aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--MAINTAINERS8
-rw-r--r--drivers/bluetooth/bcm203x.c17
-rw-r--r--include/net/bluetooth/hci_core.h17
-rw-r--r--include/net/inetpeer.h17
-rw-r--r--net/bluetooth/af_bluetooth.c38
-rw-r--r--net/bluetooth/bnep/core.c4
-rw-r--r--net/bluetooth/bnep/sock.c69
-rw-r--r--net/bluetooth/cmtp/sock.c35
-rw-r--r--net/bluetooth/hci_conn.c6
-rw-r--r--net/bluetooth/hci_event.c15
-rw-r--r--net/bluetooth/hci_sock.c2
-rw-r--r--net/bluetooth/hci_sysfs.c17
-rw-r--r--net/bluetooth/hidp/core.c8
-rw-r--r--net/bluetooth/hidp/sock.c80
-rw-r--r--net/bluetooth/l2cap.c5
-rw-r--r--net/bluetooth/rfcomm/core.c3
-rw-r--r--net/bluetooth/rfcomm/sock.c6
-rw-r--r--net/bluetooth/rfcomm/tty.c7
-rw-r--r--net/bluetooth/sco.c6
-rw-r--r--net/bridge/br_fdb.c7
-rw-r--r--net/bridge/br_if.c4
-rw-r--r--net/bridge/br_private.h2
-rw-r--r--net/bridge/br_stp_if.c2
-rw-r--r--net/decnet/dn_route.c2
-rw-r--r--net/ipv4/cipso_ipv4.c22
-rw-r--r--net/ipv4/inetpeer.c29
-rw-r--r--net/ipv4/netfilter/arp_tables.c2
-rw-r--r--net/ipv4/netfilter/ip_conntrack_netlink.c72
-rw-r--r--net/ipv4/netfilter/ipt_ECN.c6
-rw-r--r--net/ipv4/netfilter/ipt_TOS.c6
-rw-r--r--net/ipv6/fib6_rules.c11
-rw-r--r--net/ipv6/ndisc.c2
-rw-r--r--net/ipv6/route.c19
-rw-r--r--net/ipv6/sit.c1
-rw-r--r--net/netfilter/Kconfig4
-rw-r--r--net/netfilter/nf_conntrack_netlink.c72
-rw-r--r--net/netfilter/xt_NFQUEUE.c2
-rw-r--r--net/netfilter/xt_connmark.c2
-rw-r--r--net/xfrm/xfrm_state.c17
-rw-r--r--security/selinux/ss/ebitmap.c8
-rw-r--r--security/selinux/ss/mls.c17
-rw-r--r--security/selinux/ss/services.c18
42 files changed, 405 insertions, 282 deletions
diff --git a/MAINTAINERS b/MAINTAINERS
index a2b6d9fa3502..208da3c320c7 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -2049,11 +2049,13 @@ P: Marc Boucher
2049P: James Morris 2049P: James Morris
2050P: Harald Welte 2050P: Harald Welte
2051P: Jozsef Kadlecsik 2051P: Jozsef Kadlecsik
2052M: coreteam@netfilter.org 2052P: Patrick McHardy
2053M: kaber@trash.net
2054L: netfilter-devel@lists.netfilter.org
2055L: netfilter@lists.netfilter.org
2056L: coreteam@netfilter.org
2053W: http://www.netfilter.org/ 2057W: http://www.netfilter.org/
2054W: http://www.iptables.org/ 2058W: http://www.iptables.org/
2055L: netfilter@lists.netfilter.org
2056L: netfilter-devel@lists.netfilter.org
2057S: Supported 2059S: Supported
2058 2060
2059NETLABEL 2061NETLABEL
diff --git a/drivers/bluetooth/bcm203x.c b/drivers/bluetooth/bcm203x.c
index 67cdda43f229..516751754aa9 100644
--- a/drivers/bluetooth/bcm203x.c
+++ b/drivers/bluetooth/bcm203x.c
@@ -29,7 +29,6 @@
29#include <linux/slab.h> 29#include <linux/slab.h>
30#include <linux/types.h> 30#include <linux/types.h>
31#include <linux/errno.h> 31#include <linux/errno.h>
32#include <linux/timer.h>
33 32
34#include <linux/device.h> 33#include <linux/device.h>
35#include <linux/firmware.h> 34#include <linux/firmware.h>
@@ -43,7 +42,7 @@
43#define BT_DBG(D...) 42#define BT_DBG(D...)
44#endif 43#endif
45 44
46#define VERSION "1.0" 45#define VERSION "1.1"
47 46
48static int ignore = 0; 47static int ignore = 0;
49 48
@@ -72,7 +71,7 @@ struct bcm203x_data {
72 71
73 unsigned long state; 72 unsigned long state;
74 73
75 struct timer_list timer; 74 struct work_struct work;
76 75
77 struct urb *urb; 76 struct urb *urb;
78 unsigned char *buffer; 77 unsigned char *buffer;
@@ -105,7 +104,7 @@ static void bcm203x_complete(struct urb *urb)
105 104
106 data->state = BCM203X_SELECT_MEMORY; 105 data->state = BCM203X_SELECT_MEMORY;
107 106
108 mod_timer(&data->timer, jiffies + (HZ / 10)); 107 schedule_work(&data->work);
109 break; 108 break;
110 109
111 case BCM203X_SELECT_MEMORY: 110 case BCM203X_SELECT_MEMORY:
@@ -158,9 +157,9 @@ static void bcm203x_complete(struct urb *urb)
158 } 157 }
159} 158}
160 159
161static void bcm203x_timer(unsigned long user_data) 160static void bcm203x_work(void *user_data)
162{ 161{
163 struct bcm203x_data *data = (struct bcm203x_data *) user_data; 162 struct bcm203x_data *data = user_data;
164 163
165 if (usb_submit_urb(data->urb, GFP_ATOMIC) < 0) 164 if (usb_submit_urb(data->urb, GFP_ATOMIC) < 0)
166 BT_ERR("Can't submit URB"); 165 BT_ERR("Can't submit URB");
@@ -247,13 +246,11 @@ static int bcm203x_probe(struct usb_interface *intf, const struct usb_device_id
247 246
248 release_firmware(firmware); 247 release_firmware(firmware);
249 248
250 init_timer(&data->timer); 249 INIT_WORK(&data->work, bcm203x_work, (void *) data);
251 data->timer.function = bcm203x_timer;
252 data->timer.data = (unsigned long) data;
253 250
254 usb_set_intfdata(intf, data); 251 usb_set_intfdata(intf, data);
255 252
256 mod_timer(&data->timer, jiffies + HZ); 253 schedule_work(&data->work);
257 254
258 return 0; 255 return 0;
259} 256}
diff --git a/include/net/bluetooth/hci_core.h b/include/net/bluetooth/hci_core.h
index df22efcfcc0b..c0fc39620f36 100644
--- a/include/net/bluetooth/hci_core.h
+++ b/include/net/bluetooth/hci_core.h
@@ -153,6 +153,7 @@ struct hci_conn {
153 __u8 mode; 153 __u8 mode;
154 __u8 type; 154 __u8 type;
155 __u8 out; 155 __u8 out;
156 __u8 attempt;
156 __u8 dev_class[3]; 157 __u8 dev_class[3];
157 __u8 features[8]; 158 __u8 features[8];
158 __u16 interval; 159 __u16 interval;
@@ -289,6 +290,22 @@ static inline struct hci_conn *hci_conn_hash_lookup_ba(struct hci_dev *hdev,
289 return NULL; 290 return NULL;
290} 291}
291 292
293static inline struct hci_conn *hci_conn_hash_lookup_state(struct hci_dev *hdev,
294 __u8 type, __u16 state)
295{
296 struct hci_conn_hash *h = &hdev->conn_hash;
297 struct list_head *p;
298 struct hci_conn *c;
299
300 list_for_each(p, &h->list) {
301 c = list_entry(p, struct hci_conn, list);
302 if (c->type == type && c->state == state)
303 return c;
304 }
305 return NULL;
306}
307
308void hci_acl_connect(struct hci_conn *conn);
292void hci_acl_disconn(struct hci_conn *conn, __u8 reason); 309void hci_acl_disconn(struct hci_conn *conn, __u8 reason);
293void hci_add_sco(struct hci_conn *conn, __u16 handle); 310void hci_add_sco(struct hci_conn *conn, __u16 handle);
294 311
diff --git a/include/net/inetpeer.h b/include/net/inetpeer.h
index 925573fd2aed..f13cc0c2b163 100644
--- a/include/net/inetpeer.h
+++ b/include/net/inetpeer.h
@@ -19,7 +19,7 @@ struct inet_peer
19{ 19{
20 struct inet_peer *avl_left, *avl_right; 20 struct inet_peer *avl_left, *avl_right;
21 struct inet_peer *unused_next, **unused_prevp; 21 struct inet_peer *unused_next, **unused_prevp;
22 unsigned long dtime; /* the time of last use of not 22 __u32 dtime; /* the time of last use of not
23 * referenced entries */ 23 * referenced entries */
24 atomic_t refcnt; 24 atomic_t refcnt;
25 __be32 v4daddr; /* peer's address */ 25 __be32 v4daddr; /* peer's address */
@@ -35,21 +35,8 @@ void inet_initpeers(void) __init;
35/* can be called with or without local BH being disabled */ 35/* can be called with or without local BH being disabled */
36struct inet_peer *inet_getpeer(__be32 daddr, int create); 36struct inet_peer *inet_getpeer(__be32 daddr, int create);
37 37
38extern spinlock_t inet_peer_unused_lock;
39extern struct inet_peer **inet_peer_unused_tailp;
40/* can be called from BH context or outside */ 38/* can be called from BH context or outside */
41static inline void inet_putpeer(struct inet_peer *p) 39extern void inet_putpeer(struct inet_peer *p);
42{
43 spin_lock_bh(&inet_peer_unused_lock);
44 if (atomic_dec_and_test(&p->refcnt)) {
45 p->unused_prevp = inet_peer_unused_tailp;
46 p->unused_next = NULL;
47 *inet_peer_unused_tailp = p;
48 inet_peer_unused_tailp = &p->unused_next;
49 p->dtime = jiffies;
50 }
51 spin_unlock_bh(&inet_peer_unused_lock);
52}
53 40
54extern spinlock_t inet_peer_idlock; 41extern spinlock_t inet_peer_idlock;
55/* can be called with or without local BH being disabled */ 42/* can be called with or without local BH being disabled */
diff --git a/net/bluetooth/af_bluetooth.c b/net/bluetooth/af_bluetooth.c
index 305a099b7477..67df99e2e5c8 100644
--- a/net/bluetooth/af_bluetooth.c
+++ b/net/bluetooth/af_bluetooth.c
@@ -48,41 +48,56 @@
48#define BT_DBG(D...) 48#define BT_DBG(D...)
49#endif 49#endif
50 50
51#define VERSION "2.10" 51#define VERSION "2.11"
52 52
53/* Bluetooth sockets */ 53/* Bluetooth sockets */
54#define BT_MAX_PROTO 8 54#define BT_MAX_PROTO 8
55static struct net_proto_family *bt_proto[BT_MAX_PROTO]; 55static struct net_proto_family *bt_proto[BT_MAX_PROTO];
56static DEFINE_RWLOCK(bt_proto_lock);
56 57
57int bt_sock_register(int proto, struct net_proto_family *ops) 58int bt_sock_register(int proto, struct net_proto_family *ops)
58{ 59{
60 int err = 0;
61
59 if (proto < 0 || proto >= BT_MAX_PROTO) 62 if (proto < 0 || proto >= BT_MAX_PROTO)
60 return -EINVAL; 63 return -EINVAL;
61 64
65 write_lock(&bt_proto_lock);
66
62 if (bt_proto[proto]) 67 if (bt_proto[proto])
63 return -EEXIST; 68 err = -EEXIST;
69 else
70 bt_proto[proto] = ops;
64 71
65 bt_proto[proto] = ops; 72 write_unlock(&bt_proto_lock);
66 return 0; 73
74 return err;
67} 75}
68EXPORT_SYMBOL(bt_sock_register); 76EXPORT_SYMBOL(bt_sock_register);
69 77
70int bt_sock_unregister(int proto) 78int bt_sock_unregister(int proto)
71{ 79{
80 int err = 0;
81
72 if (proto < 0 || proto >= BT_MAX_PROTO) 82 if (proto < 0 || proto >= BT_MAX_PROTO)
73 return -EINVAL; 83 return -EINVAL;
74 84
85 write_lock(&bt_proto_lock);
86
75 if (!bt_proto[proto]) 87 if (!bt_proto[proto])
76 return -ENOENT; 88 err = -ENOENT;
89 else
90 bt_proto[proto] = NULL;
77 91
78 bt_proto[proto] = NULL; 92 write_unlock(&bt_proto_lock);
79 return 0; 93
94 return err;
80} 95}
81EXPORT_SYMBOL(bt_sock_unregister); 96EXPORT_SYMBOL(bt_sock_unregister);
82 97
83static int bt_sock_create(struct socket *sock, int proto) 98static int bt_sock_create(struct socket *sock, int proto)
84{ 99{
85 int err = 0; 100 int err;
86 101
87 if (proto < 0 || proto >= BT_MAX_PROTO) 102 if (proto < 0 || proto >= BT_MAX_PROTO)
88 return -EINVAL; 103 return -EINVAL;
@@ -92,11 +107,18 @@ static int bt_sock_create(struct socket *sock, int proto)
92 request_module("bt-proto-%d", proto); 107 request_module("bt-proto-%d", proto);
93 } 108 }
94#endif 109#endif
110
95 err = -EPROTONOSUPPORT; 111 err = -EPROTONOSUPPORT;
112
113 read_lock(&bt_proto_lock);
114
96 if (bt_proto[proto] && try_module_get(bt_proto[proto]->owner)) { 115 if (bt_proto[proto] && try_module_get(bt_proto[proto]->owner)) {
97 err = bt_proto[proto]->create(sock, proto); 116 err = bt_proto[proto]->create(sock, proto);
98 module_put(bt_proto[proto]->owner); 117 module_put(bt_proto[proto]->owner);
99 } 118 }
119
120 read_unlock(&bt_proto_lock);
121
100 return err; 122 return err;
101} 123}
102 124
diff --git a/net/bluetooth/bnep/core.c b/net/bluetooth/bnep/core.c
index 2312d050eeed..4d3424c2421c 100644
--- a/net/bluetooth/bnep/core.c
+++ b/net/bluetooth/bnep/core.c
@@ -528,12 +528,10 @@ static struct device *bnep_get_device(struct bnep_session *session)
528 return NULL; 528 return NULL;
529 529
530 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst); 530 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst);
531 if (!conn)
532 return NULL;
533 531
534 hci_dev_put(hdev); 532 hci_dev_put(hdev);
535 533
536 return &conn->dev; 534 return conn ? &conn->dev : NULL;
537} 535}
538 536
539int bnep_add_connection(struct bnep_connadd_req *req, struct socket *sock) 537int bnep_add_connection(struct bnep_connadd_req *req, struct socket *sock)
diff --git a/net/bluetooth/bnep/sock.c b/net/bluetooth/bnep/sock.c
index 28c55835422a..5563db1bf526 100644
--- a/net/bluetooth/bnep/sock.c
+++ b/net/bluetooth/bnep/sock.c
@@ -43,6 +43,7 @@
43#include <linux/ioctl.h> 43#include <linux/ioctl.h>
44#include <linux/file.h> 44#include <linux/file.h>
45#include <linux/init.h> 45#include <linux/init.h>
46#include <linux/compat.h>
46#include <net/sock.h> 47#include <net/sock.h>
47 48
48#include <asm/system.h> 49#include <asm/system.h>
@@ -146,24 +147,56 @@ static int bnep_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long
146 return 0; 147 return 0;
147} 148}
148 149
150#ifdef CONFIG_COMPAT
151static int bnep_sock_compat_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
152{
153 if (cmd == BNEPGETCONNLIST) {
154 struct bnep_connlist_req cl;
155 uint32_t uci;
156 int err;
157
158 if (get_user(cl.cnum, (uint32_t __user *) arg) ||
159 get_user(uci, (u32 __user *) (arg + 4)))
160 return -EFAULT;
161
162 cl.ci = compat_ptr(uci);
163
164 if (cl.cnum <= 0)
165 return -EINVAL;
166
167 err = bnep_get_connlist(&cl);
168
169 if (!err && put_user(cl.cnum, (uint32_t __user *) arg))
170 err = -EFAULT;
171
172 return err;
173 }
174
175 return bnep_sock_ioctl(sock, cmd, arg);
176}
177#endif
178
149static const struct proto_ops bnep_sock_ops = { 179static const struct proto_ops bnep_sock_ops = {
150 .family = PF_BLUETOOTH, 180 .family = PF_BLUETOOTH,
151 .owner = THIS_MODULE, 181 .owner = THIS_MODULE,
152 .release = bnep_sock_release, 182 .release = bnep_sock_release,
153 .ioctl = bnep_sock_ioctl, 183 .ioctl = bnep_sock_ioctl,
154 .bind = sock_no_bind, 184#ifdef CONFIG_COMPAT
155 .getname = sock_no_getname, 185 .compat_ioctl = bnep_sock_compat_ioctl,
156 .sendmsg = sock_no_sendmsg, 186#endif
157 .recvmsg = sock_no_recvmsg, 187 .bind = sock_no_bind,
158 .poll = sock_no_poll, 188 .getname = sock_no_getname,
159 .listen = sock_no_listen, 189 .sendmsg = sock_no_sendmsg,
160 .shutdown = sock_no_shutdown, 190 .recvmsg = sock_no_recvmsg,
161 .setsockopt = sock_no_setsockopt, 191 .poll = sock_no_poll,
162 .getsockopt = sock_no_getsockopt, 192 .listen = sock_no_listen,
163 .connect = sock_no_connect, 193 .shutdown = sock_no_shutdown,
164 .socketpair = sock_no_socketpair, 194 .setsockopt = sock_no_setsockopt,
165 .accept = sock_no_accept, 195 .getsockopt = sock_no_getsockopt,
166 .mmap = sock_no_mmap 196 .connect = sock_no_connect,
197 .socketpair = sock_no_socketpair,
198 .accept = sock_no_accept,
199 .mmap = sock_no_mmap
167}; 200};
168 201
169static struct proto bnep_proto = { 202static struct proto bnep_proto = {
@@ -181,7 +214,7 @@ static int bnep_sock_create(struct socket *sock, int protocol)
181 if (sock->type != SOCK_RAW) 214 if (sock->type != SOCK_RAW)
182 return -ESOCKTNOSUPPORT; 215 return -ESOCKTNOSUPPORT;
183 216
184 sk = sk_alloc(PF_BLUETOOTH, GFP_KERNEL, &bnep_proto, 1); 217 sk = sk_alloc(PF_BLUETOOTH, GFP_ATOMIC, &bnep_proto, 1);
185 if (!sk) 218 if (!sk)
186 return -ENOMEM; 219 return -ENOMEM;
187 220
diff --git a/net/bluetooth/cmtp/sock.c b/net/bluetooth/cmtp/sock.c
index 10ad7fd91d83..53295d33dc5c 100644
--- a/net/bluetooth/cmtp/sock.c
+++ b/net/bluetooth/cmtp/sock.c
@@ -34,6 +34,7 @@
34#include <linux/socket.h> 34#include <linux/socket.h>
35#include <linux/ioctl.h> 35#include <linux/ioctl.h>
36#include <linux/file.h> 36#include <linux/file.h>
37#include <linux/compat.h>
37#include <net/sock.h> 38#include <net/sock.h>
38 39
39#include <linux/isdn/capilli.h> 40#include <linux/isdn/capilli.h>
@@ -137,11 +138,43 @@ static int cmtp_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long
137 return -EINVAL; 138 return -EINVAL;
138} 139}
139 140
141#ifdef CONFIG_COMPAT
142static int cmtp_sock_compat_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
143{
144 if (cmd == CMTPGETCONNLIST) {
145 struct cmtp_connlist_req cl;
146 uint32_t uci;
147 int err;
148
149 if (get_user(cl.cnum, (uint32_t __user *) arg) ||
150 get_user(uci, (u32 __user *) (arg + 4)))
151 return -EFAULT;
152
153 cl.ci = compat_ptr(uci);
154
155 if (cl.cnum <= 0)
156 return -EINVAL;
157
158 err = cmtp_get_connlist(&cl);
159
160 if (!err && put_user(cl.cnum, (uint32_t __user *) arg))
161 err = -EFAULT;
162
163 return err;
164 }
165
166 return cmtp_sock_ioctl(sock, cmd, arg);
167}
168#endif
169
140static const struct proto_ops cmtp_sock_ops = { 170static const struct proto_ops cmtp_sock_ops = {
141 .family = PF_BLUETOOTH, 171 .family = PF_BLUETOOTH,
142 .owner = THIS_MODULE, 172 .owner = THIS_MODULE,
143 .release = cmtp_sock_release, 173 .release = cmtp_sock_release,
144 .ioctl = cmtp_sock_ioctl, 174 .ioctl = cmtp_sock_ioctl,
175#ifdef CONFIG_COMPAT
176 .compat_ioctl = cmtp_sock_compat_ioctl,
177#endif
145 .bind = sock_no_bind, 178 .bind = sock_no_bind,
146 .getname = sock_no_getname, 179 .getname = sock_no_getname,
147 .sendmsg = sock_no_sendmsg, 180 .sendmsg = sock_no_sendmsg,
@@ -172,7 +205,7 @@ static int cmtp_sock_create(struct socket *sock, int protocol)
172 if (sock->type != SOCK_RAW) 205 if (sock->type != SOCK_RAW)
173 return -ESOCKTNOSUPPORT; 206 return -ESOCKTNOSUPPORT;
174 207
175 sk = sk_alloc(PF_BLUETOOTH, GFP_KERNEL, &cmtp_proto, 1); 208 sk = sk_alloc(PF_BLUETOOTH, GFP_ATOMIC, &cmtp_proto, 1);
176 if (!sk) 209 if (!sk)
177 return -ENOMEM; 210 return -ENOMEM;
178 211
diff --git a/net/bluetooth/hci_conn.c b/net/bluetooth/hci_conn.c
index 90e3a285a17e..6cd5711fa28a 100644
--- a/net/bluetooth/hci_conn.c
+++ b/net/bluetooth/hci_conn.c
@@ -51,7 +51,7 @@
51#define BT_DBG(D...) 51#define BT_DBG(D...)
52#endif 52#endif
53 53
54static void hci_acl_connect(struct hci_conn *conn) 54void hci_acl_connect(struct hci_conn *conn)
55{ 55{
56 struct hci_dev *hdev = conn->hdev; 56 struct hci_dev *hdev = conn->hdev;
57 struct inquiry_entry *ie; 57 struct inquiry_entry *ie;
@@ -63,6 +63,8 @@ static void hci_acl_connect(struct hci_conn *conn)
63 conn->out = 1; 63 conn->out = 1;
64 conn->link_mode = HCI_LM_MASTER; 64 conn->link_mode = HCI_LM_MASTER;
65 65
66 conn->attempt++;
67
66 memset(&cp, 0, sizeof(cp)); 68 memset(&cp, 0, sizeof(cp));
67 bacpy(&cp.bdaddr, &conn->dst); 69 bacpy(&cp.bdaddr, &conn->dst);
68 cp.pscan_rep_mode = 0x02; 70 cp.pscan_rep_mode = 0x02;
@@ -80,7 +82,7 @@ static void hci_acl_connect(struct hci_conn *conn)
80 cp.role_switch = 0x01; 82 cp.role_switch = 0x01;
81 else 83 else
82 cp.role_switch = 0x00; 84 cp.role_switch = 0x00;
83 85
84 hci_send_cmd(hdev, OGF_LINK_CTL, OCF_CREATE_CONN, sizeof(cp), &cp); 86 hci_send_cmd(hdev, OGF_LINK_CTL, OCF_CREATE_CONN, sizeof(cp), &cp);
85} 87}
86 88
diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
index d43d0c890975..65f094845719 100644
--- a/net/bluetooth/hci_event.c
+++ b/net/bluetooth/hci_event.c
@@ -414,9 +414,12 @@ static inline void hci_cs_create_conn(struct hci_dev *hdev, __u8 status)
414 414
415 if (status) { 415 if (status) {
416 if (conn && conn->state == BT_CONNECT) { 416 if (conn && conn->state == BT_CONNECT) {
417 conn->state = BT_CLOSED; 417 if (status != 0x0c || conn->attempt > 2) {
418 hci_proto_connect_cfm(conn, status); 418 conn->state = BT_CLOSED;
419 hci_conn_del(conn); 419 hci_proto_connect_cfm(conn, status);
420 hci_conn_del(conn);
421 } else
422 conn->state = BT_CONNECT2;
420 } 423 }
421 } else { 424 } else {
422 if (!conn) { 425 if (!conn) {
@@ -728,7 +731,7 @@ static inline void hci_conn_request_evt(struct hci_dev *hdev, struct sk_buff *sk
728static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb) 731static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *skb)
729{ 732{
730 struct hci_ev_conn_complete *ev = (struct hci_ev_conn_complete *) skb->data; 733 struct hci_ev_conn_complete *ev = (struct hci_ev_conn_complete *) skb->data;
731 struct hci_conn *conn; 734 struct hci_conn *conn, *pend;
732 735
733 BT_DBG("%s", hdev->name); 736 BT_DBG("%s", hdev->name);
734 737
@@ -801,6 +804,10 @@ static inline void hci_conn_complete_evt(struct hci_dev *hdev, struct sk_buff *s
801 if (ev->status) 804 if (ev->status)
802 hci_conn_del(conn); 805 hci_conn_del(conn);
803 806
807 pend = hci_conn_hash_lookup_state(hdev, ACL_LINK, BT_CONNECT2);
808 if (pend)
809 hci_acl_connect(pend);
810
804 hci_dev_unlock(hdev); 811 hci_dev_unlock(hdev);
805} 812}
806 813
diff --git a/net/bluetooth/hci_sock.c b/net/bluetooth/hci_sock.c
index 1a35d343e08a..f26a9eb49945 100644
--- a/net/bluetooth/hci_sock.c
+++ b/net/bluetooth/hci_sock.c
@@ -618,7 +618,7 @@ static int hci_sock_create(struct socket *sock, int protocol)
618 618
619 sock->ops = &hci_sock_ops; 619 sock->ops = &hci_sock_ops;
620 620
621 sk = sk_alloc(PF_BLUETOOTH, GFP_KERNEL, &hci_sk_proto, 1); 621 sk = sk_alloc(PF_BLUETOOTH, GFP_ATOMIC, &hci_sk_proto, 1);
622 if (!sk) 622 if (!sk)
623 return -ENOMEM; 623 return -ENOMEM;
624 624
diff --git a/net/bluetooth/hci_sysfs.c b/net/bluetooth/hci_sysfs.c
index 989b22d9042e..954eb74eb370 100644
--- a/net/bluetooth/hci_sysfs.c
+++ b/net/bluetooth/hci_sysfs.c
@@ -242,10 +242,14 @@ static void add_conn(void *data)
242 struct hci_conn *conn = data; 242 struct hci_conn *conn = data;
243 int i; 243 int i;
244 244
245 device_register(&conn->dev); 245 if (device_register(&conn->dev) < 0) {
246 BT_ERR("Failed to register connection device");
247 return;
248 }
246 249
247 for (i = 0; conn_attrs[i]; i++) 250 for (i = 0; conn_attrs[i]; i++)
248 device_create_file(&conn->dev, conn_attrs[i]); 251 if (device_create_file(&conn->dev, conn_attrs[i]) < 0)
252 BT_ERR("Failed to create connection attribute");
249} 253}
250 254
251void hci_conn_add_sysfs(struct hci_conn *conn) 255void hci_conn_add_sysfs(struct hci_conn *conn)
@@ -295,11 +299,7 @@ int hci_register_sysfs(struct hci_dev *hdev)
295 BT_DBG("%p name %s type %d", hdev, hdev->name, hdev->type); 299 BT_DBG("%p name %s type %d", hdev, hdev->name, hdev->type);
296 300
297 dev->class = bt_class; 301 dev->class = bt_class;
298 302 dev->parent = hdev->parent;
299 if (hdev->parent)
300 dev->parent = hdev->parent;
301 else
302 dev->parent = &bt_platform->dev;
303 303
304 strlcpy(dev->bus_id, hdev->name, BUS_ID_SIZE); 304 strlcpy(dev->bus_id, hdev->name, BUS_ID_SIZE);
305 305
@@ -312,7 +312,8 @@ int hci_register_sysfs(struct hci_dev *hdev)
312 return err; 312 return err;
313 313
314 for (i = 0; bt_attrs[i]; i++) 314 for (i = 0; bt_attrs[i]; i++)
315 device_create_file(dev, bt_attrs[i]); 315 if (device_create_file(dev, bt_attrs[i]) < 0)
316 BT_ERR("Failed to create device attribute");
316 317
317 return 0; 318 return 0;
318} 319}
diff --git a/net/bluetooth/hidp/core.c b/net/bluetooth/hidp/core.c
index 03b5dadb4951..9a562cf7406b 100644
--- a/net/bluetooth/hidp/core.c
+++ b/net/bluetooth/hidp/core.c
@@ -510,11 +510,11 @@ static int hidp_session(void *arg)
510 if (intr_sk->sk_state != BT_CONNECTED) 510 if (intr_sk->sk_state != BT_CONNECTED)
511 wait_event_timeout(*(ctrl_sk->sk_sleep), (ctrl_sk->sk_state == BT_CLOSED), HZ); 511 wait_event_timeout(*(ctrl_sk->sk_sleep), (ctrl_sk->sk_state == BT_CLOSED), HZ);
512 512
513 fput(session->ctrl_sock->file); 513 fput(session->intr_sock->file);
514 514
515 wait_event_timeout(*(intr_sk->sk_sleep), (intr_sk->sk_state == BT_CLOSED), HZ); 515 wait_event_timeout(*(intr_sk->sk_sleep), (intr_sk->sk_state == BT_CLOSED), HZ);
516 516
517 fput(session->intr_sock->file); 517 fput(session->ctrl_sock->file);
518 518
519 __hidp_unlink_session(session); 519 __hidp_unlink_session(session);
520 520
@@ -541,12 +541,10 @@ static struct device *hidp_get_device(struct hidp_session *session)
541 return NULL; 541 return NULL;
542 542
543 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst); 543 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst);
544 if (!conn)
545 return NULL;
546 544
547 hci_dev_put(hdev); 545 hci_dev_put(hdev);
548 546
549 return &conn->dev; 547 return conn ? &conn->dev : NULL;
550} 548}
551 549
552static inline void hidp_setup_input(struct hidp_session *session, struct hidp_connadd_req *req) 550static inline void hidp_setup_input(struct hidp_session *session, struct hidp_connadd_req *req)
diff --git a/net/bluetooth/hidp/sock.c b/net/bluetooth/hidp/sock.c
index 099646e4e2ef..407fba43c1b9 100644
--- a/net/bluetooth/hidp/sock.c
+++ b/net/bluetooth/hidp/sock.c
@@ -35,6 +35,7 @@
35#include <linux/ioctl.h> 35#include <linux/ioctl.h>
36#include <linux/file.h> 36#include <linux/file.h>
37#include <linux/init.h> 37#include <linux/init.h>
38#include <linux/compat.h>
38#include <net/sock.h> 39#include <net/sock.h>
39 40
40#include "hidp.h" 41#include "hidp.h"
@@ -143,11 +144,88 @@ static int hidp_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long
143 return -EINVAL; 144 return -EINVAL;
144} 145}
145 146
147#ifdef CONFIG_COMPAT
148struct compat_hidp_connadd_req {
149 int ctrl_sock; // Connected control socket
150 int intr_sock; // Connteted interrupt socket
151 __u16 parser;
152 __u16 rd_size;
153 compat_uptr_t rd_data;
154 __u8 country;
155 __u8 subclass;
156 __u16 vendor;
157 __u16 product;
158 __u16 version;
159 __u32 flags;
160 __u32 idle_to;
161 char name[128];
162};
163
164static int hidp_sock_compat_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
165{
166 if (cmd == HIDPGETCONNLIST) {
167 struct hidp_connlist_req cl;
168 uint32_t uci;
169 int err;
170
171 if (get_user(cl.cnum, (uint32_t __user *) arg) ||
172 get_user(uci, (u32 __user *) (arg + 4)))
173 return -EFAULT;
174
175 cl.ci = compat_ptr(uci);
176
177 if (cl.cnum <= 0)
178 return -EINVAL;
179
180 err = hidp_get_connlist(&cl);
181
182 if (!err && put_user(cl.cnum, (uint32_t __user *) arg))
183 err = -EFAULT;
184
185 return err;
186 } else if (cmd == HIDPCONNADD) {
187 struct compat_hidp_connadd_req ca;
188 struct hidp_connadd_req __user *uca;
189
190 uca = compat_alloc_user_space(sizeof(*uca));
191
192 if (copy_from_user(&ca, (void *) arg, sizeof(ca)))
193 return -EFAULT;
194
195 if (put_user(ca.ctrl_sock, &uca->ctrl_sock) ||
196 put_user(ca.intr_sock, &uca->intr_sock) ||
197 put_user(ca.parser, &uca->parser) ||
198 put_user(ca.rd_size, &uca->parser) ||
199 put_user(compat_ptr(ca.rd_data), &uca->rd_data) ||
200 put_user(ca.country, &uca->country) ||
201 put_user(ca.subclass, &uca->subclass) ||
202 put_user(ca.vendor, &uca->vendor) ||
203 put_user(ca.product, &uca->product) ||
204 put_user(ca.version, &uca->version) ||
205 put_user(ca.flags, &uca->flags) ||
206 put_user(ca.idle_to, &uca->idle_to) ||
207 copy_to_user(&uca->name[0], &ca.name[0], 128))
208 return -EFAULT;
209
210 arg = (unsigned long) uca;
211
212 /* Fall through. We don't actually write back any _changes_
213 to the structure anyway, so there's no need to copy back
214 into the original compat version */
215 }
216
217 return hidp_sock_ioctl(sock, cmd, arg);
218}
219#endif
220
146static const struct proto_ops hidp_sock_ops = { 221static const struct proto_ops hidp_sock_ops = {
147 .family = PF_BLUETOOTH, 222 .family = PF_BLUETOOTH,
148 .owner = THIS_MODULE, 223 .owner = THIS_MODULE,
149 .release = hidp_sock_release, 224 .release = hidp_sock_release,
150 .ioctl = hidp_sock_ioctl, 225 .ioctl = hidp_sock_ioctl,
226#ifdef CONFIG_COMPAT
227 .compat_ioctl = hidp_sock_compat_ioctl,
228#endif
151 .bind = sock_no_bind, 229 .bind = sock_no_bind,
152 .getname = sock_no_getname, 230 .getname = sock_no_getname,
153 .sendmsg = sock_no_sendmsg, 231 .sendmsg = sock_no_sendmsg,
@@ -178,7 +256,7 @@ static int hidp_sock_create(struct socket *sock, int protocol)
178 if (sock->type != SOCK_RAW) 256 if (sock->type != SOCK_RAW)
179 return -ESOCKTNOSUPPORT; 257 return -ESOCKTNOSUPPORT;
180 258
181 sk = sk_alloc(PF_BLUETOOTH, GFP_KERNEL, &hidp_proto, 1); 259 sk = sk_alloc(PF_BLUETOOTH, GFP_ATOMIC, &hidp_proto, 1);
182 if (!sk) 260 if (!sk)
183 return -ENOMEM; 261 return -ENOMEM;
184 262
diff --git a/net/bluetooth/l2cap.c b/net/bluetooth/l2cap.c
index d56f60b392ac..2b3dcb8f90fa 100644
--- a/net/bluetooth/l2cap.c
+++ b/net/bluetooth/l2cap.c
@@ -559,7 +559,7 @@ static int l2cap_sock_create(struct socket *sock, int protocol)
559 559
560 sock->ops = &l2cap_sock_ops; 560 sock->ops = &l2cap_sock_ops;
561 561
562 sk = l2cap_sock_alloc(sock, protocol, GFP_KERNEL); 562 sk = l2cap_sock_alloc(sock, protocol, GFP_ATOMIC);
563 if (!sk) 563 if (!sk)
564 return -ENOMEM; 564 return -ENOMEM;
565 565
@@ -2216,7 +2216,8 @@ static int __init l2cap_init(void)
2216 goto error; 2216 goto error;
2217 } 2217 }
2218 2218
2219 class_create_file(bt_class, &class_attr_l2cap); 2219 if (class_create_file(bt_class, &class_attr_l2cap) < 0)
2220 BT_ERR("Failed to create L2CAP info file");
2220 2221
2221 BT_INFO("L2CAP ver %s", VERSION); 2222 BT_INFO("L2CAP ver %s", VERSION);
2222 BT_INFO("L2CAP socket layer initialized"); 2223 BT_INFO("L2CAP socket layer initialized");
diff --git a/net/bluetooth/rfcomm/core.c b/net/bluetooth/rfcomm/core.c
index 468df3b953f6..ddc4e9d5963e 100644
--- a/net/bluetooth/rfcomm/core.c
+++ b/net/bluetooth/rfcomm/core.c
@@ -2058,7 +2058,8 @@ static int __init rfcomm_init(void)
2058 2058
2059 kernel_thread(rfcomm_run, NULL, CLONE_KERNEL); 2059 kernel_thread(rfcomm_run, NULL, CLONE_KERNEL);
2060 2060
2061 class_create_file(bt_class, &class_attr_rfcomm_dlc); 2061 if (class_create_file(bt_class, &class_attr_rfcomm_dlc) < 0)
2062 BT_ERR("Failed to create RFCOMM info file");
2062 2063
2063 rfcomm_init_sockets(); 2064 rfcomm_init_sockets();
2064 2065
diff --git a/net/bluetooth/rfcomm/sock.c b/net/bluetooth/rfcomm/sock.c
index 220fee04e7f2..544d65b7baa7 100644
--- a/net/bluetooth/rfcomm/sock.c
+++ b/net/bluetooth/rfcomm/sock.c
@@ -336,7 +336,8 @@ static int rfcomm_sock_create(struct socket *sock, int protocol)
336 336
337 sock->ops = &rfcomm_sock_ops; 337 sock->ops = &rfcomm_sock_ops;
338 338
339 if (!(sk = rfcomm_sock_alloc(sock, protocol, GFP_KERNEL))) 339 sk = rfcomm_sock_alloc(sock, protocol, GFP_ATOMIC);
340 if (!sk)
340 return -ENOMEM; 341 return -ENOMEM;
341 342
342 rfcomm_sock_init(sk, NULL); 343 rfcomm_sock_init(sk, NULL);
@@ -944,7 +945,8 @@ int __init rfcomm_init_sockets(void)
944 if (err < 0) 945 if (err < 0)
945 goto error; 946 goto error;
946 947
947 class_create_file(bt_class, &class_attr_rfcomm); 948 if (class_create_file(bt_class, &class_attr_rfcomm) < 0)
949 BT_ERR("Failed to create RFCOMM info file");
948 950
949 BT_INFO("RFCOMM socket layer initialized"); 951 BT_INFO("RFCOMM socket layer initialized");
950 952
diff --git a/net/bluetooth/rfcomm/tty.c b/net/bluetooth/rfcomm/tty.c
index 1958ad1b8541..b8e3a5f1c8a8 100644
--- a/net/bluetooth/rfcomm/tty.c
+++ b/net/bluetooth/rfcomm/tty.c
@@ -172,12 +172,10 @@ static struct device *rfcomm_get_device(struct rfcomm_dev *dev)
172 return NULL; 172 return NULL;
173 173
174 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &dev->dst); 174 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &dev->dst);
175 if (!conn)
176 return NULL;
177 175
178 hci_dev_put(hdev); 176 hci_dev_put(hdev);
179 177
180 return &conn->dev; 178 return conn ? &conn->dev : NULL;
181} 179}
182 180
183static int rfcomm_dev_add(struct rfcomm_dev_req *req, struct rfcomm_dlc *dlc) 181static int rfcomm_dev_add(struct rfcomm_dev_req *req, struct rfcomm_dlc *dlc)
@@ -767,6 +765,9 @@ static void rfcomm_tty_set_termios(struct tty_struct *tty, struct termios *old)
767 765
768 BT_DBG("tty %p termios %p", tty, old); 766 BT_DBG("tty %p termios %p", tty, old);
769 767
768 if (!dev)
769 return;
770
770 /* Handle turning off CRTSCTS */ 771 /* Handle turning off CRTSCTS */
771 if ((old->c_cflag & CRTSCTS) && !(new->c_cflag & CRTSCTS)) 772 if ((old->c_cflag & CRTSCTS) && !(new->c_cflag & CRTSCTS))
772 BT_DBG("Turning off CRTSCTS unsupported"); 773 BT_DBG("Turning off CRTSCTS unsupported");
diff --git a/net/bluetooth/sco.c b/net/bluetooth/sco.c
index 7714a2ec3854..5d13d4f31753 100644
--- a/net/bluetooth/sco.c
+++ b/net/bluetooth/sco.c
@@ -452,7 +452,8 @@ static int sco_sock_create(struct socket *sock, int protocol)
452 452
453 sock->ops = &sco_sock_ops; 453 sock->ops = &sco_sock_ops;
454 454
455 if (!(sk = sco_sock_alloc(sock, protocol, GFP_KERNEL))) 455 sk = sco_sock_alloc(sock, protocol, GFP_ATOMIC);
456 if (!sk)
456 return -ENOMEM; 457 return -ENOMEM;
457 458
458 sco_sock_init(sk, NULL); 459 sco_sock_init(sk, NULL);
@@ -967,7 +968,8 @@ static int __init sco_init(void)
967 goto error; 968 goto error;
968 } 969 }
969 970
970 class_create_file(bt_class, &class_attr_sco); 971 if (class_create_file(bt_class, &class_attr_sco) < 0)
972 BT_ERR("Failed to create SCO info file");
971 973
972 BT_INFO("SCO (Voice Link) ver %s", VERSION); 974 BT_INFO("SCO (Voice Link) ver %s", VERSION);
973 BT_INFO("SCO socket layer initialized"); 975 BT_INFO("SCO socket layer initialized");
diff --git a/net/bridge/br_fdb.c b/net/bridge/br_fdb.c
index 3a73b8c94271..d9f04864d15d 100644
--- a/net/bridge/br_fdb.c
+++ b/net/bridge/br_fdb.c
@@ -128,7 +128,10 @@ void br_fdb_cleanup(unsigned long _data)
128 mod_timer(&br->gc_timer, jiffies + HZ/10); 128 mod_timer(&br->gc_timer, jiffies + HZ/10);
129} 129}
130 130
131void br_fdb_delete_by_port(struct net_bridge *br, struct net_bridge_port *p) 131
132void br_fdb_delete_by_port(struct net_bridge *br,
133 const struct net_bridge_port *p,
134 int do_all)
132{ 135{
133 int i; 136 int i;
134 137
@@ -142,6 +145,8 @@ void br_fdb_delete_by_port(struct net_bridge *br, struct net_bridge_port *p)
142 if (f->dst != p) 145 if (f->dst != p)
143 continue; 146 continue;
144 147
148 if (f->is_static && !do_all)
149 continue;
145 /* 150 /*
146 * if multiple ports all have the same device address 151 * if multiple ports all have the same device address
147 * then when one port is deleted, assign 152 * then when one port is deleted, assign
diff --git a/net/bridge/br_if.c b/net/bridge/br_if.c
index b1211d5342f6..f753c40c11d2 100644
--- a/net/bridge/br_if.c
+++ b/net/bridge/br_if.c
@@ -163,7 +163,7 @@ static void del_nbp(struct net_bridge_port *p)
163 br_stp_disable_port(p); 163 br_stp_disable_port(p);
164 spin_unlock_bh(&br->lock); 164 spin_unlock_bh(&br->lock);
165 165
166 br_fdb_delete_by_port(br, p); 166 br_fdb_delete_by_port(br, p, 1);
167 167
168 list_del_rcu(&p->list); 168 list_del_rcu(&p->list);
169 169
@@ -448,7 +448,7 @@ int br_add_if(struct net_bridge *br, struct net_device *dev)
448 448
449 return 0; 449 return 0;
450err2: 450err2:
451 br_fdb_delete_by_port(br, p); 451 br_fdb_delete_by_port(br, p, 1);
452err1: 452err1:
453 kobject_del(&p->kobj); 453 kobject_del(&p->kobj);
454err0: 454err0:
diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h
index c491fb2f280e..74258d86f256 100644
--- a/net/bridge/br_private.h
+++ b/net/bridge/br_private.h
@@ -143,7 +143,7 @@ extern void br_fdb_changeaddr(struct net_bridge_port *p,
143 const unsigned char *newaddr); 143 const unsigned char *newaddr);
144extern void br_fdb_cleanup(unsigned long arg); 144extern void br_fdb_cleanup(unsigned long arg);
145extern void br_fdb_delete_by_port(struct net_bridge *br, 145extern void br_fdb_delete_by_port(struct net_bridge *br,
146 struct net_bridge_port *p); 146 const struct net_bridge_port *p, int do_all);
147extern struct net_bridge_fdb_entry *__br_fdb_get(struct net_bridge *br, 147extern struct net_bridge_fdb_entry *__br_fdb_get(struct net_bridge *br,
148 const unsigned char *addr); 148 const unsigned char *addr);
149extern struct net_bridge_fdb_entry *br_fdb_get(struct net_bridge *br, 149extern struct net_bridge_fdb_entry *br_fdb_get(struct net_bridge *br,
diff --git a/net/bridge/br_stp_if.c b/net/bridge/br_stp_if.c
index 14cd025079af..d294224592db 100644
--- a/net/bridge/br_stp_if.c
+++ b/net/bridge/br_stp_if.c
@@ -113,6 +113,8 @@ void br_stp_disable_port(struct net_bridge_port *p)
113 del_timer(&p->forward_delay_timer); 113 del_timer(&p->forward_delay_timer);
114 del_timer(&p->hold_timer); 114 del_timer(&p->hold_timer);
115 115
116 br_fdb_delete_by_port(br, p, 0);
117
116 br_configuration_update(br); 118 br_configuration_update(br);
117 119
118 br_port_state_selection(br); 120 br_port_state_selection(br);
diff --git a/net/decnet/dn_route.c b/net/decnet/dn_route.c
index a2a43d8d93fe..491429ce9394 100644
--- a/net/decnet/dn_route.c
+++ b/net/decnet/dn_route.c
@@ -269,7 +269,7 @@ static inline int compare_keys(struct flowi *fl1, struct flowi *fl2)
269{ 269{
270 return ((fl1->nl_u.dn_u.daddr ^ fl2->nl_u.dn_u.daddr) | 270 return ((fl1->nl_u.dn_u.daddr ^ fl2->nl_u.dn_u.daddr) |
271 (fl1->nl_u.dn_u.saddr ^ fl2->nl_u.dn_u.saddr) | 271 (fl1->nl_u.dn_u.saddr ^ fl2->nl_u.dn_u.saddr) |
272#ifdef CONFIG_IP_ROUTE_FWMARK 272#ifdef CONFIG_DECNET_ROUTE_FWMARK
273 (fl1->nl_u.dn_u.fwmark ^ fl2->nl_u.dn_u.fwmark) | 273 (fl1->nl_u.dn_u.fwmark ^ fl2->nl_u.dn_u.fwmark) |
274#endif 274#endif
275 (fl1->nl_u.dn_u.scope ^ fl2->nl_u.dn_u.scope) | 275 (fl1->nl_u.dn_u.scope ^ fl2->nl_u.dn_u.scope) |
diff --git a/net/ipv4/cipso_ipv4.c b/net/ipv4/cipso_ipv4.c
index bde8ccaa1531..e2077a3aa8c0 100644
--- a/net/ipv4/cipso_ipv4.c
+++ b/net/ipv4/cipso_ipv4.c
@@ -773,13 +773,15 @@ static int cipso_v4_map_cat_rbm_valid(const struct cipso_v4_doi *doi_def,
773{ 773{
774 int cat = -1; 774 int cat = -1;
775 u32 bitmap_len_bits = bitmap_len * 8; 775 u32 bitmap_len_bits = bitmap_len * 8;
776 u32 cipso_cat_size = doi_def->map.std->cat.cipso_size; 776 u32 cipso_cat_size;
777 u32 *cipso_array = doi_def->map.std->cat.cipso; 777 u32 *cipso_array;
778 778
779 switch (doi_def->type) { 779 switch (doi_def->type) {
780 case CIPSO_V4_MAP_PASS: 780 case CIPSO_V4_MAP_PASS:
781 return 0; 781 return 0;
782 case CIPSO_V4_MAP_STD: 782 case CIPSO_V4_MAP_STD:
783 cipso_cat_size = doi_def->map.std->cat.cipso_size;
784 cipso_array = doi_def->map.std->cat.cipso;
783 for (;;) { 785 for (;;) {
784 cat = cipso_v4_bitmap_walk(bitmap, 786 cat = cipso_v4_bitmap_walk(bitmap,
785 bitmap_len_bits, 787 bitmap_len_bits,
@@ -825,19 +827,21 @@ static int cipso_v4_map_cat_rbm_hton(const struct cipso_v4_doi *doi_def,
825 u32 net_spot_max = 0; 827 u32 net_spot_max = 0;
826 u32 host_clen_bits = host_cat_len * 8; 828 u32 host_clen_bits = host_cat_len * 8;
827 u32 net_clen_bits = net_cat_len * 8; 829 u32 net_clen_bits = net_cat_len * 8;
828 u32 host_cat_size = doi_def->map.std->cat.local_size; 830 u32 host_cat_size;
829 u32 *host_cat_array = doi_def->map.std->cat.local; 831 u32 *host_cat_array;
830 832
831 switch (doi_def->type) { 833 switch (doi_def->type) {
832 case CIPSO_V4_MAP_PASS: 834 case CIPSO_V4_MAP_PASS:
833 net_spot_max = host_cat_len - 1; 835 net_spot_max = host_cat_len;
834 while (net_spot_max > 0 && host_cat[net_spot_max] == 0) 836 while (net_spot_max > 0 && host_cat[net_spot_max - 1] == 0)
835 net_spot_max--; 837 net_spot_max--;
836 if (net_spot_max > net_cat_len) 838 if (net_spot_max > net_cat_len)
837 return -EINVAL; 839 return -EINVAL;
838 memcpy(net_cat, host_cat, net_spot_max); 840 memcpy(net_cat, host_cat, net_spot_max);
839 return net_spot_max; 841 return net_spot_max;
840 case CIPSO_V4_MAP_STD: 842 case CIPSO_V4_MAP_STD:
843 host_cat_size = doi_def->map.std->cat.local_size;
844 host_cat_array = doi_def->map.std->cat.local;
841 for (;;) { 845 for (;;) {
842 host_spot = cipso_v4_bitmap_walk(host_cat, 846 host_spot = cipso_v4_bitmap_walk(host_cat,
843 host_clen_bits, 847 host_clen_bits,
@@ -893,8 +897,8 @@ static int cipso_v4_map_cat_rbm_ntoh(const struct cipso_v4_doi *doi_def,
893 int net_spot = -1; 897 int net_spot = -1;
894 u32 net_clen_bits = net_cat_len * 8; 898 u32 net_clen_bits = net_cat_len * 8;
895 u32 host_clen_bits = host_cat_len * 8; 899 u32 host_clen_bits = host_cat_len * 8;
896 u32 net_cat_size = doi_def->map.std->cat.cipso_size; 900 u32 net_cat_size;
897 u32 *net_cat_array = doi_def->map.std->cat.cipso; 901 u32 *net_cat_array;
898 902
899 switch (doi_def->type) { 903 switch (doi_def->type) {
900 case CIPSO_V4_MAP_PASS: 904 case CIPSO_V4_MAP_PASS:
@@ -903,6 +907,8 @@ static int cipso_v4_map_cat_rbm_ntoh(const struct cipso_v4_doi *doi_def,
903 memcpy(host_cat, net_cat, net_cat_len); 907 memcpy(host_cat, net_cat, net_cat_len);
904 return net_cat_len; 908 return net_cat_len;
905 case CIPSO_V4_MAP_STD: 909 case CIPSO_V4_MAP_STD:
910 net_cat_size = doi_def->map.std->cat.cipso_size;
911 net_cat_array = doi_def->map.std->cat.cipso;
906 for (;;) { 912 for (;;) {
907 net_spot = cipso_v4_bitmap_walk(net_cat, 913 net_spot = cipso_v4_bitmap_walk(net_cat,
908 net_clen_bits, 914 net_clen_bits,
diff --git a/net/ipv4/inetpeer.c b/net/ipv4/inetpeer.c
index 2b1a54b59c48..f072f3875af8 100644
--- a/net/ipv4/inetpeer.c
+++ b/net/ipv4/inetpeer.c
@@ -94,10 +94,8 @@ int inet_peer_minttl = 120 * HZ; /* TTL under high load: 120 sec */
94int inet_peer_maxttl = 10 * 60 * HZ; /* usual time to live: 10 min */ 94int inet_peer_maxttl = 10 * 60 * HZ; /* usual time to live: 10 min */
95 95
96static struct inet_peer *inet_peer_unused_head; 96static struct inet_peer *inet_peer_unused_head;
97/* Exported for inet_putpeer inline function. */ 97static struct inet_peer **inet_peer_unused_tailp = &inet_peer_unused_head;
98struct inet_peer **inet_peer_unused_tailp = &inet_peer_unused_head; 98static DEFINE_SPINLOCK(inet_peer_unused_lock);
99DEFINE_SPINLOCK(inet_peer_unused_lock);
100#define PEER_MAX_CLEANUP_WORK 30
101 99
102static void peer_check_expire(unsigned long dummy); 100static void peer_check_expire(unsigned long dummy);
103static DEFINE_TIMER(peer_periodic_timer, peer_check_expire, 0, 0); 101static DEFINE_TIMER(peer_periodic_timer, peer_check_expire, 0, 0);
@@ -340,7 +338,8 @@ static int cleanup_once(unsigned long ttl)
340 spin_lock_bh(&inet_peer_unused_lock); 338 spin_lock_bh(&inet_peer_unused_lock);
341 p = inet_peer_unused_head; 339 p = inet_peer_unused_head;
342 if (p != NULL) { 340 if (p != NULL) {
343 if (time_after(p->dtime + ttl, jiffies)) { 341 __u32 delta = (__u32)jiffies - p->dtime;
342 if (delta < ttl) {
344 /* Do not prune fresh entries. */ 343 /* Do not prune fresh entries. */
345 spin_unlock_bh(&inet_peer_unused_lock); 344 spin_unlock_bh(&inet_peer_unused_lock);
346 return -1; 345 return -1;
@@ -432,7 +431,7 @@ out_free:
432/* Called with local BH disabled. */ 431/* Called with local BH disabled. */
433static void peer_check_expire(unsigned long dummy) 432static void peer_check_expire(unsigned long dummy)
434{ 433{
435 int i; 434 unsigned long now = jiffies;
436 int ttl; 435 int ttl;
437 436
438 if (peer_total >= inet_peer_threshold) 437 if (peer_total >= inet_peer_threshold)
@@ -441,7 +440,10 @@ static void peer_check_expire(unsigned long dummy)
441 ttl = inet_peer_maxttl 440 ttl = inet_peer_maxttl
442 - (inet_peer_maxttl - inet_peer_minttl) / HZ * 441 - (inet_peer_maxttl - inet_peer_minttl) / HZ *
443 peer_total / inet_peer_threshold * HZ; 442 peer_total / inet_peer_threshold * HZ;
444 for (i = 0; i < PEER_MAX_CLEANUP_WORK && !cleanup_once(ttl); i++); 443 while (!cleanup_once(ttl)) {
444 if (jiffies != now)
445 break;
446 }
445 447
446 /* Trigger the timer after inet_peer_gc_mintime .. inet_peer_gc_maxtime 448 /* Trigger the timer after inet_peer_gc_mintime .. inet_peer_gc_maxtime
447 * interval depending on the total number of entries (more entries, 449 * interval depending on the total number of entries (more entries,
@@ -455,3 +457,16 @@ static void peer_check_expire(unsigned long dummy)
455 peer_total / inet_peer_threshold * HZ; 457 peer_total / inet_peer_threshold * HZ;
456 add_timer(&peer_periodic_timer); 458 add_timer(&peer_periodic_timer);
457} 459}
460
461void inet_putpeer(struct inet_peer *p)
462{
463 spin_lock_bh(&inet_peer_unused_lock);
464 if (atomic_dec_and_test(&p->refcnt)) {
465 p->unused_prevp = inet_peer_unused_tailp;
466 p->unused_next = NULL;
467 *inet_peer_unused_tailp = p;
468 inet_peer_unused_tailp = &p->unused_next;
469 p->dtime = (__u32)jiffies;
470 }
471 spin_unlock_bh(&inet_peer_unused_lock);
472}
diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c
index 17e1a687ab45..0849f1cced13 100644
--- a/net/ipv4/netfilter/arp_tables.c
+++ b/net/ipv4/netfilter/arp_tables.c
@@ -1196,6 +1196,8 @@ err1:
1196static void __exit arp_tables_fini(void) 1196static void __exit arp_tables_fini(void)
1197{ 1197{
1198 nf_unregister_sockopt(&arpt_sockopts); 1198 nf_unregister_sockopt(&arpt_sockopts);
1199 xt_unregister_target(&arpt_error_target);
1200 xt_unregister_target(&arpt_standard_target);
1199 xt_proto_fini(NF_ARP); 1201 xt_proto_fini(NF_ARP);
1200} 1202}
1201 1203
diff --git a/net/ipv4/netfilter/ip_conntrack_netlink.c b/net/ipv4/netfilter/ip_conntrack_netlink.c
index 53b6dffea6c2..262d0d44ec1b 100644
--- a/net/ipv4/netfilter/ip_conntrack_netlink.c
+++ b/net/ipv4/netfilter/ip_conntrack_netlink.c
@@ -44,13 +44,6 @@ MODULE_LICENSE("GPL");
44 44
45static char __initdata version[] = "0.90"; 45static char __initdata version[] = "0.90";
46 46
47#if 0
48#define DEBUGP printk
49#else
50#define DEBUGP(format, args...)
51#endif
52
53
54static inline int 47static inline int
55ctnetlink_dump_tuples_proto(struct sk_buff *skb, 48ctnetlink_dump_tuples_proto(struct sk_buff *skb,
56 const struct ip_conntrack_tuple *tuple, 49 const struct ip_conntrack_tuple *tuple,
@@ -398,7 +391,6 @@ nfattr_failure:
398 391
399static int ctnetlink_done(struct netlink_callback *cb) 392static int ctnetlink_done(struct netlink_callback *cb)
400{ 393{
401 DEBUGP("entered %s\n", __FUNCTION__);
402 if (cb->args[1]) 394 if (cb->args[1])
403 ip_conntrack_put((struct ip_conntrack *)cb->args[1]); 395 ip_conntrack_put((struct ip_conntrack *)cb->args[1]);
404 return 0; 396 return 0;
@@ -411,9 +403,6 @@ ctnetlink_dump_table(struct sk_buff *skb, struct netlink_callback *cb)
411 struct ip_conntrack_tuple_hash *h; 403 struct ip_conntrack_tuple_hash *h;
412 struct list_head *i; 404 struct list_head *i;
413 405
414 DEBUGP("entered %s, last bucket=%lu id=%u\n", __FUNCTION__,
415 cb->args[0], *id);
416
417 read_lock_bh(&ip_conntrack_lock); 406 read_lock_bh(&ip_conntrack_lock);
418 last = (struct ip_conntrack *)cb->args[1]; 407 last = (struct ip_conntrack *)cb->args[1];
419 for (; cb->args[0] < ip_conntrack_htable_size; cb->args[0]++) { 408 for (; cb->args[0] < ip_conntrack_htable_size; cb->args[0]++) {
@@ -452,7 +441,6 @@ out:
452 if (last) 441 if (last)
453 ip_conntrack_put(last); 442 ip_conntrack_put(last);
454 443
455 DEBUGP("leaving, last bucket=%lu id=%u\n", cb->args[0], *id);
456 return skb->len; 444 return skb->len;
457} 445}
458 446
@@ -466,8 +454,6 @@ ctnetlink_parse_tuple_ip(struct nfattr *attr, struct ip_conntrack_tuple *tuple)
466{ 454{
467 struct nfattr *tb[CTA_IP_MAX]; 455 struct nfattr *tb[CTA_IP_MAX];
468 456
469 DEBUGP("entered %s\n", __FUNCTION__);
470
471 nfattr_parse_nested(tb, CTA_IP_MAX, attr); 457 nfattr_parse_nested(tb, CTA_IP_MAX, attr);
472 458
473 if (nfattr_bad_size(tb, CTA_IP_MAX, cta_min_ip)) 459 if (nfattr_bad_size(tb, CTA_IP_MAX, cta_min_ip))
@@ -481,8 +467,6 @@ ctnetlink_parse_tuple_ip(struct nfattr *attr, struct ip_conntrack_tuple *tuple)
481 return -EINVAL; 467 return -EINVAL;
482 tuple->dst.ip = *(__be32 *)NFA_DATA(tb[CTA_IP_V4_DST-1]); 468 tuple->dst.ip = *(__be32 *)NFA_DATA(tb[CTA_IP_V4_DST-1]);
483 469
484 DEBUGP("leaving\n");
485
486 return 0; 470 return 0;
487} 471}
488 472
@@ -503,8 +487,6 @@ ctnetlink_parse_tuple_proto(struct nfattr *attr,
503 struct ip_conntrack_protocol *proto; 487 struct ip_conntrack_protocol *proto;
504 int ret = 0; 488 int ret = 0;
505 489
506 DEBUGP("entered %s\n", __FUNCTION__);
507
508 nfattr_parse_nested(tb, CTA_PROTO_MAX, attr); 490 nfattr_parse_nested(tb, CTA_PROTO_MAX, attr);
509 491
510 if (nfattr_bad_size(tb, CTA_PROTO_MAX, cta_min_proto)) 492 if (nfattr_bad_size(tb, CTA_PROTO_MAX, cta_min_proto))
@@ -531,8 +513,6 @@ ctnetlink_parse_tuple(struct nfattr *cda[], struct ip_conntrack_tuple *tuple,
531 struct nfattr *tb[CTA_TUPLE_MAX]; 513 struct nfattr *tb[CTA_TUPLE_MAX];
532 int err; 514 int err;
533 515
534 DEBUGP("entered %s\n", __FUNCTION__);
535
536 memset(tuple, 0, sizeof(*tuple)); 516 memset(tuple, 0, sizeof(*tuple));
537 517
538 nfattr_parse_nested(tb, CTA_TUPLE_MAX, cda[type-1]); 518 nfattr_parse_nested(tb, CTA_TUPLE_MAX, cda[type-1]);
@@ -557,10 +537,6 @@ ctnetlink_parse_tuple(struct nfattr *cda[], struct ip_conntrack_tuple *tuple,
557 else 537 else
558 tuple->dst.dir = IP_CT_DIR_ORIGINAL; 538 tuple->dst.dir = IP_CT_DIR_ORIGINAL;
559 539
560 DUMP_TUPLE(tuple);
561
562 DEBUGP("leaving\n");
563
564 return 0; 540 return 0;
565} 541}
566 542
@@ -577,8 +553,6 @@ static int ctnetlink_parse_nat_proto(struct nfattr *attr,
577 struct nfattr *tb[CTA_PROTONAT_MAX]; 553 struct nfattr *tb[CTA_PROTONAT_MAX];
578 struct ip_nat_protocol *npt; 554 struct ip_nat_protocol *npt;
579 555
580 DEBUGP("entered %s\n", __FUNCTION__);
581
582 nfattr_parse_nested(tb, CTA_PROTONAT_MAX, attr); 556 nfattr_parse_nested(tb, CTA_PROTONAT_MAX, attr);
583 557
584 if (nfattr_bad_size(tb, CTA_PROTONAT_MAX, cta_min_protonat)) 558 if (nfattr_bad_size(tb, CTA_PROTONAT_MAX, cta_min_protonat))
@@ -597,7 +571,6 @@ static int ctnetlink_parse_nat_proto(struct nfattr *attr,
597 571
598 ip_nat_proto_put(npt); 572 ip_nat_proto_put(npt);
599 573
600 DEBUGP("leaving\n");
601 return 0; 574 return 0;
602} 575}
603 576
@@ -613,8 +586,6 @@ ctnetlink_parse_nat(struct nfattr *nat,
613 struct nfattr *tb[CTA_NAT_MAX]; 586 struct nfattr *tb[CTA_NAT_MAX];
614 int err; 587 int err;
615 588
616 DEBUGP("entered %s\n", __FUNCTION__);
617
618 memset(range, 0, sizeof(*range)); 589 memset(range, 0, sizeof(*range));
619 590
620 nfattr_parse_nested(tb, CTA_NAT_MAX, nat); 591 nfattr_parse_nested(tb, CTA_NAT_MAX, nat);
@@ -640,7 +611,6 @@ ctnetlink_parse_nat(struct nfattr *nat,
640 if (err < 0) 611 if (err < 0)
641 return err; 612 return err;
642 613
643 DEBUGP("leaving\n");
644 return 0; 614 return 0;
645} 615}
646#endif 616#endif
@@ -650,8 +620,6 @@ ctnetlink_parse_help(struct nfattr *attr, char **helper_name)
650{ 620{
651 struct nfattr *tb[CTA_HELP_MAX]; 621 struct nfattr *tb[CTA_HELP_MAX];
652 622
653 DEBUGP("entered %s\n", __FUNCTION__);
654
655 nfattr_parse_nested(tb, CTA_HELP_MAX, attr); 623 nfattr_parse_nested(tb, CTA_HELP_MAX, attr);
656 624
657 if (!tb[CTA_HELP_NAME-1]) 625 if (!tb[CTA_HELP_NAME-1])
@@ -679,8 +647,6 @@ ctnetlink_del_conntrack(struct sock *ctnl, struct sk_buff *skb,
679 struct ip_conntrack *ct; 647 struct ip_conntrack *ct;
680 int err = 0; 648 int err = 0;
681 649
682 DEBUGP("entered %s\n", __FUNCTION__);
683
684 if (nfattr_bad_size(cda, CTA_MAX, cta_min)) 650 if (nfattr_bad_size(cda, CTA_MAX, cta_min))
685 return -EINVAL; 651 return -EINVAL;
686 652
@@ -698,10 +664,8 @@ ctnetlink_del_conntrack(struct sock *ctnl, struct sk_buff *skb,
698 return err; 664 return err;
699 665
700 h = ip_conntrack_find_get(&tuple, NULL); 666 h = ip_conntrack_find_get(&tuple, NULL);
701 if (!h) { 667 if (!h)
702 DEBUGP("tuple not found in conntrack hash\n");
703 return -ENOENT; 668 return -ENOENT;
704 }
705 669
706 ct = tuplehash_to_ctrack(h); 670 ct = tuplehash_to_ctrack(h);
707 671
@@ -716,7 +680,6 @@ ctnetlink_del_conntrack(struct sock *ctnl, struct sk_buff *skb,
716 ct->timeout.function((unsigned long)ct); 680 ct->timeout.function((unsigned long)ct);
717 681
718 ip_conntrack_put(ct); 682 ip_conntrack_put(ct);
719 DEBUGP("leaving\n");
720 683
721 return 0; 684 return 0;
722} 685}
@@ -731,8 +694,6 @@ ctnetlink_get_conntrack(struct sock *ctnl, struct sk_buff *skb,
731 struct sk_buff *skb2 = NULL; 694 struct sk_buff *skb2 = NULL;
732 int err = 0; 695 int err = 0;
733 696
734 DEBUGP("entered %s\n", __FUNCTION__);
735
736 if (nlh->nlmsg_flags & NLM_F_DUMP) { 697 if (nlh->nlmsg_flags & NLM_F_DUMP) {
737 struct nfgenmsg *msg = NLMSG_DATA(nlh); 698 struct nfgenmsg *msg = NLMSG_DATA(nlh);
738 u32 rlen; 699 u32 rlen;
@@ -770,11 +731,9 @@ ctnetlink_get_conntrack(struct sock *ctnl, struct sk_buff *skb,
770 return err; 731 return err;
771 732
772 h = ip_conntrack_find_get(&tuple, NULL); 733 h = ip_conntrack_find_get(&tuple, NULL);
773 if (!h) { 734 if (!h)
774 DEBUGP("tuple not found in conntrack hash");
775 return -ENOENT; 735 return -ENOENT;
776 } 736
777 DEBUGP("tuple found\n");
778 ct = tuplehash_to_ctrack(h); 737 ct = tuplehash_to_ctrack(h);
779 738
780 err = -ENOMEM; 739 err = -ENOMEM;
@@ -795,7 +754,6 @@ ctnetlink_get_conntrack(struct sock *ctnl, struct sk_buff *skb,
795 if (err < 0) 754 if (err < 0)
796 goto out; 755 goto out;
797 756
798 DEBUGP("leaving\n");
799 return 0; 757 return 0;
800 758
801free: 759free:
@@ -866,8 +824,6 @@ ctnetlink_change_helper(struct ip_conntrack *ct, struct nfattr *cda[])
866 char *helpname; 824 char *helpname;
867 int err; 825 int err;
868 826
869 DEBUGP("entered %s\n", __FUNCTION__);
870
871 /* don't change helper of sibling connections */ 827 /* don't change helper of sibling connections */
872 if (ct->master) 828 if (ct->master)
873 return -EINVAL; 829 return -EINVAL;
@@ -938,8 +894,6 @@ ctnetlink_change_conntrack(struct ip_conntrack *ct, struct nfattr *cda[])
938{ 894{
939 int err; 895 int err;
940 896
941 DEBUGP("entered %s\n", __FUNCTION__);
942
943 if (cda[CTA_HELP-1]) { 897 if (cda[CTA_HELP-1]) {
944 err = ctnetlink_change_helper(ct, cda); 898 err = ctnetlink_change_helper(ct, cda);
945 if (err < 0) 899 if (err < 0)
@@ -969,7 +923,6 @@ ctnetlink_change_conntrack(struct ip_conntrack *ct, struct nfattr *cda[])
969 ct->mark = ntohl(*(__be32 *)NFA_DATA(cda[CTA_MARK-1])); 923 ct->mark = ntohl(*(__be32 *)NFA_DATA(cda[CTA_MARK-1]));
970#endif 924#endif
971 925
972 DEBUGP("all done\n");
973 return 0; 926 return 0;
974} 927}
975 928
@@ -981,8 +934,6 @@ ctnetlink_create_conntrack(struct nfattr *cda[],
981 struct ip_conntrack *ct; 934 struct ip_conntrack *ct;
982 int err = -EINVAL; 935 int err = -EINVAL;
983 936
984 DEBUGP("entered %s\n", __FUNCTION__);
985
986 ct = ip_conntrack_alloc(otuple, rtuple); 937 ct = ip_conntrack_alloc(otuple, rtuple);
987 if (ct == NULL || IS_ERR(ct)) 938 if (ct == NULL || IS_ERR(ct))
988 return -ENOMEM; 939 return -ENOMEM;
@@ -1017,7 +968,6 @@ ctnetlink_create_conntrack(struct nfattr *cda[],
1017 if (ct->helper) 968 if (ct->helper)
1018 ip_conntrack_helper_put(ct->helper); 969 ip_conntrack_helper_put(ct->helper);
1019 970
1020 DEBUGP("conntrack with id %u inserted\n", ct->id);
1021 return 0; 971 return 0;
1022 972
1023err: 973err:
@@ -1033,8 +983,6 @@ ctnetlink_new_conntrack(struct sock *ctnl, struct sk_buff *skb,
1033 struct ip_conntrack_tuple_hash *h = NULL; 983 struct ip_conntrack_tuple_hash *h = NULL;
1034 int err = 0; 984 int err = 0;
1035 985
1036 DEBUGP("entered %s\n", __FUNCTION__);
1037
1038 if (nfattr_bad_size(cda, CTA_MAX, cta_min)) 986 if (nfattr_bad_size(cda, CTA_MAX, cta_min))
1039 return -EINVAL; 987 return -EINVAL;
1040 988
@@ -1058,7 +1006,6 @@ ctnetlink_new_conntrack(struct sock *ctnl, struct sk_buff *skb,
1058 1006
1059 if (h == NULL) { 1007 if (h == NULL) {
1060 write_unlock_bh(&ip_conntrack_lock); 1008 write_unlock_bh(&ip_conntrack_lock);
1061 DEBUGP("no such conntrack, create new\n");
1062 err = -ENOENT; 1009 err = -ENOENT;
1063 if (nlh->nlmsg_flags & NLM_F_CREATE) 1010 if (nlh->nlmsg_flags & NLM_F_CREATE)
1064 err = ctnetlink_create_conntrack(cda, &otuple, &rtuple); 1011 err = ctnetlink_create_conntrack(cda, &otuple, &rtuple);
@@ -1074,7 +1021,6 @@ ctnetlink_new_conntrack(struct sock *ctnl, struct sk_buff *skb,
1074 1021
1075 /* We manipulate the conntrack inside the global conntrack table lock, 1022 /* We manipulate the conntrack inside the global conntrack table lock,
1076 * so there's no need to increase the refcount */ 1023 * so there's no need to increase the refcount */
1077 DEBUGP("conntrack found\n");
1078 err = -EEXIST; 1024 err = -EEXIST;
1079 if (!(nlh->nlmsg_flags & NLM_F_EXCL)) 1025 if (!(nlh->nlmsg_flags & NLM_F_EXCL))
1080 err = ctnetlink_change_conntrack(tuplehash_to_ctrack(h), cda); 1026 err = ctnetlink_change_conntrack(tuplehash_to_ctrack(h), cda);
@@ -1249,8 +1195,6 @@ ctnetlink_exp_dump_table(struct sk_buff *skb, struct netlink_callback *cb)
1249 struct list_head *i; 1195 struct list_head *i;
1250 u_int32_t *id = (u_int32_t *) &cb->args[0]; 1196 u_int32_t *id = (u_int32_t *) &cb->args[0];
1251 1197
1252 DEBUGP("entered %s, last id=%llu\n", __FUNCTION__, *id);
1253
1254 read_lock_bh(&ip_conntrack_lock); 1198 read_lock_bh(&ip_conntrack_lock);
1255 list_for_each_prev(i, &ip_conntrack_expect_list) { 1199 list_for_each_prev(i, &ip_conntrack_expect_list) {
1256 exp = (struct ip_conntrack_expect *) i; 1200 exp = (struct ip_conntrack_expect *) i;
@@ -1266,8 +1210,6 @@ ctnetlink_exp_dump_table(struct sk_buff *skb, struct netlink_callback *cb)
1266out: 1210out:
1267 read_unlock_bh(&ip_conntrack_lock); 1211 read_unlock_bh(&ip_conntrack_lock);
1268 1212
1269 DEBUGP("leaving, last id=%llu\n", *id);
1270
1271 return skb->len; 1213 return skb->len;
1272} 1214}
1273 1215
@@ -1285,8 +1227,6 @@ ctnetlink_get_expect(struct sock *ctnl, struct sk_buff *skb,
1285 struct sk_buff *skb2; 1227 struct sk_buff *skb2;
1286 int err = 0; 1228 int err = 0;
1287 1229
1288 DEBUGP("entered %s\n", __FUNCTION__);
1289
1290 if (nfattr_bad_size(cda, CTA_EXPECT_MAX, cta_min_exp)) 1230 if (nfattr_bad_size(cda, CTA_EXPECT_MAX, cta_min_exp))
1291 return -EINVAL; 1231 return -EINVAL;
1292 1232
@@ -1437,8 +1377,6 @@ ctnetlink_create_expect(struct nfattr *cda[])
1437 struct ip_conntrack *ct; 1377 struct ip_conntrack *ct;
1438 int err = 0; 1378 int err = 0;
1439 1379
1440 DEBUGP("entered %s\n", __FUNCTION__);
1441
1442 /* caller guarantees that those three CTA_EXPECT_* exist */ 1380 /* caller guarantees that those three CTA_EXPECT_* exist */
1443 err = ctnetlink_parse_tuple(cda, &tuple, CTA_EXPECT_TUPLE); 1381 err = ctnetlink_parse_tuple(cda, &tuple, CTA_EXPECT_TUPLE);
1444 if (err < 0) 1382 if (err < 0)
@@ -1490,8 +1428,6 @@ ctnetlink_new_expect(struct sock *ctnl, struct sk_buff *skb,
1490 struct ip_conntrack_expect *exp; 1428 struct ip_conntrack_expect *exp;
1491 int err = 0; 1429 int err = 0;
1492 1430
1493 DEBUGP("entered %s\n", __FUNCTION__);
1494
1495 if (nfattr_bad_size(cda, CTA_EXPECT_MAX, cta_min_exp)) 1431 if (nfattr_bad_size(cda, CTA_EXPECT_MAX, cta_min_exp))
1496 return -EINVAL; 1432 return -EINVAL;
1497 1433
@@ -1520,8 +1456,6 @@ ctnetlink_new_expect(struct sock *ctnl, struct sk_buff *skb,
1520 err = ctnetlink_change_expect(exp, cda); 1456 err = ctnetlink_change_expect(exp, cda);
1521 write_unlock_bh(&ip_conntrack_lock); 1457 write_unlock_bh(&ip_conntrack_lock);
1522 1458
1523 DEBUGP("leaving\n");
1524
1525 return err; 1459 return err;
1526} 1460}
1527 1461
diff --git a/net/ipv4/netfilter/ipt_ECN.c b/net/ipv4/netfilter/ipt_ECN.c
index 12a818a2462f..1aa4517fbcdb 100644
--- a/net/ipv4/netfilter/ipt_ECN.c
+++ b/net/ipv4/netfilter/ipt_ECN.c
@@ -28,7 +28,7 @@ static inline int
28set_ect_ip(struct sk_buff **pskb, const struct ipt_ECN_info *einfo) 28set_ect_ip(struct sk_buff **pskb, const struct ipt_ECN_info *einfo)
29{ 29{
30 struct iphdr *iph = (*pskb)->nh.iph; 30 struct iphdr *iph = (*pskb)->nh.iph;
31 __be16 oldtos; 31 u_int16_t oldtos;
32 32
33 if ((iph->tos & IPT_ECN_IP_MASK) != (einfo->ip_ect & IPT_ECN_IP_MASK)) { 33 if ((iph->tos & IPT_ECN_IP_MASK) != (einfo->ip_ect & IPT_ECN_IP_MASK)) {
34 if (!skb_make_writable(pskb, sizeof(struct iphdr))) 34 if (!skb_make_writable(pskb, sizeof(struct iphdr)))
@@ -37,8 +37,8 @@ set_ect_ip(struct sk_buff **pskb, const struct ipt_ECN_info *einfo)
37 oldtos = iph->tos; 37 oldtos = iph->tos;
38 iph->tos &= ~IPT_ECN_IP_MASK; 38 iph->tos &= ~IPT_ECN_IP_MASK;
39 iph->tos |= (einfo->ip_ect & IPT_ECN_IP_MASK); 39 iph->tos |= (einfo->ip_ect & IPT_ECN_IP_MASK);
40 iph->check = nf_csum_update(oldtos ^ htons(0xFFFF), iph->tos, 40 iph->check = nf_csum_update(htons(oldtos) ^ htons(0xFFFF),
41 iph->check); 41 htons(iph->tos), iph->check);
42 } 42 }
43 return 1; 43 return 1;
44} 44}
diff --git a/net/ipv4/netfilter/ipt_TOS.c b/net/ipv4/netfilter/ipt_TOS.c
index 6b8b14ccc3d3..83b80b3a5d2f 100644
--- a/net/ipv4/netfilter/ipt_TOS.c
+++ b/net/ipv4/netfilter/ipt_TOS.c
@@ -30,7 +30,7 @@ target(struct sk_buff **pskb,
30{ 30{
31 const struct ipt_tos_target_info *tosinfo = targinfo; 31 const struct ipt_tos_target_info *tosinfo = targinfo;
32 struct iphdr *iph = (*pskb)->nh.iph; 32 struct iphdr *iph = (*pskb)->nh.iph;
33 __be16 oldtos; 33 u_int16_t oldtos;
34 34
35 if ((iph->tos & IPTOS_TOS_MASK) != tosinfo->tos) { 35 if ((iph->tos & IPTOS_TOS_MASK) != tosinfo->tos) {
36 if (!skb_make_writable(pskb, sizeof(struct iphdr))) 36 if (!skb_make_writable(pskb, sizeof(struct iphdr)))
@@ -38,8 +38,8 @@ target(struct sk_buff **pskb,
38 iph = (*pskb)->nh.iph; 38 iph = (*pskb)->nh.iph;
39 oldtos = iph->tos; 39 oldtos = iph->tos;
40 iph->tos = (iph->tos & IPTOS_PREC_MASK) | tosinfo->tos; 40 iph->tos = (iph->tos & IPTOS_PREC_MASK) | tosinfo->tos;
41 iph->check = nf_csum_update(oldtos ^ htons(0xFFFF), iph->tos, 41 iph->check = nf_csum_update(htons(oldtos) ^ htons(0xFFFF),
42 iph->check); 42 htons(iph->tos), iph->check);
43 } 43 }
44 return IPT_CONTINUE; 44 return IPT_CONTINUE;
45} 45}
diff --git a/net/ipv6/fib6_rules.c b/net/ipv6/fib6_rules.c
index d8c1057e8b00..1896ecb52899 100644
--- a/net/ipv6/fib6_rules.c
+++ b/net/ipv6/fib6_rules.c
@@ -117,12 +117,15 @@ static int fib6_rule_match(struct fib_rule *rule, struct flowi *fl, int flags)
117{ 117{
118 struct fib6_rule *r = (struct fib6_rule *) rule; 118 struct fib6_rule *r = (struct fib6_rule *) rule;
119 119
120 if (!ipv6_prefix_equal(&fl->fl6_dst, &r->dst.addr, r->dst.plen)) 120 if (r->dst.plen &&
121 !ipv6_prefix_equal(&fl->fl6_dst, &r->dst.addr, r->dst.plen))
121 return 0; 122 return 0;
122 123
123 if ((flags & RT6_LOOKUP_F_HAS_SADDR) && 124 if (r->src.plen) {
124 !ipv6_prefix_equal(&fl->fl6_src, &r->src.addr, r->src.plen)) 125 if (!(flags & RT6_LOOKUP_F_HAS_SADDR) ||
125 return 0; 126 !ipv6_prefix_equal(&fl->fl6_src, &r->src.addr, r->src.plen))
127 return 0;
128 }
126 129
127 if (r->tclass && r->tclass != ((ntohl(fl->fl6_flowlabel) >> 20) & 0xff)) 130 if (r->tclass && r->tclass != ((ntohl(fl->fl6_flowlabel) >> 20) & 0xff))
128 return 0; 131 return 0;
diff --git a/net/ipv6/ndisc.c b/net/ipv6/ndisc.c
index 0304b5fe8d6a..41a8a5f06602 100644
--- a/net/ipv6/ndisc.c
+++ b/net/ipv6/ndisc.c
@@ -967,8 +967,6 @@ static void ndisc_recv_na(struct sk_buff *skb)
967 ipv6_devconf.forwarding && ipv6_devconf.proxy_ndp && 967 ipv6_devconf.forwarding && ipv6_devconf.proxy_ndp &&
968 pneigh_lookup(&nd_tbl, &msg->target, dev, 0)) { 968 pneigh_lookup(&nd_tbl, &msg->target, dev, 0)) {
969 /* XXX: idev->cnf.prixy_ndp */ 969 /* XXX: idev->cnf.prixy_ndp */
970 WARN_ON(skb->dst != NULL &&
971 ((struct rt6_info *)skb->dst)->rt6i_idev);
972 goto out; 970 goto out;
973 } 971 }
974 972
diff --git a/net/ipv6/route.c b/net/ipv6/route.c
index d6b4b4f48d18..a1b0f075462e 100644
--- a/net/ipv6/route.c
+++ b/net/ipv6/route.c
@@ -529,13 +529,17 @@ struct rt6_info *rt6_lookup(struct in6_addr *daddr, struct in6_addr *saddr,
529 .nl_u = { 529 .nl_u = {
530 .ip6_u = { 530 .ip6_u = {
531 .daddr = *daddr, 531 .daddr = *daddr,
532 /* TODO: saddr */
533 }, 532 },
534 }, 533 },
535 }; 534 };
536 struct dst_entry *dst; 535 struct dst_entry *dst;
537 int flags = strict ? RT6_LOOKUP_F_IFACE : 0; 536 int flags = strict ? RT6_LOOKUP_F_IFACE : 0;
538 537
538 if (saddr) {
539 memcpy(&fl.fl6_src, saddr, sizeof(*saddr));
540 flags |= RT6_LOOKUP_F_HAS_SADDR;
541 }
542
539 dst = fib6_rule_lookup(&fl, flags, ip6_pol_route_lookup); 543 dst = fib6_rule_lookup(&fl, flags, ip6_pol_route_lookup);
540 if (dst->error == 0) 544 if (dst->error == 0)
541 return (struct rt6_info *) dst; 545 return (struct rt6_info *) dst;
@@ -697,6 +701,7 @@ out2:
697void ip6_route_input(struct sk_buff *skb) 701void ip6_route_input(struct sk_buff *skb)
698{ 702{
699 struct ipv6hdr *iph = skb->nh.ipv6h; 703 struct ipv6hdr *iph = skb->nh.ipv6h;
704 int flags = RT6_LOOKUP_F_HAS_SADDR;
700 struct flowi fl = { 705 struct flowi fl = {
701 .iif = skb->dev->ifindex, 706 .iif = skb->dev->ifindex,
702 .nl_u = { 707 .nl_u = {
@@ -711,7 +716,9 @@ void ip6_route_input(struct sk_buff *skb)
711 }, 716 },
712 .proto = iph->nexthdr, 717 .proto = iph->nexthdr,
713 }; 718 };
714 int flags = rt6_need_strict(&iph->daddr) ? RT6_LOOKUP_F_IFACE : 0; 719
720 if (rt6_need_strict(&iph->daddr))
721 flags |= RT6_LOOKUP_F_IFACE;
715 722
716 skb->dst = fib6_rule_lookup(&fl, flags, ip6_pol_route_input); 723 skb->dst = fib6_rule_lookup(&fl, flags, ip6_pol_route_input);
717} 724}
@@ -794,6 +801,9 @@ struct dst_entry * ip6_route_output(struct sock *sk, struct flowi *fl)
794 if (rt6_need_strict(&fl->fl6_dst)) 801 if (rt6_need_strict(&fl->fl6_dst))
795 flags |= RT6_LOOKUP_F_IFACE; 802 flags |= RT6_LOOKUP_F_IFACE;
796 803
804 if (!ipv6_addr_any(&fl->fl6_src))
805 flags |= RT6_LOOKUP_F_HAS_SADDR;
806
797 return fib6_rule_lookup(fl, flags, ip6_pol_route_output); 807 return fib6_rule_lookup(fl, flags, ip6_pol_route_output);
798} 808}
799 809
@@ -1345,6 +1355,7 @@ static struct rt6_info *ip6_route_redirect(struct in6_addr *dest,
1345 struct in6_addr *gateway, 1355 struct in6_addr *gateway,
1346 struct net_device *dev) 1356 struct net_device *dev)
1347{ 1357{
1358 int flags = RT6_LOOKUP_F_HAS_SADDR;
1348 struct ip6rd_flowi rdfl = { 1359 struct ip6rd_flowi rdfl = {
1349 .fl = { 1360 .fl = {
1350 .oif = dev->ifindex, 1361 .oif = dev->ifindex,
@@ -1357,7 +1368,9 @@ static struct rt6_info *ip6_route_redirect(struct in6_addr *dest,
1357 }, 1368 },
1358 .gateway = *gateway, 1369 .gateway = *gateway,
1359 }; 1370 };
1360 int flags = rt6_need_strict(dest) ? RT6_LOOKUP_F_IFACE : 0; 1371
1372 if (rt6_need_strict(dest))
1373 flags |= RT6_LOOKUP_F_IFACE;
1361 1374
1362 return (struct rt6_info *)fib6_rule_lookup((struct flowi *)&rdfl, flags, __ip6_route_redirect); 1375 return (struct rt6_info *)fib6_rule_lookup((struct flowi *)&rdfl, flags, __ip6_route_redirect);
1363} 1376}
diff --git a/net/ipv6/sit.c b/net/ipv6/sit.c
index dc5765b62b87..b481a4d780c2 100644
--- a/net/ipv6/sit.c
+++ b/net/ipv6/sit.c
@@ -853,3 +853,4 @@ int __init sit_init(void)
853 853
854module_init(sit_init); 854module_init(sit_init);
855module_exit(sit_cleanup); 855module_exit(sit_cleanup);
856MODULE_LICENSE("GPL");
diff --git a/net/netfilter/Kconfig b/net/netfilter/Kconfig
index ce94732b8e23..f619c6527266 100644
--- a/net/netfilter/Kconfig
+++ b/net/netfilter/Kconfig
@@ -209,7 +209,9 @@ config NETFILTER_XT_TARGET_SECMARK
209 209
210config NETFILTER_XT_TARGET_CONNSECMARK 210config NETFILTER_XT_TARGET_CONNSECMARK
211 tristate '"CONNSECMARK" target support' 211 tristate '"CONNSECMARK" target support'
212 depends on NETFILTER_XTABLES && (NF_CONNTRACK_SECMARK || IP_NF_CONNTRACK_SECMARK) 212 depends on NETFILTER_XTABLES && \
213 ((NF_CONNTRACK && NF_CONNTRACK_SECMARK) || \
214 (IP_NF_CONNTRACK && IP_NF_CONNTRACK_SECMARK))
213 help 215 help
214 The CONNSECMARK target copies security markings from packets 216 The CONNSECMARK target copies security markings from packets
215 to connections, and restores security markings from connections 217 to connections, and restores security markings from connections
diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c
index 1721f7c78c77..bd0156a28ecd 100644
--- a/net/netfilter/nf_conntrack_netlink.c
+++ b/net/netfilter/nf_conntrack_netlink.c
@@ -47,13 +47,6 @@ MODULE_LICENSE("GPL");
47 47
48static char __initdata version[] = "0.93"; 48static char __initdata version[] = "0.93";
49 49
50#if 0
51#define DEBUGP printk
52#else
53#define DEBUGP(format, args...)
54#endif
55
56
57static inline int 50static inline int
58ctnetlink_dump_tuples_proto(struct sk_buff *skb, 51ctnetlink_dump_tuples_proto(struct sk_buff *skb,
59 const struct nf_conntrack_tuple *tuple, 52 const struct nf_conntrack_tuple *tuple,
@@ -410,7 +403,6 @@ static int ctnetlink_done(struct netlink_callback *cb)
410{ 403{
411 if (cb->args[1]) 404 if (cb->args[1])
412 nf_ct_put((struct nf_conn *)cb->args[1]); 405 nf_ct_put((struct nf_conn *)cb->args[1]);
413 DEBUGP("entered %s\n", __FUNCTION__);
414 return 0; 406 return 0;
415} 407}
416 408
@@ -425,9 +417,6 @@ ctnetlink_dump_table(struct sk_buff *skb, struct netlink_callback *cb)
425 struct nfgenmsg *nfmsg = NLMSG_DATA(cb->nlh); 417 struct nfgenmsg *nfmsg = NLMSG_DATA(cb->nlh);
426 u_int8_t l3proto = nfmsg->nfgen_family; 418 u_int8_t l3proto = nfmsg->nfgen_family;
427 419
428 DEBUGP("entered %s, last bucket=%lu id=%u\n", __FUNCTION__,
429 cb->args[0], *id);
430
431 read_lock_bh(&nf_conntrack_lock); 420 read_lock_bh(&nf_conntrack_lock);
432 last = (struct nf_conn *)cb->args[1]; 421 last = (struct nf_conn *)cb->args[1];
433 for (; cb->args[0] < nf_conntrack_htable_size; cb->args[0]++) { 422 for (; cb->args[0] < nf_conntrack_htable_size; cb->args[0]++) {
@@ -471,7 +460,6 @@ out:
471 if (last) 460 if (last)
472 nf_ct_put(last); 461 nf_ct_put(last);
473 462
474 DEBUGP("leaving, last bucket=%lu id=%u\n", cb->args[0], *id);
475 return skb->len; 463 return skb->len;
476} 464}
477 465
@@ -482,8 +470,6 @@ ctnetlink_parse_tuple_ip(struct nfattr *attr, struct nf_conntrack_tuple *tuple)
482 struct nf_conntrack_l3proto *l3proto; 470 struct nf_conntrack_l3proto *l3proto;
483 int ret = 0; 471 int ret = 0;
484 472
485 DEBUGP("entered %s\n", __FUNCTION__);
486
487 nfattr_parse_nested(tb, CTA_IP_MAX, attr); 473 nfattr_parse_nested(tb, CTA_IP_MAX, attr);
488 474
489 l3proto = nf_ct_l3proto_find_get(tuple->src.l3num); 475 l3proto = nf_ct_l3proto_find_get(tuple->src.l3num);
@@ -493,8 +479,6 @@ ctnetlink_parse_tuple_ip(struct nfattr *attr, struct nf_conntrack_tuple *tuple)
493 479
494 nf_ct_l3proto_put(l3proto); 480 nf_ct_l3proto_put(l3proto);
495 481
496 DEBUGP("leaving\n");
497
498 return ret; 482 return ret;
499} 483}
500 484
@@ -510,8 +494,6 @@ ctnetlink_parse_tuple_proto(struct nfattr *attr,
510 struct nf_conntrack_protocol *proto; 494 struct nf_conntrack_protocol *proto;
511 int ret = 0; 495 int ret = 0;
512 496
513 DEBUGP("entered %s\n", __FUNCTION__);
514
515 nfattr_parse_nested(tb, CTA_PROTO_MAX, attr); 497 nfattr_parse_nested(tb, CTA_PROTO_MAX, attr);
516 498
517 if (nfattr_bad_size(tb, CTA_PROTO_MAX, cta_min_proto)) 499 if (nfattr_bad_size(tb, CTA_PROTO_MAX, cta_min_proto))
@@ -538,8 +520,6 @@ ctnetlink_parse_tuple(struct nfattr *cda[], struct nf_conntrack_tuple *tuple,
538 struct nfattr *tb[CTA_TUPLE_MAX]; 520 struct nfattr *tb[CTA_TUPLE_MAX];
539 int err; 521 int err;
540 522
541 DEBUGP("entered %s\n", __FUNCTION__);
542
543 memset(tuple, 0, sizeof(*tuple)); 523 memset(tuple, 0, sizeof(*tuple));
544 524
545 nfattr_parse_nested(tb, CTA_TUPLE_MAX, cda[type-1]); 525 nfattr_parse_nested(tb, CTA_TUPLE_MAX, cda[type-1]);
@@ -566,10 +546,6 @@ ctnetlink_parse_tuple(struct nfattr *cda[], struct nf_conntrack_tuple *tuple,
566 else 546 else
567 tuple->dst.dir = IP_CT_DIR_ORIGINAL; 547 tuple->dst.dir = IP_CT_DIR_ORIGINAL;
568 548
569 NF_CT_DUMP_TUPLE(tuple);
570
571 DEBUGP("leaving\n");
572
573 return 0; 549 return 0;
574} 550}
575 551
@@ -586,8 +562,6 @@ static int ctnetlink_parse_nat_proto(struct nfattr *attr,
586 struct nfattr *tb[CTA_PROTONAT_MAX]; 562 struct nfattr *tb[CTA_PROTONAT_MAX];
587 struct ip_nat_protocol *npt; 563 struct ip_nat_protocol *npt;
588 564
589 DEBUGP("entered %s\n", __FUNCTION__);
590
591 nfattr_parse_nested(tb, CTA_PROTONAT_MAX, attr); 565 nfattr_parse_nested(tb, CTA_PROTONAT_MAX, attr);
592 566
593 if (nfattr_bad_size(tb, CTA_PROTONAT_MAX, cta_min_protonat)) 567 if (nfattr_bad_size(tb, CTA_PROTONAT_MAX, cta_min_protonat))
@@ -606,7 +580,6 @@ static int ctnetlink_parse_nat_proto(struct nfattr *attr,
606 580
607 ip_nat_proto_put(npt); 581 ip_nat_proto_put(npt);
608 582
609 DEBUGP("leaving\n");
610 return 0; 583 return 0;
611} 584}
612 585
@@ -622,8 +595,6 @@ ctnetlink_parse_nat(struct nfattr *nat,
622 struct nfattr *tb[CTA_NAT_MAX]; 595 struct nfattr *tb[CTA_NAT_MAX];
623 int err; 596 int err;
624 597
625 DEBUGP("entered %s\n", __FUNCTION__);
626
627 memset(range, 0, sizeof(*range)); 598 memset(range, 0, sizeof(*range));
628 599
629 nfattr_parse_nested(tb, CTA_NAT_MAX, nat); 600 nfattr_parse_nested(tb, CTA_NAT_MAX, nat);
@@ -649,7 +620,6 @@ ctnetlink_parse_nat(struct nfattr *nat,
649 if (err < 0) 620 if (err < 0)
650 return err; 621 return err;
651 622
652 DEBUGP("leaving\n");
653 return 0; 623 return 0;
654} 624}
655#endif 625#endif
@@ -659,8 +629,6 @@ ctnetlink_parse_help(struct nfattr *attr, char **helper_name)
659{ 629{
660 struct nfattr *tb[CTA_HELP_MAX]; 630 struct nfattr *tb[CTA_HELP_MAX];
661 631
662 DEBUGP("entered %s\n", __FUNCTION__);
663
664 nfattr_parse_nested(tb, CTA_HELP_MAX, attr); 632 nfattr_parse_nested(tb, CTA_HELP_MAX, attr);
665 633
666 if (!tb[CTA_HELP_NAME-1]) 634 if (!tb[CTA_HELP_NAME-1])
@@ -690,8 +658,6 @@ ctnetlink_del_conntrack(struct sock *ctnl, struct sk_buff *skb,
690 u_int8_t u3 = nfmsg->nfgen_family; 658 u_int8_t u3 = nfmsg->nfgen_family;
691 int err = 0; 659 int err = 0;
692 660
693 DEBUGP("entered %s\n", __FUNCTION__);
694
695 if (nfattr_bad_size(cda, CTA_MAX, cta_min)) 661 if (nfattr_bad_size(cda, CTA_MAX, cta_min))
696 return -EINVAL; 662 return -EINVAL;
697 663
@@ -709,10 +675,8 @@ ctnetlink_del_conntrack(struct sock *ctnl, struct sk_buff *skb,
709 return err; 675 return err;
710 676
711 h = nf_conntrack_find_get(&tuple, NULL); 677 h = nf_conntrack_find_get(&tuple, NULL);
712 if (!h) { 678 if (!h)
713 DEBUGP("tuple not found in conntrack hash\n");
714 return -ENOENT; 679 return -ENOENT;
715 }
716 680
717 ct = nf_ct_tuplehash_to_ctrack(h); 681 ct = nf_ct_tuplehash_to_ctrack(h);
718 682
@@ -727,7 +691,6 @@ ctnetlink_del_conntrack(struct sock *ctnl, struct sk_buff *skb,
727 ct->timeout.function((unsigned long)ct); 691 ct->timeout.function((unsigned long)ct);
728 692
729 nf_ct_put(ct); 693 nf_ct_put(ct);
730 DEBUGP("leaving\n");
731 694
732 return 0; 695 return 0;
733} 696}
@@ -744,8 +707,6 @@ ctnetlink_get_conntrack(struct sock *ctnl, struct sk_buff *skb,
744 u_int8_t u3 = nfmsg->nfgen_family; 707 u_int8_t u3 = nfmsg->nfgen_family;
745 int err = 0; 708 int err = 0;
746 709
747 DEBUGP("entered %s\n", __FUNCTION__);
748
749 if (nlh->nlmsg_flags & NLM_F_DUMP) { 710 if (nlh->nlmsg_flags & NLM_F_DUMP) {
750 u32 rlen; 711 u32 rlen;
751 712
@@ -779,11 +740,9 @@ ctnetlink_get_conntrack(struct sock *ctnl, struct sk_buff *skb,
779 return err; 740 return err;
780 741
781 h = nf_conntrack_find_get(&tuple, NULL); 742 h = nf_conntrack_find_get(&tuple, NULL);
782 if (!h) { 743 if (!h)
783 DEBUGP("tuple not found in conntrack hash");
784 return -ENOENT; 744 return -ENOENT;
785 } 745
786 DEBUGP("tuple found\n");
787 ct = nf_ct_tuplehash_to_ctrack(h); 746 ct = nf_ct_tuplehash_to_ctrack(h);
788 747
789 err = -ENOMEM; 748 err = -ENOMEM;
@@ -804,7 +763,6 @@ ctnetlink_get_conntrack(struct sock *ctnl, struct sk_buff *skb,
804 if (err < 0) 763 if (err < 0)
805 goto out; 764 goto out;
806 765
807 DEBUGP("leaving\n");
808 return 0; 766 return 0;
809 767
810free: 768free:
@@ -876,8 +834,6 @@ ctnetlink_change_helper(struct nf_conn *ct, struct nfattr *cda[])
876 char *helpname; 834 char *helpname;
877 int err; 835 int err;
878 836
879 DEBUGP("entered %s\n", __FUNCTION__);
880
881 if (!help) { 837 if (!help) {
882 /* FIXME: we need to reallocate and rehash */ 838 /* FIXME: we need to reallocate and rehash */
883 return -EBUSY; 839 return -EBUSY;
@@ -954,8 +910,6 @@ ctnetlink_change_conntrack(struct nf_conn *ct, struct nfattr *cda[])
954{ 910{
955 int err; 911 int err;
956 912
957 DEBUGP("entered %s\n", __FUNCTION__);
958
959 if (cda[CTA_HELP-1]) { 913 if (cda[CTA_HELP-1]) {
960 err = ctnetlink_change_helper(ct, cda); 914 err = ctnetlink_change_helper(ct, cda);
961 if (err < 0) 915 if (err < 0)
@@ -985,7 +939,6 @@ ctnetlink_change_conntrack(struct nf_conn *ct, struct nfattr *cda[])
985 ct->mark = ntohl(*(u_int32_t *)NFA_DATA(cda[CTA_MARK-1])); 939 ct->mark = ntohl(*(u_int32_t *)NFA_DATA(cda[CTA_MARK-1]));
986#endif 940#endif
987 941
988 DEBUGP("all done\n");
989 return 0; 942 return 0;
990} 943}
991 944
@@ -997,8 +950,6 @@ ctnetlink_create_conntrack(struct nfattr *cda[],
997 struct nf_conn *ct; 950 struct nf_conn *ct;
998 int err = -EINVAL; 951 int err = -EINVAL;
999 952
1000 DEBUGP("entered %s\n", __FUNCTION__);
1001
1002 ct = nf_conntrack_alloc(otuple, rtuple); 953 ct = nf_conntrack_alloc(otuple, rtuple);
1003 if (ct == NULL || IS_ERR(ct)) 954 if (ct == NULL || IS_ERR(ct))
1004 return -ENOMEM; 955 return -ENOMEM;
@@ -1028,7 +979,6 @@ ctnetlink_create_conntrack(struct nfattr *cda[],
1028 add_timer(&ct->timeout); 979 add_timer(&ct->timeout);
1029 nf_conntrack_hash_insert(ct); 980 nf_conntrack_hash_insert(ct);
1030 981
1031 DEBUGP("conntrack with id %u inserted\n", ct->id);
1032 return 0; 982 return 0;
1033 983
1034err: 984err:
@@ -1046,8 +996,6 @@ ctnetlink_new_conntrack(struct sock *ctnl, struct sk_buff *skb,
1046 u_int8_t u3 = nfmsg->nfgen_family; 996 u_int8_t u3 = nfmsg->nfgen_family;
1047 int err = 0; 997 int err = 0;
1048 998
1049 DEBUGP("entered %s\n", __FUNCTION__);
1050
1051 if (nfattr_bad_size(cda, CTA_MAX, cta_min)) 999 if (nfattr_bad_size(cda, CTA_MAX, cta_min))
1052 return -EINVAL; 1000 return -EINVAL;
1053 1001
@@ -1071,7 +1019,6 @@ ctnetlink_new_conntrack(struct sock *ctnl, struct sk_buff *skb,
1071 1019
1072 if (h == NULL) { 1020 if (h == NULL) {
1073 write_unlock_bh(&nf_conntrack_lock); 1021 write_unlock_bh(&nf_conntrack_lock);
1074 DEBUGP("no such conntrack, create new\n");
1075 err = -ENOENT; 1022 err = -ENOENT;
1076 if (nlh->nlmsg_flags & NLM_F_CREATE) 1023 if (nlh->nlmsg_flags & NLM_F_CREATE)
1077 err = ctnetlink_create_conntrack(cda, &otuple, &rtuple); 1024 err = ctnetlink_create_conntrack(cda, &otuple, &rtuple);
@@ -1087,7 +1034,6 @@ ctnetlink_new_conntrack(struct sock *ctnl, struct sk_buff *skb,
1087 1034
1088 /* We manipulate the conntrack inside the global conntrack table lock, 1035 /* We manipulate the conntrack inside the global conntrack table lock,
1089 * so there's no need to increase the refcount */ 1036 * so there's no need to increase the refcount */
1090 DEBUGP("conntrack found\n");
1091 err = -EEXIST; 1037 err = -EEXIST;
1092 if (!(nlh->nlmsg_flags & NLM_F_EXCL)) 1038 if (!(nlh->nlmsg_flags & NLM_F_EXCL))
1093 err = ctnetlink_change_conntrack(nf_ct_tuplehash_to_ctrack(h), cda); 1039 err = ctnetlink_change_conntrack(nf_ct_tuplehash_to_ctrack(h), cda);
@@ -1268,8 +1214,6 @@ ctnetlink_exp_dump_table(struct sk_buff *skb, struct netlink_callback *cb)
1268 struct nfgenmsg *nfmsg = NLMSG_DATA(cb->nlh); 1214 struct nfgenmsg *nfmsg = NLMSG_DATA(cb->nlh);
1269 u_int8_t l3proto = nfmsg->nfgen_family; 1215 u_int8_t l3proto = nfmsg->nfgen_family;
1270 1216
1271 DEBUGP("entered %s, last id=%llu\n", __FUNCTION__, *id);
1272
1273 read_lock_bh(&nf_conntrack_lock); 1217 read_lock_bh(&nf_conntrack_lock);
1274 list_for_each_prev(i, &nf_conntrack_expect_list) { 1218 list_for_each_prev(i, &nf_conntrack_expect_list) {
1275 exp = (struct nf_conntrack_expect *) i; 1219 exp = (struct nf_conntrack_expect *) i;
@@ -1287,8 +1231,6 @@ ctnetlink_exp_dump_table(struct sk_buff *skb, struct netlink_callback *cb)
1287out: 1231out:
1288 read_unlock_bh(&nf_conntrack_lock); 1232 read_unlock_bh(&nf_conntrack_lock);
1289 1233
1290 DEBUGP("leaving, last id=%llu\n", *id);
1291
1292 return skb->len; 1234 return skb->len;
1293} 1235}
1294 1236
@@ -1308,8 +1250,6 @@ ctnetlink_get_expect(struct sock *ctnl, struct sk_buff *skb,
1308 u_int8_t u3 = nfmsg->nfgen_family; 1250 u_int8_t u3 = nfmsg->nfgen_family;
1309 int err = 0; 1251 int err = 0;
1310 1252
1311 DEBUGP("entered %s\n", __FUNCTION__);
1312
1313 if (nfattr_bad_size(cda, CTA_EXPECT_MAX, cta_min_exp)) 1253 if (nfattr_bad_size(cda, CTA_EXPECT_MAX, cta_min_exp))
1314 return -EINVAL; 1254 return -EINVAL;
1315 1255
@@ -1460,8 +1400,6 @@ ctnetlink_create_expect(struct nfattr *cda[], u_int8_t u3)
1460 struct nf_conn_help *help; 1400 struct nf_conn_help *help;
1461 int err = 0; 1401 int err = 0;
1462 1402
1463 DEBUGP("entered %s\n", __FUNCTION__);
1464
1465 /* caller guarantees that those three CTA_EXPECT_* exist */ 1403 /* caller guarantees that those three CTA_EXPECT_* exist */
1466 err = ctnetlink_parse_tuple(cda, &tuple, CTA_EXPECT_TUPLE, u3); 1404 err = ctnetlink_parse_tuple(cda, &tuple, CTA_EXPECT_TUPLE, u3);
1467 if (err < 0) 1405 if (err < 0)
@@ -1516,8 +1454,6 @@ ctnetlink_new_expect(struct sock *ctnl, struct sk_buff *skb,
1516 u_int8_t u3 = nfmsg->nfgen_family; 1454 u_int8_t u3 = nfmsg->nfgen_family;
1517 int err = 0; 1455 int err = 0;
1518 1456
1519 DEBUGP("entered %s\n", __FUNCTION__);
1520
1521 if (nfattr_bad_size(cda, CTA_EXPECT_MAX, cta_min_exp)) 1457 if (nfattr_bad_size(cda, CTA_EXPECT_MAX, cta_min_exp))
1522 return -EINVAL; 1458 return -EINVAL;
1523 1459
@@ -1546,8 +1482,6 @@ ctnetlink_new_expect(struct sock *ctnl, struct sk_buff *skb,
1546 err = ctnetlink_change_expect(exp, cda); 1482 err = ctnetlink_change_expect(exp, cda);
1547 write_unlock_bh(&nf_conntrack_lock); 1483 write_unlock_bh(&nf_conntrack_lock);
1548 1484
1549 DEBUGP("leaving\n");
1550
1551 return err; 1485 return err;
1552} 1486}
1553 1487
diff --git a/net/netfilter/xt_NFQUEUE.c b/net/netfilter/xt_NFQUEUE.c
index db9b896e57c8..39e117502bd7 100644
--- a/net/netfilter/xt_NFQUEUE.c
+++ b/net/netfilter/xt_NFQUEUE.c
@@ -68,7 +68,7 @@ static int __init xt_nfqueue_init(void)
68 68
69static void __exit xt_nfqueue_fini(void) 69static void __exit xt_nfqueue_fini(void)
70{ 70{
71 xt_register_targets(xt_nfqueue_target, ARRAY_SIZE(xt_nfqueue_target)); 71 xt_unregister_targets(xt_nfqueue_target, ARRAY_SIZE(xt_nfqueue_target));
72} 72}
73 73
74module_init(xt_nfqueue_init); 74module_init(xt_nfqueue_init);
diff --git a/net/netfilter/xt_connmark.c b/net/netfilter/xt_connmark.c
index 92a5726ef237..a8f03057dbde 100644
--- a/net/netfilter/xt_connmark.c
+++ b/net/netfilter/xt_connmark.c
@@ -147,7 +147,7 @@ static int __init xt_connmark_init(void)
147 147
148static void __exit xt_connmark_fini(void) 148static void __exit xt_connmark_fini(void)
149{ 149{
150 xt_register_matches(xt_connmark_match, ARRAY_SIZE(xt_connmark_match)); 150 xt_unregister_matches(xt_connmark_match, ARRAY_SIZE(xt_connmark_match));
151} 151}
152 152
153module_init(xt_connmark_init); 153module_init(xt_connmark_init);
diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
index 39b8bf3a9ded..84bbf8474f3e 100644
--- a/net/xfrm/xfrm_state.c
+++ b/net/xfrm/xfrm_state.c
@@ -614,6 +614,14 @@ out:
614 return x; 614 return x;
615} 615}
616 616
617static void xfrm_hash_grow_check(int have_hash_collision)
618{
619 if (have_hash_collision &&
620 (xfrm_state_hmask + 1) < xfrm_state_hashmax &&
621 xfrm_state_num > xfrm_state_hmask)
622 schedule_work(&xfrm_hash_work);
623}
624
617static void __xfrm_state_insert(struct xfrm_state *x) 625static void __xfrm_state_insert(struct xfrm_state *x)
618{ 626{
619 unsigned int h; 627 unsigned int h;
@@ -642,10 +650,7 @@ static void __xfrm_state_insert(struct xfrm_state *x)
642 650
643 xfrm_state_num++; 651 xfrm_state_num++;
644 652
645 if (x->bydst.next != NULL && 653 xfrm_hash_grow_check(x->bydst.next != NULL);
646 (xfrm_state_hmask + 1) < xfrm_state_hashmax &&
647 xfrm_state_num > xfrm_state_hmask)
648 schedule_work(&xfrm_hash_work);
649} 654}
650 655
651/* xfrm_state_lock is held */ 656/* xfrm_state_lock is held */
@@ -753,6 +758,10 @@ static struct xfrm_state *__find_acq_core(unsigned short family, u8 mode, u32 re
753 h = xfrm_src_hash(daddr, saddr, family); 758 h = xfrm_src_hash(daddr, saddr, family);
754 hlist_add_head(&x->bysrc, xfrm_state_bysrc+h); 759 hlist_add_head(&x->bysrc, xfrm_state_bysrc+h);
755 wake_up(&km_waitq); 760 wake_up(&km_waitq);
761
762 xfrm_state_num++;
763
764 xfrm_hash_grow_check(x->bydst.next != NULL);
756 } 765 }
757 766
758 return x; 767 return x;
diff --git a/security/selinux/ss/ebitmap.c b/security/selinux/ss/ebitmap.c
index cfed1d30fa6a..d539346ab3a2 100644
--- a/security/selinux/ss/ebitmap.c
+++ b/security/selinux/ss/ebitmap.c
@@ -93,11 +93,15 @@ int ebitmap_export(const struct ebitmap *src,
93 size_t bitmap_byte; 93 size_t bitmap_byte;
94 unsigned char bitmask; 94 unsigned char bitmask;
95 95
96 if (src->highbit == 0) {
97 *dst = NULL;
98 *dst_len = 0;
99 return 0;
100 }
101
96 bitmap_len = src->highbit / 8; 102 bitmap_len = src->highbit / 8;
97 if (src->highbit % 7) 103 if (src->highbit % 7)
98 bitmap_len += 1; 104 bitmap_len += 1;
99 if (bitmap_len == 0)
100 return -EINVAL;
101 105
102 bitmap = kzalloc((bitmap_len & ~(sizeof(MAPTYPE) - 1)) + 106 bitmap = kzalloc((bitmap_len & ~(sizeof(MAPTYPE) - 1)) +
103 sizeof(MAPTYPE), 107 sizeof(MAPTYPE),
diff --git a/security/selinux/ss/mls.c b/security/selinux/ss/mls.c
index c713af23250a..2cca8e251624 100644
--- a/security/selinux/ss/mls.c
+++ b/security/selinux/ss/mls.c
@@ -640,8 +640,13 @@ int mls_export_cat(const struct context *context,
640{ 640{
641 int rc = -EPERM; 641 int rc = -EPERM;
642 642
643 if (!selinux_mls_enabled) 643 if (!selinux_mls_enabled) {
644 *low = NULL;
645 *low_len = 0;
646 *high = NULL;
647 *high_len = 0;
644 return 0; 648 return 0;
649 }
645 650
646 if (low != NULL) { 651 if (low != NULL) {
647 rc = ebitmap_export(&context->range.level[0].cat, 652 rc = ebitmap_export(&context->range.level[0].cat,
@@ -661,10 +666,16 @@ int mls_export_cat(const struct context *context,
661 return 0; 666 return 0;
662 667
663export_cat_failure: 668export_cat_failure:
664 if (low != NULL) 669 if (low != NULL) {
665 kfree(*low); 670 kfree(*low);
666 if (high != NULL) 671 *low = NULL;
672 *low_len = 0;
673 }
674 if (high != NULL) {
667 kfree(*high); 675 kfree(*high);
676 *high = NULL;
677 *high_len = 0;
678 }
668 return rc; 679 return rc;
669} 680}
670 681
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index 18274b005090..b1f6fb36c699 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -2399,31 +2399,33 @@ static int selinux_netlbl_socket_setsid(struct socket *sock, u32 sid)
2399 if (!ss_initialized) 2399 if (!ss_initialized)
2400 return 0; 2400 return 0;
2401 2401
2402 netlbl_secattr_init(&secattr);
2403
2402 POLICY_RDLOCK; 2404 POLICY_RDLOCK;
2403 2405
2404 ctx = sidtab_search(&sidtab, sid); 2406 ctx = sidtab_search(&sidtab, sid);
2405 if (ctx == NULL) 2407 if (ctx == NULL)
2406 goto netlbl_socket_setsid_return; 2408 goto netlbl_socket_setsid_return;
2407 2409
2408 netlbl_secattr_init(&secattr);
2409 secattr.domain = kstrdup(policydb.p_type_val_to_name[ctx->type - 1], 2410 secattr.domain = kstrdup(policydb.p_type_val_to_name[ctx->type - 1],
2410 GFP_ATOMIC); 2411 GFP_ATOMIC);
2411 mls_export_lvl(ctx, &secattr.mls_lvl, NULL); 2412 mls_export_lvl(ctx, &secattr.mls_lvl, NULL);
2412 secattr.mls_lvl_vld = 1; 2413 secattr.mls_lvl_vld = 1;
2413 mls_export_cat(ctx, 2414 rc = mls_export_cat(ctx,
2414 &secattr.mls_cat, 2415 &secattr.mls_cat,
2415 &secattr.mls_cat_len, 2416 &secattr.mls_cat_len,
2416 NULL, 2417 NULL,
2417 NULL); 2418 NULL);
2419 if (rc != 0)
2420 goto netlbl_socket_setsid_return;
2418 2421
2419 rc = netlbl_socket_setattr(sock, &secattr); 2422 rc = netlbl_socket_setattr(sock, &secattr);
2420 if (rc == 0) 2423 if (rc == 0)
2421 sksec->nlbl_state = NLBL_LABELED; 2424 sksec->nlbl_state = NLBL_LABELED;
2422 2425
2423 netlbl_secattr_destroy(&secattr);
2424
2425netlbl_socket_setsid_return: 2426netlbl_socket_setsid_return:
2426 POLICY_RDUNLOCK; 2427 POLICY_RDUNLOCK;
2428 netlbl_secattr_destroy(&secattr);
2427 return rc; 2429 return rc;
2428} 2430}
2429 2431