diff options
author | James Morris <jmorris@namei.org> | 2011-05-19 04:51:57 -0400 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2011-05-19 04:51:57 -0400 |
commit | 12a5a2621b1ee14d32beca35304d7c6076a58815 (patch) | |
tree | 213e13f99de690b3c4a510f504393b63ada626bd /net | |
parent | e77dc3460fa59be5759e9327ad882868eee9d61b (diff) | |
parent | 61c4f2c81c61f73549928dfd9f3e8f26aa36a8cf (diff) |
Merge branch 'master' into next
Conflicts:
include/linux/capability.h
Manually resolve merge conflict w/ thanks to Stephen Rothwell.
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'net')
71 files changed, 524 insertions, 319 deletions
diff --git a/net/8021q/vlan.c b/net/8021q/vlan.c index 7850412f52b7..0eb1a886b370 100644 --- a/net/8021q/vlan.c +++ b/net/8021q/vlan.c | |||
@@ -124,6 +124,9 @@ void unregister_vlan_dev(struct net_device *dev, struct list_head *head) | |||
124 | 124 | ||
125 | grp->nr_vlans--; | 125 | grp->nr_vlans--; |
126 | 126 | ||
127 | if (vlan->flags & VLAN_FLAG_GVRP) | ||
128 | vlan_gvrp_request_leave(dev); | ||
129 | |||
127 | vlan_group_set_device(grp, vlan_id, NULL); | 130 | vlan_group_set_device(grp, vlan_id, NULL); |
128 | if (!grp->killall) | 131 | if (!grp->killall) |
129 | synchronize_net(); | 132 | synchronize_net(); |
diff --git a/net/8021q/vlan_dev.c b/net/8021q/vlan_dev.c index e34ea9e5e28b..b2ff6c8d3603 100644 --- a/net/8021q/vlan_dev.c +++ b/net/8021q/vlan_dev.c | |||
@@ -487,9 +487,6 @@ static int vlan_dev_stop(struct net_device *dev) | |||
487 | struct vlan_dev_info *vlan = vlan_dev_info(dev); | 487 | struct vlan_dev_info *vlan = vlan_dev_info(dev); |
488 | struct net_device *real_dev = vlan->real_dev; | 488 | struct net_device *real_dev = vlan->real_dev; |
489 | 489 | ||
490 | if (vlan->flags & VLAN_FLAG_GVRP) | ||
491 | vlan_gvrp_request_leave(dev); | ||
492 | |||
493 | dev_mc_unsync(real_dev, dev); | 490 | dev_mc_unsync(real_dev, dev); |
494 | dev_uc_unsync(real_dev, dev); | 491 | dev_uc_unsync(real_dev, dev); |
495 | if (dev->flags & IFF_ALLMULTI) | 492 | if (dev->flags & IFF_ALLMULTI) |
diff --git a/net/9p/client.c b/net/9p/client.c index 77367745be9b..a9aa2dd66482 100644 --- a/net/9p/client.c +++ b/net/9p/client.c | |||
@@ -614,7 +614,7 @@ p9_client_rpc(struct p9_client *c, int8_t type, const char *fmt, ...) | |||
614 | 614 | ||
615 | err = c->trans_mod->request(c, req); | 615 | err = c->trans_mod->request(c, req); |
616 | if (err < 0) { | 616 | if (err < 0) { |
617 | if (err != -ERESTARTSYS) | 617 | if (err != -ERESTARTSYS && err != -EFAULT) |
618 | c->status = Disconnected; | 618 | c->status = Disconnected; |
619 | goto reterr; | 619 | goto reterr; |
620 | } | 620 | } |
diff --git a/net/9p/protocol.c b/net/9p/protocol.c index b58a501cf3d1..a873277cb996 100644 --- a/net/9p/protocol.c +++ b/net/9p/protocol.c | |||
@@ -674,6 +674,7 @@ int p9dirent_read(char *buf, int len, struct p9_dirent *dirent, | |||
674 | } | 674 | } |
675 | 675 | ||
676 | strcpy(dirent->d_name, nameptr); | 676 | strcpy(dirent->d_name, nameptr); |
677 | kfree(nameptr); | ||
677 | 678 | ||
678 | out: | 679 | out: |
679 | return fake_pdu.offset; | 680 | return fake_pdu.offset; |
diff --git a/net/9p/trans_common.c b/net/9p/trans_common.c index e883172f9aa2..9a70ebdec56e 100644 --- a/net/9p/trans_common.c +++ b/net/9p/trans_common.c | |||
@@ -63,7 +63,7 @@ p9_payload_gup(struct p9_req_t *req, size_t *pdata_off, int *pdata_len, | |||
63 | int nr_pages, u8 rw) | 63 | int nr_pages, u8 rw) |
64 | { | 64 | { |
65 | uint32_t first_page_bytes = 0; | 65 | uint32_t first_page_bytes = 0; |
66 | uint32_t pdata_mapped_pages; | 66 | int32_t pdata_mapped_pages; |
67 | struct trans_rpage_info *rpinfo; | 67 | struct trans_rpage_info *rpinfo; |
68 | 68 | ||
69 | *pdata_off = (__force size_t)req->tc->pubuf & (PAGE_SIZE-1); | 69 | *pdata_off = (__force size_t)req->tc->pubuf & (PAGE_SIZE-1); |
@@ -75,14 +75,9 @@ p9_payload_gup(struct p9_req_t *req, size_t *pdata_off, int *pdata_len, | |||
75 | rpinfo = req->tc->private; | 75 | rpinfo = req->tc->private; |
76 | pdata_mapped_pages = get_user_pages_fast((unsigned long)req->tc->pubuf, | 76 | pdata_mapped_pages = get_user_pages_fast((unsigned long)req->tc->pubuf, |
77 | nr_pages, rw, &rpinfo->rp_data[0]); | 77 | nr_pages, rw, &rpinfo->rp_data[0]); |
78 | if (pdata_mapped_pages <= 0) | ||
79 | return pdata_mapped_pages; | ||
78 | 80 | ||
79 | if (pdata_mapped_pages < 0) { | ||
80 | printk(KERN_ERR "get_user_pages_fast failed:%d udata:%p" | ||
81 | "nr_pages:%d\n", pdata_mapped_pages, | ||
82 | req->tc->pubuf, nr_pages); | ||
83 | pdata_mapped_pages = 0; | ||
84 | return -EIO; | ||
85 | } | ||
86 | rpinfo->rp_nr_pages = pdata_mapped_pages; | 81 | rpinfo->rp_nr_pages = pdata_mapped_pages; |
87 | if (*pdata_off) { | 82 | if (*pdata_off) { |
88 | *pdata_len = first_page_bytes; | 83 | *pdata_len = first_page_bytes; |
diff --git a/net/bluetooth/hci_core.c b/net/bluetooth/hci_core.c index c83f618282f7..b5a8afc2be33 100644 --- a/net/bluetooth/hci_core.c +++ b/net/bluetooth/hci_core.c | |||
@@ -587,10 +587,8 @@ static int hci_dev_do_close(struct hci_dev *hdev) | |||
587 | hci_req_cancel(hdev, ENODEV); | 587 | hci_req_cancel(hdev, ENODEV); |
588 | hci_req_lock(hdev); | 588 | hci_req_lock(hdev); |
589 | 589 | ||
590 | /* Stop timer, it might be running */ | ||
591 | del_timer_sync(&hdev->cmd_timer); | ||
592 | |||
593 | if (!test_and_clear_bit(HCI_UP, &hdev->flags)) { | 590 | if (!test_and_clear_bit(HCI_UP, &hdev->flags)) { |
591 | del_timer_sync(&hdev->cmd_timer); | ||
594 | hci_req_unlock(hdev); | 592 | hci_req_unlock(hdev); |
595 | return 0; | 593 | return 0; |
596 | } | 594 | } |
@@ -629,6 +627,7 @@ static int hci_dev_do_close(struct hci_dev *hdev) | |||
629 | 627 | ||
630 | /* Drop last sent command */ | 628 | /* Drop last sent command */ |
631 | if (hdev->sent_cmd) { | 629 | if (hdev->sent_cmd) { |
630 | del_timer_sync(&hdev->cmd_timer); | ||
632 | kfree_skb(hdev->sent_cmd); | 631 | kfree_skb(hdev->sent_cmd); |
633 | hdev->sent_cmd = NULL; | 632 | hdev->sent_cmd = NULL; |
634 | } | 633 | } |
diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c index cebe7588469f..b2570159a044 100644 --- a/net/bluetooth/hci_event.c +++ b/net/bluetooth/hci_event.c | |||
@@ -2387,8 +2387,6 @@ static inline void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *s | |||
2387 | if (!conn) | 2387 | if (!conn) |
2388 | goto unlock; | 2388 | goto unlock; |
2389 | 2389 | ||
2390 | hci_conn_hold(conn); | ||
2391 | |||
2392 | conn->remote_cap = ev->capability; | 2390 | conn->remote_cap = ev->capability; |
2393 | conn->remote_oob = ev->oob_data; | 2391 | conn->remote_oob = ev->oob_data; |
2394 | conn->remote_auth = ev->authentication; | 2392 | conn->remote_auth = ev->authentication; |
diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c index ca27f3a41536..2c8dd4494c63 100644 --- a/net/bluetooth/l2cap_core.c +++ b/net/bluetooth/l2cap_core.c | |||
@@ -1051,6 +1051,7 @@ static void l2cap_retransmit_one_frame(struct sock *sk, u8 tx_seq) | |||
1051 | tx_skb = skb_clone(skb, GFP_ATOMIC); | 1051 | tx_skb = skb_clone(skb, GFP_ATOMIC); |
1052 | bt_cb(skb)->retries++; | 1052 | bt_cb(skb)->retries++; |
1053 | control = get_unaligned_le16(tx_skb->data + L2CAP_HDR_SIZE); | 1053 | control = get_unaligned_le16(tx_skb->data + L2CAP_HDR_SIZE); |
1054 | control &= L2CAP_CTRL_SAR; | ||
1054 | 1055 | ||
1055 | if (pi->conn_state & L2CAP_CONN_SEND_FBIT) { | 1056 | if (pi->conn_state & L2CAP_CONN_SEND_FBIT) { |
1056 | control |= L2CAP_CTRL_FINAL; | 1057 | control |= L2CAP_CTRL_FINAL; |
diff --git a/net/bridge/br_input.c b/net/bridge/br_input.c index e2160792e1bc..0c7badad62af 100644 --- a/net/bridge/br_input.c +++ b/net/bridge/br_input.c | |||
@@ -164,7 +164,7 @@ rx_handler_result_t br_handle_frame(struct sk_buff **pskb) | |||
164 | goto drop; | 164 | goto drop; |
165 | 165 | ||
166 | /* If STP is turned off, then forward */ | 166 | /* If STP is turned off, then forward */ |
167 | if (p->br->stp_enabled == BR_NO_STP) | 167 | if (p->br->stp_enabled == BR_NO_STP && dest[5] == 0) |
168 | goto forward; | 168 | goto forward; |
169 | 169 | ||
170 | if (NF_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_IN, skb, skb->dev, | 170 | if (NF_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_IN, skb, skb->dev, |
diff --git a/net/bridge/br_netfilter.c b/net/bridge/br_netfilter.c index 008ff6c4eecf..74ef4d4846a4 100644 --- a/net/bridge/br_netfilter.c +++ b/net/bridge/br_netfilter.c | |||
@@ -249,11 +249,9 @@ static int br_parse_ip_options(struct sk_buff *skb) | |||
249 | goto drop; | 249 | goto drop; |
250 | } | 250 | } |
251 | 251 | ||
252 | /* Zero out the CB buffer if no options present */ | 252 | memset(IPCB(skb), 0, sizeof(struct inet_skb_parm)); |
253 | if (iph->ihl == 5) { | 253 | if (iph->ihl == 5) |
254 | memset(IPCB(skb), 0, sizeof(struct inet_skb_parm)); | ||
255 | return 0; | 254 | return 0; |
256 | } | ||
257 | 255 | ||
258 | opt->optlen = iph->ihl*4 - sizeof(struct iphdr); | 256 | opt->optlen = iph->ihl*4 - sizeof(struct iphdr); |
259 | if (ip_options_compile(dev_net(dev), opt, skb)) | 257 | if (ip_options_compile(dev_net(dev), opt, skb)) |
@@ -739,7 +737,7 @@ static unsigned int br_nf_forward_ip(unsigned int hook, struct sk_buff *skb, | |||
739 | nf_bridge->mask |= BRNF_PKT_TYPE; | 737 | nf_bridge->mask |= BRNF_PKT_TYPE; |
740 | } | 738 | } |
741 | 739 | ||
742 | if (br_parse_ip_options(skb)) | 740 | if (pf == PF_INET && br_parse_ip_options(skb)) |
743 | return NF_DROP; | 741 | return NF_DROP; |
744 | 742 | ||
745 | /* The physdev module checks on this */ | 743 | /* The physdev module checks on this */ |
diff --git a/net/bridge/netfilter/ebtables.c b/net/bridge/netfilter/ebtables.c index 893669caa8de..1a92b369c820 100644 --- a/net/bridge/netfilter/ebtables.c +++ b/net/bridge/netfilter/ebtables.c | |||
@@ -1766,7 +1766,7 @@ static int compat_table_info(const struct ebt_table_info *info, | |||
1766 | 1766 | ||
1767 | newinfo->entries_size = size; | 1767 | newinfo->entries_size = size; |
1768 | 1768 | ||
1769 | xt_compat_init_offsets(AF_INET, info->nentries); | 1769 | xt_compat_init_offsets(NFPROTO_BRIDGE, info->nentries); |
1770 | return EBT_ENTRY_ITERATE(entries, size, compat_calc_entry, info, | 1770 | return EBT_ENTRY_ITERATE(entries, size, compat_calc_entry, info, |
1771 | entries, newinfo); | 1771 | entries, newinfo); |
1772 | } | 1772 | } |
@@ -1882,7 +1882,7 @@ static int compat_mtw_from_user(struct compat_ebt_entry_mwt *mwt, | |||
1882 | struct xt_match *match; | 1882 | struct xt_match *match; |
1883 | struct xt_target *wt; | 1883 | struct xt_target *wt; |
1884 | void *dst = NULL; | 1884 | void *dst = NULL; |
1885 | int off, pad = 0, ret = 0; | 1885 | int off, pad = 0; |
1886 | unsigned int size_kern, entry_offset, match_size = mwt->match_size; | 1886 | unsigned int size_kern, entry_offset, match_size = mwt->match_size; |
1887 | 1887 | ||
1888 | strlcpy(name, mwt->u.name, sizeof(name)); | 1888 | strlcpy(name, mwt->u.name, sizeof(name)); |
@@ -1935,13 +1935,6 @@ static int compat_mtw_from_user(struct compat_ebt_entry_mwt *mwt, | |||
1935 | break; | 1935 | break; |
1936 | } | 1936 | } |
1937 | 1937 | ||
1938 | if (!dst) { | ||
1939 | ret = xt_compat_add_offset(NFPROTO_BRIDGE, entry_offset, | ||
1940 | off + ebt_compat_entry_padsize()); | ||
1941 | if (ret < 0) | ||
1942 | return ret; | ||
1943 | } | ||
1944 | |||
1945 | state->buf_kern_offset += match_size + off; | 1938 | state->buf_kern_offset += match_size + off; |
1946 | state->buf_user_offset += match_size; | 1939 | state->buf_user_offset += match_size; |
1947 | pad = XT_ALIGN(size_kern) - size_kern; | 1940 | pad = XT_ALIGN(size_kern) - size_kern; |
@@ -2016,50 +2009,6 @@ static int ebt_size_mwt(struct compat_ebt_entry_mwt *match32, | |||
2016 | return growth; | 2009 | return growth; |
2017 | } | 2010 | } |
2018 | 2011 | ||
2019 | #define EBT_COMPAT_WATCHER_ITERATE(e, fn, args...) \ | ||
2020 | ({ \ | ||
2021 | unsigned int __i; \ | ||
2022 | int __ret = 0; \ | ||
2023 | struct compat_ebt_entry_mwt *__watcher; \ | ||
2024 | \ | ||
2025 | for (__i = e->watchers_offset; \ | ||
2026 | __i < (e)->target_offset; \ | ||
2027 | __i += __watcher->watcher_size + \ | ||
2028 | sizeof(struct compat_ebt_entry_mwt)) { \ | ||
2029 | __watcher = (void *)(e) + __i; \ | ||
2030 | __ret = fn(__watcher , ## args); \ | ||
2031 | if (__ret != 0) \ | ||
2032 | break; \ | ||
2033 | } \ | ||
2034 | if (__ret == 0) { \ | ||
2035 | if (__i != (e)->target_offset) \ | ||
2036 | __ret = -EINVAL; \ | ||
2037 | } \ | ||
2038 | __ret; \ | ||
2039 | }) | ||
2040 | |||
2041 | #define EBT_COMPAT_MATCH_ITERATE(e, fn, args...) \ | ||
2042 | ({ \ | ||
2043 | unsigned int __i; \ | ||
2044 | int __ret = 0; \ | ||
2045 | struct compat_ebt_entry_mwt *__match; \ | ||
2046 | \ | ||
2047 | for (__i = sizeof(struct ebt_entry); \ | ||
2048 | __i < (e)->watchers_offset; \ | ||
2049 | __i += __match->match_size + \ | ||
2050 | sizeof(struct compat_ebt_entry_mwt)) { \ | ||
2051 | __match = (void *)(e) + __i; \ | ||
2052 | __ret = fn(__match , ## args); \ | ||
2053 | if (__ret != 0) \ | ||
2054 | break; \ | ||
2055 | } \ | ||
2056 | if (__ret == 0) { \ | ||
2057 | if (__i != (e)->watchers_offset) \ | ||
2058 | __ret = -EINVAL; \ | ||
2059 | } \ | ||
2060 | __ret; \ | ||
2061 | }) | ||
2062 | |||
2063 | /* called for all ebt_entry structures. */ | 2012 | /* called for all ebt_entry structures. */ |
2064 | static int size_entry_mwt(struct ebt_entry *entry, const unsigned char *base, | 2013 | static int size_entry_mwt(struct ebt_entry *entry, const unsigned char *base, |
2065 | unsigned int *total, | 2014 | unsigned int *total, |
@@ -2132,6 +2081,14 @@ static int size_entry_mwt(struct ebt_entry *entry, const unsigned char *base, | |||
2132 | } | 2081 | } |
2133 | } | 2082 | } |
2134 | 2083 | ||
2084 | if (state->buf_kern_start == NULL) { | ||
2085 | unsigned int offset = buf_start - (char *) base; | ||
2086 | |||
2087 | ret = xt_compat_add_offset(NFPROTO_BRIDGE, offset, new_offset); | ||
2088 | if (ret < 0) | ||
2089 | return ret; | ||
2090 | } | ||
2091 | |||
2135 | startoff = state->buf_user_offset - startoff; | 2092 | startoff = state->buf_user_offset - startoff; |
2136 | 2093 | ||
2137 | BUG_ON(*total < startoff); | 2094 | BUG_ON(*total < startoff); |
@@ -2240,6 +2197,7 @@ static int compat_do_replace(struct net *net, void __user *user, | |||
2240 | 2197 | ||
2241 | xt_compat_lock(NFPROTO_BRIDGE); | 2198 | xt_compat_lock(NFPROTO_BRIDGE); |
2242 | 2199 | ||
2200 | xt_compat_init_offsets(NFPROTO_BRIDGE, tmp.nentries); | ||
2243 | ret = compat_copy_entries(entries_tmp, tmp.entries_size, &state); | 2201 | ret = compat_copy_entries(entries_tmp, tmp.entries_size, &state); |
2244 | if (ret < 0) | 2202 | if (ret < 0) |
2245 | goto out_unlock; | 2203 | goto out_unlock; |
diff --git a/net/caif/cfdgml.c b/net/caif/cfdgml.c index 27dab26ad3b8..054fdb5aeb88 100644 --- a/net/caif/cfdgml.c +++ b/net/caif/cfdgml.c | |||
@@ -13,6 +13,7 @@ | |||
13 | #include <net/caif/cfsrvl.h> | 13 | #include <net/caif/cfsrvl.h> |
14 | #include <net/caif/cfpkt.h> | 14 | #include <net/caif/cfpkt.h> |
15 | 15 | ||
16 | |||
16 | #define container_obj(layr) ((struct cfsrvl *) layr) | 17 | #define container_obj(layr) ((struct cfsrvl *) layr) |
17 | 18 | ||
18 | #define DGM_CMD_BIT 0x80 | 19 | #define DGM_CMD_BIT 0x80 |
@@ -83,6 +84,7 @@ static int cfdgml_receive(struct cflayer *layr, struct cfpkt *pkt) | |||
83 | 84 | ||
84 | static int cfdgml_transmit(struct cflayer *layr, struct cfpkt *pkt) | 85 | static int cfdgml_transmit(struct cflayer *layr, struct cfpkt *pkt) |
85 | { | 86 | { |
87 | u8 packet_type; | ||
86 | u32 zero = 0; | 88 | u32 zero = 0; |
87 | struct caif_payload_info *info; | 89 | struct caif_payload_info *info; |
88 | struct cfsrvl *service = container_obj(layr); | 90 | struct cfsrvl *service = container_obj(layr); |
@@ -94,7 +96,9 @@ static int cfdgml_transmit(struct cflayer *layr, struct cfpkt *pkt) | |||
94 | if (cfpkt_getlen(pkt) > DGM_MTU) | 96 | if (cfpkt_getlen(pkt) > DGM_MTU) |
95 | return -EMSGSIZE; | 97 | return -EMSGSIZE; |
96 | 98 | ||
97 | cfpkt_add_head(pkt, &zero, 4); | 99 | cfpkt_add_head(pkt, &zero, 3); |
100 | packet_type = 0x08; /* B9 set - UNCLASSIFIED */ | ||
101 | cfpkt_add_head(pkt, &packet_type, 1); | ||
98 | 102 | ||
99 | /* Add info for MUX-layer to route the packet out. */ | 103 | /* Add info for MUX-layer to route the packet out. */ |
100 | info = cfpkt_info(pkt); | 104 | info = cfpkt_info(pkt); |
diff --git a/net/caif/cfmuxl.c b/net/caif/cfmuxl.c index 46f34b2e0478..24f1ffa74b06 100644 --- a/net/caif/cfmuxl.c +++ b/net/caif/cfmuxl.c | |||
@@ -244,9 +244,9 @@ static void cfmuxl_ctrlcmd(struct cflayer *layr, enum caif_ctrlcmd ctrl, | |||
244 | int phyid) | 244 | int phyid) |
245 | { | 245 | { |
246 | struct cfmuxl *muxl = container_obj(layr); | 246 | struct cfmuxl *muxl = container_obj(layr); |
247 | struct list_head *node; | 247 | struct list_head *node, *next; |
248 | struct cflayer *layer; | 248 | struct cflayer *layer; |
249 | list_for_each(node, &muxl->srvl_list) { | 249 | list_for_each_safe(node, next, &muxl->srvl_list) { |
250 | layer = list_entry(node, struct cflayer, node); | 250 | layer = list_entry(node, struct cflayer, node); |
251 | if (cfsrvl_phyid_match(layer, phyid)) | 251 | if (cfsrvl_phyid_match(layer, phyid)) |
252 | layer->ctrlcmd(layer, ctrl, phyid); | 252 | layer->ctrlcmd(layer, ctrl, phyid); |
diff --git a/net/can/bcm.c b/net/can/bcm.c index 57b1aed79014..8a6a05e7c3c8 100644 --- a/net/can/bcm.c +++ b/net/can/bcm.c | |||
@@ -1427,9 +1427,14 @@ static int bcm_init(struct sock *sk) | |||
1427 | static int bcm_release(struct socket *sock) | 1427 | static int bcm_release(struct socket *sock) |
1428 | { | 1428 | { |
1429 | struct sock *sk = sock->sk; | 1429 | struct sock *sk = sock->sk; |
1430 | struct bcm_sock *bo = bcm_sk(sk); | 1430 | struct bcm_sock *bo; |
1431 | struct bcm_op *op, *next; | 1431 | struct bcm_op *op, *next; |
1432 | 1432 | ||
1433 | if (sk == NULL) | ||
1434 | return 0; | ||
1435 | |||
1436 | bo = bcm_sk(sk); | ||
1437 | |||
1433 | /* remove bcm_ops, timer, rx_unregister(), etc. */ | 1438 | /* remove bcm_ops, timer, rx_unregister(), etc. */ |
1434 | 1439 | ||
1435 | unregister_netdevice_notifier(&bo->notifier); | 1440 | unregister_netdevice_notifier(&bo->notifier); |
diff --git a/net/can/raw.c b/net/can/raw.c index 649acfa7c70a..0eb39a7fdf64 100644 --- a/net/can/raw.c +++ b/net/can/raw.c | |||
@@ -305,7 +305,12 @@ static int raw_init(struct sock *sk) | |||
305 | static int raw_release(struct socket *sock) | 305 | static int raw_release(struct socket *sock) |
306 | { | 306 | { |
307 | struct sock *sk = sock->sk; | 307 | struct sock *sk = sock->sk; |
308 | struct raw_sock *ro = raw_sk(sk); | 308 | struct raw_sock *ro; |
309 | |||
310 | if (!sk) | ||
311 | return 0; | ||
312 | |||
313 | ro = raw_sk(sk); | ||
309 | 314 | ||
310 | unregister_netdevice_notifier(&ro->notifier); | 315 | unregister_netdevice_notifier(&ro->notifier); |
311 | 316 | ||
diff --git a/net/ceph/messenger.c b/net/ceph/messenger.c index 05f357828a2f..e15a82ccc05f 100644 --- a/net/ceph/messenger.c +++ b/net/ceph/messenger.c | |||
@@ -2267,6 +2267,19 @@ struct ceph_msg *ceph_msg_new(int type, int front_len, gfp_t flags) | |||
2267 | m->more_to_follow = false; | 2267 | m->more_to_follow = false; |
2268 | m->pool = NULL; | 2268 | m->pool = NULL; |
2269 | 2269 | ||
2270 | /* middle */ | ||
2271 | m->middle = NULL; | ||
2272 | |||
2273 | /* data */ | ||
2274 | m->nr_pages = 0; | ||
2275 | m->page_alignment = 0; | ||
2276 | m->pages = NULL; | ||
2277 | m->pagelist = NULL; | ||
2278 | m->bio = NULL; | ||
2279 | m->bio_iter = NULL; | ||
2280 | m->bio_seg = 0; | ||
2281 | m->trail = NULL; | ||
2282 | |||
2270 | /* front */ | 2283 | /* front */ |
2271 | if (front_len) { | 2284 | if (front_len) { |
2272 | if (front_len > PAGE_CACHE_SIZE) { | 2285 | if (front_len > PAGE_CACHE_SIZE) { |
@@ -2286,19 +2299,6 @@ struct ceph_msg *ceph_msg_new(int type, int front_len, gfp_t flags) | |||
2286 | } | 2299 | } |
2287 | m->front.iov_len = front_len; | 2300 | m->front.iov_len = front_len; |
2288 | 2301 | ||
2289 | /* middle */ | ||
2290 | m->middle = NULL; | ||
2291 | |||
2292 | /* data */ | ||
2293 | m->nr_pages = 0; | ||
2294 | m->page_alignment = 0; | ||
2295 | m->pages = NULL; | ||
2296 | m->pagelist = NULL; | ||
2297 | m->bio = NULL; | ||
2298 | m->bio_iter = NULL; | ||
2299 | m->bio_seg = 0; | ||
2300 | m->trail = NULL; | ||
2301 | |||
2302 | dout("ceph_msg_new %p front %d\n", m, front_len); | 2302 | dout("ceph_msg_new %p front %d\n", m, front_len); |
2303 | return m; | 2303 | return m; |
2304 | 2304 | ||
diff --git a/net/ceph/osd_client.c b/net/ceph/osd_client.c index 5a80f41c0cba..6b5dda1cb5df 100644 --- a/net/ceph/osd_client.c +++ b/net/ceph/osd_client.c | |||
@@ -470,8 +470,8 @@ struct ceph_osd_request *ceph_osdc_new_request(struct ceph_osd_client *osdc, | |||
470 | snapc, ops, | 470 | snapc, ops, |
471 | use_mempool, | 471 | use_mempool, |
472 | GFP_NOFS, NULL, NULL); | 472 | GFP_NOFS, NULL, NULL); |
473 | if (IS_ERR(req)) | 473 | if (!req) |
474 | return req; | 474 | return NULL; |
475 | 475 | ||
476 | /* calculate max write size */ | 476 | /* calculate max write size */ |
477 | calc_layout(osdc, vino, layout, off, plen, req, ops); | 477 | calc_layout(osdc, vino, layout, off, plen, req, ops); |
diff --git a/net/core/dev.c b/net/core/dev.c index 956d3b006e8b..b624fe4d9bd7 100644 --- a/net/core/dev.c +++ b/net/core/dev.c | |||
@@ -1284,11 +1284,13 @@ static int dev_close_many(struct list_head *head) | |||
1284 | */ | 1284 | */ |
1285 | int dev_close(struct net_device *dev) | 1285 | int dev_close(struct net_device *dev) |
1286 | { | 1286 | { |
1287 | LIST_HEAD(single); | 1287 | if (dev->flags & IFF_UP) { |
1288 | LIST_HEAD(single); | ||
1288 | 1289 | ||
1289 | list_add(&dev->unreg_list, &single); | 1290 | list_add(&dev->unreg_list, &single); |
1290 | dev_close_many(&single); | 1291 | dev_close_many(&single); |
1291 | list_del(&single); | 1292 | list_del(&single); |
1293 | } | ||
1292 | return 0; | 1294 | return 0; |
1293 | } | 1295 | } |
1294 | EXPORT_SYMBOL(dev_close); | 1296 | EXPORT_SYMBOL(dev_close); |
@@ -4773,7 +4775,7 @@ static int dev_ifsioc_locked(struct net *net, struct ifreq *ifr, unsigned int cm | |||
4773 | * is never reached | 4775 | * is never reached |
4774 | */ | 4776 | */ |
4775 | WARN_ON(1); | 4777 | WARN_ON(1); |
4776 | err = -EINVAL; | 4778 | err = -ENOTTY; |
4777 | break; | 4779 | break; |
4778 | 4780 | ||
4779 | } | 4781 | } |
@@ -5041,7 +5043,7 @@ int dev_ioctl(struct net *net, unsigned int cmd, void __user *arg) | |||
5041 | /* Set the per device memory buffer space. | 5043 | /* Set the per device memory buffer space. |
5042 | * Not applicable in our case */ | 5044 | * Not applicable in our case */ |
5043 | case SIOCSIFLINK: | 5045 | case SIOCSIFLINK: |
5044 | return -EINVAL; | 5046 | return -ENOTTY; |
5045 | 5047 | ||
5046 | /* | 5048 | /* |
5047 | * Unknown or private ioctl. | 5049 | * Unknown or private ioctl. |
@@ -5062,7 +5064,7 @@ int dev_ioctl(struct net *net, unsigned int cmd, void __user *arg) | |||
5062 | /* Take care of Wireless Extensions */ | 5064 | /* Take care of Wireless Extensions */ |
5063 | if (cmd >= SIOCIWFIRST && cmd <= SIOCIWLAST) | 5065 | if (cmd >= SIOCIWFIRST && cmd <= SIOCIWLAST) |
5064 | return wext_handle_ioctl(net, &ifr, cmd, arg); | 5066 | return wext_handle_ioctl(net, &ifr, cmd, arg); |
5065 | return -EINVAL; | 5067 | return -ENOTTY; |
5066 | } | 5068 | } |
5067 | } | 5069 | } |
5068 | 5070 | ||
@@ -5184,33 +5186,37 @@ u32 netdev_fix_features(struct net_device *dev, u32 features) | |||
5184 | /* Fix illegal checksum combinations */ | 5186 | /* Fix illegal checksum combinations */ |
5185 | if ((features & NETIF_F_HW_CSUM) && | 5187 | if ((features & NETIF_F_HW_CSUM) && |
5186 | (features & (NETIF_F_IP_CSUM|NETIF_F_IPV6_CSUM))) { | 5188 | (features & (NETIF_F_IP_CSUM|NETIF_F_IPV6_CSUM))) { |
5187 | netdev_info(dev, "mixed HW and IP checksum settings.\n"); | 5189 | netdev_warn(dev, "mixed HW and IP checksum settings.\n"); |
5188 | features &= ~(NETIF_F_IP_CSUM|NETIF_F_IPV6_CSUM); | 5190 | features &= ~(NETIF_F_IP_CSUM|NETIF_F_IPV6_CSUM); |
5189 | } | 5191 | } |
5190 | 5192 | ||
5191 | if ((features & NETIF_F_NO_CSUM) && | 5193 | if ((features & NETIF_F_NO_CSUM) && |
5192 | (features & (NETIF_F_HW_CSUM|NETIF_F_IP_CSUM|NETIF_F_IPV6_CSUM))) { | 5194 | (features & (NETIF_F_HW_CSUM|NETIF_F_IP_CSUM|NETIF_F_IPV6_CSUM))) { |
5193 | netdev_info(dev, "mixed no checksumming and other settings.\n"); | 5195 | netdev_warn(dev, "mixed no checksumming and other settings.\n"); |
5194 | features &= ~(NETIF_F_IP_CSUM|NETIF_F_IPV6_CSUM|NETIF_F_HW_CSUM); | 5196 | features &= ~(NETIF_F_IP_CSUM|NETIF_F_IPV6_CSUM|NETIF_F_HW_CSUM); |
5195 | } | 5197 | } |
5196 | 5198 | ||
5197 | /* Fix illegal SG+CSUM combinations. */ | 5199 | /* Fix illegal SG+CSUM combinations. */ |
5198 | if ((features & NETIF_F_SG) && | 5200 | if ((features & NETIF_F_SG) && |
5199 | !(features & NETIF_F_ALL_CSUM)) { | 5201 | !(features & NETIF_F_ALL_CSUM)) { |
5200 | netdev_info(dev, | 5202 | netdev_dbg(dev, |
5201 | "Dropping NETIF_F_SG since no checksum feature.\n"); | 5203 | "Dropping NETIF_F_SG since no checksum feature.\n"); |
5202 | features &= ~NETIF_F_SG; | 5204 | features &= ~NETIF_F_SG; |
5203 | } | 5205 | } |
5204 | 5206 | ||
5205 | /* TSO requires that SG is present as well. */ | 5207 | /* TSO requires that SG is present as well. */ |
5206 | if ((features & NETIF_F_TSO) && !(features & NETIF_F_SG)) { | 5208 | if ((features & NETIF_F_ALL_TSO) && !(features & NETIF_F_SG)) { |
5207 | netdev_info(dev, "Dropping NETIF_F_TSO since no SG feature.\n"); | 5209 | netdev_dbg(dev, "Dropping TSO features since no SG feature.\n"); |
5208 | features &= ~NETIF_F_TSO; | 5210 | features &= ~NETIF_F_ALL_TSO; |
5209 | } | 5211 | } |
5210 | 5212 | ||
5213 | /* TSO ECN requires that TSO is present as well. */ | ||
5214 | if ((features & NETIF_F_ALL_TSO) == NETIF_F_TSO_ECN) | ||
5215 | features &= ~NETIF_F_TSO_ECN; | ||
5216 | |||
5211 | /* Software GSO depends on SG. */ | 5217 | /* Software GSO depends on SG. */ |
5212 | if ((features & NETIF_F_GSO) && !(features & NETIF_F_SG)) { | 5218 | if ((features & NETIF_F_GSO) && !(features & NETIF_F_SG)) { |
5213 | netdev_info(dev, "Dropping NETIF_F_GSO since no SG feature.\n"); | 5219 | netdev_dbg(dev, "Dropping NETIF_F_GSO since no SG feature.\n"); |
5214 | features &= ~NETIF_F_GSO; | 5220 | features &= ~NETIF_F_GSO; |
5215 | } | 5221 | } |
5216 | 5222 | ||
@@ -5220,13 +5226,13 @@ u32 netdev_fix_features(struct net_device *dev, u32 features) | |||
5220 | if (!((features & NETIF_F_GEN_CSUM) || | 5226 | if (!((features & NETIF_F_GEN_CSUM) || |
5221 | (features & (NETIF_F_IP_CSUM|NETIF_F_IPV6_CSUM)) | 5227 | (features & (NETIF_F_IP_CSUM|NETIF_F_IPV6_CSUM)) |
5222 | == (NETIF_F_IP_CSUM|NETIF_F_IPV6_CSUM))) { | 5228 | == (NETIF_F_IP_CSUM|NETIF_F_IPV6_CSUM))) { |
5223 | netdev_info(dev, | 5229 | netdev_dbg(dev, |
5224 | "Dropping NETIF_F_UFO since no checksum offload features.\n"); | 5230 | "Dropping NETIF_F_UFO since no checksum offload features.\n"); |
5225 | features &= ~NETIF_F_UFO; | 5231 | features &= ~NETIF_F_UFO; |
5226 | } | 5232 | } |
5227 | 5233 | ||
5228 | if (!(features & NETIF_F_SG)) { | 5234 | if (!(features & NETIF_F_SG)) { |
5229 | netdev_info(dev, | 5235 | netdev_dbg(dev, |
5230 | "Dropping NETIF_F_UFO since no NETIF_F_SG feature.\n"); | 5236 | "Dropping NETIF_F_UFO since no NETIF_F_SG feature.\n"); |
5231 | features &= ~NETIF_F_UFO; | 5237 | features &= ~NETIF_F_UFO; |
5232 | } | 5238 | } |
@@ -5408,12 +5414,6 @@ int register_netdevice(struct net_device *dev) | |||
5408 | dev->features |= NETIF_F_SOFT_FEATURES; | 5414 | dev->features |= NETIF_F_SOFT_FEATURES; |
5409 | dev->wanted_features = dev->features & dev->hw_features; | 5415 | dev->wanted_features = dev->features & dev->hw_features; |
5410 | 5416 | ||
5411 | /* Avoid warning from netdev_fix_features() for GSO without SG */ | ||
5412 | if (!(dev->wanted_features & NETIF_F_SG)) { | ||
5413 | dev->wanted_features &= ~NETIF_F_GSO; | ||
5414 | dev->features &= ~NETIF_F_GSO; | ||
5415 | } | ||
5416 | |||
5417 | /* Enable GRO and NETIF_F_HIGHDMA for vlans by default, | 5417 | /* Enable GRO and NETIF_F_HIGHDMA for vlans by default, |
5418 | * vlan_dev_init() will do the dev->features check, so these features | 5418 | * vlan_dev_init() will do the dev->features check, so these features |
5419 | * are enabled only if supported by underlying device. | 5419 | * are enabled only if supported by underlying device. |
diff --git a/net/dccp/options.c b/net/dccp/options.c index f06ffcfc8d71..4b2ab657ac8e 100644 --- a/net/dccp/options.c +++ b/net/dccp/options.c | |||
@@ -123,6 +123,8 @@ int dccp_parse_options(struct sock *sk, struct dccp_request_sock *dreq, | |||
123 | case DCCPO_CHANGE_L ... DCCPO_CONFIRM_R: | 123 | case DCCPO_CHANGE_L ... DCCPO_CONFIRM_R: |
124 | if (pkt_type == DCCP_PKT_DATA) /* RFC 4340, 6 */ | 124 | if (pkt_type == DCCP_PKT_DATA) /* RFC 4340, 6 */ |
125 | break; | 125 | break; |
126 | if (len == 0) | ||
127 | goto out_invalid_option; | ||
126 | rc = dccp_feat_parse_options(sk, dreq, mandatory, opt, | 128 | rc = dccp_feat_parse_options(sk, dreq, mandatory, opt, |
127 | *value, value + 1, len - 1); | 129 | *value, value + 1, len - 1); |
128 | if (rc) | 130 | if (rc) |
diff --git a/net/dsa/Kconfig b/net/dsa/Kconfig index 87bb5f4de0e8..c53ded2a98df 100644 --- a/net/dsa/Kconfig +++ b/net/dsa/Kconfig | |||
@@ -41,12 +41,12 @@ config NET_DSA_MV88E6XXX_NEED_PPU | |||
41 | default n | 41 | default n |
42 | 42 | ||
43 | config NET_DSA_MV88E6131 | 43 | config NET_DSA_MV88E6131 |
44 | bool "Marvell 88E6095/6095F/6131 ethernet switch chip support" | 44 | bool "Marvell 88E6085/6095/6095F/6131 ethernet switch chip support" |
45 | select NET_DSA_MV88E6XXX | 45 | select NET_DSA_MV88E6XXX |
46 | select NET_DSA_MV88E6XXX_NEED_PPU | 46 | select NET_DSA_MV88E6XXX_NEED_PPU |
47 | select NET_DSA_TAG_DSA | 47 | select NET_DSA_TAG_DSA |
48 | ---help--- | 48 | ---help--- |
49 | This enables support for the Marvell 88E6095/6095F/6131 | 49 | This enables support for the Marvell 88E6085/6095/6095F/6131 |
50 | ethernet switch chips. | 50 | ethernet switch chips. |
51 | 51 | ||
52 | config NET_DSA_MV88E6123_61_65 | 52 | config NET_DSA_MV88E6123_61_65 |
diff --git a/net/dsa/mv88e6131.c b/net/dsa/mv88e6131.c index 3da418894efc..45f7411e90ba 100644 --- a/net/dsa/mv88e6131.c +++ b/net/dsa/mv88e6131.c | |||
@@ -207,8 +207,15 @@ static int mv88e6131_setup_port(struct dsa_switch *ds, int p) | |||
207 | * mode, but do not enable forwarding of unknown unicasts. | 207 | * mode, but do not enable forwarding of unknown unicasts. |
208 | */ | 208 | */ |
209 | val = 0x0433; | 209 | val = 0x0433; |
210 | if (p == dsa_upstream_port(ds)) | 210 | if (p == dsa_upstream_port(ds)) { |
211 | val |= 0x0104; | 211 | val |= 0x0104; |
212 | /* | ||
213 | * On 6085, unknown multicast forward is controlled | ||
214 | * here rather than in Port Control 2 register. | ||
215 | */ | ||
216 | if (ps->id == ID_6085) | ||
217 | val |= 0x0008; | ||
218 | } | ||
212 | if (ds->dsa_port_mask & (1 << p)) | 219 | if (ds->dsa_port_mask & (1 << p)) |
213 | val |= 0x0100; | 220 | val |= 0x0100; |
214 | REG_WRITE(addr, 0x04, val); | 221 | REG_WRITE(addr, 0x04, val); |
@@ -251,10 +258,19 @@ static int mv88e6131_setup_port(struct dsa_switch *ds, int p) | |||
251 | * If this is the upstream port for this switch, enable | 258 | * If this is the upstream port for this switch, enable |
252 | * forwarding of unknown multicast addresses. | 259 | * forwarding of unknown multicast addresses. |
253 | */ | 260 | */ |
254 | val = 0x0080 | dsa_upstream_port(ds); | 261 | if (ps->id == ID_6085) |
255 | if (p == dsa_upstream_port(ds)) | 262 | /* |
256 | val |= 0x0040; | 263 | * on 6085, bits 3:0 are reserved, bit 6 control ARP |
257 | REG_WRITE(addr, 0x08, val); | 264 | * mirroring, and multicast forward is handled in |
265 | * Port Control register. | ||
266 | */ | ||
267 | REG_WRITE(addr, 0x08, 0x0080); | ||
268 | else { | ||
269 | val = 0x0080 | dsa_upstream_port(ds); | ||
270 | if (p == dsa_upstream_port(ds)) | ||
271 | val |= 0x0040; | ||
272 | REG_WRITE(addr, 0x08, val); | ||
273 | } | ||
258 | 274 | ||
259 | /* | 275 | /* |
260 | * Rate Control: disable ingress rate limiting. | 276 | * Rate Control: disable ingress rate limiting. |
diff --git a/net/ieee802154/Makefile b/net/ieee802154/Makefile index ce2d33582859..5761185f884e 100644 --- a/net/ieee802154/Makefile +++ b/net/ieee802154/Makefile | |||
@@ -1,5 +1,3 @@ | |||
1 | obj-$(CONFIG_IEEE802154) += ieee802154.o af_802154.o | 1 | obj-$(CONFIG_IEEE802154) += ieee802154.o af_802154.o |
2 | ieee802154-y := netlink.o nl-mac.o nl-phy.o nl_policy.o wpan-class.o | 2 | ieee802154-y := netlink.o nl-mac.o nl-phy.o nl_policy.o wpan-class.o |
3 | af_802154-y := af_ieee802154.o raw.o dgram.o | 3 | af_802154-y := af_ieee802154.o raw.o dgram.o |
4 | |||
5 | ccflags-y += -Wall -DDEBUG | ||
diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c index 5345b0bee6df..cd9ca0811cfa 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c | |||
@@ -1680,7 +1680,7 @@ static void __devinet_sysctl_unregister(struct ipv4_devconf *cnf) | |||
1680 | return; | 1680 | return; |
1681 | 1681 | ||
1682 | cnf->sysctl = NULL; | 1682 | cnf->sysctl = NULL; |
1683 | unregister_sysctl_table(t->sysctl_header); | 1683 | unregister_net_sysctl_table(t->sysctl_header); |
1684 | kfree(t->dev_name); | 1684 | kfree(t->dev_name); |
1685 | kfree(t); | 1685 | kfree(t); |
1686 | } | 1686 | } |
diff --git a/net/ipv4/fib_trie.c b/net/ipv4/fib_trie.c index e9013d6c1f51..5fe9b8b41df3 100644 --- a/net/ipv4/fib_trie.c +++ b/net/ipv4/fib_trie.c | |||
@@ -1978,9 +1978,6 @@ struct fib_table *fib_trie_table(u32 id) | |||
1978 | t = (struct trie *) tb->tb_data; | 1978 | t = (struct trie *) tb->tb_data; |
1979 | memset(t, 0, sizeof(*t)); | 1979 | memset(t, 0, sizeof(*t)); |
1980 | 1980 | ||
1981 | if (id == RT_TABLE_LOCAL) | ||
1982 | pr_info("IPv4 FIB: Using LC-trie version %s\n", VERSION); | ||
1983 | |||
1984 | return tb; | 1981 | return tb; |
1985 | } | 1982 | } |
1986 | 1983 | ||
diff --git a/net/ipv4/inet_connection_sock.c b/net/ipv4/inet_connection_sock.c index 6c0b7f4a3d7d..38f23e721b80 100644 --- a/net/ipv4/inet_connection_sock.c +++ b/net/ipv4/inet_connection_sock.c | |||
@@ -73,7 +73,7 @@ int inet_csk_bind_conflict(const struct sock *sk, | |||
73 | !sk2->sk_bound_dev_if || | 73 | !sk2->sk_bound_dev_if || |
74 | sk->sk_bound_dev_if == sk2->sk_bound_dev_if)) { | 74 | sk->sk_bound_dev_if == sk2->sk_bound_dev_if)) { |
75 | if (!reuse || !sk2->sk_reuse || | 75 | if (!reuse || !sk2->sk_reuse || |
76 | ((1 << sk2->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))) { | 76 | sk2->sk_state == TCP_LISTEN) { |
77 | const __be32 sk2_rcv_saddr = sk_rcv_saddr(sk2); | 77 | const __be32 sk2_rcv_saddr = sk_rcv_saddr(sk2); |
78 | if (!sk2_rcv_saddr || !sk_rcv_saddr(sk) || | 78 | if (!sk2_rcv_saddr || !sk_rcv_saddr(sk) || |
79 | sk2_rcv_saddr == sk_rcv_saddr(sk)) | 79 | sk2_rcv_saddr == sk_rcv_saddr(sk)) |
@@ -122,8 +122,7 @@ again: | |||
122 | (tb->num_owners < smallest_size || smallest_size == -1)) { | 122 | (tb->num_owners < smallest_size || smallest_size == -1)) { |
123 | smallest_size = tb->num_owners; | 123 | smallest_size = tb->num_owners; |
124 | smallest_rover = rover; | 124 | smallest_rover = rover; |
125 | if (atomic_read(&hashinfo->bsockets) > (high - low) + 1 && | 125 | if (atomic_read(&hashinfo->bsockets) > (high - low) + 1) { |
126 | !inet_csk(sk)->icsk_af_ops->bind_conflict(sk, tb)) { | ||
127 | spin_unlock(&head->lock); | 126 | spin_unlock(&head->lock); |
128 | snum = smallest_rover; | 127 | snum = smallest_rover; |
129 | goto have_snum; | 128 | goto have_snum; |
diff --git a/net/ipv4/inetpeer.c b/net/ipv4/inetpeer.c index dd1b20eca1a2..9df4e635fb5f 100644 --- a/net/ipv4/inetpeer.c +++ b/net/ipv4/inetpeer.c | |||
@@ -354,7 +354,8 @@ static void inetpeer_free_rcu(struct rcu_head *head) | |||
354 | } | 354 | } |
355 | 355 | ||
356 | /* May be called with local BH enabled. */ | 356 | /* May be called with local BH enabled. */ |
357 | static void unlink_from_pool(struct inet_peer *p, struct inet_peer_base *base) | 357 | static void unlink_from_pool(struct inet_peer *p, struct inet_peer_base *base, |
358 | struct inet_peer __rcu **stack[PEER_MAXDEPTH]) | ||
358 | { | 359 | { |
359 | int do_free; | 360 | int do_free; |
360 | 361 | ||
@@ -368,7 +369,6 @@ static void unlink_from_pool(struct inet_peer *p, struct inet_peer_base *base) | |||
368 | * We use refcnt=-1 to alert lockless readers this entry is deleted. | 369 | * We use refcnt=-1 to alert lockless readers this entry is deleted. |
369 | */ | 370 | */ |
370 | if (atomic_cmpxchg(&p->refcnt, 1, -1) == 1) { | 371 | if (atomic_cmpxchg(&p->refcnt, 1, -1) == 1) { |
371 | struct inet_peer __rcu **stack[PEER_MAXDEPTH]; | ||
372 | struct inet_peer __rcu ***stackptr, ***delp; | 372 | struct inet_peer __rcu ***stackptr, ***delp; |
373 | if (lookup(&p->daddr, stack, base) != p) | 373 | if (lookup(&p->daddr, stack, base) != p) |
374 | BUG(); | 374 | BUG(); |
@@ -422,7 +422,7 @@ static struct inet_peer_base *peer_to_base(struct inet_peer *p) | |||
422 | } | 422 | } |
423 | 423 | ||
424 | /* May be called with local BH enabled. */ | 424 | /* May be called with local BH enabled. */ |
425 | static int cleanup_once(unsigned long ttl) | 425 | static int cleanup_once(unsigned long ttl, struct inet_peer __rcu **stack[PEER_MAXDEPTH]) |
426 | { | 426 | { |
427 | struct inet_peer *p = NULL; | 427 | struct inet_peer *p = NULL; |
428 | 428 | ||
@@ -454,7 +454,7 @@ static int cleanup_once(unsigned long ttl) | |||
454 | * happen because of entry limits in route cache. */ | 454 | * happen because of entry limits in route cache. */ |
455 | return -1; | 455 | return -1; |
456 | 456 | ||
457 | unlink_from_pool(p, peer_to_base(p)); | 457 | unlink_from_pool(p, peer_to_base(p), stack); |
458 | return 0; | 458 | return 0; |
459 | } | 459 | } |
460 | 460 | ||
@@ -524,7 +524,7 @@ struct inet_peer *inet_getpeer(struct inetpeer_addr *daddr, int create) | |||
524 | 524 | ||
525 | if (base->total >= inet_peer_threshold) | 525 | if (base->total >= inet_peer_threshold) |
526 | /* Remove one less-recently-used entry. */ | 526 | /* Remove one less-recently-used entry. */ |
527 | cleanup_once(0); | 527 | cleanup_once(0, stack); |
528 | 528 | ||
529 | return p; | 529 | return p; |
530 | } | 530 | } |
@@ -540,6 +540,7 @@ static void peer_check_expire(unsigned long dummy) | |||
540 | { | 540 | { |
541 | unsigned long now = jiffies; | 541 | unsigned long now = jiffies; |
542 | int ttl, total; | 542 | int ttl, total; |
543 | struct inet_peer __rcu **stack[PEER_MAXDEPTH]; | ||
543 | 544 | ||
544 | total = compute_total(); | 545 | total = compute_total(); |
545 | if (total >= inet_peer_threshold) | 546 | if (total >= inet_peer_threshold) |
@@ -548,7 +549,7 @@ static void peer_check_expire(unsigned long dummy) | |||
548 | ttl = inet_peer_maxttl | 549 | ttl = inet_peer_maxttl |
549 | - (inet_peer_maxttl - inet_peer_minttl) / HZ * | 550 | - (inet_peer_maxttl - inet_peer_minttl) / HZ * |
550 | total / inet_peer_threshold * HZ; | 551 | total / inet_peer_threshold * HZ; |
551 | while (!cleanup_once(ttl)) { | 552 | while (!cleanup_once(ttl, stack)) { |
552 | if (jiffies != now) | 553 | if (jiffies != now) |
553 | break; | 554 | break; |
554 | } | 555 | } |
diff --git a/net/ipv4/ip_fragment.c b/net/ipv4/ip_fragment.c index a1151b8adf3c..b1d282f11be7 100644 --- a/net/ipv4/ip_fragment.c +++ b/net/ipv4/ip_fragment.c | |||
@@ -223,31 +223,30 @@ static void ip_expire(unsigned long arg) | |||
223 | 223 | ||
224 | if ((qp->q.last_in & INET_FRAG_FIRST_IN) && qp->q.fragments != NULL) { | 224 | if ((qp->q.last_in & INET_FRAG_FIRST_IN) && qp->q.fragments != NULL) { |
225 | struct sk_buff *head = qp->q.fragments; | 225 | struct sk_buff *head = qp->q.fragments; |
226 | const struct iphdr *iph; | ||
227 | int err; | ||
226 | 228 | ||
227 | rcu_read_lock(); | 229 | rcu_read_lock(); |
228 | head->dev = dev_get_by_index_rcu(net, qp->iif); | 230 | head->dev = dev_get_by_index_rcu(net, qp->iif); |
229 | if (!head->dev) | 231 | if (!head->dev) |
230 | goto out_rcu_unlock; | 232 | goto out_rcu_unlock; |
231 | 233 | ||
234 | /* skb dst is stale, drop it, and perform route lookup again */ | ||
235 | skb_dst_drop(head); | ||
236 | iph = ip_hdr(head); | ||
237 | err = ip_route_input_noref(head, iph->daddr, iph->saddr, | ||
238 | iph->tos, head->dev); | ||
239 | if (err) | ||
240 | goto out_rcu_unlock; | ||
241 | |||
232 | /* | 242 | /* |
233 | * Only search router table for the head fragment, | 243 | * Only an end host needs to send an ICMP |
234 | * when defraging timeout at PRE_ROUTING HOOK. | 244 | * "Fragment Reassembly Timeout" message, per RFC792. |
235 | */ | 245 | */ |
236 | if (qp->user == IP_DEFRAG_CONNTRACK_IN && !skb_dst(head)) { | 246 | if (qp->user == IP_DEFRAG_CONNTRACK_IN && |
237 | const struct iphdr *iph = ip_hdr(head); | 247 | skb_rtable(head)->rt_type != RTN_LOCAL) |
238 | int err = ip_route_input(head, iph->daddr, iph->saddr, | 248 | goto out_rcu_unlock; |
239 | iph->tos, head->dev); | ||
240 | if (unlikely(err)) | ||
241 | goto out_rcu_unlock; | ||
242 | |||
243 | /* | ||
244 | * Only an end host needs to send an ICMP | ||
245 | * "Fragment Reassembly Timeout" message, per RFC792. | ||
246 | */ | ||
247 | if (skb_rtable(head)->rt_type != RTN_LOCAL) | ||
248 | goto out_rcu_unlock; | ||
249 | 249 | ||
250 | } | ||
251 | 250 | ||
252 | /* Send an ICMP "Fragment Reassembly Timeout" message. */ | 251 | /* Send an ICMP "Fragment Reassembly Timeout" message. */ |
253 | icmp_send(head, ICMP_TIME_EXCEEDED, ICMP_EXC_FRAGTIME, 0); | 252 | icmp_send(head, ICMP_TIME_EXCEEDED, ICMP_EXC_FRAGTIME, 0); |
diff --git a/net/ipv4/ip_options.c b/net/ipv4/ip_options.c index 28a736f3442f..2391b24e8251 100644 --- a/net/ipv4/ip_options.c +++ b/net/ipv4/ip_options.c | |||
@@ -329,7 +329,7 @@ int ip_options_compile(struct net *net, | |||
329 | pp_ptr = optptr + 2; | 329 | pp_ptr = optptr + 2; |
330 | goto error; | 330 | goto error; |
331 | } | 331 | } |
332 | if (skb) { | 332 | if (rt) { |
333 | memcpy(&optptr[optptr[2]-1], &rt->rt_spec_dst, 4); | 333 | memcpy(&optptr[optptr[2]-1], &rt->rt_spec_dst, 4); |
334 | opt->is_changed = 1; | 334 | opt->is_changed = 1; |
335 | } | 335 | } |
@@ -371,7 +371,7 @@ int ip_options_compile(struct net *net, | |||
371 | goto error; | 371 | goto error; |
372 | } | 372 | } |
373 | opt->ts = optptr - iph; | 373 | opt->ts = optptr - iph; |
374 | if (skb) { | 374 | if (rt) { |
375 | memcpy(&optptr[optptr[2]-1], &rt->rt_spec_dst, 4); | 375 | memcpy(&optptr[optptr[2]-1], &rt->rt_spec_dst, 4); |
376 | timeptr = (__be32*)&optptr[optptr[2]+3]; | 376 | timeptr = (__be32*)&optptr[optptr[2]+3]; |
377 | } | 377 | } |
@@ -603,7 +603,7 @@ int ip_options_rcv_srr(struct sk_buff *skb) | |||
603 | unsigned long orefdst; | 603 | unsigned long orefdst; |
604 | int err; | 604 | int err; |
605 | 605 | ||
606 | if (!opt->srr) | 606 | if (!opt->srr || !rt) |
607 | return 0; | 607 | return 0; |
608 | 608 | ||
609 | if (skb->pkt_type != PACKET_HOST) | 609 | if (skb->pkt_type != PACKET_HOST) |
diff --git a/net/ipv4/route.c b/net/ipv4/route.c index c1acf69858fd..99e6e4bb1c72 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c | |||
@@ -2690,6 +2690,12 @@ static void ipv4_rt_blackhole_update_pmtu(struct dst_entry *dst, u32 mtu) | |||
2690 | { | 2690 | { |
2691 | } | 2691 | } |
2692 | 2692 | ||
2693 | static u32 *ipv4_rt_blackhole_cow_metrics(struct dst_entry *dst, | ||
2694 | unsigned long old) | ||
2695 | { | ||
2696 | return NULL; | ||
2697 | } | ||
2698 | |||
2693 | static struct dst_ops ipv4_dst_blackhole_ops = { | 2699 | static struct dst_ops ipv4_dst_blackhole_ops = { |
2694 | .family = AF_INET, | 2700 | .family = AF_INET, |
2695 | .protocol = cpu_to_be16(ETH_P_IP), | 2701 | .protocol = cpu_to_be16(ETH_P_IP), |
@@ -2698,6 +2704,7 @@ static struct dst_ops ipv4_dst_blackhole_ops = { | |||
2698 | .default_mtu = ipv4_blackhole_default_mtu, | 2704 | .default_mtu = ipv4_blackhole_default_mtu, |
2699 | .default_advmss = ipv4_default_advmss, | 2705 | .default_advmss = ipv4_default_advmss, |
2700 | .update_pmtu = ipv4_rt_blackhole_update_pmtu, | 2706 | .update_pmtu = ipv4_rt_blackhole_update_pmtu, |
2707 | .cow_metrics = ipv4_rt_blackhole_cow_metrics, | ||
2701 | }; | 2708 | }; |
2702 | 2709 | ||
2703 | struct dst_entry *ipv4_blackhole_route(struct net *net, struct dst_entry *dst_orig) | 2710 | struct dst_entry *ipv4_blackhole_route(struct net *net, struct dst_entry *dst_orig) |
diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c index 1a456652086b..321e6e84dbcc 100644 --- a/net/ipv4/sysctl_net_ipv4.c +++ b/net/ipv4/sysctl_net_ipv4.c | |||
@@ -311,7 +311,6 @@ static struct ctl_table ipv4_table[] = { | |||
311 | .mode = 0644, | 311 | .mode = 0644, |
312 | .proc_handler = proc_do_large_bitmap, | 312 | .proc_handler = proc_do_large_bitmap, |
313 | }, | 313 | }, |
314 | #ifdef CONFIG_IP_MULTICAST | ||
315 | { | 314 | { |
316 | .procname = "igmp_max_memberships", | 315 | .procname = "igmp_max_memberships", |
317 | .data = &sysctl_igmp_max_memberships, | 316 | .data = &sysctl_igmp_max_memberships, |
@@ -319,8 +318,6 @@ static struct ctl_table ipv4_table[] = { | |||
319 | .mode = 0644, | 318 | .mode = 0644, |
320 | .proc_handler = proc_dointvec | 319 | .proc_handler = proc_dointvec |
321 | }, | 320 | }, |
322 | |||
323 | #endif | ||
324 | { | 321 | { |
325 | .procname = "igmp_max_msf", | 322 | .procname = "igmp_max_msf", |
326 | .data = &sysctl_igmp_max_msf, | 323 | .data = &sysctl_igmp_max_msf, |
diff --git a/net/ipv4/tcp_cubic.c b/net/ipv4/tcp_cubic.c index 34340c9c95fa..f376b05cca81 100644 --- a/net/ipv4/tcp_cubic.c +++ b/net/ipv4/tcp_cubic.c | |||
@@ -93,6 +93,7 @@ struct bictcp { | |||
93 | u32 ack_cnt; /* number of acks */ | 93 | u32 ack_cnt; /* number of acks */ |
94 | u32 tcp_cwnd; /* estimated tcp cwnd */ | 94 | u32 tcp_cwnd; /* estimated tcp cwnd */ |
95 | #define ACK_RATIO_SHIFT 4 | 95 | #define ACK_RATIO_SHIFT 4 |
96 | #define ACK_RATIO_LIMIT (32u << ACK_RATIO_SHIFT) | ||
96 | u16 delayed_ack; /* estimate the ratio of Packets/ACKs << 4 */ | 97 | u16 delayed_ack; /* estimate the ratio of Packets/ACKs << 4 */ |
97 | u8 sample_cnt; /* number of samples to decide curr_rtt */ | 98 | u8 sample_cnt; /* number of samples to decide curr_rtt */ |
98 | u8 found; /* the exit point is found? */ | 99 | u8 found; /* the exit point is found? */ |
@@ -398,8 +399,12 @@ static void bictcp_acked(struct sock *sk, u32 cnt, s32 rtt_us) | |||
398 | u32 delay; | 399 | u32 delay; |
399 | 400 | ||
400 | if (icsk->icsk_ca_state == TCP_CA_Open) { | 401 | if (icsk->icsk_ca_state == TCP_CA_Open) { |
401 | cnt -= ca->delayed_ack >> ACK_RATIO_SHIFT; | 402 | u32 ratio = ca->delayed_ack; |
402 | ca->delayed_ack += cnt; | 403 | |
404 | ratio -= ca->delayed_ack >> ACK_RATIO_SHIFT; | ||
405 | ratio += cnt; | ||
406 | |||
407 | ca->delayed_ack = min(ratio, ACK_RATIO_LIMIT); | ||
403 | } | 408 | } |
404 | 409 | ||
405 | /* Some calls are for duplicates without timetamps */ | 410 | /* Some calls are for duplicates without timetamps */ |
diff --git a/net/ipv4/xfrm4_output.c b/net/ipv4/xfrm4_output.c index 571aa96a175c..2d51840e53a1 100644 --- a/net/ipv4/xfrm4_output.c +++ b/net/ipv4/xfrm4_output.c | |||
@@ -69,7 +69,7 @@ int xfrm4_prepare_output(struct xfrm_state *x, struct sk_buff *skb) | |||
69 | } | 69 | } |
70 | EXPORT_SYMBOL(xfrm4_prepare_output); | 70 | EXPORT_SYMBOL(xfrm4_prepare_output); |
71 | 71 | ||
72 | static int xfrm4_output_finish(struct sk_buff *skb) | 72 | int xfrm4_output_finish(struct sk_buff *skb) |
73 | { | 73 | { |
74 | #ifdef CONFIG_NETFILTER | 74 | #ifdef CONFIG_NETFILTER |
75 | if (!skb_dst(skb)->xfrm) { | 75 | if (!skb_dst(skb)->xfrm) { |
@@ -86,7 +86,11 @@ static int xfrm4_output_finish(struct sk_buff *skb) | |||
86 | 86 | ||
87 | int xfrm4_output(struct sk_buff *skb) | 87 | int xfrm4_output(struct sk_buff *skb) |
88 | { | 88 | { |
89 | struct dst_entry *dst = skb_dst(skb); | ||
90 | struct xfrm_state *x = dst->xfrm; | ||
91 | |||
89 | return NF_HOOK_COND(NFPROTO_IPV4, NF_INET_POST_ROUTING, skb, | 92 | return NF_HOOK_COND(NFPROTO_IPV4, NF_INET_POST_ROUTING, skb, |
90 | NULL, skb_dst(skb)->dev, xfrm4_output_finish, | 93 | NULL, dst->dev, |
94 | x->outer_mode->afinfo->output_finish, | ||
91 | !(IPCB(skb)->flags & IPSKB_REROUTED)); | 95 | !(IPCB(skb)->flags & IPSKB_REROUTED)); |
92 | } | 96 | } |
diff --git a/net/ipv4/xfrm4_state.c b/net/ipv4/xfrm4_state.c index 1717c64628d1..805d63ef4340 100644 --- a/net/ipv4/xfrm4_state.c +++ b/net/ipv4/xfrm4_state.c | |||
@@ -78,6 +78,7 @@ static struct xfrm_state_afinfo xfrm4_state_afinfo = { | |||
78 | .init_tempsel = __xfrm4_init_tempsel, | 78 | .init_tempsel = __xfrm4_init_tempsel, |
79 | .init_temprop = xfrm4_init_temprop, | 79 | .init_temprop = xfrm4_init_temprop, |
80 | .output = xfrm4_output, | 80 | .output = xfrm4_output, |
81 | .output_finish = xfrm4_output_finish, | ||
81 | .extract_input = xfrm4_extract_input, | 82 | .extract_input = xfrm4_extract_input, |
82 | .extract_output = xfrm4_extract_output, | 83 | .extract_output = xfrm4_extract_output, |
83 | .transport_finish = xfrm4_transport_finish, | 84 | .transport_finish = xfrm4_transport_finish, |
diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c index 1493534116df..a7bda0757053 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c | |||
@@ -4537,7 +4537,7 @@ static void __addrconf_sysctl_unregister(struct ipv6_devconf *p) | |||
4537 | 4537 | ||
4538 | t = p->sysctl; | 4538 | t = p->sysctl; |
4539 | p->sysctl = NULL; | 4539 | p->sysctl = NULL; |
4540 | unregister_sysctl_table(t->sysctl_header); | 4540 | unregister_net_sysctl_table(t->sysctl_header); |
4541 | kfree(t->dev_name); | 4541 | kfree(t->dev_name); |
4542 | kfree(t); | 4542 | kfree(t); |
4543 | } | 4543 | } |
diff --git a/net/ipv6/esp6.c b/net/ipv6/esp6.c index 5aa8ec88f194..59dccfbb5b11 100644 --- a/net/ipv6/esp6.c +++ b/net/ipv6/esp6.c | |||
@@ -371,7 +371,7 @@ static int esp6_input(struct xfrm_state *x, struct sk_buff *skb) | |||
371 | iv = esp_tmp_iv(aead, tmp, seqhilen); | 371 | iv = esp_tmp_iv(aead, tmp, seqhilen); |
372 | req = esp_tmp_req(aead, iv); | 372 | req = esp_tmp_req(aead, iv); |
373 | asg = esp_req_sg(aead, req); | 373 | asg = esp_req_sg(aead, req); |
374 | sg = asg + 1; | 374 | sg = asg + sglists; |
375 | 375 | ||
376 | skb->ip_summed = CHECKSUM_NONE; | 376 | skb->ip_summed = CHECKSUM_NONE; |
377 | 377 | ||
diff --git a/net/ipv6/inet6_connection_sock.c b/net/ipv6/inet6_connection_sock.c index 166054650466..f2c5b0fc0f21 100644 --- a/net/ipv6/inet6_connection_sock.c +++ b/net/ipv6/inet6_connection_sock.c | |||
@@ -44,7 +44,7 @@ int inet6_csk_bind_conflict(const struct sock *sk, | |||
44 | !sk2->sk_bound_dev_if || | 44 | !sk2->sk_bound_dev_if || |
45 | sk->sk_bound_dev_if == sk2->sk_bound_dev_if) && | 45 | sk->sk_bound_dev_if == sk2->sk_bound_dev_if) && |
46 | (!sk->sk_reuse || !sk2->sk_reuse || | 46 | (!sk->sk_reuse || !sk2->sk_reuse || |
47 | ((1 << sk2->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))) && | 47 | sk2->sk_state == TCP_LISTEN) && |
48 | ipv6_rcv_saddr_equal(sk, sk2)) | 48 | ipv6_rcv_saddr_equal(sk, sk2)) |
49 | break; | 49 | break; |
50 | } | 50 | } |
diff --git a/net/ipv6/netfilter/ip6t_REJECT.c b/net/ipv6/netfilter/ip6t_REJECT.c index 28e74488a329..a5a4c5dd5396 100644 --- a/net/ipv6/netfilter/ip6t_REJECT.c +++ b/net/ipv6/netfilter/ip6t_REJECT.c | |||
@@ -45,6 +45,8 @@ static void send_reset(struct net *net, struct sk_buff *oldskb) | |||
45 | int tcphoff, needs_ack; | 45 | int tcphoff, needs_ack; |
46 | const struct ipv6hdr *oip6h = ipv6_hdr(oldskb); | 46 | const struct ipv6hdr *oip6h = ipv6_hdr(oldskb); |
47 | struct ipv6hdr *ip6h; | 47 | struct ipv6hdr *ip6h; |
48 | #define DEFAULT_TOS_VALUE 0x0U | ||
49 | const __u8 tclass = DEFAULT_TOS_VALUE; | ||
48 | struct dst_entry *dst = NULL; | 50 | struct dst_entry *dst = NULL; |
49 | u8 proto; | 51 | u8 proto; |
50 | struct flowi6 fl6; | 52 | struct flowi6 fl6; |
@@ -124,7 +126,7 @@ static void send_reset(struct net *net, struct sk_buff *oldskb) | |||
124 | skb_put(nskb, sizeof(struct ipv6hdr)); | 126 | skb_put(nskb, sizeof(struct ipv6hdr)); |
125 | skb_reset_network_header(nskb); | 127 | skb_reset_network_header(nskb); |
126 | ip6h = ipv6_hdr(nskb); | 128 | ip6h = ipv6_hdr(nskb); |
127 | ip6h->version = 6; | 129 | *(__be32 *)ip6h = htonl(0x60000000 | (tclass << 20)); |
128 | ip6h->hop_limit = ip6_dst_hoplimit(dst); | 130 | ip6h->hop_limit = ip6_dst_hoplimit(dst); |
129 | ip6h->nexthdr = IPPROTO_TCP; | 131 | ip6h->nexthdr = IPPROTO_TCP; |
130 | ipv6_addr_copy(&ip6h->saddr, &oip6h->daddr); | 132 | ipv6_addr_copy(&ip6h->saddr, &oip6h->daddr); |
diff --git a/net/ipv6/route.c b/net/ipv6/route.c index 843406f14d7b..fd0eec6f88c6 100644 --- a/net/ipv6/route.c +++ b/net/ipv6/route.c | |||
@@ -153,6 +153,12 @@ static void ip6_rt_blackhole_update_pmtu(struct dst_entry *dst, u32 mtu) | |||
153 | { | 153 | { |
154 | } | 154 | } |
155 | 155 | ||
156 | static u32 *ip6_rt_blackhole_cow_metrics(struct dst_entry *dst, | ||
157 | unsigned long old) | ||
158 | { | ||
159 | return NULL; | ||
160 | } | ||
161 | |||
156 | static struct dst_ops ip6_dst_blackhole_ops = { | 162 | static struct dst_ops ip6_dst_blackhole_ops = { |
157 | .family = AF_INET6, | 163 | .family = AF_INET6, |
158 | .protocol = cpu_to_be16(ETH_P_IPV6), | 164 | .protocol = cpu_to_be16(ETH_P_IPV6), |
@@ -161,6 +167,7 @@ static struct dst_ops ip6_dst_blackhole_ops = { | |||
161 | .default_mtu = ip6_blackhole_default_mtu, | 167 | .default_mtu = ip6_blackhole_default_mtu, |
162 | .default_advmss = ip6_default_advmss, | 168 | .default_advmss = ip6_default_advmss, |
163 | .update_pmtu = ip6_rt_blackhole_update_pmtu, | 169 | .update_pmtu = ip6_rt_blackhole_update_pmtu, |
170 | .cow_metrics = ip6_rt_blackhole_cow_metrics, | ||
164 | }; | 171 | }; |
165 | 172 | ||
166 | static const u32 ip6_template_metrics[RTAX_MAX] = { | 173 | static const u32 ip6_template_metrics[RTAX_MAX] = { |
@@ -2012,7 +2019,6 @@ struct rt6_info *addrconf_dst_alloc(struct inet6_dev *idev, | |||
2012 | rt->dst.output = ip6_output; | 2019 | rt->dst.output = ip6_output; |
2013 | rt->rt6i_dev = net->loopback_dev; | 2020 | rt->rt6i_dev = net->loopback_dev; |
2014 | rt->rt6i_idev = idev; | 2021 | rt->rt6i_idev = idev; |
2015 | dst_metric_set(&rt->dst, RTAX_HOPLIMIT, -1); | ||
2016 | rt->dst.obsolete = -1; | 2022 | rt->dst.obsolete = -1; |
2017 | 2023 | ||
2018 | rt->rt6i_flags = RTF_UP | RTF_NONEXTHOP; | 2024 | rt->rt6i_flags = RTF_UP | RTF_NONEXTHOP; |
diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c index 15c37746845e..9e305d74b3d4 100644 --- a/net/ipv6/udp.c +++ b/net/ipv6/udp.c | |||
@@ -1335,7 +1335,7 @@ static struct sk_buff *udp6_ufo_fragment(struct sk_buff *skb, u32 features) | |||
1335 | skb->ip_summed = CHECKSUM_NONE; | 1335 | skb->ip_summed = CHECKSUM_NONE; |
1336 | 1336 | ||
1337 | /* Check if there is enough headroom to insert fragment header. */ | 1337 | /* Check if there is enough headroom to insert fragment header. */ |
1338 | if ((skb_headroom(skb) < frag_hdr_sz) && | 1338 | if ((skb_mac_header(skb) < skb->head + frag_hdr_sz) && |
1339 | pskb_expand_head(skb, frag_hdr_sz, 0, GFP_ATOMIC)) | 1339 | pskb_expand_head(skb, frag_hdr_sz, 0, GFP_ATOMIC)) |
1340 | goto out; | 1340 | goto out; |
1341 | 1341 | ||
diff --git a/net/ipv6/xfrm6_output.c b/net/ipv6/xfrm6_output.c index 8e688b3de9ab..49a91c5f5623 100644 --- a/net/ipv6/xfrm6_output.c +++ b/net/ipv6/xfrm6_output.c | |||
@@ -79,7 +79,7 @@ int xfrm6_prepare_output(struct xfrm_state *x, struct sk_buff *skb) | |||
79 | } | 79 | } |
80 | EXPORT_SYMBOL(xfrm6_prepare_output); | 80 | EXPORT_SYMBOL(xfrm6_prepare_output); |
81 | 81 | ||
82 | static int xfrm6_output_finish(struct sk_buff *skb) | 82 | int xfrm6_output_finish(struct sk_buff *skb) |
83 | { | 83 | { |
84 | #ifdef CONFIG_NETFILTER | 84 | #ifdef CONFIG_NETFILTER |
85 | IP6CB(skb)->flags |= IP6SKB_XFRM_TRANSFORMED; | 85 | IP6CB(skb)->flags |= IP6SKB_XFRM_TRANSFORMED; |
@@ -97,9 +97,9 @@ static int __xfrm6_output(struct sk_buff *skb) | |||
97 | if ((x && x->props.mode == XFRM_MODE_TUNNEL) && | 97 | if ((x && x->props.mode == XFRM_MODE_TUNNEL) && |
98 | ((skb->len > ip6_skb_dst_mtu(skb) && !skb_is_gso(skb)) || | 98 | ((skb->len > ip6_skb_dst_mtu(skb) && !skb_is_gso(skb)) || |
99 | dst_allfrag(skb_dst(skb)))) { | 99 | dst_allfrag(skb_dst(skb)))) { |
100 | return ip6_fragment(skb, xfrm6_output_finish); | 100 | return ip6_fragment(skb, x->outer_mode->afinfo->output_finish); |
101 | } | 101 | } |
102 | return xfrm6_output_finish(skb); | 102 | return x->outer_mode->afinfo->output_finish(skb); |
103 | } | 103 | } |
104 | 104 | ||
105 | int xfrm6_output(struct sk_buff *skb) | 105 | int xfrm6_output(struct sk_buff *skb) |
diff --git a/net/ipv6/xfrm6_state.c b/net/ipv6/xfrm6_state.c index afe941e9415c..248f0b2a7ee9 100644 --- a/net/ipv6/xfrm6_state.c +++ b/net/ipv6/xfrm6_state.c | |||
@@ -178,6 +178,7 @@ static struct xfrm_state_afinfo xfrm6_state_afinfo = { | |||
178 | .tmpl_sort = __xfrm6_tmpl_sort, | 178 | .tmpl_sort = __xfrm6_tmpl_sort, |
179 | .state_sort = __xfrm6_state_sort, | 179 | .state_sort = __xfrm6_state_sort, |
180 | .output = xfrm6_output, | 180 | .output = xfrm6_output, |
181 | .output_finish = xfrm6_output_finish, | ||
181 | .extract_input = xfrm6_extract_input, | 182 | .extract_input = xfrm6_extract_input, |
182 | .extract_output = xfrm6_extract_output, | 183 | .extract_output = xfrm6_extract_output, |
183 | .transport_finish = xfrm6_transport_finish, | 184 | .transport_finish = xfrm6_transport_finish, |
diff --git a/net/irda/af_irda.c b/net/irda/af_irda.c index c9890e25cd4c..cc616974a447 100644 --- a/net/irda/af_irda.c +++ b/net/irda/af_irda.c | |||
@@ -1297,8 +1297,7 @@ static int irda_sendmsg(struct kiocb *iocb, struct socket *sock, | |||
1297 | /* Note : socket.c set MSG_EOR on SEQPACKET sockets */ | 1297 | /* Note : socket.c set MSG_EOR on SEQPACKET sockets */ |
1298 | if (msg->msg_flags & ~(MSG_DONTWAIT | MSG_EOR | MSG_CMSG_COMPAT | | 1298 | if (msg->msg_flags & ~(MSG_DONTWAIT | MSG_EOR | MSG_CMSG_COMPAT | |
1299 | MSG_NOSIGNAL)) { | 1299 | MSG_NOSIGNAL)) { |
1300 | err = -EINVAL; | 1300 | return -EINVAL; |
1301 | goto out; | ||
1302 | } | 1301 | } |
1303 | 1302 | ||
1304 | lock_sock(sk); | 1303 | lock_sock(sk); |
diff --git a/net/l2tp/l2tp_ip.c b/net/l2tp/l2tp_ip.c index fce9bd3bd3fe..5c04f3e42704 100644 --- a/net/l2tp/l2tp_ip.c +++ b/net/l2tp/l2tp_ip.c | |||
@@ -667,7 +667,7 @@ MODULE_AUTHOR("James Chapman <jchapman@katalix.com>"); | |||
667 | MODULE_DESCRIPTION("L2TP over IP"); | 667 | MODULE_DESCRIPTION("L2TP over IP"); |
668 | MODULE_VERSION("1.0"); | 668 | MODULE_VERSION("1.0"); |
669 | 669 | ||
670 | /* Use the value of SOCK_DGRAM (2) directory, because __stringify does't like | 670 | /* Use the value of SOCK_DGRAM (2) directory, because __stringify doesn't like |
671 | * enums | 671 | * enums |
672 | */ | 672 | */ |
673 | MODULE_ALIAS_NET_PF_PROTO_TYPE(PF_INET, 2, IPPROTO_L2TP); | 673 | MODULE_ALIAS_NET_PF_PROTO_TYPE(PF_INET, 2, IPPROTO_L2TP); |
diff --git a/net/llc/llc_input.c b/net/llc/llc_input.c index 058f1e9a9128..903242111317 100644 --- a/net/llc/llc_input.c +++ b/net/llc/llc_input.c | |||
@@ -121,8 +121,7 @@ static inline int llc_fixup_skb(struct sk_buff *skb) | |||
121 | s32 data_size = ntohs(pdulen) - llc_len; | 121 | s32 data_size = ntohs(pdulen) - llc_len; |
122 | 122 | ||
123 | if (data_size < 0 || | 123 | if (data_size < 0 || |
124 | ((skb_tail_pointer(skb) - | 124 | !pskb_may_pull(skb, data_size)) |
125 | (u8 *)pdu) - llc_len) < data_size) | ||
126 | return 0; | 125 | return 0; |
127 | if (unlikely(pskb_trim_rcsum(skb, data_size))) | 126 | if (unlikely(pskb_trim_rcsum(skb, data_size))) |
128 | return 0; | 127 | return 0; |
diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c index 334213571ad0..44049733c4ea 100644 --- a/net/mac80211/cfg.c +++ b/net/mac80211/cfg.c | |||
@@ -1504,6 +1504,8 @@ int __ieee80211_request_smps(struct ieee80211_sub_if_data *sdata, | |||
1504 | enum ieee80211_smps_mode old_req; | 1504 | enum ieee80211_smps_mode old_req; |
1505 | int err; | 1505 | int err; |
1506 | 1506 | ||
1507 | lockdep_assert_held(&sdata->u.mgd.mtx); | ||
1508 | |||
1507 | old_req = sdata->u.mgd.req_smps; | 1509 | old_req = sdata->u.mgd.req_smps; |
1508 | sdata->u.mgd.req_smps = smps_mode; | 1510 | sdata->u.mgd.req_smps = smps_mode; |
1509 | 1511 | ||
diff --git a/net/mac80211/debugfs_netdev.c b/net/mac80211/debugfs_netdev.c index dacace6b1393..9ea7c0d0103f 100644 --- a/net/mac80211/debugfs_netdev.c +++ b/net/mac80211/debugfs_netdev.c | |||
@@ -177,9 +177,9 @@ static int ieee80211_set_smps(struct ieee80211_sub_if_data *sdata, | |||
177 | if (sdata->vif.type != NL80211_IFTYPE_STATION) | 177 | if (sdata->vif.type != NL80211_IFTYPE_STATION) |
178 | return -EOPNOTSUPP; | 178 | return -EOPNOTSUPP; |
179 | 179 | ||
180 | mutex_lock(&local->iflist_mtx); | 180 | mutex_lock(&sdata->u.mgd.mtx); |
181 | err = __ieee80211_request_smps(sdata, smps_mode); | 181 | err = __ieee80211_request_smps(sdata, smps_mode); |
182 | mutex_unlock(&local->iflist_mtx); | 182 | mutex_unlock(&sdata->u.mgd.mtx); |
183 | 183 | ||
184 | return err; | 184 | return err; |
185 | } | 185 | } |
diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c index ce4596ed1268..bd1224fd216a 100644 --- a/net/mac80211/tx.c +++ b/net/mac80211/tx.c | |||
@@ -237,6 +237,10 @@ ieee80211_tx_h_dynamic_ps(struct ieee80211_tx_data *tx) | |||
237 | &local->dynamic_ps_disable_work); | 237 | &local->dynamic_ps_disable_work); |
238 | } | 238 | } |
239 | 239 | ||
240 | /* Don't restart the timer if we're not disassociated */ | ||
241 | if (!ifmgd->associated) | ||
242 | return TX_CONTINUE; | ||
243 | |||
240 | mod_timer(&local->dynamic_ps_timer, jiffies + | 244 | mod_timer(&local->dynamic_ps_timer, jiffies + |
241 | msecs_to_jiffies(local->hw.conf.dynamic_ps_timeout)); | 245 | msecs_to_jiffies(local->hw.conf.dynamic_ps_timeout)); |
242 | 246 | ||
diff --git a/net/netfilter/ipset/ip_set_bitmap_ipmac.c b/net/netfilter/ipset/ip_set_bitmap_ipmac.c index 00a33242e90c..a274300b6a56 100644 --- a/net/netfilter/ipset/ip_set_bitmap_ipmac.c +++ b/net/netfilter/ipset/ip_set_bitmap_ipmac.c | |||
@@ -343,6 +343,10 @@ bitmap_ipmac_kadt(struct ip_set *set, const struct sk_buff *skb, | |||
343 | ipset_adtfn adtfn = set->variant->adt[adt]; | 343 | ipset_adtfn adtfn = set->variant->adt[adt]; |
344 | struct ipmac data; | 344 | struct ipmac data; |
345 | 345 | ||
346 | /* MAC can be src only */ | ||
347 | if (!(flags & IPSET_DIM_TWO_SRC)) | ||
348 | return 0; | ||
349 | |||
346 | data.id = ntohl(ip4addr(skb, flags & IPSET_DIM_ONE_SRC)); | 350 | data.id = ntohl(ip4addr(skb, flags & IPSET_DIM_ONE_SRC)); |
347 | if (data.id < map->first_ip || data.id > map->last_ip) | 351 | if (data.id < map->first_ip || data.id > map->last_ip) |
348 | return -IPSET_ERR_BITMAP_RANGE; | 352 | return -IPSET_ERR_BITMAP_RANGE; |
diff --git a/net/netfilter/ipset/ip_set_core.c b/net/netfilter/ipset/ip_set_core.c index 9152e69a162d..72d1ac611fdc 100644 --- a/net/netfilter/ipset/ip_set_core.c +++ b/net/netfilter/ipset/ip_set_core.c | |||
@@ -1022,8 +1022,9 @@ ip_set_dump_start(struct sk_buff *skb, struct netlink_callback *cb) | |||
1022 | if (cb->args[1] >= ip_set_max) | 1022 | if (cb->args[1] >= ip_set_max) |
1023 | goto out; | 1023 | goto out; |
1024 | 1024 | ||
1025 | pr_debug("args[0]: %ld args[1]: %ld\n", cb->args[0], cb->args[1]); | ||
1026 | max = cb->args[0] == DUMP_ONE ? cb->args[1] + 1 : ip_set_max; | 1025 | max = cb->args[0] == DUMP_ONE ? cb->args[1] + 1 : ip_set_max; |
1026 | dump_last: | ||
1027 | pr_debug("args[0]: %ld args[1]: %ld\n", cb->args[0], cb->args[1]); | ||
1027 | for (; cb->args[1] < max; cb->args[1]++) { | 1028 | for (; cb->args[1] < max; cb->args[1]++) { |
1028 | index = (ip_set_id_t) cb->args[1]; | 1029 | index = (ip_set_id_t) cb->args[1]; |
1029 | set = ip_set_list[index]; | 1030 | set = ip_set_list[index]; |
@@ -1038,8 +1039,8 @@ ip_set_dump_start(struct sk_buff *skb, struct netlink_callback *cb) | |||
1038 | * so that lists (unions of sets) are dumped last. | 1039 | * so that lists (unions of sets) are dumped last. |
1039 | */ | 1040 | */ |
1040 | if (cb->args[0] != DUMP_ONE && | 1041 | if (cb->args[0] != DUMP_ONE && |
1041 | !((cb->args[0] == DUMP_ALL) ^ | 1042 | ((cb->args[0] == DUMP_ALL) == |
1042 | (set->type->features & IPSET_DUMP_LAST))) | 1043 | !!(set->type->features & IPSET_DUMP_LAST))) |
1043 | continue; | 1044 | continue; |
1044 | pr_debug("List set: %s\n", set->name); | 1045 | pr_debug("List set: %s\n", set->name); |
1045 | if (!cb->args[2]) { | 1046 | if (!cb->args[2]) { |
@@ -1083,6 +1084,12 @@ ip_set_dump_start(struct sk_buff *skb, struct netlink_callback *cb) | |||
1083 | goto release_refcount; | 1084 | goto release_refcount; |
1084 | } | 1085 | } |
1085 | } | 1086 | } |
1087 | /* If we dump all sets, continue with dumping last ones */ | ||
1088 | if (cb->args[0] == DUMP_ALL) { | ||
1089 | cb->args[0] = DUMP_LAST; | ||
1090 | cb->args[1] = 0; | ||
1091 | goto dump_last; | ||
1092 | } | ||
1086 | goto out; | 1093 | goto out; |
1087 | 1094 | ||
1088 | nla_put_failure: | 1095 | nla_put_failure: |
@@ -1093,11 +1100,6 @@ release_refcount: | |||
1093 | pr_debug("release set %s\n", ip_set_list[index]->name); | 1100 | pr_debug("release set %s\n", ip_set_list[index]->name); |
1094 | ip_set_put_byindex(index); | 1101 | ip_set_put_byindex(index); |
1095 | } | 1102 | } |
1096 | |||
1097 | /* If we dump all sets, continue with dumping last ones */ | ||
1098 | if (cb->args[0] == DUMP_ALL && cb->args[1] >= max && !cb->args[2]) | ||
1099 | cb->args[0] = DUMP_LAST; | ||
1100 | |||
1101 | out: | 1103 | out: |
1102 | if (nlh) { | 1104 | if (nlh) { |
1103 | nlmsg_end(skb, nlh); | 1105 | nlmsg_end(skb, nlh); |
diff --git a/net/netfilter/ipvs/ip_vs_app.c b/net/netfilter/ipvs/ip_vs_app.c index 2dc6de13ac18..059af3120be7 100644 --- a/net/netfilter/ipvs/ip_vs_app.c +++ b/net/netfilter/ipvs/ip_vs_app.c | |||
@@ -572,11 +572,11 @@ static const struct file_operations ip_vs_app_fops = { | |||
572 | .open = ip_vs_app_open, | 572 | .open = ip_vs_app_open, |
573 | .read = seq_read, | 573 | .read = seq_read, |
574 | .llseek = seq_lseek, | 574 | .llseek = seq_lseek, |
575 | .release = seq_release, | 575 | .release = seq_release_net, |
576 | }; | 576 | }; |
577 | #endif | 577 | #endif |
578 | 578 | ||
579 | static int __net_init __ip_vs_app_init(struct net *net) | 579 | int __net_init __ip_vs_app_init(struct net *net) |
580 | { | 580 | { |
581 | struct netns_ipvs *ipvs = net_ipvs(net); | 581 | struct netns_ipvs *ipvs = net_ipvs(net); |
582 | 582 | ||
@@ -585,26 +585,17 @@ static int __net_init __ip_vs_app_init(struct net *net) | |||
585 | return 0; | 585 | return 0; |
586 | } | 586 | } |
587 | 587 | ||
588 | static void __net_exit __ip_vs_app_cleanup(struct net *net) | 588 | void __net_exit __ip_vs_app_cleanup(struct net *net) |
589 | { | 589 | { |
590 | proc_net_remove(net, "ip_vs_app"); | 590 | proc_net_remove(net, "ip_vs_app"); |
591 | } | 591 | } |
592 | 592 | ||
593 | static struct pernet_operations ip_vs_app_ops = { | ||
594 | .init = __ip_vs_app_init, | ||
595 | .exit = __ip_vs_app_cleanup, | ||
596 | }; | ||
597 | |||
598 | int __init ip_vs_app_init(void) | 593 | int __init ip_vs_app_init(void) |
599 | { | 594 | { |
600 | int rv; | 595 | return 0; |
601 | |||
602 | rv = register_pernet_subsys(&ip_vs_app_ops); | ||
603 | return rv; | ||
604 | } | 596 | } |
605 | 597 | ||
606 | 598 | ||
607 | void ip_vs_app_cleanup(void) | 599 | void ip_vs_app_cleanup(void) |
608 | { | 600 | { |
609 | unregister_pernet_subsys(&ip_vs_app_ops); | ||
610 | } | 601 | } |
diff --git a/net/netfilter/ipvs/ip_vs_conn.c b/net/netfilter/ipvs/ip_vs_conn.c index c97bd45975be..bf28ac2fc99b 100644 --- a/net/netfilter/ipvs/ip_vs_conn.c +++ b/net/netfilter/ipvs/ip_vs_conn.c | |||
@@ -1046,7 +1046,7 @@ static const struct file_operations ip_vs_conn_fops = { | |||
1046 | .open = ip_vs_conn_open, | 1046 | .open = ip_vs_conn_open, |
1047 | .read = seq_read, | 1047 | .read = seq_read, |
1048 | .llseek = seq_lseek, | 1048 | .llseek = seq_lseek, |
1049 | .release = seq_release, | 1049 | .release = seq_release_net, |
1050 | }; | 1050 | }; |
1051 | 1051 | ||
1052 | static const char *ip_vs_origin_name(unsigned flags) | 1052 | static const char *ip_vs_origin_name(unsigned flags) |
@@ -1114,7 +1114,7 @@ static const struct file_operations ip_vs_conn_sync_fops = { | |||
1114 | .open = ip_vs_conn_sync_open, | 1114 | .open = ip_vs_conn_sync_open, |
1115 | .read = seq_read, | 1115 | .read = seq_read, |
1116 | .llseek = seq_lseek, | 1116 | .llseek = seq_lseek, |
1117 | .release = seq_release, | 1117 | .release = seq_release_net, |
1118 | }; | 1118 | }; |
1119 | 1119 | ||
1120 | #endif | 1120 | #endif |
@@ -1258,22 +1258,17 @@ int __net_init __ip_vs_conn_init(struct net *net) | |||
1258 | return 0; | 1258 | return 0; |
1259 | } | 1259 | } |
1260 | 1260 | ||
1261 | static void __net_exit __ip_vs_conn_cleanup(struct net *net) | 1261 | void __net_exit __ip_vs_conn_cleanup(struct net *net) |
1262 | { | 1262 | { |
1263 | /* flush all the connection entries first */ | 1263 | /* flush all the connection entries first */ |
1264 | ip_vs_conn_flush(net); | 1264 | ip_vs_conn_flush(net); |
1265 | proc_net_remove(net, "ip_vs_conn"); | 1265 | proc_net_remove(net, "ip_vs_conn"); |
1266 | proc_net_remove(net, "ip_vs_conn_sync"); | 1266 | proc_net_remove(net, "ip_vs_conn_sync"); |
1267 | } | 1267 | } |
1268 | static struct pernet_operations ipvs_conn_ops = { | ||
1269 | .init = __ip_vs_conn_init, | ||
1270 | .exit = __ip_vs_conn_cleanup, | ||
1271 | }; | ||
1272 | 1268 | ||
1273 | int __init ip_vs_conn_init(void) | 1269 | int __init ip_vs_conn_init(void) |
1274 | { | 1270 | { |
1275 | int idx; | 1271 | int idx; |
1276 | int retc; | ||
1277 | 1272 | ||
1278 | /* Compute size and mask */ | 1273 | /* Compute size and mask */ |
1279 | ip_vs_conn_tab_size = 1 << ip_vs_conn_tab_bits; | 1274 | ip_vs_conn_tab_size = 1 << ip_vs_conn_tab_bits; |
@@ -1309,17 +1304,14 @@ int __init ip_vs_conn_init(void) | |||
1309 | rwlock_init(&__ip_vs_conntbl_lock_array[idx].l); | 1304 | rwlock_init(&__ip_vs_conntbl_lock_array[idx].l); |
1310 | } | 1305 | } |
1311 | 1306 | ||
1312 | retc = register_pernet_subsys(&ipvs_conn_ops); | ||
1313 | |||
1314 | /* calculate the random value for connection hash */ | 1307 | /* calculate the random value for connection hash */ |
1315 | get_random_bytes(&ip_vs_conn_rnd, sizeof(ip_vs_conn_rnd)); | 1308 | get_random_bytes(&ip_vs_conn_rnd, sizeof(ip_vs_conn_rnd)); |
1316 | 1309 | ||
1317 | return retc; | 1310 | return 0; |
1318 | } | 1311 | } |
1319 | 1312 | ||
1320 | void ip_vs_conn_cleanup(void) | 1313 | void ip_vs_conn_cleanup(void) |
1321 | { | 1314 | { |
1322 | unregister_pernet_subsys(&ipvs_conn_ops); | ||
1323 | /* Release the empty cache */ | 1315 | /* Release the empty cache */ |
1324 | kmem_cache_destroy(ip_vs_conn_cachep); | 1316 | kmem_cache_destroy(ip_vs_conn_cachep); |
1325 | vfree(ip_vs_conn_tab); | 1317 | vfree(ip_vs_conn_tab); |
diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/ipvs/ip_vs_core.c index 07accf6b2401..a74dae6c5dbc 100644 --- a/net/netfilter/ipvs/ip_vs_core.c +++ b/net/netfilter/ipvs/ip_vs_core.c | |||
@@ -1113,6 +1113,9 @@ ip_vs_out(unsigned int hooknum, struct sk_buff *skb, int af) | |||
1113 | return NF_ACCEPT; | 1113 | return NF_ACCEPT; |
1114 | 1114 | ||
1115 | net = skb_net(skb); | 1115 | net = skb_net(skb); |
1116 | if (!net_ipvs(net)->enable) | ||
1117 | return NF_ACCEPT; | ||
1118 | |||
1116 | ip_vs_fill_iphdr(af, skb_network_header(skb), &iph); | 1119 | ip_vs_fill_iphdr(af, skb_network_header(skb), &iph); |
1117 | #ifdef CONFIG_IP_VS_IPV6 | 1120 | #ifdef CONFIG_IP_VS_IPV6 |
1118 | if (af == AF_INET6) { | 1121 | if (af == AF_INET6) { |
@@ -1343,6 +1346,7 @@ ip_vs_in_icmp(struct sk_buff *skb, int *related, unsigned int hooknum) | |||
1343 | return NF_ACCEPT; /* The packet looks wrong, ignore */ | 1346 | return NF_ACCEPT; /* The packet looks wrong, ignore */ |
1344 | 1347 | ||
1345 | net = skb_net(skb); | 1348 | net = skb_net(skb); |
1349 | |||
1346 | pd = ip_vs_proto_data_get(net, cih->protocol); | 1350 | pd = ip_vs_proto_data_get(net, cih->protocol); |
1347 | if (!pd) | 1351 | if (!pd) |
1348 | return NF_ACCEPT; | 1352 | return NF_ACCEPT; |
@@ -1529,6 +1533,11 @@ ip_vs_in(unsigned int hooknum, struct sk_buff *skb, int af) | |||
1529 | IP_VS_DBG_ADDR(af, &iph.daddr), hooknum); | 1533 | IP_VS_DBG_ADDR(af, &iph.daddr), hooknum); |
1530 | return NF_ACCEPT; | 1534 | return NF_ACCEPT; |
1531 | } | 1535 | } |
1536 | /* ipvs enabled in this netns ? */ | ||
1537 | net = skb_net(skb); | ||
1538 | if (!net_ipvs(net)->enable) | ||
1539 | return NF_ACCEPT; | ||
1540 | |||
1532 | ip_vs_fill_iphdr(af, skb_network_header(skb), &iph); | 1541 | ip_vs_fill_iphdr(af, skb_network_header(skb), &iph); |
1533 | 1542 | ||
1534 | /* Bad... Do not break raw sockets */ | 1543 | /* Bad... Do not break raw sockets */ |
@@ -1562,7 +1571,6 @@ ip_vs_in(unsigned int hooknum, struct sk_buff *skb, int af) | |||
1562 | ip_vs_fill_iphdr(af, skb_network_header(skb), &iph); | 1571 | ip_vs_fill_iphdr(af, skb_network_header(skb), &iph); |
1563 | } | 1572 | } |
1564 | 1573 | ||
1565 | net = skb_net(skb); | ||
1566 | /* Protocol supported? */ | 1574 | /* Protocol supported? */ |
1567 | pd = ip_vs_proto_data_get(net, iph.protocol); | 1575 | pd = ip_vs_proto_data_get(net, iph.protocol); |
1568 | if (unlikely(!pd)) | 1576 | if (unlikely(!pd)) |
@@ -1588,7 +1596,6 @@ ip_vs_in(unsigned int hooknum, struct sk_buff *skb, int af) | |||
1588 | } | 1596 | } |
1589 | 1597 | ||
1590 | IP_VS_DBG_PKT(11, af, pp, skb, 0, "Incoming packet"); | 1598 | IP_VS_DBG_PKT(11, af, pp, skb, 0, "Incoming packet"); |
1591 | net = skb_net(skb); | ||
1592 | ipvs = net_ipvs(net); | 1599 | ipvs = net_ipvs(net); |
1593 | /* Check the server status */ | 1600 | /* Check the server status */ |
1594 | if (cp->dest && !(cp->dest->flags & IP_VS_DEST_F_AVAILABLE)) { | 1601 | if (cp->dest && !(cp->dest->flags & IP_VS_DEST_F_AVAILABLE)) { |
@@ -1743,10 +1750,16 @@ ip_vs_forward_icmp(unsigned int hooknum, struct sk_buff *skb, | |||
1743 | int (*okfn)(struct sk_buff *)) | 1750 | int (*okfn)(struct sk_buff *)) |
1744 | { | 1751 | { |
1745 | int r; | 1752 | int r; |
1753 | struct net *net; | ||
1746 | 1754 | ||
1747 | if (ip_hdr(skb)->protocol != IPPROTO_ICMP) | 1755 | if (ip_hdr(skb)->protocol != IPPROTO_ICMP) |
1748 | return NF_ACCEPT; | 1756 | return NF_ACCEPT; |
1749 | 1757 | ||
1758 | /* ipvs enabled in this netns ? */ | ||
1759 | net = skb_net(skb); | ||
1760 | if (!net_ipvs(net)->enable) | ||
1761 | return NF_ACCEPT; | ||
1762 | |||
1750 | return ip_vs_in_icmp(skb, &r, hooknum); | 1763 | return ip_vs_in_icmp(skb, &r, hooknum); |
1751 | } | 1764 | } |
1752 | 1765 | ||
@@ -1757,10 +1770,16 @@ ip_vs_forward_icmp_v6(unsigned int hooknum, struct sk_buff *skb, | |||
1757 | int (*okfn)(struct sk_buff *)) | 1770 | int (*okfn)(struct sk_buff *)) |
1758 | { | 1771 | { |
1759 | int r; | 1772 | int r; |
1773 | struct net *net; | ||
1760 | 1774 | ||
1761 | if (ipv6_hdr(skb)->nexthdr != IPPROTO_ICMPV6) | 1775 | if (ipv6_hdr(skb)->nexthdr != IPPROTO_ICMPV6) |
1762 | return NF_ACCEPT; | 1776 | return NF_ACCEPT; |
1763 | 1777 | ||
1778 | /* ipvs enabled in this netns ? */ | ||
1779 | net = skb_net(skb); | ||
1780 | if (!net_ipvs(net)->enable) | ||
1781 | return NF_ACCEPT; | ||
1782 | |||
1764 | return ip_vs_in_icmp_v6(skb, &r, hooknum); | 1783 | return ip_vs_in_icmp_v6(skb, &r, hooknum); |
1765 | } | 1784 | } |
1766 | #endif | 1785 | #endif |
@@ -1884,19 +1903,70 @@ static int __net_init __ip_vs_init(struct net *net) | |||
1884 | pr_err("%s(): no memory.\n", __func__); | 1903 | pr_err("%s(): no memory.\n", __func__); |
1885 | return -ENOMEM; | 1904 | return -ENOMEM; |
1886 | } | 1905 | } |
1906 | /* Hold the beast until a service is registerd */ | ||
1907 | ipvs->enable = 0; | ||
1887 | ipvs->net = net; | 1908 | ipvs->net = net; |
1888 | /* Counters used for creating unique names */ | 1909 | /* Counters used for creating unique names */ |
1889 | ipvs->gen = atomic_read(&ipvs_netns_cnt); | 1910 | ipvs->gen = atomic_read(&ipvs_netns_cnt); |
1890 | atomic_inc(&ipvs_netns_cnt); | 1911 | atomic_inc(&ipvs_netns_cnt); |
1891 | net->ipvs = ipvs; | 1912 | net->ipvs = ipvs; |
1913 | |||
1914 | if (__ip_vs_estimator_init(net) < 0) | ||
1915 | goto estimator_fail; | ||
1916 | |||
1917 | if (__ip_vs_control_init(net) < 0) | ||
1918 | goto control_fail; | ||
1919 | |||
1920 | if (__ip_vs_protocol_init(net) < 0) | ||
1921 | goto protocol_fail; | ||
1922 | |||
1923 | if (__ip_vs_app_init(net) < 0) | ||
1924 | goto app_fail; | ||
1925 | |||
1926 | if (__ip_vs_conn_init(net) < 0) | ||
1927 | goto conn_fail; | ||
1928 | |||
1929 | if (__ip_vs_sync_init(net) < 0) | ||
1930 | goto sync_fail; | ||
1931 | |||
1892 | printk(KERN_INFO "IPVS: Creating netns size=%zu id=%d\n", | 1932 | printk(KERN_INFO "IPVS: Creating netns size=%zu id=%d\n", |
1893 | sizeof(struct netns_ipvs), ipvs->gen); | 1933 | sizeof(struct netns_ipvs), ipvs->gen); |
1894 | return 0; | 1934 | return 0; |
1935 | /* | ||
1936 | * Error handling | ||
1937 | */ | ||
1938 | |||
1939 | sync_fail: | ||
1940 | __ip_vs_conn_cleanup(net); | ||
1941 | conn_fail: | ||
1942 | __ip_vs_app_cleanup(net); | ||
1943 | app_fail: | ||
1944 | __ip_vs_protocol_cleanup(net); | ||
1945 | protocol_fail: | ||
1946 | __ip_vs_control_cleanup(net); | ||
1947 | control_fail: | ||
1948 | __ip_vs_estimator_cleanup(net); | ||
1949 | estimator_fail: | ||
1950 | return -ENOMEM; | ||
1895 | } | 1951 | } |
1896 | 1952 | ||
1897 | static void __net_exit __ip_vs_cleanup(struct net *net) | 1953 | static void __net_exit __ip_vs_cleanup(struct net *net) |
1898 | { | 1954 | { |
1899 | IP_VS_DBG(10, "ipvs netns %d released\n", net_ipvs(net)->gen); | 1955 | __ip_vs_service_cleanup(net); /* ip_vs_flush() with locks */ |
1956 | __ip_vs_conn_cleanup(net); | ||
1957 | __ip_vs_app_cleanup(net); | ||
1958 | __ip_vs_protocol_cleanup(net); | ||
1959 | __ip_vs_control_cleanup(net); | ||
1960 | __ip_vs_estimator_cleanup(net); | ||
1961 | IP_VS_DBG(2, "ipvs netns %d released\n", net_ipvs(net)->gen); | ||
1962 | } | ||
1963 | |||
1964 | static void __net_exit __ip_vs_dev_cleanup(struct net *net) | ||
1965 | { | ||
1966 | EnterFunction(2); | ||
1967 | net_ipvs(net)->enable = 0; /* Disable packet reception */ | ||
1968 | __ip_vs_sync_cleanup(net); | ||
1969 | LeaveFunction(2); | ||
1900 | } | 1970 | } |
1901 | 1971 | ||
1902 | static struct pernet_operations ipvs_core_ops = { | 1972 | static struct pernet_operations ipvs_core_ops = { |
@@ -1906,6 +1976,10 @@ static struct pernet_operations ipvs_core_ops = { | |||
1906 | .size = sizeof(struct netns_ipvs), | 1976 | .size = sizeof(struct netns_ipvs), |
1907 | }; | 1977 | }; |
1908 | 1978 | ||
1979 | static struct pernet_operations ipvs_core_dev_ops = { | ||
1980 | .exit = __ip_vs_dev_cleanup, | ||
1981 | }; | ||
1982 | |||
1909 | /* | 1983 | /* |
1910 | * Initialize IP Virtual Server | 1984 | * Initialize IP Virtual Server |
1911 | */ | 1985 | */ |
@@ -1913,10 +1987,6 @@ static int __init ip_vs_init(void) | |||
1913 | { | 1987 | { |
1914 | int ret; | 1988 | int ret; |
1915 | 1989 | ||
1916 | ret = register_pernet_subsys(&ipvs_core_ops); /* Alloc ip_vs struct */ | ||
1917 | if (ret < 0) | ||
1918 | return ret; | ||
1919 | |||
1920 | ip_vs_estimator_init(); | 1990 | ip_vs_estimator_init(); |
1921 | ret = ip_vs_control_init(); | 1991 | ret = ip_vs_control_init(); |
1922 | if (ret < 0) { | 1992 | if (ret < 0) { |
@@ -1944,15 +2014,28 @@ static int __init ip_vs_init(void) | |||
1944 | goto cleanup_conn; | 2014 | goto cleanup_conn; |
1945 | } | 2015 | } |
1946 | 2016 | ||
2017 | ret = register_pernet_subsys(&ipvs_core_ops); /* Alloc ip_vs struct */ | ||
2018 | if (ret < 0) | ||
2019 | goto cleanup_sync; | ||
2020 | |||
2021 | ret = register_pernet_device(&ipvs_core_dev_ops); | ||
2022 | if (ret < 0) | ||
2023 | goto cleanup_sub; | ||
2024 | |||
1947 | ret = nf_register_hooks(ip_vs_ops, ARRAY_SIZE(ip_vs_ops)); | 2025 | ret = nf_register_hooks(ip_vs_ops, ARRAY_SIZE(ip_vs_ops)); |
1948 | if (ret < 0) { | 2026 | if (ret < 0) { |
1949 | pr_err("can't register hooks.\n"); | 2027 | pr_err("can't register hooks.\n"); |
1950 | goto cleanup_sync; | 2028 | goto cleanup_dev; |
1951 | } | 2029 | } |
1952 | 2030 | ||
1953 | pr_info("ipvs loaded.\n"); | 2031 | pr_info("ipvs loaded.\n"); |
2032 | |||
1954 | return ret; | 2033 | return ret; |
1955 | 2034 | ||
2035 | cleanup_dev: | ||
2036 | unregister_pernet_device(&ipvs_core_dev_ops); | ||
2037 | cleanup_sub: | ||
2038 | unregister_pernet_subsys(&ipvs_core_ops); | ||
1956 | cleanup_sync: | 2039 | cleanup_sync: |
1957 | ip_vs_sync_cleanup(); | 2040 | ip_vs_sync_cleanup(); |
1958 | cleanup_conn: | 2041 | cleanup_conn: |
@@ -1964,20 +2047,20 @@ cleanup_sync: | |||
1964 | ip_vs_control_cleanup(); | 2047 | ip_vs_control_cleanup(); |
1965 | cleanup_estimator: | 2048 | cleanup_estimator: |
1966 | ip_vs_estimator_cleanup(); | 2049 | ip_vs_estimator_cleanup(); |
1967 | unregister_pernet_subsys(&ipvs_core_ops); /* free ip_vs struct */ | ||
1968 | return ret; | 2050 | return ret; |
1969 | } | 2051 | } |
1970 | 2052 | ||
1971 | static void __exit ip_vs_cleanup(void) | 2053 | static void __exit ip_vs_cleanup(void) |
1972 | { | 2054 | { |
1973 | nf_unregister_hooks(ip_vs_ops, ARRAY_SIZE(ip_vs_ops)); | 2055 | nf_unregister_hooks(ip_vs_ops, ARRAY_SIZE(ip_vs_ops)); |
2056 | unregister_pernet_device(&ipvs_core_dev_ops); | ||
2057 | unregister_pernet_subsys(&ipvs_core_ops); /* free ip_vs struct */ | ||
1974 | ip_vs_sync_cleanup(); | 2058 | ip_vs_sync_cleanup(); |
1975 | ip_vs_conn_cleanup(); | 2059 | ip_vs_conn_cleanup(); |
1976 | ip_vs_app_cleanup(); | 2060 | ip_vs_app_cleanup(); |
1977 | ip_vs_protocol_cleanup(); | 2061 | ip_vs_protocol_cleanup(); |
1978 | ip_vs_control_cleanup(); | 2062 | ip_vs_control_cleanup(); |
1979 | ip_vs_estimator_cleanup(); | 2063 | ip_vs_estimator_cleanup(); |
1980 | unregister_pernet_subsys(&ipvs_core_ops); /* free ip_vs struct */ | ||
1981 | pr_info("ipvs unloaded.\n"); | 2064 | pr_info("ipvs unloaded.\n"); |
1982 | } | 2065 | } |
1983 | 2066 | ||
diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index ae47090bf45f..37890f228b19 100644 --- a/net/netfilter/ipvs/ip_vs_ctl.c +++ b/net/netfilter/ipvs/ip_vs_ctl.c | |||
@@ -69,6 +69,11 @@ int ip_vs_get_debug_level(void) | |||
69 | } | 69 | } |
70 | #endif | 70 | #endif |
71 | 71 | ||
72 | |||
73 | /* Protos */ | ||
74 | static void __ip_vs_del_service(struct ip_vs_service *svc); | ||
75 | |||
76 | |||
72 | #ifdef CONFIG_IP_VS_IPV6 | 77 | #ifdef CONFIG_IP_VS_IPV6 |
73 | /* Taken from rt6_fill_node() in net/ipv6/route.c, is there a better way? */ | 78 | /* Taken from rt6_fill_node() in net/ipv6/route.c, is there a better way? */ |
74 | static int __ip_vs_addr_is_local_v6(struct net *net, | 79 | static int __ip_vs_addr_is_local_v6(struct net *net, |
@@ -1214,6 +1219,8 @@ ip_vs_add_service(struct net *net, struct ip_vs_service_user_kern *u, | |||
1214 | write_unlock_bh(&__ip_vs_svc_lock); | 1219 | write_unlock_bh(&__ip_vs_svc_lock); |
1215 | 1220 | ||
1216 | *svc_p = svc; | 1221 | *svc_p = svc; |
1222 | /* Now there is a service - full throttle */ | ||
1223 | ipvs->enable = 1; | ||
1217 | return 0; | 1224 | return 0; |
1218 | 1225 | ||
1219 | 1226 | ||
@@ -1472,6 +1479,84 @@ static int ip_vs_flush(struct net *net) | |||
1472 | return 0; | 1479 | return 0; |
1473 | } | 1480 | } |
1474 | 1481 | ||
1482 | /* | ||
1483 | * Delete service by {netns} in the service table. | ||
1484 | * Called by __ip_vs_cleanup() | ||
1485 | */ | ||
1486 | void __ip_vs_service_cleanup(struct net *net) | ||
1487 | { | ||
1488 | EnterFunction(2); | ||
1489 | /* Check for "full" addressed entries */ | ||
1490 | mutex_lock(&__ip_vs_mutex); | ||
1491 | ip_vs_flush(net); | ||
1492 | mutex_unlock(&__ip_vs_mutex); | ||
1493 | LeaveFunction(2); | ||
1494 | } | ||
1495 | /* | ||
1496 | * Release dst hold by dst_cache | ||
1497 | */ | ||
1498 | static inline void | ||
1499 | __ip_vs_dev_reset(struct ip_vs_dest *dest, struct net_device *dev) | ||
1500 | { | ||
1501 | spin_lock_bh(&dest->dst_lock); | ||
1502 | if (dest->dst_cache && dest->dst_cache->dev == dev) { | ||
1503 | IP_VS_DBG_BUF(3, "Reset dev:%s dest %s:%u ,dest->refcnt=%d\n", | ||
1504 | dev->name, | ||
1505 | IP_VS_DBG_ADDR(dest->af, &dest->addr), | ||
1506 | ntohs(dest->port), | ||
1507 | atomic_read(&dest->refcnt)); | ||
1508 | ip_vs_dst_reset(dest); | ||
1509 | } | ||
1510 | spin_unlock_bh(&dest->dst_lock); | ||
1511 | |||
1512 | } | ||
1513 | /* | ||
1514 | * Netdev event receiver | ||
1515 | * Currently only NETDEV_UNREGISTER is handled, i.e. if we hold a reference to | ||
1516 | * a device that is "unregister" it must be released. | ||
1517 | */ | ||
1518 | static int ip_vs_dst_event(struct notifier_block *this, unsigned long event, | ||
1519 | void *ptr) | ||
1520 | { | ||
1521 | struct net_device *dev = ptr; | ||
1522 | struct net *net = dev_net(dev); | ||
1523 | struct ip_vs_service *svc; | ||
1524 | struct ip_vs_dest *dest; | ||
1525 | unsigned int idx; | ||
1526 | |||
1527 | if (event != NETDEV_UNREGISTER) | ||
1528 | return NOTIFY_DONE; | ||
1529 | IP_VS_DBG(3, "%s() dev=%s\n", __func__, dev->name); | ||
1530 | EnterFunction(2); | ||
1531 | mutex_lock(&__ip_vs_mutex); | ||
1532 | for (idx = 0; idx < IP_VS_SVC_TAB_SIZE; idx++) { | ||
1533 | list_for_each_entry(svc, &ip_vs_svc_table[idx], s_list) { | ||
1534 | if (net_eq(svc->net, net)) { | ||
1535 | list_for_each_entry(dest, &svc->destinations, | ||
1536 | n_list) { | ||
1537 | __ip_vs_dev_reset(dest, dev); | ||
1538 | } | ||
1539 | } | ||
1540 | } | ||
1541 | |||
1542 | list_for_each_entry(svc, &ip_vs_svc_fwm_table[idx], f_list) { | ||
1543 | if (net_eq(svc->net, net)) { | ||
1544 | list_for_each_entry(dest, &svc->destinations, | ||
1545 | n_list) { | ||
1546 | __ip_vs_dev_reset(dest, dev); | ||
1547 | } | ||
1548 | } | ||
1549 | |||
1550 | } | ||
1551 | } | ||
1552 | |||
1553 | list_for_each_entry(dest, &net_ipvs(net)->dest_trash, n_list) { | ||
1554 | __ip_vs_dev_reset(dest, dev); | ||
1555 | } | ||
1556 | mutex_unlock(&__ip_vs_mutex); | ||
1557 | LeaveFunction(2); | ||
1558 | return NOTIFY_DONE; | ||
1559 | } | ||
1475 | 1560 | ||
1476 | /* | 1561 | /* |
1477 | * Zero counters in a service or all services | 1562 | * Zero counters in a service or all services |
@@ -1981,7 +2066,7 @@ static const struct file_operations ip_vs_info_fops = { | |||
1981 | .open = ip_vs_info_open, | 2066 | .open = ip_vs_info_open, |
1982 | .read = seq_read, | 2067 | .read = seq_read, |
1983 | .llseek = seq_lseek, | 2068 | .llseek = seq_lseek, |
1984 | .release = seq_release_private, | 2069 | .release = seq_release_net, |
1985 | }; | 2070 | }; |
1986 | 2071 | ||
1987 | #endif | 2072 | #endif |
@@ -2024,7 +2109,7 @@ static const struct file_operations ip_vs_stats_fops = { | |||
2024 | .open = ip_vs_stats_seq_open, | 2109 | .open = ip_vs_stats_seq_open, |
2025 | .read = seq_read, | 2110 | .read = seq_read, |
2026 | .llseek = seq_lseek, | 2111 | .llseek = seq_lseek, |
2027 | .release = single_release, | 2112 | .release = single_release_net, |
2028 | }; | 2113 | }; |
2029 | 2114 | ||
2030 | static int ip_vs_stats_percpu_show(struct seq_file *seq, void *v) | 2115 | static int ip_vs_stats_percpu_show(struct seq_file *seq, void *v) |
@@ -2093,7 +2178,7 @@ static const struct file_operations ip_vs_stats_percpu_fops = { | |||
2093 | .open = ip_vs_stats_percpu_seq_open, | 2178 | .open = ip_vs_stats_percpu_seq_open, |
2094 | .read = seq_read, | 2179 | .read = seq_read, |
2095 | .llseek = seq_lseek, | 2180 | .llseek = seq_lseek, |
2096 | .release = single_release, | 2181 | .release = single_release_net, |
2097 | }; | 2182 | }; |
2098 | #endif | 2183 | #endif |
2099 | 2184 | ||
@@ -3588,6 +3673,10 @@ void __net_init __ip_vs_control_cleanup_sysctl(struct net *net) { } | |||
3588 | 3673 | ||
3589 | #endif | 3674 | #endif |
3590 | 3675 | ||
3676 | static struct notifier_block ip_vs_dst_notifier = { | ||
3677 | .notifier_call = ip_vs_dst_event, | ||
3678 | }; | ||
3679 | |||
3591 | int __net_init __ip_vs_control_init(struct net *net) | 3680 | int __net_init __ip_vs_control_init(struct net *net) |
3592 | { | 3681 | { |
3593 | int idx; | 3682 | int idx; |
@@ -3626,7 +3715,7 @@ err: | |||
3626 | return -ENOMEM; | 3715 | return -ENOMEM; |
3627 | } | 3716 | } |
3628 | 3717 | ||
3629 | static void __net_exit __ip_vs_control_cleanup(struct net *net) | 3718 | void __net_exit __ip_vs_control_cleanup(struct net *net) |
3630 | { | 3719 | { |
3631 | struct netns_ipvs *ipvs = net_ipvs(net); | 3720 | struct netns_ipvs *ipvs = net_ipvs(net); |
3632 | 3721 | ||
@@ -3639,11 +3728,6 @@ static void __net_exit __ip_vs_control_cleanup(struct net *net) | |||
3639 | free_percpu(ipvs->tot_stats.cpustats); | 3728 | free_percpu(ipvs->tot_stats.cpustats); |
3640 | } | 3729 | } |
3641 | 3730 | ||
3642 | static struct pernet_operations ipvs_control_ops = { | ||
3643 | .init = __ip_vs_control_init, | ||
3644 | .exit = __ip_vs_control_cleanup, | ||
3645 | }; | ||
3646 | |||
3647 | int __init ip_vs_control_init(void) | 3731 | int __init ip_vs_control_init(void) |
3648 | { | 3732 | { |
3649 | int idx; | 3733 | int idx; |
@@ -3657,33 +3741,32 @@ int __init ip_vs_control_init(void) | |||
3657 | INIT_LIST_HEAD(&ip_vs_svc_fwm_table[idx]); | 3741 | INIT_LIST_HEAD(&ip_vs_svc_fwm_table[idx]); |
3658 | } | 3742 | } |
3659 | 3743 | ||
3660 | ret = register_pernet_subsys(&ipvs_control_ops); | ||
3661 | if (ret) { | ||
3662 | pr_err("cannot register namespace.\n"); | ||
3663 | goto err; | ||
3664 | } | ||
3665 | |||
3666 | smp_wmb(); /* Do we really need it now ? */ | 3744 | smp_wmb(); /* Do we really need it now ? */ |
3667 | 3745 | ||
3668 | ret = nf_register_sockopt(&ip_vs_sockopts); | 3746 | ret = nf_register_sockopt(&ip_vs_sockopts); |
3669 | if (ret) { | 3747 | if (ret) { |
3670 | pr_err("cannot register sockopt.\n"); | 3748 | pr_err("cannot register sockopt.\n"); |
3671 | goto err_net; | 3749 | goto err_sock; |
3672 | } | 3750 | } |
3673 | 3751 | ||
3674 | ret = ip_vs_genl_register(); | 3752 | ret = ip_vs_genl_register(); |
3675 | if (ret) { | 3753 | if (ret) { |
3676 | pr_err("cannot register Generic Netlink interface.\n"); | 3754 | pr_err("cannot register Generic Netlink interface.\n"); |
3677 | nf_unregister_sockopt(&ip_vs_sockopts); | 3755 | goto err_genl; |
3678 | goto err_net; | ||
3679 | } | 3756 | } |
3680 | 3757 | ||
3758 | ret = register_netdevice_notifier(&ip_vs_dst_notifier); | ||
3759 | if (ret < 0) | ||
3760 | goto err_notf; | ||
3761 | |||
3681 | LeaveFunction(2); | 3762 | LeaveFunction(2); |
3682 | return 0; | 3763 | return 0; |
3683 | 3764 | ||
3684 | err_net: | 3765 | err_notf: |
3685 | unregister_pernet_subsys(&ipvs_control_ops); | 3766 | ip_vs_genl_unregister(); |
3686 | err: | 3767 | err_genl: |
3768 | nf_unregister_sockopt(&ip_vs_sockopts); | ||
3769 | err_sock: | ||
3687 | return ret; | 3770 | return ret; |
3688 | } | 3771 | } |
3689 | 3772 | ||
@@ -3691,7 +3774,6 @@ err: | |||
3691 | void ip_vs_control_cleanup(void) | 3774 | void ip_vs_control_cleanup(void) |
3692 | { | 3775 | { |
3693 | EnterFunction(2); | 3776 | EnterFunction(2); |
3694 | unregister_pernet_subsys(&ipvs_control_ops); | ||
3695 | ip_vs_genl_unregister(); | 3777 | ip_vs_genl_unregister(); |
3696 | nf_unregister_sockopt(&ip_vs_sockopts); | 3778 | nf_unregister_sockopt(&ip_vs_sockopts); |
3697 | LeaveFunction(2); | 3779 | LeaveFunction(2); |
diff --git a/net/netfilter/ipvs/ip_vs_est.c b/net/netfilter/ipvs/ip_vs_est.c index 8c8766ca56ad..508cce98777c 100644 --- a/net/netfilter/ipvs/ip_vs_est.c +++ b/net/netfilter/ipvs/ip_vs_est.c | |||
@@ -192,7 +192,7 @@ void ip_vs_read_estimator(struct ip_vs_stats_user *dst, | |||
192 | dst->outbps = (e->outbps + 0xF) >> 5; | 192 | dst->outbps = (e->outbps + 0xF) >> 5; |
193 | } | 193 | } |
194 | 194 | ||
195 | static int __net_init __ip_vs_estimator_init(struct net *net) | 195 | int __net_init __ip_vs_estimator_init(struct net *net) |
196 | { | 196 | { |
197 | struct netns_ipvs *ipvs = net_ipvs(net); | 197 | struct netns_ipvs *ipvs = net_ipvs(net); |
198 | 198 | ||
@@ -203,24 +203,16 @@ static int __net_init __ip_vs_estimator_init(struct net *net) | |||
203 | return 0; | 203 | return 0; |
204 | } | 204 | } |
205 | 205 | ||
206 | static void __net_exit __ip_vs_estimator_exit(struct net *net) | 206 | void __net_exit __ip_vs_estimator_cleanup(struct net *net) |
207 | { | 207 | { |
208 | del_timer_sync(&net_ipvs(net)->est_timer); | 208 | del_timer_sync(&net_ipvs(net)->est_timer); |
209 | } | 209 | } |
210 | static struct pernet_operations ip_vs_app_ops = { | ||
211 | .init = __ip_vs_estimator_init, | ||
212 | .exit = __ip_vs_estimator_exit, | ||
213 | }; | ||
214 | 210 | ||
215 | int __init ip_vs_estimator_init(void) | 211 | int __init ip_vs_estimator_init(void) |
216 | { | 212 | { |
217 | int rv; | 213 | return 0; |
218 | |||
219 | rv = register_pernet_subsys(&ip_vs_app_ops); | ||
220 | return rv; | ||
221 | } | 214 | } |
222 | 215 | ||
223 | void ip_vs_estimator_cleanup(void) | 216 | void ip_vs_estimator_cleanup(void) |
224 | { | 217 | { |
225 | unregister_pernet_subsys(&ip_vs_app_ops); | ||
226 | } | 218 | } |
diff --git a/net/netfilter/ipvs/ip_vs_proto.c b/net/netfilter/ipvs/ip_vs_proto.c index 17484a4416ef..eb86028536fc 100644 --- a/net/netfilter/ipvs/ip_vs_proto.c +++ b/net/netfilter/ipvs/ip_vs_proto.c | |||
@@ -316,7 +316,7 @@ ip_vs_tcpudp_debug_packet(int af, struct ip_vs_protocol *pp, | |||
316 | /* | 316 | /* |
317 | * per network name-space init | 317 | * per network name-space init |
318 | */ | 318 | */ |
319 | static int __net_init __ip_vs_protocol_init(struct net *net) | 319 | int __net_init __ip_vs_protocol_init(struct net *net) |
320 | { | 320 | { |
321 | #ifdef CONFIG_IP_VS_PROTO_TCP | 321 | #ifdef CONFIG_IP_VS_PROTO_TCP |
322 | register_ip_vs_proto_netns(net, &ip_vs_protocol_tcp); | 322 | register_ip_vs_proto_netns(net, &ip_vs_protocol_tcp); |
@@ -336,7 +336,7 @@ static int __net_init __ip_vs_protocol_init(struct net *net) | |||
336 | return 0; | 336 | return 0; |
337 | } | 337 | } |
338 | 338 | ||
339 | static void __net_exit __ip_vs_protocol_cleanup(struct net *net) | 339 | void __net_exit __ip_vs_protocol_cleanup(struct net *net) |
340 | { | 340 | { |
341 | struct netns_ipvs *ipvs = net_ipvs(net); | 341 | struct netns_ipvs *ipvs = net_ipvs(net); |
342 | struct ip_vs_proto_data *pd; | 342 | struct ip_vs_proto_data *pd; |
@@ -349,11 +349,6 @@ static void __net_exit __ip_vs_protocol_cleanup(struct net *net) | |||
349 | } | 349 | } |
350 | } | 350 | } |
351 | 351 | ||
352 | static struct pernet_operations ipvs_proto_ops = { | ||
353 | .init = __ip_vs_protocol_init, | ||
354 | .exit = __ip_vs_protocol_cleanup, | ||
355 | }; | ||
356 | |||
357 | int __init ip_vs_protocol_init(void) | 352 | int __init ip_vs_protocol_init(void) |
358 | { | 353 | { |
359 | char protocols[64]; | 354 | char protocols[64]; |
@@ -382,7 +377,6 @@ int __init ip_vs_protocol_init(void) | |||
382 | REGISTER_PROTOCOL(&ip_vs_protocol_esp); | 377 | REGISTER_PROTOCOL(&ip_vs_protocol_esp); |
383 | #endif | 378 | #endif |
384 | pr_info("Registered protocols (%s)\n", &protocols[2]); | 379 | pr_info("Registered protocols (%s)\n", &protocols[2]); |
385 | return register_pernet_subsys(&ipvs_proto_ops); | ||
386 | 380 | ||
387 | return 0; | 381 | return 0; |
388 | } | 382 | } |
@@ -393,7 +387,6 @@ void ip_vs_protocol_cleanup(void) | |||
393 | struct ip_vs_protocol *pp; | 387 | struct ip_vs_protocol *pp; |
394 | int i; | 388 | int i; |
395 | 389 | ||
396 | unregister_pernet_subsys(&ipvs_proto_ops); | ||
397 | /* unregister all the ipvs protocols */ | 390 | /* unregister all the ipvs protocols */ |
398 | for (i = 0; i < IP_VS_PROTO_TAB_SIZE; i++) { | 391 | for (i = 0; i < IP_VS_PROTO_TAB_SIZE; i++) { |
399 | while ((pp = ip_vs_proto_table[i]) != NULL) | 392 | while ((pp = ip_vs_proto_table[i]) != NULL) |
diff --git a/net/netfilter/ipvs/ip_vs_sync.c b/net/netfilter/ipvs/ip_vs_sync.c index 3e7961e85e9c..e292e5bddc70 100644 --- a/net/netfilter/ipvs/ip_vs_sync.c +++ b/net/netfilter/ipvs/ip_vs_sync.c | |||
@@ -1303,13 +1303,18 @@ static struct socket *make_send_sock(struct net *net) | |||
1303 | struct socket *sock; | 1303 | struct socket *sock; |
1304 | int result; | 1304 | int result; |
1305 | 1305 | ||
1306 | /* First create a socket */ | 1306 | /* First create a socket move it to right name space later */ |
1307 | result = __sock_create(net, PF_INET, SOCK_DGRAM, IPPROTO_UDP, &sock, 1); | 1307 | result = sock_create_kern(PF_INET, SOCK_DGRAM, IPPROTO_UDP, &sock); |
1308 | if (result < 0) { | 1308 | if (result < 0) { |
1309 | pr_err("Error during creation of socket; terminating\n"); | 1309 | pr_err("Error during creation of socket; terminating\n"); |
1310 | return ERR_PTR(result); | 1310 | return ERR_PTR(result); |
1311 | } | 1311 | } |
1312 | 1312 | /* | |
1313 | * Kernel sockets that are a part of a namespace, should not | ||
1314 | * hold a reference to a namespace in order to allow to stop it. | ||
1315 | * After sk_change_net should be released using sk_release_kernel. | ||
1316 | */ | ||
1317 | sk_change_net(sock->sk, net); | ||
1313 | result = set_mcast_if(sock->sk, ipvs->master_mcast_ifn); | 1318 | result = set_mcast_if(sock->sk, ipvs->master_mcast_ifn); |
1314 | if (result < 0) { | 1319 | if (result < 0) { |
1315 | pr_err("Error setting outbound mcast interface\n"); | 1320 | pr_err("Error setting outbound mcast interface\n"); |
@@ -1334,8 +1339,8 @@ static struct socket *make_send_sock(struct net *net) | |||
1334 | 1339 | ||
1335 | return sock; | 1340 | return sock; |
1336 | 1341 | ||
1337 | error: | 1342 | error: |
1338 | sock_release(sock); | 1343 | sk_release_kernel(sock->sk); |
1339 | return ERR_PTR(result); | 1344 | return ERR_PTR(result); |
1340 | } | 1345 | } |
1341 | 1346 | ||
@@ -1350,12 +1355,17 @@ static struct socket *make_receive_sock(struct net *net) | |||
1350 | int result; | 1355 | int result; |
1351 | 1356 | ||
1352 | /* First create a socket */ | 1357 | /* First create a socket */ |
1353 | result = __sock_create(net, PF_INET, SOCK_DGRAM, IPPROTO_UDP, &sock, 1); | 1358 | result = sock_create_kern(PF_INET, SOCK_DGRAM, IPPROTO_UDP, &sock); |
1354 | if (result < 0) { | 1359 | if (result < 0) { |
1355 | pr_err("Error during creation of socket; terminating\n"); | 1360 | pr_err("Error during creation of socket; terminating\n"); |
1356 | return ERR_PTR(result); | 1361 | return ERR_PTR(result); |
1357 | } | 1362 | } |
1358 | 1363 | /* | |
1364 | * Kernel sockets that are a part of a namespace, should not | ||
1365 | * hold a reference to a namespace in order to allow to stop it. | ||
1366 | * After sk_change_net should be released using sk_release_kernel. | ||
1367 | */ | ||
1368 | sk_change_net(sock->sk, net); | ||
1359 | /* it is equivalent to the REUSEADDR option in user-space */ | 1369 | /* it is equivalent to the REUSEADDR option in user-space */ |
1360 | sock->sk->sk_reuse = 1; | 1370 | sock->sk->sk_reuse = 1; |
1361 | 1371 | ||
@@ -1377,8 +1387,8 @@ static struct socket *make_receive_sock(struct net *net) | |||
1377 | 1387 | ||
1378 | return sock; | 1388 | return sock; |
1379 | 1389 | ||
1380 | error: | 1390 | error: |
1381 | sock_release(sock); | 1391 | sk_release_kernel(sock->sk); |
1382 | return ERR_PTR(result); | 1392 | return ERR_PTR(result); |
1383 | } | 1393 | } |
1384 | 1394 | ||
@@ -1473,7 +1483,7 @@ static int sync_thread_master(void *data) | |||
1473 | ip_vs_sync_buff_release(sb); | 1483 | ip_vs_sync_buff_release(sb); |
1474 | 1484 | ||
1475 | /* release the sending multicast socket */ | 1485 | /* release the sending multicast socket */ |
1476 | sock_release(tinfo->sock); | 1486 | sk_release_kernel(tinfo->sock->sk); |
1477 | kfree(tinfo); | 1487 | kfree(tinfo); |
1478 | 1488 | ||
1479 | return 0; | 1489 | return 0; |
@@ -1513,7 +1523,7 @@ static int sync_thread_backup(void *data) | |||
1513 | } | 1523 | } |
1514 | 1524 | ||
1515 | /* release the sending multicast socket */ | 1525 | /* release the sending multicast socket */ |
1516 | sock_release(tinfo->sock); | 1526 | sk_release_kernel(tinfo->sock->sk); |
1517 | kfree(tinfo->buf); | 1527 | kfree(tinfo->buf); |
1518 | kfree(tinfo); | 1528 | kfree(tinfo); |
1519 | 1529 | ||
@@ -1601,7 +1611,7 @@ outtinfo: | |||
1601 | outbuf: | 1611 | outbuf: |
1602 | kfree(buf); | 1612 | kfree(buf); |
1603 | outsocket: | 1613 | outsocket: |
1604 | sock_release(sock); | 1614 | sk_release_kernel(sock->sk); |
1605 | out: | 1615 | out: |
1606 | return result; | 1616 | return result; |
1607 | } | 1617 | } |
@@ -1610,6 +1620,7 @@ out: | |||
1610 | int stop_sync_thread(struct net *net, int state) | 1620 | int stop_sync_thread(struct net *net, int state) |
1611 | { | 1621 | { |
1612 | struct netns_ipvs *ipvs = net_ipvs(net); | 1622 | struct netns_ipvs *ipvs = net_ipvs(net); |
1623 | int retc = -EINVAL; | ||
1613 | 1624 | ||
1614 | IP_VS_DBG(7, "%s(): pid %d\n", __func__, task_pid_nr(current)); | 1625 | IP_VS_DBG(7, "%s(): pid %d\n", __func__, task_pid_nr(current)); |
1615 | 1626 | ||
@@ -1629,7 +1640,7 @@ int stop_sync_thread(struct net *net, int state) | |||
1629 | spin_lock_bh(&ipvs->sync_lock); | 1640 | spin_lock_bh(&ipvs->sync_lock); |
1630 | ipvs->sync_state &= ~IP_VS_STATE_MASTER; | 1641 | ipvs->sync_state &= ~IP_VS_STATE_MASTER; |
1631 | spin_unlock_bh(&ipvs->sync_lock); | 1642 | spin_unlock_bh(&ipvs->sync_lock); |
1632 | kthread_stop(ipvs->master_thread); | 1643 | retc = kthread_stop(ipvs->master_thread); |
1633 | ipvs->master_thread = NULL; | 1644 | ipvs->master_thread = NULL; |
1634 | } else if (state == IP_VS_STATE_BACKUP) { | 1645 | } else if (state == IP_VS_STATE_BACKUP) { |
1635 | if (!ipvs->backup_thread) | 1646 | if (!ipvs->backup_thread) |
@@ -1639,22 +1650,20 @@ int stop_sync_thread(struct net *net, int state) | |||
1639 | task_pid_nr(ipvs->backup_thread)); | 1650 | task_pid_nr(ipvs->backup_thread)); |
1640 | 1651 | ||
1641 | ipvs->sync_state &= ~IP_VS_STATE_BACKUP; | 1652 | ipvs->sync_state &= ~IP_VS_STATE_BACKUP; |
1642 | kthread_stop(ipvs->backup_thread); | 1653 | retc = kthread_stop(ipvs->backup_thread); |
1643 | ipvs->backup_thread = NULL; | 1654 | ipvs->backup_thread = NULL; |
1644 | } else { | ||
1645 | return -EINVAL; | ||
1646 | } | 1655 | } |
1647 | 1656 | ||
1648 | /* decrease the module use count */ | 1657 | /* decrease the module use count */ |
1649 | ip_vs_use_count_dec(); | 1658 | ip_vs_use_count_dec(); |
1650 | 1659 | ||
1651 | return 0; | 1660 | return retc; |
1652 | } | 1661 | } |
1653 | 1662 | ||
1654 | /* | 1663 | /* |
1655 | * Initialize data struct for each netns | 1664 | * Initialize data struct for each netns |
1656 | */ | 1665 | */ |
1657 | static int __net_init __ip_vs_sync_init(struct net *net) | 1666 | int __net_init __ip_vs_sync_init(struct net *net) |
1658 | { | 1667 | { |
1659 | struct netns_ipvs *ipvs = net_ipvs(net); | 1668 | struct netns_ipvs *ipvs = net_ipvs(net); |
1660 | 1669 | ||
@@ -1668,24 +1677,24 @@ static int __net_init __ip_vs_sync_init(struct net *net) | |||
1668 | return 0; | 1677 | return 0; |
1669 | } | 1678 | } |
1670 | 1679 | ||
1671 | static void __ip_vs_sync_cleanup(struct net *net) | 1680 | void __ip_vs_sync_cleanup(struct net *net) |
1672 | { | 1681 | { |
1673 | stop_sync_thread(net, IP_VS_STATE_MASTER); | 1682 | int retc; |
1674 | stop_sync_thread(net, IP_VS_STATE_BACKUP); | ||
1675 | } | ||
1676 | 1683 | ||
1677 | static struct pernet_operations ipvs_sync_ops = { | 1684 | retc = stop_sync_thread(net, IP_VS_STATE_MASTER); |
1678 | .init = __ip_vs_sync_init, | 1685 | if (retc && retc != -ESRCH) |
1679 | .exit = __ip_vs_sync_cleanup, | 1686 | pr_err("Failed to stop Master Daemon\n"); |
1680 | }; | ||
1681 | 1687 | ||
1688 | retc = stop_sync_thread(net, IP_VS_STATE_BACKUP); | ||
1689 | if (retc && retc != -ESRCH) | ||
1690 | pr_err("Failed to stop Backup Daemon\n"); | ||
1691 | } | ||
1682 | 1692 | ||
1683 | int __init ip_vs_sync_init(void) | 1693 | int __init ip_vs_sync_init(void) |
1684 | { | 1694 | { |
1685 | return register_pernet_subsys(&ipvs_sync_ops); | 1695 | return 0; |
1686 | } | 1696 | } |
1687 | 1697 | ||
1688 | void ip_vs_sync_cleanup(void) | 1698 | void ip_vs_sync_cleanup(void) |
1689 | { | 1699 | { |
1690 | unregister_pernet_subsys(&ipvs_sync_ops); | ||
1691 | } | 1700 | } |
diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c index 30bf8a167fc8..482e90c61850 100644 --- a/net/netfilter/nf_conntrack_netlink.c +++ b/net/netfilter/nf_conntrack_netlink.c | |||
@@ -1334,6 +1334,7 @@ ctnetlink_create_conntrack(struct net *net, u16 zone, | |||
1334 | struct nf_conn *ct; | 1334 | struct nf_conn *ct; |
1335 | int err = -EINVAL; | 1335 | int err = -EINVAL; |
1336 | struct nf_conntrack_helper *helper; | 1336 | struct nf_conntrack_helper *helper; |
1337 | struct nf_conn_tstamp *tstamp; | ||
1337 | 1338 | ||
1338 | ct = nf_conntrack_alloc(net, zone, otuple, rtuple, GFP_ATOMIC); | 1339 | ct = nf_conntrack_alloc(net, zone, otuple, rtuple, GFP_ATOMIC); |
1339 | if (IS_ERR(ct)) | 1340 | if (IS_ERR(ct)) |
@@ -1451,6 +1452,9 @@ ctnetlink_create_conntrack(struct net *net, u16 zone, | |||
1451 | __set_bit(IPS_EXPECTED_BIT, &ct->status); | 1452 | __set_bit(IPS_EXPECTED_BIT, &ct->status); |
1452 | ct->master = master_ct; | 1453 | ct->master = master_ct; |
1453 | } | 1454 | } |
1455 | tstamp = nf_conn_tstamp_find(ct); | ||
1456 | if (tstamp) | ||
1457 | tstamp->start = ktime_to_ns(ktime_get_real()); | ||
1454 | 1458 | ||
1455 | add_timer(&ct->timeout); | 1459 | add_timer(&ct->timeout); |
1456 | nf_conntrack_hash_insert(ct); | 1460 | nf_conntrack_hash_insert(ct); |
diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c index a9adf4c6b299..8a025a585d2f 100644 --- a/net/netfilter/x_tables.c +++ b/net/netfilter/x_tables.c | |||
@@ -455,6 +455,7 @@ void xt_compat_flush_offsets(u_int8_t af) | |||
455 | vfree(xt[af].compat_tab); | 455 | vfree(xt[af].compat_tab); |
456 | xt[af].compat_tab = NULL; | 456 | xt[af].compat_tab = NULL; |
457 | xt[af].number = 0; | 457 | xt[af].number = 0; |
458 | xt[af].cur = 0; | ||
458 | } | 459 | } |
459 | } | 460 | } |
460 | EXPORT_SYMBOL_GPL(xt_compat_flush_offsets); | 461 | EXPORT_SYMBOL_GPL(xt_compat_flush_offsets); |
@@ -473,8 +474,7 @@ int xt_compat_calc_jump(u_int8_t af, unsigned int offset) | |||
473 | else | 474 | else |
474 | return mid ? tmp[mid - 1].delta : 0; | 475 | return mid ? tmp[mid - 1].delta : 0; |
475 | } | 476 | } |
476 | WARN_ON_ONCE(1); | 477 | return left ? tmp[left - 1].delta : 0; |
477 | return 0; | ||
478 | } | 478 | } |
479 | EXPORT_SYMBOL_GPL(xt_compat_calc_jump); | 479 | EXPORT_SYMBOL_GPL(xt_compat_calc_jump); |
480 | 480 | ||
diff --git a/net/netfilter/xt_DSCP.c b/net/netfilter/xt_DSCP.c index 0a229191e55b..ae8271652efa 100644 --- a/net/netfilter/xt_DSCP.c +++ b/net/netfilter/xt_DSCP.c | |||
@@ -99,7 +99,7 @@ tos_tg6(struct sk_buff *skb, const struct xt_action_param *par) | |||
99 | u_int8_t orig, nv; | 99 | u_int8_t orig, nv; |
100 | 100 | ||
101 | orig = ipv6_get_dsfield(iph); | 101 | orig = ipv6_get_dsfield(iph); |
102 | nv = (orig & info->tos_mask) ^ info->tos_value; | 102 | nv = (orig & ~info->tos_mask) ^ info->tos_value; |
103 | 103 | ||
104 | if (orig != nv) { | 104 | if (orig != nv) { |
105 | if (!skb_make_writable(skb, sizeof(struct iphdr))) | 105 | if (!skb_make_writable(skb, sizeof(struct iphdr))) |
diff --git a/net/netfilter/xt_conntrack.c b/net/netfilter/xt_conntrack.c index 481a86fdc409..61805d7b38aa 100644 --- a/net/netfilter/xt_conntrack.c +++ b/net/netfilter/xt_conntrack.c | |||
@@ -272,11 +272,6 @@ static int conntrack_mt_check(const struct xt_mtchk_param *par) | |||
272 | { | 272 | { |
273 | int ret; | 273 | int ret; |
274 | 274 | ||
275 | if (strcmp(par->table, "raw") == 0) { | ||
276 | pr_info("state is undetermined at the time of raw table\n"); | ||
277 | return -EINVAL; | ||
278 | } | ||
279 | |||
280 | ret = nf_ct_l3proto_try_module_get(par->family); | 275 | ret = nf_ct_l3proto_try_module_get(par->family); |
281 | if (ret < 0) | 276 | if (ret < 0) |
282 | pr_info("cannot load conntrack support for proto=%u\n", | 277 | pr_info("cannot load conntrack support for proto=%u\n", |
diff --git a/net/netfilter/xt_set.c b/net/netfilter/xt_set.c index 061d48cec137..b3babaed7719 100644 --- a/net/netfilter/xt_set.c +++ b/net/netfilter/xt_set.c | |||
@@ -81,6 +81,7 @@ set_match_v0_checkentry(const struct xt_mtchk_param *par) | |||
81 | if (info->match_set.u.flags[IPSET_DIM_MAX-1] != 0) { | 81 | if (info->match_set.u.flags[IPSET_DIM_MAX-1] != 0) { |
82 | pr_warning("Protocol error: set match dimension " | 82 | pr_warning("Protocol error: set match dimension " |
83 | "is over the limit!\n"); | 83 | "is over the limit!\n"); |
84 | ip_set_nfnl_put(info->match_set.index); | ||
84 | return -ERANGE; | 85 | return -ERANGE; |
85 | } | 86 | } |
86 | 87 | ||
@@ -135,6 +136,8 @@ set_target_v0_checkentry(const struct xt_tgchk_param *par) | |||
135 | if (index == IPSET_INVALID_ID) { | 136 | if (index == IPSET_INVALID_ID) { |
136 | pr_warning("Cannot find del_set index %u as target\n", | 137 | pr_warning("Cannot find del_set index %u as target\n", |
137 | info->del_set.index); | 138 | info->del_set.index); |
139 | if (info->add_set.index != IPSET_INVALID_ID) | ||
140 | ip_set_nfnl_put(info->add_set.index); | ||
138 | return -ENOENT; | 141 | return -ENOENT; |
139 | } | 142 | } |
140 | } | 143 | } |
@@ -142,6 +145,10 @@ set_target_v0_checkentry(const struct xt_tgchk_param *par) | |||
142 | info->del_set.u.flags[IPSET_DIM_MAX-1] != 0) { | 145 | info->del_set.u.flags[IPSET_DIM_MAX-1] != 0) { |
143 | pr_warning("Protocol error: SET target dimension " | 146 | pr_warning("Protocol error: SET target dimension " |
144 | "is over the limit!\n"); | 147 | "is over the limit!\n"); |
148 | if (info->add_set.index != IPSET_INVALID_ID) | ||
149 | ip_set_nfnl_put(info->add_set.index); | ||
150 | if (info->del_set.index != IPSET_INVALID_ID) | ||
151 | ip_set_nfnl_put(info->del_set.index); | ||
145 | return -ERANGE; | 152 | return -ERANGE; |
146 | } | 153 | } |
147 | 154 | ||
@@ -192,6 +199,7 @@ set_match_checkentry(const struct xt_mtchk_param *par) | |||
192 | if (info->match_set.dim > IPSET_DIM_MAX) { | 199 | if (info->match_set.dim > IPSET_DIM_MAX) { |
193 | pr_warning("Protocol error: set match dimension " | 200 | pr_warning("Protocol error: set match dimension " |
194 | "is over the limit!\n"); | 201 | "is over the limit!\n"); |
202 | ip_set_nfnl_put(info->match_set.index); | ||
195 | return -ERANGE; | 203 | return -ERANGE; |
196 | } | 204 | } |
197 | 205 | ||
@@ -219,7 +227,7 @@ set_target(struct sk_buff *skb, const struct xt_action_param *par) | |||
219 | if (info->del_set.index != IPSET_INVALID_ID) | 227 | if (info->del_set.index != IPSET_INVALID_ID) |
220 | ip_set_del(info->del_set.index, | 228 | ip_set_del(info->del_set.index, |
221 | skb, par->family, | 229 | skb, par->family, |
222 | info->add_set.dim, | 230 | info->del_set.dim, |
223 | info->del_set.flags); | 231 | info->del_set.flags); |
224 | 232 | ||
225 | return XT_CONTINUE; | 233 | return XT_CONTINUE; |
@@ -245,13 +253,19 @@ set_target_checkentry(const struct xt_tgchk_param *par) | |||
245 | if (index == IPSET_INVALID_ID) { | 253 | if (index == IPSET_INVALID_ID) { |
246 | pr_warning("Cannot find del_set index %u as target\n", | 254 | pr_warning("Cannot find del_set index %u as target\n", |
247 | info->del_set.index); | 255 | info->del_set.index); |
256 | if (info->add_set.index != IPSET_INVALID_ID) | ||
257 | ip_set_nfnl_put(info->add_set.index); | ||
248 | return -ENOENT; | 258 | return -ENOENT; |
249 | } | 259 | } |
250 | } | 260 | } |
251 | if (info->add_set.dim > IPSET_DIM_MAX || | 261 | if (info->add_set.dim > IPSET_DIM_MAX || |
252 | info->del_set.flags > IPSET_DIM_MAX) { | 262 | info->del_set.dim > IPSET_DIM_MAX) { |
253 | pr_warning("Protocol error: SET target dimension " | 263 | pr_warning("Protocol error: SET target dimension " |
254 | "is over the limit!\n"); | 264 | "is over the limit!\n"); |
265 | if (info->add_set.index != IPSET_INVALID_ID) | ||
266 | ip_set_nfnl_put(info->add_set.index); | ||
267 | if (info->del_set.index != IPSET_INVALID_ID) | ||
268 | ip_set_nfnl_put(info->del_set.index); | ||
255 | return -ERANGE; | 269 | return -ERANGE; |
256 | } | 270 | } |
257 | 271 | ||
diff --git a/net/sctp/associola.c b/net/sctp/associola.c index 0698cad61763..1a21c571aa03 100644 --- a/net/sctp/associola.c +++ b/net/sctp/associola.c | |||
@@ -569,6 +569,8 @@ void sctp_assoc_rm_peer(struct sctp_association *asoc, | |||
569 | sctp_assoc_set_primary(asoc, transport); | 569 | sctp_assoc_set_primary(asoc, transport); |
570 | if (asoc->peer.active_path == peer) | 570 | if (asoc->peer.active_path == peer) |
571 | asoc->peer.active_path = transport; | 571 | asoc->peer.active_path = transport; |
572 | if (asoc->peer.retran_path == peer) | ||
573 | asoc->peer.retran_path = transport; | ||
572 | if (asoc->peer.last_data_from == peer) | 574 | if (asoc->peer.last_data_from == peer) |
573 | asoc->peer.last_data_from = transport; | 575 | asoc->peer.last_data_from = transport; |
574 | 576 | ||
@@ -1323,6 +1325,8 @@ void sctp_assoc_update_retran_path(struct sctp_association *asoc) | |||
1323 | 1325 | ||
1324 | if (t) | 1326 | if (t) |
1325 | asoc->peer.retran_path = t; | 1327 | asoc->peer.retran_path = t; |
1328 | else | ||
1329 | t = asoc->peer.retran_path; | ||
1326 | 1330 | ||
1327 | SCTP_DEBUG_PRINTK_IPADDR("sctp_assoc_update_retran_path:association" | 1331 | SCTP_DEBUG_PRINTK_IPADDR("sctp_assoc_update_retran_path:association" |
1328 | " %p addr: ", | 1332 | " %p addr: ", |
diff --git a/net/sctp/ulpevent.c b/net/sctp/ulpevent.c index dff27d5e22fd..61b1f5ada96a 100644 --- a/net/sctp/ulpevent.c +++ b/net/sctp/ulpevent.c | |||
@@ -554,7 +554,7 @@ struct sctp_ulpevent *sctp_ulpevent_make_send_failed( | |||
554 | memcpy(&ssf->ssf_info, &chunk->sinfo, sizeof(struct sctp_sndrcvinfo)); | 554 | memcpy(&ssf->ssf_info, &chunk->sinfo, sizeof(struct sctp_sndrcvinfo)); |
555 | 555 | ||
556 | /* Per TSVWG discussion with Randy. Allow the application to | 556 | /* Per TSVWG discussion with Randy. Allow the application to |
557 | * resemble a fragmented message. | 557 | * reassemble a fragmented message. |
558 | */ | 558 | */ |
559 | ssf->ssf_info.sinfo_flags = chunk->chunk_hdr->flags; | 559 | ssf->ssf_info.sinfo_flags = chunk->chunk_hdr->flags; |
560 | 560 | ||
diff --git a/net/sunrpc/Kconfig b/net/sunrpc/Kconfig index 8873fd8ddacd..b2198e65d8bb 100644 --- a/net/sunrpc/Kconfig +++ b/net/sunrpc/Kconfig | |||
@@ -18,14 +18,13 @@ config SUNRPC_XPRT_RDMA | |||
18 | If unsure, say N. | 18 | If unsure, say N. |
19 | 19 | ||
20 | config RPCSEC_GSS_KRB5 | 20 | config RPCSEC_GSS_KRB5 |
21 | tristate | 21 | tristate "Secure RPC: Kerberos V mechanism" |
22 | depends on SUNRPC && CRYPTO | 22 | depends on SUNRPC && CRYPTO |
23 | prompt "Secure RPC: Kerberos V mechanism" if !(NFS_V4 || NFSD_V4) | 23 | depends on CRYPTO_MD5 && CRYPTO_DES && CRYPTO_CBC && CRYPTO_CTS |
24 | depends on CRYPTO_ECB && CRYPTO_HMAC && CRYPTO_SHA1 && CRYPTO_AES | ||
25 | depends on CRYPTO_ARC4 | ||
24 | default y | 26 | default y |
25 | select SUNRPC_GSS | 27 | select SUNRPC_GSS |
26 | select CRYPTO_MD5 | ||
27 | select CRYPTO_DES | ||
28 | select CRYPTO_CBC | ||
29 | help | 28 | help |
30 | Choose Y here to enable Secure RPC using the Kerberos version 5 | 29 | Choose Y here to enable Secure RPC using the Kerberos version 5 |
31 | GSS-API mechanism (RFC 1964). | 30 | GSS-API mechanism (RFC 1964). |
diff --git a/net/sunrpc/auth_gss/auth_gss.c b/net/sunrpc/auth_gss/auth_gss.c index f3914d0c5079..339ba64cce1e 100644 --- a/net/sunrpc/auth_gss/auth_gss.c +++ b/net/sunrpc/auth_gss/auth_gss.c | |||
@@ -520,7 +520,7 @@ gss_refresh_upcall(struct rpc_task *task) | |||
520 | warn_gssd(); | 520 | warn_gssd(); |
521 | task->tk_timeout = 15*HZ; | 521 | task->tk_timeout = 15*HZ; |
522 | rpc_sleep_on(&pipe_version_rpc_waitqueue, task, NULL); | 522 | rpc_sleep_on(&pipe_version_rpc_waitqueue, task, NULL); |
523 | return 0; | 523 | return -EAGAIN; |
524 | } | 524 | } |
525 | if (IS_ERR(gss_msg)) { | 525 | if (IS_ERR(gss_msg)) { |
526 | err = PTR_ERR(gss_msg); | 526 | err = PTR_ERR(gss_msg); |
@@ -563,10 +563,12 @@ retry: | |||
563 | if (PTR_ERR(gss_msg) == -EAGAIN) { | 563 | if (PTR_ERR(gss_msg) == -EAGAIN) { |
564 | err = wait_event_interruptible_timeout(pipe_version_waitqueue, | 564 | err = wait_event_interruptible_timeout(pipe_version_waitqueue, |
565 | pipe_version >= 0, 15*HZ); | 565 | pipe_version >= 0, 15*HZ); |
566 | if (pipe_version < 0) { | ||
567 | warn_gssd(); | ||
568 | err = -EACCES; | ||
569 | } | ||
566 | if (err) | 570 | if (err) |
567 | goto out; | 571 | goto out; |
568 | if (pipe_version < 0) | ||
569 | warn_gssd(); | ||
570 | goto retry; | 572 | goto retry; |
571 | } | 573 | } |
572 | if (IS_ERR(gss_msg)) { | 574 | if (IS_ERR(gss_msg)) { |
diff --git a/net/sunrpc/clnt.c b/net/sunrpc/clnt.c index e7a96e478f63..8d83f9d48713 100644 --- a/net/sunrpc/clnt.c +++ b/net/sunrpc/clnt.c | |||
@@ -1508,7 +1508,10 @@ call_timeout(struct rpc_task *task) | |||
1508 | if (clnt->cl_chatty) | 1508 | if (clnt->cl_chatty) |
1509 | printk(KERN_NOTICE "%s: server %s not responding, timed out\n", | 1509 | printk(KERN_NOTICE "%s: server %s not responding, timed out\n", |
1510 | clnt->cl_protname, clnt->cl_server); | 1510 | clnt->cl_protname, clnt->cl_server); |
1511 | rpc_exit(task, -EIO); | 1511 | if (task->tk_flags & RPC_TASK_TIMEOUT) |
1512 | rpc_exit(task, -ETIMEDOUT); | ||
1513 | else | ||
1514 | rpc_exit(task, -EIO); | ||
1512 | return; | 1515 | return; |
1513 | } | 1516 | } |
1514 | 1517 | ||
diff --git a/net/sunrpc/xprt.c b/net/sunrpc/xprt.c index 9494c3767356..ce5eb68a9664 100644 --- a/net/sunrpc/xprt.c +++ b/net/sunrpc/xprt.c | |||
@@ -906,6 +906,7 @@ void xprt_transmit(struct rpc_task *task) | |||
906 | } | 906 | } |
907 | 907 | ||
908 | dprintk("RPC: %5u xmit complete\n", task->tk_pid); | 908 | dprintk("RPC: %5u xmit complete\n", task->tk_pid); |
909 | task->tk_flags |= RPC_TASK_SENT; | ||
909 | spin_lock_bh(&xprt->transport_lock); | 910 | spin_lock_bh(&xprt->transport_lock); |
910 | 911 | ||
911 | xprt->ops->set_retrans_timeout(task); | 912 | xprt->ops->set_retrans_timeout(task); |
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c index 3a43a8304768..b1d75beb7e20 100644 --- a/net/unix/af_unix.c +++ b/net/unix/af_unix.c | |||
@@ -524,6 +524,8 @@ static int unix_dgram_connect(struct socket *, struct sockaddr *, | |||
524 | int, int); | 524 | int, int); |
525 | static int unix_seqpacket_sendmsg(struct kiocb *, struct socket *, | 525 | static int unix_seqpacket_sendmsg(struct kiocb *, struct socket *, |
526 | struct msghdr *, size_t); | 526 | struct msghdr *, size_t); |
527 | static int unix_seqpacket_recvmsg(struct kiocb *, struct socket *, | ||
528 | struct msghdr *, size_t, int); | ||
527 | 529 | ||
528 | static const struct proto_ops unix_stream_ops = { | 530 | static const struct proto_ops unix_stream_ops = { |
529 | .family = PF_UNIX, | 531 | .family = PF_UNIX, |
@@ -583,7 +585,7 @@ static const struct proto_ops unix_seqpacket_ops = { | |||
583 | .setsockopt = sock_no_setsockopt, | 585 | .setsockopt = sock_no_setsockopt, |
584 | .getsockopt = sock_no_getsockopt, | 586 | .getsockopt = sock_no_getsockopt, |
585 | .sendmsg = unix_seqpacket_sendmsg, | 587 | .sendmsg = unix_seqpacket_sendmsg, |
586 | .recvmsg = unix_dgram_recvmsg, | 588 | .recvmsg = unix_seqpacket_recvmsg, |
587 | .mmap = sock_no_mmap, | 589 | .mmap = sock_no_mmap, |
588 | .sendpage = sock_no_sendpage, | 590 | .sendpage = sock_no_sendpage, |
589 | }; | 591 | }; |
@@ -1699,6 +1701,18 @@ static int unix_seqpacket_sendmsg(struct kiocb *kiocb, struct socket *sock, | |||
1699 | return unix_dgram_sendmsg(kiocb, sock, msg, len); | 1701 | return unix_dgram_sendmsg(kiocb, sock, msg, len); |
1700 | } | 1702 | } |
1701 | 1703 | ||
1704 | static int unix_seqpacket_recvmsg(struct kiocb *iocb, struct socket *sock, | ||
1705 | struct msghdr *msg, size_t size, | ||
1706 | int flags) | ||
1707 | { | ||
1708 | struct sock *sk = sock->sk; | ||
1709 | |||
1710 | if (sk->sk_state != TCP_ESTABLISHED) | ||
1711 | return -ENOTCONN; | ||
1712 | |||
1713 | return unix_dgram_recvmsg(iocb, sock, msg, size, flags); | ||
1714 | } | ||
1715 | |||
1702 | static void unix_copy_addr(struct msghdr *msg, struct sock *sk) | 1716 | static void unix_copy_addr(struct msghdr *msg, struct sock *sk) |
1703 | { | 1717 | { |
1704 | struct unix_sock *u = unix_sk(sk); | 1718 | struct unix_sock *u = unix_sk(sk); |
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c index 15792d8b6272..b4d745ea8ee1 100644 --- a/net/xfrm/xfrm_policy.c +++ b/net/xfrm/xfrm_policy.c | |||
@@ -1406,6 +1406,7 @@ static struct dst_entry *xfrm_bundle_create(struct xfrm_policy *policy, | |||
1406 | struct net *net = xp_net(policy); | 1406 | struct net *net = xp_net(policy); |
1407 | unsigned long now = jiffies; | 1407 | unsigned long now = jiffies; |
1408 | struct net_device *dev; | 1408 | struct net_device *dev; |
1409 | struct xfrm_mode *inner_mode; | ||
1409 | struct dst_entry *dst_prev = NULL; | 1410 | struct dst_entry *dst_prev = NULL; |
1410 | struct dst_entry *dst0 = NULL; | 1411 | struct dst_entry *dst0 = NULL; |
1411 | int i = 0; | 1412 | int i = 0; |
@@ -1436,6 +1437,17 @@ static struct dst_entry *xfrm_bundle_create(struct xfrm_policy *policy, | |||
1436 | goto put_states; | 1437 | goto put_states; |
1437 | } | 1438 | } |
1438 | 1439 | ||
1440 | if (xfrm[i]->sel.family == AF_UNSPEC) { | ||
1441 | inner_mode = xfrm_ip2inner_mode(xfrm[i], | ||
1442 | xfrm_af2proto(family)); | ||
1443 | if (!inner_mode) { | ||
1444 | err = -EAFNOSUPPORT; | ||
1445 | dst_release(dst); | ||
1446 | goto put_states; | ||
1447 | } | ||
1448 | } else | ||
1449 | inner_mode = xfrm[i]->inner_mode; | ||
1450 | |||
1439 | if (!dst_prev) | 1451 | if (!dst_prev) |
1440 | dst0 = dst1; | 1452 | dst0 = dst1; |
1441 | else { | 1453 | else { |
@@ -1464,7 +1476,7 @@ static struct dst_entry *xfrm_bundle_create(struct xfrm_policy *policy, | |||
1464 | dst1->lastuse = now; | 1476 | dst1->lastuse = now; |
1465 | 1477 | ||
1466 | dst1->input = dst_discard; | 1478 | dst1->input = dst_discard; |
1467 | dst1->output = xfrm[i]->outer_mode->afinfo->output; | 1479 | dst1->output = inner_mode->afinfo->output; |
1468 | 1480 | ||
1469 | dst1->next = dst_prev; | 1481 | dst1->next = dst_prev; |
1470 | dst_prev = dst1; | 1482 | dst_prev = dst1; |
diff --git a/net/xfrm/xfrm_replay.c b/net/xfrm/xfrm_replay.c index f218385950ca..47f1b8638df9 100644 --- a/net/xfrm/xfrm_replay.c +++ b/net/xfrm/xfrm_replay.c | |||
@@ -532,9 +532,12 @@ int xfrm_init_replay(struct xfrm_state *x) | |||
532 | 532 | ||
533 | if (replay_esn) { | 533 | if (replay_esn) { |
534 | if (replay_esn->replay_window > | 534 | if (replay_esn->replay_window > |
535 | replay_esn->bmp_len * sizeof(__u32)) | 535 | replay_esn->bmp_len * sizeof(__u32) * 8) |
536 | return -EINVAL; | 536 | return -EINVAL; |
537 | 537 | ||
538 | if ((x->props.flags & XFRM_STATE_ESN) && replay_esn->replay_window == 0) | ||
539 | return -EINVAL; | ||
540 | |||
538 | if ((x->props.flags & XFRM_STATE_ESN) && x->replay_esn) | 541 | if ((x->props.flags & XFRM_STATE_ESN) && x->replay_esn) |
539 | x->repl = &xfrm_replay_esn; | 542 | x->repl = &xfrm_replay_esn; |
540 | else | 543 | else |
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c index 5d1d60d3ca83..c658cb3bc7c3 100644 --- a/net/xfrm/xfrm_user.c +++ b/net/xfrm/xfrm_user.c | |||
@@ -124,6 +124,9 @@ static inline int verify_replay(struct xfrm_usersa_info *p, | |||
124 | { | 124 | { |
125 | struct nlattr *rt = attrs[XFRMA_REPLAY_ESN_VAL]; | 125 | struct nlattr *rt = attrs[XFRMA_REPLAY_ESN_VAL]; |
126 | 126 | ||
127 | if ((p->flags & XFRM_STATE_ESN) && !rt) | ||
128 | return -EINVAL; | ||
129 | |||
127 | if (!rt) | 130 | if (!rt) |
128 | return 0; | 131 | return 0; |
129 | 132 | ||