diff options
28 files changed, 59 insertions, 68 deletions
diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h index 7fc9a3aaa1c9..e3ae544b3956 100644 --- a/include/linux/skbuff.h +++ b/include/linux/skbuff.h | |||
@@ -216,7 +216,7 @@ enum { | |||
216 | * @tail: Tail pointer | 216 | * @tail: Tail pointer |
217 | * @end: End pointer | 217 | * @end: End pointer |
218 | * @destructor: Destruct function | 218 | * @destructor: Destruct function |
219 | * @nfmark: Can be used for communication between hooks | 219 | * @mark: Generic packet mark |
220 | * @nfct: Associated connection, if any | 220 | * @nfct: Associated connection, if any |
221 | * @ipvs_property: skbuff is owned by ipvs | 221 | * @ipvs_property: skbuff is owned by ipvs |
222 | * @nfctinfo: Relationship of this skb to the connection | 222 | * @nfctinfo: Relationship of this skb to the connection |
@@ -295,7 +295,6 @@ struct sk_buff { | |||
295 | #ifdef CONFIG_BRIDGE_NETFILTER | 295 | #ifdef CONFIG_BRIDGE_NETFILTER |
296 | struct nf_bridge_info *nf_bridge; | 296 | struct nf_bridge_info *nf_bridge; |
297 | #endif | 297 | #endif |
298 | __u32 nfmark; | ||
299 | #endif /* CONFIG_NETFILTER */ | 298 | #endif /* CONFIG_NETFILTER */ |
300 | #ifdef CONFIG_NET_SCHED | 299 | #ifdef CONFIG_NET_SCHED |
301 | __u16 tc_index; /* traffic control index */ | 300 | __u16 tc_index; /* traffic control index */ |
@@ -310,6 +309,7 @@ struct sk_buff { | |||
310 | __u32 secmark; | 309 | __u32 secmark; |
311 | #endif | 310 | #endif |
312 | 311 | ||
312 | __u32 mark; | ||
313 | 313 | ||
314 | /* These elements must be at the end, see alloc_skb() for details. */ | 314 | /* These elements must be at the end, see alloc_skb() for details. */ |
315 | unsigned int truesize; | 315 | unsigned int truesize; |
diff --git a/net/bridge/netfilter/ebt_mark.c b/net/bridge/netfilter/ebt_mark.c index b54306a934e5..2458638561cb 100644 --- a/net/bridge/netfilter/ebt_mark.c +++ b/net/bridge/netfilter/ebt_mark.c | |||
@@ -25,13 +25,13 @@ static int ebt_target_mark(struct sk_buff **pskb, unsigned int hooknr, | |||
25 | int action = info->target & -16; | 25 | int action = info->target & -16; |
26 | 26 | ||
27 | if (action == MARK_SET_VALUE) | 27 | if (action == MARK_SET_VALUE) |
28 | (*pskb)->nfmark = info->mark; | 28 | (*pskb)->mark = info->mark; |
29 | else if (action == MARK_OR_VALUE) | 29 | else if (action == MARK_OR_VALUE) |
30 | (*pskb)->nfmark |= info->mark; | 30 | (*pskb)->mark |= info->mark; |
31 | else if (action == MARK_AND_VALUE) | 31 | else if (action == MARK_AND_VALUE) |
32 | (*pskb)->nfmark &= info->mark; | 32 | (*pskb)->mark &= info->mark; |
33 | else | 33 | else |
34 | (*pskb)->nfmark ^= info->mark; | 34 | (*pskb)->mark ^= info->mark; |
35 | 35 | ||
36 | return info->target | -16; | 36 | return info->target | -16; |
37 | } | 37 | } |
diff --git a/net/bridge/netfilter/ebt_mark_m.c b/net/bridge/netfilter/ebt_mark_m.c index a6413e4b4982..025869ee0b68 100644 --- a/net/bridge/netfilter/ebt_mark_m.c +++ b/net/bridge/netfilter/ebt_mark_m.c | |||
@@ -19,8 +19,8 @@ static int ebt_filter_mark(const struct sk_buff *skb, | |||
19 | struct ebt_mark_m_info *info = (struct ebt_mark_m_info *) data; | 19 | struct ebt_mark_m_info *info = (struct ebt_mark_m_info *) data; |
20 | 20 | ||
21 | if (info->bitmask & EBT_MARK_OR) | 21 | if (info->bitmask & EBT_MARK_OR) |
22 | return !(!!(skb->nfmark & info->mask) ^ info->invert); | 22 | return !(!!(skb->mark & info->mask) ^ info->invert); |
23 | return !(((skb->nfmark & info->mask) == info->mark) ^ info->invert); | 23 | return !(((skb->mark & info->mask) == info->mark) ^ info->invert); |
24 | } | 24 | } |
25 | 25 | ||
26 | static int ebt_mark_check(const char *tablename, unsigned int hookmask, | 26 | static int ebt_mark_check(const char *tablename, unsigned int hookmask, |
diff --git a/net/bridge/netfilter/ebt_ulog.c b/net/bridge/netfilter/ebt_ulog.c index 9f950db3b76f..c1af68b5a29c 100644 --- a/net/bridge/netfilter/ebt_ulog.c +++ b/net/bridge/netfilter/ebt_ulog.c | |||
@@ -168,7 +168,7 @@ static void ebt_ulog_packet(unsigned int hooknr, const struct sk_buff *skb, | |||
168 | if (ub->qlen == 1) | 168 | if (ub->qlen == 1) |
169 | skb_set_timestamp(ub->skb, &pm->stamp); | 169 | skb_set_timestamp(ub->skb, &pm->stamp); |
170 | pm->data_len = copy_len; | 170 | pm->data_len = copy_len; |
171 | pm->mark = skb->nfmark; | 171 | pm->mark = skb->mark; |
172 | pm->hook = hooknr; | 172 | pm->hook = hooknr; |
173 | if (uloginfo->prefix != NULL) | 173 | if (uloginfo->prefix != NULL) |
174 | strcpy(pm->prefix, uloginfo->prefix); | 174 | strcpy(pm->prefix, uloginfo->prefix); |
diff --git a/net/core/skbuff.c b/net/core/skbuff.c index b8b106358040..b3dea1ef9535 100644 --- a/net/core/skbuff.c +++ b/net/core/skbuff.c | |||
@@ -473,8 +473,8 @@ struct sk_buff *skb_clone(struct sk_buff *skb, gfp_t gfp_mask) | |||
473 | #endif | 473 | #endif |
474 | C(protocol); | 474 | C(protocol); |
475 | n->destructor = NULL; | 475 | n->destructor = NULL; |
476 | C(mark); | ||
476 | #ifdef CONFIG_NETFILTER | 477 | #ifdef CONFIG_NETFILTER |
477 | C(nfmark); | ||
478 | C(nfct); | 478 | C(nfct); |
479 | nf_conntrack_get(skb->nfct); | 479 | nf_conntrack_get(skb->nfct); |
480 | C(nfctinfo); | 480 | C(nfctinfo); |
@@ -534,8 +534,8 @@ static void copy_skb_header(struct sk_buff *new, const struct sk_buff *old) | |||
534 | new->pkt_type = old->pkt_type; | 534 | new->pkt_type = old->pkt_type; |
535 | new->tstamp = old->tstamp; | 535 | new->tstamp = old->tstamp; |
536 | new->destructor = NULL; | 536 | new->destructor = NULL; |
537 | new->mark = old->mark; | ||
537 | #ifdef CONFIG_NETFILTER | 538 | #ifdef CONFIG_NETFILTER |
538 | new->nfmark = old->nfmark; | ||
539 | new->nfct = old->nfct; | 539 | new->nfct = old->nfct; |
540 | nf_conntrack_get(old->nfct); | 540 | nf_conntrack_get(old->nfct); |
541 | new->nfctinfo = old->nfctinfo; | 541 | new->nfctinfo = old->nfctinfo; |
diff --git a/net/decnet/dn_route.c b/net/decnet/dn_route.c index 23489f7232d2..3482839af280 100644 --- a/net/decnet/dn_route.c +++ b/net/decnet/dn_route.c | |||
@@ -1236,7 +1236,7 @@ static int dn_route_input_slow(struct sk_buff *skb) | |||
1236 | .saddr = cb->src, | 1236 | .saddr = cb->src, |
1237 | .scope = RT_SCOPE_UNIVERSE, | 1237 | .scope = RT_SCOPE_UNIVERSE, |
1238 | #ifdef CONFIG_DECNET_ROUTE_FWMARK | 1238 | #ifdef CONFIG_DECNET_ROUTE_FWMARK |
1239 | .fwmark = skb->nfmark | 1239 | .fwmark = skb->mark |
1240 | #endif | 1240 | #endif |
1241 | } }, | 1241 | } }, |
1242 | .iif = skb->dev->ifindex }; | 1242 | .iif = skb->dev->ifindex }; |
@@ -1458,7 +1458,7 @@ int dn_route_input(struct sk_buff *skb) | |||
1458 | (rt->fl.fld_dst == cb->dst) && | 1458 | (rt->fl.fld_dst == cb->dst) && |
1459 | (rt->fl.oif == 0) && | 1459 | (rt->fl.oif == 0) && |
1460 | #ifdef CONFIG_DECNET_ROUTE_FWMARK | 1460 | #ifdef CONFIG_DECNET_ROUTE_FWMARK |
1461 | (rt->fl.fld_fwmark == skb->nfmark) && | 1461 | (rt->fl.fld_fwmark == skb->mark) && |
1462 | #endif | 1462 | #endif |
1463 | (rt->fl.iif == cb->iif)) { | 1463 | (rt->fl.iif == cb->iif)) { |
1464 | rt->u.dst.lastuse = jiffies; | 1464 | rt->u.dst.lastuse = jiffies; |
diff --git a/net/ipv4/ip_output.c b/net/ipv4/ip_output.c index fc195a44fc2e..23633bf042ba 100644 --- a/net/ipv4/ip_output.c +++ b/net/ipv4/ip_output.c | |||
@@ -386,6 +386,7 @@ static void ip_copy_metadata(struct sk_buff *to, struct sk_buff *from) | |||
386 | dst_release(to->dst); | 386 | dst_release(to->dst); |
387 | to->dst = dst_clone(from->dst); | 387 | to->dst = dst_clone(from->dst); |
388 | to->dev = from->dev; | 388 | to->dev = from->dev; |
389 | to->mark = from->mark; | ||
389 | 390 | ||
390 | /* Copy the flags to each fragment. */ | 391 | /* Copy the flags to each fragment. */ |
391 | IPCB(to)->flags = IPCB(from)->flags; | 392 | IPCB(to)->flags = IPCB(from)->flags; |
@@ -394,7 +395,6 @@ static void ip_copy_metadata(struct sk_buff *to, struct sk_buff *from) | |||
394 | to->tc_index = from->tc_index; | 395 | to->tc_index = from->tc_index; |
395 | #endif | 396 | #endif |
396 | #ifdef CONFIG_NETFILTER | 397 | #ifdef CONFIG_NETFILTER |
397 | to->nfmark = from->nfmark; | ||
398 | /* Connection association is same as pre-frag packet */ | 398 | /* Connection association is same as pre-frag packet */ |
399 | nf_conntrack_put(to->nfct); | 399 | nf_conntrack_put(to->nfct); |
400 | to->nfct = from->nfct; | 400 | to->nfct = from->nfct; |
diff --git a/net/ipv4/ipvs/ip_vs_proto_tcp.c b/net/ipv4/ipvs/ip_vs_proto_tcp.c index 6ff05c3a32e6..7de385267b33 100644 --- a/net/ipv4/ipvs/ip_vs_proto_tcp.c +++ b/net/ipv4/ipvs/ip_vs_proto_tcp.c | |||
@@ -84,7 +84,7 @@ tcp_conn_schedule(struct sk_buff *skb, | |||
84 | } | 84 | } |
85 | 85 | ||
86 | if (th->syn && | 86 | if (th->syn && |
87 | (svc = ip_vs_service_get(skb->nfmark, skb->nh.iph->protocol, | 87 | (svc = ip_vs_service_get(skb->mark, skb->nh.iph->protocol, |
88 | skb->nh.iph->daddr, th->dest))) { | 88 | skb->nh.iph->daddr, th->dest))) { |
89 | if (ip_vs_todrop()) { | 89 | if (ip_vs_todrop()) { |
90 | /* | 90 | /* |
diff --git a/net/ipv4/ipvs/ip_vs_proto_udp.c b/net/ipv4/ipvs/ip_vs_proto_udp.c index 691c8b637b29..452cb9c384b3 100644 --- a/net/ipv4/ipvs/ip_vs_proto_udp.c +++ b/net/ipv4/ipvs/ip_vs_proto_udp.c | |||
@@ -89,7 +89,7 @@ udp_conn_schedule(struct sk_buff *skb, struct ip_vs_protocol *pp, | |||
89 | return 0; | 89 | return 0; |
90 | } | 90 | } |
91 | 91 | ||
92 | if ((svc = ip_vs_service_get(skb->nfmark, skb->nh.iph->protocol, | 92 | if ((svc = ip_vs_service_get(skb->mark, skb->nh.iph->protocol, |
93 | skb->nh.iph->daddr, uh->dest))) { | 93 | skb->nh.iph->daddr, uh->dest))) { |
94 | if (ip_vs_todrop()) { | 94 | if (ip_vs_todrop()) { |
95 | /* | 95 | /* |
diff --git a/net/ipv4/netfilter.c b/net/ipv4/netfilter.c index e2005c6810a4..bfc8d753a23a 100644 --- a/net/ipv4/netfilter.c +++ b/net/ipv4/netfilter.c | |||
@@ -28,7 +28,7 @@ int ip_route_me_harder(struct sk_buff **pskb, unsigned addr_type) | |||
28 | fl.nl_u.ip4_u.tos = RT_TOS(iph->tos); | 28 | fl.nl_u.ip4_u.tos = RT_TOS(iph->tos); |
29 | fl.oif = (*pskb)->sk ? (*pskb)->sk->sk_bound_dev_if : 0; | 29 | fl.oif = (*pskb)->sk ? (*pskb)->sk->sk_bound_dev_if : 0; |
30 | #ifdef CONFIG_IP_ROUTE_FWMARK | 30 | #ifdef CONFIG_IP_ROUTE_FWMARK |
31 | fl.nl_u.ip4_u.fwmark = (*pskb)->nfmark; | 31 | fl.nl_u.ip4_u.fwmark = (*pskb)->mark; |
32 | #endif | 32 | #endif |
33 | if (ip_route_output_key(&rt, &fl) != 0) | 33 | if (ip_route_output_key(&rt, &fl) != 0) |
34 | return -1; | 34 | return -1; |
diff --git a/net/ipv4/netfilter/ip_queue.c b/net/ipv4/netfilter/ip_queue.c index 97556cc2e4e0..cd520df4dcf4 100644 --- a/net/ipv4/netfilter/ip_queue.c +++ b/net/ipv4/netfilter/ip_queue.c | |||
@@ -243,7 +243,7 @@ ipq_build_packet_message(struct ipq_queue_entry *entry, int *errp) | |||
243 | pmsg->data_len = data_len; | 243 | pmsg->data_len = data_len; |
244 | pmsg->timestamp_sec = entry->skb->tstamp.off_sec; | 244 | pmsg->timestamp_sec = entry->skb->tstamp.off_sec; |
245 | pmsg->timestamp_usec = entry->skb->tstamp.off_usec; | 245 | pmsg->timestamp_usec = entry->skb->tstamp.off_usec; |
246 | pmsg->mark = entry->skb->nfmark; | 246 | pmsg->mark = entry->skb->mark; |
247 | pmsg->hook = entry->info->hook; | 247 | pmsg->hook = entry->info->hook; |
248 | pmsg->hw_protocol = entry->skb->protocol; | 248 | pmsg->hw_protocol = entry->skb->protocol; |
249 | 249 | ||
diff --git a/net/ipv4/netfilter/ipt_REJECT.c b/net/ipv4/netfilter/ipt_REJECT.c index 264763adc39b..f0319e5ee437 100644 --- a/net/ipv4/netfilter/ipt_REJECT.c +++ b/net/ipv4/netfilter/ipt_REJECT.c | |||
@@ -76,7 +76,7 @@ static void send_reset(struct sk_buff *oldskb, int hook) | |||
76 | 76 | ||
77 | /* This packet will not be the same as the other: clear nf fields */ | 77 | /* This packet will not be the same as the other: clear nf fields */ |
78 | nf_reset(nskb); | 78 | nf_reset(nskb); |
79 | nskb->nfmark = 0; | 79 | nskb->mark = 0; |
80 | skb_init_secmark(nskb); | 80 | skb_init_secmark(nskb); |
81 | 81 | ||
82 | tcph = (struct tcphdr *)((u_int32_t*)nskb->nh.iph + nskb->nh.iph->ihl); | 82 | tcph = (struct tcphdr *)((u_int32_t*)nskb->nh.iph + nskb->nh.iph->ihl); |
diff --git a/net/ipv4/netfilter/ipt_ULOG.c b/net/ipv4/netfilter/ipt_ULOG.c index 2b104ea54f48..dbd34783a64d 100644 --- a/net/ipv4/netfilter/ipt_ULOG.c +++ b/net/ipv4/netfilter/ipt_ULOG.c | |||
@@ -239,7 +239,7 @@ static void ipt_ulog_packet(unsigned int hooknum, | |||
239 | pm->data_len = copy_len; | 239 | pm->data_len = copy_len; |
240 | pm->timestamp_sec = skb->tstamp.off_sec; | 240 | pm->timestamp_sec = skb->tstamp.off_sec; |
241 | pm->timestamp_usec = skb->tstamp.off_usec; | 241 | pm->timestamp_usec = skb->tstamp.off_usec; |
242 | pm->mark = skb->nfmark; | 242 | pm->mark = skb->mark; |
243 | pm->hook = hooknum; | 243 | pm->hook = hooknum; |
244 | if (prefix != NULL) | 244 | if (prefix != NULL) |
245 | strncpy(pm->prefix, prefix, sizeof(pm->prefix)); | 245 | strncpy(pm->prefix, prefix, sizeof(pm->prefix)); |
diff --git a/net/ipv4/netfilter/iptable_mangle.c b/net/ipv4/netfilter/iptable_mangle.c index b91f3582359b..62d4ccc259ca 100644 --- a/net/ipv4/netfilter/iptable_mangle.c +++ b/net/ipv4/netfilter/iptable_mangle.c | |||
@@ -132,7 +132,7 @@ ipt_local_hook(unsigned int hook, | |||
132 | unsigned int ret; | 132 | unsigned int ret; |
133 | u_int8_t tos; | 133 | u_int8_t tos; |
134 | __be32 saddr, daddr; | 134 | __be32 saddr, daddr; |
135 | unsigned long nfmark; | 135 | u_int32_t mark; |
136 | 136 | ||
137 | /* root is playing with raw sockets. */ | 137 | /* root is playing with raw sockets. */ |
138 | if ((*pskb)->len < sizeof(struct iphdr) | 138 | if ((*pskb)->len < sizeof(struct iphdr) |
@@ -143,7 +143,7 @@ ipt_local_hook(unsigned int hook, | |||
143 | } | 143 | } |
144 | 144 | ||
145 | /* Save things which could affect route */ | 145 | /* Save things which could affect route */ |
146 | nfmark = (*pskb)->nfmark; | 146 | mark = (*pskb)->mark; |
147 | saddr = (*pskb)->nh.iph->saddr; | 147 | saddr = (*pskb)->nh.iph->saddr; |
148 | daddr = (*pskb)->nh.iph->daddr; | 148 | daddr = (*pskb)->nh.iph->daddr; |
149 | tos = (*pskb)->nh.iph->tos; | 149 | tos = (*pskb)->nh.iph->tos; |
@@ -154,7 +154,7 @@ ipt_local_hook(unsigned int hook, | |||
154 | && ((*pskb)->nh.iph->saddr != saddr | 154 | && ((*pskb)->nh.iph->saddr != saddr |
155 | || (*pskb)->nh.iph->daddr != daddr | 155 | || (*pskb)->nh.iph->daddr != daddr |
156 | #ifdef CONFIG_IP_ROUTE_FWMARK | 156 | #ifdef CONFIG_IP_ROUTE_FWMARK |
157 | || (*pskb)->nfmark != nfmark | 157 | || (*pskb)->mark != mark |
158 | #endif | 158 | #endif |
159 | || (*pskb)->nh.iph->tos != tos)) | 159 | || (*pskb)->nh.iph->tos != tos)) |
160 | if (ip_route_me_harder(pskb, RTN_UNSPEC)) | 160 | if (ip_route_me_harder(pskb, RTN_UNSPEC)) |
diff --git a/net/ipv4/route.c b/net/ipv4/route.c index 925ee4dfc32c..4de3e38fa1a8 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c | |||
@@ -1644,7 +1644,7 @@ static int ip_route_input_mc(struct sk_buff *skb, __be32 daddr, __be32 saddr, | |||
1644 | rth->rt_dst = daddr; | 1644 | rth->rt_dst = daddr; |
1645 | rth->fl.fl4_tos = tos; | 1645 | rth->fl.fl4_tos = tos; |
1646 | #ifdef CONFIG_IP_ROUTE_FWMARK | 1646 | #ifdef CONFIG_IP_ROUTE_FWMARK |
1647 | rth->fl.fl4_fwmark= skb->nfmark; | 1647 | rth->fl.fl4_fwmark= skb->mark; |
1648 | #endif | 1648 | #endif |
1649 | rth->fl.fl4_src = saddr; | 1649 | rth->fl.fl4_src = saddr; |
1650 | rth->rt_src = saddr; | 1650 | rth->rt_src = saddr; |
@@ -1790,7 +1790,7 @@ static inline int __mkroute_input(struct sk_buff *skb, | |||
1790 | rth->rt_dst = daddr; | 1790 | rth->rt_dst = daddr; |
1791 | rth->fl.fl4_tos = tos; | 1791 | rth->fl.fl4_tos = tos; |
1792 | #ifdef CONFIG_IP_ROUTE_FWMARK | 1792 | #ifdef CONFIG_IP_ROUTE_FWMARK |
1793 | rth->fl.fl4_fwmark= skb->nfmark; | 1793 | rth->fl.fl4_fwmark= skb->mark; |
1794 | #endif | 1794 | #endif |
1795 | rth->fl.fl4_src = saddr; | 1795 | rth->fl.fl4_src = saddr; |
1796 | rth->rt_src = saddr; | 1796 | rth->rt_src = saddr; |
@@ -1921,7 +1921,7 @@ static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr, | |||
1921 | .tos = tos, | 1921 | .tos = tos, |
1922 | .scope = RT_SCOPE_UNIVERSE, | 1922 | .scope = RT_SCOPE_UNIVERSE, |
1923 | #ifdef CONFIG_IP_ROUTE_FWMARK | 1923 | #ifdef CONFIG_IP_ROUTE_FWMARK |
1924 | .fwmark = skb->nfmark | 1924 | .fwmark = skb->mark |
1925 | #endif | 1925 | #endif |
1926 | } }, | 1926 | } }, |
1927 | .iif = dev->ifindex }; | 1927 | .iif = dev->ifindex }; |
@@ -2035,7 +2035,7 @@ local_input: | |||
2035 | rth->rt_dst = daddr; | 2035 | rth->rt_dst = daddr; |
2036 | rth->fl.fl4_tos = tos; | 2036 | rth->fl.fl4_tos = tos; |
2037 | #ifdef CONFIG_IP_ROUTE_FWMARK | 2037 | #ifdef CONFIG_IP_ROUTE_FWMARK |
2038 | rth->fl.fl4_fwmark= skb->nfmark; | 2038 | rth->fl.fl4_fwmark= skb->mark; |
2039 | #endif | 2039 | #endif |
2040 | rth->fl.fl4_src = saddr; | 2040 | rth->fl.fl4_src = saddr; |
2041 | rth->rt_src = saddr; | 2041 | rth->rt_src = saddr; |
@@ -2114,7 +2114,7 @@ int ip_route_input(struct sk_buff *skb, __be32 daddr, __be32 saddr, | |||
2114 | rth->fl.iif == iif && | 2114 | rth->fl.iif == iif && |
2115 | rth->fl.oif == 0 && | 2115 | rth->fl.oif == 0 && |
2116 | #ifdef CONFIG_IP_ROUTE_FWMARK | 2116 | #ifdef CONFIG_IP_ROUTE_FWMARK |
2117 | rth->fl.fl4_fwmark == skb->nfmark && | 2117 | rth->fl.fl4_fwmark == skb->mark && |
2118 | #endif | 2118 | #endif |
2119 | rth->fl.fl4_tos == tos) { | 2119 | rth->fl.fl4_tos == tos) { |
2120 | rth->u.dst.lastuse = jiffies; | 2120 | rth->u.dst.lastuse = jiffies; |
diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c index 93330685adfc..1bde3aca3466 100644 --- a/net/ipv6/ip6_output.c +++ b/net/ipv6/ip6_output.c | |||
@@ -499,12 +499,12 @@ static void ip6_copy_metadata(struct sk_buff *to, struct sk_buff *from) | |||
499 | dst_release(to->dst); | 499 | dst_release(to->dst); |
500 | to->dst = dst_clone(from->dst); | 500 | to->dst = dst_clone(from->dst); |
501 | to->dev = from->dev; | 501 | to->dev = from->dev; |
502 | to->mark = from->mark; | ||
502 | 503 | ||
503 | #ifdef CONFIG_NET_SCHED | 504 | #ifdef CONFIG_NET_SCHED |
504 | to->tc_index = from->tc_index; | 505 | to->tc_index = from->tc_index; |
505 | #endif | 506 | #endif |
506 | #ifdef CONFIG_NETFILTER | 507 | #ifdef CONFIG_NETFILTER |
507 | to->nfmark = from->nfmark; | ||
508 | /* Connection association is same as pre-frag packet */ | 508 | /* Connection association is same as pre-frag packet */ |
509 | nf_conntrack_put(to->nfct); | 509 | nf_conntrack_put(to->nfct); |
510 | to->nfct = from->nfct; | 510 | to->nfct = from->nfct; |
diff --git a/net/ipv6/netfilter/ip6_queue.c b/net/ipv6/netfilter/ip6_queue.c index 9fec832ee08b..21908c9a10da 100644 --- a/net/ipv6/netfilter/ip6_queue.c +++ b/net/ipv6/netfilter/ip6_queue.c | |||
@@ -241,7 +241,7 @@ ipq_build_packet_message(struct ipq_queue_entry *entry, int *errp) | |||
241 | pmsg->data_len = data_len; | 241 | pmsg->data_len = data_len; |
242 | pmsg->timestamp_sec = entry->skb->tstamp.off_sec; | 242 | pmsg->timestamp_sec = entry->skb->tstamp.off_sec; |
243 | pmsg->timestamp_usec = entry->skb->tstamp.off_usec; | 243 | pmsg->timestamp_usec = entry->skb->tstamp.off_usec; |
244 | pmsg->mark = entry->skb->nfmark; | 244 | pmsg->mark = entry->skb->mark; |
245 | pmsg->hook = entry->info->hook; | 245 | pmsg->hook = entry->info->hook; |
246 | pmsg->hw_protocol = entry->skb->protocol; | 246 | pmsg->hw_protocol = entry->skb->protocol; |
247 | 247 | ||
diff --git a/net/ipv6/netfilter/ip6table_mangle.c b/net/ipv6/netfilter/ip6table_mangle.c index 386ea260e767..6250e86a6ddc 100644 --- a/net/ipv6/netfilter/ip6table_mangle.c +++ b/net/ipv6/netfilter/ip6table_mangle.c | |||
@@ -149,11 +149,10 @@ ip6t_local_hook(unsigned int hook, | |||
149 | int (*okfn)(struct sk_buff *)) | 149 | int (*okfn)(struct sk_buff *)) |
150 | { | 150 | { |
151 | 151 | ||
152 | unsigned long nfmark; | ||
153 | unsigned int ret; | 152 | unsigned int ret; |
154 | struct in6_addr saddr, daddr; | 153 | struct in6_addr saddr, daddr; |
155 | u_int8_t hop_limit; | 154 | u_int8_t hop_limit; |
156 | u_int32_t flowlabel; | 155 | u_int32_t flowlabel, mark; |
157 | 156 | ||
158 | #if 0 | 157 | #if 0 |
159 | /* root is playing with raw sockets. */ | 158 | /* root is playing with raw sockets. */ |
@@ -165,10 +164,10 @@ ip6t_local_hook(unsigned int hook, | |||
165 | } | 164 | } |
166 | #endif | 165 | #endif |
167 | 166 | ||
168 | /* save source/dest address, nfmark, hoplimit, flowlabel, priority, */ | 167 | /* save source/dest address, mark, hoplimit, flowlabel, priority, */ |
169 | memcpy(&saddr, &(*pskb)->nh.ipv6h->saddr, sizeof(saddr)); | 168 | memcpy(&saddr, &(*pskb)->nh.ipv6h->saddr, sizeof(saddr)); |
170 | memcpy(&daddr, &(*pskb)->nh.ipv6h->daddr, sizeof(daddr)); | 169 | memcpy(&daddr, &(*pskb)->nh.ipv6h->daddr, sizeof(daddr)); |
171 | nfmark = (*pskb)->nfmark; | 170 | mark = (*pskb)->mark; |
172 | hop_limit = (*pskb)->nh.ipv6h->hop_limit; | 171 | hop_limit = (*pskb)->nh.ipv6h->hop_limit; |
173 | 172 | ||
174 | /* flowlabel and prio (includes version, which shouldn't change either */ | 173 | /* flowlabel and prio (includes version, which shouldn't change either */ |
@@ -179,7 +178,7 @@ ip6t_local_hook(unsigned int hook, | |||
179 | if (ret != NF_DROP && ret != NF_STOLEN | 178 | if (ret != NF_DROP && ret != NF_STOLEN |
180 | && (memcmp(&(*pskb)->nh.ipv6h->saddr, &saddr, sizeof(saddr)) | 179 | && (memcmp(&(*pskb)->nh.ipv6h->saddr, &saddr, sizeof(saddr)) |
181 | || memcmp(&(*pskb)->nh.ipv6h->daddr, &daddr, sizeof(daddr)) | 180 | || memcmp(&(*pskb)->nh.ipv6h->daddr, &daddr, sizeof(daddr)) |
182 | || (*pskb)->nfmark != nfmark | 181 | || (*pskb)->mark != mark |
183 | || (*pskb)->nh.ipv6h->hop_limit != hop_limit)) | 182 | || (*pskb)->nh.ipv6h->hop_limit != hop_limit)) |
184 | return ip6_route_me_harder(*pskb) == 0 ? ret : NF_DROP; | 183 | return ip6_route_me_harder(*pskb) == 0 ? ret : NF_DROP; |
185 | 184 | ||
diff --git a/net/ipv6/route.c b/net/ipv6/route.c index e9c1fc5f21b1..aaabb1fad1cf 100644 --- a/net/ipv6/route.c +++ b/net/ipv6/route.c | |||
@@ -712,7 +712,7 @@ void ip6_route_input(struct sk_buff *skb) | |||
712 | .daddr = iph->daddr, | 712 | .daddr = iph->daddr, |
713 | .saddr = iph->saddr, | 713 | .saddr = iph->saddr, |
714 | #ifdef CONFIG_IPV6_ROUTE_FWMARK | 714 | #ifdef CONFIG_IPV6_ROUTE_FWMARK |
715 | .fwmark = skb->nfmark, | 715 | .fwmark = skb->mark, |
716 | #endif | 716 | #endif |
717 | .flowlabel = (* (__be32 *) iph)&IPV6_FLOWINFO_MASK, | 717 | .flowlabel = (* (__be32 *) iph)&IPV6_FLOWINFO_MASK, |
718 | }, | 718 | }, |
diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c index 856ed0d19974..bd3ffa6f1a6d 100644 --- a/net/netfilter/nfnetlink_log.c +++ b/net/netfilter/nfnetlink_log.c | |||
@@ -501,8 +501,8 @@ __build_packet_message(struct nfulnl_instance *inst, | |||
501 | #endif | 501 | #endif |
502 | } | 502 | } |
503 | 503 | ||
504 | if (skb->nfmark) { | 504 | if (skb->mark) { |
505 | tmp_uint = htonl(skb->nfmark); | 505 | tmp_uint = htonl(skb->mark); |
506 | NFA_PUT(inst->skb, NFULA_MARK, sizeof(tmp_uint), &tmp_uint); | 506 | NFA_PUT(inst->skb, NFULA_MARK, sizeof(tmp_uint), &tmp_uint); |
507 | } | 507 | } |
508 | 508 | ||
diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c index 4ab7b1416bb5..82e4454659bf 100644 --- a/net/netfilter/nfnetlink_queue.c +++ b/net/netfilter/nfnetlink_queue.c | |||
@@ -480,8 +480,8 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue, | |||
480 | #endif | 480 | #endif |
481 | } | 481 | } |
482 | 482 | ||
483 | if (entskb->nfmark) { | 483 | if (entskb->mark) { |
484 | tmp_uint = htonl(entskb->nfmark); | 484 | tmp_uint = htonl(entskb->mark); |
485 | NFA_PUT(skb, NFQA_MARK, sizeof(u_int32_t), &tmp_uint); | 485 | NFA_PUT(skb, NFQA_MARK, sizeof(u_int32_t), &tmp_uint); |
486 | } | 486 | } |
487 | 487 | ||
@@ -834,8 +834,8 @@ nfqnl_recv_verdict(struct sock *ctnl, struct sk_buff *skb, | |||
834 | } | 834 | } |
835 | 835 | ||
836 | if (nfqa[NFQA_MARK-1]) | 836 | if (nfqa[NFQA_MARK-1]) |
837 | entry->skb->nfmark = ntohl(*(__be32 *) | 837 | entry->skb->mark = ntohl(*(__be32 *) |
838 | NFA_DATA(nfqa[NFQA_MARK-1])); | 838 | NFA_DATA(nfqa[NFQA_MARK-1])); |
839 | 839 | ||
840 | issue_verdict(entry, verdict); | 840 | issue_verdict(entry, verdict); |
841 | instance_put(queue); | 841 | instance_put(queue); |
diff --git a/net/netfilter/xt_CONNMARK.c b/net/netfilter/xt_CONNMARK.c index c01524f817f0..67ed53152999 100644 --- a/net/netfilter/xt_CONNMARK.c +++ b/net/netfilter/xt_CONNMARK.c | |||
@@ -42,7 +42,7 @@ target(struct sk_buff **pskb, | |||
42 | { | 42 | { |
43 | const struct xt_connmark_target_info *markinfo = targinfo; | 43 | const struct xt_connmark_target_info *markinfo = targinfo; |
44 | u_int32_t diff; | 44 | u_int32_t diff; |
45 | u_int32_t nfmark; | 45 | u_int32_t mark; |
46 | u_int32_t newmark; | 46 | u_int32_t newmark; |
47 | u_int32_t ctinfo; | 47 | u_int32_t ctinfo; |
48 | u_int32_t *ctmark = nf_ct_get_mark(*pskb, &ctinfo); | 48 | u_int32_t *ctmark = nf_ct_get_mark(*pskb, &ctinfo); |
@@ -62,7 +62,7 @@ target(struct sk_buff **pskb, | |||
62 | break; | 62 | break; |
63 | case XT_CONNMARK_SAVE: | 63 | case XT_CONNMARK_SAVE: |
64 | newmark = (*ctmark & ~markinfo->mask) | | 64 | newmark = (*ctmark & ~markinfo->mask) | |
65 | ((*pskb)->nfmark & markinfo->mask); | 65 | ((*pskb)->mark & markinfo->mask); |
66 | if (*ctmark != newmark) { | 66 | if (*ctmark != newmark) { |
67 | *ctmark = newmark; | 67 | *ctmark = newmark; |
68 | #if defined(CONFIG_IP_NF_CONNTRACK) || defined(CONFIG_IP_NF_CONNTRACK_MODULE) | 68 | #if defined(CONFIG_IP_NF_CONNTRACK) || defined(CONFIG_IP_NF_CONNTRACK_MODULE) |
@@ -73,10 +73,10 @@ target(struct sk_buff **pskb, | |||
73 | } | 73 | } |
74 | break; | 74 | break; |
75 | case XT_CONNMARK_RESTORE: | 75 | case XT_CONNMARK_RESTORE: |
76 | nfmark = (*pskb)->nfmark; | 76 | mark = (*pskb)->mark; |
77 | diff = (*ctmark ^ nfmark) & markinfo->mask; | 77 | diff = (*ctmark ^ mark) & markinfo->mask; |
78 | if (diff != 0) | 78 | if (diff != 0) |
79 | (*pskb)->nfmark = nfmark ^ diff; | 79 | (*pskb)->mark = mark ^ diff; |
80 | break; | 80 | break; |
81 | } | 81 | } |
82 | } | 82 | } |
diff --git a/net/netfilter/xt_MARK.c b/net/netfilter/xt_MARK.c index c6e860a7114f..0b48547e8d64 100644 --- a/net/netfilter/xt_MARK.c +++ b/net/netfilter/xt_MARK.c | |||
@@ -31,8 +31,8 @@ target_v0(struct sk_buff **pskb, | |||
31 | { | 31 | { |
32 | const struct xt_mark_target_info *markinfo = targinfo; | 32 | const struct xt_mark_target_info *markinfo = targinfo; |
33 | 33 | ||
34 | if((*pskb)->nfmark != markinfo->mark) | 34 | if((*pskb)->mark != markinfo->mark) |
35 | (*pskb)->nfmark = markinfo->mark; | 35 | (*pskb)->mark = markinfo->mark; |
36 | 36 | ||
37 | return XT_CONTINUE; | 37 | return XT_CONTINUE; |
38 | } | 38 | } |
@@ -54,16 +54,16 @@ target_v1(struct sk_buff **pskb, | |||
54 | break; | 54 | break; |
55 | 55 | ||
56 | case XT_MARK_AND: | 56 | case XT_MARK_AND: |
57 | mark = (*pskb)->nfmark & markinfo->mark; | 57 | mark = (*pskb)->mark & markinfo->mark; |
58 | break; | 58 | break; |
59 | 59 | ||
60 | case XT_MARK_OR: | 60 | case XT_MARK_OR: |
61 | mark = (*pskb)->nfmark | markinfo->mark; | 61 | mark = (*pskb)->mark | markinfo->mark; |
62 | break; | 62 | break; |
63 | } | 63 | } |
64 | 64 | ||
65 | if((*pskb)->nfmark != mark) | 65 | if((*pskb)->mark != mark) |
66 | (*pskb)->nfmark = mark; | 66 | (*pskb)->mark = mark; |
67 | 67 | ||
68 | return XT_CONTINUE; | 68 | return XT_CONTINUE; |
69 | } | 69 | } |
diff --git a/net/netfilter/xt_mark.c b/net/netfilter/xt_mark.c index 934dddfbcd23..dfa1ee6914c0 100644 --- a/net/netfilter/xt_mark.c +++ b/net/netfilter/xt_mark.c | |||
@@ -31,7 +31,7 @@ match(const struct sk_buff *skb, | |||
31 | { | 31 | { |
32 | const struct xt_mark_info *info = matchinfo; | 32 | const struct xt_mark_info *info = matchinfo; |
33 | 33 | ||
34 | return ((skb->nfmark & info->mask) == info->mark) ^ info->invert; | 34 | return ((skb->mark & info->mask) == info->mark) ^ info->invert; |
35 | } | 35 | } |
36 | 36 | ||
37 | static int | 37 | static int |
diff --git a/net/sched/Kconfig b/net/sched/Kconfig index 8298ea9ffe19..b2437092978c 100644 --- a/net/sched/Kconfig +++ b/net/sched/Kconfig | |||
@@ -320,7 +320,7 @@ config CLS_U32_PERF | |||
320 | 320 | ||
321 | config CLS_U32_MARK | 321 | config CLS_U32_MARK |
322 | bool "Netfilter marks support" | 322 | bool "Netfilter marks support" |
323 | depends on NET_CLS_U32 && NETFILTER | 323 | depends on NET_CLS_U32 |
324 | ---help--- | 324 | ---help--- |
325 | Say Y here to be able to use netfilter marks as u32 key. | 325 | Say Y here to be able to use netfilter marks as u32 key. |
326 | 326 | ||
diff --git a/net/sched/cls_fw.c b/net/sched/cls_fw.c index e54acc6bcccd..f59a2c4aa039 100644 --- a/net/sched/cls_fw.c +++ b/net/sched/cls_fw.c | |||
@@ -101,11 +101,7 @@ static int fw_classify(struct sk_buff *skb, struct tcf_proto *tp, | |||
101 | struct fw_head *head = (struct fw_head*)tp->root; | 101 | struct fw_head *head = (struct fw_head*)tp->root; |
102 | struct fw_filter *f; | 102 | struct fw_filter *f; |
103 | int r; | 103 | int r; |
104 | #ifdef CONFIG_NETFILTER | 104 | u32 id = skb->mark & head->mask; |
105 | u32 id = skb->nfmark & head->mask; | ||
106 | #else | ||
107 | u32 id = 0; | ||
108 | #endif | ||
109 | 105 | ||
110 | if (head != NULL) { | 106 | if (head != NULL) { |
111 | for (f=head->ht[fw_hash(id)]; f; f=f->next) { | 107 | for (f=head->ht[fw_hash(id)]; f; f=f->next) { |
diff --git a/net/sched/cls_u32.c b/net/sched/cls_u32.c index 0a6cfa0005be..8b5194801995 100644 --- a/net/sched/cls_u32.c +++ b/net/sched/cls_u32.c | |||
@@ -143,7 +143,7 @@ next_knode: | |||
143 | #endif | 143 | #endif |
144 | 144 | ||
145 | #ifdef CONFIG_CLS_U32_MARK | 145 | #ifdef CONFIG_CLS_U32_MARK |
146 | if ((skb->nfmark & n->mark.mask) != n->mark.val) { | 146 | if ((skb->mark & n->mark.mask) != n->mark.val) { |
147 | n = n->next; | 147 | n = n->next; |
148 | goto next_knode; | 148 | goto next_knode; |
149 | } else { | 149 | } else { |
diff --git a/net/sched/em_meta.c b/net/sched/em_meta.c index 61e3b740ab1a..d3ff3503326a 100644 --- a/net/sched/em_meta.c +++ b/net/sched/em_meta.c | |||
@@ -208,13 +208,9 @@ META_COLLECTOR(int_maclen) | |||
208 | * Netfilter | 208 | * Netfilter |
209 | **************************************************************************/ | 209 | **************************************************************************/ |
210 | 210 | ||
211 | META_COLLECTOR(int_nfmark) | 211 | META_COLLECTOR(int_mark) |
212 | { | 212 | { |
213 | #ifdef CONFIG_NETFILTER | 213 | dst->value = skb->mark; |
214 | dst->value = skb->nfmark; | ||
215 | #else | ||
216 | dst->value = 0; | ||
217 | #endif | ||
218 | } | 214 | } |
219 | 215 | ||
220 | /************************************************************************** | 216 | /************************************************************************** |
@@ -490,7 +486,7 @@ static struct meta_ops __meta_ops[TCF_META_TYPE_MAX+1][TCF_META_ID_MAX+1] = { | |||
490 | [META_ID(PKTLEN)] = META_FUNC(int_pktlen), | 486 | [META_ID(PKTLEN)] = META_FUNC(int_pktlen), |
491 | [META_ID(DATALEN)] = META_FUNC(int_datalen), | 487 | [META_ID(DATALEN)] = META_FUNC(int_datalen), |
492 | [META_ID(MACLEN)] = META_FUNC(int_maclen), | 488 | [META_ID(MACLEN)] = META_FUNC(int_maclen), |
493 | [META_ID(NFMARK)] = META_FUNC(int_nfmark), | 489 | [META_ID(NFMARK)] = META_FUNC(int_mark), |
494 | [META_ID(TCINDEX)] = META_FUNC(int_tcindex), | 490 | [META_ID(TCINDEX)] = META_FUNC(int_tcindex), |
495 | [META_ID(RTCLASSID)] = META_FUNC(int_rtclassid), | 491 | [META_ID(RTCLASSID)] = META_FUNC(int_rtclassid), |
496 | [META_ID(RTIIF)] = META_FUNC(int_rtiif), | 492 | [META_ID(RTIIF)] = META_FUNC(int_rtiif), |