Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net

Pull networking changes from David Miller:
 "The most important bit here is the TCP syncookies issue, which seems
  to have been busted for some time.  That fix has been verified in
  production by the reporter.

  1) Persistent TUN devices erroneously hold on to the network namespace
     in such a way that it cannot be shutdown.  Fix from Stanislav
     Kinsbursky with help from Eric Dumazet.

  2) TCP SYN cookies have been broken for a while due to how the route
     lookup flow key is managed, connections can be delayed by as much
     as 20 seconds due to this bug.  Fix from Eric Dumazet.

  3) Missing jiffies.h include in lib/dynamic_queue_limits.c can break
     the build, from Tom Herbert.

  4) Add USB device ID for Sitecom LN-031, from Joerg Neikes.

  5) Fix OOPS in delayed workqueue in iwlegacy, from Stanislaw Gruszka.

  6) rt2x00 TX queue can be disabled forever due to races, fix by
     synchronizing pause/unpause with a lock.  Also from Stanislaw
     Gruszka.

  7) Statistics and endian fix in bnx2x driver from Yuval Mintz, Eilon
     Greenstein, and Ariel Elior."

* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net:
  tun: don't hold network namespace by tun sockets
  bnx2x: FCoE statistics id fixed
  bnx2x: dcb bit indices flags used as bits
  bnx2x: added cpu_to_le16 when preparing ramrod's data
  bnx2x: pfc statistics counts pfc events twice
  rt2x00: fix random stalls
  iwl3945: fix possible il->txq NULL pointer dereference in delayed works
  dql: Fix undefined jiffies
  tcp: fix syncookie regression
  usb: asix: Patch for Sitecom LN-031

1 files changed, 16 insertions, 14 deletions

diff --git a/net/ipv4/syncookies.c b/net/ipv4/syncookies.c
index 51fdbb490437..eab2a7fb15d1 100644
--- a/net/ipv4/syncookies.c
+++ b/net/ipv4/syncookies.c
@@ -278,6 +278,7 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb,
         struct rtable *rt;
         __u8 rcv_wscale;
         bool ecn_ok = false;
+        struct flowi4 fl4;
 
         if (!sysctl_tcp_syncookies || !th->ack || th->rst)
                 goto out;
@@ -346,20 +347,16 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb,
          * hasn't changed since we received the original syn, but I see
          * no easy way to do this.
          */
-        {
-                struct flowi4 fl4;
-
-                flowi4_init_output(&fl4, 0, sk->sk_mark, RT_CONN_FLAGS(sk),
-                                   RT_SCOPE_UNIVERSE, IPPROTO_TCP,
-                                   inet_sk_flowi_flags(sk),
-                                   (opt && opt->srr) ? opt->faddr : ireq->rmt_addr,
-                                   ireq->loc_addr, th->source, th->dest);
-                security_req_classify_flow(req, flowi4_to_flowi(&fl4));
-                rt = ip_route_output_key(sock_net(sk), &fl4);
-                if (IS_ERR(rt)) {
-                        reqsk_free(req);
-                        goto out;
-                }
+        flowi4_init_output(&fl4, 0, sk->sk_mark, RT_CONN_FLAGS(sk),
+                           RT_SCOPE_UNIVERSE, IPPROTO_TCP,
+                           inet_sk_flowi_flags(sk),
+                           (opt && opt->srr) ? opt->faddr : ireq->rmt_addr,
+                           ireq->loc_addr, th->source, th->dest);
+        security_req_classify_flow(req, flowi4_to_flowi(&fl4));
+        rt = ip_route_output_key(sock_net(sk), &fl4);
+        if (IS_ERR(rt)) {
+                reqsk_free(req);
+                goto out;
         }
 
         /* Try to redo what tcp_v4_send_synack did. */
@@ -373,5 +370,10 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb,
         ireq->rcv_wscale  = rcv_wscale;
 
         ret = get_cookie_sock(sk, skb, req, &rt->dst);
+        /* ip_queue_xmit() depends on our flow being setup
+         * Normal sockets get it right from inet_csk_route_child_sock()
+         */
+        if (ret)
+                inet_sk(ret)->cork.fl.u.ip4 = fl4;
 out:    return ret;
 }