diff options
Diffstat (limited to 'include')
32 files changed, 833 insertions, 55 deletions
diff --git a/include/linux/dmaengine.h b/include/linux/dmaengine.h new file mode 100644 index 00000000000..78b236ca04f --- /dev/null +++ b/include/linux/dmaengine.h | |||
@@ -0,0 +1,359 @@ | |||
1 | /* | ||
2 | * Copyright(c) 2004 - 2006 Intel Corporation. All rights reserved. | ||
3 | * | ||
4 | * This program is free software; you can redistribute it and/or modify it | ||
5 | * under the terms of the GNU General Public License as published by the Free | ||
6 | * Software Foundation; either version 2 of the License, or (at your option) | ||
7 | * any later version. | ||
8 | * | ||
9 | * This program is distributed in the hope that it will be useful, but WITHOUT | ||
10 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or | ||
11 | * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for | ||
12 | * more details. | ||
13 | * | ||
14 | * You should have received a copy of the GNU General Public License along with | ||
15 | * this program; if not, write to the Free Software Foundation, Inc., 59 | ||
16 | * Temple Place - Suite 330, Boston, MA 02111-1307, USA. | ||
17 | * | ||
18 | * The full GNU General Public License is included in this distribution in the | ||
19 | * file called COPYING. | ||
20 | */ | ||
21 | #ifndef DMAENGINE_H | ||
22 | #define DMAENGINE_H | ||
23 | #include <linux/config.h> | ||
24 | #ifdef CONFIG_DMA_ENGINE | ||
25 | |||
26 | #include <linux/device.h> | ||
27 | #include <linux/uio.h> | ||
28 | #include <linux/kref.h> | ||
29 | #include <linux/completion.h> | ||
30 | #include <linux/rcupdate.h> | ||
31 | |||
32 | /** | ||
33 | * enum dma_event - resource PNP/power managment events | ||
34 | * @DMA_RESOURCE_SUSPEND: DMA device going into low power state | ||
35 | * @DMA_RESOURCE_RESUME: DMA device returning to full power | ||
36 | * @DMA_RESOURCE_ADDED: DMA device added to the system | ||
37 | * @DMA_RESOURCE_REMOVED: DMA device removed from the system | ||
38 | */ | ||
39 | enum dma_event { | ||
40 | DMA_RESOURCE_SUSPEND, | ||
41 | DMA_RESOURCE_RESUME, | ||
42 | DMA_RESOURCE_ADDED, | ||
43 | DMA_RESOURCE_REMOVED, | ||
44 | }; | ||
45 | |||
46 | /** | ||
47 | * typedef dma_cookie_t | ||
48 | * | ||
49 | * if dma_cookie_t is >0 it's a DMA request cookie, <0 it's an error code | ||
50 | */ | ||
51 | typedef s32 dma_cookie_t; | ||
52 | |||
53 | #define dma_submit_error(cookie) ((cookie) < 0 ? 1 : 0) | ||
54 | |||
55 | /** | ||
56 | * enum dma_status - DMA transaction status | ||
57 | * @DMA_SUCCESS: transaction completed successfully | ||
58 | * @DMA_IN_PROGRESS: transaction not yet processed | ||
59 | * @DMA_ERROR: transaction failed | ||
60 | */ | ||
61 | enum dma_status { | ||
62 | DMA_SUCCESS, | ||
63 | DMA_IN_PROGRESS, | ||
64 | DMA_ERROR, | ||
65 | }; | ||
66 | |||
67 | /** | ||
68 | * struct dma_chan_percpu - the per-CPU part of struct dma_chan | ||
69 | * @refcount: local_t used for open-coded "bigref" counting | ||
70 | * @memcpy_count: transaction counter | ||
71 | * @bytes_transferred: byte counter | ||
72 | */ | ||
73 | |||
74 | struct dma_chan_percpu { | ||
75 | local_t refcount; | ||
76 | /* stats */ | ||
77 | unsigned long memcpy_count; | ||
78 | unsigned long bytes_transferred; | ||
79 | }; | ||
80 | |||
81 | /** | ||
82 | * struct dma_chan - devices supply DMA channels, clients use them | ||
83 | * @client: ptr to the client user of this chan, will be NULL when unused | ||
84 | * @device: ptr to the dma device who supplies this channel, always !NULL | ||
85 | * @cookie: last cookie value returned to client | ||
86 | * @chan_id: | ||
87 | * @class_dev: | ||
88 | * @refcount: kref, used in "bigref" slow-mode | ||
89 | * @slow_ref: | ||
90 | * @rcu: | ||
91 | * @client_node: used to add this to the client chan list | ||
92 | * @device_node: used to add this to the device chan list | ||
93 | * @local: per-cpu pointer to a struct dma_chan_percpu | ||
94 | */ | ||
95 | struct dma_chan { | ||
96 | struct dma_client *client; | ||
97 | struct dma_device *device; | ||
98 | dma_cookie_t cookie; | ||
99 | |||
100 | /* sysfs */ | ||
101 | int chan_id; | ||
102 | struct class_device class_dev; | ||
103 | |||
104 | struct kref refcount; | ||
105 | int slow_ref; | ||
106 | struct rcu_head rcu; | ||
107 | |||
108 | struct list_head client_node; | ||
109 | struct list_head device_node; | ||
110 | struct dma_chan_percpu *local; | ||
111 | }; | ||
112 | |||
113 | void dma_chan_cleanup(struct kref *kref); | ||
114 | |||
115 | static inline void dma_chan_get(struct dma_chan *chan) | ||
116 | { | ||
117 | if (unlikely(chan->slow_ref)) | ||
118 | kref_get(&chan->refcount); | ||
119 | else { | ||
120 | local_inc(&(per_cpu_ptr(chan->local, get_cpu())->refcount)); | ||
121 | put_cpu(); | ||
122 | } | ||
123 | } | ||
124 | |||
125 | static inline void dma_chan_put(struct dma_chan *chan) | ||
126 | { | ||
127 | if (unlikely(chan->slow_ref)) | ||
128 | kref_put(&chan->refcount, dma_chan_cleanup); | ||
129 | else { | ||
130 | local_dec(&(per_cpu_ptr(chan->local, get_cpu())->refcount)); | ||
131 | put_cpu(); | ||
132 | } | ||
133 | } | ||
134 | |||
135 | /* | ||
136 | * typedef dma_event_callback - function pointer to a DMA event callback | ||
137 | */ | ||
138 | typedef void (*dma_event_callback) (struct dma_client *client, | ||
139 | struct dma_chan *chan, enum dma_event event); | ||
140 | |||
141 | /** | ||
142 | * struct dma_client - info on the entity making use of DMA services | ||
143 | * @event_callback: func ptr to call when something happens | ||
144 | * @chan_count: number of chans allocated | ||
145 | * @chans_desired: number of chans requested. Can be +/- chan_count | ||
146 | * @lock: protects access to the channels list | ||
147 | * @channels: the list of DMA channels allocated | ||
148 | * @global_node: list_head for global dma_client_list | ||
149 | */ | ||
150 | struct dma_client { | ||
151 | dma_event_callback event_callback; | ||
152 | unsigned int chan_count; | ||
153 | unsigned int chans_desired; | ||
154 | |||
155 | spinlock_t lock; | ||
156 | struct list_head channels; | ||
157 | struct list_head global_node; | ||
158 | }; | ||
159 | |||
160 | /** | ||
161 | * struct dma_device - info on the entity supplying DMA services | ||
162 | * @chancnt: how many DMA channels are supported | ||
163 | * @channels: the list of struct dma_chan | ||
164 | * @global_node: list_head for global dma_device_list | ||
165 | * @refcount: | ||
166 | * @done: | ||
167 | * @dev_id: | ||
168 | * Other func ptrs: used to make use of this device's capabilities | ||
169 | */ | ||
170 | struct dma_device { | ||
171 | |||
172 | unsigned int chancnt; | ||
173 | struct list_head channels; | ||
174 | struct list_head global_node; | ||
175 | |||
176 | struct kref refcount; | ||
177 | struct completion done; | ||
178 | |||
179 | int dev_id; | ||
180 | |||
181 | int (*device_alloc_chan_resources)(struct dma_chan *chan); | ||
182 | void (*device_free_chan_resources)(struct dma_chan *chan); | ||
183 | dma_cookie_t (*device_memcpy_buf_to_buf)(struct dma_chan *chan, | ||
184 | void *dest, void *src, size_t len); | ||
185 | dma_cookie_t (*device_memcpy_buf_to_pg)(struct dma_chan *chan, | ||
186 | struct page *page, unsigned int offset, void *kdata, | ||
187 | size_t len); | ||
188 | dma_cookie_t (*device_memcpy_pg_to_pg)(struct dma_chan *chan, | ||
189 | struct page *dest_pg, unsigned int dest_off, | ||
190 | struct page *src_pg, unsigned int src_off, size_t len); | ||
191 | enum dma_status (*device_memcpy_complete)(struct dma_chan *chan, | ||
192 | dma_cookie_t cookie, dma_cookie_t *last, | ||
193 | dma_cookie_t *used); | ||
194 | void (*device_memcpy_issue_pending)(struct dma_chan *chan); | ||
195 | }; | ||
196 | |||
197 | /* --- public DMA engine API --- */ | ||
198 | |||
199 | struct dma_client *dma_async_client_register(dma_event_callback event_callback); | ||
200 | void dma_async_client_unregister(struct dma_client *client); | ||
201 | void dma_async_client_chan_request(struct dma_client *client, | ||
202 | unsigned int number); | ||
203 | |||
204 | /** | ||
205 | * dma_async_memcpy_buf_to_buf - offloaded copy between virtual addresses | ||
206 | * @chan: DMA channel to offload copy to | ||
207 | * @dest: destination address (virtual) | ||
208 | * @src: source address (virtual) | ||
209 | * @len: length | ||
210 | * | ||
211 | * Both @dest and @src must be mappable to a bus address according to the | ||
212 | * DMA mapping API rules for streaming mappings. | ||
213 | * Both @dest and @src must stay memory resident (kernel memory or locked | ||
214 | * user space pages) | ||
215 | */ | ||
216 | static inline dma_cookie_t dma_async_memcpy_buf_to_buf(struct dma_chan *chan, | ||
217 | void *dest, void *src, size_t len) | ||
218 | { | ||
219 | int cpu = get_cpu(); | ||
220 | per_cpu_ptr(chan->local, cpu)->bytes_transferred += len; | ||
221 | per_cpu_ptr(chan->local, cpu)->memcpy_count++; | ||
222 | put_cpu(); | ||
223 | |||
224 | return chan->device->device_memcpy_buf_to_buf(chan, dest, src, len); | ||
225 | } | ||
226 | |||
227 | /** | ||
228 | * dma_async_memcpy_buf_to_pg - offloaded copy | ||
229 | * @chan: DMA channel to offload copy to | ||
230 | * @page: destination page | ||
231 | * @offset: offset in page to copy to | ||
232 | * @kdata: source address (virtual) | ||
233 | * @len: length | ||
234 | * | ||
235 | * Both @page/@offset and @kdata must be mappable to a bus address according | ||
236 | * to the DMA mapping API rules for streaming mappings. | ||
237 | * Both @page/@offset and @kdata must stay memory resident (kernel memory or | ||
238 | * locked user space pages) | ||
239 | */ | ||
240 | static inline dma_cookie_t dma_async_memcpy_buf_to_pg(struct dma_chan *chan, | ||
241 | struct page *page, unsigned int offset, void *kdata, size_t len) | ||
242 | { | ||
243 | int cpu = get_cpu(); | ||
244 | per_cpu_ptr(chan->local, cpu)->bytes_transferred += len; | ||
245 | per_cpu_ptr(chan->local, cpu)->memcpy_count++; | ||
246 | put_cpu(); | ||
247 | |||
248 | return chan->device->device_memcpy_buf_to_pg(chan, page, offset, | ||
249 | kdata, len); | ||
250 | } | ||
251 | |||
252 | /** | ||
253 | * dma_async_memcpy_buf_to_pg - offloaded copy | ||
254 | * @chan: DMA channel to offload copy to | ||
255 | * @dest_page: destination page | ||
256 | * @dest_off: offset in page to copy to | ||
257 | * @src_page: source page | ||
258 | * @src_off: offset in page to copy from | ||
259 | * @len: length | ||
260 | * | ||
261 | * Both @dest_page/@dest_off and @src_page/@src_off must be mappable to a bus | ||
262 | * address according to the DMA mapping API rules for streaming mappings. | ||
263 | * Both @dest_page/@dest_off and @src_page/@src_off must stay memory resident | ||
264 | * (kernel memory or locked user space pages) | ||
265 | */ | ||
266 | static inline dma_cookie_t dma_async_memcpy_pg_to_pg(struct dma_chan *chan, | ||
267 | struct page *dest_pg, unsigned int dest_off, struct page *src_pg, | ||
268 | unsigned int src_off, size_t len) | ||
269 | { | ||
270 | int cpu = get_cpu(); | ||
271 | per_cpu_ptr(chan->local, cpu)->bytes_transferred += len; | ||
272 | per_cpu_ptr(chan->local, cpu)->memcpy_count++; | ||
273 | put_cpu(); | ||
274 | |||
275 | return chan->device->device_memcpy_pg_to_pg(chan, dest_pg, dest_off, | ||
276 | src_pg, src_off, len); | ||
277 | } | ||
278 | |||
279 | /** | ||
280 | * dma_async_memcpy_issue_pending - flush pending copies to HW | ||
281 | * @chan: | ||
282 | * | ||
283 | * This allows drivers to push copies to HW in batches, | ||
284 | * reducing MMIO writes where possible. | ||
285 | */ | ||
286 | static inline void dma_async_memcpy_issue_pending(struct dma_chan *chan) | ||
287 | { | ||
288 | return chan->device->device_memcpy_issue_pending(chan); | ||
289 | } | ||
290 | |||
291 | /** | ||
292 | * dma_async_memcpy_complete - poll for transaction completion | ||
293 | * @chan: DMA channel | ||
294 | * @cookie: transaction identifier to check status of | ||
295 | * @last: returns last completed cookie, can be NULL | ||
296 | * @used: returns last issued cookie, can be NULL | ||
297 | * | ||
298 | * If @last and @used are passed in, upon return they reflect the driver | ||
299 | * internal state and can be used with dma_async_is_complete() to check | ||
300 | * the status of multiple cookies without re-checking hardware state. | ||
301 | */ | ||
302 | static inline enum dma_status dma_async_memcpy_complete(struct dma_chan *chan, | ||
303 | dma_cookie_t cookie, dma_cookie_t *last, dma_cookie_t *used) | ||
304 | { | ||
305 | return chan->device->device_memcpy_complete(chan, cookie, last, used); | ||
306 | } | ||
307 | |||
308 | /** | ||
309 | * dma_async_is_complete - test a cookie against chan state | ||
310 | * @cookie: transaction identifier to test status of | ||
311 | * @last_complete: last know completed transaction | ||
312 | * @last_used: last cookie value handed out | ||
313 | * | ||
314 | * dma_async_is_complete() is used in dma_async_memcpy_complete() | ||
315 | * the test logic is seperated for lightweight testing of multiple cookies | ||
316 | */ | ||
317 | static inline enum dma_status dma_async_is_complete(dma_cookie_t cookie, | ||
318 | dma_cookie_t last_complete, dma_cookie_t last_used) | ||
319 | { | ||
320 | if (last_complete <= last_used) { | ||
321 | if ((cookie <= last_complete) || (cookie > last_used)) | ||
322 | return DMA_SUCCESS; | ||
323 | } else { | ||
324 | if ((cookie <= last_complete) && (cookie > last_used)) | ||
325 | return DMA_SUCCESS; | ||
326 | } | ||
327 | return DMA_IN_PROGRESS; | ||
328 | } | ||
329 | |||
330 | |||
331 | /* --- DMA device --- */ | ||
332 | |||
333 | int dma_async_device_register(struct dma_device *device); | ||
334 | void dma_async_device_unregister(struct dma_device *device); | ||
335 | |||
336 | /* --- Helper iov-locking functions --- */ | ||
337 | |||
338 | struct dma_page_list { | ||
339 | char *base_address; | ||
340 | int nr_pages; | ||
341 | struct page **pages; | ||
342 | }; | ||
343 | |||
344 | struct dma_pinned_list { | ||
345 | int nr_iovecs; | ||
346 | struct dma_page_list page_list[0]; | ||
347 | }; | ||
348 | |||
349 | struct dma_pinned_list *dma_pin_iovec_pages(struct iovec *iov, size_t len); | ||
350 | void dma_unpin_iovec_pages(struct dma_pinned_list* pinned_list); | ||
351 | |||
352 | dma_cookie_t dma_memcpy_to_iovec(struct dma_chan *chan, struct iovec *iov, | ||
353 | struct dma_pinned_list *pinned_list, unsigned char *kdata, size_t len); | ||
354 | dma_cookie_t dma_memcpy_pg_to_iovec(struct dma_chan *chan, struct iovec *iov, | ||
355 | struct dma_pinned_list *pinned_list, struct page *page, | ||
356 | unsigned int offset, size_t len); | ||
357 | |||
358 | #endif /* CONFIG_DMA_ENGINE */ | ||
359 | #endif /* DMAENGINE_H */ | ||
diff --git a/include/linux/igmp.h b/include/linux/igmp.h index 28f4f3b3695..899c3d4776f 100644 --- a/include/linux/igmp.h +++ b/include/linux/igmp.h | |||
@@ -169,7 +169,7 @@ struct ip_sf_list | |||
169 | struct ip_mc_list | 169 | struct ip_mc_list |
170 | { | 170 | { |
171 | struct in_device *interface; | 171 | struct in_device *interface; |
172 | unsigned long multiaddr; | 172 | __be32 multiaddr; |
173 | struct ip_sf_list *sources; | 173 | struct ip_sf_list *sources; |
174 | struct ip_sf_list *tomb; | 174 | struct ip_sf_list *tomb; |
175 | unsigned int sfmode; | 175 | unsigned int sfmode; |
diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h index f4169bbb60e..e432b743dda 100644 --- a/include/linux/netdevice.h +++ b/include/linux/netdevice.h | |||
@@ -37,6 +37,7 @@ | |||
37 | #include <linux/config.h> | 37 | #include <linux/config.h> |
38 | #include <linux/device.h> | 38 | #include <linux/device.h> |
39 | #include <linux/percpu.h> | 39 | #include <linux/percpu.h> |
40 | #include <linux/dmaengine.h> | ||
40 | 41 | ||
41 | struct divert_blk; | 42 | struct divert_blk; |
42 | struct vlan_group; | 43 | struct vlan_group; |
@@ -311,6 +312,9 @@ struct net_device | |||
311 | #define NETIF_F_LLTX 4096 /* LockLess TX */ | 312 | #define NETIF_F_LLTX 4096 /* LockLess TX */ |
312 | #define NETIF_F_UFO 8192 /* Can offload UDP Large Send*/ | 313 | #define NETIF_F_UFO 8192 /* Can offload UDP Large Send*/ |
313 | 314 | ||
315 | #define NETIF_F_GEN_CSUM (NETIF_F_NO_CSUM | NETIF_F_HW_CSUM) | ||
316 | #define NETIF_F_ALL_CSUM (NETIF_F_IP_CSUM | NETIF_F_GEN_CSUM) | ||
317 | |||
314 | struct net_device *next_sched; | 318 | struct net_device *next_sched; |
315 | 319 | ||
316 | /* Interface index. Unique device identifier */ | 320 | /* Interface index. Unique device identifier */ |
@@ -406,7 +410,7 @@ struct net_device | |||
406 | * One part is mostly used on xmit path (device) | 410 | * One part is mostly used on xmit path (device) |
407 | */ | 411 | */ |
408 | /* hard_start_xmit synchronizer */ | 412 | /* hard_start_xmit synchronizer */ |
409 | spinlock_t xmit_lock ____cacheline_aligned_in_smp; | 413 | spinlock_t _xmit_lock ____cacheline_aligned_in_smp; |
410 | /* cpu id of processor entered to hard_start_xmit or -1, | 414 | /* cpu id of processor entered to hard_start_xmit or -1, |
411 | if nobody entered there. | 415 | if nobody entered there. |
412 | */ | 416 | */ |
@@ -593,6 +597,9 @@ struct softnet_data | |||
593 | struct sk_buff *completion_queue; | 597 | struct sk_buff *completion_queue; |
594 | 598 | ||
595 | struct net_device backlog_dev; /* Sorry. 8) */ | 599 | struct net_device backlog_dev; /* Sorry. 8) */ |
600 | #ifdef CONFIG_NET_DMA | ||
601 | struct dma_chan *net_dma; | ||
602 | #endif | ||
596 | }; | 603 | }; |
597 | 604 | ||
598 | DECLARE_PER_CPU(struct softnet_data,softnet_data); | 605 | DECLARE_PER_CPU(struct softnet_data,softnet_data); |
@@ -889,11 +896,43 @@ static inline void __netif_rx_complete(struct net_device *dev) | |||
889 | clear_bit(__LINK_STATE_RX_SCHED, &dev->state); | 896 | clear_bit(__LINK_STATE_RX_SCHED, &dev->state); |
890 | } | 897 | } |
891 | 898 | ||
899 | static inline void netif_tx_lock(struct net_device *dev) | ||
900 | { | ||
901 | spin_lock(&dev->_xmit_lock); | ||
902 | dev->xmit_lock_owner = smp_processor_id(); | ||
903 | } | ||
904 | |||
905 | static inline void netif_tx_lock_bh(struct net_device *dev) | ||
906 | { | ||
907 | spin_lock_bh(&dev->_xmit_lock); | ||
908 | dev->xmit_lock_owner = smp_processor_id(); | ||
909 | } | ||
910 | |||
911 | static inline int netif_tx_trylock(struct net_device *dev) | ||
912 | { | ||
913 | int err = spin_trylock(&dev->_xmit_lock); | ||
914 | if (!err) | ||
915 | dev->xmit_lock_owner = smp_processor_id(); | ||
916 | return err; | ||
917 | } | ||
918 | |||
919 | static inline void netif_tx_unlock(struct net_device *dev) | ||
920 | { | ||
921 | dev->xmit_lock_owner = -1; | ||
922 | spin_unlock(&dev->_xmit_lock); | ||
923 | } | ||
924 | |||
925 | static inline void netif_tx_unlock_bh(struct net_device *dev) | ||
926 | { | ||
927 | dev->xmit_lock_owner = -1; | ||
928 | spin_unlock_bh(&dev->_xmit_lock); | ||
929 | } | ||
930 | |||
892 | static inline void netif_tx_disable(struct net_device *dev) | 931 | static inline void netif_tx_disable(struct net_device *dev) |
893 | { | 932 | { |
894 | spin_lock_bh(&dev->xmit_lock); | 933 | netif_tx_lock_bh(dev); |
895 | netif_stop_queue(dev); | 934 | netif_stop_queue(dev); |
896 | spin_unlock_bh(&dev->xmit_lock); | 935 | netif_tx_unlock_bh(dev); |
897 | } | 936 | } |
898 | 937 | ||
899 | /* These functions live elsewhere (drivers/net/net_init.c, but related) */ | 938 | /* These functions live elsewhere (drivers/net/net_init.c, but related) */ |
diff --git a/include/linux/netfilter/nf_conntrack_common.h b/include/linux/netfilter/nf_conntrack_common.h index 3ff88c87830..d2e4bd7a7a1 100644 --- a/include/linux/netfilter/nf_conntrack_common.h +++ b/include/linux/netfilter/nf_conntrack_common.h | |||
@@ -69,6 +69,10 @@ enum ip_conntrack_status { | |||
69 | /* Connection is dying (removed from lists), can not be unset. */ | 69 | /* Connection is dying (removed from lists), can not be unset. */ |
70 | IPS_DYING_BIT = 9, | 70 | IPS_DYING_BIT = 9, |
71 | IPS_DYING = (1 << IPS_DYING_BIT), | 71 | IPS_DYING = (1 << IPS_DYING_BIT), |
72 | |||
73 | /* Connection has fixed timeout. */ | ||
74 | IPS_FIXED_TIMEOUT_BIT = 10, | ||
75 | IPS_FIXED_TIMEOUT = (1 << IPS_FIXED_TIMEOUT_BIT), | ||
72 | }; | 76 | }; |
73 | 77 | ||
74 | /* Connection tracking event bits */ | 78 | /* Connection tracking event bits */ |
diff --git a/include/linux/netfilter/nfnetlink_conntrack.h b/include/linux/netfilter/nfnetlink_conntrack.h index 668ec946c8e..b5883ccee29 100644 --- a/include/linux/netfilter/nfnetlink_conntrack.h +++ b/include/linux/netfilter/nfnetlink_conntrack.h | |||
@@ -27,13 +27,15 @@ enum ctattr_type { | |||
27 | CTA_STATUS, | 27 | CTA_STATUS, |
28 | CTA_PROTOINFO, | 28 | CTA_PROTOINFO, |
29 | CTA_HELP, | 29 | CTA_HELP, |
30 | CTA_NAT, | 30 | CTA_NAT_SRC, |
31 | #define CTA_NAT CTA_NAT_SRC /* backwards compatibility */ | ||
31 | CTA_TIMEOUT, | 32 | CTA_TIMEOUT, |
32 | CTA_MARK, | 33 | CTA_MARK, |
33 | CTA_COUNTERS_ORIG, | 34 | CTA_COUNTERS_ORIG, |
34 | CTA_COUNTERS_REPLY, | 35 | CTA_COUNTERS_REPLY, |
35 | CTA_USE, | 36 | CTA_USE, |
36 | CTA_ID, | 37 | CTA_ID, |
38 | CTA_NAT_DST, | ||
37 | __CTA_MAX | 39 | __CTA_MAX |
38 | }; | 40 | }; |
39 | #define CTA_MAX (__CTA_MAX - 1) | 41 | #define CTA_MAX (__CTA_MAX - 1) |
diff --git a/include/linux/netfilter/xt_CONNSECMARK.h b/include/linux/netfilter/xt_CONNSECMARK.h new file mode 100644 index 00000000000..c6bd75469ba --- /dev/null +++ b/include/linux/netfilter/xt_CONNSECMARK.h | |||
@@ -0,0 +1,13 @@ | |||
1 | #ifndef _XT_CONNSECMARK_H_target | ||
2 | #define _XT_CONNSECMARK_H_target | ||
3 | |||
4 | enum { | ||
5 | CONNSECMARK_SAVE = 1, | ||
6 | CONNSECMARK_RESTORE, | ||
7 | }; | ||
8 | |||
9 | struct xt_connsecmark_target_info { | ||
10 | u_int8_t mode; | ||
11 | }; | ||
12 | |||
13 | #endif /*_XT_CONNSECMARK_H_target */ | ||
diff --git a/include/linux/netfilter/xt_SECMARK.h b/include/linux/netfilter/xt_SECMARK.h new file mode 100644 index 00000000000..c53fbffa997 --- /dev/null +++ b/include/linux/netfilter/xt_SECMARK.h | |||
@@ -0,0 +1,26 @@ | |||
1 | #ifndef _XT_SECMARK_H_target | ||
2 | #define _XT_SECMARK_H_target | ||
3 | |||
4 | /* | ||
5 | * This is intended for use by various security subsystems (but not | ||
6 | * at the same time). | ||
7 | * | ||
8 | * 'mode' refers to the specific security subsystem which the | ||
9 | * packets are being marked for. | ||
10 | */ | ||
11 | #define SECMARK_MODE_SEL 0x01 /* SELinux */ | ||
12 | #define SECMARK_SELCTX_MAX 256 | ||
13 | |||
14 | struct xt_secmark_target_selinux_info { | ||
15 | u_int32_t selsid; | ||
16 | char selctx[SECMARK_SELCTX_MAX]; | ||
17 | }; | ||
18 | |||
19 | struct xt_secmark_target_info { | ||
20 | u_int8_t mode; | ||
21 | union { | ||
22 | struct xt_secmark_target_selinux_info sel; | ||
23 | } u; | ||
24 | }; | ||
25 | |||
26 | #endif /*_XT_SECMARK_H_target */ | ||
diff --git a/include/linux/netfilter/xt_quota.h b/include/linux/netfilter/xt_quota.h new file mode 100644 index 00000000000..acd7fd77bbe --- /dev/null +++ b/include/linux/netfilter/xt_quota.h | |||
@@ -0,0 +1,16 @@ | |||
1 | #ifndef _XT_QUOTA_H | ||
2 | #define _XT_QUOTA_H | ||
3 | |||
4 | enum xt_quota_flags { | ||
5 | XT_QUOTA_INVERT = 0x1, | ||
6 | }; | ||
7 | #define XT_QUOTA_MASK 0x1 | ||
8 | |||
9 | struct xt_quota_info { | ||
10 | u_int32_t flags; | ||
11 | u_int32_t pad; | ||
12 | aligned_u64 quota; | ||
13 | struct xt_quota_info *master; | ||
14 | }; | ||
15 | |||
16 | #endif /* _XT_QUOTA_H */ | ||
diff --git a/include/linux/netfilter/xt_statistic.h b/include/linux/netfilter/xt_statistic.h new file mode 100644 index 00000000000..c344e9916e2 --- /dev/null +++ b/include/linux/netfilter/xt_statistic.h | |||
@@ -0,0 +1,32 @@ | |||
1 | #ifndef _XT_STATISTIC_H | ||
2 | #define _XT_STATISTIC_H | ||
3 | |||
4 | enum xt_statistic_mode { | ||
5 | XT_STATISTIC_MODE_RANDOM, | ||
6 | XT_STATISTIC_MODE_NTH, | ||
7 | __XT_STATISTIC_MODE_MAX | ||
8 | }; | ||
9 | #define XT_STATISTIC_MODE_MAX (__XT_STATISTIC_MODE_MAX - 1) | ||
10 | |||
11 | enum xt_statistic_flags { | ||
12 | XT_STATISTIC_INVERT = 0x1, | ||
13 | }; | ||
14 | #define XT_STATISTIC_MASK 0x1 | ||
15 | |||
16 | struct xt_statistic_info { | ||
17 | u_int16_t mode; | ||
18 | u_int16_t flags; | ||
19 | union { | ||
20 | struct { | ||
21 | u_int32_t probability; | ||
22 | } random; | ||
23 | struct { | ||
24 | u_int32_t every; | ||
25 | u_int32_t packet; | ||
26 | u_int32_t count; | ||
27 | } nth; | ||
28 | } u; | ||
29 | struct xt_statistic_info *master __attribute__((aligned(8))); | ||
30 | }; | ||
31 | |||
32 | #endif /* _XT_STATISTIC_H */ | ||
diff --git a/include/linux/netfilter_ipv4/ip_conntrack.h b/include/linux/netfilter_ipv4/ip_conntrack.h index d54d7b278e9..e0e9951eb8c 100644 --- a/include/linux/netfilter_ipv4/ip_conntrack.h +++ b/include/linux/netfilter_ipv4/ip_conntrack.h | |||
@@ -121,6 +121,10 @@ struct ip_conntrack | |||
121 | u_int32_t mark; | 121 | u_int32_t mark; |
122 | #endif | 122 | #endif |
123 | 123 | ||
124 | #ifdef CONFIG_IP_NF_CONNTRACK_SECMARK | ||
125 | u_int32_t secmark; | ||
126 | #endif | ||
127 | |||
124 | /* Traversed often, so hopefully in different cacheline to top */ | 128 | /* Traversed often, so hopefully in different cacheline to top */ |
125 | /* These are my tuples; original and reply */ | 129 | /* These are my tuples; original and reply */ |
126 | struct ip_conntrack_tuple_hash tuplehash[IP_CT_DIR_MAX]; | 130 | struct ip_conntrack_tuple_hash tuplehash[IP_CT_DIR_MAX]; |
@@ -154,6 +158,7 @@ struct ip_conntrack_expect | |||
154 | unsigned int flags; | 158 | unsigned int flags; |
155 | 159 | ||
156 | #ifdef CONFIG_IP_NF_NAT_NEEDED | 160 | #ifdef CONFIG_IP_NF_NAT_NEEDED |
161 | u_int32_t saved_ip; | ||
157 | /* This is the original per-proto part, used to map the | 162 | /* This is the original per-proto part, used to map the |
158 | * expected connection the way the recipient expects. */ | 163 | * expected connection the way the recipient expects. */ |
159 | union ip_conntrack_manip_proto saved_proto; | 164 | union ip_conntrack_manip_proto saved_proto; |
@@ -293,6 +298,7 @@ static inline int is_dying(struct ip_conntrack *ct) | |||
293 | } | 298 | } |
294 | 299 | ||
295 | extern unsigned int ip_conntrack_htable_size; | 300 | extern unsigned int ip_conntrack_htable_size; |
301 | extern int ip_conntrack_checksum; | ||
296 | 302 | ||
297 | #define CONNTRACK_STAT_INC(count) (__get_cpu_var(ip_conntrack_stat).count++) | 303 | #define CONNTRACK_STAT_INC(count) (__get_cpu_var(ip_conntrack_stat).count++) |
298 | 304 | ||
diff --git a/include/linux/netfilter_ipv4/ip_conntrack_h323.h b/include/linux/netfilter_ipv4/ip_conntrack_h323.h index eace86bd2ad..3cbff737900 100644 --- a/include/linux/netfilter_ipv4/ip_conntrack_h323.h +++ b/include/linux/netfilter_ipv4/ip_conntrack_h323.h | |||
@@ -71,6 +71,13 @@ extern int (*nat_h245_hook) (struct sk_buff ** pskb, struct ip_conntrack * ct, | |||
71 | unsigned char **data, int dataoff, | 71 | unsigned char **data, int dataoff, |
72 | TransportAddress * addr, u_int16_t port, | 72 | TransportAddress * addr, u_int16_t port, |
73 | struct ip_conntrack_expect * exp); | 73 | struct ip_conntrack_expect * exp); |
74 | extern int (*nat_callforwarding_hook) (struct sk_buff ** pskb, | ||
75 | struct ip_conntrack * ct, | ||
76 | enum ip_conntrack_info ctinfo, | ||
77 | unsigned char **data, int dataoff, | ||
78 | TransportAddress * addr, | ||
79 | u_int16_t port, | ||
80 | struct ip_conntrack_expect * exp); | ||
74 | extern int (*nat_q931_hook) (struct sk_buff ** pskb, struct ip_conntrack * ct, | 81 | extern int (*nat_q931_hook) (struct sk_buff ** pskb, struct ip_conntrack * ct, |
75 | enum ip_conntrack_info ctinfo, | 82 | enum ip_conntrack_info ctinfo, |
76 | unsigned char **data, TransportAddress * addr, | 83 | unsigned char **data, TransportAddress * addr, |
diff --git a/include/linux/netfilter_ipv4/ip_conntrack_helper_h323_types.h b/include/linux/netfilter_ipv4/ip_conntrack_helper_h323_types.h index cc98f7aa5ab..3d4a773799f 100644 --- a/include/linux/netfilter_ipv4/ip_conntrack_helper_h323_types.h +++ b/include/linux/netfilter_ipv4/ip_conntrack_helper_h323_types.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* Generated by Jing Min Zhao's ASN.1 parser, Mar 15 2006 | 1 | /* Generated by Jing Min Zhao's ASN.1 parser, Apr 20 2006 |
2 | * | 2 | * |
3 | * Copyright (c) 2006 Jing Min Zhao <zhaojingmin@users.sourceforge.net> | 3 | * Copyright (c) 2006 Jing Min Zhao <zhaojingmin@users.sourceforge.net> |
4 | * | 4 | * |
@@ -412,6 +412,7 @@ typedef struct Facility_UUIE { /* SEQUENCE */ | |||
412 | eFacility_UUIE_destinationInfo = (1 << 14), | 412 | eFacility_UUIE_destinationInfo = (1 << 14), |
413 | eFacility_UUIE_h245SecurityMode = (1 << 13), | 413 | eFacility_UUIE_h245SecurityMode = (1 << 13), |
414 | } options; | 414 | } options; |
415 | TransportAddress alternativeAddress; | ||
415 | FacilityReason reason; | 416 | FacilityReason reason; |
416 | TransportAddress h245Address; | 417 | TransportAddress h245Address; |
417 | Facility_UUIE_fastStart fastStart; | 418 | Facility_UUIE_fastStart fastStart; |
diff --git a/include/linux/netfilter_ipv4/ip_conntrack_sip.h b/include/linux/netfilter_ipv4/ip_conntrack_sip.h new file mode 100644 index 00000000000..913dad66c0f --- /dev/null +++ b/include/linux/netfilter_ipv4/ip_conntrack_sip.h | |||
@@ -0,0 +1,44 @@ | |||
1 | #ifndef __IP_CONNTRACK_SIP_H__ | ||
2 | #define __IP_CONNTRACK_SIP_H__ | ||
3 | #ifdef __KERNEL__ | ||
4 | |||
5 | #define SIP_PORT 5060 | ||
6 | #define SIP_TIMEOUT 3600 | ||
7 | |||
8 | #define POS_VIA 0 | ||
9 | #define POS_CONTACT 1 | ||
10 | #define POS_CONTENT 2 | ||
11 | #define POS_MEDIA 3 | ||
12 | #define POS_OWNER 4 | ||
13 | #define POS_CONNECTION 5 | ||
14 | #define POS_REQ_HEADER 6 | ||
15 | #define POS_SDP_HEADER 7 | ||
16 | |||
17 | struct sip_header_nfo { | ||
18 | const char *lname; | ||
19 | const char *sname; | ||
20 | const char *ln_str; | ||
21 | size_t lnlen; | ||
22 | size_t snlen; | ||
23 | size_t ln_strlen; | ||
24 | int (*match_len)(const char *, const char *, int *); | ||
25 | }; | ||
26 | |||
27 | extern unsigned int (*ip_nat_sip_hook)(struct sk_buff **pskb, | ||
28 | enum ip_conntrack_info ctinfo, | ||
29 | struct ip_conntrack *ct, | ||
30 | const char **dptr); | ||
31 | extern unsigned int (*ip_nat_sdp_hook)(struct sk_buff **pskb, | ||
32 | enum ip_conntrack_info ctinfo, | ||
33 | struct ip_conntrack_expect *exp, | ||
34 | const char *dptr); | ||
35 | |||
36 | extern int ct_sip_get_info(const char *dptr, size_t dlen, | ||
37 | unsigned int *matchoff, | ||
38 | unsigned int *matchlen, | ||
39 | struct sip_header_nfo *hnfo); | ||
40 | extern int ct_sip_lnlen(const char *line, const char *limit); | ||
41 | extern const char *ct_sip_search(const char *needle, const char *haystack, | ||
42 | size_t needle_len, size_t haystack_len); | ||
43 | #endif /* __KERNEL__ */ | ||
44 | #endif /* __IP_CONNTRACK_SIP_H__ */ | ||
diff --git a/include/linux/pci_ids.h b/include/linux/pci_ids.h index c3fe769c912..bcfe9d4f56a 100644 --- a/include/linux/pci_ids.h +++ b/include/linux/pci_ids.h | |||
@@ -1897,6 +1897,7 @@ | |||
1897 | #define PCI_DEVICE_ID_TIGON3_5751F 0x167e | 1897 | #define PCI_DEVICE_ID_TIGON3_5751F 0x167e |
1898 | #define PCI_DEVICE_ID_TIGON3_5787M 0x1693 | 1898 | #define PCI_DEVICE_ID_TIGON3_5787M 0x1693 |
1899 | #define PCI_DEVICE_ID_TIGON3_5782 0x1696 | 1899 | #define PCI_DEVICE_ID_TIGON3_5782 0x1696 |
1900 | #define PCI_DEVICE_ID_TIGON3_5786 0x169a | ||
1900 | #define PCI_DEVICE_ID_TIGON3_5787 0x169b | 1901 | #define PCI_DEVICE_ID_TIGON3_5787 0x169b |
1901 | #define PCI_DEVICE_ID_TIGON3_5788 0x169c | 1902 | #define PCI_DEVICE_ID_TIGON3_5788 0x169c |
1902 | #define PCI_DEVICE_ID_TIGON3_5789 0x169d | 1903 | #define PCI_DEVICE_ID_TIGON3_5789 0x169d |
@@ -2053,6 +2054,7 @@ | |||
2053 | #define PCI_DEVICE_ID_INTEL_80960_RP 0x1960 | 2054 | #define PCI_DEVICE_ID_INTEL_80960_RP 0x1960 |
2054 | #define PCI_DEVICE_ID_INTEL_82840_HB 0x1a21 | 2055 | #define PCI_DEVICE_ID_INTEL_82840_HB 0x1a21 |
2055 | #define PCI_DEVICE_ID_INTEL_82845_HB 0x1a30 | 2056 | #define PCI_DEVICE_ID_INTEL_82845_HB 0x1a30 |
2057 | #define PCI_DEVICE_ID_INTEL_IOAT 0x1a38 | ||
2056 | #define PCI_DEVICE_ID_INTEL_82801AA_0 0x2410 | 2058 | #define PCI_DEVICE_ID_INTEL_82801AA_0 0x2410 |
2057 | #define PCI_DEVICE_ID_INTEL_82801AA_1 0x2411 | 2059 | #define PCI_DEVICE_ID_INTEL_82801AA_1 0x2411 |
2058 | #define PCI_DEVICE_ID_INTEL_82801AA_3 0x2413 | 2060 | #define PCI_DEVICE_ID_INTEL_82801AA_3 0x2413 |
diff --git a/include/linux/pfkeyv2.h b/include/linux/pfkeyv2.h index bac0fb389cf..d5dd471da22 100644 --- a/include/linux/pfkeyv2.h +++ b/include/linux/pfkeyv2.h | |||
@@ -159,7 +159,7 @@ struct sadb_spirange { | |||
159 | struct sadb_x_kmprivate { | 159 | struct sadb_x_kmprivate { |
160 | uint16_t sadb_x_kmprivate_len; | 160 | uint16_t sadb_x_kmprivate_len; |
161 | uint16_t sadb_x_kmprivate_exttype; | 161 | uint16_t sadb_x_kmprivate_exttype; |
162 | u_int32_t sadb_x_kmprivate_reserved; | 162 | uint32_t sadb_x_kmprivate_reserved; |
163 | } __attribute__((packed)); | 163 | } __attribute__((packed)); |
164 | /* sizeof(struct sadb_x_kmprivate) == 8 */ | 164 | /* sizeof(struct sadb_x_kmprivate) == 8 */ |
165 | 165 | ||
diff --git a/include/linux/security.h b/include/linux/security.h index 1bab48f6aea..4dfb1b84a9b 100644 --- a/include/linux/security.h +++ b/include/linux/security.h | |||
@@ -805,31 +805,37 @@ struct swap_info_struct; | |||
805 | * used by the XFRM system. | 805 | * used by the XFRM system. |
806 | * @sec_ctx contains the security context information being provided by | 806 | * @sec_ctx contains the security context information being provided by |
807 | * the user-level policy update program (e.g., setkey). | 807 | * the user-level policy update program (e.g., setkey). |
808 | * Allocate a security structure to the xp->selector.security field. | 808 | * Allocate a security structure to the xp->security field. |
809 | * The security field is initialized to NULL when the xfrm_policy is | 809 | * The security field is initialized to NULL when the xfrm_policy is |
810 | * allocated. | 810 | * allocated. |
811 | * Return 0 if operation was successful (memory to allocate, legal context) | 811 | * Return 0 if operation was successful (memory to allocate, legal context) |
812 | * @xfrm_policy_clone_security: | 812 | * @xfrm_policy_clone_security: |
813 | * @old contains an existing xfrm_policy in the SPD. | 813 | * @old contains an existing xfrm_policy in the SPD. |
814 | * @new contains a new xfrm_policy being cloned from old. | 814 | * @new contains a new xfrm_policy being cloned from old. |
815 | * Allocate a security structure to the new->selector.security field | 815 | * Allocate a security structure to the new->security field |
816 | * that contains the information from the old->selector.security field. | 816 | * that contains the information from the old->security field. |
817 | * Return 0 if operation was successful (memory to allocate). | 817 | * Return 0 if operation was successful (memory to allocate). |
818 | * @xfrm_policy_free_security: | 818 | * @xfrm_policy_free_security: |
819 | * @xp contains the xfrm_policy | 819 | * @xp contains the xfrm_policy |
820 | * Deallocate xp->selector.security. | 820 | * Deallocate xp->security. |
821 | * @xfrm_policy_delete_security: | ||
822 | * @xp contains the xfrm_policy. | ||
823 | * Authorize deletion of xp->security. | ||
821 | * @xfrm_state_alloc_security: | 824 | * @xfrm_state_alloc_security: |
822 | * @x contains the xfrm_state being added to the Security Association | 825 | * @x contains the xfrm_state being added to the Security Association |
823 | * Database by the XFRM system. | 826 | * Database by the XFRM system. |
824 | * @sec_ctx contains the security context information being provided by | 827 | * @sec_ctx contains the security context information being provided by |
825 | * the user-level SA generation program (e.g., setkey or racoon). | 828 | * the user-level SA generation program (e.g., setkey or racoon). |
826 | * Allocate a security structure to the x->sel.security field. The | 829 | * Allocate a security structure to the x->security field. The |
827 | * security field is initialized to NULL when the xfrm_state is | 830 | * security field is initialized to NULL when the xfrm_state is |
828 | * allocated. | 831 | * allocated. |
829 | * Return 0 if operation was successful (memory to allocate, legal context). | 832 | * Return 0 if operation was successful (memory to allocate, legal context). |
830 | * @xfrm_state_free_security: | 833 | * @xfrm_state_free_security: |
831 | * @x contains the xfrm_state. | 834 | * @x contains the xfrm_state. |
832 | * Deallocate x>sel.security. | 835 | * Deallocate x->security. |
836 | * @xfrm_state_delete_security: | ||
837 | * @x contains the xfrm_state. | ||
838 | * Authorize deletion of x->security. | ||
833 | * @xfrm_policy_lookup: | 839 | * @xfrm_policy_lookup: |
834 | * @xp contains the xfrm_policy for which the access control is being | 840 | * @xp contains the xfrm_policy for which the access control is being |
835 | * checked. | 841 | * checked. |
@@ -1298,8 +1304,10 @@ struct security_operations { | |||
1298 | int (*xfrm_policy_alloc_security) (struct xfrm_policy *xp, struct xfrm_user_sec_ctx *sec_ctx); | 1304 | int (*xfrm_policy_alloc_security) (struct xfrm_policy *xp, struct xfrm_user_sec_ctx *sec_ctx); |
1299 | int (*xfrm_policy_clone_security) (struct xfrm_policy *old, struct xfrm_policy *new); | 1305 | int (*xfrm_policy_clone_security) (struct xfrm_policy *old, struct xfrm_policy *new); |
1300 | void (*xfrm_policy_free_security) (struct xfrm_policy *xp); | 1306 | void (*xfrm_policy_free_security) (struct xfrm_policy *xp); |
1307 | int (*xfrm_policy_delete_security) (struct xfrm_policy *xp); | ||
1301 | int (*xfrm_state_alloc_security) (struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx); | 1308 | int (*xfrm_state_alloc_security) (struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx); |
1302 | void (*xfrm_state_free_security) (struct xfrm_state *x); | 1309 | void (*xfrm_state_free_security) (struct xfrm_state *x); |
1310 | int (*xfrm_state_delete_security) (struct xfrm_state *x); | ||
1303 | int (*xfrm_policy_lookup)(struct xfrm_policy *xp, u32 sk_sid, u8 dir); | 1311 | int (*xfrm_policy_lookup)(struct xfrm_policy *xp, u32 sk_sid, u8 dir); |
1304 | #endif /* CONFIG_SECURITY_NETWORK_XFRM */ | 1312 | #endif /* CONFIG_SECURITY_NETWORK_XFRM */ |
1305 | 1313 | ||
@@ -2934,11 +2942,21 @@ static inline void security_xfrm_policy_free(struct xfrm_policy *xp) | |||
2934 | security_ops->xfrm_policy_free_security(xp); | 2942 | security_ops->xfrm_policy_free_security(xp); |
2935 | } | 2943 | } |
2936 | 2944 | ||
2945 | static inline int security_xfrm_policy_delete(struct xfrm_policy *xp) | ||
2946 | { | ||
2947 | return security_ops->xfrm_policy_delete_security(xp); | ||
2948 | } | ||
2949 | |||
2937 | static inline int security_xfrm_state_alloc(struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx) | 2950 | static inline int security_xfrm_state_alloc(struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx) |
2938 | { | 2951 | { |
2939 | return security_ops->xfrm_state_alloc_security(x, sec_ctx); | 2952 | return security_ops->xfrm_state_alloc_security(x, sec_ctx); |
2940 | } | 2953 | } |
2941 | 2954 | ||
2955 | static inline int security_xfrm_state_delete(struct xfrm_state *x) | ||
2956 | { | ||
2957 | return security_ops->xfrm_state_delete_security(x); | ||
2958 | } | ||
2959 | |||
2942 | static inline void security_xfrm_state_free(struct xfrm_state *x) | 2960 | static inline void security_xfrm_state_free(struct xfrm_state *x) |
2943 | { | 2961 | { |
2944 | security_ops->xfrm_state_free_security(x); | 2962 | security_ops->xfrm_state_free_security(x); |
@@ -2963,6 +2981,11 @@ static inline void security_xfrm_policy_free(struct xfrm_policy *xp) | |||
2963 | { | 2981 | { |
2964 | } | 2982 | } |
2965 | 2983 | ||
2984 | static inline int security_xfrm_policy_delete(struct xfrm_policy *xp) | ||
2985 | { | ||
2986 | return 0; | ||
2987 | } | ||
2988 | |||
2966 | static inline int security_xfrm_state_alloc(struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx) | 2989 | static inline int security_xfrm_state_alloc(struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx) |
2967 | { | 2990 | { |
2968 | return 0; | 2991 | return 0; |
@@ -2972,6 +2995,11 @@ static inline void security_xfrm_state_free(struct xfrm_state *x) | |||
2972 | { | 2995 | { |
2973 | } | 2996 | } |
2974 | 2997 | ||
2998 | static inline int security_xfrm_state_delete(struct xfrm_state *x) | ||
2999 | { | ||
3000 | return 0; | ||
3001 | } | ||
3002 | |||
2975 | static inline int security_xfrm_policy_lookup(struct xfrm_policy *xp, u32 sk_sid, u8 dir) | 3003 | static inline int security_xfrm_policy_lookup(struct xfrm_policy *xp, u32 sk_sid, u8 dir) |
2976 | { | 3004 | { |
2977 | return 0; | 3005 | return 0; |
diff --git a/include/linux/selinux.h b/include/linux/selinux.h index 4047bcde448..aad4e390d6a 100644 --- a/include/linux/selinux.h +++ b/include/linux/selinux.h | |||
@@ -118,6 +118,27 @@ void selinux_get_ipc_sid(const struct kern_ipc_perm *ipcp, u32 *sid); | |||
118 | */ | 118 | */ |
119 | void selinux_get_task_sid(struct task_struct *tsk, u32 *sid); | 119 | void selinux_get_task_sid(struct task_struct *tsk, u32 *sid); |
120 | 120 | ||
121 | /** | ||
122 | * selinux_string_to_sid - map a security context string to a security ID | ||
123 | * @str: the security context string to be mapped | ||
124 | * @sid: ID value returned via this. | ||
125 | * | ||
126 | * Returns 0 if successful, with the SID stored in sid. A value | ||
127 | * of zero for sid indicates no SID could be determined (but no error | ||
128 | * occurred). | ||
129 | */ | ||
130 | int selinux_string_to_sid(char *str, u32 *sid); | ||
131 | |||
132 | /** | ||
133 | * selinux_relabel_packet_permission - check permission to relabel a packet | ||
134 | * @sid: ID value to be applied to network packet (via SECMARK, most likely) | ||
135 | * | ||
136 | * Returns 0 if the current task is allowed to label packets with the | ||
137 | * supplied security ID. Note that it is implicit that the packet is always | ||
138 | * being relabeled from the default unlabled value, and that the access | ||
139 | * control decision is made in the AVC. | ||
140 | */ | ||
141 | int selinux_relabel_packet_permission(u32 sid); | ||
121 | 142 | ||
122 | #else | 143 | #else |
123 | 144 | ||
@@ -172,6 +193,17 @@ static inline void selinux_get_task_sid(struct task_struct *tsk, u32 *sid) | |||
172 | *sid = 0; | 193 | *sid = 0; |
173 | } | 194 | } |
174 | 195 | ||
196 | static inline int selinux_string_to_sid(const char *str, u32 *sid) | ||
197 | { | ||
198 | *sid = 0; | ||
199 | return 0; | ||
200 | } | ||
201 | |||
202 | static inline int selinux_relabel_packet_permission(u32 sid) | ||
203 | { | ||
204 | return 0; | ||
205 | } | ||
206 | |||
175 | #endif /* CONFIG_SECURITY_SELINUX */ | 207 | #endif /* CONFIG_SECURITY_SELINUX */ |
176 | 208 | ||
177 | #endif /* _LINUX_SELINUX_H */ | 209 | #endif /* _LINUX_SELINUX_H */ |
diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h index f8f234708b9..93e4db22158 100644 --- a/include/linux/skbuff.h +++ b/include/linux/skbuff.h | |||
@@ -29,6 +29,7 @@ | |||
29 | #include <linux/net.h> | 29 | #include <linux/net.h> |
30 | #include <linux/textsearch.h> | 30 | #include <linux/textsearch.h> |
31 | #include <net/checksum.h> | 31 | #include <net/checksum.h> |
32 | #include <linux/dmaengine.h> | ||
32 | 33 | ||
33 | #define HAVE_ALLOC_SKB /* For the drivers to know */ | 34 | #define HAVE_ALLOC_SKB /* For the drivers to know */ |
34 | #define HAVE_ALIGNABLE_SKB /* Ditto 8) */ | 35 | #define HAVE_ALIGNABLE_SKB /* Ditto 8) */ |
@@ -209,6 +210,7 @@ enum { | |||
209 | * @nf_bridge: Saved data about a bridged frame - see br_netfilter.c | 210 | * @nf_bridge: Saved data about a bridged frame - see br_netfilter.c |
210 | * @tc_index: Traffic control index | 211 | * @tc_index: Traffic control index |
211 | * @tc_verd: traffic control verdict | 212 | * @tc_verd: traffic control verdict |
213 | * @secmark: security marking | ||
212 | */ | 214 | */ |
213 | 215 | ||
214 | struct sk_buff { | 216 | struct sk_buff { |
@@ -285,6 +287,12 @@ struct sk_buff { | |||
285 | __u16 tc_verd; /* traffic control verdict */ | 287 | __u16 tc_verd; /* traffic control verdict */ |
286 | #endif | 288 | #endif |
287 | #endif | 289 | #endif |
290 | #ifdef CONFIG_NET_DMA | ||
291 | dma_cookie_t dma_cookie; | ||
292 | #endif | ||
293 | #ifdef CONFIG_NETWORK_SECMARK | ||
294 | __u32 secmark; | ||
295 | #endif | ||
288 | 296 | ||
289 | 297 | ||
290 | /* These elements must be at the end, see alloc_skb() for details. */ | 298 | /* These elements must be at the end, see alloc_skb() for details. */ |
@@ -967,15 +975,16 @@ static inline void skb_reserve(struct sk_buff *skb, int len) | |||
967 | #define NET_SKB_PAD 16 | 975 | #define NET_SKB_PAD 16 |
968 | #endif | 976 | #endif |
969 | 977 | ||
970 | extern int ___pskb_trim(struct sk_buff *skb, unsigned int len, int realloc); | 978 | extern int ___pskb_trim(struct sk_buff *skb, unsigned int len); |
971 | 979 | ||
972 | static inline void __skb_trim(struct sk_buff *skb, unsigned int len) | 980 | static inline void __skb_trim(struct sk_buff *skb, unsigned int len) |
973 | { | 981 | { |
974 | if (!skb->data_len) { | 982 | if (unlikely(skb->data_len)) { |
975 | skb->len = len; | 983 | WARN_ON(1); |
976 | skb->tail = skb->data + len; | 984 | return; |
977 | } else | 985 | } |
978 | ___pskb_trim(skb, len, 0); | 986 | skb->len = len; |
987 | skb->tail = skb->data + len; | ||
979 | } | 988 | } |
980 | 989 | ||
981 | /** | 990 | /** |
@@ -985,6 +994,7 @@ static inline void __skb_trim(struct sk_buff *skb, unsigned int len) | |||
985 | * | 994 | * |
986 | * Cut the length of a buffer down by removing data from the tail. If | 995 | * Cut the length of a buffer down by removing data from the tail. If |
987 | * the buffer is already under the length specified it is not modified. | 996 | * the buffer is already under the length specified it is not modified. |
997 | * The skb must be linear. | ||
988 | */ | 998 | */ |
989 | static inline void skb_trim(struct sk_buff *skb, unsigned int len) | 999 | static inline void skb_trim(struct sk_buff *skb, unsigned int len) |
990 | { | 1000 | { |
@@ -995,12 +1005,10 @@ static inline void skb_trim(struct sk_buff *skb, unsigned int len) | |||
995 | 1005 | ||
996 | static inline int __pskb_trim(struct sk_buff *skb, unsigned int len) | 1006 | static inline int __pskb_trim(struct sk_buff *skb, unsigned int len) |
997 | { | 1007 | { |
998 | if (!skb->data_len) { | 1008 | if (skb->data_len) |
999 | skb->len = len; | 1009 | return ___pskb_trim(skb, len); |
1000 | skb->tail = skb->data+len; | 1010 | __skb_trim(skb, len); |
1001 | return 0; | 1011 | return 0; |
1002 | } | ||
1003 | return ___pskb_trim(skb, len, 1); | ||
1004 | } | 1012 | } |
1005 | 1013 | ||
1006 | static inline int pskb_trim(struct sk_buff *skb, unsigned int len) | 1014 | static inline int pskb_trim(struct sk_buff *skb, unsigned int len) |
@@ -1161,18 +1169,34 @@ static inline int skb_can_coalesce(struct sk_buff *skb, int i, | |||
1161 | return 0; | 1169 | return 0; |
1162 | } | 1170 | } |
1163 | 1171 | ||
1172 | static inline int __skb_linearize(struct sk_buff *skb) | ||
1173 | { | ||
1174 | return __pskb_pull_tail(skb, skb->data_len) ? 0 : -ENOMEM; | ||
1175 | } | ||
1176 | |||
1164 | /** | 1177 | /** |
1165 | * skb_linearize - convert paged skb to linear one | 1178 | * skb_linearize - convert paged skb to linear one |
1166 | * @skb: buffer to linarize | 1179 | * @skb: buffer to linarize |
1167 | * @gfp: allocation mode | ||
1168 | * | 1180 | * |
1169 | * If there is no free memory -ENOMEM is returned, otherwise zero | 1181 | * If there is no free memory -ENOMEM is returned, otherwise zero |
1170 | * is returned and the old skb data released. | 1182 | * is returned and the old skb data released. |
1171 | */ | 1183 | */ |
1172 | extern int __skb_linearize(struct sk_buff *skb, gfp_t gfp); | 1184 | static inline int skb_linearize(struct sk_buff *skb) |
1173 | static inline int skb_linearize(struct sk_buff *skb, gfp_t gfp) | 1185 | { |
1186 | return skb_is_nonlinear(skb) ? __skb_linearize(skb) : 0; | ||
1187 | } | ||
1188 | |||
1189 | /** | ||
1190 | * skb_linearize_cow - make sure skb is linear and writable | ||
1191 | * @skb: buffer to process | ||
1192 | * | ||
1193 | * If there is no free memory -ENOMEM is returned, otherwise zero | ||
1194 | * is returned and the old skb data released. | ||
1195 | */ | ||
1196 | static inline int skb_linearize_cow(struct sk_buff *skb) | ||
1174 | { | 1197 | { |
1175 | return __skb_linearize(skb, gfp); | 1198 | return skb_is_nonlinear(skb) || skb_cloned(skb) ? |
1199 | __skb_linearize(skb) : 0; | ||
1176 | } | 1200 | } |
1177 | 1201 | ||
1178 | /** | 1202 | /** |
@@ -1396,5 +1420,23 @@ static inline void nf_reset(struct sk_buff *skb) | |||
1396 | static inline void nf_reset(struct sk_buff *skb) {} | 1420 | static inline void nf_reset(struct sk_buff *skb) {} |
1397 | #endif /* CONFIG_NETFILTER */ | 1421 | #endif /* CONFIG_NETFILTER */ |
1398 | 1422 | ||
1423 | #ifdef CONFIG_NETWORK_SECMARK | ||
1424 | static inline void skb_copy_secmark(struct sk_buff *to, const struct sk_buff *from) | ||
1425 | { | ||
1426 | to->secmark = from->secmark; | ||
1427 | } | ||
1428 | |||
1429 | static inline void skb_init_secmark(struct sk_buff *skb) | ||
1430 | { | ||
1431 | skb->secmark = 0; | ||
1432 | } | ||
1433 | #else | ||
1434 | static inline void skb_copy_secmark(struct sk_buff *to, const struct sk_buff *from) | ||
1435 | { } | ||
1436 | |||
1437 | static inline void skb_init_secmark(struct sk_buff *skb) | ||
1438 | { } | ||
1439 | #endif | ||
1440 | |||
1399 | #endif /* __KERNEL__ */ | 1441 | #endif /* __KERNEL__ */ |
1400 | #endif /* _LINUX_SKBUFF_H */ | 1442 | #endif /* _LINUX_SKBUFF_H */ |
diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h index 76eaeff76f8..cee944dbdcd 100644 --- a/include/linux/sysctl.h +++ b/include/linux/sysctl.h | |||
@@ -313,6 +313,7 @@ enum | |||
313 | NET_NF_CONNTRACK_FRAG6_TIMEOUT=29, | 313 | NET_NF_CONNTRACK_FRAG6_TIMEOUT=29, |
314 | NET_NF_CONNTRACK_FRAG6_LOW_THRESH=30, | 314 | NET_NF_CONNTRACK_FRAG6_LOW_THRESH=30, |
315 | NET_NF_CONNTRACK_FRAG6_HIGH_THRESH=31, | 315 | NET_NF_CONNTRACK_FRAG6_HIGH_THRESH=31, |
316 | NET_NF_CONNTRACK_CHECKSUM=32, | ||
316 | }; | 317 | }; |
317 | 318 | ||
318 | /* /proc/sys/net/ipv4 */ | 319 | /* /proc/sys/net/ipv4 */ |
@@ -403,6 +404,8 @@ enum | |||
403 | NET_TCP_MTU_PROBING=113, | 404 | NET_TCP_MTU_PROBING=113, |
404 | NET_TCP_BASE_MSS=114, | 405 | NET_TCP_BASE_MSS=114, |
405 | NET_IPV4_TCP_WORKAROUND_SIGNED_WINDOWS=115, | 406 | NET_IPV4_TCP_WORKAROUND_SIGNED_WINDOWS=115, |
407 | NET_TCP_DMA_COPYBREAK=116, | ||
408 | NET_TCP_SLOW_START_AFTER_IDLE=117, | ||
406 | }; | 409 | }; |
407 | 410 | ||
408 | enum { | 411 | enum { |
@@ -491,6 +494,7 @@ enum | |||
491 | NET_IPV4_NF_CONNTRACK_SCTP_TIMEOUT_SHUTDOWN_RECD=25, | 494 | NET_IPV4_NF_CONNTRACK_SCTP_TIMEOUT_SHUTDOWN_RECD=25, |
492 | NET_IPV4_NF_CONNTRACK_SCTP_TIMEOUT_SHUTDOWN_ACK_SENT=26, | 495 | NET_IPV4_NF_CONNTRACK_SCTP_TIMEOUT_SHUTDOWN_ACK_SENT=26, |
493 | NET_IPV4_NF_CONNTRACK_COUNT=27, | 496 | NET_IPV4_NF_CONNTRACK_COUNT=27, |
497 | NET_IPV4_NF_CONNTRACK_CHECKSUM=28, | ||
494 | }; | 498 | }; |
495 | 499 | ||
496 | /* /proc/sys/net/ipv6 */ | 500 | /* /proc/sys/net/ipv6 */ |
diff --git a/include/linux/tcp.h b/include/linux/tcp.h index 542d39596bd..c90daa5da6c 100644 --- a/include/linux/tcp.h +++ b/include/linux/tcp.h | |||
@@ -18,6 +18,7 @@ | |||
18 | #define _LINUX_TCP_H | 18 | #define _LINUX_TCP_H |
19 | 19 | ||
20 | #include <linux/types.h> | 20 | #include <linux/types.h> |
21 | #include <linux/dmaengine.h> | ||
21 | #include <asm/byteorder.h> | 22 | #include <asm/byteorder.h> |
22 | 23 | ||
23 | struct tcphdr { | 24 | struct tcphdr { |
@@ -233,6 +234,13 @@ struct tcp_sock { | |||
233 | struct iovec *iov; | 234 | struct iovec *iov; |
234 | int memory; | 235 | int memory; |
235 | int len; | 236 | int len; |
237 | #ifdef CONFIG_NET_DMA | ||
238 | /* members for async copy */ | ||
239 | struct dma_chan *dma_chan; | ||
240 | int wakeup; | ||
241 | struct dma_pinned_list *pinned_list; | ||
242 | dma_cookie_t dma_cookie; | ||
243 | #endif | ||
236 | } ucopy; | 244 | } ucopy; |
237 | 245 | ||
238 | __u32 snd_wl1; /* Sequence for window update */ | 246 | __u32 snd_wl1; /* Sequence for window update */ |
diff --git a/include/linux/xfrm.h b/include/linux/xfrm.h index 6b42cc474c0..46a15c7a1a1 100644 --- a/include/linux/xfrm.h +++ b/include/linux/xfrm.h | |||
@@ -118,6 +118,10 @@ enum | |||
118 | XFRM_SHARE_UNIQUE /* Use once */ | 118 | XFRM_SHARE_UNIQUE /* Use once */ |
119 | }; | 119 | }; |
120 | 120 | ||
121 | #define XFRM_MODE_TRANSPORT 0 | ||
122 | #define XFRM_MODE_TUNNEL 1 | ||
123 | #define XFRM_MODE_MAX 2 | ||
124 | |||
121 | /* Netlink configuration messages. */ | 125 | /* Netlink configuration messages. */ |
122 | enum { | 126 | enum { |
123 | XFRM_MSG_BASE = 0x10, | 127 | XFRM_MSG_BASE = 0x10, |
diff --git a/include/net/ip.h b/include/net/ip.h index 3d2e5ca62a5..ead233c9540 100644 --- a/include/net/ip.h +++ b/include/net/ip.h | |||
@@ -147,7 +147,6 @@ void ip_send_reply(struct sock *sk, struct sk_buff *skb, struct ip_reply_arg *ar | |||
147 | struct ipv4_config | 147 | struct ipv4_config |
148 | { | 148 | { |
149 | int log_martians; | 149 | int log_martians; |
150 | int autoconfig; | ||
151 | int no_pmtu_disc; | 150 | int no_pmtu_disc; |
152 | }; | 151 | }; |
153 | 152 | ||
diff --git a/include/net/llc_if.h b/include/net/llc_if.h index 090eaa0d71f..c608812a8e8 100644 --- a/include/net/llc_if.h +++ b/include/net/llc_if.h | |||
@@ -16,6 +16,7 @@ | |||
16 | #include <linux/if.h> | 16 | #include <linux/if.h> |
17 | #include <linux/if_arp.h> | 17 | #include <linux/if_arp.h> |
18 | #include <linux/llc.h> | 18 | #include <linux/llc.h> |
19 | #include <linux/etherdevice.h> | ||
19 | #include <net/llc.h> | 20 | #include <net/llc.h> |
20 | 21 | ||
21 | #define LLC_DATAUNIT_PRIM 1 | 22 | #define LLC_DATAUNIT_PRIM 1 |
@@ -61,8 +62,6 @@ | |||
61 | #define LLC_STATUS_CONFLICT 7 /* disconnect conn */ | 62 | #define LLC_STATUS_CONFLICT 7 /* disconnect conn */ |
62 | #define LLC_STATUS_RESET_DONE 8 /* */ | 63 | #define LLC_STATUS_RESET_DONE 8 /* */ |
63 | 64 | ||
64 | extern u8 llc_mac_null_var[IFHWADDRLEN]; | ||
65 | |||
66 | /** | 65 | /** |
67 | * llc_mac_null - determines if a address is a null mac address | 66 | * llc_mac_null - determines if a address is a null mac address |
68 | * @mac: Mac address to test if null. | 67 | * @mac: Mac address to test if null. |
@@ -70,16 +69,20 @@ extern u8 llc_mac_null_var[IFHWADDRLEN]; | |||
70 | * Determines if a given address is a null mac address. Returns 0 if the | 69 | * Determines if a given address is a null mac address. Returns 0 if the |
71 | * address is not a null mac, 1 if the address is a null mac. | 70 | * address is not a null mac, 1 if the address is a null mac. |
72 | */ | 71 | */ |
73 | static __inline__ int llc_mac_null(u8 *mac) | 72 | static inline int llc_mac_null(const u8 *mac) |
74 | { | 73 | { |
75 | return !memcmp(mac, llc_mac_null_var, IFHWADDRLEN); | 74 | return is_zero_ether_addr(mac); |
76 | } | 75 | } |
77 | 76 | ||
78 | static __inline__ int llc_addrany(struct llc_addr *addr) | 77 | static inline int llc_addrany(const struct llc_addr *addr) |
79 | { | 78 | { |
80 | return llc_mac_null(addr->mac) && !addr->lsap; | 79 | return llc_mac_null(addr->mac) && !addr->lsap; |
81 | } | 80 | } |
82 | 81 | ||
82 | static inline int llc_mac_multicast(const u8 *mac) | ||
83 | { | ||
84 | return is_multicast_ether_addr(mac); | ||
85 | } | ||
83 | /** | 86 | /** |
84 | * llc_mac_match - determines if two mac addresses are the same | 87 | * llc_mac_match - determines if two mac addresses are the same |
85 | * @mac1: First mac address to compare. | 88 | * @mac1: First mac address to compare. |
@@ -89,9 +92,9 @@ static __inline__ int llc_addrany(struct llc_addr *addr) | |||
89 | * is not a complete match up to len, 1 if a complete match up to len is | 92 | * is not a complete match up to len, 1 if a complete match up to len is |
90 | * found. | 93 | * found. |
91 | */ | 94 | */ |
92 | static __inline__ int llc_mac_match(u8 *mac1, u8 *mac2) | 95 | static inline int llc_mac_match(const u8 *mac1, const u8 *mac2) |
93 | { | 96 | { |
94 | return !memcmp(mac1, mac2, IFHWADDRLEN); | 97 | return !compare_ether_addr(mac1, mac2); |
95 | } | 98 | } |
96 | 99 | ||
97 | extern int llc_establish_connection(struct sock *sk, u8 *lmac, | 100 | extern int llc_establish_connection(struct sock *sk, u8 *lmac, |
diff --git a/include/net/netdma.h b/include/net/netdma.h new file mode 100644 index 00000000000..19760eb131a --- /dev/null +++ b/include/net/netdma.h | |||
@@ -0,0 +1,44 @@ | |||
1 | /* | ||
2 | * Copyright(c) 2004 - 2006 Intel Corporation. All rights reserved. | ||
3 | * | ||
4 | * This program is free software; you can redistribute it and/or modify it | ||
5 | * under the terms of the GNU General Public License as published by the Free | ||
6 | * Software Foundation; either version 2 of the License, or (at your option) | ||
7 | * any later version. | ||
8 | * | ||
9 | * This program is distributed in the hope that it will be useful, but WITHOUT | ||
10 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or | ||
11 | * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for | ||
12 | * more details. | ||
13 | * | ||
14 | * You should have received a copy of the GNU General Public License along with | ||
15 | * this program; if not, write to the Free Software Foundation, Inc., 59 | ||
16 | * Temple Place - Suite 330, Boston, MA 02111-1307, USA. | ||
17 | * | ||
18 | * The full GNU General Public License is included in this distribution in the | ||
19 | * file called COPYING. | ||
20 | */ | ||
21 | #ifndef NETDMA_H | ||
22 | #define NETDMA_H | ||
23 | #include <linux/config.h> | ||
24 | #ifdef CONFIG_NET_DMA | ||
25 | #include <linux/dmaengine.h> | ||
26 | #include <linux/skbuff.h> | ||
27 | |||
28 | static inline struct dma_chan *get_softnet_dma(void) | ||
29 | { | ||
30 | struct dma_chan *chan; | ||
31 | rcu_read_lock(); | ||
32 | chan = rcu_dereference(__get_cpu_var(softnet_data.net_dma)); | ||
33 | if (chan) | ||
34 | dma_chan_get(chan); | ||
35 | rcu_read_unlock(); | ||
36 | return chan; | ||
37 | } | ||
38 | |||
39 | int dma_skb_copy_datagram_iovec(struct dma_chan* chan, | ||
40 | const struct sk_buff *skb, int offset, struct iovec *to, | ||
41 | size_t len, struct dma_pinned_list *pinned_list); | ||
42 | |||
43 | #endif /* CONFIG_NET_DMA */ | ||
44 | #endif /* NETDMA_H */ | ||
diff --git a/include/net/netfilter/nf_conntrack.h b/include/net/netfilter/nf_conntrack.h index 916013ca4a5..41111781580 100644 --- a/include/net/netfilter/nf_conntrack.h +++ b/include/net/netfilter/nf_conntrack.h | |||
@@ -114,6 +114,10 @@ struct nf_conn | |||
114 | u_int32_t mark; | 114 | u_int32_t mark; |
115 | #endif | 115 | #endif |
116 | 116 | ||
117 | #ifdef CONFIG_NF_CONNTRACK_SECMARK | ||
118 | u_int32_t secmark; | ||
119 | #endif | ||
120 | |||
117 | /* Storage reserved for other modules: */ | 121 | /* Storage reserved for other modules: */ |
118 | union nf_conntrack_proto proto; | 122 | union nf_conntrack_proto proto; |
119 | 123 | ||
@@ -285,6 +289,7 @@ static inline int nf_ct_is_dying(struct nf_conn *ct) | |||
285 | } | 289 | } |
286 | 290 | ||
287 | extern unsigned int nf_conntrack_htable_size; | 291 | extern unsigned int nf_conntrack_htable_size; |
292 | extern int nf_conntrack_checksum; | ||
288 | 293 | ||
289 | #define NF_CT_STAT_INC(count) (__get_cpu_var(nf_conntrack_stat).count++) | 294 | #define NF_CT_STAT_INC(count) (__get_cpu_var(nf_conntrack_stat).count++) |
290 | 295 | ||
diff --git a/include/net/netfilter/nf_conntrack_compat.h b/include/net/netfilter/nf_conntrack_compat.h index 3cac19fb364..f1b1482d720 100644 --- a/include/net/netfilter/nf_conntrack_compat.h +++ b/include/net/netfilter/nf_conntrack_compat.h | |||
@@ -20,6 +20,19 @@ static inline u_int32_t *nf_ct_get_mark(const struct sk_buff *skb, | |||
20 | } | 20 | } |
21 | #endif /* CONFIG_IP_NF_CONNTRACK_MARK */ | 21 | #endif /* CONFIG_IP_NF_CONNTRACK_MARK */ |
22 | 22 | ||
23 | #ifdef CONFIG_IP_NF_CONNTRACK_SECMARK | ||
24 | static inline u_int32_t *nf_ct_get_secmark(const struct sk_buff *skb, | ||
25 | u_int32_t *ctinfo) | ||
26 | { | ||
27 | struct ip_conntrack *ct = ip_conntrack_get(skb, ctinfo); | ||
28 | |||
29 | if (ct) | ||
30 | return &ct->secmark; | ||
31 | else | ||
32 | return NULL; | ||
33 | } | ||
34 | #endif /* CONFIG_IP_NF_CONNTRACK_SECMARK */ | ||
35 | |||
23 | #ifdef CONFIG_IP_NF_CT_ACCT | 36 | #ifdef CONFIG_IP_NF_CT_ACCT |
24 | static inline struct ip_conntrack_counter * | 37 | static inline struct ip_conntrack_counter * |
25 | nf_ct_get_counters(const struct sk_buff *skb) | 38 | nf_ct_get_counters(const struct sk_buff *skb) |
@@ -70,6 +83,19 @@ static inline u_int32_t *nf_ct_get_mark(const struct sk_buff *skb, | |||
70 | } | 83 | } |
71 | #endif /* CONFIG_NF_CONNTRACK_MARK */ | 84 | #endif /* CONFIG_NF_CONNTRACK_MARK */ |
72 | 85 | ||
86 | #ifdef CONFIG_NF_CONNTRACK_SECMARK | ||
87 | static inline u_int32_t *nf_ct_get_secmark(const struct sk_buff *skb, | ||
88 | u_int32_t *ctinfo) | ||
89 | { | ||
90 | struct nf_conn *ct = nf_ct_get(skb, ctinfo); | ||
91 | |||
92 | if (ct) | ||
93 | return &ct->secmark; | ||
94 | else | ||
95 | return NULL; | ||
96 | } | ||
97 | #endif /* CONFIG_NF_CONNTRACK_MARK */ | ||
98 | |||
73 | #ifdef CONFIG_NF_CT_ACCT | 99 | #ifdef CONFIG_NF_CT_ACCT |
74 | static inline struct ip_conntrack_counter * | 100 | static inline struct ip_conntrack_counter * |
75 | nf_ct_get_counters(const struct sk_buff *skb) | 101 | nf_ct_get_counters(const struct sk_buff *skb) |
diff --git a/include/net/raw.h b/include/net/raw.h index e67b28a0248..d83571fe4c6 100644 --- a/include/net/raw.h +++ b/include/net/raw.h | |||
@@ -36,7 +36,7 @@ extern rwlock_t raw_v4_lock; | |||
36 | 36 | ||
37 | 37 | ||
38 | extern struct sock *__raw_v4_lookup(struct sock *sk, unsigned short num, | 38 | extern struct sock *__raw_v4_lookup(struct sock *sk, unsigned short num, |
39 | unsigned long raddr, unsigned long laddr, | 39 | __be32 raddr, __be32 laddr, |
40 | int dif); | 40 | int dif); |
41 | 41 | ||
42 | extern int raw_v4_input(struct sk_buff *skb, struct iphdr *iph, int hash); | 42 | extern int raw_v4_input(struct sk_buff *skb, struct iphdr *iph, int hash); |
diff --git a/include/net/sctp/sctp.h b/include/net/sctp/sctp.h index aa6033ca7cd..b2b40f951ae 100644 --- a/include/net/sctp/sctp.h +++ b/include/net/sctp/sctp.h | |||
@@ -255,7 +255,7 @@ extern int sctp_debug_flag; | |||
255 | #define SCTP_DEBUG_PRINTK_IPADDR(whatever...) | 255 | #define SCTP_DEBUG_PRINTK_IPADDR(whatever...) |
256 | #define SCTP_ENABLE_DEBUG | 256 | #define SCTP_ENABLE_DEBUG |
257 | #define SCTP_DISABLE_DEBUG | 257 | #define SCTP_DISABLE_DEBUG |
258 | #define SCTP_ASSERT(expr, str, func) | 258 | #define SCTP_ASSERT(expr, str, func) BUG_ON(!(expr)) |
259 | 259 | ||
260 | #endif /* SCTP_DEBUG */ | 260 | #endif /* SCTP_DEBUG */ |
261 | 261 | ||
diff --git a/include/net/sctp/structs.h b/include/net/sctp/structs.h index 7f4fea173fb..5f69158c100 100644 --- a/include/net/sctp/structs.h +++ b/include/net/sctp/structs.h | |||
@@ -555,7 +555,8 @@ struct sctp_af { | |||
555 | int (*to_addr_param) (const union sctp_addr *, | 555 | int (*to_addr_param) (const union sctp_addr *, |
556 | union sctp_addr_param *); | 556 | union sctp_addr_param *); |
557 | int (*addr_valid) (union sctp_addr *, | 557 | int (*addr_valid) (union sctp_addr *, |
558 | struct sctp_sock *); | 558 | struct sctp_sock *, |
559 | const struct sk_buff *); | ||
559 | sctp_scope_t (*scope) (union sctp_addr *); | 560 | sctp_scope_t (*scope) (union sctp_addr *); |
560 | void (*inaddr_any) (union sctp_addr *, unsigned short); | 561 | void (*inaddr_any) (union sctp_addr *, unsigned short); |
561 | int (*is_any) (const union sctp_addr *); | 562 | int (*is_any) (const union sctp_addr *); |
diff --git a/include/net/sock.h b/include/net/sock.h index c9fad6fb629..96565ff0de6 100644 --- a/include/net/sock.h +++ b/include/net/sock.h | |||
@@ -132,6 +132,7 @@ struct sock_common { | |||
132 | * @sk_receive_queue: incoming packets | 132 | * @sk_receive_queue: incoming packets |
133 | * @sk_wmem_alloc: transmit queue bytes committed | 133 | * @sk_wmem_alloc: transmit queue bytes committed |
134 | * @sk_write_queue: Packet sending queue | 134 | * @sk_write_queue: Packet sending queue |
135 | * @sk_async_wait_queue: DMA copied packets | ||
135 | * @sk_omem_alloc: "o" is "option" or "other" | 136 | * @sk_omem_alloc: "o" is "option" or "other" |
136 | * @sk_wmem_queued: persistent queue size | 137 | * @sk_wmem_queued: persistent queue size |
137 | * @sk_forward_alloc: space allocated forward | 138 | * @sk_forward_alloc: space allocated forward |
@@ -205,6 +206,7 @@ struct sock { | |||
205 | atomic_t sk_omem_alloc; | 206 | atomic_t sk_omem_alloc; |
206 | struct sk_buff_head sk_receive_queue; | 207 | struct sk_buff_head sk_receive_queue; |
207 | struct sk_buff_head sk_write_queue; | 208 | struct sk_buff_head sk_write_queue; |
209 | struct sk_buff_head sk_async_wait_queue; | ||
208 | int sk_wmem_queued; | 210 | int sk_wmem_queued; |
209 | int sk_forward_alloc; | 211 | int sk_forward_alloc; |
210 | gfp_t sk_allocation; | 212 | gfp_t sk_allocation; |
@@ -871,10 +873,7 @@ static inline int sk_filter(struct sock *sk, struct sk_buff *skb, int needlock) | |||
871 | if (filter) { | 873 | if (filter) { |
872 | unsigned int pkt_len = sk_run_filter(skb, filter->insns, | 874 | unsigned int pkt_len = sk_run_filter(skb, filter->insns, |
873 | filter->len); | 875 | filter->len); |
874 | if (!pkt_len) | 876 | err = pkt_len ? pskb_trim(skb, pkt_len) : -EPERM; |
875 | err = -EPERM; | ||
876 | else | ||
877 | skb_trim(skb, pkt_len); | ||
878 | } | 877 | } |
879 | 878 | ||
880 | if (needlock) | 879 | if (needlock) |
@@ -1271,11 +1270,22 @@ sock_recv_timestamp(struct msghdr *msg, struct sock *sk, struct sk_buff *skb) | |||
1271 | * This routine must be called with interrupts disabled or with the socket | 1270 | * This routine must be called with interrupts disabled or with the socket |
1272 | * locked so that the sk_buff queue operation is ok. | 1271 | * locked so that the sk_buff queue operation is ok. |
1273 | */ | 1272 | */ |
1274 | static inline void sk_eat_skb(struct sock *sk, struct sk_buff *skb) | 1273 | #ifdef CONFIG_NET_DMA |
1274 | static inline void sk_eat_skb(struct sock *sk, struct sk_buff *skb, int copied_early) | ||
1275 | { | ||
1276 | __skb_unlink(skb, &sk->sk_receive_queue); | ||
1277 | if (!copied_early) | ||
1278 | __kfree_skb(skb); | ||
1279 | else | ||
1280 | __skb_queue_tail(&sk->sk_async_wait_queue, skb); | ||
1281 | } | ||
1282 | #else | ||
1283 | static inline void sk_eat_skb(struct sock *sk, struct sk_buff *skb, int copied_early) | ||
1275 | { | 1284 | { |
1276 | __skb_unlink(skb, &sk->sk_receive_queue); | 1285 | __skb_unlink(skb, &sk->sk_receive_queue); |
1277 | __kfree_skb(skb); | 1286 | __kfree_skb(skb); |
1278 | } | 1287 | } |
1288 | #endif | ||
1279 | 1289 | ||
1280 | extern void sock_enable_timestamp(struct sock *sk); | 1290 | extern void sock_enable_timestamp(struct sock *sk); |
1281 | extern int sock_get_timestamp(struct sock *, struct timeval __user *); | 1291 | extern int sock_get_timestamp(struct sock *, struct timeval __user *); |
diff --git a/include/net/tcp.h b/include/net/tcp.h index 3c989db8a7a..bfc71f954bb 100644 --- a/include/net/tcp.h +++ b/include/net/tcp.h | |||
@@ -28,6 +28,7 @@ | |||
28 | #include <linux/cache.h> | 28 | #include <linux/cache.h> |
29 | #include <linux/percpu.h> | 29 | #include <linux/percpu.h> |
30 | #include <linux/skbuff.h> | 30 | #include <linux/skbuff.h> |
31 | #include <linux/dmaengine.h> | ||
31 | 32 | ||
32 | #include <net/inet_connection_sock.h> | 33 | #include <net/inet_connection_sock.h> |
33 | #include <net/inet_timewait_sock.h> | 34 | #include <net/inet_timewait_sock.h> |
@@ -218,6 +219,7 @@ extern int sysctl_tcp_adv_win_scale; | |||
218 | extern int sysctl_tcp_tw_reuse; | 219 | extern int sysctl_tcp_tw_reuse; |
219 | extern int sysctl_tcp_frto; | 220 | extern int sysctl_tcp_frto; |
220 | extern int sysctl_tcp_low_latency; | 221 | extern int sysctl_tcp_low_latency; |
222 | extern int sysctl_tcp_dma_copybreak; | ||
221 | extern int sysctl_tcp_nometrics_save; | 223 | extern int sysctl_tcp_nometrics_save; |
222 | extern int sysctl_tcp_moderate_rcvbuf; | 224 | extern int sysctl_tcp_moderate_rcvbuf; |
223 | extern int sysctl_tcp_tso_win_divisor; | 225 | extern int sysctl_tcp_tso_win_divisor; |
@@ -225,6 +227,7 @@ extern int sysctl_tcp_abc; | |||
225 | extern int sysctl_tcp_mtu_probing; | 227 | extern int sysctl_tcp_mtu_probing; |
226 | extern int sysctl_tcp_base_mss; | 228 | extern int sysctl_tcp_base_mss; |
227 | extern int sysctl_tcp_workaround_signed_windows; | 229 | extern int sysctl_tcp_workaround_signed_windows; |
230 | extern int sysctl_tcp_slow_start_after_idle; | ||
228 | 231 | ||
229 | extern atomic_t tcp_memory_allocated; | 232 | extern atomic_t tcp_memory_allocated; |
230 | extern atomic_t tcp_sockets_allocated; | 233 | extern atomic_t tcp_sockets_allocated; |
@@ -293,6 +296,8 @@ extern int tcp_rcv_established(struct sock *sk, | |||
293 | 296 | ||
294 | extern void tcp_rcv_space_adjust(struct sock *sk); | 297 | extern void tcp_rcv_space_adjust(struct sock *sk); |
295 | 298 | ||
299 | extern void tcp_cleanup_rbuf(struct sock *sk, int copied); | ||
300 | |||
296 | extern int tcp_twsk_unique(struct sock *sk, | 301 | extern int tcp_twsk_unique(struct sock *sk, |
297 | struct sock *sktw, void *twp); | 302 | struct sock *sktw, void *twp); |
298 | 303 | ||
@@ -628,7 +633,7 @@ struct tcp_congestion_ops { | |||
628 | /* return slow start threshold (required) */ | 633 | /* return slow start threshold (required) */ |
629 | u32 (*ssthresh)(struct sock *sk); | 634 | u32 (*ssthresh)(struct sock *sk); |
630 | /* lower bound for congestion window (optional) */ | 635 | /* lower bound for congestion window (optional) */ |
631 | u32 (*min_cwnd)(struct sock *sk); | 636 | u32 (*min_cwnd)(const struct sock *sk); |
632 | /* do new cwnd calculation (required) */ | 637 | /* do new cwnd calculation (required) */ |
633 | void (*cong_avoid)(struct sock *sk, u32 ack, | 638 | void (*cong_avoid)(struct sock *sk, u32 ack, |
634 | u32 rtt, u32 in_flight, int good_ack); | 639 | u32 rtt, u32 in_flight, int good_ack); |
@@ -663,7 +668,7 @@ extern struct tcp_congestion_ops tcp_init_congestion_ops; | |||
663 | extern u32 tcp_reno_ssthresh(struct sock *sk); | 668 | extern u32 tcp_reno_ssthresh(struct sock *sk); |
664 | extern void tcp_reno_cong_avoid(struct sock *sk, u32 ack, | 669 | extern void tcp_reno_cong_avoid(struct sock *sk, u32 ack, |
665 | u32 rtt, u32 in_flight, int flag); | 670 | u32 rtt, u32 in_flight, int flag); |
666 | extern u32 tcp_reno_min_cwnd(struct sock *sk); | 671 | extern u32 tcp_reno_min_cwnd(const struct sock *sk); |
667 | extern struct tcp_congestion_ops tcp_reno; | 672 | extern struct tcp_congestion_ops tcp_reno; |
668 | 673 | ||
669 | static inline void tcp_set_ca_state(struct sock *sk, const u8 ca_state) | 674 | static inline void tcp_set_ca_state(struct sock *sk, const u8 ca_state) |
@@ -817,6 +822,12 @@ static inline void tcp_prequeue_init(struct tcp_sock *tp) | |||
817 | tp->ucopy.len = 0; | 822 | tp->ucopy.len = 0; |
818 | tp->ucopy.memory = 0; | 823 | tp->ucopy.memory = 0; |
819 | skb_queue_head_init(&tp->ucopy.prequeue); | 824 | skb_queue_head_init(&tp->ucopy.prequeue); |
825 | #ifdef CONFIG_NET_DMA | ||
826 | tp->ucopy.dma_chan = NULL; | ||
827 | tp->ucopy.wakeup = 0; | ||
828 | tp->ucopy.pinned_list = NULL; | ||
829 | tp->ucopy.dma_cookie = 0; | ||
830 | #endif | ||
820 | } | 831 | } |
821 | 832 | ||
822 | /* Packet is added to VJ-style prequeue for processing in process | 833 | /* Packet is added to VJ-style prequeue for processing in process |
diff --git a/include/net/xfrm.h b/include/net/xfrm.h index afa508d92c9..9c5ee9f20b6 100644 --- a/include/net/xfrm.h +++ b/include/net/xfrm.h | |||
@@ -20,6 +20,8 @@ | |||
20 | #include <net/ip6_fib.h> | 20 | #include <net/ip6_fib.h> |
21 | 21 | ||
22 | #define XFRM_ALIGN8(len) (((len) + 7) & ~7) | 22 | #define XFRM_ALIGN8(len) (((len) + 7) & ~7) |
23 | #define MODULE_ALIAS_XFRM_MODE(family, encap) \ | ||
24 | MODULE_ALIAS("xfrm-mode-" __stringify(family) "-" __stringify(encap)) | ||
23 | 25 | ||
24 | extern struct sock *xfrm_nl; | 26 | extern struct sock *xfrm_nl; |
25 | extern u32 sysctl_xfrm_aevent_etime; | 27 | extern u32 sysctl_xfrm_aevent_etime; |
@@ -164,6 +166,7 @@ struct xfrm_state | |||
164 | /* Reference to data common to all the instances of this | 166 | /* Reference to data common to all the instances of this |
165 | * transformer. */ | 167 | * transformer. */ |
166 | struct xfrm_type *type; | 168 | struct xfrm_type *type; |
169 | struct xfrm_mode *mode; | ||
167 | 170 | ||
168 | /* Security context */ | 171 | /* Security context */ |
169 | struct xfrm_sec_ctx *security; | 172 | struct xfrm_sec_ctx *security; |
@@ -204,8 +207,8 @@ struct xfrm_type; | |||
204 | struct xfrm_dst; | 207 | struct xfrm_dst; |
205 | struct xfrm_policy_afinfo { | 208 | struct xfrm_policy_afinfo { |
206 | unsigned short family; | 209 | unsigned short family; |
207 | rwlock_t lock; | 210 | struct xfrm_type *type_map[IPPROTO_MAX]; |
208 | struct xfrm_type_map *type_map; | 211 | struct xfrm_mode *mode_map[XFRM_MODE_MAX]; |
209 | struct dst_ops *dst_ops; | 212 | struct dst_ops *dst_ops; |
210 | void (*garbage_collect)(void); | 213 | void (*garbage_collect)(void); |
211 | int (*dst_lookup)(struct xfrm_dst **dst, struct flowi *fl); | 214 | int (*dst_lookup)(struct xfrm_dst **dst, struct flowi *fl); |
@@ -232,7 +235,6 @@ extern int __xfrm_state_delete(struct xfrm_state *x); | |||
232 | 235 | ||
233 | struct xfrm_state_afinfo { | 236 | struct xfrm_state_afinfo { |
234 | unsigned short family; | 237 | unsigned short family; |
235 | rwlock_t lock; | ||
236 | struct list_head *state_bydst; | 238 | struct list_head *state_bydst; |
237 | struct list_head *state_byspi; | 239 | struct list_head *state_byspi; |
238 | int (*init_flags)(struct xfrm_state *x); | 240 | int (*init_flags)(struct xfrm_state *x); |
@@ -264,16 +266,24 @@ struct xfrm_type | |||
264 | u32 (*get_max_size)(struct xfrm_state *, int size); | 266 | u32 (*get_max_size)(struct xfrm_state *, int size); |
265 | }; | 267 | }; |
266 | 268 | ||
267 | struct xfrm_type_map { | ||
268 | rwlock_t lock; | ||
269 | struct xfrm_type *map[256]; | ||
270 | }; | ||
271 | |||
272 | extern int xfrm_register_type(struct xfrm_type *type, unsigned short family); | 269 | extern int xfrm_register_type(struct xfrm_type *type, unsigned short family); |
273 | extern int xfrm_unregister_type(struct xfrm_type *type, unsigned short family); | 270 | extern int xfrm_unregister_type(struct xfrm_type *type, unsigned short family); |
274 | extern struct xfrm_type *xfrm_get_type(u8 proto, unsigned short family); | 271 | extern struct xfrm_type *xfrm_get_type(u8 proto, unsigned short family); |
275 | extern void xfrm_put_type(struct xfrm_type *type); | 272 | extern void xfrm_put_type(struct xfrm_type *type); |
276 | 273 | ||
274 | struct xfrm_mode { | ||
275 | int (*input)(struct xfrm_state *x, struct sk_buff *skb); | ||
276 | int (*output)(struct sk_buff *skb); | ||
277 | |||
278 | struct module *owner; | ||
279 | unsigned int encap; | ||
280 | }; | ||
281 | |||
282 | extern int xfrm_register_mode(struct xfrm_mode *mode, int family); | ||
283 | extern int xfrm_unregister_mode(struct xfrm_mode *mode, int family); | ||
284 | extern struct xfrm_mode *xfrm_get_mode(unsigned int encap, int family); | ||
285 | extern void xfrm_put_mode(struct xfrm_mode *mode); | ||
286 | |||
277 | struct xfrm_tmpl | 287 | struct xfrm_tmpl |
278 | { | 288 | { |
279 | /* id in template is interpreted as: | 289 | /* id in template is interpreted as: |