Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net

Pull networking updates from David Miller:
 "Much more accumulated than I would have liked due to an unexpected
  bout with a nasty flu:

   1) AH and ESP input don't set ECN field correctly because the
      transport head of the SKB isn't set correctly, fix from Li
      RongQing.

   2) If netfilter conntrack zones are disabled, we can return an
      uninitialized variable instead of the proper error code.  Fix from
      Borislav Petkov.

   3) Fix double SKB free in ath9k driver beacon handling, from Felix
      Feitkau.

   4) Remove bogus assumption about netns cleanup ordering in
      nf_conntrack, from Pablo Neira Ayuso.

   5) Remove a bogus BUG_ON in the new TCP fastopen code, from Eric
      Dumazet.  It uses spin_is_locked() in it's test and is therefore
      unsuitable for UP.

   6) Fix SELINUX labelling regressions added by the tuntap multiqueue
      changes, from Paul Moore.

   7) Fix CRC errors with jumbo frame receive in tg3 driver, from Nithin
      Nayak Sujir.

   8) CXGB4 driver sets interrupt coalescing parameters only on first
      queue, rather than all of them.  Fix from Thadeu Lima de Souza
      Cascardo.

   9) Fix regression in the dispatch of read/write registers in dm9601
      driver, from Tushar Behera.

  10) ipv6_append_data miscalculates header length, from Romain KUNTZ.

  11) Fix PMTU handling regressions on ipv4 routes, from Steffen
      Klassert, Timo Teräs, and Julian Anastasov.

  12) In 3c574_cs driver, add necessary parenthesis to "x << y & z"
      expression.  From Nickolai Zeldovich.

  13) macvlan_get_size() causes underallocation netlink message space,
      fix from Eric Dumazet.

  14) Avoid division by zero in xfrm_replay_advance_bmp(), from Nickolai
      Zeldovich.  Amusingly the zero check was already there, we were
      just performing it after the modulus :-)

  15) Some more splice bug fixes from Eric Dumazet, which fix things
      mostly eminating from how we now more aggressively use high-order
      pages in SKBs.

  16) Fix size calculation bug when freeing hash tables in the IPSEC
      xfrm code, from Michal Kubecek.

  17) Fix PMTU event propagation into socket cached routes, from Steffen
      Klassert.

  18) Fix off by one in TX buffer release in netxen driver, from Eric
      Dumazet.

  19) Fix rediculous memory allocation requirements introduced by the
      tuntap multiqueue changes, from Jason Wang.

  20) Remove bogus AMD platform workaround in r8169 driver that causes
      major problems in normal operation, from Timo Teräs.

  21) virtio-net set affinity and select queue don't handle
      discontiguous cpu numbers properly, fix from Wanlong Gao.

  22) Fix a route refcounting issue in loopback driver, from Eric
      Dumazet.  There's a similar fix coming that we might add to the
      macvlan driver as well.

  23) Fix SKB leaks in batman-adv's distributed arp table code, from
      Matthias Schiffer.

  24) r8169 driver gives descriptor ownership back the hardware before
      we're done reading the VLAN tag out of it, fix from Francois
      Romieu.

  25) Checksums not calculated properly in GRE tunnel driver fix from
      Pravin B Shelar.

26) Fix SCTP memory leak on namespace exit."

* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (101 commits)
  dm9601: support dm9620 variant
  SCTP: Free the per-net sysctl table on net exit. v2
  net: phy: icplus: fix broken INTR pin settings
  net: phy: icplus: Use the RGMII interface mode to configure clock delays
  IP_GRE: Fix kernel panic in IP_GRE with GRE csum.
  sctp: set association state to established in dupcook_a handler
  ip6mr: limit IPv6 MRT_TABLE identifiers
  r8169: fix vlan tag read ordering.
  net: cdc_ncm: use IAD provided by the USB core
  batman-adv: filter ARP packets with invalid MAC addresses in DAT
  batman-adv: check for more types of invalid IP addresses in DAT
  batman-adv: fix skb leak in batadv_dat_snoop_incoming_arp_reply()
  net: loopback: fix a dst refcounting issue
  virtio-net: reset virtqueue affinity when doing cpu hotplug
  virtio-net: split out clean affinity function
  virtio-net: fix the set affinity bug when CPU IDs are not consecutive
  can: pch_can: fix invalid error codes
  can: ti_hecc: fix invalid error codes
  can: c_can: fix invalid error codes
  r8169: remove the obsolete and incorrect AMD workaround
  ...

4 files changed, 51 insertions, 13 deletions

diff --git a/include/linux/security.h b/include/linux/security.h
index 0f6afc657f77..eee7478cda70 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -989,17 +989,29 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
  *      tells the LSM to decrement the number of secmark labeling rules loaded
  * @req_classify_flow:
  *      Sets the flow's sid to the openreq sid.
+ * @tun_dev_alloc_security:
+ *      This hook allows a module to allocate a security structure for a TUN
+ *      device.
+ *      @security pointer to a security structure pointer.
+ *      Returns a zero on success, negative values on failure.
+ * @tun_dev_free_security:
+ *      This hook allows a module to free the security structure for a TUN
+ *      device.
+ *      @security pointer to the TUN device's security structure
  * @tun_dev_create:
  *      Check permissions prior to creating a new TUN device.
- * @tun_dev_post_create:
- *      This hook allows a module to update or allocate a per-socket security
- *      structure.
- *      @sk contains the newly created sock structure.
+ * @tun_dev_attach_queue:
+ *      Check permissions prior to attaching to a TUN device queue.
+ *      @security pointer to the TUN device's security structure.
  * @tun_dev_attach:
- *      Check permissions prior to attaching to a persistent TUN device.  This
- *      hook can also be used by the module to update any security state
+ *      This hook can be used by the module to update any security state
  *      associated with the TUN device's sock structure.
  *      @sk contains the existing sock structure.
+ *      @security pointer to the TUN device's security structure.
+ * @tun_dev_open:
+ *      This hook can be used by the module to update any security state
+ *      associated with the TUN device's security structure.
+ *      @security pointer to the TUN devices's security structure.
  *
  * Security hooks for XFRM operations.
  *
@@ -1620,9 +1632,12 @@ struct security_operations {
         void (*secmark_refcount_inc) (void);
         void (*secmark_refcount_dec) (void);
         void (*req_classify_flow) (const struct request_sock *req, struct flowi *fl);
-        int (*tun_dev_create)(void);
-        void (*tun_dev_post_create)(struct sock *sk);
-        int (*tun_dev_attach)(struct sock *sk);
+        int (*tun_dev_alloc_security) (void **security);
+        void (*tun_dev_free_security) (void *security);
+        int (*tun_dev_create) (void);
+        int (*tun_dev_attach_queue) (void *security);
+        int (*tun_dev_attach) (struct sock *sk, void *security);
+        int (*tun_dev_open) (void *security);
 #endif  /* CONFIG_SECURITY_NETWORK */
 
 #ifdef CONFIG_SECURITY_NETWORK_XFRM
@@ -2566,9 +2581,12 @@ void security_inet_conn_established(struct sock *sk,
 int security_secmark_relabel_packet(u32 secid);
 void security_secmark_refcount_inc(void);
 void security_secmark_refcount_dec(void);
+int security_tun_dev_alloc_security(void **security);
+void security_tun_dev_free_security(void *security);
 int security_tun_dev_create(void);
-void security_tun_dev_post_create(struct sock *sk);
-int security_tun_dev_attach(struct sock *sk);
+int security_tun_dev_attach_queue(void *security);
+int security_tun_dev_attach(struct sock *sk, void *security);
+int security_tun_dev_open(void *security);
 
 #else   /* CONFIG_SECURITY_NETWORK */
 static inline int security_unix_stream_connect(struct sock *sock,
@@ -2733,16 +2751,31 @@ static inline void security_secmark_refcount_dec(void)
 {
 }
 
+static inline int security_tun_dev_alloc_security(void **security)
+{
+        return 0;
+}
+
+static inline void security_tun_dev_free_security(void *security)
+{
+}
+
 static inline int security_tun_dev_create(void)
 {
         return 0;
 }
 
-static inline void security_tun_dev_post_create(struct sock *sk)
+static inline int security_tun_dev_attach_queue(void *security)
+{
+        return 0;
+}
+
+static inline int security_tun_dev_attach(struct sock *sk, void *security)
 {
+        return 0;
 }
 
-static inline int security_tun_dev_attach(struct sock *sk)
+static inline int security_tun_dev_open(void *security)
 {
         return 0;
 }
diff --git a/include/linux/usb/usbnet.h b/include/linux/usb/usbnet.h
index bd45eb7bedc8..5de7a220e986 100644
--- a/include/linux/usb/usbnet.h
+++ b/include/linux/usb/usbnet.h
@@ -100,6 +100,7 @@ struct driver_info {
 #define FLAG_LINK_INTR  0x0800          /* updates link (carrier) status */
 
 #define FLAG_POINTTOPOINT 0x1000        /* possibly use "usb%d" names */
+#define FLAG_NOARP      0x2000          /* device can't do ARP */
 
 /*
  * Indicates to usbnet, that USB driver accumulates multiple IP packets.
diff --git a/include/net/ip.h b/include/net/ip.h
index 0707fb9551aa..a68f838a132c 100644
--- a/include/net/ip.h
+++ b/include/net/ip.h
@@ -143,6 +143,8 @@ static inline struct sk_buff *ip_finish_skb(struct sock *sk, struct flowi4 *fl4)
 extern int              ip4_datagram_connect(struct sock *sk, 
                                              struct sockaddr *uaddr, int addr_len);
 
+extern void ip4_datagram_release_cb(struct sock *sk);
+
 struct ip_reply_arg {
         struct kvec iov[1];   
         int         flags;
diff --git a/include/net/netfilter/nf_conntrack_core.h b/include/net/netfilter/nf_conntrack_core.h
index d8f5b9f52169..e98aeb3da033 100644
--- a/include/net/netfilter/nf_conntrack_core.h
+++ b/include/net/netfilter/nf_conntrack_core.h
@@ -31,6 +31,8 @@ extern void nf_conntrack_cleanup(struct net *net);
 extern int nf_conntrack_proto_init(struct net *net);
 extern void nf_conntrack_proto_fini(struct net *net);
 
+extern void nf_conntrack_cleanup_end(void);
+
 extern bool
 nf_ct_get_tuple(const struct sk_buff *skb,
                 unsigned int nhoff,