4 files changed, 63 insertions, 35 deletions

diff --git a/net/core/net_namespace.c b/net/core/net_namespace.c
index 55151faaf90c..2adb1a7d361f 100644
--- a/net/core/net_namespace.c
+++ b/net/core/net_namespace.c
@@ -32,24 +32,14 @@ static __net_init int setup_net(struct net *net)
 {
         /* Must be called with net_mutex held */
         struct pernet_operations *ops;
-        int error;
-        struct net_generic *ng;
+        int error = 0;
 
         atomic_set(&net->count, 1);
+
 #ifdef NETNS_REFCNT_DEBUG
         atomic_set(&net->use_count, 0);
 #endif
 
-        error = -ENOMEM;
-        ng = kzalloc(sizeof(struct net_generic) +
-                        INITIAL_NET_GEN_PTRS * sizeof(void *), GFP_KERNEL);
-        if (ng == NULL)
-                goto out;
-
-        ng->len = INITIAL_NET_GEN_PTRS;
-        rcu_assign_pointer(net->gen, ng);
-
-        error = 0;
         list_for_each_entry(ops, &pernet_list, list) {
                 if (ops->init) {
                         error = ops->init(net);
@@ -70,24 +60,50 @@ out_undo:
         }
 
         rcu_barrier();
-        kfree(ng);
         goto out;
 }
 
+static struct net_generic *net_alloc_generic(void)
+{
+        struct net_generic *ng;
+        size_t generic_size = sizeof(struct net_generic) +
+                INITIAL_NET_GEN_PTRS * sizeof(void *);
+
+        ng = kzalloc(generic_size, GFP_KERNEL);
+        if (ng)
+                ng->len = INITIAL_NET_GEN_PTRS;
+
+        return ng;
+}
+
 #ifdef CONFIG_NET_NS
 static struct kmem_cache *net_cachep;
 static struct workqueue_struct *netns_wq;
 
 static struct net *net_alloc(void)
 {
-        return kmem_cache_zalloc(net_cachep, GFP_KERNEL);
+        struct net *net = NULL;
+        struct net_generic *ng;
+
+        ng = net_alloc_generic();
+        if (!ng)
+                goto out;
+
+        net = kmem_cache_zalloc(net_cachep, GFP_KERNEL);
+        if (!net)
+                goto out_free;
+
+        rcu_assign_pointer(net->gen, ng);
+out:
+        return net;
+
+out_free:
+        kfree(ng);
+        goto out;
 }
 
 static void net_free(struct net *net)
 {
-        if (!net)
-                return;
-
 #ifdef NETNS_REFCNT_DEBUG
         if (unlikely(atomic_read(&net->use_count) != 0)) {
                 printk(KERN_EMERG "network namespace not free! Usage: %d\n",
@@ -112,27 +128,28 @@ struct net *copy_net_ns(unsigned long flags, struct net *old_net)
         err = -ENOMEM;
         new_net = net_alloc();
         if (!new_net)
-                goto out;
+                goto out_err;
 
         mutex_lock(&net_mutex);
         err = setup_net(new_net);
-        if (err)
-                goto out_unlock;
-
-        rtnl_lock();
-        list_add_tail(&new_net->list, &net_namespace_list);
-        rtnl_unlock();
-
-
-out_unlock:
+        if (!err) {
+                rtnl_lock();
+                list_add_tail(&new_net->list, &net_namespace_list);
+                rtnl_unlock();
+        }
         mutex_unlock(&net_mutex);
+
+        if (err)
+                goto out_free;
 out:
         put_net(old_net);
-        if (err) {
-                net_free(new_net);
-                new_net = ERR_PTR(err);
-        }
         return new_net;
+
+out_free:
+        net_free(new_net);
+out_err:
+        new_net = ERR_PTR(err);
+        goto out;
 }
 
 static void cleanup_net(struct work_struct *work)
@@ -188,6 +205,7 @@ struct net *copy_net_ns(unsigned long flags, struct net *old_net)
 
 static int __init net_ns_init(void)
 {
+        struct net_generic *ng;
         int err;
 
         printk(KERN_INFO "net_namespace: %zd bytes\n", sizeof(struct net));
@@ -202,6 +220,12 @@ static int __init net_ns_init(void)
                 panic("Could not create netns workq");
 #endif
 
+        ng = net_alloc_generic();
+        if (!ng)
+                panic("Could not allocate generic netns");
+
+        rcu_assign_pointer(init_net.gen, ng);
+
         mutex_lock(&net_mutex);
         err = setup_net(&init_net);
 
diff --git a/net/core/sock.c b/net/core/sock.c
index 6e4f14d1ef81..5f97caa158e8 100644
--- a/net/core/sock.c
+++ b/net/core/sock.c
@@ -696,7 +696,7 @@ int sock_getsockopt(struct socket *sock, int level, int optname,
         if (len < 0)
                 return -EINVAL;
 
-        v.val = 0;
+        memset(&v, 0, sizeof(v));
 
         switch(optname) {
         case SO_DEBUG:
diff --git a/net/ipv4/cipso_ipv4.c b/net/ipv4/cipso_ipv4.c
index 6bb2635b5ded..7bc992976d29 100644
--- a/net/ipv4/cipso_ipv4.c
+++ b/net/ipv4/cipso_ipv4.c
@@ -3,11 +3,16 @@
  *
  * This is an implementation of the CIPSO 2.2 protocol as specified in
  * draft-ietf-cipso-ipsecurity-01.txt with additional tag types as found in
- * FIPS-188, copies of both documents can be found in the Documentation
- * directory.  While CIPSO never became a full IETF RFC standard many vendors
+ * FIPS-188.  While CIPSO never became a full IETF RFC standard many vendors
  * have chosen to adopt the protocol and over the years it has become a
  * de-facto standard for labeled networking.
  *
+ * The CIPSO draft specification can be found in the kernel's Documentation
+ * directory as well as the following URL:
+ *   http://netlabel.sourceforge.net/files/draft-ietf-cipso-ipsecurity-01.txt
+ * The FIPS-188 specification can be found at the following URL:
+ *   http://www.itl.nist.gov/fipspubs/fip188.htm
+ *
  * Author: Paul Moore <paul.moore@hp.com>
  *
  */
diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c
index dda42f0bd7a3..da2c3b8794f2 100644
--- a/net/ipv4/tcp_output.c
+++ b/net/ipv4/tcp_output.c
@@ -2023,7 +2023,6 @@ void tcp_xmit_retransmit_queue(struct sock *sk)
                 last_lost = tp->snd_una;
         }
 
-        /* First pass: retransmit lost packets. */
         tcp_for_write_queue_from(skb, sk) {
                 __u8 sacked = TCP_SKB_CB(skb)->sacked;