aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorDavid S. Miller <davem@davemloft.net>2014-09-23 12:09:27 -0400
committerDavid S. Miller <davem@davemloft.net>2014-09-23 12:09:27 -0400
commit1f6d80358dc9bbbeb56cb43384fa11fd645d9289 (patch)
tree152bfa5165292a8e4f06d536b6d222a68480e573 /net
parenta2aeb02a8e6a9fef397c344245a54eeae67341f6 (diff)
parent98f75b8291a89ba6bf73e322ee467ce0bfeb91c1 (diff)
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Conflicts: arch/mips/net/bpf_jit.c drivers/net/can/flexcan.c Both the flexcan and MIPS bpf_jit conflicts were cases of simple overlapping changes. Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
-rw-r--r--net/bridge/br_private.h3
-rw-r--r--net/bridge/br_vlan.c16
-rw-r--r--net/ceph/auth_x.c256
-rw-r--r--net/ceph/mon_client.c8
-rw-r--r--net/core/dev.c18
-rw-r--r--net/core/sock.c2
-rw-r--r--net/ipv4/ip_tunnel.c6
-rw-r--r--net/ipv4/route.c6
-rw-r--r--net/ipv6/addrconf.c8
-rw-r--r--net/ipv6/anycast.c21
-rw-r--r--net/ipv6/ip6_output.c4
-rw-r--r--net/mac80211/sta_info.c2
-rw-r--r--net/openvswitch/datapath.c9
-rw-r--r--net/rfkill/rfkill-gpio.c1
-rw-r--r--net/rxrpc/ar-key.c2
-rw-r--r--net/sched/sch_choke.c18
-rw-r--r--net/socket.c3
-rw-r--r--net/wireless/nl80211.c6
-rw-r--r--net/xfrm/xfrm_policy.c48
19 files changed, 276 insertions, 161 deletions
diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h
index 62a7fa2e3569..b6c04cbcfdc5 100644
--- a/net/bridge/br_private.h
+++ b/net/bridge/br_private.h
@@ -309,6 +309,9 @@ struct br_input_skb_cb {
309 int igmp; 309 int igmp;
310 int mrouters_only; 310 int mrouters_only;
311#endif 311#endif
312#ifdef CONFIG_BRIDGE_VLAN_FILTERING
313 bool vlan_filtered;
314#endif
312}; 315};
313 316
314#define BR_INPUT_SKB_CB(__skb) ((struct br_input_skb_cb *)(__skb)->cb) 317#define BR_INPUT_SKB_CB(__skb) ((struct br_input_skb_cb *)(__skb)->cb)
diff --git a/net/bridge/br_vlan.c b/net/bridge/br_vlan.c
index e1bcd653899b..3ba57fcdcd13 100644
--- a/net/bridge/br_vlan.c
+++ b/net/bridge/br_vlan.c
@@ -27,9 +27,13 @@ static void __vlan_add_flags(struct net_port_vlans *v, u16 vid, u16 flags)
27{ 27{
28 if (flags & BRIDGE_VLAN_INFO_PVID) 28 if (flags & BRIDGE_VLAN_INFO_PVID)
29 __vlan_add_pvid(v, vid); 29 __vlan_add_pvid(v, vid);
30 else
31 __vlan_delete_pvid(v, vid);
30 32
31 if (flags & BRIDGE_VLAN_INFO_UNTAGGED) 33 if (flags & BRIDGE_VLAN_INFO_UNTAGGED)
32 set_bit(vid, v->untagged_bitmap); 34 set_bit(vid, v->untagged_bitmap);
35 else
36 clear_bit(vid, v->untagged_bitmap);
33} 37}
34 38
35static int __vlan_add(struct net_port_vlans *v, u16 vid, u16 flags) 39static int __vlan_add(struct net_port_vlans *v, u16 vid, u16 flags)
@@ -125,7 +129,8 @@ struct sk_buff *br_handle_vlan(struct net_bridge *br,
125{ 129{
126 u16 vid; 130 u16 vid;
127 131
128 if (!br->vlan_enabled) 132 /* If this packet was not filtered at input, let it pass */
133 if (!BR_INPUT_SKB_CB(skb)->vlan_filtered)
129 goto out; 134 goto out;
130 135
131 /* Vlan filter table must be configured at this point. The 136 /* Vlan filter table must be configured at this point. The
@@ -164,8 +169,10 @@ bool br_allowed_ingress(struct net_bridge *br, struct net_port_vlans *v,
164 /* If VLAN filtering is disabled on the bridge, all packets are 169 /* If VLAN filtering is disabled on the bridge, all packets are
165 * permitted. 170 * permitted.
166 */ 171 */
167 if (!br->vlan_enabled) 172 if (!br->vlan_enabled) {
173 BR_INPUT_SKB_CB(skb)->vlan_filtered = false;
168 return true; 174 return true;
175 }
169 176
170 /* If there are no vlan in the permitted list, all packets are 177 /* If there are no vlan in the permitted list, all packets are
171 * rejected. 178 * rejected.
@@ -173,6 +180,7 @@ bool br_allowed_ingress(struct net_bridge *br, struct net_port_vlans *v,
173 if (!v) 180 if (!v)
174 goto drop; 181 goto drop;
175 182
183 BR_INPUT_SKB_CB(skb)->vlan_filtered = true;
176 proto = br->vlan_proto; 184 proto = br->vlan_proto;
177 185
178 /* If vlan tx offload is disabled on bridge device and frame was 186 /* If vlan tx offload is disabled on bridge device and frame was
@@ -251,7 +259,8 @@ bool br_allowed_egress(struct net_bridge *br,
251{ 259{
252 u16 vid; 260 u16 vid;
253 261
254 if (!br->vlan_enabled) 262 /* If this packet was not filtered at input, let it pass */
263 if (!BR_INPUT_SKB_CB(skb)->vlan_filtered)
255 return true; 264 return true;
256 265
257 if (!v) 266 if (!v)
@@ -270,6 +279,7 @@ bool br_should_learn(struct net_bridge_port *p, struct sk_buff *skb, u16 *vid)
270 struct net_bridge *br = p->br; 279 struct net_bridge *br = p->br;
271 struct net_port_vlans *v; 280 struct net_port_vlans *v;
272 281
282 /* If filtering was disabled at input, let it pass. */
273 if (!br->vlan_enabled) 283 if (!br->vlan_enabled)
274 return true; 284 return true;
275 285
diff --git a/net/ceph/auth_x.c b/net/ceph/auth_x.c
index 96238ba95f2b..de6662b14e1f 100644
--- a/net/ceph/auth_x.c
+++ b/net/ceph/auth_x.c
@@ -13,8 +13,6 @@
13#include "auth_x.h" 13#include "auth_x.h"
14#include "auth_x_protocol.h" 14#include "auth_x_protocol.h"
15 15
16#define TEMP_TICKET_BUF_LEN 256
17
18static void ceph_x_validate_tickets(struct ceph_auth_client *ac, int *pneed); 16static void ceph_x_validate_tickets(struct ceph_auth_client *ac, int *pneed);
19 17
20static int ceph_x_is_authenticated(struct ceph_auth_client *ac) 18static int ceph_x_is_authenticated(struct ceph_auth_client *ac)
@@ -64,7 +62,7 @@ static int ceph_x_encrypt(struct ceph_crypto_key *secret,
64} 62}
65 63
66static int ceph_x_decrypt(struct ceph_crypto_key *secret, 64static int ceph_x_decrypt(struct ceph_crypto_key *secret,
67 void **p, void *end, void *obuf, size_t olen) 65 void **p, void *end, void **obuf, size_t olen)
68{ 66{
69 struct ceph_x_encrypt_header head; 67 struct ceph_x_encrypt_header head;
70 size_t head_len = sizeof(head); 68 size_t head_len = sizeof(head);
@@ -75,8 +73,14 @@ static int ceph_x_decrypt(struct ceph_crypto_key *secret,
75 return -EINVAL; 73 return -EINVAL;
76 74
77 dout("ceph_x_decrypt len %d\n", len); 75 dout("ceph_x_decrypt len %d\n", len);
78 ret = ceph_decrypt2(secret, &head, &head_len, obuf, &olen, 76 if (*obuf == NULL) {
79 *p, len); 77 *obuf = kmalloc(len, GFP_NOFS);
78 if (!*obuf)
79 return -ENOMEM;
80 olen = len;
81 }
82
83 ret = ceph_decrypt2(secret, &head, &head_len, *obuf, &olen, *p, len);
80 if (ret) 84 if (ret)
81 return ret; 85 return ret;
82 if (head.struct_v != 1 || le64_to_cpu(head.magic) != CEPHX_ENC_MAGIC) 86 if (head.struct_v != 1 || le64_to_cpu(head.magic) != CEPHX_ENC_MAGIC)
@@ -129,139 +133,120 @@ static void remove_ticket_handler(struct ceph_auth_client *ac,
129 kfree(th); 133 kfree(th);
130} 134}
131 135
132static int ceph_x_proc_ticket_reply(struct ceph_auth_client *ac, 136static int process_one_ticket(struct ceph_auth_client *ac,
133 struct ceph_crypto_key *secret, 137 struct ceph_crypto_key *secret,
134 void *buf, void *end) 138 void **p, void *end)
135{ 139{
136 struct ceph_x_info *xi = ac->private; 140 struct ceph_x_info *xi = ac->private;
137 int num; 141 int type;
138 void *p = buf; 142 u8 tkt_struct_v, blob_struct_v;
143 struct ceph_x_ticket_handler *th;
144 void *dbuf = NULL;
145 void *dp, *dend;
146 int dlen;
147 char is_enc;
148 struct timespec validity;
149 struct ceph_crypto_key old_key;
150 void *ticket_buf = NULL;
151 void *tp, *tpend;
152 struct ceph_timespec new_validity;
153 struct ceph_crypto_key new_session_key;
154 struct ceph_buffer *new_ticket_blob;
155 unsigned long new_expires, new_renew_after;
156 u64 new_secret_id;
139 int ret; 157 int ret;
140 char *dbuf;
141 char *ticket_buf;
142 u8 reply_struct_v;
143 158
144 dbuf = kmalloc(TEMP_TICKET_BUF_LEN, GFP_NOFS); 159 ceph_decode_need(p, end, sizeof(u32) + 1, bad);
145 if (!dbuf)
146 return -ENOMEM;
147 160
148 ret = -ENOMEM; 161 type = ceph_decode_32(p);
149 ticket_buf = kmalloc(TEMP_TICKET_BUF_LEN, GFP_NOFS); 162 dout(" ticket type %d %s\n", type, ceph_entity_type_name(type));
150 if (!ticket_buf)
151 goto out_dbuf;
152 163
153 ceph_decode_need(&p, end, 1 + sizeof(u32), bad); 164 tkt_struct_v = ceph_decode_8(p);
154 reply_struct_v = ceph_decode_8(&p); 165 if (tkt_struct_v != 1)
155 if (reply_struct_v != 1)
156 goto bad; 166 goto bad;
157 num = ceph_decode_32(&p);
158 dout("%d tickets\n", num);
159 while (num--) {
160 int type;
161 u8 tkt_struct_v, blob_struct_v;
162 struct ceph_x_ticket_handler *th;
163 void *dp, *dend;
164 int dlen;
165 char is_enc;
166 struct timespec validity;
167 struct ceph_crypto_key old_key;
168 void *tp, *tpend;
169 struct ceph_timespec new_validity;
170 struct ceph_crypto_key new_session_key;
171 struct ceph_buffer *new_ticket_blob;
172 unsigned long new_expires, new_renew_after;
173 u64 new_secret_id;
174
175 ceph_decode_need(&p, end, sizeof(u32) + 1, bad);
176
177 type = ceph_decode_32(&p);
178 dout(" ticket type %d %s\n", type, ceph_entity_type_name(type));
179
180 tkt_struct_v = ceph_decode_8(&p);
181 if (tkt_struct_v != 1)
182 goto bad;
183
184 th = get_ticket_handler(ac, type);
185 if (IS_ERR(th)) {
186 ret = PTR_ERR(th);
187 goto out;
188 }
189 167
190 /* blob for me */ 168 th = get_ticket_handler(ac, type);
191 dlen = ceph_x_decrypt(secret, &p, end, dbuf, 169 if (IS_ERR(th)) {
192 TEMP_TICKET_BUF_LEN); 170 ret = PTR_ERR(th);
193 if (dlen <= 0) { 171 goto out;
194 ret = dlen; 172 }
195 goto out;
196 }
197 dout(" decrypted %d bytes\n", dlen);
198 dend = dbuf + dlen;
199 dp = dbuf;
200 173
201 tkt_struct_v = ceph_decode_8(&dp); 174 /* blob for me */
202 if (tkt_struct_v != 1) 175 dlen = ceph_x_decrypt(secret, p, end, &dbuf, 0);
203 goto bad; 176 if (dlen <= 0) {
177 ret = dlen;
178 goto out;
179 }
180 dout(" decrypted %d bytes\n", dlen);
181 dp = dbuf;
182 dend = dp + dlen;
204 183
205 memcpy(&old_key, &th->session_key, sizeof(old_key)); 184 tkt_struct_v = ceph_decode_8(&dp);
206 ret = ceph_crypto_key_decode(&new_session_key, &dp, dend); 185 if (tkt_struct_v != 1)
207 if (ret) 186 goto bad;
208 goto out;
209 187
210 ceph_decode_copy(&dp, &new_validity, sizeof(new_validity)); 188 memcpy(&old_key, &th->session_key, sizeof(old_key));
211 ceph_decode_timespec(&validity, &new_validity); 189 ret = ceph_crypto_key_decode(&new_session_key, &dp, dend);
212 new_expires = get_seconds() + validity.tv_sec; 190 if (ret)
213 new_renew_after = new_expires - (validity.tv_sec / 4); 191 goto out;
214 dout(" expires=%lu renew_after=%lu\n", new_expires,
215 new_renew_after);
216 192
217 /* ticket blob for service */ 193 ceph_decode_copy(&dp, &new_validity, sizeof(new_validity));
218 ceph_decode_8_safe(&p, end, is_enc, bad); 194 ceph_decode_timespec(&validity, &new_validity);
219 tp = ticket_buf; 195 new_expires = get_seconds() + validity.tv_sec;
220 if (is_enc) { 196 new_renew_after = new_expires - (validity.tv_sec / 4);
221 /* encrypted */ 197 dout(" expires=%lu renew_after=%lu\n", new_expires,
222 dout(" encrypted ticket\n"); 198 new_renew_after);
223 dlen = ceph_x_decrypt(&old_key, &p, end, ticket_buf, 199
224 TEMP_TICKET_BUF_LEN); 200 /* ticket blob for service */
225 if (dlen < 0) { 201 ceph_decode_8_safe(p, end, is_enc, bad);
226 ret = dlen; 202 if (is_enc) {
227 goto out; 203 /* encrypted */
228 } 204 dout(" encrypted ticket\n");
229 dlen = ceph_decode_32(&tp); 205 dlen = ceph_x_decrypt(&old_key, p, end, &ticket_buf, 0);
230 } else { 206 if (dlen < 0) {
231 /* unencrypted */ 207 ret = dlen;
232 ceph_decode_32_safe(&p, end, dlen, bad); 208 goto out;
233 ceph_decode_need(&p, end, dlen, bad);
234 ceph_decode_copy(&p, ticket_buf, dlen);
235 } 209 }
236 tpend = tp + dlen; 210 tp = ticket_buf;
237 dout(" ticket blob is %d bytes\n", dlen); 211 dlen = ceph_decode_32(&tp);
238 ceph_decode_need(&tp, tpend, 1 + sizeof(u64), bad); 212 } else {
239 blob_struct_v = ceph_decode_8(&tp); 213 /* unencrypted */
240 new_secret_id = ceph_decode_64(&tp); 214 ceph_decode_32_safe(p, end, dlen, bad);
241 ret = ceph_decode_buffer(&new_ticket_blob, &tp, tpend); 215 ticket_buf = kmalloc(dlen, GFP_NOFS);
242 if (ret) 216 if (!ticket_buf) {
217 ret = -ENOMEM;
243 goto out; 218 goto out;
244 219 }
245 /* all is well, update our ticket */ 220 tp = ticket_buf;
246 ceph_crypto_key_destroy(&th->session_key); 221 ceph_decode_need(p, end, dlen, bad);
247 if (th->ticket_blob) 222 ceph_decode_copy(p, ticket_buf, dlen);
248 ceph_buffer_put(th->ticket_blob);
249 th->session_key = new_session_key;
250 th->ticket_blob = new_ticket_blob;
251 th->validity = new_validity;
252 th->secret_id = new_secret_id;
253 th->expires = new_expires;
254 th->renew_after = new_renew_after;
255 dout(" got ticket service %d (%s) secret_id %lld len %d\n",
256 type, ceph_entity_type_name(type), th->secret_id,
257 (int)th->ticket_blob->vec.iov_len);
258 xi->have_keys |= th->service;
259 } 223 }
224 tpend = tp + dlen;
225 dout(" ticket blob is %d bytes\n", dlen);
226 ceph_decode_need(&tp, tpend, 1 + sizeof(u64), bad);
227 blob_struct_v = ceph_decode_8(&tp);
228 new_secret_id = ceph_decode_64(&tp);
229 ret = ceph_decode_buffer(&new_ticket_blob, &tp, tpend);
230 if (ret)
231 goto out;
232
233 /* all is well, update our ticket */
234 ceph_crypto_key_destroy(&th->session_key);
235 if (th->ticket_blob)
236 ceph_buffer_put(th->ticket_blob);
237 th->session_key = new_session_key;
238 th->ticket_blob = new_ticket_blob;
239 th->validity = new_validity;
240 th->secret_id = new_secret_id;
241 th->expires = new_expires;
242 th->renew_after = new_renew_after;
243 dout(" got ticket service %d (%s) secret_id %lld len %d\n",
244 type, ceph_entity_type_name(type), th->secret_id,
245 (int)th->ticket_blob->vec.iov_len);
246 xi->have_keys |= th->service;
260 247
261 ret = 0;
262out: 248out:
263 kfree(ticket_buf); 249 kfree(ticket_buf);
264out_dbuf:
265 kfree(dbuf); 250 kfree(dbuf);
266 return ret; 251 return ret;
267 252
@@ -270,6 +255,34 @@ bad:
270 goto out; 255 goto out;
271} 256}
272 257
258static int ceph_x_proc_ticket_reply(struct ceph_auth_client *ac,
259 struct ceph_crypto_key *secret,
260 void *buf, void *end)
261{
262 void *p = buf;
263 u8 reply_struct_v;
264 u32 num;
265 int ret;
266
267 ceph_decode_8_safe(&p, end, reply_struct_v, bad);
268 if (reply_struct_v != 1)
269 return -EINVAL;
270
271 ceph_decode_32_safe(&p, end, num, bad);
272 dout("%d tickets\n", num);
273
274 while (num--) {
275 ret = process_one_ticket(ac, secret, &p, end);
276 if (ret)
277 return ret;
278 }
279
280 return 0;
281
282bad:
283 return -EINVAL;
284}
285
273static int ceph_x_build_authorizer(struct ceph_auth_client *ac, 286static int ceph_x_build_authorizer(struct ceph_auth_client *ac,
274 struct ceph_x_ticket_handler *th, 287 struct ceph_x_ticket_handler *th,
275 struct ceph_x_authorizer *au) 288 struct ceph_x_authorizer *au)
@@ -583,13 +596,14 @@ static int ceph_x_verify_authorizer_reply(struct ceph_auth_client *ac,
583 struct ceph_x_ticket_handler *th; 596 struct ceph_x_ticket_handler *th;
584 int ret = 0; 597 int ret = 0;
585 struct ceph_x_authorize_reply reply; 598 struct ceph_x_authorize_reply reply;
599 void *preply = &reply;
586 void *p = au->reply_buf; 600 void *p = au->reply_buf;
587 void *end = p + sizeof(au->reply_buf); 601 void *end = p + sizeof(au->reply_buf);
588 602
589 th = get_ticket_handler(ac, au->service); 603 th = get_ticket_handler(ac, au->service);
590 if (IS_ERR(th)) 604 if (IS_ERR(th))
591 return PTR_ERR(th); 605 return PTR_ERR(th);
592 ret = ceph_x_decrypt(&th->session_key, &p, end, &reply, sizeof(reply)); 606 ret = ceph_x_decrypt(&th->session_key, &p, end, &preply, sizeof(reply));
593 if (ret < 0) 607 if (ret < 0)
594 return ret; 608 return ret;
595 if (ret != sizeof(reply)) 609 if (ret != sizeof(reply))
diff --git a/net/ceph/mon_client.c b/net/ceph/mon_client.c
index 067d3af2eaf6..61fcfc304f68 100644
--- a/net/ceph/mon_client.c
+++ b/net/ceph/mon_client.c
@@ -1181,7 +1181,15 @@ static struct ceph_msg *mon_alloc_msg(struct ceph_connection *con,
1181 if (!m) { 1181 if (!m) {
1182 pr_info("alloc_msg unknown type %d\n", type); 1182 pr_info("alloc_msg unknown type %d\n", type);
1183 *skip = 1; 1183 *skip = 1;
1184 } else if (front_len > m->front_alloc_len) {
1185 pr_warning("mon_alloc_msg front %d > prealloc %d (%u#%llu)\n",
1186 front_len, m->front_alloc_len,
1187 (unsigned int)con->peer_name.type,
1188 le64_to_cpu(con->peer_name.num));
1189 ceph_msg_put(m);
1190 m = ceph_msg_new(type, front_len, GFP_NOFS, false);
1184 } 1191 }
1192
1185 return m; 1193 return m;
1186} 1194}
1187 1195
diff --git a/net/core/dev.c b/net/core/dev.c
index 52cd71a4a343..db0388607329 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -4865,9 +4865,14 @@ static void netdev_adjacent_sysfs_del(struct net_device *dev,
4865 sysfs_remove_link(&(dev->dev.kobj), linkname); 4865 sysfs_remove_link(&(dev->dev.kobj), linkname);
4866} 4866}
4867 4867
4868#define netdev_adjacent_is_neigh_list(dev, dev_list) \ 4868static inline bool netdev_adjacent_is_neigh_list(struct net_device *dev,
4869 (dev_list == &dev->adj_list.upper || \ 4869 struct net_device *adj_dev,
4870 dev_list == &dev->adj_list.lower) 4870 struct list_head *dev_list)
4871{
4872 return (dev_list == &dev->adj_list.upper ||
4873 dev_list == &dev->adj_list.lower) &&
4874 net_eq(dev_net(dev), dev_net(adj_dev));
4875}
4871 4876
4872static int __netdev_adjacent_dev_insert(struct net_device *dev, 4877static int __netdev_adjacent_dev_insert(struct net_device *dev,
4873 struct net_device *adj_dev, 4878 struct net_device *adj_dev,
@@ -4897,7 +4902,7 @@ static int __netdev_adjacent_dev_insert(struct net_device *dev,
4897 pr_debug("dev_hold for %s, because of link added from %s to %s\n", 4902 pr_debug("dev_hold for %s, because of link added from %s to %s\n",
4898 adj_dev->name, dev->name, adj_dev->name); 4903 adj_dev->name, dev->name, adj_dev->name);
4899 4904
4900 if (netdev_adjacent_is_neigh_list(dev, dev_list)) { 4905 if (netdev_adjacent_is_neigh_list(dev, adj_dev, dev_list)) {
4901 ret = netdev_adjacent_sysfs_add(dev, adj_dev, dev_list); 4906 ret = netdev_adjacent_sysfs_add(dev, adj_dev, dev_list);
4902 if (ret) 4907 if (ret)
4903 goto free_adj; 4908 goto free_adj;
@@ -4918,7 +4923,7 @@ static int __netdev_adjacent_dev_insert(struct net_device *dev,
4918 return 0; 4923 return 0;
4919 4924
4920remove_symlinks: 4925remove_symlinks:
4921 if (netdev_adjacent_is_neigh_list(dev, dev_list)) 4926 if (netdev_adjacent_is_neigh_list(dev, adj_dev, dev_list))
4922 netdev_adjacent_sysfs_del(dev, adj_dev->name, dev_list); 4927 netdev_adjacent_sysfs_del(dev, adj_dev->name, dev_list);
4923free_adj: 4928free_adj:
4924 kfree(adj); 4929 kfree(adj);
@@ -4951,8 +4956,7 @@ static void __netdev_adjacent_dev_remove(struct net_device *dev,
4951 if (adj->master) 4956 if (adj->master)
4952 sysfs_remove_link(&(dev->dev.kobj), "master"); 4957 sysfs_remove_link(&(dev->dev.kobj), "master");
4953 4958
4954 if (netdev_adjacent_is_neigh_list(dev, dev_list) && 4959 if (netdev_adjacent_is_neigh_list(dev, adj_dev, dev_list))
4955 net_eq(dev_net(dev),dev_net(adj_dev)))
4956 netdev_adjacent_sysfs_del(dev, adj_dev->name, dev_list); 4960 netdev_adjacent_sysfs_del(dev, adj_dev->name, dev_list);
4957 4961
4958 list_del_rcu(&adj->list); 4962 list_del_rcu(&adj->list);
diff --git a/net/core/sock.c b/net/core/sock.c
index de887c45c63b..e5ad7d31c3c2 100644
--- a/net/core/sock.c
+++ b/net/core/sock.c
@@ -1816,7 +1816,7 @@ EXPORT_SYMBOL(sock_alloc_send_skb);
1816 * skb_page_frag_refill - check that a page_frag contains enough room 1816 * skb_page_frag_refill - check that a page_frag contains enough room
1817 * @sz: minimum size of the fragment we want to get 1817 * @sz: minimum size of the fragment we want to get
1818 * @pfrag: pointer to page_frag 1818 * @pfrag: pointer to page_frag
1819 * @prio: priority for memory allocation 1819 * @gfp: priority for memory allocation
1820 * 1820 *
1821 * Note: While this allocator tries to use high order pages, there is 1821 * Note: While this allocator tries to use high order pages, there is
1822 * no guarantee that allocations succeed. Therefore, @sz MUST be 1822 * no guarantee that allocations succeed. Therefore, @sz MUST be
diff --git a/net/ipv4/ip_tunnel.c b/net/ipv4/ip_tunnel.c
index e3a3dc91e49c..b75b47b0a223 100644
--- a/net/ipv4/ip_tunnel.c
+++ b/net/ipv4/ip_tunnel.c
@@ -80,10 +80,10 @@ static void __tunnel_dst_set(struct ip_tunnel_dst *idst,
80 idst->saddr = saddr; 80 idst->saddr = saddr;
81} 81}
82 82
83static void tunnel_dst_set(struct ip_tunnel *t, 83static noinline void tunnel_dst_set(struct ip_tunnel *t,
84 struct dst_entry *dst, __be32 saddr) 84 struct dst_entry *dst, __be32 saddr)
85{ 85{
86 __tunnel_dst_set(this_cpu_ptr(t->dst_cache), dst, saddr); 86 __tunnel_dst_set(raw_cpu_ptr(t->dst_cache), dst, saddr);
87} 87}
88 88
89static void tunnel_dst_reset(struct ip_tunnel *t) 89static void tunnel_dst_reset(struct ip_tunnel *t)
@@ -107,7 +107,7 @@ static struct rtable *tunnel_rtable_get(struct ip_tunnel *t,
107 struct dst_entry *dst; 107 struct dst_entry *dst;
108 108
109 rcu_read_lock(); 109 rcu_read_lock();
110 idst = this_cpu_ptr(t->dst_cache); 110 idst = raw_cpu_ptr(t->dst_cache);
111 dst = rcu_dereference(idst->dst); 111 dst = rcu_dereference(idst->dst);
112 if (dst && !atomic_inc_not_zero(&dst->__refcnt)) 112 if (dst && !atomic_inc_not_zero(&dst->__refcnt))
113 dst = NULL; 113 dst = NULL;
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index 234a43e233dc..d4bd68dcdc39 100644
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -2265,9 +2265,9 @@ struct rtable *ip_route_output_flow(struct net *net, struct flowi4 *flp4,
2265 return rt; 2265 return rt;
2266 2266
2267 if (flp4->flowi4_proto) 2267 if (flp4->flowi4_proto)
2268 rt = (struct rtable *) xfrm_lookup(net, &rt->dst, 2268 rt = (struct rtable *)xfrm_lookup_route(net, &rt->dst,
2269 flowi4_to_flowi(flp4), 2269 flowi4_to_flowi(flp4),
2270 sk, 0); 2270 sk, 0);
2271 2271
2272 return rt; 2272 return rt;
2273} 2273}
diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
index 39d33355d7e8..e189480f8fd6 100644
--- a/net/ipv6/addrconf.c
+++ b/net/ipv6/addrconf.c
@@ -3097,11 +3097,13 @@ restart:
3097 3097
3098 write_unlock_bh(&idev->lock); 3098 write_unlock_bh(&idev->lock);
3099 3099
3100 /* Step 5: Discard multicast list */ 3100 /* Step 5: Discard anycast and multicast list */
3101 if (how) 3101 if (how) {
3102 ipv6_ac_destroy_dev(idev);
3102 ipv6_mc_destroy_dev(idev); 3103 ipv6_mc_destroy_dev(idev);
3103 else 3104 } else {
3104 ipv6_mc_down(idev); 3105 ipv6_mc_down(idev);
3106 }
3105 3107
3106 idev->tstamp = jiffies; 3108 idev->tstamp = jiffies;
3107 3109
diff --git a/net/ipv6/anycast.c b/net/ipv6/anycast.c
index 952c1fd06150..f5e319a8d4e2 100644
--- a/net/ipv6/anycast.c
+++ b/net/ipv6/anycast.c
@@ -345,6 +345,27 @@ static int ipv6_dev_ac_dec(struct net_device *dev, const struct in6_addr *addr)
345 return __ipv6_dev_ac_dec(idev, addr); 345 return __ipv6_dev_ac_dec(idev, addr);
346} 346}
347 347
348void ipv6_ac_destroy_dev(struct inet6_dev *idev)
349{
350 struct ifacaddr6 *aca;
351
352 write_lock_bh(&idev->lock);
353 while ((aca = idev->ac_list) != NULL) {
354 idev->ac_list = aca->aca_next;
355 write_unlock_bh(&idev->lock);
356
357 addrconf_leave_solict(idev, &aca->aca_addr);
358
359 dst_hold(&aca->aca_rt->dst);
360 ip6_del_rt(aca->aca_rt);
361
362 aca_put(aca);
363
364 write_lock_bh(&idev->lock);
365 }
366 write_unlock_bh(&idev->lock);
367}
368
348/* 369/*
349 * check if the interface has this anycast address 370 * check if the interface has this anycast address
350 * called with rcu_read_lock() 371 * called with rcu_read_lock()
diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c
index 2e6a0dbf7fb3..8e950c250ada 100644
--- a/net/ipv6/ip6_output.c
+++ b/net/ipv6/ip6_output.c
@@ -1004,7 +1004,7 @@ struct dst_entry *ip6_dst_lookup_flow(struct sock *sk, struct flowi6 *fl6,
1004 if (final_dst) 1004 if (final_dst)
1005 fl6->daddr = *final_dst; 1005 fl6->daddr = *final_dst;
1006 1006
1007 return xfrm_lookup(sock_net(sk), dst, flowi6_to_flowi(fl6), sk, 0); 1007 return xfrm_lookup_route(sock_net(sk), dst, flowi6_to_flowi(fl6), sk, 0);
1008} 1008}
1009EXPORT_SYMBOL_GPL(ip6_dst_lookup_flow); 1009EXPORT_SYMBOL_GPL(ip6_dst_lookup_flow);
1010 1010
@@ -1036,7 +1036,7 @@ struct dst_entry *ip6_sk_dst_lookup_flow(struct sock *sk, struct flowi6 *fl6,
1036 if (final_dst) 1036 if (final_dst)
1037 fl6->daddr = *final_dst; 1037 fl6->daddr = *final_dst;
1038 1038
1039 return xfrm_lookup(sock_net(sk), dst, flowi6_to_flowi(fl6), sk, 0); 1039 return xfrm_lookup_route(sock_net(sk), dst, flowi6_to_flowi(fl6), sk, 0);
1040} 1040}
1041EXPORT_SYMBOL_GPL(ip6_sk_dst_lookup_flow); 1041EXPORT_SYMBOL_GPL(ip6_sk_dst_lookup_flow);
1042 1042
diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c
index 730030542024..4dd3badab259 100644
--- a/net/mac80211/sta_info.c
+++ b/net/mac80211/sta_info.c
@@ -1822,7 +1822,7 @@ void sta_set_sinfo(struct sta_info *sta, struct station_info *sinfo)
1822 sinfo->bss_param.flags |= BSS_PARAM_FLAGS_SHORT_PREAMBLE; 1822 sinfo->bss_param.flags |= BSS_PARAM_FLAGS_SHORT_PREAMBLE;
1823 if (sdata->vif.bss_conf.use_short_slot) 1823 if (sdata->vif.bss_conf.use_short_slot)
1824 sinfo->bss_param.flags |= BSS_PARAM_FLAGS_SHORT_SLOT_TIME; 1824 sinfo->bss_param.flags |= BSS_PARAM_FLAGS_SHORT_SLOT_TIME;
1825 sinfo->bss_param.dtim_period = sdata->local->hw.conf.ps_dtim_period; 1825 sinfo->bss_param.dtim_period = sdata->vif.bss_conf.dtim_period;
1826 sinfo->bss_param.beacon_interval = sdata->vif.bss_conf.beacon_int; 1826 sinfo->bss_param.beacon_interval = sdata->vif.bss_conf.beacon_int;
1827 1827
1828 sinfo->sta_flags.set = 0; 1828 sinfo->sta_flags.set = 0;
diff --git a/net/openvswitch/datapath.c b/net/openvswitch/datapath.c
index 16cad14fa81e..9e3a2fae6a8f 100644
--- a/net/openvswitch/datapath.c
+++ b/net/openvswitch/datapath.c
@@ -78,11 +78,12 @@ static const struct genl_multicast_group ovs_dp_vport_multicast_group = {
78 78
79/* Check if need to build a reply message. 79/* Check if need to build a reply message.
80 * OVS userspace sets the NLM_F_ECHO flag if it needs the reply. */ 80 * OVS userspace sets the NLM_F_ECHO flag if it needs the reply. */
81static bool ovs_must_notify(struct genl_info *info, 81static bool ovs_must_notify(struct genl_family *family, struct genl_info *info,
82 const struct genl_multicast_group *grp) 82 unsigned int group)
83{ 83{
84 return info->nlhdr->nlmsg_flags & NLM_F_ECHO || 84 return info->nlhdr->nlmsg_flags & NLM_F_ECHO ||
85 netlink_has_listeners(genl_info_net(info)->genl_sock, 0); 85 genl_has_listeners(family, genl_info_net(info)->genl_sock,
86 group);
86} 87}
87 88
88static void ovs_notify(struct genl_family *family, 89static void ovs_notify(struct genl_family *family,
@@ -762,7 +763,7 @@ static struct sk_buff *ovs_flow_cmd_alloc_info(const struct sw_flow_actions *act
762{ 763{
763 struct sk_buff *skb; 764 struct sk_buff *skb;
764 765
765 if (!always && !ovs_must_notify(info, &ovs_dp_flow_multicast_group)) 766 if (!always && !ovs_must_notify(&dp_flow_genl_family, info, 0))
766 return NULL; 767 return NULL;
767 768
768 skb = genlmsg_new_unicast(ovs_flow_cmd_msg_size(acts), info, GFP_KERNEL); 769 skb = genlmsg_new_unicast(ovs_flow_cmd_msg_size(acts), info, GFP_KERNEL);
diff --git a/net/rfkill/rfkill-gpio.c b/net/rfkill/rfkill-gpio.c
index 02a86a27fd84..5fa54dd78e25 100644
--- a/net/rfkill/rfkill-gpio.c
+++ b/net/rfkill/rfkill-gpio.c
@@ -163,6 +163,7 @@ static const struct acpi_device_id rfkill_acpi_match[] = {
163 { "LNV4752", RFKILL_TYPE_GPS }, 163 { "LNV4752", RFKILL_TYPE_GPS },
164 { }, 164 { },
165}; 165};
166MODULE_DEVICE_TABLE(acpi, rfkill_acpi_match);
166#endif 167#endif
167 168
168static struct platform_driver rfkill_gpio_driver = { 169static struct platform_driver rfkill_gpio_driver = {
diff --git a/net/rxrpc/ar-key.c b/net/rxrpc/ar-key.c
index b45d080e64a7..1b24191167f1 100644
--- a/net/rxrpc/ar-key.c
+++ b/net/rxrpc/ar-key.c
@@ -1143,7 +1143,7 @@ static long rxrpc_read(const struct key *key,
1143 if (copy_to_user(xdr, (s), _l) != 0) \ 1143 if (copy_to_user(xdr, (s), _l) != 0) \
1144 goto fault; \ 1144 goto fault; \
1145 if (_l & 3 && \ 1145 if (_l & 3 && \
1146 copy_to_user((u8 *)xdr + _l, &zero, 4 - (_l & 3)) != 0) \ 1146 copy_to_user((u8 __user *)xdr + _l, &zero, 4 - (_l & 3)) != 0) \
1147 goto fault; \ 1147 goto fault; \
1148 xdr += (_l + 3) >> 2; \ 1148 xdr += (_l + 3) >> 2; \
1149 } while(0) 1149 } while(0)
diff --git a/net/sched/sch_choke.c b/net/sched/sch_choke.c
index 74813e6b6ff6..8abc2625c3a1 100644
--- a/net/sched/sch_choke.c
+++ b/net/sched/sch_choke.c
@@ -133,10 +133,16 @@ static void choke_drop_by_idx(struct Qdisc *sch, unsigned int idx)
133 --sch->q.qlen; 133 --sch->q.qlen;
134} 134}
135 135
136/* private part of skb->cb[] that a qdisc is allowed to use
137 * is limited to QDISC_CB_PRIV_LEN bytes.
138 * As a flow key might be too large, we store a part of it only.
139 */
140#define CHOKE_K_LEN min_t(u32, sizeof(struct flow_keys), QDISC_CB_PRIV_LEN - 3)
141
136struct choke_skb_cb { 142struct choke_skb_cb {
137 u16 classid; 143 u16 classid;
138 u8 keys_valid; 144 u8 keys_valid;
139 struct flow_keys keys; 145 u8 keys[QDISC_CB_PRIV_LEN - 3];
140}; 146};
141 147
142static inline struct choke_skb_cb *choke_skb_cb(const struct sk_buff *skb) 148static inline struct choke_skb_cb *choke_skb_cb(const struct sk_buff *skb)
@@ -163,22 +169,26 @@ static u16 choke_get_classid(const struct sk_buff *skb)
163static bool choke_match_flow(struct sk_buff *skb1, 169static bool choke_match_flow(struct sk_buff *skb1,
164 struct sk_buff *skb2) 170 struct sk_buff *skb2)
165{ 171{
172 struct flow_keys temp;
173
166 if (skb1->protocol != skb2->protocol) 174 if (skb1->protocol != skb2->protocol)
167 return false; 175 return false;
168 176
169 if (!choke_skb_cb(skb1)->keys_valid) { 177 if (!choke_skb_cb(skb1)->keys_valid) {
170 choke_skb_cb(skb1)->keys_valid = 1; 178 choke_skb_cb(skb1)->keys_valid = 1;
171 skb_flow_dissect(skb1, &choke_skb_cb(skb1)->keys); 179 skb_flow_dissect(skb1, &temp);
180 memcpy(&choke_skb_cb(skb1)->keys, &temp, CHOKE_K_LEN);
172 } 181 }
173 182
174 if (!choke_skb_cb(skb2)->keys_valid) { 183 if (!choke_skb_cb(skb2)->keys_valid) {
175 choke_skb_cb(skb2)->keys_valid = 1; 184 choke_skb_cb(skb2)->keys_valid = 1;
176 skb_flow_dissect(skb2, &choke_skb_cb(skb2)->keys); 185 skb_flow_dissect(skb2, &temp);
186 memcpy(&choke_skb_cb(skb2)->keys, &temp, CHOKE_K_LEN);
177 } 187 }
178 188
179 return !memcmp(&choke_skb_cb(skb1)->keys, 189 return !memcmp(&choke_skb_cb(skb1)->keys,
180 &choke_skb_cb(skb2)->keys, 190 &choke_skb_cb(skb2)->keys,
181 sizeof(struct flow_keys)); 191 CHOKE_K_LEN);
182} 192}
183 193
184/* 194/*
diff --git a/net/socket.c b/net/socket.c
index d40f522541aa..ffd9cb46902b 100644
--- a/net/socket.c
+++ b/net/socket.c
@@ -1993,6 +1993,9 @@ static int copy_msghdr_from_user(struct msghdr *kmsg,
1993 if (copy_from_user(kmsg, umsg, sizeof(struct msghdr))) 1993 if (copy_from_user(kmsg, umsg, sizeof(struct msghdr)))
1994 return -EFAULT; 1994 return -EFAULT;
1995 1995
1996 if (kmsg->msg_name == NULL)
1997 kmsg->msg_namelen = 0;
1998
1996 if (kmsg->msg_namelen < 0) 1999 if (kmsg->msg_namelen < 0)
1997 return -EINVAL; 2000 return -EINVAL;
1998 2001
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index 3011401f52c0..233c54e45092 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -6977,6 +6977,9 @@ void __cfg80211_send_event_skb(struct sk_buff *skb, gfp_t gfp)
6977 struct nlattr *data = ((void **)skb->cb)[2]; 6977 struct nlattr *data = ((void **)skb->cb)[2];
6978 enum nl80211_multicast_groups mcgrp = NL80211_MCGRP_TESTMODE; 6978 enum nl80211_multicast_groups mcgrp = NL80211_MCGRP_TESTMODE;
6979 6979
6980 /* clear CB data for netlink core to own from now on */
6981 memset(skb->cb, 0, sizeof(skb->cb));
6982
6980 nla_nest_end(skb, data); 6983 nla_nest_end(skb, data);
6981 genlmsg_end(skb, hdr); 6984 genlmsg_end(skb, hdr);
6982 6985
@@ -9302,6 +9305,9 @@ int cfg80211_vendor_cmd_reply(struct sk_buff *skb)
9302 void *hdr = ((void **)skb->cb)[1]; 9305 void *hdr = ((void **)skb->cb)[1];
9303 struct nlattr *data = ((void **)skb->cb)[2]; 9306 struct nlattr *data = ((void **)skb->cb)[2];
9304 9307
9308 /* clear CB data for netlink core to own from now on */
9309 memset(skb->cb, 0, sizeof(skb->cb));
9310
9305 if (WARN_ON(!rdev->cur_cmd_info)) { 9311 if (WARN_ON(!rdev->cur_cmd_info)) {
9306 kfree_skb(skb); 9312 kfree_skb(skb);
9307 return -EINVAL; 9313 return -EINVAL;
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index beeed602aeb3..fdde51f4271a 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -39,6 +39,11 @@
39#define XFRM_QUEUE_TMO_MAX ((unsigned)(60*HZ)) 39#define XFRM_QUEUE_TMO_MAX ((unsigned)(60*HZ))
40#define XFRM_MAX_QUEUE_LEN 100 40#define XFRM_MAX_QUEUE_LEN 100
41 41
42struct xfrm_flo {
43 struct dst_entry *dst_orig;
44 u8 flags;
45};
46
42static DEFINE_SPINLOCK(xfrm_policy_afinfo_lock); 47static DEFINE_SPINLOCK(xfrm_policy_afinfo_lock);
43static struct xfrm_policy_afinfo __rcu *xfrm_policy_afinfo[NPROTO] 48static struct xfrm_policy_afinfo __rcu *xfrm_policy_afinfo[NPROTO]
44 __read_mostly; 49 __read_mostly;
@@ -1877,13 +1882,14 @@ static int xdst_queue_output(struct sock *sk, struct sk_buff *skb)
1877} 1882}
1878 1883
1879static struct xfrm_dst *xfrm_create_dummy_bundle(struct net *net, 1884static struct xfrm_dst *xfrm_create_dummy_bundle(struct net *net,
1880 struct dst_entry *dst, 1885 struct xfrm_flo *xflo,
1881 const struct flowi *fl, 1886 const struct flowi *fl,
1882 int num_xfrms, 1887 int num_xfrms,
1883 u16 family) 1888 u16 family)
1884{ 1889{
1885 int err; 1890 int err;
1886 struct net_device *dev; 1891 struct net_device *dev;
1892 struct dst_entry *dst;
1887 struct dst_entry *dst1; 1893 struct dst_entry *dst1;
1888 struct xfrm_dst *xdst; 1894 struct xfrm_dst *xdst;
1889 1895
@@ -1891,9 +1897,12 @@ static struct xfrm_dst *xfrm_create_dummy_bundle(struct net *net,
1891 if (IS_ERR(xdst)) 1897 if (IS_ERR(xdst))
1892 return xdst; 1898 return xdst;
1893 1899
1894 if (net->xfrm.sysctl_larval_drop || num_xfrms <= 0) 1900 if (!(xflo->flags & XFRM_LOOKUP_QUEUE) ||
1901 net->xfrm.sysctl_larval_drop ||
1902 num_xfrms <= 0)
1895 return xdst; 1903 return xdst;
1896 1904
1905 dst = xflo->dst_orig;
1897 dst1 = &xdst->u.dst; 1906 dst1 = &xdst->u.dst;
1898 dst_hold(dst); 1907 dst_hold(dst);
1899 xdst->route = dst; 1908 xdst->route = dst;
@@ -1935,7 +1944,7 @@ static struct flow_cache_object *
1935xfrm_bundle_lookup(struct net *net, const struct flowi *fl, u16 family, u8 dir, 1944xfrm_bundle_lookup(struct net *net, const struct flowi *fl, u16 family, u8 dir,
1936 struct flow_cache_object *oldflo, void *ctx) 1945 struct flow_cache_object *oldflo, void *ctx)
1937{ 1946{
1938 struct dst_entry *dst_orig = (struct dst_entry *)ctx; 1947 struct xfrm_flo *xflo = (struct xfrm_flo *)ctx;
1939 struct xfrm_policy *pols[XFRM_POLICY_TYPE_MAX]; 1948 struct xfrm_policy *pols[XFRM_POLICY_TYPE_MAX];
1940 struct xfrm_dst *xdst, *new_xdst; 1949 struct xfrm_dst *xdst, *new_xdst;
1941 int num_pols = 0, num_xfrms = 0, i, err, pol_dead; 1950 int num_pols = 0, num_xfrms = 0, i, err, pol_dead;
@@ -1976,7 +1985,8 @@ xfrm_bundle_lookup(struct net *net, const struct flowi *fl, u16 family, u8 dir,
1976 goto make_dummy_bundle; 1985 goto make_dummy_bundle;
1977 } 1986 }
1978 1987
1979 new_xdst = xfrm_resolve_and_create_bundle(pols, num_pols, fl, family, dst_orig); 1988 new_xdst = xfrm_resolve_and_create_bundle(pols, num_pols, fl, family,
1989 xflo->dst_orig);
1980 if (IS_ERR(new_xdst)) { 1990 if (IS_ERR(new_xdst)) {
1981 err = PTR_ERR(new_xdst); 1991 err = PTR_ERR(new_xdst);
1982 if (err != -EAGAIN) 1992 if (err != -EAGAIN)
@@ -2010,7 +2020,7 @@ make_dummy_bundle:
2010 /* We found policies, but there's no bundles to instantiate: 2020 /* We found policies, but there's no bundles to instantiate:
2011 * either because the policy blocks, has no transformations or 2021 * either because the policy blocks, has no transformations or
2012 * we could not build template (no xfrm_states).*/ 2022 * we could not build template (no xfrm_states).*/
2013 xdst = xfrm_create_dummy_bundle(net, dst_orig, fl, num_xfrms, family); 2023 xdst = xfrm_create_dummy_bundle(net, xflo, fl, num_xfrms, family);
2014 if (IS_ERR(xdst)) { 2024 if (IS_ERR(xdst)) {
2015 xfrm_pols_put(pols, num_pols); 2025 xfrm_pols_put(pols, num_pols);
2016 return ERR_CAST(xdst); 2026 return ERR_CAST(xdst);
@@ -2104,13 +2114,18 @@ struct dst_entry *xfrm_lookup(struct net *net, struct dst_entry *dst_orig,
2104 } 2114 }
2105 2115
2106 if (xdst == NULL) { 2116 if (xdst == NULL) {
2117 struct xfrm_flo xflo;
2118
2119 xflo.dst_orig = dst_orig;
2120 xflo.flags = flags;
2121
2107 /* To accelerate a bit... */ 2122 /* To accelerate a bit... */
2108 if ((dst_orig->flags & DST_NOXFRM) || 2123 if ((dst_orig->flags & DST_NOXFRM) ||
2109 !net->xfrm.policy_count[XFRM_POLICY_OUT]) 2124 !net->xfrm.policy_count[XFRM_POLICY_OUT])
2110 goto nopol; 2125 goto nopol;
2111 2126
2112 flo = flow_cache_lookup(net, fl, family, dir, 2127 flo = flow_cache_lookup(net, fl, family, dir,
2113 xfrm_bundle_lookup, dst_orig); 2128 xfrm_bundle_lookup, &xflo);
2114 if (flo == NULL) 2129 if (flo == NULL)
2115 goto nopol; 2130 goto nopol;
2116 if (IS_ERR(flo)) { 2131 if (IS_ERR(flo)) {
@@ -2138,7 +2153,7 @@ struct dst_entry *xfrm_lookup(struct net *net, struct dst_entry *dst_orig,
2138 xfrm_pols_put(pols, drop_pols); 2153 xfrm_pols_put(pols, drop_pols);
2139 XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTNOSTATES); 2154 XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTNOSTATES);
2140 2155
2141 return make_blackhole(net, family, dst_orig); 2156 return ERR_PTR(-EREMOTE);
2142 } 2157 }
2143 2158
2144 err = -EAGAIN; 2159 err = -EAGAIN;
@@ -2195,6 +2210,23 @@ dropdst:
2195} 2210}
2196EXPORT_SYMBOL(xfrm_lookup); 2211EXPORT_SYMBOL(xfrm_lookup);
2197 2212
2213/* Callers of xfrm_lookup_route() must ensure a call to dst_output().
2214 * Otherwise we may send out blackholed packets.
2215 */
2216struct dst_entry *xfrm_lookup_route(struct net *net, struct dst_entry *dst_orig,
2217 const struct flowi *fl,
2218 struct sock *sk, int flags)
2219{
2220 struct dst_entry *dst = xfrm_lookup(net, dst_orig, fl, sk,
2221 flags | XFRM_LOOKUP_QUEUE);
2222
2223 if (IS_ERR(dst) && PTR_ERR(dst) == -EREMOTE)
2224 return make_blackhole(net, dst_orig->ops->family, dst_orig);
2225
2226 return dst;
2227}
2228EXPORT_SYMBOL(xfrm_lookup_route);
2229
2198static inline int 2230static inline int
2199xfrm_secpath_reject(int idx, struct sk_buff *skb, const struct flowi *fl) 2231xfrm_secpath_reject(int idx, struct sk_buff *skb, const struct flowi *fl)
2200{ 2232{
@@ -2460,7 +2492,7 @@ int __xfrm_route_forward(struct sk_buff *skb, unsigned short family)
2460 2492
2461 skb_dst_force(skb); 2493 skb_dst_force(skb);
2462 2494
2463 dst = xfrm_lookup(net, skb_dst(skb), &fl, NULL, 0); 2495 dst = xfrm_lookup(net, skb_dst(skb), &fl, NULL, XFRM_LOOKUP_QUEUE);
2464 if (IS_ERR(dst)) { 2496 if (IS_ERR(dst)) {
2465 res = 0; 2497 res = 0;
2466 dst = NULL; 2498 dst = NULL;
generated by cgit v1.2.2 (git 2.25.0) at 2025-03-31 07:45:09 -0400