aboutsummaryrefslogtreecommitdiffstats
path: root/net/ipv6
diff options
context:
space:
mode:
authorAlexey Dobriyan <adobriyan@gmail.com>2008-11-25 20:35:18 -0500
committerDavid S. Miller <davem@davemloft.net>2008-11-25 20:35:18 -0500
commit52479b623d3d41df84c499325b6a8c7915413032 (patch)
tree196f303f296b53dc89a05954d9c03226a9b4158b /net/ipv6
parentcdcbca7c1f1946758cfacb69bc1c7eeaccb11e2d (diff)
netns xfrm: lookup in netns
Pass netns to xfrm_lookup()/__xfrm_lookup(). For that pass netns to flow_cache_lookup() and resolver callback. Take it from socket or netdevice. Stub DECnet to init_net. Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv6')
-rw-r--r--net/ipv6/af_inet6.c2
-rw-r--r--net/ipv6/datagram.c3
-rw-r--r--net/ipv6/icmp.c6
-rw-r--r--net/ipv6/inet6_connection_sock.c2
-rw-r--r--net/ipv6/ip6_tunnel.c5
-rw-r--r--net/ipv6/mcast.c4
-rw-r--r--net/ipv6/ndisc.c4
-rw-r--r--net/ipv6/netfilter.c2
-rw-r--r--net/ipv6/netfilter/ip6t_REJECT.c2
-rw-r--r--net/ipv6/raw.c3
-rw-r--r--net/ipv6/syncookies.c2
-rw-r--r--net/ipv6/tcp_ipv6.c11
-rw-r--r--net/ipv6/udp.c3
13 files changed, 27 insertions, 22 deletions
diff --git a/net/ipv6/af_inet6.c b/net/ipv6/af_inet6.c
index 01edac888510..437b750b98fd 100644
--- a/net/ipv6/af_inet6.c
+++ b/net/ipv6/af_inet6.c
@@ -637,7 +637,7 @@ int inet6_sk_rebuild_header(struct sock *sk)
637 if (final_p) 637 if (final_p)
638 ipv6_addr_copy(&fl.fl6_dst, final_p); 638 ipv6_addr_copy(&fl.fl6_dst, final_p);
639 639
640 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) { 640 if ((err = xfrm_lookup(sock_net(sk), &dst, &fl, sk, 0)) < 0) {
641 sk->sk_err_soft = -err; 641 sk->sk_err_soft = -err;
642 return err; 642 return err;
643 } 643 }
diff --git a/net/ipv6/datagram.c b/net/ipv6/datagram.c
index e44deb8d4df2..e2bdc6d83a43 100644
--- a/net/ipv6/datagram.c
+++ b/net/ipv6/datagram.c
@@ -175,7 +175,8 @@ ipv4_connected:
175 if (final_p) 175 if (final_p)
176 ipv6_addr_copy(&fl.fl6_dst, final_p); 176 ipv6_addr_copy(&fl.fl6_dst, final_p);
177 177
178 if ((err = __xfrm_lookup(&dst, &fl, sk, XFRM_LOOKUP_WAIT)) < 0) { 178 err = __xfrm_lookup(sock_net(sk), &dst, &fl, sk, XFRM_LOOKUP_WAIT);
179 if (err < 0) {
179 if (err == -EREMOTE) 180 if (err == -EREMOTE)
180 err = ip6_dst_blackhole(sk, &dst, &fl); 181 err = ip6_dst_blackhole(sk, &dst, &fl);
181 if (err < 0) 182 if (err < 0)
diff --git a/net/ipv6/icmp.c b/net/ipv6/icmp.c
index a77b8d103804..4f433847d95f 100644
--- a/net/ipv6/icmp.c
+++ b/net/ipv6/icmp.c
@@ -427,7 +427,7 @@ void icmpv6_send(struct sk_buff *skb, int type, int code, __u32 info,
427 /* No need to clone since we're just using its address. */ 427 /* No need to clone since we're just using its address. */
428 dst2 = dst; 428 dst2 = dst;
429 429
430 err = xfrm_lookup(&dst, &fl, sk, 0); 430 err = xfrm_lookup(net, &dst, &fl, sk, 0);
431 switch (err) { 431 switch (err) {
432 case 0: 432 case 0:
433 if (dst != dst2) 433 if (dst != dst2)
@@ -446,7 +446,7 @@ void icmpv6_send(struct sk_buff *skb, int type, int code, __u32 info,
446 if (ip6_dst_lookup(sk, &dst2, &fl)) 446 if (ip6_dst_lookup(sk, &dst2, &fl))
447 goto relookup_failed; 447 goto relookup_failed;
448 448
449 err = xfrm_lookup(&dst2, &fl, sk, XFRM_LOOKUP_ICMP); 449 err = xfrm_lookup(net, &dst2, &fl, sk, XFRM_LOOKUP_ICMP);
450 switch (err) { 450 switch (err) {
451 case 0: 451 case 0:
452 dst_release(dst); 452 dst_release(dst);
@@ -552,7 +552,7 @@ static void icmpv6_echo_reply(struct sk_buff *skb)
552 err = ip6_dst_lookup(sk, &dst, &fl); 552 err = ip6_dst_lookup(sk, &dst, &fl);
553 if (err) 553 if (err)
554 goto out; 554 goto out;
555 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) 555 if ((err = xfrm_lookup(net, &dst, &fl, sk, 0)) < 0)
556 goto out; 556 goto out;
557 557
558 if (ipv6_addr_is_multicast(&fl.fl6_dst)) 558 if (ipv6_addr_is_multicast(&fl.fl6_dst))
diff --git a/net/ipv6/inet6_connection_sock.c b/net/ipv6/inet6_connection_sock.c
index 16d43f20b32f..3c3732d50c1a 100644
--- a/net/ipv6/inet6_connection_sock.c
+++ b/net/ipv6/inet6_connection_sock.c
@@ -219,7 +219,7 @@ int inet6_csk_xmit(struct sk_buff *skb, int ipfragok)
219 if (final_p) 219 if (final_p)
220 ipv6_addr_copy(&fl.fl6_dst, final_p); 220 ipv6_addr_copy(&fl.fl6_dst, final_p);
221 221
222 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) { 222 if ((err = xfrm_lookup(sock_net(sk), &dst, &fl, sk, 0)) < 0) {
223 sk->sk_route_caps = 0; 223 sk->sk_route_caps = 0;
224 kfree_skb(skb); 224 kfree_skb(skb);
225 return err; 225 return err;
diff --git a/net/ipv6/ip6_tunnel.c b/net/ipv6/ip6_tunnel.c
index ef249ab5c93c..58e2b0d93758 100644
--- a/net/ipv6/ip6_tunnel.c
+++ b/net/ipv6/ip6_tunnel.c
@@ -846,6 +846,7 @@ static int ip6_tnl_xmit2(struct sk_buff *skb,
846 int encap_limit, 846 int encap_limit,
847 __u32 *pmtu) 847 __u32 *pmtu)
848{ 848{
849 struct net *net = dev_net(dev);
849 struct ip6_tnl *t = netdev_priv(dev); 850 struct ip6_tnl *t = netdev_priv(dev);
850 struct net_device_stats *stats = &t->dev->stats; 851 struct net_device_stats *stats = &t->dev->stats;
851 struct ipv6hdr *ipv6h = ipv6_hdr(skb); 852 struct ipv6hdr *ipv6h = ipv6_hdr(skb);
@@ -861,9 +862,9 @@ static int ip6_tnl_xmit2(struct sk_buff *skb,
861 if ((dst = ip6_tnl_dst_check(t)) != NULL) 862 if ((dst = ip6_tnl_dst_check(t)) != NULL)
862 dst_hold(dst); 863 dst_hold(dst);
863 else { 864 else {
864 dst = ip6_route_output(dev_net(dev), NULL, fl); 865 dst = ip6_route_output(net, NULL, fl);
865 866
866 if (dst->error || xfrm_lookup(&dst, fl, NULL, 0) < 0) 867 if (dst->error || xfrm_lookup(net, &dst, fl, NULL, 0) < 0)
867 goto tx_err_link_failure; 868 goto tx_err_link_failure;
868 } 869 }
869 870
diff --git a/net/ipv6/mcast.c b/net/ipv6/mcast.c
index 870a1d64605a..0f3896032830 100644
--- a/net/ipv6/mcast.c
+++ b/net/ipv6/mcast.c
@@ -1466,7 +1466,7 @@ static void mld_sendpack(struct sk_buff *skb)
1466 &ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr, 1466 &ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr,
1467 skb->dev->ifindex); 1467 skb->dev->ifindex);
1468 1468
1469 err = xfrm_lookup(&skb->dst, &fl, NULL, 0); 1469 err = xfrm_lookup(net, &skb->dst, &fl, NULL, 0);
1470 if (err) 1470 if (err)
1471 goto err_out; 1471 goto err_out;
1472 1472
@@ -1831,7 +1831,7 @@ static void igmp6_send(struct in6_addr *addr, struct net_device *dev, int type)
1831 &ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr, 1831 &ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr,
1832 skb->dev->ifindex); 1832 skb->dev->ifindex);
1833 1833
1834 err = xfrm_lookup(&skb->dst, &fl, NULL, 0); 1834 err = xfrm_lookup(net, &skb->dst, &fl, NULL, 0);
1835 if (err) 1835 if (err)
1836 goto err_out; 1836 goto err_out;
1837 1837
diff --git a/net/ipv6/ndisc.c b/net/ipv6/ndisc.c
index af6705f03b5c..e4acc212345e 100644
--- a/net/ipv6/ndisc.c
+++ b/net/ipv6/ndisc.c
@@ -524,7 +524,7 @@ void ndisc_send_skb(struct sk_buff *skb,
524 return; 524 return;
525 } 525 }
526 526
527 err = xfrm_lookup(&dst, &fl, NULL, 0); 527 err = xfrm_lookup(net, &dst, &fl, NULL, 0);
528 if (err < 0) { 528 if (err < 0) {
529 kfree_skb(skb); 529 kfree_skb(skb);
530 return; 530 return;
@@ -1524,7 +1524,7 @@ void ndisc_send_redirect(struct sk_buff *skb, struct neighbour *neigh,
1524 if (dst == NULL) 1524 if (dst == NULL)
1525 return; 1525 return;
1526 1526
1527 err = xfrm_lookup(&dst, &fl, NULL, 0); 1527 err = xfrm_lookup(net, &dst, &fl, NULL, 0);
1528 if (err) 1528 if (err)
1529 return; 1529 return;
1530 1530
diff --git a/net/ipv6/netfilter.c b/net/ipv6/netfilter.c
index fd5b3a4e3329..627e21db65df 100644
--- a/net/ipv6/netfilter.c
+++ b/net/ipv6/netfilter.c
@@ -29,7 +29,7 @@ int ip6_route_me_harder(struct sk_buff *skb)
29#ifdef CONFIG_XFRM 29#ifdef CONFIG_XFRM
30 if (!(IP6CB(skb)->flags & IP6SKB_XFRM_TRANSFORMED) && 30 if (!(IP6CB(skb)->flags & IP6SKB_XFRM_TRANSFORMED) &&
31 xfrm_decode_session(skb, &fl, AF_INET6) == 0) 31 xfrm_decode_session(skb, &fl, AF_INET6) == 0)
32 if (xfrm_lookup(&skb->dst, &fl, skb->sk, 0)) 32 if (xfrm_lookup(net, &skb->dst, &fl, skb->sk, 0))
33 return -1; 33 return -1;
34#endif 34#endif
35 35
diff --git a/net/ipv6/netfilter/ip6t_REJECT.c b/net/ipv6/netfilter/ip6t_REJECT.c
index 0981b4ccb8b1..5a2d0a41694a 100644
--- a/net/ipv6/netfilter/ip6t_REJECT.c
+++ b/net/ipv6/netfilter/ip6t_REJECT.c
@@ -97,7 +97,7 @@ static void send_reset(struct net *net, struct sk_buff *oldskb)
97 dst = ip6_route_output(net, NULL, &fl); 97 dst = ip6_route_output(net, NULL, &fl);
98 if (dst == NULL) 98 if (dst == NULL)
99 return; 99 return;
100 if (dst->error || xfrm_lookup(&dst, &fl, NULL, 0)) 100 if (dst->error || xfrm_lookup(net, &dst, &fl, NULL, 0))
101 return; 101 return;
102 102
103 hh_len = (dst->dev->hard_header_len + 15)&~15; 103 hh_len = (dst->dev->hard_header_len + 15)&~15;
diff --git a/net/ipv6/raw.c b/net/ipv6/raw.c
index 2ba04d41dc25..61f6827e5906 100644
--- a/net/ipv6/raw.c
+++ b/net/ipv6/raw.c
@@ -860,7 +860,8 @@ static int rawv6_sendmsg(struct kiocb *iocb, struct sock *sk,
860 if (final_p) 860 if (final_p)
861 ipv6_addr_copy(&fl.fl6_dst, final_p); 861 ipv6_addr_copy(&fl.fl6_dst, final_p);
862 862
863 if ((err = __xfrm_lookup(&dst, &fl, sk, XFRM_LOOKUP_WAIT)) < 0) { 863 err = __xfrm_lookup(sock_net(sk), &dst, &fl, sk, XFRM_LOOKUP_WAIT);
864 if (err < 0) {
864 if (err == -EREMOTE) 865 if (err == -EREMOTE)
865 err = ip6_dst_blackhole(sk, &dst, &fl); 866 err = ip6_dst_blackhole(sk, &dst, &fl);
866 if (err < 0) 867 if (err < 0)
diff --git a/net/ipv6/syncookies.c b/net/ipv6/syncookies.c
index 676c80b5b14b..711175e0571f 100644
--- a/net/ipv6/syncookies.c
+++ b/net/ipv6/syncookies.c
@@ -259,7 +259,7 @@ struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb)
259 259
260 if (final_p) 260 if (final_p)
261 ipv6_addr_copy(&fl.fl6_dst, final_p); 261 ipv6_addr_copy(&fl.fl6_dst, final_p);
262 if ((xfrm_lookup(&dst, &fl, sk, 0)) < 0) 262 if ((xfrm_lookup(sock_net(sk), &dst, &fl, sk, 0)) < 0)
263 goto out_free; 263 goto out_free;
264 } 264 }
265 265
diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c
index a5d750acd793..f259c9671f3e 100644
--- a/net/ipv6/tcp_ipv6.c
+++ b/net/ipv6/tcp_ipv6.c
@@ -260,7 +260,8 @@ static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
260 if (final_p) 260 if (final_p)
261 ipv6_addr_copy(&fl.fl6_dst, final_p); 261 ipv6_addr_copy(&fl.fl6_dst, final_p);
262 262
263 if ((err = __xfrm_lookup(&dst, &fl, sk, XFRM_LOOKUP_WAIT)) < 0) { 263 err = __xfrm_lookup(sock_net(sk), &dst, &fl, sk, XFRM_LOOKUP_WAIT);
264 if (err < 0) {
264 if (err == -EREMOTE) 265 if (err == -EREMOTE)
265 err = ip6_dst_blackhole(sk, &dst, &fl); 266 err = ip6_dst_blackhole(sk, &dst, &fl);
266 if (err < 0) 267 if (err < 0)
@@ -390,7 +391,7 @@ static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
390 goto out; 391 goto out;
391 } 392 }
392 393
393 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) { 394 if ((err = xfrm_lookup(net, &dst, &fl, sk, 0)) < 0) {
394 sk->sk_err_soft = -err; 395 sk->sk_err_soft = -err;
395 goto out; 396 goto out;
396 } 397 }
@@ -492,7 +493,7 @@ static int tcp_v6_send_synack(struct sock *sk, struct request_sock *req)
492 goto done; 493 goto done;
493 if (final_p) 494 if (final_p)
494 ipv6_addr_copy(&fl.fl6_dst, final_p); 495 ipv6_addr_copy(&fl.fl6_dst, final_p);
495 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) 496 if ((err = xfrm_lookup(sock_net(sk), &dst, &fl, sk, 0)) < 0)
496 goto done; 497 goto done;
497 498
498 skb = tcp_make_synack(sk, dst, req); 499 skb = tcp_make_synack(sk, dst, req);
@@ -1018,7 +1019,7 @@ static void tcp_v6_send_response(struct sk_buff *skb, u32 seq, u32 ack, u32 win,
1018 * namespace 1019 * namespace
1019 */ 1020 */
1020 if (!ip6_dst_lookup(ctl_sk, &buff->dst, &fl)) { 1021 if (!ip6_dst_lookup(ctl_sk, &buff->dst, &fl)) {
1021 if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) { 1022 if (xfrm_lookup(net, &buff->dst, &fl, NULL, 0) >= 0) {
1022 ip6_xmit(ctl_sk, buff, &fl, NULL, 0); 1023 ip6_xmit(ctl_sk, buff, &fl, NULL, 0);
1023 TCP_INC_STATS_BH(net, TCP_MIB_OUTSEGS); 1024 TCP_INC_STATS_BH(net, TCP_MIB_OUTSEGS);
1024 if (rst) 1025 if (rst)
@@ -1316,7 +1317,7 @@ static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
1316 if (final_p) 1317 if (final_p)
1317 ipv6_addr_copy(&fl.fl6_dst, final_p); 1318 ipv6_addr_copy(&fl.fl6_dst, final_p);
1318 1319
1319 if ((xfrm_lookup(&dst, &fl, sk, 0)) < 0) 1320 if ((xfrm_lookup(sock_net(sk), &dst, &fl, sk, 0)) < 0)
1320 goto out; 1321 goto out;
1321 } 1322 }
1322 1323
diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c
index fd2d9ad4a8a3..38390dd19636 100644
--- a/net/ipv6/udp.c
+++ b/net/ipv6/udp.c
@@ -849,7 +849,8 @@ do_udp_sendmsg:
849 if (final_p) 849 if (final_p)
850 ipv6_addr_copy(&fl.fl6_dst, final_p); 850 ipv6_addr_copy(&fl.fl6_dst, final_p);
851 851
852 if ((err = __xfrm_lookup(&dst, &fl, sk, XFRM_LOOKUP_WAIT)) < 0) { 852 err = __xfrm_lookup(sock_net(sk), &dst, &fl, sk, XFRM_LOOKUP_WAIT);
853 if (err < 0) {
853 if (err == -EREMOTE) 854 if (err == -EREMOTE)
854 err = ip6_dst_blackhole(sk, &dst, &fl); 855 err = ip6_dst_blackhole(sk, &dst, &fl);
855 if (err < 0) 856 if (err < 0)
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-12 07:13:10 -0500