Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6 into sh-fixes-for-linus

11 files changed, 60 insertions, 49 deletions

diff --git a/net/ipv4/ip_output.c b/net/ipv4/ip_output.c
index 98af3697c718..a8024eaa0e87 100644
--- a/net/ipv4/ip_output.c
+++ b/net/ipv4/ip_output.c
@@ -799,7 +799,9 @@ static int __ip_append_data(struct sock *sk,
         int csummode = CHECKSUM_NONE;
         struct rtable *rt = (struct rtable *)cork->dst;
 
-        exthdrlen = transhdrlen ? rt->dst.header_len : 0;
+        skb = skb_peek_tail(queue);
+
+        exthdrlen = !skb ? rt->dst.header_len : 0;
         length += exthdrlen;
         transhdrlen += exthdrlen;
         mtu = cork->fragsize;
@@ -825,8 +827,6 @@ static int __ip_append_data(struct sock *sk,
             !exthdrlen)
                 csummode = CHECKSUM_PARTIAL;
 
-        skb = skb_peek_tail(queue);
-
         cork->length += length;
         if (((length > mtu) || (skb && skb_is_gso(skb))) &&
             (sk->sk_protocol == IPPROTO_UDP) &&
diff --git a/net/ipv4/netfilter/ip_queue.c b/net/ipv4/netfilter/ip_queue.c
index d2c1311cb28d..f7f9bd7ba12d 100644
--- a/net/ipv4/netfilter/ip_queue.c
+++ b/net/ipv4/netfilter/ip_queue.c
@@ -402,7 +402,8 @@ ipq_dev_drop(int ifindex)
 static inline void
 __ipq_rcv_skb(struct sk_buff *skb)
 {
-        int status, type, pid, flags, nlmsglen, skblen;
+        int status, type, pid, flags;
+        unsigned int nlmsglen, skblen;
         struct nlmsghdr *nlh;
 
         skblen = skb->len;
diff --git a/net/ipv4/netfilter/ipt_CLUSTERIP.c b/net/ipv4/netfilter/ipt_CLUSTERIP.c
index d609ac3cb9a4..5c9e97c79017 100644
--- a/net/ipv4/netfilter/ipt_CLUSTERIP.c
+++ b/net/ipv4/netfilter/ipt_CLUSTERIP.c
@@ -307,7 +307,7 @@ clusterip_tg(struct sk_buff *skb, const struct xt_action_param *par)
          * error messages (RELATED) and information requests (see below) */
         if (ip_hdr(skb)->protocol == IPPROTO_ICMP &&
             (ctinfo == IP_CT_RELATED ||
-             ctinfo == IP_CT_RELATED + IP_CT_IS_REPLY))
+             ctinfo == IP_CT_RELATED_REPLY))
                 return XT_CONTINUE;
 
         /* ip_conntrack_icmp guarantees us that we only have ICMP_ECHO,
@@ -321,12 +321,12 @@ clusterip_tg(struct sk_buff *skb, const struct xt_action_param *par)
                         ct->mark = hash;
                         break;
                 case IP_CT_RELATED:
-                case IP_CT_RELATED+IP_CT_IS_REPLY:
+                case IP_CT_RELATED_REPLY:
                         /* FIXME: we don't handle expectations at the
                          * moment.  they can arrive on a different node than
                          * the master connection (e.g. FTP passive mode) */
                 case IP_CT_ESTABLISHED:
-                case IP_CT_ESTABLISHED+IP_CT_IS_REPLY:
+                case IP_CT_ESTABLISHED_REPLY:
                         break;
                 default:
                         break;
diff --git a/net/ipv4/netfilter/ipt_MASQUERADE.c b/net/ipv4/netfilter/ipt_MASQUERADE.c
index d2ed9dc74ebc..9931152a78b5 100644
--- a/net/ipv4/netfilter/ipt_MASQUERADE.c
+++ b/net/ipv4/netfilter/ipt_MASQUERADE.c
@@ -60,7 +60,7 @@ masquerade_tg(struct sk_buff *skb, const struct xt_action_param *par)
         nat = nfct_nat(ct);
 
         NF_CT_ASSERT(ct && (ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED ||
-                            ctinfo == IP_CT_RELATED + IP_CT_IS_REPLY));
+                            ctinfo == IP_CT_RELATED_REPLY));
 
         /* Source address is 0.0.0.0 - locally generated packet that is
          * probably not supposed to be masqueraded.
diff --git a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
index 5a03c02af999..db10075dd88e 100644
--- a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
+++ b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
@@ -101,7 +101,7 @@ static unsigned int ipv4_confirm(unsigned int hooknum,
 
         /* This is where we call the helper: as the packet goes out. */
         ct = nf_ct_get(skb, &ctinfo);
-        if (!ct || ctinfo == IP_CT_RELATED + IP_CT_IS_REPLY)
+        if (!ct || ctinfo == IP_CT_RELATED_REPLY)
                 goto out;
 
         help = nfct_help(ct);
diff --git a/net/ipv4/netfilter/nf_conntrack_proto_icmp.c b/net/ipv4/netfilter/nf_conntrack_proto_icmp.c
index 7404bde95994..ab5b27a2916f 100644
--- a/net/ipv4/netfilter/nf_conntrack_proto_icmp.c
+++ b/net/ipv4/netfilter/nf_conntrack_proto_icmp.c
@@ -160,7 +160,7 @@ icmp_error_message(struct net *net, struct nf_conn *tmpl, struct sk_buff *skb,
         /* Update skb to refer to this connection */
         skb->nfct = &nf_ct_tuplehash_to_ctrack(h)->ct_general;
         skb->nfctinfo = *ctinfo;
-        return -NF_ACCEPT;
+        return NF_ACCEPT;
 }
 
 /* Small and modified version of icmp_rcv */
diff --git a/net/ipv4/netfilter/nf_nat_core.c b/net/ipv4/netfilter/nf_nat_core.c
index 9c71b2755ce3..3346de5d94d0 100644
--- a/net/ipv4/netfilter/nf_nat_core.c
+++ b/net/ipv4/netfilter/nf_nat_core.c
@@ -433,7 +433,7 @@ int nf_nat_icmp_reply_translation(struct nf_conn *ct,
 
         /* Must be RELATED */
         NF_CT_ASSERT(skb->nfctinfo == IP_CT_RELATED ||
-                     skb->nfctinfo == IP_CT_RELATED+IP_CT_IS_REPLY);
+                     skb->nfctinfo == IP_CT_RELATED_REPLY);
 
         /* Redirects on non-null nats must be dropped, else they'll
            start talking to each other without our translation, and be
diff --git a/net/ipv4/netfilter/nf_nat_helper.c b/net/ipv4/netfilter/nf_nat_helper.c
index 99cfa28b6d38..ebc5f8894f99 100644
--- a/net/ipv4/netfilter/nf_nat_helper.c
+++ b/net/ipv4/netfilter/nf_nat_helper.c
@@ -160,7 +160,7 @@ static void nf_nat_csum(struct sk_buff *skb, const struct iphdr *iph, void *data
 
         if (skb->ip_summed != CHECKSUM_PARTIAL) {
                 if (!(rt->rt_flags & RTCF_LOCAL) &&
-                    skb->dev->features & NETIF_F_V4_CSUM) {
+                    (!skb->dev || skb->dev->features & NETIF_F_V4_CSUM)) {
                         skb->ip_summed = CHECKSUM_PARTIAL;
                         skb->csum_start = skb_headroom(skb) +
                                           skb_network_offset(skb) +
diff --git a/net/ipv4/netfilter/nf_nat_rule.c b/net/ipv4/netfilter/nf_nat_rule.c
index 21c30426480b..733c9abc1cbd 100644
--- a/net/ipv4/netfilter/nf_nat_rule.c
+++ b/net/ipv4/netfilter/nf_nat_rule.c
@@ -53,7 +53,7 @@ ipt_snat_target(struct sk_buff *skb, const struct xt_action_param *par)
 
         /* Connection must be valid and new. */
         NF_CT_ASSERT(ct && (ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED ||
-                            ctinfo == IP_CT_RELATED + IP_CT_IS_REPLY));
+                            ctinfo == IP_CT_RELATED_REPLY));
         NF_CT_ASSERT(par->out != NULL);
 
         return nf_nat_setup_info(ct, &mr->range[0], IP_NAT_MANIP_SRC);
diff --git a/net/ipv4/netfilter/nf_nat_standalone.c b/net/ipv4/netfilter/nf_nat_standalone.c
index 7317bdf1d457..483b76d042da 100644
--- a/net/ipv4/netfilter/nf_nat_standalone.c
+++ b/net/ipv4/netfilter/nf_nat_standalone.c
@@ -116,7 +116,7 @@ nf_nat_fn(unsigned int hooknum,
 
         switch (ctinfo) {
         case IP_CT_RELATED:
-        case IP_CT_RELATED+IP_CT_IS_REPLY:
+        case IP_CT_RELATED_REPLY:
                 if (ip_hdr(skb)->protocol == IPPROTO_ICMP) {
                         if (!nf_nat_icmp_reply_translation(ct, ctinfo,
                                                            hooknum, skb))
@@ -144,7 +144,7 @@ nf_nat_fn(unsigned int hooknum,
         default:
                 /* ESTABLISHED */
                 NF_CT_ASSERT(ctinfo == IP_CT_ESTABLISHED ||
-                             ctinfo == (IP_CT_ESTABLISHED+IP_CT_IS_REPLY));
+                             ctinfo == IP_CT_ESTABLISHED_REPLY);
         }
 
         return nf_nat_packet(ct, ctinfo, hooknum, skb);
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index 52b0b956508b..045f0ec6a4a0 100644
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -1316,6 +1316,23 @@ reject_redirect:
         ;
 }
 
+static bool peer_pmtu_expired(struct inet_peer *peer)
+{
+        unsigned long orig = ACCESS_ONCE(peer->pmtu_expires);
+
+        return orig &&
+               time_after_eq(jiffies, orig) &&
+               cmpxchg(&peer->pmtu_expires, orig, 0) == orig;
+}
+
+static bool peer_pmtu_cleaned(struct inet_peer *peer)
+{
+        unsigned long orig = ACCESS_ONCE(peer->pmtu_expires);
+
+        return orig &&
+               cmpxchg(&peer->pmtu_expires, orig, 0) == orig;
+}
+
 static struct dst_entry *ipv4_negative_advice(struct dst_entry *dst)
 {
         struct rtable *rt = (struct rtable *)dst;
@@ -1331,14 +1348,8 @@ static struct dst_entry *ipv4_negative_advice(struct dst_entry *dst)
                                                 rt_genid(dev_net(dst->dev)));
                         rt_del(hash, rt);
                         ret = NULL;
-                } else if (rt->peer &&
-                           rt->peer->pmtu_expires &&
-                           time_after_eq(jiffies, rt->peer->pmtu_expires)) {
-                        unsigned long orig = rt->peer->pmtu_expires;
-
-                        if (cmpxchg(&rt->peer->pmtu_expires, orig, 0) == orig)
-                                dst_metric_set(dst, RTAX_MTU,
-                                               rt->peer->pmtu_orig);
+                } else if (rt->peer && peer_pmtu_expired(rt->peer)) {
+                        dst_metric_set(dst, RTAX_MTU, rt->peer->pmtu_orig);
                 }
         }
         return ret;
@@ -1531,8 +1542,10 @@ unsigned short ip_rt_frag_needed(struct net *net, const struct iphdr *iph,
 
 static void check_peer_pmtu(struct dst_entry *dst, struct inet_peer *peer)
 {
-        unsigned long expires = peer->pmtu_expires;
+        unsigned long expires = ACCESS_ONCE(peer->pmtu_expires);
 
+        if (!expires)
+                return;
         if (time_before(jiffies, expires)) {
                 u32 orig_dst_mtu = dst_mtu(dst);
                 if (peer->pmtu_learned < orig_dst_mtu) {
@@ -1555,10 +1568,11 @@ static void ip_rt_update_pmtu(struct dst_entry *dst, u32 mtu)
                 rt_bind_peer(rt, rt->rt_dst, 1);
         peer = rt->peer;
         if (peer) {
+                unsigned long pmtu_expires = ACCESS_ONCE(peer->pmtu_expires);
+
                 if (mtu < ip_rt_min_pmtu)
                         mtu = ip_rt_min_pmtu;
-                if (!peer->pmtu_expires || mtu < peer->pmtu_learned) {
-                        unsigned long pmtu_expires;
+                if (!pmtu_expires || mtu < peer->pmtu_learned) {
 
                         pmtu_expires = jiffies + ip_rt_mtu_expires;
                         if (!pmtu_expires)
@@ -1612,13 +1626,14 @@ static struct dst_entry *ipv4_dst_check(struct dst_entry *dst, u32 cookie)
                         rt_bind_peer(rt, rt->rt_dst, 0);
 
                 peer = rt->peer;
-                if (peer && peer->pmtu_expires)
+                if (peer) {
                         check_peer_pmtu(dst, peer);
 
-                if (peer && peer->redirect_learned.a4 &&
-                    peer->redirect_learned.a4 != rt->rt_gateway) {
-                        if (check_peer_redir(dst, peer))
-                                return NULL;
+                        if (peer->redirect_learned.a4 &&
+                            peer->redirect_learned.a4 != rt->rt_gateway) {
+                                if (check_peer_redir(dst, peer))
+                                        return NULL;
+                        }
                 }
 
                 rt->rt_peer_genid = rt_peer_genid();
@@ -1649,14 +1664,8 @@ static void ipv4_link_failure(struct sk_buff *skb)
         icmp_send(skb, ICMP_DEST_UNREACH, ICMP_HOST_UNREACH, 0);
 
         rt = skb_rtable(skb);
-        if (rt &&
-            rt->peer &&
-            rt->peer->pmtu_expires) {
-                unsigned long orig = rt->peer->pmtu_expires;
-
-                if (cmpxchg(&rt->peer->pmtu_expires, orig, 0) == orig)
-                        dst_metric_set(&rt->dst, RTAX_MTU, rt->peer->pmtu_orig);
-        }
+        if (rt && rt->peer && peer_pmtu_cleaned(rt->peer))
+                dst_metric_set(&rt->dst, RTAX_MTU, rt->peer->pmtu_orig);
 }
 
 static int ip_rt_bug(struct sk_buff *skb)
@@ -1770,8 +1779,7 @@ static void rt_init_metrics(struct rtable *rt, const struct flowi4 *fl4,
                                sizeof(u32) * RTAX_MAX);
                 dst_init_metrics(&rt->dst, peer->metrics, false);
 
-                if (peer->pmtu_expires)
-                        check_peer_pmtu(&rt->dst, peer);
+                check_peer_pmtu(&rt->dst, peer);
                 if (peer->redirect_learned.a4 &&
                     peer->redirect_learned.a4 != rt->rt_gateway) {
                         rt->rt_gateway = peer->redirect_learned.a4;
@@ -2775,7 +2783,8 @@ static int rt_fill_info(struct net *net,
         struct rtable *rt = skb_rtable(skb);
         struct rtmsg *r;
         struct nlmsghdr *nlh;
-        long expires;
+        long expires = 0;
+        const struct inet_peer *peer = rt->peer;
         u32 id = 0, ts = 0, tsage = 0, error;
 
         nlh = nlmsg_put(skb, pid, seq, event, sizeof(*r), flags);
@@ -2823,15 +2832,16 @@ static int rt_fill_info(struct net *net,
                 NLA_PUT_BE32(skb, RTA_MARK, rt->rt_mark);
 
         error = rt->dst.error;
-        expires = (rt->peer && rt->peer->pmtu_expires) ?
-                rt->peer->pmtu_expires - jiffies : 0;
-        if (rt->peer) {
+        if (peer) {
                 inet_peer_refcheck(rt->peer);
-                id = atomic_read(&rt->peer->ip_id_count) & 0xffff;
-                if (rt->peer->tcp_ts_stamp) {
-                        ts = rt->peer->tcp_ts;
-                        tsage = get_seconds() - rt->peer->tcp_ts_stamp;
+                id = atomic_read(&peer->ip_id_count) & 0xffff;
+                if (peer->tcp_ts_stamp) {
+                        ts = peer->tcp_ts;
+                        tsage = get_seconds() - peer->tcp_ts_stamp;
                 }
+                expires = ACCESS_ONCE(peer->pmtu_expires);
+                if (expires)
+                        expires -= jiffies;
         }
 
         if (rt_is_input_route(rt)) {