aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/linux/dmaengine.h359
-rw-r--r--include/linux/igmp.h2
-rw-r--r--include/linux/netdevice.h45
-rw-r--r--include/linux/netfilter/nf_conntrack_common.h4
-rw-r--r--include/linux/netfilter/nfnetlink_conntrack.h4
-rw-r--r--include/linux/netfilter/xt_CONNSECMARK.h13
-rw-r--r--include/linux/netfilter/xt_SECMARK.h26
-rw-r--r--include/linux/netfilter/xt_quota.h16
-rw-r--r--include/linux/netfilter/xt_statistic.h32
-rw-r--r--include/linux/netfilter_ipv4/ip_conntrack.h6
-rw-r--r--include/linux/netfilter_ipv4/ip_conntrack_h323.h7
-rw-r--r--include/linux/netfilter_ipv4/ip_conntrack_helper_h323_types.h3
-rw-r--r--include/linux/netfilter_ipv4/ip_conntrack_sip.h44
-rw-r--r--include/linux/pci_ids.h2
-rw-r--r--include/linux/pfkeyv2.h2
-rw-r--r--include/linux/security.h40
-rw-r--r--include/linux/selinux.h32
-rw-r--r--include/linux/skbuff.h74
-rw-r--r--include/linux/sysctl.h4
-rw-r--r--include/linux/tcp.h8
-rw-r--r--include/linux/xfrm.h4
-rw-r--r--include/net/ip.h1
-rw-r--r--include/net/llc_if.h17
-rw-r--r--include/net/netdma.h44
-rw-r--r--include/net/netfilter/nf_conntrack.h5
-rw-r--r--include/net/netfilter/nf_conntrack_compat.h26
-rw-r--r--include/net/raw.h2
-rw-r--r--include/net/sctp/sctp.h2
-rw-r--r--include/net/sctp/structs.h3
-rw-r--r--include/net/sock.h20
-rw-r--r--include/net/tcp.h15
-rw-r--r--include/net/xfrm.h26
32 files changed, 833 insertions, 55 deletions
diff --git a/include/linux/dmaengine.h b/include/linux/dmaengine.h
new file mode 100644
index 00000000000..78b236ca04f
--- /dev/null
+++ b/include/linux/dmaengine.h
@@ -0,0 +1,359 @@
1/*
2 * Copyright(c) 2004 - 2006 Intel Corporation. All rights reserved.
3 *
4 * This program is free software; you can redistribute it and/or modify it
5 * under the terms of the GNU General Public License as published by the Free
6 * Software Foundation; either version 2 of the License, or (at your option)
7 * any later version.
8 *
9 * This program is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
12 * more details.
13 *
14 * You should have received a copy of the GNU General Public License along with
15 * this program; if not, write to the Free Software Foundation, Inc., 59
16 * Temple Place - Suite 330, Boston, MA 02111-1307, USA.
17 *
18 * The full GNU General Public License is included in this distribution in the
19 * file called COPYING.
20 */
21#ifndef DMAENGINE_H
22#define DMAENGINE_H
23#include <linux/config.h>
24#ifdef CONFIG_DMA_ENGINE
25
26#include <linux/device.h>
27#include <linux/uio.h>
28#include <linux/kref.h>
29#include <linux/completion.h>
30#include <linux/rcupdate.h>
31
32/**
33 * enum dma_event - resource PNP/power managment events
34 * @DMA_RESOURCE_SUSPEND: DMA device going into low power state
35 * @DMA_RESOURCE_RESUME: DMA device returning to full power
36 * @DMA_RESOURCE_ADDED: DMA device added to the system
37 * @DMA_RESOURCE_REMOVED: DMA device removed from the system
38 */
39enum dma_event {
40 DMA_RESOURCE_SUSPEND,
41 DMA_RESOURCE_RESUME,
42 DMA_RESOURCE_ADDED,
43 DMA_RESOURCE_REMOVED,
44};
45
46/**
47 * typedef dma_cookie_t
48 *
49 * if dma_cookie_t is >0 it's a DMA request cookie, <0 it's an error code
50 */
51typedef s32 dma_cookie_t;
52
53#define dma_submit_error(cookie) ((cookie) < 0 ? 1 : 0)
54
55/**
56 * enum dma_status - DMA transaction status
57 * @DMA_SUCCESS: transaction completed successfully
58 * @DMA_IN_PROGRESS: transaction not yet processed
59 * @DMA_ERROR: transaction failed
60 */
61enum dma_status {
62 DMA_SUCCESS,
63 DMA_IN_PROGRESS,
64 DMA_ERROR,
65};
66
67/**
68 * struct dma_chan_percpu - the per-CPU part of struct dma_chan
69 * @refcount: local_t used for open-coded "bigref" counting
70 * @memcpy_count: transaction counter
71 * @bytes_transferred: byte counter
72 */
73
74struct dma_chan_percpu {
75 local_t refcount;
76 /* stats */
77 unsigned long memcpy_count;
78 unsigned long bytes_transferred;
79};
80
81/**
82 * struct dma_chan - devices supply DMA channels, clients use them
83 * @client: ptr to the client user of this chan, will be NULL when unused
84 * @device: ptr to the dma device who supplies this channel, always !NULL
85 * @cookie: last cookie value returned to client
86 * @chan_id:
87 * @class_dev:
88 * @refcount: kref, used in "bigref" slow-mode
89 * @slow_ref:
90 * @rcu:
91 * @client_node: used to add this to the client chan list
92 * @device_node: used to add this to the device chan list
93 * @local: per-cpu pointer to a struct dma_chan_percpu
94 */
95struct dma_chan {
96 struct dma_client *client;
97 struct dma_device *device;
98 dma_cookie_t cookie;
99
100 /* sysfs */
101 int chan_id;
102 struct class_device class_dev;
103
104 struct kref refcount;
105 int slow_ref;
106 struct rcu_head rcu;
107
108 struct list_head client_node;
109 struct list_head device_node;
110 struct dma_chan_percpu *local;
111};
112
113void dma_chan_cleanup(struct kref *kref);
114
115static inline void dma_chan_get(struct dma_chan *chan)
116{
117 if (unlikely(chan->slow_ref))
118 kref_get(&chan->refcount);
119 else {
120 local_inc(&(per_cpu_ptr(chan->local, get_cpu())->refcount));
121 put_cpu();
122 }
123}
124
125static inline void dma_chan_put(struct dma_chan *chan)
126{
127 if (unlikely(chan->slow_ref))
128 kref_put(&chan->refcount, dma_chan_cleanup);
129 else {
130 local_dec(&(per_cpu_ptr(chan->local, get_cpu())->refcount));
131 put_cpu();
132 }
133}
134
135/*
136 * typedef dma_event_callback - function pointer to a DMA event callback
137 */
138typedef void (*dma_event_callback) (struct dma_client *client,
139 struct dma_chan *chan, enum dma_event event);
140
141/**
142 * struct dma_client - info on the entity making use of DMA services
143 * @event_callback: func ptr to call when something happens
144 * @chan_count: number of chans allocated
145 * @chans_desired: number of chans requested. Can be +/- chan_count
146 * @lock: protects access to the channels list
147 * @channels: the list of DMA channels allocated
148 * @global_node: list_head for global dma_client_list
149 */
150struct dma_client {
151 dma_event_callback event_callback;
152 unsigned int chan_count;
153 unsigned int chans_desired;
154
155 spinlock_t lock;
156 struct list_head channels;
157 struct list_head global_node;
158};
159
160/**
161 * struct dma_device - info on the entity supplying DMA services
162 * @chancnt: how many DMA channels are supported
163 * @channels: the list of struct dma_chan
164 * @global_node: list_head for global dma_device_list
165 * @refcount:
166 * @done:
167 * @dev_id:
168 * Other func ptrs: used to make use of this device's capabilities
169 */
170struct dma_device {
171
172 unsigned int chancnt;
173 struct list_head channels;
174 struct list_head global_node;
175
176 struct kref refcount;
177 struct completion done;
178
179 int dev_id;
180
181 int (*device_alloc_chan_resources)(struct dma_chan *chan);
182 void (*device_free_chan_resources)(struct dma_chan *chan);
183 dma_cookie_t (*device_memcpy_buf_to_buf)(struct dma_chan *chan,
184 void *dest, void *src, size_t len);
185 dma_cookie_t (*device_memcpy_buf_to_pg)(struct dma_chan *chan,
186 struct page *page, unsigned int offset, void *kdata,
187 size_t len);
188 dma_cookie_t (*device_memcpy_pg_to_pg)(struct dma_chan *chan,
189 struct page *dest_pg, unsigned int dest_off,
190 struct page *src_pg, unsigned int src_off, size_t len);
191 enum dma_status (*device_memcpy_complete)(struct dma_chan *chan,
192 dma_cookie_t cookie, dma_cookie_t *last,
193 dma_cookie_t *used);
194 void (*device_memcpy_issue_pending)(struct dma_chan *chan);
195};
196
197/* --- public DMA engine API --- */
198
199struct dma_client *dma_async_client_register(dma_event_callback event_callback);
200void dma_async_client_unregister(struct dma_client *client);
201void dma_async_client_chan_request(struct dma_client *client,
202 unsigned int number);
203
204/**
205 * dma_async_memcpy_buf_to_buf - offloaded copy between virtual addresses
206 * @chan: DMA channel to offload copy to
207 * @dest: destination address (virtual)
208 * @src: source address (virtual)
209 * @len: length
210 *
211 * Both @dest and @src must be mappable to a bus address according to the
212 * DMA mapping API rules for streaming mappings.
213 * Both @dest and @src must stay memory resident (kernel memory or locked
214 * user space pages)
215 */
216static inline dma_cookie_t dma_async_memcpy_buf_to_buf(struct dma_chan *chan,
217 void *dest, void *src, size_t len)
218{
219 int cpu = get_cpu();
220 per_cpu_ptr(chan->local, cpu)->bytes_transferred += len;
221 per_cpu_ptr(chan->local, cpu)->memcpy_count++;
222 put_cpu();
223
224 return chan->device->device_memcpy_buf_to_buf(chan, dest, src, len);
225}
226
227/**
228 * dma_async_memcpy_buf_to_pg - offloaded copy
229 * @chan: DMA channel to offload copy to
230 * @page: destination page
231 * @offset: offset in page to copy to
232 * @kdata: source address (virtual)
233 * @len: length
234 *
235 * Both @page/@offset and @kdata must be mappable to a bus address according
236 * to the DMA mapping API rules for streaming mappings.
237 * Both @page/@offset and @kdata must stay memory resident (kernel memory or
238 * locked user space pages)
239 */
240static inline dma_cookie_t dma_async_memcpy_buf_to_pg(struct dma_chan *chan,
241 struct page *page, unsigned int offset, void *kdata, size_t len)
242{
243 int cpu = get_cpu();
244 per_cpu_ptr(chan->local, cpu)->bytes_transferred += len;
245 per_cpu_ptr(chan->local, cpu)->memcpy_count++;
246 put_cpu();
247
248 return chan->device->device_memcpy_buf_to_pg(chan, page, offset,
249 kdata, len);
250}
251
252/**
253 * dma_async_memcpy_buf_to_pg - offloaded copy
254 * @chan: DMA channel to offload copy to
255 * @dest_page: destination page
256 * @dest_off: offset in page to copy to
257 * @src_page: source page
258 * @src_off: offset in page to copy from
259 * @len: length
260 *
261 * Both @dest_page/@dest_off and @src_page/@src_off must be mappable to a bus
262 * address according to the DMA mapping API rules for streaming mappings.
263 * Both @dest_page/@dest_off and @src_page/@src_off must stay memory resident
264 * (kernel memory or locked user space pages)
265 */
266static inline dma_cookie_t dma_async_memcpy_pg_to_pg(struct dma_chan *chan,
267 struct page *dest_pg, unsigned int dest_off, struct page *src_pg,
268 unsigned int src_off, size_t len)
269{
270 int cpu = get_cpu();
271 per_cpu_ptr(chan->local, cpu)->bytes_transferred += len;
272 per_cpu_ptr(chan->local, cpu)->memcpy_count++;
273 put_cpu();
274
275 return chan->device->device_memcpy_pg_to_pg(chan, dest_pg, dest_off,
276 src_pg, src_off, len);
277}
278
279/**
280 * dma_async_memcpy_issue_pending - flush pending copies to HW
281 * @chan:
282 *
283 * This allows drivers to push copies to HW in batches,
284 * reducing MMIO writes where possible.
285 */
286static inline void dma_async_memcpy_issue_pending(struct dma_chan *chan)
287{
288 return chan->device->device_memcpy_issue_pending(chan);
289}
290
291/**
292 * dma_async_memcpy_complete - poll for transaction completion
293 * @chan: DMA channel
294 * @cookie: transaction identifier to check status of
295 * @last: returns last completed cookie, can be NULL
296 * @used: returns last issued cookie, can be NULL
297 *
298 * If @last and @used are passed in, upon return they reflect the driver
299 * internal state and can be used with dma_async_is_complete() to check
300 * the status of multiple cookies without re-checking hardware state.
301 */
302static inline enum dma_status dma_async_memcpy_complete(struct dma_chan *chan,
303 dma_cookie_t cookie, dma_cookie_t *last, dma_cookie_t *used)
304{
305 return chan->device->device_memcpy_complete(chan, cookie, last, used);
306}
307
308/**
309 * dma_async_is_complete - test a cookie against chan state
310 * @cookie: transaction identifier to test status of
311 * @last_complete: last know completed transaction
312 * @last_used: last cookie value handed out
313 *
314 * dma_async_is_complete() is used in dma_async_memcpy_complete()
315 * the test logic is seperated for lightweight testing of multiple cookies
316 */
317static inline enum dma_status dma_async_is_complete(dma_cookie_t cookie,
318 dma_cookie_t last_complete, dma_cookie_t last_used)
319{
320 if (last_complete <= last_used) {
321 if ((cookie <= last_complete) || (cookie > last_used))
322 return DMA_SUCCESS;
323 } else {
324 if ((cookie <= last_complete) && (cookie > last_used))
325 return DMA_SUCCESS;
326 }
327 return DMA_IN_PROGRESS;
328}
329
330
331/* --- DMA device --- */
332
333int dma_async_device_register(struct dma_device *device);
334void dma_async_device_unregister(struct dma_device *device);
335
336/* --- Helper iov-locking functions --- */
337
338struct dma_page_list {
339 char *base_address;
340 int nr_pages;
341 struct page **pages;
342};
343
344struct dma_pinned_list {
345 int nr_iovecs;
346 struct dma_page_list page_list[0];
347};
348
349struct dma_pinned_list *dma_pin_iovec_pages(struct iovec *iov, size_t len);
350void dma_unpin_iovec_pages(struct dma_pinned_list* pinned_list);
351
352dma_cookie_t dma_memcpy_to_iovec(struct dma_chan *chan, struct iovec *iov,
353 struct dma_pinned_list *pinned_list, unsigned char *kdata, size_t len);
354dma_cookie_t dma_memcpy_pg_to_iovec(struct dma_chan *chan, struct iovec *iov,
355 struct dma_pinned_list *pinned_list, struct page *page,
356 unsigned int offset, size_t len);
357
358#endif /* CONFIG_DMA_ENGINE */
359#endif /* DMAENGINE_H */
diff --git a/include/linux/igmp.h b/include/linux/igmp.h
index 28f4f3b3695..899c3d4776f 100644
--- a/include/linux/igmp.h
+++ b/include/linux/igmp.h
@@ -169,7 +169,7 @@ struct ip_sf_list
169struct ip_mc_list 169struct ip_mc_list
170{ 170{
171 struct in_device *interface; 171 struct in_device *interface;
172 unsigned long multiaddr; 172 __be32 multiaddr;
173 struct ip_sf_list *sources; 173 struct ip_sf_list *sources;
174 struct ip_sf_list *tomb; 174 struct ip_sf_list *tomb;
175 unsigned int sfmode; 175 unsigned int sfmode;
diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h
index f4169bbb60e..e432b743dda 100644
--- a/include/linux/netdevice.h
+++ b/include/linux/netdevice.h
@@ -37,6 +37,7 @@
37#include <linux/config.h> 37#include <linux/config.h>
38#include <linux/device.h> 38#include <linux/device.h>
39#include <linux/percpu.h> 39#include <linux/percpu.h>
40#include <linux/dmaengine.h>
40 41
41struct divert_blk; 42struct divert_blk;
42struct vlan_group; 43struct vlan_group;
@@ -311,6 +312,9 @@ struct net_device
311#define NETIF_F_LLTX 4096 /* LockLess TX */ 312#define NETIF_F_LLTX 4096 /* LockLess TX */
312#define NETIF_F_UFO 8192 /* Can offload UDP Large Send*/ 313#define NETIF_F_UFO 8192 /* Can offload UDP Large Send*/
313 314
315#define NETIF_F_GEN_CSUM (NETIF_F_NO_CSUM | NETIF_F_HW_CSUM)
316#define NETIF_F_ALL_CSUM (NETIF_F_IP_CSUM | NETIF_F_GEN_CSUM)
317
314 struct net_device *next_sched; 318 struct net_device *next_sched;
315 319
316 /* Interface index. Unique device identifier */ 320 /* Interface index. Unique device identifier */
@@ -406,7 +410,7 @@ struct net_device
406 * One part is mostly used on xmit path (device) 410 * One part is mostly used on xmit path (device)
407 */ 411 */
408 /* hard_start_xmit synchronizer */ 412 /* hard_start_xmit synchronizer */
409 spinlock_t xmit_lock ____cacheline_aligned_in_smp; 413 spinlock_t _xmit_lock ____cacheline_aligned_in_smp;
410 /* cpu id of processor entered to hard_start_xmit or -1, 414 /* cpu id of processor entered to hard_start_xmit or -1,
411 if nobody entered there. 415 if nobody entered there.
412 */ 416 */
@@ -593,6 +597,9 @@ struct softnet_data
593 struct sk_buff *completion_queue; 597 struct sk_buff *completion_queue;
594 598
595 struct net_device backlog_dev; /* Sorry. 8) */ 599 struct net_device backlog_dev; /* Sorry. 8) */
600#ifdef CONFIG_NET_DMA
601 struct dma_chan *net_dma;
602#endif
596}; 603};
597 604
598DECLARE_PER_CPU(struct softnet_data,softnet_data); 605DECLARE_PER_CPU(struct softnet_data,softnet_data);
@@ -889,11 +896,43 @@ static inline void __netif_rx_complete(struct net_device *dev)
889 clear_bit(__LINK_STATE_RX_SCHED, &dev->state); 896 clear_bit(__LINK_STATE_RX_SCHED, &dev->state);
890} 897}
891 898
899static inline void netif_tx_lock(struct net_device *dev)
900{
901 spin_lock(&dev->_xmit_lock);
902 dev->xmit_lock_owner = smp_processor_id();
903}
904
905static inline void netif_tx_lock_bh(struct net_device *dev)
906{
907 spin_lock_bh(&dev->_xmit_lock);
908 dev->xmit_lock_owner = smp_processor_id();
909}
910
911static inline int netif_tx_trylock(struct net_device *dev)
912{
913 int err = spin_trylock(&dev->_xmit_lock);
914 if (!err)
915 dev->xmit_lock_owner = smp_processor_id();
916 return err;
917}
918
919static inline void netif_tx_unlock(struct net_device *dev)
920{
921 dev->xmit_lock_owner = -1;
922 spin_unlock(&dev->_xmit_lock);
923}
924
925static inline void netif_tx_unlock_bh(struct net_device *dev)
926{
927 dev->xmit_lock_owner = -1;
928 spin_unlock_bh(&dev->_xmit_lock);
929}
930
892static inline void netif_tx_disable(struct net_device *dev) 931static inline void netif_tx_disable(struct net_device *dev)
893{ 932{
894 spin_lock_bh(&dev->xmit_lock); 933 netif_tx_lock_bh(dev);
895 netif_stop_queue(dev); 934 netif_stop_queue(dev);
896 spin_unlock_bh(&dev->xmit_lock); 935 netif_tx_unlock_bh(dev);
897} 936}
898 937
899/* These functions live elsewhere (drivers/net/net_init.c, but related) */ 938/* These functions live elsewhere (drivers/net/net_init.c, but related) */
diff --git a/include/linux/netfilter/nf_conntrack_common.h b/include/linux/netfilter/nf_conntrack_common.h
index 3ff88c87830..d2e4bd7a7a1 100644
--- a/include/linux/netfilter/nf_conntrack_common.h
+++ b/include/linux/netfilter/nf_conntrack_common.h
@@ -69,6 +69,10 @@ enum ip_conntrack_status {
69 /* Connection is dying (removed from lists), can not be unset. */ 69 /* Connection is dying (removed from lists), can not be unset. */
70 IPS_DYING_BIT = 9, 70 IPS_DYING_BIT = 9,
71 IPS_DYING = (1 << IPS_DYING_BIT), 71 IPS_DYING = (1 << IPS_DYING_BIT),
72
73 /* Connection has fixed timeout. */
74 IPS_FIXED_TIMEOUT_BIT = 10,
75 IPS_FIXED_TIMEOUT = (1 << IPS_FIXED_TIMEOUT_BIT),
72}; 76};
73 77
74/* Connection tracking event bits */ 78/* Connection tracking event bits */
diff --git a/include/linux/netfilter/nfnetlink_conntrack.h b/include/linux/netfilter/nfnetlink_conntrack.h
index 668ec946c8e..b5883ccee29 100644
--- a/include/linux/netfilter/nfnetlink_conntrack.h
+++ b/include/linux/netfilter/nfnetlink_conntrack.h
@@ -27,13 +27,15 @@ enum ctattr_type {
27 CTA_STATUS, 27 CTA_STATUS,
28 CTA_PROTOINFO, 28 CTA_PROTOINFO,
29 CTA_HELP, 29 CTA_HELP,
30 CTA_NAT, 30 CTA_NAT_SRC,
31#define CTA_NAT CTA_NAT_SRC /* backwards compatibility */
31 CTA_TIMEOUT, 32 CTA_TIMEOUT,
32 CTA_MARK, 33 CTA_MARK,
33 CTA_COUNTERS_ORIG, 34 CTA_COUNTERS_ORIG,
34 CTA_COUNTERS_REPLY, 35 CTA_COUNTERS_REPLY,
35 CTA_USE, 36 CTA_USE,
36 CTA_ID, 37 CTA_ID,
38 CTA_NAT_DST,
37 __CTA_MAX 39 __CTA_MAX
38}; 40};
39#define CTA_MAX (__CTA_MAX - 1) 41#define CTA_MAX (__CTA_MAX - 1)
diff --git a/include/linux/netfilter/xt_CONNSECMARK.h b/include/linux/netfilter/xt_CONNSECMARK.h
new file mode 100644
index 00000000000..c6bd75469ba
--- /dev/null
+++ b/include/linux/netfilter/xt_CONNSECMARK.h
@@ -0,0 +1,13 @@
1#ifndef _XT_CONNSECMARK_H_target
2#define _XT_CONNSECMARK_H_target
3
4enum {
5 CONNSECMARK_SAVE = 1,
6 CONNSECMARK_RESTORE,
7};
8
9struct xt_connsecmark_target_info {
10 u_int8_t mode;
11};
12
13#endif /*_XT_CONNSECMARK_H_target */
diff --git a/include/linux/netfilter/xt_SECMARK.h b/include/linux/netfilter/xt_SECMARK.h
new file mode 100644
index 00000000000..c53fbffa997
--- /dev/null
+++ b/include/linux/netfilter/xt_SECMARK.h
@@ -0,0 +1,26 @@
1#ifndef _XT_SECMARK_H_target
2#define _XT_SECMARK_H_target
3
4/*
5 * This is intended for use by various security subsystems (but not
6 * at the same time).
7 *
8 * 'mode' refers to the specific security subsystem which the
9 * packets are being marked for.
10 */
11#define SECMARK_MODE_SEL 0x01 /* SELinux */
12#define SECMARK_SELCTX_MAX 256
13
14struct xt_secmark_target_selinux_info {
15 u_int32_t selsid;
16 char selctx[SECMARK_SELCTX_MAX];
17};
18
19struct xt_secmark_target_info {
20 u_int8_t mode;
21 union {
22 struct xt_secmark_target_selinux_info sel;
23 } u;
24};
25
26#endif /*_XT_SECMARK_H_target */
diff --git a/include/linux/netfilter/xt_quota.h b/include/linux/netfilter/xt_quota.h
new file mode 100644
index 00000000000..acd7fd77bbe
--- /dev/null
+++ b/include/linux/netfilter/xt_quota.h
@@ -0,0 +1,16 @@
1#ifndef _XT_QUOTA_H
2#define _XT_QUOTA_H
3
4enum xt_quota_flags {
5 XT_QUOTA_INVERT = 0x1,
6};
7#define XT_QUOTA_MASK 0x1
8
9struct xt_quota_info {
10 u_int32_t flags;
11 u_int32_t pad;
12 aligned_u64 quota;
13 struct xt_quota_info *master;
14};
15
16#endif /* _XT_QUOTA_H */
diff --git a/include/linux/netfilter/xt_statistic.h b/include/linux/netfilter/xt_statistic.h
new file mode 100644
index 00000000000..c344e9916e2
--- /dev/null
+++ b/include/linux/netfilter/xt_statistic.h
@@ -0,0 +1,32 @@
1#ifndef _XT_STATISTIC_H
2#define _XT_STATISTIC_H
3
4enum xt_statistic_mode {
5 XT_STATISTIC_MODE_RANDOM,
6 XT_STATISTIC_MODE_NTH,
7 __XT_STATISTIC_MODE_MAX
8};
9#define XT_STATISTIC_MODE_MAX (__XT_STATISTIC_MODE_MAX - 1)
10
11enum xt_statistic_flags {
12 XT_STATISTIC_INVERT = 0x1,
13};
14#define XT_STATISTIC_MASK 0x1
15
16struct xt_statistic_info {
17 u_int16_t mode;
18 u_int16_t flags;
19 union {
20 struct {
21 u_int32_t probability;
22 } random;
23 struct {
24 u_int32_t every;
25 u_int32_t packet;
26 u_int32_t count;
27 } nth;
28 } u;
29 struct xt_statistic_info *master __attribute__((aligned(8)));
30};
31
32#endif /* _XT_STATISTIC_H */
diff --git a/include/linux/netfilter_ipv4/ip_conntrack.h b/include/linux/netfilter_ipv4/ip_conntrack.h
index d54d7b278e9..e0e9951eb8c 100644
--- a/include/linux/netfilter_ipv4/ip_conntrack.h
+++ b/include/linux/netfilter_ipv4/ip_conntrack.h
@@ -121,6 +121,10 @@ struct ip_conntrack
121 u_int32_t mark; 121 u_int32_t mark;
122#endif 122#endif
123 123
124#ifdef CONFIG_IP_NF_CONNTRACK_SECMARK
125 u_int32_t secmark;
126#endif
127
124 /* Traversed often, so hopefully in different cacheline to top */ 128 /* Traversed often, so hopefully in different cacheline to top */
125 /* These are my tuples; original and reply */ 129 /* These are my tuples; original and reply */
126 struct ip_conntrack_tuple_hash tuplehash[IP_CT_DIR_MAX]; 130 struct ip_conntrack_tuple_hash tuplehash[IP_CT_DIR_MAX];
@@ -154,6 +158,7 @@ struct ip_conntrack_expect
154 unsigned int flags; 158 unsigned int flags;
155 159
156#ifdef CONFIG_IP_NF_NAT_NEEDED 160#ifdef CONFIG_IP_NF_NAT_NEEDED
161 u_int32_t saved_ip;
157 /* This is the original per-proto part, used to map the 162 /* This is the original per-proto part, used to map the
158 * expected connection the way the recipient expects. */ 163 * expected connection the way the recipient expects. */
159 union ip_conntrack_manip_proto saved_proto; 164 union ip_conntrack_manip_proto saved_proto;
@@ -293,6 +298,7 @@ static inline int is_dying(struct ip_conntrack *ct)
293} 298}
294 299
295extern unsigned int ip_conntrack_htable_size; 300extern unsigned int ip_conntrack_htable_size;
301extern int ip_conntrack_checksum;
296 302
297#define CONNTRACK_STAT_INC(count) (__get_cpu_var(ip_conntrack_stat).count++) 303#define CONNTRACK_STAT_INC(count) (__get_cpu_var(ip_conntrack_stat).count++)
298 304
diff --git a/include/linux/netfilter_ipv4/ip_conntrack_h323.h b/include/linux/netfilter_ipv4/ip_conntrack_h323.h
index eace86bd2ad..3cbff737900 100644
--- a/include/linux/netfilter_ipv4/ip_conntrack_h323.h
+++ b/include/linux/netfilter_ipv4/ip_conntrack_h323.h
@@ -71,6 +71,13 @@ extern int (*nat_h245_hook) (struct sk_buff ** pskb, struct ip_conntrack * ct,
71 unsigned char **data, int dataoff, 71 unsigned char **data, int dataoff,
72 TransportAddress * addr, u_int16_t port, 72 TransportAddress * addr, u_int16_t port,
73 struct ip_conntrack_expect * exp); 73 struct ip_conntrack_expect * exp);
74extern int (*nat_callforwarding_hook) (struct sk_buff ** pskb,
75 struct ip_conntrack * ct,
76 enum ip_conntrack_info ctinfo,
77 unsigned char **data, int dataoff,
78 TransportAddress * addr,
79 u_int16_t port,
80 struct ip_conntrack_expect * exp);
74extern int (*nat_q931_hook) (struct sk_buff ** pskb, struct ip_conntrack * ct, 81extern int (*nat_q931_hook) (struct sk_buff ** pskb, struct ip_conntrack * ct,
75 enum ip_conntrack_info ctinfo, 82 enum ip_conntrack_info ctinfo,
76 unsigned char **data, TransportAddress * addr, 83 unsigned char **data, TransportAddress * addr,
diff --git a/include/linux/netfilter_ipv4/ip_conntrack_helper_h323_types.h b/include/linux/netfilter_ipv4/ip_conntrack_helper_h323_types.h
index cc98f7aa5ab..3d4a773799f 100644
--- a/include/linux/netfilter_ipv4/ip_conntrack_helper_h323_types.h
+++ b/include/linux/netfilter_ipv4/ip_conntrack_helper_h323_types.h
@@ -1,4 +1,4 @@
1/* Generated by Jing Min Zhao's ASN.1 parser, Mar 15 2006 1/* Generated by Jing Min Zhao's ASN.1 parser, Apr 20 2006
2 * 2 *
3 * Copyright (c) 2006 Jing Min Zhao <zhaojingmin@users.sourceforge.net> 3 * Copyright (c) 2006 Jing Min Zhao <zhaojingmin@users.sourceforge.net>
4 * 4 *
@@ -412,6 +412,7 @@ typedef struct Facility_UUIE { /* SEQUENCE */
412 eFacility_UUIE_destinationInfo = (1 << 14), 412 eFacility_UUIE_destinationInfo = (1 << 14),
413 eFacility_UUIE_h245SecurityMode = (1 << 13), 413 eFacility_UUIE_h245SecurityMode = (1 << 13),
414 } options; 414 } options;
415 TransportAddress alternativeAddress;
415 FacilityReason reason; 416 FacilityReason reason;
416 TransportAddress h245Address; 417 TransportAddress h245Address;
417 Facility_UUIE_fastStart fastStart; 418 Facility_UUIE_fastStart fastStart;
diff --git a/include/linux/netfilter_ipv4/ip_conntrack_sip.h b/include/linux/netfilter_ipv4/ip_conntrack_sip.h
new file mode 100644
index 00000000000..913dad66c0f
--- /dev/null
+++ b/include/linux/netfilter_ipv4/ip_conntrack_sip.h
@@ -0,0 +1,44 @@
1#ifndef __IP_CONNTRACK_SIP_H__
2#define __IP_CONNTRACK_SIP_H__
3#ifdef __KERNEL__
4
5#define SIP_PORT 5060
6#define SIP_TIMEOUT 3600
7
8#define POS_VIA 0
9#define POS_CONTACT 1
10#define POS_CONTENT 2
11#define POS_MEDIA 3
12#define POS_OWNER 4
13#define POS_CONNECTION 5
14#define POS_REQ_HEADER 6
15#define POS_SDP_HEADER 7
16
17struct sip_header_nfo {
18 const char *lname;
19 const char *sname;
20 const char *ln_str;
21 size_t lnlen;
22 size_t snlen;
23 size_t ln_strlen;
24 int (*match_len)(const char *, const char *, int *);
25};
26
27extern unsigned int (*ip_nat_sip_hook)(struct sk_buff **pskb,
28 enum ip_conntrack_info ctinfo,
29 struct ip_conntrack *ct,
30 const char **dptr);
31extern unsigned int (*ip_nat_sdp_hook)(struct sk_buff **pskb,
32 enum ip_conntrack_info ctinfo,
33 struct ip_conntrack_expect *exp,
34 const char *dptr);
35
36extern int ct_sip_get_info(const char *dptr, size_t dlen,
37 unsigned int *matchoff,
38 unsigned int *matchlen,
39 struct sip_header_nfo *hnfo);
40extern int ct_sip_lnlen(const char *line, const char *limit);
41extern const char *ct_sip_search(const char *needle, const char *haystack,
42 size_t needle_len, size_t haystack_len);
43#endif /* __KERNEL__ */
44#endif /* __IP_CONNTRACK_SIP_H__ */
diff --git a/include/linux/pci_ids.h b/include/linux/pci_ids.h
index c3fe769c912..bcfe9d4f56a 100644
--- a/include/linux/pci_ids.h
+++ b/include/linux/pci_ids.h
@@ -1897,6 +1897,7 @@
1897#define PCI_DEVICE_ID_TIGON3_5751F 0x167e 1897#define PCI_DEVICE_ID_TIGON3_5751F 0x167e
1898#define PCI_DEVICE_ID_TIGON3_5787M 0x1693 1898#define PCI_DEVICE_ID_TIGON3_5787M 0x1693
1899#define PCI_DEVICE_ID_TIGON3_5782 0x1696 1899#define PCI_DEVICE_ID_TIGON3_5782 0x1696
1900#define PCI_DEVICE_ID_TIGON3_5786 0x169a
1900#define PCI_DEVICE_ID_TIGON3_5787 0x169b 1901#define PCI_DEVICE_ID_TIGON3_5787 0x169b
1901#define PCI_DEVICE_ID_TIGON3_5788 0x169c 1902#define PCI_DEVICE_ID_TIGON3_5788 0x169c
1902#define PCI_DEVICE_ID_TIGON3_5789 0x169d 1903#define PCI_DEVICE_ID_TIGON3_5789 0x169d
@@ -2053,6 +2054,7 @@
2053#define PCI_DEVICE_ID_INTEL_80960_RP 0x1960 2054#define PCI_DEVICE_ID_INTEL_80960_RP 0x1960
2054#define PCI_DEVICE_ID_INTEL_82840_HB 0x1a21 2055#define PCI_DEVICE_ID_INTEL_82840_HB 0x1a21
2055#define PCI_DEVICE_ID_INTEL_82845_HB 0x1a30 2056#define PCI_DEVICE_ID_INTEL_82845_HB 0x1a30
2057#define PCI_DEVICE_ID_INTEL_IOAT 0x1a38
2056#define PCI_DEVICE_ID_INTEL_82801AA_0 0x2410 2058#define PCI_DEVICE_ID_INTEL_82801AA_0 0x2410
2057#define PCI_DEVICE_ID_INTEL_82801AA_1 0x2411 2059#define PCI_DEVICE_ID_INTEL_82801AA_1 0x2411
2058#define PCI_DEVICE_ID_INTEL_82801AA_3 0x2413 2060#define PCI_DEVICE_ID_INTEL_82801AA_3 0x2413
diff --git a/include/linux/pfkeyv2.h b/include/linux/pfkeyv2.h
index bac0fb389cf..d5dd471da22 100644
--- a/include/linux/pfkeyv2.h
+++ b/include/linux/pfkeyv2.h
@@ -159,7 +159,7 @@ struct sadb_spirange {
159struct sadb_x_kmprivate { 159struct sadb_x_kmprivate {
160 uint16_t sadb_x_kmprivate_len; 160 uint16_t sadb_x_kmprivate_len;
161 uint16_t sadb_x_kmprivate_exttype; 161 uint16_t sadb_x_kmprivate_exttype;
162 u_int32_t sadb_x_kmprivate_reserved; 162 uint32_t sadb_x_kmprivate_reserved;
163} __attribute__((packed)); 163} __attribute__((packed));
164/* sizeof(struct sadb_x_kmprivate) == 8 */ 164/* sizeof(struct sadb_x_kmprivate) == 8 */
165 165
diff --git a/include/linux/security.h b/include/linux/security.h
index 1bab48f6aea..4dfb1b84a9b 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -805,31 +805,37 @@ struct swap_info_struct;
805 * used by the XFRM system. 805 * used by the XFRM system.
806 * @sec_ctx contains the security context information being provided by 806 * @sec_ctx contains the security context information being provided by
807 * the user-level policy update program (e.g., setkey). 807 * the user-level policy update program (e.g., setkey).
808 * Allocate a security structure to the xp->selector.security field. 808 * Allocate a security structure to the xp->security field.
809 * The security field is initialized to NULL when the xfrm_policy is 809 * The security field is initialized to NULL when the xfrm_policy is
810 * allocated. 810 * allocated.
811 * Return 0 if operation was successful (memory to allocate, legal context) 811 * Return 0 if operation was successful (memory to allocate, legal context)
812 * @xfrm_policy_clone_security: 812 * @xfrm_policy_clone_security:
813 * @old contains an existing xfrm_policy in the SPD. 813 * @old contains an existing xfrm_policy in the SPD.
814 * @new contains a new xfrm_policy being cloned from old. 814 * @new contains a new xfrm_policy being cloned from old.
815 * Allocate a security structure to the new->selector.security field 815 * Allocate a security structure to the new->security field
816 * that contains the information from the old->selector.security field. 816 * that contains the information from the old->security field.
817 * Return 0 if operation was successful (memory to allocate). 817 * Return 0 if operation was successful (memory to allocate).
818 * @xfrm_policy_free_security: 818 * @xfrm_policy_free_security:
819 * @xp contains the xfrm_policy 819 * @xp contains the xfrm_policy
820 * Deallocate xp->selector.security. 820 * Deallocate xp->security.
821 * @xfrm_policy_delete_security:
822 * @xp contains the xfrm_policy.
823 * Authorize deletion of xp->security.
821 * @xfrm_state_alloc_security: 824 * @xfrm_state_alloc_security:
822 * @x contains the xfrm_state being added to the Security Association 825 * @x contains the xfrm_state being added to the Security Association
823 * Database by the XFRM system. 826 * Database by the XFRM system.
824 * @sec_ctx contains the security context information being provided by 827 * @sec_ctx contains the security context information being provided by
825 * the user-level SA generation program (e.g., setkey or racoon). 828 * the user-level SA generation program (e.g., setkey or racoon).
826 * Allocate a security structure to the x->sel.security field. The 829 * Allocate a security structure to the x->security field. The
827 * security field is initialized to NULL when the xfrm_state is 830 * security field is initialized to NULL when the xfrm_state is
828 * allocated. 831 * allocated.
829 * Return 0 if operation was successful (memory to allocate, legal context). 832 * Return 0 if operation was successful (memory to allocate, legal context).
830 * @xfrm_state_free_security: 833 * @xfrm_state_free_security:
831 * @x contains the xfrm_state. 834 * @x contains the xfrm_state.
832 * Deallocate x>sel.security. 835 * Deallocate x->security.
836 * @xfrm_state_delete_security:
837 * @x contains the xfrm_state.
838 * Authorize deletion of x->security.
833 * @xfrm_policy_lookup: 839 * @xfrm_policy_lookup:
834 * @xp contains the xfrm_policy for which the access control is being 840 * @xp contains the xfrm_policy for which the access control is being
835 * checked. 841 * checked.
@@ -1298,8 +1304,10 @@ struct security_operations {
1298 int (*xfrm_policy_alloc_security) (struct xfrm_policy *xp, struct xfrm_user_sec_ctx *sec_ctx); 1304 int (*xfrm_policy_alloc_security) (struct xfrm_policy *xp, struct xfrm_user_sec_ctx *sec_ctx);
1299 int (*xfrm_policy_clone_security) (struct xfrm_policy *old, struct xfrm_policy *new); 1305 int (*xfrm_policy_clone_security) (struct xfrm_policy *old, struct xfrm_policy *new);
1300 void (*xfrm_policy_free_security) (struct xfrm_policy *xp); 1306 void (*xfrm_policy_free_security) (struct xfrm_policy *xp);
1307 int (*xfrm_policy_delete_security) (struct xfrm_policy *xp);
1301 int (*xfrm_state_alloc_security) (struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx); 1308 int (*xfrm_state_alloc_security) (struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx);
1302 void (*xfrm_state_free_security) (struct xfrm_state *x); 1309 void (*xfrm_state_free_security) (struct xfrm_state *x);
1310 int (*xfrm_state_delete_security) (struct xfrm_state *x);
1303 int (*xfrm_policy_lookup)(struct xfrm_policy *xp, u32 sk_sid, u8 dir); 1311 int (*xfrm_policy_lookup)(struct xfrm_policy *xp, u32 sk_sid, u8 dir);
1304#endif /* CONFIG_SECURITY_NETWORK_XFRM */ 1312#endif /* CONFIG_SECURITY_NETWORK_XFRM */
1305 1313
@@ -2934,11 +2942,21 @@ static inline void security_xfrm_policy_free(struct xfrm_policy *xp)
2934 security_ops->xfrm_policy_free_security(xp); 2942 security_ops->xfrm_policy_free_security(xp);
2935} 2943}
2936 2944
2945static inline int security_xfrm_policy_delete(struct xfrm_policy *xp)
2946{
2947 return security_ops->xfrm_policy_delete_security(xp);
2948}
2949
2937static inline int security_xfrm_state_alloc(struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx) 2950static inline int security_xfrm_state_alloc(struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx)
2938{ 2951{
2939 return security_ops->xfrm_state_alloc_security(x, sec_ctx); 2952 return security_ops->xfrm_state_alloc_security(x, sec_ctx);
2940} 2953}
2941 2954
2955static inline int security_xfrm_state_delete(struct xfrm_state *x)
2956{
2957 return security_ops->xfrm_state_delete_security(x);
2958}
2959
2942static inline void security_xfrm_state_free(struct xfrm_state *x) 2960static inline void security_xfrm_state_free(struct xfrm_state *x)
2943{ 2961{
2944 security_ops->xfrm_state_free_security(x); 2962 security_ops->xfrm_state_free_security(x);
@@ -2963,6 +2981,11 @@ static inline void security_xfrm_policy_free(struct xfrm_policy *xp)
2963{ 2981{
2964} 2982}
2965 2983
2984static inline int security_xfrm_policy_delete(struct xfrm_policy *xp)
2985{
2986 return 0;
2987}
2988
2966static inline int security_xfrm_state_alloc(struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx) 2989static inline int security_xfrm_state_alloc(struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx)
2967{ 2990{
2968 return 0; 2991 return 0;
@@ -2972,6 +2995,11 @@ static inline void security_xfrm_state_free(struct xfrm_state *x)
2972{ 2995{
2973} 2996}
2974 2997
2998static inline int security_xfrm_state_delete(struct xfrm_state *x)
2999{
3000 return 0;
3001}
3002
2975static inline int security_xfrm_policy_lookup(struct xfrm_policy *xp, u32 sk_sid, u8 dir) 3003static inline int security_xfrm_policy_lookup(struct xfrm_policy *xp, u32 sk_sid, u8 dir)
2976{ 3004{
2977 return 0; 3005 return 0;
diff --git a/include/linux/selinux.h b/include/linux/selinux.h
index 4047bcde448..aad4e390d6a 100644
--- a/include/linux/selinux.h
+++ b/include/linux/selinux.h
@@ -118,6 +118,27 @@ void selinux_get_ipc_sid(const struct kern_ipc_perm *ipcp, u32 *sid);
118 */ 118 */
119void selinux_get_task_sid(struct task_struct *tsk, u32 *sid); 119void selinux_get_task_sid(struct task_struct *tsk, u32 *sid);
120 120
121/**
122 * selinux_string_to_sid - map a security context string to a security ID
123 * @str: the security context string to be mapped
124 * @sid: ID value returned via this.
125 *
126 * Returns 0 if successful, with the SID stored in sid. A value
127 * of zero for sid indicates no SID could be determined (but no error
128 * occurred).
129 */
130int selinux_string_to_sid(char *str, u32 *sid);
131
132/**
133 * selinux_relabel_packet_permission - check permission to relabel a packet
134 * @sid: ID value to be applied to network packet (via SECMARK, most likely)
135 *
136 * Returns 0 if the current task is allowed to label packets with the
137 * supplied security ID. Note that it is implicit that the packet is always
138 * being relabeled from the default unlabled value, and that the access
139 * control decision is made in the AVC.
140 */
141int selinux_relabel_packet_permission(u32 sid);
121 142
122#else 143#else
123 144
@@ -172,6 +193,17 @@ static inline void selinux_get_task_sid(struct task_struct *tsk, u32 *sid)
172 *sid = 0; 193 *sid = 0;
173} 194}
174 195
196static inline int selinux_string_to_sid(const char *str, u32 *sid)
197{
198 *sid = 0;
199 return 0;
200}
201
202static inline int selinux_relabel_packet_permission(u32 sid)
203{
204 return 0;
205}
206
175#endif /* CONFIG_SECURITY_SELINUX */ 207#endif /* CONFIG_SECURITY_SELINUX */
176 208
177#endif /* _LINUX_SELINUX_H */ 209#endif /* _LINUX_SELINUX_H */
diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h
index f8f234708b9..93e4db22158 100644
--- a/include/linux/skbuff.h
+++ b/include/linux/skbuff.h
@@ -29,6 +29,7 @@
29#include <linux/net.h> 29#include <linux/net.h>
30#include <linux/textsearch.h> 30#include <linux/textsearch.h>
31#include <net/checksum.h> 31#include <net/checksum.h>
32#include <linux/dmaengine.h>
32 33
33#define HAVE_ALLOC_SKB /* For the drivers to know */ 34#define HAVE_ALLOC_SKB /* For the drivers to know */
34#define HAVE_ALIGNABLE_SKB /* Ditto 8) */ 35#define HAVE_ALIGNABLE_SKB /* Ditto 8) */
@@ -209,6 +210,7 @@ enum {
209 * @nf_bridge: Saved data about a bridged frame - see br_netfilter.c 210 * @nf_bridge: Saved data about a bridged frame - see br_netfilter.c
210 * @tc_index: Traffic control index 211 * @tc_index: Traffic control index
211 * @tc_verd: traffic control verdict 212 * @tc_verd: traffic control verdict
213 * @secmark: security marking
212 */ 214 */
213 215
214struct sk_buff { 216struct sk_buff {
@@ -285,6 +287,12 @@ struct sk_buff {
285 __u16 tc_verd; /* traffic control verdict */ 287 __u16 tc_verd; /* traffic control verdict */
286#endif 288#endif
287#endif 289#endif
290#ifdef CONFIG_NET_DMA
291 dma_cookie_t dma_cookie;
292#endif
293#ifdef CONFIG_NETWORK_SECMARK
294 __u32 secmark;
295#endif
288 296
289 297
290 /* These elements must be at the end, see alloc_skb() for details. */ 298 /* These elements must be at the end, see alloc_skb() for details. */
@@ -967,15 +975,16 @@ static inline void skb_reserve(struct sk_buff *skb, int len)
967#define NET_SKB_PAD 16 975#define NET_SKB_PAD 16
968#endif 976#endif
969 977
970extern int ___pskb_trim(struct sk_buff *skb, unsigned int len, int realloc); 978extern int ___pskb_trim(struct sk_buff *skb, unsigned int len);
971 979
972static inline void __skb_trim(struct sk_buff *skb, unsigned int len) 980static inline void __skb_trim(struct sk_buff *skb, unsigned int len)
973{ 981{
974 if (!skb->data_len) { 982 if (unlikely(skb->data_len)) {
975 skb->len = len; 983 WARN_ON(1);
976 skb->tail = skb->data + len; 984 return;
977 } else 985 }
978 ___pskb_trim(skb, len, 0); 986 skb->len = len;
987 skb->tail = skb->data + len;
979} 988}
980 989
981/** 990/**
@@ -985,6 +994,7 @@ static inline void __skb_trim(struct sk_buff *skb, unsigned int len)
985 * 994 *
986 * Cut the length of a buffer down by removing data from the tail. If 995 * Cut the length of a buffer down by removing data from the tail. If
987 * the buffer is already under the length specified it is not modified. 996 * the buffer is already under the length specified it is not modified.
997 * The skb must be linear.
988 */ 998 */
989static inline void skb_trim(struct sk_buff *skb, unsigned int len) 999static inline void skb_trim(struct sk_buff *skb, unsigned int len)
990{ 1000{
@@ -995,12 +1005,10 @@ static inline void skb_trim(struct sk_buff *skb, unsigned int len)
995 1005
996static inline int __pskb_trim(struct sk_buff *skb, unsigned int len) 1006static inline int __pskb_trim(struct sk_buff *skb, unsigned int len)
997{ 1007{
998 if (!skb->data_len) { 1008 if (skb->data_len)
999 skb->len = len; 1009 return ___pskb_trim(skb, len);
1000 skb->tail = skb->data+len; 1010 __skb_trim(skb, len);
1001 return 0; 1011 return 0;
1002 }
1003 return ___pskb_trim(skb, len, 1);
1004} 1012}
1005 1013
1006static inline int pskb_trim(struct sk_buff *skb, unsigned int len) 1014static inline int pskb_trim(struct sk_buff *skb, unsigned int len)
@@ -1161,18 +1169,34 @@ static inline int skb_can_coalesce(struct sk_buff *skb, int i,
1161 return 0; 1169 return 0;
1162} 1170}
1163 1171
1172static inline int __skb_linearize(struct sk_buff *skb)
1173{
1174 return __pskb_pull_tail(skb, skb->data_len) ? 0 : -ENOMEM;
1175}
1176
1164/** 1177/**
1165 * skb_linearize - convert paged skb to linear one 1178 * skb_linearize - convert paged skb to linear one
1166 * @skb: buffer to linarize 1179 * @skb: buffer to linarize
1167 * @gfp: allocation mode
1168 * 1180 *
1169 * If there is no free memory -ENOMEM is returned, otherwise zero 1181 * If there is no free memory -ENOMEM is returned, otherwise zero
1170 * is returned and the old skb data released. 1182 * is returned and the old skb data released.
1171 */ 1183 */
1172extern int __skb_linearize(struct sk_buff *skb, gfp_t gfp); 1184static inline int skb_linearize(struct sk_buff *skb)
1173static inline int skb_linearize(struct sk_buff *skb, gfp_t gfp) 1185{
1186 return skb_is_nonlinear(skb) ? __skb_linearize(skb) : 0;
1187}
1188
1189/**
1190 * skb_linearize_cow - make sure skb is linear and writable
1191 * @skb: buffer to process
1192 *
1193 * If there is no free memory -ENOMEM is returned, otherwise zero
1194 * is returned and the old skb data released.
1195 */
1196static inline int skb_linearize_cow(struct sk_buff *skb)
1174{ 1197{
1175 return __skb_linearize(skb, gfp); 1198 return skb_is_nonlinear(skb) || skb_cloned(skb) ?
1199 __skb_linearize(skb) : 0;
1176} 1200}
1177 1201
1178/** 1202/**
@@ -1396,5 +1420,23 @@ static inline void nf_reset(struct sk_buff *skb)
1396static inline void nf_reset(struct sk_buff *skb) {} 1420static inline void nf_reset(struct sk_buff *skb) {}
1397#endif /* CONFIG_NETFILTER */ 1421#endif /* CONFIG_NETFILTER */
1398 1422
1423#ifdef CONFIG_NETWORK_SECMARK
1424static inline void skb_copy_secmark(struct sk_buff *to, const struct sk_buff *from)
1425{
1426 to->secmark = from->secmark;
1427}
1428
1429static inline void skb_init_secmark(struct sk_buff *skb)
1430{
1431 skb->secmark = 0;
1432}
1433#else
1434static inline void skb_copy_secmark(struct sk_buff *to, const struct sk_buff *from)
1435{ }
1436
1437static inline void skb_init_secmark(struct sk_buff *skb)
1438{ }
1439#endif
1440
1399#endif /* __KERNEL__ */ 1441#endif /* __KERNEL__ */
1400#endif /* _LINUX_SKBUFF_H */ 1442#endif /* _LINUX_SKBUFF_H */
diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h
index 76eaeff76f8..cee944dbdcd 100644
--- a/include/linux/sysctl.h
+++ b/include/linux/sysctl.h
@@ -313,6 +313,7 @@ enum
313 NET_NF_CONNTRACK_FRAG6_TIMEOUT=29, 313 NET_NF_CONNTRACK_FRAG6_TIMEOUT=29,
314 NET_NF_CONNTRACK_FRAG6_LOW_THRESH=30, 314 NET_NF_CONNTRACK_FRAG6_LOW_THRESH=30,
315 NET_NF_CONNTRACK_FRAG6_HIGH_THRESH=31, 315 NET_NF_CONNTRACK_FRAG6_HIGH_THRESH=31,
316 NET_NF_CONNTRACK_CHECKSUM=32,
316}; 317};
317 318
318/* /proc/sys/net/ipv4 */ 319/* /proc/sys/net/ipv4 */
@@ -403,6 +404,8 @@ enum
403 NET_TCP_MTU_PROBING=113, 404 NET_TCP_MTU_PROBING=113,
404 NET_TCP_BASE_MSS=114, 405 NET_TCP_BASE_MSS=114,
405 NET_IPV4_TCP_WORKAROUND_SIGNED_WINDOWS=115, 406 NET_IPV4_TCP_WORKAROUND_SIGNED_WINDOWS=115,
407 NET_TCP_DMA_COPYBREAK=116,
408 NET_TCP_SLOW_START_AFTER_IDLE=117,
406}; 409};
407 410
408enum { 411enum {
@@ -491,6 +494,7 @@ enum
491 NET_IPV4_NF_CONNTRACK_SCTP_TIMEOUT_SHUTDOWN_RECD=25, 494 NET_IPV4_NF_CONNTRACK_SCTP_TIMEOUT_SHUTDOWN_RECD=25,
492 NET_IPV4_NF_CONNTRACK_SCTP_TIMEOUT_SHUTDOWN_ACK_SENT=26, 495 NET_IPV4_NF_CONNTRACK_SCTP_TIMEOUT_SHUTDOWN_ACK_SENT=26,
493 NET_IPV4_NF_CONNTRACK_COUNT=27, 496 NET_IPV4_NF_CONNTRACK_COUNT=27,
497 NET_IPV4_NF_CONNTRACK_CHECKSUM=28,
494}; 498};
495 499
496/* /proc/sys/net/ipv6 */ 500/* /proc/sys/net/ipv6 */
diff --git a/include/linux/tcp.h b/include/linux/tcp.h
index 542d39596bd..c90daa5da6c 100644
--- a/include/linux/tcp.h
+++ b/include/linux/tcp.h
@@ -18,6 +18,7 @@
18#define _LINUX_TCP_H 18#define _LINUX_TCP_H
19 19
20#include <linux/types.h> 20#include <linux/types.h>
21#include <linux/dmaengine.h>
21#include <asm/byteorder.h> 22#include <asm/byteorder.h>
22 23
23struct tcphdr { 24struct tcphdr {
@@ -233,6 +234,13 @@ struct tcp_sock {
233 struct iovec *iov; 234 struct iovec *iov;
234 int memory; 235 int memory;
235 int len; 236 int len;
237#ifdef CONFIG_NET_DMA
238 /* members for async copy */
239 struct dma_chan *dma_chan;
240 int wakeup;
241 struct dma_pinned_list *pinned_list;
242 dma_cookie_t dma_cookie;
243#endif
236 } ucopy; 244 } ucopy;
237 245
238 __u32 snd_wl1; /* Sequence for window update */ 246 __u32 snd_wl1; /* Sequence for window update */
diff --git a/include/linux/xfrm.h b/include/linux/xfrm.h
index 6b42cc474c0..46a15c7a1a1 100644
--- a/include/linux/xfrm.h
+++ b/include/linux/xfrm.h
@@ -118,6 +118,10 @@ enum
118 XFRM_SHARE_UNIQUE /* Use once */ 118 XFRM_SHARE_UNIQUE /* Use once */
119}; 119};
120 120
121#define XFRM_MODE_TRANSPORT 0
122#define XFRM_MODE_TUNNEL 1
123#define XFRM_MODE_MAX 2
124
121/* Netlink configuration messages. */ 125/* Netlink configuration messages. */
122enum { 126enum {
123 XFRM_MSG_BASE = 0x10, 127 XFRM_MSG_BASE = 0x10,
diff --git a/include/net/ip.h b/include/net/ip.h
index 3d2e5ca62a5..ead233c9540 100644
--- a/include/net/ip.h
+++ b/include/net/ip.h
@@ -147,7 +147,6 @@ void ip_send_reply(struct sock *sk, struct sk_buff *skb, struct ip_reply_arg *ar
147struct ipv4_config 147struct ipv4_config
148{ 148{
149 int log_martians; 149 int log_martians;
150 int autoconfig;
151 int no_pmtu_disc; 150 int no_pmtu_disc;
152}; 151};
153 152
diff --git a/include/net/llc_if.h b/include/net/llc_if.h
index 090eaa0d71f..c608812a8e8 100644
--- a/include/net/llc_if.h
+++ b/include/net/llc_if.h
@@ -16,6 +16,7 @@
16#include <linux/if.h> 16#include <linux/if.h>
17#include <linux/if_arp.h> 17#include <linux/if_arp.h>
18#include <linux/llc.h> 18#include <linux/llc.h>
19#include <linux/etherdevice.h>
19#include <net/llc.h> 20#include <net/llc.h>
20 21
21#define LLC_DATAUNIT_PRIM 1 22#define LLC_DATAUNIT_PRIM 1
@@ -61,8 +62,6 @@
61#define LLC_STATUS_CONFLICT 7 /* disconnect conn */ 62#define LLC_STATUS_CONFLICT 7 /* disconnect conn */
62#define LLC_STATUS_RESET_DONE 8 /* */ 63#define LLC_STATUS_RESET_DONE 8 /* */
63 64
64extern u8 llc_mac_null_var[IFHWADDRLEN];
65
66/** 65/**
67 * llc_mac_null - determines if a address is a null mac address 66 * llc_mac_null - determines if a address is a null mac address
68 * @mac: Mac address to test if null. 67 * @mac: Mac address to test if null.
@@ -70,16 +69,20 @@ extern u8 llc_mac_null_var[IFHWADDRLEN];
70 * Determines if a given address is a null mac address. Returns 0 if the 69 * Determines if a given address is a null mac address. Returns 0 if the
71 * address is not a null mac, 1 if the address is a null mac. 70 * address is not a null mac, 1 if the address is a null mac.
72 */ 71 */
73static __inline__ int llc_mac_null(u8 *mac) 72static inline int llc_mac_null(const u8 *mac)
74{ 73{
75 return !memcmp(mac, llc_mac_null_var, IFHWADDRLEN); 74 return is_zero_ether_addr(mac);
76} 75}
77 76
78static __inline__ int llc_addrany(struct llc_addr *addr) 77static inline int llc_addrany(const struct llc_addr *addr)
79{ 78{
80 return llc_mac_null(addr->mac) && !addr->lsap; 79 return llc_mac_null(addr->mac) && !addr->lsap;
81} 80}
82 81
82static inline int llc_mac_multicast(const u8 *mac)
83{
84 return is_multicast_ether_addr(mac);
85}
83/** 86/**
84 * llc_mac_match - determines if two mac addresses are the same 87 * llc_mac_match - determines if two mac addresses are the same
85 * @mac1: First mac address to compare. 88 * @mac1: First mac address to compare.
@@ -89,9 +92,9 @@ static __inline__ int llc_addrany(struct llc_addr *addr)
89 * is not a complete match up to len, 1 if a complete match up to len is 92 * is not a complete match up to len, 1 if a complete match up to len is
90 * found. 93 * found.
91 */ 94 */
92static __inline__ int llc_mac_match(u8 *mac1, u8 *mac2) 95static inline int llc_mac_match(const u8 *mac1, const u8 *mac2)
93{ 96{
94 return !memcmp(mac1, mac2, IFHWADDRLEN); 97 return !compare_ether_addr(mac1, mac2);
95} 98}
96 99
97extern int llc_establish_connection(struct sock *sk, u8 *lmac, 100extern int llc_establish_connection(struct sock *sk, u8 *lmac,
diff --git a/include/net/netdma.h b/include/net/netdma.h
new file mode 100644
index 00000000000..19760eb131a
--- /dev/null
+++ b/include/net/netdma.h
@@ -0,0 +1,44 @@
1/*
2 * Copyright(c) 2004 - 2006 Intel Corporation. All rights reserved.
3 *
4 * This program is free software; you can redistribute it and/or modify it
5 * under the terms of the GNU General Public License as published by the Free
6 * Software Foundation; either version 2 of the License, or (at your option)
7 * any later version.
8 *
9 * This program is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
12 * more details.
13 *
14 * You should have received a copy of the GNU General Public License along with
15 * this program; if not, write to the Free Software Foundation, Inc., 59
16 * Temple Place - Suite 330, Boston, MA 02111-1307, USA.
17 *
18 * The full GNU General Public License is included in this distribution in the
19 * file called COPYING.
20 */
21#ifndef NETDMA_H
22#define NETDMA_H
23#include <linux/config.h>
24#ifdef CONFIG_NET_DMA
25#include <linux/dmaengine.h>
26#include <linux/skbuff.h>
27
28static inline struct dma_chan *get_softnet_dma(void)
29{
30 struct dma_chan *chan;
31 rcu_read_lock();
32 chan = rcu_dereference(__get_cpu_var(softnet_data.net_dma));
33 if (chan)
34 dma_chan_get(chan);
35 rcu_read_unlock();
36 return chan;
37}
38
39int dma_skb_copy_datagram_iovec(struct dma_chan* chan,
40 const struct sk_buff *skb, int offset, struct iovec *to,
41 size_t len, struct dma_pinned_list *pinned_list);
42
43#endif /* CONFIG_NET_DMA */
44#endif /* NETDMA_H */
diff --git a/include/net/netfilter/nf_conntrack.h b/include/net/netfilter/nf_conntrack.h
index 916013ca4a5..41111781580 100644
--- a/include/net/netfilter/nf_conntrack.h
+++ b/include/net/netfilter/nf_conntrack.h
@@ -114,6 +114,10 @@ struct nf_conn
114 u_int32_t mark; 114 u_int32_t mark;
115#endif 115#endif
116 116
117#ifdef CONFIG_NF_CONNTRACK_SECMARK
118 u_int32_t secmark;
119#endif
120
117 /* Storage reserved for other modules: */ 121 /* Storage reserved for other modules: */
118 union nf_conntrack_proto proto; 122 union nf_conntrack_proto proto;
119 123
@@ -285,6 +289,7 @@ static inline int nf_ct_is_dying(struct nf_conn *ct)
285} 289}
286 290
287extern unsigned int nf_conntrack_htable_size; 291extern unsigned int nf_conntrack_htable_size;
292extern int nf_conntrack_checksum;
288 293
289#define NF_CT_STAT_INC(count) (__get_cpu_var(nf_conntrack_stat).count++) 294#define NF_CT_STAT_INC(count) (__get_cpu_var(nf_conntrack_stat).count++)
290 295
diff --git a/include/net/netfilter/nf_conntrack_compat.h b/include/net/netfilter/nf_conntrack_compat.h
index 3cac19fb364..f1b1482d720 100644
--- a/include/net/netfilter/nf_conntrack_compat.h
+++ b/include/net/netfilter/nf_conntrack_compat.h
@@ -20,6 +20,19 @@ static inline u_int32_t *nf_ct_get_mark(const struct sk_buff *skb,
20} 20}
21#endif /* CONFIG_IP_NF_CONNTRACK_MARK */ 21#endif /* CONFIG_IP_NF_CONNTRACK_MARK */
22 22
23#ifdef CONFIG_IP_NF_CONNTRACK_SECMARK
24static inline u_int32_t *nf_ct_get_secmark(const struct sk_buff *skb,
25 u_int32_t *ctinfo)
26{
27 struct ip_conntrack *ct = ip_conntrack_get(skb, ctinfo);
28
29 if (ct)
30 return &ct->secmark;
31 else
32 return NULL;
33}
34#endif /* CONFIG_IP_NF_CONNTRACK_SECMARK */
35
23#ifdef CONFIG_IP_NF_CT_ACCT 36#ifdef CONFIG_IP_NF_CT_ACCT
24static inline struct ip_conntrack_counter * 37static inline struct ip_conntrack_counter *
25nf_ct_get_counters(const struct sk_buff *skb) 38nf_ct_get_counters(const struct sk_buff *skb)
@@ -70,6 +83,19 @@ static inline u_int32_t *nf_ct_get_mark(const struct sk_buff *skb,
70} 83}
71#endif /* CONFIG_NF_CONNTRACK_MARK */ 84#endif /* CONFIG_NF_CONNTRACK_MARK */
72 85
86#ifdef CONFIG_NF_CONNTRACK_SECMARK
87static inline u_int32_t *nf_ct_get_secmark(const struct sk_buff *skb,
88 u_int32_t *ctinfo)
89{
90 struct nf_conn *ct = nf_ct_get(skb, ctinfo);
91
92 if (ct)
93 return &ct->secmark;
94 else
95 return NULL;
96}
97#endif /* CONFIG_NF_CONNTRACK_MARK */
98
73#ifdef CONFIG_NF_CT_ACCT 99#ifdef CONFIG_NF_CT_ACCT
74static inline struct ip_conntrack_counter * 100static inline struct ip_conntrack_counter *
75nf_ct_get_counters(const struct sk_buff *skb) 101nf_ct_get_counters(const struct sk_buff *skb)
diff --git a/include/net/raw.h b/include/net/raw.h
index e67b28a0248..d83571fe4c6 100644
--- a/include/net/raw.h
+++ b/include/net/raw.h
@@ -36,7 +36,7 @@ extern rwlock_t raw_v4_lock;
36 36
37 37
38extern struct sock *__raw_v4_lookup(struct sock *sk, unsigned short num, 38extern struct sock *__raw_v4_lookup(struct sock *sk, unsigned short num,
39 unsigned long raddr, unsigned long laddr, 39 __be32 raddr, __be32 laddr,
40 int dif); 40 int dif);
41 41
42extern int raw_v4_input(struct sk_buff *skb, struct iphdr *iph, int hash); 42extern int raw_v4_input(struct sk_buff *skb, struct iphdr *iph, int hash);
diff --git a/include/net/sctp/sctp.h b/include/net/sctp/sctp.h
index aa6033ca7cd..b2b40f951ae 100644
--- a/include/net/sctp/sctp.h
+++ b/include/net/sctp/sctp.h
@@ -255,7 +255,7 @@ extern int sctp_debug_flag;
255#define SCTP_DEBUG_PRINTK_IPADDR(whatever...) 255#define SCTP_DEBUG_PRINTK_IPADDR(whatever...)
256#define SCTP_ENABLE_DEBUG 256#define SCTP_ENABLE_DEBUG
257#define SCTP_DISABLE_DEBUG 257#define SCTP_DISABLE_DEBUG
258#define SCTP_ASSERT(expr, str, func) 258#define SCTP_ASSERT(expr, str, func) BUG_ON(!(expr))
259 259
260#endif /* SCTP_DEBUG */ 260#endif /* SCTP_DEBUG */
261 261
diff --git a/include/net/sctp/structs.h b/include/net/sctp/structs.h
index 7f4fea173fb..5f69158c100 100644
--- a/include/net/sctp/structs.h
+++ b/include/net/sctp/structs.h
@@ -555,7 +555,8 @@ struct sctp_af {
555 int (*to_addr_param) (const union sctp_addr *, 555 int (*to_addr_param) (const union sctp_addr *,
556 union sctp_addr_param *); 556 union sctp_addr_param *);
557 int (*addr_valid) (union sctp_addr *, 557 int (*addr_valid) (union sctp_addr *,
558 struct sctp_sock *); 558 struct sctp_sock *,
559 const struct sk_buff *);
559 sctp_scope_t (*scope) (union sctp_addr *); 560 sctp_scope_t (*scope) (union sctp_addr *);
560 void (*inaddr_any) (union sctp_addr *, unsigned short); 561 void (*inaddr_any) (union sctp_addr *, unsigned short);
561 int (*is_any) (const union sctp_addr *); 562 int (*is_any) (const union sctp_addr *);
diff --git a/include/net/sock.h b/include/net/sock.h
index c9fad6fb629..96565ff0de6 100644
--- a/include/net/sock.h
+++ b/include/net/sock.h
@@ -132,6 +132,7 @@ struct sock_common {
132 * @sk_receive_queue: incoming packets 132 * @sk_receive_queue: incoming packets
133 * @sk_wmem_alloc: transmit queue bytes committed 133 * @sk_wmem_alloc: transmit queue bytes committed
134 * @sk_write_queue: Packet sending queue 134 * @sk_write_queue: Packet sending queue
135 * @sk_async_wait_queue: DMA copied packets
135 * @sk_omem_alloc: "o" is "option" or "other" 136 * @sk_omem_alloc: "o" is "option" or "other"
136 * @sk_wmem_queued: persistent queue size 137 * @sk_wmem_queued: persistent queue size
137 * @sk_forward_alloc: space allocated forward 138 * @sk_forward_alloc: space allocated forward
@@ -205,6 +206,7 @@ struct sock {
205 atomic_t sk_omem_alloc; 206 atomic_t sk_omem_alloc;
206 struct sk_buff_head sk_receive_queue; 207 struct sk_buff_head sk_receive_queue;
207 struct sk_buff_head sk_write_queue; 208 struct sk_buff_head sk_write_queue;
209 struct sk_buff_head sk_async_wait_queue;
208 int sk_wmem_queued; 210 int sk_wmem_queued;
209 int sk_forward_alloc; 211 int sk_forward_alloc;
210 gfp_t sk_allocation; 212 gfp_t sk_allocation;
@@ -871,10 +873,7 @@ static inline int sk_filter(struct sock *sk, struct sk_buff *skb, int needlock)
871 if (filter) { 873 if (filter) {
872 unsigned int pkt_len = sk_run_filter(skb, filter->insns, 874 unsigned int pkt_len = sk_run_filter(skb, filter->insns,
873 filter->len); 875 filter->len);
874 if (!pkt_len) 876 err = pkt_len ? pskb_trim(skb, pkt_len) : -EPERM;
875 err = -EPERM;
876 else
877 skb_trim(skb, pkt_len);
878 } 877 }
879 878
880 if (needlock) 879 if (needlock)
@@ -1271,11 +1270,22 @@ sock_recv_timestamp(struct msghdr *msg, struct sock *sk, struct sk_buff *skb)
1271 * This routine must be called with interrupts disabled or with the socket 1270 * This routine must be called with interrupts disabled or with the socket
1272 * locked so that the sk_buff queue operation is ok. 1271 * locked so that the sk_buff queue operation is ok.
1273*/ 1272*/
1274static inline void sk_eat_skb(struct sock *sk, struct sk_buff *skb) 1273#ifdef CONFIG_NET_DMA
1274static inline void sk_eat_skb(struct sock *sk, struct sk_buff *skb, int copied_early)
1275{
1276 __skb_unlink(skb, &sk->sk_receive_queue);
1277 if (!copied_early)
1278 __kfree_skb(skb);
1279 else
1280 __skb_queue_tail(&sk->sk_async_wait_queue, skb);
1281}
1282#else
1283static inline void sk_eat_skb(struct sock *sk, struct sk_buff *skb, int copied_early)
1275{ 1284{
1276 __skb_unlink(skb, &sk->sk_receive_queue); 1285 __skb_unlink(skb, &sk->sk_receive_queue);
1277 __kfree_skb(skb); 1286 __kfree_skb(skb);
1278} 1287}
1288#endif
1279 1289
1280extern void sock_enable_timestamp(struct sock *sk); 1290extern void sock_enable_timestamp(struct sock *sk);
1281extern int sock_get_timestamp(struct sock *, struct timeval __user *); 1291extern int sock_get_timestamp(struct sock *, struct timeval __user *);
diff --git a/include/net/tcp.h b/include/net/tcp.h
index 3c989db8a7a..bfc71f954bb 100644
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -28,6 +28,7 @@
28#include <linux/cache.h> 28#include <linux/cache.h>
29#include <linux/percpu.h> 29#include <linux/percpu.h>
30#include <linux/skbuff.h> 30#include <linux/skbuff.h>
31#include <linux/dmaengine.h>
31 32
32#include <net/inet_connection_sock.h> 33#include <net/inet_connection_sock.h>
33#include <net/inet_timewait_sock.h> 34#include <net/inet_timewait_sock.h>
@@ -218,6 +219,7 @@ extern int sysctl_tcp_adv_win_scale;
218extern int sysctl_tcp_tw_reuse; 219extern int sysctl_tcp_tw_reuse;
219extern int sysctl_tcp_frto; 220extern int sysctl_tcp_frto;
220extern int sysctl_tcp_low_latency; 221extern int sysctl_tcp_low_latency;
222extern int sysctl_tcp_dma_copybreak;
221extern int sysctl_tcp_nometrics_save; 223extern int sysctl_tcp_nometrics_save;
222extern int sysctl_tcp_moderate_rcvbuf; 224extern int sysctl_tcp_moderate_rcvbuf;
223extern int sysctl_tcp_tso_win_divisor; 225extern int sysctl_tcp_tso_win_divisor;
@@ -225,6 +227,7 @@ extern int sysctl_tcp_abc;
225extern int sysctl_tcp_mtu_probing; 227extern int sysctl_tcp_mtu_probing;
226extern int sysctl_tcp_base_mss; 228extern int sysctl_tcp_base_mss;
227extern int sysctl_tcp_workaround_signed_windows; 229extern int sysctl_tcp_workaround_signed_windows;
230extern int sysctl_tcp_slow_start_after_idle;
228 231
229extern atomic_t tcp_memory_allocated; 232extern atomic_t tcp_memory_allocated;
230extern atomic_t tcp_sockets_allocated; 233extern atomic_t tcp_sockets_allocated;
@@ -293,6 +296,8 @@ extern int tcp_rcv_established(struct sock *sk,
293 296
294extern void tcp_rcv_space_adjust(struct sock *sk); 297extern void tcp_rcv_space_adjust(struct sock *sk);
295 298
299extern void tcp_cleanup_rbuf(struct sock *sk, int copied);
300
296extern int tcp_twsk_unique(struct sock *sk, 301extern int tcp_twsk_unique(struct sock *sk,
297 struct sock *sktw, void *twp); 302 struct sock *sktw, void *twp);
298 303
@@ -628,7 +633,7 @@ struct tcp_congestion_ops {
628 /* return slow start threshold (required) */ 633 /* return slow start threshold (required) */
629 u32 (*ssthresh)(struct sock *sk); 634 u32 (*ssthresh)(struct sock *sk);
630 /* lower bound for congestion window (optional) */ 635 /* lower bound for congestion window (optional) */
631 u32 (*min_cwnd)(struct sock *sk); 636 u32 (*min_cwnd)(const struct sock *sk);
632 /* do new cwnd calculation (required) */ 637 /* do new cwnd calculation (required) */
633 void (*cong_avoid)(struct sock *sk, u32 ack, 638 void (*cong_avoid)(struct sock *sk, u32 ack,
634 u32 rtt, u32 in_flight, int good_ack); 639 u32 rtt, u32 in_flight, int good_ack);
@@ -663,7 +668,7 @@ extern struct tcp_congestion_ops tcp_init_congestion_ops;
663extern u32 tcp_reno_ssthresh(struct sock *sk); 668extern u32 tcp_reno_ssthresh(struct sock *sk);
664extern void tcp_reno_cong_avoid(struct sock *sk, u32 ack, 669extern void tcp_reno_cong_avoid(struct sock *sk, u32 ack,
665 u32 rtt, u32 in_flight, int flag); 670 u32 rtt, u32 in_flight, int flag);
666extern u32 tcp_reno_min_cwnd(struct sock *sk); 671extern u32 tcp_reno_min_cwnd(const struct sock *sk);
667extern struct tcp_congestion_ops tcp_reno; 672extern struct tcp_congestion_ops tcp_reno;
668 673
669static inline void tcp_set_ca_state(struct sock *sk, const u8 ca_state) 674static inline void tcp_set_ca_state(struct sock *sk, const u8 ca_state)
@@ -817,6 +822,12 @@ static inline void tcp_prequeue_init(struct tcp_sock *tp)
817 tp->ucopy.len = 0; 822 tp->ucopy.len = 0;
818 tp->ucopy.memory = 0; 823 tp->ucopy.memory = 0;
819 skb_queue_head_init(&tp->ucopy.prequeue); 824 skb_queue_head_init(&tp->ucopy.prequeue);
825#ifdef CONFIG_NET_DMA
826 tp->ucopy.dma_chan = NULL;
827 tp->ucopy.wakeup = 0;
828 tp->ucopy.pinned_list = NULL;
829 tp->ucopy.dma_cookie = 0;
830#endif
820} 831}
821 832
822/* Packet is added to VJ-style prequeue for processing in process 833/* Packet is added to VJ-style prequeue for processing in process
diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index afa508d92c9..9c5ee9f20b6 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -20,6 +20,8 @@
20#include <net/ip6_fib.h> 20#include <net/ip6_fib.h>
21 21
22#define XFRM_ALIGN8(len) (((len) + 7) & ~7) 22#define XFRM_ALIGN8(len) (((len) + 7) & ~7)
23#define MODULE_ALIAS_XFRM_MODE(family, encap) \
24 MODULE_ALIAS("xfrm-mode-" __stringify(family) "-" __stringify(encap))
23 25
24extern struct sock *xfrm_nl; 26extern struct sock *xfrm_nl;
25extern u32 sysctl_xfrm_aevent_etime; 27extern u32 sysctl_xfrm_aevent_etime;
@@ -164,6 +166,7 @@ struct xfrm_state
164 /* Reference to data common to all the instances of this 166 /* Reference to data common to all the instances of this
165 * transformer. */ 167 * transformer. */
166 struct xfrm_type *type; 168 struct xfrm_type *type;
169 struct xfrm_mode *mode;
167 170
168 /* Security context */ 171 /* Security context */
169 struct xfrm_sec_ctx *security; 172 struct xfrm_sec_ctx *security;
@@ -204,8 +207,8 @@ struct xfrm_type;
204struct xfrm_dst; 207struct xfrm_dst;
205struct xfrm_policy_afinfo { 208struct xfrm_policy_afinfo {
206 unsigned short family; 209 unsigned short family;
207 rwlock_t lock; 210 struct xfrm_type *type_map[IPPROTO_MAX];
208 struct xfrm_type_map *type_map; 211 struct xfrm_mode *mode_map[XFRM_MODE_MAX];
209 struct dst_ops *dst_ops; 212 struct dst_ops *dst_ops;
210 void (*garbage_collect)(void); 213 void (*garbage_collect)(void);
211 int (*dst_lookup)(struct xfrm_dst **dst, struct flowi *fl); 214 int (*dst_lookup)(struct xfrm_dst **dst, struct flowi *fl);
@@ -232,7 +235,6 @@ extern int __xfrm_state_delete(struct xfrm_state *x);
232 235
233struct xfrm_state_afinfo { 236struct xfrm_state_afinfo {
234 unsigned short family; 237 unsigned short family;
235 rwlock_t lock;
236 struct list_head *state_bydst; 238 struct list_head *state_bydst;
237 struct list_head *state_byspi; 239 struct list_head *state_byspi;
238 int (*init_flags)(struct xfrm_state *x); 240 int (*init_flags)(struct xfrm_state *x);
@@ -264,16 +266,24 @@ struct xfrm_type
264 u32 (*get_max_size)(struct xfrm_state *, int size); 266 u32 (*get_max_size)(struct xfrm_state *, int size);
265}; 267};
266 268
267struct xfrm_type_map {
268 rwlock_t lock;
269 struct xfrm_type *map[256];
270};
271
272extern int xfrm_register_type(struct xfrm_type *type, unsigned short family); 269extern int xfrm_register_type(struct xfrm_type *type, unsigned short family);
273extern int xfrm_unregister_type(struct xfrm_type *type, unsigned short family); 270extern int xfrm_unregister_type(struct xfrm_type *type, unsigned short family);
274extern struct xfrm_type *xfrm_get_type(u8 proto, unsigned short family); 271extern struct xfrm_type *xfrm_get_type(u8 proto, unsigned short family);
275extern void xfrm_put_type(struct xfrm_type *type); 272extern void xfrm_put_type(struct xfrm_type *type);
276 273
274struct xfrm_mode {
275 int (*input)(struct xfrm_state *x, struct sk_buff *skb);
276 int (*output)(struct sk_buff *skb);
277
278 struct module *owner;
279 unsigned int encap;
280};
281
282extern int xfrm_register_mode(struct xfrm_mode *mode, int family);
283extern int xfrm_unregister_mode(struct xfrm_mode *mode, int family);
284extern struct xfrm_mode *xfrm_get_mode(unsigned int encap, int family);
285extern void xfrm_put_mode(struct xfrm_mode *mode);
286
277struct xfrm_tmpl 287struct xfrm_tmpl
278{ 288{
279/* id in template is interpreted as: 289/* id in template is interpreted as: