56 files changed, 1224 insertions, 442 deletions

diff --git a/include/net/9p/9p.h b/include/net/9p/9p.h
new file mode 100644
index 000000000000..88884d39f28f
--- /dev/null
+++ b/include/net/9p/9p.h
@@ -0,0 +1,417 @@
+/*
+ * include/net/9p/9p.h
+ *
+ * 9P protocol definitions.
+ *
+ *  Copyright (C) 2005 by Latchesar Ionkov <lucho@ionkov.net>
+ *  Copyright (C) 2004 by Eric Van Hensbergen <ericvh@gmail.com>
+ *  Copyright (C) 2002 by Ron Minnich <rminnich@lanl.gov>
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License version 2
+ *  as published by the Free Software Foundation.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, write to:
+ *  Free Software Foundation
+ *  51 Franklin Street, Fifth Floor
+ *  Boston, MA  02111-1301  USA
+ *
+ */
+
+#ifndef NET_9P_H
+#define NET_9P_H
+
+#ifdef CONFIG_NET_9P_DEBUG
+
+#define P9_DEBUG_ERROR          (1<<0)
+#define P9_DEBUG_9P             (1<<2)
+#define P9_DEBUG_VFS            (1<<3)
+#define P9_DEBUG_CONV           (1<<4)
+#define P9_DEBUG_MUX            (1<<5)
+#define P9_DEBUG_TRANS          (1<<6)
+#define P9_DEBUG_SLABS          (1<<7)
+#define P9_DEBUG_FCALL          (1<<8)
+
+extern unsigned int p9_debug_level;
+
+#define P9_DPRINTK(level, format, arg...) \
+do {  \
+        if ((p9_debug_level & level) == level) \
+                printk(KERN_NOTICE "-- %s (%d): " \
+                format , __FUNCTION__, current->pid , ## arg); \
+} while (0)
+
+#define PRINT_FCALL_ERROR(s, fcall) P9_DPRINTK(P9_DEBUG_ERROR,   \
+        "%s: %.*s\n", s, fcall?fcall->params.rerror.error.len:0, \
+        fcall?fcall->params.rerror.error.str:"");
+
+#else
+#define P9_DPRINTK(level, format, arg...)  do { } while (0)
+#define PRINT_FCALL_ERROR(s, fcall) do { } while (0)
+#endif
+
+#define P9_EPRINTK(level, format, arg...) \
+do { \
+        printk(level "9p: %s (%d): " \
+                format , __FUNCTION__, current->pid , ## arg); \
+} while (0)
+
+
+/* Message Types */
+enum {
+        P9_TVERSION = 100,
+        P9_RVERSION,
+        P9_TAUTH = 102,
+        P9_RAUTH,
+        P9_TATTACH = 104,
+        P9_RATTACH,
+        P9_TERROR = 106,
+        P9_RERROR,
+        P9_TFLUSH = 108,
+        P9_RFLUSH,
+        P9_TWALK = 110,
+        P9_RWALK,
+        P9_TOPEN = 112,
+        P9_ROPEN,
+        P9_TCREATE = 114,
+        P9_RCREATE,
+        P9_TREAD = 116,
+        P9_RREAD,
+        P9_TWRITE = 118,
+        P9_RWRITE,
+        P9_TCLUNK = 120,
+        P9_RCLUNK,
+        P9_TREMOVE = 122,
+        P9_RREMOVE,
+        P9_TSTAT = 124,
+        P9_RSTAT,
+        P9_TWSTAT = 126,
+        P9_RWSTAT,
+};
+
+/* open modes */
+enum {
+        P9_OREAD = 0x00,
+        P9_OWRITE = 0x01,
+        P9_ORDWR = 0x02,
+        P9_OEXEC = 0x03,
+        P9_OEXCL = 0x04,
+        P9_OTRUNC = 0x10,
+        P9_OREXEC = 0x20,
+        P9_ORCLOSE = 0x40,
+        P9_OAPPEND = 0x80,
+};
+
+/* permissions */
+enum {
+        P9_DMDIR = 0x80000000,
+        P9_DMAPPEND = 0x40000000,
+        P9_DMEXCL = 0x20000000,
+        P9_DMMOUNT = 0x10000000,
+        P9_DMAUTH = 0x08000000,
+        P9_DMTMP = 0x04000000,
+        P9_DMSYMLINK = 0x02000000,
+        P9_DMLINK = 0x01000000,
+        /* 9P2000.u extensions */
+        P9_DMDEVICE = 0x00800000,
+        P9_DMNAMEDPIPE = 0x00200000,
+        P9_DMSOCKET = 0x00100000,
+        P9_DMSETUID = 0x00080000,
+        P9_DMSETGID = 0x00040000,
+};
+
+/* qid.types */
+enum {
+        P9_QTDIR = 0x80,
+        P9_QTAPPEND = 0x40,
+        P9_QTEXCL = 0x20,
+        P9_QTMOUNT = 0x10,
+        P9_QTAUTH = 0x08,
+        P9_QTTMP = 0x04,
+        P9_QTSYMLINK = 0x02,
+        P9_QTLINK = 0x01,
+        P9_QTFILE = 0x00,
+};
+
+#define P9_NOTAG        (u16)(~0)
+#define P9_NOFID        (u32)(~0)
+#define P9_MAXWELEM     16
+
+/* ample room for Twrite/Rread header */
+#define P9_IOHDRSZ      24
+
+struct p9_str {
+        u16 len;
+        char *str;
+};
+
+/* qids are the unique ID for a file (like an inode */
+struct p9_qid {
+        u8 type;
+        u32 version;
+        u64 path;
+};
+
+/* Plan 9 file metadata (stat) structure */
+struct p9_stat {
+        u16 size;
+        u16 type;
+        u32 dev;
+        struct p9_qid qid;
+        u32 mode;
+        u32 atime;
+        u32 mtime;
+        u64 length;
+        struct p9_str name;
+        struct p9_str uid;
+        struct p9_str gid;
+        struct p9_str muid;
+        struct p9_str extension;        /* 9p2000.u extensions */
+        u32 n_uid;                      /* 9p2000.u extensions */
+        u32 n_gid;                      /* 9p2000.u extensions */
+        u32 n_muid;                     /* 9p2000.u extensions */
+};
+
+/* file metadata (stat) structure used to create Twstat message
+   The is similar to p9_stat, but the strings don't point to
+   the same memory block and should be freed separately
+*/
+struct p9_wstat {
+        u16 size;
+        u16 type;
+        u32 dev;
+        struct p9_qid qid;
+        u32 mode;
+        u32 atime;
+        u32 mtime;
+        u64 length;
+        char *name;
+        char *uid;
+        char *gid;
+        char *muid;
+        char *extension;        /* 9p2000.u extensions */
+        u32 n_uid;              /* 9p2000.u extensions */
+        u32 n_gid;              /* 9p2000.u extensions */
+        u32 n_muid;             /* 9p2000.u extensions */
+};
+
+/* Structures for Protocol Operations */
+struct p9_tversion {
+        u32 msize;
+        struct p9_str version;
+};
+
+struct p9_rversion {
+        u32 msize;
+        struct p9_str version;
+};
+
+struct p9_tauth {
+        u32 afid;
+        struct p9_str uname;
+        struct p9_str aname;
+};
+
+struct p9_rauth {
+        struct p9_qid qid;
+};
+
+struct p9_rerror {
+        struct p9_str error;
+        u32 errno;              /* 9p2000.u extension */
+};
+
+struct p9_tflush {
+        u16 oldtag;
+};
+
+struct p9_rflush {
+};
+
+struct p9_tattach {
+        u32 fid;
+        u32 afid;
+        struct p9_str uname;
+        struct p9_str aname;
+};
+
+struct p9_rattach {
+        struct p9_qid qid;
+};
+
+struct p9_twalk {
+        u32 fid;
+        u32 newfid;
+        u16 nwname;
+        struct p9_str wnames[16];
+};
+
+struct p9_rwalk {
+        u16 nwqid;
+        struct p9_qid wqids[16];
+};
+
+struct p9_topen {
+        u32 fid;
+        u8 mode;
+};
+
+struct p9_ropen {
+        struct p9_qid qid;
+        u32 iounit;
+};
+
+struct p9_tcreate {
+        u32 fid;
+        struct p9_str name;
+        u32 perm;
+        u8 mode;
+        struct p9_str extension;
+};
+
+struct p9_rcreate {
+        struct p9_qid qid;
+        u32 iounit;
+};
+
+struct p9_tread {
+        u32 fid;
+        u64 offset;
+        u32 count;
+};
+
+struct p9_rread {
+        u32 count;
+        u8 *data;
+};
+
+struct p9_twrite {
+        u32 fid;
+        u64 offset;
+        u32 count;
+        u8 *data;
+};
+
+struct p9_rwrite {
+        u32 count;
+};
+
+struct p9_tclunk {
+        u32 fid;
+};
+
+struct p9_rclunk {
+};
+
+struct p9_tremove {
+        u32 fid;
+};
+
+struct p9_rremove {
+};
+
+struct p9_tstat {
+        u32 fid;
+};
+
+struct p9_rstat {
+        struct p9_stat stat;
+};
+
+struct p9_twstat {
+        u32 fid;
+        struct p9_stat stat;
+};
+
+struct p9_rwstat {
+};
+
+/*
+  * fcall is the primary packet structure
+  *
+  */
+
+struct p9_fcall {
+        u32 size;
+        u8 id;
+        u16 tag;
+        void *sdata;
+
+        union {
+                struct p9_tversion tversion;
+                struct p9_rversion rversion;
+                struct p9_tauth tauth;
+                struct p9_rauth rauth;
+                struct p9_rerror rerror;
+                struct p9_tflush tflush;
+                struct p9_rflush rflush;
+                struct p9_tattach tattach;
+                struct p9_rattach rattach;
+                struct p9_twalk twalk;
+                struct p9_rwalk rwalk;
+                struct p9_topen topen;
+                struct p9_ropen ropen;
+                struct p9_tcreate tcreate;
+                struct p9_rcreate rcreate;
+                struct p9_tread tread;
+                struct p9_rread rread;
+                struct p9_twrite twrite;
+                struct p9_rwrite rwrite;
+                struct p9_tclunk tclunk;
+                struct p9_rclunk rclunk;
+                struct p9_tremove tremove;
+                struct p9_rremove rremove;
+                struct p9_tstat tstat;
+                struct p9_rstat rstat;
+                struct p9_twstat twstat;
+                struct p9_rwstat rwstat;
+        } params;
+};
+
+struct p9_idpool;
+
+int p9_deserialize_stat(void *buf, u32 buflen, struct p9_stat *stat,
+        int dotu);
+int p9_deserialize_fcall(void *buf, u32 buflen, struct p9_fcall *fc, int dotu);
+void p9_set_tag(struct p9_fcall *fc, u16 tag);
+struct p9_fcall *p9_create_tversion(u32 msize, char *version);
+struct p9_fcall *p9_create_tattach(u32 fid, u32 afid, char *uname,
+        char *aname);
+struct p9_fcall *p9_create_tauth(u32 afid, char *uname, char *aname);
+struct p9_fcall *p9_create_tflush(u16 oldtag);
+struct p9_fcall *p9_create_twalk(u32 fid, u32 newfid, u16 nwname,
+        char **wnames);
+struct p9_fcall *p9_create_topen(u32 fid, u8 mode);
+struct p9_fcall *p9_create_tcreate(u32 fid, char *name, u32 perm, u8 mode,
+        char *extension, int dotu);
+struct p9_fcall *p9_create_tread(u32 fid, u64 offset, u32 count);
+struct p9_fcall *p9_create_twrite(u32 fid, u64 offset, u32 count,
+        const char *data);
+struct p9_fcall *p9_create_twrite_u(u32 fid, u64 offset, u32 count,
+        const char __user *data);
+struct p9_fcall *p9_create_tclunk(u32 fid);
+struct p9_fcall *p9_create_tremove(u32 fid);
+struct p9_fcall *p9_create_tstat(u32 fid);
+struct p9_fcall *p9_create_twstat(u32 fid, struct p9_wstat *wstat,
+        int dotu);
+
+int p9_printfcall(char *buf, int buflen, struct p9_fcall *fc, int dotu);
+int p9_errstr2errno(char *errstr, int len);
+
+struct p9_idpool *p9_idpool_create(void);
+void p9_idpool_destroy(struct p9_idpool *);
+int p9_idpool_get(struct p9_idpool *p);
+void p9_idpool_put(int id, struct p9_idpool *p);
+int p9_idpool_check(int id, struct p9_idpool *p);
+
+int p9_error_init(void);
+int p9_errstr2errno(char *, int);
+int __init p9_sysctl_register(void);
+void __exit p9_sysctl_unregister(void);
+#endif /* NET_9P_H */
diff --git a/include/net/9p/client.h b/include/net/9p/client.h
new file mode 100644
index 000000000000..d65ed7c69063
--- /dev/null
+++ b/include/net/9p/client.h
@@ -0,0 +1,80 @@
+/*
+ * include/net/9p/client.h
+ *
+ * 9P Client Definitions
+ *
+ *  Copyright (C) 2007 by Latchesar Ionkov <lucho@ionkov.net>
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License version 2
+ *  as published by the Free Software Foundation.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, write to:
+ *  Free Software Foundation
+ *  51 Franklin Street, Fifth Floor
+ *  Boston, MA  02111-1301  USA
+ *
+ */
+
+#ifndef NET_9P_CLIENT_H
+#define NET_9P_CLIENT_H
+
+struct p9_client {
+        spinlock_t lock; /* protect client structure */
+        int msize;
+        unsigned char dotu;
+        struct p9_transport *trans;
+        struct p9_conn *conn;
+
+        struct p9_idpool *fidpool;
+        struct list_head fidlist;
+};
+
+struct p9_fid {
+        struct p9_client *clnt;
+        u32 fid;
+        int mode;
+        struct p9_qid qid;
+        u32 iounit;
+        uid_t uid;
+        void *aux;
+
+        int rdir_fpos;
+        int rdir_pos;
+        struct p9_fcall *rdir_fcall;
+        struct list_head flist;
+        struct list_head dlist; /* list of all fids attached to a dentry */
+};
+
+struct p9_client *p9_client_create(struct p9_transport *trans, int msize,
+                                                                int dotu);
+void p9_client_destroy(struct p9_client *clnt);
+void p9_client_disconnect(struct p9_client *clnt);
+struct p9_fid *p9_client_attach(struct p9_client *clnt, struct p9_fid *afid,
+                                                     char *uname, char *aname);
+struct p9_fid *p9_client_auth(struct p9_client *clnt, char *uname, char *aname);
+struct p9_fid *p9_client_walk(struct p9_fid *oldfid, int nwname, char **wnames,
+                                                                int clone);
+int p9_client_open(struct p9_fid *fid, int mode);
+int p9_client_fcreate(struct p9_fid *fid, char *name, u32 perm, int mode,
+                                                        char *extension);
+int p9_client_clunk(struct p9_fid *fid);
+int p9_client_remove(struct p9_fid *fid);
+int p9_client_read(struct p9_fid *fid, char *data, u64 offset, u32 count);
+int p9_client_readn(struct p9_fid *fid, char *data, u64 offset, u32 count);
+int p9_client_write(struct p9_fid *fid, char *data, u64 offset, u32 count);
+int p9_client_uread(struct p9_fid *fid, char __user *data, u64 offset,
+                                                                u32 count);
+int p9_client_uwrite(struct p9_fid *fid, const char __user *data, u64 offset,
+                                                                u32 count);
+struct p9_stat *p9_client_stat(struct p9_fid *fid);
+int p9_client_wstat(struct p9_fid *fid, struct p9_wstat *wst);
+struct p9_stat *p9_client_dirread(struct p9_fid *fid, u64 offset);
+
+#endif /* NET_9P_CLIENT_H */
diff --git a/include/net/9p/conn.h b/include/net/9p/conn.h
new file mode 100644
index 000000000000..583b6a2cb3df
--- /dev/null
+++ b/include/net/9p/conn.h
@@ -0,0 +1,57 @@
+/*
+ * include/net/9p/conn.h
+ *
+ * Connection Definitions
+ *
+ *  Copyright (C) 2005 by Latchesar Ionkov <lucho@ionkov.net>
+ *  Copyright (C) 2004 by Eric Van Hensbergen <ericvh@gmail.com>
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License version 2
+ *  as published by the Free Software Foundation.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, write to:
+ *  Free Software Foundation
+ *  51 Franklin Street, Fifth Floor
+ *  Boston, MA  02111-1301  USA
+ *
+ */
+
+#ifndef NET_9P_CONN_H
+#define NET_9P_CONN_H
+
+#undef P9_NONBLOCK
+
+struct p9_conn;
+struct p9_req;
+
+/**
+ * p9_mux_req_callback - callback function that is called when the
+ * response of a request is received. The callback is called from
+ * a workqueue and shouldn't block.
+ *
+ * @req - request
+ * @a - the pointer that was specified when the request was send to be
+ *      passed to the callback
+ */
+typedef void (*p9_conn_req_callback)(struct p9_req *req, void *a);
+
+struct p9_conn *p9_conn_create(struct p9_transport *trans, int msize,
+        unsigned char *dotu);
+void p9_conn_destroy(struct p9_conn *);
+int p9_conn_rpc(struct p9_conn *m, struct p9_fcall *tc, struct p9_fcall **rc);
+
+#ifdef P9_NONBLOCK
+int p9_conn_rpcnb(struct p9_conn *m, struct p9_fcall *tc,
+        p9_conn_req_callback cb, void *a);
+#endif /* P9_NONBLOCK */
+
+void p9_conn_cancel(struct p9_conn *m, int err);
+
+#endif /* NET_9P_CONN_H */
diff --git a/include/net/9p/transport.h b/include/net/9p/transport.h
new file mode 100644
index 000000000000..462d42279fb0
--- /dev/null
+++ b/include/net/9p/transport.h
@@ -0,0 +1,49 @@
+/*
+ * include/net/9p/transport.h
+ *
+ * Transport Definition
+ *
+ *  Copyright (C) 2005 by Latchesar Ionkov <lucho@ionkov.net>
+ *  Copyright (C) 2004 by Eric Van Hensbergen <ericvh@gmail.com>
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License version 2
+ *  as published by the Free Software Foundation.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, write to:
+ *  Free Software Foundation
+ *  51 Franklin Street, Fifth Floor
+ *  Boston, MA  02111-1301  USA
+ *
+ */
+
+#ifndef NET_9P_TRANSPORT_H
+#define NET_9P_TRANSPORT_H
+
+enum p9_transport_status {
+        Connected,
+        Disconnected,
+        Hung,
+};
+
+struct p9_transport {
+        enum p9_transport_status status;
+        void *priv;
+
+        int (*write) (struct p9_transport *, void *, int);
+        int (*read) (struct p9_transport *, void *, int);
+        void (*close) (struct p9_transport *);
+        unsigned int (*poll)(struct p9_transport *, struct poll_table_struct *);
+};
+
+struct p9_transport *p9_trans_create_tcp(const char *addr, int port);
+struct p9_transport *p9_trans_create_unix(const char *addr);
+struct p9_transport *p9_trans_create_fd(int rfd, int wfd);
+
+#endif /* NET_9P_TRANSPORT_H */
diff --git a/include/net/act_api.h b/include/net/act_api.h
index 8b06c2f3657f..68b4eaf7719d 100644
--- a/include/net/act_api.h
+++ b/include/net/act_api.h
@@ -19,7 +19,6 @@ struct tcf_common {
         struct gnet_stats_basic         tcfc_bstats;
         struct gnet_stats_queue         tcfc_qstats;
         struct gnet_stats_rate_est      tcfc_rate_est;
-        spinlock_t                      *tcfc_stats_lock;
         spinlock_t                      tcfc_lock;
 };
 #define tcf_next        common.tcfc_next
@@ -32,7 +31,6 @@ struct tcf_common {
 #define tcf_bstats      common.tcfc_bstats
 #define tcf_qstats      common.tcfc_qstats
 #define tcf_rate_est    common.tcfc_rate_est
-#define tcf_stats_lock  common.tcfc_stats_lock
 #define tcf_lock        common.tcfc_lock
 
 struct tcf_police {
@@ -123,34 +121,4 @@ extern int tcf_action_dump_old(struct sk_buff *skb, struct tc_action *a, int, in
 extern int tcf_action_dump_1(struct sk_buff *skb, struct tc_action *a, int, int);
 extern int tcf_action_copy_stats (struct sk_buff *,struct tc_action *, int);
 #endif /* CONFIG_NET_CLS_ACT */
-
-extern int tcf_police(struct sk_buff *skb, struct tcf_police *p);
-extern void tcf_police_destroy(struct tcf_police *p);
-extern struct tcf_police * tcf_police_locate(struct rtattr *rta, struct rtattr *est);
-extern int tcf_police_dump(struct sk_buff *skb, struct tcf_police *p);
-extern int tcf_police_dump_stats(struct sk_buff *skb, struct tcf_police *p);
-
-static inline int
-tcf_police_release(struct tcf_police *p, int bind)
-{
-        int ret = 0;
-#ifdef CONFIG_NET_CLS_ACT
-        if (p) {
-                if (bind)
-                        p->tcf_bindcnt--;
-
-                p->tcf_refcnt--;
-                if (p->tcf_refcnt <= 0 && !p->tcf_bindcnt) {
-                        tcf_police_destroy(p);
-                        ret = 1;
-                }
-        }
-#else
-        if (p && --p->tcf_refcnt == 0)
-                tcf_police_destroy(p);
-
-#endif /* CONFIG_NET_CLS_ACT */
-        return ret;
-}
-
 #endif
diff --git a/include/net/addrconf.h b/include/net/addrconf.h
index f3531d0bcd05..33b593e17441 100644
--- a/include/net/addrconf.h
+++ b/include/net/addrconf.h
@@ -61,7 +61,7 @@ extern int			addrconf_set_dstaddr(void __user *arg);
 extern int                      ipv6_chk_addr(struct in6_addr *addr,
                                               struct net_device *dev,
                                               int strict);
-#ifdef CONFIG_IPV6_MIP6
+#if defined(CONFIG_IPV6_MIP6) || defined(CONFIG_IPV6_MIP6_MODULE)
 extern int                      ipv6_chk_home_addr(struct in6_addr *addr);
 #endif
 extern struct inet6_ifaddr *    ipv6_get_ifaddr(struct in6_addr *addr,
diff --git a/include/net/af_unix.h b/include/net/af_unix.h
index c0398f5a8cb9..6de1e9e35c73 100644
--- a/include/net/af_unix.h
+++ b/include/net/af_unix.h
@@ -62,13 +62,11 @@ struct unix_skb_parms {
 #define UNIXCREDS(skb)  (&UNIXCB((skb)).creds)
 #define UNIXSID(skb)    (&UNIXCB((skb)).secid)
 
-#define unix_state_rlock(s)     spin_lock(&unix_sk(s)->lock)
-#define unix_state_runlock(s)   spin_unlock(&unix_sk(s)->lock)
-#define unix_state_wlock(s)     spin_lock(&unix_sk(s)->lock)
-#define unix_state_wlock_nested(s) \
+#define unix_state_lock(s)      spin_lock(&unix_sk(s)->lock)
+#define unix_state_unlock(s)    spin_unlock(&unix_sk(s)->lock)
+#define unix_state_lock_nested(s) \
                                 spin_lock_nested(&unix_sk(s)->lock, \
                                 SINGLE_DEPTH_NESTING)
-#define unix_state_wunlock(s)   spin_unlock(&unix_sk(s)->lock)
 
 #ifdef __KERNEL__
 /* The AF_UNIX socket */
@@ -81,9 +79,10 @@ struct unix_sock {
         struct mutex            readlock;
         struct sock             *peer;
         struct sock             *other;
-        struct sock             *gc_tree;
+        struct list_head        link;
         atomic_t                inflight;
         spinlock_t              lock;
+        unsigned int            gc_candidate : 1;
         wait_queue_head_t       peer_wait;
 };
 #define unix_sk(__sk) ((struct unix_sock *)__sk)
diff --git a/include/net/ax88796.h b/include/net/ax88796.h
new file mode 100644
index 000000000000..ee786a043b3d
--- /dev/null
+++ b/include/net/ax88796.h
@@ -0,0 +1,27 @@
+/* include/net/ax88796.h
+ *
+ * Copyright 2005 Simtec Electronics
+ *      Ben Dooks <ben@simtec.co.uk>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ *
+*/
+
+#ifndef __NET_AX88796_PLAT_H
+#define __NET_AX88796_PLAT_H
+
+#define AXFLG_HAS_EEPROM                (1<<0)
+#define AXFLG_MAC_FROMDEV               (1<<1)  /* device already has MAC */
+
+struct ax_plat_data {
+        unsigned int     flags;
+        unsigned char    wordlength;            /* 1 or 2 */
+        unsigned char    dcr_val;               /* default value for DCR */
+        unsigned char    rcr_val;               /* default value for RCR */
+        unsigned char    gpoc_val;              /* default value for GPOC */
+        u32             *reg_offsets;           /* register offsets */
+};
+
+#endif /* __NET_AX88796_PLAT_H */
diff --git a/include/net/bluetooth/hci.h b/include/net/bluetooth/hci.h
index 93ce272a5d27..ebfb96b41106 100644
--- a/include/net/bluetooth/hci.h
+++ b/include/net/bluetooth/hci.h
@@ -107,14 +107,14 @@ enum {
 #define HCI_IDLE_TIMEOUT        (6000)  /* 6 seconds */
 #define HCI_INIT_TIMEOUT        (10000) /* 10 seconds */
 
-/* HCI Packet types */
+/* HCI data types */
 #define HCI_COMMAND_PKT         0x01
 #define HCI_ACLDATA_PKT         0x02
 #define HCI_SCODATA_PKT         0x03
 #define HCI_EVENT_PKT           0x04
 #define HCI_VENDOR_PKT          0xff
 
-/* HCI Packet types */
+/* HCI packet types */
 #define HCI_DM1         0x0008
 #define HCI_DM3         0x0400
 #define HCI_DM5         0x4000
@@ -129,6 +129,14 @@ enum {
 #define SCO_PTYPE_MASK  (HCI_HV1 | HCI_HV2 | HCI_HV3)
 #define ACL_PTYPE_MASK  (~SCO_PTYPE_MASK)
 
+/* eSCO packet types */
+#define ESCO_HV1        0x0001
+#define ESCO_HV2        0x0002
+#define ESCO_HV3        0x0004
+#define ESCO_EV3        0x0008
+#define ESCO_EV4        0x0010
+#define ESCO_EV5        0x0020
+
 /* ACL flags */
 #define ACL_CONT                0x01
 #define ACL_START               0x02
@@ -138,6 +146,7 @@ enum {
 /* Baseband links */
 #define SCO_LINK        0x00
 #define ACL_LINK        0x01
+#define ESCO_LINK       0x02
 
 /* LMP features */
 #define LMP_3SLOT       0x01
@@ -162,6 +171,11 @@ enum {
 #define LMP_PSCHEME     0x02
 #define LMP_PCONTROL    0x04
 
+#define LMP_ESCO        0x80
+
+#define LMP_EV4         0x01
+#define LMP_EV5         0x02
+
 #define LMP_SNIFF_SUBR  0x02
 
 /* Connection modes */
diff --git a/include/net/bluetooth/hci_core.h b/include/net/bluetooth/hci_core.h
index c0fc39620f36..8f67c8a7169b 100644
--- a/include/net/bluetooth/hci_core.h
+++ b/include/net/bluetooth/hci_core.h
@@ -78,6 +78,7 @@ struct hci_dev {
         __u16           voice_setting;
 
         __u16           pkt_type;
+        __u16           esco_type;
         __u16           link_policy;
         __u16           link_mode;
 
@@ -109,6 +110,7 @@ struct hci_dev {
         struct sk_buff_head     cmd_q;
 
         struct sk_buff          *sent_cmd;
+        struct sk_buff          *reassembly[3];
 
         struct semaphore        req_lock;
         wait_queue_head_t       req_wait_q;
@@ -437,6 +439,8 @@ static inline int hci_recv_frame(struct sk_buff *skb)
         return 0;
 }
 
+int hci_recv_fragment(struct hci_dev *hdev, int type, void *data, int count);
+
 int hci_register_sysfs(struct hci_dev *hdev);
 void hci_unregister_sysfs(struct hci_dev *hdev);
 void hci_conn_add_sysfs(struct hci_conn *conn);
@@ -449,6 +453,7 @@ void hci_conn_del_sysfs(struct hci_conn *conn);
 #define lmp_encrypt_capable(dev)   ((dev)->features[0] & LMP_ENCRYPT)
 #define lmp_sniff_capable(dev)     ((dev)->features[0] & LMP_SNIFF)
 #define lmp_sniffsubr_capable(dev) ((dev)->features[5] & LMP_SNIFF_SUBR)
+#define lmp_esco_capable(dev)      ((dev)->features[3] & LMP_ESCO)
 
 /* ----- HCI protocols ----- */
 struct hci_proto {
diff --git a/include/net/bluetooth/rfcomm.h b/include/net/bluetooth/rfcomm.h
index 3c563f02907c..25aa575db807 100644
--- a/include/net/bluetooth/rfcomm.h
+++ b/include/net/bluetooth/rfcomm.h
@@ -323,6 +323,7 @@ int  rfcomm_connect_ind(struct rfcomm_session *s, u8 channel, struct rfcomm_dlc
 #define RFCOMM_RELEASE_ONHUP  1
 #define RFCOMM_HANGUP_NOW     2
 #define RFCOMM_TTY_ATTACHED   3
+#define RFCOMM_TTY_RELEASED   4
 
 struct rfcomm_dev_req {
         s16      dev_id;
diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h
index 88171f8ce58a..7edaef6b29d6 100644
--- a/include/net/cfg80211.h
+++ b/include/net/cfg80211.h
@@ -11,6 +11,44 @@
  * Copyright 2006 Johannes Berg <johannes@sipsolutions.net>
  */
 
+
+/* Radiotap header iteration
+ *   implemented in net/wireless/radiotap.c
+ *   docs in Documentation/networking/radiotap-headers.txt
+ */
+/**
+ * struct ieee80211_radiotap_iterator - tracks walk thru present radiotap args
+ * @rtheader: pointer to the radiotap header we are walking through
+ * @max_length: length of radiotap header in cpu byte ordering
+ * @this_arg_index: IEEE80211_RADIOTAP_... index of current arg
+ * @this_arg: pointer to current radiotap arg
+ * @arg_index: internal next argument index
+ * @arg: internal next argument pointer
+ * @next_bitmap: internal pointer to next present u32
+ * @bitmap_shifter: internal shifter for curr u32 bitmap, b0 set == arg present
+ */
+
+struct ieee80211_radiotap_iterator {
+        struct ieee80211_radiotap_header *rtheader;
+        int max_length;
+        int this_arg_index;
+        u8 *this_arg;
+
+        int arg_index;
+        u8 *arg;
+        __le32 *next_bitmap;
+        u32 bitmap_shifter;
+};
+
+extern int ieee80211_radiotap_iterator_init(
+   struct ieee80211_radiotap_iterator *iterator,
+   struct ieee80211_radiotap_header *radiotap_header,
+   int max_length);
+
+extern int ieee80211_radiotap_iterator_next(
+   struct ieee80211_radiotap_iterator *iterator);
+
+
 /* from net/wireless.h */
 struct wiphy;
 
diff --git a/include/net/cipso_ipv4.h b/include/net/cipso_ipv4.h
index 4f90f5554fac..a6bb94530cfd 100644
--- a/include/net/cipso_ipv4.h
+++ b/include/net/cipso_ipv4.h
@@ -203,12 +203,10 @@ static inline int cipso_v4_cache_add(const struct sk_buff *skb,
 
 #ifdef CONFIG_NETLABEL
 void cipso_v4_error(struct sk_buff *skb, int error, u32 gateway);
-int cipso_v4_socket_setattr(const struct socket *sock,
-                            const struct cipso_v4_doi *doi_def,
-                            const struct netlbl_lsm_secattr *secattr);
+int cipso_v4_sock_setattr(struct sock *sk,
+                          const struct cipso_v4_doi *doi_def,
+                          const struct netlbl_lsm_secattr *secattr);
 int cipso_v4_sock_getattr(struct sock *sk, struct netlbl_lsm_secattr *secattr);
-int cipso_v4_socket_getattr(const struct socket *sock,
-                            struct netlbl_lsm_secattr *secattr);
 int cipso_v4_skbuff_getattr(const struct sk_buff *skb,
                             struct netlbl_lsm_secattr *secattr);
 int cipso_v4_validate(unsigned char **option);
@@ -220,9 +218,9 @@ static inline void cipso_v4_error(struct sk_buff *skb,
         return;
 }
 
-static inline int cipso_v4_socket_setattr(const struct socket *sock,
-                                  const struct cipso_v4_doi *doi_def,
-                                  const struct netlbl_lsm_secattr *secattr)
+static inline int cipso_v4_sock_setattr(struct sock *sk,
+                                      const struct cipso_v4_doi *doi_def,
+                                      const struct netlbl_lsm_secattr *secattr)
 {
         return -ENOSYS;
 }
@@ -233,12 +231,6 @@ static inline int cipso_v4_sock_getattr(struct sock *sk,
         return -ENOSYS;
 }
 
-static inline int cipso_v4_socket_getattr(const struct socket *sock,
-                                          struct netlbl_lsm_secattr *secattr)
-{
-        return -ENOSYS;
-}
-
 static inline int cipso_v4_skbuff_getattr(const struct sk_buff *skb,
                                           struct netlbl_lsm_secattr *secattr)
 {
diff --git a/include/net/dn.h b/include/net/dn.h
index ac4ce9091747..627778384c84 100644
--- a/include/net/dn.h
+++ b/include/net/dn.h
@@ -3,7 +3,6 @@
 
 #include <linux/dn.h>
 #include <net/sock.h>
-#include <net/tcp.h>
 #include <asm/byteorder.h>
 
 #define dn_ntohs(x) le16_to_cpu(x)
diff --git a/include/net/dst.h b/include/net/dst.h
index 82270f9332db..e9ff4a4caef9 100644
--- a/include/net/dst.h
+++ b/include/net/dst.h
@@ -47,7 +47,6 @@ struct dst_entry
 #define DST_NOXFRM              2
 #define DST_NOPOLICY            4
 #define DST_NOHASH              8
-#define DST_BALANCED            0x10
         unsigned long           expires;
 
         unsigned short          header_len;     /* more space at head required */
diff --git a/include/net/fib_rules.h b/include/net/fib_rules.h
index ed3a8872c6ca..83e41dd15ccd 100644
--- a/include/net/fib_rules.h
+++ b/include/net/fib_rules.h
@@ -64,7 +64,7 @@ struct fib_rules_ops
         void                    (*flush_cache)(void);
 
         int                     nlgroup;
-        struct nla_policy       *policy;
+        const struct nla_policy *policy;
         struct list_head        *rules_list;
         struct module           *owner;
 };
diff --git a/include/net/flow.h b/include/net/flow.h
index f3cc1f812619..af59fa5cc1f8 100644
--- a/include/net/flow.h
+++ b/include/net/flow.h
@@ -67,20 +67,16 @@ struct flowi {
 
                 __be32          spi;
 
-#ifdef CONFIG_IPV6_MIP6
                 struct {
                         __u8    type;
                 } mht;
-#endif
         } uli_u;
 #define fl_ip_sport     uli_u.ports.sport
 #define fl_ip_dport     uli_u.ports.dport
 #define fl_icmp_type    uli_u.icmpt.type
 #define fl_icmp_code    uli_u.icmpt.code
 #define fl_ipsec_spi    uli_u.spi
-#ifdef CONFIG_IPV6_MIP6
 #define fl_mh_type      uli_u.mht.type
-#endif
         __u32           secid;  /* used by xfrm; see secid.txt */
 } __attribute__((__aligned__(BITS_PER_LONG/8)));
 
diff --git a/include/net/genetlink.h b/include/net/genetlink.h
index adff4c898d50..decdda546829 100644
--- a/include/net/genetlink.h
+++ b/include/net/genetlink.h
@@ -5,6 +5,22 @@
 #include <net/netlink.h>
 
 /**
+ * struct genl_multicast_group - generic netlink multicast group
+ * @name: name of the multicast group, names are per-family
+ * @id: multicast group ID, assigned by the core, to use with
+ *      genlmsg_multicast().
+ * @list: list entry for linking
+ * @family: pointer to family, need not be set before registering
+ */
+struct genl_multicast_group
+{
+        struct genl_family      *family;        /* private */
+        struct list_head        list;           /* private */
+        char                    name[GENL_NAMSIZ];
+        u32                     id;
+};
+
+/**
  * struct genl_family - generic netlink family
  * @id: protocol family idenfitier
  * @hdrsize: length of user specific header in bytes
@@ -14,6 +30,7 @@
  * @attrbuf: buffer to store parsed attributes
  * @ops_list: list of all assigned operations
  * @family_list: family list
+ * @mcast_groups: multicast groups list
  */
 struct genl_family
 {
@@ -25,6 +42,7 @@ struct genl_family
         struct nlattr **        attrbuf;        /* private */
         struct list_head        ops_list;       /* private */
         struct list_head        family_list;    /* private */
+        struct list_head        mcast_groups;   /* private */
 };
 
 /**
@@ -60,7 +78,7 @@ struct genl_ops
 {
         u8                      cmd;
         unsigned int            flags;
-        struct nla_policy       *policy;
+        const struct nla_policy *policy;
         int                    (*doit)(struct sk_buff *skb,
                                        struct genl_info *info);
         int                    (*dumpit)(struct sk_buff *skb,
@@ -73,6 +91,10 @@ extern int genl_register_family(struct genl_family *family);
 extern int genl_unregister_family(struct genl_family *family);
 extern int genl_register_ops(struct genl_family *, struct genl_ops *ops);
 extern int genl_unregister_ops(struct genl_family *, struct genl_ops *ops);
+extern int genl_register_mc_group(struct genl_family *family,
+                                  struct genl_multicast_group *grp);
+extern void genl_unregister_mc_group(struct genl_family *family,
+                                     struct genl_multicast_group *grp);
 
 extern struct sock *genl_sock;
 
diff --git a/include/net/inet_timewait_sock.h b/include/net/inet_timewait_sock.h
index 09a2532699b2..47d52b2414db 100644
--- a/include/net/inet_timewait_sock.h
+++ b/include/net/inet_timewait_sock.h
@@ -209,9 +209,6 @@ static inline void inet_twsk_put(struct inet_timewait_sock *tw)
 extern struct inet_timewait_sock *inet_twsk_alloc(const struct sock *sk,
                                                   const int state);
 
-extern void __inet_twsk_kill(struct inet_timewait_sock *tw,
-                             struct inet_hashinfo *hashinfo);
-
 extern void __inet_twsk_hashdance(struct inet_timewait_sock *tw,
                                   struct sock *sk,
                                   struct inet_hashinfo *hashinfo);
diff --git a/include/net/ip.h b/include/net/ip.h
index bb207db03675..abf2820a1125 100644
--- a/include/net/ip.h
+++ b/include/net/ip.h
@@ -143,6 +143,7 @@ struct ip_reply_arg {
         __wsum      csum;
         int         csumoffset; /* u16 offset of csum in iov[0].iov_base */
                                 /* -1 if not needed */ 
+        int         bound_dev_if;
 }; 
 
 void ip_send_reply(struct sock *sk, struct sk_buff *skb, struct ip_reply_arg *arg,
diff --git a/include/net/ip_fib.h b/include/net/ip_fib.h
index 5a4a0366c24f..8cadc77c7df4 100644
--- a/include/net/ip_fib.h
+++ b/include/net/ip_fib.h
@@ -39,7 +39,6 @@ struct fib_config {
         int                     fc_mx_len;
         int                     fc_mp_len;
         u32                     fc_flow;
-        u32                     fc_mp_alg;
         u32                     fc_nlflags;
         struct nl_info          fc_nlinfo;
  };
@@ -86,9 +85,6 @@ struct fib_info {
 #ifdef CONFIG_IP_ROUTE_MULTIPATH
         int                     fib_power;
 #endif
-#ifdef CONFIG_IP_ROUTE_MULTIPATH_CACHED
-        u32                     fib_mp_alg;
-#endif
         struct fib_nh           fib_nh[0];
 #define fib_dev         fib_nh[0].nh_dev
 };
@@ -103,10 +99,6 @@ struct fib_result {
         unsigned char   nh_sel;
         unsigned char   type;
         unsigned char   scope;
-#ifdef CONFIG_IP_ROUTE_MULTIPATH_CACHED
-        __be32          network;
-        __be32          netmask;
-#endif
         struct fib_info *fi;
 #ifdef CONFIG_IP_MULTIPLE_TABLES
         struct fib_rule *r;
@@ -145,14 +137,6 @@ struct fib_result_nl {
 #define FIB_RES_DEV(res)                (FIB_RES_NH(res).nh_dev)
 #define FIB_RES_OIF(res)                (FIB_RES_NH(res).nh_oif)
 
-#ifdef CONFIG_IP_ROUTE_MULTIPATH_CACHED
-#define FIB_RES_NETWORK(res)            ((res).network)
-#define FIB_RES_NETMASK(res)            ((res).netmask)
-#else /* CONFIG_IP_ROUTE_MULTIPATH_CACHED */
-#define FIB_RES_NETWORK(res)            (0)
-#define FIB_RES_NETMASK(res)            (0)
-#endif /* CONFIG_IP_ROUTE_MULTIPATH_WRANDOM */
-
 struct fib_table {
         struct hlist_node tb_hlist;
         u32             tb_id;
@@ -213,7 +197,7 @@ extern void fib_select_default(const struct flowi *flp, struct fib_result *res);
 #endif /* CONFIG_IP_MULTIPLE_TABLES */
 
 /* Exported by fib_frontend.c */
-extern struct nla_policy rtm_ipv4_policy[];
+extern const struct nla_policy rtm_ipv4_policy[];
 extern void             ip_fib_init(void);
 extern int fib_validate_source(__be32 src, __be32 dst, u8 tos, int oif,
                                struct net_device *dev, __be32 *spec_dst, u32 *itag);
diff --git a/include/net/ip_mp_alg.h b/include/net/ip_mp_alg.h
deleted file mode 100644
index 25b56571e54b..000000000000
--- a/include/net/ip_mp_alg.h
+++ /dev/null
@@ -1,96 +0,0 @@
-/* ip_mp_alg.h: IPV4 multipath algorithm support.
- *
- * Copyright (C) 2004, 2005 Einar Lueck <elueck@de.ibm.com>
- * Copyright (C) 2005 David S. Miller <davem@davemloft.net>
- */
-
-#ifndef _NET_IP_MP_ALG_H
-#define _NET_IP_MP_ALG_H
-
-#include <linux/ip_mp_alg.h>
-#include <net/flow.h>
-#include <net/route.h>
-
-struct fib_nh;
-
-struct ip_mp_alg_ops {
-        void    (*mp_alg_select_route)(const struct flowi *flp,
-                                       struct rtable *rth, struct rtable **rp);
-        void    (*mp_alg_flush)(void);
-        void    (*mp_alg_set_nhinfo)(__be32 network, __be32 netmask,
-                                     unsigned char prefixlen,
-                                     const struct fib_nh *nh);
-        void    (*mp_alg_remove)(struct rtable *rth);
-};
-
-extern int multipath_alg_register(struct ip_mp_alg_ops *, enum ip_mp_alg);
-extern void multipath_alg_unregister(struct ip_mp_alg_ops *, enum ip_mp_alg);
-
-extern struct ip_mp_alg_ops *ip_mp_alg_table[];
-
-static inline int multipath_select_route(const struct flowi *flp,
-                                         struct rtable *rth,
-                                         struct rtable **rp)
-{
-#ifdef CONFIG_IP_ROUTE_MULTIPATH_CACHED
-        struct ip_mp_alg_ops *ops = ip_mp_alg_table[rth->rt_multipath_alg];
-
-        /* mp_alg_select_route _MUST_ be implemented */
-        if (ops && (rth->u.dst.flags & DST_BALANCED)) {
-                ops->mp_alg_select_route(flp, rth, rp);
-                return 1;
-        }
-#endif
-        return 0;
-}
-
-static inline void multipath_flush(void)
-{
-#ifdef CONFIG_IP_ROUTE_MULTIPATH_CACHED
-        int i;
-
-        for (i = IP_MP_ALG_NONE; i <= IP_MP_ALG_MAX; i++) {
-                struct ip_mp_alg_ops *ops = ip_mp_alg_table[i];
-
-                if (ops && ops->mp_alg_flush)
-                        ops->mp_alg_flush();
-        }
-#endif
-}
-
-static inline void multipath_set_nhinfo(struct rtable *rth,
-                                        __be32 network, __be32 netmask,
-                                        unsigned char prefixlen,
-                                        const struct fib_nh *nh)
-{
-#ifdef CONFIG_IP_ROUTE_MULTIPATH_CACHED
-        struct ip_mp_alg_ops *ops = ip_mp_alg_table[rth->rt_multipath_alg];
-
-        if (ops && ops->mp_alg_set_nhinfo)
-                ops->mp_alg_set_nhinfo(network, netmask, prefixlen, nh);
-#endif
-}
-
-static inline void multipath_remove(struct rtable *rth)
-{
-#ifdef CONFIG_IP_ROUTE_MULTIPATH_CACHED
-        struct ip_mp_alg_ops *ops = ip_mp_alg_table[rth->rt_multipath_alg];
-
-        if (ops && ops->mp_alg_remove &&
-            (rth->u.dst.flags & DST_BALANCED))
-                ops->mp_alg_remove(rth);
-#endif
-}
-
-static inline int multipath_comparekeys(const struct flowi *flp1,
-                                        const struct flowi *flp2)
-{
-        return flp1->fl4_dst == flp2->fl4_dst &&
-                flp1->fl4_src == flp2->fl4_src &&
-                flp1->oif == flp2->oif &&
-                flp1->mark == flp2->mark &&
-                !((flp1->fl4_tos ^ flp2->fl4_tos) &
-                  (IPTOS_RT_MASK | RTO_ONLINK));
-}
-
-#endif /* _NET_IP_MP_ALG_H */
diff --git a/include/net/ipv6.h b/include/net/ipv6.h
index 78a0d06d98d5..46b9dce82f6e 100644
--- a/include/net/ipv6.h
+++ b/include/net/ipv6.h
@@ -512,10 +512,6 @@ extern int 			ipv6_ext_hdr(u8 nexthdr);
 
 extern int ipv6_find_tlv(struct sk_buff *skb, int offset, int type);
 
-extern struct ipv6_txoptions *  ipv6_invert_rthdr(struct sock *sk,
-                                                  struct ipv6_rt_hdr *hdr);
-
-
 /*
  *      socket options (ipv6_sockglue.c)
  */
diff --git a/include/net/irda/irda.h b/include/net/irda/irda.h
index 36bee441aa56..08387553b57e 100644
--- a/include/net/irda/irda.h
+++ b/include/net/irda/irda.h
@@ -125,6 +125,9 @@ extern void irda_sysctl_unregister(void);
 extern int irsock_init(void);
 extern void irsock_cleanup(void);
 
+extern int irda_nl_register(void);
+extern void irda_nl_unregister(void);
+
 extern int irlap_driver_rcv(struct sk_buff *skb, struct net_device *dev,
                             struct packet_type *ptype,
                             struct net_device *orig_dev);
diff --git a/include/net/irda/irlap.h b/include/net/irda/irlap.h
index f0248fb8e196..9d0c78ea92f5 100644
--- a/include/net/irda/irlap.h
+++ b/include/net/irda/irlap.h
@@ -208,6 +208,8 @@ struct irlap_cb {
         int    xbofs_delay;   /* Nr of XBOF's used to MTT */
         int    bofs_count;    /* Negotiated extra BOFs */
         int    next_bofs;     /* Negotiated extra BOFs after next frame */
+
+        int    mode;     /* IrLAP mode (primary, secondary or monitor) */
 };
 
 /* 
@@ -289,4 +291,21 @@ static inline void irlap_clear_disconnect(struct irlap_cb *self)
         self->disconnect_pending = FALSE;
 }
 
+/*
+ * Function irlap_next_state (self, state)
+ *
+ *    Switches state and provides debug information
+ *
+ */
+static inline void irlap_next_state(struct irlap_cb *self, IRLAP_STATE state)
+{
+        /*
+        if (!self || self->magic != LAP_MAGIC)
+                return;
+
+        IRDA_DEBUG(4, "next LAP state = %s\n", irlap_state[state]);
+        */
+        self->state = state;
+}
+
 #endif
diff --git a/include/net/iucv/af_iucv.h b/include/net/iucv/af_iucv.h
index f9bd11be1891..b6c468cd7f5b 100644
--- a/include/net/iucv/af_iucv.h
+++ b/include/net/iucv/af_iucv.h
@@ -60,6 +60,7 @@ struct iucv_sock {
         char                    dst_user_id[8];
         char                    dst_name[8];
         struct list_head        accept_q;
+        spinlock_t              accept_q_lock;
         struct sock             *parent;
         struct iucv_path        *path;
         struct sk_buff_head     send_skb_q;
diff --git a/include/net/mac80211.h b/include/net/mac80211.h
index a7f122b79948..c34fd9a6160a 100644
--- a/include/net/mac80211.h
+++ b/include/net/mac80211.h
@@ -347,9 +347,16 @@ enum ieee80211_if_types {
  * @mac_addr: pointer to MAC address of the interface. This pointer is valid
  *      until the interface is removed (i.e. it cannot be used after
  *      remove_interface() callback was called for this interface).
+ *      This pointer will be %NULL for monitor interfaces, be careful.
  *
  * This structure is used in add_interface() and remove_interface()
  * callbacks of &struct ieee80211_hw.
+ *
+ * When you allow multiple interfaces to be added to your PHY, take care
+ * that the hardware can actually handle multiple MAC addresses. However,
+ * also take care that when there's no interface left with mac_addr != %NULL
+ * you remove the MAC address from the device to avoid acknowledging packets
+ * in pure monitor mode.
  */
 struct ieee80211_if_init_conf {
         int if_id;
@@ -574,10 +581,11 @@ struct ieee80211_ops {
          * to returning zero. By returning non-zero addition of the interface
          * is inhibited. Unless monitor_during_oper is set, it is guaranteed
          * that monitor interfaces and normal interfaces are mutually
-         * exclusive. The open() handler is called after add_interface()
-         * if this is the first device added. At least one of the open()
-         * open() and add_interface() callbacks has to be assigned. If
-         * add_interface() is NULL, one STA interface is permitted only. */
+         * exclusive. If assigned, the open() handler is called after
+         * add_interface() if this is the first device added. The
+         * add_interface() callback has to be assigned because it is the only
+         * way to obtain the requested MAC address for any interface.
+         */
         int (*add_interface)(struct ieee80211_hw *hw,
                              struct ieee80211_if_init_conf *conf);
 
@@ -921,12 +929,6 @@ struct sk_buff *
 ieee80211_get_buffered_bc(struct ieee80211_hw *hw, int if_id,
                           struct ieee80211_tx_control *control);
 
-/* Low level drivers that have their own MLME and MAC indicate
- * the aid for an associating station with this call */
-int ieee80211_set_aid_for_sta(struct ieee80211_hw *hw,
-                              u8 *peer_address, u16 aid);
-
-
 /* Given an sk_buff with a raw 802.11 header at the data pointer this function
  * returns the 802.11 header length in bytes (not including encryption
  * headers). If the data in the sk_buff is too short to contain a valid 802.11
diff --git a/include/net/mip6.h b/include/net/mip6.h
index 68263c6d9996..63272610a24a 100644
--- a/include/net/mip6.h
+++ b/include/net/mip6.h
@@ -54,8 +54,4 @@ struct ip6_mh {
 #define IP6_MH_TYPE_BERROR      7   /* Binding Error */
 #define IP6_MH_TYPE_MAX         IP6_MH_TYPE_BERROR
 
-extern int mip6_init(void);
-extern void mip6_fini(void);
-extern int mip6_mh_filter(struct sock *sk, struct sk_buff *skb);
-
 #endif
diff --git a/include/net/netfilter/ipv4/nf_conntrack_ipv4.h b/include/net/netfilter/ipv4/nf_conntrack_ipv4.h
index 1401ccc051c4..7a671603fca6 100644
--- a/include/net/netfilter/ipv4/nf_conntrack_ipv4.h
+++ b/include/net/netfilter/ipv4/nf_conntrack_ipv4.h
@@ -9,29 +9,10 @@
 #ifndef _NF_CONNTRACK_IPV4_H
 #define _NF_CONNTRACK_IPV4_H
 
-#ifdef CONFIG_NF_NAT_NEEDED
-#include <net/netfilter/nf_nat.h>
-#include <linux/netfilter/nf_conntrack_pptp.h>
-
-/* per conntrack: nat application helper private data */
-union nf_conntrack_nat_help {
-        /* insert nat helper private data here */
-        struct nf_nat_pptp nat_pptp_info;
-};
-
-struct nf_conn_nat {
-        struct nf_nat_info info;
-        union nf_conntrack_nat_help help;
-#if defined(CONFIG_IP_NF_TARGET_MASQUERADE) || \
-        defined(CONFIG_IP_NF_TARGET_MASQUERADE_MODULE)
-        int masq_index;
-#endif
-};
-#endif /* CONFIG_NF_NAT_NEEDED */
-
 /* Returns new sk_buff, or NULL */
-struct sk_buff *
-nf_ct_ipv4_ct_gather_frags(struct sk_buff *skb);
+struct sk_buff *nf_ct_ipv4_ct_gather_frags(struct sk_buff *skb);
+
+extern struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv4;
 
 extern struct nf_conntrack_l4proto nf_conntrack_l4proto_tcp4;
 extern struct nf_conntrack_l4proto nf_conntrack_l4proto_udp4;
diff --git a/include/net/netfilter/ipv6/nf_conntrack_ipv6.h b/include/net/netfilter/ipv6/nf_conntrack_ipv6.h
index b4b6049e01fa..5a8965904377 100644
--- a/include/net/netfilter/ipv6/nf_conntrack_ipv6.h
+++ b/include/net/netfilter/ipv6/nf_conntrack_ipv6.h
@@ -7,7 +7,7 @@ extern struct nf_conntrack_l4proto nf_conntrack_l4proto_tcp6;
 extern struct nf_conntrack_l4proto nf_conntrack_l4proto_udp6;
 extern struct nf_conntrack_l4proto nf_conntrack_l4proto_icmpv6;
 
-extern int nf_ct_ipv6_skip_exthdr(struct sk_buff *skb, int start,
+extern int nf_ct_ipv6_skip_exthdr(const struct sk_buff *skb, int start,
                                   u8 *nexthdrp, int len);
 
 extern int nf_ct_frag6_init(void);
diff --git a/include/net/netfilter/nf_conntrack.h b/include/net/netfilter/nf_conntrack.h
index 4732432f8eb0..810020ec345d 100644
--- a/include/net/netfilter/nf_conntrack.h
+++ b/include/net/netfilter/nf_conntrack.h
@@ -82,6 +82,8 @@ struct nf_conn_help {
 
         union nf_conntrack_help help;
 
+        struct hlist_head expectations;
+
         /* Current number of expected connections */
         unsigned int expecting;
 };
@@ -117,9 +119,6 @@ struct nf_conn
         /* Unique ID that identifies this conntrack*/
         unsigned int id;
 
-        /* features - nat, helper, ... used by allocating system */
-        u_int32_t features;
-
 #if defined(CONFIG_NF_CONNTRACK_MARK)
         u_int32_t mark;
 #endif
@@ -131,8 +130,8 @@ struct nf_conn
         /* Storage reserved for other modules: */
         union nf_conntrack_proto proto;
 
-        /* features dynamically at the end: helper, nat (both optional) */
-        char data[0];
+        /* Extensions */
+        struct nf_ct_ext *ext;
 };
 
 static inline struct nf_conn *
@@ -175,6 +174,10 @@ static inline void nf_ct_put(struct nf_conn *ct)
 extern int nf_ct_l3proto_try_module_get(unsigned short l3proto);
 extern void nf_ct_l3proto_module_put(unsigned short l3proto);
 
+extern struct hlist_head *nf_ct_alloc_hashtable(int *sizep, int *vmalloced);
+extern void nf_ct_free_hashtable(struct hlist_head *hash, int vmalloced,
+                                 int size);
+
 extern struct nf_conntrack_tuple_hash *
 __nf_conntrack_find(const struct nf_conntrack_tuple *tuple,
                     const struct nf_conn *ignored_conntrack);
@@ -183,6 +186,10 @@ extern void nf_conntrack_hash_insert(struct nf_conn *ct);
 
 extern void nf_conntrack_flush(void);
 
+extern int nf_ct_get_tuplepr(const struct sk_buff *skb,
+                             unsigned int nhoff,
+                             u_int16_t l3num,
+                             struct nf_conntrack_tuple *tuple);
 extern int nf_ct_invert_tuplepr(struct nf_conntrack_tuple *inverse,
                                 const struct nf_conntrack_tuple *orig);
 
@@ -216,9 +223,6 @@ extern void nf_conntrack_tcp_update(struct sk_buff *skb,
                                     struct nf_conn *conntrack,
                                     int dir);
 
-/* Call me when a conntrack is destroyed. */
-extern void (*nf_conntrack_destroyed)(struct nf_conn *conntrack);
-
 /* Fake conntrack entry for untracked connections */
 extern struct nf_conn nf_conntrack_untracked;
 
@@ -262,60 +266,10 @@ do {							\
         local_bh_enable();                              \
 } while (0)
 
-/* no helper, no nat */
-#define NF_CT_F_BASIC   0
-/* for helper */
-#define NF_CT_F_HELP    1
-/* for nat. */
-#define NF_CT_F_NAT     2
-#define NF_CT_F_NUM     4
-
 extern int
 nf_conntrack_register_cache(u_int32_t features, const char *name, size_t size);
 extern void
 nf_conntrack_unregister_cache(u_int32_t features);
 
-/* valid combinations:
- * basic: nf_conn, nf_conn .. nf_conn_help
- * nat: nf_conn .. nf_conn_nat, nf_conn .. nf_conn_nat .. nf_conn help
- */
-#ifdef CONFIG_NF_NAT_NEEDED
-static inline struct nf_conn_nat *nfct_nat(const struct nf_conn *ct)
-{
-        unsigned int offset = sizeof(struct nf_conn);
-
-        if (!(ct->features & NF_CT_F_NAT))
-                return NULL;
-
-        offset = ALIGN(offset, __alignof__(struct nf_conn_nat));
-        return (struct nf_conn_nat *) ((void *)ct + offset);
-}
-
-static inline struct nf_conn_help *nfct_help(const struct nf_conn *ct)
-{
-        unsigned int offset = sizeof(struct nf_conn);
-
-        if (!(ct->features & NF_CT_F_HELP))
-                return NULL;
-        if (ct->features & NF_CT_F_NAT) {
-                offset = ALIGN(offset, __alignof__(struct nf_conn_nat));
-                offset += sizeof(struct nf_conn_nat);
-        }
-
-        offset = ALIGN(offset, __alignof__(struct nf_conn_help));
-        return (struct nf_conn_help *) ((void *)ct + offset);
-}
-#else /* No NAT */
-static inline struct nf_conn_help *nfct_help(const struct nf_conn *ct)
-{
-        unsigned int offset = sizeof(struct nf_conn);
-
-        if (!(ct->features & NF_CT_F_HELP))
-                return NULL;
-
-        offset = ALIGN(offset, __alignof__(struct nf_conn_help));
-        return (struct nf_conn_help *) ((void *)ct + offset);
-}
-#endif /* CONFIG_NF_NAT_NEEDED */
 #endif /* __KERNEL__ */
 #endif /* _NF_CONNTRACK_H */
diff --git a/include/net/netfilter/nf_conntrack_core.h b/include/net/netfilter/nf_conntrack_core.h
index 9fb906688ffa..4056f5f08da1 100644
--- a/include/net/netfilter/nf_conntrack_core.h
+++ b/include/net/netfilter/nf_conntrack_core.h
@@ -30,6 +30,9 @@ extern void nf_conntrack_cleanup(void);
 extern int nf_conntrack_proto_init(void);
 extern void nf_conntrack_proto_fini(void);
 
+extern int nf_conntrack_helper_init(void);
+extern void nf_conntrack_helper_fini(void);
+
 struct nf_conntrack_l3proto;
 extern struct nf_conntrack_l3proto *nf_ct_find_l3proto(u_int16_t pf);
 /* Like above, but you already have conntrack read lock. */
@@ -55,8 +58,7 @@ nf_ct_invert_tuple(struct nf_conntrack_tuple *inverse,
 
 /* Find a connection corresponding to a tuple. */
 extern struct nf_conntrack_tuple_hash *
-nf_conntrack_find_get(const struct nf_conntrack_tuple *tuple,
-                      const struct nf_conn *ignored_conntrack);
+nf_conntrack_find_get(const struct nf_conntrack_tuple *tuple);
 
 extern int __nf_conntrack_confirm(struct sk_buff **pskb);
 
@@ -81,9 +83,8 @@ print_tuple(struct seq_file *s, const struct nf_conntrack_tuple *tuple,
             struct nf_conntrack_l3proto *l3proto,
             struct nf_conntrack_l4proto *proto);
 
-extern struct list_head *nf_conntrack_hash;
-extern struct list_head nf_conntrack_expect_list;
+extern struct hlist_head *nf_conntrack_hash;
 extern rwlock_t nf_conntrack_lock ;
-extern struct list_head unconfirmed;
+extern struct hlist_head unconfirmed;
 
 #endif /* _NF_CONNTRACK_CORE_H */
diff --git a/include/net/netfilter/nf_conntrack_ecache.h b/include/net/netfilter/nf_conntrack_ecache.h
index 811c9073c532..f0b9078235c9 100644
--- a/include/net/netfilter/nf_conntrack_ecache.h
+++ b/include/net/netfilter/nf_conntrack_ecache.h
@@ -49,15 +49,15 @@ static inline void nf_conntrack_event(enum ip_conntrack_events event,
                 atomic_notifier_call_chain(&nf_conntrack_chain, event, ct);
 }
 
-extern struct atomic_notifier_head nf_conntrack_expect_chain;
-extern int nf_conntrack_expect_register_notifier(struct notifier_block *nb);
-extern int nf_conntrack_expect_unregister_notifier(struct notifier_block *nb);
+extern struct atomic_notifier_head nf_ct_expect_chain;
+extern int nf_ct_expect_register_notifier(struct notifier_block *nb);
+extern int nf_ct_expect_unregister_notifier(struct notifier_block *nb);
 
 static inline void
-nf_conntrack_expect_event(enum ip_conntrack_expect_events event,
-                          struct nf_conntrack_expect *exp)
+nf_ct_expect_event(enum ip_conntrack_expect_events event,
+                   struct nf_conntrack_expect *exp)
 {
-        atomic_notifier_call_chain(&nf_conntrack_expect_chain, event, exp);
+        atomic_notifier_call_chain(&nf_ct_expect_chain, event, exp);
 }
 
 #else /* CONFIG_NF_CONNTRACK_EVENTS */
@@ -67,9 +67,8 @@ static inline void nf_conntrack_event_cache(enum ip_conntrack_events event,
 static inline void nf_conntrack_event(enum ip_conntrack_events event,
                                       struct nf_conn *ct) {}
 static inline void nf_ct_deliver_cached_events(const struct nf_conn *ct) {}
-static inline void
-nf_conntrack_expect_event(enum ip_conntrack_expect_events event,
-                          struct nf_conntrack_expect *exp) {}
+static inline void nf_ct_expect_event(enum ip_conntrack_expect_events event,
+                                      struct nf_conntrack_expect *exp) {}
 static inline void nf_ct_event_cache_flush(void) {}
 #endif /* CONFIG_NF_CONNTRACK_EVENTS */
 
diff --git a/include/net/netfilter/nf_conntrack_expect.h b/include/net/netfilter/nf_conntrack_expect.h
index 173c7c1eff23..cae1a0dce365 100644
--- a/include/net/netfilter/nf_conntrack_expect.h
+++ b/include/net/netfilter/nf_conntrack_expect.h
@@ -6,17 +6,21 @@
 #define _NF_CONNTRACK_EXPECT_H
 #include <net/netfilter/nf_conntrack.h>
 
-extern struct list_head nf_conntrack_expect_list;
-extern struct kmem_cache *nf_conntrack_expect_cachep;
-extern const struct file_operations exp_file_ops;
+extern struct hlist_head *nf_ct_expect_hash;
+extern unsigned int nf_ct_expect_hsize;
+extern unsigned int nf_ct_expect_max;
 
 struct nf_conntrack_expect
 {
-        /* Internal linked list (global expectation list) */
-        struct list_head list;
+        /* Conntrack expectation list member */
+        struct hlist_node lnode;
+
+        /* Hash member */
+        struct hlist_node hnode;
 
         /* We expect this tuple, with the following mask */
-        struct nf_conntrack_tuple tuple, mask;
+        struct nf_conntrack_tuple tuple;
+        struct nf_conntrack_tuple_mask mask;
 
         /* Function to call after setup and insertion */
         void (*expectfn)(struct nf_conn *new,
@@ -52,29 +56,31 @@ struct nf_conntrack_expect
 
 #define NF_CT_EXPECT_PERMANENT 0x1
 
+int nf_conntrack_expect_init(void);
+void nf_conntrack_expect_fini(void);
 
 struct nf_conntrack_expect *
-__nf_conntrack_expect_find(const struct nf_conntrack_tuple *tuple);
+__nf_ct_expect_find(const struct nf_conntrack_tuple *tuple);
 
 struct nf_conntrack_expect *
-nf_conntrack_expect_find_get(const struct nf_conntrack_tuple *tuple);
+nf_ct_expect_find_get(const struct nf_conntrack_tuple *tuple);
 
 struct nf_conntrack_expect *
-find_expectation(const struct nf_conntrack_tuple *tuple);
+nf_ct_find_expectation(const struct nf_conntrack_tuple *tuple);
 
 void nf_ct_unlink_expect(struct nf_conntrack_expect *exp);
 void nf_ct_remove_expectations(struct nf_conn *ct);
-void nf_conntrack_unexpect_related(struct nf_conntrack_expect *exp);
+void nf_ct_unexpect_related(struct nf_conntrack_expect *exp);
 
 /* Allocate space for an expectation: this is mandatory before calling
-   nf_conntrack_expect_related.  You will have to call put afterwards. */
-struct nf_conntrack_expect *nf_conntrack_expect_alloc(struct nf_conn *me);
-void nf_conntrack_expect_init(struct nf_conntrack_expect *, int,
-                              union nf_conntrack_address *,
-                              union nf_conntrack_address *,
-                              u_int8_t, __be16 *, __be16 *);
-void nf_conntrack_expect_put(struct nf_conntrack_expect *exp);
-int nf_conntrack_expect_related(struct nf_conntrack_expect *expect);
+   nf_ct_expect_related.  You will have to call put afterwards. */
+struct nf_conntrack_expect *nf_ct_expect_alloc(struct nf_conn *me);
+void nf_ct_expect_init(struct nf_conntrack_expect *, int,
+                       union nf_conntrack_address *,
+                       union nf_conntrack_address *,
+                       u_int8_t, __be16 *, __be16 *);
+void nf_ct_expect_put(struct nf_conntrack_expect *exp);
+int nf_ct_expect_related(struct nf_conntrack_expect *expect);
 
 #endif /*_NF_CONNTRACK_EXPECT_H*/
 
diff --git a/include/net/netfilter/nf_conntrack_extend.h b/include/net/netfilter/nf_conntrack_extend.h
new file mode 100644
index 000000000000..73b5711faf32
--- /dev/null
+++ b/include/net/netfilter/nf_conntrack_extend.h
@@ -0,0 +1,85 @@
+#ifndef _NF_CONNTRACK_EXTEND_H
+#define _NF_CONNTRACK_EXTEND_H
+
+#include <net/netfilter/nf_conntrack.h>
+
+enum nf_ct_ext_id
+{
+        NF_CT_EXT_HELPER,
+        NF_CT_EXT_NAT,
+        NF_CT_EXT_NUM,
+};
+
+#define NF_CT_EXT_HELPER_TYPE struct nf_conn_help
+#define NF_CT_EXT_NAT_TYPE struct nf_conn_nat
+
+/* Extensions: optional stuff which isn't permanently in struct. */
+struct nf_ct_ext {
+        u8 offset[NF_CT_EXT_NUM];
+        u8 len;
+        u8 real_len;
+        char data[0];
+};
+
+static inline int nf_ct_ext_exist(const struct nf_conn *ct, u8 id)
+{
+        return (ct->ext && ct->ext->offset[id]);
+}
+
+static inline void *__nf_ct_ext_find(const struct nf_conn *ct, u8 id)
+{
+        if (!nf_ct_ext_exist(ct, id))
+                return NULL;
+
+        return (void *)ct->ext + ct->ext->offset[id];
+}
+#define nf_ct_ext_find(ext, id) \
+        ((id##_TYPE *)__nf_ct_ext_find((ext), (id)))
+
+/* Destroy all relationships */
+extern void __nf_ct_ext_destroy(struct nf_conn *ct);
+static inline void nf_ct_ext_destroy(struct nf_conn *ct)
+{
+        if (ct->ext)
+                __nf_ct_ext_destroy(ct);
+}
+
+/* Free operation. If you want to free a object referred from private area,
+ * please implement __nf_ct_ext_free() and call it.
+ */
+static inline void nf_ct_ext_free(struct nf_conn *ct)
+{
+        if (ct->ext)
+                kfree(ct->ext);
+}
+
+/* Add this type, returns pointer to data or NULL. */
+void *
+__nf_ct_ext_add(struct nf_conn *ct, enum nf_ct_ext_id id, gfp_t gfp);
+#define nf_ct_ext_add(ct, id, gfp) \
+        ((id##_TYPE *)__nf_ct_ext_add((ct), (id), (gfp)))
+
+#define NF_CT_EXT_F_PREALLOC    0x0001
+
+struct nf_ct_ext_type
+{
+        /* Destroys relationships (can be NULL). */
+        void (*destroy)(struct nf_conn *ct);
+        /* Called when realloacted (can be NULL).
+           Contents has already been moved. */
+        void (*move)(struct nf_conn *ct, void *old);
+
+        enum nf_ct_ext_id id;
+
+        unsigned int flags;
+
+        /* Length and min alignment. */
+        u8 len;
+        u8 align;
+        /* initial size of nf_ct_ext. */
+        u8 alloc_size;
+};
+
+int nf_ct_extend_register(struct nf_ct_ext_type *type);
+void nf_ct_extend_unregister(struct nf_ct_ext_type *type);
+#endif /* _NF_CONNTRACK_EXTEND_H */
diff --git a/include/net/netfilter/nf_conntrack_helper.h b/include/net/netfilter/nf_conntrack_helper.h
index 8c72ac9f0ab8..d04f99964d94 100644
--- a/include/net/netfilter/nf_conntrack_helper.h
+++ b/include/net/netfilter/nf_conntrack_helper.h
@@ -10,12 +10,13 @@
 #ifndef _NF_CONNTRACK_HELPER_H
 #define _NF_CONNTRACK_HELPER_H
 #include <net/netfilter/nf_conntrack.h>
+#include <net/netfilter/nf_conntrack_extend.h>
 
 struct module;
 
 struct nf_conntrack_helper
-{       
-        struct list_head list;          /* Internal use. */
+{
+        struct hlist_node hnode;        /* Internal use. */
 
         const char *name;               /* name of the module */
         struct module *me;              /* pointer to self */
@@ -23,10 +24,9 @@ struct nf_conntrack_helper
                                          * expected connections */
         unsigned int timeout;           /* timeout for expecteds */
 
-        /* Mask of things we will help (compared against server response) */
+        /* Tuple of things we will help (compared against server response) */
         struct nf_conntrack_tuple tuple;
-        struct nf_conntrack_tuple mask;
-        
+
         /* Function to call when data passes; return verdict, or -1 to
            invalidate. */
         int (*help)(struct sk_buff **pskb,
@@ -52,4 +52,10 @@ extern void nf_ct_helper_put(struct nf_conntrack_helper *helper);
 extern int nf_conntrack_helper_register(struct nf_conntrack_helper *);
 extern void nf_conntrack_helper_unregister(struct nf_conntrack_helper *);
 
+extern struct nf_conn_help *nf_ct_helper_ext_add(struct nf_conn *ct, gfp_t gfp);
+
+static inline struct nf_conn_help *nfct_help(const struct nf_conn *ct)
+{
+        return nf_ct_ext_find(ct, NF_CT_EXT_HELPER);
+}
 #endif /*_NF_CONNTRACK_HELPER_H*/
diff --git a/include/net/netfilter/nf_conntrack_l3proto.h b/include/net/netfilter/nf_conntrack_l3proto.h
index 96a58d8e1d3f..3c58a2c4df28 100644
--- a/include/net/netfilter/nf_conntrack_l3proto.h
+++ b/include/net/netfilter/nf_conntrack_l3proto.h
@@ -58,13 +58,11 @@ struct nf_conntrack_l3proto
 
         /*
          * Called before tracking. 
-         *      *dataoff: offset of protocol header (TCP, UDP,...) in *pskb
+         *      *dataoff: offset of protocol header (TCP, UDP,...) in skb
          *      *protonum: protocol number
          */
-        int (*prepare)(struct sk_buff **pskb, unsigned int hooknum,
-                       unsigned int *dataoff, u_int8_t *protonum);
-
-        u_int32_t (*get_features)(const struct nf_conntrack_tuple *tuple);
+        int (*get_l4proto)(const struct sk_buff *skb, unsigned int nhoff,
+                           unsigned int *dataoff, u_int8_t *protonum);
 
         int (*tuple_to_nfattr)(struct sk_buff *skb,
                                const struct nf_conntrack_tuple *t);
@@ -91,8 +89,6 @@ extern struct nf_conntrack_l3proto *nf_ct_l3proto_find_get(u_int16_t l3proto);
 extern void nf_ct_l3proto_put(struct nf_conntrack_l3proto *p);
 
 /* Existing built-in protocols */
-extern struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv4;
-extern struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv6;
 extern struct nf_conntrack_l3proto nf_conntrack_l3proto_generic;
 
 static inline struct nf_conntrack_l3proto *
diff --git a/include/net/netfilter/nf_conntrack_tuple.h b/include/net/netfilter/nf_conntrack_tuple.h
index 5d72b16e876f..040dae5f0c9e 100644
--- a/include/net/netfilter/nf_conntrack_tuple.h
+++ b/include/net/netfilter/nf_conntrack_tuple.h
@@ -100,6 +100,14 @@ struct nf_conntrack_tuple
         } dst;
 };
 
+struct nf_conntrack_tuple_mask
+{
+        struct {
+                union nf_conntrack_address u3;
+                union nf_conntrack_man_proto u;
+        } src;
+};
+
 /* This is optimized opposed to a memset of the whole structure.  Everything we
  * really care about is the  source/destination unions */
 #define NF_CT_TUPLE_U_BLANK(tuple)                                      \
@@ -112,11 +120,11 @@ struct nf_conntrack_tuple
 
 #ifdef __KERNEL__
 
-#define NF_CT_DUMP_TUPLE(tp)                                                \
-DEBUGP("tuple %p: %u %u " NIP6_FMT " %hu -> " NIP6_FMT " %hu\n",            \
-        (tp), (tp)->src.l3num, (tp)->dst.protonum,                          \
-        NIP6(*(struct in6_addr *)(tp)->src.u3.all), ntohs((tp)->src.u.all), \
-        NIP6(*(struct in6_addr *)(tp)->dst.u3.all), ntohs((tp)->dst.u.all))
+#define NF_CT_DUMP_TUPLE(tp)                                                 \
+pr_debug("tuple %p: %u %u " NIP6_FMT " %hu -> " NIP6_FMT " %hu\n",           \
+         (tp), (tp)->src.l3num, (tp)->dst.protonum,                          \
+         NIP6(*(struct in6_addr *)(tp)->src.u3.all), ntohs((tp)->src.u.all), \
+         NIP6(*(struct in6_addr *)(tp)->dst.u3.all), ntohs((tp)->dst.u.all))
 
 /* If we're the first tuple, it's the original dir. */
 #define NF_CT_DIRECTION(h)                                              \
@@ -125,8 +133,7 @@ DEBUGP("tuple %p: %u %u " NIP6_FMT " %hu -> " NIP6_FMT " %hu\n",	    \
 /* Connections have two entries in the hash table: one for each way */
 struct nf_conntrack_tuple_hash
 {
-        struct list_head list;
-
+        struct hlist_node hnode;
         struct nf_conntrack_tuple tuple;
 };
 
@@ -162,31 +169,44 @@ static inline int nf_ct_tuple_equal(const struct nf_conntrack_tuple *t1,
         return nf_ct_tuple_src_equal(t1, t2) && nf_ct_tuple_dst_equal(t1, t2);
 }
 
+static inline int nf_ct_tuple_mask_equal(const struct nf_conntrack_tuple_mask *m1,
+                                         const struct nf_conntrack_tuple_mask *m2)
+{
+        return (m1->src.u3.all[0] == m2->src.u3.all[0] &&
+                m1->src.u3.all[1] == m2->src.u3.all[1] &&
+                m1->src.u3.all[2] == m2->src.u3.all[2] &&
+                m1->src.u3.all[3] == m2->src.u3.all[3] &&
+                m1->src.u.all == m2->src.u.all);
+}
+
+static inline int nf_ct_tuple_src_mask_cmp(const struct nf_conntrack_tuple *t1,
+                                           const struct nf_conntrack_tuple *t2,
+                                           const struct nf_conntrack_tuple_mask *mask)
+{
+        int count;
+
+        for (count = 0; count < NF_CT_TUPLE_L3SIZE; count++) {
+                if ((t1->src.u3.all[count] ^ t2->src.u3.all[count]) &
+                    mask->src.u3.all[count])
+                        return 0;
+        }
+
+        if ((t1->src.u.all ^ t2->src.u.all) & mask->src.u.all)
+                return 0;
+
+        if (t1->src.l3num != t2->src.l3num ||
+            t1->dst.protonum != t2->dst.protonum)
+                return 0;
+
+        return 1;
+}
+
 static inline int nf_ct_tuple_mask_cmp(const struct nf_conntrack_tuple *t,
                                        const struct nf_conntrack_tuple *tuple,
-                                       const struct nf_conntrack_tuple *mask)
+                                       const struct nf_conntrack_tuple_mask *mask)
 {
-        int count = 0;
-
-        for (count = 0; count < NF_CT_TUPLE_L3SIZE; count++){
-                if ((t->src.u3.all[count] ^ tuple->src.u3.all[count]) &
-                    mask->src.u3.all[count])
-                        return 0;
-        }
-
-        for (count = 0; count < NF_CT_TUPLE_L3SIZE; count++){
-                if ((t->dst.u3.all[count] ^ tuple->dst.u3.all[count]) &
-                    mask->dst.u3.all[count])
-                        return 0;
-        }
-
-        if ((t->src.u.all ^ tuple->src.u.all) & mask->src.u.all ||
-            (t->dst.u.all ^ tuple->dst.u.all) & mask->dst.u.all ||
-            (t->src.l3num ^ tuple->src.l3num) & mask->src.l3num ||
-            (t->dst.protonum ^ tuple->dst.protonum) & mask->dst.protonum)
-                return 0;
-
-        return 1;
+        return nf_ct_tuple_src_mask_cmp(t, tuple, mask) &&
+               nf_ct_tuple_dst_equal(t, tuple);
 }
 
 #endif /* _NF_CONNTRACK_TUPLE_H */
diff --git a/include/net/netfilter/nf_nat.h b/include/net/netfilter/nf_nat.h
index bc57dd7b9b5c..6ae52f7c9f55 100644
--- a/include/net/netfilter/nf_nat.h
+++ b/include/net/netfilter/nf_nat.h
@@ -51,16 +51,31 @@ struct nf_nat_multi_range_compat
 
 #ifdef __KERNEL__
 #include <linux/list.h>
+#include <linux/netfilter/nf_conntrack_pptp.h>
+#include <net/netfilter/nf_conntrack_extend.h>
 
-/* The structure embedded in the conntrack structure. */
-struct nf_nat_info
+/* per conntrack: nat application helper private data */
+union nf_conntrack_nat_help
 {
-        struct list_head bysource;
-        struct nf_nat_seq seq[IP_CT_DIR_MAX];
+        /* insert nat helper private data here */
+        struct nf_nat_pptp nat_pptp_info;
 };
 
 struct nf_conn;
 
+/* The structure embedded in the conntrack structure. */
+struct nf_conn_nat
+{
+        struct hlist_node bysource;
+        struct nf_nat_seq seq[IP_CT_DIR_MAX];
+        struct nf_conn *ct;
+        union nf_conntrack_nat_help help;
+#if defined(CONFIG_IP_NF_TARGET_MASQUERADE) || \
+    defined(CONFIG_IP_NF_TARGET_MASQUERADE_MODULE)
+        int masq_index;
+#endif
+};
+
 /* Set up the info structure to map into this range. */
 extern unsigned int nf_nat_setup_info(struct nf_conn *ct,
                                       const struct nf_nat_range *range,
@@ -70,7 +85,10 @@ extern unsigned int nf_nat_setup_info(struct nf_conn *ct,
 extern int nf_nat_used_tuple(const struct nf_conntrack_tuple *tuple,
                              const struct nf_conn *ignored_conntrack);
 
-extern int nf_nat_module_is_loaded;
+static inline struct nf_conn_nat *nfct_nat(const struct nf_conn *ct)
+{
+        return nf_ct_ext_find(ct, NF_CT_EXT_NAT);
+}
 
 #else  /* !__KERNEL__: iptables wants this to compile. */
 #define nf_nat_multi_range nf_nat_multi_range_compat
diff --git a/include/net/netfilter/nf_nat_core.h b/include/net/netfilter/nf_nat_core.h
index 9778ffa93440..c3cd127ba4bb 100644
--- a/include/net/netfilter/nf_nat_core.h
+++ b/include/net/netfilter/nf_nat_core.h
@@ -2,6 +2,7 @@
 #define _NF_NAT_CORE_H
 #include <linux/list.h>
 #include <net/netfilter/nf_conntrack.h>
+#include <net/netfilter/nf_nat.h>
 
 /* This header used to share core functionality between the standalone
    NAT module, and the compatibility layer's use of NAT for masquerading. */
diff --git a/include/net/netlabel.h b/include/net/netlabel.h
index 83da7e1f0d3d..ffbc7f28335a 100644
--- a/include/net/netlabel.h
+++ b/include/net/netlabel.h
@@ -144,10 +144,9 @@ struct netlbl_lsm_secattr {
 };
 
 /*
- * LSM security attribute operations
+ * LSM security attribute operations (inline)
  */
 
-
 /**
  * netlbl_secattr_cache_alloc - Allocate and initialize a secattr cache
  * @flags: the memory allocation flags
@@ -283,6 +282,9 @@ static inline void netlbl_secattr_free(struct netlbl_lsm_secattr *secattr)
 }
 
 #ifdef CONFIG_NETLABEL
+/*
+ * LSM security attribute operations
+ */
 int netlbl_secattr_catmap_walk(struct netlbl_lsm_secattr_catmap *catmap,
                                u32 offset);
 int netlbl_secattr_catmap_walk_rng(struct netlbl_lsm_secattr_catmap *catmap,
@@ -294,6 +296,25 @@ int netlbl_secattr_catmap_setrng(struct netlbl_lsm_secattr_catmap *catmap,
                                  u32 start,
                                  u32 end,
                                  gfp_t flags);
+
+/*
+ * LSM protocol operations
+ */
+int netlbl_enabled(void);
+int netlbl_sock_setattr(struct sock *sk,
+                        const struct netlbl_lsm_secattr *secattr);
+int netlbl_sock_getattr(struct sock *sk,
+                        struct netlbl_lsm_secattr *secattr);
+int netlbl_skbuff_getattr(const struct sk_buff *skb,
+                          struct netlbl_lsm_secattr *secattr);
+void netlbl_skbuff_err(struct sk_buff *skb, int error);
+
+/*
+ * LSM label mapping cache operations
+ */
+void netlbl_cache_invalidate(void);
+int netlbl_cache_add(const struct sk_buff *skb,
+                     const struct netlbl_lsm_secattr *secattr);
 #else
 static inline int netlbl_secattr_catmap_walk(
                                       struct netlbl_lsm_secattr_catmap *catmap,
@@ -301,14 +322,12 @@ static inline int netlbl_secattr_catmap_walk(
 {
         return -ENOENT;
 }
-
 static inline int netlbl_secattr_catmap_walk_rng(
                                       struct netlbl_lsm_secattr_catmap *catmap,
                                       u32 offset)
 {
         return -ENOENT;
 }
-
 static inline int netlbl_secattr_catmap_setbit(
                                       struct netlbl_lsm_secattr_catmap *catmap,
                                       u32 bit,
@@ -316,7 +335,6 @@ static inline int netlbl_secattr_catmap_setbit(
 {
         return 0;
 }
-
 static inline int netlbl_secattr_catmap_setrng(
                                       struct netlbl_lsm_secattr_catmap *catmap,
                                       u32 start,
@@ -325,67 +343,33 @@ static inline int netlbl_secattr_catmap_setrng(
 {
         return 0;
 }
-#endif
-
-/*
- * LSM protocol operations
- */
-
-#ifdef CONFIG_NETLABEL
-int netlbl_socket_setattr(const struct socket *sock,
-                          const struct netlbl_lsm_secattr *secattr);
-int netlbl_sock_getattr(struct sock *sk,
-                        struct netlbl_lsm_secattr *secattr);
-int netlbl_socket_getattr(const struct socket *sock,
-                          struct netlbl_lsm_secattr *secattr);
-int netlbl_skbuff_getattr(const struct sk_buff *skb,
-                          struct netlbl_lsm_secattr *secattr);
-void netlbl_skbuff_err(struct sk_buff *skb, int error);
-#else
-static inline int netlbl_socket_setattr(const struct socket *sock,
+static inline int netlbl_enabled(void)
+{
+        return 0;
+}
+static inline int netlbl_sock_setattr(struct sock *sk,
                                      const struct netlbl_lsm_secattr *secattr)
 {
         return -ENOSYS;
 }
-
 static inline int netlbl_sock_getattr(struct sock *sk,
                                       struct netlbl_lsm_secattr *secattr)
 {
         return -ENOSYS;
 }
-
-static inline int netlbl_socket_getattr(const struct socket *sock,
-                                        struct netlbl_lsm_secattr *secattr)
-{
-        return -ENOSYS;
-}
-
 static inline int netlbl_skbuff_getattr(const struct sk_buff *skb,
                                         struct netlbl_lsm_secattr *secattr)
 {
         return -ENOSYS;
 }
-
 static inline void netlbl_skbuff_err(struct sk_buff *skb, int error)
 {
         return;
 }
-#endif /* CONFIG_NETLABEL */
-
-/*
- * LSM label mapping cache operations
- */
-
-#ifdef CONFIG_NETLABEL
-void netlbl_cache_invalidate(void);
-int netlbl_cache_add(const struct sk_buff *skb,
-                     const struct netlbl_lsm_secattr *secattr);
-#else
 static inline void netlbl_cache_invalidate(void)
 {
         return;
 }
-
 static inline int netlbl_cache_add(const struct sk_buff *skb,
                                    const struct netlbl_lsm_secattr *secattr)
 {
diff --git a/include/net/netlink.h b/include/net/netlink.h
index 0bf325c29aff..d7b824be5422 100644
--- a/include/net/netlink.h
+++ b/include/net/netlink.h
@@ -118,6 +118,9 @@
  * Nested Attributes Construction:
  *   nla_nest_start(skb, type)          start a nested attribute
  *   nla_nest_end(skb, nla)             finalize a nested attribute
+ *   nla_nest_compat_start(skb, type,   start a nested compat attribute
+ *                         len, data)
+ *   nla_nest_compat_end(skb, type)     finalize a nested compat attribute
  *   nla_nest_cancel(skb, nla)          cancel nested attribute construction
  *
  * Attribute Length Calculations:
@@ -152,6 +155,7 @@
  *   nla_find_nested()                  find attribute in nested attributes
  *   nla_parse()                        parse and validate stream of attrs
  *   nla_parse_nested()                 parse nested attribuets
+ *   nla_parse_nested_compat()          parse nested compat attributes
  *   nla_for_each_attr()                loop over all attributes
  *   nla_for_each_nested()              loop over the nested attributes
  *=========================================================================
@@ -170,6 +174,7 @@ enum {
         NLA_FLAG,
         NLA_MSECS,
         NLA_NESTED,
+        NLA_NESTED_COMPAT,
         NLA_NUL_STRING,
         NLA_BINARY,
         __NLA_TYPE_MAX,
@@ -190,6 +195,7 @@ enum {
  *    NLA_NUL_STRING       Maximum length of string (excluding NUL)
  *    NLA_FLAG             Unused
  *    NLA_BINARY           Maximum length of attribute payload
+ *    NLA_NESTED_COMPAT    Exact length of structure payload
  *    All other            Exact length of attribute payload
  *
  * Example:
@@ -222,10 +228,10 @@ extern int		nlmsg_notify(struct sock *sk, struct sk_buff *skb,
                                      gfp_t flags);
 
 extern int              nla_validate(struct nlattr *head, int len, int maxtype,
-                                     struct nla_policy *policy);
+                                     const struct nla_policy *policy);
 extern int              nla_parse(struct nlattr *tb[], int maxtype,
                                   struct nlattr *head, int len,
-                                  struct nla_policy *policy);
+                                  const struct nla_policy *policy);
 extern struct nlattr *  nla_find(struct nlattr *head, int len, int attrtype);
 extern size_t           nla_strlcpy(char *dst, const struct nlattr *nla,
                                     size_t dstsize);
@@ -360,7 +366,7 @@ static inline struct nlmsghdr *nlmsg_next(struct nlmsghdr *nlh, int *remaining)
  */
 static inline int nlmsg_parse(struct nlmsghdr *nlh, int hdrlen,
                               struct nlattr *tb[], int maxtype,
-                              struct nla_policy *policy)
+                              const struct nla_policy *policy)
 {
         if (nlh->nlmsg_len < nlmsg_msg_size(hdrlen))
                 return -EINVAL;
@@ -392,7 +398,7 @@ static inline struct nlattr *nlmsg_find_attr(struct nlmsghdr *nlh,
  * @policy: validation policy
  */
 static inline int nlmsg_validate(struct nlmsghdr *nlh, int hdrlen, int maxtype,
-                                 struct nla_policy *policy)
+                                 const struct nla_policy *policy)
 {
         if (nlh->nlmsg_len < nlmsg_msg_size(hdrlen))
                 return -EINVAL;
@@ -729,10 +735,43 @@ static inline struct nlattr *nla_find_nested(struct nlattr *nla, int attrtype)
  */
 static inline int nla_parse_nested(struct nlattr *tb[], int maxtype,
                                    struct nlattr *nla,
-                                   struct nla_policy *policy)
+                                   const struct nla_policy *policy)
 {
         return nla_parse(tb, maxtype, nla_data(nla), nla_len(nla), policy);
 }
+
+/**
+ * nla_parse_nested_compat - parse nested compat attributes
+ * @tb: destination array with maxtype+1 elements
+ * @maxtype: maximum attribute type to be expected
+ * @nla: attribute containing the nested attributes
+ * @data: pointer to point to contained structure
+ * @len: length of contained structure
+ * @policy: validation policy
+ *
+ * Parse a nested compat attribute. The compat attribute contains a structure
+ * and optionally a set of nested attributes. On success the data pointer
+ * points to the nested data and tb contains the parsed attributes
+ * (see nla_parse).
+ */
+static inline int __nla_parse_nested_compat(struct nlattr *tb[], int maxtype,
+                                            struct nlattr *nla,
+                                            const struct nla_policy *policy,
+                                            int len)
+{
+        if (nla_len(nla) < len)
+                return -1;
+        if (nla_len(nla) >= NLA_ALIGN(len) + sizeof(struct nlattr))
+                return nla_parse_nested(tb, maxtype,
+                                        nla_data(nla) + NLA_ALIGN(len),
+                                        policy);
+        memset(tb, 0, sizeof(struct nlattr *) * (maxtype + 1));
+        return 0;
+}
+
+#define nla_parse_nested_compat(tb, maxtype, nla, policy, data, len) \
+({      data = nla_len(nla) >= len ? nla_data(nla) : NULL; \
+        __nla_parse_nested_compat(tb, maxtype, nla, policy, len); })
 /**
  * nla_put_u8 - Add a u16 netlink attribute to a socket buffer
  * @skb: socket buffer to add attribute to
@@ -965,6 +1004,51 @@ static inline int nla_nest_end(struct sk_buff *skb, struct nlattr *start)
 }
 
 /**
+ * nla_nest_compat_start - Start a new level of nested compat attributes
+ * @skb: socket buffer to add attributes to
+ * @attrtype: attribute type of container
+ * @attrlen: length of structure
+ * @data: pointer to structure
+ *
+ * Start a nested compat attribute that contains both a structure and
+ * a set of nested attributes.
+ *
+ * Returns the container attribute
+ */
+static inline struct nlattr *nla_nest_compat_start(struct sk_buff *skb,
+                                                   int attrtype, int attrlen,
+                                                   const void *data)
+{
+        struct nlattr *start = (struct nlattr *)skb_tail_pointer(skb);
+
+        if (nla_put(skb, attrtype, attrlen, data) < 0)
+                return NULL;
+        if (nla_nest_start(skb, attrtype) == NULL) {
+                nlmsg_trim(skb, start);
+                return NULL;
+        }
+        return start;
+}
+
+/**
+ * nla_nest_compat_end - Finalize nesting of compat attributes
+ * @skb: socket buffer the attribtues are stored in
+ * @start: container attribute
+ *
+ * Corrects the container attribute header to include the all
+ * appeneded attributes.
+ *
+ * Returns the total data length of the skb.
+ */
+static inline int nla_nest_compat_end(struct sk_buff *skb, struct nlattr *start)
+{
+        struct nlattr *nest = (void *)start + NLMSG_ALIGN(start->nla_len);
+
+        start->nla_len = skb_tail_pointer(skb) - (unsigned char *)start;
+        return nla_nest_end(skb, nest);
+}
+
+/**
  * nla_nest_cancel - Cancel nesting of attributes
  * @skb: socket buffer the message is stored in
  * @start: container attribute
@@ -990,7 +1074,7 @@ static inline int nla_nest_cancel(struct sk_buff *skb, struct nlattr *start)
  * Returns 0 on success or a negative error code.
  */
 static inline int nla_validate_nested(struct nlattr *start, int maxtype,
-                                      struct nla_policy *policy)
+                                      const struct nla_policy *policy)
 {
         return nla_validate(nla_data(start), nla_len(start), maxtype, policy);
 }
diff --git a/include/net/pkt_cls.h b/include/net/pkt_cls.h
index 4129df708079..7968b1d66369 100644
--- a/include/net/pkt_cls.h
+++ b/include/net/pkt_cls.h
@@ -65,8 +65,6 @@ struct tcf_exts
 {
 #ifdef CONFIG_NET_CLS_ACT
         struct tc_action *action;
-#elif defined CONFIG_NET_CLS_POLICE
-        struct tcf_police *police;
 #endif
 };
 
@@ -91,8 +89,6 @@ tcf_exts_is_predicative(struct tcf_exts *exts)
 {
 #ifdef CONFIG_NET_CLS_ACT
         return !!exts->action;
-#elif defined CONFIG_NET_CLS_POLICE
-        return !!exts->police;
 #else
         return 0;
 #endif
@@ -129,11 +125,7 @@ tcf_exts_exec(struct sk_buff *skb, struct tcf_exts *exts,
 #ifdef CONFIG_NET_CLS_ACT
         if (exts->action)
                 return tcf_action_exec(skb, exts->action, res);
-#elif defined CONFIG_NET_CLS_POLICE
-        if (exts->police)
-                return tcf_police(skb, exts->police);
 #endif
-
         return 0;
 }
 
@@ -306,6 +298,8 @@ static inline int tcf_em_tree_match(struct sk_buff *skb,
                 return 1;
 }
 
+#define MODULE_ALIAS_TCF_EMATCH(kind)   MODULE_ALIAS("ematch-kind-" __stringify(kind))
+
 #else /* CONFIG_NET_EMATCH */
 
 struct tcf_ematch_tree
diff --git a/include/net/pkt_sched.h b/include/net/pkt_sched.h
index 5754d53d9efc..9e22526e80e7 100644
--- a/include/net/pkt_sched.h
+++ b/include/net/pkt_sched.h
@@ -89,8 +89,10 @@ static inline void qdisc_run(struct net_device *dev)
                 __qdisc_run(dev);
 }
 
+extern int tc_classify_compat(struct sk_buff *skb, struct tcf_proto *tp,
+                              struct tcf_result *res);
 extern int tc_classify(struct sk_buff *skb, struct tcf_proto *tp,
-        struct tcf_result *res);
+                       struct tcf_result *res);
 
 /* Calculate maximal size of packet seen by hard_start_xmit
    routine of this device.
diff --git a/include/net/rawv6.h b/include/net/rawv6.h
index af8960878ef4..a5819891d525 100644
--- a/include/net/rawv6.h
+++ b/include/net/rawv6.h
@@ -3,6 +3,8 @@
 
 #ifdef __KERNEL__
 
+#include <net/protocol.h>
+
 #define RAWV6_HTABLE_SIZE       MAX_INET_PROTOS
 extern struct hlist_head raw_v6_htable[RAWV6_HTABLE_SIZE];
 extern rwlock_t raw_v6_lock;
@@ -23,6 +25,13 @@ extern void			rawv6_err(struct sock *sk,
                                           int type, int code, 
                                           int offset, __be32 info);
 
+#if defined(CONFIG_IPV6_MIP6) || defined(CONFIG_IPV6_MIP6_MODULE)
+int rawv6_mh_filter_register(int (*filter)(struct sock *sock,
+                                           struct sk_buff *skb));
+int rawv6_mh_filter_unregister(int (*filter)(struct sock *sock,
+                                             struct sk_buff *skb));
+#endif
+
 #endif
 
 #endif
diff --git a/include/net/route.h b/include/net/route.h
index 749e4dfe5ff3..f7ce6259f86f 100644
--- a/include/net/route.h
+++ b/include/net/route.h
@@ -62,7 +62,6 @@ struct rtable
         
         unsigned                rt_flags;
         __u16                   rt_type;
-        __u16                   rt_multipath_alg;
 
         __be32                  rt_dst; /* Path destination     */
         __be32                  rt_src; /* Path source          */
@@ -136,7 +135,7 @@ static inline void ip_rt_put(struct rtable * rt)
 
 #define IPTOS_RT_MASK   (IPTOS_TOS_MASK & ~3)
 
-extern __u8 ip_tos2prio[16];
+extern const __u8 ip_tos2prio[16];
 
 static inline char rt_tos2priority(u8 tos)
 {
diff --git a/include/net/rtnetlink.h b/include/net/rtnetlink.h
index 3b3d4745618d..3861c05cdf0f 100644
--- a/include/net/rtnetlink.h
+++ b/include/net/rtnetlink.h
@@ -22,4 +22,62 @@ static inline int rtnl_msg_family(struct nlmsghdr *nlh)
                 return AF_UNSPEC;
 }
 
+/**
+ *      struct rtnl_link_ops - rtnetlink link operations
+ *
+ *      @list: Used internally
+ *      @kind: Identifier
+ *      @maxtype: Highest device specific netlink attribute number
+ *      @policy: Netlink policy for device specific attribute validation
+ *      @validate: Optional validation function for netlink/changelink parameters
+ *      @priv_size: sizeof net_device private space
+ *      @setup: net_device setup function
+ *      @newlink: Function for configuring and registering a new device
+ *      @changelink: Function for changing parameters of an existing device
+ *      @dellink: Function to remove a device
+ *      @get_size: Function to calculate required room for dumping device
+ *                 specific netlink attributes
+ *      @fill_info: Function to dump device specific netlink attributes
+ *      @get_xstats_size: Function to calculate required room for dumping devic
+ *                        specific statistics
+ *      @fill_xstats: Function to dump device specific statistics
+ */
+struct rtnl_link_ops {
+        struct list_head        list;
+
+        const char              *kind;
+
+        size_t                  priv_size;
+        void                    (*setup)(struct net_device *dev);
+
+        int                     maxtype;
+        const struct nla_policy *policy;
+        int                     (*validate)(struct nlattr *tb[],
+                                            struct nlattr *data[]);
+
+        int                     (*newlink)(struct net_device *dev,
+                                           struct nlattr *tb[],
+                                           struct nlattr *data[]);
+        int                     (*changelink)(struct net_device *dev,
+                                              struct nlattr *tb[],
+                                              struct nlattr *data[]);
+        void                    (*dellink)(struct net_device *dev);
+
+        size_t                  (*get_size)(const struct net_device *dev);
+        int                     (*fill_info)(struct sk_buff *skb,
+                                             const struct net_device *dev);
+
+        size_t                  (*get_xstats_size)(const struct net_device *dev);
+        int                     (*fill_xstats)(struct sk_buff *skb,
+                                               const struct net_device *dev);
+};
+
+extern int      __rtnl_link_register(struct rtnl_link_ops *ops);
+extern void     __rtnl_link_unregister(struct rtnl_link_ops *ops);
+
+extern int      rtnl_link_register(struct rtnl_link_ops *ops);
+extern void     rtnl_link_unregister(struct rtnl_link_ops *ops);
+
+#define MODULE_ALIAS_RTNL_LINK(kind) MODULE_ALIAS("rtnl-link-" kind)
+
 #endif
diff --git a/include/net/sch_generic.h b/include/net/sch_generic.h
index 1b8e35197ebe..8a67f24cbe02 100644
--- a/include/net/sch_generic.h
+++ b/include/net/sch_generic.h
@@ -290,7 +290,7 @@ static inline int qdisc_reshape_fail(struct sk_buff *skb, struct Qdisc *sch)
 {
         sch->qstats.drops++;
 
-#ifdef CONFIG_NET_CLS_POLICE
+#ifdef CONFIG_NET_CLS_ACT
         if (sch->reshape_fail == NULL || sch->reshape_fail(skb, sch))
                 goto drop;
 
diff --git a/include/net/scm.h b/include/net/scm.h
index 5637d5e22d5f..423cb1d5ac25 100644
--- a/include/net/scm.h
+++ b/include/net/scm.h
@@ -8,7 +8,7 @@
 /* Well, we should have at least one descriptor open
  * to accept passed FDs 8)
  */
-#define SCM_MAX_FD      (OPEN_MAX-1)
+#define SCM_MAX_FD      255
 
 struct scm_fp_list
 {
diff --git a/include/net/sctp/sctp.h b/include/net/sctp/sctp.h
index dda72bf5b9b4..16baef4dab7e 100644
--- a/include/net/sctp/sctp.h
+++ b/include/net/sctp/sctp.h
@@ -503,6 +503,13 @@ static inline int sctp_frag_point(const struct sctp_sock *sp, int pmtu)
         return frag;
 }
 
+static inline void sctp_assoc_pending_pmtu(struct sctp_association *asoc)
+{
+
+        sctp_assoc_sync_pmtu(asoc);
+        asoc->pmtu_pending = 0;
+}
+
 /* Walk through a list of TLV parameters.  Don't trust the
  * individual parameter lengths and instead depend on
  * the chunk length to indicate when to stop.  Make sure
diff --git a/include/net/sctp/structs.h b/include/net/sctp/structs.h
index 5e81984b8478..ee4559b11302 100644
--- a/include/net/sctp/structs.h
+++ b/include/net/sctp/structs.h
@@ -912,6 +912,9 @@ struct sctp_transport {
          */
         __u16 pathmaxrxt;
 
+        /* is the Path MTU update pending on this tranport */
+        __u8 pmtu_pending;
+
         /* PMTU       : The current known path MTU.  */
         __u32 pathmtu;
 
@@ -1006,6 +1009,7 @@ void sctp_transport_raise_cwnd(struct sctp_transport *, __u32, __u32);
 void sctp_transport_lower_cwnd(struct sctp_transport *, sctp_lower_cwnd_t);
 unsigned long sctp_transport_timeout(struct sctp_transport *);
 void sctp_transport_reset(struct sctp_transport *);
+void sctp_transport_update_pmtu(struct sctp_transport *, u32);
 
 
 /* This is the structure we use to queue packets as they come into
@@ -1565,6 +1569,9 @@ struct sctp_association {
          */
         __u16 pathmaxrxt;
 
+        /* Flag that path mtu update is pending */
+        __u8   pmtu_pending;
+
         /* Association : The smallest PMTU discovered for all of the
          * PMTU        : peer's transport addresses.
          */
diff --git a/include/net/tcp.h b/include/net/tcp.h
index a8af9ae00177..8b404b1ef7c8 100644
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -652,8 +652,7 @@ struct tcp_congestion_ops {
         /* lower bound for congestion window (optional) */
         u32 (*min_cwnd)(const struct sock *sk);
         /* do new cwnd calculation (required) */
-        void (*cong_avoid)(struct sock *sk, u32 ack,
-                           u32 rtt, u32 in_flight, int good_ack);
+        void (*cong_avoid)(struct sock *sk, u32 ack, u32 in_flight, int good_ack);
         /* call before changing ca_state (optional) */
         void (*set_state)(struct sock *sk, u8 new_state);
         /* call when cwnd event occurs (optional) */
@@ -684,8 +683,7 @@ extern void tcp_slow_start(struct tcp_sock *tp);
 
 extern struct tcp_congestion_ops tcp_init_congestion_ops;
 extern u32 tcp_reno_ssthresh(struct sock *sk);
-extern void tcp_reno_cong_avoid(struct sock *sk, u32 ack,
-                                u32 rtt, u32 in_flight, int flag);
+extern void tcp_reno_cong_avoid(struct sock *sk, u32 ack, u32 in_flight, int flag);
 extern u32 tcp_reno_min_cwnd(const struct sock *sk);
 extern struct tcp_congestion_ops tcp_reno;
 
diff --git a/include/net/tipc/tipc_port.h b/include/net/tipc/tipc_port.h
index 333bba6dc522..cfc4ba46de8f 100644
--- a/include/net/tipc/tipc_port.h
+++ b/include/net/tipc/tipc_port.h
@@ -1,8 +1,8 @@
 /*
  * include/net/tipc/tipc_port.h: Include file for privileged access to TIPC ports
  * 
- * Copyright (c) 1994-2006, Ericsson AB
- * Copyright (c) 2005, Wind River Systems
+ * Copyright (c) 1994-2007, Ericsson AB
+ * Copyright (c) 2005-2007, Wind River Systems
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -55,6 +55,7 @@
  * @conn_unacked: number of unacknowledged messages received from peer port
  * @published: non-zero if port has one or more associated names
  * @congested: non-zero if cannot send because of link or port congestion
+ * @max_pkt: maximum packet size "hint" used when building messages sent by port
  * @ref: unique reference to port in TIPC object registry
  * @phdr: preformatted message header used when sending messages
  */
@@ -68,6 +69,7 @@ struct tipc_port {
         u32 conn_unacked;
         int published;
         u32 congested;
+        u32 max_pkt;
         u32 ref;
         struct tipc_msg phdr;
 };
diff --git a/include/net/udp.h b/include/net/udp.h
index 496f89d45c8b..98755ebaf163 100644
--- a/include/net/udp.h
+++ b/include/net/udp.h
@@ -119,16 +119,9 @@ static inline void udp_lib_close(struct sock *sk, long timeout)
 }
 
 
-struct udp_get_port_ops {
-        int (*saddr_cmp)(const struct sock *sk1, const struct sock *sk2);
-        int (*saddr_any)(const struct sock *sk);
-        unsigned int (*hash_port_and_rcv_saddr)(__u16 port,
-                                                const struct sock *sk);
-};
-
 /* net/ipv4/udp.c */
 extern int      udp_get_port(struct sock *sk, unsigned short snum,
-                             const struct udp_get_port_ops *ops);
+                             int (*saddr_cmp)(const struct sock *, const struct sock *));
 extern void     udp_err(struct sk_buff *, u32);
 
 extern int      udp_sendmsg(struct kiocb *iocb, struct sock *sk,
diff --git a/include/net/udplite.h b/include/net/udplite.h
index 50b4b424d1ca..635b0eafca95 100644
--- a/include/net/udplite.h
+++ b/include/net/udplite.h
@@ -120,5 +120,5 @@ static inline __wsum udplite_csum_outgoing(struct sock *sk, struct sk_buff *skb)
 
 extern void     udplite4_register(void);
 extern int      udplite_get_port(struct sock *sk, unsigned short snum,
-                                 const struct udp_get_port_ops *ops);
+                        int (*scmp)(const struct sock *, const struct sock *));
 #endif  /* _UDPLITE_H */
diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index 90185e8b335e..a5f80bfbaaa4 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -19,9 +19,19 @@
 #include <net/ipv6.h>
 #include <net/ip6_fib.h>
 
+#define XFRM_PROTO_ESP          50
+#define XFRM_PROTO_AH           51
+#define XFRM_PROTO_COMP         108
+#define XFRM_PROTO_IPIP         4
+#define XFRM_PROTO_IPV6         41
+#define XFRM_PROTO_ROUTING      IPPROTO_ROUTING
+#define XFRM_PROTO_DSTOPTS      IPPROTO_DSTOPTS
+
 #define XFRM_ALIGN8(len)        (((len) + 7) & ~7)
 #define MODULE_ALIAS_XFRM_MODE(family, encap) \
         MODULE_ALIAS("xfrm-mode-" __stringify(family) "-" __stringify(encap))
+#define MODULE_ALIAS_XFRM_TYPE(family, proto) \
+        MODULE_ALIAS("xfrm-type-" __stringify(family) "-" __stringify(proto))
 
 extern struct sock *xfrm_nl;
 extern u32 sysctl_xfrm_aevent_etime;
@@ -509,11 +519,9 @@ __be16 xfrm_flowi_sport(struct flowi *fl)
         case IPPROTO_ICMPV6:
                 port = htons(fl->fl_icmp_type);
                 break;
-#ifdef CONFIG_IPV6_MIP6
         case IPPROTO_MH:
                 port = htons(fl->fl_mh_type);
                 break;
-#endif
         default:
                 port = 0;       /*XXX*/
         }
@@ -577,7 +585,6 @@ static inline int xfrm_sec_ctx_match(struct xfrm_sec_ctx *s1, struct xfrm_sec_ct
 struct xfrm_dst
 {
         union {
-                struct xfrm_dst         *next;
                 struct dst_entry        dst;
                 struct rtable           rt;
                 struct rt6_info         rt6;
@@ -920,6 +927,10 @@ extern struct xfrm_state *xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t
                                           struct flowi *fl, struct xfrm_tmpl *tmpl,
                                           struct xfrm_policy *pol, int *err,
                                           unsigned short family);
+extern struct xfrm_state * xfrm_stateonly_find(xfrm_address_t *daddr,
+                                               xfrm_address_t *saddr,
+                                               unsigned short family,
+                                               u8 mode, u8 proto, u32 reqid);
 extern int xfrm_state_check_expire(struct xfrm_state *x);
 extern void xfrm_state_insert(struct xfrm_state *x);
 extern int xfrm_state_add(struct xfrm_state *x);
@@ -964,7 +975,7 @@ struct xfrmk_spdinfo {
 
 extern struct xfrm_state *xfrm_find_acq_byseq(u32 seq);
 extern int xfrm_state_delete(struct xfrm_state *x);
-extern void xfrm_state_flush(u8 proto, struct xfrm_audit *audit_info);
+extern int xfrm_state_flush(u8 proto, struct xfrm_audit *audit_info);
 extern void xfrm_sad_getinfo(struct xfrmk_sadinfo *si);
 extern void xfrm_spd_getinfo(struct xfrmk_spdinfo *si);
 extern int xfrm_replay_check(struct xfrm_state *x, __be32 seq);
@@ -991,7 +1002,7 @@ extern int xfrm6_find_1stfragopt(struct xfrm_state *x, struct sk_buff *skb,
                                  u8 **prevhdr);
 
 #ifdef CONFIG_XFRM
-extern int xfrm4_rcv_encap(struct sk_buff *skb, __u16 encap_type);
+extern int xfrm4_udp_encap_rcv(struct sock *sk, struct sk_buff *skb);
 extern int xfrm_user_policy(struct sock *sk, int optname, u8 __user *optval, int optlen);
 extern int xfrm_dst_lookup(struct xfrm_dst **dst, struct flowi *fl, unsigned short family);
 #else
@@ -1000,12 +1011,13 @@ static inline int xfrm_user_policy(struct sock *sk, int optname, u8 __user *optv
         return -ENOPROTOOPT;
 } 
 
-static inline int xfrm4_rcv_encap(struct sk_buff *skb, __u16 encap_type)
+static inline int xfrm4_udp_encap_rcv(struct sock *sk, struct sk_buff *skb)
 {
         /* should not happen */
         kfree_skb(skb);
         return 0;
 }
+
 static inline int xfrm_dst_lookup(struct xfrm_dst **dst, struct flowi *fl, unsigned short family)
 {
         return -EINVAL;
@@ -1020,13 +1032,13 @@ struct xfrm_policy *xfrm_policy_bysel_ctx(u8 type, int dir,
                                           struct xfrm_sec_ctx *ctx, int delete,
                                           int *err);
 struct xfrm_policy *xfrm_policy_byid(u8, int dir, u32 id, int delete, int *err);
-void xfrm_policy_flush(u8 type, struct xfrm_audit *audit_info);
+int xfrm_policy_flush(u8 type, struct xfrm_audit *audit_info);
 u32 xfrm_get_acqseq(void);
 void xfrm_alloc_spi(struct xfrm_state *x, __be32 minspi, __be32 maxspi);
 struct xfrm_state * xfrm_find_acq(u8 mode, u32 reqid, u8 proto,
                                   xfrm_address_t *daddr, xfrm_address_t *saddr,
                                   int create, unsigned short family);
-extern void xfrm_policy_flush(u8 type, struct xfrm_audit *audit_info);
+extern int xfrm_policy_flush(u8 type, struct xfrm_audit *audit_info);
 extern int xfrm_sk_policy_insert(struct sock *sk, int dir, struct xfrm_policy *pol);
 extern int xfrm_bundle_ok(struct xfrm_policy *pol, struct xfrm_dst *xdst,
                           struct flowi *fl, int family, int strict);