Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net

author: David S. Miller <davem@davemloft.net> 2011-08-08 02:20:26 -0400
committer: David S. Miller <davem@davemloft.net> 2011-08-08 02:20:26 -0400
commit: 19fd61785a580c60cba900c5171bfadb57dd5056 (patch)
tree: 1e491fb014be0dc03f4b6755bb94e73afd38c455 /net
parent: 57569d0e12eaf31717e295960cd2a26f626c8e5b (diff)
parent: 8028837d71ba9904b17281b40f94b93e947fbe38 (diff)
41 files changed, 353 insertions, 103 deletions
diff --git a/net/atm/br2684.c b/net/atm/br2684.c
index 2252c2085dac..52cfd0c3ea71 100644
--- a/net/atm/br2684.c
+++ b/net/atm/br2684.c
@@ -242,8 +242,6 @@ static int br2684_xmit_vcc(struct sk_buff *skb, struct net_device *dev,
                if (brdev->payload == p_bridged) {
                        skb_push(skb, 2);
                        memset(skb->data, 0, 2);
-                } else { /* p_routed */
-                        skb_pull(skb, ETH_HLEN);
                }
        }
        skb_debug(skb);
diff --git a/net/core/Makefile b/net/core/Makefile
index 8a04dd22cf77..0d357b1c4e57 100644
--- a/net/core/Makefile
+++ b/net/core/Makefile
@@ -3,7 +3,7 @@
 #
 obj-y := sock.o request_sock.o skbuff.o iovec.o datagram.o stream.o scm.o \
-         gen_stats.o gen_estimator.o net_namespace.o
+         gen_stats.o gen_estimator.o net_namespace.o secure_seq.o
 obj-$(CONFIG_SYSCTL) += sysctl_net_core.o
diff --git a/net/core/secure_seq.c b/net/core/secure_seq.c
new file mode 100644
index 000000000000..45329d7c9dd9
--- /dev/null
+++ b/net/core/secure_seq.c
@@ -0,0 +1,184 @@
+#include <linux/kernel.h>
+#include <linux/init.h>
+#include <linux/cryptohash.h>
+#include <linux/module.h>
+#include <linux/cache.h>
+#include <linux/random.h>
+#include <linux/hrtimer.h>
+#include <linux/ktime.h>
+#include <linux/string.h>
+#include <net/secure_seq.h>
+static u32 net_secret[MD5_MESSAGE_BYTES / 4] ____cacheline_aligned;
+static int __init net_secret_init(void)
+{
+        get_random_bytes(net_secret, sizeof(net_secret));
+        return 0;
+}
+late_initcall(net_secret_init);
+static u32 seq_scale(u32 seq)
+{
+        /*
+         *      As close as possible to RFC 793, which
+         *      suggests using a 250 kHz clock.
+         *      Further reading shows this assumes 2 Mb/s networks.
+         *      For 10 Mb/s Ethernet, a 1 MHz clock is appropriate.
+         *      For 10 Gb/s Ethernet, a 1 GHz clock should be ok, but
+         *      we also need to limit the resolution so that the u32 seq
+         *      overlaps less than one time per MSL (2 minutes).
+         *      Choosing a clock of 64 ns period is OK. (period of 274 s)
+         */
+        return seq + (ktime_to_ns(ktime_get_real()) >> 6);
+}
+#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
+__u32 secure_tcpv6_sequence_number(__be32 *saddr, __be32 *daddr,
+                                   __be16 sport, __be16 dport)
+{
+        u32 secret[MD5_MESSAGE_BYTES / 4];
+        u32 hash[MD5_DIGEST_WORDS];
+        u32 i;
+        memcpy(hash, saddr, 16);
+        for (i = 0; i < 4; i++)
+                secret[i] = net_secret[i] + daddr[i];
+        secret[4] = net_secret[4] +
+                (((__force u16)sport << 16) + (__force u16)dport);
+        for (i = 5; i < MD5_MESSAGE_BYTES / 4; i++)
+                secret[i] = net_secret[i];
+        md5_transform(hash, secret);
+        return seq_scale(hash[0]);
+}
+EXPORT_SYMBOL(secure_tcpv6_sequence_number);
+u32 secure_ipv6_port_ephemeral(const __be32 *saddr, const __be32 *daddr,
+                               __be16 dport)
+{
+        u32 secret[MD5_MESSAGE_BYTES / 4];
+        u32 hash[MD5_DIGEST_WORDS];
+        u32 i;
+        memcpy(hash, saddr, 16);
+        for (i = 0; i < 4; i++)
+                secret[i] = net_secret[i] + (__force u32) daddr[i];
+        secret[4] = net_secret[4] + (__force u32)dport;
+        for (i = 5; i < MD5_MESSAGE_BYTES / 4; i++)
+                secret[i] = net_secret[i];
+        md5_transform(hash, secret);
+        return hash[0];
+}
+#endif
+#ifdef CONFIG_INET
+__u32 secure_ip_id(__be32 daddr)
+{
+        u32 hash[MD5_DIGEST_WORDS];
+        hash[0] = (__force __u32) daddr;
+        hash[1] = net_secret[13];
+        hash[2] = net_secret[14];
+        hash[3] = net_secret[15];
+        md5_transform(hash, net_secret);
+        return hash[0];
+}
+__u32 secure_ipv6_id(const __be32 daddr[4])
+{
+        __u32 hash[4];
+        memcpy(hash, daddr, 16);
+        md5_transform(hash, net_secret);
+        return hash[0];
+}
+__u32 secure_tcp_sequence_number(__be32 saddr, __be32 daddr,
+                                 __be16 sport, __be16 dport)
+{
+        u32 hash[MD5_DIGEST_WORDS];
+        hash[0] = (__force u32)saddr;
+        hash[1] = (__force u32)daddr;
+        hash[2] = ((__force u16)sport << 16) + (__force u16)dport;
+        hash[3] = net_secret[15];
+        md5_transform(hash, net_secret);
+        return seq_scale(hash[0]);
+}
+u32 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport)
+{
+        u32 hash[MD5_DIGEST_WORDS];
+        hash[0] = (__force u32)saddr;
+        hash[1] = (__force u32)daddr;
+        hash[2] = (__force u32)dport ^ net_secret[14];
+        hash[3] = net_secret[15];
+        md5_transform(hash, net_secret);
+        return hash[0];
+}
+EXPORT_SYMBOL_GPL(secure_ipv4_port_ephemeral);
+#endif
+#if defined(CONFIG_IP_DCCP) || defined(CONFIG_IP_DCCP_MODULE)
+u64 secure_dccp_sequence_number(__be32 saddr, __be32 daddr,
+                                __be16 sport, __be16 dport)
+{
+        u32 hash[MD5_DIGEST_WORDS];
+        u64 seq;
+        hash[0] = (__force u32)saddr;
+        hash[1] = (__force u32)daddr;
+        hash[2] = ((__force u16)sport << 16) + (__force u16)dport;
+        hash[3] = net_secret[15];
+        md5_transform(hash, net_secret);
+        seq = hash[0] | (((u64)hash[1]) << 32);
+        seq += ktime_to_ns(ktime_get_real());
+        seq &= (1ull << 48) - 1;
+        return seq;
+}
+EXPORT_SYMBOL(secure_dccp_sequence_number);
+#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
+u64 secure_dccpv6_sequence_number(__be32 *saddr, __be32 *daddr,
+                                  __be16 sport, __be16 dport)
+{
+        u32 secret[MD5_MESSAGE_BYTES / 4];
+        u32 hash[MD5_DIGEST_WORDS];
+        u64 seq;
+        u32 i;
+        memcpy(hash, saddr, 16);
+        for (i = 0; i < 4; i++)
+                secret[i] = net_secret[i] + daddr[i];
+        secret[4] = net_secret[4] +
+                (((__force u16)sport << 16) + (__force u16)dport);
+        for (i = 5; i < MD5_MESSAGE_BYTES / 4; i++)
+                secret[i] = net_secret[i];
+        md5_transform(hash, secret);
+        seq = hash[0] | (((u64)hash[1]) << 32);
+        seq += ktime_to_ns(ktime_get_real());
+        seq &= (1ull << 48) - 1;
+        return seq;
+}
+EXPORT_SYMBOL(secure_dccpv6_sequence_number);
+#endif
+#endif
diff --git a/net/core/skbuff.c b/net/core/skbuff.c
index 2beda824636e..27002dffe7ed 100644
--- a/net/core/skbuff.c
+++ b/net/core/skbuff.c
@@ -1369,8 +1369,21 @@ pull_pages:
 }
 EXPORT_SYMBOL(__pskb_pull_tail);
-/* Copy some data bits from skb to kernel buffer. */
+/**
+ *      skb_copy_bits - copy bits from skb to kernel buffer
+ *      @skb: source skb
+ *      @offset: offset in source
+ *      @to: destination buffer
+ *      @len: number of bytes to copy
+ *
+ *      Copy the specified number of bytes from the source skb to the
+ *      destination buffer.
+ *
+ *      CAUTION ! :
+ *              If its prototype is ever changed,
+ *              check arch/{*}/net/{*}.S files,
+ *              since it is called from BPF assembly code.
+ */
 int skb_copy_bits(const struct sk_buff *skb, int offset, void *to, int len)
 {
        int start = skb_headlen(skb);
diff --git a/net/dccp/ipv4.c b/net/dccp/ipv4.c
index 8c36adfd1919..332639b56f4d 100644
--- a/net/dccp/ipv4.c
+++ b/net/dccp/ipv4.c
@@ -26,6 +26,7 @@
 #include <net/timewait_sock.h>
 #include <net/tcp_states.h>
 #include <net/xfrm.h>
+#include <net/secure_seq.h>
 #include "ackvec.h"
 #include "ccid.h"
diff --git a/net/dccp/ipv6.c b/net/dccp/ipv6.c
index 8dc4348774a5..b74f76117dcf 100644
--- a/net/dccp/ipv6.c
+++ b/net/dccp/ipv6.c
@@ -29,6 +29,7 @@
 #include <net/transp_v6.h>
 #include <net/ip6_checksum.h>
 #include <net/xfrm.h>
+#include <net/secure_seq.h>
 #include "dccp.h"
 #include "ipv6.h"
@@ -69,13 +70,7 @@ static inline void dccp_v6_send_check(struct sock *sk, struct sk_buff *skb)
        dh->dccph_checksum = dccp_v6_csum_finish(skb, &np->saddr, &np->daddr);
 }
-static inline __u32 secure_dccpv6_sequence_number(__be32 *saddr, __be32 *daddr,
+static inline __u64 dccp_v6_init_sequence(struct sk_buff *skb)
-                                                  __be16 sport, __be16 dport   )
-{
-        return secure_tcpv6_sequence_number(saddr, daddr, sport, dport);
-}
-static inline __u32 dccp_v6_init_sequence(struct sk_buff *skb)
 {
        return secure_dccpv6_sequence_number(ipv6_hdr(skb)->daddr.s6_addr32,
                                             ipv6_hdr(skb)->saddr.s6_addr32,
diff --git a/net/ipv4/igmp.c b/net/ipv4/igmp.c
index 83532d22129f..70695221a10d 100644
--- a/net/ipv4/igmp.c
+++ b/net/ipv4/igmp.c
@@ -1718,7 +1718,7 @@ static int ip_mc_add_src(struct in_device *in_dev, __be32 *pmca, int sfmode,
                pmc->sfcount[sfmode]--;
                for (j=0; j<i; j++)
-                        (void) ip_mc_del1_src(pmc, sfmode, &psfsrc[i]);
+                        (void) ip_mc_del1_src(pmc, sfmode, &psfsrc[j]);
        } else if (isexclude != (pmc->sfcount[MCAST_EXCLUDE] != 0)) {
 #ifdef CONFIG_IP_MULTICAST
                struct ip_sf_list *psf;
diff --git a/net/ipv4/inet_hashtables.c b/net/ipv4/inet_hashtables.c
index 3c0369a3a663..984ec656b03b 100644
--- a/net/ipv4/inet_hashtables.c
+++ b/net/ipv4/inet_hashtables.c
@@ -21,6 +21,7 @@
 #include <net/inet_connection_sock.h>
 #include <net/inet_hashtables.h>
+#include <net/secure_seq.h>
 #include <net/ip.h>
 /*
diff --git a/net/ipv4/inetpeer.c b/net/ipv4/inetpeer.c
index e38213817d0a..86f13c67ea85 100644
--- a/net/ipv4/inetpeer.c
+++ b/net/ipv4/inetpeer.c
@@ -19,6 +19,7 @@
 #include <linux/net.h>
 #include <net/ip.h>
 #include <net/inetpeer.h>
+#include <net/secure_seq.h>
 /*
 *  Theory of operations.
diff --git a/net/ipv4/ip_output.c b/net/ipv4/ip_output.c
index ccaaa851ab42..8c6563361ab5 100644
--- a/net/ipv4/ip_output.c
+++ b/net/ipv4/ip_output.c
@@ -122,6 +122,7 @@ static int ip_dev_loopback_xmit(struct sk_buff *newskb)
        newskb->pkt_type = PACKET_LOOPBACK;
        newskb->ip_summed = CHECKSUM_UNNECESSARY;
        WARN_ON(!skb_dst(newskb));
+        skb_dst_force(newskb);
        netif_rx_ni(newskb);
        return 0;
 }
@@ -204,9 +205,15 @@ static inline int ip_finish_output2(struct sk_buff *skb)
                skb = skb2;
        }
+        rcu_read_lock();
        neigh = dst_get_neighbour(dst);
-        if (neigh)
+        if (neigh) {
-                return neigh_output(neigh, skb);
+                int res = neigh_output(neigh, skb);
+                rcu_read_unlock();
+                return res;
+        }
+        rcu_read_unlock();
        if (net_ratelimit())
                printk(KERN_DEBUG "ip_finish_output2: No header cache and no neighbour!\n");
diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c
index ab0c9efd1efa..8905e92f896a 100644
--- a/net/ipv4/ip_sockglue.c
+++ b/net/ipv4/ip_sockglue.c
@@ -1067,7 +1067,7 @@ EXPORT_SYMBOL(compat_ip_setsockopt);
 */
 static int do_ip_getsockopt(struct sock *sk, int level, int optname,
-                            char __user *optval, int __user *optlen)
+                            char __user *optval, int __user *optlen, unsigned flags)
 {
        struct inet_sock *inet = inet_sk(sk);
        int val;
@@ -1240,7 +1240,7 @@ static int do_ip_getsockopt(struct sock *sk, int level, int optname,
                msg.msg_control = optval;
                msg.msg_controllen = len;
-                msg.msg_flags = 0;
+                msg.msg_flags = flags;
                if (inet->cmsg_flags & IP_CMSG_PKTINFO) {
                        struct in_pktinfo info;
@@ -1294,7 +1294,7 @@ int ip_getsockopt(struct sock *sk, int level,
 {
        int err;
-        err = do_ip_getsockopt(sk, level, optname, optval, optlen);
+        err = do_ip_getsockopt(sk, level, optname, optval, optlen, 0);
 #ifdef CONFIG_NETFILTER
        /* we need to exclude all possible ENOPROTOOPTs except default case */
        if (err == -ENOPROTOOPT && optname != IP_PKTOPTIONS &&
@@ -1327,7 +1327,8 @@ int compat_ip_getsockopt(struct sock *sk, int level, int optname,
                return compat_mc_getsockopt(sk, level, optname, optval, optlen,
                        ip_getsockopt);
-        err = do_ip_getsockopt(sk, level, optname, optval, optlen);
+        err = do_ip_getsockopt(sk, level, optname, optval, optlen,
+                MSG_CMSG_COMPAT);
 #ifdef CONFIG_NETFILTER
        /* we need to exclude all possible ENOPROTOOPTs except default case */
diff --git a/net/ipv4/netfilter.c b/net/ipv4/netfilter.c
index 2e97e3ec1eb7..929b27bdeb79 100644
--- a/net/ipv4/netfilter.c
+++ b/net/ipv4/netfilter.c
@@ -18,17 +18,15 @@ int ip_route_me_harder(struct sk_buff *skb, unsigned addr_type)
        struct rtable *rt;
        struct flowi4 fl4 = {};
        __be32 saddr = iph->saddr;
-        __u8 flags = 0;
+        __u8 flags = skb->sk ? inet_sk_flowi_flags(skb->sk) : 0;
        unsigned int hh_len;
-        if (!skb->sk && addr_type != RTN_LOCAL) {
+        if (addr_type == RTN_UNSPEC)
-                if (addr_type == RTN_UNSPEC)
+                addr_type = inet_addr_type(net, saddr);
-                        addr_type = inet_addr_type(net, saddr);
+        if (addr_type == RTN_LOCAL || addr_type == RTN_UNICAST)
-                if (addr_type == RTN_LOCAL || addr_type == RTN_UNICAST)
+                flags |= FLOWI_FLAG_ANYSRC;
-                        flags |= FLOWI_FLAG_ANYSRC;
+        else
-                else
+                saddr = 0;
-                        saddr = 0;
-        }
        /* some non-standard hacks like ipt_REJECT.c:send_reset() can cause
         * packets with foreign saddr to appear on the NF_INET_LOCAL_OUT hook.
@@ -38,7 +36,7 @@ int ip_route_me_harder(struct sk_buff *skb, unsigned addr_type)
        fl4.flowi4_tos = RT_TOS(iph->tos);
        fl4.flowi4_oif = skb->sk ? skb->sk->sk_bound_dev_if : 0;
        fl4.flowi4_mark = skb->mark;
-        fl4.flowi4_flags = skb->sk ? inet_sk_flowi_flags(skb->sk) : flags;
+        fl4.flowi4_flags = flags;
        rt = ip_route_output_key(net, &fl4);
        if (IS_ERR(rt))
                return -1;
diff --git a/net/ipv4/netfilter/nf_nat_proto_common.c b/net/ipv4/netfilter/nf_nat_proto_common.c
index 3e61faf23a9a..f52d41ea0690 100644
--- a/net/ipv4/netfilter/nf_nat_proto_common.c
+++ b/net/ipv4/netfilter/nf_nat_proto_common.c
@@ -12,6 +12,7 @@
 #include <linux/ip.h>
 #include <linux/netfilter.h>
+#include <net/secure_seq.h>
 #include <net/netfilter/nf_nat.h>
 #include <net/netfilter/nf_nat_core.h>
 #include <net/netfilter/nf_nat_rule.h>
diff --git a/net/ipv4/raw.c b/net/ipv4/raw.c
index 1457acb39cec..61714bd52925 100644
--- a/net/ipv4/raw.c
+++ b/net/ipv4/raw.c
@@ -563,7 +563,8 @@ static int raw_sendmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg,
        flowi4_init_output(&fl4, ipc.oif, sk->sk_mark, tos,
                           RT_SCOPE_UNIVERSE,
                           inet->hdrincl ? IPPROTO_RAW : sk->sk_protocol,
-                           FLOWI_FLAG_CAN_SLEEP, daddr, saddr, 0, 0);
+                           inet_sk_flowi_flags(sk) | FLOWI_FLAG_CAN_SLEEP,
+                           daddr, saddr, 0, 0);
        if (!inet->hdrincl) {
                err = raw_probe_proto_opt(&fl4, msg);
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index 1730689f560e..cb7efe0567f0 100644
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -109,6 +109,7 @@
 #include <linux/sysctl.h>
 #endif
 #include <net/atmclip.h>
+#include <net/secure_seq.h>
 #define RT_FL_TOS(oldflp4) \
    ((u32)(oldflp4->flowi4_tos & (IPTOS_RT_MASK | RTO_ONLINK)))
@@ -730,6 +731,7 @@ static inline int compare_keys(struct rtable *rt1, struct rtable *rt2)
                ((__force u32)rt1->rt_key_src ^ (__force u32)rt2->rt_key_src) |
                (rt1->rt_mark ^ rt2->rt_mark) |
                (rt1->rt_key_tos ^ rt2->rt_key_tos) |
+                (rt1->rt_route_iif ^ rt2->rt_route_iif) |
                (rt1->rt_oif ^ rt2->rt_oif) |
                (rt1->rt_iif ^ rt2->rt_iif)) == 0;
 }
@@ -1628,16 +1630,18 @@ static int check_peer_redir(struct dst_entry *dst, struct inet_peer *peer)
 {
        struct rtable *rt = (struct rtable *) dst;
        __be32 orig_gw = rt->rt_gateway;
-        struct neighbour *n;
+        struct neighbour *n, *old_n;
        dst_confirm(&rt->dst);
-        neigh_release(dst_get_neighbour(&rt->dst));
-        dst_set_neighbour(&rt->dst, NULL);
        rt->rt_gateway = peer->redirect_learned.a4;
-        rt_bind_neighbour(rt);
-        n = dst_get_neighbour(&rt->dst);
+        n = ipv4_neigh_lookup(&rt->dst, &rt->rt_gateway);
+        if (IS_ERR(n))
+                return PTR_ERR(n);
+        old_n = xchg(&rt->dst._neighbour, n);
+        if (old_n)
+                neigh_release(old_n);
        if (!n || !(n->nud_state & NUD_VALID)) {
                if (n)
                        neigh_event_send(n, NULL);
@@ -2318,8 +2322,8 @@ int ip_route_input_common(struct sk_buff *skb, __be32 daddr, __be32 saddr,
                if ((((__force u32)rth->rt_key_dst ^ (__force u32)daddr) |
                     ((__force u32)rth->rt_key_src ^ (__force u32)saddr) |
                     (rth->rt_iif ^ iif) |
-                     rth->rt_oif |
                     (rth->rt_key_tos ^ tos)) == 0 &&
+                    rt_is_input_route(rth) &&
                    rth->rt_mark == skb->mark &&
                    net_eq(dev_net(rth->dst.dev), net) &&
                    !rt_is_expired(rth)) {
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
index 955b8e65b69e..1c12b8ec849d 100644
--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c
@@ -72,6 +72,7 @@
 #include <net/timewait_sock.h>
 #include <net/xfrm.h>
 #include <net/netdma.h>
+#include <net/secure_seq.h>
 #include <linux/inet.h>
 #include <linux/ipv6.h>
diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
index 7d82123b1d26..8f1e5be26d91 100644
--- a/net/ipv6/addrconf.c
+++ b/net/ipv6/addrconf.c
@@ -656,7 +656,7 @@ ipv6_add_addr(struct inet6_dev *idev, const struct in6_addr *addr, int pfxlen,
         * layer address of our nexhop router
         */
-        if (dst_get_neighbour(&rt->dst) == NULL)
+        if (dst_get_neighbour_raw(&rt->dst) == NULL)
                ifa->flags &= ~IFA_F_OPTIMISTIC;
        ifa->idev = idev;
diff --git a/net/ipv6/datagram.c b/net/ipv6/datagram.c
index 16560336eb72..9ef1831746ef 100644
--- a/net/ipv6/datagram.c
+++ b/net/ipv6/datagram.c
@@ -33,6 +33,11 @@
 #include <linux/errqueue.h>
 #include <asm/uaccess.h>
+static inline int ipv6_mapped_addr_any(const struct in6_addr *a)
+{
+        return (ipv6_addr_v4mapped(a) && (a->s6_addr32[3] == 0));
+}
 int ip6_datagram_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len)
 {
        struct sockaddr_in6     *usin = (struct sockaddr_in6 *) uaddr;
@@ -102,10 +107,12 @@ ipv4_connected:
                ipv6_addr_set_v4mapped(inet->inet_daddr, &np->daddr);
-                if (ipv6_addr_any(&np->saddr))
+                if (ipv6_addr_any(&np->saddr) ||
+                    ipv6_mapped_addr_any(&np->saddr))
                        ipv6_addr_set_v4mapped(inet->inet_saddr, &np->saddr);
-                if (ipv6_addr_any(&np->rcv_saddr)) {
+                if (ipv6_addr_any(&np->rcv_saddr) ||
+                    ipv6_mapped_addr_any(&np->rcv_saddr)) {
                        ipv6_addr_set_v4mapped(inet->inet_rcv_saddr,
                                               &np->rcv_saddr);
                        if (sk->sk_prot->rehash)
diff --git a/net/ipv6/inet6_hashtables.c b/net/ipv6/inet6_hashtables.c
index b53197233709..73f1a00a96af 100644
--- a/net/ipv6/inet6_hashtables.c
+++ b/net/ipv6/inet6_hashtables.c
@@ -20,6 +20,7 @@
 #include <net/inet_connection_sock.h>
 #include <net/inet_hashtables.h>
 #include <net/inet6_hashtables.h>
+#include <net/secure_seq.h>
 #include <net/ip.h>
 int __inet6_hash(struct sock *sk, struct inet_timewait_sock *tw)
diff --git a/net/ipv6/ip6_fib.c b/net/ipv6/ip6_fib.c
index 54a4678955bf..320d91d20ad7 100644
--- a/net/ipv6/ip6_fib.c
+++ b/net/ipv6/ip6_fib.c
@@ -1455,7 +1455,7 @@ static int fib6_age(struct rt6_info *rt, void *arg)
                        RT6_TRACE("aging clone %p\n", rt);
                        return -1;
                } else if ((rt->rt6i_flags & RTF_GATEWAY) &&
-                           (!(dst_get_neighbour(&rt->dst)->flags & NTF_ROUTER))) {
+                           (!(dst_get_neighbour_raw(&rt->dst)->flags & NTF_ROUTER))) {
                        RT6_TRACE("purging route %p via non-router but gateway\n",
                                  rt);
                        return -1;
diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c
index 32e5339db0c8..4c882cf4e8a1 100644
--- a/net/ipv6/ip6_output.c
+++ b/net/ipv6/ip6_output.c
@@ -135,10 +135,15 @@ static int ip6_finish_output2(struct sk_buff *skb)
                                skb->len);
        }
+        rcu_read_lock();
        neigh = dst_get_neighbour(dst);
-        if (neigh)
+        if (neigh) {
-                return neigh_output(neigh, skb);
+                int res = neigh_output(neigh, skb);
+                rcu_read_unlock();
+                return res;
+        }
+        rcu_read_unlock();
        IP6_INC_STATS_BH(dev_net(dst->dev),
                         ip6_dst_idev(dst), IPSTATS_MIB_OUTNOROUTES);
        kfree_skb(skb);
@@ -975,12 +980,14 @@ static int ip6_dst_lookup_tail(struct sock *sk,
         * dst entry and replace it instead with the
         * dst entry of the nexthop router
         */
+        rcu_read_lock();
        n = dst_get_neighbour(*dst);
        if (n && !(n->nud_state & NUD_VALID)) {
                struct inet6_ifaddr *ifp;
                struct flowi6 fl_gw6;
                int redirect;
+                rcu_read_unlock();
                ifp = ipv6_get_ifaddr(net, &fl6->saddr,
                                      (*dst)->dev, 1);
@@ -1000,6 +1007,8 @@ static int ip6_dst_lookup_tail(struct sock *sk,
                        if ((err = (*dst)->error))
                                goto out_err_release;
                }
+        } else {
+                rcu_read_unlock();
        }
 #endif
diff --git a/net/ipv6/route.c b/net/ipv6/route.c
index e8987da06667..9e69eb0ec6dd 100644
--- a/net/ipv6/route.c
+++ b/net/ipv6/route.c
@@ -364,7 +364,7 @@ out:
 #ifdef CONFIG_IPV6_ROUTER_PREF
 static void rt6_probe(struct rt6_info *rt)
 {
-        struct neighbour *neigh = rt ? dst_get_neighbour(&rt->dst) : NULL;
+        struct neighbour *neigh;
        /*
         * Okay, this does not seem to be appropriate
         * for now, however, we need to check if it
@@ -373,8 +373,10 @@ static void rt6_probe(struct rt6_info *rt)
         * Router Reachability Probe MUST be rate-limited
         * to no more than one per minute.
         */
+        rcu_read_lock();
+        neigh = rt ? dst_get_neighbour(&rt->dst) : NULL;
        if (!neigh || (neigh->nud_state & NUD_VALID))
-                return;
+                goto out;
        read_lock_bh(&neigh->lock);
        if (!(neigh->nud_state & NUD_VALID) &&
            time_after(jiffies, neigh->updated + rt->rt6i_idev->cnf.rtr_probe_interval)) {
@@ -387,8 +389,11 @@ static void rt6_probe(struct rt6_info *rt)
                target = (struct in6_addr *)&neigh->primary_key;
                addrconf_addr_solict_mult(target, &mcaddr);
                ndisc_send_ns(rt->rt6i_dev, NULL, target, &mcaddr, NULL);
-        } else
+        } else {
                read_unlock_bh(&neigh->lock);
+        }
+out:
+        rcu_read_unlock();
 }
 #else
 static inline void rt6_probe(struct rt6_info *rt)
@@ -412,8 +417,11 @@ static inline int rt6_check_dev(struct rt6_info *rt, int oif)
 static inline int rt6_check_neigh(struct rt6_info *rt)
 {
-        struct neighbour *neigh = dst_get_neighbour(&rt->dst);
+        struct neighbour *neigh;
        int m;
+        rcu_read_lock();
+        neigh = dst_get_neighbour(&rt->dst);
        if (rt->rt6i_flags & RTF_NONEXTHOP ||
            !(rt->rt6i_flags & RTF_GATEWAY))
                m = 1;
@@ -430,6 +438,7 @@ static inline int rt6_check_neigh(struct rt6_info *rt)
                read_unlock_bh(&neigh->lock);
        } else
                m = 0;
+        rcu_read_unlock();
        return m;
 }
@@ -769,7 +778,7 @@ static struct rt6_info *rt6_alloc_clone(struct rt6_info *ort,
                rt->rt6i_dst.plen = 128;
                rt->rt6i_flags |= RTF_CACHE;
                rt->dst.flags |= DST_HOST;
-                dst_set_neighbour(&rt->dst, neigh_clone(dst_get_neighbour(&ort->dst)));
+                dst_set_neighbour(&rt->dst, neigh_clone(dst_get_neighbour_raw(&ort->dst)));
        }
        return rt;
 }
@@ -803,7 +812,7 @@ restart:
        dst_hold(&rt->dst);
        read_unlock_bh(&table->tb6_lock);
-        if (!dst_get_neighbour(&rt->dst) && !(rt->rt6i_flags & RTF_NONEXTHOP))
+        if (!dst_get_neighbour_raw(&rt->dst) && !(rt->rt6i_flags & RTF_NONEXTHOP))
                nrt = rt6_alloc_cow(rt, &fl6->daddr, &fl6->saddr);
        else if (!(rt->dst.flags & DST_HOST))
                nrt = rt6_alloc_clone(rt, &fl6->daddr);
@@ -1587,7 +1596,7 @@ void rt6_redirect(const struct in6_addr *dest, const struct in6_addr *src,
        dst_confirm(&rt->dst);
        /* Duplicate redirect: silently ignore. */
-        if (neigh == dst_get_neighbour(&rt->dst))
+        if (neigh == dst_get_neighbour_raw(&rt->dst))
                goto out;
        nrt = ip6_rt_copy(rt, dest);
@@ -1682,7 +1691,7 @@ again:
           1. It is connected route. Action: COW
           2. It is gatewayed route or NONEXTHOP route. Action: clone it.
         */
-        if (!dst_get_neighbour(&rt->dst) && !(rt->rt6i_flags & RTF_NONEXTHOP))
+        if (!dst_get_neighbour_raw(&rt->dst) && !(rt->rt6i_flags & RTF_NONEXTHOP))
                nrt = rt6_alloc_cow(rt, daddr, saddr);
        else
                nrt = rt6_alloc_clone(rt, daddr);
@@ -2326,6 +2335,7 @@ static int rt6_fill_node(struct net *net,
        struct nlmsghdr *nlh;
        long expires;
        u32 table;
+        struct neighbour *n;
        if (prefix) {   /* user wants prefix routes only */
                if (!(rt->rt6i_flags & RTF_PREFIX_RT)) {
@@ -2414,8 +2424,11 @@ static int rt6_fill_node(struct net *net,
        if (rtnetlink_put_metrics(skb, dst_metrics_ptr(&rt->dst)) < 0)
                goto nla_put_failure;
-        if (dst_get_neighbour(&rt->dst))
+        rcu_read_lock();
-                NLA_PUT(skb, RTA_GATEWAY, 16, &dst_get_neighbour(&rt->dst)->primary_key);
+        n = dst_get_neighbour(&rt->dst);
+        if (n)
+                NLA_PUT(skb, RTA_GATEWAY, 16, &n->primary_key);
+        rcu_read_unlock();
        if (rt->dst.dev)
                NLA_PUT_U32(skb, RTA_OIF, rt->rt6i_dev->ifindex);
@@ -2608,12 +2621,14 @@ static int rt6_info_route(struct rt6_info *rt, void *p_arg)
 #else
        seq_puts(m, "00000000000000000000000000000000 00 ");
 #endif
+        rcu_read_lock();
        n = dst_get_neighbour(&rt->dst);
        if (n) {
                seq_printf(m, "%pi6", n->primary_key);
        } else {
                seq_puts(m, "00000000000000000000000000000000");
        }
+        rcu_read_unlock();
        seq_printf(m, " %08x %08x %08x %08x %8s\n",
                   rt->rt6i_metric, atomic_read(&rt->dst.__refcnt),
                   rt->dst.__use, rt->rt6i_flags,
diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c
index 78aa53492b3e..d1fb63f4aeb7 100644
--- a/net/ipv6/tcp_ipv6.c
+++ b/net/ipv6/tcp_ipv6.c
@@ -61,6 +61,7 @@
 #include <net/timewait_sock.h>
 #include <net/netdma.h>
 #include <net/inet_common.h>
+#include <net/secure_seq.h>
 #include <asm/uaccess.h>
diff --git a/net/netfilter/nf_queue.c b/net/netfilter/nf_queue.c
index c1894ae196de..99ffd2885088 100644
--- a/net/netfilter/nf_queue.c
+++ b/net/netfilter/nf_queue.c
@@ -312,6 +312,7 @@ void nf_reinject(struct nf_queue_entry *entry, unsigned int verdict)
                }
                break;
        case NF_STOLEN:
+                break;
        default:
                kfree_skb(skb);
        }
diff --git a/net/netlabel/Makefile b/net/netlabel/Makefile
index ea750e9df65f..d2732fc952e2 100644
--- a/net/netlabel/Makefile
+++ b/net/netlabel/Makefile
@@ -1,8 +1,6 @@
 #
 # Makefile for the NetLabel subsystem.
 #
-# Feb 9, 2006, Paul Moore <paul.moore@hp.com>
-#
 # base objects
 obj-y   := netlabel_user.o netlabel_kapi.o
diff --git a/net/netlabel/netlabel_addrlist.c b/net/netlabel/netlabel_addrlist.c
index c0519139679e..96b749dacc34 100644
--- a/net/netlabel/netlabel_addrlist.c
+++ b/net/netlabel/netlabel_addrlist.c
@@ -6,7 +6,7 @@
 * system manages static and dynamic label mappings for network protocols such
 * as CIPSO and RIPSO.
 *
- * Author: Paul Moore <paul.moore@hp.com>
+ * Author: Paul Moore <paul@paul-moore.com>
 *
 */
diff --git a/net/netlabel/netlabel_addrlist.h b/net/netlabel/netlabel_addrlist.h
index 2b9644e19de0..fdbc1d2c7352 100644
--- a/net/netlabel/netlabel_addrlist.h
+++ b/net/netlabel/netlabel_addrlist.h
@@ -6,7 +6,7 @@
 * system manages static and dynamic label mappings for network protocols such
 * as CIPSO and RIPSO.
 *
- * Author: Paul Moore <paul.moore@hp.com>
+ * Author: Paul Moore <paul@paul-moore.com>
 *
 */
diff --git a/net/netlabel/netlabel_cipso_v4.c b/net/netlabel/netlabel_cipso_v4.c
index dd53a36d89af..6bf878335d94 100644
--- a/net/netlabel/netlabel_cipso_v4.c
+++ b/net/netlabel/netlabel_cipso_v4.c
@@ -5,7 +5,7 @@
 * NetLabel system manages static and dynamic label mappings for network
 * protocols such as CIPSO and RIPSO.
 *
- * Author: Paul Moore <paul.moore@hp.com>
+ * Author: Paul Moore <paul@paul-moore.com>
 *
 */
diff --git a/net/netlabel/netlabel_cipso_v4.h b/net/netlabel/netlabel_cipso_v4.h
index af7f3355103e..d24d774bfd62 100644
--- a/net/netlabel/netlabel_cipso_v4.h
+++ b/net/netlabel/netlabel_cipso_v4.h
@@ -5,7 +5,7 @@
 * NetLabel system manages static and dynamic label mappings for network
 * protocols such as CIPSO and RIPSO.
 *
- * Author: Paul Moore <paul.moore@hp.com>
+ * Author: Paul Moore <paul@paul-moore.com>
 *
 */
diff --git a/net/netlabel/netlabel_domainhash.c b/net/netlabel/netlabel_domainhash.c
index c0594cdfe617..3f905e5370c2 100644
--- a/net/netlabel/netlabel_domainhash.c
+++ b/net/netlabel/netlabel_domainhash.c
@@ -6,7 +6,7 @@
 * system manages static and dynamic label mappings for network protocols such
 * as CIPSO and RIPSO.
 *
- * Author: Paul Moore <paul.moore@hp.com>
+ * Author: Paul Moore <paul@paul-moore.com>
 *
 */
diff --git a/net/netlabel/netlabel_domainhash.h b/net/netlabel/netlabel_domainhash.h
index 0261dda3f2d2..bfcc0f7024c5 100644
--- a/net/netlabel/netlabel_domainhash.h
+++ b/net/netlabel/netlabel_domainhash.h
@@ -6,7 +6,7 @@
 * system manages static and dynamic label mappings for network protocols such
 * as CIPSO and RIPSO.
 *
- * Author: Paul Moore <paul.moore@hp.com>
+ * Author: Paul Moore <paul@paul-moore.com>
 *
 */
diff --git a/net/netlabel/netlabel_kapi.c b/net/netlabel/netlabel_kapi.c
index b528dd928d3c..58107d060846 100644
--- a/net/netlabel/netlabel_kapi.c
+++ b/net/netlabel/netlabel_kapi.c
@@ -5,7 +5,7 @@
 * system manages static and dynamic label mappings for network protocols such
 * as CIPSO and RIPSO.
 *
- * Author: Paul Moore <paul.moore@hp.com>
+ * Author: Paul Moore <paul@paul-moore.com>
 *
 */
diff --git a/net/netlabel/netlabel_mgmt.c b/net/netlabel/netlabel_mgmt.c
index dff8a0809245..bfa555869775 100644
--- a/net/netlabel/netlabel_mgmt.c
+++ b/net/netlabel/netlabel_mgmt.c
@@ -5,7 +5,7 @@
 * NetLabel system manages static and dynamic label mappings for network
 * protocols such as CIPSO and RIPSO.
 *
- * Author: Paul Moore <paul.moore@hp.com>
+ * Author: Paul Moore <paul@paul-moore.com>
 *
 */
diff --git a/net/netlabel/netlabel_mgmt.h b/net/netlabel/netlabel_mgmt.h
index 8db37f4c10f7..5a9f31ce5799 100644
--- a/net/netlabel/netlabel_mgmt.h
+++ b/net/netlabel/netlabel_mgmt.h
@@ -5,7 +5,7 @@
 * NetLabel system manages static and dynamic label mappings for network
 * protocols such as CIPSO and RIPSO.
 *
- * Author: Paul Moore <paul.moore@hp.com>
+ * Author: Paul Moore <paul@paul-moore.com>
 *
 */
diff --git a/net/netlabel/netlabel_unlabeled.c b/net/netlabel/netlabel_unlabeled.c
index 5a587cf6c86f..e251c2c88521 100644
--- a/net/netlabel/netlabel_unlabeled.c
+++ b/net/netlabel/netlabel_unlabeled.c
@@ -5,7 +5,7 @@
 * NetLabel system.  The NetLabel system manages static and dynamic label
 * mappings for network protocols such as CIPSO and RIPSO.
 *
- * Author: Paul Moore <paul.moore@hp.com>
+ * Author: Paul Moore <paul@paul-moore.com>
 *
 */
diff --git a/net/netlabel/netlabel_unlabeled.h b/net/netlabel/netlabel_unlabeled.h
index 0bc8dc3f9e3c..700af49022a0 100644
--- a/net/netlabel/netlabel_unlabeled.h
+++ b/net/netlabel/netlabel_unlabeled.h
@@ -5,7 +5,7 @@
 * NetLabel system.  The NetLabel system manages static and dynamic label
 * mappings for network protocols such as CIPSO and RIPSO.
 *
- * Author: Paul Moore <paul.moore@hp.com>
+ * Author: Paul Moore <paul@paul-moore.com>
 *
 */
diff --git a/net/netlabel/netlabel_user.c b/net/netlabel/netlabel_user.c
index a3fd75ac3fa5..9fae63f10298 100644
--- a/net/netlabel/netlabel_user.c
+++ b/net/netlabel/netlabel_user.c
@@ -5,7 +5,7 @@
 * NetLabel system manages static and dynamic label mappings for network
 * protocols such as CIPSO and RIPSO.
 *
- * Author: Paul Moore <paul.moore@hp.com>
+ * Author: Paul Moore <paul@paul-moore.com>
 *
 */
diff --git a/net/netlabel/netlabel_user.h b/net/netlabel/netlabel_user.h
index f4fc4c9ad567..81969785e279 100644
--- a/net/netlabel/netlabel_user.h
+++ b/net/netlabel/netlabel_user.h
@@ -5,7 +5,7 @@
 * NetLabel system manages static and dynamic label mappings for network
 * protocols such as CIPSO and RIPSO.
 *
- * Author: Paul Moore <paul.moore@hp.com>
+ * Author: Paul Moore <paul@paul-moore.com>
 *
 */
diff --git a/net/sched/sch_sfq.c b/net/sched/sch_sfq.c
index 4536ee64383e..4f5510e2bd6f 100644
--- a/net/sched/sch_sfq.c
+++ b/net/sched/sch_sfq.c
@@ -410,7 +410,12 @@ sfq_enqueue(struct sk_buff *skb, struct Qdisc *sch)
        /* Return Congestion Notification only if we dropped a packet
         * from this flow.
         */
-        return (qlen != slot->qlen) ? NET_XMIT_CN : NET_XMIT_SUCCESS;
+        if (qlen != slot->qlen)
+                return NET_XMIT_CN;
+        /* As we dropped a packet, better let upper stack know this */
+        qdisc_tree_decrease_qlen(sch, 1);
+        return NET_XMIT_SUCCESS;
 }
 static struct sk_buff *
diff --git a/net/socket.c b/net/socket.c
index 7ec8f9b669b3..2517e11a5300 100644
--- a/net/socket.c
+++ b/net/socket.c
@@ -1871,8 +1871,14 @@ SYSCALL_DEFINE2(shutdown, int, fd, int, how)
 #define COMPAT_NAMELEN(msg)     COMPAT_MSG(msg, msg_namelen)
 #define COMPAT_FLAGS(msg)       COMPAT_MSG(msg, msg_flags)
+struct used_address {
+        struct sockaddr_storage name;
+        unsigned int name_len;
+};
 static int __sys_sendmsg(struct socket *sock, struct msghdr __user *msg,
-                         struct msghdr *msg_sys, unsigned flags, int nosec)
+                         struct msghdr *msg_sys, unsigned flags,
+                         struct used_address *used_address)
 {
        struct compat_msghdr __user *msg_compat =
            (struct compat_msghdr __user *)msg;
@@ -1953,8 +1959,28 @@ static int __sys_sendmsg(struct socket *sock, struct msghdr __user *msg,
        if (sock->file->f_flags & O_NONBLOCK)
                msg_sys->msg_flags |= MSG_DONTWAIT;
-        err = (nosec ? sock_sendmsg_nosec : sock_sendmsg)(sock, msg_sys,
+        /*
-                                                          total_len);
+         * If this is sendmmsg() and current destination address is same as
+         * previously succeeded address, omit asking LSM's decision.
+         * used_address->name_len is initialized to UINT_MAX so that the first
+         * destination address never matches.
+         */
+        if (used_address && used_address->name_len == msg_sys->msg_namelen &&
+            !memcmp(&used_address->name, msg->msg_name,
+                    used_address->name_len)) {
+                err = sock_sendmsg_nosec(sock, msg_sys, total_len);
+                goto out_freectl;
+        }
+        err = sock_sendmsg(sock, msg_sys, total_len);
+        /*
+         * If this is sendmmsg() and sending to current destination address was
+         * successful, remember it.
+         */
+        if (used_address && err >= 0) {
+                used_address->name_len = msg_sys->msg_namelen;
+                memcpy(&used_address->name, msg->msg_name,
+                       used_address->name_len);
+        }
 out_freectl:
        if (ctl_buf != ctl)
@@ -1979,7 +2005,7 @@ SYSCALL_DEFINE3(sendmsg, int, fd, struct msghdr __user *, msg, unsigned, flags)
        if (!sock)
                goto out;
-        err = __sys_sendmsg(sock, msg, &msg_sys, flags, 0);
+        err = __sys_sendmsg(sock, msg, &msg_sys, flags, NULL);
        fput_light(sock->file, fput_needed);
 out:
@@ -1998,6 +2024,10 @@ int __sys_sendmmsg(int fd, struct mmsghdr __user *mmsg, unsigned int vlen,
        struct mmsghdr __user *entry;
        struct compat_mmsghdr __user *compat_entry;
        struct msghdr msg_sys;
+        struct used_address used_address;
+        if (vlen > UIO_MAXIOV)
+                vlen = UIO_MAXIOV;
        datagrams = 0;
@@ -2005,27 +2035,22 @@ int __sys_sendmmsg(int fd, struct mmsghdr __user *mmsg, unsigned int vlen,
        if (!sock)
                return err;
-        err = sock_error(sock->sk);
+        used_address.name_len = UINT_MAX;
-        if (err)
-                goto out_put;
        entry = mmsg;
        compat_entry = (struct compat_mmsghdr __user *)mmsg;
+        err = 0;
        while (datagrams < vlen) {
-                /*
-                 * No need to ask LSM for more than the first datagram.
-                 */
                if (MSG_CMSG_COMPAT & flags) {
                        err = __sys_sendmsg(sock, (struct msghdr __user *)compat_entry,
-                                            &msg_sys, flags, datagrams);
+                                            &msg_sys, flags, &used_address);
                        if (err < 0)
                                break;
                        err = __put_user(err, &compat_entry->msg_len);
                        ++compat_entry;
                } else {
                        err = __sys_sendmsg(sock, (struct msghdr __user *)entry,
-                                            &msg_sys, flags, datagrams);
+                                            &msg_sys, flags, &used_address);
                        if (err < 0)
                                break;
                        err = put_user(err, &entry->msg_len);
@@ -2037,29 +2062,11 @@ int __sys_sendmmsg(int fd, struct mmsghdr __user *mmsg, unsigned int vlen,
                ++datagrams;
        }
-out_put:
        fput_light(sock->file, fput_needed);
-        if (err == 0)
+        /* We only return an error if no datagrams were able to be sent */
-                return datagrams;
+        if (datagrams != 0)
-        if (datagrams != 0) {
-                /*
-                 * We may send less entries than requested (vlen) if the
-                 * sock is non blocking...
-                 */
-                if (err != -EAGAIN) {
-                        /*
-                         * ... or if sendmsg returns an error after we
-                         * send some datagrams, where we record the
-                         * error to return on the next call or if the
-                         * app asks about it using getsockopt(SO_ERROR).
-                         */
-                        sock->sk->sk_err = -err;
-                }
                return datagrams;
-        }
        return err;
 }
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index 28d2aa109bee..e83e7fee3bc0 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -3464,7 +3464,7 @@ static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info)
                                    tmp) {
                        enum ieee80211_band band = nla_type(attr);
-                        if (band < 0 || band > IEEE80211_NUM_BANDS) {
+                        if (band < 0 || band >= IEEE80211_NUM_BANDS) {
                                err = -EINVAL;
                                goto out_free;
                        }
author	David S. Miller <davem@davemloft.net>	2011-08-08 02:20:26 -0400
committer	David S. Miller <davem@davemloft.net>	2011-08-08 02:20:26 -0400
commit	19fd61785a580c60cba900c5171bfadb57dd5056 (patch)
tree	1e491fb014be0dc03f4b6755bb94e73afd38c455 /net
parent	57569d0e12eaf31717e295960cd2a26f626c8e5b (diff)
parent	8028837d71ba9904b17281b40f94b93e947fbe38 (diff)