diff options
author | Linus Torvalds <torvalds@woody.osdl.org> | 2006-12-07 12:05:15 -0500 |
---|---|---|
committer | Linus Torvalds <torvalds@woody.osdl.org> | 2006-12-07 12:05:15 -0500 |
commit | 2685b267bce34c9b66626cb11664509c32a761a5 (patch) | |
tree | ce8b4ad47b4a1aa1b0e7634298d63c4cb0ca46c5 /include | |
parent | 4522d58275f124105819723e24e912c8e5bf3cdd (diff) | |
parent | 272491ef423b6976a230a998b10f46976aa91342 (diff) |
Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
* master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6: (48 commits)
[NETFILTER]: Fix non-ANSI func. decl.
[TG3]: Identify Serdes devices more clearly.
[TG3]: Use msleep.
[TG3]: Use netif_msg_*.
[TG3]: Allow partial speed advertisement.
[TG3]: Add TG3_FLG2_IS_NIC flag.
[TG3]: Add 5787F device ID.
[TG3]: Fix Phy loopback.
[WANROUTER]: Kill kmalloc debugging code.
[TCP] inet_twdr_hangman: Delete unnecessary memory barrier().
[NET]: Memory barrier cleanups
[IPSEC]: Fix inetpeer leak in ipv4 xfrm dst entries.
audit: disable ipsec auditing when CONFIG_AUDITSYSCALL=n
audit: Add auditing to ipsec
[IRDA] irlan: Fix compile warning when CONFIG_PROC_FS=n
[IrDA]: Incorrect TTP header reservation
[IrDA]: PXA FIR code device model conversion
[GENETLINK]: Fix misplaced command flags.
[NETLIK]: Add a pointer to the Generic Netlink wiki page.
[IPV6] RAW: Don't release unlocked sock.
...
Diffstat (limited to 'include')
-rw-r--r-- | include/crypto/b128ops.h | 80 | ||||
-rw-r--r-- | include/crypto/gf128mul.h | 198 | ||||
-rw-r--r-- | include/linux/audit.h | 6 | ||||
-rw-r--r-- | include/linux/crypto.h | 22 | ||||
-rw-r--r-- | include/linux/genetlink.h | 6 | ||||
-rw-r--r-- | include/linux/netfilter/nf_conntrack_pptp.h | 3 | ||||
-rw-r--r-- | include/linux/pci_ids.h | 3 | ||||
-rw-r--r-- | include/linux/pfkeyv2.h | 1 | ||||
-rw-r--r-- | include/net/irda/irlan_filter.h | 2 | ||||
-rw-r--r-- | include/net/xfrm.h | 24 |
10 files changed, 314 insertions, 31 deletions
diff --git a/include/crypto/b128ops.h b/include/crypto/b128ops.h new file mode 100644 index 00000000000..0b8e6bc5530 --- /dev/null +++ b/include/crypto/b128ops.h | |||
@@ -0,0 +1,80 @@ | |||
1 | /* b128ops.h - common 128-bit block operations | ||
2 | * | ||
3 | * Copyright (c) 2003, Dr Brian Gladman, Worcester, UK. | ||
4 | * Copyright (c) 2006, Rik Snel <rsnel@cube.dyndns.org> | ||
5 | * | ||
6 | * Based on Dr Brian Gladman's (GPL'd) work published at | ||
7 | * http://fp.gladman.plus.com/cryptography_technology/index.htm | ||
8 | * See the original copyright notice below. | ||
9 | * | ||
10 | * This program is free software; you can redistribute it and/or modify it | ||
11 | * under the terms of the GNU General Public License as published by the Free | ||
12 | * Software Foundation; either version 2 of the License, or (at your option) | ||
13 | * any later version. | ||
14 | */ | ||
15 | /* | ||
16 | --------------------------------------------------------------------------- | ||
17 | Copyright (c) 2003, Dr Brian Gladman, Worcester, UK. All rights reserved. | ||
18 | |||
19 | LICENSE TERMS | ||
20 | |||
21 | The free distribution and use of this software in both source and binary | ||
22 | form is allowed (with or without changes) provided that: | ||
23 | |||
24 | 1. distributions of this source code include the above copyright | ||
25 | notice, this list of conditions and the following disclaimer; | ||
26 | |||
27 | 2. distributions in binary form include the above copyright | ||
28 | notice, this list of conditions and the following disclaimer | ||
29 | in the documentation and/or other associated materials; | ||
30 | |||
31 | 3. the copyright holder's name is not used to endorse products | ||
32 | built using this software without specific written permission. | ||
33 | |||
34 | ALTERNATIVELY, provided that this notice is retained in full, this product | ||
35 | may be distributed under the terms of the GNU General Public License (GPL), | ||
36 | in which case the provisions of the GPL apply INSTEAD OF those given above. | ||
37 | |||
38 | DISCLAIMER | ||
39 | |||
40 | This software is provided 'as is' with no explicit or implied warranties | ||
41 | in respect of its properties, including, but not limited to, correctness | ||
42 | and/or fitness for purpose. | ||
43 | --------------------------------------------------------------------------- | ||
44 | Issue Date: 13/06/2006 | ||
45 | */ | ||
46 | |||
47 | #ifndef _CRYPTO_B128OPS_H | ||
48 | #define _CRYPTO_B128OPS_H | ||
49 | |||
50 | #include <linux/types.h> | ||
51 | |||
52 | typedef struct { | ||
53 | u64 a, b; | ||
54 | } u128; | ||
55 | |||
56 | typedef struct { | ||
57 | __be64 a, b; | ||
58 | } be128; | ||
59 | |||
60 | typedef struct { | ||
61 | __le64 b, a; | ||
62 | } le128; | ||
63 | |||
64 | static inline void u128_xor(u128 *r, const u128 *p, const u128 *q) | ||
65 | { | ||
66 | r->a = p->a ^ q->a; | ||
67 | r->b = p->b ^ q->b; | ||
68 | } | ||
69 | |||
70 | static inline void be128_xor(be128 *r, const be128 *p, const be128 *q) | ||
71 | { | ||
72 | u128_xor((u128 *)r, (u128 *)p, (u128 *)q); | ||
73 | } | ||
74 | |||
75 | static inline void le128_xor(le128 *r, const le128 *p, const le128 *q) | ||
76 | { | ||
77 | u128_xor((u128 *)r, (u128 *)p, (u128 *)q); | ||
78 | } | ||
79 | |||
80 | #endif /* _CRYPTO_B128OPS_H */ | ||
diff --git a/include/crypto/gf128mul.h b/include/crypto/gf128mul.h new file mode 100644 index 00000000000..4fd31520244 --- /dev/null +++ b/include/crypto/gf128mul.h | |||
@@ -0,0 +1,198 @@ | |||
1 | /* gf128mul.h - GF(2^128) multiplication functions | ||
2 | * | ||
3 | * Copyright (c) 2003, Dr Brian Gladman, Worcester, UK. | ||
4 | * Copyright (c) 2006 Rik Snel <rsnel@cube.dyndns.org> | ||
5 | * | ||
6 | * Based on Dr Brian Gladman's (GPL'd) work published at | ||
7 | * http://fp.gladman.plus.com/cryptography_technology/index.htm | ||
8 | * See the original copyright notice below. | ||
9 | * | ||
10 | * This program is free software; you can redistribute it and/or modify it | ||
11 | * under the terms of the GNU General Public License as published by the Free | ||
12 | * Software Foundation; either version 2 of the License, or (at your option) | ||
13 | * any later version. | ||
14 | */ | ||
15 | /* | ||
16 | --------------------------------------------------------------------------- | ||
17 | Copyright (c) 2003, Dr Brian Gladman, Worcester, UK. All rights reserved. | ||
18 | |||
19 | LICENSE TERMS | ||
20 | |||
21 | The free distribution and use of this software in both source and binary | ||
22 | form is allowed (with or without changes) provided that: | ||
23 | |||
24 | 1. distributions of this source code include the above copyright | ||
25 | notice, this list of conditions and the following disclaimer; | ||
26 | |||
27 | 2. distributions in binary form include the above copyright | ||
28 | notice, this list of conditions and the following disclaimer | ||
29 | in the documentation and/or other associated materials; | ||
30 | |||
31 | 3. the copyright holder's name is not used to endorse products | ||
32 | built using this software without specific written permission. | ||
33 | |||
34 | ALTERNATIVELY, provided that this notice is retained in full, this product | ||
35 | may be distributed under the terms of the GNU General Public License (GPL), | ||
36 | in which case the provisions of the GPL apply INSTEAD OF those given above. | ||
37 | |||
38 | DISCLAIMER | ||
39 | |||
40 | This software is provided 'as is' with no explicit or implied warranties | ||
41 | in respect of its properties, including, but not limited to, correctness | ||
42 | and/or fitness for purpose. | ||
43 | --------------------------------------------------------------------------- | ||
44 | Issue Date: 31/01/2006 | ||
45 | |||
46 | An implementation of field multiplication in Galois Field GF(128) | ||
47 | */ | ||
48 | |||
49 | #ifndef _CRYPTO_GF128MUL_H | ||
50 | #define _CRYPTO_GF128MUL_H | ||
51 | |||
52 | #include <crypto/b128ops.h> | ||
53 | #include <linux/slab.h> | ||
54 | |||
55 | /* Comment by Rik: | ||
56 | * | ||
57 | * For some background on GF(2^128) see for example: http://- | ||
58 | * csrc.nist.gov/CryptoToolkit/modes/proposedmodes/gcm/gcm-revised-spec.pdf | ||
59 | * | ||
60 | * The elements of GF(2^128) := GF(2)[X]/(X^128-X^7-X^2-X^1-1) can | ||
61 | * be mapped to computer memory in a variety of ways. Let's examine | ||
62 | * three common cases. | ||
63 | * | ||
64 | * Take a look at the 16 binary octets below in memory order. The msb's | ||
65 | * are left and the lsb's are right. char b[16] is an array and b[0] is | ||
66 | * the first octet. | ||
67 | * | ||
68 | * 80000000 00000000 00000000 00000000 .... 00000000 00000000 00000000 | ||
69 | * b[0] b[1] b[2] b[3] b[13] b[14] b[15] | ||
70 | * | ||
71 | * Every bit is a coefficient of some power of X. We can store the bits | ||
72 | * in every byte in little-endian order and the bytes themselves also in | ||
73 | * little endian order. I will call this lle (little-little-endian). | ||
74 | * The above buffer represents the polynomial 1, and X^7+X^2+X^1+1 looks | ||
75 | * like 11100001 00000000 .... 00000000 = { 0xE1, 0x00, }. | ||
76 | * This format was originally implemented in gf128mul and is used | ||
77 | * in GCM (Galois/Counter mode) and in ABL (Arbitrary Block Length). | ||
78 | * | ||
79 | * Another convention says: store the bits in bigendian order and the | ||
80 | * bytes also. This is bbe (big-big-endian). Now the buffer above | ||
81 | * represents X^127. X^7+X^2+X^1+1 looks like 00000000 .... 10000111, | ||
82 | * b[15] = 0x87 and the rest is 0. LRW uses this convention and bbe | ||
83 | * is partly implemented. | ||
84 | * | ||
85 | * Both of the above formats are easy to implement on big-endian | ||
86 | * machines. | ||
87 | * | ||
88 | * EME (which is patent encumbered) uses the ble format (bits are stored | ||
89 | * in big endian order and the bytes in little endian). The above buffer | ||
90 | * represents X^7 in this case and the primitive polynomial is b[0] = 0x87. | ||
91 | * | ||
92 | * The common machine word-size is smaller than 128 bits, so to make | ||
93 | * an efficient implementation we must split into machine word sizes. | ||
94 | * This file uses one 32bit for the moment. Machine endianness comes into | ||
95 | * play. The lle format in relation to machine endianness is discussed | ||
96 | * below by the original author of gf128mul Dr Brian Gladman. | ||
97 | * | ||
98 | * Let's look at the bbe and ble format on a little endian machine. | ||
99 | * | ||
100 | * bbe on a little endian machine u32 x[4]: | ||
101 | * | ||
102 | * MS x[0] LS MS x[1] LS | ||
103 | * ms ls ms ls ms ls ms ls ms ls ms ls ms ls ms ls | ||
104 | * 103..96 111.104 119.112 127.120 71...64 79...72 87...80 95...88 | ||
105 | * | ||
106 | * MS x[2] LS MS x[3] LS | ||
107 | * ms ls ms ls ms ls ms ls ms ls ms ls ms ls ms ls | ||
108 | * 39...32 47...40 55...48 63...56 07...00 15...08 23...16 31...24 | ||
109 | * | ||
110 | * ble on a little endian machine | ||
111 | * | ||
112 | * MS x[0] LS MS x[1] LS | ||
113 | * ms ls ms ls ms ls ms ls ms ls ms ls ms ls ms ls | ||
114 | * 31...24 23...16 15...08 07...00 63...56 55...48 47...40 39...32 | ||
115 | * | ||
116 | * MS x[2] LS MS x[3] LS | ||
117 | * ms ls ms ls ms ls ms ls ms ls ms ls ms ls ms ls | ||
118 | * 95...88 87...80 79...72 71...64 127.120 199.112 111.104 103..96 | ||
119 | * | ||
120 | * Multiplications in GF(2^128) are mostly bit-shifts, so you see why | ||
121 | * ble (and lbe also) are easier to implement on a little-endian | ||
122 | * machine than on a big-endian machine. The converse holds for bbe | ||
123 | * and lle. | ||
124 | * | ||
125 | * Note: to have good alignment, it seems to me that it is sufficient | ||
126 | * to keep elements of GF(2^128) in type u64[2]. On 32-bit wordsize | ||
127 | * machines this will automatically aligned to wordsize and on a 64-bit | ||
128 | * machine also. | ||
129 | */ | ||
130 | /* Multiply a GF128 field element by x. Field elements are held in arrays | ||
131 | of bytes in which field bits 8n..8n + 7 are held in byte[n], with lower | ||
132 | indexed bits placed in the more numerically significant bit positions | ||
133 | within bytes. | ||
134 | |||
135 | On little endian machines the bit indexes translate into the bit | ||
136 | positions within four 32-bit words in the following way | ||
137 | |||
138 | MS x[0] LS MS x[1] LS | ||
139 | ms ls ms ls ms ls ms ls ms ls ms ls ms ls ms ls | ||
140 | 24...31 16...23 08...15 00...07 56...63 48...55 40...47 32...39 | ||
141 | |||
142 | MS x[2] LS MS x[3] LS | ||
143 | ms ls ms ls ms ls ms ls ms ls ms ls ms ls ms ls | ||
144 | 88...95 80...87 72...79 64...71 120.127 112.119 104.111 96..103 | ||
145 | |||
146 | On big endian machines the bit indexes translate into the bit | ||
147 | positions within four 32-bit words in the following way | ||
148 | |||
149 | MS x[0] LS MS x[1] LS | ||
150 | ms ls ms ls ms ls ms ls ms ls ms ls ms ls ms ls | ||
151 | 00...07 08...15 16...23 24...31 32...39 40...47 48...55 56...63 | ||
152 | |||
153 | MS x[2] LS MS x[3] LS | ||
154 | ms ls ms ls ms ls ms ls ms ls ms ls ms ls ms ls | ||
155 | 64...71 72...79 80...87 88...95 96..103 104.111 112.119 120.127 | ||
156 | */ | ||
157 | |||
158 | /* A slow generic version of gf_mul, implemented for lle and bbe | ||
159 | * It multiplies a and b and puts the result in a */ | ||
160 | void gf128mul_lle(be128 *a, const be128 *b); | ||
161 | |||
162 | void gf128mul_bbe(be128 *a, const be128 *b); | ||
163 | |||
164 | |||
165 | /* 4k table optimization */ | ||
166 | |||
167 | struct gf128mul_4k { | ||
168 | be128 t[256]; | ||
169 | }; | ||
170 | |||
171 | struct gf128mul_4k *gf128mul_init_4k_lle(const be128 *g); | ||
172 | struct gf128mul_4k *gf128mul_init_4k_bbe(const be128 *g); | ||
173 | void gf128mul_4k_lle(be128 *a, struct gf128mul_4k *t); | ||
174 | void gf128mul_4k_bbe(be128 *a, struct gf128mul_4k *t); | ||
175 | |||
176 | static inline void gf128mul_free_4k(struct gf128mul_4k *t) | ||
177 | { | ||
178 | kfree(t); | ||
179 | } | ||
180 | |||
181 | |||
182 | /* 64k table optimization, implemented for lle and bbe */ | ||
183 | |||
184 | struct gf128mul_64k { | ||
185 | struct gf128mul_4k *t[16]; | ||
186 | }; | ||
187 | |||
188 | /* first initialize with the constant factor with which you | ||
189 | * want to multiply and then call gf128_64k_lle with the other | ||
190 | * factor in the first argument, the table in the second and a | ||
191 | * scratch register in the third. Afterwards *a = *r. */ | ||
192 | struct gf128mul_64k *gf128mul_init_64k_lle(const be128 *g); | ||
193 | struct gf128mul_64k *gf128mul_init_64k_bbe(const be128 *g); | ||
194 | void gf128mul_free_64k(struct gf128mul_64k *t); | ||
195 | void gf128mul_64k_lle(be128 *a, struct gf128mul_64k *t); | ||
196 | void gf128mul_64k_bbe(be128 *a, struct gf128mul_64k *t); | ||
197 | |||
198 | #endif /* _CRYPTO_GF128MUL_H */ | ||
diff --git a/include/linux/audit.h b/include/linux/audit.h index b2ca666d999..0e07db6cc0d 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h | |||
@@ -101,6 +101,10 @@ | |||
101 | #define AUDIT_MAC_CIPSOV4_DEL 1408 /* NetLabel: del CIPSOv4 DOI entry */ | 101 | #define AUDIT_MAC_CIPSOV4_DEL 1408 /* NetLabel: del CIPSOv4 DOI entry */ |
102 | #define AUDIT_MAC_MAP_ADD 1409 /* NetLabel: add LSM domain mapping */ | 102 | #define AUDIT_MAC_MAP_ADD 1409 /* NetLabel: add LSM domain mapping */ |
103 | #define AUDIT_MAC_MAP_DEL 1410 /* NetLabel: del LSM domain mapping */ | 103 | #define AUDIT_MAC_MAP_DEL 1410 /* NetLabel: del LSM domain mapping */ |
104 | #define AUDIT_MAC_IPSEC_ADDSA 1411 /* Add a XFRM state */ | ||
105 | #define AUDIT_MAC_IPSEC_DELSA 1412 /* Delete a XFRM state */ | ||
106 | #define AUDIT_MAC_IPSEC_ADDSPD 1413 /* Add a XFRM policy */ | ||
107 | #define AUDIT_MAC_IPSEC_DELSPD 1414 /* Delete a XFRM policy */ | ||
104 | 108 | ||
105 | #define AUDIT_FIRST_KERN_ANOM_MSG 1700 | 109 | #define AUDIT_FIRST_KERN_ANOM_MSG 1700 |
106 | #define AUDIT_LAST_KERN_ANOM_MSG 1799 | 110 | #define AUDIT_LAST_KERN_ANOM_MSG 1799 |
@@ -377,6 +381,7 @@ extern void auditsc_get_stamp(struct audit_context *ctx, | |||
377 | struct timespec *t, unsigned int *serial); | 381 | struct timespec *t, unsigned int *serial); |
378 | extern int audit_set_loginuid(struct task_struct *task, uid_t loginuid); | 382 | extern int audit_set_loginuid(struct task_struct *task, uid_t loginuid); |
379 | extern uid_t audit_get_loginuid(struct audit_context *ctx); | 383 | extern uid_t audit_get_loginuid(struct audit_context *ctx); |
384 | extern void audit_log_task_context(struct audit_buffer *ab); | ||
380 | extern int __audit_ipc_obj(struct kern_ipc_perm *ipcp); | 385 | extern int __audit_ipc_obj(struct kern_ipc_perm *ipcp); |
381 | extern int __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode); | 386 | extern int __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode); |
382 | extern int audit_bprm(struct linux_binprm *bprm); | 387 | extern int audit_bprm(struct linux_binprm *bprm); |
@@ -449,6 +454,7 @@ extern int audit_n_rules; | |||
449 | #define audit_inode_update(i) do { ; } while (0) | 454 | #define audit_inode_update(i) do { ; } while (0) |
450 | #define auditsc_get_stamp(c,t,s) do { BUG(); } while (0) | 455 | #define auditsc_get_stamp(c,t,s) do { BUG(); } while (0) |
451 | #define audit_get_loginuid(c) ({ -1; }) | 456 | #define audit_get_loginuid(c) ({ -1; }) |
457 | #define audit_log_task_context(b) do { ; } while (0) | ||
452 | #define audit_ipc_obj(i) ({ 0; }) | 458 | #define audit_ipc_obj(i) ({ 0; }) |
453 | #define audit_ipc_set_perm(q,u,g,m) ({ 0; }) | 459 | #define audit_ipc_set_perm(q,u,g,m) ({ 0; }) |
454 | #define audit_bprm(p) ({ 0; }) | 460 | #define audit_bprm(p) ({ 0; }) |
diff --git a/include/linux/crypto.h b/include/linux/crypto.h index 6485e9716b3..4aa9046601d 100644 --- a/include/linux/crypto.h +++ b/include/linux/crypto.h | |||
@@ -241,12 +241,8 @@ int crypto_unregister_alg(struct crypto_alg *alg); | |||
241 | * Algorithm query interface. | 241 | * Algorithm query interface. |
242 | */ | 242 | */ |
243 | #ifdef CONFIG_CRYPTO | 243 | #ifdef CONFIG_CRYPTO |
244 | int crypto_alg_available(const char *name, u32 flags) | ||
245 | __deprecated_for_modules; | ||
246 | int crypto_has_alg(const char *name, u32 type, u32 mask); | 244 | int crypto_has_alg(const char *name, u32 type, u32 mask); |
247 | #else | 245 | #else |
248 | static int crypto_alg_available(const char *name, u32 flags) | ||
249 | __deprecated_for_modules; | ||
250 | static inline int crypto_alg_available(const char *name, u32 flags) | 246 | static inline int crypto_alg_available(const char *name, u32 flags) |
251 | { | 247 | { |
252 | return 0; | 248 | return 0; |
@@ -707,16 +703,6 @@ static inline void crypto_cipher_decrypt_one(struct crypto_cipher *tfm, | |||
707 | dst, src); | 703 | dst, src); |
708 | } | 704 | } |
709 | 705 | ||
710 | void crypto_digest_init(struct crypto_tfm *tfm) __deprecated_for_modules; | ||
711 | void crypto_digest_update(struct crypto_tfm *tfm, | ||
712 | struct scatterlist *sg, unsigned int nsg) | ||
713 | __deprecated_for_modules; | ||
714 | void crypto_digest_final(struct crypto_tfm *tfm, u8 *out) | ||
715 | __deprecated_for_modules; | ||
716 | void crypto_digest_digest(struct crypto_tfm *tfm, | ||
717 | struct scatterlist *sg, unsigned int nsg, u8 *out) | ||
718 | __deprecated_for_modules; | ||
719 | |||
720 | static inline struct crypto_hash *__crypto_hash_cast(struct crypto_tfm *tfm) | 706 | static inline struct crypto_hash *__crypto_hash_cast(struct crypto_tfm *tfm) |
721 | { | 707 | { |
722 | return (struct crypto_hash *)tfm; | 708 | return (struct crypto_hash *)tfm; |
@@ -729,14 +715,6 @@ static inline struct crypto_hash *crypto_hash_cast(struct crypto_tfm *tfm) | |||
729 | return __crypto_hash_cast(tfm); | 715 | return __crypto_hash_cast(tfm); |
730 | } | 716 | } |
731 | 717 | ||
732 | static int crypto_digest_setkey(struct crypto_tfm *tfm, const u8 *key, | ||
733 | unsigned int keylen) __deprecated; | ||
734 | static inline int crypto_digest_setkey(struct crypto_tfm *tfm, | ||
735 | const u8 *key, unsigned int keylen) | ||
736 | { | ||
737 | return tfm->crt_hash.setkey(crypto_hash_cast(tfm), key, keylen); | ||
738 | } | ||
739 | |||
740 | static inline struct crypto_hash *crypto_alloc_hash(const char *alg_name, | 718 | static inline struct crypto_hash *crypto_alloc_hash(const char *alg_name, |
741 | u32 type, u32 mask) | 719 | u32 type, u32 mask) |
742 | { | 720 | { |
diff --git a/include/linux/genetlink.h b/include/linux/genetlink.h index 9049dc65ae5..f7a93770e1b 100644 --- a/include/linux/genetlink.h +++ b/include/linux/genetlink.h | |||
@@ -17,6 +17,9 @@ struct genlmsghdr { | |||
17 | #define GENL_HDRLEN NLMSG_ALIGN(sizeof(struct genlmsghdr)) | 17 | #define GENL_HDRLEN NLMSG_ALIGN(sizeof(struct genlmsghdr)) |
18 | 18 | ||
19 | #define GENL_ADMIN_PERM 0x01 | 19 | #define GENL_ADMIN_PERM 0x01 |
20 | #define GENL_CMD_CAP_DO 0x02 | ||
21 | #define GENL_CMD_CAP_DUMP 0x04 | ||
22 | #define GENL_CMD_CAP_HASPOL 0x08 | ||
20 | 23 | ||
21 | /* | 24 | /* |
22 | * List of reserved static generic netlink identifiers: | 25 | * List of reserved static generic netlink identifiers: |
@@ -58,9 +61,6 @@ enum { | |||
58 | CTRL_ATTR_OP_UNSPEC, | 61 | CTRL_ATTR_OP_UNSPEC, |
59 | CTRL_ATTR_OP_ID, | 62 | CTRL_ATTR_OP_ID, |
60 | CTRL_ATTR_OP_FLAGS, | 63 | CTRL_ATTR_OP_FLAGS, |
61 | CTRL_ATTR_OP_POLICY, | ||
62 | CTRL_ATTR_OP_DOIT, | ||
63 | CTRL_ATTR_OP_DUMPIT, | ||
64 | __CTRL_ATTR_OP_MAX, | 64 | __CTRL_ATTR_OP_MAX, |
65 | }; | 65 | }; |
66 | 66 | ||
diff --git a/include/linux/netfilter/nf_conntrack_pptp.h b/include/linux/netfilter/nf_conntrack_pptp.h index fb049ec11ff..9d8144a488c 100644 --- a/include/linux/netfilter/nf_conntrack_pptp.h +++ b/include/linux/netfilter/nf_conntrack_pptp.h | |||
@@ -2,6 +2,8 @@ | |||
2 | #ifndef _NF_CONNTRACK_PPTP_H | 2 | #ifndef _NF_CONNTRACK_PPTP_H |
3 | #define _NF_CONNTRACK_PPTP_H | 3 | #define _NF_CONNTRACK_PPTP_H |
4 | 4 | ||
5 | #include <linux/netfilter/nf_conntrack_common.h> | ||
6 | |||
5 | /* state of the control session */ | 7 | /* state of the control session */ |
6 | enum pptp_ctrlsess_state { | 8 | enum pptp_ctrlsess_state { |
7 | PPTP_SESSION_NONE, /* no session present */ | 9 | PPTP_SESSION_NONE, /* no session present */ |
@@ -295,7 +297,6 @@ union pptp_ctrl_union { | |||
295 | /* crap needed for nf_conntrack_compat.h */ | 297 | /* crap needed for nf_conntrack_compat.h */ |
296 | struct nf_conn; | 298 | struct nf_conn; |
297 | struct nf_conntrack_expect; | 299 | struct nf_conntrack_expect; |
298 | enum ip_conntrack_info; | ||
299 | 300 | ||
300 | extern int | 301 | extern int |
301 | (*nf_nat_pptp_hook_outbound)(struct sk_buff **pskb, | 302 | (*nf_nat_pptp_hook_outbound)(struct sk_buff **pskb, |
diff --git a/include/linux/pci_ids.h b/include/linux/pci_ids.h index ff2dcb436cd..4d972bbef31 100644 --- a/include/linux/pci_ids.h +++ b/include/linux/pci_ids.h | |||
@@ -1931,6 +1931,7 @@ | |||
1931 | #define PCI_DEVICE_ID_TIGON3_5750M 0x167c | 1931 | #define PCI_DEVICE_ID_TIGON3_5750M 0x167c |
1932 | #define PCI_DEVICE_ID_TIGON3_5751M 0x167d | 1932 | #define PCI_DEVICE_ID_TIGON3_5751M 0x167d |
1933 | #define PCI_DEVICE_ID_TIGON3_5751F 0x167e | 1933 | #define PCI_DEVICE_ID_TIGON3_5751F 0x167e |
1934 | #define PCI_DEVICE_ID_TIGON3_5787F 0x167f | ||
1934 | #define PCI_DEVICE_ID_TIGON3_5787M 0x1693 | 1935 | #define PCI_DEVICE_ID_TIGON3_5787M 0x1693 |
1935 | #define PCI_DEVICE_ID_TIGON3_5782 0x1696 | 1936 | #define PCI_DEVICE_ID_TIGON3_5782 0x1696 |
1936 | #define PCI_DEVICE_ID_TIGON3_5786 0x169a | 1937 | #define PCI_DEVICE_ID_TIGON3_5786 0x169a |
@@ -2002,6 +2003,8 @@ | |||
2002 | #define PCI_DEVICE_ID_FARSITE_TE1 0x1610 | 2003 | #define PCI_DEVICE_ID_FARSITE_TE1 0x1610 |
2003 | #define PCI_DEVICE_ID_FARSITE_TE1C 0x1612 | 2004 | #define PCI_DEVICE_ID_FARSITE_TE1C 0x1612 |
2004 | 2005 | ||
2006 | #define PCI_VENDOR_ID_ARIMA 0x161f | ||
2007 | |||
2005 | #define PCI_VENDOR_ID_SIBYTE 0x166d | 2008 | #define PCI_VENDOR_ID_SIBYTE 0x166d |
2006 | #define PCI_DEVICE_ID_BCM1250_PCI 0x0001 | 2009 | #define PCI_DEVICE_ID_BCM1250_PCI 0x0001 |
2007 | #define PCI_DEVICE_ID_BCM1250_HT 0x0002 | 2010 | #define PCI_DEVICE_ID_BCM1250_HT 0x0002 |
diff --git a/include/linux/pfkeyv2.h b/include/linux/pfkeyv2.h index 0f0b880c428..265bafab649 100644 --- a/include/linux/pfkeyv2.h +++ b/include/linux/pfkeyv2.h | |||
@@ -285,6 +285,7 @@ struct sadb_x_sec_ctx { | |||
285 | #define SADB_X_AALG_SHA2_384HMAC 6 | 285 | #define SADB_X_AALG_SHA2_384HMAC 6 |
286 | #define SADB_X_AALG_SHA2_512HMAC 7 | 286 | #define SADB_X_AALG_SHA2_512HMAC 7 |
287 | #define SADB_X_AALG_RIPEMD160HMAC 8 | 287 | #define SADB_X_AALG_RIPEMD160HMAC 8 |
288 | #define SADB_X_AALG_AES_XCBC_MAC 9 | ||
288 | #define SADB_X_AALG_NULL 251 /* kame */ | 289 | #define SADB_X_AALG_NULL 251 /* kame */ |
289 | #define SADB_AALG_MAX 251 | 290 | #define SADB_AALG_MAX 251 |
290 | 291 | ||
diff --git a/include/net/irda/irlan_filter.h b/include/net/irda/irlan_filter.h index 492dedaa8ac..1720539ac2c 100644 --- a/include/net/irda/irlan_filter.h +++ b/include/net/irda/irlan_filter.h | |||
@@ -28,6 +28,8 @@ | |||
28 | void irlan_check_command_param(struct irlan_cb *self, char *param, | 28 | void irlan_check_command_param(struct irlan_cb *self, char *param, |
29 | char *value); | 29 | char *value); |
30 | void irlan_filter_request(struct irlan_cb *self, struct sk_buff *skb); | 30 | void irlan_filter_request(struct irlan_cb *self, struct sk_buff *skb); |
31 | #ifdef CONFIG_PROC_FS | ||
31 | void irlan_print_filter(struct seq_file *seq, int filter_type); | 32 | void irlan_print_filter(struct seq_file *seq, int filter_type); |
33 | #endif | ||
32 | 34 | ||
33 | #endif /* IRLAN_FILTER_H */ | 35 | #endif /* IRLAN_FILTER_H */ |
diff --git a/include/net/xfrm.h b/include/net/xfrm.h index 15ec19dcf9c..e4765413cf8 100644 --- a/include/net/xfrm.h +++ b/include/net/xfrm.h | |||
@@ -392,6 +392,20 @@ extern int xfrm_unregister_km(struct xfrm_mgr *km); | |||
392 | 392 | ||
393 | extern unsigned int xfrm_policy_count[XFRM_POLICY_MAX*2]; | 393 | extern unsigned int xfrm_policy_count[XFRM_POLICY_MAX*2]; |
394 | 394 | ||
395 | /* Audit Information */ | ||
396 | struct xfrm_audit | ||
397 | { | ||
398 | uid_t loginuid; | ||
399 | u32 secid; | ||
400 | }; | ||
401 | |||
402 | #ifdef CONFIG_AUDITSYSCALL | ||
403 | extern void xfrm_audit_log(uid_t auid, u32 secid, int type, int result, | ||
404 | struct xfrm_policy *xp, struct xfrm_state *x); | ||
405 | #else | ||
406 | #define xfrm_audit_log(a,s,t,r,p,x) do { ; } while (0) | ||
407 | #endif /* CONFIG_AUDITSYSCALL */ | ||
408 | |||
395 | static inline void xfrm_pol_hold(struct xfrm_policy *policy) | 409 | static inline void xfrm_pol_hold(struct xfrm_policy *policy) |
396 | { | 410 | { |
397 | if (likely(policy != NULL)) | 411 | if (likely(policy != NULL)) |
@@ -906,7 +920,7 @@ static inline int xfrm_state_sort(struct xfrm_state **dst, struct xfrm_state **s | |||
906 | #endif | 920 | #endif |
907 | extern struct xfrm_state *xfrm_find_acq_byseq(u32 seq); | 921 | extern struct xfrm_state *xfrm_find_acq_byseq(u32 seq); |
908 | extern int xfrm_state_delete(struct xfrm_state *x); | 922 | extern int xfrm_state_delete(struct xfrm_state *x); |
909 | extern void xfrm_state_flush(u8 proto); | 923 | extern void xfrm_state_flush(u8 proto, struct xfrm_audit *audit_info); |
910 | extern int xfrm_replay_check(struct xfrm_state *x, __be32 seq); | 924 | extern int xfrm_replay_check(struct xfrm_state *x, __be32 seq); |
911 | extern void xfrm_replay_advance(struct xfrm_state *x, __be32 seq); | 925 | extern void xfrm_replay_advance(struct xfrm_state *x, __be32 seq); |
912 | extern void xfrm_replay_notify(struct xfrm_state *x, int event); | 926 | extern void xfrm_replay_notify(struct xfrm_state *x, int event); |
@@ -959,13 +973,13 @@ struct xfrm_policy *xfrm_policy_bysel_ctx(u8 type, int dir, | |||
959 | struct xfrm_selector *sel, | 973 | struct xfrm_selector *sel, |
960 | struct xfrm_sec_ctx *ctx, int delete); | 974 | struct xfrm_sec_ctx *ctx, int delete); |
961 | struct xfrm_policy *xfrm_policy_byid(u8, int dir, u32 id, int delete); | 975 | struct xfrm_policy *xfrm_policy_byid(u8, int dir, u32 id, int delete); |
962 | void xfrm_policy_flush(u8 type); | 976 | void xfrm_policy_flush(u8 type, struct xfrm_audit *audit_info); |
963 | u32 xfrm_get_acqseq(void); | 977 | u32 xfrm_get_acqseq(void); |
964 | void xfrm_alloc_spi(struct xfrm_state *x, __be32 minspi, __be32 maxspi); | 978 | void xfrm_alloc_spi(struct xfrm_state *x, __be32 minspi, __be32 maxspi); |
965 | struct xfrm_state * xfrm_find_acq(u8 mode, u32 reqid, u8 proto, | 979 | struct xfrm_state * xfrm_find_acq(u8 mode, u32 reqid, u8 proto, |
966 | xfrm_address_t *daddr, xfrm_address_t *saddr, | 980 | xfrm_address_t *daddr, xfrm_address_t *saddr, |
967 | int create, unsigned short family); | 981 | int create, unsigned short family); |
968 | extern void xfrm_policy_flush(u8 type); | 982 | extern void xfrm_policy_flush(u8 type, struct xfrm_audit *audit_info); |
969 | extern int xfrm_sk_policy_insert(struct sock *sk, int dir, struct xfrm_policy *pol); | 983 | extern int xfrm_sk_policy_insert(struct sock *sk, int dir, struct xfrm_policy *pol); |
970 | extern int xfrm_bundle_ok(struct xfrm_policy *pol, struct xfrm_dst *xdst, | 984 | extern int xfrm_bundle_ok(struct xfrm_policy *pol, struct xfrm_dst *xdst, |
971 | struct flowi *fl, int family, int strict); | 985 | struct flowi *fl, int family, int strict); |