3 files changed, 98 insertions, 0 deletions
diff --git a/Documentation/networking/LICENSE.qla3xxx b/Documentation/networking/LICENSE.qla3xxx
new file mode 100644
index 000000000000..2f2077e34d81
--- /dev/null
+++ b/Documentation/networking/LICENSE.qla3xxx
@@ -0,0 +1,46 @@
+Copyright (c)  2003-2006 QLogic Corporation
+QLogic Linux Networking HBA Driver
+This program includes a device driver for Linux 2.6 that may be
+distributed with QLogic hardware specific firmware binary file.
+You may modify and redistribute the device driver code under the
+GNU General Public License as published by the Free Software
+Foundation (version 2 or a later version).
+You may redistribute the hardware specific firmware binary file
+under the following terms:
+        1. Redistribution of source code (only if applicable),
+           must retain the above copyright notice, this list of
+           conditions and the following disclaimer.
+        2. Redistribution in binary form must reproduce the above
+           copyright notice, this list of conditions and the
+           following disclaimer in the documentation and/or other
+           materials provided with the distribution.
+        3. The name of QLogic Corporation may not be used to
+           endorse or promote products derived from this software
+           without specific prior written permission
+REGARDLESS OF WHAT LICENSING MECHANISM IS USED OR APPLICABLE,
+THIS PROGRAM IS PROVIDED BY QLOGIC CORPORATION "AS IS'' AND ANY
+EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR
+BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGE.
+USER ACKNOWLEDGES AND AGREES THAT USE OF THIS PROGRAM WILL NOT
+CREATE OR GIVE GROUNDS FOR A LICENSE BY IMPLICATION, ESTOPPEL, OR
+OTHERWISE IN ANY INTELLECTUAL PROPERTY RIGHTS (PATENT, COPYRIGHT,
+TRADE SECRET, MASK WORK, OR OTHER PROPRIETARY RIGHT) EMBODIED IN
+ANY OTHER QLOGIC HARDWARE OR SOFTWARE EITHER SOLELY OR IN
+COMBINATION WITH THIS PROGRAM.
diff --git a/Documentation/networking/ip-sysctl.txt b/Documentation/networking/ip-sysctl.txt
index 90ed78110fd4..935e298f674a 100644
--- a/Documentation/networking/ip-sysctl.txt
+++ b/Documentation/networking/ip-sysctl.txt
@@ -375,6 +375,41 @@ tcp_slow_start_after_idle - BOOLEAN
        be timed out after an idle period.
        Default: 1
+CIPSOv4 Variables:
+cipso_cache_enable - BOOLEAN
+        If set, enable additions to and lookups from the CIPSO label mapping
+        cache.  If unset, additions are ignored and lookups always result in a
+        miss.  However, regardless of the setting the cache is still
+        invalidated when required when means you can safely toggle this on and
+        off and the cache will always be "safe".
+        Default: 1
+cipso_cache_bucket_size - INTEGER
+        The CIPSO label cache consists of a fixed size hash table with each
+        hash bucket containing a number of cache entries.  This variable limits
+        the number of entries in each hash bucket; the larger the value the
+        more CIPSO label mappings that can be cached.  When the number of
+        entries in a given hash bucket reaches this limit adding new entries
+        causes the oldest entry in the bucket to be removed to make room.
+        Default: 10
+cipso_rbm_optfmt - BOOLEAN
+        Enable the "Optimized Tag 1 Format" as defined in section 3.4.2.6 of
+        the CIPSO draft specification (see Documentation/netlabel for details).
+        This means that when set the CIPSO tag will be padded with empty
+        categories in order to make the packet data 32-bit aligned.
+        Default: 0
+cipso_rbm_structvalid - BOOLEAN
+        If set, do a very strict check of the CIPSO option when
+        ip_options_compile() is called.  If unset, relax the checks done during
+        ip_options_compile().  Either way is "safe" as errors are caught else
+        where in the CIPSO processing code but setting this to 0 (False) should
+        result in less work (i.e. it should be faster) but could cause problems
+        with other implementations that require strict checking.
+        Default: 0
 IP Variables:
 ip_local_port_range - 2 INTEGERS
@@ -730,6 +765,9 @@ conf/all/forwarding - BOOLEAN
        This referred to as global forwarding.
+proxy_ndp - BOOLEAN
+        Do proxy ndp.
 conf/interface/*:
        Change special settings per interface.
diff --git a/Documentation/networking/secid.txt b/Documentation/networking/secid.txt
new file mode 100644
index 000000000000..95ea06784333
--- /dev/null
+++ b/Documentation/networking/secid.txt
@@ -0,0 +1,14 @@
+flowi structure:
+The secid member in the flow structure is used in LSMs (e.g. SELinux) to indicate
+the label of the flow. This label of the flow is currently used in selecting
+matching labeled xfrm(s).
+If this is an outbound flow, the label is derived from the socket, if any, or
+the incoming packet this flow is being generated as a response to (e.g. tcp
+resets, timewait ack, etc.). It is also conceivable that the label could be
+derived from other sources such as process context, device, etc., in special
+cases, as may be appropriate.
+If this is an inbound flow, the label is derived from the IPSec security
+associations, if any, used by the packet.

diff --git a/Documentation/networking/LICENSE.qla3xxx b/Documentation/networking/LICENSE.qla3xxx new file mode 100644 index 000000000000..2f2077e34d81 --- /dev/null +++ b/Documentation/networking/LICENSE.qla3xxx
@@ -0,0 +1,46 @@
		1	Copyright (c) 2003-2006 QLogic Corporation
		2	QLogic Linux Networking HBA Driver
		3
		4	This program includes a device driver for Linux 2.6 that may be
		5	distributed with QLogic hardware specific firmware binary file.
		6	You may modify and redistribute the device driver code under the
		7	GNU General Public License as published by the Free Software
		8	Foundation (version 2 or a later version).
		9
		10	You may redistribute the hardware specific firmware binary file
		11	under the following terms:
		12
		13	1. Redistribution of source code (only if applicable),
		14	must retain the above copyright notice, this list of
		15	conditions and the following disclaimer.
		16
		17	2. Redistribution in binary form must reproduce the above
		18	copyright notice, this list of conditions and the
		19	following disclaimer in the documentation and/or other
		20	materials provided with the distribution.
		21
		22	3. The name of QLogic Corporation may not be used to
		23	endorse or promote products derived from this software
		24	without specific prior written permission
		25
		26	REGARDLESS OF WHAT LICENSING MECHANISM IS USED OR APPLICABLE,
		27	THIS PROGRAM IS PROVIDED BY QLOGIC CORPORATION "AS IS'' AND ANY
		28	EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
		29	IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
		30	PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR
		31	BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
		32	EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
		33	TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
		34	DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
		35	ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
		36	OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
		37	OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
		38	POSSIBILITY OF SUCH DAMAGE.
		39
		40	USER ACKNOWLEDGES AND AGREES THAT USE OF THIS PROGRAM WILL NOT
		41	CREATE OR GIVE GROUNDS FOR A LICENSE BY IMPLICATION, ESTOPPEL, OR
		42	OTHERWISE IN ANY INTELLECTUAL PROPERTY RIGHTS (PATENT, COPYRIGHT,
		43	TRADE SECRET, MASK WORK, OR OTHER PROPRIETARY RIGHT) EMBODIED IN
		44	ANY OTHER QLOGIC HARDWARE OR SOFTWARE EITHER SOLELY OR IN
		45	COMBINATION WITH THIS PROGRAM.
		46


diff --git a/Documentation/networking/ip-sysctl.txt b/Documentation/networking/ip-sysctl.txt index 90ed78110fd4..935e298f674a 100644 --- a/Documentation/networking/ip-sysctl.txt +++ b/Documentation/networking/ip-sysctl.txt
@@ -375,6 +375,41 @@ tcp_slow_start_after_idle - BOOLEAN
375	be timed out after an idle period.	375	be timed out after an idle period.
376	Default: 1	376	Default: 1
377		377
		378	CIPSOv4 Variables:
		379
		380	cipso_cache_enable - BOOLEAN
		381	If set, enable additions to and lookups from the CIPSO label mapping
		382	cache. If unset, additions are ignored and lookups always result in a
		383	miss. However, regardless of the setting the cache is still
		384	invalidated when required when means you can safely toggle this on and
		385	off and the cache will always be "safe".
		386	Default: 1
		387
		388	cipso_cache_bucket_size - INTEGER
		389	The CIPSO label cache consists of a fixed size hash table with each
		390	hash bucket containing a number of cache entries. This variable limits
		391	the number of entries in each hash bucket; the larger the value the
		392	more CIPSO label mappings that can be cached. When the number of
		393	entries in a given hash bucket reaches this limit adding new entries
		394	causes the oldest entry in the bucket to be removed to make room.
		395	Default: 10
		396
		397	cipso_rbm_optfmt - BOOLEAN
		398	Enable the "Optimized Tag 1 Format" as defined in section 3.4.2.6 of
		399	the CIPSO draft specification (see Documentation/netlabel for details).
		400	This means that when set the CIPSO tag will be padded with empty
		401	categories in order to make the packet data 32-bit aligned.
		402	Default: 0
		403
		404	cipso_rbm_structvalid - BOOLEAN
		405	If set, do a very strict check of the CIPSO option when
		406	ip_options_compile() is called. If unset, relax the checks done during
		407	ip_options_compile(). Either way is "safe" as errors are caught else
		408	where in the CIPSO processing code but setting this to 0 (False) should
		409	result in less work (i.e. it should be faster) but could cause problems
		410	with other implementations that require strict checking.
		411	Default: 0
		412
378	IP Variables:	413	IP Variables:
379		414
380	ip_local_port_range - 2 INTEGERS	415	ip_local_port_range - 2 INTEGERS
@@ -730,6 +765,9 @@ conf/all/forwarding - BOOLEAN
730		765
731	This referred to as global forwarding.	766	This referred to as global forwarding.
732		767
		768	proxy_ndp - BOOLEAN
		769	Do proxy ndp.
		770
733	conf/interface/*:	771	conf/interface/*:
734	Change special settings per interface.	772	Change special settings per interface.
735		773


diff --git a/Documentation/networking/secid.txt b/Documentation/networking/secid.txt new file mode 100644 index 000000000000..95ea06784333 --- /dev/null +++ b/Documentation/networking/secid.txt
@@ -0,0 +1,14 @@
		1	flowi structure:
		2
		3	The secid member in the flow structure is used in LSMs (e.g. SELinux) to indicate
		4	the label of the flow. This label of the flow is currently used in selecting
		5	matching labeled xfrm(s).
		6
		7	If this is an outbound flow, the label is derived from the socket, if any, or
		8	the incoming packet this flow is being generated as a response to (e.g. tcp
		9	resets, timewait ack, etc.). It is also conceivable that the label could be
		10	derived from other sources such as process context, device, etc., in special
		11	cases, as may be appropriate.
		12
		13	If this is an inbound flow, the label is derived from the IPSec security
		14	associations, if any, used by the packet.