aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--include/net/ip_vs.h8
-rw-r--r--include/uapi/linux/ip_vs.h4
-rw-r--r--net/netfilter/ipvs/ip_vs_conn.c14
-rw-r--r--net/netfilter/ipvs/ip_vs_core.c7
-rw-r--r--net/netfilter/ipvs/ip_vs_ctl.c55
-rw-r--r--net/netfilter/ipvs/ip_vs_lblc.c2
-rw-r--r--net/netfilter/ipvs/ip_vs_lblcr.c2
-rw-r--r--net/netfilter/ipvs/ip_vs_pe_sip.c3
-rw-r--r--net/netfilter/ipvs/ip_vs_proto_sctp.c2
-rw-r--r--net/netfilter/ipvs/ip_vs_sync.c21
-rw-r--r--net/netfilter/nf_nat_core.c1
11 files changed, 64 insertions, 55 deletions
diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h
index f9f5b057b480..4c062ccff9aa 100644
--- a/include/net/ip_vs.h
+++ b/include/net/ip_vs.h
@@ -678,7 +678,7 @@ struct ip_vs_service_user_kern {
678 u16 af; 678 u16 af;
679 u16 protocol; 679 u16 protocol;
680 union nf_inet_addr addr; /* virtual ip address */ 680 union nf_inet_addr addr; /* virtual ip address */
681 u16 port; 681 __be16 port;
682 u32 fwmark; /* firwall mark of service */ 682 u32 fwmark; /* firwall mark of service */
683 683
684 /* virtual service options */ 684 /* virtual service options */
@@ -686,14 +686,14 @@ struct ip_vs_service_user_kern {
686 char *pe_name; 686 char *pe_name;
687 unsigned int flags; /* virtual service flags */ 687 unsigned int flags; /* virtual service flags */
688 unsigned int timeout; /* persistent timeout in sec */ 688 unsigned int timeout; /* persistent timeout in sec */
689 u32 netmask; /* persistent netmask */ 689 __be32 netmask; /* persistent netmask or plen */
690}; 690};
691 691
692 692
693struct ip_vs_dest_user_kern { 693struct ip_vs_dest_user_kern {
694 /* destination server address */ 694 /* destination server address */
695 union nf_inet_addr addr; 695 union nf_inet_addr addr;
696 u16 port; 696 __be16 port;
697 697
698 /* real server options */ 698 /* real server options */
699 unsigned int conn_flags; /* connection flags */ 699 unsigned int conn_flags; /* connection flags */
@@ -721,7 +721,7 @@ struct ip_vs_service {
721 __u32 fwmark; /* firewall mark of the service */ 721 __u32 fwmark; /* firewall mark of the service */
722 unsigned int flags; /* service status flags */ 722 unsigned int flags; /* service status flags */
723 unsigned int timeout; /* persistent timeout in ticks */ 723 unsigned int timeout; /* persistent timeout in ticks */
724 __be32 netmask; /* grouping granularity */ 724 __be32 netmask; /* grouping granularity, mask/plen */
725 struct net *net; 725 struct net *net;
726 726
727 struct list_head destinations; /* real server d-linked list */ 727 struct list_head destinations; /* real server d-linked list */
diff --git a/include/uapi/linux/ip_vs.h b/include/uapi/linux/ip_vs.h
index 8a2d438dc499..a24537725e80 100644
--- a/include/uapi/linux/ip_vs.h
+++ b/include/uapi/linux/ip_vs.h
@@ -280,8 +280,8 @@ struct ip_vs_daemon_user {
280#define IPVS_GENL_VERSION 0x1 280#define IPVS_GENL_VERSION 0x1
281 281
282struct ip_vs_flags { 282struct ip_vs_flags {
283 __be32 flags; 283 __u32 flags;
284 __be32 mask; 284 __u32 mask;
285}; 285};
286 286
287/* Generic Netlink command attributes */ 287/* Generic Netlink command attributes */
diff --git a/net/netfilter/ipvs/ip_vs_conn.c b/net/netfilter/ipvs/ip_vs_conn.c
index de6475894a39..a083bda322b6 100644
--- a/net/netfilter/ipvs/ip_vs_conn.c
+++ b/net/netfilter/ipvs/ip_vs_conn.c
@@ -966,7 +966,6 @@ static void *ip_vs_conn_array(struct seq_file *seq, loff_t pos)
966 struct ip_vs_iter_state *iter = seq->private; 966 struct ip_vs_iter_state *iter = seq->private;
967 967
968 for (idx = 0; idx < ip_vs_conn_tab_size; idx++) { 968 for (idx = 0; idx < ip_vs_conn_tab_size; idx++) {
969 rcu_read_lock();
970 hlist_for_each_entry_rcu(cp, &ip_vs_conn_tab[idx], c_list) { 969 hlist_for_each_entry_rcu(cp, &ip_vs_conn_tab[idx], c_list) {
971 /* __ip_vs_conn_get() is not needed by 970 /* __ip_vs_conn_get() is not needed by
972 * ip_vs_conn_seq_show and ip_vs_conn_sync_seq_show 971 * ip_vs_conn_seq_show and ip_vs_conn_sync_seq_show
@@ -977,16 +976,19 @@ static void *ip_vs_conn_array(struct seq_file *seq, loff_t pos)
977 } 976 }
978 } 977 }
979 rcu_read_unlock(); 978 rcu_read_unlock();
979 rcu_read_lock();
980 } 980 }
981 981
982 return NULL; 982 return NULL;
983} 983}
984 984
985static void *ip_vs_conn_seq_start(struct seq_file *seq, loff_t *pos) 985static void *ip_vs_conn_seq_start(struct seq_file *seq, loff_t *pos)
986 __acquires(RCU)
986{ 987{
987 struct ip_vs_iter_state *iter = seq->private; 988 struct ip_vs_iter_state *iter = seq->private;
988 989
989 iter->l = NULL; 990 iter->l = NULL;
991 rcu_read_lock();
990 return *pos ? ip_vs_conn_array(seq, *pos - 1) :SEQ_START_TOKEN; 992 return *pos ? ip_vs_conn_array(seq, *pos - 1) :SEQ_START_TOKEN;
991} 993}
992 994
@@ -1006,28 +1008,24 @@ static void *ip_vs_conn_seq_next(struct seq_file *seq, void *v, loff_t *pos)
1006 e = rcu_dereference(hlist_next_rcu(&cp->c_list)); 1008 e = rcu_dereference(hlist_next_rcu(&cp->c_list));
1007 if (e) 1009 if (e)
1008 return hlist_entry(e, struct ip_vs_conn, c_list); 1010 return hlist_entry(e, struct ip_vs_conn, c_list);
1009 rcu_read_unlock();
1010 1011
1011 idx = l - ip_vs_conn_tab; 1012 idx = l - ip_vs_conn_tab;
1012 while (++idx < ip_vs_conn_tab_size) { 1013 while (++idx < ip_vs_conn_tab_size) {
1013 rcu_read_lock();
1014 hlist_for_each_entry_rcu(cp, &ip_vs_conn_tab[idx], c_list) { 1014 hlist_for_each_entry_rcu(cp, &ip_vs_conn_tab[idx], c_list) {
1015 iter->l = &ip_vs_conn_tab[idx]; 1015 iter->l = &ip_vs_conn_tab[idx];
1016 return cp; 1016 return cp;
1017 } 1017 }
1018 rcu_read_unlock(); 1018 rcu_read_unlock();
1019 rcu_read_lock();
1019 } 1020 }
1020 iter->l = NULL; 1021 iter->l = NULL;
1021 return NULL; 1022 return NULL;
1022} 1023}
1023 1024
1024static void ip_vs_conn_seq_stop(struct seq_file *seq, void *v) 1025static void ip_vs_conn_seq_stop(struct seq_file *seq, void *v)
1026 __releases(RCU)
1025{ 1027{
1026 struct ip_vs_iter_state *iter = seq->private; 1028 rcu_read_unlock();
1027 struct hlist_head *l = iter->l;
1028
1029 if (l)
1030 rcu_read_unlock();
1031} 1029}
1032 1030
1033static int ip_vs_conn_seq_show(struct seq_file *seq, void *v) 1031static int ip_vs_conn_seq_show(struct seq_file *seq, void *v)
diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/ipvs/ip_vs_core.c
index f26fe3353a30..085b5880ab0d 100644
--- a/net/netfilter/ipvs/ip_vs_core.c
+++ b/net/netfilter/ipvs/ip_vs_core.c
@@ -235,7 +235,8 @@ ip_vs_sched_persist(struct ip_vs_service *svc,
235 /* Mask saddr with the netmask to adjust template granularity */ 235 /* Mask saddr with the netmask to adjust template granularity */
236#ifdef CONFIG_IP_VS_IPV6 236#ifdef CONFIG_IP_VS_IPV6
237 if (svc->af == AF_INET6) 237 if (svc->af == AF_INET6)
238 ipv6_addr_prefix(&snet.in6, &iph->saddr.in6, svc->netmask); 238 ipv6_addr_prefix(&snet.in6, &iph->saddr.in6,
239 (__force __u32) svc->netmask);
239 else 240 else
240#endif 241#endif
241 snet.ip = iph->saddr.ip & svc->netmask; 242 snet.ip = iph->saddr.ip & svc->netmask;
@@ -583,9 +584,9 @@ int ip_vs_leave(struct ip_vs_service *svc, struct sk_buff *skb,
583#ifdef CONFIG_IP_VS_IPV6 584#ifdef CONFIG_IP_VS_IPV6
584 if (svc->af == AF_INET6) { 585 if (svc->af == AF_INET6) {
585 if (!skb->dev) { 586 if (!skb->dev) {
586 struct net *net = dev_net(skb_dst(skb)->dev); 587 struct net *net_ = dev_net(skb_dst(skb)->dev);
587 588
588 skb->dev = net->loopback_dev; 589 skb->dev = net_->loopback_dev;
589 } 590 }
590 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_PORT_UNREACH, 0); 591 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_PORT_UNREACH, 0);
591 } else 592 } else
diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c
index 9e4074c26dc2..5b142fb16480 100644
--- a/net/netfilter/ipvs/ip_vs_ctl.c
+++ b/net/netfilter/ipvs/ip_vs_ctl.c
@@ -1164,9 +1164,13 @@ ip_vs_add_service(struct net *net, struct ip_vs_service_user_kern *u,
1164 } 1164 }
1165 1165
1166#ifdef CONFIG_IP_VS_IPV6 1166#ifdef CONFIG_IP_VS_IPV6
1167 if (u->af == AF_INET6 && (u->netmask < 1 || u->netmask > 128)) { 1167 if (u->af == AF_INET6) {
1168 ret = -EINVAL; 1168 __u32 plen = (__force __u32) u->netmask;
1169 goto out_err; 1169
1170 if (plen < 1 || plen > 128) {
1171 ret = -EINVAL;
1172 goto out_err;
1173 }
1170 } 1174 }
1171#endif 1175#endif
1172 1176
@@ -1277,9 +1281,13 @@ ip_vs_edit_service(struct ip_vs_service *svc, struct ip_vs_service_user_kern *u)
1277 } 1281 }
1278 1282
1279#ifdef CONFIG_IP_VS_IPV6 1283#ifdef CONFIG_IP_VS_IPV6
1280 if (u->af == AF_INET6 && (u->netmask < 1 || u->netmask > 128)) { 1284 if (u->af == AF_INET6) {
1281 ret = -EINVAL; 1285 __u32 plen = (__force __u32) u->netmask;
1282 goto out; 1286
1287 if (plen < 1 || plen > 128) {
1288 ret = -EINVAL;
1289 goto out;
1290 }
1283 } 1291 }
1284#endif 1292#endif
1285 1293
@@ -1460,8 +1468,11 @@ void ip_vs_service_net_cleanup(struct net *net)
1460static inline void 1468static inline void
1461ip_vs_forget_dev(struct ip_vs_dest *dest, struct net_device *dev) 1469ip_vs_forget_dev(struct ip_vs_dest *dest, struct net_device *dev)
1462{ 1470{
1471 struct ip_vs_dest_dst *dest_dst;
1472
1463 spin_lock_bh(&dest->dst_lock); 1473 spin_lock_bh(&dest->dst_lock);
1464 if (dest->dest_dst && dest->dest_dst->dst_cache->dev == dev) { 1474 dest_dst = rcu_dereference_protected(dest->dest_dst, 1);
1475 if (dest_dst && dest_dst->dst_cache->dev == dev) {
1465 IP_VS_DBG_BUF(3, "Reset dev:%s dest %s:%u ,dest->refcnt=%d\n", 1476 IP_VS_DBG_BUF(3, "Reset dev:%s dest %s:%u ,dest->refcnt=%d\n",
1466 dev->name, 1477 dev->name,
1467 IP_VS_DBG_ADDR(dest->af, &dest->addr), 1478 IP_VS_DBG_ADDR(dest->af, &dest->addr),
@@ -1934,8 +1945,8 @@ static struct ip_vs_service *ip_vs_info_array(struct seq_file *seq, loff_t pos)
1934} 1945}
1935 1946
1936static void *ip_vs_info_seq_start(struct seq_file *seq, loff_t *pos) 1947static void *ip_vs_info_seq_start(struct seq_file *seq, loff_t *pos)
1948 __acquires(RCU)
1937{ 1949{
1938
1939 rcu_read_lock(); 1950 rcu_read_lock();
1940 return *pos ? ip_vs_info_array(seq, *pos - 1) : SEQ_START_TOKEN; 1951 return *pos ? ip_vs_info_array(seq, *pos - 1) : SEQ_START_TOKEN;
1941} 1952}
@@ -1990,6 +2001,7 @@ static void *ip_vs_info_seq_next(struct seq_file *seq, void *v, loff_t *pos)
1990} 2001}
1991 2002
1992static void ip_vs_info_seq_stop(struct seq_file *seq, void *v) 2003static void ip_vs_info_seq_stop(struct seq_file *seq, void *v)
2004 __releases(RCU)
1993{ 2005{
1994 rcu_read_unlock(); 2006 rcu_read_unlock();
1995} 2007}
@@ -2134,7 +2146,7 @@ static int ip_vs_stats_percpu_show(struct seq_file *seq, void *v)
2134{ 2146{
2135 struct net *net = seq_file_single_net(seq); 2147 struct net *net = seq_file_single_net(seq);
2136 struct ip_vs_stats *tot_stats = &net_ipvs(net)->tot_stats; 2148 struct ip_vs_stats *tot_stats = &net_ipvs(net)->tot_stats;
2137 struct ip_vs_cpu_stats *cpustats = tot_stats->cpustats; 2149 struct ip_vs_cpu_stats __percpu *cpustats = tot_stats->cpustats;
2138 struct ip_vs_stats_user rates; 2150 struct ip_vs_stats_user rates;
2139 int i; 2151 int i;
2140 2152
@@ -2871,6 +2883,7 @@ static int ip_vs_genl_fill_service(struct sk_buff *skb,
2871 struct ip_vs_service *svc) 2883 struct ip_vs_service *svc)
2872{ 2884{
2873 struct ip_vs_scheduler *sched; 2885 struct ip_vs_scheduler *sched;
2886 struct ip_vs_pe *pe;
2874 struct nlattr *nl_service; 2887 struct nlattr *nl_service;
2875 struct ip_vs_flags flags = { .flags = svc->flags, 2888 struct ip_vs_flags flags = { .flags = svc->flags,
2876 .mask = ~0 }; 2889 .mask = ~0 };
@@ -2887,17 +2900,17 @@ static int ip_vs_genl_fill_service(struct sk_buff *skb,
2887 } else { 2900 } else {
2888 if (nla_put_u16(skb, IPVS_SVC_ATTR_PROTOCOL, svc->protocol) || 2901 if (nla_put_u16(skb, IPVS_SVC_ATTR_PROTOCOL, svc->protocol) ||
2889 nla_put(skb, IPVS_SVC_ATTR_ADDR, sizeof(svc->addr), &svc->addr) || 2902 nla_put(skb, IPVS_SVC_ATTR_ADDR, sizeof(svc->addr), &svc->addr) ||
2890 nla_put_u16(skb, IPVS_SVC_ATTR_PORT, svc->port)) 2903 nla_put_be16(skb, IPVS_SVC_ATTR_PORT, svc->port))
2891 goto nla_put_failure; 2904 goto nla_put_failure;
2892 } 2905 }
2893 2906
2894 sched = rcu_dereference_protected(svc->scheduler, 1); 2907 sched = rcu_dereference_protected(svc->scheduler, 1);
2908 pe = rcu_dereference_protected(svc->pe, 1);
2895 if (nla_put_string(skb, IPVS_SVC_ATTR_SCHED_NAME, sched->name) || 2909 if (nla_put_string(skb, IPVS_SVC_ATTR_SCHED_NAME, sched->name) ||
2896 (svc->pe && 2910 (pe && nla_put_string(skb, IPVS_SVC_ATTR_PE_NAME, pe->name)) ||
2897 nla_put_string(skb, IPVS_SVC_ATTR_PE_NAME, svc->pe->name)) ||
2898 nla_put(skb, IPVS_SVC_ATTR_FLAGS, sizeof(flags), &flags) || 2911 nla_put(skb, IPVS_SVC_ATTR_FLAGS, sizeof(flags), &flags) ||
2899 nla_put_u32(skb, IPVS_SVC_ATTR_TIMEOUT, svc->timeout / HZ) || 2912 nla_put_u32(skb, IPVS_SVC_ATTR_TIMEOUT, svc->timeout / HZ) ||
2900 nla_put_u32(skb, IPVS_SVC_ATTR_NETMASK, svc->netmask)) 2913 nla_put_be32(skb, IPVS_SVC_ATTR_NETMASK, svc->netmask))
2901 goto nla_put_failure; 2914 goto nla_put_failure;
2902 if (ip_vs_genl_fill_stats(skb, IPVS_SVC_ATTR_STATS, &svc->stats)) 2915 if (ip_vs_genl_fill_stats(skb, IPVS_SVC_ATTR_STATS, &svc->stats))
2903 goto nla_put_failure; 2916 goto nla_put_failure;
@@ -3010,7 +3023,7 @@ static int ip_vs_genl_parse_service(struct net *net,
3010 } else { 3023 } else {
3011 usvc->protocol = nla_get_u16(nla_protocol); 3024 usvc->protocol = nla_get_u16(nla_protocol);
3012 nla_memcpy(&usvc->addr, nla_addr, sizeof(usvc->addr)); 3025 nla_memcpy(&usvc->addr, nla_addr, sizeof(usvc->addr));
3013 usvc->port = nla_get_u16(nla_port); 3026 usvc->port = nla_get_be16(nla_port);
3014 usvc->fwmark = 0; 3027 usvc->fwmark = 0;
3015 } 3028 }
3016 3029
@@ -3050,7 +3063,7 @@ static int ip_vs_genl_parse_service(struct net *net,
3050 usvc->sched_name = nla_data(nla_sched); 3063 usvc->sched_name = nla_data(nla_sched);
3051 usvc->pe_name = nla_pe ? nla_data(nla_pe) : NULL; 3064 usvc->pe_name = nla_pe ? nla_data(nla_pe) : NULL;
3052 usvc->timeout = nla_get_u32(nla_timeout); 3065 usvc->timeout = nla_get_u32(nla_timeout);
3053 usvc->netmask = nla_get_u32(nla_netmask); 3066 usvc->netmask = nla_get_be32(nla_netmask);
3054 } 3067 }
3055 3068
3056 return 0; 3069 return 0;
@@ -3076,7 +3089,7 @@ static int ip_vs_genl_fill_dest(struct sk_buff *skb, struct ip_vs_dest *dest)
3076 return -EMSGSIZE; 3089 return -EMSGSIZE;
3077 3090
3078 if (nla_put(skb, IPVS_DEST_ATTR_ADDR, sizeof(dest->addr), &dest->addr) || 3091 if (nla_put(skb, IPVS_DEST_ATTR_ADDR, sizeof(dest->addr), &dest->addr) ||
3079 nla_put_u16(skb, IPVS_DEST_ATTR_PORT, dest->port) || 3092 nla_put_be16(skb, IPVS_DEST_ATTR_PORT, dest->port) ||
3080 nla_put_u32(skb, IPVS_DEST_ATTR_FWD_METHOD, 3093 nla_put_u32(skb, IPVS_DEST_ATTR_FWD_METHOD,
3081 (atomic_read(&dest->conn_flags) & 3094 (atomic_read(&dest->conn_flags) &
3082 IP_VS_CONN_F_FWD_MASK)) || 3095 IP_VS_CONN_F_FWD_MASK)) ||
@@ -3185,7 +3198,7 @@ static int ip_vs_genl_parse_dest(struct ip_vs_dest_user_kern *udest,
3185 memset(udest, 0, sizeof(*udest)); 3198 memset(udest, 0, sizeof(*udest));
3186 3199
3187 nla_memcpy(&udest->addr, nla_addr, sizeof(udest->addr)); 3200 nla_memcpy(&udest->addr, nla_addr, sizeof(udest->addr));
3188 udest->port = nla_get_u16(nla_port); 3201 udest->port = nla_get_be16(nla_port);
3189 3202
3190 /* If a full entry was requested, check for the additional fields */ 3203 /* If a full entry was requested, check for the additional fields */
3191 if (full_entry) { 3204 if (full_entry) {
@@ -3210,8 +3223,8 @@ static int ip_vs_genl_parse_dest(struct ip_vs_dest_user_kern *udest,
3210 return 0; 3223 return 0;
3211} 3224}
3212 3225
3213static int ip_vs_genl_fill_daemon(struct sk_buff *skb, __be32 state, 3226static int ip_vs_genl_fill_daemon(struct sk_buff *skb, __u32 state,
3214 const char *mcast_ifn, __be32 syncid) 3227 const char *mcast_ifn, __u32 syncid)
3215{ 3228{
3216 struct nlattr *nl_daemon; 3229 struct nlattr *nl_daemon;
3217 3230
@@ -3232,8 +3245,8 @@ nla_put_failure:
3232 return -EMSGSIZE; 3245 return -EMSGSIZE;
3233} 3246}
3234 3247
3235static int ip_vs_genl_dump_daemon(struct sk_buff *skb, __be32 state, 3248static int ip_vs_genl_dump_daemon(struct sk_buff *skb, __u32 state,
3236 const char *mcast_ifn, __be32 syncid, 3249 const char *mcast_ifn, __u32 syncid,
3237 struct netlink_callback *cb) 3250 struct netlink_callback *cb)
3238{ 3251{
3239 void *hdr; 3252 void *hdr;
diff --git a/net/netfilter/ipvs/ip_vs_lblc.c b/net/netfilter/ipvs/ip_vs_lblc.c
index b2cc2528a4df..5ea26bd87743 100644
--- a/net/netfilter/ipvs/ip_vs_lblc.c
+++ b/net/netfilter/ipvs/ip_vs_lblc.c
@@ -104,7 +104,7 @@ struct ip_vs_lblc_entry {
104 */ 104 */
105struct ip_vs_lblc_table { 105struct ip_vs_lblc_table {
106 struct rcu_head rcu_head; 106 struct rcu_head rcu_head;
107 struct hlist_head __rcu bucket[IP_VS_LBLC_TAB_SIZE]; /* hash bucket */ 107 struct hlist_head bucket[IP_VS_LBLC_TAB_SIZE]; /* hash bucket */
108 struct timer_list periodic_timer; /* collect stale entries */ 108 struct timer_list periodic_timer; /* collect stale entries */
109 atomic_t entries; /* number of entries */ 109 atomic_t entries; /* number of entries */
110 int max_size; /* maximum size of entries */ 110 int max_size; /* maximum size of entries */
diff --git a/net/netfilter/ipvs/ip_vs_lblcr.c b/net/netfilter/ipvs/ip_vs_lblcr.c
index feb9656eac58..50123c2ab484 100644
--- a/net/netfilter/ipvs/ip_vs_lblcr.c
+++ b/net/netfilter/ipvs/ip_vs_lblcr.c
@@ -284,7 +284,7 @@ struct ip_vs_lblcr_entry {
284 */ 284 */
285struct ip_vs_lblcr_table { 285struct ip_vs_lblcr_table {
286 struct rcu_head rcu_head; 286 struct rcu_head rcu_head;
287 struct hlist_head __rcu bucket[IP_VS_LBLCR_TAB_SIZE]; /* hash bucket */ 287 struct hlist_head bucket[IP_VS_LBLCR_TAB_SIZE]; /* hash bucket */
288 atomic_t entries; /* number of entries */ 288 atomic_t entries; /* number of entries */
289 int max_size; /* maximum size of entries */ 289 int max_size; /* maximum size of entries */
290 struct timer_list periodic_timer; /* collect stale entries */ 290 struct timer_list periodic_timer; /* collect stale entries */
diff --git a/net/netfilter/ipvs/ip_vs_pe_sip.c b/net/netfilter/ipvs/ip_vs_pe_sip.c
index 00cc0241ed87..9a8f4213e8a6 100644
--- a/net/netfilter/ipvs/ip_vs_pe_sip.c
+++ b/net/netfilter/ipvs/ip_vs_pe_sip.c
@@ -13,7 +13,8 @@ static const char *ip_vs_dbg_callid(char *buf, size_t buf_len,
13 const char *callid, size_t callid_len, 13 const char *callid, size_t callid_len,
14 int *idx) 14 int *idx)
15{ 15{
16 size_t len = min(min(callid_len, (size_t)64), buf_len - *idx - 1); 16 size_t max_len = 64;
17 size_t len = min3(max_len, callid_len, buf_len - *idx - 1);
17 memcpy(buf + *idx, callid, len); 18 memcpy(buf + *idx, callid, len);
18 buf[*idx+len] = '\0'; 19 buf[*idx+len] = '\0';
19 *idx += len + 1; 20 *idx += len + 1;
diff --git a/net/netfilter/ipvs/ip_vs_proto_sctp.c b/net/netfilter/ipvs/ip_vs_proto_sctp.c
index 6e14a7b5602f..86464881cd20 100644
--- a/net/netfilter/ipvs/ip_vs_proto_sctp.c
+++ b/net/netfilter/ipvs/ip_vs_proto_sctp.c
@@ -208,7 +208,7 @@ enum ipvs_sctp_event_t {
208 IP_VS_SCTP_EVE_LAST 208 IP_VS_SCTP_EVE_LAST
209}; 209};
210 210
211static enum ipvs_sctp_event_t sctp_events[255] = { 211static enum ipvs_sctp_event_t sctp_events[256] = {
212 IP_VS_SCTP_EVE_DATA_CLI, 212 IP_VS_SCTP_EVE_DATA_CLI,
213 IP_VS_SCTP_EVE_INIT_CLI, 213 IP_VS_SCTP_EVE_INIT_CLI,
214 IP_VS_SCTP_EVE_INIT_ACK_CLI, 214 IP_VS_SCTP_EVE_INIT_ACK_CLI,
diff --git a/net/netfilter/ipvs/ip_vs_sync.c b/net/netfilter/ipvs/ip_vs_sync.c
index 8e57077e5540..f6046d9af8d3 100644
--- a/net/netfilter/ipvs/ip_vs_sync.c
+++ b/net/netfilter/ipvs/ip_vs_sync.c
@@ -246,7 +246,7 @@ struct ip_vs_sync_thread_data {
246struct ip_vs_sync_mesg_v0 { 246struct ip_vs_sync_mesg_v0 {
247 __u8 nr_conns; 247 __u8 nr_conns;
248 __u8 syncid; 248 __u8 syncid;
249 __u16 size; 249 __be16 size;
250 250
251 /* ip_vs_sync_conn entries start here */ 251 /* ip_vs_sync_conn entries start here */
252}; 252};
@@ -255,7 +255,7 @@ struct ip_vs_sync_mesg_v0 {
255struct ip_vs_sync_mesg { 255struct ip_vs_sync_mesg {
256 __u8 reserved; /* must be zero */ 256 __u8 reserved; /* must be zero */
257 __u8 syncid; 257 __u8 syncid;
258 __u16 size; 258 __be16 size;
259 __u8 nr_conns; 259 __u8 nr_conns;
260 __s8 version; /* SYNC_PROTO_VER */ 260 __s8 version; /* SYNC_PROTO_VER */
261 __u16 spare; 261 __u16 spare;
@@ -335,7 +335,7 @@ ip_vs_sync_buff_create(struct netns_ipvs *ipvs)
335 sb->mesg->reserved = 0; /* old nr_conns i.e. must be zero now */ 335 sb->mesg->reserved = 0; /* old nr_conns i.e. must be zero now */
336 sb->mesg->version = SYNC_PROTO_VER; 336 sb->mesg->version = SYNC_PROTO_VER;
337 sb->mesg->syncid = ipvs->master_syncid; 337 sb->mesg->syncid = ipvs->master_syncid;
338 sb->mesg->size = sizeof(struct ip_vs_sync_mesg); 338 sb->mesg->size = htons(sizeof(struct ip_vs_sync_mesg));
339 sb->mesg->nr_conns = 0; 339 sb->mesg->nr_conns = 0;
340 sb->mesg->spare = 0; 340 sb->mesg->spare = 0;
341 sb->head = (unsigned char *)sb->mesg + sizeof(struct ip_vs_sync_mesg); 341 sb->head = (unsigned char *)sb->mesg + sizeof(struct ip_vs_sync_mesg);
@@ -418,7 +418,7 @@ ip_vs_sync_buff_create_v0(struct netns_ipvs *ipvs)
418 mesg = (struct ip_vs_sync_mesg_v0 *)sb->mesg; 418 mesg = (struct ip_vs_sync_mesg_v0 *)sb->mesg;
419 mesg->nr_conns = 0; 419 mesg->nr_conns = 0;
420 mesg->syncid = ipvs->master_syncid; 420 mesg->syncid = ipvs->master_syncid;
421 mesg->size = sizeof(struct ip_vs_sync_mesg_v0); 421 mesg->size = htons(sizeof(struct ip_vs_sync_mesg_v0));
422 sb->head = (unsigned char *)mesg + sizeof(struct ip_vs_sync_mesg_v0); 422 sb->head = (unsigned char *)mesg + sizeof(struct ip_vs_sync_mesg_v0);
423 sb->end = (unsigned char *)mesg + ipvs->send_mesg_maxlen; 423 sb->end = (unsigned char *)mesg + ipvs->send_mesg_maxlen;
424 sb->firstuse = jiffies; 424 sb->firstuse = jiffies;
@@ -582,7 +582,7 @@ static void ip_vs_sync_conn_v0(struct net *net, struct ip_vs_conn *cp,
582 } 582 }
583 583
584 m->nr_conns++; 584 m->nr_conns++;
585 m->size += len; 585 m->size = htons(ntohs(m->size) + len);
586 buff->head += len; 586 buff->head += len;
587 587
588 /* check if there is a space for next one */ 588 /* check if there is a space for next one */
@@ -693,7 +693,7 @@ sloop:
693 693
694 p = buff->head; 694 p = buff->head;
695 buff->head += pad + len; 695 buff->head += pad + len;
696 m->size += pad + len; 696 m->size = htons(ntohs(m->size) + pad + len);
697 /* Add ev. padding from prev. sync_conn */ 697 /* Add ev. padding from prev. sync_conn */
698 while (pad--) 698 while (pad--)
699 *(p++) = 0; 699 *(p++) = 0;
@@ -1175,10 +1175,8 @@ static void ip_vs_process_message(struct net *net, __u8 *buffer,
1175 IP_VS_DBG(2, "BACKUP, message header too short\n"); 1175 IP_VS_DBG(2, "BACKUP, message header too short\n");
1176 return; 1176 return;
1177 } 1177 }
1178 /* Convert size back to host byte order */
1179 m2->size = ntohs(m2->size);
1180 1178
1181 if (buflen != m2->size) { 1179 if (buflen != ntohs(m2->size)) {
1182 IP_VS_DBG(2, "BACKUP, bogus message size\n"); 1180 IP_VS_DBG(2, "BACKUP, bogus message size\n");
1183 return; 1181 return;
1184 } 1182 }
@@ -1544,10 +1542,7 @@ ip_vs_send_sync_msg(struct socket *sock, struct ip_vs_sync_mesg *msg)
1544 int msize; 1542 int msize;
1545 int ret; 1543 int ret;
1546 1544
1547 msize = msg->size; 1545 msize = ntohs(msg->size);
1548
1549 /* Put size in network byte order */
1550 msg->size = htons(msg->size);
1551 1546
1552 ret = ip_vs_send_async(sock, (char *)msg, msize); 1547 ret = ip_vs_send_async(sock, (char *)msg, msize);
1553 if (ret >= 0 || ret == -EAGAIN) 1548 if (ret >= 0 || ret == -EAGAIN)
diff --git a/net/netfilter/nf_nat_core.c b/net/netfilter/nf_nat_core.c
index 2e469ca2ca55..038eee5c8f85 100644
--- a/net/netfilter/nf_nat_core.c
+++ b/net/netfilter/nf_nat_core.c
@@ -90,6 +90,7 @@ int nf_xfrm_me_harder(struct sk_buff *skb, unsigned int family)
90 int err; 90 int err;
91 91
92 err = xfrm_decode_session(skb, &fl, family); 92 err = xfrm_decode_session(skb, &fl, family);
93 if (err < 0)
93 return err; 94 return err;
94 95
95 dst = skb_dst(skb); 96 dst = skb_dst(skb);