Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6

* master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6: (32 commits) [NET]: Fix more per-cpu typos [SECURITY]: Fix build with CONFIG_SECURITY disabled. [I/OAT]: Remove CPU hotplug lock from net_dma_rebalance [DECNET]: Fix for routing bug [AF_UNIX]: Kernel memory leak fix for af_unix datagram getpeersec patch [NET]: skb_queue_lock_key() is no longer used. [NET]: Remove lockdep_set_class() call from skb_queue_head_init(). [IPV6]: SNMPv2 "ipv6IfStatsOutFragCreates" counter error [IPV6]: SNMPv2 "ipv6IfStatsInHdrErrors" counter error [NET]: Kill the WARN_ON() calls for checksum fixups. [NETFILTER]: xt_hashlimit/xt_string: missing string validation [NETFILTER]: SIP helper: expect RTP streams in both directions [E1000]: Convert to netdev_alloc_skb [TG3]: Convert to netdev_alloc_skb [NET]: Add netdev_alloc_skb(). [TCP]: Process linger2 timeout consistently. [SECURITY] secmark: nul-terminate secdata [NET] infiniband: Cleanup ib_addr module to use the netevents [NET]: Core net changes to generate netevents [NET]: Network Event Notifier Mechanism. ...
author: Linus Torvalds <torvalds@g5.osdl.org> 2006-08-03 01:35:26 -0400
committer: Linus Torvalds <torvalds@g5.osdl.org> 2006-08-03 01:35:26 -0400
commit: 46f5960fdbf359f0c75989854bbaebc1de7a1eb4 (patch)
tree: 132d8d0eba110342bb88fcce2519c441ac771162 /include
parent: 90eb29efd0ca9301d80d03ea13662d32436f060e (diff)
parent: 29bbd72d6ee1dbf2d9f00d022f8e999aa528fb3a (diff)
10 files changed, 140 insertions, 22 deletions
diff --git a/include/linux/netfilter_bridge.h b/include/linux/netfilter_bridge.h
index 31f02ba036ce..10c13dc4665b 100644
--- a/include/linux/netfilter_bridge.h
+++ b/include/linux/netfilter_bridge.h
@@ -6,7 +6,6 @@
 #include <linux/netfilter.h>
 #if defined(__KERNEL__) && defined(CONFIG_BRIDGE_NETFILTER)
-#include <asm/atomic.h>
 #include <linux/if_ether.h>
 #endif
diff --git a/include/linux/security.h b/include/linux/security.h
index f75303831d09..6bc2aad494ff 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -1109,6 +1109,16 @@ struct swap_info_struct;
 *      @name contains the name of the security module being unstacked.
 *      @ops contains a pointer to the struct security_operations of the module to unstack.
 * 
+ * @secid_to_secctx:
+ *      Convert secid to security context.
+ *      @secid contains the security ID.
+ *      @secdata contains the pointer that stores the converted security context.
+ *
+ * @release_secctx:
+ *      Release the security context.
+ *      @secdata contains the security context.
+ *      @seclen contains the length of the security context.
+ *
 * This is the main security structure.
 */
 struct security_operations {
@@ -1289,6 +1299,8 @@ struct security_operations {
        int (*getprocattr)(struct task_struct *p, char *name, void *value, size_t size);
        int (*setprocattr)(struct task_struct *p, char *name, void *value, size_t size);
+        int (*secid_to_secctx)(u32 secid, char **secdata, u32 *seclen);
+        void (*release_secctx)(char *secdata, u32 seclen);
 #ifdef CONFIG_SECURITY_NETWORK
        int (*unix_stream_connect) (struct socket * sock,
@@ -1317,7 +1329,7 @@ struct security_operations {
        int (*socket_shutdown) (struct socket * sock, int how);
        int (*socket_sock_rcv_skb) (struct sock * sk, struct sk_buff * skb);
        int (*socket_getpeersec_stream) (struct socket *sock, char __user *optval, int __user *optlen, unsigned len);
-        int (*socket_getpeersec_dgram) (struct sk_buff *skb, char **secdata, u32 *seclen);
+        int (*socket_getpeersec_dgram) (struct socket *sock, struct sk_buff *skb, u32 *secid);
        int (*sk_alloc_security) (struct sock *sk, int family, gfp_t priority);
        void (*sk_free_security) (struct sock *sk);
        unsigned int (*sk_getsid) (struct sock *sk, struct flowi *fl, u8 dir);
@@ -2059,6 +2071,16 @@ static inline int security_netlink_recv(struct sk_buff * skb, int cap)
        return security_ops->netlink_recv(skb, cap);
 }
+static inline int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen)
+{
+        return security_ops->secid_to_secctx(secid, secdata, seclen);
+}
+static inline void security_release_secctx(char *secdata, u32 seclen)
+{
+        return security_ops->release_secctx(secdata, seclen);
+}
 /* prototypes */
 extern int security_init        (void);
 extern int register_security    (struct security_operations *ops);
@@ -2725,6 +2747,14 @@ static inline void securityfs_remove(struct dentry *dentry)
 {
 }
+static inline int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen)
+{
+        return -EOPNOTSUPP;
+}
+static inline void security_release_secctx(char *secdata, u32 seclen)
+{
+}
 #endif  /* CONFIG_SECURITY */
 #ifdef CONFIG_SECURITY_NETWORK
@@ -2840,10 +2870,9 @@ static inline int security_socket_getpeersec_stream(struct socket *sock, char __
        return security_ops->socket_getpeersec_stream(sock, optval, optlen, len);
 }
-static inline int security_socket_getpeersec_dgram(struct sk_buff *skb, char **secdata,
+static inline int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid)
-                                                   u32 *seclen)
 {
-        return security_ops->socket_getpeersec_dgram(skb, secdata, seclen);
+        return security_ops->socket_getpeersec_dgram(sock, skb, secid);
 }
 static inline int security_sk_alloc(struct sock *sk, int family, gfp_t priority)
@@ -2968,8 +2997,7 @@ static inline int security_socket_getpeersec_stream(struct socket *sock, char __
        return -ENOPROTOOPT;
 }
-static inline int security_socket_getpeersec_dgram(struct sk_buff *skb, char **secdata,
+static inline int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid)
-                                                   u32 *seclen)
 {
        return -ENOPROTOOPT;
 }
diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h
index 4307e764ef0a..19c96d498e20 100644
--- a/include/linux/skbuff.h
+++ b/include/linux/skbuff.h
@@ -604,12 +604,17 @@ static inline __u32 skb_queue_len(const struct sk_buff_head *list_)
        return list_->qlen;
 }
-extern struct lock_class_key skb_queue_lock_key;
+/*
+ * This function creates a split out lock class for each invocation;
+ * this is needed for now since a whole lot of users of the skb-queue
+ * infrastructure in drivers have different locking usage (in hardirq)
+ * than the networking core (in softirq only). In the long run either the
+ * network layer or drivers should need annotation to consolidate the
+ * main types of usage into 3 classes.
+ */
 static inline void skb_queue_head_init(struct sk_buff_head *list)
 {
        spin_lock_init(&list->lock);
-        lockdep_set_class(&list->lock, &skb_queue_lock_key);
        list->prev = list->next = (struct sk_buff *)list;
        list->qlen = 0;
 }
@@ -1104,6 +1109,28 @@ static inline struct sk_buff *dev_alloc_skb(unsigned int length)
        return __dev_alloc_skb(length, GFP_ATOMIC);
 }
+extern struct sk_buff *__netdev_alloc_skb(struct net_device *dev,
+                unsigned int length, gfp_t gfp_mask);
+/**
+ *      netdev_alloc_skb - allocate an skbuff for rx on a specific device
+ *      @dev: network device to receive on
+ *      @length: length to allocate
+ *
+ *      Allocate a new &sk_buff and assign it a usage count of one. The
+ *      buffer has unspecified headroom built in. Users should allocate
+ *      the headroom they think they need without accounting for the
+ *      built in space. The built in space is used for optimisations.
+ *
+ *      %NULL is returned if there is no free memory. Although this function
+ *      allocates memory it can be called from an interrupt.
+ */
+static inline struct sk_buff *netdev_alloc_skb(struct net_device *dev,
+                unsigned int length)
+{
+        return __netdev_alloc_skb(dev, length, GFP_ATOMIC);
+}
 /**
 *      skb_cow - copy header of skb when it is required
 *      @skb: buffer to cow
diff --git a/include/net/af_unix.h b/include/net/af_unix.h
index 2fec827c8801..c0398f5a8cb9 100644
--- a/include/net/af_unix.h
+++ b/include/net/af_unix.h
@@ -54,15 +54,13 @@ struct unix_skb_parms {
        struct ucred            creds;          /* Skb credentials      */
        struct scm_fp_list      *fp;            /* Passed files         */
 #ifdef CONFIG_SECURITY_NETWORK
-        char                    *secdata;       /* Security context     */
+        u32                     secid;          /* Security ID          */
-        u32                     seclen;         /* Security length      */
 #endif
 };
 #define UNIXCB(skb)     (*(struct unix_skb_parms*)&((skb)->cb))
 #define UNIXCREDS(skb)  (&UNIXCB((skb)).creds)
-#define UNIXSECDATA(skb)        (&UNIXCB((skb)).secdata)
+#define UNIXSID(skb)    (&UNIXCB((skb)).secid)
-#define UNIXSECLEN(skb)         (&UNIXCB((skb)).seclen)
 #define unix_state_rlock(s)     spin_lock(&unix_sk(s)->lock)
 #define unix_state_runlock(s)   spin_unlock(&unix_sk(s)->lock)
diff --git a/include/net/ip6_route.h b/include/net/ip6_route.h
index ab29dafb1a6a..96b0e66406ec 100644
--- a/include/net/ip6_route.h
+++ b/include/net/ip6_route.h
@@ -139,16 +139,22 @@ extern rwlock_t rt6_lock;
 /*
 *      Store a destination cache entry in a socket
 */
-static inline void ip6_dst_store(struct sock *sk, struct dst_entry *dst,
+static inline void __ip6_dst_store(struct sock *sk, struct dst_entry *dst,
-                                     struct in6_addr *daddr)
+                                   struct in6_addr *daddr)
 {
        struct ipv6_pinfo *np = inet6_sk(sk);
        struct rt6_info *rt = (struct rt6_info *) dst;
-        write_lock(&sk->sk_dst_lock);
        sk_setup_caps(sk, dst);
        np->daddr_cache = daddr;
        np->dst_cookie = rt->rt6i_node ? rt->rt6i_node->fn_sernum : 0;
+}
+static inline void ip6_dst_store(struct sock *sk, struct dst_entry *dst,
+                                 struct in6_addr *daddr)
+{
+        write_lock(&sk->sk_dst_lock);
+        __ip6_dst_store(sk, dst, daddr);
        write_unlock(&sk->sk_dst_lock);
 }
diff --git a/include/net/ipv6.h b/include/net/ipv6.h
index a8fdf7970b37..ece7e8a84ffd 100644
--- a/include/net/ipv6.h
+++ b/include/net/ipv6.h
@@ -468,6 +468,9 @@ extern void			ip6_flush_pending_frames(struct sock *sk);
 extern int                      ip6_dst_lookup(struct sock *sk,
                                               struct dst_entry **dst,
                                               struct flowi *fl);
+extern int                      ip6_sk_dst_lookup(struct sock *sk,
+                                                  struct dst_entry **dst,
+                                                  struct flowi *fl);
 /*
 *      skb processing functions
diff --git a/include/net/netdma.h b/include/net/netdma.h
index ceae5ee85c04..7f53cd1d8b1e 100644
--- a/include/net/netdma.h
+++ b/include/net/netdma.h
@@ -29,7 +29,7 @@ static inline struct dma_chan *get_softnet_dma(void)
 {
        struct dma_chan *chan;
        rcu_read_lock();
-        chan = rcu_dereference(__get_cpu_var(softnet_data.net_dma));
+        chan = rcu_dereference(__get_cpu_var(softnet_data).net_dma);
        if (chan)
                dma_chan_get(chan);
        rcu_read_unlock();
diff --git a/include/net/netevent.h b/include/net/netevent.h
new file mode 100644
index 000000000000..e5d216241423
--- /dev/null
+++ b/include/net/netevent.h
@@ -0,0 +1,33 @@
+#ifndef _NET_EVENT_H
+#define _NET_EVENT_H
+/*
+ *      Generic netevent notifiers
+ *
+ *      Authors:
+ *      Tom Tucker              <tom@opengridcomputing.com>
+ *      Steve Wise              <swise@opengridcomputing.com>
+ *
+ *      Changes:
+ */
+#ifdef __KERNEL__
+#include <net/dst.h>
+struct netevent_redirect {
+        struct dst_entry *old;
+        struct dst_entry *new;
+};
+enum netevent_notif_type {
+        NETEVENT_NEIGH_UPDATE = 1, /* arg is struct neighbour ptr */
+        NETEVENT_PMTU_UPDATE,      /* arg is struct dst_entry ptr */
+        NETEVENT_REDIRECT,         /* arg is struct netevent_redirect ptr */
+};
+extern int register_netevent_notifier(struct notifier_block *nb);
+extern int unregister_netevent_notifier(struct notifier_block *nb);
+extern int call_netevent_notifiers(unsigned long val, void *v);
+#endif
+#endif
diff --git a/include/net/scm.h b/include/net/scm.h
index 02daa097cdcd..5637d5e22d5f 100644
--- a/include/net/scm.h
+++ b/include/net/scm.h
@@ -3,6 +3,7 @@
 #include <linux/limits.h>
 #include <linux/net.h>
+#include <linux/security.h>
 /* Well, we should have at least one descriptor open
 * to accept passed FDs 8)
@@ -20,8 +21,7 @@ struct scm_cookie
        struct ucred            creds;          /* Skb credentials      */
        struct scm_fp_list      *fp;            /* Passed files         */
 #ifdef CONFIG_SECURITY_NETWORK
-        char                    *secdata;       /* Security context     */
+        u32                     secid;          /* Passed security ID   */
-        u32                     seclen;         /* Security length      */
 #endif
        unsigned long           seq;            /* Connection seqno     */
 };
@@ -32,6 +32,16 @@ extern int __scm_send(struct socket *sock, struct msghdr *msg, struct scm_cookie
 extern void __scm_destroy(struct scm_cookie *scm);
 extern struct scm_fp_list * scm_fp_dup(struct scm_fp_list *fpl);
+#ifdef CONFIG_SECURITY_NETWORK
+static __inline__ void unix_get_peersec_dgram(struct socket *sock, struct scm_cookie *scm)
+{
+        security_socket_getpeersec_dgram(sock, NULL, &scm->secid);
+}
+#else
+static __inline__ void unix_get_peersec_dgram(struct socket *sock, struct scm_cookie *scm)
+{ }
+#endif /* CONFIG_SECURITY_NETWORK */
 static __inline__ void scm_destroy(struct scm_cookie *scm)
 {
        if (scm && scm->fp)
@@ -47,6 +57,7 @@ static __inline__ int scm_send(struct socket *sock, struct msghdr *msg,
        scm->creds.pid = p->tgid;
        scm->fp = NULL;
        scm->seq = 0;
+        unix_get_peersec_dgram(sock, scm);
        if (msg->msg_controllen <= 0)
                return 0;
        return __scm_send(sock, msg, scm);
@@ -55,8 +66,18 @@ static __inline__ int scm_send(struct socket *sock, struct msghdr *msg,
 #ifdef CONFIG_SECURITY_NETWORK
 static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm)
 {
-        if (test_bit(SOCK_PASSSEC, &sock->flags) && scm->secdata != NULL)
+        char *secdata;
-                put_cmsg(msg, SOL_SOCKET, SCM_SECURITY, scm->seclen, scm->secdata);
+        u32 seclen;
+        int err;
+        if (test_bit(SOCK_PASSSEC, &sock->flags)) {
+                err = security_secid_to_secctx(scm->secid, &secdata, &seclen);
+                if (!err) {
+                        put_cmsg(msg, SOL_SOCKET, SCM_SECURITY, seclen, secdata);
+                        security_release_secctx(secdata, seclen);
+                }
+        }
 }
 #else
 static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm)
diff --git a/include/net/tcp.h b/include/net/tcp.h
index 0720bddff1e9..7a093d0aa0fe 100644
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -914,6 +914,9 @@ static inline void tcp_set_state(struct sock *sk, int state)
 static inline void tcp_done(struct sock *sk)
 {
+        if(sk->sk_state == TCP_SYN_SENT || sk->sk_state == TCP_SYN_RECV)
+                TCP_INC_STATS_BH(TCP_MIB_ATTEMPTFAILS);
        tcp_set_state(sk, TCP_CLOSE);
        tcp_clear_xmit_timers(sk);
author	Linus Torvalds <torvalds@g5.osdl.org>	2006-08-03 01:35:26 -0400
committer	Linus Torvalds <torvalds@g5.osdl.org>	2006-08-03 01:35:26 -0400
commit	46f5960fdbf359f0c75989854bbaebc1de7a1eb4 (patch)
tree	132d8d0eba110342bb88fcce2519c441ac771162 /include
parent	90eb29efd0ca9301d80d03ea13662d32436f060e (diff)
parent	29bbd72d6ee1dbf2d9f00d022f8e999aa528fb3a (diff)

diff --git a/include/linux/netfilter_bridge.h b/include/linux/netfilter_bridge.h index 31f02ba036ce..10c13dc4665b 100644 --- a/include/linux/netfilter_bridge.h +++ b/include/linux/netfilter_bridge.h
@@ -6,7 +6,6 @@
6		6
7	#include <linux/netfilter.h>	7	#include <linux/netfilter.h>
8	#if defined(__KERNEL__) && defined(CONFIG_BRIDGE_NETFILTER)	8	#if defined(__KERNEL__) && defined(CONFIG_BRIDGE_NETFILTER)
9	#include <asm/atomic.h>
10	#include <linux/if_ether.h>	9	#include <linux/if_ether.h>
11	#endif	10	#endif
12		11


diff --git a/include/linux/security.h b/include/linux/security.h index f75303831d09..6bc2aad494ff 100644 --- a/include/linux/security.h +++ b/include/linux/security.h
@@ -1109,6 +1109,16 @@ struct swap_info_struct;
1109	* @name contains the name of the security module being unstacked.	1109	* @name contains the name of the security module being unstacked.
1110	* @ops contains a pointer to the struct security_operations of the module to unstack.	1110	* @ops contains a pointer to the struct security_operations of the module to unstack.
1111	*	1111	*
		1112	* @secid_to_secctx:
		1113	* Convert secid to security context.
		1114	* @secid contains the security ID.
		1115	* @secdata contains the pointer that stores the converted security context.
		1116	*
		1117	* @release_secctx:
		1118	* Release the security context.
		1119	* @secdata contains the security context.
		1120	* @seclen contains the length of the security context.
		1121	*
1112	* This is the main security structure.	1122	* This is the main security structure.
1113	*/	1123	*/
1114	struct security_operations {	1124	struct security_operations {
@@ -1289,6 +1299,8 @@ struct security_operations {
1289		1299
1290	int (getprocattr)(struct task_struct p, char name, void value, size_t size);	1300	int (getprocattr)(struct task_struct p, char name, void value, size_t size);
1291	int (setprocattr)(struct task_struct p, char name, void value, size_t size);	1301	int (setprocattr)(struct task_struct p, char name, void value, size_t size);
		1302	int (secid_to_secctx)(u32 secid, char secdata, u32 seclen);
		1303	void (release_secctx)(char secdata, u32 seclen);
1292		1304
1293	#ifdef CONFIG_SECURITY_NETWORK	1305	#ifdef CONFIG_SECURITY_NETWORK
1294	int (unix_stream_connect) (struct socket sock,	1306	int (unix_stream_connect) (struct socket sock,
@@ -1317,7 +1329,7 @@ struct security_operations {
1317	int (socket_shutdown) (struct socket sock, int how);	1329	int (socket_shutdown) (struct socket sock, int how);
1318	int (socket_sock_rcv_skb) (struct sock sk, struct sk_buff * skb);	1330	int (socket_sock_rcv_skb) (struct sock sk, struct sk_buff * skb);
1319	int (socket_getpeersec_stream) (struct socket sock, char __user optval, int __user optlen, unsigned len);	1331	int (socket_getpeersec_stream) (struct socket sock, char __user optval, int __user optlen, unsigned len);
1320	int (socket_getpeersec_dgram) (struct sk_buff skb, char *secdata, u32 seclen);	1332	int (socket_getpeersec_dgram) (struct socket sock, struct sk_buff skb, u32 secid);
1321	int (sk_alloc_security) (struct sock sk, int family, gfp_t priority);	1333	int (sk_alloc_security) (struct sock sk, int family, gfp_t priority);
1322	void (sk_free_security) (struct sock sk);	1334	void (sk_free_security) (struct sock sk);
1323	unsigned int (sk_getsid) (struct sock sk, struct flowi *fl, u8 dir);	1335	unsigned int (sk_getsid) (struct sock sk, struct flowi *fl, u8 dir);
@@ -2059,6 +2071,16 @@ static inline int security_netlink_recv(struct sk_buff * skb, int cap)
2059	return security_ops->netlink_recv(skb, cap);	2071	return security_ops->netlink_recv(skb, cap);
2060	}	2072	}
2061		2073
		2074	static inline int security_secid_to_secctx(u32 secid, char *secdata, u32 seclen)
		2075	{
		2076	return security_ops->secid_to_secctx(secid, secdata, seclen);
		2077	}
		2078
		2079	static inline void security_release_secctx(char *secdata, u32 seclen)
		2080	{
		2081	return security_ops->release_secctx(secdata, seclen);
		2082	}
		2083
2062	/* prototypes */	2084	/* prototypes */
2063	extern int security_init (void);	2085	extern int security_init (void);
2064	extern int register_security (struct security_operations *ops);	2086	extern int register_security (struct security_operations *ops);
@@ -2725,6 +2747,14 @@ static inline void securityfs_remove(struct dentry *dentry)
2725	{	2747	{
2726	}	2748	}
2727		2749
		2750	static inline int security_secid_to_secctx(u32 secid, char *secdata, u32 seclen)
		2751	{
		2752	return -EOPNOTSUPP;
		2753	}
		2754
		2755	static inline void security_release_secctx(char *secdata, u32 seclen)
		2756	{
		2757	}
2728	#endif /* CONFIG_SECURITY */	2758	#endif /* CONFIG_SECURITY */
2729		2759
2730	#ifdef CONFIG_SECURITY_NETWORK	2760	#ifdef CONFIG_SECURITY_NETWORK
@@ -2840,10 +2870,9 @@ static inline int security_socket_getpeersec_stream(struct socket *sock, char __
2840	return security_ops->socket_getpeersec_stream(sock, optval, optlen, len);	2870	return security_ops->socket_getpeersec_stream(sock, optval, optlen, len);
2841	}	2871	}
2842		2872
2843	static inline int security_socket_getpeersec_dgram(struct sk_buff skb, char *secdata,	2873	static inline int security_socket_getpeersec_dgram(struct socket sock, struct sk_buff skb, u32 *secid)
2844	u32 *seclen)
2845	{	2874	{
2846	return security_ops->socket_getpeersec_dgram(skb, secdata, seclen);	2875	return security_ops->socket_getpeersec_dgram(sock, skb, secid);
2847	}	2876	}
2848		2877
2849	static inline int security_sk_alloc(struct sock *sk, int family, gfp_t priority)	2878	static inline int security_sk_alloc(struct sock *sk, int family, gfp_t priority)
@@ -2968,8 +2997,7 @@ static inline int security_socket_getpeersec_stream(struct socket *sock, char __
2968	return -ENOPROTOOPT;	2997	return -ENOPROTOOPT;
2969	}	2998	}
2970		2999
2971	static inline int security_socket_getpeersec_dgram(struct sk_buff skb, char *secdata,	3000	static inline int security_socket_getpeersec_dgram(struct socket sock, struct sk_buff skb, u32 *secid)
2972	u32 *seclen)
2973	{	3001	{
2974	return -ENOPROTOOPT;	3002	return -ENOPROTOOPT;
2975	}	3003	}


diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h index 4307e764ef0a..19c96d498e20 100644 --- a/include/linux/skbuff.h +++ b/include/linux/skbuff.h
@@ -604,12 +604,17 @@ static inline __u32 skb_queue_len(const struct sk_buff_head *list_)
604	return list_->qlen;	604	return list_->qlen;
605	}	605	}
606		606
607	extern struct lock_class_key skb_queue_lock_key;	607	/*
608		608	* This function creates a split out lock class for each invocation;
		609	* this is needed for now since a whole lot of users of the skb-queue
		610	* infrastructure in drivers have different locking usage (in hardirq)
		611	* than the networking core (in softirq only). In the long run either the
		612	* network layer or drivers should need annotation to consolidate the
		613	* main types of usage into 3 classes.
		614	*/
609	static inline void skb_queue_head_init(struct sk_buff_head *list)	615	static inline void skb_queue_head_init(struct sk_buff_head *list)
610	{	616	{
611	spin_lock_init(&list->lock);	617	spin_lock_init(&list->lock);
612	lockdep_set_class(&list->lock, &skb_queue_lock_key);
613	list->prev = list->next = (struct sk_buff *)list;	618	list->prev = list->next = (struct sk_buff *)list;
614	list->qlen = 0;	619	list->qlen = 0;
615	}	620	}
@@ -1104,6 +1109,28 @@ static inline struct sk_buff *dev_alloc_skb(unsigned int length)
1104	return __dev_alloc_skb(length, GFP_ATOMIC);	1109	return __dev_alloc_skb(length, GFP_ATOMIC);
1105	}	1110	}
1106		1111
		1112	extern struct sk_buff __netdev_alloc_skb(struct net_device dev,
		1113	unsigned int length, gfp_t gfp_mask);
		1114
		1115	/**
		1116	* netdev_alloc_skb - allocate an skbuff for rx on a specific device
		1117	* @dev: network device to receive on
		1118	* @length: length to allocate
		1119	*
		1120	* Allocate a new &sk_buff and assign it a usage count of one. The
		1121	* buffer has unspecified headroom built in. Users should allocate
		1122	* the headroom they think they need without accounting for the
		1123	* built in space. The built in space is used for optimisations.
		1124	*
		1125	* %NULL is returned if there is no free memory. Although this function
		1126	* allocates memory it can be called from an interrupt.
		1127	*/
		1128	static inline struct sk_buff netdev_alloc_skb(struct net_device dev,
		1129	unsigned int length)
		1130	{
		1131	return __netdev_alloc_skb(dev, length, GFP_ATOMIC);
		1132	}
		1133
1107	/**	1134	/**
1108	* skb_cow - copy header of skb when it is required	1135	* skb_cow - copy header of skb when it is required
1109	* @skb: buffer to cow	1136	* @skb: buffer to cow


diff --git a/include/net/af_unix.h b/include/net/af_unix.h index 2fec827c8801..c0398f5a8cb9 100644 --- a/include/net/af_unix.h +++ b/include/net/af_unix.h
@@ -54,15 +54,13 @@ struct unix_skb_parms {
54	struct ucred creds; /* Skb credentials */	54	struct ucred creds; /* Skb credentials */
55	struct scm_fp_list fp; / Passed files */	55	struct scm_fp_list fp; / Passed files */
56	#ifdef CONFIG_SECURITY_NETWORK	56	#ifdef CONFIG_SECURITY_NETWORK
57	char secdata; / Security context */	57	u32 secid; /* Security ID */
58	u32 seclen; /* Security length */
59	#endif	58	#endif
60	};	59	};
61		60
62	#define UNIXCB(skb) ((struct unix_skb_parms)&((skb)->cb))	61	#define UNIXCB(skb) ((struct unix_skb_parms)&((skb)->cb))
63	#define UNIXCREDS(skb) (&UNIXCB((skb)).creds)	62	#define UNIXCREDS(skb) (&UNIXCB((skb)).creds)
64	#define UNIXSECDATA(skb) (&UNIXCB((skb)).secdata)	63	#define UNIXSID(skb) (&UNIXCB((skb)).secid)
65	#define UNIXSECLEN(skb) (&UNIXCB((skb)).seclen)
66		64
67	#define unix_state_rlock(s) spin_lock(&unix_sk(s)->lock)	65	#define unix_state_rlock(s) spin_lock(&unix_sk(s)->lock)
68	#define unix_state_runlock(s) spin_unlock(&unix_sk(s)->lock)	66	#define unix_state_runlock(s) spin_unlock(&unix_sk(s)->lock)


diff --git a/include/net/ip6_route.h b/include/net/ip6_route.h index ab29dafb1a6a..96b0e66406ec 100644 --- a/include/net/ip6_route.h +++ b/include/net/ip6_route.h
@@ -139,16 +139,22 @@ extern rwlock_t rt6_lock;
139	/*	139	/*
140	* Store a destination cache entry in a socket	140	* Store a destination cache entry in a socket
141	*/	141	*/
142	static inline void ip6_dst_store(struct sock sk, struct dst_entry dst,	142	static inline void __ip6_dst_store(struct sock sk, struct dst_entry dst,
143	struct in6_addr *daddr)	143	struct in6_addr *daddr)
144	{	144	{
145	struct ipv6_pinfo *np = inet6_sk(sk);	145	struct ipv6_pinfo *np = inet6_sk(sk);
146	struct rt6_info rt = (struct rt6_info ) dst;	146	struct rt6_info rt = (struct rt6_info ) dst;
147		147
148	write_lock(&sk->sk_dst_lock);
149	sk_setup_caps(sk, dst);	148	sk_setup_caps(sk, dst);
150	np->daddr_cache = daddr;	149	np->daddr_cache = daddr;
151	np->dst_cookie = rt->rt6i_node ? rt->rt6i_node->fn_sernum : 0;	150	np->dst_cookie = rt->rt6i_node ? rt->rt6i_node->fn_sernum : 0;
		151	}
		152
		153	static inline void ip6_dst_store(struct sock sk, struct dst_entry dst,
		154	struct in6_addr *daddr)
		155	{
		156	write_lock(&sk->sk_dst_lock);
		157	__ip6_dst_store(sk, dst, daddr);
152	write_unlock(&sk->sk_dst_lock);	158	write_unlock(&sk->sk_dst_lock);
153	}	159	}
154		160


diff --git a/include/net/ipv6.h b/include/net/ipv6.h index a8fdf7970b37..ece7e8a84ffd 100644 --- a/include/net/ipv6.h +++ b/include/net/ipv6.h
@@ -468,6 +468,9 @@ extern void ip6_flush_pending_frames(struct sock *sk);
468	extern int ip6_dst_lookup(struct sock *sk,	468	extern int ip6_dst_lookup(struct sock *sk,
469	struct dst_entry **dst,	469	struct dst_entry **dst,
470	struct flowi *fl);	470	struct flowi *fl);
		471	extern int ip6_sk_dst_lookup(struct sock *sk,
		472	struct dst_entry **dst,
		473	struct flowi *fl);
471		474
472	/*	475	/*
473	* skb processing functions	476	* skb processing functions


diff --git a/include/net/netdma.h b/include/net/netdma.h index ceae5ee85c04..7f53cd1d8b1e 100644 --- a/include/net/netdma.h +++ b/include/net/netdma.h
@@ -29,7 +29,7 @@ static inline struct dma_chan *get_softnet_dma(void)
29	{	29	{
30	struct dma_chan *chan;	30	struct dma_chan *chan;
31	rcu_read_lock();	31	rcu_read_lock();
32	chan = rcu_dereference(__get_cpu_var(softnet_data.net_dma));	32	chan = rcu_dereference(__get_cpu_var(softnet_data).net_dma);
33	if (chan)	33	if (chan)
34	dma_chan_get(chan);	34	dma_chan_get(chan);
35	rcu_read_unlock();	35	rcu_read_unlock();


diff --git a/include/net/netevent.h b/include/net/netevent.h new file mode 100644 index 000000000000..e5d216241423 --- /dev/null +++ b/include/net/netevent.h
@@ -0,0 +1,33 @@
		1	#ifndef _NET_EVENT_H
		2	#define _NET_EVENT_H
		3
		4	/*
		5	* Generic netevent notifiers
		6	*
		7	* Authors:
		8	* Tom Tucker <tom@opengridcomputing.com>
		9	* Steve Wise <swise@opengridcomputing.com>
		10	*
		11	* Changes:
		12	*/
		13	#ifdef __KERNEL__
		14
		15	#include <net/dst.h>
		16
		17	struct netevent_redirect {
		18	struct dst_entry *old;
		19	struct dst_entry *new;
		20	};
		21
		22	enum netevent_notif_type {
		23	NETEVENT_NEIGH_UPDATE = 1, /* arg is struct neighbour ptr */
		24	NETEVENT_PMTU_UPDATE, /* arg is struct dst_entry ptr */
		25	NETEVENT_REDIRECT, /* arg is struct netevent_redirect ptr */
		26	};
		27
		28	extern int register_netevent_notifier(struct notifier_block *nb);
		29	extern int unregister_netevent_notifier(struct notifier_block *nb);
		30	extern int call_netevent_notifiers(unsigned long val, void *v);
		31
		32	#endif
		33	#endif


diff --git a/include/net/scm.h b/include/net/scm.h index 02daa097cdcd..5637d5e22d5f 100644 --- a/include/net/scm.h +++ b/include/net/scm.h
@@ -3,6 +3,7 @@
3		3
4	#include <linux/limits.h>	4	#include <linux/limits.h>
5	#include <linux/net.h>	5	#include <linux/net.h>
		6	#include <linux/security.h>
6		7
7	/* Well, we should have at least one descriptor open	8	/* Well, we should have at least one descriptor open
8	* to accept passed FDs 8)	9	* to accept passed FDs 8)
@@ -20,8 +21,7 @@ struct scm_cookie
20	struct ucred creds; /* Skb credentials */	21	struct ucred creds; /* Skb credentials */
21	struct scm_fp_list fp; / Passed files */	22	struct scm_fp_list fp; / Passed files */
22	#ifdef CONFIG_SECURITY_NETWORK	23	#ifdef CONFIG_SECURITY_NETWORK
23	char secdata; / Security context */	24	u32 secid; /* Passed security ID */
24	u32 seclen; /* Security length */
25	#endif	25	#endif
26	unsigned long seq; /* Connection seqno */	26	unsigned long seq; /* Connection seqno */
27	};	27	};
@@ -32,6 +32,16 @@ extern int __scm_send(struct socket sock, struct msghdr msg, struct scm_cookie
32	extern void __scm_destroy(struct scm_cookie *scm);	32	extern void __scm_destroy(struct scm_cookie *scm);
33	extern struct scm_fp_list * scm_fp_dup(struct scm_fp_list *fpl);	33	extern struct scm_fp_list * scm_fp_dup(struct scm_fp_list *fpl);
34		34
		35	#ifdef CONFIG_SECURITY_NETWORK
		36	static __inline__ void unix_get_peersec_dgram(struct socket sock, struct scm_cookie scm)
		37	{
		38	security_socket_getpeersec_dgram(sock, NULL, &scm->secid);
		39	}
		40	#else
		41	static __inline__ void unix_get_peersec_dgram(struct socket sock, struct scm_cookie scm)
		42	{ }
		43	#endif /* CONFIG_SECURITY_NETWORK */
		44
35	static __inline__ void scm_destroy(struct scm_cookie *scm)	45	static __inline__ void scm_destroy(struct scm_cookie *scm)
36	{	46	{
37	if (scm && scm->fp)	47	if (scm && scm->fp)
@@ -47,6 +57,7 @@ static __inline__ int scm_send(struct socket sock, struct msghdr msg,
47	scm->creds.pid = p->tgid;	57	scm->creds.pid = p->tgid;
48	scm->fp = NULL;	58	scm->fp = NULL;
49	scm->seq = 0;	59	scm->seq = 0;
		60	unix_get_peersec_dgram(sock, scm);
50	if (msg->msg_controllen <= 0)	61	if (msg->msg_controllen <= 0)
51	return 0;	62	return 0;
52	return __scm_send(sock, msg, scm);	63	return __scm_send(sock, msg, scm);
@@ -55,8 +66,18 @@ static __inline__ int scm_send(struct socket sock, struct msghdr msg,
55	#ifdef CONFIG_SECURITY_NETWORK	66	#ifdef CONFIG_SECURITY_NETWORK
56	static inline void scm_passec(struct socket sock, struct msghdr msg, struct scm_cookie *scm)	67	static inline void scm_passec(struct socket sock, struct msghdr msg, struct scm_cookie *scm)
57	{	68	{
58	if (test_bit(SOCK_PASSSEC, &sock->flags) && scm->secdata != NULL)	69	char *secdata;
59	put_cmsg(msg, SOL_SOCKET, SCM_SECURITY, scm->seclen, scm->secdata);	70	u32 seclen;
		71	int err;
		72
		73	if (test_bit(SOCK_PASSSEC, &sock->flags)) {
		74	err = security_secid_to_secctx(scm->secid, &secdata, &seclen);
		75
		76	if (!err) {
		77	put_cmsg(msg, SOL_SOCKET, SCM_SECURITY, seclen, secdata);
		78	security_release_secctx(secdata, seclen);
		79	}
		80	}
60	}	81	}
61	#else	82	#else
62	static inline void scm_passec(struct socket sock, struct msghdr msg, struct scm_cookie *scm)	83	static inline void scm_passec(struct socket sock, struct msghdr msg, struct scm_cookie *scm)


diff --git a/include/net/tcp.h b/include/net/tcp.h index 0720bddff1e9..7a093d0aa0fe 100644 --- a/include/net/tcp.h +++ b/include/net/tcp.h
@@ -914,6 +914,9 @@ static inline void tcp_set_state(struct sock *sk, int state)
914		914
915	static inline void tcp_done(struct sock *sk)	915	static inline void tcp_done(struct sock *sk)
916	{	916	{
		917	if(sk->sk_state == TCP_SYN_SENT \|\| sk->sk_state == TCP_SYN_RECV)
		918	TCP_INC_STATS_BH(TCP_MIB_ATTEMPTFAILS);
		919
917	tcp_set_state(sk, TCP_CLOSE);	920	tcp_set_state(sk, TCP_CLOSE);
918	tcp_clear_xmit_timers(sk);	921	tcp_clear_xmit_timers(sk);
919		922