aboutsummaryrefslogtreecommitdiffstats
path: root/include/net
diff options
context:
space:
mode:
Diffstat (limited to 'include/net')
-rw-r--r--include/net/addrconf.h8
-rw-r--r--include/net/arp.h2
-rw-r--r--include/net/atmclip.h2
-rw-r--r--include/net/bluetooth/rfcomm.h4
-rw-r--r--include/net/checksum.h43
-rw-r--r--include/net/cipso_ipv4.h4
-rw-r--r--include/net/dsfield.h10
-rw-r--r--include/net/fib_rules.h10
-rw-r--r--include/net/flow.h9
-rw-r--r--include/net/genetlink.h54
-rw-r--r--include/net/ieee80211.h6
-rw-r--r--include/net/if_inet6.h1
-rw-r--r--include/net/inet6_connection_sock.h4
-rw-r--r--include/net/inet6_hashtables.h16
-rw-r--r--include/net/inet_connection_sock.h8
-rw-r--r--include/net/inet_ecn.h10
-rw-r--r--include/net/ip.h21
-rw-r--r--include/net/ip6_checksum.h76
-rw-r--r--include/net/ip6_fib.h5
-rw-r--r--include/net/ip6_route.h2
-rw-r--r--include/net/ip_fib.h2
-rw-r--r--include/net/ip_mp_alg.h4
-rw-r--r--include/net/ip_vs.h16
-rw-r--r--include/net/ipconfig.h8
-rw-r--r--include/net/ipip.h6
-rw-r--r--include/net/ipv6.h62
-rw-r--r--include/net/irda/irlap_frame.h16
-rw-r--r--include/net/irda/timer.h1
-rw-r--r--include/net/llc_pdu.h10
-rw-r--r--include/net/ndisc.h4
-rw-r--r--include/net/netfilter/ipv4/nf_conntrack_ipv4.h29
-rw-r--r--include/net/netfilter/ipv6/nf_conntrack_ipv6.h25
-rw-r--r--include/net/netfilter/nf_conntrack.h172
-rw-r--r--include/net/netfilter/nf_conntrack_core.h16
-rw-r--r--include/net/netfilter/nf_conntrack_ecache.h95
-rw-r--r--include/net/netfilter/nf_conntrack_expect.h80
-rw-r--r--include/net/netfilter/nf_conntrack_helper.h22
-rw-r--r--include/net/netfilter/nf_conntrack_l3proto.h15
-rw-r--r--include/net/netfilter/nf_conntrack_l4proto.h (renamed from include/net/netfilter/nf_conntrack_protocol.h)49
-rw-r--r--include/net/netfilter/nf_conntrack_tuple.h34
-rw-r--r--include/net/netfilter/nf_nat.h77
-rw-r--r--include/net/netfilter/nf_nat_core.h27
-rw-r--r--include/net/netfilter/nf_nat_helper.h32
-rw-r--r--include/net/netfilter/nf_nat_protocol.h70
-rw-r--r--include/net/netfilter/nf_nat_rule.h35
-rw-r--r--include/net/netlabel.h123
-rw-r--r--include/net/netlink.h22
-rw-r--r--include/net/protocol.h4
-rw-r--r--include/net/rawv6.h2
-rw-r--r--include/net/request_sock.h12
-rw-r--r--include/net/sch_generic.h6
-rw-r--r--include/net/sctp/command.h4
-rw-r--r--include/net/sctp/constants.h2
-rw-r--r--include/net/sctp/sctp.h2
-rw-r--r--include/net/sctp/sm.h6
-rw-r--r--include/net/sctp/structs.h21
-rw-r--r--include/net/sctp/tsnmap.h4
-rw-r--r--include/net/sock.h29
-rw-r--r--include/net/tcp.h159
-rw-r--r--include/net/timewait_sock.h3
-rw-r--r--include/net/tipc/tipc_bearer.h2
-rw-r--r--include/net/tipc/tipc_msg.h2
-rw-r--r--include/net/transp_v6.h2
-rw-r--r--include/net/udp.h97
-rw-r--r--include/net/udplite.h151
-rw-r--r--include/net/xfrm.h66
66 files changed, 1448 insertions, 473 deletions
diff --git a/include/net/addrconf.h b/include/net/addrconf.h
index 44f1b673f916..88df8fc814e4 100644
--- a/include/net/addrconf.h
+++ b/include/net/addrconf.h
@@ -35,9 +35,9 @@ struct prefix_info {
35#else 35#else
36#error "Please fix <asm/byteorder.h>" 36#error "Please fix <asm/byteorder.h>"
37#endif 37#endif
38 __u32 valid; 38 __be32 valid;
39 __u32 prefered; 39 __be32 prefered;
40 __u32 reserved2; 40 __be32 reserved2;
41 41
42 struct in6_addr prefix; 42 struct in6_addr prefix;
43}; 43};
@@ -183,7 +183,7 @@ static __inline__ u8 ipv6_addr_hash(const struct in6_addr *addr)
183 * This will include the IEEE address token on links that support it. 183 * This will include the IEEE address token on links that support it.
184 */ 184 */
185 185
186 word = addr->s6_addr32[2] ^ addr->s6_addr32[3]; 186 word = (__force u32)(addr->s6_addr32[2] ^ addr->s6_addr32[3]);
187 word ^= (word >> 16); 187 word ^= (word >> 16);
188 word ^= (word >> 8); 188 word ^= (word >> 8);
189 189
diff --git a/include/net/arp.h b/include/net/arp.h
index 6a3d9a7d302b..f02664568600 100644
--- a/include/net/arp.h
+++ b/include/net/arp.h
@@ -16,7 +16,7 @@ extern void arp_send(int type, int ptype, __be32 dest_ip,
16 struct net_device *dev, __be32 src_ip, 16 struct net_device *dev, __be32 src_ip,
17 unsigned char *dest_hw, unsigned char *src_hw, unsigned char *th); 17 unsigned char *dest_hw, unsigned char *src_hw, unsigned char *th);
18extern int arp_bind_neighbour(struct dst_entry *dst); 18extern int arp_bind_neighbour(struct dst_entry *dst);
19extern int arp_mc_map(u32 addr, u8 *haddr, struct net_device *dev, int dir); 19extern int arp_mc_map(__be32 addr, u8 *haddr, struct net_device *dev, int dir);
20extern void arp_ifdown(struct net_device *dev); 20extern void arp_ifdown(struct net_device *dev);
21 21
22extern struct sk_buff *arp_create(int type, int ptype, __be32 dest_ip, 22extern struct sk_buff *arp_create(int type, int ptype, __be32 dest_ip,
diff --git a/include/net/atmclip.h b/include/net/atmclip.h
index 90fcc98e676f..b5a51a7bb364 100644
--- a/include/net/atmclip.h
+++ b/include/net/atmclip.h
@@ -36,7 +36,7 @@ struct clip_vcc {
36 36
37 37
38struct atmarp_entry { 38struct atmarp_entry {
39 u32 ip; /* IP address */ 39 __be32 ip; /* IP address */
40 struct clip_vcc *vccs; /* active VCCs; NULL if resolution is 40 struct clip_vcc *vccs; /* active VCCs; NULL if resolution is
41 pending */ 41 pending */
42 unsigned long expires; /* entry expiration time */ 42 unsigned long expires; /* entry expiration time */
diff --git a/include/net/bluetooth/rfcomm.h b/include/net/bluetooth/rfcomm.h
index 89d743cfdfdf..3c563f02907c 100644
--- a/include/net/bluetooth/rfcomm.h
+++ b/include/net/bluetooth/rfcomm.h
@@ -124,7 +124,7 @@ struct rfcomm_pn {
124 u8 flow_ctrl; 124 u8 flow_ctrl;
125 u8 priority; 125 u8 priority;
126 u8 ack_timer; 126 u8 ack_timer;
127 u16 mtu; 127 __le16 mtu;
128 u8 max_retrans; 128 u8 max_retrans;
129 u8 credits; 129 u8 credits;
130} __attribute__ ((packed)); 130} __attribute__ ((packed));
@@ -136,7 +136,7 @@ struct rfcomm_rpn {
136 u8 flow_ctrl; 136 u8 flow_ctrl;
137 u8 xon_char; 137 u8 xon_char;
138 u8 xoff_char; 138 u8 xoff_char;
139 u16 param_mask; 139 __le16 param_mask;
140} __attribute__ ((packed)); 140} __attribute__ ((packed));
141 141
142struct rfcomm_rls { 142struct rfcomm_rls {
diff --git a/include/net/checksum.h b/include/net/checksum.h
index e3ea7cc2c728..124246172a88 100644
--- a/include/net/checksum.h
+++ b/include/net/checksum.h
@@ -27,8 +27,8 @@
27 27
28#ifndef _HAVE_ARCH_COPY_AND_CSUM_FROM_USER 28#ifndef _HAVE_ARCH_COPY_AND_CSUM_FROM_USER
29static inline 29static inline
30unsigned int csum_and_copy_from_user (const unsigned char __user *src, unsigned char *dst, 30__wsum csum_and_copy_from_user (const void __user *src, void *dst,
31 int len, int sum, int *err_ptr) 31 int len, __wsum sum, int *err_ptr)
32{ 32{
33 if (access_ok(VERIFY_READ, src, len)) 33 if (access_ok(VERIFY_READ, src, len))
34 return csum_partial_copy_from_user(src, dst, len, sum, err_ptr); 34 return csum_partial_copy_from_user(src, dst, len, sum, err_ptr);
@@ -41,8 +41,8 @@ unsigned int csum_and_copy_from_user (const unsigned char __user *src, unsigned
41#endif 41#endif
42 42
43#ifndef HAVE_CSUM_COPY_USER 43#ifndef HAVE_CSUM_COPY_USER
44static __inline__ unsigned int csum_and_copy_to_user 44static __inline__ __wsum csum_and_copy_to_user
45(const unsigned char *src, unsigned char __user *dst, int len, unsigned int sum, int *err_ptr) 45(const void *src, void __user *dst, int len, __wsum sum, int *err_ptr)
46{ 46{
47 sum = csum_partial(src, len, sum); 47 sum = csum_partial(src, len, sum);
48 48
@@ -53,35 +53,44 @@ static __inline__ unsigned int csum_and_copy_to_user
53 if (len) 53 if (len)
54 *err_ptr = -EFAULT; 54 *err_ptr = -EFAULT;
55 55
56 return -1; /* invalid checksum */ 56 return (__force __wsum)-1; /* invalid checksum */
57} 57}
58#endif 58#endif
59 59
60static inline unsigned int csum_add(unsigned int csum, unsigned int addend) 60static inline __wsum csum_add(__wsum csum, __wsum addend)
61{ 61{
62 csum += addend; 62 u32 res = (__force u32)csum;
63 return csum + (csum < addend); 63 res += (__force u32)addend;
64 return (__force __wsum)(res + (res < (__force u32)addend));
64} 65}
65 66
66static inline unsigned int csum_sub(unsigned int csum, unsigned int addend) 67static inline __wsum csum_sub(__wsum csum, __wsum addend)
67{ 68{
68 return csum_add(csum, ~addend); 69 return csum_add(csum, ~addend);
69} 70}
70 71
71static inline unsigned int 72static inline __wsum
72csum_block_add(unsigned int csum, unsigned int csum2, int offset) 73csum_block_add(__wsum csum, __wsum csum2, int offset)
73{ 74{
75 u32 sum = (__force u32)csum2;
74 if (offset&1) 76 if (offset&1)
75 csum2 = ((csum2&0xFF00FF)<<8)+((csum2>>8)&0xFF00FF); 77 sum = ((sum&0xFF00FF)<<8)+((sum>>8)&0xFF00FF);
76 return csum_add(csum, csum2); 78 return csum_add(csum, (__force __wsum)sum);
77} 79}
78 80
79static inline unsigned int 81static inline __wsum
80csum_block_sub(unsigned int csum, unsigned int csum2, int offset) 82csum_block_sub(__wsum csum, __wsum csum2, int offset)
81{ 83{
84 u32 sum = (__force u32)csum2;
82 if (offset&1) 85 if (offset&1)
83 csum2 = ((csum2&0xFF00FF)<<8)+((csum2>>8)&0xFF00FF); 86 sum = ((sum&0xFF00FF)<<8)+((sum>>8)&0xFF00FF);
84 return csum_sub(csum, csum2); 87 return csum_sub(csum, (__force __wsum)sum);
85} 88}
86 89
90static inline __wsum csum_unfold(__sum16 n)
91{
92 return (__force __wsum)n;
93}
94
95#define CSUM_MANGLED_0 ((__force __sum16)0xffff)
87#endif 96#endif
diff --git a/include/net/cipso_ipv4.h b/include/net/cipso_ipv4.h
index 718b4d9c891f..4c9522c5178f 100644
--- a/include/net/cipso_ipv4.h
+++ b/include/net/cipso_ipv4.h
@@ -58,10 +58,10 @@
58#define CIPSO_V4_MAP_PASS 2 58#define CIPSO_V4_MAP_PASS 2
59 59
60/* limits */ 60/* limits */
61#define CIPSO_V4_MAX_REM_LVLS 256 61#define CIPSO_V4_MAX_REM_LVLS 255
62#define CIPSO_V4_INV_LVL 0x80000000 62#define CIPSO_V4_INV_LVL 0x80000000
63#define CIPSO_V4_MAX_LOC_LVLS (CIPSO_V4_INV_LVL - 1) 63#define CIPSO_V4_MAX_LOC_LVLS (CIPSO_V4_INV_LVL - 1)
64#define CIPSO_V4_MAX_REM_CATS 65536 64#define CIPSO_V4_MAX_REM_CATS 65534
65#define CIPSO_V4_INV_CAT 0x80000000 65#define CIPSO_V4_INV_CAT 0x80000000
66#define CIPSO_V4_MAX_LOC_CATS (CIPSO_V4_INV_CAT - 1) 66#define CIPSO_V4_MAX_LOC_CATS (CIPSO_V4_INV_CAT - 1)
67 67
diff --git a/include/net/dsfield.h b/include/net/dsfield.h
index a79c9e075f7f..eb65bf2e2502 100644
--- a/include/net/dsfield.h
+++ b/include/net/dsfield.h
@@ -20,14 +20,14 @@ static inline __u8 ipv4_get_dsfield(struct iphdr *iph)
20 20
21static inline __u8 ipv6_get_dsfield(struct ipv6hdr *ipv6h) 21static inline __u8 ipv6_get_dsfield(struct ipv6hdr *ipv6h)
22{ 22{
23 return ntohs(*(__u16 *) ipv6h) >> 4; 23 return ntohs(*(__be16 *) ipv6h) >> 4;
24} 24}
25 25
26 26
27static inline void ipv4_change_dsfield(struct iphdr *iph,__u8 mask, 27static inline void ipv4_change_dsfield(struct iphdr *iph,__u8 mask,
28 __u8 value) 28 __u8 value)
29{ 29{
30 __u32 check = ntohs(iph->check); 30 __u32 check = ntohs((__force __be16)iph->check);
31 __u8 dsfield; 31 __u8 dsfield;
32 32
33 dsfield = (iph->tos & mask) | value; 33 dsfield = (iph->tos & mask) | value;
@@ -35,7 +35,7 @@ static inline void ipv4_change_dsfield(struct iphdr *iph,__u8 mask,
35 if ((check+1) >> 16) check = (check+1) & 0xffff; 35 if ((check+1) >> 16) check = (check+1) & 0xffff;
36 check -= dsfield; 36 check -= dsfield;
37 check += check >> 16; /* adjust carry */ 37 check += check >> 16; /* adjust carry */
38 iph->check = htons(check); 38 iph->check = (__force __sum16)htons(check);
39 iph->tos = dsfield; 39 iph->tos = dsfield;
40} 40}
41 41
@@ -45,9 +45,9 @@ static inline void ipv6_change_dsfield(struct ipv6hdr *ipv6h,__u8 mask,
45{ 45{
46 __u16 tmp; 46 __u16 tmp;
47 47
48 tmp = ntohs(*(__u16 *) ipv6h); 48 tmp = ntohs(*(__be16 *) ipv6h);
49 tmp = (tmp & ((mask << 4) | 0xf00f)) | (value << 4); 49 tmp = (tmp & ((mask << 4) | 0xf00f)) | (value << 4);
50 *(__u16 *) ipv6h = htons(tmp); 50 *(__be16 *) ipv6h = htons(tmp);
51} 51}
52 52
53 53
diff --git a/include/net/fib_rules.h b/include/net/fib_rules.h
index 8e2f473d3e82..bc3c26494c3d 100644
--- a/include/net/fib_rules.h
+++ b/include/net/fib_rules.h
@@ -13,6 +13,8 @@ struct fib_rule
13 atomic_t refcnt; 13 atomic_t refcnt;
14 int ifindex; 14 int ifindex;
15 char ifname[IFNAMSIZ]; 15 char ifname[IFNAMSIZ];
16 u32 mark;
17 u32 mark_mask;
16 u32 pref; 18 u32 pref;
17 u32 flags; 19 u32 flags;
18 u32 table; 20 u32 table;
@@ -50,6 +52,7 @@ struct fib_rules_ops
50 struct nlmsghdr *, 52 struct nlmsghdr *,
51 struct fib_rule_hdr *); 53 struct fib_rule_hdr *);
52 u32 (*default_pref)(void); 54 u32 (*default_pref)(void);
55 size_t (*nlmsg_payload)(struct fib_rule *);
53 56
54 int nlgroup; 57 int nlgroup;
55 struct nla_policy *policy; 58 struct nla_policy *policy;
@@ -57,6 +60,13 @@ struct fib_rules_ops
57 struct module *owner; 60 struct module *owner;
58}; 61};
59 62
63#define FRA_GENERIC_POLICY \
64 [FRA_IFNAME] = { .type = NLA_STRING, .len = IFNAMSIZ - 1 }, \
65 [FRA_PRIORITY] = { .type = NLA_U32 }, \
66 [FRA_FWMARK] = { .type = NLA_U32 }, \
67 [FRA_FWMASK] = { .type = NLA_U32 }, \
68 [FRA_TABLE] = { .type = NLA_U32 }
69
60static inline void fib_rule_get(struct fib_rule *rule) 70static inline void fib_rule_get(struct fib_rule *rule)
61{ 71{
62 atomic_inc(&rule->refcnt); 72 atomic_inc(&rule->refcnt);
diff --git a/include/net/flow.h b/include/net/flow.h
index 5cda27cd9deb..ce4b10d8b412 100644
--- a/include/net/flow.h
+++ b/include/net/flow.h
@@ -13,12 +13,12 @@
13struct flowi { 13struct flowi {
14 int oif; 14 int oif;
15 int iif; 15 int iif;
16 __u32 mark;
16 17
17 union { 18 union {
18 struct { 19 struct {
19 __be32 daddr; 20 __be32 daddr;
20 __be32 saddr; 21 __be32 saddr;
21 __u32 fwmark;
22 __u8 tos; 22 __u8 tos;
23 __u8 scope; 23 __u8 scope;
24 } ip4_u; 24 } ip4_u;
@@ -26,28 +26,23 @@ struct flowi {
26 struct { 26 struct {
27 struct in6_addr daddr; 27 struct in6_addr daddr;
28 struct in6_addr saddr; 28 struct in6_addr saddr;
29 __u32 fwmark; 29 __be32 flowlabel;
30 __u32 flowlabel;
31 } ip6_u; 30 } ip6_u;
32 31
33 struct { 32 struct {
34 __le16 daddr; 33 __le16 daddr;
35 __le16 saddr; 34 __le16 saddr;
36 __u32 fwmark;
37 __u8 scope; 35 __u8 scope;
38 } dn_u; 36 } dn_u;
39 } nl_u; 37 } nl_u;
40#define fld_dst nl_u.dn_u.daddr 38#define fld_dst nl_u.dn_u.daddr
41#define fld_src nl_u.dn_u.saddr 39#define fld_src nl_u.dn_u.saddr
42#define fld_fwmark nl_u.dn_u.fwmark
43#define fld_scope nl_u.dn_u.scope 40#define fld_scope nl_u.dn_u.scope
44#define fl6_dst nl_u.ip6_u.daddr 41#define fl6_dst nl_u.ip6_u.daddr
45#define fl6_src nl_u.ip6_u.saddr 42#define fl6_src nl_u.ip6_u.saddr
46#define fl6_fwmark nl_u.ip6_u.fwmark
47#define fl6_flowlabel nl_u.ip6_u.flowlabel 43#define fl6_flowlabel nl_u.ip6_u.flowlabel
48#define fl4_dst nl_u.ip4_u.daddr 44#define fl4_dst nl_u.ip4_u.daddr
49#define fl4_src nl_u.ip4_u.saddr 45#define fl4_src nl_u.ip4_u.saddr
50#define fl4_fwmark nl_u.ip4_u.fwmark
51#define fl4_tos nl_u.ip4_u.tos 46#define fl4_tos nl_u.ip4_u.tos
52#define fl4_scope nl_u.ip4_u.scope 47#define fl4_scope nl_u.ip4_u.scope
53 48
diff --git a/include/net/genetlink.h b/include/net/genetlink.h
index b619314218a6..adff4c898d50 100644
--- a/include/net/genetlink.h
+++ b/include/net/genetlink.h
@@ -53,6 +53,7 @@ struct genl_info
53 * @policy: attribute validation policy 53 * @policy: attribute validation policy
54 * @doit: standard command callback 54 * @doit: standard command callback
55 * @dumpit: callback for dumpers 55 * @dumpit: callback for dumpers
56 * @done: completion callback for dumps
56 * @ops_list: operations list 57 * @ops_list: operations list
57 */ 58 */
58struct genl_ops 59struct genl_ops
@@ -64,6 +65,7 @@ struct genl_ops
64 struct genl_info *info); 65 struct genl_info *info);
65 int (*dumpit)(struct sk_buff *skb, 66 int (*dumpit)(struct sk_buff *skb,
66 struct netlink_callback *cb); 67 struct netlink_callback *cb);
68 int (*done)(struct netlink_callback *cb);
67 struct list_head ops_list; 69 struct list_head ops_list;
68}; 70};
69 71
@@ -79,34 +81,51 @@ extern struct sock *genl_sock;
79 * @skb: socket buffer holding the message 81 * @skb: socket buffer holding the message
80 * @pid: netlink pid the message is addressed to 82 * @pid: netlink pid the message is addressed to
81 * @seq: sequence number (usually the one of the sender) 83 * @seq: sequence number (usually the one of the sender)
82 * @type: netlink message type 84 * @family: generic netlink family
83 * @hdrlen: length of the user specific header
84 * @flags netlink message flags 85 * @flags netlink message flags
85 * @cmd: generic netlink command 86 * @cmd: generic netlink command
86 * @version: version
87 * 87 *
88 * Returns pointer to user specific header 88 * Returns pointer to user specific header
89 */ 89 */
90static inline void *genlmsg_put(struct sk_buff *skb, u32 pid, u32 seq, 90static inline void *genlmsg_put(struct sk_buff *skb, u32 pid, u32 seq,
91 int type, int hdrlen, int flags, 91 struct genl_family *family, int flags, u8 cmd)
92 u8 cmd, u8 version)
93{ 92{
94 struct nlmsghdr *nlh; 93 struct nlmsghdr *nlh;
95 struct genlmsghdr *hdr; 94 struct genlmsghdr *hdr;
96 95
97 nlh = nlmsg_put(skb, pid, seq, type, GENL_HDRLEN + hdrlen, flags); 96 nlh = nlmsg_put(skb, pid, seq, family->id, GENL_HDRLEN +
97 family->hdrsize, flags);
98 if (nlh == NULL) 98 if (nlh == NULL)
99 return NULL; 99 return NULL;
100 100
101 hdr = nlmsg_data(nlh); 101 hdr = nlmsg_data(nlh);
102 hdr->cmd = cmd; 102 hdr->cmd = cmd;
103 hdr->version = version; 103 hdr->version = family->version;
104 hdr->reserved = 0; 104 hdr->reserved = 0;
105 105
106 return (char *) hdr + GENL_HDRLEN; 106 return (char *) hdr + GENL_HDRLEN;
107} 107}
108 108
109/** 109/**
110 * genlmsg_put_reply - Add generic netlink header to a reply message
111 * @skb: socket buffer holding the message
112 * @info: receiver info
113 * @family: generic netlink family
114 * @flags: netlink message flags
115 * @cmd: generic netlink command
116 *
117 * Returns pointer to user specific header
118 */
119static inline void *genlmsg_put_reply(struct sk_buff *skb,
120 struct genl_info *info,
121 struct genl_family *family,
122 int flags, u8 cmd)
123{
124 return genlmsg_put(skb, info->snd_pid, info->snd_seq, family,
125 flags, cmd);
126}
127
128/**
110 * genlmsg_end - Finalize a generic netlink message 129 * genlmsg_end - Finalize a generic netlink message
111 * @skb: socket buffer the message is stored in 130 * @skb: socket buffer the message is stored in
112 * @hdr: user specific header 131 * @hdr: user specific header
@@ -150,6 +169,16 @@ static inline int genlmsg_unicast(struct sk_buff *skb, u32 pid)
150} 169}
151 170
152/** 171/**
172 * genlmsg_reply - reply to a request
173 * @skb: netlink message to be sent back
174 * @info: receiver information
175 */
176static inline int genlmsg_reply(struct sk_buff *skb, struct genl_info *info)
177{
178 return genlmsg_unicast(skb, info->snd_pid);
179}
180
181/**
153 * gennlmsg_data - head of message payload 182 * gennlmsg_data - head of message payload
154 * @gnlh: genetlink messsage header 183 * @gnlh: genetlink messsage header
155 */ 184 */
@@ -187,4 +216,15 @@ static inline int genlmsg_total_size(int payload)
187 return NLMSG_ALIGN(genlmsg_msg_size(payload)); 216 return NLMSG_ALIGN(genlmsg_msg_size(payload));
188} 217}
189 218
219/**
220 * genlmsg_new - Allocate a new generic netlink message
221 * @payload: size of the message payload
222 * @flags: the type of memory to allocate.
223 */
224static inline struct sk_buff *genlmsg_new(size_t payload, gfp_t flags)
225{
226 return nlmsg_new(genlmsg_total_size(payload), flags);
227}
228
229
190#endif /* __NET_GENERIC_NETLINK_H */ 230#endif /* __NET_GENERIC_NETLINK_H */
diff --git a/include/net/ieee80211.h b/include/net/ieee80211.h
index b174ebb277a9..e6af381e206d 100644
--- a/include/net/ieee80211.h
+++ b/include/net/ieee80211.h
@@ -1037,6 +1037,10 @@ struct ieee80211_device {
1037 /* host performs multicast decryption */ 1037 /* host performs multicast decryption */
1038 int host_mc_decrypt; 1038 int host_mc_decrypt;
1039 1039
1040 /* host should strip IV and ICV from protected frames */
1041 /* meaningful only when hardware decryption is being used */
1042 int host_strip_iv_icv;
1043
1040 int host_open_frag; 1044 int host_open_frag;
1041 int host_build_iv; 1045 int host_build_iv;
1042 int ieee802_1x; /* is IEEE 802.1X used */ 1046 int ieee802_1x; /* is IEEE 802.1X used */
@@ -1076,6 +1080,8 @@ struct ieee80211_device {
1076 int perfect_rssi; 1080 int perfect_rssi;
1077 int worst_rssi; 1081 int worst_rssi;
1078 1082
1083 u16 prev_seq_ctl; /* used to drop duplicate frames */
1084
1079 /* Callback functions */ 1085 /* Callback functions */
1080 void (*set_security) (struct net_device * dev, 1086 void (*set_security) (struct net_device * dev,
1081 struct ieee80211_security * sec); 1087 struct ieee80211_security * sec);
diff --git a/include/net/if_inet6.h b/include/net/if_inet6.h
index 34489c13c119..3ec7d07346d6 100644
--- a/include/net/if_inet6.h
+++ b/include/net/if_inet6.h
@@ -152,6 +152,7 @@ struct ifacaddr6
152 152
153struct ipv6_devstat { 153struct ipv6_devstat {
154 struct proc_dir_entry *proc_dir_entry; 154 struct proc_dir_entry *proc_dir_entry;
155 DEFINE_SNMP_STAT(struct ipstats_mib, ipv6);
155 DEFINE_SNMP_STAT(struct icmpv6_mib, icmpv6); 156 DEFINE_SNMP_STAT(struct icmpv6_mib, icmpv6);
156}; 157};
157 158
diff --git a/include/net/inet6_connection_sock.h b/include/net/inet6_connection_sock.h
index b33b438bffcc..16aa96a6a53b 100644
--- a/include/net/inet6_connection_sock.h
+++ b/include/net/inet6_connection_sock.h
@@ -27,7 +27,7 @@ extern int inet6_csk_bind_conflict(const struct sock *sk,
27 27
28extern struct request_sock *inet6_csk_search_req(const struct sock *sk, 28extern struct request_sock *inet6_csk_search_req(const struct sock *sk,
29 struct request_sock ***prevp, 29 struct request_sock ***prevp,
30 const __u16 rport, 30 const __be16 rport,
31 const struct in6_addr *raddr, 31 const struct in6_addr *raddr,
32 const struct in6_addr *laddr, 32 const struct in6_addr *laddr,
33 const int iif); 33 const int iif);
@@ -38,5 +38,5 @@ extern void inet6_csk_reqsk_queue_hash_add(struct sock *sk,
38 38
39extern void inet6_csk_addr2sockaddr(struct sock *sk, struct sockaddr *uaddr); 39extern void inet6_csk_addr2sockaddr(struct sock *sk, struct sockaddr *uaddr);
40 40
41extern int inet6_csk_xmit(struct sk_buff *skb, int ipfragok); 41extern int inet6_csk_xmit(struct sk_buff *skb, struct sock *sk, int ipfragok);
42#endif /* _INET6_CONNECTION_SOCK_H */ 42#endif /* _INET6_CONNECTION_SOCK_H */
diff --git a/include/net/inet6_hashtables.h b/include/net/inet6_hashtables.h
index bc6a71dce984..c28e424f53d9 100644
--- a/include/net/inet6_hashtables.h
+++ b/include/net/inet6_hashtables.h
@@ -26,11 +26,11 @@ struct inet_hashinfo;
26 26
27/* I have no idea if this is a good hash for v6 or not. -DaveM */ 27/* I have no idea if this is a good hash for v6 or not. -DaveM */
28static inline unsigned int inet6_ehashfn(const struct in6_addr *laddr, const u16 lport, 28static inline unsigned int inet6_ehashfn(const struct in6_addr *laddr, const u16 lport,
29 const struct in6_addr *faddr, const u16 fport) 29 const struct in6_addr *faddr, const __be16 fport)
30{ 30{
31 unsigned int hashent = (lport ^ fport); 31 unsigned int hashent = (lport ^ (__force u16)fport);
32 32
33 hashent ^= (laddr->s6_addr32[3] ^ faddr->s6_addr32[3]); 33 hashent ^= (__force u32)(laddr->s6_addr32[3] ^ faddr->s6_addr32[3]);
34 hashent ^= hashent >> 16; 34 hashent ^= hashent >> 16;
35 hashent ^= hashent >> 8; 35 hashent ^= hashent >> 8;
36 return hashent; 36 return hashent;
@@ -43,7 +43,7 @@ static inline int inet6_sk_ehashfn(const struct sock *sk)
43 const struct in6_addr *laddr = &np->rcv_saddr; 43 const struct in6_addr *laddr = &np->rcv_saddr;
44 const struct in6_addr *faddr = &np->daddr; 44 const struct in6_addr *faddr = &np->daddr;
45 const __u16 lport = inet->num; 45 const __u16 lport = inet->num;
46 const __u16 fport = inet->dport; 46 const __be16 fport = inet->dport;
47 return inet6_ehashfn(laddr, lport, faddr, fport); 47 return inet6_ehashfn(laddr, lport, faddr, fport);
48} 48}
49 49
@@ -57,7 +57,7 @@ extern void __inet6_hash(struct inet_hashinfo *hashinfo, struct sock *sk);
57 */ 57 */
58extern struct sock *__inet6_lookup_established(struct inet_hashinfo *hashinfo, 58extern struct sock *__inet6_lookup_established(struct inet_hashinfo *hashinfo,
59 const struct in6_addr *saddr, 59 const struct in6_addr *saddr,
60 const u16 sport, 60 const __be16 sport,
61 const struct in6_addr *daddr, 61 const struct in6_addr *daddr,
62 const u16 hnum, 62 const u16 hnum,
63 const int dif); 63 const int dif);
@@ -69,7 +69,7 @@ extern struct sock *inet6_lookup_listener(struct inet_hashinfo *hashinfo,
69 69
70static inline struct sock *__inet6_lookup(struct inet_hashinfo *hashinfo, 70static inline struct sock *__inet6_lookup(struct inet_hashinfo *hashinfo,
71 const struct in6_addr *saddr, 71 const struct in6_addr *saddr,
72 const u16 sport, 72 const __be16 sport,
73 const struct in6_addr *daddr, 73 const struct in6_addr *daddr,
74 const u16 hnum, 74 const u16 hnum,
75 const int dif) 75 const int dif)
@@ -83,8 +83,8 @@ static inline struct sock *__inet6_lookup(struct inet_hashinfo *hashinfo,
83} 83}
84 84
85extern struct sock *inet6_lookup(struct inet_hashinfo *hashinfo, 85extern struct sock *inet6_lookup(struct inet_hashinfo *hashinfo,
86 const struct in6_addr *saddr, const u16 sport, 86 const struct in6_addr *saddr, const __be16 sport,
87 const struct in6_addr *daddr, const u16 dport, 87 const struct in6_addr *daddr, const __be16 dport,
88 const int dif); 88 const int dif);
89#endif /* defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE) */ 89#endif /* defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE) */
90#endif /* _INET6_HASHTABLES_H */ 90#endif /* _INET6_HASHTABLES_H */
diff --git a/include/net/inet_connection_sock.h b/include/net/inet_connection_sock.h
index 0bcf9f237e1f..bf16d98d372c 100644
--- a/include/net/inet_connection_sock.h
+++ b/include/net/inet_connection_sock.h
@@ -18,6 +18,7 @@
18#include <linux/compiler.h> 18#include <linux/compiler.h>
19#include <linux/string.h> 19#include <linux/string.h>
20#include <linux/timer.h> 20#include <linux/timer.h>
21#include <linux/poll.h>
21 22
22#include <net/inet_sock.h> 23#include <net/inet_sock.h>
23#include <net/request_sock.h> 24#include <net/request_sock.h>
@@ -36,7 +37,8 @@ struct tcp_congestion_ops;
36 * (i.e. things that depend on the address family) 37 * (i.e. things that depend on the address family)
37 */ 38 */
38struct inet_connection_sock_af_ops { 39struct inet_connection_sock_af_ops {
39 int (*queue_xmit)(struct sk_buff *skb, int ipfragok); 40 int (*queue_xmit)(struct sk_buff *skb, struct sock *sk,
41 int ipfragok);
40 void (*send_check)(struct sock *sk, int len, 42 void (*send_check)(struct sock *sk, int len,
41 struct sk_buff *skb); 43 struct sk_buff *skb);
42 int (*rebuild_header)(struct sock *sk); 44 int (*rebuild_header)(struct sock *sk);
@@ -45,7 +47,8 @@ struct inet_connection_sock_af_ops {
45 struct request_sock *req, 47 struct request_sock *req,
46 struct dst_entry *dst); 48 struct dst_entry *dst);
47 int (*remember_stamp)(struct sock *sk); 49 int (*remember_stamp)(struct sock *sk);
48 __u16 net_header_len; 50 u16 net_header_len;
51 u16 sockaddr_len;
49 int (*setsockopt)(struct sock *sk, int level, int optname, 52 int (*setsockopt)(struct sock *sk, int level, int optname,
50 char __user *optval, int optlen); 53 char __user *optval, int optlen);
51 int (*getsockopt)(struct sock *sk, int level, int optname, 54 int (*getsockopt)(struct sock *sk, int level, int optname,
@@ -57,7 +60,6 @@ struct inet_connection_sock_af_ops {
57 int level, int optname, 60 int level, int optname,
58 char __user *optval, int __user *optlen); 61 char __user *optval, int __user *optlen);
59 void (*addr2sockaddr)(struct sock *sk, struct sockaddr *); 62 void (*addr2sockaddr)(struct sock *sk, struct sockaddr *);
60 int sockaddr_len;
61}; 63};
62 64
63/** inet_connection_sock - INET connection oriented sock 65/** inet_connection_sock - INET connection oriented sock
diff --git a/include/net/inet_ecn.h b/include/net/inet_ecn.h
index 7849844a4911..10117c8503e8 100644
--- a/include/net/inet_ecn.h
+++ b/include/net/inet_ecn.h
@@ -53,7 +53,7 @@ static inline __u8 INET_ECN_encapsulate(__u8 outer, __u8 inner)
53 53
54static inline int IP_ECN_set_ce(struct iphdr *iph) 54static inline int IP_ECN_set_ce(struct iphdr *iph)
55{ 55{
56 u32 check = iph->check; 56 u32 check = (__force u32)iph->check;
57 u32 ecn = (iph->tos + 1) & INET_ECN_MASK; 57 u32 ecn = (iph->tos + 1) & INET_ECN_MASK;
58 58
59 /* 59 /*
@@ -71,9 +71,9 @@ static inline int IP_ECN_set_ce(struct iphdr *iph)
71 * INET_ECN_ECT_1 => check += htons(0xFFFD) 71 * INET_ECN_ECT_1 => check += htons(0xFFFD)
72 * INET_ECN_ECT_0 => check += htons(0xFFFE) 72 * INET_ECN_ECT_0 => check += htons(0xFFFE)
73 */ 73 */
74 check += htons(0xFFFB) + htons(ecn); 74 check += (__force u16)htons(0xFFFB) + (__force u16)htons(ecn);
75 75
76 iph->check = check + (check>=0xFFFF); 76 iph->check = (__force __sum16)(check + (check>=0xFFFF));
77 iph->tos |= INET_ECN_CE; 77 iph->tos |= INET_ECN_CE;
78 return 1; 78 return 1;
79} 79}
@@ -95,13 +95,13 @@ static inline int IP6_ECN_set_ce(struct ipv6hdr *iph)
95{ 95{
96 if (INET_ECN_is_not_ect(ipv6_get_dsfield(iph))) 96 if (INET_ECN_is_not_ect(ipv6_get_dsfield(iph)))
97 return 0; 97 return 0;
98 *(u32*)iph |= htonl(INET_ECN_CE << 20); 98 *(__be32*)iph |= htonl(INET_ECN_CE << 20);
99 return 1; 99 return 1;
100} 100}
101 101
102static inline void IP6_ECN_clear(struct ipv6hdr *iph) 102static inline void IP6_ECN_clear(struct ipv6hdr *iph)
103{ 103{
104 *(u32*)iph &= ~htonl(INET_ECN_MASK << 20); 104 *(__be32*)iph &= ~htonl(INET_ECN_MASK << 20);
105} 105}
106 106
107static inline void ipv6_copy_dscp(struct ipv6hdr *outer, struct ipv6hdr *inner) 107static inline void ipv6_copy_dscp(struct ipv6hdr *outer, struct ipv6hdr *inner)
diff --git a/include/net/ip.h b/include/net/ip.h
index b6d95e553401..83cb9ac5554e 100644
--- a/include/net/ip.h
+++ b/include/net/ip.h
@@ -97,7 +97,7 @@ extern int ip_mc_output(struct sk_buff *skb);
97extern int ip_fragment(struct sk_buff *skb, int (*output)(struct sk_buff *)); 97extern int ip_fragment(struct sk_buff *skb, int (*output)(struct sk_buff *));
98extern int ip_do_nat(struct sk_buff *skb); 98extern int ip_do_nat(struct sk_buff *skb);
99extern void ip_send_check(struct iphdr *ip); 99extern void ip_send_check(struct iphdr *ip);
100extern int ip_queue_xmit(struct sk_buff *skb, int ipfragok); 100extern int ip_queue_xmit(struct sk_buff *skb, struct sock *sk, int ipfragok);
101extern void ip_init(void); 101extern void ip_init(void);
102extern int ip_append_data(struct sock *sk, 102extern int ip_append_data(struct sock *sk,
103 int getfrag(void *from, char *to, int offset, int len, 103 int getfrag(void *from, char *to, int offset, int len,
@@ -123,7 +123,7 @@ extern int ip4_datagram_connect(struct sock *sk,
123 * multicast packets. 123 * multicast packets.
124 */ 124 */
125 125
126static inline void ip_tr_mc_map(u32 addr, char *buf) 126static inline void ip_tr_mc_map(__be32 addr, char *buf)
127{ 127{
128 buf[0]=0xC0; 128 buf[0]=0xC0;
129 buf[1]=0x00; 129 buf[1]=0x00;
@@ -135,7 +135,7 @@ static inline void ip_tr_mc_map(u32 addr, char *buf)
135 135
136struct ip_reply_arg { 136struct ip_reply_arg {
137 struct kvec iov[1]; 137 struct kvec iov[1];
138 u32 csum; 138 __wsum csum;
139 int csumoffset; /* u16 offset of csum in iov[0].iov_base */ 139 int csumoffset; /* u16 offset of csum in iov[0].iov_base */
140 /* -1 if not needed */ 140 /* -1 if not needed */
141}; 141};
@@ -192,9 +192,9 @@ extern void ipfrag_init(void);
192static inline 192static inline
193int ip_decrease_ttl(struct iphdr *iph) 193int ip_decrease_ttl(struct iphdr *iph)
194{ 194{
195 u32 check = iph->check; 195 u32 check = (__force u32)iph->check;
196 check += htons(0x0100); 196 check += (__force u32)htons(0x0100);
197 iph->check = check + (check>=0xFFFF); 197 iph->check = (__force __sum16)(check + (check>=0xFFFF));
198 return --iph->ttl; 198 return --iph->ttl;
199} 199}
200 200
@@ -238,9 +238,9 @@ static inline void ip_select_ident_more(struct iphdr *iph, struct dst_entry *dst
238 * Map a multicast IP onto multicast MAC for type ethernet. 238 * Map a multicast IP onto multicast MAC for type ethernet.
239 */ 239 */
240 240
241static inline void ip_eth_mc_map(u32 addr, char *buf) 241static inline void ip_eth_mc_map(__be32 naddr, char *buf)
242{ 242{
243 addr=ntohl(addr); 243 __u32 addr=ntohl(naddr);
244 buf[0]=0x01; 244 buf[0]=0x01;
245 buf[1]=0x00; 245 buf[1]=0x00;
246 buf[2]=0x5e; 246 buf[2]=0x5e;
@@ -256,13 +256,14 @@ static inline void ip_eth_mc_map(u32 addr, char *buf)
256 * Leave P_Key as 0 to be filled in by driver. 256 * Leave P_Key as 0 to be filled in by driver.
257 */ 257 */
258 258
259static inline void ip_ib_mc_map(u32 addr, char *buf) 259static inline void ip_ib_mc_map(__be32 naddr, char *buf)
260{ 260{
261 __u32 addr;
261 buf[0] = 0; /* Reserved */ 262 buf[0] = 0; /* Reserved */
262 buf[1] = 0xff; /* Multicast QPN */ 263 buf[1] = 0xff; /* Multicast QPN */
263 buf[2] = 0xff; 264 buf[2] = 0xff;
264 buf[3] = 0xff; 265 buf[3] = 0xff;
265 addr = ntohl(addr); 266 addr = ntohl(naddr);
266 buf[4] = 0xff; 267 buf[4] = 0xff;
267 buf[5] = 0x12; /* link local scope */ 268 buf[5] = 0x12; /* link local scope */
268 buf[6] = 0x40; /* IPv4 signature */ 269 buf[6] = 0x40; /* IPv4 signature */
diff --git a/include/net/ip6_checksum.h b/include/net/ip6_checksum.h
index 3dfc885bdf25..68e2b32cf1d6 100644
--- a/include/net/ip6_checksum.h
+++ b/include/net/ip6_checksum.h
@@ -34,60 +34,60 @@
34 34
35#ifndef _HAVE_ARCH_IPV6_CSUM 35#ifndef _HAVE_ARCH_IPV6_CSUM
36 36
37static __inline__ unsigned short int csum_ipv6_magic(struct in6_addr *saddr, 37static __inline__ __sum16 csum_ipv6_magic(const struct in6_addr *saddr,
38 struct in6_addr *daddr, 38 const struct in6_addr *daddr,
39 __u16 len, 39 __u32 len, unsigned short proto,
40 unsigned short proto, 40 __wsum csum)
41 unsigned int csum)
42{ 41{
43 42
44 int carry; 43 int carry;
45 __u32 ulen; 44 __u32 ulen;
46 __u32 uproto; 45 __u32 uproto;
46 __u32 sum = (__force u32)csum;
47 47
48 csum += saddr->s6_addr32[0]; 48 sum += (__force u32)saddr->s6_addr32[0];
49 carry = (csum < saddr->s6_addr32[0]); 49 carry = (sum < (__force u32)saddr->s6_addr32[0]);
50 csum += carry; 50 sum += carry;
51 51
52 csum += saddr->s6_addr32[1]; 52 sum += (__force u32)saddr->s6_addr32[1];
53 carry = (csum < saddr->s6_addr32[1]); 53 carry = (sum < (__force u32)saddr->s6_addr32[1]);
54 csum += carry; 54 sum += carry;
55 55
56 csum += saddr->s6_addr32[2]; 56 sum += (__force u32)saddr->s6_addr32[2];
57 carry = (csum < saddr->s6_addr32[2]); 57 carry = (sum < (__force u32)saddr->s6_addr32[2]);
58 csum += carry; 58 sum += carry;
59 59
60 csum += saddr->s6_addr32[3]; 60 sum += (__force u32)saddr->s6_addr32[3];
61 carry = (csum < saddr->s6_addr32[3]); 61 carry = (sum < (__force u32)saddr->s6_addr32[3]);
62 csum += carry; 62 sum += carry;
63 63
64 csum += daddr->s6_addr32[0]; 64 sum += (__force u32)daddr->s6_addr32[0];
65 carry = (csum < daddr->s6_addr32[0]); 65 carry = (sum < (__force u32)daddr->s6_addr32[0]);
66 csum += carry; 66 sum += carry;
67 67
68 csum += daddr->s6_addr32[1]; 68 sum += (__force u32)daddr->s6_addr32[1];
69 carry = (csum < daddr->s6_addr32[1]); 69 carry = (sum < (__force u32)daddr->s6_addr32[1]);
70 csum += carry; 70 sum += carry;
71 71
72 csum += daddr->s6_addr32[2]; 72 sum += (__force u32)daddr->s6_addr32[2];
73 carry = (csum < daddr->s6_addr32[2]); 73 carry = (sum < (__force u32)daddr->s6_addr32[2]);
74 csum += carry; 74 sum += carry;
75 75
76 csum += daddr->s6_addr32[3]; 76 sum += (__force u32)daddr->s6_addr32[3];
77 carry = (csum < daddr->s6_addr32[3]); 77 carry = (sum < (__force u32)daddr->s6_addr32[3]);
78 csum += carry; 78 sum += carry;
79 79
80 ulen = htonl((__u32) len); 80 ulen = (__force u32)htonl((__u32) len);
81 csum += ulen; 81 sum += ulen;
82 carry = (csum < ulen); 82 carry = (sum < ulen);
83 csum += carry; 83 sum += carry;
84 84
85 uproto = htonl(proto); 85 uproto = (__force u32)htonl(proto);
86 csum += uproto; 86 sum += uproto;
87 carry = (csum < uproto); 87 carry = (sum < uproto);
88 csum += carry; 88 sum += carry;
89 89
90 return csum_fold(csum); 90 return csum_fold((__force __wsum)csum);
91} 91}
92 92
93#endif 93#endif
diff --git a/include/net/ip6_fib.h b/include/net/ip6_fib.h
index e4438de3bd6b..f9cde44f93b4 100644
--- a/include/net/ip6_fib.h
+++ b/include/net/ip6_fib.h
@@ -107,6 +107,11 @@ struct rt6_info
107 u8 rt6i_protocol; 107 u8 rt6i_protocol;
108}; 108};
109 109
110static inline struct inet6_dev *ip6_dst_idev(struct dst_entry *dst)
111{
112 return ((struct rt6_info *)dst)->rt6i_idev;
113}
114
110struct fib6_walker_t 115struct fib6_walker_t
111{ 116{
112 struct fib6_walker_t *prev, *next; 117 struct fib6_walker_t *prev, *next;
diff --git a/include/net/ip6_route.h b/include/net/ip6_route.h
index c14b70ed4c57..4e927ebd1cb3 100644
--- a/include/net/ip6_route.h
+++ b/include/net/ip6_route.h
@@ -20,7 +20,7 @@ struct route_info {
20 route_pref:2, 20 route_pref:2,
21 reserved_h:3; 21 reserved_h:3;
22#endif 22#endif
23 __u32 lifetime; 23 __be32 lifetime;
24 __u8 prefix[0]; /* 0,8 or 16 */ 24 __u8 prefix[0]; /* 0,8 or 16 */
25}; 25};
26 26
diff --git a/include/net/ip_fib.h b/include/net/ip_fib.h
index 949b932d2f08..36c635ca1aa6 100644
--- a/include/net/ip_fib.h
+++ b/include/net/ip_fib.h
@@ -115,7 +115,7 @@ struct fib_result {
115 115
116struct fib_result_nl { 116struct fib_result_nl {
117 __be32 fl_addr; /* To be looked up*/ 117 __be32 fl_addr; /* To be looked up*/
118 u32 fl_fwmark; 118 u32 fl_mark;
119 unsigned char fl_tos; 119 unsigned char fl_tos;
120 unsigned char fl_scope; 120 unsigned char fl_scope;
121 unsigned char tb_id_in; 121 unsigned char tb_id_in;
diff --git a/include/net/ip_mp_alg.h b/include/net/ip_mp_alg.h
index beffdd66ad74..25b56571e54b 100644
--- a/include/net/ip_mp_alg.h
+++ b/include/net/ip_mp_alg.h
@@ -88,9 +88,7 @@ static inline int multipath_comparekeys(const struct flowi *flp1,
88 return flp1->fl4_dst == flp2->fl4_dst && 88 return flp1->fl4_dst == flp2->fl4_dst &&
89 flp1->fl4_src == flp2->fl4_src && 89 flp1->fl4_src == flp2->fl4_src &&
90 flp1->oif == flp2->oif && 90 flp1->oif == flp2->oif &&
91#ifdef CONFIG_IP_ROUTE_FWMARK 91 flp1->mark == flp2->mark &&
92 flp1->fl4_fwmark == flp2->fl4_fwmark &&
93#endif
94 !((flp1->fl4_tos ^ flp2->fl4_tos) & 92 !((flp1->fl4_tos ^ flp2->fl4_tos) &
95 (IPTOS_RT_MASK | RTO_ONLINK)); 93 (IPTOS_RT_MASK | RTO_ONLINK));
96} 94}
diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h
index 903108e583f8..672564e5a81d 100644
--- a/include/net/ip_vs.h
+++ b/include/net/ip_vs.h
@@ -988,14 +988,20 @@ extern int ip_vs_make_skb_writable(struct sk_buff **pskb, int len);
988extern void ip_vs_nat_icmp(struct sk_buff *skb, struct ip_vs_protocol *pp, 988extern void ip_vs_nat_icmp(struct sk_buff *skb, struct ip_vs_protocol *pp,
989 struct ip_vs_conn *cp, int dir); 989 struct ip_vs_conn *cp, int dir);
990 990
991extern u16 ip_vs_checksum_complete(struct sk_buff *skb, int offset); 991extern __sum16 ip_vs_checksum_complete(struct sk_buff *skb, int offset);
992 992
993static inline u16 ip_vs_check_diff(u32 old, u32 new, u16 oldsum) 993static inline __wsum ip_vs_check_diff4(__be32 old, __be32 new, __wsum oldsum)
994{ 994{
995 u32 diff[2] = { old, new }; 995 __be32 diff[2] = { ~old, new };
996 996
997 return csum_fold(csum_partial((char *) diff, sizeof(diff), 997 return csum_partial((char *) diff, sizeof(diff), oldsum);
998 oldsum ^ 0xFFFF)); 998}
999
1000static inline __wsum ip_vs_check_diff2(__be16 old, __be16 new, __wsum oldsum)
1001{
1002 __be16 diff[2] = { ~old, new };
1003
1004 return csum_partial((char *) diff, sizeof(diff), oldsum);
999} 1005}
1000 1006
1001#endif /* __KERNEL__ */ 1007#endif /* __KERNEL__ */
diff --git a/include/net/ipconfig.h b/include/net/ipconfig.h
index 2a1fe996fbc6..3924d7d2cb11 100644
--- a/include/net/ipconfig.h
+++ b/include/net/ipconfig.h
@@ -11,12 +11,12 @@
11extern int ic_proto_enabled; /* Protocols enabled (see IC_xxx) */ 11extern int ic_proto_enabled; /* Protocols enabled (see IC_xxx) */
12extern int ic_set_manually; /* IPconfig parameters set manually */ 12extern int ic_set_manually; /* IPconfig parameters set manually */
13 13
14extern u32 ic_myaddr; /* My IP address */ 14extern __be32 ic_myaddr; /* My IP address */
15extern u32 ic_gateway; /* Gateway IP address */ 15extern __be32 ic_gateway; /* Gateway IP address */
16 16
17extern u32 ic_servaddr; /* Boot server IP address */ 17extern __be32 ic_servaddr; /* Boot server IP address */
18 18
19extern u32 root_server_addr; /* Address of NFS server */ 19extern __be32 root_server_addr; /* Address of NFS server */
20extern u8 root_server_path[]; /* Path to mount as root */ 20extern u8 root_server_path[]; /* Path to mount as root */
21 21
22 22
diff --git a/include/net/ipip.h b/include/net/ipip.h
index f490c3cbe377..7cdc914322f0 100644
--- a/include/net/ipip.h
+++ b/include/net/ipip.h
@@ -35,7 +35,7 @@ struct ip_tunnel
35 ip_send_check(iph); \ 35 ip_send_check(iph); \
36 \ 36 \
37 err = NF_HOOK(PF_INET, NF_IP_LOCAL_OUT, skb, NULL, rt->u.dst.dev, dst_output);\ 37 err = NF_HOOK(PF_INET, NF_IP_LOCAL_OUT, skb, NULL, rt->u.dst.dev, dst_output);\
38 if (err == NET_XMIT_SUCCESS || err == NET_XMIT_CN) { \ 38 if (net_xmit_eval(err) == 0) { \
39 stats->tx_bytes += pkt_len; \ 39 stats->tx_bytes += pkt_len; \
40 stats->tx_packets++; \ 40 stats->tx_packets++; \
41 } else { \ 41 } else { \
@@ -44,8 +44,4 @@ struct ip_tunnel
44 } \ 44 } \
45} while (0) 45} while (0)
46 46
47
48extern int sit_init(void);
49extern void sit_cleanup(void);
50
51#endif 47#endif
diff --git a/include/net/ipv6.h b/include/net/ipv6.h
index 8223c4410b4b..00328b71a08c 100644
--- a/include/net/ipv6.h
+++ b/include/net/ipv6.h
@@ -95,10 +95,10 @@
95 */ 95 */
96 96
97struct frag_hdr { 97struct frag_hdr {
98 unsigned char nexthdr; 98 __u8 nexthdr;
99 unsigned char reserved; 99 __u8 reserved;
100 unsigned short frag_off; 100 __be16 frag_off;
101 __u32 identification; 101 __be32 identification;
102}; 102};
103 103
104#define IP6_MF 0x0001 104#define IP6_MF 0x0001
@@ -113,9 +113,24 @@ extern int sysctl_mld_max_msf;
113 113
114/* MIBs */ 114/* MIBs */
115DECLARE_SNMP_STAT(struct ipstats_mib, ipv6_statistics); 115DECLARE_SNMP_STAT(struct ipstats_mib, ipv6_statistics);
116#define IP6_INC_STATS(field) SNMP_INC_STATS(ipv6_statistics, field) 116#define IP6_INC_STATS(idev,field) ({ \
117#define IP6_INC_STATS_BH(field) SNMP_INC_STATS_BH(ipv6_statistics, field) 117 struct inet6_dev *_idev = (idev); \
118#define IP6_INC_STATS_USER(field) SNMP_INC_STATS_USER(ipv6_statistics, field) 118 if (likely(_idev != NULL)) \
119 SNMP_INC_STATS(_idev->stats.ipv6, field); \
120 SNMP_INC_STATS(ipv6_statistics, field); \
121})
122#define IP6_INC_STATS_BH(idev,field) ({ \
123 struct inet6_dev *_idev = (idev); \
124 if (likely(_idev != NULL)) \
125 SNMP_INC_STATS_BH(_idev->stats.ipv6, field); \
126 SNMP_INC_STATS_BH(ipv6_statistics, field); \
127})
128#define IP6_INC_STATS_USER(idev,field) ({ \
129 struct inet6_dev *_idev = (idev); \
130 if (likely(_idev != NULL)) \
131 SNMP_INC_STATS_USER(_idev->stats.ipv6, field); \
132 SNMP_INC_STATS_USER(ipv6_statistics, field); \
133})
119DECLARE_SNMP_STAT(struct icmpv6_mib, icmpv6_statistics); 134DECLARE_SNMP_STAT(struct icmpv6_mib, icmpv6_statistics);
120#define ICMP6_INC_STATS(idev, field) ({ \ 135#define ICMP6_INC_STATS(idev, field) ({ \
121 struct inet6_dev *_idev = (idev); \ 136 struct inet6_dev *_idev = (idev); \
@@ -143,9 +158,13 @@ DECLARE_SNMP_STAT(struct icmpv6_mib, icmpv6_statistics);
143 SNMP_INC_STATS_OFFSET_BH(icmpv6_statistics, field, _offset); \ 158 SNMP_INC_STATS_OFFSET_BH(icmpv6_statistics, field, _offset); \
144}) 159})
145DECLARE_SNMP_STAT(struct udp_mib, udp_stats_in6); 160DECLARE_SNMP_STAT(struct udp_mib, udp_stats_in6);
146#define UDP6_INC_STATS(field) SNMP_INC_STATS(udp_stats_in6, field) 161DECLARE_SNMP_STAT(struct udp_mib, udplite_stats_in6);
147#define UDP6_INC_STATS_BH(field) SNMP_INC_STATS_BH(udp_stats_in6, field) 162#define UDP6_INC_STATS_BH(field, is_udplite) do { \
148#define UDP6_INC_STATS_USER(field) SNMP_INC_STATS_USER(udp_stats_in6, field) 163 if (is_udplite) SNMP_INC_STATS_BH(udplite_stats_in6, field); \
164 else SNMP_INC_STATS_BH(udp_stats_in6, field); } while(0)
165#define UDP6_INC_STATS_USER(field, is_udplite) do { \
166 if (is_udplite) SNMP_INC_STATS_USER(udplite_stats_in6, field); \
167 else SNMP_INC_STATS_USER(udp_stats_in6, field); } while(0)
149 168
150int snmp6_register_dev(struct inet6_dev *idev); 169int snmp6_register_dev(struct inet6_dev *idev);
151int snmp6_unregister_dev(struct inet6_dev *idev); 170int snmp6_unregister_dev(struct inet6_dev *idev);
@@ -191,7 +210,7 @@ struct ipv6_txoptions
191struct ip6_flowlabel 210struct ip6_flowlabel
192{ 211{
193 struct ip6_flowlabel *next; 212 struct ip6_flowlabel *next;
194 u32 label; 213 __be32 label;
195 struct in6_addr dst; 214 struct in6_addr dst;
196 struct ipv6_txoptions *opt; 215 struct ipv6_txoptions *opt;
197 atomic_t users; 216 atomic_t users;
@@ -211,7 +230,7 @@ struct ipv6_fl_socklist
211 struct ip6_flowlabel *fl; 230 struct ip6_flowlabel *fl;
212}; 231};
213 232
214extern struct ip6_flowlabel *fl6_sock_lookup(struct sock *sk, u32 label); 233extern struct ip6_flowlabel *fl6_sock_lookup(struct sock *sk, __be32 label);
215extern struct ipv6_txoptions *fl6_merge_options(struct ipv6_txoptions * opt_space, 234extern struct ipv6_txoptions *fl6_merge_options(struct ipv6_txoptions * opt_space,
216 struct ip6_flowlabel * fl, 235 struct ip6_flowlabel * fl,
217 struct ipv6_txoptions * fopt); 236 struct ipv6_txoptions * fopt);
@@ -375,22 +394,15 @@ static inline int ipv6_addr_any(const struct in6_addr *a)
375 */ 394 */
376static inline int __ipv6_addr_diff(const void *token1, const void *token2, int addrlen) 395static inline int __ipv6_addr_diff(const void *token1, const void *token2, int addrlen)
377{ 396{
378 const __u32 *a1 = token1, *a2 = token2; 397 const __be32 *a1 = token1, *a2 = token2;
379 int i; 398 int i;
380 399
381 addrlen >>= 2; 400 addrlen >>= 2;
382 401
383 for (i = 0; i < addrlen; i++) { 402 for (i = 0; i < addrlen; i++) {
384 __u32 xb = a1[i] ^ a2[i]; 403 __be32 xb = a1[i] ^ a2[i];
385 if (xb) { 404 if (xb)
386 int j = 31; 405 return i * 32 + 32 - fls(ntohl(xb));
387
388 xb = ntohl(xb);
389 while ((xb & (1 << j)) == 0)
390 j--;
391
392 return (i * 32 + 31 - j);
393 }
394 } 406 }
395 407
396 /* 408 /*
@@ -544,7 +556,7 @@ extern int ip6_datagram_connect(struct sock *sk,
544 struct sockaddr *addr, int addr_len); 556 struct sockaddr *addr, int addr_len);
545 557
546extern int ipv6_recv_error(struct sock *sk, struct msghdr *msg, int len); 558extern int ipv6_recv_error(struct sock *sk, struct msghdr *msg, int len);
547extern void ipv6_icmp_error(struct sock *sk, struct sk_buff *skb, int err, u16 port, 559extern void ipv6_icmp_error(struct sock *sk, struct sk_buff *skb, int err, __be16 port,
548 u32 info, u8 *payload); 560 u32 info, u8 *payload);
549extern void ipv6_local_error(struct sock *sk, int err, struct flowi *fl, u32 info); 561extern void ipv6_local_error(struct sock *sk, int err, struct flowi *fl, u32 info);
550 562
@@ -589,6 +601,8 @@ extern int tcp6_proc_init(void);
589extern void tcp6_proc_exit(void); 601extern void tcp6_proc_exit(void);
590extern int udp6_proc_init(void); 602extern int udp6_proc_init(void);
591extern void udp6_proc_exit(void); 603extern void udp6_proc_exit(void);
604extern int udplite6_proc_init(void);
605extern void udplite6_proc_exit(void);
592extern int ipv6_misc_proc_init(void); 606extern int ipv6_misc_proc_init(void);
593extern void ipv6_misc_proc_exit(void); 607extern void ipv6_misc_proc_exit(void);
594 608
diff --git a/include/net/irda/irlap_frame.h b/include/net/irda/irlap_frame.h
index 9dd54a5002b2..641f88e848bd 100644
--- a/include/net/irda/irlap_frame.h
+++ b/include/net/irda/irlap_frame.h
@@ -91,8 +91,8 @@ struct xid_frame {
91 __u8 caddr; /* Connection address */ 91 __u8 caddr; /* Connection address */
92 __u8 control; 92 __u8 control;
93 __u8 ident; /* Should always be XID_FORMAT */ 93 __u8 ident; /* Should always be XID_FORMAT */
94 __u32 saddr; /* Source device address */ 94 __le32 saddr; /* Source device address */
95 __u32 daddr; /* Destination device address */ 95 __le32 daddr; /* Destination device address */
96 __u8 flags; /* Discovery flags */ 96 __u8 flags; /* Discovery flags */
97 __u8 slotnr; 97 __u8 slotnr;
98 __u8 version; 98 __u8 version;
@@ -101,15 +101,15 @@ struct xid_frame {
101struct test_frame { 101struct test_frame {
102 __u8 caddr; /* Connection address */ 102 __u8 caddr; /* Connection address */
103 __u8 control; 103 __u8 control;
104 __u32 saddr; /* Source device address */ 104 __le32 saddr; /* Source device address */
105 __u32 daddr; /* Destination device address */ 105 __le32 daddr; /* Destination device address */
106} IRDA_PACK; 106} IRDA_PACK;
107 107
108struct ua_frame { 108struct ua_frame {
109 __u8 caddr; 109 __u8 caddr;
110 __u8 control; 110 __u8 control;
111 __u32 saddr; /* Source device address */ 111 __le32 saddr; /* Source device address */
112 __u32 daddr; /* Dest device address */ 112 __le32 daddr; /* Dest device address */
113} IRDA_PACK; 113} IRDA_PACK;
114 114
115struct dm_frame { 115struct dm_frame {
@@ -135,8 +135,8 @@ struct i_frame {
135struct snrm_frame { 135struct snrm_frame {
136 __u8 caddr; 136 __u8 caddr;
137 __u8 control; 137 __u8 control;
138 __u32 saddr; 138 __le32 saddr;
139 __u32 daddr; 139 __le32 daddr;
140 __u8 ncaddr; 140 __u8 ncaddr;
141} IRDA_PACK; 141} IRDA_PACK;
142 142
diff --git a/include/net/irda/timer.h b/include/net/irda/timer.h
index 2c5d8864ab77..cb61568547d1 100644
--- a/include/net/irda/timer.h
+++ b/include/net/irda/timer.h
@@ -28,6 +28,7 @@
28#define TIMER_H 28#define TIMER_H
29 29
30#include <linux/timer.h> 30#include <linux/timer.h>
31#include <linux/jiffies.h>
31 32
32#include <asm/param.h> /* for HZ */ 33#include <asm/param.h> /* for HZ */
33 34
diff --git a/include/net/llc_pdu.h b/include/net/llc_pdu.h
index 8f6306581fa7..aa33a477c3fb 100644
--- a/include/net/llc_pdu.h
+++ b/include/net/llc_pdu.h
@@ -252,9 +252,9 @@ static inline void llc_pdu_header_init(struct sk_buff *skb, u8 type,
252 */ 252 */
253static inline void llc_pdu_decode_sa(struct sk_buff *skb, u8 *sa) 253static inline void llc_pdu_decode_sa(struct sk_buff *skb, u8 *sa)
254{ 254{
255 if (skb->protocol == ntohs(ETH_P_802_2)) 255 if (skb->protocol == htons(ETH_P_802_2))
256 memcpy(sa, eth_hdr(skb)->h_source, ETH_ALEN); 256 memcpy(sa, eth_hdr(skb)->h_source, ETH_ALEN);
257 else if (skb->protocol == ntohs(ETH_P_TR_802_2)) { 257 else if (skb->protocol == htons(ETH_P_TR_802_2)) {
258 memcpy(sa, tr_hdr(skb)->saddr, ETH_ALEN); 258 memcpy(sa, tr_hdr(skb)->saddr, ETH_ALEN);
259 *sa &= 0x7F; 259 *sa &= 0x7F;
260 } 260 }
@@ -269,9 +269,9 @@ static inline void llc_pdu_decode_sa(struct sk_buff *skb, u8 *sa)
269 */ 269 */
270static inline void llc_pdu_decode_da(struct sk_buff *skb, u8 *da) 270static inline void llc_pdu_decode_da(struct sk_buff *skb, u8 *da)
271{ 271{
272 if (skb->protocol == ntohs(ETH_P_802_2)) 272 if (skb->protocol == htons(ETH_P_802_2))
273 memcpy(da, eth_hdr(skb)->h_dest, ETH_ALEN); 273 memcpy(da, eth_hdr(skb)->h_dest, ETH_ALEN);
274 else if (skb->protocol == ntohs(ETH_P_TR_802_2)) 274 else if (skb->protocol == htons(ETH_P_TR_802_2))
275 memcpy(da, tr_hdr(skb)->daddr, ETH_ALEN); 275 memcpy(da, tr_hdr(skb)->daddr, ETH_ALEN);
276} 276}
277 277
@@ -345,7 +345,7 @@ static inline void llc_pdu_init_as_test_rsp(struct sk_buff *skb,
345 pdu->ctrl_1 = LLC_PDU_TYPE_U; 345 pdu->ctrl_1 = LLC_PDU_TYPE_U;
346 pdu->ctrl_1 |= LLC_1_PDU_CMD_TEST; 346 pdu->ctrl_1 |= LLC_1_PDU_CMD_TEST;
347 pdu->ctrl_1 |= LLC_U_PF_BIT_MASK; 347 pdu->ctrl_1 |= LLC_U_PF_BIT_MASK;
348 if (ev_skb->protocol == ntohs(ETH_P_802_2)) { 348 if (ev_skb->protocol == htons(ETH_P_802_2)) {
349 struct llc_pdu_un *ev_pdu = llc_pdu_un_hdr(ev_skb); 349 struct llc_pdu_un *ev_pdu = llc_pdu_un_hdr(ev_skb);
350 int dsize; 350 int dsize;
351 351
diff --git a/include/net/ndisc.h b/include/net/ndisc.h
index d3915dabe6de..475b10c575b3 100644
--- a/include/net/ndisc.h
+++ b/include/net/ndisc.h
@@ -66,8 +66,8 @@ struct rs_msg {
66 66
67struct ra_msg { 67struct ra_msg {
68 struct icmp6hdr icmph; 68 struct icmp6hdr icmph;
69 __u32 reachable_time; 69 __be32 reachable_time;
70 __u32 retrans_timer; 70 __be32 retrans_timer;
71}; 71};
72 72
73struct nd_opt_hdr { 73struct nd_opt_hdr {
diff --git a/include/net/netfilter/ipv4/nf_conntrack_ipv4.h b/include/net/netfilter/ipv4/nf_conntrack_ipv4.h
index 91684436af8e..1401ccc051c4 100644
--- a/include/net/netfilter/ipv4/nf_conntrack_ipv4.h
+++ b/include/net/netfilter/ipv4/nf_conntrack_ipv4.h
@@ -9,32 +9,35 @@
9#ifndef _NF_CONNTRACK_IPV4_H 9#ifndef _NF_CONNTRACK_IPV4_H
10#define _NF_CONNTRACK_IPV4_H 10#define _NF_CONNTRACK_IPV4_H
11 11
12#ifdef CONFIG_IP_NF_NAT_NEEDED 12#ifdef CONFIG_NF_NAT_NEEDED
13#include <linux/netfilter_ipv4/ip_nat.h> 13#include <net/netfilter/nf_nat.h>
14#include <linux/netfilter/nf_conntrack_pptp.h>
14 15
15/* per conntrack: nat application helper private data */ 16/* per conntrack: nat application helper private data */
16union ip_conntrack_nat_help { 17union nf_conntrack_nat_help {
17 /* insert nat helper private data here */ 18 /* insert nat helper private data here */
19 struct nf_nat_pptp nat_pptp_info;
18}; 20};
19 21
20struct nf_conntrack_ipv4_nat { 22struct nf_conn_nat {
21 struct ip_nat_info info; 23 struct nf_nat_info info;
22 union ip_conntrack_nat_help help; 24 union nf_conntrack_nat_help help;
23#if defined(CONFIG_IP_NF_TARGET_MASQUERADE) || \ 25#if defined(CONFIG_IP_NF_TARGET_MASQUERADE) || \
24 defined(CONFIG_IP_NF_TARGET_MASQUERADE_MODULE) 26 defined(CONFIG_IP_NF_TARGET_MASQUERADE_MODULE)
25 int masq_index; 27 int masq_index;
26#endif 28#endif
27}; 29};
28#endif /* CONFIG_IP_NF_NAT_NEEDED */ 30#endif /* CONFIG_NF_NAT_NEEDED */
29
30struct nf_conntrack_ipv4 {
31#ifdef CONFIG_IP_NF_NAT_NEEDED
32 struct nf_conntrack_ipv4_nat *nat;
33#endif
34};
35 31
36/* Returns new sk_buff, or NULL */ 32/* Returns new sk_buff, or NULL */
37struct sk_buff * 33struct sk_buff *
38nf_ct_ipv4_ct_gather_frags(struct sk_buff *skb); 34nf_ct_ipv4_ct_gather_frags(struct sk_buff *skb);
39 35
36extern struct nf_conntrack_l4proto nf_conntrack_l4proto_tcp4;
37extern struct nf_conntrack_l4proto nf_conntrack_l4proto_udp4;
38extern struct nf_conntrack_l4proto nf_conntrack_l4proto_icmp;
39
40extern int nf_conntrack_ipv4_compat_init(void);
41extern void nf_conntrack_ipv4_compat_fini(void);
42
40#endif /*_NF_CONNTRACK_IPV4_H*/ 43#endif /*_NF_CONNTRACK_IPV4_H*/
diff --git a/include/net/netfilter/ipv6/nf_conntrack_ipv6.h b/include/net/netfilter/ipv6/nf_conntrack_ipv6.h
new file mode 100644
index 000000000000..b4b6049e01fa
--- /dev/null
+++ b/include/net/netfilter/ipv6/nf_conntrack_ipv6.h
@@ -0,0 +1,25 @@
1#ifndef _NF_CONNTRACK_IPV6_H
2#define _NF_CONNTRACK_IPV6_H
3
4extern struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv6;
5
6extern struct nf_conntrack_l4proto nf_conntrack_l4proto_tcp6;
7extern struct nf_conntrack_l4proto nf_conntrack_l4proto_udp6;
8extern struct nf_conntrack_l4proto nf_conntrack_l4proto_icmpv6;
9
10extern int nf_ct_ipv6_skip_exthdr(struct sk_buff *skb, int start,
11 u8 *nexthdrp, int len);
12
13extern int nf_ct_frag6_init(void);
14extern void nf_ct_frag6_cleanup(void);
15extern struct sk_buff *nf_ct_frag6_gather(struct sk_buff *skb);
16extern void nf_ct_frag6_output(unsigned int hooknum, struct sk_buff *skb,
17 struct net_device *in,
18 struct net_device *out,
19 int (*okfn)(struct sk_buff *));
20
21extern unsigned int nf_ct_frag6_timeout;
22extern unsigned int nf_ct_frag6_low_thresh;
23extern unsigned int nf_ct_frag6_high_thresh;
24
25#endif /* _NF_CONNTRACK_IPV6_H*/
diff --git a/include/net/netfilter/nf_conntrack.h b/include/net/netfilter/nf_conntrack.h
index 1fbd8193d5f1..bd01b4633ee2 100644
--- a/include/net/netfilter/nf_conntrack.h
+++ b/include/net/netfilter/nf_conntrack.h
@@ -21,6 +21,7 @@
21 21
22#include <linux/netfilter/nf_conntrack_tcp.h> 22#include <linux/netfilter/nf_conntrack_tcp.h>
23#include <linux/netfilter/nf_conntrack_sctp.h> 23#include <linux/netfilter/nf_conntrack_sctp.h>
24#include <linux/netfilter/nf_conntrack_proto_gre.h>
24#include <net/netfilter/ipv4/nf_conntrack_icmp.h> 25#include <net/netfilter/ipv4/nf_conntrack_icmp.h>
25#include <net/netfilter/ipv6/nf_conntrack_icmpv6.h> 26#include <net/netfilter/ipv6/nf_conntrack_icmpv6.h>
26 27
@@ -33,6 +34,7 @@ union nf_conntrack_proto {
33 struct ip_ct_tcp tcp; 34 struct ip_ct_tcp tcp;
34 struct ip_ct_icmp icmp; 35 struct ip_ct_icmp icmp;
35 struct nf_ct_icmpv6 icmpv6; 36 struct nf_ct_icmpv6 icmpv6;
37 struct nf_ct_gre gre;
36}; 38};
37 39
38union nf_conntrack_expect_proto { 40union nf_conntrack_expect_proto {
@@ -41,15 +43,20 @@ union nf_conntrack_expect_proto {
41 43
42/* Add protocol helper include file here */ 44/* Add protocol helper include file here */
43#include <linux/netfilter/nf_conntrack_ftp.h> 45#include <linux/netfilter/nf_conntrack_ftp.h>
46#include <linux/netfilter/nf_conntrack_pptp.h>
47#include <linux/netfilter/nf_conntrack_h323.h>
44 48
45/* per conntrack: application helper private data */ 49/* per conntrack: application helper private data */
46union nf_conntrack_help { 50union nf_conntrack_help {
47 /* insert conntrack helper private data (master) here */ 51 /* insert conntrack helper private data (master) here */
48 struct ip_ct_ftp_master ct_ftp_info; 52 struct nf_ct_ftp_master ct_ftp_info;
53 struct nf_ct_pptp_master ct_pptp_info;
54 struct nf_ct_h323_master ct_h323_info;
49}; 55};
50 56
51#include <linux/types.h> 57#include <linux/types.h>
52#include <linux/skbuff.h> 58#include <linux/skbuff.h>
59#include <linux/timer.h>
53 60
54#ifdef CONFIG_NETFILTER_DEBUG 61#ifdef CONFIG_NETFILTER_DEBUG
55#define NF_CT_ASSERT(x) \ 62#define NF_CT_ASSERT(x) \
@@ -79,6 +86,8 @@ struct nf_conn_help {
79 86
80 87
81#include <net/netfilter/ipv4/nf_conntrack_ipv4.h> 88#include <net/netfilter/ipv4/nf_conntrack_ipv4.h>
89#include <net/netfilter/ipv6/nf_conntrack_ipv6.h>
90
82struct nf_conn 91struct nf_conn
83{ 92{
84 /* Usage count in here is 1 for hash table/destruct timer, 1 per skb, 93 /* Usage count in here is 1 for hash table/destruct timer, 1 per skb,
@@ -124,44 +133,6 @@ struct nf_conn
124 char data[0]; 133 char data[0];
125}; 134};
126 135
127struct nf_conntrack_expect
128{
129 /* Internal linked list (global expectation list) */
130 struct list_head list;
131
132 /* We expect this tuple, with the following mask */
133 struct nf_conntrack_tuple tuple, mask;
134
135 /* Function to call after setup and insertion */
136 void (*expectfn)(struct nf_conn *new,
137 struct nf_conntrack_expect *this);
138
139 /* The conntrack of the master connection */
140 struct nf_conn *master;
141
142 /* Timer function; deletes the expectation. */
143 struct timer_list timeout;
144
145 /* Usage count. */
146 atomic_t use;
147
148 /* Unique ID */
149 unsigned int id;
150
151 /* Flags */
152 unsigned int flags;
153
154#ifdef CONFIG_NF_NAT_NEEDED
155 /* This is the original per-proto part, used to map the
156 * expected connection the way the recipient expects. */
157 union nf_conntrack_manip_proto saved_proto;
158 /* Direction relative to the master connection. */
159 enum ip_conntrack_dir dir;
160#endif
161};
162
163#define NF_CT_EXPECT_PERMANENT 0x1
164
165static inline struct nf_conn * 136static inline struct nf_conn *
166nf_ct_tuplehash_to_ctrack(const struct nf_conntrack_tuple_hash *hash) 137nf_ct_tuplehash_to_ctrack(const struct nf_conntrack_tuple_hash *hash)
167{ 138{
@@ -208,16 +179,6 @@ __nf_conntrack_find(const struct nf_conntrack_tuple *tuple,
208 179
209extern void nf_conntrack_hash_insert(struct nf_conn *ct); 180extern void nf_conntrack_hash_insert(struct nf_conn *ct);
210 181
211extern struct nf_conntrack_expect *
212__nf_conntrack_expect_find(const struct nf_conntrack_tuple *tuple);
213
214extern struct nf_conntrack_expect *
215nf_conntrack_expect_find(const struct nf_conntrack_tuple *tuple);
216
217extern void nf_ct_unlink_expect(struct nf_conntrack_expect *exp);
218
219extern void nf_ct_remove_expectations(struct nf_conn *ct);
220
221extern void nf_conntrack_flush(void); 182extern void nf_conntrack_flush(void);
222 183
223extern struct nf_conntrack_helper * 184extern struct nf_conntrack_helper *
@@ -289,89 +250,12 @@ static inline int nf_ct_is_dying(struct nf_conn *ct)
289 250
290extern unsigned int nf_conntrack_htable_size; 251extern unsigned int nf_conntrack_htable_size;
291extern int nf_conntrack_checksum; 252extern int nf_conntrack_checksum;
253extern atomic_t nf_conntrack_count;
254extern int nf_conntrack_max;
292 255
256DECLARE_PER_CPU(struct ip_conntrack_stat, nf_conntrack_stat);
293#define NF_CT_STAT_INC(count) (__get_cpu_var(nf_conntrack_stat).count++) 257#define NF_CT_STAT_INC(count) (__get_cpu_var(nf_conntrack_stat).count++)
294 258
295#ifdef CONFIG_NF_CONNTRACK_EVENTS
296#include <linux/notifier.h>
297#include <linux/interrupt.h>
298
299struct nf_conntrack_ecache {
300 struct nf_conn *ct;
301 unsigned int events;
302};
303DECLARE_PER_CPU(struct nf_conntrack_ecache, nf_conntrack_ecache);
304
305#define CONNTRACK_ECACHE(x) (__get_cpu_var(nf_conntrack_ecache).x)
306
307extern struct atomic_notifier_head nf_conntrack_chain;
308extern struct atomic_notifier_head nf_conntrack_expect_chain;
309
310static inline int nf_conntrack_register_notifier(struct notifier_block *nb)
311{
312 return atomic_notifier_chain_register(&nf_conntrack_chain, nb);
313}
314
315static inline int nf_conntrack_unregister_notifier(struct notifier_block *nb)
316{
317 return atomic_notifier_chain_unregister(&nf_conntrack_chain, nb);
318}
319
320static inline int
321nf_conntrack_expect_register_notifier(struct notifier_block *nb)
322{
323 return atomic_notifier_chain_register(&nf_conntrack_expect_chain, nb);
324}
325
326static inline int
327nf_conntrack_expect_unregister_notifier(struct notifier_block *nb)
328{
329 return atomic_notifier_chain_unregister(&nf_conntrack_expect_chain,
330 nb);
331}
332
333extern void nf_ct_deliver_cached_events(const struct nf_conn *ct);
334extern void __nf_ct_event_cache_init(struct nf_conn *ct);
335
336static inline void
337nf_conntrack_event_cache(enum ip_conntrack_events event,
338 const struct sk_buff *skb)
339{
340 struct nf_conn *ct = (struct nf_conn *)skb->nfct;
341 struct nf_conntrack_ecache *ecache;
342
343 local_bh_disable();
344 ecache = &__get_cpu_var(nf_conntrack_ecache);
345 if (ct != ecache->ct)
346 __nf_ct_event_cache_init(ct);
347 ecache->events |= event;
348 local_bh_enable();
349}
350
351static inline void nf_conntrack_event(enum ip_conntrack_events event,
352 struct nf_conn *ct)
353{
354 if (nf_ct_is_confirmed(ct) && !nf_ct_is_dying(ct))
355 atomic_notifier_call_chain(&nf_conntrack_chain, event, ct);
356}
357
358static inline void
359nf_conntrack_expect_event(enum ip_conntrack_expect_events event,
360 struct nf_conntrack_expect *exp)
361{
362 atomic_notifier_call_chain(&nf_conntrack_expect_chain, event, exp);
363}
364#else /* CONFIG_NF_CONNTRACK_EVENTS */
365static inline void nf_conntrack_event_cache(enum ip_conntrack_events event,
366 const struct sk_buff *skb) {}
367static inline void nf_conntrack_event(enum ip_conntrack_events event,
368 struct nf_conn *ct) {}
369static inline void nf_ct_deliver_cached_events(const struct nf_conn *ct) {}
370static inline void
371nf_conntrack_expect_event(enum ip_conntrack_expect_events event,
372 struct nf_conntrack_expect *exp) {}
373#endif /* CONFIG_NF_CONNTRACK_EVENTS */
374
375/* no helper, no nat */ 259/* no helper, no nat */
376#define NF_CT_F_BASIC 0 260#define NF_CT_F_BASIC 0
377/* for helper */ 261/* for helper */
@@ -387,17 +271,45 @@ nf_conntrack_unregister_cache(u_int32_t features);
387 271
388/* valid combinations: 272/* valid combinations:
389 * basic: nf_conn, nf_conn .. nf_conn_help 273 * basic: nf_conn, nf_conn .. nf_conn_help
390 * nat: nf_conn .. nf_conn_nat, nf_conn .. nf_conn_nat, nf_conn help 274 * nat: nf_conn .. nf_conn_nat, nf_conn .. nf_conn_nat .. nf_conn help
391 */ 275 */
276#ifdef CONFIG_NF_NAT_NEEDED
277static inline struct nf_conn_nat *nfct_nat(const struct nf_conn *ct)
278{
279 unsigned int offset = sizeof(struct nf_conn);
280
281 if (!(ct->features & NF_CT_F_NAT))
282 return NULL;
283
284 offset = ALIGN(offset, __alignof__(struct nf_conn_nat));
285 return (struct nf_conn_nat *) ((void *)ct + offset);
286}
287
392static inline struct nf_conn_help *nfct_help(const struct nf_conn *ct) 288static inline struct nf_conn_help *nfct_help(const struct nf_conn *ct)
393{ 289{
394 unsigned int offset = sizeof(struct nf_conn); 290 unsigned int offset = sizeof(struct nf_conn);
395 291
396 if (!(ct->features & NF_CT_F_HELP)) 292 if (!(ct->features & NF_CT_F_HELP))
397 return NULL; 293 return NULL;
294 if (ct->features & NF_CT_F_NAT) {
295 offset = ALIGN(offset, __alignof__(struct nf_conn_nat));
296 offset += sizeof(struct nf_conn_nat);
297 }
398 298
299 offset = ALIGN(offset, __alignof__(struct nf_conn_help));
399 return (struct nf_conn_help *) ((void *)ct + offset); 300 return (struct nf_conn_help *) ((void *)ct + offset);
400} 301}
302#else /* No NAT */
303static inline struct nf_conn_help *nfct_help(const struct nf_conn *ct)
304{
305 unsigned int offset = sizeof(struct nf_conn);
306
307 if (!(ct->features & NF_CT_F_HELP))
308 return NULL;
401 309
310 offset = ALIGN(offset, __alignof__(struct nf_conn_help));
311 return (struct nf_conn_help *) ((void *)ct + offset);
312}
313#endif /* CONFIG_NF_NAT_NEEDED */
402#endif /* __KERNEL__ */ 314#endif /* __KERNEL__ */
403#endif /* _NF_CONNTRACK_H */ 315#endif /* _NF_CONNTRACK_H */
diff --git a/include/net/netfilter/nf_conntrack_core.h b/include/net/netfilter/nf_conntrack_core.h
index da254525a4ce..7fdc72c01356 100644
--- a/include/net/netfilter/nf_conntrack_core.h
+++ b/include/net/netfilter/nf_conntrack_core.h
@@ -13,6 +13,9 @@
13#define _NF_CONNTRACK_CORE_H 13#define _NF_CONNTRACK_CORE_H
14 14
15#include <linux/netfilter.h> 15#include <linux/netfilter.h>
16#include <net/netfilter/nf_conntrack_l3proto.h>
17#include <net/netfilter/nf_conntrack_l4proto.h>
18#include <net/netfilter/nf_conntrack_ecache.h>
16 19
17/* This header is used to share core functionality between the 20/* This header is used to share core functionality between the
18 standalone connection tracking module, and the compatibility layer's use 21 standalone connection tracking module, and the compatibility layer's use
@@ -29,7 +32,7 @@ extern struct nf_conntrack_l3proto *nf_ct_find_l3proto(u_int16_t pf);
29/* Like above, but you already have conntrack read lock. */ 32/* Like above, but you already have conntrack read lock. */
30extern struct nf_conntrack_l3proto *__nf_ct_find_l3proto(u_int16_t l3proto); 33extern struct nf_conntrack_l3proto *__nf_ct_find_l3proto(u_int16_t l3proto);
31 34
32struct nf_conntrack_protocol; 35struct nf_conntrack_l4proto;
33 36
34extern int 37extern int
35nf_ct_get_tuple(const struct sk_buff *skb, 38nf_ct_get_tuple(const struct sk_buff *skb,
@@ -39,13 +42,13 @@ nf_ct_get_tuple(const struct sk_buff *skb,
39 u_int8_t protonum, 42 u_int8_t protonum,
40 struct nf_conntrack_tuple *tuple, 43 struct nf_conntrack_tuple *tuple,
41 const struct nf_conntrack_l3proto *l3proto, 44 const struct nf_conntrack_l3proto *l3proto,
42 const struct nf_conntrack_protocol *protocol); 45 const struct nf_conntrack_l4proto *l4proto);
43 46
44extern int 47extern int
45nf_ct_invert_tuple(struct nf_conntrack_tuple *inverse, 48nf_ct_invert_tuple(struct nf_conntrack_tuple *inverse,
46 const struct nf_conntrack_tuple *orig, 49 const struct nf_conntrack_tuple *orig,
47 const struct nf_conntrack_l3proto *l3proto, 50 const struct nf_conntrack_l3proto *l3proto,
48 const struct nf_conntrack_protocol *protocol); 51 const struct nf_conntrack_l4proto *l4proto);
49 52
50/* Find a connection corresponding to a tuple. */ 53/* Find a connection corresponding to a tuple. */
51extern struct nf_conntrack_tuple_hash * 54extern struct nf_conntrack_tuple_hash *
@@ -70,7 +73,14 @@ static inline int nf_conntrack_confirm(struct sk_buff **pskb)
70 73
71extern void __nf_conntrack_attach(struct sk_buff *nskb, struct sk_buff *skb); 74extern void __nf_conntrack_attach(struct sk_buff *nskb, struct sk_buff *skb);
72 75
76int
77print_tuple(struct seq_file *s, const struct nf_conntrack_tuple *tuple,
78 struct nf_conntrack_l3proto *l3proto,
79 struct nf_conntrack_l4proto *proto);
80
73extern struct list_head *nf_conntrack_hash; 81extern struct list_head *nf_conntrack_hash;
74extern struct list_head nf_conntrack_expect_list; 82extern struct list_head nf_conntrack_expect_list;
75extern rwlock_t nf_conntrack_lock ; 83extern rwlock_t nf_conntrack_lock ;
84extern struct list_head unconfirmed;
85
76#endif /* _NF_CONNTRACK_CORE_H */ 86#endif /* _NF_CONNTRACK_CORE_H */
diff --git a/include/net/netfilter/nf_conntrack_ecache.h b/include/net/netfilter/nf_conntrack_ecache.h
new file mode 100644
index 000000000000..b62a8a9ec9d8
--- /dev/null
+++ b/include/net/netfilter/nf_conntrack_ecache.h
@@ -0,0 +1,95 @@
1/*
2 * connection tracking event cache.
3 */
4
5#ifndef _NF_CONNTRACK_ECACHE_H
6#define _NF_CONNTRACK_ECACHE_H
7#include <net/netfilter/nf_conntrack.h>
8
9#include <linux/notifier.h>
10#include <linux/interrupt.h>
11#include <net/netfilter/nf_conntrack_expect.h>
12
13#ifdef CONFIG_NF_CONNTRACK_EVENTS
14struct nf_conntrack_ecache {
15 struct nf_conn *ct;
16 unsigned int events;
17};
18DECLARE_PER_CPU(struct nf_conntrack_ecache, nf_conntrack_ecache);
19
20#define CONNTRACK_ECACHE(x) (__get_cpu_var(nf_conntrack_ecache).x)
21
22extern struct atomic_notifier_head nf_conntrack_chain;
23extern struct atomic_notifier_head nf_conntrack_expect_chain;
24
25static inline int nf_conntrack_register_notifier(struct notifier_block *nb)
26{
27 return atomic_notifier_chain_register(&nf_conntrack_chain, nb);
28}
29
30static inline int nf_conntrack_unregister_notifier(struct notifier_block *nb)
31{
32 return atomic_notifier_chain_unregister(&nf_conntrack_chain, nb);
33}
34
35static inline int
36nf_conntrack_expect_register_notifier(struct notifier_block *nb)
37{
38 return atomic_notifier_chain_register(&nf_conntrack_expect_chain, nb);
39}
40
41static inline int
42nf_conntrack_expect_unregister_notifier(struct notifier_block *nb)
43{
44 return atomic_notifier_chain_unregister(&nf_conntrack_expect_chain,
45 nb);
46}
47
48extern void nf_ct_deliver_cached_events(const struct nf_conn *ct);
49extern void __nf_ct_event_cache_init(struct nf_conn *ct);
50extern void nf_ct_event_cache_flush(void);
51
52static inline void
53nf_conntrack_event_cache(enum ip_conntrack_events event,
54 const struct sk_buff *skb)
55{
56 struct nf_conn *ct = (struct nf_conn *)skb->nfct;
57 struct nf_conntrack_ecache *ecache;
58
59 local_bh_disable();
60 ecache = &__get_cpu_var(nf_conntrack_ecache);
61 if (ct != ecache->ct)
62 __nf_ct_event_cache_init(ct);
63 ecache->events |= event;
64 local_bh_enable();
65}
66
67static inline void nf_conntrack_event(enum ip_conntrack_events event,
68 struct nf_conn *ct)
69{
70 if (nf_ct_is_confirmed(ct) && !nf_ct_is_dying(ct))
71 atomic_notifier_call_chain(&nf_conntrack_chain, event, ct);
72}
73
74static inline void
75nf_conntrack_expect_event(enum ip_conntrack_expect_events event,
76 struct nf_conntrack_expect *exp)
77{
78 atomic_notifier_call_chain(&nf_conntrack_expect_chain, event, exp);
79}
80
81#else /* CONFIG_NF_CONNTRACK_EVENTS */
82
83static inline void nf_conntrack_event_cache(enum ip_conntrack_events event,
84 const struct sk_buff *skb) {}
85static inline void nf_conntrack_event(enum ip_conntrack_events event,
86 struct nf_conn *ct) {}
87static inline void nf_ct_deliver_cached_events(const struct nf_conn *ct) {}
88static inline void
89nf_conntrack_expect_event(enum ip_conntrack_expect_events event,
90 struct nf_conntrack_expect *exp) {}
91static inline void nf_ct_event_cache_flush(void) {}
92#endif /* CONFIG_NF_CONNTRACK_EVENTS */
93
94#endif /*_NF_CONNTRACK_ECACHE_H*/
95
diff --git a/include/net/netfilter/nf_conntrack_expect.h b/include/net/netfilter/nf_conntrack_expect.h
new file mode 100644
index 000000000000..cef3136e22a3
--- /dev/null
+++ b/include/net/netfilter/nf_conntrack_expect.h
@@ -0,0 +1,80 @@
1/*
2 * connection tracking expectations.
3 */
4
5#ifndef _NF_CONNTRACK_EXPECT_H
6#define _NF_CONNTRACK_EXPECT_H
7#include <net/netfilter/nf_conntrack.h>
8
9extern struct list_head nf_conntrack_expect_list;
10extern kmem_cache_t *nf_conntrack_expect_cachep;
11extern struct file_operations exp_file_ops;
12
13struct nf_conntrack_expect
14{
15 /* Internal linked list (global expectation list) */
16 struct list_head list;
17
18 /* We expect this tuple, with the following mask */
19 struct nf_conntrack_tuple tuple, mask;
20
21 /* Function to call after setup and insertion */
22 void (*expectfn)(struct nf_conn *new,
23 struct nf_conntrack_expect *this);
24
25 /* Helper to assign to new connection */
26 struct nf_conntrack_helper *helper;
27
28 /* The conntrack of the master connection */
29 struct nf_conn *master;
30
31 /* Timer function; deletes the expectation. */
32 struct timer_list timeout;
33
34 /* Usage count. */
35 atomic_t use;
36
37 /* Unique ID */
38 unsigned int id;
39
40 /* Flags */
41 unsigned int flags;
42
43#ifdef CONFIG_NF_NAT_NEEDED
44 __be32 saved_ip;
45 /* This is the original per-proto part, used to map the
46 * expected connection the way the recipient expects. */
47 union nf_conntrack_man_proto saved_proto;
48 /* Direction relative to the master connection. */
49 enum ip_conntrack_dir dir;
50#endif
51};
52
53#define NF_CT_EXPECT_PERMANENT 0x1
54
55
56struct nf_conntrack_expect *
57__nf_conntrack_expect_find(const struct nf_conntrack_tuple *tuple);
58
59struct nf_conntrack_expect *
60nf_conntrack_expect_find_get(const struct nf_conntrack_tuple *tuple);
61
62struct nf_conntrack_expect *
63find_expectation(const struct nf_conntrack_tuple *tuple);
64
65void nf_ct_unlink_expect(struct nf_conntrack_expect *exp);
66void nf_ct_remove_expectations(struct nf_conn *ct);
67void nf_conntrack_unexpect_related(struct nf_conntrack_expect *exp);
68
69/* Allocate space for an expectation: this is mandatory before calling
70 nf_conntrack_expect_related. You will have to call put afterwards. */
71struct nf_conntrack_expect *nf_conntrack_expect_alloc(struct nf_conn *me);
72void nf_conntrack_expect_init(struct nf_conntrack_expect *, int,
73 union nf_conntrack_address *,
74 union nf_conntrack_address *,
75 u_int8_t, __be16 *, __be16 *);
76void nf_conntrack_expect_put(struct nf_conntrack_expect *exp);
77int nf_conntrack_expect_related(struct nf_conntrack_expect *expect);
78
79#endif /*_NF_CONNTRACK_EXPECT_H*/
80
diff --git a/include/net/netfilter/nf_conntrack_helper.h b/include/net/netfilter/nf_conntrack_helper.h
index 86ec8174ad02..8c72ac9f0ab8 100644
--- a/include/net/netfilter/nf_conntrack_helper.h
+++ b/include/net/netfilter/nf_conntrack_helper.h
@@ -34,20 +34,22 @@ struct nf_conntrack_helper
34 struct nf_conn *ct, 34 struct nf_conn *ct,
35 enum ip_conntrack_info conntrackinfo); 35 enum ip_conntrack_info conntrackinfo);
36 36
37 void (*destroy)(struct nf_conn *ct);
38
37 int (*to_nfattr)(struct sk_buff *skb, const struct nf_conn *ct); 39 int (*to_nfattr)(struct sk_buff *skb, const struct nf_conn *ct);
38}; 40};
39 41
40extern int nf_conntrack_helper_register(struct nf_conntrack_helper *); 42extern struct nf_conntrack_helper *
41extern void nf_conntrack_helper_unregister(struct nf_conntrack_helper *); 43__nf_ct_helper_find(const struct nf_conntrack_tuple *tuple);
42 44
43/* Allocate space for an expectation: this is mandatory before calling 45extern struct nf_conntrack_helper *
44 nf_conntrack_expect_related. You will have to call put afterwards. */ 46nf_ct_helper_find_get( const struct nf_conntrack_tuple *tuple);
45extern struct nf_conntrack_expect *
46nf_conntrack_expect_alloc(struct nf_conn *master);
47extern void nf_conntrack_expect_put(struct nf_conntrack_expect *exp);
48 47
49/* Add an expected connection: can have more than one per connection */ 48extern struct nf_conntrack_helper *
50extern int nf_conntrack_expect_related(struct nf_conntrack_expect *exp); 49__nf_conntrack_helper_find_byname(const char *name);
51extern void nf_conntrack_unexpect_related(struct nf_conntrack_expect *exp); 50
51extern void nf_ct_helper_put(struct nf_conntrack_helper *helper);
52extern int nf_conntrack_helper_register(struct nf_conntrack_helper *);
53extern void nf_conntrack_helper_unregister(struct nf_conntrack_helper *);
52 54
53#endif /*_NF_CONNTRACK_HELPER_H*/ 55#endif /*_NF_CONNTRACK_HELPER_H*/
diff --git a/include/net/netfilter/nf_conntrack_l3proto.h b/include/net/netfilter/nf_conntrack_l3proto.h
index dac43b15a5b0..664ddcffe00d 100644
--- a/include/net/netfilter/nf_conntrack_l3proto.h
+++ b/include/net/netfilter/nf_conntrack_l3proto.h
@@ -18,9 +18,6 @@ struct nfattr;
18 18
19struct nf_conntrack_l3proto 19struct nf_conntrack_l3proto
20{ 20{
21 /* Next pointer. */
22 struct list_head list;
23
24 /* L3 Protocol Family number. ex) PF_INET */ 21 /* L3 Protocol Family number. ex) PF_INET */
25 u_int16_t l3proto; 22 u_int16_t l3proto;
26 23
@@ -78,6 +75,12 @@ struct nf_conntrack_l3proto
78 int (*nfattr_to_tuple)(struct nfattr *tb[], 75 int (*nfattr_to_tuple)(struct nfattr *tb[],
79 struct nf_conntrack_tuple *t); 76 struct nf_conntrack_tuple *t);
80 77
78#ifdef CONFIG_SYSCTL
79 struct ctl_table_header *ctl_table_header;
80 struct ctl_table *ctl_table_path;
81 struct ctl_table *ctl_table;
82#endif /* CONFIG_SYSCTL */
83
81 /* Module (if any) which this is connected to. */ 84 /* Module (if any) which this is connected to. */
82 struct module *me; 85 struct module *me;
83}; 86};
@@ -86,7 +89,7 @@ extern struct nf_conntrack_l3proto *nf_ct_l3protos[AF_MAX];
86 89
87/* Protocol registration. */ 90/* Protocol registration. */
88extern int nf_conntrack_l3proto_register(struct nf_conntrack_l3proto *proto); 91extern int nf_conntrack_l3proto_register(struct nf_conntrack_l3proto *proto);
89extern void nf_conntrack_l3proto_unregister(struct nf_conntrack_l3proto *proto); 92extern int nf_conntrack_l3proto_unregister(struct nf_conntrack_l3proto *proto);
90 93
91extern struct nf_conntrack_l3proto * 94extern struct nf_conntrack_l3proto *
92nf_ct_l3proto_find_get(u_int16_t l3proto); 95nf_ct_l3proto_find_get(u_int16_t l3proto);
@@ -96,13 +99,13 @@ extern void nf_ct_l3proto_put(struct nf_conntrack_l3proto *p);
96/* Existing built-in protocols */ 99/* Existing built-in protocols */
97extern struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv4; 100extern struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv4;
98extern struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv6; 101extern struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv6;
99extern struct nf_conntrack_l3proto nf_conntrack_generic_l3proto; 102extern struct nf_conntrack_l3proto nf_conntrack_l3proto_generic;
100 103
101static inline struct nf_conntrack_l3proto * 104static inline struct nf_conntrack_l3proto *
102__nf_ct_l3proto_find(u_int16_t l3proto) 105__nf_ct_l3proto_find(u_int16_t l3proto)
103{ 106{
104 if (unlikely(l3proto >= AF_MAX)) 107 if (unlikely(l3proto >= AF_MAX))
105 return &nf_conntrack_generic_l3proto; 108 return &nf_conntrack_l3proto_generic;
106 return nf_ct_l3protos[l3proto]; 109 return nf_ct_l3protos[l3proto];
107} 110}
108 111
diff --git a/include/net/netfilter/nf_conntrack_protocol.h b/include/net/netfilter/nf_conntrack_l4proto.h
index 1f33737fcea5..fc8af08ff542 100644
--- a/include/net/netfilter/nf_conntrack_protocol.h
+++ b/include/net/netfilter/nf_conntrack_l4proto.h
@@ -1,5 +1,5 @@
1/* 1/*
2 * Header for use in defining a given protocol for connection tracking. 2 * Header for use in defining a given L4 protocol for connection tracking.
3 * 3 *
4 * 16 Dec 2003: Yasuyuki Kozakai @USAGI <yasuyuki.kozakai@toshiba.co.jp> 4 * 16 Dec 2003: Yasuyuki Kozakai @USAGI <yasuyuki.kozakai@toshiba.co.jp>
5 * - generalized L3 protocol dependent part. 5 * - generalized L3 protocol dependent part.
@@ -7,23 +7,20 @@
7 * Derived from include/linux/netfiter_ipv4/ip_conntrack_protcol.h 7 * Derived from include/linux/netfiter_ipv4/ip_conntrack_protcol.h
8 */ 8 */
9 9
10#ifndef _NF_CONNTRACK_PROTOCOL_H 10#ifndef _NF_CONNTRACK_L4PROTO_H
11#define _NF_CONNTRACK_PROTOCOL_H 11#define _NF_CONNTRACK_L4PROTO_H
12#include <net/netfilter/nf_conntrack.h> 12#include <net/netfilter/nf_conntrack.h>
13 13
14struct seq_file; 14struct seq_file;
15struct nfattr; 15struct nfattr;
16 16
17struct nf_conntrack_protocol 17struct nf_conntrack_l4proto
18{ 18{
19 /* Next pointer. */
20 struct list_head list;
21
22 /* L3 Protocol number. */ 19 /* L3 Protocol number. */
23 u_int16_t l3proto; 20 u_int16_t l3proto;
24 21
25 /* Protocol number. */ 22 /* L4 Protocol number. */
26 u_int8_t proto; 23 u_int8_t l4proto;
27 24
28 /* Protocol name */ 25 /* Protocol name */
29 const char *name; 26 const char *name;
@@ -79,30 +76,40 @@ struct nf_conntrack_protocol
79 int (*nfattr_to_tuple)(struct nfattr *tb[], 76 int (*nfattr_to_tuple)(struct nfattr *tb[],
80 struct nf_conntrack_tuple *t); 77 struct nf_conntrack_tuple *t);
81 78
79#ifdef CONFIG_SYSCTL
80 struct ctl_table_header **ctl_table_header;
81 struct ctl_table *ctl_table;
82 unsigned int *ctl_table_users;
83#ifdef CONFIG_NF_CONNTRACK_PROC_COMPAT
84 struct ctl_table_header *ctl_compat_table_header;
85 struct ctl_table *ctl_compat_table;
86#endif
87#endif
88
82 /* Module (if any) which this is connected to. */ 89 /* Module (if any) which this is connected to. */
83 struct module *me; 90 struct module *me;
84}; 91};
85 92
86/* Existing built-in protocols */ 93/* Existing built-in protocols */
87extern struct nf_conntrack_protocol nf_conntrack_protocol_tcp6; 94extern struct nf_conntrack_l4proto nf_conntrack_l4proto_tcp6;
88extern struct nf_conntrack_protocol nf_conntrack_protocol_udp4; 95extern struct nf_conntrack_l4proto nf_conntrack_l4proto_udp4;
89extern struct nf_conntrack_protocol nf_conntrack_protocol_udp6; 96extern struct nf_conntrack_l4proto nf_conntrack_l4proto_udp6;
90extern struct nf_conntrack_protocol nf_conntrack_generic_protocol; 97extern struct nf_conntrack_l4proto nf_conntrack_l4proto_generic;
91 98
92#define MAX_NF_CT_PROTO 256 99#define MAX_NF_CT_PROTO 256
93extern struct nf_conntrack_protocol **nf_ct_protos[PF_MAX]; 100extern struct nf_conntrack_l4proto **nf_ct_protos[PF_MAX];
94 101
95extern struct nf_conntrack_protocol * 102extern struct nf_conntrack_l4proto *
96__nf_ct_proto_find(u_int16_t l3proto, u_int8_t protocol); 103__nf_ct_l4proto_find(u_int16_t l3proto, u_int8_t l4proto);
97 104
98extern struct nf_conntrack_protocol * 105extern struct nf_conntrack_l4proto *
99nf_ct_proto_find_get(u_int16_t l3proto, u_int8_t protocol); 106nf_ct_l4proto_find_get(u_int16_t l3proto, u_int8_t protocol);
100 107
101extern void nf_ct_proto_put(struct nf_conntrack_protocol *p); 108extern void nf_ct_l4proto_put(struct nf_conntrack_l4proto *p);
102 109
103/* Protocol registration. */ 110/* Protocol registration. */
104extern int nf_conntrack_protocol_register(struct nf_conntrack_protocol *proto); 111extern int nf_conntrack_l4proto_register(struct nf_conntrack_l4proto *proto);
105extern void nf_conntrack_protocol_unregister(struct nf_conntrack_protocol *proto); 112extern int nf_conntrack_l4proto_unregister(struct nf_conntrack_l4proto *proto);
106 113
107/* Generic netlink helpers */ 114/* Generic netlink helpers */
108extern int nf_ct_port_tuple_to_nfattr(struct sk_buff *skb, 115extern int nf_ct_port_tuple_to_nfattr(struct sk_buff *skb,
diff --git a/include/net/netfilter/nf_conntrack_tuple.h b/include/net/netfilter/nf_conntrack_tuple.h
index 530ef1f75283..5d72b16e876f 100644
--- a/include/net/netfilter/nf_conntrack_tuple.h
+++ b/include/net/netfilter/nf_conntrack_tuple.h
@@ -24,10 +24,10 @@
24 24
25/* The l3 protocol-specific manipulable parts of the tuple: always in 25/* The l3 protocol-specific manipulable parts of the tuple: always in
26 network order! */ 26 network order! */
27union nf_conntrack_man_l3proto { 27union nf_conntrack_address {
28 u_int32_t all[NF_CT_TUPLE_L3SIZE]; 28 u_int32_t all[NF_CT_TUPLE_L3SIZE];
29 u_int32_t ip; 29 __be32 ip;
30 u_int32_t ip6[4]; 30 __be32 ip6[4];
31}; 31};
32 32
33/* The protocol-specific manipulable parts of the tuple: always in 33/* The protocol-specific manipulable parts of the tuple: always in
@@ -38,23 +38,26 @@ union nf_conntrack_man_proto
38 u_int16_t all; 38 u_int16_t all;
39 39
40 struct { 40 struct {
41 u_int16_t port; 41 __be16 port;
42 } tcp; 42 } tcp;
43 struct { 43 struct {
44 u_int16_t port; 44 __be16 port;
45 } udp; 45 } udp;
46 struct { 46 struct {
47 u_int16_t id; 47 __be16 id;
48 } icmp; 48 } icmp;
49 struct { 49 struct {
50 u_int16_t port; 50 __be16 port;
51 } sctp; 51 } sctp;
52 struct {
53 __be16 key; /* GRE key is 32bit, PPtP only uses 16bit */
54 } gre;
52}; 55};
53 56
54/* The manipulable part of the tuple. */ 57/* The manipulable part of the tuple. */
55struct nf_conntrack_man 58struct nf_conntrack_man
56{ 59{
57 union nf_conntrack_man_l3proto u3; 60 union nf_conntrack_address u3;
58 union nf_conntrack_man_proto u; 61 union nf_conntrack_man_proto u;
59 /* Layer 3 protocol */ 62 /* Layer 3 protocol */
60 u_int16_t l3num; 63 u_int16_t l3num;
@@ -67,27 +70,26 @@ struct nf_conntrack_tuple
67 70
68 /* These are the parts of the tuple which are fixed. */ 71 /* These are the parts of the tuple which are fixed. */
69 struct { 72 struct {
70 union { 73 union nf_conntrack_address u3;
71 u_int32_t all[NF_CT_TUPLE_L3SIZE];
72 u_int32_t ip;
73 u_int32_t ip6[4];
74 } u3;
75 union { 74 union {
76 /* Add other protocols here. */ 75 /* Add other protocols here. */
77 u_int16_t all; 76 u_int16_t all;
78 77
79 struct { 78 struct {
80 u_int16_t port; 79 __be16 port;
81 } tcp; 80 } tcp;
82 struct { 81 struct {
83 u_int16_t port; 82 __be16 port;
84 } udp; 83 } udp;
85 struct { 84 struct {
86 u_int8_t type, code; 85 u_int8_t type, code;
87 } icmp; 86 } icmp;
88 struct { 87 struct {
89 u_int16_t port; 88 __be16 port;
90 } sctp; 89 } sctp;
90 struct {
91 __be16 key;
92 } gre;
91 } u; 93 } u;
92 94
93 /* The protocol. */ 95 /* The protocol. */
diff --git a/include/net/netfilter/nf_nat.h b/include/net/netfilter/nf_nat.h
new file mode 100644
index 000000000000..61c62068ca6b
--- /dev/null
+++ b/include/net/netfilter/nf_nat.h
@@ -0,0 +1,77 @@
1#ifndef _NF_NAT_H
2#define _NF_NAT_H
3#include <linux/netfilter_ipv4.h>
4#include <net/netfilter/nf_conntrack_tuple.h>
5
6#define NF_NAT_MAPPING_TYPE_MAX_NAMELEN 16
7
8enum nf_nat_manip_type
9{
10 IP_NAT_MANIP_SRC,
11 IP_NAT_MANIP_DST
12};
13
14/* SRC manip occurs POST_ROUTING or LOCAL_IN */
15#define HOOK2MANIP(hooknum) ((hooknum) != NF_IP_POST_ROUTING && (hooknum) != NF_IP_LOCAL_IN)
16
17#define IP_NAT_RANGE_MAP_IPS 1
18#define IP_NAT_RANGE_PROTO_SPECIFIED 2
19
20/* NAT sequence number modifications */
21struct nf_nat_seq {
22 /* position of the last TCP sequence number modification (if any) */
23 u_int32_t correction_pos;
24
25 /* sequence number offset before and after last modification */
26 int16_t offset_before, offset_after;
27};
28
29/* Single range specification. */
30struct nf_nat_range
31{
32 /* Set to OR of flags above. */
33 unsigned int flags;
34
35 /* Inclusive: network order. */
36 __be32 min_ip, max_ip;
37
38 /* Inclusive: network order */
39 union nf_conntrack_man_proto min, max;
40};
41
42/* For backwards compat: don't use in modern code. */
43struct nf_nat_multi_range_compat
44{
45 unsigned int rangesize; /* Must be 1. */
46
47 /* hangs off end. */
48 struct nf_nat_range range[1];
49};
50
51#ifdef __KERNEL__
52#include <linux/list.h>
53
54/* The structure embedded in the conntrack structure. */
55struct nf_nat_info
56{
57 struct list_head bysource;
58 struct nf_nat_seq seq[IP_CT_DIR_MAX];
59};
60
61struct nf_conn;
62
63/* Set up the info structure to map into this range. */
64extern unsigned int nf_nat_setup_info(struct nf_conn *ct,
65 const struct nf_nat_range *range,
66 unsigned int hooknum);
67
68/* Is this tuple already taken? (not by us)*/
69extern int nf_nat_used_tuple(const struct nf_conntrack_tuple *tuple,
70 const struct nf_conn *ignored_conntrack);
71
72extern int nf_nat_module_is_loaded;
73
74#else /* !__KERNEL__: iptables wants this to compile. */
75#define nf_nat_multi_range nf_nat_multi_range_compat
76#endif /*__KERNEL__*/
77#endif
diff --git a/include/net/netfilter/nf_nat_core.h b/include/net/netfilter/nf_nat_core.h
new file mode 100644
index 000000000000..9778ffa93440
--- /dev/null
+++ b/include/net/netfilter/nf_nat_core.h
@@ -0,0 +1,27 @@
1#ifndef _NF_NAT_CORE_H
2#define _NF_NAT_CORE_H
3#include <linux/list.h>
4#include <net/netfilter/nf_conntrack.h>
5
6/* This header used to share core functionality between the standalone
7 NAT module, and the compatibility layer's use of NAT for masquerading. */
8
9extern unsigned int nf_nat_packet(struct nf_conn *ct,
10 enum ip_conntrack_info ctinfo,
11 unsigned int hooknum,
12 struct sk_buff **pskb);
13
14extern int nf_nat_icmp_reply_translation(struct nf_conn *ct,
15 enum ip_conntrack_info ctinfo,
16 unsigned int hooknum,
17 struct sk_buff **pskb);
18
19static inline int nf_nat_initialized(struct nf_conn *ct,
20 enum nf_nat_manip_type manip)
21{
22 if (manip == IP_NAT_MANIP_SRC)
23 return test_bit(IPS_SRC_NAT_DONE_BIT, &ct->status);
24 else
25 return test_bit(IPS_DST_NAT_DONE_BIT, &ct->status);
26}
27#endif /* _NF_NAT_CORE_H */
diff --git a/include/net/netfilter/nf_nat_helper.h b/include/net/netfilter/nf_nat_helper.h
new file mode 100644
index 000000000000..ec98ecf95fc8
--- /dev/null
+++ b/include/net/netfilter/nf_nat_helper.h
@@ -0,0 +1,32 @@
1#ifndef _NF_NAT_HELPER_H
2#define _NF_NAT_HELPER_H
3/* NAT protocol helper routines. */
4
5#include <net/netfilter/nf_conntrack.h>
6
7struct sk_buff;
8
9/* These return true or false. */
10extern int nf_nat_mangle_tcp_packet(struct sk_buff **skb,
11 struct nf_conn *ct,
12 enum ip_conntrack_info ctinfo,
13 unsigned int match_offset,
14 unsigned int match_len,
15 const char *rep_buffer,
16 unsigned int rep_len);
17extern int nf_nat_mangle_udp_packet(struct sk_buff **skb,
18 struct nf_conn *ct,
19 enum ip_conntrack_info ctinfo,
20 unsigned int match_offset,
21 unsigned int match_len,
22 const char *rep_buffer,
23 unsigned int rep_len);
24extern int nf_nat_seq_adjust(struct sk_buff **pskb,
25 struct nf_conn *ct,
26 enum ip_conntrack_info ctinfo);
27
28/* Setup NAT on this expected conntrack so it follows master, but goes
29 * to port ct->master->saved_proto. */
30extern void nf_nat_follow_master(struct nf_conn *ct,
31 struct nf_conntrack_expect *this);
32#endif
diff --git a/include/net/netfilter/nf_nat_protocol.h b/include/net/netfilter/nf_nat_protocol.h
new file mode 100644
index 000000000000..a9ec5ef61468
--- /dev/null
+++ b/include/net/netfilter/nf_nat_protocol.h
@@ -0,0 +1,70 @@
1/* Header for use in defining a given protocol. */
2#ifndef _NF_NAT_PROTOCOL_H
3#define _NF_NAT_PROTOCOL_H
4#include <net/netfilter/nf_nat.h>
5#include <linux/netfilter/nfnetlink_conntrack.h>
6
7struct nf_nat_range;
8
9struct nf_nat_protocol
10{
11 /* Protocol name */
12 const char *name;
13
14 /* Protocol number. */
15 unsigned int protonum;
16
17 struct module *me;
18
19 /* Translate a packet to the target according to manip type.
20 Return true if succeeded. */
21 int (*manip_pkt)(struct sk_buff **pskb,
22 unsigned int iphdroff,
23 const struct nf_conntrack_tuple *tuple,
24 enum nf_nat_manip_type maniptype);
25
26 /* Is the manipable part of the tuple between min and max incl? */
27 int (*in_range)(const struct nf_conntrack_tuple *tuple,
28 enum nf_nat_manip_type maniptype,
29 const union nf_conntrack_man_proto *min,
30 const union nf_conntrack_man_proto *max);
31
32 /* Alter the per-proto part of the tuple (depending on
33 maniptype), to give a unique tuple in the given range if
34 possible; return false if not. Per-protocol part of tuple
35 is initialized to the incoming packet. */
36 int (*unique_tuple)(struct nf_conntrack_tuple *tuple,
37 const struct nf_nat_range *range,
38 enum nf_nat_manip_type maniptype,
39 const struct nf_conn *ct);
40
41 int (*range_to_nfattr)(struct sk_buff *skb,
42 const struct nf_nat_range *range);
43
44 int (*nfattr_to_range)(struct nfattr *tb[],
45 struct nf_nat_range *range);
46};
47
48/* Protocol registration. */
49extern int nf_nat_protocol_register(struct nf_nat_protocol *proto);
50extern void nf_nat_protocol_unregister(struct nf_nat_protocol *proto);
51
52extern struct nf_nat_protocol *nf_nat_proto_find_get(u_int8_t protocol);
53extern void nf_nat_proto_put(struct nf_nat_protocol *proto);
54
55/* Built-in protocols. */
56extern struct nf_nat_protocol nf_nat_protocol_tcp;
57extern struct nf_nat_protocol nf_nat_protocol_udp;
58extern struct nf_nat_protocol nf_nat_protocol_icmp;
59extern struct nf_nat_protocol nf_nat_unknown_protocol;
60
61extern int init_protocols(void) __init;
62extern void cleanup_protocols(void);
63extern struct nf_nat_protocol *find_nat_proto(u_int16_t protonum);
64
65extern int nf_nat_port_range_to_nfattr(struct sk_buff *skb,
66 const struct nf_nat_range *range);
67extern int nf_nat_port_nfattr_to_range(struct nfattr *tb[],
68 struct nf_nat_range *range);
69
70#endif /*_NF_NAT_PROTO_H*/
diff --git a/include/net/netfilter/nf_nat_rule.h b/include/net/netfilter/nf_nat_rule.h
new file mode 100644
index 000000000000..f191c672bcc6
--- /dev/null
+++ b/include/net/netfilter/nf_nat_rule.h
@@ -0,0 +1,35 @@
1#ifndef _NF_NAT_RULE_H
2#define _NF_NAT_RULE_H
3#include <net/netfilter/nf_conntrack.h>
4#include <net/netfilter/nf_nat.h>
5#include <linux/netfilter_ipv4/ip_tables.h>
6
7/* Compatibility definitions for ipt_FOO modules */
8#define ip_nat_range nf_nat_range
9#define ip_conntrack_tuple nf_conntrack_tuple
10#define ip_conntrack_get nf_ct_get
11#define ip_conntrack nf_conn
12#define ip_nat_setup_info nf_nat_setup_info
13#define ip_nat_multi_range_compat nf_nat_multi_range_compat
14#define ip_ct_iterate_cleanup nf_ct_iterate_cleanup
15#define IP_NF_ASSERT NF_CT_ASSERT
16
17extern int nf_nat_rule_init(void) __init;
18extern void nf_nat_rule_cleanup(void);
19extern int nf_nat_rule_find(struct sk_buff **pskb,
20 unsigned int hooknum,
21 const struct net_device *in,
22 const struct net_device *out,
23 struct nf_conn *ct,
24 struct nf_nat_info *info);
25
26extern unsigned int
27alloc_null_binding(struct nf_conn *ct,
28 struct nf_nat_info *info,
29 unsigned int hooknum);
30
31extern unsigned int
32alloc_null_binding_confirmed(struct nf_conn *ct,
33 struct nf_nat_info *info,
34 unsigned int hooknum);
35#endif /* _NF_NAT_RULE_H */
diff --git a/include/net/netlabel.h b/include/net/netlabel.h
index 12c214b9eadf..83da7e1f0d3d 100644
--- a/include/net/netlabel.h
+++ b/include/net/netlabel.h
@@ -111,13 +111,34 @@ struct netlbl_lsm_cache {
111 void (*free) (const void *data); 111 void (*free) (const void *data);
112 void *data; 112 void *data;
113}; 113};
114/* The catmap bitmap field MUST be a power of two in length and large
115 * enough to hold at least 240 bits. Special care (i.e. check the code!)
116 * should be used when changing these values as the LSM implementation
117 * probably has functions which rely on the sizes of these types to speed
118 * processing. */
119#define NETLBL_CATMAP_MAPTYPE u64
120#define NETLBL_CATMAP_MAPCNT 4
121#define NETLBL_CATMAP_MAPSIZE (sizeof(NETLBL_CATMAP_MAPTYPE) * 8)
122#define NETLBL_CATMAP_SIZE (NETLBL_CATMAP_MAPSIZE * \
123 NETLBL_CATMAP_MAPCNT)
124#define NETLBL_CATMAP_BIT (NETLBL_CATMAP_MAPTYPE)0x01
125struct netlbl_lsm_secattr_catmap {
126 u32 startbit;
127 NETLBL_CATMAP_MAPTYPE bitmap[NETLBL_CATMAP_MAPCNT];
128 struct netlbl_lsm_secattr_catmap *next;
129};
130#define NETLBL_SECATTR_NONE 0x00000000
131#define NETLBL_SECATTR_DOMAIN 0x00000001
132#define NETLBL_SECATTR_CACHE 0x00000002
133#define NETLBL_SECATTR_MLS_LVL 0x00000004
134#define NETLBL_SECATTR_MLS_CAT 0x00000008
114struct netlbl_lsm_secattr { 135struct netlbl_lsm_secattr {
136 u32 flags;
137
115 char *domain; 138 char *domain;
116 139
117 u32 mls_lvl; 140 u32 mls_lvl;
118 u32 mls_lvl_vld; 141 struct netlbl_lsm_secattr_catmap *mls_cat;
119 unsigned char *mls_cat;
120 size_t mls_cat_len;
121 142
122 struct netlbl_lsm_cache *cache; 143 struct netlbl_lsm_cache *cache;
123}; 144};
@@ -165,18 +186,54 @@ static inline void netlbl_secattr_cache_free(struct netlbl_lsm_cache *cache)
165} 186}
166 187
167/** 188/**
189 * netlbl_secattr_catmap_alloc - Allocate a LSM secattr catmap
190 * @flags: memory allocation flags
191 *
192 * Description:
193 * Allocate memory for a LSM secattr catmap, returns a pointer on success, NULL
194 * on failure.
195 *
196 */
197static inline struct netlbl_lsm_secattr_catmap *netlbl_secattr_catmap_alloc(
198 gfp_t flags)
199{
200 return kzalloc(sizeof(struct netlbl_lsm_secattr_catmap), flags);
201}
202
203/**
204 * netlbl_secattr_catmap_free - Free a LSM secattr catmap
205 * @catmap: the category bitmap
206 *
207 * Description:
208 * Free a LSM secattr catmap.
209 *
210 */
211static inline void netlbl_secattr_catmap_free(
212 struct netlbl_lsm_secattr_catmap *catmap)
213{
214 struct netlbl_lsm_secattr_catmap *iter;
215
216 do {
217 iter = catmap;
218 catmap = catmap->next;
219 kfree(iter);
220 } while (catmap);
221}
222
223/**
168 * netlbl_secattr_init - Initialize a netlbl_lsm_secattr struct 224 * netlbl_secattr_init - Initialize a netlbl_lsm_secattr struct
169 * @secattr: the struct to initialize 225 * @secattr: the struct to initialize
170 * 226 *
171 * Description: 227 * Description:
172 * Initialize an already allocated netlbl_lsm_secattr struct. Returns zero on 228 * Initialize an already allocated netlbl_lsm_secattr struct.
173 * success, negative values on error.
174 * 229 *
175 */ 230 */
176static inline int netlbl_secattr_init(struct netlbl_lsm_secattr *secattr) 231static inline void netlbl_secattr_init(struct netlbl_lsm_secattr *secattr)
177{ 232{
178 memset(secattr, 0, sizeof(*secattr)); 233 secattr->flags = 0;
179 return 0; 234 secattr->domain = NULL;
235 secattr->mls_cat = NULL;
236 secattr->cache = NULL;
180} 237}
181 238
182/** 239/**
@@ -193,7 +250,8 @@ static inline void netlbl_secattr_destroy(struct netlbl_lsm_secattr *secattr)
193 if (secattr->cache) 250 if (secattr->cache)
194 netlbl_secattr_cache_free(secattr->cache); 251 netlbl_secattr_cache_free(secattr->cache);
195 kfree(secattr->domain); 252 kfree(secattr->domain);
196 kfree(secattr->mls_cat); 253 if (secattr->mls_cat)
254 netlbl_secattr_catmap_free(secattr->mls_cat);
197} 255}
198 256
199/** 257/**
@@ -205,7 +263,7 @@ static inline void netlbl_secattr_destroy(struct netlbl_lsm_secattr *secattr)
205 * pointer on success, or NULL on failure. 263 * pointer on success, or NULL on failure.
206 * 264 *
207 */ 265 */
208static inline struct netlbl_lsm_secattr *netlbl_secattr_alloc(int flags) 266static inline struct netlbl_lsm_secattr *netlbl_secattr_alloc(gfp_t flags)
209{ 267{
210 return kzalloc(sizeof(struct netlbl_lsm_secattr), flags); 268 return kzalloc(sizeof(struct netlbl_lsm_secattr), flags);
211} 269}
@@ -224,6 +282,51 @@ static inline void netlbl_secattr_free(struct netlbl_lsm_secattr *secattr)
224 kfree(secattr); 282 kfree(secattr);
225} 283}
226 284
285#ifdef CONFIG_NETLABEL
286int netlbl_secattr_catmap_walk(struct netlbl_lsm_secattr_catmap *catmap,
287 u32 offset);
288int netlbl_secattr_catmap_walk_rng(struct netlbl_lsm_secattr_catmap *catmap,
289 u32 offset);
290int netlbl_secattr_catmap_setbit(struct netlbl_lsm_secattr_catmap *catmap,
291 u32 bit,
292 gfp_t flags);
293int netlbl_secattr_catmap_setrng(struct netlbl_lsm_secattr_catmap *catmap,
294 u32 start,
295 u32 end,
296 gfp_t flags);
297#else
298static inline int netlbl_secattr_catmap_walk(
299 struct netlbl_lsm_secattr_catmap *catmap,
300 u32 offset)
301{
302 return -ENOENT;
303}
304
305static inline int netlbl_secattr_catmap_walk_rng(
306 struct netlbl_lsm_secattr_catmap *catmap,
307 u32 offset)
308{
309 return -ENOENT;
310}
311
312static inline int netlbl_secattr_catmap_setbit(
313 struct netlbl_lsm_secattr_catmap *catmap,
314 u32 bit,
315 gfp_t flags)
316{
317 return 0;
318}
319
320static inline int netlbl_secattr_catmap_setrng(
321 struct netlbl_lsm_secattr_catmap *catmap,
322 u32 start,
323 u32 end,
324 gfp_t flags)
325{
326 return 0;
327}
328#endif
329
227/* 330/*
228 * LSM protocol operations 331 * LSM protocol operations
229 */ 332 */
diff --git a/include/net/netlink.h b/include/net/netlink.h
index ce5cba19c393..bcaf67b7a19d 100644
--- a/include/net/netlink.h
+++ b/include/net/netlink.h
@@ -3,6 +3,7 @@
3 3
4#include <linux/types.h> 4#include <linux/types.h>
5#include <linux/netlink.h> 5#include <linux/netlink.h>
6#include <linux/jiffies.h>
6 7
7/* ======================================================================== 8/* ========================================================================
8 * Netlink Messages and Attributes Interface (As Seen On TV) 9 * Netlink Messages and Attributes Interface (As Seen On TV)
@@ -500,14 +501,15 @@ static inline struct nlmsghdr *nlmsg_put_answer(struct sk_buff *skb,
500 501
501/** 502/**
502 * nlmsg_new - Allocate a new netlink message 503 * nlmsg_new - Allocate a new netlink message
503 * @size: maximum size of message 504 * @payload: size of the message payload
504 * @flags: the type of memory to allocate. 505 * @flags: the type of memory to allocate.
505 * 506 *
506 * Use NLMSG_GOODSIZE if size isn't know and you need a good default size. 507 * Use NLMSG_DEFAULT_SIZE if the size of the payload isn't known
508 * and a good default is needed.
507 */ 509 */
508static inline struct sk_buff *nlmsg_new(int size, gfp_t flags) 510static inline struct sk_buff *nlmsg_new(size_t payload, gfp_t flags)
509{ 511{
510 return alloc_skb(size, flags); 512 return alloc_skb(nlmsg_total_size(payload), flags);
511} 513}
512 514
513/** 515/**
@@ -828,6 +830,9 @@ static inline int nla_put_msecs(struct sk_buff *skb, int attrtype,
828#define NLA_PUT_U16(skb, attrtype, value) \ 830#define NLA_PUT_U16(skb, attrtype, value) \
829 NLA_PUT_TYPE(skb, u16, attrtype, value) 831 NLA_PUT_TYPE(skb, u16, attrtype, value)
830 832
833#define NLA_PUT_LE16(skb, attrtype, value) \
834 NLA_PUT_TYPE(skb, __le16, attrtype, value)
835
831#define NLA_PUT_U32(skb, attrtype, value) \ 836#define NLA_PUT_U32(skb, attrtype, value) \
832 NLA_PUT_TYPE(skb, u32, attrtype, value) 837 NLA_PUT_TYPE(skb, u32, attrtype, value)
833 838
@@ -874,6 +879,15 @@ static inline u16 nla_get_u16(struct nlattr *nla)
874} 879}
875 880
876/** 881/**
882 * nla_get_le16 - return payload of __le16 attribute
883 * @nla: __le16 netlink attribute
884 */
885static inline __le16 nla_get_le16(struct nlattr *nla)
886{
887 return *(__le16 *) nla_data(nla);
888}
889
890/**
877 * nla_get_u8 - return payload of u8 attribute 891 * nla_get_u8 - return payload of u8 attribute
878 * @nla: u8 netlink attribute 892 * @nla: u8 netlink attribute
879 */ 893 */
diff --git a/include/net/protocol.h b/include/net/protocol.h
index c643bce64e55..105bf12b0c79 100644
--- a/include/net/protocol.h
+++ b/include/net/protocol.h
@@ -50,7 +50,7 @@ struct inet6_protocol
50 void (*err_handler)(struct sk_buff *skb, 50 void (*err_handler)(struct sk_buff *skb,
51 struct inet6_skb_parm *opt, 51 struct inet6_skb_parm *opt,
52 int type, int code, int offset, 52 int type, int code, int offset,
53 __u32 info); 53 __be32 info);
54 54
55 int (*gso_send_check)(struct sk_buff *skb); 55 int (*gso_send_check)(struct sk_buff *skb);
56 struct sk_buff *(*gso_segment)(struct sk_buff *skb, 56 struct sk_buff *(*gso_segment)(struct sk_buff *skb,
@@ -71,7 +71,7 @@ struct inet_protosw {
71 71
72 /* These two fields form the lookup key. */ 72 /* These two fields form the lookup key. */
73 unsigned short type; /* This is the 2nd argument to socket(2). */ 73 unsigned short type; /* This is the 2nd argument to socket(2). */
74 int protocol; /* This is the L4 protocol number. */ 74 unsigned short protocol; /* This is the L4 protocol number. */
75 75
76 struct proto *prot; 76 struct proto *prot;
77 const struct proto_ops *ops; 77 const struct proto_ops *ops;
diff --git a/include/net/rawv6.h b/include/net/rawv6.h
index 14476a71725e..af8960878ef4 100644
--- a/include/net/rawv6.h
+++ b/include/net/rawv6.h
@@ -21,7 +21,7 @@ extern void rawv6_err(struct sock *sk,
21 struct sk_buff *skb, 21 struct sk_buff *skb,
22 struct inet6_skb_parm *opt, 22 struct inet6_skb_parm *opt,
23 int type, int code, 23 int type, int code,
24 int offset, u32 info); 24 int offset, __be32 info);
25 25
26#endif 26#endif
27 27
diff --git a/include/net/request_sock.h b/include/net/request_sock.h
index 8e165ca16bd8..e37baaf2080b 100644
--- a/include/net/request_sock.h
+++ b/include/net/request_sock.h
@@ -28,14 +28,15 @@ struct proto;
28 28
29struct request_sock_ops { 29struct request_sock_ops {
30 int family; 30 int family;
31 kmem_cache_t *slab;
32 int obj_size; 31 int obj_size;
32 kmem_cache_t *slab;
33 int (*rtx_syn_ack)(struct sock *sk, 33 int (*rtx_syn_ack)(struct sock *sk,
34 struct request_sock *req, 34 struct request_sock *req,
35 struct dst_entry *dst); 35 struct dst_entry *dst);
36 void (*send_ack)(struct sk_buff *skb, 36 void (*send_ack)(struct sk_buff *skb,
37 struct request_sock *req); 37 struct request_sock *req);
38 void (*send_reset)(struct sk_buff *skb); 38 void (*send_reset)(struct sock *sk,
39 struct sk_buff *skb);
39 void (*destructor)(struct request_sock *req); 40 void (*destructor)(struct request_sock *req);
40}; 41};
41 42
@@ -51,12 +52,13 @@ struct request_sock {
51 u32 rcv_wnd; /* rcv_wnd offered first time */ 52 u32 rcv_wnd; /* rcv_wnd offered first time */
52 u32 ts_recent; 53 u32 ts_recent;
53 unsigned long expires; 54 unsigned long expires;
54 struct request_sock_ops *rsk_ops; 55 const struct request_sock_ops *rsk_ops;
55 struct sock *sk; 56 struct sock *sk;
56 u32 secid; 57 u32 secid;
58 u32 peer_secid;
57}; 59};
58 60
59static inline struct request_sock *reqsk_alloc(struct request_sock_ops *ops) 61static inline struct request_sock *reqsk_alloc(const struct request_sock_ops *ops)
60{ 62{
61 struct request_sock *req = kmem_cache_alloc(ops->slab, SLAB_ATOMIC); 63 struct request_sock *req = kmem_cache_alloc(ops->slab, SLAB_ATOMIC);
62 64
@@ -120,7 +122,7 @@ struct request_sock_queue {
120}; 122};
121 123
122extern int reqsk_queue_alloc(struct request_sock_queue *queue, 124extern int reqsk_queue_alloc(struct request_sock_queue *queue,
123 const int nr_table_entries); 125 unsigned int nr_table_entries);
124 126
125static inline struct listen_sock *reqsk_queue_yank_listen_sk(struct request_sock_queue *queue) 127static inline struct listen_sock *reqsk_queue_yank_listen_sk(struct request_sock_queue *queue)
126{ 128{
diff --git a/include/net/sch_generic.h b/include/net/sch_generic.h
index b0e9108a4e18..82086392735a 100644
--- a/include/net/sch_generic.h
+++ b/include/net/sch_generic.h
@@ -60,6 +60,7 @@ struct Qdisc_class_ops
60 int (*graft)(struct Qdisc *, unsigned long cl, 60 int (*graft)(struct Qdisc *, unsigned long cl,
61 struct Qdisc *, struct Qdisc **); 61 struct Qdisc *, struct Qdisc **);
62 struct Qdisc * (*leaf)(struct Qdisc *, unsigned long cl); 62 struct Qdisc * (*leaf)(struct Qdisc *, unsigned long cl);
63 void (*qlen_notify)(struct Qdisc *, unsigned long);
63 64
64 /* Class manipulation routines */ 65 /* Class manipulation routines */
65 unsigned long (*get)(struct Qdisc *, u32 classid); 66 unsigned long (*get)(struct Qdisc *, u32 classid);
@@ -144,7 +145,7 @@ struct tcf_proto
144 void *root; 145 void *root;
145 int (*classify)(struct sk_buff*, struct tcf_proto*, 146 int (*classify)(struct sk_buff*, struct tcf_proto*,
146 struct tcf_result *); 147 struct tcf_result *);
147 u32 protocol; 148 __be16 protocol;
148 149
149 /* All the rest */ 150 /* All the rest */
150 u32 prio; 151 u32 prio;
@@ -172,9 +173,10 @@ extern void dev_activate(struct net_device *dev);
172extern void dev_deactivate(struct net_device *dev); 173extern void dev_deactivate(struct net_device *dev);
173extern void qdisc_reset(struct Qdisc *qdisc); 174extern void qdisc_reset(struct Qdisc *qdisc);
174extern void qdisc_destroy(struct Qdisc *qdisc); 175extern void qdisc_destroy(struct Qdisc *qdisc);
176extern void qdisc_tree_decrease_qlen(struct Qdisc *qdisc, unsigned int n);
175extern struct Qdisc *qdisc_alloc(struct net_device *dev, struct Qdisc_ops *ops); 177extern struct Qdisc *qdisc_alloc(struct net_device *dev, struct Qdisc_ops *ops);
176extern struct Qdisc *qdisc_create_dflt(struct net_device *dev, 178extern struct Qdisc *qdisc_create_dflt(struct net_device *dev,
177 struct Qdisc_ops *ops); 179 struct Qdisc_ops *ops, u32 parentid);
178 180
179static inline void 181static inline void
180tcf_destroy(struct tcf_proto *tp) 182tcf_destroy(struct tcf_proto *tp)
diff --git a/include/net/sctp/command.h b/include/net/sctp/command.h
index 807d6f1ef4b5..6114c4f54b0a 100644
--- a/include/net/sctp/command.h
+++ b/include/net/sctp/command.h
@@ -116,9 +116,11 @@ typedef enum {
116typedef union { 116typedef union {
117 __s32 i32; 117 __s32 i32;
118 __u32 u32; 118 __u32 u32;
119 __be32 be32;
119 __u16 u16; 120 __u16 u16;
120 __u8 u8; 121 __u8 u8;
121 int error; 122 int error;
123 __be16 err;
122 sctp_state_t state; 124 sctp_state_t state;
123 sctp_event_timeout_t to; 125 sctp_event_timeout_t to;
124 unsigned long zero; 126 unsigned long zero;
@@ -164,9 +166,11 @@ SCTP_## name (type arg) \
164 166
165SCTP_ARG_CONSTRUCTOR(I32, __s32, i32) 167SCTP_ARG_CONSTRUCTOR(I32, __s32, i32)
166SCTP_ARG_CONSTRUCTOR(U32, __u32, u32) 168SCTP_ARG_CONSTRUCTOR(U32, __u32, u32)
169SCTP_ARG_CONSTRUCTOR(BE32, __be32, be32)
167SCTP_ARG_CONSTRUCTOR(U16, __u16, u16) 170SCTP_ARG_CONSTRUCTOR(U16, __u16, u16)
168SCTP_ARG_CONSTRUCTOR(U8, __u8, u8) 171SCTP_ARG_CONSTRUCTOR(U8, __u8, u8)
169SCTP_ARG_CONSTRUCTOR(ERROR, int, error) 172SCTP_ARG_CONSTRUCTOR(ERROR, int, error)
173SCTP_ARG_CONSTRUCTOR(PERR, __be16, err) /* protocol error */
170SCTP_ARG_CONSTRUCTOR(STATE, sctp_state_t, state) 174SCTP_ARG_CONSTRUCTOR(STATE, sctp_state_t, state)
171SCTP_ARG_CONSTRUCTOR(TO, sctp_event_timeout_t, to) 175SCTP_ARG_CONSTRUCTOR(TO, sctp_event_timeout_t, to)
172SCTP_ARG_CONSTRUCTOR(PTR, void *, ptr) 176SCTP_ARG_CONSTRUCTOR(PTR, void *, ptr)
diff --git a/include/net/sctp/constants.h b/include/net/sctp/constants.h
index 6c632e26f72d..5ddb85599863 100644
--- a/include/net/sctp/constants.h
+++ b/include/net/sctp/constants.h
@@ -356,7 +356,7 @@ typedef enum {
356 * addresses. 356 * addresses.
357 */ 357 */
358#define IS_IPV4_UNUSABLE_ADDRESS(a) \ 358#define IS_IPV4_UNUSABLE_ADDRESS(a) \
359 ((INADDR_BROADCAST == *a) || \ 359 ((htonl(INADDR_BROADCAST) == *a) || \
360 (MULTICAST(*a)) || \ 360 (MULTICAST(*a)) || \
361 (((unsigned char *)(a))[0] == 0) || \ 361 (((unsigned char *)(a))[0] == 0) || \
362 ((((unsigned char *)(a))[0] == 198) && \ 362 ((((unsigned char *)(a))[0] == 198) && \
diff --git a/include/net/sctp/sctp.h b/include/net/sctp/sctp.h
index 764e3af5be93..215461f18db1 100644
--- a/include/net/sctp/sctp.h
+++ b/include/net/sctp/sctp.h
@@ -585,7 +585,7 @@ static inline int ipver2af(__u8 ipver)
585} 585}
586 586
587/* Convert from an address parameter type to an address family. */ 587/* Convert from an address parameter type to an address family. */
588static inline int param_type2af(__u16 type) 588static inline int param_type2af(__be16 type)
589{ 589{
590 switch (type) { 590 switch (type) {
591 case SCTP_PARAM_IPV4_ADDRESS: 591 case SCTP_PARAM_IPV4_ADDRESS:
diff --git a/include/net/sctp/sm.h b/include/net/sctp/sm.h
index de313de4fefe..3269ed1cc222 100644
--- a/include/net/sctp/sm.h
+++ b/include/net/sctp/sm.h
@@ -213,7 +213,7 @@ struct sctp_chunk *sctp_make_shutdown_ack(const struct sctp_association *asoc,
213 const struct sctp_chunk *); 213 const struct sctp_chunk *);
214struct sctp_chunk *sctp_make_shutdown_complete(const struct sctp_association *, 214struct sctp_chunk *sctp_make_shutdown_complete(const struct sctp_association *,
215 const struct sctp_chunk *); 215 const struct sctp_chunk *);
216void sctp_init_cause(struct sctp_chunk *, __u16 cause, const void *, size_t); 216void sctp_init_cause(struct sctp_chunk *, __be16 cause, const void *, size_t);
217struct sctp_chunk *sctp_make_abort(const struct sctp_association *, 217struct sctp_chunk *sctp_make_abort(const struct sctp_association *,
218 const struct sctp_chunk *, 218 const struct sctp_chunk *,
219 const size_t hint); 219 const size_t hint);
@@ -236,14 +236,14 @@ struct sctp_chunk *sctp_make_heartbeat_ack(const struct sctp_association *,
236 const size_t paylen); 236 const size_t paylen);
237struct sctp_chunk *sctp_make_op_error(const struct sctp_association *, 237struct sctp_chunk *sctp_make_op_error(const struct sctp_association *,
238 const struct sctp_chunk *chunk, 238 const struct sctp_chunk *chunk,
239 __u16 cause_code, 239 __be16 cause_code,
240 const void *payload, 240 const void *payload,
241 size_t paylen); 241 size_t paylen);
242 242
243struct sctp_chunk *sctp_make_asconf_update_ip(struct sctp_association *, 243struct sctp_chunk *sctp_make_asconf_update_ip(struct sctp_association *,
244 union sctp_addr *, 244 union sctp_addr *,
245 struct sockaddr *, 245 struct sockaddr *,
246 int, __u16); 246 int, __be16);
247struct sctp_chunk *sctp_make_asconf_set_prim(struct sctp_association *asoc, 247struct sctp_chunk *sctp_make_asconf_set_prim(struct sctp_association *asoc,
248 union sctp_addr *addr); 248 union sctp_addr *addr);
249struct sctp_chunk *sctp_process_asconf(struct sctp_association *asoc, 249struct sctp_chunk *sctp_process_asconf(struct sctp_association *asoc,
diff --git a/include/net/sctp/structs.h b/include/net/sctp/structs.h
index c6d93bb0dcd2..f8cbe40f52c0 100644
--- a/include/net/sctp/structs.h
+++ b/include/net/sctp/structs.h
@@ -537,7 +537,7 @@ struct sctp_af {
537 struct net_device *); 537 struct net_device *);
538 void (*dst_saddr) (union sctp_addr *saddr, 538 void (*dst_saddr) (union sctp_addr *saddr,
539 struct dst_entry *dst, 539 struct dst_entry *dst,
540 unsigned short port); 540 __be16 port);
541 int (*cmp_addr) (const union sctp_addr *addr1, 541 int (*cmp_addr) (const union sctp_addr *addr1,
542 const union sctp_addr *addr2); 542 const union sctp_addr *addr2);
543 void (*addr_copy) (union sctp_addr *dst, 543 void (*addr_copy) (union sctp_addr *dst,
@@ -553,14 +553,14 @@ struct sctp_af {
553 struct sock *sk); 553 struct sock *sk);
554 void (*from_addr_param) (union sctp_addr *, 554 void (*from_addr_param) (union sctp_addr *,
555 union sctp_addr_param *, 555 union sctp_addr_param *,
556 __u16 port, int iif); 556 __be16 port, int iif);
557 int (*to_addr_param) (const union sctp_addr *, 557 int (*to_addr_param) (const union sctp_addr *,
558 union sctp_addr_param *); 558 union sctp_addr_param *);
559 int (*addr_valid) (union sctp_addr *, 559 int (*addr_valid) (union sctp_addr *,
560 struct sctp_sock *, 560 struct sctp_sock *,
561 const struct sk_buff *); 561 const struct sk_buff *);
562 sctp_scope_t (*scope) (union sctp_addr *); 562 sctp_scope_t (*scope) (union sctp_addr *);
563 void (*inaddr_any) (union sctp_addr *, unsigned short); 563 void (*inaddr_any) (union sctp_addr *, __be16);
564 int (*is_any) (const union sctp_addr *); 564 int (*is_any) (const union sctp_addr *);
565 int (*available) (union sctp_addr *, 565 int (*available) (union sctp_addr *,
566 struct sctp_sock *); 566 struct sctp_sock *);
@@ -587,7 +587,7 @@ struct sctp_pf {
587 struct sctp_sock *); 587 struct sctp_sock *);
588 int (*bind_verify) (struct sctp_sock *, union sctp_addr *); 588 int (*bind_verify) (struct sctp_sock *, union sctp_addr *);
589 int (*send_verify) (struct sctp_sock *, union sctp_addr *); 589 int (*send_verify) (struct sctp_sock *, union sctp_addr *);
590 int (*supported_addrs)(const struct sctp_sock *, __u16 *); 590 int (*supported_addrs)(const struct sctp_sock *, __be16 *);
591 struct sock *(*create_accept_sk) (struct sock *sk, 591 struct sock *(*create_accept_sk) (struct sock *sk,
592 struct sctp_association *asoc); 592 struct sctp_association *asoc);
593 void (*addr_v4map) (struct sctp_sock *, union sctp_addr *); 593 void (*addr_v4map) (struct sctp_sock *, union sctp_addr *);
@@ -1270,7 +1270,7 @@ struct sctp_endpoint {
1270 * this here so we pre-allocate this once and can re-use 1270 * this here so we pre-allocate this once and can re-use
1271 * on every receive. 1271 * on every receive.
1272 */ 1272 */
1273 __u8 digest[SCTP_SIGNATURE_SIZE]; 1273 __u8 *digest;
1274 1274
1275 /* sendbuf acct. policy. */ 1275 /* sendbuf acct. policy. */
1276 __u32 sndbuf_policy; 1276 __u32 sndbuf_policy;
@@ -1314,6 +1314,13 @@ int sctp_process_init(struct sctp_association *, sctp_cid_t cid,
1314__u32 sctp_generate_tag(const struct sctp_endpoint *); 1314__u32 sctp_generate_tag(const struct sctp_endpoint *);
1315__u32 sctp_generate_tsn(const struct sctp_endpoint *); 1315__u32 sctp_generate_tsn(const struct sctp_endpoint *);
1316 1316
1317struct sctp_inithdr_host {
1318 __u32 init_tag;
1319 __u32 a_rwnd;
1320 __u16 num_outbound_streams;
1321 __u16 num_inbound_streams;
1322 __u32 initial_tsn;
1323};
1317 1324
1318/* RFC2960 1325/* RFC2960
1319 * 1326 *
@@ -1482,9 +1489,9 @@ struct sctp_association {
1482 /* This mask is used to disable sending the ASCONF chunk 1489 /* This mask is used to disable sending the ASCONF chunk
1483 * with specified parameter to peer. 1490 * with specified parameter to peer.
1484 */ 1491 */
1485 __u16 addip_disabled_mask; 1492 __be16 addip_disabled_mask;
1486 1493
1487 struct sctp_inithdr i; 1494 struct sctp_inithdr_host i;
1488 int cookie_len; 1495 int cookie_len;
1489 void *cookie; 1496 void *cookie;
1490 1497
diff --git a/include/net/sctp/tsnmap.h b/include/net/sctp/tsnmap.h
index 021947da70ea..70a824df6f60 100644
--- a/include/net/sctp/tsnmap.h
+++ b/include/net/sctp/tsnmap.h
@@ -105,7 +105,7 @@ struct sctp_tsnmap {
105 * every SACK. Store up to SCTP_MAX_DUP_TSNS worth of 105 * every SACK. Store up to SCTP_MAX_DUP_TSNS worth of
106 * information. 106 * information.
107 */ 107 */
108 __u32 dup_tsns[SCTP_MAX_DUP_TSNS]; 108 __be32 dup_tsns[SCTP_MAX_DUP_TSNS];
109 __u16 num_dup_tsns; 109 __u16 num_dup_tsns;
110 110
111 /* Record gap ack block information here. */ 111 /* Record gap ack block information here. */
@@ -162,7 +162,7 @@ static inline __u16 sctp_tsnmap_num_dups(struct sctp_tsnmap *map)
162} 162}
163 163
164/* Return pointer to duplicate tsn array as needed by SACK. */ 164/* Return pointer to duplicate tsn array as needed by SACK. */
165static inline __u32 *sctp_tsnmap_get_dups(struct sctp_tsnmap *map) 165static inline __be32 *sctp_tsnmap_get_dups(struct sctp_tsnmap *map)
166{ 166{
167 map->num_dup_tsns = 0; 167 map->num_dup_tsns = 0;
168 return map->dup_tsns; 168 return map->dup_tsns;
diff --git a/include/net/sock.h b/include/net/sock.h
index ac286a353032..fe3a33fad03f 100644
--- a/include/net/sock.h
+++ b/include/net/sock.h
@@ -47,6 +47,7 @@
47#include <linux/lockdep.h> 47#include <linux/lockdep.h>
48#include <linux/netdevice.h> 48#include <linux/netdevice.h>
49#include <linux/skbuff.h> /* struct sk_buff */ 49#include <linux/skbuff.h> /* struct sk_buff */
50#include <linux/mm.h>
50#include <linux/security.h> 51#include <linux/security.h>
51 52
52#include <linux/filter.h> 53#include <linux/filter.h>
@@ -745,7 +746,13 @@ static inline int sk_stream_wmem_schedule(struct sock *sk, int size)
745 */ 746 */
746#define sock_owned_by_user(sk) ((sk)->sk_lock.owner) 747#define sock_owned_by_user(sk) ((sk)->sk_lock.owner)
747 748
748extern void FASTCALL(lock_sock(struct sock *sk)); 749extern void FASTCALL(lock_sock_nested(struct sock *sk, int subclass));
750
751static inline void lock_sock(struct sock *sk)
752{
753 lock_sock_nested(sk, 0);
754}
755
749extern void FASTCALL(release_sock(struct sock *sk)); 756extern void FASTCALL(release_sock(struct sock *sk));
750 757
751/* BH context may only use the following locking interface. */ 758/* BH context may only use the following locking interface. */
@@ -883,18 +890,23 @@ static inline int sk_filter(struct sock *sk, struct sk_buff *skb)
883} 890}
884 891
885/** 892/**
886 * sk_filter_release: Release a socket filter 893 * sk_filter_rcu_free: Free a socket filter
887 * @rcu: rcu_head that contains the sk_filter info to remove 894 * @rcu: rcu_head that contains the sk_filter to free
888 *
889 * Remove a filter from a socket and release its resources.
890 */ 895 */
891
892static inline void sk_filter_rcu_free(struct rcu_head *rcu) 896static inline void sk_filter_rcu_free(struct rcu_head *rcu)
893{ 897{
894 struct sk_filter *fp = container_of(rcu, struct sk_filter, rcu); 898 struct sk_filter *fp = container_of(rcu, struct sk_filter, rcu);
895 kfree(fp); 899 kfree(fp);
896} 900}
897 901
902/**
903 * sk_filter_release: Release a socket filter
904 * @sk: socket
905 * @fp: filter to remove
906 *
907 * Remove a filter from a socket and release its resources.
908 */
909
898static inline void sk_filter_release(struct sock *sk, struct sk_filter *fp) 910static inline void sk_filter_release(struct sock *sk, struct sk_filter *fp)
899{ 911{
900 unsigned int size = sk_filter_len(fp); 912 unsigned int size = sk_filter_len(fp);
@@ -943,7 +955,8 @@ static inline void sock_put(struct sock *sk)
943 sk_free(sk); 955 sk_free(sk);
944} 956}
945 957
946extern int sk_receive_skb(struct sock *sk, struct sk_buff *skb); 958extern int sk_receive_skb(struct sock *sk, struct sk_buff *skb,
959 const int nested);
947 960
948/* Detach socket from process context. 961/* Detach socket from process context.
949 * Announce socket dead, detach it from wait queue and inode. 962 * Announce socket dead, detach it from wait queue and inode.
@@ -1077,7 +1090,7 @@ static inline int skb_copy_to_page(struct sock *sk, char __user *from,
1077{ 1090{
1078 if (skb->ip_summed == CHECKSUM_NONE) { 1091 if (skb->ip_summed == CHECKSUM_NONE) {
1079 int err = 0; 1092 int err = 0;
1080 unsigned int csum = csum_and_copy_from_user(from, 1093 __wsum csum = csum_and_copy_from_user(from,
1081 page_address(page) + off, 1094 page_address(page) + off,
1082 copy, 0, &err); 1095 copy, 0, &err);
1083 if (err) 1096 if (err)
diff --git a/include/net/tcp.h b/include/net/tcp.h
index 7a093d0aa0fe..c99774f15eba 100644
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -28,6 +28,7 @@
28#include <linux/percpu.h> 28#include <linux/percpu.h>
29#include <linux/skbuff.h> 29#include <linux/skbuff.h>
30#include <linux/dmaengine.h> 30#include <linux/dmaengine.h>
31#include <linux/crypto.h>
31 32
32#include <net/inet_connection_sock.h> 33#include <net/inet_connection_sock.h>
33#include <net/inet_timewait_sock.h> 34#include <net/inet_timewait_sock.h>
@@ -138,7 +139,6 @@ extern void tcp_time_wait(struct sock *sk, int state, int timeo);
138#define MAX_TCP_SYNCNT 127 139#define MAX_TCP_SYNCNT 127
139 140
140#define TCP_SYNQ_INTERVAL (HZ/5) /* Period of SYNACK timer */ 141#define TCP_SYNQ_INTERVAL (HZ/5) /* Period of SYNACK timer */
141#define TCP_SYNQ_HSIZE 512 /* Size of SYNACK hash table */
142 142
143#define TCP_PAWS_24DAYS (60 * 60 * 24 * 24) 143#define TCP_PAWS_24DAYS (60 * 60 * 24 * 24)
144#define TCP_PAWS_MSL 60 /* Per-host timestamps are invalidated 144#define TCP_PAWS_MSL 60 /* Per-host timestamps are invalidated
@@ -162,6 +162,7 @@ extern void tcp_time_wait(struct sock *sk, int state, int timeo);
162#define TCPOPT_SACK_PERM 4 /* SACK Permitted */ 162#define TCPOPT_SACK_PERM 4 /* SACK Permitted */
163#define TCPOPT_SACK 5 /* SACK Block */ 163#define TCPOPT_SACK 5 /* SACK Block */
164#define TCPOPT_TIMESTAMP 8 /* Better RTT estimations/PAWS */ 164#define TCPOPT_TIMESTAMP 8 /* Better RTT estimations/PAWS */
165#define TCPOPT_MD5SIG 19 /* MD5 Signature (RFC2385) */
165 166
166/* 167/*
167 * TCP option lengths 168 * TCP option lengths
@@ -171,6 +172,7 @@ extern void tcp_time_wait(struct sock *sk, int state, int timeo);
171#define TCPOLEN_WINDOW 3 172#define TCPOLEN_WINDOW 3
172#define TCPOLEN_SACK_PERM 2 173#define TCPOLEN_SACK_PERM 2
173#define TCPOLEN_TIMESTAMP 10 174#define TCPOLEN_TIMESTAMP 10
175#define TCPOLEN_MD5SIG 18
174 176
175/* But this is what stacks really send out. */ 177/* But this is what stacks really send out. */
176#define TCPOLEN_TSTAMP_ALIGNED 12 178#define TCPOLEN_TSTAMP_ALIGNED 12
@@ -179,6 +181,7 @@ extern void tcp_time_wait(struct sock *sk, int state, int timeo);
179#define TCPOLEN_SACK_BASE 2 181#define TCPOLEN_SACK_BASE 2
180#define TCPOLEN_SACK_BASE_ALIGNED 4 182#define TCPOLEN_SACK_BASE_ALIGNED 4
181#define TCPOLEN_SACK_PERBLOCK 8 183#define TCPOLEN_SACK_PERBLOCK 8
184#define TCPOLEN_MD5SIG_ALIGNED 20
182 185
183/* Flags in tp->nonagle */ 186/* Flags in tp->nonagle */
184#define TCP_NAGLE_OFF 1 /* Nagle's algo is disabled */ 187#define TCP_NAGLE_OFF 1 /* Nagle's algo is disabled */
@@ -300,6 +303,8 @@ extern void tcp_cleanup_rbuf(struct sock *sk, int copied);
300extern int tcp_twsk_unique(struct sock *sk, 303extern int tcp_twsk_unique(struct sock *sk,
301 struct sock *sktw, void *twp); 304 struct sock *sktw, void *twp);
302 305
306extern void tcp_twsk_destructor(struct sock *sk);
307
303static inline void tcp_dec_quickack_mode(struct sock *sk, 308static inline void tcp_dec_quickack_mode(struct sock *sk,
304 const unsigned int pkts) 309 const unsigned int pkts)
305{ 310{
@@ -621,8 +626,12 @@ enum tcp_ca_event {
621 * Interface for adding new TCP congestion control handlers 626 * Interface for adding new TCP congestion control handlers
622 */ 627 */
623#define TCP_CA_NAME_MAX 16 628#define TCP_CA_NAME_MAX 16
629#define TCP_CA_MAX 128
630#define TCP_CA_BUF_MAX (TCP_CA_NAME_MAX*TCP_CA_MAX)
631
624struct tcp_congestion_ops { 632struct tcp_congestion_ops {
625 struct list_head list; 633 struct list_head list;
634 int non_restricted;
626 635
627 /* initialize private data (optional) */ 636 /* initialize private data (optional) */
628 void (*init)(struct sock *sk); 637 void (*init)(struct sock *sk);
@@ -660,6 +669,9 @@ extern void tcp_init_congestion_control(struct sock *sk);
660extern void tcp_cleanup_congestion_control(struct sock *sk); 669extern void tcp_cleanup_congestion_control(struct sock *sk);
661extern int tcp_set_default_congestion_control(const char *name); 670extern int tcp_set_default_congestion_control(const char *name);
662extern void tcp_get_default_congestion_control(char *name); 671extern void tcp_get_default_congestion_control(char *name);
672extern void tcp_get_available_congestion_control(char *buf, size_t len);
673extern void tcp_get_allowed_congestion_control(char *buf, size_t len);
674extern int tcp_set_allowed_congestion_control(char *allowed);
663extern int tcp_set_congestion_control(struct sock *sk, const char *name); 675extern int tcp_set_congestion_control(struct sock *sk, const char *name);
664extern void tcp_slow_start(struct tcp_sock *tp); 676extern void tcp_slow_start(struct tcp_sock *tp);
665 677
@@ -795,14 +807,14 @@ static inline void tcp_update_wl(struct tcp_sock *tp, u32 ack, u32 seq)
795/* 807/*
796 * Calculate(/check) TCP checksum 808 * Calculate(/check) TCP checksum
797 */ 809 */
798static inline u16 tcp_v4_check(struct tcphdr *th, int len, 810static inline __sum16 tcp_v4_check(struct tcphdr *th, int len,
799 unsigned long saddr, unsigned long daddr, 811 __be32 saddr, __be32 daddr,
800 unsigned long base) 812 __wsum base)
801{ 813{
802 return csum_tcpudp_magic(saddr,daddr,len,IPPROTO_TCP,base); 814 return csum_tcpudp_magic(saddr,daddr,len,IPPROTO_TCP,base);
803} 815}
804 816
805static inline int __tcp_checksum_complete(struct sk_buff *skb) 817static inline __sum16 __tcp_checksum_complete(struct sk_buff *skb)
806{ 818{
807 return __skb_checksum_complete(skb); 819 return __skb_checksum_complete(skb);
808} 820}
@@ -1058,6 +1070,114 @@ static inline void clear_all_retrans_hints(struct tcp_sock *tp){
1058 tp->fastpath_skb_hint = NULL; 1070 tp->fastpath_skb_hint = NULL;
1059} 1071}
1060 1072
1073/* MD5 Signature */
1074struct crypto_hash;
1075
1076/* - key database */
1077struct tcp_md5sig_key {
1078 u8 *key;
1079 u8 keylen;
1080};
1081
1082struct tcp4_md5sig_key {
1083 u8 *key;
1084 u16 keylen;
1085 __be32 addr;
1086};
1087
1088struct tcp6_md5sig_key {
1089 u8 *key;
1090 u16 keylen;
1091#if 0
1092 u32 scope_id; /* XXX */
1093#endif
1094 struct in6_addr addr;
1095};
1096
1097/* - sock block */
1098struct tcp_md5sig_info {
1099 struct tcp4_md5sig_key *keys4;
1100#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
1101 struct tcp6_md5sig_key *keys6;
1102 u32 entries6;
1103 u32 alloced6;
1104#endif
1105 u32 entries4;
1106 u32 alloced4;
1107};
1108
1109/* - pseudo header */
1110struct tcp4_pseudohdr {
1111 __be32 saddr;
1112 __be32 daddr;
1113 __u8 pad;
1114 __u8 protocol;
1115 __be16 len;
1116};
1117
1118struct tcp6_pseudohdr {
1119 struct in6_addr saddr;
1120 struct in6_addr daddr;
1121 __be32 len;
1122 __be32 protocol; /* including padding */
1123};
1124
1125union tcp_md5sum_block {
1126 struct tcp4_pseudohdr ip4;
1127#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
1128 struct tcp6_pseudohdr ip6;
1129#endif
1130};
1131
1132/* - pool: digest algorithm, hash description and scratch buffer */
1133struct tcp_md5sig_pool {
1134 struct hash_desc md5_desc;
1135 union tcp_md5sum_block md5_blk;
1136};
1137
1138#define TCP_MD5SIG_MAXKEYS (~(u32)0) /* really?! */
1139
1140/* - functions */
1141extern int tcp_v4_calc_md5_hash(char *md5_hash,
1142 struct tcp_md5sig_key *key,
1143 struct sock *sk,
1144 struct dst_entry *dst,
1145 struct request_sock *req,
1146 struct tcphdr *th,
1147 int protocol, int tcplen);
1148extern struct tcp_md5sig_key *tcp_v4_md5_lookup(struct sock *sk,
1149 struct sock *addr_sk);
1150
1151extern int tcp_v4_md5_do_add(struct sock *sk,
1152 __be32 addr,
1153 u8 *newkey,
1154 u8 newkeylen);
1155
1156extern int tcp_v4_md5_do_del(struct sock *sk,
1157 __be32 addr);
1158
1159extern struct tcp_md5sig_pool **tcp_alloc_md5sig_pool(void);
1160extern void tcp_free_md5sig_pool(void);
1161
1162extern struct tcp_md5sig_pool *__tcp_get_md5sig_pool(int cpu);
1163extern void __tcp_put_md5sig_pool(void);
1164
1165static inline
1166struct tcp_md5sig_pool *tcp_get_md5sig_pool(void)
1167{
1168 int cpu = get_cpu();
1169 struct tcp_md5sig_pool *ret = __tcp_get_md5sig_pool(cpu);
1170 if (!ret)
1171 put_cpu();
1172 return ret;
1173}
1174
1175static inline void tcp_put_md5sig_pool(void)
1176{
1177 __tcp_put_md5sig_pool();
1178 put_cpu();
1179}
1180
1061/* /proc */ 1181/* /proc */
1062enum tcp_seq_states { 1182enum tcp_seq_states {
1063 TCP_SEQ_STATE_LISTENING, 1183 TCP_SEQ_STATE_LISTENING,
@@ -1097,6 +1217,35 @@ extern int tcp4_proc_init(void);
1097extern void tcp4_proc_exit(void); 1217extern void tcp4_proc_exit(void);
1098#endif 1218#endif
1099 1219
1220/* TCP af-specific functions */
1221struct tcp_sock_af_ops {
1222#ifdef CONFIG_TCP_MD5SIG
1223 struct tcp_md5sig_key *(*md5_lookup) (struct sock *sk,
1224 struct sock *addr_sk);
1225 int (*calc_md5_hash) (char *location,
1226 struct tcp_md5sig_key *md5,
1227 struct sock *sk,
1228 struct dst_entry *dst,
1229 struct request_sock *req,
1230 struct tcphdr *th,
1231 int protocol, int len);
1232 int (*md5_add) (struct sock *sk,
1233 struct sock *addr_sk,
1234 u8 *newkey,
1235 u8 len);
1236 int (*md5_parse) (struct sock *sk,
1237 char __user *optval,
1238 int optlen);
1239#endif
1240};
1241
1242struct tcp_request_sock_ops {
1243#ifdef CONFIG_TCP_MD5SIG
1244 struct tcp_md5sig_key *(*md5_lookup) (struct sock *sk,
1245 struct request_sock *req);
1246#endif
1247};
1248
1100extern void tcp_v4_init(struct net_proto_family *ops); 1249extern void tcp_v4_init(struct net_proto_family *ops);
1101extern void tcp_init(void); 1250extern void tcp_init(void);
1102 1251
diff --git a/include/net/timewait_sock.h b/include/net/timewait_sock.h
index be293d795e38..d7a306ea560d 100644
--- a/include/net/timewait_sock.h
+++ b/include/net/timewait_sock.h
@@ -31,6 +31,9 @@ static inline int twsk_unique(struct sock *sk, struct sock *sktw, void *twp)
31 31
32static inline void twsk_destructor(struct sock *sk) 32static inline void twsk_destructor(struct sock *sk)
33{ 33{
34 BUG_ON(sk == NULL);
35 BUG_ON(sk->sk_prot == NULL);
36 BUG_ON(sk->sk_prot->twsk_prot == NULL);
34 if (sk->sk_prot->twsk_prot->twsk_destructor != NULL) 37 if (sk->sk_prot->twsk_prot->twsk_destructor != NULL)
35 sk->sk_prot->twsk_prot->twsk_destructor(sk); 38 sk->sk_prot->twsk_prot->twsk_destructor(sk);
36} 39}
diff --git a/include/net/tipc/tipc_bearer.h b/include/net/tipc/tipc_bearer.h
index e07136d74c2f..2151a80cdf30 100644
--- a/include/net/tipc/tipc_bearer.h
+++ b/include/net/tipc/tipc_bearer.h
@@ -58,7 +58,7 @@
58 */ 58 */
59 59
60struct tipc_media_addr { 60struct tipc_media_addr {
61 __u32 type; /* bearer type (network byte order) */ 61 __be32 type; /* bearer type (network byte order) */
62 union { 62 union {
63 __u8 eth_addr[6]; /* 48 bit Ethernet addr (byte array) */ 63 __u8 eth_addr[6]; /* 48 bit Ethernet addr (byte array) */
64#if 0 64#if 0
diff --git a/include/net/tipc/tipc_msg.h b/include/net/tipc/tipc_msg.h
index 4d096eebc93f..fb42eb7a86a5 100644
--- a/include/net/tipc/tipc_msg.h
+++ b/include/net/tipc/tipc_msg.h
@@ -40,7 +40,7 @@
40#ifdef __KERNEL__ 40#ifdef __KERNEL__
41 41
42struct tipc_msg { 42struct tipc_msg {
43 u32 hdr[15]; 43 __be32 hdr[15];
44}; 44};
45 45
46 46
diff --git a/include/net/transp_v6.h b/include/net/transp_v6.h
index 61f724c1036f..409da3a9a455 100644
--- a/include/net/transp_v6.h
+++ b/include/net/transp_v6.h
@@ -11,6 +11,7 @@
11 11
12extern struct proto rawv6_prot; 12extern struct proto rawv6_prot;
13extern struct proto udpv6_prot; 13extern struct proto udpv6_prot;
14extern struct proto udplitev6_prot;
14extern struct proto tcpv6_prot; 15extern struct proto tcpv6_prot;
15 16
16struct flowi; 17struct flowi;
@@ -24,6 +25,7 @@ extern void ipv6_destopt_init(void);
24/* transport protocols */ 25/* transport protocols */
25extern void rawv6_init(void); 26extern void rawv6_init(void);
26extern void udpv6_init(void); 27extern void udpv6_init(void);
28extern void udplitev6_init(void);
27extern void tcpv6_init(void); 29extern void tcpv6_init(void);
28 30
29extern int udpv6_connect(struct sock *sk, 31extern int udpv6_connect(struct sock *sk,
diff --git a/include/net/udp.h b/include/net/udp.h
index db0c05f67546..1b921fa81474 100644
--- a/include/net/udp.h
+++ b/include/net/udp.h
@@ -26,9 +26,29 @@
26#include <net/inet_sock.h> 26#include <net/inet_sock.h>
27#include <net/sock.h> 27#include <net/sock.h>
28#include <net/snmp.h> 28#include <net/snmp.h>
29#include <net/ip.h>
30#include <linux/ipv6.h>
29#include <linux/seq_file.h> 31#include <linux/seq_file.h>
32#include <linux/poll.h>
30 33
31#define UDP_HTABLE_SIZE 128 34/**
35 * struct udp_skb_cb - UDP(-Lite) private variables
36 *
37 * @header: private variables used by IPv4/IPv6
38 * @cscov: checksum coverage length (UDP-Lite only)
39 * @partial_cov: if set indicates partial csum coverage
40 */
41struct udp_skb_cb {
42 union {
43 struct inet_skb_parm h4;
44#if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE)
45 struct inet6_skb_parm h6;
46#endif
47 } header;
48 __u16 cscov;
49 __u8 partial_cov;
50};
51#define UDP_SKB_CB(__skb) ((struct udp_skb_cb *)((__skb)->cb))
32 52
33extern struct hlist_head udp_hash[UDP_HTABLE_SIZE]; 53extern struct hlist_head udp_hash[UDP_HTABLE_SIZE];
34extern rwlock_t udp_hash_lock; 54extern rwlock_t udp_hash_lock;
@@ -47,6 +67,62 @@ extern struct proto udp_prot;
47 67
48struct sk_buff; 68struct sk_buff;
49 69
70/*
71 * Generic checksumming routines for UDP(-Lite) v4 and v6
72 */
73static inline __sum16 __udp_lib_checksum_complete(struct sk_buff *skb)
74{
75 if (! UDP_SKB_CB(skb)->partial_cov)
76 return __skb_checksum_complete(skb);
77 return csum_fold(skb_checksum(skb, 0, UDP_SKB_CB(skb)->cscov,
78 skb->csum));
79}
80
81static inline int udp_lib_checksum_complete(struct sk_buff *skb)
82{
83 return skb->ip_summed != CHECKSUM_UNNECESSARY &&
84 __udp_lib_checksum_complete(skb);
85}
86
87/**
88 * udp_csum_outgoing - compute UDPv4/v6 checksum over fragments
89 * @sk: socket we are writing to
90 * @skb: sk_buff containing the filled-in UDP header
91 * (checksum field must be zeroed out)
92 */
93static inline __wsum udp_csum_outgoing(struct sock *sk, struct sk_buff *skb)
94{
95 __wsum csum = csum_partial(skb->h.raw, sizeof(struct udphdr), 0);
96
97 skb_queue_walk(&sk->sk_write_queue, skb) {
98 csum = csum_add(csum, skb->csum);
99 }
100 return csum;
101}
102
103/* hash routines shared between UDPv4/6 and UDP-Litev4/6 */
104static inline void udp_lib_hash(struct sock *sk)
105{
106 BUG();
107}
108
109static inline void udp_lib_unhash(struct sock *sk)
110{
111 write_lock_bh(&udp_hash_lock);
112 if (sk_del_node_init(sk)) {
113 inet_sk(sk)->num = 0;
114 sock_prot_dec_use(sk->sk_prot);
115 }
116 write_unlock_bh(&udp_hash_lock);
117}
118
119static inline void udp_lib_close(struct sock *sk, long timeout)
120{
121 sk_common_release(sk);
122}
123
124
125/* net/ipv4/udp.c */
50extern int udp_get_port(struct sock *sk, unsigned short snum, 126extern int udp_get_port(struct sock *sk, unsigned short snum,
51 int (*saddr_cmp)(const struct sock *, const struct sock *)); 127 int (*saddr_cmp)(const struct sock *, const struct sock *));
52extern void udp_err(struct sk_buff *, u32); 128extern void udp_err(struct sk_buff *, u32);
@@ -59,23 +135,36 @@ extern int udp_ioctl(struct sock *sk, int cmd, unsigned long arg);
59extern int udp_disconnect(struct sock *sk, int flags); 135extern int udp_disconnect(struct sock *sk, int flags);
60extern unsigned int udp_poll(struct file *file, struct socket *sock, 136extern unsigned int udp_poll(struct file *file, struct socket *sock,
61 poll_table *wait); 137 poll_table *wait);
138extern int udp_lib_getsockopt(struct sock *sk, int level, int optname,
139 char __user *optval, int __user *optlen);
140extern int udp_lib_setsockopt(struct sock *sk, int level, int optname,
141 char __user *optval, int optlen,
142 int (*push_pending_frames)(struct sock *));
62 143
63DECLARE_SNMP_STAT(struct udp_mib, udp_statistics); 144DECLARE_SNMP_STAT(struct udp_mib, udp_statistics);
64#define UDP_INC_STATS(field) SNMP_INC_STATS(udp_statistics, field) 145/*
65#define UDP_INC_STATS_BH(field) SNMP_INC_STATS_BH(udp_statistics, field) 146 * SNMP statistics for UDP and UDP-Lite
66#define UDP_INC_STATS_USER(field) SNMP_INC_STATS_USER(udp_statistics, field) 147 */
148#define UDP_INC_STATS_USER(field, is_udplite) do { \
149 if (is_udplite) SNMP_INC_STATS_USER(udplite_statistics, field); \
150 else SNMP_INC_STATS_USER(udp_statistics, field); } while(0)
151#define UDP_INC_STATS_BH(field, is_udplite) do { \
152 if (is_udplite) SNMP_INC_STATS_BH(udplite_statistics, field); \
153 else SNMP_INC_STATS_BH(udp_statistics, field); } while(0)
67 154
68/* /proc */ 155/* /proc */
69struct udp_seq_afinfo { 156struct udp_seq_afinfo {
70 struct module *owner; 157 struct module *owner;
71 char *name; 158 char *name;
72 sa_family_t family; 159 sa_family_t family;
160 struct hlist_head *hashtable;
73 int (*seq_show) (struct seq_file *m, void *v); 161 int (*seq_show) (struct seq_file *m, void *v);
74 struct file_operations *seq_fops; 162 struct file_operations *seq_fops;
75}; 163};
76 164
77struct udp_iter_state { 165struct udp_iter_state {
78 sa_family_t family; 166 sa_family_t family;
167 struct hlist_head *hashtable;
79 int bucket; 168 int bucket;
80 struct seq_operations seq_ops; 169 struct seq_operations seq_ops;
81}; 170};
diff --git a/include/net/udplite.h b/include/net/udplite.h
new file mode 100644
index 000000000000..67ac51424307
--- /dev/null
+++ b/include/net/udplite.h
@@ -0,0 +1,151 @@
1/*
2 * Definitions for the UDP-Lite (RFC 3828) code.
3 */
4#ifndef _UDPLITE_H
5#define _UDPLITE_H
6
7#include <net/ip6_checksum.h>
8
9/* UDP-Lite socket options */
10#define UDPLITE_SEND_CSCOV 10 /* sender partial coverage (as sent) */
11#define UDPLITE_RECV_CSCOV 11 /* receiver partial coverage (threshold ) */
12
13extern struct proto udplite_prot;
14extern struct hlist_head udplite_hash[UDP_HTABLE_SIZE];
15
16/* UDP-Lite does not have a standardized MIB yet, so we inherit from UDP */
17DECLARE_SNMP_STAT(struct udp_mib, udplite_statistics);
18
19/*
20 * Checksum computation is all in software, hence simpler getfrag.
21 */
22static __inline__ int udplite_getfrag(void *from, char *to, int offset,
23 int len, int odd, struct sk_buff *skb)
24{
25 return memcpy_fromiovecend(to, (struct iovec *) from, offset, len);
26}
27
28/* Designate sk as UDP-Lite socket */
29static inline int udplite_sk_init(struct sock *sk)
30{
31 udp_sk(sk)->pcflag = UDPLITE_BIT;
32 return 0;
33}
34
35/*
36 * Checksumming routines
37 */
38static inline int udplite_checksum_init(struct sk_buff *skb, struct udphdr *uh)
39{
40 u16 cscov;
41
42 /* In UDPv4 a zero checksum means that the transmitter generated no
43 * checksum. UDP-Lite (like IPv6) mandates checksums, hence packets
44 * with a zero checksum field are illegal. */
45 if (uh->check == 0) {
46 LIMIT_NETDEBUG(KERN_DEBUG "UDPLITE: zeroed checksum field\n");
47 return 1;
48 }
49
50 UDP_SKB_CB(skb)->partial_cov = 0;
51 cscov = ntohs(uh->len);
52
53 if (cscov == 0) /* Indicates that full coverage is required. */
54 cscov = skb->len;
55 else if (cscov < 8 || cscov > skb->len) {
56 /*
57 * Coverage length violates RFC 3828: log and discard silently.
58 */
59 LIMIT_NETDEBUG(KERN_DEBUG "UDPLITE: bad csum coverage %d/%d\n",
60 cscov, skb->len);
61 return 1;
62
63 } else if (cscov < skb->len)
64 UDP_SKB_CB(skb)->partial_cov = 1;
65
66 UDP_SKB_CB(skb)->cscov = cscov;
67
68 /*
69 * There is no known NIC manufacturer supporting UDP-Lite yet,
70 * hence ip_summed is always (re-)set to CHECKSUM_NONE.
71 */
72 skb->ip_summed = CHECKSUM_NONE;
73
74 return 0;
75}
76
77static __inline__ int udplite4_csum_init(struct sk_buff *skb, struct udphdr *uh)
78{
79 int rc = udplite_checksum_init(skb, uh);
80
81 if (!rc)
82 skb->csum = csum_tcpudp_nofold(skb->nh.iph->saddr,
83 skb->nh.iph->daddr,
84 skb->len, IPPROTO_UDPLITE, 0);
85 return rc;
86}
87
88static __inline__ int udplite6_csum_init(struct sk_buff *skb, struct udphdr *uh)
89{
90 int rc = udplite_checksum_init(skb, uh);
91
92 if (!rc)
93 skb->csum = ~csum_unfold(csum_ipv6_magic(&skb->nh.ipv6h->saddr,
94 &skb->nh.ipv6h->daddr,
95 skb->len, IPPROTO_UDPLITE, 0));
96 return rc;
97}
98
99static inline int udplite_sender_cscov(struct udp_sock *up, struct udphdr *uh)
100{
101 int cscov = up->len;
102
103 /*
104 * Sender has set `partial coverage' option on UDP-Lite socket
105 */
106 if (up->pcflag & UDPLITE_SEND_CC) {
107 if (up->pcslen < up->len) {
108 /* up->pcslen == 0 means that full coverage is required,
109 * partial coverage only if 0 < up->pcslen < up->len */
110 if (0 < up->pcslen) {
111 cscov = up->pcslen;
112 }
113 uh->len = htons(up->pcslen);
114 }
115 /*
116 * NOTE: Causes for the error case `up->pcslen > up->len':
117 * (i) Application error (will not be penalized).
118 * (ii) Payload too big for send buffer: data is split
119 * into several packets, each with its own header.
120 * In this case (e.g. last segment), coverage may
121 * exceed packet length.
122 * Since packets with coverage length > packet length are
123 * illegal, we fall back to the defaults here.
124 */
125 }
126 return cscov;
127}
128
129static inline __wsum udplite_csum_outgoing(struct sock *sk, struct sk_buff *skb)
130{
131 int off, len, cscov = udplite_sender_cscov(udp_sk(sk), skb->h.uh);
132 __wsum csum = 0;
133
134 skb->ip_summed = CHECKSUM_NONE; /* no HW support for checksumming */
135
136 skb_queue_walk(&sk->sk_write_queue, skb) {
137 off = skb->h.raw - skb->data;
138 len = skb->len - off;
139
140 csum = skb_checksum(skb, off, (cscov > len)? len : cscov, csum);
141
142 if ((cscov -= len) <= 0)
143 break;
144 }
145 return csum;
146}
147
148extern void udplite4_register(void);
149extern int udplite_get_port(struct sock *sk, unsigned short snum,
150 int (*scmp)(const struct sock *, const struct sock *));
151#endif /* _UDPLITE_H */
diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index 737fdb2ee8a4..15ec19dcf9c8 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -310,6 +310,8 @@ struct xfrm_tmpl
310/* Source address of tunnel. Ignored, if it is not a tunnel. */ 310/* Source address of tunnel. Ignored, if it is not a tunnel. */
311 xfrm_address_t saddr; 311 xfrm_address_t saddr;
312 312
313 unsigned short encap_family;
314
313 __u32 reqid; 315 __u32 reqid;
314 316
315/* Mode: transport, tunnel etc. */ 317/* Mode: transport, tunnel etc. */
@@ -340,18 +342,19 @@ struct xfrm_policy
340 atomic_t refcnt; 342 atomic_t refcnt;
341 struct timer_list timer; 343 struct timer_list timer;
342 344
343 u8 type;
344 u32 priority; 345 u32 priority;
345 u32 index; 346 u32 index;
346 struct xfrm_selector selector; 347 struct xfrm_selector selector;
347 struct xfrm_lifetime_cfg lft; 348 struct xfrm_lifetime_cfg lft;
348 struct xfrm_lifetime_cur curlft; 349 struct xfrm_lifetime_cur curlft;
349 struct dst_entry *bundles; 350 struct dst_entry *bundles;
350 __u16 family; 351 u16 family;
351 __u8 action; 352 u8 type;
352 __u8 flags; 353 u8 action;
353 __u8 dead; 354 u8 flags;
354 __u8 xfrm_nr; 355 u8 dead;
356 u8 xfrm_nr;
357 /* XXX 1 byte hole, try to pack */
355 struct xfrm_sec_ctx *security; 358 struct xfrm_sec_ctx *security;
356 struct xfrm_tmpl xfrm_vec[XFRM_MAX_DEPTH]; 359 struct xfrm_tmpl xfrm_vec[XFRM_MAX_DEPTH];
357}; 360};
@@ -379,7 +382,7 @@ struct xfrm_mgr
379 int (*notify)(struct xfrm_state *x, struct km_event *c); 382 int (*notify)(struct xfrm_state *x, struct km_event *c);
380 int (*acquire)(struct xfrm_state *x, struct xfrm_tmpl *, struct xfrm_policy *xp, int dir); 383 int (*acquire)(struct xfrm_state *x, struct xfrm_tmpl *, struct xfrm_policy *xp, int dir);
381 struct xfrm_policy *(*compile_policy)(struct sock *sk, int opt, u8 *data, int len, int *dir); 384 struct xfrm_policy *(*compile_policy)(struct sock *sk, int opt, u8 *data, int len, int *dir);
382 int (*new_mapping)(struct xfrm_state *x, xfrm_address_t *ipaddr, u16 sport); 385 int (*new_mapping)(struct xfrm_state *x, xfrm_address_t *ipaddr, __be16 sport);
383 int (*notify_policy)(struct xfrm_policy *x, int dir, struct km_event *c); 386 int (*notify_policy)(struct xfrm_policy *x, int dir, struct km_event *c);
384 int (*report)(u8 proto, struct xfrm_selector *sel, xfrm_address_t *addr); 387 int (*report)(u8 proto, struct xfrm_selector *sel, xfrm_address_t *addr);
385}; 388};
@@ -468,6 +471,7 @@ __be16 xfrm_flowi_sport(struct flowi *fl)
468 switch(fl->proto) { 471 switch(fl->proto) {
469 case IPPROTO_TCP: 472 case IPPROTO_TCP:
470 case IPPROTO_UDP: 473 case IPPROTO_UDP:
474 case IPPROTO_UDPLITE:
471 case IPPROTO_SCTP: 475 case IPPROTO_SCTP:
472 port = fl->fl_ip_sport; 476 port = fl->fl_ip_sport;
473 break; 477 break;
@@ -493,6 +497,7 @@ __be16 xfrm_flowi_dport(struct flowi *fl)
493 switch(fl->proto) { 497 switch(fl->proto) {
494 case IPPROTO_TCP: 498 case IPPROTO_TCP:
495 case IPPROTO_UDP: 499 case IPPROTO_UDP:
500 case IPPROTO_UDPLITE:
496 case IPPROTO_SCTP: 501 case IPPROTO_SCTP:
497 port = fl->fl_ip_dport; 502 port = fl->fl_ip_dport;
498 break; 503 break;
@@ -506,40 +511,8 @@ __be16 xfrm_flowi_dport(struct flowi *fl)
506 return port; 511 return port;
507} 512}
508 513
509static inline int 514extern int xfrm_selector_match(struct xfrm_selector *sel, struct flowi *fl,
510__xfrm4_selector_match(struct xfrm_selector *sel, struct flowi *fl) 515 unsigned short family);
511{
512 return addr_match(&fl->fl4_dst, &sel->daddr, sel->prefixlen_d) &&
513 addr_match(&fl->fl4_src, &sel->saddr, sel->prefixlen_s) &&
514 !((xfrm_flowi_dport(fl) ^ sel->dport) & sel->dport_mask) &&
515 !((xfrm_flowi_sport(fl) ^ sel->sport) & sel->sport_mask) &&
516 (fl->proto == sel->proto || !sel->proto) &&
517 (fl->oif == sel->ifindex || !sel->ifindex);
518}
519
520static inline int
521__xfrm6_selector_match(struct xfrm_selector *sel, struct flowi *fl)
522{
523 return addr_match(&fl->fl6_dst, &sel->daddr, sel->prefixlen_d) &&
524 addr_match(&fl->fl6_src, &sel->saddr, sel->prefixlen_s) &&
525 !((xfrm_flowi_dport(fl) ^ sel->dport) & sel->dport_mask) &&
526 !((xfrm_flowi_sport(fl) ^ sel->sport) & sel->sport_mask) &&
527 (fl->proto == sel->proto || !sel->proto) &&
528 (fl->oif == sel->ifindex || !sel->ifindex);
529}
530
531static inline int
532xfrm_selector_match(struct xfrm_selector *sel, struct flowi *fl,
533 unsigned short family)
534{
535 switch (family) {
536 case AF_INET:
537 return __xfrm4_selector_match(sel, fl);
538 case AF_INET6:
539 return __xfrm6_selector_match(sel, fl);
540 }
541 return 0;
542}
543 516
544#ifdef CONFIG_SECURITY_NETWORK_XFRM 517#ifdef CONFIG_SECURITY_NETWORK_XFRM
545/* If neither has a context --> match 518/* If neither has a context --> match
@@ -887,8 +860,7 @@ struct xfrm_tunnel {
887struct xfrm6_tunnel { 860struct xfrm6_tunnel {
888 int (*handler)(struct sk_buff *skb); 861 int (*handler)(struct sk_buff *skb);
889 int (*err_handler)(struct sk_buff *skb, struct inet6_skb_parm *opt, 862 int (*err_handler)(struct sk_buff *skb, struct inet6_skb_parm *opt,
890 int type, int code, int offset, __u32 info); 863 int type, int code, int offset, __be32 info);
891
892 struct xfrm6_tunnel *next; 864 struct xfrm6_tunnel *next;
893 int priority; 865 int priority;
894}; 866};
@@ -951,9 +923,9 @@ extern int xfrm6_input_addr(struct sk_buff *skb, xfrm_address_t *daddr,
951 xfrm_address_t *saddr, u8 proto); 923 xfrm_address_t *saddr, u8 proto);
952extern int xfrm6_tunnel_register(struct xfrm6_tunnel *handler); 924extern int xfrm6_tunnel_register(struct xfrm6_tunnel *handler);
953extern int xfrm6_tunnel_deregister(struct xfrm6_tunnel *handler); 925extern int xfrm6_tunnel_deregister(struct xfrm6_tunnel *handler);
954extern u32 xfrm6_tunnel_alloc_spi(xfrm_address_t *saddr); 926extern __be32 xfrm6_tunnel_alloc_spi(xfrm_address_t *saddr);
955extern void xfrm6_tunnel_free_spi(xfrm_address_t *saddr); 927extern void xfrm6_tunnel_free_spi(xfrm_address_t *saddr);
956extern u32 xfrm6_tunnel_spi_lookup(xfrm_address_t *saddr); 928extern __be32 xfrm6_tunnel_spi_lookup(xfrm_address_t *saddr);
957extern int xfrm6_output(struct sk_buff *skb); 929extern int xfrm6_output(struct sk_buff *skb);
958extern int xfrm6_find_1stfragopt(struct xfrm_state *x, struct sk_buff *skb, 930extern int xfrm6_find_1stfragopt(struct xfrm_state *x, struct sk_buff *skb,
959 u8 **prevhdr); 931 u8 **prevhdr);
@@ -1000,7 +972,7 @@ extern int xfrm_bundle_ok(struct xfrm_policy *pol, struct xfrm_dst *xdst,
1000extern void xfrm_init_pmtu(struct dst_entry *dst); 972extern void xfrm_init_pmtu(struct dst_entry *dst);
1001 973
1002extern wait_queue_head_t km_waitq; 974extern wait_queue_head_t km_waitq;
1003extern int km_new_mapping(struct xfrm_state *x, xfrm_address_t *ipaddr, u16 sport); 975extern int km_new_mapping(struct xfrm_state *x, xfrm_address_t *ipaddr, __be16 sport);
1004extern void km_policy_expired(struct xfrm_policy *pol, int dir, int hard, u32 pid); 976extern void km_policy_expired(struct xfrm_policy *pol, int dir, int hard, u32 pid);
1005extern int km_report(u8 proto, struct xfrm_selector *sel, xfrm_address_t *addr); 977extern int km_report(u8 proto, struct xfrm_selector *sel, xfrm_address_t *addr);
1006 978
@@ -1033,7 +1005,7 @@ static inline int xfrm_addr_cmp(xfrm_address_t *a, xfrm_address_t *b,
1033 switch (family) { 1005 switch (family) {
1034 default: 1006 default:
1035 case AF_INET: 1007 case AF_INET:
1036 return a->a4 - b->a4; 1008 return (__force __u32)a->a4 - (__force __u32)b->a4;
1037 case AF_INET6: 1009 case AF_INET6:
1038 return ipv6_addr_cmp((struct in6_addr *)a, 1010 return ipv6_addr_cmp((struct in6_addr *)a,
1039 (struct in6_addr *)b); 1011 (struct in6_addr *)b);
generated by cgit v1.2.2 (git 2.25.0) at 2024-10-26 05:31:54 -0400