Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6

Conflicts: drivers/net/sfc/net_driver.h drivers/net/sfc/siena.c
author: David S. Miller <davem@davemloft.net> 2010-06-06 20:42:02 -0400
committer: David S. Miller <davem@davemloft.net> 2010-06-06 20:42:02 -0400
commit: eedc765ca4b19a41cf0b921a492ac08d640060d1 (patch)
tree: 95c566c6238cc953e1e336115d2daafe8bcb388f /net/ipv4
parent: e59d44df46edaafb6b637e98d046775524b31104 (diff)
parent: 024a07bacf8287a6ddfa83e9d5b951c5e8b4070e (diff)
7 files changed, 17 insertions, 18 deletions
diff --git a/net/ipv4/Kconfig b/net/ipv4/Kconfig
index 8e3a1fd938ab..7c3a7d191249 100644
--- a/net/ipv4/Kconfig
+++ b/net/ipv4/Kconfig
@@ -303,7 +303,7 @@ config ARPD
          If unsure, say N.
 config SYN_COOKIES
-        bool "IP: TCP syncookie support (disabled per default)"
+        bool "IP: TCP syncookie support"
        ---help---
          Normal TCP/IP networking is open to an attack known as "SYN
          flooding". This denial-of-service attack prevents legitimate remote
@@ -328,13 +328,13 @@ config SYN_COOKIES
          server is really overloaded. If this happens frequently better turn
          them off.
-          If you say Y here, note that SYN cookies aren't enabled by default;
+          If you say Y here, you can disable SYN cookies at run time by
-          you can enable them by saying Y to "/proc file system support" and
+          saying Y to "/proc file system support" and
          "Sysctl support" below and executing the command
-          echo 1 >/proc/sys/net/ipv4/tcp_syncookies
+          echo 0 > /proc/sys/net/ipv4/tcp_syncookies
-          at boot time after the /proc file system has been mounted.
+          after the /proc file system has been mounted.
          If unsure, say N.
diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c
index 63958f3394a5..4b6c5ca610fc 100644
--- a/net/ipv4/netfilter/ip_tables.c
+++ b/net/ipv4/netfilter/ip_tables.c
@@ -336,7 +336,7 @@ ipt_do_table(struct sk_buff *skb,
        cpu        = smp_processor_id();
        table_base = private->entries[cpu];
        jumpstack  = (struct ipt_entry **)private->jumpstack[cpu];
-        stackptr   = &private->stackptr[cpu];
+        stackptr   = per_cpu_ptr(private->stackptr, cpu);
        origptr    = *stackptr;
        e = get_entry(table_base, private->hook_entry[hook]);
diff --git a/net/ipv4/syncookies.c b/net/ipv4/syncookies.c
index a7cbcc4b726b..5c48124332de 100644
--- a/net/ipv4/syncookies.c
+++ b/net/ipv4/syncookies.c
@@ -347,7 +347,7 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb,
                                               { .sport = th->dest,
                                                 .dport = th->source } } };
                security_req_classify_flow(req, &fl);
-                if (ip_route_output_key(&init_net, &rt, &fl)) {
+                if (ip_route_output_key(sock_net(sk), &rt, &fl)) {
                        reqsk_free(req);
                        goto out;
                }
diff --git a/net/ipv4/tcp_hybla.c b/net/ipv4/tcp_hybla.c
index c209e054a634..377bc9349371 100644
--- a/net/ipv4/tcp_hybla.c
+++ b/net/ipv4/tcp_hybla.c
@@ -126,8 +126,8 @@ static void hybla_cong_avoid(struct sock *sk, u32 ack, u32 in_flight)
                 * calculate 2^fract in a <<7 value.
                 */
                is_slowstart = 1;
-                increment = ((1 << ca->rho) * hybla_fraction(rho_fractions))
+                increment = ((1 << min(ca->rho, 16U)) *
-                        - 128;
+                        hybla_fraction(rho_fractions)) - 128;
        } else {
                /*
                 * congestion avoidance
diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c
index 3e6dafcb1071..548d575e6cc6 100644
--- a/net/ipv4/tcp_input.c
+++ b/net/ipv4/tcp_input.c
@@ -2639,7 +2639,7 @@ static void DBGUNDO(struct sock *sk, const char *msg)
        if (sk->sk_family == AF_INET) {
                printk(KERN_DEBUG "Undo %s %pI4/%u c%u l%u ss%u/%u p%u\n",
                       msg,
-                       &inet->daddr, ntohs(inet->dport),
+                       &inet->inet_daddr, ntohs(inet->inet_dport),
                       tp->snd_cwnd, tcp_left_out(tp),
                       tp->snd_ssthresh, tp->prior_ssthresh,
                       tp->packets_out);
@@ -2649,7 +2649,7 @@ static void DBGUNDO(struct sock *sk, const char *msg)
                struct ipv6_pinfo *np = inet6_sk(sk);
                printk(KERN_DEBUG "Undo %s %pI6/%u c%u l%u ss%u/%u p%u\n",
                       msg,
-                       &np->daddr, ntohs(inet->dport),
+                       &np->daddr, ntohs(inet->inet_dport),
                       tp->snd_cwnd, tcp_left_out(tp),
                       tp->snd_ssthresh, tp->prior_ssthresh,
                       tp->packets_out);
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
index 6558dfd899da..acdc4c989853 100644
--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c
@@ -1557,6 +1557,7 @@ int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb)
 #endif
        if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
+                sock_rps_save_rxhash(sk, skb->rxhash);
                TCP_CHECK_TIMER(sk);
                if (tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len)) {
                        rsk = sk;
@@ -1581,7 +1582,9 @@ int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb)
                        }
                        return 0;
                }
-        }
+        } else
+                sock_rps_save_rxhash(sk, skb->rxhash);
        TCP_CHECK_TIMER(sk);
        if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len)) {
@@ -1674,8 +1677,6 @@ process:
        skb->dev = NULL;
-        sock_rps_save_rxhash(sk, skb->rxhash);
        bh_lock_sock_nested(sk);
        ret = 0;
        if (!sock_owned_by_user(sk)) {
diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c
index 50678f9a2763..eec4ff456e33 100644
--- a/net/ipv4/udp.c
+++ b/net/ipv4/udp.c
@@ -633,11 +633,9 @@ void __udp4_lib_err(struct sk_buff *skb, u32 info, struct udp_table *udptable)
        if (!inet->recverr) {
                if (!harderr || sk->sk_state != TCP_ESTABLISHED)
                        goto out;
-        } else {
+        } else
-                bh_lock_sock(sk);
                ip_icmp_error(sk, skb, err, uh->dest, info, (u8 *)(uh+1));
-                bh_unlock_sock(sk);
-        }
        sk->sk_err = err;
        sk->sk_error_report(sk);
 out:
author	David S. Miller <davem@davemloft.net>	2010-06-06 20:42:02 -0400
committer	David S. Miller <davem@davemloft.net>	2010-06-06 20:42:02 -0400
commit	eedc765ca4b19a41cf0b921a492ac08d640060d1 (patch)
tree	95c566c6238cc953e1e336115d2daafe8bcb388f /net/ipv4
parent	e59d44df46edaafb6b637e98d046775524b31104 (diff)
parent	024a07bacf8287a6ddfa83e9d5b951c5e8b4070e (diff)

diff --git a/net/ipv4/Kconfig b/net/ipv4/Kconfig index 8e3a1fd938ab..7c3a7d191249 100644 --- a/net/ipv4/Kconfig +++ b/net/ipv4/Kconfig
@@ -303,7 +303,7 @@ config ARPD
303	If unsure, say N.	303	If unsure, say N.
304		304
305	config SYN_COOKIES	305	config SYN_COOKIES
306	bool "IP: TCP syncookie support (disabled per default)"	306	bool "IP: TCP syncookie support"
307	---help---	307	---help---
308	Normal TCP/IP networking is open to an attack known as "SYN	308	Normal TCP/IP networking is open to an attack known as "SYN
309	flooding". This denial-of-service attack prevents legitimate remote	309	flooding". This denial-of-service attack prevents legitimate remote
@@ -328,13 +328,13 @@ config SYN_COOKIES
328	server is really overloaded. If this happens frequently better turn	328	server is really overloaded. If this happens frequently better turn
329	them off.	329	them off.
330		330
331	If you say Y here, note that SYN cookies aren't enabled by default;	331	If you say Y here, you can disable SYN cookies at run time by
332	you can enable them by saying Y to "/proc file system support" and	332	saying Y to "/proc file system support" and
333	"Sysctl support" below and executing the command	333	"Sysctl support" below and executing the command
334		334
335	echo 1 >/proc/sys/net/ipv4/tcp_syncookies	335	echo 0 > /proc/sys/net/ipv4/tcp_syncookies
336		336
337	at boot time after the /proc file system has been mounted.	337	after the /proc file system has been mounted.
338		338
339	If unsure, say N.	339	If unsure, say N.
340		340


diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c index 63958f3394a5..4b6c5ca610fc 100644 --- a/net/ipv4/netfilter/ip_tables.c +++ b/net/ipv4/netfilter/ip_tables.c
@@ -336,7 +336,7 @@ ipt_do_table(struct sk_buff *skb,
336	cpu = smp_processor_id();	336	cpu = smp_processor_id();
337	table_base = private->entries[cpu];	337	table_base = private->entries[cpu];
338	jumpstack = (struct ipt_entry **)private->jumpstack[cpu];	338	jumpstack = (struct ipt_entry **)private->jumpstack[cpu];
339	stackptr = &private->stackptr[cpu];	339	stackptr = per_cpu_ptr(private->stackptr, cpu);
340	origptr = *stackptr;	340	origptr = *stackptr;
341		341
342	e = get_entry(table_base, private->hook_entry[hook]);	342	e = get_entry(table_base, private->hook_entry[hook]);


diff --git a/net/ipv4/syncookies.c b/net/ipv4/syncookies.c index a7cbcc4b726b..5c48124332de 100644 --- a/net/ipv4/syncookies.c +++ b/net/ipv4/syncookies.c
@@ -347,7 +347,7 @@ struct sock cookie_v4_check(struct sock sk, struct sk_buff *skb,
347	{ .sport = th->dest,	347	{ .sport = th->dest,
348	.dport = th->source } } };	348	.dport = th->source } } };
349	security_req_classify_flow(req, &fl);	349	security_req_classify_flow(req, &fl);
350	if (ip_route_output_key(&init_net, &rt, &fl)) {	350	if (ip_route_output_key(sock_net(sk), &rt, &fl)) {
351	reqsk_free(req);	351	reqsk_free(req);
352	goto out;	352	goto out;
353	}	353	}


diff --git a/net/ipv4/tcp_hybla.c b/net/ipv4/tcp_hybla.c index c209e054a634..377bc9349371 100644 --- a/net/ipv4/tcp_hybla.c +++ b/net/ipv4/tcp_hybla.c
@@ -126,8 +126,8 @@ static void hybla_cong_avoid(struct sock *sk, u32 ack, u32 in_flight)
126	* calculate 2^fract in a <<7 value.	126	* calculate 2^fract in a <<7 value.
127	*/	127	*/
128	is_slowstart = 1;	128	is_slowstart = 1;
129	increment = ((1 << ca->rho) * hybla_fraction(rho_fractions))	129	increment = ((1 << min(ca->rho, 16U)) *
130	- 128;	130	hybla_fraction(rho_fractions)) - 128;
131	} else {	131	} else {
132	/*	132	/*
133	* congestion avoidance	133	* congestion avoidance


diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c index 3e6dafcb1071..548d575e6cc6 100644 --- a/net/ipv4/tcp_input.c +++ b/net/ipv4/tcp_input.c
@@ -2639,7 +2639,7 @@ static void DBGUNDO(struct sock sk, const char msg)
2639	if (sk->sk_family == AF_INET) {	2639	if (sk->sk_family == AF_INET) {
2640	printk(KERN_DEBUG "Undo %s %pI4/%u c%u l%u ss%u/%u p%u\n",	2640	printk(KERN_DEBUG "Undo %s %pI4/%u c%u l%u ss%u/%u p%u\n",
2641	msg,	2641	msg,
2642	&inet->daddr, ntohs(inet->dport),	2642	&inet->inet_daddr, ntohs(inet->inet_dport),
2643	tp->snd_cwnd, tcp_left_out(tp),	2643	tp->snd_cwnd, tcp_left_out(tp),
2644	tp->snd_ssthresh, tp->prior_ssthresh,	2644	tp->snd_ssthresh, tp->prior_ssthresh,
2645	tp->packets_out);	2645	tp->packets_out);
@@ -2649,7 +2649,7 @@ static void DBGUNDO(struct sock sk, const char msg)
2649	struct ipv6_pinfo *np = inet6_sk(sk);	2649	struct ipv6_pinfo *np = inet6_sk(sk);
2650	printk(KERN_DEBUG "Undo %s %pI6/%u c%u l%u ss%u/%u p%u\n",	2650	printk(KERN_DEBUG "Undo %s %pI6/%u c%u l%u ss%u/%u p%u\n",
2651	msg,	2651	msg,
2652	&np->daddr, ntohs(inet->dport),	2652	&np->daddr, ntohs(inet->inet_dport),
2653	tp->snd_cwnd, tcp_left_out(tp),	2653	tp->snd_cwnd, tcp_left_out(tp),
2654	tp->snd_ssthresh, tp->prior_ssthresh,	2654	tp->snd_ssthresh, tp->prior_ssthresh,
2655	tp->packets_out);	2655	tp->packets_out);


diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index 6558dfd899da..acdc4c989853 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c
@@ -1557,6 +1557,7 @@ int tcp_v4_do_rcv(struct sock sk, struct sk_buff skb)
1557	#endif	1557	#endif
1558		1558
1559	if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */	1559	if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
		1560	sock_rps_save_rxhash(sk, skb->rxhash);
1560	TCP_CHECK_TIMER(sk);	1561	TCP_CHECK_TIMER(sk);
1561	if (tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len)) {	1562	if (tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len)) {
1562	rsk = sk;	1563	rsk = sk;
@@ -1581,7 +1582,9 @@ int tcp_v4_do_rcv(struct sock sk, struct sk_buff skb)
1581	}	1582	}
1582	return 0;	1583	return 0;
1583	}	1584	}
1584	}	1585	} else
		1586	sock_rps_save_rxhash(sk, skb->rxhash);
		1587
1585		1588
1586	TCP_CHECK_TIMER(sk);	1589	TCP_CHECK_TIMER(sk);
1587	if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len)) {	1590	if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len)) {
@@ -1674,8 +1677,6 @@ process:
1674		1677
1675	skb->dev = NULL;	1678	skb->dev = NULL;
1676		1679
1677	sock_rps_save_rxhash(sk, skb->rxhash);
1678
1679	bh_lock_sock_nested(sk);	1680	bh_lock_sock_nested(sk);
1680	ret = 0;	1681	ret = 0;
1681	if (!sock_owned_by_user(sk)) {	1682	if (!sock_owned_by_user(sk)) {


diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c index 50678f9a2763..eec4ff456e33 100644 --- a/net/ipv4/udp.c +++ b/net/ipv4/udp.c
@@ -633,11 +633,9 @@ void __udp4_lib_err(struct sk_buff skb, u32 info, struct udp_table udptable)
633	if (!inet->recverr) {	633	if (!inet->recverr) {
634	if (!harderr \|\| sk->sk_state != TCP_ESTABLISHED)	634	if (!harderr \|\| sk->sk_state != TCP_ESTABLISHED)
635	goto out;	635	goto out;
636	} else {	636	} else
637	bh_lock_sock(sk);
638	ip_icmp_error(sk, skb, err, uh->dest, info, (u8 *)(uh+1));	637	ip_icmp_error(sk, skb, err, uh->dest, info, (u8 *)(uh+1));
639	bh_unlock_sock(sk);	638
640	}
641	sk->sk_err = err;	639	sk->sk_err = err;
642	sk->sk_error_report(sk);	640	sk->sk_error_report(sk);
643	out:	641	out: