aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
Diffstat (limited to 'net')
-rw-r--r--net/batman-adv/bat_iv_ogm.c36
-rw-r--r--net/batman-adv/distributed-arp-table.c6
-rw-r--r--net/batman-adv/fragmentation.c8
-rw-r--r--net/batman-adv/icmp_socket.c6
-rw-r--r--net/batman-adv/main.c16
-rw-r--r--net/batman-adv/network-coding.c22
-rw-r--r--net/batman-adv/packet.h124
-rw-r--r--net/batman-adv/routing.c30
-rw-r--r--net/batman-adv/send.c10
-rw-r--r--net/batman-adv/soft-interface.c18
-rw-r--r--net/batman-adv/translation-table.c6
-rw-r--r--net/bluetooth/hci_sock.c26
-rw-r--r--net/core/dev.c2
-rw-r--r--net/dccp/probe.c19
-rw-r--r--net/ipv4/inet_diag.c16
-rw-r--r--net/ipv4/ip_gre.c1
-rw-r--r--net/ipv4/ip_output.c5
-rw-r--r--net/ipv6/ip6_output.c36
-rw-r--r--net/ipv6/route.c4
-rw-r--r--net/ipv6/sit.c6
-rw-r--r--net/netfilter/ipvs/ip_vs_nfct.c6
-rw-r--r--net/netfilter/nf_conntrack_seqadj.c5
-rw-r--r--net/netfilter/nf_conntrack_timestamp.c1
-rw-r--r--net/netfilter/nf_tables_api.c26
-rw-r--r--net/netfilter/nfnetlink_log.c1
-rw-r--r--net/netfilter/nft_exthdr.c2
-rw-r--r--net/rds/ib.c3
-rw-r--r--net/rose/af_rose.c16
-rw-r--r--net/sched/act_csum.c10
-rw-r--r--net/sched/act_gact.c7
-rw-r--r--net/sched/act_ipt.c8
-rw-r--r--net/sched/act_nat.c10
-rw-r--r--net/sched/act_pedit.c8
-rw-r--r--net/sched/act_police.c4
-rw-r--r--net/sched/act_simple.c9
-rw-r--r--net/sched/act_skbedit.c7
-rw-r--r--net/tipc/port.c45
-rw-r--r--net/tipc/port.h6
-rw-r--r--net/tipc/socket.c46
-rw-r--r--net/wireless/radiotap.c4
-rw-r--r--net/wireless/sme.c22
41 files changed, 394 insertions, 249 deletions
diff --git a/net/batman-adv/bat_iv_ogm.c b/net/batman-adv/bat_iv_ogm.c
index a2b480a90872..b9c8a6eedf45 100644
--- a/net/batman-adv/bat_iv_ogm.c
+++ b/net/batman-adv/bat_iv_ogm.c
@@ -307,9 +307,9 @@ static int batadv_iv_ogm_iface_enable(struct batadv_hard_iface *hard_iface)
307 hard_iface->bat_iv.ogm_buff = ogm_buff; 307 hard_iface->bat_iv.ogm_buff = ogm_buff;
308 308
309 batadv_ogm_packet = (struct batadv_ogm_packet *)ogm_buff; 309 batadv_ogm_packet = (struct batadv_ogm_packet *)ogm_buff;
310 batadv_ogm_packet->header.packet_type = BATADV_IV_OGM; 310 batadv_ogm_packet->packet_type = BATADV_IV_OGM;
311 batadv_ogm_packet->header.version = BATADV_COMPAT_VERSION; 311 batadv_ogm_packet->version = BATADV_COMPAT_VERSION;
312 batadv_ogm_packet->header.ttl = 2; 312 batadv_ogm_packet->ttl = 2;
313 batadv_ogm_packet->flags = BATADV_NO_FLAGS; 313 batadv_ogm_packet->flags = BATADV_NO_FLAGS;
314 batadv_ogm_packet->reserved = 0; 314 batadv_ogm_packet->reserved = 0;
315 batadv_ogm_packet->tq = BATADV_TQ_MAX_VALUE; 315 batadv_ogm_packet->tq = BATADV_TQ_MAX_VALUE;
@@ -346,7 +346,7 @@ batadv_iv_ogm_primary_iface_set(struct batadv_hard_iface *hard_iface)
346 346
347 batadv_ogm_packet = (struct batadv_ogm_packet *)ogm_buff; 347 batadv_ogm_packet = (struct batadv_ogm_packet *)ogm_buff;
348 batadv_ogm_packet->flags = BATADV_PRIMARIES_FIRST_HOP; 348 batadv_ogm_packet->flags = BATADV_PRIMARIES_FIRST_HOP;
349 batadv_ogm_packet->header.ttl = BATADV_TTL; 349 batadv_ogm_packet->ttl = BATADV_TTL;
350} 350}
351 351
352/* when do we schedule our own ogm to be sent */ 352/* when do we schedule our own ogm to be sent */
@@ -435,7 +435,7 @@ static void batadv_iv_ogm_send_to_if(struct batadv_forw_packet *forw_packet,
435 fwd_str, (packet_num > 0 ? "aggregated " : ""), 435 fwd_str, (packet_num > 0 ? "aggregated " : ""),
436 batadv_ogm_packet->orig, 436 batadv_ogm_packet->orig,
437 ntohl(batadv_ogm_packet->seqno), 437 ntohl(batadv_ogm_packet->seqno),
438 batadv_ogm_packet->tq, batadv_ogm_packet->header.ttl, 438 batadv_ogm_packet->tq, batadv_ogm_packet->ttl,
439 (batadv_ogm_packet->flags & BATADV_DIRECTLINK ? 439 (batadv_ogm_packet->flags & BATADV_DIRECTLINK ?
440 "on" : "off"), 440 "on" : "off"),
441 hard_iface->net_dev->name, 441 hard_iface->net_dev->name,
@@ -491,7 +491,7 @@ static void batadv_iv_ogm_emit(struct batadv_forw_packet *forw_packet)
491 /* multihomed peer assumed 491 /* multihomed peer assumed
492 * non-primary OGMs are only broadcasted on their interface 492 * non-primary OGMs are only broadcasted on their interface
493 */ 493 */
494 if ((directlink && (batadv_ogm_packet->header.ttl == 1)) || 494 if ((directlink && (batadv_ogm_packet->ttl == 1)) ||
495 (forw_packet->own && (forw_packet->if_incoming != primary_if))) { 495 (forw_packet->own && (forw_packet->if_incoming != primary_if))) {
496 /* FIXME: what about aggregated packets ? */ 496 /* FIXME: what about aggregated packets ? */
497 batadv_dbg(BATADV_DBG_BATMAN, bat_priv, 497 batadv_dbg(BATADV_DBG_BATMAN, bat_priv,
@@ -499,7 +499,7 @@ static void batadv_iv_ogm_emit(struct batadv_forw_packet *forw_packet)
499 (forw_packet->own ? "Sending own" : "Forwarding"), 499 (forw_packet->own ? "Sending own" : "Forwarding"),
500 batadv_ogm_packet->orig, 500 batadv_ogm_packet->orig,
501 ntohl(batadv_ogm_packet->seqno), 501 ntohl(batadv_ogm_packet->seqno),
502 batadv_ogm_packet->header.ttl, 502 batadv_ogm_packet->ttl,
503 forw_packet->if_incoming->net_dev->name, 503 forw_packet->if_incoming->net_dev->name,
504 forw_packet->if_incoming->net_dev->dev_addr); 504 forw_packet->if_incoming->net_dev->dev_addr);
505 505
@@ -572,7 +572,7 @@ batadv_iv_ogm_can_aggregate(const struct batadv_ogm_packet *new_bat_ogm_packet,
572 */ 572 */
573 if ((!directlink) && 573 if ((!directlink) &&
574 (!(batadv_ogm_packet->flags & BATADV_DIRECTLINK)) && 574 (!(batadv_ogm_packet->flags & BATADV_DIRECTLINK)) &&
575 (batadv_ogm_packet->header.ttl != 1) && 575 (batadv_ogm_packet->ttl != 1) &&
576 576
577 /* own packets originating non-primary 577 /* own packets originating non-primary
578 * interfaces leave only that interface 578 * interfaces leave only that interface
@@ -587,7 +587,7 @@ batadv_iv_ogm_can_aggregate(const struct batadv_ogm_packet *new_bat_ogm_packet,
587 * interface only - we still can aggregate 587 * interface only - we still can aggregate
588 */ 588 */
589 if ((directlink) && 589 if ((directlink) &&
590 (new_bat_ogm_packet->header.ttl == 1) && 590 (new_bat_ogm_packet->ttl == 1) &&
591 (forw_packet->if_incoming == if_incoming) && 591 (forw_packet->if_incoming == if_incoming) &&
592 592
593 /* packets from direct neighbors or 593 /* packets from direct neighbors or
@@ -778,7 +778,7 @@ static void batadv_iv_ogm_forward(struct batadv_orig_node *orig_node,
778 struct batadv_priv *bat_priv = netdev_priv(if_incoming->soft_iface); 778 struct batadv_priv *bat_priv = netdev_priv(if_incoming->soft_iface);
779 uint16_t tvlv_len; 779 uint16_t tvlv_len;
780 780
781 if (batadv_ogm_packet->header.ttl <= 1) { 781 if (batadv_ogm_packet->ttl <= 1) {
782 batadv_dbg(BATADV_DBG_BATMAN, bat_priv, "ttl exceeded\n"); 782 batadv_dbg(BATADV_DBG_BATMAN, bat_priv, "ttl exceeded\n");
783 return; 783 return;
784 } 784 }
@@ -798,7 +798,7 @@ static void batadv_iv_ogm_forward(struct batadv_orig_node *orig_node,
798 798
799 tvlv_len = ntohs(batadv_ogm_packet->tvlv_len); 799 tvlv_len = ntohs(batadv_ogm_packet->tvlv_len);
800 800
801 batadv_ogm_packet->header.ttl--; 801 batadv_ogm_packet->ttl--;
802 memcpy(batadv_ogm_packet->prev_sender, ethhdr->h_source, ETH_ALEN); 802 memcpy(batadv_ogm_packet->prev_sender, ethhdr->h_source, ETH_ALEN);
803 803
804 /* apply hop penalty */ 804 /* apply hop penalty */
@@ -807,7 +807,7 @@ static void batadv_iv_ogm_forward(struct batadv_orig_node *orig_node,
807 807
808 batadv_dbg(BATADV_DBG_BATMAN, bat_priv, 808 batadv_dbg(BATADV_DBG_BATMAN, bat_priv,
809 "Forwarding packet: tq: %i, ttl: %i\n", 809 "Forwarding packet: tq: %i, ttl: %i\n",
810 batadv_ogm_packet->tq, batadv_ogm_packet->header.ttl); 810 batadv_ogm_packet->tq, batadv_ogm_packet->ttl);
811 811
812 /* switch of primaries first hop flag when forwarding */ 812 /* switch of primaries first hop flag when forwarding */
813 batadv_ogm_packet->flags &= ~BATADV_PRIMARIES_FIRST_HOP; 813 batadv_ogm_packet->flags &= ~BATADV_PRIMARIES_FIRST_HOP;
@@ -972,8 +972,8 @@ batadv_iv_ogm_orig_update(struct batadv_priv *bat_priv,
972 spin_unlock_bh(&neigh_node->bat_iv.lq_update_lock); 972 spin_unlock_bh(&neigh_node->bat_iv.lq_update_lock);
973 973
974 if (dup_status == BATADV_NO_DUP) { 974 if (dup_status == BATADV_NO_DUP) {
975 orig_node->last_ttl = batadv_ogm_packet->header.ttl; 975 orig_node->last_ttl = batadv_ogm_packet->ttl;
976 neigh_node->last_ttl = batadv_ogm_packet->header.ttl; 976 neigh_node->last_ttl = batadv_ogm_packet->ttl;
977 } 977 }
978 978
979 batadv_bonding_candidate_add(bat_priv, orig_node, neigh_node); 979 batadv_bonding_candidate_add(bat_priv, orig_node, neigh_node);
@@ -1247,7 +1247,7 @@ static void batadv_iv_ogm_process(const struct ethhdr *ethhdr,
1247 * packet in an aggregation. Here we expect that the padding 1247 * packet in an aggregation. Here we expect that the padding
1248 * is always zero (or not 0x01) 1248 * is always zero (or not 0x01)
1249 */ 1249 */
1250 if (batadv_ogm_packet->header.packet_type != BATADV_IV_OGM) 1250 if (batadv_ogm_packet->packet_type != BATADV_IV_OGM)
1251 return; 1251 return;
1252 1252
1253 /* could be changed by schedule_own_packet() */ 1253 /* could be changed by schedule_own_packet() */
@@ -1267,8 +1267,8 @@ static void batadv_iv_ogm_process(const struct ethhdr *ethhdr,
1267 if_incoming->net_dev->dev_addr, batadv_ogm_packet->orig, 1267 if_incoming->net_dev->dev_addr, batadv_ogm_packet->orig,
1268 batadv_ogm_packet->prev_sender, 1268 batadv_ogm_packet->prev_sender,
1269 ntohl(batadv_ogm_packet->seqno), batadv_ogm_packet->tq, 1269 ntohl(batadv_ogm_packet->seqno), batadv_ogm_packet->tq,
1270 batadv_ogm_packet->header.ttl, 1270 batadv_ogm_packet->ttl,
1271 batadv_ogm_packet->header.version, has_directlink_flag); 1271 batadv_ogm_packet->version, has_directlink_flag);
1272 1272
1273 rcu_read_lock(); 1273 rcu_read_lock();
1274 list_for_each_entry_rcu(hard_iface, &batadv_hardif_list, list) { 1274 list_for_each_entry_rcu(hard_iface, &batadv_hardif_list, list) {
@@ -1433,7 +1433,7 @@ static void batadv_iv_ogm_process(const struct ethhdr *ethhdr,
1433 * seqno and similar ttl as the non-duplicate 1433 * seqno and similar ttl as the non-duplicate
1434 */ 1434 */
1435 sameseq = orig_node->last_real_seqno == ntohl(batadv_ogm_packet->seqno); 1435 sameseq = orig_node->last_real_seqno == ntohl(batadv_ogm_packet->seqno);
1436 similar_ttl = orig_node->last_ttl - 3 <= batadv_ogm_packet->header.ttl; 1436 similar_ttl = orig_node->last_ttl - 3 <= batadv_ogm_packet->ttl;
1437 if (is_bidirect && ((dup_status == BATADV_NO_DUP) || 1437 if (is_bidirect && ((dup_status == BATADV_NO_DUP) ||
1438 (sameseq && similar_ttl))) 1438 (sameseq && similar_ttl)))
1439 batadv_iv_ogm_orig_update(bat_priv, orig_node, ethhdr, 1439 batadv_iv_ogm_orig_update(bat_priv, orig_node, ethhdr,
diff --git a/net/batman-adv/distributed-arp-table.c b/net/batman-adv/distributed-arp-table.c
index 6c8c3934bd7b..b316a4cb6f14 100644
--- a/net/batman-adv/distributed-arp-table.c
+++ b/net/batman-adv/distributed-arp-table.c
@@ -349,7 +349,7 @@ static void batadv_dbg_arp(struct batadv_priv *bat_priv, struct sk_buff *skb,
349 349
350 unicast_4addr_packet = (struct batadv_unicast_4addr_packet *)skb->data; 350 unicast_4addr_packet = (struct batadv_unicast_4addr_packet *)skb->data;
351 351
352 switch (unicast_4addr_packet->u.header.packet_type) { 352 switch (unicast_4addr_packet->u.packet_type) {
353 case BATADV_UNICAST: 353 case BATADV_UNICAST:
354 batadv_dbg(BATADV_DBG_DAT, bat_priv, 354 batadv_dbg(BATADV_DBG_DAT, bat_priv,
355 "* encapsulated within a UNICAST packet\n"); 355 "* encapsulated within a UNICAST packet\n");
@@ -374,7 +374,7 @@ static void batadv_dbg_arp(struct batadv_priv *bat_priv, struct sk_buff *skb,
374 break; 374 break;
375 default: 375 default:
376 batadv_dbg(BATADV_DBG_DAT, bat_priv, "* type: Unknown (%u)!\n", 376 batadv_dbg(BATADV_DBG_DAT, bat_priv, "* type: Unknown (%u)!\n",
377 unicast_4addr_packet->u.header.packet_type); 377 unicast_4addr_packet->u.packet_type);
378 } 378 }
379 break; 379 break;
380 case BATADV_BCAST: 380 case BATADV_BCAST:
@@ -387,7 +387,7 @@ static void batadv_dbg_arp(struct batadv_priv *bat_priv, struct sk_buff *skb,
387 default: 387 default:
388 batadv_dbg(BATADV_DBG_DAT, bat_priv, 388 batadv_dbg(BATADV_DBG_DAT, bat_priv,
389 "* encapsulated within an unknown packet type (0x%x)\n", 389 "* encapsulated within an unknown packet type (0x%x)\n",
390 unicast_4addr_packet->u.header.packet_type); 390 unicast_4addr_packet->u.packet_type);
391 } 391 }
392} 392}
393 393
diff --git a/net/batman-adv/fragmentation.c b/net/batman-adv/fragmentation.c
index 271d321b3a04..6ddb6145ffb5 100644
--- a/net/batman-adv/fragmentation.c
+++ b/net/batman-adv/fragmentation.c
@@ -355,7 +355,7 @@ bool batadv_frag_skb_fwd(struct sk_buff *skb,
355 batadv_add_counter(bat_priv, BATADV_CNT_FRAG_FWD_BYTES, 355 batadv_add_counter(bat_priv, BATADV_CNT_FRAG_FWD_BYTES,
356 skb->len + ETH_HLEN); 356 skb->len + ETH_HLEN);
357 357
358 packet->header.ttl--; 358 packet->ttl--;
359 batadv_send_skb_packet(skb, neigh_node->if_incoming, 359 batadv_send_skb_packet(skb, neigh_node->if_incoming,
360 neigh_node->addr); 360 neigh_node->addr);
361 ret = true; 361 ret = true;
@@ -444,9 +444,9 @@ bool batadv_frag_send_packet(struct sk_buff *skb,
444 goto out_err; 444 goto out_err;
445 445
446 /* Create one header to be copied to all fragments */ 446 /* Create one header to be copied to all fragments */
447 frag_header.header.packet_type = BATADV_UNICAST_FRAG; 447 frag_header.packet_type = BATADV_UNICAST_FRAG;
448 frag_header.header.version = BATADV_COMPAT_VERSION; 448 frag_header.version = BATADV_COMPAT_VERSION;
449 frag_header.header.ttl = BATADV_TTL; 449 frag_header.ttl = BATADV_TTL;
450 frag_header.seqno = htons(atomic_inc_return(&bat_priv->frag_seqno)); 450 frag_header.seqno = htons(atomic_inc_return(&bat_priv->frag_seqno));
451 frag_header.reserved = 0; 451 frag_header.reserved = 0;
452 frag_header.no = 0; 452 frag_header.no = 0;
diff --git a/net/batman-adv/icmp_socket.c b/net/batman-adv/icmp_socket.c
index 29ae4efe3543..130cc3217e2b 100644
--- a/net/batman-adv/icmp_socket.c
+++ b/net/batman-adv/icmp_socket.c
@@ -194,7 +194,7 @@ static ssize_t batadv_socket_write(struct file *file, const char __user *buff,
194 goto free_skb; 194 goto free_skb;
195 } 195 }
196 196
197 if (icmp_header->header.packet_type != BATADV_ICMP) { 197 if (icmp_header->packet_type != BATADV_ICMP) {
198 batadv_dbg(BATADV_DBG_BATMAN, bat_priv, 198 batadv_dbg(BATADV_DBG_BATMAN, bat_priv,
199 "Error - can't send packet from char device: got bogus packet type (expected: BAT_ICMP)\n"); 199 "Error - can't send packet from char device: got bogus packet type (expected: BAT_ICMP)\n");
200 len = -EINVAL; 200 len = -EINVAL;
@@ -243,9 +243,9 @@ static ssize_t batadv_socket_write(struct file *file, const char __user *buff,
243 243
244 icmp_header->uid = socket_client->index; 244 icmp_header->uid = socket_client->index;
245 245
246 if (icmp_header->header.version != BATADV_COMPAT_VERSION) { 246 if (icmp_header->version != BATADV_COMPAT_VERSION) {
247 icmp_header->msg_type = BATADV_PARAMETER_PROBLEM; 247 icmp_header->msg_type = BATADV_PARAMETER_PROBLEM;
248 icmp_header->header.version = BATADV_COMPAT_VERSION; 248 icmp_header->version = BATADV_COMPAT_VERSION;
249 batadv_socket_add_packet(socket_client, icmp_header, 249 batadv_socket_add_packet(socket_client, icmp_header,
250 packet_len); 250 packet_len);
251 goto free_skb; 251 goto free_skb;
diff --git a/net/batman-adv/main.c b/net/batman-adv/main.c
index c51a5e568f0a..1511f64a6cea 100644
--- a/net/batman-adv/main.c
+++ b/net/batman-adv/main.c
@@ -383,17 +383,17 @@ int batadv_batman_skb_recv(struct sk_buff *skb, struct net_device *dev,
383 383
384 batadv_ogm_packet = (struct batadv_ogm_packet *)skb->data; 384 batadv_ogm_packet = (struct batadv_ogm_packet *)skb->data;
385 385
386 if (batadv_ogm_packet->header.version != BATADV_COMPAT_VERSION) { 386 if (batadv_ogm_packet->version != BATADV_COMPAT_VERSION) {
387 batadv_dbg(BATADV_DBG_BATMAN, bat_priv, 387 batadv_dbg(BATADV_DBG_BATMAN, bat_priv,
388 "Drop packet: incompatible batman version (%i)\n", 388 "Drop packet: incompatible batman version (%i)\n",
389 batadv_ogm_packet->header.version); 389 batadv_ogm_packet->version);
390 goto err_free; 390 goto err_free;
391 } 391 }
392 392
393 /* all receive handlers return whether they received or reused 393 /* all receive handlers return whether they received or reused
394 * the supplied skb. if not, we have to free the skb. 394 * the supplied skb. if not, we have to free the skb.
395 */ 395 */
396 idx = batadv_ogm_packet->header.packet_type; 396 idx = batadv_ogm_packet->packet_type;
397 ret = (*batadv_rx_handler[idx])(skb, hard_iface); 397 ret = (*batadv_rx_handler[idx])(skb, hard_iface);
398 398
399 if (ret == NET_RX_DROP) 399 if (ret == NET_RX_DROP)
@@ -426,8 +426,8 @@ static void batadv_recv_handler_init(void)
426 BUILD_BUG_ON(offsetof(struct batadv_unicast_packet, dest) != 4); 426 BUILD_BUG_ON(offsetof(struct batadv_unicast_packet, dest) != 4);
427 BUILD_BUG_ON(offsetof(struct batadv_unicast_tvlv_packet, dst) != 4); 427 BUILD_BUG_ON(offsetof(struct batadv_unicast_tvlv_packet, dst) != 4);
428 BUILD_BUG_ON(offsetof(struct batadv_frag_packet, dest) != 4); 428 BUILD_BUG_ON(offsetof(struct batadv_frag_packet, dest) != 4);
429 BUILD_BUG_ON(offsetof(struct batadv_icmp_packet, icmph.dst) != 4); 429 BUILD_BUG_ON(offsetof(struct batadv_icmp_packet, dst) != 4);
430 BUILD_BUG_ON(offsetof(struct batadv_icmp_packet_rr, icmph.dst) != 4); 430 BUILD_BUG_ON(offsetof(struct batadv_icmp_packet_rr, dst) != 4);
431 431
432 /* broadcast packet */ 432 /* broadcast packet */
433 batadv_rx_handler[BATADV_BCAST] = batadv_recv_bcast_packet; 433 batadv_rx_handler[BATADV_BCAST] = batadv_recv_bcast_packet;
@@ -1119,9 +1119,9 @@ void batadv_tvlv_unicast_send(struct batadv_priv *bat_priv, uint8_t *src,
1119 skb_reserve(skb, ETH_HLEN); 1119 skb_reserve(skb, ETH_HLEN);
1120 tvlv_buff = skb_put(skb, sizeof(*unicast_tvlv_packet) + tvlv_len); 1120 tvlv_buff = skb_put(skb, sizeof(*unicast_tvlv_packet) + tvlv_len);
1121 unicast_tvlv_packet = (struct batadv_unicast_tvlv_packet *)tvlv_buff; 1121 unicast_tvlv_packet = (struct batadv_unicast_tvlv_packet *)tvlv_buff;
1122 unicast_tvlv_packet->header.packet_type = BATADV_UNICAST_TVLV; 1122 unicast_tvlv_packet->packet_type = BATADV_UNICAST_TVLV;
1123 unicast_tvlv_packet->header.version = BATADV_COMPAT_VERSION; 1123 unicast_tvlv_packet->version = BATADV_COMPAT_VERSION;
1124 unicast_tvlv_packet->header.ttl = BATADV_TTL; 1124 unicast_tvlv_packet->ttl = BATADV_TTL;
1125 unicast_tvlv_packet->reserved = 0; 1125 unicast_tvlv_packet->reserved = 0;
1126 unicast_tvlv_packet->tvlv_len = htons(tvlv_len); 1126 unicast_tvlv_packet->tvlv_len = htons(tvlv_len);
1127 unicast_tvlv_packet->align = 0; 1127 unicast_tvlv_packet->align = 0;
diff --git a/net/batman-adv/network-coding.c b/net/batman-adv/network-coding.c
index 351e199bc0af..511d7e1eea38 100644
--- a/net/batman-adv/network-coding.c
+++ b/net/batman-adv/network-coding.c
@@ -722,7 +722,7 @@ static bool batadv_can_nc_with_orig(struct batadv_priv *bat_priv,
722{ 722{
723 if (orig_node->last_real_seqno != ntohl(ogm_packet->seqno)) 723 if (orig_node->last_real_seqno != ntohl(ogm_packet->seqno))
724 return false; 724 return false;
725 if (orig_node->last_ttl != ogm_packet->header.ttl + 1) 725 if (orig_node->last_ttl != ogm_packet->ttl + 1)
726 return false; 726 return false;
727 if (!batadv_compare_eth(ogm_packet->orig, ogm_packet->prev_sender)) 727 if (!batadv_compare_eth(ogm_packet->orig, ogm_packet->prev_sender))
728 return false; 728 return false;
@@ -1082,9 +1082,9 @@ static bool batadv_nc_code_packets(struct batadv_priv *bat_priv,
1082 coded_packet = (struct batadv_coded_packet *)skb_dest->data; 1082 coded_packet = (struct batadv_coded_packet *)skb_dest->data;
1083 skb_reset_mac_header(skb_dest); 1083 skb_reset_mac_header(skb_dest);
1084 1084
1085 coded_packet->header.packet_type = BATADV_CODED; 1085 coded_packet->packet_type = BATADV_CODED;
1086 coded_packet->header.version = BATADV_COMPAT_VERSION; 1086 coded_packet->version = BATADV_COMPAT_VERSION;
1087 coded_packet->header.ttl = packet1->header.ttl; 1087 coded_packet->ttl = packet1->ttl;
1088 1088
1089 /* Info about first unicast packet */ 1089 /* Info about first unicast packet */
1090 memcpy(coded_packet->first_source, first_source, ETH_ALEN); 1090 memcpy(coded_packet->first_source, first_source, ETH_ALEN);
@@ -1097,7 +1097,7 @@ static bool batadv_nc_code_packets(struct batadv_priv *bat_priv,
1097 memcpy(coded_packet->second_source, second_source, ETH_ALEN); 1097 memcpy(coded_packet->second_source, second_source, ETH_ALEN);
1098 memcpy(coded_packet->second_orig_dest, packet2->dest, ETH_ALEN); 1098 memcpy(coded_packet->second_orig_dest, packet2->dest, ETH_ALEN);
1099 coded_packet->second_crc = packet_id2; 1099 coded_packet->second_crc = packet_id2;
1100 coded_packet->second_ttl = packet2->header.ttl; 1100 coded_packet->second_ttl = packet2->ttl;
1101 coded_packet->second_ttvn = packet2->ttvn; 1101 coded_packet->second_ttvn = packet2->ttvn;
1102 coded_packet->coded_len = htons(coding_len); 1102 coded_packet->coded_len = htons(coding_len);
1103 1103
@@ -1452,7 +1452,7 @@ bool batadv_nc_skb_forward(struct sk_buff *skb,
1452 /* We only handle unicast packets */ 1452 /* We only handle unicast packets */
1453 payload = skb_network_header(skb); 1453 payload = skb_network_header(skb);
1454 packet = (struct batadv_unicast_packet *)payload; 1454 packet = (struct batadv_unicast_packet *)payload;
1455 if (packet->header.packet_type != BATADV_UNICAST) 1455 if (packet->packet_type != BATADV_UNICAST)
1456 goto out; 1456 goto out;
1457 1457
1458 /* Try to find a coding opportunity and send the skb if one is found */ 1458 /* Try to find a coding opportunity and send the skb if one is found */
@@ -1505,7 +1505,7 @@ void batadv_nc_skb_store_for_decoding(struct batadv_priv *bat_priv,
1505 /* Check for supported packet type */ 1505 /* Check for supported packet type */
1506 payload = skb_network_header(skb); 1506 payload = skb_network_header(skb);
1507 packet = (struct batadv_unicast_packet *)payload; 1507 packet = (struct batadv_unicast_packet *)payload;
1508 if (packet->header.packet_type != BATADV_UNICAST) 1508 if (packet->packet_type != BATADV_UNICAST)
1509 goto out; 1509 goto out;
1510 1510
1511 /* Find existing nc_path or create a new */ 1511 /* Find existing nc_path or create a new */
@@ -1623,7 +1623,7 @@ batadv_nc_skb_decode_packet(struct batadv_priv *bat_priv, struct sk_buff *skb,
1623 ttvn = coded_packet_tmp.second_ttvn; 1623 ttvn = coded_packet_tmp.second_ttvn;
1624 } else { 1624 } else {
1625 orig_dest = coded_packet_tmp.first_orig_dest; 1625 orig_dest = coded_packet_tmp.first_orig_dest;
1626 ttl = coded_packet_tmp.header.ttl; 1626 ttl = coded_packet_tmp.ttl;
1627 ttvn = coded_packet_tmp.first_ttvn; 1627 ttvn = coded_packet_tmp.first_ttvn;
1628 } 1628 }
1629 1629
@@ -1648,9 +1648,9 @@ batadv_nc_skb_decode_packet(struct batadv_priv *bat_priv, struct sk_buff *skb,
1648 1648
1649 /* Create decoded unicast packet */ 1649 /* Create decoded unicast packet */
1650 unicast_packet = (struct batadv_unicast_packet *)skb->data; 1650 unicast_packet = (struct batadv_unicast_packet *)skb->data;
1651 unicast_packet->header.packet_type = BATADV_UNICAST; 1651 unicast_packet->packet_type = BATADV_UNICAST;
1652 unicast_packet->header.version = BATADV_COMPAT_VERSION; 1652 unicast_packet->version = BATADV_COMPAT_VERSION;
1653 unicast_packet->header.ttl = ttl; 1653 unicast_packet->ttl = ttl;
1654 memcpy(unicast_packet->dest, orig_dest, ETH_ALEN); 1654 memcpy(unicast_packet->dest, orig_dest, ETH_ALEN);
1655 unicast_packet->ttvn = ttvn; 1655 unicast_packet->ttvn = ttvn;
1656 1656
diff --git a/net/batman-adv/packet.h b/net/batman-adv/packet.h
index 207459b62966..2dd8f2422550 100644
--- a/net/batman-adv/packet.h
+++ b/net/batman-adv/packet.h
@@ -155,6 +155,7 @@ enum batadv_tvlv_type {
155 BATADV_TVLV_ROAM = 0x05, 155 BATADV_TVLV_ROAM = 0x05,
156}; 156};
157 157
158#pragma pack(2)
158/* the destination hardware field in the ARP frame is used to 159/* the destination hardware field in the ARP frame is used to
159 * transport the claim type and the group id 160 * transport the claim type and the group id
160 */ 161 */
@@ -163,24 +164,20 @@ struct batadv_bla_claim_dst {
163 uint8_t type; /* bla_claimframe */ 164 uint8_t type; /* bla_claimframe */
164 __be16 group; /* group id */ 165 __be16 group; /* group id */
165}; 166};
166 167#pragma pack()
167struct batadv_header {
168 uint8_t packet_type;
169 uint8_t version; /* batman version field */
170 uint8_t ttl;
171 /* the parent struct has to add a byte after the header to make
172 * everything 4 bytes aligned again
173 */
174};
175 168
176/** 169/**
177 * struct batadv_ogm_packet - ogm (routing protocol) packet 170 * struct batadv_ogm_packet - ogm (routing protocol) packet
178 * @header: common batman packet header 171 * @packet_type: batman-adv packet type, part of the general header
172 * @version: batman-adv protocol version, part of the genereal header
173 * @ttl: time to live for this packet, part of the genereal header
179 * @flags: contains routing relevant flags - see enum batadv_iv_flags 174 * @flags: contains routing relevant flags - see enum batadv_iv_flags
180 * @tvlv_len: length of tvlv data following the ogm header 175 * @tvlv_len: length of tvlv data following the ogm header
181 */ 176 */
182struct batadv_ogm_packet { 177struct batadv_ogm_packet {
183 struct batadv_header header; 178 uint8_t packet_type;
179 uint8_t version;
180 uint8_t ttl;
184 uint8_t flags; 181 uint8_t flags;
185 __be32 seqno; 182 __be32 seqno;
186 uint8_t orig[ETH_ALEN]; 183 uint8_t orig[ETH_ALEN];
@@ -196,29 +193,51 @@ struct batadv_ogm_packet {
196#define BATADV_OGM_HLEN sizeof(struct batadv_ogm_packet) 193#define BATADV_OGM_HLEN sizeof(struct batadv_ogm_packet)
197 194
198/** 195/**
199 * batadv_icmp_header - common ICMP header 196 * batadv_icmp_header - common members among all the ICMP packets
200 * @header: common batman header 197 * @packet_type: batman-adv packet type, part of the general header
198 * @version: batman-adv protocol version, part of the genereal header
199 * @ttl: time to live for this packet, part of the genereal header
201 * @msg_type: ICMP packet type 200 * @msg_type: ICMP packet type
202 * @dst: address of the destination node 201 * @dst: address of the destination node
203 * @orig: address of the source node 202 * @orig: address of the source node
204 * @uid: local ICMP socket identifier 203 * @uid: local ICMP socket identifier
204 * @align: not used - useful for alignment purposes only
205 *
206 * This structure is used for ICMP packets parsing only and it is never sent
207 * over the wire. The alignment field at the end is there to ensure that
208 * members are padded the same way as they are in real packets.
205 */ 209 */
206struct batadv_icmp_header { 210struct batadv_icmp_header {
207 struct batadv_header header; 211 uint8_t packet_type;
212 uint8_t version;
213 uint8_t ttl;
208 uint8_t msg_type; /* see ICMP message types above */ 214 uint8_t msg_type; /* see ICMP message types above */
209 uint8_t dst[ETH_ALEN]; 215 uint8_t dst[ETH_ALEN];
210 uint8_t orig[ETH_ALEN]; 216 uint8_t orig[ETH_ALEN];
211 uint8_t uid; 217 uint8_t uid;
218 uint8_t align[3];
212}; 219};
213 220
214/** 221/**
215 * batadv_icmp_packet - ICMP packet 222 * batadv_icmp_packet - ICMP packet
216 * @icmph: common ICMP header 223 * @packet_type: batman-adv packet type, part of the general header
224 * @version: batman-adv protocol version, part of the genereal header
225 * @ttl: time to live for this packet, part of the genereal header
226 * @msg_type: ICMP packet type
227 * @dst: address of the destination node
228 * @orig: address of the source node
229 * @uid: local ICMP socket identifier
217 * @reserved: not used - useful for alignment 230 * @reserved: not used - useful for alignment
218 * @seqno: ICMP sequence number 231 * @seqno: ICMP sequence number
219 */ 232 */
220struct batadv_icmp_packet { 233struct batadv_icmp_packet {
221 struct batadv_icmp_header icmph; 234 uint8_t packet_type;
235 uint8_t version;
236 uint8_t ttl;
237 uint8_t msg_type; /* see ICMP message types above */
238 uint8_t dst[ETH_ALEN];
239 uint8_t orig[ETH_ALEN];
240 uint8_t uid;
222 uint8_t reserved; 241 uint8_t reserved;
223 __be16 seqno; 242 __be16 seqno;
224}; 243};
@@ -227,13 +246,25 @@ struct batadv_icmp_packet {
227 246
228/** 247/**
229 * batadv_icmp_packet_rr - ICMP RouteRecord packet 248 * batadv_icmp_packet_rr - ICMP RouteRecord packet
230 * @icmph: common ICMP header 249 * @packet_type: batman-adv packet type, part of the general header
250 * @version: batman-adv protocol version, part of the genereal header
251 * @ttl: time to live for this packet, part of the genereal header
252 * @msg_type: ICMP packet type
253 * @dst: address of the destination node
254 * @orig: address of the source node
255 * @uid: local ICMP socket identifier
231 * @rr_cur: number of entries the rr array 256 * @rr_cur: number of entries the rr array
232 * @seqno: ICMP sequence number 257 * @seqno: ICMP sequence number
233 * @rr: route record array 258 * @rr: route record array
234 */ 259 */
235struct batadv_icmp_packet_rr { 260struct batadv_icmp_packet_rr {
236 struct batadv_icmp_header icmph; 261 uint8_t packet_type;
262 uint8_t version;
263 uint8_t ttl;
264 uint8_t msg_type; /* see ICMP message types above */
265 uint8_t dst[ETH_ALEN];
266 uint8_t orig[ETH_ALEN];
267 uint8_t uid;
237 uint8_t rr_cur; 268 uint8_t rr_cur;
238 __be16 seqno; 269 __be16 seqno;
239 uint8_t rr[BATADV_RR_LEN][ETH_ALEN]; 270 uint8_t rr[BATADV_RR_LEN][ETH_ALEN];
@@ -253,8 +284,18 @@ struct batadv_icmp_packet_rr {
253 */ 284 */
254#pragma pack(2) 285#pragma pack(2)
255 286
287/**
288 * struct batadv_unicast_packet - unicast packet for network payload
289 * @packet_type: batman-adv packet type, part of the general header
290 * @version: batman-adv protocol version, part of the genereal header
291 * @ttl: time to live for this packet, part of the genereal header
292 * @ttvn: translation table version number
293 * @dest: originator destination of the unicast packet
294 */
256struct batadv_unicast_packet { 295struct batadv_unicast_packet {
257 struct batadv_header header; 296 uint8_t packet_type;
297 uint8_t version;
298 uint8_t ttl;
258 uint8_t ttvn; /* destination translation table version number */ 299 uint8_t ttvn; /* destination translation table version number */
259 uint8_t dest[ETH_ALEN]; 300 uint8_t dest[ETH_ALEN];
260 /* "4 bytes boundary + 2 bytes" long to make the payload after the 301 /* "4 bytes boundary + 2 bytes" long to make the payload after the
@@ -280,7 +321,9 @@ struct batadv_unicast_4addr_packet {
280 321
281/** 322/**
282 * struct batadv_frag_packet - fragmented packet 323 * struct batadv_frag_packet - fragmented packet
283 * @header: common batman packet header with type, compatversion, and ttl 324 * @packet_type: batman-adv packet type, part of the general header
325 * @version: batman-adv protocol version, part of the genereal header
326 * @ttl: time to live for this packet, part of the genereal header
284 * @dest: final destination used when routing fragments 327 * @dest: final destination used when routing fragments
285 * @orig: originator of the fragment used when merging the packet 328 * @orig: originator of the fragment used when merging the packet
286 * @no: fragment number within this sequence 329 * @no: fragment number within this sequence
@@ -289,7 +332,9 @@ struct batadv_unicast_4addr_packet {
289 * @total_size: size of the merged packet 332 * @total_size: size of the merged packet
290 */ 333 */
291struct batadv_frag_packet { 334struct batadv_frag_packet {
292 struct batadv_header header; 335 uint8_t packet_type;
336 uint8_t version; /* batman version field */
337 uint8_t ttl;
293#if defined(__BIG_ENDIAN_BITFIELD) 338#if defined(__BIG_ENDIAN_BITFIELD)
294 uint8_t no:4; 339 uint8_t no:4;
295 uint8_t reserved:4; 340 uint8_t reserved:4;
@@ -305,8 +350,19 @@ struct batadv_frag_packet {
305 __be16 total_size; 350 __be16 total_size;
306}; 351};
307 352
353/**
354 * struct batadv_bcast_packet - broadcast packet for network payload
355 * @packet_type: batman-adv packet type, part of the general header
356 * @version: batman-adv protocol version, part of the genereal header
357 * @ttl: time to live for this packet, part of the genereal header
358 * @reserved: reserved byte for alignment
359 * @seqno: sequence identification
360 * @orig: originator of the broadcast packet
361 */
308struct batadv_bcast_packet { 362struct batadv_bcast_packet {
309 struct batadv_header header; 363 uint8_t packet_type;
364 uint8_t version; /* batman version field */
365 uint8_t ttl;
310 uint8_t reserved; 366 uint8_t reserved;
311 __be32 seqno; 367 __be32 seqno;
312 uint8_t orig[ETH_ALEN]; 368 uint8_t orig[ETH_ALEN];
@@ -315,11 +371,11 @@ struct batadv_bcast_packet {
315 */ 371 */
316}; 372};
317 373
318#pragma pack()
319
320/** 374/**
321 * struct batadv_coded_packet - network coded packet 375 * struct batadv_coded_packet - network coded packet
322 * @header: common batman packet header and ttl of first included packet 376 * @packet_type: batman-adv packet type, part of the general header
377 * @version: batman-adv protocol version, part of the genereal header
378 * @ttl: time to live for this packet, part of the genereal header
323 * @reserved: Align following fields to 2-byte boundaries 379 * @reserved: Align following fields to 2-byte boundaries
324 * @first_source: original source of first included packet 380 * @first_source: original source of first included packet
325 * @first_orig_dest: original destinal of first included packet 381 * @first_orig_dest: original destinal of first included packet
@@ -334,7 +390,9 @@ struct batadv_bcast_packet {
334 * @coded_len: length of network coded part of the payload 390 * @coded_len: length of network coded part of the payload
335 */ 391 */
336struct batadv_coded_packet { 392struct batadv_coded_packet {
337 struct batadv_header header; 393 uint8_t packet_type;
394 uint8_t version; /* batman version field */
395 uint8_t ttl;
338 uint8_t first_ttvn; 396 uint8_t first_ttvn;
339 /* uint8_t first_dest[ETH_ALEN]; - saved in mac header destination */ 397 /* uint8_t first_dest[ETH_ALEN]; - saved in mac header destination */
340 uint8_t first_source[ETH_ALEN]; 398 uint8_t first_source[ETH_ALEN];
@@ -349,9 +407,13 @@ struct batadv_coded_packet {
349 __be16 coded_len; 407 __be16 coded_len;
350}; 408};
351 409
410#pragma pack()
411
352/** 412/**
353 * struct batadv_unicast_tvlv - generic unicast packet with tvlv payload 413 * struct batadv_unicast_tvlv - generic unicast packet with tvlv payload
354 * @header: common batman packet header 414 * @packet_type: batman-adv packet type, part of the general header
415 * @version: batman-adv protocol version, part of the genereal header
416 * @ttl: time to live for this packet, part of the genereal header
355 * @reserved: reserved field (for packet alignment) 417 * @reserved: reserved field (for packet alignment)
356 * @src: address of the source 418 * @src: address of the source
357 * @dst: address of the destination 419 * @dst: address of the destination
@@ -359,7 +421,9 @@ struct batadv_coded_packet {
359 * @align: 2 bytes to align the header to a 4 byte boundry 421 * @align: 2 bytes to align the header to a 4 byte boundry
360 */ 422 */
361struct batadv_unicast_tvlv_packet { 423struct batadv_unicast_tvlv_packet {
362 struct batadv_header header; 424 uint8_t packet_type;
425 uint8_t version; /* batman version field */
426 uint8_t ttl;
363 uint8_t reserved; 427 uint8_t reserved;
364 uint8_t dst[ETH_ALEN]; 428 uint8_t dst[ETH_ALEN];
365 uint8_t src[ETH_ALEN]; 429 uint8_t src[ETH_ALEN];
@@ -420,13 +484,13 @@ struct batadv_tvlv_tt_vlan_data {
420 * struct batadv_tvlv_tt_change - translation table diff data 484 * struct batadv_tvlv_tt_change - translation table diff data
421 * @flags: status indicators concerning the non-mesh client (see 485 * @flags: status indicators concerning the non-mesh client (see
422 * batadv_tt_client_flags) 486 * batadv_tt_client_flags)
423 * @reserved: reserved field 487 * @reserved: reserved field - useful for alignment purposes only
424 * @addr: mac address of non-mesh client that triggered this tt change 488 * @addr: mac address of non-mesh client that triggered this tt change
425 * @vid: VLAN identifier 489 * @vid: VLAN identifier
426 */ 490 */
427struct batadv_tvlv_tt_change { 491struct batadv_tvlv_tt_change {
428 uint8_t flags; 492 uint8_t flags;
429 uint8_t reserved; 493 uint8_t reserved[3];
430 uint8_t addr[ETH_ALEN]; 494 uint8_t addr[ETH_ALEN];
431 __be16 vid; 495 __be16 vid;
432}; 496};
diff --git a/net/batman-adv/routing.c b/net/batman-adv/routing.c
index d4114d775ad6..46278bfb8fdb 100644
--- a/net/batman-adv/routing.c
+++ b/net/batman-adv/routing.c
@@ -308,7 +308,7 @@ static int batadv_recv_my_icmp_packet(struct batadv_priv *bat_priv,
308 memcpy(icmph->dst, icmph->orig, ETH_ALEN); 308 memcpy(icmph->dst, icmph->orig, ETH_ALEN);
309 memcpy(icmph->orig, primary_if->net_dev->dev_addr, ETH_ALEN); 309 memcpy(icmph->orig, primary_if->net_dev->dev_addr, ETH_ALEN);
310 icmph->msg_type = BATADV_ECHO_REPLY; 310 icmph->msg_type = BATADV_ECHO_REPLY;
311 icmph->header.ttl = BATADV_TTL; 311 icmph->ttl = BATADV_TTL;
312 312
313 res = batadv_send_skb_to_orig(skb, orig_node, NULL); 313 res = batadv_send_skb_to_orig(skb, orig_node, NULL);
314 if (res != NET_XMIT_DROP) 314 if (res != NET_XMIT_DROP)
@@ -338,9 +338,9 @@ static int batadv_recv_icmp_ttl_exceeded(struct batadv_priv *bat_priv,
338 icmp_packet = (struct batadv_icmp_packet *)skb->data; 338 icmp_packet = (struct batadv_icmp_packet *)skb->data;
339 339
340 /* send TTL exceeded if packet is an echo request (traceroute) */ 340 /* send TTL exceeded if packet is an echo request (traceroute) */
341 if (icmp_packet->icmph.msg_type != BATADV_ECHO_REQUEST) { 341 if (icmp_packet->msg_type != BATADV_ECHO_REQUEST) {
342 pr_debug("Warning - can't forward icmp packet from %pM to %pM: ttl exceeded\n", 342 pr_debug("Warning - can't forward icmp packet from %pM to %pM: ttl exceeded\n",
343 icmp_packet->icmph.orig, icmp_packet->icmph.dst); 343 icmp_packet->orig, icmp_packet->dst);
344 goto out; 344 goto out;
345 } 345 }
346 346
@@ -349,7 +349,7 @@ static int batadv_recv_icmp_ttl_exceeded(struct batadv_priv *bat_priv,
349 goto out; 349 goto out;
350 350
351 /* get routing information */ 351 /* get routing information */
352 orig_node = batadv_orig_hash_find(bat_priv, icmp_packet->icmph.orig); 352 orig_node = batadv_orig_hash_find(bat_priv, icmp_packet->orig);
353 if (!orig_node) 353 if (!orig_node)
354 goto out; 354 goto out;
355 355
@@ -359,11 +359,11 @@ static int batadv_recv_icmp_ttl_exceeded(struct batadv_priv *bat_priv,
359 359
360 icmp_packet = (struct batadv_icmp_packet *)skb->data; 360 icmp_packet = (struct batadv_icmp_packet *)skb->data;
361 361
362 memcpy(icmp_packet->icmph.dst, icmp_packet->icmph.orig, ETH_ALEN); 362 memcpy(icmp_packet->dst, icmp_packet->orig, ETH_ALEN);
363 memcpy(icmp_packet->icmph.orig, primary_if->net_dev->dev_addr, 363 memcpy(icmp_packet->orig, primary_if->net_dev->dev_addr,
364 ETH_ALEN); 364 ETH_ALEN);
365 icmp_packet->icmph.msg_type = BATADV_TTL_EXCEEDED; 365 icmp_packet->msg_type = BATADV_TTL_EXCEEDED;
366 icmp_packet->icmph.header.ttl = BATADV_TTL; 366 icmp_packet->ttl = BATADV_TTL;
367 367
368 if (batadv_send_skb_to_orig(skb, orig_node, NULL) != NET_XMIT_DROP) 368 if (batadv_send_skb_to_orig(skb, orig_node, NULL) != NET_XMIT_DROP)
369 ret = NET_RX_SUCCESS; 369 ret = NET_RX_SUCCESS;
@@ -434,7 +434,7 @@ int batadv_recv_icmp_packet(struct sk_buff *skb,
434 return batadv_recv_my_icmp_packet(bat_priv, skb); 434 return batadv_recv_my_icmp_packet(bat_priv, skb);
435 435
436 /* TTL exceeded */ 436 /* TTL exceeded */
437 if (icmph->header.ttl < 2) 437 if (icmph->ttl < 2)
438 return batadv_recv_icmp_ttl_exceeded(bat_priv, skb); 438 return batadv_recv_icmp_ttl_exceeded(bat_priv, skb);
439 439
440 /* get routing information */ 440 /* get routing information */
@@ -449,7 +449,7 @@ int batadv_recv_icmp_packet(struct sk_buff *skb,
449 icmph = (struct batadv_icmp_header *)skb->data; 449 icmph = (struct batadv_icmp_header *)skb->data;
450 450
451 /* decrement ttl */ 451 /* decrement ttl */
452 icmph->header.ttl--; 452 icmph->ttl--;
453 453
454 /* route it */ 454 /* route it */
455 if (batadv_send_skb_to_orig(skb, orig_node, recv_if) != NET_XMIT_DROP) 455 if (batadv_send_skb_to_orig(skb, orig_node, recv_if) != NET_XMIT_DROP)
@@ -709,7 +709,7 @@ static int batadv_route_unicast_packet(struct sk_buff *skb,
709 unicast_packet = (struct batadv_unicast_packet *)skb->data; 709 unicast_packet = (struct batadv_unicast_packet *)skb->data;
710 710
711 /* TTL exceeded */ 711 /* TTL exceeded */
712 if (unicast_packet->header.ttl < 2) { 712 if (unicast_packet->ttl < 2) {
713 pr_debug("Warning - can't forward unicast packet from %pM to %pM: ttl exceeded\n", 713 pr_debug("Warning - can't forward unicast packet from %pM to %pM: ttl exceeded\n",
714 ethhdr->h_source, unicast_packet->dest); 714 ethhdr->h_source, unicast_packet->dest);
715 goto out; 715 goto out;
@@ -727,9 +727,9 @@ static int batadv_route_unicast_packet(struct sk_buff *skb,
727 727
728 /* decrement ttl */ 728 /* decrement ttl */
729 unicast_packet = (struct batadv_unicast_packet *)skb->data; 729 unicast_packet = (struct batadv_unicast_packet *)skb->data;
730 unicast_packet->header.ttl--; 730 unicast_packet->ttl--;
731 731
732 switch (unicast_packet->header.packet_type) { 732 switch (unicast_packet->packet_type) {
733 case BATADV_UNICAST_4ADDR: 733 case BATADV_UNICAST_4ADDR:
734 hdr_len = sizeof(struct batadv_unicast_4addr_packet); 734 hdr_len = sizeof(struct batadv_unicast_4addr_packet);
735 break; 735 break;
@@ -970,7 +970,7 @@ int batadv_recv_unicast_packet(struct sk_buff *skb,
970 unicast_packet = (struct batadv_unicast_packet *)skb->data; 970 unicast_packet = (struct batadv_unicast_packet *)skb->data;
971 unicast_4addr_packet = (struct batadv_unicast_4addr_packet *)skb->data; 971 unicast_4addr_packet = (struct batadv_unicast_4addr_packet *)skb->data;
972 972
973 is4addr = unicast_packet->header.packet_type == BATADV_UNICAST_4ADDR; 973 is4addr = unicast_packet->packet_type == BATADV_UNICAST_4ADDR;
974 /* the caller function should have already pulled 2 bytes */ 974 /* the caller function should have already pulled 2 bytes */
975 if (is4addr) 975 if (is4addr)
976 hdr_size = sizeof(*unicast_4addr_packet); 976 hdr_size = sizeof(*unicast_4addr_packet);
@@ -1160,7 +1160,7 @@ int batadv_recv_bcast_packet(struct sk_buff *skb,
1160 if (batadv_is_my_mac(bat_priv, bcast_packet->orig)) 1160 if (batadv_is_my_mac(bat_priv, bcast_packet->orig))
1161 goto out; 1161 goto out;
1162 1162
1163 if (bcast_packet->header.ttl < 2) 1163 if (bcast_packet->ttl < 2)
1164 goto out; 1164 goto out;
1165 1165
1166 orig_node = batadv_orig_hash_find(bat_priv, bcast_packet->orig); 1166 orig_node = batadv_orig_hash_find(bat_priv, bcast_packet->orig);
diff --git a/net/batman-adv/send.c b/net/batman-adv/send.c
index c83be5ebaa28..fba4dcfcfac2 100644
--- a/net/batman-adv/send.c
+++ b/net/batman-adv/send.c
@@ -161,11 +161,11 @@ batadv_send_skb_push_fill_unicast(struct sk_buff *skb, int hdr_size,
161 return false; 161 return false;
162 162
163 unicast_packet = (struct batadv_unicast_packet *)skb->data; 163 unicast_packet = (struct batadv_unicast_packet *)skb->data;
164 unicast_packet->header.version = BATADV_COMPAT_VERSION; 164 unicast_packet->version = BATADV_COMPAT_VERSION;
165 /* batman packet type: unicast */ 165 /* batman packet type: unicast */
166 unicast_packet->header.packet_type = BATADV_UNICAST; 166 unicast_packet->packet_type = BATADV_UNICAST;
167 /* set unicast ttl */ 167 /* set unicast ttl */
168 unicast_packet->header.ttl = BATADV_TTL; 168 unicast_packet->ttl = BATADV_TTL;
169 /* copy the destination for faster routing */ 169 /* copy the destination for faster routing */
170 memcpy(unicast_packet->dest, orig_node->orig, ETH_ALEN); 170 memcpy(unicast_packet->dest, orig_node->orig, ETH_ALEN);
171 /* set the destination tt version number */ 171 /* set the destination tt version number */
@@ -221,7 +221,7 @@ bool batadv_send_skb_prepare_unicast_4addr(struct batadv_priv *bat_priv,
221 goto out; 221 goto out;
222 222
223 uc_4addr_packet = (struct batadv_unicast_4addr_packet *)skb->data; 223 uc_4addr_packet = (struct batadv_unicast_4addr_packet *)skb->data;
224 uc_4addr_packet->u.header.packet_type = BATADV_UNICAST_4ADDR; 224 uc_4addr_packet->u.packet_type = BATADV_UNICAST_4ADDR;
225 memcpy(uc_4addr_packet->src, primary_if->net_dev->dev_addr, ETH_ALEN); 225 memcpy(uc_4addr_packet->src, primary_if->net_dev->dev_addr, ETH_ALEN);
226 uc_4addr_packet->subtype = packet_subtype; 226 uc_4addr_packet->subtype = packet_subtype;
227 uc_4addr_packet->reserved = 0; 227 uc_4addr_packet->reserved = 0;
@@ -436,7 +436,7 @@ int batadv_add_bcast_packet_to_list(struct batadv_priv *bat_priv,
436 436
437 /* as we have a copy now, it is safe to decrease the TTL */ 437 /* as we have a copy now, it is safe to decrease the TTL */
438 bcast_packet = (struct batadv_bcast_packet *)newskb->data; 438 bcast_packet = (struct batadv_bcast_packet *)newskb->data;
439 bcast_packet->header.ttl--; 439 bcast_packet->ttl--;
440 440
441 skb_reset_mac_header(newskb); 441 skb_reset_mac_header(newskb);
442 442
diff --git a/net/batman-adv/soft-interface.c b/net/batman-adv/soft-interface.c
index 36f050876f82..a8f99d1486c0 100644
--- a/net/batman-adv/soft-interface.c
+++ b/net/batman-adv/soft-interface.c
@@ -264,11 +264,11 @@ static int batadv_interface_tx(struct sk_buff *skb,
264 goto dropped; 264 goto dropped;
265 265
266 bcast_packet = (struct batadv_bcast_packet *)skb->data; 266 bcast_packet = (struct batadv_bcast_packet *)skb->data;
267 bcast_packet->header.version = BATADV_COMPAT_VERSION; 267 bcast_packet->version = BATADV_COMPAT_VERSION;
268 bcast_packet->header.ttl = BATADV_TTL; 268 bcast_packet->ttl = BATADV_TTL;
269 269
270 /* batman packet type: broadcast */ 270 /* batman packet type: broadcast */
271 bcast_packet->header.packet_type = BATADV_BCAST; 271 bcast_packet->packet_type = BATADV_BCAST;
272 bcast_packet->reserved = 0; 272 bcast_packet->reserved = 0;
273 273
274 /* hw address of first interface is the orig mac because only 274 /* hw address of first interface is the orig mac because only
@@ -328,7 +328,7 @@ void batadv_interface_rx(struct net_device *soft_iface,
328 struct sk_buff *skb, struct batadv_hard_iface *recv_if, 328 struct sk_buff *skb, struct batadv_hard_iface *recv_if,
329 int hdr_size, struct batadv_orig_node *orig_node) 329 int hdr_size, struct batadv_orig_node *orig_node)
330{ 330{
331 struct batadv_header *batadv_header = (struct batadv_header *)skb->data; 331 struct batadv_bcast_packet *batadv_bcast_packet;
332 struct batadv_priv *bat_priv = netdev_priv(soft_iface); 332 struct batadv_priv *bat_priv = netdev_priv(soft_iface);
333 __be16 ethertype = htons(ETH_P_BATMAN); 333 __be16 ethertype = htons(ETH_P_BATMAN);
334 struct vlan_ethhdr *vhdr; 334 struct vlan_ethhdr *vhdr;
@@ -336,7 +336,8 @@ void batadv_interface_rx(struct net_device *soft_iface,
336 unsigned short vid; 336 unsigned short vid;
337 bool is_bcast; 337 bool is_bcast;
338 338
339 is_bcast = (batadv_header->packet_type == BATADV_BCAST); 339 batadv_bcast_packet = (struct batadv_bcast_packet *)skb->data;
340 is_bcast = (batadv_bcast_packet->packet_type == BATADV_BCAST);
340 341
341 /* check if enough space is available for pulling, and pull */ 342 /* check if enough space is available for pulling, and pull */
342 if (!pskb_may_pull(skb, hdr_size)) 343 if (!pskb_may_pull(skb, hdr_size))
@@ -345,7 +346,12 @@ void batadv_interface_rx(struct net_device *soft_iface,
345 skb_pull_rcsum(skb, hdr_size); 346 skb_pull_rcsum(skb, hdr_size);
346 skb_reset_mac_header(skb); 347 skb_reset_mac_header(skb);
347 348
348 vid = batadv_get_vid(skb, hdr_size); 349 /* clean the netfilter state now that the batman-adv header has been
350 * removed
351 */
352 nf_reset(skb);
353
354 vid = batadv_get_vid(skb, 0);
349 ethhdr = eth_hdr(skb); 355 ethhdr = eth_hdr(skb);
350 356
351 switch (ntohs(ethhdr->h_proto)) { 357 switch (ntohs(ethhdr->h_proto)) {
diff --git a/net/batman-adv/translation-table.c b/net/batman-adv/translation-table.c
index 4add57d4857f..ff625fedbc5e 100644
--- a/net/batman-adv/translation-table.c
+++ b/net/batman-adv/translation-table.c
@@ -333,7 +333,8 @@ static void batadv_tt_local_event(struct batadv_priv *bat_priv,
333 return; 333 return;
334 334
335 tt_change_node->change.flags = flags; 335 tt_change_node->change.flags = flags;
336 tt_change_node->change.reserved = 0; 336 memset(tt_change_node->change.reserved, 0,
337 sizeof(tt_change_node->change.reserved));
337 memcpy(tt_change_node->change.addr, common->addr, ETH_ALEN); 338 memcpy(tt_change_node->change.addr, common->addr, ETH_ALEN);
338 tt_change_node->change.vid = htons(common->vid); 339 tt_change_node->change.vid = htons(common->vid);
339 340
@@ -2221,7 +2222,8 @@ static void batadv_tt_tvlv_generate(struct batadv_priv *bat_priv,
2221 ETH_ALEN); 2222 ETH_ALEN);
2222 tt_change->flags = tt_common_entry->flags; 2223 tt_change->flags = tt_common_entry->flags;
2223 tt_change->vid = htons(tt_common_entry->vid); 2224 tt_change->vid = htons(tt_common_entry->vid);
2224 tt_change->reserved = 0; 2225 memset(tt_change->reserved, 0,
2226 sizeof(tt_change->reserved));
2225 2227
2226 tt_num_entries++; 2228 tt_num_entries++;
2227 tt_change++; 2229 tt_change++;
diff --git a/net/bluetooth/hci_sock.c b/net/bluetooth/hci_sock.c
index 6a6c8bb4fd72..7552f9e3089c 100644
--- a/net/bluetooth/hci_sock.c
+++ b/net/bluetooth/hci_sock.c
@@ -940,8 +940,22 @@ static int hci_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
940 bt_cb(skb)->pkt_type = *((unsigned char *) skb->data); 940 bt_cb(skb)->pkt_type = *((unsigned char *) skb->data);
941 skb_pull(skb, 1); 941 skb_pull(skb, 1);
942 942
943 if (hci_pi(sk)->channel == HCI_CHANNEL_RAW && 943 if (hci_pi(sk)->channel == HCI_CHANNEL_USER) {
944 bt_cb(skb)->pkt_type == HCI_COMMAND_PKT) { 944 /* No permission check is needed for user channel
945 * since that gets enforced when binding the socket.
946 *
947 * However check that the packet type is valid.
948 */
949 if (bt_cb(skb)->pkt_type != HCI_COMMAND_PKT &&
950 bt_cb(skb)->pkt_type != HCI_ACLDATA_PKT &&
951 bt_cb(skb)->pkt_type != HCI_SCODATA_PKT) {
952 err = -EINVAL;
953 goto drop;
954 }
955
956 skb_queue_tail(&hdev->raw_q, skb);
957 queue_work(hdev->workqueue, &hdev->tx_work);
958 } else if (bt_cb(skb)->pkt_type == HCI_COMMAND_PKT) {
945 u16 opcode = get_unaligned_le16(skb->data); 959 u16 opcode = get_unaligned_le16(skb->data);
946 u16 ogf = hci_opcode_ogf(opcode); 960 u16 ogf = hci_opcode_ogf(opcode);
947 u16 ocf = hci_opcode_ocf(opcode); 961 u16 ocf = hci_opcode_ocf(opcode);
@@ -972,14 +986,6 @@ static int hci_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
972 goto drop; 986 goto drop;
973 } 987 }
974 988
975 if (hci_pi(sk)->channel == HCI_CHANNEL_USER &&
976 bt_cb(skb)->pkt_type != HCI_COMMAND_PKT &&
977 bt_cb(skb)->pkt_type != HCI_ACLDATA_PKT &&
978 bt_cb(skb)->pkt_type != HCI_SCODATA_PKT) {
979 err = -EINVAL;
980 goto drop;
981 }
982
983 skb_queue_tail(&hdev->raw_q, skb); 989 skb_queue_tail(&hdev->raw_q, skb);
984 queue_work(hdev->workqueue, &hdev->tx_work); 990 queue_work(hdev->workqueue, &hdev->tx_work);
985 } 991 }
diff --git a/net/core/dev.c b/net/core/dev.c
index ba3b7ea5ebb3..4fc17221545d 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -4500,7 +4500,7 @@ struct net_device *netdev_all_upper_get_next_dev_rcu(struct net_device *dev,
4500{ 4500{
4501 struct netdev_adjacent *upper; 4501 struct netdev_adjacent *upper;
4502 4502
4503 WARN_ON_ONCE(!rcu_read_lock_held()); 4503 WARN_ON_ONCE(!rcu_read_lock_held() && !lockdep_rtnl_is_held());
4504 4504
4505 upper = list_entry_rcu((*iter)->next, struct netdev_adjacent, list); 4505 upper = list_entry_rcu((*iter)->next, struct netdev_adjacent, list);
4506 4506
diff --git a/net/dccp/probe.c b/net/dccp/probe.c
index 4c6bdf97a657..595ddf0459db 100644
--- a/net/dccp/probe.c
+++ b/net/dccp/probe.c
@@ -152,17 +152,6 @@ static const struct file_operations dccpprobe_fops = {
152 .llseek = noop_llseek, 152 .llseek = noop_llseek,
153}; 153};
154 154
155static __init int setup_jprobe(void)
156{
157 int ret = register_jprobe(&dccp_send_probe);
158
159 if (ret) {
160 request_module("dccp");
161 ret = register_jprobe(&dccp_send_probe);
162 }
163 return ret;
164}
165
166static __init int dccpprobe_init(void) 155static __init int dccpprobe_init(void)
167{ 156{
168 int ret = -ENOMEM; 157 int ret = -ENOMEM;
@@ -174,7 +163,13 @@ static __init int dccpprobe_init(void)
174 if (!proc_create(procname, S_IRUSR, init_net.proc_net, &dccpprobe_fops)) 163 if (!proc_create(procname, S_IRUSR, init_net.proc_net, &dccpprobe_fops))
175 goto err0; 164 goto err0;
176 165
177 ret = setup_jprobe(); 166 ret = register_jprobe(&dccp_send_probe);
167 if (ret) {
168 ret = request_module("dccp");
169 if (!ret)
170 ret = register_jprobe(&dccp_send_probe);
171 }
172
178 if (ret) 173 if (ret)
179 goto err1; 174 goto err1;
180 175
diff --git a/net/ipv4/inet_diag.c b/net/ipv4/inet_diag.c
index 56a964a553d2..a0f52dac8940 100644
--- a/net/ipv4/inet_diag.c
+++ b/net/ipv4/inet_diag.c
@@ -106,6 +106,10 @@ int inet_sk_diag_fill(struct sock *sk, struct inet_connection_sock *icsk,
106 106
107 r->id.idiag_sport = inet->inet_sport; 107 r->id.idiag_sport = inet->inet_sport;
108 r->id.idiag_dport = inet->inet_dport; 108 r->id.idiag_dport = inet->inet_dport;
109
110 memset(&r->id.idiag_src, 0, sizeof(r->id.idiag_src));
111 memset(&r->id.idiag_dst, 0, sizeof(r->id.idiag_dst));
112
109 r->id.idiag_src[0] = inet->inet_rcv_saddr; 113 r->id.idiag_src[0] = inet->inet_rcv_saddr;
110 r->id.idiag_dst[0] = inet->inet_daddr; 114 r->id.idiag_dst[0] = inet->inet_daddr;
111 115
@@ -240,12 +244,19 @@ static int inet_twsk_diag_fill(struct inet_timewait_sock *tw,
240 244
241 r->idiag_family = tw->tw_family; 245 r->idiag_family = tw->tw_family;
242 r->idiag_retrans = 0; 246 r->idiag_retrans = 0;
247
243 r->id.idiag_if = tw->tw_bound_dev_if; 248 r->id.idiag_if = tw->tw_bound_dev_if;
244 sock_diag_save_cookie(tw, r->id.idiag_cookie); 249 sock_diag_save_cookie(tw, r->id.idiag_cookie);
250
245 r->id.idiag_sport = tw->tw_sport; 251 r->id.idiag_sport = tw->tw_sport;
246 r->id.idiag_dport = tw->tw_dport; 252 r->id.idiag_dport = tw->tw_dport;
253
254 memset(&r->id.idiag_src, 0, sizeof(r->id.idiag_src));
255 memset(&r->id.idiag_dst, 0, sizeof(r->id.idiag_dst));
256
247 r->id.idiag_src[0] = tw->tw_rcv_saddr; 257 r->id.idiag_src[0] = tw->tw_rcv_saddr;
248 r->id.idiag_dst[0] = tw->tw_daddr; 258 r->id.idiag_dst[0] = tw->tw_daddr;
259
249 r->idiag_state = tw->tw_substate; 260 r->idiag_state = tw->tw_substate;
250 r->idiag_timer = 3; 261 r->idiag_timer = 3;
251 r->idiag_expires = jiffies_to_msecs(tmo); 262 r->idiag_expires = jiffies_to_msecs(tmo);
@@ -726,8 +737,13 @@ static int inet_diag_fill_req(struct sk_buff *skb, struct sock *sk,
726 737
727 r->id.idiag_sport = inet->inet_sport; 738 r->id.idiag_sport = inet->inet_sport;
728 r->id.idiag_dport = ireq->ir_rmt_port; 739 r->id.idiag_dport = ireq->ir_rmt_port;
740
741 memset(&r->id.idiag_src, 0, sizeof(r->id.idiag_src));
742 memset(&r->id.idiag_dst, 0, sizeof(r->id.idiag_dst));
743
729 r->id.idiag_src[0] = ireq->ir_loc_addr; 744 r->id.idiag_src[0] = ireq->ir_loc_addr;
730 r->id.idiag_dst[0] = ireq->ir_rmt_addr; 745 r->id.idiag_dst[0] = ireq->ir_rmt_addr;
746
731 r->idiag_expires = jiffies_to_msecs(tmo); 747 r->idiag_expires = jiffies_to_msecs(tmo);
732 r->idiag_rqueue = 0; 748 r->idiag_rqueue = 0;
733 r->idiag_wqueue = 0; 749 r->idiag_wqueue = 0;
diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c
index d7aea4c5b940..e560ef34cf4b 100644
--- a/net/ipv4/ip_gre.c
+++ b/net/ipv4/ip_gre.c
@@ -217,6 +217,7 @@ static int ipgre_rcv(struct sk_buff *skb, const struct tnl_ptk_info *tpi)
217 iph->saddr, iph->daddr, tpi->key); 217 iph->saddr, iph->daddr, tpi->key);
218 218
219 if (tunnel) { 219 if (tunnel) {
220 skb_pop_mac_header(skb);
220 ip_tunnel_rcv(tunnel, skb, tpi, log_ecn_error); 221 ip_tunnel_rcv(tunnel, skb, tpi, log_ecn_error);
221 return PACKET_RCVD; 222 return PACKET_RCVD;
222 } 223 }
diff --git a/net/ipv4/ip_output.c b/net/ipv4/ip_output.c
index 912402752f2f..df184616493f 100644
--- a/net/ipv4/ip_output.c
+++ b/net/ipv4/ip_output.c
@@ -828,7 +828,7 @@ static int __ip_append_data(struct sock *sk,
828 828
829 if (cork->length + length > maxnonfragsize - fragheaderlen) { 829 if (cork->length + length > maxnonfragsize - fragheaderlen) {
830 ip_local_error(sk, EMSGSIZE, fl4->daddr, inet->inet_dport, 830 ip_local_error(sk, EMSGSIZE, fl4->daddr, inet->inet_dport,
831 mtu-exthdrlen); 831 mtu - (opt ? opt->optlen : 0));
832 return -EMSGSIZE; 832 return -EMSGSIZE;
833 } 833 }
834 834
@@ -1151,7 +1151,8 @@ ssize_t ip_append_page(struct sock *sk, struct flowi4 *fl4, struct page *page,
1151 mtu : 0xFFFF; 1151 mtu : 0xFFFF;
1152 1152
1153 if (cork->length + size > maxnonfragsize - fragheaderlen) { 1153 if (cork->length + size > maxnonfragsize - fragheaderlen) {
1154 ip_local_error(sk, EMSGSIZE, fl4->daddr, inet->inet_dport, mtu); 1154 ip_local_error(sk, EMSGSIZE, fl4->daddr, inet->inet_dport,
1155 mtu - (opt ? opt->optlen : 0));
1155 return -EMSGSIZE; 1156 return -EMSGSIZE;
1156 } 1157 }
1157 1158
diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c
index 4acdb63495db..e6f931997996 100644
--- a/net/ipv6/ip6_output.c
+++ b/net/ipv6/ip6_output.c
@@ -1193,11 +1193,35 @@ int ip6_append_data(struct sock *sk, int getfrag(void *from, char *to,
1193 1193
1194 fragheaderlen = sizeof(struct ipv6hdr) + rt->rt6i_nfheader_len + 1194 fragheaderlen = sizeof(struct ipv6hdr) + rt->rt6i_nfheader_len +
1195 (opt ? opt->opt_nflen : 0); 1195 (opt ? opt->opt_nflen : 0);
1196 maxfraglen = ((mtu - fragheaderlen) & ~7) + fragheaderlen - sizeof(struct frag_hdr); 1196 maxfraglen = ((mtu - fragheaderlen) & ~7) + fragheaderlen -
1197 sizeof(struct frag_hdr);
1197 1198
1198 if (mtu <= sizeof(struct ipv6hdr) + IPV6_MAXPLEN) { 1199 if (mtu <= sizeof(struct ipv6hdr) + IPV6_MAXPLEN) {
1199 if (cork->length + length > sizeof(struct ipv6hdr) + IPV6_MAXPLEN - fragheaderlen) { 1200 unsigned int maxnonfragsize, headersize;
1200 ipv6_local_error(sk, EMSGSIZE, fl6, mtu-exthdrlen); 1201
1202 headersize = sizeof(struct ipv6hdr) +
1203 (opt ? opt->tot_len : 0) +
1204 (dst_allfrag(&rt->dst) ?
1205 sizeof(struct frag_hdr) : 0) +
1206 rt->rt6i_nfheader_len;
1207
1208 maxnonfragsize = (np->pmtudisc >= IPV6_PMTUDISC_DO) ?
1209 mtu : sizeof(struct ipv6hdr) + IPV6_MAXPLEN;
1210
1211 /* dontfrag active */
1212 if ((cork->length + length > mtu - headersize) && dontfrag &&
1213 (sk->sk_protocol == IPPROTO_UDP ||
1214 sk->sk_protocol == IPPROTO_RAW)) {
1215 ipv6_local_rxpmtu(sk, fl6, mtu - headersize +
1216 sizeof(struct ipv6hdr));
1217 goto emsgsize;
1218 }
1219
1220 if (cork->length + length > maxnonfragsize - headersize) {
1221emsgsize:
1222 ipv6_local_error(sk, EMSGSIZE, fl6,
1223 mtu - headersize +
1224 sizeof(struct ipv6hdr));
1201 return -EMSGSIZE; 1225 return -EMSGSIZE;
1202 } 1226 }
1203 } 1227 }
@@ -1222,12 +1246,6 @@ int ip6_append_data(struct sock *sk, int getfrag(void *from, char *to,
1222 * --yoshfuji 1246 * --yoshfuji
1223 */ 1247 */
1224 1248
1225 if ((length > mtu) && dontfrag && (sk->sk_protocol == IPPROTO_UDP ||
1226 sk->sk_protocol == IPPROTO_RAW)) {
1227 ipv6_local_rxpmtu(sk, fl6, mtu-exthdrlen);
1228 return -EMSGSIZE;
1229 }
1230
1231 skb = skb_peek_tail(&sk->sk_write_queue); 1249 skb = skb_peek_tail(&sk->sk_write_queue);
1232 cork->length += length; 1250 cork->length += length;
1233 if (((length > mtu) || 1251 if (((length > mtu) ||
diff --git a/net/ipv6/route.c b/net/ipv6/route.c
index a0a48ac3403f..4b4944c3e4c4 100644
--- a/net/ipv6/route.c
+++ b/net/ipv6/route.c
@@ -1905,9 +1905,7 @@ static struct rt6_info *ip6_rt_copy(struct rt6_info *ort,
1905 else 1905 else
1906 rt->rt6i_gateway = *dest; 1906 rt->rt6i_gateway = *dest;
1907 rt->rt6i_flags = ort->rt6i_flags; 1907 rt->rt6i_flags = ort->rt6i_flags;
1908 if ((ort->rt6i_flags & (RTF_DEFAULT | RTF_ADDRCONF)) == 1908 rt6_set_from(rt, ort);
1909 (RTF_DEFAULT | RTF_ADDRCONF))
1910 rt6_set_from(rt, ort);
1911 rt->rt6i_metric = 0; 1909 rt->rt6i_metric = 0;
1912 1910
1913#ifdef CONFIG_IPV6_SUBTREES 1911#ifdef CONFIG_IPV6_SUBTREES
diff --git a/net/ipv6/sit.c b/net/ipv6/sit.c
index 366fbba3359a..c87482252577 100644
--- a/net/ipv6/sit.c
+++ b/net/ipv6/sit.c
@@ -924,7 +924,7 @@ static netdev_tx_t ipip6_tunnel_xmit(struct sk_buff *skb,
924 if (tunnel->parms.iph.daddr && skb_dst(skb)) 924 if (tunnel->parms.iph.daddr && skb_dst(skb))
925 skb_dst(skb)->ops->update_pmtu(skb_dst(skb), NULL, skb, mtu); 925 skb_dst(skb)->ops->update_pmtu(skb_dst(skb), NULL, skb, mtu);
926 926
927 if (skb->len > mtu) { 927 if (skb->len > mtu && !skb_is_gso(skb)) {
928 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu); 928 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
929 ip_rt_put(rt); 929 ip_rt_put(rt);
930 goto tx_error; 930 goto tx_error;
@@ -966,8 +966,10 @@ static netdev_tx_t ipip6_tunnel_xmit(struct sk_buff *skb,
966 tos = INET_ECN_encapsulate(tos, ipv6_get_dsfield(iph6)); 966 tos = INET_ECN_encapsulate(tos, ipv6_get_dsfield(iph6));
967 967
968 skb = iptunnel_handle_offloads(skb, false, SKB_GSO_SIT); 968 skb = iptunnel_handle_offloads(skb, false, SKB_GSO_SIT);
969 if (IS_ERR(skb)) 969 if (IS_ERR(skb)) {
970 ip_rt_put(rt);
970 goto out; 971 goto out;
972 }
971 973
972 err = iptunnel_xmit(rt, skb, fl4.saddr, fl4.daddr, IPPROTO_IPV6, tos, 974 err = iptunnel_xmit(rt, skb, fl4.saddr, fl4.daddr, IPPROTO_IPV6, tos,
973 ttl, df, !net_eq(tunnel->net, dev_net(dev))); 975 ttl, df, !net_eq(tunnel->net, dev_net(dev)));
diff --git a/net/netfilter/ipvs/ip_vs_nfct.c b/net/netfilter/ipvs/ip_vs_nfct.c
index c8beafd401aa..5a355a46d1dc 100644
--- a/net/netfilter/ipvs/ip_vs_nfct.c
+++ b/net/netfilter/ipvs/ip_vs_nfct.c
@@ -63,6 +63,7 @@
63#include <net/ip_vs.h> 63#include <net/ip_vs.h>
64#include <net/netfilter/nf_conntrack_core.h> 64#include <net/netfilter/nf_conntrack_core.h>
65#include <net/netfilter/nf_conntrack_expect.h> 65#include <net/netfilter/nf_conntrack_expect.h>
66#include <net/netfilter/nf_conntrack_seqadj.h>
66#include <net/netfilter/nf_conntrack_helper.h> 67#include <net/netfilter/nf_conntrack_helper.h>
67#include <net/netfilter/nf_conntrack_zones.h> 68#include <net/netfilter/nf_conntrack_zones.h>
68 69
@@ -97,6 +98,11 @@ ip_vs_update_conntrack(struct sk_buff *skb, struct ip_vs_conn *cp, int outin)
97 if (CTINFO2DIR(ctinfo) != IP_CT_DIR_ORIGINAL) 98 if (CTINFO2DIR(ctinfo) != IP_CT_DIR_ORIGINAL)
98 return; 99 return;
99 100
101 /* Applications may adjust TCP seqs */
102 if (cp->app && nf_ct_protonum(ct) == IPPROTO_TCP &&
103 !nfct_seqadj(ct) && !nfct_seqadj_ext_add(ct))
104 return;
105
100 /* 106 /*
101 * The connection is not yet in the hashtable, so we update it. 107 * The connection is not yet in the hashtable, so we update it.
102 * CIP->VIP will remain the same, so leave the tuple in 108 * CIP->VIP will remain the same, so leave the tuple in
diff --git a/net/netfilter/nf_conntrack_seqadj.c b/net/netfilter/nf_conntrack_seqadj.c
index 17c1bcb182c6..b2d38da67822 100644
--- a/net/netfilter/nf_conntrack_seqadj.c
+++ b/net/netfilter/nf_conntrack_seqadj.c
@@ -36,6 +36,11 @@ int nf_ct_seqadj_set(struct nf_conn *ct, enum ip_conntrack_info ctinfo,
36 if (off == 0) 36 if (off == 0)
37 return 0; 37 return 0;
38 38
39 if (unlikely(!seqadj)) {
40 WARN(1, "Wrong seqadj usage, missing nfct_seqadj_ext_add()\n");
41 return 0;
42 }
43
39 set_bit(IPS_SEQ_ADJUST_BIT, &ct->status); 44 set_bit(IPS_SEQ_ADJUST_BIT, &ct->status);
40 45
41 spin_lock_bh(&ct->lock); 46 spin_lock_bh(&ct->lock);
diff --git a/net/netfilter/nf_conntrack_timestamp.c b/net/netfilter/nf_conntrack_timestamp.c
index 902fb0a6b38a..7a394df0deb7 100644
--- a/net/netfilter/nf_conntrack_timestamp.c
+++ b/net/netfilter/nf_conntrack_timestamp.c
@@ -97,7 +97,6 @@ int nf_conntrack_tstamp_pernet_init(struct net *net)
97void nf_conntrack_tstamp_pernet_fini(struct net *net) 97void nf_conntrack_tstamp_pernet_fini(struct net *net)
98{ 98{
99 nf_conntrack_tstamp_fini_sysctl(net); 99 nf_conntrack_tstamp_fini_sysctl(net);
100 nf_ct_extend_unregister(&tstamp_extend);
101} 100}
102 101
103int nf_conntrack_tstamp_init(void) 102int nf_conntrack_tstamp_init(void)
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index f93b7d06f4be..71a9f49a768b 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -312,6 +312,9 @@ static int nf_tables_table_enable(struct nft_table *table)
312 int err, i = 0; 312 int err, i = 0;
313 313
314 list_for_each_entry(chain, &table->chains, list) { 314 list_for_each_entry(chain, &table->chains, list) {
315 if (!(chain->flags & NFT_BASE_CHAIN))
316 continue;
317
315 err = nf_register_hook(&nft_base_chain(chain)->ops); 318 err = nf_register_hook(&nft_base_chain(chain)->ops);
316 if (err < 0) 319 if (err < 0)
317 goto err; 320 goto err;
@@ -321,6 +324,9 @@ static int nf_tables_table_enable(struct nft_table *table)
321 return 0; 324 return 0;
322err: 325err:
323 list_for_each_entry(chain, &table->chains, list) { 326 list_for_each_entry(chain, &table->chains, list) {
327 if (!(chain->flags & NFT_BASE_CHAIN))
328 continue;
329
324 if (i-- <= 0) 330 if (i-- <= 0)
325 break; 331 break;
326 332
@@ -333,8 +339,10 @@ static int nf_tables_table_disable(struct nft_table *table)
333{ 339{
334 struct nft_chain *chain; 340 struct nft_chain *chain;
335 341
336 list_for_each_entry(chain, &table->chains, list) 342 list_for_each_entry(chain, &table->chains, list) {
337 nf_unregister_hook(&nft_base_chain(chain)->ops); 343 if (chain->flags & NFT_BASE_CHAIN)
344 nf_unregister_hook(&nft_base_chain(chain)->ops);
345 }
338 346
339 return 0; 347 return 0;
340} 348}
@@ -2098,17 +2106,21 @@ static int nf_tables_dump_sets_all(struct nft_ctx *ctx, struct sk_buff *skb,
2098 struct netlink_callback *cb) 2106 struct netlink_callback *cb)
2099{ 2107{
2100 const struct nft_set *set; 2108 const struct nft_set *set;
2101 unsigned int idx = 0, s_idx = cb->args[0]; 2109 unsigned int idx, s_idx = cb->args[0];
2102 struct nft_table *table, *cur_table = (struct nft_table *)cb->args[2]; 2110 struct nft_table *table, *cur_table = (struct nft_table *)cb->args[2];
2103 2111
2104 if (cb->args[1]) 2112 if (cb->args[1])
2105 return skb->len; 2113 return skb->len;
2106 2114
2107 list_for_each_entry(table, &ctx->afi->tables, list) { 2115 list_for_each_entry(table, &ctx->afi->tables, list) {
2108 if (cur_table && cur_table != table) 2116 if (cur_table) {
2109 continue; 2117 if (cur_table != table)
2118 continue;
2110 2119
2120 cur_table = NULL;
2121 }
2111 ctx->table = table; 2122 ctx->table = table;
2123 idx = 0;
2112 list_for_each_entry(set, &ctx->table->sets, list) { 2124 list_for_each_entry(set, &ctx->table->sets, list) {
2113 if (idx < s_idx) 2125 if (idx < s_idx)
2114 goto cont; 2126 goto cont;
@@ -2370,7 +2382,9 @@ static int nf_tables_bind_check_setelem(const struct nft_ctx *ctx,
2370 enum nft_registers dreg; 2382 enum nft_registers dreg;
2371 2383
2372 dreg = nft_type_to_reg(set->dtype); 2384 dreg = nft_type_to_reg(set->dtype);
2373 return nft_validate_data_load(ctx, dreg, &elem->data, set->dtype); 2385 return nft_validate_data_load(ctx, dreg, &elem->data,
2386 set->dtype == NFT_DATA_VERDICT ?
2387 NFT_DATA_VERDICT : NFT_DATA_VALUE);
2374} 2388}
2375 2389
2376int nf_tables_bind_set(const struct nft_ctx *ctx, struct nft_set *set, 2390int nf_tables_bind_set(const struct nft_ctx *ctx, struct nft_set *set,
diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c
index 3c4b69e5fe17..a155d19a225e 100644
--- a/net/netfilter/nfnetlink_log.c
+++ b/net/netfilter/nfnetlink_log.c
@@ -1053,6 +1053,7 @@ static void __net_exit nfnl_log_net_exit(struct net *net)
1053#ifdef CONFIG_PROC_FS 1053#ifdef CONFIG_PROC_FS
1054 remove_proc_entry("nfnetlink_log", net->nf.proc_netfilter); 1054 remove_proc_entry("nfnetlink_log", net->nf.proc_netfilter);
1055#endif 1055#endif
1056 nf_log_unset(net, &nfulnl_logger);
1056} 1057}
1057 1058
1058static struct pernet_operations nfnl_log_net_ops = { 1059static struct pernet_operations nfnl_log_net_ops = {
diff --git a/net/netfilter/nft_exthdr.c b/net/netfilter/nft_exthdr.c
index 8e0bb75e7c51..55c939f5371f 100644
--- a/net/netfilter/nft_exthdr.c
+++ b/net/netfilter/nft_exthdr.c
@@ -31,7 +31,7 @@ static void nft_exthdr_eval(const struct nft_expr *expr,
31{ 31{
32 struct nft_exthdr *priv = nft_expr_priv(expr); 32 struct nft_exthdr *priv = nft_expr_priv(expr);
33 struct nft_data *dest = &data[priv->dreg]; 33 struct nft_data *dest = &data[priv->dreg];
34 unsigned int offset; 34 unsigned int offset = 0;
35 int err; 35 int err;
36 36
37 err = ipv6_find_hdr(pkt->skb, &offset, priv->type, NULL, NULL); 37 err = ipv6_find_hdr(pkt->skb, &offset, priv->type, NULL, NULL);
diff --git a/net/rds/ib.c b/net/rds/ib.c
index b4c8b0022fee..ba2dffeff608 100644
--- a/net/rds/ib.c
+++ b/net/rds/ib.c
@@ -338,7 +338,8 @@ static int rds_ib_laddr_check(__be32 addr)
338 ret = rdma_bind_addr(cm_id, (struct sockaddr *)&sin); 338 ret = rdma_bind_addr(cm_id, (struct sockaddr *)&sin);
339 /* due to this, we will claim to support iWARP devices unless we 339 /* due to this, we will claim to support iWARP devices unless we
340 check node_type. */ 340 check node_type. */
341 if (ret || cm_id->device->node_type != RDMA_NODE_IB_CA) 341 if (ret || !cm_id->device ||
342 cm_id->device->node_type != RDMA_NODE_IB_CA)
342 ret = -EADDRNOTAVAIL; 343 ret = -EADDRNOTAVAIL;
343 344
344 rdsdebug("addr %pI4 ret %d node type %d\n", 345 rdsdebug("addr %pI4 ret %d node type %d\n",
diff --git a/net/rose/af_rose.c b/net/rose/af_rose.c
index 33af77246bfe..62ced6516c58 100644
--- a/net/rose/af_rose.c
+++ b/net/rose/af_rose.c
@@ -1253,6 +1253,7 @@ static int rose_recvmsg(struct kiocb *iocb, struct socket *sock,
1253 1253
1254 if (msg->msg_name) { 1254 if (msg->msg_name) {
1255 struct sockaddr_rose *srose; 1255 struct sockaddr_rose *srose;
1256 struct full_sockaddr_rose *full_srose = msg->msg_name;
1256 1257
1257 memset(msg->msg_name, 0, sizeof(struct full_sockaddr_rose)); 1258 memset(msg->msg_name, 0, sizeof(struct full_sockaddr_rose));
1258 srose = msg->msg_name; 1259 srose = msg->msg_name;
@@ -1260,18 +1261,9 @@ static int rose_recvmsg(struct kiocb *iocb, struct socket *sock,
1260 srose->srose_addr = rose->dest_addr; 1261 srose->srose_addr = rose->dest_addr;
1261 srose->srose_call = rose->dest_call; 1262 srose->srose_call = rose->dest_call;
1262 srose->srose_ndigis = rose->dest_ndigis; 1263 srose->srose_ndigis = rose->dest_ndigis;
1263 if (msg->msg_namelen >= sizeof(struct full_sockaddr_rose)) { 1264 for (n = 0 ; n < rose->dest_ndigis ; n++)
1264 struct full_sockaddr_rose *full_srose = (struct full_sockaddr_rose *)msg->msg_name; 1265 full_srose->srose_digis[n] = rose->dest_digis[n];
1265 for (n = 0 ; n < rose->dest_ndigis ; n++) 1266 msg->msg_namelen = sizeof(struct full_sockaddr_rose);
1266 full_srose->srose_digis[n] = rose->dest_digis[n];
1267 msg->msg_namelen = sizeof(struct full_sockaddr_rose);
1268 } else {
1269 if (rose->dest_ndigis >= 1) {
1270 srose->srose_ndigis = 1;
1271 srose->srose_digi = rose->dest_digis[0];
1272 }
1273 msg->msg_namelen = sizeof(struct sockaddr_rose);
1274 }
1275 } 1267 }
1276 1268
1277 skb_free_datagram(sk, skb); 1269 skb_free_datagram(sk, skb);
diff --git a/net/sched/act_csum.c b/net/sched/act_csum.c
index 5c5edf56adbd..11fe1a416433 100644
--- a/net/sched/act_csum.c
+++ b/net/sched/act_csum.c
@@ -77,16 +77,16 @@ static int tcf_csum_init(struct net *n, struct nlattr *nla, struct nlattr *est,
77 &csum_idx_gen, &csum_hash_info); 77 &csum_idx_gen, &csum_hash_info);
78 if (IS_ERR(pc)) 78 if (IS_ERR(pc))
79 return PTR_ERR(pc); 79 return PTR_ERR(pc);
80 p = to_tcf_csum(pc);
81 ret = ACT_P_CREATED; 80 ret = ACT_P_CREATED;
82 } else { 81 } else {
83 p = to_tcf_csum(pc); 82 if (bind)/* dont override defaults */
84 if (!ovr) { 83 return 0;
85 tcf_hash_release(pc, bind, &csum_hash_info); 84 tcf_hash_release(pc, bind, &csum_hash_info);
85 if (!ovr)
86 return -EEXIST; 86 return -EEXIST;
87 }
88 } 87 }
89 88
89 p = to_tcf_csum(pc);
90 spin_lock_bh(&p->tcf_lock); 90 spin_lock_bh(&p->tcf_lock);
91 p->tcf_action = parm->action; 91 p->tcf_action = parm->action;
92 p->update_flags = parm->update_flags; 92 p->update_flags = parm->update_flags;
diff --git a/net/sched/act_gact.c b/net/sched/act_gact.c
index 5645a4d32abd..eb9ba60ebab4 100644
--- a/net/sched/act_gact.c
+++ b/net/sched/act_gact.c
@@ -102,10 +102,11 @@ static int tcf_gact_init(struct net *net, struct nlattr *nla,
102 return PTR_ERR(pc); 102 return PTR_ERR(pc);
103 ret = ACT_P_CREATED; 103 ret = ACT_P_CREATED;
104 } else { 104 } else {
105 if (!ovr) { 105 if (bind)/* dont override defaults */
106 tcf_hash_release(pc, bind, &gact_hash_info); 106 return 0;
107 tcf_hash_release(pc, bind, &gact_hash_info);
108 if (!ovr)
107 return -EEXIST; 109 return -EEXIST;
108 }
109 } 110 }
110 111
111 gact = to_gact(pc); 112 gact = to_gact(pc);
diff --git a/net/sched/act_ipt.c b/net/sched/act_ipt.c
index 882a89762f77..dcbfe8ce04a6 100644
--- a/net/sched/act_ipt.c
+++ b/net/sched/act_ipt.c
@@ -141,10 +141,12 @@ static int tcf_ipt_init(struct net *net, struct nlattr *nla, struct nlattr *est,
141 return PTR_ERR(pc); 141 return PTR_ERR(pc);
142 ret = ACT_P_CREATED; 142 ret = ACT_P_CREATED;
143 } else { 143 } else {
144 if (!ovr) { 144 if (bind)/* dont override defaults */
145 tcf_ipt_release(to_ipt(pc), bind); 145 return 0;
146 tcf_ipt_release(to_ipt(pc), bind);
147
148 if (!ovr)
146 return -EEXIST; 149 return -EEXIST;
147 }
148 } 150 }
149 ipt = to_ipt(pc); 151 ipt = to_ipt(pc);
150 152
diff --git a/net/sched/act_nat.c b/net/sched/act_nat.c
index 6a15ace00241..76869538d028 100644
--- a/net/sched/act_nat.c
+++ b/net/sched/act_nat.c
@@ -70,15 +70,15 @@ static int tcf_nat_init(struct net *net, struct nlattr *nla, struct nlattr *est,
70 &nat_idx_gen, &nat_hash_info); 70 &nat_idx_gen, &nat_hash_info);
71 if (IS_ERR(pc)) 71 if (IS_ERR(pc))
72 return PTR_ERR(pc); 72 return PTR_ERR(pc);
73 p = to_tcf_nat(pc);
74 ret = ACT_P_CREATED; 73 ret = ACT_P_CREATED;
75 } else { 74 } else {
76 p = to_tcf_nat(pc); 75 if (bind)
77 if (!ovr) { 76 return 0;
78 tcf_hash_release(pc, bind, &nat_hash_info); 77 tcf_hash_release(pc, bind, &nat_hash_info);
78 if (!ovr)
79 return -EEXIST; 79 return -EEXIST;
80 }
81 } 80 }
81 p = to_tcf_nat(pc);
82 82
83 spin_lock_bh(&p->tcf_lock); 83 spin_lock_bh(&p->tcf_lock);
84 p->old_addr = parm->old_addr; 84 p->old_addr = parm->old_addr;
diff --git a/net/sched/act_pedit.c b/net/sched/act_pedit.c
index 03b67674169c..7aa2dcd989f8 100644
--- a/net/sched/act_pedit.c
+++ b/net/sched/act_pedit.c
@@ -84,10 +84,12 @@ static int tcf_pedit_init(struct net *net, struct nlattr *nla,
84 ret = ACT_P_CREATED; 84 ret = ACT_P_CREATED;
85 } else { 85 } else {
86 p = to_pedit(pc); 86 p = to_pedit(pc);
87 if (!ovr) { 87 tcf_hash_release(pc, bind, &pedit_hash_info);
88 tcf_hash_release(pc, bind, &pedit_hash_info); 88 if (bind)
89 return 0;
90 if (!ovr)
89 return -EEXIST; 91 return -EEXIST;
90 } 92
91 if (p->tcfp_nkeys && p->tcfp_nkeys != parm->nkeys) { 93 if (p->tcfp_nkeys && p->tcfp_nkeys != parm->nkeys) {
92 keys = kmalloc(ksize, GFP_KERNEL); 94 keys = kmalloc(ksize, GFP_KERNEL);
93 if (keys == NULL) 95 if (keys == NULL)
diff --git a/net/sched/act_police.c b/net/sched/act_police.c
index 16a62c36928a..ef246d87e68b 100644
--- a/net/sched/act_police.c
+++ b/net/sched/act_police.c
@@ -177,10 +177,12 @@ static int tcf_act_police_locate(struct net *net, struct nlattr *nla,
177 if (bind) { 177 if (bind) {
178 police->tcf_bindcnt += 1; 178 police->tcf_bindcnt += 1;
179 police->tcf_refcnt += 1; 179 police->tcf_refcnt += 1;
180 return 0;
180 } 181 }
181 if (ovr) 182 if (ovr)
182 goto override; 183 goto override;
183 return ret; 184 /* not replacing */
185 return -EEXIST;
184 } 186 }
185 } 187 }
186 188
diff --git a/net/sched/act_simple.c b/net/sched/act_simple.c
index 31157d3e729c..f7b45ab85388 100644
--- a/net/sched/act_simple.c
+++ b/net/sched/act_simple.c
@@ -142,10 +142,13 @@ static int tcf_simp_init(struct net *net, struct nlattr *nla,
142 ret = ACT_P_CREATED; 142 ret = ACT_P_CREATED;
143 } else { 143 } else {
144 d = to_defact(pc); 144 d = to_defact(pc);
145 if (!ovr) { 145
146 tcf_simp_release(d, bind); 146 if (bind)
147 return 0;
148 tcf_simp_release(d, bind);
149 if (!ovr)
147 return -EEXIST; 150 return -EEXIST;
148 } 151
149 reset_policy(d, defdata, parm); 152 reset_policy(d, defdata, parm);
150 } 153 }
151 154
diff --git a/net/sched/act_skbedit.c b/net/sched/act_skbedit.c
index 35ea643b4325..8fe9d25c3008 100644
--- a/net/sched/act_skbedit.c
+++ b/net/sched/act_skbedit.c
@@ -120,10 +120,11 @@ static int tcf_skbedit_init(struct net *net, struct nlattr *nla,
120 ret = ACT_P_CREATED; 120 ret = ACT_P_CREATED;
121 } else { 121 } else {
122 d = to_skbedit(pc); 122 d = to_skbedit(pc);
123 if (!ovr) { 123 if (bind)
124 tcf_hash_release(pc, bind, &skbedit_hash_info); 124 return 0;
125 tcf_hash_release(pc, bind, &skbedit_hash_info);
126 if (!ovr)
125 return -EEXIST; 127 return -EEXIST;
126 }
127 } 128 }
128 129
129 spin_lock_bh(&d->tcf_lock); 130 spin_lock_bh(&d->tcf_lock);
diff --git a/net/tipc/port.c b/net/tipc/port.c
index c081a7632302..d43f3182b1d4 100644
--- a/net/tipc/port.c
+++ b/net/tipc/port.c
@@ -251,18 +251,15 @@ struct tipc_port *tipc_createport(struct sock *sk,
251 return p_ptr; 251 return p_ptr;
252} 252}
253 253
254int tipc_deleteport(u32 ref) 254int tipc_deleteport(struct tipc_port *p_ptr)
255{ 255{
256 struct tipc_port *p_ptr;
257 struct sk_buff *buf = NULL; 256 struct sk_buff *buf = NULL;
258 257
259 tipc_withdraw(ref, 0, NULL); 258 tipc_withdraw(p_ptr, 0, NULL);
260 p_ptr = tipc_port_lock(ref);
261 if (!p_ptr)
262 return -EINVAL;
263 259
264 tipc_ref_discard(ref); 260 spin_lock_bh(p_ptr->lock);
265 tipc_port_unlock(p_ptr); 261 tipc_ref_discard(p_ptr->ref);
262 spin_unlock_bh(p_ptr->lock);
266 263
267 k_cancel_timer(&p_ptr->timer); 264 k_cancel_timer(&p_ptr->timer);
268 if (p_ptr->connected) { 265 if (p_ptr->connected) {
@@ -704,47 +701,36 @@ int tipc_set_portimportance(u32 ref, unsigned int imp)
704} 701}
705 702
706 703
707int tipc_publish(u32 ref, unsigned int scope, struct tipc_name_seq const *seq) 704int tipc_publish(struct tipc_port *p_ptr, unsigned int scope,
705 struct tipc_name_seq const *seq)
708{ 706{
709 struct tipc_port *p_ptr;
710 struct publication *publ; 707 struct publication *publ;
711 u32 key; 708 u32 key;
712 int res = -EINVAL;
713 709
714 p_ptr = tipc_port_lock(ref); 710 if (p_ptr->connected)
715 if (!p_ptr)
716 return -EINVAL; 711 return -EINVAL;
712 key = p_ptr->ref + p_ptr->pub_count + 1;
713 if (key == p_ptr->ref)
714 return -EADDRINUSE;
717 715
718 if (p_ptr->connected)
719 goto exit;
720 key = ref + p_ptr->pub_count + 1;
721 if (key == ref) {
722 res = -EADDRINUSE;
723 goto exit;
724 }
725 publ = tipc_nametbl_publish(seq->type, seq->lower, seq->upper, 716 publ = tipc_nametbl_publish(seq->type, seq->lower, seq->upper,
726 scope, p_ptr->ref, key); 717 scope, p_ptr->ref, key);
727 if (publ) { 718 if (publ) {
728 list_add(&publ->pport_list, &p_ptr->publications); 719 list_add(&publ->pport_list, &p_ptr->publications);
729 p_ptr->pub_count++; 720 p_ptr->pub_count++;
730 p_ptr->published = 1; 721 p_ptr->published = 1;
731 res = 0; 722 return 0;
732 } 723 }
733exit: 724 return -EINVAL;
734 tipc_port_unlock(p_ptr);
735 return res;
736} 725}
737 726
738int tipc_withdraw(u32 ref, unsigned int scope, struct tipc_name_seq const *seq) 727int tipc_withdraw(struct tipc_port *p_ptr, unsigned int scope,
728 struct tipc_name_seq const *seq)
739{ 729{
740 struct tipc_port *p_ptr;
741 struct publication *publ; 730 struct publication *publ;
742 struct publication *tpubl; 731 struct publication *tpubl;
743 int res = -EINVAL; 732 int res = -EINVAL;
744 733
745 p_ptr = tipc_port_lock(ref);
746 if (!p_ptr)
747 return -EINVAL;
748 if (!seq) { 734 if (!seq) {
749 list_for_each_entry_safe(publ, tpubl, 735 list_for_each_entry_safe(publ, tpubl,
750 &p_ptr->publications, pport_list) { 736 &p_ptr->publications, pport_list) {
@@ -771,7 +757,6 @@ int tipc_withdraw(u32 ref, unsigned int scope, struct tipc_name_seq const *seq)
771 } 757 }
772 if (list_empty(&p_ptr->publications)) 758 if (list_empty(&p_ptr->publications))
773 p_ptr->published = 0; 759 p_ptr->published = 0;
774 tipc_port_unlock(p_ptr);
775 return res; 760 return res;
776} 761}
777 762
diff --git a/net/tipc/port.h b/net/tipc/port.h
index 912253597343..34f12bd4074e 100644
--- a/net/tipc/port.h
+++ b/net/tipc/port.h
@@ -116,7 +116,7 @@ int tipc_reject_msg(struct sk_buff *buf, u32 err);
116 116
117void tipc_acknowledge(u32 port_ref, u32 ack); 117void tipc_acknowledge(u32 port_ref, u32 ack);
118 118
119int tipc_deleteport(u32 portref); 119int tipc_deleteport(struct tipc_port *p_ptr);
120 120
121int tipc_portimportance(u32 portref, unsigned int *importance); 121int tipc_portimportance(u32 portref, unsigned int *importance);
122int tipc_set_portimportance(u32 portref, unsigned int importance); 122int tipc_set_portimportance(u32 portref, unsigned int importance);
@@ -127,9 +127,9 @@ int tipc_set_portunreliable(u32 portref, unsigned int isunreliable);
127int tipc_portunreturnable(u32 portref, unsigned int *isunreturnable); 127int tipc_portunreturnable(u32 portref, unsigned int *isunreturnable);
128int tipc_set_portunreturnable(u32 portref, unsigned int isunreturnable); 128int tipc_set_portunreturnable(u32 portref, unsigned int isunreturnable);
129 129
130int tipc_publish(u32 portref, unsigned int scope, 130int tipc_publish(struct tipc_port *p_ptr, unsigned int scope,
131 struct tipc_name_seq const *name_seq); 131 struct tipc_name_seq const *name_seq);
132int tipc_withdraw(u32 portref, unsigned int scope, 132int tipc_withdraw(struct tipc_port *p_ptr, unsigned int scope,
133 struct tipc_name_seq const *name_seq); 133 struct tipc_name_seq const *name_seq);
134 134
135int tipc_connect(u32 portref, struct tipc_portid const *port); 135int tipc_connect(u32 portref, struct tipc_portid const *port);
diff --git a/net/tipc/socket.c b/net/tipc/socket.c
index 3b61851bb927..e741416d1d24 100644
--- a/net/tipc/socket.c
+++ b/net/tipc/socket.c
@@ -354,7 +354,7 @@ static int release(struct socket *sock)
354 * Delete TIPC port; this ensures no more messages are queued 354 * Delete TIPC port; this ensures no more messages are queued
355 * (also disconnects an active connection & sends a 'FIN-' to peer) 355 * (also disconnects an active connection & sends a 'FIN-' to peer)
356 */ 356 */
357 res = tipc_deleteport(tport->ref); 357 res = tipc_deleteport(tport);
358 358
359 /* Discard any remaining (connection-based) messages in receive queue */ 359 /* Discard any remaining (connection-based) messages in receive queue */
360 __skb_queue_purge(&sk->sk_receive_queue); 360 __skb_queue_purge(&sk->sk_receive_queue);
@@ -386,30 +386,46 @@ static int release(struct socket *sock)
386 */ 386 */
387static int bind(struct socket *sock, struct sockaddr *uaddr, int uaddr_len) 387static int bind(struct socket *sock, struct sockaddr *uaddr, int uaddr_len)
388{ 388{
389 struct sock *sk = sock->sk;
389 struct sockaddr_tipc *addr = (struct sockaddr_tipc *)uaddr; 390 struct sockaddr_tipc *addr = (struct sockaddr_tipc *)uaddr;
390 u32 portref = tipc_sk_port(sock->sk)->ref; 391 struct tipc_port *tport = tipc_sk_port(sock->sk);
392 int res = -EINVAL;
391 393
392 if (unlikely(!uaddr_len)) 394 lock_sock(sk);
393 return tipc_withdraw(portref, 0, NULL); 395 if (unlikely(!uaddr_len)) {
396 res = tipc_withdraw(tport, 0, NULL);
397 goto exit;
398 }
394 399
395 if (uaddr_len < sizeof(struct sockaddr_tipc)) 400 if (uaddr_len < sizeof(struct sockaddr_tipc)) {
396 return -EINVAL; 401 res = -EINVAL;
397 if (addr->family != AF_TIPC) 402 goto exit;
398 return -EAFNOSUPPORT; 403 }
404 if (addr->family != AF_TIPC) {
405 res = -EAFNOSUPPORT;
406 goto exit;
407 }
399 408
400 if (addr->addrtype == TIPC_ADDR_NAME) 409 if (addr->addrtype == TIPC_ADDR_NAME)
401 addr->addr.nameseq.upper = addr->addr.nameseq.lower; 410 addr->addr.nameseq.upper = addr->addr.nameseq.lower;
402 else if (addr->addrtype != TIPC_ADDR_NAMESEQ) 411 else if (addr->addrtype != TIPC_ADDR_NAMESEQ) {
403 return -EAFNOSUPPORT; 412 res = -EAFNOSUPPORT;
413 goto exit;
414 }
404 415
405 if ((addr->addr.nameseq.type < TIPC_RESERVED_TYPES) && 416 if ((addr->addr.nameseq.type < TIPC_RESERVED_TYPES) &&
406 (addr->addr.nameseq.type != TIPC_TOP_SRV) && 417 (addr->addr.nameseq.type != TIPC_TOP_SRV) &&
407 (addr->addr.nameseq.type != TIPC_CFG_SRV)) 418 (addr->addr.nameseq.type != TIPC_CFG_SRV)) {
408 return -EACCES; 419 res = -EACCES;
420 goto exit;
421 }
409 422
410 return (addr->scope > 0) ? 423 res = (addr->scope > 0) ?
411 tipc_publish(portref, addr->scope, &addr->addr.nameseq) : 424 tipc_publish(tport, addr->scope, &addr->addr.nameseq) :
412 tipc_withdraw(portref, -addr->scope, &addr->addr.nameseq); 425 tipc_withdraw(tport, -addr->scope, &addr->addr.nameseq);
426exit:
427 release_sock(sk);
428 return res;
413} 429}
414 430
415/** 431/**
diff --git a/net/wireless/radiotap.c b/net/wireless/radiotap.c
index a271c27fac77..722da616438c 100644
--- a/net/wireless/radiotap.c
+++ b/net/wireless/radiotap.c
@@ -124,6 +124,10 @@ int ieee80211_radiotap_iterator_init(
124 /* find payload start allowing for extended bitmap(s) */ 124 /* find payload start allowing for extended bitmap(s) */
125 125
126 if (iterator->_bitmap_shifter & (1<<IEEE80211_RADIOTAP_EXT)) { 126 if (iterator->_bitmap_shifter & (1<<IEEE80211_RADIOTAP_EXT)) {
127 if ((unsigned long)iterator->_arg -
128 (unsigned long)iterator->_rtheader + sizeof(uint32_t) >
129 (unsigned long)iterator->_max_length)
130 return -EINVAL;
127 while (get_unaligned_le32(iterator->_arg) & 131 while (get_unaligned_le32(iterator->_arg) &
128 (1 << IEEE80211_RADIOTAP_EXT)) { 132 (1 << IEEE80211_RADIOTAP_EXT)) {
129 iterator->_arg += sizeof(uint32_t); 133 iterator->_arg += sizeof(uint32_t);
diff --git a/net/wireless/sme.c b/net/wireless/sme.c
index 65f800890d70..d3c5bd7c6b51 100644
--- a/net/wireless/sme.c
+++ b/net/wireless/sme.c
@@ -632,6 +632,16 @@ void __cfg80211_connect_result(struct net_device *dev, const u8 *bssid,
632 } 632 }
633#endif 633#endif
634 634
635 if (!bss && (status == WLAN_STATUS_SUCCESS)) {
636 WARN_ON_ONCE(!wiphy_to_dev(wdev->wiphy)->ops->connect);
637 bss = cfg80211_get_bss(wdev->wiphy, NULL, bssid,
638 wdev->ssid, wdev->ssid_len,
639 WLAN_CAPABILITY_ESS,
640 WLAN_CAPABILITY_ESS);
641 if (bss)
642 cfg80211_hold_bss(bss_from_pub(bss));
643 }
644
635 if (wdev->current_bss) { 645 if (wdev->current_bss) {
636 cfg80211_unhold_bss(wdev->current_bss); 646 cfg80211_unhold_bss(wdev->current_bss);
637 cfg80211_put_bss(wdev->wiphy, &wdev->current_bss->pub); 647 cfg80211_put_bss(wdev->wiphy, &wdev->current_bss->pub);
@@ -649,16 +659,8 @@ void __cfg80211_connect_result(struct net_device *dev, const u8 *bssid,
649 return; 659 return;
650 } 660 }
651 661
652 if (!bss) { 662 if (WARN_ON(!bss))
653 WARN_ON_ONCE(!wiphy_to_dev(wdev->wiphy)->ops->connect); 663 return;
654 bss = cfg80211_get_bss(wdev->wiphy, NULL, bssid,
655 wdev->ssid, wdev->ssid_len,
656 WLAN_CAPABILITY_ESS,
657 WLAN_CAPABILITY_ESS);
658 if (WARN_ON(!bss))
659 return;
660 cfg80211_hold_bss(bss_from_pub(bss));
661 }
662 664
663 wdev->current_bss = bss_from_pub(bss); 665 wdev->current_bss = bss_from_pub(bss);
664 666
generated by cgit v1.2.2 (git 2.25.0) at 2025-01-16 02:13:12 -0500