11 files changed, 31 insertions, 21 deletions
diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c
index 461216b47948..8d157157bf8e 100644
--- a/net/ipv4/af_inet.c
+++ b/net/ipv4/af_inet.c
@@ -1097,7 +1097,7 @@ int inet_sk_rebuild_header(struct sock *sk)
 EXPORT_SYMBOL(inet_sk_rebuild_header);
-static struct sk_buff *inet_gso_segment(struct sk_buff *skb, int sg)
+static struct sk_buff *inet_gso_segment(struct sk_buff *skb, int features)
 {
        struct sk_buff *segs = ERR_PTR(-EINVAL);
        struct iphdr *iph;
@@ -1126,10 +1126,10 @@ static struct sk_buff *inet_gso_segment(struct sk_buff *skb, int sg)
        rcu_read_lock();
        ops = rcu_dereference(inet_protos[proto]);
        if (ops && ops->gso_segment)
-                segs = ops->gso_segment(skb, sg);
+                segs = ops->gso_segment(skb, features);
        rcu_read_unlock();
-        if (IS_ERR(segs))
+        if (!segs || unlikely(IS_ERR(segs)))
                goto out;
        skb = segs;
diff --git a/net/ipv4/netfilter/Kconfig b/net/ipv4/netfilter/Kconfig
index e1d7f5fbc526..ef0b5aac5838 100644
--- a/net/ipv4/netfilter/Kconfig
+++ b/net/ipv4/netfilter/Kconfig
@@ -332,7 +332,7 @@ config IP_NF_MATCH_HASHLIMIT
        help
          This option adds a new iptables `hashlimit' match.  
-          As opposed to `limit', this match dynamically crates a hash table
+          As opposed to `limit', this match dynamically creates a hash table
          of limit buckets, based on your selection of source/destination
          ip addresses and/or ports.
diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c
index d0d19192026d..ad39bf640567 100644
--- a/net/ipv4/netfilter/arp_tables.c
+++ b/net/ipv4/netfilter/arp_tables.c
@@ -1120,7 +1120,8 @@ int arpt_register_table(struct arpt_table *table,
                return ret;
        }
-        if (xt_register_table(table, &bootstrap, newinfo) != 0) {
+        ret = xt_register_table(table, &bootstrap, newinfo);
+        if (ret != 0) {
                xt_free_table_info(newinfo);
                return ret;
        }
diff --git a/net/ipv4/netfilter/ip_queue.c b/net/ipv4/netfilter/ip_queue.c
index b93f0494362f..198ac36db861 100644
--- a/net/ipv4/netfilter/ip_queue.c
+++ b/net/ipv4/netfilter/ip_queue.c
@@ -457,11 +457,19 @@ dev_cmp(struct ipq_queue_entry *entry, unsigned long ifindex)
        if (entry->info->indev)
                if (entry->info->indev->ifindex == ifindex)
                        return 1;
-                        
        if (entry->info->outdev)
                if (entry->info->outdev->ifindex == ifindex)
                        return 1;
+#ifdef CONFIG_BRIDGE_NETFILTER
+        if (entry->skb->nf_bridge) {
+                if (entry->skb->nf_bridge->physindev &&
+                    entry->skb->nf_bridge->physindev->ifindex == ifindex)
+                        return 1;
+                if (entry->skb->nf_bridge->physoutdev &&
+                    entry->skb->nf_bridge->physoutdev->ifindex == ifindex)
+                        return 1;
+        }
+#endif
        return 0;
 }
@@ -507,7 +515,7 @@ ipq_rcv_skb(struct sk_buff *skb)
        if (type <= IPQM_BASE)
                return;
                
-        if (security_netlink_recv(skb))
+        if (security_netlink_recv(skb, CAP_NET_ADMIN))
                RCV_SKB_FAIL(-EPERM);
        
        write_lock_bh(&queue_lock);
diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c
index 706c0025ec5e..7aaaf92efb59 100644
--- a/net/ipv4/netfilter/ip_tables.c
+++ b/net/ipv4/netfilter/ip_tables.c
@@ -2113,7 +2113,8 @@ int ipt_register_table(struct xt_table *table, const struct ipt_replace *repl)
                return ret;
        }
-        if (xt_register_table(table, &bootstrap, newinfo) != 0) {
+        ret = xt_register_table(table, &bootstrap, newinfo);
+        if (ret != 0) {
                xt_free_table_info(newinfo);
                return ret;
        }
diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
index c04176be7ed1..0336422c88a0 100644
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -2145,7 +2145,7 @@ int compat_tcp_getsockopt(struct sock *sk, int level, int optname,
 EXPORT_SYMBOL(compat_tcp_getsockopt);
 #endif
-struct sk_buff *tcp_tso_segment(struct sk_buff *skb, int sg)
+struct sk_buff *tcp_tso_segment(struct sk_buff *skb, int features)
 {
        struct sk_buff *segs = ERR_PTR(-EINVAL);
        struct tcphdr *th;
@@ -2166,10 +2166,14 @@ struct sk_buff *tcp_tso_segment(struct sk_buff *skb, int sg)
        if (!pskb_may_pull(skb, thlen))
                goto out;
+        segs = NULL;
+        if (skb_gso_ok(skb, features | NETIF_F_GSO_ROBUST))
+                goto out;
        oldlen = (u16)~skb->len;
        __skb_pull(skb, thlen);
-        segs = skb_segment(skb, sg);
+        segs = skb_segment(skb, features);
        if (IS_ERR(segs))
                goto out;
diff --git a/net/ipv4/tcp_diag.c b/net/ipv4/tcp_diag.c
index c148c1081880..b56399c7cc12 100644
--- a/net/ipv4/tcp_diag.c
+++ b/net/ipv4/tcp_diag.c
@@ -26,7 +26,10 @@ static void tcp_diag_get_info(struct sock *sk, struct inet_diag_msg *r,
        const struct tcp_sock *tp = tcp_sk(sk);
        struct tcp_info *info = _info;
-        r->idiag_rqueue = tp->rcv_nxt - tp->copied_seq;
+        if (sk->sk_state == TCP_LISTEN)
+                r->idiag_rqueue = sk->sk_ack_backlog;
+        else
+                r->idiag_rqueue = tp->rcv_nxt - tp->copied_seq;
        r->idiag_wqueue = tp->write_seq - tp->snd_una;
        if (info != NULL)
                tcp_get_info(sk, info);
diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c
index 94fe5b1f9dcb..7fa0b4a8a389 100644
--- a/net/ipv4/tcp_input.c
+++ b/net/ipv4/tcp_input.c
@@ -4178,8 +4178,6 @@ static int tcp_rcv_synsent_state_process(struct sock *sk, struct sk_buff *skb,
                 */
                TCP_ECN_rcv_synack(tp, th);
-                if (tp->ecn_flags&TCP_ECN_OK)
-                        sock_set_flag(sk, SOCK_NO_LARGESEND);
                tp->snd_wl1 = TCP_SKB_CB(skb)->seq;
                tcp_ack(sk, skb, FLAG_SLOWPATH);
@@ -4322,8 +4320,6 @@ discard:
                tp->max_window = tp->snd_wnd;
                TCP_ECN_rcv_syn(tp, th);
-                if (tp->ecn_flags&TCP_ECN_OK)
-                        sock_set_flag(sk, SOCK_NO_LARGESEND);
                tcp_mtup_init(sk);
                tcp_sync_mss(sk, icsk->icsk_pmtu_cookie);
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
index 25ecc6e2478b..4c6ef47eb1c3 100644
--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c
@@ -1726,7 +1726,8 @@ static void get_tcp4_sock(struct sock *sp, char *tmpbuf, int i)
        sprintf(tmpbuf, "%4d: %08X:%04X %08X:%04X %02X %08X:%08X %02X:%08lX "
                        "%08X %5d %8d %lu %d %p %u %u %u %u %d",
                i, src, srcp, dest, destp, sp->sk_state,
-                tp->write_seq - tp->snd_una, tp->rcv_nxt - tp->copied_seq,
+                tp->write_seq - tp->snd_una,
+                (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq),
                timer_active,
                jiffies_to_clock_t(timer_expires - jiffies),
                icsk->icsk_retransmits,
diff --git a/net/ipv4/tcp_minisocks.c b/net/ipv4/tcp_minisocks.c
index 2b9b7f6c7f7c..54b2ef7d3efe 100644
--- a/net/ipv4/tcp_minisocks.c
+++ b/net/ipv4/tcp_minisocks.c
@@ -440,8 +440,6 @@ struct sock *tcp_create_openreq_child(struct sock *sk, struct request_sock *req,
                        newicsk->icsk_ack.last_seg_size = skb->len - newtp->tcp_header_len;
                newtp->rx_opt.mss_clamp = req->mss;
                TCP_ECN_openreq_child(newtp, req);
-                if (newtp->ecn_flags&TCP_ECN_OK)
-                        sock_set_flag(newsk, SOCK_NO_LARGESEND);
                TCP_INC_STATS_BH(TCP_MIB_PASSIVEOPENS);
        }
diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c
index bdd71db8bf90..5a7cb4a9c867 100644
--- a/net/ipv4/tcp_output.c
+++ b/net/ipv4/tcp_output.c
@@ -2044,8 +2044,6 @@ struct sk_buff * tcp_make_synack(struct sock *sk, struct dst_entry *dst,
        memset(th, 0, sizeof(struct tcphdr));
        th->syn = 1;
        th->ack = 1;
-        if (dst->dev->features&NETIF_F_TSO)
-                ireq->ecn_ok = 0;
        TCP_ECN_make_synack(req, th);
        th->source = inet_sk(sk)->sport;
        th->dest = ireq->rmt_port;

diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c index 461216b47948..8d157157bf8e 100644 --- a/net/ipv4/af_inet.c +++ b/net/ipv4/af_inet.c
@@ -1097,7 +1097,7 @@ int inet_sk_rebuild_header(struct sock *sk)
1097		1097
1098	EXPORT_SYMBOL(inet_sk_rebuild_header);	1098	EXPORT_SYMBOL(inet_sk_rebuild_header);
1099		1099
1100	static struct sk_buff inet_gso_segment(struct sk_buff skb, int sg)	1100	static struct sk_buff inet_gso_segment(struct sk_buff skb, int features)
1101	{	1101	{
1102	struct sk_buff *segs = ERR_PTR(-EINVAL);	1102	struct sk_buff *segs = ERR_PTR(-EINVAL);
1103	struct iphdr *iph;	1103	struct iphdr *iph;
@@ -1126,10 +1126,10 @@ static struct sk_buff inet_gso_segment(struct sk_buff skb, int sg)
1126	rcu_read_lock();	1126	rcu_read_lock();
1127	ops = rcu_dereference(inet_protos[proto]);	1127	ops = rcu_dereference(inet_protos[proto]);
1128	if (ops && ops->gso_segment)	1128	if (ops && ops->gso_segment)
1129	segs = ops->gso_segment(skb, sg);	1129	segs = ops->gso_segment(skb, features);
1130	rcu_read_unlock();	1130	rcu_read_unlock();
1131		1131
1132	if (IS_ERR(segs))	1132	if (!segs \|\| unlikely(IS_ERR(segs)))
1133	goto out;	1133	goto out;
1134		1134
1135	skb = segs;	1135	skb = segs;


diff --git a/net/ipv4/netfilter/Kconfig b/net/ipv4/netfilter/Kconfig index e1d7f5fbc526..ef0b5aac5838 100644 --- a/net/ipv4/netfilter/Kconfig +++ b/net/ipv4/netfilter/Kconfig
@@ -332,7 +332,7 @@ config IP_NF_MATCH_HASHLIMIT
332	help	332	help
333	This option adds a new iptables `hashlimit' match.	333	This option adds a new iptables `hashlimit' match.
334		334
335	As opposed to `limit', this match dynamically crates a hash table	335	As opposed to `limit', this match dynamically creates a hash table
336	of limit buckets, based on your selection of source/destination	336	of limit buckets, based on your selection of source/destination
337	ip addresses and/or ports.	337	ip addresses and/or ports.
338		338


diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c index d0d19192026d..ad39bf640567 100644 --- a/net/ipv4/netfilter/arp_tables.c +++ b/net/ipv4/netfilter/arp_tables.c
@@ -1120,7 +1120,8 @@ int arpt_register_table(struct arpt_table *table,
1120	return ret;	1120	return ret;
1121	}	1121	}
1122		1122
1123	if (xt_register_table(table, &bootstrap, newinfo) != 0) {	1123	ret = xt_register_table(table, &bootstrap, newinfo);
		1124	if (ret != 0) {
1124	xt_free_table_info(newinfo);	1125	xt_free_table_info(newinfo);
1125	return ret;	1126	return ret;
1126	}	1127	}


diff --git a/net/ipv4/netfilter/ip_queue.c b/net/ipv4/netfilter/ip_queue.c index b93f0494362f..198ac36db861 100644 --- a/net/ipv4/netfilter/ip_queue.c +++ b/net/ipv4/netfilter/ip_queue.c
@@ -457,11 +457,19 @@ dev_cmp(struct ipq_queue_entry *entry, unsigned long ifindex)
457	if (entry->info->indev)	457	if (entry->info->indev)
458	if (entry->info->indev->ifindex == ifindex)	458	if (entry->info->indev->ifindex == ifindex)
459	return 1;	459	return 1;
460
461	if (entry->info->outdev)	460	if (entry->info->outdev)
462	if (entry->info->outdev->ifindex == ifindex)	461	if (entry->info->outdev->ifindex == ifindex)
463	return 1;	462	return 1;
464		463	#ifdef CONFIG_BRIDGE_NETFILTER
		464	if (entry->skb->nf_bridge) {
		465	if (entry->skb->nf_bridge->physindev &&
		466	entry->skb->nf_bridge->physindev->ifindex == ifindex)
		467	return 1;
		468	if (entry->skb->nf_bridge->physoutdev &&
		469	entry->skb->nf_bridge->physoutdev->ifindex == ifindex)
		470	return 1;
		471	}
		472	#endif
465	return 0;	473	return 0;
466	}	474	}
467		475
@@ -507,7 +515,7 @@ ipq_rcv_skb(struct sk_buff *skb)
507	if (type <= IPQM_BASE)	515	if (type <= IPQM_BASE)
508	return;	516	return;
509		517
510	if (security_netlink_recv(skb))	518	if (security_netlink_recv(skb, CAP_NET_ADMIN))
511	RCV_SKB_FAIL(-EPERM);	519	RCV_SKB_FAIL(-EPERM);
512		520
513	write_lock_bh(&queue_lock);	521	write_lock_bh(&queue_lock);


diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c index 706c0025ec5e..7aaaf92efb59 100644 --- a/net/ipv4/netfilter/ip_tables.c +++ b/net/ipv4/netfilter/ip_tables.c
@@ -2113,7 +2113,8 @@ int ipt_register_table(struct xt_table table, const struct ipt_replace repl)
2113	return ret;	2113	return ret;
2114	}	2114	}
2115		2115
2116	if (xt_register_table(table, &bootstrap, newinfo) != 0) {	2116	ret = xt_register_table(table, &bootstrap, newinfo);
		2117	if (ret != 0) {
2117	xt_free_table_info(newinfo);	2118	xt_free_table_info(newinfo);
2118	return ret;	2119	return ret;
2119	}	2120	}


diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c index c04176be7ed1..0336422c88a0 100644 --- a/net/ipv4/tcp.c +++ b/net/ipv4/tcp.c
@@ -2145,7 +2145,7 @@ int compat_tcp_getsockopt(struct sock *sk, int level, int optname,
2145	EXPORT_SYMBOL(compat_tcp_getsockopt);	2145	EXPORT_SYMBOL(compat_tcp_getsockopt);
2146	#endif	2146	#endif
2147		2147
2148	struct sk_buff tcp_tso_segment(struct sk_buff skb, int sg)	2148	struct sk_buff tcp_tso_segment(struct sk_buff skb, int features)
2149	{	2149	{
2150	struct sk_buff *segs = ERR_PTR(-EINVAL);	2150	struct sk_buff *segs = ERR_PTR(-EINVAL);
2151	struct tcphdr *th;	2151	struct tcphdr *th;
@@ -2166,10 +2166,14 @@ struct sk_buff tcp_tso_segment(struct sk_buff skb, int sg)
2166	if (!pskb_may_pull(skb, thlen))	2166	if (!pskb_may_pull(skb, thlen))
2167	goto out;	2167	goto out;
2168		2168
		2169	segs = NULL;
		2170	if (skb_gso_ok(skb, features \| NETIF_F_GSO_ROBUST))
		2171	goto out;
		2172
2169	oldlen = (u16)~skb->len;	2173	oldlen = (u16)~skb->len;
2170	__skb_pull(skb, thlen);	2174	__skb_pull(skb, thlen);
2171		2175
2172	segs = skb_segment(skb, sg);	2176	segs = skb_segment(skb, features);
2173	if (IS_ERR(segs))	2177	if (IS_ERR(segs))
2174	goto out;	2178	goto out;
2175		2179


diff --git a/net/ipv4/tcp_diag.c b/net/ipv4/tcp_diag.c index c148c1081880..b56399c7cc12 100644 --- a/net/ipv4/tcp_diag.c +++ b/net/ipv4/tcp_diag.c
@@ -26,7 +26,10 @@ static void tcp_diag_get_info(struct sock sk, struct inet_diag_msg r,
26	const struct tcp_sock *tp = tcp_sk(sk);	26	const struct tcp_sock *tp = tcp_sk(sk);
27	struct tcp_info *info = _info;	27	struct tcp_info *info = _info;
28		28
29	r->idiag_rqueue = tp->rcv_nxt - tp->copied_seq;	29	if (sk->sk_state == TCP_LISTEN)
		30	r->idiag_rqueue = sk->sk_ack_backlog;
		31	else
		32	r->idiag_rqueue = tp->rcv_nxt - tp->copied_seq;
30	r->idiag_wqueue = tp->write_seq - tp->snd_una;	33	r->idiag_wqueue = tp->write_seq - tp->snd_una;
31	if (info != NULL)	34	if (info != NULL)
32	tcp_get_info(sk, info);	35	tcp_get_info(sk, info);


diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c index 94fe5b1f9dcb..7fa0b4a8a389 100644 --- a/net/ipv4/tcp_input.c +++ b/net/ipv4/tcp_input.c
@@ -4178,8 +4178,6 @@ static int tcp_rcv_synsent_state_process(struct sock sk, struct sk_buff skb,
4178	*/	4178	*/
4179		4179
4180	TCP_ECN_rcv_synack(tp, th);	4180	TCP_ECN_rcv_synack(tp, th);
4181	if (tp->ecn_flags&TCP_ECN_OK)
4182	sock_set_flag(sk, SOCK_NO_LARGESEND);
4183		4181
4184	tp->snd_wl1 = TCP_SKB_CB(skb)->seq;	4182	tp->snd_wl1 = TCP_SKB_CB(skb)->seq;
4185	tcp_ack(sk, skb, FLAG_SLOWPATH);	4183	tcp_ack(sk, skb, FLAG_SLOWPATH);
@@ -4322,8 +4320,6 @@ discard:
4322	tp->max_window = tp->snd_wnd;	4320	tp->max_window = tp->snd_wnd;
4323		4321
4324	TCP_ECN_rcv_syn(tp, th);	4322	TCP_ECN_rcv_syn(tp, th);
4325	if (tp->ecn_flags&TCP_ECN_OK)
4326	sock_set_flag(sk, SOCK_NO_LARGESEND);
4327		4323
4328	tcp_mtup_init(sk);	4324	tcp_mtup_init(sk);
4329	tcp_sync_mss(sk, icsk->icsk_pmtu_cookie);	4325	tcp_sync_mss(sk, icsk->icsk_pmtu_cookie);


diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index 25ecc6e2478b..4c6ef47eb1c3 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c
@@ -1726,7 +1726,8 @@ static void get_tcp4_sock(struct sock sp, char tmpbuf, int i)
1726	sprintf(tmpbuf, "%4d: %08X:%04X %08X:%04X %02X %08X:%08X %02X:%08lX "	1726	sprintf(tmpbuf, "%4d: %08X:%04X %08X:%04X %02X %08X:%08X %02X:%08lX "
1727	"%08X %5d %8d %lu %d %p %u %u %u %u %d",	1727	"%08X %5d %8d %lu %d %p %u %u %u %u %d",
1728	i, src, srcp, dest, destp, sp->sk_state,	1728	i, src, srcp, dest, destp, sp->sk_state,
1729	tp->write_seq - tp->snd_una, tp->rcv_nxt - tp->copied_seq,	1729	tp->write_seq - tp->snd_una,
		1730	(sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq),
1730	timer_active,	1731	timer_active,
1731	jiffies_to_clock_t(timer_expires - jiffies),	1732	jiffies_to_clock_t(timer_expires - jiffies),
1732	icsk->icsk_retransmits,	1733	icsk->icsk_retransmits,


diff --git a/net/ipv4/tcp_minisocks.c b/net/ipv4/tcp_minisocks.c index 2b9b7f6c7f7c..54b2ef7d3efe 100644 --- a/net/ipv4/tcp_minisocks.c +++ b/net/ipv4/tcp_minisocks.c
@@ -440,8 +440,6 @@ struct sock tcp_create_openreq_child(struct sock sk, struct request_sock *req,
440	newicsk->icsk_ack.last_seg_size = skb->len - newtp->tcp_header_len;	440	newicsk->icsk_ack.last_seg_size = skb->len - newtp->tcp_header_len;
441	newtp->rx_opt.mss_clamp = req->mss;	441	newtp->rx_opt.mss_clamp = req->mss;
442	TCP_ECN_openreq_child(newtp, req);	442	TCP_ECN_openreq_child(newtp, req);
443	if (newtp->ecn_flags&TCP_ECN_OK)
444	sock_set_flag(newsk, SOCK_NO_LARGESEND);
445		443
446	TCP_INC_STATS_BH(TCP_MIB_PASSIVEOPENS);	444	TCP_INC_STATS_BH(TCP_MIB_PASSIVEOPENS);
447	}	445	}


diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c index bdd71db8bf90..5a7cb4a9c867 100644 --- a/net/ipv4/tcp_output.c +++ b/net/ipv4/tcp_output.c
@@ -2044,8 +2044,6 @@ struct sk_buff * tcp_make_synack(struct sock sk, struct dst_entry dst,
2044	memset(th, 0, sizeof(struct tcphdr));	2044	memset(th, 0, sizeof(struct tcphdr));
2045	th->syn = 1;	2045	th->syn = 1;
2046	th->ack = 1;	2046	th->ack = 1;
2047	if (dst->dev->features&NETIF_F_TSO)
2048	ireq->ecn_ok = 0;
2049	TCP_ECN_make_synack(req, th);	2047	TCP_ECN_make_synack(req, th);
2050	th->source = inet_sk(sk)->sport;	2048	th->source = inet_sk(sk)->sport;
2051	th->dest = ireq->rmt_port;	2049	th->dest = ireq->rmt_port;