Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6

* 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6: (24 commits) xfrm: Add security check before flushing SAD/SPD [NET_SCHED]: Fix filter double free [NET]: Avoid duplicate netlink notification when changing link state [UDP]: Revert 2-pass hashing changes. [AF_UNIX]: Fix stream recvmsg() race. [NETFILTER]: nf_conntrack_amanda: fix textsearch_prepare() error check [NETFILTER]: ip_tables: fix compat related crash [NETFILTER]: nf_conntrack: fix helper module unload races [RTNETLINK]: ifindex 0 does not exist [NETLINK]: Mark netlink policies const [TCP] tcp_probe: Attach printf attribute properly to printl(). [TCP]: Use LIMIT_NETDEBUG in tcp_retransmit_timer(). [NET]: Merge dst_discard_in and dst_discard_out. [RFKILL]: Make rfkill->name const [IPV4]: Restore old behaviour of default config values [IPV4]: Add default config support after inetdev_init [IPV4]: Convert IPv4 devconf to an array [IPV4]: Only panic if inetdev_init fails for loopback [TCP]: Honour sk_bound_dev_if in tcp_v4_send_ack [BNX2]: Update version and reldate. ...
author: Linus Torvalds <torvalds@woody.linux-foundation.org> 2007-06-07 20:08:06 -0400
committer: Linus Torvalds <torvalds@woody.linux-foundation.org> 2007-06-07 20:08:06 -0400
commit: df3872a9664667edae729361c9948b652de5c6f4 (patch)
tree: d191c1e6413f82b7a3f074a29b2d1fb92476d30f /include
parent: e5e3c84b70e58fc605635fd340fb8dba3cc59058 (diff)
parent: 4aa2e62c45b5ca08be2d0d3c0744d7585b56e860 (diff)
11 files changed, 98 insertions, 63 deletions
diff --git a/include/linux/inetdevice.h b/include/linux/inetdevice.h
index c0f7aec331c2..ae04901aa09a 100644
--- a/include/linux/inetdevice.h
+++ b/include/linux/inetdevice.h
@@ -3,6 +3,7 @@
 #ifdef __KERNEL__
+#include <linux/bitmap.h>
 #include <linux/if.h>
 #include <linux/netdevice.h>
 #include <linux/rcupdate.h>
@@ -10,28 +11,9 @@
 struct ipv4_devconf
 {
-        int     accept_redirects;
-        int     send_redirects;
-        int     secure_redirects;
-        int     shared_media;
-        int     accept_source_route;
-        int     rp_filter;
-        int     proxy_arp;
-        int     bootp_relay;
-        int     log_martians;
-        int     forwarding;
-        int     mc_forwarding;
-        int     tag;
-        int     arp_filter;
-        int     arp_announce;
-        int     arp_ignore;
-        int     arp_accept;
-        int     medium_id;
-        int     no_xfrm;
-        int     no_policy;
-        int     force_igmp_version;
-        int     promote_secondaries;
        void    *sysctl;
+        int     data[__NET_IPV4_CONF_MAX - 1];
+        DECLARE_BITMAP(state, __NET_IPV4_CONF_MAX - 1);
 };
 extern struct ipv4_devconf ipv4_devconf;
@@ -60,30 +42,70 @@ struct in_device
        struct rcu_head         rcu_head;
 };
-#define IN_DEV_FORWARD(in_dev)          ((in_dev)->cnf.forwarding)
+#define IPV4_DEVCONF(cnf, attr) ((cnf).data[NET_IPV4_CONF_ ## attr - 1])
-#define IN_DEV_MFORWARD(in_dev)         (ipv4_devconf.mc_forwarding && (in_dev)->cnf.mc_forwarding)
+#define IPV4_DEVCONF_ALL(attr) IPV4_DEVCONF(ipv4_devconf, attr)
-#define IN_DEV_RPFILTER(in_dev)         (ipv4_devconf.rp_filter && (in_dev)->cnf.rp_filter)
-#define IN_DEV_SOURCE_ROUTE(in_dev)     (ipv4_devconf.accept_source_route && (in_dev)->cnf.accept_source_route)
+static inline int ipv4_devconf_get(struct in_device *in_dev, int index)
-#define IN_DEV_BOOTP_RELAY(in_dev)      (ipv4_devconf.bootp_relay && (in_dev)->cnf.bootp_relay)
+{
+        index--;
-#define IN_DEV_LOG_MARTIANS(in_dev)     (ipv4_devconf.log_martians || (in_dev)->cnf.log_martians)
+        return in_dev->cnf.data[index];
-#define IN_DEV_PROXY_ARP(in_dev)        (ipv4_devconf.proxy_arp || (in_dev)->cnf.proxy_arp)
+}
-#define IN_DEV_SHARED_MEDIA(in_dev)     (ipv4_devconf.shared_media || (in_dev)->cnf.shared_media)
-#define IN_DEV_TX_REDIRECTS(in_dev)     (ipv4_devconf.send_redirects || (in_dev)->cnf.send_redirects)
+static inline void ipv4_devconf_set(struct in_device *in_dev, int index,
-#define IN_DEV_SEC_REDIRECTS(in_dev)    (ipv4_devconf.secure_redirects || (in_dev)->cnf.secure_redirects)
+                                    int val)
-#define IN_DEV_IDTAG(in_dev)            ((in_dev)->cnf.tag)
+{
-#define IN_DEV_MEDIUM_ID(in_dev)        ((in_dev)->cnf.medium_id)
+        index--;
-#define IN_DEV_PROMOTE_SECONDARIES(in_dev)      (ipv4_devconf.promote_secondaries || (in_dev)->cnf.promote_secondaries)
+        set_bit(index, in_dev->cnf.state);
+        in_dev->cnf.data[index] = val;
+}
+static inline void ipv4_devconf_setall(struct in_device *in_dev)
+{
+        bitmap_fill(in_dev->cnf.state, __NET_IPV4_CONF_MAX - 1);
+}
+#define IN_DEV_CONF_GET(in_dev, attr) \
+        ipv4_devconf_get((in_dev), NET_IPV4_CONF_ ## attr)
+#define IN_DEV_CONF_SET(in_dev, attr, val) \
+        ipv4_devconf_set((in_dev), NET_IPV4_CONF_ ## attr, (val))
+#define IN_DEV_ANDCONF(in_dev, attr) \
+        (IPV4_DEVCONF_ALL(attr) && IN_DEV_CONF_GET((in_dev), attr))
+#define IN_DEV_ORCONF(in_dev, attr) \
+        (IPV4_DEVCONF_ALL(attr) || IN_DEV_CONF_GET((in_dev), attr))
+#define IN_DEV_MAXCONF(in_dev, attr) \
+        (max(IPV4_DEVCONF_ALL(attr), IN_DEV_CONF_GET((in_dev), attr)))
+#define IN_DEV_FORWARD(in_dev)          IN_DEV_CONF_GET((in_dev), FORWARDING)
+#define IN_DEV_MFORWARD(in_dev)         (IPV4_DEVCONF_ALL(MC_FORWARDING) && \
+                                         IPV4_DEVCONF((in_dev)->cnf, \
+                                                      MC_FORWARDING))
+#define IN_DEV_RPFILTER(in_dev)         IN_DEV_ANDCONF((in_dev), RP_FILTER)
+#define IN_DEV_SOURCE_ROUTE(in_dev)     IN_DEV_ANDCONF((in_dev), \
+                                                       ACCEPT_SOURCE_ROUTE)
+#define IN_DEV_BOOTP_RELAY(in_dev)      IN_DEV_ANDCONF((in_dev), BOOTP_RELAY)
+#define IN_DEV_LOG_MARTIANS(in_dev)     IN_DEV_ORCONF((in_dev), LOG_MARTIANS)
+#define IN_DEV_PROXY_ARP(in_dev)        IN_DEV_ORCONF((in_dev), PROXY_ARP)
+#define IN_DEV_SHARED_MEDIA(in_dev)     IN_DEV_ORCONF((in_dev), SHARED_MEDIA)
+#define IN_DEV_TX_REDIRECTS(in_dev)     IN_DEV_ORCONF((in_dev), SEND_REDIRECTS)
+#define IN_DEV_SEC_REDIRECTS(in_dev)    IN_DEV_ORCONF((in_dev), \
+                                                      SECURE_REDIRECTS)
+#define IN_DEV_IDTAG(in_dev)            IN_DEV_CONF_GET(in_dev, TAG)
+#define IN_DEV_MEDIUM_ID(in_dev)        IN_DEV_CONF_GET(in_dev, MEDIUM_ID)
+#define IN_DEV_PROMOTE_SECONDARIES(in_dev) \
+                                        IN_DEV_ORCONF((in_dev), \
+                                                      PROMOTE_SECONDARIES)
 #define IN_DEV_RX_REDIRECTS(in_dev) \
        ((IN_DEV_FORWARD(in_dev) && \
-          (ipv4_devconf.accept_redirects && (in_dev)->cnf.accept_redirects)) \
+          IN_DEV_ANDCONF((in_dev), ACCEPT_REDIRECTS)) \
         || (!IN_DEV_FORWARD(in_dev) && \
-          (ipv4_devconf.accept_redirects || (in_dev)->cnf.accept_redirects)))
+          IN_DEV_ORCONF((in_dev), ACCEPT_REDIRECTS)))
-#define IN_DEV_ARPFILTER(in_dev)        (ipv4_devconf.arp_filter || (in_dev)->cnf.arp_filter)
+#define IN_DEV_ARPFILTER(in_dev)        IN_DEV_ORCONF((in_dev), ARPFILTER)
-#define IN_DEV_ARP_ANNOUNCE(in_dev)     (max(ipv4_devconf.arp_announce, (in_dev)->cnf.arp_announce))
+#define IN_DEV_ARP_ANNOUNCE(in_dev)     IN_DEV_MAXCONF((in_dev), ARP_ANNOUNCE)
-#define IN_DEV_ARP_IGNORE(in_dev)       (max(ipv4_devconf.arp_ignore, (in_dev)->cnf.arp_ignore))
+#define IN_DEV_ARP_IGNORE(in_dev)       IN_DEV_MAXCONF((in_dev), ARP_IGNORE)
 struct in_ifaddr
 {
@@ -108,7 +130,6 @@ extern struct net_device 	*ip_dev_find(__be32 addr);
 extern int              inet_addr_onlink(struct in_device *in_dev, __be32 a, __be32 b);
 extern int              devinet_ioctl(unsigned int cmd, void __user *);
 extern void             devinet_init(void);
-extern struct in_device *inetdev_init(struct net_device *dev);
 extern struct in_device *inetdev_by_index(int);
 extern __be32           inet_select_addr(const struct net_device *dev, __be32 dst, int scope);
 extern __be32           inet_confirm_addr(const struct net_device *dev, __be32 dst, __be32 local, int scope);
diff --git a/include/linux/netfilter_ipv4/ip_tables.h b/include/linux/netfilter_ipv4/ip_tables.h
index 2f46dd728ee1..e992cd6b28f5 100644
--- a/include/linux/netfilter_ipv4/ip_tables.h
+++ b/include/linux/netfilter_ipv4/ip_tables.h
@@ -264,6 +264,26 @@ ipt_get_target(struct ipt_entry *e)
        __ret;                                                  \
 })
+/* fn returns 0 to continue iteration */
+#define IPT_ENTRY_ITERATE_CONTINUE(entries, size, n, fn, args...) \
+({                                                              \
+        unsigned int __i, __n;                                  \
+        int __ret = 0;                                          \
+        struct ipt_entry *__entry;                              \
+                                                                \
+        for (__i = 0, __n = 0; __i < (size);                    \
+             __i += __entry->next_offset, __n++) {              \
+                __entry = (void *)(entries) + __i;              \
+                if (__n < n)                                    \
+                        continue;                               \
+                                                                \
+                __ret = fn(__entry , ## args);                  \
+                if (__ret != 0)                                 \
+                        break;                                  \
+        }                                                       \
+        __ret;                                                  \
+})
 /*
 *      Main firewall chains definitions and global var's definitions.
 */
diff --git a/include/linux/rfkill.h b/include/linux/rfkill.h
index 7c1ffbab7865..a8a6ea809da0 100644
--- a/include/linux/rfkill.h
+++ b/include/linux/rfkill.h
@@ -63,7 +63,7 @@ enum rfkill_state {
 * This structure represents a RF switch located on a network device.
 */
 struct rfkill {
-        char *name;
+        const char *name;
        enum rfkill_type type;
        enum rfkill_state state;
diff --git a/include/net/fib_rules.h b/include/net/fib_rules.h
index ed3a8872c6ca..83e41dd15ccd 100644
--- a/include/net/fib_rules.h
+++ b/include/net/fib_rules.h
@@ -64,7 +64,7 @@ struct fib_rules_ops
        void                    (*flush_cache)(void);
        int                     nlgroup;
-        struct nla_policy       *policy;
+        const struct nla_policy *policy;
        struct list_head        *rules_list;
        struct module           *owner;
 };
diff --git a/include/net/genetlink.h b/include/net/genetlink.h
index adff4c898d50..b6eaca122db8 100644
--- a/include/net/genetlink.h
+++ b/include/net/genetlink.h
@@ -60,7 +60,7 @@ struct genl_ops
 {
        u8                      cmd;
        unsigned int            flags;
-        struct nla_policy       *policy;
+        const struct nla_policy *policy;
        int                    (*doit)(struct sk_buff *skb,
                                       struct genl_info *info);
        int                    (*dumpit)(struct sk_buff *skb,
diff --git a/include/net/ip.h b/include/net/ip.h
index bb207db03675..abf2820a1125 100644
--- a/include/net/ip.h
+++ b/include/net/ip.h
@@ -143,6 +143,7 @@ struct ip_reply_arg {
        __wsum      csum;
        int         csumoffset; /* u16 offset of csum in iov[0].iov_base */
                                /* -1 if not needed */ 
+        int         bound_dev_if;
 }; 
 void ip_send_reply(struct sock *sk, struct sk_buff *skb, struct ip_reply_arg *arg,
diff --git a/include/net/ip_fib.h b/include/net/ip_fib.h
index 5a4a0366c24f..69252cbe05b0 100644
--- a/include/net/ip_fib.h
+++ b/include/net/ip_fib.h
@@ -213,7 +213,7 @@ extern void fib_select_default(const struct flowi *flp, struct fib_result *res);
 #endif /* CONFIG_IP_MULTIPLE_TABLES */
 /* Exported by fib_frontend.c */
-extern struct nla_policy rtm_ipv4_policy[];
+extern const struct nla_policy rtm_ipv4_policy[];
 extern void             ip_fib_init(void);
 extern int fib_validate_source(__be32 src, __be32 dst, u8 tos, int oif,
                               struct net_device *dev, __be32 *spec_dst, u32 *itag);
diff --git a/include/net/netlink.h b/include/net/netlink.h
index 0bf325c29aff..7b510a9edb91 100644
--- a/include/net/netlink.h
+++ b/include/net/netlink.h
@@ -222,10 +222,10 @@ extern int		nlmsg_notify(struct sock *sk, struct sk_buff *skb,
                                     gfp_t flags);
 extern int              nla_validate(struct nlattr *head, int len, int maxtype,
-                                     struct nla_policy *policy);
+                                     const struct nla_policy *policy);
 extern int              nla_parse(struct nlattr *tb[], int maxtype,
                                  struct nlattr *head, int len,
-                                  struct nla_policy *policy);
+                                  const struct nla_policy *policy);
 extern struct nlattr *  nla_find(struct nlattr *head, int len, int attrtype);
 extern size_t           nla_strlcpy(char *dst, const struct nlattr *nla,
                                    size_t dstsize);
@@ -360,7 +360,7 @@ static inline struct nlmsghdr *nlmsg_next(struct nlmsghdr *nlh, int *remaining)
 */
 static inline int nlmsg_parse(struct nlmsghdr *nlh, int hdrlen,
                              struct nlattr *tb[], int maxtype,
-                              struct nla_policy *policy)
+                              const struct nla_policy *policy)
 {
        if (nlh->nlmsg_len < nlmsg_msg_size(hdrlen))
                return -EINVAL;
@@ -392,7 +392,7 @@ static inline struct nlattr *nlmsg_find_attr(struct nlmsghdr *nlh,
 * @policy: validation policy
 */
 static inline int nlmsg_validate(struct nlmsghdr *nlh, int hdrlen, int maxtype,
-                                 struct nla_policy *policy)
+                                 const struct nla_policy *policy)
 {
        if (nlh->nlmsg_len < nlmsg_msg_size(hdrlen))
                return -EINVAL;
@@ -729,7 +729,7 @@ static inline struct nlattr *nla_find_nested(struct nlattr *nla, int attrtype)
 */
 static inline int nla_parse_nested(struct nlattr *tb[], int maxtype,
                                   struct nlattr *nla,
-                                   struct nla_policy *policy)
+                                   const struct nla_policy *policy)
 {
        return nla_parse(tb, maxtype, nla_data(nla), nla_len(nla), policy);
 }
@@ -990,7 +990,7 @@ static inline int nla_nest_cancel(struct sk_buff *skb, struct nlattr *start)
 * Returns 0 on success or a negative error code.
 */
 static inline int nla_validate_nested(struct nlattr *start, int maxtype,
-                                      struct nla_policy *policy)
+                                      const struct nla_policy *policy)
 {
        return nla_validate(nla_data(start), nla_len(start), maxtype, policy);
 }
diff --git a/include/net/udp.h b/include/net/udp.h
index 496f89d45c8b..98755ebaf163 100644
--- a/include/net/udp.h
+++ b/include/net/udp.h
@@ -119,16 +119,9 @@ static inline void udp_lib_close(struct sock *sk, long timeout)
 }
-struct udp_get_port_ops {
-        int (*saddr_cmp)(const struct sock *sk1, const struct sock *sk2);
-        int (*saddr_any)(const struct sock *sk);
-        unsigned int (*hash_port_and_rcv_saddr)(__u16 port,
-                                                const struct sock *sk);
-};
 /* net/ipv4/udp.c */
 extern int      udp_get_port(struct sock *sk, unsigned short snum,
-                             const struct udp_get_port_ops *ops);
+                             int (*saddr_cmp)(const struct sock *, const struct sock *));
 extern void     udp_err(struct sk_buff *, u32);
 extern int      udp_sendmsg(struct kiocb *iocb, struct sock *sk,
diff --git a/include/net/udplite.h b/include/net/udplite.h
index 50b4b424d1ca..635b0eafca95 100644
--- a/include/net/udplite.h
+++ b/include/net/udplite.h
@@ -120,5 +120,5 @@ static inline __wsum udplite_csum_outgoing(struct sock *sk, struct sk_buff *skb)
 extern void     udplite4_register(void);
 extern int      udplite_get_port(struct sock *sk, unsigned short snum,
-                                 const struct udp_get_port_ops *ops);
+                        int (*scmp)(const struct sock *, const struct sock *));
 #endif  /* _UDPLITE_H */
diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index 90185e8b335e..311f25af5e1a 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -964,7 +964,7 @@ struct xfrmk_spdinfo {
 extern struct xfrm_state *xfrm_find_acq_byseq(u32 seq);
 extern int xfrm_state_delete(struct xfrm_state *x);
-extern void xfrm_state_flush(u8 proto, struct xfrm_audit *audit_info);
+extern int xfrm_state_flush(u8 proto, struct xfrm_audit *audit_info);
 extern void xfrm_sad_getinfo(struct xfrmk_sadinfo *si);
 extern void xfrm_spd_getinfo(struct xfrmk_spdinfo *si);
 extern int xfrm_replay_check(struct xfrm_state *x, __be32 seq);
@@ -1020,13 +1020,13 @@ struct xfrm_policy *xfrm_policy_bysel_ctx(u8 type, int dir,
                                          struct xfrm_sec_ctx *ctx, int delete,
                                          int *err);
 struct xfrm_policy *xfrm_policy_byid(u8, int dir, u32 id, int delete, int *err);
-void xfrm_policy_flush(u8 type, struct xfrm_audit *audit_info);
+int xfrm_policy_flush(u8 type, struct xfrm_audit *audit_info);
 u32 xfrm_get_acqseq(void);
 void xfrm_alloc_spi(struct xfrm_state *x, __be32 minspi, __be32 maxspi);
 struct xfrm_state * xfrm_find_acq(u8 mode, u32 reqid, u8 proto,
                                  xfrm_address_t *daddr, xfrm_address_t *saddr,
                                  int create, unsigned short family);
-extern void xfrm_policy_flush(u8 type, struct xfrm_audit *audit_info);
+extern int xfrm_policy_flush(u8 type, struct xfrm_audit *audit_info);
 extern int xfrm_sk_policy_insert(struct sock *sk, int dir, struct xfrm_policy *pol);
 extern int xfrm_bundle_ok(struct xfrm_policy *pol, struct xfrm_dst *xdst,
                          struct flowi *fl, int family, int strict);
author	Linus Torvalds <torvalds@woody.linux-foundation.org>	2007-06-07 20:08:06 -0400
committer	Linus Torvalds <torvalds@woody.linux-foundation.org>	2007-06-07 20:08:06 -0400
commit	df3872a9664667edae729361c9948b652de5c6f4 (patch)
tree	d191c1e6413f82b7a3f074a29b2d1fb92476d30f /include
parent	e5e3c84b70e58fc605635fd340fb8dba3cc59058 (diff)
parent	4aa2e62c45b5ca08be2d0d3c0744d7585b56e860 (diff)

diff --git a/include/linux/inetdevice.h b/include/linux/inetdevice.h index c0f7aec331c2..ae04901aa09a 100644 --- a/include/linux/inetdevice.h +++ b/include/linux/inetdevice.h
@@ -3,6 +3,7 @@
3		3
4	#ifdef __KERNEL__	4	#ifdef __KERNEL__
5		5
		6	#include <linux/bitmap.h>
6	#include <linux/if.h>	7	#include <linux/if.h>
7	#include <linux/netdevice.h>	8	#include <linux/netdevice.h>
8	#include <linux/rcupdate.h>	9	#include <linux/rcupdate.h>
@@ -10,28 +11,9 @@
10		11
11	struct ipv4_devconf	12	struct ipv4_devconf
12	{	13	{
13	int accept_redirects;
14	int send_redirects;
15	int secure_redirects;
16	int shared_media;
17	int accept_source_route;
18	int rp_filter;
19	int proxy_arp;
20	int bootp_relay;
21	int log_martians;
22	int forwarding;
23	int mc_forwarding;
24	int tag;
25	int arp_filter;
26	int arp_announce;
27	int arp_ignore;
28	int arp_accept;
29	int medium_id;
30	int no_xfrm;
31	int no_policy;
32	int force_igmp_version;
33	int promote_secondaries;
34	void *sysctl;	14	void *sysctl;
		15	int data[__NET_IPV4_CONF_MAX - 1];
		16	DECLARE_BITMAP(state, __NET_IPV4_CONF_MAX - 1);
35	};	17	};
36		18
37	extern struct ipv4_devconf ipv4_devconf;	19	extern struct ipv4_devconf ipv4_devconf;
@@ -60,30 +42,70 @@ struct in_device
60	struct rcu_head rcu_head;	42	struct rcu_head rcu_head;
61	};	43	};
62		44
63	#define IN_DEV_FORWARD(in_dev) ((in_dev)->cnf.forwarding)	45	#define IPV4_DEVCONF(cnf, attr) ((cnf).data[NET_IPV4_CONF_ ## attr - 1])
64	#define IN_DEV_MFORWARD(in_dev) (ipv4_devconf.mc_forwarding && (in_dev)->cnf.mc_forwarding)	46	#define IPV4_DEVCONF_ALL(attr) IPV4_DEVCONF(ipv4_devconf, attr)
65	#define IN_DEV_RPFILTER(in_dev) (ipv4_devconf.rp_filter && (in_dev)->cnf.rp_filter)	47
66	#define IN_DEV_SOURCE_ROUTE(in_dev) (ipv4_devconf.accept_source_route && (in_dev)->cnf.accept_source_route)	48	static inline int ipv4_devconf_get(struct in_device *in_dev, int index)
67	#define IN_DEV_BOOTP_RELAY(in_dev) (ipv4_devconf.bootp_relay && (in_dev)->cnf.bootp_relay)	49	{
68		50	index--;
69	#define IN_DEV_LOG_MARTIANS(in_dev) (ipv4_devconf.log_martians \|\| (in_dev)->cnf.log_martians)	51	return in_dev->cnf.data[index];
70	#define IN_DEV_PROXY_ARP(in_dev) (ipv4_devconf.proxy_arp \|\| (in_dev)->cnf.proxy_arp)	52	}
71	#define IN_DEV_SHARED_MEDIA(in_dev) (ipv4_devconf.shared_media \|\| (in_dev)->cnf.shared_media)	53
72	#define IN_DEV_TX_REDIRECTS(in_dev) (ipv4_devconf.send_redirects \|\| (in_dev)->cnf.send_redirects)	54	static inline void ipv4_devconf_set(struct in_device *in_dev, int index,
73	#define IN_DEV_SEC_REDIRECTS(in_dev) (ipv4_devconf.secure_redirects \|\| (in_dev)->cnf.secure_redirects)	55	int val)
74	#define IN_DEV_IDTAG(in_dev) ((in_dev)->cnf.tag)	56	{
75	#define IN_DEV_MEDIUM_ID(in_dev) ((in_dev)->cnf.medium_id)	57	index--;
76	#define IN_DEV_PROMOTE_SECONDARIES(in_dev) (ipv4_devconf.promote_secondaries \|\| (in_dev)->cnf.promote_secondaries)	58	set_bit(index, in_dev->cnf.state);
		59	in_dev->cnf.data[index] = val;
		60	}
		61
		62	static inline void ipv4_devconf_setall(struct in_device *in_dev)
		63	{
		64	bitmap_fill(in_dev->cnf.state, __NET_IPV4_CONF_MAX - 1);
		65	}
		66
		67	#define IN_DEV_CONF_GET(in_dev, attr) \
		68	ipv4_devconf_get((in_dev), NET_IPV4_CONF_ ## attr)
		69	#define IN_DEV_CONF_SET(in_dev, attr, val) \
		70	ipv4_devconf_set((in_dev), NET_IPV4_CONF_ ## attr, (val))
		71
		72	#define IN_DEV_ANDCONF(in_dev, attr) \
		73	(IPV4_DEVCONF_ALL(attr) && IN_DEV_CONF_GET((in_dev), attr))
		74	#define IN_DEV_ORCONF(in_dev, attr) \
		75	(IPV4_DEVCONF_ALL(attr) \|\| IN_DEV_CONF_GET((in_dev), attr))
		76	#define IN_DEV_MAXCONF(in_dev, attr) \
		77	(max(IPV4_DEVCONF_ALL(attr), IN_DEV_CONF_GET((in_dev), attr)))
		78
		79	#define IN_DEV_FORWARD(in_dev) IN_DEV_CONF_GET((in_dev), FORWARDING)
		80	#define IN_DEV_MFORWARD(in_dev) (IPV4_DEVCONF_ALL(MC_FORWARDING) && \
		81	IPV4_DEVCONF((in_dev)->cnf, \
		82	MC_FORWARDING))
		83	#define IN_DEV_RPFILTER(in_dev) IN_DEV_ANDCONF((in_dev), RP_FILTER)
		84	#define IN_DEV_SOURCE_ROUTE(in_dev) IN_DEV_ANDCONF((in_dev), \
		85	ACCEPT_SOURCE_ROUTE)
		86	#define IN_DEV_BOOTP_RELAY(in_dev) IN_DEV_ANDCONF((in_dev), BOOTP_RELAY)
		87
		88	#define IN_DEV_LOG_MARTIANS(in_dev) IN_DEV_ORCONF((in_dev), LOG_MARTIANS)
		89	#define IN_DEV_PROXY_ARP(in_dev) IN_DEV_ORCONF((in_dev), PROXY_ARP)
		90	#define IN_DEV_SHARED_MEDIA(in_dev) IN_DEV_ORCONF((in_dev), SHARED_MEDIA)
		91	#define IN_DEV_TX_REDIRECTS(in_dev) IN_DEV_ORCONF((in_dev), SEND_REDIRECTS)
		92	#define IN_DEV_SEC_REDIRECTS(in_dev) IN_DEV_ORCONF((in_dev), \
		93	SECURE_REDIRECTS)
		94	#define IN_DEV_IDTAG(in_dev) IN_DEV_CONF_GET(in_dev, TAG)
		95	#define IN_DEV_MEDIUM_ID(in_dev) IN_DEV_CONF_GET(in_dev, MEDIUM_ID)
		96	#define IN_DEV_PROMOTE_SECONDARIES(in_dev) \
		97	IN_DEV_ORCONF((in_dev), \
		98	PROMOTE_SECONDARIES)
77		99
78	#define IN_DEV_RX_REDIRECTS(in_dev) \	100	#define IN_DEV_RX_REDIRECTS(in_dev) \
79	((IN_DEV_FORWARD(in_dev) && \	101	((IN_DEV_FORWARD(in_dev) && \
80	(ipv4_devconf.accept_redirects && (in_dev)->cnf.accept_redirects)) \	102	IN_DEV_ANDCONF((in_dev), ACCEPT_REDIRECTS)) \
81	\|\| (!IN_DEV_FORWARD(in_dev) && \	103	\|\| (!IN_DEV_FORWARD(in_dev) && \
82	(ipv4_devconf.accept_redirects \|\| (in_dev)->cnf.accept_redirects)))	104	IN_DEV_ORCONF((in_dev), ACCEPT_REDIRECTS)))
83		105
84	#define IN_DEV_ARPFILTER(in_dev) (ipv4_devconf.arp_filter \|\| (in_dev)->cnf.arp_filter)	106	#define IN_DEV_ARPFILTER(in_dev) IN_DEV_ORCONF((in_dev), ARPFILTER)
85	#define IN_DEV_ARP_ANNOUNCE(in_dev) (max(ipv4_devconf.arp_announce, (in_dev)->cnf.arp_announce))	107	#define IN_DEV_ARP_ANNOUNCE(in_dev) IN_DEV_MAXCONF((in_dev), ARP_ANNOUNCE)
86	#define IN_DEV_ARP_IGNORE(in_dev) (max(ipv4_devconf.arp_ignore, (in_dev)->cnf.arp_ignore))	108	#define IN_DEV_ARP_IGNORE(in_dev) IN_DEV_MAXCONF((in_dev), ARP_IGNORE)
87		109
88	struct in_ifaddr	110	struct in_ifaddr
89	{	111	{
@@ -108,7 +130,6 @@ extern struct net_device *ip_dev_find(__be32 addr);
108	extern int inet_addr_onlink(struct in_device *in_dev, __be32 a, __be32 b);	130	extern int inet_addr_onlink(struct in_device *in_dev, __be32 a, __be32 b);
109	extern int devinet_ioctl(unsigned int cmd, void __user *);	131	extern int devinet_ioctl(unsigned int cmd, void __user *);
110	extern void devinet_init(void);	132	extern void devinet_init(void);
111	extern struct in_device inetdev_init(struct net_device dev);
112	extern struct in_device *inetdev_by_index(int);	133	extern struct in_device *inetdev_by_index(int);
113	extern __be32 inet_select_addr(const struct net_device *dev, __be32 dst, int scope);	134	extern __be32 inet_select_addr(const struct net_device *dev, __be32 dst, int scope);
114	extern __be32 inet_confirm_addr(const struct net_device *dev, __be32 dst, __be32 local, int scope);	135	extern __be32 inet_confirm_addr(const struct net_device *dev, __be32 dst, __be32 local, int scope);


diff --git a/include/linux/netfilter_ipv4/ip_tables.h b/include/linux/netfilter_ipv4/ip_tables.h index 2f46dd728ee1..e992cd6b28f5 100644 --- a/include/linux/netfilter_ipv4/ip_tables.h +++ b/include/linux/netfilter_ipv4/ip_tables.h
@@ -264,6 +264,26 @@ ipt_get_target(struct ipt_entry *e)
264	__ret; \	264	__ret; \
265	})	265	})
266		266
		267	/* fn returns 0 to continue iteration */
		268	#define IPT_ENTRY_ITERATE_CONTINUE(entries, size, n, fn, args...) \
		269	({ \
		270	unsigned int __i, __n; \
		271	int __ret = 0; \
		272	struct ipt_entry *__entry; \
		273	\
		274	for (__i = 0, __n = 0; __i < (size); \
		275	__i += __entry->next_offset, __n++) { \
		276	__entry = (void *)(entries) + __i; \
		277	if (__n < n) \
		278	continue; \
		279	\
		280	__ret = fn(__entry , ## args); \
		281	if (__ret != 0) \
		282	break; \
		283	} \
		284	__ret; \
		285	})
		286
267	/*	287	/*
268	* Main firewall chains definitions and global var's definitions.	288	* Main firewall chains definitions and global var's definitions.
269	*/	289	*/


diff --git a/include/linux/rfkill.h b/include/linux/rfkill.h index 7c1ffbab7865..a8a6ea809da0 100644 --- a/include/linux/rfkill.h +++ b/include/linux/rfkill.h
@@ -63,7 +63,7 @@ enum rfkill_state {
63	* This structure represents a RF switch located on a network device.	63	* This structure represents a RF switch located on a network device.
64	*/	64	*/
65	struct rfkill {	65	struct rfkill {
66	char *name;	66	const char *name;
67	enum rfkill_type type;	67	enum rfkill_type type;
68		68
69	enum rfkill_state state;	69	enum rfkill_state state;


diff --git a/include/net/fib_rules.h b/include/net/fib_rules.h index ed3a8872c6ca..83e41dd15ccd 100644 --- a/include/net/fib_rules.h +++ b/include/net/fib_rules.h
@@ -64,7 +64,7 @@ struct fib_rules_ops
64	void (*flush_cache)(void);	64	void (*flush_cache)(void);
65		65
66	int nlgroup;	66	int nlgroup;
67	struct nla_policy *policy;	67	const struct nla_policy *policy;
68	struct list_head *rules_list;	68	struct list_head *rules_list;
69	struct module *owner;	69	struct module *owner;
70	};	70	};


diff --git a/include/net/genetlink.h b/include/net/genetlink.h index adff4c898d50..b6eaca122db8 100644 --- a/include/net/genetlink.h +++ b/include/net/genetlink.h
@@ -60,7 +60,7 @@ struct genl_ops
60	{	60	{
61	u8 cmd;	61	u8 cmd;
62	unsigned int flags;	62	unsigned int flags;
63	struct nla_policy *policy;	63	const struct nla_policy *policy;
64	int (doit)(struct sk_buff skb,	64	int (doit)(struct sk_buff skb,
65	struct genl_info *info);	65	struct genl_info *info);
66	int (dumpit)(struct sk_buff skb,	66	int (dumpit)(struct sk_buff skb,


diff --git a/include/net/ip.h b/include/net/ip.h index bb207db03675..abf2820a1125 100644 --- a/include/net/ip.h +++ b/include/net/ip.h
@@ -143,6 +143,7 @@ struct ip_reply_arg {
143	__wsum csum;	143	__wsum csum;
144	int csumoffset; /* u16 offset of csum in iov[0].iov_base */	144	int csumoffset; /* u16 offset of csum in iov[0].iov_base */
145	/* -1 if not needed */	145	/* -1 if not needed */
		146	int bound_dev_if;
146	};	147	};
147		148
148	void ip_send_reply(struct sock sk, struct sk_buff skb, struct ip_reply_arg *arg,	149	void ip_send_reply(struct sock sk, struct sk_buff skb, struct ip_reply_arg *arg,


diff --git a/include/net/ip_fib.h b/include/net/ip_fib.h index 5a4a0366c24f..69252cbe05b0 100644 --- a/include/net/ip_fib.h +++ b/include/net/ip_fib.h
@@ -213,7 +213,7 @@ extern void fib_select_default(const struct flowi flp, struct fib_result res);
213	#endif /* CONFIG_IP_MULTIPLE_TABLES */	213	#endif /* CONFIG_IP_MULTIPLE_TABLES */
214		214
215	/* Exported by fib_frontend.c */	215	/* Exported by fib_frontend.c */
216	extern struct nla_policy rtm_ipv4_policy[];	216	extern const struct nla_policy rtm_ipv4_policy[];
217	extern void ip_fib_init(void);	217	extern void ip_fib_init(void);
218	extern int fib_validate_source(__be32 src, __be32 dst, u8 tos, int oif,	218	extern int fib_validate_source(__be32 src, __be32 dst, u8 tos, int oif,
219	struct net_device dev, __be32 spec_dst, u32 *itag);	219	struct net_device dev, __be32 spec_dst, u32 *itag);


diff --git a/include/net/netlink.h b/include/net/netlink.h index 0bf325c29aff..7b510a9edb91 100644 --- a/include/net/netlink.h +++ b/include/net/netlink.h
@@ -222,10 +222,10 @@ extern int nlmsg_notify(struct sock sk, struct sk_buff skb,
222	gfp_t flags);	222	gfp_t flags);
223		223
224	extern int nla_validate(struct nlattr *head, int len, int maxtype,	224	extern int nla_validate(struct nlattr *head, int len, int maxtype,
225	struct nla_policy *policy);	225	const struct nla_policy *policy);
226	extern int nla_parse(struct nlattr *tb[], int maxtype,	226	extern int nla_parse(struct nlattr *tb[], int maxtype,
227	struct nlattr *head, int len,	227	struct nlattr *head, int len,
228	struct nla_policy *policy);	228	const struct nla_policy *policy);
229	extern struct nlattr * nla_find(struct nlattr *head, int len, int attrtype);	229	extern struct nlattr * nla_find(struct nlattr *head, int len, int attrtype);
230	extern size_t nla_strlcpy(char dst, const struct nlattr nla,	230	extern size_t nla_strlcpy(char dst, const struct nlattr nla,
231	size_t dstsize);	231	size_t dstsize);
@@ -360,7 +360,7 @@ static inline struct nlmsghdr nlmsg_next(struct nlmsghdr nlh, int *remaining)
360	*/	360	*/
361	static inline int nlmsg_parse(struct nlmsghdr *nlh, int hdrlen,	361	static inline int nlmsg_parse(struct nlmsghdr *nlh, int hdrlen,
362	struct nlattr *tb[], int maxtype,	362	struct nlattr *tb[], int maxtype,
363	struct nla_policy *policy)	363	const struct nla_policy *policy)
364	{	364	{
365	if (nlh->nlmsg_len < nlmsg_msg_size(hdrlen))	365	if (nlh->nlmsg_len < nlmsg_msg_size(hdrlen))
366	return -EINVAL;	366	return -EINVAL;
@@ -392,7 +392,7 @@ static inline struct nlattr nlmsg_find_attr(struct nlmsghdr nlh,
392	* @policy: validation policy	392	* @policy: validation policy
393	*/	393	*/
394	static inline int nlmsg_validate(struct nlmsghdr *nlh, int hdrlen, int maxtype,	394	static inline int nlmsg_validate(struct nlmsghdr *nlh, int hdrlen, int maxtype,
395	struct nla_policy *policy)	395	const struct nla_policy *policy)
396	{	396	{
397	if (nlh->nlmsg_len < nlmsg_msg_size(hdrlen))	397	if (nlh->nlmsg_len < nlmsg_msg_size(hdrlen))
398	return -EINVAL;	398	return -EINVAL;
@@ -729,7 +729,7 @@ static inline struct nlattr nla_find_nested(struct nlattr nla, int attrtype)
729	*/	729	*/
730	static inline int nla_parse_nested(struct nlattr *tb[], int maxtype,	730	static inline int nla_parse_nested(struct nlattr *tb[], int maxtype,
731	struct nlattr *nla,	731	struct nlattr *nla,
732	struct nla_policy *policy)	732	const struct nla_policy *policy)
733	{	733	{
734	return nla_parse(tb, maxtype, nla_data(nla), nla_len(nla), policy);	734	return nla_parse(tb, maxtype, nla_data(nla), nla_len(nla), policy);
735	}	735	}
@@ -990,7 +990,7 @@ static inline int nla_nest_cancel(struct sk_buff skb, struct nlattr start)
990	* Returns 0 on success or a negative error code.	990	* Returns 0 on success or a negative error code.
991	*/	991	*/
992	static inline int nla_validate_nested(struct nlattr *start, int maxtype,	992	static inline int nla_validate_nested(struct nlattr *start, int maxtype,
993	struct nla_policy *policy)	993	const struct nla_policy *policy)
994	{	994	{
995	return nla_validate(nla_data(start), nla_len(start), maxtype, policy);	995	return nla_validate(nla_data(start), nla_len(start), maxtype, policy);
996	}	996	}


diff --git a/include/net/udp.h b/include/net/udp.h index 496f89d45c8b..98755ebaf163 100644 --- a/include/net/udp.h +++ b/include/net/udp.h
@@ -119,16 +119,9 @@ static inline void udp_lib_close(struct sock *sk, long timeout)
119	}	119	}
120		120
121		121
122	struct udp_get_port_ops {
123	int (saddr_cmp)(const struct sock sk1, const struct sock *sk2);
124	int (saddr_any)(const struct sock sk);
125	unsigned int (*hash_port_and_rcv_saddr)(__u16 port,
126	const struct sock *sk);
127	};
128
129	/* net/ipv4/udp.c */	122	/* net/ipv4/udp.c */
130	extern int udp_get_port(struct sock *sk, unsigned short snum,	123	extern int udp_get_port(struct sock *sk, unsigned short snum,
131	const struct udp_get_port_ops *ops);	124	int (saddr_cmp)(const struct sock , const struct sock *));
132	extern void udp_err(struct sk_buff *, u32);	125	extern void udp_err(struct sk_buff *, u32);
133		126
134	extern int udp_sendmsg(struct kiocb iocb, struct sock sk,	127	extern int udp_sendmsg(struct kiocb iocb, struct sock sk,


diff --git a/include/net/udplite.h b/include/net/udplite.h index 50b4b424d1ca..635b0eafca95 100644 --- a/include/net/udplite.h +++ b/include/net/udplite.h
@@ -120,5 +120,5 @@ static inline __wsum udplite_csum_outgoing(struct sock sk, struct sk_buff skb)
120		120
121	extern void udplite4_register(void);	121	extern void udplite4_register(void);
122	extern int udplite_get_port(struct sock *sk, unsigned short snum,	122	extern int udplite_get_port(struct sock *sk, unsigned short snum,
123	const struct udp_get_port_ops *ops);	123	int (scmp)(const struct sock , const struct sock *));
124	#endif /* _UDPLITE_H */	124	#endif /* _UDPLITE_H */


diff --git a/include/net/xfrm.h b/include/net/xfrm.h index 90185e8b335e..311f25af5e1a 100644 --- a/include/net/xfrm.h +++ b/include/net/xfrm.h
@@ -964,7 +964,7 @@ struct xfrmk_spdinfo {
964		964
965	extern struct xfrm_state *xfrm_find_acq_byseq(u32 seq);	965	extern struct xfrm_state *xfrm_find_acq_byseq(u32 seq);
966	extern int xfrm_state_delete(struct xfrm_state *x);	966	extern int xfrm_state_delete(struct xfrm_state *x);
967	extern void xfrm_state_flush(u8 proto, struct xfrm_audit *audit_info);	967	extern int xfrm_state_flush(u8 proto, struct xfrm_audit *audit_info);
968	extern void xfrm_sad_getinfo(struct xfrmk_sadinfo *si);	968	extern void xfrm_sad_getinfo(struct xfrmk_sadinfo *si);
969	extern void xfrm_spd_getinfo(struct xfrmk_spdinfo *si);	969	extern void xfrm_spd_getinfo(struct xfrmk_spdinfo *si);
970	extern int xfrm_replay_check(struct xfrm_state *x, __be32 seq);	970	extern int xfrm_replay_check(struct xfrm_state *x, __be32 seq);
@@ -1020,13 +1020,13 @@ struct xfrm_policy *xfrm_policy_bysel_ctx(u8 type, int dir,
1020	struct xfrm_sec_ctx *ctx, int delete,	1020	struct xfrm_sec_ctx *ctx, int delete,
1021	int *err);	1021	int *err);
1022	struct xfrm_policy xfrm_policy_byid(u8, int dir, u32 id, int delete, int err);	1022	struct xfrm_policy xfrm_policy_byid(u8, int dir, u32 id, int delete, int err);
1023	void xfrm_policy_flush(u8 type, struct xfrm_audit *audit_info);	1023	int xfrm_policy_flush(u8 type, struct xfrm_audit *audit_info);
1024	u32 xfrm_get_acqseq(void);	1024	u32 xfrm_get_acqseq(void);
1025	void xfrm_alloc_spi(struct xfrm_state *x, __be32 minspi, __be32 maxspi);	1025	void xfrm_alloc_spi(struct xfrm_state *x, __be32 minspi, __be32 maxspi);
1026	struct xfrm_state * xfrm_find_acq(u8 mode, u32 reqid, u8 proto,	1026	struct xfrm_state * xfrm_find_acq(u8 mode, u32 reqid, u8 proto,
1027	xfrm_address_t daddr, xfrm_address_t saddr,	1027	xfrm_address_t daddr, xfrm_address_t saddr,
1028	int create, unsigned short family);	1028	int create, unsigned short family);
1029	extern void xfrm_policy_flush(u8 type, struct xfrm_audit *audit_info);	1029	extern int xfrm_policy_flush(u8 type, struct xfrm_audit *audit_info);
1030	extern int xfrm_sk_policy_insert(struct sock sk, int dir, struct xfrm_policy pol);	1030	extern int xfrm_sk_policy_insert(struct sock sk, int dir, struct xfrm_policy pol);
1031	extern int xfrm_bundle_ok(struct xfrm_policy pol, struct xfrm_dst xdst,	1031	extern int xfrm_bundle_ok(struct xfrm_policy pol, struct xfrm_dst xdst,
1032	struct flowi *fl, int family, int strict);	1032	struct flowi *fl, int family, int strict);