aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
Diffstat (limited to 'net')
-rw-r--r--net/bluetooth/af_bluetooth.c6
-rw-r--r--net/bluetooth/hci_core.c4
-rw-r--r--net/bluetooth/hci_sock.c12
-rw-r--r--net/bluetooth/hidp/Kconfig2
-rw-r--r--net/bluetooth/hidp/core.c13
-rw-r--r--net/bluetooth/rfcomm/Makefile2
-rw-r--r--net/bluetooth/rfcomm/core.c43
-rw-r--r--net/bluetooth/rfcomm/crc.c71
-rw-r--r--net/core/dev.c14
-rw-r--r--net/core/ethtool.c53
-rw-r--r--net/core/neighbour.c5
-rw-r--r--net/core/pktgen.c506
-rw-r--r--net/core/skbuff.c77
-rw-r--r--net/core/sock.c2
-rw-r--r--net/dccp/output.c2
-rw-r--r--net/decnet/af_decnet.c13
-rw-r--r--net/ethernet/eth.c17
-rw-r--r--net/ieee80211/Makefile3
-rw-r--r--net/ieee80211/ieee80211_crypt.c59
-rw-r--r--net/ieee80211/ieee80211_crypt_ccmp.c75
-rw-r--r--net/ieee80211/ieee80211_crypt_tkip.c150
-rw-r--r--net/ieee80211/ieee80211_crypt_wep.c26
-rw-r--r--net/ieee80211/ieee80211_geo.c141
-rw-r--r--net/ieee80211/ieee80211_module.c65
-rw-r--r--net/ieee80211/ieee80211_rx.c610
-rw-r--r--net/ieee80211/ieee80211_tx.c321
-rw-r--r--net/ieee80211/ieee80211_wx.c372
-rw-r--r--net/ipv4/devinet.c3
-rw-r--r--net/ipv4/fib_frontend.c2
-rw-r--r--net/ipv4/fib_trie.c2
-rw-r--r--net/ipv4/icmp.c5
-rw-r--r--net/ipv4/ip_output.c88
-rw-r--r--net/ipv4/netfilter/ip_conntrack_core.c132
-rw-r--r--net/ipv4/netfilter/ipt_addrtype.c2
-rw-r--r--net/ipv4/proc.c4
-rw-r--r--net/ipv6/addrconf.c10
-rw-r--r--net/ipv6/icmp.c9
-rw-r--r--net/ipv6/ip6_output.c71
-rw-r--r--net/ipv6/mcast.c2
-rw-r--r--net/ipv6/proc.c4
-rw-r--r--net/netlink/af_netlink.c5
-rw-r--r--net/rose/rose_route.c2
-rw-r--r--net/sctp/proc.c4
-rw-r--r--net/sctp/sm_make_chunk.c2
-rw-r--r--net/sctp/socket.c90
-rw-r--r--net/sctp/ulpevent.c6
-rw-r--r--net/sunrpc/Makefile2
-rw-r--r--net/sunrpc/auth.c1
-rw-r--r--net/sunrpc/auth_gss/Makefile2
-rw-r--r--net/sunrpc/auth_gss/auth_gss.c187
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_crypto.c275
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_mech.c41
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_seal.c44
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_unseal.c39
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_wrap.c363
-rw-r--r--net/sunrpc/auth_gss/gss_mech_switch.c29
-rw-r--r--net/sunrpc/auth_gss/gss_spkm3_mech.c21
-rw-r--r--net/sunrpc/auth_gss/gss_spkm3_seal.c4
-rw-r--r--net/sunrpc/auth_gss/gss_spkm3_unseal.c2
-rw-r--r--net/sunrpc/auth_gss/svcauth_gss.c9
-rw-r--r--net/sunrpc/auth_null.c2
-rw-r--r--net/sunrpc/auth_unix.c2
-rw-r--r--net/sunrpc/clnt.c147
-rw-r--r--net/sunrpc/pmap_clnt.c12
-rw-r--r--net/sunrpc/rpc_pipe.c29
-rw-r--r--net/sunrpc/socklib.c175
-rw-r--r--net/sunrpc/sunrpc_syms.c1
-rw-r--r--net/sunrpc/svcsock.c3
-rw-r--r--net/sunrpc/sysctl.c32
-rw-r--r--net/sunrpc/xdr.c177
-rw-r--r--net/sunrpc/xprt.c1613
-rw-r--r--net/sunrpc/xprtsock.c1252
-rw-r--r--net/xfrm/xfrm_policy.c43
-rw-r--r--net/xfrm/xfrm_state.c6
74 files changed, 5004 insertions, 2616 deletions
diff --git a/net/bluetooth/af_bluetooth.c b/net/bluetooth/af_bluetooth.c
index 12b43345b54f..03532062a46a 100644
--- a/net/bluetooth/af_bluetooth.c
+++ b/net/bluetooth/af_bluetooth.c
@@ -308,12 +308,6 @@ static struct net_proto_family bt_sock_family_ops = {
308 .create = bt_sock_create, 308 .create = bt_sock_create,
309}; 309};
310 310
311extern int hci_sock_init(void);
312extern int hci_sock_cleanup(void);
313
314extern int bt_sysfs_init(void);
315extern int bt_sysfs_cleanup(void);
316
317static int __init bt_init(void) 311static int __init bt_init(void)
318{ 312{
319 BT_INFO("Core ver %s", VERSION); 313 BT_INFO("Core ver %s", VERSION);
diff --git a/net/bluetooth/hci_core.c b/net/bluetooth/hci_core.c
index 55dc42eac92c..cf0df1c8c933 100644
--- a/net/bluetooth/hci_core.c
+++ b/net/bluetooth/hci_core.c
@@ -87,7 +87,7 @@ int hci_unregister_notifier(struct notifier_block *nb)
87 return notifier_chain_unregister(&hci_notifier, nb); 87 return notifier_chain_unregister(&hci_notifier, nb);
88} 88}
89 89
90void hci_notify(struct hci_dev *hdev, int event) 90static void hci_notify(struct hci_dev *hdev, int event)
91{ 91{
92 notifier_call_chain(&hci_notifier, event, hdev); 92 notifier_call_chain(&hci_notifier, event, hdev);
93} 93}
@@ -1347,7 +1347,7 @@ static inline void hci_scodata_packet(struct hci_dev *hdev, struct sk_buff *skb)
1347 kfree_skb(skb); 1347 kfree_skb(skb);
1348} 1348}
1349 1349
1350void hci_rx_task(unsigned long arg) 1350static void hci_rx_task(unsigned long arg)
1351{ 1351{
1352 struct hci_dev *hdev = (struct hci_dev *) arg; 1352 struct hci_dev *hdev = (struct hci_dev *) arg;
1353 struct sk_buff *skb; 1353 struct sk_buff *skb;
diff --git a/net/bluetooth/hci_sock.c b/net/bluetooth/hci_sock.c
index 32ef7975a139..799e448750ad 100644
--- a/net/bluetooth/hci_sock.c
+++ b/net/bluetooth/hci_sock.c
@@ -66,20 +66,20 @@ static struct hci_sec_filter hci_sec_filter = {
66 /* Packet types */ 66 /* Packet types */
67 0x10, 67 0x10,
68 /* Events */ 68 /* Events */
69 { 0x1000d9fe, 0x0000300c }, 69 { 0x1000d9fe, 0x0000b00c },
70 /* Commands */ 70 /* Commands */
71 { 71 {
72 { 0x0 }, 72 { 0x0 },
73 /* OGF_LINK_CTL */ 73 /* OGF_LINK_CTL */
74 { 0xbe000006, 0x00000001, 0x0000, 0x00 }, 74 { 0xbe000006, 0x00000001, 0x000000, 0x00 },
75 /* OGF_LINK_POLICY */ 75 /* OGF_LINK_POLICY */
76 { 0x00005200, 0x00000000, 0x0000, 0x00 }, 76 { 0x00005200, 0x00000000, 0x000000, 0x00 },
77 /* OGF_HOST_CTL */ 77 /* OGF_HOST_CTL */
78 { 0xaab00200, 0x2b402aaa, 0x0154, 0x00 }, 78 { 0xaab00200, 0x2b402aaa, 0x020154, 0x00 },
79 /* OGF_INFO_PARAM */ 79 /* OGF_INFO_PARAM */
80 { 0x000002be, 0x00000000, 0x0000, 0x00 }, 80 { 0x000002be, 0x00000000, 0x000000, 0x00 },
81 /* OGF_STATUS_PARAM */ 81 /* OGF_STATUS_PARAM */
82 { 0x000000ea, 0x00000000, 0x0000, 0x00 } 82 { 0x000000ea, 0x00000000, 0x000000, 0x00 }
83 } 83 }
84}; 84};
85 85
diff --git a/net/bluetooth/hidp/Kconfig b/net/bluetooth/hidp/Kconfig
index 4e958f7d9418..edfea772fb67 100644
--- a/net/bluetooth/hidp/Kconfig
+++ b/net/bluetooth/hidp/Kconfig
@@ -1,6 +1,6 @@
1config BT_HIDP 1config BT_HIDP
2 tristate "HIDP protocol support" 2 tristate "HIDP protocol support"
3 depends on BT && BT_L2CAP 3 depends on BT && BT_L2CAP && (BROKEN || !S390)
4 select INPUT 4 select INPUT
5 help 5 help
6 HIDP (Human Interface Device Protocol) is a transport layer 6 HIDP (Human Interface Device Protocol) is a transport layer
diff --git a/net/bluetooth/hidp/core.c b/net/bluetooth/hidp/core.c
index de8af5f42394..860444a7fc0f 100644
--- a/net/bluetooth/hidp/core.c
+++ b/net/bluetooth/hidp/core.c
@@ -520,7 +520,7 @@ static int hidp_session(void *arg)
520 520
521 if (session->input) { 521 if (session->input) {
522 input_unregister_device(session->input); 522 input_unregister_device(session->input);
523 kfree(session->input); 523 session->input = NULL;
524 } 524 }
525 525
526 up_write(&hidp_session_sem); 526 up_write(&hidp_session_sem);
@@ -536,6 +536,8 @@ static inline void hidp_setup_input(struct hidp_session *session, struct hidp_co
536 536
537 input->private = session; 537 input->private = session;
538 538
539 input->name = "Bluetooth HID Boot Protocol Device";
540
539 input->id.bustype = BUS_BLUETOOTH; 541 input->id.bustype = BUS_BLUETOOTH;
540 input->id.vendor = req->vendor; 542 input->id.vendor = req->vendor;
541 input->id.product = req->product; 543 input->id.product = req->product;
@@ -582,16 +584,15 @@ int hidp_add_connection(struct hidp_connadd_req *req, struct socket *ctrl_sock,
582 return -ENOTUNIQ; 584 return -ENOTUNIQ;
583 585
584 session = kmalloc(sizeof(struct hidp_session), GFP_KERNEL); 586 session = kmalloc(sizeof(struct hidp_session), GFP_KERNEL);
585 if (!session) 587 if (!session)
586 return -ENOMEM; 588 return -ENOMEM;
587 memset(session, 0, sizeof(struct hidp_session)); 589 memset(session, 0, sizeof(struct hidp_session));
588 590
589 session->input = kmalloc(sizeof(struct input_dev), GFP_KERNEL); 591 session->input = input_allocate_device();
590 if (!session->input) { 592 if (!session->input) {
591 kfree(session); 593 kfree(session);
592 return -ENOMEM; 594 return -ENOMEM;
593 } 595 }
594 memset(session->input, 0, sizeof(struct input_dev));
595 596
596 down_write(&hidp_session_sem); 597 down_write(&hidp_session_sem);
597 598
@@ -651,8 +652,10 @@ unlink:
651 652
652 __hidp_unlink_session(session); 653 __hidp_unlink_session(session);
653 654
654 if (session->input) 655 if (session->input) {
655 input_unregister_device(session->input); 656 input_unregister_device(session->input);
657 session->input = NULL; /* don't try to free it here */
658 }
656 659
657failed: 660failed:
658 up_write(&hidp_session_sem); 661 up_write(&hidp_session_sem);
diff --git a/net/bluetooth/rfcomm/Makefile b/net/bluetooth/rfcomm/Makefile
index aecec45ec68d..fe07988a3705 100644
--- a/net/bluetooth/rfcomm/Makefile
+++ b/net/bluetooth/rfcomm/Makefile
@@ -4,5 +4,5 @@
4 4
5obj-$(CONFIG_BT_RFCOMM) += rfcomm.o 5obj-$(CONFIG_BT_RFCOMM) += rfcomm.o
6 6
7rfcomm-y := core.o sock.o crc.o 7rfcomm-y := core.o sock.o
8rfcomm-$(CONFIG_BT_RFCOMM_TTY) += tty.o 8rfcomm-$(CONFIG_BT_RFCOMM_TTY) += tty.o
diff --git a/net/bluetooth/rfcomm/core.c b/net/bluetooth/rfcomm/core.c
index 35adce6482b6..c3d56ead840c 100644
--- a/net/bluetooth/rfcomm/core.c
+++ b/net/bluetooth/rfcomm/core.c
@@ -133,6 +133,49 @@ static inline void rfcomm_session_put(struct rfcomm_session *s)
133 133
134/* ---- RFCOMM FCS computation ---- */ 134/* ---- RFCOMM FCS computation ---- */
135 135
136/* reversed, 8-bit, poly=0x07 */
137static unsigned char rfcomm_crc_table[256] = {
138 0x00, 0x91, 0xe3, 0x72, 0x07, 0x96, 0xe4, 0x75,
139 0x0e, 0x9f, 0xed, 0x7c, 0x09, 0x98, 0xea, 0x7b,
140 0x1c, 0x8d, 0xff, 0x6e, 0x1b, 0x8a, 0xf8, 0x69,
141 0x12, 0x83, 0xf1, 0x60, 0x15, 0x84, 0xf6, 0x67,
142
143 0x38, 0xa9, 0xdb, 0x4a, 0x3f, 0xae, 0xdc, 0x4d,
144 0x36, 0xa7, 0xd5, 0x44, 0x31, 0xa0, 0xd2, 0x43,
145 0x24, 0xb5, 0xc7, 0x56, 0x23, 0xb2, 0xc0, 0x51,
146 0x2a, 0xbb, 0xc9, 0x58, 0x2d, 0xbc, 0xce, 0x5f,
147
148 0x70, 0xe1, 0x93, 0x02, 0x77, 0xe6, 0x94, 0x05,
149 0x7e, 0xef, 0x9d, 0x0c, 0x79, 0xe8, 0x9a, 0x0b,
150 0x6c, 0xfd, 0x8f, 0x1e, 0x6b, 0xfa, 0x88, 0x19,
151 0x62, 0xf3, 0x81, 0x10, 0x65, 0xf4, 0x86, 0x17,
152
153 0x48, 0xd9, 0xab, 0x3a, 0x4f, 0xde, 0xac, 0x3d,
154 0x46, 0xd7, 0xa5, 0x34, 0x41, 0xd0, 0xa2, 0x33,
155 0x54, 0xc5, 0xb7, 0x26, 0x53, 0xc2, 0xb0, 0x21,
156 0x5a, 0xcb, 0xb9, 0x28, 0x5d, 0xcc, 0xbe, 0x2f,
157
158 0xe0, 0x71, 0x03, 0x92, 0xe7, 0x76, 0x04, 0x95,
159 0xee, 0x7f, 0x0d, 0x9c, 0xe9, 0x78, 0x0a, 0x9b,
160 0xfc, 0x6d, 0x1f, 0x8e, 0xfb, 0x6a, 0x18, 0x89,
161 0xf2, 0x63, 0x11, 0x80, 0xf5, 0x64, 0x16, 0x87,
162
163 0xd8, 0x49, 0x3b, 0xaa, 0xdf, 0x4e, 0x3c, 0xad,
164 0xd6, 0x47, 0x35, 0xa4, 0xd1, 0x40, 0x32, 0xa3,
165 0xc4, 0x55, 0x27, 0xb6, 0xc3, 0x52, 0x20, 0xb1,
166 0xca, 0x5b, 0x29, 0xb8, 0xcd, 0x5c, 0x2e, 0xbf,
167
168 0x90, 0x01, 0x73, 0xe2, 0x97, 0x06, 0x74, 0xe5,
169 0x9e, 0x0f, 0x7d, 0xec, 0x99, 0x08, 0x7a, 0xeb,
170 0x8c, 0x1d, 0x6f, 0xfe, 0x8b, 0x1a, 0x68, 0xf9,
171 0x82, 0x13, 0x61, 0xf0, 0x85, 0x14, 0x66, 0xf7,
172
173 0xa8, 0x39, 0x4b, 0xda, 0xaf, 0x3e, 0x4c, 0xdd,
174 0xa6, 0x37, 0x45, 0xd4, 0xa1, 0x30, 0x42, 0xd3,
175 0xb4, 0x25, 0x57, 0xc6, 0xb3, 0x22, 0x50, 0xc1,
176 0xba, 0x2b, 0x59, 0xc8, 0xbd, 0x2c, 0x5e, 0xcf
177};
178
136/* CRC on 2 bytes */ 179/* CRC on 2 bytes */
137#define __crc(data) (rfcomm_crc_table[rfcomm_crc_table[0xff ^ data[0]] ^ data[1]]) 180#define __crc(data) (rfcomm_crc_table[rfcomm_crc_table[0xff ^ data[0]] ^ data[1]])
138 181
diff --git a/net/bluetooth/rfcomm/crc.c b/net/bluetooth/rfcomm/crc.c
deleted file mode 100644
index 1011bc4a8692..000000000000
--- a/net/bluetooth/rfcomm/crc.c
+++ /dev/null
@@ -1,71 +0,0 @@
1/*
2 RFCOMM implementation for Linux Bluetooth stack (BlueZ).
3 Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com>
4 Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org>
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License version 2 as
8 published by the Free Software Foundation;
9
10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18
19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
21 SOFTWARE IS DISCLAIMED.
22*/
23
24/*
25 * RFCOMM FCS calculation.
26 *
27 * $Id: crc.c,v 1.2 2002/09/21 09:54:32 holtmann Exp $
28 */
29
30/* reversed, 8-bit, poly=0x07 */
31unsigned char rfcomm_crc_table[256] = {
32 0x00, 0x91, 0xe3, 0x72, 0x07, 0x96, 0xe4, 0x75,
33 0x0e, 0x9f, 0xed, 0x7c, 0x09, 0x98, 0xea, 0x7b,
34 0x1c, 0x8d, 0xff, 0x6e, 0x1b, 0x8a, 0xf8, 0x69,
35 0x12, 0x83, 0xf1, 0x60, 0x15, 0x84, 0xf6, 0x67,
36
37 0x38, 0xa9, 0xdb, 0x4a, 0x3f, 0xae, 0xdc, 0x4d,
38 0x36, 0xa7, 0xd5, 0x44, 0x31, 0xa0, 0xd2, 0x43,
39 0x24, 0xb5, 0xc7, 0x56, 0x23, 0xb2, 0xc0, 0x51,
40 0x2a, 0xbb, 0xc9, 0x58, 0x2d, 0xbc, 0xce, 0x5f,
41
42 0x70, 0xe1, 0x93, 0x02, 0x77, 0xe6, 0x94, 0x05,
43 0x7e, 0xef, 0x9d, 0x0c, 0x79, 0xe8, 0x9a, 0x0b,
44 0x6c, 0xfd, 0x8f, 0x1e, 0x6b, 0xfa, 0x88, 0x19,
45 0x62, 0xf3, 0x81, 0x10, 0x65, 0xf4, 0x86, 0x17,
46
47 0x48, 0xd9, 0xab, 0x3a, 0x4f, 0xde, 0xac, 0x3d,
48 0x46, 0xd7, 0xa5, 0x34, 0x41, 0xd0, 0xa2, 0x33,
49 0x54, 0xc5, 0xb7, 0x26, 0x53, 0xc2, 0xb0, 0x21,
50 0x5a, 0xcb, 0xb9, 0x28, 0x5d, 0xcc, 0xbe, 0x2f,
51
52 0xe0, 0x71, 0x03, 0x92, 0xe7, 0x76, 0x04, 0x95,
53 0xee, 0x7f, 0x0d, 0x9c, 0xe9, 0x78, 0x0a, 0x9b,
54 0xfc, 0x6d, 0x1f, 0x8e, 0xfb, 0x6a, 0x18, 0x89,
55 0xf2, 0x63, 0x11, 0x80, 0xf5, 0x64, 0x16, 0x87,
56
57 0xd8, 0x49, 0x3b, 0xaa, 0xdf, 0x4e, 0x3c, 0xad,
58 0xd6, 0x47, 0x35, 0xa4, 0xd1, 0x40, 0x32, 0xa3,
59 0xc4, 0x55, 0x27, 0xb6, 0xc3, 0x52, 0x20, 0xb1,
60 0xca, 0x5b, 0x29, 0xb8, 0xcd, 0x5c, 0x2e, 0xbf,
61
62 0x90, 0x01, 0x73, 0xe2, 0x97, 0x06, 0x74, 0xe5,
63 0x9e, 0x0f, 0x7d, 0xec, 0x99, 0x08, 0x7a, 0xeb,
64 0x8c, 0x1d, 0x6f, 0xfe, 0x8b, 0x1a, 0x68, 0xf9,
65 0x82, 0x13, 0x61, 0xf0, 0x85, 0x14, 0x66, 0xf7,
66
67 0xa8, 0x39, 0x4b, 0xda, 0xaf, 0x3e, 0x4c, 0xdd,
68 0xa6, 0x37, 0x45, 0xd4, 0xa1, 0x30, 0x42, 0xd3,
69 0xb4, 0x25, 0x57, 0xc6, 0xb3, 0x22, 0x50, 0xc1,
70 0xba, 0x2b, 0x59, 0xc8, 0xbd, 0x2c, 0x5e, 0xcf
71};
diff --git a/net/core/dev.c b/net/core/dev.c
index a44eeef24edf..8d1541595277 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -2717,6 +2717,20 @@ int register_netdevice(struct net_device *dev)
2717 dev->name); 2717 dev->name);
2718 dev->features &= ~NETIF_F_TSO; 2718 dev->features &= ~NETIF_F_TSO;
2719 } 2719 }
2720 if (dev->features & NETIF_F_UFO) {
2721 if (!(dev->features & NETIF_F_HW_CSUM)) {
2722 printk(KERN_ERR "%s: Dropping NETIF_F_UFO since no "
2723 "NETIF_F_HW_CSUM feature.\n",
2724 dev->name);
2725 dev->features &= ~NETIF_F_UFO;
2726 }
2727 if (!(dev->features & NETIF_F_SG)) {
2728 printk(KERN_ERR "%s: Dropping NETIF_F_UFO since no "
2729 "NETIF_F_SG feature.\n",
2730 dev->name);
2731 dev->features &= ~NETIF_F_UFO;
2732 }
2733 }
2720 2734
2721 /* 2735 /*
2722 * nil rebuild_header routine, 2736 * nil rebuild_header routine,
diff --git a/net/core/ethtool.c b/net/core/ethtool.c
index 404b761e82ce..0350586e9195 100644
--- a/net/core/ethtool.c
+++ b/net/core/ethtool.c
@@ -93,6 +93,20 @@ int ethtool_op_get_perm_addr(struct net_device *dev, struct ethtool_perm_addr *a
93} 93}
94 94
95 95
96u32 ethtool_op_get_ufo(struct net_device *dev)
97{
98 return (dev->features & NETIF_F_UFO) != 0;
99}
100
101int ethtool_op_set_ufo(struct net_device *dev, u32 data)
102{
103 if (data)
104 dev->features |= NETIF_F_UFO;
105 else
106 dev->features &= ~NETIF_F_UFO;
107 return 0;
108}
109
96/* Handlers for each ethtool command */ 110/* Handlers for each ethtool command */
97 111
98static int ethtool_get_settings(struct net_device *dev, void __user *useraddr) 112static int ethtool_get_settings(struct net_device *dev, void __user *useraddr)
@@ -483,6 +497,11 @@ static int __ethtool_set_sg(struct net_device *dev, u32 data)
483 return err; 497 return err;
484 } 498 }
485 499
500 if (!data && dev->ethtool_ops->set_ufo) {
501 err = dev->ethtool_ops->set_ufo(dev, 0);
502 if (err)
503 return err;
504 }
486 return dev->ethtool_ops->set_sg(dev, data); 505 return dev->ethtool_ops->set_sg(dev, data);
487} 506}
488 507
@@ -569,6 +588,32 @@ static int ethtool_set_tso(struct net_device *dev, char __user *useraddr)
569 return dev->ethtool_ops->set_tso(dev, edata.data); 588 return dev->ethtool_ops->set_tso(dev, edata.data);
570} 589}
571 590
591static int ethtool_get_ufo(struct net_device *dev, char __user *useraddr)
592{
593 struct ethtool_value edata = { ETHTOOL_GTSO };
594
595 if (!dev->ethtool_ops->get_ufo)
596 return -EOPNOTSUPP;
597 edata.data = dev->ethtool_ops->get_ufo(dev);
598 if (copy_to_user(useraddr, &edata, sizeof(edata)))
599 return -EFAULT;
600 return 0;
601}
602static int ethtool_set_ufo(struct net_device *dev, char __user *useraddr)
603{
604 struct ethtool_value edata;
605
606 if (!dev->ethtool_ops->set_ufo)
607 return -EOPNOTSUPP;
608 if (copy_from_user(&edata, useraddr, sizeof(edata)))
609 return -EFAULT;
610 if (edata.data && !(dev->features & NETIF_F_SG))
611 return -EINVAL;
612 if (edata.data && !(dev->features & NETIF_F_HW_CSUM))
613 return -EINVAL;
614 return dev->ethtool_ops->set_ufo(dev, edata.data);
615}
616
572static int ethtool_self_test(struct net_device *dev, char __user *useraddr) 617static int ethtool_self_test(struct net_device *dev, char __user *useraddr)
573{ 618{
574 struct ethtool_test test; 619 struct ethtool_test test;
@@ -854,6 +899,12 @@ int dev_ethtool(struct ifreq *ifr)
854 case ETHTOOL_GPERMADDR: 899 case ETHTOOL_GPERMADDR:
855 rc = ethtool_get_perm_addr(dev, useraddr); 900 rc = ethtool_get_perm_addr(dev, useraddr);
856 break; 901 break;
902 case ETHTOOL_GUFO:
903 rc = ethtool_get_ufo(dev, useraddr);
904 break;
905 case ETHTOOL_SUFO:
906 rc = ethtool_set_ufo(dev, useraddr);
907 break;
857 default: 908 default:
858 rc = -EOPNOTSUPP; 909 rc = -EOPNOTSUPP;
859 } 910 }
@@ -882,3 +933,5 @@ EXPORT_SYMBOL(ethtool_op_set_sg);
882EXPORT_SYMBOL(ethtool_op_set_tso); 933EXPORT_SYMBOL(ethtool_op_set_tso);
883EXPORT_SYMBOL(ethtool_op_set_tx_csum); 934EXPORT_SYMBOL(ethtool_op_set_tx_csum);
884EXPORT_SYMBOL(ethtool_op_set_tx_hw_csum); 935EXPORT_SYMBOL(ethtool_op_set_tx_hw_csum);
936EXPORT_SYMBOL(ethtool_op_set_ufo);
937EXPORT_SYMBOL(ethtool_op_get_ufo);
diff --git a/net/core/neighbour.c b/net/core/neighbour.c
index 1dcf7fa1f0fe..e68700f950a5 100644
--- a/net/core/neighbour.c
+++ b/net/core/neighbour.c
@@ -1625,12 +1625,9 @@ static int neightbl_fill_info(struct neigh_table *tbl, struct sk_buff *skb,
1625 1625
1626 memset(&ndst, 0, sizeof(ndst)); 1626 memset(&ndst, 0, sizeof(ndst));
1627 1627
1628 for (cpu = 0; cpu < NR_CPUS; cpu++) { 1628 for_each_cpu(cpu) {
1629 struct neigh_statistics *st; 1629 struct neigh_statistics *st;
1630 1630
1631 if (!cpu_possible(cpu))
1632 continue;
1633
1634 st = per_cpu_ptr(tbl->stats, cpu); 1631 st = per_cpu_ptr(tbl->stats, cpu);
1635 ndst.ndts_allocs += st->allocs; 1632 ndst.ndts_allocs += st->allocs;
1636 ndst.ndts_destroys += st->destroys; 1633 ndst.ndts_destroys += st->destroys;
diff --git a/net/core/pktgen.c b/net/core/pktgen.c
index 5f043d346694..7fc3e9e28c34 100644
--- a/net/core/pktgen.c
+++ b/net/core/pktgen.c
@@ -75,7 +75,7 @@
75 * By design there should only be *one* "controlling" process. In practice 75 * By design there should only be *one* "controlling" process. In practice
76 * multiple write accesses gives unpredictable result. Understood by "write" 76 * multiple write accesses gives unpredictable result. Understood by "write"
77 * to /proc gives result code thats should be read be the "writer". 77 * to /proc gives result code thats should be read be the "writer".
78 * For pratical use this should be no problem. 78 * For practical use this should be no problem.
79 * 79 *
80 * Note when adding devices to a specific CPU there good idea to also assign 80 * Note when adding devices to a specific CPU there good idea to also assign
81 * /proc/irq/XX/smp_affinity so TX-interrupts gets bound to the same CPU. 81 * /proc/irq/XX/smp_affinity so TX-interrupts gets bound to the same CPU.
@@ -96,7 +96,7 @@
96 * New xmit() return, do_div and misc clean up by Stephen Hemminger 96 * New xmit() return, do_div and misc clean up by Stephen Hemminger
97 * <shemminger@osdl.org> 040923 97 * <shemminger@osdl.org> 040923
98 * 98 *
99 * Rany Dunlap fixed u64 printk compiler waring 99 * Randy Dunlap fixed u64 printk compiler waring
100 * 100 *
101 * Remove FCS from BW calculation. Lennert Buytenhek <buytenh@wantstofly.org> 101 * Remove FCS from BW calculation. Lennert Buytenhek <buytenh@wantstofly.org>
102 * New time handling. Lennert Buytenhek <buytenh@wantstofly.org> 041213 102 * New time handling. Lennert Buytenhek <buytenh@wantstofly.org> 041213
@@ -137,6 +137,7 @@
137#include <linux/ipv6.h> 137#include <linux/ipv6.h>
138#include <linux/udp.h> 138#include <linux/udp.h>
139#include <linux/proc_fs.h> 139#include <linux/proc_fs.h>
140#include <linux/seq_file.h>
140#include <linux/wait.h> 141#include <linux/wait.h>
141#include <net/checksum.h> 142#include <net/checksum.h>
142#include <net/ipv6.h> 143#include <net/ipv6.h>
@@ -151,7 +152,7 @@
151#include <asm/timex.h> 152#include <asm/timex.h>
152 153
153 154
154#define VERSION "pktgen v2.62: Packet Generator for packet performance testing.\n" 155#define VERSION "pktgen v2.63: Packet Generator for packet performance testing.\n"
155 156
156/* #define PG_DEBUG(a) a */ 157/* #define PG_DEBUG(a) a */
157#define PG_DEBUG(a) 158#define PG_DEBUG(a)
@@ -177,8 +178,8 @@
177#define T_REMDEV (1<<3) /* Remove all devs */ 178#define T_REMDEV (1<<3) /* Remove all devs */
178 179
179/* Locks */ 180/* Locks */
180#define thread_lock() spin_lock(&_thread_lock) 181#define thread_lock() down(&pktgen_sem)
181#define thread_unlock() spin_unlock(&_thread_lock) 182#define thread_unlock() up(&pktgen_sem)
182 183
183/* If lock -- can be removed after some work */ 184/* If lock -- can be removed after some work */
184#define if_lock(t) spin_lock(&(t->if_lock)); 185#define if_lock(t) spin_lock(&(t->if_lock));
@@ -186,7 +187,9 @@
186 187
187/* Used to help with determining the pkts on receive */ 188/* Used to help with determining the pkts on receive */
188#define PKTGEN_MAGIC 0xbe9be955 189#define PKTGEN_MAGIC 0xbe9be955
189#define PG_PROC_DIR "net/pktgen" 190#define PG_PROC_DIR "pktgen"
191#define PGCTRL "pgctrl"
192static struct proc_dir_entry *pg_proc_dir = NULL;
190 193
191#define MAX_CFLOWS 65536 194#define MAX_CFLOWS 65536
192 195
@@ -202,11 +205,8 @@ struct pktgen_dev {
202 * Try to keep frequent/infrequent used vars. separated. 205 * Try to keep frequent/infrequent used vars. separated.
203 */ 206 */
204 207
205 char ifname[32]; 208 char ifname[IFNAMSIZ];
206 struct proc_dir_entry *proc_ent;
207 char result[512]; 209 char result[512];
208 /* proc file names */
209 char fname[80];
210 210
211 struct pktgen_thread* pg_thread; /* the owner */ 211 struct pktgen_thread* pg_thread; /* the owner */
212 struct pktgen_dev *next; /* Used for chaining in the thread's run-queue */ 212 struct pktgen_dev *next; /* Used for chaining in the thread's run-queue */
@@ -244,7 +244,7 @@ struct pktgen_dev {
244 __u32 seq_num; 244 __u32 seq_num;
245 245
246 int clone_skb; /* Use multiple SKBs during packet gen. If this number 246 int clone_skb; /* Use multiple SKBs during packet gen. If this number
247 * is greater than 1, then that many coppies of the same 247 * is greater than 1, then that many copies of the same
248 * packet will be sent before a new packet is allocated. 248 * packet will be sent before a new packet is allocated.
249 * For instance, if you want to send 1024 identical packets 249 * For instance, if you want to send 1024 identical packets
250 * before creating a new packet, set clone_skb to 1024. 250 * before creating a new packet, set clone_skb to 1024.
@@ -330,8 +330,6 @@ struct pktgen_thread {
330 struct pktgen_dev *if_list; /* All device here */ 330 struct pktgen_dev *if_list; /* All device here */
331 struct pktgen_thread* next; 331 struct pktgen_thread* next;
332 char name[32]; 332 char name[32];
333 char fname[128]; /* name of proc file */
334 struct proc_dir_entry *proc_ent;
335 char result[512]; 333 char result[512];
336 u32 max_before_softirq; /* We'll call do_softirq to prevent starvation. */ 334 u32 max_before_softirq; /* We'll call do_softirq to prevent starvation. */
337 335
@@ -396,7 +394,7 @@ static inline s64 divremdi3(s64 x, s64 y, int type)
396 394
397/* End of hacks to deal with 64-bit math on x86 */ 395/* End of hacks to deal with 64-bit math on x86 */
398 396
399/** Convert to miliseconds */ 397/** Convert to milliseconds */
400static inline __u64 tv_to_ms(const struct timeval* tv) 398static inline __u64 tv_to_ms(const struct timeval* tv)
401{ 399{
402 __u64 ms = tv->tv_usec / 1000; 400 __u64 ms = tv->tv_usec / 1000;
@@ -425,7 +423,7 @@ static inline __u64 pg_div64(__u64 n, __u64 base)
425{ 423{
426 __u64 tmp = n; 424 __u64 tmp = n;
427/* 425/*
428 * How do we know if the architectrure we are running on 426 * How do we know if the architecture we are running on
429 * supports division with 64 bit base? 427 * supports division with 64 bit base?
430 * 428 *
431 */ 429 */
@@ -473,16 +471,6 @@ static inline __u64 tv_diff(const struct timeval* a, const struct timeval* b)
473 471
474static char version[] __initdata = VERSION; 472static char version[] __initdata = VERSION;
475 473
476static ssize_t proc_pgctrl_read(struct file* file, char __user * buf, size_t count, loff_t *ppos);
477static ssize_t proc_pgctrl_write(struct file* file, const char __user * buf, size_t count, loff_t *ppos);
478static int proc_if_read(char *buf , char **start, off_t offset, int len, int *eof, void *data);
479
480static int proc_thread_read(char *buf , char **start, off_t offset, int len, int *eof, void *data);
481static int proc_if_write(struct file *file, const char __user *user_buffer, unsigned long count, void *data);
482static int proc_thread_write(struct file *file, const char __user *user_buffer, unsigned long count, void *data);
483static int create_proc_dir(void);
484static int remove_proc_dir(void);
485
486static int pktgen_remove_device(struct pktgen_thread* t, struct pktgen_dev *i); 474static int pktgen_remove_device(struct pktgen_thread* t, struct pktgen_dev *i);
487static int pktgen_add_device(struct pktgen_thread* t, const char* ifname); 475static int pktgen_add_device(struct pktgen_thread* t, const char* ifname);
488static struct pktgen_thread* pktgen_find_thread(const char* name); 476static struct pktgen_thread* pktgen_find_thread(const char* name);
@@ -503,83 +491,41 @@ static int pg_delay_d = 0;
503static int pg_clone_skb_d = 0; 491static int pg_clone_skb_d = 0;
504static int debug = 0; 492static int debug = 0;
505 493
506static DEFINE_SPINLOCK(_thread_lock); 494static DECLARE_MUTEX(pktgen_sem);
507static struct pktgen_thread *pktgen_threads = NULL; 495static struct pktgen_thread *pktgen_threads = NULL;
508 496
509static char module_fname[128];
510static struct proc_dir_entry *module_proc_ent = NULL;
511
512static struct notifier_block pktgen_notifier_block = { 497static struct notifier_block pktgen_notifier_block = {
513 .notifier_call = pktgen_device_event, 498 .notifier_call = pktgen_device_event,
514}; 499};
515 500
516static struct file_operations pktgen_fops = {
517 .read = proc_pgctrl_read,
518 .write = proc_pgctrl_write,
519 /* .ioctl = pktgen_ioctl, later maybe */
520};
521
522/* 501/*
523 * /proc handling functions 502 * /proc handling functions
524 * 503 *
525 */ 504 */
526 505
527static struct proc_dir_entry *pg_proc_dir = NULL; 506static int pgctrl_show(struct seq_file *seq, void *v)
528static int proc_pgctrl_read_eof=0;
529
530static ssize_t proc_pgctrl_read(struct file* file, char __user * buf,
531 size_t count, loff_t *ppos)
532{ 507{
533 char data[200]; 508 seq_puts(seq, VERSION);
534 int len = 0; 509 return 0;
535
536 if(proc_pgctrl_read_eof) {
537 proc_pgctrl_read_eof=0;
538 len = 0;
539 goto out;
540 }
541
542 sprintf(data, "%s", VERSION);
543
544 len = strlen(data);
545
546 if(len > count) {
547 len =-EFAULT;
548 goto out;
549 }
550
551 if (copy_to_user(buf, data, len)) {
552 len =-EFAULT;
553 goto out;
554 }
555
556 *ppos += len;
557 proc_pgctrl_read_eof=1; /* EOF next call */
558
559 out:
560 return len;
561} 510}
562 511
563static ssize_t proc_pgctrl_write(struct file* file,const char __user * buf, 512static ssize_t pgctrl_write(struct file* file,const char __user * buf,
564 size_t count, loff_t *ppos) 513 size_t count, loff_t *ppos)
565{ 514{
566 char *data = NULL;
567 int err = 0; 515 int err = 0;
516 char data[128];
568 517
569 if (!capable(CAP_NET_ADMIN)){ 518 if (!capable(CAP_NET_ADMIN)){
570 err = -EPERM; 519 err = -EPERM;
571 goto out; 520 goto out;
572 } 521 }
573 522
574 data = (void*)vmalloc ((unsigned int)count); 523 if (count > sizeof(data))
524 count = sizeof(data);
575 525
576 if(!data) {
577 err = -ENOMEM;
578 goto out;
579 }
580 if (copy_from_user(data, buf, count)) { 526 if (copy_from_user(data, buf, count)) {
581 err =-EFAULT; 527 err = -EFAULT;
582 goto out_free; 528 goto out;
583 } 529 }
584 data[count-1] = 0; /* Make string */ 530 data[count-1] = 0; /* Make string */
585 531
@@ -594,31 +540,40 @@ static ssize_t proc_pgctrl_write(struct file* file,const char __user * buf,
594 540
595 err = count; 541 err = count;
596 542
597 out_free:
598 vfree (data);
599 out: 543 out:
600 return err; 544 return err;
601} 545}
602 546
603static int proc_if_read(char *buf , char **start, off_t offset, 547static int pgctrl_open(struct inode *inode, struct file *file)
604 int len, int *eof, void *data) 548{
549 return single_open(file, pgctrl_show, PDE(inode)->data);
550}
551
552static struct file_operations pktgen_fops = {
553 .owner = THIS_MODULE,
554 .open = pgctrl_open,
555 .read = seq_read,
556 .llseek = seq_lseek,
557 .write = pgctrl_write,
558 .release = single_release,
559};
560
561static int pktgen_if_show(struct seq_file *seq, void *v)
605{ 562{
606 char *p;
607 int i; 563 int i;
608 struct pktgen_dev *pkt_dev = (struct pktgen_dev*)(data); 564 struct pktgen_dev *pkt_dev = seq->private;
609 __u64 sa; 565 __u64 sa;
610 __u64 stopped; 566 __u64 stopped;
611 __u64 now = getCurUs(); 567 __u64 now = getCurUs();
612 568
613 p = buf; 569 seq_printf(seq, "Params: count %llu min_pkt_size: %u max_pkt_size: %u\n",
614 p += sprintf(p, "Params: count %llu min_pkt_size: %u max_pkt_size: %u\n", 570 (unsigned long long) pkt_dev->count,
615 (unsigned long long) pkt_dev->count, 571 pkt_dev->min_pkt_size, pkt_dev->max_pkt_size);
616 pkt_dev->min_pkt_size, pkt_dev->max_pkt_size);
617 572
618 p += sprintf(p, " frags: %d delay: %u clone_skb: %d ifname: %s\n", 573 seq_printf(seq, " frags: %d delay: %u clone_skb: %d ifname: %s\n",
619 pkt_dev->nfrags, 1000*pkt_dev->delay_us+pkt_dev->delay_ns, pkt_dev->clone_skb, pkt_dev->ifname); 574 pkt_dev->nfrags, 1000*pkt_dev->delay_us+pkt_dev->delay_ns, pkt_dev->clone_skb, pkt_dev->ifname);
620 575
621 p += sprintf(p, " flows: %u flowlen: %u\n", pkt_dev->cflows, pkt_dev->lflow); 576 seq_printf(seq, " flows: %u flowlen: %u\n", pkt_dev->cflows, pkt_dev->lflow);
622 577
623 578
624 if(pkt_dev->flags & F_IPV6) { 579 if(pkt_dev->flags & F_IPV6) {
@@ -626,19 +581,19 @@ static int proc_if_read(char *buf , char **start, off_t offset,
626 fmt_ip6(b1, pkt_dev->in6_saddr.s6_addr); 581 fmt_ip6(b1, pkt_dev->in6_saddr.s6_addr);
627 fmt_ip6(b2, pkt_dev->min_in6_saddr.s6_addr); 582 fmt_ip6(b2, pkt_dev->min_in6_saddr.s6_addr);
628 fmt_ip6(b3, pkt_dev->max_in6_saddr.s6_addr); 583 fmt_ip6(b3, pkt_dev->max_in6_saddr.s6_addr);
629 p += sprintf(p, " saddr: %s min_saddr: %s max_saddr: %s\n", b1, b2, b3); 584 seq_printf(seq, " saddr: %s min_saddr: %s max_saddr: %s\n", b1, b2, b3);
630 585
631 fmt_ip6(b1, pkt_dev->in6_daddr.s6_addr); 586 fmt_ip6(b1, pkt_dev->in6_daddr.s6_addr);
632 fmt_ip6(b2, pkt_dev->min_in6_daddr.s6_addr); 587 fmt_ip6(b2, pkt_dev->min_in6_daddr.s6_addr);
633 fmt_ip6(b3, pkt_dev->max_in6_daddr.s6_addr); 588 fmt_ip6(b3, pkt_dev->max_in6_daddr.s6_addr);
634 p += sprintf(p, " daddr: %s min_daddr: %s max_daddr: %s\n", b1, b2, b3); 589 seq_printf(seq, " daddr: %s min_daddr: %s max_daddr: %s\n", b1, b2, b3);
635 590
636 } 591 }
637 else 592 else
638 p += sprintf(p, " dst_min: %s dst_max: %s\n src_min: %s src_max: %s\n", 593 seq_printf(seq," dst_min: %s dst_max: %s\n src_min: %s src_max: %s\n",
639 pkt_dev->dst_min, pkt_dev->dst_max, pkt_dev->src_min, pkt_dev->src_max); 594 pkt_dev->dst_min, pkt_dev->dst_max, pkt_dev->src_min, pkt_dev->src_max);
640 595
641 p += sprintf(p, " src_mac: "); 596 seq_puts(seq, " src_mac: ");
642 597
643 if ((pkt_dev->src_mac[0] == 0) && 598 if ((pkt_dev->src_mac[0] == 0) &&
644 (pkt_dev->src_mac[1] == 0) && 599 (pkt_dev->src_mac[1] == 0) &&
@@ -648,89 +603,89 @@ static int proc_if_read(char *buf , char **start, off_t offset,
648 (pkt_dev->src_mac[5] == 0)) 603 (pkt_dev->src_mac[5] == 0))
649 604
650 for (i = 0; i < 6; i++) 605 for (i = 0; i < 6; i++)
651 p += sprintf(p, "%02X%s", pkt_dev->odev->dev_addr[i], i == 5 ? " " : ":"); 606 seq_printf(seq, "%02X%s", pkt_dev->odev->dev_addr[i], i == 5 ? " " : ":");
652 607
653 else 608 else
654 for (i = 0; i < 6; i++) 609 for (i = 0; i < 6; i++)
655 p += sprintf(p, "%02X%s", pkt_dev->src_mac[i], i == 5 ? " " : ":"); 610 seq_printf(seq, "%02X%s", pkt_dev->src_mac[i], i == 5 ? " " : ":");
656 611
657 p += sprintf(p, "dst_mac: "); 612 seq_printf(seq, "dst_mac: ");
658 for (i = 0; i < 6; i++) 613 for (i = 0; i < 6; i++)
659 p += sprintf(p, "%02X%s", pkt_dev->dst_mac[i], i == 5 ? "\n" : ":"); 614 seq_printf(seq, "%02X%s", pkt_dev->dst_mac[i], i == 5 ? "\n" : ":");
660 615
661 p += sprintf(p, " udp_src_min: %d udp_src_max: %d udp_dst_min: %d udp_dst_max: %d\n", 616 seq_printf(seq, " udp_src_min: %d udp_src_max: %d udp_dst_min: %d udp_dst_max: %d\n",
662 pkt_dev->udp_src_min, pkt_dev->udp_src_max, pkt_dev->udp_dst_min, 617 pkt_dev->udp_src_min, pkt_dev->udp_src_max, pkt_dev->udp_dst_min,
663 pkt_dev->udp_dst_max); 618 pkt_dev->udp_dst_max);
664 619
665 p += sprintf(p, " src_mac_count: %d dst_mac_count: %d \n Flags: ", 620 seq_printf(seq, " src_mac_count: %d dst_mac_count: %d \n Flags: ",
666 pkt_dev->src_mac_count, pkt_dev->dst_mac_count); 621 pkt_dev->src_mac_count, pkt_dev->dst_mac_count);
667 622
668 623
669 if (pkt_dev->flags & F_IPV6) 624 if (pkt_dev->flags & F_IPV6)
670 p += sprintf(p, "IPV6 "); 625 seq_printf(seq, "IPV6 ");
671 626
672 if (pkt_dev->flags & F_IPSRC_RND) 627 if (pkt_dev->flags & F_IPSRC_RND)
673 p += sprintf(p, "IPSRC_RND "); 628 seq_printf(seq, "IPSRC_RND ");
674 629
675 if (pkt_dev->flags & F_IPDST_RND) 630 if (pkt_dev->flags & F_IPDST_RND)
676 p += sprintf(p, "IPDST_RND "); 631 seq_printf(seq, "IPDST_RND ");
677 632
678 if (pkt_dev->flags & F_TXSIZE_RND) 633 if (pkt_dev->flags & F_TXSIZE_RND)
679 p += sprintf(p, "TXSIZE_RND "); 634 seq_printf(seq, "TXSIZE_RND ");
680 635
681 if (pkt_dev->flags & F_UDPSRC_RND) 636 if (pkt_dev->flags & F_UDPSRC_RND)
682 p += sprintf(p, "UDPSRC_RND "); 637 seq_printf(seq, "UDPSRC_RND ");
683 638
684 if (pkt_dev->flags & F_UDPDST_RND) 639 if (pkt_dev->flags & F_UDPDST_RND)
685 p += sprintf(p, "UDPDST_RND "); 640 seq_printf(seq, "UDPDST_RND ");
686 641
687 if (pkt_dev->flags & F_MACSRC_RND) 642 if (pkt_dev->flags & F_MACSRC_RND)
688 p += sprintf(p, "MACSRC_RND "); 643 seq_printf(seq, "MACSRC_RND ");
689 644
690 if (pkt_dev->flags & F_MACDST_RND) 645 if (pkt_dev->flags & F_MACDST_RND)
691 p += sprintf(p, "MACDST_RND "); 646 seq_printf(seq, "MACDST_RND ");
692 647
693 648
694 p += sprintf(p, "\n"); 649 seq_puts(seq, "\n");
695 650
696 sa = pkt_dev->started_at; 651 sa = pkt_dev->started_at;
697 stopped = pkt_dev->stopped_at; 652 stopped = pkt_dev->stopped_at;
698 if (pkt_dev->running) 653 if (pkt_dev->running)
699 stopped = now; /* not really stopped, more like last-running-at */ 654 stopped = now; /* not really stopped, more like last-running-at */
700 655
701 p += sprintf(p, "Current:\n pkts-sofar: %llu errors: %llu\n started: %lluus stopped: %lluus idle: %lluus\n", 656 seq_printf(seq, "Current:\n pkts-sofar: %llu errors: %llu\n started: %lluus stopped: %lluus idle: %lluus\n",
702 (unsigned long long) pkt_dev->sofar, 657 (unsigned long long) pkt_dev->sofar,
703 (unsigned long long) pkt_dev->errors, 658 (unsigned long long) pkt_dev->errors,
704 (unsigned long long) sa, 659 (unsigned long long) sa,
705 (unsigned long long) stopped, 660 (unsigned long long) stopped,
706 (unsigned long long) pkt_dev->idle_acc); 661 (unsigned long long) pkt_dev->idle_acc);
707 662
708 p += sprintf(p, " seq_num: %d cur_dst_mac_offset: %d cur_src_mac_offset: %d\n", 663 seq_printf(seq, " seq_num: %d cur_dst_mac_offset: %d cur_src_mac_offset: %d\n",
709 pkt_dev->seq_num, pkt_dev->cur_dst_mac_offset, pkt_dev->cur_src_mac_offset); 664 pkt_dev->seq_num, pkt_dev->cur_dst_mac_offset,
665 pkt_dev->cur_src_mac_offset);
710 666
711 if(pkt_dev->flags & F_IPV6) { 667 if(pkt_dev->flags & F_IPV6) {
712 char b1[128], b2[128]; 668 char b1[128], b2[128];
713 fmt_ip6(b1, pkt_dev->cur_in6_daddr.s6_addr); 669 fmt_ip6(b1, pkt_dev->cur_in6_daddr.s6_addr);
714 fmt_ip6(b2, pkt_dev->cur_in6_saddr.s6_addr); 670 fmt_ip6(b2, pkt_dev->cur_in6_saddr.s6_addr);
715 p += sprintf(p, " cur_saddr: %s cur_daddr: %s\n", b2, b1); 671 seq_printf(seq, " cur_saddr: %s cur_daddr: %s\n", b2, b1);
716 } 672 }
717 else 673 else
718 p += sprintf(p, " cur_saddr: 0x%x cur_daddr: 0x%x\n", 674 seq_printf(seq, " cur_saddr: 0x%x cur_daddr: 0x%x\n",
719 pkt_dev->cur_saddr, pkt_dev->cur_daddr); 675 pkt_dev->cur_saddr, pkt_dev->cur_daddr);
720 676
721 677
722 p += sprintf(p, " cur_udp_dst: %d cur_udp_src: %d\n", 678 seq_printf(seq, " cur_udp_dst: %d cur_udp_src: %d\n",
723 pkt_dev->cur_udp_dst, pkt_dev->cur_udp_src); 679 pkt_dev->cur_udp_dst, pkt_dev->cur_udp_src);
724 680
725 p += sprintf(p, " flows: %u\n", pkt_dev->nflows); 681 seq_printf(seq, " flows: %u\n", pkt_dev->nflows);
726 682
727 if (pkt_dev->result[0]) 683 if (pkt_dev->result[0])
728 p += sprintf(p, "Result: %s\n", pkt_dev->result); 684 seq_printf(seq, "Result: %s\n", pkt_dev->result);
729 else 685 else
730 p += sprintf(p, "Result: Idle\n"); 686 seq_printf(seq, "Result: Idle\n");
731 *eof = 1;
732 687
733 return p - buf; 688 return 0;
734} 689}
735 690
736 691
@@ -802,13 +757,14 @@ done_str:
802 return i; 757 return i;
803} 758}
804 759
805static int proc_if_write(struct file *file, const char __user *user_buffer, 760static ssize_t pktgen_if_write(struct file *file, const char __user *user_buffer,
806 unsigned long count, void *data) 761 size_t count, loff_t *offset)
807{ 762{
763 struct seq_file *seq = (struct seq_file *) file->private_data;
764 struct pktgen_dev *pkt_dev = seq->private;
808 int i = 0, max, len; 765 int i = 0, max, len;
809 char name[16], valstr[32]; 766 char name[16], valstr[32];
810 unsigned long value = 0; 767 unsigned long value = 0;
811 struct pktgen_dev *pkt_dev = (struct pktgen_dev*)(data);
812 char* pg_result = NULL; 768 char* pg_result = NULL;
813 int tmp = 0; 769 int tmp = 0;
814 char buf[128]; 770 char buf[128];
@@ -849,7 +805,8 @@ static int proc_if_write(struct file *file, const char __user *user_buffer,
849 if (copy_from_user(tb, user_buffer, count)) 805 if (copy_from_user(tb, user_buffer, count))
850 return -EFAULT; 806 return -EFAULT;
851 tb[count] = 0; 807 tb[count] = 0;
852 printk("pktgen: %s,%lu buffer -:%s:-\n", name, count, tb); 808 printk("pktgen: %s,%lu buffer -:%s:-\n", name,
809 (unsigned long) count, tb);
853 } 810 }
854 811
855 if (!strcmp(name, "min_pkt_size")) { 812 if (!strcmp(name, "min_pkt_size")) {
@@ -1335,92 +1292,98 @@ static int proc_if_write(struct file *file, const char __user *user_buffer,
1335 return -EINVAL; 1292 return -EINVAL;
1336} 1293}
1337 1294
1338static int proc_thread_read(char *buf , char **start, off_t offset, 1295static int pktgen_if_open(struct inode *inode, struct file *file)
1339 int len, int *eof, void *data)
1340{ 1296{
1341 char *p; 1297 return single_open(file, pktgen_if_show, PDE(inode)->data);
1342 struct pktgen_thread *t = (struct pktgen_thread*)(data); 1298}
1343 struct pktgen_dev *pkt_dev = NULL;
1344 1299
1300static struct file_operations pktgen_if_fops = {
1301 .owner = THIS_MODULE,
1302 .open = pktgen_if_open,
1303 .read = seq_read,
1304 .llseek = seq_lseek,
1305 .write = pktgen_if_write,
1306 .release = single_release,
1307};
1345 1308
1346 if (!t) { 1309static int pktgen_thread_show(struct seq_file *seq, void *v)
1347 printk("pktgen: ERROR: could not find thread in proc_thread_read\n"); 1310{
1348 return -EINVAL; 1311 struct pktgen_thread *t = seq->private;
1349 } 1312 struct pktgen_dev *pkt_dev = NULL;
1313
1314 BUG_ON(!t);
1350 1315
1351 p = buf; 1316 seq_printf(seq, "Name: %s max_before_softirq: %d\n",
1352 p += sprintf(p, "Name: %s max_before_softirq: %d\n",
1353 t->name, t->max_before_softirq); 1317 t->name, t->max_before_softirq);
1354 1318
1355 p += sprintf(p, "Running: "); 1319 seq_printf(seq, "Running: ");
1356 1320
1357 if_lock(t); 1321 if_lock(t);
1358 for(pkt_dev = t->if_list;pkt_dev; pkt_dev = pkt_dev->next) 1322 for(pkt_dev = t->if_list;pkt_dev; pkt_dev = pkt_dev->next)
1359 if(pkt_dev->running) 1323 if(pkt_dev->running)
1360 p += sprintf(p, "%s ", pkt_dev->ifname); 1324 seq_printf(seq, "%s ", pkt_dev->ifname);
1361 1325
1362 p += sprintf(p, "\nStopped: "); 1326 seq_printf(seq, "\nStopped: ");
1363 1327
1364 for(pkt_dev = t->if_list;pkt_dev; pkt_dev = pkt_dev->next) 1328 for(pkt_dev = t->if_list;pkt_dev; pkt_dev = pkt_dev->next)
1365 if(!pkt_dev->running) 1329 if(!pkt_dev->running)
1366 p += sprintf(p, "%s ", pkt_dev->ifname); 1330 seq_printf(seq, "%s ", pkt_dev->ifname);
1367 1331
1368 if (t->result[0]) 1332 if (t->result[0])
1369 p += sprintf(p, "\nResult: %s\n", t->result); 1333 seq_printf(seq, "\nResult: %s\n", t->result);
1370 else 1334 else
1371 p += sprintf(p, "\nResult: NA\n"); 1335 seq_printf(seq, "\nResult: NA\n");
1372
1373 *eof = 1;
1374 1336
1375 if_unlock(t); 1337 if_unlock(t);
1376 1338
1377 return p - buf; 1339 return 0;
1378} 1340}
1379 1341
1380static int proc_thread_write(struct file *file, const char __user *user_buffer, 1342static ssize_t pktgen_thread_write(struct file *file,
1381 unsigned long count, void *data) 1343 const char __user *user_buffer,
1344 size_t count, loff_t *offset)
1382{ 1345{
1346 struct seq_file *seq = (struct seq_file *) file->private_data;
1347 struct pktgen_thread *t = seq->private;
1383 int i = 0, max, len, ret; 1348 int i = 0, max, len, ret;
1384 char name[40]; 1349 char name[40];
1385 struct pktgen_thread *t;
1386 char *pg_result; 1350 char *pg_result;
1387 unsigned long value = 0; 1351 unsigned long value = 0;
1388 1352
1389 if (count < 1) { 1353 if (count < 1) {
1390 // sprintf(pg_result, "Wrong command format"); 1354 // sprintf(pg_result, "Wrong command format");
1391 return -EINVAL; 1355 return -EINVAL;
1392 } 1356 }
1393 1357
1394 max = count - i; 1358 max = count - i;
1395 len = count_trail_chars(&user_buffer[i], max); 1359 len = count_trail_chars(&user_buffer[i], max);
1396 if (len < 0) 1360 if (len < 0)
1397 return len; 1361 return len;
1398 1362
1399 i += len; 1363 i += len;
1400 1364
1401 /* Read variable name */ 1365 /* Read variable name */
1402 1366
1403 len = strn_len(&user_buffer[i], sizeof(name) - 1); 1367 len = strn_len(&user_buffer[i], sizeof(name) - 1);
1404 if (len < 0) 1368 if (len < 0)
1405 return len; 1369 return len;
1406 1370
1407 memset(name, 0, sizeof(name)); 1371 memset(name, 0, sizeof(name));
1408 if (copy_from_user(name, &user_buffer[i], len)) 1372 if (copy_from_user(name, &user_buffer[i], len))
1409 return -EFAULT; 1373 return -EFAULT;
1410 i += len; 1374 i += len;
1411 1375
1412 max = count -i; 1376 max = count -i;
1413 len = count_trail_chars(&user_buffer[i], max); 1377 len = count_trail_chars(&user_buffer[i], max);
1414 if (len < 0) 1378 if (len < 0)
1415 return len; 1379 return len;
1416 1380
1417 i += len; 1381 i += len;
1418 1382
1419 if (debug) 1383 if (debug)
1420 printk("pktgen: t=%s, count=%lu\n", name, count); 1384 printk("pktgen: t=%s, count=%lu\n", name,
1421 1385 (unsigned long) count);
1422 1386
1423 t = (struct pktgen_thread*)(data);
1424 if(!t) { 1387 if(!t) {
1425 printk("pktgen: ERROR: No thread\n"); 1388 printk("pktgen: ERROR: No thread\n");
1426 ret = -EINVAL; 1389 ret = -EINVAL;
@@ -1474,21 +1437,19 @@ static int proc_thread_write(struct file *file, const char __user *user_buffer,
1474 return ret; 1437 return ret;
1475} 1438}
1476 1439
1477static int create_proc_dir(void) 1440static int pktgen_thread_open(struct inode *inode, struct file *file)
1478{ 1441{
1479 pg_proc_dir = proc_mkdir(PG_PROC_DIR, NULL); 1442 return single_open(file, pktgen_thread_show, PDE(inode)->data);
1480
1481 if (!pg_proc_dir)
1482 return -ENODEV;
1483
1484 return 0;
1485} 1443}
1486 1444
1487static int remove_proc_dir(void) 1445static struct file_operations pktgen_thread_fops = {
1488{ 1446 .owner = THIS_MODULE,
1489 remove_proc_entry(PG_PROC_DIR, NULL); 1447 .open = pktgen_thread_open,
1490 return 0; 1448 .read = seq_read,
1491} 1449 .llseek = seq_lseek,
1450 .write = pktgen_thread_write,
1451 .release = single_release,
1452};
1492 1453
1493/* Think find or remove for NN */ 1454/* Think find or remove for NN */
1494static struct pktgen_dev *__pktgen_NN_threads(const char* ifname, int remove) 1455static struct pktgen_dev *__pktgen_NN_threads(const char* ifname, int remove)
@@ -1702,7 +1663,7 @@ static void spin(struct pktgen_dev *pkt_dev, __u64 spin_until_us)
1702 start = now = getCurUs(); 1663 start = now = getCurUs();
1703 printk(KERN_INFO "sleeping for %d\n", (int)(spin_until_us - now)); 1664 printk(KERN_INFO "sleeping for %d\n", (int)(spin_until_us - now));
1704 while (now < spin_until_us) { 1665 while (now < spin_until_us) {
1705 /* TODO: optimise sleeping behavior */ 1666 /* TODO: optimize sleeping behavior */
1706 if (spin_until_us - now > jiffies_to_usecs(1)+1) 1667 if (spin_until_us - now > jiffies_to_usecs(1)+1)
1707 schedule_timeout_interruptible(1); 1668 schedule_timeout_interruptible(1);
1708 else if (spin_until_us - now > 100) { 1669 else if (spin_until_us - now > 100) {
@@ -2361,7 +2322,7 @@ static void pktgen_stop_all_threads_ifs(void)
2361 pktgen_stop(t); 2322 pktgen_stop(t);
2362 t = t->next; 2323 t = t->next;
2363 } 2324 }
2364 thread_unlock(); 2325 thread_unlock();
2365} 2326}
2366 2327
2367static int thread_is_running(struct pktgen_thread *t ) 2328static int thread_is_running(struct pktgen_thread *t )
@@ -2552,10 +2513,9 @@ static void pktgen_rem_thread(struct pktgen_thread *t)
2552 2513
2553 struct pktgen_thread *tmp = pktgen_threads; 2514 struct pktgen_thread *tmp = pktgen_threads;
2554 2515
2555 if (strlen(t->fname)) 2516 remove_proc_entry(t->name, pg_proc_dir);
2556 remove_proc_entry(t->fname, NULL);
2557 2517
2558 thread_lock(); 2518 thread_lock();
2559 2519
2560 if (tmp == t) 2520 if (tmp == t)
2561 pktgen_threads = tmp->next; 2521 pktgen_threads = tmp->next;
@@ -2825,7 +2785,7 @@ static struct pktgen_dev *pktgen_find_dev(struct pktgen_thread *t, const char* i
2825 if_lock(t); 2785 if_lock(t);
2826 2786
2827 for(pkt_dev=t->if_list; pkt_dev; pkt_dev = pkt_dev->next ) { 2787 for(pkt_dev=t->if_list; pkt_dev; pkt_dev = pkt_dev->next ) {
2828 if (strcmp(pkt_dev->ifname, ifname) == 0) { 2788 if (strncmp(pkt_dev->ifname, ifname, IFNAMSIZ) == 0) {
2829 break; 2789 break;
2830 } 2790 }
2831 } 2791 }
@@ -2864,74 +2824,70 @@ static int add_dev_to_thread(struct pktgen_thread *t, struct pktgen_dev *pkt_dev
2864static int pktgen_add_device(struct pktgen_thread *t, const char* ifname) 2824static int pktgen_add_device(struct pktgen_thread *t, const char* ifname)
2865{ 2825{
2866 struct pktgen_dev *pkt_dev; 2826 struct pktgen_dev *pkt_dev;
2827 struct proc_dir_entry *pe;
2867 2828
2868 /* We don't allow a device to be on several threads */ 2829 /* We don't allow a device to be on several threads */
2869 2830
2870 if( (pkt_dev = __pktgen_NN_threads(ifname, FIND)) == NULL) { 2831 pkt_dev = __pktgen_NN_threads(ifname, FIND);
2871 2832 if (pkt_dev) {
2872 pkt_dev = kmalloc(sizeof(struct pktgen_dev), GFP_KERNEL); 2833 printk("pktgen: ERROR: interface already used.\n");
2873 if (!pkt_dev) 2834 return -EBUSY;
2874 return -ENOMEM; 2835 }
2875 2836
2876 memset(pkt_dev, 0, sizeof(struct pktgen_dev)); 2837 pkt_dev = kzalloc(sizeof(struct pktgen_dev), GFP_KERNEL);
2838 if (!pkt_dev)
2839 return -ENOMEM;
2877 2840
2878 pkt_dev->flows = vmalloc(MAX_CFLOWS*sizeof(struct flow_state)); 2841 pkt_dev->flows = vmalloc(MAX_CFLOWS*sizeof(struct flow_state));
2879 if (pkt_dev->flows == NULL) { 2842 if (pkt_dev->flows == NULL) {
2880 kfree(pkt_dev); 2843 kfree(pkt_dev);
2881 return -ENOMEM; 2844 return -ENOMEM;
2882 } 2845 }
2883 memset(pkt_dev->flows, 0, MAX_CFLOWS*sizeof(struct flow_state)); 2846 memset(pkt_dev->flows, 0, MAX_CFLOWS*sizeof(struct flow_state));
2884
2885 pkt_dev->min_pkt_size = ETH_ZLEN;
2886 pkt_dev->max_pkt_size = ETH_ZLEN;
2887 pkt_dev->nfrags = 0;
2888 pkt_dev->clone_skb = pg_clone_skb_d;
2889 pkt_dev->delay_us = pg_delay_d / 1000;
2890 pkt_dev->delay_ns = pg_delay_d % 1000;
2891 pkt_dev->count = pg_count_d;
2892 pkt_dev->sofar = 0;
2893 pkt_dev->udp_src_min = 9; /* sink port */
2894 pkt_dev->udp_src_max = 9;
2895 pkt_dev->udp_dst_min = 9;
2896 pkt_dev->udp_dst_max = 9;
2897
2898 strncpy(pkt_dev->ifname, ifname, 31);
2899 sprintf(pkt_dev->fname, "%s/%s", PG_PROC_DIR, ifname);
2900
2901 if (! pktgen_setup_dev(pkt_dev)) {
2902 printk("pktgen: ERROR: pktgen_setup_dev failed.\n");
2903 if (pkt_dev->flows)
2904 vfree(pkt_dev->flows);
2905 kfree(pkt_dev);
2906 return -ENODEV;
2907 }
2908 2847
2909 pkt_dev->proc_ent = create_proc_entry(pkt_dev->fname, 0600, NULL); 2848 pkt_dev->min_pkt_size = ETH_ZLEN;
2910 if (!pkt_dev->proc_ent) { 2849 pkt_dev->max_pkt_size = ETH_ZLEN;
2911 printk("pktgen: cannot create %s procfs entry.\n", pkt_dev->fname); 2850 pkt_dev->nfrags = 0;
2912 if (pkt_dev->flows) 2851 pkt_dev->clone_skb = pg_clone_skb_d;
2913 vfree(pkt_dev->flows); 2852 pkt_dev->delay_us = pg_delay_d / 1000;
2914 kfree(pkt_dev); 2853 pkt_dev->delay_ns = pg_delay_d % 1000;
2915 return -EINVAL; 2854 pkt_dev->count = pg_count_d;
2916 } 2855 pkt_dev->sofar = 0;
2917 pkt_dev->proc_ent->read_proc = proc_if_read; 2856 pkt_dev->udp_src_min = 9; /* sink port */
2918 pkt_dev->proc_ent->write_proc = proc_if_write; 2857 pkt_dev->udp_src_max = 9;
2919 pkt_dev->proc_ent->data = (void*)(pkt_dev); 2858 pkt_dev->udp_dst_min = 9;
2920 pkt_dev->proc_ent->owner = THIS_MODULE; 2859 pkt_dev->udp_dst_max = 9;
2860
2861 strncpy(pkt_dev->ifname, ifname, IFNAMSIZ);
2862
2863 if (! pktgen_setup_dev(pkt_dev)) {
2864 printk("pktgen: ERROR: pktgen_setup_dev failed.\n");
2865 if (pkt_dev->flows)
2866 vfree(pkt_dev->flows);
2867 kfree(pkt_dev);
2868 return -ENODEV;
2869 }
2870
2871 pe = create_proc_entry(ifname, 0600, pg_proc_dir);
2872 if (!pe) {
2873 printk("pktgen: cannot create %s/%s procfs entry.\n",
2874 PG_PROC_DIR, ifname);
2875 if (pkt_dev->flows)
2876 vfree(pkt_dev->flows);
2877 kfree(pkt_dev);
2878 return -EINVAL;
2879 }
2880 pe->proc_fops = &pktgen_if_fops;
2881 pe->data = pkt_dev;
2921 2882
2922 return add_dev_to_thread(t, pkt_dev); 2883 return add_dev_to_thread(t, pkt_dev);
2923 }
2924 else {
2925 printk("pktgen: ERROR: interface already used.\n");
2926 return -EBUSY;
2927 }
2928} 2884}
2929 2885
2930static struct pktgen_thread *pktgen_find_thread(const char* name) 2886static struct pktgen_thread *pktgen_find_thread(const char* name)
2931{ 2887{
2932 struct pktgen_thread *t = NULL; 2888 struct pktgen_thread *t = NULL;
2933 2889
2934 thread_lock(); 2890 thread_lock();
2935 2891
2936 t = pktgen_threads; 2892 t = pktgen_threads;
2937 while (t) { 2893 while (t) {
@@ -2947,6 +2903,7 @@ static struct pktgen_thread *pktgen_find_thread(const char* name)
2947static int pktgen_create_thread(const char* name, int cpu) 2903static int pktgen_create_thread(const char* name, int cpu)
2948{ 2904{
2949 struct pktgen_thread *t = NULL; 2905 struct pktgen_thread *t = NULL;
2906 struct proc_dir_entry *pe;
2950 2907
2951 if (strlen(name) > 31) { 2908 if (strlen(name) > 31) {
2952 printk("pktgen: ERROR: Thread name cannot be more than 31 characters.\n"); 2909 printk("pktgen: ERROR: Thread name cannot be more than 31 characters.\n");
@@ -2958,28 +2915,26 @@ static int pktgen_create_thread(const char* name, int cpu)
2958 return -EINVAL; 2915 return -EINVAL;
2959 } 2916 }
2960 2917
2961 t = (struct pktgen_thread*)(kmalloc(sizeof(struct pktgen_thread), GFP_KERNEL)); 2918 t = kzalloc(sizeof(struct pktgen_thread), GFP_KERNEL);
2962 if (!t) { 2919 if (!t) {
2963 printk("pktgen: ERROR: out of memory, can't create new thread.\n"); 2920 printk("pktgen: ERROR: out of memory, can't create new thread.\n");
2964 return -ENOMEM; 2921 return -ENOMEM;
2965 } 2922 }
2966 2923
2967 memset(t, 0, sizeof(struct pktgen_thread));
2968 strcpy(t->name, name); 2924 strcpy(t->name, name);
2969 spin_lock_init(&t->if_lock); 2925 spin_lock_init(&t->if_lock);
2970 t->cpu = cpu; 2926 t->cpu = cpu;
2971 2927
2972 sprintf(t->fname, "%s/%s", PG_PROC_DIR, t->name); 2928 pe = create_proc_entry(t->name, 0600, pg_proc_dir);
2973 t->proc_ent = create_proc_entry(t->fname, 0600, NULL); 2929 if (!pe) {
2974 if (!t->proc_ent) { 2930 printk("pktgen: cannot create %s/%s procfs entry.\n",
2975 printk("pktgen: cannot create %s procfs entry.\n", t->fname); 2931 PG_PROC_DIR, t->name);
2976 kfree(t); 2932 kfree(t);
2977 return -EINVAL; 2933 return -EINVAL;
2978 } 2934 }
2979 t->proc_ent->read_proc = proc_thread_read; 2935
2980 t->proc_ent->write_proc = proc_thread_write; 2936 pe->proc_fops = &pktgen_thread_fops;
2981 t->proc_ent->data = (void*)(t); 2937 pe->data = t;
2982 t->proc_ent->owner = THIS_MODULE;
2983 2938
2984 t->next = pktgen_threads; 2939 t->next = pktgen_threads;
2985 pktgen_threads = t; 2940 pktgen_threads = t;
@@ -3034,8 +2989,7 @@ static int pktgen_remove_device(struct pktgen_thread *t, struct pktgen_dev *pkt_
3034 2989
3035 /* Clean up proc file system */ 2990 /* Clean up proc file system */
3036 2991
3037 if (strlen(pkt_dev->fname)) 2992 remove_proc_entry(pkt_dev->ifname, pg_proc_dir);
3038 remove_proc_entry(pkt_dev->fname, NULL);
3039 2993
3040 if (pkt_dev->flows) 2994 if (pkt_dev->flows)
3041 vfree(pkt_dev->flows); 2995 vfree(pkt_dev->flows);
@@ -3046,31 +3000,31 @@ static int pktgen_remove_device(struct pktgen_thread *t, struct pktgen_dev *pkt_
3046static int __init pg_init(void) 3000static int __init pg_init(void)
3047{ 3001{
3048 int cpu; 3002 int cpu;
3049 printk(version); 3003 struct proc_dir_entry *pe;
3050 3004
3051 module_fname[0] = 0; 3005 printk(version);
3052 3006
3053 create_proc_dir(); 3007 pg_proc_dir = proc_mkdir(PG_PROC_DIR, proc_net);
3008 if (!pg_proc_dir)
3009 return -ENODEV;
3010 pg_proc_dir->owner = THIS_MODULE;
3054 3011
3055 sprintf(module_fname, "%s/pgctrl", PG_PROC_DIR); 3012 pe = create_proc_entry(PGCTRL, 0600, pg_proc_dir);
3056 module_proc_ent = create_proc_entry(module_fname, 0600, NULL); 3013 if (pe == NULL) {
3057 if (!module_proc_ent) { 3014 printk("pktgen: ERROR: cannot create %s procfs entry.\n", PGCTRL);
3058 printk("pktgen: ERROR: cannot create %s procfs entry.\n", module_fname); 3015 proc_net_remove(PG_PROC_DIR);
3059 return -EINVAL; 3016 return -EINVAL;
3060 } 3017 }
3061 3018
3062 module_proc_ent->proc_fops = &pktgen_fops; 3019 pe->proc_fops = &pktgen_fops;
3063 module_proc_ent->data = NULL; 3020 pe->data = NULL;
3064 3021
3065 /* Register us to receive netdevice events */ 3022 /* Register us to receive netdevice events */
3066 register_netdevice_notifier(&pktgen_notifier_block); 3023 register_netdevice_notifier(&pktgen_notifier_block);
3067 3024
3068 for (cpu = 0; cpu < NR_CPUS ; cpu++) { 3025 for_each_online_cpu(cpu) {
3069 char buf[30]; 3026 char buf[30];
3070 3027
3071 if (!cpu_online(cpu))
3072 continue;
3073
3074 sprintf(buf, "kpktgend_%i", cpu); 3028 sprintf(buf, "kpktgend_%i", cpu);
3075 pktgen_create_thread(buf, cpu); 3029 pktgen_create_thread(buf, cpu);
3076 } 3030 }
@@ -3095,10 +3049,8 @@ static void __exit pg_cleanup(void)
3095 unregister_netdevice_notifier(&pktgen_notifier_block); 3049 unregister_netdevice_notifier(&pktgen_notifier_block);
3096 3050
3097 /* Clean up proc file system */ 3051 /* Clean up proc file system */
3098 3052 remove_proc_entry(PGCTRL, pg_proc_dir);
3099 remove_proc_entry(module_fname, NULL); 3053 proc_net_remove(PG_PROC_DIR);
3100
3101 remove_proc_dir();
3102} 3054}
3103 3055
3104 3056
diff --git a/net/core/skbuff.c b/net/core/skbuff.c
index 02cd4cde2112..95501e40100e 100644
--- a/net/core/skbuff.c
+++ b/net/core/skbuff.c
@@ -122,6 +122,8 @@ void skb_under_panic(struct sk_buff *skb, int sz, void *here)
122 * __alloc_skb - allocate a network buffer 122 * __alloc_skb - allocate a network buffer
123 * @size: size to allocate 123 * @size: size to allocate
124 * @gfp_mask: allocation mask 124 * @gfp_mask: allocation mask
125 * @fclone: allocate from fclone cache instead of head cache
126 * and allocate a cloned (child) skb
125 * 127 *
126 * Allocate a new &sk_buff. The returned buffer has no headroom and a 128 * Allocate a new &sk_buff. The returned buffer has no headroom and a
127 * tail room of size bytes. The object has a reference count of one. 129 * tail room of size bytes. The object has a reference count of one.
@@ -174,6 +176,8 @@ struct sk_buff *__alloc_skb(unsigned int size, gfp_t gfp_mask,
174 skb_shinfo(skb)->tso_size = 0; 176 skb_shinfo(skb)->tso_size = 0;
175 skb_shinfo(skb)->tso_segs = 0; 177 skb_shinfo(skb)->tso_segs = 0;
176 skb_shinfo(skb)->frag_list = NULL; 178 skb_shinfo(skb)->frag_list = NULL;
179 skb_shinfo(skb)->ufo_size = 0;
180 skb_shinfo(skb)->ip6_frag_id = 0;
177out: 181out:
178 return skb; 182 return skb;
179nodata: 183nodata:
@@ -1694,6 +1698,78 @@ unsigned int skb_find_text(struct sk_buff *skb, unsigned int from,
1694 return textsearch_find(config, state); 1698 return textsearch_find(config, state);
1695} 1699}
1696 1700
1701/**
1702 * skb_append_datato_frags: - append the user data to a skb
1703 * @sk: sock structure
1704 * @skb: skb structure to be appened with user data.
1705 * @getfrag: call back function to be used for getting the user data
1706 * @from: pointer to user message iov
1707 * @length: length of the iov message
1708 *
1709 * Description: This procedure append the user data in the fragment part
1710 * of the skb if any page alloc fails user this procedure returns -ENOMEM
1711 */
1712int skb_append_datato_frags(struct sock *sk, struct sk_buff *skb,
1713 int getfrag(void *from, char *to, int offset,
1714 int len, int odd, struct sk_buff *skb),
1715 void *from, int length)
1716{
1717 int frg_cnt = 0;
1718 skb_frag_t *frag = NULL;
1719 struct page *page = NULL;
1720 int copy, left;
1721 int offset = 0;
1722 int ret;
1723
1724 do {
1725 /* Return error if we don't have space for new frag */
1726 frg_cnt = skb_shinfo(skb)->nr_frags;
1727 if (frg_cnt >= MAX_SKB_FRAGS)
1728 return -EFAULT;
1729
1730 /* allocate a new page for next frag */
1731 page = alloc_pages(sk->sk_allocation, 0);
1732
1733 /* If alloc_page fails just return failure and caller will
1734 * free previous allocated pages by doing kfree_skb()
1735 */
1736 if (page == NULL)
1737 return -ENOMEM;
1738
1739 /* initialize the next frag */
1740 sk->sk_sndmsg_page = page;
1741 sk->sk_sndmsg_off = 0;
1742 skb_fill_page_desc(skb, frg_cnt, page, 0, 0);
1743 skb->truesize += PAGE_SIZE;
1744 atomic_add(PAGE_SIZE, &sk->sk_wmem_alloc);
1745
1746 /* get the new initialized frag */
1747 frg_cnt = skb_shinfo(skb)->nr_frags;
1748 frag = &skb_shinfo(skb)->frags[frg_cnt - 1];
1749
1750 /* copy the user data to page */
1751 left = PAGE_SIZE - frag->page_offset;
1752 copy = (length > left)? left : length;
1753
1754 ret = getfrag(from, (page_address(frag->page) +
1755 frag->page_offset + frag->size),
1756 offset, copy, 0, skb);
1757 if (ret < 0)
1758 return -EFAULT;
1759
1760 /* copy was successful so update the size parameters */
1761 sk->sk_sndmsg_off += copy;
1762 frag->size += copy;
1763 skb->len += copy;
1764 skb->data_len += copy;
1765 offset += copy;
1766 length -= copy;
1767
1768 } while (length > 0);
1769
1770 return 0;
1771}
1772
1697void __init skb_init(void) 1773void __init skb_init(void)
1698{ 1774{
1699 skbuff_head_cache = kmem_cache_create("skbuff_head_cache", 1775 skbuff_head_cache = kmem_cache_create("skbuff_head_cache",
@@ -1745,3 +1821,4 @@ EXPORT_SYMBOL(skb_prepare_seq_read);
1745EXPORT_SYMBOL(skb_seq_read); 1821EXPORT_SYMBOL(skb_seq_read);
1746EXPORT_SYMBOL(skb_abort_seq_read); 1822EXPORT_SYMBOL(skb_abort_seq_read);
1747EXPORT_SYMBOL(skb_find_text); 1823EXPORT_SYMBOL(skb_find_text);
1824EXPORT_SYMBOL(skb_append_datato_frags);
diff --git a/net/core/sock.c b/net/core/sock.c
index 1c52fe809eda..9602ceb3bac9 100644
--- a/net/core/sock.c
+++ b/net/core/sock.c
@@ -940,7 +940,7 @@ static struct sk_buff *sock_alloc_send_pskb(struct sock *sk,
940 int noblock, int *errcode) 940 int noblock, int *errcode)
941{ 941{
942 struct sk_buff *skb; 942 struct sk_buff *skb;
943 unsigned int gfp_mask; 943 gfp_t gfp_mask;
944 long timeo; 944 long timeo;
945 int err; 945 int err;
946 946
diff --git a/net/dccp/output.c b/net/dccp/output.c
index 29250749f16f..d59f86f7ceab 100644
--- a/net/dccp/output.c
+++ b/net/dccp/output.c
@@ -495,7 +495,7 @@ void dccp_send_close(struct sock *sk, const int active)
495{ 495{
496 struct dccp_sock *dp = dccp_sk(sk); 496 struct dccp_sock *dp = dccp_sk(sk);
497 struct sk_buff *skb; 497 struct sk_buff *skb;
498 const unsigned int prio = active ? GFP_KERNEL : GFP_ATOMIC; 498 const gfp_t prio = active ? GFP_KERNEL : GFP_ATOMIC;
499 499
500 skb = alloc_skb(sk->sk_prot->max_header, prio); 500 skb = alloc_skb(sk->sk_prot->max_header, prio);
501 if (skb == NULL) 501 if (skb == NULL)
diff --git a/net/decnet/af_decnet.c b/net/decnet/af_decnet.c
index 1186dc44cdff..3f25cadccddd 100644
--- a/net/decnet/af_decnet.c
+++ b/net/decnet/af_decnet.c
@@ -719,22 +719,9 @@ static int dn_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
719 if (saddr->sdn_flags & ~SDF_WILD) 719 if (saddr->sdn_flags & ~SDF_WILD)
720 return -EINVAL; 720 return -EINVAL;
721 721
722#if 1
723 if (!capable(CAP_NET_BIND_SERVICE) && (saddr->sdn_objnum || 722 if (!capable(CAP_NET_BIND_SERVICE) && (saddr->sdn_objnum ||
724 (saddr->sdn_flags & SDF_WILD))) 723 (saddr->sdn_flags & SDF_WILD)))
725 return -EACCES; 724 return -EACCES;
726#else
727 /*
728 * Maybe put the default actions in the default security ops for
729 * dn_prot_sock ? Would be nice if the capable call would go there
730 * too.
731 */
732 if (security_dn_prot_sock(saddr) &&
733 !capable(CAP_NET_BIND_SERVICE) ||
734 saddr->sdn_objnum || (saddr->sdn_flags & SDF_WILD))
735 return -EACCES;
736#endif
737
738 725
739 if (!(saddr->sdn_flags & SDF_WILD)) { 726 if (!(saddr->sdn_flags & SDF_WILD)) {
740 if (dn_ntohs(saddr->sdn_nodeaddrl)) { 727 if (dn_ntohs(saddr->sdn_nodeaddrl)) {
diff --git a/net/ethernet/eth.c b/net/ethernet/eth.c
index 68a5ca866442..e24577367274 100644
--- a/net/ethernet/eth.c
+++ b/net/ethernet/eth.c
@@ -146,19 +146,6 @@ int eth_rebuild_header(struct sk_buff *skb)
146 return 0; 146 return 0;
147} 147}
148 148
149static inline unsigned int compare_eth_addr(const unsigned char *__a, const unsigned char *__b)
150{
151 const unsigned short *dest = (unsigned short *) __a;
152 const unsigned short *devaddr = (unsigned short *) __b;
153 unsigned int res;
154
155 BUILD_BUG_ON(ETH_ALEN != 6);
156 res = ((dest[0] ^ devaddr[0]) |
157 (dest[1] ^ devaddr[1]) |
158 (dest[2] ^ devaddr[2])) != 0;
159
160 return res;
161}
162 149
163/* 150/*
164 * Determine the packet's protocol ID. The rule here is that we 151 * Determine the packet's protocol ID. The rule here is that we
@@ -176,7 +163,7 @@ __be16 eth_type_trans(struct sk_buff *skb, struct net_device *dev)
176 eth = eth_hdr(skb); 163 eth = eth_hdr(skb);
177 164
178 if (*eth->h_dest&1) { 165 if (*eth->h_dest&1) {
179 if (!compare_eth_addr(eth->h_dest, dev->broadcast)) 166 if (!compare_ether_addr(eth->h_dest, dev->broadcast))
180 skb->pkt_type = PACKET_BROADCAST; 167 skb->pkt_type = PACKET_BROADCAST;
181 else 168 else
182 skb->pkt_type = PACKET_MULTICAST; 169 skb->pkt_type = PACKET_MULTICAST;
@@ -191,7 +178,7 @@ __be16 eth_type_trans(struct sk_buff *skb, struct net_device *dev)
191 */ 178 */
192 179
193 else if(1 /*dev->flags&IFF_PROMISC*/) { 180 else if(1 /*dev->flags&IFF_PROMISC*/) {
194 if (unlikely(compare_eth_addr(eth->h_dest, dev->dev_addr))) 181 if (unlikely(compare_ether_addr(eth->h_dest, dev->dev_addr)))
195 skb->pkt_type = PACKET_OTHERHOST; 182 skb->pkt_type = PACKET_OTHERHOST;
196 } 183 }
197 184
diff --git a/net/ieee80211/Makefile b/net/ieee80211/Makefile
index a6ccac5baea8..f988417121da 100644
--- a/net/ieee80211/Makefile
+++ b/net/ieee80211/Makefile
@@ -7,5 +7,6 @@ ieee80211-objs := \
7 ieee80211_module.o \ 7 ieee80211_module.o \
8 ieee80211_tx.o \ 8 ieee80211_tx.o \
9 ieee80211_rx.o \ 9 ieee80211_rx.o \
10 ieee80211_wx.o 10 ieee80211_wx.o \
11 ieee80211_geo.o
11 12
diff --git a/net/ieee80211/ieee80211_crypt.c b/net/ieee80211/ieee80211_crypt.c
index 61a9d92e455b..f3b6aa3be638 100644
--- a/net/ieee80211/ieee80211_crypt.c
+++ b/net/ieee80211/ieee80211_crypt.c
@@ -41,6 +41,12 @@ void ieee80211_crypt_deinit_entries(struct ieee80211_device *ieee, int force)
41{ 41{
42 struct list_head *ptr, *n; 42 struct list_head *ptr, *n;
43 struct ieee80211_crypt_data *entry; 43 struct ieee80211_crypt_data *entry;
44 unsigned long flags;
45
46 spin_lock_irqsave(&ieee->lock, flags);
47
48 if (list_empty(&ieee->crypt_deinit_list))
49 goto unlock;
44 50
45 for (ptr = ieee->crypt_deinit_list.next, n = ptr->next; 51 for (ptr = ieee->crypt_deinit_list.next, n = ptr->next;
46 ptr != &ieee->crypt_deinit_list; ptr = n, n = ptr->next) { 52 ptr != &ieee->crypt_deinit_list; ptr = n, n = ptr->next) {
@@ -57,6 +63,18 @@ void ieee80211_crypt_deinit_entries(struct ieee80211_device *ieee, int force)
57 } 63 }
58 kfree(entry); 64 kfree(entry);
59 } 65 }
66 unlock:
67 spin_unlock_irqrestore(&ieee->lock, flags);
68}
69
70/* After this, crypt_deinit_list won't accept new members */
71void ieee80211_crypt_quiescing(struct ieee80211_device *ieee)
72{
73 unsigned long flags;
74
75 spin_lock_irqsave(&ieee->lock, flags);
76 ieee->crypt_quiesced = 1;
77 spin_unlock_irqrestore(&ieee->lock, flags);
60} 78}
61 79
62void ieee80211_crypt_deinit_handler(unsigned long data) 80void ieee80211_crypt_deinit_handler(unsigned long data)
@@ -64,16 +82,16 @@ void ieee80211_crypt_deinit_handler(unsigned long data)
64 struct ieee80211_device *ieee = (struct ieee80211_device *)data; 82 struct ieee80211_device *ieee = (struct ieee80211_device *)data;
65 unsigned long flags; 83 unsigned long flags;
66 84
67 spin_lock_irqsave(&ieee->lock, flags);
68 ieee80211_crypt_deinit_entries(ieee, 0); 85 ieee80211_crypt_deinit_entries(ieee, 0);
69 if (!list_empty(&ieee->crypt_deinit_list)) { 86
87 spin_lock_irqsave(&ieee->lock, flags);
88 if (!list_empty(&ieee->crypt_deinit_list) && !ieee->crypt_quiesced) {
70 printk(KERN_DEBUG "%s: entries remaining in delayed crypt " 89 printk(KERN_DEBUG "%s: entries remaining in delayed crypt "
71 "deletion list\n", ieee->dev->name); 90 "deletion list\n", ieee->dev->name);
72 ieee->crypt_deinit_timer.expires = jiffies + HZ; 91 ieee->crypt_deinit_timer.expires = jiffies + HZ;
73 add_timer(&ieee->crypt_deinit_timer); 92 add_timer(&ieee->crypt_deinit_timer);
74 } 93 }
75 spin_unlock_irqrestore(&ieee->lock, flags); 94 spin_unlock_irqrestore(&ieee->lock, flags);
76
77} 95}
78 96
79void ieee80211_crypt_delayed_deinit(struct ieee80211_device *ieee, 97void ieee80211_crypt_delayed_deinit(struct ieee80211_device *ieee,
@@ -93,10 +111,12 @@ void ieee80211_crypt_delayed_deinit(struct ieee80211_device *ieee,
93 * locking. */ 111 * locking. */
94 112
95 spin_lock_irqsave(&ieee->lock, flags); 113 spin_lock_irqsave(&ieee->lock, flags);
96 list_add(&tmp->list, &ieee->crypt_deinit_list); 114 if (!ieee->crypt_quiesced) {
97 if (!timer_pending(&ieee->crypt_deinit_timer)) { 115 list_add(&tmp->list, &ieee->crypt_deinit_list);
98 ieee->crypt_deinit_timer.expires = jiffies + HZ; 116 if (!timer_pending(&ieee->crypt_deinit_timer)) {
99 add_timer(&ieee->crypt_deinit_timer); 117 ieee->crypt_deinit_timer.expires = jiffies + HZ;
118 add_timer(&ieee->crypt_deinit_timer);
119 }
100 } 120 }
101 spin_unlock_irqrestore(&ieee->lock, flags); 121 spin_unlock_irqrestore(&ieee->lock, flags);
102} 122}
@@ -191,18 +211,18 @@ static void ieee80211_crypt_null_deinit(void *priv)
191} 211}
192 212
193static struct ieee80211_crypto_ops ieee80211_crypt_null = { 213static struct ieee80211_crypto_ops ieee80211_crypt_null = {
194 .name = "NULL", 214 .name = "NULL",
195 .init = ieee80211_crypt_null_init, 215 .init = ieee80211_crypt_null_init,
196 .deinit = ieee80211_crypt_null_deinit, 216 .deinit = ieee80211_crypt_null_deinit,
197 .encrypt_mpdu = NULL, 217 .encrypt_mpdu = NULL,
198 .decrypt_mpdu = NULL, 218 .decrypt_mpdu = NULL,
199 .encrypt_msdu = NULL, 219 .encrypt_msdu = NULL,
200 .decrypt_msdu = NULL, 220 .decrypt_msdu = NULL,
201 .set_key = NULL, 221 .set_key = NULL,
202 .get_key = NULL, 222 .get_key = NULL,
203 .extra_prefix_len = 0, 223 .extra_mpdu_prefix_len = 0,
204 .extra_postfix_len = 0, 224 .extra_mpdu_postfix_len = 0,
205 .owner = THIS_MODULE, 225 .owner = THIS_MODULE,
206}; 226};
207 227
208static int __init ieee80211_crypto_init(void) 228static int __init ieee80211_crypto_init(void)
@@ -249,6 +269,7 @@ static void __exit ieee80211_crypto_deinit(void)
249EXPORT_SYMBOL(ieee80211_crypt_deinit_entries); 269EXPORT_SYMBOL(ieee80211_crypt_deinit_entries);
250EXPORT_SYMBOL(ieee80211_crypt_deinit_handler); 270EXPORT_SYMBOL(ieee80211_crypt_deinit_handler);
251EXPORT_SYMBOL(ieee80211_crypt_delayed_deinit); 271EXPORT_SYMBOL(ieee80211_crypt_delayed_deinit);
272EXPORT_SYMBOL(ieee80211_crypt_quiescing);
252 273
253EXPORT_SYMBOL(ieee80211_register_crypto_ops); 274EXPORT_SYMBOL(ieee80211_register_crypto_ops);
254EXPORT_SYMBOL(ieee80211_unregister_crypto_ops); 275EXPORT_SYMBOL(ieee80211_unregister_crypto_ops);
diff --git a/net/ieee80211/ieee80211_crypt_ccmp.c b/net/ieee80211/ieee80211_crypt_ccmp.c
index 8fc13f45971e..05a853c13012 100644
--- a/net/ieee80211/ieee80211_crypt_ccmp.c
+++ b/net/ieee80211/ieee80211_crypt_ccmp.c
@@ -119,7 +119,7 @@ static inline void xor_block(u8 * b, u8 * a, size_t len)
119} 119}
120 120
121static void ccmp_init_blocks(struct crypto_tfm *tfm, 121static void ccmp_init_blocks(struct crypto_tfm *tfm,
122 struct ieee80211_hdr *hdr, 122 struct ieee80211_hdr_4addr *hdr,
123 u8 * pn, size_t dlen, u8 * b0, u8 * auth, u8 * s0) 123 u8 * pn, size_t dlen, u8 * b0, u8 * auth, u8 * s0)
124{ 124{
125 u8 *pos, qc = 0; 125 u8 *pos, qc = 0;
@@ -191,26 +191,18 @@ static void ccmp_init_blocks(struct crypto_tfm *tfm,
191 ieee80211_ccmp_aes_encrypt(tfm, b0, s0); 191 ieee80211_ccmp_aes_encrypt(tfm, b0, s0);
192} 192}
193 193
194static int ieee80211_ccmp_encrypt(struct sk_buff *skb, int hdr_len, void *priv) 194static int ieee80211_ccmp_hdr(struct sk_buff *skb, int hdr_len, void *priv)
195{ 195{
196 struct ieee80211_ccmp_data *key = priv; 196 struct ieee80211_ccmp_data *key = priv;
197 int data_len, i, blocks, last, len; 197 int i;
198 u8 *pos, *mic; 198 u8 *pos;
199 struct ieee80211_hdr *hdr;
200 u8 *b0 = key->tx_b0;
201 u8 *b = key->tx_b;
202 u8 *e = key->tx_e;
203 u8 *s0 = key->tx_s0;
204 199
205 if (skb_headroom(skb) < CCMP_HDR_LEN || 200 if (skb_headroom(skb) < CCMP_HDR_LEN || skb->len < hdr_len)
206 skb_tailroom(skb) < CCMP_MIC_LEN || skb->len < hdr_len)
207 return -1; 201 return -1;
208 202
209 data_len = skb->len - hdr_len;
210 pos = skb_push(skb, CCMP_HDR_LEN); 203 pos = skb_push(skb, CCMP_HDR_LEN);
211 memmove(pos, pos + CCMP_HDR_LEN, hdr_len); 204 memmove(pos, pos + CCMP_HDR_LEN, hdr_len);
212 pos += hdr_len; 205 pos += hdr_len;
213 mic = skb_put(skb, CCMP_MIC_LEN);
214 206
215 i = CCMP_PN_LEN - 1; 207 i = CCMP_PN_LEN - 1;
216 while (i >= 0) { 208 while (i >= 0) {
@@ -229,7 +221,31 @@ static int ieee80211_ccmp_encrypt(struct sk_buff *skb, int hdr_len, void *priv)
229 *pos++ = key->tx_pn[1]; 221 *pos++ = key->tx_pn[1];
230 *pos++ = key->tx_pn[0]; 222 *pos++ = key->tx_pn[0];
231 223
232 hdr = (struct ieee80211_hdr *)skb->data; 224 return CCMP_HDR_LEN;
225}
226
227static int ieee80211_ccmp_encrypt(struct sk_buff *skb, int hdr_len, void *priv)
228{
229 struct ieee80211_ccmp_data *key = priv;
230 int data_len, i, blocks, last, len;
231 u8 *pos, *mic;
232 struct ieee80211_hdr_4addr *hdr;
233 u8 *b0 = key->tx_b0;
234 u8 *b = key->tx_b;
235 u8 *e = key->tx_e;
236 u8 *s0 = key->tx_s0;
237
238 if (skb_tailroom(skb) < CCMP_MIC_LEN || skb->len < hdr_len)
239 return -1;
240
241 data_len = skb->len - hdr_len;
242 len = ieee80211_ccmp_hdr(skb, hdr_len, priv);
243 if (len < 0)
244 return -1;
245
246 pos = skb->data + hdr_len + CCMP_HDR_LEN;
247 mic = skb_put(skb, CCMP_MIC_LEN);
248 hdr = (struct ieee80211_hdr_4addr *)skb->data;
233 ccmp_init_blocks(key->tfm, hdr, key->tx_pn, data_len, b0, b, s0); 249 ccmp_init_blocks(key->tfm, hdr, key->tx_pn, data_len, b0, b, s0);
234 250
235 blocks = (data_len + AES_BLOCK_LEN - 1) / AES_BLOCK_LEN; 251 blocks = (data_len + AES_BLOCK_LEN - 1) / AES_BLOCK_LEN;
@@ -258,7 +274,7 @@ static int ieee80211_ccmp_decrypt(struct sk_buff *skb, int hdr_len, void *priv)
258{ 274{
259 struct ieee80211_ccmp_data *key = priv; 275 struct ieee80211_ccmp_data *key = priv;
260 u8 keyidx, *pos; 276 u8 keyidx, *pos;
261 struct ieee80211_hdr *hdr; 277 struct ieee80211_hdr_4addr *hdr;
262 u8 *b0 = key->rx_b0; 278 u8 *b0 = key->rx_b0;
263 u8 *b = key->rx_b; 279 u8 *b = key->rx_b;
264 u8 *a = key->rx_a; 280 u8 *a = key->rx_a;
@@ -272,7 +288,7 @@ static int ieee80211_ccmp_decrypt(struct sk_buff *skb, int hdr_len, void *priv)
272 return -1; 288 return -1;
273 } 289 }
274 290
275 hdr = (struct ieee80211_hdr *)skb->data; 291 hdr = (struct ieee80211_hdr_4addr *)skb->data;
276 pos = skb->data + hdr_len; 292 pos = skb->data + hdr_len;
277 keyidx = pos[3]; 293 keyidx = pos[3];
278 if (!(keyidx & (1 << 5))) { 294 if (!(keyidx & (1 << 5))) {
@@ -426,19 +442,20 @@ static char *ieee80211_ccmp_print_stats(char *p, void *priv)
426} 442}
427 443
428static struct ieee80211_crypto_ops ieee80211_crypt_ccmp = { 444static struct ieee80211_crypto_ops ieee80211_crypt_ccmp = {
429 .name = "CCMP", 445 .name = "CCMP",
430 .init = ieee80211_ccmp_init, 446 .init = ieee80211_ccmp_init,
431 .deinit = ieee80211_ccmp_deinit, 447 .deinit = ieee80211_ccmp_deinit,
432 .encrypt_mpdu = ieee80211_ccmp_encrypt, 448 .build_iv = ieee80211_ccmp_hdr,
433 .decrypt_mpdu = ieee80211_ccmp_decrypt, 449 .encrypt_mpdu = ieee80211_ccmp_encrypt,
434 .encrypt_msdu = NULL, 450 .decrypt_mpdu = ieee80211_ccmp_decrypt,
435 .decrypt_msdu = NULL, 451 .encrypt_msdu = NULL,
436 .set_key = ieee80211_ccmp_set_key, 452 .decrypt_msdu = NULL,
437 .get_key = ieee80211_ccmp_get_key, 453 .set_key = ieee80211_ccmp_set_key,
438 .print_stats = ieee80211_ccmp_print_stats, 454 .get_key = ieee80211_ccmp_get_key,
439 .extra_prefix_len = CCMP_HDR_LEN, 455 .print_stats = ieee80211_ccmp_print_stats,
440 .extra_postfix_len = CCMP_MIC_LEN, 456 .extra_mpdu_prefix_len = CCMP_HDR_LEN,
441 .owner = THIS_MODULE, 457 .extra_mpdu_postfix_len = CCMP_MIC_LEN,
458 .owner = THIS_MODULE,
442}; 459};
443 460
444static int __init ieee80211_crypto_ccmp_init(void) 461static int __init ieee80211_crypto_ccmp_init(void)
diff --git a/net/ieee80211/ieee80211_crypt_tkip.c b/net/ieee80211/ieee80211_crypt_tkip.c
index d4f9164be1a1..2e34f29b7956 100644
--- a/net/ieee80211/ieee80211_crypt_tkip.c
+++ b/net/ieee80211/ieee80211_crypt_tkip.c
@@ -59,8 +59,24 @@ struct ieee80211_tkip_data {
59 59
60 /* scratch buffers for virt_to_page() (crypto API) */ 60 /* scratch buffers for virt_to_page() (crypto API) */
61 u8 rx_hdr[16], tx_hdr[16]; 61 u8 rx_hdr[16], tx_hdr[16];
62
63 unsigned long flags;
62}; 64};
63 65
66static unsigned long ieee80211_tkip_set_flags(unsigned long flags, void *priv)
67{
68 struct ieee80211_tkip_data *_priv = priv;
69 unsigned long old_flags = _priv->flags;
70 _priv->flags = flags;
71 return old_flags;
72}
73
74static unsigned long ieee80211_tkip_get_flags(void *priv)
75{
76 struct ieee80211_tkip_data *_priv = priv;
77 return _priv->flags;
78}
79
64static void *ieee80211_tkip_init(int key_idx) 80static void *ieee80211_tkip_init(int key_idx)
65{ 81{
66 struct ieee80211_tkip_data *priv; 82 struct ieee80211_tkip_data *priv;
@@ -69,6 +85,7 @@ static void *ieee80211_tkip_init(int key_idx)
69 if (priv == NULL) 85 if (priv == NULL)
70 goto fail; 86 goto fail;
71 memset(priv, 0, sizeof(*priv)); 87 memset(priv, 0, sizeof(*priv));
88
72 priv->key_idx = key_idx; 89 priv->key_idx = key_idx;
73 90
74 priv->tfm_arc4 = crypto_alloc_tfm("arc4", 0); 91 priv->tfm_arc4 = crypto_alloc_tfm("arc4", 0);
@@ -255,25 +272,27 @@ static void tkip_mixing_phase2(u8 * WEPSeed, const u8 * TK, const u16 * TTAK,
255#endif 272#endif
256} 273}
257 274
258static int ieee80211_tkip_encrypt(struct sk_buff *skb, int hdr_len, void *priv) 275static u8 *ieee80211_tkip_hdr(struct sk_buff *skb, int hdr_len, void *priv)
259{ 276{
260 struct ieee80211_tkip_data *tkey = priv; 277 struct ieee80211_tkip_data *tkey = priv;
261 int len; 278 int len;
262 u8 rc4key[16], *pos, *icv; 279 u8 *rc4key, *pos, *icv;
263 struct ieee80211_hdr *hdr; 280 struct ieee80211_hdr_4addr *hdr;
264 u32 crc; 281 u32 crc;
265 struct scatterlist sg;
266 282
267 if (skb_headroom(skb) < 8 || skb_tailroom(skb) < 4 || 283 hdr = (struct ieee80211_hdr_4addr *)skb->data;
268 skb->len < hdr_len) 284
269 return -1; 285 if (skb_headroom(skb) < 8 || skb->len < hdr_len)
286 return NULL;
270 287
271 hdr = (struct ieee80211_hdr *)skb->data;
272 if (!tkey->tx_phase1_done) { 288 if (!tkey->tx_phase1_done) {
273 tkip_mixing_phase1(tkey->tx_ttak, tkey->key, hdr->addr2, 289 tkip_mixing_phase1(tkey->tx_ttak, tkey->key, hdr->addr2,
274 tkey->tx_iv32); 290 tkey->tx_iv32);
275 tkey->tx_phase1_done = 1; 291 tkey->tx_phase1_done = 1;
276 } 292 }
293 rc4key = kmalloc(16, GFP_ATOMIC);
294 if (!rc4key)
295 return NULL;
277 tkip_mixing_phase2(rc4key, tkey->key, tkey->tx_ttak, tkey->tx_iv16); 296 tkip_mixing_phase2(rc4key, tkey->key, tkey->tx_ttak, tkey->tx_iv16);
278 297
279 len = skb->len - hdr_len; 298 len = skb->len - hdr_len;
@@ -282,9 +301,9 @@ static int ieee80211_tkip_encrypt(struct sk_buff *skb, int hdr_len, void *priv)
282 pos += hdr_len; 301 pos += hdr_len;
283 icv = skb_put(skb, 4); 302 icv = skb_put(skb, 4);
284 303
285 *pos++ = rc4key[0]; 304 *pos++ = *rc4key;
286 *pos++ = rc4key[1]; 305 *pos++ = *(rc4key + 1);
287 *pos++ = rc4key[2]; 306 *pos++ = *(rc4key + 2);
288 *pos++ = (tkey->key_idx << 6) | (1 << 5) /* Ext IV included */ ; 307 *pos++ = (tkey->key_idx << 6) | (1 << 5) /* Ext IV included */ ;
289 *pos++ = tkey->tx_iv32 & 0xff; 308 *pos++ = tkey->tx_iv32 & 0xff;
290 *pos++ = (tkey->tx_iv32 >> 8) & 0xff; 309 *pos++ = (tkey->tx_iv32 >> 8) & 0xff;
@@ -297,6 +316,38 @@ static int ieee80211_tkip_encrypt(struct sk_buff *skb, int hdr_len, void *priv)
297 icv[2] = crc >> 16; 316 icv[2] = crc >> 16;
298 icv[3] = crc >> 24; 317 icv[3] = crc >> 24;
299 318
319 return rc4key;
320}
321
322static int ieee80211_tkip_encrypt(struct sk_buff *skb, int hdr_len, void *priv)
323{
324 struct ieee80211_tkip_data *tkey = priv;
325 int len;
326 const u8 *rc4key;
327 u8 *pos;
328 struct scatterlist sg;
329
330 if (tkey->flags & IEEE80211_CRYPTO_TKIP_COUNTERMEASURES) {
331 if (net_ratelimit()) {
332 struct ieee80211_hdr_4addr *hdr =
333 (struct ieee80211_hdr_4addr *)skb->data;
334 printk(KERN_DEBUG "TKIP countermeasures: dropped "
335 "TX packet to " MAC_FMT "\n",
336 MAC_ARG(hdr->addr1));
337 }
338 return -1;
339 }
340
341 if (skb_tailroom(skb) < 4 || skb->len < hdr_len)
342 return -1;
343
344 len = skb->len - hdr_len;
345 pos = skb->data + hdr_len;
346
347 rc4key = ieee80211_tkip_hdr(skb, hdr_len, priv);
348 if (!rc4key)
349 return -1;
350
300 crypto_cipher_setkey(tkey->tfm_arc4, rc4key, 16); 351 crypto_cipher_setkey(tkey->tfm_arc4, rc4key, 16);
301 sg.page = virt_to_page(pos); 352 sg.page = virt_to_page(pos);
302 sg.offset = offset_in_page(pos); 353 sg.offset = offset_in_page(pos);
@@ -319,16 +370,26 @@ static int ieee80211_tkip_decrypt(struct sk_buff *skb, int hdr_len, void *priv)
319 u8 keyidx, *pos; 370 u8 keyidx, *pos;
320 u32 iv32; 371 u32 iv32;
321 u16 iv16; 372 u16 iv16;
322 struct ieee80211_hdr *hdr; 373 struct ieee80211_hdr_4addr *hdr;
323 u8 icv[4]; 374 u8 icv[4];
324 u32 crc; 375 u32 crc;
325 struct scatterlist sg; 376 struct scatterlist sg;
326 int plen; 377 int plen;
327 378
379 hdr = (struct ieee80211_hdr_4addr *)skb->data;
380
381 if (tkey->flags & IEEE80211_CRYPTO_TKIP_COUNTERMEASURES) {
382 if (net_ratelimit()) {
383 printk(KERN_DEBUG "TKIP countermeasures: dropped "
384 "received packet from " MAC_FMT "\n",
385 MAC_ARG(hdr->addr2));
386 }
387 return -1;
388 }
389
328 if (skb->len < hdr_len + 8 + 4) 390 if (skb->len < hdr_len + 8 + 4)
329 return -1; 391 return -1;
330 392
331 hdr = (struct ieee80211_hdr *)skb->data;
332 pos = skb->data + hdr_len; 393 pos = skb->data + hdr_len;
333 keyidx = pos[3]; 394 keyidx = pos[3];
334 if (!(keyidx & (1 << 5))) { 395 if (!(keyidx & (1 << 5))) {
@@ -441,9 +502,9 @@ static int michael_mic(struct ieee80211_tkip_data *tkey, u8 * key, u8 * hdr,
441 502
442static void michael_mic_hdr(struct sk_buff *skb, u8 * hdr) 503static void michael_mic_hdr(struct sk_buff *skb, u8 * hdr)
443{ 504{
444 struct ieee80211_hdr *hdr11; 505 struct ieee80211_hdr_4addr *hdr11;
445 506
446 hdr11 = (struct ieee80211_hdr *)skb->data; 507 hdr11 = (struct ieee80211_hdr_4addr *)skb->data;
447 switch (le16_to_cpu(hdr11->frame_ctl) & 508 switch (le16_to_cpu(hdr11->frame_ctl) &
448 (IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS)) { 509 (IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS)) {
449 case IEEE80211_FCTL_TODS: 510 case IEEE80211_FCTL_TODS:
@@ -490,9 +551,9 @@ static int ieee80211_michael_mic_add(struct sk_buff *skb, int hdr_len,
490 return 0; 551 return 0;
491} 552}
492 553
493#if WIRELESS_EXT >= 18
494static void ieee80211_michael_mic_failure(struct net_device *dev, 554static void ieee80211_michael_mic_failure(struct net_device *dev,
495 struct ieee80211_hdr *hdr, int keyidx) 555 struct ieee80211_hdr_4addr *hdr,
556 int keyidx)
496{ 557{
497 union iwreq_data wrqu; 558 union iwreq_data wrqu;
498 struct iw_michaelmicfailure ev; 559 struct iw_michaelmicfailure ev;
@@ -510,28 +571,6 @@ static void ieee80211_michael_mic_failure(struct net_device *dev,
510 wrqu.data.length = sizeof(ev); 571 wrqu.data.length = sizeof(ev);
511 wireless_send_event(dev, IWEVMICHAELMICFAILURE, &wrqu, (char *)&ev); 572 wireless_send_event(dev, IWEVMICHAELMICFAILURE, &wrqu, (char *)&ev);
512} 573}
513#elif WIRELESS_EXT >= 15
514static void ieee80211_michael_mic_failure(struct net_device *dev,
515 struct ieee80211_hdr *hdr, int keyidx)
516{
517 union iwreq_data wrqu;
518 char buf[128];
519
520 /* TODO: needed parameters: count, keyid, key type, TSC */
521 sprintf(buf, "MLME-MICHAELMICFAILURE.indication(keyid=%d %scast addr="
522 MAC_FMT ")", keyidx, hdr->addr1[0] & 0x01 ? "broad" : "uni",
523 MAC_ARG(hdr->addr2));
524 memset(&wrqu, 0, sizeof(wrqu));
525 wrqu.data.length = strlen(buf);
526 wireless_send_event(dev, IWEVCUSTOM, &wrqu, buf);
527}
528#else /* WIRELESS_EXT >= 15 */
529static inline void ieee80211_michael_mic_failure(struct net_device *dev,
530 struct ieee80211_hdr *hdr,
531 int keyidx)
532{
533}
534#endif /* WIRELESS_EXT >= 15 */
535 574
536static int ieee80211_michael_mic_verify(struct sk_buff *skb, int keyidx, 575static int ieee80211_michael_mic_verify(struct sk_buff *skb, int keyidx,
537 int hdr_len, void *priv) 576 int hdr_len, void *priv)
@@ -547,8 +586,8 @@ static int ieee80211_michael_mic_verify(struct sk_buff *skb, int keyidx,
547 skb->data + hdr_len, skb->len - 8 - hdr_len, mic)) 586 skb->data + hdr_len, skb->len - 8 - hdr_len, mic))
548 return -1; 587 return -1;
549 if (memcmp(mic, skb->data + skb->len - 8, 8) != 0) { 588 if (memcmp(mic, skb->data + skb->len - 8, 8) != 0) {
550 struct ieee80211_hdr *hdr; 589 struct ieee80211_hdr_4addr *hdr;
551 hdr = (struct ieee80211_hdr *)skb->data; 590 hdr = (struct ieee80211_hdr_4addr *)skb->data;
552 printk(KERN_DEBUG "%s: Michael MIC verification failed for " 591 printk(KERN_DEBUG "%s: Michael MIC verification failed for "
553 "MSDU from " MAC_FMT " keyidx=%d\n", 592 "MSDU from " MAC_FMT " keyidx=%d\n",
554 skb->dev ? skb->dev->name : "N/A", MAC_ARG(hdr->addr2), 593 skb->dev ? skb->dev->name : "N/A", MAC_ARG(hdr->addr2),
@@ -654,19 +693,22 @@ static char *ieee80211_tkip_print_stats(char *p, void *priv)
654} 693}
655 694
656static struct ieee80211_crypto_ops ieee80211_crypt_tkip = { 695static struct ieee80211_crypto_ops ieee80211_crypt_tkip = {
657 .name = "TKIP", 696 .name = "TKIP",
658 .init = ieee80211_tkip_init, 697 .init = ieee80211_tkip_init,
659 .deinit = ieee80211_tkip_deinit, 698 .deinit = ieee80211_tkip_deinit,
660 .encrypt_mpdu = ieee80211_tkip_encrypt, 699 .encrypt_mpdu = ieee80211_tkip_encrypt,
661 .decrypt_mpdu = ieee80211_tkip_decrypt, 700 .decrypt_mpdu = ieee80211_tkip_decrypt,
662 .encrypt_msdu = ieee80211_michael_mic_add, 701 .encrypt_msdu = ieee80211_michael_mic_add,
663 .decrypt_msdu = ieee80211_michael_mic_verify, 702 .decrypt_msdu = ieee80211_michael_mic_verify,
664 .set_key = ieee80211_tkip_set_key, 703 .set_key = ieee80211_tkip_set_key,
665 .get_key = ieee80211_tkip_get_key, 704 .get_key = ieee80211_tkip_get_key,
666 .print_stats = ieee80211_tkip_print_stats, 705 .print_stats = ieee80211_tkip_print_stats,
667 .extra_prefix_len = 4 + 4, /* IV + ExtIV */ 706 .extra_mpdu_prefix_len = 4 + 4, /* IV + ExtIV */
668 .extra_postfix_len = 8 + 4, /* MIC + ICV */ 707 .extra_mpdu_postfix_len = 4, /* ICV */
669 .owner = THIS_MODULE, 708 .extra_msdu_postfix_len = 8, /* MIC */
709 .get_flags = ieee80211_tkip_get_flags,
710 .set_flags = ieee80211_tkip_set_flags,
711 .owner = THIS_MODULE,
670}; 712};
671 713
672static int __init ieee80211_crypto_tkip_init(void) 714static int __init ieee80211_crypto_tkip_init(void)
diff --git a/net/ieee80211/ieee80211_crypt_wep.c b/net/ieee80211/ieee80211_crypt_wep.c
index b4d2514a0902..7c08ed2f2628 100644
--- a/net/ieee80211/ieee80211_crypt_wep.c
+++ b/net/ieee80211/ieee80211_crypt_wep.c
@@ -229,19 +229,19 @@ static char *prism2_wep_print_stats(char *p, void *priv)
229} 229}
230 230
231static struct ieee80211_crypto_ops ieee80211_crypt_wep = { 231static struct ieee80211_crypto_ops ieee80211_crypt_wep = {
232 .name = "WEP", 232 .name = "WEP",
233 .init = prism2_wep_init, 233 .init = prism2_wep_init,
234 .deinit = prism2_wep_deinit, 234 .deinit = prism2_wep_deinit,
235 .encrypt_mpdu = prism2_wep_encrypt, 235 .encrypt_mpdu = prism2_wep_encrypt,
236 .decrypt_mpdu = prism2_wep_decrypt, 236 .decrypt_mpdu = prism2_wep_decrypt,
237 .encrypt_msdu = NULL, 237 .encrypt_msdu = NULL,
238 .decrypt_msdu = NULL, 238 .decrypt_msdu = NULL,
239 .set_key = prism2_wep_set_key, 239 .set_key = prism2_wep_set_key,
240 .get_key = prism2_wep_get_key, 240 .get_key = prism2_wep_get_key,
241 .print_stats = prism2_wep_print_stats, 241 .print_stats = prism2_wep_print_stats,
242 .extra_prefix_len = 4, /* IV */ 242 .extra_mpdu_prefix_len = 4, /* IV */
243 .extra_postfix_len = 4, /* ICV */ 243 .extra_mpdu_postfix_len = 4, /* ICV */
244 .owner = THIS_MODULE, 244 .owner = THIS_MODULE,
245}; 245};
246 246
247static int __init ieee80211_crypto_wep_init(void) 247static int __init ieee80211_crypto_wep_init(void)
diff --git a/net/ieee80211/ieee80211_geo.c b/net/ieee80211/ieee80211_geo.c
new file mode 100644
index 000000000000..c4b54ef8f6d5
--- /dev/null
+++ b/net/ieee80211/ieee80211_geo.c
@@ -0,0 +1,141 @@
1/******************************************************************************
2
3 Copyright(c) 2005 Intel Corporation. All rights reserved.
4
5 This program is free software; you can redistribute it and/or modify it
6 under the terms of version 2 of the GNU General Public License as
7 published by the Free Software Foundation.
8
9 This program is distributed in the hope that it will be useful, but WITHOUT
10 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
12 more details.
13
14 You should have received a copy of the GNU General Public License along with
15 this program; if not, write to the Free Software Foundation, Inc., 59
16 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
17
18 The full GNU General Public License is included in this distribution in the
19 file called LICENSE.
20
21 Contact Information:
22 James P. Ketrenos <ipw2100-admin@linux.intel.com>
23 Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497
24
25******************************************************************************/
26#include <linux/compiler.h>
27#include <linux/config.h>
28#include <linux/errno.h>
29#include <linux/if_arp.h>
30#include <linux/in6.h>
31#include <linux/in.h>
32#include <linux/ip.h>
33#include <linux/kernel.h>
34#include <linux/module.h>
35#include <linux/netdevice.h>
36#include <linux/proc_fs.h>
37#include <linux/skbuff.h>
38#include <linux/slab.h>
39#include <linux/tcp.h>
40#include <linux/types.h>
41#include <linux/version.h>
42#include <linux/wireless.h>
43#include <linux/etherdevice.h>
44#include <asm/uaccess.h>
45
46#include <net/ieee80211.h>
47
48int ieee80211_is_valid_channel(struct ieee80211_device *ieee, u8 channel)
49{
50 int i;
51
52 /* Driver needs to initialize the geography map before using
53 * these helper functions */
54 BUG_ON(ieee->geo.bg_channels == 0 && ieee->geo.a_channels == 0);
55
56 if (ieee->freq_band & IEEE80211_24GHZ_BAND)
57 for (i = 0; i < ieee->geo.bg_channels; i++)
58 /* NOTE: If G mode is currently supported but
59 * this is a B only channel, we don't see it
60 * as valid. */
61 if ((ieee->geo.bg[i].channel == channel) &&
62 (!(ieee->mode & IEEE_G) ||
63 !(ieee->geo.bg[i].flags & IEEE80211_CH_B_ONLY)))
64 return IEEE80211_24GHZ_BAND;
65
66 if (ieee->freq_band & IEEE80211_52GHZ_BAND)
67 for (i = 0; i < ieee->geo.a_channels; i++)
68 if (ieee->geo.a[i].channel == channel)
69 return IEEE80211_52GHZ_BAND;
70
71 return 0;
72}
73
74int ieee80211_channel_to_index(struct ieee80211_device *ieee, u8 channel)
75{
76 int i;
77
78 /* Driver needs to initialize the geography map before using
79 * these helper functions */
80 BUG_ON(ieee->geo.bg_channels == 0 && ieee->geo.a_channels == 0);
81
82 if (ieee->freq_band & IEEE80211_24GHZ_BAND)
83 for (i = 0; i < ieee->geo.bg_channels; i++)
84 if (ieee->geo.bg[i].channel == channel)
85 return i;
86
87 if (ieee->freq_band & IEEE80211_52GHZ_BAND)
88 for (i = 0; i < ieee->geo.a_channels; i++)
89 if (ieee->geo.a[i].channel == channel)
90 return i;
91
92 return -1;
93}
94
95u8 ieee80211_freq_to_channel(struct ieee80211_device * ieee, u32 freq)
96{
97 int i;
98
99 /* Driver needs to initialize the geography map before using
100 * these helper functions */
101 BUG_ON(ieee->geo.bg_channels == 0 && ieee->geo.a_channels == 0);
102
103 freq /= 100000;
104
105 if (ieee->freq_band & IEEE80211_24GHZ_BAND)
106 for (i = 0; i < ieee->geo.bg_channels; i++)
107 if (ieee->geo.bg[i].freq == freq)
108 return ieee->geo.bg[i].channel;
109
110 if (ieee->freq_band & IEEE80211_52GHZ_BAND)
111 for (i = 0; i < ieee->geo.a_channels; i++)
112 if (ieee->geo.a[i].freq == freq)
113 return ieee->geo.a[i].channel;
114
115 return 0;
116}
117
118int ieee80211_set_geo(struct ieee80211_device *ieee,
119 const struct ieee80211_geo *geo)
120{
121 memcpy(ieee->geo.name, geo->name, 3);
122 ieee->geo.name[3] = '\0';
123 ieee->geo.bg_channels = geo->bg_channels;
124 ieee->geo.a_channels = geo->a_channels;
125 memcpy(ieee->geo.bg, geo->bg, geo->bg_channels *
126 sizeof(struct ieee80211_channel));
127 memcpy(ieee->geo.a, geo->a, ieee->geo.a_channels *
128 sizeof(struct ieee80211_channel));
129 return 0;
130}
131
132const struct ieee80211_geo *ieee80211_get_geo(struct ieee80211_device *ieee)
133{
134 return &ieee->geo;
135}
136
137EXPORT_SYMBOL(ieee80211_is_valid_channel);
138EXPORT_SYMBOL(ieee80211_freq_to_channel);
139EXPORT_SYMBOL(ieee80211_channel_to_index);
140EXPORT_SYMBOL(ieee80211_set_geo);
141EXPORT_SYMBOL(ieee80211_get_geo);
diff --git a/net/ieee80211/ieee80211_module.c b/net/ieee80211/ieee80211_module.c
index 6059e9e37123..f66d792cd204 100644
--- a/net/ieee80211/ieee80211_module.c
+++ b/net/ieee80211/ieee80211_module.c
@@ -1,6 +1,6 @@
1/******************************************************************************* 1/*******************************************************************************
2 2
3 Copyright(c) 2004 Intel Corporation. All rights reserved. 3 Copyright(c) 2004-2005 Intel Corporation. All rights reserved.
4 4
5 Portions of this file are based on the WEP enablement code provided by the 5 Portions of this file are based on the WEP enablement code provided by the
6 Host AP project hostap-drivers v0.1.3 6 Host AP project hostap-drivers v0.1.3
@@ -53,12 +53,15 @@
53 53
54#include <net/ieee80211.h> 54#include <net/ieee80211.h>
55 55
56MODULE_DESCRIPTION("802.11 data/management/control stack"); 56#define DRV_DESCRIPTION "802.11 data/management/control stack"
57MODULE_AUTHOR 57#define DRV_NAME "ieee80211"
58 ("Copyright (C) 2004 Intel Corporation <jketreno@linux.intel.com>"); 58#define DRV_VERSION IEEE80211_VERSION
59MODULE_LICENSE("GPL"); 59#define DRV_COPYRIGHT "Copyright (C) 2004-2005 Intel Corporation <jketreno@linux.intel.com>"
60 60
61#define DRV_NAME "ieee80211" 61MODULE_VERSION(DRV_VERSION);
62MODULE_DESCRIPTION(DRV_DESCRIPTION);
63MODULE_AUTHOR(DRV_COPYRIGHT);
64MODULE_LICENSE("GPL");
62 65
63static inline int ieee80211_networks_allocate(struct ieee80211_device *ieee) 66static inline int ieee80211_networks_allocate(struct ieee80211_device *ieee)
64{ 67{
@@ -126,26 +129,34 @@ struct net_device *alloc_ieee80211(int sizeof_priv)
126 129
127 /* Default fragmentation threshold is maximum payload size */ 130 /* Default fragmentation threshold is maximum payload size */
128 ieee->fts = DEFAULT_FTS; 131 ieee->fts = DEFAULT_FTS;
132 ieee->rts = DEFAULT_FTS;
129 ieee->scan_age = DEFAULT_MAX_SCAN_AGE; 133 ieee->scan_age = DEFAULT_MAX_SCAN_AGE;
130 ieee->open_wep = 1; 134 ieee->open_wep = 1;
131 135
132 /* Default to enabling full open WEP with host based encrypt/decrypt */ 136 /* Default to enabling full open WEP with host based encrypt/decrypt */
133 ieee->host_encrypt = 1; 137 ieee->host_encrypt = 1;
134 ieee->host_decrypt = 1; 138 ieee->host_decrypt = 1;
139 ieee->host_mc_decrypt = 1;
140
141 /* Host fragementation in Open mode. Default is enabled.
142 * Note: host fragmentation is always enabled if host encryption
143 * is enabled. For cards can do hardware encryption, they must do
144 * hardware fragmentation as well. So we don't need a variable
145 * like host_enc_frag. */
146 ieee->host_open_frag = 1;
135 ieee->ieee802_1x = 1; /* Default to supporting 802.1x */ 147 ieee->ieee802_1x = 1; /* Default to supporting 802.1x */
136 148
137 INIT_LIST_HEAD(&ieee->crypt_deinit_list); 149 INIT_LIST_HEAD(&ieee->crypt_deinit_list);
138 init_timer(&ieee->crypt_deinit_timer); 150 init_timer(&ieee->crypt_deinit_timer);
139 ieee->crypt_deinit_timer.data = (unsigned long)ieee; 151 ieee->crypt_deinit_timer.data = (unsigned long)ieee;
140 ieee->crypt_deinit_timer.function = ieee80211_crypt_deinit_handler; 152 ieee->crypt_deinit_timer.function = ieee80211_crypt_deinit_handler;
153 ieee->crypt_quiesced = 0;
141 154
142 spin_lock_init(&ieee->lock); 155 spin_lock_init(&ieee->lock);
143 156
144 ieee->wpa_enabled = 0; 157 ieee->wpa_enabled = 0;
145 ieee->tkip_countermeasures = 0;
146 ieee->drop_unencrypted = 0; 158 ieee->drop_unencrypted = 0;
147 ieee->privacy_invoked = 0; 159 ieee->privacy_invoked = 0;
148 ieee->ieee802_1x = 1;
149 160
150 return dev; 161 return dev;
151 162
@@ -161,6 +172,7 @@ void free_ieee80211(struct net_device *dev)
161 172
162 int i; 173 int i;
163 174
175 ieee80211_crypt_quiescing(ieee);
164 del_timer_sync(&ieee->crypt_deinit_timer); 176 del_timer_sync(&ieee->crypt_deinit_timer);
165 ieee80211_crypt_deinit_entries(ieee, 1); 177 ieee80211_crypt_deinit_entries(ieee, 1);
166 178
@@ -195,38 +207,26 @@ static int show_debug_level(char *page, char **start, off_t offset,
195static int store_debug_level(struct file *file, const char __user * buffer, 207static int store_debug_level(struct file *file, const char __user * buffer,
196 unsigned long count, void *data) 208 unsigned long count, void *data)
197{ 209{
198 char buf[] = "0x00000000"; 210 char buf[] = "0x00000000\n";
199 char *p = (char *)buf; 211 unsigned long len = min((unsigned long)sizeof(buf) - 1, count);
200 unsigned long val; 212 unsigned long val;
201 213
202 if (count > sizeof(buf) - 1) 214 if (copy_from_user(buf, buffer, len))
203 count = sizeof(buf) - 1;
204
205 if (copy_from_user(buf, buffer, count))
206 return count; 215 return count;
207 buf[count] = 0; 216 buf[len] = 0;
208 /* 217 if (sscanf(buf, "%li", &val) != 1)
209 * what a FPOS... What, sscanf(buf, "%i", &val) would be too
210 * scary?
211 */
212 if (p[1] == 'x' || p[1] == 'X' || p[0] == 'x' || p[0] == 'X') {
213 p++;
214 if (p[0] == 'x' || p[0] == 'X')
215 p++;
216 val = simple_strtoul(p, &p, 16);
217 } else
218 val = simple_strtoul(p, &p, 10);
219 if (p == buf)
220 printk(KERN_INFO DRV_NAME 218 printk(KERN_INFO DRV_NAME
221 ": %s is not in hex or decimal form.\n", buf); 219 ": %s is not in hex or decimal form.\n", buf);
222 else 220 else
223 ieee80211_debug_level = val; 221 ieee80211_debug_level = val;
224 222
225 return strlen(buf); 223 return strnlen(buf, len);
226} 224}
225#endif /* CONFIG_IEEE80211_DEBUG */
227 226
228static int __init ieee80211_init(void) 227static int __init ieee80211_init(void)
229{ 228{
229#ifdef CONFIG_IEEE80211_DEBUG
230 struct proc_dir_entry *e; 230 struct proc_dir_entry *e;
231 231
232 ieee80211_debug_level = debug; 232 ieee80211_debug_level = debug;
@@ -246,26 +246,33 @@ static int __init ieee80211_init(void)
246 e->read_proc = show_debug_level; 246 e->read_proc = show_debug_level;
247 e->write_proc = store_debug_level; 247 e->write_proc = store_debug_level;
248 e->data = NULL; 248 e->data = NULL;
249#endif /* CONFIG_IEEE80211_DEBUG */
250
251 printk(KERN_INFO DRV_NAME ": " DRV_DESCRIPTION ", " DRV_VERSION "\n");
252 printk(KERN_INFO DRV_NAME ": " DRV_COPYRIGHT "\n");
249 253
250 return 0; 254 return 0;
251} 255}
252 256
253static void __exit ieee80211_exit(void) 257static void __exit ieee80211_exit(void)
254{ 258{
259#ifdef CONFIG_IEEE80211_DEBUG
255 if (ieee80211_proc) { 260 if (ieee80211_proc) {
256 remove_proc_entry("debug_level", ieee80211_proc); 261 remove_proc_entry("debug_level", ieee80211_proc);
257 remove_proc_entry(DRV_NAME, proc_net); 262 remove_proc_entry(DRV_NAME, proc_net);
258 ieee80211_proc = NULL; 263 ieee80211_proc = NULL;
259 } 264 }
265#endif /* CONFIG_IEEE80211_DEBUG */
260} 266}
261 267
268#ifdef CONFIG_IEEE80211_DEBUG
262#include <linux/moduleparam.h> 269#include <linux/moduleparam.h>
263module_param(debug, int, 0444); 270module_param(debug, int, 0444);
264MODULE_PARM_DESC(debug, "debug output mask"); 271MODULE_PARM_DESC(debug, "debug output mask");
272#endif /* CONFIG_IEEE80211_DEBUG */
265 273
266module_exit(ieee80211_exit); 274module_exit(ieee80211_exit);
267module_init(ieee80211_init); 275module_init(ieee80211_init);
268#endif
269 276
270const char *escape_essid(const char *essid, u8 essid_len) 277const char *escape_essid(const char *essid, u8 essid_len)
271{ 278{
diff --git a/net/ieee80211/ieee80211_rx.c b/net/ieee80211/ieee80211_rx.c
index f7dcd854139e..ce694cf5c160 100644
--- a/net/ieee80211/ieee80211_rx.c
+++ b/net/ieee80211/ieee80211_rx.c
@@ -5,7 +5,7 @@
5 * Copyright (c) 2001-2002, SSH Communications Security Corp and Jouni Malinen 5 * Copyright (c) 2001-2002, SSH Communications Security Corp and Jouni Malinen
6 * <jkmaline@cc.hut.fi> 6 * <jkmaline@cc.hut.fi>
7 * Copyright (c) 2002-2003, Jouni Malinen <jkmaline@cc.hut.fi> 7 * Copyright (c) 2002-2003, Jouni Malinen <jkmaline@cc.hut.fi>
8 * Copyright (c) 2004, Intel Corporation 8 * Copyright (c) 2004-2005, Intel Corporation
9 * 9 *
10 * This program is free software; you can redistribute it and/or modify 10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License version 2 as 11 * it under the terms of the GNU General Public License version 2 as
@@ -87,7 +87,7 @@ static struct ieee80211_frag_entry *ieee80211_frag_cache_find(struct
87 87
88/* Called only as a tasklet (software IRQ) */ 88/* Called only as a tasklet (software IRQ) */
89static struct sk_buff *ieee80211_frag_cache_get(struct ieee80211_device *ieee, 89static struct sk_buff *ieee80211_frag_cache_get(struct ieee80211_device *ieee,
90 struct ieee80211_hdr *hdr) 90 struct ieee80211_hdr_4addr *hdr)
91{ 91{
92 struct sk_buff *skb = NULL; 92 struct sk_buff *skb = NULL;
93 u16 sc; 93 u16 sc;
@@ -101,7 +101,7 @@ static struct sk_buff *ieee80211_frag_cache_get(struct ieee80211_device *ieee,
101 if (frag == 0) { 101 if (frag == 0) {
102 /* Reserve enough space to fit maximum frame length */ 102 /* Reserve enough space to fit maximum frame length */
103 skb = dev_alloc_skb(ieee->dev->mtu + 103 skb = dev_alloc_skb(ieee->dev->mtu +
104 sizeof(struct ieee80211_hdr) + 104 sizeof(struct ieee80211_hdr_4addr) +
105 8 /* LLC */ + 105 8 /* LLC */ +
106 2 /* alignment */ + 106 2 /* alignment */ +
107 8 /* WEP */ + ETH_ALEN /* WDS */ ); 107 8 /* WEP */ + ETH_ALEN /* WDS */ );
@@ -138,7 +138,7 @@ static struct sk_buff *ieee80211_frag_cache_get(struct ieee80211_device *ieee,
138 138
139/* Called only as a tasklet (software IRQ) */ 139/* Called only as a tasklet (software IRQ) */
140static int ieee80211_frag_cache_invalidate(struct ieee80211_device *ieee, 140static int ieee80211_frag_cache_invalidate(struct ieee80211_device *ieee,
141 struct ieee80211_hdr *hdr) 141 struct ieee80211_hdr_4addr *hdr)
142{ 142{
143 u16 sc; 143 u16 sc;
144 unsigned int seq; 144 unsigned int seq;
@@ -176,7 +176,7 @@ ieee80211_rx_frame_mgmt(struct ieee80211_device *ieee, struct sk_buff *skb,
176 ieee->dev->name); 176 ieee->dev->name);
177 return 0; 177 return 0;
178/* 178/*
179 hostap_update_sta_ps(ieee, (struct hostap_ieee80211_hdr *) 179 hostap_update_sta_ps(ieee, (struct hostap_ieee80211_hdr_4addr *)
180 skb->data);*/ 180 skb->data);*/
181 } 181 }
182 182
@@ -232,13 +232,13 @@ static int ieee80211_is_eapol_frame(struct ieee80211_device *ieee,
232{ 232{
233 struct net_device *dev = ieee->dev; 233 struct net_device *dev = ieee->dev;
234 u16 fc, ethertype; 234 u16 fc, ethertype;
235 struct ieee80211_hdr *hdr; 235 struct ieee80211_hdr_3addr *hdr;
236 u8 *pos; 236 u8 *pos;
237 237
238 if (skb->len < 24) 238 if (skb->len < 24)
239 return 0; 239 return 0;
240 240
241 hdr = (struct ieee80211_hdr *)skb->data; 241 hdr = (struct ieee80211_hdr_3addr *)skb->data;
242 fc = le16_to_cpu(hdr->frame_ctl); 242 fc = le16_to_cpu(hdr->frame_ctl);
243 243
244 /* check that the frame is unicast frame to us */ 244 /* check that the frame is unicast frame to us */
@@ -271,26 +271,15 @@ static inline int
271ieee80211_rx_frame_decrypt(struct ieee80211_device *ieee, struct sk_buff *skb, 271ieee80211_rx_frame_decrypt(struct ieee80211_device *ieee, struct sk_buff *skb,
272 struct ieee80211_crypt_data *crypt) 272 struct ieee80211_crypt_data *crypt)
273{ 273{
274 struct ieee80211_hdr *hdr; 274 struct ieee80211_hdr_3addr *hdr;
275 int res, hdrlen; 275 int res, hdrlen;
276 276
277 if (crypt == NULL || crypt->ops->decrypt_mpdu == NULL) 277 if (crypt == NULL || crypt->ops->decrypt_mpdu == NULL)
278 return 0; 278 return 0;
279 279
280 hdr = (struct ieee80211_hdr *)skb->data; 280 hdr = (struct ieee80211_hdr_3addr *)skb->data;
281 hdrlen = ieee80211_get_hdrlen(le16_to_cpu(hdr->frame_ctl)); 281 hdrlen = ieee80211_get_hdrlen(le16_to_cpu(hdr->frame_ctl));
282 282
283#ifdef CONFIG_IEEE80211_CRYPT_TKIP
284 if (ieee->tkip_countermeasures && strcmp(crypt->ops->name, "TKIP") == 0) {
285 if (net_ratelimit()) {
286 printk(KERN_DEBUG "%s: TKIP countermeasures: dropped "
287 "received packet from " MAC_FMT "\n",
288 ieee->dev->name, MAC_ARG(hdr->addr2));
289 }
290 return -1;
291 }
292#endif
293
294 atomic_inc(&crypt->refcnt); 283 atomic_inc(&crypt->refcnt);
295 res = crypt->ops->decrypt_mpdu(skb, hdrlen, crypt->priv); 284 res = crypt->ops->decrypt_mpdu(skb, hdrlen, crypt->priv);
296 atomic_dec(&crypt->refcnt); 285 atomic_dec(&crypt->refcnt);
@@ -314,13 +303,13 @@ ieee80211_rx_frame_decrypt_msdu(struct ieee80211_device *ieee,
314 struct sk_buff *skb, int keyidx, 303 struct sk_buff *skb, int keyidx,
315 struct ieee80211_crypt_data *crypt) 304 struct ieee80211_crypt_data *crypt)
316{ 305{
317 struct ieee80211_hdr *hdr; 306 struct ieee80211_hdr_3addr *hdr;
318 int res, hdrlen; 307 int res, hdrlen;
319 308
320 if (crypt == NULL || crypt->ops->decrypt_msdu == NULL) 309 if (crypt == NULL || crypt->ops->decrypt_msdu == NULL)
321 return 0; 310 return 0;
322 311
323 hdr = (struct ieee80211_hdr *)skb->data; 312 hdr = (struct ieee80211_hdr_3addr *)skb->data;
324 hdrlen = ieee80211_get_hdrlen(le16_to_cpu(hdr->frame_ctl)); 313 hdrlen = ieee80211_get_hdrlen(le16_to_cpu(hdr->frame_ctl));
325 314
326 atomic_inc(&crypt->refcnt); 315 atomic_inc(&crypt->refcnt);
@@ -343,7 +332,7 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb,
343 struct ieee80211_rx_stats *rx_stats) 332 struct ieee80211_rx_stats *rx_stats)
344{ 333{
345 struct net_device *dev = ieee->dev; 334 struct net_device *dev = ieee->dev;
346 struct ieee80211_hdr *hdr; 335 struct ieee80211_hdr_4addr *hdr;
347 size_t hdrlen; 336 size_t hdrlen;
348 u16 fc, type, stype, sc; 337 u16 fc, type, stype, sc;
349 struct net_device_stats *stats; 338 struct net_device_stats *stats;
@@ -363,7 +352,7 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb,
363 struct ieee80211_crypt_data *crypt = NULL; 352 struct ieee80211_crypt_data *crypt = NULL;
364 int keyidx = 0; 353 int keyidx = 0;
365 354
366 hdr = (struct ieee80211_hdr *)skb->data; 355 hdr = (struct ieee80211_hdr_4addr *)skb->data;
367 stats = &ieee->stats; 356 stats = &ieee->stats;
368 357
369 if (skb->len < 10) { 358 if (skb->len < 10) {
@@ -378,35 +367,51 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb,
378 frag = WLAN_GET_SEQ_FRAG(sc); 367 frag = WLAN_GET_SEQ_FRAG(sc);
379 hdrlen = ieee80211_get_hdrlen(fc); 368 hdrlen = ieee80211_get_hdrlen(fc);
380 369
381#ifdef NOT_YET
382#if WIRELESS_EXT > 15
383 /* Put this code here so that we avoid duplicating it in all 370 /* Put this code here so that we avoid duplicating it in all
384 * Rx paths. - Jean II */ 371 * Rx paths. - Jean II */
385#ifdef IW_WIRELESS_SPY /* defined in iw_handler.h */ 372#ifdef IW_WIRELESS_SPY /* defined in iw_handler.h */
386 /* If spy monitoring on */ 373 /* If spy monitoring on */
387 if (iface->spy_data.spy_number > 0) { 374 if (ieee->spy_data.spy_number > 0) {
388 struct iw_quality wstats; 375 struct iw_quality wstats;
389 wstats.level = rx_stats->signal; 376
390 wstats.noise = rx_stats->noise; 377 wstats.updated = 0;
391 wstats.updated = 6; /* No qual value */ 378 if (rx_stats->mask & IEEE80211_STATMASK_RSSI) {
379 wstats.level = rx_stats->rssi;
380 wstats.updated |= IW_QUAL_LEVEL_UPDATED;
381 } else
382 wstats.updated |= IW_QUAL_LEVEL_INVALID;
383
384 if (rx_stats->mask & IEEE80211_STATMASK_NOISE) {
385 wstats.noise = rx_stats->noise;
386 wstats.updated |= IW_QUAL_NOISE_UPDATED;
387 } else
388 wstats.updated |= IW_QUAL_NOISE_INVALID;
389
390 if (rx_stats->mask & IEEE80211_STATMASK_SIGNAL) {
391 wstats.qual = rx_stats->signal;
392 wstats.updated |= IW_QUAL_QUAL_UPDATED;
393 } else
394 wstats.updated |= IW_QUAL_QUAL_INVALID;
395
392 /* Update spy records */ 396 /* Update spy records */
393 wireless_spy_update(dev, hdr->addr2, &wstats); 397 wireless_spy_update(ieee->dev, hdr->addr2, &wstats);
394 } 398 }
395#endif /* IW_WIRELESS_SPY */ 399#endif /* IW_WIRELESS_SPY */
396#endif /* WIRELESS_EXT > 15 */ 400
401#ifdef NOT_YET
397 hostap_update_rx_stats(local->ap, hdr, rx_stats); 402 hostap_update_rx_stats(local->ap, hdr, rx_stats);
398#endif 403#endif
399 404
400#if WIRELESS_EXT > 15
401 if (ieee->iw_mode == IW_MODE_MONITOR) { 405 if (ieee->iw_mode == IW_MODE_MONITOR) {
402 ieee80211_monitor_rx(ieee, skb, rx_stats); 406 ieee80211_monitor_rx(ieee, skb, rx_stats);
403 stats->rx_packets++; 407 stats->rx_packets++;
404 stats->rx_bytes += skb->len; 408 stats->rx_bytes += skb->len;
405 return 1; 409 return 1;
406 } 410 }
407#endif
408 411
409 if (ieee->host_decrypt) { 412 if ((is_multicast_ether_addr(hdr->addr1) ||
413 is_broadcast_ether_addr(hdr->addr2)) ? ieee->host_mc_decrypt :
414 ieee->host_decrypt) {
410 int idx = 0; 415 int idx = 0;
411 if (skb->len >= hdrlen + 3) 416 if (skb->len >= hdrlen + 3)
412 idx = skb->data[hdrlen + 3] >> 6; 417 idx = skb->data[hdrlen + 3] >> 6;
@@ -531,6 +536,9 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb,
531 536
532 /* Nullfunc frames may have PS-bit set, so they must be passed to 537 /* Nullfunc frames may have PS-bit set, so they must be passed to
533 * hostap_handle_sta_rx() before being dropped here. */ 538 * hostap_handle_sta_rx() before being dropped here. */
539
540 stype &= ~IEEE80211_STYPE_QOS_DATA;
541
534 if (stype != IEEE80211_STYPE_DATA && 542 if (stype != IEEE80211_STYPE_DATA &&
535 stype != IEEE80211_STYPE_DATA_CFACK && 543 stype != IEEE80211_STYPE_DATA_CFACK &&
536 stype != IEEE80211_STYPE_DATA_CFPOLL && 544 stype != IEEE80211_STYPE_DATA_CFPOLL &&
@@ -549,7 +557,7 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb,
549 (keyidx = ieee80211_rx_frame_decrypt(ieee, skb, crypt)) < 0) 557 (keyidx = ieee80211_rx_frame_decrypt(ieee, skb, crypt)) < 0)
550 goto rx_dropped; 558 goto rx_dropped;
551 559
552 hdr = (struct ieee80211_hdr *)skb->data; 560 hdr = (struct ieee80211_hdr_4addr *)skb->data;
553 561
554 /* skb: hdr + (possibly fragmented) plaintext payload */ 562 /* skb: hdr + (possibly fragmented) plaintext payload */
555 // PR: FIXME: hostap has additional conditions in the "if" below: 563 // PR: FIXME: hostap has additional conditions in the "if" below:
@@ -603,7 +611,7 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb,
603 /* this was the last fragment and the frame will be 611 /* this was the last fragment and the frame will be
604 * delivered, so remove skb from fragment cache */ 612 * delivered, so remove skb from fragment cache */
605 skb = frag_skb; 613 skb = frag_skb;
606 hdr = (struct ieee80211_hdr *)skb->data; 614 hdr = (struct ieee80211_hdr_4addr *)skb->data;
607 ieee80211_frag_cache_invalidate(ieee, hdr); 615 ieee80211_frag_cache_invalidate(ieee, hdr);
608 } 616 }
609 617
@@ -613,7 +621,7 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb,
613 ieee80211_rx_frame_decrypt_msdu(ieee, skb, keyidx, crypt)) 621 ieee80211_rx_frame_decrypt_msdu(ieee, skb, keyidx, crypt))
614 goto rx_dropped; 622 goto rx_dropped;
615 623
616 hdr = (struct ieee80211_hdr *)skb->data; 624 hdr = (struct ieee80211_hdr_4addr *)skb->data;
617 if (crypt && !(fc & IEEE80211_FCTL_PROTECTED) && !ieee->open_wep) { 625 if (crypt && !(fc & IEEE80211_FCTL_PROTECTED) && !ieee->open_wep) {
618 if ( /*ieee->ieee802_1x && */ 626 if ( /*ieee->ieee802_1x && */
619 ieee80211_is_eapol_frame(ieee, skb)) { 627 ieee80211_is_eapol_frame(ieee, skb)) {
@@ -755,69 +763,179 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb,
755 763
756#define MGMT_FRAME_FIXED_PART_LENGTH 0x24 764#define MGMT_FRAME_FIXED_PART_LENGTH 0x24
757 765
758static inline int ieee80211_is_ofdm_rate(u8 rate) 766static u8 qos_oui[QOS_OUI_LEN] = { 0x00, 0x50, 0xF2 };
767
768/*
769* Make ther structure we read from the beacon packet has
770* the right values
771*/
772static int ieee80211_verify_qos_info(struct ieee80211_qos_information_element
773 *info_element, int sub_type)
759{ 774{
760 switch (rate & ~IEEE80211_BASIC_RATE_MASK) { 775
761 case IEEE80211_OFDM_RATE_6MB: 776 if (info_element->qui_subtype != sub_type)
762 case IEEE80211_OFDM_RATE_9MB: 777 return -1;
763 case IEEE80211_OFDM_RATE_12MB: 778 if (memcmp(info_element->qui, qos_oui, QOS_OUI_LEN))
764 case IEEE80211_OFDM_RATE_18MB: 779 return -1;
765 case IEEE80211_OFDM_RATE_24MB: 780 if (info_element->qui_type != QOS_OUI_TYPE)
766 case IEEE80211_OFDM_RATE_36MB: 781 return -1;
767 case IEEE80211_OFDM_RATE_48MB: 782 if (info_element->version != QOS_VERSION_1)
768 case IEEE80211_OFDM_RATE_54MB: 783 return -1;
769 return 1; 784
770 }
771 return 0; 785 return 0;
772} 786}
773 787
774static inline int ieee80211_network_init(struct ieee80211_device *ieee, 788/*
775 struct ieee80211_probe_response 789 * Parse a QoS parameter element
776 *beacon, 790 */
777 struct ieee80211_network *network, 791static int ieee80211_read_qos_param_element(struct ieee80211_qos_parameter_info
778 struct ieee80211_rx_stats *stats) 792 *element_param, struct ieee80211_info_element
793 *info_element)
779{ 794{
780#ifdef CONFIG_IEEE80211_DEBUG 795 int ret = 0;
781 char rates_str[64]; 796 u16 size = sizeof(struct ieee80211_qos_parameter_info) - 2;
782 char *p;
783#endif
784 struct ieee80211_info_element *info_element;
785 u16 left;
786 u8 i;
787 797
788 /* Pull out fixed field data */ 798 if ((info_element == NULL) || (element_param == NULL))
789 memcpy(network->bssid, beacon->header.addr3, ETH_ALEN); 799 return -1;
790 network->capability = beacon->capability;
791 network->last_scanned = jiffies;
792 network->time_stamp[0] = beacon->time_stamp[0];
793 network->time_stamp[1] = beacon->time_stamp[1];
794 network->beacon_interval = beacon->beacon_interval;
795 /* Where to pull this? beacon->listen_interval; */
796 network->listen_interval = 0x0A;
797 network->rates_len = network->rates_ex_len = 0;
798 network->last_associate = 0;
799 network->ssid_len = 0;
800 network->flags = 0;
801 network->atim_window = 0;
802 800
803 if (stats->freq == IEEE80211_52GHZ_BAND) { 801 if (info_element->id == QOS_ELEMENT_ID && info_element->len == size) {
804 /* for A band (No DS info) */ 802 memcpy(element_param->info_element.qui, info_element->data,
805 network->channel = stats->received_channel; 803 info_element->len);
804 element_param->info_element.elementID = info_element->id;
805 element_param->info_element.length = info_element->len;
806 } else 806 } else
807 network->flags |= NETWORK_HAS_CCK; 807 ret = -1;
808 if (ret == 0)
809 ret = ieee80211_verify_qos_info(&element_param->info_element,
810 QOS_OUI_PARAM_SUB_TYPE);
811 return ret;
812}
808 813
809 network->wpa_ie_len = 0; 814/*
810 network->rsn_ie_len = 0; 815 * Parse a QoS information element
816 */
817static int ieee80211_read_qos_info_element(struct
818 ieee80211_qos_information_element
819 *element_info, struct ieee80211_info_element
820 *info_element)
821{
822 int ret = 0;
823 u16 size = sizeof(struct ieee80211_qos_information_element) - 2;
824
825 if (element_info == NULL)
826 return -1;
827 if (info_element == NULL)
828 return -1;
829
830 if ((info_element->id == QOS_ELEMENT_ID) && (info_element->len == size)) {
831 memcpy(element_info->qui, info_element->data,
832 info_element->len);
833 element_info->elementID = info_element->id;
834 element_info->length = info_element->len;
835 } else
836 ret = -1;
837
838 if (ret == 0)
839 ret = ieee80211_verify_qos_info(element_info,
840 QOS_OUI_INFO_SUB_TYPE);
841 return ret;
842}
843
844/*
845 * Write QoS parameters from the ac parameters.
846 */
847static int ieee80211_qos_convert_ac_to_parameters(struct
848 ieee80211_qos_parameter_info
849 *param_elm, struct
850 ieee80211_qos_parameters
851 *qos_param)
852{
853 int rc = 0;
854 int i;
855 struct ieee80211_qos_ac_parameter *ac_params;
856 u32 txop;
857 u8 cw_min;
858 u8 cw_max;
859
860 for (i = 0; i < QOS_QUEUE_NUM; i++) {
861 ac_params = &(param_elm->ac_params_record[i]);
862
863 qos_param->aifs[i] = (ac_params->aci_aifsn) & 0x0F;
864 qos_param->aifs[i] -= (qos_param->aifs[i] < 2) ? 0 : 2;
865
866 cw_min = ac_params->ecw_min_max & 0x0F;
867 qos_param->cw_min[i] = (u16) ((1 << cw_min) - 1);
868
869 cw_max = (ac_params->ecw_min_max & 0xF0) >> 4;
870 qos_param->cw_max[i] = (u16) ((1 << cw_max) - 1);
871
872 qos_param->flag[i] =
873 (ac_params->aci_aifsn & 0x10) ? 0x01 : 0x00;
874
875 txop = le16_to_cpu(ac_params->tx_op_limit) * 32;
876 qos_param->tx_op_limit[i] = (u16) txop;
877 }
878 return rc;
879}
880
881/*
882 * we have a generic data element which it may contain QoS information or
883 * parameters element. check the information element length to decide
884 * which type to read
885 */
886static int ieee80211_parse_qos_info_param_IE(struct ieee80211_info_element
887 *info_element,
888 struct ieee80211_network *network)
889{
890 int rc = 0;
891 struct ieee80211_qos_parameters *qos_param = NULL;
892 struct ieee80211_qos_information_element qos_info_element;
893
894 rc = ieee80211_read_qos_info_element(&qos_info_element, info_element);
895
896 if (rc == 0) {
897 network->qos_data.param_count = qos_info_element.ac_info & 0x0F;
898 network->flags |= NETWORK_HAS_QOS_INFORMATION;
899 } else {
900 struct ieee80211_qos_parameter_info param_element;
901
902 rc = ieee80211_read_qos_param_element(&param_element,
903 info_element);
904 if (rc == 0) {
905 qos_param = &(network->qos_data.parameters);
906 ieee80211_qos_convert_ac_to_parameters(&param_element,
907 qos_param);
908 network->flags |= NETWORK_HAS_QOS_PARAMETERS;
909 network->qos_data.param_count =
910 param_element.info_element.ac_info & 0x0F;
911 }
912 }
913
914 if (rc == 0) {
915 IEEE80211_DEBUG_QOS("QoS is supported\n");
916 network->qos_data.supported = 1;
917 }
918 return rc;
919}
920
921static int ieee80211_parse_info_param(struct ieee80211_info_element
922 *info_element, u16 length,
923 struct ieee80211_network *network)
924{
925 u8 i;
926#ifdef CONFIG_IEEE80211_DEBUG
927 char rates_str[64];
928 char *p;
929#endif
811 930
812 info_element = &beacon->info_element; 931 while (length >= sizeof(*info_element)) {
813 left = stats->len - ((void *)info_element - (void *)beacon); 932 if (sizeof(*info_element) + info_element->len > length) {
814 while (left >= sizeof(struct ieee80211_info_element_hdr)) { 933 IEEE80211_DEBUG_MGMT("Info elem: parse failed: "
815 if (sizeof(struct ieee80211_info_element_hdr) + 934 "info_element->len + 2 > left : "
816 info_element->len > left) { 935 "info_element->len+2=%zd left=%d, id=%d.\n",
817 IEEE80211_DEBUG_SCAN 936 info_element->len +
818 ("SCAN: parse failed: info_element->len + 2 > left : info_element->len+2=%Zd left=%d.\n", 937 sizeof(*info_element),
819 info_element->len + 938 length, info_element->id);
820 sizeof(struct ieee80211_info_element), left);
821 return 1; 939 return 1;
822 } 940 }
823 941
@@ -837,7 +955,7 @@ static inline int ieee80211_network_init(struct ieee80211_device *ieee,
837 memset(network->ssid + network->ssid_len, 0, 955 memset(network->ssid + network->ssid_len, 0,
838 IW_ESSID_MAX_SIZE - network->ssid_len); 956 IW_ESSID_MAX_SIZE - network->ssid_len);
839 957
840 IEEE80211_DEBUG_SCAN("MFIE_TYPE_SSID: '%s' len=%d.\n", 958 IEEE80211_DEBUG_MGMT("MFIE_TYPE_SSID: '%s' len=%d.\n",
841 network->ssid, network->ssid_len); 959 network->ssid, network->ssid_len);
842 break; 960 break;
843 961
@@ -845,15 +963,14 @@ static inline int ieee80211_network_init(struct ieee80211_device *ieee,
845#ifdef CONFIG_IEEE80211_DEBUG 963#ifdef CONFIG_IEEE80211_DEBUG
846 p = rates_str; 964 p = rates_str;
847#endif 965#endif
848 network->rates_len = 966 network->rates_len = min(info_element->len,
849 min(info_element->len, MAX_RATES_LENGTH); 967 MAX_RATES_LENGTH);
850 for (i = 0; i < network->rates_len; i++) { 968 for (i = 0; i < network->rates_len; i++) {
851 network->rates[i] = info_element->data[i]; 969 network->rates[i] = info_element->data[i];
852#ifdef CONFIG_IEEE80211_DEBUG 970#ifdef CONFIG_IEEE80211_DEBUG
853 p += snprintf(p, 971 p += snprintf(p, sizeof(rates_str) -
854 sizeof(rates_str) - (p - 972 (p - rates_str), "%02X ",
855 rates_str), 973 network->rates[i]);
856 "%02X ", network->rates[i]);
857#endif 974#endif
858 if (ieee80211_is_ofdm_rate 975 if (ieee80211_is_ofdm_rate
859 (info_element->data[i])) { 976 (info_element->data[i])) {
@@ -865,7 +982,7 @@ static inline int ieee80211_network_init(struct ieee80211_device *ieee,
865 } 982 }
866 } 983 }
867 984
868 IEEE80211_DEBUG_SCAN("MFIE_TYPE_RATES: '%s' (%d)\n", 985 IEEE80211_DEBUG_MGMT("MFIE_TYPE_RATES: '%s' (%d)\n",
869 rates_str, network->rates_len); 986 rates_str, network->rates_len);
870 break; 987 break;
871 988
@@ -873,15 +990,14 @@ static inline int ieee80211_network_init(struct ieee80211_device *ieee,
873#ifdef CONFIG_IEEE80211_DEBUG 990#ifdef CONFIG_IEEE80211_DEBUG
874 p = rates_str; 991 p = rates_str;
875#endif 992#endif
876 network->rates_ex_len = 993 network->rates_ex_len = min(info_element->len,
877 min(info_element->len, MAX_RATES_EX_LENGTH); 994 MAX_RATES_EX_LENGTH);
878 for (i = 0; i < network->rates_ex_len; i++) { 995 for (i = 0; i < network->rates_ex_len; i++) {
879 network->rates_ex[i] = info_element->data[i]; 996 network->rates_ex[i] = info_element->data[i];
880#ifdef CONFIG_IEEE80211_DEBUG 997#ifdef CONFIG_IEEE80211_DEBUG
881 p += snprintf(p, 998 p += snprintf(p, sizeof(rates_str) -
882 sizeof(rates_str) - (p - 999 (p - rates_str), "%02X ",
883 rates_str), 1000 network->rates[i]);
884 "%02X ", network->rates[i]);
885#endif 1001#endif
886 if (ieee80211_is_ofdm_rate 1002 if (ieee80211_is_ofdm_rate
887 (info_element->data[i])) { 1003 (info_element->data[i])) {
@@ -893,40 +1009,51 @@ static inline int ieee80211_network_init(struct ieee80211_device *ieee,
893 } 1009 }
894 } 1010 }
895 1011
896 IEEE80211_DEBUG_SCAN("MFIE_TYPE_RATES_EX: '%s' (%d)\n", 1012 IEEE80211_DEBUG_MGMT("MFIE_TYPE_RATES_EX: '%s' (%d)\n",
897 rates_str, network->rates_ex_len); 1013 rates_str, network->rates_ex_len);
898 break; 1014 break;
899 1015
900 case MFIE_TYPE_DS_SET: 1016 case MFIE_TYPE_DS_SET:
901 IEEE80211_DEBUG_SCAN("MFIE_TYPE_DS_SET: %d\n", 1017 IEEE80211_DEBUG_MGMT("MFIE_TYPE_DS_SET: %d\n",
902 info_element->data[0]); 1018 info_element->data[0]);
903 if (stats->freq == IEEE80211_24GHZ_BAND) 1019 network->channel = info_element->data[0];
904 network->channel = info_element->data[0];
905 break; 1020 break;
906 1021
907 case MFIE_TYPE_FH_SET: 1022 case MFIE_TYPE_FH_SET:
908 IEEE80211_DEBUG_SCAN("MFIE_TYPE_FH_SET: ignored\n"); 1023 IEEE80211_DEBUG_MGMT("MFIE_TYPE_FH_SET: ignored\n");
909 break; 1024 break;
910 1025
911 case MFIE_TYPE_CF_SET: 1026 case MFIE_TYPE_CF_SET:
912 IEEE80211_DEBUG_SCAN("MFIE_TYPE_CF_SET: ignored\n"); 1027 IEEE80211_DEBUG_MGMT("MFIE_TYPE_CF_SET: ignored\n");
913 break; 1028 break;
914 1029
915 case MFIE_TYPE_TIM: 1030 case MFIE_TYPE_TIM:
916 IEEE80211_DEBUG_SCAN("MFIE_TYPE_TIM: ignored\n"); 1031 IEEE80211_DEBUG_MGMT("MFIE_TYPE_TIM: ignored\n");
1032 break;
1033
1034 case MFIE_TYPE_ERP_INFO:
1035 network->erp_value = info_element->data[0];
1036 IEEE80211_DEBUG_MGMT("MFIE_TYPE_ERP_SET: %d\n",
1037 network->erp_value);
917 break; 1038 break;
918 1039
919 case MFIE_TYPE_IBSS_SET: 1040 case MFIE_TYPE_IBSS_SET:
920 IEEE80211_DEBUG_SCAN("MFIE_TYPE_IBSS_SET: ignored\n"); 1041 network->atim_window = info_element->data[0];
1042 IEEE80211_DEBUG_MGMT("MFIE_TYPE_IBSS_SET: %d\n",
1043 network->atim_window);
921 break; 1044 break;
922 1045
923 case MFIE_TYPE_CHALLENGE: 1046 case MFIE_TYPE_CHALLENGE:
924 IEEE80211_DEBUG_SCAN("MFIE_TYPE_CHALLENGE: ignored\n"); 1047 IEEE80211_DEBUG_MGMT("MFIE_TYPE_CHALLENGE: ignored\n");
925 break; 1048 break;
926 1049
927 case MFIE_TYPE_GENERIC: 1050 case MFIE_TYPE_GENERIC:
928 IEEE80211_DEBUG_SCAN("MFIE_TYPE_GENERIC: %d bytes\n", 1051 IEEE80211_DEBUG_MGMT("MFIE_TYPE_GENERIC: %d bytes\n",
929 info_element->len); 1052 info_element->len);
1053 if (!ieee80211_parse_qos_info_param_IE(info_element,
1054 network))
1055 break;
1056
930 if (info_element->len >= 4 && 1057 if (info_element->len >= 4 &&
931 info_element->data[0] == 0x00 && 1058 info_element->data[0] == 0x00 &&
932 info_element->data[1] == 0x50 && 1059 info_element->data[1] == 0x50 &&
@@ -940,7 +1067,7 @@ static inline int ieee80211_network_init(struct ieee80211_device *ieee,
940 break; 1067 break;
941 1068
942 case MFIE_TYPE_RSN: 1069 case MFIE_TYPE_RSN:
943 IEEE80211_DEBUG_SCAN("MFIE_TYPE_RSN: %d bytes\n", 1070 IEEE80211_DEBUG_MGMT("MFIE_TYPE_RSN: %d bytes\n",
944 info_element->len); 1071 info_element->len);
945 network->rsn_ie_len = min(info_element->len + 2, 1072 network->rsn_ie_len = min(info_element->len + 2,
946 MAX_WPA_IE_LEN); 1073 MAX_WPA_IE_LEN);
@@ -948,18 +1075,127 @@ static inline int ieee80211_network_init(struct ieee80211_device *ieee,
948 network->rsn_ie_len); 1075 network->rsn_ie_len);
949 break; 1076 break;
950 1077
1078 case MFIE_TYPE_QOS_PARAMETER:
1079 printk(KERN_ERR
1080 "QoS Error need to parse QOS_PARAMETER IE\n");
1081 break;
1082
951 default: 1083 default:
952 IEEE80211_DEBUG_SCAN("unsupported IE %d\n", 1084 IEEE80211_DEBUG_MGMT("unsupported IE %d\n",
953 info_element->id); 1085 info_element->id);
954 break; 1086 break;
955 } 1087 }
956 1088
957 left -= sizeof(struct ieee80211_info_element_hdr) + 1089 length -= sizeof(*info_element) + info_element->len;
958 info_element->len; 1090 info_element =
959 info_element = (struct ieee80211_info_element *) 1091 (struct ieee80211_info_element *)&info_element->
960 &info_element->data[info_element->len]; 1092 data[info_element->len];
1093 }
1094
1095 return 0;
1096}
1097
1098static int ieee80211_handle_assoc_resp(struct ieee80211_device *ieee, struct ieee80211_assoc_response
1099 *frame, struct ieee80211_rx_stats *stats)
1100{
1101 struct ieee80211_network network_resp;
1102 struct ieee80211_network *network = &network_resp;
1103 struct net_device *dev = ieee->dev;
1104
1105 network->flags = 0;
1106 network->qos_data.active = 0;
1107 network->qos_data.supported = 0;
1108 network->qos_data.param_count = 0;
1109 network->qos_data.old_param_count = 0;
1110
1111 //network->atim_window = le16_to_cpu(frame->aid) & (0x3FFF);
1112 network->atim_window = le16_to_cpu(frame->aid);
1113 network->listen_interval = le16_to_cpu(frame->status);
1114 memcpy(network->bssid, frame->header.addr3, ETH_ALEN);
1115 network->capability = le16_to_cpu(frame->capability);
1116 network->last_scanned = jiffies;
1117 network->rates_len = network->rates_ex_len = 0;
1118 network->last_associate = 0;
1119 network->ssid_len = 0;
1120 network->erp_value =
1121 (network->capability & WLAN_CAPABILITY_IBSS) ? 0x3 : 0x0;
1122
1123 if (stats->freq == IEEE80211_52GHZ_BAND) {
1124 /* for A band (No DS info) */
1125 network->channel = stats->received_channel;
1126 } else
1127 network->flags |= NETWORK_HAS_CCK;
1128
1129 network->wpa_ie_len = 0;
1130 network->rsn_ie_len = 0;
1131
1132 if (ieee80211_parse_info_param
1133 (frame->info_element, stats->len - sizeof(*frame), network))
1134 return 1;
1135
1136 network->mode = 0;
1137 if (stats->freq == IEEE80211_52GHZ_BAND)
1138 network->mode = IEEE_A;
1139 else {
1140 if (network->flags & NETWORK_HAS_OFDM)
1141 network->mode |= IEEE_G;
1142 if (network->flags & NETWORK_HAS_CCK)
1143 network->mode |= IEEE_B;
961 } 1144 }
962 1145
1146 if (ieee80211_is_empty_essid(network->ssid, network->ssid_len))
1147 network->flags |= NETWORK_EMPTY_ESSID;
1148
1149 memcpy(&network->stats, stats, sizeof(network->stats));
1150
1151 if (ieee->handle_assoc_response != NULL)
1152 ieee->handle_assoc_response(dev, frame, network);
1153
1154 return 0;
1155}
1156
1157/***************************************************/
1158
1159static inline int ieee80211_network_init(struct ieee80211_device *ieee, struct ieee80211_probe_response
1160 *beacon,
1161 struct ieee80211_network *network,
1162 struct ieee80211_rx_stats *stats)
1163{
1164 network->qos_data.active = 0;
1165 network->qos_data.supported = 0;
1166 network->qos_data.param_count = 0;
1167 network->qos_data.old_param_count = 0;
1168
1169 /* Pull out fixed field data */
1170 memcpy(network->bssid, beacon->header.addr3, ETH_ALEN);
1171 network->capability = le16_to_cpu(beacon->capability);
1172 network->last_scanned = jiffies;
1173 network->time_stamp[0] = le32_to_cpu(beacon->time_stamp[0]);
1174 network->time_stamp[1] = le32_to_cpu(beacon->time_stamp[1]);
1175 network->beacon_interval = le16_to_cpu(beacon->beacon_interval);
1176 /* Where to pull this? beacon->listen_interval; */
1177 network->listen_interval = 0x0A;
1178 network->rates_len = network->rates_ex_len = 0;
1179 network->last_associate = 0;
1180 network->ssid_len = 0;
1181 network->flags = 0;
1182 network->atim_window = 0;
1183 network->erp_value = (network->capability & WLAN_CAPABILITY_IBSS) ?
1184 0x3 : 0x0;
1185
1186 if (stats->freq == IEEE80211_52GHZ_BAND) {
1187 /* for A band (No DS info) */
1188 network->channel = stats->received_channel;
1189 } else
1190 network->flags |= NETWORK_HAS_CCK;
1191
1192 network->wpa_ie_len = 0;
1193 network->rsn_ie_len = 0;
1194
1195 if (ieee80211_parse_info_param
1196 (beacon->info_element, stats->len - sizeof(*beacon), network))
1197 return 1;
1198
963 network->mode = 0; 1199 network->mode = 0;
964 if (stats->freq == IEEE80211_52GHZ_BAND) 1200 if (stats->freq == IEEE80211_52GHZ_BAND)
965 network->mode = IEEE_A; 1201 network->mode = IEEE_A;
@@ -1002,6 +1238,9 @@ static inline int is_same_network(struct ieee80211_network *src,
1002static inline void update_network(struct ieee80211_network *dst, 1238static inline void update_network(struct ieee80211_network *dst,
1003 struct ieee80211_network *src) 1239 struct ieee80211_network *src)
1004{ 1240{
1241 int qos_active;
1242 u8 old_param;
1243
1005 memcpy(&dst->stats, &src->stats, sizeof(struct ieee80211_rx_stats)); 1244 memcpy(&dst->stats, &src->stats, sizeof(struct ieee80211_rx_stats));
1006 dst->capability = src->capability; 1245 dst->capability = src->capability;
1007 memcpy(dst->rates, src->rates, src->rates_len); 1246 memcpy(dst->rates, src->rates, src->rates_len);
@@ -1017,6 +1256,7 @@ static inline void update_network(struct ieee80211_network *dst,
1017 dst->beacon_interval = src->beacon_interval; 1256 dst->beacon_interval = src->beacon_interval;
1018 dst->listen_interval = src->listen_interval; 1257 dst->listen_interval = src->listen_interval;
1019 dst->atim_window = src->atim_window; 1258 dst->atim_window = src->atim_window;
1259 dst->erp_value = src->erp_value;
1020 1260
1021 memcpy(dst->wpa_ie, src->wpa_ie, src->wpa_ie_len); 1261 memcpy(dst->wpa_ie, src->wpa_ie, src->wpa_ie_len);
1022 dst->wpa_ie_len = src->wpa_ie_len; 1262 dst->wpa_ie_len = src->wpa_ie_len;
@@ -1024,22 +1264,48 @@ static inline void update_network(struct ieee80211_network *dst,
1024 dst->rsn_ie_len = src->rsn_ie_len; 1264 dst->rsn_ie_len = src->rsn_ie_len;
1025 1265
1026 dst->last_scanned = jiffies; 1266 dst->last_scanned = jiffies;
1267 qos_active = src->qos_data.active;
1268 old_param = dst->qos_data.old_param_count;
1269 if (dst->flags & NETWORK_HAS_QOS_MASK)
1270 memcpy(&dst->qos_data, &src->qos_data,
1271 sizeof(struct ieee80211_qos_data));
1272 else {
1273 dst->qos_data.supported = src->qos_data.supported;
1274 dst->qos_data.param_count = src->qos_data.param_count;
1275 }
1276
1277 if (dst->qos_data.supported == 1) {
1278 if (dst->ssid_len)
1279 IEEE80211_DEBUG_QOS
1280 ("QoS the network %s is QoS supported\n",
1281 dst->ssid);
1282 else
1283 IEEE80211_DEBUG_QOS
1284 ("QoS the network is QoS supported\n");
1285 }
1286 dst->qos_data.active = qos_active;
1287 dst->qos_data.old_param_count = old_param;
1288
1027 /* dst->last_associate is not overwritten */ 1289 /* dst->last_associate is not overwritten */
1028} 1290}
1029 1291
1292static inline int is_beacon(int fc)
1293{
1294 return (WLAN_FC_GET_STYPE(le16_to_cpu(fc)) == IEEE80211_STYPE_BEACON);
1295}
1296
1030static inline void ieee80211_process_probe_response(struct ieee80211_device 1297static inline void ieee80211_process_probe_response(struct ieee80211_device
1031 *ieee, 1298 *ieee, struct
1032 struct
1033 ieee80211_probe_response 1299 ieee80211_probe_response
1034 *beacon, 1300 *beacon, struct ieee80211_rx_stats
1035 struct ieee80211_rx_stats
1036 *stats) 1301 *stats)
1037{ 1302{
1303 struct net_device *dev = ieee->dev;
1038 struct ieee80211_network network; 1304 struct ieee80211_network network;
1039 struct ieee80211_network *target; 1305 struct ieee80211_network *target;
1040 struct ieee80211_network *oldest = NULL; 1306 struct ieee80211_network *oldest = NULL;
1041#ifdef CONFIG_IEEE80211_DEBUG 1307#ifdef CONFIG_IEEE80211_DEBUG
1042 struct ieee80211_info_element *info_element = &beacon->info_element; 1308 struct ieee80211_info_element *info_element = beacon->info_element;
1043#endif 1309#endif
1044 unsigned long flags; 1310 unsigned long flags;
1045 1311
@@ -1070,10 +1336,10 @@ static inline void ieee80211_process_probe_response(struct ieee80211_device
1070 escape_essid(info_element->data, 1336 escape_essid(info_element->data,
1071 info_element->len), 1337 info_element->len),
1072 MAC_ARG(beacon->header.addr3), 1338 MAC_ARG(beacon->header.addr3),
1073 WLAN_FC_GET_STYPE(beacon->header. 1339 is_beacon(le16_to_cpu
1074 frame_ctl) == 1340 (beacon->header.
1075 IEEE80211_STYPE_PROBE_RESP ? 1341 frame_ctl)) ?
1076 "PROBE RESPONSE" : "BEACON"); 1342 "BEACON" : "PROBE RESPONSE");
1077 return; 1343 return;
1078 } 1344 }
1079 1345
@@ -1122,10 +1388,10 @@ static inline void ieee80211_process_probe_response(struct ieee80211_device
1122 escape_essid(network.ssid, 1388 escape_essid(network.ssid,
1123 network.ssid_len), 1389 network.ssid_len),
1124 MAC_ARG(network.bssid), 1390 MAC_ARG(network.bssid),
1125 WLAN_FC_GET_STYPE(beacon->header. 1391 is_beacon(le16_to_cpu
1126 frame_ctl) == 1392 (beacon->header.
1127 IEEE80211_STYPE_PROBE_RESP ? 1393 frame_ctl)) ?
1128 "PROBE RESPONSE" : "BEACON"); 1394 "BEACON" : "PROBE RESPONSE");
1129#endif 1395#endif
1130 memcpy(target, &network, sizeof(*target)); 1396 memcpy(target, &network, sizeof(*target));
1131 list_add_tail(&target->list, &ieee->network_list); 1397 list_add_tail(&target->list, &ieee->network_list);
@@ -1134,34 +1400,60 @@ static inline void ieee80211_process_probe_response(struct ieee80211_device
1134 escape_essid(target->ssid, 1400 escape_essid(target->ssid,
1135 target->ssid_len), 1401 target->ssid_len),
1136 MAC_ARG(target->bssid), 1402 MAC_ARG(target->bssid),
1137 WLAN_FC_GET_STYPE(beacon->header. 1403 is_beacon(le16_to_cpu
1138 frame_ctl) == 1404 (beacon->header.
1139 IEEE80211_STYPE_PROBE_RESP ? 1405 frame_ctl)) ?
1140 "PROBE RESPONSE" : "BEACON"); 1406 "BEACON" : "PROBE RESPONSE");
1141 update_network(target, &network); 1407 update_network(target, &network);
1142 } 1408 }
1143 1409
1144 spin_unlock_irqrestore(&ieee->lock, flags); 1410 spin_unlock_irqrestore(&ieee->lock, flags);
1411
1412 if (is_beacon(le16_to_cpu(beacon->header.frame_ctl))) {
1413 if (ieee->handle_beacon != NULL)
1414 ieee->handle_beacon(dev, beacon, &network);
1415 } else {
1416 if (ieee->handle_probe_response != NULL)
1417 ieee->handle_probe_response(dev, beacon, &network);
1418 }
1145} 1419}
1146 1420
1147void ieee80211_rx_mgt(struct ieee80211_device *ieee, 1421void ieee80211_rx_mgt(struct ieee80211_device *ieee,
1148 struct ieee80211_hdr *header, 1422 struct ieee80211_hdr_4addr *header,
1149 struct ieee80211_rx_stats *stats) 1423 struct ieee80211_rx_stats *stats)
1150{ 1424{
1151 switch (WLAN_FC_GET_STYPE(header->frame_ctl)) { 1425 switch (WLAN_FC_GET_STYPE(le16_to_cpu(header->frame_ctl))) {
1152 case IEEE80211_STYPE_ASSOC_RESP: 1426 case IEEE80211_STYPE_ASSOC_RESP:
1153 IEEE80211_DEBUG_MGMT("received ASSOCIATION RESPONSE (%d)\n", 1427 IEEE80211_DEBUG_MGMT("received ASSOCIATION RESPONSE (%d)\n",
1154 WLAN_FC_GET_STYPE(header->frame_ctl)); 1428 WLAN_FC_GET_STYPE(le16_to_cpu
1429 (header->frame_ctl)));
1430 ieee80211_handle_assoc_resp(ieee,
1431 (struct ieee80211_assoc_response *)
1432 header, stats);
1155 break; 1433 break;
1156 1434
1157 case IEEE80211_STYPE_REASSOC_RESP: 1435 case IEEE80211_STYPE_REASSOC_RESP:
1158 IEEE80211_DEBUG_MGMT("received REASSOCIATION RESPONSE (%d)\n", 1436 IEEE80211_DEBUG_MGMT("received REASSOCIATION RESPONSE (%d)\n",
1159 WLAN_FC_GET_STYPE(header->frame_ctl)); 1437 WLAN_FC_GET_STYPE(le16_to_cpu
1438 (header->frame_ctl)));
1439 break;
1440
1441 case IEEE80211_STYPE_PROBE_REQ:
1442 IEEE80211_DEBUG_MGMT("recieved auth (%d)\n",
1443 WLAN_FC_GET_STYPE(le16_to_cpu
1444 (header->frame_ctl)));
1445
1446 if (ieee->handle_probe_request != NULL)
1447 ieee->handle_probe_request(ieee->dev,
1448 (struct
1449 ieee80211_probe_request *)
1450 header, stats);
1160 break; 1451 break;
1161 1452
1162 case IEEE80211_STYPE_PROBE_RESP: 1453 case IEEE80211_STYPE_PROBE_RESP:
1163 IEEE80211_DEBUG_MGMT("received PROBE RESPONSE (%d)\n", 1454 IEEE80211_DEBUG_MGMT("received PROBE RESPONSE (%d)\n",
1164 WLAN_FC_GET_STYPE(header->frame_ctl)); 1455 WLAN_FC_GET_STYPE(le16_to_cpu
1456 (header->frame_ctl)));
1165 IEEE80211_DEBUG_SCAN("Probe response\n"); 1457 IEEE80211_DEBUG_SCAN("Probe response\n");
1166 ieee80211_process_probe_response(ieee, 1458 ieee80211_process_probe_response(ieee,
1167 (struct 1459 (struct
@@ -1171,20 +1463,46 @@ void ieee80211_rx_mgt(struct ieee80211_device *ieee,
1171 1463
1172 case IEEE80211_STYPE_BEACON: 1464 case IEEE80211_STYPE_BEACON:
1173 IEEE80211_DEBUG_MGMT("received BEACON (%d)\n", 1465 IEEE80211_DEBUG_MGMT("received BEACON (%d)\n",
1174 WLAN_FC_GET_STYPE(header->frame_ctl)); 1466 WLAN_FC_GET_STYPE(le16_to_cpu
1467 (header->frame_ctl)));
1175 IEEE80211_DEBUG_SCAN("Beacon\n"); 1468 IEEE80211_DEBUG_SCAN("Beacon\n");
1176 ieee80211_process_probe_response(ieee, 1469 ieee80211_process_probe_response(ieee,
1177 (struct 1470 (struct
1178 ieee80211_probe_response *) 1471 ieee80211_probe_response *)
1179 header, stats); 1472 header, stats);
1180 break; 1473 break;
1474 case IEEE80211_STYPE_AUTH:
1181 1475
1476 IEEE80211_DEBUG_MGMT("recieved auth (%d)\n",
1477 WLAN_FC_GET_STYPE(le16_to_cpu
1478 (header->frame_ctl)));
1479
1480 if (ieee->handle_auth != NULL)
1481 ieee->handle_auth(ieee->dev,
1482 (struct ieee80211_auth *)header);
1483 break;
1484
1485 case IEEE80211_STYPE_DISASSOC:
1486 if (ieee->handle_disassoc != NULL)
1487 ieee->handle_disassoc(ieee->dev,
1488 (struct ieee80211_disassoc *)
1489 header);
1490 break;
1491
1492 case IEEE80211_STYPE_DEAUTH:
1493 printk("DEAUTH from AP\n");
1494 if (ieee->handle_deauth != NULL)
1495 ieee->handle_deauth(ieee->dev, (struct ieee80211_auth *)
1496 header);
1497 break;
1182 default: 1498 default:
1183 IEEE80211_DEBUG_MGMT("received UNKNOWN (%d)\n", 1499 IEEE80211_DEBUG_MGMT("received UNKNOWN (%d)\n",
1184 WLAN_FC_GET_STYPE(header->frame_ctl)); 1500 WLAN_FC_GET_STYPE(le16_to_cpu
1501 (header->frame_ctl)));
1185 IEEE80211_WARNING("%s: Unknown management packet: %d\n", 1502 IEEE80211_WARNING("%s: Unknown management packet: %d\n",
1186 ieee->dev->name, 1503 ieee->dev->name,
1187 WLAN_FC_GET_STYPE(header->frame_ctl)); 1504 WLAN_FC_GET_STYPE(le16_to_cpu
1505 (header->frame_ctl)));
1188 break; 1506 break;
1189 } 1507 }
1190} 1508}
diff --git a/net/ieee80211/ieee80211_tx.c b/net/ieee80211/ieee80211_tx.c
index eed07bbbe6b6..95ccbadbf55b 100644
--- a/net/ieee80211/ieee80211_tx.c
+++ b/net/ieee80211/ieee80211_tx.c
@@ -1,6 +1,6 @@
1/****************************************************************************** 1/******************************************************************************
2 2
3 Copyright(c) 2003 - 2004 Intel Corporation. All rights reserved. 3 Copyright(c) 2003 - 2005 Intel Corporation. All rights reserved.
4 4
5 This program is free software; you can redistribute it and/or modify it 5 This program is free software; you can redistribute it and/or modify it
6 under the terms of version 2 of the GNU General Public License as 6 under the terms of version 2 of the GNU General Public License as
@@ -128,7 +128,7 @@ payload of each frame is reduced to 492 bytes.
128static u8 P802_1H_OUI[P80211_OUI_LEN] = { 0x00, 0x00, 0xf8 }; 128static u8 P802_1H_OUI[P80211_OUI_LEN] = { 0x00, 0x00, 0xf8 };
129static u8 RFC1042_OUI[P80211_OUI_LEN] = { 0x00, 0x00, 0x00 }; 129static u8 RFC1042_OUI[P80211_OUI_LEN] = { 0x00, 0x00, 0x00 };
130 130
131static inline int ieee80211_put_snap(u8 * data, u16 h_proto) 131static inline int ieee80211_copy_snap(u8 * data, u16 h_proto)
132{ 132{
133 struct ieee80211_snap_hdr *snap; 133 struct ieee80211_snap_hdr *snap;
134 u8 *oui; 134 u8 *oui;
@@ -157,31 +157,14 @@ static inline int ieee80211_encrypt_fragment(struct ieee80211_device *ieee,
157 struct ieee80211_crypt_data *crypt = ieee->crypt[ieee->tx_keyidx]; 157 struct ieee80211_crypt_data *crypt = ieee->crypt[ieee->tx_keyidx];
158 int res; 158 int res;
159 159
160#ifdef CONFIG_IEEE80211_CRYPT_TKIP 160 if (crypt == NULL)
161 struct ieee80211_hdr *header;
162
163 if (ieee->tkip_countermeasures &&
164 crypt && crypt->ops && strcmp(crypt->ops->name, "TKIP") == 0) {
165 header = (struct ieee80211_hdr *)frag->data;
166 if (net_ratelimit()) {
167 printk(KERN_DEBUG "%s: TKIP countermeasures: dropped "
168 "TX packet to " MAC_FMT "\n",
169 ieee->dev->name, MAC_ARG(header->addr1));
170 }
171 return -1; 161 return -1;
172 } 162
173#endif
174 /* To encrypt, frame format is: 163 /* To encrypt, frame format is:
175 * IV (4 bytes), clear payload (including SNAP), ICV (4 bytes) */ 164 * IV (4 bytes), clear payload (including SNAP), ICV (4 bytes) */
176
177 // PR: FIXME: Copied from hostap. Check fragmentation/MSDU/MPDU encryption.
178 /* Host-based IEEE 802.11 fragmentation for TX is not yet supported, so
179 * call both MSDU and MPDU encryption functions from here. */
180 atomic_inc(&crypt->refcnt); 165 atomic_inc(&crypt->refcnt);
181 res = 0; 166 res = 0;
182 if (crypt->ops->encrypt_msdu) 167 if (crypt->ops && crypt->ops->encrypt_mpdu)
183 res = crypt->ops->encrypt_msdu(frag, hdr_len, crypt->priv);
184 if (res == 0 && crypt->ops->encrypt_mpdu)
185 res = crypt->ops->encrypt_mpdu(frag, hdr_len, crypt->priv); 168 res = crypt->ops->encrypt_mpdu(frag, hdr_len, crypt->priv);
186 169
187 atomic_dec(&crypt->refcnt); 170 atomic_dec(&crypt->refcnt);
@@ -207,7 +190,7 @@ void ieee80211_txb_free(struct ieee80211_txb *txb)
207} 190}
208 191
209static struct ieee80211_txb *ieee80211_alloc_txb(int nr_frags, int txb_size, 192static struct ieee80211_txb *ieee80211_alloc_txb(int nr_frags, int txb_size,
210 gfp_t gfp_mask) 193 int headroom, gfp_t gfp_mask)
211{ 194{
212 struct ieee80211_txb *txb; 195 struct ieee80211_txb *txb;
213 int i; 196 int i;
@@ -221,11 +204,13 @@ static struct ieee80211_txb *ieee80211_alloc_txb(int nr_frags, int txb_size,
221 txb->frag_size = txb_size; 204 txb->frag_size = txb_size;
222 205
223 for (i = 0; i < nr_frags; i++) { 206 for (i = 0; i < nr_frags; i++) {
224 txb->fragments[i] = dev_alloc_skb(txb_size); 207 txb->fragments[i] = __dev_alloc_skb(txb_size + headroom,
208 gfp_mask);
225 if (unlikely(!txb->fragments[i])) { 209 if (unlikely(!txb->fragments[i])) {
226 i--; 210 i--;
227 break; 211 break;
228 } 212 }
213 skb_reserve(txb->fragments[i], headroom);
229 } 214 }
230 if (unlikely(i != nr_frags)) { 215 if (unlikely(i != nr_frags)) {
231 while (i >= 0) 216 while (i >= 0)
@@ -236,25 +221,31 @@ static struct ieee80211_txb *ieee80211_alloc_txb(int nr_frags, int txb_size,
236 return txb; 221 return txb;
237} 222}
238 223
239/* SKBs are added to the ieee->tx_queue. */ 224/* Incoming skb is converted to a txb which consists of
225 * a block of 802.11 fragment packets (stored as skbs) */
240int ieee80211_xmit(struct sk_buff *skb, struct net_device *dev) 226int ieee80211_xmit(struct sk_buff *skb, struct net_device *dev)
241{ 227{
242 struct ieee80211_device *ieee = netdev_priv(dev); 228 struct ieee80211_device *ieee = netdev_priv(dev);
243 struct ieee80211_txb *txb = NULL; 229 struct ieee80211_txb *txb = NULL;
244 struct ieee80211_hdr *frag_hdr; 230 struct ieee80211_hdr_3addr *frag_hdr;
245 int i, bytes_per_frag, nr_frags, bytes_last_frag, frag_size; 231 int i, bytes_per_frag, nr_frags, bytes_last_frag, frag_size,
232 rts_required;
246 unsigned long flags; 233 unsigned long flags;
247 struct net_device_stats *stats = &ieee->stats; 234 struct net_device_stats *stats = &ieee->stats;
248 int ether_type, encrypt; 235 int ether_type, encrypt, host_encrypt, host_encrypt_msdu, host_build_iv;
249 int bytes, fc, hdr_len; 236 int bytes, fc, hdr_len;
250 struct sk_buff *skb_frag; 237 struct sk_buff *skb_frag;
251 struct ieee80211_hdr header = { /* Ensure zero initialized */ 238 struct ieee80211_hdr_3addr header = { /* Ensure zero initialized */
252 .duration_id = 0, 239 .duration_id = 0,
253 .seq_ctl = 0 240 .seq_ctl = 0
254 }; 241 };
255 u8 dest[ETH_ALEN], src[ETH_ALEN]; 242 u8 dest[ETH_ALEN], src[ETH_ALEN];
256
257 struct ieee80211_crypt_data *crypt; 243 struct ieee80211_crypt_data *crypt;
244 int priority = skb->priority;
245 int snapped = 0;
246
247 if (ieee->is_queue_full && (*ieee->is_queue_full) (dev, priority))
248 return NETDEV_TX_BUSY;
258 249
259 spin_lock_irqsave(&ieee->lock, flags); 250 spin_lock_irqsave(&ieee->lock, flags);
260 251
@@ -276,7 +267,11 @@ int ieee80211_xmit(struct sk_buff *skb, struct net_device *dev)
276 crypt = ieee->crypt[ieee->tx_keyidx]; 267 crypt = ieee->crypt[ieee->tx_keyidx];
277 268
278 encrypt = !(ether_type == ETH_P_PAE && ieee->ieee802_1x) && 269 encrypt = !(ether_type == ETH_P_PAE && ieee->ieee802_1x) &&
279 ieee->host_encrypt && crypt && crypt->ops; 270 ieee->sec.encrypt;
271
272 host_encrypt = ieee->host_encrypt && encrypt && crypt;
273 host_encrypt_msdu = ieee->host_encrypt_msdu && encrypt && crypt;
274 host_build_iv = ieee->host_build_iv && encrypt && crypt;
280 275
281 if (!encrypt && ieee->ieee802_1x && 276 if (!encrypt && ieee->ieee802_1x &&
282 ieee->drop_unencrypted && ether_type != ETH_P_PAE) { 277 ieee->drop_unencrypted && ether_type != ETH_P_PAE) {
@@ -285,8 +280,8 @@ int ieee80211_xmit(struct sk_buff *skb, struct net_device *dev)
285 } 280 }
286 281
287 /* Save source and destination addresses */ 282 /* Save source and destination addresses */
288 memcpy(&dest, skb->data, ETH_ALEN); 283 memcpy(dest, skb->data, ETH_ALEN);
289 memcpy(&src, skb->data + ETH_ALEN, ETH_ALEN); 284 memcpy(src, skb->data + ETH_ALEN, ETH_ALEN);
290 285
291 /* Advance the SKB to the start of the payload */ 286 /* Advance the SKB to the start of the payload */
292 skb_pull(skb, sizeof(struct ethhdr)); 287 skb_pull(skb, sizeof(struct ethhdr));
@@ -294,7 +289,7 @@ int ieee80211_xmit(struct sk_buff *skb, struct net_device *dev)
294 /* Determine total amount of storage required for TXB packets */ 289 /* Determine total amount of storage required for TXB packets */
295 bytes = skb->len + SNAP_SIZE + sizeof(u16); 290 bytes = skb->len + SNAP_SIZE + sizeof(u16);
296 291
297 if (encrypt) 292 if (host_encrypt)
298 fc = IEEE80211_FTYPE_DATA | IEEE80211_STYPE_DATA | 293 fc = IEEE80211_FTYPE_DATA | IEEE80211_STYPE_DATA |
299 IEEE80211_FCTL_PROTECTED; 294 IEEE80211_FCTL_PROTECTED;
300 else 295 else
@@ -302,70 +297,144 @@ int ieee80211_xmit(struct sk_buff *skb, struct net_device *dev)
302 297
303 if (ieee->iw_mode == IW_MODE_INFRA) { 298 if (ieee->iw_mode == IW_MODE_INFRA) {
304 fc |= IEEE80211_FCTL_TODS; 299 fc |= IEEE80211_FCTL_TODS;
305 /* To DS: Addr1 = BSSID, Addr2 = SA, 300 /* To DS: Addr1 = BSSID, Addr2 = SA, Addr3 = DA */
306 Addr3 = DA */ 301 memcpy(header.addr1, ieee->bssid, ETH_ALEN);
307 memcpy(&header.addr1, ieee->bssid, ETH_ALEN); 302 memcpy(header.addr2, src, ETH_ALEN);
308 memcpy(&header.addr2, &src, ETH_ALEN); 303 memcpy(header.addr3, dest, ETH_ALEN);
309 memcpy(&header.addr3, &dest, ETH_ALEN);
310 } else if (ieee->iw_mode == IW_MODE_ADHOC) { 304 } else if (ieee->iw_mode == IW_MODE_ADHOC) {
311 /* not From/To DS: Addr1 = DA, Addr2 = SA, 305 /* not From/To DS: Addr1 = DA, Addr2 = SA, Addr3 = BSSID */
312 Addr3 = BSSID */ 306 memcpy(header.addr1, dest, ETH_ALEN);
313 memcpy(&header.addr1, dest, ETH_ALEN); 307 memcpy(header.addr2, src, ETH_ALEN);
314 memcpy(&header.addr2, src, ETH_ALEN); 308 memcpy(header.addr3, ieee->bssid, ETH_ALEN);
315 memcpy(&header.addr3, ieee->bssid, ETH_ALEN);
316 } 309 }
317 header.frame_ctl = cpu_to_le16(fc); 310 header.frame_ctl = cpu_to_le16(fc);
318 hdr_len = IEEE80211_3ADDR_LEN; 311 hdr_len = IEEE80211_3ADDR_LEN;
319 312
320 /* Determine fragmentation size based on destination (multicast 313 /* Encrypt msdu first on the whole data packet. */
321 * and broadcast are not fragmented) */ 314 if ((host_encrypt || host_encrypt_msdu) &&
322 if (is_multicast_ether_addr(dest) || is_broadcast_ether_addr(dest)) 315 crypt && crypt->ops && crypt->ops->encrypt_msdu) {
323 frag_size = MAX_FRAG_THRESHOLD; 316 int res = 0;
324 else 317 int len = bytes + hdr_len + crypt->ops->extra_msdu_prefix_len +
325 frag_size = ieee->fts; 318 crypt->ops->extra_msdu_postfix_len;
319 struct sk_buff *skb_new = dev_alloc_skb(len);
320
321 if (unlikely(!skb_new))
322 goto failed;
323
324 skb_reserve(skb_new, crypt->ops->extra_msdu_prefix_len);
325 memcpy(skb_put(skb_new, hdr_len), &header, hdr_len);
326 snapped = 1;
327 ieee80211_copy_snap(skb_put(skb_new, SNAP_SIZE + sizeof(u16)),
328 ether_type);
329 memcpy(skb_put(skb_new, skb->len), skb->data, skb->len);
330 res = crypt->ops->encrypt_msdu(skb_new, hdr_len, crypt->priv);
331 if (res < 0) {
332 IEEE80211_ERROR("msdu encryption failed\n");
333 dev_kfree_skb_any(skb_new);
334 goto failed;
335 }
336 dev_kfree_skb_any(skb);
337 skb = skb_new;
338 bytes += crypt->ops->extra_msdu_prefix_len +
339 crypt->ops->extra_msdu_postfix_len;
340 skb_pull(skb, hdr_len);
341 }
326 342
327 /* Determine amount of payload per fragment. Regardless of if 343 if (host_encrypt || ieee->host_open_frag) {
328 * this stack is providing the full 802.11 header, one will 344 /* Determine fragmentation size based on destination (multicast
329 * eventually be affixed to this fragment -- so we must account for 345 * and broadcast are not fragmented) */
330 * it when determining the amount of payload space. */ 346 if (is_multicast_ether_addr(dest) ||
331 bytes_per_frag = frag_size - IEEE80211_3ADDR_LEN; 347 is_broadcast_ether_addr(dest))
332 if (ieee->config & 348 frag_size = MAX_FRAG_THRESHOLD;
333 (CFG_IEEE80211_COMPUTE_FCS | CFG_IEEE80211_RESERVE_FCS)) 349 else
334 bytes_per_frag -= IEEE80211_FCS_LEN; 350 frag_size = ieee->fts;
335 351
336 /* Each fragment may need to have room for encryptiong pre/postfix */ 352 /* Determine amount of payload per fragment. Regardless of if
337 if (encrypt) 353 * this stack is providing the full 802.11 header, one will
338 bytes_per_frag -= crypt->ops->extra_prefix_len + 354 * eventually be affixed to this fragment -- so we must account
339 crypt->ops->extra_postfix_len; 355 * for it when determining the amount of payload space. */
340 356 bytes_per_frag = frag_size - IEEE80211_3ADDR_LEN;
341 /* Number of fragments is the total bytes_per_frag / 357 if (ieee->config &
342 * payload_per_fragment */ 358 (CFG_IEEE80211_COMPUTE_FCS | CFG_IEEE80211_RESERVE_FCS))
343 nr_frags = bytes / bytes_per_frag; 359 bytes_per_frag -= IEEE80211_FCS_LEN;
344 bytes_last_frag = bytes % bytes_per_frag; 360
345 if (bytes_last_frag) 361 /* Each fragment may need to have room for encryptiong
362 * pre/postfix */
363 if (host_encrypt)
364 bytes_per_frag -= crypt->ops->extra_mpdu_prefix_len +
365 crypt->ops->extra_mpdu_postfix_len;
366
367 /* Number of fragments is the total
368 * bytes_per_frag / payload_per_fragment */
369 nr_frags = bytes / bytes_per_frag;
370 bytes_last_frag = bytes % bytes_per_frag;
371 if (bytes_last_frag)
372 nr_frags++;
373 else
374 bytes_last_frag = bytes_per_frag;
375 } else {
376 nr_frags = 1;
377 bytes_per_frag = bytes_last_frag = bytes;
378 frag_size = bytes + IEEE80211_3ADDR_LEN;
379 }
380
381 rts_required = (frag_size > ieee->rts
382 && ieee->config & CFG_IEEE80211_RTS);
383 if (rts_required)
346 nr_frags++; 384 nr_frags++;
347 else
348 bytes_last_frag = bytes_per_frag;
349 385
350 /* When we allocate the TXB we allocate enough space for the reserve 386 /* When we allocate the TXB we allocate enough space for the reserve
351 * and full fragment bytes (bytes_per_frag doesn't include prefix, 387 * and full fragment bytes (bytes_per_frag doesn't include prefix,
352 * postfix, header, FCS, etc.) */ 388 * postfix, header, FCS, etc.) */
353 txb = ieee80211_alloc_txb(nr_frags, frag_size, GFP_ATOMIC); 389 txb = ieee80211_alloc_txb(nr_frags, frag_size,
390 ieee->tx_headroom, GFP_ATOMIC);
354 if (unlikely(!txb)) { 391 if (unlikely(!txb)) {
355 printk(KERN_WARNING "%s: Could not allocate TXB\n", 392 printk(KERN_WARNING "%s: Could not allocate TXB\n",
356 ieee->dev->name); 393 ieee->dev->name);
357 goto failed; 394 goto failed;
358 } 395 }
359 txb->encrypted = encrypt; 396 txb->encrypted = encrypt;
360 txb->payload_size = bytes; 397 if (host_encrypt)
398 txb->payload_size = frag_size * (nr_frags - 1) +
399 bytes_last_frag;
400 else
401 txb->payload_size = bytes;
402
403 if (rts_required) {
404 skb_frag = txb->fragments[0];
405 frag_hdr =
406 (struct ieee80211_hdr_3addr *)skb_put(skb_frag, hdr_len);
407
408 /*
409 * Set header frame_ctl to the RTS.
410 */
411 header.frame_ctl =
412 cpu_to_le16(IEEE80211_FTYPE_CTL | IEEE80211_STYPE_RTS);
413 memcpy(frag_hdr, &header, hdr_len);
361 414
362 for (i = 0; i < nr_frags; i++) { 415 /*
416 * Restore header frame_ctl to the original data setting.
417 */
418 header.frame_ctl = cpu_to_le16(fc);
419
420 if (ieee->config &
421 (CFG_IEEE80211_COMPUTE_FCS | CFG_IEEE80211_RESERVE_FCS))
422 skb_put(skb_frag, 4);
423
424 txb->rts_included = 1;
425 i = 1;
426 } else
427 i = 0;
428
429 for (; i < nr_frags; i++) {
363 skb_frag = txb->fragments[i]; 430 skb_frag = txb->fragments[i];
364 431
365 if (encrypt) 432 if (host_encrypt || host_build_iv)
366 skb_reserve(skb_frag, crypt->ops->extra_prefix_len); 433 skb_reserve(skb_frag,
434 crypt->ops->extra_mpdu_prefix_len);
367 435
368 frag_hdr = (struct ieee80211_hdr *)skb_put(skb_frag, hdr_len); 436 frag_hdr =
437 (struct ieee80211_hdr_3addr *)skb_put(skb_frag, hdr_len);
369 memcpy(frag_hdr, &header, hdr_len); 438 memcpy(frag_hdr, &header, hdr_len);
370 439
371 /* If this is not the last fragment, then add the MOREFRAGS 440 /* If this is not the last fragment, then add the MOREFRAGS
@@ -379,11 +448,10 @@ int ieee80211_xmit(struct sk_buff *skb, struct net_device *dev)
379 bytes = bytes_last_frag; 448 bytes = bytes_last_frag;
380 } 449 }
381 450
382 /* Put a SNAP header on the first fragment */ 451 if (i == 0 && !snapped) {
383 if (i == 0) { 452 ieee80211_copy_snap(skb_put
384 ieee80211_put_snap(skb_put 453 (skb_frag, SNAP_SIZE + sizeof(u16)),
385 (skb_frag, SNAP_SIZE + sizeof(u16)), 454 ether_type);
386 ether_type);
387 bytes -= SNAP_SIZE + sizeof(u16); 455 bytes -= SNAP_SIZE + sizeof(u16);
388 } 456 }
389 457
@@ -394,8 +462,19 @@ int ieee80211_xmit(struct sk_buff *skb, struct net_device *dev)
394 462
395 /* Encryption routine will move the header forward in order 463 /* Encryption routine will move the header forward in order
396 * to insert the IV between the header and the payload */ 464 * to insert the IV between the header and the payload */
397 if (encrypt) 465 if (host_encrypt)
398 ieee80211_encrypt_fragment(ieee, skb_frag, hdr_len); 466 ieee80211_encrypt_fragment(ieee, skb_frag, hdr_len);
467 else if (host_build_iv) {
468 struct ieee80211_crypt_data *crypt;
469
470 crypt = ieee->crypt[ieee->tx_keyidx];
471 atomic_inc(&crypt->refcnt);
472 if (crypt->ops->build_iv)
473 crypt->ops->build_iv(skb_frag, hdr_len,
474 crypt->priv);
475 atomic_dec(&crypt->refcnt);
476 }
477
399 if (ieee->config & 478 if (ieee->config &
400 (CFG_IEEE80211_COMPUTE_FCS | CFG_IEEE80211_RESERVE_FCS)) 479 (CFG_IEEE80211_COMPUTE_FCS | CFG_IEEE80211_RESERVE_FCS))
401 skb_put(skb_frag, 4); 480 skb_put(skb_frag, 4);
@@ -407,11 +486,20 @@ int ieee80211_xmit(struct sk_buff *skb, struct net_device *dev)
407 dev_kfree_skb_any(skb); 486 dev_kfree_skb_any(skb);
408 487
409 if (txb) { 488 if (txb) {
410 if ((*ieee->hard_start_xmit) (txb, dev) == 0) { 489 int ret = (*ieee->hard_start_xmit) (txb, dev, priority);
490 if (ret == 0) {
411 stats->tx_packets++; 491 stats->tx_packets++;
412 stats->tx_bytes += txb->payload_size; 492 stats->tx_bytes += txb->payload_size;
413 return 0; 493 return 0;
414 } 494 }
495
496 if (ret == NETDEV_TX_BUSY) {
497 printk(KERN_ERR "%s: NETDEV_TX_BUSY returned; "
498 "driver should report queue full via "
499 "ieee_device->is_queue_full.\n",
500 ieee->dev->name);
501 }
502
415 ieee80211_txb_free(txb); 503 ieee80211_txb_free(txb);
416 } 504 }
417 505
@@ -422,7 +510,72 @@ int ieee80211_xmit(struct sk_buff *skb, struct net_device *dev)
422 netif_stop_queue(dev); 510 netif_stop_queue(dev);
423 stats->tx_errors++; 511 stats->tx_errors++;
424 return 1; 512 return 1;
513}
514
515/* Incoming 802.11 strucure is converted to a TXB
516 * a block of 802.11 fragment packets (stored as skbs) */
517int ieee80211_tx_frame(struct ieee80211_device *ieee,
518 struct ieee80211_hdr *frame, int len)
519{
520 struct ieee80211_txb *txb = NULL;
521 unsigned long flags;
522 struct net_device_stats *stats = &ieee->stats;
523 struct sk_buff *skb_frag;
524 int priority = -1;
525
526 spin_lock_irqsave(&ieee->lock, flags);
425 527
528 /* If there is no driver handler to take the TXB, dont' bother
529 * creating it... */
530 if (!ieee->hard_start_xmit) {
531 printk(KERN_WARNING "%s: No xmit handler.\n", ieee->dev->name);
532 goto success;
533 }
534
535 if (unlikely(len < 24)) {
536 printk(KERN_WARNING "%s: skb too small (%d).\n",
537 ieee->dev->name, len);
538 goto success;
539 }
540
541 /* When we allocate the TXB we allocate enough space for the reserve
542 * and full fragment bytes (bytes_per_frag doesn't include prefix,
543 * postfix, header, FCS, etc.) */
544 txb = ieee80211_alloc_txb(1, len, ieee->tx_headroom, GFP_ATOMIC);
545 if (unlikely(!txb)) {
546 printk(KERN_WARNING "%s: Could not allocate TXB\n",
547 ieee->dev->name);
548 goto failed;
549 }
550 txb->encrypted = 0;
551 txb->payload_size = len;
552
553 skb_frag = txb->fragments[0];
554
555 memcpy(skb_put(skb_frag, len), frame, len);
556
557 if (ieee->config &
558 (CFG_IEEE80211_COMPUTE_FCS | CFG_IEEE80211_RESERVE_FCS))
559 skb_put(skb_frag, 4);
560
561 success:
562 spin_unlock_irqrestore(&ieee->lock, flags);
563
564 if (txb) {
565 if ((*ieee->hard_start_xmit) (txb, ieee->dev, priority) == 0) {
566 stats->tx_packets++;
567 stats->tx_bytes += txb->payload_size;
568 return 0;
569 }
570 ieee80211_txb_free(txb);
571 }
572 return 0;
573
574 failed:
575 spin_unlock_irqrestore(&ieee->lock, flags);
576 stats->tx_errors++;
577 return 1;
426} 578}
427 579
580EXPORT_SYMBOL(ieee80211_tx_frame);
428EXPORT_SYMBOL(ieee80211_txb_free); 581EXPORT_SYMBOL(ieee80211_txb_free);
diff --git a/net/ieee80211/ieee80211_wx.c b/net/ieee80211/ieee80211_wx.c
index 94882f39b072..1ce7af9bec35 100644
--- a/net/ieee80211/ieee80211_wx.c
+++ b/net/ieee80211/ieee80211_wx.c
@@ -1,6 +1,6 @@
1/****************************************************************************** 1/******************************************************************************
2 2
3 Copyright(c) 2004 Intel Corporation. All rights reserved. 3 Copyright(c) 2004-2005 Intel Corporation. All rights reserved.
4 4
5 Portions of this file are based on the WEP enablement code provided by the 5 Portions of this file are based on the WEP enablement code provided by the
6 Host AP project hostap-drivers v0.1.3 6 Host AP project hostap-drivers v0.1.3
@@ -32,6 +32,7 @@
32 32
33#include <linux/kmod.h> 33#include <linux/kmod.h>
34#include <linux/module.h> 34#include <linux/module.h>
35#include <linux/jiffies.h>
35 36
36#include <net/ieee80211.h> 37#include <net/ieee80211.h>
37#include <linux/wireless.h> 38#include <linux/wireless.h>
@@ -140,18 +141,41 @@ static inline char *ipw2100_translate_scan(struct ieee80211_device *ieee,
140 start = iwe_stream_add_point(start, stop, &iwe, custom); 141 start = iwe_stream_add_point(start, stop, &iwe, custom);
141 142
142 /* Add quality statistics */ 143 /* Add quality statistics */
143 /* TODO: Fix these values... */
144 iwe.cmd = IWEVQUAL; 144 iwe.cmd = IWEVQUAL;
145 iwe.u.qual.qual = network->stats.signal; 145 iwe.u.qual.updated = IW_QUAL_QUAL_UPDATED | IW_QUAL_LEVEL_UPDATED |
146 iwe.u.qual.level = network->stats.rssi; 146 IW_QUAL_NOISE_UPDATED;
147 iwe.u.qual.noise = network->stats.noise; 147
148 iwe.u.qual.updated = network->stats.mask & IEEE80211_STATMASK_WEMASK; 148 if (!(network->stats.mask & IEEE80211_STATMASK_RSSI)) {
149 if (!(network->stats.mask & IEEE80211_STATMASK_RSSI)) 149 iwe.u.qual.updated |= IW_QUAL_QUAL_INVALID |
150 iwe.u.qual.updated |= IW_QUAL_LEVEL_INVALID; 150 IW_QUAL_LEVEL_INVALID;
151 if (!(network->stats.mask & IEEE80211_STATMASK_NOISE)) 151 iwe.u.qual.qual = 0;
152 iwe.u.qual.level = 0;
153 } else {
154 iwe.u.qual.level = network->stats.rssi;
155 if (ieee->perfect_rssi == ieee->worst_rssi)
156 iwe.u.qual.qual = 100;
157 else
158 iwe.u.qual.qual =
159 (100 *
160 (ieee->perfect_rssi - ieee->worst_rssi) *
161 (ieee->perfect_rssi - ieee->worst_rssi) -
162 (ieee->perfect_rssi - network->stats.rssi) *
163 (15 * (ieee->perfect_rssi - ieee->worst_rssi) +
164 62 * (ieee->perfect_rssi - network->stats.rssi))) /
165 ((ieee->perfect_rssi - ieee->worst_rssi) *
166 (ieee->perfect_rssi - ieee->worst_rssi));
167 if (iwe.u.qual.qual > 100)
168 iwe.u.qual.qual = 100;
169 else if (iwe.u.qual.qual < 1)
170 iwe.u.qual.qual = 0;
171 }
172
173 if (!(network->stats.mask & IEEE80211_STATMASK_NOISE)) {
152 iwe.u.qual.updated |= IW_QUAL_NOISE_INVALID; 174 iwe.u.qual.updated |= IW_QUAL_NOISE_INVALID;
153 if (!(network->stats.mask & IEEE80211_STATMASK_SIGNAL)) 175 iwe.u.qual.noise = 0;
154 iwe.u.qual.updated |= IW_QUAL_QUAL_INVALID; 176 } else {
177 iwe.u.qual.noise = network->stats.noise;
178 }
155 179
156 start = iwe_stream_add_event(start, stop, &iwe, IW_EV_QUAL_LEN); 180 start = iwe_stream_add_event(start, stop, &iwe, IW_EV_QUAL_LEN);
157 181
@@ -162,7 +186,7 @@ static inline char *ipw2100_translate_scan(struct ieee80211_device *ieee,
162 if (iwe.u.data.length) 186 if (iwe.u.data.length)
163 start = iwe_stream_add_point(start, stop, &iwe, custom); 187 start = iwe_stream_add_point(start, stop, &iwe, custom);
164 188
165 if (ieee->wpa_enabled && network->wpa_ie_len) { 189 if (network->wpa_ie_len) {
166 char buf[MAX_WPA_IE_LEN * 2 + 30]; 190 char buf[MAX_WPA_IE_LEN * 2 + 30];
167 191
168 u8 *p = buf; 192 u8 *p = buf;
@@ -177,7 +201,7 @@ static inline char *ipw2100_translate_scan(struct ieee80211_device *ieee,
177 start = iwe_stream_add_point(start, stop, &iwe, buf); 201 start = iwe_stream_add_point(start, stop, &iwe, buf);
178 } 202 }
179 203
180 if (ieee->wpa_enabled && network->rsn_ie_len) { 204 if (network->rsn_ie_len) {
181 char buf[MAX_WPA_IE_LEN * 2 + 30]; 205 char buf[MAX_WPA_IE_LEN * 2 + 30];
182 206
183 u8 *p = buf; 207 u8 *p = buf;
@@ -197,8 +221,8 @@ static inline char *ipw2100_translate_scan(struct ieee80211_device *ieee,
197 iwe.cmd = IWEVCUSTOM; 221 iwe.cmd = IWEVCUSTOM;
198 p = custom; 222 p = custom;
199 p += snprintf(p, MAX_CUSTOM_LEN - (p - custom), 223 p += snprintf(p, MAX_CUSTOM_LEN - (p - custom),
200 " Last beacon: %lums ago", 224 " Last beacon: %dms ago",
201 (jiffies - network->last_scanned) / (HZ / 100)); 225 jiffies_to_msecs(jiffies - network->last_scanned));
202 iwe.u.data.length = p - custom; 226 iwe.u.data.length = p - custom;
203 if (iwe.u.data.length) 227 if (iwe.u.data.length)
204 start = iwe_stream_add_point(start, stop, &iwe, custom); 228 start = iwe_stream_add_point(start, stop, &iwe, custom);
@@ -228,13 +252,13 @@ int ieee80211_wx_get_scan(struct ieee80211_device *ieee,
228 ev = ipw2100_translate_scan(ieee, ev, stop, network); 252 ev = ipw2100_translate_scan(ieee, ev, stop, network);
229 else 253 else
230 IEEE80211_DEBUG_SCAN("Not showing network '%s (" 254 IEEE80211_DEBUG_SCAN("Not showing network '%s ("
231 MAC_FMT ")' due to age (%lums).\n", 255 MAC_FMT ")' due to age (%dms).\n",
232 escape_essid(network->ssid, 256 escape_essid(network->ssid,
233 network->ssid_len), 257 network->ssid_len),
234 MAC_ARG(network->bssid), 258 MAC_ARG(network->bssid),
235 (jiffies - 259 jiffies_to_msecs(jiffies -
236 network->last_scanned) / (HZ / 260 network->
237 100)); 261 last_scanned));
238 } 262 }
239 263
240 spin_unlock_irqrestore(&ieee->lock, flags); 264 spin_unlock_irqrestore(&ieee->lock, flags);
@@ -258,6 +282,7 @@ int ieee80211_wx_set_encode(struct ieee80211_device *ieee,
258 }; 282 };
259 int i, key, key_provided, len; 283 int i, key, key_provided, len;
260 struct ieee80211_crypt_data **crypt; 284 struct ieee80211_crypt_data **crypt;
285 int host_crypto = ieee->host_encrypt || ieee->host_decrypt;
261 286
262 IEEE80211_DEBUG_WX("SET_ENCODE\n"); 287 IEEE80211_DEBUG_WX("SET_ENCODE\n");
263 288
@@ -298,15 +323,17 @@ int ieee80211_wx_set_encode(struct ieee80211_device *ieee,
298 323
299 if (i == WEP_KEYS) { 324 if (i == WEP_KEYS) {
300 sec.enabled = 0; 325 sec.enabled = 0;
326 sec.encrypt = 0;
301 sec.level = SEC_LEVEL_0; 327 sec.level = SEC_LEVEL_0;
302 sec.flags |= SEC_ENABLED | SEC_LEVEL; 328 sec.flags |= SEC_ENABLED | SEC_LEVEL | SEC_ENCRYPT;
303 } 329 }
304 330
305 goto done; 331 goto done;
306 } 332 }
307 333
308 sec.enabled = 1; 334 sec.enabled = 1;
309 sec.flags |= SEC_ENABLED; 335 sec.encrypt = 1;
336 sec.flags |= SEC_ENABLED | SEC_ENCRYPT;
310 337
311 if (*crypt != NULL && (*crypt)->ops != NULL && 338 if (*crypt != NULL && (*crypt)->ops != NULL &&
312 strcmp((*crypt)->ops->name, "WEP") != 0) { 339 strcmp((*crypt)->ops->name, "WEP") != 0) {
@@ -315,7 +342,7 @@ int ieee80211_wx_set_encode(struct ieee80211_device *ieee,
315 ieee80211_crypt_delayed_deinit(ieee, crypt); 342 ieee80211_crypt_delayed_deinit(ieee, crypt);
316 } 343 }
317 344
318 if (*crypt == NULL) { 345 if (*crypt == NULL && host_crypto) {
319 struct ieee80211_crypt_data *new_crypt; 346 struct ieee80211_crypt_data *new_crypt;
320 347
321 /* take WEP into use */ 348 /* take WEP into use */
@@ -355,49 +382,56 @@ int ieee80211_wx_set_encode(struct ieee80211_device *ieee,
355 key, escape_essid(sec.keys[key], len), 382 key, escape_essid(sec.keys[key], len),
356 erq->length, len); 383 erq->length, len);
357 sec.key_sizes[key] = len; 384 sec.key_sizes[key] = len;
358 (*crypt)->ops->set_key(sec.keys[key], len, NULL, 385 if (*crypt)
359 (*crypt)->priv); 386 (*crypt)->ops->set_key(sec.keys[key], len, NULL,
387 (*crypt)->priv);
360 sec.flags |= (1 << key); 388 sec.flags |= (1 << key);
361 /* This ensures a key will be activated if no key is 389 /* This ensures a key will be activated if no key is
362 * explicitely set */ 390 * explicitely set */
363 if (key == sec.active_key) 391 if (key == sec.active_key)
364 sec.flags |= SEC_ACTIVE_KEY; 392 sec.flags |= SEC_ACTIVE_KEY;
393
365 } else { 394 } else {
366 len = (*crypt)->ops->get_key(sec.keys[key], WEP_KEY_LEN, 395 if (host_crypto) {
367 NULL, (*crypt)->priv); 396 len = (*crypt)->ops->get_key(sec.keys[key], WEP_KEY_LEN,
368 if (len == 0) { 397 NULL, (*crypt)->priv);
369 /* Set a default key of all 0 */ 398 if (len == 0) {
370 IEEE80211_DEBUG_WX("Setting key %d to all zero.\n", 399 /* Set a default key of all 0 */
371 key); 400 IEEE80211_DEBUG_WX("Setting key %d to all "
372 memset(sec.keys[key], 0, 13); 401 "zero.\n", key);
373 (*crypt)->ops->set_key(sec.keys[key], 13, NULL, 402 memset(sec.keys[key], 0, 13);
374 (*crypt)->priv); 403 (*crypt)->ops->set_key(sec.keys[key], 13, NULL,
375 sec.key_sizes[key] = 13; 404 (*crypt)->priv);
376 sec.flags |= (1 << key); 405 sec.key_sizes[key] = 13;
406 sec.flags |= (1 << key);
407 }
377 } 408 }
378
379 /* No key data - just set the default TX key index */ 409 /* No key data - just set the default TX key index */
380 if (key_provided) { 410 if (key_provided) {
381 IEEE80211_DEBUG_WX 411 IEEE80211_DEBUG_WX("Setting key %d to default Tx "
382 ("Setting key %d to default Tx key.\n", key); 412 "key.\n", key);
383 ieee->tx_keyidx = key; 413 ieee->tx_keyidx = key;
384 sec.active_key = key; 414 sec.active_key = key;
385 sec.flags |= SEC_ACTIVE_KEY; 415 sec.flags |= SEC_ACTIVE_KEY;
386 } 416 }
387 } 417 }
388 418 if (erq->flags & (IW_ENCODE_OPEN | IW_ENCODE_RESTRICTED)) {
389 done: 419 ieee->open_wep = !(erq->flags & IW_ENCODE_RESTRICTED);
390 ieee->open_wep = !(erq->flags & IW_ENCODE_RESTRICTED); 420 sec.auth_mode = ieee->open_wep ? WLAN_AUTH_OPEN :
391 sec.auth_mode = ieee->open_wep ? WLAN_AUTH_OPEN : WLAN_AUTH_SHARED_KEY; 421 WLAN_AUTH_SHARED_KEY;
392 sec.flags |= SEC_AUTH_MODE; 422 sec.flags |= SEC_AUTH_MODE;
393 IEEE80211_DEBUG_WX("Auth: %s\n", sec.auth_mode == WLAN_AUTH_OPEN ? 423 IEEE80211_DEBUG_WX("Auth: %s\n",
394 "OPEN" : "SHARED KEY"); 424 sec.auth_mode == WLAN_AUTH_OPEN ?
425 "OPEN" : "SHARED KEY");
426 }
395 427
396 /* For now we just support WEP, so only set that security level... 428 /* For now we just support WEP, so only set that security level...
397 * TODO: When WPA is added this is one place that needs to change */ 429 * TODO: When WPA is added this is one place that needs to change */
398 sec.flags |= SEC_LEVEL; 430 sec.flags |= SEC_LEVEL;
399 sec.level = SEC_LEVEL_1; /* 40 and 104 bit WEP */ 431 sec.level = SEC_LEVEL_1; /* 40 and 104 bit WEP */
432 sec.encode_alg[key] = SEC_ALG_WEP;
400 433
434 done:
401 if (ieee->set_security) 435 if (ieee->set_security)
402 ieee->set_security(dev, &sec); 436 ieee->set_security(dev, &sec);
403 437
@@ -422,6 +456,7 @@ int ieee80211_wx_get_encode(struct ieee80211_device *ieee,
422 struct iw_point *erq = &(wrqu->encoding); 456 struct iw_point *erq = &(wrqu->encoding);
423 int len, key; 457 int len, key;
424 struct ieee80211_crypt_data *crypt; 458 struct ieee80211_crypt_data *crypt;
459 struct ieee80211_security *sec = &ieee->sec;
425 460
426 IEEE80211_DEBUG_WX("GET_ENCODE\n"); 461 IEEE80211_DEBUG_WX("GET_ENCODE\n");
427 462
@@ -436,23 +471,16 @@ int ieee80211_wx_get_encode(struct ieee80211_device *ieee,
436 crypt = ieee->crypt[key]; 471 crypt = ieee->crypt[key];
437 erq->flags = key + 1; 472 erq->flags = key + 1;
438 473
439 if (crypt == NULL || crypt->ops == NULL) { 474 if (!sec->enabled) {
440 erq->length = 0; 475 erq->length = 0;
441 erq->flags |= IW_ENCODE_DISABLED; 476 erq->flags |= IW_ENCODE_DISABLED;
442 return 0; 477 return 0;
443 } 478 }
444 479
445 if (strcmp(crypt->ops->name, "WEP") != 0) { 480 len = sec->key_sizes[key];
446 /* only WEP is supported with wireless extensions, so just 481 memcpy(keybuf, sec->keys[key], len);
447 * report that encryption is used */
448 erq->length = 0;
449 erq->flags |= IW_ENCODE_ENABLED;
450 return 0;
451 }
452 482
453 len = crypt->ops->get_key(keybuf, WEP_KEY_LEN, NULL, crypt->priv);
454 erq->length = (len >= 0 ? len : 0); 483 erq->length = (len >= 0 ? len : 0);
455
456 erq->flags |= IW_ENCODE_ENABLED; 484 erq->flags |= IW_ENCODE_ENABLED;
457 485
458 if (ieee->open_wep) 486 if (ieee->open_wep)
@@ -463,6 +491,240 @@ int ieee80211_wx_get_encode(struct ieee80211_device *ieee,
463 return 0; 491 return 0;
464} 492}
465 493
494int ieee80211_wx_set_encodeext(struct ieee80211_device *ieee,
495 struct iw_request_info *info,
496 union iwreq_data *wrqu, char *extra)
497{
498 struct net_device *dev = ieee->dev;
499 struct iw_point *encoding = &wrqu->encoding;
500 struct iw_encode_ext *ext = (struct iw_encode_ext *)extra;
501 int i, idx, ret = 0;
502 int group_key = 0;
503 const char *alg, *module;
504 struct ieee80211_crypto_ops *ops;
505 struct ieee80211_crypt_data **crypt;
506
507 struct ieee80211_security sec = {
508 .flags = 0,
509 };
510
511 idx = encoding->flags & IW_ENCODE_INDEX;
512 if (idx) {
513 if (idx < 1 || idx > WEP_KEYS)
514 return -EINVAL;
515 idx--;
516 } else
517 idx = ieee->tx_keyidx;
518
519 if (ext->ext_flags & IW_ENCODE_EXT_GROUP_KEY) {
520 crypt = &ieee->crypt[idx];
521 group_key = 1;
522 } else {
523 if (idx != 0)
524 return -EINVAL;
525 if (ieee->iw_mode == IW_MODE_INFRA)
526 crypt = &ieee->crypt[idx];
527 else
528 return -EINVAL;
529 }
530
531 sec.flags |= SEC_ENABLED | SEC_ENCRYPT;
532 if ((encoding->flags & IW_ENCODE_DISABLED) ||
533 ext->alg == IW_ENCODE_ALG_NONE) {
534 if (*crypt)
535 ieee80211_crypt_delayed_deinit(ieee, crypt);
536
537 for (i = 0; i < WEP_KEYS; i++)
538 if (ieee->crypt[i] != NULL)
539 break;
540
541 if (i == WEP_KEYS) {
542 sec.enabled = 0;
543 sec.encrypt = 0;
544 sec.level = SEC_LEVEL_0;
545 sec.flags |= SEC_LEVEL;
546 }
547 goto done;
548 }
549
550 sec.enabled = 1;
551 sec.encrypt = 1;
552
553 if (group_key ? !ieee->host_mc_decrypt :
554 !(ieee->host_encrypt || ieee->host_decrypt ||
555 ieee->host_encrypt_msdu))
556 goto skip_host_crypt;
557
558 switch (ext->alg) {
559 case IW_ENCODE_ALG_WEP:
560 alg = "WEP";
561 module = "ieee80211_crypt_wep";
562 break;
563 case IW_ENCODE_ALG_TKIP:
564 alg = "TKIP";
565 module = "ieee80211_crypt_tkip";
566 break;
567 case IW_ENCODE_ALG_CCMP:
568 alg = "CCMP";
569 module = "ieee80211_crypt_ccmp";
570 break;
571 default:
572 IEEE80211_DEBUG_WX("%s: unknown crypto alg %d\n",
573 dev->name, ext->alg);
574 ret = -EINVAL;
575 goto done;
576 }
577
578 ops = ieee80211_get_crypto_ops(alg);
579 if (ops == NULL) {
580 request_module(module);
581 ops = ieee80211_get_crypto_ops(alg);
582 }
583 if (ops == NULL) {
584 IEEE80211_DEBUG_WX("%s: unknown crypto alg %d\n",
585 dev->name, ext->alg);
586 ret = -EINVAL;
587 goto done;
588 }
589
590 if (*crypt == NULL || (*crypt)->ops != ops) {
591 struct ieee80211_crypt_data *new_crypt;
592
593 ieee80211_crypt_delayed_deinit(ieee, crypt);
594
595 new_crypt = (struct ieee80211_crypt_data *)
596 kmalloc(sizeof(*new_crypt), GFP_KERNEL);
597 if (new_crypt == NULL) {
598 ret = -ENOMEM;
599 goto done;
600 }
601 memset(new_crypt, 0, sizeof(struct ieee80211_crypt_data));
602 new_crypt->ops = ops;
603 if (new_crypt->ops && try_module_get(new_crypt->ops->owner))
604 new_crypt->priv = new_crypt->ops->init(idx);
605 if (new_crypt->priv == NULL) {
606 kfree(new_crypt);
607 ret = -EINVAL;
608 goto done;
609 }
610 *crypt = new_crypt;
611 }
612
613 if (ext->key_len > 0 && (*crypt)->ops->set_key &&
614 (*crypt)->ops->set_key(ext->key, ext->key_len, ext->rx_seq,
615 (*crypt)->priv) < 0) {
616 IEEE80211_DEBUG_WX("%s: key setting failed\n", dev->name);
617 ret = -EINVAL;
618 goto done;
619 }
620
621 skip_host_crypt:
622 if (ext->ext_flags & IW_ENCODE_EXT_SET_TX_KEY) {
623 ieee->tx_keyidx = idx;
624 sec.active_key = idx;
625 sec.flags |= SEC_ACTIVE_KEY;
626 }
627
628 if (ext->alg != IW_ENCODE_ALG_NONE) {
629 memcpy(sec.keys[idx], ext->key, ext->key_len);
630 sec.key_sizes[idx] = ext->key_len;
631 sec.flags |= (1 << idx);
632 if (ext->alg == IW_ENCODE_ALG_WEP) {
633 sec.encode_alg[idx] = SEC_ALG_WEP;
634 sec.flags |= SEC_LEVEL;
635 sec.level = SEC_LEVEL_1;
636 } else if (ext->alg == IW_ENCODE_ALG_TKIP) {
637 sec.encode_alg[idx] = SEC_ALG_TKIP;
638 sec.flags |= SEC_LEVEL;
639 sec.level = SEC_LEVEL_2;
640 } else if (ext->alg == IW_ENCODE_ALG_CCMP) {
641 sec.encode_alg[idx] = SEC_ALG_CCMP;
642 sec.flags |= SEC_LEVEL;
643 sec.level = SEC_LEVEL_3;
644 }
645 /* Don't set sec level for group keys. */
646 if (group_key)
647 sec.flags &= ~SEC_LEVEL;
648 }
649 done:
650 if (ieee->set_security)
651 ieee->set_security(ieee->dev, &sec);
652
653 /*
654 * Do not reset port if card is in Managed mode since resetting will
655 * generate new IEEE 802.11 authentication which may end up in looping
656 * with IEEE 802.1X. If your hardware requires a reset after WEP
657 * configuration (for example... Prism2), implement the reset_port in
658 * the callbacks structures used to initialize the 802.11 stack.
659 */
660 if (ieee->reset_on_keychange &&
661 ieee->iw_mode != IW_MODE_INFRA &&
662 ieee->reset_port && ieee->reset_port(dev)) {
663 IEEE80211_DEBUG_WX("%s: reset_port failed\n", dev->name);
664 return -EINVAL;
665 }
666
667 return ret;
668}
669
670int ieee80211_wx_get_encodeext(struct ieee80211_device *ieee,
671 struct iw_request_info *info,
672 union iwreq_data *wrqu, char *extra)
673{
674 struct iw_point *encoding = &wrqu->encoding;
675 struct iw_encode_ext *ext = (struct iw_encode_ext *)extra;
676 struct ieee80211_security *sec = &ieee->sec;
677 int idx, max_key_len;
678
679 max_key_len = encoding->length - sizeof(*ext);
680 if (max_key_len < 0)
681 return -EINVAL;
682
683 idx = encoding->flags & IW_ENCODE_INDEX;
684 if (idx) {
685 if (idx < 1 || idx > WEP_KEYS)
686 return -EINVAL;
687 idx--;
688 } else
689 idx = ieee->tx_keyidx;
690
691 if (!ext->ext_flags & IW_ENCODE_EXT_GROUP_KEY)
692 if (idx != 0 || ieee->iw_mode != IW_MODE_INFRA)
693 return -EINVAL;
694
695 encoding->flags = idx + 1;
696 memset(ext, 0, sizeof(*ext));
697
698 if (!sec->enabled) {
699 ext->alg = IW_ENCODE_ALG_NONE;
700 ext->key_len = 0;
701 encoding->flags |= IW_ENCODE_DISABLED;
702 } else {
703 if (sec->encode_alg[idx] == SEC_ALG_WEP)
704 ext->alg = IW_ENCODE_ALG_WEP;
705 else if (sec->encode_alg[idx] == SEC_ALG_TKIP)
706 ext->alg = IW_ENCODE_ALG_TKIP;
707 else if (sec->encode_alg[idx] == SEC_ALG_CCMP)
708 ext->alg = IW_ENCODE_ALG_CCMP;
709 else
710 return -EINVAL;
711
712 ext->key_len = sec->key_sizes[idx];
713 memcpy(ext->key, sec->keys[idx], ext->key_len);
714 encoding->flags |= IW_ENCODE_ENABLED;
715 if (ext->key_len &&
716 (ext->alg == IW_ENCODE_ALG_TKIP ||
717 ext->alg == IW_ENCODE_ALG_CCMP))
718 ext->ext_flags |= IW_ENCODE_EXT_TX_SEQ_VALID;
719
720 }
721
722 return 0;
723}
724
725EXPORT_SYMBOL(ieee80211_wx_set_encodeext);
726EXPORT_SYMBOL(ieee80211_wx_get_encodeext);
727
466EXPORT_SYMBOL(ieee80211_wx_get_scan); 728EXPORT_SYMBOL(ieee80211_wx_get_scan);
467EXPORT_SYMBOL(ieee80211_wx_set_encode); 729EXPORT_SYMBOL(ieee80211_wx_set_encode);
468EXPORT_SYMBOL(ieee80211_wx_get_encode); 730EXPORT_SYMBOL(ieee80211_wx_get_encode);
diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c
index 74f2207e131a..4ec4b2ca6ab1 100644
--- a/net/ipv4/devinet.c
+++ b/net/ipv4/devinet.c
@@ -715,6 +715,7 @@ int devinet_ioctl(unsigned int cmd, void __user *arg)
715 break; 715 break;
716 ret = 0; 716 ret = 0;
717 if (ifa->ifa_mask != sin->sin_addr.s_addr) { 717 if (ifa->ifa_mask != sin->sin_addr.s_addr) {
718 u32 old_mask = ifa->ifa_mask;
718 inet_del_ifa(in_dev, ifap, 0); 719 inet_del_ifa(in_dev, ifap, 0);
719 ifa->ifa_mask = sin->sin_addr.s_addr; 720 ifa->ifa_mask = sin->sin_addr.s_addr;
720 ifa->ifa_prefixlen = inet_mask_len(ifa->ifa_mask); 721 ifa->ifa_prefixlen = inet_mask_len(ifa->ifa_mask);
@@ -728,7 +729,7 @@ int devinet_ioctl(unsigned int cmd, void __user *arg)
728 if ((dev->flags & IFF_BROADCAST) && 729 if ((dev->flags & IFF_BROADCAST) &&
729 (ifa->ifa_prefixlen < 31) && 730 (ifa->ifa_prefixlen < 31) &&
730 (ifa->ifa_broadcast == 731 (ifa->ifa_broadcast ==
731 (ifa->ifa_local|~ifa->ifa_mask))) { 732 (ifa->ifa_local|~old_mask))) {
732 ifa->ifa_broadcast = (ifa->ifa_local | 733 ifa->ifa_broadcast = (ifa->ifa_local |
733 ~sin->sin_addr.s_addr); 734 ~sin->sin_addr.s_addr);
734 } 735 }
diff --git a/net/ipv4/fib_frontend.c b/net/ipv4/fib_frontend.c
index e61bc7177eb1..990633c09dfe 100644
--- a/net/ipv4/fib_frontend.c
+++ b/net/ipv4/fib_frontend.c
@@ -591,7 +591,7 @@ static int fib_inetaddr_event(struct notifier_block *this, unsigned long event,
591 break; 591 break;
592 case NETDEV_DOWN: 592 case NETDEV_DOWN:
593 fib_del_ifaddr(ifa); 593 fib_del_ifaddr(ifa);
594 if (ifa->ifa_dev && ifa->ifa_dev->ifa_list == NULL) { 594 if (ifa->ifa_dev->ifa_list == NULL) {
595 /* Last address was deleted from this interface. 595 /* Last address was deleted from this interface.
596 Disable IP. 596 Disable IP.
597 */ 597 */
diff --git a/net/ipv4/fib_trie.c b/net/ipv4/fib_trie.c
index 0093ea08c7f5..66247f38b371 100644
--- a/net/ipv4/fib_trie.c
+++ b/net/ipv4/fib_trie.c
@@ -2404,7 +2404,7 @@ static int fib_route_seq_show(struct seq_file *seq, void *v)
2404 prefix = htonl(l->key); 2404 prefix = htonl(l->key);
2405 2405
2406 list_for_each_entry_rcu(fa, &li->falh, fa_list) { 2406 list_for_each_entry_rcu(fa, &li->falh, fa_list) {
2407 const struct fib_info *fi = rcu_dereference(fa->fa_info); 2407 const struct fib_info *fi = fa->fa_info;
2408 unsigned flags = fib_flag_trans(fa->fa_type, mask, fi); 2408 unsigned flags = fib_flag_trans(fa->fa_type, mask, fi);
2409 2409
2410 if (fa->fa_type == RTN_BROADCAST 2410 if (fa->fa_type == RTN_BROADCAST
diff --git a/net/ipv4/icmp.c b/net/ipv4/icmp.c
index 90dca711ac9f..175e093ec564 100644
--- a/net/ipv4/icmp.c
+++ b/net/ipv4/icmp.c
@@ -1108,12 +1108,9 @@ void __init icmp_init(struct net_proto_family *ops)
1108 struct inet_sock *inet; 1108 struct inet_sock *inet;
1109 int i; 1109 int i;
1110 1110
1111 for (i = 0; i < NR_CPUS; i++) { 1111 for_each_cpu(i) {
1112 int err; 1112 int err;
1113 1113
1114 if (!cpu_possible(i))
1115 continue;
1116
1117 err = sock_create_kern(PF_INET, SOCK_RAW, IPPROTO_ICMP, 1114 err = sock_create_kern(PF_INET, SOCK_RAW, IPPROTO_ICMP,
1118 &per_cpu(__icmp_socket, i)); 1115 &per_cpu(__icmp_socket, i));
1119 1116
diff --git a/net/ipv4/ip_output.c b/net/ipv4/ip_output.c
index 1ad5202e556b..17758234a3e3 100644
--- a/net/ipv4/ip_output.c
+++ b/net/ipv4/ip_output.c
@@ -275,7 +275,8 @@ int ip_output(struct sk_buff *skb)
275{ 275{
276 IP_INC_STATS(IPSTATS_MIB_OUTREQUESTS); 276 IP_INC_STATS(IPSTATS_MIB_OUTREQUESTS);
277 277
278 if (skb->len > dst_mtu(skb->dst) && !skb_shinfo(skb)->tso_size) 278 if (skb->len > dst_mtu(skb->dst) &&
279 !(skb_shinfo(skb)->ufo_size || skb_shinfo(skb)->tso_size))
279 return ip_fragment(skb, ip_finish_output); 280 return ip_fragment(skb, ip_finish_output);
280 else 281 else
281 return ip_finish_output(skb); 282 return ip_finish_output(skb);
@@ -688,6 +689,60 @@ csum_page(struct page *page, int offset, int copy)
688 return csum; 689 return csum;
689} 690}
690 691
692inline int ip_ufo_append_data(struct sock *sk,
693 int getfrag(void *from, char *to, int offset, int len,
694 int odd, struct sk_buff *skb),
695 void *from, int length, int hh_len, int fragheaderlen,
696 int transhdrlen, int mtu,unsigned int flags)
697{
698 struct sk_buff *skb;
699 int err;
700
701 /* There is support for UDP fragmentation offload by network
702 * device, so create one single skb packet containing complete
703 * udp datagram
704 */
705 if ((skb = skb_peek_tail(&sk->sk_write_queue)) == NULL) {
706 skb = sock_alloc_send_skb(sk,
707 hh_len + fragheaderlen + transhdrlen + 20,
708 (flags & MSG_DONTWAIT), &err);
709
710 if (skb == NULL)
711 return err;
712
713 /* reserve space for Hardware header */
714 skb_reserve(skb, hh_len);
715
716 /* create space for UDP/IP header */
717 skb_put(skb,fragheaderlen + transhdrlen);
718
719 /* initialize network header pointer */
720 skb->nh.raw = skb->data;
721
722 /* initialize protocol header pointer */
723 skb->h.raw = skb->data + fragheaderlen;
724
725 skb->ip_summed = CHECKSUM_HW;
726 skb->csum = 0;
727 sk->sk_sndmsg_off = 0;
728 }
729
730 err = skb_append_datato_frags(sk,skb, getfrag, from,
731 (length - transhdrlen));
732 if (!err) {
733 /* specify the length of each IP datagram fragment*/
734 skb_shinfo(skb)->ufo_size = (mtu - fragheaderlen);
735 __skb_queue_tail(&sk->sk_write_queue, skb);
736
737 return 0;
738 }
739 /* There is not enough support do UFO ,
740 * so follow normal path
741 */
742 kfree_skb(skb);
743 return err;
744}
745
691/* 746/*
692 * ip_append_data() and ip_append_page() can make one large IP datagram 747 * ip_append_data() and ip_append_page() can make one large IP datagram
693 * from many pieces of data. Each pieces will be holded on the socket 748 * from many pieces of data. Each pieces will be holded on the socket
@@ -777,6 +832,15 @@ int ip_append_data(struct sock *sk,
777 csummode = CHECKSUM_HW; 832 csummode = CHECKSUM_HW;
778 833
779 inet->cork.length += length; 834 inet->cork.length += length;
835 if (((length > mtu) && (sk->sk_protocol == IPPROTO_UDP)) &&
836 (rt->u.dst.dev->features & NETIF_F_UFO)) {
837
838 if(ip_ufo_append_data(sk, getfrag, from, length, hh_len,
839 fragheaderlen, transhdrlen, mtu, flags))
840 goto error;
841
842 return 0;
843 }
780 844
781 /* So, what's going on in the loop below? 845 /* So, what's going on in the loop below?
782 * 846 *
@@ -1008,14 +1072,23 @@ ssize_t ip_append_page(struct sock *sk, struct page *page,
1008 return -EINVAL; 1072 return -EINVAL;
1009 1073
1010 inet->cork.length += size; 1074 inet->cork.length += size;
1075 if ((sk->sk_protocol == IPPROTO_UDP) &&
1076 (rt->u.dst.dev->features & NETIF_F_UFO))
1077 skb_shinfo(skb)->ufo_size = (mtu - fragheaderlen);
1078
1011 1079
1012 while (size > 0) { 1080 while (size > 0) {
1013 int i; 1081 int i;
1014 1082
1015 /* Check if the remaining data fits into current packet. */ 1083 if (skb_shinfo(skb)->ufo_size)
1016 len = mtu - skb->len; 1084 len = size;
1017 if (len < size) 1085 else {
1018 len = maxfraglen - skb->len; 1086
1087 /* Check if the remaining data fits into current packet. */
1088 len = mtu - skb->len;
1089 if (len < size)
1090 len = maxfraglen - skb->len;
1091 }
1019 if (len <= 0) { 1092 if (len <= 0) {
1020 struct sk_buff *skb_prev; 1093 struct sk_buff *skb_prev;
1021 char *data; 1094 char *data;
@@ -1023,10 +1096,7 @@ ssize_t ip_append_page(struct sock *sk, struct page *page,
1023 int alloclen; 1096 int alloclen;
1024 1097
1025 skb_prev = skb; 1098 skb_prev = skb;
1026 if (skb_prev) 1099 fraggap = skb_prev->len - maxfraglen;
1027 fraggap = skb_prev->len - maxfraglen;
1028 else
1029 fraggap = 0;
1030 1100
1031 alloclen = fragheaderlen + hh_len + fraggap + 15; 1101 alloclen = fragheaderlen + hh_len + fraggap + 15;
1032 skb = sock_wmalloc(sk, alloclen, 1, sk->sk_allocation); 1102 skb = sock_wmalloc(sk, alloclen, 1, sk->sk_allocation);
diff --git a/net/ipv4/netfilter/ip_conntrack_core.c b/net/ipv4/netfilter/ip_conntrack_core.c
index 07a80b56e8dc..422ab68ee7fb 100644
--- a/net/ipv4/netfilter/ip_conntrack_core.c
+++ b/net/ipv4/netfilter/ip_conntrack_core.c
@@ -50,7 +50,7 @@
50#include <linux/netfilter_ipv4/ip_conntrack_core.h> 50#include <linux/netfilter_ipv4/ip_conntrack_core.h>
51#include <linux/netfilter_ipv4/listhelp.h> 51#include <linux/netfilter_ipv4/listhelp.h>
52 52
53#define IP_CONNTRACK_VERSION "2.3" 53#define IP_CONNTRACK_VERSION "2.4"
54 54
55#if 0 55#if 0
56#define DEBUGP printk 56#define DEBUGP printk
@@ -148,16 +148,20 @@ DEFINE_PER_CPU(struct ip_conntrack_stat, ip_conntrack_stat);
148static int ip_conntrack_hash_rnd_initted; 148static int ip_conntrack_hash_rnd_initted;
149static unsigned int ip_conntrack_hash_rnd; 149static unsigned int ip_conntrack_hash_rnd;
150 150
151static u_int32_t 151static u_int32_t __hash_conntrack(const struct ip_conntrack_tuple *tuple,
152hash_conntrack(const struct ip_conntrack_tuple *tuple) 152 unsigned int size, unsigned int rnd)
153{ 153{
154#if 0
155 dump_tuple(tuple);
156#endif
157 return (jhash_3words(tuple->src.ip, 154 return (jhash_3words(tuple->src.ip,
158 (tuple->dst.ip ^ tuple->dst.protonum), 155 (tuple->dst.ip ^ tuple->dst.protonum),
159 (tuple->src.u.all | (tuple->dst.u.all << 16)), 156 (tuple->src.u.all | (tuple->dst.u.all << 16)),
160 ip_conntrack_hash_rnd) % ip_conntrack_htable_size); 157 rnd) % size);
158}
159
160static u_int32_t
161hash_conntrack(const struct ip_conntrack_tuple *tuple)
162{
163 return __hash_conntrack(tuple, ip_conntrack_htable_size,
164 ip_conntrack_hash_rnd);
161} 165}
162 166
163int 167int
@@ -1341,14 +1345,13 @@ static int kill_all(struct ip_conntrack *i, void *data)
1341 return 1; 1345 return 1;
1342} 1346}
1343 1347
1344static void free_conntrack_hash(void) 1348static void free_conntrack_hash(struct list_head *hash, int vmalloced,int size)
1345{ 1349{
1346 if (ip_conntrack_vmalloc) 1350 if (vmalloced)
1347 vfree(ip_conntrack_hash); 1351 vfree(hash);
1348 else 1352 else
1349 free_pages((unsigned long)ip_conntrack_hash, 1353 free_pages((unsigned long)hash,
1350 get_order(sizeof(struct list_head) 1354 get_order(sizeof(struct list_head) * size));
1351 * ip_conntrack_htable_size));
1352} 1355}
1353 1356
1354void ip_conntrack_flush() 1357void ip_conntrack_flush()
@@ -1378,12 +1381,83 @@ void ip_conntrack_cleanup(void)
1378 ip_conntrack_flush(); 1381 ip_conntrack_flush();
1379 kmem_cache_destroy(ip_conntrack_cachep); 1382 kmem_cache_destroy(ip_conntrack_cachep);
1380 kmem_cache_destroy(ip_conntrack_expect_cachep); 1383 kmem_cache_destroy(ip_conntrack_expect_cachep);
1381 free_conntrack_hash(); 1384 free_conntrack_hash(ip_conntrack_hash, ip_conntrack_vmalloc,
1385 ip_conntrack_htable_size);
1382 nf_unregister_sockopt(&so_getorigdst); 1386 nf_unregister_sockopt(&so_getorigdst);
1383} 1387}
1384 1388
1385static int hashsize; 1389static struct list_head *alloc_hashtable(int size, int *vmalloced)
1386module_param(hashsize, int, 0400); 1390{
1391 struct list_head *hash;
1392 unsigned int i;
1393
1394 *vmalloced = 0;
1395 hash = (void*)__get_free_pages(GFP_KERNEL,
1396 get_order(sizeof(struct list_head)
1397 * size));
1398 if (!hash) {
1399 *vmalloced = 1;
1400 printk(KERN_WARNING"ip_conntrack: falling back to vmalloc.\n");
1401 hash = vmalloc(sizeof(struct list_head) * size);
1402 }
1403
1404 if (hash)
1405 for (i = 0; i < size; i++)
1406 INIT_LIST_HEAD(&hash[i]);
1407
1408 return hash;
1409}
1410
1411int set_hashsize(const char *val, struct kernel_param *kp)
1412{
1413 int i, bucket, hashsize, vmalloced;
1414 int old_vmalloced, old_size;
1415 int rnd;
1416 struct list_head *hash, *old_hash;
1417 struct ip_conntrack_tuple_hash *h;
1418
1419 /* On boot, we can set this without any fancy locking. */
1420 if (!ip_conntrack_htable_size)
1421 return param_set_int(val, kp);
1422
1423 hashsize = simple_strtol(val, NULL, 0);
1424 if (!hashsize)
1425 return -EINVAL;
1426
1427 hash = alloc_hashtable(hashsize, &vmalloced);
1428 if (!hash)
1429 return -ENOMEM;
1430
1431 /* We have to rehash for the new table anyway, so we also can
1432 * use a new random seed */
1433 get_random_bytes(&rnd, 4);
1434
1435 write_lock_bh(&ip_conntrack_lock);
1436 for (i = 0; i < ip_conntrack_htable_size; i++) {
1437 while (!list_empty(&ip_conntrack_hash[i])) {
1438 h = list_entry(ip_conntrack_hash[i].next,
1439 struct ip_conntrack_tuple_hash, list);
1440 list_del(&h->list);
1441 bucket = __hash_conntrack(&h->tuple, hashsize, rnd);
1442 list_add_tail(&h->list, &hash[bucket]);
1443 }
1444 }
1445 old_size = ip_conntrack_htable_size;
1446 old_vmalloced = ip_conntrack_vmalloc;
1447 old_hash = ip_conntrack_hash;
1448
1449 ip_conntrack_htable_size = hashsize;
1450 ip_conntrack_vmalloc = vmalloced;
1451 ip_conntrack_hash = hash;
1452 ip_conntrack_hash_rnd = rnd;
1453 write_unlock_bh(&ip_conntrack_lock);
1454
1455 free_conntrack_hash(old_hash, old_vmalloced, old_size);
1456 return 0;
1457}
1458
1459module_param_call(hashsize, set_hashsize, param_get_uint,
1460 &ip_conntrack_htable_size, 0600);
1387 1461
1388int __init ip_conntrack_init(void) 1462int __init ip_conntrack_init(void)
1389{ 1463{
@@ -1392,9 +1466,7 @@ int __init ip_conntrack_init(void)
1392 1466
1393 /* Idea from tcp.c: use 1/16384 of memory. On i386: 32MB 1467 /* Idea from tcp.c: use 1/16384 of memory. On i386: 32MB
1394 * machine has 256 buckets. >= 1GB machines have 8192 buckets. */ 1468 * machine has 256 buckets. >= 1GB machines have 8192 buckets. */
1395 if (hashsize) { 1469 if (!ip_conntrack_htable_size) {
1396 ip_conntrack_htable_size = hashsize;
1397 } else {
1398 ip_conntrack_htable_size 1470 ip_conntrack_htable_size
1399 = (((num_physpages << PAGE_SHIFT) / 16384) 1471 = (((num_physpages << PAGE_SHIFT) / 16384)
1400 / sizeof(struct list_head)); 1472 / sizeof(struct list_head));
@@ -1416,20 +1488,8 @@ int __init ip_conntrack_init(void)
1416 return ret; 1488 return ret;
1417 } 1489 }
1418 1490
1419 /* AK: the hash table is twice as big than needed because it 1491 ip_conntrack_hash = alloc_hashtable(ip_conntrack_htable_size,
1420 uses list_head. it would be much nicer to caches to use a 1492 &ip_conntrack_vmalloc);
1421 single pointer list head here. */
1422 ip_conntrack_vmalloc = 0;
1423 ip_conntrack_hash
1424 =(void*)__get_free_pages(GFP_KERNEL,
1425 get_order(sizeof(struct list_head)
1426 *ip_conntrack_htable_size));
1427 if (!ip_conntrack_hash) {
1428 ip_conntrack_vmalloc = 1;
1429 printk(KERN_WARNING "ip_conntrack: falling back to vmalloc.\n");
1430 ip_conntrack_hash = vmalloc(sizeof(struct list_head)
1431 * ip_conntrack_htable_size);
1432 }
1433 if (!ip_conntrack_hash) { 1493 if (!ip_conntrack_hash) {
1434 printk(KERN_ERR "Unable to create ip_conntrack_hash\n"); 1494 printk(KERN_ERR "Unable to create ip_conntrack_hash\n");
1435 goto err_unreg_sockopt; 1495 goto err_unreg_sockopt;
@@ -1461,9 +1521,6 @@ int __init ip_conntrack_init(void)
1461 ip_ct_protos[IPPROTO_ICMP] = &ip_conntrack_protocol_icmp; 1521 ip_ct_protos[IPPROTO_ICMP] = &ip_conntrack_protocol_icmp;
1462 write_unlock_bh(&ip_conntrack_lock); 1522 write_unlock_bh(&ip_conntrack_lock);
1463 1523
1464 for (i = 0; i < ip_conntrack_htable_size; i++)
1465 INIT_LIST_HEAD(&ip_conntrack_hash[i]);
1466
1467 /* For use by ipt_REJECT */ 1524 /* For use by ipt_REJECT */
1468 ip_ct_attach = ip_conntrack_attach; 1525 ip_ct_attach = ip_conntrack_attach;
1469 1526
@@ -1478,7 +1535,8 @@ int __init ip_conntrack_init(void)
1478err_free_conntrack_slab: 1535err_free_conntrack_slab:
1479 kmem_cache_destroy(ip_conntrack_cachep); 1536 kmem_cache_destroy(ip_conntrack_cachep);
1480err_free_hash: 1537err_free_hash:
1481 free_conntrack_hash(); 1538 free_conntrack_hash(ip_conntrack_hash, ip_conntrack_vmalloc,
1539 ip_conntrack_htable_size);
1482err_unreg_sockopt: 1540err_unreg_sockopt:
1483 nf_unregister_sockopt(&so_getorigdst); 1541 nf_unregister_sockopt(&so_getorigdst);
1484 1542
diff --git a/net/ipv4/netfilter/ipt_addrtype.c b/net/ipv4/netfilter/ipt_addrtype.c
index f5909a4c3fc7..e19c2a52d00c 100644
--- a/net/ipv4/netfilter/ipt_addrtype.c
+++ b/net/ipv4/netfilter/ipt_addrtype.c
@@ -48,7 +48,7 @@ static int checkentry(const char *tablename, const struct ipt_ip *ip,
48 unsigned int hook_mask) 48 unsigned int hook_mask)
49{ 49{
50 if (matchsize != IPT_ALIGN(sizeof(struct ipt_addrtype_info))) { 50 if (matchsize != IPT_ALIGN(sizeof(struct ipt_addrtype_info))) {
51 printk(KERN_ERR "ipt_addrtype: invalid size (%u != %Zu)\n.", 51 printk(KERN_ERR "ipt_addrtype: invalid size (%u != %Zu)\n",
52 matchsize, IPT_ALIGN(sizeof(struct ipt_addrtype_info))); 52 matchsize, IPT_ALIGN(sizeof(struct ipt_addrtype_info)));
53 return 0; 53 return 0;
54 } 54 }
diff --git a/net/ipv4/proc.c b/net/ipv4/proc.c
index f7943ba1f43c..a65e508fbd40 100644
--- a/net/ipv4/proc.c
+++ b/net/ipv4/proc.c
@@ -90,9 +90,7 @@ fold_field(void *mib[], int offt)
90 unsigned long res = 0; 90 unsigned long res = 0;
91 int i; 91 int i;
92 92
93 for (i = 0; i < NR_CPUS; i++) { 93 for_each_cpu(i) {
94 if (!cpu_possible(i))
95 continue;
96 res += *(((unsigned long *) per_cpu_ptr(mib[0], i)) + offt); 94 res += *(((unsigned long *) per_cpu_ptr(mib[0], i)) + offt);
97 res += *(((unsigned long *) per_cpu_ptr(mib[1], i)) + offt); 95 res += *(((unsigned long *) per_cpu_ptr(mib[1], i)) + offt);
98 } 96 }
diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
index a970b4727ce8..41edc14851e8 100644
--- a/net/ipv6/addrconf.c
+++ b/net/ipv6/addrconf.c
@@ -75,7 +75,7 @@
75#ifdef CONFIG_IPV6_PRIVACY 75#ifdef CONFIG_IPV6_PRIVACY
76#include <linux/random.h> 76#include <linux/random.h>
77#include <linux/crypto.h> 77#include <linux/crypto.h>
78#include <asm/scatterlist.h> 78#include <linux/scatterlist.h>
79#endif 79#endif
80 80
81#include <asm/uaccess.h> 81#include <asm/uaccess.h>
@@ -1217,12 +1217,8 @@ static int __ipv6_regen_rndid(struct inet6_dev *idev)
1217 struct net_device *dev; 1217 struct net_device *dev;
1218 struct scatterlist sg[2]; 1218 struct scatterlist sg[2];
1219 1219
1220 sg[0].page = virt_to_page(idev->entropy); 1220 sg_set_buf(&sg[0], idev->entropy, 8);
1221 sg[0].offset = offset_in_page(idev->entropy); 1221 sg_set_buf(&sg[1], idev->work_eui64, 8);
1222 sg[0].length = 8;
1223 sg[1].page = virt_to_page(idev->work_eui64);
1224 sg[1].offset = offset_in_page(idev->work_eui64);
1225 sg[1].length = 8;
1226 1222
1227 dev = idev->dev; 1223 dev = idev->dev;
1228 1224
diff --git a/net/ipv6/icmp.c b/net/ipv6/icmp.c
index b7185fb3377c..23e540365a14 100644
--- a/net/ipv6/icmp.c
+++ b/net/ipv6/icmp.c
@@ -700,10 +700,7 @@ int __init icmpv6_init(struct net_proto_family *ops)
700 struct sock *sk; 700 struct sock *sk;
701 int err, i, j; 701 int err, i, j;
702 702
703 for (i = 0; i < NR_CPUS; i++) { 703 for_each_cpu(i) {
704 if (!cpu_possible(i))
705 continue;
706
707 err = sock_create_kern(PF_INET6, SOCK_RAW, IPPROTO_ICMPV6, 704 err = sock_create_kern(PF_INET6, SOCK_RAW, IPPROTO_ICMPV6,
708 &per_cpu(__icmpv6_socket, i)); 705 &per_cpu(__icmpv6_socket, i));
709 if (err < 0) { 706 if (err < 0) {
@@ -749,9 +746,7 @@ void icmpv6_cleanup(void)
749{ 746{
750 int i; 747 int i;
751 748
752 for (i = 0; i < NR_CPUS; i++) { 749 for_each_cpu(i) {
753 if (!cpu_possible(i))
754 continue;
755 sock_release(per_cpu(__icmpv6_socket, i)); 750 sock_release(per_cpu(__icmpv6_socket, i));
756 } 751 }
757 inet6_del_protocol(&icmpv6_protocol, IPPROTO_ICMPV6); 752 inet6_del_protocol(&icmpv6_protocol, IPPROTO_ICMPV6);
diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c
index 563b442ffab8..614296a920c6 100644
--- a/net/ipv6/ip6_output.c
+++ b/net/ipv6/ip6_output.c
@@ -147,7 +147,8 @@ static int ip6_output2(struct sk_buff *skb)
147 147
148int ip6_output(struct sk_buff *skb) 148int ip6_output(struct sk_buff *skb)
149{ 149{
150 if (skb->len > dst_mtu(skb->dst) || dst_allfrag(skb->dst)) 150 if ((skb->len > dst_mtu(skb->dst) && !skb_shinfo(skb)->ufo_size) ||
151 dst_allfrag(skb->dst))
151 return ip6_fragment(skb, ip6_output2); 152 return ip6_fragment(skb, ip6_output2);
152 else 153 else
153 return ip6_output2(skb); 154 return ip6_output2(skb);
@@ -768,6 +769,65 @@ out_err_release:
768 *dst = NULL; 769 *dst = NULL;
769 return err; 770 return err;
770} 771}
772inline int ip6_ufo_append_data(struct sock *sk,
773 int getfrag(void *from, char *to, int offset, int len,
774 int odd, struct sk_buff *skb),
775 void *from, int length, int hh_len, int fragheaderlen,
776 int transhdrlen, int mtu,unsigned int flags)
777
778{
779 struct sk_buff *skb;
780 int err;
781
782 /* There is support for UDP large send offload by network
783 * device, so create one single skb packet containing complete
784 * udp datagram
785 */
786 if ((skb = skb_peek_tail(&sk->sk_write_queue)) == NULL) {
787 skb = sock_alloc_send_skb(sk,
788 hh_len + fragheaderlen + transhdrlen + 20,
789 (flags & MSG_DONTWAIT), &err);
790 if (skb == NULL)
791 return -ENOMEM;
792
793 /* reserve space for Hardware header */
794 skb_reserve(skb, hh_len);
795
796 /* create space for UDP/IP header */
797 skb_put(skb,fragheaderlen + transhdrlen);
798
799 /* initialize network header pointer */
800 skb->nh.raw = skb->data;
801
802 /* initialize protocol header pointer */
803 skb->h.raw = skb->data + fragheaderlen;
804
805 skb->ip_summed = CHECKSUM_HW;
806 skb->csum = 0;
807 sk->sk_sndmsg_off = 0;
808 }
809
810 err = skb_append_datato_frags(sk,skb, getfrag, from,
811 (length - transhdrlen));
812 if (!err) {
813 struct frag_hdr fhdr;
814
815 /* specify the length of each IP datagram fragment*/
816 skb_shinfo(skb)->ufo_size = (mtu - fragheaderlen) -
817 sizeof(struct frag_hdr);
818 ipv6_select_ident(skb, &fhdr);
819 skb_shinfo(skb)->ip6_frag_id = fhdr.identification;
820 __skb_queue_tail(&sk->sk_write_queue, skb);
821
822 return 0;
823 }
824 /* There is not enough support do UPD LSO,
825 * so follow normal path
826 */
827 kfree_skb(skb);
828
829 return err;
830}
771 831
772int ip6_append_data(struct sock *sk, int getfrag(void *from, char *to, 832int ip6_append_data(struct sock *sk, int getfrag(void *from, char *to,
773 int offset, int len, int odd, struct sk_buff *skb), 833 int offset, int len, int odd, struct sk_buff *skb),
@@ -860,6 +920,15 @@ int ip6_append_data(struct sock *sk, int getfrag(void *from, char *to,
860 */ 920 */
861 921
862 inet->cork.length += length; 922 inet->cork.length += length;
923 if (((length > mtu) && (sk->sk_protocol == IPPROTO_UDP)) &&
924 (rt->u.dst.dev->features & NETIF_F_UFO)) {
925
926 if(ip6_ufo_append_data(sk, getfrag, from, length, hh_len,
927 fragheaderlen, transhdrlen, mtu, flags))
928 goto error;
929
930 return 0;
931 }
863 932
864 if ((skb = skb_peek_tail(&sk->sk_write_queue)) == NULL) 933 if ((skb = skb_peek_tail(&sk->sk_write_queue)) == NULL)
865 goto alloc_new_skb; 934 goto alloc_new_skb;
diff --git a/net/ipv6/mcast.c b/net/ipv6/mcast.c
index 39a96c768102..c4f2a0ef7489 100644
--- a/net/ipv6/mcast.c
+++ b/net/ipv6/mcast.c
@@ -164,7 +164,7 @@ static int ip6_mc_leave_src(struct sock *sk, struct ipv6_mc_socklist *iml,
164#define MLDV2_MASK(value, nb) ((nb)>=32 ? (value) : ((1<<(nb))-1) & (value)) 164#define MLDV2_MASK(value, nb) ((nb)>=32 ? (value) : ((1<<(nb))-1) & (value))
165#define MLDV2_EXP(thresh, nbmant, nbexp, value) \ 165#define MLDV2_EXP(thresh, nbmant, nbexp, value) \
166 ((value) < (thresh) ? (value) : \ 166 ((value) < (thresh) ? (value) : \
167 ((MLDV2_MASK(value, nbmant) | (1<<(nbmant+nbexp))) << \ 167 ((MLDV2_MASK(value, nbmant) | (1<<(nbmant))) << \
168 (MLDV2_MASK((value) >> (nbmant), nbexp) + (nbexp)))) 168 (MLDV2_MASK((value) >> (nbmant), nbexp) + (nbexp))))
169 169
170#define MLDV2_QQIC(value) MLDV2_EXP(0x80, 4, 3, value) 170#define MLDV2_QQIC(value) MLDV2_EXP(0x80, 4, 3, value)
diff --git a/net/ipv6/proc.c b/net/ipv6/proc.c
index 334a5967831e..50a13e75d70e 100644
--- a/net/ipv6/proc.c
+++ b/net/ipv6/proc.c
@@ -140,9 +140,7 @@ fold_field(void *mib[], int offt)
140 unsigned long res = 0; 140 unsigned long res = 0;
141 int i; 141 int i;
142 142
143 for (i = 0; i < NR_CPUS; i++) { 143 for_each_cpu(i) {
144 if (!cpu_possible(i))
145 continue;
146 res += *(((unsigned long *)per_cpu_ptr(mib[0], i)) + offt); 144 res += *(((unsigned long *)per_cpu_ptr(mib[0], i)) + offt);
147 res += *(((unsigned long *)per_cpu_ptr(mib[1], i)) + offt); 145 res += *(((unsigned long *)per_cpu_ptr(mib[1], i)) + offt);
148 } 146 }
diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
index 678c3f2c0d0b..5ca283537bc6 100644
--- a/net/netlink/af_netlink.c
+++ b/net/netlink/af_netlink.c
@@ -740,11 +740,8 @@ int netlink_attachskb(struct sock *sk, struct sk_buff *skb, int nonblock, long t
740 740
741int netlink_sendskb(struct sock *sk, struct sk_buff *skb, int protocol) 741int netlink_sendskb(struct sock *sk, struct sk_buff *skb, int protocol)
742{ 742{
743 struct netlink_sock *nlk;
744 int len = skb->len; 743 int len = skb->len;
745 744
746 nlk = nlk_sk(sk);
747
748 skb_queue_tail(&sk->sk_receive_queue, skb); 745 skb_queue_tail(&sk->sk_receive_queue, skb);
749 sk->sk_data_ready(sk, len); 746 sk->sk_data_ready(sk, len);
750 sock_put(sk); 747 sock_put(sk);
@@ -827,7 +824,7 @@ struct netlink_broadcast_data {
827 int failure; 824 int failure;
828 int congested; 825 int congested;
829 int delivered; 826 int delivered;
830 unsigned int allocation; 827 gfp_t allocation;
831 struct sk_buff *skb, *skb2; 828 struct sk_buff *skb, *skb2;
832}; 829};
833 830
diff --git a/net/rose/rose_route.c b/net/rose/rose_route.c
index e556d92c0bc4..b18fe5043019 100644
--- a/net/rose/rose_route.c
+++ b/net/rose/rose_route.c
@@ -727,7 +727,7 @@ int rose_rt_ioctl(unsigned int cmd, void __user *arg)
727 } 727 }
728 if (rose_route.mask > 10) /* Mask can't be more than 10 digits */ 728 if (rose_route.mask > 10) /* Mask can't be more than 10 digits */
729 return -EINVAL; 729 return -EINVAL;
730 if (rose_route.ndigis > 8) /* No more than 8 digipeats */ 730 if (rose_route.ndigis > AX25_MAX_DIGIS)
731 return -EINVAL; 731 return -EINVAL;
732 err = rose_add_node(&rose_route, dev); 732 err = rose_add_node(&rose_route, dev);
733 dev_put(dev); 733 dev_put(dev);
diff --git a/net/sctp/proc.c b/net/sctp/proc.c
index b74f7772b576..6e4dc28874d7 100644
--- a/net/sctp/proc.c
+++ b/net/sctp/proc.c
@@ -69,9 +69,7 @@ fold_field(void *mib[], int nr)
69 unsigned long res = 0; 69 unsigned long res = 0;
70 int i; 70 int i;
71 71
72 for (i = 0; i < NR_CPUS; i++) { 72 for_each_cpu(i) {
73 if (!cpu_possible(i))
74 continue;
75 res += 73 res +=
76 *((unsigned long *) (((void *) per_cpu_ptr(mib[0], i)) + 74 *((unsigned long *) (((void *) per_cpu_ptr(mib[0], i)) +
77 sizeof (unsigned long) * nr)); 75 sizeof (unsigned long) * nr));
diff --git a/net/sctp/sm_make_chunk.c b/net/sctp/sm_make_chunk.c
index 10e82ec2ebd3..660c61bdf164 100644
--- a/net/sctp/sm_make_chunk.c
+++ b/net/sctp/sm_make_chunk.c
@@ -554,7 +554,7 @@ struct sctp_chunk *sctp_make_datafrag_empty(struct sctp_association *asoc,
554 dp.ppid = sinfo->sinfo_ppid; 554 dp.ppid = sinfo->sinfo_ppid;
555 555
556 /* Set the flags for an unordered send. */ 556 /* Set the flags for an unordered send. */
557 if (sinfo->sinfo_flags & MSG_UNORDERED) { 557 if (sinfo->sinfo_flags & SCTP_UNORDERED) {
558 flags |= SCTP_DATA_UNORDERED; 558 flags |= SCTP_DATA_UNORDERED;
559 dp.ssn = 0; 559 dp.ssn = 0;
560 } else 560 } else
diff --git a/net/sctp/socket.c b/net/sctp/socket.c
index 02e068d3450d..b529af5e6f2a 100644
--- a/net/sctp/socket.c
+++ b/net/sctp/socket.c
@@ -1010,6 +1010,19 @@ static int __sctp_connect(struct sock* sk,
1010 err = -EAGAIN; 1010 err = -EAGAIN;
1011 goto out_free; 1011 goto out_free;
1012 } 1012 }
1013 } else {
1014 /*
1015 * If an unprivileged user inherits a 1-many
1016 * style socket with open associations on a
1017 * privileged port, it MAY be permitted to
1018 * accept new associations, but it SHOULD NOT
1019 * be permitted to open new associations.
1020 */
1021 if (ep->base.bind_addr.port < PROT_SOCK &&
1022 !capable(CAP_NET_BIND_SERVICE)) {
1023 err = -EACCES;
1024 goto out_free;
1025 }
1013 } 1026 }
1014 1027
1015 scope = sctp_scope(&to); 1028 scope = sctp_scope(&to);
@@ -1389,27 +1402,27 @@ SCTP_STATIC int sctp_sendmsg(struct kiocb *iocb, struct sock *sk,
1389 SCTP_DEBUG_PRINTK("msg_len: %zu, sinfo_flags: 0x%x\n", 1402 SCTP_DEBUG_PRINTK("msg_len: %zu, sinfo_flags: 0x%x\n",
1390 msg_len, sinfo_flags); 1403 msg_len, sinfo_flags);
1391 1404
1392 /* MSG_EOF or MSG_ABORT cannot be set on a TCP-style socket. */ 1405 /* SCTP_EOF or SCTP_ABORT cannot be set on a TCP-style socket. */
1393 if (sctp_style(sk, TCP) && (sinfo_flags & (MSG_EOF | MSG_ABORT))) { 1406 if (sctp_style(sk, TCP) && (sinfo_flags & (SCTP_EOF | SCTP_ABORT))) {
1394 err = -EINVAL; 1407 err = -EINVAL;
1395 goto out_nounlock; 1408 goto out_nounlock;
1396 } 1409 }
1397 1410
1398 /* If MSG_EOF is set, no data can be sent. Disallow sending zero 1411 /* If SCTP_EOF is set, no data can be sent. Disallow sending zero
1399 * length messages when MSG_EOF|MSG_ABORT is not set. 1412 * length messages when SCTP_EOF|SCTP_ABORT is not set.
1400 * If MSG_ABORT is set, the message length could be non zero with 1413 * If SCTP_ABORT is set, the message length could be non zero with
1401 * the msg_iov set to the user abort reason. 1414 * the msg_iov set to the user abort reason.
1402 */ 1415 */
1403 if (((sinfo_flags & MSG_EOF) && (msg_len > 0)) || 1416 if (((sinfo_flags & SCTP_EOF) && (msg_len > 0)) ||
1404 (!(sinfo_flags & (MSG_EOF|MSG_ABORT)) && (msg_len == 0))) { 1417 (!(sinfo_flags & (SCTP_EOF|SCTP_ABORT)) && (msg_len == 0))) {
1405 err = -EINVAL; 1418 err = -EINVAL;
1406 goto out_nounlock; 1419 goto out_nounlock;
1407 } 1420 }
1408 1421
1409 /* If MSG_ADDR_OVER is set, there must be an address 1422 /* If SCTP_ADDR_OVER is set, there must be an address
1410 * specified in msg_name. 1423 * specified in msg_name.
1411 */ 1424 */
1412 if ((sinfo_flags & MSG_ADDR_OVER) && (!msg->msg_name)) { 1425 if ((sinfo_flags & SCTP_ADDR_OVER) && (!msg->msg_name)) {
1413 err = -EINVAL; 1426 err = -EINVAL;
1414 goto out_nounlock; 1427 goto out_nounlock;
1415 } 1428 }
@@ -1458,14 +1471,14 @@ SCTP_STATIC int sctp_sendmsg(struct kiocb *iocb, struct sock *sk,
1458 goto out_unlock; 1471 goto out_unlock;
1459 } 1472 }
1460 1473
1461 if (sinfo_flags & MSG_EOF) { 1474 if (sinfo_flags & SCTP_EOF) {
1462 SCTP_DEBUG_PRINTK("Shutting down association: %p\n", 1475 SCTP_DEBUG_PRINTK("Shutting down association: %p\n",
1463 asoc); 1476 asoc);
1464 sctp_primitive_SHUTDOWN(asoc, NULL); 1477 sctp_primitive_SHUTDOWN(asoc, NULL);
1465 err = 0; 1478 err = 0;
1466 goto out_unlock; 1479 goto out_unlock;
1467 } 1480 }
1468 if (sinfo_flags & MSG_ABORT) { 1481 if (sinfo_flags & SCTP_ABORT) {
1469 SCTP_DEBUG_PRINTK("Aborting association: %p\n", asoc); 1482 SCTP_DEBUG_PRINTK("Aborting association: %p\n", asoc);
1470 sctp_primitive_ABORT(asoc, msg); 1483 sctp_primitive_ABORT(asoc, msg);
1471 err = 0; 1484 err = 0;
@@ -1477,7 +1490,7 @@ SCTP_STATIC int sctp_sendmsg(struct kiocb *iocb, struct sock *sk,
1477 if (!asoc) { 1490 if (!asoc) {
1478 SCTP_DEBUG_PRINTK("There is no association yet.\n"); 1491 SCTP_DEBUG_PRINTK("There is no association yet.\n");
1479 1492
1480 if (sinfo_flags & (MSG_EOF | MSG_ABORT)) { 1493 if (sinfo_flags & (SCTP_EOF | SCTP_ABORT)) {
1481 err = -EINVAL; 1494 err = -EINVAL;
1482 goto out_unlock; 1495 goto out_unlock;
1483 } 1496 }
@@ -1515,6 +1528,19 @@ SCTP_STATIC int sctp_sendmsg(struct kiocb *iocb, struct sock *sk,
1515 err = -EAGAIN; 1528 err = -EAGAIN;
1516 goto out_unlock; 1529 goto out_unlock;
1517 } 1530 }
1531 } else {
1532 /*
1533 * If an unprivileged user inherits a one-to-many
1534 * style socket with open associations on a privileged
1535 * port, it MAY be permitted to accept new associations,
1536 * but it SHOULD NOT be permitted to open new
1537 * associations.
1538 */
1539 if (ep->base.bind_addr.port < PROT_SOCK &&
1540 !capable(CAP_NET_BIND_SERVICE)) {
1541 err = -EACCES;
1542 goto out_unlock;
1543 }
1518 } 1544 }
1519 1545
1520 scope = sctp_scope(&to); 1546 scope = sctp_scope(&to);
@@ -1611,10 +1637,10 @@ SCTP_STATIC int sctp_sendmsg(struct kiocb *iocb, struct sock *sk,
1611 1637
1612 /* If an address is passed with the sendto/sendmsg call, it is used 1638 /* If an address is passed with the sendto/sendmsg call, it is used
1613 * to override the primary destination address in the TCP model, or 1639 * to override the primary destination address in the TCP model, or
1614 * when MSG_ADDR_OVER flag is set in the UDP model. 1640 * when SCTP_ADDR_OVER flag is set in the UDP model.
1615 */ 1641 */
1616 if ((sctp_style(sk, TCP) && msg_name) || 1642 if ((sctp_style(sk, TCP) && msg_name) ||
1617 (sinfo_flags & MSG_ADDR_OVER)) { 1643 (sinfo_flags & SCTP_ADDR_OVER)) {
1618 chunk_tp = sctp_assoc_lookup_paddr(asoc, &to); 1644 chunk_tp = sctp_assoc_lookup_paddr(asoc, &to);
1619 if (!chunk_tp) { 1645 if (!chunk_tp) {
1620 err = -EINVAL; 1646 err = -EINVAL;
@@ -2306,16 +2332,14 @@ static int sctp_setsockopt_maxseg(struct sock *sk, char __user *optval, int optl
2306 return -EINVAL; 2332 return -EINVAL;
2307 if (get_user(val, (int __user *)optval)) 2333 if (get_user(val, (int __user *)optval))
2308 return -EFAULT; 2334 return -EFAULT;
2309 if ((val < 8) || (val > SCTP_MAX_CHUNK_LEN)) 2335 if ((val != 0) && ((val < 8) || (val > SCTP_MAX_CHUNK_LEN)))
2310 return -EINVAL; 2336 return -EINVAL;
2311 sp->user_frag = val; 2337 sp->user_frag = val;
2312 2338
2313 if (val) { 2339 /* Update the frag_point of the existing associations. */
2314 /* Update the frag_point of the existing associations. */ 2340 list_for_each(pos, &(sp->ep->asocs)) {
2315 list_for_each(pos, &(sp->ep->asocs)) { 2341 asoc = list_entry(pos, struct sctp_association, asocs);
2316 asoc = list_entry(pos, struct sctp_association, asocs); 2342 asoc->frag_point = sctp_frag_point(sp, asoc->pmtu);
2317 asoc->frag_point = sctp_frag_point(sp, asoc->pmtu);
2318 }
2319 } 2343 }
2320 2344
2321 return 0; 2345 return 0;
@@ -2384,14 +2408,14 @@ static int sctp_setsockopt_peer_primary_addr(struct sock *sk, char __user *optva
2384static int sctp_setsockopt_adaption_layer(struct sock *sk, char __user *optval, 2408static int sctp_setsockopt_adaption_layer(struct sock *sk, char __user *optval,
2385 int optlen) 2409 int optlen)
2386{ 2410{
2387 __u32 val; 2411 struct sctp_setadaption adaption;
2388 2412
2389 if (optlen < sizeof(__u32)) 2413 if (optlen != sizeof(struct sctp_setadaption))
2390 return -EINVAL; 2414 return -EINVAL;
2391 if (copy_from_user(&val, optval, sizeof(__u32))) 2415 if (copy_from_user(&adaption, optval, optlen))
2392 return -EFAULT; 2416 return -EFAULT;
2393 2417
2394 sctp_sk(sk)->adaption_ind = val; 2418 sctp_sk(sk)->adaption_ind = adaption.ssb_adaption_ind;
2395 2419
2396 return 0; 2420 return 0;
2397} 2421}
@@ -3672,17 +3696,15 @@ static int sctp_getsockopt_primary_addr(struct sock *sk, int len,
3672static int sctp_getsockopt_adaption_layer(struct sock *sk, int len, 3696static int sctp_getsockopt_adaption_layer(struct sock *sk, int len,
3673 char __user *optval, int __user *optlen) 3697 char __user *optval, int __user *optlen)
3674{ 3698{
3675 __u32 val; 3699 struct sctp_setadaption adaption;
3676 3700
3677 if (len < sizeof(__u32)) 3701 if (len != sizeof(struct sctp_setadaption))
3678 return -EINVAL; 3702 return -EINVAL;
3679 3703
3680 len = sizeof(__u32); 3704 adaption.ssb_adaption_ind = sctp_sk(sk)->adaption_ind;
3681 val = sctp_sk(sk)->adaption_ind; 3705 if (copy_to_user(optval, &adaption, len))
3682 if (put_user(len, optlen))
3683 return -EFAULT;
3684 if (copy_to_user(optval, &val, len))
3685 return -EFAULT; 3706 return -EFAULT;
3707
3686 return 0; 3708 return 0;
3687} 3709}
3688 3710
@@ -4640,8 +4662,8 @@ SCTP_STATIC int sctp_msghdr_parse(const struct msghdr *msg,
4640 4662
4641 /* Minimally, validate the sinfo_flags. */ 4663 /* Minimally, validate the sinfo_flags. */
4642 if (cmsgs->info->sinfo_flags & 4664 if (cmsgs->info->sinfo_flags &
4643 ~(MSG_UNORDERED | MSG_ADDR_OVER | 4665 ~(SCTP_UNORDERED | SCTP_ADDR_OVER |
4644 MSG_ABORT | MSG_EOF)) 4666 SCTP_ABORT | SCTP_EOF))
4645 return -EINVAL; 4667 return -EINVAL;
4646 break; 4668 break;
4647 4669
diff --git a/net/sctp/ulpevent.c b/net/sctp/ulpevent.c
index 057e7fac3af0..e049f41faa47 100644
--- a/net/sctp/ulpevent.c
+++ b/net/sctp/ulpevent.c
@@ -698,7 +698,7 @@ struct sctp_ulpevent *sctp_ulpevent_make_rcvmsg(struct sctp_association *asoc,
698 event->ssn = ntohs(chunk->subh.data_hdr->ssn); 698 event->ssn = ntohs(chunk->subh.data_hdr->ssn);
699 event->ppid = chunk->subh.data_hdr->ppid; 699 event->ppid = chunk->subh.data_hdr->ppid;
700 if (chunk->chunk_hdr->flags & SCTP_DATA_UNORDERED) { 700 if (chunk->chunk_hdr->flags & SCTP_DATA_UNORDERED) {
701 event->flags |= MSG_UNORDERED; 701 event->flags |= SCTP_UNORDERED;
702 event->cumtsn = sctp_tsnmap_get_ctsn(&asoc->peer.tsn_map); 702 event->cumtsn = sctp_tsnmap_get_ctsn(&asoc->peer.tsn_map);
703 } 703 }
704 event->tsn = ntohl(chunk->subh.data_hdr->tsn); 704 event->tsn = ntohl(chunk->subh.data_hdr->tsn);
@@ -824,7 +824,7 @@ void sctp_ulpevent_read_sndrcvinfo(const struct sctp_ulpevent *event,
824 * 824 *
825 * recvmsg() flags: 825 * recvmsg() flags:
826 * 826 *
827 * MSG_UNORDERED - This flag is present when the message was sent 827 * SCTP_UNORDERED - This flag is present when the message was sent
828 * non-ordered. 828 * non-ordered.
829 */ 829 */
830 sinfo.sinfo_flags = event->flags; 830 sinfo.sinfo_flags = event->flags;
@@ -839,7 +839,7 @@ void sctp_ulpevent_read_sndrcvinfo(const struct sctp_ulpevent *event,
839 * This field will hold the current cumulative TSN as 839 * This field will hold the current cumulative TSN as
840 * known by the underlying SCTP layer. Note this field is 840 * known by the underlying SCTP layer. Note this field is
841 * ignored when sending and only valid for a receive 841 * ignored when sending and only valid for a receive
842 * operation when sinfo_flags are set to MSG_UNORDERED. 842 * operation when sinfo_flags are set to SCTP_UNORDERED.
843 */ 843 */
844 sinfo.sinfo_cumtsn = event->cumtsn; 844 sinfo.sinfo_cumtsn = event->cumtsn;
845 /* sinfo_assoc_id: sizeof (sctp_assoc_t) 845 /* sinfo_assoc_id: sizeof (sctp_assoc_t)
diff --git a/net/sunrpc/Makefile b/net/sunrpc/Makefile
index 46a2ce00a29b..cdcab9ca4c60 100644
--- a/net/sunrpc/Makefile
+++ b/net/sunrpc/Makefile
@@ -6,7 +6,7 @@
6obj-$(CONFIG_SUNRPC) += sunrpc.o 6obj-$(CONFIG_SUNRPC) += sunrpc.o
7obj-$(CONFIG_SUNRPC_GSS) += auth_gss/ 7obj-$(CONFIG_SUNRPC_GSS) += auth_gss/
8 8
9sunrpc-y := clnt.o xprt.o sched.o \ 9sunrpc-y := clnt.o xprt.o socklib.o xprtsock.o sched.o \
10 auth.o auth_null.o auth_unix.o \ 10 auth.o auth_null.o auth_unix.o \
11 svc.o svcsock.o svcauth.o svcauth_unix.o \ 11 svc.o svcsock.o svcauth.o svcauth_unix.o \
12 pmap_clnt.o timer.o xdr.o \ 12 pmap_clnt.o timer.o xdr.o \
diff --git a/net/sunrpc/auth.c b/net/sunrpc/auth.c
index 505e2d4b3d62..a415d99c394d 100644
--- a/net/sunrpc/auth.c
+++ b/net/sunrpc/auth.c
@@ -11,7 +11,6 @@
11#include <linux/module.h> 11#include <linux/module.h>
12#include <linux/slab.h> 12#include <linux/slab.h>
13#include <linux/errno.h> 13#include <linux/errno.h>
14#include <linux/socket.h>
15#include <linux/sunrpc/clnt.h> 14#include <linux/sunrpc/clnt.h>
16#include <linux/spinlock.h> 15#include <linux/spinlock.h>
17 16
diff --git a/net/sunrpc/auth_gss/Makefile b/net/sunrpc/auth_gss/Makefile
index fe1b874084bc..f3431a7e33da 100644
--- a/net/sunrpc/auth_gss/Makefile
+++ b/net/sunrpc/auth_gss/Makefile
@@ -10,7 +10,7 @@ auth_rpcgss-objs := auth_gss.o gss_generic_token.o \
10obj-$(CONFIG_RPCSEC_GSS_KRB5) += rpcsec_gss_krb5.o 10obj-$(CONFIG_RPCSEC_GSS_KRB5) += rpcsec_gss_krb5.o
11 11
12rpcsec_gss_krb5-objs := gss_krb5_mech.o gss_krb5_seal.o gss_krb5_unseal.o \ 12rpcsec_gss_krb5-objs := gss_krb5_mech.o gss_krb5_seal.o gss_krb5_unseal.o \
13 gss_krb5_seqnum.o 13 gss_krb5_seqnum.o gss_krb5_wrap.o
14 14
15obj-$(CONFIG_RPCSEC_GSS_SPKM3) += rpcsec_gss_spkm3.o 15obj-$(CONFIG_RPCSEC_GSS_SPKM3) += rpcsec_gss_spkm3.o
16 16
diff --git a/net/sunrpc/auth_gss/auth_gss.c b/net/sunrpc/auth_gss/auth_gss.c
index 2f7b867161d2..f44f46f1d8e0 100644
--- a/net/sunrpc/auth_gss/auth_gss.c
+++ b/net/sunrpc/auth_gss/auth_gss.c
@@ -42,9 +42,8 @@
42#include <linux/init.h> 42#include <linux/init.h>
43#include <linux/types.h> 43#include <linux/types.h>
44#include <linux/slab.h> 44#include <linux/slab.h>
45#include <linux/socket.h>
46#include <linux/in.h>
47#include <linux/sched.h> 45#include <linux/sched.h>
46#include <linux/pagemap.h>
48#include <linux/sunrpc/clnt.h> 47#include <linux/sunrpc/clnt.h>
49#include <linux/sunrpc/auth.h> 48#include <linux/sunrpc/auth.h>
50#include <linux/sunrpc/auth_gss.h> 49#include <linux/sunrpc/auth_gss.h>
@@ -846,10 +845,8 @@ gss_marshal(struct rpc_task *task, u32 *p)
846 845
847 /* We compute the checksum for the verifier over the xdr-encoded bytes 846 /* We compute the checksum for the verifier over the xdr-encoded bytes
848 * starting with the xid and ending at the end of the credential: */ 847 * starting with the xid and ending at the end of the credential: */
849 iov.iov_base = req->rq_snd_buf.head[0].iov_base; 848 iov.iov_base = xprt_skip_transport_header(task->tk_xprt,
850 if (task->tk_client->cl_xprt->stream) 849 req->rq_snd_buf.head[0].iov_base);
851 /* See clnt.c:call_header() */
852 iov.iov_base += 4;
853 iov.iov_len = (u8 *)p - (u8 *)iov.iov_base; 850 iov.iov_len = (u8 *)p - (u8 *)iov.iov_base;
854 xdr_buf_from_iov(&iov, &verf_buf); 851 xdr_buf_from_iov(&iov, &verf_buf);
855 852
@@ -857,9 +854,7 @@ gss_marshal(struct rpc_task *task, u32 *p)
857 *p++ = htonl(RPC_AUTH_GSS); 854 *p++ = htonl(RPC_AUTH_GSS);
858 855
859 mic.data = (u8 *)(p + 1); 856 mic.data = (u8 *)(p + 1);
860 maj_stat = gss_get_mic(ctx->gc_gss_ctx, 857 maj_stat = gss_get_mic(ctx->gc_gss_ctx, &verf_buf, &mic);
861 GSS_C_QOP_DEFAULT,
862 &verf_buf, &mic);
863 if (maj_stat == GSS_S_CONTEXT_EXPIRED) { 858 if (maj_stat == GSS_S_CONTEXT_EXPIRED) {
864 cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE; 859 cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE;
865 } else if (maj_stat != 0) { 860 } else if (maj_stat != 0) {
@@ -890,10 +885,8 @@ static u32 *
890gss_validate(struct rpc_task *task, u32 *p) 885gss_validate(struct rpc_task *task, u32 *p)
891{ 886{
892 struct rpc_cred *cred = task->tk_msg.rpc_cred; 887 struct rpc_cred *cred = task->tk_msg.rpc_cred;
893 struct gss_cred *gss_cred = container_of(cred, struct gss_cred,
894 gc_base);
895 struct gss_cl_ctx *ctx = gss_cred_get_ctx(cred); 888 struct gss_cl_ctx *ctx = gss_cred_get_ctx(cred);
896 u32 seq, qop_state; 889 u32 seq;
897 struct kvec iov; 890 struct kvec iov;
898 struct xdr_buf verf_buf; 891 struct xdr_buf verf_buf;
899 struct xdr_netobj mic; 892 struct xdr_netobj mic;
@@ -914,23 +907,14 @@ gss_validate(struct rpc_task *task, u32 *p)
914 mic.data = (u8 *)p; 907 mic.data = (u8 *)p;
915 mic.len = len; 908 mic.len = len;
916 909
917 maj_stat = gss_verify_mic(ctx->gc_gss_ctx, &verf_buf, &mic, &qop_state); 910 maj_stat = gss_verify_mic(ctx->gc_gss_ctx, &verf_buf, &mic);
918 if (maj_stat == GSS_S_CONTEXT_EXPIRED) 911 if (maj_stat == GSS_S_CONTEXT_EXPIRED)
919 cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE; 912 cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE;
920 if (maj_stat) 913 if (maj_stat)
921 goto out_bad; 914 goto out_bad;
922 switch (gss_cred->gc_service) { 915 /* We leave it to unwrap to calculate au_rslack. For now we just
923 case RPC_GSS_SVC_NONE: 916 * calculate the length of the verifier: */
924 /* verifier data, flavor, length: */ 917 task->tk_auth->au_verfsize = XDR_QUADLEN(len) + 2;
925 task->tk_auth->au_rslack = XDR_QUADLEN(len) + 2;
926 break;
927 case RPC_GSS_SVC_INTEGRITY:
928 /* verifier data, flavor, length, length, sequence number: */
929 task->tk_auth->au_rslack = XDR_QUADLEN(len) + 4;
930 break;
931 case RPC_GSS_SVC_PRIVACY:
932 goto out_bad;
933 }
934 gss_put_ctx(ctx); 918 gss_put_ctx(ctx);
935 dprintk("RPC: %4u GSS gss_validate: gss_verify_mic succeeded.\n", 919 dprintk("RPC: %4u GSS gss_validate: gss_verify_mic succeeded.\n",
936 task->tk_pid); 920 task->tk_pid);
@@ -975,8 +959,7 @@ gss_wrap_req_integ(struct rpc_cred *cred, struct gss_cl_ctx *ctx,
975 p = iov->iov_base + iov->iov_len; 959 p = iov->iov_base + iov->iov_len;
976 mic.data = (u8 *)(p + 1); 960 mic.data = (u8 *)(p + 1);
977 961
978 maj_stat = gss_get_mic(ctx->gc_gss_ctx, 962 maj_stat = gss_get_mic(ctx->gc_gss_ctx, &integ_buf, &mic);
979 GSS_C_QOP_DEFAULT, &integ_buf, &mic);
980 status = -EIO; /* XXX? */ 963 status = -EIO; /* XXX? */
981 if (maj_stat == GSS_S_CONTEXT_EXPIRED) 964 if (maj_stat == GSS_S_CONTEXT_EXPIRED)
982 cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE; 965 cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE;
@@ -990,6 +973,113 @@ gss_wrap_req_integ(struct rpc_cred *cred, struct gss_cl_ctx *ctx,
990 return 0; 973 return 0;
991} 974}
992 975
976static void
977priv_release_snd_buf(struct rpc_rqst *rqstp)
978{
979 int i;
980
981 for (i=0; i < rqstp->rq_enc_pages_num; i++)
982 __free_page(rqstp->rq_enc_pages[i]);
983 kfree(rqstp->rq_enc_pages);
984}
985
986static int
987alloc_enc_pages(struct rpc_rqst *rqstp)
988{
989 struct xdr_buf *snd_buf = &rqstp->rq_snd_buf;
990 int first, last, i;
991
992 if (snd_buf->page_len == 0) {
993 rqstp->rq_enc_pages_num = 0;
994 return 0;
995 }
996
997 first = snd_buf->page_base >> PAGE_CACHE_SHIFT;
998 last = (snd_buf->page_base + snd_buf->page_len - 1) >> PAGE_CACHE_SHIFT;
999 rqstp->rq_enc_pages_num = last - first + 1 + 1;
1000 rqstp->rq_enc_pages
1001 = kmalloc(rqstp->rq_enc_pages_num * sizeof(struct page *),
1002 GFP_NOFS);
1003 if (!rqstp->rq_enc_pages)
1004 goto out;
1005 for (i=0; i < rqstp->rq_enc_pages_num; i++) {
1006 rqstp->rq_enc_pages[i] = alloc_page(GFP_NOFS);
1007 if (rqstp->rq_enc_pages[i] == NULL)
1008 goto out_free;
1009 }
1010 rqstp->rq_release_snd_buf = priv_release_snd_buf;
1011 return 0;
1012out_free:
1013 for (i--; i >= 0; i--) {
1014 __free_page(rqstp->rq_enc_pages[i]);
1015 }
1016out:
1017 return -EAGAIN;
1018}
1019
1020static inline int
1021gss_wrap_req_priv(struct rpc_cred *cred, struct gss_cl_ctx *ctx,
1022 kxdrproc_t encode, struct rpc_rqst *rqstp, u32 *p, void *obj)
1023{
1024 struct xdr_buf *snd_buf = &rqstp->rq_snd_buf;
1025 u32 offset;
1026 u32 maj_stat;
1027 int status;
1028 u32 *opaque_len;
1029 struct page **inpages;
1030 int first;
1031 int pad;
1032 struct kvec *iov;
1033 char *tmp;
1034
1035 opaque_len = p++;
1036 offset = (u8 *)p - (u8 *)snd_buf->head[0].iov_base;
1037 *p++ = htonl(rqstp->rq_seqno);
1038
1039 status = encode(rqstp, p, obj);
1040 if (status)
1041 return status;
1042
1043 status = alloc_enc_pages(rqstp);
1044 if (status)
1045 return status;
1046 first = snd_buf->page_base >> PAGE_CACHE_SHIFT;
1047 inpages = snd_buf->pages + first;
1048 snd_buf->pages = rqstp->rq_enc_pages;
1049 snd_buf->page_base -= first << PAGE_CACHE_SHIFT;
1050 /* Give the tail its own page, in case we need extra space in the
1051 * head when wrapping: */
1052 if (snd_buf->page_len || snd_buf->tail[0].iov_len) {
1053 tmp = page_address(rqstp->rq_enc_pages[rqstp->rq_enc_pages_num - 1]);
1054 memcpy(tmp, snd_buf->tail[0].iov_base, snd_buf->tail[0].iov_len);
1055 snd_buf->tail[0].iov_base = tmp;
1056 }
1057 maj_stat = gss_wrap(ctx->gc_gss_ctx, offset, snd_buf, inpages);
1058 /* RPC_SLACK_SPACE should prevent this ever happening: */
1059 BUG_ON(snd_buf->len > snd_buf->buflen);
1060 status = -EIO;
1061 /* We're assuming that when GSS_S_CONTEXT_EXPIRED, the encryption was
1062 * done anyway, so it's safe to put the request on the wire: */
1063 if (maj_stat == GSS_S_CONTEXT_EXPIRED)
1064 cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE;
1065 else if (maj_stat)
1066 return status;
1067
1068 *opaque_len = htonl(snd_buf->len - offset);
1069 /* guess whether we're in the head or the tail: */
1070 if (snd_buf->page_len || snd_buf->tail[0].iov_len)
1071 iov = snd_buf->tail;
1072 else
1073 iov = snd_buf->head;
1074 p = iov->iov_base + iov->iov_len;
1075 pad = 3 - ((snd_buf->len - offset - 1) & 3);
1076 memset(p, 0, pad);
1077 iov->iov_len += pad;
1078 snd_buf->len += pad;
1079
1080 return 0;
1081}
1082
993static int 1083static int
994gss_wrap_req(struct rpc_task *task, 1084gss_wrap_req(struct rpc_task *task,
995 kxdrproc_t encode, void *rqstp, u32 *p, void *obj) 1085 kxdrproc_t encode, void *rqstp, u32 *p, void *obj)
@@ -1017,6 +1107,8 @@ gss_wrap_req(struct rpc_task *task,
1017 rqstp, p, obj); 1107 rqstp, p, obj);
1018 break; 1108 break;
1019 case RPC_GSS_SVC_PRIVACY: 1109 case RPC_GSS_SVC_PRIVACY:
1110 status = gss_wrap_req_priv(cred, ctx, encode,
1111 rqstp, p, obj);
1020 break; 1112 break;
1021 } 1113 }
1022out: 1114out:
@@ -1054,8 +1146,7 @@ gss_unwrap_resp_integ(struct rpc_cred *cred, struct gss_cl_ctx *ctx,
1054 if (xdr_buf_read_netobj(rcv_buf, &mic, mic_offset)) 1146 if (xdr_buf_read_netobj(rcv_buf, &mic, mic_offset))
1055 return status; 1147 return status;
1056 1148
1057 maj_stat = gss_verify_mic(ctx->gc_gss_ctx, &integ_buf, 1149 maj_stat = gss_verify_mic(ctx->gc_gss_ctx, &integ_buf, &mic);
1058 &mic, NULL);
1059 if (maj_stat == GSS_S_CONTEXT_EXPIRED) 1150 if (maj_stat == GSS_S_CONTEXT_EXPIRED)
1060 cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE; 1151 cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE;
1061 if (maj_stat != GSS_S_COMPLETE) 1152 if (maj_stat != GSS_S_COMPLETE)
@@ -1063,6 +1154,35 @@ gss_unwrap_resp_integ(struct rpc_cred *cred, struct gss_cl_ctx *ctx,
1063 return 0; 1154 return 0;
1064} 1155}
1065 1156
1157static inline int
1158gss_unwrap_resp_priv(struct rpc_cred *cred, struct gss_cl_ctx *ctx,
1159 struct rpc_rqst *rqstp, u32 **p)
1160{
1161 struct xdr_buf *rcv_buf = &rqstp->rq_rcv_buf;
1162 u32 offset;
1163 u32 opaque_len;
1164 u32 maj_stat;
1165 int status = -EIO;
1166
1167 opaque_len = ntohl(*(*p)++);
1168 offset = (u8 *)(*p) - (u8 *)rcv_buf->head[0].iov_base;
1169 if (offset + opaque_len > rcv_buf->len)
1170 return status;
1171 /* remove padding: */
1172 rcv_buf->len = offset + opaque_len;
1173
1174 maj_stat = gss_unwrap(ctx->gc_gss_ctx, offset, rcv_buf);
1175 if (maj_stat == GSS_S_CONTEXT_EXPIRED)
1176 cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE;
1177 if (maj_stat != GSS_S_COMPLETE)
1178 return status;
1179 if (ntohl(*(*p)++) != rqstp->rq_seqno)
1180 return status;
1181
1182 return 0;
1183}
1184
1185
1066static int 1186static int
1067gss_unwrap_resp(struct rpc_task *task, 1187gss_unwrap_resp(struct rpc_task *task,
1068 kxdrproc_t decode, void *rqstp, u32 *p, void *obj) 1188 kxdrproc_t decode, void *rqstp, u32 *p, void *obj)
@@ -1071,6 +1191,9 @@ gss_unwrap_resp(struct rpc_task *task,
1071 struct gss_cred *gss_cred = container_of(cred, struct gss_cred, 1191 struct gss_cred *gss_cred = container_of(cred, struct gss_cred,
1072 gc_base); 1192 gc_base);
1073 struct gss_cl_ctx *ctx = gss_cred_get_ctx(cred); 1193 struct gss_cl_ctx *ctx = gss_cred_get_ctx(cred);
1194 u32 *savedp = p;
1195 struct kvec *head = ((struct rpc_rqst *)rqstp)->rq_rcv_buf.head;
1196 int savedlen = head->iov_len;
1074 int status = -EIO; 1197 int status = -EIO;
1075 1198
1076 if (ctx->gc_proc != RPC_GSS_PROC_DATA) 1199 if (ctx->gc_proc != RPC_GSS_PROC_DATA)
@@ -1084,8 +1207,14 @@ gss_unwrap_resp(struct rpc_task *task,
1084 goto out; 1207 goto out;
1085 break; 1208 break;
1086 case RPC_GSS_SVC_PRIVACY: 1209 case RPC_GSS_SVC_PRIVACY:
1210 status = gss_unwrap_resp_priv(cred, ctx, rqstp, &p);
1211 if (status)
1212 goto out;
1087 break; 1213 break;
1088 } 1214 }
1215 /* take into account extra slack for integrity and privacy cases: */
1216 task->tk_auth->au_rslack = task->tk_auth->au_verfsize + (p - savedp)
1217 + (savedlen - head->iov_len);
1089out_decode: 1218out_decode:
1090 status = decode(rqstp, p, obj); 1219 status = decode(rqstp, p, obj);
1091out: 1220out:
diff --git a/net/sunrpc/auth_gss/gss_krb5_crypto.c b/net/sunrpc/auth_gss/gss_krb5_crypto.c
index ee6ae74cd1b2..97c981fa6b8e 100644
--- a/net/sunrpc/auth_gss/gss_krb5_crypto.c
+++ b/net/sunrpc/auth_gss/gss_krb5_crypto.c
@@ -37,7 +37,7 @@
37#include <linux/types.h> 37#include <linux/types.h>
38#include <linux/mm.h> 38#include <linux/mm.h>
39#include <linux/slab.h> 39#include <linux/slab.h>
40#include <asm/scatterlist.h> 40#include <linux/scatterlist.h>
41#include <linux/crypto.h> 41#include <linux/crypto.h>
42#include <linux/highmem.h> 42#include <linux/highmem.h>
43#include <linux/pagemap.h> 43#include <linux/pagemap.h>
@@ -75,9 +75,7 @@ krb5_encrypt(
75 memcpy(local_iv, iv, crypto_tfm_alg_ivsize(tfm)); 75 memcpy(local_iv, iv, crypto_tfm_alg_ivsize(tfm));
76 76
77 memcpy(out, in, length); 77 memcpy(out, in, length);
78 sg[0].page = virt_to_page(out); 78 sg_set_buf(sg, out, length);
79 sg[0].offset = offset_in_page(out);
80 sg[0].length = length;
81 79
82 ret = crypto_cipher_encrypt_iv(tfm, sg, sg, length, local_iv); 80 ret = crypto_cipher_encrypt_iv(tfm, sg, sg, length, local_iv);
83 81
@@ -117,9 +115,7 @@ krb5_decrypt(
117 memcpy(local_iv,iv, crypto_tfm_alg_ivsize(tfm)); 115 memcpy(local_iv,iv, crypto_tfm_alg_ivsize(tfm));
118 116
119 memcpy(out, in, length); 117 memcpy(out, in, length);
120 sg[0].page = virt_to_page(out); 118 sg_set_buf(sg, out, length);
121 sg[0].offset = offset_in_page(out);
122 sg[0].length = length;
123 119
124 ret = crypto_cipher_decrypt_iv(tfm, sg, sg, length, local_iv); 120 ret = crypto_cipher_decrypt_iv(tfm, sg, sg, length, local_iv);
125 121
@@ -132,24 +128,91 @@ out:
132 128
133EXPORT_SYMBOL(krb5_decrypt); 129EXPORT_SYMBOL(krb5_decrypt);
134 130
135static void 131static int
136buf_to_sg(struct scatterlist *sg, char *ptr, int len) { 132process_xdr_buf(struct xdr_buf *buf, int offset, int len,
137 sg->page = virt_to_page(ptr); 133 int (*actor)(struct scatterlist *, void *), void *data)
138 sg->offset = offset_in_page(ptr); 134{
139 sg->length = len; 135 int i, page_len, thislen, page_offset, ret = 0;
136 struct scatterlist sg[1];
137
138 if (offset >= buf->head[0].iov_len) {
139 offset -= buf->head[0].iov_len;
140 } else {
141 thislen = buf->head[0].iov_len - offset;
142 if (thislen > len)
143 thislen = len;
144 sg_set_buf(sg, buf->head[0].iov_base + offset, thislen);
145 ret = actor(sg, data);
146 if (ret)
147 goto out;
148 offset = 0;
149 len -= thislen;
150 }
151 if (len == 0)
152 goto out;
153
154 if (offset >= buf->page_len) {
155 offset -= buf->page_len;
156 } else {
157 page_len = buf->page_len - offset;
158 if (page_len > len)
159 page_len = len;
160 len -= page_len;
161 page_offset = (offset + buf->page_base) & (PAGE_CACHE_SIZE - 1);
162 i = (offset + buf->page_base) >> PAGE_CACHE_SHIFT;
163 thislen = PAGE_CACHE_SIZE - page_offset;
164 do {
165 if (thislen > page_len)
166 thislen = page_len;
167 sg->page = buf->pages[i];
168 sg->offset = page_offset;
169 sg->length = thislen;
170 ret = actor(sg, data);
171 if (ret)
172 goto out;
173 page_len -= thislen;
174 i++;
175 page_offset = 0;
176 thislen = PAGE_CACHE_SIZE;
177 } while (page_len != 0);
178 offset = 0;
179 }
180 if (len == 0)
181 goto out;
182
183 if (offset < buf->tail[0].iov_len) {
184 thislen = buf->tail[0].iov_len - offset;
185 if (thislen > len)
186 thislen = len;
187 sg_set_buf(sg, buf->tail[0].iov_base + offset, thislen);
188 ret = actor(sg, data);
189 len -= thislen;
190 }
191 if (len != 0)
192 ret = -EINVAL;
193out:
194 return ret;
195}
196
197static int
198checksummer(struct scatterlist *sg, void *data)
199{
200 struct crypto_tfm *tfm = (struct crypto_tfm *)data;
201
202 crypto_digest_update(tfm, sg, 1);
203
204 return 0;
140} 205}
141 206
142/* checksum the plaintext data and hdrlen bytes of the token header */ 207/* checksum the plaintext data and hdrlen bytes of the token header */
143s32 208s32
144make_checksum(s32 cksumtype, char *header, int hdrlen, struct xdr_buf *body, 209make_checksum(s32 cksumtype, char *header, int hdrlen, struct xdr_buf *body,
145 struct xdr_netobj *cksum) 210 int body_offset, struct xdr_netobj *cksum)
146{ 211{
147 char *cksumname; 212 char *cksumname;
148 struct crypto_tfm *tfm = NULL; /* XXX add to ctx? */ 213 struct crypto_tfm *tfm = NULL; /* XXX add to ctx? */
149 struct scatterlist sg[1]; 214 struct scatterlist sg[1];
150 u32 code = GSS_S_FAILURE; 215 u32 code = GSS_S_FAILURE;
151 int len, thislen, offset;
152 int i;
153 216
154 switch (cksumtype) { 217 switch (cksumtype) {
155 case CKSUMTYPE_RSA_MD5: 218 case CKSUMTYPE_RSA_MD5:
@@ -167,35 +230,10 @@ make_checksum(s32 cksumtype, char *header, int hdrlen, struct xdr_buf *body,
167 goto out; 230 goto out;
168 231
169 crypto_digest_init(tfm); 232 crypto_digest_init(tfm);
170 buf_to_sg(sg, header, hdrlen); 233 sg_set_buf(sg, header, hdrlen);
171 crypto_digest_update(tfm, sg, 1); 234 crypto_digest_update(tfm, sg, 1);
172 if (body->head[0].iov_len) { 235 process_xdr_buf(body, body_offset, body->len - body_offset,
173 buf_to_sg(sg, body->head[0].iov_base, body->head[0].iov_len); 236 checksummer, tfm);
174 crypto_digest_update(tfm, sg, 1);
175 }
176
177 len = body->page_len;
178 if (len != 0) {
179 offset = body->page_base & (PAGE_CACHE_SIZE - 1);
180 i = body->page_base >> PAGE_CACHE_SHIFT;
181 thislen = PAGE_CACHE_SIZE - offset;
182 do {
183 if (thislen > len)
184 thislen = len;
185 sg->page = body->pages[i];
186 sg->offset = offset;
187 sg->length = thislen;
188 crypto_digest_update(tfm, sg, 1);
189 len -= thislen;
190 i++;
191 offset = 0;
192 thislen = PAGE_CACHE_SIZE;
193 } while(len != 0);
194 }
195 if (body->tail[0].iov_len) {
196 buf_to_sg(sg, body->tail[0].iov_base, body->tail[0].iov_len);
197 crypto_digest_update(tfm, sg, 1);
198 }
199 crypto_digest_final(tfm, cksum->data); 237 crypto_digest_final(tfm, cksum->data);
200 code = 0; 238 code = 0;
201out: 239out:
@@ -204,3 +242,154 @@ out:
204} 242}
205 243
206EXPORT_SYMBOL(make_checksum); 244EXPORT_SYMBOL(make_checksum);
245
246struct encryptor_desc {
247 u8 iv[8]; /* XXX hard-coded blocksize */
248 struct crypto_tfm *tfm;
249 int pos;
250 struct xdr_buf *outbuf;
251 struct page **pages;
252 struct scatterlist infrags[4];
253 struct scatterlist outfrags[4];
254 int fragno;
255 int fraglen;
256};
257
258static int
259encryptor(struct scatterlist *sg, void *data)
260{
261 struct encryptor_desc *desc = data;
262 struct xdr_buf *outbuf = desc->outbuf;
263 struct page *in_page;
264 int thislen = desc->fraglen + sg->length;
265 int fraglen, ret;
266 int page_pos;
267
268 /* Worst case is 4 fragments: head, end of page 1, start
269 * of page 2, tail. Anything more is a bug. */
270 BUG_ON(desc->fragno > 3);
271 desc->infrags[desc->fragno] = *sg;
272 desc->outfrags[desc->fragno] = *sg;
273
274 page_pos = desc->pos - outbuf->head[0].iov_len;
275 if (page_pos >= 0 && page_pos < outbuf->page_len) {
276 /* pages are not in place: */
277 int i = (page_pos + outbuf->page_base) >> PAGE_CACHE_SHIFT;
278 in_page = desc->pages[i];
279 } else {
280 in_page = sg->page;
281 }
282 desc->infrags[desc->fragno].page = in_page;
283 desc->fragno++;
284 desc->fraglen += sg->length;
285 desc->pos += sg->length;
286
287 fraglen = thislen & 7; /* XXX hardcoded blocksize */
288 thislen -= fraglen;
289
290 if (thislen == 0)
291 return 0;
292
293 ret = crypto_cipher_encrypt_iv(desc->tfm, desc->outfrags, desc->infrags,
294 thislen, desc->iv);
295 if (ret)
296 return ret;
297 if (fraglen) {
298 desc->outfrags[0].page = sg->page;
299 desc->outfrags[0].offset = sg->offset + sg->length - fraglen;
300 desc->outfrags[0].length = fraglen;
301 desc->infrags[0] = desc->outfrags[0];
302 desc->infrags[0].page = in_page;
303 desc->fragno = 1;
304 desc->fraglen = fraglen;
305 } else {
306 desc->fragno = 0;
307 desc->fraglen = 0;
308 }
309 return 0;
310}
311
312int
313gss_encrypt_xdr_buf(struct crypto_tfm *tfm, struct xdr_buf *buf, int offset,
314 struct page **pages)
315{
316 int ret;
317 struct encryptor_desc desc;
318
319 BUG_ON((buf->len - offset) % crypto_tfm_alg_blocksize(tfm) != 0);
320
321 memset(desc.iv, 0, sizeof(desc.iv));
322 desc.tfm = tfm;
323 desc.pos = offset;
324 desc.outbuf = buf;
325 desc.pages = pages;
326 desc.fragno = 0;
327 desc.fraglen = 0;
328
329 ret = process_xdr_buf(buf, offset, buf->len - offset, encryptor, &desc);
330 return ret;
331}
332
333EXPORT_SYMBOL(gss_encrypt_xdr_buf);
334
335struct decryptor_desc {
336 u8 iv[8]; /* XXX hard-coded blocksize */
337 struct crypto_tfm *tfm;
338 struct scatterlist frags[4];
339 int fragno;
340 int fraglen;
341};
342
343static int
344decryptor(struct scatterlist *sg, void *data)
345{
346 struct decryptor_desc *desc = data;
347 int thislen = desc->fraglen + sg->length;
348 int fraglen, ret;
349
350 /* Worst case is 4 fragments: head, end of page 1, start
351 * of page 2, tail. Anything more is a bug. */
352 BUG_ON(desc->fragno > 3);
353 desc->frags[desc->fragno] = *sg;
354 desc->fragno++;
355 desc->fraglen += sg->length;
356
357 fraglen = thislen & 7; /* XXX hardcoded blocksize */
358 thislen -= fraglen;
359
360 if (thislen == 0)
361 return 0;
362
363 ret = crypto_cipher_decrypt_iv(desc->tfm, desc->frags, desc->frags,
364 thislen, desc->iv);
365 if (ret)
366 return ret;
367 if (fraglen) {
368 desc->frags[0].page = sg->page;
369 desc->frags[0].offset = sg->offset + sg->length - fraglen;
370 desc->frags[0].length = fraglen;
371 desc->fragno = 1;
372 desc->fraglen = fraglen;
373 } else {
374 desc->fragno = 0;
375 desc->fraglen = 0;
376 }
377 return 0;
378}
379
380int
381gss_decrypt_xdr_buf(struct crypto_tfm *tfm, struct xdr_buf *buf, int offset)
382{
383 struct decryptor_desc desc;
384
385 /* XXXJBF: */
386 BUG_ON((buf->len - offset) % crypto_tfm_alg_blocksize(tfm) != 0);
387
388 memset(desc.iv, 0, sizeof(desc.iv));
389 desc.tfm = tfm;
390 desc.fragno = 0;
391 desc.fraglen = 0;
392 return process_xdr_buf(buf, offset, buf->len - offset, decryptor, &desc);
393}
394
395EXPORT_SYMBOL(gss_decrypt_xdr_buf);
diff --git a/net/sunrpc/auth_gss/gss_krb5_mech.c b/net/sunrpc/auth_gss/gss_krb5_mech.c
index 606a8a82cafb..5f1f806a0b11 100644
--- a/net/sunrpc/auth_gss/gss_krb5_mech.c
+++ b/net/sunrpc/auth_gss/gss_krb5_mech.c
@@ -39,7 +39,6 @@
39#include <linux/types.h> 39#include <linux/types.h>
40#include <linux/slab.h> 40#include <linux/slab.h>
41#include <linux/sunrpc/auth.h> 41#include <linux/sunrpc/auth.h>
42#include <linux/in.h>
43#include <linux/sunrpc/gss_krb5.h> 42#include <linux/sunrpc/gss_krb5.h>
44#include <linux/sunrpc/xdr.h> 43#include <linux/sunrpc/xdr.h>
45#include <linux/crypto.h> 44#include <linux/crypto.h>
@@ -191,43 +190,12 @@ gss_delete_sec_context_kerberos(void *internal_ctx) {
191 kfree(kctx); 190 kfree(kctx);
192} 191}
193 192
194static u32
195gss_verify_mic_kerberos(struct gss_ctx *ctx,
196 struct xdr_buf *message,
197 struct xdr_netobj *mic_token,
198 u32 *qstate) {
199 u32 maj_stat = 0;
200 int qop_state;
201 struct krb5_ctx *kctx = ctx->internal_ctx_id;
202
203 maj_stat = krb5_read_token(kctx, mic_token, message, &qop_state,
204 KG_TOK_MIC_MSG);
205 if (!maj_stat && qop_state)
206 *qstate = qop_state;
207
208 dprintk("RPC: gss_verify_mic_kerberos returning %d\n", maj_stat);
209 return maj_stat;
210}
211
212static u32
213gss_get_mic_kerberos(struct gss_ctx *ctx,
214 u32 qop,
215 struct xdr_buf *message,
216 struct xdr_netobj *mic_token) {
217 u32 err = 0;
218 struct krb5_ctx *kctx = ctx->internal_ctx_id;
219
220 err = krb5_make_token(kctx, qop, message, mic_token, KG_TOK_MIC_MSG);
221
222 dprintk("RPC: gss_get_mic_kerberos returning %d\n",err);
223
224 return err;
225}
226
227static struct gss_api_ops gss_kerberos_ops = { 193static struct gss_api_ops gss_kerberos_ops = {
228 .gss_import_sec_context = gss_import_sec_context_kerberos, 194 .gss_import_sec_context = gss_import_sec_context_kerberos,
229 .gss_get_mic = gss_get_mic_kerberos, 195 .gss_get_mic = gss_get_mic_kerberos,
230 .gss_verify_mic = gss_verify_mic_kerberos, 196 .gss_verify_mic = gss_verify_mic_kerberos,
197 .gss_wrap = gss_wrap_kerberos,
198 .gss_unwrap = gss_unwrap_kerberos,
231 .gss_delete_sec_context = gss_delete_sec_context_kerberos, 199 .gss_delete_sec_context = gss_delete_sec_context_kerberos,
232}; 200};
233 201
@@ -242,6 +210,11 @@ static struct pf_desc gss_kerberos_pfs[] = {
242 .service = RPC_GSS_SVC_INTEGRITY, 210 .service = RPC_GSS_SVC_INTEGRITY,
243 .name = "krb5i", 211 .name = "krb5i",
244 }, 212 },
213 [2] = {
214 .pseudoflavor = RPC_AUTH_GSS_KRB5P,
215 .service = RPC_GSS_SVC_PRIVACY,
216 .name = "krb5p",
217 },
245}; 218};
246 219
247static struct gss_api_mech gss_kerberos_mech = { 220static struct gss_api_mech gss_kerberos_mech = {
diff --git a/net/sunrpc/auth_gss/gss_krb5_seal.c b/net/sunrpc/auth_gss/gss_krb5_seal.c
index afeeb8715a77..13f8ae979454 100644
--- a/net/sunrpc/auth_gss/gss_krb5_seal.c
+++ b/net/sunrpc/auth_gss/gss_krb5_seal.c
@@ -70,22 +70,13 @@
70# define RPCDBG_FACILITY RPCDBG_AUTH 70# define RPCDBG_FACILITY RPCDBG_AUTH
71#endif 71#endif
72 72
73static inline int
74gss_krb5_padding(int blocksize, int length) {
75 /* Most of the code is block-size independent but in practice we
76 * use only 8: */
77 BUG_ON(blocksize != 8);
78 return 8 - (length & 7);
79}
80
81u32 73u32
82krb5_make_token(struct krb5_ctx *ctx, int qop_req, 74gss_get_mic_kerberos(struct gss_ctx *gss_ctx, struct xdr_buf *text,
83 struct xdr_buf *text, struct xdr_netobj *token, 75 struct xdr_netobj *token)
84 int toktype)
85{ 76{
77 struct krb5_ctx *ctx = gss_ctx->internal_ctx_id;
86 s32 checksum_type; 78 s32 checksum_type;
87 struct xdr_netobj md5cksum = {.len = 0, .data = NULL}; 79 struct xdr_netobj md5cksum = {.len = 0, .data = NULL};
88 int blocksize = 0, tmsglen;
89 unsigned char *ptr, *krb5_hdr, *msg_start; 80 unsigned char *ptr, *krb5_hdr, *msg_start;
90 s32 now; 81 s32 now;
91 82
@@ -93,9 +84,6 @@ krb5_make_token(struct krb5_ctx *ctx, int qop_req,
93 84
94 now = get_seconds(); 85 now = get_seconds();
95 86
96 if (qop_req != 0)
97 goto out_err;
98
99 switch (ctx->signalg) { 87 switch (ctx->signalg) {
100 case SGN_ALG_DES_MAC_MD5: 88 case SGN_ALG_DES_MAC_MD5:
101 checksum_type = CKSUMTYPE_RSA_MD5; 89 checksum_type = CKSUMTYPE_RSA_MD5;
@@ -111,21 +99,13 @@ krb5_make_token(struct krb5_ctx *ctx, int qop_req,
111 goto out_err; 99 goto out_err;
112 } 100 }
113 101
114 if (toktype == KG_TOK_WRAP_MSG) { 102 token->len = g_token_size(&ctx->mech_used, 22);
115 blocksize = crypto_tfm_alg_blocksize(ctx->enc);
116 tmsglen = blocksize + text->len
117 + gss_krb5_padding(blocksize, blocksize + text->len);
118 } else {
119 tmsglen = 0;
120 }
121
122 token->len = g_token_size(&ctx->mech_used, 22 + tmsglen);
123 103
124 ptr = token->data; 104 ptr = token->data;
125 g_make_token_header(&ctx->mech_used, 22 + tmsglen, &ptr); 105 g_make_token_header(&ctx->mech_used, 22, &ptr);
126 106
127 *ptr++ = (unsigned char) ((toktype>>8)&0xff); 107 *ptr++ = (unsigned char) ((KG_TOK_MIC_MSG>>8)&0xff);
128 *ptr++ = (unsigned char) (toktype&0xff); 108 *ptr++ = (unsigned char) (KG_TOK_MIC_MSG&0xff);
129 109
130 /* ptr now at byte 2 of header described in rfc 1964, section 1.2.1: */ 110 /* ptr now at byte 2 of header described in rfc 1964, section 1.2.1: */
131 krb5_hdr = ptr - 2; 111 krb5_hdr = ptr - 2;
@@ -133,17 +113,9 @@ krb5_make_token(struct krb5_ctx *ctx, int qop_req,
133 113
134 *(u16 *)(krb5_hdr + 2) = htons(ctx->signalg); 114 *(u16 *)(krb5_hdr + 2) = htons(ctx->signalg);
135 memset(krb5_hdr + 4, 0xff, 4); 115 memset(krb5_hdr + 4, 0xff, 4);
136 if (toktype == KG_TOK_WRAP_MSG)
137 *(u16 *)(krb5_hdr + 4) = htons(ctx->sealalg);
138 116
139 if (toktype == KG_TOK_WRAP_MSG) { 117 if (make_checksum(checksum_type, krb5_hdr, 8, text, 0, &md5cksum))
140 /* XXX removing support for now */
141 goto out_err;
142 } else { /* Sign only. */
143 if (make_checksum(checksum_type, krb5_hdr, 8, text,
144 &md5cksum))
145 goto out_err; 118 goto out_err;
146 }
147 119
148 switch (ctx->signalg) { 120 switch (ctx->signalg) {
149 case SGN_ALG_DES_MAC_MD5: 121 case SGN_ALG_DES_MAC_MD5:
diff --git a/net/sunrpc/auth_gss/gss_krb5_unseal.c b/net/sunrpc/auth_gss/gss_krb5_unseal.c
index 8767fc53183d..2030475d98ed 100644
--- a/net/sunrpc/auth_gss/gss_krb5_unseal.c
+++ b/net/sunrpc/auth_gss/gss_krb5_unseal.c
@@ -68,21 +68,14 @@
68#endif 68#endif
69 69
70 70
71/* message_buffer is an input if toktype is MIC and an output if it is WRAP: 71/* read_token is a mic token, and message_buffer is the data that the mic was
72 * If toktype is MIC: read_token is a mic token, and message_buffer is the 72 * supposedly taken over. */
73 * data that the mic was supposedly taken over.
74 * If toktype is WRAP: read_token is a wrap token, and message_buffer is used
75 * to return the decrypted data.
76 */
77 73
78/* XXX will need to change prototype and/or just split into a separate function
79 * when we add privacy (because read_token will be in pages too). */
80u32 74u32
81krb5_read_token(struct krb5_ctx *ctx, 75gss_verify_mic_kerberos(struct gss_ctx *gss_ctx,
82 struct xdr_netobj *read_token, 76 struct xdr_buf *message_buffer, struct xdr_netobj *read_token)
83 struct xdr_buf *message_buffer,
84 int *qop_state, int toktype)
85{ 77{
78 struct krb5_ctx *ctx = gss_ctx->internal_ctx_id;
86 int signalg; 79 int signalg;
87 int sealalg; 80 int sealalg;
88 s32 checksum_type; 81 s32 checksum_type;
@@ -100,16 +93,12 @@ krb5_read_token(struct krb5_ctx *ctx,
100 read_token->len)) 93 read_token->len))
101 goto out; 94 goto out;
102 95
103 if ((*ptr++ != ((toktype>>8)&0xff)) || (*ptr++ != (toktype&0xff))) 96 if ((*ptr++ != ((KG_TOK_MIC_MSG>>8)&0xff)) ||
97 (*ptr++ != ( KG_TOK_MIC_MSG &0xff)) )
104 goto out; 98 goto out;
105 99
106 /* XXX sanity-check bodysize?? */ 100 /* XXX sanity-check bodysize?? */
107 101
108 if (toktype == KG_TOK_WRAP_MSG) {
109 /* XXX gone */
110 goto out;
111 }
112
113 /* get the sign and seal algorithms */ 102 /* get the sign and seal algorithms */
114 103
115 signalg = ptr[0] + (ptr[1] << 8); 104 signalg = ptr[0] + (ptr[1] << 8);
@@ -120,14 +109,7 @@ krb5_read_token(struct krb5_ctx *ctx,
120 if ((ptr[4] != 0xff) || (ptr[5] != 0xff)) 109 if ((ptr[4] != 0xff) || (ptr[5] != 0xff))
121 goto out; 110 goto out;
122 111
123 if (((toktype != KG_TOK_WRAP_MSG) && (sealalg != 0xffff)) || 112 if (sealalg != 0xffff)
124 ((toktype == KG_TOK_WRAP_MSG) && (sealalg == 0xffff)))
125 goto out;
126
127 /* in the current spec, there is only one valid seal algorithm per
128 key type, so a simple comparison is ok */
129
130 if ((toktype == KG_TOK_WRAP_MSG) && !(sealalg == ctx->sealalg))
131 goto out; 113 goto out;
132 114
133 /* there are several mappings of seal algorithms to sign algorithms, 115 /* there are several mappings of seal algorithms to sign algorithms,
@@ -154,7 +136,7 @@ krb5_read_token(struct krb5_ctx *ctx,
154 switch (signalg) { 136 switch (signalg) {
155 case SGN_ALG_DES_MAC_MD5: 137 case SGN_ALG_DES_MAC_MD5:
156 ret = make_checksum(checksum_type, ptr - 2, 8, 138 ret = make_checksum(checksum_type, ptr - 2, 8,
157 message_buffer, &md5cksum); 139 message_buffer, 0, &md5cksum);
158 if (ret) 140 if (ret)
159 goto out; 141 goto out;
160 142
@@ -175,9 +157,6 @@ krb5_read_token(struct krb5_ctx *ctx,
175 157
176 /* it got through unscathed. Make sure the context is unexpired */ 158 /* it got through unscathed. Make sure the context is unexpired */
177 159
178 if (qop_state)
179 *qop_state = GSS_C_QOP_DEFAULT;
180
181 now = get_seconds(); 160 now = get_seconds();
182 161
183 ret = GSS_S_CONTEXT_EXPIRED; 162 ret = GSS_S_CONTEXT_EXPIRED;
diff --git a/net/sunrpc/auth_gss/gss_krb5_wrap.c b/net/sunrpc/auth_gss/gss_krb5_wrap.c
new file mode 100644
index 000000000000..af777cf9f251
--- /dev/null
+++ b/net/sunrpc/auth_gss/gss_krb5_wrap.c
@@ -0,0 +1,363 @@
1#include <linux/types.h>
2#include <linux/slab.h>
3#include <linux/jiffies.h>
4#include <linux/sunrpc/gss_krb5.h>
5#include <linux/random.h>
6#include <linux/pagemap.h>
7#include <asm/scatterlist.h>
8#include <linux/crypto.h>
9
10#ifdef RPC_DEBUG
11# define RPCDBG_FACILITY RPCDBG_AUTH
12#endif
13
14static inline int
15gss_krb5_padding(int blocksize, int length)
16{
17 /* Most of the code is block-size independent but currently we
18 * use only 8: */
19 BUG_ON(blocksize != 8);
20 return 8 - (length & 7);
21}
22
23static inline void
24gss_krb5_add_padding(struct xdr_buf *buf, int offset, int blocksize)
25{
26 int padding = gss_krb5_padding(blocksize, buf->len - offset);
27 char *p;
28 struct kvec *iov;
29
30 if (buf->page_len || buf->tail[0].iov_len)
31 iov = &buf->tail[0];
32 else
33 iov = &buf->head[0];
34 p = iov->iov_base + iov->iov_len;
35 iov->iov_len += padding;
36 buf->len += padding;
37 memset(p, padding, padding);
38}
39
40static inline int
41gss_krb5_remove_padding(struct xdr_buf *buf, int blocksize)
42{
43 u8 *ptr;
44 u8 pad;
45 int len = buf->len;
46
47 if (len <= buf->head[0].iov_len) {
48 pad = *(u8 *)(buf->head[0].iov_base + len - 1);
49 if (pad > buf->head[0].iov_len)
50 return -EINVAL;
51 buf->head[0].iov_len -= pad;
52 goto out;
53 } else
54 len -= buf->head[0].iov_len;
55 if (len <= buf->page_len) {
56 int last = (buf->page_base + len - 1)
57 >>PAGE_CACHE_SHIFT;
58 int offset = (buf->page_base + len - 1)
59 & (PAGE_CACHE_SIZE - 1);
60 ptr = kmap_atomic(buf->pages[last], KM_SKB_SUNRPC_DATA);
61 pad = *(ptr + offset);
62 kunmap_atomic(ptr, KM_SKB_SUNRPC_DATA);
63 goto out;
64 } else
65 len -= buf->page_len;
66 BUG_ON(len > buf->tail[0].iov_len);
67 pad = *(u8 *)(buf->tail[0].iov_base + len - 1);
68out:
69 /* XXX: NOTE: we do not adjust the page lengths--they represent
70 * a range of data in the real filesystem page cache, and we need
71 * to know that range so the xdr code can properly place read data.
72 * However adjusting the head length, as we do above, is harmless.
73 * In the case of a request that fits into a single page, the server
74 * also uses length and head length together to determine the original
75 * start of the request to copy the request for deferal; so it's
76 * easier on the server if we adjust head and tail length in tandem.
77 * It's not really a problem that we don't fool with the page and
78 * tail lengths, though--at worst badly formed xdr might lead the
79 * server to attempt to parse the padding.
80 * XXX: Document all these weird requirements for gss mechanism
81 * wrap/unwrap functions. */
82 if (pad > blocksize)
83 return -EINVAL;
84 if (buf->len > pad)
85 buf->len -= pad;
86 else
87 return -EINVAL;
88 return 0;
89}
90
91static inline void
92make_confounder(char *p, int blocksize)
93{
94 static u64 i = 0;
95 u64 *q = (u64 *)p;
96
97 /* rfc1964 claims this should be "random". But all that's really
98 * necessary is that it be unique. And not even that is necessary in
99 * our case since our "gssapi" implementation exists only to support
100 * rpcsec_gss, so we know that the only buffers we will ever encrypt
101 * already begin with a unique sequence number. Just to hedge my bets
102 * I'll make a half-hearted attempt at something unique, but ensuring
103 * uniqueness would mean worrying about atomicity and rollover, and I
104 * don't care enough. */
105
106 BUG_ON(blocksize != 8);
107 *q = i++;
108}
109
110/* Assumptions: the head and tail of inbuf are ours to play with.
111 * The pages, however, may be real pages in the page cache and we replace
112 * them with scratch pages from **pages before writing to them. */
113/* XXX: obviously the above should be documentation of wrap interface,
114 * and shouldn't be in this kerberos-specific file. */
115
116/* XXX factor out common code with seal/unseal. */
117
118u32
119gss_wrap_kerberos(struct gss_ctx *ctx, int offset,
120 struct xdr_buf *buf, struct page **pages)
121{
122 struct krb5_ctx *kctx = ctx->internal_ctx_id;
123 s32 checksum_type;
124 struct xdr_netobj md5cksum = {.len = 0, .data = NULL};
125 int blocksize = 0, plainlen;
126 unsigned char *ptr, *krb5_hdr, *msg_start;
127 s32 now;
128 int headlen;
129 struct page **tmp_pages;
130
131 dprintk("RPC: gss_wrap_kerberos\n");
132
133 now = get_seconds();
134
135 switch (kctx->signalg) {
136 case SGN_ALG_DES_MAC_MD5:
137 checksum_type = CKSUMTYPE_RSA_MD5;
138 break;
139 default:
140 dprintk("RPC: gss_krb5_seal: kctx->signalg %d not"
141 " supported\n", kctx->signalg);
142 goto out_err;
143 }
144 if (kctx->sealalg != SEAL_ALG_NONE && kctx->sealalg != SEAL_ALG_DES) {
145 dprintk("RPC: gss_krb5_seal: kctx->sealalg %d not supported\n",
146 kctx->sealalg);
147 goto out_err;
148 }
149
150 blocksize = crypto_tfm_alg_blocksize(kctx->enc);
151 gss_krb5_add_padding(buf, offset, blocksize);
152 BUG_ON((buf->len - offset) % blocksize);
153 plainlen = blocksize + buf->len - offset;
154
155 headlen = g_token_size(&kctx->mech_used, 22 + plainlen) -
156 (buf->len - offset);
157
158 ptr = buf->head[0].iov_base + offset;
159 /* shift data to make room for header. */
160 /* XXX Would be cleverer to encrypt while copying. */
161 /* XXX bounds checking, slack, etc. */
162 memmove(ptr + headlen, ptr, buf->head[0].iov_len - offset);
163 buf->head[0].iov_len += headlen;
164 buf->len += headlen;
165 BUG_ON((buf->len - offset - headlen) % blocksize);
166
167 g_make_token_header(&kctx->mech_used, 22 + plainlen, &ptr);
168
169
170 *ptr++ = (unsigned char) ((KG_TOK_WRAP_MSG>>8)&0xff);
171 *ptr++ = (unsigned char) (KG_TOK_WRAP_MSG&0xff);
172
173 /* ptr now at byte 2 of header described in rfc 1964, section 1.2.1: */
174 krb5_hdr = ptr - 2;
175 msg_start = krb5_hdr + 24;
176 /* XXXJBF: */ BUG_ON(buf->head[0].iov_base + offset + headlen != msg_start + blocksize);
177
178 *(u16 *)(krb5_hdr + 2) = htons(kctx->signalg);
179 memset(krb5_hdr + 4, 0xff, 4);
180 *(u16 *)(krb5_hdr + 4) = htons(kctx->sealalg);
181
182 make_confounder(msg_start, blocksize);
183
184 /* XXXJBF: UGH!: */
185 tmp_pages = buf->pages;
186 buf->pages = pages;
187 if (make_checksum(checksum_type, krb5_hdr, 8, buf,
188 offset + headlen - blocksize, &md5cksum))
189 goto out_err;
190 buf->pages = tmp_pages;
191
192 switch (kctx->signalg) {
193 case SGN_ALG_DES_MAC_MD5:
194 if (krb5_encrypt(kctx->seq, NULL, md5cksum.data,
195 md5cksum.data, md5cksum.len))
196 goto out_err;
197 memcpy(krb5_hdr + 16,
198 md5cksum.data + md5cksum.len - KRB5_CKSUM_LENGTH,
199 KRB5_CKSUM_LENGTH);
200
201 dprintk("RPC: make_seal_token: cksum data: \n");
202 print_hexl((u32 *) (krb5_hdr + 16), KRB5_CKSUM_LENGTH, 0);
203 break;
204 default:
205 BUG();
206 }
207
208 kfree(md5cksum.data);
209
210 /* XXX would probably be more efficient to compute checksum
211 * and encrypt at the same time: */
212 if ((krb5_make_seq_num(kctx->seq, kctx->initiate ? 0 : 0xff,
213 kctx->seq_send, krb5_hdr + 16, krb5_hdr + 8)))
214 goto out_err;
215
216 if (gss_encrypt_xdr_buf(kctx->enc, buf, offset + headlen - blocksize,
217 pages))
218 goto out_err;
219
220 kctx->seq_send++;
221
222 return ((kctx->endtime < now) ? GSS_S_CONTEXT_EXPIRED : GSS_S_COMPLETE);
223out_err:
224 if (md5cksum.data) kfree(md5cksum.data);
225 return GSS_S_FAILURE;
226}
227
228u32
229gss_unwrap_kerberos(struct gss_ctx *ctx, int offset, struct xdr_buf *buf)
230{
231 struct krb5_ctx *kctx = ctx->internal_ctx_id;
232 int signalg;
233 int sealalg;
234 s32 checksum_type;
235 struct xdr_netobj md5cksum = {.len = 0, .data = NULL};
236 s32 now;
237 int direction;
238 s32 seqnum;
239 unsigned char *ptr;
240 int bodysize;
241 u32 ret = GSS_S_DEFECTIVE_TOKEN;
242 void *data_start, *orig_start;
243 int data_len;
244 int blocksize;
245
246 dprintk("RPC: gss_unwrap_kerberos\n");
247
248 ptr = (u8 *)buf->head[0].iov_base + offset;
249 if (g_verify_token_header(&kctx->mech_used, &bodysize, &ptr,
250 buf->len - offset))
251 goto out;
252
253 if ((*ptr++ != ((KG_TOK_WRAP_MSG>>8)&0xff)) ||
254 (*ptr++ != (KG_TOK_WRAP_MSG &0xff)) )
255 goto out;
256
257 /* XXX sanity-check bodysize?? */
258
259 /* get the sign and seal algorithms */
260
261 signalg = ptr[0] + (ptr[1] << 8);
262 sealalg = ptr[2] + (ptr[3] << 8);
263
264 /* Sanity checks */
265
266 if ((ptr[4] != 0xff) || (ptr[5] != 0xff))
267 goto out;
268
269 if (sealalg == 0xffff)
270 goto out;
271
272 /* in the current spec, there is only one valid seal algorithm per
273 key type, so a simple comparison is ok */
274
275 if (sealalg != kctx->sealalg)
276 goto out;
277
278 /* there are several mappings of seal algorithms to sign algorithms,
279 but few enough that we can try them all. */
280
281 if ((kctx->sealalg == SEAL_ALG_NONE && signalg > 1) ||
282 (kctx->sealalg == SEAL_ALG_1 && signalg != SGN_ALG_3) ||
283 (kctx->sealalg == SEAL_ALG_DES3KD &&
284 signalg != SGN_ALG_HMAC_SHA1_DES3_KD))
285 goto out;
286
287 if (gss_decrypt_xdr_buf(kctx->enc, buf,
288 ptr + 22 - (unsigned char *)buf->head[0].iov_base))
289 goto out;
290
291 /* compute the checksum of the message */
292
293 /* initialize the the cksum */
294 switch (signalg) {
295 case SGN_ALG_DES_MAC_MD5:
296 checksum_type = CKSUMTYPE_RSA_MD5;
297 break;
298 default:
299 ret = GSS_S_DEFECTIVE_TOKEN;
300 goto out;
301 }
302
303 switch (signalg) {
304 case SGN_ALG_DES_MAC_MD5:
305 ret = make_checksum(checksum_type, ptr - 2, 8, buf,
306 ptr + 22 - (unsigned char *)buf->head[0].iov_base, &md5cksum);
307 if (ret)
308 goto out;
309
310 ret = krb5_encrypt(kctx->seq, NULL, md5cksum.data,
311 md5cksum.data, md5cksum.len);
312 if (ret)
313 goto out;
314
315 if (memcmp(md5cksum.data + 8, ptr + 14, 8)) {
316 ret = GSS_S_BAD_SIG;
317 goto out;
318 }
319 break;
320 default:
321 ret = GSS_S_DEFECTIVE_TOKEN;
322 goto out;
323 }
324
325 /* it got through unscathed. Make sure the context is unexpired */
326
327 now = get_seconds();
328
329 ret = GSS_S_CONTEXT_EXPIRED;
330 if (now > kctx->endtime)
331 goto out;
332
333 /* do sequencing checks */
334
335 ret = GSS_S_BAD_SIG;
336 if ((ret = krb5_get_seq_num(kctx->seq, ptr + 14, ptr + 6, &direction,
337 &seqnum)))
338 goto out;
339
340 if ((kctx->initiate && direction != 0xff) ||
341 (!kctx->initiate && direction != 0))
342 goto out;
343
344 /* Copy the data back to the right position. XXX: Would probably be
345 * better to copy and encrypt at the same time. */
346
347 blocksize = crypto_tfm_alg_blocksize(kctx->enc);
348 data_start = ptr + 22 + blocksize;
349 orig_start = buf->head[0].iov_base + offset;
350 data_len = (buf->head[0].iov_base + buf->head[0].iov_len) - data_start;
351 memmove(orig_start, data_start, data_len);
352 buf->head[0].iov_len -= (data_start - orig_start);
353 buf->len -= (data_start - orig_start);
354
355 ret = GSS_S_DEFECTIVE_TOKEN;
356 if (gss_krb5_remove_padding(buf, blocksize))
357 goto out;
358
359 ret = GSS_S_COMPLETE;
360out:
361 if (md5cksum.data) kfree(md5cksum.data);
362 return ret;
363}
diff --git a/net/sunrpc/auth_gss/gss_mech_switch.c b/net/sunrpc/auth_gss/gss_mech_switch.c
index 9dfb68377d69..b048bf672da2 100644
--- a/net/sunrpc/auth_gss/gss_mech_switch.c
+++ b/net/sunrpc/auth_gss/gss_mech_switch.c
@@ -35,7 +35,6 @@
35 35
36#include <linux/types.h> 36#include <linux/types.h>
37#include <linux/slab.h> 37#include <linux/slab.h>
38#include <linux/socket.h>
39#include <linux/module.h> 38#include <linux/module.h>
40#include <linux/sunrpc/msg_prot.h> 39#include <linux/sunrpc/msg_prot.h>
41#include <linux/sunrpc/gss_asn1.h> 40#include <linux/sunrpc/gss_asn1.h>
@@ -251,13 +250,11 @@ gss_import_sec_context(const void *input_token, size_t bufsize,
251 250
252u32 251u32
253gss_get_mic(struct gss_ctx *context_handle, 252gss_get_mic(struct gss_ctx *context_handle,
254 u32 qop,
255 struct xdr_buf *message, 253 struct xdr_buf *message,
256 struct xdr_netobj *mic_token) 254 struct xdr_netobj *mic_token)
257{ 255{
258 return context_handle->mech_type->gm_ops 256 return context_handle->mech_type->gm_ops
259 ->gss_get_mic(context_handle, 257 ->gss_get_mic(context_handle,
260 qop,
261 message, 258 message,
262 mic_token); 259 mic_token);
263} 260}
@@ -267,16 +264,34 @@ gss_get_mic(struct gss_ctx *context_handle,
267u32 264u32
268gss_verify_mic(struct gss_ctx *context_handle, 265gss_verify_mic(struct gss_ctx *context_handle,
269 struct xdr_buf *message, 266 struct xdr_buf *message,
270 struct xdr_netobj *mic_token, 267 struct xdr_netobj *mic_token)
271 u32 *qstate)
272{ 268{
273 return context_handle->mech_type->gm_ops 269 return context_handle->mech_type->gm_ops
274 ->gss_verify_mic(context_handle, 270 ->gss_verify_mic(context_handle,
275 message, 271 message,
276 mic_token, 272 mic_token);
277 qstate);
278} 273}
279 274
275u32
276gss_wrap(struct gss_ctx *ctx_id,
277 int offset,
278 struct xdr_buf *buf,
279 struct page **inpages)
280{
281 return ctx_id->mech_type->gm_ops
282 ->gss_wrap(ctx_id, offset, buf, inpages);
283}
284
285u32
286gss_unwrap(struct gss_ctx *ctx_id,
287 int offset,
288 struct xdr_buf *buf)
289{
290 return ctx_id->mech_type->gm_ops
291 ->gss_unwrap(ctx_id, offset, buf);
292}
293
294
280/* gss_delete_sec_context: free all resources associated with context_handle. 295/* gss_delete_sec_context: free all resources associated with context_handle.
281 * Note this differs from the RFC 2744-specified prototype in that we don't 296 * Note this differs from the RFC 2744-specified prototype in that we don't
282 * bother returning an output token, since it would never be used anyway. */ 297 * bother returning an output token, since it would never be used anyway. */
diff --git a/net/sunrpc/auth_gss/gss_spkm3_mech.c b/net/sunrpc/auth_gss/gss_spkm3_mech.c
index 6c97d61baa9b..39b3edc14694 100644
--- a/net/sunrpc/auth_gss/gss_spkm3_mech.c
+++ b/net/sunrpc/auth_gss/gss_spkm3_mech.c
@@ -224,18 +224,13 @@ gss_delete_sec_context_spkm3(void *internal_ctx) {
224static u32 224static u32
225gss_verify_mic_spkm3(struct gss_ctx *ctx, 225gss_verify_mic_spkm3(struct gss_ctx *ctx,
226 struct xdr_buf *signbuf, 226 struct xdr_buf *signbuf,
227 struct xdr_netobj *checksum, 227 struct xdr_netobj *checksum)
228 u32 *qstate) { 228{
229 u32 maj_stat = 0; 229 u32 maj_stat = 0;
230 int qop_state = 0;
231 struct spkm3_ctx *sctx = ctx->internal_ctx_id; 230 struct spkm3_ctx *sctx = ctx->internal_ctx_id;
232 231
233 dprintk("RPC: gss_verify_mic_spkm3 calling spkm3_read_token\n"); 232 dprintk("RPC: gss_verify_mic_spkm3 calling spkm3_read_token\n");
234 maj_stat = spkm3_read_token(sctx, checksum, signbuf, &qop_state, 233 maj_stat = spkm3_read_token(sctx, checksum, signbuf, SPKM_MIC_TOK);
235 SPKM_MIC_TOK);
236
237 if (!maj_stat && qop_state)
238 *qstate = qop_state;
239 234
240 dprintk("RPC: gss_verify_mic_spkm3 returning %d\n", maj_stat); 235 dprintk("RPC: gss_verify_mic_spkm3 returning %d\n", maj_stat);
241 return maj_stat; 236 return maj_stat;
@@ -243,15 +238,15 @@ gss_verify_mic_spkm3(struct gss_ctx *ctx,
243 238
244static u32 239static u32
245gss_get_mic_spkm3(struct gss_ctx *ctx, 240gss_get_mic_spkm3(struct gss_ctx *ctx,
246 u32 qop,
247 struct xdr_buf *message_buffer, 241 struct xdr_buf *message_buffer,
248 struct xdr_netobj *message_token) { 242 struct xdr_netobj *message_token)
243{
249 u32 err = 0; 244 u32 err = 0;
250 struct spkm3_ctx *sctx = ctx->internal_ctx_id; 245 struct spkm3_ctx *sctx = ctx->internal_ctx_id;
251 246
252 dprintk("RPC: gss_get_mic_spkm3\n"); 247 dprintk("RPC: gss_get_mic_spkm3\n");
253 248
254 err = spkm3_make_token(sctx, qop, message_buffer, 249 err = spkm3_make_token(sctx, message_buffer,
255 message_token, SPKM_MIC_TOK); 250 message_token, SPKM_MIC_TOK);
256 return err; 251 return err;
257} 252}
@@ -264,8 +259,8 @@ static struct gss_api_ops gss_spkm3_ops = {
264}; 259};
265 260
266static struct pf_desc gss_spkm3_pfs[] = { 261static struct pf_desc gss_spkm3_pfs[] = {
267 {RPC_AUTH_GSS_SPKM, 0, RPC_GSS_SVC_NONE, "spkm3"}, 262 {RPC_AUTH_GSS_SPKM, RPC_GSS_SVC_NONE, "spkm3"},
268 {RPC_AUTH_GSS_SPKMI, 0, RPC_GSS_SVC_INTEGRITY, "spkm3i"}, 263 {RPC_AUTH_GSS_SPKMI, RPC_GSS_SVC_INTEGRITY, "spkm3i"},
269}; 264};
270 265
271static struct gss_api_mech gss_spkm3_mech = { 266static struct gss_api_mech gss_spkm3_mech = {
diff --git a/net/sunrpc/auth_gss/gss_spkm3_seal.c b/net/sunrpc/auth_gss/gss_spkm3_seal.c
index 25339868d462..148201e929d0 100644
--- a/net/sunrpc/auth_gss/gss_spkm3_seal.c
+++ b/net/sunrpc/auth_gss/gss_spkm3_seal.c
@@ -51,7 +51,7 @@
51 */ 51 */
52 52
53u32 53u32
54spkm3_make_token(struct spkm3_ctx *ctx, int qop_req, 54spkm3_make_token(struct spkm3_ctx *ctx,
55 struct xdr_buf * text, struct xdr_netobj * token, 55 struct xdr_buf * text, struct xdr_netobj * token,
56 int toktype) 56 int toktype)
57{ 57{
@@ -68,8 +68,6 @@ spkm3_make_token(struct spkm3_ctx *ctx, int qop_req,
68 dprintk("RPC: spkm3_make_token\n"); 68 dprintk("RPC: spkm3_make_token\n");
69 69
70 now = jiffies; 70 now = jiffies;
71 if (qop_req != 0)
72 goto out_err;
73 71
74 if (ctx->ctx_id.len != 16) { 72 if (ctx->ctx_id.len != 16) {
75 dprintk("RPC: spkm3_make_token BAD ctx_id.len %d\n", 73 dprintk("RPC: spkm3_make_token BAD ctx_id.len %d\n",
diff --git a/net/sunrpc/auth_gss/gss_spkm3_unseal.c b/net/sunrpc/auth_gss/gss_spkm3_unseal.c
index 65ce81bf0bc4..c3c0d9586103 100644
--- a/net/sunrpc/auth_gss/gss_spkm3_unseal.c
+++ b/net/sunrpc/auth_gss/gss_spkm3_unseal.c
@@ -52,7 +52,7 @@ u32
52spkm3_read_token(struct spkm3_ctx *ctx, 52spkm3_read_token(struct spkm3_ctx *ctx,
53 struct xdr_netobj *read_token, /* checksum */ 53 struct xdr_netobj *read_token, /* checksum */
54 struct xdr_buf *message_buffer, /* signbuf */ 54 struct xdr_buf *message_buffer, /* signbuf */
55 int *qop_state, int toktype) 55 int toktype)
56{ 56{
57 s32 code; 57 s32 code;
58 struct xdr_netobj wire_cksum = {.len =0, .data = NULL}; 58 struct xdr_netobj wire_cksum = {.len =0, .data = NULL};
diff --git a/net/sunrpc/auth_gss/svcauth_gss.c b/net/sunrpc/auth_gss/svcauth_gss.c
index e3308195374e..e4ada15ed856 100644
--- a/net/sunrpc/auth_gss/svcauth_gss.c
+++ b/net/sunrpc/auth_gss/svcauth_gss.c
@@ -566,8 +566,7 @@ gss_verify_header(struct svc_rqst *rqstp, struct rsc *rsci,
566 566
567 if (rqstp->rq_deferred) /* skip verification of revisited request */ 567 if (rqstp->rq_deferred) /* skip verification of revisited request */
568 return SVC_OK; 568 return SVC_OK;
569 if (gss_verify_mic(ctx_id, &rpchdr, &checksum, NULL) 569 if (gss_verify_mic(ctx_id, &rpchdr, &checksum) != GSS_S_COMPLETE) {
570 != GSS_S_COMPLETE) {
571 *authp = rpcsec_gsserr_credproblem; 570 *authp = rpcsec_gsserr_credproblem;
572 return SVC_DENIED; 571 return SVC_DENIED;
573 } 572 }
@@ -604,7 +603,7 @@ gss_write_verf(struct svc_rqst *rqstp, struct gss_ctx *ctx_id, u32 seq)
604 xdr_buf_from_iov(&iov, &verf_data); 603 xdr_buf_from_iov(&iov, &verf_data);
605 p = rqstp->rq_res.head->iov_base + rqstp->rq_res.head->iov_len; 604 p = rqstp->rq_res.head->iov_base + rqstp->rq_res.head->iov_len;
606 mic.data = (u8 *)(p + 1); 605 mic.data = (u8 *)(p + 1);
607 maj_stat = gss_get_mic(ctx_id, 0, &verf_data, &mic); 606 maj_stat = gss_get_mic(ctx_id, &verf_data, &mic);
608 if (maj_stat != GSS_S_COMPLETE) 607 if (maj_stat != GSS_S_COMPLETE)
609 return -1; 608 return -1;
610 *p++ = htonl(mic.len); 609 *p++ = htonl(mic.len);
@@ -710,7 +709,7 @@ unwrap_integ_data(struct xdr_buf *buf, u32 seq, struct gss_ctx *ctx)
710 goto out; 709 goto out;
711 if (read_bytes_from_xdr_buf(buf, integ_len + 4, mic.data, mic.len)) 710 if (read_bytes_from_xdr_buf(buf, integ_len + 4, mic.data, mic.len))
712 goto out; 711 goto out;
713 maj_stat = gss_verify_mic(ctx, &integ_buf, &mic, NULL); 712 maj_stat = gss_verify_mic(ctx, &integ_buf, &mic);
714 if (maj_stat != GSS_S_COMPLETE) 713 if (maj_stat != GSS_S_COMPLETE)
715 goto out; 714 goto out;
716 if (ntohl(svc_getu32(&buf->head[0])) != seq) 715 if (ntohl(svc_getu32(&buf->head[0])) != seq)
@@ -1012,7 +1011,7 @@ svcauth_gss_release(struct svc_rqst *rqstp)
1012 resv = &resbuf->tail[0]; 1011 resv = &resbuf->tail[0];
1013 } 1012 }
1014 mic.data = (u8 *)resv->iov_base + resv->iov_len + 4; 1013 mic.data = (u8 *)resv->iov_base + resv->iov_len + 4;
1015 if (gss_get_mic(gsd->rsci->mechctx, 0, &integ_buf, &mic)) 1014 if (gss_get_mic(gsd->rsci->mechctx, &integ_buf, &mic))
1016 goto out_err; 1015 goto out_err;
1017 svc_putu32(resv, htonl(mic.len)); 1016 svc_putu32(resv, htonl(mic.len));
1018 memset(mic.data + mic.len, 0, 1017 memset(mic.data + mic.len, 0,
diff --git a/net/sunrpc/auth_null.c b/net/sunrpc/auth_null.c
index 9b72d3abf823..f56767aaa927 100644
--- a/net/sunrpc/auth_null.c
+++ b/net/sunrpc/auth_null.c
@@ -7,9 +7,7 @@
7 */ 7 */
8 8
9#include <linux/types.h> 9#include <linux/types.h>
10#include <linux/socket.h>
11#include <linux/module.h> 10#include <linux/module.h>
12#include <linux/in.h>
13#include <linux/utsname.h> 11#include <linux/utsname.h>
14#include <linux/sunrpc/clnt.h> 12#include <linux/sunrpc/clnt.h>
15#include <linux/sched.h> 13#include <linux/sched.h>
diff --git a/net/sunrpc/auth_unix.c b/net/sunrpc/auth_unix.c
index 4ff297a9b15b..890fb5ea0dcb 100644
--- a/net/sunrpc/auth_unix.c
+++ b/net/sunrpc/auth_unix.c
@@ -9,8 +9,6 @@
9#include <linux/types.h> 9#include <linux/types.h>
10#include <linux/sched.h> 10#include <linux/sched.h>
11#include <linux/module.h> 11#include <linux/module.h>
12#include <linux/socket.h>
13#include <linux/in.h>
14#include <linux/sunrpc/clnt.h> 12#include <linux/sunrpc/clnt.h>
15#include <linux/sunrpc/auth.h> 13#include <linux/sunrpc/auth.h>
16 14
diff --git a/net/sunrpc/clnt.c b/net/sunrpc/clnt.c
index f17e6153b688..702ede309b06 100644
--- a/net/sunrpc/clnt.c
+++ b/net/sunrpc/clnt.c
@@ -1,5 +1,5 @@
1/* 1/*
2 * linux/net/sunrpc/rpcclnt.c 2 * linux/net/sunrpc/clnt.c
3 * 3 *
4 * This file contains the high-level RPC interface. 4 * This file contains the high-level RPC interface.
5 * It is modeled as a finite state machine to support both synchronous 5 * It is modeled as a finite state machine to support both synchronous
@@ -27,7 +27,6 @@
27#include <linux/types.h> 27#include <linux/types.h>
28#include <linux/mm.h> 28#include <linux/mm.h>
29#include <linux/slab.h> 29#include <linux/slab.h>
30#include <linux/in.h>
31#include <linux/utsname.h> 30#include <linux/utsname.h>
32 31
33#include <linux/sunrpc/clnt.h> 32#include <linux/sunrpc/clnt.h>
@@ -53,6 +52,7 @@ static void call_allocate(struct rpc_task *task);
53static void call_encode(struct rpc_task *task); 52static void call_encode(struct rpc_task *task);
54static void call_decode(struct rpc_task *task); 53static void call_decode(struct rpc_task *task);
55static void call_bind(struct rpc_task *task); 54static void call_bind(struct rpc_task *task);
55static void call_bind_status(struct rpc_task *task);
56static void call_transmit(struct rpc_task *task); 56static void call_transmit(struct rpc_task *task);
57static void call_status(struct rpc_task *task); 57static void call_status(struct rpc_task *task);
58static void call_refresh(struct rpc_task *task); 58static void call_refresh(struct rpc_task *task);
@@ -517,15 +517,8 @@ void
517rpc_setbufsize(struct rpc_clnt *clnt, unsigned int sndsize, unsigned int rcvsize) 517rpc_setbufsize(struct rpc_clnt *clnt, unsigned int sndsize, unsigned int rcvsize)
518{ 518{
519 struct rpc_xprt *xprt = clnt->cl_xprt; 519 struct rpc_xprt *xprt = clnt->cl_xprt;
520 520 if (xprt->ops->set_buffer_size)
521 xprt->sndsize = 0; 521 xprt->ops->set_buffer_size(xprt, sndsize, rcvsize);
522 if (sndsize)
523 xprt->sndsize = sndsize + RPC_SLACK_SPACE;
524 xprt->rcvsize = 0;
525 if (rcvsize)
526 xprt->rcvsize = rcvsize + RPC_SLACK_SPACE;
527 if (xprt_connected(xprt))
528 xprt_sock_setbufsize(xprt);
529} 522}
530 523
531/* 524/*
@@ -685,13 +678,11 @@ call_allocate(struct rpc_task *task)
685static void 678static void
686call_encode(struct rpc_task *task) 679call_encode(struct rpc_task *task)
687{ 680{
688 struct rpc_clnt *clnt = task->tk_client;
689 struct rpc_rqst *req = task->tk_rqstp; 681 struct rpc_rqst *req = task->tk_rqstp;
690 struct xdr_buf *sndbuf = &req->rq_snd_buf; 682 struct xdr_buf *sndbuf = &req->rq_snd_buf;
691 struct xdr_buf *rcvbuf = &req->rq_rcv_buf; 683 struct xdr_buf *rcvbuf = &req->rq_rcv_buf;
692 unsigned int bufsiz; 684 unsigned int bufsiz;
693 kxdrproc_t encode; 685 kxdrproc_t encode;
694 int status;
695 u32 *p; 686 u32 *p;
696 687
697 dprintk("RPC: %4d call_encode (status %d)\n", 688 dprintk("RPC: %4d call_encode (status %d)\n",
@@ -719,11 +710,15 @@ call_encode(struct rpc_task *task)
719 rpc_exit(task, -EIO); 710 rpc_exit(task, -EIO);
720 return; 711 return;
721 } 712 }
722 if (encode && (status = rpcauth_wrap_req(task, encode, req, p, 713 if (encode == NULL)
723 task->tk_msg.rpc_argp)) < 0) { 714 return;
724 printk(KERN_WARNING "%s: can't encode arguments: %d\n", 715
725 clnt->cl_protname, -status); 716 task->tk_status = rpcauth_wrap_req(task, encode, req, p,
726 rpc_exit(task, status); 717 task->tk_msg.rpc_argp);
718 if (task->tk_status == -ENOMEM) {
719 /* XXX: Is this sane? */
720 rpc_delay(task, 3*HZ);
721 task->tk_status = -EAGAIN;
727 } 722 }
728} 723}
729 724
@@ -734,43 +729,95 @@ static void
734call_bind(struct rpc_task *task) 729call_bind(struct rpc_task *task)
735{ 730{
736 struct rpc_clnt *clnt = task->tk_client; 731 struct rpc_clnt *clnt = task->tk_client;
737 struct rpc_xprt *xprt = clnt->cl_xprt;
738
739 dprintk("RPC: %4d call_bind xprt %p %s connected\n", task->tk_pid,
740 xprt, (xprt_connected(xprt) ? "is" : "is not"));
741 732
742 task->tk_action = (xprt_connected(xprt)) ? call_transmit : call_connect; 733 dprintk("RPC: %4d call_bind (status %d)\n",
734 task->tk_pid, task->tk_status);
743 735
736 task->tk_action = call_connect;
744 if (!clnt->cl_port) { 737 if (!clnt->cl_port) {
745 task->tk_action = call_connect; 738 task->tk_action = call_bind_status;
746 task->tk_timeout = RPC_CONNECT_TIMEOUT; 739 task->tk_timeout = task->tk_xprt->bind_timeout;
747 rpc_getport(task, clnt); 740 rpc_getport(task, clnt);
748 } 741 }
749} 742}
750 743
751/* 744/*
752 * 4a. Connect to the RPC server (TCP case) 745 * 4a. Sort out bind result
746 */
747static void
748call_bind_status(struct rpc_task *task)
749{
750 int status = -EACCES;
751
752 if (task->tk_status >= 0) {
753 dprintk("RPC: %4d call_bind_status (status %d)\n",
754 task->tk_pid, task->tk_status);
755 task->tk_status = 0;
756 task->tk_action = call_connect;
757 return;
758 }
759
760 switch (task->tk_status) {
761 case -EACCES:
762 dprintk("RPC: %4d remote rpcbind: RPC program/version unavailable\n",
763 task->tk_pid);
764 rpc_delay(task, 3*HZ);
765 goto retry_bind;
766 case -ETIMEDOUT:
767 dprintk("RPC: %4d rpcbind request timed out\n",
768 task->tk_pid);
769 if (RPC_IS_SOFT(task)) {
770 status = -EIO;
771 break;
772 }
773 goto retry_bind;
774 case -EPFNOSUPPORT:
775 dprintk("RPC: %4d remote rpcbind service unavailable\n",
776 task->tk_pid);
777 break;
778 case -EPROTONOSUPPORT:
779 dprintk("RPC: %4d remote rpcbind version 2 unavailable\n",
780 task->tk_pid);
781 break;
782 default:
783 dprintk("RPC: %4d unrecognized rpcbind error (%d)\n",
784 task->tk_pid, -task->tk_status);
785 status = -EIO;
786 break;
787 }
788
789 rpc_exit(task, status);
790 return;
791
792retry_bind:
793 task->tk_status = 0;
794 task->tk_action = call_bind;
795 return;
796}
797
798/*
799 * 4b. Connect to the RPC server
753 */ 800 */
754static void 801static void
755call_connect(struct rpc_task *task) 802call_connect(struct rpc_task *task)
756{ 803{
757 struct rpc_clnt *clnt = task->tk_client; 804 struct rpc_xprt *xprt = task->tk_xprt;
758 805
759 dprintk("RPC: %4d call_connect status %d\n", 806 dprintk("RPC: %4d call_connect xprt %p %s connected\n",
760 task->tk_pid, task->tk_status); 807 task->tk_pid, xprt,
808 (xprt_connected(xprt) ? "is" : "is not"));
761 809
762 if (xprt_connected(clnt->cl_xprt)) { 810 task->tk_action = call_transmit;
763 task->tk_action = call_transmit; 811 if (!xprt_connected(xprt)) {
764 return; 812 task->tk_action = call_connect_status;
813 if (task->tk_status < 0)
814 return;
815 xprt_connect(task);
765 } 816 }
766 task->tk_action = call_connect_status;
767 if (task->tk_status < 0)
768 return;
769 xprt_connect(task);
770} 817}
771 818
772/* 819/*
773 * 4b. Sort out connect result 820 * 4c. Sort out connect result
774 */ 821 */
775static void 822static void
776call_connect_status(struct rpc_task *task) 823call_connect_status(struct rpc_task *task)
@@ -778,6 +825,9 @@ call_connect_status(struct rpc_task *task)
778 struct rpc_clnt *clnt = task->tk_client; 825 struct rpc_clnt *clnt = task->tk_client;
779 int status = task->tk_status; 826 int status = task->tk_status;
780 827
828 dprintk("RPC: %5u call_connect_status (status %d)\n",
829 task->tk_pid, task->tk_status);
830
781 task->tk_status = 0; 831 task->tk_status = 0;
782 if (status >= 0) { 832 if (status >= 0) {
783 clnt->cl_stats->netreconn++; 833 clnt->cl_stats->netreconn++;
@@ -785,17 +835,19 @@ call_connect_status(struct rpc_task *task)
785 return; 835 return;
786 } 836 }
787 837
788 /* Something failed: we may have to rebind */ 838 /* Something failed: remote service port may have changed */
789 if (clnt->cl_autobind) 839 if (clnt->cl_autobind)
790 clnt->cl_port = 0; 840 clnt->cl_port = 0;
841
791 switch (status) { 842 switch (status) {
792 case -ENOTCONN: 843 case -ENOTCONN:
793 case -ETIMEDOUT: 844 case -ETIMEDOUT:
794 case -EAGAIN: 845 case -EAGAIN:
795 task->tk_action = (clnt->cl_port == 0) ? call_bind : call_connect; 846 task->tk_action = call_bind;
796 break; 847 break;
797 default: 848 default:
798 rpc_exit(task, -EIO); 849 rpc_exit(task, -EIO);
850 break;
799 } 851 }
800} 852}
801 853
@@ -815,10 +867,12 @@ call_transmit(struct rpc_task *task)
815 if (task->tk_status != 0) 867 if (task->tk_status != 0)
816 return; 868 return;
817 /* Encode here so that rpcsec_gss can use correct sequence number. */ 869 /* Encode here so that rpcsec_gss can use correct sequence number. */
818 if (!task->tk_rqstp->rq_bytes_sent) 870 if (task->tk_rqstp->rq_bytes_sent == 0) {
819 call_encode(task); 871 call_encode(task);
820 if (task->tk_status < 0) 872 /* Did the encode result in an error condition? */
821 return; 873 if (task->tk_status != 0)
874 goto out_nosend;
875 }
822 xprt_transmit(task); 876 xprt_transmit(task);
823 if (task->tk_status < 0) 877 if (task->tk_status < 0)
824 return; 878 return;
@@ -826,6 +880,10 @@ call_transmit(struct rpc_task *task)
826 task->tk_action = NULL; 880 task->tk_action = NULL;
827 rpc_wake_up_task(task); 881 rpc_wake_up_task(task);
828 } 882 }
883 return;
884out_nosend:
885 /* release socket write lock before attempting to handle error */
886 xprt_abort_transmit(task);
829} 887}
830 888
831/* 889/*
@@ -1020,13 +1078,12 @@ static u32 *
1020call_header(struct rpc_task *task) 1078call_header(struct rpc_task *task)
1021{ 1079{
1022 struct rpc_clnt *clnt = task->tk_client; 1080 struct rpc_clnt *clnt = task->tk_client;
1023 struct rpc_xprt *xprt = clnt->cl_xprt;
1024 struct rpc_rqst *req = task->tk_rqstp; 1081 struct rpc_rqst *req = task->tk_rqstp;
1025 u32 *p = req->rq_svec[0].iov_base; 1082 u32 *p = req->rq_svec[0].iov_base;
1026 1083
1027 /* FIXME: check buffer size? */ 1084 /* FIXME: check buffer size? */
1028 if (xprt->stream) 1085
1029 *p++ = 0; /* fill in later */ 1086 p = xprt_skip_transport_header(task->tk_xprt, p);
1030 *p++ = req->rq_xid; /* XID */ 1087 *p++ = req->rq_xid; /* XID */
1031 *p++ = htonl(RPC_CALL); /* CALL */ 1088 *p++ = htonl(RPC_CALL); /* CALL */
1032 *p++ = htonl(RPC_VERSION); /* RPC version */ 1089 *p++ = htonl(RPC_VERSION); /* RPC version */
diff --git a/net/sunrpc/pmap_clnt.c b/net/sunrpc/pmap_clnt.c
index 4e81f2766923..a398575f94b8 100644
--- a/net/sunrpc/pmap_clnt.c
+++ b/net/sunrpc/pmap_clnt.c
@@ -26,7 +26,7 @@
26#define PMAP_GETPORT 3 26#define PMAP_GETPORT 3
27 27
28static struct rpc_procinfo pmap_procedures[]; 28static struct rpc_procinfo pmap_procedures[];
29static struct rpc_clnt * pmap_create(char *, struct sockaddr_in *, int); 29static struct rpc_clnt * pmap_create(char *, struct sockaddr_in *, int, int);
30static void pmap_getport_done(struct rpc_task *); 30static void pmap_getport_done(struct rpc_task *);
31static struct rpc_program pmap_program; 31static struct rpc_program pmap_program;
32static DEFINE_SPINLOCK(pmap_lock); 32static DEFINE_SPINLOCK(pmap_lock);
@@ -65,7 +65,7 @@ rpc_getport(struct rpc_task *task, struct rpc_clnt *clnt)
65 map->pm_binding = 1; 65 map->pm_binding = 1;
66 spin_unlock(&pmap_lock); 66 spin_unlock(&pmap_lock);
67 67
68 pmap_clnt = pmap_create(clnt->cl_server, sap, map->pm_prot); 68 pmap_clnt = pmap_create(clnt->cl_server, sap, map->pm_prot, 0);
69 if (IS_ERR(pmap_clnt)) { 69 if (IS_ERR(pmap_clnt)) {
70 task->tk_status = PTR_ERR(pmap_clnt); 70 task->tk_status = PTR_ERR(pmap_clnt);
71 goto bailout; 71 goto bailout;
@@ -112,7 +112,7 @@ rpc_getport_external(struct sockaddr_in *sin, __u32 prog, __u32 vers, int prot)
112 NIPQUAD(sin->sin_addr.s_addr), prog, vers, prot); 112 NIPQUAD(sin->sin_addr.s_addr), prog, vers, prot);
113 113
114 sprintf(hostname, "%u.%u.%u.%u", NIPQUAD(sin->sin_addr.s_addr)); 114 sprintf(hostname, "%u.%u.%u.%u", NIPQUAD(sin->sin_addr.s_addr));
115 pmap_clnt = pmap_create(hostname, sin, prot); 115 pmap_clnt = pmap_create(hostname, sin, prot, 0);
116 if (IS_ERR(pmap_clnt)) 116 if (IS_ERR(pmap_clnt))
117 return PTR_ERR(pmap_clnt); 117 return PTR_ERR(pmap_clnt);
118 118
@@ -171,7 +171,7 @@ rpc_register(u32 prog, u32 vers, int prot, unsigned short port, int *okay)
171 171
172 sin.sin_family = AF_INET; 172 sin.sin_family = AF_INET;
173 sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK); 173 sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
174 pmap_clnt = pmap_create("localhost", &sin, IPPROTO_UDP); 174 pmap_clnt = pmap_create("localhost", &sin, IPPROTO_UDP, 1);
175 if (IS_ERR(pmap_clnt)) { 175 if (IS_ERR(pmap_clnt)) {
176 error = PTR_ERR(pmap_clnt); 176 error = PTR_ERR(pmap_clnt);
177 dprintk("RPC: couldn't create pmap client. Error = %d\n", error); 177 dprintk("RPC: couldn't create pmap client. Error = %d\n", error);
@@ -198,7 +198,7 @@ rpc_register(u32 prog, u32 vers, int prot, unsigned short port, int *okay)
198} 198}
199 199
200static struct rpc_clnt * 200static struct rpc_clnt *
201pmap_create(char *hostname, struct sockaddr_in *srvaddr, int proto) 201pmap_create(char *hostname, struct sockaddr_in *srvaddr, int proto, int privileged)
202{ 202{
203 struct rpc_xprt *xprt; 203 struct rpc_xprt *xprt;
204 struct rpc_clnt *clnt; 204 struct rpc_clnt *clnt;
@@ -208,6 +208,8 @@ pmap_create(char *hostname, struct sockaddr_in *srvaddr, int proto)
208 if (IS_ERR(xprt)) 208 if (IS_ERR(xprt))
209 return (struct rpc_clnt *)xprt; 209 return (struct rpc_clnt *)xprt;
210 xprt->addr.sin_port = htons(RPC_PMAP_PORT); 210 xprt->addr.sin_port = htons(RPC_PMAP_PORT);
211 if (!privileged)
212 xprt->resvport = 0;
211 213
212 /* printk("pmap: create clnt\n"); */ 214 /* printk("pmap: create clnt\n"); */
213 clnt = rpc_new_client(xprt, hostname, 215 clnt = rpc_new_client(xprt, hostname,
diff --git a/net/sunrpc/rpc_pipe.c b/net/sunrpc/rpc_pipe.c
index ded6c63f11ec..4f188d0a5d11 100644
--- a/net/sunrpc/rpc_pipe.c
+++ b/net/sunrpc/rpc_pipe.c
@@ -76,25 +76,35 @@ int
76rpc_queue_upcall(struct inode *inode, struct rpc_pipe_msg *msg) 76rpc_queue_upcall(struct inode *inode, struct rpc_pipe_msg *msg)
77{ 77{
78 struct rpc_inode *rpci = RPC_I(inode); 78 struct rpc_inode *rpci = RPC_I(inode);
79 int res = 0; 79 int res = -EPIPE;
80 80
81 down(&inode->i_sem); 81 down(&inode->i_sem);
82 if (rpci->ops == NULL)
83 goto out;
82 if (rpci->nreaders) { 84 if (rpci->nreaders) {
83 list_add_tail(&msg->list, &rpci->pipe); 85 list_add_tail(&msg->list, &rpci->pipe);
84 rpci->pipelen += msg->len; 86 rpci->pipelen += msg->len;
87 res = 0;
85 } else if (rpci->flags & RPC_PIPE_WAIT_FOR_OPEN) { 88 } else if (rpci->flags & RPC_PIPE_WAIT_FOR_OPEN) {
86 if (list_empty(&rpci->pipe)) 89 if (list_empty(&rpci->pipe))
87 schedule_delayed_work(&rpci->queue_timeout, 90 schedule_delayed_work(&rpci->queue_timeout,
88 RPC_UPCALL_TIMEOUT); 91 RPC_UPCALL_TIMEOUT);
89 list_add_tail(&msg->list, &rpci->pipe); 92 list_add_tail(&msg->list, &rpci->pipe);
90 rpci->pipelen += msg->len; 93 rpci->pipelen += msg->len;
91 } else 94 res = 0;
92 res = -EPIPE; 95 }
96out:
93 up(&inode->i_sem); 97 up(&inode->i_sem);
94 wake_up(&rpci->waitq); 98 wake_up(&rpci->waitq);
95 return res; 99 return res;
96} 100}
97 101
102static inline void
103rpc_inode_setowner(struct inode *inode, void *private)
104{
105 RPC_I(inode)->private = private;
106}
107
98static void 108static void
99rpc_close_pipes(struct inode *inode) 109rpc_close_pipes(struct inode *inode)
100{ 110{
@@ -111,15 +121,10 @@ rpc_close_pipes(struct inode *inode)
111 rpci->ops->release_pipe(inode); 121 rpci->ops->release_pipe(inode);
112 rpci->ops = NULL; 122 rpci->ops = NULL;
113 } 123 }
124 rpc_inode_setowner(inode, NULL);
114 up(&inode->i_sem); 125 up(&inode->i_sem);
115} 126}
116 127
117static inline void
118rpc_inode_setowner(struct inode *inode, void *private)
119{
120 RPC_I(inode)->private = private;
121}
122
123static struct inode * 128static struct inode *
124rpc_alloc_inode(struct super_block *sb) 129rpc_alloc_inode(struct super_block *sb)
125{ 130{
@@ -501,7 +506,6 @@ repeat:
501 dentry = dvec[--n]; 506 dentry = dvec[--n];
502 if (dentry->d_inode) { 507 if (dentry->d_inode) {
503 rpc_close_pipes(dentry->d_inode); 508 rpc_close_pipes(dentry->d_inode);
504 rpc_inode_setowner(dentry->d_inode, NULL);
505 simple_unlink(dir, dentry); 509 simple_unlink(dir, dentry);
506 } 510 }
507 dput(dentry); 511 dput(dentry);
@@ -576,10 +580,8 @@ __rpc_rmdir(struct inode *dir, struct dentry *dentry)
576 int error; 580 int error;
577 581
578 shrink_dcache_parent(dentry); 582 shrink_dcache_parent(dentry);
579 if (dentry->d_inode) { 583 if (dentry->d_inode)
580 rpc_close_pipes(dentry->d_inode); 584 rpc_close_pipes(dentry->d_inode);
581 rpc_inode_setowner(dentry->d_inode, NULL);
582 }
583 if ((error = simple_rmdir(dir, dentry)) != 0) 585 if ((error = simple_rmdir(dir, dentry)) != 0)
584 return error; 586 return error;
585 if (!error) { 587 if (!error) {
@@ -732,7 +734,6 @@ rpc_unlink(char *path)
732 d_drop(dentry); 734 d_drop(dentry);
733 if (dentry->d_inode) { 735 if (dentry->d_inode) {
734 rpc_close_pipes(dentry->d_inode); 736 rpc_close_pipes(dentry->d_inode);
735 rpc_inode_setowner(dentry->d_inode, NULL);
736 error = simple_unlink(dir, dentry); 737 error = simple_unlink(dir, dentry);
737 } 738 }
738 dput(dentry); 739 dput(dentry);
diff --git a/net/sunrpc/socklib.c b/net/sunrpc/socklib.c
new file mode 100644
index 000000000000..8f97e90f36c8
--- /dev/null
+++ b/net/sunrpc/socklib.c
@@ -0,0 +1,175 @@
1/*
2 * linux/net/sunrpc/socklib.c
3 *
4 * Common socket helper routines for RPC client and server
5 *
6 * Copyright (C) 1995, 1996 Olaf Kirch <okir@monad.swb.de>
7 */
8
9#include <linux/types.h>
10#include <linux/pagemap.h>
11#include <linux/udp.h>
12#include <linux/sunrpc/xdr.h>
13
14
15/**
16 * skb_read_bits - copy some data bits from skb to internal buffer
17 * @desc: sk_buff copy helper
18 * @to: copy destination
19 * @len: number of bytes to copy
20 *
21 * Possibly called several times to iterate over an sk_buff and copy
22 * data out of it.
23 */
24static size_t skb_read_bits(skb_reader_t *desc, void *to, size_t len)
25{
26 if (len > desc->count)
27 len = desc->count;
28 if (skb_copy_bits(desc->skb, desc->offset, to, len))
29 return 0;
30 desc->count -= len;
31 desc->offset += len;
32 return len;
33}
34
35/**
36 * skb_read_and_csum_bits - copy and checksum from skb to buffer
37 * @desc: sk_buff copy helper
38 * @to: copy destination
39 * @len: number of bytes to copy
40 *
41 * Same as skb_read_bits, but calculate a checksum at the same time.
42 */
43static size_t skb_read_and_csum_bits(skb_reader_t *desc, void *to, size_t len)
44{
45 unsigned int csum2, pos;
46
47 if (len > desc->count)
48 len = desc->count;
49 pos = desc->offset;
50 csum2 = skb_copy_and_csum_bits(desc->skb, pos, to, len, 0);
51 desc->csum = csum_block_add(desc->csum, csum2, pos);
52 desc->count -= len;
53 desc->offset += len;
54 return len;
55}
56
57/**
58 * xdr_partial_copy_from_skb - copy data out of an skb
59 * @xdr: target XDR buffer
60 * @base: starting offset
61 * @desc: sk_buff copy helper
62 * @copy_actor: virtual method for copying data
63 *
64 */
65ssize_t xdr_partial_copy_from_skb(struct xdr_buf *xdr, unsigned int base, skb_reader_t *desc, skb_read_actor_t copy_actor)
66{
67 struct page **ppage = xdr->pages;
68 unsigned int len, pglen = xdr->page_len;
69 ssize_t copied = 0;
70 int ret;
71
72 len = xdr->head[0].iov_len;
73 if (base < len) {
74 len -= base;
75 ret = copy_actor(desc, (char *)xdr->head[0].iov_base + base, len);
76 copied += ret;
77 if (ret != len || !desc->count)
78 goto out;
79 base = 0;
80 } else
81 base -= len;
82
83 if (unlikely(pglen == 0))
84 goto copy_tail;
85 if (unlikely(base >= pglen)) {
86 base -= pglen;
87 goto copy_tail;
88 }
89 if (base || xdr->page_base) {
90 pglen -= base;
91 base += xdr->page_base;
92 ppage += base >> PAGE_CACHE_SHIFT;
93 base &= ~PAGE_CACHE_MASK;
94 }
95 do {
96 char *kaddr;
97
98 /* ACL likes to be lazy in allocating pages - ACLs
99 * are small by default but can get huge. */
100 if (unlikely(*ppage == NULL)) {
101 *ppage = alloc_page(GFP_ATOMIC);
102 if (unlikely(*ppage == NULL)) {
103 if (copied == 0)
104 copied = -ENOMEM;
105 goto out;
106 }
107 }
108
109 len = PAGE_CACHE_SIZE;
110 kaddr = kmap_atomic(*ppage, KM_SKB_SUNRPC_DATA);
111 if (base) {
112 len -= base;
113 if (pglen < len)
114 len = pglen;
115 ret = copy_actor(desc, kaddr + base, len);
116 base = 0;
117 } else {
118 if (pglen < len)
119 len = pglen;
120 ret = copy_actor(desc, kaddr, len);
121 }
122 flush_dcache_page(*ppage);
123 kunmap_atomic(kaddr, KM_SKB_SUNRPC_DATA);
124 copied += ret;
125 if (ret != len || !desc->count)
126 goto out;
127 ppage++;
128 } while ((pglen -= len) != 0);
129copy_tail:
130 len = xdr->tail[0].iov_len;
131 if (base < len)
132 copied += copy_actor(desc, (char *)xdr->tail[0].iov_base + base, len - base);
133out:
134 return copied;
135}
136
137/**
138 * csum_partial_copy_to_xdr - checksum and copy data
139 * @xdr: target XDR buffer
140 * @skb: source skb
141 *
142 * We have set things up such that we perform the checksum of the UDP
143 * packet in parallel with the copies into the RPC client iovec. -DaveM
144 */
145int csum_partial_copy_to_xdr(struct xdr_buf *xdr, struct sk_buff *skb)
146{
147 skb_reader_t desc;
148
149 desc.skb = skb;
150 desc.offset = sizeof(struct udphdr);
151 desc.count = skb->len - desc.offset;
152
153 if (skb->ip_summed == CHECKSUM_UNNECESSARY)
154 goto no_checksum;
155
156 desc.csum = csum_partial(skb->data, desc.offset, skb->csum);
157 if (xdr_partial_copy_from_skb(xdr, 0, &desc, skb_read_and_csum_bits) < 0)
158 return -1;
159 if (desc.offset != skb->len) {
160 unsigned int csum2;
161 csum2 = skb_checksum(skb, desc.offset, skb->len - desc.offset, 0);
162 desc.csum = csum_block_add(desc.csum, csum2, desc.offset);
163 }
164 if (desc.count)
165 return -1;
166 if ((unsigned short)csum_fold(desc.csum))
167 return -1;
168 return 0;
169no_checksum:
170 if (xdr_partial_copy_from_skb(xdr, 0, &desc, skb_read_bits) < 0)
171 return -1;
172 if (desc.count)
173 return -1;
174 return 0;
175}
diff --git a/net/sunrpc/sunrpc_syms.c b/net/sunrpc/sunrpc_syms.c
index ed48ff022d35..2387e7b823ff 100644
--- a/net/sunrpc/sunrpc_syms.c
+++ b/net/sunrpc/sunrpc_syms.c
@@ -10,7 +10,6 @@
10#include <linux/module.h> 10#include <linux/module.h>
11 11
12#include <linux/types.h> 12#include <linux/types.h>
13#include <linux/socket.h>
14#include <linux/sched.h> 13#include <linux/sched.h>
15#include <linux/uio.h> 14#include <linux/uio.h>
16#include <linux/unistd.h> 15#include <linux/unistd.h>
diff --git a/net/sunrpc/svcsock.c b/net/sunrpc/svcsock.c
index 691dea4a58e7..f16e7cdd6150 100644
--- a/net/sunrpc/svcsock.c
+++ b/net/sunrpc/svcsock.c
@@ -548,9 +548,6 @@ svc_write_space(struct sock *sk)
548/* 548/*
549 * Receive a datagram from a UDP socket. 549 * Receive a datagram from a UDP socket.
550 */ 550 */
551extern int
552csum_partial_copy_to_xdr(struct xdr_buf *xdr, struct sk_buff *skb);
553
554static int 551static int
555svc_udp_recvfrom(struct svc_rqst *rqstp) 552svc_udp_recvfrom(struct svc_rqst *rqstp)
556{ 553{
diff --git a/net/sunrpc/sysctl.c b/net/sunrpc/sysctl.c
index 1b9616a12e24..d0c9f460e411 100644
--- a/net/sunrpc/sysctl.c
+++ b/net/sunrpc/sysctl.c
@@ -119,8 +119,18 @@ done:
119 return 0; 119 return 0;
120} 120}
121 121
122unsigned int xprt_udp_slot_table_entries = RPC_DEF_SLOT_TABLE;
123unsigned int xprt_tcp_slot_table_entries = RPC_DEF_SLOT_TABLE;
124unsigned int xprt_min_resvport = RPC_DEF_MIN_RESVPORT;
125EXPORT_SYMBOL(xprt_min_resvport);
126unsigned int xprt_max_resvport = RPC_DEF_MAX_RESVPORT;
127EXPORT_SYMBOL(xprt_max_resvport);
128
129
122static unsigned int min_slot_table_size = RPC_MIN_SLOT_TABLE; 130static unsigned int min_slot_table_size = RPC_MIN_SLOT_TABLE;
123static unsigned int max_slot_table_size = RPC_MAX_SLOT_TABLE; 131static unsigned int max_slot_table_size = RPC_MAX_SLOT_TABLE;
132static unsigned int xprt_min_resvport_limit = RPC_MIN_RESVPORT;
133static unsigned int xprt_max_resvport_limit = RPC_MAX_RESVPORT;
124 134
125static ctl_table debug_table[] = { 135static ctl_table debug_table[] = {
126 { 136 {
@@ -177,6 +187,28 @@ static ctl_table debug_table[] = {
177 .extra1 = &min_slot_table_size, 187 .extra1 = &min_slot_table_size,
178 .extra2 = &max_slot_table_size 188 .extra2 = &max_slot_table_size
179 }, 189 },
190 {
191 .ctl_name = CTL_MIN_RESVPORT,
192 .procname = "min_resvport",
193 .data = &xprt_min_resvport,
194 .maxlen = sizeof(unsigned int),
195 .mode = 0644,
196 .proc_handler = &proc_dointvec_minmax,
197 .strategy = &sysctl_intvec,
198 .extra1 = &xprt_min_resvport_limit,
199 .extra2 = &xprt_max_resvport_limit
200 },
201 {
202 .ctl_name = CTL_MAX_RESVPORT,
203 .procname = "max_resvport",
204 .data = &xprt_max_resvport,
205 .maxlen = sizeof(unsigned int),
206 .mode = 0644,
207 .proc_handler = &proc_dointvec_minmax,
208 .strategy = &sysctl_intvec,
209 .extra1 = &xprt_min_resvport_limit,
210 .extra2 = &xprt_max_resvport_limit
211 },
180 { .ctl_name = 0 } 212 { .ctl_name = 0 }
181}; 213};
182 214
diff --git a/net/sunrpc/xdr.c b/net/sunrpc/xdr.c
index fde16f40a581..32df43372ee9 100644
--- a/net/sunrpc/xdr.c
+++ b/net/sunrpc/xdr.c
@@ -6,15 +6,12 @@
6 * Copyright (C) 1995, 1996 Olaf Kirch <okir@monad.swb.de> 6 * Copyright (C) 1995, 1996 Olaf Kirch <okir@monad.swb.de>
7 */ 7 */
8 8
9#include <linux/module.h>
9#include <linux/types.h> 10#include <linux/types.h>
10#include <linux/socket.h>
11#include <linux/string.h> 11#include <linux/string.h>
12#include <linux/kernel.h> 12#include <linux/kernel.h>
13#include <linux/pagemap.h> 13#include <linux/pagemap.h>
14#include <linux/errno.h> 14#include <linux/errno.h>
15#include <linux/in.h>
16#include <linux/net.h>
17#include <net/sock.h>
18#include <linux/sunrpc/xdr.h> 15#include <linux/sunrpc/xdr.h>
19#include <linux/sunrpc/msg_prot.h> 16#include <linux/sunrpc/msg_prot.h>
20 17
@@ -176,178 +173,6 @@ xdr_inline_pages(struct xdr_buf *xdr, unsigned int offset,
176 xdr->buflen += len; 173 xdr->buflen += len;
177} 174}
178 175
179ssize_t
180xdr_partial_copy_from_skb(struct xdr_buf *xdr, unsigned int base,
181 skb_reader_t *desc,
182 skb_read_actor_t copy_actor)
183{
184 struct page **ppage = xdr->pages;
185 unsigned int len, pglen = xdr->page_len;
186 ssize_t copied = 0;
187 int ret;
188
189 len = xdr->head[0].iov_len;
190 if (base < len) {
191 len -= base;
192 ret = copy_actor(desc, (char *)xdr->head[0].iov_base + base, len);
193 copied += ret;
194 if (ret != len || !desc->count)
195 goto out;
196 base = 0;
197 } else
198 base -= len;
199
200 if (pglen == 0)
201 goto copy_tail;
202 if (base >= pglen) {
203 base -= pglen;
204 goto copy_tail;
205 }
206 if (base || xdr->page_base) {
207 pglen -= base;
208 base += xdr->page_base;
209 ppage += base >> PAGE_CACHE_SHIFT;
210 base &= ~PAGE_CACHE_MASK;
211 }
212 do {
213 char *kaddr;
214
215 /* ACL likes to be lazy in allocating pages - ACLs
216 * are small by default but can get huge. */
217 if (unlikely(*ppage == NULL)) {
218 *ppage = alloc_page(GFP_ATOMIC);
219 if (unlikely(*ppage == NULL)) {
220 if (copied == 0)
221 copied = -ENOMEM;
222 goto out;
223 }
224 }
225
226 len = PAGE_CACHE_SIZE;
227 kaddr = kmap_atomic(*ppage, KM_SKB_SUNRPC_DATA);
228 if (base) {
229 len -= base;
230 if (pglen < len)
231 len = pglen;
232 ret = copy_actor(desc, kaddr + base, len);
233 base = 0;
234 } else {
235 if (pglen < len)
236 len = pglen;
237 ret = copy_actor(desc, kaddr, len);
238 }
239 flush_dcache_page(*ppage);
240 kunmap_atomic(kaddr, KM_SKB_SUNRPC_DATA);
241 copied += ret;
242 if (ret != len || !desc->count)
243 goto out;
244 ppage++;
245 } while ((pglen -= len) != 0);
246copy_tail:
247 len = xdr->tail[0].iov_len;
248 if (base < len)
249 copied += copy_actor(desc, (char *)xdr->tail[0].iov_base + base, len - base);
250out:
251 return copied;
252}
253
254
255int
256xdr_sendpages(struct socket *sock, struct sockaddr *addr, int addrlen,
257 struct xdr_buf *xdr, unsigned int base, int msgflags)
258{
259 struct page **ppage = xdr->pages;
260 unsigned int len, pglen = xdr->page_len;
261 int err, ret = 0;
262 ssize_t (*sendpage)(struct socket *, struct page *, int, size_t, int);
263
264 len = xdr->head[0].iov_len;
265 if (base < len || (addr != NULL && base == 0)) {
266 struct kvec iov = {
267 .iov_base = xdr->head[0].iov_base + base,
268 .iov_len = len - base,
269 };
270 struct msghdr msg = {
271 .msg_name = addr,
272 .msg_namelen = addrlen,
273 .msg_flags = msgflags,
274 };
275 if (xdr->len > len)
276 msg.msg_flags |= MSG_MORE;
277
278 if (iov.iov_len != 0)
279 err = kernel_sendmsg(sock, &msg, &iov, 1, iov.iov_len);
280 else
281 err = kernel_sendmsg(sock, &msg, NULL, 0, 0);
282 if (ret == 0)
283 ret = err;
284 else if (err > 0)
285 ret += err;
286 if (err != iov.iov_len)
287 goto out;
288 base = 0;
289 } else
290 base -= len;
291
292 if (pglen == 0)
293 goto copy_tail;
294 if (base >= pglen) {
295 base -= pglen;
296 goto copy_tail;
297 }
298 if (base || xdr->page_base) {
299 pglen -= base;
300 base += xdr->page_base;
301 ppage += base >> PAGE_CACHE_SHIFT;
302 base &= ~PAGE_CACHE_MASK;
303 }
304
305 sendpage = sock->ops->sendpage ? : sock_no_sendpage;
306 do {
307 int flags = msgflags;
308
309 len = PAGE_CACHE_SIZE;
310 if (base)
311 len -= base;
312 if (pglen < len)
313 len = pglen;
314
315 if (pglen != len || xdr->tail[0].iov_len != 0)
316 flags |= MSG_MORE;
317
318 /* Hmm... We might be dealing with highmem pages */
319 if (PageHighMem(*ppage))
320 sendpage = sock_no_sendpage;
321 err = sendpage(sock, *ppage, base, len, flags);
322 if (ret == 0)
323 ret = err;
324 else if (err > 0)
325 ret += err;
326 if (err != len)
327 goto out;
328 base = 0;
329 ppage++;
330 } while ((pglen -= len) != 0);
331copy_tail:
332 len = xdr->tail[0].iov_len;
333 if (base < len) {
334 struct kvec iov = {
335 .iov_base = xdr->tail[0].iov_base + base,
336 .iov_len = len - base,
337 };
338 struct msghdr msg = {
339 .msg_flags = msgflags,
340 };
341 err = kernel_sendmsg(sock, &msg, &iov, 1, iov.iov_len);
342 if (ret == 0)
343 ret = err;
344 else if (err > 0)
345 ret += err;
346 }
347out:
348 return ret;
349}
350
351 176
352/* 177/*
353 * Helper routines for doing 'memmove' like operations on a struct xdr_buf 178 * Helper routines for doing 'memmove' like operations on a struct xdr_buf
diff --git a/net/sunrpc/xprt.c b/net/sunrpc/xprt.c
index 3c654e06b084..6dda3860351f 100644
--- a/net/sunrpc/xprt.c
+++ b/net/sunrpc/xprt.c
@@ -10,12 +10,12 @@
10 * one is available. Otherwise, it sleeps on the backlog queue 10 * one is available. Otherwise, it sleeps on the backlog queue
11 * (xprt_reserve). 11 * (xprt_reserve).
12 * - Next, the caller puts together the RPC message, stuffs it into 12 * - Next, the caller puts together the RPC message, stuffs it into
13 * the request struct, and calls xprt_call(). 13 * the request struct, and calls xprt_transmit().
14 * - xprt_call transmits the message and installs the caller on the 14 * - xprt_transmit sends the message and installs the caller on the
15 * socket's wait list. At the same time, it installs a timer that 15 * transport's wait list. At the same time, it installs a timer that
16 * is run after the packet's timeout has expired. 16 * is run after the packet's timeout has expired.
17 * - When a packet arrives, the data_ready handler walks the list of 17 * - When a packet arrives, the data_ready handler walks the list of
18 * pending requests for that socket. If a matching XID is found, the 18 * pending requests for that transport. If a matching XID is found, the
19 * caller is woken up, and the timer removed. 19 * caller is woken up, and the timer removed.
20 * - When no reply arrives within the timeout interval, the timer is 20 * - When no reply arrives within the timeout interval, the timer is
21 * fired by the kernel and runs xprt_timer(). It either adjusts the 21 * fired by the kernel and runs xprt_timer(). It either adjusts the
@@ -33,36 +33,17 @@
33 * 33 *
34 * Copyright (C) 1995-1997, Olaf Kirch <okir@monad.swb.de> 34 * Copyright (C) 1995-1997, Olaf Kirch <okir@monad.swb.de>
35 * 35 *
36 * TCP callback races fixes (C) 1998 Red Hat Software <alan@redhat.com> 36 * Transport switch API copyright (C) 2005, Chuck Lever <cel@netapp.com>
37 * TCP send fixes (C) 1998 Red Hat Software <alan@redhat.com>
38 * TCP NFS related read + write fixes
39 * (C) 1999 Dave Airlie, University of Limerick, Ireland <airlied@linux.ie>
40 *
41 * Rewrite of larges part of the code in order to stabilize TCP stuff.
42 * Fix behaviour when socket buffer is full.
43 * (C) 1999 Trond Myklebust <trond.myklebust@fys.uio.no>
44 */ 37 */
45 38
39#include <linux/module.h>
40
46#include <linux/types.h> 41#include <linux/types.h>
47#include <linux/slab.h> 42#include <linux/interrupt.h>
48#include <linux/capability.h>
49#include <linux/sched.h>
50#include <linux/errno.h>
51#include <linux/socket.h>
52#include <linux/in.h>
53#include <linux/net.h>
54#include <linux/mm.h>
55#include <linux/udp.h>
56#include <linux/tcp.h>
57#include <linux/sunrpc/clnt.h>
58#include <linux/file.h>
59#include <linux/workqueue.h> 43#include <linux/workqueue.h>
60#include <linux/random.h> 44#include <linux/random.h>
61 45
62#include <net/sock.h> 46#include <linux/sunrpc/clnt.h>
63#include <net/checksum.h>
64#include <net/udp.h>
65#include <net/tcp.h>
66 47
67/* 48/*
68 * Local variables 49 * Local variables
@@ -73,81 +54,90 @@
73# define RPCDBG_FACILITY RPCDBG_XPRT 54# define RPCDBG_FACILITY RPCDBG_XPRT
74#endif 55#endif
75 56
76#define XPRT_MAX_BACKOFF (8)
77#define XPRT_IDLE_TIMEOUT (5*60*HZ)
78#define XPRT_MAX_RESVPORT (800)
79
80/* 57/*
81 * Local functions 58 * Local functions
82 */ 59 */
83static void xprt_request_init(struct rpc_task *, struct rpc_xprt *); 60static void xprt_request_init(struct rpc_task *, struct rpc_xprt *);
84static inline void do_xprt_reserve(struct rpc_task *); 61static inline void do_xprt_reserve(struct rpc_task *);
85static void xprt_disconnect(struct rpc_xprt *);
86static void xprt_connect_status(struct rpc_task *task); 62static void xprt_connect_status(struct rpc_task *task);
87static struct rpc_xprt * xprt_setup(int proto, struct sockaddr_in *ap,
88 struct rpc_timeout *to);
89static struct socket *xprt_create_socket(struct rpc_xprt *, int, int);
90static void xprt_bind_socket(struct rpc_xprt *, struct socket *);
91static int __xprt_get_cong(struct rpc_xprt *, struct rpc_task *); 63static int __xprt_get_cong(struct rpc_xprt *, struct rpc_task *);
92 64
93static int xprt_clear_backlog(struct rpc_xprt *xprt);
94
95#ifdef RPC_DEBUG_DATA
96/* 65/*
97 * Print the buffer contents (first 128 bytes only--just enough for 66 * The transport code maintains an estimate on the maximum number of out-
98 * diropres return). 67 * standing RPC requests, using a smoothed version of the congestion
68 * avoidance implemented in 44BSD. This is basically the Van Jacobson
69 * congestion algorithm: If a retransmit occurs, the congestion window is
70 * halved; otherwise, it is incremented by 1/cwnd when
71 *
72 * - a reply is received and
73 * - a full number of requests are outstanding and
74 * - the congestion window hasn't been updated recently.
99 */ 75 */
100static void 76#define RPC_CWNDSHIFT (8U)
101xprt_pktdump(char *msg, u32 *packet, unsigned int count) 77#define RPC_CWNDSCALE (1U << RPC_CWNDSHIFT)
102{ 78#define RPC_INITCWND RPC_CWNDSCALE
103 u8 *buf = (u8 *) packet; 79#define RPC_MAXCWND(xprt) ((xprt)->max_reqs << RPC_CWNDSHIFT)
104 int j;
105
106 dprintk("RPC: %s\n", msg);
107 for (j = 0; j < count && j < 128; j += 4) {
108 if (!(j & 31)) {
109 if (j)
110 dprintk("\n");
111 dprintk("0x%04x ", j);
112 }
113 dprintk("%02x%02x%02x%02x ",
114 buf[j], buf[j+1], buf[j+2], buf[j+3]);
115 }
116 dprintk("\n");
117}
118#else
119static inline void
120xprt_pktdump(char *msg, u32 *packet, unsigned int count)
121{
122 /* NOP */
123}
124#endif
125 80
126/* 81#define RPCXPRT_CONGESTED(xprt) ((xprt)->cong >= (xprt)->cwnd)
127 * Look up RPC transport given an INET socket 82
83/**
84 * xprt_reserve_xprt - serialize write access to transports
85 * @task: task that is requesting access to the transport
86 *
87 * This prevents mixing the payload of separate requests, and prevents
88 * transport connects from colliding with writes. No congestion control
89 * is provided.
128 */ 90 */
129static inline struct rpc_xprt * 91int xprt_reserve_xprt(struct rpc_task *task)
130xprt_from_sock(struct sock *sk)
131{ 92{
132 return (struct rpc_xprt *) sk->sk_user_data; 93 struct rpc_xprt *xprt = task->tk_xprt;
94 struct rpc_rqst *req = task->tk_rqstp;
95
96 if (test_and_set_bit(XPRT_LOCKED, &xprt->state)) {
97 if (task == xprt->snd_task)
98 return 1;
99 if (task == NULL)
100 return 0;
101 goto out_sleep;
102 }
103 xprt->snd_task = task;
104 if (req) {
105 req->rq_bytes_sent = 0;
106 req->rq_ntrans++;
107 }
108 return 1;
109
110out_sleep:
111 dprintk("RPC: %4d failed to lock transport %p\n",
112 task->tk_pid, xprt);
113 task->tk_timeout = 0;
114 task->tk_status = -EAGAIN;
115 if (req && req->rq_ntrans)
116 rpc_sleep_on(&xprt->resend, task, NULL, NULL);
117 else
118 rpc_sleep_on(&xprt->sending, task, NULL, NULL);
119 return 0;
133} 120}
134 121
135/* 122/*
136 * Serialize write access to sockets, in order to prevent different 123 * xprt_reserve_xprt_cong - serialize write access to transports
137 * requests from interfering with each other. 124 * @task: task that is requesting access to the transport
138 * Also prevents TCP socket connects from colliding with writes. 125 *
126 * Same as xprt_reserve_xprt, but Van Jacobson congestion control is
127 * integrated into the decision of whether a request is allowed to be
128 * woken up and given access to the transport.
139 */ 129 */
140static int 130int xprt_reserve_xprt_cong(struct rpc_task *task)
141__xprt_lock_write(struct rpc_xprt *xprt, struct rpc_task *task)
142{ 131{
132 struct rpc_xprt *xprt = task->tk_xprt;
143 struct rpc_rqst *req = task->tk_rqstp; 133 struct rpc_rqst *req = task->tk_rqstp;
144 134
145 if (test_and_set_bit(XPRT_LOCKED, &xprt->sockstate)) { 135 if (test_and_set_bit(XPRT_LOCKED, &xprt->state)) {
146 if (task == xprt->snd_task) 136 if (task == xprt->snd_task)
147 return 1; 137 return 1;
148 goto out_sleep; 138 goto out_sleep;
149 } 139 }
150 if (xprt->nocong || __xprt_get_cong(xprt, task)) { 140 if (__xprt_get_cong(xprt, task)) {
151 xprt->snd_task = task; 141 xprt->snd_task = task;
152 if (req) { 142 if (req) {
153 req->rq_bytes_sent = 0; 143 req->rq_bytes_sent = 0;
@@ -156,10 +146,10 @@ __xprt_lock_write(struct rpc_xprt *xprt, struct rpc_task *task)
156 return 1; 146 return 1;
157 } 147 }
158 smp_mb__before_clear_bit(); 148 smp_mb__before_clear_bit();
159 clear_bit(XPRT_LOCKED, &xprt->sockstate); 149 clear_bit(XPRT_LOCKED, &xprt->state);
160 smp_mb__after_clear_bit(); 150 smp_mb__after_clear_bit();
161out_sleep: 151out_sleep:
162 dprintk("RPC: %4d failed to lock socket %p\n", task->tk_pid, xprt); 152 dprintk("RPC: %4d failed to lock transport %p\n", task->tk_pid, xprt);
163 task->tk_timeout = 0; 153 task->tk_timeout = 0;
164 task->tk_status = -EAGAIN; 154 task->tk_status = -EAGAIN;
165 if (req && req->rq_ntrans) 155 if (req && req->rq_ntrans)
@@ -169,26 +159,52 @@ out_sleep:
169 return 0; 159 return 0;
170} 160}
171 161
172static inline int 162static inline int xprt_lock_write(struct rpc_xprt *xprt, struct rpc_task *task)
173xprt_lock_write(struct rpc_xprt *xprt, struct rpc_task *task)
174{ 163{
175 int retval; 164 int retval;
176 165
177 spin_lock_bh(&xprt->sock_lock); 166 spin_lock_bh(&xprt->transport_lock);
178 retval = __xprt_lock_write(xprt, task); 167 retval = xprt->ops->reserve_xprt(task);
179 spin_unlock_bh(&xprt->sock_lock); 168 spin_unlock_bh(&xprt->transport_lock);
180 return retval; 169 return retval;
181} 170}
182 171
172static void __xprt_lock_write_next(struct rpc_xprt *xprt)
173{
174 struct rpc_task *task;
175 struct rpc_rqst *req;
183 176
184static void 177 if (test_and_set_bit(XPRT_LOCKED, &xprt->state))
185__xprt_lock_write_next(struct rpc_xprt *xprt) 178 return;
179
180 task = rpc_wake_up_next(&xprt->resend);
181 if (!task) {
182 task = rpc_wake_up_next(&xprt->sending);
183 if (!task)
184 goto out_unlock;
185 }
186
187 req = task->tk_rqstp;
188 xprt->snd_task = task;
189 if (req) {
190 req->rq_bytes_sent = 0;
191 req->rq_ntrans++;
192 }
193 return;
194
195out_unlock:
196 smp_mb__before_clear_bit();
197 clear_bit(XPRT_LOCKED, &xprt->state);
198 smp_mb__after_clear_bit();
199}
200
201static void __xprt_lock_write_next_cong(struct rpc_xprt *xprt)
186{ 202{
187 struct rpc_task *task; 203 struct rpc_task *task;
188 204
189 if (test_and_set_bit(XPRT_LOCKED, &xprt->sockstate)) 205 if (test_and_set_bit(XPRT_LOCKED, &xprt->state))
190 return; 206 return;
191 if (!xprt->nocong && RPCXPRT_CONGESTED(xprt)) 207 if (RPCXPRT_CONGESTED(xprt))
192 goto out_unlock; 208 goto out_unlock;
193 task = rpc_wake_up_next(&xprt->resend); 209 task = rpc_wake_up_next(&xprt->resend);
194 if (!task) { 210 if (!task) {
@@ -196,7 +212,7 @@ __xprt_lock_write_next(struct rpc_xprt *xprt)
196 if (!task) 212 if (!task)
197 goto out_unlock; 213 goto out_unlock;
198 } 214 }
199 if (xprt->nocong || __xprt_get_cong(xprt, task)) { 215 if (__xprt_get_cong(xprt, task)) {
200 struct rpc_rqst *req = task->tk_rqstp; 216 struct rpc_rqst *req = task->tk_rqstp;
201 xprt->snd_task = task; 217 xprt->snd_task = task;
202 if (req) { 218 if (req) {
@@ -207,87 +223,52 @@ __xprt_lock_write_next(struct rpc_xprt *xprt)
207 } 223 }
208out_unlock: 224out_unlock:
209 smp_mb__before_clear_bit(); 225 smp_mb__before_clear_bit();
210 clear_bit(XPRT_LOCKED, &xprt->sockstate); 226 clear_bit(XPRT_LOCKED, &xprt->state);
211 smp_mb__after_clear_bit(); 227 smp_mb__after_clear_bit();
212} 228}
213 229
214/* 230/**
215 * Releases the socket for use by other requests. 231 * xprt_release_xprt - allow other requests to use a transport
232 * @xprt: transport with other tasks potentially waiting
233 * @task: task that is releasing access to the transport
234 *
235 * Note that "task" can be NULL. No congestion control is provided.
216 */ 236 */
217static void 237void xprt_release_xprt(struct rpc_xprt *xprt, struct rpc_task *task)
218__xprt_release_write(struct rpc_xprt *xprt, struct rpc_task *task)
219{ 238{
220 if (xprt->snd_task == task) { 239 if (xprt->snd_task == task) {
221 xprt->snd_task = NULL; 240 xprt->snd_task = NULL;
222 smp_mb__before_clear_bit(); 241 smp_mb__before_clear_bit();
223 clear_bit(XPRT_LOCKED, &xprt->sockstate); 242 clear_bit(XPRT_LOCKED, &xprt->state);
224 smp_mb__after_clear_bit(); 243 smp_mb__after_clear_bit();
225 __xprt_lock_write_next(xprt); 244 __xprt_lock_write_next(xprt);
226 } 245 }
227} 246}
228 247
229static inline void 248/**
230xprt_release_write(struct rpc_xprt *xprt, struct rpc_task *task) 249 * xprt_release_xprt_cong - allow other requests to use a transport
231{ 250 * @xprt: transport with other tasks potentially waiting
232 spin_lock_bh(&xprt->sock_lock); 251 * @task: task that is releasing access to the transport
233 __xprt_release_write(xprt, task); 252 *
234 spin_unlock_bh(&xprt->sock_lock); 253 * Note that "task" can be NULL. Another task is awoken to use the
235} 254 * transport if the transport's congestion window allows it.
236
237/*
238 * Write data to socket.
239 */ 255 */
240static inline int 256void xprt_release_xprt_cong(struct rpc_xprt *xprt, struct rpc_task *task)
241xprt_sendmsg(struct rpc_xprt *xprt, struct rpc_rqst *req)
242{ 257{
243 struct socket *sock = xprt->sock; 258 if (xprt->snd_task == task) {
244 struct xdr_buf *xdr = &req->rq_snd_buf; 259 xprt->snd_task = NULL;
245 struct sockaddr *addr = NULL; 260 smp_mb__before_clear_bit();
246 int addrlen = 0; 261 clear_bit(XPRT_LOCKED, &xprt->state);
247 unsigned int skip; 262 smp_mb__after_clear_bit();
248 int result; 263 __xprt_lock_write_next_cong(xprt);
249
250 if (!sock)
251 return -ENOTCONN;
252
253 xprt_pktdump("packet data:",
254 req->rq_svec->iov_base,
255 req->rq_svec->iov_len);
256
257 /* For UDP, we need to provide an address */
258 if (!xprt->stream) {
259 addr = (struct sockaddr *) &xprt->addr;
260 addrlen = sizeof(xprt->addr);
261 } 264 }
262 /* Dont repeat bytes */ 265}
263 skip = req->rq_bytes_sent;
264
265 clear_bit(SOCK_ASYNC_NOSPACE, &sock->flags);
266 result = xdr_sendpages(sock, addr, addrlen, xdr, skip, MSG_DONTWAIT);
267
268 dprintk("RPC: xprt_sendmsg(%d) = %d\n", xdr->len - skip, result);
269
270 if (result >= 0)
271 return result;
272 266
273 switch (result) { 267static inline void xprt_release_write(struct rpc_xprt *xprt, struct rpc_task *task)
274 case -ECONNREFUSED: 268{
275 /* When the server has died, an ICMP port unreachable message 269 spin_lock_bh(&xprt->transport_lock);
276 * prompts ECONNREFUSED. 270 xprt->ops->release_xprt(xprt, task);
277 */ 271 spin_unlock_bh(&xprt->transport_lock);
278 case -EAGAIN:
279 break;
280 case -ECONNRESET:
281 case -ENOTCONN:
282 case -EPIPE:
283 /* connection broken */
284 if (xprt->stream)
285 result = -ENOTCONN;
286 break;
287 default:
288 printk(KERN_NOTICE "RPC: sendmsg returned error %d\n", -result);
289 }
290 return result;
291} 272}
292 273
293/* 274/*
@@ -321,26 +302,40 @@ __xprt_put_cong(struct rpc_xprt *xprt, struct rpc_rqst *req)
321 return; 302 return;
322 req->rq_cong = 0; 303 req->rq_cong = 0;
323 xprt->cong -= RPC_CWNDSCALE; 304 xprt->cong -= RPC_CWNDSCALE;
324 __xprt_lock_write_next(xprt); 305 __xprt_lock_write_next_cong(xprt);
325} 306}
326 307
327/* 308/**
328 * Adjust RPC congestion window 309 * xprt_release_rqst_cong - housekeeping when request is complete
310 * @task: RPC request that recently completed
311 *
312 * Useful for transports that require congestion control.
313 */
314void xprt_release_rqst_cong(struct rpc_task *task)
315{
316 __xprt_put_cong(task->tk_xprt, task->tk_rqstp);
317}
318
319/**
320 * xprt_adjust_cwnd - adjust transport congestion window
321 * @task: recently completed RPC request used to adjust window
322 * @result: result code of completed RPC request
323 *
329 * We use a time-smoothed congestion estimator to avoid heavy oscillation. 324 * We use a time-smoothed congestion estimator to avoid heavy oscillation.
330 */ 325 */
331static void 326void xprt_adjust_cwnd(struct rpc_task *task, int result)
332xprt_adjust_cwnd(struct rpc_xprt *xprt, int result)
333{ 327{
334 unsigned long cwnd; 328 struct rpc_rqst *req = task->tk_rqstp;
329 struct rpc_xprt *xprt = task->tk_xprt;
330 unsigned long cwnd = xprt->cwnd;
335 331
336 cwnd = xprt->cwnd;
337 if (result >= 0 && cwnd <= xprt->cong) { 332 if (result >= 0 && cwnd <= xprt->cong) {
338 /* The (cwnd >> 1) term makes sure 333 /* The (cwnd >> 1) term makes sure
339 * the result gets rounded properly. */ 334 * the result gets rounded properly. */
340 cwnd += (RPC_CWNDSCALE * RPC_CWNDSCALE + (cwnd >> 1)) / cwnd; 335 cwnd += (RPC_CWNDSCALE * RPC_CWNDSCALE + (cwnd >> 1)) / cwnd;
341 if (cwnd > RPC_MAXCWND(xprt)) 336 if (cwnd > RPC_MAXCWND(xprt))
342 cwnd = RPC_MAXCWND(xprt); 337 cwnd = RPC_MAXCWND(xprt);
343 __xprt_lock_write_next(xprt); 338 __xprt_lock_write_next_cong(xprt);
344 } else if (result == -ETIMEDOUT) { 339 } else if (result == -ETIMEDOUT) {
345 cwnd >>= 1; 340 cwnd >>= 1;
346 if (cwnd < RPC_CWNDSCALE) 341 if (cwnd < RPC_CWNDSCALE)
@@ -349,11 +344,89 @@ xprt_adjust_cwnd(struct rpc_xprt *xprt, int result)
349 dprintk("RPC: cong %ld, cwnd was %ld, now %ld\n", 344 dprintk("RPC: cong %ld, cwnd was %ld, now %ld\n",
350 xprt->cong, xprt->cwnd, cwnd); 345 xprt->cong, xprt->cwnd, cwnd);
351 xprt->cwnd = cwnd; 346 xprt->cwnd = cwnd;
347 __xprt_put_cong(xprt, req);
348}
349
350/**
351 * xprt_wake_pending_tasks - wake all tasks on a transport's pending queue
352 * @xprt: transport with waiting tasks
353 * @status: result code to plant in each task before waking it
354 *
355 */
356void xprt_wake_pending_tasks(struct rpc_xprt *xprt, int status)
357{
358 if (status < 0)
359 rpc_wake_up_status(&xprt->pending, status);
360 else
361 rpc_wake_up(&xprt->pending);
362}
363
364/**
365 * xprt_wait_for_buffer_space - wait for transport output buffer to clear
366 * @task: task to be put to sleep
367 *
368 */
369void xprt_wait_for_buffer_space(struct rpc_task *task)
370{
371 struct rpc_rqst *req = task->tk_rqstp;
372 struct rpc_xprt *xprt = req->rq_xprt;
373
374 task->tk_timeout = req->rq_timeout;
375 rpc_sleep_on(&xprt->pending, task, NULL, NULL);
376}
377
378/**
379 * xprt_write_space - wake the task waiting for transport output buffer space
380 * @xprt: transport with waiting tasks
381 *
382 * Can be called in a soft IRQ context, so xprt_write_space never sleeps.
383 */
384void xprt_write_space(struct rpc_xprt *xprt)
385{
386 if (unlikely(xprt->shutdown))
387 return;
388
389 spin_lock_bh(&xprt->transport_lock);
390 if (xprt->snd_task) {
391 dprintk("RPC: write space: waking waiting task on xprt %p\n",
392 xprt);
393 rpc_wake_up_task(xprt->snd_task);
394 }
395 spin_unlock_bh(&xprt->transport_lock);
396}
397
398/**
399 * xprt_set_retrans_timeout_def - set a request's retransmit timeout
400 * @task: task whose timeout is to be set
401 *
402 * Set a request's retransmit timeout based on the transport's
403 * default timeout parameters. Used by transports that don't adjust
404 * the retransmit timeout based on round-trip time estimation.
405 */
406void xprt_set_retrans_timeout_def(struct rpc_task *task)
407{
408 task->tk_timeout = task->tk_rqstp->rq_timeout;
352} 409}
353 410
354/* 411/*
355 * Reset the major timeout value 412 * xprt_set_retrans_timeout_rtt - set a request's retransmit timeout
413 * @task: task whose timeout is to be set
414 *
415 * Set a request's retransmit timeout using the RTT estimator.
356 */ 416 */
417void xprt_set_retrans_timeout_rtt(struct rpc_task *task)
418{
419 int timer = task->tk_msg.rpc_proc->p_timer;
420 struct rpc_rtt *rtt = task->tk_client->cl_rtt;
421 struct rpc_rqst *req = task->tk_rqstp;
422 unsigned long max_timeout = req->rq_xprt->timeout.to_maxval;
423
424 task->tk_timeout = rpc_calc_rto(rtt, timer);
425 task->tk_timeout <<= rpc_ntimeo(rtt, timer) + req->rq_retries;
426 if (task->tk_timeout > max_timeout || task->tk_timeout == 0)
427 task->tk_timeout = max_timeout;
428}
429
357static void xprt_reset_majortimeo(struct rpc_rqst *req) 430static void xprt_reset_majortimeo(struct rpc_rqst *req)
358{ 431{
359 struct rpc_timeout *to = &req->rq_xprt->timeout; 432 struct rpc_timeout *to = &req->rq_xprt->timeout;
@@ -368,8 +441,10 @@ static void xprt_reset_majortimeo(struct rpc_rqst *req)
368 req->rq_majortimeo += jiffies; 441 req->rq_majortimeo += jiffies;
369} 442}
370 443
371/* 444/**
372 * Adjust timeout values etc for next retransmit 445 * xprt_adjust_timeout - adjust timeout values for next retransmit
446 * @req: RPC request containing parameters to use for the adjustment
447 *
373 */ 448 */
374int xprt_adjust_timeout(struct rpc_rqst *req) 449int xprt_adjust_timeout(struct rpc_rqst *req)
375{ 450{
@@ -391,9 +466,9 @@ int xprt_adjust_timeout(struct rpc_rqst *req)
391 req->rq_retries = 0; 466 req->rq_retries = 0;
392 xprt_reset_majortimeo(req); 467 xprt_reset_majortimeo(req);
393 /* Reset the RTT counters == "slow start" */ 468 /* Reset the RTT counters == "slow start" */
394 spin_lock_bh(&xprt->sock_lock); 469 spin_lock_bh(&xprt->transport_lock);
395 rpc_init_rtt(req->rq_task->tk_client->cl_rtt, to->to_initval); 470 rpc_init_rtt(req->rq_task->tk_client->cl_rtt, to->to_initval);
396 spin_unlock_bh(&xprt->sock_lock); 471 spin_unlock_bh(&xprt->transport_lock);
397 pprintk("RPC: %lu timeout\n", jiffies); 472 pprintk("RPC: %lu timeout\n", jiffies);
398 status = -ETIMEDOUT; 473 status = -ETIMEDOUT;
399 } 474 }
@@ -405,133 +480,52 @@ int xprt_adjust_timeout(struct rpc_rqst *req)
405 return status; 480 return status;
406} 481}
407 482
408/* 483static void xprt_autoclose(void *args)
409 * Close down a transport socket
410 */
411static void
412xprt_close(struct rpc_xprt *xprt)
413{
414 struct socket *sock = xprt->sock;
415 struct sock *sk = xprt->inet;
416
417 if (!sk)
418 return;
419
420 write_lock_bh(&sk->sk_callback_lock);
421 xprt->inet = NULL;
422 xprt->sock = NULL;
423
424 sk->sk_user_data = NULL;
425 sk->sk_data_ready = xprt->old_data_ready;
426 sk->sk_state_change = xprt->old_state_change;
427 sk->sk_write_space = xprt->old_write_space;
428 write_unlock_bh(&sk->sk_callback_lock);
429
430 sk->sk_no_check = 0;
431
432 sock_release(sock);
433}
434
435static void
436xprt_socket_autoclose(void *args)
437{ 484{
438 struct rpc_xprt *xprt = (struct rpc_xprt *)args; 485 struct rpc_xprt *xprt = (struct rpc_xprt *)args;
439 486
440 xprt_disconnect(xprt); 487 xprt_disconnect(xprt);
441 xprt_close(xprt); 488 xprt->ops->close(xprt);
442 xprt_release_write(xprt, NULL); 489 xprt_release_write(xprt, NULL);
443} 490}
444 491
445/* 492/**
446 * Mark a transport as disconnected 493 * xprt_disconnect - mark a transport as disconnected
494 * @xprt: transport to flag for disconnect
495 *
447 */ 496 */
448static void 497void xprt_disconnect(struct rpc_xprt *xprt)
449xprt_disconnect(struct rpc_xprt *xprt)
450{ 498{
451 dprintk("RPC: disconnected transport %p\n", xprt); 499 dprintk("RPC: disconnected transport %p\n", xprt);
452 spin_lock_bh(&xprt->sock_lock); 500 spin_lock_bh(&xprt->transport_lock);
453 xprt_clear_connected(xprt); 501 xprt_clear_connected(xprt);
454 rpc_wake_up_status(&xprt->pending, -ENOTCONN); 502 xprt_wake_pending_tasks(xprt, -ENOTCONN);
455 spin_unlock_bh(&xprt->sock_lock); 503 spin_unlock_bh(&xprt->transport_lock);
456} 504}
457 505
458/*
459 * Used to allow disconnection when we've been idle
460 */
461static void 506static void
462xprt_init_autodisconnect(unsigned long data) 507xprt_init_autodisconnect(unsigned long data)
463{ 508{
464 struct rpc_xprt *xprt = (struct rpc_xprt *)data; 509 struct rpc_xprt *xprt = (struct rpc_xprt *)data;
465 510
466 spin_lock(&xprt->sock_lock); 511 spin_lock(&xprt->transport_lock);
467 if (!list_empty(&xprt->recv) || xprt->shutdown) 512 if (!list_empty(&xprt->recv) || xprt->shutdown)
468 goto out_abort; 513 goto out_abort;
469 if (test_and_set_bit(XPRT_LOCKED, &xprt->sockstate)) 514 if (test_and_set_bit(XPRT_LOCKED, &xprt->state))
470 goto out_abort; 515 goto out_abort;
471 spin_unlock(&xprt->sock_lock); 516 spin_unlock(&xprt->transport_lock);
472 /* Let keventd close the socket */ 517 if (xprt_connecting(xprt))
473 if (test_bit(XPRT_CONNECTING, &xprt->sockstate) != 0)
474 xprt_release_write(xprt, NULL); 518 xprt_release_write(xprt, NULL);
475 else 519 else
476 schedule_work(&xprt->task_cleanup); 520 schedule_work(&xprt->task_cleanup);
477 return; 521 return;
478out_abort: 522out_abort:
479 spin_unlock(&xprt->sock_lock); 523 spin_unlock(&xprt->transport_lock);
480}
481
482static void xprt_socket_connect(void *args)
483{
484 struct rpc_xprt *xprt = (struct rpc_xprt *)args;
485 struct socket *sock = xprt->sock;
486 int status = -EIO;
487
488 if (xprt->shutdown || xprt->addr.sin_port == 0)
489 goto out;
490
491 /*
492 * Start by resetting any existing state
493 */
494 xprt_close(xprt);
495 sock = xprt_create_socket(xprt, xprt->prot, xprt->resvport);
496 if (sock == NULL) {
497 /* couldn't create socket or bind to reserved port;
498 * this is likely a permanent error, so cause an abort */
499 goto out;
500 }
501 xprt_bind_socket(xprt, sock);
502 xprt_sock_setbufsize(xprt);
503
504 status = 0;
505 if (!xprt->stream)
506 goto out;
507
508 /*
509 * Tell the socket layer to start connecting...
510 */
511 status = sock->ops->connect(sock, (struct sockaddr *) &xprt->addr,
512 sizeof(xprt->addr), O_NONBLOCK);
513 dprintk("RPC: %p connect status %d connected %d sock state %d\n",
514 xprt, -status, xprt_connected(xprt), sock->sk->sk_state);
515 if (status < 0) {
516 switch (status) {
517 case -EINPROGRESS:
518 case -EALREADY:
519 goto out_clear;
520 }
521 }
522out:
523 if (status < 0)
524 rpc_wake_up_status(&xprt->pending, status);
525 else
526 rpc_wake_up(&xprt->pending);
527out_clear:
528 smp_mb__before_clear_bit();
529 clear_bit(XPRT_CONNECTING, &xprt->sockstate);
530 smp_mb__after_clear_bit();
531} 524}
532 525
533/* 526/**
534 * Attempt to connect a TCP socket. 527 * xprt_connect - schedule a transport connect operation
528 * @task: RPC task that is requesting the connect
535 * 529 *
536 */ 530 */
537void xprt_connect(struct rpc_task *task) 531void xprt_connect(struct rpc_task *task)
@@ -552,37 +546,19 @@ void xprt_connect(struct rpc_task *task)
552 if (!xprt_lock_write(xprt, task)) 546 if (!xprt_lock_write(xprt, task))
553 return; 547 return;
554 if (xprt_connected(xprt)) 548 if (xprt_connected(xprt))
555 goto out_write; 549 xprt_release_write(xprt, task);
550 else {
551 if (task->tk_rqstp)
552 task->tk_rqstp->rq_bytes_sent = 0;
556 553
557 if (task->tk_rqstp) 554 task->tk_timeout = xprt->connect_timeout;
558 task->tk_rqstp->rq_bytes_sent = 0; 555 rpc_sleep_on(&xprt->pending, task, xprt_connect_status, NULL);
559 556 xprt->ops->connect(task);
560 task->tk_timeout = RPC_CONNECT_TIMEOUT;
561 rpc_sleep_on(&xprt->pending, task, xprt_connect_status, NULL);
562 if (!test_and_set_bit(XPRT_CONNECTING, &xprt->sockstate)) {
563 /* Note: if we are here due to a dropped connection
564 * we delay reconnecting by RPC_REESTABLISH_TIMEOUT/HZ
565 * seconds
566 */
567 if (xprt->sock != NULL)
568 schedule_delayed_work(&xprt->sock_connect,
569 RPC_REESTABLISH_TIMEOUT);
570 else {
571 schedule_work(&xprt->sock_connect);
572 if (!RPC_IS_ASYNC(task))
573 flush_scheduled_work();
574 }
575 } 557 }
576 return; 558 return;
577 out_write:
578 xprt_release_write(xprt, task);
579} 559}
580 560
581/* 561static void xprt_connect_status(struct rpc_task *task)
582 * We arrive here when awoken from waiting on connection establishment.
583 */
584static void
585xprt_connect_status(struct rpc_task *task)
586{ 562{
587 struct rpc_xprt *xprt = task->tk_xprt; 563 struct rpc_xprt *xprt = task->tk_xprt;
588 564
@@ -592,31 +568,42 @@ xprt_connect_status(struct rpc_task *task)
592 return; 568 return;
593 } 569 }
594 570
595 /* if soft mounted, just cause this RPC to fail */
596 if (RPC_IS_SOFT(task))
597 task->tk_status = -EIO;
598
599 switch (task->tk_status) { 571 switch (task->tk_status) {
600 case -ECONNREFUSED: 572 case -ECONNREFUSED:
601 case -ECONNRESET: 573 case -ECONNRESET:
574 dprintk("RPC: %4d xprt_connect_status: server %s refused connection\n",
575 task->tk_pid, task->tk_client->cl_server);
576 break;
602 case -ENOTCONN: 577 case -ENOTCONN:
603 return; 578 dprintk("RPC: %4d xprt_connect_status: connection broken\n",
579 task->tk_pid);
580 break;
604 case -ETIMEDOUT: 581 case -ETIMEDOUT:
605 dprintk("RPC: %4d xprt_connect_status: timed out\n", 582 dprintk("RPC: %4d xprt_connect_status: connect attempt timed out\n",
606 task->tk_pid); 583 task->tk_pid);
607 break; 584 break;
608 default: 585 default:
609 printk(KERN_ERR "RPC: error %d connecting to server %s\n", 586 dprintk("RPC: %4d xprt_connect_status: error %d connecting to server %s\n",
610 -task->tk_status, task->tk_client->cl_server); 587 task->tk_pid, -task->tk_status, task->tk_client->cl_server);
588 xprt_release_write(xprt, task);
589 task->tk_status = -EIO;
590 return;
591 }
592
593 /* if soft mounted, just cause this RPC to fail */
594 if (RPC_IS_SOFT(task)) {
595 xprt_release_write(xprt, task);
596 task->tk_status = -EIO;
611 } 597 }
612 xprt_release_write(xprt, task);
613} 598}
614 599
615/* 600/**
616 * Look up the RPC request corresponding to a reply, and then lock it. 601 * xprt_lookup_rqst - find an RPC request corresponding to an XID
602 * @xprt: transport on which the original request was transmitted
603 * @xid: RPC XID of incoming reply
604 *
617 */ 605 */
618static inline struct rpc_rqst * 606struct rpc_rqst *xprt_lookup_rqst(struct rpc_xprt *xprt, u32 xid)
619xprt_lookup_rqst(struct rpc_xprt *xprt, u32 xid)
620{ 607{
621 struct list_head *pos; 608 struct list_head *pos;
622 struct rpc_rqst *req = NULL; 609 struct rpc_rqst *req = NULL;
@@ -631,556 +618,68 @@ xprt_lookup_rqst(struct rpc_xprt *xprt, u32 xid)
631 return req; 618 return req;
632} 619}
633 620
634/* 621/**
635 * Complete reply received. 622 * xprt_update_rtt - update an RPC client's RTT state after receiving a reply
636 * The TCP code relies on us to remove the request from xprt->pending. 623 * @task: RPC request that recently completed
637 */ 624 *
638static void
639xprt_complete_rqst(struct rpc_xprt *xprt, struct rpc_rqst *req, int copied)
640{
641 struct rpc_task *task = req->rq_task;
642 struct rpc_clnt *clnt = task->tk_client;
643
644 /* Adjust congestion window */
645 if (!xprt->nocong) {
646 unsigned timer = task->tk_msg.rpc_proc->p_timer;
647 xprt_adjust_cwnd(xprt, copied);
648 __xprt_put_cong(xprt, req);
649 if (timer) {
650 if (req->rq_ntrans == 1)
651 rpc_update_rtt(clnt->cl_rtt, timer,
652 (long)jiffies - req->rq_xtime);
653 rpc_set_timeo(clnt->cl_rtt, timer, req->rq_ntrans - 1);
654 }
655 }
656
657#ifdef RPC_PROFILE
658 /* Profile only reads for now */
659 if (copied > 1024) {
660 static unsigned long nextstat;
661 static unsigned long pkt_rtt, pkt_len, pkt_cnt;
662
663 pkt_cnt++;
664 pkt_len += req->rq_slen + copied;
665 pkt_rtt += jiffies - req->rq_xtime;
666 if (time_before(nextstat, jiffies)) {
667 printk("RPC: %lu %ld cwnd\n", jiffies, xprt->cwnd);
668 printk("RPC: %ld %ld %ld %ld stat\n",
669 jiffies, pkt_cnt, pkt_len, pkt_rtt);
670 pkt_rtt = pkt_len = pkt_cnt = 0;
671 nextstat = jiffies + 5 * HZ;
672 }
673 }
674#endif
675
676 dprintk("RPC: %4d has input (%d bytes)\n", task->tk_pid, copied);
677 list_del_init(&req->rq_list);
678 req->rq_received = req->rq_private_buf.len = copied;
679
680 /* ... and wake up the process. */
681 rpc_wake_up_task(task);
682 return;
683}
684
685static size_t
686skb_read_bits(skb_reader_t *desc, void *to, size_t len)
687{
688 if (len > desc->count)
689 len = desc->count;
690 if (skb_copy_bits(desc->skb, desc->offset, to, len))
691 return 0;
692 desc->count -= len;
693 desc->offset += len;
694 return len;
695}
696
697static size_t
698skb_read_and_csum_bits(skb_reader_t *desc, void *to, size_t len)
699{
700 unsigned int csum2, pos;
701
702 if (len > desc->count)
703 len = desc->count;
704 pos = desc->offset;
705 csum2 = skb_copy_and_csum_bits(desc->skb, pos, to, len, 0);
706 desc->csum = csum_block_add(desc->csum, csum2, pos);
707 desc->count -= len;
708 desc->offset += len;
709 return len;
710}
711
712/*
713 * We have set things up such that we perform the checksum of the UDP
714 * packet in parallel with the copies into the RPC client iovec. -DaveM
715 */
716int
717csum_partial_copy_to_xdr(struct xdr_buf *xdr, struct sk_buff *skb)
718{
719 skb_reader_t desc;
720
721 desc.skb = skb;
722 desc.offset = sizeof(struct udphdr);
723 desc.count = skb->len - desc.offset;
724
725 if (skb->ip_summed == CHECKSUM_UNNECESSARY)
726 goto no_checksum;
727
728 desc.csum = csum_partial(skb->data, desc.offset, skb->csum);
729 if (xdr_partial_copy_from_skb(xdr, 0, &desc, skb_read_and_csum_bits) < 0)
730 return -1;
731 if (desc.offset != skb->len) {
732 unsigned int csum2;
733 csum2 = skb_checksum(skb, desc.offset, skb->len - desc.offset, 0);
734 desc.csum = csum_block_add(desc.csum, csum2, desc.offset);
735 }
736 if (desc.count)
737 return -1;
738 if ((unsigned short)csum_fold(desc.csum))
739 return -1;
740 return 0;
741no_checksum:
742 if (xdr_partial_copy_from_skb(xdr, 0, &desc, skb_read_bits) < 0)
743 return -1;
744 if (desc.count)
745 return -1;
746 return 0;
747}
748
749/*
750 * Input handler for RPC replies. Called from a bottom half and hence
751 * atomic.
752 */
753static void
754udp_data_ready(struct sock *sk, int len)
755{
756 struct rpc_task *task;
757 struct rpc_xprt *xprt;
758 struct rpc_rqst *rovr;
759 struct sk_buff *skb;
760 int err, repsize, copied;
761 u32 _xid, *xp;
762
763 read_lock(&sk->sk_callback_lock);
764 dprintk("RPC: udp_data_ready...\n");
765 if (!(xprt = xprt_from_sock(sk))) {
766 printk("RPC: udp_data_ready request not found!\n");
767 goto out;
768 }
769
770 dprintk("RPC: udp_data_ready client %p\n", xprt);
771
772 if ((skb = skb_recv_datagram(sk, 0, 1, &err)) == NULL)
773 goto out;
774
775 if (xprt->shutdown)
776 goto dropit;
777
778 repsize = skb->len - sizeof(struct udphdr);
779 if (repsize < 4) {
780 printk("RPC: impossible RPC reply size %d!\n", repsize);
781 goto dropit;
782 }
783
784 /* Copy the XID from the skb... */
785 xp = skb_header_pointer(skb, sizeof(struct udphdr),
786 sizeof(_xid), &_xid);
787 if (xp == NULL)
788 goto dropit;
789
790 /* Look up and lock the request corresponding to the given XID */
791 spin_lock(&xprt->sock_lock);
792 rovr = xprt_lookup_rqst(xprt, *xp);
793 if (!rovr)
794 goto out_unlock;
795 task = rovr->rq_task;
796
797 dprintk("RPC: %4d received reply\n", task->tk_pid);
798
799 if ((copied = rovr->rq_private_buf.buflen) > repsize)
800 copied = repsize;
801
802 /* Suck it into the iovec, verify checksum if not done by hw. */
803 if (csum_partial_copy_to_xdr(&rovr->rq_private_buf, skb))
804 goto out_unlock;
805
806 /* Something worked... */
807 dst_confirm(skb->dst);
808
809 xprt_complete_rqst(xprt, rovr, copied);
810
811 out_unlock:
812 spin_unlock(&xprt->sock_lock);
813 dropit:
814 skb_free_datagram(sk, skb);
815 out:
816 read_unlock(&sk->sk_callback_lock);
817}
818
819/*
820 * Copy from an skb into memory and shrink the skb.
821 */
822static inline size_t
823tcp_copy_data(skb_reader_t *desc, void *p, size_t len)
824{
825 if (len > desc->count)
826 len = desc->count;
827 if (skb_copy_bits(desc->skb, desc->offset, p, len)) {
828 dprintk("RPC: failed to copy %zu bytes from skb. %zu bytes remain\n",
829 len, desc->count);
830 return 0;
831 }
832 desc->offset += len;
833 desc->count -= len;
834 dprintk("RPC: copied %zu bytes from skb. %zu bytes remain\n",
835 len, desc->count);
836 return len;
837}
838
839/*
840 * TCP read fragment marker
841 */
842static inline void
843tcp_read_fraghdr(struct rpc_xprt *xprt, skb_reader_t *desc)
844{
845 size_t len, used;
846 char *p;
847
848 p = ((char *) &xprt->tcp_recm) + xprt->tcp_offset;
849 len = sizeof(xprt->tcp_recm) - xprt->tcp_offset;
850 used = tcp_copy_data(desc, p, len);
851 xprt->tcp_offset += used;
852 if (used != len)
853 return;
854 xprt->tcp_reclen = ntohl(xprt->tcp_recm);
855 if (xprt->tcp_reclen & 0x80000000)
856 xprt->tcp_flags |= XPRT_LAST_FRAG;
857 else
858 xprt->tcp_flags &= ~XPRT_LAST_FRAG;
859 xprt->tcp_reclen &= 0x7fffffff;
860 xprt->tcp_flags &= ~XPRT_COPY_RECM;
861 xprt->tcp_offset = 0;
862 /* Sanity check of the record length */
863 if (xprt->tcp_reclen < 4) {
864 printk(KERN_ERR "RPC: Invalid TCP record fragment length\n");
865 xprt_disconnect(xprt);
866 }
867 dprintk("RPC: reading TCP record fragment of length %d\n",
868 xprt->tcp_reclen);
869}
870
871static void
872tcp_check_recm(struct rpc_xprt *xprt)
873{
874 dprintk("RPC: xprt = %p, tcp_copied = %lu, tcp_offset = %u, tcp_reclen = %u, tcp_flags = %lx\n",
875 xprt, xprt->tcp_copied, xprt->tcp_offset, xprt->tcp_reclen, xprt->tcp_flags);
876 if (xprt->tcp_offset == xprt->tcp_reclen) {
877 xprt->tcp_flags |= XPRT_COPY_RECM;
878 xprt->tcp_offset = 0;
879 if (xprt->tcp_flags & XPRT_LAST_FRAG) {
880 xprt->tcp_flags &= ~XPRT_COPY_DATA;
881 xprt->tcp_flags |= XPRT_COPY_XID;
882 xprt->tcp_copied = 0;
883 }
884 }
885}
886
887/*
888 * TCP read xid
889 */
890static inline void
891tcp_read_xid(struct rpc_xprt *xprt, skb_reader_t *desc)
892{
893 size_t len, used;
894 char *p;
895
896 len = sizeof(xprt->tcp_xid) - xprt->tcp_offset;
897 dprintk("RPC: reading XID (%Zu bytes)\n", len);
898 p = ((char *) &xprt->tcp_xid) + xprt->tcp_offset;
899 used = tcp_copy_data(desc, p, len);
900 xprt->tcp_offset += used;
901 if (used != len)
902 return;
903 xprt->tcp_flags &= ~XPRT_COPY_XID;
904 xprt->tcp_flags |= XPRT_COPY_DATA;
905 xprt->tcp_copied = 4;
906 dprintk("RPC: reading reply for XID %08x\n",
907 ntohl(xprt->tcp_xid));
908 tcp_check_recm(xprt);
909}
910
911/*
912 * TCP read and complete request
913 */
914static inline void
915tcp_read_request(struct rpc_xprt *xprt, skb_reader_t *desc)
916{
917 struct rpc_rqst *req;
918 struct xdr_buf *rcvbuf;
919 size_t len;
920 ssize_t r;
921
922 /* Find and lock the request corresponding to this xid */
923 spin_lock(&xprt->sock_lock);
924 req = xprt_lookup_rqst(xprt, xprt->tcp_xid);
925 if (!req) {
926 xprt->tcp_flags &= ~XPRT_COPY_DATA;
927 dprintk("RPC: XID %08x request not found!\n",
928 ntohl(xprt->tcp_xid));
929 spin_unlock(&xprt->sock_lock);
930 return;
931 }
932
933 rcvbuf = &req->rq_private_buf;
934 len = desc->count;
935 if (len > xprt->tcp_reclen - xprt->tcp_offset) {
936 skb_reader_t my_desc;
937
938 len = xprt->tcp_reclen - xprt->tcp_offset;
939 memcpy(&my_desc, desc, sizeof(my_desc));
940 my_desc.count = len;
941 r = xdr_partial_copy_from_skb(rcvbuf, xprt->tcp_copied,
942 &my_desc, tcp_copy_data);
943 desc->count -= r;
944 desc->offset += r;
945 } else
946 r = xdr_partial_copy_from_skb(rcvbuf, xprt->tcp_copied,
947 desc, tcp_copy_data);
948
949 if (r > 0) {
950 xprt->tcp_copied += r;
951 xprt->tcp_offset += r;
952 }
953 if (r != len) {
954 /* Error when copying to the receive buffer,
955 * usually because we weren't able to allocate
956 * additional buffer pages. All we can do now
957 * is turn off XPRT_COPY_DATA, so the request
958 * will not receive any additional updates,
959 * and time out.
960 * Any remaining data from this record will
961 * be discarded.
962 */
963 xprt->tcp_flags &= ~XPRT_COPY_DATA;
964 dprintk("RPC: XID %08x truncated request\n",
965 ntohl(xprt->tcp_xid));
966 dprintk("RPC: xprt = %p, tcp_copied = %lu, tcp_offset = %u, tcp_reclen = %u\n",
967 xprt, xprt->tcp_copied, xprt->tcp_offset, xprt->tcp_reclen);
968 goto out;
969 }
970
971 dprintk("RPC: XID %08x read %Zd bytes\n",
972 ntohl(xprt->tcp_xid), r);
973 dprintk("RPC: xprt = %p, tcp_copied = %lu, tcp_offset = %u, tcp_reclen = %u\n",
974 xprt, xprt->tcp_copied, xprt->tcp_offset, xprt->tcp_reclen);
975
976 if (xprt->tcp_copied == req->rq_private_buf.buflen)
977 xprt->tcp_flags &= ~XPRT_COPY_DATA;
978 else if (xprt->tcp_offset == xprt->tcp_reclen) {
979 if (xprt->tcp_flags & XPRT_LAST_FRAG)
980 xprt->tcp_flags &= ~XPRT_COPY_DATA;
981 }
982
983out:
984 if (!(xprt->tcp_flags & XPRT_COPY_DATA)) {
985 dprintk("RPC: %4d received reply complete\n",
986 req->rq_task->tk_pid);
987 xprt_complete_rqst(xprt, req, xprt->tcp_copied);
988 }
989 spin_unlock(&xprt->sock_lock);
990 tcp_check_recm(xprt);
991}
992
993/*
994 * TCP discard extra bytes from a short read
995 */
996static inline void
997tcp_read_discard(struct rpc_xprt *xprt, skb_reader_t *desc)
998{
999 size_t len;
1000
1001 len = xprt->tcp_reclen - xprt->tcp_offset;
1002 if (len > desc->count)
1003 len = desc->count;
1004 desc->count -= len;
1005 desc->offset += len;
1006 xprt->tcp_offset += len;
1007 dprintk("RPC: discarded %Zu bytes\n", len);
1008 tcp_check_recm(xprt);
1009}
1010
1011/*
1012 * TCP record receive routine
1013 * We first have to grab the record marker, then the XID, then the data.
1014 */ 625 */
1015static int 626void xprt_update_rtt(struct rpc_task *task)
1016tcp_data_recv(read_descriptor_t *rd_desc, struct sk_buff *skb,
1017 unsigned int offset, size_t len)
1018{
1019 struct rpc_xprt *xprt = rd_desc->arg.data;
1020 skb_reader_t desc = {
1021 .skb = skb,
1022 .offset = offset,
1023 .count = len,
1024 .csum = 0
1025 };
1026
1027 dprintk("RPC: tcp_data_recv\n");
1028 do {
1029 /* Read in a new fragment marker if necessary */
1030 /* Can we ever really expect to get completely empty fragments? */
1031 if (xprt->tcp_flags & XPRT_COPY_RECM) {
1032 tcp_read_fraghdr(xprt, &desc);
1033 continue;
1034 }
1035 /* Read in the xid if necessary */
1036 if (xprt->tcp_flags & XPRT_COPY_XID) {
1037 tcp_read_xid(xprt, &desc);
1038 continue;
1039 }
1040 /* Read in the request data */
1041 if (xprt->tcp_flags & XPRT_COPY_DATA) {
1042 tcp_read_request(xprt, &desc);
1043 continue;
1044 }
1045 /* Skip over any trailing bytes on short reads */
1046 tcp_read_discard(xprt, &desc);
1047 } while (desc.count);
1048 dprintk("RPC: tcp_data_recv done\n");
1049 return len - desc.count;
1050}
1051
1052static void tcp_data_ready(struct sock *sk, int bytes)
1053{ 627{
1054 struct rpc_xprt *xprt; 628 struct rpc_rqst *req = task->tk_rqstp;
1055 read_descriptor_t rd_desc; 629 struct rpc_rtt *rtt = task->tk_client->cl_rtt;
1056 630 unsigned timer = task->tk_msg.rpc_proc->p_timer;
1057 read_lock(&sk->sk_callback_lock);
1058 dprintk("RPC: tcp_data_ready...\n");
1059 if (!(xprt = xprt_from_sock(sk))) {
1060 printk("RPC: tcp_data_ready socket info not found!\n");
1061 goto out;
1062 }
1063 if (xprt->shutdown)
1064 goto out;
1065
1066 /* We use rd_desc to pass struct xprt to tcp_data_recv */
1067 rd_desc.arg.data = xprt;
1068 rd_desc.count = 65536;
1069 tcp_read_sock(sk, &rd_desc, tcp_data_recv);
1070out:
1071 read_unlock(&sk->sk_callback_lock);
1072}
1073
1074static void
1075tcp_state_change(struct sock *sk)
1076{
1077 struct rpc_xprt *xprt;
1078 631
1079 read_lock(&sk->sk_callback_lock); 632 if (timer) {
1080 if (!(xprt = xprt_from_sock(sk))) 633 if (req->rq_ntrans == 1)
1081 goto out; 634 rpc_update_rtt(rtt, timer,
1082 dprintk("RPC: tcp_state_change client %p...\n", xprt); 635 (long)jiffies - req->rq_xtime);
1083 dprintk("RPC: state %x conn %d dead %d zapped %d\n", 636 rpc_set_timeo(rtt, timer, req->rq_ntrans - 1);
1084 sk->sk_state, xprt_connected(xprt),
1085 sock_flag(sk, SOCK_DEAD),
1086 sock_flag(sk, SOCK_ZAPPED));
1087
1088 switch (sk->sk_state) {
1089 case TCP_ESTABLISHED:
1090 spin_lock_bh(&xprt->sock_lock);
1091 if (!xprt_test_and_set_connected(xprt)) {
1092 /* Reset TCP record info */
1093 xprt->tcp_offset = 0;
1094 xprt->tcp_reclen = 0;
1095 xprt->tcp_copied = 0;
1096 xprt->tcp_flags = XPRT_COPY_RECM | XPRT_COPY_XID;
1097 rpc_wake_up(&xprt->pending);
1098 }
1099 spin_unlock_bh(&xprt->sock_lock);
1100 break;
1101 case TCP_SYN_SENT:
1102 case TCP_SYN_RECV:
1103 break;
1104 default:
1105 xprt_disconnect(xprt);
1106 break;
1107 } 637 }
1108 out:
1109 read_unlock(&sk->sk_callback_lock);
1110} 638}
1111 639
1112/* 640/**
1113 * Called when more output buffer space is available for this socket. 641 * xprt_complete_rqst - called when reply processing is complete
1114 * We try not to wake our writers until they can make "significant" 642 * @task: RPC request that recently completed
1115 * progress, otherwise we'll waste resources thrashing sock_sendmsg 643 * @copied: actual number of bytes received from the transport
1116 * with a bunch of small requests. 644 *
645 * Caller holds transport lock.
1117 */ 646 */
1118static void 647void xprt_complete_rqst(struct rpc_task *task, int copied)
1119xprt_write_space(struct sock *sk)
1120{ 648{
1121 struct rpc_xprt *xprt; 649 struct rpc_rqst *req = task->tk_rqstp;
1122 struct socket *sock;
1123
1124 read_lock(&sk->sk_callback_lock);
1125 if (!(xprt = xprt_from_sock(sk)) || !(sock = sk->sk_socket))
1126 goto out;
1127 if (xprt->shutdown)
1128 goto out;
1129
1130 /* Wait until we have enough socket memory */
1131 if (xprt->stream) {
1132 /* from net/core/stream.c:sk_stream_write_space */
1133 if (sk_stream_wspace(sk) < sk_stream_min_wspace(sk))
1134 goto out;
1135 } else {
1136 /* from net/core/sock.c:sock_def_write_space */
1137 if (!sock_writeable(sk))
1138 goto out;
1139 }
1140 650
1141 if (!test_and_clear_bit(SOCK_NOSPACE, &sock->flags)) 651 dprintk("RPC: %5u xid %08x complete (%d bytes received)\n",
1142 goto out; 652 task->tk_pid, ntohl(req->rq_xid), copied);
1143 653
1144 spin_lock_bh(&xprt->sock_lock); 654 list_del_init(&req->rq_list);
1145 if (xprt->snd_task) 655 req->rq_received = req->rq_private_buf.len = copied;
1146 rpc_wake_up_task(xprt->snd_task); 656 rpc_wake_up_task(task);
1147 spin_unlock_bh(&xprt->sock_lock);
1148out:
1149 read_unlock(&sk->sk_callback_lock);
1150} 657}
1151 658
1152/* 659static void xprt_timer(struct rpc_task *task)
1153 * RPC receive timeout handler.
1154 */
1155static void
1156xprt_timer(struct rpc_task *task)
1157{ 660{
1158 struct rpc_rqst *req = task->tk_rqstp; 661 struct rpc_rqst *req = task->tk_rqstp;
1159 struct rpc_xprt *xprt = req->rq_xprt; 662 struct rpc_xprt *xprt = req->rq_xprt;
1160 663
1161 spin_lock(&xprt->sock_lock); 664 dprintk("RPC: %4d xprt_timer\n", task->tk_pid);
1162 if (req->rq_received)
1163 goto out;
1164
1165 xprt_adjust_cwnd(req->rq_xprt, -ETIMEDOUT);
1166 __xprt_put_cong(xprt, req);
1167 665
1168 dprintk("RPC: %4d xprt_timer (%s request)\n", 666 spin_lock(&xprt->transport_lock);
1169 task->tk_pid, req ? "pending" : "backlogged"); 667 if (!req->rq_received) {
1170 668 if (xprt->ops->timer)
1171 task->tk_status = -ETIMEDOUT; 669 xprt->ops->timer(task);
1172out: 670 task->tk_status = -ETIMEDOUT;
671 }
1173 task->tk_timeout = 0; 672 task->tk_timeout = 0;
1174 rpc_wake_up_task(task); 673 rpc_wake_up_task(task);
1175 spin_unlock(&xprt->sock_lock); 674 spin_unlock(&xprt->transport_lock);
1176} 675}
1177 676
1178/* 677/**
1179 * Place the actual RPC call. 678 * xprt_prepare_transmit - reserve the transport before sending a request
1180 * We have to copy the iovec because sendmsg fiddles with its contents. 679 * @task: RPC task about to send a request
680 *
1181 */ 681 */
1182int 682int xprt_prepare_transmit(struct rpc_task *task)
1183xprt_prepare_transmit(struct rpc_task *task)
1184{ 683{
1185 struct rpc_rqst *req = task->tk_rqstp; 684 struct rpc_rqst *req = task->tk_rqstp;
1186 struct rpc_xprt *xprt = req->rq_xprt; 685 struct rpc_xprt *xprt = req->rq_xprt;
@@ -1191,12 +690,12 @@ xprt_prepare_transmit(struct rpc_task *task)
1191 if (xprt->shutdown) 690 if (xprt->shutdown)
1192 return -EIO; 691 return -EIO;
1193 692
1194 spin_lock_bh(&xprt->sock_lock); 693 spin_lock_bh(&xprt->transport_lock);
1195 if (req->rq_received && !req->rq_bytes_sent) { 694 if (req->rq_received && !req->rq_bytes_sent) {
1196 err = req->rq_received; 695 err = req->rq_received;
1197 goto out_unlock; 696 goto out_unlock;
1198 } 697 }
1199 if (!__xprt_lock_write(xprt, task)) { 698 if (!xprt->ops->reserve_xprt(task)) {
1200 err = -EAGAIN; 699 err = -EAGAIN;
1201 goto out_unlock; 700 goto out_unlock;
1202 } 701 }
@@ -1206,39 +705,42 @@ xprt_prepare_transmit(struct rpc_task *task)
1206 goto out_unlock; 705 goto out_unlock;
1207 } 706 }
1208out_unlock: 707out_unlock:
1209 spin_unlock_bh(&xprt->sock_lock); 708 spin_unlock_bh(&xprt->transport_lock);
1210 return err; 709 return err;
1211} 710}
1212 711
1213void 712void
1214xprt_transmit(struct rpc_task *task) 713xprt_abort_transmit(struct rpc_task *task)
714{
715 struct rpc_xprt *xprt = task->tk_xprt;
716
717 xprt_release_write(xprt, task);
718}
719
720/**
721 * xprt_transmit - send an RPC request on a transport
722 * @task: controlling RPC task
723 *
724 * We have to copy the iovec because sendmsg fiddles with its contents.
725 */
726void xprt_transmit(struct rpc_task *task)
1215{ 727{
1216 struct rpc_clnt *clnt = task->tk_client;
1217 struct rpc_rqst *req = task->tk_rqstp; 728 struct rpc_rqst *req = task->tk_rqstp;
1218 struct rpc_xprt *xprt = req->rq_xprt; 729 struct rpc_xprt *xprt = req->rq_xprt;
1219 int status, retry = 0; 730 int status;
1220
1221 731
1222 dprintk("RPC: %4d xprt_transmit(%u)\n", task->tk_pid, req->rq_slen); 732 dprintk("RPC: %4d xprt_transmit(%u)\n", task->tk_pid, req->rq_slen);
1223 733
1224 /* set up everything as needed. */
1225 /* Write the record marker */
1226 if (xprt->stream) {
1227 u32 *marker = req->rq_svec[0].iov_base;
1228
1229 *marker = htonl(0x80000000|(req->rq_slen-sizeof(*marker)));
1230 }
1231
1232 smp_rmb(); 734 smp_rmb();
1233 if (!req->rq_received) { 735 if (!req->rq_received) {
1234 if (list_empty(&req->rq_list)) { 736 if (list_empty(&req->rq_list)) {
1235 spin_lock_bh(&xprt->sock_lock); 737 spin_lock_bh(&xprt->transport_lock);
1236 /* Update the softirq receive buffer */ 738 /* Update the softirq receive buffer */
1237 memcpy(&req->rq_private_buf, &req->rq_rcv_buf, 739 memcpy(&req->rq_private_buf, &req->rq_rcv_buf,
1238 sizeof(req->rq_private_buf)); 740 sizeof(req->rq_private_buf));
1239 /* Add request to the receive list */ 741 /* Add request to the receive list */
1240 list_add_tail(&req->rq_list, &xprt->recv); 742 list_add_tail(&req->rq_list, &xprt->recv);
1241 spin_unlock_bh(&xprt->sock_lock); 743 spin_unlock_bh(&xprt->transport_lock);
1242 xprt_reset_majortimeo(req); 744 xprt_reset_majortimeo(req);
1243 /* Turn off autodisconnect */ 745 /* Turn off autodisconnect */
1244 del_singleshot_timer_sync(&xprt->timer); 746 del_singleshot_timer_sync(&xprt->timer);
@@ -1246,40 +748,19 @@ xprt_transmit(struct rpc_task *task)
1246 } else if (!req->rq_bytes_sent) 748 } else if (!req->rq_bytes_sent)
1247 return; 749 return;
1248 750
1249 /* Continue transmitting the packet/record. We must be careful 751 status = xprt->ops->send_request(task);
1250 * to cope with writespace callbacks arriving _after_ we have 752 if (status == 0) {
1251 * called xprt_sendmsg(). 753 dprintk("RPC: %4d xmit complete\n", task->tk_pid);
1252 */ 754 spin_lock_bh(&xprt->transport_lock);
1253 while (1) { 755 xprt->ops->set_retrans_timeout(task);
1254 req->rq_xtime = jiffies; 756 /* Don't race with disconnect */
1255 status = xprt_sendmsg(xprt, req); 757 if (!xprt_connected(xprt))
1256 758 task->tk_status = -ENOTCONN;
1257 if (status < 0) 759 else if (!req->rq_received)
1258 break; 760 rpc_sleep_on(&xprt->pending, task, NULL, xprt_timer);
1259 761 xprt->ops->release_xprt(xprt, task);
1260 if (xprt->stream) { 762 spin_unlock_bh(&xprt->transport_lock);
1261 req->rq_bytes_sent += status; 763 return;
1262
1263 /* If we've sent the entire packet, immediately
1264 * reset the count of bytes sent. */
1265 if (req->rq_bytes_sent >= req->rq_slen) {
1266 req->rq_bytes_sent = 0;
1267 goto out_receive;
1268 }
1269 } else {
1270 if (status >= req->rq_slen)
1271 goto out_receive;
1272 status = -EAGAIN;
1273 break;
1274 }
1275
1276 dprintk("RPC: %4d xmit incomplete (%d left of %d)\n",
1277 task->tk_pid, req->rq_slen - req->rq_bytes_sent,
1278 req->rq_slen);
1279
1280 status = -EAGAIN;
1281 if (retry++ > 50)
1282 break;
1283 } 764 }
1284 765
1285 /* Note: at this point, task->tk_sleeping has not yet been set, 766 /* Note: at this point, task->tk_sleeping has not yet been set,
@@ -1289,60 +770,19 @@ xprt_transmit(struct rpc_task *task)
1289 task->tk_status = status; 770 task->tk_status = status;
1290 771
1291 switch (status) { 772 switch (status) {
1292 case -EAGAIN:
1293 if (test_bit(SOCK_ASYNC_NOSPACE, &xprt->sock->flags)) {
1294 /* Protect against races with xprt_write_space */
1295 spin_lock_bh(&xprt->sock_lock);
1296 /* Don't race with disconnect */
1297 if (!xprt_connected(xprt))
1298 task->tk_status = -ENOTCONN;
1299 else if (test_bit(SOCK_NOSPACE, &xprt->sock->flags)) {
1300 task->tk_timeout = req->rq_timeout;
1301 rpc_sleep_on(&xprt->pending, task, NULL, NULL);
1302 }
1303 spin_unlock_bh(&xprt->sock_lock);
1304 return;
1305 }
1306 /* Keep holding the socket if it is blocked */
1307 rpc_delay(task, HZ>>4);
1308 return;
1309 case -ECONNREFUSED: 773 case -ECONNREFUSED:
1310 task->tk_timeout = RPC_REESTABLISH_TIMEOUT;
1311 rpc_sleep_on(&xprt->sending, task, NULL, NULL); 774 rpc_sleep_on(&xprt->sending, task, NULL, NULL);
775 case -EAGAIN:
1312 case -ENOTCONN: 776 case -ENOTCONN:
1313 return; 777 return;
1314 default: 778 default:
1315 if (xprt->stream) 779 break;
1316 xprt_disconnect(xprt);
1317 } 780 }
1318 xprt_release_write(xprt, task); 781 xprt_release_write(xprt, task);
1319 return; 782 return;
1320 out_receive:
1321 dprintk("RPC: %4d xmit complete\n", task->tk_pid);
1322 /* Set the task's receive timeout value */
1323 spin_lock_bh(&xprt->sock_lock);
1324 if (!xprt->nocong) {
1325 int timer = task->tk_msg.rpc_proc->p_timer;
1326 task->tk_timeout = rpc_calc_rto(clnt->cl_rtt, timer);
1327 task->tk_timeout <<= rpc_ntimeo(clnt->cl_rtt, timer) + req->rq_retries;
1328 if (task->tk_timeout > xprt->timeout.to_maxval || task->tk_timeout == 0)
1329 task->tk_timeout = xprt->timeout.to_maxval;
1330 } else
1331 task->tk_timeout = req->rq_timeout;
1332 /* Don't race with disconnect */
1333 if (!xprt_connected(xprt))
1334 task->tk_status = -ENOTCONN;
1335 else if (!req->rq_received)
1336 rpc_sleep_on(&xprt->pending, task, NULL, xprt_timer);
1337 __xprt_release_write(xprt, task);
1338 spin_unlock_bh(&xprt->sock_lock);
1339} 783}
1340 784
1341/* 785static inline void do_xprt_reserve(struct rpc_task *task)
1342 * Reserve an RPC call slot.
1343 */
1344static inline void
1345do_xprt_reserve(struct rpc_task *task)
1346{ 786{
1347 struct rpc_xprt *xprt = task->tk_xprt; 787 struct rpc_xprt *xprt = task->tk_xprt;
1348 788
@@ -1362,22 +802,25 @@ do_xprt_reserve(struct rpc_task *task)
1362 rpc_sleep_on(&xprt->backlog, task, NULL, NULL); 802 rpc_sleep_on(&xprt->backlog, task, NULL, NULL);
1363} 803}
1364 804
1365void 805/**
1366xprt_reserve(struct rpc_task *task) 806 * xprt_reserve - allocate an RPC request slot
807 * @task: RPC task requesting a slot allocation
808 *
809 * If no more slots are available, place the task on the transport's
810 * backlog queue.
811 */
812void xprt_reserve(struct rpc_task *task)
1367{ 813{
1368 struct rpc_xprt *xprt = task->tk_xprt; 814 struct rpc_xprt *xprt = task->tk_xprt;
1369 815
1370 task->tk_status = -EIO; 816 task->tk_status = -EIO;
1371 if (!xprt->shutdown) { 817 if (!xprt->shutdown) {
1372 spin_lock(&xprt->xprt_lock); 818 spin_lock(&xprt->reserve_lock);
1373 do_xprt_reserve(task); 819 do_xprt_reserve(task);
1374 spin_unlock(&xprt->xprt_lock); 820 spin_unlock(&xprt->reserve_lock);
1375 } 821 }
1376} 822}
1377 823
1378/*
1379 * Allocate a 'unique' XID
1380 */
1381static inline u32 xprt_alloc_xid(struct rpc_xprt *xprt) 824static inline u32 xprt_alloc_xid(struct rpc_xprt *xprt)
1382{ 825{
1383 return xprt->xid++; 826 return xprt->xid++;
@@ -1388,11 +831,7 @@ static inline void xprt_init_xid(struct rpc_xprt *xprt)
1388 get_random_bytes(&xprt->xid, sizeof(xprt->xid)); 831 get_random_bytes(&xprt->xid, sizeof(xprt->xid));
1389} 832}
1390 833
1391/* 834static void xprt_request_init(struct rpc_task *task, struct rpc_xprt *xprt)
1392 * Initialize RPC request
1393 */
1394static void
1395xprt_request_init(struct rpc_task *task, struct rpc_xprt *xprt)
1396{ 835{
1397 struct rpc_rqst *req = task->tk_rqstp; 836 struct rpc_rqst *req = task->tk_rqstp;
1398 837
@@ -1400,128 +839,104 @@ xprt_request_init(struct rpc_task *task, struct rpc_xprt *xprt)
1400 req->rq_task = task; 839 req->rq_task = task;
1401 req->rq_xprt = xprt; 840 req->rq_xprt = xprt;
1402 req->rq_xid = xprt_alloc_xid(xprt); 841 req->rq_xid = xprt_alloc_xid(xprt);
842 req->rq_release_snd_buf = NULL;
1403 dprintk("RPC: %4d reserved req %p xid %08x\n", task->tk_pid, 843 dprintk("RPC: %4d reserved req %p xid %08x\n", task->tk_pid,
1404 req, ntohl(req->rq_xid)); 844 req, ntohl(req->rq_xid));
1405} 845}
1406 846
1407/* 847/**
1408 * Release an RPC call slot 848 * xprt_release - release an RPC request slot
849 * @task: task which is finished with the slot
850 *
1409 */ 851 */
1410void 852void xprt_release(struct rpc_task *task)
1411xprt_release(struct rpc_task *task)
1412{ 853{
1413 struct rpc_xprt *xprt = task->tk_xprt; 854 struct rpc_xprt *xprt = task->tk_xprt;
1414 struct rpc_rqst *req; 855 struct rpc_rqst *req;
1415 856
1416 if (!(req = task->tk_rqstp)) 857 if (!(req = task->tk_rqstp))
1417 return; 858 return;
1418 spin_lock_bh(&xprt->sock_lock); 859 spin_lock_bh(&xprt->transport_lock);
1419 __xprt_release_write(xprt, task); 860 xprt->ops->release_xprt(xprt, task);
1420 __xprt_put_cong(xprt, req); 861 if (xprt->ops->release_request)
862 xprt->ops->release_request(task);
1421 if (!list_empty(&req->rq_list)) 863 if (!list_empty(&req->rq_list))
1422 list_del(&req->rq_list); 864 list_del(&req->rq_list);
1423 xprt->last_used = jiffies; 865 xprt->last_used = jiffies;
1424 if (list_empty(&xprt->recv) && !xprt->shutdown) 866 if (list_empty(&xprt->recv) && !xprt->shutdown)
1425 mod_timer(&xprt->timer, xprt->last_used + XPRT_IDLE_TIMEOUT); 867 mod_timer(&xprt->timer,
1426 spin_unlock_bh(&xprt->sock_lock); 868 xprt->last_used + xprt->idle_timeout);
869 spin_unlock_bh(&xprt->transport_lock);
1427 task->tk_rqstp = NULL; 870 task->tk_rqstp = NULL;
871 if (req->rq_release_snd_buf)
872 req->rq_release_snd_buf(req);
1428 memset(req, 0, sizeof(*req)); /* mark unused */ 873 memset(req, 0, sizeof(*req)); /* mark unused */
1429 874
1430 dprintk("RPC: %4d release request %p\n", task->tk_pid, req); 875 dprintk("RPC: %4d release request %p\n", task->tk_pid, req);
1431 876
1432 spin_lock(&xprt->xprt_lock); 877 spin_lock(&xprt->reserve_lock);
1433 list_add(&req->rq_list, &xprt->free); 878 list_add(&req->rq_list, &xprt->free);
1434 xprt_clear_backlog(xprt); 879 rpc_wake_up_next(&xprt->backlog);
1435 spin_unlock(&xprt->xprt_lock); 880 spin_unlock(&xprt->reserve_lock);
1436}
1437
1438/*
1439 * Set default timeout parameters
1440 */
1441static void
1442xprt_default_timeout(struct rpc_timeout *to, int proto)
1443{
1444 if (proto == IPPROTO_UDP)
1445 xprt_set_timeout(to, 5, 5 * HZ);
1446 else
1447 xprt_set_timeout(to, 5, 60 * HZ);
1448} 881}
1449 882
1450/* 883/**
1451 * Set constant timeout 884 * xprt_set_timeout - set constant RPC timeout
885 * @to: RPC timeout parameters to set up
886 * @retr: number of retries
887 * @incr: amount of increase after each retry
888 *
1452 */ 889 */
1453void 890void xprt_set_timeout(struct rpc_timeout *to, unsigned int retr, unsigned long incr)
1454xprt_set_timeout(struct rpc_timeout *to, unsigned int retr, unsigned long incr)
1455{ 891{
1456 to->to_initval = 892 to->to_initval =
1457 to->to_increment = incr; 893 to->to_increment = incr;
1458 to->to_maxval = incr * retr; 894 to->to_maxval = to->to_initval + (incr * retr);
1459 to->to_retries = retr; 895 to->to_retries = retr;
1460 to->to_exponential = 0; 896 to->to_exponential = 0;
1461} 897}
1462 898
1463unsigned int xprt_udp_slot_table_entries = RPC_DEF_SLOT_TABLE; 899static struct rpc_xprt *xprt_setup(int proto, struct sockaddr_in *ap, struct rpc_timeout *to)
1464unsigned int xprt_tcp_slot_table_entries = RPC_DEF_SLOT_TABLE;
1465
1466/*
1467 * Initialize an RPC client
1468 */
1469static struct rpc_xprt *
1470xprt_setup(int proto, struct sockaddr_in *ap, struct rpc_timeout *to)
1471{ 900{
901 int result;
1472 struct rpc_xprt *xprt; 902 struct rpc_xprt *xprt;
1473 unsigned int entries;
1474 size_t slot_table_size;
1475 struct rpc_rqst *req; 903 struct rpc_rqst *req;
1476 904
1477 dprintk("RPC: setting up %s transport...\n",
1478 proto == IPPROTO_UDP? "UDP" : "TCP");
1479
1480 entries = (proto == IPPROTO_TCP)?
1481 xprt_tcp_slot_table_entries : xprt_udp_slot_table_entries;
1482
1483 if ((xprt = kmalloc(sizeof(struct rpc_xprt), GFP_KERNEL)) == NULL) 905 if ((xprt = kmalloc(sizeof(struct rpc_xprt), GFP_KERNEL)) == NULL)
1484 return ERR_PTR(-ENOMEM); 906 return ERR_PTR(-ENOMEM);
1485 memset(xprt, 0, sizeof(*xprt)); /* Nnnngh! */ 907 memset(xprt, 0, sizeof(*xprt)); /* Nnnngh! */
1486 xprt->max_reqs = entries;
1487 slot_table_size = entries * sizeof(xprt->slot[0]);
1488 xprt->slot = kmalloc(slot_table_size, GFP_KERNEL);
1489 if (xprt->slot == NULL) {
1490 kfree(xprt);
1491 return ERR_PTR(-ENOMEM);
1492 }
1493 memset(xprt->slot, 0, slot_table_size);
1494 908
1495 xprt->addr = *ap; 909 xprt->addr = *ap;
1496 xprt->prot = proto; 910
1497 xprt->stream = (proto == IPPROTO_TCP)? 1 : 0; 911 switch (proto) {
1498 if (xprt->stream) { 912 case IPPROTO_UDP:
1499 xprt->cwnd = RPC_MAXCWND(xprt); 913 result = xs_setup_udp(xprt, to);
1500 xprt->nocong = 1; 914 break;
1501 xprt->max_payload = (1U << 31) - 1; 915 case IPPROTO_TCP:
1502 } else { 916 result = xs_setup_tcp(xprt, to);
1503 xprt->cwnd = RPC_INITCWND; 917 break;
1504 xprt->max_payload = (1U << 16) - (MAX_HEADER << 3); 918 default:
919 printk(KERN_ERR "RPC: unrecognized transport protocol: %d\n",
920 proto);
921 result = -EIO;
922 break;
923 }
924 if (result) {
925 kfree(xprt);
926 return ERR_PTR(result);
1505 } 927 }
1506 spin_lock_init(&xprt->sock_lock); 928
1507 spin_lock_init(&xprt->xprt_lock); 929 spin_lock_init(&xprt->transport_lock);
1508 init_waitqueue_head(&xprt->cong_wait); 930 spin_lock_init(&xprt->reserve_lock);
1509 931
1510 INIT_LIST_HEAD(&xprt->free); 932 INIT_LIST_HEAD(&xprt->free);
1511 INIT_LIST_HEAD(&xprt->recv); 933 INIT_LIST_HEAD(&xprt->recv);
1512 INIT_WORK(&xprt->sock_connect, xprt_socket_connect, xprt); 934 INIT_WORK(&xprt->task_cleanup, xprt_autoclose, xprt);
1513 INIT_WORK(&xprt->task_cleanup, xprt_socket_autoclose, xprt);
1514 init_timer(&xprt->timer); 935 init_timer(&xprt->timer);
1515 xprt->timer.function = xprt_init_autodisconnect; 936 xprt->timer.function = xprt_init_autodisconnect;
1516 xprt->timer.data = (unsigned long) xprt; 937 xprt->timer.data = (unsigned long) xprt;
1517 xprt->last_used = jiffies; 938 xprt->last_used = jiffies;
1518 xprt->port = XPRT_MAX_RESVPORT; 939 xprt->cwnd = RPC_INITCWND;
1519
1520 /* Set timeout parameters */
1521 if (to) {
1522 xprt->timeout = *to;
1523 } else
1524 xprt_default_timeout(&xprt->timeout, xprt->prot);
1525 940
1526 rpc_init_wait_queue(&xprt->pending, "xprt_pending"); 941 rpc_init_wait_queue(&xprt->pending, "xprt_pending");
1527 rpc_init_wait_queue(&xprt->sending, "xprt_sending"); 942 rpc_init_wait_queue(&xprt->sending, "xprt_sending");
@@ -1529,139 +944,25 @@ xprt_setup(int proto, struct sockaddr_in *ap, struct rpc_timeout *to)
1529 rpc_init_priority_wait_queue(&xprt->backlog, "xprt_backlog"); 944 rpc_init_priority_wait_queue(&xprt->backlog, "xprt_backlog");
1530 945
1531 /* initialize free list */ 946 /* initialize free list */
1532 for (req = &xprt->slot[entries-1]; req >= &xprt->slot[0]; req--) 947 for (req = &xprt->slot[xprt->max_reqs-1]; req >= &xprt->slot[0]; req--)
1533 list_add(&req->rq_list, &xprt->free); 948 list_add(&req->rq_list, &xprt->free);
1534 949
1535 xprt_init_xid(xprt); 950 xprt_init_xid(xprt);
1536 951
1537 /* Check whether we want to use a reserved port */
1538 xprt->resvport = capable(CAP_NET_BIND_SERVICE) ? 1 : 0;
1539
1540 dprintk("RPC: created transport %p with %u slots\n", xprt, 952 dprintk("RPC: created transport %p with %u slots\n", xprt,
1541 xprt->max_reqs); 953 xprt->max_reqs);
1542 954
1543 return xprt; 955 return xprt;
1544} 956}
1545 957
1546/* 958/**
1547 * Bind to a reserved port 959 * xprt_create_proto - create an RPC client transport
1548 */ 960 * @proto: requested transport protocol
1549static inline int xprt_bindresvport(struct rpc_xprt *xprt, struct socket *sock) 961 * @sap: remote peer's address
1550{ 962 * @to: timeout parameters for new transport
1551 struct sockaddr_in myaddr = { 963 *
1552 .sin_family = AF_INET,
1553 };
1554 int err, port;
1555
1556 /* Were we already bound to a given port? Try to reuse it */
1557 port = xprt->port;
1558 do {
1559 myaddr.sin_port = htons(port);
1560 err = sock->ops->bind(sock, (struct sockaddr *) &myaddr,
1561 sizeof(myaddr));
1562 if (err == 0) {
1563 xprt->port = port;
1564 return 0;
1565 }
1566 if (--port == 0)
1567 port = XPRT_MAX_RESVPORT;
1568 } while (err == -EADDRINUSE && port != xprt->port);
1569
1570 printk("RPC: Can't bind to reserved port (%d).\n", -err);
1571 return err;
1572}
1573
1574static void
1575xprt_bind_socket(struct rpc_xprt *xprt, struct socket *sock)
1576{
1577 struct sock *sk = sock->sk;
1578
1579 if (xprt->inet)
1580 return;
1581
1582 write_lock_bh(&sk->sk_callback_lock);
1583 sk->sk_user_data = xprt;
1584 xprt->old_data_ready = sk->sk_data_ready;
1585 xprt->old_state_change = sk->sk_state_change;
1586 xprt->old_write_space = sk->sk_write_space;
1587 if (xprt->prot == IPPROTO_UDP) {
1588 sk->sk_data_ready = udp_data_ready;
1589 sk->sk_no_check = UDP_CSUM_NORCV;
1590 xprt_set_connected(xprt);
1591 } else {
1592 tcp_sk(sk)->nonagle = 1; /* disable Nagle's algorithm */
1593 sk->sk_data_ready = tcp_data_ready;
1594 sk->sk_state_change = tcp_state_change;
1595 xprt_clear_connected(xprt);
1596 }
1597 sk->sk_write_space = xprt_write_space;
1598
1599 /* Reset to new socket */
1600 xprt->sock = sock;
1601 xprt->inet = sk;
1602 write_unlock_bh(&sk->sk_callback_lock);
1603
1604 return;
1605}
1606
1607/*
1608 * Set socket buffer length
1609 */
1610void
1611xprt_sock_setbufsize(struct rpc_xprt *xprt)
1612{
1613 struct sock *sk = xprt->inet;
1614
1615 if (xprt->stream)
1616 return;
1617 if (xprt->rcvsize) {
1618 sk->sk_userlocks |= SOCK_RCVBUF_LOCK;
1619 sk->sk_rcvbuf = xprt->rcvsize * xprt->max_reqs * 2;
1620 }
1621 if (xprt->sndsize) {
1622 sk->sk_userlocks |= SOCK_SNDBUF_LOCK;
1623 sk->sk_sndbuf = xprt->sndsize * xprt->max_reqs * 2;
1624 sk->sk_write_space(sk);
1625 }
1626}
1627
1628/*
1629 * Datastream sockets are created here, but xprt_connect will create
1630 * and connect stream sockets.
1631 */
1632static struct socket * xprt_create_socket(struct rpc_xprt *xprt, int proto, int resvport)
1633{
1634 struct socket *sock;
1635 int type, err;
1636
1637 dprintk("RPC: xprt_create_socket(%s %d)\n",
1638 (proto == IPPROTO_UDP)? "udp" : "tcp", proto);
1639
1640 type = (proto == IPPROTO_UDP)? SOCK_DGRAM : SOCK_STREAM;
1641
1642 if ((err = sock_create_kern(PF_INET, type, proto, &sock)) < 0) {
1643 printk("RPC: can't create socket (%d).\n", -err);
1644 return NULL;
1645 }
1646
1647 /* If the caller has the capability, bind to a reserved port */
1648 if (resvport && xprt_bindresvport(xprt, sock) < 0) {
1649 printk("RPC: can't bind to reserved port.\n");
1650 goto failed;
1651 }
1652
1653 return sock;
1654
1655failed:
1656 sock_release(sock);
1657 return NULL;
1658}
1659
1660/*
1661 * Create an RPC client transport given the protocol and peer address.
1662 */ 964 */
1663struct rpc_xprt * 965struct rpc_xprt *xprt_create_proto(int proto, struct sockaddr_in *sap, struct rpc_timeout *to)
1664xprt_create_proto(int proto, struct sockaddr_in *sap, struct rpc_timeout *to)
1665{ 966{
1666 struct rpc_xprt *xprt; 967 struct rpc_xprt *xprt;
1667 968
@@ -1673,46 +974,26 @@ xprt_create_proto(int proto, struct sockaddr_in *sap, struct rpc_timeout *to)
1673 return xprt; 974 return xprt;
1674} 975}
1675 976
1676/* 977static void xprt_shutdown(struct rpc_xprt *xprt)
1677 * Prepare for transport shutdown.
1678 */
1679static void
1680xprt_shutdown(struct rpc_xprt *xprt)
1681{ 978{
1682 xprt->shutdown = 1; 979 xprt->shutdown = 1;
1683 rpc_wake_up(&xprt->sending); 980 rpc_wake_up(&xprt->sending);
1684 rpc_wake_up(&xprt->resend); 981 rpc_wake_up(&xprt->resend);
1685 rpc_wake_up(&xprt->pending); 982 xprt_wake_pending_tasks(xprt, -EIO);
1686 rpc_wake_up(&xprt->backlog); 983 rpc_wake_up(&xprt->backlog);
1687 wake_up(&xprt->cong_wait);
1688 del_timer_sync(&xprt->timer); 984 del_timer_sync(&xprt->timer);
1689
1690 /* synchronously wait for connect worker to finish */
1691 cancel_delayed_work(&xprt->sock_connect);
1692 flush_scheduled_work();
1693} 985}
1694 986
1695/* 987/**
1696 * Clear the xprt backlog queue 988 * xprt_destroy - destroy an RPC transport, killing off all requests.
1697 */ 989 * @xprt: transport to destroy
1698static int 990 *
1699xprt_clear_backlog(struct rpc_xprt *xprt) {
1700 rpc_wake_up_next(&xprt->backlog);
1701 wake_up(&xprt->cong_wait);
1702 return 1;
1703}
1704
1705/*
1706 * Destroy an RPC transport, killing off all requests.
1707 */ 991 */
1708int 992int xprt_destroy(struct rpc_xprt *xprt)
1709xprt_destroy(struct rpc_xprt *xprt)
1710{ 993{
1711 dprintk("RPC: destroying transport %p\n", xprt); 994 dprintk("RPC: destroying transport %p\n", xprt);
1712 xprt_shutdown(xprt); 995 xprt_shutdown(xprt);
1713 xprt_disconnect(xprt); 996 xprt->ops->destroy(xprt);
1714 xprt_close(xprt);
1715 kfree(xprt->slot);
1716 kfree(xprt); 997 kfree(xprt);
1717 998
1718 return 0; 999 return 0;
diff --git a/net/sunrpc/xprtsock.c b/net/sunrpc/xprtsock.c
new file mode 100644
index 000000000000..2e1529217e65
--- /dev/null
+++ b/net/sunrpc/xprtsock.c
@@ -0,0 +1,1252 @@
1/*
2 * linux/net/sunrpc/xprtsock.c
3 *
4 * Client-side transport implementation for sockets.
5 *
6 * TCP callback races fixes (C) 1998 Red Hat Software <alan@redhat.com>
7 * TCP send fixes (C) 1998 Red Hat Software <alan@redhat.com>
8 * TCP NFS related read + write fixes
9 * (C) 1999 Dave Airlie, University of Limerick, Ireland <airlied@linux.ie>
10 *
11 * Rewrite of larges part of the code in order to stabilize TCP stuff.
12 * Fix behaviour when socket buffer is full.
13 * (C) 1999 Trond Myklebust <trond.myklebust@fys.uio.no>
14 *
15 * IP socket transport implementation, (C) 2005 Chuck Lever <cel@netapp.com>
16 */
17
18#include <linux/types.h>
19#include <linux/slab.h>
20#include <linux/capability.h>
21#include <linux/sched.h>
22#include <linux/pagemap.h>
23#include <linux/errno.h>
24#include <linux/socket.h>
25#include <linux/in.h>
26#include <linux/net.h>
27#include <linux/mm.h>
28#include <linux/udp.h>
29#include <linux/tcp.h>
30#include <linux/sunrpc/clnt.h>
31#include <linux/file.h>
32
33#include <net/sock.h>
34#include <net/checksum.h>
35#include <net/udp.h>
36#include <net/tcp.h>
37
38/*
39 * How many times to try sending a request on a socket before waiting
40 * for the socket buffer to clear.
41 */
42#define XS_SENDMSG_RETRY (10U)
43
44/*
45 * Time out for an RPC UDP socket connect. UDP socket connects are
46 * synchronous, but we set a timeout anyway in case of resource
47 * exhaustion on the local host.
48 */
49#define XS_UDP_CONN_TO (5U * HZ)
50
51/*
52 * Wait duration for an RPC TCP connection to be established. Solaris
53 * NFS over TCP uses 60 seconds, for example, which is in line with how
54 * long a server takes to reboot.
55 */
56#define XS_TCP_CONN_TO (60U * HZ)
57
58/*
59 * Wait duration for a reply from the RPC portmapper.
60 */
61#define XS_BIND_TO (60U * HZ)
62
63/*
64 * Delay if a UDP socket connect error occurs. This is most likely some
65 * kind of resource problem on the local host.
66 */
67#define XS_UDP_REEST_TO (2U * HZ)
68
69/*
70 * The reestablish timeout allows clients to delay for a bit before attempting
71 * to reconnect to a server that just dropped our connection.
72 *
73 * We implement an exponential backoff when trying to reestablish a TCP
74 * transport connection with the server. Some servers like to drop a TCP
75 * connection when they are overworked, so we start with a short timeout and
76 * increase over time if the server is down or not responding.
77 */
78#define XS_TCP_INIT_REEST_TO (3U * HZ)
79#define XS_TCP_MAX_REEST_TO (5U * 60 * HZ)
80
81/*
82 * TCP idle timeout; client drops the transport socket if it is idle
83 * for this long. Note that we also timeout UDP sockets to prevent
84 * holding port numbers when there is no RPC traffic.
85 */
86#define XS_IDLE_DISC_TO (5U * 60 * HZ)
87
88#ifdef RPC_DEBUG
89# undef RPC_DEBUG_DATA
90# define RPCDBG_FACILITY RPCDBG_TRANS
91#endif
92
93#ifdef RPC_DEBUG_DATA
94static void xs_pktdump(char *msg, u32 *packet, unsigned int count)
95{
96 u8 *buf = (u8 *) packet;
97 int j;
98
99 dprintk("RPC: %s\n", msg);
100 for (j = 0; j < count && j < 128; j += 4) {
101 if (!(j & 31)) {
102 if (j)
103 dprintk("\n");
104 dprintk("0x%04x ", j);
105 }
106 dprintk("%02x%02x%02x%02x ",
107 buf[j], buf[j+1], buf[j+2], buf[j+3]);
108 }
109 dprintk("\n");
110}
111#else
112static inline void xs_pktdump(char *msg, u32 *packet, unsigned int count)
113{
114 /* NOP */
115}
116#endif
117
118#define XS_SENDMSG_FLAGS (MSG_DONTWAIT | MSG_NOSIGNAL)
119
120static inline int xs_send_head(struct socket *sock, struct sockaddr *addr, int addrlen, struct xdr_buf *xdr, unsigned int base, unsigned int len)
121{
122 struct kvec iov = {
123 .iov_base = xdr->head[0].iov_base + base,
124 .iov_len = len - base,
125 };
126 struct msghdr msg = {
127 .msg_name = addr,
128 .msg_namelen = addrlen,
129 .msg_flags = XS_SENDMSG_FLAGS,
130 };
131
132 if (xdr->len > len)
133 msg.msg_flags |= MSG_MORE;
134
135 if (likely(iov.iov_len))
136 return kernel_sendmsg(sock, &msg, &iov, 1, iov.iov_len);
137 return kernel_sendmsg(sock, &msg, NULL, 0, 0);
138}
139
140static int xs_send_tail(struct socket *sock, struct xdr_buf *xdr, unsigned int base, unsigned int len)
141{
142 struct kvec iov = {
143 .iov_base = xdr->tail[0].iov_base + base,
144 .iov_len = len - base,
145 };
146 struct msghdr msg = {
147 .msg_flags = XS_SENDMSG_FLAGS,
148 };
149
150 return kernel_sendmsg(sock, &msg, &iov, 1, iov.iov_len);
151}
152
153/**
154 * xs_sendpages - write pages directly to a socket
155 * @sock: socket to send on
156 * @addr: UDP only -- address of destination
157 * @addrlen: UDP only -- length of destination address
158 * @xdr: buffer containing this request
159 * @base: starting position in the buffer
160 *
161 */
162static inline int xs_sendpages(struct socket *sock, struct sockaddr *addr, int addrlen, struct xdr_buf *xdr, unsigned int base)
163{
164 struct page **ppage = xdr->pages;
165 unsigned int len, pglen = xdr->page_len;
166 int err, ret = 0;
167 ssize_t (*sendpage)(struct socket *, struct page *, int, size_t, int);
168
169 if (unlikely(!sock))
170 return -ENOTCONN;
171
172 clear_bit(SOCK_ASYNC_NOSPACE, &sock->flags);
173
174 len = xdr->head[0].iov_len;
175 if (base < len || (addr != NULL && base == 0)) {
176 err = xs_send_head(sock, addr, addrlen, xdr, base, len);
177 if (ret == 0)
178 ret = err;
179 else if (err > 0)
180 ret += err;
181 if (err != (len - base))
182 goto out;
183 base = 0;
184 } else
185 base -= len;
186
187 if (unlikely(pglen == 0))
188 goto copy_tail;
189 if (unlikely(base >= pglen)) {
190 base -= pglen;
191 goto copy_tail;
192 }
193 if (base || xdr->page_base) {
194 pglen -= base;
195 base += xdr->page_base;
196 ppage += base >> PAGE_CACHE_SHIFT;
197 base &= ~PAGE_CACHE_MASK;
198 }
199
200 sendpage = sock->ops->sendpage ? : sock_no_sendpage;
201 do {
202 int flags = XS_SENDMSG_FLAGS;
203
204 len = PAGE_CACHE_SIZE;
205 if (base)
206 len -= base;
207 if (pglen < len)
208 len = pglen;
209
210 if (pglen != len || xdr->tail[0].iov_len != 0)
211 flags |= MSG_MORE;
212
213 /* Hmm... We might be dealing with highmem pages */
214 if (PageHighMem(*ppage))
215 sendpage = sock_no_sendpage;
216 err = sendpage(sock, *ppage, base, len, flags);
217 if (ret == 0)
218 ret = err;
219 else if (err > 0)
220 ret += err;
221 if (err != len)
222 goto out;
223 base = 0;
224 ppage++;
225 } while ((pglen -= len) != 0);
226copy_tail:
227 len = xdr->tail[0].iov_len;
228 if (base < len) {
229 err = xs_send_tail(sock, xdr, base, len);
230 if (ret == 0)
231 ret = err;
232 else if (err > 0)
233 ret += err;
234 }
235out:
236 return ret;
237}
238
239/**
240 * xs_nospace - place task on wait queue if transmit was incomplete
241 * @task: task to put to sleep
242 *
243 */
244static void xs_nospace(struct rpc_task *task)
245{
246 struct rpc_rqst *req = task->tk_rqstp;
247 struct rpc_xprt *xprt = req->rq_xprt;
248
249 dprintk("RPC: %4d xmit incomplete (%u left of %u)\n",
250 task->tk_pid, req->rq_slen - req->rq_bytes_sent,
251 req->rq_slen);
252
253 if (test_bit(SOCK_ASYNC_NOSPACE, &xprt->sock->flags)) {
254 /* Protect against races with write_space */
255 spin_lock_bh(&xprt->transport_lock);
256
257 /* Don't race with disconnect */
258 if (!xprt_connected(xprt))
259 task->tk_status = -ENOTCONN;
260 else if (test_bit(SOCK_NOSPACE, &xprt->sock->flags))
261 xprt_wait_for_buffer_space(task);
262
263 spin_unlock_bh(&xprt->transport_lock);
264 } else
265 /* Keep holding the socket if it is blocked */
266 rpc_delay(task, HZ>>4);
267}
268
269/**
270 * xs_udp_send_request - write an RPC request to a UDP socket
271 * @task: address of RPC task that manages the state of an RPC request
272 *
273 * Return values:
274 * 0: The request has been sent
275 * EAGAIN: The socket was blocked, please call again later to
276 * complete the request
277 * ENOTCONN: Caller needs to invoke connect logic then call again
278 * other: Some other error occured, the request was not sent
279 */
280static int xs_udp_send_request(struct rpc_task *task)
281{
282 struct rpc_rqst *req = task->tk_rqstp;
283 struct rpc_xprt *xprt = req->rq_xprt;
284 struct xdr_buf *xdr = &req->rq_snd_buf;
285 int status;
286
287 xs_pktdump("packet data:",
288 req->rq_svec->iov_base,
289 req->rq_svec->iov_len);
290
291 req->rq_xtime = jiffies;
292 status = xs_sendpages(xprt->sock, (struct sockaddr *) &xprt->addr,
293 sizeof(xprt->addr), xdr, req->rq_bytes_sent);
294
295 dprintk("RPC: xs_udp_send_request(%u) = %d\n",
296 xdr->len - req->rq_bytes_sent, status);
297
298 if (likely(status >= (int) req->rq_slen))
299 return 0;
300
301 /* Still some bytes left; set up for a retry later. */
302 if (status > 0)
303 status = -EAGAIN;
304
305 switch (status) {
306 case -ENETUNREACH:
307 case -EPIPE:
308 case -ECONNREFUSED:
309 /* When the server has died, an ICMP port unreachable message
310 * prompts ECONNREFUSED. */
311 break;
312 case -EAGAIN:
313 xs_nospace(task);
314 break;
315 default:
316 dprintk("RPC: sendmsg returned unrecognized error %d\n",
317 -status);
318 break;
319 }
320
321 return status;
322}
323
324static inline void xs_encode_tcp_record_marker(struct xdr_buf *buf)
325{
326 u32 reclen = buf->len - sizeof(rpc_fraghdr);
327 rpc_fraghdr *base = buf->head[0].iov_base;
328 *base = htonl(RPC_LAST_STREAM_FRAGMENT | reclen);
329}
330
331/**
332 * xs_tcp_send_request - write an RPC request to a TCP socket
333 * @task: address of RPC task that manages the state of an RPC request
334 *
335 * Return values:
336 * 0: The request has been sent
337 * EAGAIN: The socket was blocked, please call again later to
338 * complete the request
339 * ENOTCONN: Caller needs to invoke connect logic then call again
340 * other: Some other error occured, the request was not sent
341 *
342 * XXX: In the case of soft timeouts, should we eventually give up
343 * if sendmsg is not able to make progress?
344 */
345static int xs_tcp_send_request(struct rpc_task *task)
346{
347 struct rpc_rqst *req = task->tk_rqstp;
348 struct rpc_xprt *xprt = req->rq_xprt;
349 struct xdr_buf *xdr = &req->rq_snd_buf;
350 int status, retry = 0;
351
352 xs_encode_tcp_record_marker(&req->rq_snd_buf);
353
354 xs_pktdump("packet data:",
355 req->rq_svec->iov_base,
356 req->rq_svec->iov_len);
357
358 /* Continue transmitting the packet/record. We must be careful
359 * to cope with writespace callbacks arriving _after_ we have
360 * called sendmsg(). */
361 while (1) {
362 req->rq_xtime = jiffies;
363 status = xs_sendpages(xprt->sock, NULL, 0, xdr,
364 req->rq_bytes_sent);
365
366 dprintk("RPC: xs_tcp_send_request(%u) = %d\n",
367 xdr->len - req->rq_bytes_sent, status);
368
369 if (unlikely(status < 0))
370 break;
371
372 /* If we've sent the entire packet, immediately
373 * reset the count of bytes sent. */
374 req->rq_bytes_sent += status;
375 if (likely(req->rq_bytes_sent >= req->rq_slen)) {
376 req->rq_bytes_sent = 0;
377 return 0;
378 }
379
380 status = -EAGAIN;
381 if (retry++ > XS_SENDMSG_RETRY)
382 break;
383 }
384
385 switch (status) {
386 case -EAGAIN:
387 xs_nospace(task);
388 break;
389 case -ECONNREFUSED:
390 case -ECONNRESET:
391 case -ENOTCONN:
392 case -EPIPE:
393 status = -ENOTCONN;
394 break;
395 default:
396 dprintk("RPC: sendmsg returned unrecognized error %d\n",
397 -status);
398 xprt_disconnect(xprt);
399 break;
400 }
401
402 return status;
403}
404
405/**
406 * xs_close - close a socket
407 * @xprt: transport
408 *
409 * This is used when all requests are complete; ie, no DRC state remains
410 * on the server we want to save.
411 */
412static void xs_close(struct rpc_xprt *xprt)
413{
414 struct socket *sock = xprt->sock;
415 struct sock *sk = xprt->inet;
416
417 if (!sk)
418 return;
419
420 dprintk("RPC: xs_close xprt %p\n", xprt);
421
422 write_lock_bh(&sk->sk_callback_lock);
423 xprt->inet = NULL;
424 xprt->sock = NULL;
425
426 sk->sk_user_data = NULL;
427 sk->sk_data_ready = xprt->old_data_ready;
428 sk->sk_state_change = xprt->old_state_change;
429 sk->sk_write_space = xprt->old_write_space;
430 write_unlock_bh(&sk->sk_callback_lock);
431
432 sk->sk_no_check = 0;
433
434 sock_release(sock);
435}
436
437/**
438 * xs_destroy - prepare to shutdown a transport
439 * @xprt: doomed transport
440 *
441 */
442static void xs_destroy(struct rpc_xprt *xprt)
443{
444 dprintk("RPC: xs_destroy xprt %p\n", xprt);
445
446 cancel_delayed_work(&xprt->connect_worker);
447 flush_scheduled_work();
448
449 xprt_disconnect(xprt);
450 xs_close(xprt);
451 kfree(xprt->slot);
452}
453
454static inline struct rpc_xprt *xprt_from_sock(struct sock *sk)
455{
456 return (struct rpc_xprt *) sk->sk_user_data;
457}
458
459/**
460 * xs_udp_data_ready - "data ready" callback for UDP sockets
461 * @sk: socket with data to read
462 * @len: how much data to read
463 *
464 */
465static void xs_udp_data_ready(struct sock *sk, int len)
466{
467 struct rpc_task *task;
468 struct rpc_xprt *xprt;
469 struct rpc_rqst *rovr;
470 struct sk_buff *skb;
471 int err, repsize, copied;
472 u32 _xid, *xp;
473
474 read_lock(&sk->sk_callback_lock);
475 dprintk("RPC: xs_udp_data_ready...\n");
476 if (!(xprt = xprt_from_sock(sk)))
477 goto out;
478
479 if ((skb = skb_recv_datagram(sk, 0, 1, &err)) == NULL)
480 goto out;
481
482 if (xprt->shutdown)
483 goto dropit;
484
485 repsize = skb->len - sizeof(struct udphdr);
486 if (repsize < 4) {
487 dprintk("RPC: impossible RPC reply size %d!\n", repsize);
488 goto dropit;
489 }
490
491 /* Copy the XID from the skb... */
492 xp = skb_header_pointer(skb, sizeof(struct udphdr),
493 sizeof(_xid), &_xid);
494 if (xp == NULL)
495 goto dropit;
496
497 /* Look up and lock the request corresponding to the given XID */
498 spin_lock(&xprt->transport_lock);
499 rovr = xprt_lookup_rqst(xprt, *xp);
500 if (!rovr)
501 goto out_unlock;
502 task = rovr->rq_task;
503
504 if ((copied = rovr->rq_private_buf.buflen) > repsize)
505 copied = repsize;
506
507 /* Suck it into the iovec, verify checksum if not done by hw. */
508 if (csum_partial_copy_to_xdr(&rovr->rq_private_buf, skb))
509 goto out_unlock;
510
511 /* Something worked... */
512 dst_confirm(skb->dst);
513
514 xprt_adjust_cwnd(task, copied);
515 xprt_update_rtt(task);
516 xprt_complete_rqst(task, copied);
517
518 out_unlock:
519 spin_unlock(&xprt->transport_lock);
520 dropit:
521 skb_free_datagram(sk, skb);
522 out:
523 read_unlock(&sk->sk_callback_lock);
524}
525
526static inline size_t xs_tcp_copy_data(skb_reader_t *desc, void *p, size_t len)
527{
528 if (len > desc->count)
529 len = desc->count;
530 if (skb_copy_bits(desc->skb, desc->offset, p, len)) {
531 dprintk("RPC: failed to copy %zu bytes from skb. %zu bytes remain\n",
532 len, desc->count);
533 return 0;
534 }
535 desc->offset += len;
536 desc->count -= len;
537 dprintk("RPC: copied %zu bytes from skb. %zu bytes remain\n",
538 len, desc->count);
539 return len;
540}
541
542static inline void xs_tcp_read_fraghdr(struct rpc_xprt *xprt, skb_reader_t *desc)
543{
544 size_t len, used;
545 char *p;
546
547 p = ((char *) &xprt->tcp_recm) + xprt->tcp_offset;
548 len = sizeof(xprt->tcp_recm) - xprt->tcp_offset;
549 used = xs_tcp_copy_data(desc, p, len);
550 xprt->tcp_offset += used;
551 if (used != len)
552 return;
553
554 xprt->tcp_reclen = ntohl(xprt->tcp_recm);
555 if (xprt->tcp_reclen & RPC_LAST_STREAM_FRAGMENT)
556 xprt->tcp_flags |= XPRT_LAST_FRAG;
557 else
558 xprt->tcp_flags &= ~XPRT_LAST_FRAG;
559 xprt->tcp_reclen &= RPC_FRAGMENT_SIZE_MASK;
560
561 xprt->tcp_flags &= ~XPRT_COPY_RECM;
562 xprt->tcp_offset = 0;
563
564 /* Sanity check of the record length */
565 if (unlikely(xprt->tcp_reclen < 4)) {
566 dprintk("RPC: invalid TCP record fragment length\n");
567 xprt_disconnect(xprt);
568 return;
569 }
570 dprintk("RPC: reading TCP record fragment of length %d\n",
571 xprt->tcp_reclen);
572}
573
574static void xs_tcp_check_recm(struct rpc_xprt *xprt)
575{
576 dprintk("RPC: xprt = %p, tcp_copied = %lu, tcp_offset = %u, tcp_reclen = %u, tcp_flags = %lx\n",
577 xprt, xprt->tcp_copied, xprt->tcp_offset, xprt->tcp_reclen, xprt->tcp_flags);
578 if (xprt->tcp_offset == xprt->tcp_reclen) {
579 xprt->tcp_flags |= XPRT_COPY_RECM;
580 xprt->tcp_offset = 0;
581 if (xprt->tcp_flags & XPRT_LAST_FRAG) {
582 xprt->tcp_flags &= ~XPRT_COPY_DATA;
583 xprt->tcp_flags |= XPRT_COPY_XID;
584 xprt->tcp_copied = 0;
585 }
586 }
587}
588
589static inline void xs_tcp_read_xid(struct rpc_xprt *xprt, skb_reader_t *desc)
590{
591 size_t len, used;
592 char *p;
593
594 len = sizeof(xprt->tcp_xid) - xprt->tcp_offset;
595 dprintk("RPC: reading XID (%Zu bytes)\n", len);
596 p = ((char *) &xprt->tcp_xid) + xprt->tcp_offset;
597 used = xs_tcp_copy_data(desc, p, len);
598 xprt->tcp_offset += used;
599 if (used != len)
600 return;
601 xprt->tcp_flags &= ~XPRT_COPY_XID;
602 xprt->tcp_flags |= XPRT_COPY_DATA;
603 xprt->tcp_copied = 4;
604 dprintk("RPC: reading reply for XID %08x\n",
605 ntohl(xprt->tcp_xid));
606 xs_tcp_check_recm(xprt);
607}
608
609static inline void xs_tcp_read_request(struct rpc_xprt *xprt, skb_reader_t *desc)
610{
611 struct rpc_rqst *req;
612 struct xdr_buf *rcvbuf;
613 size_t len;
614 ssize_t r;
615
616 /* Find and lock the request corresponding to this xid */
617 spin_lock(&xprt->transport_lock);
618 req = xprt_lookup_rqst(xprt, xprt->tcp_xid);
619 if (!req) {
620 xprt->tcp_flags &= ~XPRT_COPY_DATA;
621 dprintk("RPC: XID %08x request not found!\n",
622 ntohl(xprt->tcp_xid));
623 spin_unlock(&xprt->transport_lock);
624 return;
625 }
626
627 rcvbuf = &req->rq_private_buf;
628 len = desc->count;
629 if (len > xprt->tcp_reclen - xprt->tcp_offset) {
630 skb_reader_t my_desc;
631
632 len = xprt->tcp_reclen - xprt->tcp_offset;
633 memcpy(&my_desc, desc, sizeof(my_desc));
634 my_desc.count = len;
635 r = xdr_partial_copy_from_skb(rcvbuf, xprt->tcp_copied,
636 &my_desc, xs_tcp_copy_data);
637 desc->count -= r;
638 desc->offset += r;
639 } else
640 r = xdr_partial_copy_from_skb(rcvbuf, xprt->tcp_copied,
641 desc, xs_tcp_copy_data);
642
643 if (r > 0) {
644 xprt->tcp_copied += r;
645 xprt->tcp_offset += r;
646 }
647 if (r != len) {
648 /* Error when copying to the receive buffer,
649 * usually because we weren't able to allocate
650 * additional buffer pages. All we can do now
651 * is turn off XPRT_COPY_DATA, so the request
652 * will not receive any additional updates,
653 * and time out.
654 * Any remaining data from this record will
655 * be discarded.
656 */
657 xprt->tcp_flags &= ~XPRT_COPY_DATA;
658 dprintk("RPC: XID %08x truncated request\n",
659 ntohl(xprt->tcp_xid));
660 dprintk("RPC: xprt = %p, tcp_copied = %lu, tcp_offset = %u, tcp_reclen = %u\n",
661 xprt, xprt->tcp_copied, xprt->tcp_offset, xprt->tcp_reclen);
662 goto out;
663 }
664
665 dprintk("RPC: XID %08x read %Zd bytes\n",
666 ntohl(xprt->tcp_xid), r);
667 dprintk("RPC: xprt = %p, tcp_copied = %lu, tcp_offset = %u, tcp_reclen = %u\n",
668 xprt, xprt->tcp_copied, xprt->tcp_offset, xprt->tcp_reclen);
669
670 if (xprt->tcp_copied == req->rq_private_buf.buflen)
671 xprt->tcp_flags &= ~XPRT_COPY_DATA;
672 else if (xprt->tcp_offset == xprt->tcp_reclen) {
673 if (xprt->tcp_flags & XPRT_LAST_FRAG)
674 xprt->tcp_flags &= ~XPRT_COPY_DATA;
675 }
676
677out:
678 if (!(xprt->tcp_flags & XPRT_COPY_DATA))
679 xprt_complete_rqst(req->rq_task, xprt->tcp_copied);
680 spin_unlock(&xprt->transport_lock);
681 xs_tcp_check_recm(xprt);
682}
683
684static inline void xs_tcp_read_discard(struct rpc_xprt *xprt, skb_reader_t *desc)
685{
686 size_t len;
687
688 len = xprt->tcp_reclen - xprt->tcp_offset;
689 if (len > desc->count)
690 len = desc->count;
691 desc->count -= len;
692 desc->offset += len;
693 xprt->tcp_offset += len;
694 dprintk("RPC: discarded %Zu bytes\n", len);
695 xs_tcp_check_recm(xprt);
696}
697
698static int xs_tcp_data_recv(read_descriptor_t *rd_desc, struct sk_buff *skb, unsigned int offset, size_t len)
699{
700 struct rpc_xprt *xprt = rd_desc->arg.data;
701 skb_reader_t desc = {
702 .skb = skb,
703 .offset = offset,
704 .count = len,
705 .csum = 0
706 };
707
708 dprintk("RPC: xs_tcp_data_recv started\n");
709 do {
710 /* Read in a new fragment marker if necessary */
711 /* Can we ever really expect to get completely empty fragments? */
712 if (xprt->tcp_flags & XPRT_COPY_RECM) {
713 xs_tcp_read_fraghdr(xprt, &desc);
714 continue;
715 }
716 /* Read in the xid if necessary */
717 if (xprt->tcp_flags & XPRT_COPY_XID) {
718 xs_tcp_read_xid(xprt, &desc);
719 continue;
720 }
721 /* Read in the request data */
722 if (xprt->tcp_flags & XPRT_COPY_DATA) {
723 xs_tcp_read_request(xprt, &desc);
724 continue;
725 }
726 /* Skip over any trailing bytes on short reads */
727 xs_tcp_read_discard(xprt, &desc);
728 } while (desc.count);
729 dprintk("RPC: xs_tcp_data_recv done\n");
730 return len - desc.count;
731}
732
733/**
734 * xs_tcp_data_ready - "data ready" callback for TCP sockets
735 * @sk: socket with data to read
736 * @bytes: how much data to read
737 *
738 */
739static void xs_tcp_data_ready(struct sock *sk, int bytes)
740{
741 struct rpc_xprt *xprt;
742 read_descriptor_t rd_desc;
743
744 read_lock(&sk->sk_callback_lock);
745 dprintk("RPC: xs_tcp_data_ready...\n");
746 if (!(xprt = xprt_from_sock(sk)))
747 goto out;
748 if (xprt->shutdown)
749 goto out;
750
751 /* We use rd_desc to pass struct xprt to xs_tcp_data_recv */
752 rd_desc.arg.data = xprt;
753 rd_desc.count = 65536;
754 tcp_read_sock(sk, &rd_desc, xs_tcp_data_recv);
755out:
756 read_unlock(&sk->sk_callback_lock);
757}
758
759/**
760 * xs_tcp_state_change - callback to handle TCP socket state changes
761 * @sk: socket whose state has changed
762 *
763 */
764static void xs_tcp_state_change(struct sock *sk)
765{
766 struct rpc_xprt *xprt;
767
768 read_lock(&sk->sk_callback_lock);
769 if (!(xprt = xprt_from_sock(sk)))
770 goto out;
771 dprintk("RPC: xs_tcp_state_change client %p...\n", xprt);
772 dprintk("RPC: state %x conn %d dead %d zapped %d\n",
773 sk->sk_state, xprt_connected(xprt),
774 sock_flag(sk, SOCK_DEAD),
775 sock_flag(sk, SOCK_ZAPPED));
776
777 switch (sk->sk_state) {
778 case TCP_ESTABLISHED:
779 spin_lock_bh(&xprt->transport_lock);
780 if (!xprt_test_and_set_connected(xprt)) {
781 /* Reset TCP record info */
782 xprt->tcp_offset = 0;
783 xprt->tcp_reclen = 0;
784 xprt->tcp_copied = 0;
785 xprt->tcp_flags = XPRT_COPY_RECM | XPRT_COPY_XID;
786 xprt->reestablish_timeout = XS_TCP_INIT_REEST_TO;
787 xprt_wake_pending_tasks(xprt, 0);
788 }
789 spin_unlock_bh(&xprt->transport_lock);
790 break;
791 case TCP_SYN_SENT:
792 case TCP_SYN_RECV:
793 break;
794 default:
795 xprt_disconnect(xprt);
796 break;
797 }
798 out:
799 read_unlock(&sk->sk_callback_lock);
800}
801
802/**
803 * xs_udp_write_space - callback invoked when socket buffer space
804 * becomes available
805 * @sk: socket whose state has changed
806 *
807 * Called when more output buffer space is available for this socket.
808 * We try not to wake our writers until they can make "significant"
809 * progress, otherwise we'll waste resources thrashing kernel_sendmsg
810 * with a bunch of small requests.
811 */
812static void xs_udp_write_space(struct sock *sk)
813{
814 read_lock(&sk->sk_callback_lock);
815
816 /* from net/core/sock.c:sock_def_write_space */
817 if (sock_writeable(sk)) {
818 struct socket *sock;
819 struct rpc_xprt *xprt;
820
821 if (unlikely(!(sock = sk->sk_socket)))
822 goto out;
823 if (unlikely(!(xprt = xprt_from_sock(sk))))
824 goto out;
825 if (unlikely(!test_and_clear_bit(SOCK_NOSPACE, &sock->flags)))
826 goto out;
827
828 xprt_write_space(xprt);
829 }
830
831 out:
832 read_unlock(&sk->sk_callback_lock);
833}
834
835/**
836 * xs_tcp_write_space - callback invoked when socket buffer space
837 * becomes available
838 * @sk: socket whose state has changed
839 *
840 * Called when more output buffer space is available for this socket.
841 * We try not to wake our writers until they can make "significant"
842 * progress, otherwise we'll waste resources thrashing kernel_sendmsg
843 * with a bunch of small requests.
844 */
845static void xs_tcp_write_space(struct sock *sk)
846{
847 read_lock(&sk->sk_callback_lock);
848
849 /* from net/core/stream.c:sk_stream_write_space */
850 if (sk_stream_wspace(sk) >= sk_stream_min_wspace(sk)) {
851 struct socket *sock;
852 struct rpc_xprt *xprt;
853
854 if (unlikely(!(sock = sk->sk_socket)))
855 goto out;
856 if (unlikely(!(xprt = xprt_from_sock(sk))))
857 goto out;
858 if (unlikely(!test_and_clear_bit(SOCK_NOSPACE, &sock->flags)))
859 goto out;
860
861 xprt_write_space(xprt);
862 }
863
864 out:
865 read_unlock(&sk->sk_callback_lock);
866}
867
868static void xs_udp_do_set_buffer_size(struct rpc_xprt *xprt)
869{
870 struct sock *sk = xprt->inet;
871
872 if (xprt->rcvsize) {
873 sk->sk_userlocks |= SOCK_RCVBUF_LOCK;
874 sk->sk_rcvbuf = xprt->rcvsize * xprt->max_reqs * 2;
875 }
876 if (xprt->sndsize) {
877 sk->sk_userlocks |= SOCK_SNDBUF_LOCK;
878 sk->sk_sndbuf = xprt->sndsize * xprt->max_reqs * 2;
879 sk->sk_write_space(sk);
880 }
881}
882
883/**
884 * xs_udp_set_buffer_size - set send and receive limits
885 * @xprt: generic transport
886 * @sndsize: requested size of send buffer, in bytes
887 * @rcvsize: requested size of receive buffer, in bytes
888 *
889 * Set socket send and receive buffer size limits.
890 */
891static void xs_udp_set_buffer_size(struct rpc_xprt *xprt, size_t sndsize, size_t rcvsize)
892{
893 xprt->sndsize = 0;
894 if (sndsize)
895 xprt->sndsize = sndsize + 1024;
896 xprt->rcvsize = 0;
897 if (rcvsize)
898 xprt->rcvsize = rcvsize + 1024;
899
900 xs_udp_do_set_buffer_size(xprt);
901}
902
903/**
904 * xs_udp_timer - called when a retransmit timeout occurs on a UDP transport
905 * @task: task that timed out
906 *
907 * Adjust the congestion window after a retransmit timeout has occurred.
908 */
909static void xs_udp_timer(struct rpc_task *task)
910{
911 xprt_adjust_cwnd(task, -ETIMEDOUT);
912}
913
914static int xs_bindresvport(struct rpc_xprt *xprt, struct socket *sock)
915{
916 struct sockaddr_in myaddr = {
917 .sin_family = AF_INET,
918 };
919 int err;
920 unsigned short port = xprt->port;
921
922 do {
923 myaddr.sin_port = htons(port);
924 err = sock->ops->bind(sock, (struct sockaddr *) &myaddr,
925 sizeof(myaddr));
926 if (err == 0) {
927 xprt->port = port;
928 dprintk("RPC: xs_bindresvport bound to port %u\n",
929 port);
930 return 0;
931 }
932 if (port <= xprt_min_resvport)
933 port = xprt_max_resvport;
934 else
935 port--;
936 } while (err == -EADDRINUSE && port != xprt->port);
937
938 dprintk("RPC: can't bind to reserved port (%d).\n", -err);
939 return err;
940}
941
942/**
943 * xs_udp_connect_worker - set up a UDP socket
944 * @args: RPC transport to connect
945 *
946 * Invoked by a work queue tasklet.
947 */
948static void xs_udp_connect_worker(void *args)
949{
950 struct rpc_xprt *xprt = (struct rpc_xprt *) args;
951 struct socket *sock = xprt->sock;
952 int err, status = -EIO;
953
954 if (xprt->shutdown || xprt->addr.sin_port == 0)
955 goto out;
956
957 dprintk("RPC: xs_udp_connect_worker for xprt %p\n", xprt);
958
959 /* Start by resetting any existing state */
960 xs_close(xprt);
961
962 if ((err = sock_create_kern(PF_INET, SOCK_DGRAM, IPPROTO_UDP, &sock)) < 0) {
963 dprintk("RPC: can't create UDP transport socket (%d).\n", -err);
964 goto out;
965 }
966
967 if (xprt->resvport && xs_bindresvport(xprt, sock) < 0) {
968 sock_release(sock);
969 goto out;
970 }
971
972 if (!xprt->inet) {
973 struct sock *sk = sock->sk;
974
975 write_lock_bh(&sk->sk_callback_lock);
976
977 sk->sk_user_data = xprt;
978 xprt->old_data_ready = sk->sk_data_ready;
979 xprt->old_state_change = sk->sk_state_change;
980 xprt->old_write_space = sk->sk_write_space;
981 sk->sk_data_ready = xs_udp_data_ready;
982 sk->sk_write_space = xs_udp_write_space;
983 sk->sk_no_check = UDP_CSUM_NORCV;
984
985 xprt_set_connected(xprt);
986
987 /* Reset to new socket */
988 xprt->sock = sock;
989 xprt->inet = sk;
990
991 write_unlock_bh(&sk->sk_callback_lock);
992 }
993 xs_udp_do_set_buffer_size(xprt);
994 status = 0;
995out:
996 xprt_wake_pending_tasks(xprt, status);
997 xprt_clear_connecting(xprt);
998}
999
1000/*
1001 * We need to preserve the port number so the reply cache on the server can
1002 * find our cached RPC replies when we get around to reconnecting.
1003 */
1004static void xs_tcp_reuse_connection(struct rpc_xprt *xprt)
1005{
1006 int result;
1007 struct socket *sock = xprt->sock;
1008 struct sockaddr any;
1009
1010 dprintk("RPC: disconnecting xprt %p to reuse port\n", xprt);
1011
1012 /*
1013 * Disconnect the transport socket by doing a connect operation
1014 * with AF_UNSPEC. This should return immediately...
1015 */
1016 memset(&any, 0, sizeof(any));
1017 any.sa_family = AF_UNSPEC;
1018 result = sock->ops->connect(sock, &any, sizeof(any), 0);
1019 if (result)
1020 dprintk("RPC: AF_UNSPEC connect return code %d\n",
1021 result);
1022}
1023
1024/**
1025 * xs_tcp_connect_worker - connect a TCP socket to a remote endpoint
1026 * @args: RPC transport to connect
1027 *
1028 * Invoked by a work queue tasklet.
1029 */
1030static void xs_tcp_connect_worker(void *args)
1031{
1032 struct rpc_xprt *xprt = (struct rpc_xprt *)args;
1033 struct socket *sock = xprt->sock;
1034 int err, status = -EIO;
1035
1036 if (xprt->shutdown || xprt->addr.sin_port == 0)
1037 goto out;
1038
1039 dprintk("RPC: xs_tcp_connect_worker for xprt %p\n", xprt);
1040
1041 if (!xprt->sock) {
1042 /* start from scratch */
1043 if ((err = sock_create_kern(PF_INET, SOCK_STREAM, IPPROTO_TCP, &sock)) < 0) {
1044 dprintk("RPC: can't create TCP transport socket (%d).\n", -err);
1045 goto out;
1046 }
1047
1048 if (xprt->resvport && xs_bindresvport(xprt, sock) < 0) {
1049 sock_release(sock);
1050 goto out;
1051 }
1052 } else
1053 /* "close" the socket, preserving the local port */
1054 xs_tcp_reuse_connection(xprt);
1055
1056 if (!xprt->inet) {
1057 struct sock *sk = sock->sk;
1058
1059 write_lock_bh(&sk->sk_callback_lock);
1060
1061 sk->sk_user_data = xprt;
1062 xprt->old_data_ready = sk->sk_data_ready;
1063 xprt->old_state_change = sk->sk_state_change;
1064 xprt->old_write_space = sk->sk_write_space;
1065 sk->sk_data_ready = xs_tcp_data_ready;
1066 sk->sk_state_change = xs_tcp_state_change;
1067 sk->sk_write_space = xs_tcp_write_space;
1068
1069 /* socket options */
1070 sk->sk_userlocks |= SOCK_BINDPORT_LOCK;
1071 sock_reset_flag(sk, SOCK_LINGER);
1072 tcp_sk(sk)->linger2 = 0;
1073 tcp_sk(sk)->nonagle |= TCP_NAGLE_OFF;
1074
1075 xprt_clear_connected(xprt);
1076
1077 /* Reset to new socket */
1078 xprt->sock = sock;
1079 xprt->inet = sk;
1080
1081 write_unlock_bh(&sk->sk_callback_lock);
1082 }
1083
1084 /* Tell the socket layer to start connecting... */
1085 status = sock->ops->connect(sock, (struct sockaddr *) &xprt->addr,
1086 sizeof(xprt->addr), O_NONBLOCK);
1087 dprintk("RPC: %p connect status %d connected %d sock state %d\n",
1088 xprt, -status, xprt_connected(xprt), sock->sk->sk_state);
1089 if (status < 0) {
1090 switch (status) {
1091 case -EINPROGRESS:
1092 case -EALREADY:
1093 goto out_clear;
1094 case -ECONNREFUSED:
1095 case -ECONNRESET:
1096 /* retry with existing socket, after a delay */
1097 break;
1098 default:
1099 /* get rid of existing socket, and retry */
1100 xs_close(xprt);
1101 break;
1102 }
1103 }
1104out:
1105 xprt_wake_pending_tasks(xprt, status);
1106out_clear:
1107 xprt_clear_connecting(xprt);
1108}
1109
1110/**
1111 * xs_connect - connect a socket to a remote endpoint
1112 * @task: address of RPC task that manages state of connect request
1113 *
1114 * TCP: If the remote end dropped the connection, delay reconnecting.
1115 *
1116 * UDP socket connects are synchronous, but we use a work queue anyway
1117 * to guarantee that even unprivileged user processes can set up a
1118 * socket on a privileged port.
1119 *
1120 * If a UDP socket connect fails, the delay behavior here prevents
1121 * retry floods (hard mounts).
1122 */
1123static void xs_connect(struct rpc_task *task)
1124{
1125 struct rpc_xprt *xprt = task->tk_xprt;
1126
1127 if (xprt_test_and_set_connecting(xprt))
1128 return;
1129
1130 if (xprt->sock != NULL) {
1131 dprintk("RPC: xs_connect delayed xprt %p for %lu seconds\n",
1132 xprt, xprt->reestablish_timeout / HZ);
1133 schedule_delayed_work(&xprt->connect_worker,
1134 xprt->reestablish_timeout);
1135 xprt->reestablish_timeout <<= 1;
1136 if (xprt->reestablish_timeout > XS_TCP_MAX_REEST_TO)
1137 xprt->reestablish_timeout = XS_TCP_MAX_REEST_TO;
1138 } else {
1139 dprintk("RPC: xs_connect scheduled xprt %p\n", xprt);
1140 schedule_work(&xprt->connect_worker);
1141
1142 /* flush_scheduled_work can sleep... */
1143 if (!RPC_IS_ASYNC(task))
1144 flush_scheduled_work();
1145 }
1146}
1147
1148static struct rpc_xprt_ops xs_udp_ops = {
1149 .set_buffer_size = xs_udp_set_buffer_size,
1150 .reserve_xprt = xprt_reserve_xprt_cong,
1151 .release_xprt = xprt_release_xprt_cong,
1152 .connect = xs_connect,
1153 .send_request = xs_udp_send_request,
1154 .set_retrans_timeout = xprt_set_retrans_timeout_rtt,
1155 .timer = xs_udp_timer,
1156 .release_request = xprt_release_rqst_cong,
1157 .close = xs_close,
1158 .destroy = xs_destroy,
1159};
1160
1161static struct rpc_xprt_ops xs_tcp_ops = {
1162 .reserve_xprt = xprt_reserve_xprt,
1163 .release_xprt = xprt_release_xprt,
1164 .connect = xs_connect,
1165 .send_request = xs_tcp_send_request,
1166 .set_retrans_timeout = xprt_set_retrans_timeout_def,
1167 .close = xs_close,
1168 .destroy = xs_destroy,
1169};
1170
1171/**
1172 * xs_setup_udp - Set up transport to use a UDP socket
1173 * @xprt: transport to set up
1174 * @to: timeout parameters
1175 *
1176 */
1177int xs_setup_udp(struct rpc_xprt *xprt, struct rpc_timeout *to)
1178{
1179 size_t slot_table_size;
1180
1181 dprintk("RPC: setting up udp-ipv4 transport...\n");
1182
1183 xprt->max_reqs = xprt_udp_slot_table_entries;
1184 slot_table_size = xprt->max_reqs * sizeof(xprt->slot[0]);
1185 xprt->slot = kmalloc(slot_table_size, GFP_KERNEL);
1186 if (xprt->slot == NULL)
1187 return -ENOMEM;
1188 memset(xprt->slot, 0, slot_table_size);
1189
1190 xprt->prot = IPPROTO_UDP;
1191 xprt->port = xprt_max_resvport;
1192 xprt->tsh_size = 0;
1193 xprt->resvport = capable(CAP_NET_BIND_SERVICE) ? 1 : 0;
1194 /* XXX: header size can vary due to auth type, IPv6, etc. */
1195 xprt->max_payload = (1U << 16) - (MAX_HEADER << 3);
1196
1197 INIT_WORK(&xprt->connect_worker, xs_udp_connect_worker, xprt);
1198 xprt->bind_timeout = XS_BIND_TO;
1199 xprt->connect_timeout = XS_UDP_CONN_TO;
1200 xprt->reestablish_timeout = XS_UDP_REEST_TO;
1201 xprt->idle_timeout = XS_IDLE_DISC_TO;
1202
1203 xprt->ops = &xs_udp_ops;
1204
1205 if (to)
1206 xprt->timeout = *to;
1207 else
1208 xprt_set_timeout(&xprt->timeout, 5, 5 * HZ);
1209
1210 return 0;
1211}
1212
1213/**
1214 * xs_setup_tcp - Set up transport to use a TCP socket
1215 * @xprt: transport to set up
1216 * @to: timeout parameters
1217 *
1218 */
1219int xs_setup_tcp(struct rpc_xprt *xprt, struct rpc_timeout *to)
1220{
1221 size_t slot_table_size;
1222
1223 dprintk("RPC: setting up tcp-ipv4 transport...\n");
1224
1225 xprt->max_reqs = xprt_tcp_slot_table_entries;
1226 slot_table_size = xprt->max_reqs * sizeof(xprt->slot[0]);
1227 xprt->slot = kmalloc(slot_table_size, GFP_KERNEL);
1228 if (xprt->slot == NULL)
1229 return -ENOMEM;
1230 memset(xprt->slot, 0, slot_table_size);
1231
1232 xprt->prot = IPPROTO_TCP;
1233 xprt->port = xprt_max_resvport;
1234 xprt->tsh_size = sizeof(rpc_fraghdr) / sizeof(u32);
1235 xprt->resvport = capable(CAP_NET_BIND_SERVICE) ? 1 : 0;
1236 xprt->max_payload = RPC_MAX_FRAGMENT_SIZE;
1237
1238 INIT_WORK(&xprt->connect_worker, xs_tcp_connect_worker, xprt);
1239 xprt->bind_timeout = XS_BIND_TO;
1240 xprt->connect_timeout = XS_TCP_CONN_TO;
1241 xprt->reestablish_timeout = XS_TCP_INIT_REEST_TO;
1242 xprt->idle_timeout = XS_IDLE_DISC_TO;
1243
1244 xprt->ops = &xs_tcp_ops;
1245
1246 if (to)
1247 xprt->timeout = *to;
1248 else
1249 xprt_set_timeout(&xprt->timeout, 2, 60 * HZ);
1250
1251 return 0;
1252}
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index cbb0ba34a600..0db9e57013fd 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -1192,46 +1192,6 @@ int xfrm_bundle_ok(struct xfrm_dst *first, struct flowi *fl, int family)
1192 1192
1193EXPORT_SYMBOL(xfrm_bundle_ok); 1193EXPORT_SYMBOL(xfrm_bundle_ok);
1194 1194
1195/* Well... that's _TASK_. We need to scan through transformation
1196 * list and figure out what mss tcp should generate in order to
1197 * final datagram fit to mtu. Mama mia... :-)
1198 *
1199 * Apparently, some easy way exists, but we used to choose the most
1200 * bizarre ones. :-) So, raising Kalashnikov... tra-ta-ta.
1201 *
1202 * Consider this function as something like dark humour. :-)
1203 */
1204static int xfrm_get_mss(struct dst_entry *dst, u32 mtu)
1205{
1206 int res = mtu - dst->header_len;
1207
1208 for (;;) {
1209 struct dst_entry *d = dst;
1210 int m = res;
1211
1212 do {
1213 struct xfrm_state *x = d->xfrm;
1214 if (x) {
1215 spin_lock_bh(&x->lock);
1216 if (x->km.state == XFRM_STATE_VALID &&
1217 x->type && x->type->get_max_size)
1218 m = x->type->get_max_size(d->xfrm, m);
1219 else
1220 m += x->props.header_len;
1221 spin_unlock_bh(&x->lock);
1222 }
1223 } while ((d = d->child) != NULL);
1224
1225 if (m <= mtu)
1226 break;
1227 res -= (m - mtu);
1228 if (res < 88)
1229 return mtu;
1230 }
1231
1232 return res + dst->header_len;
1233}
1234
1235int xfrm_policy_register_afinfo(struct xfrm_policy_afinfo *afinfo) 1195int xfrm_policy_register_afinfo(struct xfrm_policy_afinfo *afinfo)
1236{ 1196{
1237 int err = 0; 1197 int err = 0;
@@ -1252,8 +1212,6 @@ int xfrm_policy_register_afinfo(struct xfrm_policy_afinfo *afinfo)
1252 dst_ops->negative_advice = xfrm_negative_advice; 1212 dst_ops->negative_advice = xfrm_negative_advice;
1253 if (likely(dst_ops->link_failure == NULL)) 1213 if (likely(dst_ops->link_failure == NULL))
1254 dst_ops->link_failure = xfrm_link_failure; 1214 dst_ops->link_failure = xfrm_link_failure;
1255 if (likely(dst_ops->get_mss == NULL))
1256 dst_ops->get_mss = xfrm_get_mss;
1257 if (likely(afinfo->garbage_collect == NULL)) 1215 if (likely(afinfo->garbage_collect == NULL))
1258 afinfo->garbage_collect = __xfrm_garbage_collect; 1216 afinfo->garbage_collect = __xfrm_garbage_collect;
1259 xfrm_policy_afinfo[afinfo->family] = afinfo; 1217 xfrm_policy_afinfo[afinfo->family] = afinfo;
@@ -1281,7 +1239,6 @@ int xfrm_policy_unregister_afinfo(struct xfrm_policy_afinfo *afinfo)
1281 dst_ops->check = NULL; 1239 dst_ops->check = NULL;
1282 dst_ops->negative_advice = NULL; 1240 dst_ops->negative_advice = NULL;
1283 dst_ops->link_failure = NULL; 1241 dst_ops->link_failure = NULL;
1284 dst_ops->get_mss = NULL;
1285 afinfo->garbage_collect = NULL; 1242 afinfo->garbage_collect = NULL;
1286 } 1243 }
1287 } 1244 }
diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
index 9d206c282cf1..8b9a4747417d 100644
--- a/net/xfrm/xfrm_state.c
+++ b/net/xfrm/xfrm_state.c
@@ -1026,6 +1026,12 @@ void xfrm_state_delete_tunnel(struct xfrm_state *x)
1026} 1026}
1027EXPORT_SYMBOL(xfrm_state_delete_tunnel); 1027EXPORT_SYMBOL(xfrm_state_delete_tunnel);
1028 1028
1029/*
1030 * This function is NOT optimal. For example, with ESP it will give an
1031 * MTU that's usually two bytes short of being optimal. However, it will
1032 * usually give an answer that's a multiple of 4 provided the input is
1033 * also a multiple of 4.
1034 */
1029int xfrm_state_mtu(struct xfrm_state *x, int mtu) 1035int xfrm_state_mtu(struct xfrm_state *x, int mtu)
1030{ 1036{
1031 int res = mtu; 1037 int res = mtu;