->dst.protonum ^ zone ^ nf_conntrack_hash_rnd);
59 tuple->dst.protonum, nf_conntrack_hash_rnd); 126 return ((u64)hash * net->ct.nat_htable_size) >> 32;
60 return ((u64)hash * net->ipv4.nat_htable_size) >> 32;
61} 127}
62 128
63/* Is this tuple already taken? (not by us) */ 129/* Is this tuple already taken? (not by us) */
@@ -66,10 +132,11 @@ nf_nat_used_tuple(const struct nf_conntrack_tuple *tuple,
66 const struct nf_conn *ignored_conntrack) 132 const struct nf_conn *ignored_conntrack)
67{ 133{
68 /* Conntrack tracking doesn't keep track of outgoing tuples; only 134 /* Conntrack tracking doesn't keep track of outgoing tuples; only
69 incoming ones. NAT means they don't have a fixed mapping, 135 * incoming ones. NAT means they don't have a fixed mapping,
70 so we invert the tuple and look for the incoming reply. 136 * so we invert the tuple and look for the incoming reply.
71 137 *
72 We could keep a separate hash if this proves too slow. */ 138 * We could keep a separate hash if this proves too slow.
139 */
73 struct nf_conntrack_tuple reply; 140 struct nf_conntrack_tuple reply;
74 141
75 nf_ct_invert_tuplepr(&reply, tuple); 142 nf_ct_invert_tuplepr(&reply, tuple);
@@ -78,31 +145,26 @@ nf_nat_used_tuple(const struct nf_conntrack_tuple *tuple,
78EXPORT_SYMBOL(nf_nat_used_tuple); 145EXPORT_SYMBOL(nf_nat_used_tuple);
79 146
80/* If we source map this tuple so reply looks like reply_tuple, will 147/* If we source map this tuple so reply looks like reply_tuple, will
81 * that meet the constraints of range. */ 148 * that meet the constraints of range.
82static int 149 */
83in_range(const struct nf_conntrack_tuple *tuple, 150static int in_range(const struct nf_nat_l3proto *l3proto,
84 const struct nf_nat_ipv4_range *range) 151 const struct nf_nat_l4proto *l4proto,
152 const struct nf_conntrack_tuple *tuple,
153 const struct nf_nat_range *range)
85{ 154{
86 const struct nf_nat_protocol *proto;
87 int ret = 0;
88
89 /* If we are supposed to map IPs, then we must be in the 155 /* If we are supposed to map IPs, then we must be in the
90 range specified, otherwise let this drag us onto a new src IP. */ 156 * range specified, otherwise let this drag us onto a new src IP.
91 if (range->flags & NF_NAT_RANGE_MAP_IPS) { 157 */
92 if (ntohl(tuple->src.u3.ip) < ntohl(range->min_ip) || 158 if (range->flags & NF_NAT_RANGE_MAP_IPS &&
93 ntohl(tuple->src.u3.ip) > ntohl(range->max_ip)) 159 !l3proto->in_range(tuple, range))
94 return 0; 160 return 0;
95 }
96 161
97 rcu_read_lock();
98 proto = __nf_nat_proto_find(tuple->dst.protonum);
99 if (!(range->flags & NF_NAT_RANGE_PROTO_SPECIFIED) || 162 if (!(range->flags & NF_NAT_RANGE_PROTO_SPECIFIED) ||
100 proto->in_range(tuple, NF_NAT_MANIP_SRC, 163 l4proto->in_range(tuple, NF_NAT_MANIP_SRC,
101 &range->min, &range->max)) 164 &range->min_proto, &range->max_proto))
102 ret = 1; 165 return 1;
103 rcu_read_unlock();
104 166
105 return ret; 167 return 0;
106} 168}
107 169
108static inline int 170static inline int
@@ -113,24 +175,25 @@ same_src(const struct nf_conn *ct,
113 175
114 t = &ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple; 176 t = &ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple;
115 return (t->dst.protonum == tuple->dst.protonum && 177 return (t->dst.protonum == tuple->dst.protonum &&
116 t->src.u3.ip == tuple->src.u3.ip && 178 nf_inet_addr_cmp(&t->src.u3, &tuple->src.u3) &&
117 t->src.u.all == tuple->src.u.all); 179 t->src.u.all == tuple->src.u.all);
118} 180}
119 181
120/* Only called for SRC manip */ 182/* Only called for SRC manip */
121static int 183static int
122find_appropriate_src(struct net *net, u16 zone, 184find_appropriate_src(struct net *net, u16 zone,
185 const struct nf_nat_l3proto *l3proto,
186 const struct nf_nat_l4proto *l4proto,
123 const struct nf_conntrack_tuple *tuple, 187 const struct nf_conntrack_tuple *tuple,
124 struct nf_conntrack_tuple *result, 188 struct nf_conntrack_tuple *result,
125 const struct nf_nat_ipv4_range *range) 189 const struct nf_nat_range *range)
126{ 190{
127 unsigned int h = hash_by_src(net, zone, tuple); 191 unsigned int h = hash_by_src(net, zone, tuple);
128 const struct nf_conn_nat *nat; 192 const struct nf_conn_nat *nat;
129 const struct nf_conn *ct; 193 const struct nf_conn *ct;
130 const struct hlist_node *n; 194 const struct hlist_node *n;
131 195
132 rcu_read_lock(); 196 hlist_for_each_entry_rcu(nat, n, &net->ct.nat_bysource[h], bysource) {
133 hlist_for_each_entry_rcu(nat, n, &net->ipv4.nat_bysource[h], bysource) {
134 ct = nat->ct; 197 ct = nat->ct;
135 if (same_src(ct, tuple) && nf_ct_zone(ct) == zone) { 198 if (same_src(ct, tuple) && nf_ct_zone(ct) == zone) {
136 /* Copy source part from reply tuple. */ 199 /* Copy source part from reply tuple. */
@@ -138,119 +201,148 @@ find_appropriate_src(struct net *net, u16 zone,
138 &ct->tuplehash[IP_CT_DIR_REPLY].tuple); 201 &ct->tuplehash[IP_CT_DIR_REPLY].tuple);
139 result->dst = tuple->dst; 202 result->dst = tuple->dst;
140 203
141 if (in_range(result, range)) { 204 if (in_range(l3proto, l4proto, result, range))
142 rcu_read_unlock();
143 return 1; 205 return 1;
144 }
145 } 206 }
146 } 207 }
147 rcu_read_unlock();
148 return 0; 208 return 0;
149} 209}
150 210
151/* For [FUTURE] fragmentation handling, we want the least-used 211/* For [FUTURE] fragmentation handling, we want the least-used
152 src-ip/dst-ip/proto triple. Fairness doesn't come into it. Thus 212 * src-ip/dst-ip/proto triple. Fairness doesn't come into it. Thus
153 if the range specifies 1.2.3.4 ports 10000-10005 and 1.2.3.5 ports 213 * if the range specifies 1.2.3.4 ports 10000-10005 and 1.2.3.5 ports
154 1-65535, we don't do pro-rata allocation based on ports; we choose 214 * 1-65535, we don't do pro-rata allocation based on ports; we choose
155 the ip with the lowest src-ip/dst-ip/proto usage. 215 * the ip with the lowest src-ip/dst-ip/proto usage.
156*/ 216 */
157static void 217static void
158find_best_ips_proto(u16 zone, struct nf_conntrack_tuple *tuple, 218find_best_ips_proto(u16 zone, struct nf_conntrack_tuple *tuple,
159 const struct nf_nat_ipv4_range *range, 219 const struct nf_nat_range *range,
160 const struct nf_conn *ct, 220 const struct nf_conn *ct,
161 enum nf_nat_manip_type maniptype) 221 enum nf_nat_manip_type maniptype)
162{ 222{
163 __be32 *var_ipp; 223 union nf_inet_addr *var_ipp;
224 unsigned int i, max;
164 /* Host order */ 225 /* Host order */
165 u_int32_t minip, maxip, j; 226 u32 minip, maxip, j, dist;
227 bool full_range;
166 228
167 /* No IP mapping? Do nothing. */ 229 /* No IP mapping? Do nothing. */
168 if (!(range->flags & NF_NAT_RANGE_MAP_IPS)) 230 if (!(range->flags & NF_NAT_RANGE_MAP_IPS))
169 return; 231 return;
170 232
171 if (maniptype == NF_NAT_MANIP_SRC) 233 if (maniptype == NF_NAT_MANIP_SRC)
172 var_ipp = &tuple->src.u3.ip; 234 var_ipp = &tuple->src.u3;
173 else 235 else
174 var_ipp = &tuple->dst.u3.ip; 236 var_ipp = &tuple->dst.u3;
175 237
176 /* Fast path: only one choice. */ 238 /* Fast path: only one choice. */
177 if (range->min_ip == range->max_ip) { 239 if (nf_inet_addr_cmp(&range->min_addr, &range->max_addr)) {
178 *var_ipp = range->min_ip; 240 *var_ipp = range->min_addr;
179 return; 241 return;
180 } 242 }
181 243
244 if (nf_ct_l3num(ct) == NFPROTO_IPV4)
245 max = sizeof(var_ipp->ip) / sizeof(u32) - 1;
246 else
247 max = sizeof(var_ipp->ip6) / sizeof(u32) - 1;
248
182 /* Hashing source and destination IPs gives a fairly even 249 /* Hashing source and destination IPs gives a fairly even
183 * spread in practice (if there are a small number of IPs 250 * spread in practice (if there are a small number of IPs
184 * involved, there usually aren't that many connections 251 * involved, there usually aren't that many connections
185 * anyway). The consistency means that servers see the same 252 * anyway). The consistency means that servers see the same
186 * client coming from the same IP (some Internet Banking sites 253 * client coming from the same IP (some Internet Banking sites
187 * like this), even across reboots. */ 254 * like this), even across reboots.
188 minip = ntohl(range->min_ip); 255 */
189 maxip = ntohl(range->max_ip); 256 j = jhash2((u32 *)&tuple->src.u3, sizeof(tuple->src.u3) / sizeof(u32),
190 j = jhash_2words((__force u32)tuple->src.u3.ip, 257 range->flags & NF_NAT_RANGE_PERSISTENT ?
191 range->flags & NF_NAT_RANGE_PERSISTENT ? 258 0 : (__force u32)tuple->dst.u3.all[max] ^ zone);
192 0 : (__force u32)tuple->dst.u3.ip ^ zone, 0); 259
193 j = ((u64)j * (maxip - minip + 1)) >> 32; 260 full_range = false;
194 *var_ipp = htonl(minip + j); 261 for (i = 0; i <= max; i++) {
262 /* If first bytes of the address are at the maximum, use the
263 * distance. Otherwise use the full range.
264 */
265 if (!full_range) {
266 minip = ntohl((__force __be32)range->min_addr.all[i]);
267 maxip = ntohl((__force __be32)range->max_addr.all[i]);
268 dist = maxip - minip + 1;
269 } else {
270 minip = 0;
271 dist = ~0;
272 }
273
274 var_ipp->all[i] = (__force __u32)
275 htonl(minip + (((u64)j * dist) >> 32));
276 if (var_ipp->all[i] != range->max_addr.all[i])
277 full_range = true;
278
279 if (!(range->flags & NF_NAT_RANGE_PERSISTENT))
280 j ^= (__force u32)tuple->dst.u3.all[i];
281 }
195} 282}
196 283
197/* Manipulate the tuple into the range given. For NF_INET_POST_ROUTING, 284/* Manipulate the tuple into the range given. For NF_INET_POST_ROUTING,
198 * we change the source to map into the range. For NF_INET_PRE_ROUTING 285 * we change the source to map into the range. For NF_INET_PRE_ROUTING
199 * and NF_INET_LOCAL_OUT, we change the destination to map into the 286 * and NF_INET_LOCAL_OUT, we change the destination to map into the
200 * range. It might not be possible to get a unique tuple, but we try. 287 * range. It might not be possible to get a unique tuple, but we try.
201 * At worst (or if we race), we will end up with a final duplicate in 288 * At worst (or if we race), we will end up with a final duplicate in
202 * __ip_conntrack_confirm and drop the packet. */ 289 * __ip_conntrack_confirm and drop the packet. */
203static void 290static void
204get_unique_tuple(struct nf_conntrack_tuple *tuple, 291get_unique_tuple(struct nf_conntrack_tuple *tuple,
205 const struct nf_conntrack_tuple *orig_tuple, 292 const struct nf_conntrack_tuple *orig_tuple,
206 const struct nf_nat_ipv4_range *range, 293 const struct nf_nat_range *range,
207 struct nf_conn *ct, 294 struct nf_conn *ct,
208 enum nf_nat_manip_type maniptype) 295 enum nf_nat_manip_type maniptype)
209{ 296{
297 const struct nf_nat_l3proto *l3proto;
298 const struct nf_nat_l4proto *l4proto;
210 struct net *net = nf_ct_net(ct); 299 struct net *net = nf_ct_net(ct);
211 const struct nf_nat_protocol *proto;
212 u16 zone = nf_ct_zone(ct); 300 u16 zone = nf_ct_zone(ct);
213 301
214 /* 1) If this srcip/proto/src-proto-part is currently mapped, 302 rcu_read_lock();
215 and that same mapping gives a unique tuple within the given 303 l3proto = __nf_nat_l3proto_find(orig_tuple->src.l3num);
216 range, use that. 304 l4proto = __nf_nat_l4proto_find(orig_tuple->src.l3num,
305 orig_tuple->dst.protonum);
217 306
218 This is only required for source (ie. NAT/masq) mappings. 307 /* 1) If this srcip/proto/src-proto-part is currently mapped,
219 So far, we don't do local source mappings, so multiple 308 * and that same mapping gives a unique tuple within the given
220 manips not an issue. */ 309 * range, use that.
310 *
311 * This is only required for source (ie. NAT/masq) mappings.
312 * So far, we don't do local source mappings, so multiple
313 * manips not an issue.
314 */
221 if (maniptype == NF_NAT_MANIP_SRC && 315 if (maniptype == NF_NAT_MANIP_SRC &&
222 !(range->flags & NF_NAT_RANGE_PROTO_RANDOM)) { 316 !(range->flags & NF_NAT_RANGE_PROTO_RANDOM)) {
223 /* try the original tuple first */ 317 /* try the original tuple first */
224 if (in_range(orig_tuple, range)) { 318 if (in_range(l3proto, l4proto, orig_tuple, range)) {
225 if (!nf_nat_used_tuple(orig_tuple, ct)) { 319 if (!nf_nat_used_tuple(orig_tuple, ct)) {
226 *tuple = *orig_tuple; 320 *tuple = *orig_tuple;
227 return; 321 goto out;
228 } 322 }
229 } else if (find_appropriate_src(net, zone, orig_tuple, tuple, 323 } else if (find_appropriate_src(net, zone, l3proto, l4proto,
230 range)) { 324 orig_tuple, tuple, range)) {
231 pr_debug("get_unique_tuple: Found current src map\n"); 325 pr_debug("get_unique_tuple: Found current src map\n");
232 if (!nf_nat_used_tuple(tuple, ct)) 326 if (!nf_nat_used_tuple(tuple, ct))
233 return; 327 goto out;
234 } 328 }
235 } 329 }
236 330
237 /* 2) Select the least-used IP/proto combination in the given 331 /* 2) Select the least-used IP/proto combination in the given range */
238 range. */
239 *tuple = *orig_tuple; 332 *tuple = *orig_tuple;
240 find_best_ips_proto(zone, tuple, range, ct, maniptype); 333 find_best_ips_proto(zone, tuple, range, ct, maniptype);
241 334
242 /* 3) The per-protocol part of the manip is made to map into 335 /* 3) The per-protocol part of the manip is made to map into
243 the range to make a unique tuple. */ 336 * the range to make a unique tuple.
244 337 */
245 rcu_read_lock();
246 proto = __nf_nat_proto_find(orig_tuple->dst.protonum);
247 338
248 /* Only bother mapping if it's not already in range and unique */ 339 /* Only bother mapping if it's not already in range and unique */
249 if (!(range->flags & NF_NAT_RANGE_PROTO_RANDOM)) { 340 if (!(range->flags & NF_NAT_RANGE_PROTO_RANDOM)) {
250 if (range->flags & NF_NAT_RANGE_PROTO_SPECIFIED) { 341 if (range->flags & NF_NAT_RANGE_PROTO_SPECIFIED) {
251 if (proto->in_range(tuple, maniptype, &range->min, 342 if (l4proto->in_range(tuple, maniptype,
252 &range->max) && 343 &range->min_proto,
253 (range->min.all == range->max.all || 344 &range->max_proto) &&
345 (range->min_proto.all == range->max_proto.all ||
254 !nf_nat_used_tuple(tuple, ct))) 346 !nf_nat_used_tuple(tuple, ct)))
255 goto out; 347 goto out;
256 } else if (!nf_nat_used_tuple(tuple, ct)) { 348 } else if (!nf_nat_used_tuple(tuple, ct)) {
@@ -259,14 +351,14 @@ get_unique_tuple(struct nf_conntrack_tuple *tuple,
259 } 351 }
260 352
261 /* Last change: get protocol to try to obtain unique tuple. */ 353 /* Last change: get protocol to try to obtain unique tuple. */
262 proto->unique_tuple(tuple, range, maniptype, ct); 354 l4proto->unique_tuple(l3proto, tuple, range, maniptype, ct);
263out: 355out:
264 rcu_read_unlock(); 356 rcu_read_unlock();
265} 357}
266 358
267unsigned int 359unsigned int
268nf_nat_setup_info(struct nf_conn *ct, 360nf_nat_setup_info(struct nf_conn *ct,
269 const struct nf_nat_ipv4_range *range, 361 const struct nf_nat_range *range,
270 enum nf_nat_manip_type maniptype) 362 enum nf_nat_manip_type maniptype)
271{ 363{
272 struct net *net = nf_ct_net(ct); 364 struct net *net = nf_ct_net(ct);
@@ -288,10 +380,10 @@ nf_nat_setup_info(struct nf_conn *ct,
288 BUG_ON(nf_nat_initialized(ct, maniptype)); 380 BUG_ON(nf_nat_initialized(ct, maniptype));
289 381
290 /* What we've got will look like inverse of reply. Normally 382 /* What we've got will look like inverse of reply. Normally
291 this is what is in the conntrack, except for prior 383 * this is what is in the conntrack, except for prior
292 manipulations (future optimization: if num_manips == 0, 384 * manipulations (future optimization: if num_manips == 0,
293 orig_tp = 385 * orig_tp = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple)
294 conntrack->tuplehash[IP_CT_DIR_ORIGINAL].tuple) */ 386 */
295 nf_ct_invert_tuplepr(&curr_tuple, 387 nf_ct_invert_tuplepr(&curr_tuple,
296 &ct->tuplehash[IP_CT_DIR_REPLY].tuple); 388 &ct->tuplehash[IP_CT_DIR_REPLY].tuple);
297 389
@@ -317,11 +409,11 @@ nf_nat_setup_info(struct nf_conn *ct,
317 srchash = hash_by_src(net, nf_ct_zone(ct), 409 srchash = hash_by_src(net, nf_ct_zone(ct),
318 &ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple); 410 &ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple);
319 spin_lock_bh(&nf_nat_lock); 411 spin_lock_bh(&nf_nat_lock);
320 /* nf_conntrack_alter_reply might re-allocate extension area */ 412 /* nf_conntrack_alter_reply might re-allocate extension aera */
321 nat = nfct_nat(ct); 413 nat = nfct_nat(ct);
322 nat->ct = ct; 414 nat->ct = ct;
323 hlist_add_head_rcu(&nat->bysource, 415 hlist_add_head_rcu(&nat->bysource,
324 &net->ipv4.nat_bysource[srchash]); 416 &net->ct.nat_bysource[srchash]);
325 spin_unlock_bh(&nf_nat_lock); 417 spin_unlock_bh(&nf_nat_lock);
326 } 418 }
327 419
@@ -335,47 +427,14 @@ nf_nat_setup_info(struct nf_conn *ct,
335} 427}
336EXPORT_SYMBOL(nf_nat_setup_info); 428EXPORT_SYMBOL(nf_nat_setup_info);
337 429
338/* Returns true if succeeded. */
339static bool
340manip_pkt(u_int16_t proto,
341 struct sk_buff *skb,
342 unsigned int iphdroff,
343 const struct nf_conntrack_tuple *target,
344 enum nf_nat_manip_type maniptype)
345{
346 struct iphdr *iph;
347 const struct nf_nat_protocol *p;
348
349 if (!skb_make_writable(skb, iphdroff + sizeof(*iph)))
350 return false;
351
352 iph = (void *)skb->data + iphdroff;
353
354 /* Manipulate protcol part. */
355
356 /* rcu_read_lock()ed by nf_hook_slow */
357 p = __nf_nat_proto_find(proto);
358 if (!p->manip_pkt(skb, iphdroff, target, maniptype))
359 return false;
360
361 iph = (void *)skb->data + iphdroff;
362
363 if (maniptype == NF_NAT_MANIP_SRC) {
364 csum_replace4(&iph->check, iph->saddr, target->src.u3.ip);
365 iph->saddr = target->src.u3.ip;
366 } else {
367 csum_replace4(&iph->check, iph->daddr, target->dst.u3.ip);
368 iph->daddr = target->dst.u3.ip;
369 }
370 return true;
371}
372
373/* Do packet manipulations according to nf_nat_setup_info. */ 430/* Do packet manipulations according to nf_nat_setup_info. */
374unsigned int nf_nat_packet(struct nf_conn *ct, 431unsigned int nf_nat_packet(struct nf_conn *ct,
375 enum ip_conntrack_info ctinfo, 432 enum ip_conntrack_info ctinfo,
376 unsigned int hooknum, 433 unsigned int hooknum,
377 struct sk_buff *skb) 434 struct sk_buff *skb)
378{ 435{
436 const struct nf_nat_l3proto *l3proto;
437 const struct nf_nat_l4proto *l4proto;
379 enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo); 438 enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo);
380 unsigned long statusbit; 439 unsigned long statusbit;
381 enum nf_nat_manip_type mtype = HOOK2MANIP(hooknum); 440 enum nf_nat_manip_type mtype = HOOK2MANIP(hooknum);
@@ -396,129 +455,176 @@ unsigned int nf_nat_packet(struct nf_conn *ct,
396 /* We are aiming to look like inverse of other direction. */ 455 /* We are aiming to look like inverse of other direction. */
397 nf_ct_invert_tuplepr(&target, &ct->tuplehash[!dir].tuple); 456 nf_ct_invert_tuplepr(&target, &ct->tuplehash[!dir].tuple);
398 457
399 if (!manip_pkt(target.dst.protonum, skb, 0, &target, mtype)) 458 l3proto = __nf_nat_l3proto_find(target.src.l3num);
459 l4proto = __nf_nat_l4proto_find(target.src.l3num,
460 target.dst.protonum);
461 if (!l3proto->manip_pkt(skb, 0, l4proto, &target, mtype))
400 return NF_DROP; 462 return NF_DROP;
401 } 463 }
402 return NF_ACCEPT; 464 return NF_ACCEPT;
403} 465}
404EXPORT_SYMBOL_GPL(nf_nat_packet); 466EXPORT_SYMBOL_GPL(nf_nat_packet);
405 467
406/* Dir is direction ICMP is coming from (opposite to packet it contains) */ 468struct nf_nat_proto_clean {
407int nf_nat_icmp_reply_translation(struct nf_conn *ct, 469 u8 l3proto;
408 enum ip_conntrack_info ctinfo, 470 u8 l4proto;
409 unsigned int hooknum, 471 bool hash;
410 struct sk_buff *skb) 472};
473
474/* Clear NAT section of all conntracks, in case we're loaded again. */
475static int nf_nat_proto_clean(struct nf_conn *i, void *data)
411{ 476{
412 struct { 477 const struct nf_nat_proto_clean *clean = data;
413 struct icmphdr icmp; 478 struct nf_conn_nat *nat = nfct_nat(i);
414 struct iphdr ip;
415 } *inside;
416 struct nf_conntrack_tuple target;
417 int hdrlen = ip_hdrlen(skb);
418 enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo);
419 unsigned long statusbit;
420 enum nf_nat_manip_type manip = HOOK2MANIP(hooknum);
421 479
422 if (!skb_make_writable(skb, hdrlen + sizeof(*inside))) 480 if (!nat)
423 return 0; 481 return 0;
424 482 if (!(i->status & IPS_SRC_NAT_DONE))
425 inside = (void *)skb->data + hdrlen; 483 return 0;
426 484 if ((clean->l3proto && nf_ct_l3num(i) != clean->l3proto) ||
427 /* We're actually going to mangle it beyond trivial checksum 485 (clean->l4proto && nf_ct_protonum(i) != clean->l4proto))
428 adjustment, so make sure the current checksum is correct. */
429 if (nf_ip_checksum(skb, hooknum, hdrlen, 0))
430 return 0; 486 return 0;
431 487
432 /* Must be RELATED */ 488 if (clean->hash) {
433 NF_CT_ASSERT(skb->nfctinfo == IP_CT_RELATED || 489 spin_lock_bh(&nf_nat_lock);
434 skb->nfctinfo == IP_CT_RELATED_REPLY); 490 hlist_del_rcu(&nat->bysource);
435 491 spin_unlock_bh(&nf_nat_lock);
436 /* Redirects on non-null nats must be dropped, else they'll 492 } else {
437 start talking to each other without our translation, and be 493 memset(nat, 0, sizeof(*nat));
438 confused... --RR */ 494 i->status &= ~(IPS_NAT_MASK | IPS_NAT_DONE_MASK |
439 if (inside->icmp.type == ICMP_REDIRECT) { 495 IPS_SEQ_ADJUST);
440 /* If NAT isn't finished, assume it and drop. */
441 if ((ct->status & IPS_NAT_DONE_MASK) != IPS_NAT_DONE_MASK)
442 return 0;
443
444 if (ct->status & IPS_NAT_MASK)
445 return 0;
446 } 496 }
497 return 0;
498}
447 499
448 if (manip == NF_NAT_MANIP_SRC) 500static void nf_nat_l4proto_clean(u8 l3proto, u8 l4proto)
449 statusbit = IPS_SRC_NAT; 501{
450 else 502 struct nf_nat_proto_clean clean = {
451 statusbit = IPS_DST_NAT; 503 .l3proto = l3proto,
452 504 .l4proto = l4proto,
453 /* Invert if this is reply dir. */ 505 };
454 if (dir == IP_CT_DIR_REPLY) 506 struct net *net;
455 statusbit ^= IPS_NAT_MASK; 507
456 508 rtnl_lock();
457 if (!(ct->status & statusbit)) 509 /* Step 1 - remove from bysource hash */
458 return 1; 510 clean.hash = true;
459 511 for_each_net(net)
460 pr_debug("icmp_reply_translation: translating error %p manip %u " 512 nf_ct_iterate_cleanup(net, nf_nat_proto_clean, &clean);
461 "dir %s\n", skb, manip, 513 synchronize_rcu();
462 dir == IP_CT_DIR_ORIGINAL ? "ORIG" : "REPLY");
463
464 /* Change inner back to look like incoming packet. We do the
465 opposite manip on this hook to normal, because it might not
466 pass all hooks (locally-generated ICMP). Consider incoming
467 packet: PREROUTING (DST manip), routing produces ICMP, goes
468 through POSTROUTING (which must correct the DST manip). */
469 if (!manip_pkt(inside->ip.protocol, skb, hdrlen + sizeof(inside->icmp),
470 &ct->tuplehash[!dir].tuple, !manip))
471 return 0;
472 514
473 if (skb->ip_summed != CHECKSUM_PARTIAL) { 515 /* Step 2 - clean NAT section */
474 /* Reloading "inside" here since manip_pkt inner. */ 516 clean.hash = false;
475 inside = (void *)skb->data + hdrlen; 517 for_each_net(net)
476 inside->icmp.checksum = 0; 518 nf_ct_iterate_cleanup(net, nf_nat_proto_clean, &clean);
477 inside->icmp.checksum = 519 rtnl_unlock();
478 csum_fold(skb_checksum(skb, hdrlen, 520}
479 skb->len - hdrlen, 0));
480 }
481 521
482 /* Change outer to look the reply to an incoming packet 522static void nf_nat_l3proto_clean(u8 l3proto)
483 * (proto 0 means don't invert per-proto part). */ 523{
484 nf_ct_invert_tuplepr(&target, &ct->tuplehash[!dir].tuple); 524 struct nf_nat_proto_clean clean = {
485 if (!manip_pkt(0, skb, 0, &target, manip)) 525 .l3proto = l3proto,
486 return 0; 526 };
527 struct net *net;
528
529 rtnl_lock();
530 /* Step 1 - remove from bysource hash */
531 clean.hash = true;
532 for_each_net(net)
533 nf_ct_iterate_cleanup(net, nf_nat_proto_clean, &clean);
534 synchronize_rcu();
487 535
488 return 1; 536 /* Step 2 - clean NAT section */
537 clean.hash = false;
538 for_each_net(net)
539 nf_ct_iterate_cleanup(net, nf_nat_proto_clean, &clean);
540 rtnl_unlock();
489} 541}
490EXPORT_SYMBOL_GPL(nf_nat_icmp_reply_translation);
491 542
492/* Protocol registration. */ 543/* Protocol registration. */
493int nf_nat_protocol_register(const struct nf_nat_protocol *proto) 544int nf_nat_l4proto_register(u8 l3proto, const struct nf_nat_l4proto *l4proto)
494{ 545{
546 const struct nf_nat_l4proto **l4protos;
547 unsigned int i;
495 int ret = 0; 548 int ret = 0;
496 549
497 spin_lock_bh(&nf_nat_lock); 550 mutex_lock(&nf_nat_proto_mutex);
551 if (nf_nat_l4protos[l3proto] == NULL) {
552 l4protos = kmalloc(IPPROTO_MAX * sizeof(struct nf_nat_l4proto *),
553 GFP_KERNEL);
554 if (l4protos == NULL) {
555 ret = -ENOMEM;
556 goto out;
557 }
558
559 for (i = 0; i < IPPROTO_MAX; i++)
560 RCU_INIT_POINTER(l4protos[i], &nf_nat_l4proto_unknown);
561
562 /* Before making proto_array visible to lockless readers,
563 * we must make sure its content is committed to memory.
564 */
565 smp_wmb();
566
567 nf_nat_l4protos[l3proto] = l4protos;
568 }
569
498 if (rcu_dereference_protected( 570 if (rcu_dereference_protected(
499 nf_nat_protos[proto->protonum], 571 nf_nat_l4protos[l3proto][l4proto->l4proto],
500 lockdep_is_held(&nf_nat_lock) 572 lockdep_is_held(&nf_nat_proto_mutex)
501 ) != &nf_nat_unknown_protocol) { 573 ) != &nf_nat_l4proto_unknown) {
502 ret = -EBUSY; 574 ret = -EBUSY;
503 goto out; 575 goto out;
504 } 576 }
505 RCU_INIT_POINTER(nf_nat_protos[proto->protonum], proto); 577 RCU_INIT_POINTER(nf_nat_l4protos[l3proto][l4proto->l4proto], l4proto);
506 out: 578 out:
507 spin_unlock_bh(&nf_nat_lock); 579 mutex_unlock(&nf_nat_proto_mutex);
508 return ret; 580 return ret;
509} 581}
510EXPORT_SYMBOL(nf_nat_protocol_register); 582EXPORT_SYMBOL_GPL(nf_nat_l4proto_register);
511 583
512/* No one stores the protocol anywhere; simply delete it. */ 584/* No one stores the protocol anywhere; simply delete it. */
513void nf_nat_protocol_unregister(const struct nf_nat_protocol *proto) 585void nf_nat_l4proto_unregister(u8 l3proto, const struct nf_nat_l4proto *l4proto)
514{ 586{
515 spin_lock_bh(&nf_nat_lock); 587 mutex_lock(&nf_nat_proto_mutex);
516 RCU_INIT_POINTER(nf_nat_protos[proto->protonum], 588 RCU_INIT_POINTER(nf_nat_l4protos[l3proto][l4proto->l4proto],
517 &nf_nat_unknown_protocol); 589 &nf_nat_l4proto_unknown);
518 spin_unlock_bh(&nf_nat_lock); 590 mutex_unlock(&nf_nat_proto_mutex);
519 synchronize_rcu(); 591 synchronize_rcu();
592
593 nf_nat_l4proto_clean(l3proto, l4proto->l4proto);
594}
595EXPORT_SYMBOL_GPL(nf_nat_l4proto_unregister);
596
597int nf_nat_l3proto_register(const struct nf_nat_l3proto *l3proto)
598{
599 int err;
600
601 err = nf_ct_l3proto_try_module_get(l3proto->l3proto);
602 if (err < 0)
603 return err;
604
605 mutex_lock(&nf_nat_proto_mutex);
606 RCU_INIT_POINTER(nf_nat_l4protos[l3proto->l3proto][IPPROTO_TCP],
607 &nf_nat_l4proto_tcp);
608 RCU_INIT_POINTER(nf_nat_l4protos[l3proto->l3proto][IPPROTO_UDP],
609 &nf_nat_l4proto_udp);
610 mutex_unlock(&nf_nat_proto_mutex);
611
612 RCU_INIT_POINTER(nf_nat_l3protos[l3proto->l3proto], l3proto);
613 return 0;
614}
615EXPORT_SYMBOL_GPL(nf_nat_l3proto_register);
616
617void nf_nat_l3proto_unregister(const struct nf_nat_l3proto *l3proto)
618{
619 mutex_lock(&nf_nat_proto_mutex);
620 RCU_INIT_POINTER(nf_nat_l3protos[l3proto->l3proto], NULL);
621 mutex_unlock(&nf_nat_proto_mutex);
622 synchronize_rcu();
623
624 nf_nat_l3proto_clean(l3proto->l3proto);
625 nf_ct_l3proto_module_put(l3proto->l3proto);
520} 626}
521EXPORT_SYMBOL(nf_nat_protocol_unregister); 627EXPORT_SYMBOL_GPL(nf_nat_l3proto_unregister);
522 628
523/* No one using conntrack by the time this called. */ 629/* No one using conntrack by the time this called. */
524static void nf_nat_cleanup_conntrack(struct nf_conn *ct) 630static void nf_nat_cleanup_conntrack(struct nf_conn *ct)
@@ -570,34 +676,36 @@ static const struct nla_policy protonat_nla_policy[CTA_PROTONAT_MAX+1] = {
570 676
571static int nfnetlink_parse_nat_proto(struct nlattr *attr, 677static int nfnetlink_parse_nat_proto(struct nlattr *attr,
572 const struct nf_conn *ct, 678 const struct nf_conn *ct,
573 struct nf_nat_ipv4_range *range) 679 struct nf_nat_range *range)
574{ 680{
575 struct nlattr *tb[CTA_PROTONAT_MAX+1]; 681 struct nlattr *tb[CTA_PROTONAT_MAX+1];
576 const struct nf_nat_protocol *npt; 682 const struct nf_nat_l4proto *l4proto;
577 int err; 683 int err;
578 684
579 err = nla_parse_nested(tb, CTA_PROTONAT_MAX, attr, protonat_nla_policy); 685 err = nla_parse_nested(tb, CTA_PROTONAT_MAX, attr, protonat_nla_policy);
580 if (err < 0) 686 if (err < 0)
581 return err; 687 return err;
582 688
583 rcu_read_lock(); 689 l4proto = __nf_nat_l4proto_find(nf_ct_l3num(ct), nf_ct_protonum(ct));
584 npt = __nf_nat_proto_find(nf_ct_protonum(ct)); 690 if (l4proto->nlattr_to_range)
585 if (npt->nlattr_to_range) 691 err = l4proto->nlattr_to_range(tb, range);
586 err = npt->nlattr_to_range(tb, range); 692
587 rcu_read_unlock();
588 return err; 693 return err;
589} 694}
590 695
591static const struct nla_policy nat_nla_policy[CTA_NAT_MAX+1] = { 696static const struct nla_policy nat_nla_policy[CTA_NAT_MAX+1] = {
592 [CTA_NAT_MINIP] = { .type = NLA_U32 }, 697 [CTA_NAT_V4_MINIP] = { .type = NLA_U32 },
593 [CTA_NAT_MAXIP] = { .type = NLA_U32 }, 698 [CTA_NAT_V4_MAXIP] = { .type = NLA_U32 },
699 [CTA_NAT_V6_MINIP] = { .len = sizeof(struct in6_addr) },
700 [CTA_NAT_V6_MAXIP] = { .len = sizeof(struct in6_addr) },
594 [CTA_NAT_PROTO] = { .type = NLA_NESTED }, 701 [CTA_NAT_PROTO] = { .type = NLA_NESTED },
595}; 702};
596 703
597static int 704static int
598nfnetlink_parse_nat(const struct nlattr *nat, 705nfnetlink_parse_nat(const struct nlattr *nat,
599 const struct nf_conn *ct, struct nf_nat_ipv4_range *range) 706 const struct nf_conn *ct, struct nf_nat_range *range)
600{ 707{
708 const struct nf_nat_l3proto *l3proto;
601 struct nlattr *tb[CTA_NAT_MAX+1]; 709 struct nlattr *tb[CTA_NAT_MAX+1];
602 int err; 710 int err;
603 711
@@ -607,25 +715,23 @@ nfnetlink_parse_nat(const struct nlattr *nat,
607 if (err < 0) 715 if (err < 0)
608 return err; 716 return err;
609 717
610 if (tb[CTA_NAT_MINIP]) 718 rcu_read_lock();
611 range->min_ip = nla_get_be32(tb[CTA_NAT_MINIP]); 719 l3proto = __nf_nat_l3proto_find(nf_ct_l3num(ct));
612 720 if (l3proto == NULL) {
613 if (!tb[CTA_NAT_MAXIP]) 721 err = -EAGAIN;
614 range->max_ip = range->min_ip; 722 goto out;
615 else 723 }
616 range->max_ip = nla_get_be32(tb[CTA_NAT_MAXIP]); 724 err = l3proto->nlattr_to_range(tb, range);
617 725 if (err < 0)
618 if (range->min_ip) 726 goto out;
619 range->flags |= NF_NAT_RANGE_MAP_IPS;
620 727
621 if (!tb[CTA_NAT_PROTO]) 728 if (!tb[CTA_NAT_PROTO])
622 return 0; 729 goto out;
623 730
624 err = nfnetlink_parse_nat_proto(tb[CTA_NAT_PROTO], ct, range); 731 err = nfnetlink_parse_nat_proto(tb[CTA_NAT_PROTO], ct, range);
625 if (err < 0) 732out:
626 return err; 733 rcu_read_unlock();
627 734 return err;
628 return 0;
629} 735}
630 736
631static int 737static int
@@ -633,10 +739,12 @@ nfnetlink_parse_nat_setup(struct nf_conn *ct,
633 enum nf_nat_manip_type manip, 739 enum nf_nat_manip_type manip,
634 const struct nlattr *attr) 740 const struct nlattr *attr)
635{ 741{
636 struct nf_nat_ipv4_range range; 742 struct nf_nat_range range;
743 int err;
637 744
638 if (nfnetlink_parse_nat(attr, ct, &range) < 0) 745 err = nfnetlink_parse_nat(attr, ct, &range);
639 return -EINVAL; 746 if (err < 0)
747 return err;
640 if (nf_nat_initialized(ct, manip)) 748 if (nf_nat_initialized(ct, manip))
641 return -EEXIST; 749 return -EEXIST;
642 750
@@ -655,30 +763,20 @@ nfnetlink_parse_nat_setup(struct nf_conn *ct,
655static int __net_init nf_nat_net_init(struct net *net) 763static int __net_init nf_nat_net_init(struct net *net)
656{ 764{
657 /* Leave them the same for the moment. */ 765 /* Leave them the same for the moment. */
658 net->ipv4.nat_htable_size = net->ct.htable_size; 766 net->ct.nat_htable_size = net->ct.htable_size;
659 net->ipv4.nat_bysource = nf_ct_alloc_hashtable(&net->ipv4.nat_htable_size, 0); 767 net->ct.nat_bysource = nf_ct_alloc_hashtable(&net->ct.nat_htable_size, 0);
660 if (!net->ipv4.nat_bysource) 768 if (!net->ct.nat_bysource)
661 return -ENOMEM; 769 return -ENOMEM;
662 return 0; 770 return 0;
663} 771}
664 772
665/* Clear NAT section of all conntracks, in case we're loaded again. */
666static int clean_nat(struct nf_conn *i, void *data)
667{
668 struct nf_conn_nat *nat = nfct_nat(i);
669
670 if (!nat)
671 return 0;
672 memset(nat, 0, sizeof(*nat));
673 i->status &= ~(IPS_NAT_MASK | IPS_NAT_DONE_MASK | IPS_SEQ_ADJUST);
674 return 0;
675}
676
677static void __net_exit nf_nat_net_exit(struct net *net) 773static void __net_exit nf_nat_net_exit(struct net *net)
678{ 774{
679 nf_ct_iterate_cleanup(net, &clean_nat, NULL); 775 struct nf_nat_proto_clean clean = {};
776
777 nf_ct_iterate_cleanup(net, &nf_nat_proto_clean, &clean);
680 synchronize_rcu(); 778 synchronize_rcu();
681 nf_ct_free_hashtable(net->ipv4.nat_bysource, net->ipv4.nat_htable_size); 779 nf_ct_free_hashtable(net->ct.nat_bysource, net->ct.nat_htable_size);
682} 780}
683 781
684static struct pernet_operations nf_nat_net_ops = { 782static struct pernet_operations nf_nat_net_ops = {
@@ -697,11 +795,8 @@ static struct nfq_ct_nat_hook nfq_ct_nat = {
697 795
698static int __init nf_nat_init(void) 796static int __init nf_nat_init(void)
699{ 797{
700 size_t i;
701 int ret; 798 int ret;
702 799
703 need_ipv4_conntrack();
704
705 ret = nf_ct_extend_register(&nat_extend); 800 ret = nf_ct_extend_register(&nat_extend);
706 if (ret < 0) { 801 if (ret < 0) {
707 printk(KERN_ERR "nf_nat_core: Unable to register extension\n"); 802 printk(KERN_ERR "nf_nat_core: Unable to register extension\n");
@@ -712,22 +807,11 @@ static int __init nf_nat_init(void)
712 if (ret < 0) 807 if (ret < 0)
713 goto cleanup_extend; 808 goto cleanup_extend;
714 809
715 /* Sew in builtin protocols. */ 810 nf_ct_helper_expectfn_register(&follow_master_nat);
716 spin_lock_bh(&nf_nat_lock);
717 for (i = 0; i < MAX_IP_NAT_PROTO; i++)
718 RCU_INIT_POINTER(nf_nat_protos[i], &nf_nat_unknown_protocol);
719 RCU_INIT_POINTER(nf_nat_protos[IPPROTO_TCP], &nf_nat_protocol_tcp);
720 RCU_INIT_POINTER(nf_nat_protos[IPPROTO_UDP], &nf_nat_protocol_udp);
721 RCU_INIT_POINTER(nf_nat_protos[IPPROTO_ICMP], &nf_nat_protocol_icmp);
722 spin_unlock_bh(&nf_nat_lock);
723 811
724 /* Initialize fake conntrack so that NAT will skip it */ 812 /* Initialize fake conntrack so that NAT will skip it */
725 nf_ct_untracked_status_or(IPS_NAT_DONE_MASK); 813 nf_ct_untracked_status_or(IPS_NAT_DONE_MASK);
726 814
727 l3proto = nf_ct_l3proto_find_get((u_int16_t)AF_INET);
728
729 nf_ct_helper_expectfn_register(&follow_master_nat);
730
731 BUG_ON(nf_nat_seq_adjust_hook != NULL); 815 BUG_ON(nf_nat_seq_adjust_hook != NULL);
732 RCU_INIT_POINTER(nf_nat_seq_adjust_hook, nf_nat_seq_adjust); 816 RCU_INIT_POINTER(nf_nat_seq_adjust_hook, nf_nat_seq_adjust);
733 BUG_ON(nfnetlink_parse_nat_setup_hook != NULL); 817 BUG_ON(nfnetlink_parse_nat_setup_hook != NULL);
@@ -736,6 +820,10 @@ static int __init nf_nat_init(void)
736 BUG_ON(nf_ct_nat_offset != NULL); 820 BUG_ON(nf_ct_nat_offset != NULL);
737 RCU_INIT_POINTER(nf_ct_nat_offset, nf_nat_get_offset); 821 RCU_INIT_POINTER(nf_ct_nat_offset, nf_nat_get_offset);
738 RCU_INIT_POINTER(nfq_ct_nat_hook, &nfq_ct_nat); 822 RCU_INIT_POINTER(nfq_ct_nat_hook, &nfq_ct_nat);
823#ifdef CONFIG_XFRM
824 BUG_ON(nf_nat_decode_session_hook != NULL);
825 RCU_INIT_POINTER(nf_nat_decode_session_hook, __nf_nat_decode_session);
826#endif
739 return 0; 827 return 0;
740 828
741 cleanup_extend: 829 cleanup_extend:
@@ -745,19 +833,24 @@ static int __init nf_nat_init(void)
745 833
746static void __exit nf_nat_cleanup(void) 834static void __exit nf_nat_cleanup(void)
747{ 835{
836 unsigned int i;
837
748 unregister_pernet_subsys(&nf_nat_net_ops); 838 unregister_pernet_subsys(&nf_nat_net_ops);
749 nf_ct_l3proto_put(l3proto);
750 nf_ct_extend_unregister(&nat_extend); 839 nf_ct_extend_unregister(&nat_extend);
751 nf_ct_helper_expectfn_unregister(&follow_master_nat); 840 nf_ct_helper_expectfn_unregister(&follow_master_nat);
752 RCU_INIT_POINTER(nf_nat_seq_adjust_hook, NULL); 841 RCU_INIT_POINTER(nf_nat_seq_adjust_hook, NULL);
753 RCU_INIT_POINTER(nfnetlink_parse_nat_setup_hook, NULL); 842 RCU_INIT_POINTER(nfnetlink_parse_nat_setup_hook, NULL);
754 RCU_INIT_POINTER(nf_ct_nat_offset, NULL); 843 RCU_INIT_POINTER(nf_ct_nat_offset, NULL);
755 RCU_INIT_POINTER(nfq_ct_nat_hook, NULL); 844 RCU_INIT_POINTER(nfq_ct_nat_hook, NULL);
845#ifdef CONFIG_XFRM
846 RCU_INIT_POINTER(nf_nat_decode_session_hook, NULL);
847#endif
848 for (i = 0; i < NFPROTO_NUMPROTO; i++)
849 kfree(nf_nat_l4protos[i]);
756 synchronize_net(); 850 synchronize_net();
757} 851}
758 852
759MODULE_LICENSE("GPL"); 853MODULE_LICENSE("GPL");
760MODULE_ALIAS("nf-nat-ipv4");
761 854
762module_init(nf_nat_init); 855module_init(nf_nat_init);
763module_exit(nf_nat_cleanup); 856module_exit(nf_nat_cleanup);
diff --git a/net/ipv4/netfilter/nf_nat_ftp.c b/net/netfilter/nf_nat_ftp.c
index e462a957d080..e839b97b2863 100644
--- a/net/ipv4/netfilter/nf_nat_ftp.c
+++ b/net/netfilter/nf_nat_ftp.c
@@ -10,12 +10,11 @@
10 10
11#include <linux/module.h> 11#include <linux/module.h>
12#include <linux/moduleparam.h> 12#include <linux/moduleparam.h>
13#include <linux/ip.h> 13#include <linux/inet.h>
14#include <linux/tcp.h> 14#include <linux/tcp.h>
15#include <linux/netfilter_ipv4.h> 15#include <linux/netfilter_ipv4.h>
16#include <net/netfilter/nf_nat.h> 16#include <net/netfilter/nf_nat.h>
17#include <net/netfilter/nf_nat_helper.h> 17#include <net/netfilter/nf_nat_helper.h>
18#include <net/netfilter/nf_nat_rule.h>
19#include <net/netfilter/nf_conntrack_helper.h> 18#include <net/netfilter/nf_conntrack_helper.h>
20#include <net/netfilter/nf_conntrack_expect.h> 19#include <net/netfilter/nf_conntrack_expect.h>
21#include <linux/netfilter/nf_conntrack_ftp.h> 20#include <linux/netfilter/nf_conntrack_ftp.h>
@@ -27,22 +26,27 @@ MODULE_ALIAS("ip_nat_ftp");
27 26
28/* FIXME: Time out? --RR */ 27/* FIXME: Time out? --RR */
29 28
30static int nf_nat_ftp_fmt_cmd(enum nf_ct_ftp_type type, 29static int nf_nat_ftp_fmt_cmd(struct nf_conn *ct, enum nf_ct_ftp_type type,
31 char *buffer, size_t buflen, 30 char *buffer, size_t buflen,
32 __be32 addr, u16 port) 31 union nf_inet_addr *addr, u16 port)
33{ 32{
34 switch (type) { 33 switch (type) {
35 case NF_CT_FTP_PORT: 34 case NF_CT_FTP_PORT:
36 case NF_CT_FTP_PASV: 35 case NF_CT_FTP_PASV:
37 return snprintf(buffer, buflen, "%u,%u,%u,%u,%u,%u", 36 return snprintf(buffer, buflen, "%u,%u,%u,%u,%u,%u",
38 ((unsigned char *)&addr)[0], 37 ((unsigned char *)&addr->ip)[0],
39 ((unsigned char *)&addr)[1], 38 ((unsigned char *)&addr->ip)[1],
40 ((unsigned char *)&addr)[2], 39 ((unsigned char *)&addr->ip)[2],
41 ((unsigned char *)&addr)[3], 40 ((unsigned char *)&addr->ip)[3],
42 port >> 8, 41 port >> 8,
43 port & 0xFF); 42 port & 0xFF);
44 case NF_CT_FTP_EPRT: 43 case NF_CT_FTP_EPRT:
45 return snprintf(buffer, buflen, "|1|%pI4|%u|", &addr, port); 44 if (nf_ct_l3num(ct) == NFPROTO_IPV4)
45 return snprintf(buffer, buflen, "|1|%pI4|%u|",
46 &addr->ip, port);
47 else
48 return snprintf(buffer, buflen, "|2|%pI6|%u|",
49 &addr->ip6, port);
46 case NF_CT_FTP_EPSV: 50 case NF_CT_FTP_EPSV:
47 return snprintf(buffer, buflen, "|||%u|", port); 51 return snprintf(buffer, buflen, "|||%u|", port);
48 } 52 }
@@ -55,21 +59,22 @@ static int nf_nat_ftp_fmt_cmd(enum nf_ct_ftp_type type,
55static unsigned int nf_nat_ftp(struct sk_buff *skb, 59static unsigned int nf_nat_ftp(struct sk_buff *skb,
56 enum ip_conntrack_info ctinfo, 60 enum ip_conntrack_info ctinfo,
57 enum nf_ct_ftp_type type, 61 enum nf_ct_ftp_type type,
62 unsigned int protoff,
58 unsigned int matchoff, 63 unsigned int matchoff,
59 unsigned int matchlen, 64 unsigned int matchlen,
60 struct nf_conntrack_expect *exp) 65 struct nf_conntrack_expect *exp)
61{ 66{
62 __be32 newip; 67 union nf_inet_addr newaddr;
63 u_int16_t port; 68 u_int16_t port;
64 int dir = CTINFO2DIR(ctinfo); 69 int dir = CTINFO2DIR(ctinfo);
65 struct nf_conn *ct = exp->master; 70 struct nf_conn *ct = exp->master;
66 char buffer[sizeof("|1|255.255.255.255|65535|")]; 71 char buffer[sizeof("|1||65535|") + INET6_ADDRSTRLEN];
67 unsigned int buflen; 72 unsigned int buflen;
68 73
69 pr_debug("FTP_NAT: type %i, off %u len %u\n", type, matchoff, matchlen); 74 pr_debug("FTP_NAT: type %i, off %u len %u\n", type, matchoff, matchlen);
70 75
71 /* Connection will come from wherever this packet goes, hence !dir */ 76 /* Connection will come from wherever this packet goes, hence !dir */
72 newip = ct->tuplehash[!dir].tuple.dst.u3.ip; 77 newaddr = ct->tuplehash[!dir].tuple.dst.u3;
73 exp->saved_proto.tcp.port = exp->tuple.dst.u.tcp.port; 78 exp->saved_proto.tcp.port = exp->tuple.dst.u.tcp.port;
74 exp->dir = !dir; 79 exp->dir = !dir;
75 80
@@ -94,13 +99,14 @@ static unsigned int nf_nat_ftp(struct sk_buff *skb,
94 if (port == 0) 99 if (port == 0)
95 return NF_DROP; 100 return NF_DROP;
96 101
97 buflen = nf_nat_ftp_fmt_cmd(type, buffer, sizeof(buffer), newip, port); 102 buflen = nf_nat_ftp_fmt_cmd(ct, type, buffer, sizeof(buffer),
103 &newaddr, port);
98 if (!buflen) 104 if (!buflen)
99 goto out; 105 goto out;
100 106
101 pr_debug("calling nf_nat_mangle_tcp_packet\n"); 107 pr_debug("calling nf_nat_mangle_tcp_packet\n");
102 108
103 if (!nf_nat_mangle_tcp_packet(skb, ct, ctinfo, matchoff, 109 if (!nf_nat_mangle_tcp_packet(skb, ct, ctinfo, protoff, matchoff,
104 matchlen, buffer, buflen)) 110 matchlen, buffer, buflen))
105 goto out; 111 goto out;
106 112
diff --git a/net/ipv4/netfilter/nf_nat_helper.c b/net/netfilter/nf_nat_helper.c
index 2e59ad0b90ca..23c2b38676a6 100644
--- a/net/ipv4/netfilter/nf_nat_helper.c
+++ b/net/netfilter/nf_nat_helper.c
@@ -1,4 +1,4 @@
1/* ip_nat_helper.c - generic support functions for NAT helpers 1/* nf_nat_helper.c - generic support functions for NAT helpers
2 * 2 *
3 * (C) 2000-2002 Harald Welte <laforge@netfilter.org> 3 * (C) 2000-2002 Harald Welte <laforge@netfilter.org>
4 * (C) 2003-2006 Netfilter Core Team <coreteam@netfilter.org> 4 * (C) 2003-2006 Netfilter Core Team <coreteam@netfilter.org>
@@ -9,23 +9,19 @@
9 */ 9 */
10#include <linux/module.h> 10#include <linux/module.h>
11#include <linux/gfp.h> 11#include <linux/gfp.h>
12#include <linux/kmod.h>
13#include <linux/types.h> 12#include <linux/types.h>
14#include <linux/timer.h>
15#include <linux/skbuff.h> 13#include <linux/skbuff.h>
16#include <linux/tcp.h> 14#include <linux/tcp.h>
17#include <linux/udp.h> 15#include <linux/udp.h>
18#include <net/checksum.h>
19#include <net/tcp.h> 16#include <net/tcp.h>
20#include <net/route.h>
21 17
22#include <linux/netfilter_ipv4.h>
23#include <net/netfilter/nf_conntrack.h> 18#include <net/netfilter/nf_conntrack.h>
24#include <net/netfilter/nf_conntrack_helper.h> 19#include <net/netfilter/nf_conntrack_helper.h>
25#include <net/netfilter/nf_conntrack_ecache.h> 20#include <net/netfilter/nf_conntrack_ecache.h>
26#include <net/netfilter/nf_conntrack_expect.h> 21#include <net/netfilter/nf_conntrack_expect.h>
27#include <net/netfilter/nf_nat.h> 22#include <net/netfilter/nf_nat.h>
28#include <net/netfilter/nf_nat_protocol.h> 23#include <net/netfilter/nf_nat_l3proto.h>
24#include <net/netfilter/nf_nat_l4proto.h>
29#include <net/netfilter/nf_nat_core.h> 25#include <net/netfilter/nf_nat_core.h>
30#include <net/netfilter/nf_nat_helper.h> 26#include <net/netfilter/nf_nat_helper.h>
31 27
@@ -90,7 +86,6 @@ s16 nf_nat_get_offset(const struct nf_conn *ct,
90 86
91 return offset; 87 return offset;
92} 88}
93EXPORT_SYMBOL_GPL(nf_nat_get_offset);
94 89
95/* Frobs data inside this packet, which is linear. */ 90/* Frobs data inside this packet, which is linear. */
96static void mangle_contents(struct sk_buff *skb, 91static void mangle_contents(struct sk_buff *skb,
@@ -125,9 +120,13 @@ static void mangle_contents(struct sk_buff *skb,
125 __skb_trim(skb, skb->len + rep_len - match_len); 120 __skb_trim(skb, skb->len + rep_len - match_len);
126 } 121 }
127 122
128 /* fix IP hdr checksum information */ 123 if (nf_ct_l3num((struct nf_conn *)skb->nfct) == NFPROTO_IPV4) {
129 ip_hdr(skb)->tot_len = htons(skb->len); 124 /* fix IP hdr checksum information */
130 ip_send_check(ip_hdr(skb)); 125 ip_hdr(skb)->tot_len = htons(skb->len);
126 ip_send_check(ip_hdr(skb));
127 } else
128 ipv6_hdr(skb)->payload_len =
129 htons(skb->len - sizeof(struct ipv6hdr));
131} 130}
132 131
133/* Unusual, but possible case. */ 132/* Unusual, but possible case. */
@@ -166,35 +165,6 @@ void nf_nat_tcp_seq_adjust(struct sk_buff *skb, struct nf_conn *ct,
166} 165}
167EXPORT_SYMBOL_GPL(nf_nat_tcp_seq_adjust); 166EXPORT_SYMBOL_GPL(nf_nat_tcp_seq_adjust);
168 167
169static void nf_nat_csum(struct sk_buff *skb, const struct iphdr *iph, void *data,
170 int datalen, __sum16 *check, int oldlen)
171{
172 struct rtable *rt = skb_rtable(skb);
173
174 if (skb->ip_summed != CHECKSUM_PARTIAL) {
175 if (!(rt->rt_flags & RTCF_LOCAL) &&
176 (!skb->dev || skb->dev->features & NETIF_F_V4_CSUM)) {
177 skb->ip_summed = CHECKSUM_PARTIAL;
178 skb->csum_start = skb_headroom(skb) +
179 skb_network_offset(skb) +
180 iph->ihl * 4;
181 skb->csum_offset = (void *)check - data;
182 *check = ~csum_tcpudp_magic(iph->saddr, iph->daddr,
183 datalen, iph->protocol, 0);
184 } else {
185 *check = 0;
186 *check = csum_tcpudp_magic(iph->saddr, iph->daddr,
187 datalen, iph->protocol,
188 csum_partial(data, datalen,
189 0));
190 if (iph->protocol == IPPROTO_UDP && !*check)
191 *check = CSUM_MANGLED_0;
192 }
193 } else
194 inet_proto_csum_replace2(check, skb,
195 htons(oldlen), htons(datalen), 1);
196}
197
198/* Generic function for mangling variable-length address changes inside 168/* Generic function for mangling variable-length address changes inside
199 * NATed TCP connections (like the PORT XXX,XXX,XXX,XXX,XXX,XXX 169 * NATed TCP connections (like the PORT XXX,XXX,XXX,XXX,XXX,XXX
200 * command in FTP). 170 * command in FTP).
@@ -206,12 +176,13 @@ static void nf_nat_csum(struct sk_buff *skb, const struct iphdr *iph, void *data
206int __nf_nat_mangle_tcp_packet(struct sk_buff *skb, 176int __nf_nat_mangle_tcp_packet(struct sk_buff *skb,
207 struct nf_conn *ct, 177 struct nf_conn *ct,
208 enum ip_conntrack_info ctinfo, 178 enum ip_conntrack_info ctinfo,
179 unsigned int protoff,
209 unsigned int match_offset, 180 unsigned int match_offset,
210 unsigned int match_len, 181 unsigned int match_len,
211 const char *rep_buffer, 182 const char *rep_buffer,
212 unsigned int rep_len, bool adjust) 183 unsigned int rep_len, bool adjust)
213{ 184{
214 struct iphdr *iph; 185 const struct nf_nat_l3proto *l3proto;
215 struct tcphdr *tcph; 186 struct tcphdr *tcph;
216 int oldlen, datalen; 187 int oldlen, datalen;
217 188
@@ -225,15 +196,17 @@ int __nf_nat_mangle_tcp_packet(struct sk_buff *skb,
225 196
226 SKB_LINEAR_ASSERT(skb); 197 SKB_LINEAR_ASSERT(skb);
227 198
228 iph = ip_hdr(skb); 199 tcph = (void *)skb->data + protoff;
229 tcph = (void *)iph + iph->ihl*4;
230 200
231 oldlen = skb->len - iph->ihl*4; 201 oldlen = skb->len - protoff;
232 mangle_contents(skb, iph->ihl*4 + tcph->doff*4, 202 mangle_contents(skb, protoff + tcph->doff*4,
233 match_offset, match_len, rep_buffer, rep_len); 203 match_offset, match_len, rep_buffer, rep_len);
234 204
235 datalen = skb->len - iph->ihl*4; 205 datalen = skb->len - protoff;
236 nf_nat_csum(skb, iph, tcph, datalen, &tcph->check, oldlen); 206
207 l3proto = __nf_nat_l3proto_find(nf_ct_l3num(ct));
208 l3proto->csum_recalc(skb, IPPROTO_TCP, tcph, &tcph->check,
209 datalen, oldlen);
237 210
238 if (adjust && rep_len != match_len) 211 if (adjust && rep_len != match_len)
239 nf_nat_set_seq_adjust(ct, ctinfo, tcph->seq, 212 nf_nat_set_seq_adjust(ct, ctinfo, tcph->seq,
@@ -257,12 +230,13 @@ int
257nf_nat_mangle_udp_packet(struct sk_buff *skb, 230nf_nat_mangle_udp_packet(struct sk_buff *skb,
258 struct nf_conn *ct, 231 struct nf_conn *ct,
259 enum ip_conntrack_info ctinfo, 232 enum ip_conntrack_info ctinfo,
233 unsigned int protoff,
260 unsigned int match_offset, 234 unsigned int match_offset,
261 unsigned int match_len, 235 unsigned int match_len,
262 const char *rep_buffer, 236 const char *rep_buffer,
263 unsigned int rep_len) 237 unsigned int rep_len)
264{ 238{
265 struct iphdr *iph; 239 const struct nf_nat_l3proto *l3proto;
266 struct udphdr *udph; 240 struct udphdr *udph;
267 int datalen, oldlen; 241 int datalen, oldlen;
268 242
@@ -274,22 +248,23 @@ nf_nat_mangle_udp_packet(struct sk_buff *skb,
274 !enlarge_skb(skb, rep_len - match_len)) 248 !enlarge_skb(skb, rep_len - match_len))
275 return 0; 249 return 0;
276 250
277 iph = ip_hdr(skb); 251 udph = (void *)skb->data + protoff;
278 udph = (void *)iph + iph->ihl*4;
279 252
280 oldlen = skb->len - iph->ihl*4; 253 oldlen = skb->len - protoff;
281 mangle_contents(skb, iph->ihl*4 + sizeof(*udph), 254 mangle_contents(skb, protoff + sizeof(*udph),
282 match_offset, match_len, rep_buffer, rep_len); 255 match_offset, match_len, rep_buffer, rep_len);
283 256
284 /* update the length of the UDP packet */ 257 /* update the length of the UDP packet */
285 datalen = skb->len - iph->ihl*4; 258 datalen = skb->len - protoff;
286 udph->len = htons(datalen); 259 udph->len = htons(datalen);
287 260
288 /* fix udp checksum if udp checksum was previously calculated */ 261 /* fix udp checksum if udp checksum was previously calculated */
289 if (!udph->check && skb->ip_summed != CHECKSUM_PARTIAL) 262 if (!udph->check && skb->ip_summed != CHECKSUM_PARTIAL)
290 return 1; 263 return 1;
291 264
292 nf_nat_csum(skb, iph, udph, datalen, &udph->check, oldlen); 265 l3proto = __nf_nat_l3proto_find(nf_ct_l3num(ct));
266 l3proto->csum_recalc(skb, IPPROTO_UDP, udph, &udph->check,
267 datalen, oldlen);
293 268
294 return 1; 269 return 1;
295} 270}
@@ -341,6 +316,7 @@ sack_adjust(struct sk_buff *skb,
341/* TCP SACK sequence number adjustment */ 316/* TCP SACK sequence number adjustment */
342static inline unsigned int 317static inline unsigned int
343nf_nat_sack_adjust(struct sk_buff *skb, 318nf_nat_sack_adjust(struct sk_buff *skb,
319 unsigned int protoff,
344 struct tcphdr *tcph, 320 struct tcphdr *tcph,
345 struct nf_conn *ct, 321 struct nf_conn *ct,
346 enum ip_conntrack_info ctinfo) 322 enum ip_conntrack_info ctinfo)
@@ -348,8 +324,8 @@ nf_nat_sack_adjust(struct sk_buff *skb,
348 unsigned int dir, optoff, optend; 324 unsigned int dir, optoff, optend;
349 struct nf_conn_nat *nat = nfct_nat(ct); 325 struct nf_conn_nat *nat = nfct_nat(ct);
350 326
351 optoff = ip_hdrlen(skb) + sizeof(struct tcphdr); 327 optoff = protoff + sizeof(struct tcphdr);
352 optend = ip_hdrlen(skb) + tcph->doff * 4; 328 optend = protoff + tcph->doff * 4;
353 329
354 if (!skb_make_writable(skb, optend)) 330 if (!skb_make_writable(skb, optend))
355 return 0; 331 return 0;
@@ -387,7 +363,8 @@ nf_nat_sack_adjust(struct sk_buff *skb,
387int 363int
388nf_nat_seq_adjust(struct sk_buff *skb, 364nf_nat_seq_adjust(struct sk_buff *skb,
389 struct nf_conn *ct, 365 struct nf_conn *ct,
390 enum ip_conntrack_info ctinfo) 366 enum ip_conntrack_info ctinfo,
367 unsigned int protoff)
391{ 368{
392 struct tcphdr *tcph; 369 struct tcphdr *tcph;
393 int dir; 370 int dir;
@@ -401,10 +378,10 @@ nf_nat_seq_adjust(struct sk_buff *skb,
401 this_way = &nat->seq[dir]; 378 this_way = &nat->seq[dir];
402 other_way = &nat->seq[!dir]; 379 other_way = &nat->seq[!dir];
403 380
404 if (!skb_make_writable(skb, ip_hdrlen(skb) + sizeof(*tcph))) 381 if (!skb_make_writable(skb, protoff + sizeof(*tcph)))
405 return 0; 382 return 0;
406 383
407 tcph = (void *)skb->data + ip_hdrlen(skb); 384 tcph = (void *)skb->data + protoff;
408 if (after(ntohl(tcph->seq), this_way->correction_pos)) 385 if (after(ntohl(tcph->seq), this_way->correction_pos))
409 seqoff = this_way->offset_after; 386 seqoff = this_way->offset_after;
410 else 387 else
@@ -429,7 +406,7 @@ nf_nat_seq_adjust(struct sk_buff *skb,
429 tcph->seq = newseq; 406 tcph->seq = newseq;
430 tcph->ack_seq = newack; 407 tcph->ack_seq = newack;
431 408
432 return nf_nat_sack_adjust(skb, tcph, ct, ctinfo); 409 return nf_nat_sack_adjust(skb, protoff, tcph, ct, ctinfo);
433} 410}
434 411
435/* Setup NAT on this expected conntrack so it follows master. */ 412/* Setup NAT on this expected conntrack so it follows master. */
@@ -437,22 +414,22 @@ nf_nat_seq_adjust(struct sk_buff *skb,
437void nf_nat_follow_master(struct nf_conn *ct, 414void nf_nat_follow_master(struct nf_conn *ct,
438 struct nf_conntrack_expect *exp) 415 struct nf_conntrack_expect *exp)
439{ 416{
440 struct nf_nat_ipv4_range range; 417 struct nf_nat_range range;
441 418
442 /* This must be a fresh one. */ 419 /* This must be a fresh one. */
443 BUG_ON(ct->status & IPS_NAT_DONE_MASK); 420 BUG_ON(ct->status & IPS_NAT_DONE_MASK);
444 421
445 /* Change src to where master sends to */ 422 /* Change src to where master sends to */
446 range.flags = NF_NAT_RANGE_MAP_IPS; 423 range.flags = NF_NAT_RANGE_MAP_IPS;
447 range.min_ip = range.max_ip 424 range.min_addr = range.max_addr
448 = ct->master->tuplehash[!exp->dir].tuple.dst.u3.ip; 425 = ct->master->tuplehash[!exp->dir].tuple.dst.u3;
449 nf_nat_setup_info(ct, &range, NF_NAT_MANIP_SRC); 426 nf_nat_setup_info(ct, &range, NF_NAT_MANIP_SRC);
450 427
451 /* For DST manip, map port here to where it's expected. */ 428 /* For DST manip, map port here to where it's expected. */
452 range.flags = (NF_NAT_RANGE_MAP_IPS | NF_NAT_RANGE_PROTO_SPECIFIED); 429 range.flags = (NF_NAT_RANGE_MAP_IPS | NF_NAT_RANGE_PROTO_SPECIFIED);
453 range.min = range.max = exp->saved_proto; 430 range.min_proto = range.max_proto = exp->saved_proto;
454 range.min_ip = range.max_ip 431 range.min_addr = range.max_addr
455 = ct->master->tuplehash[!exp->dir].tuple.src.u3.ip; 432 = ct->master->tuplehash[!exp->dir].tuple.src.u3;
456 nf_nat_setup_info(ct, &range, NF_NAT_MANIP_DST); 433 nf_nat_setup_info(ct, &range, NF_NAT_MANIP_DST);
457} 434}
458EXPORT_SYMBOL(nf_nat_follow_master); 435EXPORT_SYMBOL(nf_nat_follow_master);
diff --git a/net/ipv4/netfilter/nf_nat_irc.c b/net/netfilter/nf_nat_irc.c
index 979ae165f4ef..1fedee6e7fb6 100644
--- a/net/ipv4/netfilter/nf_nat_irc.c
+++ b/net/netfilter/nf_nat_irc.c
@@ -17,7 +17,6 @@
17 17
18#include <net/netfilter/nf_nat.h> 18#include <net/netfilter/nf_nat.h>
19#include <net/netfilter/nf_nat_helper.h> 19#include <net/netfilter/nf_nat_helper.h>
20#include <net/netfilter/nf_nat_rule.h>
21#include <net/netfilter/nf_conntrack_helper.h> 20#include <net/netfilter/nf_conntrack_helper.h>
22#include <net/netfilter/nf_conntrack_expect.h> 21#include <net/netfilter/nf_conntrack_expect.h>
23#include <linux/netfilter/nf_conntrack_irc.h> 22#include <linux/netfilter/nf_conntrack_irc.h>
@@ -29,12 +28,12 @@ MODULE_ALIAS("ip_nat_irc");
29 28
30static unsigned int help(struct sk_buff *skb, 29static unsigned int help(struct sk_buff *skb,
31 enum ip_conntrack_info ctinfo, 30 enum ip_conntrack_info ctinfo,
31 unsigned int protoff,
32 unsigned int matchoff, 32 unsigned int matchoff,
33 unsigned int matchlen, 33 unsigned int matchlen,
34 struct nf_conntrack_expect *exp) 34 struct nf_conntrack_expect *exp)
35{ 35{
36 char buffer[sizeof("4294967296 65635")]; 36 char buffer[sizeof("4294967296 65635")];
37 u_int32_t ip;
38 u_int16_t port; 37 u_int16_t port;
39 unsigned int ret; 38 unsigned int ret;
40 39
@@ -60,13 +59,8 @@ static unsigned int help(struct sk_buff *skb,
60 if (port == 0) 59 if (port == 0)
61 return NF_DROP; 60 return NF_DROP;
62 61
63 ip = ntohl(exp->master->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u3.ip);
64 sprintf(buffer, "%u %u", ip, port);
65 pr_debug("nf_nat_irc: inserting '%s' == %pI4, port %u\n",
66 buffer, &ip, port);
67
68 ret = nf_nat_mangle_tcp_packet(skb, exp->master, ctinfo, 62 ret = nf_nat_mangle_tcp_packet(skb, exp->master, ctinfo,
69 matchoff, matchlen, buffer, 63 protoff, matchoff, matchlen, buffer,
70 strlen(buffer)); 64 strlen(buffer));
71 if (ret != NF_ACCEPT) 65 if (ret != NF_ACCEPT)
72 nf_ct_unexpect_related(exp); 66 nf_ct_unexpect_related(exp);
diff --git a/net/ipv4/netfilter/nf_nat_proto_common.c b/net/netfilter/nf_nat_proto_common.c
index 9993bc93e102..9baaf734c142 100644
--- a/net/ipv4/netfilter/nf_nat_proto_common.c
+++ b/net/netfilter/nf_nat_proto_common.c
@@ -9,20 +9,18 @@
9 9
10#include <linux/types.h> 10#include <linux/types.h>
11#include <linux/random.h> 11#include <linux/random.h>
12#include <linux/ip.h>
13
14#include <linux/netfilter.h> 12#include <linux/netfilter.h>
15#include <linux/export.h> 13#include <linux/export.h>
16#include <net/secure_seq.h> 14
17#include <net/netfilter/nf_nat.h> 15#include <net/netfilter/nf_nat.h>
18#include <net/netfilter/nf_nat_core.h> 16#include <net/netfilter/nf_nat_core.h>
19#include <net/netfilter/nf_nat_rule.h> 17#include <net/netfilter/nf_nat_l3proto.h>
20#include <net/netfilter/nf_nat_protocol.h> 18#include <net/netfilter/nf_nat_l4proto.h>
21 19
22bool nf_nat_proto_in_range(const struct nf_conntrack_tuple *tuple, 20bool nf_nat_l4proto_in_range(const struct nf_conntrack_tuple *tuple,
23 enum nf_nat_manip_type maniptype, 21 enum nf_nat_manip_type maniptype,
24 const union nf_conntrack_man_proto *min, 22 const union nf_conntrack_man_proto *min,
25 const union nf_conntrack_man_proto *max) 23 const union nf_conntrack_man_proto *max)
26{ 24{
27 __be16 port; 25 __be16 port;
28 26
@@ -34,13 +32,14 @@ bool nf_nat_proto_in_range(const struct nf_conntrack_tuple *tuple,
34 return ntohs(port) >= ntohs(min->all) && 32 return ntohs(port) >= ntohs(min->all) &&
35 ntohs(port) <= ntohs(max->all); 33 ntohs(port) <= ntohs(max->all);
36} 34}
37EXPORT_SYMBOL_GPL(nf_nat_proto_in_range); 35EXPORT_SYMBOL_GPL(nf_nat_l4proto_in_range);
38 36
39void nf_nat_proto_unique_tuple(struct nf_conntrack_tuple *tuple, 37void nf_nat_l4proto_unique_tuple(const struct nf_nat_l3proto *l3proto,
40 const struct nf_nat_ipv4_range *range, 38 struct nf_conntrack_tuple *tuple,
41 enum nf_nat_manip_type maniptype, 39 const struct nf_nat_range *range,
42 const struct nf_conn *ct, 40 enum nf_nat_manip_type maniptype,
43 u_int16_t *rover) 41 const struct nf_conn *ct,
42 u16 *rover)
44{ 43{
45 unsigned int range_size, min, i; 44 unsigned int range_size, min, i;
46 __be16 *portptr; 45 __be16 *portptr;
@@ -71,15 +70,14 @@ void nf_nat_proto_unique_tuple(struct nf_conntrack_tuple *tuple,
71 range_size = 65535 - 1024 + 1; 70 range_size = 65535 - 1024 + 1;
72 } 71 }
73 } else { 72 } else {
74 min = ntohs(range->min.all); 73 min = ntohs(range->min_proto.all);
75 range_size = ntohs(range->max.all) - min + 1; 74 range_size = ntohs(range->max_proto.all) - min + 1;
76 } 75 }
77 76
78 if (range->flags & NF_NAT_RANGE_PROTO_RANDOM) 77 if (range->flags & NF_NAT_RANGE_PROTO_RANDOM)
79 off = secure_ipv4_port_ephemeral(tuple->src.u3.ip, tuple->dst.u3.ip, 78 off = l3proto->secure_port(tuple, maniptype == NF_NAT_MANIP_SRC
80 maniptype == NF_NAT_MANIP_SRC 79 ? tuple->dst.u.all
81 ? tuple->dst.u.all 80 : tuple->src.u.all);
82 : tuple->src.u.all);
83 else 81 else
84 off = *rover; 82 off = *rover;
85 83
@@ -93,22 +91,22 @@ void nf_nat_proto_unique_tuple(struct nf_conntrack_tuple *tuple,
93 } 91 }
94 return; 92 return;
95} 93}
96EXPORT_SYMBOL_GPL(nf_nat_proto_unique_tuple); 94EXPORT_SYMBOL_GPL(nf_nat_l4proto_unique_tuple);
97 95
98#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) 96#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
99int nf_nat_proto_nlattr_to_range(struct nlattr *tb[], 97int nf_nat_l4proto_nlattr_to_range(struct nlattr *tb[],
100 struct nf_nat_ipv4_range *range) 98 struct nf_nat_range *range)
101{ 99{
102 if (tb[CTA_PROTONAT_PORT_MIN]) { 100 if (tb[CTA_PROTONAT_PORT_MIN]) {
103 range->min.all = nla_get_be16(tb[CTA_PROTONAT_PORT_MIN]); 101 range->min_proto.all = nla_get_be16(tb[CTA_PROTONAT_PORT_MIN]);
104 range->max.all = range->min.tcp.port; 102 range->max_proto.all = range->min_proto.all;
105 range->flags |= NF_NAT_RANGE_PROTO_SPECIFIED; 103 range->flags |= NF_NAT_RANGE_PROTO_SPECIFIED;
106 } 104 }
107 if (tb[CTA_PROTONAT_PORT_MAX]) { 105 if (tb[CTA_PROTONAT_PORT_MAX]) {
108 range->max.all = nla_get_be16(tb[CTA_PROTONAT_PORT_MAX]); 106 range->max_proto.all = nla_get_be16(tb[CTA_PROTONAT_PORT_MAX]);
109 range->flags |= NF_NAT_RANGE_PROTO_SPECIFIED; 107 range->flags |= NF_NAT_RANGE_PROTO_SPECIFIED;
110 } 108 }
111 return 0; 109 return 0;
112} 110}
113EXPORT_SYMBOL_GPL(nf_nat_proto_nlattr_to_range); 111EXPORT_SYMBOL_GPL(nf_nat_l4proto_nlattr_to_range);
114#endif 112#endif
diff --git a/net/ipv4/netfilter/nf_nat_proto_dccp.c b/net/netfilter/nf_nat_proto_dccp.c
index 3f67138d187c..c8be2cdac0bf 100644
--- a/net/ipv4/netfilter/nf_nat_proto_dccp.c
+++ b/net/netfilter/nf_nat_proto_dccp.c
@@ -1,7 +1,7 @@
1/* 1/*
2 * DCCP NAT protocol helper 2 * DCCP NAT protocol helper
3 * 3 *
4 * Copyright (c) 2005, 2006. 2008 Patrick McHardy <kaber@trash.net> 4 * Copyright (c) 2005, 2006, 2008 Patrick McHardy <kaber@trash.net>
5 * 5 *
6 * This program is free software; you can redistribute it and/or modify 6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as 7 * it under the terms of the GNU General Public License version 2 as
@@ -13,35 +13,34 @@
13#include <linux/module.h> 13#include <linux/module.h>
14#include <linux/init.h> 14#include <linux/init.h>
15#include <linux/skbuff.h> 15#include <linux/skbuff.h>
16#include <linux/ip.h>
17#include <linux/dccp.h> 16#include <linux/dccp.h>
18 17
19#include <net/netfilter/nf_conntrack.h> 18#include <net/netfilter/nf_conntrack.h>
20#include <net/netfilter/nf_nat.h> 19#include <net/netfilter/nf_nat.h>
21#include <net/netfilter/nf_nat_protocol.h> 20#include <net/netfilter/nf_nat_l3proto.h>
21#include <net/netfilter/nf_nat_l4proto.h>
22 22
23static u_int16_t dccp_port_rover; 23static u_int16_t dccp_port_rover;
24 24
25static void 25static void
26dccp_unique_tuple(struct nf_conntrack_tuple *tuple, 26dccp_unique_tuple(const struct nf_nat_l3proto *l3proto,
27 const struct nf_nat_ipv4_range *range, 27 struct nf_conntrack_tuple *tuple,
28 const struct nf_nat_range *range,
28 enum nf_nat_manip_type maniptype, 29 enum nf_nat_manip_type maniptype,
29 const struct nf_conn *ct) 30 const struct nf_conn *ct)
30{ 31{
31 nf_nat_proto_unique_tuple(tuple, range, maniptype, ct, 32 nf_nat_l4proto_unique_tuple(l3proto, tuple, range, maniptype, ct,
32 &dccp_port_rover); 33 &dccp_port_rover);
33} 34}
34 35
35static bool 36static bool
36dccp_manip_pkt(struct sk_buff *skb, 37dccp_manip_pkt(struct sk_buff *skb,
37 unsigned int iphdroff, 38 const struct nf_nat_l3proto *l3proto,
39 unsigned int iphdroff, unsigned int hdroff,
38 const struct nf_conntrack_tuple *tuple, 40 const struct nf_conntrack_tuple *tuple,
39 enum nf_nat_manip_type maniptype) 41 enum nf_nat_manip_type maniptype)
40{ 42{
41 const struct iphdr *iph = (const void *)(skb->data + iphdroff);
42 struct dccp_hdr *hdr; 43 struct dccp_hdr *hdr;
43 unsigned int hdroff = iphdroff + iph->ihl * 4;
44 __be32 oldip, newip;
45 __be16 *portptr, oldport, newport; 44 __be16 *portptr, oldport, newport;
46 int hdrsize = 8; /* DCCP connection tracking guarantees this much */ 45 int hdrsize = 8; /* DCCP connection tracking guarantees this much */
47 46
@@ -51,17 +50,12 @@ dccp_manip_pkt(struct sk_buff *skb,
51 if (!skb_make_writable(skb, hdroff + hdrsize)) 50 if (!skb_make_writable(skb, hdroff + hdrsize))
52 return false; 51 return false;
53 52
54 iph = (struct iphdr *)(skb->data + iphdroff);
55 hdr = (struct dccp_hdr *)(skb->data + hdroff); 53 hdr = (struct dccp_hdr *)(skb->data + hdroff);
56 54
57 if (maniptype == NF_NAT_MANIP_SRC) { 55 if (maniptype == NF_NAT_MANIP_SRC) {
58 oldip = iph->saddr;
59 newip = tuple->src.u3.ip;
60 newport = tuple->src.u.dccp.port; 56 newport = tuple->src.u.dccp.port;
61 portptr = &hdr->dccph_sport; 57 portptr = &hdr->dccph_sport;
62 } else { 58 } else {
63 oldip = iph->daddr;
64 newip = tuple->dst.u3.ip;
65 newport = tuple->dst.u.dccp.port; 59 newport = tuple->dst.u.dccp.port;
66 portptr = &hdr->dccph_dport; 60 portptr = &hdr->dccph_dport;
67 } 61 }
@@ -72,30 +66,46 @@ dccp_manip_pkt(struct sk_buff *skb,
72 if (hdrsize < sizeof(*hdr)) 66 if (hdrsize < sizeof(*hdr))
73 return true; 67 return true;
74 68
75 inet_proto_csum_replace4(&hdr->dccph_checksum, skb, oldip, newip, 1); 69 l3proto->csum_update(skb, iphdroff, &hdr->dccph_checksum,
70 tuple, maniptype);
76 inet_proto_csum_replace2(&hdr->dccph_checksum, skb, oldport, newport, 71 inet_proto_csum_replace2(&hdr->dccph_checksum, skb, oldport, newport,
77 0); 72 0);
78 return true; 73 return true;
79} 74}
80 75
81static const struct nf_nat_protocol nf_nat_protocol_dccp = { 76static const struct nf_nat_l4proto nf_nat_l4proto_dccp = {
82 .protonum = IPPROTO_DCCP, 77 .l4proto = IPPROTO_DCCP,
83 .manip_pkt = dccp_manip_pkt, 78 .manip_pkt = dccp_manip_pkt,
84 .in_range = nf_nat_proto_in_range, 79 .in_range = nf_nat_l4proto_in_range,
85 .unique_tuple = dccp_unique_tuple, 80 .unique_tuple = dccp_unique_tuple,
86#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) 81#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
87 .nlattr_to_range = nf_nat_proto_nlattr_to_range, 82 .nlattr_to_range = nf_nat_l4proto_nlattr_to_range,
88#endif 83#endif
89}; 84};
90 85
91static int __init nf_nat_proto_dccp_init(void) 86static int __init nf_nat_proto_dccp_init(void)
92{ 87{
93 return nf_nat_protocol_register(&nf_nat_protocol_dccp); 88 int err;
89
90 err = nf_nat_l4proto_register(NFPROTO_IPV4, &nf_nat_l4proto_dccp);
91 if (err < 0)
92 goto err1;
93 err = nf_nat_l4proto_register(NFPROTO_IPV6, &nf_nat_l4proto_dccp);
94 if (err < 0)
95 goto err2;
96 return 0;
97
98err2:
99 nf_nat_l4proto_unregister(NFPROTO_IPV4, &nf_nat_l4proto_dccp);
100err1:
101 return err;
94} 102}
95 103
96static void __exit nf_nat_proto_dccp_fini(void) 104static void __exit nf_nat_proto_dccp_fini(void)
97{ 105{
98 nf_nat_protocol_unregister(&nf_nat_protocol_dccp); 106 nf_nat_l4proto_unregister(NFPROTO_IPV6, &nf_nat_l4proto_dccp);
107 nf_nat_l4proto_unregister(NFPROTO_IPV4, &nf_nat_l4proto_dccp);
108
99} 109}
100 110
101module_init(nf_nat_proto_dccp_init); 111module_init(nf_nat_proto_dccp_init);
diff --git a/net/ipv4/netfilter/nf_nat_proto_sctp.c b/net/netfilter/nf_nat_proto_sctp.c
index 3cce9b6c1c29..e64faa5ca893 100644
--- a/net/ipv4/netfilter/nf_nat_proto_sctp.c
+++ b/net/netfilter/nf_nat_proto_sctp.c
@@ -8,53 +8,46 @@
8 8
9#include <linux/types.h> 9#include <linux/types.h>
10#include <linux/init.h> 10#include <linux/init.h>
11#include <linux/ip.h>
12#include <linux/sctp.h> 11#include <linux/sctp.h>
13#include <linux/module.h> 12#include <linux/module.h>
14#include <net/sctp/checksum.h> 13#include <net/sctp/checksum.h>
15 14
16#include <net/netfilter/nf_nat_protocol.h> 15#include <net/netfilter/nf_nat_l4proto.h>
17 16
18static u_int16_t nf_sctp_port_rover; 17static u_int16_t nf_sctp_port_rover;
19 18
20static void 19static void
21sctp_unique_tuple(struct nf_conntrack_tuple *tuple, 20sctp_unique_tuple(const struct nf_nat_l3proto *l3proto,
22 const struct nf_nat_ipv4_range *range, 21 struct nf_conntrack_tuple *tuple,
22 const struct nf_nat_range *range,
23 enum nf_nat_manip_type maniptype, 23 enum nf_nat_manip_type maniptype,
24 const struct nf_conn *ct) 24 const struct nf_conn *ct)
25{ 25{
26 nf_nat_proto_unique_tuple(tuple, range, maniptype, ct, 26 nf_nat_l4proto_unique_tuple(l3proto, tuple, range, maniptype, ct,
27 &nf_sctp_port_rover); 27 &nf_sctp_port_rover);
28} 28}
29 29
30static bool 30static bool
31sctp_manip_pkt(struct sk_buff *skb, 31sctp_manip_pkt(struct sk_buff *skb,
32 unsigned int iphdroff, 32 const struct nf_nat_l3proto *l3proto,
33 unsigned int iphdroff, unsigned int hdroff,
33 const struct nf_conntrack_tuple *tuple, 34 const struct nf_conntrack_tuple *tuple,
34 enum nf_nat_manip_type maniptype) 35 enum nf_nat_manip_type maniptype)
35{ 36{
36 const struct iphdr *iph = (struct iphdr *)(skb->data + iphdroff);
37 struct sk_buff *frag; 37 struct sk_buff *frag;
38 sctp_sctphdr_t *hdr; 38 sctp_sctphdr_t *hdr;
39 unsigned int hdroff = iphdroff + iph->ihl*4;
40 __be32 oldip, newip;
41 __be32 crc32; 39 __be32 crc32;
42 40
43 if (!skb_make_writable(skb, hdroff + sizeof(*hdr))) 41 if (!skb_make_writable(skb, hdroff + sizeof(*hdr)))
44 return false; 42 return false;
45 43
46 iph = (struct iphdr *)(skb->data + iphdroff);
47 hdr = (struct sctphdr *)(skb->data + hdroff); 44 hdr = (struct sctphdr *)(skb->data + hdroff);
48 45
49 if (maniptype == NF_NAT_MANIP_SRC) { 46 if (maniptype == NF_NAT_MANIP_SRC) {
50 /* Get rid of src ip and src pt */ 47 /* Get rid of src port */
51 oldip = iph->saddr;
52 newip = tuple->src.u3.ip;
53 hdr->source = tuple->src.u.sctp.port; 48 hdr->source = tuple->src.u.sctp.port;
54 } else { 49 } else {
55 /* Get rid of dst ip and dst pt */ 50 /* Get rid of dst port */
56 oldip = iph->daddr;
57 newip = tuple->dst.u3.ip;
58 hdr->dest = tuple->dst.u.sctp.port; 51 hdr->dest = tuple->dst.u.sctp.port;
59 } 52 }
60 53
@@ -68,24 +61,38 @@ sctp_manip_pkt(struct sk_buff *skb,
68 return true; 61 return true;
69} 62}
70 63
71static const struct nf_nat_protocol nf_nat_protocol_sctp = { 64static const struct nf_nat_l4proto nf_nat_l4proto_sctp = {
72 .protonum = IPPROTO_SCTP, 65 .l4proto = IPPROTO_SCTP,
73 .manip_pkt = sctp_manip_pkt, 66 .manip_pkt = sctp_manip_pkt,
74 .in_range = nf_nat_proto_in_range, 67 .in_range = nf_nat_l4proto_in_range,
75 .unique_tuple = sctp_unique_tuple, 68 .unique_tuple = sctp_unique_tuple,
76#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) 69#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
77 .nlattr_to_range = nf_nat_proto_nlattr_to_range, 70 .nlattr_to_range = nf_nat_l4proto_nlattr_to_range,
78#endif 71#endif
79}; 72};
80 73
81static int __init nf_nat_proto_sctp_init(void) 74static int __init nf_nat_proto_sctp_init(void)
82{ 75{
83 return nf_nat_protocol_register(&nf_nat_protocol_sctp); 76 int err;
77
78 err = nf_nat_l4proto_register(NFPROTO_IPV4, &nf_nat_l4proto_sctp);
79 if (err < 0)
80 goto err1;
81 err = nf_nat_l4proto_register(NFPROTO_IPV6, &nf_nat_l4proto_sctp);
82 if (err < 0)
83 goto err2;
84 return 0;
85
86err2:
87 nf_nat_l4proto_unregister(NFPROTO_IPV4, &nf_nat_l4proto_sctp);
88err1:
89 return err;
84} 90}
85 91
86static void __exit nf_nat_proto_sctp_exit(void) 92static void __exit nf_nat_proto_sctp_exit(void)
87{ 93{
88 nf_nat_protocol_unregister(&nf_nat_protocol_sctp); 94 nf_nat_l4proto_unregister(NFPROTO_IPV6, &nf_nat_l4proto_sctp);
95 nf_nat_l4proto_unregister(NFPROTO_IPV4, &nf_nat_l4proto_sctp);
89} 96}
90 97
91module_init(nf_nat_proto_sctp_init); 98module_init(nf_nat_proto_sctp_init);
diff --git a/net/ipv4/netfilter/nf_nat_proto_tcp.c b/net/netfilter/nf_nat_proto_tcp.c
index 9fb4b4e72bbf..83ec8a6e4c36 100644
--- a/net/ipv4/netfilter/nf_nat_proto_tcp.c
+++ b/net/netfilter/nf_nat_proto_tcp.c
@@ -9,37 +9,36 @@
9#include <linux/types.h> 9#include <linux/types.h>
10#include <linux/init.h> 10#include <linux/init.h>
11#include <linux/export.h> 11#include <linux/export.h>
12#include <linux/ip.h>
13#include <linux/tcp.h> 12#include <linux/tcp.h>
14 13
15#include <linux/netfilter.h> 14#include <linux/netfilter.h>
16#include <linux/netfilter/nfnetlink_conntrack.h> 15#include <linux/netfilter/nfnetlink_conntrack.h>
17#include <net/netfilter/nf_nat.h> 16#include <net/netfilter/nf_nat.h>
18#include <net/netfilter/nf_nat_rule.h> 17#include <net/netfilter/nf_nat_l3proto.h>
19#include <net/netfilter/nf_nat_protocol.h> 18#include <net/netfilter/nf_nat_l4proto.h>
20#include <net/netfilter/nf_nat_core.h> 19#include <net/netfilter/nf_nat_core.h>
21 20
22static u_int16_t tcp_port_rover; 21static u16 tcp_port_rover;
23 22
24static void 23static void
25tcp_unique_tuple(struct nf_conntrack_tuple *tuple, 24tcp_unique_tuple(const struct nf_nat_l3proto *l3proto,
26 const struct nf_nat_ipv4_range *range, 25 struct nf_conntrack_tuple *tuple,
26 const struct nf_nat_range *range,
27 enum nf_nat_manip_type maniptype, 27 enum nf_nat_manip_type maniptype,
28 const struct nf_conn *ct) 28 const struct nf_conn *ct)
29{ 29{
30 nf_nat_proto_unique_tuple(tuple, range, maniptype, ct, &tcp_port_rover); 30 nf_nat_l4proto_unique_tuple(l3proto, tuple, range, maniptype, ct,
31 &tcp_port_rover);
31} 32}
32 33
33static bool 34static bool
34tcp_manip_pkt(struct sk_buff *skb, 35tcp_manip_pkt(struct sk_buff *skb,
35 unsigned int iphdroff, 36 const struct nf_nat_l3proto *l3proto,
37 unsigned int iphdroff, unsigned int hdroff,
36 const struct nf_conntrack_tuple *tuple, 38 const struct nf_conntrack_tuple *tuple,
37 enum nf_nat_manip_type maniptype) 39 enum nf_nat_manip_type maniptype)
38{ 40{
39 const struct iphdr *iph = (struct iphdr *)(skb->data + iphdroff);
40 struct tcphdr *hdr; 41 struct tcphdr *hdr;
41 unsigned int hdroff = iphdroff + iph->ihl*4;
42 __be32 oldip, newip;
43 __be16 *portptr, newport, oldport; 42 __be16 *portptr, newport, oldport;
44 int hdrsize = 8; /* TCP connection tracking guarantees this much */ 43 int hdrsize = 8; /* TCP connection tracking guarantees this much */
45 44
@@ -52,19 +51,14 @@ tcp_manip_pkt(struct sk_buff *skb,
52 if (!skb_make_writable(skb, hdroff + hdrsize)) 51 if (!skb_make_writable(skb, hdroff + hdrsize))
53 return false; 52 return false;
54 53
55 iph = (struct iphdr *)(skb->data + iphdroff);
56 hdr = (struct tcphdr *)(skb->data + hdroff); 54 hdr = (struct tcphdr *)(skb->data + hdroff);
57 55
58 if (maniptype == NF_NAT_MANIP_SRC) { 56 if (maniptype == NF_NAT_MANIP_SRC) {
59 /* Get rid of src ip and src pt */ 57 /* Get rid of src port */
60 oldip = iph->saddr;
61 newip = tuple->src.u3.ip;
62 newport = tuple->src.u.tcp.port; 58 newport = tuple->src.u.tcp.port;
63 portptr = &hdr->source; 59 portptr = &hdr->source;
64 } else { 60 } else {
65 /* Get rid of dst ip and dst pt */ 61 /* Get rid of dst port */
66 oldip = iph->daddr;
67 newip = tuple->dst.u3.ip;
68 newport = tuple->dst.u.tcp.port; 62 newport = tuple->dst.u.tcp.port;
69 portptr = &hdr->dest; 63 portptr = &hdr->dest;
70 } 64 }
@@ -75,17 +69,17 @@ tcp_manip_pkt(struct sk_buff *skb,
75 if (hdrsize < sizeof(*hdr)) 69 if (hdrsize < sizeof(*hdr))
76 return true; 70 return true;
77 71
78 inet_proto_csum_replace4(&hdr->check, skb, oldip, newip, 1); 72 l3proto->csum_update(skb, iphdroff, &hdr->check, tuple, maniptype);
79 inet_proto_csum_replace2(&hdr->check, skb, oldport, newport, 0); 73 inet_proto_csum_replace2(&hdr->check, skb, oldport, newport, 0);
80 return true; 74 return true;
81} 75}
82 76
83const struct nf_nat_protocol nf_nat_protocol_tcp = { 77const struct nf_nat_l4proto nf_nat_l4proto_tcp = {
84 .protonum = IPPROTO_TCP, 78 .l4proto = IPPROTO_TCP,
85 .manip_pkt = tcp_manip_pkt, 79 .manip_pkt = tcp_manip_pkt,
86 .in_range = nf_nat_proto_in_range, 80 .in_range = nf_nat_l4proto_in_range,
87 .unique_tuple = tcp_unique_tuple, 81 .unique_tuple = tcp_unique_tuple,
88#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) 82#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
89 .nlattr_to_range = nf_nat_proto_nlattr_to_range, 83 .nlattr_to_range = nf_nat_l4proto_nlattr_to_range,
90#endif 84#endif
91}; 85};
diff --git a/net/ipv4/netfilter/nf_nat_proto_udp.c b/net/netfilter/nf_nat_proto_udp.c
index 9883336e628f..7df613fb34a2 100644
--- a/net/ipv4/netfilter/nf_nat_proto_udp.c
+++ b/net/netfilter/nf_nat_proto_udp.c
@@ -9,59 +9,53 @@
9#include <linux/types.h> 9#include <linux/types.h>
10#include <linux/export.h> 10#include <linux/export.h>
11#include <linux/init.h> 11#include <linux/init.h>
12#include <linux/ip.h>
13#include <linux/udp.h> 12#include <linux/udp.h>
14 13
15#include <linux/netfilter.h> 14#include <linux/netfilter.h>
16#include <net/netfilter/nf_nat.h> 15#include <net/netfilter/nf_nat.h>
17#include <net/netfilter/nf_nat_core.h> 16#include <net/netfilter/nf_nat_core.h>
18#include <net/netfilter/nf_nat_rule.h> 17#include <net/netfilter/nf_nat_l3proto.h>
19#include <net/netfilter/nf_nat_protocol.h> 18#include <net/netfilter/nf_nat_l4proto.h>
20 19
21static u_int16_t udp_port_rover; 20static u16 udp_port_rover;
22 21
23static void 22static void
24udp_unique_tuple(struct nf_conntrack_tuple *tuple, 23udp_unique_tuple(const struct nf_nat_l3proto *l3proto,
25 const struct nf_nat_ipv4_range *range, 24 struct nf_conntrack_tuple *tuple,
25 const struct nf_nat_range *range,
26 enum nf_nat_manip_type maniptype, 26 enum nf_nat_manip_type maniptype,
27 const struct nf_conn *ct) 27 const struct nf_conn *ct)
28{ 28{
29 nf_nat_proto_unique_tuple(tuple, range, maniptype, ct, &udp_port_rover); 29 nf_nat_l4proto_unique_tuple(l3proto, tuple, range, maniptype, ct,
30 &udp_port_rover);
30} 31}
31 32
32static bool 33static bool
33udp_manip_pkt(struct sk_buff *skb, 34udp_manip_pkt(struct sk_buff *skb,
34 unsigned int iphdroff, 35 const struct nf_nat_l3proto *l3proto,
36 unsigned int iphdroff, unsigned int hdroff,
35 const struct nf_conntrack_tuple *tuple, 37 const struct nf_conntrack_tuple *tuple,
36 enum nf_nat_manip_type maniptype) 38 enum nf_nat_manip_type maniptype)
37{ 39{
38 const struct iphdr *iph = (struct iphdr *)(skb->data + iphdroff);
39 struct udphdr *hdr; 40 struct udphdr *hdr;
40 unsigned int hdroff = iphdroff + iph->ihl*4;
41 __be32 oldip, newip;
42 __be16 *portptr, newport; 41 __be16 *portptr, newport;
43 42
44 if (!skb_make_writable(skb, hdroff + sizeof(*hdr))) 43 if (!skb_make_writable(skb, hdroff + sizeof(*hdr)))
45 return false; 44 return false;
46
47 iph = (struct iphdr *)(skb->data + iphdroff);
48 hdr = (struct udphdr *)(skb->data + hdroff); 45 hdr = (struct udphdr *)(skb->data + hdroff);
49 46
50 if (maniptype == NF_NAT_MANIP_SRC) { 47 if (maniptype == NF_NAT_MANIP_SRC) {
51 /* Get rid of src ip and src pt */ 48 /* Get rid of src port */
52 oldip = iph->saddr;
53 newip = tuple->src.u3.ip;
54 newport = tuple->src.u.udp.port; 49 newport = tuple->src.u.udp.port;
55 portptr = &hdr->source; 50 portptr = &hdr->source;
56 } else { 51 } else {
57 /* Get rid of dst ip and dst pt */ 52 /* Get rid of dst port */
58 oldip = iph->daddr;
59 newip = tuple->dst.u3.ip;
60 newport = tuple->dst.u.udp.port; 53 newport = tuple->dst.u.udp.port;
61 portptr = &hdr->dest; 54 portptr = &hdr->dest;
62 } 55 }
63 if (hdr->check || skb->ip_summed == CHECKSUM_PARTIAL) { 56 if (hdr->check || skb->ip_summed == CHECKSUM_PARTIAL) {
64 inet_proto_csum_replace4(&hdr->check, skb, oldip, newip, 1); 57 l3proto->csum_update(skb, iphdroff, &hdr->check,
58 tuple, maniptype);
65 inet_proto_csum_replace2(&hdr->check, skb, *portptr, newport, 59 inet_proto_csum_replace2(&hdr->check, skb, *portptr, newport,
66 0); 60 0);
67 if (!hdr->check) 61 if (!hdr->check)
@@ -71,12 +65,12 @@ udp_manip_pkt(struct sk_buff *skb,
71 return true; 65 return true;
72} 66}
73 67
74const struct nf_nat_protocol nf_nat_protocol_udp = { 68const struct nf_nat_l4proto nf_nat_l4proto_udp = {
75 .protonum = IPPROTO_UDP, 69 .l4proto = IPPROTO_UDP,
76 .manip_pkt = udp_manip_pkt, 70 .manip_pkt = udp_manip_pkt,
77 .in_range = nf_nat_proto_in_range, 71 .in_range = nf_nat_l4proto_in_range,
78 .unique_tuple = udp_unique_tuple, 72 .unique_tuple = udp_unique_tuple,
79#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) 73#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
80 .nlattr_to_range = nf_nat_proto_nlattr_to_range, 74 .nlattr_to_range = nf_nat_l4proto_nlattr_to_range,
81#endif 75#endif
82}; 76};
diff --git a/net/ipv4/netfilter/nf_nat_proto_udplite.c b/net/netfilter/nf_nat_proto_udplite.c
index d24d10a7beb2..776a0d1317b1 100644
--- a/net/ipv4/netfilter/nf_nat_proto_udplite.c
+++ b/net/netfilter/nf_nat_proto_udplite.c
@@ -9,59 +9,53 @@
9 9
10#include <linux/types.h> 10#include <linux/types.h>
11#include <linux/init.h> 11#include <linux/init.h>
12#include <linux/ip.h>
13#include <linux/udp.h> 12#include <linux/udp.h>
14 13
15#include <linux/netfilter.h> 14#include <linux/netfilter.h>
16#include <linux/module.h> 15#include <linux/module.h>
17#include <net/netfilter/nf_nat.h> 16#include <net/netfilter/nf_nat.h>
18#include <net/netfilter/nf_nat_protocol.h> 17#include <net/netfilter/nf_nat_l3proto.h>
18#include <net/netfilter/nf_nat_l4proto.h>
19 19
20static u_int16_t udplite_port_rover; 20static u16 udplite_port_rover;
21 21
22static void 22static void
23udplite_unique_tuple(struct nf_conntrack_tuple *tuple, 23udplite_unique_tuple(const struct nf_nat_l3proto *l3proto,
24 const struct nf_nat_ipv4_range *range, 24 struct nf_conntrack_tuple *tuple,
25 const struct nf_nat_range *range,
25 enum nf_nat_manip_type maniptype, 26 enum nf_nat_manip_type maniptype,
26 const struct nf_conn *ct) 27 const struct nf_conn *ct)
27{ 28{
28 nf_nat_proto_unique_tuple(tuple, range, maniptype, ct, 29 nf_nat_l4proto_unique_tuple(l3proto, tuple, range, maniptype, ct,
29 &udplite_port_rover); 30 &udplite_port_rover);
30} 31}
31 32
32static bool 33static bool
33udplite_manip_pkt(struct sk_buff *skb, 34udplite_manip_pkt(struct sk_buff *skb,
34 unsigned int iphdroff, 35 const struct nf_nat_l3proto *l3proto,
36 unsigned int iphdroff, unsigned int hdroff,
35 const struct nf_conntrack_tuple *tuple, 37 const struct nf_conntrack_tuple *tuple,
36 enum nf_nat_manip_type maniptype) 38 enum nf_nat_manip_type maniptype)
37{ 39{
38 const struct iphdr *iph = (struct iphdr *)(skb->data + iphdroff);
39 struct udphdr *hdr; 40 struct udphdr *hdr;
40 unsigned int hdroff = iphdroff + iph->ihl*4;
41 __be32 oldip, newip;
42 __be16 *portptr, newport; 41 __be16 *portptr, newport;
43 42
44 if (!skb_make_writable(skb, hdroff + sizeof(*hdr))) 43 if (!skb_make_writable(skb, hdroff + sizeof(*hdr)))
45 return false; 44 return false;
46 45
47 iph = (struct iphdr *)(skb->data + iphdroff);
48 hdr = (struct udphdr *)(skb->data + hdroff); 46 hdr = (struct udphdr *)(skb->data + hdroff);
49 47
50 if (maniptype == NF_NAT_MANIP_SRC) { 48 if (maniptype == NF_NAT_MANIP_SRC) {
51 /* Get rid of src ip and src pt */ 49 /* Get rid of source port */
52 oldip = iph->saddr;
53 newip = tuple->src.u3.ip;
54 newport = tuple->src.u.udp.port; 50 newport = tuple->src.u.udp.port;
55 portptr = &hdr->source; 51 portptr = &hdr->source;
56 } else { 52 } else {
57 /* Get rid of dst ip and dst pt */ 53 /* Get rid of dst port */
58 oldip = iph->daddr;
59 newip = tuple->dst.u3.ip;
60 newport = tuple->dst.u.udp.port; 54 newport = tuple->dst.u.udp.port;
61 portptr = &hdr->dest; 55 portptr = &hdr->dest;
62 } 56 }
63 57
64 inet_proto_csum_replace4(&hdr->check, skb, oldip, newip, 1); 58 l3proto->csum_update(skb, iphdroff, &hdr->check, tuple, maniptype);
65 inet_proto_csum_replace2(&hdr->check, skb, *portptr, newport, 0); 59 inet_proto_csum_replace2(&hdr->check, skb, *portptr, newport, 0);
66 if (!hdr->check) 60 if (!hdr->check)
67 hdr->check = CSUM_MANGLED_0; 61 hdr->check = CSUM_MANGLED_0;
@@ -70,24 +64,38 @@ udplite_manip_pkt(struct sk_buff *skb,
70 return true; 64 return true;
71} 65}
72 66
73static const struct nf_nat_protocol nf_nat_protocol_udplite = { 67static const struct nf_nat_l4proto nf_nat_l4proto_udplite = {
74 .protonum = IPPROTO_UDPLITE, 68 .l4proto = IPPROTO_UDPLITE,
75 .manip_pkt = udplite_manip_pkt, 69 .manip_pkt = udplite_manip_pkt,
76 .in_range = nf_nat_proto_in_range, 70 .in_range = nf_nat_l4proto_in_range,
77 .unique_tuple = udplite_unique_tuple, 71 .unique_tuple = udplite_unique_tuple,
78#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) 72#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
79 .nlattr_to_range = nf_nat_proto_nlattr_to_range, 73 .nlattr_to_range = nf_nat_l4proto_nlattr_to_range,
80#endif 74#endif
81}; 75};
82 76
83static int __init nf_nat_proto_udplite_init(void) 77static int __init nf_nat_proto_udplite_init(void)
84{ 78{
85 return nf_nat_protocol_register(&nf_nat_protocol_udplite); 79 int err;
80
81 err = nf_nat_l4proto_register(NFPROTO_IPV4, &nf_nat_l4proto_udplite);
82 if (err < 0)
83 goto err1;
84 err = nf_nat_l4proto_register(NFPROTO_IPV6, &nf_nat_l4proto_udplite);
85 if (err < 0)
86 goto err2;
87 return 0;
88
89err2:
90 nf_nat_l4proto_unregister(NFPROTO_IPV4, &nf_nat_l4proto_udplite);
91err1:
92 return err;
86} 93}
87 94
88static void __exit nf_nat_proto_udplite_fini(void) 95static void __exit nf_nat_proto_udplite_fini(void)
89{ 96{
90 nf_nat_protocol_unregister(&nf_nat_protocol_udplite); 97 nf_nat_l4proto_unregister(NFPROTO_IPV6, &nf_nat_l4proto_udplite);
98 nf_nat_l4proto_unregister(NFPROTO_IPV4, &nf_nat_l4proto_udplite);
91} 99}
92 100
93module_init(nf_nat_proto_udplite_init); 101module_init(nf_nat_proto_udplite_init);
diff --git a/net/ipv4/netfilter/nf_nat_proto_unknown.c b/net/netfilter/nf_nat_proto_unknown.c
index e0afe8112b1c..6e494d584412 100644
--- a/net/ipv4/netfilter/nf_nat_proto_unknown.c
+++ b/net/netfilter/nf_nat_proto_unknown.c
@@ -15,8 +15,7 @@
15 15
16#include <linux/netfilter.h> 16#include <linux/netfilter.h>
17#include <net/netfilter/nf_nat.h> 17#include <net/netfilter/nf_nat.h>
18#include <net/netfilter/nf_nat_rule.h> 18#include <net/netfilter/nf_nat_l4proto.h>
19#include <net/netfilter/nf_nat_protocol.h>
20 19
21static bool unknown_in_range(const struct nf_conntrack_tuple *tuple, 20static bool unknown_in_range(const struct nf_conntrack_tuple *tuple,
22 enum nf_nat_manip_type manip_type, 21 enum nf_nat_manip_type manip_type,
@@ -26,26 +25,29 @@ static bool unknown_in_range(const struct nf_conntrack_tuple *tuple,
26 return true; 25 return true;
27} 26}
28 27
29static void unknown_unique_tuple(struct nf_conntrack_tuple *tuple, 28static void unknown_unique_tuple(const struct nf_nat_l3proto *l3proto,
30 const struct nf_nat_ipv4_range *range, 29 struct nf_conntrack_tuple *tuple,
30 const struct nf_nat_range *range,
31 enum nf_nat_manip_type maniptype, 31 enum nf_nat_manip_type maniptype,
32 const struct nf_conn *ct) 32 const struct nf_conn *ct)
33{ 33{
34 /* Sorry: we can't help you; if it's not unique, we can't frob 34 /* Sorry: we can't help you; if it's not unique, we can't frob
35 anything. */ 35 * anything.
36 */
36 return; 37 return;
37} 38}
38 39
39static bool 40static bool
40unknown_manip_pkt(struct sk_buff *skb, 41unknown_manip_pkt(struct sk_buff *skb,
41 unsigned int iphdroff, 42 const struct nf_nat_l3proto *l3proto,
43 unsigned int iphdroff, unsigned int hdroff,
42 const struct nf_conntrack_tuple *tuple, 44 const struct nf_conntrack_tuple *tuple,
43 enum nf_nat_manip_type maniptype) 45 enum nf_nat_manip_type maniptype)
44{ 46{
45 return true; 47 return true;
46} 48}
47 49
48const struct nf_nat_protocol nf_nat_unknown_protocol = { 50const struct nf_nat_l4proto nf_nat_l4proto_unknown = {
49 .manip_pkt = unknown_manip_pkt, 51 .manip_pkt = unknown_manip_pkt,
50 .in_range = unknown_in_range, 52 .in_range = unknown_in_range,
51 .unique_tuple = unknown_unique_tuple, 53 .unique_tuple = unknown_unique_tuple,
diff --git a/net/ipv4/netfilter/nf_nat_sip.c b/net/netfilter/nf_nat_sip.c
index 9c87cde28ff8..16303c752213 100644
--- a/net/ipv4/netfilter/nf_nat_sip.c
+++ b/net/netfilter/nf_nat_sip.c
@@ -3,7 +3,7 @@
3 * (C) 2005 by Christian Hentschel <chentschel@arnet.com.ar> 3 * (C) 2005 by Christian Hentschel <chentschel@arnet.com.ar>
4 * based on RR's ip_nat_ftp.c and other modules. 4 * based on RR's ip_nat_ftp.c and other modules.
5 * (C) 2007 United Security Providers 5 * (C) 2007 United Security Providers
6 * (C) 2007, 2008 Patrick McHardy <kaber@trash.net> 6 * (C) 2007, 2008, 2011, 2012 Patrick McHardy <kaber@trash.net>
7 * 7 *
8 * This program is free software; you can redistribute it and/or modify 8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License version 2 as 9 * it under the terms of the GNU General Public License version 2 as
@@ -12,14 +12,12 @@
12 12
13#include <linux/module.h> 13#include <linux/module.h>
14#include <linux/skbuff.h> 14#include <linux/skbuff.h>
15#include <linux/ip.h> 15#include <linux/inet.h>
16#include <net/ip.h>
17#include <linux/udp.h> 16#include <linux/udp.h>
18#include <linux/tcp.h> 17#include <linux/tcp.h>
19 18
20#include <net/netfilter/nf_nat.h> 19#include <net/netfilter/nf_nat.h>
21#include <net/netfilter/nf_nat_helper.h> 20#include <net/netfilter/nf_nat_helper.h>
22#include <net/netfilter/nf_nat_rule.h>
23#include <net/netfilter/nf_conntrack_helper.h> 21#include <net/netfilter/nf_conntrack_helper.h>
24#include <net/netfilter/nf_conntrack_expect.h> 22#include <net/netfilter/nf_conntrack_expect.h>
25#include <linux/netfilter/nf_conntrack_sip.h> 23#include <linux/netfilter/nf_conntrack_sip.h>
@@ -30,7 +28,8 @@ MODULE_DESCRIPTION("SIP NAT helper");
30MODULE_ALIAS("ip_nat_sip"); 28MODULE_ALIAS("ip_nat_sip");
31 29
32 30
33static unsigned int mangle_packet(struct sk_buff *skb, unsigned int dataoff, 31static unsigned int mangle_packet(struct sk_buff *skb, unsigned int protoff,
32 unsigned int dataoff,
34 const char **dptr, unsigned int *datalen, 33 const char **dptr, unsigned int *datalen,
35 unsigned int matchoff, unsigned int matchlen, 34 unsigned int matchoff, unsigned int matchlen,
36 const char *buffer, unsigned int buflen) 35 const char *buffer, unsigned int buflen)
@@ -41,20 +40,20 @@ static unsigned int mangle_packet(struct sk_buff *skb, unsigned int dataoff,
41 unsigned int baseoff; 40 unsigned int baseoff;
42 41
43 if (nf_ct_protonum(ct) == IPPROTO_TCP) { 42 if (nf_ct_protonum(ct) == IPPROTO_TCP) {
44 th = (struct tcphdr *)(skb->data + ip_hdrlen(skb)); 43 th = (struct tcphdr *)(skb->data + protoff);
45 baseoff = ip_hdrlen(skb) + th->doff * 4; 44 baseoff = protoff + th->doff * 4;
46 matchoff += dataoff - baseoff; 45 matchoff += dataoff - baseoff;
47 46
48 if (!__nf_nat_mangle_tcp_packet(skb, ct, ctinfo, 47 if (!__nf_nat_mangle_tcp_packet(skb, ct, ctinfo,
49 matchoff, matchlen, 48 protoff, matchoff, matchlen,
50 buffer, buflen, false)) 49 buffer, buflen, false))
51 return 0; 50 return 0;
52 } else { 51 } else {
53 baseoff = ip_hdrlen(skb) + sizeof(struct udphdr); 52 baseoff = protoff + sizeof(struct udphdr);
54 matchoff += dataoff - baseoff; 53 matchoff += dataoff - baseoff;
55 54
56 if (!nf_nat_mangle_udp_packet(skb, ct, ctinfo, 55 if (!nf_nat_mangle_udp_packet(skb, ct, ctinfo,
57 matchoff, matchlen, 56 protoff, matchoff, matchlen,
58 buffer, buflen)) 57 buffer, buflen))
59 return 0; 58 return 0;
60 } 59 }
@@ -65,7 +64,30 @@ static unsigned int mangle_packet(struct sk_buff *skb, unsigned int dataoff,
65 return 1; 64 return 1;
66} 65}
67 66
68static int map_addr(struct sk_buff *skb, unsigned int dataoff, 67static int sip_sprintf_addr(const struct nf_conn *ct, char *buffer,
68 const union nf_inet_addr *addr, bool delim)
69{
70 if (nf_ct_l3num(ct) == NFPROTO_IPV4)
71 return sprintf(buffer, "%pI4", &addr->ip);
72 else {
73 if (delim)
74 return sprintf(buffer, "[%pI6c]", &addr->ip6);
75 else
76 return sprintf(buffer, "%pI6c", &addr->ip6);
77 }
78}
79
80static int sip_sprintf_addr_port(const struct nf_conn *ct, char *buffer,
81 const union nf_inet_addr *addr, u16 port)
82{
83 if (nf_ct_l3num(ct) == NFPROTO_IPV4)
84 return sprintf(buffer, "%pI4:%u", &addr->ip, port);
85 else
86 return sprintf(buffer, "[%pI6c]:%u", &addr->ip6, port);
87}
88
89static int map_addr(struct sk_buff *skb, unsigned int protoff,
90 unsigned int dataoff,
69 const char **dptr, unsigned int *datalen, 91 const char **dptr, unsigned int *datalen,
70 unsigned int matchoff, unsigned int matchlen, 92 unsigned int matchoff, unsigned int matchlen,
71 union nf_inet_addr *addr, __be16 port) 93 union nf_inet_addr *addr, __be16 port)
@@ -73,32 +95,32 @@ static int map_addr(struct sk_buff *skb, unsigned int dataoff,
73 enum ip_conntrack_info ctinfo; 95 enum ip_conntrack_info ctinfo;
74 struct nf_conn *ct = nf_ct_get(skb, &ctinfo); 96 struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
75 enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo); 97 enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo);
76 char buffer[sizeof("nnn.nnn.nnn.nnn:nnnnn")]; 98 char buffer[INET6_ADDRSTRLEN + sizeof("[]:nnnnn")];
77 unsigned int buflen; 99 unsigned int buflen;
78 __be32 newaddr; 100 union nf_inet_addr newaddr;
79 __be16 newport; 101 __be16 newport;
80 102
81 if (ct->tuplehash[dir].tuple.src.u3.ip == addr->ip && 103 if (nf_inet_addr_cmp(&ct->tuplehash[dir].tuple.src.u3, addr) &&
82 ct->tuplehash[dir].tuple.src.u.udp.port == port) { 104 ct->tuplehash[dir].tuple.src.u.udp.port == port) {
83 newaddr = ct->tuplehash[!dir].tuple.dst.u3.ip; 105 newaddr = ct->tuplehash[!dir].tuple.dst.u3;
84 newport = ct->tuplehash[!dir].tuple.dst.u.udp.port; 106 newport = ct->tuplehash[!dir].tuple.dst.u.udp.port;
85 } else if (ct->tuplehash[dir].tuple.dst.u3.ip == addr->ip && 107 } else if (nf_inet_addr_cmp(&ct->tuplehash[dir].tuple.dst.u3, addr) &&
86 ct->tuplehash[dir].tuple.dst.u.udp.port == port) { 108 ct->tuplehash[dir].tuple.dst.u.udp.port == port) {
87 newaddr = ct->tuplehash[!dir].tuple.src.u3.ip; 109 newaddr = ct->tuplehash[!dir].tuple.src.u3;
88 newport = ct->tuplehash[!dir].tuple.src.u.udp.port; 110 newport = ct->tuplehash[!dir].tuple.src.u.udp.port;
89 } else 111 } else
90 return 1; 112 return 1;
91 113
92 if (newaddr == addr->ip && newport == port) 114 if (nf_inet_addr_cmp(&newaddr, addr) && newport == port)
93 return 1; 115 return 1;
94 116
95 buflen = sprintf(buffer, "%pI4:%u", &newaddr, ntohs(newport)); 117 buflen = sip_sprintf_addr_port(ct, buffer, &newaddr, ntohs(newport));
96 118 return mangle_packet(skb, protoff, dataoff, dptr, datalen,
97 return mangle_packet(skb, dataoff, dptr, datalen, matchoff, matchlen, 119 matchoff, matchlen, buffer, buflen);
98 buffer, buflen);
99} 120}
100 121
101static int map_sip_addr(struct sk_buff *skb, unsigned int dataoff, 122static int map_sip_addr(struct sk_buff *skb, unsigned int protoff,
123 unsigned int dataoff,
102 const char **dptr, unsigned int *datalen, 124 const char **dptr, unsigned int *datalen,
103 enum sip_header_types type) 125 enum sip_header_types type)
104{ 126{
@@ -111,11 +133,12 @@ static int map_sip_addr(struct sk_buff *skb, unsigned int dataoff,
111 if (ct_sip_parse_header_uri(ct, *dptr, NULL, *datalen, type, NULL, 133 if (ct_sip_parse_header_uri(ct, *dptr, NULL, *datalen, type, NULL,
112 &matchoff, &matchlen, &addr, &port) <= 0) 134 &matchoff, &matchlen, &addr, &port) <= 0)
113 return 1; 135 return 1;
114 return map_addr(skb, dataoff, dptr, datalen, matchoff, matchlen, 136 return map_addr(skb, protoff, dataoff, dptr, datalen,
115 &addr, port); 137 matchoff, matchlen, &addr, port);
116} 138}
117 139
118static unsigned int ip_nat_sip(struct sk_buff *skb, unsigned int dataoff, 140static unsigned int nf_nat_sip(struct sk_buff *skb, unsigned int protoff,
141 unsigned int dataoff,
119 const char **dptr, unsigned int *datalen) 142 const char **dptr, unsigned int *datalen)
120{ 143{
121 enum ip_conntrack_info ctinfo; 144 enum ip_conntrack_info ctinfo;
@@ -132,8 +155,8 @@ static unsigned int ip_nat_sip(struct sk_buff *skb, unsigned int dataoff,
132 if (ct_sip_parse_request(ct, *dptr, *datalen, 155 if (ct_sip_parse_request(ct, *dptr, *datalen,
133 &matchoff, &matchlen, 156 &matchoff, &matchlen,
134 &addr, &port) > 0 && 157 &addr, &port) > 0 &&
135 !map_addr(skb, dataoff, dptr, datalen, matchoff, matchlen, 158 !map_addr(skb, protoff, dataoff, dptr, datalen,
136 &addr, port)) 159 matchoff, matchlen, &addr, port))
137 return NF_DROP; 160 return NF_DROP;
138 request = 1; 161 request = 1;
139 } else 162 } else
@@ -149,23 +172,25 @@ static unsigned int ip_nat_sip(struct sk_buff *skb, unsigned int dataoff,
149 hdr, NULL, &matchoff, &matchlen, 172 hdr, NULL, &matchoff, &matchlen,
150 &addr, &port) > 0) { 173 &addr, &port) > 0) {
151 unsigned int olen, matchend, poff, plen, buflen, n; 174 unsigned int olen, matchend, poff, plen, buflen, n;
152 char buffer[sizeof("nnn.nnn.nnn.nnn:nnnnn")]; 175 char buffer[INET6_ADDRSTRLEN + sizeof("[]:nnnnn")];
153 176
154 /* We're only interested in headers related to this 177 /* We're only interested in headers related to this
155 * connection */ 178 * connection */
156 if (request) { 179 if (request) {
157 if (addr.ip != ct->tuplehash[dir].tuple.src.u3.ip || 180 if (!nf_inet_addr_cmp(&addr,
181 &ct->tuplehash[dir].tuple.src.u3) ||
158 port != ct->tuplehash[dir].tuple.src.u.udp.port) 182 port != ct->tuplehash[dir].tuple.src.u.udp.port)
159 goto next; 183 goto next;
160 } else { 184 } else {
161 if (addr.ip != ct->tuplehash[dir].tuple.dst.u3.ip || 185 if (!nf_inet_addr_cmp(&addr,
186 &ct->tuplehash[dir].tuple.dst.u3) ||
162 port != ct->tuplehash[dir].tuple.dst.u.udp.port) 187 port != ct->tuplehash[dir].tuple.dst.u.udp.port)
163 goto next; 188 goto next;
164 } 189 }
165 190
166 olen = *datalen; 191 olen = *datalen;
167 if (!map_addr(skb, dataoff, dptr, datalen, matchoff, matchlen, 192 if (!map_addr(skb, protoff, dataoff, dptr, datalen,
168 &addr, port)) 193 matchoff, matchlen, &addr, port))
169 return NF_DROP; 194 return NF_DROP;
170 195
171 matchend = matchoff + matchlen + *datalen - olen; 196 matchend = matchoff + matchlen + *datalen - olen;
@@ -175,11 +200,12 @@ static unsigned int ip_nat_sip(struct sk_buff *skb, unsigned int dataoff,
175 if (ct_sip_parse_address_param(ct, *dptr, matchend, *datalen, 200 if (ct_sip_parse_address_param(ct, *dptr, matchend, *datalen,
176 "maddr=", &poff, &plen, 201 "maddr=", &poff, &plen,
177 &addr, true) > 0 && 202 &addr, true) > 0 &&
178 addr.ip == ct->tuplehash[dir].tuple.src.u3.ip && 203 nf_inet_addr_cmp(&addr, &ct->tuplehash[dir].tuple.src.u3) &&
179 addr.ip != ct->tuplehash[!dir].tuple.dst.u3.ip) { 204 !nf_inet_addr_cmp(&addr, &ct->tuplehash[!dir].tuple.dst.u3)) {
180 buflen = sprintf(buffer, "%pI4", 205 buflen = sip_sprintf_addr(ct, buffer,
181 &ct->tuplehash[!dir].tuple.dst.u3.ip); 206 &ct->tuplehash[!dir].tuple.dst.u3,
182 if (!mangle_packet(skb, dataoff, dptr, datalen, 207 true);
208 if (!mangle_packet(skb, protoff, dataoff, dptr, datalen,
183 poff, plen, buffer, buflen)) 209 poff, plen, buffer, buflen))
184 return NF_DROP; 210 return NF_DROP;
185 } 211 }
@@ -189,11 +215,12 @@ static unsigned int ip_nat_sip(struct sk_buff *skb, unsigned int dataoff,
189 if (ct_sip_parse_address_param(ct, *dptr, matchend, *datalen, 215 if (ct_sip_parse_address_param(ct, *dptr, matchend, *datalen,
190 "received=", &poff, &plen, 216 "received=", &poff, &plen,
191 &addr, false) > 0 && 217 &addr, false) > 0 &&
192 addr.ip == ct->tuplehash[dir].tuple.dst.u3.ip && 218 nf_inet_addr_cmp(&addr, &ct->tuplehash[dir].tuple.dst.u3) &&
193 addr.ip != ct->tuplehash[!dir].tuple.src.u3.ip) { 219 !nf_inet_addr_cmp(&addr, &ct->tuplehash[!dir].tuple.src.u3)) {
194 buflen = sprintf(buffer, "%pI4", 220 buflen = sip_sprintf_addr(ct, buffer,
195 &ct->tuplehash[!dir].tuple.src.u3.ip); 221 &ct->tuplehash[!dir].tuple.src.u3,
196 if (!mangle_packet(skb, dataoff, dptr, datalen, 222 false);
223 if (!mangle_packet(skb, protoff, dataoff, dptr, datalen,
197 poff, plen, buffer, buflen)) 224 poff, plen, buffer, buflen))
198 return NF_DROP; 225 return NF_DROP;
199 } 226 }
@@ -207,7 +234,7 @@ static unsigned int ip_nat_sip(struct sk_buff *skb, unsigned int dataoff,
207 htons(n) != ct->tuplehash[!dir].tuple.src.u.udp.port) { 234 htons(n) != ct->tuplehash[!dir].tuple.src.u.udp.port) {
208 __be16 p = ct->tuplehash[!dir].tuple.src.u.udp.port; 235 __be16 p = ct->tuplehash[!dir].tuple.src.u.udp.port;
209 buflen = sprintf(buffer, "%u", ntohs(p)); 236 buflen = sprintf(buffer, "%u", ntohs(p));
210 if (!mangle_packet(skb, dataoff, dptr, datalen, 237 if (!mangle_packet(skb, protoff, dataoff, dptr, datalen,
211 poff, plen, buffer, buflen)) 238 poff, plen, buffer, buflen))
212 return NF_DROP; 239 return NF_DROP;
213 } 240 }
@@ -221,19 +248,21 @@ next:
221 SIP_HDR_CONTACT, &in_header, 248 SIP_HDR_CONTACT, &in_header,
222 &matchoff, &matchlen, 249 &matchoff, &matchlen,
223 &addr, &port) > 0) { 250 &addr, &port) > 0) {
224 if (!map_addr(skb, dataoff, dptr, datalen, matchoff, matchlen, 251 if (!map_addr(skb, protoff, dataoff, dptr, datalen,
252 matchoff, matchlen,
225 &addr, port)) 253 &addr, port))
226 return NF_DROP; 254 return NF_DROP;
227 } 255 }
228 256
229 if (!map_sip_addr(skb, dataoff, dptr, datalen, SIP_HDR_FROM) || 257 if (!map_sip_addr(skb, protoff, dataoff, dptr, datalen, SIP_HDR_FROM) ||
230 !map_sip_addr(skb, dataoff, dptr, datalen, SIP_HDR_TO)) 258 !map_sip_addr(skb, protoff, dataoff, dptr, datalen, SIP_HDR_TO))
231 return NF_DROP; 259 return NF_DROP;
232 260
233 return NF_ACCEPT; 261 return NF_ACCEPT;
234} 262}
235 263
236static void ip_nat_sip_seq_adjust(struct sk_buff *skb, s16 off) 264static void nf_nat_sip_seq_adjust(struct sk_buff *skb, unsigned int protoff,
265 s16 off)
237{ 266{
238 enum ip_conntrack_info ctinfo; 267 enum ip_conntrack_info ctinfo;
239 struct nf_conn *ct = nf_ct_get(skb, &ctinfo); 268 struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
@@ -242,37 +271,38 @@ static void ip_nat_sip_seq_adjust(struct sk_buff *skb, s16 off)
242 if (nf_ct_protonum(ct) != IPPROTO_TCP || off == 0) 271 if (nf_ct_protonum(ct) != IPPROTO_TCP || off == 0)
243 return; 272 return;
244 273
245 th = (struct tcphdr *)(skb->data + ip_hdrlen(skb)); 274 th = (struct tcphdr *)(skb->data + protoff);
246 nf_nat_set_seq_adjust(ct, ctinfo, th->seq, off); 275 nf_nat_set_seq_adjust(ct, ctinfo, th->seq, off);
247} 276}
248 277
249/* Handles expected signalling connections and media streams */ 278/* Handles expected signalling connections and media streams */
250static void ip_nat_sip_expected(struct nf_conn *ct, 279static void nf_nat_sip_expected(struct nf_conn *ct,
251 struct nf_conntrack_expect *exp) 280 struct nf_conntrack_expect *exp)
252{ 281{
253 struct nf_nat_ipv4_range range; 282 struct nf_nat_range range;
254 283
255 /* This must be a fresh one. */ 284 /* This must be a fresh one. */
256 BUG_ON(ct->status & IPS_NAT_DONE_MASK); 285 BUG_ON(ct->status & IPS_NAT_DONE_MASK);
257 286
258 /* For DST manip, map port here to where it's expected. */ 287 /* For DST manip, map port here to where it's expected. */
259 range.flags = (NF_NAT_RANGE_MAP_IPS | NF_NAT_RANGE_PROTO_SPECIFIED); 288 range.flags = (NF_NAT_RANGE_MAP_IPS | NF_NAT_RANGE_PROTO_SPECIFIED);
260 range.min = range.max = exp->saved_proto; 289 range.min_proto = range.max_proto = exp->saved_proto;
261 range.min_ip = range.max_ip = exp->saved_ip; 290 range.min_addr = range.max_addr = exp->saved_addr;
262 nf_nat_setup_info(ct, &range, NF_NAT_MANIP_DST); 291 nf_nat_setup_info(ct, &range, NF_NAT_MANIP_DST);
263 292
264 /* Change src to where master sends to, but only if the connection 293 /* Change src to where master sends to, but only if the connection
265 * actually came from the same source. */ 294 * actually came from the same source. */
266 if (ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u3.ip == 295 if (nf_inet_addr_cmp(&ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u3,
267 ct->master->tuplehash[exp->dir].tuple.src.u3.ip) { 296 &ct->master->tuplehash[exp->dir].tuple.src.u3)) {
268 range.flags = NF_NAT_RANGE_MAP_IPS; 297 range.flags = NF_NAT_RANGE_MAP_IPS;
269 range.min_ip = range.max_ip 298 range.min_addr = range.max_addr
270 = ct->master->tuplehash[!exp->dir].tuple.dst.u3.ip; 299 = ct->master->tuplehash[!exp->dir].tuple.dst.u3;
271 nf_nat_setup_info(ct, &range, NF_NAT_MANIP_SRC); 300 nf_nat_setup_info(ct, &range, NF_NAT_MANIP_SRC);
272 } 301 }
273} 302}
274 303
275static unsigned int ip_nat_sip_expect(struct sk_buff *skb, unsigned int dataoff, 304static unsigned int nf_nat_sip_expect(struct sk_buff *skb, unsigned int protoff,
305 unsigned int dataoff,
276 const char **dptr, unsigned int *datalen, 306 const char **dptr, unsigned int *datalen,
277 struct nf_conntrack_expect *exp, 307 struct nf_conntrack_expect *exp,
278 unsigned int matchoff, 308 unsigned int matchoff,
@@ -281,16 +311,17 @@ static unsigned int ip_nat_sip_expect(struct sk_buff *skb, unsigned int dataoff,
281 enum ip_conntrack_info ctinfo; 311 enum ip_conntrack_info ctinfo;
282 struct nf_conn *ct = nf_ct_get(skb, &ctinfo); 312 struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
283 enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo); 313 enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo);
284 __be32 newip; 314 union nf_inet_addr newaddr;
285 u_int16_t port; 315 u_int16_t port;
286 char buffer[sizeof("nnn.nnn.nnn.nnn:nnnnn")]; 316 char buffer[INET6_ADDRSTRLEN + sizeof("[]:nnnnn")];
287 unsigned int buflen; 317 unsigned int buflen;
288 318
289 /* Connection will come from reply */ 319 /* Connection will come from reply */
290 if (ct->tuplehash[dir].tuple.src.u3.ip == ct->tuplehash[!dir].tuple.dst.u3.ip) 320 if (nf_inet_addr_cmp(&ct->tuplehash[dir].tuple.src.u3,
291 newip = exp->tuple.dst.u3.ip; 321 &ct->tuplehash[!dir].tuple.dst.u3))
322 newaddr = exp->tuple.dst.u3;
292 else 323 else
293 newip = ct->tuplehash[!dir].tuple.dst.u3.ip; 324 newaddr = ct->tuplehash[!dir].tuple.dst.u3;
294 325
295 /* If the signalling port matches the connection's source port in the 326 /* If the signalling port matches the connection's source port in the
296 * original direction, try to use the destination port in the opposite 327 * original direction, try to use the destination port in the opposite
@@ -301,11 +332,11 @@ static unsigned int ip_nat_sip_expect(struct sk_buff *skb, unsigned int dataoff,
301 else 332 else
302 port = ntohs(exp->tuple.dst.u.udp.port); 333 port = ntohs(exp->tuple.dst.u.udp.port);
303 334
304 exp->saved_ip = exp->tuple.dst.u3.ip; 335 exp->saved_addr = exp->tuple.dst.u3;
305 exp->tuple.dst.u3.ip = newip; 336 exp->tuple.dst.u3 = newaddr;
306 exp->saved_proto.udp.port = exp->tuple.dst.u.udp.port; 337 exp->saved_proto.udp.port = exp->tuple.dst.u.udp.port;
307 exp->dir = !dir; 338 exp->dir = !dir;
308 exp->expectfn = ip_nat_sip_expected; 339 exp->expectfn = nf_nat_sip_expected;
309 340
310 for (; port != 0; port++) { 341 for (; port != 0; port++) {
311 int ret; 342 int ret;
@@ -323,10 +354,10 @@ static unsigned int ip_nat_sip_expect(struct sk_buff *skb, unsigned int dataoff,
323 if (port == 0) 354 if (port == 0)
324 return NF_DROP; 355 return NF_DROP;
325 356
326 if (exp->tuple.dst.u3.ip != exp->saved_ip || 357 if (!nf_inet_addr_cmp(&exp->tuple.dst.u3, &exp->saved_addr) ||
327 exp->tuple.dst.u.udp.port != exp->saved_proto.udp.port) { 358 exp->tuple.dst.u.udp.port != exp->saved_proto.udp.port) {
328 buflen = sprintf(buffer, "%pI4:%u", &newip, port); 359 buflen = sip_sprintf_addr_port(ct, buffer, &newaddr, port);
329 if (!mangle_packet(skb, dataoff, dptr, datalen, 360 if (!mangle_packet(skb, protoff, dataoff, dptr, datalen,
330 matchoff, matchlen, buffer, buflen)) 361 matchoff, matchlen, buffer, buflen))
331 goto err; 362 goto err;
332 } 363 }
@@ -337,7 +368,8 @@ err:
337 return NF_DROP; 368 return NF_DROP;
338} 369}
339 370
340static int mangle_content_len(struct sk_buff *skb, unsigned int dataoff, 371static int mangle_content_len(struct sk_buff *skb, unsigned int protoff,
372 unsigned int dataoff,
341 const char **dptr, unsigned int *datalen) 373 const char **dptr, unsigned int *datalen)
342{ 374{
343 enum ip_conntrack_info ctinfo; 375 enum ip_conntrack_info ctinfo;
@@ -359,11 +391,12 @@ static int mangle_content_len(struct sk_buff *skb, unsigned int dataoff,
359 return 0; 391 return 0;
360 392
361 buflen = sprintf(buffer, "%u", c_len); 393 buflen = sprintf(buffer, "%u", c_len);
362 return mangle_packet(skb, dataoff, dptr, datalen, matchoff, matchlen, 394 return mangle_packet(skb, protoff, dataoff, dptr, datalen,
363 buffer, buflen); 395 matchoff, matchlen, buffer, buflen);
364} 396}
365 397
366static int mangle_sdp_packet(struct sk_buff *skb, unsigned int dataoff, 398static int mangle_sdp_packet(struct sk_buff *skb, unsigned int protoff,
399 unsigned int dataoff,
367 const char **dptr, unsigned int *datalen, 400 const char **dptr, unsigned int *datalen,
368 unsigned int sdpoff, 401 unsigned int sdpoff,
369 enum sdp_header_types type, 402 enum sdp_header_types type,
@@ -377,29 +410,33 @@ static int mangle_sdp_packet(struct sk_buff *skb, unsigned int dataoff,
377 if (ct_sip_get_sdp_header(ct, *dptr, sdpoff, *datalen, type, term, 410 if (ct_sip_get_sdp_header(ct, *dptr, sdpoff, *datalen, type, term,
378 &matchoff, &matchlen) <= 0) 411 &matchoff, &matchlen) <= 0)
379 return -ENOENT; 412 return -ENOENT;
380 return mangle_packet(skb, dataoff, dptr, datalen, matchoff, matchlen, 413 return mangle_packet(skb, protoff, dataoff, dptr, datalen,
381 buffer, buflen) ? 0 : -EINVAL; 414 matchoff, matchlen, buffer, buflen) ? 0 : -EINVAL;
382} 415}
383 416
384static unsigned int ip_nat_sdp_addr(struct sk_buff *skb, unsigned int dataoff, 417static unsigned int nf_nat_sdp_addr(struct sk_buff *skb, unsigned int protoff,
418 unsigned int dataoff,
385 const char **dptr, unsigned int *datalen, 419 const char **dptr, unsigned int *datalen,
386 unsigned int sdpoff, 420 unsigned int sdpoff,
387 enum sdp_header_types type, 421 enum sdp_header_types type,
388 enum sdp_header_types term, 422 enum sdp_header_types term,
389 const union nf_inet_addr *addr) 423 const union nf_inet_addr *addr)
390{ 424{
391 char buffer[sizeof("nnn.nnn.nnn.nnn")]; 425 enum ip_conntrack_info ctinfo;
426 struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
427 char buffer[INET6_ADDRSTRLEN];
392 unsigned int buflen; 428 unsigned int buflen;
393 429
394 buflen = sprintf(buffer, "%pI4", &addr->ip); 430 buflen = sip_sprintf_addr(ct, buffer, addr, false);
395 if (mangle_sdp_packet(skb, dataoff, dptr, datalen, sdpoff, type, term, 431 if (mangle_sdp_packet(skb, protoff, dataoff, dptr, datalen,
396 buffer, buflen)) 432 sdpoff, type, term, buffer, buflen))
397 return 0; 433 return 0;
398 434
399 return mangle_content_len(skb, dataoff, dptr, datalen); 435 return mangle_content_len(skb, protoff, dataoff, dptr, datalen);
400} 436}
401 437
402static unsigned int ip_nat_sdp_port(struct sk_buff *skb, unsigned int dataoff, 438static unsigned int nf_nat_sdp_port(struct sk_buff *skb, unsigned int protoff,
439 unsigned int dataoff,
403 const char **dptr, unsigned int *datalen, 440 const char **dptr, unsigned int *datalen,
404 unsigned int matchoff, 441 unsigned int matchoff,
405 unsigned int matchlen, 442 unsigned int matchlen,
@@ -409,30 +446,32 @@ static unsigned int ip_nat_sdp_port(struct sk_buff *skb, unsigned int dataoff,
409 unsigned int buflen; 446 unsigned int buflen;
410 447
411 buflen = sprintf(buffer, "%u", port); 448 buflen = sprintf(buffer, "%u", port);
412 if (!mangle_packet(skb, dataoff, dptr, datalen, matchoff, matchlen, 449 if (!mangle_packet(skb, protoff, dataoff, dptr, datalen,
413 buffer, buflen)) 450 matchoff, matchlen, buffer, buflen))
414 return 0; 451 return 0;
415 452
416 return mangle_content_len(skb, dataoff, dptr, datalen); 453 return mangle_content_len(skb, protoff, dataoff, dptr, datalen);
417} 454}
418 455
419static unsigned int ip_nat_sdp_session(struct sk_buff *skb, unsigned int dataoff, 456static unsigned int nf_nat_sdp_session(struct sk_buff *skb, unsigned int protoff,
457 unsigned int dataoff,
420 const char **dptr, unsigned int *datalen, 458 const char **dptr, unsigned int *datalen,
421 unsigned int sdpoff, 459 unsigned int sdpoff,
422 const union nf_inet_addr *addr) 460 const union nf_inet_addr *addr)
423{ 461{
424 char buffer[sizeof("nnn.nnn.nnn.nnn")]; 462 enum ip_conntrack_info ctinfo;
463 struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
464 char buffer[INET6_ADDRSTRLEN];
425 unsigned int buflen; 465 unsigned int buflen;
426 466
427 /* Mangle session description owner and contact addresses */ 467 /* Mangle session description owner and contact addresses */
428 buflen = sprintf(buffer, "%pI4", &addr->ip); 468 buflen = sip_sprintf_addr(ct, buffer, addr, false);
429 if (mangle_sdp_packet(skb, dataoff, dptr, datalen, sdpoff, 469 if (mangle_sdp_packet(skb, protoff, dataoff, dptr, datalen, sdpoff,
430 SDP_HDR_OWNER_IP4, SDP_HDR_MEDIA, 470 SDP_HDR_OWNER, SDP_HDR_MEDIA, buffer, buflen))
431 buffer, buflen))
432 return 0; 471 return 0;
433 472
434 switch (mangle_sdp_packet(skb, dataoff, dptr, datalen, sdpoff, 473 switch (mangle_sdp_packet(skb, protoff, dataoff, dptr, datalen, sdpoff,
435 SDP_HDR_CONNECTION_IP4, SDP_HDR_MEDIA, 474 SDP_HDR_CONNECTION, SDP_HDR_MEDIA,
436 buffer, buflen)) { 475 buffer, buflen)) {
437 case 0: 476 case 0:
438 /* 477 /*
@@ -448,12 +487,13 @@ static unsigned int ip_nat_sdp_session(struct sk_buff *skb, unsigned int dataoff
448 return 0; 487 return 0;
449 } 488 }
450 489
451 return mangle_content_len(skb, dataoff, dptr, datalen); 490 return mangle_content_len(skb, protoff, dataoff, dptr, datalen);
452} 491}
453 492
454/* So, this packet has hit the connection tracking matching code. 493/* So, this packet has hit the connection tracking matching code.
455 Mangle it, and change the expectation to match the new version. */ 494 Mangle it, and change the expectation to match the new version. */
456static unsigned int ip_nat_sdp_media(struct sk_buff *skb, unsigned int dataoff, 495static unsigned int nf_nat_sdp_media(struct sk_buff *skb, unsigned int protoff,
496 unsigned int dataoff,
457 const char **dptr, unsigned int *datalen, 497 const char **dptr, unsigned int *datalen,
458 struct nf_conntrack_expect *rtp_exp, 498 struct nf_conntrack_expect *rtp_exp,
459 struct nf_conntrack_expect *rtcp_exp, 499 struct nf_conntrack_expect *rtcp_exp,
@@ -467,23 +507,23 @@ static unsigned int ip_nat_sdp_media(struct sk_buff *skb, unsigned int dataoff,
467 u_int16_t port; 507 u_int16_t port;
468 508
469 /* Connection will come from reply */ 509 /* Connection will come from reply */
470 if (ct->tuplehash[dir].tuple.src.u3.ip == 510 if (nf_inet_addr_cmp(&ct->tuplehash[dir].tuple.src.u3,
471 ct->tuplehash[!dir].tuple.dst.u3.ip) 511 &ct->tuplehash[!dir].tuple.dst.u3))
472 rtp_addr->ip = rtp_exp->tuple.dst.u3.ip; 512 *rtp_addr = rtp_exp->tuple.dst.u3;
473 else 513 else
474 rtp_addr->ip = ct->tuplehash[!dir].tuple.dst.u3.ip; 514 *rtp_addr = ct->tuplehash[!dir].tuple.dst.u3;
475 515
476 rtp_exp->saved_ip = rtp_exp->tuple.dst.u3.ip; 516 rtp_exp->saved_addr = rtp_exp->tuple.dst.u3;
477 rtp_exp->tuple.dst.u3.ip = rtp_addr->ip; 517 rtp_exp->tuple.dst.u3 = *rtp_addr;
478 rtp_exp->saved_proto.udp.port = rtp_exp->tuple.dst.u.udp.port; 518 rtp_exp->saved_proto.udp.port = rtp_exp->tuple.dst.u.udp.port;
479 rtp_exp->dir = !dir; 519 rtp_exp->dir = !dir;
480 rtp_exp->expectfn = ip_nat_sip_expected; 520 rtp_exp->expectfn = nf_nat_sip_expected;
481 521
482 rtcp_exp->saved_ip = rtcp_exp->tuple.dst.u3.ip; 522 rtcp_exp->saved_addr = rtcp_exp->tuple.dst.u3;
483 rtcp_exp->tuple.dst.u3.ip = rtp_addr->ip; 523 rtcp_exp->tuple.dst.u3 = *rtp_addr;
484 rtcp_exp->saved_proto.udp.port = rtcp_exp->tuple.dst.u.udp.port; 524 rtcp_exp->saved_proto.udp.port = rtcp_exp->tuple.dst.u.udp.port;
485 rtcp_exp->dir = !dir; 525 rtcp_exp->dir = !dir;
486 rtcp_exp->expectfn = ip_nat_sip_expected; 526 rtcp_exp->expectfn = nf_nat_sip_expected;
487 527
488 /* Try to get same pair of ports: if not, try to change them. */ 528 /* Try to get same pair of ports: if not, try to change them. */
489 for (port = ntohs(rtp_exp->tuple.dst.u.udp.port); 529 for (port = ntohs(rtp_exp->tuple.dst.u.udp.port);
@@ -517,7 +557,7 @@ static unsigned int ip_nat_sdp_media(struct sk_buff *skb, unsigned int dataoff,
517 557
518 /* Update media port. */ 558 /* Update media port. */
519 if (rtp_exp->tuple.dst.u.udp.port != rtp_exp->saved_proto.udp.port && 559 if (rtp_exp->tuple.dst.u.udp.port != rtp_exp->saved_proto.udp.port &&
520 !ip_nat_sdp_port(skb, dataoff, dptr, datalen, 560 !nf_nat_sdp_port(skb, protoff, dataoff, dptr, datalen,
521 mediaoff, medialen, port)) 561 mediaoff, medialen, port))
522 goto err2; 562 goto err2;
523 563
@@ -531,8 +571,8 @@ err1:
531} 571}
532 572
533static struct nf_ct_helper_expectfn sip_nat = { 573static struct nf_ct_helper_expectfn sip_nat = {
534 .name = "sip", 574 .name = "sip",
535 .expectfn = ip_nat_sip_expected, 575 .expectfn = nf_nat_sip_expected,
536}; 576};
537 577
538static void __exit nf_nat_sip_fini(void) 578static void __exit nf_nat_sip_fini(void)
@@ -557,13 +597,13 @@ static int __init nf_nat_sip_init(void)
557 BUG_ON(nf_nat_sdp_port_hook != NULL); 597 BUG_ON(nf_nat_sdp_port_hook != NULL);
558 BUG_ON(nf_nat_sdp_session_hook != NULL); 598 BUG_ON(nf_nat_sdp_session_hook != NULL);
559 BUG_ON(nf_nat_sdp_media_hook != NULL); 599 BUG_ON(nf_nat_sdp_media_hook != NULL);
560 RCU_INIT_POINTER(nf_nat_sip_hook, ip_nat_sip); 600 RCU_INIT_POINTER(nf_nat_sip_hook, nf_nat_sip);
561 RCU_INIT_POINTER(nf_nat_sip_seq_adjust_hook, ip_nat_sip_seq_adjust); 601 RCU_INIT_POINTER(nf_nat_sip_seq_adjust_hook, nf_nat_sip_seq_adjust);
562 RCU_INIT_POINTER(nf_nat_sip_expect_hook, ip_nat_sip_expect); 602 RCU_INIT_POINTER(nf_nat_sip_expect_hook, nf_nat_sip_expect);
563 RCU_INIT_POINTER(nf_nat_sdp_addr_hook, ip_nat_sdp_addr); 603 RCU_INIT_POINTER(nf_nat_sdp_addr_hook, nf_nat_sdp_addr);
564 RCU_INIT_POINTER(nf_nat_sdp_port_hook, ip_nat_sdp_port); 604 RCU_INIT_POINTER(nf_nat_sdp_port_hook, nf_nat_sdp_port);
565 RCU_INIT_POINTER(nf_nat_sdp_session_hook, ip_nat_sdp_session); 605 RCU_INIT_POINTER(nf_nat_sdp_session_hook, nf_nat_sdp_session);
566 RCU_INIT_POINTER(nf_nat_sdp_media_hook, ip_nat_sdp_media); 606 RCU_INIT_POINTER(nf_nat_sdp_media_hook, nf_nat_sdp_media);
567 nf_ct_helper_expectfn_register(&sip_nat); 607 nf_ct_helper_expectfn_register(&sip_nat);
568 return 0; 608 return 0;
569} 609}
diff --git a/net/ipv4/netfilter/nf_nat_tftp.c b/net/netfilter/nf_nat_tftp.c
index 9dbb8d284f99..ccabbda71a3e 100644
--- a/net/ipv4/netfilter/nf_nat_tftp.c
+++ b/net/netfilter/nf_nat_tftp.c
@@ -11,7 +11,6 @@
11#include <net/netfilter/nf_conntrack_helper.h> 11#include <net/netfilter/nf_conntrack_helper.h>
12#include <net/netfilter/nf_conntrack_expect.h> 12#include <net/netfilter/nf_conntrack_expect.h>
13#include <net/netfilter/nf_nat_helper.h> 13#include <net/netfilter/nf_nat_helper.h>
14#include <net/netfilter/nf_nat_rule.h>
15#include <linux/netfilter/nf_conntrack_tftp.h> 14#include <linux/netfilter/nf_conntrack_tftp.h>
16 15
17MODULE_AUTHOR("Magnus Boden <mb@ozaba.mine.nu>"); 16MODULE_AUTHOR("Magnus Boden <mb@ozaba.mine.nu>");
diff --git a/net/netfilter/nf_queue.c b/net/netfilter/nf_queue.c
index ce60cf0f6c11..8d2cf9ec37a8 100644
--- a/net/netfilter/nf_queue.c
+++ b/net/netfilter/nf_queue.c
@@ -118,7 +118,7 @@ static void nf_queue_entry_release_refs(struct nf_queue_entry *entry)
118 * through nf_reinject(). 118 * through nf_reinject().
119 */ 119 */
120static int __nf_queue(struct sk_buff *skb, 120static int __nf_queue(struct sk_buff *skb,
121 struct list_head *elem, 121 struct nf_hook_ops *elem,
122 u_int8_t pf, unsigned int hook, 122 u_int8_t pf, unsigned int hook,
123 struct net_device *indev, 123 struct net_device *indev,
124 struct net_device *outdev, 124 struct net_device *outdev,
@@ -155,7 +155,7 @@ static int __nf_queue(struct sk_buff *skb,
155 155
156 *entry = (struct nf_queue_entry) { 156 *entry = (struct nf_queue_entry) {
157 .skb = skb, 157 .skb = skb,
158 .elem = list_entry(elem, struct nf_hook_ops, list), 158 .elem = elem,
159 .pf = pf, 159 .pf = pf,
160 .hook = hook, 160 .hook = hook,
161 .indev = indev, 161 .indev = indev,
@@ -225,7 +225,7 @@ static void nf_bridge_adjust_segmented_data(struct sk_buff *skb)
225#endif 225#endif
226 226
227int nf_queue(struct sk_buff *skb, 227int nf_queue(struct sk_buff *skb,
228 struct list_head *elem, 228 struct nf_hook_ops *elem,
229 u_int8_t pf, unsigned int hook, 229 u_int8_t pf, unsigned int hook,
230 struct net_device *indev, 230 struct net_device *indev,
231 struct net_device *outdev, 231 struct net_device *outdev,
@@ -287,7 +287,7 @@ int nf_queue(struct sk_buff *skb,
287void nf_reinject(struct nf_queue_entry *entry, unsigned int verdict) 287void nf_reinject(struct nf_queue_entry *entry, unsigned int verdict)
288{ 288{
289 struct sk_buff *skb = entry->skb; 289 struct sk_buff *skb = entry->skb;
290 struct list_head *elem = &entry->elem->list; 290 struct nf_hook_ops *elem = entry->elem;
291 const struct nf_afinfo *afinfo; 291 const struct nf_afinfo *afinfo;
292 int err; 292 int err;
293 293
@@ -297,7 +297,7 @@ void nf_reinject(struct nf_queue_entry *entry, unsigned int verdict)
297 297
298 /* Continue traversal iff userspace said ok... */ 298 /* Continue traversal iff userspace said ok... */
299 if (verdict == NF_REPEAT) { 299 if (verdict == NF_REPEAT) {
300 elem = elem->prev; 300 elem = list_entry(elem->list.prev, struct nf_hook_ops, list);
301 verdict = NF_ACCEPT; 301 verdict = NF_ACCEPT;
302 } 302 }
303 303
diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c
index a26503342e71..ffb92c03a358 100644
--- a/net/netfilter/nfnetlink.c
+++ b/net/netfilter/nfnetlink.c
@@ -241,7 +241,7 @@ static int __net_init nfnetlink_net_init(struct net *net)
241#endif 241#endif
242 }; 242 };
243 243
244 nfnl = netlink_kernel_create(net, NETLINK_NETFILTER, THIS_MODULE, &cfg); 244 nfnl = netlink_kernel_create(net, NETLINK_NETFILTER, &cfg);
245 if (!nfnl) 245 if (!nfnl)
246 return -ENOMEM; 246 return -ENOMEM;
247 net->nfnl_stash = nfnl; 247 net->nfnl_stash = nfnl;
diff --git a/net/netfilter/nfnetlink_acct.c b/net/netfilter/nfnetlink_acct.c
index b2e7310ca0b8..589d686f0b4c 100644
--- a/net/netfilter/nfnetlink_acct.c
+++ b/net/netfilter/nfnetlink_acct.c
@@ -79,11 +79,11 @@ nfnl_acct_new(struct sock *nfnl, struct sk_buff *skb,
79 79
80 if (tb[NFACCT_BYTES]) { 80 if (tb[NFACCT_BYTES]) {
81 atomic64_set(&nfacct->bytes, 81 atomic64_set(&nfacct->bytes,
82 be64_to_cpu(nla_get_u64(tb[NFACCT_BYTES]))); 82 be64_to_cpu(nla_get_be64(tb[NFACCT_BYTES])));
83 } 83 }
84 if (tb[NFACCT_PKTS]) { 84 if (tb[NFACCT_PKTS]) {
85 atomic64_set(&nfacct->pkts, 85 atomic64_set(&nfacct->pkts,
86 be64_to_cpu(nla_get_u64(tb[NFACCT_PKTS]))); 86 be64_to_cpu(nla_get_be64(tb[NFACCT_PKTS])));
87 } 87 }
88 atomic_set(&nfacct->refcnt, 1); 88 atomic_set(&nfacct->refcnt, 1);
89 list_add_tail_rcu(&nfacct->head, &nfnl_acct_list); 89 list_add_tail_rcu(&nfacct->head, &nfnl_acct_list);
@@ -91,16 +91,16 @@ nfnl_acct_new(struct sock *nfnl, struct sk_buff *skb,
91} 91}
92 92
93static int 93static int
94nfnl_acct_fill_info(struct sk_buff *skb, u32 pid, u32 seq, u32 type, 94nfnl_acct_fill_info(struct sk_buff *skb, u32 portid, u32 seq, u32 type,
95 int event, struct nf_acct *acct) 95 int event, struct nf_acct *acct)
96{ 96{
97 struct nlmsghdr *nlh; 97 struct nlmsghdr *nlh;
98 struct nfgenmsg *nfmsg; 98 struct nfgenmsg *nfmsg;
99 unsigned int flags = pid ? NLM_F_MULTI : 0; 99 unsigned int flags = portid ? NLM_F_MULTI : 0;
100 u64 pkts, bytes; 100 u64 pkts, bytes;
101 101
102 event |= NFNL_SUBSYS_ACCT << 8; 102 event |= NFNL_SUBSYS_ACCT << 8;
103 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*nfmsg), flags); 103 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
104 if (nlh == NULL) 104 if (nlh == NULL)
105 goto nlmsg_failure; 105 goto nlmsg_failure;
106 106
@@ -150,7 +150,7 @@ nfnl_acct_dump(struct sk_buff *skb, struct netlink_callback *cb)
150 if (last && cur != last) 150 if (last && cur != last)
151 continue; 151 continue;
152 152
153 if (nfnl_acct_fill_info(skb, NETLINK_CB(cb->skb).pid, 153 if (nfnl_acct_fill_info(skb, NETLINK_CB(cb->skb).portid,
154 cb->nlh->nlmsg_seq, 154 cb->nlh->nlmsg_seq,
155 NFNL_MSG_TYPE(cb->nlh->nlmsg_type), 155 NFNL_MSG_TYPE(cb->nlh->nlmsg_type),
156 NFNL_MSG_ACCT_NEW, cur) < 0) { 156 NFNL_MSG_ACCT_NEW, cur) < 0) {
@@ -195,7 +195,7 @@ nfnl_acct_get(struct sock *nfnl, struct sk_buff *skb,
195 break; 195 break;
196 } 196 }
197 197
198 ret = nfnl_acct_fill_info(skb2, NETLINK_CB(skb).pid, 198 ret = nfnl_acct_fill_info(skb2, NETLINK_CB(skb).portid,
199 nlh->nlmsg_seq, 199 nlh->nlmsg_seq,
200 NFNL_MSG_TYPE(nlh->nlmsg_type), 200 NFNL_MSG_TYPE(nlh->nlmsg_type),
201 NFNL_MSG_ACCT_NEW, cur); 201 NFNL_MSG_ACCT_NEW, cur);
@@ -203,7 +203,7 @@ nfnl_acct_get(struct sock *nfnl, struct sk_buff *skb,
203 kfree_skb(skb2); 203 kfree_skb(skb2);
204 break; 204 break;
205 } 205 }
206 ret = netlink_unicast(nfnl, skb2, NETLINK_CB(skb).pid, 206 ret = netlink_unicast(nfnl, skb2, NETLINK_CB(skb).portid,
207 MSG_DONTWAIT); 207 MSG_DONTWAIT);
208 if (ret > 0) 208 if (ret > 0)
209 ret = 0; 209 ret = 0;
diff --git a/net/netfilter/nfnetlink_cthelper.c b/net/netfilter/nfnetlink_cthelper.c
index d6836193d479..945950a8b1f1 100644
--- a/net/netfilter/nfnetlink_cthelper.c
+++ b/net/netfilter/nfnetlink_cthelper.c
@@ -74,7 +74,7 @@ nfnl_cthelper_parse_tuple(struct nf_conntrack_tuple *tuple,
74 if (!tb[NFCTH_TUPLE_L3PROTONUM] || !tb[NFCTH_TUPLE_L4PROTONUM]) 74 if (!tb[NFCTH_TUPLE_L3PROTONUM] || !tb[NFCTH_TUPLE_L4PROTONUM])
75 return -EINVAL; 75 return -EINVAL;
76 76
77 tuple->src.l3num = ntohs(nla_get_u16(tb[NFCTH_TUPLE_L3PROTONUM])); 77 tuple->src.l3num = ntohs(nla_get_be16(tb[NFCTH_TUPLE_L3PROTONUM]));
78 tuple->dst.protonum = nla_get_u8(tb[NFCTH_TUPLE_L4PROTONUM]); 78 tuple->dst.protonum = nla_get_u8(tb[NFCTH_TUPLE_L4PROTONUM]);
79 79
80 return 0; 80 return 0;
@@ -85,6 +85,9 @@ nfnl_cthelper_from_nlattr(struct nlattr *attr, struct nf_conn *ct)
85{ 85{
86 const struct nf_conn_help *help = nfct_help(ct); 86 const struct nf_conn_help *help = nfct_help(ct);
87 87
88 if (attr == NULL)
89 return -EINVAL;
90
88 if (help->helper->data_len == 0) 91 if (help->helper->data_len == 0)
89 return -EINVAL; 92 return -EINVAL;
90 93
@@ -395,16 +398,16 @@ nla_put_failure:
395} 398}
396 399
397static int 400static int
398nfnl_cthelper_fill_info(struct sk_buff *skb, u32 pid, u32 seq, u32 type, 401nfnl_cthelper_fill_info(struct sk_buff *skb, u32 portid, u32 seq, u32 type,
399 int event, struct nf_conntrack_helper *helper) 402 int event, struct nf_conntrack_helper *helper)
400{ 403{
401 struct nlmsghdr *nlh; 404 struct nlmsghdr *nlh;
402 struct nfgenmsg *nfmsg; 405 struct nfgenmsg *nfmsg;
403 unsigned int flags = pid ? NLM_F_MULTI : 0; 406 unsigned int flags = portid ? NLM_F_MULTI : 0;
404 int status; 407 int status;
405 408
406 event |= NFNL_SUBSYS_CTHELPER << 8; 409 event |= NFNL_SUBSYS_CTHELPER << 8;
407 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*nfmsg), flags); 410 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
408 if (nlh == NULL) 411 if (nlh == NULL)
409 goto nlmsg_failure; 412 goto nlmsg_failure;
410 413
@@ -468,7 +471,7 @@ restart:
468 cb->args[1] = 0; 471 cb->args[1] = 0;
469 } 472 }
470 if (nfnl_cthelper_fill_info(skb, 473 if (nfnl_cthelper_fill_info(skb,
471 NETLINK_CB(cb->skb).pid, 474 NETLINK_CB(cb->skb).portid,
472 cb->nlh->nlmsg_seq, 475 cb->nlh->nlmsg_seq,
473 NFNL_MSG_TYPE(cb->nlh->nlmsg_type), 476 NFNL_MSG_TYPE(cb->nlh->nlmsg_type),
474 NFNL_MSG_CTHELPER_NEW, cur) < 0) { 477 NFNL_MSG_CTHELPER_NEW, cur) < 0) {
@@ -538,7 +541,7 @@ nfnl_cthelper_get(struct sock *nfnl, struct sk_buff *skb,
538 break; 541 break;
539 } 542 }
540 543
541 ret = nfnl_cthelper_fill_info(skb2, NETLINK_CB(skb).pid, 544 ret = nfnl_cthelper_fill_info(skb2, NETLINK_CB(skb).portid,
542 nlh->nlmsg_seq, 545 nlh->nlmsg_seq,
543 NFNL_MSG_TYPE(nlh->nlmsg_type), 546 NFNL_MSG_TYPE(nlh->nlmsg_type),
544 NFNL_MSG_CTHELPER_NEW, cur); 547 NFNL_MSG_CTHELPER_NEW, cur);
@@ -547,7 +550,7 @@ nfnl_cthelper_get(struct sock *nfnl, struct sk_buff *skb,
547 break; 550 break;
548 } 551 }
549 552
550 ret = netlink_unicast(nfnl, skb2, NETLINK_CB(skb).pid, 553 ret = netlink_unicast(nfnl, skb2, NETLINK_CB(skb).portid,
551 MSG_DONTWAIT); 554 MSG_DONTWAIT);
552 if (ret > 0) 555 if (ret > 0)
553 ret = 0; 556 ret = 0;
diff --git a/net/netfilter/nfnetlink_cttimeout.c b/net/netfilter/nfnetlink_cttimeout.c
index cdecbc8fe965..8847b4d8be06 100644
--- a/net/netfilter/nfnetlink_cttimeout.c
+++ b/net/netfilter/nfnetlink_cttimeout.c
@@ -155,16 +155,16 @@ err_proto_put:
155} 155}
156 156
157static int 157static int
158ctnl_timeout_fill_info(struct sk_buff *skb, u32 pid, u32 seq, u32 type, 158ctnl_timeout_fill_info(struct sk_buff *skb, u32 portid, u32 seq, u32 type,
159 int event, struct ctnl_timeout *timeout) 159 int event, struct ctnl_timeout *timeout)
160{ 160{
161 struct nlmsghdr *nlh; 161 struct nlmsghdr *nlh;
162 struct nfgenmsg *nfmsg; 162 struct nfgenmsg *nfmsg;
163 unsigned int flags = pid ? NLM_F_MULTI : 0; 163 unsigned int flags = portid ? NLM_F_MULTI : 0;
164 struct nf_conntrack_l4proto *l4proto = timeout->l4proto; 164 struct nf_conntrack_l4proto *l4proto = timeout->l4proto;
165 165
166 event |= NFNL_SUBSYS_CTNETLINK_TIMEOUT << 8; 166 event |= NFNL_SUBSYS_CTNETLINK_TIMEOUT << 8;
167 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*nfmsg), flags); 167 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
168 if (nlh == NULL) 168 if (nlh == NULL)
169 goto nlmsg_failure; 169 goto nlmsg_failure;
170 170
@@ -222,7 +222,7 @@ ctnl_timeout_dump(struct sk_buff *skb, struct netlink_callback *cb)
222 if (last && cur != last) 222 if (last && cur != last)
223 continue; 223 continue;
224 224
225 if (ctnl_timeout_fill_info(skb, NETLINK_CB(cb->skb).pid, 225 if (ctnl_timeout_fill_info(skb, NETLINK_CB(cb->skb).portid,
226 cb->nlh->nlmsg_seq, 226 cb->nlh->nlmsg_seq,
227 NFNL_MSG_TYPE(cb->nlh->nlmsg_type), 227 NFNL_MSG_TYPE(cb->nlh->nlmsg_type),
228 IPCTNL_MSG_TIMEOUT_NEW, cur) < 0) { 228 IPCTNL_MSG_TIMEOUT_NEW, cur) < 0) {
@@ -268,7 +268,7 @@ cttimeout_get_timeout(struct sock *ctnl, struct sk_buff *skb,
268 break; 268 break;
269 } 269 }
270 270
271 ret = ctnl_timeout_fill_info(skb2, NETLINK_CB(skb).pid, 271 ret = ctnl_timeout_fill_info(skb2, NETLINK_CB(skb).portid,
272 nlh->nlmsg_seq, 272 nlh->nlmsg_seq,
273 NFNL_MSG_TYPE(nlh->nlmsg_type), 273 NFNL_MSG_TYPE(nlh->nlmsg_type),
274 IPCTNL_MSG_TIMEOUT_NEW, cur); 274 IPCTNL_MSG_TIMEOUT_NEW, cur);
@@ -276,7 +276,7 @@ cttimeout_get_timeout(struct sock *ctnl, struct sk_buff *skb,
276 kfree_skb(skb2); 276 kfree_skb(skb2);
277 break; 277 break;
278 } 278 }
279 ret = netlink_unicast(ctnl, skb2, NETLINK_CB(skb).pid, 279 ret = netlink_unicast(ctnl, skb2, NETLINK_CB(skb).portid,
280 MSG_DONTWAIT); 280 MSG_DONTWAIT);
281 if (ret > 0) 281 if (ret > 0)
282 ret = 0; 282 ret = 0;
diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c
index 8cfc401e197e..9f199f2e31fa 100644
--- a/net/netfilter/nfnetlink_log.c
+++ b/net/netfilter/nfnetlink_log.c
@@ -56,7 +56,7 @@ struct nfulnl_instance {
56 struct sk_buff *skb; /* pre-allocatd skb */ 56 struct sk_buff *skb; /* pre-allocatd skb */
57 struct timer_list timer; 57 struct timer_list timer;
58 struct user_namespace *peer_user_ns; /* User namespace of the peer process */ 58 struct user_namespace *peer_user_ns; /* User namespace of the peer process */
59 int peer_pid; /* PID of the peer process */ 59 int peer_portid; /* PORTID of the peer process */
60 60
61 /* configurable parameters */ 61 /* configurable parameters */
62 unsigned int flushtimeout; /* timeout until queue flush */ 62 unsigned int flushtimeout; /* timeout until queue flush */
@@ -133,7 +133,7 @@ instance_put(struct nfulnl_instance *inst)
133static void nfulnl_timer(unsigned long data); 133static void nfulnl_timer(unsigned long data);
134 134
135static struct nfulnl_instance * 135static struct nfulnl_instance *
136instance_create(u_int16_t group_num, int pid, struct user_namespace *user_ns) 136instance_create(u_int16_t group_num, int portid, struct user_namespace *user_ns)
137{ 137{
138 struct nfulnl_instance *inst; 138 struct nfulnl_instance *inst;
139 int err; 139 int err;
@@ -164,7 +164,7 @@ instance_create(u_int16_t group_num, int pid, struct user_namespace *user_ns)
164 setup_timer(&inst->timer, nfulnl_timer, (unsigned long)inst); 164 setup_timer(&inst->timer, nfulnl_timer, (unsigned long)inst);
165 165
166 inst->peer_user_ns = user_ns; 166 inst->peer_user_ns = user_ns;
167 inst->peer_pid = pid; 167 inst->peer_portid = portid;
168 inst->group_num = group_num; 168 inst->group_num = group_num;
169 169
170 inst->qthreshold = NFULNL_QTHRESH_DEFAULT; 170 inst->qthreshold = NFULNL_QTHRESH_DEFAULT;
@@ -336,7 +336,7 @@ __nfulnl_send(struct nfulnl_instance *inst)
336 if (!nlh) 336 if (!nlh)
337 goto out; 337 goto out;
338 } 338 }
339 status = nfnetlink_unicast(inst->skb, &init_net, inst->peer_pid, 339 status = nfnetlink_unicast(inst->skb, &init_net, inst->peer_portid,
340 MSG_DONTWAIT); 340 MSG_DONTWAIT);
341 341
342 inst->qlen = 0; 342 inst->qlen = 0;
@@ -704,7 +704,7 @@ nfulnl_rcv_nl_event(struct notifier_block *this,
704 if (event == NETLINK_URELEASE && n->protocol == NETLINK_NETFILTER) { 704 if (event == NETLINK_URELEASE && n->protocol == NETLINK_NETFILTER) {
705 int i; 705 int i;
706 706
707 /* destroy all instances for this pid */ 707 /* destroy all instances for this portid */
708 spin_lock_bh(&instances_lock); 708 spin_lock_bh(&instances_lock);
709 for (i = 0; i < INSTANCE_BUCKETS; i++) { 709 for (i = 0; i < INSTANCE_BUCKETS; i++) {
710 struct hlist_node *tmp, *t2; 710 struct hlist_node *tmp, *t2;
@@ -713,7 +713,7 @@ nfulnl_rcv_nl_event(struct notifier_block *this,
713 713
714 hlist_for_each_entry_safe(inst, tmp, t2, head, hlist) { 714 hlist_for_each_entry_safe(inst, tmp, t2, head, hlist) {
715 if ((net_eq(n->net, &init_net)) && 715 if ((net_eq(n->net, &init_net)) &&
716 (n->pid == inst->peer_pid)) 716 (n->portid == inst->peer_portid))
717 __instance_destroy(inst); 717 __instance_destroy(inst);
718 } 718 }
719 } 719 }
@@ -775,7 +775,7 @@ nfulnl_recv_config(struct sock *ctnl, struct sk_buff *skb,
775 } 775 }
776 776
777 inst = instance_lookup_get(group_num); 777 inst = instance_lookup_get(group_num);
778 if (inst && inst->peer_pid != NETLINK_CB(skb).pid) { 778 if (inst && inst->peer_portid != NETLINK_CB(skb).portid) {
779 ret = -EPERM; 779 ret = -EPERM;
780 goto out_put; 780 goto out_put;
781 } 781 }
@@ -789,7 +789,7 @@ nfulnl_recv_config(struct sock *ctnl, struct sk_buff *skb,
789 } 789 }
790 790
791 inst = instance_create(group_num, 791 inst = instance_create(group_num,
792 NETLINK_CB(skb).pid, 792 NETLINK_CB(skb).portid,
793 sk_user_ns(NETLINK_CB(skb).ssk)); 793 sk_user_ns(NETLINK_CB(skb).ssk));
794 if (IS_ERR(inst)) { 794 if (IS_ERR(inst)) {
795 ret = PTR_ERR(inst); 795 ret = PTR_ERR(inst);
@@ -948,7 +948,7 @@ static int seq_show(struct seq_file *s, void *v)
948 948
949 return seq_printf(s, "%5d %6d %5d %1d %5d %6d %2d\n", 949 return seq_printf(s, "%5d %6d %5d %1d %5d %6d %2d\n",
950 inst->group_num, 950 inst->group_num,
951 inst->peer_pid, inst->qlen, 951 inst->peer_portid, inst->qlen,
952 inst->copy_mode, inst->copy_range, 952 inst->copy_mode, inst->copy_range,
953 inst->flushtimeout, atomic_read(&inst->use)); 953 inst->flushtimeout, atomic_read(&inst->use));
954} 954}
diff --git a/net/netfilter/nfnetlink_queue_core.c b/net/netfilter/nfnetlink_queue_core.c
index c0496a55ad0c..e12d44e75b21 100644
--- a/net/netfilter/nfnetlink_queue_core.c
+++ b/net/netfilter/nfnetlink_queue_core.c
@@ -44,7 +44,7 @@ struct nfqnl_instance {
44 struct hlist_node hlist; /* global list of queues */ 44 struct hlist_node hlist; /* global list of queues */
45 struct rcu_head rcu; 45 struct rcu_head rcu;
46 46
47 int peer_pid; 47 int peer_portid;
48 unsigned int queue_maxlen; 48 unsigned int queue_maxlen;
49 unsigned int copy_range; 49 unsigned int copy_range;
50 unsigned int queue_dropped; 50 unsigned int queue_dropped;
@@ -92,7 +92,7 @@ instance_lookup(u_int16_t queue_num)
92} 92}
93 93
94static struct nfqnl_instance * 94static struct nfqnl_instance *
95instance_create(u_int16_t queue_num, int pid) 95instance_create(u_int16_t queue_num, int portid)
96{ 96{
97 struct nfqnl_instance *inst; 97 struct nfqnl_instance *inst;
98 unsigned int h; 98 unsigned int h;
@@ -111,7 +111,7 @@ instance_create(u_int16_t queue_num, int pid)
111 } 111 }
112 112
113 inst->queue_num = queue_num; 113 inst->queue_num = queue_num;
114 inst->peer_pid = pid; 114 inst->peer_portid = portid;
115 inst->queue_maxlen = NFQNL_QMAX_DEFAULT; 115 inst->queue_maxlen = NFQNL_QMAX_DEFAULT;
116 inst->copy_range = 0xfffff; 116 inst->copy_range = 0xfffff;
117 inst->copy_mode = NFQNL_COPY_NONE; 117 inst->copy_mode = NFQNL_COPY_NONE;
@@ -225,7 +225,7 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
225{ 225{
226 sk_buff_data_t old_tail; 226 sk_buff_data_t old_tail;
227 size_t size; 227 size_t size;
228 size_t data_len = 0; 228 size_t data_len = 0, cap_len = 0;
229 struct sk_buff *skb; 229 struct sk_buff *skb;
230 struct nlattr *nla; 230 struct nlattr *nla;
231 struct nfqnl_msg_packet_hdr *pmsg; 231 struct nfqnl_msg_packet_hdr *pmsg;
@@ -247,7 +247,8 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
247#endif 247#endif
248 + nla_total_size(sizeof(u_int32_t)) /* mark */ 248 + nla_total_size(sizeof(u_int32_t)) /* mark */
249 + nla_total_size(sizeof(struct nfqnl_msg_packet_hw)) 249 + nla_total_size(sizeof(struct nfqnl_msg_packet_hw))
250 + nla_total_size(sizeof(struct nfqnl_msg_packet_timestamp)); 250 + nla_total_size(sizeof(struct nfqnl_msg_packet_timestamp)
251 + nla_total_size(sizeof(u_int32_t))); /* cap_len */
251 252
252 outdev = entry->outdev; 253 outdev = entry->outdev;
253 254
@@ -266,6 +267,7 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
266 data_len = entskb->len; 267 data_len = entskb->len;
267 268
268 size += nla_total_size(data_len); 269 size += nla_total_size(data_len);
270 cap_len = entskb->len;
269 break; 271 break;
270 } 272 }
271 273
@@ -402,12 +404,14 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
402 if (ct && nfqnl_ct_put(skb, ct, ctinfo) < 0) 404 if (ct && nfqnl_ct_put(skb, ct, ctinfo) < 0)
403 goto nla_put_failure; 405 goto nla_put_failure;
404 406
407 if (cap_len > 0 && nla_put_be32(skb, NFQA_CAP_LEN, htonl(cap_len)))
408 goto nla_put_failure;
409
405 nlh->nlmsg_len = skb->tail - old_tail; 410 nlh->nlmsg_len = skb->tail - old_tail;
406 return skb; 411 return skb;
407 412
408nla_put_failure: 413nla_put_failure:
409 if (skb) 414 kfree_skb(skb);
410 kfree_skb(skb);
411 net_err_ratelimited("nf_queue: error creating packet message\n"); 415 net_err_ratelimited("nf_queue: error creating packet message\n");
412 return NULL; 416 return NULL;
413} 417}
@@ -440,7 +444,7 @@ nfqnl_enqueue_packet(struct nf_queue_entry *entry, unsigned int queuenum)
440 } 444 }
441 spin_lock_bh(&queue->lock); 445 spin_lock_bh(&queue->lock);
442 446
443 if (!queue->peer_pid) { 447 if (!queue->peer_portid) {
444 err = -EINVAL; 448 err = -EINVAL;
445 goto err_out_free_nskb; 449 goto err_out_free_nskb;
446 } 450 }
@@ -459,7 +463,7 @@ nfqnl_enqueue_packet(struct nf_queue_entry *entry, unsigned int queuenum)
459 *packet_id_ptr = htonl(entry->id); 463 *packet_id_ptr = htonl(entry->id);
460 464
461 /* nfnetlink_unicast will either free the nskb or add it to a socket */ 465 /* nfnetlink_unicast will either free the nskb or add it to a socket */
462 err = nfnetlink_unicast(nskb, &init_net, queue->peer_pid, MSG_DONTWAIT); 466 err = nfnetlink_unicast(nskb, &init_net, queue->peer_portid, MSG_DONTWAIT);
463 if (err < 0) { 467 if (err < 0) {
464 queue->queue_user_dropped++; 468 queue->queue_user_dropped++;
465 goto err_out_unlock; 469 goto err_out_unlock;
@@ -527,9 +531,13 @@ nfqnl_set_mode(struct nfqnl_instance *queue,
527 531
528 case NFQNL_COPY_PACKET: 532 case NFQNL_COPY_PACKET:
529 queue->copy_mode = mode; 533 queue->copy_mode = mode;
530 /* we're using struct nlattr which has 16bit nla_len */ 534 /* We're using struct nlattr which has 16bit nla_len. Note that
531 if (range > 0xffff) 535 * nla_len includes the header length. Thus, the maximum packet
532 queue->copy_range = 0xffff; 536 * length that we support is 65531 bytes. We send truncated
537 * packets if the specified length is larger than that.
538 */
539 if (range > 0xffff - NLA_HDRLEN)
540 queue->copy_range = 0xffff - NLA_HDRLEN;
533 else 541 else
534 queue->copy_range = range; 542 queue->copy_range = range;
535 break; 543 break;
@@ -616,7 +624,7 @@ nfqnl_rcv_nl_event(struct notifier_block *this,
616 if (event == NETLINK_URELEASE && n->protocol == NETLINK_NETFILTER) { 624 if (event == NETLINK_URELEASE && n->protocol == NETLINK_NETFILTER) {
617 int i; 625 int i;
618 626
619 /* destroy all instances for this pid */ 627 /* destroy all instances for this portid */
620 spin_lock(&instances_lock); 628 spin_lock(&instances_lock);
621 for (i = 0; i < INSTANCE_BUCKETS; i++) { 629 for (i = 0; i < INSTANCE_BUCKETS; i++) {
622 struct hlist_node *tmp, *t2; 630 struct hlist_node *tmp, *t2;
@@ -625,7 +633,7 @@ nfqnl_rcv_nl_event(struct notifier_block *this,
625 633
626 hlist_for_each_entry_safe(inst, tmp, t2, head, hlist) { 634 hlist_for_each_entry_safe(inst, tmp, t2, head, hlist) {
627 if ((n->net == &init_net) && 635 if ((n->net == &init_net) &&
628 (n->pid == inst->peer_pid)) 636 (n->portid == inst->peer_portid))
629 __instance_destroy(inst); 637 __instance_destroy(inst);
630 } 638 }
631 } 639 }
@@ -650,7 +658,7 @@ static const struct nla_policy nfqa_verdict_batch_policy[NFQA_MAX+1] = {
650 [NFQA_MARK] = { .type = NLA_U32 }, 658 [NFQA_MARK] = { .type = NLA_U32 },
651}; 659};
652 660
653static struct nfqnl_instance *verdict_instance_lookup(u16 queue_num, int nlpid) 661static struct nfqnl_instance *verdict_instance_lookup(u16 queue_num, int nlportid)
654{ 662{
655 struct nfqnl_instance *queue; 663 struct nfqnl_instance *queue;
656 664
@@ -658,7 +666,7 @@ static struct nfqnl_instance *verdict_instance_lookup(u16 queue_num, int nlpid)
658 if (!queue) 666 if (!queue)
659 return ERR_PTR(-ENODEV); 667 return ERR_PTR(-ENODEV);
660 668
661 if (queue->peer_pid != nlpid) 669 if (queue->peer_portid != nlportid)
662 return ERR_PTR(-EPERM); 670 return ERR_PTR(-EPERM);
663 671
664 return queue; 672 return queue;
@@ -698,7 +706,7 @@ nfqnl_recv_verdict_batch(struct sock *ctnl, struct sk_buff *skb,
698 LIST_HEAD(batch_list); 706 LIST_HEAD(batch_list);
699 u16 queue_num = ntohs(nfmsg->res_id); 707 u16 queue_num = ntohs(nfmsg->res_id);
700 708
701 queue = verdict_instance_lookup(queue_num, NETLINK_CB(skb).pid); 709 queue = verdict_instance_lookup(queue_num, NETLINK_CB(skb).portid);
702 if (IS_ERR(queue)) 710 if (IS_ERR(queue))
703 return PTR_ERR(queue); 711 return PTR_ERR(queue);
704 712
@@ -749,7 +757,7 @@ nfqnl_recv_verdict(struct sock *ctnl, struct sk_buff *skb,
749 queue = instance_lookup(queue_num); 757 queue = instance_lookup(queue_num);
750 if (!queue) 758 if (!queue)
751 759
752 queue = verdict_instance_lookup(queue_num, NETLINK_CB(skb).pid); 760 queue = verdict_instance_lookup(queue_num, NETLINK_CB(skb).portid);
753 if (IS_ERR(queue)) 761 if (IS_ERR(queue))
754 return PTR_ERR(queue); 762 return PTR_ERR(queue);
755 763
@@ -832,7 +840,7 @@ nfqnl_recv_config(struct sock *ctnl, struct sk_buff *skb,
832 840
833 rcu_read_lock(); 841 rcu_read_lock();
834 queue = instance_lookup(queue_num); 842 queue = instance_lookup(queue_num);
835 if (queue && queue->peer_pid != NETLINK_CB(skb).pid) { 843 if (queue && queue->peer_portid != NETLINK_CB(skb).portid) {
836 ret = -EPERM; 844 ret = -EPERM;
837 goto err_out_unlock; 845 goto err_out_unlock;
838 } 846 }
@@ -844,7 +852,7 @@ nfqnl_recv_config(struct sock *ctnl, struct sk_buff *skb,
844 ret = -EBUSY; 852 ret = -EBUSY;
845 goto err_out_unlock; 853 goto err_out_unlock;
846 } 854 }
847 queue = instance_create(queue_num, NETLINK_CB(skb).pid); 855 queue = instance_create(queue_num, NETLINK_CB(skb).portid);
848 if (IS_ERR(queue)) { 856 if (IS_ERR(queue)) {
849 ret = PTR_ERR(queue); 857 ret = PTR_ERR(queue);
850 goto err_out_unlock; 858 goto err_out_unlock;
@@ -1016,7 +1024,7 @@ static int seq_show(struct seq_file *s, void *v)
1016 1024
1017 return seq_printf(s, "%5d %6d %5d %1d %5d %5d %5d %8d %2d\n", 1025 return seq_printf(s, "%5d %6d %5d %1d %5d %5d %5d %8d %2d\n",
1018 inst->queue_num, 1026 inst->queue_num,
1019 inst->peer_pid, inst->queue_total, 1027 inst->peer_portid, inst->queue_total,
1020 inst->copy_mode, inst->copy_range, 1028 inst->copy_mode, inst->copy_range,
1021 inst->queue_dropped, inst->queue_user_dropped, 1029 inst->queue_dropped, inst->queue_user_dropped,
1022 inst->id_sequence, 1); 1030 inst->id_sequence, 1);
diff --git a/net/netfilter/xt_CT.c b/net/netfilter/xt_CT.c
index 116018560c60..16c712563860 100644
--- a/net/netfilter/xt_CT.c
+++ b/net/netfilter/xt_CT.c
@@ -72,14 +72,44 @@ static u8 xt_ct_find_proto(const struct xt_tgchk_param *par)
72 return 0; 72 return 0;
73} 73}
74 74
75static int
76xt_ct_set_helper(struct nf_conn *ct, const char *helper_name,
77 const struct xt_tgchk_param *par)
78{
79 struct nf_conntrack_helper *helper;
80 struct nf_conn_help *help;
81 u8 proto;
82
83 proto = xt_ct_find_proto(par);
84 if (!proto) {
85 pr_info("You must specify a L4 protocol, and not use "
86 "inversions on it.\n");
87 return -ENOENT;
88 }
89
90 helper = nf_conntrack_helper_try_module_get(helper_name, par->family,
91 proto);
92 if (helper == NULL) {
93 pr_info("No such helper \"%s\"\n", helper_name);
94 return -ENOENT;
95 }
96
97 help = nf_ct_helper_ext_add(ct, helper, GFP_KERNEL);
98 if (help == NULL) {
99 module_put(helper->me);
100 return -ENOMEM;
101 }
102
103 help->helper = helper;
104 return 0;
105}
106
75static int xt_ct_tg_check_v0(const struct xt_tgchk_param *par) 107static int xt_ct_tg_check_v0(const struct xt_tgchk_param *par)
76{ 108{
77 struct xt_ct_target_info *info = par->targinfo; 109 struct xt_ct_target_info *info = par->targinfo;
78 struct nf_conntrack_tuple t; 110 struct nf_conntrack_tuple t;
79 struct nf_conn_help *help;
80 struct nf_conn *ct; 111 struct nf_conn *ct;
81 int ret = 0; 112 int ret;
82 u8 proto;
83 113
84 if (info->flags & ~XT_CT_NOTRACK) 114 if (info->flags & ~XT_CT_NOTRACK)
85 return -EINVAL; 115 return -EINVAL;
@@ -112,31 +142,9 @@ static int xt_ct_tg_check_v0(const struct xt_tgchk_param *par)
112 goto err3; 142 goto err3;
113 143
114 if (info->helper[0]) { 144 if (info->helper[0]) {
115 struct nf_conntrack_helper *helper; 145 ret = xt_ct_set_helper(ct, info->helper, par);
116 146 if (ret < 0)
117 ret = -ENOENT;
118 proto = xt_ct_find_proto(par);
119 if (!proto) {
120 pr_info("You must specify a L4 protocol, "
121 "and not use inversions on it.\n");
122 goto err3;
123 }
124
125 ret = -ENOENT;
126 helper = nf_conntrack_helper_try_module_get(info->helper,
127 par->family,
128 proto);
129 if (helper == NULL) {
130 pr_info("No such helper \"%s\"\n", info->helper);
131 goto err3;
132 }
133
134 ret = -ENOMEM;
135 help = nf_ct_helper_ext_add(ct, helper, GFP_KERNEL);
136 if (help == NULL)
137 goto err3; 147 goto err3;
138
139 help->helper = helper;
140 } 148 }
141 149
142 __set_bit(IPS_TEMPLATE_BIT, &ct->status); 150 __set_bit(IPS_TEMPLATE_BIT, &ct->status);
@@ -164,17 +172,77 @@ static void __xt_ct_tg_timeout_put(struct ctnl_timeout *timeout)
164} 172}
165#endif 173#endif
166 174
175static int
176xt_ct_set_timeout(struct nf_conn *ct, const struct xt_tgchk_param *par,
177 const char *timeout_name)
178{
179#ifdef CONFIG_NF_CONNTRACK_TIMEOUT
180 typeof(nf_ct_timeout_find_get_hook) timeout_find_get;
181 struct ctnl_timeout *timeout;
182 struct nf_conn_timeout *timeout_ext;
183 const struct ipt_entry *e = par->entryinfo;
184 struct nf_conntrack_l4proto *l4proto;
185 int ret = 0;
186
187 rcu_read_lock();
188 timeout_find_get = rcu_dereference(nf_ct_timeout_find_get_hook);
189 if (timeout_find_get == NULL) {
190 ret = -ENOENT;
191 pr_info("Timeout policy base is empty\n");
192 goto out;
193 }
194
195 if (e->ip.invflags & IPT_INV_PROTO) {
196 ret = -EINVAL;
197 pr_info("You cannot use inversion on L4 protocol\n");
198 goto out;
199 }
200
201 timeout = timeout_find_get(timeout_name);
202 if (timeout == NULL) {
203 ret = -ENOENT;
204 pr_info("No such timeout policy \"%s\"\n", timeout_name);
205 goto out;
206 }
207
208 if (timeout->l3num != par->family) {
209 ret = -EINVAL;
210 pr_info("Timeout policy `%s' can only be used by L3 protocol "
211 "number %d\n", timeout_name, timeout->l3num);
212 goto err_put_timeout;
213 }
214 /* Make sure the timeout policy matches any existing protocol tracker,
215 * otherwise default to generic.
216 */
217 l4proto = __nf_ct_l4proto_find(par->family, e->ip.proto);
218 if (timeout->l4proto->l4proto != l4proto->l4proto) {
219 ret = -EINVAL;
220 pr_info("Timeout policy `%s' can only be used by L4 protocol "
221 "number %d\n",
222 timeout_name, timeout->l4proto->l4proto);
223 goto err_put_timeout;
224 }
225 timeout_ext = nf_ct_timeout_ext_add(ct, timeout, GFP_ATOMIC);
226 if (timeout_ext == NULL)
227 ret = -ENOMEM;
228
229err_put_timeout:
230 __xt_ct_tg_timeout_put(timeout);
231out:
232 rcu_read_unlock();
233 return ret;
234#else
235 return -EOPNOTSUPP;
236#endif
237}
238
167static int xt_ct_tg_check_v1(const struct xt_tgchk_param *par) 239static int xt_ct_tg_check_v1(const struct xt_tgchk_param *par)
168{ 240{
169 struct xt_ct_target_info_v1 *info = par->targinfo; 241 struct xt_ct_target_info_v1 *info = par->targinfo;
170 struct nf_conntrack_tuple t; 242 struct nf_conntrack_tuple t;
171 struct nf_conn_help *help;
172 struct nf_conn *ct; 243 struct nf_conn *ct;
173 int ret = 0; 244 int ret;
174 u8 proto; 245
175#ifdef CONFIG_NF_CONNTRACK_TIMEOUT
176 struct ctnl_timeout *timeout;
177#endif
178 if (info->flags & ~XT_CT_NOTRACK) 246 if (info->flags & ~XT_CT_NOTRACK)
179 return -EINVAL; 247 return -EINVAL;
180 248
@@ -206,93 +274,16 @@ static int xt_ct_tg_check_v1(const struct xt_tgchk_param *par)
206 goto err3; 274 goto err3;
207 275
208 if (info->helper[0]) { 276 if (info->helper[0]) {
209 struct nf_conntrack_helper *helper; 277 ret = xt_ct_set_helper(ct, info->helper, par);
210 278 if (ret < 0)
211 ret = -ENOENT;
212 proto = xt_ct_find_proto(par);
213 if (!proto) {
214 pr_info("You must specify a L4 protocol, "
215 "and not use inversions on it.\n");
216 goto err3;
217 }
218
219 ret = -ENOENT;
220 helper = nf_conntrack_helper_try_module_get(info->helper,
221 par->family,
222 proto);
223 if (helper == NULL) {
224 pr_info("No such helper \"%s\"\n", info->helper);
225 goto err3;
226 }
227
228 ret = -ENOMEM;
229 help = nf_ct_helper_ext_add(ct, helper, GFP_KERNEL);
230 if (help == NULL)
231 goto err3; 279 goto err3;
232
233 help->helper = helper;
234 } 280 }
235 281
236#ifdef CONFIG_NF_CONNTRACK_TIMEOUT
237 if (info->timeout[0]) { 282 if (info->timeout[0]) {
238 typeof(nf_ct_timeout_find_get_hook) timeout_find_get; 283 ret = xt_ct_set_timeout(ct, par, info->timeout);
239 struct nf_conn_timeout *timeout_ext; 284 if (ret < 0)
240 285 goto err3;
241 rcu_read_lock();
242 timeout_find_get =
243 rcu_dereference(nf_ct_timeout_find_get_hook);
244
245 if (timeout_find_get) {
246 const struct ipt_entry *e = par->entryinfo;
247 struct nf_conntrack_l4proto *l4proto;
248
249 if (e->ip.invflags & IPT_INV_PROTO) {
250 ret = -EINVAL;
251 pr_info("You cannot use inversion on "
252 "L4 protocol\n");
253 goto err4;
254 }
255 timeout = timeout_find_get(info->timeout);
256 if (timeout == NULL) {
257 ret = -ENOENT;
258 pr_info("No such timeout policy \"%s\"\n",
259 info->timeout);
260 goto err4;
261 }
262 if (timeout->l3num != par->family) {
263 ret = -EINVAL;
264 pr_info("Timeout policy `%s' can only be "
265 "used by L3 protocol number %d\n",
266 info->timeout, timeout->l3num);
267 goto err5;
268 }
269 /* Make sure the timeout policy matches any existing
270 * protocol tracker, otherwise default to generic.
271 */
272 l4proto = __nf_ct_l4proto_find(par->family,
273 e->ip.proto);
274 if (timeout->l4proto->l4proto != l4proto->l4proto) {
275 ret = -EINVAL;
276 pr_info("Timeout policy `%s' can only be "
277 "used by L4 protocol number %d\n",
278 info->timeout,
279 timeout->l4proto->l4proto);
280 goto err5;
281 }
282 timeout_ext = nf_ct_timeout_ext_add(ct, timeout,
283 GFP_ATOMIC);
284 if (timeout_ext == NULL) {
285 ret = -ENOMEM;
286 goto err5;
287 }
288 } else {
289 ret = -ENOENT;
290 pr_info("Timeout policy base is empty\n");
291 goto err4;
292 }
293 rcu_read_unlock();
294 } 286 }
295#endif
296 287
297 __set_bit(IPS_TEMPLATE_BIT, &ct->status); 288 __set_bit(IPS_TEMPLATE_BIT, &ct->status);
298 __set_bit(IPS_CONFIRMED_BIT, &ct->status); 289 __set_bit(IPS_CONFIRMED_BIT, &ct->status);
@@ -300,12 +291,6 @@ out:
300 info->ct = ct; 291 info->ct = ct;
301 return 0; 292 return 0;
302 293
303#ifdef CONFIG_NF_CONNTRACK_TIMEOUT
304err5:
305 __xt_ct_tg_timeout_put(timeout);
306err4:
307 rcu_read_unlock();
308#endif
309err3: 294err3:
310 nf_conntrack_free(ct); 295 nf_conntrack_free(ct);
311err2: 296err2:
@@ -330,15 +315,30 @@ static void xt_ct_tg_destroy_v0(const struct xt_tgdtor_param *par)
330 nf_ct_put(info->ct); 315 nf_ct_put(info->ct);
331} 316}
332 317
333static void xt_ct_tg_destroy_v1(const struct xt_tgdtor_param *par) 318static void xt_ct_destroy_timeout(struct nf_conn *ct)
334{ 319{
335 struct xt_ct_target_info_v1 *info = par->targinfo;
336 struct nf_conn *ct = info->ct;
337 struct nf_conn_help *help;
338#ifdef CONFIG_NF_CONNTRACK_TIMEOUT 320#ifdef CONFIG_NF_CONNTRACK_TIMEOUT
339 struct nf_conn_timeout *timeout_ext; 321 struct nf_conn_timeout *timeout_ext;
340 typeof(nf_ct_timeout_put_hook) timeout_put; 322 typeof(nf_ct_timeout_put_hook) timeout_put;
323
324 rcu_read_lock();
325 timeout_put = rcu_dereference(nf_ct_timeout_put_hook);
326
327 if (timeout_put) {
328 timeout_ext = nf_ct_timeout_find(ct);
329 if (timeout_ext)
330 timeout_put(timeout_ext->timeout);
331 }
332 rcu_read_unlock();
341#endif 333#endif
334}
335
336static void xt_ct_tg_destroy_v1(const struct xt_tgdtor_param *par)
337{
338 struct xt_ct_target_info_v1 *info = par->targinfo;
339 struct nf_conn *ct = info->ct;
340 struct nf_conn_help *help;
341
342 if (!nf_ct_is_untracked(ct)) { 342 if (!nf_ct_is_untracked(ct)) {
343 help = nfct_help(ct); 343 help = nfct_help(ct);
344 if (help) 344 if (help)
@@ -346,17 +346,7 @@ static void xt_ct_tg_destroy_v1(const struct xt_tgdtor_param *par)
346 346
347 nf_ct_l3proto_module_put(par->family); 347 nf_ct_l3proto_module_put(par->family);
348 348
349#ifdef CONFIG_NF_CONNTRACK_TIMEOUT 349 xt_ct_destroy_timeout(ct);
350 rcu_read_lock();
351 timeout_put = rcu_dereference(nf_ct_timeout_put_hook);
352
353 if (timeout_put) {
354 timeout_ext = nf_ct_timeout_find(ct);
355 if (timeout_ext)
356 timeout_put(timeout_ext->timeout);
357 }
358 rcu_read_unlock();
359#endif
360 } 350 }
361 nf_ct_put(info->ct); 351 nf_ct_put(info->ct);
362} 352}
diff --git a/net/netfilter/xt_NETMAP.c b/net/netfilter/xt_NETMAP.c
new file mode 100644
index 000000000000..b253e07cb1c5
--- /dev/null
+++ b/net/netfilter/xt_NETMAP.c
@@ -0,0 +1,165 @@
1/*
2 * (C) 2000-2001 Svenning Soerensen <svenning@post5.tele.dk>
3 * Copyright (c) 2011 Patrick McHardy <kaber@trash.net>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#include <linux/ip.h>
11#include <linux/kernel.h>
12#include <linux/module.h>
13#include <linux/netdevice.h>
14#include <linux/ipv6.h>
15#include <linux/netfilter.h>
16#include <linux/netfilter_ipv4.h>
17#include <linux/netfilter_ipv6.h>
18#include <linux/netfilter/x_tables.h>
19#include <net/netfilter/nf_nat.h>
20
21static unsigned int
22netmap_tg6(struct sk_buff *skb, const struct xt_action_param *par)
23{
24 const struct nf_nat_range *range = par->targinfo;
25 struct nf_nat_range newrange;
26 struct nf_conn *ct;
27 enum ip_conntrack_info ctinfo;
28 union nf_inet_addr new_addr, netmask;
29 unsigned int i;
30
31 ct = nf_ct_get(skb, &ctinfo);
32 for (i = 0; i < ARRAY_SIZE(range->min_addr.ip6); i++)
33 netmask.ip6[i] = ~(range->min_addr.ip6[i] ^
34 range->max_addr.ip6[i]);
35
36 if (par->hooknum == NF_INET_PRE_ROUTING ||
37 par->hooknum == NF_INET_LOCAL_OUT)
38 new_addr.in6 = ipv6_hdr(skb)->daddr;
39 else
40 new_addr.in6 = ipv6_hdr(skb)->saddr;
41
42 for (i = 0; i < ARRAY_SIZE(new_addr.ip6); i++) {
43 new_addr.ip6[i] &= ~netmask.ip6[i];
44 new_addr.ip6[i] |= range->min_addr.ip6[i] &
45 netmask.ip6[i];
46 }
47
48 newrange.flags = range->flags | NF_NAT_RANGE_MAP_IPS;
49 newrange.min_addr = new_addr;
50 newrange.max_addr = new_addr;
51 newrange.min_proto = range->min_proto;
52 newrange.max_proto = range->max_proto;
53
54 return nf_nat_setup_info(ct, &newrange, HOOK2MANIP(par->hooknum));
55}
56
57static int netmap_tg6_checkentry(const struct xt_tgchk_param *par)
58{
59 const struct nf_nat_range *range = par->targinfo;
60
61 if (!(range->flags & NF_NAT_RANGE_MAP_IPS))
62 return -EINVAL;
63 return 0;
64}
65
66static unsigned int
67netmap_tg4(struct sk_buff *skb, const struct xt_action_param *par)
68{
69 struct nf_conn *ct;
70 enum ip_conntrack_info ctinfo;
71 __be32 new_ip, netmask;
72 const struct nf_nat_ipv4_multi_range_compat *mr = par->targinfo;
73 struct nf_nat_range newrange;
74
75 NF_CT_ASSERT(par->hooknum == NF_INET_PRE_ROUTING ||
76 par->hooknum == NF_INET_POST_ROUTING ||
77 par->hooknum == NF_INET_LOCAL_OUT ||
78 par->hooknum == NF_INET_LOCAL_IN);
79 ct = nf_ct_get(skb, &ctinfo);
80
81 netmask = ~(mr->range[0].min_ip ^ mr->range[0].max_ip);
82
83 if (par->hooknum == NF_INET_PRE_ROUTING ||
84 par->hooknum == NF_INET_LOCAL_OUT)
85 new_ip = ip_hdr(skb)->daddr & ~netmask;
86 else
87 new_ip = ip_hdr(skb)->saddr & ~netmask;
88 new_ip |= mr->range[0].min_ip & netmask;
89
90 memset(&newrange.min_addr, 0, sizeof(newrange.min_addr));
91 memset(&newrange.max_addr, 0, sizeof(newrange.max_addr));
92 newrange.flags = mr->range[0].flags | NF_NAT_RANGE_MAP_IPS;
93 newrange.min_addr.ip = new_ip;
94 newrange.max_addr.ip = new_ip;
95 newrange.min_proto = mr->range[0].min;
96 newrange.max_proto = mr->range[0].max;
97
98 /* Hand modified range to generic setup. */
99 return nf_nat_setup_info(ct, &newrange, HOOK2MANIP(par->hooknum));
100}
101
102static int netmap_tg4_check(const struct xt_tgchk_param *par)
103{
104 const struct nf_nat_ipv4_multi_range_compat *mr = par->targinfo;
105
106 if (!(mr->range[0].flags & NF_NAT_RANGE_MAP_IPS)) {
107 pr_debug("bad MAP_IPS.\n");
108 return -EINVAL;
109 }
110 if (mr->rangesize != 1) {
111 pr_debug("bad rangesize %u.\n", mr->rangesize);
112 return -EINVAL;
113 }
114 return 0;
115}
116
117static struct xt_target netmap_tg_reg[] __read_mostly = {
118 {
119 .name = "NETMAP",
120 .family = NFPROTO_IPV6,
121 .revision = 0,
122 .target = netmap_tg6,
123 .targetsize = sizeof(struct nf_nat_range),
124 .table = "nat",
125 .hooks = (1 << NF_INET_PRE_ROUTING) |
126 (1 << NF_INET_POST_ROUTING) |
127 (1 << NF_INET_LOCAL_OUT) |
128 (1 << NF_INET_LOCAL_IN),
129 .checkentry = netmap_tg6_checkentry,
130 .me = THIS_MODULE,
131 },
132 {
133 .name = "NETMAP",
134 .family = NFPROTO_IPV4,
135 .revision = 0,
136 .target = netmap_tg4,
137 .targetsize = sizeof(struct nf_nat_ipv4_multi_range_compat),
138 .table = "nat",
139 .hooks = (1 << NF_INET_PRE_ROUTING) |
140 (1 << NF_INET_POST_ROUTING) |
141 (1 << NF_INET_LOCAL_OUT) |
142 (1 << NF_INET_LOCAL_IN),
143 .checkentry = netmap_tg4_check,
144 .me = THIS_MODULE,
145 },
146};
147
148static int __init netmap_tg_init(void)
149{
150 return xt_register_targets(netmap_tg_reg, ARRAY_SIZE(netmap_tg_reg));
151}
152
153static void netmap_tg_exit(void)
154{
155 xt_unregister_targets(netmap_tg_reg, ARRAY_SIZE(netmap_tg_reg));
156}
157
158module_init(netmap_tg_init);
159module_exit(netmap_tg_exit);
160
161MODULE_LICENSE("GPL");
162MODULE_DESCRIPTION("Xtables: 1:1 NAT mapping of subnets");
163MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");
164MODULE_ALIAS("ip6t_NETMAP");
165MODULE_ALIAS("ipt_NETMAP");
diff --git a/net/netfilter/xt_NFQUEUE.c b/net/netfilter/xt_NFQUEUE.c
index 7babe7d68716..817f9e9f2b16 100644
--- a/net/netfilter/xt_NFQUEUE.c
+++ b/net/netfilter/xt_NFQUEUE.c
@@ -43,7 +43,7 @@ static u32 hash_v4(const struct sk_buff *skb)
43 const struct iphdr *iph = ip_hdr(skb); 43 const struct iphdr *iph = ip_hdr(skb);
44 44
45 /* packets in either direction go into same queue */ 45 /* packets in either direction go into same queue */
46 if (iph->saddr < iph->daddr) 46 if ((__force u32)iph->saddr < (__force u32)iph->daddr)
47 return jhash_3words((__force u32)iph->saddr, 47 return jhash_3words((__force u32)iph->saddr,
48 (__force u32)iph->daddr, iph->protocol, jhash_initval); 48 (__force u32)iph->daddr, iph->protocol, jhash_initval);
49 49
@@ -57,7 +57,8 @@ static u32 hash_v6(const struct sk_buff *skb)
57 const struct ipv6hdr *ip6h = ipv6_hdr(skb); 57 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
58 u32 a, b, c; 58 u32 a, b, c;
59 59
60 if (ip6h->saddr.s6_addr32[3] < ip6h->daddr.s6_addr32[3]) { 60 if ((__force u32)ip6h->saddr.s6_addr32[3] <
61 (__force u32)ip6h->daddr.s6_addr32[3]) {
61 a = (__force u32) ip6h->saddr.s6_addr32[3]; 62 a = (__force u32) ip6h->saddr.s6_addr32[3];
62 b = (__force u32) ip6h->daddr.s6_addr32[3]; 63 b = (__force u32) ip6h->daddr.s6_addr32[3];
63 } else { 64 } else {
@@ -65,7 +66,8 @@ static u32 hash_v6(const struct sk_buff *skb)
65 a = (__force u32) ip6h->daddr.s6_addr32[3]; 66 a = (__force u32) ip6h->daddr.s6_addr32[3];
66 } 67 }
67 68
68 if (ip6h->saddr.s6_addr32[1] < ip6h->daddr.s6_addr32[1]) 69 if ((__force u32)ip6h->saddr.s6_addr32[1] <
70 (__force u32)ip6h->daddr.s6_addr32[1])
69 c = (__force u32) ip6h->saddr.s6_addr32[1]; 71 c = (__force u32) ip6h->saddr.s6_addr32[1];
70 else 72 else
71 c = (__force u32) ip6h->daddr.s6_addr32[1]; 73 c = (__force u32) ip6h->daddr.s6_addr32[1];
diff --git a/net/netfilter/xt_NOTRACK.c b/net/netfilter/xt_NOTRACK.c
deleted file mode 100644
index 9d782181b6c8..000000000000
--- a/net/netfilter/xt_NOTRACK.c
+++ /dev/null
@@ -1,53 +0,0 @@
1/* This is a module which is used for setting up fake conntracks
2 * on packets so that they are not seen by the conntrack/NAT code.
3 */
4#include <linux/module.h>
5#include <linux/skbuff.h>
6
7#include <linux/netfilter/x_tables.h>
8#include <net/netfilter/nf_conntrack.h>
9
10MODULE_DESCRIPTION("Xtables: Disabling connection tracking for packets");
11MODULE_LICENSE("GPL");
12MODULE_ALIAS("ipt_NOTRACK");
13MODULE_ALIAS("ip6t_NOTRACK");
14
15static unsigned int
16notrack_tg(struct sk_buff *skb, const struct xt_action_param *par)
17{
18 /* Previously seen (loopback)? Ignore. */
19 if (skb->nfct != NULL)
20 return XT_CONTINUE;
21
22 /* Attach fake conntrack entry.
23 If there is a real ct entry correspondig to this packet,
24 it'll hang aroun till timing out. We don't deal with it
25 for performance reasons. JK */
26 skb->nfct = &nf_ct_untracked_get()->ct_general;
27 skb->nfctinfo = IP_CT_NEW;
28 nf_conntrack_get(skb->nfct);
29
30 return XT_CONTINUE;
31}
32
33static struct xt_target notrack_tg_reg __read_mostly = {
34 .name = "NOTRACK",
35 .revision = 0,
36 .family = NFPROTO_UNSPEC,
37 .target = notrack_tg,
38 .table = "raw",
39 .me = THIS_MODULE,
40};
41
42static int __init notrack_tg_init(void)
43{
44 return xt_register_target(&notrack_tg_reg);
45}
46
47static void __exit notrack_tg_exit(void)
48{
49 xt_unregister_target(&notrack_tg_reg);
50}
51
52module_init(notrack_tg_init);
53module_exit(notrack_tg_exit);
diff --git a/net/netfilter/xt_REDIRECT.c b/net/netfilter/xt_REDIRECT.c
new file mode 100644
index 000000000000..22a10309297c
--- /dev/null
+++ b/net/netfilter/xt_REDIRECT.c
@@ -0,0 +1,190 @@
1/*
2 * (C) 1999-2001 Paul `Rusty' Russell
3 * (C) 2002-2006 Netfilter Core Team <coreteam@netfilter.org>
4 * Copyright (c) 2011 Patrick McHardy <kaber@trash.net>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 *
10 * Based on Rusty Russell's IPv4 REDIRECT target. Development of IPv6
11 * NAT funded by Astaro.
12 */
13
14#include <linux/if.h>
15#include <linux/inetdevice.h>
16#include <linux/ip.h>
17#include <linux/kernel.h>
18#include <linux/module.h>
19#include <linux/netdevice.h>
20#include <linux/netfilter.h>
21#include <linux/types.h>
22#include <linux/netfilter_ipv4.h>
23#include <linux/netfilter_ipv6.h>
24#include <linux/netfilter/x_tables.h>
25#include <net/addrconf.h>
26#include <net/checksum.h>
27#include <net/protocol.h>
28#include <net/netfilter/nf_nat.h>
29
30static const struct in6_addr loopback_addr = IN6ADDR_LOOPBACK_INIT;
31
32static unsigned int
33redirect_tg6(struct sk_buff *skb, const struct xt_action_param *par)
34{
35 const struct nf_nat_range *range = par->targinfo;
36 struct nf_nat_range newrange;
37 struct in6_addr newdst;
38 enum ip_conntrack_info ctinfo;
39 struct nf_conn *ct;
40
41 ct = nf_ct_get(skb, &ctinfo);
42 if (par->hooknum == NF_INET_LOCAL_OUT)
43 newdst = loopback_addr;
44 else {
45 struct inet6_dev *idev;
46 struct inet6_ifaddr *ifa;
47 bool addr = false;
48
49 rcu_read_lock();
50 idev = __in6_dev_get(skb->dev);
51 if (idev != NULL) {
52 list_for_each_entry(ifa, &idev->addr_list, if_list) {
53 newdst = ifa->addr;
54 addr = true;
55 break;
56 }
57 }
58 rcu_read_unlock();
59
60 if (!addr)
61 return NF_DROP;
62 }
63
64 newrange.flags = range->flags | NF_NAT_RANGE_MAP_IPS;
65 newrange.min_addr.in6 = newdst;
66 newrange.max_addr.in6 = newdst;
67 newrange.min_proto = range->min_proto;
68 newrange.max_proto = range->max_proto;
69
70 return nf_nat_setup_info(ct, &newrange, NF_NAT_MANIP_DST);
71}
72
73static int redirect_tg6_checkentry(const struct xt_tgchk_param *par)
74{
75 const struct nf_nat_range *range = par->targinfo;
76
77 if (range->flags & NF_NAT_RANGE_MAP_IPS)
78 return -EINVAL;
79 return 0;
80}
81
82/* FIXME: Take multiple ranges --RR */
83static int redirect_tg4_check(const struct xt_tgchk_param *par)
84{
85 const struct nf_nat_ipv4_multi_range_compat *mr = par->targinfo;
86
87 if (mr->range[0].flags & NF_NAT_RANGE_MAP_IPS) {
88 pr_debug("bad MAP_IPS.\n");
89 return -EINVAL;
90 }
91 if (mr->rangesize != 1) {
92 pr_debug("bad rangesize %u.\n", mr->rangesize);
93 return -EINVAL;
94 }
95 return 0;
96}
97
98static unsigned int
99redirect_tg4(struct sk_buff *skb, const struct xt_action_param *par)
100{
101 struct nf_conn *ct;
102 enum ip_conntrack_info ctinfo;
103 __be32 newdst;
104 const struct nf_nat_ipv4_multi_range_compat *mr = par->targinfo;
105 struct nf_nat_range newrange;
106
107 NF_CT_ASSERT(par->hooknum == NF_INET_PRE_ROUTING ||
108 par->hooknum == NF_INET_LOCAL_OUT);
109
110 ct = nf_ct_get(skb, &ctinfo);
111 NF_CT_ASSERT(ct && (ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED));
112
113 /* Local packets: make them go to loopback */
114 if (par->hooknum == NF_INET_LOCAL_OUT)
115 newdst = htonl(0x7F000001);
116 else {
117 struct in_device *indev;
118 struct in_ifaddr *ifa;
119
120 newdst = 0;
121
122 rcu_read_lock();
123 indev = __in_dev_get_rcu(skb->dev);
124 if (indev && (ifa = indev->ifa_list))
125 newdst = ifa->ifa_local;
126 rcu_read_unlock();
127
128 if (!newdst)
129 return NF_DROP;
130 }
131
132 /* Transfer from original range. */
133 memset(&newrange.min_addr, 0, sizeof(newrange.min_addr));
134 memset(&newrange.max_addr, 0, sizeof(newrange.max_addr));
135 newrange.flags = mr->range[0].flags | NF_NAT_RANGE_MAP_IPS;
136 newrange.min_addr.ip = newdst;
137 newrange.max_addr.ip = newdst;
138 newrange.min_proto = mr->range[0].min;
139 newrange.max_proto = mr->range[0].max;
140
141 /* Hand modified range to generic setup. */
142 return nf_nat_setup_info(ct, &newrange, NF_NAT_MANIP_DST);
143}
144
145static struct xt_target redirect_tg_reg[] __read_mostly = {
146 {
147 .name = "REDIRECT",
148 .family = NFPROTO_IPV6,
149 .revision = 0,
150 .table = "nat",
151 .checkentry = redirect_tg6_checkentry,
152 .target = redirect_tg6,
153 .targetsize = sizeof(struct nf_nat_range),
154 .hooks = (1 << NF_INET_PRE_ROUTING) |
155 (1 << NF_INET_LOCAL_OUT),
156 .me = THIS_MODULE,
157 },
158 {
159 .name = "REDIRECT",
160 .family = NFPROTO_IPV4,
161 .revision = 0,
162 .table = "nat",
163 .target = redirect_tg4,
164 .checkentry = redirect_tg4_check,
165 .targetsize = sizeof(struct nf_nat_ipv4_multi_range_compat),
166 .hooks = (1 << NF_INET_PRE_ROUTING) |
167 (1 << NF_INET_LOCAL_OUT),
168 .me = THIS_MODULE,
169 },
170};
171
172static int __init redirect_tg_init(void)
173{
174 return xt_register_targets(redirect_tg_reg,
175 ARRAY_SIZE(redirect_tg_reg));
176}
177
178static void __exit redirect_tg_exit(void)
179{
180 xt_unregister_targets(redirect_tg_reg, ARRAY_SIZE(redirect_tg_reg));
181}
182
183module_init(redirect_tg_init);
184module_exit(redirect_tg_exit);
185
186MODULE_LICENSE("GPL");
187MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");
188MODULE_DESCRIPTION("Xtables: Connection redirection to localhost");
189MODULE_ALIAS("ip6t_REDIRECT");
190MODULE_ALIAS("ipt_REDIRECT");
diff --git a/net/netfilter/xt_nat.c b/net/netfilter/xt_nat.c
new file mode 100644
index 000000000000..81aafa8e4fef
--- /dev/null
+++ b/net/netfilter/xt_nat.c
@@ -0,0 +1,170 @@
1/*
2 * (C) 1999-2001 Paul `Rusty' Russell
3 * (C) 2002-2006 Netfilter Core Team <coreteam@netfilter.org>
4 * (C) 2011 Patrick McHardy <kaber@trash.net>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 */
10
11#include <linux/module.h>
12#include <linux/skbuff.h>
13#include <linux/netfilter.h>
14#include <linux/netfilter/x_tables.h>
15#include <net/netfilter/nf_nat_core.h>
16
17static int xt_nat_checkentry_v0(const struct xt_tgchk_param *par)
18{
19 const struct nf_nat_ipv4_multi_range_compat *mr = par->targinfo;
20
21 if (mr->rangesize != 1) {
22 pr_info("%s: multiple ranges no longer supported\n",
23 par->target->name);
24 return -EINVAL;
25 }
26 return 0;
27}
28
29static void xt_nat_convert_range(struct nf_nat_range *dst,
30 const struct nf_nat_ipv4_range *src)
31{
32 memset(&dst->min_addr, 0, sizeof(dst->min_addr));
33 memset(&dst->max_addr, 0, sizeof(dst->max_addr));
34
35 dst->flags = src->flags;
36 dst->min_addr.ip = src->min_ip;
37 dst->max_addr.ip = src->max_ip;
38 dst->min_proto = src->min;
39 dst->max_proto = src->max;
40}
41
42static unsigned int
43xt_snat_target_v0(struct sk_buff *skb, const struct xt_action_param *par)
44{
45 const struct nf_nat_ipv4_multi_range_compat *mr = par->targinfo;
46 struct nf_nat_range range;
47 enum ip_conntrack_info ctinfo;
48 struct nf_conn *ct;
49
50 ct = nf_ct_get(skb, &ctinfo);
51 NF_CT_ASSERT(ct != NULL &&
52 (ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED ||
53 ctinfo == IP_CT_RELATED_REPLY));
54
55 xt_nat_convert_range(&range, &mr->range[0]);
56 return nf_nat_setup_info(ct, &range, NF_NAT_MANIP_SRC);
57}
58
59static unsigned int
60xt_dnat_target_v0(struct sk_buff *skb, const struct xt_action_param *par)
61{
62 const struct nf_nat_ipv4_multi_range_compat *mr = par->targinfo;
63 struct nf_nat_range range;
64 enum ip_conntrack_info ctinfo;
65 struct nf_conn *ct;
66
67 ct = nf_ct_get(skb, &ctinfo);
68 NF_CT_ASSERT(ct != NULL &&
69 (ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED));
70
71 xt_nat_convert_range(&range, &mr->range[0]);
72 return nf_nat_setup_info(ct, &range, NF_NAT_MANIP_DST);
73}
74
75static unsigned int
76xt_snat_target_v1(struct sk_buff *skb, const struct xt_action_param *par)
77{
78 const struct nf_nat_range *range = par->targinfo;
79 enum ip_conntrack_info ctinfo;
80 struct nf_conn *ct;
81
82 ct = nf_ct_get(skb, &ctinfo);
83 NF_CT_ASSERT(ct != NULL &&
84 (ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED ||
85 ctinfo == IP_CT_RELATED_REPLY));
86
87 return nf_nat_setup_info(ct, range, NF_NAT_MANIP_SRC);
88}
89
90static unsigned int
91xt_dnat_target_v1(struct sk_buff *skb, const struct xt_action_param *par)
92{
93 const struct nf_nat_range *range = par->targinfo;
94 enum ip_conntrack_info ctinfo;
95 struct nf_conn *ct;
96
97 ct = nf_ct_get(skb, &ctinfo);
98 NF_CT_ASSERT(ct != NULL &&
99 (ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED));
100
101 return nf_nat_setup_info(ct, range, NF_NAT_MANIP_DST);
102}
103
104static struct xt_target xt_nat_target_reg[] __read_mostly = {
105 {
106 .name = "SNAT",
107 .revision = 0,
108 .checkentry = xt_nat_checkentry_v0,
109 .target = xt_snat_target_v0,
110 .targetsize = sizeof(struct nf_nat_ipv4_multi_range_compat),
111 .family = NFPROTO_IPV4,
112 .table = "nat",
113 .hooks = (1 << NF_INET_POST_ROUTING) |
114 (1 << NF_INET_LOCAL_OUT),
115 .me = THIS_MODULE,
116 },
117 {
118 .name = "DNAT",
119 .revision = 0,
120 .checkentry = xt_nat_checkentry_v0,
121 .target = xt_dnat_target_v0,
122 .targetsize = sizeof(struct nf_nat_ipv4_multi_range_compat),
123 .family = NFPROTO_IPV4,
124 .table = "nat",
125 .hooks = (1 << NF_INET_PRE_ROUTING) |
126 (1 << NF_INET_LOCAL_IN),
127 .me = THIS_MODULE,
128 },
129 {
130 .name = "SNAT",
131 .revision = 1,
132 .target = xt_snat_target_v1,
133 .targetsize = sizeof(struct nf_nat_range),
134 .table = "nat",
135 .hooks = (1 << NF_INET_POST_ROUTING) |
136 (1 << NF_INET_LOCAL_OUT),
137 .me = THIS_MODULE,
138 },
139 {
140 .name = "DNAT",
141 .revision = 1,
142 .target = xt_dnat_target_v1,
143 .targetsize = sizeof(struct nf_nat_range),
144 .table = "nat",
145 .hooks = (1 << NF_INET_PRE_ROUTING) |
146 (1 << NF_INET_LOCAL_IN),
147 .me = THIS_MODULE,
148 },
149};
150
151static int __init xt_nat_init(void)
152{
153 return xt_register_targets(xt_nat_target_reg,
154 ARRAY_SIZE(xt_nat_target_reg));
155}
156
157static void __exit xt_nat_exit(void)
158{
159 xt_unregister_targets(xt_nat_target_reg, ARRAY_SIZE(xt_nat_target_reg));
160}
161
162module_init(xt_nat_init);
163module_exit(xt_nat_exit);
164
165MODULE_LICENSE("GPL");
166MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");
167MODULE_ALIAS("ipt_SNAT");
168MODULE_ALIAS("ipt_DNAT");
169MODULE_ALIAS("ip6t_SNAT");
170MODULE_ALIAS("ip6t_DNAT");
diff --git a/net/netfilter/xt_osf.c b/net/netfilter/xt_osf.c
index 846f895cb656..a5e673d32bda 100644
--- a/net/netfilter/xt_osf.c
+++ b/net/netfilter/xt_osf.c
@@ -269,7 +269,7 @@ xt_osf_match_packet(const struct sk_buff *skb, struct xt_action_param *p)
269 mss <<= 8; 269 mss <<= 8;
270 mss |= optp[2]; 270 mss |= optp[2];
271 271
272 mss = ntohs(mss); 272 mss = ntohs((__force __be16)mss);
273 break; 273 break;
274 case OSFOPT_TS: 274 case OSFOPT_TS:
275 loop_cont = 1; 275 loop_cont = 1;
diff --git a/net/netfilter/xt_set.c b/net/netfilter/xt_set.c
index c6f7db720d84..865a9e54f3ad 100644
--- a/net/netfilter/xt_set.c
+++ b/net/netfilter/xt_set.c
@@ -356,6 +356,27 @@ static struct xt_match set_matches[] __read_mostly = {
356 .destroy = set_match_v1_destroy, 356 .destroy = set_match_v1_destroy,
357 .me = THIS_MODULE 357 .me = THIS_MODULE
358 }, 358 },
359 /* --return-nomatch flag support */
360 {
361 .name = "set",
362 .family = NFPROTO_IPV4,
363 .revision = 2,
364 .match = set_match_v1,
365 .matchsize = sizeof(struct xt_set_info_match_v1),
366 .checkentry = set_match_v1_checkentry,
367 .destroy = set_match_v1_destroy,
368 .me = THIS_MODULE
369 },
370 {
371 .name = "set",
372 .family = NFPROTO_IPV6,
373 .revision = 2,
374 .match = set_match_v1,
375 .matchsize = sizeof(struct xt_set_info_match_v1),
376 .checkentry = set_match_v1_checkentry,
377 .destroy = set_match_v1_destroy,
378 .me = THIS_MODULE
379 },
359}; 380};
360 381
361static struct xt_target set_targets[] __read_mostly = { 382static struct xt_target set_targets[] __read_mostly = {
@@ -389,6 +410,7 @@ static struct xt_target set_targets[] __read_mostly = {
389 .destroy = set_target_v1_destroy, 410 .destroy = set_target_v1_destroy,
390 .me = THIS_MODULE 411 .me = THIS_MODULE
391 }, 412 },
413 /* --timeout and --exist flags support */
392 { 414 {
393 .name = "SET", 415 .name = "SET",
394 .revision = 2, 416 .revision = 2,
diff --git a/net/netfilter/xt_socket.c b/net/netfilter/xt_socket.c
index 9ea482d08cf7..63b2bdb59e95 100644
--- a/net/netfilter/xt_socket.c
+++ b/net/netfilter/xt_socket.c
@@ -108,9 +108,9 @@ socket_match(const struct sk_buff *skb, struct xt_action_param *par,
108 const struct iphdr *iph = ip_hdr(skb); 108 const struct iphdr *iph = ip_hdr(skb);
109 struct udphdr _hdr, *hp = NULL; 109 struct udphdr _hdr, *hp = NULL;
110 struct sock *sk; 110 struct sock *sk;
111 __be32 daddr, saddr; 111 __be32 uninitialized_var(daddr), uninitialized_var(saddr);
112 __be16 dport, sport; 112 __be16 uninitialized_var(dport), uninitialized_var(sport);
113 u8 protocol; 113 u8 uninitialized_var(protocol);
114#ifdef XT_SOCKET_HAVE_CONNTRACK 114#ifdef XT_SOCKET_HAVE_CONNTRACK
115 struct nf_conn const *ct; 115 struct nf_conn const *ct;
116 enum ip_conntrack_info ctinfo; 116 enum ip_conntrack_info ctinfo;
@@ -261,9 +261,9 @@ socket_mt6_v1(const struct sk_buff *skb, struct xt_action_param *par)
261 struct ipv6hdr *iph = ipv6_hdr(skb); 261 struct ipv6hdr *iph = ipv6_hdr(skb);
262 struct udphdr _hdr, *hp = NULL; 262 struct udphdr _hdr, *hp = NULL;
263 struct sock *sk; 263 struct sock *sk;
264 struct in6_addr *daddr, *saddr; 264 struct in6_addr *daddr = NULL, *saddr = NULL;
265 __be16 dport, sport; 265 __be16 uninitialized_var(dport), uninitialized_var(sport);
266 int thoff = 0, tproto; 266 int thoff = 0, uninitialized_var(tproto);
267 const struct xt_socket_mtinfo1 *info = (struct xt_socket_mtinfo1 *) par->matchinfo; 267 const struct xt_socket_mtinfo1 *info = (struct xt_socket_mtinfo1 *) par->matchinfo;
268 268
269 tproto = ipv6_find_hdr(skb, &thoff, -1, NULL, NULL); 269 tproto = ipv6_find_hdr(skb, &thoff, -1, NULL, NULL);
diff --git a/net/netfilter/xt_time.c b/net/netfilter/xt_time.c
index c48975ff8ea2..0ae55a36f492 100644
--- a/net/netfilter/xt_time.c
+++ b/net/netfilter/xt_time.c
@@ -42,6 +42,7 @@ static const u_int16_t days_since_leapyear[] = {
42 */ 42 */
43enum { 43enum {
44 DSE_FIRST = 2039, 44 DSE_FIRST = 2039,
45 SECONDS_PER_DAY = 86400,
45}; 46};
46static const u_int16_t days_since_epoch[] = { 47static const u_int16_t days_since_epoch[] = {
47 /* 2039 - 2030 */ 48 /* 2039 - 2030 */
@@ -78,7 +79,7 @@ static inline unsigned int localtime_1(struct xtm *r, time_t time)
78 unsigned int v, w; 79 unsigned int v, w;
79 80
80 /* Each day has 86400s, so finding the hour/minute is actually easy. */ 81 /* Each day has 86400s, so finding the hour/minute is actually easy. */
81 v = time % 86400; 82 v = time % SECONDS_PER_DAY;
82 r->second = v % 60; 83 r->second = v % 60;
83 w = v / 60; 84 w = v / 60;
84 r->minute = w % 60; 85 r->minute = w % 60;
@@ -199,6 +200,18 @@ time_mt(const struct sk_buff *skb, struct xt_action_param *par)
199 if (packet_time < info->daytime_start && 200 if (packet_time < info->daytime_start &&
200 packet_time > info->daytime_stop) 201 packet_time > info->daytime_stop)
201 return false; 202 return false;
203
204 /** if user asked to ignore 'next day', then e.g.
205 * '1 PM Wed, August 1st' should be treated
206 * like 'Tue 1 PM July 31st'.
207 *
208 * This also causes
209 * 'Monday, "23:00 to 01:00", to match for 2 hours, starting
210 * Monday 23:00 to Tuesday 01:00.
211 */
212 if ((info->flags & XT_TIME_CONTIGUOUS) &&
213 packet_time <= info->daytime_stop)
214 stamp -= SECONDS_PER_DAY;
202 } 215 }
203 216
204 localtime_2(&current_time, stamp); 217 localtime_2(&current_time, stamp);
@@ -227,6 +240,15 @@ static int time_mt_check(const struct xt_mtchk_param *par)
227 return -EDOM; 240 return -EDOM;
228 } 241 }
229 242
243 if (info->flags & ~XT_TIME_ALL_FLAGS) {
244 pr_info("unknown flags 0x%x\n", info->flags & ~XT_TIME_ALL_FLAGS);
245 return -EINVAL;
246 }
247
248 if ((info->flags & XT_TIME_CONTIGUOUS) &&
249 info->daytime_start < info->daytime_stop)
250 return -EINVAL;
251
230 return 0; 252 return 0;
231} 253}
232 254
diff --git a/net/netlabel/netlabel_cipso_v4.c b/net/netlabel/netlabel_cipso_v4.c
index 6bf878335d94..c15042f987bd 100644
--- a/net/netlabel/netlabel_cipso_v4.c
+++ b/net/netlabel/netlabel_cipso_v4.c
@@ -627,7 +627,7 @@ static int netlbl_cipsov4_listall_cb(struct cipso_v4_doi *doi_def, void *arg)
627 struct netlbl_cipsov4_doiwalk_arg *cb_arg = arg; 627 struct netlbl_cipsov4_doiwalk_arg *cb_arg = arg;
628 void *data; 628 void *data;
629 629
630 data = genlmsg_put(cb_arg->skb, NETLINK_CB(cb_arg->nl_cb->skb).pid, 630 data = genlmsg_put(cb_arg->skb, NETLINK_CB(cb_arg->nl_cb->skb).portid,
631 cb_arg->seq, &netlbl_cipsov4_gnl_family, 631 cb_arg->seq, &netlbl_cipsov4_gnl_family,
632 NLM_F_MULTI, NLBL_CIPSOV4_C_LISTALL); 632 NLM_F_MULTI, NLBL_CIPSOV4_C_LISTALL);
633 if (data == NULL) 633 if (data == NULL)
diff --git a/net/netlabel/netlabel_mgmt.c b/net/netlabel/netlabel_mgmt.c
index 4809e2e48b02..c5384ffc6146 100644
--- a/net/netlabel/netlabel_mgmt.c
+++ b/net/netlabel/netlabel_mgmt.c
@@ -448,7 +448,7 @@ static int netlbl_mgmt_listall_cb(struct netlbl_dom_map *entry, void *arg)
448 struct netlbl_domhsh_walk_arg *cb_arg = arg; 448 struct netlbl_domhsh_walk_arg *cb_arg = arg;
449 void *data; 449 void *data;
450 450
451 data = genlmsg_put(cb_arg->skb, NETLINK_CB(cb_arg->nl_cb->skb).pid, 451 data = genlmsg_put(cb_arg->skb, NETLINK_CB(cb_arg->nl_cb->skb).portid,
452 cb_arg->seq, &netlbl_mgmt_gnl_family, 452 cb_arg->seq, &netlbl_mgmt_gnl_family,
453 NLM_F_MULTI, NLBL_MGMT_C_LISTALL); 453 NLM_F_MULTI, NLBL_MGMT_C_LISTALL);
454 if (data == NULL) 454 if (data == NULL)
@@ -613,7 +613,7 @@ static int netlbl_mgmt_protocols_cb(struct sk_buff *skb,
613 int ret_val = -ENOMEM; 613 int ret_val = -ENOMEM;
614 void *data; 614 void *data;
615 615
616 data = genlmsg_put(skb, NETLINK_CB(cb->skb).pid, cb->nlh->nlmsg_seq, 616 data = genlmsg_put(skb, NETLINK_CB(cb->skb).portid, cb->nlh->nlmsg_seq,
617 &netlbl_mgmt_gnl_family, NLM_F_MULTI, 617 &netlbl_mgmt_gnl_family, NLM_F_MULTI,
618 NLBL_MGMT_C_PROTOCOLS); 618 NLBL_MGMT_C_PROTOCOLS);
619 if (data == NULL) 619 if (data == NULL)
diff --git a/net/netlabel/netlabel_unlabeled.c b/net/netlabel/netlabel_unlabeled.c
index 729a345c75a4..847d495cd4de 100644
--- a/net/netlabel/netlabel_unlabeled.c
+++ b/net/netlabel/netlabel_unlabeled.c
@@ -1096,7 +1096,7 @@ static int netlbl_unlabel_staticlist_gen(u32 cmd,
1096 char *secctx; 1096 char *secctx;
1097 u32 secctx_len; 1097 u32 secctx_len;
1098 1098
1099 data = genlmsg_put(cb_arg->skb, NETLINK_CB(cb_arg->nl_cb->skb).pid, 1099 data = genlmsg_put(cb_arg->skb, NETLINK_CB(cb_arg->nl_cb->skb).portid,
1100 cb_arg->seq, &netlbl_unlabel_gnl_family, 1100 cb_arg->seq, &netlbl_unlabel_gnl_family,
1101 NLM_F_MULTI, cmd); 1101 NLM_F_MULTI, cmd);
1102 if (data == NULL) 1102 if (data == NULL)
diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
index 382119917166..0f2e3ad69c47 100644
--- a/net/netlink/af_netlink.c
+++ b/net/netlink/af_netlink.c
@@ -67,8 +67,8 @@
67struct netlink_sock { 67struct netlink_sock {
68 /* struct sock has to be the first member of netlink_sock */ 68 /* struct sock has to be the first member of netlink_sock */
69 struct sock sk; 69 struct sock sk;
70 u32 pid; 70 u32 portid;
71 u32 dst_pid; 71 u32 dst_portid;
72 u32 dst_group; 72 u32 dst_group;
73 u32 flags; 73 u32 flags;
74 u32 subscriptions; 74 u32 subscriptions;
@@ -104,7 +104,7 @@ static inline int netlink_is_kernel(struct sock *sk)
104 return nlk_sk(sk)->flags & NETLINK_KERNEL_SOCKET; 104 return nlk_sk(sk)->flags & NETLINK_KERNEL_SOCKET;
105} 105}
106 106
107struct nl_pid_hash { 107struct nl_portid_hash {
108 struct hlist_head *table; 108 struct hlist_head *table;
109 unsigned long rehash_time; 109 unsigned long rehash_time;
110 110
@@ -118,10 +118,10 @@ struct nl_pid_hash {
118}; 118};
119 119
120struct netlink_table { 120struct netlink_table {
121 struct nl_pid_hash hash; 121 struct nl_portid_hash hash;
122 struct hlist_head mc_list; 122 struct hlist_head mc_list;
123 struct listeners __rcu *listeners; 123 struct listeners __rcu *listeners;
124 unsigned int nl_nonroot; 124 unsigned int flags;
125 unsigned int groups; 125 unsigned int groups;
126 struct mutex *cb_mutex; 126 struct mutex *cb_mutex;
127 struct module *module; 127 struct module *module;
@@ -145,9 +145,9 @@ static inline u32 netlink_group_mask(u32 group)
145 return group ? 1 << (group - 1) : 0; 145 return group ? 1 << (group - 1) : 0;
146} 146}
147 147
148static inline struct hlist_head *nl_pid_hashfn(struct nl_pid_hash *hash, u32 pid) 148static inline struct hlist_head *nl_portid_hashfn(struct nl_portid_hash *hash, u32 portid)
149{ 149{
150 return &hash->table[jhash_1word(pid, hash->rnd) & hash->mask]; 150 return &hash->table[jhash_1word(portid, hash->rnd) & hash->mask];
151} 151}
152 152
153static void netlink_destroy_callback(struct netlink_callback *cb) 153static void netlink_destroy_callback(struct netlink_callback *cb)
@@ -239,17 +239,17 @@ netlink_unlock_table(void)
239 wake_up(&nl_table_wait); 239 wake_up(&nl_table_wait);
240} 240}
241 241
242static struct sock *netlink_lookup(struct net *net, int protocol, u32 pid) 242static struct sock *netlink_lookup(struct net *net, int protocol, u32 portid)
243{ 243{
244 struct nl_pid_hash *hash = &nl_table[protocol].hash; 244 struct nl_portid_hash *hash = &nl_table[protocol].hash;
245 struct hlist_head *head; 245 struct hlist_head *head;
246 struct sock *sk; 246 struct sock *sk;
247 struct hlist_node *node; 247 struct hlist_node *node;
248 248
249 read_lock(&nl_table_lock); 249 read_lock(&nl_table_lock);
250 head = nl_pid_hashfn(hash, pid); 250 head = nl_portid_hashfn(hash, portid);
251 sk_for_each(sk, node, head) { 251 sk_for_each(sk, node, head) {
252 if (net_eq(sock_net(sk), net) && (nlk_sk(sk)->pid == pid)) { 252 if (net_eq(sock_net(sk), net) && (nlk_sk(sk)->portid == portid)) {
253 sock_hold(sk); 253 sock_hold(sk);
254 goto found; 254 goto found;
255 } 255 }
@@ -260,7 +260,7 @@ found:
260 return sk; 260 return sk;
261} 261}
262 262
263static struct hlist_head *nl_pid_hash_zalloc(size_t size) 263static struct hlist_head *nl_portid_hash_zalloc(size_t size)
264{ 264{
265 if (size <= PAGE_SIZE) 265 if (size <= PAGE_SIZE)
266 return kzalloc(size, GFP_ATOMIC); 266 return kzalloc(size, GFP_ATOMIC);
@@ -270,7 +270,7 @@ static struct hlist_head *nl_pid_hash_zalloc(size_t size)
270 get_order(size)); 270 get_order(size));
271} 271}
272 272
273static void nl_pid_hash_free(struct hlist_head *table, size_t size) 273static void nl_portid_hash_free(struct hlist_head *table, size_t size)
274{ 274{
275 if (size <= PAGE_SIZE) 275 if (size <= PAGE_SIZE)
276 kfree(table); 276 kfree(table);
@@ -278,7 +278,7 @@ static void nl_pid_hash_free(struct hlist_head *table, size_t size)
278 free_pages((unsigned long)table, get_order(size)); 278 free_pages((unsigned long)table, get_order(size));
279} 279}
280 280
281static int nl_pid_hash_rehash(struct nl_pid_hash *hash, int grow) 281static int nl_portid_hash_rehash(struct nl_portid_hash *hash, int grow)
282{ 282{
283 unsigned int omask, mask, shift; 283 unsigned int omask, mask, shift;
284 size_t osize, size; 284 size_t osize, size;
@@ -296,7 +296,7 @@ static int nl_pid_hash_rehash(struct nl_pid_hash *hash, int grow)
296 size *= 2; 296 size *= 2;
297 } 297 }
298 298
299 table = nl_pid_hash_zalloc(size); 299 table = nl_portid_hash_zalloc(size);
300 if (!table) 300 if (!table)
301 return 0; 301 return 0;
302 302
@@ -311,23 +311,23 @@ static int nl_pid_hash_rehash(struct nl_pid_hash *hash, int grow)
311 struct hlist_node *node, *tmp; 311 struct hlist_node *node, *tmp;
312 312
313 sk_for_each_safe(sk, node, tmp, &otable[i]) 313 sk_for_each_safe(sk, node, tmp, &otable[i])
314 __sk_add_node(sk, nl_pid_hashfn(hash, nlk_sk(sk)->pid)); 314 __sk_add_node(sk, nl_portid_hashfn(hash, nlk_sk(sk)->portid));
315 } 315 }
316 316
317 nl_pid_hash_free(otable, osize); 317 nl_portid_hash_free(otable, osize);
318 hash->rehash_time = jiffies + 10 * 60 * HZ; 318 hash->rehash_time = jiffies + 10 * 60 * HZ;
319 return 1; 319 return 1;
320} 320}
321 321
322static inline int nl_pid_hash_dilute(struct nl_pid_hash *hash, int len) 322static inline int nl_portid_hash_dilute(struct nl_portid_hash *hash, int len)
323{ 323{
324 int avg = hash->entries >> hash->shift; 324 int avg = hash->entries >> hash->shift;
325 325
326 if (unlikely(avg > 1) && nl_pid_hash_rehash(hash, 1)) 326 if (unlikely(avg > 1) && nl_portid_hash_rehash(hash, 1))
327 return 1; 327 return 1;
328 328
329 if (unlikely(len > avg) && time_after(jiffies, hash->rehash_time)) { 329 if (unlikely(len > avg) && time_after(jiffies, hash->rehash_time)) {
330 nl_pid_hash_rehash(hash, 0); 330 nl_portid_hash_rehash(hash, 0);
331 return 1; 331 return 1;
332 } 332 }
333 333
@@ -356,9 +356,9 @@ netlink_update_listeners(struct sock *sk)
356 * makes sure updates are visible before bind or setsockopt return. */ 356 * makes sure updates are visible before bind or setsockopt return. */
357} 357}
358 358
359static int netlink_insert(struct sock *sk, struct net *net, u32 pid) 359static int netlink_insert(struct sock *sk, struct net *net, u32 portid)
360{ 360{
361 struct nl_pid_hash *hash = &nl_table[sk->sk_protocol].hash; 361 struct nl_portid_hash *hash = &nl_table[sk->sk_protocol].hash;
362 struct hlist_head *head; 362 struct hlist_head *head;
363 int err = -EADDRINUSE; 363 int err = -EADDRINUSE;
364 struct sock *osk; 364 struct sock *osk;
@@ -366,10 +366,10 @@ static int netlink_insert(struct sock *sk, struct net *net, u32 pid)
366 int len; 366 int len;
367 367
368 netlink_table_grab(); 368 netlink_table_grab();
369 head = nl_pid_hashfn(hash, pid); 369 head = nl_portid_hashfn(hash, portid);
370 len = 0; 370 len = 0;
371 sk_for_each(osk, node, head) { 371 sk_for_each(osk, node, head) {
372 if (net_eq(sock_net(osk), net) && (nlk_sk(osk)->pid == pid)) 372 if (net_eq(sock_net(osk), net) && (nlk_sk(osk)->portid == portid))
373 break; 373 break;
374 len++; 374 len++;
375 } 375 }
@@ -377,17 +377,17 @@ static int netlink_insert(struct sock *sk, struct net *net, u32 pid)
377 goto err; 377 goto err;
378 378
379 err = -EBUSY; 379 err = -EBUSY;
380 if (nlk_sk(sk)->pid) 380 if (nlk_sk(sk)->portid)
381 goto err; 381 goto err;
382 382
383 err = -ENOMEM; 383 err = -ENOMEM;
384 if (BITS_PER_LONG > 32 && unlikely(hash->entries >= UINT_MAX)) 384 if (BITS_PER_LONG > 32 && unlikely(hash->entries >= UINT_MAX))
385 goto err; 385 goto err;
386 386
387 if (len && nl_pid_hash_dilute(hash, len)) 387 if (len && nl_portid_hash_dilute(hash, len))
388 head = nl_pid_hashfn(hash, pid); 388 head = nl_portid_hashfn(hash, portid);
389 hash->entries++; 389 hash->entries++;
390 nlk_sk(sk)->pid = pid; 390 nlk_sk(sk)->portid = portid;
391 sk_add_node(sk, head); 391 sk_add_node(sk, head);
392 err = 0; 392 err = 0;
393 393
@@ -518,11 +518,11 @@ static int netlink_release(struct socket *sock)
518 518
519 skb_queue_purge(&sk->sk_write_queue); 519 skb_queue_purge(&sk->sk_write_queue);
520 520
521 if (nlk->pid) { 521 if (nlk->portid) {
522 struct netlink_notify n = { 522 struct netlink_notify n = {
523 .net = sock_net(sk), 523 .net = sock_net(sk),
524 .protocol = sk->sk_protocol, 524 .protocol = sk->sk_protocol,
525 .pid = nlk->pid, 525 .portid = nlk->portid,
526 }; 526 };
527 atomic_notifier_call_chain(&netlink_chain, 527 atomic_notifier_call_chain(&netlink_chain,
528 NETLINK_URELEASE, &n); 528 NETLINK_URELEASE, &n);
@@ -536,6 +536,8 @@ static int netlink_release(struct socket *sock)
536 if (--nl_table[sk->sk_protocol].registered == 0) { 536 if (--nl_table[sk->sk_protocol].registered == 0) {
537 kfree(nl_table[sk->sk_protocol].listeners); 537 kfree(nl_table[sk->sk_protocol].listeners);
538 nl_table[sk->sk_protocol].module = NULL; 538 nl_table[sk->sk_protocol].module = NULL;
539 nl_table[sk->sk_protocol].bind = NULL;
540 nl_table[sk->sk_protocol].flags = 0;
539 nl_table[sk->sk_protocol].registered = 0; 541 nl_table[sk->sk_protocol].registered = 0;
540 } 542 }
541 } else if (nlk->subscriptions) { 543 } else if (nlk->subscriptions) {
@@ -557,24 +559,24 @@ static int netlink_autobind(struct socket *sock)
557{ 559{
558 struct sock *sk = sock->sk; 560 struct sock *sk = sock->sk;
559 struct net *net = sock_net(sk); 561 struct net *net = sock_net(sk);
560 struct nl_pid_hash *hash = &nl_table[sk->sk_protocol].hash; 562 struct nl_portid_hash *hash = &nl_table[sk->sk_protocol].hash;
561 struct hlist_head *head; 563 struct hlist_head *head;
562 struct sock *osk; 564 struct sock *osk;
563 struct hlist_node *node; 565 struct hlist_node *node;
564 s32 pid = task_tgid_vnr(current); 566 s32 portid = task_tgid_vnr(current);
565 int err; 567 int err;
566 static s32 rover = -4097; 568 static s32 rover = -4097;
567 569
568retry: 570retry:
569 cond_resched(); 571 cond_resched();
570 netlink_table_grab(); 572 netlink_table_grab();
571 head = nl_pid_hashfn(hash, pid); 573 head = nl_portid_hashfn(hash, portid);
572 sk_for_each(osk, node, head) { 574 sk_for_each(osk, node, head) {
573 if (!net_eq(sock_net(osk), net)) 575 if (!net_eq(sock_net(osk), net))
574 continue; 576 continue;
575 if (nlk_sk(osk)->pid == pid) { 577 if (nlk_sk(osk)->portid == portid) {
576 /* Bind collision, search negative pid values. */ 578 /* Bind collision, search negative portid values. */
577 pid = rover--; 579 portid = rover--;
578 if (rover > -4097) 580 if (rover > -4097)
579 rover = -4097; 581 rover = -4097;
580 netlink_table_ungrab(); 582 netlink_table_ungrab();
@@ -583,7 +585,7 @@ retry:
583 } 585 }
584 netlink_table_ungrab(); 586 netlink_table_ungrab();
585 587
586 err = netlink_insert(sk, net, pid); 588 err = netlink_insert(sk, net, portid);
587 if (err == -EADDRINUSE) 589 if (err == -EADDRINUSE)
588 goto retry; 590 goto retry;
589 591
@@ -596,7 +598,7 @@ retry:
596 598
597static inline int netlink_capable(const struct socket *sock, unsigned int flag) 599static inline int netlink_capable(const struct socket *sock, unsigned int flag)
598{ 600{
599 return (nl_table[sock->sk->sk_protocol].nl_nonroot & flag) || 601 return (nl_table[sock->sk->sk_protocol].flags & flag) ||
600 capable(CAP_NET_ADMIN); 602 capable(CAP_NET_ADMIN);
601} 603}
602 604
@@ -659,15 +661,15 @@ static int netlink_bind(struct socket *sock, struct sockaddr *addr,
659 661
660 /* Only superuser is allowed to listen multicasts */ 662 /* Only superuser is allowed to listen multicasts */
661 if (nladdr->nl_groups) { 663 if (nladdr->nl_groups) {
662 if (!netlink_capable(sock, NL_NONROOT_RECV)) 664 if (!netlink_capable(sock, NL_CFG_F_NONROOT_RECV))
663 return -EPERM; 665 return -EPERM;
664 err = netlink_realloc_groups(sk); 666 err = netlink_realloc_groups(sk);
665 if (err) 667 if (err)
666 return err; 668 return err;
667 } 669 }
668 670
669 if (nlk->pid) { 671 if (nlk->portid) {
670 if (nladdr->nl_pid != nlk->pid) 672 if (nladdr->nl_pid != nlk->portid)
671 return -EINVAL; 673 return -EINVAL;
672 } else { 674 } else {
673 err = nladdr->nl_pid ? 675 err = nladdr->nl_pid ?
@@ -713,7 +715,7 @@ static int netlink_connect(struct socket *sock, struct sockaddr *addr,
713 715
714 if (addr->sa_family == AF_UNSPEC) { 716 if (addr->sa_family == AF_UNSPEC) {
715 sk->sk_state = NETLINK_UNCONNECTED; 717 sk->sk_state = NETLINK_UNCONNECTED;
716 nlk->dst_pid = 0; 718 nlk->dst_portid = 0;
717 nlk->dst_group = 0; 719 nlk->dst_group = 0;
718 return 0; 720 return 0;
719 } 721 }
@@ -721,15 +723,15 @@ static int netlink_connect(struct socket *sock, struct sockaddr *addr,
721 return -EINVAL; 723 return -EINVAL;
722 724
723 /* Only superuser is allowed to send multicasts */ 725 /* Only superuser is allowed to send multicasts */
724 if (nladdr->nl_groups && !netlink_capable(sock, NL_NONROOT_SEND)) 726 if (nladdr->nl_groups && !netlink_capable(sock, NL_CFG_F_NONROOT_SEND))
725 return -EPERM; 727 return -EPERM;
726 728
727 if (!nlk->pid) 729 if (!nlk->portid)
728 err = netlink_autobind(sock); 730 err = netlink_autobind(sock);
729 731
730 if (err == 0) { 732 if (err == 0) {
731 sk->sk_state = NETLINK_CONNECTED; 733 sk->sk_state = NETLINK_CONNECTED;
732 nlk->dst_pid = nladdr->nl_pid; 734 nlk->dst_portid = nladdr->nl_pid;
733 nlk->dst_group = ffs(nladdr->nl_groups); 735 nlk->dst_group = ffs(nladdr->nl_groups);
734 } 736 }
735 737
@@ -748,10 +750,10 @@ static int netlink_getname(struct socket *sock, struct sockaddr *addr,
748 *addr_len = sizeof(*nladdr); 750 *addr_len = sizeof(*nladdr);
749 751
750 if (peer) { 752 if (peer) {
751 nladdr->nl_pid = nlk->dst_pid; 753 nladdr->nl_pid = nlk->dst_portid;
752 nladdr->nl_groups = netlink_group_mask(nlk->dst_group); 754 nladdr->nl_groups = netlink_group_mask(nlk->dst_group);
753 } else { 755 } else {
754 nladdr->nl_pid = nlk->pid; 756 nladdr->nl_pid = nlk->portid;
755 nladdr->nl_groups = nlk->groups ? nlk->groups[0] : 0; 757 nladdr->nl_groups = nlk->groups ? nlk->groups[0] : 0;
756 } 758 }
757 return 0; 759 return 0;
@@ -770,19 +772,19 @@ static void netlink_overrun(struct sock *sk)
770 atomic_inc(&sk->sk_drops); 772 atomic_inc(&sk->sk_drops);
771} 773}
772 774
773static struct sock *netlink_getsockbypid(struct sock *ssk, u32 pid) 775static struct sock *netlink_getsockbyportid(struct sock *ssk, u32 portid)
774{ 776{
775 struct sock *sock; 777 struct sock *sock;
776 struct netlink_sock *nlk; 778 struct netlink_sock *nlk;
777 779
778 sock = netlink_lookup(sock_net(ssk), ssk->sk_protocol, pid); 780 sock = netlink_lookup(sock_net(ssk), ssk->sk_protocol, portid);
779 if (!sock) 781 if (!sock)
780 return ERR_PTR(-ECONNREFUSED); 782 return ERR_PTR(-ECONNREFUSED);
781 783
782 /* Don't bother queuing skb if kernel socket has no input function */ 784 /* Don't bother queuing skb if kernel socket has no input function */
783 nlk = nlk_sk(sock); 785 nlk = nlk_sk(sock);
784 if (sock->sk_state == NETLINK_CONNECTED && 786 if (sock->sk_state == NETLINK_CONNECTED &&
785 nlk->dst_pid != nlk_sk(ssk)->pid) { 787 nlk->dst_portid != nlk_sk(ssk)->portid) {
786 sock_put(sock); 788 sock_put(sock);
787 return ERR_PTR(-ECONNREFUSED); 789 return ERR_PTR(-ECONNREFUSED);
788 } 790 }
@@ -933,7 +935,7 @@ static int netlink_unicast_kernel(struct sock *sk, struct sk_buff *skb,
933} 935}
934 936
935int netlink_unicast(struct sock *ssk, struct sk_buff *skb, 937int netlink_unicast(struct sock *ssk, struct sk_buff *skb,
936 u32 pid, int nonblock) 938 u32 portid, int nonblock)
937{ 939{
938 struct sock *sk; 940 struct sock *sk;
939 int err; 941 int err;
@@ -943,7 +945,7 @@ int netlink_unicast(struct sock *ssk, struct sk_buff *skb,
943 945
944 timeo = sock_sndtimeo(ssk, nonblock); 946 timeo = sock_sndtimeo(ssk, nonblock);
945retry: 947retry:
946 sk = netlink_getsockbypid(ssk, pid); 948 sk = netlink_getsockbyportid(ssk, portid);
947 if (IS_ERR(sk)) { 949 if (IS_ERR(sk)) {
948 kfree_skb(skb); 950 kfree_skb(skb);
949 return PTR_ERR(sk); 951 return PTR_ERR(sk);
@@ -1003,7 +1005,7 @@ static int netlink_broadcast_deliver(struct sock *sk, struct sk_buff *skb)
1003struct netlink_broadcast_data { 1005struct netlink_broadcast_data {
1004 struct sock *exclude_sk; 1006 struct sock *exclude_sk;
1005 struct net *net; 1007 struct net *net;
1006 u32 pid; 1008 u32 portid;
1007 u32 group; 1009 u32 group;
1008 int failure; 1010 int failure;
1009 int delivery_failure; 1011 int delivery_failure;
@@ -1024,7 +1026,7 @@ static int do_one_broadcast(struct sock *sk,
1024 if (p->exclude_sk == sk) 1026 if (p->exclude_sk == sk)
1025 goto out; 1027 goto out;
1026 1028
1027 if (nlk->pid == p->pid || p->group - 1 >= nlk->ngroups || 1029 if (nlk->portid == p->portid || p->group - 1 >= nlk->ngroups ||
1028 !test_bit(p->group - 1, nlk->groups)) 1030 !test_bit(p->group - 1, nlk->groups))
1029 goto out; 1031 goto out;
1030 1032
@@ -1076,7 +1078,7 @@ out:
1076 return 0; 1078 return 0;
1077} 1079}
1078 1080
1079int netlink_broadcast_filtered(struct sock *ssk, struct sk_buff *skb, u32 pid, 1081int netlink_broadcast_filtered(struct sock *ssk, struct sk_buff *skb, u32 portid,
1080 u32 group, gfp_t allocation, 1082 u32 group, gfp_t allocation,
1081 int (*filter)(struct sock *dsk, struct sk_buff *skb, void *data), 1083 int (*filter)(struct sock *dsk, struct sk_buff *skb, void *data),
1082 void *filter_data) 1084 void *filter_data)
@@ -1090,7 +1092,7 @@ int netlink_broadcast_filtered(struct sock *ssk, struct sk_buff *skb, u32 pid,
1090 1092
1091 info.exclude_sk = ssk; 1093 info.exclude_sk = ssk;
1092 info.net = net; 1094 info.net = net;
1093 info.pid = pid; 1095 info.portid = portid;
1094 info.group = group; 1096 info.group = group;
1095 info.failure = 0; 1097 info.failure = 0;
1096 info.delivery_failure = 0; 1098 info.delivery_failure = 0;
@@ -1128,17 +1130,17 @@ int netlink_broadcast_filtered(struct sock *ssk, struct sk_buff *skb, u32 pid,
1128} 1130}
1129EXPORT_SYMBOL(netlink_broadcast_filtered); 1131EXPORT_SYMBOL(netlink_broadcast_filtered);
1130 1132
1131int netlink_broadcast(struct sock *ssk, struct sk_buff *skb, u32 pid, 1133int netlink_broadcast(struct sock *ssk, struct sk_buff *skb, u32 portid,
1132 u32 group, gfp_t allocation) 1134 u32 group, gfp_t allocation)
1133{ 1135{
1134 return netlink_broadcast_filtered(ssk, skb, pid, group, allocation, 1136 return netlink_broadcast_filtered(ssk, skb, portid, group, allocation,
1135 NULL, NULL); 1137 NULL, NULL);
1136} 1138}
1137EXPORT_SYMBOL(netlink_broadcast); 1139EXPORT_SYMBOL(netlink_broadcast);
1138 1140
1139struct netlink_set_err_data { 1141struct netlink_set_err_data {
1140 struct sock *exclude_sk; 1142 struct sock *exclude_sk;
1141 u32 pid; 1143 u32 portid;
1142 u32 group; 1144 u32 group;
1143 int code; 1145 int code;
1144}; 1146};
@@ -1154,7 +1156,7 @@ static int do_one_set_err(struct sock *sk, struct netlink_set_err_data *p)
1154 if (!net_eq(sock_net(sk), sock_net(p->exclude_sk))) 1156 if (!net_eq(sock_net(sk), sock_net(p->exclude_sk)))
1155 goto out; 1157 goto out;
1156 1158
1157 if (nlk->pid == p->pid || p->group - 1 >= nlk->ngroups || 1159 if (nlk->portid == p->portid || p->group - 1 >= nlk->ngroups ||
1158 !test_bit(p->group - 1, nlk->groups)) 1160 !test_bit(p->group - 1, nlk->groups))
1159 goto out; 1161 goto out;
1160 1162
@@ -1172,14 +1174,14 @@ out:
1172/** 1174/**
1173 * netlink_set_err - report error to broadcast listeners 1175 * netlink_set_err - report error to broadcast listeners
1174 * @ssk: the kernel netlink socket, as returned by netlink_kernel_create() 1176 * @ssk: the kernel netlink socket, as returned by netlink_kernel_create()
1175 * @pid: the PID of a process that we want to skip (if any) 1177 * @portid: the PORTID of a process that we want to skip (if any)
1176 * @groups: the broadcast group that will notice the error 1178 * @groups: the broadcast group that will notice the error
1177 * @code: error code, must be negative (as usual in kernelspace) 1179 * @code: error code, must be negative (as usual in kernelspace)
1178 * 1180 *
1179 * This function returns the number of broadcast listeners that have set the 1181 * This function returns the number of broadcast listeners that have set the
1180 * NETLINK_RECV_NO_ENOBUFS socket option. 1182 * NETLINK_RECV_NO_ENOBUFS socket option.
1181 */ 1183 */
1182int netlink_set_err(struct sock *ssk, u32 pid, u32 group, int code) 1184int netlink_set_err(struct sock *ssk, u32 portid, u32 group, int code)
1183{ 1185{
1184 struct netlink_set_err_data info; 1186 struct netlink_set_err_data info;
1185 struct hlist_node *node; 1187 struct hlist_node *node;
@@ -1187,7 +1189,7 @@ int netlink_set_err(struct sock *ssk, u32 pid, u32 group, int code)
1187 int ret = 0; 1189 int ret = 0;
1188 1190
1189 info.exclude_sk = ssk; 1191 info.exclude_sk = ssk;
1190 info.pid = pid; 1192 info.portid = portid;
1191 info.group = group; 1193 info.group = group;
1192 /* sk->sk_err wants a positive error value */ 1194 /* sk->sk_err wants a positive error value */
1193 info.code = -code; 1195 info.code = -code;
@@ -1244,7 +1246,7 @@ static int netlink_setsockopt(struct socket *sock, int level, int optname,
1244 break; 1246 break;
1245 case NETLINK_ADD_MEMBERSHIP: 1247 case NETLINK_ADD_MEMBERSHIP:
1246 case NETLINK_DROP_MEMBERSHIP: { 1248 case NETLINK_DROP_MEMBERSHIP: {
1247 if (!netlink_capable(sock, NL_NONROOT_RECV)) 1249 if (!netlink_capable(sock, NL_CFG_F_NONROOT_RECV))
1248 return -EPERM; 1250 return -EPERM;
1249 err = netlink_realloc_groups(sk); 1251 err = netlink_realloc_groups(sk);
1250 if (err) 1252 if (err)
@@ -1352,7 +1354,7 @@ static int netlink_sendmsg(struct kiocb *kiocb, struct socket *sock,
1352 struct sock *sk = sock->sk; 1354 struct sock *sk = sock->sk;
1353 struct netlink_sock *nlk = nlk_sk(sk); 1355 struct netlink_sock *nlk = nlk_sk(sk);
1354 struct sockaddr_nl *addr = msg->msg_name; 1356 struct sockaddr_nl *addr = msg->msg_name;
1355 u32 dst_pid; 1357 u32 dst_portid;
1356 u32 dst_group; 1358 u32 dst_group;
1357 struct sk_buff *skb; 1359 struct sk_buff *skb;
1358 int err; 1360 int err;
@@ -1372,18 +1374,18 @@ static int netlink_sendmsg(struct kiocb *kiocb, struct socket *sock,
1372 err = -EINVAL; 1374 err = -EINVAL;
1373 if (addr->nl_family != AF_NETLINK) 1375 if (addr->nl_family != AF_NETLINK)
1374 goto out; 1376 goto out;
1375 dst_pid = addr->nl_pid; 1377 dst_portid = addr->nl_pid;
1376 dst_group = ffs(addr->nl_groups); 1378 dst_group = ffs(addr->nl_groups);
1377 err = -EPERM; 1379 err = -EPERM;
1378 if ((dst_group || dst_pid) && 1380 if ((dst_group || dst_portid) &&
1379 !netlink_capable(sock, NL_NONROOT_SEND)) 1381 !netlink_capable(sock, NL_CFG_F_NONROOT_SEND))
1380 goto out; 1382 goto out;
1381 } else { 1383 } else {
1382 dst_pid = nlk->dst_pid; 1384 dst_portid = nlk->dst_portid;
1383 dst_group = nlk->dst_group; 1385 dst_group = nlk->dst_group;
1384 } 1386 }
1385 1387
1386 if (!nlk->pid) { 1388 if (!nlk->portid) {
1387 err = netlink_autobind(sock); 1389 err = netlink_autobind(sock);
1388 if (err) 1390 if (err)
1389 goto out; 1391 goto out;
@@ -1397,9 +1399,9 @@ static int netlink_sendmsg(struct kiocb *kiocb, struct socket *sock,
1397 if (skb == NULL) 1399 if (skb == NULL)
1398 goto out; 1400 goto out;
1399 1401
1400 NETLINK_CB(skb).pid = nlk->pid; 1402 NETLINK_CB(skb).portid = nlk->portid;
1401 NETLINK_CB(skb).dst_group = dst_group; 1403 NETLINK_CB(skb).dst_group = dst_group;
1402 memcpy(NETLINK_CREDS(skb), &siocb->scm->creds, sizeof(struct ucred)); 1404 NETLINK_CB(skb).creds = siocb->scm->creds;
1403 1405
1404 err = -EFAULT; 1406 err = -EFAULT;
1405 if (memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len)) { 1407 if (memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len)) {
@@ -1415,9 +1417,9 @@ static int netlink_sendmsg(struct kiocb *kiocb, struct socket *sock,
1415 1417
1416 if (dst_group) { 1418 if (dst_group) {
1417 atomic_inc(&skb->users); 1419 atomic_inc(&skb->users);
1418 netlink_broadcast(sk, skb, dst_pid, dst_group, GFP_KERNEL); 1420 netlink_broadcast(sk, skb, dst_portid, dst_group, GFP_KERNEL);
1419 } 1421 }
1420 err = netlink_unicast(sk, skb, dst_pid, msg->msg_flags&MSG_DONTWAIT); 1422 err = netlink_unicast(sk, skb, dst_portid, msg->msg_flags&MSG_DONTWAIT);
1421 1423
1422out: 1424out:
1423 scm_destroy(siocb->scm); 1425 scm_destroy(siocb->scm);
@@ -1480,7 +1482,7 @@ static int netlink_recvmsg(struct kiocb *kiocb, struct socket *sock,
1480 struct sockaddr_nl *addr = (struct sockaddr_nl *)msg->msg_name; 1482 struct sockaddr_nl *addr = (struct sockaddr_nl *)msg->msg_name;
1481 addr->nl_family = AF_NETLINK; 1483 addr->nl_family = AF_NETLINK;
1482 addr->nl_pad = 0; 1484 addr->nl_pad = 0;
1483 addr->nl_pid = NETLINK_CB(skb).pid; 1485 addr->nl_pid = NETLINK_CB(skb).portid;
1484 addr->nl_groups = netlink_group_mask(NETLINK_CB(skb).dst_group); 1486 addr->nl_groups = netlink_group_mask(NETLINK_CB(skb).dst_group);
1485 msg->msg_namelen = sizeof(*addr); 1487 msg->msg_namelen = sizeof(*addr);
1486 } 1488 }
@@ -1524,9 +1526,8 @@ static void netlink_data_ready(struct sock *sk, int len)
1524 */ 1526 */
1525 1527
1526struct sock * 1528struct sock *
1527netlink_kernel_create(struct net *net, int unit, 1529__netlink_kernel_create(struct net *net, int unit, struct module *module,
1528 struct module *module, 1530 struct netlink_kernel_cfg *cfg)
1529 struct netlink_kernel_cfg *cfg)
1530{ 1531{
1531 struct socket *sock; 1532 struct socket *sock;
1532 struct sock *sk; 1533 struct sock *sk;
@@ -1580,7 +1581,10 @@ netlink_kernel_create(struct net *net, int unit,
1580 rcu_assign_pointer(nl_table[unit].listeners, listeners); 1581 rcu_assign_pointer(nl_table[unit].listeners, listeners);
1581 nl_table[unit].cb_mutex = cb_mutex; 1582 nl_table[unit].cb_mutex = cb_mutex;
1582 nl_table[unit].module = module; 1583 nl_table[unit].module = module;
1583 nl_table[unit].bind = cfg ? cfg->bind : NULL; 1584 if (cfg) {
1585 nl_table[unit].bind = cfg->bind;
1586 nl_table[unit].flags = cfg->flags;
1587 }
1584 nl_table[unit].registered = 1; 1588 nl_table[unit].registered = 1;
1585 } else { 1589 } else {
1586 kfree(listeners); 1590 kfree(listeners);
@@ -1598,8 +1602,7 @@ out_sock_release_nosk:
1598 sock_release(sock); 1602 sock_release(sock);
1599 return NULL; 1603 return NULL;
1600} 1604}
1601EXPORT_SYMBOL(netlink_kernel_create); 1605EXPORT_SYMBOL(__netlink_kernel_create);
1602
1603 1606
1604void 1607void
1605netlink_kernel_release(struct sock *sk) 1608netlink_kernel_release(struct sock *sk)
@@ -1679,15 +1682,8 @@ void netlink_clear_multicast_users(struct sock *ksk, unsigned int group)
1679 netlink_table_ungrab(); 1682 netlink_table_ungrab();
1680} 1683}
1681 1684
1682void netlink_set_nonroot(int protocol, unsigned int flags)
1683{
1684 if ((unsigned int)protocol < MAX_LINKS)
1685 nl_table[protocol].nl_nonroot = flags;
1686}
1687EXPORT_SYMBOL(netlink_set_nonroot);
1688
1689struct nlmsghdr * 1685struct nlmsghdr *
1690__nlmsg_put(struct sk_buff *skb, u32 pid, u32 seq, int type, int len, int flags) 1686__nlmsg_put(struct sk_buff *skb, u32 portid, u32 seq, int type, int len, int flags)
1691{ 1687{
1692 struct nlmsghdr *nlh; 1688 struct nlmsghdr *nlh;
1693 int size = NLMSG_LENGTH(len); 1689 int size = NLMSG_LENGTH(len);
@@ -1696,7 +1692,7 @@ __nlmsg_put(struct sk_buff *skb, u32 pid, u32 seq, int type, int len, int flags)
1696 nlh->nlmsg_type = type; 1692 nlh->nlmsg_type = type;
1697 nlh->nlmsg_len = size; 1693 nlh->nlmsg_len = size;
1698 nlh->nlmsg_flags = flags; 1694 nlh->nlmsg_flags = flags;
1699 nlh->nlmsg_pid = pid; 1695 nlh->nlmsg_pid = portid;
1700 nlh->nlmsg_seq = seq; 1696 nlh->nlmsg_seq = seq;
1701 if (!__builtin_constant_p(size) || NLMSG_ALIGN(size) - size != 0) 1697 if (!__builtin_constant_p(size) || NLMSG_ALIGN(size) - size != 0)
1702 memset(NLMSG_DATA(nlh) + len, 0, NLMSG_ALIGN(size) - size); 1698 memset(NLMSG_DATA(nlh) + len, 0, NLMSG_ALIGN(size) - size);
@@ -1792,7 +1788,7 @@ int netlink_dump_start(struct sock *ssk, struct sk_buff *skb,
1792 atomic_inc(&skb->users); 1788 atomic_inc(&skb->users);
1793 cb->skb = skb; 1789 cb->skb = skb;
1794 1790
1795 sk = netlink_lookup(sock_net(ssk), ssk->sk_protocol, NETLINK_CB(skb).pid); 1791 sk = netlink_lookup(sock_net(ssk), ssk->sk_protocol, NETLINK_CB(skb).portid);
1796 if (sk == NULL) { 1792 if (sk == NULL) {
1797 netlink_destroy_callback(cb); 1793 netlink_destroy_callback(cb);
1798 return -ECONNREFUSED; 1794 return -ECONNREFUSED;
@@ -1840,7 +1836,7 @@ void netlink_ack(struct sk_buff *in_skb, struct nlmsghdr *nlh, int err)
1840 1836
1841 sk = netlink_lookup(sock_net(in_skb->sk), 1837 sk = netlink_lookup(sock_net(in_skb->sk),
1842 in_skb->sk->sk_protocol, 1838 in_skb->sk->sk_protocol,
1843 NETLINK_CB(in_skb).pid); 1839 NETLINK_CB(in_skb).portid);
1844 if (sk) { 1840 if (sk) {
1845 sk->sk_err = ENOBUFS; 1841 sk->sk_err = ENOBUFS;
1846 sk->sk_error_report(sk); 1842 sk->sk_error_report(sk);
@@ -1849,12 +1845,12 @@ void netlink_ack(struct sk_buff *in_skb, struct nlmsghdr *nlh, int err)
1849 return; 1845 return;
1850 } 1846 }
1851 1847
1852 rep = __nlmsg_put(skb, NETLINK_CB(in_skb).pid, nlh->nlmsg_seq, 1848 rep = __nlmsg_put(skb, NETLINK_CB(in_skb).portid, nlh->nlmsg_seq,
1853 NLMSG_ERROR, payload, 0); 1849 NLMSG_ERROR, payload, 0);
1854 errmsg = nlmsg_data(rep); 1850 errmsg = nlmsg_data(rep);
1855 errmsg->error = err; 1851 errmsg->error = err;
1856 memcpy(&errmsg->msg, nlh, err ? nlh->nlmsg_len : sizeof(*nlh)); 1852 memcpy(&errmsg->msg, nlh, err ? nlh->nlmsg_len : sizeof(*nlh));
1857 netlink_unicast(in_skb->sk, skb, NETLINK_CB(in_skb).pid, MSG_DONTWAIT); 1853 netlink_unicast(in_skb->sk, skb, NETLINK_CB(in_skb).portid, MSG_DONTWAIT);
1858} 1854}
1859EXPORT_SYMBOL(netlink_ack); 1855EXPORT_SYMBOL(netlink_ack);
1860 1856
@@ -1904,33 +1900,33 @@ EXPORT_SYMBOL(netlink_rcv_skb);
1904 * nlmsg_notify - send a notification netlink message 1900 * nlmsg_notify - send a notification netlink message
1905 * @sk: netlink socket to use 1901 * @sk: netlink socket to use
1906 * @skb: notification message 1902 * @skb: notification message
1907 * @pid: destination netlink pid for reports or 0 1903 * @portid: destination netlink portid for reports or 0
1908 * @group: destination multicast group or 0 1904 * @group: destination multicast group or 0
1909 * @report: 1 to report back, 0 to disable 1905 * @report: 1 to report back, 0 to disable
1910 * @flags: allocation flags 1906 * @flags: allocation flags
1911 */ 1907 */
1912int nlmsg_notify(struct sock *sk, struct sk_buff *skb, u32 pid, 1908int nlmsg_notify(struct sock *sk, struct sk_buff *skb, u32 portid,
1913 unsigned int group, int report, gfp_t flags) 1909 unsigned int group, int report, gfp_t flags)
1914{ 1910{
1915 int err = 0; 1911 int err = 0;
1916 1912
1917 if (group) { 1913 if (group) {
1918 int exclude_pid = 0; 1914 int exclude_portid = 0;
1919 1915
1920 if (report) { 1916 if (report) {
1921 atomic_inc(&skb->users); 1917 atomic_inc(&skb->users);
1922 exclude_pid = pid; 1918 exclude_portid = portid;
1923 } 1919 }
1924 1920
1925 /* errors reported via destination sk->sk_err, but propagate 1921 /* errors reported via destination sk->sk_err, but propagate
1926 * delivery errors if NETLINK_BROADCAST_ERROR flag is set */ 1922 * delivery errors if NETLINK_BROADCAST_ERROR flag is set */
1927 err = nlmsg_multicast(sk, skb, exclude_pid, group, flags); 1923 err = nlmsg_multicast(sk, skb, exclude_portid, group, flags);
1928 } 1924 }
1929 1925
1930 if (report) { 1926 if (report) {
1931 int err2; 1927 int err2;
1932 1928
1933 err2 = nlmsg_unicast(sk, skb, pid); 1929 err2 = nlmsg_unicast(sk, skb, portid);
1934 if (!err || err == -ESRCH) 1930 if (!err || err == -ESRCH)
1935 err = err2; 1931 err = err2;
1936 } 1932 }
@@ -1955,7 +1951,7 @@ static struct sock *netlink_seq_socket_idx(struct seq_file *seq, loff_t pos)
1955 loff_t off = 0; 1951 loff_t off = 0;
1956 1952
1957 for (i = 0; i < MAX_LINKS; i++) { 1953 for (i = 0; i < MAX_LINKS; i++) {
1958 struct nl_pid_hash *hash = &nl_table[i].hash; 1954 struct nl_portid_hash *hash = &nl_table[i].hash;
1959 1955
1960 for (j = 0; j <= hash->mask; j++) { 1956 for (j = 0; j <= hash->mask; j++) {
1961 sk_for_each(s, node, &hash->table[j]) { 1957 sk_for_each(s, node, &hash->table[j]) {
@@ -2003,7 +1999,7 @@ static void *netlink_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2003 j = iter->hash_idx + 1; 1999 j = iter->hash_idx + 1;
2004 2000
2005 do { 2001 do {
2006 struct nl_pid_hash *hash = &nl_table[i].hash; 2002 struct nl_portid_hash *hash = &nl_table[i].hash;
2007 2003
2008 for (; j <= hash->mask; j++) { 2004 for (; j <= hash->mask; j++) {
2009 s = sk_head(&hash->table[j]); 2005 s = sk_head(&hash->table[j]);
@@ -2042,7 +2038,7 @@ static int netlink_seq_show(struct seq_file *seq, void *v)
2042 seq_printf(seq, "%pK %-3d %-6d %08x %-8d %-8d %pK %-8d %-8d %-8lu\n", 2038 seq_printf(seq, "%pK %-3d %-6d %08x %-8d %-8d %pK %-8d %-8d %-8lu\n",
2043 s, 2039 s,
2044 s->sk_protocol, 2040 s->sk_protocol,
2045 nlk->pid, 2041 nlk->portid,
2046 nlk->groups ? (u32)nlk->groups[0] : 0, 2042 nlk->groups ? (u32)nlk->groups[0] : 0,
2047 sk_rmem_alloc_get(s), 2043 sk_rmem_alloc_get(s),
2048 sk_wmem_alloc_get(s), 2044 sk_wmem_alloc_get(s),
@@ -2150,7 +2146,7 @@ static void __init netlink_add_usersock_entry(void)
2150 rcu_assign_pointer(nl_table[NETLINK_USERSOCK].listeners, listeners); 2146 rcu_assign_pointer(nl_table[NETLINK_USERSOCK].listeners, listeners);
2151 nl_table[NETLINK_USERSOCK].module = THIS_MODULE; 2147 nl_table[NETLINK_USERSOCK].module = THIS_MODULE;
2152 nl_table[NETLINK_USERSOCK].registered = 1; 2148 nl_table[NETLINK_USERSOCK].registered = 1;
2153 nl_table[NETLINK_USERSOCK].nl_nonroot = NL_NONROOT_SEND; 2149 nl_table[NETLINK_USERSOCK].flags = NL_CFG_F_NONROOT_SEND;
2154 2150
2155 netlink_table_ungrab(); 2151 netlink_table_ungrab();
2156} 2152}
@@ -2187,12 +2183,12 @@ static int __init netlink_proto_init(void)
2187 order = get_bitmask_order(min(limit, (unsigned long)UINT_MAX)) - 1; 2183 order = get_bitmask_order(min(limit, (unsigned long)UINT_MAX)) - 1;
2188 2184
2189 for (i = 0; i < MAX_LINKS; i++) { 2185 for (i = 0; i < MAX_LINKS; i++) {
2190 struct nl_pid_hash *hash = &nl_table[i].hash; 2186 struct nl_portid_hash *hash = &nl_table[i].hash;
2191 2187
2192 hash->table = nl_pid_hash_zalloc(1 * sizeof(*hash->table)); 2188 hash->table = nl_portid_hash_zalloc(1 * sizeof(*hash->table));
2193 if (!hash->table) { 2189 if (!hash->table) {
2194 while (i-- > 0) 2190 while (i-- > 0)
2195 nl_pid_hash_free(nl_table[i].hash.table, 2191 nl_portid_hash_free(nl_table[i].hash.table,
2196 1 * sizeof(*hash->table)); 2192 1 * sizeof(*hash->table));
2197 kfree(nl_table); 2193 kfree(nl_table);
2198 goto panic; 2194 goto panic;
diff --git a/net/netlink/genetlink.c b/net/netlink/genetlink.c
index fda497412fc3..f2aabb6f4105 100644
--- a/net/netlink/genetlink.c
+++ b/net/netlink/genetlink.c
@@ -501,7 +501,7 @@ EXPORT_SYMBOL(genl_unregister_family);
501/** 501/**
502 * genlmsg_put - Add generic netlink header to netlink message 502 * genlmsg_put - Add generic netlink header to netlink message
503 * @skb: socket buffer holding the message 503 * @skb: socket buffer holding the message
504 * @pid: netlink pid the message is addressed to 504 * @portid: netlink portid the message is addressed to
505 * @seq: sequence number (usually the one of the sender) 505 * @seq: sequence number (usually the one of the sender)
506 * @family: generic netlink family 506 * @family: generic netlink family
507 * @flags: netlink message flags 507 * @flags: netlink message flags
@@ -509,13 +509,13 @@ EXPORT_SYMBOL(genl_unregister_family);
509 * 509 *
510 * Returns pointer to user specific header 510 * Returns pointer to user specific header
511 */ 511 */
512void *genlmsg_put(struct sk_buff *skb, u32 pid, u32 seq, 512void *genlmsg_put(struct sk_buff *skb, u32 portid, u32 seq,
513 struct genl_family *family, int flags, u8 cmd) 513 struct genl_family *family, int flags, u8 cmd)
514{ 514{
515 struct nlmsghdr *nlh; 515 struct nlmsghdr *nlh;
516 struct genlmsghdr *hdr; 516 struct genlmsghdr *hdr;
517 517
518 nlh = nlmsg_put(skb, pid, seq, family->id, GENL_HDRLEN + 518 nlh = nlmsg_put(skb, portid, seq, family->id, GENL_HDRLEN +
519 family->hdrsize, flags); 519 family->hdrsize, flags);
520 if (nlh == NULL) 520 if (nlh == NULL)
521 return NULL; 521 return NULL;
@@ -585,7 +585,7 @@ static int genl_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
585 } 585 }
586 586
587 info.snd_seq = nlh->nlmsg_seq; 587 info.snd_seq = nlh->nlmsg_seq;
588 info.snd_pid = NETLINK_CB(skb).pid; 588 info.snd_portid = NETLINK_CB(skb).portid;
589 info.nlhdr = nlh; 589 info.nlhdr = nlh;
590 info.genlhdr = nlmsg_data(nlh); 590 info.genlhdr = nlmsg_data(nlh);
591 info.userhdr = nlmsg_data(nlh) + GENL_HDRLEN; 591 info.userhdr = nlmsg_data(nlh) + GENL_HDRLEN;
@@ -626,12 +626,12 @@ static struct genl_family genl_ctrl = {
626 .netnsok = true, 626 .netnsok = true,
627}; 627};
628 628
629static int ctrl_fill_info(struct genl_family *family, u32 pid, u32 seq, 629static int ctrl_fill_info(struct genl_family *family, u32 portid, u32 seq,
630 u32 flags, struct sk_buff *skb, u8 cmd) 630 u32 flags, struct sk_buff *skb, u8 cmd)
631{ 631{
632 void *hdr; 632 void *hdr;
633 633
634 hdr = genlmsg_put(skb, pid, seq, &genl_ctrl, flags, cmd); 634 hdr = genlmsg_put(skb, portid, seq, &genl_ctrl, flags, cmd);
635 if (hdr == NULL) 635 if (hdr == NULL)
636 return -1; 636 return -1;
637 637
@@ -701,7 +701,7 @@ nla_put_failure:
701 return -EMSGSIZE; 701 return -EMSGSIZE;
702} 702}
703 703
704static int ctrl_fill_mcgrp_info(struct genl_multicast_group *grp, u32 pid, 704static int ctrl_fill_mcgrp_info(struct genl_multicast_group *grp, u32 portid,
705 u32 seq, u32 flags, struct sk_buff *skb, 705 u32 seq, u32 flags, struct sk_buff *skb,
706 u8 cmd) 706 u8 cmd)
707{ 707{
@@ -709,7 +709,7 @@ static int ctrl_fill_mcgrp_info(struct genl_multicast_group *grp, u32 pid,
709 struct nlattr *nla_grps; 709 struct nlattr *nla_grps;
710 struct nlattr *nest; 710 struct nlattr *nest;
711 711
712 hdr = genlmsg_put(skb, pid, seq, &genl_ctrl, flags, cmd); 712 hdr = genlmsg_put(skb, portid, seq, &genl_ctrl, flags, cmd);
713 if (hdr == NULL) 713 if (hdr == NULL)
714 return -1; 714 return -1;
715 715
@@ -756,7 +756,7 @@ static int ctrl_dumpfamily(struct sk_buff *skb, struct netlink_callback *cb)
756 continue; 756 continue;
757 if (++n < fams_to_skip) 757 if (++n < fams_to_skip)
758 continue; 758 continue;
759 if (ctrl_fill_info(rt, NETLINK_CB(cb->skb).pid, 759 if (ctrl_fill_info(rt, NETLINK_CB(cb->skb).portid,
760 cb->nlh->nlmsg_seq, NLM_F_MULTI, 760 cb->nlh->nlmsg_seq, NLM_F_MULTI,
761 skb, CTRL_CMD_NEWFAMILY) < 0) 761 skb, CTRL_CMD_NEWFAMILY) < 0)
762 goto errout; 762 goto errout;
@@ -773,7 +773,7 @@ errout:
773} 773}
774 774
775static struct sk_buff *ctrl_build_family_msg(struct genl_family *family, 775static struct sk_buff *ctrl_build_family_msg(struct genl_family *family,
776 u32 pid, int seq, u8 cmd) 776 u32 portid, int seq, u8 cmd)
777{ 777{
778 struct sk_buff *skb; 778 struct sk_buff *skb;
779 int err; 779 int err;
@@ -782,7 +782,7 @@ static struct sk_buff *ctrl_build_family_msg(struct genl_family *family,
782 if (skb == NULL) 782 if (skb == NULL)
783 return ERR_PTR(-ENOBUFS); 783 return ERR_PTR(-ENOBUFS);
784 784
785 err = ctrl_fill_info(family, pid, seq, 0, skb, cmd); 785 err = ctrl_fill_info(family, portid, seq, 0, skb, cmd);
786 if (err < 0) { 786 if (err < 0) {
787 nlmsg_free(skb); 787 nlmsg_free(skb);
788 return ERR_PTR(err); 788 return ERR_PTR(err);
@@ -792,7 +792,7 @@ static struct sk_buff *ctrl_build_family_msg(struct genl_family *family,
792} 792}
793 793
794static struct sk_buff *ctrl_build_mcgrp_msg(struct genl_multicast_group *grp, 794static struct sk_buff *ctrl_build_mcgrp_msg(struct genl_multicast_group *grp,
795 u32 pid, int seq, u8 cmd) 795 u32 portid, int seq, u8 cmd)
796{ 796{
797 struct sk_buff *skb; 797 struct sk_buff *skb;
798 int err; 798 int err;
@@ -801,7 +801,7 @@ static struct sk_buff *ctrl_build_mcgrp_msg(struct genl_multicast_group *grp,
801 if (skb == NULL) 801 if (skb == NULL)
802 return ERR_PTR(-ENOBUFS); 802 return ERR_PTR(-ENOBUFS);
803 803
804 err = ctrl_fill_mcgrp_info(grp, pid, seq, 0, skb, cmd); 804 err = ctrl_fill_mcgrp_info(grp, portid, seq, 0, skb, cmd);
805 if (err < 0) { 805 if (err < 0) {
806 nlmsg_free(skb); 806 nlmsg_free(skb);
807 return ERR_PTR(err); 807 return ERR_PTR(err);
@@ -853,7 +853,7 @@ static int ctrl_getfamily(struct sk_buff *skb, struct genl_info *info)
853 return -ENOENT; 853 return -ENOENT;
854 } 854 }
855 855
856 msg = ctrl_build_family_msg(res, info->snd_pid, info->snd_seq, 856 msg = ctrl_build_family_msg(res, info->snd_portid, info->snd_seq,
857 CTRL_CMD_NEWFAMILY); 857 CTRL_CMD_NEWFAMILY);
858 if (IS_ERR(msg)) 858 if (IS_ERR(msg))
859 return PTR_ERR(msg); 859 return PTR_ERR(msg);
@@ -918,11 +918,11 @@ static int __net_init genl_pernet_init(struct net *net)
918 struct netlink_kernel_cfg cfg = { 918 struct netlink_kernel_cfg cfg = {
919 .input = genl_rcv, 919 .input = genl_rcv,
920 .cb_mutex = &genl_mutex, 920 .cb_mutex = &genl_mutex,
921 .flags = NL_CFG_F_NONROOT_RECV,
921 }; 922 };
922 923
923 /* we'll bump the group number right afterwards */ 924 /* we'll bump the group number right afterwards */
924 net->genl_sock = netlink_kernel_create(net, NETLINK_GENERIC, 925 net->genl_sock = netlink_kernel_create(net, NETLINK_GENERIC, &cfg);
925 THIS_MODULE, &cfg);
926 926
927 if (!net->genl_sock && net_eq(net, &init_net)) 927 if (!net->genl_sock && net_eq(net, &init_net))
928 panic("GENL: Cannot initialize generic netlink\n"); 928 panic("GENL: Cannot initialize generic netlink\n");
@@ -955,8 +955,6 @@ static int __init genl_init(void)
955 if (err < 0) 955 if (err < 0)
956 goto problem; 956 goto problem;
957 957
958 netlink_set_nonroot(NETLINK_GENERIC, NL_NONROOT_RECV);
959
960 err = register_pernet_subsys(&genl_pernet_ops); 958 err = register_pernet_subsys(&genl_pernet_ops);
961 if (err) 959 if (err)
962 goto problem; 960 goto problem;
@@ -973,7 +971,7 @@ problem:
973 971
974subsys_initcall(genl_init); 972subsys_initcall(genl_init);
975 973
976static int genlmsg_mcast(struct sk_buff *skb, u32 pid, unsigned long group, 974static int genlmsg_mcast(struct sk_buff *skb, u32 portid, unsigned long group,
977 gfp_t flags) 975 gfp_t flags)
978{ 976{
979 struct sk_buff *tmp; 977 struct sk_buff *tmp;
@@ -988,7 +986,7 @@ static int genlmsg_mcast(struct sk_buff *skb, u32 pid, unsigned long group,
988 goto error; 986 goto error;
989 } 987 }
990 err = nlmsg_multicast(prev->genl_sock, tmp, 988 err = nlmsg_multicast(prev->genl_sock, tmp,
991 pid, group, flags); 989 portid, group, flags);
992 if (err) 990 if (err)
993 goto error; 991 goto error;
994 } 992 }
@@ -996,20 +994,20 @@ static int genlmsg_mcast(struct sk_buff *skb, u32 pid, unsigned long group,
996 prev = net; 994 prev = net;
997 } 995 }
998 996
999 return nlmsg_multicast(prev->genl_sock, skb, pid, group, flags); 997 return nlmsg_multicast(prev->genl_sock, skb, portid, group, flags);
1000 error: 998 error:
1001 kfree_skb(skb); 999 kfree_skb(skb);
1002 return err; 1000 return err;
1003} 1001}
1004 1002
1005int genlmsg_multicast_allns(struct sk_buff *skb, u32 pid, unsigned int group, 1003int genlmsg_multicast_allns(struct sk_buff *skb, u32 portid, unsigned int group,
1006 gfp_t flags) 1004 gfp_t flags)
1007{ 1005{
1008 return genlmsg_mcast(skb, pid, group, flags); 1006 return genlmsg_mcast(skb, portid, group, flags);
1009} 1007}
1010EXPORT_SYMBOL(genlmsg_multicast_allns); 1008EXPORT_SYMBOL(genlmsg_multicast_allns);
1011 1009
1012void genl_notify(struct sk_buff *skb, struct net *net, u32 pid, u32 group, 1010void genl_notify(struct sk_buff *skb, struct net *net, u32 portid, u32 group,
1013 struct nlmsghdr *nlh, gfp_t flags) 1011 struct nlmsghdr *nlh, gfp_t flags)
1014{ 1012{
1015 struct sock *sk = net->genl_sock; 1013 struct sock *sk = net->genl_sock;
@@ -1018,6 +1016,6 @@ void genl_notify(struct sk_buff *skb, struct net *net, u32 pid, u32 group,
1018 if (nlh) 1016 if (nlh)
1019 report = nlmsg_report(nlh); 1017 report = nlmsg_report(nlh);
1020 1018
1021 nlmsg_notify(sk, skb, pid, group, report, flags); 1019 nlmsg_notify(sk, skb, portid, group, report, flags);
1022} 1020}
1023EXPORT_SYMBOL(genl_notify); 1021EXPORT_SYMBOL(genl_notify);
diff --git a/net/nfc/core.c b/net/nfc/core.c
index ff749794bc5b..c9eacc1f145f 100644
--- a/net/nfc/core.c
+++ b/net/nfc/core.c
@@ -679,7 +679,7 @@ static void nfc_release(struct device *d)
679 679
680 if (dev->ops->check_presence) { 680 if (dev->ops->check_presence) {
681 del_timer_sync(&dev->check_pres_timer); 681 del_timer_sync(&dev->check_pres_timer);
682 destroy_workqueue(dev->check_pres_wq); 682 cancel_work_sync(&dev->check_pres_work);
683 } 683 }
684 684
685 nfc_genl_data_exit(&dev->genl_data); 685 nfc_genl_data_exit(&dev->genl_data);
@@ -715,7 +715,7 @@ static void nfc_check_pres_timeout(unsigned long data)
715{ 715{
716 struct nfc_dev *dev = (struct nfc_dev *)data; 716 struct nfc_dev *dev = (struct nfc_dev *)data;
717 717
718 queue_work(dev->check_pres_wq, &dev->check_pres_work); 718 queue_work(system_nrt_wq, &dev->check_pres_work);
719} 719}
720 720
721struct class nfc_class = { 721struct class nfc_class = {
@@ -784,20 +784,11 @@ struct nfc_dev *nfc_allocate_device(struct nfc_ops *ops,
784 dev->targets_generation = 1; 784 dev->targets_generation = 1;
785 785
786 if (ops->check_presence) { 786 if (ops->check_presence) {
787 char name[32];
788 init_timer(&dev->check_pres_timer); 787 init_timer(&dev->check_pres_timer);
789 dev->check_pres_timer.data = (unsigned long)dev; 788 dev->check_pres_timer.data = (unsigned long)dev;
790 dev->check_pres_timer.function = nfc_check_pres_timeout; 789 dev->check_pres_timer.function = nfc_check_pres_timeout;
791 790
792 INIT_WORK(&dev->check_pres_work, nfc_check_pres_work); 791 INIT_WORK(&dev->check_pres_work, nfc_check_pres_work);
793 snprintf(name, sizeof(name), "nfc%d_check_pres_wq", dev->idx);
794 dev->check_pres_wq = alloc_workqueue(name, WQ_NON_REENTRANT |
795 WQ_UNBOUND |
796 WQ_MEM_RECLAIM, 1);
797 if (dev->check_pres_wq == NULL) {
798 kfree(dev);
799 return NULL;
800 }
801 } 792 }
802 793
803 return dev; 794 return dev;
diff --git a/net/nfc/hci/Makefile b/net/nfc/hci/Makefile
index f9c44b2fb065..c5dbb6891b24 100644
--- a/net/nfc/hci/Makefile
+++ b/net/nfc/hci/Makefile
@@ -4,5 +4,5 @@
4 4
5obj-$(CONFIG_NFC_HCI) += hci.o 5obj-$(CONFIG_NFC_HCI) += hci.o
6 6
7hci-y := core.o hcp.o command.o 7hci-y := core.o hcp.o command.o llc.o llc_nop.o
8hci-$(CONFIG_NFC_SHDLC) += shdlc.o 8hci-$(CONFIG_NFC_SHDLC) += llc_shdlc.o
diff --git a/net/nfc/hci/command.c b/net/nfc/hci/command.c
index 46362ef979db..71c6a7086b8f 100644
--- a/net/nfc/hci/command.c
+++ b/net/nfc/hci/command.c
@@ -28,10 +28,29 @@
28 28
29#include "hci.h" 29#include "hci.h"
30 30
31static void nfc_hci_execute_cb(struct nfc_hci_dev *hdev, int err, 31static int nfc_hci_execute_cmd_async(struct nfc_hci_dev *hdev, u8 pipe, u8 cmd,
32 struct sk_buff *skb, void *cb_data) 32 const u8 *param, size_t param_len,
33 data_exchange_cb_t cb, void *cb_context)
33{ 34{
34 struct hcp_exec_waiter *hcp_ew = (struct hcp_exec_waiter *)cb_data; 35 pr_debug("exec cmd async through pipe=%d, cmd=%d, plen=%zd\n", pipe,
36 cmd, param_len);
37
38 /* TODO: Define hci cmd execution delay. Should it be the same
39 * for all commands?
40 */
41 return nfc_hci_hcp_message_tx(hdev, pipe, NFC_HCI_HCP_COMMAND, cmd,
42 param, param_len, cb, cb_context, 3000);
43}
44
45/*
46 * HCI command execution completion callback.
47 * err will be a standard linux error (may be converted from HCI response)
48 * skb contains the response data and must be disposed, or may be NULL if
49 * an error occured
50 */
51static void nfc_hci_execute_cb(void *context, struct sk_buff *skb, int err)
52{
53 struct hcp_exec_waiter *hcp_ew = (struct hcp_exec_waiter *)context;
35 54
36 pr_debug("HCI Cmd completed with result=%d\n", err); 55 pr_debug("HCI Cmd completed with result=%d\n", err);
37 56
@@ -55,7 +74,8 @@ static int nfc_hci_execute_cmd(struct nfc_hci_dev *hdev, u8 pipe, u8 cmd,
55 hcp_ew.exec_complete = false; 74 hcp_ew.exec_complete = false;
56 hcp_ew.result_skb = NULL; 75 hcp_ew.result_skb = NULL;
57 76
58 pr_debug("through pipe=%d, cmd=%d, plen=%zd\n", pipe, cmd, param_len); 77 pr_debug("exec cmd sync through pipe=%d, cmd=%d, plen=%zd\n", pipe,
78 cmd, param_len);
59 79
60 /* TODO: Define hci cmd execution delay. Should it be the same 80 /* TODO: Define hci cmd execution delay. Should it be the same
61 * for all commands? 81 * for all commands?
@@ -133,6 +153,23 @@ int nfc_hci_send_cmd(struct nfc_hci_dev *hdev, u8 gate, u8 cmd,
133} 153}
134EXPORT_SYMBOL(nfc_hci_send_cmd); 154EXPORT_SYMBOL(nfc_hci_send_cmd);
135 155
156int nfc_hci_send_cmd_async(struct nfc_hci_dev *hdev, u8 gate, u8 cmd,
157 const u8 *param, size_t param_len,
158 data_exchange_cb_t cb, void *cb_context)
159{
160 u8 pipe;
161
162 pr_debug("\n");
163
164 pipe = hdev->gate2pipe[gate];
165 if (pipe == NFC_HCI_INVALID_PIPE)
166 return -EADDRNOTAVAIL;
167
168 return nfc_hci_execute_cmd_async(hdev, pipe, cmd, param, param_len,
169 cb, cb_context);
170}
171EXPORT_SYMBOL(nfc_hci_send_cmd_async);
172
136int nfc_hci_set_param(struct nfc_hci_dev *hdev, u8 gate, u8 idx, 173int nfc_hci_set_param(struct nfc_hci_dev *hdev, u8 gate, u8 idx,
137 const u8 *param, size_t param_len) 174 const u8 *param, size_t param_len)
138{ 175{
diff --git a/net/nfc/hci/core.c b/net/nfc/hci/core.c
index 1ac7b3fac6c9..d378d93de62e 100644
--- a/net/nfc/hci/core.c
+++ b/net/nfc/hci/core.c
@@ -26,6 +26,7 @@
26 26
27#include <net/nfc/nfc.h> 27#include <net/nfc/nfc.h>
28#include <net/nfc/hci.h> 28#include <net/nfc/hci.h>
29#include <net/nfc/llc.h>
29 30
30#include "hci.h" 31#include "hci.h"
31 32
@@ -57,12 +58,11 @@ static void nfc_hci_msg_tx_work(struct work_struct *work)
57 if (hdev->cmd_pending_msg) { 58 if (hdev->cmd_pending_msg) {
58 if (timer_pending(&hdev->cmd_timer) == 0) { 59 if (timer_pending(&hdev->cmd_timer) == 0) {
59 if (hdev->cmd_pending_msg->cb) 60 if (hdev->cmd_pending_msg->cb)
60 hdev->cmd_pending_msg->cb(hdev, 61 hdev->cmd_pending_msg->cb(hdev->
61 -ETIME,
62 NULL,
63 hdev->
64 cmd_pending_msg-> 62 cmd_pending_msg->
65 cb_context); 63 cb_context,
64 NULL,
65 -ETIME);
66 kfree(hdev->cmd_pending_msg); 66 kfree(hdev->cmd_pending_msg);
67 hdev->cmd_pending_msg = NULL; 67 hdev->cmd_pending_msg = NULL;
68 } else 68 } else
@@ -78,12 +78,12 @@ next_msg:
78 78
79 pr_debug("msg_tx_queue has a cmd to send\n"); 79 pr_debug("msg_tx_queue has a cmd to send\n");
80 while ((skb = skb_dequeue(&msg->msg_frags)) != NULL) { 80 while ((skb = skb_dequeue(&msg->msg_frags)) != NULL) {
81 r = hdev->ops->xmit(hdev, skb); 81 r = nfc_llc_xmit_from_hci(hdev->llc, skb);
82 if (r < 0) { 82 if (r < 0) {
83 kfree_skb(skb); 83 kfree_skb(skb);
84 skb_queue_purge(&msg->msg_frags); 84 skb_queue_purge(&msg->msg_frags);
85 if (msg->cb) 85 if (msg->cb)
86 msg->cb(hdev, r, NULL, msg->cb_context); 86 msg->cb(msg->cb_context, NULL, r);
87 kfree(msg); 87 kfree(msg);
88 break; 88 break;
89 } 89 }
@@ -133,15 +133,15 @@ static void __nfc_hci_cmd_completion(struct nfc_hci_dev *hdev, int err,
133 del_timer_sync(&hdev->cmd_timer); 133 del_timer_sync(&hdev->cmd_timer);
134 134
135 if (hdev->cmd_pending_msg->cb) 135 if (hdev->cmd_pending_msg->cb)
136 hdev->cmd_pending_msg->cb(hdev, err, skb, 136 hdev->cmd_pending_msg->cb(hdev->cmd_pending_msg->cb_context,
137 hdev->cmd_pending_msg->cb_context); 137 skb, err);
138 else 138 else
139 kfree_skb(skb); 139 kfree_skb(skb);
140 140
141 kfree(hdev->cmd_pending_msg); 141 kfree(hdev->cmd_pending_msg);
142 hdev->cmd_pending_msg = NULL; 142 hdev->cmd_pending_msg = NULL;
143 143
144 queue_work(hdev->msg_tx_wq, &hdev->msg_tx_work); 144 queue_work(system_nrt_wq, &hdev->msg_tx_work);
145} 145}
146 146
147void nfc_hci_resp_received(struct nfc_hci_dev *hdev, u8 result, 147void nfc_hci_resp_received(struct nfc_hci_dev *hdev, u8 result,
@@ -326,7 +326,7 @@ static void nfc_hci_cmd_timeout(unsigned long data)
326{ 326{
327 struct nfc_hci_dev *hdev = (struct nfc_hci_dev *)data; 327 struct nfc_hci_dev *hdev = (struct nfc_hci_dev *)data;
328 328
329 queue_work(hdev->msg_tx_wq, &hdev->msg_tx_work); 329 queue_work(system_nrt_wq, &hdev->msg_tx_work);
330} 330}
331 331
332static int hci_dev_connect_gates(struct nfc_hci_dev *hdev, u8 gate_count, 332static int hci_dev_connect_gates(struct nfc_hci_dev *hdev, u8 gate_count,
@@ -398,8 +398,7 @@ disconnect_all:
398 nfc_hci_disconnect_all_gates(hdev); 398 nfc_hci_disconnect_all_gates(hdev);
399 399
400exit: 400exit:
401 if (skb) 401 kfree_skb(skb);
402 kfree_skb(skb);
403 402
404 return r; 403 return r;
405} 404}
@@ -470,29 +469,38 @@ static int hci_dev_up(struct nfc_dev *nfc_dev)
470 return r; 469 return r;
471 } 470 }
472 471
472 r = nfc_llc_start(hdev->llc);
473 if (r < 0)
474 goto exit_close;
475
473 r = hci_dev_session_init(hdev); 476 r = hci_dev_session_init(hdev);
474 if (r < 0) 477 if (r < 0)
475 goto exit; 478 goto exit_llc;
476 479
477 r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 480 r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE,
478 NFC_HCI_EVT_END_OPERATION, NULL, 0); 481 NFC_HCI_EVT_END_OPERATION, NULL, 0);
479 if (r < 0) 482 if (r < 0)
480 goto exit; 483 goto exit_llc;
481 484
482 if (hdev->ops->hci_ready) { 485 if (hdev->ops->hci_ready) {
483 r = hdev->ops->hci_ready(hdev); 486 r = hdev->ops->hci_ready(hdev);
484 if (r < 0) 487 if (r < 0)
485 goto exit; 488 goto exit_llc;
486 } 489 }
487 490
488 r = hci_dev_version(hdev); 491 r = hci_dev_version(hdev);
489 if (r < 0) 492 if (r < 0)
490 goto exit; 493 goto exit_llc;
494
495 return 0;
496
497exit_llc:
498 nfc_llc_stop(hdev->llc);
499
500exit_close:
501 if (hdev->ops->close)
502 hdev->ops->close(hdev);
491 503
492exit:
493 if (r < 0)
494 if (hdev->ops->close)
495 hdev->ops->close(hdev);
496 return r; 504 return r;
497} 505}
498 506
@@ -500,6 +508,8 @@ static int hci_dev_down(struct nfc_dev *nfc_dev)
500{ 508{
501 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 509 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev);
502 510
511 nfc_llc_stop(hdev->llc);
512
503 if (hdev->ops->close) 513 if (hdev->ops->close)
504 hdev->ops->close(hdev); 514 hdev->ops->close(hdev);
505 515
@@ -539,13 +549,37 @@ static void hci_deactivate_target(struct nfc_dev *nfc_dev,
539{ 549{
540} 550}
541 551
552#define HCI_CB_TYPE_TRANSCEIVE 1
553
554static void hci_transceive_cb(void *context, struct sk_buff *skb, int err)
555{
556 struct nfc_hci_dev *hdev = context;
557
558 switch (hdev->async_cb_type) {
559 case HCI_CB_TYPE_TRANSCEIVE:
560 /*
561 * TODO: Check RF Error indicator to make sure data is valid.
562 * It seems that HCI cmd can complete without error, but data
563 * can be invalid if an RF error occured? Ignore for now.
564 */
565 if (err == 0)
566 skb_trim(skb, skb->len - 1); /* RF Err ind */
567
568 hdev->async_cb(hdev->async_cb_context, skb, err);
569 break;
570 default:
571 if (err == 0)
572 kfree_skb(skb);
573 break;
574 }
575}
576
542static int hci_transceive(struct nfc_dev *nfc_dev, struct nfc_target *target, 577static int hci_transceive(struct nfc_dev *nfc_dev, struct nfc_target *target,
543 struct sk_buff *skb, data_exchange_cb_t cb, 578 struct sk_buff *skb, data_exchange_cb_t cb,
544 void *cb_context) 579 void *cb_context)
545{ 580{
546 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 581 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev);
547 int r; 582 int r;
548 struct sk_buff *res_skb = NULL;
549 583
550 pr_debug("target_idx=%d\n", target->idx); 584 pr_debug("target_idx=%d\n", target->idx);
551 585
@@ -553,40 +587,37 @@ static int hci_transceive(struct nfc_dev *nfc_dev, struct nfc_target *target,
553 case NFC_HCI_RF_READER_A_GATE: 587 case NFC_HCI_RF_READER_A_GATE:
554 case NFC_HCI_RF_READER_B_GATE: 588 case NFC_HCI_RF_READER_B_GATE:
555 if (hdev->ops->data_exchange) { 589 if (hdev->ops->data_exchange) {
556 r = hdev->ops->data_exchange(hdev, target, skb, 590 r = hdev->ops->data_exchange(hdev, target, skb, cb,
557 &res_skb); 591 cb_context);
558 if (r <= 0) /* handled */ 592 if (r <= 0) /* handled */
559 break; 593 break;
560 } 594 }
561 595
562 *skb_push(skb, 1) = 0; /* CTR, see spec:10.2.2.1 */ 596 *skb_push(skb, 1) = 0; /* CTR, see spec:10.2.2.1 */
563 r = nfc_hci_send_cmd(hdev, target->hci_reader_gate, 597
564 NFC_HCI_WR_XCHG_DATA, 598 hdev->async_cb_type = HCI_CB_TYPE_TRANSCEIVE;
565 skb->data, skb->len, &res_skb); 599 hdev->async_cb = cb;
566 /* 600 hdev->async_cb_context = cb_context;
567 * TODO: Check RF Error indicator to make sure data is valid. 601
568 * It seems that HCI cmd can complete without error, but data 602 r = nfc_hci_send_cmd_async(hdev, target->hci_reader_gate,
569 * can be invalid if an RF error occured? Ignore for now. 603 NFC_HCI_WR_XCHG_DATA, skb->data,
570 */ 604 skb->len, hci_transceive_cb, hdev);
571 if (r == 0)
572 skb_trim(res_skb, res_skb->len - 1); /* RF Err ind */
573 break; 605 break;
574 default: 606 default:
575 if (hdev->ops->data_exchange) { 607 if (hdev->ops->data_exchange) {
576 r = hdev->ops->data_exchange(hdev, target, skb, 608 r = hdev->ops->data_exchange(hdev, target, skb, cb,
577 &res_skb); 609 cb_context);
578 if (r == 1) 610 if (r == 1)
579 r = -ENOTSUPP; 611 r = -ENOTSUPP;
580 } 612 }
581 else 613 else
582 r = -ENOTSUPP; 614 r = -ENOTSUPP;
615 break;
583 } 616 }
584 617
585 kfree_skb(skb); 618 kfree_skb(skb);
586 619
587 cb(cb_context, res_skb, r); 620 return r;
588
589 return 0;
590} 621}
591 622
592static int hci_check_presence(struct nfc_dev *nfc_dev, 623static int hci_check_presence(struct nfc_dev *nfc_dev,
@@ -600,6 +631,93 @@ static int hci_check_presence(struct nfc_dev *nfc_dev,
600 return 0; 631 return 0;
601} 632}
602 633
634static void nfc_hci_failure(struct nfc_hci_dev *hdev, int err)
635{
636 mutex_lock(&hdev->msg_tx_mutex);
637
638 if (hdev->cmd_pending_msg == NULL) {
639 nfc_driver_failure(hdev->ndev, err);
640 goto exit;
641 }
642
643 __nfc_hci_cmd_completion(hdev, err, NULL);
644
645exit:
646 mutex_unlock(&hdev->msg_tx_mutex);
647}
648
649static void nfc_hci_llc_failure(struct nfc_hci_dev *hdev, int err)
650{
651 nfc_hci_failure(hdev, err);
652}
653
654static void nfc_hci_recv_from_llc(struct nfc_hci_dev *hdev, struct sk_buff *skb)
655{
656 struct hcp_packet *packet;
657 u8 type;
658 u8 instruction;
659 struct sk_buff *hcp_skb;
660 u8 pipe;
661 struct sk_buff *frag_skb;
662 int msg_len;
663
664 packet = (struct hcp_packet *)skb->data;
665 if ((packet->header & ~NFC_HCI_FRAGMENT) == 0) {
666 skb_queue_tail(&hdev->rx_hcp_frags, skb);
667 return;
668 }
669
670 /* it's the last fragment. Does it need re-aggregation? */
671 if (skb_queue_len(&hdev->rx_hcp_frags)) {
672 pipe = packet->header & NFC_HCI_FRAGMENT;
673 skb_queue_tail(&hdev->rx_hcp_frags, skb);
674
675 msg_len = 0;
676 skb_queue_walk(&hdev->rx_hcp_frags, frag_skb) {
677 msg_len += (frag_skb->len -
678 NFC_HCI_HCP_PACKET_HEADER_LEN);
679 }
680
681 hcp_skb = nfc_alloc_recv_skb(NFC_HCI_HCP_PACKET_HEADER_LEN +
682 msg_len, GFP_KERNEL);
683 if (hcp_skb == NULL) {
684 nfc_hci_failure(hdev, -ENOMEM);
685 return;
686 }
687
688 *skb_put(hcp_skb, NFC_HCI_HCP_PACKET_HEADER_LEN) = pipe;
689
690 skb_queue_walk(&hdev->rx_hcp_frags, frag_skb) {
691 msg_len = frag_skb->len - NFC_HCI_HCP_PACKET_HEADER_LEN;
692 memcpy(skb_put(hcp_skb, msg_len),
693 frag_skb->data + NFC_HCI_HCP_PACKET_HEADER_LEN,
694 msg_len);
695 }
696
697 skb_queue_purge(&hdev->rx_hcp_frags);
698 } else {
699 packet->header &= NFC_HCI_FRAGMENT;
700 hcp_skb = skb;
701 }
702
703 /* if this is a response, dispatch immediately to
704 * unblock waiting cmd context. Otherwise, enqueue to dispatch
705 * in separate context where handler can also execute command.
706 */
707 packet = (struct hcp_packet *)hcp_skb->data;
708 type = HCP_MSG_GET_TYPE(packet->message.header);
709 if (type == NFC_HCI_HCP_RESPONSE) {
710 pipe = packet->header;
711 instruction = HCP_MSG_GET_CMD(packet->message.header);
712 skb_pull(hcp_skb, NFC_HCI_HCP_PACKET_HEADER_LEN +
713 NFC_HCI_HCP_MESSAGE_HEADER_LEN);
714 nfc_hci_hcp_message_rx(hdev, pipe, type, instruction, hcp_skb);
715 } else {
716 skb_queue_tail(&hdev->msg_rx_queue, hcp_skb);
717 queue_work(system_nrt_wq, &hdev->msg_rx_work);
718 }
719}
720
603static struct nfc_ops hci_nfc_ops = { 721static struct nfc_ops hci_nfc_ops = {
604 .dev_up = hci_dev_up, 722 .dev_up = hci_dev_up,
605 .dev_down = hci_dev_down, 723 .dev_down = hci_dev_down,
@@ -614,6 +732,7 @@ static struct nfc_ops hci_nfc_ops = {
614struct nfc_hci_dev *nfc_hci_allocate_device(struct nfc_hci_ops *ops, 732struct nfc_hci_dev *nfc_hci_allocate_device(struct nfc_hci_ops *ops,
615 struct nfc_hci_init_data *init_data, 733 struct nfc_hci_init_data *init_data,
616 u32 protocols, 734 u32 protocols,
735 const char *llc_name,
617 int tx_headroom, 736 int tx_headroom,
618 int tx_tailroom, 737 int tx_tailroom,
619 int max_link_payload) 738 int max_link_payload)
@@ -630,10 +749,19 @@ struct nfc_hci_dev *nfc_hci_allocate_device(struct nfc_hci_ops *ops,
630 if (hdev == NULL) 749 if (hdev == NULL)
631 return NULL; 750 return NULL;
632 751
752 hdev->llc = nfc_llc_allocate(llc_name, hdev, ops->xmit,
753 nfc_hci_recv_from_llc, tx_headroom,
754 tx_tailroom, nfc_hci_llc_failure);
755 if (hdev->llc == NULL) {
756 kfree(hdev);
757 return NULL;
758 }
759
633 hdev->ndev = nfc_allocate_device(&hci_nfc_ops, protocols, 760 hdev->ndev = nfc_allocate_device(&hci_nfc_ops, protocols,
634 tx_headroom + HCI_CMDS_HEADROOM, 761 tx_headroom + HCI_CMDS_HEADROOM,
635 tx_tailroom); 762 tx_tailroom);
636 if (!hdev->ndev) { 763 if (!hdev->ndev) {
764 nfc_llc_free(hdev->llc);
637 kfree(hdev); 765 kfree(hdev);
638 return NULL; 766 return NULL;
639 } 767 }
@@ -653,29 +781,18 @@ EXPORT_SYMBOL(nfc_hci_allocate_device);
653void nfc_hci_free_device(struct nfc_hci_dev *hdev) 781void nfc_hci_free_device(struct nfc_hci_dev *hdev)
654{ 782{
655 nfc_free_device(hdev->ndev); 783 nfc_free_device(hdev->ndev);
784 nfc_llc_free(hdev->llc);
656 kfree(hdev); 785 kfree(hdev);
657} 786}
658EXPORT_SYMBOL(nfc_hci_free_device); 787EXPORT_SYMBOL(nfc_hci_free_device);
659 788
660int nfc_hci_register_device(struct nfc_hci_dev *hdev) 789int nfc_hci_register_device(struct nfc_hci_dev *hdev)
661{ 790{
662 struct device *dev = &hdev->ndev->dev;
663 const char *devname = dev_name(dev);
664 char name[32];
665 int r = 0;
666
667 mutex_init(&hdev->msg_tx_mutex); 791 mutex_init(&hdev->msg_tx_mutex);
668 792
669 INIT_LIST_HEAD(&hdev->msg_tx_queue); 793 INIT_LIST_HEAD(&hdev->msg_tx_queue);
670 794
671 INIT_WORK(&hdev->msg_tx_work, nfc_hci_msg_tx_work); 795 INIT_WORK(&hdev->msg_tx_work, nfc_hci_msg_tx_work);
672 snprintf(name, sizeof(name), "%s_hci_msg_tx_wq", devname);
673 hdev->msg_tx_wq = alloc_workqueue(name, WQ_NON_REENTRANT | WQ_UNBOUND |
674 WQ_MEM_RECLAIM, 1);
675 if (hdev->msg_tx_wq == NULL) {
676 r = -ENOMEM;
677 goto exit;
678 }
679 796
680 init_timer(&hdev->cmd_timer); 797 init_timer(&hdev->cmd_timer);
681 hdev->cmd_timer.data = (unsigned long)hdev; 798 hdev->cmd_timer.data = (unsigned long)hdev;
@@ -684,27 +801,10 @@ int nfc_hci_register_device(struct nfc_hci_dev *hdev)
684 skb_queue_head_init(&hdev->rx_hcp_frags); 801 skb_queue_head_init(&hdev->rx_hcp_frags);
685 802
686 INIT_WORK(&hdev->msg_rx_work, nfc_hci_msg_rx_work); 803 INIT_WORK(&hdev->msg_rx_work, nfc_hci_msg_rx_work);
687 snprintf(name, sizeof(name), "%s_hci_msg_rx_wq", devname);
688 hdev->msg_rx_wq = alloc_workqueue(name, WQ_NON_REENTRANT | WQ_UNBOUND |
689 WQ_MEM_RECLAIM, 1);
690 if (hdev->msg_rx_wq == NULL) {
691 r = -ENOMEM;
692 goto exit;
693 }
694 804
695 skb_queue_head_init(&hdev->msg_rx_queue); 805 skb_queue_head_init(&hdev->msg_rx_queue);
696 806
697 r = nfc_register_device(hdev->ndev); 807 return nfc_register_device(hdev->ndev);
698
699exit:
700 if (r < 0) {
701 if (hdev->msg_tx_wq)
702 destroy_workqueue(hdev->msg_tx_wq);
703 if (hdev->msg_rx_wq)
704 destroy_workqueue(hdev->msg_rx_wq);
705 }
706
707 return r;
708} 808}
709EXPORT_SYMBOL(nfc_hci_register_device); 809EXPORT_SYMBOL(nfc_hci_register_device);
710 810
@@ -725,9 +825,8 @@ void nfc_hci_unregister_device(struct nfc_hci_dev *hdev)
725 825
726 nfc_unregister_device(hdev->ndev); 826 nfc_unregister_device(hdev->ndev);
727 827
728 destroy_workqueue(hdev->msg_tx_wq); 828 cancel_work_sync(&hdev->msg_tx_work);
729 829 cancel_work_sync(&hdev->msg_rx_work);
730 destroy_workqueue(hdev->msg_rx_wq);
731} 830}
732EXPORT_SYMBOL(nfc_hci_unregister_device); 831EXPORT_SYMBOL(nfc_hci_unregister_device);
733 832
@@ -743,93 +842,30 @@ void *nfc_hci_get_clientdata(struct nfc_hci_dev *hdev)
743} 842}
744EXPORT_SYMBOL(nfc_hci_get_clientdata); 843EXPORT_SYMBOL(nfc_hci_get_clientdata);
745 844
746static void nfc_hci_failure(struct nfc_hci_dev *hdev, int err)
747{
748 mutex_lock(&hdev->msg_tx_mutex);
749
750 if (hdev->cmd_pending_msg == NULL) {
751 nfc_driver_failure(hdev->ndev, err);
752 goto exit;
753 }
754
755 __nfc_hci_cmd_completion(hdev, err, NULL);
756
757exit:
758 mutex_unlock(&hdev->msg_tx_mutex);
759}
760
761void nfc_hci_driver_failure(struct nfc_hci_dev *hdev, int err) 845void nfc_hci_driver_failure(struct nfc_hci_dev *hdev, int err)
762{ 846{
763 nfc_hci_failure(hdev, err); 847 nfc_hci_failure(hdev, err);
764} 848}
765EXPORT_SYMBOL(nfc_hci_driver_failure); 849EXPORT_SYMBOL(nfc_hci_driver_failure);
766 850
767void nfc_hci_recv_frame(struct nfc_hci_dev *hdev, struct sk_buff *skb) 851void inline nfc_hci_recv_frame(struct nfc_hci_dev *hdev, struct sk_buff *skb)
768{ 852{
769 struct hcp_packet *packet; 853 nfc_llc_rcv_from_drv(hdev->llc, skb);
770 u8 type; 854}
771 u8 instruction; 855EXPORT_SYMBOL(nfc_hci_recv_frame);
772 struct sk_buff *hcp_skb;
773 u8 pipe;
774 struct sk_buff *frag_skb;
775 int msg_len;
776
777 packet = (struct hcp_packet *)skb->data;
778 if ((packet->header & ~NFC_HCI_FRAGMENT) == 0) {
779 skb_queue_tail(&hdev->rx_hcp_frags, skb);
780 return;
781 }
782
783 /* it's the last fragment. Does it need re-aggregation? */
784 if (skb_queue_len(&hdev->rx_hcp_frags)) {
785 pipe = packet->header & NFC_HCI_FRAGMENT;
786 skb_queue_tail(&hdev->rx_hcp_frags, skb);
787
788 msg_len = 0;
789 skb_queue_walk(&hdev->rx_hcp_frags, frag_skb) {
790 msg_len += (frag_skb->len -
791 NFC_HCI_HCP_PACKET_HEADER_LEN);
792 }
793
794 hcp_skb = nfc_alloc_recv_skb(NFC_HCI_HCP_PACKET_HEADER_LEN +
795 msg_len, GFP_KERNEL);
796 if (hcp_skb == NULL) {
797 nfc_hci_failure(hdev, -ENOMEM);
798 return;
799 }
800
801 *skb_put(hcp_skb, NFC_HCI_HCP_PACKET_HEADER_LEN) = pipe;
802
803 skb_queue_walk(&hdev->rx_hcp_frags, frag_skb) {
804 msg_len = frag_skb->len - NFC_HCI_HCP_PACKET_HEADER_LEN;
805 memcpy(skb_put(hcp_skb, msg_len),
806 frag_skb->data + NFC_HCI_HCP_PACKET_HEADER_LEN,
807 msg_len);
808 }
809 856
810 skb_queue_purge(&hdev->rx_hcp_frags); 857static int __init nfc_hci_init(void)
811 } else { 858{
812 packet->header &= NFC_HCI_FRAGMENT; 859 return nfc_llc_init();
813 hcp_skb = skb; 860}
814 }
815 861
816 /* if this is a response, dispatch immediately to 862static void __exit nfc_hci_exit(void)
817 * unblock waiting cmd context. Otherwise, enqueue to dispatch 863{
818 * in separate context where handler can also execute command. 864 nfc_llc_exit();
819 */
820 packet = (struct hcp_packet *)hcp_skb->data;
821 type = HCP_MSG_GET_TYPE(packet->message.header);
822 if (type == NFC_HCI_HCP_RESPONSE) {
823 pipe = packet->header;
824 instruction = HCP_MSG_GET_CMD(packet->message.header);
825 skb_pull(hcp_skb, NFC_HCI_HCP_PACKET_HEADER_LEN +
826 NFC_HCI_HCP_MESSAGE_HEADER_LEN);
827 nfc_hci_hcp_message_rx(hdev, pipe, type, instruction, hcp_skb);
828 } else {
829 skb_queue_tail(&hdev->msg_rx_queue, hcp_skb);
830 queue_work(hdev->msg_rx_wq, &hdev->msg_rx_work);
831 }
832} 865}
833EXPORT_SYMBOL(nfc_hci_recv_frame); 866
867subsys_initcall(nfc_hci_init);
868module_exit(nfc_hci_exit);
834 869
835MODULE_LICENSE("GPL"); 870MODULE_LICENSE("GPL");
871MODULE_DESCRIPTION("NFC HCI Core");
diff --git a/net/nfc/hci/hci.h b/net/nfc/hci/hci.h
index fa9a21e92239..b274d12c18ac 100644
--- a/net/nfc/hci/hci.h
+++ b/net/nfc/hci/hci.h
@@ -20,6 +20,8 @@
20#ifndef __LOCAL_HCI_H 20#ifndef __LOCAL_HCI_H
21#define __LOCAL_HCI_H 21#define __LOCAL_HCI_H
22 22
23#include <net/nfc/hci.h>
24
23struct gate_pipe_map { 25struct gate_pipe_map {
24 u8 gate; 26 u8 gate;
25 u8 pipe; 27 u8 pipe;
@@ -35,15 +37,6 @@ struct hcp_packet {
35 struct hcp_message message; 37 struct hcp_message message;
36} __packed; 38} __packed;
37 39
38/*
39 * HCI command execution completion callback.
40 * result will be a standard linux error (may be converted from HCI response)
41 * skb contains the response data and must be disposed, or may be NULL if
42 * an error occured
43 */
44typedef void (*hci_cmd_cb_t) (struct nfc_hci_dev *hdev, int result,
45 struct sk_buff *skb, void *cb_data);
46
47struct hcp_exec_waiter { 40struct hcp_exec_waiter {
48 wait_queue_head_t *wq; 41 wait_queue_head_t *wq;
49 bool exec_complete; 42 bool exec_complete;
@@ -55,7 +48,7 @@ struct hci_msg {
55 struct list_head msg_l; 48 struct list_head msg_l;
56 struct sk_buff_head msg_frags; 49 struct sk_buff_head msg_frags;
57 bool wait_response; 50 bool wait_response;
58 hci_cmd_cb_t cb; 51 data_exchange_cb_t cb;
59 void *cb_context; 52 void *cb_context;
60 unsigned long completion_delay; 53 unsigned long completion_delay;
61}; 54};
@@ -83,7 +76,7 @@ struct hci_create_pipe_resp {
83int nfc_hci_hcp_message_tx(struct nfc_hci_dev *hdev, u8 pipe, 76int nfc_hci_hcp_message_tx(struct nfc_hci_dev *hdev, u8 pipe,
84 u8 type, u8 instruction, 77 u8 type, u8 instruction,
85 const u8 *payload, size_t payload_len, 78 const u8 *payload, size_t payload_len,
86 hci_cmd_cb_t cb, void *cb_data, 79 data_exchange_cb_t cb, void *cb_context,
87 unsigned long completion_delay); 80 unsigned long completion_delay);
88 81
89u8 nfc_hci_pipe2gate(struct nfc_hci_dev *hdev, u8 pipe); 82u8 nfc_hci_pipe2gate(struct nfc_hci_dev *hdev, u8 pipe);
diff --git a/net/nfc/hci/hcp.c b/net/nfc/hci/hcp.c
index f4dad1a89740..208eedd07ee3 100644
--- a/net/nfc/hci/hcp.c
+++ b/net/nfc/hci/hcp.c
@@ -35,7 +35,7 @@
35int nfc_hci_hcp_message_tx(struct nfc_hci_dev *hdev, u8 pipe, 35int nfc_hci_hcp_message_tx(struct nfc_hci_dev *hdev, u8 pipe,
36 u8 type, u8 instruction, 36 u8 type, u8 instruction,
37 const u8 *payload, size_t payload_len, 37 const u8 *payload, size_t payload_len,
38 hci_cmd_cb_t cb, void *cb_data, 38 data_exchange_cb_t cb, void *cb_context,
39 unsigned long completion_delay) 39 unsigned long completion_delay)
40{ 40{
41 struct nfc_dev *ndev = hdev->ndev; 41 struct nfc_dev *ndev = hdev->ndev;
@@ -52,7 +52,7 @@ int nfc_hci_hcp_message_tx(struct nfc_hci_dev *hdev, u8 pipe,
52 skb_queue_head_init(&cmd->msg_frags); 52 skb_queue_head_init(&cmd->msg_frags);
53 cmd->wait_response = (type == NFC_HCI_HCP_COMMAND) ? true : false; 53 cmd->wait_response = (type == NFC_HCI_HCP_COMMAND) ? true : false;
54 cmd->cb = cb; 54 cmd->cb = cb;
55 cmd->cb_context = cb_data; 55 cmd->cb_context = cb_context;
56 cmd->completion_delay = completion_delay; 56 cmd->completion_delay = completion_delay;
57 57
58 hci_len = payload_len + 1; 58 hci_len = payload_len + 1;
@@ -108,7 +108,7 @@ int nfc_hci_hcp_message_tx(struct nfc_hci_dev *hdev, u8 pipe,
108 list_add_tail(&cmd->msg_l, &hdev->msg_tx_queue); 108 list_add_tail(&cmd->msg_l, &hdev->msg_tx_queue);
109 mutex_unlock(&hdev->msg_tx_mutex); 109 mutex_unlock(&hdev->msg_tx_mutex);
110 110
111 queue_work(hdev->msg_tx_wq, &hdev->msg_tx_work); 111 queue_work(system_nrt_wq, &hdev->msg_tx_work);
112 112
113 return 0; 113 return 0;
114 114
diff --git a/net/nfc/hci/llc.c b/net/nfc/hci/llc.c
new file mode 100644
index 000000000000..ae1205ded87f
--- /dev/null
+++ b/net/nfc/hci/llc.c
@@ -0,0 +1,170 @@
1/*
2 * Link Layer Control manager
3 *
4 * Copyright (C) 2012 Intel Corporation. All rights reserved.
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms and conditions of the GNU General Public License,
8 * version 2, as published by the Free Software Foundation.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the
17 * Free Software Foundation, Inc.,
18 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
19 */
20
21#include <net/nfc/llc.h>
22
23#include "llc.h"
24
25static struct list_head llc_engines;
26
27int nfc_llc_init(void)
28{
29 int r;
30
31 INIT_LIST_HEAD(&llc_engines);
32
33 r = nfc_llc_nop_register();
34 if (r)
35 goto exit;
36
37 r = nfc_llc_shdlc_register();
38 if (r)
39 goto exit;
40
41 return 0;
42
43exit:
44 nfc_llc_exit();
45 return r;
46}
47
48void nfc_llc_exit(void)
49{
50 struct nfc_llc_engine *llc_engine, *n;
51
52 list_for_each_entry_safe(llc_engine, n, &llc_engines, entry) {
53 list_del(&llc_engine->entry);
54 kfree(llc_engine->name);
55 kfree(llc_engine);
56 }
57}
58
59int nfc_llc_register(const char *name, struct nfc_llc_ops *ops)
60{
61 struct nfc_llc_engine *llc_engine;
62
63 llc_engine = kzalloc(sizeof(struct nfc_llc_engine), GFP_KERNEL);
64 if (llc_engine == NULL)
65 return -ENOMEM;
66
67 llc_engine->name = kstrdup(name, GFP_KERNEL);
68 if (llc_engine->name == NULL) {
69 kfree(llc_engine);
70 return -ENOMEM;
71 }
72 llc_engine->ops = ops;
73
74 INIT_LIST_HEAD(&llc_engine->entry);
75 list_add_tail (&llc_engine->entry, &llc_engines);
76
77 return 0;
78}
79
80static struct nfc_llc_engine *nfc_llc_name_to_engine(const char *name)
81{
82 struct nfc_llc_engine *llc_engine;
83
84 list_for_each_entry(llc_engine, &llc_engines, entry) {
85 if (strcmp(llc_engine->name, name) == 0)
86 return llc_engine;
87 }
88
89 return NULL;
90}
91
92void nfc_llc_unregister(const char *name)
93{
94 struct nfc_llc_engine *llc_engine;
95
96 llc_engine = nfc_llc_name_to_engine(name);
97 if (llc_engine == NULL)
98 return;
99
100 list_del(&llc_engine->entry);
101 kfree(llc_engine->name);
102 kfree(llc_engine);
103}
104
105struct nfc_llc *nfc_llc_allocate(const char *name, struct nfc_hci_dev *hdev,
106 xmit_to_drv_t xmit_to_drv,
107 rcv_to_hci_t rcv_to_hci, int tx_headroom,
108 int tx_tailroom, llc_failure_t llc_failure)
109{
110 struct nfc_llc_engine *llc_engine;
111 struct nfc_llc *llc;
112
113 llc_engine = nfc_llc_name_to_engine(name);
114 if (llc_engine == NULL)
115 return NULL;
116
117 llc = kzalloc(sizeof(struct nfc_llc), GFP_KERNEL);
118 if (llc == NULL)
119 return NULL;
120
121 llc->data = llc_engine->ops->init(hdev, xmit_to_drv, rcv_to_hci,
122 tx_headroom, tx_tailroom,
123 &llc->rx_headroom, &llc->rx_tailroom,
124 llc_failure);
125 if (llc->data == NULL) {
126 kfree(llc);
127 return NULL;
128 }
129 llc->ops = llc_engine->ops;
130
131 return llc;
132}
133
134void nfc_llc_free(struct nfc_llc *llc)
135{
136 llc->ops->deinit(llc);
137 kfree(llc);
138}
139
140inline void nfc_llc_get_rx_head_tail_room(struct nfc_llc *llc, int *rx_headroom,
141 int *rx_tailroom)
142{
143 *rx_headroom = llc->rx_headroom;
144 *rx_tailroom = llc->rx_tailroom;
145}
146
147inline int nfc_llc_start(struct nfc_llc *llc)
148{
149 return llc->ops->start(llc);
150}
151
152inline int nfc_llc_stop(struct nfc_llc *llc)
153{
154 return llc->ops->stop(llc);
155}
156
157inline void nfc_llc_rcv_from_drv(struct nfc_llc *llc, struct sk_buff *skb)
158{
159 llc->ops->rcv_from_drv(llc, skb);
160}
161
162inline int nfc_llc_xmit_from_hci(struct nfc_llc *llc, struct sk_buff *skb)
163{
164 return llc->ops->xmit_from_hci(llc, skb);
165}
166
167inline void *nfc_llc_get_data(struct nfc_llc *llc)
168{
169 return llc->data;
170}
diff --git a/net/nfc/hci/llc.h b/net/nfc/hci/llc.h
new file mode 100644
index 000000000000..7be0b7f3ceb6
--- /dev/null
+++ b/net/nfc/hci/llc.h
@@ -0,0 +1,69 @@
1/*
2 * Link Layer Control manager
3 *
4 * Copyright (C) 2012 Intel Corporation. All rights reserved.
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms and conditions of the GNU General Public License,
8 * version 2, as published by the Free Software Foundation.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the
17 * Free Software Foundation, Inc.,
18 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
19 */
20
21#ifndef __LOCAL_LLC_H_
22#define __LOCAL_LLC_H_
23
24#include <net/nfc/hci.h>
25#include <net/nfc/llc.h>
26#include <linux/skbuff.h>
27
28struct nfc_llc_ops {
29 void *(*init) (struct nfc_hci_dev *hdev, xmit_to_drv_t xmit_to_drv,
30 rcv_to_hci_t rcv_to_hci, int tx_headroom,
31 int tx_tailroom, int *rx_headroom, int *rx_tailroom,
32 llc_failure_t llc_failure);
33 void (*deinit) (struct nfc_llc *llc);
34 int (*start) (struct nfc_llc *llc);
35 int (*stop) (struct nfc_llc *llc);
36 void (*rcv_from_drv) (struct nfc_llc *llc, struct sk_buff *skb);
37 int (*xmit_from_hci) (struct nfc_llc *llc, struct sk_buff *skb);
38};
39
40struct nfc_llc_engine {
41 const char *name;
42 struct nfc_llc_ops *ops;
43 struct list_head entry;
44};
45
46struct nfc_llc {
47 void *data;
48 struct nfc_llc_ops *ops;
49 int rx_headroom;
50 int rx_tailroom;
51};
52
53void *nfc_llc_get_data(struct nfc_llc *llc);
54
55int nfc_llc_register(const char *name, struct nfc_llc_ops *ops);
56void nfc_llc_unregister(const char *name);
57
58int nfc_llc_nop_register(void);
59
60#if defined(CONFIG_NFC_SHDLC)
61int nfc_llc_shdlc_register(void);
62#else
63static inline int nfc_llc_shdlc_register(void)
64{
65 return 0;
66}
67#endif
68
69#endif /* __LOCAL_LLC_H_ */
diff --git a/net/nfc/hci/llc_nop.c b/net/nfc/hci/llc_nop.c
new file mode 100644
index 000000000000..87b10291b40f
--- /dev/null
+++ b/net/nfc/hci/llc_nop.c
@@ -0,0 +1,99 @@
1/*
2 * nop (passthrough) Link Layer Control
3 *
4 * Copyright (C) 2012 Intel Corporation. All rights reserved.
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms and conditions of the GNU General Public License,
8 * version 2, as published by the Free Software Foundation.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the
17 * Free Software Foundation, Inc.,
18 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
19 */
20
21#include <linux/types.h>
22
23#include "llc.h"
24
25struct llc_nop {
26 struct nfc_hci_dev *hdev;
27 xmit_to_drv_t xmit_to_drv;
28 rcv_to_hci_t rcv_to_hci;
29 int tx_headroom;
30 int tx_tailroom;
31 llc_failure_t llc_failure;
32};
33
34static void *llc_nop_init(struct nfc_hci_dev *hdev, xmit_to_drv_t xmit_to_drv,
35 rcv_to_hci_t rcv_to_hci, int tx_headroom,
36 int tx_tailroom, int *rx_headroom, int *rx_tailroom,
37 llc_failure_t llc_failure)
38{
39 struct llc_nop *llc_nop;
40
41 *rx_headroom = 0;
42 *rx_tailroom = 0;
43
44 llc_nop = kzalloc(sizeof(struct llc_nop), GFP_KERNEL);
45 if (llc_nop == NULL)
46 return NULL;
47
48 llc_nop->hdev = hdev;
49 llc_nop->xmit_to_drv = xmit_to_drv;
50 llc_nop->rcv_to_hci = rcv_to_hci;
51 llc_nop->tx_headroom = tx_headroom;
52 llc_nop->tx_tailroom = tx_tailroom;
53 llc_nop->llc_failure = llc_failure;
54
55 return llc_nop;
56}
57
58static void llc_nop_deinit(struct nfc_llc *llc)
59{
60 kfree(nfc_llc_get_data(llc));
61}
62
63static int llc_nop_start(struct nfc_llc *llc)
64{
65 return 0;
66}
67
68static int llc_nop_stop(struct nfc_llc *llc)
69{
70 return 0;
71}
72
73static void llc_nop_rcv_from_drv(struct nfc_llc *llc, struct sk_buff *skb)
74{
75 struct llc_nop *llc_nop = nfc_llc_get_data(llc);
76
77 llc_nop->rcv_to_hci(llc_nop->hdev, skb);
78}
79
80static int llc_nop_xmit_from_hci(struct nfc_llc *llc, struct sk_buff *skb)
81{
82 struct llc_nop *llc_nop = nfc_llc_get_data(llc);
83
84 return llc_nop->xmit_to_drv(llc_nop->hdev, skb);
85}
86
87static struct nfc_llc_ops llc_nop_ops = {
88 .init = llc_nop_init,
89 .deinit = llc_nop_deinit,
90 .start = llc_nop_start,
91 .stop = llc_nop_stop,
92 .rcv_from_drv = llc_nop_rcv_from_drv,
93 .xmit_from_hci = llc_nop_xmit_from_hci,
94};
95
96int nfc_llc_nop_register(void)
97{
98 return nfc_llc_register(LLC_NOP_NAME, &llc_nop_ops);
99}
diff --git a/net/nfc/hci/shdlc.c b/net/nfc/hci/llc_shdlc.c
index 6f840c18c892..8f69d791dcb3 100644
--- a/net/nfc/hci/shdlc.c
+++ b/net/nfc/hci/llc_shdlc.c
@@ -1,10 +1,11 @@
1/* 1/*
2 * shdlc Link Layer Control
3 *
2 * Copyright (C) 2012 Intel Corporation. All rights reserved. 4 * Copyright (C) 2012 Intel Corporation. All rights reserved.
3 * 5 *
4 * This program is free software; you can redistribute it and/or modify 6 * This program is free software; you can redistribute it and/or modify it
5 * it under the terms of the GNU General Public License as published by 7 * under the terms and conditions of the GNU General Public License,
6 * the Free Software Foundation; either version 2 of the License, or 8 * version 2, as published by the Free Software Foundation.
7 * (at your option) any later version.
8 * 9 *
9 * This program is distributed in the hope that it will be useful, 10 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
@@ -19,18 +20,65 @@
19 20
20#define pr_fmt(fmt) "shdlc: %s: " fmt, __func__ 21#define pr_fmt(fmt) "shdlc: %s: " fmt, __func__
21 22
23#include <linux/types.h>
22#include <linux/sched.h> 24#include <linux/sched.h>
23#include <linux/export.h>
24#include <linux/wait.h> 25#include <linux/wait.h>
25#include <linux/crc-ccitt.h>
26#include <linux/slab.h> 26#include <linux/slab.h>
27#include <linux/skbuff.h> 27#include <linux/skbuff.h>
28 28
29#include <net/nfc/hci.h> 29#include "llc.h"
30#include <net/nfc/shdlc.h> 30
31enum shdlc_state {
32 SHDLC_DISCONNECTED = 0,
33 SHDLC_CONNECTING = 1,
34 SHDLC_NEGOTIATING = 2,
35 SHDLC_HALF_CONNECTED = 3,
36 SHDLC_CONNECTED = 4
37};
38
39struct llc_shdlc {
40 struct nfc_hci_dev *hdev;
41 xmit_to_drv_t xmit_to_drv;
42 rcv_to_hci_t rcv_to_hci;
43
44 struct mutex state_mutex;
45 enum shdlc_state state;
46 int hard_fault;
47
48 wait_queue_head_t *connect_wq;
49 int connect_tries;
50 int connect_result;
51 struct timer_list connect_timer;/* aka T3 in spec 10.6.1 */
52
53 u8 w; /* window size */
54 bool srej_support;
55
56 struct timer_list t1_timer; /* send ack timeout */
57 bool t1_active;
58
59 struct timer_list t2_timer; /* guard/retransmit timeout */
60 bool t2_active;
61
62 int ns; /* next seq num for send */
63 int nr; /* next expected seq num for receive */
64 int dnr; /* oldest sent unacked seq num */
65
66 struct sk_buff_head rcv_q;
67
68 struct sk_buff_head send_q;
69 bool rnr; /* other side is not ready to receive */
70
71 struct sk_buff_head ack_pending_q;
72
73 struct work_struct sm_work;
74
75 int tx_headroom;
76 int tx_tailroom;
77
78 llc_failure_t llc_failure;
79};
31 80
32#define SHDLC_LLC_HEAD_ROOM 2 81#define SHDLC_LLC_HEAD_ROOM 2
33#define SHDLC_LLC_TAIL_ROOM 2
34 82
35#define SHDLC_MAX_WINDOW 4 83#define SHDLC_MAX_WINDOW 4
36#define SHDLC_SREJ_SUPPORT false 84#define SHDLC_SREJ_SUPPORT false
@@ -71,7 +119,7 @@ do { \
71} while (0) 119} while (0)
72 120
73/* checks x < y <= z modulo 8 */ 121/* checks x < y <= z modulo 8 */
74static bool nfc_shdlc_x_lt_y_lteq_z(int x, int y, int z) 122static bool llc_shdlc_x_lt_y_lteq_z(int x, int y, int z)
75{ 123{
76 if (x < z) 124 if (x < z)
77 return ((x < y) && (y <= z)) ? true : false; 125 return ((x < y) && (y <= z)) ? true : false;
@@ -80,7 +128,7 @@ static bool nfc_shdlc_x_lt_y_lteq_z(int x, int y, int z)
80} 128}
81 129
82/* checks x <= y < z modulo 8 */ 130/* checks x <= y < z modulo 8 */
83static bool nfc_shdlc_x_lteq_y_lt_z(int x, int y, int z) 131static bool llc_shdlc_x_lteq_y_lt_z(int x, int y, int z)
84{ 132{
85 if (x <= z) 133 if (x <= z)
86 return ((x <= y) && (y < z)) ? true : false; 134 return ((x <= y) && (y < z)) ? true : false;
@@ -88,36 +136,21 @@ static bool nfc_shdlc_x_lteq_y_lt_z(int x, int y, int z)
88 return ((y >= x) || (y < z)) ? true : false; 136 return ((y >= x) || (y < z)) ? true : false;
89} 137}
90 138
91static struct sk_buff *nfc_shdlc_alloc_skb(struct nfc_shdlc *shdlc, 139static struct sk_buff *llc_shdlc_alloc_skb(struct llc_shdlc *shdlc,
92 int payload_len) 140 int payload_len)
93{ 141{
94 struct sk_buff *skb; 142 struct sk_buff *skb;
95 143
96 skb = alloc_skb(shdlc->client_headroom + SHDLC_LLC_HEAD_ROOM + 144 skb = alloc_skb(shdlc->tx_headroom + SHDLC_LLC_HEAD_ROOM +
97 shdlc->client_tailroom + SHDLC_LLC_TAIL_ROOM + 145 shdlc->tx_tailroom + payload_len, GFP_KERNEL);
98 payload_len, GFP_KERNEL);
99 if (skb) 146 if (skb)
100 skb_reserve(skb, shdlc->client_headroom + SHDLC_LLC_HEAD_ROOM); 147 skb_reserve(skb, shdlc->tx_headroom + SHDLC_LLC_HEAD_ROOM);
101 148
102 return skb; 149 return skb;
103} 150}
104 151
105static void nfc_shdlc_add_len_crc(struct sk_buff *skb)
106{
107 u16 crc;
108 int len;
109
110 len = skb->len + 2;
111 *skb_push(skb, 1) = len;
112
113 crc = crc_ccitt(0xffff, skb->data, skb->len);
114 crc = ~crc;
115 *skb_put(skb, 1) = crc & 0xff;
116 *skb_put(skb, 1) = crc >> 8;
117}
118
119/* immediately sends an S frame. */ 152/* immediately sends an S frame. */
120static int nfc_shdlc_send_s_frame(struct nfc_shdlc *shdlc, 153static int llc_shdlc_send_s_frame(struct llc_shdlc *shdlc,
121 enum sframe_type sframe_type, int nr) 154 enum sframe_type sframe_type, int nr)
122{ 155{
123 int r; 156 int r;
@@ -125,15 +158,13 @@ static int nfc_shdlc_send_s_frame(struct nfc_shdlc *shdlc,
125 158
126 pr_debug("sframe_type=%d nr=%d\n", sframe_type, nr); 159 pr_debug("sframe_type=%d nr=%d\n", sframe_type, nr);
127 160
128 skb = nfc_shdlc_alloc_skb(shdlc, 0); 161 skb = llc_shdlc_alloc_skb(shdlc, 0);
129 if (skb == NULL) 162 if (skb == NULL)
130 return -ENOMEM; 163 return -ENOMEM;
131 164
132 *skb_push(skb, 1) = SHDLC_CONTROL_HEAD_S | (sframe_type << 3) | nr; 165 *skb_push(skb, 1) = SHDLC_CONTROL_HEAD_S | (sframe_type << 3) | nr;
133 166
134 nfc_shdlc_add_len_crc(skb); 167 r = shdlc->xmit_to_drv(shdlc->hdev, skb);
135
136 r = shdlc->ops->xmit(shdlc, skb);
137 168
138 kfree_skb(skb); 169 kfree_skb(skb);
139 170
@@ -141,7 +172,7 @@ static int nfc_shdlc_send_s_frame(struct nfc_shdlc *shdlc,
141} 172}
142 173
143/* immediately sends an U frame. skb may contain optional payload */ 174/* immediately sends an U frame. skb may contain optional payload */
144static int nfc_shdlc_send_u_frame(struct nfc_shdlc *shdlc, 175static int llc_shdlc_send_u_frame(struct llc_shdlc *shdlc,
145 struct sk_buff *skb, 176 struct sk_buff *skb,
146 enum uframe_modifier uframe_modifier) 177 enum uframe_modifier uframe_modifier)
147{ 178{
@@ -151,9 +182,7 @@ static int nfc_shdlc_send_u_frame(struct nfc_shdlc *shdlc,
151 182
152 *skb_push(skb, 1) = SHDLC_CONTROL_HEAD_U | uframe_modifier; 183 *skb_push(skb, 1) = SHDLC_CONTROL_HEAD_U | uframe_modifier;
153 184
154 nfc_shdlc_add_len_crc(skb); 185 r = shdlc->xmit_to_drv(shdlc->hdev, skb);
155
156 r = shdlc->ops->xmit(shdlc, skb);
157 186
158 kfree_skb(skb); 187 kfree_skb(skb);
159 188
@@ -164,7 +193,7 @@ static int nfc_shdlc_send_u_frame(struct nfc_shdlc *shdlc,
164 * Free ack_pending frames until y_nr - 1, and reset t2 according to 193 * Free ack_pending frames until y_nr - 1, and reset t2 according to
165 * the remaining oldest ack_pending frame sent time 194 * the remaining oldest ack_pending frame sent time
166 */ 195 */
167static void nfc_shdlc_reset_t2(struct nfc_shdlc *shdlc, int y_nr) 196static void llc_shdlc_reset_t2(struct llc_shdlc *shdlc, int y_nr)
168{ 197{
169 struct sk_buff *skb; 198 struct sk_buff *skb;
170 int dnr = shdlc->dnr; /* MUST initially be < y_nr */ 199 int dnr = shdlc->dnr; /* MUST initially be < y_nr */
@@ -204,7 +233,7 @@ static void nfc_shdlc_reset_t2(struct nfc_shdlc *shdlc, int y_nr)
204 * Receive validated frames from lower layer. skb contains HCI payload only. 233 * Receive validated frames from lower layer. skb contains HCI payload only.
205 * Handle according to algorithm at spec:10.8.2 234 * Handle according to algorithm at spec:10.8.2
206 */ 235 */
207static void nfc_shdlc_rcv_i_frame(struct nfc_shdlc *shdlc, 236static void llc_shdlc_rcv_i_frame(struct llc_shdlc *shdlc,
208 struct sk_buff *skb, int ns, int nr) 237 struct sk_buff *skb, int ns, int nr)
209{ 238{
210 int x_ns = ns; 239 int x_ns = ns;
@@ -216,66 +245,64 @@ static void nfc_shdlc_rcv_i_frame(struct nfc_shdlc *shdlc,
216 goto exit; 245 goto exit;
217 246
218 if (x_ns != shdlc->nr) { 247 if (x_ns != shdlc->nr) {
219 nfc_shdlc_send_s_frame(shdlc, S_FRAME_REJ, shdlc->nr); 248 llc_shdlc_send_s_frame(shdlc, S_FRAME_REJ, shdlc->nr);
220 goto exit; 249 goto exit;
221 } 250 }
222 251
223 if (shdlc->t1_active == false) { 252 if (shdlc->t1_active == false) {
224 shdlc->t1_active = true; 253 shdlc->t1_active = true;
225 mod_timer(&shdlc->t1_timer, 254 mod_timer(&shdlc->t1_timer, jiffies +
226 msecs_to_jiffies(SHDLC_T1_VALUE_MS(shdlc->w))); 255 msecs_to_jiffies(SHDLC_T1_VALUE_MS(shdlc->w)));
227 pr_debug("(re)Start T1(send ack)\n"); 256 pr_debug("(re)Start T1(send ack)\n");
228 } 257 }
229 258
230 if (skb->len) { 259 if (skb->len) {
231 nfc_hci_recv_frame(shdlc->hdev, skb); 260 shdlc->rcv_to_hci(shdlc->hdev, skb);
232 skb = NULL; 261 skb = NULL;
233 } 262 }
234 263
235 shdlc->nr = (shdlc->nr + 1) % 8; 264 shdlc->nr = (shdlc->nr + 1) % 8;
236 265
237 if (nfc_shdlc_x_lt_y_lteq_z(shdlc->dnr, y_nr, shdlc->ns)) { 266 if (llc_shdlc_x_lt_y_lteq_z(shdlc->dnr, y_nr, shdlc->ns)) {
238 nfc_shdlc_reset_t2(shdlc, y_nr); 267 llc_shdlc_reset_t2(shdlc, y_nr);
239 268
240 shdlc->dnr = y_nr; 269 shdlc->dnr = y_nr;
241 } 270 }
242 271
243exit: 272exit:
244 if (skb) 273 kfree_skb(skb);
245 kfree_skb(skb);
246} 274}
247 275
248static void nfc_shdlc_rcv_ack(struct nfc_shdlc *shdlc, int y_nr) 276static void llc_shdlc_rcv_ack(struct llc_shdlc *shdlc, int y_nr)
249{ 277{
250 pr_debug("remote acked up to frame %d excluded\n", y_nr); 278 pr_debug("remote acked up to frame %d excluded\n", y_nr);
251 279
252 if (nfc_shdlc_x_lt_y_lteq_z(shdlc->dnr, y_nr, shdlc->ns)) { 280 if (llc_shdlc_x_lt_y_lteq_z(shdlc->dnr, y_nr, shdlc->ns)) {
253 nfc_shdlc_reset_t2(shdlc, y_nr); 281 llc_shdlc_reset_t2(shdlc, y_nr);
254 shdlc->dnr = y_nr; 282 shdlc->dnr = y_nr;
255 } 283 }
256} 284}
257 285
258static void nfc_shdlc_requeue_ack_pending(struct nfc_shdlc *shdlc) 286static void llc_shdlc_requeue_ack_pending(struct llc_shdlc *shdlc)
259{ 287{
260 struct sk_buff *skb; 288 struct sk_buff *skb;
261 289
262 pr_debug("ns reset to %d\n", shdlc->dnr); 290 pr_debug("ns reset to %d\n", shdlc->dnr);
263 291
264 while ((skb = skb_dequeue_tail(&shdlc->ack_pending_q))) { 292 while ((skb = skb_dequeue_tail(&shdlc->ack_pending_q))) {
265 skb_pull(skb, 2); /* remove len+control */ 293 skb_pull(skb, 1); /* remove control field */
266 skb_trim(skb, skb->len - 2); /* remove crc */
267 skb_queue_head(&shdlc->send_q, skb); 294 skb_queue_head(&shdlc->send_q, skb);
268 } 295 }
269 shdlc->ns = shdlc->dnr; 296 shdlc->ns = shdlc->dnr;
270} 297}
271 298
272static void nfc_shdlc_rcv_rej(struct nfc_shdlc *shdlc, int y_nr) 299static void llc_shdlc_rcv_rej(struct llc_shdlc *shdlc, int y_nr)
273{ 300{
274 struct sk_buff *skb; 301 struct sk_buff *skb;
275 302
276 pr_debug("remote asks retransmition from frame %d\n", y_nr); 303 pr_debug("remote asks retransmition from frame %d\n", y_nr);
277 304
278 if (nfc_shdlc_x_lteq_y_lt_z(shdlc->dnr, y_nr, shdlc->ns)) { 305 if (llc_shdlc_x_lteq_y_lt_z(shdlc->dnr, y_nr, shdlc->ns)) {
279 if (shdlc->t2_active) { 306 if (shdlc->t2_active) {
280 del_timer_sync(&shdlc->t2_timer); 307 del_timer_sync(&shdlc->t2_timer);
281 shdlc->t2_active = false; 308 shdlc->t2_active = false;
@@ -289,12 +316,12 @@ static void nfc_shdlc_rcv_rej(struct nfc_shdlc *shdlc, int y_nr)
289 } 316 }
290 } 317 }
291 318
292 nfc_shdlc_requeue_ack_pending(shdlc); 319 llc_shdlc_requeue_ack_pending(shdlc);
293 } 320 }
294} 321}
295 322
296/* See spec RR:10.8.3 REJ:10.8.4 */ 323/* See spec RR:10.8.3 REJ:10.8.4 */
297static void nfc_shdlc_rcv_s_frame(struct nfc_shdlc *shdlc, 324static void llc_shdlc_rcv_s_frame(struct llc_shdlc *shdlc,
298 enum sframe_type s_frame_type, int nr) 325 enum sframe_type s_frame_type, int nr)
299{ 326{
300 struct sk_buff *skb; 327 struct sk_buff *skb;
@@ -304,21 +331,21 @@ static void nfc_shdlc_rcv_s_frame(struct nfc_shdlc *shdlc,
304 331
305 switch (s_frame_type) { 332 switch (s_frame_type) {
306 case S_FRAME_RR: 333 case S_FRAME_RR:
307 nfc_shdlc_rcv_ack(shdlc, nr); 334 llc_shdlc_rcv_ack(shdlc, nr);
308 if (shdlc->rnr == true) { /* see SHDLC 10.7.7 */ 335 if (shdlc->rnr == true) { /* see SHDLC 10.7.7 */
309 shdlc->rnr = false; 336 shdlc->rnr = false;
310 if (shdlc->send_q.qlen == 0) { 337 if (shdlc->send_q.qlen == 0) {
311 skb = nfc_shdlc_alloc_skb(shdlc, 0); 338 skb = llc_shdlc_alloc_skb(shdlc, 0);
312 if (skb) 339 if (skb)
313 skb_queue_tail(&shdlc->send_q, skb); 340 skb_queue_tail(&shdlc->send_q, skb);
314 } 341 }
315 } 342 }
316 break; 343 break;
317 case S_FRAME_REJ: 344 case S_FRAME_REJ:
318 nfc_shdlc_rcv_rej(shdlc, nr); 345 llc_shdlc_rcv_rej(shdlc, nr);
319 break; 346 break;
320 case S_FRAME_RNR: 347 case S_FRAME_RNR:
321 nfc_shdlc_rcv_ack(shdlc, nr); 348 llc_shdlc_rcv_ack(shdlc, nr);
322 shdlc->rnr = true; 349 shdlc->rnr = true;
323 break; 350 break;
324 default: 351 default:
@@ -326,7 +353,7 @@ static void nfc_shdlc_rcv_s_frame(struct nfc_shdlc *shdlc,
326 } 353 }
327} 354}
328 355
329static void nfc_shdlc_connect_complete(struct nfc_shdlc *shdlc, int r) 356static void llc_shdlc_connect_complete(struct llc_shdlc *shdlc, int r)
330{ 357{
331 pr_debug("result=%d\n", r); 358 pr_debug("result=%d\n", r);
332 359
@@ -337,7 +364,7 @@ static void nfc_shdlc_connect_complete(struct nfc_shdlc *shdlc, int r)
337 shdlc->nr = 0; 364 shdlc->nr = 0;
338 shdlc->dnr = 0; 365 shdlc->dnr = 0;
339 366
340 shdlc->state = SHDLC_CONNECTED; 367 shdlc->state = SHDLC_HALF_CONNECTED;
341 } else { 368 } else {
342 shdlc->state = SHDLC_DISCONNECTED; 369 shdlc->state = SHDLC_DISCONNECTED;
343 } 370 }
@@ -347,36 +374,36 @@ static void nfc_shdlc_connect_complete(struct nfc_shdlc *shdlc, int r)
347 wake_up(shdlc->connect_wq); 374 wake_up(shdlc->connect_wq);
348} 375}
349 376
350static int nfc_shdlc_connect_initiate(struct nfc_shdlc *shdlc) 377static int llc_shdlc_connect_initiate(struct llc_shdlc *shdlc)
351{ 378{
352 struct sk_buff *skb; 379 struct sk_buff *skb;
353 380
354 pr_debug("\n"); 381 pr_debug("\n");
355 382
356 skb = nfc_shdlc_alloc_skb(shdlc, 2); 383 skb = llc_shdlc_alloc_skb(shdlc, 2);
357 if (skb == NULL) 384 if (skb == NULL)
358 return -ENOMEM; 385 return -ENOMEM;
359 386
360 *skb_put(skb, 1) = SHDLC_MAX_WINDOW; 387 *skb_put(skb, 1) = SHDLC_MAX_WINDOW;
361 *skb_put(skb, 1) = SHDLC_SREJ_SUPPORT ? 1 : 0; 388 *skb_put(skb, 1) = SHDLC_SREJ_SUPPORT ? 1 : 0;
362 389
363 return nfc_shdlc_send_u_frame(shdlc, skb, U_FRAME_RSET); 390 return llc_shdlc_send_u_frame(shdlc, skb, U_FRAME_RSET);
364} 391}
365 392
366static int nfc_shdlc_connect_send_ua(struct nfc_shdlc *shdlc) 393static int llc_shdlc_connect_send_ua(struct llc_shdlc *shdlc)
367{ 394{
368 struct sk_buff *skb; 395 struct sk_buff *skb;
369 396
370 pr_debug("\n"); 397 pr_debug("\n");
371 398
372 skb = nfc_shdlc_alloc_skb(shdlc, 0); 399 skb = llc_shdlc_alloc_skb(shdlc, 0);
373 if (skb == NULL) 400 if (skb == NULL)
374 return -ENOMEM; 401 return -ENOMEM;
375 402
376 return nfc_shdlc_send_u_frame(shdlc, skb, U_FRAME_UA); 403 return llc_shdlc_send_u_frame(shdlc, skb, U_FRAME_UA);
377} 404}
378 405
379static void nfc_shdlc_rcv_u_frame(struct nfc_shdlc *shdlc, 406static void llc_shdlc_rcv_u_frame(struct llc_shdlc *shdlc,
380 struct sk_buff *skb, 407 struct sk_buff *skb,
381 enum uframe_modifier u_frame_modifier) 408 enum uframe_modifier u_frame_modifier)
382{ 409{
@@ -388,8 +415,13 @@ static void nfc_shdlc_rcv_u_frame(struct nfc_shdlc *shdlc,
388 415
389 switch (u_frame_modifier) { 416 switch (u_frame_modifier) {
390 case U_FRAME_RSET: 417 case U_FRAME_RSET:
391 if (shdlc->state == SHDLC_NEGOCIATING) { 418 switch (shdlc->state) {
392 /* we sent RSET, but chip wants to negociate */ 419 case SHDLC_NEGOTIATING:
420 case SHDLC_CONNECTING:
421 /*
422 * We sent RSET, but chip wants to negociate or we
423 * got RSET before we managed to send out our.
424 */
393 if (skb->len > 0) 425 if (skb->len > 0)
394 w = skb->data[0]; 426 w = skb->data[0];
395 427
@@ -401,22 +433,34 @@ static void nfc_shdlc_rcv_u_frame(struct nfc_shdlc *shdlc,
401 (SHDLC_SREJ_SUPPORT || (srej_support == false))) { 433 (SHDLC_SREJ_SUPPORT || (srej_support == false))) {
402 shdlc->w = w; 434 shdlc->w = w;
403 shdlc->srej_support = srej_support; 435 shdlc->srej_support = srej_support;
404 r = nfc_shdlc_connect_send_ua(shdlc); 436 r = llc_shdlc_connect_send_ua(shdlc);
405 nfc_shdlc_connect_complete(shdlc, r); 437 llc_shdlc_connect_complete(shdlc, r);
406 } 438 }
407 } else if (shdlc->state == SHDLC_CONNECTED) { 439 break;
440 case SHDLC_HALF_CONNECTED:
441 /*
442 * Chip resent RSET due to its timeout - Ignote it
443 * as we already sent UA.
444 */
445 break;
446 case SHDLC_CONNECTED:
408 /* 447 /*
409 * Chip wants to reset link. This is unexpected and 448 * Chip wants to reset link. This is unexpected and
410 * unsupported. 449 * unsupported.
411 */ 450 */
412 shdlc->hard_fault = -ECONNRESET; 451 shdlc->hard_fault = -ECONNRESET;
452 break;
453 default:
454 break;
413 } 455 }
414 break; 456 break;
415 case U_FRAME_UA: 457 case U_FRAME_UA:
416 if ((shdlc->state == SHDLC_CONNECTING && 458 if ((shdlc->state == SHDLC_CONNECTING &&
417 shdlc->connect_tries > 0) || 459 shdlc->connect_tries > 0) ||
418 (shdlc->state == SHDLC_NEGOCIATING)) 460 (shdlc->state == SHDLC_NEGOTIATING)) {
419 nfc_shdlc_connect_complete(shdlc, 0); 461 llc_shdlc_connect_complete(shdlc, 0);
462 shdlc->state = SHDLC_CONNECTED;
463 }
420 break; 464 break;
421 default: 465 default:
422 break; 466 break;
@@ -425,7 +469,7 @@ static void nfc_shdlc_rcv_u_frame(struct nfc_shdlc *shdlc,
425 kfree_skb(skb); 469 kfree_skb(skb);
426} 470}
427 471
428static void nfc_shdlc_handle_rcv_queue(struct nfc_shdlc *shdlc) 472static void llc_shdlc_handle_rcv_queue(struct llc_shdlc *shdlc)
429{ 473{
430 struct sk_buff *skb; 474 struct sk_buff *skb;
431 u8 control; 475 u8 control;
@@ -443,19 +487,25 @@ static void nfc_shdlc_handle_rcv_queue(struct nfc_shdlc *shdlc)
443 switch (control & SHDLC_CONTROL_HEAD_MASK) { 487 switch (control & SHDLC_CONTROL_HEAD_MASK) {
444 case SHDLC_CONTROL_HEAD_I: 488 case SHDLC_CONTROL_HEAD_I:
445 case SHDLC_CONTROL_HEAD_I2: 489 case SHDLC_CONTROL_HEAD_I2:
490 if (shdlc->state == SHDLC_HALF_CONNECTED)
491 shdlc->state = SHDLC_CONNECTED;
492
446 ns = (control & SHDLC_CONTROL_NS_MASK) >> 3; 493 ns = (control & SHDLC_CONTROL_NS_MASK) >> 3;
447 nr = control & SHDLC_CONTROL_NR_MASK; 494 nr = control & SHDLC_CONTROL_NR_MASK;
448 nfc_shdlc_rcv_i_frame(shdlc, skb, ns, nr); 495 llc_shdlc_rcv_i_frame(shdlc, skb, ns, nr);
449 break; 496 break;
450 case SHDLC_CONTROL_HEAD_S: 497 case SHDLC_CONTROL_HEAD_S:
498 if (shdlc->state == SHDLC_HALF_CONNECTED)
499 shdlc->state = SHDLC_CONNECTED;
500
451 s_frame_type = (control & SHDLC_CONTROL_TYPE_MASK) >> 3; 501 s_frame_type = (control & SHDLC_CONTROL_TYPE_MASK) >> 3;
452 nr = control & SHDLC_CONTROL_NR_MASK; 502 nr = control & SHDLC_CONTROL_NR_MASK;
453 nfc_shdlc_rcv_s_frame(shdlc, s_frame_type, nr); 503 llc_shdlc_rcv_s_frame(shdlc, s_frame_type, nr);
454 kfree_skb(skb); 504 kfree_skb(skb);
455 break; 505 break;
456 case SHDLC_CONTROL_HEAD_U: 506 case SHDLC_CONTROL_HEAD_U:
457 u_frame_modifier = control & SHDLC_CONTROL_M_MASK; 507 u_frame_modifier = control & SHDLC_CONTROL_M_MASK;
458 nfc_shdlc_rcv_u_frame(shdlc, skb, u_frame_modifier); 508 llc_shdlc_rcv_u_frame(shdlc, skb, u_frame_modifier);
459 break; 509 break;
460 default: 510 default:
461 pr_err("UNKNOWN Control=%d\n", control); 511 pr_err("UNKNOWN Control=%d\n", control);
@@ -465,7 +515,7 @@ static void nfc_shdlc_handle_rcv_queue(struct nfc_shdlc *shdlc)
465 } 515 }
466} 516}
467 517
468static int nfc_shdlc_w_used(int ns, int dnr) 518static int llc_shdlc_w_used(int ns, int dnr)
469{ 519{
470 int unack_count; 520 int unack_count;
471 521
@@ -478,7 +528,7 @@ static int nfc_shdlc_w_used(int ns, int dnr)
478} 528}
479 529
480/* Send frames according to algorithm at spec:10.8.1 */ 530/* Send frames according to algorithm at spec:10.8.1 */
481static void nfc_shdlc_handle_send_queue(struct nfc_shdlc *shdlc) 531static void llc_shdlc_handle_send_queue(struct llc_shdlc *shdlc)
482{ 532{
483 struct sk_buff *skb; 533 struct sk_buff *skb;
484 int r; 534 int r;
@@ -489,7 +539,7 @@ static void nfc_shdlc_handle_send_queue(struct nfc_shdlc *shdlc)
489 ("sendQlen=%d ns=%d dnr=%d rnr=%s w_room=%d unackQlen=%d\n", 539 ("sendQlen=%d ns=%d dnr=%d rnr=%s w_room=%d unackQlen=%d\n",
490 shdlc->send_q.qlen, shdlc->ns, shdlc->dnr, 540 shdlc->send_q.qlen, shdlc->ns, shdlc->dnr,
491 shdlc->rnr == false ? "false" : "true", 541 shdlc->rnr == false ? "false" : "true",
492 shdlc->w - nfc_shdlc_w_used(shdlc->ns, shdlc->dnr), 542 shdlc->w - llc_shdlc_w_used(shdlc->ns, shdlc->dnr),
493 shdlc->ack_pending_q.qlen); 543 shdlc->ack_pending_q.qlen);
494 544
495 while (shdlc->send_q.qlen && shdlc->ack_pending_q.qlen < shdlc->w && 545 while (shdlc->send_q.qlen && shdlc->ack_pending_q.qlen < shdlc->w &&
@@ -508,11 +558,9 @@ static void nfc_shdlc_handle_send_queue(struct nfc_shdlc *shdlc)
508 558
509 pr_debug("Sending I-Frame %d, waiting to rcv %d\n", shdlc->ns, 559 pr_debug("Sending I-Frame %d, waiting to rcv %d\n", shdlc->ns,
510 shdlc->nr); 560 shdlc->nr);
511 /* SHDLC_DUMP_SKB("shdlc frame written", skb); */ 561 SHDLC_DUMP_SKB("shdlc frame written", skb);
512
513 nfc_shdlc_add_len_crc(skb);
514 562
515 r = shdlc->ops->xmit(shdlc, skb); 563 r = shdlc->xmit_to_drv(shdlc->hdev, skb);
516 if (r < 0) { 564 if (r < 0) {
517 shdlc->hard_fault = r; 565 shdlc->hard_fault = r;
518 break; 566 break;
@@ -534,36 +582,36 @@ static void nfc_shdlc_handle_send_queue(struct nfc_shdlc *shdlc)
534 } 582 }
535} 583}
536 584
537static void nfc_shdlc_connect_timeout(unsigned long data) 585static void llc_shdlc_connect_timeout(unsigned long data)
538{ 586{
539 struct nfc_shdlc *shdlc = (struct nfc_shdlc *)data; 587 struct llc_shdlc *shdlc = (struct llc_shdlc *)data;
540 588
541 pr_debug("\n"); 589 pr_debug("\n");
542 590
543 queue_work(shdlc->sm_wq, &shdlc->sm_work); 591 queue_work(system_nrt_wq, &shdlc->sm_work);
544} 592}
545 593
546static void nfc_shdlc_t1_timeout(unsigned long data) 594static void llc_shdlc_t1_timeout(unsigned long data)
547{ 595{
548 struct nfc_shdlc *shdlc = (struct nfc_shdlc *)data; 596 struct llc_shdlc *shdlc = (struct llc_shdlc *)data;
549 597
550 pr_debug("SoftIRQ: need to send ack\n"); 598 pr_debug("SoftIRQ: need to send ack\n");
551 599
552 queue_work(shdlc->sm_wq, &shdlc->sm_work); 600 queue_work(system_nrt_wq, &shdlc->sm_work);
553} 601}
554 602
555static void nfc_shdlc_t2_timeout(unsigned long data) 603static void llc_shdlc_t2_timeout(unsigned long data)
556{ 604{
557 struct nfc_shdlc *shdlc = (struct nfc_shdlc *)data; 605 struct llc_shdlc *shdlc = (struct llc_shdlc *)data;
558 606
559 pr_debug("SoftIRQ: need to retransmit\n"); 607 pr_debug("SoftIRQ: need to retransmit\n");
560 608
561 queue_work(shdlc->sm_wq, &shdlc->sm_work); 609 queue_work(system_nrt_wq, &shdlc->sm_work);
562} 610}
563 611
564static void nfc_shdlc_sm_work(struct work_struct *work) 612static void llc_shdlc_sm_work(struct work_struct *work)
565{ 613{
566 struct nfc_shdlc *shdlc = container_of(work, struct nfc_shdlc, sm_work); 614 struct llc_shdlc *shdlc = container_of(work, struct llc_shdlc, sm_work);
567 int r; 615 int r;
568 616
569 pr_debug("\n"); 617 pr_debug("\n");
@@ -578,46 +626,47 @@ static void nfc_shdlc_sm_work(struct work_struct *work)
578 break; 626 break;
579 case SHDLC_CONNECTING: 627 case SHDLC_CONNECTING:
580 if (shdlc->hard_fault) { 628 if (shdlc->hard_fault) {
581 nfc_shdlc_connect_complete(shdlc, shdlc->hard_fault); 629 llc_shdlc_connect_complete(shdlc, shdlc->hard_fault);
582 break; 630 break;
583 } 631 }
584 632
585 if (shdlc->connect_tries++ < 5) 633 if (shdlc->connect_tries++ < 5)
586 r = nfc_shdlc_connect_initiate(shdlc); 634 r = llc_shdlc_connect_initiate(shdlc);
587 else 635 else
588 r = -ETIME; 636 r = -ETIME;
589 if (r < 0) 637 if (r < 0)
590 nfc_shdlc_connect_complete(shdlc, r); 638 llc_shdlc_connect_complete(shdlc, r);
591 else { 639 else {
592 mod_timer(&shdlc->connect_timer, jiffies + 640 mod_timer(&shdlc->connect_timer, jiffies +
593 msecs_to_jiffies(SHDLC_CONNECT_VALUE_MS)); 641 msecs_to_jiffies(SHDLC_CONNECT_VALUE_MS));
594 642
595 shdlc->state = SHDLC_NEGOCIATING; 643 shdlc->state = SHDLC_NEGOTIATING;
596 } 644 }
597 break; 645 break;
598 case SHDLC_NEGOCIATING: 646 case SHDLC_NEGOTIATING:
599 if (timer_pending(&shdlc->connect_timer) == 0) { 647 if (timer_pending(&shdlc->connect_timer) == 0) {
600 shdlc->state = SHDLC_CONNECTING; 648 shdlc->state = SHDLC_CONNECTING;
601 queue_work(shdlc->sm_wq, &shdlc->sm_work); 649 queue_work(system_nrt_wq, &shdlc->sm_work);
602 } 650 }
603 651
604 nfc_shdlc_handle_rcv_queue(shdlc); 652 llc_shdlc_handle_rcv_queue(shdlc);
605 653
606 if (shdlc->hard_fault) { 654 if (shdlc->hard_fault) {
607 nfc_shdlc_connect_complete(shdlc, shdlc->hard_fault); 655 llc_shdlc_connect_complete(shdlc, shdlc->hard_fault);
608 break; 656 break;
609 } 657 }
610 break; 658 break;
659 case SHDLC_HALF_CONNECTED:
611 case SHDLC_CONNECTED: 660 case SHDLC_CONNECTED:
612 nfc_shdlc_handle_rcv_queue(shdlc); 661 llc_shdlc_handle_rcv_queue(shdlc);
613 nfc_shdlc_handle_send_queue(shdlc); 662 llc_shdlc_handle_send_queue(shdlc);
614 663
615 if (shdlc->t1_active && timer_pending(&shdlc->t1_timer) == 0) { 664 if (shdlc->t1_active && timer_pending(&shdlc->t1_timer) == 0) {
616 pr_debug 665 pr_debug
617 ("Handle T1(send ack) elapsed (T1 now inactive)\n"); 666 ("Handle T1(send ack) elapsed (T1 now inactive)\n");
618 667
619 shdlc->t1_active = false; 668 shdlc->t1_active = false;
620 r = nfc_shdlc_send_s_frame(shdlc, S_FRAME_RR, 669 r = llc_shdlc_send_s_frame(shdlc, S_FRAME_RR,
621 shdlc->nr); 670 shdlc->nr);
622 if (r < 0) 671 if (r < 0)
623 shdlc->hard_fault = r; 672 shdlc->hard_fault = r;
@@ -629,12 +678,12 @@ static void nfc_shdlc_sm_work(struct work_struct *work)
629 678
630 shdlc->t2_active = false; 679 shdlc->t2_active = false;
631 680
632 nfc_shdlc_requeue_ack_pending(shdlc); 681 llc_shdlc_requeue_ack_pending(shdlc);
633 nfc_shdlc_handle_send_queue(shdlc); 682 llc_shdlc_handle_send_queue(shdlc);
634 } 683 }
635 684
636 if (shdlc->hard_fault) { 685 if (shdlc->hard_fault) {
637 nfc_hci_driver_failure(shdlc->hdev, shdlc->hard_fault); 686 shdlc->llc_failure(shdlc->hdev, shdlc->hard_fault);
638 } 687 }
639 break; 688 break;
640 default: 689 default:
@@ -647,7 +696,7 @@ static void nfc_shdlc_sm_work(struct work_struct *work)
647 * Called from syscall context to establish shdlc link. Sleeps until 696 * Called from syscall context to establish shdlc link. Sleeps until
648 * link is ready or failure. 697 * link is ready or failure.
649 */ 698 */
650static int nfc_shdlc_connect(struct nfc_shdlc *shdlc) 699static int llc_shdlc_connect(struct llc_shdlc *shdlc)
651{ 700{
652 DECLARE_WAIT_QUEUE_HEAD_ONSTACK(connect_wq); 701 DECLARE_WAIT_QUEUE_HEAD_ONSTACK(connect_wq);
653 702
@@ -662,14 +711,14 @@ static int nfc_shdlc_connect(struct nfc_shdlc *shdlc)
662 711
663 mutex_unlock(&shdlc->state_mutex); 712 mutex_unlock(&shdlc->state_mutex);
664 713
665 queue_work(shdlc->sm_wq, &shdlc->sm_work); 714 queue_work(system_nrt_wq, &shdlc->sm_work);
666 715
667 wait_event(connect_wq, shdlc->connect_result != 1); 716 wait_event(connect_wq, shdlc->connect_result != 1);
668 717
669 return shdlc->connect_result; 718 return shdlc->connect_result;
670} 719}
671 720
672static void nfc_shdlc_disconnect(struct nfc_shdlc *shdlc) 721static void llc_shdlc_disconnect(struct llc_shdlc *shdlc)
673{ 722{
674 pr_debug("\n"); 723 pr_debug("\n");
675 724
@@ -679,7 +728,7 @@ static void nfc_shdlc_disconnect(struct nfc_shdlc *shdlc)
679 728
680 mutex_unlock(&shdlc->state_mutex); 729 mutex_unlock(&shdlc->state_mutex);
681 730
682 queue_work(shdlc->sm_wq, &shdlc->sm_work); 731 queue_work(system_nrt_wq, &shdlc->sm_work);
683} 732}
684 733
685/* 734/*
@@ -687,7 +736,7 @@ static void nfc_shdlc_disconnect(struct nfc_shdlc *shdlc)
687 * skb contains only LLC header and payload. 736 * skb contains only LLC header and payload.
688 * If skb == NULL, it is a notification that the link below is dead. 737 * If skb == NULL, it is a notification that the link below is dead.
689 */ 738 */
690void nfc_shdlc_recv_frame(struct nfc_shdlc *shdlc, struct sk_buff *skb) 739static void llc_shdlc_recv_frame(struct llc_shdlc *shdlc, struct sk_buff *skb)
691{ 740{
692 if (skb == NULL) { 741 if (skb == NULL) {
693 pr_err("NULL Frame -> link is dead\n"); 742 pr_err("NULL Frame -> link is dead\n");
@@ -697,176 +746,37 @@ void nfc_shdlc_recv_frame(struct nfc_shdlc *shdlc, struct sk_buff *skb)
697 skb_queue_tail(&shdlc->rcv_q, skb); 746 skb_queue_tail(&shdlc->rcv_q, skb);
698 } 747 }
699 748
700 queue_work(shdlc->sm_wq, &shdlc->sm_work); 749 queue_work(system_nrt_wq, &shdlc->sm_work);
701}
702EXPORT_SYMBOL(nfc_shdlc_recv_frame);
703
704static int nfc_shdlc_open(struct nfc_hci_dev *hdev)
705{
706 struct nfc_shdlc *shdlc = nfc_hci_get_clientdata(hdev);
707 int r;
708
709 pr_debug("\n");
710
711 if (shdlc->ops->open) {
712 r = shdlc->ops->open(shdlc);
713 if (r < 0)
714 return r;
715 }
716
717 r = nfc_shdlc_connect(shdlc);
718 if (r < 0 && shdlc->ops->close)
719 shdlc->ops->close(shdlc);
720
721 return r;
722}
723
724static void nfc_shdlc_close(struct nfc_hci_dev *hdev)
725{
726 struct nfc_shdlc *shdlc = nfc_hci_get_clientdata(hdev);
727
728 pr_debug("\n");
729
730 nfc_shdlc_disconnect(shdlc);
731
732 if (shdlc->ops->close)
733 shdlc->ops->close(shdlc);
734} 750}
735 751
736static int nfc_shdlc_hci_ready(struct nfc_hci_dev *hdev) 752static void *llc_shdlc_init(struct nfc_hci_dev *hdev, xmit_to_drv_t xmit_to_drv,
753 rcv_to_hci_t rcv_to_hci, int tx_headroom,
754 int tx_tailroom, int *rx_headroom, int *rx_tailroom,
755 llc_failure_t llc_failure)
737{ 756{
738 struct nfc_shdlc *shdlc = nfc_hci_get_clientdata(hdev); 757 struct llc_shdlc *shdlc;
739 int r = 0;
740
741 pr_debug("\n");
742 758
743 if (shdlc->ops->hci_ready) 759 *rx_headroom = SHDLC_LLC_HEAD_ROOM;
744 r = shdlc->ops->hci_ready(shdlc); 760 *rx_tailroom = 0;
745
746 return r;
747}
748
749static int nfc_shdlc_xmit(struct nfc_hci_dev *hdev, struct sk_buff *skb)
750{
751 struct nfc_shdlc *shdlc = nfc_hci_get_clientdata(hdev);
752
753 SHDLC_DUMP_SKB("queuing HCP packet to shdlc", skb);
754
755 skb_queue_tail(&shdlc->send_q, skb);
756 761
757 queue_work(shdlc->sm_wq, &shdlc->sm_work); 762 shdlc = kzalloc(sizeof(struct llc_shdlc), GFP_KERNEL);
758
759 return 0;
760}
761
762static int nfc_shdlc_start_poll(struct nfc_hci_dev *hdev,
763 u32 im_protocols, u32 tm_protocols)
764{
765 struct nfc_shdlc *shdlc = nfc_hci_get_clientdata(hdev);
766
767 pr_debug("\n");
768
769 if (shdlc->ops->start_poll)
770 return shdlc->ops->start_poll(shdlc,
771 im_protocols, tm_protocols);
772
773 return 0;
774}
775
776static int nfc_shdlc_target_from_gate(struct nfc_hci_dev *hdev, u8 gate,
777 struct nfc_target *target)
778{
779 struct nfc_shdlc *shdlc = nfc_hci_get_clientdata(hdev);
780
781 if (shdlc->ops->target_from_gate)
782 return shdlc->ops->target_from_gate(shdlc, gate, target);
783
784 return -EPERM;
785}
786
787static int nfc_shdlc_complete_target_discovered(struct nfc_hci_dev *hdev,
788 u8 gate,
789 struct nfc_target *target)
790{
791 struct nfc_shdlc *shdlc = nfc_hci_get_clientdata(hdev);
792
793 pr_debug("\n");
794
795 if (shdlc->ops->complete_target_discovered)
796 return shdlc->ops->complete_target_discovered(shdlc, gate,
797 target);
798
799 return 0;
800}
801
802static int nfc_shdlc_data_exchange(struct nfc_hci_dev *hdev,
803 struct nfc_target *target,
804 struct sk_buff *skb,
805 struct sk_buff **res_skb)
806{
807 struct nfc_shdlc *shdlc = nfc_hci_get_clientdata(hdev);
808
809 if (shdlc->ops->data_exchange)
810 return shdlc->ops->data_exchange(shdlc, target, skb, res_skb);
811
812 return -EPERM;
813}
814
815static int nfc_shdlc_check_presence(struct nfc_hci_dev *hdev,
816 struct nfc_target *target)
817{
818 struct nfc_shdlc *shdlc = nfc_hci_get_clientdata(hdev);
819
820 if (shdlc->ops->check_presence)
821 return shdlc->ops->check_presence(shdlc, target);
822
823 return 0;
824}
825
826static struct nfc_hci_ops shdlc_ops = {
827 .open = nfc_shdlc_open,
828 .close = nfc_shdlc_close,
829 .hci_ready = nfc_shdlc_hci_ready,
830 .xmit = nfc_shdlc_xmit,
831 .start_poll = nfc_shdlc_start_poll,
832 .target_from_gate = nfc_shdlc_target_from_gate,
833 .complete_target_discovered = nfc_shdlc_complete_target_discovered,
834 .data_exchange = nfc_shdlc_data_exchange,
835 .check_presence = nfc_shdlc_check_presence,
836};
837
838struct nfc_shdlc *nfc_shdlc_allocate(struct nfc_shdlc_ops *ops,
839 struct nfc_hci_init_data *init_data,
840 u32 protocols,
841 int tx_headroom, int tx_tailroom,
842 int max_link_payload, const char *devname)
843{
844 struct nfc_shdlc *shdlc;
845 int r;
846 char name[32];
847
848 if (ops->xmit == NULL)
849 return NULL;
850
851 shdlc = kzalloc(sizeof(struct nfc_shdlc), GFP_KERNEL);
852 if (shdlc == NULL) 763 if (shdlc == NULL)
853 return NULL; 764 return NULL;
854 765
855 mutex_init(&shdlc->state_mutex); 766 mutex_init(&shdlc->state_mutex);
856 shdlc->ops = ops;
857 shdlc->state = SHDLC_DISCONNECTED; 767 shdlc->state = SHDLC_DISCONNECTED;
858 768
859 init_timer(&shdlc->connect_timer); 769 init_timer(&shdlc->connect_timer);
860 shdlc->connect_timer.data = (unsigned long)shdlc; 770 shdlc->connect_timer.data = (unsigned long)shdlc;
861 shdlc->connect_timer.function = nfc_shdlc_connect_timeout; 771 shdlc->connect_timer.function = llc_shdlc_connect_timeout;
862 772
863 init_timer(&shdlc->t1_timer); 773 init_timer(&shdlc->t1_timer);
864 shdlc->t1_timer.data = (unsigned long)shdlc; 774 shdlc->t1_timer.data = (unsigned long)shdlc;
865 shdlc->t1_timer.function = nfc_shdlc_t1_timeout; 775 shdlc->t1_timer.function = llc_shdlc_t1_timeout;
866 776
867 init_timer(&shdlc->t2_timer); 777 init_timer(&shdlc->t2_timer);
868 shdlc->t2_timer.data = (unsigned long)shdlc; 778 shdlc->t2_timer.data = (unsigned long)shdlc;
869 shdlc->t2_timer.function = nfc_shdlc_t2_timeout; 779 shdlc->t2_timer.function = llc_shdlc_t2_timeout;
870 780
871 shdlc->w = SHDLC_MAX_WINDOW; 781 shdlc->w = SHDLC_MAX_WINDOW;
872 shdlc->srej_support = SHDLC_SREJ_SUPPORT; 782 shdlc->srej_support = SHDLC_SREJ_SUPPORT;
@@ -875,77 +785,73 @@ struct nfc_shdlc *nfc_shdlc_allocate(struct nfc_shdlc_ops *ops,
875 skb_queue_head_init(&shdlc->send_q); 785 skb_queue_head_init(&shdlc->send_q);
876 skb_queue_head_init(&shdlc->ack_pending_q); 786 skb_queue_head_init(&shdlc->ack_pending_q);
877 787
878 INIT_WORK(&shdlc->sm_work, nfc_shdlc_sm_work); 788 INIT_WORK(&shdlc->sm_work, llc_shdlc_sm_work);
879 snprintf(name, sizeof(name), "%s_shdlc_sm_wq", devname);
880 shdlc->sm_wq = alloc_workqueue(name, WQ_NON_REENTRANT | WQ_UNBOUND |
881 WQ_MEM_RECLAIM, 1);
882 if (shdlc->sm_wq == NULL)
883 goto err_allocwq;
884 789
885 shdlc->client_headroom = tx_headroom; 790 shdlc->hdev = hdev;
886 shdlc->client_tailroom = tx_tailroom; 791 shdlc->xmit_to_drv = xmit_to_drv;
887 792 shdlc->rcv_to_hci = rcv_to_hci;
888 shdlc->hdev = nfc_hci_allocate_device(&shdlc_ops, init_data, protocols, 793 shdlc->tx_headroom = tx_headroom;
889 tx_headroom + SHDLC_LLC_HEAD_ROOM, 794 shdlc->tx_tailroom = tx_tailroom;
890 tx_tailroom + SHDLC_LLC_TAIL_ROOM, 795 shdlc->llc_failure = llc_failure;
891 max_link_payload);
892 if (shdlc->hdev == NULL)
893 goto err_allocdev;
894
895 nfc_hci_set_clientdata(shdlc->hdev, shdlc);
896
897 r = nfc_hci_register_device(shdlc->hdev);
898 if (r < 0)
899 goto err_regdev;
900 796
901 return shdlc; 797 return shdlc;
798}
902 799
903err_regdev: 800static void llc_shdlc_deinit(struct nfc_llc *llc)
904 nfc_hci_free_device(shdlc->hdev); 801{
802 struct llc_shdlc *shdlc = nfc_llc_get_data(llc);
905 803
906err_allocdev: 804 skb_queue_purge(&shdlc->rcv_q);
907 destroy_workqueue(shdlc->sm_wq); 805 skb_queue_purge(&shdlc->send_q);
806 skb_queue_purge(&shdlc->ack_pending_q);
908 807
909err_allocwq:
910 kfree(shdlc); 808 kfree(shdlc);
911
912 return NULL;
913} 809}
914EXPORT_SYMBOL(nfc_shdlc_allocate);
915 810
916void nfc_shdlc_free(struct nfc_shdlc *shdlc) 811static int llc_shdlc_start(struct nfc_llc *llc)
917{ 812{
918 pr_debug("\n"); 813 struct llc_shdlc *shdlc = nfc_llc_get_data(llc);
919 814
920 nfc_hci_unregister_device(shdlc->hdev); 815 return llc_shdlc_connect(shdlc);
921 nfc_hci_free_device(shdlc->hdev); 816}
922 817
923 destroy_workqueue(shdlc->sm_wq); 818static int llc_shdlc_stop(struct nfc_llc *llc)
819{
820 struct llc_shdlc *shdlc = nfc_llc_get_data(llc);
924 821
925 skb_queue_purge(&shdlc->rcv_q); 822 llc_shdlc_disconnect(shdlc);
926 skb_queue_purge(&shdlc->send_q);
927 skb_queue_purge(&shdlc->ack_pending_q);
928 823
929 kfree(shdlc); 824 return 0;
930} 825}
931EXPORT_SYMBOL(nfc_shdlc_free);
932 826
933void nfc_shdlc_set_clientdata(struct nfc_shdlc *shdlc, void *clientdata) 827static void llc_shdlc_rcv_from_drv(struct nfc_llc *llc, struct sk_buff *skb)
934{ 828{
935 pr_debug("\n"); 829 struct llc_shdlc *shdlc = nfc_llc_get_data(llc);
936 830
937 shdlc->clientdata = clientdata; 831 llc_shdlc_recv_frame(shdlc, skb);
938} 832}
939EXPORT_SYMBOL(nfc_shdlc_set_clientdata);
940 833
941void *nfc_shdlc_get_clientdata(struct nfc_shdlc *shdlc) 834static int llc_shdlc_xmit_from_hci(struct nfc_llc *llc, struct sk_buff *skb)
942{ 835{
943 return shdlc->clientdata; 836 struct llc_shdlc *shdlc = nfc_llc_get_data(llc);
837
838 skb_queue_tail(&shdlc->send_q, skb);
839
840 queue_work(system_nrt_wq, &shdlc->sm_work);
841
842 return 0;
944} 843}
945EXPORT_SYMBOL(nfc_shdlc_get_clientdata);
946 844
947struct nfc_hci_dev *nfc_shdlc_get_hci_dev(struct nfc_shdlc *shdlc) 845static struct nfc_llc_ops llc_shdlc_ops = {
846 .init = llc_shdlc_init,
847 .deinit = llc_shdlc_deinit,
848 .start = llc_shdlc_start,
849 .stop = llc_shdlc_stop,
850 .rcv_from_drv = llc_shdlc_rcv_from_drv,
851 .xmit_from_hci = llc_shdlc_xmit_from_hci,
852};
853
854int nfc_llc_shdlc_register(void)
948{ 855{
949 return shdlc->hdev; 856 return nfc_llc_register(LLC_SHDLC_NAME, &llc_shdlc_ops);
950} 857}
951EXPORT_SYMBOL(nfc_shdlc_get_hci_dev);
diff --git a/net/nfc/llcp/commands.c b/net/nfc/llcp/commands.c
index b982b5b890d7..c45ccd6c094c 100644
--- a/net/nfc/llcp/commands.c
+++ b/net/nfc/llcp/commands.c
@@ -312,6 +312,8 @@ int nfc_llcp_send_symm(struct nfc_dev *dev)
312 312
313 skb = llcp_add_header(skb, 0, 0, LLCP_PDU_SYMM); 313 skb = llcp_add_header(skb, 0, 0, LLCP_PDU_SYMM);
314 314
315 nfc_llcp_send_to_raw_sock(local, skb, NFC_LLCP_DIRECTION_TX);
316
315 return nfc_data_exchange(dev, local->target_idx, skb, 317 return nfc_data_exchange(dev, local->target_idx, skb,
316 nfc_llcp_recv, local); 318 nfc_llcp_recv, local);
317} 319}
diff --git a/net/nfc/llcp/llcp.c b/net/nfc/llcp/llcp.c
index 82f0f7588b46..c12c5ef3d036 100644
--- a/net/nfc/llcp/llcp.c
+++ b/net/nfc/llcp/llcp.c
@@ -56,7 +56,7 @@ static void nfc_llcp_socket_release(struct nfc_llcp_local *local, bool listen)
56 sk_for_each_safe(sk, node, tmp, &local->sockets.head) { 56 sk_for_each_safe(sk, node, tmp, &local->sockets.head) {
57 llcp_sock = nfc_llcp_sock(sk); 57 llcp_sock = nfc_llcp_sock(sk);
58 58
59 lock_sock(sk); 59 bh_lock_sock(sk);
60 60
61 if (sk->sk_state == LLCP_CONNECTED) 61 if (sk->sk_state == LLCP_CONNECTED)
62 nfc_put_device(llcp_sock->dev); 62 nfc_put_device(llcp_sock->dev);
@@ -68,26 +68,26 @@ static void nfc_llcp_socket_release(struct nfc_llcp_local *local, bool listen)
68 list_for_each_entry_safe(lsk, n, &llcp_sock->accept_queue, 68 list_for_each_entry_safe(lsk, n, &llcp_sock->accept_queue,
69 accept_queue) { 69 accept_queue) {
70 accept_sk = &lsk->sk; 70 accept_sk = &lsk->sk;
71 lock_sock(accept_sk); 71 bh_lock_sock(accept_sk);
72 72
73 nfc_llcp_accept_unlink(accept_sk); 73 nfc_llcp_accept_unlink(accept_sk);
74 74
75 accept_sk->sk_state = LLCP_CLOSED; 75 accept_sk->sk_state = LLCP_CLOSED;
76 76
77 release_sock(accept_sk); 77 bh_unlock_sock(accept_sk);
78 78
79 sock_orphan(accept_sk); 79 sock_orphan(accept_sk);
80 } 80 }
81 81
82 if (listen == true) { 82 if (listen == true) {
83 release_sock(sk); 83 bh_unlock_sock(sk);
84 continue; 84 continue;
85 } 85 }
86 } 86 }
87 87
88 sk->sk_state = LLCP_CLOSED; 88 sk->sk_state = LLCP_CLOSED;
89 89
90 release_sock(sk); 90 bh_unlock_sock(sk);
91 91
92 sock_orphan(sk); 92 sock_orphan(sk);
93 93
@@ -114,9 +114,9 @@ static void local_release(struct kref *ref)
114 nfc_llcp_socket_release(local, false); 114 nfc_llcp_socket_release(local, false);
115 del_timer_sync(&local->link_timer); 115 del_timer_sync(&local->link_timer);
116 skb_queue_purge(&local->tx_queue); 116 skb_queue_purge(&local->tx_queue);
117 destroy_workqueue(local->tx_wq); 117 cancel_work_sync(&local->tx_work);
118 destroy_workqueue(local->rx_wq); 118 cancel_work_sync(&local->rx_work);
119 destroy_workqueue(local->timeout_wq); 119 cancel_work_sync(&local->timeout_work);
120 kfree_skb(local->rx_pending); 120 kfree_skb(local->rx_pending);
121 kfree(local); 121 kfree(local);
122} 122}
@@ -181,7 +181,7 @@ static void nfc_llcp_symm_timer(unsigned long data)
181 181
182 pr_err("SYMM timeout\n"); 182 pr_err("SYMM timeout\n");
183 183
184 queue_work(local->timeout_wq, &local->timeout_work); 184 queue_work(system_nrt_wq, &local->timeout_work);
185} 185}
186 186
187struct nfc_llcp_local *nfc_llcp_find_local(struct nfc_dev *dev) 187struct nfc_llcp_local *nfc_llcp_find_local(struct nfc_dev *dev)
@@ -426,6 +426,7 @@ static int nfc_llcp_build_gb(struct nfc_llcp_local *local)
426 u8 *miux_tlv, miux_length; 426 u8 *miux_tlv, miux_length;
427 __be16 miux; 427 __be16 miux;
428 u8 gb_len = 0; 428 u8 gb_len = 0;
429 int ret = 0;
429 430
430 version = LLCP_VERSION_11; 431 version = LLCP_VERSION_11;
431 version_tlv = nfc_llcp_build_tlv(LLCP_TLV_VERSION, &version, 432 version_tlv = nfc_llcp_build_tlv(LLCP_TLV_VERSION, &version,
@@ -450,8 +451,8 @@ static int nfc_llcp_build_gb(struct nfc_llcp_local *local)
450 gb_len += ARRAY_SIZE(llcp_magic); 451 gb_len += ARRAY_SIZE(llcp_magic);
451 452
452 if (gb_len > NFC_MAX_GT_LEN) { 453 if (gb_len > NFC_MAX_GT_LEN) {
453 kfree(version_tlv); 454 ret = -EINVAL;
454 return -EINVAL; 455 goto out;
455 } 456 }
456 457
457 gb_cur = local->gb; 458 gb_cur = local->gb;
@@ -471,12 +472,15 @@ static int nfc_llcp_build_gb(struct nfc_llcp_local *local)
471 memcpy(gb_cur, miux_tlv, miux_length); 472 memcpy(gb_cur, miux_tlv, miux_length);
472 gb_cur += miux_length; 473 gb_cur += miux_length;
473 474
475 local->gb_len = gb_len;
476
477out:
474 kfree(version_tlv); 478 kfree(version_tlv);
475 kfree(lto_tlv); 479 kfree(lto_tlv);
480 kfree(wks_tlv);
481 kfree(miux_tlv);
476 482
477 local->gb_len = gb_len; 483 return ret;
478
479 return 0;
480} 484}
481 485
482u8 *nfc_llcp_general_bytes(struct nfc_dev *dev, size_t *general_bytes_len) 486u8 *nfc_llcp_general_bytes(struct nfc_dev *dev, size_t *general_bytes_len)
@@ -554,6 +558,46 @@ static void nfc_llcp_set_nrns(struct nfc_llcp_sock *sock, struct sk_buff *pdu)
554 sock->recv_ack_n = (sock->recv_n - 1) % 16; 558 sock->recv_ack_n = (sock->recv_n - 1) % 16;
555} 559}
556 560
561void nfc_llcp_send_to_raw_sock(struct nfc_llcp_local *local,
562 struct sk_buff *skb, u8 direction)
563{
564 struct hlist_node *node;
565 struct sk_buff *skb_copy = NULL, *nskb;
566 struct sock *sk;
567 u8 *data;
568
569 read_lock(&local->raw_sockets.lock);
570
571 sk_for_each(sk, node, &local->raw_sockets.head) {
572 if (sk->sk_state != LLCP_BOUND)
573 continue;
574
575 if (skb_copy == NULL) {
576 skb_copy = __pskb_copy(skb, NFC_LLCP_RAW_HEADER_SIZE,
577 GFP_ATOMIC);
578
579 if (skb_copy == NULL)
580 continue;
581
582 data = skb_push(skb_copy, NFC_LLCP_RAW_HEADER_SIZE);
583
584 data[0] = local->dev ? local->dev->idx : 0xFF;
585 data[1] = direction;
586 }
587
588 nskb = skb_clone(skb_copy, GFP_ATOMIC);
589 if (!nskb)
590 continue;
591
592 if (sock_queue_rcv_skb(sk, nskb))
593 kfree_skb(nskb);
594 }
595
596 read_unlock(&local->raw_sockets.lock);
597
598 kfree_skb(skb_copy);
599}
600
557static void nfc_llcp_tx_work(struct work_struct *work) 601static void nfc_llcp_tx_work(struct work_struct *work)
558{ 602{
559 struct nfc_llcp_local *local = container_of(work, struct nfc_llcp_local, 603 struct nfc_llcp_local *local = container_of(work, struct nfc_llcp_local,
@@ -574,6 +618,9 @@ static void nfc_llcp_tx_work(struct work_struct *work)
574 DUMP_PREFIX_OFFSET, 16, 1, 618 DUMP_PREFIX_OFFSET, 16, 1,
575 skb->data, skb->len, true); 619 skb->data, skb->len, true);
576 620
621 nfc_llcp_send_to_raw_sock(local, skb,
622 NFC_LLCP_DIRECTION_TX);
623
577 ret = nfc_data_exchange(local->dev, local->target_idx, 624 ret = nfc_data_exchange(local->dev, local->target_idx,
578 skb, nfc_llcp_recv, local); 625 skb, nfc_llcp_recv, local);
579 626
@@ -1018,6 +1065,8 @@ static void nfc_llcp_rx_work(struct work_struct *work)
1018 print_hex_dump(KERN_DEBUG, "LLCP Rx: ", DUMP_PREFIX_OFFSET, 1065 print_hex_dump(KERN_DEBUG, "LLCP Rx: ", DUMP_PREFIX_OFFSET,
1019 16, 1, skb->data, skb->len, true); 1066 16, 1, skb->data, skb->len, true);
1020 1067
1068 nfc_llcp_send_to_raw_sock(local, skb, NFC_LLCP_DIRECTION_RX);
1069
1021 switch (ptype) { 1070 switch (ptype) {
1022 case LLCP_PDU_SYMM: 1071 case LLCP_PDU_SYMM:
1023 pr_debug("SYMM\n"); 1072 pr_debug("SYMM\n");
@@ -1052,7 +1101,7 @@ static void nfc_llcp_rx_work(struct work_struct *work)
1052 1101
1053 } 1102 }
1054 1103
1055 queue_work(local->tx_wq, &local->tx_work); 1104 queue_work(system_nrt_wq, &local->tx_work);
1056 kfree_skb(local->rx_pending); 1105 kfree_skb(local->rx_pending);
1057 local->rx_pending = NULL; 1106 local->rx_pending = NULL;
1058 1107
@@ -1071,7 +1120,7 @@ void nfc_llcp_recv(void *data, struct sk_buff *skb, int err)
1071 1120
1072 local->rx_pending = skb_get(skb); 1121 local->rx_pending = skb_get(skb);
1073 del_timer(&local->link_timer); 1122 del_timer(&local->link_timer);
1074 queue_work(local->rx_wq, &local->rx_work); 1123 queue_work(system_nrt_wq, &local->rx_work);
1075 1124
1076 return; 1125 return;
1077} 1126}
@@ -1086,7 +1135,7 @@ int nfc_llcp_data_received(struct nfc_dev *dev, struct sk_buff *skb)
1086 1135
1087 local->rx_pending = skb_get(skb); 1136 local->rx_pending = skb_get(skb);
1088 del_timer(&local->link_timer); 1137 del_timer(&local->link_timer);
1089 queue_work(local->rx_wq, &local->rx_work); 1138 queue_work(system_nrt_wq, &local->rx_work);
1090 1139
1091 return 0; 1140 return 0;
1092} 1141}
@@ -1121,7 +1170,7 @@ void nfc_llcp_mac_is_up(struct nfc_dev *dev, u32 target_idx,
1121 if (rf_mode == NFC_RF_INITIATOR) { 1170 if (rf_mode == NFC_RF_INITIATOR) {
1122 pr_debug("Queueing Tx work\n"); 1171 pr_debug("Queueing Tx work\n");
1123 1172
1124 queue_work(local->tx_wq, &local->tx_work); 1173 queue_work(system_nrt_wq, &local->tx_work);
1125 } else { 1174 } else {
1126 mod_timer(&local->link_timer, 1175 mod_timer(&local->link_timer,
1127 jiffies + msecs_to_jiffies(local->remote_lto)); 1176 jiffies + msecs_to_jiffies(local->remote_lto));
@@ -1130,10 +1179,7 @@ void nfc_llcp_mac_is_up(struct nfc_dev *dev, u32 target_idx,
1130 1179
1131int nfc_llcp_register_device(struct nfc_dev *ndev) 1180int nfc_llcp_register_device(struct nfc_dev *ndev)
1132{ 1181{
1133 struct device *dev = &ndev->dev;
1134 struct nfc_llcp_local *local; 1182 struct nfc_llcp_local *local;
1135 char name[32];
1136 int err;
1137 1183
1138 local = kzalloc(sizeof(struct nfc_llcp_local), GFP_KERNEL); 1184 local = kzalloc(sizeof(struct nfc_llcp_local), GFP_KERNEL);
1139 if (local == NULL) 1185 if (local == NULL)
@@ -1149,41 +1195,15 @@ int nfc_llcp_register_device(struct nfc_dev *ndev)
1149 1195
1150 skb_queue_head_init(&local->tx_queue); 1196 skb_queue_head_init(&local->tx_queue);
1151 INIT_WORK(&local->tx_work, nfc_llcp_tx_work); 1197 INIT_WORK(&local->tx_work, nfc_llcp_tx_work);
1152 snprintf(name, sizeof(name), "%s_llcp_tx_wq", dev_name(dev));
1153 local->tx_wq =
1154 alloc_workqueue(name,
1155 WQ_NON_REENTRANT | WQ_UNBOUND | WQ_MEM_RECLAIM,
1156 1);
1157 if (local->tx_wq == NULL) {
1158 err = -ENOMEM;
1159 goto err_local;
1160 }
1161 1198
1162 local->rx_pending = NULL; 1199 local->rx_pending = NULL;
1163 INIT_WORK(&local->rx_work, nfc_llcp_rx_work); 1200 INIT_WORK(&local->rx_work, nfc_llcp_rx_work);
1164 snprintf(name, sizeof(name), "%s_llcp_rx_wq", dev_name(dev));
1165 local->rx_wq =
1166 alloc_workqueue(name,
1167 WQ_NON_REENTRANT | WQ_UNBOUND | WQ_MEM_RECLAIM,
1168 1);
1169 if (local->rx_wq == NULL) {
1170 err = -ENOMEM;
1171 goto err_tx_wq;
1172 }
1173 1201
1174 INIT_WORK(&local->timeout_work, nfc_llcp_timeout_work); 1202 INIT_WORK(&local->timeout_work, nfc_llcp_timeout_work);
1175 snprintf(name, sizeof(name), "%s_llcp_timeout_wq", dev_name(dev));
1176 local->timeout_wq =
1177 alloc_workqueue(name,
1178 WQ_NON_REENTRANT | WQ_UNBOUND | WQ_MEM_RECLAIM,
1179 1);
1180 if (local->timeout_wq == NULL) {
1181 err = -ENOMEM;
1182 goto err_rx_wq;
1183 }
1184 1203
1185 local->sockets.lock = __RW_LOCK_UNLOCKED(local->sockets.lock); 1204 rwlock_init(&local->sockets.lock);
1186 local->connecting_sockets.lock = __RW_LOCK_UNLOCKED(local->connecting_sockets.lock); 1205 rwlock_init(&local->connecting_sockets.lock);
1206 rwlock_init(&local->raw_sockets.lock);
1187 1207
1188 nfc_llcp_build_gb(local); 1208 nfc_llcp_build_gb(local);
1189 1209
@@ -1193,17 +1213,6 @@ int nfc_llcp_register_device(struct nfc_dev *ndev)
1193 list_add(&llcp_devices, &local->list); 1213 list_add(&llcp_devices, &local->list);
1194 1214
1195 return 0; 1215 return 0;
1196
1197err_rx_wq:
1198 destroy_workqueue(local->rx_wq);
1199
1200err_tx_wq:
1201 destroy_workqueue(local->tx_wq);
1202
1203err_local:
1204 kfree(local);
1205
1206 return 0;
1207} 1216}
1208 1217
1209void nfc_llcp_unregister_device(struct nfc_dev *dev) 1218void nfc_llcp_unregister_device(struct nfc_dev *dev)
diff --git a/net/nfc/llcp/llcp.h b/net/nfc/llcp/llcp.h
index 83b8bba5a280..fdb2d24e60bd 100644
--- a/net/nfc/llcp/llcp.h
+++ b/net/nfc/llcp/llcp.h
@@ -56,12 +56,9 @@ struct nfc_llcp_local {
56 56
57 struct timer_list link_timer; 57 struct timer_list link_timer;
58 struct sk_buff_head tx_queue; 58 struct sk_buff_head tx_queue;
59 struct workqueue_struct *tx_wq;
60 struct work_struct tx_work; 59 struct work_struct tx_work;
61 struct workqueue_struct *rx_wq;
62 struct work_struct rx_work; 60 struct work_struct rx_work;
63 struct sk_buff *rx_pending; 61 struct sk_buff *rx_pending;
64 struct workqueue_struct *timeout_wq;
65 struct work_struct timeout_work; 62 struct work_struct timeout_work;
66 63
67 u32 target_idx; 64 u32 target_idx;
@@ -89,6 +86,7 @@ struct nfc_llcp_local {
89 /* sockets array */ 86 /* sockets array */
90 struct llcp_sock_list sockets; 87 struct llcp_sock_list sockets;
91 struct llcp_sock_list connecting_sockets; 88 struct llcp_sock_list connecting_sockets;
89 struct llcp_sock_list raw_sockets;
92}; 90};
93 91
94struct nfc_llcp_sock { 92struct nfc_llcp_sock {
@@ -187,6 +185,8 @@ u8 nfc_llcp_get_sdp_ssap(struct nfc_llcp_local *local,
187u8 nfc_llcp_get_local_ssap(struct nfc_llcp_local *local); 185u8 nfc_llcp_get_local_ssap(struct nfc_llcp_local *local);
188void nfc_llcp_put_ssap(struct nfc_llcp_local *local, u8 ssap); 186void nfc_llcp_put_ssap(struct nfc_llcp_local *local, u8 ssap);
189int nfc_llcp_queue_i_frames(struct nfc_llcp_sock *sock); 187int nfc_llcp_queue_i_frames(struct nfc_llcp_sock *sock);
188void nfc_llcp_send_to_raw_sock(struct nfc_llcp_local *local,
189 struct sk_buff *skb, u8 direction);
190 190
191/* Sock API */ 191/* Sock API */
192struct sock *nfc_llcp_sock_alloc(struct socket *sock, int type, gfp_t gfp); 192struct sock *nfc_llcp_sock_alloc(struct socket *sock, int type, gfp_t gfp);
diff --git a/net/nfc/llcp/sock.c b/net/nfc/llcp/sock.c
index ddeb9aa398f0..40f056debf9a 100644
--- a/net/nfc/llcp/sock.c
+++ b/net/nfc/llcp/sock.c
@@ -142,6 +142,60 @@ error:
142 return ret; 142 return ret;
143} 143}
144 144
145static int llcp_raw_sock_bind(struct socket *sock, struct sockaddr *addr,
146 int alen)
147{
148 struct sock *sk = sock->sk;
149 struct nfc_llcp_sock *llcp_sock = nfc_llcp_sock(sk);
150 struct nfc_llcp_local *local;
151 struct nfc_dev *dev;
152 struct sockaddr_nfc_llcp llcp_addr;
153 int len, ret = 0;
154
155 if (!addr || addr->sa_family != AF_NFC)
156 return -EINVAL;
157
158 pr_debug("sk %p addr %p family %d\n", sk, addr, addr->sa_family);
159
160 memset(&llcp_addr, 0, sizeof(llcp_addr));
161 len = min_t(unsigned int, sizeof(llcp_addr), alen);
162 memcpy(&llcp_addr, addr, len);
163
164 lock_sock(sk);
165
166 if (sk->sk_state != LLCP_CLOSED) {
167 ret = -EBADFD;
168 goto error;
169 }
170
171 dev = nfc_get_device(llcp_addr.dev_idx);
172 if (dev == NULL) {
173 ret = -ENODEV;
174 goto error;
175 }
176
177 local = nfc_llcp_find_local(dev);
178 if (local == NULL) {
179 ret = -ENODEV;
180 goto put_dev;
181 }
182
183 llcp_sock->dev = dev;
184 llcp_sock->local = nfc_llcp_local_get(local);
185 llcp_sock->nfc_protocol = llcp_addr.nfc_protocol;
186
187 nfc_llcp_sock_link(&local->raw_sockets, sk);
188
189 sk->sk_state = LLCP_BOUND;
190
191put_dev:
192 nfc_put_device(dev);
193
194error:
195 release_sock(sk);
196 return ret;
197}
198
145static int llcp_sock_listen(struct socket *sock, int backlog) 199static int llcp_sock_listen(struct socket *sock, int backlog)
146{ 200{
147 struct sock *sk = sock->sk; 201 struct sock *sk = sock->sk;
@@ -300,9 +354,6 @@ static int llcp_sock_getname(struct socket *sock, struct sockaddr *uaddr,
300 pr_debug("%p %d %d %d\n", sk, llcp_sock->target_idx, 354 pr_debug("%p %d %d %d\n", sk, llcp_sock->target_idx,
301 llcp_sock->dsap, llcp_sock->ssap); 355 llcp_sock->dsap, llcp_sock->ssap);
302 356
303 if (llcp_sock == NULL || llcp_sock->dev == NULL)
304 return -EBADFD;
305
306 uaddr->sa_family = AF_NFC; 357 uaddr->sa_family = AF_NFC;
307 358
308 *len = sizeof(struct sockaddr_nfc_llcp); 359 *len = sizeof(struct sockaddr_nfc_llcp);
@@ -421,7 +472,10 @@ static int llcp_sock_release(struct socket *sock)
421 472
422 release_sock(sk); 473 release_sock(sk);
423 474
424 nfc_llcp_sock_unlink(&local->sockets, sk); 475 if (sock->type == SOCK_RAW)
476 nfc_llcp_sock_unlink(&local->raw_sockets, sk);
477 else
478 nfc_llcp_sock_unlink(&local->sockets, sk);
425 479
426out: 480out:
427 sock_orphan(sk); 481 sock_orphan(sk);
@@ -617,7 +671,7 @@ static int llcp_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
617 if (!(flags & MSG_PEEK)) { 671 if (!(flags & MSG_PEEK)) {
618 672
619 /* SOCK_STREAM: re-queue skb if it contains unreceived data */ 673 /* SOCK_STREAM: re-queue skb if it contains unreceived data */
620 if (sk->sk_type == SOCK_STREAM) { 674 if (sk->sk_type == SOCK_STREAM || sk->sk_type == SOCK_RAW) {
621 skb_pull(skb, copied); 675 skb_pull(skb, copied);
622 if (skb->len) { 676 if (skb->len) {
623 skb_queue_head(&sk->sk_receive_queue, skb); 677 skb_queue_head(&sk->sk_receive_queue, skb);
@@ -658,6 +712,26 @@ static const struct proto_ops llcp_sock_ops = {
658 .mmap = sock_no_mmap, 712 .mmap = sock_no_mmap,
659}; 713};
660 714
715static const struct proto_ops llcp_rawsock_ops = {
716 .family = PF_NFC,
717 .owner = THIS_MODULE,
718 .bind = llcp_raw_sock_bind,
719 .connect = sock_no_connect,
720 .release = llcp_sock_release,
721 .socketpair = sock_no_socketpair,
722 .accept = sock_no_accept,
723 .getname = llcp_sock_getname,
724 .poll = llcp_sock_poll,
725 .ioctl = sock_no_ioctl,
726 .listen = sock_no_listen,
727 .shutdown = sock_no_shutdown,
728 .setsockopt = sock_no_setsockopt,
729 .getsockopt = sock_no_getsockopt,
730 .sendmsg = sock_no_sendmsg,
731 .recvmsg = llcp_sock_recvmsg,
732 .mmap = sock_no_mmap,
733};
734
661static void llcp_sock_destruct(struct sock *sk) 735static void llcp_sock_destruct(struct sock *sk)
662{ 736{
663 struct nfc_llcp_sock *llcp_sock = nfc_llcp_sock(sk); 737 struct nfc_llcp_sock *llcp_sock = nfc_llcp_sock(sk);
@@ -735,10 +809,15 @@ static int llcp_sock_create(struct net *net, struct socket *sock,
735 809
736 pr_debug("%p\n", sock); 810 pr_debug("%p\n", sock);
737 811
738 if (sock->type != SOCK_STREAM && sock->type != SOCK_DGRAM) 812 if (sock->type != SOCK_STREAM &&
813 sock->type != SOCK_DGRAM &&
814 sock->type != SOCK_RAW)
739 return -ESOCKTNOSUPPORT; 815 return -ESOCKTNOSUPPORT;
740 816
741 sock->ops = &llcp_sock_ops; 817 if (sock->type == SOCK_RAW)
818 sock->ops = &llcp_rawsock_ops;
819 else
820 sock->ops = &llcp_sock_ops;
742 821
743 sk = nfc_llcp_sock_alloc(sock, sock->type, GFP_ATOMIC); 822 sk = nfc_llcp_sock_alloc(sock, sock->type, GFP_ATOMIC);
744 if (sk == NULL) 823 if (sk == NULL)
diff --git a/net/nfc/nci/core.c b/net/nfc/nci/core.c
index f81efe13985a..acf9abb7d99b 100644
--- a/net/nfc/nci/core.c
+++ b/net/nfc/nci/core.c
@@ -176,6 +176,27 @@ static void nci_init_complete_req(struct nci_dev *ndev, unsigned long opt)
176 (1 + ((*num) * sizeof(struct disc_map_config))), &cmd); 176 (1 + ((*num) * sizeof(struct disc_map_config))), &cmd);
177} 177}
178 178
179struct nci_set_config_param {
180 __u8 id;
181 size_t len;
182 __u8 *val;
183};
184
185static void nci_set_config_req(struct nci_dev *ndev, unsigned long opt)
186{
187 struct nci_set_config_param *param = (struct nci_set_config_param *)opt;
188 struct nci_core_set_config_cmd cmd;
189
190 BUG_ON(param->len > NCI_MAX_PARAM_LEN);
191
192 cmd.num_params = 1;
193 cmd.param.id = param->id;
194 cmd.param.len = param->len;
195 memcpy(cmd.param.val, param->val, param->len);
196
197 nci_send_cmd(ndev, NCI_OP_CORE_SET_CONFIG_CMD, (3 + param->len), &cmd);
198}
199
179static void nci_rf_discover_req(struct nci_dev *ndev, unsigned long opt) 200static void nci_rf_discover_req(struct nci_dev *ndev, unsigned long opt)
180{ 201{
181 struct nci_rf_disc_cmd cmd; 202 struct nci_rf_disc_cmd cmd;
@@ -388,6 +409,32 @@ static int nci_dev_down(struct nfc_dev *nfc_dev)
388 return nci_close_device(ndev); 409 return nci_close_device(ndev);
389} 410}
390 411
412static int nci_set_local_general_bytes(struct nfc_dev *nfc_dev)
413{
414 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
415 struct nci_set_config_param param;
416 __u8 local_gb[NFC_MAX_GT_LEN];
417 int i, rc = 0;
418
419 param.val = nfc_get_local_general_bytes(nfc_dev, &param.len);
420 if ((param.val == NULL) || (param.len == 0))
421 return rc;
422
423 if (param.len > NCI_MAX_PARAM_LEN)
424 return -EINVAL;
425
426 for (i = 0; i < param.len; i++)
427 local_gb[param.len-1-i] = param.val[i];
428
429 param.id = NCI_PN_ATR_REQ_GEN_BYTES;
430 param.val = local_gb;
431
432 rc = nci_request(ndev, nci_set_config_req, (unsigned long)&param,
433 msecs_to_jiffies(NCI_SET_CONFIG_TIMEOUT));
434
435 return rc;
436}
437
391static int nci_start_poll(struct nfc_dev *nfc_dev, 438static int nci_start_poll(struct nfc_dev *nfc_dev,
392 __u32 im_protocols, __u32 tm_protocols) 439 __u32 im_protocols, __u32 tm_protocols)
393{ 440{
@@ -415,6 +462,14 @@ static int nci_start_poll(struct nfc_dev *nfc_dev,
415 return -EBUSY; 462 return -EBUSY;
416 } 463 }
417 464
465 if (im_protocols & NFC_PROTO_NFC_DEP_MASK) {
466 rc = nci_set_local_general_bytes(nfc_dev);
467 if (rc) {
468 pr_err("failed to set local general bytes\n");
469 return rc;
470 }
471 }
472
418 rc = nci_request(ndev, nci_rf_discover_req, im_protocols, 473 rc = nci_request(ndev, nci_rf_discover_req, im_protocols,
419 msecs_to_jiffies(NCI_RF_DISC_TIMEOUT)); 474 msecs_to_jiffies(NCI_RF_DISC_TIMEOUT));
420 475
@@ -509,7 +564,7 @@ static void nci_deactivate_target(struct nfc_dev *nfc_dev,
509{ 564{
510 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev); 565 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
511 566
512 pr_debug("target_idx %d\n", target->idx); 567 pr_debug("entry\n");
513 568
514 if (!ndev->target_active_prot) { 569 if (!ndev->target_active_prot) {
515 pr_err("unable to deactivate target, no active target\n"); 570 pr_err("unable to deactivate target, no active target\n");
@@ -524,6 +579,38 @@ static void nci_deactivate_target(struct nfc_dev *nfc_dev,
524 } 579 }
525} 580}
526 581
582
583static int nci_dep_link_up(struct nfc_dev *nfc_dev, struct nfc_target *target,
584 __u8 comm_mode, __u8 *gb, size_t gb_len)
585{
586 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
587 int rc;
588
589 pr_debug("target_idx %d, comm_mode %d\n", target->idx, comm_mode);
590
591 rc = nci_activate_target(nfc_dev, target, NFC_PROTO_NFC_DEP);
592 if (rc)
593 return rc;
594
595 rc = nfc_set_remote_general_bytes(nfc_dev, ndev->remote_gb,
596 ndev->remote_gb_len);
597 if (!rc)
598 rc = nfc_dep_link_is_up(nfc_dev, target->idx, NFC_COMM_PASSIVE,
599 NFC_RF_INITIATOR);
600
601 return rc;
602}
603
604static int nci_dep_link_down(struct nfc_dev *nfc_dev)
605{
606 pr_debug("entry\n");
607
608 nci_deactivate_target(nfc_dev, NULL);
609
610 return 0;
611}
612
613
527static int nci_transceive(struct nfc_dev *nfc_dev, struct nfc_target *target, 614static int nci_transceive(struct nfc_dev *nfc_dev, struct nfc_target *target,
528 struct sk_buff *skb, 615 struct sk_buff *skb,
529 data_exchange_cb_t cb, void *cb_context) 616 data_exchange_cb_t cb, void *cb_context)
@@ -557,6 +644,8 @@ static struct nfc_ops nci_nfc_ops = {
557 .dev_down = nci_dev_down, 644 .dev_down = nci_dev_down,
558 .start_poll = nci_start_poll, 645 .start_poll = nci_start_poll,
559 .stop_poll = nci_stop_poll, 646 .stop_poll = nci_stop_poll,
647 .dep_link_up = nci_dep_link_up,
648 .dep_link_down = nci_dep_link_down,
560 .activate_target = nci_activate_target, 649 .activate_target = nci_activate_target,
561 .deactivate_target = nci_deactivate_target, 650 .deactivate_target = nci_deactivate_target,
562 .im_transceive = nci_transceive, 651 .im_transceive = nci_transceive,
diff --git a/net/nfc/nci/ntf.c b/net/nfc/nci/ntf.c
index af7a93b04393..b2aa98ef0927 100644
--- a/net/nfc/nci/ntf.c
+++ b/net/nfc/nci/ntf.c
@@ -176,6 +176,8 @@ static int nci_add_new_protocol(struct nci_dev *ndev,
176 protocol = NFC_PROTO_ISO14443_B_MASK; 176 protocol = NFC_PROTO_ISO14443_B_MASK;
177 else if (rf_protocol == NCI_RF_PROTOCOL_T3T) 177 else if (rf_protocol == NCI_RF_PROTOCOL_T3T)
178 protocol = NFC_PROTO_FELICA_MASK; 178 protocol = NFC_PROTO_FELICA_MASK;
179 else if (rf_protocol == NCI_RF_PROTOCOL_NFC_DEP)
180 protocol = NFC_PROTO_NFC_DEP_MASK;
179 else 181 else
180 protocol = 0; 182 protocol = 0;
181 183
@@ -361,6 +363,33 @@ static int nci_extract_activation_params_iso_dep(struct nci_dev *ndev,
361 return NCI_STATUS_OK; 363 return NCI_STATUS_OK;
362} 364}
363 365
366static int nci_extract_activation_params_nfc_dep(struct nci_dev *ndev,
367 struct nci_rf_intf_activated_ntf *ntf, __u8 *data)
368{
369 struct activation_params_poll_nfc_dep *poll;
370 int i;
371
372 switch (ntf->activation_rf_tech_and_mode) {
373 case NCI_NFC_A_PASSIVE_POLL_MODE:
374 case NCI_NFC_F_PASSIVE_POLL_MODE:
375 poll = &ntf->activation_params.poll_nfc_dep;
376 poll->atr_res_len = min_t(__u8, *data++, 63);
377 pr_debug("atr_res_len %d\n", poll->atr_res_len);
378 if (poll->atr_res_len > 0) {
379 for (i = 0; i < poll->atr_res_len; i++)
380 poll->atr_res[poll->atr_res_len-1-i] = data[i];
381 }
382 break;
383
384 default:
385 pr_err("unsupported activation_rf_tech_and_mode 0x%x\n",
386 ntf->activation_rf_tech_and_mode);
387 return NCI_STATUS_RF_PROTOCOL_ERROR;
388 }
389
390 return NCI_STATUS_OK;
391}
392
364static void nci_target_auto_activated(struct nci_dev *ndev, 393static void nci_target_auto_activated(struct nci_dev *ndev,
365 struct nci_rf_intf_activated_ntf *ntf) 394 struct nci_rf_intf_activated_ntf *ntf)
366{ 395{
@@ -454,6 +483,11 @@ static void nci_rf_intf_activated_ntf_packet(struct nci_dev *ndev,
454 &ntf, data); 483 &ntf, data);
455 break; 484 break;
456 485
486 case NCI_RF_INTERFACE_NFC_DEP:
487 err = nci_extract_activation_params_nfc_dep(ndev,
488 &ntf, data);
489 break;
490
457 case NCI_RF_INTERFACE_FRAME: 491 case NCI_RF_INTERFACE_FRAME:
458 /* no activation params */ 492 /* no activation params */
459 break; 493 break;
@@ -473,6 +507,24 @@ exit:
473 507
474 /* set the available credits to initial value */ 508 /* set the available credits to initial value */
475 atomic_set(&ndev->credits_cnt, ndev->initial_num_credits); 509 atomic_set(&ndev->credits_cnt, ndev->initial_num_credits);
510
511 /* store general bytes to be reported later in dep_link_up */
512 if (ntf.rf_interface == NCI_RF_INTERFACE_NFC_DEP) {
513 ndev->remote_gb_len = 0;
514
515 if (ntf.activation_params_len > 0) {
516 /* ATR_RES general bytes at offset 15 */
517 ndev->remote_gb_len = min_t(__u8,
518 (ntf.activation_params
519 .poll_nfc_dep.atr_res_len
520 - NFC_ATR_RES_GT_OFFSET),
521 NFC_MAX_GT_LEN);
522 memcpy(ndev->remote_gb,
523 (ntf.activation_params.poll_nfc_dep
524 .atr_res + NFC_ATR_RES_GT_OFFSET),
525 ndev->remote_gb_len);
526 }
527 }
476 } 528 }
477 529
478 if (atomic_read(&ndev->state) == NCI_DISCOVERY) { 530 if (atomic_read(&ndev->state) == NCI_DISCOVERY) {
diff --git a/net/nfc/nci/rsp.c b/net/nfc/nci/rsp.c
index 3003c3390e49..dd072f38ad00 100644
--- a/net/nfc/nci/rsp.c
+++ b/net/nfc/nci/rsp.c
@@ -119,6 +119,16 @@ exit:
119 nci_req_complete(ndev, rsp_1->status); 119 nci_req_complete(ndev, rsp_1->status);
120} 120}
121 121
122static void nci_core_set_config_rsp_packet(struct nci_dev *ndev,
123 struct sk_buff *skb)
124{
125 struct nci_core_set_config_rsp *rsp = (void *) skb->data;
126
127 pr_debug("status 0x%x\n", rsp->status);
128
129 nci_req_complete(ndev, rsp->status);
130}
131
122static void nci_rf_disc_map_rsp_packet(struct nci_dev *ndev, 132static void nci_rf_disc_map_rsp_packet(struct nci_dev *ndev,
123 struct sk_buff *skb) 133 struct sk_buff *skb)
124{ 134{
@@ -194,6 +204,10 @@ void nci_rsp_packet(struct nci_dev *ndev, struct sk_buff *skb)
194 nci_core_init_rsp_packet(ndev, skb); 204 nci_core_init_rsp_packet(ndev, skb);
195 break; 205 break;
196 206
207 case NCI_OP_CORE_SET_CONFIG_RSP:
208 nci_core_set_config_rsp_packet(ndev, skb);
209 break;
210
197 case NCI_OP_RF_DISCOVER_MAP_RSP: 211 case NCI_OP_RF_DISCOVER_MAP_RSP:
198 nci_rf_disc_map_rsp_packet(ndev, skb); 212 nci_rf_disc_map_rsp_packet(ndev, skb);
199 break; 213 break;
diff --git a/net/nfc/netlink.c b/net/nfc/netlink.c
index 4c51714ee741..c1b5285cbde7 100644
--- a/net/nfc/netlink.c
+++ b/net/nfc/netlink.c
@@ -58,7 +58,7 @@ static int nfc_genl_send_target(struct sk_buff *msg, struct nfc_target *target,
58{ 58{
59 void *hdr; 59 void *hdr;
60 60
61 hdr = genlmsg_put(msg, NETLINK_CB(cb->skb).pid, cb->nlh->nlmsg_seq, 61 hdr = genlmsg_put(msg, NETLINK_CB(cb->skb).portid, cb->nlh->nlmsg_seq,
62 &nfc_genl_family, flags, NFC_CMD_GET_TARGET); 62 &nfc_genl_family, flags, NFC_CMD_GET_TARGET);
63 if (!hdr) 63 if (!hdr)
64 return -EMSGSIZE; 64 return -EMSGSIZE;
@@ -165,7 +165,7 @@ int nfc_genl_targets_found(struct nfc_dev *dev)
165 struct sk_buff *msg; 165 struct sk_buff *msg;
166 void *hdr; 166 void *hdr;
167 167
168 dev->genl_data.poll_req_pid = 0; 168 dev->genl_data.poll_req_portid = 0;
169 169
170 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC); 170 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC);
171 if (!msg) 171 if (!msg)
@@ -347,13 +347,13 @@ free_msg:
347} 347}
348 348
349static int nfc_genl_send_device(struct sk_buff *msg, struct nfc_dev *dev, 349static int nfc_genl_send_device(struct sk_buff *msg, struct nfc_dev *dev,
350 u32 pid, u32 seq, 350 u32 portid, u32 seq,
351 struct netlink_callback *cb, 351 struct netlink_callback *cb,
352 int flags) 352 int flags)
353{ 353{
354 void *hdr; 354 void *hdr;
355 355
356 hdr = genlmsg_put(msg, pid, seq, &nfc_genl_family, flags, 356 hdr = genlmsg_put(msg, portid, seq, &nfc_genl_family, flags,
357 NFC_CMD_GET_DEVICE); 357 NFC_CMD_GET_DEVICE);
358 if (!hdr) 358 if (!hdr)
359 return -EMSGSIZE; 359 return -EMSGSIZE;
@@ -401,7 +401,7 @@ static int nfc_genl_dump_devices(struct sk_buff *skb,
401 while (dev) { 401 while (dev) {
402 int rc; 402 int rc;
403 403
404 rc = nfc_genl_send_device(skb, dev, NETLINK_CB(cb->skb).pid, 404 rc = nfc_genl_send_device(skb, dev, NETLINK_CB(cb->skb).portid,
405 cb->nlh->nlmsg_seq, cb, NLM_F_MULTI); 405 cb->nlh->nlmsg_seq, cb, NLM_F_MULTI);
406 if (rc < 0) 406 if (rc < 0)
407 break; 407 break;
@@ -520,7 +520,7 @@ static int nfc_genl_get_device(struct sk_buff *skb, struct genl_info *info)
520 goto out_putdev; 520 goto out_putdev;
521 } 521 }
522 522
523 rc = nfc_genl_send_device(msg, dev, info->snd_pid, info->snd_seq, 523 rc = nfc_genl_send_device(msg, dev, info->snd_portid, info->snd_seq,
524 NULL, 0); 524 NULL, 0);
525 if (rc < 0) 525 if (rc < 0)
526 goto out_free; 526 goto out_free;
@@ -611,7 +611,7 @@ static int nfc_genl_start_poll(struct sk_buff *skb, struct genl_info *info)
611 611
612 rc = nfc_start_poll(dev, im_protocols, tm_protocols); 612 rc = nfc_start_poll(dev, im_protocols, tm_protocols);
613 if (!rc) 613 if (!rc)
614 dev->genl_data.poll_req_pid = info->snd_pid; 614 dev->genl_data.poll_req_portid = info->snd_portid;
615 615
616 mutex_unlock(&dev->genl_data.genl_data_mutex); 616 mutex_unlock(&dev->genl_data.genl_data_mutex);
617 617
@@ -645,13 +645,13 @@ static int nfc_genl_stop_poll(struct sk_buff *skb, struct genl_info *info)
645 645
646 mutex_lock(&dev->genl_data.genl_data_mutex); 646 mutex_lock(&dev->genl_data.genl_data_mutex);
647 647
648 if (dev->genl_data.poll_req_pid != info->snd_pid) { 648 if (dev->genl_data.poll_req_portid != info->snd_portid) {
649 rc = -EBUSY; 649 rc = -EBUSY;
650 goto out; 650 goto out;
651 } 651 }
652 652
653 rc = nfc_stop_poll(dev); 653 rc = nfc_stop_poll(dev);
654 dev->genl_data.poll_req_pid = 0; 654 dev->genl_data.poll_req_portid = 0;
655 655
656out: 656out:
657 mutex_unlock(&dev->genl_data.genl_data_mutex); 657 mutex_unlock(&dev->genl_data.genl_data_mutex);
@@ -761,38 +761,70 @@ static struct genl_ops nfc_genl_ops[] = {
761 }, 761 },
762}; 762};
763 763
764static int nfc_genl_rcv_nl_event(struct notifier_block *this, 764
765 unsigned long event, void *ptr) 765struct urelease_work {
766 struct work_struct w;
767 int portid;
768};
769
770static void nfc_urelease_event_work(struct work_struct *work)
766{ 771{
767 struct netlink_notify *n = ptr; 772 struct urelease_work *w = container_of(work, struct urelease_work, w);
768 struct class_dev_iter iter; 773 struct class_dev_iter iter;
769 struct nfc_dev *dev; 774 struct nfc_dev *dev;
770 775
771 if (event != NETLINK_URELEASE || n->protocol != NETLINK_GENERIC) 776 pr_debug("portid %d\n", w->portid);
772 goto out;
773 777
774 pr_debug("NETLINK_URELEASE event from id %d\n", n->pid); 778 mutex_lock(&nfc_devlist_mutex);
775 779
776 nfc_device_iter_init(&iter); 780 nfc_device_iter_init(&iter);
777 dev = nfc_device_iter_next(&iter); 781 dev = nfc_device_iter_next(&iter);
778 782
779 while (dev) { 783 while (dev) {
780 if (dev->genl_data.poll_req_pid == n->pid) { 784 mutex_lock(&dev->genl_data.genl_data_mutex);
785
786 if (dev->genl_data.poll_req_portid == w->portid) {
781 nfc_stop_poll(dev); 787 nfc_stop_poll(dev);
782 dev->genl_data.poll_req_pid = 0; 788 dev->genl_data.poll_req_portid = 0;
783 } 789 }
790
791 mutex_unlock(&dev->genl_data.genl_data_mutex);
792
784 dev = nfc_device_iter_next(&iter); 793 dev = nfc_device_iter_next(&iter);
785 } 794 }
786 795
787 nfc_device_iter_exit(&iter); 796 nfc_device_iter_exit(&iter);
788 797
798 mutex_unlock(&nfc_devlist_mutex);
799
800 kfree(w);
801}
802
803static int nfc_genl_rcv_nl_event(struct notifier_block *this,
804 unsigned long event, void *ptr)
805{
806 struct netlink_notify *n = ptr;
807 struct urelease_work *w;
808
809 if (event != NETLINK_URELEASE || n->protocol != NETLINK_GENERIC)
810 goto out;
811
812 pr_debug("NETLINK_URELEASE event from id %d\n", n->portid);
813
814 w = kmalloc(sizeof(*w), GFP_ATOMIC);
815 if (w) {
816 INIT_WORK((struct work_struct *) w, nfc_urelease_event_work);
817 w->portid = n->portid;
818 schedule_work((struct work_struct *) w);
819 }
820
789out: 821out:
790 return NOTIFY_DONE; 822 return NOTIFY_DONE;
791} 823}
792 824
793void nfc_genl_data_init(struct nfc_genl_data *genl_data) 825void nfc_genl_data_init(struct nfc_genl_data *genl_data)
794{ 826{
795 genl_data->poll_req_pid = 0; 827 genl_data->poll_req_portid = 0;
796 mutex_init(&genl_data->genl_data_mutex); 828 mutex_init(&genl_data->genl_data_mutex);
797} 829}
798 830
diff --git a/net/openvswitch/actions.c b/net/openvswitch/actions.c
index 954405ceae9e..08114478cb85 100644
--- a/net/openvswitch/actions.c
+++ b/net/openvswitch/actions.c
@@ -266,7 +266,7 @@ static int do_output(struct datapath *dp, struct sk_buff *skb, int out_port)
266 if (unlikely(!skb)) 266 if (unlikely(!skb))
267 return -ENOMEM; 267 return -ENOMEM;
268 268
269 vport = rcu_dereference(dp->ports[out_port]); 269 vport = ovs_vport_rcu(dp, out_port);
270 if (unlikely(!vport)) { 270 if (unlikely(!vport)) {
271 kfree_skb(skb); 271 kfree_skb(skb);
272 return -ENODEV; 272 return -ENODEV;
@@ -286,7 +286,7 @@ static int output_userspace(struct datapath *dp, struct sk_buff *skb,
286 upcall.cmd = OVS_PACKET_CMD_ACTION; 286 upcall.cmd = OVS_PACKET_CMD_ACTION;
287 upcall.key = &OVS_CB(skb)->flow->key; 287 upcall.key = &OVS_CB(skb)->flow->key;
288 upcall.userdata = NULL; 288 upcall.userdata = NULL;
289 upcall.pid = 0; 289 upcall.portid = 0;
290 290
291 for (a = nla_data(attr), rem = nla_len(attr); rem > 0; 291 for (a = nla_data(attr), rem = nla_len(attr); rem > 0;
292 a = nla_next(a, &rem)) { 292 a = nla_next(a, &rem)) {
@@ -296,7 +296,7 @@ static int output_userspace(struct datapath *dp, struct sk_buff *skb,
296 break; 296 break;
297 297
298 case OVS_USERSPACE_ATTR_PID: 298 case OVS_USERSPACE_ATTR_PID:
299 upcall.pid = nla_get_u32(a); 299 upcall.portid = nla_get_u32(a);
300 break; 300 break;
301 } 301 }
302 } 302 }
diff --git a/net/openvswitch/datapath.c b/net/openvswitch/datapath.c
index cf58cedad083..4c4b62ccc7d7 100644
--- a/net/openvswitch/datapath.c
+++ b/net/openvswitch/datapath.c
@@ -49,12 +49,29 @@
49#include <linux/dmi.h> 49#include <linux/dmi.h>
50#include <linux/workqueue.h> 50#include <linux/workqueue.h>
51#include <net/genetlink.h> 51#include <net/genetlink.h>
52#include <net/net_namespace.h>
53#include <net/netns/generic.h>
52 54
53#include "datapath.h" 55#include "datapath.h"
54#include "flow.h" 56#include "flow.h"
55#include "vport-internal_dev.h" 57#include "vport-internal_dev.h"
56 58
57/** 59/**
60 * struct ovs_net - Per net-namespace data for ovs.
61 * @dps: List of datapaths to enable dumping them all out.
62 * Protected by genl_mutex.
63 */
64struct ovs_net {
65 struct list_head dps;
66};
67
68static int ovs_net_id __read_mostly;
69
70#define REHASH_FLOW_INTERVAL (10 * 60 * HZ)
71static void rehash_flow_table(struct work_struct *work);
72static DECLARE_DELAYED_WORK(rehash_flow_wq, rehash_flow_table);
73
74/**
58 * DOC: Locking: 75 * DOC: Locking:
59 * 76 *
60 * Writes to device state (add/remove datapath, port, set operations on vports, 77 * Writes to device state (add/remove datapath, port, set operations on vports,
@@ -71,29 +88,21 @@
71 * each other. 88 * each other.
72 */ 89 */
73 90
74/* Global list of datapaths to enable dumping them all out.
75 * Protected by genl_mutex.
76 */
77static LIST_HEAD(dps);
78
79#define REHASH_FLOW_INTERVAL (10 * 60 * HZ)
80static void rehash_flow_table(struct work_struct *work);
81static DECLARE_DELAYED_WORK(rehash_flow_wq, rehash_flow_table);
82
83static struct vport *new_vport(const struct vport_parms *); 91static struct vport *new_vport(const struct vport_parms *);
84static int queue_gso_packets(int dp_ifindex, struct sk_buff *, 92static int queue_gso_packets(struct net *, int dp_ifindex, struct sk_buff *,
85 const struct dp_upcall_info *); 93 const struct dp_upcall_info *);
86static int queue_userspace_packet(int dp_ifindex, struct sk_buff *, 94static int queue_userspace_packet(struct net *, int dp_ifindex,
95 struct sk_buff *,
87 const struct dp_upcall_info *); 96 const struct dp_upcall_info *);
88 97
89/* Must be called with rcu_read_lock, genl_mutex, or RTNL lock. */ 98/* Must be called with rcu_read_lock, genl_mutex, or RTNL lock. */
90static struct datapath *get_dp(int dp_ifindex) 99static struct datapath *get_dp(struct net *net, int dp_ifindex)
91{ 100{
92 struct datapath *dp = NULL; 101 struct datapath *dp = NULL;
93 struct net_device *dev; 102 struct net_device *dev;
94 103
95 rcu_read_lock(); 104 rcu_read_lock();
96 dev = dev_get_by_index_rcu(&init_net, dp_ifindex); 105 dev = dev_get_by_index_rcu(net, dp_ifindex);
97 if (dev) { 106 if (dev) {
98 struct vport *vport = ovs_internal_dev_get_vport(dev); 107 struct vport *vport = ovs_internal_dev_get_vport(dev);
99 if (vport) 108 if (vport)
@@ -107,7 +116,7 @@ static struct datapath *get_dp(int dp_ifindex)
107/* Must be called with rcu_read_lock or RTNL lock. */ 116/* Must be called with rcu_read_lock or RTNL lock. */
108const char *ovs_dp_name(const struct datapath *dp) 117const char *ovs_dp_name(const struct datapath *dp)
109{ 118{
110 struct vport *vport = rcu_dereference_rtnl(dp->ports[OVSP_LOCAL]); 119 struct vport *vport = ovs_vport_rtnl_rcu(dp, OVSP_LOCAL);
111 return vport->ops->get_name(vport); 120 return vport->ops->get_name(vport);
112} 121}
113 122
@@ -118,7 +127,7 @@ static int get_dpifindex(struct datapath *dp)
118 127
119 rcu_read_lock(); 128 rcu_read_lock();
120 129
121 local = rcu_dereference(dp->ports[OVSP_LOCAL]); 130 local = ovs_vport_rcu(dp, OVSP_LOCAL);
122 if (local) 131 if (local)
123 ifindex = local->ops->get_ifindex(local); 132 ifindex = local->ops->get_ifindex(local);
124 else 133 else
@@ -135,9 +144,31 @@ static void destroy_dp_rcu(struct rcu_head *rcu)
135 144
136 ovs_flow_tbl_destroy((__force struct flow_table *)dp->table); 145 ovs_flow_tbl_destroy((__force struct flow_table *)dp->table);
137 free_percpu(dp->stats_percpu); 146 free_percpu(dp->stats_percpu);
147 release_net(ovs_dp_get_net(dp));
148 kfree(dp->ports);
138 kfree(dp); 149 kfree(dp);
139} 150}
140 151
152static struct hlist_head *vport_hash_bucket(const struct datapath *dp,
153 u16 port_no)
154{
155 return &dp->ports[port_no & (DP_VPORT_HASH_BUCKETS - 1)];
156}
157
158struct vport *ovs_lookup_vport(const struct datapath *dp, u16 port_no)
159{
160 struct vport *vport;
161 struct hlist_node *n;
162 struct hlist_head *head;
163
164 head = vport_hash_bucket(dp, port_no);
165 hlist_for_each_entry_rcu(vport, n, head, dp_hash_node) {
166 if (vport->port_no == port_no)
167 return vport;
168 }
169 return NULL;
170}
171
141/* Called with RTNL lock and genl_lock. */ 172/* Called with RTNL lock and genl_lock. */
142static struct vport *new_vport(const struct vport_parms *parms) 173static struct vport *new_vport(const struct vport_parms *parms)
143{ 174{
@@ -146,9 +177,9 @@ static struct vport *new_vport(const struct vport_parms *parms)
146 vport = ovs_vport_add(parms); 177 vport = ovs_vport_add(parms);
147 if (!IS_ERR(vport)) { 178 if (!IS_ERR(vport)) {
148 struct datapath *dp = parms->dp; 179 struct datapath *dp = parms->dp;
180 struct hlist_head *head = vport_hash_bucket(dp, vport->port_no);
149 181
150 rcu_assign_pointer(dp->ports[parms->port_no], vport); 182 hlist_add_head_rcu(&vport->dp_hash_node, head);
151 list_add(&vport->node, &dp->port_list);
152 } 183 }
153 184
154 return vport; 185 return vport;
@@ -160,8 +191,7 @@ void ovs_dp_detach_port(struct vport *p)
160 ASSERT_RTNL(); 191 ASSERT_RTNL();
161 192
162 /* First drop references to device. */ 193 /* First drop references to device. */
163 list_del(&p->node); 194 hlist_del_rcu(&p->dp_hash_node);
164 rcu_assign_pointer(p->dp->ports[p->port_no], NULL);
165 195
166 /* Then destroy it. */ 196 /* Then destroy it. */
167 ovs_vport_del(p); 197 ovs_vport_del(p);
@@ -195,7 +225,7 @@ void ovs_dp_process_received_packet(struct vport *p, struct sk_buff *skb)
195 upcall.cmd = OVS_PACKET_CMD_MISS; 225 upcall.cmd = OVS_PACKET_CMD_MISS;
196 upcall.key = &key; 226 upcall.key = &key;
197 upcall.userdata = NULL; 227 upcall.userdata = NULL;
198 upcall.pid = p->upcall_pid; 228 upcall.portid = p->upcall_portid;
199 ovs_dp_upcall(dp, skb, &upcall); 229 ovs_dp_upcall(dp, skb, &upcall);
200 consume_skb(skb); 230 consume_skb(skb);
201 stats_counter = &stats->n_missed; 231 stats_counter = &stats->n_missed;
@@ -220,17 +250,18 @@ static struct genl_family dp_packet_genl_family = {
220 .hdrsize = sizeof(struct ovs_header), 250 .hdrsize = sizeof(struct ovs_header),
221 .name = OVS_PACKET_FAMILY, 251 .name = OVS_PACKET_FAMILY,
222 .version = OVS_PACKET_VERSION, 252 .version = OVS_PACKET_VERSION,
223 .maxattr = OVS_PACKET_ATTR_MAX 253 .maxattr = OVS_PACKET_ATTR_MAX,
254 .netnsok = true
224}; 255};
225 256
226int ovs_dp_upcall(struct datapath *dp, struct sk_buff *skb, 257int ovs_dp_upcall(struct datapath *dp, struct sk_buff *skb,
227 const struct dp_upcall_info *upcall_info) 258 const struct dp_upcall_info *upcall_info)
228{ 259{
229 struct dp_stats_percpu *stats; 260 struct dp_stats_percpu *stats;
230 int dp_ifindex; 261 int dp_ifindex;
231 int err; 262 int err;
232 263
233 if (upcall_info->pid == 0) { 264 if (upcall_info->portid == 0) {
234 err = -ENOTCONN; 265 err = -ENOTCONN;
235 goto err; 266 goto err;
236 } 267 }
@@ -242,9 +273,9 @@ int ovs_dp_upcall(struct datapath *dp, struct sk_buff *skb,
242 } 273 }
243 274
244 if (!skb_is_gso(skb)) 275 if (!skb_is_gso(skb))
245 err = queue_userspace_packet(dp_ifindex, skb, upcall_info); 276 err = queue_userspace_packet(ovs_dp_get_net(dp), dp_ifindex, skb, upcall_info);
246 else 277 else
247 err = queue_gso_packets(dp_ifindex, skb, upcall_info); 278 err = queue_gso_packets(ovs_dp_get_net(dp), dp_ifindex, skb, upcall_info);
248 if (err) 279 if (err)
249 goto err; 280 goto err;
250 281
@@ -260,7 +291,8 @@ err:
260 return err; 291 return err;
261} 292}
262 293
263static int queue_gso_packets(int dp_ifindex, struct sk_buff *skb, 294static int queue_gso_packets(struct net *net, int dp_ifindex,
295 struct sk_buff *skb,
264 const struct dp_upcall_info *upcall_info) 296 const struct dp_upcall_info *upcall_info)
265{ 297{
266 unsigned short gso_type = skb_shinfo(skb)->gso_type; 298 unsigned short gso_type = skb_shinfo(skb)->gso_type;
@@ -276,7 +308,7 @@ static int queue_gso_packets(int dp_ifindex, struct sk_buff *skb,
276 /* Queue all of the segments. */ 308 /* Queue all of the segments. */
277 skb = segs; 309 skb = segs;
278 do { 310 do {
279 err = queue_userspace_packet(dp_ifindex, skb, upcall_info); 311 err = queue_userspace_packet(net, dp_ifindex, skb, upcall_info);
280 if (err) 312 if (err)
281 break; 313 break;
282 314
@@ -306,7 +338,8 @@ static int queue_gso_packets(int dp_ifindex, struct sk_buff *skb,
306 return err; 338 return err;
307} 339}
308 340
309static int queue_userspace_packet(int dp_ifindex, struct sk_buff *skb, 341static int queue_userspace_packet(struct net *net, int dp_ifindex,
342 struct sk_buff *skb,
310 const struct dp_upcall_info *upcall_info) 343 const struct dp_upcall_info *upcall_info)
311{ 344{
312 struct ovs_header *upcall; 345 struct ovs_header *upcall;
@@ -362,7 +395,7 @@ static int queue_userspace_packet(int dp_ifindex, struct sk_buff *skb,
362 395
363 skb_copy_and_csum_dev(skb, nla_data(nla)); 396 skb_copy_and_csum_dev(skb, nla_data(nla));
364 397
365 err = genlmsg_unicast(&init_net, user_skb, upcall_info->pid); 398 err = genlmsg_unicast(net, user_skb, upcall_info->portid);
366 399
367out: 400out:
368 kfree_skb(nskb); 401 kfree_skb(nskb);
@@ -370,15 +403,10 @@ out:
370} 403}
371 404
372/* Called with genl_mutex. */ 405/* Called with genl_mutex. */
373static int flush_flows(int dp_ifindex) 406static int flush_flows(struct datapath *dp)
374{ 407{
375 struct flow_table *old_table; 408 struct flow_table *old_table;
376 struct flow_table *new_table; 409 struct flow_table *new_table;
377 struct datapath *dp;
378
379 dp = get_dp(dp_ifindex);
380 if (!dp)
381 return -ENODEV;
382 410
383 old_table = genl_dereference(dp->table); 411 old_table = genl_dereference(dp->table);
384 new_table = ovs_flow_tbl_alloc(TBL_MIN_BUCKETS); 412 new_table = ovs_flow_tbl_alloc(TBL_MIN_BUCKETS);
@@ -668,7 +696,7 @@ static int ovs_packet_cmd_execute(struct sk_buff *skb, struct genl_info *info)
668 packet->priority = flow->key.phy.priority; 696 packet->priority = flow->key.phy.priority;
669 697
670 rcu_read_lock(); 698 rcu_read_lock();
671 dp = get_dp(ovs_header->dp_ifindex); 699 dp = get_dp(sock_net(skb->sk), ovs_header->dp_ifindex);
672 err = -ENODEV; 700 err = -ENODEV;
673 if (!dp) 701 if (!dp)
674 goto err_unlock; 702 goto err_unlock;
@@ -742,7 +770,8 @@ static struct genl_family dp_flow_genl_family = {
742 .hdrsize = sizeof(struct ovs_header), 770 .hdrsize = sizeof(struct ovs_header),
743 .name = OVS_FLOW_FAMILY, 771 .name = OVS_FLOW_FAMILY,
744 .version = OVS_FLOW_VERSION, 772 .version = OVS_FLOW_VERSION,
745 .maxattr = OVS_FLOW_ATTR_MAX 773 .maxattr = OVS_FLOW_ATTR_MAX,
774 .netnsok = true
746}; 775};
747 776
748static struct genl_multicast_group ovs_dp_flow_multicast_group = { 777static struct genl_multicast_group ovs_dp_flow_multicast_group = {
@@ -751,7 +780,7 @@ static struct genl_multicast_group ovs_dp_flow_multicast_group = {
751 780
752/* Called with genl_lock. */ 781/* Called with genl_lock. */
753static int ovs_flow_cmd_fill_info(struct sw_flow *flow, struct datapath *dp, 782static int ovs_flow_cmd_fill_info(struct sw_flow *flow, struct datapath *dp,
754 struct sk_buff *skb, u32 pid, 783 struct sk_buff *skb, u32 portid,
755 u32 seq, u32 flags, u8 cmd) 784 u32 seq, u32 flags, u8 cmd)
756{ 785{
757 const int skb_orig_len = skb->len; 786 const int skb_orig_len = skb->len;
@@ -766,7 +795,7 @@ static int ovs_flow_cmd_fill_info(struct sw_flow *flow, struct datapath *dp,
766 sf_acts = rcu_dereference_protected(flow->sf_acts, 795 sf_acts = rcu_dereference_protected(flow->sf_acts,
767 lockdep_genl_is_held()); 796 lockdep_genl_is_held());
768 797
769 ovs_header = genlmsg_put(skb, pid, seq, &dp_flow_genl_family, flags, cmd); 798 ovs_header = genlmsg_put(skb, portid, seq, &dp_flow_genl_family, flags, cmd);
770 if (!ovs_header) 799 if (!ovs_header)
771 return -EMSGSIZE; 800 return -EMSGSIZE;
772 801
@@ -850,7 +879,7 @@ static struct sk_buff *ovs_flow_cmd_alloc_info(struct sw_flow *flow)
850 879
851static struct sk_buff *ovs_flow_cmd_build_info(struct sw_flow *flow, 880static struct sk_buff *ovs_flow_cmd_build_info(struct sw_flow *flow,
852 struct datapath *dp, 881 struct datapath *dp,
853 u32 pid, u32 seq, u8 cmd) 882 u32 portid, u32 seq, u8 cmd)
854{ 883{
855 struct sk_buff *skb; 884 struct sk_buff *skb;
856 int retval; 885 int retval;
@@ -859,7 +888,7 @@ static struct sk_buff *ovs_flow_cmd_build_info(struct sw_flow *flow,
859 if (!skb) 888 if (!skb)
860 return ERR_PTR(-ENOMEM); 889 return ERR_PTR(-ENOMEM);
861 890
862 retval = ovs_flow_cmd_fill_info(flow, dp, skb, pid, seq, 0, cmd); 891 retval = ovs_flow_cmd_fill_info(flow, dp, skb, portid, seq, 0, cmd);
863 BUG_ON(retval < 0); 892 BUG_ON(retval < 0);
864 return skb; 893 return skb;
865} 894}
@@ -894,7 +923,7 @@ static int ovs_flow_cmd_new_or_set(struct sk_buff *skb, struct genl_info *info)
894 goto error; 923 goto error;
895 } 924 }
896 925
897 dp = get_dp(ovs_header->dp_ifindex); 926 dp = get_dp(sock_net(skb->sk), ovs_header->dp_ifindex);
898 error = -ENODEV; 927 error = -ENODEV;
899 if (!dp) 928 if (!dp)
900 goto error; 929 goto error;
@@ -941,7 +970,7 @@ static int ovs_flow_cmd_new_or_set(struct sk_buff *skb, struct genl_info *info)
941 flow->hash = ovs_flow_hash(&key, key_len); 970 flow->hash = ovs_flow_hash(&key, key_len);
942 ovs_flow_tbl_insert(table, flow); 971 ovs_flow_tbl_insert(table, flow);
943 972
944 reply = ovs_flow_cmd_build_info(flow, dp, info->snd_pid, 973 reply = ovs_flow_cmd_build_info(flow, dp, info->snd_portid,
945 info->snd_seq, 974 info->snd_seq,
946 OVS_FLOW_CMD_NEW); 975 OVS_FLOW_CMD_NEW);
947 } else { 976 } else {
@@ -979,7 +1008,7 @@ static int ovs_flow_cmd_new_or_set(struct sk_buff *skb, struct genl_info *info)
979 ovs_flow_deferred_free_acts(old_acts); 1008 ovs_flow_deferred_free_acts(old_acts);
980 } 1009 }
981 1010
982 reply = ovs_flow_cmd_build_info(flow, dp, info->snd_pid, 1011 reply = ovs_flow_cmd_build_info(flow, dp, info->snd_portid,
983 info->snd_seq, OVS_FLOW_CMD_NEW); 1012 info->snd_seq, OVS_FLOW_CMD_NEW);
984 1013
985 /* Clear stats. */ 1014 /* Clear stats. */
@@ -991,11 +1020,11 @@ static int ovs_flow_cmd_new_or_set(struct sk_buff *skb, struct genl_info *info)
991 } 1020 }
992 1021
993 if (!IS_ERR(reply)) 1022 if (!IS_ERR(reply))
994 genl_notify(reply, genl_info_net(info), info->snd_pid, 1023 genl_notify(reply, genl_info_net(info), info->snd_portid,
995 ovs_dp_flow_multicast_group.id, info->nlhdr, 1024 ovs_dp_flow_multicast_group.id, info->nlhdr,
996 GFP_KERNEL); 1025 GFP_KERNEL);
997 else 1026 else
998 netlink_set_err(init_net.genl_sock, 0, 1027 netlink_set_err(sock_net(skb->sk)->genl_sock, 0,
999 ovs_dp_flow_multicast_group.id, PTR_ERR(reply)); 1028 ovs_dp_flow_multicast_group.id, PTR_ERR(reply));
1000 return 0; 1029 return 0;
1001 1030
@@ -1023,7 +1052,7 @@ static int ovs_flow_cmd_get(struct sk_buff *skb, struct genl_info *info)
1023 if (err) 1052 if (err)
1024 return err; 1053 return err;
1025 1054
1026 dp = get_dp(ovs_header->dp_ifindex); 1055 dp = get_dp(sock_net(skb->sk), ovs_header->dp_ifindex);
1027 if (!dp) 1056 if (!dp)
1028 return -ENODEV; 1057 return -ENODEV;
1029 1058
@@ -1032,7 +1061,7 @@ static int ovs_flow_cmd_get(struct sk_buff *skb, struct genl_info *info)
1032 if (!flow) 1061 if (!flow)
1033 return -ENOENT; 1062 return -ENOENT;
1034 1063
1035 reply = ovs_flow_cmd_build_info(flow, dp, info->snd_pid, 1064 reply = ovs_flow_cmd_build_info(flow, dp, info->snd_portid,
1036 info->snd_seq, OVS_FLOW_CMD_NEW); 1065 info->snd_seq, OVS_FLOW_CMD_NEW);
1037 if (IS_ERR(reply)) 1066 if (IS_ERR(reply))
1038 return PTR_ERR(reply); 1067 return PTR_ERR(reply);
@@ -1052,16 +1081,17 @@ static int ovs_flow_cmd_del(struct sk_buff *skb, struct genl_info *info)
1052 int err; 1081 int err;
1053 int key_len; 1082 int key_len;
1054 1083
1084 dp = get_dp(sock_net(skb->sk), ovs_header->dp_ifindex);
1085 if (!dp)
1086 return -ENODEV;
1087
1055 if (!a[OVS_FLOW_ATTR_KEY]) 1088 if (!a[OVS_FLOW_ATTR_KEY])
1056 return flush_flows(ovs_header->dp_ifindex); 1089 return flush_flows(dp);
1090
1057 err = ovs_flow_from_nlattrs(&key, &key_len, a[OVS_FLOW_ATTR_KEY]); 1091 err = ovs_flow_from_nlattrs(&key, &key_len, a[OVS_FLOW_ATTR_KEY]);
1058 if (err) 1092 if (err)
1059 return err; 1093 return err;
1060 1094
1061 dp = get_dp(ovs_header->dp_ifindex);
1062 if (!dp)
1063 return -ENODEV;
1064
1065 table = genl_dereference(dp->table); 1095 table = genl_dereference(dp->table);
1066 flow = ovs_flow_tbl_lookup(table, &key, key_len); 1096 flow = ovs_flow_tbl_lookup(table, &key, key_len);
1067 if (!flow) 1097 if (!flow)
@@ -1073,13 +1103,13 @@ static int ovs_flow_cmd_del(struct sk_buff *skb, struct genl_info *info)
1073 1103
1074 ovs_flow_tbl_remove(table, flow); 1104 ovs_flow_tbl_remove(table, flow);
1075 1105
1076 err = ovs_flow_cmd_fill_info(flow, dp, reply, info->snd_pid, 1106 err = ovs_flow_cmd_fill_info(flow, dp, reply, info->snd_portid,
1077 info->snd_seq, 0, OVS_FLOW_CMD_DEL); 1107 info->snd_seq, 0, OVS_FLOW_CMD_DEL);
1078 BUG_ON(err < 0); 1108 BUG_ON(err < 0);
1079 1109
1080 ovs_flow_deferred_free(flow); 1110 ovs_flow_deferred_free(flow);
1081 1111
1082 genl_notify(reply, genl_info_net(info), info->snd_pid, 1112 genl_notify(reply, genl_info_net(info), info->snd_portid,
1083 ovs_dp_flow_multicast_group.id, info->nlhdr, GFP_KERNEL); 1113 ovs_dp_flow_multicast_group.id, info->nlhdr, GFP_KERNEL);
1084 return 0; 1114 return 0;
1085} 1115}
@@ -1090,7 +1120,7 @@ static int ovs_flow_cmd_dump(struct sk_buff *skb, struct netlink_callback *cb)
1090 struct datapath *dp; 1120 struct datapath *dp;
1091 struct flow_table *table; 1121 struct flow_table *table;
1092 1122
1093 dp = get_dp(ovs_header->dp_ifindex); 1123 dp = get_dp(sock_net(skb->sk), ovs_header->dp_ifindex);
1094 if (!dp) 1124 if (!dp)
1095 return -ENODEV; 1125 return -ENODEV;
1096 1126
@@ -1107,7 +1137,7 @@ static int ovs_flow_cmd_dump(struct sk_buff *skb, struct netlink_callback *cb)
1107 break; 1137 break;
1108 1138
1109 if (ovs_flow_cmd_fill_info(flow, dp, skb, 1139 if (ovs_flow_cmd_fill_info(flow, dp, skb,
1110 NETLINK_CB(cb->skb).pid, 1140 NETLINK_CB(cb->skb).portid,
1111 cb->nlh->nlmsg_seq, NLM_F_MULTI, 1141 cb->nlh->nlmsg_seq, NLM_F_MULTI,
1112 OVS_FLOW_CMD_NEW) < 0) 1142 OVS_FLOW_CMD_NEW) < 0)
1113 break; 1143 break;
@@ -1152,7 +1182,8 @@ static struct genl_family dp_datapath_genl_family = {
1152 .hdrsize = sizeof(struct ovs_header), 1182 .hdrsize = sizeof(struct ovs_header),
1153 .name = OVS_DATAPATH_FAMILY, 1183 .name = OVS_DATAPATH_FAMILY,
1154 .version = OVS_DATAPATH_VERSION, 1184 .version = OVS_DATAPATH_VERSION,
1155 .maxattr = OVS_DP_ATTR_MAX 1185 .maxattr = OVS_DP_ATTR_MAX,
1186 .netnsok = true
1156}; 1187};
1157 1188
1158static struct genl_multicast_group ovs_dp_datapath_multicast_group = { 1189static struct genl_multicast_group ovs_dp_datapath_multicast_group = {
@@ -1160,13 +1191,13 @@ static struct genl_multicast_group ovs_dp_datapath_multicast_group = {
1160}; 1191};
1161 1192
1162static int ovs_dp_cmd_fill_info(struct datapath *dp, struct sk_buff *skb, 1193static int ovs_dp_cmd_fill_info(struct datapath *dp, struct sk_buff *skb,
1163 u32 pid, u32 seq, u32 flags, u8 cmd) 1194 u32 portid, u32 seq, u32 flags, u8 cmd)
1164{ 1195{
1165 struct ovs_header *ovs_header; 1196 struct ovs_header *ovs_header;
1166 struct ovs_dp_stats dp_stats; 1197 struct ovs_dp_stats dp_stats;
1167 int err; 1198 int err;
1168 1199
1169 ovs_header = genlmsg_put(skb, pid, seq, &dp_datapath_genl_family, 1200 ovs_header = genlmsg_put(skb, portid, seq, &dp_datapath_genl_family,
1170 flags, cmd); 1201 flags, cmd);
1171 if (!ovs_header) 1202 if (!ovs_header)
1172 goto error; 1203 goto error;
@@ -1191,7 +1222,7 @@ error:
1191 return -EMSGSIZE; 1222 return -EMSGSIZE;
1192} 1223}
1193 1224
1194static struct sk_buff *ovs_dp_cmd_build_info(struct datapath *dp, u32 pid, 1225static struct sk_buff *ovs_dp_cmd_build_info(struct datapath *dp, u32 portid,
1195 u32 seq, u8 cmd) 1226 u32 seq, u8 cmd)
1196{ 1227{
1197 struct sk_buff *skb; 1228 struct sk_buff *skb;
@@ -1201,7 +1232,7 @@ static struct sk_buff *ovs_dp_cmd_build_info(struct datapath *dp, u32 pid,
1201 if (!skb) 1232 if (!skb)
1202 return ERR_PTR(-ENOMEM); 1233 return ERR_PTR(-ENOMEM);
1203 1234
1204 retval = ovs_dp_cmd_fill_info(dp, skb, pid, seq, 0, cmd); 1235 retval = ovs_dp_cmd_fill_info(dp, skb, portid, seq, 0, cmd);
1205 if (retval < 0) { 1236 if (retval < 0) {
1206 kfree_skb(skb); 1237 kfree_skb(skb);
1207 return ERR_PTR(retval); 1238 return ERR_PTR(retval);
@@ -1210,18 +1241,19 @@ static struct sk_buff *ovs_dp_cmd_build_info(struct datapath *dp, u32 pid,
1210} 1241}
1211 1242
1212/* Called with genl_mutex and optionally with RTNL lock also. */ 1243/* Called with genl_mutex and optionally with RTNL lock also. */
1213static struct datapath *lookup_datapath(struct ovs_header *ovs_header, 1244static struct datapath *lookup_datapath(struct net *net,
1245 struct ovs_header *ovs_header,
1214 struct nlattr *a[OVS_DP_ATTR_MAX + 1]) 1246 struct nlattr *a[OVS_DP_ATTR_MAX + 1])
1215{ 1247{
1216 struct datapath *dp; 1248 struct datapath *dp;
1217 1249
1218 if (!a[OVS_DP_ATTR_NAME]) 1250 if (!a[OVS_DP_ATTR_NAME])
1219 dp = get_dp(ovs_header->dp_ifindex); 1251 dp = get_dp(net, ovs_header->dp_ifindex);
1220 else { 1252 else {
1221 struct vport *vport; 1253 struct vport *vport;
1222 1254
1223 rcu_read_lock(); 1255 rcu_read_lock();
1224 vport = ovs_vport_locate(nla_data(a[OVS_DP_ATTR_NAME])); 1256 vport = ovs_vport_locate(net, nla_data(a[OVS_DP_ATTR_NAME]));
1225 dp = vport && vport->port_no == OVSP_LOCAL ? vport->dp : NULL; 1257 dp = vport && vport->port_no == OVSP_LOCAL ? vport->dp : NULL;
1226 rcu_read_unlock(); 1258 rcu_read_unlock();
1227 } 1259 }
@@ -1235,22 +1267,21 @@ static int ovs_dp_cmd_new(struct sk_buff *skb, struct genl_info *info)
1235 struct sk_buff *reply; 1267 struct sk_buff *reply;
1236 struct datapath *dp; 1268 struct datapath *dp;
1237 struct vport *vport; 1269 struct vport *vport;
1238 int err; 1270 struct ovs_net *ovs_net;
1271 int err, i;
1239 1272
1240 err = -EINVAL; 1273 err = -EINVAL;
1241 if (!a[OVS_DP_ATTR_NAME] || !a[OVS_DP_ATTR_UPCALL_PID]) 1274 if (!a[OVS_DP_ATTR_NAME] || !a[OVS_DP_ATTR_UPCALL_PID])
1242 goto err; 1275 goto err;
1243 1276
1244 rtnl_lock(); 1277 rtnl_lock();
1245 err = -ENODEV;
1246 if (!try_module_get(THIS_MODULE))
1247 goto err_unlock_rtnl;
1248 1278
1249 err = -ENOMEM; 1279 err = -ENOMEM;
1250 dp = kzalloc(sizeof(*dp), GFP_KERNEL); 1280 dp = kzalloc(sizeof(*dp), GFP_KERNEL);
1251 if (dp == NULL) 1281 if (dp == NULL)
1252 goto err_put_module; 1282 goto err_unlock_rtnl;
1253 INIT_LIST_HEAD(&dp->port_list); 1283
1284 ovs_dp_set_net(dp, hold_net(sock_net(skb->sk)));
1254 1285
1255 /* Allocate table. */ 1286 /* Allocate table. */
1256 err = -ENOMEM; 1287 err = -ENOMEM;
@@ -1264,13 +1295,23 @@ static int ovs_dp_cmd_new(struct sk_buff *skb, struct genl_info *info)
1264 goto err_destroy_table; 1295 goto err_destroy_table;
1265 } 1296 }
1266 1297
1298 dp->ports = kmalloc(DP_VPORT_HASH_BUCKETS * sizeof(struct hlist_head),
1299 GFP_KERNEL);
1300 if (!dp->ports) {
1301 err = -ENOMEM;
1302 goto err_destroy_percpu;
1303 }
1304
1305 for (i = 0; i < DP_VPORT_HASH_BUCKETS; i++)
1306 INIT_HLIST_HEAD(&dp->ports[i]);
1307
1267 /* Set up our datapath device. */ 1308 /* Set up our datapath device. */
1268 parms.name = nla_data(a[OVS_DP_ATTR_NAME]); 1309 parms.name = nla_data(a[OVS_DP_ATTR_NAME]);
1269 parms.type = OVS_VPORT_TYPE_INTERNAL; 1310 parms.type = OVS_VPORT_TYPE_INTERNAL;
1270 parms.options = NULL; 1311 parms.options = NULL;
1271 parms.dp = dp; 1312 parms.dp = dp;
1272 parms.port_no = OVSP_LOCAL; 1313 parms.port_no = OVSP_LOCAL;
1273 parms.upcall_pid = nla_get_u32(a[OVS_DP_ATTR_UPCALL_PID]); 1314 parms.upcall_portid = nla_get_u32(a[OVS_DP_ATTR_UPCALL_PID]);
1274 1315
1275 vport = new_vport(&parms); 1316 vport = new_vport(&parms);
1276 if (IS_ERR(vport)) { 1317 if (IS_ERR(vport)) {
@@ -1278,64 +1319,59 @@ static int ovs_dp_cmd_new(struct sk_buff *skb, struct genl_info *info)
1278 if (err == -EBUSY) 1319 if (err == -EBUSY)
1279 err = -EEXIST; 1320 err = -EEXIST;
1280 1321
1281 goto err_destroy_percpu; 1322 goto err_destroy_ports_array;
1282 } 1323 }
1283 1324
1284 reply = ovs_dp_cmd_build_info(dp, info->snd_pid, 1325 reply = ovs_dp_cmd_build_info(dp, info->snd_portid,
1285 info->snd_seq, OVS_DP_CMD_NEW); 1326 info->snd_seq, OVS_DP_CMD_NEW);
1286 err = PTR_ERR(reply); 1327 err = PTR_ERR(reply);
1287 if (IS_ERR(reply)) 1328 if (IS_ERR(reply))
1288 goto err_destroy_local_port; 1329 goto err_destroy_local_port;
1289 1330
1290 list_add_tail(&dp->list_node, &dps); 1331 ovs_net = net_generic(ovs_dp_get_net(dp), ovs_net_id);
1332 list_add_tail(&dp->list_node, &ovs_net->dps);
1291 rtnl_unlock(); 1333 rtnl_unlock();
1292 1334
1293 genl_notify(reply, genl_info_net(info), info->snd_pid, 1335 genl_notify(reply, genl_info_net(info), info->snd_portid,
1294 ovs_dp_datapath_multicast_group.id, info->nlhdr, 1336 ovs_dp_datapath_multicast_group.id, info->nlhdr,
1295 GFP_KERNEL); 1337 GFP_KERNEL);
1296 return 0; 1338 return 0;
1297 1339
1298err_destroy_local_port: 1340err_destroy_local_port:
1299 ovs_dp_detach_port(rtnl_dereference(dp->ports[OVSP_LOCAL])); 1341 ovs_dp_detach_port(ovs_vport_rtnl(dp, OVSP_LOCAL));
1342err_destroy_ports_array:
1343 kfree(dp->ports);
1300err_destroy_percpu: 1344err_destroy_percpu:
1301 free_percpu(dp->stats_percpu); 1345 free_percpu(dp->stats_percpu);
1302err_destroy_table: 1346err_destroy_table:
1303 ovs_flow_tbl_destroy(genl_dereference(dp->table)); 1347 ovs_flow_tbl_destroy(genl_dereference(dp->table));
1304err_free_dp: 1348err_free_dp:
1349 release_net(ovs_dp_get_net(dp));
1305 kfree(dp); 1350 kfree(dp);
1306err_put_module:
1307 module_put(THIS_MODULE);
1308err_unlock_rtnl: 1351err_unlock_rtnl:
1309 rtnl_unlock(); 1352 rtnl_unlock();
1310err: 1353err:
1311 return err; 1354 return err;
1312} 1355}
1313 1356
1314static int ovs_dp_cmd_del(struct sk_buff *skb, struct genl_info *info) 1357/* Called with genl_mutex. */
1358static void __dp_destroy(struct datapath *dp)
1315{ 1359{
1316 struct vport *vport, *next_vport; 1360 int i;
1317 struct sk_buff *reply;
1318 struct datapath *dp;
1319 int err;
1320 1361
1321 rtnl_lock(); 1362 rtnl_lock();
1322 dp = lookup_datapath(info->userhdr, info->attrs);
1323 err = PTR_ERR(dp);
1324 if (IS_ERR(dp))
1325 goto exit_unlock;
1326 1363
1327 reply = ovs_dp_cmd_build_info(dp, info->snd_pid, 1364 for (i = 0; i < DP_VPORT_HASH_BUCKETS; i++) {
1328 info->snd_seq, OVS_DP_CMD_DEL); 1365 struct vport *vport;
1329 err = PTR_ERR(reply); 1366 struct hlist_node *node, *n;
1330 if (IS_ERR(reply))
1331 goto exit_unlock;
1332 1367
1333 list_for_each_entry_safe(vport, next_vport, &dp->port_list, node) 1368 hlist_for_each_entry_safe(vport, node, n, &dp->ports[i], dp_hash_node)
1334 if (vport->port_no != OVSP_LOCAL) 1369 if (vport->port_no != OVSP_LOCAL)
1335 ovs_dp_detach_port(vport); 1370 ovs_dp_detach_port(vport);
1371 }
1336 1372
1337 list_del(&dp->list_node); 1373 list_del(&dp->list_node);
1338 ovs_dp_detach_port(rtnl_dereference(dp->ports[OVSP_LOCAL])); 1374 ovs_dp_detach_port(ovs_vport_rtnl(dp, OVSP_LOCAL));
1339 1375
1340 /* rtnl_unlock() will wait until all the references to devices that 1376 /* rtnl_unlock() will wait until all the references to devices that
1341 * are pending unregistration have been dropped. We do it here to 1377 * are pending unregistration have been dropped. We do it here to
@@ -1345,17 +1381,32 @@ static int ovs_dp_cmd_del(struct sk_buff *skb, struct genl_info *info)
1345 rtnl_unlock(); 1381 rtnl_unlock();
1346 1382
1347 call_rcu(&dp->rcu, destroy_dp_rcu); 1383 call_rcu(&dp->rcu, destroy_dp_rcu);
1348 module_put(THIS_MODULE); 1384}
1385
1386static int ovs_dp_cmd_del(struct sk_buff *skb, struct genl_info *info)
1387{
1388 struct sk_buff *reply;
1389 struct datapath *dp;
1390 int err;
1391
1392 dp = lookup_datapath(sock_net(skb->sk), info->userhdr, info->attrs);
1393 err = PTR_ERR(dp);
1394 if (IS_ERR(dp))
1395 return err;
1349 1396
1350 genl_notify(reply, genl_info_net(info), info->snd_pid, 1397 reply = ovs_dp_cmd_build_info(dp, info->snd_portid,
1398 info->snd_seq, OVS_DP_CMD_DEL);
1399 err = PTR_ERR(reply);
1400 if (IS_ERR(reply))
1401 return err;
1402
1403 __dp_destroy(dp);
1404
1405 genl_notify(reply, genl_info_net(info), info->snd_portid,
1351 ovs_dp_datapath_multicast_group.id, info->nlhdr, 1406 ovs_dp_datapath_multicast_group.id, info->nlhdr,
1352 GFP_KERNEL); 1407 GFP_KERNEL);
1353 1408
1354 return 0; 1409 return 0;
1355
1356exit_unlock:
1357 rtnl_unlock();
1358 return err;
1359} 1410}
1360 1411
1361static int ovs_dp_cmd_set(struct sk_buff *skb, struct genl_info *info) 1412static int ovs_dp_cmd_set(struct sk_buff *skb, struct genl_info *info)
@@ -1364,20 +1415,20 @@ static int ovs_dp_cmd_set(struct sk_buff *skb, struct genl_info *info)
1364 struct datapath *dp; 1415 struct datapath *dp;
1365 int err; 1416 int err;
1366 1417
1367 dp = lookup_datapath(info->userhdr, info->attrs); 1418 dp = lookup_datapath(sock_net(skb->sk), info->userhdr, info->attrs);
1368 if (IS_ERR(dp)) 1419 if (IS_ERR(dp))
1369 return PTR_ERR(dp); 1420 return PTR_ERR(dp);
1370 1421
1371 reply = ovs_dp_cmd_build_info(dp, info->snd_pid, 1422 reply = ovs_dp_cmd_build_info(dp, info->snd_portid,
1372 info->snd_seq, OVS_DP_CMD_NEW); 1423 info->snd_seq, OVS_DP_CMD_NEW);
1373 if (IS_ERR(reply)) { 1424 if (IS_ERR(reply)) {
1374 err = PTR_ERR(reply); 1425 err = PTR_ERR(reply);
1375 netlink_set_err(init_net.genl_sock, 0, 1426 netlink_set_err(sock_net(skb->sk)->genl_sock, 0,
1376 ovs_dp_datapath_multicast_group.id, err); 1427 ovs_dp_datapath_multicast_group.id, err);
1377 return 0; 1428 return 0;
1378 } 1429 }
1379 1430
1380 genl_notify(reply, genl_info_net(info), info->snd_pid, 1431 genl_notify(reply, genl_info_net(info), info->snd_portid,
1381 ovs_dp_datapath_multicast_group.id, info->nlhdr, 1432 ovs_dp_datapath_multicast_group.id, info->nlhdr,
1382 GFP_KERNEL); 1433 GFP_KERNEL);
1383 1434
@@ -1389,11 +1440,11 @@ static int ovs_dp_cmd_get(struct sk_buff *skb, struct genl_info *info)
1389 struct sk_buff *reply; 1440 struct sk_buff *reply;
1390 struct datapath *dp; 1441 struct datapath *dp;
1391 1442
1392 dp = lookup_datapath(info->userhdr, info->attrs); 1443 dp = lookup_datapath(sock_net(skb->sk), info->userhdr, info->attrs);
1393 if (IS_ERR(dp)) 1444 if (IS_ERR(dp))
1394 return PTR_ERR(dp); 1445 return PTR_ERR(dp);
1395 1446
1396 reply = ovs_dp_cmd_build_info(dp, info->snd_pid, 1447 reply = ovs_dp_cmd_build_info(dp, info->snd_portid,
1397 info->snd_seq, OVS_DP_CMD_NEW); 1448 info->snd_seq, OVS_DP_CMD_NEW);
1398 if (IS_ERR(reply)) 1449 if (IS_ERR(reply))
1399 return PTR_ERR(reply); 1450 return PTR_ERR(reply);
@@ -1403,13 +1454,14 @@ static int ovs_dp_cmd_get(struct sk_buff *skb, struct genl_info *info)
1403 1454
1404static int ovs_dp_cmd_dump(struct sk_buff *skb, struct netlink_callback *cb) 1455static int ovs_dp_cmd_dump(struct sk_buff *skb, struct netlink_callback *cb)
1405{ 1456{
1457 struct ovs_net *ovs_net = net_generic(sock_net(skb->sk), ovs_net_id);
1406 struct datapath *dp; 1458 struct datapath *dp;
1407 int skip = cb->args[0]; 1459 int skip = cb->args[0];
1408 int i = 0; 1460 int i = 0;
1409 1461
1410 list_for_each_entry(dp, &dps, list_node) { 1462 list_for_each_entry(dp, &ovs_net->dps, list_node) {
1411 if (i >= skip && 1463 if (i >= skip &&
1412 ovs_dp_cmd_fill_info(dp, skb, NETLINK_CB(cb->skb).pid, 1464 ovs_dp_cmd_fill_info(dp, skb, NETLINK_CB(cb->skb).portid,
1413 cb->nlh->nlmsg_seq, NLM_F_MULTI, 1465 cb->nlh->nlmsg_seq, NLM_F_MULTI,
1414 OVS_DP_CMD_NEW) < 0) 1466 OVS_DP_CMD_NEW) < 0)
1415 break; 1467 break;
@@ -1459,7 +1511,8 @@ static struct genl_family dp_vport_genl_family = {
1459 .hdrsize = sizeof(struct ovs_header), 1511 .hdrsize = sizeof(struct ovs_header),
1460 .name = OVS_VPORT_FAMILY, 1512 .name = OVS_VPORT_FAMILY,
1461 .version = OVS_VPORT_VERSION, 1513 .version = OVS_VPORT_VERSION,
1462 .maxattr = OVS_VPORT_ATTR_MAX 1514 .maxattr = OVS_VPORT_ATTR_MAX,
1515 .netnsok = true
1463}; 1516};
1464 1517
1465struct genl_multicast_group ovs_dp_vport_multicast_group = { 1518struct genl_multicast_group ovs_dp_vport_multicast_group = {
@@ -1468,13 +1521,13 @@ struct genl_multicast_group ovs_dp_vport_multicast_group = {
1468 1521
1469/* Called with RTNL lock or RCU read lock. */ 1522/* Called with RTNL lock or RCU read lock. */
1470static int ovs_vport_cmd_fill_info(struct vport *vport, struct sk_buff *skb, 1523static int ovs_vport_cmd_fill_info(struct vport *vport, struct sk_buff *skb,
1471 u32 pid, u32 seq, u32 flags, u8 cmd) 1524 u32 portid, u32 seq, u32 flags, u8 cmd)
1472{ 1525{
1473 struct ovs_header *ovs_header; 1526 struct ovs_header *ovs_header;
1474 struct ovs_vport_stats vport_stats; 1527 struct ovs_vport_stats vport_stats;
1475 int err; 1528 int err;
1476 1529
1477 ovs_header = genlmsg_put(skb, pid, seq, &dp_vport_genl_family, 1530 ovs_header = genlmsg_put(skb, portid, seq, &dp_vport_genl_family,
1478 flags, cmd); 1531 flags, cmd);
1479 if (!ovs_header) 1532 if (!ovs_header)
1480 return -EMSGSIZE; 1533 return -EMSGSIZE;
@@ -1484,7 +1537,7 @@ static int ovs_vport_cmd_fill_info(struct vport *vport, struct sk_buff *skb,
1484 if (nla_put_u32(skb, OVS_VPORT_ATTR_PORT_NO, vport->port_no) || 1537 if (nla_put_u32(skb, OVS_VPORT_ATTR_PORT_NO, vport->port_no) ||
1485 nla_put_u32(skb, OVS_VPORT_ATTR_TYPE, vport->ops->type) || 1538 nla_put_u32(skb, OVS_VPORT_ATTR_TYPE, vport->ops->type) ||
1486 nla_put_string(skb, OVS_VPORT_ATTR_NAME, vport->ops->get_name(vport)) || 1539 nla_put_string(skb, OVS_VPORT_ATTR_NAME, vport->ops->get_name(vport)) ||
1487 nla_put_u32(skb, OVS_VPORT_ATTR_UPCALL_PID, vport->upcall_pid)) 1540 nla_put_u32(skb, OVS_VPORT_ATTR_UPCALL_PID, vport->upcall_portid))
1488 goto nla_put_failure; 1541 goto nla_put_failure;
1489 1542
1490 ovs_vport_get_stats(vport, &vport_stats); 1543 ovs_vport_get_stats(vport, &vport_stats);
@@ -1506,7 +1559,7 @@ error:
1506} 1559}
1507 1560
1508/* Called with RTNL lock or RCU read lock. */ 1561/* Called with RTNL lock or RCU read lock. */
1509struct sk_buff *ovs_vport_cmd_build_info(struct vport *vport, u32 pid, 1562struct sk_buff *ovs_vport_cmd_build_info(struct vport *vport, u32 portid,
1510 u32 seq, u8 cmd) 1563 u32 seq, u8 cmd)
1511{ 1564{
1512 struct sk_buff *skb; 1565 struct sk_buff *skb;
@@ -1516,7 +1569,7 @@ struct sk_buff *ovs_vport_cmd_build_info(struct vport *vport, u32 pid,
1516 if (!skb) 1569 if (!skb)
1517 return ERR_PTR(-ENOMEM); 1570 return ERR_PTR(-ENOMEM);
1518 1571
1519 retval = ovs_vport_cmd_fill_info(vport, skb, pid, seq, 0, cmd); 1572 retval = ovs_vport_cmd_fill_info(vport, skb, portid, seq, 0, cmd);
1520 if (retval < 0) { 1573 if (retval < 0) {
1521 kfree_skb(skb); 1574 kfree_skb(skb);
1522 return ERR_PTR(retval); 1575 return ERR_PTR(retval);
@@ -1525,14 +1578,15 @@ struct sk_buff *ovs_vport_cmd_build_info(struct vport *vport, u32 pid,
1525} 1578}
1526 1579
1527/* Called with RTNL lock or RCU read lock. */ 1580/* Called with RTNL lock or RCU read lock. */
1528static struct vport *lookup_vport(struct ovs_header *ovs_header, 1581static struct vport *lookup_vport(struct net *net,
1582 struct ovs_header *ovs_header,
1529 struct nlattr *a[OVS_VPORT_ATTR_MAX + 1]) 1583 struct nlattr *a[OVS_VPORT_ATTR_MAX + 1])
1530{ 1584{
1531 struct datapath *dp; 1585 struct datapath *dp;
1532 struct vport *vport; 1586 struct vport *vport;
1533 1587
1534 if (a[OVS_VPORT_ATTR_NAME]) { 1588 if (a[OVS_VPORT_ATTR_NAME]) {
1535 vport = ovs_vport_locate(nla_data(a[OVS_VPORT_ATTR_NAME])); 1589 vport = ovs_vport_locate(net, nla_data(a[OVS_VPORT_ATTR_NAME]));
1536 if (!vport) 1590 if (!vport)
1537 return ERR_PTR(-ENODEV); 1591 return ERR_PTR(-ENODEV);
1538 if (ovs_header->dp_ifindex && 1592 if (ovs_header->dp_ifindex &&
@@ -1545,11 +1599,11 @@ static struct vport *lookup_vport(struct ovs_header *ovs_header,
1545 if (port_no >= DP_MAX_PORTS) 1599 if (port_no >= DP_MAX_PORTS)
1546 return ERR_PTR(-EFBIG); 1600 return ERR_PTR(-EFBIG);
1547 1601
1548 dp = get_dp(ovs_header->dp_ifindex); 1602 dp = get_dp(net, ovs_header->dp_ifindex);
1549 if (!dp) 1603 if (!dp)
1550 return ERR_PTR(-ENODEV); 1604 return ERR_PTR(-ENODEV);
1551 1605
1552 vport = rcu_dereference_rtnl(dp->ports[port_no]); 1606 vport = ovs_vport_rtnl_rcu(dp, port_no);
1553 if (!vport) 1607 if (!vport)
1554 return ERR_PTR(-ENOENT); 1608 return ERR_PTR(-ENOENT);
1555 return vport; 1609 return vport;
@@ -1574,7 +1628,7 @@ static int ovs_vport_cmd_new(struct sk_buff *skb, struct genl_info *info)
1574 goto exit; 1628 goto exit;
1575 1629
1576 rtnl_lock(); 1630 rtnl_lock();
1577 dp = get_dp(ovs_header->dp_ifindex); 1631 dp = get_dp(sock_net(skb->sk), ovs_header->dp_ifindex);
1578 err = -ENODEV; 1632 err = -ENODEV;
1579 if (!dp) 1633 if (!dp)
1580 goto exit_unlock; 1634 goto exit_unlock;
@@ -1586,7 +1640,7 @@ static int ovs_vport_cmd_new(struct sk_buff *skb, struct genl_info *info)
1586 if (port_no >= DP_MAX_PORTS) 1640 if (port_no >= DP_MAX_PORTS)
1587 goto exit_unlock; 1641 goto exit_unlock;
1588 1642
1589 vport = rtnl_dereference(dp->ports[port_no]); 1643 vport = ovs_vport_rtnl_rcu(dp, port_no);
1590 err = -EBUSY; 1644 err = -EBUSY;
1591 if (vport) 1645 if (vport)
1592 goto exit_unlock; 1646 goto exit_unlock;
@@ -1596,7 +1650,7 @@ static int ovs_vport_cmd_new(struct sk_buff *skb, struct genl_info *info)
1596 err = -EFBIG; 1650 err = -EFBIG;
1597 goto exit_unlock; 1651 goto exit_unlock;
1598 } 1652 }
1599 vport = rtnl_dereference(dp->ports[port_no]); 1653 vport = ovs_vport_rtnl(dp, port_no);
1600 if (!vport) 1654 if (!vport)
1601 break; 1655 break;
1602 } 1656 }
@@ -1607,21 +1661,21 @@ static int ovs_vport_cmd_new(struct sk_buff *skb, struct genl_info *info)
1607 parms.options = a[OVS_VPORT_ATTR_OPTIONS]; 1661 parms.options = a[OVS_VPORT_ATTR_OPTIONS];
1608 parms.dp = dp; 1662 parms.dp = dp;
1609 parms.port_no = port_no; 1663 parms.port_no = port_no;
1610 parms.upcall_pid = nla_get_u32(a[OVS_VPORT_ATTR_UPCALL_PID]); 1664 parms.upcall_portid = nla_get_u32(a[OVS_VPORT_ATTR_UPCALL_PID]);
1611 1665
1612 vport = new_vport(&parms); 1666 vport = new_vport(&parms);
1613 err = PTR_ERR(vport); 1667 err = PTR_ERR(vport);
1614 if (IS_ERR(vport)) 1668 if (IS_ERR(vport))
1615 goto exit_unlock; 1669 goto exit_unlock;
1616 1670
1617 reply = ovs_vport_cmd_build_info(vport, info->snd_pid, info->snd_seq, 1671 reply = ovs_vport_cmd_build_info(vport, info->snd_portid, info->snd_seq,
1618 OVS_VPORT_CMD_NEW); 1672 OVS_VPORT_CMD_NEW);
1619 if (IS_ERR(reply)) { 1673 if (IS_ERR(reply)) {
1620 err = PTR_ERR(reply); 1674 err = PTR_ERR(reply);
1621 ovs_dp_detach_port(vport); 1675 ovs_dp_detach_port(vport);
1622 goto exit_unlock; 1676 goto exit_unlock;
1623 } 1677 }
1624 genl_notify(reply, genl_info_net(info), info->snd_pid, 1678 genl_notify(reply, genl_info_net(info), info->snd_portid,
1625 ovs_dp_vport_multicast_group.id, info->nlhdr, GFP_KERNEL); 1679 ovs_dp_vport_multicast_group.id, info->nlhdr, GFP_KERNEL);
1626 1680
1627exit_unlock: 1681exit_unlock:
@@ -1638,7 +1692,7 @@ static int ovs_vport_cmd_set(struct sk_buff *skb, struct genl_info *info)
1638 int err; 1692 int err;
1639 1693
1640 rtnl_lock(); 1694 rtnl_lock();
1641 vport = lookup_vport(info->userhdr, a); 1695 vport = lookup_vport(sock_net(skb->sk), info->userhdr, a);
1642 err = PTR_ERR(vport); 1696 err = PTR_ERR(vport);
1643 if (IS_ERR(vport)) 1697 if (IS_ERR(vport))
1644 goto exit_unlock; 1698 goto exit_unlock;
@@ -1653,17 +1707,17 @@ static int ovs_vport_cmd_set(struct sk_buff *skb, struct genl_info *info)
1653 if (err) 1707 if (err)
1654 goto exit_unlock; 1708 goto exit_unlock;
1655 if (a[OVS_VPORT_ATTR_UPCALL_PID]) 1709 if (a[OVS_VPORT_ATTR_UPCALL_PID])
1656 vport->upcall_pid = nla_get_u32(a[OVS_VPORT_ATTR_UPCALL_PID]); 1710 vport->upcall_portid = nla_get_u32(a[OVS_VPORT_ATTR_UPCALL_PID]);
1657 1711
1658 reply = ovs_vport_cmd_build_info(vport, info->snd_pid, info->snd_seq, 1712 reply = ovs_vport_cmd_build_info(vport, info->snd_portid, info->snd_seq,
1659 OVS_VPORT_CMD_NEW); 1713 OVS_VPORT_CMD_NEW);
1660 if (IS_ERR(reply)) { 1714 if (IS_ERR(reply)) {
1661 netlink_set_err(init_net.genl_sock, 0, 1715 netlink_set_err(sock_net(skb->sk)->genl_sock, 0,
1662 ovs_dp_vport_multicast_group.id, PTR_ERR(reply)); 1716 ovs_dp_vport_multicast_group.id, PTR_ERR(reply));
1663 goto exit_unlock; 1717 goto exit_unlock;
1664 } 1718 }
1665 1719
1666 genl_notify(reply, genl_info_net(info), info->snd_pid, 1720 genl_notify(reply, genl_info_net(info), info->snd_portid,
1667 ovs_dp_vport_multicast_group.id, info->nlhdr, GFP_KERNEL); 1721 ovs_dp_vport_multicast_group.id, info->nlhdr, GFP_KERNEL);
1668 1722
1669exit_unlock: 1723exit_unlock:
@@ -1679,7 +1733,7 @@ static int ovs_vport_cmd_del(struct sk_buff *skb, struct genl_info *info)
1679 int err; 1733 int err;
1680 1734
1681 rtnl_lock(); 1735 rtnl_lock();
1682 vport = lookup_vport(info->userhdr, a); 1736 vport = lookup_vport(sock_net(skb->sk), info->userhdr, a);
1683 err = PTR_ERR(vport); 1737 err = PTR_ERR(vport);
1684 if (IS_ERR(vport)) 1738 if (IS_ERR(vport))
1685 goto exit_unlock; 1739 goto exit_unlock;
@@ -1689,7 +1743,7 @@ static int ovs_vport_cmd_del(struct sk_buff *skb, struct genl_info *info)
1689 goto exit_unlock; 1743 goto exit_unlock;
1690 } 1744 }
1691 1745
1692 reply = ovs_vport_cmd_build_info(vport, info->snd_pid, info->snd_seq, 1746 reply = ovs_vport_cmd_build_info(vport, info->snd_portid, info->snd_seq,
1693 OVS_VPORT_CMD_DEL); 1747 OVS_VPORT_CMD_DEL);
1694 err = PTR_ERR(reply); 1748 err = PTR_ERR(reply);
1695 if (IS_ERR(reply)) 1749 if (IS_ERR(reply))
@@ -1697,7 +1751,7 @@ static int ovs_vport_cmd_del(struct sk_buff *skb, struct genl_info *info)
1697 1751
1698 ovs_dp_detach_port(vport); 1752 ovs_dp_detach_port(vport);
1699 1753
1700 genl_notify(reply, genl_info_net(info), info->snd_pid, 1754 genl_notify(reply, genl_info_net(info), info->snd_portid,
1701 ovs_dp_vport_multicast_group.id, info->nlhdr, GFP_KERNEL); 1755 ovs_dp_vport_multicast_group.id, info->nlhdr, GFP_KERNEL);
1702 1756
1703exit_unlock: 1757exit_unlock:
@@ -1714,12 +1768,12 @@ static int ovs_vport_cmd_get(struct sk_buff *skb, struct genl_info *info)
1714 int err; 1768 int err;
1715 1769
1716 rcu_read_lock(); 1770 rcu_read_lock();
1717 vport = lookup_vport(ovs_header, a); 1771 vport = lookup_vport(sock_net(skb->sk), ovs_header, a);
1718 err = PTR_ERR(vport); 1772 err = PTR_ERR(vport);
1719 if (IS_ERR(vport)) 1773 if (IS_ERR(vport))
1720 goto exit_unlock; 1774 goto exit_unlock;
1721 1775
1722 reply = ovs_vport_cmd_build_info(vport, info->snd_pid, info->snd_seq, 1776 reply = ovs_vport_cmd_build_info(vport, info->snd_portid, info->snd_seq,
1723 OVS_VPORT_CMD_NEW); 1777 OVS_VPORT_CMD_NEW);
1724 err = PTR_ERR(reply); 1778 err = PTR_ERR(reply);
1725 if (IS_ERR(reply)) 1779 if (IS_ERR(reply))
@@ -1738,54 +1792,39 @@ static int ovs_vport_cmd_dump(struct sk_buff *skb, struct netlink_callback *cb)
1738{ 1792{
1739 struct ovs_header *ovs_header = genlmsg_data(nlmsg_data(cb->nlh)); 1793 struct ovs_header *ovs_header = genlmsg_data(nlmsg_data(cb->nlh));
1740 struct datapath *dp; 1794 struct datapath *dp;
1741 u32 port_no; 1795 int bucket = cb->args[0], skip = cb->args[1];
1742 int retval; 1796 int i, j = 0;
1743 1797
1744 dp = get_dp(ovs_header->dp_ifindex); 1798 dp = get_dp(sock_net(skb->sk), ovs_header->dp_ifindex);
1745 if (!dp) 1799 if (!dp)
1746 return -ENODEV; 1800 return -ENODEV;
1747 1801
1748 rcu_read_lock(); 1802 rcu_read_lock();
1749 for (port_no = cb->args[0]; port_no < DP_MAX_PORTS; port_no++) { 1803 for (i = bucket; i < DP_VPORT_HASH_BUCKETS; i++) {
1750 struct vport *vport; 1804 struct vport *vport;
1751 1805 struct hlist_node *n;
1752 vport = rcu_dereference(dp->ports[port_no]); 1806
1753 if (!vport) 1807 j = 0;
1754 continue; 1808 hlist_for_each_entry_rcu(vport, n, &dp->ports[i], dp_hash_node) {
1755 1809 if (j >= skip &&
1756 if (ovs_vport_cmd_fill_info(vport, skb, NETLINK_CB(cb->skb).pid, 1810 ovs_vport_cmd_fill_info(vport, skb,
1757 cb->nlh->nlmsg_seq, NLM_F_MULTI, 1811 NETLINK_CB(cb->skb).portid,
1758 OVS_VPORT_CMD_NEW) < 0) 1812 cb->nlh->nlmsg_seq,
1759 break; 1813 NLM_F_MULTI,
1760 } 1814 OVS_VPORT_CMD_NEW) < 0)
1761 rcu_read_unlock(); 1815 goto out;
1762 1816
1763 cb->args[0] = port_no; 1817 j++;
1764 retval = skb->len;
1765
1766 return retval;
1767}
1768
1769static void rehash_flow_table(struct work_struct *work)
1770{
1771 struct datapath *dp;
1772
1773 genl_lock();
1774
1775 list_for_each_entry(dp, &dps, list_node) {
1776 struct flow_table *old_table = genl_dereference(dp->table);
1777 struct flow_table *new_table;
1778
1779 new_table = ovs_flow_tbl_rehash(old_table);
1780 if (!IS_ERR(new_table)) {
1781 rcu_assign_pointer(dp->table, new_table);
1782 ovs_flow_tbl_deferred_destroy(old_table);
1783 } 1818 }
1819 skip = 0;
1784 } 1820 }
1821out:
1822 rcu_read_unlock();
1785 1823
1786 genl_unlock(); 1824 cb->args[0] = i;
1825 cb->args[1] = j;
1787 1826
1788 schedule_delayed_work(&rehash_flow_wq, REHASH_FLOW_INTERVAL); 1827 return skb->len;
1789} 1828}
1790 1829
1791static struct genl_ops dp_vport_genl_ops[] = { 1830static struct genl_ops dp_vport_genl_ops[] = {
@@ -1872,6 +1911,59 @@ error:
1872 return err; 1911 return err;
1873} 1912}
1874 1913
1914static void rehash_flow_table(struct work_struct *work)
1915{
1916 struct datapath *dp;
1917 struct net *net;
1918
1919 genl_lock();
1920 rtnl_lock();
1921 for_each_net(net) {
1922 struct ovs_net *ovs_net = net_generic(net, ovs_net_id);
1923
1924 list_for_each_entry(dp, &ovs_net->dps, list_node) {
1925 struct flow_table *old_table = genl_dereference(dp->table);
1926 struct flow_table *new_table;
1927
1928 new_table = ovs_flow_tbl_rehash(old_table);
1929 if (!IS_ERR(new_table)) {
1930 rcu_assign_pointer(dp->table, new_table);
1931 ovs_flow_tbl_deferred_destroy(old_table);
1932 }
1933 }
1934 }
1935 rtnl_unlock();
1936 genl_unlock();
1937
1938 schedule_delayed_work(&rehash_flow_wq, REHASH_FLOW_INTERVAL);
1939}
1940
1941static int __net_init ovs_init_net(struct net *net)
1942{
1943 struct ovs_net *ovs_net = net_generic(net, ovs_net_id);
1944
1945 INIT_LIST_HEAD(&ovs_net->dps);
1946 return 0;
1947}
1948
1949static void __net_exit ovs_exit_net(struct net *net)
1950{
1951 struct ovs_net *ovs_net = net_generic(net, ovs_net_id);
1952 struct datapath *dp, *dp_next;
1953
1954 genl_lock();
1955 list_for_each_entry_safe(dp, dp_next, &ovs_net->dps, list_node)
1956 __dp_destroy(dp);
1957 genl_unlock();
1958}
1959
1960static struct pernet_operations ovs_net_ops = {
1961 .init = ovs_init_net,
1962 .exit = ovs_exit_net,
1963 .id = &ovs_net_id,
1964 .size = sizeof(struct ovs_net),
1965};
1966
1875static int __init dp_init(void) 1967static int __init dp_init(void)
1876{ 1968{
1877 struct sk_buff *dummy_skb; 1969 struct sk_buff *dummy_skb;
@@ -1889,10 +1981,14 @@ static int __init dp_init(void)
1889 if (err) 1981 if (err)
1890 goto error_flow_exit; 1982 goto error_flow_exit;
1891 1983
1892 err = register_netdevice_notifier(&ovs_dp_device_notifier); 1984 err = register_pernet_device(&ovs_net_ops);
1893 if (err) 1985 if (err)
1894 goto error_vport_exit; 1986 goto error_vport_exit;
1895 1987
1988 err = register_netdevice_notifier(&ovs_dp_device_notifier);
1989 if (err)
1990 goto error_netns_exit;
1991
1896 err = dp_register_genl(); 1992 err = dp_register_genl();
1897 if (err < 0) 1993 if (err < 0)
1898 goto error_unreg_notifier; 1994 goto error_unreg_notifier;
@@ -1903,6 +1999,8 @@ static int __init dp_init(void)
1903 1999
1904error_unreg_notifier: 2000error_unreg_notifier:
1905 unregister_netdevice_notifier(&ovs_dp_device_notifier); 2001 unregister_netdevice_notifier(&ovs_dp_device_notifier);
2002error_netns_exit:
2003 unregister_pernet_device(&ovs_net_ops);
1906error_vport_exit: 2004error_vport_exit:
1907 ovs_vport_exit(); 2005 ovs_vport_exit();
1908error_flow_exit: 2006error_flow_exit:
@@ -1914,9 +2012,10 @@ error:
1914static void dp_cleanup(void) 2012static void dp_cleanup(void)
1915{ 2013{
1916 cancel_delayed_work_sync(&rehash_flow_wq); 2014 cancel_delayed_work_sync(&rehash_flow_wq);
1917 rcu_barrier();
1918 dp_unregister_genl(ARRAY_SIZE(dp_genl_families)); 2015 dp_unregister_genl(ARRAY_SIZE(dp_genl_families));
1919 unregister_netdevice_notifier(&ovs_dp_device_notifier); 2016 unregister_netdevice_notifier(&ovs_dp_device_notifier);
2017 unregister_pernet_device(&ovs_net_ops);
2018 rcu_barrier();
1920 ovs_vport_exit(); 2019 ovs_vport_exit();
1921 ovs_flow_exit(); 2020 ovs_flow_exit();
1922} 2021}
diff --git a/net/openvswitch/datapath.h b/net/openvswitch/datapath.h
index c1105c147531..031dfbf37c93 100644
--- a/net/openvswitch/datapath.h
+++ b/net/openvswitch/datapath.h
@@ -27,10 +27,11 @@
27#include <linux/u64_stats_sync.h> 27#include <linux/u64_stats_sync.h>
28 28
29#include "flow.h" 29#include "flow.h"
30#include "vport.h"
30 31
31struct vport; 32#define DP_MAX_PORTS USHRT_MAX
33#define DP_VPORT_HASH_BUCKETS 1024
32 34
33#define DP_MAX_PORTS 1024
34#define SAMPLE_ACTION_DEPTH 3 35#define SAMPLE_ACTION_DEPTH 3
35 36
36/** 37/**
@@ -58,11 +59,10 @@ struct dp_stats_percpu {
58 * @list_node: Element in global 'dps' list. 59 * @list_node: Element in global 'dps' list.
59 * @n_flows: Number of flows currently in flow table. 60 * @n_flows: Number of flows currently in flow table.
60 * @table: Current flow table. Protected by genl_lock and RCU. 61 * @table: Current flow table. Protected by genl_lock and RCU.
61 * @ports: Map from port number to &struct vport. %OVSP_LOCAL port 62 * @ports: Hash table for ports. %OVSP_LOCAL port always exists. Protected by
62 * always exists, other ports may be %NULL. Protected by RTNL and RCU. 63 * RTNL and RCU.
63 * @port_list: List of all ports in @ports in arbitrary order. RTNL required
64 * to iterate or modify.
65 * @stats_percpu: Per-CPU datapath statistics. 64 * @stats_percpu: Per-CPU datapath statistics.
65 * @net: Reference to net namespace.
66 * 66 *
67 * Context: See the comment on locking at the top of datapath.c for additional 67 * Context: See the comment on locking at the top of datapath.c for additional
68 * locking information. 68 * locking information.
@@ -75,13 +75,37 @@ struct datapath {
75 struct flow_table __rcu *table; 75 struct flow_table __rcu *table;
76 76
77 /* Switch ports. */ 77 /* Switch ports. */
78 struct vport __rcu *ports[DP_MAX_PORTS]; 78 struct hlist_head *ports;
79 struct list_head port_list;
80 79
81 /* Stats. */ 80 /* Stats. */
82 struct dp_stats_percpu __percpu *stats_percpu; 81 struct dp_stats_percpu __percpu *stats_percpu;
82
83#ifdef CONFIG_NET_NS
84 /* Network namespace ref. */
85 struct net *net;
86#endif
83}; 87};
84 88
89struct vport *ovs_lookup_vport(const struct datapath *dp, u16 port_no);
90
91static inline struct vport *ovs_vport_rcu(const struct datapath *dp, int port_no)
92{
93 WARN_ON_ONCE(!rcu_read_lock_held());
94 return ovs_lookup_vport(dp, port_no);
95}
96
97static inline struct vport *ovs_vport_rtnl_rcu(const struct datapath *dp, int port_no)
98{
99 WARN_ON_ONCE(!rcu_read_lock_held() && !rtnl_is_locked());
100 return ovs_lookup_vport(dp, port_no);
101}
102
103static inline struct vport *ovs_vport_rtnl(const struct datapath *dp, int port_no)
104{
105 ASSERT_RTNL();
106 return ovs_lookup_vport(dp, port_no);
107}
108
85/** 109/**
86 * struct ovs_skb_cb - OVS data in skb CB 110 * struct ovs_skb_cb - OVS data in skb CB
87 * @flow: The flow associated with this packet. May be %NULL if no flow. 111 * @flow: The flow associated with this packet. May be %NULL if no flow.
@@ -105,9 +129,19 @@ struct dp_upcall_info {
105 u8 cmd; 129 u8 cmd;
106 const struct sw_flow_key *key; 130 const struct sw_flow_key *key;
107 const struct nlattr *userdata; 131 const struct nlattr *userdata;
108 u32 pid; 132 u32 portid;
109}; 133};
110 134
135static inline struct net *ovs_dp_get_net(struct datapath *dp)
136{
137 return read_pnet(&dp->net);
138}
139
140static inline void ovs_dp_set_net(struct datapath *dp, struct net *net)
141{
142 write_pnet(&dp->net, net);
143}
144
111extern struct notifier_block ovs_dp_device_notifier; 145extern struct notifier_block ovs_dp_device_notifier;
112extern struct genl_multicast_group ovs_dp_vport_multicast_group; 146extern struct genl_multicast_group ovs_dp_vport_multicast_group;
113 147
diff --git a/net/openvswitch/dp_notify.c b/net/openvswitch/dp_notify.c
index 36dcee8fc84a..5558350e0d33 100644
--- a/net/openvswitch/dp_notify.c
+++ b/net/openvswitch/dp_notify.c
@@ -41,19 +41,21 @@ static int dp_device_event(struct notifier_block *unused, unsigned long event,
41 case NETDEV_UNREGISTER: 41 case NETDEV_UNREGISTER:
42 if (!ovs_is_internal_dev(dev)) { 42 if (!ovs_is_internal_dev(dev)) {
43 struct sk_buff *notify; 43 struct sk_buff *notify;
44 struct datapath *dp = vport->dp;
44 45
45 notify = ovs_vport_cmd_build_info(vport, 0, 0, 46 notify = ovs_vport_cmd_build_info(vport, 0, 0,
46 OVS_VPORT_CMD_DEL); 47 OVS_VPORT_CMD_DEL);
47 ovs_dp_detach_port(vport); 48 ovs_dp_detach_port(vport);
48 if (IS_ERR(notify)) { 49 if (IS_ERR(notify)) {
49 netlink_set_err(init_net.genl_sock, 0, 50 netlink_set_err(ovs_dp_get_net(dp)->genl_sock, 0,
50 ovs_dp_vport_multicast_group.id, 51 ovs_dp_vport_multicast_group.id,
51 PTR_ERR(notify)); 52 PTR_ERR(notify));
52 break; 53 break;
53 } 54 }
54 55
55 genlmsg_multicast(notify, 0, ovs_dp_vport_multicast_group.id, 56 genlmsg_multicast_netns(ovs_dp_get_net(dp), notify, 0,
56 GFP_KERNEL); 57 ovs_dp_vport_multicast_group.id,
58 GFP_KERNEL);
57 } 59 }
58 break; 60 break;
59 } 61 }
diff --git a/net/openvswitch/flow.c b/net/openvswitch/flow.c
index b7f38b161909..98c70630ad06 100644
--- a/net/openvswitch/flow.c
+++ b/net/openvswitch/flow.c
@@ -203,10 +203,7 @@ struct sw_flow_actions *ovs_flow_actions_alloc(const struct nlattr *actions)
203 int actions_len = nla_len(actions); 203 int actions_len = nla_len(actions);
204 struct sw_flow_actions *sfa; 204 struct sw_flow_actions *sfa;
205 205
206 /* At least DP_MAX_PORTS actions are required to be able to flood a 206 if (actions_len > MAX_ACTIONS_BUFSIZE)
207 * packet to every port. Factor of 2 allows for setting VLAN tags,
208 * etc. */
209 if (actions_len > 2 * DP_MAX_PORTS * nla_total_size(4))
210 return ERR_PTR(-EINVAL); 207 return ERR_PTR(-EINVAL);
211 208
212 sfa = kmalloc(sizeof(*sfa) + actions_len, GFP_KERNEL); 209 sfa = kmalloc(sizeof(*sfa) + actions_len, GFP_KERNEL);
@@ -427,19 +424,11 @@ void ovs_flow_deferred_free(struct sw_flow *flow)
427 call_rcu(&flow->rcu, rcu_free_flow_callback); 424 call_rcu(&flow->rcu, rcu_free_flow_callback);
428} 425}
429 426
430/* RCU callback used by ovs_flow_deferred_free_acts. */
431static void rcu_free_acts_callback(struct rcu_head *rcu)
432{
433 struct sw_flow_actions *sf_acts = container_of(rcu,
434 struct sw_flow_actions, rcu);
435 kfree(sf_acts);
436}
437
438/* Schedules 'sf_acts' to be freed after the next RCU grace period. 427/* Schedules 'sf_acts' to be freed after the next RCU grace period.
439 * The caller must hold rcu_read_lock for this to be sensible. */ 428 * The caller must hold rcu_read_lock for this to be sensible. */
440void ovs_flow_deferred_free_acts(struct sw_flow_actions *sf_acts) 429void ovs_flow_deferred_free_acts(struct sw_flow_actions *sf_acts)
441{ 430{
442 call_rcu(&sf_acts->rcu, rcu_free_acts_callback); 431 kfree_rcu(sf_acts, rcu);
443} 432}
444 433
445static int parse_vlan(struct sk_buff *skb, struct sw_flow_key *key) 434static int parse_vlan(struct sk_buff *skb, struct sw_flow_key *key)
@@ -1000,7 +989,7 @@ int ovs_flow_from_nlattrs(struct sw_flow_key *swkey, int *key_lenp,
1000 swkey->phy.in_port = in_port; 989 swkey->phy.in_port = in_port;
1001 attrs &= ~(1 << OVS_KEY_ATTR_IN_PORT); 990 attrs &= ~(1 << OVS_KEY_ATTR_IN_PORT);
1002 } else { 991 } else {
1003 swkey->phy.in_port = USHRT_MAX; 992 swkey->phy.in_port = DP_MAX_PORTS;
1004 } 993 }
1005 994
1006 /* Data attributes. */ 995 /* Data attributes. */
@@ -1143,7 +1132,7 @@ int ovs_flow_metadata_from_nlattrs(u32 *priority, u16 *in_port,
1143 const struct nlattr *nla; 1132 const struct nlattr *nla;
1144 int rem; 1133 int rem;
1145 1134
1146 *in_port = USHRT_MAX; 1135 *in_port = DP_MAX_PORTS;
1147 *priority = 0; 1136 *priority = 0;
1148 1137
1149 nla_for_each_nested(nla, attr, rem) { 1138 nla_for_each_nested(nla, attr, rem) {
@@ -1180,7 +1169,7 @@ int ovs_flow_to_nlattrs(const struct sw_flow_key *swkey, struct sk_buff *skb)
1180 nla_put_u32(skb, OVS_KEY_ATTR_PRIORITY, swkey->phy.priority)) 1169 nla_put_u32(skb, OVS_KEY_ATTR_PRIORITY, swkey->phy.priority))
1181 goto nla_put_failure; 1170 goto nla_put_failure;
1182 1171
1183 if (swkey->phy.in_port != USHRT_MAX && 1172 if (swkey->phy.in_port != DP_MAX_PORTS &&
1184 nla_put_u32(skb, OVS_KEY_ATTR_IN_PORT, swkey->phy.in_port)) 1173 nla_put_u32(skb, OVS_KEY_ATTR_IN_PORT, swkey->phy.in_port))
1185 goto nla_put_failure; 1174 goto nla_put_failure;
1186 1175
diff --git a/net/openvswitch/flow.h b/net/openvswitch/flow.h
index c30df1a10c67..14a324eb017b 100644
--- a/net/openvswitch/flow.h
+++ b/net/openvswitch/flow.h
@@ -43,7 +43,7 @@ struct sw_flow_actions {
43struct sw_flow_key { 43struct sw_flow_key {
44 struct { 44 struct {
45 u32 priority; /* Packet QoS priority. */ 45 u32 priority; /* Packet QoS priority. */
46 u16 in_port; /* Input switch port (or USHRT_MAX). */ 46 u16 in_port; /* Input switch port (or DP_MAX_PORTS). */
47 } phy; 47 } phy;
48 struct { 48 struct {
49 u8 src[ETH_ALEN]; /* Ethernet source address. */ 49 u8 src[ETH_ALEN]; /* Ethernet source address. */
@@ -163,6 +163,7 @@ int ovs_flow_from_nlattrs(struct sw_flow_key *swkey, int *key_lenp,
163int ovs_flow_metadata_from_nlattrs(u32 *priority, u16 *in_port, 163int ovs_flow_metadata_from_nlattrs(u32 *priority, u16 *in_port,
164 const struct nlattr *); 164 const struct nlattr *);
165 165
166#define MAX_ACTIONS_BUFSIZE (16 * 1024)
166#define TBL_MIN_BUCKETS 1024 167#define TBL_MIN_BUCKETS 1024
167 168
168struct flow_table { 169struct flow_table {
diff --git a/net/openvswitch/vport-internal_dev.c b/net/openvswitch/vport-internal_dev.c
index 4061b9ee07f7..5d460c37df07 100644
--- a/net/openvswitch/vport-internal_dev.c
+++ b/net/openvswitch/vport-internal_dev.c
@@ -144,7 +144,7 @@ static void do_setup(struct net_device *netdev)
144 netdev->tx_queue_len = 0; 144 netdev->tx_queue_len = 0;
145 145
146 netdev->features = NETIF_F_LLTX | NETIF_F_SG | NETIF_F_FRAGLIST | 146 netdev->features = NETIF_F_LLTX | NETIF_F_SG | NETIF_F_FRAGLIST |
147 NETIF_F_HIGHDMA | NETIF_F_HW_CSUM | NETIF_F_TSO; 147 NETIF_F_HIGHDMA | NETIF_F_HW_CSUM | NETIF_F_TSO;
148 148
149 netdev->vlan_features = netdev->features; 149 netdev->vlan_features = netdev->features;
150 netdev->features |= NETIF_F_HW_VLAN_TX; 150 netdev->features |= NETIF_F_HW_VLAN_TX;
@@ -175,9 +175,14 @@ static struct vport *internal_dev_create(const struct vport_parms *parms)
175 goto error_free_vport; 175 goto error_free_vport;
176 } 176 }
177 177
178 dev_net_set(netdev_vport->dev, ovs_dp_get_net(vport->dp));
178 internal_dev = internal_dev_priv(netdev_vport->dev); 179 internal_dev = internal_dev_priv(netdev_vport->dev);
179 internal_dev->vport = vport; 180 internal_dev->vport = vport;
180 181
182 /* Restrict bridge port to current netns. */
183 if (vport->port_no == OVSP_LOCAL)
184 netdev_vport->dev->features |= NETIF_F_NETNS_LOCAL;
185
181 err = register_netdevice(netdev_vport->dev); 186 err = register_netdevice(netdev_vport->dev);
182 if (err) 187 if (err)
183 goto error_free_netdev; 188 goto error_free_netdev;
diff --git a/net/openvswitch/vport-netdev.c b/net/openvswitch/vport-netdev.c
index 6ea3551cc78c..3c1e58ba714b 100644
--- a/net/openvswitch/vport-netdev.c
+++ b/net/openvswitch/vport-netdev.c
@@ -83,7 +83,7 @@ static struct vport *netdev_create(const struct vport_parms *parms)
83 83
84 netdev_vport = netdev_vport_priv(vport); 84 netdev_vport = netdev_vport_priv(vport);
85 85
86 netdev_vport->dev = dev_get_by_name(&init_net, parms->name); 86 netdev_vport->dev = dev_get_by_name(ovs_dp_get_net(vport->dp), parms->name);
87 if (!netdev_vport->dev) { 87 if (!netdev_vport->dev) {
88 err = -ENODEV; 88 err = -ENODEV;
89 goto error_free_vport; 89 goto error_free_vport;
diff --git a/net/openvswitch/vport.c b/net/openvswitch/vport.c
index 6140336e79d7..03779e8a2622 100644
--- a/net/openvswitch/vport.c
+++ b/net/openvswitch/vport.c
@@ -16,10 +16,10 @@
16 * 02110-1301, USA 16 * 02110-1301, USA
17 */ 17 */
18 18
19#include <linux/dcache.h>
20#include <linux/etherdevice.h> 19#include <linux/etherdevice.h>
21#include <linux/if.h> 20#include <linux/if.h>
22#include <linux/if_vlan.h> 21#include <linux/if_vlan.h>
22#include <linux/jhash.h>
23#include <linux/kernel.h> 23#include <linux/kernel.h>
24#include <linux/list.h> 24#include <linux/list.h>
25#include <linux/mutex.h> 25#include <linux/mutex.h>
@@ -27,7 +27,9 @@
27#include <linux/rcupdate.h> 27#include <linux/rcupdate.h>
28#include <linux/rtnetlink.h> 28#include <linux/rtnetlink.h>
29#include <linux/compat.h> 29#include <linux/compat.h>
30#include <net/net_namespace.h>
30 31
32#include "datapath.h"
31#include "vport.h" 33#include "vport.h"
32#include "vport-internal_dev.h" 34#include "vport-internal_dev.h"
33 35
@@ -67,9 +69,9 @@ void ovs_vport_exit(void)
67 kfree(dev_table); 69 kfree(dev_table);
68} 70}
69 71
70static struct hlist_head *hash_bucket(const char *name) 72static struct hlist_head *hash_bucket(struct net *net, const char *name)
71{ 73{
72 unsigned int hash = full_name_hash(name, strlen(name)); 74 unsigned int hash = jhash(name, strlen(name), (unsigned long) net);
73 return &dev_table[hash & (VPORT_HASH_BUCKETS - 1)]; 75 return &dev_table[hash & (VPORT_HASH_BUCKETS - 1)];
74} 76}
75 77
@@ -80,14 +82,15 @@ static struct hlist_head *hash_bucket(const char *name)
80 * 82 *
81 * Must be called with RTNL or RCU read lock. 83 * Must be called with RTNL or RCU read lock.
82 */ 84 */
83struct vport *ovs_vport_locate(const char *name) 85struct vport *ovs_vport_locate(struct net *net, const char *name)
84{ 86{
85 struct hlist_head *bucket = hash_bucket(name); 87 struct hlist_head *bucket = hash_bucket(net, name);
86 struct vport *vport; 88 struct vport *vport;
87 struct hlist_node *node; 89 struct hlist_node *node;
88 90
89 hlist_for_each_entry_rcu(vport, node, bucket, hash_node) 91 hlist_for_each_entry_rcu(vport, node, bucket, hash_node)
90 if (!strcmp(name, vport->ops->get_name(vport))) 92 if (!strcmp(name, vport->ops->get_name(vport)) &&
93 net_eq(ovs_dp_get_net(vport->dp), net))
91 return vport; 94 return vport;
92 95
93 return NULL; 96 return NULL;
@@ -122,8 +125,9 @@ struct vport *ovs_vport_alloc(int priv_size, const struct vport_ops *ops,
122 125
123 vport->dp = parms->dp; 126 vport->dp = parms->dp;
124 vport->port_no = parms->port_no; 127 vport->port_no = parms->port_no;
125 vport->upcall_pid = parms->upcall_pid; 128 vport->upcall_portid = parms->upcall_portid;
126 vport->ops = ops; 129 vport->ops = ops;
130 INIT_HLIST_NODE(&vport->dp_hash_node);
127 131
128 vport->percpu_stats = alloc_percpu(struct vport_percpu_stats); 132 vport->percpu_stats = alloc_percpu(struct vport_percpu_stats);
129 if (!vport->percpu_stats) { 133 if (!vport->percpu_stats) {
@@ -170,14 +174,17 @@ struct vport *ovs_vport_add(const struct vport_parms *parms)
170 174
171 for (i = 0; i < ARRAY_SIZE(vport_ops_list); i++) { 175 for (i = 0; i < ARRAY_SIZE(vport_ops_list); i++) {
172 if (vport_ops_list[i]->type == parms->type) { 176 if (vport_ops_list[i]->type == parms->type) {
177 struct hlist_head *bucket;
178
173 vport = vport_ops_list[i]->create(parms); 179 vport = vport_ops_list[i]->create(parms);
174 if (IS_ERR(vport)) { 180 if (IS_ERR(vport)) {
175 err = PTR_ERR(vport); 181 err = PTR_ERR(vport);
176 goto out; 182 goto out;
177 } 183 }
178 184
179 hlist_add_head_rcu(&vport->hash_node, 185 bucket = hash_bucket(ovs_dp_get_net(vport->dp),
180 hash_bucket(vport->ops->get_name(vport))); 186 vport->ops->get_name(vport));
187 hlist_add_head_rcu(&vport->hash_node, bucket);
181 return vport; 188 return vport;
182 } 189 }
183 } 190 }
@@ -391,7 +398,7 @@ void ovs_vport_record_error(struct vport *vport, enum vport_err_type err_type)
391 case VPORT_E_TX_ERROR: 398 case VPORT_E_TX_ERROR:
392 vport->err_stats.tx_errors++; 399 vport->err_stats.tx_errors++;
393 break; 400 break;
394 }; 401 }
395 402
396 spin_unlock(&vport->stats_lock); 403 spin_unlock(&vport->stats_lock);
397} 404}
diff --git a/net/openvswitch/vport.h b/net/openvswitch/vport.h
index aac680ca2b06..3f7961ea3c56 100644
--- a/net/openvswitch/vport.h
+++ b/net/openvswitch/vport.h
@@ -20,6 +20,7 @@
20#define VPORT_H 1 20#define VPORT_H 1
21 21
22#include <linux/list.h> 22#include <linux/list.h>
23#include <linux/netlink.h>
23#include <linux/openvswitch.h> 24#include <linux/openvswitch.h>
24#include <linux/skbuff.h> 25#include <linux/skbuff.h>
25#include <linux/spinlock.h> 26#include <linux/spinlock.h>
@@ -38,7 +39,7 @@ void ovs_vport_exit(void);
38struct vport *ovs_vport_add(const struct vport_parms *); 39struct vport *ovs_vport_add(const struct vport_parms *);
39void ovs_vport_del(struct vport *); 40void ovs_vport_del(struct vport *);
40 41
41struct vport *ovs_vport_locate(const char *name); 42struct vport *ovs_vport_locate(struct net *net, const char *name);
42 43
43void ovs_vport_get_stats(struct vport *, struct ovs_vport_stats *); 44void ovs_vport_get_stats(struct vport *, struct ovs_vport_stats *);
44 45
@@ -69,10 +70,10 @@ struct vport_err_stats {
69 * @rcu: RCU callback head for deferred destruction. 70 * @rcu: RCU callback head for deferred destruction.
70 * @port_no: Index into @dp's @ports array. 71 * @port_no: Index into @dp's @ports array.
71 * @dp: Datapath to which this port belongs. 72 * @dp: Datapath to which this port belongs.
72 * @node: Element in @dp's @port_list. 73 * @upcall_portid: The Netlink port to use for packets received on this port that
73 * @upcall_pid: The Netlink port to use for packets received on this port that
74 * miss the flow table. 74 * miss the flow table.
75 * @hash_node: Element in @dev_table hash table in vport.c. 75 * @hash_node: Element in @dev_table hash table in vport.c.
76 * @dp_hash_node: Element in @datapath->ports hash table in datapath.c.
76 * @ops: Class structure. 77 * @ops: Class structure.
77 * @percpu_stats: Points to per-CPU statistics used and maintained by vport 78 * @percpu_stats: Points to per-CPU statistics used and maintained by vport
78 * @stats_lock: Protects @err_stats; 79 * @stats_lock: Protects @err_stats;
@@ -82,10 +83,10 @@ struct vport {
82 struct rcu_head rcu; 83 struct rcu_head rcu;
83 u16 port_no; 84 u16 port_no;
84 struct datapath *dp; 85 struct datapath *dp;
85 struct list_head node; 86 u32 upcall_portid;
86 u32 upcall_pid;
87 87
88 struct hlist_node hash_node; 88 struct hlist_node hash_node;
89 struct hlist_node dp_hash_node;
89 const struct vport_ops *ops; 90 const struct vport_ops *ops;
90 91
91 struct vport_percpu_stats __percpu *percpu_stats; 92 struct vport_percpu_stats __percpu *percpu_stats;
@@ -112,7 +113,7 @@ struct vport_parms {
112 /* For ovs_vport_alloc(). */ 113 /* For ovs_vport_alloc(). */
113 struct datapath *dp; 114 struct datapath *dp;
114 u16 port_no; 115 u16 port_no;
115 u32 upcall_pid; 116 u32 upcall_portid;
116}; 117};
117 118
118/** 119/**
diff --git a/net/packet/Kconfig b/net/packet/Kconfig
index 0060e3b396b7..cc55b35f80e5 100644
--- a/net/packet/Kconfig
+++ b/net/packet/Kconfig
@@ -14,3 +14,11 @@ config PACKET
14 be called af_packet. 14 be called af_packet.
15 15
16 If unsure, say Y. 16 If unsure, say Y.
17
18config PACKET_DIAG
19 tristate "Packet: sockets monitoring interface"
20 depends on PACKET
21 default n
22 ---help---
23 Support for PF_PACKET sockets monitoring interface used by the ss tool.
24 If unsure, say Y.
diff --git a/net/packet/Makefile b/net/packet/Makefile
index 81183eabfdec..9df61347a3c3 100644
--- a/net/packet/Makefile
+++ b/net/packet/Makefile
@@ -3,3 +3,5 @@
3# 3#
4 4
5obj-$(CONFIG_PACKET) += af_packet.o 5obj-$(CONFIG_PACKET) += af_packet.o
6obj-$(CONFIG_PACKET_DIAG) += af_packet_diag.o
7af_packet_diag-y += diag.o
diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c
index 048fba476aa5..94060edbbd70 100644
--- a/net/packet/af_packet.c
+++ b/net/packet/af_packet.c
@@ -93,6 +93,8 @@
93#include <net/inet_common.h> 93#include <net/inet_common.h>
94#endif 94#endif
95 95
96#include "internal.h"
97
96/* 98/*
97 Assumptions: 99 Assumptions:
98 - if device has no dev->hard_header routine, it adds and removes ll header 100 - if device has no dev->hard_header routine, it adds and removes ll header
@@ -146,14 +148,6 @@ dev->hard_header == NULL (ll header is added by device, we cannot control it)
146 148
147/* Private packet socket structures. */ 149/* Private packet socket structures. */
148 150
149struct packet_mclist {
150 struct packet_mclist *next;
151 int ifindex;
152 int count;
153 unsigned short type;
154 unsigned short alen;
155 unsigned char addr[MAX_ADDR_LEN];
156};
157/* identical to struct packet_mreq except it has 151/* identical to struct packet_mreq except it has
158 * a longer address field. 152 * a longer address field.
159 */ 153 */
@@ -175,63 +169,7 @@ static int packet_set_ring(struct sock *sk, union tpacket_req_u *req_u,
175#define BLK_PLUS_PRIV(sz_of_priv) \ 169#define BLK_PLUS_PRIV(sz_of_priv) \
176 (BLK_HDR_LEN + ALIGN((sz_of_priv), V3_ALIGNMENT)) 170 (BLK_HDR_LEN + ALIGN((sz_of_priv), V3_ALIGNMENT))
177 171
178/* kbdq - kernel block descriptor queue */
179struct tpacket_kbdq_core {
180 struct pgv *pkbdq;
181 unsigned int feature_req_word;
182 unsigned int hdrlen;
183 unsigned char reset_pending_on_curr_blk;
184 unsigned char delete_blk_timer;
185 unsigned short kactive_blk_num;
186 unsigned short blk_sizeof_priv;
187
188 /* last_kactive_blk_num:
189 * trick to see if user-space has caught up
190 * in order to avoid refreshing timer when every single pkt arrives.
191 */
192 unsigned short last_kactive_blk_num;
193
194 char *pkblk_start;
195 char *pkblk_end;
196 int kblk_size;
197 unsigned int knum_blocks;
198 uint64_t knxt_seq_num;
199 char *prev;
200 char *nxt_offset;
201 struct sk_buff *skb;
202
203 atomic_t blk_fill_in_prog;
204
205 /* Default is set to 8ms */
206#define DEFAULT_PRB_RETIRE_TOV (8)
207
208 unsigned short retire_blk_tov;
209 unsigned short version;
210 unsigned long tov_in_jiffies;
211
212 /* timer to retire an outstanding block */
213 struct timer_list retire_blk_timer;
214};
215
216#define PGV_FROM_VMALLOC 1 172#define PGV_FROM_VMALLOC 1
217struct pgv {
218 char *buffer;
219};
220
221struct packet_ring_buffer {
222 struct pgv *pg_vec;
223 unsigned int head;
224 unsigned int frames_per_block;
225 unsigned int frame_size;
226 unsigned int frame_max;
227
228 unsigned int pg_vec_order;
229 unsigned int pg_vec_pages;
230 unsigned int pg_vec_len;
231
232 struct tpacket_kbdq_core prb_bdqc;
233 atomic_t pending;
234};
235 173
236#define BLOCK_STATUS(x) ((x)->hdr.bh1.block_status) 174#define BLOCK_STATUS(x) ((x)->hdr.bh1.block_status)
237#define BLOCK_NUM_PKTS(x) ((x)->hdr.bh1.num_pkts) 175#define BLOCK_NUM_PKTS(x) ((x)->hdr.bh1.num_pkts)
@@ -269,52 +207,6 @@ static void prb_fill_vlan_info(struct tpacket_kbdq_core *,
269 struct tpacket3_hdr *); 207 struct tpacket3_hdr *);
270static void packet_flush_mclist(struct sock *sk); 208static void packet_flush_mclist(struct sock *sk);
271 209
272struct packet_fanout;
273struct packet_sock {
274 /* struct sock has to be the first member of packet_sock */
275 struct sock sk;
276 struct packet_fanout *fanout;
277 struct tpacket_stats stats;
278 union tpacket_stats_u stats_u;
279 struct packet_ring_buffer rx_ring;
280 struct packet_ring_buffer tx_ring;
281 int copy_thresh;
282 spinlock_t bind_lock;
283 struct mutex pg_vec_lock;
284 unsigned int running:1, /* prot_hook is attached*/
285 auxdata:1,
286 origdev:1,
287 has_vnet_hdr:1;
288 int ifindex; /* bound device */
289 __be16 num;
290 struct packet_mclist *mclist;
291 atomic_t mapped;
292 enum tpacket_versions tp_version;
293 unsigned int tp_hdrlen;
294 unsigned int tp_reserve;
295 unsigned int tp_loss:1;
296 unsigned int tp_tstamp;
297 struct packet_type prot_hook ____cacheline_aligned_in_smp;
298};
299
300#define PACKET_FANOUT_MAX 256
301
302struct packet_fanout {
303#ifdef CONFIG_NET_NS
304 struct net *net;
305#endif
306 unsigned int num_members;
307 u16 id;
308 u8 type;
309 u8 defrag;
310 atomic_t rr_cur;
311 struct list_head list;
312 struct sock *arr[PACKET_FANOUT_MAX];
313 spinlock_t lock;
314 atomic_t sk_ref;
315 struct packet_type prot_hook ____cacheline_aligned_in_smp;
316};
317
318struct packet_skb_cb { 210struct packet_skb_cb {
319 unsigned int origlen; 211 unsigned int origlen;
320 union { 212 union {
@@ -334,11 +226,6 @@ struct packet_skb_cb {
334 (((x)->kactive_blk_num < ((x)->knum_blocks-1)) ? \ 226 (((x)->kactive_blk_num < ((x)->knum_blocks-1)) ? \
335 ((x)->kactive_blk_num+1) : 0) 227 ((x)->kactive_blk_num+1) : 0)
336 228
337static struct packet_sock *pkt_sk(struct sock *sk)
338{
339 return (struct packet_sock *)sk;
340}
341
342static void __fanout_unlink(struct sock *sk, struct packet_sock *po); 229static void __fanout_unlink(struct sock *sk, struct packet_sock *po);
343static void __fanout_link(struct sock *sk, struct packet_sock *po); 230static void __fanout_link(struct sock *sk, struct packet_sock *po);
344 231
@@ -968,7 +855,8 @@ static void prb_fill_vlan_info(struct tpacket_kbdq_core *pkc,
968 ppd->hv1.tp_vlan_tci = vlan_tx_tag_get(pkc->skb); 855 ppd->hv1.tp_vlan_tci = vlan_tx_tag_get(pkc->skb);
969 ppd->tp_status = TP_STATUS_VLAN_VALID; 856 ppd->tp_status = TP_STATUS_VLAN_VALID;
970 } else { 857 } else {
971 ppd->hv1.tp_vlan_tci = ppd->tp_status = 0; 858 ppd->hv1.tp_vlan_tci = 0;
859 ppd->tp_status = TP_STATUS_AVAILABLE;
972 } 860 }
973} 861}
974 862
@@ -1243,7 +1131,8 @@ static int packet_rcv_fanout(struct sk_buff *skb, struct net_device *dev,
1243 return po->prot_hook.func(skb, dev, &po->prot_hook, orig_dev); 1131 return po->prot_hook.func(skb, dev, &po->prot_hook, orig_dev);
1244} 1132}
1245 1133
1246static DEFINE_MUTEX(fanout_mutex); 1134DEFINE_MUTEX(fanout_mutex);
1135EXPORT_SYMBOL_GPL(fanout_mutex);
1247static LIST_HEAD(fanout_list); 1136static LIST_HEAD(fanout_list);
1248 1137
1249static void __fanout_link(struct sock *sk, struct packet_sock *po) 1138static void __fanout_link(struct sock *sk, struct packet_sock *po)
@@ -1364,9 +1253,9 @@ static void fanout_release(struct sock *sk)
1364 if (!f) 1253 if (!f)
1365 return; 1254 return;
1366 1255
1256 mutex_lock(&fanout_mutex);
1367 po->fanout = NULL; 1257 po->fanout = NULL;
1368 1258
1369 mutex_lock(&fanout_mutex);
1370 if (atomic_dec_and_test(&f->sk_ref)) { 1259 if (atomic_dec_and_test(&f->sk_ref)) {
1371 list_del(&f->list); 1260 list_del(&f->list);
1372 dev_remove_pack(&f->prot_hook); 1261 dev_remove_pack(&f->prot_hook);
@@ -2063,7 +1952,7 @@ static int tpacket_snd(struct packet_sock *po, struct msghdr *msg)
2063 int tp_len, size_max; 1952 int tp_len, size_max;
2064 unsigned char *addr; 1953 unsigned char *addr;
2065 int len_sum = 0; 1954 int len_sum = 0;
2066 int status = 0; 1955 int status = TP_STATUS_AVAILABLE;
2067 int hlen, tlen; 1956 int hlen, tlen;
2068 1957
2069 mutex_lock(&po->pg_vec_lock); 1958 mutex_lock(&po->pg_vec_lock);
@@ -2428,10 +2317,13 @@ static int packet_release(struct socket *sock)
2428 net = sock_net(sk); 2317 net = sock_net(sk);
2429 po = pkt_sk(sk); 2318 po = pkt_sk(sk);
2430 2319
2431 spin_lock_bh(&net->packet.sklist_lock); 2320 mutex_lock(&net->packet.sklist_lock);
2432 sk_del_node_init_rcu(sk); 2321 sk_del_node_init_rcu(sk);
2322 mutex_unlock(&net->packet.sklist_lock);
2323
2324 preempt_disable();
2433 sock_prot_inuse_add(net, sk->sk_prot, -1); 2325 sock_prot_inuse_add(net, sk->sk_prot, -1);
2434 spin_unlock_bh(&net->packet.sklist_lock); 2326 preempt_enable();
2435 2327
2436 spin_lock(&po->bind_lock); 2328 spin_lock(&po->bind_lock);
2437 unregister_prot_hook(sk, false); 2329 unregister_prot_hook(sk, false);
@@ -2630,10 +2522,13 @@ static int packet_create(struct net *net, struct socket *sock, int protocol,
2630 register_prot_hook(sk); 2522 register_prot_hook(sk);
2631 } 2523 }
2632 2524
2633 spin_lock_bh(&net->packet.sklist_lock); 2525 mutex_lock(&net->packet.sklist_lock);
2634 sk_add_node_rcu(sk, &net->packet.sklist); 2526 sk_add_node_rcu(sk, &net->packet.sklist);
2527 mutex_unlock(&net->packet.sklist_lock);
2528
2529 preempt_disable();
2635 sock_prot_inuse_add(net, &packet_proto, 1); 2530 sock_prot_inuse_add(net, &packet_proto, 1);
2636 spin_unlock_bh(&net->packet.sklist_lock); 2531 preempt_enable();
2637 2532
2638 return 0; 2533 return 0;
2639out: 2534out:
@@ -3886,7 +3781,7 @@ static const struct file_operations packet_seq_fops = {
3886 3781
3887static int __net_init packet_net_init(struct net *net) 3782static int __net_init packet_net_init(struct net *net)
3888{ 3783{
3889 spin_lock_init(&net->packet.sklist_lock); 3784 mutex_init(&net->packet.sklist_lock);
3890 INIT_HLIST_HEAD(&net->packet.sklist); 3785 INIT_HLIST_HEAD(&net->packet.sklist);
3891 3786
3892 if (!proc_net_fops_create(net, "packet", 0, &packet_seq_fops)) 3787 if (!proc_net_fops_create(net, "packet", 0, &packet_seq_fops))
diff --git a/net/packet/diag.c b/net/packet/diag.c
new file mode 100644
index 000000000000..8db6e21c46bd
--- /dev/null
+++ b/net/packet/diag.c
@@ -0,0 +1,242 @@
1#include <linux/module.h>
2#include <linux/sock_diag.h>
3#include <linux/net.h>
4#include <linux/netdevice.h>
5#include <linux/packet_diag.h>
6#include <net/net_namespace.h>
7#include <net/sock.h>
8
9#include "internal.h"
10
11static int pdiag_put_info(const struct packet_sock *po, struct sk_buff *nlskb)
12{
13 struct packet_diag_info pinfo;
14
15 pinfo.pdi_index = po->ifindex;
16 pinfo.pdi_version = po->tp_version;
17 pinfo.pdi_reserve = po->tp_reserve;
18 pinfo.pdi_copy_thresh = po->copy_thresh;
19 pinfo.pdi_tstamp = po->tp_tstamp;
20
21 pinfo.pdi_flags = 0;
22 if (po->running)
23 pinfo.pdi_flags |= PDI_RUNNING;
24 if (po->auxdata)
25 pinfo.pdi_flags |= PDI_AUXDATA;
26 if (po->origdev)
27 pinfo.pdi_flags |= PDI_ORIGDEV;
28 if (po->has_vnet_hdr)
29 pinfo.pdi_flags |= PDI_VNETHDR;
30 if (po->tp_loss)
31 pinfo.pdi_flags |= PDI_LOSS;
32
33 return nla_put(nlskb, PACKET_DIAG_INFO, sizeof(pinfo), &pinfo);
34}
35
36static int pdiag_put_mclist(const struct packet_sock *po, struct sk_buff *nlskb)
37{
38 struct nlattr *mca;
39 struct packet_mclist *ml;
40
41 mca = nla_nest_start(nlskb, PACKET_DIAG_MCLIST);
42 if (!mca)
43 return -EMSGSIZE;
44
45 rtnl_lock();
46 for (ml = po->mclist; ml; ml = ml->next) {
47 struct packet_diag_mclist *dml;
48
49 dml = nla_reserve_nohdr(nlskb, sizeof(*dml));
50 if (!dml) {
51 rtnl_unlock();
52 nla_nest_cancel(nlskb, mca);
53 return -EMSGSIZE;
54 }
55
56 dml->pdmc_index = ml->ifindex;
57 dml->pdmc_type = ml->type;
58 dml->pdmc_alen = ml->alen;
59 dml->pdmc_count = ml->count;
60 BUILD_BUG_ON(sizeof(dml->pdmc_addr) != sizeof(ml->addr));
61 memcpy(dml->pdmc_addr, ml->addr, sizeof(ml->addr));
62 }
63
64 rtnl_unlock();
65 nla_nest_end(nlskb, mca);
66
67 return 0;
68}
69
70static int pdiag_put_ring(struct packet_ring_buffer *ring, int ver, int nl_type,
71 struct sk_buff *nlskb)
72{
73 struct packet_diag_ring pdr;
74
75 if (!ring->pg_vec || ((ver > TPACKET_V2) &&
76 (nl_type == PACKET_DIAG_TX_RING)))
77 return 0;
78
79 pdr.pdr_block_size = ring->pg_vec_pages << PAGE_SHIFT;
80 pdr.pdr_block_nr = ring->pg_vec_len;
81 pdr.pdr_frame_size = ring->frame_size;
82 pdr.pdr_frame_nr = ring->frame_max + 1;
83
84 if (ver > TPACKET_V2) {
85 pdr.pdr_retire_tmo = ring->prb_bdqc.retire_blk_tov;
86 pdr.pdr_sizeof_priv = ring->prb_bdqc.blk_sizeof_priv;
87 pdr.pdr_features = ring->prb_bdqc.feature_req_word;
88 } else {
89 pdr.pdr_retire_tmo = 0;
90 pdr.pdr_sizeof_priv = 0;
91 pdr.pdr_features = 0;
92 }
93
94 return nla_put(nlskb, nl_type, sizeof(pdr), &pdr);
95}
96
97static int pdiag_put_rings_cfg(struct packet_sock *po, struct sk_buff *skb)
98{
99 int ret;
100
101 mutex_lock(&po->pg_vec_lock);
102 ret = pdiag_put_ring(&po->rx_ring, po->tp_version,
103 PACKET_DIAG_RX_RING, skb);
104 if (!ret)
105 ret = pdiag_put_ring(&po->tx_ring, po->tp_version,
106 PACKET_DIAG_TX_RING, skb);
107 mutex_unlock(&po->pg_vec_lock);
108
109 return ret;
110}
111
112static int pdiag_put_fanout(struct packet_sock *po, struct sk_buff *nlskb)
113{
114 int ret = 0;
115
116 mutex_lock(&fanout_mutex);
117 if (po->fanout) {
118 u32 val;
119
120 val = (u32)po->fanout->id | ((u32)po->fanout->type << 16);
121 ret = nla_put_u32(nlskb, PACKET_DIAG_FANOUT, val);
122 }
123 mutex_unlock(&fanout_mutex);
124
125 return ret;
126}
127
128static int sk_diag_fill(struct sock *sk, struct sk_buff *skb, struct packet_diag_req *req,
129 u32 portid, u32 seq, u32 flags, int sk_ino)
130{
131 struct nlmsghdr *nlh;
132 struct packet_diag_msg *rp;
133 struct packet_sock *po = pkt_sk(sk);
134
135 nlh = nlmsg_put(skb, portid, seq, SOCK_DIAG_BY_FAMILY, sizeof(*rp), flags);
136 if (!nlh)
137 return -EMSGSIZE;
138
139 rp = nlmsg_data(nlh);
140 rp->pdiag_family = AF_PACKET;
141 rp->pdiag_type = sk->sk_type;
142 rp->pdiag_num = ntohs(po->num);
143 rp->pdiag_ino = sk_ino;
144 sock_diag_save_cookie(sk, rp->pdiag_cookie);
145
146 if ((req->pdiag_show & PACKET_SHOW_INFO) &&
147 pdiag_put_info(po, skb))
148 goto out_nlmsg_trim;
149
150 if ((req->pdiag_show & PACKET_SHOW_MCLIST) &&
151 pdiag_put_mclist(po, skb))
152 goto out_nlmsg_trim;
153
154 if ((req->pdiag_show & PACKET_SHOW_RING_CFG) &&
155 pdiag_put_rings_cfg(po, skb))
156 goto out_nlmsg_trim;
157
158 if ((req->pdiag_show & PACKET_SHOW_FANOUT) &&
159 pdiag_put_fanout(po, skb))
160 goto out_nlmsg_trim;
161
162 return nlmsg_end(skb, nlh);
163
164out_nlmsg_trim:
165 nlmsg_cancel(skb, nlh);
166 return -EMSGSIZE;
167}
168
169static int packet_diag_dump(struct sk_buff *skb, struct netlink_callback *cb)
170{
171 int num = 0, s_num = cb->args[0];
172 struct packet_diag_req *req;
173 struct net *net;
174 struct sock *sk;
175 struct hlist_node *node;
176
177 net = sock_net(skb->sk);
178 req = nlmsg_data(cb->nlh);
179
180 mutex_lock(&net->packet.sklist_lock);
181 sk_for_each(sk, node, &net->packet.sklist) {
182 if (!net_eq(sock_net(sk), net))
183 continue;
184 if (num < s_num)
185 goto next;
186
187 if (sk_diag_fill(sk, skb, req, NETLINK_CB(cb->skb).portid,
188 cb->nlh->nlmsg_seq, NLM_F_MULTI,
189 sock_i_ino(sk)) < 0)
190 goto done;
191next:
192 num++;
193 }
194done:
195 mutex_unlock(&net->packet.sklist_lock);
196 cb->args[0] = num;
197
198 return skb->len;
199}
200
201static int packet_diag_handler_dump(struct sk_buff *skb, struct nlmsghdr *h)
202{
203 int hdrlen = sizeof(struct packet_diag_req);
204 struct net *net = sock_net(skb->sk);
205 struct packet_diag_req *req;
206
207 if (nlmsg_len(h) < hdrlen)
208 return -EINVAL;
209
210 req = nlmsg_data(h);
211 /* Make it possible to support protocol filtering later */
212 if (req->sdiag_protocol)
213 return -EINVAL;
214
215 if (h->nlmsg_flags & NLM_F_DUMP) {
216 struct netlink_dump_control c = {
217 .dump = packet_diag_dump,
218 };
219 return netlink_dump_start(net->diag_nlsk, skb, h, &c);
220 } else
221 return -EOPNOTSUPP;
222}
223
224static const struct sock_diag_handler packet_diag_handler = {
225 .family = AF_PACKET,
226 .dump = packet_diag_handler_dump,
227};
228
229static int __init packet_diag_init(void)
230{
231 return sock_diag_register(&packet_diag_handler);
232}
233
234static void __exit packet_diag_exit(void)
235{
236 sock_diag_unregister(&packet_diag_handler);
237}
238
239module_init(packet_diag_init);
240module_exit(packet_diag_exit);
241MODULE_LICENSE("GPL");
242MODULE_ALIAS_NET_PF_PROTO_TYPE(PF_NETLINK, NETLINK_SOCK_DIAG, 17 /* AF_PACKET */);
diff --git a/net/packet/internal.h b/net/packet/internal.h
new file mode 100644
index 000000000000..44945f6b7252
--- /dev/null
+++ b/net/packet/internal.h
@@ -0,0 +1,121 @@
1#ifndef __PACKET_INTERNAL_H__
2#define __PACKET_INTERNAL_H__
3
4struct packet_mclist {
5 struct packet_mclist *next;
6 int ifindex;
7 int count;
8 unsigned short type;
9 unsigned short alen;
10 unsigned char addr[MAX_ADDR_LEN];
11};
12
13/* kbdq - kernel block descriptor queue */
14struct tpacket_kbdq_core {
15 struct pgv *pkbdq;
16 unsigned int feature_req_word;
17 unsigned int hdrlen;
18 unsigned char reset_pending_on_curr_blk;
19 unsigned char delete_blk_timer;
20 unsigned short kactive_blk_num;
21 unsigned short blk_sizeof_priv;
22
23 /* last_kactive_blk_num:
24 * trick to see if user-space has caught up
25 * in order to avoid refreshing timer when every single pkt arrives.
26 */
27 unsigned short last_kactive_blk_num;
28
29 char *pkblk_start;
30 char *pkblk_end;
31 int kblk_size;
32 unsigned int knum_blocks;
33 uint64_t knxt_seq_num;
34 char *prev;
35 char *nxt_offset;
36 struct sk_buff *skb;
37
38 atomic_t blk_fill_in_prog;
39
40 /* Default is set to 8ms */
41#define DEFAULT_PRB_RETIRE_TOV (8)
42
43 unsigned short retire_blk_tov;
44 unsigned short version;
45 unsigned long tov_in_jiffies;
46
47 /* timer to retire an outstanding block */
48 struct timer_list retire_blk_timer;
49};
50
51struct pgv {
52 char *buffer;
53};
54
55struct packet_ring_buffer {
56 struct pgv *pg_vec;
57 unsigned int head;
58 unsigned int frames_per_block;
59 unsigned int frame_size;
60 unsigned int frame_max;
61
62 unsigned int pg_vec_order;
63 unsigned int pg_vec_pages;
64 unsigned int pg_vec_len;
65
66 struct tpacket_kbdq_core prb_bdqc;
67 atomic_t pending;
68};
69
70extern struct mutex fanout_mutex;
71#define PACKET_FANOUT_MAX 256
72
73struct packet_fanout {
74#ifdef CONFIG_NET_NS
75 struct net *net;
76#endif
77 unsigned int num_members;
78 u16 id;
79 u8 type;
80 u8 defrag;
81 atomic_t rr_cur;
82 struct list_head list;
83 struct sock *arr[PACKET_FANOUT_MAX];
84 spinlock_t lock;
85 atomic_t sk_ref;
86 struct packet_type prot_hook ____cacheline_aligned_in_smp;
87};
88
89struct packet_sock {
90 /* struct sock has to be the first member of packet_sock */
91 struct sock sk;
92 struct packet_fanout *fanout;
93 struct tpacket_stats stats;
94 union tpacket_stats_u stats_u;
95 struct packet_ring_buffer rx_ring;
96 struct packet_ring_buffer tx_ring;
97 int copy_thresh;
98 spinlock_t bind_lock;
99 struct mutex pg_vec_lock;
100 unsigned int running:1, /* prot_hook is attached*/
101 auxdata:1,
102 origdev:1,
103 has_vnet_hdr:1;
104 int ifindex; /* bound device */
105 __be16 num;
106 struct packet_mclist *mclist;
107 atomic_t mapped;
108 enum tpacket_versions tp_version;
109 unsigned int tp_hdrlen;
110 unsigned int tp_reserve;
111 unsigned int tp_loss:1;
112 unsigned int tp_tstamp;
113 struct packet_type prot_hook ____cacheline_aligned_in_smp;
114};
115
116static struct packet_sock *pkt_sk(struct sock *sk)
117{
118 return (struct packet_sock *)sk;
119}
120
121#endif
diff --git a/net/phonet/pn_netlink.c b/net/phonet/pn_netlink.c
index 7dd762a464e5..83a8389619aa 100644
--- a/net/phonet/pn_netlink.c
+++ b/net/phonet/pn_netlink.c
@@ -33,7 +33,7 @@
33/* Device address handling */ 33/* Device address handling */
34 34
35static int fill_addr(struct sk_buff *skb, struct net_device *dev, u8 addr, 35static int fill_addr(struct sk_buff *skb, struct net_device *dev, u8 addr,
36 u32 pid, u32 seq, int event); 36 u32 portid, u32 seq, int event);
37 37
38void phonet_address_notify(int event, struct net_device *dev, u8 addr) 38void phonet_address_notify(int event, struct net_device *dev, u8 addr)
39{ 39{
@@ -101,12 +101,12 @@ static int addr_doit(struct sk_buff *skb, struct nlmsghdr *nlh, void *attr)
101} 101}
102 102
103static int fill_addr(struct sk_buff *skb, struct net_device *dev, u8 addr, 103static int fill_addr(struct sk_buff *skb, struct net_device *dev, u8 addr,
104 u32 pid, u32 seq, int event) 104 u32 portid, u32 seq, int event)
105{ 105{
106 struct ifaddrmsg *ifm; 106 struct ifaddrmsg *ifm;
107 struct nlmsghdr *nlh; 107 struct nlmsghdr *nlh;
108 108
109 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*ifm), 0); 109 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*ifm), 0);
110 if (nlh == NULL) 110 if (nlh == NULL)
111 return -EMSGSIZE; 111 return -EMSGSIZE;
112 112
@@ -148,7 +148,7 @@ static int getaddr_dumpit(struct sk_buff *skb, struct netlink_callback *cb)
148 continue; 148 continue;
149 149
150 if (fill_addr(skb, pnd->netdev, addr << 2, 150 if (fill_addr(skb, pnd->netdev, addr << 2,
151 NETLINK_CB(cb->skb).pid, 151 NETLINK_CB(cb->skb).portid,
152 cb->nlh->nlmsg_seq, RTM_NEWADDR) < 0) 152 cb->nlh->nlmsg_seq, RTM_NEWADDR) < 0)
153 goto out; 153 goto out;
154 } 154 }
@@ -165,12 +165,12 @@ out:
165/* Routes handling */ 165/* Routes handling */
166 166
167static int fill_route(struct sk_buff *skb, struct net_device *dev, u8 dst, 167static int fill_route(struct sk_buff *skb, struct net_device *dev, u8 dst,
168 u32 pid, u32 seq, int event) 168 u32 portid, u32 seq, int event)
169{ 169{
170 struct rtmsg *rtm; 170 struct rtmsg *rtm;
171 struct nlmsghdr *nlh; 171 struct nlmsghdr *nlh;
172 172
173 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*rtm), 0); 173 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*rtm), 0);
174 if (nlh == NULL) 174 if (nlh == NULL)
175 return -EMSGSIZE; 175 return -EMSGSIZE;
176 176
@@ -276,7 +276,7 @@ static int route_dumpit(struct sk_buff *skb, struct netlink_callback *cb)
276 276
277 if (addr_idx++ < addr_start_idx) 277 if (addr_idx++ < addr_start_idx)
278 continue; 278 continue;
279 if (fill_route(skb, dev, addr << 2, NETLINK_CB(cb->skb).pid, 279 if (fill_route(skb, dev, addr << 2, NETLINK_CB(cb->skb).portid,
280 cb->nlh->nlmsg_seq, RTM_NEWROUTE)) 280 cb->nlh->nlmsg_seq, RTM_NEWROUTE))
281 goto out; 281 goto out;
282 } 282 }
diff --git a/net/rds/tcp_connect.c b/net/rds/tcp_connect.c
index af95c8e058fc..a65ee78db0c5 100644
--- a/net/rds/tcp_connect.c
+++ b/net/rds/tcp_connect.c
@@ -43,7 +43,7 @@ void rds_tcp_state_change(struct sock *sk)
43 struct rds_connection *conn; 43 struct rds_connection *conn;
44 struct rds_tcp_connection *tc; 44 struct rds_tcp_connection *tc;
45 45
46 read_lock_bh(&sk->sk_callback_lock); 46 read_lock(&sk->sk_callback_lock);
47 conn = sk->sk_user_data; 47 conn = sk->sk_user_data;
48 if (!conn) { 48 if (!conn) {
49 state_change = sk->sk_state_change; 49 state_change = sk->sk_state_change;
@@ -68,7 +68,7 @@ void rds_tcp_state_change(struct sock *sk)
68 break; 68 break;
69 } 69 }
70out: 70out:
71 read_unlock_bh(&sk->sk_callback_lock); 71 read_unlock(&sk->sk_callback_lock);
72 state_change(sk); 72 state_change(sk);
73} 73}
74 74
diff --git a/net/rds/tcp_listen.c b/net/rds/tcp_listen.c
index 72981375f47c..7787537e9c2e 100644
--- a/net/rds/tcp_listen.c
+++ b/net/rds/tcp_listen.c
@@ -114,7 +114,7 @@ void rds_tcp_listen_data_ready(struct sock *sk, int bytes)
114 114
115 rdsdebug("listen data ready sk %p\n", sk); 115 rdsdebug("listen data ready sk %p\n", sk);
116 116
117 read_lock_bh(&sk->sk_callback_lock); 117 read_lock(&sk->sk_callback_lock);
118 ready = sk->sk_user_data; 118 ready = sk->sk_user_data;
119 if (!ready) { /* check for teardown race */ 119 if (!ready) { /* check for teardown race */
120 ready = sk->sk_data_ready; 120 ready = sk->sk_data_ready;
@@ -131,7 +131,7 @@ void rds_tcp_listen_data_ready(struct sock *sk, int bytes)
131 queue_work(rds_wq, &rds_tcp_listen_work); 131 queue_work(rds_wq, &rds_tcp_listen_work);
132 132
133out: 133out:
134 read_unlock_bh(&sk->sk_callback_lock); 134 read_unlock(&sk->sk_callback_lock);
135 ready(sk, bytes); 135 ready(sk, bytes);
136} 136}
137 137
diff --git a/net/rds/tcp_recv.c b/net/rds/tcp_recv.c
index 6243258f840f..4fac4f2bb9dc 100644
--- a/net/rds/tcp_recv.c
+++ b/net/rds/tcp_recv.c
@@ -322,7 +322,7 @@ void rds_tcp_data_ready(struct sock *sk, int bytes)
322 322
323 rdsdebug("data ready sk %p bytes %d\n", sk, bytes); 323 rdsdebug("data ready sk %p bytes %d\n", sk, bytes);
324 324
325 read_lock_bh(&sk->sk_callback_lock); 325 read_lock(&sk->sk_callback_lock);
326 conn = sk->sk_user_data; 326 conn = sk->sk_user_data;
327 if (!conn) { /* check for teardown race */ 327 if (!conn) { /* check for teardown race */
328 ready = sk->sk_data_ready; 328 ready = sk->sk_data_ready;
@@ -336,7 +336,7 @@ void rds_tcp_data_ready(struct sock *sk, int bytes)
336 if (rds_tcp_read_sock(conn, GFP_ATOMIC) == -ENOMEM) 336 if (rds_tcp_read_sock(conn, GFP_ATOMIC) == -ENOMEM)
337 queue_delayed_work(rds_wq, &conn->c_recv_w, 0); 337 queue_delayed_work(rds_wq, &conn->c_recv_w, 0);
338out: 338out:
339 read_unlock_bh(&sk->sk_callback_lock); 339 read_unlock(&sk->sk_callback_lock);
340 ready(sk, bytes); 340 ready(sk, bytes);
341} 341}
342 342
diff --git a/net/rds/tcp_send.c b/net/rds/tcp_send.c
index 1b4fd68f0c7c..81cf5a4c5e40 100644
--- a/net/rds/tcp_send.c
+++ b/net/rds/tcp_send.c
@@ -174,7 +174,7 @@ void rds_tcp_write_space(struct sock *sk)
174 struct rds_connection *conn; 174 struct rds_connection *conn;
175 struct rds_tcp_connection *tc; 175 struct rds_tcp_connection *tc;
176 176
177 read_lock_bh(&sk->sk_callback_lock); 177 read_lock(&sk->sk_callback_lock);
178 conn = sk->sk_user_data; 178 conn = sk->sk_user_data;
179 if (!conn) { 179 if (!conn) {
180 write_space = sk->sk_write_space; 180 write_space = sk->sk_write_space;
@@ -194,7 +194,7 @@ void rds_tcp_write_space(struct sock *sk)
194 queue_delayed_work(rds_wq, &conn->c_send_w, 0); 194 queue_delayed_work(rds_wq, &conn->c_send_w, 0);
195 195
196out: 196out:
197 read_unlock_bh(&sk->sk_callback_lock); 197 read_unlock(&sk->sk_callback_lock);
198 198
199 /* 199 /*
200 * write_space is only called when data leaves tcp's send queue if 200 * write_space is only called when data leaves tcp's send queue if
diff --git a/net/rfkill/core.c b/net/rfkill/core.c
index 752b72360ebc..a5c952741279 100644
--- a/net/rfkill/core.c
+++ b/net/rfkill/core.c
@@ -150,6 +150,20 @@ static void rfkill_led_trigger_activate(struct led_classdev *led)
150 rfkill_led_trigger_event(rfkill); 150 rfkill_led_trigger_event(rfkill);
151} 151}
152 152
153const char *rfkill_get_led_trigger_name(struct rfkill *rfkill)
154{
155 return rfkill->led_trigger.name;
156}
157EXPORT_SYMBOL(rfkill_get_led_trigger_name);
158
159void rfkill_set_led_trigger_name(struct rfkill *rfkill, const char *name)
160{
161 BUG_ON(!rfkill);
162
163 rfkill->ledtrigname = name;
164}
165EXPORT_SYMBOL(rfkill_set_led_trigger_name);
166
153static int rfkill_led_trigger_register(struct rfkill *rfkill) 167static int rfkill_led_trigger_register(struct rfkill *rfkill)
154{ 168{
155 rfkill->led_trigger.name = rfkill->ledtrigname 169 rfkill->led_trigger.name = rfkill->ledtrigname
@@ -256,6 +270,7 @@ static bool __rfkill_set_hw_state(struct rfkill *rfkill,
256static void rfkill_set_block(struct rfkill *rfkill, bool blocked) 270static void rfkill_set_block(struct rfkill *rfkill, bool blocked)
257{ 271{
258 unsigned long flags; 272 unsigned long flags;
273 bool prev, curr;
259 int err; 274 int err;
260 275
261 if (unlikely(rfkill->dev.power.power_state.event & PM_EVENT_SLEEP)) 276 if (unlikely(rfkill->dev.power.power_state.event & PM_EVENT_SLEEP))
@@ -270,6 +285,8 @@ static void rfkill_set_block(struct rfkill *rfkill, bool blocked)
270 rfkill->ops->query(rfkill, rfkill->data); 285 rfkill->ops->query(rfkill, rfkill->data);
271 286
272 spin_lock_irqsave(&rfkill->lock, flags); 287 spin_lock_irqsave(&rfkill->lock, flags);
288 prev = rfkill->state & RFKILL_BLOCK_SW;
289
273 if (rfkill->state & RFKILL_BLOCK_SW) 290 if (rfkill->state & RFKILL_BLOCK_SW)
274 rfkill->state |= RFKILL_BLOCK_SW_PREV; 291 rfkill->state |= RFKILL_BLOCK_SW_PREV;
275 else 292 else
@@ -299,10 +316,13 @@ static void rfkill_set_block(struct rfkill *rfkill, bool blocked)
299 } 316 }
300 rfkill->state &= ~RFKILL_BLOCK_SW_SETCALL; 317 rfkill->state &= ~RFKILL_BLOCK_SW_SETCALL;
301 rfkill->state &= ~RFKILL_BLOCK_SW_PREV; 318 rfkill->state &= ~RFKILL_BLOCK_SW_PREV;
319 curr = rfkill->state & RFKILL_BLOCK_SW;
302 spin_unlock_irqrestore(&rfkill->lock, flags); 320 spin_unlock_irqrestore(&rfkill->lock, flags);
303 321
304 rfkill_led_trigger_event(rfkill); 322 rfkill_led_trigger_event(rfkill);
305 rfkill_event(rfkill); 323
324 if (prev != curr)
325 rfkill_event(rfkill);
306} 326}
307 327
308#ifdef CONFIG_RFKILL_INPUT 328#ifdef CONFIG_RFKILL_INPUT
diff --git a/net/sched/act_api.c b/net/sched/act_api.c
index e3d2c78cb52c..102761d294cb 100644
--- a/net/sched/act_api.c
+++ b/net/sched/act_api.c
@@ -644,7 +644,7 @@ errout:
644} 644}
645 645
646static int 646static int
647tca_get_fill(struct sk_buff *skb, struct tc_action *a, u32 pid, u32 seq, 647tca_get_fill(struct sk_buff *skb, struct tc_action *a, u32 portid, u32 seq,
648 u16 flags, int event, int bind, int ref) 648 u16 flags, int event, int bind, int ref)
649{ 649{
650 struct tcamsg *t; 650 struct tcamsg *t;
@@ -652,7 +652,7 @@ tca_get_fill(struct sk_buff *skb, struct tc_action *a, u32 pid, u32 seq,
652 unsigned char *b = skb_tail_pointer(skb); 652 unsigned char *b = skb_tail_pointer(skb);
653 struct nlattr *nest; 653 struct nlattr *nest;
654 654
655 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*t), flags); 655 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*t), flags);
656 if (!nlh) 656 if (!nlh)
657 goto out_nlmsg_trim; 657 goto out_nlmsg_trim;
658 t = nlmsg_data(nlh); 658 t = nlmsg_data(nlh);
@@ -678,7 +678,7 @@ out_nlmsg_trim:
678} 678}
679 679
680static int 680static int
681act_get_notify(struct net *net, u32 pid, struct nlmsghdr *n, 681act_get_notify(struct net *net, u32 portid, struct nlmsghdr *n,
682 struct tc_action *a, int event) 682 struct tc_action *a, int event)
683{ 683{
684 struct sk_buff *skb; 684 struct sk_buff *skb;
@@ -686,16 +686,16 @@ act_get_notify(struct net *net, u32 pid, struct nlmsghdr *n,
686 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 686 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
687 if (!skb) 687 if (!skb)
688 return -ENOBUFS; 688 return -ENOBUFS;
689 if (tca_get_fill(skb, a, pid, n->nlmsg_seq, 0, event, 0, 0) <= 0) { 689 if (tca_get_fill(skb, a, portid, n->nlmsg_seq, 0, event, 0, 0) <= 0) {
690 kfree_skb(skb); 690 kfree_skb(skb);
691 return -EINVAL; 691 return -EINVAL;
692 } 692 }
693 693
694 return rtnl_unicast(skb, net, pid); 694 return rtnl_unicast(skb, net, portid);
695} 695}
696 696
697static struct tc_action * 697static struct tc_action *
698tcf_action_get_1(struct nlattr *nla, struct nlmsghdr *n, u32 pid) 698tcf_action_get_1(struct nlattr *nla, struct nlmsghdr *n, u32 portid)
699{ 699{
700 struct nlattr *tb[TCA_ACT_MAX + 1]; 700 struct nlattr *tb[TCA_ACT_MAX + 1];
701 struct tc_action *a; 701 struct tc_action *a;
@@ -762,7 +762,7 @@ static struct tc_action *create_a(int i)
762} 762}
763 763
764static int tca_action_flush(struct net *net, struct nlattr *nla, 764static int tca_action_flush(struct net *net, struct nlattr *nla,
765 struct nlmsghdr *n, u32 pid) 765 struct nlmsghdr *n, u32 portid)
766{ 766{
767 struct sk_buff *skb; 767 struct sk_buff *skb;
768 unsigned char *b; 768 unsigned char *b;
@@ -799,7 +799,7 @@ static int tca_action_flush(struct net *net, struct nlattr *nla,
799 if (a->ops == NULL) 799 if (a->ops == NULL)
800 goto err_out; 800 goto err_out;
801 801
802 nlh = nlmsg_put(skb, pid, n->nlmsg_seq, RTM_DELACTION, sizeof(*t), 0); 802 nlh = nlmsg_put(skb, portid, n->nlmsg_seq, RTM_DELACTION, sizeof(*t), 0);
803 if (!nlh) 803 if (!nlh)
804 goto out_module_put; 804 goto out_module_put;
805 t = nlmsg_data(nlh); 805 t = nlmsg_data(nlh);
@@ -823,7 +823,7 @@ static int tca_action_flush(struct net *net, struct nlattr *nla,
823 nlh->nlmsg_flags |= NLM_F_ROOT; 823 nlh->nlmsg_flags |= NLM_F_ROOT;
824 module_put(a->ops->owner); 824 module_put(a->ops->owner);
825 kfree(a); 825 kfree(a);
826 err = rtnetlink_send(skb, net, pid, RTNLGRP_TC, 826 err = rtnetlink_send(skb, net, portid, RTNLGRP_TC,
827 n->nlmsg_flags & NLM_F_ECHO); 827 n->nlmsg_flags & NLM_F_ECHO);
828 if (err > 0) 828 if (err > 0)
829 return 0; 829 return 0;
@@ -841,7 +841,7 @@ noflush_out:
841 841
842static int 842static int
843tca_action_gd(struct net *net, struct nlattr *nla, struct nlmsghdr *n, 843tca_action_gd(struct net *net, struct nlattr *nla, struct nlmsghdr *n,
844 u32 pid, int event) 844 u32 portid, int event)
845{ 845{
846 int i, ret; 846 int i, ret;
847 struct nlattr *tb[TCA_ACT_MAX_PRIO + 1]; 847 struct nlattr *tb[TCA_ACT_MAX_PRIO + 1];
@@ -853,13 +853,13 @@ tca_action_gd(struct net *net, struct nlattr *nla, struct nlmsghdr *n,
853 853
854 if (event == RTM_DELACTION && n->nlmsg_flags & NLM_F_ROOT) { 854 if (event == RTM_DELACTION && n->nlmsg_flags & NLM_F_ROOT) {
855 if (tb[1] != NULL) 855 if (tb[1] != NULL)
856 return tca_action_flush(net, tb[1], n, pid); 856 return tca_action_flush(net, tb[1], n, portid);
857 else 857 else
858 return -EINVAL; 858 return -EINVAL;
859 } 859 }
860 860
861 for (i = 1; i <= TCA_ACT_MAX_PRIO && tb[i]; i++) { 861 for (i = 1; i <= TCA_ACT_MAX_PRIO && tb[i]; i++) {
862 act = tcf_action_get_1(tb[i], n, pid); 862 act = tcf_action_get_1(tb[i], n, portid);
863 if (IS_ERR(act)) { 863 if (IS_ERR(act)) {
864 ret = PTR_ERR(act); 864 ret = PTR_ERR(act);
865 goto err; 865 goto err;
@@ -874,7 +874,7 @@ tca_action_gd(struct net *net, struct nlattr *nla, struct nlmsghdr *n,
874 } 874 }
875 875
876 if (event == RTM_GETACTION) 876 if (event == RTM_GETACTION)
877 ret = act_get_notify(net, pid, n, head, event); 877 ret = act_get_notify(net, portid, n, head, event);
878 else { /* delete */ 878 else { /* delete */
879 struct sk_buff *skb; 879 struct sk_buff *skb;
880 880
@@ -884,7 +884,7 @@ tca_action_gd(struct net *net, struct nlattr *nla, struct nlmsghdr *n,
884 goto err; 884 goto err;
885 } 885 }
886 886
887 if (tca_get_fill(skb, head, pid, n->nlmsg_seq, 0, event, 887 if (tca_get_fill(skb, head, portid, n->nlmsg_seq, 0, event,
888 0, 1) <= 0) { 888 0, 1) <= 0) {
889 kfree_skb(skb); 889 kfree_skb(skb);
890 ret = -EINVAL; 890 ret = -EINVAL;
@@ -893,7 +893,7 @@ tca_action_gd(struct net *net, struct nlattr *nla, struct nlmsghdr *n,
893 893
894 /* now do the delete */ 894 /* now do the delete */
895 tcf_action_destroy(head, 0); 895 tcf_action_destroy(head, 0);
896 ret = rtnetlink_send(skb, net, pid, RTNLGRP_TC, 896 ret = rtnetlink_send(skb, net, portid, RTNLGRP_TC,
897 n->nlmsg_flags & NLM_F_ECHO); 897 n->nlmsg_flags & NLM_F_ECHO);
898 if (ret > 0) 898 if (ret > 0)
899 return 0; 899 return 0;
@@ -905,7 +905,7 @@ err:
905} 905}
906 906
907static int tcf_add_notify(struct net *net, struct tc_action *a, 907static int tcf_add_notify(struct net *net, struct tc_action *a,
908 u32 pid, u32 seq, int event, u16 flags) 908 u32 portid, u32 seq, int event, u16 flags)
909{ 909{
910 struct tcamsg *t; 910 struct tcamsg *t;
911 struct nlmsghdr *nlh; 911 struct nlmsghdr *nlh;
@@ -920,7 +920,7 @@ static int tcf_add_notify(struct net *net, struct tc_action *a,
920 920
921 b = skb_tail_pointer(skb); 921 b = skb_tail_pointer(skb);
922 922
923 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*t), flags); 923 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*t), flags);
924 if (!nlh) 924 if (!nlh)
925 goto out_kfree_skb; 925 goto out_kfree_skb;
926 t = nlmsg_data(nlh); 926 t = nlmsg_data(nlh);
@@ -940,7 +940,7 @@ static int tcf_add_notify(struct net *net, struct tc_action *a,
940 nlh->nlmsg_len = skb_tail_pointer(skb) - b; 940 nlh->nlmsg_len = skb_tail_pointer(skb) - b;
941 NETLINK_CB(skb).dst_group = RTNLGRP_TC; 941 NETLINK_CB(skb).dst_group = RTNLGRP_TC;
942 942
943 err = rtnetlink_send(skb, net, pid, RTNLGRP_TC, flags & NLM_F_ECHO); 943 err = rtnetlink_send(skb, net, portid, RTNLGRP_TC, flags & NLM_F_ECHO);
944 if (err > 0) 944 if (err > 0)
945 err = 0; 945 err = 0;
946 return err; 946 return err;
@@ -953,7 +953,7 @@ out_kfree_skb:
953 953
954static int 954static int
955tcf_action_add(struct net *net, struct nlattr *nla, struct nlmsghdr *n, 955tcf_action_add(struct net *net, struct nlattr *nla, struct nlmsghdr *n,
956 u32 pid, int ovr) 956 u32 portid, int ovr)
957{ 957{
958 int ret = 0; 958 int ret = 0;
959 struct tc_action *act; 959 struct tc_action *act;
@@ -971,7 +971,7 @@ tcf_action_add(struct net *net, struct nlattr *nla, struct nlmsghdr *n,
971 /* dump then free all the actions after update; inserted policy 971 /* dump then free all the actions after update; inserted policy
972 * stays intact 972 * stays intact
973 */ 973 */
974 ret = tcf_add_notify(net, act, pid, seq, RTM_NEWACTION, n->nlmsg_flags); 974 ret = tcf_add_notify(net, act, portid, seq, RTM_NEWACTION, n->nlmsg_flags);
975 for (a = act; a; a = act) { 975 for (a = act; a; a = act) {
976 act = a->next; 976 act = a->next;
977 kfree(a); 977 kfree(a);
@@ -984,7 +984,7 @@ static int tc_ctl_action(struct sk_buff *skb, struct nlmsghdr *n, void *arg)
984{ 984{
985 struct net *net = sock_net(skb->sk); 985 struct net *net = sock_net(skb->sk);
986 struct nlattr *tca[TCA_ACT_MAX + 1]; 986 struct nlattr *tca[TCA_ACT_MAX + 1];
987 u32 pid = skb ? NETLINK_CB(skb).pid : 0; 987 u32 portid = skb ? NETLINK_CB(skb).portid : 0;
988 int ret = 0, ovr = 0; 988 int ret = 0, ovr = 0;
989 989
990 ret = nlmsg_parse(n, sizeof(struct tcamsg), tca, TCA_ACT_MAX, NULL); 990 ret = nlmsg_parse(n, sizeof(struct tcamsg), tca, TCA_ACT_MAX, NULL);
@@ -1008,17 +1008,17 @@ static int tc_ctl_action(struct sk_buff *skb, struct nlmsghdr *n, void *arg)
1008 if (n->nlmsg_flags & NLM_F_REPLACE) 1008 if (n->nlmsg_flags & NLM_F_REPLACE)
1009 ovr = 1; 1009 ovr = 1;
1010replay: 1010replay:
1011 ret = tcf_action_add(net, tca[TCA_ACT_TAB], n, pid, ovr); 1011 ret = tcf_action_add(net, tca[TCA_ACT_TAB], n, portid, ovr);
1012 if (ret == -EAGAIN) 1012 if (ret == -EAGAIN)
1013 goto replay; 1013 goto replay;
1014 break; 1014 break;
1015 case RTM_DELACTION: 1015 case RTM_DELACTION:
1016 ret = tca_action_gd(net, tca[TCA_ACT_TAB], n, 1016 ret = tca_action_gd(net, tca[TCA_ACT_TAB], n,
1017 pid, RTM_DELACTION); 1017 portid, RTM_DELACTION);
1018 break; 1018 break;
1019 case RTM_GETACTION: 1019 case RTM_GETACTION:
1020 ret = tca_action_gd(net, tca[TCA_ACT_TAB], n, 1020 ret = tca_action_gd(net, tca[TCA_ACT_TAB], n,
1021 pid, RTM_GETACTION); 1021 portid, RTM_GETACTION);
1022 break; 1022 break;
1023 default: 1023 default:
1024 BUG(); 1024 BUG();
@@ -1085,7 +1085,7 @@ tc_dump_action(struct sk_buff *skb, struct netlink_callback *cb)
1085 goto out_module_put; 1085 goto out_module_put;
1086 } 1086 }
1087 1087
1088 nlh = nlmsg_put(skb, NETLINK_CB(cb->skb).pid, cb->nlh->nlmsg_seq, 1088 nlh = nlmsg_put(skb, NETLINK_CB(cb->skb).portid, cb->nlh->nlmsg_seq,
1089 cb->nlh->nlmsg_type, sizeof(*t), 0); 1089 cb->nlh->nlmsg_type, sizeof(*t), 0);
1090 if (!nlh) 1090 if (!nlh)
1091 goto out_module_put; 1091 goto out_module_put;
@@ -1109,7 +1109,7 @@ tc_dump_action(struct sk_buff *skb, struct netlink_callback *cb)
1109 nla_nest_cancel(skb, nest); 1109 nla_nest_cancel(skb, nest);
1110 1110
1111 nlh->nlmsg_len = skb_tail_pointer(skb) - b; 1111 nlh->nlmsg_len = skb_tail_pointer(skb) - b;
1112 if (NETLINK_CB(cb->skb).pid && ret) 1112 if (NETLINK_CB(cb->skb).portid && ret)
1113 nlh->nlmsg_flags |= NLM_F_MULTI; 1113 nlh->nlmsg_flags |= NLM_F_MULTI;
1114 module_put(a_o->owner); 1114 module_put(a_o->owner);
1115 return skb->len; 1115 return skb->len;
diff --git a/net/sched/cls_api.c b/net/sched/cls_api.c
index dc3ef5aef355..7ae02892437c 100644
--- a/net/sched/cls_api.c
+++ b/net/sched/cls_api.c
@@ -343,13 +343,13 @@ errout:
343} 343}
344 344
345static int tcf_fill_node(struct sk_buff *skb, struct tcf_proto *tp, 345static int tcf_fill_node(struct sk_buff *skb, struct tcf_proto *tp,
346 unsigned long fh, u32 pid, u32 seq, u16 flags, int event) 346 unsigned long fh, u32 portid, u32 seq, u16 flags, int event)
347{ 347{
348 struct tcmsg *tcm; 348 struct tcmsg *tcm;
349 struct nlmsghdr *nlh; 349 struct nlmsghdr *nlh;
350 unsigned char *b = skb_tail_pointer(skb); 350 unsigned char *b = skb_tail_pointer(skb);
351 351
352 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*tcm), flags); 352 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*tcm), flags);
353 if (!nlh) 353 if (!nlh)
354 goto out_nlmsg_trim; 354 goto out_nlmsg_trim;
355 tcm = nlmsg_data(nlh); 355 tcm = nlmsg_data(nlh);
@@ -381,18 +381,18 @@ static int tfilter_notify(struct net *net, struct sk_buff *oskb,
381 unsigned long fh, int event) 381 unsigned long fh, int event)
382{ 382{
383 struct sk_buff *skb; 383 struct sk_buff *skb;
384 u32 pid = oskb ? NETLINK_CB(oskb).pid : 0; 384 u32 portid = oskb ? NETLINK_CB(oskb).portid : 0;
385 385
386 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 386 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
387 if (!skb) 387 if (!skb)
388 return -ENOBUFS; 388 return -ENOBUFS;
389 389
390 if (tcf_fill_node(skb, tp, fh, pid, n->nlmsg_seq, 0, event) <= 0) { 390 if (tcf_fill_node(skb, tp, fh, portid, n->nlmsg_seq, 0, event) <= 0) {
391 kfree_skb(skb); 391 kfree_skb(skb);
392 return -EINVAL; 392 return -EINVAL;
393 } 393 }
394 394
395 return rtnetlink_send(skb, net, pid, RTNLGRP_TC, 395 return rtnetlink_send(skb, net, portid, RTNLGRP_TC,
396 n->nlmsg_flags & NLM_F_ECHO); 396 n->nlmsg_flags & NLM_F_ECHO);
397} 397}
398 398
@@ -407,7 +407,7 @@ static int tcf_node_dump(struct tcf_proto *tp, unsigned long n,
407{ 407{
408 struct tcf_dump_args *a = (void *)arg; 408 struct tcf_dump_args *a = (void *)arg;
409 409
410 return tcf_fill_node(a->skb, tp, n, NETLINK_CB(a->cb->skb).pid, 410 return tcf_fill_node(a->skb, tp, n, NETLINK_CB(a->cb->skb).portid,
411 a->cb->nlh->nlmsg_seq, NLM_F_MULTI, RTM_NEWTFILTER); 411 a->cb->nlh->nlmsg_seq, NLM_F_MULTI, RTM_NEWTFILTER);
412} 412}
413 413
@@ -465,7 +465,7 @@ static int tc_dump_tfilter(struct sk_buff *skb, struct netlink_callback *cb)
465 if (t > s_t) 465 if (t > s_t)
466 memset(&cb->args[1], 0, sizeof(cb->args)-sizeof(cb->args[0])); 466 memset(&cb->args[1], 0, sizeof(cb->args)-sizeof(cb->args[0]));
467 if (cb->args[1] == 0) { 467 if (cb->args[1] == 0) {
468 if (tcf_fill_node(skb, tp, 0, NETLINK_CB(cb->skb).pid, 468 if (tcf_fill_node(skb, tp, 0, NETLINK_CB(cb->skb).portid,
469 cb->nlh->nlmsg_seq, NLM_F_MULTI, 469 cb->nlh->nlmsg_seq, NLM_F_MULTI,
470 RTM_NEWTFILTER) <= 0) 470 RTM_NEWTFILTER) <= 0)
471 break; 471 break;
diff --git a/net/sched/em_meta.c b/net/sched/em_meta.c
index 4ab6e3325573..7c3de6ffa516 100644
--- a/net/sched/em_meta.c
+++ b/net/sched/em_meta.c
@@ -461,7 +461,7 @@ META_COLLECTOR(int_sk_sndtimeo)
461META_COLLECTOR(int_sk_sendmsg_off) 461META_COLLECTOR(int_sk_sendmsg_off)
462{ 462{
463 SKIP_NONLOCAL(skb); 463 SKIP_NONLOCAL(skb);
464 dst->value = skb->sk->sk_sndmsg_off; 464 dst->value = skb->sk->sk_frag.offset;
465} 465}
466 466
467META_COLLECTOR(int_sk_write_pend) 467META_COLLECTOR(int_sk_write_pend)
diff --git a/net/sched/sch_api.c b/net/sched/sch_api.c
index a08b4ab3e421..a18d975db59c 100644
--- a/net/sched/sch_api.c
+++ b/net/sched/sch_api.c
@@ -1185,7 +1185,7 @@ graft:
1185} 1185}
1186 1186
1187static int tc_fill_qdisc(struct sk_buff *skb, struct Qdisc *q, u32 clid, 1187static int tc_fill_qdisc(struct sk_buff *skb, struct Qdisc *q, u32 clid,
1188 u32 pid, u32 seq, u16 flags, int event) 1188 u32 portid, u32 seq, u16 flags, int event)
1189{ 1189{
1190 struct tcmsg *tcm; 1190 struct tcmsg *tcm;
1191 struct nlmsghdr *nlh; 1191 struct nlmsghdr *nlh;
@@ -1193,7 +1193,7 @@ static int tc_fill_qdisc(struct sk_buff *skb, struct Qdisc *q, u32 clid,
1193 struct gnet_dump d; 1193 struct gnet_dump d;
1194 struct qdisc_size_table *stab; 1194 struct qdisc_size_table *stab;
1195 1195
1196 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*tcm), flags); 1196 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*tcm), flags);
1197 if (!nlh) 1197 if (!nlh)
1198 goto out_nlmsg_trim; 1198 goto out_nlmsg_trim;
1199 tcm = nlmsg_data(nlh); 1199 tcm = nlmsg_data(nlh);
@@ -1248,25 +1248,25 @@ static int qdisc_notify(struct net *net, struct sk_buff *oskb,
1248 struct Qdisc *old, struct Qdisc *new) 1248 struct Qdisc *old, struct Qdisc *new)
1249{ 1249{
1250 struct sk_buff *skb; 1250 struct sk_buff *skb;
1251 u32 pid = oskb ? NETLINK_CB(oskb).pid : 0; 1251 u32 portid = oskb ? NETLINK_CB(oskb).portid : 0;
1252 1252
1253 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 1253 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
1254 if (!skb) 1254 if (!skb)
1255 return -ENOBUFS; 1255 return -ENOBUFS;
1256 1256
1257 if (old && !tc_qdisc_dump_ignore(old)) { 1257 if (old && !tc_qdisc_dump_ignore(old)) {
1258 if (tc_fill_qdisc(skb, old, clid, pid, n->nlmsg_seq, 1258 if (tc_fill_qdisc(skb, old, clid, portid, n->nlmsg_seq,
1259 0, RTM_DELQDISC) < 0) 1259 0, RTM_DELQDISC) < 0)
1260 goto err_out; 1260 goto err_out;
1261 } 1261 }
1262 if (new && !tc_qdisc_dump_ignore(new)) { 1262 if (new && !tc_qdisc_dump_ignore(new)) {
1263 if (tc_fill_qdisc(skb, new, clid, pid, n->nlmsg_seq, 1263 if (tc_fill_qdisc(skb, new, clid, portid, n->nlmsg_seq,
1264 old ? NLM_F_REPLACE : 0, RTM_NEWQDISC) < 0) 1264 old ? NLM_F_REPLACE : 0, RTM_NEWQDISC) < 0)
1265 goto err_out; 1265 goto err_out;
1266 } 1266 }
1267 1267
1268 if (skb->len) 1268 if (skb->len)
1269 return rtnetlink_send(skb, net, pid, RTNLGRP_TC, 1269 return rtnetlink_send(skb, net, portid, RTNLGRP_TC,
1270 n->nlmsg_flags & NLM_F_ECHO); 1270 n->nlmsg_flags & NLM_F_ECHO);
1271 1271
1272err_out: 1272err_out:
@@ -1289,7 +1289,7 @@ static int tc_dump_qdisc_root(struct Qdisc *root, struct sk_buff *skb,
1289 q_idx++; 1289 q_idx++;
1290 } else { 1290 } else {
1291 if (!tc_qdisc_dump_ignore(q) && 1291 if (!tc_qdisc_dump_ignore(q) &&
1292 tc_fill_qdisc(skb, q, q->parent, NETLINK_CB(cb->skb).pid, 1292 tc_fill_qdisc(skb, q, q->parent, NETLINK_CB(cb->skb).portid,
1293 cb->nlh->nlmsg_seq, NLM_F_MULTI, RTM_NEWQDISC) <= 0) 1293 cb->nlh->nlmsg_seq, NLM_F_MULTI, RTM_NEWQDISC) <= 0)
1294 goto done; 1294 goto done;
1295 q_idx++; 1295 q_idx++;
@@ -1300,7 +1300,7 @@ static int tc_dump_qdisc_root(struct Qdisc *root, struct sk_buff *skb,
1300 continue; 1300 continue;
1301 } 1301 }
1302 if (!tc_qdisc_dump_ignore(q) && 1302 if (!tc_qdisc_dump_ignore(q) &&
1303 tc_fill_qdisc(skb, q, q->parent, NETLINK_CB(cb->skb).pid, 1303 tc_fill_qdisc(skb, q, q->parent, NETLINK_CB(cb->skb).portid,
1304 cb->nlh->nlmsg_seq, NLM_F_MULTI, RTM_NEWQDISC) <= 0) 1304 cb->nlh->nlmsg_seq, NLM_F_MULTI, RTM_NEWQDISC) <= 0)
1305 goto done; 1305 goto done;
1306 q_idx++; 1306 q_idx++;
@@ -1375,7 +1375,7 @@ static int tc_ctl_tclass(struct sk_buff *skb, struct nlmsghdr *n, void *arg)
1375 const struct Qdisc_class_ops *cops; 1375 const struct Qdisc_class_ops *cops;
1376 unsigned long cl = 0; 1376 unsigned long cl = 0;
1377 unsigned long new_cl; 1377 unsigned long new_cl;
1378 u32 pid = tcm->tcm_parent; 1378 u32 portid = tcm->tcm_parent;
1379 u32 clid = tcm->tcm_handle; 1379 u32 clid = tcm->tcm_handle;
1380 u32 qid = TC_H_MAJ(clid); 1380 u32 qid = TC_H_MAJ(clid);
1381 int err; 1381 int err;
@@ -1403,8 +1403,8 @@ static int tc_ctl_tclass(struct sk_buff *skb, struct nlmsghdr *n, void *arg)
1403 1403
1404 /* Step 1. Determine qdisc handle X:0 */ 1404 /* Step 1. Determine qdisc handle X:0 */
1405 1405
1406 if (pid != TC_H_ROOT) { 1406 if (portid != TC_H_ROOT) {
1407 u32 qid1 = TC_H_MAJ(pid); 1407 u32 qid1 = TC_H_MAJ(portid);
1408 1408
1409 if (qid && qid1) { 1409 if (qid && qid1) {
1410 /* If both majors are known, they must be identical. */ 1410 /* If both majors are known, they must be identical. */
@@ -1418,10 +1418,10 @@ static int tc_ctl_tclass(struct sk_buff *skb, struct nlmsghdr *n, void *arg)
1418 /* Now qid is genuine qdisc handle consistent 1418 /* Now qid is genuine qdisc handle consistent
1419 * both with parent and child. 1419 * both with parent and child.
1420 * 1420 *
1421 * TC_H_MAJ(pid) still may be unspecified, complete it now. 1421 * TC_H_MAJ(portid) still may be unspecified, complete it now.
1422 */ 1422 */
1423 if (pid) 1423 if (portid)
1424 pid = TC_H_MAKE(qid, pid); 1424 portid = TC_H_MAKE(qid, portid);
1425 } else { 1425 } else {
1426 if (qid == 0) 1426 if (qid == 0)
1427 qid = dev->qdisc->handle; 1427 qid = dev->qdisc->handle;
@@ -1439,7 +1439,7 @@ static int tc_ctl_tclass(struct sk_buff *skb, struct nlmsghdr *n, void *arg)
1439 1439
1440 /* Now try to get class */ 1440 /* Now try to get class */
1441 if (clid == 0) { 1441 if (clid == 0) {
1442 if (pid == TC_H_ROOT) 1442 if (portid == TC_H_ROOT)
1443 clid = qid; 1443 clid = qid;
1444 } else 1444 } else
1445 clid = TC_H_MAKE(qid, clid); 1445 clid = TC_H_MAKE(qid, clid);
@@ -1478,7 +1478,7 @@ static int tc_ctl_tclass(struct sk_buff *skb, struct nlmsghdr *n, void *arg)
1478 new_cl = cl; 1478 new_cl = cl;
1479 err = -EOPNOTSUPP; 1479 err = -EOPNOTSUPP;
1480 if (cops->change) 1480 if (cops->change)
1481 err = cops->change(q, clid, pid, tca, &new_cl); 1481 err = cops->change(q, clid, portid, tca, &new_cl);
1482 if (err == 0) 1482 if (err == 0)
1483 tclass_notify(net, skb, n, q, new_cl, RTM_NEWTCLASS); 1483 tclass_notify(net, skb, n, q, new_cl, RTM_NEWTCLASS);
1484 1484
@@ -1492,7 +1492,7 @@ out:
1492 1492
1493static int tc_fill_tclass(struct sk_buff *skb, struct Qdisc *q, 1493static int tc_fill_tclass(struct sk_buff *skb, struct Qdisc *q,
1494 unsigned long cl, 1494 unsigned long cl,
1495 u32 pid, u32 seq, u16 flags, int event) 1495 u32 portid, u32 seq, u16 flags, int event)
1496{ 1496{
1497 struct tcmsg *tcm; 1497 struct tcmsg *tcm;
1498 struct nlmsghdr *nlh; 1498 struct nlmsghdr *nlh;
@@ -1500,7 +1500,7 @@ static int tc_fill_tclass(struct sk_buff *skb, struct Qdisc *q,
1500 struct gnet_dump d; 1500 struct gnet_dump d;
1501 const struct Qdisc_class_ops *cl_ops = q->ops->cl_ops; 1501 const struct Qdisc_class_ops *cl_ops = q->ops->cl_ops;
1502 1502
1503 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*tcm), flags); 1503 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*tcm), flags);
1504 if (!nlh) 1504 if (!nlh)
1505 goto out_nlmsg_trim; 1505 goto out_nlmsg_trim;
1506 tcm = nlmsg_data(nlh); 1506 tcm = nlmsg_data(nlh);
@@ -1540,18 +1540,18 @@ static int tclass_notify(struct net *net, struct sk_buff *oskb,
1540 unsigned long cl, int event) 1540 unsigned long cl, int event)
1541{ 1541{
1542 struct sk_buff *skb; 1542 struct sk_buff *skb;
1543 u32 pid = oskb ? NETLINK_CB(oskb).pid : 0; 1543 u32 portid = oskb ? NETLINK_CB(oskb).portid : 0;
1544 1544
1545 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 1545 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
1546 if (!skb) 1546 if (!skb)
1547 return -ENOBUFS; 1547 return -ENOBUFS;
1548 1548
1549 if (tc_fill_tclass(skb, q, cl, pid, n->nlmsg_seq, 0, event) < 0) { 1549 if (tc_fill_tclass(skb, q, cl, portid, n->nlmsg_seq, 0, event) < 0) {
1550 kfree_skb(skb); 1550 kfree_skb(skb);
1551 return -EINVAL; 1551 return -EINVAL;
1552 } 1552 }
1553 1553
1554 return rtnetlink_send(skb, net, pid, RTNLGRP_TC, 1554 return rtnetlink_send(skb, net, portid, RTNLGRP_TC,
1555 n->nlmsg_flags & NLM_F_ECHO); 1555 n->nlmsg_flags & NLM_F_ECHO);
1556} 1556}
1557 1557
@@ -1565,7 +1565,7 @@ static int qdisc_class_dump(struct Qdisc *q, unsigned long cl, struct qdisc_walk
1565{ 1565{
1566 struct qdisc_dump_args *a = (struct qdisc_dump_args *)arg; 1566 struct qdisc_dump_args *a = (struct qdisc_dump_args *)arg;
1567 1567
1568 return tc_fill_tclass(a->skb, q, cl, NETLINK_CB(a->cb->skb).pid, 1568 return tc_fill_tclass(a->skb, q, cl, NETLINK_CB(a->cb->skb).portid,
1569 a->cb->nlh->nlmsg_seq, NLM_F_MULTI, RTM_NEWTCLASS); 1569 a->cb->nlh->nlmsg_seq, NLM_F_MULTI, RTM_NEWTCLASS);
1570} 1570}
1571 1571
diff --git a/net/sched/sch_drr.c b/net/sched/sch_drr.c
index 9ce0b4fe23ff..71e50c80315f 100644
--- a/net/sched/sch_drr.c
+++ b/net/sched/sch_drr.c
@@ -352,7 +352,7 @@ static int drr_enqueue(struct sk_buff *skb, struct Qdisc *sch)
352{ 352{
353 struct drr_sched *q = qdisc_priv(sch); 353 struct drr_sched *q = qdisc_priv(sch);
354 struct drr_class *cl; 354 struct drr_class *cl;
355 int err; 355 int err = 0;
356 356
357 cl = drr_classify(skb, sch, &err); 357 cl = drr_classify(skb, sch, &err);
358 if (cl == NULL) { 358 if (cl == NULL) {
diff --git a/net/sched/sch_generic.c b/net/sched/sch_generic.c
index 511323e89cec..aefc1504dc88 100644
--- a/net/sched/sch_generic.c
+++ b/net/sched/sch_generic.c
@@ -324,24 +324,6 @@ void netif_carrier_off(struct net_device *dev)
324} 324}
325EXPORT_SYMBOL(netif_carrier_off); 325EXPORT_SYMBOL(netif_carrier_off);
326 326
327/**
328 * netif_notify_peers - notify network peers about existence of @dev
329 * @dev: network device
330 *
331 * Generate traffic such that interested network peers are aware of
332 * @dev, such as by generating a gratuitous ARP. This may be used when
333 * a device wants to inform the rest of the network about some sort of
334 * reconfiguration such as a failover event or virtual machine
335 * migration.
336 */
337void netif_notify_peers(struct net_device *dev)
338{
339 rtnl_lock();
340 call_netdevice_notifiers(NETDEV_NOTIFY_PEERS, dev);
341 rtnl_unlock();
342}
343EXPORT_SYMBOL(netif_notify_peers);
344
345/* "NOOP" scheduler: the best scheduler, recommended for all interfaces 327/* "NOOP" scheduler: the best scheduler, recommended for all interfaces
346 under all circumstances. It is difficult to invent anything faster or 328 under all circumstances. It is difficult to invent anything faster or
347 cheaper. 329 cheaper.
@@ -545,6 +527,8 @@ struct Qdisc_ops pfifo_fast_ops __read_mostly = {
545}; 527};
546EXPORT_SYMBOL(pfifo_fast_ops); 528EXPORT_SYMBOL(pfifo_fast_ops);
547 529
530static struct lock_class_key qdisc_tx_busylock;
531
548struct Qdisc *qdisc_alloc(struct netdev_queue *dev_queue, 532struct Qdisc *qdisc_alloc(struct netdev_queue *dev_queue,
549 struct Qdisc_ops *ops) 533 struct Qdisc_ops *ops)
550{ 534{
@@ -552,6 +536,7 @@ struct Qdisc *qdisc_alloc(struct netdev_queue *dev_queue,
552 struct Qdisc *sch; 536 struct Qdisc *sch;
553 unsigned int size = QDISC_ALIGN(sizeof(*sch)) + ops->priv_size; 537 unsigned int size = QDISC_ALIGN(sizeof(*sch)) + ops->priv_size;
554 int err = -ENOBUFS; 538 int err = -ENOBUFS;
539 struct net_device *dev = dev_queue->dev;
555 540
556 p = kzalloc_node(size, GFP_KERNEL, 541 p = kzalloc_node(size, GFP_KERNEL,
557 netdev_queue_numa_node_read(dev_queue)); 542 netdev_queue_numa_node_read(dev_queue));
@@ -571,12 +556,16 @@ struct Qdisc *qdisc_alloc(struct netdev_queue *dev_queue,
571 } 556 }
572 INIT_LIST_HEAD(&sch->list); 557 INIT_LIST_HEAD(&sch->list);
573 skb_queue_head_init(&sch->q); 558 skb_queue_head_init(&sch->q);
559
574 spin_lock_init(&sch->busylock); 560 spin_lock_init(&sch->busylock);
561 lockdep_set_class(&sch->busylock,
562 dev->qdisc_tx_busylock ?: &qdisc_tx_busylock);
563
575 sch->ops = ops; 564 sch->ops = ops;
576 sch->enqueue = ops->enqueue; 565 sch->enqueue = ops->enqueue;
577 sch->dequeue = ops->dequeue; 566 sch->dequeue = ops->dequeue;
578 sch->dev_queue = dev_queue; 567 sch->dev_queue = dev_queue;
579 dev_hold(qdisc_dev(sch)); 568 dev_hold(dev);
580 atomic_set(&sch->refcnt, 1); 569 atomic_set(&sch->refcnt, 1);
581 570
582 return sch; 571 return sch;
diff --git a/net/sched/sch_qfq.c b/net/sched/sch_qfq.c
index 211a21217045..f0dd83cff906 100644
--- a/net/sched/sch_qfq.c
+++ b/net/sched/sch_qfq.c
@@ -881,7 +881,7 @@ static int qfq_enqueue(struct sk_buff *skb, struct Qdisc *sch)
881{ 881{
882 struct qfq_sched *q = qdisc_priv(sch); 882 struct qfq_sched *q = qdisc_priv(sch);
883 struct qfq_class *cl; 883 struct qfq_class *cl;
884 int err; 884 int err = 0;
885 885
886 cl = qfq_classify(skb, sch, &err); 886 cl = qfq_classify(skb, sch, &err);
887 if (cl == NULL) { 887 if (cl == NULL) {
diff --git a/net/sctp/associola.c b/net/sctp/associola.c
index ebaef3ed6065..b1ef3bc301a5 100644
--- a/net/sctp/associola.c
+++ b/net/sctp/associola.c
@@ -82,6 +82,7 @@ static struct sctp_association *sctp_association_init(struct sctp_association *a
82 sctp_scope_t scope, 82 sctp_scope_t scope,
83 gfp_t gfp) 83 gfp_t gfp)
84{ 84{
85 struct net *net = sock_net(sk);
85 struct sctp_sock *sp; 86 struct sctp_sock *sp;
86 int i; 87 int i;
87 sctp_paramhdr_t *p; 88 sctp_paramhdr_t *p;
@@ -124,7 +125,7 @@ static struct sctp_association *sctp_association_init(struct sctp_association *a
124 * socket values. 125 * socket values.
125 */ 126 */
126 asoc->max_retrans = sp->assocparams.sasoc_asocmaxrxt; 127 asoc->max_retrans = sp->assocparams.sasoc_asocmaxrxt;
127 asoc->pf_retrans = sctp_pf_retrans; 128 asoc->pf_retrans = net->sctp.pf_retrans;
128 129
129 asoc->rto_initial = msecs_to_jiffies(sp->rtoinfo.srto_initial); 130 asoc->rto_initial = msecs_to_jiffies(sp->rtoinfo.srto_initial);
130 asoc->rto_max = msecs_to_jiffies(sp->rtoinfo.srto_max); 131 asoc->rto_max = msecs_to_jiffies(sp->rtoinfo.srto_max);
@@ -175,7 +176,7 @@ static struct sctp_association *sctp_association_init(struct sctp_association *a
175 asoc->timeouts[SCTP_EVENT_TIMEOUT_HEARTBEAT] = 0; 176 asoc->timeouts[SCTP_EVENT_TIMEOUT_HEARTBEAT] = 0;
176 asoc->timeouts[SCTP_EVENT_TIMEOUT_SACK] = asoc->sackdelay; 177 asoc->timeouts[SCTP_EVENT_TIMEOUT_SACK] = asoc->sackdelay;
177 asoc->timeouts[SCTP_EVENT_TIMEOUT_AUTOCLOSE] = 178 asoc->timeouts[SCTP_EVENT_TIMEOUT_AUTOCLOSE] =
178 min_t(unsigned long, sp->autoclose, sctp_max_autoclose) * HZ; 179 min_t(unsigned long, sp->autoclose, net->sctp.max_autoclose) * HZ;
179 180
180 /* Initializes the timers */ 181 /* Initializes the timers */
181 for (i = SCTP_EVENT_TIMEOUT_NONE; i < SCTP_NUM_TIMEOUT_TYPES; ++i) 182 for (i = SCTP_EVENT_TIMEOUT_NONE; i < SCTP_NUM_TIMEOUT_TYPES; ++i)
@@ -281,7 +282,7 @@ static struct sctp_association *sctp_association_init(struct sctp_association *a
281 * and will revert old behavior. 282 * and will revert old behavior.
282 */ 283 */
283 asoc->peer.asconf_capable = 0; 284 asoc->peer.asconf_capable = 0;
284 if (sctp_addip_noauth) 285 if (net->sctp.addip_noauth)
285 asoc->peer.asconf_capable = 1; 286 asoc->peer.asconf_capable = 1;
286 asoc->asconf_addr_del_pending = NULL; 287 asoc->asconf_addr_del_pending = NULL;
287 asoc->src_out_of_asoc_ok = 0; 288 asoc->src_out_of_asoc_ok = 0;
@@ -641,6 +642,7 @@ struct sctp_transport *sctp_assoc_add_peer(struct sctp_association *asoc,
641 const gfp_t gfp, 642 const gfp_t gfp,
642 const int peer_state) 643 const int peer_state)
643{ 644{
645 struct net *net = sock_net(asoc->base.sk);
644 struct sctp_transport *peer; 646 struct sctp_transport *peer;
645 struct sctp_sock *sp; 647 struct sctp_sock *sp;
646 unsigned short port; 648 unsigned short port;
@@ -674,7 +676,7 @@ struct sctp_transport *sctp_assoc_add_peer(struct sctp_association *asoc,
674 return peer; 676 return peer;
675 } 677 }
676 678
677 peer = sctp_transport_new(addr, gfp); 679 peer = sctp_transport_new(net, addr, gfp);
678 if (!peer) 680 if (!peer)
679 return NULL; 681 return NULL;
680 682
@@ -1089,13 +1091,15 @@ out:
1089 1091
1090/* Is this the association we are looking for? */ 1092/* Is this the association we are looking for? */
1091struct sctp_transport *sctp_assoc_is_match(struct sctp_association *asoc, 1093struct sctp_transport *sctp_assoc_is_match(struct sctp_association *asoc,
1094 struct net *net,
1092 const union sctp_addr *laddr, 1095 const union sctp_addr *laddr,
1093 const union sctp_addr *paddr) 1096 const union sctp_addr *paddr)
1094{ 1097{
1095 struct sctp_transport *transport; 1098 struct sctp_transport *transport;
1096 1099
1097 if ((htons(asoc->base.bind_addr.port) == laddr->v4.sin_port) && 1100 if ((htons(asoc->base.bind_addr.port) == laddr->v4.sin_port) &&
1098 (htons(asoc->peer.port) == paddr->v4.sin_port)) { 1101 (htons(asoc->peer.port) == paddr->v4.sin_port) &&
1102 net_eq(sock_net(asoc->base.sk), net)) {
1099 transport = sctp_assoc_lookup_paddr(asoc, paddr); 1103 transport = sctp_assoc_lookup_paddr(asoc, paddr);
1100 if (!transport) 1104 if (!transport)
1101 goto out; 1105 goto out;
@@ -1116,6 +1120,7 @@ static void sctp_assoc_bh_rcv(struct work_struct *work)
1116 struct sctp_association *asoc = 1120 struct sctp_association *asoc =
1117 container_of(work, struct sctp_association, 1121 container_of(work, struct sctp_association,
1118 base.inqueue.immediate); 1122 base.inqueue.immediate);
1123 struct net *net = sock_net(asoc->base.sk);
1119 struct sctp_endpoint *ep; 1124 struct sctp_endpoint *ep;
1120 struct sctp_chunk *chunk; 1125 struct sctp_chunk *chunk;
1121 struct sctp_inq *inqueue; 1126 struct sctp_inq *inqueue;
@@ -1148,13 +1153,13 @@ static void sctp_assoc_bh_rcv(struct work_struct *work)
1148 if (sctp_chunk_is_data(chunk)) 1153 if (sctp_chunk_is_data(chunk))
1149 asoc->peer.last_data_from = chunk->transport; 1154 asoc->peer.last_data_from = chunk->transport;
1150 else 1155 else
1151 SCTP_INC_STATS(SCTP_MIB_INCTRLCHUNKS); 1156 SCTP_INC_STATS(net, SCTP_MIB_INCTRLCHUNKS);
1152 1157
1153 if (chunk->transport) 1158 if (chunk->transport)
1154 chunk->transport->last_time_heard = jiffies; 1159 chunk->transport->last_time_heard = jiffies;
1155 1160
1156 /* Run through the state machine. */ 1161 /* Run through the state machine. */
1157 error = sctp_do_sm(SCTP_EVENT_T_CHUNK, subtype, 1162 error = sctp_do_sm(net, SCTP_EVENT_T_CHUNK, subtype,
1158 state, ep, asoc, chunk, GFP_ATOMIC); 1163 state, ep, asoc, chunk, GFP_ATOMIC);
1159 1164
1160 /* Check to see if the association is freed in response to 1165 /* Check to see if the association is freed in response to
@@ -1414,6 +1419,7 @@ void sctp_assoc_sync_pmtu(struct sock *sk, struct sctp_association *asoc)
1414/* Should we send a SACK to update our peer? */ 1419/* Should we send a SACK to update our peer? */
1415static inline int sctp_peer_needs_update(struct sctp_association *asoc) 1420static inline int sctp_peer_needs_update(struct sctp_association *asoc)
1416{ 1421{
1422 struct net *net = sock_net(asoc->base.sk);
1417 switch (asoc->state) { 1423 switch (asoc->state) {
1418 case SCTP_STATE_ESTABLISHED: 1424 case SCTP_STATE_ESTABLISHED:
1419 case SCTP_STATE_SHUTDOWN_PENDING: 1425 case SCTP_STATE_SHUTDOWN_PENDING:
@@ -1421,7 +1427,7 @@ static inline int sctp_peer_needs_update(struct sctp_association *asoc)
1421 case SCTP_STATE_SHUTDOWN_SENT: 1427 case SCTP_STATE_SHUTDOWN_SENT:
1422 if ((asoc->rwnd > asoc->a_rwnd) && 1428 if ((asoc->rwnd > asoc->a_rwnd) &&
1423 ((asoc->rwnd - asoc->a_rwnd) >= max_t(__u32, 1429 ((asoc->rwnd - asoc->a_rwnd) >= max_t(__u32,
1424 (asoc->base.sk->sk_rcvbuf >> sctp_rwnd_upd_shift), 1430 (asoc->base.sk->sk_rcvbuf >> net->sctp.rwnd_upd_shift),
1425 asoc->pathmtu))) 1431 asoc->pathmtu)))
1426 return 1; 1432 return 1;
1427 break; 1433 break;
@@ -1542,7 +1548,8 @@ int sctp_assoc_set_bind_addr_from_ep(struct sctp_association *asoc,
1542 if (asoc->peer.ipv6_address) 1548 if (asoc->peer.ipv6_address)
1543 flags |= SCTP_ADDR6_PEERSUPP; 1549 flags |= SCTP_ADDR6_PEERSUPP;
1544 1550
1545 return sctp_bind_addr_copy(&asoc->base.bind_addr, 1551 return sctp_bind_addr_copy(sock_net(asoc->base.sk),
1552 &asoc->base.bind_addr,
1546 &asoc->ep->base.bind_addr, 1553 &asoc->ep->base.bind_addr,
1547 scope, gfp, flags); 1554 scope, gfp, flags);
1548} 1555}
diff --git a/net/sctp/auth.c b/net/sctp/auth.c
index bf812048cf6f..159b9bc5d633 100644
--- a/net/sctp/auth.c
+++ b/net/sctp/auth.c
@@ -392,13 +392,14 @@ nomem:
392 */ 392 */
393int sctp_auth_asoc_init_active_key(struct sctp_association *asoc, gfp_t gfp) 393int sctp_auth_asoc_init_active_key(struct sctp_association *asoc, gfp_t gfp)
394{ 394{
395 struct net *net = sock_net(asoc->base.sk);
395 struct sctp_auth_bytes *secret; 396 struct sctp_auth_bytes *secret;
396 struct sctp_shared_key *ep_key; 397 struct sctp_shared_key *ep_key;
397 398
398 /* If we don't support AUTH, or peer is not capable 399 /* If we don't support AUTH, or peer is not capable
399 * we don't need to do anything. 400 * we don't need to do anything.
400 */ 401 */
401 if (!sctp_auth_enable || !asoc->peer.auth_capable) 402 if (!net->sctp.auth_enable || !asoc->peer.auth_capable)
402 return 0; 403 return 0;
403 404
404 /* If the key_id is non-zero and we couldn't find an 405 /* If the key_id is non-zero and we couldn't find an
@@ -445,11 +446,12 @@ struct sctp_shared_key *sctp_auth_get_shkey(
445 */ 446 */
446int sctp_auth_init_hmacs(struct sctp_endpoint *ep, gfp_t gfp) 447int sctp_auth_init_hmacs(struct sctp_endpoint *ep, gfp_t gfp)
447{ 448{
449 struct net *net = sock_net(ep->base.sk);
448 struct crypto_hash *tfm = NULL; 450 struct crypto_hash *tfm = NULL;
449 __u16 id; 451 __u16 id;
450 452
451 /* if the transforms are already allocted, we are done */ 453 /* if the transforms are already allocted, we are done */
452 if (!sctp_auth_enable) { 454 if (!net->sctp.auth_enable) {
453 ep->auth_hmacs = NULL; 455 ep->auth_hmacs = NULL;
454 return 0; 456 return 0;
455 } 457 }
@@ -674,7 +676,12 @@ static int __sctp_auth_cid(sctp_cid_t chunk, struct sctp_chunks_param *param)
674/* Check if peer requested that this chunk is authenticated */ 676/* Check if peer requested that this chunk is authenticated */
675int sctp_auth_send_cid(sctp_cid_t chunk, const struct sctp_association *asoc) 677int sctp_auth_send_cid(sctp_cid_t chunk, const struct sctp_association *asoc)
676{ 678{
677 if (!sctp_auth_enable || !asoc || !asoc->peer.auth_capable) 679 struct net *net;
680 if (!asoc)
681 return 0;
682
683 net = sock_net(asoc->base.sk);
684 if (!net->sctp.auth_enable || !asoc->peer.auth_capable)
678 return 0; 685 return 0;
679 686
680 return __sctp_auth_cid(chunk, asoc->peer.peer_chunks); 687 return __sctp_auth_cid(chunk, asoc->peer.peer_chunks);
@@ -683,7 +690,12 @@ int sctp_auth_send_cid(sctp_cid_t chunk, const struct sctp_association *asoc)
683/* Check if we requested that peer authenticate this chunk. */ 690/* Check if we requested that peer authenticate this chunk. */
684int sctp_auth_recv_cid(sctp_cid_t chunk, const struct sctp_association *asoc) 691int sctp_auth_recv_cid(sctp_cid_t chunk, const struct sctp_association *asoc)
685{ 692{
686 if (!sctp_auth_enable || !asoc) 693 struct net *net;
694 if (!asoc)
695 return 0;
696
697 net = sock_net(asoc->base.sk);
698 if (!net->sctp.auth_enable)
687 return 0; 699 return 0;
688 700
689 return __sctp_auth_cid(chunk, 701 return __sctp_auth_cid(chunk,
diff --git a/net/sctp/bind_addr.c b/net/sctp/bind_addr.c
index 4ece451c8d27..d886b3bf84f5 100644
--- a/net/sctp/bind_addr.c
+++ b/net/sctp/bind_addr.c
@@ -52,8 +52,8 @@
52#include <net/sctp/sm.h> 52#include <net/sctp/sm.h>
53 53
54/* Forward declarations for internal helpers. */ 54/* Forward declarations for internal helpers. */
55static int sctp_copy_one_addr(struct sctp_bind_addr *, union sctp_addr *, 55static int sctp_copy_one_addr(struct net *, struct sctp_bind_addr *,
56 sctp_scope_t scope, gfp_t gfp, 56 union sctp_addr *, sctp_scope_t scope, gfp_t gfp,
57 int flags); 57 int flags);
58static void sctp_bind_addr_clean(struct sctp_bind_addr *); 58static void sctp_bind_addr_clean(struct sctp_bind_addr *);
59 59
@@ -62,7 +62,7 @@ static void sctp_bind_addr_clean(struct sctp_bind_addr *);
62/* Copy 'src' to 'dest' taking 'scope' into account. Omit addresses 62/* Copy 'src' to 'dest' taking 'scope' into account. Omit addresses
63 * in 'src' which have a broader scope than 'scope'. 63 * in 'src' which have a broader scope than 'scope'.
64 */ 64 */
65int sctp_bind_addr_copy(struct sctp_bind_addr *dest, 65int sctp_bind_addr_copy(struct net *net, struct sctp_bind_addr *dest,
66 const struct sctp_bind_addr *src, 66 const struct sctp_bind_addr *src,
67 sctp_scope_t scope, gfp_t gfp, 67 sctp_scope_t scope, gfp_t gfp,
68 int flags) 68 int flags)
@@ -75,7 +75,7 @@ int sctp_bind_addr_copy(struct sctp_bind_addr *dest,
75 75
76 /* Extract the addresses which are relevant for this scope. */ 76 /* Extract the addresses which are relevant for this scope. */
77 list_for_each_entry(addr, &src->address_list, list) { 77 list_for_each_entry(addr, &src->address_list, list) {
78 error = sctp_copy_one_addr(dest, &addr->a, scope, 78 error = sctp_copy_one_addr(net, dest, &addr->a, scope,
79 gfp, flags); 79 gfp, flags);
80 if (error < 0) 80 if (error < 0)
81 goto out; 81 goto out;
@@ -87,7 +87,7 @@ int sctp_bind_addr_copy(struct sctp_bind_addr *dest,
87 */ 87 */
88 if (list_empty(&dest->address_list) && (SCTP_SCOPE_GLOBAL == scope)) { 88 if (list_empty(&dest->address_list) && (SCTP_SCOPE_GLOBAL == scope)) {
89 list_for_each_entry(addr, &src->address_list, list) { 89 list_for_each_entry(addr, &src->address_list, list) {
90 error = sctp_copy_one_addr(dest, &addr->a, 90 error = sctp_copy_one_addr(net, dest, &addr->a,
91 SCTP_SCOPE_LINK, gfp, 91 SCTP_SCOPE_LINK, gfp,
92 flags); 92 flags);
93 if (error < 0) 93 if (error < 0)
@@ -448,7 +448,7 @@ union sctp_addr *sctp_find_unmatch_addr(struct sctp_bind_addr *bp,
448} 448}
449 449
450/* Copy out addresses from the global local address list. */ 450/* Copy out addresses from the global local address list. */
451static int sctp_copy_one_addr(struct sctp_bind_addr *dest, 451static int sctp_copy_one_addr(struct net *net, struct sctp_bind_addr *dest,
452 union sctp_addr *addr, 452 union sctp_addr *addr,
453 sctp_scope_t scope, gfp_t gfp, 453 sctp_scope_t scope, gfp_t gfp,
454 int flags) 454 int flags)
@@ -456,8 +456,8 @@ static int sctp_copy_one_addr(struct sctp_bind_addr *dest,
456 int error = 0; 456 int error = 0;
457 457
458 if (sctp_is_any(NULL, addr)) { 458 if (sctp_is_any(NULL, addr)) {
459 error = sctp_copy_local_addr_list(dest, scope, gfp, flags); 459 error = sctp_copy_local_addr_list(net, dest, scope, gfp, flags);
460 } else if (sctp_in_scope(addr, scope)) { 460 } else if (sctp_in_scope(net, addr, scope)) {
461 /* Now that the address is in scope, check to see if 461 /* Now that the address is in scope, check to see if
462 * the address type is supported by local sock as 462 * the address type is supported by local sock as
463 * well as the remote peer. 463 * well as the remote peer.
@@ -494,7 +494,7 @@ int sctp_is_any(struct sock *sk, const union sctp_addr *addr)
494} 494}
495 495
496/* Is 'addr' valid for 'scope'? */ 496/* Is 'addr' valid for 'scope'? */
497int sctp_in_scope(const union sctp_addr *addr, sctp_scope_t scope) 497int sctp_in_scope(struct net *net, const union sctp_addr *addr, sctp_scope_t scope)
498{ 498{
499 sctp_scope_t addr_scope = sctp_scope(addr); 499 sctp_scope_t addr_scope = sctp_scope(addr);
500 500
@@ -512,7 +512,7 @@ int sctp_in_scope(const union sctp_addr *addr, sctp_scope_t scope)
512 * Address scoping can be selectively controlled via sysctl 512 * Address scoping can be selectively controlled via sysctl
513 * option 513 * option
514 */ 514 */
515 switch (sctp_scope_policy) { 515 switch (net->sctp.scope_policy) {
516 case SCTP_SCOPE_POLICY_DISABLE: 516 case SCTP_SCOPE_POLICY_DISABLE:
517 return 1; 517 return 1;
518 case SCTP_SCOPE_POLICY_ENABLE: 518 case SCTP_SCOPE_POLICY_ENABLE:
diff --git a/net/sctp/chunk.c b/net/sctp/chunk.c
index 6c8556459a75..7c2df9c33df3 100644
--- a/net/sctp/chunk.c
+++ b/net/sctp/chunk.c
@@ -257,7 +257,7 @@ struct sctp_datamsg *sctp_datamsg_from_user(struct sctp_association *asoc,
257 offset = 0; 257 offset = 0;
258 258
259 if ((whole > 1) || (whole && over)) 259 if ((whole > 1) || (whole && over))
260 SCTP_INC_STATS_USER(SCTP_MIB_FRAGUSRMSGS); 260 SCTP_INC_STATS_USER(sock_net(asoc->base.sk), SCTP_MIB_FRAGUSRMSGS);
261 261
262 /* Create chunks for all the full sized DATA chunks. */ 262 /* Create chunks for all the full sized DATA chunks. */
263 for (i=0, len=first_len; i < whole; i++) { 263 for (i=0, len=first_len; i < whole; i++) {
diff --git a/net/sctp/endpointola.c b/net/sctp/endpointola.c
index 68a385d7c3bd..1859e2bc83d1 100644
--- a/net/sctp/endpointola.c
+++ b/net/sctp/endpointola.c
@@ -65,6 +65,7 @@ static struct sctp_endpoint *sctp_endpoint_init(struct sctp_endpoint *ep,
65 struct sock *sk, 65 struct sock *sk,
66 gfp_t gfp) 66 gfp_t gfp)
67{ 67{
68 struct net *net = sock_net(sk);
68 struct sctp_hmac_algo_param *auth_hmacs = NULL; 69 struct sctp_hmac_algo_param *auth_hmacs = NULL;
69 struct sctp_chunks_param *auth_chunks = NULL; 70 struct sctp_chunks_param *auth_chunks = NULL;
70 struct sctp_shared_key *null_key; 71 struct sctp_shared_key *null_key;
@@ -74,7 +75,7 @@ static struct sctp_endpoint *sctp_endpoint_init(struct sctp_endpoint *ep,
74 if (!ep->digest) 75 if (!ep->digest)
75 return NULL; 76 return NULL;
76 77
77 if (sctp_auth_enable) { 78 if (net->sctp.auth_enable) {
78 /* Allocate space for HMACS and CHUNKS authentication 79 /* Allocate space for HMACS and CHUNKS authentication
79 * variables. There are arrays that we encode directly 80 * variables. There are arrays that we encode directly
80 * into parameters to make the rest of the operations easier. 81 * into parameters to make the rest of the operations easier.
@@ -106,7 +107,7 @@ static struct sctp_endpoint *sctp_endpoint_init(struct sctp_endpoint *ep,
106 /* If the Add-IP functionality is enabled, we must 107 /* If the Add-IP functionality is enabled, we must
107 * authenticate, ASCONF and ASCONF-ACK chunks 108 * authenticate, ASCONF and ASCONF-ACK chunks
108 */ 109 */
109 if (sctp_addip_enable) { 110 if (net->sctp.addip_enable) {
110 auth_chunks->chunks[0] = SCTP_CID_ASCONF; 111 auth_chunks->chunks[0] = SCTP_CID_ASCONF;
111 auth_chunks->chunks[1] = SCTP_CID_ASCONF_ACK; 112 auth_chunks->chunks[1] = SCTP_CID_ASCONF_ACK;
112 auth_chunks->param_hdr.length = 113 auth_chunks->param_hdr.length =
@@ -140,14 +141,14 @@ static struct sctp_endpoint *sctp_endpoint_init(struct sctp_endpoint *ep,
140 INIT_LIST_HEAD(&ep->asocs); 141 INIT_LIST_HEAD(&ep->asocs);
141 142
142 /* Use SCTP specific send buffer space queues. */ 143 /* Use SCTP specific send buffer space queues. */
143 ep->sndbuf_policy = sctp_sndbuf_policy; 144 ep->sndbuf_policy = net->sctp.sndbuf_policy;
144 145
145 sk->sk_data_ready = sctp_data_ready; 146 sk->sk_data_ready = sctp_data_ready;
146 sk->sk_write_space = sctp_write_space; 147 sk->sk_write_space = sctp_write_space;
147 sock_set_flag(sk, SOCK_USE_WRITE_QUEUE); 148 sock_set_flag(sk, SOCK_USE_WRITE_QUEUE);
148 149
149 /* Get the receive buffer policy for this endpoint */ 150 /* Get the receive buffer policy for this endpoint */
150 ep->rcvbuf_policy = sctp_rcvbuf_policy; 151 ep->rcvbuf_policy = net->sctp.rcvbuf_policy;
151 152
152 /* Initialize the secret key used with cookie. */ 153 /* Initialize the secret key used with cookie. */
153 get_random_bytes(&ep->secret_key[0], SCTP_SECRET_SIZE); 154 get_random_bytes(&ep->secret_key[0], SCTP_SECRET_SIZE);
@@ -302,11 +303,13 @@ void sctp_endpoint_put(struct sctp_endpoint *ep)
302 303
303/* Is this the endpoint we are looking for? */ 304/* Is this the endpoint we are looking for? */
304struct sctp_endpoint *sctp_endpoint_is_match(struct sctp_endpoint *ep, 305struct sctp_endpoint *sctp_endpoint_is_match(struct sctp_endpoint *ep,
306 struct net *net,
305 const union sctp_addr *laddr) 307 const union sctp_addr *laddr)
306{ 308{
307 struct sctp_endpoint *retval = NULL; 309 struct sctp_endpoint *retval = NULL;
308 310
309 if (htons(ep->base.bind_addr.port) == laddr->v4.sin_port) { 311 if ((htons(ep->base.bind_addr.port) == laddr->v4.sin_port) &&
312 net_eq(sock_net(ep->base.sk), net)) {
310 if (sctp_bind_addr_match(&ep->base.bind_addr, laddr, 313 if (sctp_bind_addr_match(&ep->base.bind_addr, laddr,
311 sctp_sk(ep->base.sk))) 314 sctp_sk(ep->base.sk)))
312 retval = ep; 315 retval = ep;
@@ -343,7 +346,8 @@ static struct sctp_association *__sctp_endpoint_lookup_assoc(
343 346
344 rport = ntohs(paddr->v4.sin_port); 347 rport = ntohs(paddr->v4.sin_port);
345 348
346 hash = sctp_assoc_hashfn(ep->base.bind_addr.port, rport); 349 hash = sctp_assoc_hashfn(sock_net(ep->base.sk), ep->base.bind_addr.port,
350 rport);
347 head = &sctp_assoc_hashtable[hash]; 351 head = &sctp_assoc_hashtable[hash];
348 read_lock(&head->lock); 352 read_lock(&head->lock);
349 sctp_for_each_hentry(epb, node, &head->chain) { 353 sctp_for_each_hentry(epb, node, &head->chain) {
@@ -386,13 +390,14 @@ int sctp_endpoint_is_peeled_off(struct sctp_endpoint *ep,
386{ 390{
387 struct sctp_sockaddr_entry *addr; 391 struct sctp_sockaddr_entry *addr;
388 struct sctp_bind_addr *bp; 392 struct sctp_bind_addr *bp;
393 struct net *net = sock_net(ep->base.sk);
389 394
390 bp = &ep->base.bind_addr; 395 bp = &ep->base.bind_addr;
391 /* This function is called with the socket lock held, 396 /* This function is called with the socket lock held,
392 * so the address_list can not change. 397 * so the address_list can not change.
393 */ 398 */
394 list_for_each_entry(addr, &bp->address_list, list) { 399 list_for_each_entry(addr, &bp->address_list, list) {
395 if (sctp_has_association(&addr->a, paddr)) 400 if (sctp_has_association(net, &addr->a, paddr))
396 return 1; 401 return 1;
397 } 402 }
398 403
@@ -409,6 +414,7 @@ static void sctp_endpoint_bh_rcv(struct work_struct *work)
409 base.inqueue.immediate); 414 base.inqueue.immediate);
410 struct sctp_association *asoc; 415 struct sctp_association *asoc;
411 struct sock *sk; 416 struct sock *sk;
417 struct net *net;
412 struct sctp_transport *transport; 418 struct sctp_transport *transport;
413 struct sctp_chunk *chunk; 419 struct sctp_chunk *chunk;
414 struct sctp_inq *inqueue; 420 struct sctp_inq *inqueue;
@@ -423,6 +429,7 @@ static void sctp_endpoint_bh_rcv(struct work_struct *work)
423 asoc = NULL; 429 asoc = NULL;
424 inqueue = &ep->base.inqueue; 430 inqueue = &ep->base.inqueue;
425 sk = ep->base.sk; 431 sk = ep->base.sk;
432 net = sock_net(sk);
426 433
427 while (NULL != (chunk = sctp_inq_pop(inqueue))) { 434 while (NULL != (chunk = sctp_inq_pop(inqueue))) {
428 subtype = SCTP_ST_CHUNK(chunk->chunk_hdr->type); 435 subtype = SCTP_ST_CHUNK(chunk->chunk_hdr->type);
@@ -474,12 +481,12 @@ normal:
474 if (asoc && sctp_chunk_is_data(chunk)) 481 if (asoc && sctp_chunk_is_data(chunk))
475 asoc->peer.last_data_from = chunk->transport; 482 asoc->peer.last_data_from = chunk->transport;
476 else 483 else
477 SCTP_INC_STATS(SCTP_MIB_INCTRLCHUNKS); 484 SCTP_INC_STATS(sock_net(ep->base.sk), SCTP_MIB_INCTRLCHUNKS);
478 485
479 if (chunk->transport) 486 if (chunk->transport)
480 chunk->transport->last_time_heard = jiffies; 487 chunk->transport->last_time_heard = jiffies;
481 488
482 error = sctp_do_sm(SCTP_EVENT_T_CHUNK, subtype, state, 489 error = sctp_do_sm(net, SCTP_EVENT_T_CHUNK, subtype, state,
483 ep, asoc, chunk, GFP_ATOMIC); 490 ep, asoc, chunk, GFP_ATOMIC);
484 491
485 if (error && chunk) 492 if (error && chunk)
diff --git a/net/sctp/input.c b/net/sctp/input.c
index e64d5210ed13..25dfe7380479 100644
--- a/net/sctp/input.c
+++ b/net/sctp/input.c
@@ -66,12 +66,15 @@
66 66
67/* Forward declarations for internal helpers. */ 67/* Forward declarations for internal helpers. */
68static int sctp_rcv_ootb(struct sk_buff *); 68static int sctp_rcv_ootb(struct sk_buff *);
69static struct sctp_association *__sctp_rcv_lookup(struct sk_buff *skb, 69static struct sctp_association *__sctp_rcv_lookup(struct net *net,
70 struct sk_buff *skb,
70 const union sctp_addr *laddr, 71 const union sctp_addr *laddr,
71 const union sctp_addr *paddr, 72 const union sctp_addr *paddr,
72 struct sctp_transport **transportp); 73 struct sctp_transport **transportp);
73static struct sctp_endpoint *__sctp_rcv_lookup_endpoint(const union sctp_addr *laddr); 74static struct sctp_endpoint *__sctp_rcv_lookup_endpoint(struct net *net,
75 const union sctp_addr *laddr);
74static struct sctp_association *__sctp_lookup_association( 76static struct sctp_association *__sctp_lookup_association(
77 struct net *net,
75 const union sctp_addr *local, 78 const union sctp_addr *local,
76 const union sctp_addr *peer, 79 const union sctp_addr *peer,
77 struct sctp_transport **pt); 80 struct sctp_transport **pt);
@@ -80,7 +83,7 @@ static int sctp_add_backlog(struct sock *sk, struct sk_buff *skb);
80 83
81 84
82/* Calculate the SCTP checksum of an SCTP packet. */ 85/* Calculate the SCTP checksum of an SCTP packet. */
83static inline int sctp_rcv_checksum(struct sk_buff *skb) 86static inline int sctp_rcv_checksum(struct net *net, struct sk_buff *skb)
84{ 87{
85 struct sctphdr *sh = sctp_hdr(skb); 88 struct sctphdr *sh = sctp_hdr(skb);
86 __le32 cmp = sh->checksum; 89 __le32 cmp = sh->checksum;
@@ -96,7 +99,7 @@ static inline int sctp_rcv_checksum(struct sk_buff *skb)
96 99
97 if (val != cmp) { 100 if (val != cmp) {
98 /* CRC failure, dump it. */ 101 /* CRC failure, dump it. */
99 SCTP_INC_STATS_BH(SCTP_MIB_CHECKSUMERRORS); 102 SCTP_INC_STATS_BH(net, SCTP_MIB_CHECKSUMERRORS);
100 return -1; 103 return -1;
101 } 104 }
102 return 0; 105 return 0;
@@ -129,11 +132,12 @@ int sctp_rcv(struct sk_buff *skb)
129 union sctp_addr dest; 132 union sctp_addr dest;
130 int family; 133 int family;
131 struct sctp_af *af; 134 struct sctp_af *af;
135 struct net *net = dev_net(skb->dev);
132 136
133 if (skb->pkt_type!=PACKET_HOST) 137 if (skb->pkt_type!=PACKET_HOST)
134 goto discard_it; 138 goto discard_it;
135 139
136 SCTP_INC_STATS_BH(SCTP_MIB_INSCTPPACKS); 140 SCTP_INC_STATS_BH(net, SCTP_MIB_INSCTPPACKS);
137 141
138 if (skb_linearize(skb)) 142 if (skb_linearize(skb))
139 goto discard_it; 143 goto discard_it;
@@ -145,7 +149,7 @@ int sctp_rcv(struct sk_buff *skb)
145 if (skb->len < sizeof(struct sctphdr)) 149 if (skb->len < sizeof(struct sctphdr))
146 goto discard_it; 150 goto discard_it;
147 if (!sctp_checksum_disable && !skb_csum_unnecessary(skb) && 151 if (!sctp_checksum_disable && !skb_csum_unnecessary(skb) &&
148 sctp_rcv_checksum(skb) < 0) 152 sctp_rcv_checksum(net, skb) < 0)
149 goto discard_it; 153 goto discard_it;
150 154
151 skb_pull(skb, sizeof(struct sctphdr)); 155 skb_pull(skb, sizeof(struct sctphdr));
@@ -178,10 +182,10 @@ int sctp_rcv(struct sk_buff *skb)
178 !af->addr_valid(&dest, NULL, skb)) 182 !af->addr_valid(&dest, NULL, skb))
179 goto discard_it; 183 goto discard_it;
180 184
181 asoc = __sctp_rcv_lookup(skb, &src, &dest, &transport); 185 asoc = __sctp_rcv_lookup(net, skb, &src, &dest, &transport);
182 186
183 if (!asoc) 187 if (!asoc)
184 ep = __sctp_rcv_lookup_endpoint(&dest); 188 ep = __sctp_rcv_lookup_endpoint(net, &dest);
185 189
186 /* Retrieve the common input handling substructure. */ 190 /* Retrieve the common input handling substructure. */
187 rcvr = asoc ? &asoc->base : &ep->base; 191 rcvr = asoc ? &asoc->base : &ep->base;
@@ -200,7 +204,7 @@ int sctp_rcv(struct sk_buff *skb)
200 sctp_endpoint_put(ep); 204 sctp_endpoint_put(ep);
201 ep = NULL; 205 ep = NULL;
202 } 206 }
203 sk = sctp_get_ctl_sock(); 207 sk = net->sctp.ctl_sock;
204 ep = sctp_sk(sk)->ep; 208 ep = sctp_sk(sk)->ep;
205 sctp_endpoint_hold(ep); 209 sctp_endpoint_hold(ep);
206 rcvr = &ep->base; 210 rcvr = &ep->base;
@@ -216,7 +220,7 @@ int sctp_rcv(struct sk_buff *skb)
216 */ 220 */
217 if (!asoc) { 221 if (!asoc) {
218 if (sctp_rcv_ootb(skb)) { 222 if (sctp_rcv_ootb(skb)) {
219 SCTP_INC_STATS_BH(SCTP_MIB_OUTOFBLUES); 223 SCTP_INC_STATS_BH(net, SCTP_MIB_OUTOFBLUES);
220 goto discard_release; 224 goto discard_release;
221 } 225 }
222 } 226 }
@@ -272,9 +276,9 @@ int sctp_rcv(struct sk_buff *skb)
272 skb = NULL; /* sctp_chunk_free already freed the skb */ 276 skb = NULL; /* sctp_chunk_free already freed the skb */
273 goto discard_release; 277 goto discard_release;
274 } 278 }
275 SCTP_INC_STATS_BH(SCTP_MIB_IN_PKT_BACKLOG); 279 SCTP_INC_STATS_BH(net, SCTP_MIB_IN_PKT_BACKLOG);
276 } else { 280 } else {
277 SCTP_INC_STATS_BH(SCTP_MIB_IN_PKT_SOFTIRQ); 281 SCTP_INC_STATS_BH(net, SCTP_MIB_IN_PKT_SOFTIRQ);
278 sctp_inq_push(&chunk->rcvr->inqueue, chunk); 282 sctp_inq_push(&chunk->rcvr->inqueue, chunk);
279 } 283 }
280 284
@@ -289,7 +293,7 @@ int sctp_rcv(struct sk_buff *skb)
289 return 0; 293 return 0;
290 294
291discard_it: 295discard_it:
292 SCTP_INC_STATS_BH(SCTP_MIB_IN_PKT_DISCARDS); 296 SCTP_INC_STATS_BH(net, SCTP_MIB_IN_PKT_DISCARDS);
293 kfree_skb(skb); 297 kfree_skb(skb);
294 return 0; 298 return 0;
295 299
@@ -462,11 +466,13 @@ void sctp_icmp_proto_unreachable(struct sock *sk,
462 } 466 }
463 467
464 } else { 468 } else {
469 struct net *net = sock_net(sk);
470
465 if (timer_pending(&t->proto_unreach_timer) && 471 if (timer_pending(&t->proto_unreach_timer) &&
466 del_timer(&t->proto_unreach_timer)) 472 del_timer(&t->proto_unreach_timer))
467 sctp_association_put(asoc); 473 sctp_association_put(asoc);
468 474
469 sctp_do_sm(SCTP_EVENT_T_OTHER, 475 sctp_do_sm(net, SCTP_EVENT_T_OTHER,
470 SCTP_ST_OTHER(SCTP_EVENT_ICMP_PROTO_UNREACH), 476 SCTP_ST_OTHER(SCTP_EVENT_ICMP_PROTO_UNREACH),
471 asoc->state, asoc->ep, asoc, t, 477 asoc->state, asoc->ep, asoc, t,
472 GFP_ATOMIC); 478 GFP_ATOMIC);
@@ -474,7 +480,7 @@ void sctp_icmp_proto_unreachable(struct sock *sk,
474} 480}
475 481
476/* Common lookup code for icmp/icmpv6 error handler. */ 482/* Common lookup code for icmp/icmpv6 error handler. */
477struct sock *sctp_err_lookup(int family, struct sk_buff *skb, 483struct sock *sctp_err_lookup(struct net *net, int family, struct sk_buff *skb,
478 struct sctphdr *sctphdr, 484 struct sctphdr *sctphdr,
479 struct sctp_association **app, 485 struct sctp_association **app,
480 struct sctp_transport **tpp) 486 struct sctp_transport **tpp)
@@ -503,7 +509,7 @@ struct sock *sctp_err_lookup(int family, struct sk_buff *skb,
503 /* Look for an association that matches the incoming ICMP error 509 /* Look for an association that matches the incoming ICMP error
504 * packet. 510 * packet.
505 */ 511 */
506 asoc = __sctp_lookup_association(&saddr, &daddr, &transport); 512 asoc = __sctp_lookup_association(net, &saddr, &daddr, &transport);
507 if (!asoc) 513 if (!asoc)
508 return NULL; 514 return NULL;
509 515
@@ -539,7 +545,7 @@ struct sock *sctp_err_lookup(int family, struct sk_buff *skb,
539 * servers this needs to be solved differently. 545 * servers this needs to be solved differently.
540 */ 546 */
541 if (sock_owned_by_user(sk)) 547 if (sock_owned_by_user(sk))
542 NET_INC_STATS_BH(&init_net, LINUX_MIB_LOCKDROPPEDICMPS); 548 NET_INC_STATS_BH(net, LINUX_MIB_LOCKDROPPEDICMPS);
543 549
544 *app = asoc; 550 *app = asoc;
545 *tpp = transport; 551 *tpp = transport;
@@ -586,9 +592,10 @@ void sctp_v4_err(struct sk_buff *skb, __u32 info)
586 struct inet_sock *inet; 592 struct inet_sock *inet;
587 sk_buff_data_t saveip, savesctp; 593 sk_buff_data_t saveip, savesctp;
588 int err; 594 int err;
595 struct net *net = dev_net(skb->dev);
589 596
590 if (skb->len < ihlen + 8) { 597 if (skb->len < ihlen + 8) {
591 ICMP_INC_STATS_BH(&init_net, ICMP_MIB_INERRORS); 598 ICMP_INC_STATS_BH(net, ICMP_MIB_INERRORS);
592 return; 599 return;
593 } 600 }
594 601
@@ -597,12 +604,12 @@ void sctp_v4_err(struct sk_buff *skb, __u32 info)
597 savesctp = skb->transport_header; 604 savesctp = skb->transport_header;
598 skb_reset_network_header(skb); 605 skb_reset_network_header(skb);
599 skb_set_transport_header(skb, ihlen); 606 skb_set_transport_header(skb, ihlen);
600 sk = sctp_err_lookup(AF_INET, skb, sctp_hdr(skb), &asoc, &transport); 607 sk = sctp_err_lookup(net, AF_INET, skb, sctp_hdr(skb), &asoc, &transport);
601 /* Put back, the original values. */ 608 /* Put back, the original values. */
602 skb->network_header = saveip; 609 skb->network_header = saveip;
603 skb->transport_header = savesctp; 610 skb->transport_header = savesctp;
604 if (!sk) { 611 if (!sk) {
605 ICMP_INC_STATS_BH(&init_net, ICMP_MIB_INERRORS); 612 ICMP_INC_STATS_BH(net, ICMP_MIB_INERRORS);
606 return; 613 return;
607 } 614 }
608 /* Warning: The sock lock is held. Remember to call 615 /* Warning: The sock lock is held. Remember to call
@@ -723,12 +730,13 @@ discard:
723/* Insert endpoint into the hash table. */ 730/* Insert endpoint into the hash table. */
724static void __sctp_hash_endpoint(struct sctp_endpoint *ep) 731static void __sctp_hash_endpoint(struct sctp_endpoint *ep)
725{ 732{
733 struct net *net = sock_net(ep->base.sk);
726 struct sctp_ep_common *epb; 734 struct sctp_ep_common *epb;
727 struct sctp_hashbucket *head; 735 struct sctp_hashbucket *head;
728 736
729 epb = &ep->base; 737 epb = &ep->base;
730 738
731 epb->hashent = sctp_ep_hashfn(epb->bind_addr.port); 739 epb->hashent = sctp_ep_hashfn(net, epb->bind_addr.port);
732 head = &sctp_ep_hashtable[epb->hashent]; 740 head = &sctp_ep_hashtable[epb->hashent];
733 741
734 sctp_write_lock(&head->lock); 742 sctp_write_lock(&head->lock);
@@ -747,12 +755,13 @@ void sctp_hash_endpoint(struct sctp_endpoint *ep)
747/* Remove endpoint from the hash table. */ 755/* Remove endpoint from the hash table. */
748static void __sctp_unhash_endpoint(struct sctp_endpoint *ep) 756static void __sctp_unhash_endpoint(struct sctp_endpoint *ep)
749{ 757{
758 struct net *net = sock_net(ep->base.sk);
750 struct sctp_hashbucket *head; 759 struct sctp_hashbucket *head;
751 struct sctp_ep_common *epb; 760 struct sctp_ep_common *epb;
752 761
753 epb = &ep->base; 762 epb = &ep->base;
754 763
755 epb->hashent = sctp_ep_hashfn(epb->bind_addr.port); 764 epb->hashent = sctp_ep_hashfn(net, epb->bind_addr.port);
756 765
757 head = &sctp_ep_hashtable[epb->hashent]; 766 head = &sctp_ep_hashtable[epb->hashent];
758 767
@@ -770,7 +779,8 @@ void sctp_unhash_endpoint(struct sctp_endpoint *ep)
770} 779}
771 780
772/* Look up an endpoint. */ 781/* Look up an endpoint. */
773static struct sctp_endpoint *__sctp_rcv_lookup_endpoint(const union sctp_addr *laddr) 782static struct sctp_endpoint *__sctp_rcv_lookup_endpoint(struct net *net,
783 const union sctp_addr *laddr)
774{ 784{
775 struct sctp_hashbucket *head; 785 struct sctp_hashbucket *head;
776 struct sctp_ep_common *epb; 786 struct sctp_ep_common *epb;
@@ -778,16 +788,16 @@ static struct sctp_endpoint *__sctp_rcv_lookup_endpoint(const union sctp_addr *l
778 struct hlist_node *node; 788 struct hlist_node *node;
779 int hash; 789 int hash;
780 790
781 hash = sctp_ep_hashfn(ntohs(laddr->v4.sin_port)); 791 hash = sctp_ep_hashfn(net, ntohs(laddr->v4.sin_port));
782 head = &sctp_ep_hashtable[hash]; 792 head = &sctp_ep_hashtable[hash];
783 read_lock(&head->lock); 793 read_lock(&head->lock);
784 sctp_for_each_hentry(epb, node, &head->chain) { 794 sctp_for_each_hentry(epb, node, &head->chain) {
785 ep = sctp_ep(epb); 795 ep = sctp_ep(epb);
786 if (sctp_endpoint_is_match(ep, laddr)) 796 if (sctp_endpoint_is_match(ep, net, laddr))
787 goto hit; 797 goto hit;
788 } 798 }
789 799
790 ep = sctp_sk((sctp_get_ctl_sock()))->ep; 800 ep = sctp_sk(net->sctp.ctl_sock)->ep;
791 801
792hit: 802hit:
793 sctp_endpoint_hold(ep); 803 sctp_endpoint_hold(ep);
@@ -798,13 +808,15 @@ hit:
798/* Insert association into the hash table. */ 808/* Insert association into the hash table. */
799static void __sctp_hash_established(struct sctp_association *asoc) 809static void __sctp_hash_established(struct sctp_association *asoc)
800{ 810{
811 struct net *net = sock_net(asoc->base.sk);
801 struct sctp_ep_common *epb; 812 struct sctp_ep_common *epb;
802 struct sctp_hashbucket *head; 813 struct sctp_hashbucket *head;
803 814
804 epb = &asoc->base; 815 epb = &asoc->base;
805 816
806 /* Calculate which chain this entry will belong to. */ 817 /* Calculate which chain this entry will belong to. */
807 epb->hashent = sctp_assoc_hashfn(epb->bind_addr.port, asoc->peer.port); 818 epb->hashent = sctp_assoc_hashfn(net, epb->bind_addr.port,
819 asoc->peer.port);
808 820
809 head = &sctp_assoc_hashtable[epb->hashent]; 821 head = &sctp_assoc_hashtable[epb->hashent];
810 822
@@ -827,12 +839,13 @@ void sctp_hash_established(struct sctp_association *asoc)
827/* Remove association from the hash table. */ 839/* Remove association from the hash table. */
828static void __sctp_unhash_established(struct sctp_association *asoc) 840static void __sctp_unhash_established(struct sctp_association *asoc)
829{ 841{
842 struct net *net = sock_net(asoc->base.sk);
830 struct sctp_hashbucket *head; 843 struct sctp_hashbucket *head;
831 struct sctp_ep_common *epb; 844 struct sctp_ep_common *epb;
832 845
833 epb = &asoc->base; 846 epb = &asoc->base;
834 847
835 epb->hashent = sctp_assoc_hashfn(epb->bind_addr.port, 848 epb->hashent = sctp_assoc_hashfn(net, epb->bind_addr.port,
836 asoc->peer.port); 849 asoc->peer.port);
837 850
838 head = &sctp_assoc_hashtable[epb->hashent]; 851 head = &sctp_assoc_hashtable[epb->hashent];
@@ -855,6 +868,7 @@ void sctp_unhash_established(struct sctp_association *asoc)
855 868
856/* Look up an association. */ 869/* Look up an association. */
857static struct sctp_association *__sctp_lookup_association( 870static struct sctp_association *__sctp_lookup_association(
871 struct net *net,
858 const union sctp_addr *local, 872 const union sctp_addr *local,
859 const union sctp_addr *peer, 873 const union sctp_addr *peer,
860 struct sctp_transport **pt) 874 struct sctp_transport **pt)
@@ -869,12 +883,13 @@ static struct sctp_association *__sctp_lookup_association(
869 /* Optimize here for direct hit, only listening connections can 883 /* Optimize here for direct hit, only listening connections can
870 * have wildcards anyways. 884 * have wildcards anyways.
871 */ 885 */
872 hash = sctp_assoc_hashfn(ntohs(local->v4.sin_port), ntohs(peer->v4.sin_port)); 886 hash = sctp_assoc_hashfn(net, ntohs(local->v4.sin_port),
887 ntohs(peer->v4.sin_port));
873 head = &sctp_assoc_hashtable[hash]; 888 head = &sctp_assoc_hashtable[hash];
874 read_lock(&head->lock); 889 read_lock(&head->lock);
875 sctp_for_each_hentry(epb, node, &head->chain) { 890 sctp_for_each_hentry(epb, node, &head->chain) {
876 asoc = sctp_assoc(epb); 891 asoc = sctp_assoc(epb);
877 transport = sctp_assoc_is_match(asoc, local, peer); 892 transport = sctp_assoc_is_match(asoc, net, local, peer);
878 if (transport) 893 if (transport)
879 goto hit; 894 goto hit;
880 } 895 }
@@ -892,27 +907,29 @@ hit:
892 907
893/* Look up an association. BH-safe. */ 908/* Look up an association. BH-safe. */
894SCTP_STATIC 909SCTP_STATIC
895struct sctp_association *sctp_lookup_association(const union sctp_addr *laddr, 910struct sctp_association *sctp_lookup_association(struct net *net,
911 const union sctp_addr *laddr,
896 const union sctp_addr *paddr, 912 const union sctp_addr *paddr,
897 struct sctp_transport **transportp) 913 struct sctp_transport **transportp)
898{ 914{
899 struct sctp_association *asoc; 915 struct sctp_association *asoc;
900 916
901 sctp_local_bh_disable(); 917 sctp_local_bh_disable();
902 asoc = __sctp_lookup_association(laddr, paddr, transportp); 918 asoc = __sctp_lookup_association(net, laddr, paddr, transportp);
903 sctp_local_bh_enable(); 919 sctp_local_bh_enable();
904 920
905 return asoc; 921 return asoc;
906} 922}
907 923
908/* Is there an association matching the given local and peer addresses? */ 924/* Is there an association matching the given local and peer addresses? */
909int sctp_has_association(const union sctp_addr *laddr, 925int sctp_has_association(struct net *net,
926 const union sctp_addr *laddr,
910 const union sctp_addr *paddr) 927 const union sctp_addr *paddr)
911{ 928{
912 struct sctp_association *asoc; 929 struct sctp_association *asoc;
913 struct sctp_transport *transport; 930 struct sctp_transport *transport;
914 931
915 if ((asoc = sctp_lookup_association(laddr, paddr, &transport))) { 932 if ((asoc = sctp_lookup_association(net, laddr, paddr, &transport))) {
916 sctp_association_put(asoc); 933 sctp_association_put(asoc);
917 return 1; 934 return 1;
918 } 935 }
@@ -938,7 +955,8 @@ int sctp_has_association(const union sctp_addr *laddr,
938 * in certain circumstances. 955 * in certain circumstances.
939 * 956 *
940 */ 957 */
941static struct sctp_association *__sctp_rcv_init_lookup(struct sk_buff *skb, 958static struct sctp_association *__sctp_rcv_init_lookup(struct net *net,
959 struct sk_buff *skb,
942 const union sctp_addr *laddr, struct sctp_transport **transportp) 960 const union sctp_addr *laddr, struct sctp_transport **transportp)
943{ 961{
944 struct sctp_association *asoc; 962 struct sctp_association *asoc;
@@ -978,7 +996,7 @@ static struct sctp_association *__sctp_rcv_init_lookup(struct sk_buff *skb,
978 996
979 af->from_addr_param(paddr, params.addr, sh->source, 0); 997 af->from_addr_param(paddr, params.addr, sh->source, 0);
980 998
981 asoc = __sctp_lookup_association(laddr, paddr, &transport); 999 asoc = __sctp_lookup_association(net, laddr, paddr, &transport);
982 if (asoc) 1000 if (asoc)
983 return asoc; 1001 return asoc;
984 } 1002 }
@@ -1001,6 +1019,7 @@ static struct sctp_association *__sctp_rcv_init_lookup(struct sk_buff *skb,
1001 * subsequent ASCONF Chunks. If found, proceed to rule D4. 1019 * subsequent ASCONF Chunks. If found, proceed to rule D4.
1002 */ 1020 */
1003static struct sctp_association *__sctp_rcv_asconf_lookup( 1021static struct sctp_association *__sctp_rcv_asconf_lookup(
1022 struct net *net,
1004 sctp_chunkhdr_t *ch, 1023 sctp_chunkhdr_t *ch,
1005 const union sctp_addr *laddr, 1024 const union sctp_addr *laddr,
1006 __be16 peer_port, 1025 __be16 peer_port,
@@ -1020,7 +1039,7 @@ static struct sctp_association *__sctp_rcv_asconf_lookup(
1020 1039
1021 af->from_addr_param(&paddr, param, peer_port, 0); 1040 af->from_addr_param(&paddr, param, peer_port, 0);
1022 1041
1023 return __sctp_lookup_association(laddr, &paddr, transportp); 1042 return __sctp_lookup_association(net, laddr, &paddr, transportp);
1024} 1043}
1025 1044
1026 1045
@@ -1033,7 +1052,8 @@ static struct sctp_association *__sctp_rcv_asconf_lookup(
1033* This means that any chunks that can help us identify the association need 1052* This means that any chunks that can help us identify the association need
1034* to be looked at to find this association. 1053* to be looked at to find this association.
1035*/ 1054*/
1036static struct sctp_association *__sctp_rcv_walk_lookup(struct sk_buff *skb, 1055static struct sctp_association *__sctp_rcv_walk_lookup(struct net *net,
1056 struct sk_buff *skb,
1037 const union sctp_addr *laddr, 1057 const union sctp_addr *laddr,
1038 struct sctp_transport **transportp) 1058 struct sctp_transport **transportp)
1039{ 1059{
@@ -1074,8 +1094,9 @@ static struct sctp_association *__sctp_rcv_walk_lookup(struct sk_buff *skb,
1074 break; 1094 break;
1075 1095
1076 case SCTP_CID_ASCONF: 1096 case SCTP_CID_ASCONF:
1077 if (have_auth || sctp_addip_noauth) 1097 if (have_auth || net->sctp.addip_noauth)
1078 asoc = __sctp_rcv_asconf_lookup(ch, laddr, 1098 asoc = __sctp_rcv_asconf_lookup(
1099 net, ch, laddr,
1079 sctp_hdr(skb)->source, 1100 sctp_hdr(skb)->source,
1080 transportp); 1101 transportp);
1081 default: 1102 default:
@@ -1098,7 +1119,8 @@ static struct sctp_association *__sctp_rcv_walk_lookup(struct sk_buff *skb,
1098 * include looking inside of INIT/INIT-ACK chunks or after the AUTH 1119 * include looking inside of INIT/INIT-ACK chunks or after the AUTH
1099 * chunks. 1120 * chunks.
1100 */ 1121 */
1101static struct sctp_association *__sctp_rcv_lookup_harder(struct sk_buff *skb, 1122static struct sctp_association *__sctp_rcv_lookup_harder(struct net *net,
1123 struct sk_buff *skb,
1102 const union sctp_addr *laddr, 1124 const union sctp_addr *laddr,
1103 struct sctp_transport **transportp) 1125 struct sctp_transport **transportp)
1104{ 1126{
@@ -1118,11 +1140,11 @@ static struct sctp_association *__sctp_rcv_lookup_harder(struct sk_buff *skb,
1118 switch (ch->type) { 1140 switch (ch->type) {
1119 case SCTP_CID_INIT: 1141 case SCTP_CID_INIT:
1120 case SCTP_CID_INIT_ACK: 1142 case SCTP_CID_INIT_ACK:
1121 return __sctp_rcv_init_lookup(skb, laddr, transportp); 1143 return __sctp_rcv_init_lookup(net, skb, laddr, transportp);
1122 break; 1144 break;
1123 1145
1124 default: 1146 default:
1125 return __sctp_rcv_walk_lookup(skb, laddr, transportp); 1147 return __sctp_rcv_walk_lookup(net, skb, laddr, transportp);
1126 break; 1148 break;
1127 } 1149 }
1128 1150
@@ -1131,21 +1153,22 @@ static struct sctp_association *__sctp_rcv_lookup_harder(struct sk_buff *skb,
1131} 1153}
1132 1154
1133/* Lookup an association for an inbound skb. */ 1155/* Lookup an association for an inbound skb. */
1134static struct sctp_association *__sctp_rcv_lookup(struct sk_buff *skb, 1156static struct sctp_association *__sctp_rcv_lookup(struct net *net,
1157 struct sk_buff *skb,
1135 const union sctp_addr *paddr, 1158 const union sctp_addr *paddr,
1136 const union sctp_addr *laddr, 1159 const union sctp_addr *laddr,
1137 struct sctp_transport **transportp) 1160 struct sctp_transport **transportp)
1138{ 1161{
1139 struct sctp_association *asoc; 1162 struct sctp_association *asoc;
1140 1163
1141 asoc = __sctp_lookup_association(laddr, paddr, transportp); 1164 asoc = __sctp_lookup_association(net, laddr, paddr, transportp);
1142 1165
1143 /* Further lookup for INIT/INIT-ACK packets. 1166 /* Further lookup for INIT/INIT-ACK packets.
1144 * SCTP Implementors Guide, 2.18 Handling of address 1167 * SCTP Implementors Guide, 2.18 Handling of address
1145 * parameters within the INIT or INIT-ACK. 1168 * parameters within the INIT or INIT-ACK.
1146 */ 1169 */
1147 if (!asoc) 1170 if (!asoc)
1148 asoc = __sctp_rcv_lookup_harder(skb, laddr, transportp); 1171 asoc = __sctp_rcv_lookup_harder(net, skb, laddr, transportp);
1149 1172
1150 return asoc; 1173 return asoc;
1151} 1174}
diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c
index ed7139ea7978..ea14cb445295 100644
--- a/net/sctp/ipv6.c
+++ b/net/sctp/ipv6.c
@@ -99,6 +99,7 @@ static int sctp_inet6addr_event(struct notifier_block *this, unsigned long ev,
99 struct inet6_ifaddr *ifa = (struct inet6_ifaddr *)ptr; 99 struct inet6_ifaddr *ifa = (struct inet6_ifaddr *)ptr;
100 struct sctp_sockaddr_entry *addr = NULL; 100 struct sctp_sockaddr_entry *addr = NULL;
101 struct sctp_sockaddr_entry *temp; 101 struct sctp_sockaddr_entry *temp;
102 struct net *net = dev_net(ifa->idev->dev);
102 int found = 0; 103 int found = 0;
103 104
104 switch (ev) { 105 switch (ev) {
@@ -110,27 +111,27 @@ static int sctp_inet6addr_event(struct notifier_block *this, unsigned long ev,
110 addr->a.v6.sin6_addr = ifa->addr; 111 addr->a.v6.sin6_addr = ifa->addr;
111 addr->a.v6.sin6_scope_id = ifa->idev->dev->ifindex; 112 addr->a.v6.sin6_scope_id = ifa->idev->dev->ifindex;
112 addr->valid = 1; 113 addr->valid = 1;
113 spin_lock_bh(&sctp_local_addr_lock); 114 spin_lock_bh(&net->sctp.local_addr_lock);
114 list_add_tail_rcu(&addr->list, &sctp_local_addr_list); 115 list_add_tail_rcu(&addr->list, &net->sctp.local_addr_list);
115 sctp_addr_wq_mgmt(addr, SCTP_ADDR_NEW); 116 sctp_addr_wq_mgmt(net, addr, SCTP_ADDR_NEW);
116 spin_unlock_bh(&sctp_local_addr_lock); 117 spin_unlock_bh(&net->sctp.local_addr_lock);
117 } 118 }
118 break; 119 break;
119 case NETDEV_DOWN: 120 case NETDEV_DOWN:
120 spin_lock_bh(&sctp_local_addr_lock); 121 spin_lock_bh(&net->sctp.local_addr_lock);
121 list_for_each_entry_safe(addr, temp, 122 list_for_each_entry_safe(addr, temp,
122 &sctp_local_addr_list, list) { 123 &net->sctp.local_addr_list, list) {
123 if (addr->a.sa.sa_family == AF_INET6 && 124 if (addr->a.sa.sa_family == AF_INET6 &&
124 ipv6_addr_equal(&addr->a.v6.sin6_addr, 125 ipv6_addr_equal(&addr->a.v6.sin6_addr,
125 &ifa->addr)) { 126 &ifa->addr)) {
126 sctp_addr_wq_mgmt(addr, SCTP_ADDR_DEL); 127 sctp_addr_wq_mgmt(net, addr, SCTP_ADDR_DEL);
127 found = 1; 128 found = 1;
128 addr->valid = 0; 129 addr->valid = 0;
129 list_del_rcu(&addr->list); 130 list_del_rcu(&addr->list);
130 break; 131 break;
131 } 132 }
132 } 133 }
133 spin_unlock_bh(&sctp_local_addr_lock); 134 spin_unlock_bh(&net->sctp.local_addr_lock);
134 if (found) 135 if (found)
135 kfree_rcu(addr, rcu); 136 kfree_rcu(addr, rcu);
136 break; 137 break;
@@ -154,6 +155,7 @@ SCTP_STATIC void sctp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
154 struct ipv6_pinfo *np; 155 struct ipv6_pinfo *np;
155 sk_buff_data_t saveip, savesctp; 156 sk_buff_data_t saveip, savesctp;
156 int err; 157 int err;
158 struct net *net = dev_net(skb->dev);
157 159
158 idev = in6_dev_get(skb->dev); 160 idev = in6_dev_get(skb->dev);
159 161
@@ -162,12 +164,12 @@ SCTP_STATIC void sctp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
162 savesctp = skb->transport_header; 164 savesctp = skb->transport_header;
163 skb_reset_network_header(skb); 165 skb_reset_network_header(skb);
164 skb_set_transport_header(skb, offset); 166 skb_set_transport_header(skb, offset);
165 sk = sctp_err_lookup(AF_INET6, skb, sctp_hdr(skb), &asoc, &transport); 167 sk = sctp_err_lookup(net, AF_INET6, skb, sctp_hdr(skb), &asoc, &transport);
166 /* Put back, the original pointers. */ 168 /* Put back, the original pointers. */
167 skb->network_header = saveip; 169 skb->network_header = saveip;
168 skb->transport_header = savesctp; 170 skb->transport_header = savesctp;
169 if (!sk) { 171 if (!sk) {
170 ICMP6_INC_STATS_BH(dev_net(skb->dev), idev, ICMP6_MIB_INERRORS); 172 ICMP6_INC_STATS_BH(net, idev, ICMP6_MIB_INERRORS);
171 goto out; 173 goto out;
172 } 174 }
173 175
@@ -241,7 +243,7 @@ static int sctp_v6_xmit(struct sk_buff *skb, struct sctp_transport *transport)
241 __func__, skb, skb->len, 243 __func__, skb, skb->len,
242 &fl6.saddr, &fl6.daddr); 244 &fl6.saddr, &fl6.daddr);
243 245
244 SCTP_INC_STATS(SCTP_MIB_OUTSCTPPACKS); 246 SCTP_INC_STATS(sock_net(sk), SCTP_MIB_OUTSCTPPACKS);
245 247
246 if (!(transport->param_flags & SPP_PMTUD_ENABLE)) 248 if (!(transport->param_flags & SPP_PMTUD_ENABLE))
247 skb->local_df = 1; 249 skb->local_df = 1;
@@ -580,7 +582,7 @@ static int sctp_v6_available(union sctp_addr *addr, struct sctp_sock *sp)
580 if (!(type & IPV6_ADDR_UNICAST)) 582 if (!(type & IPV6_ADDR_UNICAST))
581 return 0; 583 return 0;
582 584
583 return ipv6_chk_addr(&init_net, in6, NULL, 0); 585 return ipv6_chk_addr(sock_net(&sp->inet.sk), in6, NULL, 0);
584} 586}
585 587
586/* This function checks if the address is a valid address to be used for 588/* This function checks if the address is a valid address to be used for
@@ -857,14 +859,14 @@ static int sctp_inet6_bind_verify(struct sctp_sock *opt, union sctp_addr *addr)
857 struct net_device *dev; 859 struct net_device *dev;
858 860
859 if (type & IPV6_ADDR_LINKLOCAL) { 861 if (type & IPV6_ADDR_LINKLOCAL) {
862 struct net *net;
860 if (!addr->v6.sin6_scope_id) 863 if (!addr->v6.sin6_scope_id)
861 return 0; 864 return 0;
865 net = sock_net(&opt->inet.sk);
862 rcu_read_lock(); 866 rcu_read_lock();
863 dev = dev_get_by_index_rcu(&init_net, 867 dev = dev_get_by_index_rcu(net, addr->v6.sin6_scope_id);
864 addr->v6.sin6_scope_id);
865 if (!dev || 868 if (!dev ||
866 !ipv6_chk_addr(&init_net, &addr->v6.sin6_addr, 869 !ipv6_chk_addr(net, &addr->v6.sin6_addr, dev, 0)) {
867 dev, 0)) {
868 rcu_read_unlock(); 870 rcu_read_unlock();
869 return 0; 871 return 0;
870 } 872 }
@@ -897,7 +899,7 @@ static int sctp_inet6_send_verify(struct sctp_sock *opt, union sctp_addr *addr)
897 if (!addr->v6.sin6_scope_id) 899 if (!addr->v6.sin6_scope_id)
898 return 0; 900 return 0;
899 rcu_read_lock(); 901 rcu_read_lock();
900 dev = dev_get_by_index_rcu(&init_net, 902 dev = dev_get_by_index_rcu(sock_net(&opt->inet.sk),
901 addr->v6.sin6_scope_id); 903 addr->v6.sin6_scope_id);
902 rcu_read_unlock(); 904 rcu_read_unlock();
903 if (!dev) 905 if (!dev)
diff --git a/net/sctp/objcnt.c b/net/sctp/objcnt.c
index 8ef8e7d9eb61..fe012c44f8df 100644
--- a/net/sctp/objcnt.c
+++ b/net/sctp/objcnt.c
@@ -129,20 +129,20 @@ static const struct file_operations sctp_objcnt_ops = {
129}; 129};
130 130
131/* Initialize the objcount in the proc filesystem. */ 131/* Initialize the objcount in the proc filesystem. */
132void sctp_dbg_objcnt_init(void) 132void sctp_dbg_objcnt_init(struct net *net)
133{ 133{
134 struct proc_dir_entry *ent; 134 struct proc_dir_entry *ent;
135 135
136 ent = proc_create("sctp_dbg_objcnt", 0, 136 ent = proc_create("sctp_dbg_objcnt", 0,
137 proc_net_sctp, &sctp_objcnt_ops); 137 net->sctp.proc_net_sctp, &sctp_objcnt_ops);
138 if (!ent) 138 if (!ent)
139 pr_warn("sctp_dbg_objcnt: Unable to create /proc entry.\n"); 139 pr_warn("sctp_dbg_objcnt: Unable to create /proc entry.\n");
140} 140}
141 141
142/* Cleanup the objcount entry in the proc filesystem. */ 142/* Cleanup the objcount entry in the proc filesystem. */
143void sctp_dbg_objcnt_exit(void) 143void sctp_dbg_objcnt_exit(struct net *net)
144{ 144{
145 remove_proc_entry("sctp_dbg_objcnt", proc_net_sctp); 145 remove_proc_entry("sctp_dbg_objcnt", net->sctp.proc_net_sctp);
146} 146}
147 147
148 148
diff --git a/net/sctp/output.c b/net/sctp/output.c
index be50aa234dcd..4e90188bf489 100644
--- a/net/sctp/output.c
+++ b/net/sctp/output.c
@@ -616,7 +616,7 @@ out:
616 return err; 616 return err;
617no_route: 617no_route:
618 kfree_skb(nskb); 618 kfree_skb(nskb);
619 IP_INC_STATS_BH(&init_net, IPSTATS_MIB_OUTNOROUTES); 619 IP_INC_STATS_BH(sock_net(asoc->base.sk), IPSTATS_MIB_OUTNOROUTES);
620 620
621 /* FIXME: Returning the 'err' will effect all the associations 621 /* FIXME: Returning the 'err' will effect all the associations
622 * associated with a socket, although only one of the paths of the 622 * associated with a socket, although only one of the paths of the
diff --git a/net/sctp/outqueue.c b/net/sctp/outqueue.c
index e7aa177c9522..d16632e1503a 100644
--- a/net/sctp/outqueue.c
+++ b/net/sctp/outqueue.c
@@ -299,6 +299,7 @@ void sctp_outq_free(struct sctp_outq *q)
299/* Put a new chunk in an sctp_outq. */ 299/* Put a new chunk in an sctp_outq. */
300int sctp_outq_tail(struct sctp_outq *q, struct sctp_chunk *chunk) 300int sctp_outq_tail(struct sctp_outq *q, struct sctp_chunk *chunk)
301{ 301{
302 struct net *net = sock_net(q->asoc->base.sk);
302 int error = 0; 303 int error = 0;
303 304
304 SCTP_DEBUG_PRINTK("sctp_outq_tail(%p, %p[%s])\n", 305 SCTP_DEBUG_PRINTK("sctp_outq_tail(%p, %p[%s])\n",
@@ -337,15 +338,15 @@ int sctp_outq_tail(struct sctp_outq *q, struct sctp_chunk *chunk)
337 338
338 sctp_outq_tail_data(q, chunk); 339 sctp_outq_tail_data(q, chunk);
339 if (chunk->chunk_hdr->flags & SCTP_DATA_UNORDERED) 340 if (chunk->chunk_hdr->flags & SCTP_DATA_UNORDERED)
340 SCTP_INC_STATS(SCTP_MIB_OUTUNORDERCHUNKS); 341 SCTP_INC_STATS(net, SCTP_MIB_OUTUNORDERCHUNKS);
341 else 342 else
342 SCTP_INC_STATS(SCTP_MIB_OUTORDERCHUNKS); 343 SCTP_INC_STATS(net, SCTP_MIB_OUTORDERCHUNKS);
343 q->empty = 0; 344 q->empty = 0;
344 break; 345 break;
345 } 346 }
346 } else { 347 } else {
347 list_add_tail(&chunk->list, &q->control_chunk_list); 348 list_add_tail(&chunk->list, &q->control_chunk_list);
348 SCTP_INC_STATS(SCTP_MIB_OUTCTRLCHUNKS); 349 SCTP_INC_STATS(net, SCTP_MIB_OUTCTRLCHUNKS);
349 } 350 }
350 351
351 if (error < 0) 352 if (error < 0)
@@ -478,11 +479,12 @@ void sctp_retransmit_mark(struct sctp_outq *q,
478void sctp_retransmit(struct sctp_outq *q, struct sctp_transport *transport, 479void sctp_retransmit(struct sctp_outq *q, struct sctp_transport *transport,
479 sctp_retransmit_reason_t reason) 480 sctp_retransmit_reason_t reason)
480{ 481{
482 struct net *net = sock_net(q->asoc->base.sk);
481 int error = 0; 483 int error = 0;
482 484
483 switch(reason) { 485 switch(reason) {
484 case SCTP_RTXR_T3_RTX: 486 case SCTP_RTXR_T3_RTX:
485 SCTP_INC_STATS(SCTP_MIB_T3_RETRANSMITS); 487 SCTP_INC_STATS(net, SCTP_MIB_T3_RETRANSMITS);
486 sctp_transport_lower_cwnd(transport, SCTP_LOWER_CWND_T3_RTX); 488 sctp_transport_lower_cwnd(transport, SCTP_LOWER_CWND_T3_RTX);
487 /* Update the retran path if the T3-rtx timer has expired for 489 /* Update the retran path if the T3-rtx timer has expired for
488 * the current retran path. 490 * the current retran path.
@@ -493,15 +495,15 @@ void sctp_retransmit(struct sctp_outq *q, struct sctp_transport *transport,
493 transport->asoc->unack_data; 495 transport->asoc->unack_data;
494 break; 496 break;
495 case SCTP_RTXR_FAST_RTX: 497 case SCTP_RTXR_FAST_RTX:
496 SCTP_INC_STATS(SCTP_MIB_FAST_RETRANSMITS); 498 SCTP_INC_STATS(net, SCTP_MIB_FAST_RETRANSMITS);
497 sctp_transport_lower_cwnd(transport, SCTP_LOWER_CWND_FAST_RTX); 499 sctp_transport_lower_cwnd(transport, SCTP_LOWER_CWND_FAST_RTX);
498 q->fast_rtx = 1; 500 q->fast_rtx = 1;
499 break; 501 break;
500 case SCTP_RTXR_PMTUD: 502 case SCTP_RTXR_PMTUD:
501 SCTP_INC_STATS(SCTP_MIB_PMTUD_RETRANSMITS); 503 SCTP_INC_STATS(net, SCTP_MIB_PMTUD_RETRANSMITS);
502 break; 504 break;
503 case SCTP_RTXR_T1_RTX: 505 case SCTP_RTXR_T1_RTX:
504 SCTP_INC_STATS(SCTP_MIB_T1_RETRANSMITS); 506 SCTP_INC_STATS(net, SCTP_MIB_T1_RETRANSMITS);
505 transport->asoc->init_retries++; 507 transport->asoc->init_retries++;
506 break; 508 break;
507 default: 509 default:
@@ -589,9 +591,8 @@ static int sctp_outq_flush_rtx(struct sctp_outq *q, struct sctp_packet *pkt,
589 * next chunk. 591 * next chunk.
590 */ 592 */
591 if (chunk->tsn_gap_acked) { 593 if (chunk->tsn_gap_acked) {
592 list_del(&chunk->transmitted_list); 594 list_move_tail(&chunk->transmitted_list,
593 list_add_tail(&chunk->transmitted_list, 595 &transport->transmitted);
594 &transport->transmitted);
595 continue; 596 continue;
596 } 597 }
597 598
@@ -655,9 +656,8 @@ redo:
655 /* The append was successful, so add this chunk to 656 /* The append was successful, so add this chunk to
656 * the transmitted list. 657 * the transmitted list.
657 */ 658 */
658 list_del(&chunk->transmitted_list); 659 list_move_tail(&chunk->transmitted_list,
659 list_add_tail(&chunk->transmitted_list, 660 &transport->transmitted);
660 &transport->transmitted);
661 661
662 /* Mark the chunk as ineligible for fast retransmit 662 /* Mark the chunk as ineligible for fast retransmit
663 * after it is retransmitted. 663 * after it is retransmitted.
@@ -1914,6 +1914,6 @@ static void sctp_generate_fwdtsn(struct sctp_outq *q, __u32 ctsn)
1914 1914
1915 if (ftsn_chunk) { 1915 if (ftsn_chunk) {
1916 list_add_tail(&ftsn_chunk->list, &q->control_chunk_list); 1916 list_add_tail(&ftsn_chunk->list, &q->control_chunk_list);
1917 SCTP_INC_STATS(SCTP_MIB_OUTCTRLCHUNKS); 1917 SCTP_INC_STATS(sock_net(asoc->base.sk), SCTP_MIB_OUTCTRLCHUNKS);
1918 } 1918 }
1919} 1919}
diff --git a/net/sctp/primitive.c b/net/sctp/primitive.c
index 534c7eae9d15..794bb14decde 100644
--- a/net/sctp/primitive.c
+++ b/net/sctp/primitive.c
@@ -57,7 +57,7 @@
57 57
58#define DECLARE_PRIMITIVE(name) \ 58#define DECLARE_PRIMITIVE(name) \
59/* This is called in the code as sctp_primitive_ ## name. */ \ 59/* This is called in the code as sctp_primitive_ ## name. */ \
60int sctp_primitive_ ## name(struct sctp_association *asoc, \ 60int sctp_primitive_ ## name(struct net *net, struct sctp_association *asoc, \
61 void *arg) { \ 61 void *arg) { \
62 int error = 0; \ 62 int error = 0; \
63 sctp_event_t event_type; sctp_subtype_t subtype; \ 63 sctp_event_t event_type; sctp_subtype_t subtype; \
@@ -69,7 +69,7 @@ int sctp_primitive_ ## name(struct sctp_association *asoc, \
69 state = asoc ? asoc->state : SCTP_STATE_CLOSED; \ 69 state = asoc ? asoc->state : SCTP_STATE_CLOSED; \
70 ep = asoc ? asoc->ep : NULL; \ 70 ep = asoc ? asoc->ep : NULL; \
71 \ 71 \
72 error = sctp_do_sm(event_type, subtype, state, ep, asoc, \ 72 error = sctp_do_sm(net, event_type, subtype, state, ep, asoc, \
73 arg, GFP_KERNEL); \ 73 arg, GFP_KERNEL); \
74 return error; \ 74 return error; \
75} 75}
diff --git a/net/sctp/proc.c b/net/sctp/proc.c
index dc12febc977a..c3bea269faf4 100644
--- a/net/sctp/proc.c
+++ b/net/sctp/proc.c
@@ -80,11 +80,12 @@ static const struct snmp_mib sctp_snmp_list[] = {
80/* Display sctp snmp mib statistics(/proc/net/sctp/snmp). */ 80/* Display sctp snmp mib statistics(/proc/net/sctp/snmp). */
81static int sctp_snmp_seq_show(struct seq_file *seq, void *v) 81static int sctp_snmp_seq_show(struct seq_file *seq, void *v)
82{ 82{
83 struct net *net = seq->private;
83 int i; 84 int i;
84 85
85 for (i = 0; sctp_snmp_list[i].name != NULL; i++) 86 for (i = 0; sctp_snmp_list[i].name != NULL; i++)
86 seq_printf(seq, "%-32s\t%ld\n", sctp_snmp_list[i].name, 87 seq_printf(seq, "%-32s\t%ld\n", sctp_snmp_list[i].name,
87 snmp_fold_field((void __percpu **)sctp_statistics, 88 snmp_fold_field((void __percpu **)net->sctp.sctp_statistics,
88 sctp_snmp_list[i].entry)); 89 sctp_snmp_list[i].entry));
89 90
90 return 0; 91 return 0;
@@ -93,7 +94,7 @@ static int sctp_snmp_seq_show(struct seq_file *seq, void *v)
93/* Initialize the seq file operations for 'snmp' object. */ 94/* Initialize the seq file operations for 'snmp' object. */
94static int sctp_snmp_seq_open(struct inode *inode, struct file *file) 95static int sctp_snmp_seq_open(struct inode *inode, struct file *file)
95{ 96{
96 return single_open(file, sctp_snmp_seq_show, NULL); 97 return single_open_net(inode, file, sctp_snmp_seq_show);
97} 98}
98 99
99static const struct file_operations sctp_snmp_seq_fops = { 100static const struct file_operations sctp_snmp_seq_fops = {
@@ -105,11 +106,12 @@ static const struct file_operations sctp_snmp_seq_fops = {
105}; 106};
106 107
107/* Set up the proc fs entry for 'snmp' object. */ 108/* Set up the proc fs entry for 'snmp' object. */
108int __init sctp_snmp_proc_init(void) 109int __net_init sctp_snmp_proc_init(struct net *net)
109{ 110{
110 struct proc_dir_entry *p; 111 struct proc_dir_entry *p;
111 112
112 p = proc_create("snmp", S_IRUGO, proc_net_sctp, &sctp_snmp_seq_fops); 113 p = proc_create("snmp", S_IRUGO, net->sctp.proc_net_sctp,
114 &sctp_snmp_seq_fops);
113 if (!p) 115 if (!p)
114 return -ENOMEM; 116 return -ENOMEM;
115 117
@@ -117,9 +119,9 @@ int __init sctp_snmp_proc_init(void)
117} 119}
118 120
119/* Cleanup the proc fs entry for 'snmp' object. */ 121/* Cleanup the proc fs entry for 'snmp' object. */
120void sctp_snmp_proc_exit(void) 122void sctp_snmp_proc_exit(struct net *net)
121{ 123{
122 remove_proc_entry("snmp", proc_net_sctp); 124 remove_proc_entry("snmp", net->sctp.proc_net_sctp);
123} 125}
124 126
125/* Dump local addresses of an association/endpoint. */ 127/* Dump local addresses of an association/endpoint. */
@@ -213,6 +215,8 @@ static int sctp_eps_seq_show(struct seq_file *seq, void *v)
213 sctp_for_each_hentry(epb, node, &head->chain) { 215 sctp_for_each_hentry(epb, node, &head->chain) {
214 ep = sctp_ep(epb); 216 ep = sctp_ep(epb);
215 sk = epb->sk; 217 sk = epb->sk;
218 if (!net_eq(sock_net(sk), seq_file_net(seq)))
219 continue;
216 seq_printf(seq, "%8pK %8pK %-3d %-3d %-4d %-5d %5d %5lu ", ep, sk, 220 seq_printf(seq, "%8pK %8pK %-3d %-3d %-4d %-5d %5d %5lu ", ep, sk,
217 sctp_sk(sk)->type, sk->sk_state, hash, 221 sctp_sk(sk)->type, sk->sk_state, hash,
218 epb->bind_addr.port, 222 epb->bind_addr.port,
@@ -239,7 +243,8 @@ static const struct seq_operations sctp_eps_ops = {
239/* Initialize the seq file operations for 'eps' object. */ 243/* Initialize the seq file operations for 'eps' object. */
240static int sctp_eps_seq_open(struct inode *inode, struct file *file) 244static int sctp_eps_seq_open(struct inode *inode, struct file *file)
241{ 245{
242 return seq_open(file, &sctp_eps_ops); 246 return seq_open_net(inode, file, &sctp_eps_ops,
247 sizeof(struct seq_net_private));
243} 248}
244 249
245static const struct file_operations sctp_eps_seq_fops = { 250static const struct file_operations sctp_eps_seq_fops = {
@@ -250,11 +255,12 @@ static const struct file_operations sctp_eps_seq_fops = {
250}; 255};
251 256
252/* Set up the proc fs entry for 'eps' object. */ 257/* Set up the proc fs entry for 'eps' object. */
253int __init sctp_eps_proc_init(void) 258int __net_init sctp_eps_proc_init(struct net *net)
254{ 259{
255 struct proc_dir_entry *p; 260 struct proc_dir_entry *p;
256 261
257 p = proc_create("eps", S_IRUGO, proc_net_sctp, &sctp_eps_seq_fops); 262 p = proc_create("eps", S_IRUGO, net->sctp.proc_net_sctp,
263 &sctp_eps_seq_fops);
258 if (!p) 264 if (!p)
259 return -ENOMEM; 265 return -ENOMEM;
260 266
@@ -262,9 +268,9 @@ int __init sctp_eps_proc_init(void)
262} 268}
263 269
264/* Cleanup the proc fs entry for 'eps' object. */ 270/* Cleanup the proc fs entry for 'eps' object. */
265void sctp_eps_proc_exit(void) 271void sctp_eps_proc_exit(struct net *net)
266{ 272{
267 remove_proc_entry("eps", proc_net_sctp); 273 remove_proc_entry("eps", net->sctp.proc_net_sctp);
268} 274}
269 275
270 276
@@ -317,6 +323,8 @@ static int sctp_assocs_seq_show(struct seq_file *seq, void *v)
317 sctp_for_each_hentry(epb, node, &head->chain) { 323 sctp_for_each_hentry(epb, node, &head->chain) {
318 assoc = sctp_assoc(epb); 324 assoc = sctp_assoc(epb);
319 sk = epb->sk; 325 sk = epb->sk;
326 if (!net_eq(sock_net(sk), seq_file_net(seq)))
327 continue;
320 seq_printf(seq, 328 seq_printf(seq,
321 "%8pK %8pK %-3d %-3d %-2d %-4d " 329 "%8pK %8pK %-3d %-3d %-2d %-4d "
322 "%4d %8d %8d %7d %5lu %-5d %5d ", 330 "%4d %8d %8d %7d %5lu %-5d %5d ",
@@ -356,7 +364,8 @@ static const struct seq_operations sctp_assoc_ops = {
356/* Initialize the seq file operations for 'assocs' object. */ 364/* Initialize the seq file operations for 'assocs' object. */
357static int sctp_assocs_seq_open(struct inode *inode, struct file *file) 365static int sctp_assocs_seq_open(struct inode *inode, struct file *file)
358{ 366{
359 return seq_open(file, &sctp_assoc_ops); 367 return seq_open_net(inode, file, &sctp_assoc_ops,
368 sizeof(struct seq_net_private));
360} 369}
361 370
362static const struct file_operations sctp_assocs_seq_fops = { 371static const struct file_operations sctp_assocs_seq_fops = {
@@ -367,11 +376,11 @@ static const struct file_operations sctp_assocs_seq_fops = {
367}; 376};
368 377
369/* Set up the proc fs entry for 'assocs' object. */ 378/* Set up the proc fs entry for 'assocs' object. */
370int __init sctp_assocs_proc_init(void) 379int __net_init sctp_assocs_proc_init(struct net *net)
371{ 380{
372 struct proc_dir_entry *p; 381 struct proc_dir_entry *p;
373 382
374 p = proc_create("assocs", S_IRUGO, proc_net_sctp, 383 p = proc_create("assocs", S_IRUGO, net->sctp.proc_net_sctp,
375 &sctp_assocs_seq_fops); 384 &sctp_assocs_seq_fops);
376 if (!p) 385 if (!p)
377 return -ENOMEM; 386 return -ENOMEM;
@@ -380,9 +389,9 @@ int __init sctp_assocs_proc_init(void)
380} 389}
381 390
382/* Cleanup the proc fs entry for 'assocs' object. */ 391/* Cleanup the proc fs entry for 'assocs' object. */
383void sctp_assocs_proc_exit(void) 392void sctp_assocs_proc_exit(struct net *net)
384{ 393{
385 remove_proc_entry("assocs", proc_net_sctp); 394 remove_proc_entry("assocs", net->sctp.proc_net_sctp);
386} 395}
387 396
388static void *sctp_remaddr_seq_start(struct seq_file *seq, loff_t *pos) 397static void *sctp_remaddr_seq_start(struct seq_file *seq, loff_t *pos)
@@ -428,6 +437,8 @@ static int sctp_remaddr_seq_show(struct seq_file *seq, void *v)
428 sctp_local_bh_disable(); 437 sctp_local_bh_disable();
429 read_lock(&head->lock); 438 read_lock(&head->lock);
430 sctp_for_each_hentry(epb, node, &head->chain) { 439 sctp_for_each_hentry(epb, node, &head->chain) {
440 if (!net_eq(sock_net(epb->sk), seq_file_net(seq)))
441 continue;
431 assoc = sctp_assoc(epb); 442 assoc = sctp_assoc(epb);
432 list_for_each_entry(tsp, &assoc->peer.transport_addr_list, 443 list_for_each_entry(tsp, &assoc->peer.transport_addr_list,
433 transports) { 444 transports) {
@@ -491,14 +502,15 @@ static const struct seq_operations sctp_remaddr_ops = {
491}; 502};
492 503
493/* Cleanup the proc fs entry for 'remaddr' object. */ 504/* Cleanup the proc fs entry for 'remaddr' object. */
494void sctp_remaddr_proc_exit(void) 505void sctp_remaddr_proc_exit(struct net *net)
495{ 506{
496 remove_proc_entry("remaddr", proc_net_sctp); 507 remove_proc_entry("remaddr", net->sctp.proc_net_sctp);
497} 508}
498 509
499static int sctp_remaddr_seq_open(struct inode *inode, struct file *file) 510static int sctp_remaddr_seq_open(struct inode *inode, struct file *file)
500{ 511{
501 return seq_open(file, &sctp_remaddr_ops); 512 return seq_open_net(inode, file, &sctp_remaddr_ops,
513 sizeof(struct seq_net_private));
502} 514}
503 515
504static const struct file_operations sctp_remaddr_seq_fops = { 516static const struct file_operations sctp_remaddr_seq_fops = {
@@ -508,11 +520,12 @@ static const struct file_operations sctp_remaddr_seq_fops = {
508 .release = seq_release, 520 .release = seq_release,
509}; 521};
510 522
511int __init sctp_remaddr_proc_init(void) 523int __net_init sctp_remaddr_proc_init(struct net *net)
512{ 524{
513 struct proc_dir_entry *p; 525 struct proc_dir_entry *p;
514 526
515 p = proc_create("remaddr", S_IRUGO, proc_net_sctp, &sctp_remaddr_seq_fops); 527 p = proc_create("remaddr", S_IRUGO, net->sctp.proc_net_sctp,
528 &sctp_remaddr_seq_fops);
516 if (!p) 529 if (!p)
517 return -ENOMEM; 530 return -ENOMEM;
518 return 0; 531 return 0;
diff --git a/net/sctp/protocol.c b/net/sctp/protocol.c
index 1f89c4e69645..2d518425d598 100644
--- a/net/sctp/protocol.c
+++ b/net/sctp/protocol.c
@@ -69,21 +69,10 @@
69 69
70/* Global data structures. */ 70/* Global data structures. */
71struct sctp_globals sctp_globals __read_mostly; 71struct sctp_globals sctp_globals __read_mostly;
72DEFINE_SNMP_STAT(struct sctp_mib, sctp_statistics) __read_mostly;
73
74#ifdef CONFIG_PROC_FS
75struct proc_dir_entry *proc_net_sctp;
76#endif
77 72
78struct idr sctp_assocs_id; 73struct idr sctp_assocs_id;
79DEFINE_SPINLOCK(sctp_assocs_id_lock); 74DEFINE_SPINLOCK(sctp_assocs_id_lock);
80 75
81/* This is the global socket data structure used for responding to
82 * the Out-of-the-blue (OOTB) packets. A control sock will be created
83 * for this socket at the initialization time.
84 */
85static struct sock *sctp_ctl_sock;
86
87static struct sctp_pf *sctp_pf_inet6_specific; 76static struct sctp_pf *sctp_pf_inet6_specific;
88static struct sctp_pf *sctp_pf_inet_specific; 77static struct sctp_pf *sctp_pf_inet_specific;
89static struct sctp_af *sctp_af_v4_specific; 78static struct sctp_af *sctp_af_v4_specific;
@@ -96,74 +85,54 @@ long sysctl_sctp_mem[3];
96int sysctl_sctp_rmem[3]; 85int sysctl_sctp_rmem[3];
97int sysctl_sctp_wmem[3]; 86int sysctl_sctp_wmem[3];
98 87
99/* Return the address of the control sock. */
100struct sock *sctp_get_ctl_sock(void)
101{
102 return sctp_ctl_sock;
103}
104
105/* Set up the proc fs entry for the SCTP protocol. */ 88/* Set up the proc fs entry for the SCTP protocol. */
106static __init int sctp_proc_init(void) 89static __net_init int sctp_proc_init(struct net *net)
107{ 90{
108 if (percpu_counter_init(&sctp_sockets_allocated, 0))
109 goto out_nomem;
110#ifdef CONFIG_PROC_FS 91#ifdef CONFIG_PROC_FS
111 if (!proc_net_sctp) { 92 net->sctp.proc_net_sctp = proc_net_mkdir(net, "sctp", net->proc_net);
112 proc_net_sctp = proc_mkdir("sctp", init_net.proc_net); 93 if (!net->sctp.proc_net_sctp)
113 if (!proc_net_sctp) 94 goto out_proc_net_sctp;
114 goto out_free_percpu; 95 if (sctp_snmp_proc_init(net))
115 }
116
117 if (sctp_snmp_proc_init())
118 goto out_snmp_proc_init; 96 goto out_snmp_proc_init;
119 if (sctp_eps_proc_init()) 97 if (sctp_eps_proc_init(net))
120 goto out_eps_proc_init; 98 goto out_eps_proc_init;
121 if (sctp_assocs_proc_init()) 99 if (sctp_assocs_proc_init(net))
122 goto out_assocs_proc_init; 100 goto out_assocs_proc_init;
123 if (sctp_remaddr_proc_init()) 101 if (sctp_remaddr_proc_init(net))
124 goto out_remaddr_proc_init; 102 goto out_remaddr_proc_init;
125 103
126 return 0; 104 return 0;
127 105
128out_remaddr_proc_init: 106out_remaddr_proc_init:
129 sctp_assocs_proc_exit(); 107 sctp_assocs_proc_exit(net);
130out_assocs_proc_init: 108out_assocs_proc_init:
131 sctp_eps_proc_exit(); 109 sctp_eps_proc_exit(net);
132out_eps_proc_init: 110out_eps_proc_init:
133 sctp_snmp_proc_exit(); 111 sctp_snmp_proc_exit(net);
134out_snmp_proc_init: 112out_snmp_proc_init:
135 if (proc_net_sctp) { 113 remove_proc_entry("sctp", net->proc_net);
136 proc_net_sctp = NULL; 114 net->sctp.proc_net_sctp = NULL;
137 remove_proc_entry("sctp", init_net.proc_net); 115out_proc_net_sctp:
138 }
139out_free_percpu:
140 percpu_counter_destroy(&sctp_sockets_allocated);
141#else
142 return 0;
143#endif /* CONFIG_PROC_FS */
144
145out_nomem:
146 return -ENOMEM; 116 return -ENOMEM;
117#endif /* CONFIG_PROC_FS */
118 return 0;
147} 119}
148 120
149/* Clean up the proc fs entry for the SCTP protocol. 121/* Clean up the proc fs entry for the SCTP protocol.
150 * Note: Do not make this __exit as it is used in the init error 122 * Note: Do not make this __exit as it is used in the init error
151 * path. 123 * path.
152 */ 124 */
153static void sctp_proc_exit(void) 125static void sctp_proc_exit(struct net *net)
154{ 126{
155#ifdef CONFIG_PROC_FS 127#ifdef CONFIG_PROC_FS
156 sctp_snmp_proc_exit(); 128 sctp_snmp_proc_exit(net);
157 sctp_eps_proc_exit(); 129 sctp_eps_proc_exit(net);
158 sctp_assocs_proc_exit(); 130 sctp_assocs_proc_exit(net);
159 sctp_remaddr_proc_exit(); 131 sctp_remaddr_proc_exit(net);
160 132
161 if (proc_net_sctp) { 133 remove_proc_entry("sctp", net->proc_net);
162 proc_net_sctp = NULL; 134 net->sctp.proc_net_sctp = NULL;
163 remove_proc_entry("sctp", init_net.proc_net);
164 }
165#endif 135#endif
166 percpu_counter_destroy(&sctp_sockets_allocated);
167} 136}
168 137
169/* Private helper to extract ipv4 address and stash them in 138/* Private helper to extract ipv4 address and stash them in
@@ -201,29 +170,29 @@ static void sctp_v4_copy_addrlist(struct list_head *addrlist,
201/* Extract our IP addresses from the system and stash them in the 170/* Extract our IP addresses from the system and stash them in the
202 * protocol structure. 171 * protocol structure.
203 */ 172 */
204static void sctp_get_local_addr_list(void) 173static void sctp_get_local_addr_list(struct net *net)
205{ 174{
206 struct net_device *dev; 175 struct net_device *dev;
207 struct list_head *pos; 176 struct list_head *pos;
208 struct sctp_af *af; 177 struct sctp_af *af;
209 178
210 rcu_read_lock(); 179 rcu_read_lock();
211 for_each_netdev_rcu(&init_net, dev) { 180 for_each_netdev_rcu(net, dev) {
212 __list_for_each(pos, &sctp_address_families) { 181 __list_for_each(pos, &sctp_address_families) {
213 af = list_entry(pos, struct sctp_af, list); 182 af = list_entry(pos, struct sctp_af, list);
214 af->copy_addrlist(&sctp_local_addr_list, dev); 183 af->copy_addrlist(&net->sctp.local_addr_list, dev);
215 } 184 }
216 } 185 }
217 rcu_read_unlock(); 186 rcu_read_unlock();
218} 187}
219 188
220/* Free the existing local addresses. */ 189/* Free the existing local addresses. */
221static void sctp_free_local_addr_list(void) 190static void sctp_free_local_addr_list(struct net *net)
222{ 191{
223 struct sctp_sockaddr_entry *addr; 192 struct sctp_sockaddr_entry *addr;
224 struct list_head *pos, *temp; 193 struct list_head *pos, *temp;
225 194
226 list_for_each_safe(pos, temp, &sctp_local_addr_list) { 195 list_for_each_safe(pos, temp, &net->sctp.local_addr_list) {
227 addr = list_entry(pos, struct sctp_sockaddr_entry, list); 196 addr = list_entry(pos, struct sctp_sockaddr_entry, list);
228 list_del(pos); 197 list_del(pos);
229 kfree(addr); 198 kfree(addr);
@@ -231,17 +200,17 @@ static void sctp_free_local_addr_list(void)
231} 200}
232 201
233/* Copy the local addresses which are valid for 'scope' into 'bp'. */ 202/* Copy the local addresses which are valid for 'scope' into 'bp'. */
234int sctp_copy_local_addr_list(struct sctp_bind_addr *bp, sctp_scope_t scope, 203int sctp_copy_local_addr_list(struct net *net, struct sctp_bind_addr *bp,
235 gfp_t gfp, int copy_flags) 204 sctp_scope_t scope, gfp_t gfp, int copy_flags)
236{ 205{
237 struct sctp_sockaddr_entry *addr; 206 struct sctp_sockaddr_entry *addr;
238 int error = 0; 207 int error = 0;
239 208
240 rcu_read_lock(); 209 rcu_read_lock();
241 list_for_each_entry_rcu(addr, &sctp_local_addr_list, list) { 210 list_for_each_entry_rcu(addr, &net->sctp.local_addr_list, list) {
242 if (!addr->valid) 211 if (!addr->valid)
243 continue; 212 continue;
244 if (sctp_in_scope(&addr->a, scope)) { 213 if (sctp_in_scope(net, &addr->a, scope)) {
245 /* Now that the address is in scope, check to see if 214 /* Now that the address is in scope, check to see if
246 * the address type is really supported by the local 215 * the address type is really supported by the local
247 * sock as well as the remote peer. 216 * sock as well as the remote peer.
@@ -397,7 +366,8 @@ static int sctp_v4_addr_valid(union sctp_addr *addr,
397/* Should this be available for binding? */ 366/* Should this be available for binding? */
398static int sctp_v4_available(union sctp_addr *addr, struct sctp_sock *sp) 367static int sctp_v4_available(union sctp_addr *addr, struct sctp_sock *sp)
399{ 368{
400 int ret = inet_addr_type(&init_net, addr->v4.sin_addr.s_addr); 369 struct net *net = sock_net(&sp->inet.sk);
370 int ret = inet_addr_type(net, addr->v4.sin_addr.s_addr);
401 371
402 372
403 if (addr->v4.sin_addr.s_addr != htonl(INADDR_ANY) && 373 if (addr->v4.sin_addr.s_addr != htonl(INADDR_ANY) &&
@@ -484,7 +454,7 @@ static void sctp_v4_get_dst(struct sctp_transport *t, union sctp_addr *saddr,
484 SCTP_DEBUG_PRINTK("%s: DST:%pI4, SRC:%pI4 - ", 454 SCTP_DEBUG_PRINTK("%s: DST:%pI4, SRC:%pI4 - ",
485 __func__, &fl4->daddr, &fl4->saddr); 455 __func__, &fl4->daddr, &fl4->saddr);
486 456
487 rt = ip_route_output_key(&init_net, fl4); 457 rt = ip_route_output_key(sock_net(sk), fl4);
488 if (!IS_ERR(rt)) 458 if (!IS_ERR(rt))
489 dst = &rt->dst; 459 dst = &rt->dst;
490 460
@@ -530,7 +500,7 @@ static void sctp_v4_get_dst(struct sctp_transport *t, union sctp_addr *saddr,
530 (AF_INET == laddr->a.sa.sa_family)) { 500 (AF_INET == laddr->a.sa.sa_family)) {
531 fl4->saddr = laddr->a.v4.sin_addr.s_addr; 501 fl4->saddr = laddr->a.v4.sin_addr.s_addr;
532 fl4->fl4_sport = laddr->a.v4.sin_port; 502 fl4->fl4_sport = laddr->a.v4.sin_port;
533 rt = ip_route_output_key(&init_net, fl4); 503 rt = ip_route_output_key(sock_net(sk), fl4);
534 if (!IS_ERR(rt)) { 504 if (!IS_ERR(rt)) {
535 dst = &rt->dst; 505 dst = &rt->dst;
536 goto out_unlock; 506 goto out_unlock;
@@ -627,14 +597,15 @@ static void sctp_v4_ecn_capable(struct sock *sk)
627 597
628void sctp_addr_wq_timeout_handler(unsigned long arg) 598void sctp_addr_wq_timeout_handler(unsigned long arg)
629{ 599{
600 struct net *net = (struct net *)arg;
630 struct sctp_sockaddr_entry *addrw, *temp; 601 struct sctp_sockaddr_entry *addrw, *temp;
631 struct sctp_sock *sp; 602 struct sctp_sock *sp;
632 603
633 spin_lock_bh(&sctp_addr_wq_lock); 604 spin_lock_bh(&net->sctp.addr_wq_lock);
634 605
635 list_for_each_entry_safe(addrw, temp, &sctp_addr_waitq, list) { 606 list_for_each_entry_safe(addrw, temp, &net->sctp.addr_waitq, list) {
636 SCTP_DEBUG_PRINTK_IPADDR("sctp_addrwq_timo_handler: the first ent in wq %p is ", 607 SCTP_DEBUG_PRINTK_IPADDR("sctp_addrwq_timo_handler: the first ent in wq %p is ",
637 " for cmd %d at entry %p\n", &sctp_addr_waitq, &addrw->a, addrw->state, 608 " for cmd %d at entry %p\n", &net->sctp.addr_waitq, &addrw->a, addrw->state,
638 addrw); 609 addrw);
639 610
640#if IS_ENABLED(CONFIG_IPV6) 611#if IS_ENABLED(CONFIG_IPV6)
@@ -648,7 +619,7 @@ void sctp_addr_wq_timeout_handler(unsigned long arg)
648 goto free_next; 619 goto free_next;
649 620
650 in6 = (struct in6_addr *)&addrw->a.v6.sin6_addr; 621 in6 = (struct in6_addr *)&addrw->a.v6.sin6_addr;
651 if (ipv6_chk_addr(&init_net, in6, NULL, 0) == 0 && 622 if (ipv6_chk_addr(net, in6, NULL, 0) == 0 &&
652 addrw->state == SCTP_ADDR_NEW) { 623 addrw->state == SCTP_ADDR_NEW) {
653 unsigned long timeo_val; 624 unsigned long timeo_val;
654 625
@@ -656,12 +627,12 @@ void sctp_addr_wq_timeout_handler(unsigned long arg)
656 SCTP_ADDRESS_TICK_DELAY); 627 SCTP_ADDRESS_TICK_DELAY);
657 timeo_val = jiffies; 628 timeo_val = jiffies;
658 timeo_val += msecs_to_jiffies(SCTP_ADDRESS_TICK_DELAY); 629 timeo_val += msecs_to_jiffies(SCTP_ADDRESS_TICK_DELAY);
659 mod_timer(&sctp_addr_wq_timer, timeo_val); 630 mod_timer(&net->sctp.addr_wq_timer, timeo_val);
660 break; 631 break;
661 } 632 }
662 } 633 }
663#endif 634#endif
664 list_for_each_entry(sp, &sctp_auto_asconf_splist, auto_asconf_list) { 635 list_for_each_entry(sp, &net->sctp.auto_asconf_splist, auto_asconf_list) {
665 struct sock *sk; 636 struct sock *sk;
666 637
667 sk = sctp_opt2sk(sp); 638 sk = sctp_opt2sk(sp);
@@ -679,31 +650,32 @@ free_next:
679 list_del(&addrw->list); 650 list_del(&addrw->list);
680 kfree(addrw); 651 kfree(addrw);
681 } 652 }
682 spin_unlock_bh(&sctp_addr_wq_lock); 653 spin_unlock_bh(&net->sctp.addr_wq_lock);
683} 654}
684 655
685static void sctp_free_addr_wq(void) 656static void sctp_free_addr_wq(struct net *net)
686{ 657{
687 struct sctp_sockaddr_entry *addrw; 658 struct sctp_sockaddr_entry *addrw;
688 struct sctp_sockaddr_entry *temp; 659 struct sctp_sockaddr_entry *temp;
689 660
690 spin_lock_bh(&sctp_addr_wq_lock); 661 spin_lock_bh(&net->sctp.addr_wq_lock);
691 del_timer(&sctp_addr_wq_timer); 662 del_timer(&net->sctp.addr_wq_timer);
692 list_for_each_entry_safe(addrw, temp, &sctp_addr_waitq, list) { 663 list_for_each_entry_safe(addrw, temp, &net->sctp.addr_waitq, list) {
693 list_del(&addrw->list); 664 list_del(&addrw->list);
694 kfree(addrw); 665 kfree(addrw);
695 } 666 }
696 spin_unlock_bh(&sctp_addr_wq_lock); 667 spin_unlock_bh(&net->sctp.addr_wq_lock);
697} 668}
698 669
699/* lookup the entry for the same address in the addr_waitq 670/* lookup the entry for the same address in the addr_waitq
700 * sctp_addr_wq MUST be locked 671 * sctp_addr_wq MUST be locked
701 */ 672 */
702static struct sctp_sockaddr_entry *sctp_addr_wq_lookup(struct sctp_sockaddr_entry *addr) 673static struct sctp_sockaddr_entry *sctp_addr_wq_lookup(struct net *net,
674 struct sctp_sockaddr_entry *addr)
703{ 675{
704 struct sctp_sockaddr_entry *addrw; 676 struct sctp_sockaddr_entry *addrw;
705 677
706 list_for_each_entry(addrw, &sctp_addr_waitq, list) { 678 list_for_each_entry(addrw, &net->sctp.addr_waitq, list) {
707 if (addrw->a.sa.sa_family != addr->a.sa.sa_family) 679 if (addrw->a.sa.sa_family != addr->a.sa.sa_family)
708 continue; 680 continue;
709 if (addrw->a.sa.sa_family == AF_INET) { 681 if (addrw->a.sa.sa_family == AF_INET) {
@@ -719,7 +691,7 @@ static struct sctp_sockaddr_entry *sctp_addr_wq_lookup(struct sctp_sockaddr_entr
719 return NULL; 691 return NULL;
720} 692}
721 693
722void sctp_addr_wq_mgmt(struct sctp_sockaddr_entry *addr, int cmd) 694void sctp_addr_wq_mgmt(struct net *net, struct sctp_sockaddr_entry *addr, int cmd)
723{ 695{
724 struct sctp_sockaddr_entry *addrw; 696 struct sctp_sockaddr_entry *addrw;
725 unsigned long timeo_val; 697 unsigned long timeo_val;
@@ -730,38 +702,38 @@ void sctp_addr_wq_mgmt(struct sctp_sockaddr_entry *addr, int cmd)
730 * new address after a couple of addition and deletion of that address 702 * new address after a couple of addition and deletion of that address
731 */ 703 */
732 704
733 spin_lock_bh(&sctp_addr_wq_lock); 705 spin_lock_bh(&net->sctp.addr_wq_lock);
734 /* Offsets existing events in addr_wq */ 706 /* Offsets existing events in addr_wq */
735 addrw = sctp_addr_wq_lookup(addr); 707 addrw = sctp_addr_wq_lookup(net, addr);
736 if (addrw) { 708 if (addrw) {
737 if (addrw->state != cmd) { 709 if (addrw->state != cmd) {
738 SCTP_DEBUG_PRINTK_IPADDR("sctp_addr_wq_mgmt offsets existing entry for %d ", 710 SCTP_DEBUG_PRINTK_IPADDR("sctp_addr_wq_mgmt offsets existing entry for %d ",
739 " in wq %p\n", addrw->state, &addrw->a, 711 " in wq %p\n", addrw->state, &addrw->a,
740 &sctp_addr_waitq); 712 &net->sctp.addr_waitq);
741 list_del(&addrw->list); 713 list_del(&addrw->list);
742 kfree(addrw); 714 kfree(addrw);
743 } 715 }
744 spin_unlock_bh(&sctp_addr_wq_lock); 716 spin_unlock_bh(&net->sctp.addr_wq_lock);
745 return; 717 return;
746 } 718 }
747 719
748 /* OK, we have to add the new address to the wait queue */ 720 /* OK, we have to add the new address to the wait queue */
749 addrw = kmemdup(addr, sizeof(struct sctp_sockaddr_entry), GFP_ATOMIC); 721 addrw = kmemdup(addr, sizeof(struct sctp_sockaddr_entry), GFP_ATOMIC);
750 if (addrw == NULL) { 722 if (addrw == NULL) {
751 spin_unlock_bh(&sctp_addr_wq_lock); 723 spin_unlock_bh(&net->sctp.addr_wq_lock);
752 return; 724 return;
753 } 725 }
754 addrw->state = cmd; 726 addrw->state = cmd;
755 list_add_tail(&addrw->list, &sctp_addr_waitq); 727 list_add_tail(&addrw->list, &net->sctp.addr_waitq);
756 SCTP_DEBUG_PRINTK_IPADDR("sctp_addr_wq_mgmt add new entry for cmd:%d ", 728 SCTP_DEBUG_PRINTK_IPADDR("sctp_addr_wq_mgmt add new entry for cmd:%d ",
757 " in wq %p\n", addrw->state, &addrw->a, &sctp_addr_waitq); 729 " in wq %p\n", addrw->state, &addrw->a, &net->sctp.addr_waitq);
758 730
759 if (!timer_pending(&sctp_addr_wq_timer)) { 731 if (!timer_pending(&net->sctp.addr_wq_timer)) {
760 timeo_val = jiffies; 732 timeo_val = jiffies;
761 timeo_val += msecs_to_jiffies(SCTP_ADDRESS_TICK_DELAY); 733 timeo_val += msecs_to_jiffies(SCTP_ADDRESS_TICK_DELAY);
762 mod_timer(&sctp_addr_wq_timer, timeo_val); 734 mod_timer(&net->sctp.addr_wq_timer, timeo_val);
763 } 735 }
764 spin_unlock_bh(&sctp_addr_wq_lock); 736 spin_unlock_bh(&net->sctp.addr_wq_lock);
765} 737}
766 738
767/* Event handler for inet address addition/deletion events. 739/* Event handler for inet address addition/deletion events.
@@ -776,11 +748,9 @@ static int sctp_inetaddr_event(struct notifier_block *this, unsigned long ev,
776 struct in_ifaddr *ifa = (struct in_ifaddr *)ptr; 748 struct in_ifaddr *ifa = (struct in_ifaddr *)ptr;
777 struct sctp_sockaddr_entry *addr = NULL; 749 struct sctp_sockaddr_entry *addr = NULL;
778 struct sctp_sockaddr_entry *temp; 750 struct sctp_sockaddr_entry *temp;
751 struct net *net = dev_net(ifa->ifa_dev->dev);
779 int found = 0; 752 int found = 0;
780 753
781 if (!net_eq(dev_net(ifa->ifa_dev->dev), &init_net))
782 return NOTIFY_DONE;
783
784 switch (ev) { 754 switch (ev) {
785 case NETDEV_UP: 755 case NETDEV_UP:
786 addr = kmalloc(sizeof(struct sctp_sockaddr_entry), GFP_ATOMIC); 756 addr = kmalloc(sizeof(struct sctp_sockaddr_entry), GFP_ATOMIC);
@@ -789,27 +759,27 @@ static int sctp_inetaddr_event(struct notifier_block *this, unsigned long ev,
789 addr->a.v4.sin_port = 0; 759 addr->a.v4.sin_port = 0;
790 addr->a.v4.sin_addr.s_addr = ifa->ifa_local; 760 addr->a.v4.sin_addr.s_addr = ifa->ifa_local;
791 addr->valid = 1; 761 addr->valid = 1;
792 spin_lock_bh(&sctp_local_addr_lock); 762 spin_lock_bh(&net->sctp.local_addr_lock);
793 list_add_tail_rcu(&addr->list, &sctp_local_addr_list); 763 list_add_tail_rcu(&addr->list, &net->sctp.local_addr_list);
794 sctp_addr_wq_mgmt(addr, SCTP_ADDR_NEW); 764 sctp_addr_wq_mgmt(net, addr, SCTP_ADDR_NEW);
795 spin_unlock_bh(&sctp_local_addr_lock); 765 spin_unlock_bh(&net->sctp.local_addr_lock);
796 } 766 }
797 break; 767 break;
798 case NETDEV_DOWN: 768 case NETDEV_DOWN:
799 spin_lock_bh(&sctp_local_addr_lock); 769 spin_lock_bh(&net->sctp.local_addr_lock);
800 list_for_each_entry_safe(addr, temp, 770 list_for_each_entry_safe(addr, temp,
801 &sctp_local_addr_list, list) { 771 &net->sctp.local_addr_list, list) {
802 if (addr->a.sa.sa_family == AF_INET && 772 if (addr->a.sa.sa_family == AF_INET &&
803 addr->a.v4.sin_addr.s_addr == 773 addr->a.v4.sin_addr.s_addr ==
804 ifa->ifa_local) { 774 ifa->ifa_local) {
805 sctp_addr_wq_mgmt(addr, SCTP_ADDR_DEL); 775 sctp_addr_wq_mgmt(net, addr, SCTP_ADDR_DEL);
806 found = 1; 776 found = 1;
807 addr->valid = 0; 777 addr->valid = 0;
808 list_del_rcu(&addr->list); 778 list_del_rcu(&addr->list);
809 break; 779 break;
810 } 780 }
811 } 781 }
812 spin_unlock_bh(&sctp_local_addr_lock); 782 spin_unlock_bh(&net->sctp.local_addr_lock);
813 if (found) 783 if (found)
814 kfree_rcu(addr, rcu); 784 kfree_rcu(addr, rcu);
815 break; 785 break;
@@ -822,7 +792,7 @@ static int sctp_inetaddr_event(struct notifier_block *this, unsigned long ev,
822 * Initialize the control inode/socket with a control endpoint data 792 * Initialize the control inode/socket with a control endpoint data
823 * structure. This endpoint is reserved exclusively for the OOTB processing. 793 * structure. This endpoint is reserved exclusively for the OOTB processing.
824 */ 794 */
825static int sctp_ctl_sock_init(void) 795static int sctp_ctl_sock_init(struct net *net)
826{ 796{
827 int err; 797 int err;
828 sa_family_t family = PF_INET; 798 sa_family_t family = PF_INET;
@@ -830,14 +800,14 @@ static int sctp_ctl_sock_init(void)
830 if (sctp_get_pf_specific(PF_INET6)) 800 if (sctp_get_pf_specific(PF_INET6))
831 family = PF_INET6; 801 family = PF_INET6;
832 802
833 err = inet_ctl_sock_create(&sctp_ctl_sock, family, 803 err = inet_ctl_sock_create(&net->sctp.ctl_sock, family,
834 SOCK_SEQPACKET, IPPROTO_SCTP, &init_net); 804 SOCK_SEQPACKET, IPPROTO_SCTP, net);
835 805
836 /* If IPv6 socket could not be created, try the IPv4 socket */ 806 /* If IPv6 socket could not be created, try the IPv4 socket */
837 if (err < 0 && family == PF_INET6) 807 if (err < 0 && family == PF_INET6)
838 err = inet_ctl_sock_create(&sctp_ctl_sock, AF_INET, 808 err = inet_ctl_sock_create(&net->sctp.ctl_sock, AF_INET,
839 SOCK_SEQPACKET, IPPROTO_SCTP, 809 SOCK_SEQPACKET, IPPROTO_SCTP,
840 &init_net); 810 net);
841 811
842 if (err < 0) { 812 if (err < 0) {
843 pr_err("Failed to create the SCTP control socket\n"); 813 pr_err("Failed to create the SCTP control socket\n");
@@ -990,7 +960,7 @@ static inline int sctp_v4_xmit(struct sk_buff *skb,
990 inet->pmtudisc = transport->param_flags & SPP_PMTUD_ENABLE ? 960 inet->pmtudisc = transport->param_flags & SPP_PMTUD_ENABLE ?
991 IP_PMTUDISC_DO : IP_PMTUDISC_DONT; 961 IP_PMTUDISC_DO : IP_PMTUDISC_DONT;
992 962
993 SCTP_INC_STATS(SCTP_MIB_OUTSCTPPACKS); 963 SCTP_INC_STATS(sock_net(&inet->sk), SCTP_MIB_OUTSCTPPACKS);
994 return ip_queue_xmit(skb, &transport->fl); 964 return ip_queue_xmit(skb, &transport->fl);
995} 965}
996 966
@@ -1063,6 +1033,7 @@ static const struct net_protocol sctp_protocol = {
1063 .handler = sctp_rcv, 1033 .handler = sctp_rcv,
1064 .err_handler = sctp_v4_err, 1034 .err_handler = sctp_v4_err,
1065 .no_policy = 1, 1035 .no_policy = 1,
1036 .netns_ok = 1,
1066}; 1037};
1067 1038
1068/* IPv4 address related functions. */ 1039/* IPv4 address related functions. */
@@ -1130,16 +1101,16 @@ int sctp_register_pf(struct sctp_pf *pf, sa_family_t family)
1130 return 1; 1101 return 1;
1131} 1102}
1132 1103
1133static inline int init_sctp_mibs(void) 1104static inline int init_sctp_mibs(struct net *net)
1134{ 1105{
1135 return snmp_mib_init((void __percpu **)sctp_statistics, 1106 return snmp_mib_init((void __percpu **)net->sctp.sctp_statistics,
1136 sizeof(struct sctp_mib), 1107 sizeof(struct sctp_mib),
1137 __alignof__(struct sctp_mib)); 1108 __alignof__(struct sctp_mib));
1138} 1109}
1139 1110
1140static inline void cleanup_sctp_mibs(void) 1111static inline void cleanup_sctp_mibs(struct net *net)
1141{ 1112{
1142 snmp_mib_free((void __percpu **)sctp_statistics); 1113 snmp_mib_free((void __percpu **)net->sctp.sctp_statistics);
1143} 1114}
1144 1115
1145static void sctp_v4_pf_init(void) 1116static void sctp_v4_pf_init(void)
@@ -1194,6 +1165,143 @@ static void sctp_v4_del_protocol(void)
1194 unregister_inetaddr_notifier(&sctp_inetaddr_notifier); 1165 unregister_inetaddr_notifier(&sctp_inetaddr_notifier);
1195} 1166}
1196 1167
1168static int sctp_net_init(struct net *net)
1169{
1170 int status;
1171
1172 /*
1173 * 14. Suggested SCTP Protocol Parameter Values
1174 */
1175 /* The following protocol parameters are RECOMMENDED: */
1176 /* RTO.Initial - 3 seconds */
1177 net->sctp.rto_initial = SCTP_RTO_INITIAL;
1178 /* RTO.Min - 1 second */
1179 net->sctp.rto_min = SCTP_RTO_MIN;
1180 /* RTO.Max - 60 seconds */
1181 net->sctp.rto_max = SCTP_RTO_MAX;
1182 /* RTO.Alpha - 1/8 */
1183 net->sctp.rto_alpha = SCTP_RTO_ALPHA;
1184 /* RTO.Beta - 1/4 */
1185 net->sctp.rto_beta = SCTP_RTO_BETA;
1186
1187 /* Valid.Cookie.Life - 60 seconds */
1188 net->sctp.valid_cookie_life = SCTP_DEFAULT_COOKIE_LIFE;
1189
1190 /* Whether Cookie Preservative is enabled(1) or not(0) */
1191 net->sctp.cookie_preserve_enable = 1;
1192
1193 /* Max.Burst - 4 */
1194 net->sctp.max_burst = SCTP_DEFAULT_MAX_BURST;
1195
1196 /* Association.Max.Retrans - 10 attempts
1197 * Path.Max.Retrans - 5 attempts (per destination address)
1198 * Max.Init.Retransmits - 8 attempts
1199 */
1200 net->sctp.max_retrans_association = 10;
1201 net->sctp.max_retrans_path = 5;
1202 net->sctp.max_retrans_init = 8;
1203
1204 /* Sendbuffer growth - do per-socket accounting */
1205 net->sctp.sndbuf_policy = 0;
1206
1207 /* Rcvbuffer growth - do per-socket accounting */
1208 net->sctp.rcvbuf_policy = 0;
1209
1210 /* HB.interval - 30 seconds */
1211 net->sctp.hb_interval = SCTP_DEFAULT_TIMEOUT_HEARTBEAT;
1212
1213 /* delayed SACK timeout */
1214 net->sctp.sack_timeout = SCTP_DEFAULT_TIMEOUT_SACK;
1215
1216 /* Disable ADDIP by default. */
1217 net->sctp.addip_enable = 0;
1218 net->sctp.addip_noauth = 0;
1219 net->sctp.default_auto_asconf = 0;
1220
1221 /* Enable PR-SCTP by default. */
1222 net->sctp.prsctp_enable = 1;
1223
1224 /* Disable AUTH by default. */
1225 net->sctp.auth_enable = 0;
1226
1227 /* Set SCOPE policy to enabled */
1228 net->sctp.scope_policy = SCTP_SCOPE_POLICY_ENABLE;
1229
1230 /* Set the default rwnd update threshold */
1231 net->sctp.rwnd_upd_shift = SCTP_DEFAULT_RWND_SHIFT;
1232
1233 /* Initialize maximum autoclose timeout. */
1234 net->sctp.max_autoclose = INT_MAX / HZ;
1235
1236 status = sctp_sysctl_net_register(net);
1237 if (status)
1238 goto err_sysctl_register;
1239
1240 /* Allocate and initialise sctp mibs. */
1241 status = init_sctp_mibs(net);
1242 if (status)
1243 goto err_init_mibs;
1244
1245 /* Initialize proc fs directory. */
1246 status = sctp_proc_init(net);
1247 if (status)
1248 goto err_init_proc;
1249
1250 sctp_dbg_objcnt_init(net);
1251
1252 /* Initialize the control inode/socket for handling OOTB packets. */
1253 if ((status = sctp_ctl_sock_init(net))) {
1254 pr_err("Failed to initialize the SCTP control sock\n");
1255 goto err_ctl_sock_init;
1256 }
1257
1258 /* Initialize the local address list. */
1259 INIT_LIST_HEAD(&net->sctp.local_addr_list);
1260 spin_lock_init(&net->sctp.local_addr_lock);
1261 sctp_get_local_addr_list(net);
1262
1263 /* Initialize the address event list */
1264 INIT_LIST_HEAD(&net->sctp.addr_waitq);
1265 INIT_LIST_HEAD(&net->sctp.auto_asconf_splist);
1266 spin_lock_init(&net->sctp.addr_wq_lock);
1267 net->sctp.addr_wq_timer.expires = 0;
1268 setup_timer(&net->sctp.addr_wq_timer, sctp_addr_wq_timeout_handler,
1269 (unsigned long)net);
1270
1271 return 0;
1272
1273err_ctl_sock_init:
1274 sctp_dbg_objcnt_exit(net);
1275 sctp_proc_exit(net);
1276err_init_proc:
1277 cleanup_sctp_mibs(net);
1278err_init_mibs:
1279 sctp_sysctl_net_unregister(net);
1280err_sysctl_register:
1281 return status;
1282}
1283
1284static void sctp_net_exit(struct net *net)
1285{
1286 /* Free the local address list */
1287 sctp_free_addr_wq(net);
1288 sctp_free_local_addr_list(net);
1289
1290 /* Free the control endpoint. */
1291 inet_ctl_sock_destroy(net->sctp.ctl_sock);
1292
1293 sctp_dbg_objcnt_exit(net);
1294
1295 sctp_proc_exit(net);
1296 cleanup_sctp_mibs(net);
1297 sctp_sysctl_net_unregister(net);
1298}
1299
1300static struct pernet_operations sctp_net_ops = {
1301 .init = sctp_net_init,
1302 .exit = sctp_net_exit,
1303};
1304
1197/* Initialize the universe into something sensible. */ 1305/* Initialize the universe into something sensible. */
1198SCTP_STATIC __init int sctp_init(void) 1306SCTP_STATIC __init int sctp_init(void)
1199{ 1307{
@@ -1224,62 +1332,9 @@ SCTP_STATIC __init int sctp_init(void)
1224 if (!sctp_chunk_cachep) 1332 if (!sctp_chunk_cachep)
1225 goto err_chunk_cachep; 1333 goto err_chunk_cachep;
1226 1334
1227 /* Allocate and initialise sctp mibs. */ 1335 status = percpu_counter_init(&sctp_sockets_allocated, 0);
1228 status = init_sctp_mibs();
1229 if (status) 1336 if (status)
1230 goto err_init_mibs; 1337 goto err_percpu_counter_init;
1231
1232 /* Initialize proc fs directory. */
1233 status = sctp_proc_init();
1234 if (status)
1235 goto err_init_proc;
1236
1237 /* Initialize object count debugging. */
1238 sctp_dbg_objcnt_init();
1239
1240 /*
1241 * 14. Suggested SCTP Protocol Parameter Values
1242 */
1243 /* The following protocol parameters are RECOMMENDED: */
1244 /* RTO.Initial - 3 seconds */
1245 sctp_rto_initial = SCTP_RTO_INITIAL;
1246 /* RTO.Min - 1 second */
1247 sctp_rto_min = SCTP_RTO_MIN;
1248 /* RTO.Max - 60 seconds */
1249 sctp_rto_max = SCTP_RTO_MAX;
1250 /* RTO.Alpha - 1/8 */
1251 sctp_rto_alpha = SCTP_RTO_ALPHA;
1252 /* RTO.Beta - 1/4 */
1253 sctp_rto_beta = SCTP_RTO_BETA;
1254
1255 /* Valid.Cookie.Life - 60 seconds */
1256 sctp_valid_cookie_life = SCTP_DEFAULT_COOKIE_LIFE;
1257
1258 /* Whether Cookie Preservative is enabled(1) or not(0) */
1259 sctp_cookie_preserve_enable = 1;
1260
1261 /* Max.Burst - 4 */
1262 sctp_max_burst = SCTP_DEFAULT_MAX_BURST;
1263
1264 /* Association.Max.Retrans - 10 attempts
1265 * Path.Max.Retrans - 5 attempts (per destination address)
1266 * Max.Init.Retransmits - 8 attempts
1267 */
1268 sctp_max_retrans_association = 10;
1269 sctp_max_retrans_path = 5;
1270 sctp_max_retrans_init = 8;
1271
1272 /* Sendbuffer growth - do per-socket accounting */
1273 sctp_sndbuf_policy = 0;
1274
1275 /* Rcvbuffer growth - do per-socket accounting */
1276 sctp_rcvbuf_policy = 0;
1277
1278 /* HB.interval - 30 seconds */
1279 sctp_hb_interval = SCTP_DEFAULT_TIMEOUT_HEARTBEAT;
1280
1281 /* delayed SACK timeout */
1282 sctp_sack_timeout = SCTP_DEFAULT_TIMEOUT_SACK;
1283 1338
1284 /* Implementation specific variables. */ 1339 /* Implementation specific variables. */
1285 1340
@@ -1287,9 +1342,6 @@ SCTP_STATIC __init int sctp_init(void)
1287 sctp_max_instreams = SCTP_DEFAULT_INSTREAMS; 1342 sctp_max_instreams = SCTP_DEFAULT_INSTREAMS;
1288 sctp_max_outstreams = SCTP_DEFAULT_OUTSTREAMS; 1343 sctp_max_outstreams = SCTP_DEFAULT_OUTSTREAMS;
1289 1344
1290 /* Initialize maximum autoclose timeout. */
1291 sctp_max_autoclose = INT_MAX / HZ;
1292
1293 /* Initialize handle used for association ids. */ 1345 /* Initialize handle used for association ids. */
1294 idr_init(&sctp_assocs_id); 1346 idr_init(&sctp_assocs_id);
1295 1347
@@ -1376,41 +1428,12 @@ SCTP_STATIC __init int sctp_init(void)
1376 pr_info("Hash tables configured (established %d bind %d)\n", 1428 pr_info("Hash tables configured (established %d bind %d)\n",
1377 sctp_assoc_hashsize, sctp_port_hashsize); 1429 sctp_assoc_hashsize, sctp_port_hashsize);
1378 1430
1379 /* Disable ADDIP by default. */
1380 sctp_addip_enable = 0;
1381 sctp_addip_noauth = 0;
1382 sctp_default_auto_asconf = 0;
1383
1384 /* Enable PR-SCTP by default. */
1385 sctp_prsctp_enable = 1;
1386
1387 /* Disable AUTH by default. */
1388 sctp_auth_enable = 0;
1389
1390 /* Set SCOPE policy to enabled */
1391 sctp_scope_policy = SCTP_SCOPE_POLICY_ENABLE;
1392
1393 /* Set the default rwnd update threshold */
1394 sctp_rwnd_upd_shift = SCTP_DEFAULT_RWND_SHIFT;
1395
1396 sctp_sysctl_register(); 1431 sctp_sysctl_register();
1397 1432
1398 INIT_LIST_HEAD(&sctp_address_families); 1433 INIT_LIST_HEAD(&sctp_address_families);
1399 sctp_v4_pf_init(); 1434 sctp_v4_pf_init();
1400 sctp_v6_pf_init(); 1435 sctp_v6_pf_init();
1401 1436
1402 /* Initialize the local address list. */
1403 INIT_LIST_HEAD(&sctp_local_addr_list);
1404 spin_lock_init(&sctp_local_addr_lock);
1405 sctp_get_local_addr_list();
1406
1407 /* Initialize the address event list */
1408 INIT_LIST_HEAD(&sctp_addr_waitq);
1409 INIT_LIST_HEAD(&sctp_auto_asconf_splist);
1410 spin_lock_init(&sctp_addr_wq_lock);
1411 sctp_addr_wq_timer.expires = 0;
1412 setup_timer(&sctp_addr_wq_timer, sctp_addr_wq_timeout_handler, 0);
1413
1414 status = sctp_v4_protosw_init(); 1437 status = sctp_v4_protosw_init();
1415 1438
1416 if (status) 1439 if (status)
@@ -1420,11 +1443,9 @@ SCTP_STATIC __init int sctp_init(void)
1420 if (status) 1443 if (status)
1421 goto err_v6_protosw_init; 1444 goto err_v6_protosw_init;
1422 1445
1423 /* Initialize the control inode/socket for handling OOTB packets. */ 1446 status = register_pernet_subsys(&sctp_net_ops);
1424 if ((status = sctp_ctl_sock_init())) { 1447 if (status)
1425 pr_err("Failed to initialize the SCTP control sock\n"); 1448 goto err_register_pernet_subsys;
1426 goto err_ctl_sock_init;
1427 }
1428 1449
1429 status = sctp_v4_add_protocol(); 1450 status = sctp_v4_add_protocol();
1430 if (status) 1451 if (status)
@@ -1441,13 +1462,12 @@ out:
1441err_v6_add_protocol: 1462err_v6_add_protocol:
1442 sctp_v4_del_protocol(); 1463 sctp_v4_del_protocol();
1443err_add_protocol: 1464err_add_protocol:
1444 inet_ctl_sock_destroy(sctp_ctl_sock); 1465 unregister_pernet_subsys(&sctp_net_ops);
1445err_ctl_sock_init: 1466err_register_pernet_subsys:
1446 sctp_v6_protosw_exit(); 1467 sctp_v6_protosw_exit();
1447err_v6_protosw_init: 1468err_v6_protosw_init:
1448 sctp_v4_protosw_exit(); 1469 sctp_v4_protosw_exit();
1449err_protosw_init: 1470err_protosw_init:
1450 sctp_free_local_addr_list();
1451 sctp_v4_pf_exit(); 1471 sctp_v4_pf_exit();
1452 sctp_v6_pf_exit(); 1472 sctp_v6_pf_exit();
1453 sctp_sysctl_unregister(); 1473 sctp_sysctl_unregister();
@@ -1461,11 +1481,8 @@ err_ehash_alloc:
1461 get_order(sctp_assoc_hashsize * 1481 get_order(sctp_assoc_hashsize *
1462 sizeof(struct sctp_hashbucket))); 1482 sizeof(struct sctp_hashbucket)));
1463err_ahash_alloc: 1483err_ahash_alloc:
1464 sctp_dbg_objcnt_exit(); 1484 percpu_counter_destroy(&sctp_sockets_allocated);
1465 sctp_proc_exit(); 1485err_percpu_counter_init:
1466err_init_proc:
1467 cleanup_sctp_mibs();
1468err_init_mibs:
1469 kmem_cache_destroy(sctp_chunk_cachep); 1486 kmem_cache_destroy(sctp_chunk_cachep);
1470err_chunk_cachep: 1487err_chunk_cachep:
1471 kmem_cache_destroy(sctp_bucket_cachep); 1488 kmem_cache_destroy(sctp_bucket_cachep);
@@ -1482,18 +1499,13 @@ SCTP_STATIC __exit void sctp_exit(void)
1482 /* Unregister with inet6/inet layers. */ 1499 /* Unregister with inet6/inet layers. */
1483 sctp_v6_del_protocol(); 1500 sctp_v6_del_protocol();
1484 sctp_v4_del_protocol(); 1501 sctp_v4_del_protocol();
1485 sctp_free_addr_wq();
1486 1502
1487 /* Free the control endpoint. */ 1503 unregister_pernet_subsys(&sctp_net_ops);
1488 inet_ctl_sock_destroy(sctp_ctl_sock);
1489 1504
1490 /* Free protosw registrations */ 1505 /* Free protosw registrations */
1491 sctp_v6_protosw_exit(); 1506 sctp_v6_protosw_exit();
1492 sctp_v4_protosw_exit(); 1507 sctp_v4_protosw_exit();
1493 1508
1494 /* Free the local address list. */
1495 sctp_free_local_addr_list();
1496
1497 /* Unregister with socket layer. */ 1509 /* Unregister with socket layer. */
1498 sctp_v6_pf_exit(); 1510 sctp_v6_pf_exit();
1499 sctp_v4_pf_exit(); 1511 sctp_v4_pf_exit();
@@ -1508,9 +1520,7 @@ SCTP_STATIC __exit void sctp_exit(void)
1508 get_order(sctp_port_hashsize * 1520 get_order(sctp_port_hashsize *
1509 sizeof(struct sctp_bind_hashbucket))); 1521 sizeof(struct sctp_bind_hashbucket)));
1510 1522
1511 sctp_dbg_objcnt_exit(); 1523 percpu_counter_destroy(&sctp_sockets_allocated);
1512 sctp_proc_exit();
1513 cleanup_sctp_mibs();
1514 1524
1515 rcu_barrier(); /* Wait for completion of call_rcu()'s */ 1525 rcu_barrier(); /* Wait for completion of call_rcu()'s */
1516 1526
diff --git a/net/sctp/sm_make_chunk.c b/net/sctp/sm_make_chunk.c
index 479a70ef6ff8..fbe1636309a7 100644
--- a/net/sctp/sm_make_chunk.c
+++ b/net/sctp/sm_make_chunk.c
@@ -198,6 +198,7 @@ struct sctp_chunk *sctp_make_init(const struct sctp_association *asoc,
198 const struct sctp_bind_addr *bp, 198 const struct sctp_bind_addr *bp,
199 gfp_t gfp, int vparam_len) 199 gfp_t gfp, int vparam_len)
200{ 200{
201 struct net *net = sock_net(asoc->base.sk);
201 sctp_inithdr_t init; 202 sctp_inithdr_t init;
202 union sctp_params addrs; 203 union sctp_params addrs;
203 size_t chunksize; 204 size_t chunksize;
@@ -237,7 +238,7 @@ struct sctp_chunk *sctp_make_init(const struct sctp_association *asoc,
237 chunksize += WORD_ROUND(SCTP_SAT_LEN(num_types)); 238 chunksize += WORD_ROUND(SCTP_SAT_LEN(num_types));
238 chunksize += sizeof(ecap_param); 239 chunksize += sizeof(ecap_param);
239 240
240 if (sctp_prsctp_enable) 241 if (net->sctp.prsctp_enable)
241 chunksize += sizeof(prsctp_param); 242 chunksize += sizeof(prsctp_param);
242 243
243 /* ADDIP: Section 4.2.7: 244 /* ADDIP: Section 4.2.7:
@@ -245,7 +246,7 @@ struct sctp_chunk *sctp_make_init(const struct sctp_association *asoc,
245 * the ASCONF,the ASCONF-ACK, and the AUTH chunks in its INIT and 246 * the ASCONF,the ASCONF-ACK, and the AUTH chunks in its INIT and
246 * INIT-ACK parameters. 247 * INIT-ACK parameters.
247 */ 248 */
248 if (sctp_addip_enable) { 249 if (net->sctp.addip_enable) {
249 extensions[num_ext] = SCTP_CID_ASCONF; 250 extensions[num_ext] = SCTP_CID_ASCONF;
250 extensions[num_ext+1] = SCTP_CID_ASCONF_ACK; 251 extensions[num_ext+1] = SCTP_CID_ASCONF_ACK;
251 num_ext += 2; 252 num_ext += 2;
@@ -257,7 +258,7 @@ struct sctp_chunk *sctp_make_init(const struct sctp_association *asoc,
257 chunksize += vparam_len; 258 chunksize += vparam_len;
258 259
259 /* Account for AUTH related parameters */ 260 /* Account for AUTH related parameters */
260 if (sctp_auth_enable) { 261 if (net->sctp.auth_enable) {
261 /* Add random parameter length*/ 262 /* Add random parameter length*/
262 chunksize += sizeof(asoc->c.auth_random); 263 chunksize += sizeof(asoc->c.auth_random);
263 264
@@ -331,7 +332,7 @@ struct sctp_chunk *sctp_make_init(const struct sctp_association *asoc,
331 sctp_addto_param(retval, num_ext, extensions); 332 sctp_addto_param(retval, num_ext, extensions);
332 } 333 }
333 334
334 if (sctp_prsctp_enable) 335 if (net->sctp.prsctp_enable)
335 sctp_addto_chunk(retval, sizeof(prsctp_param), &prsctp_param); 336 sctp_addto_chunk(retval, sizeof(prsctp_param), &prsctp_param);
336 337
337 if (sp->adaptation_ind) { 338 if (sp->adaptation_ind) {
@@ -342,7 +343,7 @@ struct sctp_chunk *sctp_make_init(const struct sctp_association *asoc,
342 } 343 }
343 344
344 /* Add SCTP-AUTH chunks to the parameter list */ 345 /* Add SCTP-AUTH chunks to the parameter list */
345 if (sctp_auth_enable) { 346 if (net->sctp.auth_enable) {
346 sctp_addto_chunk(retval, sizeof(asoc->c.auth_random), 347 sctp_addto_chunk(retval, sizeof(asoc->c.auth_random),
347 asoc->c.auth_random); 348 asoc->c.auth_random);
348 if (auth_hmacs) 349 if (auth_hmacs)
@@ -1940,7 +1941,7 @@ static int sctp_process_hn_param(const struct sctp_association *asoc,
1940 return 0; 1941 return 0;
1941} 1942}
1942 1943
1943static int sctp_verify_ext_param(union sctp_params param) 1944static int sctp_verify_ext_param(struct net *net, union sctp_params param)
1944{ 1945{
1945 __u16 num_ext = ntohs(param.p->length) - sizeof(sctp_paramhdr_t); 1946 __u16 num_ext = ntohs(param.p->length) - sizeof(sctp_paramhdr_t);
1946 int have_auth = 0; 1947 int have_auth = 0;
@@ -1964,10 +1965,10 @@ static int sctp_verify_ext_param(union sctp_params param)
1964 * only if ADD-IP is turned on and we are not backward-compatible 1965 * only if ADD-IP is turned on and we are not backward-compatible
1965 * mode. 1966 * mode.
1966 */ 1967 */
1967 if (sctp_addip_noauth) 1968 if (net->sctp.addip_noauth)
1968 return 1; 1969 return 1;
1969 1970
1970 if (sctp_addip_enable && !have_auth && have_asconf) 1971 if (net->sctp.addip_enable && !have_auth && have_asconf)
1971 return 0; 1972 return 0;
1972 1973
1973 return 1; 1974 return 1;
@@ -1976,13 +1977,14 @@ static int sctp_verify_ext_param(union sctp_params param)
1976static void sctp_process_ext_param(struct sctp_association *asoc, 1977static void sctp_process_ext_param(struct sctp_association *asoc,
1977 union sctp_params param) 1978 union sctp_params param)
1978{ 1979{
1980 struct net *net = sock_net(asoc->base.sk);
1979 __u16 num_ext = ntohs(param.p->length) - sizeof(sctp_paramhdr_t); 1981 __u16 num_ext = ntohs(param.p->length) - sizeof(sctp_paramhdr_t);
1980 int i; 1982 int i;
1981 1983
1982 for (i = 0; i < num_ext; i++) { 1984 for (i = 0; i < num_ext; i++) {
1983 switch (param.ext->chunks[i]) { 1985 switch (param.ext->chunks[i]) {
1984 case SCTP_CID_FWD_TSN: 1986 case SCTP_CID_FWD_TSN:
1985 if (sctp_prsctp_enable && 1987 if (net->sctp.prsctp_enable &&
1986 !asoc->peer.prsctp_capable) 1988 !asoc->peer.prsctp_capable)
1987 asoc->peer.prsctp_capable = 1; 1989 asoc->peer.prsctp_capable = 1;
1988 break; 1990 break;
@@ -1990,12 +1992,12 @@ static void sctp_process_ext_param(struct sctp_association *asoc,
1990 /* if the peer reports AUTH, assume that he 1992 /* if the peer reports AUTH, assume that he
1991 * supports AUTH. 1993 * supports AUTH.
1992 */ 1994 */
1993 if (sctp_auth_enable) 1995 if (net->sctp.auth_enable)
1994 asoc->peer.auth_capable = 1; 1996 asoc->peer.auth_capable = 1;
1995 break; 1997 break;
1996 case SCTP_CID_ASCONF: 1998 case SCTP_CID_ASCONF:
1997 case SCTP_CID_ASCONF_ACK: 1999 case SCTP_CID_ASCONF_ACK:
1998 if (sctp_addip_enable) 2000 if (net->sctp.addip_enable)
1999 asoc->peer.asconf_capable = 1; 2001 asoc->peer.asconf_capable = 1;
2000 break; 2002 break;
2001 default: 2003 default:
@@ -2081,7 +2083,8 @@ static sctp_ierror_t sctp_process_unk_param(const struct sctp_association *asoc,
2081 * SCTP_IERROR_ERROR - stop processing, trigger an ERROR 2083 * SCTP_IERROR_ERROR - stop processing, trigger an ERROR
2082 * SCTP_IERROR_NO_ERROR - continue with the chunk 2084 * SCTP_IERROR_NO_ERROR - continue with the chunk
2083 */ 2085 */
2084static sctp_ierror_t sctp_verify_param(const struct sctp_association *asoc, 2086static sctp_ierror_t sctp_verify_param(struct net *net,
2087 const struct sctp_association *asoc,
2085 union sctp_params param, 2088 union sctp_params param,
2086 sctp_cid_t cid, 2089 sctp_cid_t cid,
2087 struct sctp_chunk *chunk, 2090 struct sctp_chunk *chunk,
@@ -2110,12 +2113,12 @@ static sctp_ierror_t sctp_verify_param(const struct sctp_association *asoc,
2110 break; 2113 break;
2111 2114
2112 case SCTP_PARAM_SUPPORTED_EXT: 2115 case SCTP_PARAM_SUPPORTED_EXT:
2113 if (!sctp_verify_ext_param(param)) 2116 if (!sctp_verify_ext_param(net, param))
2114 return SCTP_IERROR_ABORT; 2117 return SCTP_IERROR_ABORT;
2115 break; 2118 break;
2116 2119
2117 case SCTP_PARAM_SET_PRIMARY: 2120 case SCTP_PARAM_SET_PRIMARY:
2118 if (sctp_addip_enable) 2121 if (net->sctp.addip_enable)
2119 break; 2122 break;
2120 goto fallthrough; 2123 goto fallthrough;
2121 2124
@@ -2126,12 +2129,12 @@ static sctp_ierror_t sctp_verify_param(const struct sctp_association *asoc,
2126 break; 2129 break;
2127 2130
2128 case SCTP_PARAM_FWD_TSN_SUPPORT: 2131 case SCTP_PARAM_FWD_TSN_SUPPORT:
2129 if (sctp_prsctp_enable) 2132 if (net->sctp.prsctp_enable)
2130 break; 2133 break;
2131 goto fallthrough; 2134 goto fallthrough;
2132 2135
2133 case SCTP_PARAM_RANDOM: 2136 case SCTP_PARAM_RANDOM:
2134 if (!sctp_auth_enable) 2137 if (!net->sctp.auth_enable)
2135 goto fallthrough; 2138 goto fallthrough;
2136 2139
2137 /* SCTP-AUTH: Secion 6.1 2140 /* SCTP-AUTH: Secion 6.1
@@ -2148,7 +2151,7 @@ static sctp_ierror_t sctp_verify_param(const struct sctp_association *asoc,
2148 break; 2151 break;
2149 2152
2150 case SCTP_PARAM_CHUNKS: 2153 case SCTP_PARAM_CHUNKS:
2151 if (!sctp_auth_enable) 2154 if (!net->sctp.auth_enable)
2152 goto fallthrough; 2155 goto fallthrough;
2153 2156
2154 /* SCTP-AUTH: Section 3.2 2157 /* SCTP-AUTH: Section 3.2
@@ -2164,7 +2167,7 @@ static sctp_ierror_t sctp_verify_param(const struct sctp_association *asoc,
2164 break; 2167 break;
2165 2168
2166 case SCTP_PARAM_HMAC_ALGO: 2169 case SCTP_PARAM_HMAC_ALGO:
2167 if (!sctp_auth_enable) 2170 if (!net->sctp.auth_enable)
2168 goto fallthrough; 2171 goto fallthrough;
2169 2172
2170 hmacs = (struct sctp_hmac_algo_param *)param.p; 2173 hmacs = (struct sctp_hmac_algo_param *)param.p;
@@ -2198,7 +2201,7 @@ fallthrough:
2198} 2201}
2199 2202
2200/* Verify the INIT packet before we process it. */ 2203/* Verify the INIT packet before we process it. */
2201int sctp_verify_init(const struct sctp_association *asoc, 2204int sctp_verify_init(struct net *net, const struct sctp_association *asoc,
2202 sctp_cid_t cid, 2205 sctp_cid_t cid,
2203 sctp_init_chunk_t *peer_init, 2206 sctp_init_chunk_t *peer_init,
2204 struct sctp_chunk *chunk, 2207 struct sctp_chunk *chunk,
@@ -2245,7 +2248,7 @@ int sctp_verify_init(const struct sctp_association *asoc,
2245 /* Verify all the variable length parameters */ 2248 /* Verify all the variable length parameters */
2246 sctp_walk_params(param, peer_init, init_hdr.params) { 2249 sctp_walk_params(param, peer_init, init_hdr.params) {
2247 2250
2248 result = sctp_verify_param(asoc, param, cid, chunk, errp); 2251 result = sctp_verify_param(net, asoc, param, cid, chunk, errp);
2249 switch (result) { 2252 switch (result) {
2250 case SCTP_IERROR_ABORT: 2253 case SCTP_IERROR_ABORT:
2251 case SCTP_IERROR_NOMEM: 2254 case SCTP_IERROR_NOMEM:
@@ -2270,6 +2273,7 @@ int sctp_process_init(struct sctp_association *asoc, struct sctp_chunk *chunk,
2270 const union sctp_addr *peer_addr, 2273 const union sctp_addr *peer_addr,
2271 sctp_init_chunk_t *peer_init, gfp_t gfp) 2274 sctp_init_chunk_t *peer_init, gfp_t gfp)
2272{ 2275{
2276 struct net *net = sock_net(asoc->base.sk);
2273 union sctp_params param; 2277 union sctp_params param;
2274 struct sctp_transport *transport; 2278 struct sctp_transport *transport;
2275 struct list_head *pos, *temp; 2279 struct list_head *pos, *temp;
@@ -2326,7 +2330,7 @@ int sctp_process_init(struct sctp_association *asoc, struct sctp_chunk *chunk,
2326 * also give us an option to silently ignore the packet, which 2330 * also give us an option to silently ignore the packet, which
2327 * is what we'll do here. 2331 * is what we'll do here.
2328 */ 2332 */
2329 if (!sctp_addip_noauth && 2333 if (!net->sctp.addip_noauth &&
2330 (asoc->peer.asconf_capable && !asoc->peer.auth_capable)) { 2334 (asoc->peer.asconf_capable && !asoc->peer.auth_capable)) {
2331 asoc->peer.addip_disabled_mask |= (SCTP_PARAM_ADD_IP | 2335 asoc->peer.addip_disabled_mask |= (SCTP_PARAM_ADD_IP |
2332 SCTP_PARAM_DEL_IP | 2336 SCTP_PARAM_DEL_IP |
@@ -2466,6 +2470,7 @@ static int sctp_process_param(struct sctp_association *asoc,
2466 const union sctp_addr *peer_addr, 2470 const union sctp_addr *peer_addr,
2467 gfp_t gfp) 2471 gfp_t gfp)
2468{ 2472{
2473 struct net *net = sock_net(asoc->base.sk);
2469 union sctp_addr addr; 2474 union sctp_addr addr;
2470 int i; 2475 int i;
2471 __u16 sat; 2476 __u16 sat;
@@ -2494,13 +2499,13 @@ do_addr_param:
2494 af = sctp_get_af_specific(param_type2af(param.p->type)); 2499 af = sctp_get_af_specific(param_type2af(param.p->type));
2495 af->from_addr_param(&addr, param.addr, htons(asoc->peer.port), 0); 2500 af->from_addr_param(&addr, param.addr, htons(asoc->peer.port), 0);
2496 scope = sctp_scope(peer_addr); 2501 scope = sctp_scope(peer_addr);
2497 if (sctp_in_scope(&addr, scope)) 2502 if (sctp_in_scope(net, &addr, scope))
2498 if (!sctp_assoc_add_peer(asoc, &addr, gfp, SCTP_UNCONFIRMED)) 2503 if (!sctp_assoc_add_peer(asoc, &addr, gfp, SCTP_UNCONFIRMED))
2499 return 0; 2504 return 0;
2500 break; 2505 break;
2501 2506
2502 case SCTP_PARAM_COOKIE_PRESERVATIVE: 2507 case SCTP_PARAM_COOKIE_PRESERVATIVE:
2503 if (!sctp_cookie_preserve_enable) 2508 if (!net->sctp.cookie_preserve_enable)
2504 break; 2509 break;
2505 2510
2506 stale = ntohl(param.life->lifespan_increment); 2511 stale = ntohl(param.life->lifespan_increment);
@@ -2580,7 +2585,7 @@ do_addr_param:
2580 break; 2585 break;
2581 2586
2582 case SCTP_PARAM_SET_PRIMARY: 2587 case SCTP_PARAM_SET_PRIMARY:
2583 if (!sctp_addip_enable) 2588 if (!net->sctp.addip_enable)
2584 goto fall_through; 2589 goto fall_through;
2585 2590
2586 addr_param = param.v + sizeof(sctp_addip_param_t); 2591 addr_param = param.v + sizeof(sctp_addip_param_t);
@@ -2607,7 +2612,7 @@ do_addr_param:
2607 break; 2612 break;
2608 2613
2609 case SCTP_PARAM_FWD_TSN_SUPPORT: 2614 case SCTP_PARAM_FWD_TSN_SUPPORT:
2610 if (sctp_prsctp_enable) { 2615 if (net->sctp.prsctp_enable) {
2611 asoc->peer.prsctp_capable = 1; 2616 asoc->peer.prsctp_capable = 1;
2612 break; 2617 break;
2613 } 2618 }
@@ -2615,7 +2620,7 @@ do_addr_param:
2615 goto fall_through; 2620 goto fall_through;
2616 2621
2617 case SCTP_PARAM_RANDOM: 2622 case SCTP_PARAM_RANDOM:
2618 if (!sctp_auth_enable) 2623 if (!net->sctp.auth_enable)
2619 goto fall_through; 2624 goto fall_through;
2620 2625
2621 /* Save peer's random parameter */ 2626 /* Save peer's random parameter */
@@ -2628,7 +2633,7 @@ do_addr_param:
2628 break; 2633 break;
2629 2634
2630 case SCTP_PARAM_HMAC_ALGO: 2635 case SCTP_PARAM_HMAC_ALGO:
2631 if (!sctp_auth_enable) 2636 if (!net->sctp.auth_enable)
2632 goto fall_through; 2637 goto fall_through;
2633 2638
2634 /* Save peer's HMAC list */ 2639 /* Save peer's HMAC list */
@@ -2644,7 +2649,7 @@ do_addr_param:
2644 break; 2649 break;
2645 2650
2646 case SCTP_PARAM_CHUNKS: 2651 case SCTP_PARAM_CHUNKS:
2647 if (!sctp_auth_enable) 2652 if (!net->sctp.auth_enable)
2648 goto fall_through; 2653 goto fall_through;
2649 2654
2650 asoc->peer.peer_chunks = kmemdup(param.p, 2655 asoc->peer.peer_chunks = kmemdup(param.p,
diff --git a/net/sctp/sm_sideeffect.c b/net/sctp/sm_sideeffect.c
index fe99628e1257..bcfebb91559d 100644
--- a/net/sctp/sm_sideeffect.c
+++ b/net/sctp/sm_sideeffect.c
@@ -251,6 +251,7 @@ void sctp_generate_t3_rtx_event(unsigned long peer)
251 int error; 251 int error;
252 struct sctp_transport *transport = (struct sctp_transport *) peer; 252 struct sctp_transport *transport = (struct sctp_transport *) peer;
253 struct sctp_association *asoc = transport->asoc; 253 struct sctp_association *asoc = transport->asoc;
254 struct net *net = sock_net(asoc->base.sk);
254 255
255 /* Check whether a task is in the sock. */ 256 /* Check whether a task is in the sock. */
256 257
@@ -271,7 +272,7 @@ void sctp_generate_t3_rtx_event(unsigned long peer)
271 goto out_unlock; 272 goto out_unlock;
272 273
273 /* Run through the state machine. */ 274 /* Run through the state machine. */
274 error = sctp_do_sm(SCTP_EVENT_T_TIMEOUT, 275 error = sctp_do_sm(net, SCTP_EVENT_T_TIMEOUT,
275 SCTP_ST_TIMEOUT(SCTP_EVENT_TIMEOUT_T3_RTX), 276 SCTP_ST_TIMEOUT(SCTP_EVENT_TIMEOUT_T3_RTX),
276 asoc->state, 277 asoc->state,
277 asoc->ep, asoc, 278 asoc->ep, asoc,
@@ -291,6 +292,7 @@ out_unlock:
291static void sctp_generate_timeout_event(struct sctp_association *asoc, 292static void sctp_generate_timeout_event(struct sctp_association *asoc,
292 sctp_event_timeout_t timeout_type) 293 sctp_event_timeout_t timeout_type)
293{ 294{
295 struct net *net = sock_net(asoc->base.sk);
294 int error = 0; 296 int error = 0;
295 297
296 sctp_bh_lock_sock(asoc->base.sk); 298 sctp_bh_lock_sock(asoc->base.sk);
@@ -312,7 +314,7 @@ static void sctp_generate_timeout_event(struct sctp_association *asoc,
312 goto out_unlock; 314 goto out_unlock;
313 315
314 /* Run through the state machine. */ 316 /* Run through the state machine. */
315 error = sctp_do_sm(SCTP_EVENT_T_TIMEOUT, 317 error = sctp_do_sm(net, SCTP_EVENT_T_TIMEOUT,
316 SCTP_ST_TIMEOUT(timeout_type), 318 SCTP_ST_TIMEOUT(timeout_type),
317 asoc->state, asoc->ep, asoc, 319 asoc->state, asoc->ep, asoc,
318 (void *)timeout_type, GFP_ATOMIC); 320 (void *)timeout_type, GFP_ATOMIC);
@@ -371,6 +373,7 @@ void sctp_generate_heartbeat_event(unsigned long data)
371 int error = 0; 373 int error = 0;
372 struct sctp_transport *transport = (struct sctp_transport *) data; 374 struct sctp_transport *transport = (struct sctp_transport *) data;
373 struct sctp_association *asoc = transport->asoc; 375 struct sctp_association *asoc = transport->asoc;
376 struct net *net = sock_net(asoc->base.sk);
374 377
375 sctp_bh_lock_sock(asoc->base.sk); 378 sctp_bh_lock_sock(asoc->base.sk);
376 if (sock_owned_by_user(asoc->base.sk)) { 379 if (sock_owned_by_user(asoc->base.sk)) {
@@ -388,7 +391,7 @@ void sctp_generate_heartbeat_event(unsigned long data)
388 if (transport->dead) 391 if (transport->dead)
389 goto out_unlock; 392 goto out_unlock;
390 393
391 error = sctp_do_sm(SCTP_EVENT_T_TIMEOUT, 394 error = sctp_do_sm(net, SCTP_EVENT_T_TIMEOUT,
392 SCTP_ST_TIMEOUT(SCTP_EVENT_TIMEOUT_HEARTBEAT), 395 SCTP_ST_TIMEOUT(SCTP_EVENT_TIMEOUT_HEARTBEAT),
393 asoc->state, asoc->ep, asoc, 396 asoc->state, asoc->ep, asoc,
394 transport, GFP_ATOMIC); 397 transport, GFP_ATOMIC);
@@ -408,6 +411,7 @@ void sctp_generate_proto_unreach_event(unsigned long data)
408{ 411{
409 struct sctp_transport *transport = (struct sctp_transport *) data; 412 struct sctp_transport *transport = (struct sctp_transport *) data;
410 struct sctp_association *asoc = transport->asoc; 413 struct sctp_association *asoc = transport->asoc;
414 struct net *net = sock_net(asoc->base.sk);
411 415
412 sctp_bh_lock_sock(asoc->base.sk); 416 sctp_bh_lock_sock(asoc->base.sk);
413 if (sock_owned_by_user(asoc->base.sk)) { 417 if (sock_owned_by_user(asoc->base.sk)) {
@@ -426,7 +430,7 @@ void sctp_generate_proto_unreach_event(unsigned long data)
426 if (asoc->base.dead) 430 if (asoc->base.dead)
427 goto out_unlock; 431 goto out_unlock;
428 432
429 sctp_do_sm(SCTP_EVENT_T_OTHER, 433 sctp_do_sm(net, SCTP_EVENT_T_OTHER,
430 SCTP_ST_OTHER(SCTP_EVENT_ICMP_PROTO_UNREACH), 434 SCTP_ST_OTHER(SCTP_EVENT_ICMP_PROTO_UNREACH),
431 asoc->state, asoc->ep, asoc, transport, GFP_ATOMIC); 435 asoc->state, asoc->ep, asoc, transport, GFP_ATOMIC);
432 436
@@ -753,8 +757,10 @@ static int sctp_cmd_process_sack(sctp_cmd_seq_t *cmds,
753 int err = 0; 757 int err = 0;
754 758
755 if (sctp_outq_sack(&asoc->outqueue, sackh)) { 759 if (sctp_outq_sack(&asoc->outqueue, sackh)) {
760 struct net *net = sock_net(asoc->base.sk);
761
756 /* There are no more TSNs awaiting SACK. */ 762 /* There are no more TSNs awaiting SACK. */
757 err = sctp_do_sm(SCTP_EVENT_T_OTHER, 763 err = sctp_do_sm(net, SCTP_EVENT_T_OTHER,
758 SCTP_ST_OTHER(SCTP_EVENT_NO_PENDING_TSN), 764 SCTP_ST_OTHER(SCTP_EVENT_NO_PENDING_TSN),
759 asoc->state, asoc->ep, asoc, NULL, 765 asoc->state, asoc->ep, asoc, NULL,
760 GFP_ATOMIC); 766 GFP_ATOMIC);
@@ -1042,6 +1048,8 @@ static int sctp_cmd_send_msg(struct sctp_association *asoc,
1042 */ 1048 */
1043static void sctp_cmd_send_asconf(struct sctp_association *asoc) 1049static void sctp_cmd_send_asconf(struct sctp_association *asoc)
1044{ 1050{
1051 struct net *net = sock_net(asoc->base.sk);
1052
1045 /* Send the next asconf chunk from the addip chunk 1053 /* Send the next asconf chunk from the addip chunk
1046 * queue. 1054 * queue.
1047 */ 1055 */
@@ -1053,7 +1061,7 @@ static void sctp_cmd_send_asconf(struct sctp_association *asoc)
1053 1061
1054 /* Hold the chunk until an ASCONF_ACK is received. */ 1062 /* Hold the chunk until an ASCONF_ACK is received. */
1055 sctp_chunk_hold(asconf); 1063 sctp_chunk_hold(asconf);
1056 if (sctp_primitive_ASCONF(asoc, asconf)) 1064 if (sctp_primitive_ASCONF(net, asoc, asconf))
1057 sctp_chunk_free(asconf); 1065 sctp_chunk_free(asconf);
1058 else 1066 else
1059 asoc->addip_last_asconf = asconf; 1067 asoc->addip_last_asconf = asconf;
@@ -1089,7 +1097,7 @@ static void sctp_cmd_send_asconf(struct sctp_association *asoc)
1089 * If you want to understand all of lksctp, this is a 1097 * If you want to understand all of lksctp, this is a
1090 * good place to start. 1098 * good place to start.
1091 */ 1099 */
1092int sctp_do_sm(sctp_event_t event_type, sctp_subtype_t subtype, 1100int sctp_do_sm(struct net *net, sctp_event_t event_type, sctp_subtype_t subtype,
1093 sctp_state_t state, 1101 sctp_state_t state,
1094 struct sctp_endpoint *ep, 1102 struct sctp_endpoint *ep,
1095 struct sctp_association *asoc, 1103 struct sctp_association *asoc,
@@ -1110,12 +1118,12 @@ int sctp_do_sm(sctp_event_t event_type, sctp_subtype_t subtype,
1110 /* Look up the state function, run it, and then process the 1118 /* Look up the state function, run it, and then process the
1111 * side effects. These three steps are the heart of lksctp. 1119 * side effects. These three steps are the heart of lksctp.
1112 */ 1120 */
1113 state_fn = sctp_sm_lookup_event(event_type, state, subtype); 1121 state_fn = sctp_sm_lookup_event(net, event_type, state, subtype);
1114 1122
1115 sctp_init_cmd_seq(&commands); 1123 sctp_init_cmd_seq(&commands);
1116 1124
1117 DEBUG_PRE; 1125 DEBUG_PRE;
1118 status = (*state_fn->fn)(ep, asoc, subtype, event_arg, &commands); 1126 status = (*state_fn->fn)(net, ep, asoc, subtype, event_arg, &commands);
1119 DEBUG_POST; 1127 DEBUG_POST;
1120 1128
1121 error = sctp_side_effects(event_type, subtype, state, 1129 error = sctp_side_effects(event_type, subtype, state,
diff --git a/net/sctp/sm_statefuns.c b/net/sctp/sm_statefuns.c
index 9fca10357350..094813b6c3c3 100644
--- a/net/sctp/sm_statefuns.c
+++ b/net/sctp/sm_statefuns.c
@@ -66,7 +66,8 @@
66#include <net/sctp/sm.h> 66#include <net/sctp/sm.h>
67#include <net/sctp/structs.h> 67#include <net/sctp/structs.h>
68 68
69static struct sctp_packet *sctp_abort_pkt_new(const struct sctp_endpoint *ep, 69static struct sctp_packet *sctp_abort_pkt_new(struct net *net,
70 const struct sctp_endpoint *ep,
70 const struct sctp_association *asoc, 71 const struct sctp_association *asoc,
71 struct sctp_chunk *chunk, 72 struct sctp_chunk *chunk,
72 const void *payload, 73 const void *payload,
@@ -74,36 +75,43 @@ static struct sctp_packet *sctp_abort_pkt_new(const struct sctp_endpoint *ep,
74static int sctp_eat_data(const struct sctp_association *asoc, 75static int sctp_eat_data(const struct sctp_association *asoc,
75 struct sctp_chunk *chunk, 76 struct sctp_chunk *chunk,
76 sctp_cmd_seq_t *commands); 77 sctp_cmd_seq_t *commands);
77static struct sctp_packet *sctp_ootb_pkt_new(const struct sctp_association *asoc, 78static struct sctp_packet *sctp_ootb_pkt_new(struct net *net,
79 const struct sctp_association *asoc,
78 const struct sctp_chunk *chunk); 80 const struct sctp_chunk *chunk);
79static void sctp_send_stale_cookie_err(const struct sctp_endpoint *ep, 81static void sctp_send_stale_cookie_err(struct net *net,
82 const struct sctp_endpoint *ep,
80 const struct sctp_association *asoc, 83 const struct sctp_association *asoc,
81 const struct sctp_chunk *chunk, 84 const struct sctp_chunk *chunk,
82 sctp_cmd_seq_t *commands, 85 sctp_cmd_seq_t *commands,
83 struct sctp_chunk *err_chunk); 86 struct sctp_chunk *err_chunk);
84static sctp_disposition_t sctp_sf_do_5_2_6_stale(const struct sctp_endpoint *ep, 87static sctp_disposition_t sctp_sf_do_5_2_6_stale(struct net *net,
88 const struct sctp_endpoint *ep,
85 const struct sctp_association *asoc, 89 const struct sctp_association *asoc,
86 const sctp_subtype_t type, 90 const sctp_subtype_t type,
87 void *arg, 91 void *arg,
88 sctp_cmd_seq_t *commands); 92 sctp_cmd_seq_t *commands);
89static sctp_disposition_t sctp_sf_shut_8_4_5(const struct sctp_endpoint *ep, 93static sctp_disposition_t sctp_sf_shut_8_4_5(struct net *net,
94 const struct sctp_endpoint *ep,
90 const struct sctp_association *asoc, 95 const struct sctp_association *asoc,
91 const sctp_subtype_t type, 96 const sctp_subtype_t type,
92 void *arg, 97 void *arg,
93 sctp_cmd_seq_t *commands); 98 sctp_cmd_seq_t *commands);
94static sctp_disposition_t sctp_sf_tabort_8_4_8(const struct sctp_endpoint *ep, 99static sctp_disposition_t sctp_sf_tabort_8_4_8(struct net *net,
100 const struct sctp_endpoint *ep,
95 const struct sctp_association *asoc, 101 const struct sctp_association *asoc,
96 const sctp_subtype_t type, 102 const sctp_subtype_t type,
97 void *arg, 103 void *arg,
98 sctp_cmd_seq_t *commands); 104 sctp_cmd_seq_t *commands);
99static struct sctp_sackhdr *sctp_sm_pull_sack(struct sctp_chunk *chunk); 105static struct sctp_sackhdr *sctp_sm_pull_sack(struct sctp_chunk *chunk);
100 106
101static sctp_disposition_t sctp_stop_t1_and_abort(sctp_cmd_seq_t *commands, 107static sctp_disposition_t sctp_stop_t1_and_abort(struct net *net,
108 sctp_cmd_seq_t *commands,
102 __be16 error, int sk_err, 109 __be16 error, int sk_err,
103 const struct sctp_association *asoc, 110 const struct sctp_association *asoc,
104 struct sctp_transport *transport); 111 struct sctp_transport *transport);
105 112
106static sctp_disposition_t sctp_sf_abort_violation( 113static sctp_disposition_t sctp_sf_abort_violation(
114 struct net *net,
107 const struct sctp_endpoint *ep, 115 const struct sctp_endpoint *ep,
108 const struct sctp_association *asoc, 116 const struct sctp_association *asoc,
109 void *arg, 117 void *arg,
@@ -112,6 +120,7 @@ static sctp_disposition_t sctp_sf_abort_violation(
112 const size_t paylen); 120 const size_t paylen);
113 121
114static sctp_disposition_t sctp_sf_violation_chunklen( 122static sctp_disposition_t sctp_sf_violation_chunklen(
123 struct net *net,
115 const struct sctp_endpoint *ep, 124 const struct sctp_endpoint *ep,
116 const struct sctp_association *asoc, 125 const struct sctp_association *asoc,
117 const sctp_subtype_t type, 126 const sctp_subtype_t type,
@@ -119,6 +128,7 @@ static sctp_disposition_t sctp_sf_violation_chunklen(
119 sctp_cmd_seq_t *commands); 128 sctp_cmd_seq_t *commands);
120 129
121static sctp_disposition_t sctp_sf_violation_paramlen( 130static sctp_disposition_t sctp_sf_violation_paramlen(
131 struct net *net,
122 const struct sctp_endpoint *ep, 132 const struct sctp_endpoint *ep,
123 const struct sctp_association *asoc, 133 const struct sctp_association *asoc,
124 const sctp_subtype_t type, 134 const sctp_subtype_t type,
@@ -126,6 +136,7 @@ static sctp_disposition_t sctp_sf_violation_paramlen(
126 sctp_cmd_seq_t *commands); 136 sctp_cmd_seq_t *commands);
127 137
128static sctp_disposition_t sctp_sf_violation_ctsn( 138static sctp_disposition_t sctp_sf_violation_ctsn(
139 struct net *net,
129 const struct sctp_endpoint *ep, 140 const struct sctp_endpoint *ep,
130 const struct sctp_association *asoc, 141 const struct sctp_association *asoc,
131 const sctp_subtype_t type, 142 const sctp_subtype_t type,
@@ -133,18 +144,21 @@ static sctp_disposition_t sctp_sf_violation_ctsn(
133 sctp_cmd_seq_t *commands); 144 sctp_cmd_seq_t *commands);
134 145
135static sctp_disposition_t sctp_sf_violation_chunk( 146static sctp_disposition_t sctp_sf_violation_chunk(
147 struct net *net,
136 const struct sctp_endpoint *ep, 148 const struct sctp_endpoint *ep,
137 const struct sctp_association *asoc, 149 const struct sctp_association *asoc,
138 const sctp_subtype_t type, 150 const sctp_subtype_t type,
139 void *arg, 151 void *arg,
140 sctp_cmd_seq_t *commands); 152 sctp_cmd_seq_t *commands);
141 153
142static sctp_ierror_t sctp_sf_authenticate(const struct sctp_endpoint *ep, 154static sctp_ierror_t sctp_sf_authenticate(struct net *net,
155 const struct sctp_endpoint *ep,
143 const struct sctp_association *asoc, 156 const struct sctp_association *asoc,
144 const sctp_subtype_t type, 157 const sctp_subtype_t type,
145 struct sctp_chunk *chunk); 158 struct sctp_chunk *chunk);
146 159
147static sctp_disposition_t __sctp_sf_do_9_1_abort(const struct sctp_endpoint *ep, 160static sctp_disposition_t __sctp_sf_do_9_1_abort(struct net *net,
161 const struct sctp_endpoint *ep,
148 const struct sctp_association *asoc, 162 const struct sctp_association *asoc,
149 const sctp_subtype_t type, 163 const sctp_subtype_t type,
150 void *arg, 164 void *arg,
@@ -204,7 +218,8 @@ sctp_chunk_length_valid(struct sctp_chunk *chunk,
204 * 218 *
205 * The return value is the disposition of the chunk. 219 * The return value is the disposition of the chunk.
206 */ 220 */
207sctp_disposition_t sctp_sf_do_4_C(const struct sctp_endpoint *ep, 221sctp_disposition_t sctp_sf_do_4_C(struct net *net,
222 const struct sctp_endpoint *ep,
208 const struct sctp_association *asoc, 223 const struct sctp_association *asoc,
209 const sctp_subtype_t type, 224 const sctp_subtype_t type,
210 void *arg, 225 void *arg,
@@ -214,7 +229,7 @@ sctp_disposition_t sctp_sf_do_4_C(const struct sctp_endpoint *ep,
214 struct sctp_ulpevent *ev; 229 struct sctp_ulpevent *ev;
215 230
216 if (!sctp_vtag_verify_either(chunk, asoc)) 231 if (!sctp_vtag_verify_either(chunk, asoc))
217 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 232 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
218 233
219 /* RFC 2960 6.10 Bundling 234 /* RFC 2960 6.10 Bundling
220 * 235 *
@@ -222,11 +237,11 @@ sctp_disposition_t sctp_sf_do_4_C(const struct sctp_endpoint *ep,
222 * SHUTDOWN COMPLETE with any other chunks. 237 * SHUTDOWN COMPLETE with any other chunks.
223 */ 238 */
224 if (!chunk->singleton) 239 if (!chunk->singleton)
225 return sctp_sf_violation_chunk(ep, asoc, type, arg, commands); 240 return sctp_sf_violation_chunk(net, ep, asoc, type, arg, commands);
226 241
227 /* Make sure that the SHUTDOWN_COMPLETE chunk has a valid length. */ 242 /* Make sure that the SHUTDOWN_COMPLETE chunk has a valid length. */
228 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_chunkhdr_t))) 243 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_chunkhdr_t)))
229 return sctp_sf_violation_chunklen(ep, asoc, type, arg, 244 return sctp_sf_violation_chunklen(net, ep, asoc, type, arg,
230 commands); 245 commands);
231 246
232 /* RFC 2960 10.2 SCTP-to-ULP 247 /* RFC 2960 10.2 SCTP-to-ULP
@@ -259,8 +274,8 @@ sctp_disposition_t sctp_sf_do_4_C(const struct sctp_endpoint *ep,
259 sctp_add_cmd_sf(commands, SCTP_CMD_NEW_STATE, 274 sctp_add_cmd_sf(commands, SCTP_CMD_NEW_STATE,
260 SCTP_STATE(SCTP_STATE_CLOSED)); 275 SCTP_STATE(SCTP_STATE_CLOSED));
261 276
262 SCTP_INC_STATS(SCTP_MIB_SHUTDOWNS); 277 SCTP_INC_STATS(net, SCTP_MIB_SHUTDOWNS);
263 SCTP_DEC_STATS(SCTP_MIB_CURRESTAB); 278 SCTP_DEC_STATS(net, SCTP_MIB_CURRESTAB);
264 279
265 sctp_add_cmd_sf(commands, SCTP_CMD_DELETE_TCB, SCTP_NULL()); 280 sctp_add_cmd_sf(commands, SCTP_CMD_DELETE_TCB, SCTP_NULL());
266 281
@@ -289,7 +304,8 @@ sctp_disposition_t sctp_sf_do_4_C(const struct sctp_endpoint *ep,
289 * 304 *
290 * The return value is the disposition of the chunk. 305 * The return value is the disposition of the chunk.
291 */ 306 */
292sctp_disposition_t sctp_sf_do_5_1B_init(const struct sctp_endpoint *ep, 307sctp_disposition_t sctp_sf_do_5_1B_init(struct net *net,
308 const struct sctp_endpoint *ep,
293 const struct sctp_association *asoc, 309 const struct sctp_association *asoc,
294 const sctp_subtype_t type, 310 const sctp_subtype_t type,
295 void *arg, 311 void *arg,
@@ -313,21 +329,21 @@ sctp_disposition_t sctp_sf_do_5_1B_init(const struct sctp_endpoint *ep,
313 * with an INIT chunk that is bundled with other chunks. 329 * with an INIT chunk that is bundled with other chunks.
314 */ 330 */
315 if (!chunk->singleton) 331 if (!chunk->singleton)
316 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 332 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
317 333
318 /* If the packet is an OOTB packet which is temporarily on the 334 /* If the packet is an OOTB packet which is temporarily on the
319 * control endpoint, respond with an ABORT. 335 * control endpoint, respond with an ABORT.
320 */ 336 */
321 if (ep == sctp_sk((sctp_get_ctl_sock()))->ep) { 337 if (ep == sctp_sk(net->sctp.ctl_sock)->ep) {
322 SCTP_INC_STATS(SCTP_MIB_OUTOFBLUES); 338 SCTP_INC_STATS(net, SCTP_MIB_OUTOFBLUES);
323 return sctp_sf_tabort_8_4_8(ep, asoc, type, arg, commands); 339 return sctp_sf_tabort_8_4_8(net, ep, asoc, type, arg, commands);
324 } 340 }
325 341
326 /* 3.1 A packet containing an INIT chunk MUST have a zero Verification 342 /* 3.1 A packet containing an INIT chunk MUST have a zero Verification
327 * Tag. 343 * Tag.
328 */ 344 */
329 if (chunk->sctp_hdr->vtag != 0) 345 if (chunk->sctp_hdr->vtag != 0)
330 return sctp_sf_tabort_8_4_8(ep, asoc, type, arg, commands); 346 return sctp_sf_tabort_8_4_8(net, ep, asoc, type, arg, commands);
331 347
332 /* Make sure that the INIT chunk has a valid length. 348 /* Make sure that the INIT chunk has a valid length.
333 * Normally, this would cause an ABORT with a Protocol Violation 349 * Normally, this would cause an ABORT with a Protocol Violation
@@ -335,7 +351,7 @@ sctp_disposition_t sctp_sf_do_5_1B_init(const struct sctp_endpoint *ep,
335 * just discard the packet. 351 * just discard the packet.
336 */ 352 */
337 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_init_chunk_t))) 353 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_init_chunk_t)))
338 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 354 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
339 355
340 /* If the INIT is coming toward a closing socket, we'll send back 356 /* If the INIT is coming toward a closing socket, we'll send back
341 * and ABORT. Essentially, this catches the race of INIT being 357 * and ABORT. Essentially, this catches the race of INIT being
@@ -344,18 +360,18 @@ sctp_disposition_t sctp_sf_do_5_1B_init(const struct sctp_endpoint *ep,
344 * can treat this OOTB 360 * can treat this OOTB
345 */ 361 */
346 if (sctp_sstate(ep->base.sk, CLOSING)) 362 if (sctp_sstate(ep->base.sk, CLOSING))
347 return sctp_sf_tabort_8_4_8(ep, asoc, type, arg, commands); 363 return sctp_sf_tabort_8_4_8(net, ep, asoc, type, arg, commands);
348 364
349 /* Verify the INIT chunk before processing it. */ 365 /* Verify the INIT chunk before processing it. */
350 err_chunk = NULL; 366 err_chunk = NULL;
351 if (!sctp_verify_init(asoc, chunk->chunk_hdr->type, 367 if (!sctp_verify_init(net, asoc, chunk->chunk_hdr->type,
352 (sctp_init_chunk_t *)chunk->chunk_hdr, chunk, 368 (sctp_init_chunk_t *)chunk->chunk_hdr, chunk,
353 &err_chunk)) { 369 &err_chunk)) {
354 /* This chunk contains fatal error. It is to be discarded. 370 /* This chunk contains fatal error. It is to be discarded.
355 * Send an ABORT, with causes if there is any. 371 * Send an ABORT, with causes if there is any.
356 */ 372 */
357 if (err_chunk) { 373 if (err_chunk) {
358 packet = sctp_abort_pkt_new(ep, asoc, arg, 374 packet = sctp_abort_pkt_new(net, ep, asoc, arg,
359 (__u8 *)(err_chunk->chunk_hdr) + 375 (__u8 *)(err_chunk->chunk_hdr) +
360 sizeof(sctp_chunkhdr_t), 376 sizeof(sctp_chunkhdr_t),
361 ntohs(err_chunk->chunk_hdr->length) - 377 ntohs(err_chunk->chunk_hdr->length) -
@@ -366,13 +382,13 @@ sctp_disposition_t sctp_sf_do_5_1B_init(const struct sctp_endpoint *ep,
366 if (packet) { 382 if (packet) {
367 sctp_add_cmd_sf(commands, SCTP_CMD_SEND_PKT, 383 sctp_add_cmd_sf(commands, SCTP_CMD_SEND_PKT,
368 SCTP_PACKET(packet)); 384 SCTP_PACKET(packet));
369 SCTP_INC_STATS(SCTP_MIB_OUTCTRLCHUNKS); 385 SCTP_INC_STATS(net, SCTP_MIB_OUTCTRLCHUNKS);
370 return SCTP_DISPOSITION_CONSUME; 386 return SCTP_DISPOSITION_CONSUME;
371 } else { 387 } else {
372 return SCTP_DISPOSITION_NOMEM; 388 return SCTP_DISPOSITION_NOMEM;
373 } 389 }
374 } else { 390 } else {
375 return sctp_sf_tabort_8_4_8(ep, asoc, type, arg, 391 return sctp_sf_tabort_8_4_8(net, ep, asoc, type, arg,
376 commands); 392 commands);
377 } 393 }
378 } 394 }
@@ -484,7 +500,8 @@ nomem:
484 * 500 *
485 * The return value is the disposition of the chunk. 501 * The return value is the disposition of the chunk.
486 */ 502 */
487sctp_disposition_t sctp_sf_do_5_1C_ack(const struct sctp_endpoint *ep, 503sctp_disposition_t sctp_sf_do_5_1C_ack(struct net *net,
504 const struct sctp_endpoint *ep,
488 const struct sctp_association *asoc, 505 const struct sctp_association *asoc,
489 const sctp_subtype_t type, 506 const sctp_subtype_t type,
490 void *arg, 507 void *arg,
@@ -496,25 +513,25 @@ sctp_disposition_t sctp_sf_do_5_1C_ack(const struct sctp_endpoint *ep,
496 struct sctp_packet *packet; 513 struct sctp_packet *packet;
497 514
498 if (!sctp_vtag_verify(chunk, asoc)) 515 if (!sctp_vtag_verify(chunk, asoc))
499 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 516 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
500 517
501 /* 6.10 Bundling 518 /* 6.10 Bundling
502 * An endpoint MUST NOT bundle INIT, INIT ACK or 519 * An endpoint MUST NOT bundle INIT, INIT ACK or
503 * SHUTDOWN COMPLETE with any other chunks. 520 * SHUTDOWN COMPLETE with any other chunks.
504 */ 521 */
505 if (!chunk->singleton) 522 if (!chunk->singleton)
506 return sctp_sf_violation_chunk(ep, asoc, type, arg, commands); 523 return sctp_sf_violation_chunk(net, ep, asoc, type, arg, commands);
507 524
508 /* Make sure that the INIT-ACK chunk has a valid length */ 525 /* Make sure that the INIT-ACK chunk has a valid length */
509 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_initack_chunk_t))) 526 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_initack_chunk_t)))
510 return sctp_sf_violation_chunklen(ep, asoc, type, arg, 527 return sctp_sf_violation_chunklen(net, ep, asoc, type, arg,
511 commands); 528 commands);
512 /* Grab the INIT header. */ 529 /* Grab the INIT header. */
513 chunk->subh.init_hdr = (sctp_inithdr_t *) chunk->skb->data; 530 chunk->subh.init_hdr = (sctp_inithdr_t *) chunk->skb->data;
514 531
515 /* Verify the INIT chunk before processing it. */ 532 /* Verify the INIT chunk before processing it. */
516 err_chunk = NULL; 533 err_chunk = NULL;
517 if (!sctp_verify_init(asoc, chunk->chunk_hdr->type, 534 if (!sctp_verify_init(net, asoc, chunk->chunk_hdr->type,
518 (sctp_init_chunk_t *)chunk->chunk_hdr, chunk, 535 (sctp_init_chunk_t *)chunk->chunk_hdr, chunk,
519 &err_chunk)) { 536 &err_chunk)) {
520 537
@@ -526,7 +543,7 @@ sctp_disposition_t sctp_sf_do_5_1C_ack(const struct sctp_endpoint *ep,
526 * the association. 543 * the association.
527 */ 544 */
528 if (err_chunk) { 545 if (err_chunk) {
529 packet = sctp_abort_pkt_new(ep, asoc, arg, 546 packet = sctp_abort_pkt_new(net, ep, asoc, arg,
530 (__u8 *)(err_chunk->chunk_hdr) + 547 (__u8 *)(err_chunk->chunk_hdr) +
531 sizeof(sctp_chunkhdr_t), 548 sizeof(sctp_chunkhdr_t),
532 ntohs(err_chunk->chunk_hdr->length) - 549 ntohs(err_chunk->chunk_hdr->length) -
@@ -537,7 +554,7 @@ sctp_disposition_t sctp_sf_do_5_1C_ack(const struct sctp_endpoint *ep,
537 if (packet) { 554 if (packet) {
538 sctp_add_cmd_sf(commands, SCTP_CMD_SEND_PKT, 555 sctp_add_cmd_sf(commands, SCTP_CMD_SEND_PKT,
539 SCTP_PACKET(packet)); 556 SCTP_PACKET(packet));
540 SCTP_INC_STATS(SCTP_MIB_OUTCTRLCHUNKS); 557 SCTP_INC_STATS(net, SCTP_MIB_OUTCTRLCHUNKS);
541 error = SCTP_ERROR_INV_PARAM; 558 error = SCTP_ERROR_INV_PARAM;
542 } 559 }
543 } 560 }
@@ -554,10 +571,10 @@ sctp_disposition_t sctp_sf_do_5_1C_ack(const struct sctp_endpoint *ep,
554 * was malformed. 571 * was malformed.
555 */ 572 */
556 if (sctp_auth_recv_cid(SCTP_CID_ABORT, asoc)) 573 if (sctp_auth_recv_cid(SCTP_CID_ABORT, asoc))
557 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 574 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
558 575
559 SCTP_INC_STATS(SCTP_MIB_ABORTEDS); 576 SCTP_INC_STATS(net, SCTP_MIB_ABORTEDS);
560 return sctp_stop_t1_and_abort(commands, error, ECONNREFUSED, 577 return sctp_stop_t1_and_abort(net, commands, error, ECONNREFUSED,
561 asoc, chunk->transport); 578 asoc, chunk->transport);
562 } 579 }
563 580
@@ -633,7 +650,8 @@ sctp_disposition_t sctp_sf_do_5_1C_ack(const struct sctp_endpoint *ep,
633 * 650 *
634 * The return value is the disposition of the chunk. 651 * The return value is the disposition of the chunk.
635 */ 652 */
636sctp_disposition_t sctp_sf_do_5_1D_ce(const struct sctp_endpoint *ep, 653sctp_disposition_t sctp_sf_do_5_1D_ce(struct net *net,
654 const struct sctp_endpoint *ep,
637 const struct sctp_association *asoc, 655 const struct sctp_association *asoc,
638 const sctp_subtype_t type, void *arg, 656 const sctp_subtype_t type, void *arg,
639 sctp_cmd_seq_t *commands) 657 sctp_cmd_seq_t *commands)
@@ -650,9 +668,9 @@ sctp_disposition_t sctp_sf_do_5_1D_ce(const struct sctp_endpoint *ep,
650 /* If the packet is an OOTB packet which is temporarily on the 668 /* If the packet is an OOTB packet which is temporarily on the
651 * control endpoint, respond with an ABORT. 669 * control endpoint, respond with an ABORT.
652 */ 670 */
653 if (ep == sctp_sk((sctp_get_ctl_sock()))->ep) { 671 if (ep == sctp_sk(net->sctp.ctl_sock)->ep) {
654 SCTP_INC_STATS(SCTP_MIB_OUTOFBLUES); 672 SCTP_INC_STATS(net, SCTP_MIB_OUTOFBLUES);
655 return sctp_sf_tabort_8_4_8(ep, asoc, type, arg, commands); 673 return sctp_sf_tabort_8_4_8(net, ep, asoc, type, arg, commands);
656 } 674 }
657 675
658 /* Make sure that the COOKIE_ECHO chunk has a valid length. 676 /* Make sure that the COOKIE_ECHO chunk has a valid length.
@@ -661,7 +679,7 @@ sctp_disposition_t sctp_sf_do_5_1D_ce(const struct sctp_endpoint *ep,
661 * in sctp_unpack_cookie(). 679 * in sctp_unpack_cookie().
662 */ 680 */
663 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_chunkhdr_t))) 681 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_chunkhdr_t)))
664 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 682 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
665 683
666 /* If the endpoint is not listening or if the number of associations 684 /* If the endpoint is not listening or if the number of associations
667 * on the TCP-style socket exceed the max backlog, respond with an 685 * on the TCP-style socket exceed the max backlog, respond with an
@@ -670,7 +688,7 @@ sctp_disposition_t sctp_sf_do_5_1D_ce(const struct sctp_endpoint *ep,
670 sk = ep->base.sk; 688 sk = ep->base.sk;
671 if (!sctp_sstate(sk, LISTENING) || 689 if (!sctp_sstate(sk, LISTENING) ||
672 (sctp_style(sk, TCP) && sk_acceptq_is_full(sk))) 690 (sctp_style(sk, TCP) && sk_acceptq_is_full(sk)))
673 return sctp_sf_tabort_8_4_8(ep, asoc, type, arg, commands); 691 return sctp_sf_tabort_8_4_8(net, ep, asoc, type, arg, commands);
674 692
675 /* "Decode" the chunk. We have no optional parameters so we 693 /* "Decode" the chunk. We have no optional parameters so we
676 * are in good shape. 694 * are in good shape.
@@ -703,13 +721,13 @@ sctp_disposition_t sctp_sf_do_5_1D_ce(const struct sctp_endpoint *ep,
703 goto nomem; 721 goto nomem;
704 722
705 case -SCTP_IERROR_STALE_COOKIE: 723 case -SCTP_IERROR_STALE_COOKIE:
706 sctp_send_stale_cookie_err(ep, asoc, chunk, commands, 724 sctp_send_stale_cookie_err(net, ep, asoc, chunk, commands,
707 err_chk_p); 725 err_chk_p);
708 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 726 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
709 727
710 case -SCTP_IERROR_BAD_SIG: 728 case -SCTP_IERROR_BAD_SIG:
711 default: 729 default:
712 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 730 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
713 } 731 }
714 } 732 }
715 733
@@ -756,14 +774,14 @@ sctp_disposition_t sctp_sf_do_5_1D_ce(const struct sctp_endpoint *ep,
756 skb_pull(chunk->auth_chunk, sizeof(sctp_chunkhdr_t)); 774 skb_pull(chunk->auth_chunk, sizeof(sctp_chunkhdr_t));
757 auth.transport = chunk->transport; 775 auth.transport = chunk->transport;
758 776
759 ret = sctp_sf_authenticate(ep, new_asoc, type, &auth); 777 ret = sctp_sf_authenticate(net, ep, new_asoc, type, &auth);
760 778
761 /* We can now safely free the auth_chunk clone */ 779 /* We can now safely free the auth_chunk clone */
762 kfree_skb(chunk->auth_chunk); 780 kfree_skb(chunk->auth_chunk);
763 781
764 if (ret != SCTP_IERROR_NO_ERROR) { 782 if (ret != SCTP_IERROR_NO_ERROR) {
765 sctp_association_free(new_asoc); 783 sctp_association_free(new_asoc);
766 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 784 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
767 } 785 }
768 } 786 }
769 787
@@ -804,8 +822,8 @@ sctp_disposition_t sctp_sf_do_5_1D_ce(const struct sctp_endpoint *ep,
804 sctp_add_cmd_sf(commands, SCTP_CMD_NEW_ASOC, SCTP_ASOC(new_asoc)); 822 sctp_add_cmd_sf(commands, SCTP_CMD_NEW_ASOC, SCTP_ASOC(new_asoc));
805 sctp_add_cmd_sf(commands, SCTP_CMD_NEW_STATE, 823 sctp_add_cmd_sf(commands, SCTP_CMD_NEW_STATE,
806 SCTP_STATE(SCTP_STATE_ESTABLISHED)); 824 SCTP_STATE(SCTP_STATE_ESTABLISHED));
807 SCTP_INC_STATS(SCTP_MIB_CURRESTAB); 825 SCTP_INC_STATS(net, SCTP_MIB_CURRESTAB);
808 SCTP_INC_STATS(SCTP_MIB_PASSIVEESTABS); 826 SCTP_INC_STATS(net, SCTP_MIB_PASSIVEESTABS);
809 sctp_add_cmd_sf(commands, SCTP_CMD_HB_TIMERS_START, SCTP_NULL()); 827 sctp_add_cmd_sf(commands, SCTP_CMD_HB_TIMERS_START, SCTP_NULL());
810 828
811 if (new_asoc->autoclose) 829 if (new_asoc->autoclose)
@@ -856,7 +874,8 @@ nomem:
856 * 874 *
857 * The return value is the disposition of the chunk. 875 * The return value is the disposition of the chunk.
858 */ 876 */
859sctp_disposition_t sctp_sf_do_5_1E_ca(const struct sctp_endpoint *ep, 877sctp_disposition_t sctp_sf_do_5_1E_ca(struct net *net,
878 const struct sctp_endpoint *ep,
860 const struct sctp_association *asoc, 879 const struct sctp_association *asoc,
861 const sctp_subtype_t type, void *arg, 880 const sctp_subtype_t type, void *arg,
862 sctp_cmd_seq_t *commands) 881 sctp_cmd_seq_t *commands)
@@ -865,13 +884,13 @@ sctp_disposition_t sctp_sf_do_5_1E_ca(const struct sctp_endpoint *ep,
865 struct sctp_ulpevent *ev; 884 struct sctp_ulpevent *ev;
866 885
867 if (!sctp_vtag_verify(chunk, asoc)) 886 if (!sctp_vtag_verify(chunk, asoc))
868 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 887 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
869 888
870 /* Verify that the chunk length for the COOKIE-ACK is OK. 889 /* Verify that the chunk length for the COOKIE-ACK is OK.
871 * If we don't do this, any bundled chunks may be junked. 890 * If we don't do this, any bundled chunks may be junked.
872 */ 891 */
873 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_chunkhdr_t))) 892 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_chunkhdr_t)))
874 return sctp_sf_violation_chunklen(ep, asoc, type, arg, 893 return sctp_sf_violation_chunklen(net, ep, asoc, type, arg,
875 commands); 894 commands);
876 895
877 /* Reset init error count upon receipt of COOKIE-ACK, 896 /* Reset init error count upon receipt of COOKIE-ACK,
@@ -892,8 +911,8 @@ sctp_disposition_t sctp_sf_do_5_1E_ca(const struct sctp_endpoint *ep,
892 SCTP_TO(SCTP_EVENT_TIMEOUT_T1_COOKIE)); 911 SCTP_TO(SCTP_EVENT_TIMEOUT_T1_COOKIE));
893 sctp_add_cmd_sf(commands, SCTP_CMD_NEW_STATE, 912 sctp_add_cmd_sf(commands, SCTP_CMD_NEW_STATE,
894 SCTP_STATE(SCTP_STATE_ESTABLISHED)); 913 SCTP_STATE(SCTP_STATE_ESTABLISHED));
895 SCTP_INC_STATS(SCTP_MIB_CURRESTAB); 914 SCTP_INC_STATS(net, SCTP_MIB_CURRESTAB);
896 SCTP_INC_STATS(SCTP_MIB_ACTIVEESTABS); 915 SCTP_INC_STATS(net, SCTP_MIB_ACTIVEESTABS);
897 sctp_add_cmd_sf(commands, SCTP_CMD_HB_TIMERS_START, SCTP_NULL()); 916 sctp_add_cmd_sf(commands, SCTP_CMD_HB_TIMERS_START, SCTP_NULL());
898 if (asoc->autoclose) 917 if (asoc->autoclose)
899 sctp_add_cmd_sf(commands, SCTP_CMD_TIMER_START, 918 sctp_add_cmd_sf(commands, SCTP_CMD_TIMER_START,
@@ -958,7 +977,8 @@ static sctp_disposition_t sctp_sf_heartbeat(const struct sctp_endpoint *ep,
958} 977}
959 978
960/* Generate a HEARTBEAT packet on the given transport. */ 979/* Generate a HEARTBEAT packet on the given transport. */
961sctp_disposition_t sctp_sf_sendbeat_8_3(const struct sctp_endpoint *ep, 980sctp_disposition_t sctp_sf_sendbeat_8_3(struct net *net,
981 const struct sctp_endpoint *ep,
962 const struct sctp_association *asoc, 982 const struct sctp_association *asoc,
963 const sctp_subtype_t type, 983 const sctp_subtype_t type,
964 void *arg, 984 void *arg,
@@ -972,8 +992,8 @@ sctp_disposition_t sctp_sf_sendbeat_8_3(const struct sctp_endpoint *ep,
972 /* CMD_ASSOC_FAILED calls CMD_DELETE_TCB. */ 992 /* CMD_ASSOC_FAILED calls CMD_DELETE_TCB. */
973 sctp_add_cmd_sf(commands, SCTP_CMD_ASSOC_FAILED, 993 sctp_add_cmd_sf(commands, SCTP_CMD_ASSOC_FAILED,
974 SCTP_PERR(SCTP_ERROR_NO_ERROR)); 994 SCTP_PERR(SCTP_ERROR_NO_ERROR));
975 SCTP_INC_STATS(SCTP_MIB_ABORTEDS); 995 SCTP_INC_STATS(net, SCTP_MIB_ABORTEDS);
976 SCTP_DEC_STATS(SCTP_MIB_CURRESTAB); 996 SCTP_DEC_STATS(net, SCTP_MIB_CURRESTAB);
977 return SCTP_DISPOSITION_DELETE_TCB; 997 return SCTP_DISPOSITION_DELETE_TCB;
978 } 998 }
979 999
@@ -1028,7 +1048,8 @@ sctp_disposition_t sctp_sf_sendbeat_8_3(const struct sctp_endpoint *ep,
1028 * 1048 *
1029 * The return value is the disposition of the chunk. 1049 * The return value is the disposition of the chunk.
1030 */ 1050 */
1031sctp_disposition_t sctp_sf_beat_8_3(const struct sctp_endpoint *ep, 1051sctp_disposition_t sctp_sf_beat_8_3(struct net *net,
1052 const struct sctp_endpoint *ep,
1032 const struct sctp_association *asoc, 1053 const struct sctp_association *asoc,
1033 const sctp_subtype_t type, 1054 const sctp_subtype_t type,
1034 void *arg, 1055 void *arg,
@@ -1039,11 +1060,11 @@ sctp_disposition_t sctp_sf_beat_8_3(const struct sctp_endpoint *ep,
1039 size_t paylen = 0; 1060 size_t paylen = 0;
1040 1061
1041 if (!sctp_vtag_verify(chunk, asoc)) 1062 if (!sctp_vtag_verify(chunk, asoc))
1042 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 1063 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
1043 1064
1044 /* Make sure that the HEARTBEAT chunk has a valid length. */ 1065 /* Make sure that the HEARTBEAT chunk has a valid length. */
1045 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_heartbeat_chunk_t))) 1066 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_heartbeat_chunk_t)))
1046 return sctp_sf_violation_chunklen(ep, asoc, type, arg, 1067 return sctp_sf_violation_chunklen(net, ep, asoc, type, arg,
1047 commands); 1068 commands);
1048 1069
1049 /* 8.3 The receiver of the HEARTBEAT should immediately 1070 /* 8.3 The receiver of the HEARTBEAT should immediately
@@ -1095,7 +1116,8 @@ nomem:
1095 * 1116 *
1096 * The return value is the disposition of the chunk. 1117 * The return value is the disposition of the chunk.
1097 */ 1118 */
1098sctp_disposition_t sctp_sf_backbeat_8_3(const struct sctp_endpoint *ep, 1119sctp_disposition_t sctp_sf_backbeat_8_3(struct net *net,
1120 const struct sctp_endpoint *ep,
1099 const struct sctp_association *asoc, 1121 const struct sctp_association *asoc,
1100 const sctp_subtype_t type, 1122 const sctp_subtype_t type,
1101 void *arg, 1123 void *arg,
@@ -1108,12 +1130,12 @@ sctp_disposition_t sctp_sf_backbeat_8_3(const struct sctp_endpoint *ep,
1108 unsigned long max_interval; 1130 unsigned long max_interval;
1109 1131
1110 if (!sctp_vtag_verify(chunk, asoc)) 1132 if (!sctp_vtag_verify(chunk, asoc))
1111 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 1133 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
1112 1134
1113 /* Make sure that the HEARTBEAT-ACK chunk has a valid length. */ 1135 /* Make sure that the HEARTBEAT-ACK chunk has a valid length. */
1114 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_chunkhdr_t) + 1136 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_chunkhdr_t) +
1115 sizeof(sctp_sender_hb_info_t))) 1137 sizeof(sctp_sender_hb_info_t)))
1116 return sctp_sf_violation_chunklen(ep, asoc, type, arg, 1138 return sctp_sf_violation_chunklen(net, ep, asoc, type, arg,
1117 commands); 1139 commands);
1118 1140
1119 hbinfo = (sctp_sender_hb_info_t *) chunk->skb->data; 1141 hbinfo = (sctp_sender_hb_info_t *) chunk->skb->data;
@@ -1171,7 +1193,7 @@ sctp_disposition_t sctp_sf_backbeat_8_3(const struct sctp_endpoint *ep,
1171/* Helper function to send out an abort for the restart 1193/* Helper function to send out an abort for the restart
1172 * condition. 1194 * condition.
1173 */ 1195 */
1174static int sctp_sf_send_restart_abort(union sctp_addr *ssa, 1196static int sctp_sf_send_restart_abort(struct net *net, union sctp_addr *ssa,
1175 struct sctp_chunk *init, 1197 struct sctp_chunk *init,
1176 sctp_cmd_seq_t *commands) 1198 sctp_cmd_seq_t *commands)
1177{ 1199{
@@ -1197,18 +1219,18 @@ static int sctp_sf_send_restart_abort(union sctp_addr *ssa,
1197 errhdr->length = htons(len); 1219 errhdr->length = htons(len);
1198 1220
1199 /* Assign to the control socket. */ 1221 /* Assign to the control socket. */
1200 ep = sctp_sk((sctp_get_ctl_sock()))->ep; 1222 ep = sctp_sk(net->sctp.ctl_sock)->ep;
1201 1223
1202 /* Association is NULL since this may be a restart attack and we 1224 /* Association is NULL since this may be a restart attack and we
1203 * want to send back the attacker's vtag. 1225 * want to send back the attacker's vtag.
1204 */ 1226 */
1205 pkt = sctp_abort_pkt_new(ep, NULL, init, errhdr, len); 1227 pkt = sctp_abort_pkt_new(net, ep, NULL, init, errhdr, len);
1206 1228
1207 if (!pkt) 1229 if (!pkt)
1208 goto out; 1230 goto out;
1209 sctp_add_cmd_sf(commands, SCTP_CMD_SEND_PKT, SCTP_PACKET(pkt)); 1231 sctp_add_cmd_sf(commands, SCTP_CMD_SEND_PKT, SCTP_PACKET(pkt));
1210 1232
1211 SCTP_INC_STATS(SCTP_MIB_OUTCTRLCHUNKS); 1233 SCTP_INC_STATS(net, SCTP_MIB_OUTCTRLCHUNKS);
1212 1234
1213 /* Discard the rest of the inbound packet. */ 1235 /* Discard the rest of the inbound packet. */
1214 sctp_add_cmd_sf(commands, SCTP_CMD_DISCARD_PACKET, SCTP_NULL()); 1236 sctp_add_cmd_sf(commands, SCTP_CMD_DISCARD_PACKET, SCTP_NULL());
@@ -1240,6 +1262,7 @@ static int sctp_sf_check_restart_addrs(const struct sctp_association *new_asoc,
1240 struct sctp_chunk *init, 1262 struct sctp_chunk *init,
1241 sctp_cmd_seq_t *commands) 1263 sctp_cmd_seq_t *commands)
1242{ 1264{
1265 struct net *net = sock_net(new_asoc->base.sk);
1243 struct sctp_transport *new_addr; 1266 struct sctp_transport *new_addr;
1244 int ret = 1; 1267 int ret = 1;
1245 1268
@@ -1258,7 +1281,7 @@ static int sctp_sf_check_restart_addrs(const struct sctp_association *new_asoc,
1258 transports) { 1281 transports) {
1259 if (!list_has_sctp_addr(&asoc->peer.transport_addr_list, 1282 if (!list_has_sctp_addr(&asoc->peer.transport_addr_list,
1260 &new_addr->ipaddr)) { 1283 &new_addr->ipaddr)) {
1261 sctp_sf_send_restart_abort(&new_addr->ipaddr, init, 1284 sctp_sf_send_restart_abort(net, &new_addr->ipaddr, init,
1262 commands); 1285 commands);
1263 ret = 0; 1286 ret = 0;
1264 break; 1287 break;
@@ -1358,6 +1381,7 @@ static char sctp_tietags_compare(struct sctp_association *new_asoc,
1358 * chunk handling. 1381 * chunk handling.
1359 */ 1382 */
1360static sctp_disposition_t sctp_sf_do_unexpected_init( 1383static sctp_disposition_t sctp_sf_do_unexpected_init(
1384 struct net *net,
1361 const struct sctp_endpoint *ep, 1385 const struct sctp_endpoint *ep,
1362 const struct sctp_association *asoc, 1386 const struct sctp_association *asoc,
1363 const sctp_subtype_t type, 1387 const sctp_subtype_t type,
@@ -1382,20 +1406,20 @@ static sctp_disposition_t sctp_sf_do_unexpected_init(
1382 * with an INIT chunk that is bundled with other chunks. 1406 * with an INIT chunk that is bundled with other chunks.
1383 */ 1407 */
1384 if (!chunk->singleton) 1408 if (!chunk->singleton)
1385 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 1409 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
1386 1410
1387 /* 3.1 A packet containing an INIT chunk MUST have a zero Verification 1411 /* 3.1 A packet containing an INIT chunk MUST have a zero Verification
1388 * Tag. 1412 * Tag.
1389 */ 1413 */
1390 if (chunk->sctp_hdr->vtag != 0) 1414 if (chunk->sctp_hdr->vtag != 0)
1391 return sctp_sf_tabort_8_4_8(ep, asoc, type, arg, commands); 1415 return sctp_sf_tabort_8_4_8(net, ep, asoc, type, arg, commands);
1392 1416
1393 /* Make sure that the INIT chunk has a valid length. 1417 /* Make sure that the INIT chunk has a valid length.
1394 * In this case, we generate a protocol violation since we have 1418 * In this case, we generate a protocol violation since we have
1395 * an association established. 1419 * an association established.
1396 */ 1420 */
1397 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_init_chunk_t))) 1421 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_init_chunk_t)))
1398 return sctp_sf_violation_chunklen(ep, asoc, type, arg, 1422 return sctp_sf_violation_chunklen(net, ep, asoc, type, arg,
1399 commands); 1423 commands);
1400 /* Grab the INIT header. */ 1424 /* Grab the INIT header. */
1401 chunk->subh.init_hdr = (sctp_inithdr_t *) chunk->skb->data; 1425 chunk->subh.init_hdr = (sctp_inithdr_t *) chunk->skb->data;
@@ -1405,14 +1429,14 @@ static sctp_disposition_t sctp_sf_do_unexpected_init(
1405 1429
1406 /* Verify the INIT chunk before processing it. */ 1430 /* Verify the INIT chunk before processing it. */
1407 err_chunk = NULL; 1431 err_chunk = NULL;
1408 if (!sctp_verify_init(asoc, chunk->chunk_hdr->type, 1432 if (!sctp_verify_init(net, asoc, chunk->chunk_hdr->type,
1409 (sctp_init_chunk_t *)chunk->chunk_hdr, chunk, 1433 (sctp_init_chunk_t *)chunk->chunk_hdr, chunk,
1410 &err_chunk)) { 1434 &err_chunk)) {
1411 /* This chunk contains fatal error. It is to be discarded. 1435 /* This chunk contains fatal error. It is to be discarded.
1412 * Send an ABORT, with causes if there is any. 1436 * Send an ABORT, with causes if there is any.
1413 */ 1437 */
1414 if (err_chunk) { 1438 if (err_chunk) {
1415 packet = sctp_abort_pkt_new(ep, asoc, arg, 1439 packet = sctp_abort_pkt_new(net, ep, asoc, arg,
1416 (__u8 *)(err_chunk->chunk_hdr) + 1440 (__u8 *)(err_chunk->chunk_hdr) +
1417 sizeof(sctp_chunkhdr_t), 1441 sizeof(sctp_chunkhdr_t),
1418 ntohs(err_chunk->chunk_hdr->length) - 1442 ntohs(err_chunk->chunk_hdr->length) -
@@ -1421,14 +1445,14 @@ static sctp_disposition_t sctp_sf_do_unexpected_init(
1421 if (packet) { 1445 if (packet) {
1422 sctp_add_cmd_sf(commands, SCTP_CMD_SEND_PKT, 1446 sctp_add_cmd_sf(commands, SCTP_CMD_SEND_PKT,
1423 SCTP_PACKET(packet)); 1447 SCTP_PACKET(packet));
1424 SCTP_INC_STATS(SCTP_MIB_OUTCTRLCHUNKS); 1448 SCTP_INC_STATS(net, SCTP_MIB_OUTCTRLCHUNKS);
1425 retval = SCTP_DISPOSITION_CONSUME; 1449 retval = SCTP_DISPOSITION_CONSUME;
1426 } else { 1450 } else {
1427 retval = SCTP_DISPOSITION_NOMEM; 1451 retval = SCTP_DISPOSITION_NOMEM;
1428 } 1452 }
1429 goto cleanup; 1453 goto cleanup;
1430 } else { 1454 } else {
1431 return sctp_sf_tabort_8_4_8(ep, asoc, type, arg, 1455 return sctp_sf_tabort_8_4_8(net, ep, asoc, type, arg,
1432 commands); 1456 commands);
1433 } 1457 }
1434 } 1458 }
@@ -1570,7 +1594,8 @@ cleanup:
1570 * 1594 *
1571 * The return value is the disposition of the chunk. 1595 * The return value is the disposition of the chunk.
1572 */ 1596 */
1573sctp_disposition_t sctp_sf_do_5_2_1_siminit(const struct sctp_endpoint *ep, 1597sctp_disposition_t sctp_sf_do_5_2_1_siminit(struct net *net,
1598 const struct sctp_endpoint *ep,
1574 const struct sctp_association *asoc, 1599 const struct sctp_association *asoc,
1575 const sctp_subtype_t type, 1600 const sctp_subtype_t type,
1576 void *arg, 1601 void *arg,
@@ -1579,7 +1604,7 @@ sctp_disposition_t sctp_sf_do_5_2_1_siminit(const struct sctp_endpoint *ep,
1579 /* Call helper to do the real work for both simulataneous and 1604 /* Call helper to do the real work for both simulataneous and
1580 * duplicate INIT chunk handling. 1605 * duplicate INIT chunk handling.
1581 */ 1606 */
1582 return sctp_sf_do_unexpected_init(ep, asoc, type, arg, commands); 1607 return sctp_sf_do_unexpected_init(net, ep, asoc, type, arg, commands);
1583} 1608}
1584 1609
1585/* 1610/*
@@ -1623,7 +1648,8 @@ sctp_disposition_t sctp_sf_do_5_2_1_siminit(const struct sctp_endpoint *ep,
1623 * 1648 *
1624 * The return value is the disposition of the chunk. 1649 * The return value is the disposition of the chunk.
1625 */ 1650 */
1626sctp_disposition_t sctp_sf_do_5_2_2_dupinit(const struct sctp_endpoint *ep, 1651sctp_disposition_t sctp_sf_do_5_2_2_dupinit(struct net *net,
1652 const struct sctp_endpoint *ep,
1627 const struct sctp_association *asoc, 1653 const struct sctp_association *asoc,
1628 const sctp_subtype_t type, 1654 const sctp_subtype_t type,
1629 void *arg, 1655 void *arg,
@@ -1632,7 +1658,7 @@ sctp_disposition_t sctp_sf_do_5_2_2_dupinit(const struct sctp_endpoint *ep,
1632 /* Call helper to do the real work for both simulataneous and 1658 /* Call helper to do the real work for both simulataneous and
1633 * duplicate INIT chunk handling. 1659 * duplicate INIT chunk handling.
1634 */ 1660 */
1635 return sctp_sf_do_unexpected_init(ep, asoc, type, arg, commands); 1661 return sctp_sf_do_unexpected_init(net, ep, asoc, type, arg, commands);
1636} 1662}
1637 1663
1638 1664
@@ -1645,7 +1671,8 @@ sctp_disposition_t sctp_sf_do_5_2_2_dupinit(const struct sctp_endpoint *ep,
1645 * An unexpected INIT ACK usually indicates the processing of an old or 1671 * An unexpected INIT ACK usually indicates the processing of an old or
1646 * duplicated INIT chunk. 1672 * duplicated INIT chunk.
1647*/ 1673*/
1648sctp_disposition_t sctp_sf_do_5_2_3_initack(const struct sctp_endpoint *ep, 1674sctp_disposition_t sctp_sf_do_5_2_3_initack(struct net *net,
1675 const struct sctp_endpoint *ep,
1649 const struct sctp_association *asoc, 1676 const struct sctp_association *asoc,
1650 const sctp_subtype_t type, 1677 const sctp_subtype_t type,
1651 void *arg, sctp_cmd_seq_t *commands) 1678 void *arg, sctp_cmd_seq_t *commands)
@@ -1653,10 +1680,10 @@ sctp_disposition_t sctp_sf_do_5_2_3_initack(const struct sctp_endpoint *ep,
1653 /* Per the above section, we'll discard the chunk if we have an 1680 /* Per the above section, we'll discard the chunk if we have an
1654 * endpoint. If this is an OOTB INIT-ACK, treat it as such. 1681 * endpoint. If this is an OOTB INIT-ACK, treat it as such.
1655 */ 1682 */
1656 if (ep == sctp_sk((sctp_get_ctl_sock()))->ep) 1683 if (ep == sctp_sk(net->sctp.ctl_sock)->ep)
1657 return sctp_sf_ootb(ep, asoc, type, arg, commands); 1684 return sctp_sf_ootb(net, ep, asoc, type, arg, commands);
1658 else 1685 else
1659 return sctp_sf_discard_chunk(ep, asoc, type, arg, commands); 1686 return sctp_sf_discard_chunk(net, ep, asoc, type, arg, commands);
1660} 1687}
1661 1688
1662/* Unexpected COOKIE-ECHO handler for peer restart (Table 2, action 'A') 1689/* Unexpected COOKIE-ECHO handler for peer restart (Table 2, action 'A')
@@ -1664,7 +1691,8 @@ sctp_disposition_t sctp_sf_do_5_2_3_initack(const struct sctp_endpoint *ep,
1664 * Section 5.2.4 1691 * Section 5.2.4
1665 * A) In this case, the peer may have restarted. 1692 * A) In this case, the peer may have restarted.
1666 */ 1693 */
1667static sctp_disposition_t sctp_sf_do_dupcook_a(const struct sctp_endpoint *ep, 1694static sctp_disposition_t sctp_sf_do_dupcook_a(struct net *net,
1695 const struct sctp_endpoint *ep,
1668 const struct sctp_association *asoc, 1696 const struct sctp_association *asoc,
1669 struct sctp_chunk *chunk, 1697 struct sctp_chunk *chunk,
1670 sctp_cmd_seq_t *commands, 1698 sctp_cmd_seq_t *commands,
@@ -1700,7 +1728,7 @@ static sctp_disposition_t sctp_sf_do_dupcook_a(const struct sctp_endpoint *ep,
1700 * its peer. 1728 * its peer.
1701 */ 1729 */
1702 if (sctp_state(asoc, SHUTDOWN_ACK_SENT)) { 1730 if (sctp_state(asoc, SHUTDOWN_ACK_SENT)) {
1703 disposition = sctp_sf_do_9_2_reshutack(ep, asoc, 1731 disposition = sctp_sf_do_9_2_reshutack(net, ep, asoc,
1704 SCTP_ST_CHUNK(chunk->chunk_hdr->type), 1732 SCTP_ST_CHUNK(chunk->chunk_hdr->type),
1705 chunk, commands); 1733 chunk, commands);
1706 if (SCTP_DISPOSITION_NOMEM == disposition) 1734 if (SCTP_DISPOSITION_NOMEM == disposition)
@@ -1763,7 +1791,8 @@ nomem:
1763 * after responding to the local endpoint's INIT 1791 * after responding to the local endpoint's INIT
1764 */ 1792 */
1765/* This case represents an initialization collision. */ 1793/* This case represents an initialization collision. */
1766static sctp_disposition_t sctp_sf_do_dupcook_b(const struct sctp_endpoint *ep, 1794static sctp_disposition_t sctp_sf_do_dupcook_b(struct net *net,
1795 const struct sctp_endpoint *ep,
1767 const struct sctp_association *asoc, 1796 const struct sctp_association *asoc,
1768 struct sctp_chunk *chunk, 1797 struct sctp_chunk *chunk,
1769 sctp_cmd_seq_t *commands, 1798 sctp_cmd_seq_t *commands,
@@ -1784,7 +1813,7 @@ static sctp_disposition_t sctp_sf_do_dupcook_b(const struct sctp_endpoint *ep,
1784 sctp_add_cmd_sf(commands, SCTP_CMD_UPDATE_ASSOC, SCTP_ASOC(new_asoc)); 1813 sctp_add_cmd_sf(commands, SCTP_CMD_UPDATE_ASSOC, SCTP_ASOC(new_asoc));
1785 sctp_add_cmd_sf(commands, SCTP_CMD_NEW_STATE, 1814 sctp_add_cmd_sf(commands, SCTP_CMD_NEW_STATE,
1786 SCTP_STATE(SCTP_STATE_ESTABLISHED)); 1815 SCTP_STATE(SCTP_STATE_ESTABLISHED));
1787 SCTP_INC_STATS(SCTP_MIB_CURRESTAB); 1816 SCTP_INC_STATS(net, SCTP_MIB_CURRESTAB);
1788 sctp_add_cmd_sf(commands, SCTP_CMD_HB_TIMERS_START, SCTP_NULL()); 1817 sctp_add_cmd_sf(commands, SCTP_CMD_HB_TIMERS_START, SCTP_NULL());
1789 1818
1790 repl = sctp_make_cookie_ack(new_asoc, chunk); 1819 repl = sctp_make_cookie_ack(new_asoc, chunk);
@@ -1833,7 +1862,8 @@ nomem:
1833 * but a new tag of its own. 1862 * but a new tag of its own.
1834 */ 1863 */
1835/* This case represents an initialization collision. */ 1864/* This case represents an initialization collision. */
1836static sctp_disposition_t sctp_sf_do_dupcook_c(const struct sctp_endpoint *ep, 1865static sctp_disposition_t sctp_sf_do_dupcook_c(struct net *net,
1866 const struct sctp_endpoint *ep,
1837 const struct sctp_association *asoc, 1867 const struct sctp_association *asoc,
1838 struct sctp_chunk *chunk, 1868 struct sctp_chunk *chunk,
1839 sctp_cmd_seq_t *commands, 1869 sctp_cmd_seq_t *commands,
@@ -1854,7 +1884,8 @@ static sctp_disposition_t sctp_sf_do_dupcook_c(const struct sctp_endpoint *ep,
1854 * enter the ESTABLISHED state, if it has not already done so. 1884 * enter the ESTABLISHED state, if it has not already done so.
1855 */ 1885 */
1856/* This case represents an initialization collision. */ 1886/* This case represents an initialization collision. */
1857static sctp_disposition_t sctp_sf_do_dupcook_d(const struct sctp_endpoint *ep, 1887static sctp_disposition_t sctp_sf_do_dupcook_d(struct net *net,
1888 const struct sctp_endpoint *ep,
1858 const struct sctp_association *asoc, 1889 const struct sctp_association *asoc,
1859 struct sctp_chunk *chunk, 1890 struct sctp_chunk *chunk,
1860 sctp_cmd_seq_t *commands, 1891 sctp_cmd_seq_t *commands,
@@ -1876,7 +1907,7 @@ static sctp_disposition_t sctp_sf_do_dupcook_d(const struct sctp_endpoint *ep,
1876 SCTP_TO(SCTP_EVENT_TIMEOUT_T1_COOKIE)); 1907 SCTP_TO(SCTP_EVENT_TIMEOUT_T1_COOKIE));
1877 sctp_add_cmd_sf(commands, SCTP_CMD_NEW_STATE, 1908 sctp_add_cmd_sf(commands, SCTP_CMD_NEW_STATE,
1878 SCTP_STATE(SCTP_STATE_ESTABLISHED)); 1909 SCTP_STATE(SCTP_STATE_ESTABLISHED));
1879 SCTP_INC_STATS(SCTP_MIB_CURRESTAB); 1910 SCTP_INC_STATS(net, SCTP_MIB_CURRESTAB);
1880 sctp_add_cmd_sf(commands, SCTP_CMD_HB_TIMERS_START, 1911 sctp_add_cmd_sf(commands, SCTP_CMD_HB_TIMERS_START,
1881 SCTP_NULL()); 1912 SCTP_NULL());
1882 1913
@@ -1948,7 +1979,8 @@ nomem:
1948 * 1979 *
1949 * The return value is the disposition of the chunk. 1980 * The return value is the disposition of the chunk.
1950 */ 1981 */
1951sctp_disposition_t sctp_sf_do_5_2_4_dupcook(const struct sctp_endpoint *ep, 1982sctp_disposition_t sctp_sf_do_5_2_4_dupcook(struct net *net,
1983 const struct sctp_endpoint *ep,
1952 const struct sctp_association *asoc, 1984 const struct sctp_association *asoc,
1953 const sctp_subtype_t type, 1985 const sctp_subtype_t type,
1954 void *arg, 1986 void *arg,
@@ -1967,7 +1999,7 @@ sctp_disposition_t sctp_sf_do_5_2_4_dupcook(const struct sctp_endpoint *ep,
1967 * done later. 1999 * done later.
1968 */ 2000 */
1969 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_chunkhdr_t))) 2001 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_chunkhdr_t)))
1970 return sctp_sf_violation_chunklen(ep, asoc, type, arg, 2002 return sctp_sf_violation_chunklen(net, ep, asoc, type, arg,
1971 commands); 2003 commands);
1972 2004
1973 /* "Decode" the chunk. We have no optional parameters so we 2005 /* "Decode" the chunk. We have no optional parameters so we
@@ -2001,12 +2033,12 @@ sctp_disposition_t sctp_sf_do_5_2_4_dupcook(const struct sctp_endpoint *ep,
2001 goto nomem; 2033 goto nomem;
2002 2034
2003 case -SCTP_IERROR_STALE_COOKIE: 2035 case -SCTP_IERROR_STALE_COOKIE:
2004 sctp_send_stale_cookie_err(ep, asoc, chunk, commands, 2036 sctp_send_stale_cookie_err(net, ep, asoc, chunk, commands,
2005 err_chk_p); 2037 err_chk_p);
2006 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 2038 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
2007 case -SCTP_IERROR_BAD_SIG: 2039 case -SCTP_IERROR_BAD_SIG:
2008 default: 2040 default:
2009 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 2041 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
2010 } 2042 }
2011 } 2043 }
2012 2044
@@ -2017,27 +2049,27 @@ sctp_disposition_t sctp_sf_do_5_2_4_dupcook(const struct sctp_endpoint *ep,
2017 2049
2018 switch (action) { 2050 switch (action) {
2019 case 'A': /* Association restart. */ 2051 case 'A': /* Association restart. */
2020 retval = sctp_sf_do_dupcook_a(ep, asoc, chunk, commands, 2052 retval = sctp_sf_do_dupcook_a(net, ep, asoc, chunk, commands,
2021 new_asoc); 2053 new_asoc);
2022 break; 2054 break;
2023 2055
2024 case 'B': /* Collision case B. */ 2056 case 'B': /* Collision case B. */
2025 retval = sctp_sf_do_dupcook_b(ep, asoc, chunk, commands, 2057 retval = sctp_sf_do_dupcook_b(net, ep, asoc, chunk, commands,
2026 new_asoc); 2058 new_asoc);
2027 break; 2059 break;
2028 2060
2029 case 'C': /* Collision case C. */ 2061 case 'C': /* Collision case C. */
2030 retval = sctp_sf_do_dupcook_c(ep, asoc, chunk, commands, 2062 retval = sctp_sf_do_dupcook_c(net, ep, asoc, chunk, commands,
2031 new_asoc); 2063 new_asoc);
2032 break; 2064 break;
2033 2065
2034 case 'D': /* Collision case D. */ 2066 case 'D': /* Collision case D. */
2035 retval = sctp_sf_do_dupcook_d(ep, asoc, chunk, commands, 2067 retval = sctp_sf_do_dupcook_d(net, ep, asoc, chunk, commands,
2036 new_asoc); 2068 new_asoc);
2037 break; 2069 break;
2038 2070
2039 default: /* Discard packet for all others. */ 2071 default: /* Discard packet for all others. */
2040 retval = sctp_sf_pdiscard(ep, asoc, type, arg, commands); 2072 retval = sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
2041 break; 2073 break;
2042 } 2074 }
2043 2075
@@ -2063,6 +2095,7 @@ nomem:
2063 * See sctp_sf_do_9_1_abort(). 2095 * See sctp_sf_do_9_1_abort().
2064 */ 2096 */
2065sctp_disposition_t sctp_sf_shutdown_pending_abort( 2097sctp_disposition_t sctp_sf_shutdown_pending_abort(
2098 struct net *net,
2066 const struct sctp_endpoint *ep, 2099 const struct sctp_endpoint *ep,
2067 const struct sctp_association *asoc, 2100 const struct sctp_association *asoc,
2068 const sctp_subtype_t type, 2101 const sctp_subtype_t type,
@@ -2072,7 +2105,7 @@ sctp_disposition_t sctp_sf_shutdown_pending_abort(
2072 struct sctp_chunk *chunk = arg; 2105 struct sctp_chunk *chunk = arg;
2073 2106
2074 if (!sctp_vtag_verify_either(chunk, asoc)) 2107 if (!sctp_vtag_verify_either(chunk, asoc))
2075 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 2108 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
2076 2109
2077 /* Make sure that the ABORT chunk has a valid length. 2110 /* Make sure that the ABORT chunk has a valid length.
2078 * Since this is an ABORT chunk, we have to discard it 2111 * Since this is an ABORT chunk, we have to discard it
@@ -2085,7 +2118,7 @@ sctp_disposition_t sctp_sf_shutdown_pending_abort(
2085 * packet. 2118 * packet.
2086 */ 2119 */
2087 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_abort_chunk_t))) 2120 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_abort_chunk_t)))
2088 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 2121 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
2089 2122
2090 /* ADD-IP: Special case for ABORT chunks 2123 /* ADD-IP: Special case for ABORT chunks
2091 * F4) One special consideration is that ABORT Chunks arriving 2124 * F4) One special consideration is that ABORT Chunks arriving
@@ -2094,9 +2127,9 @@ sctp_disposition_t sctp_sf_shutdown_pending_abort(
2094 */ 2127 */
2095 if (SCTP_ADDR_DEL == 2128 if (SCTP_ADDR_DEL ==
2096 sctp_bind_addr_state(&asoc->base.bind_addr, &chunk->dest)) 2129 sctp_bind_addr_state(&asoc->base.bind_addr, &chunk->dest))
2097 return sctp_sf_discard_chunk(ep, asoc, type, arg, commands); 2130 return sctp_sf_discard_chunk(net, ep, asoc, type, arg, commands);
2098 2131
2099 return __sctp_sf_do_9_1_abort(ep, asoc, type, arg, commands); 2132 return __sctp_sf_do_9_1_abort(net, ep, asoc, type, arg, commands);
2100} 2133}
2101 2134
2102/* 2135/*
@@ -2104,7 +2137,8 @@ sctp_disposition_t sctp_sf_shutdown_pending_abort(
2104 * 2137 *
2105 * See sctp_sf_do_9_1_abort(). 2138 * See sctp_sf_do_9_1_abort().
2106 */ 2139 */
2107sctp_disposition_t sctp_sf_shutdown_sent_abort(const struct sctp_endpoint *ep, 2140sctp_disposition_t sctp_sf_shutdown_sent_abort(struct net *net,
2141 const struct sctp_endpoint *ep,
2108 const struct sctp_association *asoc, 2142 const struct sctp_association *asoc,
2109 const sctp_subtype_t type, 2143 const sctp_subtype_t type,
2110 void *arg, 2144 void *arg,
@@ -2113,7 +2147,7 @@ sctp_disposition_t sctp_sf_shutdown_sent_abort(const struct sctp_endpoint *ep,
2113 struct sctp_chunk *chunk = arg; 2147 struct sctp_chunk *chunk = arg;
2114 2148
2115 if (!sctp_vtag_verify_either(chunk, asoc)) 2149 if (!sctp_vtag_verify_either(chunk, asoc))
2116 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 2150 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
2117 2151
2118 /* Make sure that the ABORT chunk has a valid length. 2152 /* Make sure that the ABORT chunk has a valid length.
2119 * Since this is an ABORT chunk, we have to discard it 2153 * Since this is an ABORT chunk, we have to discard it
@@ -2126,7 +2160,7 @@ sctp_disposition_t sctp_sf_shutdown_sent_abort(const struct sctp_endpoint *ep,
2126 * packet. 2160 * packet.
2127 */ 2161 */
2128 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_abort_chunk_t))) 2162 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_abort_chunk_t)))
2129 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 2163 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
2130 2164
2131 /* ADD-IP: Special case for ABORT chunks 2165 /* ADD-IP: Special case for ABORT chunks
2132 * F4) One special consideration is that ABORT Chunks arriving 2166 * F4) One special consideration is that ABORT Chunks arriving
@@ -2135,7 +2169,7 @@ sctp_disposition_t sctp_sf_shutdown_sent_abort(const struct sctp_endpoint *ep,
2135 */ 2169 */
2136 if (SCTP_ADDR_DEL == 2170 if (SCTP_ADDR_DEL ==
2137 sctp_bind_addr_state(&asoc->base.bind_addr, &chunk->dest)) 2171 sctp_bind_addr_state(&asoc->base.bind_addr, &chunk->dest))
2138 return sctp_sf_discard_chunk(ep, asoc, type, arg, commands); 2172 return sctp_sf_discard_chunk(net, ep, asoc, type, arg, commands);
2139 2173
2140 /* Stop the T2-shutdown timer. */ 2174 /* Stop the T2-shutdown timer. */
2141 sctp_add_cmd_sf(commands, SCTP_CMD_TIMER_STOP, 2175 sctp_add_cmd_sf(commands, SCTP_CMD_TIMER_STOP,
@@ -2145,7 +2179,7 @@ sctp_disposition_t sctp_sf_shutdown_sent_abort(const struct sctp_endpoint *ep,
2145 sctp_add_cmd_sf(commands, SCTP_CMD_TIMER_STOP, 2179 sctp_add_cmd_sf(commands, SCTP_CMD_TIMER_STOP,
2146 SCTP_TO(SCTP_EVENT_TIMEOUT_T5_SHUTDOWN_GUARD)); 2180 SCTP_TO(SCTP_EVENT_TIMEOUT_T5_SHUTDOWN_GUARD));
2147 2181
2148 return __sctp_sf_do_9_1_abort(ep, asoc, type, arg, commands); 2182 return __sctp_sf_do_9_1_abort(net, ep, asoc, type, arg, commands);
2149} 2183}
2150 2184
2151/* 2185/*
@@ -2154,6 +2188,7 @@ sctp_disposition_t sctp_sf_shutdown_sent_abort(const struct sctp_endpoint *ep,
2154 * See sctp_sf_do_9_1_abort(). 2188 * See sctp_sf_do_9_1_abort().
2155 */ 2189 */
2156sctp_disposition_t sctp_sf_shutdown_ack_sent_abort( 2190sctp_disposition_t sctp_sf_shutdown_ack_sent_abort(
2191 struct net *net,
2157 const struct sctp_endpoint *ep, 2192 const struct sctp_endpoint *ep,
2158 const struct sctp_association *asoc, 2193 const struct sctp_association *asoc,
2159 const sctp_subtype_t type, 2194 const sctp_subtype_t type,
@@ -2163,7 +2198,7 @@ sctp_disposition_t sctp_sf_shutdown_ack_sent_abort(
2163 /* The same T2 timer, so we should be able to use 2198 /* The same T2 timer, so we should be able to use
2164 * common function with the SHUTDOWN-SENT state. 2199 * common function with the SHUTDOWN-SENT state.
2165 */ 2200 */
2166 return sctp_sf_shutdown_sent_abort(ep, asoc, type, arg, commands); 2201 return sctp_sf_shutdown_sent_abort(net, ep, asoc, type, arg, commands);
2167} 2202}
2168 2203
2169/* 2204/*
@@ -2180,7 +2215,8 @@ sctp_disposition_t sctp_sf_shutdown_ack_sent_abort(
2180 * 2215 *
2181 * The return value is the disposition of the chunk. 2216 * The return value is the disposition of the chunk.
2182 */ 2217 */
2183sctp_disposition_t sctp_sf_cookie_echoed_err(const struct sctp_endpoint *ep, 2218sctp_disposition_t sctp_sf_cookie_echoed_err(struct net *net,
2219 const struct sctp_endpoint *ep,
2184 const struct sctp_association *asoc, 2220 const struct sctp_association *asoc,
2185 const sctp_subtype_t type, 2221 const sctp_subtype_t type,
2186 void *arg, 2222 void *arg,
@@ -2190,13 +2226,13 @@ sctp_disposition_t sctp_sf_cookie_echoed_err(const struct sctp_endpoint *ep,
2190 sctp_errhdr_t *err; 2226 sctp_errhdr_t *err;
2191 2227
2192 if (!sctp_vtag_verify(chunk, asoc)) 2228 if (!sctp_vtag_verify(chunk, asoc))
2193 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 2229 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
2194 2230
2195 /* Make sure that the ERROR chunk has a valid length. 2231 /* Make sure that the ERROR chunk has a valid length.
2196 * The parameter walking depends on this as well. 2232 * The parameter walking depends on this as well.
2197 */ 2233 */
2198 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_operr_chunk_t))) 2234 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_operr_chunk_t)))
2199 return sctp_sf_violation_chunklen(ep, asoc, type, arg, 2235 return sctp_sf_violation_chunklen(net, ep, asoc, type, arg,
2200 commands); 2236 commands);
2201 2237
2202 /* Process the error here */ 2238 /* Process the error here */
@@ -2206,7 +2242,7 @@ sctp_disposition_t sctp_sf_cookie_echoed_err(const struct sctp_endpoint *ep,
2206 */ 2242 */
2207 sctp_walk_errors(err, chunk->chunk_hdr) { 2243 sctp_walk_errors(err, chunk->chunk_hdr) {
2208 if (SCTP_ERROR_STALE_COOKIE == err->cause) 2244 if (SCTP_ERROR_STALE_COOKIE == err->cause)
2209 return sctp_sf_do_5_2_6_stale(ep, asoc, type, 2245 return sctp_sf_do_5_2_6_stale(net, ep, asoc, type,
2210 arg, commands); 2246 arg, commands);
2211 } 2247 }
2212 2248
@@ -2215,7 +2251,7 @@ sctp_disposition_t sctp_sf_cookie_echoed_err(const struct sctp_endpoint *ep,
2215 * we are discarding the packet, there should be no adverse 2251 * we are discarding the packet, there should be no adverse
2216 * affects. 2252 * affects.
2217 */ 2253 */
2218 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 2254 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
2219} 2255}
2220 2256
2221/* 2257/*
@@ -2243,7 +2279,8 @@ sctp_disposition_t sctp_sf_cookie_echoed_err(const struct sctp_endpoint *ep,
2243 * 2279 *
2244 * The return value is the disposition of the chunk. 2280 * The return value is the disposition of the chunk.
2245 */ 2281 */
2246static sctp_disposition_t sctp_sf_do_5_2_6_stale(const struct sctp_endpoint *ep, 2282static sctp_disposition_t sctp_sf_do_5_2_6_stale(struct net *net,
2283 const struct sctp_endpoint *ep,
2247 const struct sctp_association *asoc, 2284 const struct sctp_association *asoc,
2248 const sctp_subtype_t type, 2285 const sctp_subtype_t type,
2249 void *arg, 2286 void *arg,
@@ -2365,7 +2402,8 @@ nomem:
2365 * 2402 *
2366 * The return value is the disposition of the chunk. 2403 * The return value is the disposition of the chunk.
2367 */ 2404 */
2368sctp_disposition_t sctp_sf_do_9_1_abort(const struct sctp_endpoint *ep, 2405sctp_disposition_t sctp_sf_do_9_1_abort(struct net *net,
2406 const struct sctp_endpoint *ep,
2369 const struct sctp_association *asoc, 2407 const struct sctp_association *asoc,
2370 const sctp_subtype_t type, 2408 const sctp_subtype_t type,
2371 void *arg, 2409 void *arg,
@@ -2374,7 +2412,7 @@ sctp_disposition_t sctp_sf_do_9_1_abort(const struct sctp_endpoint *ep,
2374 struct sctp_chunk *chunk = arg; 2412 struct sctp_chunk *chunk = arg;
2375 2413
2376 if (!sctp_vtag_verify_either(chunk, asoc)) 2414 if (!sctp_vtag_verify_either(chunk, asoc))
2377 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 2415 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
2378 2416
2379 /* Make sure that the ABORT chunk has a valid length. 2417 /* Make sure that the ABORT chunk has a valid length.
2380 * Since this is an ABORT chunk, we have to discard it 2418 * Since this is an ABORT chunk, we have to discard it
@@ -2387,7 +2425,7 @@ sctp_disposition_t sctp_sf_do_9_1_abort(const struct sctp_endpoint *ep,
2387 * packet. 2425 * packet.
2388 */ 2426 */
2389 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_abort_chunk_t))) 2427 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_abort_chunk_t)))
2390 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 2428 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
2391 2429
2392 /* ADD-IP: Special case for ABORT chunks 2430 /* ADD-IP: Special case for ABORT chunks
2393 * F4) One special consideration is that ABORT Chunks arriving 2431 * F4) One special consideration is that ABORT Chunks arriving
@@ -2396,12 +2434,13 @@ sctp_disposition_t sctp_sf_do_9_1_abort(const struct sctp_endpoint *ep,
2396 */ 2434 */
2397 if (SCTP_ADDR_DEL == 2435 if (SCTP_ADDR_DEL ==
2398 sctp_bind_addr_state(&asoc->base.bind_addr, &chunk->dest)) 2436 sctp_bind_addr_state(&asoc->base.bind_addr, &chunk->dest))
2399 return sctp_sf_discard_chunk(ep, asoc, type, arg, commands); 2437 return sctp_sf_discard_chunk(net, ep, asoc, type, arg, commands);
2400 2438
2401 return __sctp_sf_do_9_1_abort(ep, asoc, type, arg, commands); 2439 return __sctp_sf_do_9_1_abort(net, ep, asoc, type, arg, commands);
2402} 2440}
2403 2441
2404static sctp_disposition_t __sctp_sf_do_9_1_abort(const struct sctp_endpoint *ep, 2442static sctp_disposition_t __sctp_sf_do_9_1_abort(struct net *net,
2443 const struct sctp_endpoint *ep,
2405 const struct sctp_association *asoc, 2444 const struct sctp_association *asoc,
2406 const sctp_subtype_t type, 2445 const sctp_subtype_t type,
2407 void *arg, 2446 void *arg,
@@ -2418,7 +2457,7 @@ static sctp_disposition_t __sctp_sf_do_9_1_abort(const struct sctp_endpoint *ep,
2418 sctp_errhdr_t *err; 2457 sctp_errhdr_t *err;
2419 sctp_walk_errors(err, chunk->chunk_hdr); 2458 sctp_walk_errors(err, chunk->chunk_hdr);
2420 if ((void *)err != (void *)chunk->chunk_end) 2459 if ((void *)err != (void *)chunk->chunk_end)
2421 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 2460 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
2422 2461
2423 error = ((sctp_errhdr_t *)chunk->skb->data)->cause; 2462 error = ((sctp_errhdr_t *)chunk->skb->data)->cause;
2424 } 2463 }
@@ -2426,8 +2465,8 @@ static sctp_disposition_t __sctp_sf_do_9_1_abort(const struct sctp_endpoint *ep,
2426 sctp_add_cmd_sf(commands, SCTP_CMD_SET_SK_ERR, SCTP_ERROR(ECONNRESET)); 2465 sctp_add_cmd_sf(commands, SCTP_CMD_SET_SK_ERR, SCTP_ERROR(ECONNRESET));
2427 /* ASSOC_FAILED will DELETE_TCB. */ 2466 /* ASSOC_FAILED will DELETE_TCB. */
2428 sctp_add_cmd_sf(commands, SCTP_CMD_ASSOC_FAILED, SCTP_PERR(error)); 2467 sctp_add_cmd_sf(commands, SCTP_CMD_ASSOC_FAILED, SCTP_PERR(error));
2429 SCTP_INC_STATS(SCTP_MIB_ABORTEDS); 2468 SCTP_INC_STATS(net, SCTP_MIB_ABORTEDS);
2430 SCTP_DEC_STATS(SCTP_MIB_CURRESTAB); 2469 SCTP_DEC_STATS(net, SCTP_MIB_CURRESTAB);
2431 2470
2432 return SCTP_DISPOSITION_ABORT; 2471 return SCTP_DISPOSITION_ABORT;
2433} 2472}
@@ -2437,7 +2476,8 @@ static sctp_disposition_t __sctp_sf_do_9_1_abort(const struct sctp_endpoint *ep,
2437 * 2476 *
2438 * See sctp_sf_do_9_1_abort() above. 2477 * See sctp_sf_do_9_1_abort() above.
2439 */ 2478 */
2440sctp_disposition_t sctp_sf_cookie_wait_abort(const struct sctp_endpoint *ep, 2479sctp_disposition_t sctp_sf_cookie_wait_abort(struct net *net,
2480 const struct sctp_endpoint *ep,
2441 const struct sctp_association *asoc, 2481 const struct sctp_association *asoc,
2442 const sctp_subtype_t type, 2482 const sctp_subtype_t type,
2443 void *arg, 2483 void *arg,
@@ -2448,7 +2488,7 @@ sctp_disposition_t sctp_sf_cookie_wait_abort(const struct sctp_endpoint *ep,
2448 __be16 error = SCTP_ERROR_NO_ERROR; 2488 __be16 error = SCTP_ERROR_NO_ERROR;
2449 2489
2450 if (!sctp_vtag_verify_either(chunk, asoc)) 2490 if (!sctp_vtag_verify_either(chunk, asoc))
2451 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 2491 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
2452 2492
2453 /* Make sure that the ABORT chunk has a valid length. 2493 /* Make sure that the ABORT chunk has a valid length.
2454 * Since this is an ABORT chunk, we have to discard it 2494 * Since this is an ABORT chunk, we have to discard it
@@ -2461,27 +2501,28 @@ sctp_disposition_t sctp_sf_cookie_wait_abort(const struct sctp_endpoint *ep,
2461 * packet. 2501 * packet.
2462 */ 2502 */
2463 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_abort_chunk_t))) 2503 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_abort_chunk_t)))
2464 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 2504 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
2465 2505
2466 /* See if we have an error cause code in the chunk. */ 2506 /* See if we have an error cause code in the chunk. */
2467 len = ntohs(chunk->chunk_hdr->length); 2507 len = ntohs(chunk->chunk_hdr->length);
2468 if (len >= sizeof(struct sctp_chunkhdr) + sizeof(struct sctp_errhdr)) 2508 if (len >= sizeof(struct sctp_chunkhdr) + sizeof(struct sctp_errhdr))
2469 error = ((sctp_errhdr_t *)chunk->skb->data)->cause; 2509 error = ((sctp_errhdr_t *)chunk->skb->data)->cause;
2470 2510
2471 return sctp_stop_t1_and_abort(commands, error, ECONNREFUSED, asoc, 2511 return sctp_stop_t1_and_abort(net, commands, error, ECONNREFUSED, asoc,
2472 chunk->transport); 2512 chunk->transport);
2473} 2513}
2474 2514
2475/* 2515/*
2476 * Process an incoming ICMP as an ABORT. (COOKIE-WAIT state) 2516 * Process an incoming ICMP as an ABORT. (COOKIE-WAIT state)
2477 */ 2517 */
2478sctp_disposition_t sctp_sf_cookie_wait_icmp_abort(const struct sctp_endpoint *ep, 2518sctp_disposition_t sctp_sf_cookie_wait_icmp_abort(struct net *net,
2519 const struct sctp_endpoint *ep,
2479 const struct sctp_association *asoc, 2520 const struct sctp_association *asoc,
2480 const sctp_subtype_t type, 2521 const sctp_subtype_t type,
2481 void *arg, 2522 void *arg,
2482 sctp_cmd_seq_t *commands) 2523 sctp_cmd_seq_t *commands)
2483{ 2524{
2484 return sctp_stop_t1_and_abort(commands, SCTP_ERROR_NO_ERROR, 2525 return sctp_stop_t1_and_abort(net, commands, SCTP_ERROR_NO_ERROR,
2485 ENOPROTOOPT, asoc, 2526 ENOPROTOOPT, asoc,
2486 (struct sctp_transport *)arg); 2527 (struct sctp_transport *)arg);
2487} 2528}
@@ -2489,7 +2530,8 @@ sctp_disposition_t sctp_sf_cookie_wait_icmp_abort(const struct sctp_endpoint *ep
2489/* 2530/*
2490 * Process an ABORT. (COOKIE-ECHOED state) 2531 * Process an ABORT. (COOKIE-ECHOED state)
2491 */ 2532 */
2492sctp_disposition_t sctp_sf_cookie_echoed_abort(const struct sctp_endpoint *ep, 2533sctp_disposition_t sctp_sf_cookie_echoed_abort(struct net *net,
2534 const struct sctp_endpoint *ep,
2493 const struct sctp_association *asoc, 2535 const struct sctp_association *asoc,
2494 const sctp_subtype_t type, 2536 const sctp_subtype_t type,
2495 void *arg, 2537 void *arg,
@@ -2498,7 +2540,7 @@ sctp_disposition_t sctp_sf_cookie_echoed_abort(const struct sctp_endpoint *ep,
2498 /* There is a single T1 timer, so we should be able to use 2540 /* There is a single T1 timer, so we should be able to use
2499 * common function with the COOKIE-WAIT state. 2541 * common function with the COOKIE-WAIT state.
2500 */ 2542 */
2501 return sctp_sf_cookie_wait_abort(ep, asoc, type, arg, commands); 2543 return sctp_sf_cookie_wait_abort(net, ep, asoc, type, arg, commands);
2502} 2544}
2503 2545
2504/* 2546/*
@@ -2506,7 +2548,8 @@ sctp_disposition_t sctp_sf_cookie_echoed_abort(const struct sctp_endpoint *ep,
2506 * 2548 *
2507 * This is common code called by several sctp_sf_*_abort() functions above. 2549 * This is common code called by several sctp_sf_*_abort() functions above.
2508 */ 2550 */
2509static sctp_disposition_t sctp_stop_t1_and_abort(sctp_cmd_seq_t *commands, 2551static sctp_disposition_t sctp_stop_t1_and_abort(struct net *net,
2552 sctp_cmd_seq_t *commands,
2510 __be16 error, int sk_err, 2553 __be16 error, int sk_err,
2511 const struct sctp_association *asoc, 2554 const struct sctp_association *asoc,
2512 struct sctp_transport *transport) 2555 struct sctp_transport *transport)
@@ -2514,7 +2557,7 @@ static sctp_disposition_t sctp_stop_t1_and_abort(sctp_cmd_seq_t *commands,
2514 SCTP_DEBUG_PRINTK("ABORT received (INIT).\n"); 2557 SCTP_DEBUG_PRINTK("ABORT received (INIT).\n");
2515 sctp_add_cmd_sf(commands, SCTP_CMD_NEW_STATE, 2558 sctp_add_cmd_sf(commands, SCTP_CMD_NEW_STATE,
2516 SCTP_STATE(SCTP_STATE_CLOSED)); 2559 SCTP_STATE(SCTP_STATE_CLOSED));
2517 SCTP_INC_STATS(SCTP_MIB_ABORTEDS); 2560 SCTP_INC_STATS(net, SCTP_MIB_ABORTEDS);
2518 sctp_add_cmd_sf(commands, SCTP_CMD_TIMER_STOP, 2561 sctp_add_cmd_sf(commands, SCTP_CMD_TIMER_STOP,
2519 SCTP_TO(SCTP_EVENT_TIMEOUT_T1_INIT)); 2562 SCTP_TO(SCTP_EVENT_TIMEOUT_T1_INIT));
2520 sctp_add_cmd_sf(commands, SCTP_CMD_SET_SK_ERR, SCTP_ERROR(sk_err)); 2563 sctp_add_cmd_sf(commands, SCTP_CMD_SET_SK_ERR, SCTP_ERROR(sk_err));
@@ -2557,7 +2600,8 @@ static sctp_disposition_t sctp_stop_t1_and_abort(sctp_cmd_seq_t *commands,
2557 * 2600 *
2558 * The return value is the disposition of the chunk. 2601 * The return value is the disposition of the chunk.
2559 */ 2602 */
2560sctp_disposition_t sctp_sf_do_9_2_shutdown(const struct sctp_endpoint *ep, 2603sctp_disposition_t sctp_sf_do_9_2_shutdown(struct net *net,
2604 const struct sctp_endpoint *ep,
2561 const struct sctp_association *asoc, 2605 const struct sctp_association *asoc,
2562 const sctp_subtype_t type, 2606 const sctp_subtype_t type,
2563 void *arg, 2607 void *arg,
@@ -2570,12 +2614,12 @@ sctp_disposition_t sctp_sf_do_9_2_shutdown(const struct sctp_endpoint *ep,
2570 __u32 ctsn; 2614 __u32 ctsn;
2571 2615
2572 if (!sctp_vtag_verify(chunk, asoc)) 2616 if (!sctp_vtag_verify(chunk, asoc))
2573 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 2617 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
2574 2618
2575 /* Make sure that the SHUTDOWN chunk has a valid length. */ 2619 /* Make sure that the SHUTDOWN chunk has a valid length. */
2576 if (!sctp_chunk_length_valid(chunk, 2620 if (!sctp_chunk_length_valid(chunk,
2577 sizeof(struct sctp_shutdown_chunk_t))) 2621 sizeof(struct sctp_shutdown_chunk_t)))
2578 return sctp_sf_violation_chunklen(ep, asoc, type, arg, 2622 return sctp_sf_violation_chunklen(net, ep, asoc, type, arg,
2579 commands); 2623 commands);
2580 2624
2581 /* Convert the elaborate header. */ 2625 /* Convert the elaborate header. */
@@ -2595,7 +2639,7 @@ sctp_disposition_t sctp_sf_do_9_2_shutdown(const struct sctp_endpoint *ep,
2595 * sender with an ABORT. 2639 * sender with an ABORT.
2596 */ 2640 */
2597 if (!TSN_lt(ctsn, asoc->next_tsn)) 2641 if (!TSN_lt(ctsn, asoc->next_tsn))
2598 return sctp_sf_violation_ctsn(ep, asoc, type, arg, commands); 2642 return sctp_sf_violation_ctsn(net, ep, asoc, type, arg, commands);
2599 2643
2600 /* API 5.3.1.5 SCTP_SHUTDOWN_EVENT 2644 /* API 5.3.1.5 SCTP_SHUTDOWN_EVENT
2601 * When a peer sends a SHUTDOWN, SCTP delivers this notification to 2645 * When a peer sends a SHUTDOWN, SCTP delivers this notification to
@@ -2619,7 +2663,7 @@ sctp_disposition_t sctp_sf_do_9_2_shutdown(const struct sctp_endpoint *ep,
2619 disposition = SCTP_DISPOSITION_CONSUME; 2663 disposition = SCTP_DISPOSITION_CONSUME;
2620 2664
2621 if (sctp_outq_is_empty(&asoc->outqueue)) { 2665 if (sctp_outq_is_empty(&asoc->outqueue)) {
2622 disposition = sctp_sf_do_9_2_shutdown_ack(ep, asoc, type, 2666 disposition = sctp_sf_do_9_2_shutdown_ack(net, ep, asoc, type,
2623 arg, commands); 2667 arg, commands);
2624 } 2668 }
2625 2669
@@ -2645,7 +2689,8 @@ out:
2645 * The Cumulative TSN Ack of the received SHUTDOWN chunk 2689 * The Cumulative TSN Ack of the received SHUTDOWN chunk
2646 * MUST be processed. 2690 * MUST be processed.
2647 */ 2691 */
2648sctp_disposition_t sctp_sf_do_9_2_shut_ctsn(const struct sctp_endpoint *ep, 2692sctp_disposition_t sctp_sf_do_9_2_shut_ctsn(struct net *net,
2693 const struct sctp_endpoint *ep,
2649 const struct sctp_association *asoc, 2694 const struct sctp_association *asoc,
2650 const sctp_subtype_t type, 2695 const sctp_subtype_t type,
2651 void *arg, 2696 void *arg,
@@ -2656,12 +2701,12 @@ sctp_disposition_t sctp_sf_do_9_2_shut_ctsn(const struct sctp_endpoint *ep,
2656 __u32 ctsn; 2701 __u32 ctsn;
2657 2702
2658 if (!sctp_vtag_verify(chunk, asoc)) 2703 if (!sctp_vtag_verify(chunk, asoc))
2659 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 2704 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
2660 2705
2661 /* Make sure that the SHUTDOWN chunk has a valid length. */ 2706 /* Make sure that the SHUTDOWN chunk has a valid length. */
2662 if (!sctp_chunk_length_valid(chunk, 2707 if (!sctp_chunk_length_valid(chunk,
2663 sizeof(struct sctp_shutdown_chunk_t))) 2708 sizeof(struct sctp_shutdown_chunk_t)))
2664 return sctp_sf_violation_chunklen(ep, asoc, type, arg, 2709 return sctp_sf_violation_chunklen(net, ep, asoc, type, arg,
2665 commands); 2710 commands);
2666 2711
2667 sdh = (sctp_shutdownhdr_t *)chunk->skb->data; 2712 sdh = (sctp_shutdownhdr_t *)chunk->skb->data;
@@ -2678,7 +2723,7 @@ sctp_disposition_t sctp_sf_do_9_2_shut_ctsn(const struct sctp_endpoint *ep,
2678 * sender with an ABORT. 2723 * sender with an ABORT.
2679 */ 2724 */
2680 if (!TSN_lt(ctsn, asoc->next_tsn)) 2725 if (!TSN_lt(ctsn, asoc->next_tsn))
2681 return sctp_sf_violation_ctsn(ep, asoc, type, arg, commands); 2726 return sctp_sf_violation_ctsn(net, ep, asoc, type, arg, commands);
2682 2727
2683 /* verify, by checking the Cumulative TSN Ack field of the 2728 /* verify, by checking the Cumulative TSN Ack field of the
2684 * chunk, that all its outstanding DATA chunks have been 2729 * chunk, that all its outstanding DATA chunks have been
@@ -2697,7 +2742,8 @@ sctp_disposition_t sctp_sf_do_9_2_shut_ctsn(const struct sctp_endpoint *ep,
2697 * that belong to this association, it should discard the INIT chunk and 2742 * that belong to this association, it should discard the INIT chunk and
2698 * retransmit the SHUTDOWN ACK chunk. 2743 * retransmit the SHUTDOWN ACK chunk.
2699 */ 2744 */
2700sctp_disposition_t sctp_sf_do_9_2_reshutack(const struct sctp_endpoint *ep, 2745sctp_disposition_t sctp_sf_do_9_2_reshutack(struct net *net,
2746 const struct sctp_endpoint *ep,
2701 const struct sctp_association *asoc, 2747 const struct sctp_association *asoc,
2702 const sctp_subtype_t type, 2748 const sctp_subtype_t type,
2703 void *arg, 2749 void *arg,
@@ -2708,7 +2754,7 @@ sctp_disposition_t sctp_sf_do_9_2_reshutack(const struct sctp_endpoint *ep,
2708 2754
2709 /* Make sure that the chunk has a valid length */ 2755 /* Make sure that the chunk has a valid length */
2710 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_chunkhdr_t))) 2756 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_chunkhdr_t)))
2711 return sctp_sf_violation_chunklen(ep, asoc, type, arg, 2757 return sctp_sf_violation_chunklen(net, ep, asoc, type, arg,
2712 commands); 2758 commands);
2713 2759
2714 /* Since we are not going to really process this INIT, there 2760 /* Since we are not going to really process this INIT, there
@@ -2760,7 +2806,8 @@ nomem:
2760 * 2806 *
2761 * The return value is the disposition of the chunk. 2807 * The return value is the disposition of the chunk.
2762 */ 2808 */
2763sctp_disposition_t sctp_sf_do_ecn_cwr(const struct sctp_endpoint *ep, 2809sctp_disposition_t sctp_sf_do_ecn_cwr(struct net *net,
2810 const struct sctp_endpoint *ep,
2764 const struct sctp_association *asoc, 2811 const struct sctp_association *asoc,
2765 const sctp_subtype_t type, 2812 const sctp_subtype_t type,
2766 void *arg, 2813 void *arg,
@@ -2771,10 +2818,10 @@ sctp_disposition_t sctp_sf_do_ecn_cwr(const struct sctp_endpoint *ep,
2771 u32 lowest_tsn; 2818 u32 lowest_tsn;
2772 2819
2773 if (!sctp_vtag_verify(chunk, asoc)) 2820 if (!sctp_vtag_verify(chunk, asoc))
2774 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 2821 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
2775 2822
2776 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_ecne_chunk_t))) 2823 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_ecne_chunk_t)))
2777 return sctp_sf_violation_chunklen(ep, asoc, type, arg, 2824 return sctp_sf_violation_chunklen(net, ep, asoc, type, arg,
2778 commands); 2825 commands);
2779 2826
2780 cwr = (sctp_cwrhdr_t *) chunk->skb->data; 2827 cwr = (sctp_cwrhdr_t *) chunk->skb->data;
@@ -2815,7 +2862,8 @@ sctp_disposition_t sctp_sf_do_ecn_cwr(const struct sctp_endpoint *ep,
2815 * 2862 *
2816 * The return value is the disposition of the chunk. 2863 * The return value is the disposition of the chunk.
2817 */ 2864 */
2818sctp_disposition_t sctp_sf_do_ecne(const struct sctp_endpoint *ep, 2865sctp_disposition_t sctp_sf_do_ecne(struct net *net,
2866 const struct sctp_endpoint *ep,
2819 const struct sctp_association *asoc, 2867 const struct sctp_association *asoc,
2820 const sctp_subtype_t type, 2868 const sctp_subtype_t type,
2821 void *arg, 2869 void *arg,
@@ -2825,10 +2873,10 @@ sctp_disposition_t sctp_sf_do_ecne(const struct sctp_endpoint *ep,
2825 struct sctp_chunk *chunk = arg; 2873 struct sctp_chunk *chunk = arg;
2826 2874
2827 if (!sctp_vtag_verify(chunk, asoc)) 2875 if (!sctp_vtag_verify(chunk, asoc))
2828 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 2876 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
2829 2877
2830 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_ecne_chunk_t))) 2878 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_ecne_chunk_t)))
2831 return sctp_sf_violation_chunklen(ep, asoc, type, arg, 2879 return sctp_sf_violation_chunklen(net, ep, asoc, type, arg,
2832 commands); 2880 commands);
2833 2881
2834 ecne = (sctp_ecnehdr_t *) chunk->skb->data; 2882 ecne = (sctp_ecnehdr_t *) chunk->skb->data;
@@ -2871,7 +2919,8 @@ sctp_disposition_t sctp_sf_do_ecne(const struct sctp_endpoint *ep,
2871 * 2919 *
2872 * The return value is the disposition of the chunk. 2920 * The return value is the disposition of the chunk.
2873 */ 2921 */
2874sctp_disposition_t sctp_sf_eat_data_6_2(const struct sctp_endpoint *ep, 2922sctp_disposition_t sctp_sf_eat_data_6_2(struct net *net,
2923 const struct sctp_endpoint *ep,
2875 const struct sctp_association *asoc, 2924 const struct sctp_association *asoc,
2876 const sctp_subtype_t type, 2925 const sctp_subtype_t type,
2877 void *arg, 2926 void *arg,
@@ -2884,11 +2933,11 @@ sctp_disposition_t sctp_sf_eat_data_6_2(const struct sctp_endpoint *ep,
2884 if (!sctp_vtag_verify(chunk, asoc)) { 2933 if (!sctp_vtag_verify(chunk, asoc)) {
2885 sctp_add_cmd_sf(commands, SCTP_CMD_REPORT_BAD_TAG, 2934 sctp_add_cmd_sf(commands, SCTP_CMD_REPORT_BAD_TAG,
2886 SCTP_NULL()); 2935 SCTP_NULL());
2887 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 2936 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
2888 } 2937 }
2889 2938
2890 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_data_chunk_t))) 2939 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_data_chunk_t)))
2891 return sctp_sf_violation_chunklen(ep, asoc, type, arg, 2940 return sctp_sf_violation_chunklen(net, ep, asoc, type, arg,
2892 commands); 2941 commands);
2893 2942
2894 error = sctp_eat_data(asoc, chunk, commands ); 2943 error = sctp_eat_data(asoc, chunk, commands );
@@ -2897,16 +2946,16 @@ sctp_disposition_t sctp_sf_eat_data_6_2(const struct sctp_endpoint *ep,
2897 break; 2946 break;
2898 case SCTP_IERROR_HIGH_TSN: 2947 case SCTP_IERROR_HIGH_TSN:
2899 case SCTP_IERROR_BAD_STREAM: 2948 case SCTP_IERROR_BAD_STREAM:
2900 SCTP_INC_STATS(SCTP_MIB_IN_DATA_CHUNK_DISCARDS); 2949 SCTP_INC_STATS(net, SCTP_MIB_IN_DATA_CHUNK_DISCARDS);
2901 goto discard_noforce; 2950 goto discard_noforce;
2902 case SCTP_IERROR_DUP_TSN: 2951 case SCTP_IERROR_DUP_TSN:
2903 case SCTP_IERROR_IGNORE_TSN: 2952 case SCTP_IERROR_IGNORE_TSN:
2904 SCTP_INC_STATS(SCTP_MIB_IN_DATA_CHUNK_DISCARDS); 2953 SCTP_INC_STATS(net, SCTP_MIB_IN_DATA_CHUNK_DISCARDS);
2905 goto discard_force; 2954 goto discard_force;
2906 case SCTP_IERROR_NO_DATA: 2955 case SCTP_IERROR_NO_DATA:
2907 goto consume; 2956 goto consume;
2908 case SCTP_IERROR_PROTO_VIOLATION: 2957 case SCTP_IERROR_PROTO_VIOLATION:
2909 return sctp_sf_abort_violation(ep, asoc, chunk, commands, 2958 return sctp_sf_abort_violation(net, ep, asoc, chunk, commands,
2910 (u8 *)chunk->subh.data_hdr, sizeof(sctp_datahdr_t)); 2959 (u8 *)chunk->subh.data_hdr, sizeof(sctp_datahdr_t));
2911 default: 2960 default:
2912 BUG(); 2961 BUG();
@@ -2992,7 +3041,8 @@ consume:
2992 * 3041 *
2993 * The return value is the disposition of the chunk. 3042 * The return value is the disposition of the chunk.
2994 */ 3043 */
2995sctp_disposition_t sctp_sf_eat_data_fast_4_4(const struct sctp_endpoint *ep, 3044sctp_disposition_t sctp_sf_eat_data_fast_4_4(struct net *net,
3045 const struct sctp_endpoint *ep,
2996 const struct sctp_association *asoc, 3046 const struct sctp_association *asoc,
2997 const sctp_subtype_t type, 3047 const sctp_subtype_t type,
2998 void *arg, 3048 void *arg,
@@ -3004,11 +3054,11 @@ sctp_disposition_t sctp_sf_eat_data_fast_4_4(const struct sctp_endpoint *ep,
3004 if (!sctp_vtag_verify(chunk, asoc)) { 3054 if (!sctp_vtag_verify(chunk, asoc)) {
3005 sctp_add_cmd_sf(commands, SCTP_CMD_REPORT_BAD_TAG, 3055 sctp_add_cmd_sf(commands, SCTP_CMD_REPORT_BAD_TAG,
3006 SCTP_NULL()); 3056 SCTP_NULL());
3007 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 3057 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
3008 } 3058 }
3009 3059
3010 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_data_chunk_t))) 3060 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_data_chunk_t)))
3011 return sctp_sf_violation_chunklen(ep, asoc, type, arg, 3061 return sctp_sf_violation_chunklen(net, ep, asoc, type, arg,
3012 commands); 3062 commands);
3013 3063
3014 error = sctp_eat_data(asoc, chunk, commands ); 3064 error = sctp_eat_data(asoc, chunk, commands );
@@ -3022,7 +3072,7 @@ sctp_disposition_t sctp_sf_eat_data_fast_4_4(const struct sctp_endpoint *ep,
3022 case SCTP_IERROR_NO_DATA: 3072 case SCTP_IERROR_NO_DATA:
3023 goto consume; 3073 goto consume;
3024 case SCTP_IERROR_PROTO_VIOLATION: 3074 case SCTP_IERROR_PROTO_VIOLATION:
3025 return sctp_sf_abort_violation(ep, asoc, chunk, commands, 3075 return sctp_sf_abort_violation(net, ep, asoc, chunk, commands,
3026 (u8 *)chunk->subh.data_hdr, sizeof(sctp_datahdr_t)); 3076 (u8 *)chunk->subh.data_hdr, sizeof(sctp_datahdr_t));
3027 default: 3077 default:
3028 BUG(); 3078 BUG();
@@ -3082,7 +3132,8 @@ consume:
3082 * 3132 *
3083 * The return value is the disposition of the chunk. 3133 * The return value is the disposition of the chunk.
3084 */ 3134 */
3085sctp_disposition_t sctp_sf_eat_sack_6_2(const struct sctp_endpoint *ep, 3135sctp_disposition_t sctp_sf_eat_sack_6_2(struct net *net,
3136 const struct sctp_endpoint *ep,
3086 const struct sctp_association *asoc, 3137 const struct sctp_association *asoc,
3087 const sctp_subtype_t type, 3138 const sctp_subtype_t type,
3088 void *arg, 3139 void *arg,
@@ -3093,18 +3144,18 @@ sctp_disposition_t sctp_sf_eat_sack_6_2(const struct sctp_endpoint *ep,
3093 __u32 ctsn; 3144 __u32 ctsn;
3094 3145
3095 if (!sctp_vtag_verify(chunk, asoc)) 3146 if (!sctp_vtag_verify(chunk, asoc))
3096 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 3147 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
3097 3148
3098 /* Make sure that the SACK chunk has a valid length. */ 3149 /* Make sure that the SACK chunk has a valid length. */
3099 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_sack_chunk_t))) 3150 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_sack_chunk_t)))
3100 return sctp_sf_violation_chunklen(ep, asoc, type, arg, 3151 return sctp_sf_violation_chunklen(net, ep, asoc, type, arg,
3101 commands); 3152 commands);
3102 3153
3103 /* Pull the SACK chunk from the data buffer */ 3154 /* Pull the SACK chunk from the data buffer */
3104 sackh = sctp_sm_pull_sack(chunk); 3155 sackh = sctp_sm_pull_sack(chunk);
3105 /* Was this a bogus SACK? */ 3156 /* Was this a bogus SACK? */
3106 if (!sackh) 3157 if (!sackh)
3107 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 3158 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
3108 chunk->subh.sack_hdr = sackh; 3159 chunk->subh.sack_hdr = sackh;
3109 ctsn = ntohl(sackh->cum_tsn_ack); 3160 ctsn = ntohl(sackh->cum_tsn_ack);
3110 3161
@@ -3125,7 +3176,7 @@ sctp_disposition_t sctp_sf_eat_sack_6_2(const struct sctp_endpoint *ep,
3125 * sender with an ABORT. 3176 * sender with an ABORT.
3126 */ 3177 */
3127 if (!TSN_lt(ctsn, asoc->next_tsn)) 3178 if (!TSN_lt(ctsn, asoc->next_tsn))
3128 return sctp_sf_violation_ctsn(ep, asoc, type, arg, commands); 3179 return sctp_sf_violation_ctsn(net, ep, asoc, type, arg, commands);
3129 3180
3130 /* Return this SACK for further processing. */ 3181 /* Return this SACK for further processing. */
3131 sctp_add_cmd_sf(commands, SCTP_CMD_PROCESS_SACK, SCTP_SACKH(sackh)); 3182 sctp_add_cmd_sf(commands, SCTP_CMD_PROCESS_SACK, SCTP_SACKH(sackh));
@@ -3154,7 +3205,8 @@ sctp_disposition_t sctp_sf_eat_sack_6_2(const struct sctp_endpoint *ep,
3154 * 3205 *
3155 * The return value is the disposition of the chunk. 3206 * The return value is the disposition of the chunk.
3156*/ 3207*/
3157static sctp_disposition_t sctp_sf_tabort_8_4_8(const struct sctp_endpoint *ep, 3208static sctp_disposition_t sctp_sf_tabort_8_4_8(struct net *net,
3209 const struct sctp_endpoint *ep,
3158 const struct sctp_association *asoc, 3210 const struct sctp_association *asoc,
3159 const sctp_subtype_t type, 3211 const sctp_subtype_t type,
3160 void *arg, 3212 void *arg,
@@ -3164,7 +3216,7 @@ static sctp_disposition_t sctp_sf_tabort_8_4_8(const struct sctp_endpoint *ep,
3164 struct sctp_chunk *chunk = arg; 3216 struct sctp_chunk *chunk = arg;
3165 struct sctp_chunk *abort; 3217 struct sctp_chunk *abort;
3166 3218
3167 packet = sctp_ootb_pkt_new(asoc, chunk); 3219 packet = sctp_ootb_pkt_new(net, asoc, chunk);
3168 3220
3169 if (packet) { 3221 if (packet) {
3170 /* Make an ABORT. The T bit will be set if the asoc 3222 /* Make an ABORT. The T bit will be set if the asoc
@@ -3188,9 +3240,9 @@ static sctp_disposition_t sctp_sf_tabort_8_4_8(const struct sctp_endpoint *ep,
3188 sctp_add_cmd_sf(commands, SCTP_CMD_SEND_PKT, 3240 sctp_add_cmd_sf(commands, SCTP_CMD_SEND_PKT,
3189 SCTP_PACKET(packet)); 3241 SCTP_PACKET(packet));
3190 3242
3191 SCTP_INC_STATS(SCTP_MIB_OUTCTRLCHUNKS); 3243 SCTP_INC_STATS(net, SCTP_MIB_OUTCTRLCHUNKS);
3192 3244
3193 sctp_sf_pdiscard(ep, asoc, type, arg, commands); 3245 sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
3194 return SCTP_DISPOSITION_CONSUME; 3246 return SCTP_DISPOSITION_CONSUME;
3195 } 3247 }
3196 3248
@@ -3205,7 +3257,8 @@ static sctp_disposition_t sctp_sf_tabort_8_4_8(const struct sctp_endpoint *ep,
3205 * 3257 *
3206 * The return value is the disposition of the chunk. 3258 * The return value is the disposition of the chunk.
3207*/ 3259*/
3208sctp_disposition_t sctp_sf_operr_notify(const struct sctp_endpoint *ep, 3260sctp_disposition_t sctp_sf_operr_notify(struct net *net,
3261 const struct sctp_endpoint *ep,
3209 const struct sctp_association *asoc, 3262 const struct sctp_association *asoc,
3210 const sctp_subtype_t type, 3263 const sctp_subtype_t type,
3211 void *arg, 3264 void *arg,
@@ -3215,15 +3268,15 @@ sctp_disposition_t sctp_sf_operr_notify(const struct sctp_endpoint *ep,
3215 sctp_errhdr_t *err; 3268 sctp_errhdr_t *err;
3216 3269
3217 if (!sctp_vtag_verify(chunk, asoc)) 3270 if (!sctp_vtag_verify(chunk, asoc))
3218 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 3271 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
3219 3272
3220 /* Make sure that the ERROR chunk has a valid length. */ 3273 /* Make sure that the ERROR chunk has a valid length. */
3221 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_operr_chunk_t))) 3274 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_operr_chunk_t)))
3222 return sctp_sf_violation_chunklen(ep, asoc, type, arg, 3275 return sctp_sf_violation_chunklen(net, ep, asoc, type, arg,
3223 commands); 3276 commands);
3224 sctp_walk_errors(err, chunk->chunk_hdr); 3277 sctp_walk_errors(err, chunk->chunk_hdr);
3225 if ((void *)err != (void *)chunk->chunk_end) 3278 if ((void *)err != (void *)chunk->chunk_end)
3226 return sctp_sf_violation_paramlen(ep, asoc, type, arg, 3279 return sctp_sf_violation_paramlen(net, ep, asoc, type, arg,
3227 (void *)err, commands); 3280 (void *)err, commands);
3228 3281
3229 sctp_add_cmd_sf(commands, SCTP_CMD_PROCESS_OPERR, 3282 sctp_add_cmd_sf(commands, SCTP_CMD_PROCESS_OPERR,
@@ -3242,7 +3295,8 @@ sctp_disposition_t sctp_sf_operr_notify(const struct sctp_endpoint *ep,
3242 * 3295 *
3243 * The return value is the disposition. 3296 * The return value is the disposition.
3244 */ 3297 */
3245sctp_disposition_t sctp_sf_do_9_2_final(const struct sctp_endpoint *ep, 3298sctp_disposition_t sctp_sf_do_9_2_final(struct net *net,
3299 const struct sctp_endpoint *ep,
3246 const struct sctp_association *asoc, 3300 const struct sctp_association *asoc,
3247 const sctp_subtype_t type, 3301 const sctp_subtype_t type,
3248 void *arg, 3302 void *arg,
@@ -3253,11 +3307,11 @@ sctp_disposition_t sctp_sf_do_9_2_final(const struct sctp_endpoint *ep,
3253 struct sctp_ulpevent *ev; 3307 struct sctp_ulpevent *ev;
3254 3308
3255 if (!sctp_vtag_verify(chunk, asoc)) 3309 if (!sctp_vtag_verify(chunk, asoc))
3256 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 3310 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
3257 3311
3258 /* Make sure that the SHUTDOWN_ACK chunk has a valid length. */ 3312 /* Make sure that the SHUTDOWN_ACK chunk has a valid length. */
3259 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_chunkhdr_t))) 3313 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_chunkhdr_t)))
3260 return sctp_sf_violation_chunklen(ep, asoc, type, arg, 3314 return sctp_sf_violation_chunklen(net, ep, asoc, type, arg,
3261 commands); 3315 commands);
3262 /* 10.2 H) SHUTDOWN COMPLETE notification 3316 /* 10.2 H) SHUTDOWN COMPLETE notification
3263 * 3317 *
@@ -3290,8 +3344,8 @@ sctp_disposition_t sctp_sf_do_9_2_final(const struct sctp_endpoint *ep,
3290 3344
3291 sctp_add_cmd_sf(commands, SCTP_CMD_NEW_STATE, 3345 sctp_add_cmd_sf(commands, SCTP_CMD_NEW_STATE,
3292 SCTP_STATE(SCTP_STATE_CLOSED)); 3346 SCTP_STATE(SCTP_STATE_CLOSED));
3293 SCTP_INC_STATS(SCTP_MIB_SHUTDOWNS); 3347 SCTP_INC_STATS(net, SCTP_MIB_SHUTDOWNS);
3294 SCTP_DEC_STATS(SCTP_MIB_CURRESTAB); 3348 SCTP_DEC_STATS(net, SCTP_MIB_CURRESTAB);
3295 sctp_add_cmd_sf(commands, SCTP_CMD_REPLY, SCTP_CHUNK(reply)); 3349 sctp_add_cmd_sf(commands, SCTP_CMD_REPLY, SCTP_CHUNK(reply));
3296 3350
3297 /* ...and remove all record of the association. */ 3351 /* ...and remove all record of the association. */
@@ -3324,7 +3378,8 @@ nomem:
3324 * receiver of the OOTB packet shall discard the OOTB packet and take 3378 * receiver of the OOTB packet shall discard the OOTB packet and take
3325 * no further action. 3379 * no further action.
3326 */ 3380 */
3327sctp_disposition_t sctp_sf_ootb(const struct sctp_endpoint *ep, 3381sctp_disposition_t sctp_sf_ootb(struct net *net,
3382 const struct sctp_endpoint *ep,
3328 const struct sctp_association *asoc, 3383 const struct sctp_association *asoc,
3329 const sctp_subtype_t type, 3384 const sctp_subtype_t type,
3330 void *arg, 3385 void *arg,
@@ -3338,13 +3393,13 @@ sctp_disposition_t sctp_sf_ootb(const struct sctp_endpoint *ep,
3338 int ootb_shut_ack = 0; 3393 int ootb_shut_ack = 0;
3339 int ootb_cookie_ack = 0; 3394 int ootb_cookie_ack = 0;
3340 3395
3341 SCTP_INC_STATS(SCTP_MIB_OUTOFBLUES); 3396 SCTP_INC_STATS(net, SCTP_MIB_OUTOFBLUES);
3342 3397
3343 ch = (sctp_chunkhdr_t *) chunk->chunk_hdr; 3398 ch = (sctp_chunkhdr_t *) chunk->chunk_hdr;
3344 do { 3399 do {
3345 /* Report violation if the chunk is less then minimal */ 3400 /* Report violation if the chunk is less then minimal */
3346 if (ntohs(ch->length) < sizeof(sctp_chunkhdr_t)) 3401 if (ntohs(ch->length) < sizeof(sctp_chunkhdr_t))
3347 return sctp_sf_violation_chunklen(ep, asoc, type, arg, 3402 return sctp_sf_violation_chunklen(net, ep, asoc, type, arg,
3348 commands); 3403 commands);
3349 3404
3350 /* Now that we know we at least have a chunk header, 3405 /* Now that we know we at least have a chunk header,
@@ -3359,7 +3414,7 @@ sctp_disposition_t sctp_sf_ootb(const struct sctp_endpoint *ep,
3359 * sending an ABORT of its own. 3414 * sending an ABORT of its own.
3360 */ 3415 */
3361 if (SCTP_CID_ABORT == ch->type) 3416 if (SCTP_CID_ABORT == ch->type)
3362 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 3417 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
3363 3418
3364 /* RFC 8.4, 7) If the packet contains a "Stale cookie" ERROR 3419 /* RFC 8.4, 7) If the packet contains a "Stale cookie" ERROR
3365 * or a COOKIE ACK the SCTP Packet should be silently 3420 * or a COOKIE ACK the SCTP Packet should be silently
@@ -3381,18 +3436,18 @@ sctp_disposition_t sctp_sf_ootb(const struct sctp_endpoint *ep,
3381 /* Report violation if chunk len overflows */ 3436 /* Report violation if chunk len overflows */
3382 ch_end = ((__u8 *)ch) + WORD_ROUND(ntohs(ch->length)); 3437 ch_end = ((__u8 *)ch) + WORD_ROUND(ntohs(ch->length));
3383 if (ch_end > skb_tail_pointer(skb)) 3438 if (ch_end > skb_tail_pointer(skb))
3384 return sctp_sf_violation_chunklen(ep, asoc, type, arg, 3439 return sctp_sf_violation_chunklen(net, ep, asoc, type, arg,
3385 commands); 3440 commands);
3386 3441
3387 ch = (sctp_chunkhdr_t *) ch_end; 3442 ch = (sctp_chunkhdr_t *) ch_end;
3388 } while (ch_end < skb_tail_pointer(skb)); 3443 } while (ch_end < skb_tail_pointer(skb));
3389 3444
3390 if (ootb_shut_ack) 3445 if (ootb_shut_ack)
3391 return sctp_sf_shut_8_4_5(ep, asoc, type, arg, commands); 3446 return sctp_sf_shut_8_4_5(net, ep, asoc, type, arg, commands);
3392 else if (ootb_cookie_ack) 3447 else if (ootb_cookie_ack)
3393 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 3448 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
3394 else 3449 else
3395 return sctp_sf_tabort_8_4_8(ep, asoc, type, arg, commands); 3450 return sctp_sf_tabort_8_4_8(net, ep, asoc, type, arg, commands);
3396} 3451}
3397 3452
3398/* 3453/*
@@ -3416,7 +3471,8 @@ sctp_disposition_t sctp_sf_ootb(const struct sctp_endpoint *ep,
3416 * 3471 *
3417 * The return value is the disposition of the chunk. 3472 * The return value is the disposition of the chunk.
3418 */ 3473 */
3419static sctp_disposition_t sctp_sf_shut_8_4_5(const struct sctp_endpoint *ep, 3474static sctp_disposition_t sctp_sf_shut_8_4_5(struct net *net,
3475 const struct sctp_endpoint *ep,
3420 const struct sctp_association *asoc, 3476 const struct sctp_association *asoc,
3421 const sctp_subtype_t type, 3477 const sctp_subtype_t type,
3422 void *arg, 3478 void *arg,
@@ -3426,7 +3482,7 @@ static sctp_disposition_t sctp_sf_shut_8_4_5(const struct sctp_endpoint *ep,
3426 struct sctp_chunk *chunk = arg; 3482 struct sctp_chunk *chunk = arg;
3427 struct sctp_chunk *shut; 3483 struct sctp_chunk *shut;
3428 3484
3429 packet = sctp_ootb_pkt_new(asoc, chunk); 3485 packet = sctp_ootb_pkt_new(net, asoc, chunk);
3430 3486
3431 if (packet) { 3487 if (packet) {
3432 /* Make an SHUTDOWN_COMPLETE. 3488 /* Make an SHUTDOWN_COMPLETE.
@@ -3450,19 +3506,19 @@ static sctp_disposition_t sctp_sf_shut_8_4_5(const struct sctp_endpoint *ep,
3450 sctp_add_cmd_sf(commands, SCTP_CMD_SEND_PKT, 3506 sctp_add_cmd_sf(commands, SCTP_CMD_SEND_PKT,
3451 SCTP_PACKET(packet)); 3507 SCTP_PACKET(packet));
3452 3508
3453 SCTP_INC_STATS(SCTP_MIB_OUTCTRLCHUNKS); 3509 SCTP_INC_STATS(net, SCTP_MIB_OUTCTRLCHUNKS);
3454 3510
3455 /* If the chunk length is invalid, we don't want to process 3511 /* If the chunk length is invalid, we don't want to process
3456 * the reset of the packet. 3512 * the reset of the packet.
3457 */ 3513 */
3458 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_chunkhdr_t))) 3514 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_chunkhdr_t)))
3459 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 3515 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
3460 3516
3461 /* We need to discard the rest of the packet to prevent 3517 /* We need to discard the rest of the packet to prevent
3462 * potential bomming attacks from additional bundled chunks. 3518 * potential bomming attacks from additional bundled chunks.
3463 * This is documented in SCTP Threats ID. 3519 * This is documented in SCTP Threats ID.
3464 */ 3520 */
3465 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 3521 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
3466 } 3522 }
3467 3523
3468 return SCTP_DISPOSITION_NOMEM; 3524 return SCTP_DISPOSITION_NOMEM;
@@ -3479,7 +3535,8 @@ static sctp_disposition_t sctp_sf_shut_8_4_5(const struct sctp_endpoint *ep,
3479 * chunks. --piggy ] 3535 * chunks. --piggy ]
3480 * 3536 *
3481 */ 3537 */
3482sctp_disposition_t sctp_sf_do_8_5_1_E_sa(const struct sctp_endpoint *ep, 3538sctp_disposition_t sctp_sf_do_8_5_1_E_sa(struct net *net,
3539 const struct sctp_endpoint *ep,
3483 const struct sctp_association *asoc, 3540 const struct sctp_association *asoc,
3484 const sctp_subtype_t type, 3541 const sctp_subtype_t type,
3485 void *arg, 3542 void *arg,
@@ -3489,7 +3546,7 @@ sctp_disposition_t sctp_sf_do_8_5_1_E_sa(const struct sctp_endpoint *ep,
3489 3546
3490 /* Make sure that the SHUTDOWN_ACK chunk has a valid length. */ 3547 /* Make sure that the SHUTDOWN_ACK chunk has a valid length. */
3491 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_chunkhdr_t))) 3548 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_chunkhdr_t)))
3492 return sctp_sf_violation_chunklen(ep, asoc, type, arg, 3549 return sctp_sf_violation_chunklen(net, ep, asoc, type, arg,
3493 commands); 3550 commands);
3494 3551
3495 /* Although we do have an association in this case, it corresponds 3552 /* Although we do have an association in this case, it corresponds
@@ -3497,13 +3554,14 @@ sctp_disposition_t sctp_sf_do_8_5_1_E_sa(const struct sctp_endpoint *ep,
3497 * packet and the state function that handles OOTB SHUTDOWN_ACK is 3554 * packet and the state function that handles OOTB SHUTDOWN_ACK is
3498 * called with a NULL association. 3555 * called with a NULL association.
3499 */ 3556 */
3500 SCTP_INC_STATS(SCTP_MIB_OUTOFBLUES); 3557 SCTP_INC_STATS(net, SCTP_MIB_OUTOFBLUES);
3501 3558
3502 return sctp_sf_shut_8_4_5(ep, NULL, type, arg, commands); 3559 return sctp_sf_shut_8_4_5(net, ep, NULL, type, arg, commands);
3503} 3560}
3504 3561
3505/* ADDIP Section 4.2 Upon reception of an ASCONF Chunk. */ 3562/* ADDIP Section 4.2 Upon reception of an ASCONF Chunk. */
3506sctp_disposition_t sctp_sf_do_asconf(const struct sctp_endpoint *ep, 3563sctp_disposition_t sctp_sf_do_asconf(struct net *net,
3564 const struct sctp_endpoint *ep,
3507 const struct sctp_association *asoc, 3565 const struct sctp_association *asoc,
3508 const sctp_subtype_t type, void *arg, 3566 const sctp_subtype_t type, void *arg,
3509 sctp_cmd_seq_t *commands) 3567 sctp_cmd_seq_t *commands)
@@ -3519,7 +3577,7 @@ sctp_disposition_t sctp_sf_do_asconf(const struct sctp_endpoint *ep,
3519 if (!sctp_vtag_verify(chunk, asoc)) { 3577 if (!sctp_vtag_verify(chunk, asoc)) {
3520 sctp_add_cmd_sf(commands, SCTP_CMD_REPORT_BAD_TAG, 3578 sctp_add_cmd_sf(commands, SCTP_CMD_REPORT_BAD_TAG,
3521 SCTP_NULL()); 3579 SCTP_NULL());
3522 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 3580 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
3523 } 3581 }
3524 3582
3525 /* ADD-IP: Section 4.1.1 3583 /* ADD-IP: Section 4.1.1
@@ -3528,12 +3586,12 @@ sctp_disposition_t sctp_sf_do_asconf(const struct sctp_endpoint *ep,
3528 * is received unauthenticated it MUST be silently discarded as 3586 * is received unauthenticated it MUST be silently discarded as
3529 * described in [I-D.ietf-tsvwg-sctp-auth]. 3587 * described in [I-D.ietf-tsvwg-sctp-auth].
3530 */ 3588 */
3531 if (!sctp_addip_noauth && !chunk->auth) 3589 if (!net->sctp.addip_noauth && !chunk->auth)
3532 return sctp_sf_discard_chunk(ep, asoc, type, arg, commands); 3590 return sctp_sf_discard_chunk(net, ep, asoc, type, arg, commands);
3533 3591
3534 /* Make sure that the ASCONF ADDIP chunk has a valid length. */ 3592 /* Make sure that the ASCONF ADDIP chunk has a valid length. */
3535 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_addip_chunk_t))) 3593 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_addip_chunk_t)))
3536 return sctp_sf_violation_chunklen(ep, asoc, type, arg, 3594 return sctp_sf_violation_chunklen(net, ep, asoc, type, arg,
3537 commands); 3595 commands);
3538 3596
3539 hdr = (sctp_addiphdr_t *)chunk->skb->data; 3597 hdr = (sctp_addiphdr_t *)chunk->skb->data;
@@ -3542,7 +3600,7 @@ sctp_disposition_t sctp_sf_do_asconf(const struct sctp_endpoint *ep,
3542 addr_param = (union sctp_addr_param *)hdr->params; 3600 addr_param = (union sctp_addr_param *)hdr->params;
3543 length = ntohs(addr_param->p.length); 3601 length = ntohs(addr_param->p.length);
3544 if (length < sizeof(sctp_paramhdr_t)) 3602 if (length < sizeof(sctp_paramhdr_t))
3545 return sctp_sf_violation_paramlen(ep, asoc, type, arg, 3603 return sctp_sf_violation_paramlen(net, ep, asoc, type, arg,
3546 (void *)addr_param, commands); 3604 (void *)addr_param, commands);
3547 3605
3548 /* Verify the ASCONF chunk before processing it. */ 3606 /* Verify the ASCONF chunk before processing it. */
@@ -3550,7 +3608,7 @@ sctp_disposition_t sctp_sf_do_asconf(const struct sctp_endpoint *ep,
3550 (sctp_paramhdr_t *)((void *)addr_param + length), 3608 (sctp_paramhdr_t *)((void *)addr_param + length),
3551 (void *)chunk->chunk_end, 3609 (void *)chunk->chunk_end,
3552 &err_param)) 3610 &err_param))
3553 return sctp_sf_violation_paramlen(ep, asoc, type, arg, 3611 return sctp_sf_violation_paramlen(net, ep, asoc, type, arg,
3554 (void *)err_param, commands); 3612 (void *)err_param, commands);
3555 3613
3556 /* ADDIP 5.2 E1) Compare the value of the serial number to the value 3614 /* ADDIP 5.2 E1) Compare the value of the serial number to the value
@@ -3630,7 +3688,8 @@ sctp_disposition_t sctp_sf_do_asconf(const struct sctp_endpoint *ep,
3630 * When building TLV parameters for the ASCONF Chunk that will add or 3688 * When building TLV parameters for the ASCONF Chunk that will add or
3631 * delete IP addresses the D0 to D13 rules should be applied: 3689 * delete IP addresses the D0 to D13 rules should be applied:
3632 */ 3690 */
3633sctp_disposition_t sctp_sf_do_asconf_ack(const struct sctp_endpoint *ep, 3691sctp_disposition_t sctp_sf_do_asconf_ack(struct net *net,
3692 const struct sctp_endpoint *ep,
3634 const struct sctp_association *asoc, 3693 const struct sctp_association *asoc,
3635 const sctp_subtype_t type, void *arg, 3694 const sctp_subtype_t type, void *arg,
3636 sctp_cmd_seq_t *commands) 3695 sctp_cmd_seq_t *commands)
@@ -3645,7 +3704,7 @@ sctp_disposition_t sctp_sf_do_asconf_ack(const struct sctp_endpoint *ep,
3645 if (!sctp_vtag_verify(asconf_ack, asoc)) { 3704 if (!sctp_vtag_verify(asconf_ack, asoc)) {
3646 sctp_add_cmd_sf(commands, SCTP_CMD_REPORT_BAD_TAG, 3705 sctp_add_cmd_sf(commands, SCTP_CMD_REPORT_BAD_TAG,
3647 SCTP_NULL()); 3706 SCTP_NULL());
3648 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 3707 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
3649 } 3708 }
3650 3709
3651 /* ADD-IP, Section 4.1.2: 3710 /* ADD-IP, Section 4.1.2:
@@ -3654,12 +3713,12 @@ sctp_disposition_t sctp_sf_do_asconf_ack(const struct sctp_endpoint *ep,
3654 * is received unauthenticated it MUST be silently discarded as 3713 * is received unauthenticated it MUST be silently discarded as
3655 * described in [I-D.ietf-tsvwg-sctp-auth]. 3714 * described in [I-D.ietf-tsvwg-sctp-auth].
3656 */ 3715 */
3657 if (!sctp_addip_noauth && !asconf_ack->auth) 3716 if (!net->sctp.addip_noauth && !asconf_ack->auth)
3658 return sctp_sf_discard_chunk(ep, asoc, type, arg, commands); 3717 return sctp_sf_discard_chunk(net, ep, asoc, type, arg, commands);
3659 3718
3660 /* Make sure that the ADDIP chunk has a valid length. */ 3719 /* Make sure that the ADDIP chunk has a valid length. */
3661 if (!sctp_chunk_length_valid(asconf_ack, sizeof(sctp_addip_chunk_t))) 3720 if (!sctp_chunk_length_valid(asconf_ack, sizeof(sctp_addip_chunk_t)))
3662 return sctp_sf_violation_chunklen(ep, asoc, type, arg, 3721 return sctp_sf_violation_chunklen(net, ep, asoc, type, arg,
3663 commands); 3722 commands);
3664 3723
3665 addip_hdr = (sctp_addiphdr_t *)asconf_ack->skb->data; 3724 addip_hdr = (sctp_addiphdr_t *)asconf_ack->skb->data;
@@ -3670,7 +3729,7 @@ sctp_disposition_t sctp_sf_do_asconf_ack(const struct sctp_endpoint *ep,
3670 (sctp_paramhdr_t *)addip_hdr->params, 3729 (sctp_paramhdr_t *)addip_hdr->params,
3671 (void *)asconf_ack->chunk_end, 3730 (void *)asconf_ack->chunk_end,
3672 &err_param)) 3731 &err_param))
3673 return sctp_sf_violation_paramlen(ep, asoc, type, arg, 3732 return sctp_sf_violation_paramlen(net, ep, asoc, type, arg,
3674 (void *)err_param, commands); 3733 (void *)err_param, commands);
3675 3734
3676 if (last_asconf) { 3735 if (last_asconf) {
@@ -3705,8 +3764,8 @@ sctp_disposition_t sctp_sf_do_asconf_ack(const struct sctp_endpoint *ep,
3705 SCTP_ERROR(ECONNABORTED)); 3764 SCTP_ERROR(ECONNABORTED));
3706 sctp_add_cmd_sf(commands, SCTP_CMD_ASSOC_FAILED, 3765 sctp_add_cmd_sf(commands, SCTP_CMD_ASSOC_FAILED,
3707 SCTP_PERR(SCTP_ERROR_ASCONF_ACK)); 3766 SCTP_PERR(SCTP_ERROR_ASCONF_ACK));
3708 SCTP_INC_STATS(SCTP_MIB_ABORTEDS); 3767 SCTP_INC_STATS(net, SCTP_MIB_ABORTEDS);
3709 SCTP_DEC_STATS(SCTP_MIB_CURRESTAB); 3768 SCTP_DEC_STATS(net, SCTP_MIB_CURRESTAB);
3710 return SCTP_DISPOSITION_ABORT; 3769 return SCTP_DISPOSITION_ABORT;
3711 } 3770 }
3712 3771
@@ -3739,8 +3798,8 @@ sctp_disposition_t sctp_sf_do_asconf_ack(const struct sctp_endpoint *ep,
3739 SCTP_ERROR(ECONNABORTED)); 3798 SCTP_ERROR(ECONNABORTED));
3740 sctp_add_cmd_sf(commands, SCTP_CMD_ASSOC_FAILED, 3799 sctp_add_cmd_sf(commands, SCTP_CMD_ASSOC_FAILED,
3741 SCTP_PERR(SCTP_ERROR_ASCONF_ACK)); 3800 SCTP_PERR(SCTP_ERROR_ASCONF_ACK));
3742 SCTP_INC_STATS(SCTP_MIB_ABORTEDS); 3801 SCTP_INC_STATS(net, SCTP_MIB_ABORTEDS);
3743 SCTP_DEC_STATS(SCTP_MIB_CURRESTAB); 3802 SCTP_DEC_STATS(net, SCTP_MIB_CURRESTAB);
3744 return SCTP_DISPOSITION_ABORT; 3803 return SCTP_DISPOSITION_ABORT;
3745 } 3804 }
3746 3805
@@ -3761,7 +3820,8 @@ sctp_disposition_t sctp_sf_do_asconf_ack(const struct sctp_endpoint *ep,
3761 * 3820 *
3762 * The return value is the disposition of the chunk. 3821 * The return value is the disposition of the chunk.
3763 */ 3822 */
3764sctp_disposition_t sctp_sf_eat_fwd_tsn(const struct sctp_endpoint *ep, 3823sctp_disposition_t sctp_sf_eat_fwd_tsn(struct net *net,
3824 const struct sctp_endpoint *ep,
3765 const struct sctp_association *asoc, 3825 const struct sctp_association *asoc,
3766 const sctp_subtype_t type, 3826 const sctp_subtype_t type,
3767 void *arg, 3827 void *arg,
@@ -3776,12 +3836,12 @@ sctp_disposition_t sctp_sf_eat_fwd_tsn(const struct sctp_endpoint *ep,
3776 if (!sctp_vtag_verify(chunk, asoc)) { 3836 if (!sctp_vtag_verify(chunk, asoc)) {
3777 sctp_add_cmd_sf(commands, SCTP_CMD_REPORT_BAD_TAG, 3837 sctp_add_cmd_sf(commands, SCTP_CMD_REPORT_BAD_TAG,
3778 SCTP_NULL()); 3838 SCTP_NULL());
3779 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 3839 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
3780 } 3840 }
3781 3841
3782 /* Make sure that the FORWARD_TSN chunk has valid length. */ 3842 /* Make sure that the FORWARD_TSN chunk has valid length. */
3783 if (!sctp_chunk_length_valid(chunk, sizeof(struct sctp_fwdtsn_chunk))) 3843 if (!sctp_chunk_length_valid(chunk, sizeof(struct sctp_fwdtsn_chunk)))
3784 return sctp_sf_violation_chunklen(ep, asoc, type, arg, 3844 return sctp_sf_violation_chunklen(net, ep, asoc, type, arg,
3785 commands); 3845 commands);
3786 3846
3787 fwdtsn_hdr = (struct sctp_fwdtsn_hdr *)chunk->skb->data; 3847 fwdtsn_hdr = (struct sctp_fwdtsn_hdr *)chunk->skb->data;
@@ -3828,6 +3888,7 @@ discard_noforce:
3828} 3888}
3829 3889
3830sctp_disposition_t sctp_sf_eat_fwd_tsn_fast( 3890sctp_disposition_t sctp_sf_eat_fwd_tsn_fast(
3891 struct net *net,
3831 const struct sctp_endpoint *ep, 3892 const struct sctp_endpoint *ep,
3832 const struct sctp_association *asoc, 3893 const struct sctp_association *asoc,
3833 const sctp_subtype_t type, 3894 const sctp_subtype_t type,
@@ -3843,12 +3904,12 @@ sctp_disposition_t sctp_sf_eat_fwd_tsn_fast(
3843 if (!sctp_vtag_verify(chunk, asoc)) { 3904 if (!sctp_vtag_verify(chunk, asoc)) {
3844 sctp_add_cmd_sf(commands, SCTP_CMD_REPORT_BAD_TAG, 3905 sctp_add_cmd_sf(commands, SCTP_CMD_REPORT_BAD_TAG,
3845 SCTP_NULL()); 3906 SCTP_NULL());
3846 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 3907 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
3847 } 3908 }
3848 3909
3849 /* Make sure that the FORWARD_TSN chunk has a valid length. */ 3910 /* Make sure that the FORWARD_TSN chunk has a valid length. */
3850 if (!sctp_chunk_length_valid(chunk, sizeof(struct sctp_fwdtsn_chunk))) 3911 if (!sctp_chunk_length_valid(chunk, sizeof(struct sctp_fwdtsn_chunk)))
3851 return sctp_sf_violation_chunklen(ep, asoc, type, arg, 3912 return sctp_sf_violation_chunklen(net, ep, asoc, type, arg,
3852 commands); 3913 commands);
3853 3914
3854 fwdtsn_hdr = (struct sctp_fwdtsn_hdr *)chunk->skb->data; 3915 fwdtsn_hdr = (struct sctp_fwdtsn_hdr *)chunk->skb->data;
@@ -3915,7 +3976,8 @@ gen_shutdown:
3915 * 3976 *
3916 * The return value is the disposition of the chunk. 3977 * The return value is the disposition of the chunk.
3917 */ 3978 */
3918static sctp_ierror_t sctp_sf_authenticate(const struct sctp_endpoint *ep, 3979static sctp_ierror_t sctp_sf_authenticate(struct net *net,
3980 const struct sctp_endpoint *ep,
3919 const struct sctp_association *asoc, 3981 const struct sctp_association *asoc,
3920 const sctp_subtype_t type, 3982 const sctp_subtype_t type,
3921 struct sctp_chunk *chunk) 3983 struct sctp_chunk *chunk)
@@ -3988,7 +4050,8 @@ nomem:
3988 return SCTP_IERROR_NOMEM; 4050 return SCTP_IERROR_NOMEM;
3989} 4051}
3990 4052
3991sctp_disposition_t sctp_sf_eat_auth(const struct sctp_endpoint *ep, 4053sctp_disposition_t sctp_sf_eat_auth(struct net *net,
4054 const struct sctp_endpoint *ep,
3992 const struct sctp_association *asoc, 4055 const struct sctp_association *asoc,
3993 const sctp_subtype_t type, 4056 const sctp_subtype_t type,
3994 void *arg, 4057 void *arg,
@@ -4001,21 +4064,21 @@ sctp_disposition_t sctp_sf_eat_auth(const struct sctp_endpoint *ep,
4001 4064
4002 /* Make sure that the peer has AUTH capable */ 4065 /* Make sure that the peer has AUTH capable */
4003 if (!asoc->peer.auth_capable) 4066 if (!asoc->peer.auth_capable)
4004 return sctp_sf_unk_chunk(ep, asoc, type, arg, commands); 4067 return sctp_sf_unk_chunk(net, ep, asoc, type, arg, commands);
4005 4068
4006 if (!sctp_vtag_verify(chunk, asoc)) { 4069 if (!sctp_vtag_verify(chunk, asoc)) {
4007 sctp_add_cmd_sf(commands, SCTP_CMD_REPORT_BAD_TAG, 4070 sctp_add_cmd_sf(commands, SCTP_CMD_REPORT_BAD_TAG,
4008 SCTP_NULL()); 4071 SCTP_NULL());
4009 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 4072 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
4010 } 4073 }
4011 4074
4012 /* Make sure that the AUTH chunk has valid length. */ 4075 /* Make sure that the AUTH chunk has valid length. */
4013 if (!sctp_chunk_length_valid(chunk, sizeof(struct sctp_auth_chunk))) 4076 if (!sctp_chunk_length_valid(chunk, sizeof(struct sctp_auth_chunk)))
4014 return sctp_sf_violation_chunklen(ep, asoc, type, arg, 4077 return sctp_sf_violation_chunklen(net, ep, asoc, type, arg,
4015 commands); 4078 commands);
4016 4079
4017 auth_hdr = (struct sctp_authhdr *)chunk->skb->data; 4080 auth_hdr = (struct sctp_authhdr *)chunk->skb->data;
4018 error = sctp_sf_authenticate(ep, asoc, type, chunk); 4081 error = sctp_sf_authenticate(net, ep, asoc, type, chunk);
4019 switch (error) { 4082 switch (error) {
4020 case SCTP_IERROR_AUTH_BAD_HMAC: 4083 case SCTP_IERROR_AUTH_BAD_HMAC:
4021 /* Generate the ERROR chunk and discard the rest 4084 /* Generate the ERROR chunk and discard the rest
@@ -4032,10 +4095,10 @@ sctp_disposition_t sctp_sf_eat_auth(const struct sctp_endpoint *ep,
4032 /* Fall Through */ 4095 /* Fall Through */
4033 case SCTP_IERROR_AUTH_BAD_KEYID: 4096 case SCTP_IERROR_AUTH_BAD_KEYID:
4034 case SCTP_IERROR_BAD_SIG: 4097 case SCTP_IERROR_BAD_SIG:
4035 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 4098 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
4036 4099
4037 case SCTP_IERROR_PROTO_VIOLATION: 4100 case SCTP_IERROR_PROTO_VIOLATION:
4038 return sctp_sf_violation_chunklen(ep, asoc, type, arg, 4101 return sctp_sf_violation_chunklen(net, ep, asoc, type, arg,
4039 commands); 4102 commands);
4040 4103
4041 case SCTP_IERROR_NOMEM: 4104 case SCTP_IERROR_NOMEM:
@@ -4084,7 +4147,8 @@ sctp_disposition_t sctp_sf_eat_auth(const struct sctp_endpoint *ep,
4084 * 4147 *
4085 * The return value is the disposition of the chunk. 4148 * The return value is the disposition of the chunk.
4086 */ 4149 */
4087sctp_disposition_t sctp_sf_unk_chunk(const struct sctp_endpoint *ep, 4150sctp_disposition_t sctp_sf_unk_chunk(struct net *net,
4151 const struct sctp_endpoint *ep,
4088 const struct sctp_association *asoc, 4152 const struct sctp_association *asoc,
4089 const sctp_subtype_t type, 4153 const sctp_subtype_t type,
4090 void *arg, 4154 void *arg,
@@ -4097,20 +4161,20 @@ sctp_disposition_t sctp_sf_unk_chunk(const struct sctp_endpoint *ep,
4097 SCTP_DEBUG_PRINTK("Processing the unknown chunk id %d.\n", type.chunk); 4161 SCTP_DEBUG_PRINTK("Processing the unknown chunk id %d.\n", type.chunk);
4098 4162
4099 if (!sctp_vtag_verify(unk_chunk, asoc)) 4163 if (!sctp_vtag_verify(unk_chunk, asoc))
4100 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 4164 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
4101 4165
4102 /* Make sure that the chunk has a valid length. 4166 /* Make sure that the chunk has a valid length.
4103 * Since we don't know the chunk type, we use a general 4167 * Since we don't know the chunk type, we use a general
4104 * chunkhdr structure to make a comparison. 4168 * chunkhdr structure to make a comparison.
4105 */ 4169 */
4106 if (!sctp_chunk_length_valid(unk_chunk, sizeof(sctp_chunkhdr_t))) 4170 if (!sctp_chunk_length_valid(unk_chunk, sizeof(sctp_chunkhdr_t)))
4107 return sctp_sf_violation_chunklen(ep, asoc, type, arg, 4171 return sctp_sf_violation_chunklen(net, ep, asoc, type, arg,
4108 commands); 4172 commands);
4109 4173
4110 switch (type.chunk & SCTP_CID_ACTION_MASK) { 4174 switch (type.chunk & SCTP_CID_ACTION_MASK) {
4111 case SCTP_CID_ACTION_DISCARD: 4175 case SCTP_CID_ACTION_DISCARD:
4112 /* Discard the packet. */ 4176 /* Discard the packet. */
4113 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 4177 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
4114 break; 4178 break;
4115 case SCTP_CID_ACTION_DISCARD_ERR: 4179 case SCTP_CID_ACTION_DISCARD_ERR:
4116 /* Generate an ERROR chunk as response. */ 4180 /* Generate an ERROR chunk as response. */
@@ -4125,7 +4189,7 @@ sctp_disposition_t sctp_sf_unk_chunk(const struct sctp_endpoint *ep,
4125 } 4189 }
4126 4190
4127 /* Discard the packet. */ 4191 /* Discard the packet. */
4128 sctp_sf_pdiscard(ep, asoc, type, arg, commands); 4192 sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
4129 return SCTP_DISPOSITION_CONSUME; 4193 return SCTP_DISPOSITION_CONSUME;
4130 break; 4194 break;
4131 case SCTP_CID_ACTION_SKIP: 4195 case SCTP_CID_ACTION_SKIP:
@@ -4167,7 +4231,8 @@ sctp_disposition_t sctp_sf_unk_chunk(const struct sctp_endpoint *ep,
4167 * 4231 *
4168 * The return value is the disposition of the chunk. 4232 * The return value is the disposition of the chunk.
4169 */ 4233 */
4170sctp_disposition_t sctp_sf_discard_chunk(const struct sctp_endpoint *ep, 4234sctp_disposition_t sctp_sf_discard_chunk(struct net *net,
4235 const struct sctp_endpoint *ep,
4171 const struct sctp_association *asoc, 4236 const struct sctp_association *asoc,
4172 const sctp_subtype_t type, 4237 const sctp_subtype_t type,
4173 void *arg, 4238 void *arg,
@@ -4180,7 +4245,7 @@ sctp_disposition_t sctp_sf_discard_chunk(const struct sctp_endpoint *ep,
4180 * chunkhdr structure to make a comparison. 4245 * chunkhdr structure to make a comparison.
4181 */ 4246 */
4182 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_chunkhdr_t))) 4247 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_chunkhdr_t)))
4183 return sctp_sf_violation_chunklen(ep, asoc, type, arg, 4248 return sctp_sf_violation_chunklen(net, ep, asoc, type, arg,
4184 commands); 4249 commands);
4185 4250
4186 SCTP_DEBUG_PRINTK("Chunk %d is discarded\n", type.chunk); 4251 SCTP_DEBUG_PRINTK("Chunk %d is discarded\n", type.chunk);
@@ -4205,13 +4270,14 @@ sctp_disposition_t sctp_sf_discard_chunk(const struct sctp_endpoint *ep,
4205 * 4270 *
4206 * The return value is the disposition of the chunk. 4271 * The return value is the disposition of the chunk.
4207 */ 4272 */
4208sctp_disposition_t sctp_sf_pdiscard(const struct sctp_endpoint *ep, 4273sctp_disposition_t sctp_sf_pdiscard(struct net *net,
4274 const struct sctp_endpoint *ep,
4209 const struct sctp_association *asoc, 4275 const struct sctp_association *asoc,
4210 const sctp_subtype_t type, 4276 const sctp_subtype_t type,
4211 void *arg, 4277 void *arg,
4212 sctp_cmd_seq_t *commands) 4278 sctp_cmd_seq_t *commands)
4213{ 4279{
4214 SCTP_INC_STATS(SCTP_MIB_IN_PKT_DISCARDS); 4280 SCTP_INC_STATS(net, SCTP_MIB_IN_PKT_DISCARDS);
4215 sctp_add_cmd_sf(commands, SCTP_CMD_DISCARD_PACKET, SCTP_NULL()); 4281 sctp_add_cmd_sf(commands, SCTP_CMD_DISCARD_PACKET, SCTP_NULL());
4216 4282
4217 return SCTP_DISPOSITION_CONSUME; 4283 return SCTP_DISPOSITION_CONSUME;
@@ -4232,7 +4298,8 @@ sctp_disposition_t sctp_sf_pdiscard(const struct sctp_endpoint *ep,
4232 * We simply tag the chunk as a violation. The state machine will log 4298 * We simply tag the chunk as a violation. The state machine will log
4233 * the violation and continue. 4299 * the violation and continue.
4234 */ 4300 */
4235sctp_disposition_t sctp_sf_violation(const struct sctp_endpoint *ep, 4301sctp_disposition_t sctp_sf_violation(struct net *net,
4302 const struct sctp_endpoint *ep,
4236 const struct sctp_association *asoc, 4303 const struct sctp_association *asoc,
4237 const sctp_subtype_t type, 4304 const sctp_subtype_t type,
4238 void *arg, 4305 void *arg,
@@ -4242,7 +4309,7 @@ sctp_disposition_t sctp_sf_violation(const struct sctp_endpoint *ep,
4242 4309
4243 /* Make sure that the chunk has a valid length. */ 4310 /* Make sure that the chunk has a valid length. */
4244 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_chunkhdr_t))) 4311 if (!sctp_chunk_length_valid(chunk, sizeof(sctp_chunkhdr_t)))
4245 return sctp_sf_violation_chunklen(ep, asoc, type, arg, 4312 return sctp_sf_violation_chunklen(net, ep, asoc, type, arg,
4246 commands); 4313 commands);
4247 4314
4248 return SCTP_DISPOSITION_VIOLATION; 4315 return SCTP_DISPOSITION_VIOLATION;
@@ -4252,6 +4319,7 @@ sctp_disposition_t sctp_sf_violation(const struct sctp_endpoint *ep,
4252 * Common function to handle a protocol violation. 4319 * Common function to handle a protocol violation.
4253 */ 4320 */
4254static sctp_disposition_t sctp_sf_abort_violation( 4321static sctp_disposition_t sctp_sf_abort_violation(
4322 struct net *net,
4255 const struct sctp_endpoint *ep, 4323 const struct sctp_endpoint *ep,
4256 const struct sctp_association *asoc, 4324 const struct sctp_association *asoc,
4257 void *arg, 4325 void *arg,
@@ -4302,7 +4370,7 @@ static sctp_disposition_t sctp_sf_abort_violation(
4302 } 4370 }
4303 4371
4304 sctp_add_cmd_sf(commands, SCTP_CMD_REPLY, SCTP_CHUNK(abort)); 4372 sctp_add_cmd_sf(commands, SCTP_CMD_REPLY, SCTP_CHUNK(abort));
4305 SCTP_INC_STATS(SCTP_MIB_OUTCTRLCHUNKS); 4373 SCTP_INC_STATS(net, SCTP_MIB_OUTCTRLCHUNKS);
4306 4374
4307 if (asoc->state <= SCTP_STATE_COOKIE_ECHOED) { 4375 if (asoc->state <= SCTP_STATE_COOKIE_ECHOED) {
4308 sctp_add_cmd_sf(commands, SCTP_CMD_TIMER_STOP, 4376 sctp_add_cmd_sf(commands, SCTP_CMD_TIMER_STOP,
@@ -4316,10 +4384,10 @@ static sctp_disposition_t sctp_sf_abort_violation(
4316 SCTP_ERROR(ECONNABORTED)); 4384 SCTP_ERROR(ECONNABORTED));
4317 sctp_add_cmd_sf(commands, SCTP_CMD_ASSOC_FAILED, 4385 sctp_add_cmd_sf(commands, SCTP_CMD_ASSOC_FAILED,
4318 SCTP_PERR(SCTP_ERROR_PROTO_VIOLATION)); 4386 SCTP_PERR(SCTP_ERROR_PROTO_VIOLATION));
4319 SCTP_DEC_STATS(SCTP_MIB_CURRESTAB); 4387 SCTP_DEC_STATS(net, SCTP_MIB_CURRESTAB);
4320 } 4388 }
4321 } else { 4389 } else {
4322 packet = sctp_ootb_pkt_new(asoc, chunk); 4390 packet = sctp_ootb_pkt_new(net, asoc, chunk);
4323 4391
4324 if (!packet) 4392 if (!packet)
4325 goto nomem_pkt; 4393 goto nomem_pkt;
@@ -4334,13 +4402,13 @@ static sctp_disposition_t sctp_sf_abort_violation(
4334 sctp_add_cmd_sf(commands, SCTP_CMD_SEND_PKT, 4402 sctp_add_cmd_sf(commands, SCTP_CMD_SEND_PKT,
4335 SCTP_PACKET(packet)); 4403 SCTP_PACKET(packet));
4336 4404
4337 SCTP_INC_STATS(SCTP_MIB_OUTCTRLCHUNKS); 4405 SCTP_INC_STATS(net, SCTP_MIB_OUTCTRLCHUNKS);
4338 } 4406 }
4339 4407
4340 SCTP_INC_STATS(SCTP_MIB_ABORTEDS); 4408 SCTP_INC_STATS(net, SCTP_MIB_ABORTEDS);
4341 4409
4342discard: 4410discard:
4343 sctp_sf_pdiscard(ep, asoc, SCTP_ST_CHUNK(0), arg, commands); 4411 sctp_sf_pdiscard(net, ep, asoc, SCTP_ST_CHUNK(0), arg, commands);
4344 return SCTP_DISPOSITION_ABORT; 4412 return SCTP_DISPOSITION_ABORT;
4345 4413
4346nomem_pkt: 4414nomem_pkt:
@@ -4369,6 +4437,7 @@ nomem:
4369 * Generate an ABORT chunk and terminate the association. 4437 * Generate an ABORT chunk and terminate the association.
4370 */ 4438 */
4371static sctp_disposition_t sctp_sf_violation_chunklen( 4439static sctp_disposition_t sctp_sf_violation_chunklen(
4440 struct net *net,
4372 const struct sctp_endpoint *ep, 4441 const struct sctp_endpoint *ep,
4373 const struct sctp_association *asoc, 4442 const struct sctp_association *asoc,
4374 const sctp_subtype_t type, 4443 const sctp_subtype_t type,
@@ -4377,7 +4446,7 @@ static sctp_disposition_t sctp_sf_violation_chunklen(
4377{ 4446{
4378 static const char err_str[]="The following chunk had invalid length:"; 4447 static const char err_str[]="The following chunk had invalid length:";
4379 4448
4380 return sctp_sf_abort_violation(ep, asoc, arg, commands, err_str, 4449 return sctp_sf_abort_violation(net, ep, asoc, arg, commands, err_str,
4381 sizeof(err_str)); 4450 sizeof(err_str));
4382} 4451}
4383 4452
@@ -4388,6 +4457,7 @@ static sctp_disposition_t sctp_sf_violation_chunklen(
4388 * the length is considered as invalid. 4457 * the length is considered as invalid.
4389 */ 4458 */
4390static sctp_disposition_t sctp_sf_violation_paramlen( 4459static sctp_disposition_t sctp_sf_violation_paramlen(
4460 struct net *net,
4391 const struct sctp_endpoint *ep, 4461 const struct sctp_endpoint *ep,
4392 const struct sctp_association *asoc, 4462 const struct sctp_association *asoc,
4393 const sctp_subtype_t type, 4463 const sctp_subtype_t type,
@@ -4407,17 +4477,17 @@ static sctp_disposition_t sctp_sf_violation_paramlen(
4407 goto nomem; 4477 goto nomem;
4408 4478
4409 sctp_add_cmd_sf(commands, SCTP_CMD_REPLY, SCTP_CHUNK(abort)); 4479 sctp_add_cmd_sf(commands, SCTP_CMD_REPLY, SCTP_CHUNK(abort));
4410 SCTP_INC_STATS(SCTP_MIB_OUTCTRLCHUNKS); 4480 SCTP_INC_STATS(net, SCTP_MIB_OUTCTRLCHUNKS);
4411 4481
4412 sctp_add_cmd_sf(commands, SCTP_CMD_SET_SK_ERR, 4482 sctp_add_cmd_sf(commands, SCTP_CMD_SET_SK_ERR,
4413 SCTP_ERROR(ECONNABORTED)); 4483 SCTP_ERROR(ECONNABORTED));
4414 sctp_add_cmd_sf(commands, SCTP_CMD_ASSOC_FAILED, 4484 sctp_add_cmd_sf(commands, SCTP_CMD_ASSOC_FAILED,
4415 SCTP_PERR(SCTP_ERROR_PROTO_VIOLATION)); 4485 SCTP_PERR(SCTP_ERROR_PROTO_VIOLATION));
4416 SCTP_DEC_STATS(SCTP_MIB_CURRESTAB); 4486 SCTP_DEC_STATS(net, SCTP_MIB_CURRESTAB);
4417 SCTP_INC_STATS(SCTP_MIB_ABORTEDS); 4487 SCTP_INC_STATS(net, SCTP_MIB_ABORTEDS);
4418 4488
4419discard: 4489discard:
4420 sctp_sf_pdiscard(ep, asoc, SCTP_ST_CHUNK(0), arg, commands); 4490 sctp_sf_pdiscard(net, ep, asoc, SCTP_ST_CHUNK(0), arg, commands);
4421 return SCTP_DISPOSITION_ABORT; 4491 return SCTP_DISPOSITION_ABORT;
4422nomem: 4492nomem:
4423 return SCTP_DISPOSITION_NOMEM; 4493 return SCTP_DISPOSITION_NOMEM;
@@ -4430,6 +4500,7 @@ nomem:
4430 * error code. 4500 * error code.
4431 */ 4501 */
4432static sctp_disposition_t sctp_sf_violation_ctsn( 4502static sctp_disposition_t sctp_sf_violation_ctsn(
4503 struct net *net,
4433 const struct sctp_endpoint *ep, 4504 const struct sctp_endpoint *ep,
4434 const struct sctp_association *asoc, 4505 const struct sctp_association *asoc,
4435 const sctp_subtype_t type, 4506 const sctp_subtype_t type,
@@ -4438,7 +4509,7 @@ static sctp_disposition_t sctp_sf_violation_ctsn(
4438{ 4509{
4439 static const char err_str[]="The cumulative tsn ack beyond the max tsn currently sent:"; 4510 static const char err_str[]="The cumulative tsn ack beyond the max tsn currently sent:";
4440 4511
4441 return sctp_sf_abort_violation(ep, asoc, arg, commands, err_str, 4512 return sctp_sf_abort_violation(net, ep, asoc, arg, commands, err_str,
4442 sizeof(err_str)); 4513 sizeof(err_str));
4443} 4514}
4444 4515
@@ -4449,6 +4520,7 @@ static sctp_disposition_t sctp_sf_violation_ctsn(
4449 * on the path and we may not want to continue this communication. 4520 * on the path and we may not want to continue this communication.
4450 */ 4521 */
4451static sctp_disposition_t sctp_sf_violation_chunk( 4522static sctp_disposition_t sctp_sf_violation_chunk(
4523 struct net *net,
4452 const struct sctp_endpoint *ep, 4524 const struct sctp_endpoint *ep,
4453 const struct sctp_association *asoc, 4525 const struct sctp_association *asoc,
4454 const sctp_subtype_t type, 4526 const sctp_subtype_t type,
@@ -4458,9 +4530,9 @@ static sctp_disposition_t sctp_sf_violation_chunk(
4458 static const char err_str[]="The following chunk violates protocol:"; 4530 static const char err_str[]="The following chunk violates protocol:";
4459 4531
4460 if (!asoc) 4532 if (!asoc)
4461 return sctp_sf_violation(ep, asoc, type, arg, commands); 4533 return sctp_sf_violation(net, ep, asoc, type, arg, commands);
4462 4534
4463 return sctp_sf_abort_violation(ep, asoc, arg, commands, err_str, 4535 return sctp_sf_abort_violation(net, ep, asoc, arg, commands, err_str,
4464 sizeof(err_str)); 4536 sizeof(err_str));
4465} 4537}
4466/*************************************************************************** 4538/***************************************************************************
@@ -4523,7 +4595,8 @@ static sctp_disposition_t sctp_sf_violation_chunk(
4523 * 4595 *
4524 * The return value is a disposition. 4596 * The return value is a disposition.
4525 */ 4597 */
4526sctp_disposition_t sctp_sf_do_prm_asoc(const struct sctp_endpoint *ep, 4598sctp_disposition_t sctp_sf_do_prm_asoc(struct net *net,
4599 const struct sctp_endpoint *ep,
4527 const struct sctp_association *asoc, 4600 const struct sctp_association *asoc,
4528 const sctp_subtype_t type, 4601 const sctp_subtype_t type,
4529 void *arg, 4602 void *arg,
@@ -4634,7 +4707,8 @@ nomem:
4634 * 4707 *
4635 * The return value is the disposition. 4708 * The return value is the disposition.
4636 */ 4709 */
4637sctp_disposition_t sctp_sf_do_prm_send(const struct sctp_endpoint *ep, 4710sctp_disposition_t sctp_sf_do_prm_send(struct net *net,
4711 const struct sctp_endpoint *ep,
4638 const struct sctp_association *asoc, 4712 const struct sctp_association *asoc,
4639 const sctp_subtype_t type, 4713 const sctp_subtype_t type,
4640 void *arg, 4714 void *arg,
@@ -4673,6 +4747,7 @@ sctp_disposition_t sctp_sf_do_prm_send(const struct sctp_endpoint *ep,
4673 * The return value is the disposition. 4747 * The return value is the disposition.
4674 */ 4748 */
4675sctp_disposition_t sctp_sf_do_9_2_prm_shutdown( 4749sctp_disposition_t sctp_sf_do_9_2_prm_shutdown(
4750 struct net *net,
4676 const struct sctp_endpoint *ep, 4751 const struct sctp_endpoint *ep,
4677 const struct sctp_association *asoc, 4752 const struct sctp_association *asoc,
4678 const sctp_subtype_t type, 4753 const sctp_subtype_t type,
@@ -4694,7 +4769,7 @@ sctp_disposition_t sctp_sf_do_9_2_prm_shutdown(
4694 4769
4695 disposition = SCTP_DISPOSITION_CONSUME; 4770 disposition = SCTP_DISPOSITION_CONSUME;
4696 if (sctp_outq_is_empty(&asoc->outqueue)) { 4771 if (sctp_outq_is_empty(&asoc->outqueue)) {
4697 disposition = sctp_sf_do_9_2_start_shutdown(ep, asoc, type, 4772 disposition = sctp_sf_do_9_2_start_shutdown(net, ep, asoc, type,
4698 arg, commands); 4773 arg, commands);
4699 } 4774 }
4700 return disposition; 4775 return disposition;
@@ -4728,6 +4803,7 @@ sctp_disposition_t sctp_sf_do_9_2_prm_shutdown(
4728 * The return value is the disposition. 4803 * The return value is the disposition.
4729 */ 4804 */
4730sctp_disposition_t sctp_sf_do_9_1_prm_abort( 4805sctp_disposition_t sctp_sf_do_9_1_prm_abort(
4806 struct net *net,
4731 const struct sctp_endpoint *ep, 4807 const struct sctp_endpoint *ep,
4732 const struct sctp_association *asoc, 4808 const struct sctp_association *asoc,
4733 const sctp_subtype_t type, 4809 const sctp_subtype_t type,
@@ -4759,14 +4835,15 @@ sctp_disposition_t sctp_sf_do_9_1_prm_abort(
4759 sctp_add_cmd_sf(commands, SCTP_CMD_ASSOC_FAILED, 4835 sctp_add_cmd_sf(commands, SCTP_CMD_ASSOC_FAILED,
4760 SCTP_PERR(SCTP_ERROR_USER_ABORT)); 4836 SCTP_PERR(SCTP_ERROR_USER_ABORT));
4761 4837
4762 SCTP_INC_STATS(SCTP_MIB_ABORTEDS); 4838 SCTP_INC_STATS(net, SCTP_MIB_ABORTEDS);
4763 SCTP_DEC_STATS(SCTP_MIB_CURRESTAB); 4839 SCTP_DEC_STATS(net, SCTP_MIB_CURRESTAB);
4764 4840
4765 return retval; 4841 return retval;
4766} 4842}
4767 4843
4768/* We tried an illegal operation on an association which is closed. */ 4844/* We tried an illegal operation on an association which is closed. */
4769sctp_disposition_t sctp_sf_error_closed(const struct sctp_endpoint *ep, 4845sctp_disposition_t sctp_sf_error_closed(struct net *net,
4846 const struct sctp_endpoint *ep,
4770 const struct sctp_association *asoc, 4847 const struct sctp_association *asoc,
4771 const sctp_subtype_t type, 4848 const sctp_subtype_t type,
4772 void *arg, 4849 void *arg,
@@ -4779,7 +4856,8 @@ sctp_disposition_t sctp_sf_error_closed(const struct sctp_endpoint *ep,
4779/* We tried an illegal operation on an association which is shutting 4856/* We tried an illegal operation on an association which is shutting
4780 * down. 4857 * down.
4781 */ 4858 */
4782sctp_disposition_t sctp_sf_error_shutdown(const struct sctp_endpoint *ep, 4859sctp_disposition_t sctp_sf_error_shutdown(struct net *net,
4860 const struct sctp_endpoint *ep,
4783 const struct sctp_association *asoc, 4861 const struct sctp_association *asoc,
4784 const sctp_subtype_t type, 4862 const sctp_subtype_t type,
4785 void *arg, 4863 void *arg,
@@ -4805,6 +4883,7 @@ sctp_disposition_t sctp_sf_error_shutdown(const struct sctp_endpoint *ep,
4805 * (timers) 4883 * (timers)
4806 */ 4884 */
4807sctp_disposition_t sctp_sf_cookie_wait_prm_shutdown( 4885sctp_disposition_t sctp_sf_cookie_wait_prm_shutdown(
4886 struct net *net,
4808 const struct sctp_endpoint *ep, 4887 const struct sctp_endpoint *ep,
4809 const struct sctp_association *asoc, 4888 const struct sctp_association *asoc,
4810 const sctp_subtype_t type, 4889 const sctp_subtype_t type,
@@ -4817,7 +4896,7 @@ sctp_disposition_t sctp_sf_cookie_wait_prm_shutdown(
4817 sctp_add_cmd_sf(commands, SCTP_CMD_NEW_STATE, 4896 sctp_add_cmd_sf(commands, SCTP_CMD_NEW_STATE,
4818 SCTP_STATE(SCTP_STATE_CLOSED)); 4897 SCTP_STATE(SCTP_STATE_CLOSED));
4819 4898
4820 SCTP_INC_STATS(SCTP_MIB_SHUTDOWNS); 4899 SCTP_INC_STATS(net, SCTP_MIB_SHUTDOWNS);
4821 4900
4822 sctp_add_cmd_sf(commands, SCTP_CMD_DELETE_TCB, SCTP_NULL()); 4901 sctp_add_cmd_sf(commands, SCTP_CMD_DELETE_TCB, SCTP_NULL());
4823 4902
@@ -4839,6 +4918,7 @@ sctp_disposition_t sctp_sf_cookie_wait_prm_shutdown(
4839 * (timers) 4918 * (timers)
4840 */ 4919 */
4841sctp_disposition_t sctp_sf_cookie_echoed_prm_shutdown( 4920sctp_disposition_t sctp_sf_cookie_echoed_prm_shutdown(
4921 struct net *net,
4842 const struct sctp_endpoint *ep, 4922 const struct sctp_endpoint *ep,
4843 const struct sctp_association *asoc, 4923 const struct sctp_association *asoc,
4844 const sctp_subtype_t type, 4924 const sctp_subtype_t type,
@@ -4847,7 +4927,7 @@ sctp_disposition_t sctp_sf_cookie_echoed_prm_shutdown(
4847 /* There is a single T1 timer, so we should be able to use 4927 /* There is a single T1 timer, so we should be able to use
4848 * common function with the COOKIE-WAIT state. 4928 * common function with the COOKIE-WAIT state.
4849 */ 4929 */
4850 return sctp_sf_cookie_wait_prm_shutdown(ep, asoc, type, arg, commands); 4930 return sctp_sf_cookie_wait_prm_shutdown(net, ep, asoc, type, arg, commands);
4851} 4931}
4852 4932
4853/* 4933/*
@@ -4865,6 +4945,7 @@ sctp_disposition_t sctp_sf_cookie_echoed_prm_shutdown(
4865 * (timers) 4945 * (timers)
4866 */ 4946 */
4867sctp_disposition_t sctp_sf_cookie_wait_prm_abort( 4947sctp_disposition_t sctp_sf_cookie_wait_prm_abort(
4948 struct net *net,
4868 const struct sctp_endpoint *ep, 4949 const struct sctp_endpoint *ep,
4869 const struct sctp_association *asoc, 4950 const struct sctp_association *asoc,
4870 const sctp_subtype_t type, 4951 const sctp_subtype_t type,
@@ -4884,7 +4965,7 @@ sctp_disposition_t sctp_sf_cookie_wait_prm_abort(
4884 sctp_add_cmd_sf(commands, SCTP_CMD_NEW_STATE, 4965 sctp_add_cmd_sf(commands, SCTP_CMD_NEW_STATE,
4885 SCTP_STATE(SCTP_STATE_CLOSED)); 4966 SCTP_STATE(SCTP_STATE_CLOSED));
4886 4967
4887 SCTP_INC_STATS(SCTP_MIB_ABORTEDS); 4968 SCTP_INC_STATS(net, SCTP_MIB_ABORTEDS);
4888 4969
4889 /* Even if we can't send the ABORT due to low memory delete the 4970 /* Even if we can't send the ABORT due to low memory delete the
4890 * TCB. This is a departure from our typical NOMEM handling. 4971 * TCB. This is a departure from our typical NOMEM handling.
@@ -4914,6 +4995,7 @@ sctp_disposition_t sctp_sf_cookie_wait_prm_abort(
4914 * (timers) 4995 * (timers)
4915 */ 4996 */
4916sctp_disposition_t sctp_sf_cookie_echoed_prm_abort( 4997sctp_disposition_t sctp_sf_cookie_echoed_prm_abort(
4998 struct net *net,
4917 const struct sctp_endpoint *ep, 4999 const struct sctp_endpoint *ep,
4918 const struct sctp_association *asoc, 5000 const struct sctp_association *asoc,
4919 const sctp_subtype_t type, 5001 const sctp_subtype_t type,
@@ -4923,7 +5005,7 @@ sctp_disposition_t sctp_sf_cookie_echoed_prm_abort(
4923 /* There is a single T1 timer, so we should be able to use 5005 /* There is a single T1 timer, so we should be able to use
4924 * common function with the COOKIE-WAIT state. 5006 * common function with the COOKIE-WAIT state.
4925 */ 5007 */
4926 return sctp_sf_cookie_wait_prm_abort(ep, asoc, type, arg, commands); 5008 return sctp_sf_cookie_wait_prm_abort(net, ep, asoc, type, arg, commands);
4927} 5009}
4928 5010
4929/* 5011/*
@@ -4939,6 +5021,7 @@ sctp_disposition_t sctp_sf_cookie_echoed_prm_abort(
4939 * (timers) 5021 * (timers)
4940 */ 5022 */
4941sctp_disposition_t sctp_sf_shutdown_pending_prm_abort( 5023sctp_disposition_t sctp_sf_shutdown_pending_prm_abort(
5024 struct net *net,
4942 const struct sctp_endpoint *ep, 5025 const struct sctp_endpoint *ep,
4943 const struct sctp_association *asoc, 5026 const struct sctp_association *asoc,
4944 const sctp_subtype_t type, 5027 const sctp_subtype_t type,
@@ -4949,7 +5032,7 @@ sctp_disposition_t sctp_sf_shutdown_pending_prm_abort(
4949 sctp_add_cmd_sf(commands, SCTP_CMD_TIMER_STOP, 5032 sctp_add_cmd_sf(commands, SCTP_CMD_TIMER_STOP,
4950 SCTP_TO(SCTP_EVENT_TIMEOUT_T5_SHUTDOWN_GUARD)); 5033 SCTP_TO(SCTP_EVENT_TIMEOUT_T5_SHUTDOWN_GUARD));
4951 5034
4952 return sctp_sf_do_9_1_prm_abort(ep, asoc, type, arg, commands); 5035 return sctp_sf_do_9_1_prm_abort(net, ep, asoc, type, arg, commands);
4953} 5036}
4954 5037
4955/* 5038/*
@@ -4965,6 +5048,7 @@ sctp_disposition_t sctp_sf_shutdown_pending_prm_abort(
4965 * (timers) 5048 * (timers)
4966 */ 5049 */
4967sctp_disposition_t sctp_sf_shutdown_sent_prm_abort( 5050sctp_disposition_t sctp_sf_shutdown_sent_prm_abort(
5051 struct net *net,
4968 const struct sctp_endpoint *ep, 5052 const struct sctp_endpoint *ep,
4969 const struct sctp_association *asoc, 5053 const struct sctp_association *asoc,
4970 const sctp_subtype_t type, 5054 const sctp_subtype_t type,
@@ -4979,7 +5063,7 @@ sctp_disposition_t sctp_sf_shutdown_sent_prm_abort(
4979 sctp_add_cmd_sf(commands, SCTP_CMD_TIMER_STOP, 5063 sctp_add_cmd_sf(commands, SCTP_CMD_TIMER_STOP,
4980 SCTP_TO(SCTP_EVENT_TIMEOUT_T5_SHUTDOWN_GUARD)); 5064 SCTP_TO(SCTP_EVENT_TIMEOUT_T5_SHUTDOWN_GUARD));
4981 5065
4982 return sctp_sf_do_9_1_prm_abort(ep, asoc, type, arg, commands); 5066 return sctp_sf_do_9_1_prm_abort(net, ep, asoc, type, arg, commands);
4983} 5067}
4984 5068
4985/* 5069/*
@@ -4995,6 +5079,7 @@ sctp_disposition_t sctp_sf_shutdown_sent_prm_abort(
4995 * (timers) 5079 * (timers)
4996 */ 5080 */
4997sctp_disposition_t sctp_sf_shutdown_ack_sent_prm_abort( 5081sctp_disposition_t sctp_sf_shutdown_ack_sent_prm_abort(
5082 struct net *net,
4998 const struct sctp_endpoint *ep, 5083 const struct sctp_endpoint *ep,
4999 const struct sctp_association *asoc, 5084 const struct sctp_association *asoc,
5000 const sctp_subtype_t type, 5085 const sctp_subtype_t type,
@@ -5004,7 +5089,7 @@ sctp_disposition_t sctp_sf_shutdown_ack_sent_prm_abort(
5004 /* The same T2 timer, so we should be able to use 5089 /* The same T2 timer, so we should be able to use
5005 * common function with the SHUTDOWN-SENT state. 5090 * common function with the SHUTDOWN-SENT state.
5006 */ 5091 */
5007 return sctp_sf_shutdown_sent_prm_abort(ep, asoc, type, arg, commands); 5092 return sctp_sf_shutdown_sent_prm_abort(net, ep, asoc, type, arg, commands);
5008} 5093}
5009 5094
5010/* 5095/*
@@ -5030,6 +5115,7 @@ sctp_disposition_t sctp_sf_shutdown_ack_sent_prm_abort(
5030 * association on which a heartbeat should be issued. 5115 * association on which a heartbeat should be issued.
5031 */ 5116 */
5032sctp_disposition_t sctp_sf_do_prm_requestheartbeat( 5117sctp_disposition_t sctp_sf_do_prm_requestheartbeat(
5118 struct net *net,
5033 const struct sctp_endpoint *ep, 5119 const struct sctp_endpoint *ep,
5034 const struct sctp_association *asoc, 5120 const struct sctp_association *asoc,
5035 const sctp_subtype_t type, 5121 const sctp_subtype_t type,
@@ -5061,7 +5147,8 @@ sctp_disposition_t sctp_sf_do_prm_requestheartbeat(
5061 * When an endpoint has an ASCONF signaled change to be sent to the 5147 * When an endpoint has an ASCONF signaled change to be sent to the
5062 * remote endpoint it should do A1 to A9 5148 * remote endpoint it should do A1 to A9
5063 */ 5149 */
5064sctp_disposition_t sctp_sf_do_prm_asconf(const struct sctp_endpoint *ep, 5150sctp_disposition_t sctp_sf_do_prm_asconf(struct net *net,
5151 const struct sctp_endpoint *ep,
5065 const struct sctp_association *asoc, 5152 const struct sctp_association *asoc,
5066 const sctp_subtype_t type, 5153 const sctp_subtype_t type,
5067 void *arg, 5154 void *arg,
@@ -5082,6 +5169,7 @@ sctp_disposition_t sctp_sf_do_prm_asconf(const struct sctp_endpoint *ep,
5082 * The return value is the disposition of the primitive. 5169 * The return value is the disposition of the primitive.
5083 */ 5170 */
5084sctp_disposition_t sctp_sf_ignore_primitive( 5171sctp_disposition_t sctp_sf_ignore_primitive(
5172 struct net *net,
5085 const struct sctp_endpoint *ep, 5173 const struct sctp_endpoint *ep,
5086 const struct sctp_association *asoc, 5174 const struct sctp_association *asoc,
5087 const sctp_subtype_t type, 5175 const sctp_subtype_t type,
@@ -5103,6 +5191,7 @@ sctp_disposition_t sctp_sf_ignore_primitive(
5103 * retransmit, the stack will immediately send up this notification. 5191 * retransmit, the stack will immediately send up this notification.
5104 */ 5192 */
5105sctp_disposition_t sctp_sf_do_no_pending_tsn( 5193sctp_disposition_t sctp_sf_do_no_pending_tsn(
5194 struct net *net,
5106 const struct sctp_endpoint *ep, 5195 const struct sctp_endpoint *ep,
5107 const struct sctp_association *asoc, 5196 const struct sctp_association *asoc,
5108 const sctp_subtype_t type, 5197 const sctp_subtype_t type,
@@ -5134,6 +5223,7 @@ sctp_disposition_t sctp_sf_do_no_pending_tsn(
5134 * The return value is the disposition. 5223 * The return value is the disposition.
5135 */ 5224 */
5136sctp_disposition_t sctp_sf_do_9_2_start_shutdown( 5225sctp_disposition_t sctp_sf_do_9_2_start_shutdown(
5226 struct net *net,
5137 const struct sctp_endpoint *ep, 5227 const struct sctp_endpoint *ep,
5138 const struct sctp_association *asoc, 5228 const struct sctp_association *asoc,
5139 const sctp_subtype_t type, 5229 const sctp_subtype_t type,
@@ -5203,6 +5293,7 @@ nomem:
5203 * The return value is the disposition. 5293 * The return value is the disposition.
5204 */ 5294 */
5205sctp_disposition_t sctp_sf_do_9_2_shutdown_ack( 5295sctp_disposition_t sctp_sf_do_9_2_shutdown_ack(
5296 struct net *net,
5206 const struct sctp_endpoint *ep, 5297 const struct sctp_endpoint *ep,
5207 const struct sctp_association *asoc, 5298 const struct sctp_association *asoc,
5208 const sctp_subtype_t type, 5299 const sctp_subtype_t type,
@@ -5221,11 +5312,11 @@ sctp_disposition_t sctp_sf_do_9_2_shutdown_ack(
5221 */ 5312 */
5222 if (chunk) { 5313 if (chunk) {
5223 if (!sctp_vtag_verify(chunk, asoc)) 5314 if (!sctp_vtag_verify(chunk, asoc))
5224 return sctp_sf_pdiscard(ep, asoc, type, arg, commands); 5315 return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
5225 5316
5226 /* Make sure that the SHUTDOWN chunk has a valid length. */ 5317 /* Make sure that the SHUTDOWN chunk has a valid length. */
5227 if (!sctp_chunk_length_valid(chunk, sizeof(struct sctp_shutdown_chunk_t))) 5318 if (!sctp_chunk_length_valid(chunk, sizeof(struct sctp_shutdown_chunk_t)))
5228 return sctp_sf_violation_chunklen(ep, asoc, type, arg, 5319 return sctp_sf_violation_chunklen(net, ep, asoc, type, arg,
5229 commands); 5320 commands);
5230 } 5321 }
5231 5322
@@ -5273,7 +5364,8 @@ nomem:
5273 * 5364 *
5274 * The return value is the disposition of the event. 5365 * The return value is the disposition of the event.
5275 */ 5366 */
5276sctp_disposition_t sctp_sf_ignore_other(const struct sctp_endpoint *ep, 5367sctp_disposition_t sctp_sf_ignore_other(struct net *net,
5368 const struct sctp_endpoint *ep,
5277 const struct sctp_association *asoc, 5369 const struct sctp_association *asoc,
5278 const sctp_subtype_t type, 5370 const sctp_subtype_t type,
5279 void *arg, 5371 void *arg,
@@ -5298,7 +5390,8 @@ sctp_disposition_t sctp_sf_ignore_other(const struct sctp_endpoint *ep,
5298 * 5390 *
5299 * The return value is the disposition of the chunk. 5391 * The return value is the disposition of the chunk.
5300 */ 5392 */
5301sctp_disposition_t sctp_sf_do_6_3_3_rtx(const struct sctp_endpoint *ep, 5393sctp_disposition_t sctp_sf_do_6_3_3_rtx(struct net *net,
5394 const struct sctp_endpoint *ep,
5302 const struct sctp_association *asoc, 5395 const struct sctp_association *asoc,
5303 const sctp_subtype_t type, 5396 const sctp_subtype_t type,
5304 void *arg, 5397 void *arg,
@@ -5306,7 +5399,7 @@ sctp_disposition_t sctp_sf_do_6_3_3_rtx(const struct sctp_endpoint *ep,
5306{ 5399{
5307 struct sctp_transport *transport = arg; 5400 struct sctp_transport *transport = arg;
5308 5401
5309 SCTP_INC_STATS(SCTP_MIB_T3_RTX_EXPIREDS); 5402 SCTP_INC_STATS(net, SCTP_MIB_T3_RTX_EXPIREDS);
5310 5403
5311 if (asoc->overall_error_count >= asoc->max_retrans) { 5404 if (asoc->overall_error_count >= asoc->max_retrans) {
5312 if (asoc->state == SCTP_STATE_SHUTDOWN_PENDING) { 5405 if (asoc->state == SCTP_STATE_SHUTDOWN_PENDING) {
@@ -5327,8 +5420,8 @@ sctp_disposition_t sctp_sf_do_6_3_3_rtx(const struct sctp_endpoint *ep,
5327 /* CMD_ASSOC_FAILED calls CMD_DELETE_TCB. */ 5420 /* CMD_ASSOC_FAILED calls CMD_DELETE_TCB. */
5328 sctp_add_cmd_sf(commands, SCTP_CMD_ASSOC_FAILED, 5421 sctp_add_cmd_sf(commands, SCTP_CMD_ASSOC_FAILED,
5329 SCTP_PERR(SCTP_ERROR_NO_ERROR)); 5422 SCTP_PERR(SCTP_ERROR_NO_ERROR));
5330 SCTP_INC_STATS(SCTP_MIB_ABORTEDS); 5423 SCTP_INC_STATS(net, SCTP_MIB_ABORTEDS);
5331 SCTP_DEC_STATS(SCTP_MIB_CURRESTAB); 5424 SCTP_DEC_STATS(net, SCTP_MIB_CURRESTAB);
5332 return SCTP_DISPOSITION_DELETE_TCB; 5425 return SCTP_DISPOSITION_DELETE_TCB;
5333 } 5426 }
5334 } 5427 }
@@ -5384,13 +5477,14 @@ sctp_disposition_t sctp_sf_do_6_3_3_rtx(const struct sctp_endpoint *ep,
5384 * allow. However, an SCTP transmitter MUST NOT be more aggressive than 5477 * allow. However, an SCTP transmitter MUST NOT be more aggressive than
5385 * the following algorithms allow. 5478 * the following algorithms allow.
5386 */ 5479 */
5387sctp_disposition_t sctp_sf_do_6_2_sack(const struct sctp_endpoint *ep, 5480sctp_disposition_t sctp_sf_do_6_2_sack(struct net *net,
5481 const struct sctp_endpoint *ep,
5388 const struct sctp_association *asoc, 5482 const struct sctp_association *asoc,
5389 const sctp_subtype_t type, 5483 const sctp_subtype_t type,
5390 void *arg, 5484 void *arg,
5391 sctp_cmd_seq_t *commands) 5485 sctp_cmd_seq_t *commands)
5392{ 5486{
5393 SCTP_INC_STATS(SCTP_MIB_DELAY_SACK_EXPIREDS); 5487 SCTP_INC_STATS(net, SCTP_MIB_DELAY_SACK_EXPIREDS);
5394 sctp_add_cmd_sf(commands, SCTP_CMD_GEN_SACK, SCTP_FORCE()); 5488 sctp_add_cmd_sf(commands, SCTP_CMD_GEN_SACK, SCTP_FORCE());
5395 return SCTP_DISPOSITION_CONSUME; 5489 return SCTP_DISPOSITION_CONSUME;
5396} 5490}
@@ -5414,7 +5508,8 @@ sctp_disposition_t sctp_sf_do_6_2_sack(const struct sctp_endpoint *ep,
5414 * (timers, events) 5508 * (timers, events)
5415 * 5509 *
5416 */ 5510 */
5417sctp_disposition_t sctp_sf_t1_init_timer_expire(const struct sctp_endpoint *ep, 5511sctp_disposition_t sctp_sf_t1_init_timer_expire(struct net *net,
5512 const struct sctp_endpoint *ep,
5418 const struct sctp_association *asoc, 5513 const struct sctp_association *asoc,
5419 const sctp_subtype_t type, 5514 const sctp_subtype_t type,
5420 void *arg, 5515 void *arg,
@@ -5425,7 +5520,7 @@ sctp_disposition_t sctp_sf_t1_init_timer_expire(const struct sctp_endpoint *ep,
5425 int attempts = asoc->init_err_counter + 1; 5520 int attempts = asoc->init_err_counter + 1;
5426 5521
5427 SCTP_DEBUG_PRINTK("Timer T1 expired (INIT).\n"); 5522 SCTP_DEBUG_PRINTK("Timer T1 expired (INIT).\n");
5428 SCTP_INC_STATS(SCTP_MIB_T1_INIT_EXPIREDS); 5523 SCTP_INC_STATS(net, SCTP_MIB_T1_INIT_EXPIREDS);
5429 5524
5430 if (attempts <= asoc->max_init_attempts) { 5525 if (attempts <= asoc->max_init_attempts) {
5431 bp = (struct sctp_bind_addr *) &asoc->base.bind_addr; 5526 bp = (struct sctp_bind_addr *) &asoc->base.bind_addr;
@@ -5475,7 +5570,8 @@ sctp_disposition_t sctp_sf_t1_init_timer_expire(const struct sctp_endpoint *ep,
5475 * (timers, events) 5570 * (timers, events)
5476 * 5571 *
5477 */ 5572 */
5478sctp_disposition_t sctp_sf_t1_cookie_timer_expire(const struct sctp_endpoint *ep, 5573sctp_disposition_t sctp_sf_t1_cookie_timer_expire(struct net *net,
5574 const struct sctp_endpoint *ep,
5479 const struct sctp_association *asoc, 5575 const struct sctp_association *asoc,
5480 const sctp_subtype_t type, 5576 const sctp_subtype_t type,
5481 void *arg, 5577 void *arg,
@@ -5485,7 +5581,7 @@ sctp_disposition_t sctp_sf_t1_cookie_timer_expire(const struct sctp_endpoint *ep
5485 int attempts = asoc->init_err_counter + 1; 5581 int attempts = asoc->init_err_counter + 1;
5486 5582
5487 SCTP_DEBUG_PRINTK("Timer T1 expired (COOKIE-ECHO).\n"); 5583 SCTP_DEBUG_PRINTK("Timer T1 expired (COOKIE-ECHO).\n");
5488 SCTP_INC_STATS(SCTP_MIB_T1_COOKIE_EXPIREDS); 5584 SCTP_INC_STATS(net, SCTP_MIB_T1_COOKIE_EXPIREDS);
5489 5585
5490 if (attempts <= asoc->max_init_attempts) { 5586 if (attempts <= asoc->max_init_attempts) {
5491 repl = sctp_make_cookie_echo(asoc, NULL); 5587 repl = sctp_make_cookie_echo(asoc, NULL);
@@ -5523,7 +5619,8 @@ sctp_disposition_t sctp_sf_t1_cookie_timer_expire(const struct sctp_endpoint *ep
5523 * the T2-Shutdown timer, giving its peer ample opportunity to transmit 5619 * the T2-Shutdown timer, giving its peer ample opportunity to transmit
5524 * all of its queued DATA chunks that have not yet been sent. 5620 * all of its queued DATA chunks that have not yet been sent.
5525 */ 5621 */
5526sctp_disposition_t sctp_sf_t2_timer_expire(const struct sctp_endpoint *ep, 5622sctp_disposition_t sctp_sf_t2_timer_expire(struct net *net,
5623 const struct sctp_endpoint *ep,
5527 const struct sctp_association *asoc, 5624 const struct sctp_association *asoc,
5528 const sctp_subtype_t type, 5625 const sctp_subtype_t type,
5529 void *arg, 5626 void *arg,
@@ -5532,7 +5629,7 @@ sctp_disposition_t sctp_sf_t2_timer_expire(const struct sctp_endpoint *ep,
5532 struct sctp_chunk *reply = NULL; 5629 struct sctp_chunk *reply = NULL;
5533 5630
5534 SCTP_DEBUG_PRINTK("Timer T2 expired.\n"); 5631 SCTP_DEBUG_PRINTK("Timer T2 expired.\n");
5535 SCTP_INC_STATS(SCTP_MIB_T2_SHUTDOWN_EXPIREDS); 5632 SCTP_INC_STATS(net, SCTP_MIB_T2_SHUTDOWN_EXPIREDS);
5536 5633
5537 ((struct sctp_association *)asoc)->shutdown_retries++; 5634 ((struct sctp_association *)asoc)->shutdown_retries++;
5538 5635
@@ -5542,8 +5639,8 @@ sctp_disposition_t sctp_sf_t2_timer_expire(const struct sctp_endpoint *ep,
5542 /* Note: CMD_ASSOC_FAILED calls CMD_DELETE_TCB. */ 5639 /* Note: CMD_ASSOC_FAILED calls CMD_DELETE_TCB. */
5543 sctp_add_cmd_sf(commands, SCTP_CMD_ASSOC_FAILED, 5640 sctp_add_cmd_sf(commands, SCTP_CMD_ASSOC_FAILED,
5544 SCTP_PERR(SCTP_ERROR_NO_ERROR)); 5641 SCTP_PERR(SCTP_ERROR_NO_ERROR));
5545 SCTP_INC_STATS(SCTP_MIB_ABORTEDS); 5642 SCTP_INC_STATS(net, SCTP_MIB_ABORTEDS);
5546 SCTP_DEC_STATS(SCTP_MIB_CURRESTAB); 5643 SCTP_DEC_STATS(net, SCTP_MIB_CURRESTAB);
5547 return SCTP_DISPOSITION_DELETE_TCB; 5644 return SCTP_DISPOSITION_DELETE_TCB;
5548 } 5645 }
5549 5646
@@ -5592,6 +5689,7 @@ nomem:
5592 * If the T4 RTO timer expires the endpoint should do B1 to B5 5689 * If the T4 RTO timer expires the endpoint should do B1 to B5
5593 */ 5690 */
5594sctp_disposition_t sctp_sf_t4_timer_expire( 5691sctp_disposition_t sctp_sf_t4_timer_expire(
5692 struct net *net,
5595 const struct sctp_endpoint *ep, 5693 const struct sctp_endpoint *ep,
5596 const struct sctp_association *asoc, 5694 const struct sctp_association *asoc,
5597 const sctp_subtype_t type, 5695 const sctp_subtype_t type,
@@ -5601,7 +5699,7 @@ sctp_disposition_t sctp_sf_t4_timer_expire(
5601 struct sctp_chunk *chunk = asoc->addip_last_asconf; 5699 struct sctp_chunk *chunk = asoc->addip_last_asconf;
5602 struct sctp_transport *transport = chunk->transport; 5700 struct sctp_transport *transport = chunk->transport;
5603 5701
5604 SCTP_INC_STATS(SCTP_MIB_T4_RTO_EXPIREDS); 5702 SCTP_INC_STATS(net, SCTP_MIB_T4_RTO_EXPIREDS);
5605 5703
5606 /* ADDIP 4.1 B1) Increment the error counters and perform path failure 5704 /* ADDIP 4.1 B1) Increment the error counters and perform path failure
5607 * detection on the appropriate destination address as defined in 5705 * detection on the appropriate destination address as defined in
@@ -5626,8 +5724,8 @@ sctp_disposition_t sctp_sf_t4_timer_expire(
5626 SCTP_ERROR(ETIMEDOUT)); 5724 SCTP_ERROR(ETIMEDOUT));
5627 sctp_add_cmd_sf(commands, SCTP_CMD_ASSOC_FAILED, 5725 sctp_add_cmd_sf(commands, SCTP_CMD_ASSOC_FAILED,
5628 SCTP_PERR(SCTP_ERROR_NO_ERROR)); 5726 SCTP_PERR(SCTP_ERROR_NO_ERROR));
5629 SCTP_INC_STATS(SCTP_MIB_ABORTEDS); 5727 SCTP_INC_STATS(net, SCTP_MIB_ABORTEDS);
5630 SCTP_DEC_STATS(SCTP_MIB_CURRESTAB); 5728 SCTP_DEC_STATS(net, SCTP_MIB_CURRESTAB);
5631 return SCTP_DISPOSITION_ABORT; 5729 return SCTP_DISPOSITION_ABORT;
5632 } 5730 }
5633 5731
@@ -5662,7 +5760,8 @@ sctp_disposition_t sctp_sf_t4_timer_expire(
5662 * At the expiration of this timer the sender SHOULD abort the association 5760 * At the expiration of this timer the sender SHOULD abort the association
5663 * by sending an ABORT chunk. 5761 * by sending an ABORT chunk.
5664 */ 5762 */
5665sctp_disposition_t sctp_sf_t5_timer_expire(const struct sctp_endpoint *ep, 5763sctp_disposition_t sctp_sf_t5_timer_expire(struct net *net,
5764 const struct sctp_endpoint *ep,
5666 const struct sctp_association *asoc, 5765 const struct sctp_association *asoc,
5667 const sctp_subtype_t type, 5766 const sctp_subtype_t type,
5668 void *arg, 5767 void *arg,
@@ -5671,7 +5770,7 @@ sctp_disposition_t sctp_sf_t5_timer_expire(const struct sctp_endpoint *ep,
5671 struct sctp_chunk *reply = NULL; 5770 struct sctp_chunk *reply = NULL;
5672 5771
5673 SCTP_DEBUG_PRINTK("Timer T5 expired.\n"); 5772 SCTP_DEBUG_PRINTK("Timer T5 expired.\n");
5674 SCTP_INC_STATS(SCTP_MIB_T5_SHUTDOWN_GUARD_EXPIREDS); 5773 SCTP_INC_STATS(net, SCTP_MIB_T5_SHUTDOWN_GUARD_EXPIREDS);
5675 5774
5676 reply = sctp_make_abort(asoc, NULL, 0); 5775 reply = sctp_make_abort(asoc, NULL, 0);
5677 if (!reply) 5776 if (!reply)
@@ -5683,8 +5782,8 @@ sctp_disposition_t sctp_sf_t5_timer_expire(const struct sctp_endpoint *ep,
5683 sctp_add_cmd_sf(commands, SCTP_CMD_ASSOC_FAILED, 5782 sctp_add_cmd_sf(commands, SCTP_CMD_ASSOC_FAILED,
5684 SCTP_PERR(SCTP_ERROR_NO_ERROR)); 5783 SCTP_PERR(SCTP_ERROR_NO_ERROR));
5685 5784
5686 SCTP_INC_STATS(SCTP_MIB_ABORTEDS); 5785 SCTP_INC_STATS(net, SCTP_MIB_ABORTEDS);
5687 SCTP_DEC_STATS(SCTP_MIB_CURRESTAB); 5786 SCTP_DEC_STATS(net, SCTP_MIB_CURRESTAB);
5688 5787
5689 return SCTP_DISPOSITION_DELETE_TCB; 5788 return SCTP_DISPOSITION_DELETE_TCB;
5690nomem: 5789nomem:
@@ -5697,6 +5796,7 @@ nomem:
5697 * the user. So this routine looks same as sctp_sf_do_9_2_prm_shutdown(). 5796 * the user. So this routine looks same as sctp_sf_do_9_2_prm_shutdown().
5698 */ 5797 */
5699sctp_disposition_t sctp_sf_autoclose_timer_expire( 5798sctp_disposition_t sctp_sf_autoclose_timer_expire(
5799 struct net *net,
5700 const struct sctp_endpoint *ep, 5800 const struct sctp_endpoint *ep,
5701 const struct sctp_association *asoc, 5801 const struct sctp_association *asoc,
5702 const sctp_subtype_t type, 5802 const sctp_subtype_t type,
@@ -5705,7 +5805,7 @@ sctp_disposition_t sctp_sf_autoclose_timer_expire(
5705{ 5805{
5706 int disposition; 5806 int disposition;
5707 5807
5708 SCTP_INC_STATS(SCTP_MIB_AUTOCLOSE_EXPIREDS); 5808 SCTP_INC_STATS(net, SCTP_MIB_AUTOCLOSE_EXPIREDS);
5709 5809
5710 /* From 9.2 Shutdown of an Association 5810 /* From 9.2 Shutdown of an Association
5711 * Upon receipt of the SHUTDOWN primitive from its upper 5811 * Upon receipt of the SHUTDOWN primitive from its upper
@@ -5720,7 +5820,7 @@ sctp_disposition_t sctp_sf_autoclose_timer_expire(
5720 5820
5721 disposition = SCTP_DISPOSITION_CONSUME; 5821 disposition = SCTP_DISPOSITION_CONSUME;
5722 if (sctp_outq_is_empty(&asoc->outqueue)) { 5822 if (sctp_outq_is_empty(&asoc->outqueue)) {
5723 disposition = sctp_sf_do_9_2_start_shutdown(ep, asoc, type, 5823 disposition = sctp_sf_do_9_2_start_shutdown(net, ep, asoc, type,
5724 arg, commands); 5824 arg, commands);
5725 } 5825 }
5726 return disposition; 5826 return disposition;
@@ -5738,7 +5838,8 @@ sctp_disposition_t sctp_sf_autoclose_timer_expire(
5738 * 5838 *
5739 * The return value is the disposition of the chunk. 5839 * The return value is the disposition of the chunk.
5740 */ 5840 */
5741sctp_disposition_t sctp_sf_not_impl(const struct sctp_endpoint *ep, 5841sctp_disposition_t sctp_sf_not_impl(struct net *net,
5842 const struct sctp_endpoint *ep,
5742 const struct sctp_association *asoc, 5843 const struct sctp_association *asoc,
5743 const sctp_subtype_t type, 5844 const sctp_subtype_t type,
5744 void *arg, 5845 void *arg,
@@ -5755,7 +5856,8 @@ sctp_disposition_t sctp_sf_not_impl(const struct sctp_endpoint *ep,
5755 * 5856 *
5756 * The return value is the disposition of the chunk. 5857 * The return value is the disposition of the chunk.
5757 */ 5858 */
5758sctp_disposition_t sctp_sf_bug(const struct sctp_endpoint *ep, 5859sctp_disposition_t sctp_sf_bug(struct net *net,
5860 const struct sctp_endpoint *ep,
5759 const struct sctp_association *asoc, 5861 const struct sctp_association *asoc,
5760 const sctp_subtype_t type, 5862 const sctp_subtype_t type,
5761 void *arg, 5863 void *arg,
@@ -5775,7 +5877,8 @@ sctp_disposition_t sctp_sf_bug(const struct sctp_endpoint *ep,
5775 * 5877 *
5776 * The return value is the disposition of the chunk. 5878 * The return value is the disposition of the chunk.
5777 */ 5879 */
5778sctp_disposition_t sctp_sf_timer_ignore(const struct sctp_endpoint *ep, 5880sctp_disposition_t sctp_sf_timer_ignore(struct net *net,
5881 const struct sctp_endpoint *ep,
5779 const struct sctp_association *asoc, 5882 const struct sctp_association *asoc,
5780 const sctp_subtype_t type, 5883 const sctp_subtype_t type,
5781 void *arg, 5884 void *arg,
@@ -5817,7 +5920,8 @@ static struct sctp_sackhdr *sctp_sm_pull_sack(struct sctp_chunk *chunk)
5817/* Create an ABORT packet to be sent as a response, with the specified 5920/* Create an ABORT packet to be sent as a response, with the specified
5818 * error causes. 5921 * error causes.
5819 */ 5922 */
5820static struct sctp_packet *sctp_abort_pkt_new(const struct sctp_endpoint *ep, 5923static struct sctp_packet *sctp_abort_pkt_new(struct net *net,
5924 const struct sctp_endpoint *ep,
5821 const struct sctp_association *asoc, 5925 const struct sctp_association *asoc,
5822 struct sctp_chunk *chunk, 5926 struct sctp_chunk *chunk,
5823 const void *payload, 5927 const void *payload,
@@ -5826,7 +5930,7 @@ static struct sctp_packet *sctp_abort_pkt_new(const struct sctp_endpoint *ep,
5826 struct sctp_packet *packet; 5930 struct sctp_packet *packet;
5827 struct sctp_chunk *abort; 5931 struct sctp_chunk *abort;
5828 5932
5829 packet = sctp_ootb_pkt_new(asoc, chunk); 5933 packet = sctp_ootb_pkt_new(net, asoc, chunk);
5830 5934
5831 if (packet) { 5935 if (packet) {
5832 /* Make an ABORT. 5936 /* Make an ABORT.
@@ -5858,7 +5962,8 @@ static struct sctp_packet *sctp_abort_pkt_new(const struct sctp_endpoint *ep,
5858} 5962}
5859 5963
5860/* Allocate a packet for responding in the OOTB conditions. */ 5964/* Allocate a packet for responding in the OOTB conditions. */
5861static struct sctp_packet *sctp_ootb_pkt_new(const struct sctp_association *asoc, 5965static struct sctp_packet *sctp_ootb_pkt_new(struct net *net,
5966 const struct sctp_association *asoc,
5862 const struct sctp_chunk *chunk) 5967 const struct sctp_chunk *chunk)
5863{ 5968{
5864 struct sctp_packet *packet; 5969 struct sctp_packet *packet;
@@ -5911,7 +6016,7 @@ static struct sctp_packet *sctp_ootb_pkt_new(const struct sctp_association *asoc
5911 } 6016 }
5912 6017
5913 /* Make a transport for the bucket, Eliza... */ 6018 /* Make a transport for the bucket, Eliza... */
5914 transport = sctp_transport_new(sctp_source(chunk), GFP_ATOMIC); 6019 transport = sctp_transport_new(net, sctp_source(chunk), GFP_ATOMIC);
5915 if (!transport) 6020 if (!transport)
5916 goto nomem; 6021 goto nomem;
5917 6022
@@ -5919,7 +6024,7 @@ static struct sctp_packet *sctp_ootb_pkt_new(const struct sctp_association *asoc
5919 * the source address. 6024 * the source address.
5920 */ 6025 */
5921 sctp_transport_route(transport, (union sctp_addr *)&chunk->dest, 6026 sctp_transport_route(transport, (union sctp_addr *)&chunk->dest,
5922 sctp_sk(sctp_get_ctl_sock())); 6027 sctp_sk(net->sctp.ctl_sock));
5923 6028
5924 packet = sctp_packet_init(&transport->packet, transport, sport, dport); 6029 packet = sctp_packet_init(&transport->packet, transport, sport, dport);
5925 packet = sctp_packet_config(packet, vtag, 0); 6030 packet = sctp_packet_config(packet, vtag, 0);
@@ -5937,7 +6042,8 @@ void sctp_ootb_pkt_free(struct sctp_packet *packet)
5937} 6042}
5938 6043
5939/* Send a stale cookie error when a invalid COOKIE ECHO chunk is found */ 6044/* Send a stale cookie error when a invalid COOKIE ECHO chunk is found */
5940static void sctp_send_stale_cookie_err(const struct sctp_endpoint *ep, 6045static void sctp_send_stale_cookie_err(struct net *net,
6046 const struct sctp_endpoint *ep,
5941 const struct sctp_association *asoc, 6047 const struct sctp_association *asoc,
5942 const struct sctp_chunk *chunk, 6048 const struct sctp_chunk *chunk,
5943 sctp_cmd_seq_t *commands, 6049 sctp_cmd_seq_t *commands,
@@ -5946,7 +6052,7 @@ static void sctp_send_stale_cookie_err(const struct sctp_endpoint *ep,
5946 struct sctp_packet *packet; 6052 struct sctp_packet *packet;
5947 6053
5948 if (err_chunk) { 6054 if (err_chunk) {
5949 packet = sctp_ootb_pkt_new(asoc, chunk); 6055 packet = sctp_ootb_pkt_new(net, asoc, chunk);
5950 if (packet) { 6056 if (packet) {
5951 struct sctp_signed_cookie *cookie; 6057 struct sctp_signed_cookie *cookie;
5952 6058
@@ -5959,7 +6065,7 @@ static void sctp_send_stale_cookie_err(const struct sctp_endpoint *ep,
5959 sctp_packet_append_chunk(packet, err_chunk); 6065 sctp_packet_append_chunk(packet, err_chunk);
5960 sctp_add_cmd_sf(commands, SCTP_CMD_SEND_PKT, 6066 sctp_add_cmd_sf(commands, SCTP_CMD_SEND_PKT,
5961 SCTP_PACKET(packet)); 6067 SCTP_PACKET(packet));
5962 SCTP_INC_STATS(SCTP_MIB_OUTCTRLCHUNKS); 6068 SCTP_INC_STATS(net, SCTP_MIB_OUTCTRLCHUNKS);
5963 } else 6069 } else
5964 sctp_chunk_free (err_chunk); 6070 sctp_chunk_free (err_chunk);
5965 } 6071 }
@@ -5979,6 +6085,7 @@ static int sctp_eat_data(const struct sctp_association *asoc,
5979 __u32 tsn; 6085 __u32 tsn;
5980 struct sctp_tsnmap *map = (struct sctp_tsnmap *)&asoc->peer.tsn_map; 6086 struct sctp_tsnmap *map = (struct sctp_tsnmap *)&asoc->peer.tsn_map;
5981 struct sock *sk = asoc->base.sk; 6087 struct sock *sk = asoc->base.sk;
6088 struct net *net = sock_net(sk);
5982 u16 ssn; 6089 u16 ssn;
5983 u16 sid; 6090 u16 sid;
5984 u8 ordered = 0; 6091 u8 ordered = 0;
@@ -6109,8 +6216,8 @@ static int sctp_eat_data(const struct sctp_association *asoc,
6109 SCTP_ERROR(ECONNABORTED)); 6216 SCTP_ERROR(ECONNABORTED));
6110 sctp_add_cmd_sf(commands, SCTP_CMD_ASSOC_FAILED, 6217 sctp_add_cmd_sf(commands, SCTP_CMD_ASSOC_FAILED,
6111 SCTP_PERR(SCTP_ERROR_NO_DATA)); 6218 SCTP_PERR(SCTP_ERROR_NO_DATA));
6112 SCTP_INC_STATS(SCTP_MIB_ABORTEDS); 6219 SCTP_INC_STATS(net, SCTP_MIB_ABORTEDS);
6113 SCTP_DEC_STATS(SCTP_MIB_CURRESTAB); 6220 SCTP_DEC_STATS(net, SCTP_MIB_CURRESTAB);
6114 return SCTP_IERROR_NO_DATA; 6221 return SCTP_IERROR_NO_DATA;
6115 } 6222 }
6116 6223
@@ -6120,9 +6227,9 @@ static int sctp_eat_data(const struct sctp_association *asoc,
6120 * if we renege and the chunk arrives again. 6227 * if we renege and the chunk arrives again.
6121 */ 6228 */
6122 if (chunk->chunk_hdr->flags & SCTP_DATA_UNORDERED) 6229 if (chunk->chunk_hdr->flags & SCTP_DATA_UNORDERED)
6123 SCTP_INC_STATS(SCTP_MIB_INUNORDERCHUNKS); 6230 SCTP_INC_STATS(net, SCTP_MIB_INUNORDERCHUNKS);
6124 else { 6231 else {
6125 SCTP_INC_STATS(SCTP_MIB_INORDERCHUNKS); 6232 SCTP_INC_STATS(net, SCTP_MIB_INORDERCHUNKS);
6126 ordered = 1; 6233 ordered = 1;
6127 } 6234 }
6128 6235
diff --git a/net/sctp/sm_statetable.c b/net/sctp/sm_statetable.c
index 7c211a7f90f4..84d98d8a5a74 100644
--- a/net/sctp/sm_statetable.c
+++ b/net/sctp/sm_statetable.c
@@ -59,7 +59,8 @@ other_event_table[SCTP_NUM_OTHER_TYPES][SCTP_STATE_NUM_STATES];
59static const sctp_sm_table_entry_t 59static const sctp_sm_table_entry_t
60timeout_event_table[SCTP_NUM_TIMEOUT_TYPES][SCTP_STATE_NUM_STATES]; 60timeout_event_table[SCTP_NUM_TIMEOUT_TYPES][SCTP_STATE_NUM_STATES];
61 61
62static const sctp_sm_table_entry_t *sctp_chunk_event_lookup(sctp_cid_t cid, 62static const sctp_sm_table_entry_t *sctp_chunk_event_lookup(struct net *net,
63 sctp_cid_t cid,
63 sctp_state_t state); 64 sctp_state_t state);
64 65
65 66
@@ -82,13 +83,14 @@ static const sctp_sm_table_entry_t bug = {
82 rtn; \ 83 rtn; \
83}) 84})
84 85
85const sctp_sm_table_entry_t *sctp_sm_lookup_event(sctp_event_t event_type, 86const sctp_sm_table_entry_t *sctp_sm_lookup_event(struct net *net,
87 sctp_event_t event_type,
86 sctp_state_t state, 88 sctp_state_t state,
87 sctp_subtype_t event_subtype) 89 sctp_subtype_t event_subtype)
88{ 90{
89 switch (event_type) { 91 switch (event_type) {
90 case SCTP_EVENT_T_CHUNK: 92 case SCTP_EVENT_T_CHUNK:
91 return sctp_chunk_event_lookup(event_subtype.chunk, state); 93 return sctp_chunk_event_lookup(net, event_subtype.chunk, state);
92 case SCTP_EVENT_T_TIMEOUT: 94 case SCTP_EVENT_T_TIMEOUT:
93 return DO_LOOKUP(SCTP_EVENT_TIMEOUT_MAX, timeout, 95 return DO_LOOKUP(SCTP_EVENT_TIMEOUT_MAX, timeout,
94 timeout_event_table); 96 timeout_event_table);
@@ -906,7 +908,8 @@ static const sctp_sm_table_entry_t timeout_event_table[SCTP_NUM_TIMEOUT_TYPES][S
906 TYPE_SCTP_EVENT_TIMEOUT_AUTOCLOSE, 908 TYPE_SCTP_EVENT_TIMEOUT_AUTOCLOSE,
907}; 909};
908 910
909static const sctp_sm_table_entry_t *sctp_chunk_event_lookup(sctp_cid_t cid, 911static const sctp_sm_table_entry_t *sctp_chunk_event_lookup(struct net *net,
912 sctp_cid_t cid,
910 sctp_state_t state) 913 sctp_state_t state)
911{ 914{
912 if (state > SCTP_STATE_MAX) 915 if (state > SCTP_STATE_MAX)
@@ -915,12 +918,12 @@ static const sctp_sm_table_entry_t *sctp_chunk_event_lookup(sctp_cid_t cid,
915 if (cid <= SCTP_CID_BASE_MAX) 918 if (cid <= SCTP_CID_BASE_MAX)
916 return &chunk_event_table[cid][state]; 919 return &chunk_event_table[cid][state];
917 920
918 if (sctp_prsctp_enable) { 921 if (net->sctp.prsctp_enable) {
919 if (cid == SCTP_CID_FWD_TSN) 922 if (cid == SCTP_CID_FWD_TSN)
920 return &prsctp_chunk_event_table[0][state]; 923 return &prsctp_chunk_event_table[0][state];
921 } 924 }
922 925
923 if (sctp_addip_enable) { 926 if (net->sctp.addip_enable) {
924 if (cid == SCTP_CID_ASCONF) 927 if (cid == SCTP_CID_ASCONF)
925 return &addip_chunk_event_table[0][state]; 928 return &addip_chunk_event_table[0][state];
926 929
@@ -928,7 +931,7 @@ static const sctp_sm_table_entry_t *sctp_chunk_event_lookup(sctp_cid_t cid,
928 return &addip_chunk_event_table[1][state]; 931 return &addip_chunk_event_table[1][state];
929 } 932 }
930 933
931 if (sctp_auth_enable) { 934 if (net->sctp.auth_enable) {
932 if (cid == SCTP_CID_AUTH) 935 if (cid == SCTP_CID_AUTH)
933 return &auth_chunk_event_table[0][state]; 936 return &auth_chunk_event_table[0][state];
934 } 937 }
diff --git a/net/sctp/socket.c b/net/sctp/socket.c
index 5e259817a7f3..d37d24ff197f 100644
--- a/net/sctp/socket.c
+++ b/net/sctp/socket.c
@@ -427,6 +427,7 @@ SCTP_STATIC int sctp_do_bind(struct sock *sk, union sctp_addr *addr, int len)
427static int sctp_send_asconf(struct sctp_association *asoc, 427static int sctp_send_asconf(struct sctp_association *asoc,
428 struct sctp_chunk *chunk) 428 struct sctp_chunk *chunk)
429{ 429{
430 struct net *net = sock_net(asoc->base.sk);
430 int retval = 0; 431 int retval = 0;
431 432
432 /* If there is an outstanding ASCONF chunk, queue it for later 433 /* If there is an outstanding ASCONF chunk, queue it for later
@@ -439,7 +440,7 @@ static int sctp_send_asconf(struct sctp_association *asoc,
439 440
440 /* Hold the chunk until an ASCONF_ACK is received. */ 441 /* Hold the chunk until an ASCONF_ACK is received. */
441 sctp_chunk_hold(chunk); 442 sctp_chunk_hold(chunk);
442 retval = sctp_primitive_ASCONF(asoc, chunk); 443 retval = sctp_primitive_ASCONF(net, asoc, chunk);
443 if (retval) 444 if (retval)
444 sctp_chunk_free(chunk); 445 sctp_chunk_free(chunk);
445 else 446 else
@@ -515,6 +516,7 @@ static int sctp_send_asconf_add_ip(struct sock *sk,
515 struct sockaddr *addrs, 516 struct sockaddr *addrs,
516 int addrcnt) 517 int addrcnt)
517{ 518{
519 struct net *net = sock_net(sk);
518 struct sctp_sock *sp; 520 struct sctp_sock *sp;
519 struct sctp_endpoint *ep; 521 struct sctp_endpoint *ep;
520 struct sctp_association *asoc; 522 struct sctp_association *asoc;
@@ -529,7 +531,7 @@ static int sctp_send_asconf_add_ip(struct sock *sk,
529 int i; 531 int i;
530 int retval = 0; 532 int retval = 0;
531 533
532 if (!sctp_addip_enable) 534 if (!net->sctp.addip_enable)
533 return retval; 535 return retval;
534 536
535 sp = sctp_sk(sk); 537 sp = sctp_sk(sk);
@@ -717,6 +719,7 @@ static int sctp_send_asconf_del_ip(struct sock *sk,
717 struct sockaddr *addrs, 719 struct sockaddr *addrs,
718 int addrcnt) 720 int addrcnt)
719{ 721{
722 struct net *net = sock_net(sk);
720 struct sctp_sock *sp; 723 struct sctp_sock *sp;
721 struct sctp_endpoint *ep; 724 struct sctp_endpoint *ep;
722 struct sctp_association *asoc; 725 struct sctp_association *asoc;
@@ -732,7 +735,7 @@ static int sctp_send_asconf_del_ip(struct sock *sk,
732 int stored = 0; 735 int stored = 0;
733 736
734 chunk = NULL; 737 chunk = NULL;
735 if (!sctp_addip_enable) 738 if (!net->sctp.addip_enable)
736 return retval; 739 return retval;
737 740
738 sp = sctp_sk(sk); 741 sp = sctp_sk(sk);
@@ -1050,6 +1053,7 @@ static int __sctp_connect(struct sock* sk,
1050 int addrs_size, 1053 int addrs_size,
1051 sctp_assoc_t *assoc_id) 1054 sctp_assoc_t *assoc_id)
1052{ 1055{
1056 struct net *net = sock_net(sk);
1053 struct sctp_sock *sp; 1057 struct sctp_sock *sp;
1054 struct sctp_endpoint *ep; 1058 struct sctp_endpoint *ep;
1055 struct sctp_association *asoc = NULL; 1059 struct sctp_association *asoc = NULL;
@@ -1200,7 +1204,7 @@ static int __sctp_connect(struct sock* sk,
1200 goto out_free; 1204 goto out_free;
1201 } 1205 }
1202 1206
1203 err = sctp_primitive_ASSOCIATE(asoc, NULL); 1207 err = sctp_primitive_ASSOCIATE(net, asoc, NULL);
1204 if (err < 0) { 1208 if (err < 0) {
1205 goto out_free; 1209 goto out_free;
1206 } 1210 }
@@ -1458,6 +1462,7 @@ SCTP_STATIC int sctp_getsockopt_connectx3(struct sock* sk, int len,
1458 */ 1462 */
1459SCTP_STATIC void sctp_close(struct sock *sk, long timeout) 1463SCTP_STATIC void sctp_close(struct sock *sk, long timeout)
1460{ 1464{
1465 struct net *net = sock_net(sk);
1461 struct sctp_endpoint *ep; 1466 struct sctp_endpoint *ep;
1462 struct sctp_association *asoc; 1467 struct sctp_association *asoc;
1463 struct list_head *pos, *temp; 1468 struct list_head *pos, *temp;
@@ -1499,9 +1504,9 @@ SCTP_STATIC void sctp_close(struct sock *sk, long timeout)
1499 1504
1500 chunk = sctp_make_abort_user(asoc, NULL, 0); 1505 chunk = sctp_make_abort_user(asoc, NULL, 0);
1501 if (chunk) 1506 if (chunk)
1502 sctp_primitive_ABORT(asoc, chunk); 1507 sctp_primitive_ABORT(net, asoc, chunk);
1503 } else 1508 } else
1504 sctp_primitive_SHUTDOWN(asoc, NULL); 1509 sctp_primitive_SHUTDOWN(net, asoc, NULL);
1505 } 1510 }
1506 1511
1507 /* On a TCP-style socket, block for at most linger_time if set. */ 1512 /* On a TCP-style socket, block for at most linger_time if set. */
@@ -1569,6 +1574,7 @@ SCTP_STATIC int sctp_msghdr_parse(const struct msghdr *, sctp_cmsgs_t *);
1569SCTP_STATIC int sctp_sendmsg(struct kiocb *iocb, struct sock *sk, 1574SCTP_STATIC int sctp_sendmsg(struct kiocb *iocb, struct sock *sk,
1570 struct msghdr *msg, size_t msg_len) 1575 struct msghdr *msg, size_t msg_len)
1571{ 1576{
1577 struct net *net = sock_net(sk);
1572 struct sctp_sock *sp; 1578 struct sctp_sock *sp;
1573 struct sctp_endpoint *ep; 1579 struct sctp_endpoint *ep;
1574 struct sctp_association *new_asoc=NULL, *asoc=NULL; 1580 struct sctp_association *new_asoc=NULL, *asoc=NULL;
@@ -1714,7 +1720,7 @@ SCTP_STATIC int sctp_sendmsg(struct kiocb *iocb, struct sock *sk,
1714 if (sinfo_flags & SCTP_EOF) { 1720 if (sinfo_flags & SCTP_EOF) {
1715 SCTP_DEBUG_PRINTK("Shutting down association: %p\n", 1721 SCTP_DEBUG_PRINTK("Shutting down association: %p\n",
1716 asoc); 1722 asoc);
1717 sctp_primitive_SHUTDOWN(asoc, NULL); 1723 sctp_primitive_SHUTDOWN(net, asoc, NULL);
1718 err = 0; 1724 err = 0;
1719 goto out_unlock; 1725 goto out_unlock;
1720 } 1726 }
@@ -1727,7 +1733,7 @@ SCTP_STATIC int sctp_sendmsg(struct kiocb *iocb, struct sock *sk,
1727 } 1733 }
1728 1734
1729 SCTP_DEBUG_PRINTK("Aborting association: %p\n", asoc); 1735 SCTP_DEBUG_PRINTK("Aborting association: %p\n", asoc);
1730 sctp_primitive_ABORT(asoc, chunk); 1736 sctp_primitive_ABORT(net, asoc, chunk);
1731 err = 0; 1737 err = 0;
1732 goto out_unlock; 1738 goto out_unlock;
1733 } 1739 }
@@ -1900,7 +1906,7 @@ SCTP_STATIC int sctp_sendmsg(struct kiocb *iocb, struct sock *sk,
1900 1906
1901 /* Auto-connect, if we aren't connected already. */ 1907 /* Auto-connect, if we aren't connected already. */
1902 if (sctp_state(asoc, CLOSED)) { 1908 if (sctp_state(asoc, CLOSED)) {
1903 err = sctp_primitive_ASSOCIATE(asoc, NULL); 1909 err = sctp_primitive_ASSOCIATE(net, asoc, NULL);
1904 if (err < 0) 1910 if (err < 0)
1905 goto out_free; 1911 goto out_free;
1906 SCTP_DEBUG_PRINTK("We associated primitively.\n"); 1912 SCTP_DEBUG_PRINTK("We associated primitively.\n");
@@ -1928,7 +1934,7 @@ SCTP_STATIC int sctp_sendmsg(struct kiocb *iocb, struct sock *sk,
1928 * works that way today. Keep it that way or this 1934 * works that way today. Keep it that way or this
1929 * breaks. 1935 * breaks.
1930 */ 1936 */
1931 err = sctp_primitive_SEND(asoc, datamsg); 1937 err = sctp_primitive_SEND(net, asoc, datamsg);
1932 /* Did the lower layer accept the chunk? */ 1938 /* Did the lower layer accept the chunk? */
1933 if (err) 1939 if (err)
1934 sctp_datamsg_free(datamsg); 1940 sctp_datamsg_free(datamsg);
@@ -2320,7 +2326,9 @@ static int sctp_apply_peer_addr_params(struct sctp_paddrparams *params,
2320 int error; 2326 int error;
2321 2327
2322 if (params->spp_flags & SPP_HB_DEMAND && trans) { 2328 if (params->spp_flags & SPP_HB_DEMAND && trans) {
2323 error = sctp_primitive_REQUESTHEARTBEAT (trans->asoc, trans); 2329 struct net *net = sock_net(trans->asoc->base.sk);
2330
2331 error = sctp_primitive_REQUESTHEARTBEAT(net, trans->asoc, trans);
2324 if (error) 2332 if (error)
2325 return error; 2333 return error;
2326 } 2334 }
@@ -3033,6 +3041,7 @@ static int sctp_setsockopt_maxseg(struct sock *sk, char __user *optval, unsigned
3033static int sctp_setsockopt_peer_primary_addr(struct sock *sk, char __user *optval, 3041static int sctp_setsockopt_peer_primary_addr(struct sock *sk, char __user *optval,
3034 unsigned int optlen) 3042 unsigned int optlen)
3035{ 3043{
3044 struct net *net = sock_net(sk);
3036 struct sctp_sock *sp; 3045 struct sctp_sock *sp;
3037 struct sctp_association *asoc = NULL; 3046 struct sctp_association *asoc = NULL;
3038 struct sctp_setpeerprim prim; 3047 struct sctp_setpeerprim prim;
@@ -3042,7 +3051,7 @@ static int sctp_setsockopt_peer_primary_addr(struct sock *sk, char __user *optva
3042 3051
3043 sp = sctp_sk(sk); 3052 sp = sctp_sk(sk);
3044 3053
3045 if (!sctp_addip_enable) 3054 if (!net->sctp.addip_enable)
3046 return -EPERM; 3055 return -EPERM;
3047 3056
3048 if (optlen != sizeof(struct sctp_setpeerprim)) 3057 if (optlen != sizeof(struct sctp_setpeerprim))
@@ -3279,9 +3288,10 @@ static int sctp_setsockopt_auth_chunk(struct sock *sk,
3279 char __user *optval, 3288 char __user *optval,
3280 unsigned int optlen) 3289 unsigned int optlen)
3281{ 3290{
3291 struct net *net = sock_net(sk);
3282 struct sctp_authchunk val; 3292 struct sctp_authchunk val;
3283 3293
3284 if (!sctp_auth_enable) 3294 if (!net->sctp.auth_enable)
3285 return -EACCES; 3295 return -EACCES;
3286 3296
3287 if (optlen != sizeof(struct sctp_authchunk)) 3297 if (optlen != sizeof(struct sctp_authchunk))
@@ -3311,11 +3321,12 @@ static int sctp_setsockopt_hmac_ident(struct sock *sk,
3311 char __user *optval, 3321 char __user *optval,
3312 unsigned int optlen) 3322 unsigned int optlen)
3313{ 3323{
3324 struct net *net = sock_net(sk);
3314 struct sctp_hmacalgo *hmacs; 3325 struct sctp_hmacalgo *hmacs;
3315 u32 idents; 3326 u32 idents;
3316 int err; 3327 int err;
3317 3328
3318 if (!sctp_auth_enable) 3329 if (!net->sctp.auth_enable)
3319 return -EACCES; 3330 return -EACCES;
3320 3331
3321 if (optlen < sizeof(struct sctp_hmacalgo)) 3332 if (optlen < sizeof(struct sctp_hmacalgo))
@@ -3348,11 +3359,12 @@ static int sctp_setsockopt_auth_key(struct sock *sk,
3348 char __user *optval, 3359 char __user *optval,
3349 unsigned int optlen) 3360 unsigned int optlen)
3350{ 3361{
3362 struct net *net = sock_net(sk);
3351 struct sctp_authkey *authkey; 3363 struct sctp_authkey *authkey;
3352 struct sctp_association *asoc; 3364 struct sctp_association *asoc;
3353 int ret; 3365 int ret;
3354 3366
3355 if (!sctp_auth_enable) 3367 if (!net->sctp.auth_enable)
3356 return -EACCES; 3368 return -EACCES;
3357 3369
3358 if (optlen <= sizeof(struct sctp_authkey)) 3370 if (optlen <= sizeof(struct sctp_authkey))
@@ -3389,10 +3401,11 @@ static int sctp_setsockopt_active_key(struct sock *sk,
3389 char __user *optval, 3401 char __user *optval,
3390 unsigned int optlen) 3402 unsigned int optlen)
3391{ 3403{
3404 struct net *net = sock_net(sk);
3392 struct sctp_authkeyid val; 3405 struct sctp_authkeyid val;
3393 struct sctp_association *asoc; 3406 struct sctp_association *asoc;
3394 3407
3395 if (!sctp_auth_enable) 3408 if (!net->sctp.auth_enable)
3396 return -EACCES; 3409 return -EACCES;
3397 3410
3398 if (optlen != sizeof(struct sctp_authkeyid)) 3411 if (optlen != sizeof(struct sctp_authkeyid))
@@ -3417,10 +3430,11 @@ static int sctp_setsockopt_del_key(struct sock *sk,
3417 char __user *optval, 3430 char __user *optval,
3418 unsigned int optlen) 3431 unsigned int optlen)
3419{ 3432{
3433 struct net *net = sock_net(sk);
3420 struct sctp_authkeyid val; 3434 struct sctp_authkeyid val;
3421 struct sctp_association *asoc; 3435 struct sctp_association *asoc;
3422 3436
3423 if (!sctp_auth_enable) 3437 if (!net->sctp.auth_enable)
3424 return -EACCES; 3438 return -EACCES;
3425 3439
3426 if (optlen != sizeof(struct sctp_authkeyid)) 3440 if (optlen != sizeof(struct sctp_authkeyid))
@@ -3471,7 +3485,7 @@ static int sctp_setsockopt_auto_asconf(struct sock *sk, char __user *optval,
3471 sp->do_auto_asconf = 0; 3485 sp->do_auto_asconf = 0;
3472 } else if (val && !sp->do_auto_asconf) { 3486 } else if (val && !sp->do_auto_asconf) {
3473 list_add_tail(&sp->auto_asconf_list, 3487 list_add_tail(&sp->auto_asconf_list,
3474 &sctp_auto_asconf_splist); 3488 &sock_net(sk)->sctp.auto_asconf_splist);
3475 sp->do_auto_asconf = 1; 3489 sp->do_auto_asconf = 1;
3476 } 3490 }
3477 return 0; 3491 return 0;
@@ -3843,6 +3857,7 @@ out:
3843 */ 3857 */
3844SCTP_STATIC int sctp_init_sock(struct sock *sk) 3858SCTP_STATIC int sctp_init_sock(struct sock *sk)
3845{ 3859{
3860 struct net *net = sock_net(sk);
3846 struct sctp_endpoint *ep; 3861 struct sctp_endpoint *ep;
3847 struct sctp_sock *sp; 3862 struct sctp_sock *sp;
3848 3863
@@ -3872,7 +3887,7 @@ SCTP_STATIC int sctp_init_sock(struct sock *sk)
3872 sp->default_timetolive = 0; 3887 sp->default_timetolive = 0;
3873 3888
3874 sp->default_rcv_context = 0; 3889 sp->default_rcv_context = 0;
3875 sp->max_burst = sctp_max_burst; 3890 sp->max_burst = net->sctp.max_burst;
3876 3891
3877 /* Initialize default setup parameters. These parameters 3892 /* Initialize default setup parameters. These parameters
3878 * can be modified with the SCTP_INITMSG socket option or 3893 * can be modified with the SCTP_INITMSG socket option or
@@ -3880,24 +3895,24 @@ SCTP_STATIC int sctp_init_sock(struct sock *sk)
3880 */ 3895 */
3881 sp->initmsg.sinit_num_ostreams = sctp_max_outstreams; 3896 sp->initmsg.sinit_num_ostreams = sctp_max_outstreams;
3882 sp->initmsg.sinit_max_instreams = sctp_max_instreams; 3897 sp->initmsg.sinit_max_instreams = sctp_max_instreams;
3883 sp->initmsg.sinit_max_attempts = sctp_max_retrans_init; 3898 sp->initmsg.sinit_max_attempts = net->sctp.max_retrans_init;
3884 sp->initmsg.sinit_max_init_timeo = sctp_rto_max; 3899 sp->initmsg.sinit_max_init_timeo = net->sctp.rto_max;
3885 3900
3886 /* Initialize default RTO related parameters. These parameters can 3901 /* Initialize default RTO related parameters. These parameters can
3887 * be modified for with the SCTP_RTOINFO socket option. 3902 * be modified for with the SCTP_RTOINFO socket option.
3888 */ 3903 */
3889 sp->rtoinfo.srto_initial = sctp_rto_initial; 3904 sp->rtoinfo.srto_initial = net->sctp.rto_initial;
3890 sp->rtoinfo.srto_max = sctp_rto_max; 3905 sp->rtoinfo.srto_max = net->sctp.rto_max;
3891 sp->rtoinfo.srto_min = sctp_rto_min; 3906 sp->rtoinfo.srto_min = net->sctp.rto_min;
3892 3907
3893 /* Initialize default association related parameters. These parameters 3908 /* Initialize default association related parameters. These parameters
3894 * can be modified with the SCTP_ASSOCINFO socket option. 3909 * can be modified with the SCTP_ASSOCINFO socket option.
3895 */ 3910 */
3896 sp->assocparams.sasoc_asocmaxrxt = sctp_max_retrans_association; 3911 sp->assocparams.sasoc_asocmaxrxt = net->sctp.max_retrans_association;
3897 sp->assocparams.sasoc_number_peer_destinations = 0; 3912 sp->assocparams.sasoc_number_peer_destinations = 0;
3898 sp->assocparams.sasoc_peer_rwnd = 0; 3913 sp->assocparams.sasoc_peer_rwnd = 0;
3899 sp->assocparams.sasoc_local_rwnd = 0; 3914 sp->assocparams.sasoc_local_rwnd = 0;
3900 sp->assocparams.sasoc_cookie_life = sctp_valid_cookie_life; 3915 sp->assocparams.sasoc_cookie_life = net->sctp.valid_cookie_life;
3901 3916
3902 /* Initialize default event subscriptions. By default, all the 3917 /* Initialize default event subscriptions. By default, all the
3903 * options are off. 3918 * options are off.
@@ -3907,10 +3922,10 @@ SCTP_STATIC int sctp_init_sock(struct sock *sk)
3907 /* Default Peer Address Parameters. These defaults can 3922 /* Default Peer Address Parameters. These defaults can
3908 * be modified via SCTP_PEER_ADDR_PARAMS 3923 * be modified via SCTP_PEER_ADDR_PARAMS
3909 */ 3924 */
3910 sp->hbinterval = sctp_hb_interval; 3925 sp->hbinterval = net->sctp.hb_interval;
3911 sp->pathmaxrxt = sctp_max_retrans_path; 3926 sp->pathmaxrxt = net->sctp.max_retrans_path;
3912 sp->pathmtu = 0; // allow default discovery 3927 sp->pathmtu = 0; // allow default discovery
3913 sp->sackdelay = sctp_sack_timeout; 3928 sp->sackdelay = net->sctp.sack_timeout;
3914 sp->sackfreq = 2; 3929 sp->sackfreq = 2;
3915 sp->param_flags = SPP_HB_ENABLE | 3930 sp->param_flags = SPP_HB_ENABLE |
3916 SPP_PMTUD_ENABLE | 3931 SPP_PMTUD_ENABLE |
@@ -3961,10 +3976,10 @@ SCTP_STATIC int sctp_init_sock(struct sock *sk)
3961 3976
3962 local_bh_disable(); 3977 local_bh_disable();
3963 percpu_counter_inc(&sctp_sockets_allocated); 3978 percpu_counter_inc(&sctp_sockets_allocated);
3964 sock_prot_inuse_add(sock_net(sk), sk->sk_prot, 1); 3979 sock_prot_inuse_add(net, sk->sk_prot, 1);
3965 if (sctp_default_auto_asconf) { 3980 if (net->sctp.default_auto_asconf) {
3966 list_add_tail(&sp->auto_asconf_list, 3981 list_add_tail(&sp->auto_asconf_list,
3967 &sctp_auto_asconf_splist); 3982 &net->sctp.auto_asconf_splist);
3968 sp->do_auto_asconf = 1; 3983 sp->do_auto_asconf = 1;
3969 } else 3984 } else
3970 sp->do_auto_asconf = 0; 3985 sp->do_auto_asconf = 0;
@@ -4011,6 +4026,7 @@ SCTP_STATIC void sctp_destroy_sock(struct sock *sk)
4011 */ 4026 */
4012SCTP_STATIC void sctp_shutdown(struct sock *sk, int how) 4027SCTP_STATIC void sctp_shutdown(struct sock *sk, int how)
4013{ 4028{
4029 struct net *net = sock_net(sk);
4014 struct sctp_endpoint *ep; 4030 struct sctp_endpoint *ep;
4015 struct sctp_association *asoc; 4031 struct sctp_association *asoc;
4016 4032
@@ -4022,7 +4038,7 @@ SCTP_STATIC void sctp_shutdown(struct sock *sk, int how)
4022 if (!list_empty(&ep->asocs)) { 4038 if (!list_empty(&ep->asocs)) {
4023 asoc = list_entry(ep->asocs.next, 4039 asoc = list_entry(ep->asocs.next,
4024 struct sctp_association, asocs); 4040 struct sctp_association, asocs);
4025 sctp_primitive_SHUTDOWN(asoc, NULL); 4041 sctp_primitive_SHUTDOWN(net, asoc, NULL);
4026 } 4042 }
4027 } 4043 }
4028} 4044}
@@ -4653,9 +4669,10 @@ static int sctp_copy_laddrs(struct sock *sk, __u16 port, void *to,
4653 union sctp_addr temp; 4669 union sctp_addr temp;
4654 int cnt = 0; 4670 int cnt = 0;
4655 int addrlen; 4671 int addrlen;
4672 struct net *net = sock_net(sk);
4656 4673
4657 rcu_read_lock(); 4674 rcu_read_lock();
4658 list_for_each_entry_rcu(addr, &sctp_local_addr_list, list) { 4675 list_for_each_entry_rcu(addr, &net->sctp.local_addr_list, list) {
4659 if (!addr->valid) 4676 if (!addr->valid)
4660 continue; 4677 continue;
4661 4678
@@ -5299,12 +5316,13 @@ static int sctp_getsockopt_maxburst(struct sock *sk, int len,
5299static int sctp_getsockopt_hmac_ident(struct sock *sk, int len, 5316static int sctp_getsockopt_hmac_ident(struct sock *sk, int len,
5300 char __user *optval, int __user *optlen) 5317 char __user *optval, int __user *optlen)
5301{ 5318{
5319 struct net *net = sock_net(sk);
5302 struct sctp_hmacalgo __user *p = (void __user *)optval; 5320 struct sctp_hmacalgo __user *p = (void __user *)optval;
5303 struct sctp_hmac_algo_param *hmacs; 5321 struct sctp_hmac_algo_param *hmacs;
5304 __u16 data_len = 0; 5322 __u16 data_len = 0;
5305 u32 num_idents; 5323 u32 num_idents;
5306 5324
5307 if (!sctp_auth_enable) 5325 if (!net->sctp.auth_enable)
5308 return -EACCES; 5326 return -EACCES;
5309 5327
5310 hmacs = sctp_sk(sk)->ep->auth_hmacs_list; 5328 hmacs = sctp_sk(sk)->ep->auth_hmacs_list;
@@ -5328,10 +5346,11 @@ static int sctp_getsockopt_hmac_ident(struct sock *sk, int len,
5328static int sctp_getsockopt_active_key(struct sock *sk, int len, 5346static int sctp_getsockopt_active_key(struct sock *sk, int len,
5329 char __user *optval, int __user *optlen) 5347 char __user *optval, int __user *optlen)
5330{ 5348{
5349 struct net *net = sock_net(sk);
5331 struct sctp_authkeyid val; 5350 struct sctp_authkeyid val;
5332 struct sctp_association *asoc; 5351 struct sctp_association *asoc;
5333 5352
5334 if (!sctp_auth_enable) 5353 if (!net->sctp.auth_enable)
5335 return -EACCES; 5354 return -EACCES;
5336 5355
5337 if (len < sizeof(struct sctp_authkeyid)) 5356 if (len < sizeof(struct sctp_authkeyid))
@@ -5360,6 +5379,7 @@ static int sctp_getsockopt_active_key(struct sock *sk, int len,
5360static int sctp_getsockopt_peer_auth_chunks(struct sock *sk, int len, 5379static int sctp_getsockopt_peer_auth_chunks(struct sock *sk, int len,
5361 char __user *optval, int __user *optlen) 5380 char __user *optval, int __user *optlen)
5362{ 5381{
5382 struct net *net = sock_net(sk);
5363 struct sctp_authchunks __user *p = (void __user *)optval; 5383 struct sctp_authchunks __user *p = (void __user *)optval;
5364 struct sctp_authchunks val; 5384 struct sctp_authchunks val;
5365 struct sctp_association *asoc; 5385 struct sctp_association *asoc;
@@ -5367,7 +5387,7 @@ static int sctp_getsockopt_peer_auth_chunks(struct sock *sk, int len,
5367 u32 num_chunks = 0; 5387 u32 num_chunks = 0;
5368 char __user *to; 5388 char __user *to;
5369 5389
5370 if (!sctp_auth_enable) 5390 if (!net->sctp.auth_enable)
5371 return -EACCES; 5391 return -EACCES;
5372 5392
5373 if (len < sizeof(struct sctp_authchunks)) 5393 if (len < sizeof(struct sctp_authchunks))
@@ -5403,6 +5423,7 @@ num:
5403static int sctp_getsockopt_local_auth_chunks(struct sock *sk, int len, 5423static int sctp_getsockopt_local_auth_chunks(struct sock *sk, int len,
5404 char __user *optval, int __user *optlen) 5424 char __user *optval, int __user *optlen)
5405{ 5425{
5426 struct net *net = sock_net(sk);
5406 struct sctp_authchunks __user *p = (void __user *)optval; 5427 struct sctp_authchunks __user *p = (void __user *)optval;
5407 struct sctp_authchunks val; 5428 struct sctp_authchunks val;
5408 struct sctp_association *asoc; 5429 struct sctp_association *asoc;
@@ -5410,7 +5431,7 @@ static int sctp_getsockopt_local_auth_chunks(struct sock *sk, int len,
5410 u32 num_chunks = 0; 5431 u32 num_chunks = 0;
5411 char __user *to; 5432 char __user *to;
5412 5433
5413 if (!sctp_auth_enable) 5434 if (!net->sctp.auth_enable)
5414 return -EACCES; 5435 return -EACCES;
5415 5436
5416 if (len < sizeof(struct sctp_authchunks)) 5437 if (len < sizeof(struct sctp_authchunks))
@@ -5769,7 +5790,7 @@ static void sctp_unhash(struct sock *sk)
5769 * a fastreuse flag (FIXME: NPI ipg). 5790 * a fastreuse flag (FIXME: NPI ipg).
5770 */ 5791 */
5771static struct sctp_bind_bucket *sctp_bucket_create( 5792static struct sctp_bind_bucket *sctp_bucket_create(
5772 struct sctp_bind_hashbucket *head, unsigned short snum); 5793 struct sctp_bind_hashbucket *head, struct net *, unsigned short snum);
5773 5794
5774static long sctp_get_port_local(struct sock *sk, union sctp_addr *addr) 5795static long sctp_get_port_local(struct sock *sk, union sctp_addr *addr)
5775{ 5796{
@@ -5799,11 +5820,12 @@ static long sctp_get_port_local(struct sock *sk, union sctp_addr *addr)
5799 rover = low; 5820 rover = low;
5800 if (inet_is_reserved_local_port(rover)) 5821 if (inet_is_reserved_local_port(rover))
5801 continue; 5822 continue;
5802 index = sctp_phashfn(rover); 5823 index = sctp_phashfn(sock_net(sk), rover);
5803 head = &sctp_port_hashtable[index]; 5824 head = &sctp_port_hashtable[index];
5804 sctp_spin_lock(&head->lock); 5825 sctp_spin_lock(&head->lock);
5805 sctp_for_each_hentry(pp, node, &head->chain) 5826 sctp_for_each_hentry(pp, node, &head->chain)
5806 if (pp->port == rover) 5827 if ((pp->port == rover) &&
5828 net_eq(sock_net(sk), pp->net))
5807 goto next; 5829 goto next;
5808 break; 5830 break;
5809 next: 5831 next:
@@ -5827,10 +5849,10 @@ static long sctp_get_port_local(struct sock *sk, union sctp_addr *addr)
5827 * to the port number (snum) - we detect that with the 5849 * to the port number (snum) - we detect that with the
5828 * port iterator, pp being NULL. 5850 * port iterator, pp being NULL.
5829 */ 5851 */
5830 head = &sctp_port_hashtable[sctp_phashfn(snum)]; 5852 head = &sctp_port_hashtable[sctp_phashfn(sock_net(sk), snum)];
5831 sctp_spin_lock(&head->lock); 5853 sctp_spin_lock(&head->lock);
5832 sctp_for_each_hentry(pp, node, &head->chain) { 5854 sctp_for_each_hentry(pp, node, &head->chain) {
5833 if (pp->port == snum) 5855 if ((pp->port == snum) && net_eq(pp->net, sock_net(sk)))
5834 goto pp_found; 5856 goto pp_found;
5835 } 5857 }
5836 } 5858 }
@@ -5881,7 +5903,7 @@ pp_found:
5881pp_not_found: 5903pp_not_found:
5882 /* If there was a hash table miss, create a new port. */ 5904 /* If there was a hash table miss, create a new port. */
5883 ret = 1; 5905 ret = 1;
5884 if (!pp && !(pp = sctp_bucket_create(head, snum))) 5906 if (!pp && !(pp = sctp_bucket_create(head, sock_net(sk), snum)))
5885 goto fail_unlock; 5907 goto fail_unlock;
5886 5908
5887 /* In either case (hit or miss), make sure fastreuse is 1 only 5909 /* In either case (hit or miss), make sure fastreuse is 1 only
@@ -6113,7 +6135,7 @@ unsigned int sctp_poll(struct file *file, struct socket *sock, poll_table *wait)
6113 ********************************************************************/ 6135 ********************************************************************/
6114 6136
6115static struct sctp_bind_bucket *sctp_bucket_create( 6137static struct sctp_bind_bucket *sctp_bucket_create(
6116 struct sctp_bind_hashbucket *head, unsigned short snum) 6138 struct sctp_bind_hashbucket *head, struct net *net, unsigned short snum)
6117{ 6139{
6118 struct sctp_bind_bucket *pp; 6140 struct sctp_bind_bucket *pp;
6119 6141
@@ -6123,6 +6145,7 @@ static struct sctp_bind_bucket *sctp_bucket_create(
6123 pp->port = snum; 6145 pp->port = snum;
6124 pp->fastreuse = 0; 6146 pp->fastreuse = 0;
6125 INIT_HLIST_HEAD(&pp->owner); 6147 INIT_HLIST_HEAD(&pp->owner);
6148 pp->net = net;
6126 hlist_add_head(&pp->node, &head->chain); 6149 hlist_add_head(&pp->node, &head->chain);
6127 } 6150 }
6128 return pp; 6151 return pp;
@@ -6142,7 +6165,8 @@ static void sctp_bucket_destroy(struct sctp_bind_bucket *pp)
6142static inline void __sctp_put_port(struct sock *sk) 6165static inline void __sctp_put_port(struct sock *sk)
6143{ 6166{
6144 struct sctp_bind_hashbucket *head = 6167 struct sctp_bind_hashbucket *head =
6145 &sctp_port_hashtable[sctp_phashfn(inet_sk(sk)->inet_num)]; 6168 &sctp_port_hashtable[sctp_phashfn(sock_net(sk),
6169 inet_sk(sk)->inet_num)];
6146 struct sctp_bind_bucket *pp; 6170 struct sctp_bind_bucket *pp;
6147 6171
6148 sctp_spin_lock(&head->lock); 6172 sctp_spin_lock(&head->lock);
@@ -6809,7 +6833,8 @@ static void sctp_sock_migrate(struct sock *oldsk, struct sock *newsk,
6809 newsp->hmac = NULL; 6833 newsp->hmac = NULL;
6810 6834
6811 /* Hook this new socket in to the bind_hash list. */ 6835 /* Hook this new socket in to the bind_hash list. */
6812 head = &sctp_port_hashtable[sctp_phashfn(inet_sk(oldsk)->inet_num)]; 6836 head = &sctp_port_hashtable[sctp_phashfn(sock_net(oldsk),
6837 inet_sk(oldsk)->inet_num)];
6813 sctp_local_bh_disable(); 6838 sctp_local_bh_disable();
6814 sctp_spin_lock(&head->lock); 6839 sctp_spin_lock(&head->lock);
6815 pp = sctp_sk(oldsk)->bind_hash; 6840 pp = sctp_sk(oldsk)->bind_hash;
diff --git a/net/sctp/sysctl.c b/net/sctp/sysctl.c
index 2b2bfe933ff1..70e3ba5cb50b 100644
--- a/net/sctp/sysctl.c
+++ b/net/sctp/sysctl.c
@@ -64,8 +64,34 @@ extern int sysctl_sctp_wmem[3];
64 64
65static ctl_table sctp_table[] = { 65static ctl_table sctp_table[] = {
66 { 66 {
67 .procname = "sctp_mem",
68 .data = &sysctl_sctp_mem,
69 .maxlen = sizeof(sysctl_sctp_mem),
70 .mode = 0644,
71 .proc_handler = proc_doulongvec_minmax
72 },
73 {
74 .procname = "sctp_rmem",
75 .data = &sysctl_sctp_rmem,
76 .maxlen = sizeof(sysctl_sctp_rmem),
77 .mode = 0644,
78 .proc_handler = proc_dointvec,
79 },
80 {
81 .procname = "sctp_wmem",
82 .data = &sysctl_sctp_wmem,
83 .maxlen = sizeof(sysctl_sctp_wmem),
84 .mode = 0644,
85 .proc_handler = proc_dointvec,
86 },
87
88 { /* sentinel */ }
89};
90
91static ctl_table sctp_net_table[] = {
92 {
67 .procname = "rto_initial", 93 .procname = "rto_initial",
68 .data = &sctp_rto_initial, 94 .data = &init_net.sctp.rto_initial,
69 .maxlen = sizeof(unsigned int), 95 .maxlen = sizeof(unsigned int),
70 .mode = 0644, 96 .mode = 0644,
71 .proc_handler = proc_dointvec_minmax, 97 .proc_handler = proc_dointvec_minmax,
@@ -74,7 +100,7 @@ static ctl_table sctp_table[] = {
74 }, 100 },
75 { 101 {
76 .procname = "rto_min", 102 .procname = "rto_min",
77 .data = &sctp_rto_min, 103 .data = &init_net.sctp.rto_min,
78 .maxlen = sizeof(unsigned int), 104 .maxlen = sizeof(unsigned int),
79 .mode = 0644, 105 .mode = 0644,
80 .proc_handler = proc_dointvec_minmax, 106 .proc_handler = proc_dointvec_minmax,
@@ -83,7 +109,7 @@ static ctl_table sctp_table[] = {
83 }, 109 },
84 { 110 {
85 .procname = "rto_max", 111 .procname = "rto_max",
86 .data = &sctp_rto_max, 112 .data = &init_net.sctp.rto_max,
87 .maxlen = sizeof(unsigned int), 113 .maxlen = sizeof(unsigned int),
88 .mode = 0644, 114 .mode = 0644,
89 .proc_handler = proc_dointvec_minmax, 115 .proc_handler = proc_dointvec_minmax,
@@ -91,17 +117,22 @@ static ctl_table sctp_table[] = {
91 .extra2 = &timer_max 117 .extra2 = &timer_max
92 }, 118 },
93 { 119 {
94 .procname = "valid_cookie_life", 120 .procname = "rto_alpha_exp_divisor",
95 .data = &sctp_valid_cookie_life, 121 .data = &init_net.sctp.rto_alpha,
96 .maxlen = sizeof(unsigned int), 122 .maxlen = sizeof(int),
97 .mode = 0644, 123 .mode = 0444,
98 .proc_handler = proc_dointvec_minmax, 124 .proc_handler = proc_dointvec,
99 .extra1 = &one, 125 },
100 .extra2 = &timer_max 126 {
127 .procname = "rto_beta_exp_divisor",
128 .data = &init_net.sctp.rto_beta,
129 .maxlen = sizeof(int),
130 .mode = 0444,
131 .proc_handler = proc_dointvec,
101 }, 132 },
102 { 133 {
103 .procname = "max_burst", 134 .procname = "max_burst",
104 .data = &sctp_max_burst, 135 .data = &init_net.sctp.max_burst,
105 .maxlen = sizeof(int), 136 .maxlen = sizeof(int),
106 .mode = 0644, 137 .mode = 0644,
107 .proc_handler = proc_dointvec_minmax, 138 .proc_handler = proc_dointvec_minmax,
@@ -109,31 +140,42 @@ static ctl_table sctp_table[] = {
109 .extra2 = &int_max 140 .extra2 = &int_max
110 }, 141 },
111 { 142 {
112 .procname = "association_max_retrans", 143 .procname = "cookie_preserve_enable",
113 .data = &sctp_max_retrans_association, 144 .data = &init_net.sctp.cookie_preserve_enable,
114 .maxlen = sizeof(int), 145 .maxlen = sizeof(int),
115 .mode = 0644, 146 .mode = 0644,
147 .proc_handler = proc_dointvec,
148 },
149 {
150 .procname = "valid_cookie_life",
151 .data = &init_net.sctp.valid_cookie_life,
152 .maxlen = sizeof(unsigned int),
153 .mode = 0644,
116 .proc_handler = proc_dointvec_minmax, 154 .proc_handler = proc_dointvec_minmax,
117 .extra1 = &one, 155 .extra1 = &one,
118 .extra2 = &int_max 156 .extra2 = &timer_max
119 }, 157 },
120 { 158 {
121 .procname = "sndbuf_policy", 159 .procname = "sack_timeout",
122 .data = &sctp_sndbuf_policy, 160 .data = &init_net.sctp.sack_timeout,
123 .maxlen = sizeof(int), 161 .maxlen = sizeof(int),
124 .mode = 0644, 162 .mode = 0644,
125 .proc_handler = proc_dointvec, 163 .proc_handler = proc_dointvec_minmax,
164 .extra1 = &sack_timer_min,
165 .extra2 = &sack_timer_max,
126 }, 166 },
127 { 167 {
128 .procname = "rcvbuf_policy", 168 .procname = "hb_interval",
129 .data = &sctp_rcvbuf_policy, 169 .data = &init_net.sctp.hb_interval,
130 .maxlen = sizeof(int), 170 .maxlen = sizeof(unsigned int),
131 .mode = 0644, 171 .mode = 0644,
132 .proc_handler = proc_dointvec, 172 .proc_handler = proc_dointvec_minmax,
173 .extra1 = &one,
174 .extra2 = &timer_max
133 }, 175 },
134 { 176 {
135 .procname = "path_max_retrans", 177 .procname = "association_max_retrans",
136 .data = &sctp_max_retrans_path, 178 .data = &init_net.sctp.max_retrans_association,
137 .maxlen = sizeof(int), 179 .maxlen = sizeof(int),
138 .mode = 0644, 180 .mode = 0644,
139 .proc_handler = proc_dointvec_minmax, 181 .proc_handler = proc_dointvec_minmax,
@@ -141,17 +183,17 @@ static ctl_table sctp_table[] = {
141 .extra2 = &int_max 183 .extra2 = &int_max
142 }, 184 },
143 { 185 {
144 .procname = "pf_retrans", 186 .procname = "path_max_retrans",
145 .data = &sctp_pf_retrans, 187 .data = &init_net.sctp.max_retrans_path,
146 .maxlen = sizeof(int), 188 .maxlen = sizeof(int),
147 .mode = 0644, 189 .mode = 0644,
148 .proc_handler = proc_dointvec_minmax, 190 .proc_handler = proc_dointvec_minmax,
149 .extra1 = &zero, 191 .extra1 = &one,
150 .extra2 = &int_max 192 .extra2 = &int_max
151 }, 193 },
152 { 194 {
153 .procname = "max_init_retransmits", 195 .procname = "max_init_retransmits",
154 .data = &sctp_max_retrans_init, 196 .data = &init_net.sctp.max_retrans_init,
155 .maxlen = sizeof(int), 197 .maxlen = sizeof(int),
156 .mode = 0644, 198 .mode = 0644,
157 .proc_handler = proc_dointvec_minmax, 199 .proc_handler = proc_dointvec_minmax,
@@ -159,103 +201,66 @@ static ctl_table sctp_table[] = {
159 .extra2 = &int_max 201 .extra2 = &int_max
160 }, 202 },
161 { 203 {
162 .procname = "hb_interval", 204 .procname = "pf_retrans",
163 .data = &sctp_hb_interval, 205 .data = &init_net.sctp.pf_retrans,
164 .maxlen = sizeof(unsigned int), 206 .maxlen = sizeof(int),
165 .mode = 0644, 207 .mode = 0644,
166 .proc_handler = proc_dointvec_minmax, 208 .proc_handler = proc_dointvec_minmax,
167 .extra1 = &one, 209 .extra1 = &zero,
168 .extra2 = &timer_max 210 .extra2 = &int_max
169 }, 211 },
170 { 212 {
171 .procname = "cookie_preserve_enable", 213 .procname = "sndbuf_policy",
172 .data = &sctp_cookie_preserve_enable, 214 .data = &init_net.sctp.sndbuf_policy,
173 .maxlen = sizeof(int), 215 .maxlen = sizeof(int),
174 .mode = 0644, 216 .mode = 0644,
175 .proc_handler = proc_dointvec, 217 .proc_handler = proc_dointvec,
176 }, 218 },
177 { 219 {
178 .procname = "rto_alpha_exp_divisor", 220 .procname = "rcvbuf_policy",
179 .data = &sctp_rto_alpha, 221 .data = &init_net.sctp.rcvbuf_policy,
180 .maxlen = sizeof(int),
181 .mode = 0444,
182 .proc_handler = proc_dointvec,
183 },
184 {
185 .procname = "rto_beta_exp_divisor",
186 .data = &sctp_rto_beta,
187 .maxlen = sizeof(int),
188 .mode = 0444,
189 .proc_handler = proc_dointvec,
190 },
191 {
192 .procname = "addip_enable",
193 .data = &sctp_addip_enable,
194 .maxlen = sizeof(int), 222 .maxlen = sizeof(int),
195 .mode = 0644, 223 .mode = 0644,
196 .proc_handler = proc_dointvec, 224 .proc_handler = proc_dointvec,
197 }, 225 },
198 { 226 {
199 .procname = "default_auto_asconf", 227 .procname = "default_auto_asconf",
200 .data = &sctp_default_auto_asconf, 228 .data = &init_net.sctp.default_auto_asconf,
201 .maxlen = sizeof(int), 229 .maxlen = sizeof(int),
202 .mode = 0644, 230 .mode = 0644,
203 .proc_handler = proc_dointvec, 231 .proc_handler = proc_dointvec,
204 }, 232 },
205 { 233 {
206 .procname = "prsctp_enable", 234 .procname = "addip_enable",
207 .data = &sctp_prsctp_enable, 235 .data = &init_net.sctp.addip_enable,
208 .maxlen = sizeof(int), 236 .maxlen = sizeof(int),
209 .mode = 0644, 237 .mode = 0644,
210 .proc_handler = proc_dointvec, 238 .proc_handler = proc_dointvec,
211 }, 239 },
212 { 240 {
213 .procname = "sack_timeout", 241 .procname = "addip_noauth_enable",
214 .data = &sctp_sack_timeout, 242 .data = &init_net.sctp.addip_noauth,
215 .maxlen = sizeof(int), 243 .maxlen = sizeof(int),
216 .mode = 0644, 244 .mode = 0644,
217 .proc_handler = proc_dointvec_minmax,
218 .extra1 = &sack_timer_min,
219 .extra2 = &sack_timer_max,
220 },
221 {
222 .procname = "sctp_mem",
223 .data = &sysctl_sctp_mem,
224 .maxlen = sizeof(sysctl_sctp_mem),
225 .mode = 0644,
226 .proc_handler = proc_doulongvec_minmax
227 },
228 {
229 .procname = "sctp_rmem",
230 .data = &sysctl_sctp_rmem,
231 .maxlen = sizeof(sysctl_sctp_rmem),
232 .mode = 0644,
233 .proc_handler = proc_dointvec,
234 },
235 {
236 .procname = "sctp_wmem",
237 .data = &sysctl_sctp_wmem,
238 .maxlen = sizeof(sysctl_sctp_wmem),
239 .mode = 0644,
240 .proc_handler = proc_dointvec, 245 .proc_handler = proc_dointvec,
241 }, 246 },
242 { 247 {
243 .procname = "auth_enable", 248 .procname = "prsctp_enable",
244 .data = &sctp_auth_enable, 249 .data = &init_net.sctp.prsctp_enable,
245 .maxlen = sizeof(int), 250 .maxlen = sizeof(int),
246 .mode = 0644, 251 .mode = 0644,
247 .proc_handler = proc_dointvec, 252 .proc_handler = proc_dointvec,
248 }, 253 },
249 { 254 {
250 .procname = "addip_noauth_enable", 255 .procname = "auth_enable",
251 .data = &sctp_addip_noauth, 256 .data = &init_net.sctp.auth_enable,
252 .maxlen = sizeof(int), 257 .maxlen = sizeof(int),
253 .mode = 0644, 258 .mode = 0644,
254 .proc_handler = proc_dointvec, 259 .proc_handler = proc_dointvec,
255 }, 260 },
256 { 261 {
257 .procname = "addr_scope_policy", 262 .procname = "addr_scope_policy",
258 .data = &sctp_scope_policy, 263 .data = &init_net.sctp.scope_policy,
259 .maxlen = sizeof(int), 264 .maxlen = sizeof(int),
260 .mode = 0644, 265 .mode = 0644,
261 .proc_handler = proc_dointvec_minmax, 266 .proc_handler = proc_dointvec_minmax,
@@ -264,7 +269,7 @@ static ctl_table sctp_table[] = {
264 }, 269 },
265 { 270 {
266 .procname = "rwnd_update_shift", 271 .procname = "rwnd_update_shift",
267 .data = &sctp_rwnd_upd_shift, 272 .data = &init_net.sctp.rwnd_upd_shift,
268 .maxlen = sizeof(int), 273 .maxlen = sizeof(int),
269 .mode = 0644, 274 .mode = 0644,
270 .proc_handler = &proc_dointvec_minmax, 275 .proc_handler = &proc_dointvec_minmax,
@@ -273,7 +278,7 @@ static ctl_table sctp_table[] = {
273 }, 278 },
274 { 279 {
275 .procname = "max_autoclose", 280 .procname = "max_autoclose",
276 .data = &sctp_max_autoclose, 281 .data = &init_net.sctp.max_autoclose,
277 .maxlen = sizeof(unsigned long), 282 .maxlen = sizeof(unsigned long),
278 .mode = 0644, 283 .mode = 0644,
279 .proc_handler = &proc_doulongvec_minmax, 284 .proc_handler = &proc_doulongvec_minmax,
@@ -284,6 +289,27 @@ static ctl_table sctp_table[] = {
284 { /* sentinel */ } 289 { /* sentinel */ }
285}; 290};
286 291
292int sctp_sysctl_net_register(struct net *net)
293{
294 struct ctl_table *table;
295 int i;
296
297 table = kmemdup(sctp_net_table, sizeof(sctp_net_table), GFP_KERNEL);
298 if (!table)
299 return -ENOMEM;
300
301 for (i = 0; table[i].data; i++)
302 table[i].data += (char *)(&net->sctp) - (char *)&init_net.sctp;
303
304 net->sctp.sysctl_header = register_net_sysctl(net, "net/sctp", table);
305 return 0;
306}
307
308void sctp_sysctl_net_unregister(struct net *net)
309{
310 unregister_net_sysctl_table(net->sctp.sysctl_header);
311}
312
287static struct ctl_table_header * sctp_sysctl_header; 313static struct ctl_table_header * sctp_sysctl_header;
288 314
289/* Sysctl registration. */ 315/* Sysctl registration. */
diff --git a/net/sctp/transport.c b/net/sctp/transport.c
index c97472b248a2..953c21e4af97 100644
--- a/net/sctp/transport.c
+++ b/net/sctp/transport.c
@@ -59,7 +59,8 @@
59/* 1st Level Abstractions. */ 59/* 1st Level Abstractions. */
60 60
61/* Initialize a new transport from provided memory. */ 61/* Initialize a new transport from provided memory. */
62static struct sctp_transport *sctp_transport_init(struct sctp_transport *peer, 62static struct sctp_transport *sctp_transport_init(struct net *net,
63 struct sctp_transport *peer,
63 const union sctp_addr *addr, 64 const union sctp_addr *addr,
64 gfp_t gfp) 65 gfp_t gfp)
65{ 66{
@@ -76,7 +77,7 @@ static struct sctp_transport *sctp_transport_init(struct sctp_transport *peer,
76 * given destination transport address, set RTO to the protocol 77 * given destination transport address, set RTO to the protocol
77 * parameter 'RTO.Initial'. 78 * parameter 'RTO.Initial'.
78 */ 79 */
79 peer->rto = msecs_to_jiffies(sctp_rto_initial); 80 peer->rto = msecs_to_jiffies(net->sctp.rto_initial);
80 81
81 peer->last_time_heard = jiffies; 82 peer->last_time_heard = jiffies;
82 peer->last_time_ecne_reduced = jiffies; 83 peer->last_time_ecne_reduced = jiffies;
@@ -86,8 +87,8 @@ static struct sctp_transport *sctp_transport_init(struct sctp_transport *peer,
86 SPP_SACKDELAY_ENABLE; 87 SPP_SACKDELAY_ENABLE;
87 88
88 /* Initialize the default path max_retrans. */ 89 /* Initialize the default path max_retrans. */
89 peer->pathmaxrxt = sctp_max_retrans_path; 90 peer->pathmaxrxt = net->sctp.max_retrans_path;
90 peer->pf_retrans = sctp_pf_retrans; 91 peer->pf_retrans = net->sctp.pf_retrans;
91 92
92 INIT_LIST_HEAD(&peer->transmitted); 93 INIT_LIST_HEAD(&peer->transmitted);
93 INIT_LIST_HEAD(&peer->send_ready); 94 INIT_LIST_HEAD(&peer->send_ready);
@@ -109,7 +110,8 @@ static struct sctp_transport *sctp_transport_init(struct sctp_transport *peer,
109} 110}
110 111
111/* Allocate and initialize a new transport. */ 112/* Allocate and initialize a new transport. */
112struct sctp_transport *sctp_transport_new(const union sctp_addr *addr, 113struct sctp_transport *sctp_transport_new(struct net *net,
114 const union sctp_addr *addr,
113 gfp_t gfp) 115 gfp_t gfp)
114{ 116{
115 struct sctp_transport *transport; 117 struct sctp_transport *transport;
@@ -118,7 +120,7 @@ struct sctp_transport *sctp_transport_new(const union sctp_addr *addr,
118 if (!transport) 120 if (!transport)
119 goto fail; 121 goto fail;
120 122
121 if (!sctp_transport_init(transport, addr, gfp)) 123 if (!sctp_transport_init(net, transport, addr, gfp))
122 goto fail_init; 124 goto fail_init;
123 125
124 transport->malloced = 1; 126 transport->malloced = 1;
@@ -316,6 +318,7 @@ void sctp_transport_update_rto(struct sctp_transport *tp, __u32 rtt)
316 SCTP_ASSERT(tp->rto_pending, "rto_pending not set", return); 318 SCTP_ASSERT(tp->rto_pending, "rto_pending not set", return);
317 319
318 if (tp->rttvar || tp->srtt) { 320 if (tp->rttvar || tp->srtt) {
321 struct net *net = sock_net(tp->asoc->base.sk);
319 /* 6.3.1 C3) When a new RTT measurement R' is made, set 322 /* 6.3.1 C3) When a new RTT measurement R' is made, set
320 * RTTVAR <- (1 - RTO.Beta) * RTTVAR + RTO.Beta * |SRTT - R'| 323 * RTTVAR <- (1 - RTO.Beta) * RTTVAR + RTO.Beta * |SRTT - R'|
321 * SRTT <- (1 - RTO.Alpha) * SRTT + RTO.Alpha * R' 324 * SRTT <- (1 - RTO.Alpha) * SRTT + RTO.Alpha * R'
@@ -327,10 +330,10 @@ void sctp_transport_update_rto(struct sctp_transport *tp, __u32 rtt)
327 * For example, assuming the default value of RTO.Alpha of 330 * For example, assuming the default value of RTO.Alpha of
328 * 1/8, rto_alpha would be expressed as 3. 331 * 1/8, rto_alpha would be expressed as 3.
329 */ 332 */
330 tp->rttvar = tp->rttvar - (tp->rttvar >> sctp_rto_beta) 333 tp->rttvar = tp->rttvar - (tp->rttvar >> net->sctp.rto_beta)
331 + ((abs(tp->srtt - rtt)) >> sctp_rto_beta); 334 + ((abs(tp->srtt - rtt)) >> net->sctp.rto_beta);
332 tp->srtt = tp->srtt - (tp->srtt >> sctp_rto_alpha) 335 tp->srtt = tp->srtt - (tp->srtt >> net->sctp.rto_alpha)
333 + (rtt >> sctp_rto_alpha); 336 + (rtt >> net->sctp.rto_alpha);
334 } else { 337 } else {
335 /* 6.3.1 C2) When the first RTT measurement R is made, set 338 /* 6.3.1 C2) When the first RTT measurement R is made, set
336 * SRTT <- R, RTTVAR <- R/2. 339 * SRTT <- R, RTTVAR <- R/2.
diff --git a/net/sctp/ulpqueue.c b/net/sctp/ulpqueue.c
index f5a6a4f4faf7..360d8697b95c 100644
--- a/net/sctp/ulpqueue.c
+++ b/net/sctp/ulpqueue.c
@@ -326,7 +326,9 @@ static void sctp_ulpq_store_reasm(struct sctp_ulpq *ulpq,
326 * payload was fragmented on the way and ip had to reassemble them. 326 * payload was fragmented on the way and ip had to reassemble them.
327 * We add the rest of skb's to the first skb's fraglist. 327 * We add the rest of skb's to the first skb's fraglist.
328 */ 328 */
329static struct sctp_ulpevent *sctp_make_reassembled_event(struct sk_buff_head *queue, struct sk_buff *f_frag, struct sk_buff *l_frag) 329static struct sctp_ulpevent *sctp_make_reassembled_event(struct net *net,
330 struct sk_buff_head *queue, struct sk_buff *f_frag,
331 struct sk_buff *l_frag)
330{ 332{
331 struct sk_buff *pos; 333 struct sk_buff *pos;
332 struct sk_buff *new = NULL; 334 struct sk_buff *new = NULL;
@@ -394,7 +396,7 @@ static struct sctp_ulpevent *sctp_make_reassembled_event(struct sk_buff_head *qu
394 } 396 }
395 397
396 event = sctp_skb2event(f_frag); 398 event = sctp_skb2event(f_frag);
397 SCTP_INC_STATS(SCTP_MIB_REASMUSRMSGS); 399 SCTP_INC_STATS(net, SCTP_MIB_REASMUSRMSGS);
398 400
399 return event; 401 return event;
400} 402}
@@ -493,7 +495,8 @@ static struct sctp_ulpevent *sctp_ulpq_retrieve_reassembled(struct sctp_ulpq *ul
493 cevent = sctp_skb2event(pd_first); 495 cevent = sctp_skb2event(pd_first);
494 pd_point = sctp_sk(asoc->base.sk)->pd_point; 496 pd_point = sctp_sk(asoc->base.sk)->pd_point;
495 if (pd_point && pd_point <= pd_len) { 497 if (pd_point && pd_point <= pd_len) {
496 retval = sctp_make_reassembled_event(&ulpq->reasm, 498 retval = sctp_make_reassembled_event(sock_net(asoc->base.sk),
499 &ulpq->reasm,
497 pd_first, 500 pd_first,
498 pd_last); 501 pd_last);
499 if (retval) 502 if (retval)
@@ -503,7 +506,8 @@ static struct sctp_ulpevent *sctp_ulpq_retrieve_reassembled(struct sctp_ulpq *ul
503done: 506done:
504 return retval; 507 return retval;
505found: 508found:
506 retval = sctp_make_reassembled_event(&ulpq->reasm, first_frag, pos); 509 retval = sctp_make_reassembled_event(sock_net(ulpq->asoc->base.sk),
510 &ulpq->reasm, first_frag, pos);
507 if (retval) 511 if (retval)
508 retval->msg_flags |= MSG_EOR; 512 retval->msg_flags |= MSG_EOR;
509 goto done; 513 goto done;
@@ -563,7 +567,8 @@ static struct sctp_ulpevent *sctp_ulpq_retrieve_partial(struct sctp_ulpq *ulpq)
563 * further. 567 * further.
564 */ 568 */
565done: 569done:
566 retval = sctp_make_reassembled_event(&ulpq->reasm, first_frag, last_frag); 570 retval = sctp_make_reassembled_event(sock_net(ulpq->asoc->base.sk),
571 &ulpq->reasm, first_frag, last_frag);
567 if (retval && is_last) 572 if (retval && is_last)
568 retval->msg_flags |= MSG_EOR; 573 retval->msg_flags |= MSG_EOR;
569 574
@@ -655,7 +660,8 @@ static struct sctp_ulpevent *sctp_ulpq_retrieve_first(struct sctp_ulpq *ulpq)
655 * further. 660 * further.
656 */ 661 */
657done: 662done:
658 retval = sctp_make_reassembled_event(&ulpq->reasm, first_frag, last_frag); 663 retval = sctp_make_reassembled_event(sock_net(ulpq->asoc->base.sk),
664 &ulpq->reasm, first_frag, last_frag);
659 return retval; 665 return retval;
660} 666}
661 667
diff --git a/net/socket.c b/net/socket.c
index edc3c4af9085..80dc7e84b046 100644
--- a/net/socket.c
+++ b/net/socket.c
@@ -88,6 +88,7 @@
88#include <linux/nsproxy.h> 88#include <linux/nsproxy.h>
89#include <linux/magic.h> 89#include <linux/magic.h>
90#include <linux/slab.h> 90#include <linux/slab.h>
91#include <linux/xattr.h>
91 92
92#include <asm/uaccess.h> 93#include <asm/uaccess.h>
93#include <asm/unistd.h> 94#include <asm/unistd.h>
@@ -346,7 +347,8 @@ static struct file_system_type sock_fs_type = {
346 * but we take care of internal coherence yet. 347 * but we take care of internal coherence yet.
347 */ 348 */
348 349
349static int sock_alloc_file(struct socket *sock, struct file **f, int flags) 350static int sock_alloc_file(struct socket *sock, struct file **f, int flags,
351 const char *dname)
350{ 352{
351 struct qstr name = { .name = "" }; 353 struct qstr name = { .name = "" };
352 struct path path; 354 struct path path;
@@ -357,6 +359,13 @@ static int sock_alloc_file(struct socket *sock, struct file **f, int flags)
357 if (unlikely(fd < 0)) 359 if (unlikely(fd < 0))
358 return fd; 360 return fd;
359 361
362 if (dname) {
363 name.name = dname;
364 name.len = strlen(name.name);
365 } else if (sock->sk) {
366 name.name = sock->sk->sk_prot_creator->name;
367 name.len = strlen(name.name);
368 }
360 path.dentry = d_alloc_pseudo(sock_mnt->mnt_sb, &name); 369 path.dentry = d_alloc_pseudo(sock_mnt->mnt_sb, &name);
361 if (unlikely(!path.dentry)) { 370 if (unlikely(!path.dentry)) {
362 put_unused_fd(fd); 371 put_unused_fd(fd);
@@ -389,7 +398,7 @@ static int sock_alloc_file(struct socket *sock, struct file **f, int flags)
389int sock_map_fd(struct socket *sock, int flags) 398int sock_map_fd(struct socket *sock, int flags)
390{ 399{
391 struct file *newfile; 400 struct file *newfile;
392 int fd = sock_alloc_file(sock, &newfile, flags); 401 int fd = sock_alloc_file(sock, &newfile, flags, NULL);
393 402
394 if (likely(fd >= 0)) 403 if (likely(fd >= 0))
395 fd_install(fd, newfile); 404 fd_install(fd, newfile);
@@ -455,6 +464,68 @@ static struct socket *sockfd_lookup_light(int fd, int *err, int *fput_needed)
455 return NULL; 464 return NULL;
456} 465}
457 466
467#define XATTR_SOCKPROTONAME_SUFFIX "sockprotoname"
468#define XATTR_NAME_SOCKPROTONAME (XATTR_SYSTEM_PREFIX XATTR_SOCKPROTONAME_SUFFIX)
469#define XATTR_NAME_SOCKPROTONAME_LEN (sizeof(XATTR_NAME_SOCKPROTONAME)-1)
470static ssize_t sockfs_getxattr(struct dentry *dentry,
471 const char *name, void *value, size_t size)
472{
473 const char *proto_name;
474 size_t proto_size;
475 int error;
476
477 error = -ENODATA;
478 if (!strncmp(name, XATTR_NAME_SOCKPROTONAME, XATTR_NAME_SOCKPROTONAME_LEN)) {
479 proto_name = dentry->d_name.name;
480 proto_size = strlen(proto_name);
481
482 if (value) {
483 error = -ERANGE;
484 if (proto_size + 1 > size)
485 goto out;
486
487 strncpy(value, proto_name, proto_size + 1);
488 }
489 error = proto_size + 1;
490 }
491
492out:
493 return error;
494}
495
496static ssize_t sockfs_listxattr(struct dentry *dentry, char *buffer,
497 size_t size)
498{
499 ssize_t len;
500 ssize_t used = 0;
501
502 len = security_inode_listsecurity(dentry->d_inode, buffer, size);
503 if (len < 0)
504 return len;
505 used += len;
506 if (buffer) {
507 if (size < used)
508 return -ERANGE;
509 buffer += len;
510 }
511
512 len = (XATTR_NAME_SOCKPROTONAME_LEN + 1);
513 used += len;
514 if (buffer) {
515 if (size < used)
516 return -ERANGE;
517 memcpy(buffer, XATTR_NAME_SOCKPROTONAME, len);
518 buffer += len;
519 }
520
521 return used;
522}
523
524static const struct inode_operations sockfs_inode_ops = {
525 .getxattr = sockfs_getxattr,
526 .listxattr = sockfs_listxattr,
527};
528
458/** 529/**
459 * sock_alloc - allocate a socket 530 * sock_alloc - allocate a socket
460 * 531 *
@@ -479,6 +550,7 @@ static struct socket *sock_alloc(void)
479 inode->i_mode = S_IFSOCK | S_IRWXUGO; 550 inode->i_mode = S_IFSOCK | S_IRWXUGO;
480 inode->i_uid = current_fsuid(); 551 inode->i_uid = current_fsuid();
481 inode->i_gid = current_fsgid(); 552 inode->i_gid = current_fsgid();
553 inode->i_op = &sockfs_inode_ops;
482 554
483 this_cpu_add(sockets_in_use, 1); 555 this_cpu_add(sockets_in_use, 1);
484 return sock; 556 return sock;
@@ -1394,13 +1466,13 @@ SYSCALL_DEFINE4(socketpair, int, family, int, type, int, protocol,
1394 if (err < 0) 1466 if (err < 0)
1395 goto out_release_both; 1467 goto out_release_both;
1396 1468
1397 fd1 = sock_alloc_file(sock1, &newfile1, flags); 1469 fd1 = sock_alloc_file(sock1, &newfile1, flags, NULL);
1398 if (unlikely(fd1 < 0)) { 1470 if (unlikely(fd1 < 0)) {
1399 err = fd1; 1471 err = fd1;
1400 goto out_release_both; 1472 goto out_release_both;
1401 } 1473 }
1402 1474
1403 fd2 = sock_alloc_file(sock2, &newfile2, flags); 1475 fd2 = sock_alloc_file(sock2, &newfile2, flags, NULL);
1404 if (unlikely(fd2 < 0)) { 1476 if (unlikely(fd2 < 0)) {
1405 err = fd2; 1477 err = fd2;
1406 fput(newfile1); 1478 fput(newfile1);
@@ -1536,7 +1608,8 @@ SYSCALL_DEFINE4(accept4, int, fd, struct sockaddr __user *, upeer_sockaddr,
1536 */ 1608 */
1537 __module_get(newsock->ops->owner); 1609 __module_get(newsock->ops->owner);
1538 1610
1539 newfd = sock_alloc_file(newsock, &newfile, flags); 1611 newfd = sock_alloc_file(newsock, &newfile, flags,
1612 sock->sk->sk_prot_creator->name);
1540 if (unlikely(newfd < 0)) { 1613 if (unlikely(newfd < 0)) {
1541 err = newfd; 1614 err = newfd;
1542 sock_release(newsock); 1615 sock_release(newsock);
@@ -2528,12 +2601,6 @@ static int __init sock_init(void)
2528 goto out; 2601 goto out;
2529 2602
2530 /* 2603 /*
2531 * Initialize sock SLAB cache.
2532 */
2533
2534 sk_init();
2535
2536 /*
2537 * Initialize skbuff SLAB cache 2604 * Initialize skbuff SLAB cache
2538 */ 2605 */
2539 skb_init(); 2606 skb_init();
diff --git a/net/tipc/bearer.c b/net/tipc/bearer.c
index 09e71241265d..4ec5c80e8a7c 100644
--- a/net/tipc/bearer.c
+++ b/net/tipc/bearer.c
@@ -49,21 +49,6 @@ struct tipc_bearer tipc_bearers[MAX_BEARERS];
49static void bearer_disable(struct tipc_bearer *b_ptr); 49static void bearer_disable(struct tipc_bearer *b_ptr);
50 50
51/** 51/**
52 * media_name_valid - validate media name
53 *
54 * Returns 1 if media name is valid, otherwise 0.
55 */
56static int media_name_valid(const char *name)
57{
58 u32 len;
59
60 len = strlen(name);
61 if ((len + 1) > TIPC_MAX_MEDIA_NAME)
62 return 0;
63 return strspn(name, tipc_alphabet) == len;
64}
65
66/**
67 * tipc_media_find - locates specified media object by name 52 * tipc_media_find - locates specified media object by name
68 */ 53 */
69struct tipc_media *tipc_media_find(const char *name) 54struct tipc_media *tipc_media_find(const char *name)
@@ -102,7 +87,7 @@ int tipc_register_media(struct tipc_media *m_ptr)
102 87
103 write_lock_bh(&tipc_net_lock); 88 write_lock_bh(&tipc_net_lock);
104 89
105 if (!media_name_valid(m_ptr->name)) 90 if ((strlen(m_ptr->name) + 1) > TIPC_MAX_MEDIA_NAME)
106 goto exit; 91 goto exit;
107 if ((m_ptr->bcast_addr.media_id != m_ptr->type_id) || 92 if ((m_ptr->bcast_addr.media_id != m_ptr->type_id) ||
108 !m_ptr->bcast_addr.broadcast) 93 !m_ptr->bcast_addr.broadcast)
@@ -206,9 +191,7 @@ static int bearer_name_validate(const char *name,
206 191
207 /* validate component parts of bearer name */ 192 /* validate component parts of bearer name */
208 if ((media_len <= 1) || (media_len > TIPC_MAX_MEDIA_NAME) || 193 if ((media_len <= 1) || (media_len > TIPC_MAX_MEDIA_NAME) ||
209 (if_len <= 1) || (if_len > TIPC_MAX_IF_NAME) || 194 (if_len <= 1) || (if_len > TIPC_MAX_IF_NAME))
210 (strspn(media_name, tipc_alphabet) != (media_len - 1)) ||
211 (strspn(if_name, tipc_alphabet) != (if_len - 1)))
212 return 0; 195 return 0;
213 196
214 /* return bearer name components, if necessary */ 197 /* return bearer name components, if necessary */
diff --git a/net/tipc/config.c b/net/tipc/config.c
index a056a3852f71..f67866c765dd 100644
--- a/net/tipc/config.c
+++ b/net/tipc/config.c
@@ -2,7 +2,7 @@
2 * net/tipc/config.c: TIPC configuration management code 2 * net/tipc/config.c: TIPC configuration management code
3 * 3 *
4 * Copyright (c) 2002-2006, Ericsson AB 4 * Copyright (c) 2002-2006, Ericsson AB
5 * Copyright (c) 2004-2007, 2010-2011, Wind River Systems 5 * Copyright (c) 2004-2007, 2010-2012, Wind River Systems
6 * All rights reserved. 6 * All rights reserved.
7 * 7 *
8 * Redistribution and use in source and binary forms, with or without 8 * Redistribution and use in source and binary forms, with or without
@@ -208,36 +208,6 @@ static struct sk_buff *cfg_set_remote_mng(void)
208 return tipc_cfg_reply_none(); 208 return tipc_cfg_reply_none();
209} 209}
210 210
211static struct sk_buff *cfg_set_max_publications(void)
212{
213 u32 value;
214
215 if (!TLV_CHECK(req_tlv_area, req_tlv_space, TIPC_TLV_UNSIGNED))
216 return tipc_cfg_reply_error_string(TIPC_CFG_TLV_ERROR);
217
218 value = ntohl(*(__be32 *)TLV_DATA(req_tlv_area));
219 if (value < 1 || value > 65535)
220 return tipc_cfg_reply_error_string(TIPC_CFG_INVALID_VALUE
221 " (max publications must be 1-65535)");
222 tipc_max_publications = value;
223 return tipc_cfg_reply_none();
224}
225
226static struct sk_buff *cfg_set_max_subscriptions(void)
227{
228 u32 value;
229
230 if (!TLV_CHECK(req_tlv_area, req_tlv_space, TIPC_TLV_UNSIGNED))
231 return tipc_cfg_reply_error_string(TIPC_CFG_TLV_ERROR);
232
233 value = ntohl(*(__be32 *)TLV_DATA(req_tlv_area));
234 if (value < 1 || value > 65535)
235 return tipc_cfg_reply_error_string(TIPC_CFG_INVALID_VALUE
236 " (max subscriptions must be 1-65535");
237 tipc_max_subscriptions = value;
238 return tipc_cfg_reply_none();
239}
240
241static struct sk_buff *cfg_set_max_ports(void) 211static struct sk_buff *cfg_set_max_ports(void)
242{ 212{
243 u32 value; 213 u32 value;
@@ -357,12 +327,6 @@ struct sk_buff *tipc_cfg_do_cmd(u32 orig_node, u16 cmd, const void *request_area
357 case TIPC_CMD_SET_MAX_PORTS: 327 case TIPC_CMD_SET_MAX_PORTS:
358 rep_tlv_buf = cfg_set_max_ports(); 328 rep_tlv_buf = cfg_set_max_ports();
359 break; 329 break;
360 case TIPC_CMD_SET_MAX_PUBL:
361 rep_tlv_buf = cfg_set_max_publications();
362 break;
363 case TIPC_CMD_SET_MAX_SUBSCR:
364 rep_tlv_buf = cfg_set_max_subscriptions();
365 break;
366 case TIPC_CMD_SET_NETID: 330 case TIPC_CMD_SET_NETID:
367 rep_tlv_buf = cfg_set_netid(); 331 rep_tlv_buf = cfg_set_netid();
368 break; 332 break;
@@ -372,12 +336,6 @@ struct sk_buff *tipc_cfg_do_cmd(u32 orig_node, u16 cmd, const void *request_area
372 case TIPC_CMD_GET_MAX_PORTS: 336 case TIPC_CMD_GET_MAX_PORTS:
373 rep_tlv_buf = tipc_cfg_reply_unsigned(tipc_max_ports); 337 rep_tlv_buf = tipc_cfg_reply_unsigned(tipc_max_ports);
374 break; 338 break;
375 case TIPC_CMD_GET_MAX_PUBL:
376 rep_tlv_buf = tipc_cfg_reply_unsigned(tipc_max_publications);
377 break;
378 case TIPC_CMD_GET_MAX_SUBSCR:
379 rep_tlv_buf = tipc_cfg_reply_unsigned(tipc_max_subscriptions);
380 break;
381 case TIPC_CMD_GET_NETID: 339 case TIPC_CMD_GET_NETID:
382 rep_tlv_buf = tipc_cfg_reply_unsigned(tipc_net_id); 340 rep_tlv_buf = tipc_cfg_reply_unsigned(tipc_net_id);
383 break; 341 break;
@@ -393,6 +351,10 @@ struct sk_buff *tipc_cfg_do_cmd(u32 orig_node, u16 cmd, const void *request_area
393 case TIPC_CMD_GET_MAX_CLUSTERS: 351 case TIPC_CMD_GET_MAX_CLUSTERS:
394 case TIPC_CMD_SET_MAX_NODES: 352 case TIPC_CMD_SET_MAX_NODES:
395 case TIPC_CMD_GET_MAX_NODES: 353 case TIPC_CMD_GET_MAX_NODES:
354 case TIPC_CMD_SET_MAX_SUBSCR:
355 case TIPC_CMD_GET_MAX_SUBSCR:
356 case TIPC_CMD_SET_MAX_PUBL:
357 case TIPC_CMD_GET_MAX_PUBL:
396 case TIPC_CMD_SET_LOG_SIZE: 358 case TIPC_CMD_SET_LOG_SIZE:
397 case TIPC_CMD_DUMP_LOG: 359 case TIPC_CMD_DUMP_LOG:
398 rep_tlv_buf = tipc_cfg_reply_error_string(TIPC_CFG_NOT_SUPPORTED 360 rep_tlv_buf = tipc_cfg_reply_error_string(TIPC_CFG_NOT_SUPPORTED
diff --git a/net/tipc/core.c b/net/tipc/core.c
index 6586eac6a50e..bfe8af88469a 100644
--- a/net/tipc/core.c
+++ b/net/tipc/core.c
@@ -48,18 +48,13 @@
48 48
49 49
50/* global variables used by multiple sub-systems within TIPC */ 50/* global variables used by multiple sub-systems within TIPC */
51int tipc_random; 51int tipc_random __read_mostly;
52
53const char tipc_alphabet[] =
54 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_.";
55 52
56/* configurable TIPC parameters */ 53/* configurable TIPC parameters */
57u32 tipc_own_addr; 54u32 tipc_own_addr __read_mostly;
58int tipc_max_ports; 55int tipc_max_ports __read_mostly;
59int tipc_max_subscriptions; 56int tipc_net_id __read_mostly;
60int tipc_max_publications; 57int tipc_remote_management __read_mostly;
61int tipc_net_id;
62int tipc_remote_management;
63 58
64 59
65/** 60/**
@@ -101,9 +96,8 @@ int tipc_core_start_net(unsigned long addr)
101{ 96{
102 int res; 97 int res;
103 98
104 res = tipc_net_start(addr); 99 tipc_net_start(addr);
105 if (!res) 100 res = tipc_eth_media_start();
106 res = tipc_eth_media_start();
107 if (res) 101 if (res)
108 tipc_core_stop_net(); 102 tipc_core_stop_net();
109 return res; 103 return res;
@@ -160,8 +154,6 @@ static int __init tipc_init(void)
160 154
161 tipc_own_addr = 0; 155 tipc_own_addr = 0;
162 tipc_remote_management = 1; 156 tipc_remote_management = 1;
163 tipc_max_publications = 10000;
164 tipc_max_subscriptions = 2000;
165 tipc_max_ports = CONFIG_TIPC_PORTS; 157 tipc_max_ports = CONFIG_TIPC_PORTS;
166 tipc_net_id = 4711; 158 tipc_net_id = 4711;
167 159
diff --git a/net/tipc/core.h b/net/tipc/core.h
index fd42e106c185..0207db04179a 100644
--- a/net/tipc/core.h
+++ b/net/tipc/core.h
@@ -60,7 +60,9 @@
60 60
61#define TIPC_MOD_VER "2.0.0" 61#define TIPC_MOD_VER "2.0.0"
62 62
63#define ULTRA_STRING_MAX_LEN 32768 63#define ULTRA_STRING_MAX_LEN 32768
64#define TIPC_MAX_SUBSCRIPTIONS 65535
65#define TIPC_MAX_PUBLICATIONS 65535
64 66
65struct tipc_msg; /* msg.h */ 67struct tipc_msg; /* msg.h */
66 68
@@ -74,19 +76,15 @@ int tipc_snprintf(char *buf, int len, const char *fmt, ...);
74/* 76/*
75 * Global configuration variables 77 * Global configuration variables
76 */ 78 */
77extern u32 tipc_own_addr; 79extern u32 tipc_own_addr __read_mostly;
78extern int tipc_max_ports; 80extern int tipc_max_ports __read_mostly;
79extern int tipc_max_subscriptions; 81extern int tipc_net_id __read_mostly;
80extern int tipc_max_publications; 82extern int tipc_remote_management __read_mostly;
81extern int tipc_net_id;
82extern int tipc_remote_management;
83 83
84/* 84/*
85 * Other global variables 85 * Other global variables
86 */ 86 */
87extern int tipc_random; 87extern int tipc_random __read_mostly;
88extern const char tipc_alphabet[];
89
90 88
91/* 89/*
92 * Routines available to privileged subsystems 90 * Routines available to privileged subsystems
diff --git a/net/tipc/eth_media.c b/net/tipc/eth_media.c
index 90ac9bfa7abb..2132c1ef2951 100644
--- a/net/tipc/eth_media.c
+++ b/net/tipc/eth_media.c
@@ -46,19 +46,30 @@
46 * @bearer: ptr to associated "generic" bearer structure 46 * @bearer: ptr to associated "generic" bearer structure
47 * @dev: ptr to associated Ethernet network device 47 * @dev: ptr to associated Ethernet network device
48 * @tipc_packet_type: used in binding TIPC to Ethernet driver 48 * @tipc_packet_type: used in binding TIPC to Ethernet driver
49 * @setup: work item used when enabling bearer
49 * @cleanup: work item used when disabling bearer 50 * @cleanup: work item used when disabling bearer
50 */ 51 */
51struct eth_bearer { 52struct eth_bearer {
52 struct tipc_bearer *bearer; 53 struct tipc_bearer *bearer;
53 struct net_device *dev; 54 struct net_device *dev;
54 struct packet_type tipc_packet_type; 55 struct packet_type tipc_packet_type;
56 struct work_struct setup;
55 struct work_struct cleanup; 57 struct work_struct cleanup;
56}; 58};
57 59
58static struct tipc_media eth_media_info; 60static struct tipc_media eth_media_info;
59static struct eth_bearer eth_bearers[MAX_ETH_BEARERS]; 61static struct eth_bearer eth_bearers[MAX_ETH_BEARERS];
60static int eth_started; 62static int eth_started;
61static struct notifier_block notifier; 63
64static int recv_notification(struct notifier_block *nb, unsigned long evt,
65 void *dv);
66/*
67 * Network device notifier info
68 */
69static struct notifier_block notifier = {
70 .notifier_call = recv_notification,
71 .priority = 0
72};
62 73
63/** 74/**
64 * eth_media_addr_set - initialize Ethernet media address structure 75 * eth_media_addr_set - initialize Ethernet media address structure
@@ -134,6 +145,17 @@ static int recv_msg(struct sk_buff *buf, struct net_device *dev,
134} 145}
135 146
136/** 147/**
148 * setup_bearer - setup association between Ethernet bearer and interface
149 */
150static void setup_bearer(struct work_struct *work)
151{
152 struct eth_bearer *eb_ptr =
153 container_of(work, struct eth_bearer, setup);
154
155 dev_add_pack(&eb_ptr->tipc_packet_type);
156}
157
158/**
137 * enable_bearer - attach TIPC bearer to an Ethernet interface 159 * enable_bearer - attach TIPC bearer to an Ethernet interface
138 */ 160 */
139static int enable_bearer(struct tipc_bearer *tb_ptr) 161static int enable_bearer(struct tipc_bearer *tb_ptr)
@@ -173,7 +195,8 @@ static int enable_bearer(struct tipc_bearer *tb_ptr)
173 eb_ptr->tipc_packet_type.func = recv_msg; 195 eb_ptr->tipc_packet_type.func = recv_msg;
174 eb_ptr->tipc_packet_type.af_packet_priv = eb_ptr; 196 eb_ptr->tipc_packet_type.af_packet_priv = eb_ptr;
175 INIT_LIST_HEAD(&(eb_ptr->tipc_packet_type.list)); 197 INIT_LIST_HEAD(&(eb_ptr->tipc_packet_type.list));
176 dev_add_pack(&eb_ptr->tipc_packet_type); 198 INIT_WORK(&eb_ptr->setup, setup_bearer);
199 schedule_work(&eb_ptr->setup);
177 200
178 /* Associate TIPC bearer with Ethernet bearer */ 201 /* Associate TIPC bearer with Ethernet bearer */
179 eb_ptr->bearer = tb_ptr; 202 eb_ptr->bearer = tb_ptr;
@@ -357,8 +380,6 @@ int tipc_eth_media_start(void)
357 if (res) 380 if (res)
358 return res; 381 return res;
359 382
360 notifier.notifier_call = &recv_notification;
361 notifier.priority = 0;
362 res = register_netdevice_notifier(&notifier); 383 res = register_netdevice_notifier(&notifier);
363 if (!res) 384 if (!res)
364 eth_started = 1; 385 eth_started = 1;
diff --git a/net/tipc/handler.c b/net/tipc/handler.c
index 7a52d3922f3c..111ff8300ae5 100644
--- a/net/tipc/handler.c
+++ b/net/tipc/handler.c
@@ -45,7 +45,7 @@ struct queue_item {
45static struct kmem_cache *tipc_queue_item_cache; 45static struct kmem_cache *tipc_queue_item_cache;
46static struct list_head signal_queue_head; 46static struct list_head signal_queue_head;
47static DEFINE_SPINLOCK(qitem_lock); 47static DEFINE_SPINLOCK(qitem_lock);
48static int handler_enabled; 48static int handler_enabled __read_mostly;
49 49
50static void process_signal_queue(unsigned long dummy); 50static void process_signal_queue(unsigned long dummy);
51 51
diff --git a/net/tipc/link.c b/net/tipc/link.c
index 1c1e6151875e..a79c755cb417 100644
--- a/net/tipc/link.c
+++ b/net/tipc/link.c
@@ -210,9 +210,7 @@ static int link_name_validate(const char *name,
210 (z_local > 255) || (c_local > 4095) || (n_local > 4095) || 210 (z_local > 255) || (c_local > 4095) || (n_local > 4095) ||
211 (z_peer > 255) || (c_peer > 4095) || (n_peer > 4095) || 211 (z_peer > 255) || (c_peer > 4095) || (n_peer > 4095) ||
212 (if_local_len <= 1) || (if_local_len > TIPC_MAX_IF_NAME) || 212 (if_local_len <= 1) || (if_local_len > TIPC_MAX_IF_NAME) ||
213 (if_peer_len <= 1) || (if_peer_len > TIPC_MAX_IF_NAME) || 213 (if_peer_len <= 1) || (if_peer_len > TIPC_MAX_IF_NAME))
214 (strspn(if_local, tipc_alphabet) != (if_local_len - 1)) ||
215 (strspn(if_peer, tipc_alphabet) != (if_peer_len - 1)))
216 return 0; 214 return 0;
217 215
218 /* return link name components, if necessary */ 216 /* return link name components, if necessary */
diff --git a/net/tipc/name_table.c b/net/tipc/name_table.c
index 360c478b0b53..46754779fd3d 100644
--- a/net/tipc/name_table.c
+++ b/net/tipc/name_table.c
@@ -41,7 +41,7 @@
41#include "subscr.h" 41#include "subscr.h"
42#include "port.h" 42#include "port.h"
43 43
44static int tipc_nametbl_size = 1024; /* must be a power of 2 */ 44#define TIPC_NAMETBL_SIZE 1024 /* must be a power of 2 */
45 45
46/** 46/**
47 * struct name_info - name sequence publication info 47 * struct name_info - name sequence publication info
@@ -114,7 +114,7 @@ DEFINE_RWLOCK(tipc_nametbl_lock);
114 114
115static int hash(int x) 115static int hash(int x)
116{ 116{
117 return x & (tipc_nametbl_size - 1); 117 return x & (TIPC_NAMETBL_SIZE - 1);
118} 118}
119 119
120/** 120/**
@@ -667,9 +667,9 @@ struct publication *tipc_nametbl_publish(u32 type, u32 lower, u32 upper,
667{ 667{
668 struct publication *publ; 668 struct publication *publ;
669 669
670 if (table.local_publ_count >= tipc_max_publications) { 670 if (table.local_publ_count >= TIPC_MAX_PUBLICATIONS) {
671 pr_warn("Publication failed, local publication limit reached (%u)\n", 671 pr_warn("Publication failed, local publication limit reached (%u)\n",
672 tipc_max_publications); 672 TIPC_MAX_PUBLICATIONS);
673 return NULL; 673 return NULL;
674 } 674 }
675 675
@@ -783,7 +783,7 @@ static int subseq_list(struct sub_seq *sseq, char *buf, int len, u32 depth,
783 if (!list_is_last(&publ->zone_list, &info->zone_list)) 783 if (!list_is_last(&publ->zone_list, &info->zone_list))
784 ret += tipc_snprintf(buf + ret, len - ret, 784 ret += tipc_snprintf(buf + ret, len - ret,
785 "\n%33s", " "); 785 "\n%33s", " ");
786 }; 786 }
787 787
788 ret += tipc_snprintf(buf + ret, len - ret, "\n"); 788 ret += tipc_snprintf(buf + ret, len - ret, "\n");
789 return ret; 789 return ret;
@@ -871,7 +871,7 @@ static int nametbl_list(char *buf, int len, u32 depth_info,
871 ret += nametbl_header(buf, len, depth); 871 ret += nametbl_header(buf, len, depth);
872 lowbound = 0; 872 lowbound = 0;
873 upbound = ~0; 873 upbound = ~0;
874 for (i = 0; i < tipc_nametbl_size; i++) { 874 for (i = 0; i < TIPC_NAMETBL_SIZE; i++) {
875 seq_head = &table.types[i]; 875 seq_head = &table.types[i];
876 hlist_for_each_entry(seq, seq_node, seq_head, ns_list) { 876 hlist_for_each_entry(seq, seq_node, seq_head, ns_list) {
877 ret += nameseq_list(seq, buf + ret, len - ret, 877 ret += nameseq_list(seq, buf + ret, len - ret,
@@ -935,7 +935,7 @@ struct sk_buff *tipc_nametbl_get(const void *req_tlv_area, int req_tlv_space)
935 935
936int tipc_nametbl_init(void) 936int tipc_nametbl_init(void)
937{ 937{
938 table.types = kcalloc(tipc_nametbl_size, sizeof(struct hlist_head), 938 table.types = kcalloc(TIPC_NAMETBL_SIZE, sizeof(struct hlist_head),
939 GFP_ATOMIC); 939 GFP_ATOMIC);
940 if (!table.types) 940 if (!table.types)
941 return -ENOMEM; 941 return -ENOMEM;
@@ -953,7 +953,7 @@ void tipc_nametbl_stop(void)
953 953
954 /* Verify name table is empty, then release it */ 954 /* Verify name table is empty, then release it */
955 write_lock_bh(&tipc_nametbl_lock); 955 write_lock_bh(&tipc_nametbl_lock);
956 for (i = 0; i < tipc_nametbl_size; i++) { 956 for (i = 0; i < TIPC_NAMETBL_SIZE; i++) {
957 if (hlist_empty(&table.types[i])) 957 if (hlist_empty(&table.types[i]))
958 continue; 958 continue;
959 pr_err("nametbl_stop(): orphaned hash chain detected\n"); 959 pr_err("nametbl_stop(): orphaned hash chain detected\n");
diff --git a/net/tipc/net.c b/net/tipc/net.c
index 5b5cea259caf..7d305ecc09c2 100644
--- a/net/tipc/net.c
+++ b/net/tipc/net.c
@@ -171,7 +171,7 @@ void tipc_net_route_msg(struct sk_buff *buf)
171 tipc_link_send(buf, dnode, msg_link_selector(msg)); 171 tipc_link_send(buf, dnode, msg_link_selector(msg));
172} 172}
173 173
174int tipc_net_start(u32 addr) 174void tipc_net_start(u32 addr)
175{ 175{
176 char addr_string[16]; 176 char addr_string[16];
177 177
@@ -187,7 +187,6 @@ int tipc_net_start(u32 addr)
187 pr_info("Started in network mode\n"); 187 pr_info("Started in network mode\n");
188 pr_info("Own node address %s, network identity %u\n", 188 pr_info("Own node address %s, network identity %u\n",
189 tipc_addr_string_fill(addr_string, tipc_own_addr), tipc_net_id); 189 tipc_addr_string_fill(addr_string, tipc_own_addr), tipc_net_id);
190 return 0;
191} 190}
192 191
193void tipc_net_stop(void) 192void tipc_net_stop(void)
diff --git a/net/tipc/net.h b/net/tipc/net.h
index 9eb4b9e220eb..079daadb3f72 100644
--- a/net/tipc/net.h
+++ b/net/tipc/net.h
@@ -41,7 +41,7 @@ extern rwlock_t tipc_net_lock;
41 41
42void tipc_net_route_msg(struct sk_buff *buf); 42void tipc_net_route_msg(struct sk_buff *buf);
43 43
44int tipc_net_start(u32 addr); 44void tipc_net_start(u32 addr);
45void tipc_net_stop(void); 45void tipc_net_stop(void);
46 46
47#endif 47#endif
diff --git a/net/tipc/netlink.c b/net/tipc/netlink.c
index 47a839df27dc..6675914dc592 100644
--- a/net/tipc/netlink.c
+++ b/net/tipc/netlink.c
@@ -62,7 +62,7 @@ static int handle_cmd(struct sk_buff *skb, struct genl_info *info)
62 rep_nlh = nlmsg_hdr(rep_buf); 62 rep_nlh = nlmsg_hdr(rep_buf);
63 memcpy(rep_nlh, req_nlh, hdr_space); 63 memcpy(rep_nlh, req_nlh, hdr_space);
64 rep_nlh->nlmsg_len = rep_buf->len; 64 rep_nlh->nlmsg_len = rep_buf->len;
65 genlmsg_unicast(&init_net, rep_buf, NETLINK_CB(skb).pid); 65 genlmsg_unicast(&init_net, rep_buf, NETLINK_CB(skb).portid);
66 } 66 }
67 67
68 return 0; 68 return 0;
diff --git a/net/tipc/subscr.c b/net/tipc/subscr.c
index 5ed5965eb0be..0f7d0d007e22 100644
--- a/net/tipc/subscr.c
+++ b/net/tipc/subscr.c
@@ -304,9 +304,9 @@ static struct tipc_subscription *subscr_subscribe(struct tipc_subscr *s,
304 } 304 }
305 305
306 /* Refuse subscription if global limit exceeded */ 306 /* Refuse subscription if global limit exceeded */
307 if (atomic_read(&topsrv.subscription_count) >= tipc_max_subscriptions) { 307 if (atomic_read(&topsrv.subscription_count) >= TIPC_MAX_SUBSCRIPTIONS) {
308 pr_warn("Subscription rejected, limit reached (%u)\n", 308 pr_warn("Subscription rejected, limit reached (%u)\n",
309 tipc_max_subscriptions); 309 TIPC_MAX_SUBSCRIPTIONS);
310 subscr_terminate(subscriber); 310 subscr_terminate(subscriber);
311 return NULL; 311 return NULL;
312 } 312 }
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
index c5ee4ff61364..5b5c876c80e9 100644
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -441,7 +441,7 @@ static int unix_release_sock(struct sock *sk, int embrion)
441 /* ---- Socket is dead now and most probably destroyed ---- */ 441 /* ---- Socket is dead now and most probably destroyed ---- */
442 442
443 /* 443 /*
444 * Fixme: BSD difference: In BSD all sockets connected to use get 444 * Fixme: BSD difference: In BSD all sockets connected to us get
445 * ECONNRESET and we die on the spot. In Linux we behave 445 * ECONNRESET and we die on the spot. In Linux we behave
446 * like files and pipes do and wait for the last 446 * like files and pipes do and wait for the last
447 * dereference. 447 * dereference.
@@ -481,7 +481,6 @@ static int unix_listen(struct socket *sock, int backlog)
481 struct sock *sk = sock->sk; 481 struct sock *sk = sock->sk;
482 struct unix_sock *u = unix_sk(sk); 482 struct unix_sock *u = unix_sk(sk);
483 struct pid *old_pid = NULL; 483 struct pid *old_pid = NULL;
484 const struct cred *old_cred = NULL;
485 484
486 err = -EOPNOTSUPP; 485 err = -EOPNOTSUPP;
487 if (sock->type != SOCK_STREAM && sock->type != SOCK_SEQPACKET) 486 if (sock->type != SOCK_STREAM && sock->type != SOCK_SEQPACKET)
@@ -503,8 +502,6 @@ static int unix_listen(struct socket *sock, int backlog)
503out_unlock: 502out_unlock:
504 unix_state_unlock(sk); 503 unix_state_unlock(sk);
505 put_pid(old_pid); 504 put_pid(old_pid);
506 if (old_cred)
507 put_cred(old_cred);
508out: 505out:
509 return err; 506 return err;
510} 507}
@@ -2060,10 +2057,14 @@ static int unix_shutdown(struct socket *sock, int mode)
2060 struct sock *sk = sock->sk; 2057 struct sock *sk = sock->sk;
2061 struct sock *other; 2058 struct sock *other;
2062 2059
2063 mode = (mode+1)&(RCV_SHUTDOWN|SEND_SHUTDOWN); 2060 if (mode < SHUT_RD || mode > SHUT_RDWR)
2064 2061 return -EINVAL;
2065 if (!mode) 2062 /* This maps:
2066 return 0; 2063 * SHUT_RD (0) -> RCV_SHUTDOWN (1)
2064 * SHUT_WR (1) -> SEND_SHUTDOWN (2)
2065 * SHUT_RDWR (2) -> SHUTDOWN_MASK (3)
2066 */
2067 ++mode;
2067 2068
2068 unix_state_lock(sk); 2069 unix_state_lock(sk);
2069 sk->sk_shutdown |= mode; 2070 sk->sk_shutdown |= mode;
diff --git a/net/unix/diag.c b/net/unix/diag.c
index 750b13408449..06748f108a57 100644
--- a/net/unix/diag.c
+++ b/net/unix/diag.c
@@ -110,12 +110,12 @@ static int sk_diag_show_rqlen(struct sock *sk, struct sk_buff *nlskb)
110} 110}
111 111
112static int sk_diag_fill(struct sock *sk, struct sk_buff *skb, struct unix_diag_req *req, 112static int sk_diag_fill(struct sock *sk, struct sk_buff *skb, struct unix_diag_req *req,
113 u32 pid, u32 seq, u32 flags, int sk_ino) 113 u32 portid, u32 seq, u32 flags, int sk_ino)
114{ 114{
115 struct nlmsghdr *nlh; 115 struct nlmsghdr *nlh;
116 struct unix_diag_msg *rep; 116 struct unix_diag_msg *rep;
117 117
118 nlh = nlmsg_put(skb, pid, seq, SOCK_DIAG_BY_FAMILY, sizeof(*rep), 118 nlh = nlmsg_put(skb, portid, seq, SOCK_DIAG_BY_FAMILY, sizeof(*rep),
119 flags); 119 flags);
120 if (!nlh) 120 if (!nlh)
121 return -EMSGSIZE; 121 return -EMSGSIZE;
@@ -159,7 +159,7 @@ out_nlmsg_trim:
159} 159}
160 160
161static int sk_diag_dump(struct sock *sk, struct sk_buff *skb, struct unix_diag_req *req, 161static int sk_diag_dump(struct sock *sk, struct sk_buff *skb, struct unix_diag_req *req,
162 u32 pid, u32 seq, u32 flags) 162 u32 portid, u32 seq, u32 flags)
163{ 163{
164 int sk_ino; 164 int sk_ino;
165 165
@@ -170,7 +170,7 @@ static int sk_diag_dump(struct sock *sk, struct sk_buff *skb, struct unix_diag_r
170 if (!sk_ino) 170 if (!sk_ino)
171 return 0; 171 return 0;
172 172
173 return sk_diag_fill(sk, skb, req, pid, seq, flags, sk_ino); 173 return sk_diag_fill(sk, skb, req, portid, seq, flags, sk_ino);
174} 174}
175 175
176static int unix_diag_dump(struct sk_buff *skb, struct netlink_callback *cb) 176static int unix_diag_dump(struct sk_buff *skb, struct netlink_callback *cb)
@@ -200,7 +200,7 @@ static int unix_diag_dump(struct sk_buff *skb, struct netlink_callback *cb)
200 if (!(req->udiag_states & (1 << sk->sk_state))) 200 if (!(req->udiag_states & (1 << sk->sk_state)))
201 goto next; 201 goto next;
202 if (sk_diag_dump(sk, skb, req, 202 if (sk_diag_dump(sk, skb, req,
203 NETLINK_CB(cb->skb).pid, 203 NETLINK_CB(cb->skb).portid,
204 cb->nlh->nlmsg_seq, 204 cb->nlh->nlmsg_seq,
205 NLM_F_MULTI) < 0) 205 NLM_F_MULTI) < 0)
206 goto done; 206 goto done;
@@ -267,7 +267,7 @@ again:
267 if (!rep) 267 if (!rep)
268 goto out; 268 goto out;
269 269
270 err = sk_diag_fill(sk, rep, req, NETLINK_CB(in_skb).pid, 270 err = sk_diag_fill(sk, rep, req, NETLINK_CB(in_skb).portid,
271 nlh->nlmsg_seq, 0, req->udiag_ino); 271 nlh->nlmsg_seq, 0, req->udiag_ino);
272 if (err < 0) { 272 if (err < 0) {
273 nlmsg_free(rep); 273 nlmsg_free(rep);
@@ -277,7 +277,7 @@ again:
277 277
278 goto again; 278 goto again;
279 } 279 }
280 err = netlink_unicast(net->diag_nlsk, rep, NETLINK_CB(in_skb).pid, 280 err = netlink_unicast(net->diag_nlsk, rep, NETLINK_CB(in_skb).portid,
281 MSG_DONTWAIT); 281 MSG_DONTWAIT);
282 if (err > 0) 282 if (err > 0)
283 err = 0; 283 err = 0;
diff --git a/net/wireless/chan.c b/net/wireless/chan.c
index d355f67d0cdd..2f876b9ee344 100644
--- a/net/wireless/chan.c
+++ b/net/wireless/chan.c
@@ -105,7 +105,7 @@ cfg80211_get_chan_state(struct wireless_dev *wdev,
105 105
106 ASSERT_WDEV_LOCK(wdev); 106 ASSERT_WDEV_LOCK(wdev);
107 107
108 if (!netif_running(wdev->netdev)) 108 if (wdev->netdev && !netif_running(wdev->netdev))
109 return; 109 return;
110 110
111 switch (wdev->iftype) { 111 switch (wdev->iftype) {
@@ -143,6 +143,11 @@ cfg80211_get_chan_state(struct wireless_dev *wdev,
143 case NL80211_IFTYPE_WDS: 143 case NL80211_IFTYPE_WDS:
144 /* these interface types don't really have a channel */ 144 /* these interface types don't really have a channel */
145 return; 145 return;
146 case NL80211_IFTYPE_P2P_DEVICE:
147 if (wdev->wiphy->features &
148 NL80211_FEATURE_P2P_DEVICE_NEEDS_CHANNEL)
149 *chanmode = CHAN_MODE_EXCLUSIVE;
150 return;
146 case NL80211_IFTYPE_UNSPECIFIED: 151 case NL80211_IFTYPE_UNSPECIFIED:
147 case NUM_NL80211_IFTYPES: 152 case NUM_NL80211_IFTYPES:
148 WARN_ON(1); 153 WARN_ON(1);
diff --git a/net/wireless/core.c b/net/wireless/core.c
index dcd64d5b07aa..443d4d7deea2 100644
--- a/net/wireless/core.c
+++ b/net/wireless/core.c
@@ -230,9 +230,24 @@ static int cfg80211_rfkill_set_block(void *data, bool blocked)
230 rtnl_lock(); 230 rtnl_lock();
231 mutex_lock(&rdev->devlist_mtx); 231 mutex_lock(&rdev->devlist_mtx);
232 232
233 list_for_each_entry(wdev, &rdev->wdev_list, list) 233 list_for_each_entry(wdev, &rdev->wdev_list, list) {
234 if (wdev->netdev) 234 if (wdev->netdev) {
235 dev_close(wdev->netdev); 235 dev_close(wdev->netdev);
236 continue;
237 }
238 /* otherwise, check iftype */
239 switch (wdev->iftype) {
240 case NL80211_IFTYPE_P2P_DEVICE:
241 if (!wdev->p2p_started)
242 break;
243 rdev->ops->stop_p2p_device(&rdev->wiphy, wdev);
244 wdev->p2p_started = false;
245 rdev->opencount--;
246 break;
247 default:
248 break;
249 }
250 }
236 251
237 mutex_unlock(&rdev->devlist_mtx); 252 mutex_unlock(&rdev->devlist_mtx);
238 rtnl_unlock(); 253 rtnl_unlock();
@@ -407,6 +422,11 @@ static int wiphy_verify_combinations(struct wiphy *wiphy)
407 if (WARN_ON(wiphy->software_iftypes & types)) 422 if (WARN_ON(wiphy->software_iftypes & types))
408 return -EINVAL; 423 return -EINVAL;
409 424
425 /* Only a single P2P_DEVICE can be allowed */
426 if (WARN_ON(types & BIT(NL80211_IFTYPE_P2P_DEVICE) &&
427 c->limits[j].max > 1))
428 return -EINVAL;
429
410 cnt += c->limits[j].max; 430 cnt += c->limits[j].max;
411 /* 431 /*
412 * Don't advertise an unsupported type 432 * Don't advertise an unsupported type
@@ -734,6 +754,35 @@ static void wdev_cleanup_work(struct work_struct *work)
734 dev_put(wdev->netdev); 754 dev_put(wdev->netdev);
735} 755}
736 756
757void cfg80211_unregister_wdev(struct wireless_dev *wdev)
758{
759 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
760
761 ASSERT_RTNL();
762
763 if (WARN_ON(wdev->netdev))
764 return;
765
766 mutex_lock(&rdev->devlist_mtx);
767 list_del_rcu(&wdev->list);
768 rdev->devlist_generation++;
769
770 switch (wdev->iftype) {
771 case NL80211_IFTYPE_P2P_DEVICE:
772 if (!wdev->p2p_started)
773 break;
774 rdev->ops->stop_p2p_device(&rdev->wiphy, wdev);
775 wdev->p2p_started = false;
776 rdev->opencount--;
777 break;
778 default:
779 WARN_ON_ONCE(1);
780 break;
781 }
782 mutex_unlock(&rdev->devlist_mtx);
783}
784EXPORT_SYMBOL(cfg80211_unregister_wdev);
785
737static struct device_type wiphy_type = { 786static struct device_type wiphy_type = {
738 .name = "wlan", 787 .name = "wlan",
739}; 788};
diff --git a/net/wireless/core.h b/net/wireless/core.h
index bc7430b54771..a343be4a52bd 100644
--- a/net/wireless/core.h
+++ b/net/wireless/core.h
@@ -55,7 +55,7 @@ struct cfg80211_registered_device {
55 int opencount; /* also protected by devlist_mtx */ 55 int opencount; /* also protected by devlist_mtx */
56 wait_queue_head_t dev_wait; 56 wait_queue_head_t dev_wait;
57 57
58 u32 ap_beacons_nlpid; 58 u32 ap_beacons_nlportid;
59 59
60 /* protected by RTNL only */ 60 /* protected by RTNL only */
61 int num_running_ifaces; 61 int num_running_ifaces;
diff --git a/net/wireless/mlme.c b/net/wireless/mlme.c
index 1cdb1d5e6b0f..8016fee0752b 100644
--- a/net/wireless/mlme.c
+++ b/net/wireless/mlme.c
@@ -612,10 +612,21 @@ void cfg80211_del_sta(struct net_device *dev, const u8 *mac_addr, gfp_t gfp)
612} 612}
613EXPORT_SYMBOL(cfg80211_del_sta); 613EXPORT_SYMBOL(cfg80211_del_sta);
614 614
615void cfg80211_conn_failed(struct net_device *dev, const u8 *mac_addr,
616 enum nl80211_connect_failed_reason reason,
617 gfp_t gfp)
618{
619 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy;
620 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
621
622 nl80211_send_conn_failed_event(rdev, dev, mac_addr, reason, gfp);
623}
624EXPORT_SYMBOL(cfg80211_conn_failed);
625
615struct cfg80211_mgmt_registration { 626struct cfg80211_mgmt_registration {
616 struct list_head list; 627 struct list_head list;
617 628
618 u32 nlpid; 629 u32 nlportid;
619 630
620 int match_len; 631 int match_len;
621 632
@@ -624,7 +635,7 @@ struct cfg80211_mgmt_registration {
624 u8 match[]; 635 u8 match[];
625}; 636};
626 637
627int cfg80211_mlme_register_mgmt(struct wireless_dev *wdev, u32 snd_pid, 638int cfg80211_mlme_register_mgmt(struct wireless_dev *wdev, u32 snd_portid,
628 u16 frame_type, const u8 *match_data, 639 u16 frame_type, const u8 *match_data,
629 int match_len) 640 int match_len)
630{ 641{
@@ -672,7 +683,7 @@ int cfg80211_mlme_register_mgmt(struct wireless_dev *wdev, u32 snd_pid,
672 683
673 memcpy(nreg->match, match_data, match_len); 684 memcpy(nreg->match, match_data, match_len);
674 nreg->match_len = match_len; 685 nreg->match_len = match_len;
675 nreg->nlpid = snd_pid; 686 nreg->nlportid = snd_portid;
676 nreg->frame_type = cpu_to_le16(frame_type); 687 nreg->frame_type = cpu_to_le16(frame_type);
677 list_add(&nreg->list, &wdev->mgmt_registrations); 688 list_add(&nreg->list, &wdev->mgmt_registrations);
678 689
@@ -685,7 +696,7 @@ int cfg80211_mlme_register_mgmt(struct wireless_dev *wdev, u32 snd_pid,
685 return err; 696 return err;
686} 697}
687 698
688void cfg80211_mlme_unregister_socket(struct wireless_dev *wdev, u32 nlpid) 699void cfg80211_mlme_unregister_socket(struct wireless_dev *wdev, u32 nlportid)
689{ 700{
690 struct wiphy *wiphy = wdev->wiphy; 701 struct wiphy *wiphy = wdev->wiphy;
691 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 702 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
@@ -694,7 +705,7 @@ void cfg80211_mlme_unregister_socket(struct wireless_dev *wdev, u32 nlpid)
694 spin_lock_bh(&wdev->mgmt_registrations_lock); 705 spin_lock_bh(&wdev->mgmt_registrations_lock);
695 706
696 list_for_each_entry_safe(reg, tmp, &wdev->mgmt_registrations, list) { 707 list_for_each_entry_safe(reg, tmp, &wdev->mgmt_registrations, list) {
697 if (reg->nlpid != nlpid) 708 if (reg->nlportid != nlportid)
698 continue; 709 continue;
699 710
700 if (rdev->ops->mgmt_frame_register) { 711 if (rdev->ops->mgmt_frame_register) {
@@ -710,8 +721,8 @@ void cfg80211_mlme_unregister_socket(struct wireless_dev *wdev, u32 nlpid)
710 721
711 spin_unlock_bh(&wdev->mgmt_registrations_lock); 722 spin_unlock_bh(&wdev->mgmt_registrations_lock);
712 723
713 if (nlpid == wdev->ap_unexpected_nlpid) 724 if (nlportid == wdev->ap_unexpected_nlportid)
714 wdev->ap_unexpected_nlpid = 0; 725 wdev->ap_unexpected_nlportid = 0;
715} 726}
716 727
717void cfg80211_mlme_purge_registrations(struct wireless_dev *wdev) 728void cfg80211_mlme_purge_registrations(struct wireless_dev *wdev)
@@ -736,7 +747,6 @@ int cfg80211_mlme_mgmt_tx(struct cfg80211_registered_device *rdev,
736 const u8 *buf, size_t len, bool no_cck, 747 const u8 *buf, size_t len, bool no_cck,
737 bool dont_wait_for_ack, u64 *cookie) 748 bool dont_wait_for_ack, u64 *cookie)
738{ 749{
739 struct net_device *dev = wdev->netdev;
740 const struct ieee80211_mgmt *mgmt; 750 const struct ieee80211_mgmt *mgmt;
741 u16 stype; 751 u16 stype;
742 752
@@ -796,7 +806,7 @@ int cfg80211_mlme_mgmt_tx(struct cfg80211_registered_device *rdev,
796 case NL80211_IFTYPE_AP: 806 case NL80211_IFTYPE_AP:
797 case NL80211_IFTYPE_P2P_GO: 807 case NL80211_IFTYPE_P2P_GO:
798 case NL80211_IFTYPE_AP_VLAN: 808 case NL80211_IFTYPE_AP_VLAN:
799 if (!ether_addr_equal(mgmt->bssid, dev->dev_addr)) 809 if (!ether_addr_equal(mgmt->bssid, wdev_address(wdev)))
800 err = -EINVAL; 810 err = -EINVAL;
801 break; 811 break;
802 case NL80211_IFTYPE_MESH_POINT: 812 case NL80211_IFTYPE_MESH_POINT:
@@ -809,6 +819,11 @@ int cfg80211_mlme_mgmt_tx(struct cfg80211_registered_device *rdev,
809 * cfg80211 doesn't track the stations 819 * cfg80211 doesn't track the stations
810 */ 820 */
811 break; 821 break;
822 case NL80211_IFTYPE_P2P_DEVICE:
823 /*
824 * fall through, P2P device only supports
825 * public action frames
826 */
812 default: 827 default:
813 err = -EOPNOTSUPP; 828 err = -EOPNOTSUPP;
814 break; 829 break;
@@ -819,7 +834,7 @@ int cfg80211_mlme_mgmt_tx(struct cfg80211_registered_device *rdev,
819 return err; 834 return err;
820 } 835 }
821 836
822 if (!ether_addr_equal(mgmt->sa, dev->dev_addr)) 837 if (!ether_addr_equal(mgmt->sa, wdev_address(wdev)))
823 return -EINVAL; 838 return -EINVAL;
824 839
825 /* Transmit the Action frame as requested by user space */ 840 /* Transmit the Action frame as requested by user space */
@@ -868,7 +883,7 @@ bool cfg80211_rx_mgmt(struct wireless_dev *wdev, int freq, int sig_mbm,
868 /* found match! */ 883 /* found match! */
869 884
870 /* Indicate the received Action frame to user space */ 885 /* Indicate the received Action frame to user space */
871 if (nl80211_send_mgmt(rdev, wdev, reg->nlpid, 886 if (nl80211_send_mgmt(rdev, wdev, reg->nlportid,
872 freq, sig_mbm, 887 freq, sig_mbm,
873 buf, len, gfp)) 888 buf, len, gfp))
874 continue; 889 continue;
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index 1e37dbf00cb3..0418a6d5c1a6 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -496,11 +496,11 @@ static bool is_valid_ie_attr(const struct nlattr *attr)
496} 496}
497 497
498/* message building helper */ 498/* message building helper */
499static inline void *nl80211hdr_put(struct sk_buff *skb, u32 pid, u32 seq, 499static inline void *nl80211hdr_put(struct sk_buff *skb, u32 portid, u32 seq,
500 int flags, u8 cmd) 500 int flags, u8 cmd)
501{ 501{
502 /* since there is no private header just add the generic one */ 502 /* since there is no private header just add the generic one */
503 return genlmsg_put(skb, pid, seq, &nl80211_fam, flags, cmd); 503 return genlmsg_put(skb, portid, seq, &nl80211_fam, flags, cmd);
504} 504}
505 505
506static int nl80211_msg_put_channel(struct sk_buff *msg, 506static int nl80211_msg_put_channel(struct sk_buff *msg,
@@ -851,7 +851,7 @@ nla_put_failure:
851 return -ENOBUFS; 851 return -ENOBUFS;
852} 852}
853 853
854static int nl80211_send_wiphy(struct sk_buff *msg, u32 pid, u32 seq, int flags, 854static int nl80211_send_wiphy(struct sk_buff *msg, u32 portid, u32 seq, int flags,
855 struct cfg80211_registered_device *dev) 855 struct cfg80211_registered_device *dev)
856{ 856{
857 void *hdr; 857 void *hdr;
@@ -866,7 +866,7 @@ static int nl80211_send_wiphy(struct sk_buff *msg, u32 pid, u32 seq, int flags,
866 const struct ieee80211_txrx_stypes *mgmt_stypes = 866 const struct ieee80211_txrx_stypes *mgmt_stypes =
867 dev->wiphy.mgmt_stypes; 867 dev->wiphy.mgmt_stypes;
868 868
869 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_WIPHY); 869 hdr = nl80211hdr_put(msg, portid, seq, flags, NL80211_CMD_NEW_WIPHY);
870 if (!hdr) 870 if (!hdr)
871 return -1; 871 return -1;
872 872
@@ -1100,6 +1100,7 @@ static int nl80211_send_wiphy(struct sk_buff *msg, u32 pid, u32 seq, int flags,
1100 if (nla_put_u32(msg, i, NL80211_CMD_REGISTER_BEACONS)) 1100 if (nla_put_u32(msg, i, NL80211_CMD_REGISTER_BEACONS))
1101 goto nla_put_failure; 1101 goto nla_put_failure;
1102 } 1102 }
1103 CMD(start_p2p_device, START_P2P_DEVICE);
1103 1104
1104#ifdef CONFIG_NL80211_TESTMODE 1105#ifdef CONFIG_NL80211_TESTMODE
1105 CMD(testmode_cmd, TESTMODE); 1106 CMD(testmode_cmd, TESTMODE);
@@ -1266,7 +1267,7 @@ static int nl80211_dump_wiphy(struct sk_buff *skb, struct netlink_callback *cb)
1266 continue; 1267 continue;
1267 if (++idx <= start) 1268 if (++idx <= start)
1268 continue; 1269 continue;
1269 if (nl80211_send_wiphy(skb, NETLINK_CB(cb->skb).pid, 1270 if (nl80211_send_wiphy(skb, NETLINK_CB(cb->skb).portid,
1270 cb->nlh->nlmsg_seq, NLM_F_MULTI, 1271 cb->nlh->nlmsg_seq, NLM_F_MULTI,
1271 dev) < 0) { 1272 dev) < 0) {
1272 idx--; 1273 idx--;
@@ -1289,7 +1290,7 @@ static int nl80211_get_wiphy(struct sk_buff *skb, struct genl_info *info)
1289 if (!msg) 1290 if (!msg)
1290 return -ENOMEM; 1291 return -ENOMEM;
1291 1292
1292 if (nl80211_send_wiphy(msg, info->snd_pid, info->snd_seq, 0, dev) < 0) { 1293 if (nl80211_send_wiphy(msg, info->snd_portid, info->snd_seq, 0, dev) < 0) {
1293 nlmsg_free(msg); 1294 nlmsg_free(msg);
1294 return -ENOBUFS; 1295 return -ENOBUFS;
1295 } 1296 }
@@ -1735,26 +1736,26 @@ static inline u64 wdev_id(struct wireless_dev *wdev)
1735 ((u64)wiphy_to_dev(wdev->wiphy)->wiphy_idx << 32); 1736 ((u64)wiphy_to_dev(wdev->wiphy)->wiphy_idx << 32);
1736} 1737}
1737 1738
1738static int nl80211_send_iface(struct sk_buff *msg, u32 pid, u32 seq, int flags, 1739static int nl80211_send_iface(struct sk_buff *msg, u32 portid, u32 seq, int flags,
1739 struct cfg80211_registered_device *rdev, 1740 struct cfg80211_registered_device *rdev,
1740 struct wireless_dev *wdev) 1741 struct wireless_dev *wdev)
1741{ 1742{
1742 struct net_device *dev = wdev->netdev; 1743 struct net_device *dev = wdev->netdev;
1743 void *hdr; 1744 void *hdr;
1744 1745
1745 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_INTERFACE); 1746 hdr = nl80211hdr_put(msg, portid, seq, flags, NL80211_CMD_NEW_INTERFACE);
1746 if (!hdr) 1747 if (!hdr)
1747 return -1; 1748 return -1;
1748 1749
1749 if (dev && 1750 if (dev &&
1750 (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) || 1751 (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
1751 nla_put_string(msg, NL80211_ATTR_IFNAME, dev->name) || 1752 nla_put_string(msg, NL80211_ATTR_IFNAME, dev->name)))
1752 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, dev->dev_addr)))
1753 goto nla_put_failure; 1753 goto nla_put_failure;
1754 1754
1755 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || 1755 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
1756 nla_put_u32(msg, NL80211_ATTR_IFTYPE, wdev->iftype) || 1756 nla_put_u32(msg, NL80211_ATTR_IFTYPE, wdev->iftype) ||
1757 nla_put_u64(msg, NL80211_ATTR_WDEV, wdev_id(wdev)) || 1757 nla_put_u64(msg, NL80211_ATTR_WDEV, wdev_id(wdev)) ||
1758 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, wdev_address(wdev)) ||
1758 nla_put_u32(msg, NL80211_ATTR_GENERATION, 1759 nla_put_u32(msg, NL80211_ATTR_GENERATION,
1759 rdev->devlist_generation ^ 1760 rdev->devlist_generation ^
1760 (cfg80211_rdev_list_generation << 2))) 1761 (cfg80211_rdev_list_generation << 2)))
@@ -1806,7 +1807,7 @@ static int nl80211_dump_interface(struct sk_buff *skb, struct netlink_callback *
1806 if_idx++; 1807 if_idx++;
1807 continue; 1808 continue;
1808 } 1809 }
1809 if (nl80211_send_iface(skb, NETLINK_CB(cb->skb).pid, 1810 if (nl80211_send_iface(skb, NETLINK_CB(cb->skb).portid,
1810 cb->nlh->nlmsg_seq, NLM_F_MULTI, 1811 cb->nlh->nlmsg_seq, NLM_F_MULTI,
1811 rdev, wdev) < 0) { 1812 rdev, wdev) < 0) {
1812 mutex_unlock(&rdev->devlist_mtx); 1813 mutex_unlock(&rdev->devlist_mtx);
@@ -1837,7 +1838,7 @@ static int nl80211_get_interface(struct sk_buff *skb, struct genl_info *info)
1837 if (!msg) 1838 if (!msg)
1838 return -ENOMEM; 1839 return -ENOMEM;
1839 1840
1840 if (nl80211_send_iface(msg, info->snd_pid, info->snd_seq, 0, 1841 if (nl80211_send_iface(msg, info->snd_portid, info->snd_seq, 0,
1841 dev, wdev) < 0) { 1842 dev, wdev) < 0) {
1842 nlmsg_free(msg); 1843 nlmsg_free(msg);
1843 return -ENOBUFS; 1844 return -ENOBUFS;
@@ -2021,8 +2022,10 @@ static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info)
2021 return PTR_ERR(wdev); 2022 return PTR_ERR(wdev);
2022 } 2023 }
2023 2024
2024 if (type == NL80211_IFTYPE_MESH_POINT && 2025 switch (type) {
2025 info->attrs[NL80211_ATTR_MESH_ID]) { 2026 case NL80211_IFTYPE_MESH_POINT:
2027 if (!info->attrs[NL80211_ATTR_MESH_ID])
2028 break;
2026 wdev_lock(wdev); 2029 wdev_lock(wdev);
2027 BUILD_BUG_ON(IEEE80211_MAX_SSID_LEN != 2030 BUILD_BUG_ON(IEEE80211_MAX_SSID_LEN !=
2028 IEEE80211_MAX_MESH_ID_LEN); 2031 IEEE80211_MAX_MESH_ID_LEN);
@@ -2031,9 +2034,29 @@ static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info)
2031 memcpy(wdev->ssid, nla_data(info->attrs[NL80211_ATTR_MESH_ID]), 2034 memcpy(wdev->ssid, nla_data(info->attrs[NL80211_ATTR_MESH_ID]),
2032 wdev->mesh_id_up_len); 2035 wdev->mesh_id_up_len);
2033 wdev_unlock(wdev); 2036 wdev_unlock(wdev);
2037 break;
2038 case NL80211_IFTYPE_P2P_DEVICE:
2039 /*
2040 * P2P Device doesn't have a netdev, so doesn't go
2041 * through the netdev notifier and must be added here
2042 */
2043 mutex_init(&wdev->mtx);
2044 INIT_LIST_HEAD(&wdev->event_list);
2045 spin_lock_init(&wdev->event_lock);
2046 INIT_LIST_HEAD(&wdev->mgmt_registrations);
2047 spin_lock_init(&wdev->mgmt_registrations_lock);
2048
2049 mutex_lock(&rdev->devlist_mtx);
2050 wdev->identifier = ++rdev->wdev_id;
2051 list_add_rcu(&wdev->list, &rdev->wdev_list);
2052 rdev->devlist_generation++;
2053 mutex_unlock(&rdev->devlist_mtx);
2054 break;
2055 default:
2056 break;
2034 } 2057 }
2035 2058
2036 if (nl80211_send_iface(msg, info->snd_pid, info->snd_seq, 0, 2059 if (nl80211_send_iface(msg, info->snd_portid, info->snd_seq, 0,
2037 rdev, wdev) < 0) { 2060 rdev, wdev) < 0) {
2038 nlmsg_free(msg); 2061 nlmsg_free(msg);
2039 return -ENOBUFS; 2062 return -ENOBUFS;
@@ -2168,7 +2191,7 @@ static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info)
2168 if (!msg) 2191 if (!msg)
2169 return -ENOMEM; 2192 return -ENOMEM;
2170 2193
2171 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 2194 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
2172 NL80211_CMD_NEW_KEY); 2195 NL80211_CMD_NEW_KEY);
2173 if (IS_ERR(hdr)) 2196 if (IS_ERR(hdr))
2174 return PTR_ERR(hdr); 2197 return PTR_ERR(hdr);
@@ -2746,7 +2769,7 @@ nla_put_failure:
2746 return false; 2769 return false;
2747} 2770}
2748 2771
2749static int nl80211_send_station(struct sk_buff *msg, u32 pid, u32 seq, 2772static int nl80211_send_station(struct sk_buff *msg, u32 portid, u32 seq,
2750 int flags, 2773 int flags,
2751 struct cfg80211_registered_device *rdev, 2774 struct cfg80211_registered_device *rdev,
2752 struct net_device *dev, 2775 struct net_device *dev,
@@ -2755,7 +2778,7 @@ static int nl80211_send_station(struct sk_buff *msg, u32 pid, u32 seq,
2755 void *hdr; 2778 void *hdr;
2756 struct nlattr *sinfoattr, *bss_param; 2779 struct nlattr *sinfoattr, *bss_param;
2757 2780
2758 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_STATION); 2781 hdr = nl80211hdr_put(msg, portid, seq, flags, NL80211_CMD_NEW_STATION);
2759 if (!hdr) 2782 if (!hdr)
2760 return -1; 2783 return -1;
2761 2784
@@ -2908,7 +2931,7 @@ static int nl80211_dump_station(struct sk_buff *skb,
2908 goto out_err; 2931 goto out_err;
2909 2932
2910 if (nl80211_send_station(skb, 2933 if (nl80211_send_station(skb,
2911 NETLINK_CB(cb->skb).pid, 2934 NETLINK_CB(cb->skb).portid,
2912 cb->nlh->nlmsg_seq, NLM_F_MULTI, 2935 cb->nlh->nlmsg_seq, NLM_F_MULTI,
2913 dev, netdev, mac_addr, 2936 dev, netdev, mac_addr,
2914 &sinfo) < 0) 2937 &sinfo) < 0)
@@ -2954,7 +2977,7 @@ static int nl80211_get_station(struct sk_buff *skb, struct genl_info *info)
2954 if (!msg) 2977 if (!msg)
2955 return -ENOMEM; 2978 return -ENOMEM;
2956 2979
2957 if (nl80211_send_station(msg, info->snd_pid, info->snd_seq, 0, 2980 if (nl80211_send_station(msg, info->snd_portid, info->snd_seq, 0,
2958 rdev, dev, mac_addr, &sinfo) < 0) { 2981 rdev, dev, mac_addr, &sinfo) < 0) {
2959 nlmsg_free(msg); 2982 nlmsg_free(msg);
2960 return -ENOBUFS; 2983 return -ENOBUFS;
@@ -3280,7 +3303,7 @@ static int nl80211_del_station(struct sk_buff *skb, struct genl_info *info)
3280 return rdev->ops->del_station(&rdev->wiphy, dev, mac_addr); 3303 return rdev->ops->del_station(&rdev->wiphy, dev, mac_addr);
3281} 3304}
3282 3305
3283static int nl80211_send_mpath(struct sk_buff *msg, u32 pid, u32 seq, 3306static int nl80211_send_mpath(struct sk_buff *msg, u32 portid, u32 seq,
3284 int flags, struct net_device *dev, 3307 int flags, struct net_device *dev,
3285 u8 *dst, u8 *next_hop, 3308 u8 *dst, u8 *next_hop,
3286 struct mpath_info *pinfo) 3309 struct mpath_info *pinfo)
@@ -3288,7 +3311,7 @@ static int nl80211_send_mpath(struct sk_buff *msg, u32 pid, u32 seq,
3288 void *hdr; 3311 void *hdr;
3289 struct nlattr *pinfoattr; 3312 struct nlattr *pinfoattr;
3290 3313
3291 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_STATION); 3314 hdr = nl80211hdr_put(msg, portid, seq, flags, NL80211_CMD_NEW_STATION);
3292 if (!hdr) 3315 if (!hdr)
3293 return -1; 3316 return -1;
3294 3317
@@ -3366,7 +3389,7 @@ static int nl80211_dump_mpath(struct sk_buff *skb,
3366 if (err) 3389 if (err)
3367 goto out_err; 3390 goto out_err;
3368 3391
3369 if (nl80211_send_mpath(skb, NETLINK_CB(cb->skb).pid, 3392 if (nl80211_send_mpath(skb, NETLINK_CB(cb->skb).portid,
3370 cb->nlh->nlmsg_seq, NLM_F_MULTI, 3393 cb->nlh->nlmsg_seq, NLM_F_MULTI,
3371 netdev, dst, next_hop, 3394 netdev, dst, next_hop,
3372 &pinfo) < 0) 3395 &pinfo) < 0)
@@ -3415,7 +3438,7 @@ static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info)
3415 if (!msg) 3438 if (!msg)
3416 return -ENOMEM; 3439 return -ENOMEM;
3417 3440
3418 if (nl80211_send_mpath(msg, info->snd_pid, info->snd_seq, 0, 3441 if (nl80211_send_mpath(msg, info->snd_portid, info->snd_seq, 0,
3419 dev, dst, next_hop, &pinfo) < 0) { 3442 dev, dst, next_hop, &pinfo) < 0) {
3420 nlmsg_free(msg); 3443 nlmsg_free(msg);
3421 return -ENOBUFS; 3444 return -ENOBUFS;
@@ -3656,7 +3679,7 @@ static int nl80211_get_mesh_config(struct sk_buff *skb,
3656 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 3679 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
3657 if (!msg) 3680 if (!msg)
3658 return -ENOMEM; 3681 return -ENOMEM;
3659 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 3682 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
3660 NL80211_CMD_GET_MESH_CONFIG); 3683 NL80211_CMD_GET_MESH_CONFIG);
3661 if (!hdr) 3684 if (!hdr)
3662 goto out; 3685 goto out;
@@ -3975,7 +3998,7 @@ static int nl80211_get_reg(struct sk_buff *skb, struct genl_info *info)
3975 goto out; 3998 goto out;
3976 } 3999 }
3977 4000
3978 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 4001 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
3979 NL80211_CMD_GET_REG); 4002 NL80211_CMD_GET_REG);
3980 if (!hdr) 4003 if (!hdr)
3981 goto put_failure; 4004 goto put_failure;
@@ -4593,7 +4616,7 @@ static int nl80211_send_bss(struct sk_buff *msg, struct netlink_callback *cb,
4593 4616
4594 ASSERT_WDEV_LOCK(wdev); 4617 ASSERT_WDEV_LOCK(wdev);
4595 4618
4596 hdr = nl80211hdr_put(msg, NETLINK_CB(cb->skb).pid, seq, flags, 4619 hdr = nl80211hdr_put(msg, NETLINK_CB(cb->skb).portid, seq, flags,
4597 NL80211_CMD_NEW_SCAN_RESULTS); 4620 NL80211_CMD_NEW_SCAN_RESULTS);
4598 if (!hdr) 4621 if (!hdr)
4599 return -1; 4622 return -1;
@@ -4712,14 +4735,14 @@ static int nl80211_dump_scan(struct sk_buff *skb,
4712 return skb->len; 4735 return skb->len;
4713} 4736}
4714 4737
4715static int nl80211_send_survey(struct sk_buff *msg, u32 pid, u32 seq, 4738static int nl80211_send_survey(struct sk_buff *msg, u32 portid, u32 seq,
4716 int flags, struct net_device *dev, 4739 int flags, struct net_device *dev,
4717 struct survey_info *survey) 4740 struct survey_info *survey)
4718{ 4741{
4719 void *hdr; 4742 void *hdr;
4720 struct nlattr *infoattr; 4743 struct nlattr *infoattr;
4721 4744
4722 hdr = nl80211hdr_put(msg, pid, seq, flags, 4745 hdr = nl80211hdr_put(msg, portid, seq, flags,
4723 NL80211_CMD_NEW_SURVEY_RESULTS); 4746 NL80211_CMD_NEW_SURVEY_RESULTS);
4724 if (!hdr) 4747 if (!hdr)
4725 return -ENOMEM; 4748 return -ENOMEM;
@@ -4813,7 +4836,7 @@ static int nl80211_dump_survey(struct sk_buff *skb,
4813 } 4836 }
4814 4837
4815 if (nl80211_send_survey(skb, 4838 if (nl80211_send_survey(skb,
4816 NETLINK_CB(cb->skb).pid, 4839 NETLINK_CB(cb->skb).portid,
4817 cb->nlh->nlmsg_seq, NLM_F_MULTI, 4840 cb->nlh->nlmsg_seq, NLM_F_MULTI,
4818 netdev, 4841 netdev,
4819 &survey) < 0) 4842 &survey) < 0)
@@ -5428,7 +5451,7 @@ static int nl80211_testmode_dump(struct sk_buff *skb,
5428 } 5451 }
5429 5452
5430 while (1) { 5453 while (1) {
5431 void *hdr = nl80211hdr_put(skb, NETLINK_CB(cb->skb).pid, 5454 void *hdr = nl80211hdr_put(skb, NETLINK_CB(cb->skb).portid,
5432 cb->nlh->nlmsg_seq, NLM_F_MULTI, 5455 cb->nlh->nlmsg_seq, NLM_F_MULTI,
5433 NL80211_CMD_TESTMODE); 5456 NL80211_CMD_TESTMODE);
5434 struct nlattr *tmdata; 5457 struct nlattr *tmdata;
@@ -5468,7 +5491,7 @@ static int nl80211_testmode_dump(struct sk_buff *skb,
5468 5491
5469static struct sk_buff * 5492static struct sk_buff *
5470__cfg80211_testmode_alloc_skb(struct cfg80211_registered_device *rdev, 5493__cfg80211_testmode_alloc_skb(struct cfg80211_registered_device *rdev,
5471 int approxlen, u32 pid, u32 seq, gfp_t gfp) 5494 int approxlen, u32 portid, u32 seq, gfp_t gfp)
5472{ 5495{
5473 struct sk_buff *skb; 5496 struct sk_buff *skb;
5474 void *hdr; 5497 void *hdr;
@@ -5478,7 +5501,7 @@ __cfg80211_testmode_alloc_skb(struct cfg80211_registered_device *rdev,
5478 if (!skb) 5501 if (!skb)
5479 return NULL; 5502 return NULL;
5480 5503
5481 hdr = nl80211hdr_put(skb, pid, seq, 0, NL80211_CMD_TESTMODE); 5504 hdr = nl80211hdr_put(skb, portid, seq, 0, NL80211_CMD_TESTMODE);
5482 if (!hdr) { 5505 if (!hdr) {
5483 kfree_skb(skb); 5506 kfree_skb(skb);
5484 return NULL; 5507 return NULL;
@@ -5508,7 +5531,7 @@ struct sk_buff *cfg80211_testmode_alloc_reply_skb(struct wiphy *wiphy,
5508 return NULL; 5531 return NULL;
5509 5532
5510 return __cfg80211_testmode_alloc_skb(rdev, approxlen, 5533 return __cfg80211_testmode_alloc_skb(rdev, approxlen,
5511 rdev->testmode_info->snd_pid, 5534 rdev->testmode_info->snd_portid,
5512 rdev->testmode_info->snd_seq, 5535 rdev->testmode_info->snd_seq,
5513 GFP_KERNEL); 5536 GFP_KERNEL);
5514} 5537}
@@ -5846,7 +5869,7 @@ static int nl80211_remain_on_channel(struct sk_buff *skb,
5846 if (!msg) 5869 if (!msg)
5847 return -ENOMEM; 5870 return -ENOMEM;
5848 5871
5849 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 5872 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
5850 NL80211_CMD_REMAIN_ON_CHANNEL); 5873 NL80211_CMD_REMAIN_ON_CHANNEL);
5851 5874
5852 if (IS_ERR(hdr)) { 5875 if (IS_ERR(hdr)) {
@@ -6055,6 +6078,7 @@ static int nl80211_register_mgmt(struct sk_buff *skb, struct genl_info *info)
6055 case NL80211_IFTYPE_AP_VLAN: 6078 case NL80211_IFTYPE_AP_VLAN:
6056 case NL80211_IFTYPE_MESH_POINT: 6079 case NL80211_IFTYPE_MESH_POINT:
6057 case NL80211_IFTYPE_P2P_GO: 6080 case NL80211_IFTYPE_P2P_GO:
6081 case NL80211_IFTYPE_P2P_DEVICE:
6058 break; 6082 break;
6059 default: 6083 default:
6060 return -EOPNOTSUPP; 6084 return -EOPNOTSUPP;
@@ -6064,7 +6088,7 @@ static int nl80211_register_mgmt(struct sk_buff *skb, struct genl_info *info)
6064 if (!rdev->ops->mgmt_tx) 6088 if (!rdev->ops->mgmt_tx)
6065 return -EOPNOTSUPP; 6089 return -EOPNOTSUPP;
6066 6090
6067 return cfg80211_mlme_register_mgmt(wdev, info->snd_pid, frame_type, 6091 return cfg80211_mlme_register_mgmt(wdev, info->snd_portid, frame_type,
6068 nla_data(info->attrs[NL80211_ATTR_FRAME_MATCH]), 6092 nla_data(info->attrs[NL80211_ATTR_FRAME_MATCH]),
6069 nla_len(info->attrs[NL80211_ATTR_FRAME_MATCH])); 6093 nla_len(info->attrs[NL80211_ATTR_FRAME_MATCH]));
6070} 6094}
@@ -6101,6 +6125,7 @@ static int nl80211_tx_mgmt(struct sk_buff *skb, struct genl_info *info)
6101 case NL80211_IFTYPE_AP_VLAN: 6125 case NL80211_IFTYPE_AP_VLAN:
6102 case NL80211_IFTYPE_MESH_POINT: 6126 case NL80211_IFTYPE_MESH_POINT:
6103 case NL80211_IFTYPE_P2P_GO: 6127 case NL80211_IFTYPE_P2P_GO:
6128 case NL80211_IFTYPE_P2P_DEVICE:
6104 break; 6129 break;
6105 default: 6130 default:
6106 return -EOPNOTSUPP; 6131 return -EOPNOTSUPP;
@@ -6144,7 +6169,7 @@ static int nl80211_tx_mgmt(struct sk_buff *skb, struct genl_info *info)
6144 if (!msg) 6169 if (!msg)
6145 return -ENOMEM; 6170 return -ENOMEM;
6146 6171
6147 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 6172 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
6148 NL80211_CMD_FRAME); 6173 NL80211_CMD_FRAME);
6149 6174
6150 if (IS_ERR(hdr)) { 6175 if (IS_ERR(hdr)) {
@@ -6197,6 +6222,7 @@ static int nl80211_tx_mgmt_cancel_wait(struct sk_buff *skb, struct genl_info *in
6197 case NL80211_IFTYPE_AP: 6222 case NL80211_IFTYPE_AP:
6198 case NL80211_IFTYPE_AP_VLAN: 6223 case NL80211_IFTYPE_AP_VLAN:
6199 case NL80211_IFTYPE_P2P_GO: 6224 case NL80211_IFTYPE_P2P_GO:
6225 case NL80211_IFTYPE_P2P_DEVICE:
6200 break; 6226 break;
6201 default: 6227 default:
6202 return -EOPNOTSUPP; 6228 return -EOPNOTSUPP;
@@ -6260,7 +6286,7 @@ static int nl80211_get_power_save(struct sk_buff *skb, struct genl_info *info)
6260 if (!msg) 6286 if (!msg)
6261 return -ENOMEM; 6287 return -ENOMEM;
6262 6288
6263 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 6289 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
6264 NL80211_CMD_GET_POWER_SAVE); 6290 NL80211_CMD_GET_POWER_SAVE);
6265 if (!hdr) { 6291 if (!hdr) {
6266 err = -ENOBUFS; 6292 err = -ENOBUFS;
@@ -6462,7 +6488,7 @@ static int nl80211_get_wowlan(struct sk_buff *skb, struct genl_info *info)
6462 if (!msg) 6488 if (!msg)
6463 return -ENOMEM; 6489 return -ENOMEM;
6464 6490
6465 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 6491 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
6466 NL80211_CMD_GET_WOWLAN); 6492 NL80211_CMD_GET_WOWLAN);
6467 if (!hdr) 6493 if (!hdr)
6468 goto nla_put_failure; 6494 goto nla_put_failure;
@@ -6736,10 +6762,10 @@ static int nl80211_register_unexpected_frame(struct sk_buff *skb,
6736 wdev->iftype != NL80211_IFTYPE_P2P_GO) 6762 wdev->iftype != NL80211_IFTYPE_P2P_GO)
6737 return -EINVAL; 6763 return -EINVAL;
6738 6764
6739 if (wdev->ap_unexpected_nlpid) 6765 if (wdev->ap_unexpected_nlportid)
6740 return -EBUSY; 6766 return -EBUSY;
6741 6767
6742 wdev->ap_unexpected_nlpid = info->snd_pid; 6768 wdev->ap_unexpected_nlportid = info->snd_portid;
6743 return 0; 6769 return 0;
6744} 6770}
6745 6771
@@ -6769,7 +6795,7 @@ static int nl80211_probe_client(struct sk_buff *skb,
6769 if (!msg) 6795 if (!msg)
6770 return -ENOMEM; 6796 return -ENOMEM;
6771 6797
6772 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 6798 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
6773 NL80211_CMD_PROBE_CLIENT); 6799 NL80211_CMD_PROBE_CLIENT);
6774 6800
6775 if (IS_ERR(hdr)) { 6801 if (IS_ERR(hdr)) {
@@ -6804,10 +6830,72 @@ static int nl80211_register_beacons(struct sk_buff *skb, struct genl_info *info)
6804 if (!(rdev->wiphy.flags & WIPHY_FLAG_REPORTS_OBSS)) 6830 if (!(rdev->wiphy.flags & WIPHY_FLAG_REPORTS_OBSS))
6805 return -EOPNOTSUPP; 6831 return -EOPNOTSUPP;
6806 6832
6807 if (rdev->ap_beacons_nlpid) 6833 if (rdev->ap_beacons_nlportid)
6808 return -EBUSY; 6834 return -EBUSY;
6809 6835
6810 rdev->ap_beacons_nlpid = info->snd_pid; 6836 rdev->ap_beacons_nlportid = info->snd_portid;
6837
6838 return 0;
6839}
6840
6841static int nl80211_start_p2p_device(struct sk_buff *skb, struct genl_info *info)
6842{
6843 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6844 struct wireless_dev *wdev = info->user_ptr[1];
6845 int err;
6846
6847 if (!rdev->ops->start_p2p_device)
6848 return -EOPNOTSUPP;
6849
6850 if (wdev->iftype != NL80211_IFTYPE_P2P_DEVICE)
6851 return -EOPNOTSUPP;
6852
6853 if (wdev->p2p_started)
6854 return 0;
6855
6856 mutex_lock(&rdev->devlist_mtx);
6857 err = cfg80211_can_add_interface(rdev, wdev->iftype);
6858 mutex_unlock(&rdev->devlist_mtx);
6859 if (err)
6860 return err;
6861
6862 err = rdev->ops->start_p2p_device(&rdev->wiphy, wdev);
6863 if (err)
6864 return err;
6865
6866 wdev->p2p_started = true;
6867 mutex_lock(&rdev->devlist_mtx);
6868 rdev->opencount++;
6869 mutex_unlock(&rdev->devlist_mtx);
6870
6871 return 0;
6872}
6873
6874static int nl80211_stop_p2p_device(struct sk_buff *skb, struct genl_info *info)
6875{
6876 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6877 struct wireless_dev *wdev = info->user_ptr[1];
6878
6879 if (wdev->iftype != NL80211_IFTYPE_P2P_DEVICE)
6880 return -EOPNOTSUPP;
6881
6882 if (!rdev->ops->stop_p2p_device)
6883 return -EOPNOTSUPP;
6884
6885 if (!wdev->p2p_started)
6886 return 0;
6887
6888 rdev->ops->stop_p2p_device(&rdev->wiphy, wdev);
6889 wdev->p2p_started = false;
6890
6891 mutex_lock(&rdev->devlist_mtx);
6892 rdev->opencount--;
6893 mutex_unlock(&rdev->devlist_mtx);
6894
6895 if (WARN_ON(rdev->scan_req && rdev->scan_req->wdev == wdev)) {
6896 rdev->scan_req->aborted = true;
6897 ___cfg80211_scan_done(rdev, true);
6898 }
6811 6899
6812 return 0; 6900 return 0;
6813} 6901}
@@ -6819,7 +6907,7 @@ static int nl80211_register_beacons(struct sk_buff *skb, struct genl_info *info)
6819#define NL80211_FLAG_NEED_NETDEV_UP (NL80211_FLAG_NEED_NETDEV |\ 6907#define NL80211_FLAG_NEED_NETDEV_UP (NL80211_FLAG_NEED_NETDEV |\
6820 NL80211_FLAG_CHECK_NETDEV_UP) 6908 NL80211_FLAG_CHECK_NETDEV_UP)
6821#define NL80211_FLAG_NEED_WDEV 0x10 6909#define NL80211_FLAG_NEED_WDEV 0x10
6822/* If a netdev is associated, it must be UP */ 6910/* If a netdev is associated, it must be UP, P2P must be started */
6823#define NL80211_FLAG_NEED_WDEV_UP (NL80211_FLAG_NEED_WDEV |\ 6911#define NL80211_FLAG_NEED_WDEV_UP (NL80211_FLAG_NEED_WDEV |\
6824 NL80211_FLAG_CHECK_NETDEV_UP) 6912 NL80211_FLAG_CHECK_NETDEV_UP)
6825 6913
@@ -6880,6 +6968,13 @@ static int nl80211_pre_doit(struct genl_ops *ops, struct sk_buff *skb,
6880 } 6968 }
6881 6969
6882 dev_hold(dev); 6970 dev_hold(dev);
6971 } else if (ops->internal_flags & NL80211_FLAG_CHECK_NETDEV_UP) {
6972 if (!wdev->p2p_started) {
6973 mutex_unlock(&cfg80211_mutex);
6974 if (rtnl)
6975 rtnl_unlock();
6976 return -ENETDOWN;
6977 }
6883 } 6978 }
6884 6979
6885 cfg80211_lock_rdev(rdev); 6980 cfg80211_lock_rdev(rdev);
@@ -7441,7 +7536,22 @@ static struct genl_ops nl80211_ops[] = {
7441 .internal_flags = NL80211_FLAG_NEED_NETDEV | 7536 .internal_flags = NL80211_FLAG_NEED_NETDEV |
7442 NL80211_FLAG_NEED_RTNL, 7537 NL80211_FLAG_NEED_RTNL,
7443 }, 7538 },
7444 7539 {
7540 .cmd = NL80211_CMD_START_P2P_DEVICE,
7541 .doit = nl80211_start_p2p_device,
7542 .policy = nl80211_policy,
7543 .flags = GENL_ADMIN_PERM,
7544 .internal_flags = NL80211_FLAG_NEED_WDEV |
7545 NL80211_FLAG_NEED_RTNL,
7546 },
7547 {
7548 .cmd = NL80211_CMD_STOP_P2P_DEVICE,
7549 .doit = nl80211_stop_p2p_device,
7550 .policy = nl80211_policy,
7551 .flags = GENL_ADMIN_PERM,
7552 .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
7553 NL80211_FLAG_NEED_RTNL,
7554 },
7445}; 7555};
7446 7556
7447static struct genl_multicast_group nl80211_mlme_mcgrp = { 7557static struct genl_multicast_group nl80211_mlme_mcgrp = {
@@ -7520,12 +7630,12 @@ static int nl80211_add_scan_req(struct sk_buff *msg,
7520static int nl80211_send_scan_msg(struct sk_buff *msg, 7630static int nl80211_send_scan_msg(struct sk_buff *msg,
7521 struct cfg80211_registered_device *rdev, 7631 struct cfg80211_registered_device *rdev,
7522 struct wireless_dev *wdev, 7632 struct wireless_dev *wdev,
7523 u32 pid, u32 seq, int flags, 7633 u32 portid, u32 seq, int flags,
7524 u32 cmd) 7634 u32 cmd)
7525{ 7635{
7526 void *hdr; 7636 void *hdr;
7527 7637
7528 hdr = nl80211hdr_put(msg, pid, seq, flags, cmd); 7638 hdr = nl80211hdr_put(msg, portid, seq, flags, cmd);
7529 if (!hdr) 7639 if (!hdr)
7530 return -1; 7640 return -1;
7531 7641
@@ -7549,11 +7659,11 @@ static int
7549nl80211_send_sched_scan_msg(struct sk_buff *msg, 7659nl80211_send_sched_scan_msg(struct sk_buff *msg,
7550 struct cfg80211_registered_device *rdev, 7660 struct cfg80211_registered_device *rdev,
7551 struct net_device *netdev, 7661 struct net_device *netdev,
7552 u32 pid, u32 seq, int flags, u32 cmd) 7662 u32 portid, u32 seq, int flags, u32 cmd)
7553{ 7663{
7554 void *hdr; 7664 void *hdr;
7555 7665
7556 hdr = nl80211hdr_put(msg, pid, seq, flags, cmd); 7666 hdr = nl80211hdr_put(msg, portid, seq, flags, cmd);
7557 if (!hdr) 7667 if (!hdr)
7558 return -1; 7668 return -1;
7559 7669
@@ -8254,6 +8364,40 @@ void nl80211_send_sta_del_event(struct cfg80211_registered_device *rdev,
8254 nlmsg_free(msg); 8364 nlmsg_free(msg);
8255} 8365}
8256 8366
8367void nl80211_send_conn_failed_event(struct cfg80211_registered_device *rdev,
8368 struct net_device *dev, const u8 *mac_addr,
8369 enum nl80211_connect_failed_reason reason,
8370 gfp_t gfp)
8371{
8372 struct sk_buff *msg;
8373 void *hdr;
8374
8375 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
8376 if (!msg)
8377 return;
8378
8379 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CONN_FAILED);
8380 if (!hdr) {
8381 nlmsg_free(msg);
8382 return;
8383 }
8384
8385 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
8386 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr) ||
8387 nla_put_u32(msg, NL80211_ATTR_CONN_FAILED_REASON, reason))
8388 goto nla_put_failure;
8389
8390 genlmsg_end(msg, hdr);
8391
8392 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
8393 nl80211_mlme_mcgrp.id, gfp);
8394 return;
8395
8396 nla_put_failure:
8397 genlmsg_cancel(msg, hdr);
8398 nlmsg_free(msg);
8399}
8400
8257static bool __nl80211_unexpected_frame(struct net_device *dev, u8 cmd, 8401static bool __nl80211_unexpected_frame(struct net_device *dev, u8 cmd,
8258 const u8 *addr, gfp_t gfp) 8402 const u8 *addr, gfp_t gfp)
8259{ 8403{
@@ -8262,9 +8406,9 @@ static bool __nl80211_unexpected_frame(struct net_device *dev, u8 cmd,
8262 struct sk_buff *msg; 8406 struct sk_buff *msg;
8263 void *hdr; 8407 void *hdr;
8264 int err; 8408 int err;
8265 u32 nlpid = ACCESS_ONCE(wdev->ap_unexpected_nlpid); 8409 u32 nlportid = ACCESS_ONCE(wdev->ap_unexpected_nlportid);
8266 8410
8267 if (!nlpid) 8411 if (!nlportid)
8268 return false; 8412 return false;
8269 8413
8270 msg = nlmsg_new(100, gfp); 8414 msg = nlmsg_new(100, gfp);
@@ -8288,7 +8432,7 @@ static bool __nl80211_unexpected_frame(struct net_device *dev, u8 cmd,
8288 return true; 8432 return true;
8289 } 8433 }
8290 8434
8291 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlpid); 8435 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlportid);
8292 return true; 8436 return true;
8293 8437
8294 nla_put_failure: 8438 nla_put_failure:
@@ -8312,7 +8456,7 @@ bool nl80211_unexpected_4addr_frame(struct net_device *dev,
8312} 8456}
8313 8457
8314int nl80211_send_mgmt(struct cfg80211_registered_device *rdev, 8458int nl80211_send_mgmt(struct cfg80211_registered_device *rdev,
8315 struct wireless_dev *wdev, u32 nlpid, 8459 struct wireless_dev *wdev, u32 nlportid,
8316 int freq, int sig_dbm, 8460 int freq, int sig_dbm,
8317 const u8 *buf, size_t len, gfp_t gfp) 8461 const u8 *buf, size_t len, gfp_t gfp)
8318{ 8462{
@@ -8341,7 +8485,7 @@ int nl80211_send_mgmt(struct cfg80211_registered_device *rdev,
8341 8485
8342 genlmsg_end(msg, hdr); 8486 genlmsg_end(msg, hdr);
8343 8487
8344 return genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlpid); 8488 return genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlportid);
8345 8489
8346 nla_put_failure: 8490 nla_put_failure:
8347 genlmsg_cancel(msg, hdr); 8491 genlmsg_cancel(msg, hdr);
@@ -8696,9 +8840,9 @@ void cfg80211_report_obss_beacon(struct wiphy *wiphy,
8696 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 8840 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
8697 struct sk_buff *msg; 8841 struct sk_buff *msg;
8698 void *hdr; 8842 void *hdr;
8699 u32 nlpid = ACCESS_ONCE(rdev->ap_beacons_nlpid); 8843 u32 nlportid = ACCESS_ONCE(rdev->ap_beacons_nlportid);
8700 8844
8701 if (!nlpid) 8845 if (!nlportid)
8702 return; 8846 return;
8703 8847
8704 msg = nlmsg_new(len + 100, gfp); 8848 msg = nlmsg_new(len + 100, gfp);
@@ -8721,7 +8865,7 @@ void cfg80211_report_obss_beacon(struct wiphy *wiphy,
8721 8865
8722 genlmsg_end(msg, hdr); 8866 genlmsg_end(msg, hdr);
8723 8867
8724 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlpid); 8868 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlportid);
8725 return; 8869 return;
8726 8870
8727 nla_put_failure: 8871 nla_put_failure:
@@ -8745,9 +8889,9 @@ static int nl80211_netlink_notify(struct notifier_block * nb,
8745 8889
8746 list_for_each_entry_rcu(rdev, &cfg80211_rdev_list, list) { 8890 list_for_each_entry_rcu(rdev, &cfg80211_rdev_list, list) {
8747 list_for_each_entry_rcu(wdev, &rdev->wdev_list, list) 8891 list_for_each_entry_rcu(wdev, &rdev->wdev_list, list)
8748 cfg80211_mlme_unregister_socket(wdev, notify->pid); 8892 cfg80211_mlme_unregister_socket(wdev, notify->portid);
8749 if (rdev->ap_beacons_nlpid == notify->pid) 8893 if (rdev->ap_beacons_nlportid == notify->portid)
8750 rdev->ap_beacons_nlpid = 0; 8894 rdev->ap_beacons_nlportid = 0;
8751 } 8895 }
8752 8896
8753 rcu_read_unlock(); 8897 rcu_read_unlock();
diff --git a/net/wireless/nl80211.h b/net/wireless/nl80211.h
index 9f2616fffb40..f6153516068c 100644
--- a/net/wireless/nl80211.h
+++ b/net/wireless/nl80211.h
@@ -91,6 +91,11 @@ void nl80211_send_sta_del_event(struct cfg80211_registered_device *rdev,
91 struct net_device *dev, const u8 *mac_addr, 91 struct net_device *dev, const u8 *mac_addr,
92 gfp_t gfp); 92 gfp_t gfp);
93 93
94void nl80211_send_conn_failed_event(struct cfg80211_registered_device *rdev,
95 struct net_device *dev, const u8 *mac_addr,
96 enum nl80211_connect_failed_reason reason,
97 gfp_t gfp);
98
94int nl80211_send_mgmt(struct cfg80211_registered_device *rdev, 99int nl80211_send_mgmt(struct cfg80211_registered_device *rdev,
95 struct wireless_dev *wdev, u32 nlpid, 100 struct wireless_dev *wdev, u32 nlpid,
96 int freq, int sig_dbm, 101 int freq, int sig_dbm,
diff --git a/net/wireless/radiotap.c b/net/wireless/radiotap.c
index c4ad7958af52..7d604c06c3dc 100644
--- a/net/wireless/radiotap.c
+++ b/net/wireless/radiotap.c
@@ -41,6 +41,8 @@ static const struct radiotap_align_size rtap_namespace_sizes[] = {
41 [IEEE80211_RADIOTAP_TX_FLAGS] = { .align = 2, .size = 2, }, 41 [IEEE80211_RADIOTAP_TX_FLAGS] = { .align = 2, .size = 2, },
42 [IEEE80211_RADIOTAP_RTS_RETRIES] = { .align = 1, .size = 1, }, 42 [IEEE80211_RADIOTAP_RTS_RETRIES] = { .align = 1, .size = 1, },
43 [IEEE80211_RADIOTAP_DATA_RETRIES] = { .align = 1, .size = 1, }, 43 [IEEE80211_RADIOTAP_DATA_RETRIES] = { .align = 1, .size = 1, },
44 [IEEE80211_RADIOTAP_MCS] = { .align = 1, .size = 3, },
45 [IEEE80211_RADIOTAP_AMPDU_STATUS] = { .align = 4, .size = 8, },
44 /* 46 /*
45 * add more here as they are defined in radiotap.h 47 * add more here as they are defined in radiotap.h
46 */ 48 */
diff --git a/net/wireless/reg.c b/net/wireless/reg.c
index 72d170ca3406..3b8cbbc214db 100644
--- a/net/wireless/reg.c
+++ b/net/wireless/reg.c
@@ -510,9 +510,11 @@ static bool reg_does_bw_fit(const struct ieee80211_freq_range *freq_range,
510 * 510 *
511 * This lets us know if a specific frequency rule is or is not relevant to 511 * This lets us know if a specific frequency rule is or is not relevant to
512 * a specific frequency's band. Bands are device specific and artificial 512 * a specific frequency's band. Bands are device specific and artificial
513 * definitions (the "2.4 GHz band" and the "5 GHz band"), however it is 513 * definitions (the "2.4 GHz band", the "5 GHz band" and the "60GHz band"),
514 * safe for now to assume that a frequency rule should not be part of a 514 * however it is safe for now to assume that a frequency rule should not be
515 * frequency's band if the start freq or end freq are off by more than 2 GHz. 515 * part of a frequency's band if the start freq or end freq are off by more
516 * than 2 GHz for the 2.4 and 5 GHz bands, and by more than 10 GHz for the
517 * 60 GHz band.
516 * This resolution can be lowered and should be considered as we add 518 * This resolution can be lowered and should be considered as we add
517 * regulatory rule support for other "bands". 519 * regulatory rule support for other "bands".
518 **/ 520 **/
@@ -520,9 +522,16 @@ static bool freq_in_rule_band(const struct ieee80211_freq_range *freq_range,
520 u32 freq_khz) 522 u32 freq_khz)
521{ 523{
522#define ONE_GHZ_IN_KHZ 1000000 524#define ONE_GHZ_IN_KHZ 1000000
523 if (abs(freq_khz - freq_range->start_freq_khz) <= (2 * ONE_GHZ_IN_KHZ)) 525 /*
526 * From 802.11ad: directional multi-gigabit (DMG):
527 * Pertaining to operation in a frequency band containing a channel
528 * with the Channel starting frequency above 45 GHz.
529 */
530 u32 limit = freq_khz > 45 * ONE_GHZ_IN_KHZ ?
531 10 * ONE_GHZ_IN_KHZ : 2 * ONE_GHZ_IN_KHZ;
532 if (abs(freq_khz - freq_range->start_freq_khz) <= limit)
524 return true; 533 return true;
525 if (abs(freq_khz - freq_range->end_freq_khz) <= (2 * ONE_GHZ_IN_KHZ)) 534 if (abs(freq_khz - freq_range->end_freq_khz) <= limit)
526 return true; 535 return true;
527 return false; 536 return false;
528#undef ONE_GHZ_IN_KHZ 537#undef ONE_GHZ_IN_KHZ
@@ -1955,8 +1964,7 @@ static void restore_regulatory_settings(bool reset_user)
1955 if (reg_request->initiator != 1964 if (reg_request->initiator !=
1956 NL80211_REGDOM_SET_BY_USER) 1965 NL80211_REGDOM_SET_BY_USER)
1957 continue; 1966 continue;
1958 list_del(&reg_request->list); 1967 list_move_tail(&reg_request->list, &tmp_reg_req_list);
1959 list_add_tail(&reg_request->list, &tmp_reg_req_list);
1960 } 1968 }
1961 } 1969 }
1962 spin_unlock(&reg_requests_lock); 1970 spin_unlock(&reg_requests_lock);
@@ -2015,8 +2023,7 @@ static void restore_regulatory_settings(bool reset_user)
2015 "into the queue\n", 2023 "into the queue\n",
2016 reg_request->alpha2[0], 2024 reg_request->alpha2[0],
2017 reg_request->alpha2[1]); 2025 reg_request->alpha2[1]);
2018 list_del(&reg_request->list); 2026 list_move_tail(&reg_request->list, &reg_requests_list);
2019 list_add_tail(&reg_request->list, &reg_requests_list);
2020 } 2027 }
2021 spin_unlock(&reg_requests_lock); 2028 spin_unlock(&reg_requests_lock);
2022 2029
@@ -2201,7 +2208,6 @@ static void print_regdomain_info(const struct ieee80211_regdomain *rd)
2201static int __set_regdom(const struct ieee80211_regdomain *rd) 2208static int __set_regdom(const struct ieee80211_regdomain *rd)
2202{ 2209{
2203 const struct ieee80211_regdomain *intersected_rd = NULL; 2210 const struct ieee80211_regdomain *intersected_rd = NULL;
2204 struct cfg80211_registered_device *rdev = NULL;
2205 struct wiphy *request_wiphy; 2211 struct wiphy *request_wiphy;
2206 /* Some basic sanity checks first */ 2212 /* Some basic sanity checks first */
2207 2213
@@ -2313,24 +2319,7 @@ static int __set_regdom(const struct ieee80211_regdomain *rd)
2313 return 0; 2319 return 0;
2314 } 2320 }
2315 2321
2316 if (!intersected_rd) 2322 return -EINVAL;
2317 return -EINVAL;
2318
2319 rdev = wiphy_to_dev(request_wiphy);
2320
2321 rdev->country_ie_alpha2[0] = rd->alpha2[0];
2322 rdev->country_ie_alpha2[1] = rd->alpha2[1];
2323 rdev->env = last_request->country_ie_env;
2324
2325 BUG_ON(intersected_rd == rd);
2326
2327 kfree(rd);
2328 rd = NULL;
2329
2330 reset_regdomains(false);
2331 cfg80211_regdomain = intersected_rd;
2332
2333 return 0;
2334} 2323}
2335 2324
2336 2325
diff --git a/net/wireless/scan.c b/net/wireless/scan.c
index 848523a2b22f..9730c9862bdc 100644
--- a/net/wireless/scan.c
+++ b/net/wireless/scan.c
@@ -815,7 +815,7 @@ cfg80211_inform_bss_frame(struct wiphy *wiphy,
815 return NULL; 815 return NULL;
816 816
817 if (WARN_ON(wiphy->signal_type == CFG80211_SIGNAL_TYPE_UNSPEC && 817 if (WARN_ON(wiphy->signal_type == CFG80211_SIGNAL_TYPE_UNSPEC &&
818 (signal < 0 || signal > 100))) 818 (signal < 0 || signal > 100)))
819 return NULL; 819 return NULL;
820 820
821 if (WARN_ON(len < offsetof(struct ieee80211_mgmt, u.probe_resp.variable))) 821 if (WARN_ON(len < offsetof(struct ieee80211_mgmt, u.probe_resp.variable)))
diff --git a/net/wireless/util.c b/net/wireless/util.c
index 994e2f0cc7a8..ef35f4ef2aa6 100644
--- a/net/wireless/util.c
+++ b/net/wireless/util.c
@@ -684,22 +684,10 @@ EXPORT_SYMBOL(cfg80211_classify8021d);
684 684
685const u8 *ieee80211_bss_get_ie(struct cfg80211_bss *bss, u8 ie) 685const u8 *ieee80211_bss_get_ie(struct cfg80211_bss *bss, u8 ie)
686{ 686{
687 u8 *end, *pos; 687 if (bss->information_elements == NULL)
688
689 pos = bss->information_elements;
690 if (pos == NULL)
691 return NULL; 688 return NULL;
692 end = pos + bss->len_information_elements; 689 return cfg80211_find_ie(ie, bss->information_elements,
693 690 bss->len_information_elements);
694 while (pos + 1 < end) {
695 if (pos + 2 + pos[1] > end)
696 break;
697 if (pos[0] == ie)
698 return pos;
699 pos += 2 + pos[1];
700 }
701
702 return NULL;
703} 691}
704EXPORT_SYMBOL(ieee80211_bss_get_ie); 692EXPORT_SYMBOL(ieee80211_bss_get_ie);
705 693
@@ -812,6 +800,10 @@ int cfg80211_change_iface(struct cfg80211_registered_device *rdev,
812 if (otype == NL80211_IFTYPE_AP_VLAN) 800 if (otype == NL80211_IFTYPE_AP_VLAN)
813 return -EOPNOTSUPP; 801 return -EOPNOTSUPP;
814 802
803 /* cannot change into P2P device type */
804 if (ntype == NL80211_IFTYPE_P2P_DEVICE)
805 return -EOPNOTSUPP;
806
815 if (!rdev->ops->change_virtual_intf || 807 if (!rdev->ops->change_virtual_intf ||
816 !(rdev->wiphy.interface_modes & (1 << ntype))) 808 !(rdev->wiphy.interface_modes & (1 << ntype)))
817 return -EOPNOTSUPP; 809 return -EOPNOTSUPP;
@@ -889,6 +881,9 @@ int cfg80211_change_iface(struct cfg80211_registered_device *rdev,
889 case NUM_NL80211_IFTYPES: 881 case NUM_NL80211_IFTYPES:
890 /* not happening */ 882 /* not happening */
891 break; 883 break;
884 case NL80211_IFTYPE_P2P_DEVICE:
885 WARN_ON(1);
886 break;
892 } 887 }
893 } 888 }
894 889
@@ -1053,8 +1048,15 @@ int cfg80211_can_use_iftype_chan(struct cfg80211_registered_device *rdev,
1053 list_for_each_entry(wdev_iter, &rdev->wdev_list, list) { 1048 list_for_each_entry(wdev_iter, &rdev->wdev_list, list) {
1054 if (wdev_iter == wdev) 1049 if (wdev_iter == wdev)
1055 continue; 1050 continue;
1056 if (!netif_running(wdev_iter->netdev)) 1051 if (wdev_iter->netdev) {
1057 continue; 1052 if (!netif_running(wdev_iter->netdev))
1053 continue;
1054 } else if (wdev_iter->iftype == NL80211_IFTYPE_P2P_DEVICE) {
1055 if (!wdev_iter->p2p_started)
1056 continue;
1057 } else {
1058 WARN_ON(1);
1059 }
1058 1060
1059 if (rdev->wiphy.software_iftypes & BIT(wdev_iter->iftype)) 1061 if (rdev->wiphy.software_iftypes & BIT(wdev_iter->iftype))
1060 continue; 1062 continue;
diff --git a/net/wireless/wext-core.c b/net/wireless/wext-core.c
index b0eb7aa49b60..c8717c1d082e 100644
--- a/net/wireless/wext-core.c
+++ b/net/wireless/wext-core.c
@@ -478,13 +478,13 @@ void wireless_send_event(struct net_device * dev,
478 if (descr->header_type == IW_HEADER_TYPE_POINT) { 478 if (descr->header_type == IW_HEADER_TYPE_POINT) {
479 /* Check if number of token fits within bounds */ 479 /* Check if number of token fits within bounds */
480 if (wrqu->data.length > descr->max_tokens) { 480 if (wrqu->data.length > descr->max_tokens) {
481 netdev_err(dev, "(WE) : Wireless Event too big (%d)\n", 481 netdev_err(dev, "(WE) : Wireless Event (cmd=0x%04X) too big (%d)\n",
482 wrqu->data.length); 482 cmd, wrqu->data.length);
483 return; 483 return;
484 } 484 }
485 if (wrqu->data.length < descr->min_tokens) { 485 if (wrqu->data.length < descr->min_tokens) {
486 netdev_err(dev, "(WE) : Wireless Event too small (%d)\n", 486 netdev_err(dev, "(WE) : Wireless Event (cmd=0x%04X) too small (%d)\n",
487 wrqu->data.length); 487 cmd, wrqu->data.length);
488 return; 488 return;
489 } 489 }
490 /* Calculate extra_len - extra is NULL for restricted events */ 490 /* Calculate extra_len - extra is NULL for restricted events */
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index 46550997548c..41eabc46f110 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -42,13 +42,12 @@ static DEFINE_SPINLOCK(xfrm_policy_sk_bundle_lock);
42static struct dst_entry *xfrm_policy_sk_bundles; 42static struct dst_entry *xfrm_policy_sk_bundles;
43static DEFINE_RWLOCK(xfrm_policy_lock); 43static DEFINE_RWLOCK(xfrm_policy_lock);
44 44
45static DEFINE_RWLOCK(xfrm_policy_afinfo_lock); 45static DEFINE_SPINLOCK(xfrm_policy_afinfo_lock);
46static struct xfrm_policy_afinfo *xfrm_policy_afinfo[NPROTO]; 46static struct xfrm_policy_afinfo __rcu *xfrm_policy_afinfo[NPROTO]
47 __read_mostly;
47 48
48static struct kmem_cache *xfrm_dst_cache __read_mostly; 49static struct kmem_cache *xfrm_dst_cache __read_mostly;
49 50
50static struct xfrm_policy_afinfo *xfrm_policy_get_afinfo(unsigned short family);
51static void xfrm_policy_put_afinfo(struct xfrm_policy_afinfo *afinfo);
52static void xfrm_init_pmtu(struct dst_entry *dst); 51static void xfrm_init_pmtu(struct dst_entry *dst);
53static int stale_bundle(struct dst_entry *dst); 52static int stale_bundle(struct dst_entry *dst);
54static int xfrm_bundle_ok(struct xfrm_dst *xdst); 53static int xfrm_bundle_ok(struct xfrm_dst *xdst);
@@ -95,6 +94,24 @@ bool xfrm_selector_match(const struct xfrm_selector *sel, const struct flowi *fl
95 return false; 94 return false;
96} 95}
97 96
97static struct xfrm_policy_afinfo *xfrm_policy_get_afinfo(unsigned short family)
98{
99 struct xfrm_policy_afinfo *afinfo;
100
101 if (unlikely(family >= NPROTO))
102 return NULL;
103 rcu_read_lock();
104 afinfo = rcu_dereference(xfrm_policy_afinfo[family]);
105 if (unlikely(!afinfo))
106 rcu_read_unlock();
107 return afinfo;
108}
109
110static void xfrm_policy_put_afinfo(struct xfrm_policy_afinfo *afinfo)
111{
112 rcu_read_unlock();
113}
114
98static inline struct dst_entry *__xfrm_dst_lookup(struct net *net, int tos, 115static inline struct dst_entry *__xfrm_dst_lookup(struct net *net, int tos,
99 const xfrm_address_t *saddr, 116 const xfrm_address_t *saddr,
100 const xfrm_address_t *daddr, 117 const xfrm_address_t *daddr,
@@ -2421,7 +2438,7 @@ int xfrm_policy_register_afinfo(struct xfrm_policy_afinfo *afinfo)
2421 return -EINVAL; 2438 return -EINVAL;
2422 if (unlikely(afinfo->family >= NPROTO)) 2439 if (unlikely(afinfo->family >= NPROTO))
2423 return -EAFNOSUPPORT; 2440 return -EAFNOSUPPORT;
2424 write_lock_bh(&xfrm_policy_afinfo_lock); 2441 spin_lock(&xfrm_policy_afinfo_lock);
2425 if (unlikely(xfrm_policy_afinfo[afinfo->family] != NULL)) 2442 if (unlikely(xfrm_policy_afinfo[afinfo->family] != NULL))
2426 err = -ENOBUFS; 2443 err = -ENOBUFS;
2427 else { 2444 else {
@@ -2442,9 +2459,9 @@ int xfrm_policy_register_afinfo(struct xfrm_policy_afinfo *afinfo)
2442 dst_ops->neigh_lookup = xfrm_neigh_lookup; 2459 dst_ops->neigh_lookup = xfrm_neigh_lookup;
2443 if (likely(afinfo->garbage_collect == NULL)) 2460 if (likely(afinfo->garbage_collect == NULL))
2444 afinfo->garbage_collect = xfrm_garbage_collect_deferred; 2461 afinfo->garbage_collect = xfrm_garbage_collect_deferred;
2445 xfrm_policy_afinfo[afinfo->family] = afinfo; 2462 rcu_assign_pointer(xfrm_policy_afinfo[afinfo->family], afinfo);
2446 } 2463 }
2447 write_unlock_bh(&xfrm_policy_afinfo_lock); 2464 spin_unlock(&xfrm_policy_afinfo_lock);
2448 2465
2449 rtnl_lock(); 2466 rtnl_lock();
2450 for_each_net(net) { 2467 for_each_net(net) {
@@ -2477,21 +2494,26 @@ int xfrm_policy_unregister_afinfo(struct xfrm_policy_afinfo *afinfo)
2477 return -EINVAL; 2494 return -EINVAL;
2478 if (unlikely(afinfo->family >= NPROTO)) 2495 if (unlikely(afinfo->family >= NPROTO))
2479 return -EAFNOSUPPORT; 2496 return -EAFNOSUPPORT;
2480 write_lock_bh(&xfrm_policy_afinfo_lock); 2497 spin_lock(&xfrm_policy_afinfo_lock);
2481 if (likely(xfrm_policy_afinfo[afinfo->family] != NULL)) { 2498 if (likely(xfrm_policy_afinfo[afinfo->family] != NULL)) {
2482 if (unlikely(xfrm_policy_afinfo[afinfo->family] != afinfo)) 2499 if (unlikely(xfrm_policy_afinfo[afinfo->family] != afinfo))
2483 err = -EINVAL; 2500 err = -EINVAL;
2484 else { 2501 else
2485 struct dst_ops *dst_ops = afinfo->dst_ops; 2502 RCU_INIT_POINTER(xfrm_policy_afinfo[afinfo->family],
2486 xfrm_policy_afinfo[afinfo->family] = NULL; 2503 NULL);
2487 dst_ops->kmem_cachep = NULL; 2504 }
2488 dst_ops->check = NULL; 2505 spin_unlock(&xfrm_policy_afinfo_lock);
2489 dst_ops->negative_advice = NULL; 2506 if (!err) {
2490 dst_ops->link_failure = NULL; 2507 struct dst_ops *dst_ops = afinfo->dst_ops;
2491 afinfo->garbage_collect = NULL; 2508
2492 } 2509 synchronize_rcu();
2510
2511 dst_ops->kmem_cachep = NULL;
2512 dst_ops->check = NULL;
2513 dst_ops->negative_advice = NULL;
2514 dst_ops->link_failure = NULL;
2515 afinfo->garbage_collect = NULL;
2493 } 2516 }
2494 write_unlock_bh(&xfrm_policy_afinfo_lock);
2495 return err; 2517 return err;
2496} 2518}
2497EXPORT_SYMBOL(xfrm_policy_unregister_afinfo); 2519EXPORT_SYMBOL(xfrm_policy_unregister_afinfo);
@@ -2500,33 +2522,16 @@ static void __net_init xfrm_dst_ops_init(struct net *net)
2500{ 2522{
2501 struct xfrm_policy_afinfo *afinfo; 2523 struct xfrm_policy_afinfo *afinfo;
2502 2524
2503 read_lock_bh(&xfrm_policy_afinfo_lock); 2525 rcu_read_lock();
2504 afinfo = xfrm_policy_afinfo[AF_INET]; 2526 afinfo = rcu_dereference(xfrm_policy_afinfo[AF_INET]);
2505 if (afinfo) 2527 if (afinfo)
2506 net->xfrm.xfrm4_dst_ops = *afinfo->dst_ops; 2528 net->xfrm.xfrm4_dst_ops = *afinfo->dst_ops;
2507#if IS_ENABLED(CONFIG_IPV6) 2529#if IS_ENABLED(CONFIG_IPV6)
2508 afinfo = xfrm_policy_afinfo[AF_INET6]; 2530 afinfo = rcu_dereference(xfrm_policy_afinfo[AF_INET6]);
2509 if (afinfo) 2531 if (afinfo)
2510 net->xfrm.xfrm6_dst_ops = *afinfo->dst_ops; 2532 net->xfrm.xfrm6_dst_ops = *afinfo->dst_ops;
2511#endif 2533#endif
2512 read_unlock_bh(&xfrm_policy_afinfo_lock); 2534 rcu_read_unlock();
2513}
2514
2515static struct xfrm_policy_afinfo *xfrm_policy_get_afinfo(unsigned short family)
2516{
2517 struct xfrm_policy_afinfo *afinfo;
2518 if (unlikely(family >= NPROTO))
2519 return NULL;
2520 read_lock(&xfrm_policy_afinfo_lock);
2521 afinfo = xfrm_policy_afinfo[family];
2522 if (unlikely(!afinfo))
2523 read_unlock(&xfrm_policy_afinfo_lock);
2524 return afinfo;
2525}
2526
2527static void xfrm_policy_put_afinfo(struct xfrm_policy_afinfo *afinfo)
2528{
2529 read_unlock(&xfrm_policy_afinfo_lock);
2530} 2535}
2531 2536
2532static int xfrm_dev_event(struct notifier_block *this, unsigned long event, void *ptr) 2537static int xfrm_dev_event(struct notifier_block *this, unsigned long event, void *ptr)
diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
index bd2d9841ad59..3459692092ec 100644
--- a/net/xfrm/xfrm_state.c
+++ b/net/xfrm/xfrm_state.c
@@ -166,7 +166,7 @@ static DEFINE_SPINLOCK(xfrm_state_gc_lock);
166int __xfrm_state_delete(struct xfrm_state *x); 166int __xfrm_state_delete(struct xfrm_state *x);
167 167
168int km_query(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *pol); 168int km_query(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *pol);
169void km_state_expired(struct xfrm_state *x, int hard, u32 pid); 169void km_state_expired(struct xfrm_state *x, int hard, u32 portid);
170 170
171static struct xfrm_state_afinfo *xfrm_state_lock_afinfo(unsigned int family) 171static struct xfrm_state_afinfo *xfrm_state_lock_afinfo(unsigned int family)
172{ 172{
@@ -1674,13 +1674,13 @@ void km_state_notify(struct xfrm_state *x, const struct km_event *c)
1674EXPORT_SYMBOL(km_policy_notify); 1674EXPORT_SYMBOL(km_policy_notify);
1675EXPORT_SYMBOL(km_state_notify); 1675EXPORT_SYMBOL(km_state_notify);
1676 1676
1677void km_state_expired(struct xfrm_state *x, int hard, u32 pid) 1677void km_state_expired(struct xfrm_state *x, int hard, u32 portid)
1678{ 1678{
1679 struct net *net = xs_net(x); 1679 struct net *net = xs_net(x);
1680 struct km_event c; 1680 struct km_event c;
1681 1681
1682 c.data.hard = hard; 1682 c.data.hard = hard;
1683 c.pid = pid; 1683 c.portid = portid;
1684 c.event = XFRM_MSG_EXPIRE; 1684 c.event = XFRM_MSG_EXPIRE;
1685 km_state_notify(x, &c); 1685 km_state_notify(x, &c);
1686 1686
@@ -1700,7 +1700,7 @@ int km_query(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *pol)
1700 1700
1701 read_lock(&xfrm_km_lock); 1701 read_lock(&xfrm_km_lock);
1702 list_for_each_entry(km, &xfrm_km_list, list) { 1702 list_for_each_entry(km, &xfrm_km_list, list) {
1703 acqret = km->acquire(x, t, pol, XFRM_POLICY_OUT); 1703 acqret = km->acquire(x, t, pol);
1704 if (!acqret) 1704 if (!acqret)
1705 err = acqret; 1705 err = acqret;
1706 } 1706 }
@@ -1726,13 +1726,13 @@ int km_new_mapping(struct xfrm_state *x, xfrm_address_t *ipaddr, __be16 sport)
1726} 1726}
1727EXPORT_SYMBOL(km_new_mapping); 1727EXPORT_SYMBOL(km_new_mapping);
1728 1728
1729void km_policy_expired(struct xfrm_policy *pol, int dir, int hard, u32 pid) 1729void km_policy_expired(struct xfrm_policy *pol, int dir, int hard, u32 portid)
1730{ 1730{
1731 struct net *net = xp_net(pol); 1731 struct net *net = xp_net(pol);
1732 struct km_event c; 1732 struct km_event c;
1733 1733
1734 c.data.hard = hard; 1734 c.data.hard = hard;
1735 c.pid = pid; 1735 c.portid = portid;
1736 c.event = XFRM_MSG_POLEXPIRE; 1736 c.event = XFRM_MSG_POLEXPIRE;
1737 km_policy_notify(pol, dir, &c); 1737 km_policy_notify(pol, dir, &c);
1738 1738
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index bc542448307a..421f98444335 100644
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -623,7 +623,7 @@ static int xfrm_add_sa(struct sk_buff *skb, struct nlmsghdr *nlh,
623 } 623 }
624 624
625 c.seq = nlh->nlmsg_seq; 625 c.seq = nlh->nlmsg_seq;
626 c.pid = nlh->nlmsg_pid; 626 c.portid = nlh->nlmsg_pid;
627 c.event = nlh->nlmsg_type; 627 c.event = nlh->nlmsg_type;
628 628
629 km_state_notify(x, &c); 629 km_state_notify(x, &c);
@@ -696,7 +696,7 @@ static int xfrm_del_sa(struct sk_buff *skb, struct nlmsghdr *nlh,
696 goto out; 696 goto out;
697 697
698 c.seq = nlh->nlmsg_seq; 698 c.seq = nlh->nlmsg_seq;
699 c.pid = nlh->nlmsg_pid; 699 c.portid = nlh->nlmsg_pid;
700 c.event = nlh->nlmsg_type; 700 c.event = nlh->nlmsg_type;
701 km_state_notify(x, &c); 701 km_state_notify(x, &c);
702 702
@@ -847,7 +847,7 @@ static int dump_one_state(struct xfrm_state *x, int count, void *ptr)
847 struct nlmsghdr *nlh; 847 struct nlmsghdr *nlh;
848 int err; 848 int err;
849 849
850 nlh = nlmsg_put(skb, NETLINK_CB(in_skb).pid, sp->nlmsg_seq, 850 nlh = nlmsg_put(skb, NETLINK_CB(in_skb).portid, sp->nlmsg_seq,
851 XFRM_MSG_NEWSA, sizeof(*p), sp->nlmsg_flags); 851 XFRM_MSG_NEWSA, sizeof(*p), sp->nlmsg_flags);
852 if (nlh == NULL) 852 if (nlh == NULL)
853 return -EMSGSIZE; 853 return -EMSGSIZE;
@@ -927,7 +927,7 @@ static inline size_t xfrm_spdinfo_msgsize(void)
927} 927}
928 928
929static int build_spdinfo(struct sk_buff *skb, struct net *net, 929static int build_spdinfo(struct sk_buff *skb, struct net *net,
930 u32 pid, u32 seq, u32 flags) 930 u32 portid, u32 seq, u32 flags)
931{ 931{
932 struct xfrmk_spdinfo si; 932 struct xfrmk_spdinfo si;
933 struct xfrmu_spdinfo spc; 933 struct xfrmu_spdinfo spc;
@@ -936,7 +936,7 @@ static int build_spdinfo(struct sk_buff *skb, struct net *net,
936 int err; 936 int err;
937 u32 *f; 937 u32 *f;
938 938
939 nlh = nlmsg_put(skb, pid, seq, XFRM_MSG_NEWSPDINFO, sizeof(u32), 0); 939 nlh = nlmsg_put(skb, portid, seq, XFRM_MSG_NEWSPDINFO, sizeof(u32), 0);
940 if (nlh == NULL) /* shouldn't really happen ... */ 940 if (nlh == NULL) /* shouldn't really happen ... */
941 return -EMSGSIZE; 941 return -EMSGSIZE;
942 942
@@ -969,17 +969,17 @@ static int xfrm_get_spdinfo(struct sk_buff *skb, struct nlmsghdr *nlh,
969 struct net *net = sock_net(skb->sk); 969 struct net *net = sock_net(skb->sk);
970 struct sk_buff *r_skb; 970 struct sk_buff *r_skb;
971 u32 *flags = nlmsg_data(nlh); 971 u32 *flags = nlmsg_data(nlh);
972 u32 spid = NETLINK_CB(skb).pid; 972 u32 sportid = NETLINK_CB(skb).portid;
973 u32 seq = nlh->nlmsg_seq; 973 u32 seq = nlh->nlmsg_seq;
974 974
975 r_skb = nlmsg_new(xfrm_spdinfo_msgsize(), GFP_ATOMIC); 975 r_skb = nlmsg_new(xfrm_spdinfo_msgsize(), GFP_ATOMIC);
976 if (r_skb == NULL) 976 if (r_skb == NULL)
977 return -ENOMEM; 977 return -ENOMEM;
978 978
979 if (build_spdinfo(r_skb, net, spid, seq, *flags) < 0) 979 if (build_spdinfo(r_skb, net, sportid, seq, *flags) < 0)
980 BUG(); 980 BUG();
981 981
982 return nlmsg_unicast(net->xfrm.nlsk, r_skb, spid); 982 return nlmsg_unicast(net->xfrm.nlsk, r_skb, sportid);
983} 983}
984 984
985static inline size_t xfrm_sadinfo_msgsize(void) 985static inline size_t xfrm_sadinfo_msgsize(void)
@@ -990,7 +990,7 @@ static inline size_t xfrm_sadinfo_msgsize(void)
990} 990}
991 991
992static int build_sadinfo(struct sk_buff *skb, struct net *net, 992static int build_sadinfo(struct sk_buff *skb, struct net *net,
993 u32 pid, u32 seq, u32 flags) 993 u32 portid, u32 seq, u32 flags)
994{ 994{
995 struct xfrmk_sadinfo si; 995 struct xfrmk_sadinfo si;
996 struct xfrmu_sadhinfo sh; 996 struct xfrmu_sadhinfo sh;
@@ -998,7 +998,7 @@ static int build_sadinfo(struct sk_buff *skb, struct net *net,
998 int err; 998 int err;
999 u32 *f; 999 u32 *f;
1000 1000
1001 nlh = nlmsg_put(skb, pid, seq, XFRM_MSG_NEWSADINFO, sizeof(u32), 0); 1001 nlh = nlmsg_put(skb, portid, seq, XFRM_MSG_NEWSADINFO, sizeof(u32), 0);
1002 if (nlh == NULL) /* shouldn't really happen ... */ 1002 if (nlh == NULL) /* shouldn't really happen ... */
1003 return -EMSGSIZE; 1003 return -EMSGSIZE;
1004 1004
@@ -1026,17 +1026,17 @@ static int xfrm_get_sadinfo(struct sk_buff *skb, struct nlmsghdr *nlh,
1026 struct net *net = sock_net(skb->sk); 1026 struct net *net = sock_net(skb->sk);
1027 struct sk_buff *r_skb; 1027 struct sk_buff *r_skb;
1028 u32 *flags = nlmsg_data(nlh); 1028 u32 *flags = nlmsg_data(nlh);
1029 u32 spid = NETLINK_CB(skb).pid; 1029 u32 sportid = NETLINK_CB(skb).portid;
1030 u32 seq = nlh->nlmsg_seq; 1030 u32 seq = nlh->nlmsg_seq;
1031 1031
1032 r_skb = nlmsg_new(xfrm_sadinfo_msgsize(), GFP_ATOMIC); 1032 r_skb = nlmsg_new(xfrm_sadinfo_msgsize(), GFP_ATOMIC);
1033 if (r_skb == NULL) 1033 if (r_skb == NULL)
1034 return -ENOMEM; 1034 return -ENOMEM;
1035 1035
1036 if (build_sadinfo(r_skb, net, spid, seq, *flags) < 0) 1036 if (build_sadinfo(r_skb, net, sportid, seq, *flags) < 0)
1037 BUG(); 1037 BUG();
1038 1038
1039 return nlmsg_unicast(net->xfrm.nlsk, r_skb, spid); 1039 return nlmsg_unicast(net->xfrm.nlsk, r_skb, sportid);
1040} 1040}
1041 1041
1042static int xfrm_get_sa(struct sk_buff *skb, struct nlmsghdr *nlh, 1042static int xfrm_get_sa(struct sk_buff *skb, struct nlmsghdr *nlh,
@@ -1056,7 +1056,7 @@ static int xfrm_get_sa(struct sk_buff *skb, struct nlmsghdr *nlh,
1056 if (IS_ERR(resp_skb)) { 1056 if (IS_ERR(resp_skb)) {
1057 err = PTR_ERR(resp_skb); 1057 err = PTR_ERR(resp_skb);
1058 } else { 1058 } else {
1059 err = nlmsg_unicast(net->xfrm.nlsk, resp_skb, NETLINK_CB(skb).pid); 1059 err = nlmsg_unicast(net->xfrm.nlsk, resp_skb, NETLINK_CB(skb).portid);
1060 } 1060 }
1061 xfrm_state_put(x); 1061 xfrm_state_put(x);
1062out_noput: 1062out_noput:
@@ -1137,7 +1137,7 @@ static int xfrm_alloc_userspi(struct sk_buff *skb, struct nlmsghdr *nlh,
1137 goto out; 1137 goto out;
1138 } 1138 }
1139 1139
1140 err = nlmsg_unicast(net->xfrm.nlsk, resp_skb, NETLINK_CB(skb).pid); 1140 err = nlmsg_unicast(net->xfrm.nlsk, resp_skb, NETLINK_CB(skb).portid);
1141 1141
1142out: 1142out:
1143 xfrm_state_put(x); 1143 xfrm_state_put(x);
@@ -1425,7 +1425,7 @@ static int xfrm_add_policy(struct sk_buff *skb, struct nlmsghdr *nlh,
1425 1425
1426 c.event = nlh->nlmsg_type; 1426 c.event = nlh->nlmsg_type;
1427 c.seq = nlh->nlmsg_seq; 1427 c.seq = nlh->nlmsg_seq;
1428 c.pid = nlh->nlmsg_pid; 1428 c.portid = nlh->nlmsg_pid;
1429 km_policy_notify(xp, p->dir, &c); 1429 km_policy_notify(xp, p->dir, &c);
1430 1430
1431 xfrm_pol_put(xp); 1431 xfrm_pol_put(xp);
@@ -1511,7 +1511,7 @@ static int dump_one_policy(struct xfrm_policy *xp, int dir, int count, void *ptr
1511 struct nlmsghdr *nlh; 1511 struct nlmsghdr *nlh;
1512 int err; 1512 int err;
1513 1513
1514 nlh = nlmsg_put(skb, NETLINK_CB(in_skb).pid, sp->nlmsg_seq, 1514 nlh = nlmsg_put(skb, NETLINK_CB(in_skb).portid, sp->nlmsg_seq,
1515 XFRM_MSG_NEWPOLICY, sizeof(*p), sp->nlmsg_flags); 1515 XFRM_MSG_NEWPOLICY, sizeof(*p), sp->nlmsg_flags);
1516 if (nlh == NULL) 1516 if (nlh == NULL)
1517 return -EMSGSIZE; 1517 return -EMSGSIZE;
@@ -1648,7 +1648,7 @@ static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh,
1648 err = PTR_ERR(resp_skb); 1648 err = PTR_ERR(resp_skb);
1649 } else { 1649 } else {
1650 err = nlmsg_unicast(net->xfrm.nlsk, resp_skb, 1650 err = nlmsg_unicast(net->xfrm.nlsk, resp_skb,
1651 NETLINK_CB(skb).pid); 1651 NETLINK_CB(skb).portid);
1652 } 1652 }
1653 } else { 1653 } else {
1654 kuid_t loginuid = audit_get_loginuid(current); 1654 kuid_t loginuid = audit_get_loginuid(current);
@@ -1665,7 +1665,7 @@ static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh,
1665 c.data.byid = p->index; 1665 c.data.byid = p->index;
1666 c.event = nlh->nlmsg_type; 1666 c.event = nlh->nlmsg_type;
1667 c.seq = nlh->nlmsg_seq; 1667 c.seq = nlh->nlmsg_seq;
1668 c.pid = nlh->nlmsg_pid; 1668 c.portid = nlh->nlmsg_pid;
1669 km_policy_notify(xp, p->dir, &c); 1669 km_policy_notify(xp, p->dir, &c);
1670 } 1670 }
1671 1671
@@ -1695,7 +1695,7 @@ static int xfrm_flush_sa(struct sk_buff *skb, struct nlmsghdr *nlh,
1695 c.data.proto = p->proto; 1695 c.data.proto = p->proto;
1696 c.event = nlh->nlmsg_type; 1696 c.event = nlh->nlmsg_type;
1697 c.seq = nlh->nlmsg_seq; 1697 c.seq = nlh->nlmsg_seq;
1698 c.pid = nlh->nlmsg_pid; 1698 c.portid = nlh->nlmsg_pid;
1699 c.net = net; 1699 c.net = net;
1700 km_state_notify(NULL, &c); 1700 km_state_notify(NULL, &c);
1701 1701
@@ -1722,7 +1722,7 @@ static int build_aevent(struct sk_buff *skb, struct xfrm_state *x, const struct
1722 struct nlmsghdr *nlh; 1722 struct nlmsghdr *nlh;
1723 int err; 1723 int err;
1724 1724
1725 nlh = nlmsg_put(skb, c->pid, c->seq, XFRM_MSG_NEWAE, sizeof(*id), 0); 1725 nlh = nlmsg_put(skb, c->portid, c->seq, XFRM_MSG_NEWAE, sizeof(*id), 0);
1726 if (nlh == NULL) 1726 if (nlh == NULL)
1727 return -EMSGSIZE; 1727 return -EMSGSIZE;
1728 1728
@@ -1804,11 +1804,11 @@ static int xfrm_get_ae(struct sk_buff *skb, struct nlmsghdr *nlh,
1804 spin_lock_bh(&x->lock); 1804 spin_lock_bh(&x->lock);
1805 c.data.aevent = p->flags; 1805 c.data.aevent = p->flags;
1806 c.seq = nlh->nlmsg_seq; 1806 c.seq = nlh->nlmsg_seq;
1807 c.pid = nlh->nlmsg_pid; 1807 c.portid = nlh->nlmsg_pid;
1808 1808
1809 if (build_aevent(r_skb, x, &c) < 0) 1809 if (build_aevent(r_skb, x, &c) < 0)
1810 BUG(); 1810 BUG();
1811 err = nlmsg_unicast(net->xfrm.nlsk, r_skb, NETLINK_CB(skb).pid); 1811 err = nlmsg_unicast(net->xfrm.nlsk, r_skb, NETLINK_CB(skb).portid);
1812 spin_unlock_bh(&x->lock); 1812 spin_unlock_bh(&x->lock);
1813 xfrm_state_put(x); 1813 xfrm_state_put(x);
1814 return err; 1814 return err;
@@ -1854,7 +1854,7 @@ static int xfrm_new_ae(struct sk_buff *skb, struct nlmsghdr *nlh,
1854 1854
1855 c.event = nlh->nlmsg_type; 1855 c.event = nlh->nlmsg_type;
1856 c.seq = nlh->nlmsg_seq; 1856 c.seq = nlh->nlmsg_seq;
1857 c.pid = nlh->nlmsg_pid; 1857 c.portid = nlh->nlmsg_pid;
1858 c.data.aevent = XFRM_AE_CU; 1858 c.data.aevent = XFRM_AE_CU;
1859 km_state_notify(x, &c); 1859 km_state_notify(x, &c);
1860 err = 0; 1860 err = 0;
@@ -1889,7 +1889,7 @@ static int xfrm_flush_policy(struct sk_buff *skb, struct nlmsghdr *nlh,
1889 c.data.type = type; 1889 c.data.type = type;
1890 c.event = nlh->nlmsg_type; 1890 c.event = nlh->nlmsg_type;
1891 c.seq = nlh->nlmsg_seq; 1891 c.seq = nlh->nlmsg_seq;
1892 c.pid = nlh->nlmsg_pid; 1892 c.portid = nlh->nlmsg_pid;
1893 c.net = net; 1893 c.net = net;
1894 km_policy_notify(NULL, 0, &c); 1894 km_policy_notify(NULL, 0, &c);
1895 return 0; 1895 return 0;
@@ -1957,7 +1957,7 @@ static int xfrm_add_pol_expire(struct sk_buff *skb, struct nlmsghdr *nlh,
1957 // reset the timers here? 1957 // reset the timers here?
1958 WARN(1, "Dont know what to do with soft policy expire\n"); 1958 WARN(1, "Dont know what to do with soft policy expire\n");
1959 } 1959 }
1960 km_policy_expired(xp, p->dir, up->hard, current->pid); 1960 km_policy_expired(xp, p->dir, up->hard, nlh->nlmsg_pid);
1961 1961
1962out: 1962out:
1963 xfrm_pol_put(xp); 1963 xfrm_pol_put(xp);
@@ -1985,7 +1985,7 @@ static int xfrm_add_sa_expire(struct sk_buff *skb, struct nlmsghdr *nlh,
1985 err = -EINVAL; 1985 err = -EINVAL;
1986 if (x->km.state != XFRM_STATE_VALID) 1986 if (x->km.state != XFRM_STATE_VALID)
1987 goto out; 1987 goto out;
1988 km_state_expired(x, ue->hard, current->pid); 1988 km_state_expired(x, ue->hard, nlh->nlmsg_pid);
1989 1989
1990 if (ue->hard) { 1990 if (ue->hard) {
1991 kuid_t loginuid = audit_get_loginuid(current); 1991 kuid_t loginuid = audit_get_loginuid(current);
@@ -2397,7 +2397,7 @@ static int build_expire(struct sk_buff *skb, struct xfrm_state *x, const struct
2397 struct nlmsghdr *nlh; 2397 struct nlmsghdr *nlh;
2398 int err; 2398 int err;
2399 2399
2400 nlh = nlmsg_put(skb, c->pid, 0, XFRM_MSG_EXPIRE, sizeof(*ue), 0); 2400 nlh = nlmsg_put(skb, c->portid, 0, XFRM_MSG_EXPIRE, sizeof(*ue), 0);
2401 if (nlh == NULL) 2401 if (nlh == NULL)
2402 return -EMSGSIZE; 2402 return -EMSGSIZE;
2403 2403
@@ -2456,7 +2456,7 @@ static int xfrm_notify_sa_flush(const struct km_event *c)
2456 if (skb == NULL) 2456 if (skb == NULL)
2457 return -ENOMEM; 2457 return -ENOMEM;
2458 2458
2459 nlh = nlmsg_put(skb, c->pid, c->seq, XFRM_MSG_FLUSHSA, sizeof(*p), 0); 2459 nlh = nlmsg_put(skb, c->portid, c->seq, XFRM_MSG_FLUSHSA, sizeof(*p), 0);
2460 if (nlh == NULL) { 2460 if (nlh == NULL) {
2461 kfree_skb(skb); 2461 kfree_skb(skb);
2462 return -EMSGSIZE; 2462 return -EMSGSIZE;
@@ -2524,7 +2524,7 @@ static int xfrm_notify_sa(struct xfrm_state *x, const struct km_event *c)
2524 if (skb == NULL) 2524 if (skb == NULL)
2525 return -ENOMEM; 2525 return -ENOMEM;
2526 2526
2527 nlh = nlmsg_put(skb, c->pid, c->seq, c->event, headlen, 0); 2527 nlh = nlmsg_put(skb, c->portid, c->seq, c->event, headlen, 0);
2528 err = -EMSGSIZE; 2528 err = -EMSGSIZE;
2529 if (nlh == NULL) 2529 if (nlh == NULL)
2530 goto out_free_skb; 2530 goto out_free_skb;
@@ -2594,8 +2594,7 @@ static inline size_t xfrm_acquire_msgsize(struct xfrm_state *x,
2594} 2594}
2595 2595
2596static int build_acquire(struct sk_buff *skb, struct xfrm_state *x, 2596static int build_acquire(struct sk_buff *skb, struct xfrm_state *x,
2597 struct xfrm_tmpl *xt, struct xfrm_policy *xp, 2597 struct xfrm_tmpl *xt, struct xfrm_policy *xp)
2598 int dir)
2599{ 2598{
2600 __u32 seq = xfrm_get_acqseq(); 2599 __u32 seq = xfrm_get_acqseq();
2601 struct xfrm_user_acquire *ua; 2600 struct xfrm_user_acquire *ua;
@@ -2610,7 +2609,7 @@ static int build_acquire(struct sk_buff *skb, struct xfrm_state *x,
2610 memcpy(&ua->id, &x->id, sizeof(ua->id)); 2609 memcpy(&ua->id, &x->id, sizeof(ua->id));
2611 memcpy(&ua->saddr, &x->props.saddr, sizeof(ua->saddr)); 2610 memcpy(&ua->saddr, &x->props.saddr, sizeof(ua->saddr));
2612 memcpy(&ua->sel, &x->sel, sizeof(ua->sel)); 2611 memcpy(&ua->sel, &x->sel, sizeof(ua->sel));
2613 copy_to_user_policy(xp, &ua->policy, dir); 2612 copy_to_user_policy(xp, &ua->policy, XFRM_POLICY_OUT);
2614 ua->aalgos = xt->aalgos; 2613 ua->aalgos = xt->aalgos;
2615 ua->ealgos = xt->ealgos; 2614 ua->ealgos = xt->ealgos;
2616 ua->calgos = xt->calgos; 2615 ua->calgos = xt->calgos;
@@ -2632,7 +2631,7 @@ static int build_acquire(struct sk_buff *skb, struct xfrm_state *x,
2632} 2631}
2633 2632
2634static int xfrm_send_acquire(struct xfrm_state *x, struct xfrm_tmpl *xt, 2633static int xfrm_send_acquire(struct xfrm_state *x, struct xfrm_tmpl *xt,
2635 struct xfrm_policy *xp, int dir) 2634 struct xfrm_policy *xp)
2636{ 2635{
2637 struct net *net = xs_net(x); 2636 struct net *net = xs_net(x);
2638 struct sk_buff *skb; 2637 struct sk_buff *skb;
@@ -2641,7 +2640,7 @@ static int xfrm_send_acquire(struct xfrm_state *x, struct xfrm_tmpl *xt,
2641 if (skb == NULL) 2640 if (skb == NULL)
2642 return -ENOMEM; 2641 return -ENOMEM;
2643 2642
2644 if (build_acquire(skb, x, xt, xp, dir) < 0) 2643 if (build_acquire(skb, x, xt, xp) < 0)
2645 BUG(); 2644 BUG();
2646 2645
2647 return nlmsg_multicast(net->xfrm.nlsk, skb, 0, XFRMNLGRP_ACQUIRE, GFP_ATOMIC); 2646 return nlmsg_multicast(net->xfrm.nlsk, skb, 0, XFRMNLGRP_ACQUIRE, GFP_ATOMIC);
@@ -2724,7 +2723,7 @@ static int build_polexpire(struct sk_buff *skb, struct xfrm_policy *xp,
2724 struct nlmsghdr *nlh; 2723 struct nlmsghdr *nlh;
2725 int err; 2724 int err;
2726 2725
2727 nlh = nlmsg_put(skb, c->pid, 0, XFRM_MSG_POLEXPIRE, sizeof(*upe), 0); 2726 nlh = nlmsg_put(skb, c->portid, 0, XFRM_MSG_POLEXPIRE, sizeof(*upe), 0);
2728 if (nlh == NULL) 2727 if (nlh == NULL)
2729 return -EMSGSIZE; 2728 return -EMSGSIZE;
2730 2729
@@ -2784,7 +2783,7 @@ static int xfrm_notify_policy(struct xfrm_policy *xp, int dir, const struct km_e
2784 if (skb == NULL) 2783 if (skb == NULL)
2785 return -ENOMEM; 2784 return -ENOMEM;
2786 2785
2787 nlh = nlmsg_put(skb, c->pid, c->seq, c->event, headlen, 0); 2786 nlh = nlmsg_put(skb, c->portid, c->seq, c->event, headlen, 0);
2788 err = -EMSGSIZE; 2787 err = -EMSGSIZE;
2789 if (nlh == NULL) 2788 if (nlh == NULL)
2790 goto out_free_skb; 2789 goto out_free_skb;
@@ -2838,7 +2837,7 @@ static int xfrm_notify_policy_flush(const struct km_event *c)
2838 if (skb == NULL) 2837 if (skb == NULL)
2839 return -ENOMEM; 2838 return -ENOMEM;
2840 2839
2841 nlh = nlmsg_put(skb, c->pid, c->seq, XFRM_MSG_FLUSHPOLICY, 0, 0); 2840 nlh = nlmsg_put(skb, c->portid, c->seq, XFRM_MSG_FLUSHPOLICY, 0, 0);
2842 err = -EMSGSIZE; 2841 err = -EMSGSIZE;
2843 if (nlh == NULL) 2842 if (nlh == NULL)
2844 goto out_free_skb; 2843 goto out_free_skb;
@@ -2991,7 +2990,7 @@ static int __net_init xfrm_user_net_init(struct net *net)
2991 .input = xfrm_netlink_rcv, 2990 .input = xfrm_netlink_rcv,
2992 }; 2991 };
2993 2992
2994 nlsk = netlink_kernel_create(net, NETLINK_XFRM, THIS_MODULE, &cfg); 2993 nlsk = netlink_kernel_create(net, NETLINK_XFRM, &cfg);
2995 if (nlsk == NULL) 2994 if (nlsk == NULL)
2996 return -ENOMEM; 2995 return -ENOMEM;
2997 net->xfrm.nlsk_stash = nlsk; /* Don't set to NULL */ 2996 net->xfrm.nlsk_stash = nlsk; /* Don't set to NULL */
generated by cgit v1.2.2 (git 2.25.0) at 2025-04-14 23:57:50 -0400