Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6

5 files changed, 16 insertions, 20 deletions

diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c
index 06632762ba5f..90203e1b9187 100644
--- a/net/ipv4/netfilter/arp_tables.c
+++ b/net/ipv4/netfilter/arp_tables.c
@@ -925,10 +925,10 @@ static int get_info(struct net *net, void __user *user, int *len, int compat)
         if (t && !IS_ERR(t)) {
                 struct arpt_getinfo info;
                 const struct xt_table_info *private = t->private;
-
 #ifdef CONFIG_COMPAT
+                struct xt_table_info tmp;
+
                 if (compat) {
-                        struct xt_table_info tmp;
                         ret = compat_table_info(private, &tmp);
                         xt_compat_flush_offsets(NFPROTO_ARP);
                         private = &tmp;
diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c
index 572330a552ef..3ce53cf13d5a 100644
--- a/net/ipv4/netfilter/ip_tables.c
+++ b/net/ipv4/netfilter/ip_tables.c
@@ -1132,10 +1132,10 @@ static int get_info(struct net *net, void __user *user, int *len, int compat)
         if (t && !IS_ERR(t)) {
                 struct ipt_getinfo info;
                 const struct xt_table_info *private = t->private;
-
 #ifdef CONFIG_COMPAT
+                struct xt_table_info tmp;
+
                 if (compat) {
-                        struct xt_table_info tmp;
                         ret = compat_table_info(private, &tmp);
                         xt_compat_flush_offsets(AF_INET);
                         private = &tmp;
diff --git a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
index d171b123a656..d1ea38a7c490 100644
--- a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
+++ b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
@@ -210,7 +210,7 @@ static ctl_table ip_ct_sysctl_table[] = {
         },
         {
                 .procname       = "ip_conntrack_buckets",
-                .data           = &nf_conntrack_htable_size,
+                .data           = &init_net.ct.htable_size,
                 .maxlen         = sizeof(unsigned int),
                 .mode           = 0444,
                 .proc_handler   = proc_dointvec,
diff --git a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4_compat.c b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4_compat.c
index 8668a3defda6..2fb7b76da94f 100644
--- a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4_compat.c
+++ b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4_compat.c
@@ -32,7 +32,7 @@ static struct hlist_nulls_node *ct_get_first(struct seq_file *seq)
         struct hlist_nulls_node *n;
 
         for (st->bucket = 0;
-             st->bucket < nf_conntrack_htable_size;
+             st->bucket < net->ct.htable_size;
              st->bucket++) {
                 n = rcu_dereference(net->ct.hash[st->bucket].first);
                 if (!is_a_nulls(n))
@@ -50,7 +50,7 @@ static struct hlist_nulls_node *ct_get_next(struct seq_file *seq,
         head = rcu_dereference(head->next);
         while (is_a_nulls(head)) {
                 if (likely(get_nulls_value(head) == st->bucket)) {
-                        if (++st->bucket >= nf_conntrack_htable_size)
+                        if (++st->bucket >= net->ct.htable_size)
                                 return NULL;
                 }
                 head = rcu_dereference(net->ct.hash[st->bucket].first);
diff --git a/net/ipv4/netfilter/nf_nat_core.c b/net/ipv4/netfilter/nf_nat_core.c
index fe1a64479dd0..26066a2327ad 100644
--- a/net/ipv4/netfilter/nf_nat_core.c
+++ b/net/ipv4/netfilter/nf_nat_core.c
@@ -35,9 +35,6 @@ static DEFINE_SPINLOCK(nf_nat_lock);
 
 static struct nf_conntrack_l3proto *l3proto __read_mostly;
 
-/* Calculated at init based on memory size */
-static unsigned int nf_nat_htable_size __read_mostly;
-
 #define MAX_IP_NAT_PROTO 256
 static const struct nf_nat_protocol *nf_nat_protos[MAX_IP_NAT_PROTO]
                                                 __read_mostly;
@@ -72,7 +69,7 @@ EXPORT_SYMBOL_GPL(nf_nat_proto_put);
 
 /* We keep an extra hash for each conntrack, for fast searching. */
 static inline unsigned int
-hash_by_src(const struct nf_conntrack_tuple *tuple)
+hash_by_src(const struct net *net, const struct nf_conntrack_tuple *tuple)
 {
         unsigned int hash;
 
@@ -80,7 +77,7 @@ hash_by_src(const struct nf_conntrack_tuple *tuple)
         hash = jhash_3words((__force u32)tuple->src.u3.ip,
                             (__force u32)tuple->src.u.all,
                             tuple->dst.protonum, 0);
-        return ((u64)hash * nf_nat_htable_size) >> 32;
+        return ((u64)hash * net->ipv4.nat_htable_size) >> 32;
 }
 
 /* Is this tuple already taken? (not by us) */
@@ -147,7 +144,7 @@ find_appropriate_src(struct net *net,
                      struct nf_conntrack_tuple *result,
                      const struct nf_nat_range *range)
 {
-        unsigned int h = hash_by_src(tuple);
+        unsigned int h = hash_by_src(net, tuple);
         const struct nf_conn_nat *nat;
         const struct nf_conn *ct;
         const struct hlist_node *n;
@@ -330,7 +327,7 @@ nf_nat_setup_info(struct nf_conn *ct,
         if (have_to_hash) {
                 unsigned int srchash;
 
-                srchash = hash_by_src(&ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple);
+                srchash = hash_by_src(net, &ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple);
                 spin_lock_bh(&nf_nat_lock);
                 /* nf_conntrack_alter_reply might re-allocate exntension aera */
                 nat = nfct_nat(ct);
@@ -679,8 +676,10 @@ nfnetlink_parse_nat_setup(struct nf_conn *ct,
 
 static int __net_init nf_nat_net_init(struct net *net)
 {
-        net->ipv4.nat_bysource = nf_ct_alloc_hashtable(&nf_nat_htable_size,
-                                                      &net->ipv4.nat_vmalloced, 0);
+        /* Leave them the same for the moment. */
+        net->ipv4.nat_htable_size = net->ct.htable_size;
+        net->ipv4.nat_bysource = nf_ct_alloc_hashtable(&net->ipv4.nat_htable_size,
+                                                       &net->ipv4.nat_vmalloced, 0);
         if (!net->ipv4.nat_bysource)
                 return -ENOMEM;
         return 0;
@@ -703,7 +702,7 @@ static void __net_exit nf_nat_net_exit(struct net *net)
         nf_ct_iterate_cleanup(net, &clean_nat, NULL);
         synchronize_rcu();
         nf_ct_free_hashtable(net->ipv4.nat_bysource, net->ipv4.nat_vmalloced,
-                             nf_nat_htable_size);
+                             net->ipv4.nat_htable_size);
 }
 
 static struct pernet_operations nf_nat_net_ops = {
@@ -724,9 +723,6 @@ static int __init nf_nat_init(void)
                 return ret;
         }
 
-        /* Leave them the same for the moment. */
-        nf_nat_htable_size = nf_conntrack_htable_size;
-
         ret = register_pernet_subsys(&nf_nat_net_ops);
         if (ret < 0)
                 goto cleanup_extend;