aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
Diffstat (limited to 'net')
-rw-r--r--net/8021q/vlan.c3
-rw-r--r--net/8021q/vlan_dev.c3
-rw-r--r--net/9p/client.c2
-rw-r--r--net/9p/protocol.c1
-rw-r--r--net/9p/trans_common.c11
-rw-r--r--net/bluetooth/hci_core.c5
-rw-r--r--net/bluetooth/hci_event.c2
-rw-r--r--net/bluetooth/l2cap_core.c1
-rw-r--r--net/bridge/br_input.c2
-rw-r--r--net/bridge/br_netfilter.c2
-rw-r--r--net/bridge/netfilter/ebtables.c64
-rw-r--r--net/can/bcm.c7
-rw-r--r--net/can/raw.c7
-rw-r--r--net/ceph/messenger.c26
-rw-r--r--net/ceph/osd_client.c4
-rw-r--r--net/core/dev.c38
-rw-r--r--net/dccp/options.c2
-rw-r--r--net/dsa/Kconfig4
-rw-r--r--net/dsa/mv88e6131.c26
-rw-r--r--net/ipv4/devinet.c2
-rw-r--r--net/ipv4/fib_trie.c3
-rw-r--r--net/ipv4/ip_fragment.c31
-rw-r--r--net/ipv4/route.c7
-rw-r--r--net/ipv4/tcp_cubic.c9
-rw-r--r--net/ipv4/xfrm4_output.c8
-rw-r--r--net/ipv4/xfrm4_state.c1
-rw-r--r--net/ipv6/addrconf.c2
-rw-r--r--net/ipv6/esp6.c2
-rw-r--r--net/ipv6/netfilter/ip6t_REJECT.c4
-rw-r--r--net/ipv6/route.c8
-rw-r--r--net/ipv6/udp.c2
-rw-r--r--net/ipv6/xfrm6_output.c6
-rw-r--r--net/ipv6/xfrm6_state.c1
-rw-r--r--net/mac80211/cfg.c2
-rw-r--r--net/mac80211/debugfs_netdev.c4
-rw-r--r--net/mac80211/tx.c4
-rw-r--r--net/netfilter/ipvs/ip_vs_app.c17
-rw-r--r--net/netfilter/ipvs/ip_vs_conn.c16
-rw-r--r--net/netfilter/ipvs/ip_vs_core.c103
-rw-r--r--net/netfilter/ipvs/ip_vs_ctl.c126
-rw-r--r--net/netfilter/ipvs/ip_vs_est.c14
-rw-r--r--net/netfilter/ipvs/ip_vs_proto.c11
-rw-r--r--net/netfilter/ipvs/ip_vs_sync.c65
-rw-r--r--net/netfilter/nf_conntrack_netlink.c4
-rw-r--r--net/netfilter/x_tables.c4
-rw-r--r--net/netfilter/xt_DSCP.c2
-rw-r--r--net/netfilter/xt_conntrack.c5
-rw-r--r--net/unix/af_unix.c16
-rw-r--r--net/xfrm/xfrm_policy.c14
-rw-r--r--net/xfrm/xfrm_replay.c5
-rw-r--r--net/xfrm/xfrm_user.c3
51 files changed, 444 insertions, 267 deletions
diff --git a/net/8021q/vlan.c b/net/8021q/vlan.c
index 7850412f52b7..0eb1a886b370 100644
--- a/net/8021q/vlan.c
+++ b/net/8021q/vlan.c
@@ -124,6 +124,9 @@ void unregister_vlan_dev(struct net_device *dev, struct list_head *head)
124 124
125 grp->nr_vlans--; 125 grp->nr_vlans--;
126 126
127 if (vlan->flags & VLAN_FLAG_GVRP)
128 vlan_gvrp_request_leave(dev);
129
127 vlan_group_set_device(grp, vlan_id, NULL); 130 vlan_group_set_device(grp, vlan_id, NULL);
128 if (!grp->killall) 131 if (!grp->killall)
129 synchronize_net(); 132 synchronize_net();
diff --git a/net/8021q/vlan_dev.c b/net/8021q/vlan_dev.c
index e34ea9e5e28b..b2ff6c8d3603 100644
--- a/net/8021q/vlan_dev.c
+++ b/net/8021q/vlan_dev.c
@@ -487,9 +487,6 @@ static int vlan_dev_stop(struct net_device *dev)
487 struct vlan_dev_info *vlan = vlan_dev_info(dev); 487 struct vlan_dev_info *vlan = vlan_dev_info(dev);
488 struct net_device *real_dev = vlan->real_dev; 488 struct net_device *real_dev = vlan->real_dev;
489 489
490 if (vlan->flags & VLAN_FLAG_GVRP)
491 vlan_gvrp_request_leave(dev);
492
493 dev_mc_unsync(real_dev, dev); 490 dev_mc_unsync(real_dev, dev);
494 dev_uc_unsync(real_dev, dev); 491 dev_uc_unsync(real_dev, dev);
495 if (dev->flags & IFF_ALLMULTI) 492 if (dev->flags & IFF_ALLMULTI)
diff --git a/net/9p/client.c b/net/9p/client.c
index 77367745be9b..a9aa2dd66482 100644
--- a/net/9p/client.c
+++ b/net/9p/client.c
@@ -614,7 +614,7 @@ p9_client_rpc(struct p9_client *c, int8_t type, const char *fmt, ...)
614 614
615 err = c->trans_mod->request(c, req); 615 err = c->trans_mod->request(c, req);
616 if (err < 0) { 616 if (err < 0) {
617 if (err != -ERESTARTSYS) 617 if (err != -ERESTARTSYS && err != -EFAULT)
618 c->status = Disconnected; 618 c->status = Disconnected;
619 goto reterr; 619 goto reterr;
620 } 620 }
diff --git a/net/9p/protocol.c b/net/9p/protocol.c
index b58a501cf3d1..a873277cb996 100644
--- a/net/9p/protocol.c
+++ b/net/9p/protocol.c
@@ -674,6 +674,7 @@ int p9dirent_read(char *buf, int len, struct p9_dirent *dirent,
674 } 674 }
675 675
676 strcpy(dirent->d_name, nameptr); 676 strcpy(dirent->d_name, nameptr);
677 kfree(nameptr);
677 678
678out: 679out:
679 return fake_pdu.offset; 680 return fake_pdu.offset;
diff --git a/net/9p/trans_common.c b/net/9p/trans_common.c
index e883172f9aa2..9a70ebdec56e 100644
--- a/net/9p/trans_common.c
+++ b/net/9p/trans_common.c
@@ -63,7 +63,7 @@ p9_payload_gup(struct p9_req_t *req, size_t *pdata_off, int *pdata_len,
63 int nr_pages, u8 rw) 63 int nr_pages, u8 rw)
64{ 64{
65 uint32_t first_page_bytes = 0; 65 uint32_t first_page_bytes = 0;
66 uint32_t pdata_mapped_pages; 66 int32_t pdata_mapped_pages;
67 struct trans_rpage_info *rpinfo; 67 struct trans_rpage_info *rpinfo;
68 68
69 *pdata_off = (__force size_t)req->tc->pubuf & (PAGE_SIZE-1); 69 *pdata_off = (__force size_t)req->tc->pubuf & (PAGE_SIZE-1);
@@ -75,14 +75,9 @@ p9_payload_gup(struct p9_req_t *req, size_t *pdata_off, int *pdata_len,
75 rpinfo = req->tc->private; 75 rpinfo = req->tc->private;
76 pdata_mapped_pages = get_user_pages_fast((unsigned long)req->tc->pubuf, 76 pdata_mapped_pages = get_user_pages_fast((unsigned long)req->tc->pubuf,
77 nr_pages, rw, &rpinfo->rp_data[0]); 77 nr_pages, rw, &rpinfo->rp_data[0]);
78 if (pdata_mapped_pages <= 0)
79 return pdata_mapped_pages;
78 80
79 if (pdata_mapped_pages < 0) {
80 printk(KERN_ERR "get_user_pages_fast failed:%d udata:%p"
81 "nr_pages:%d\n", pdata_mapped_pages,
82 req->tc->pubuf, nr_pages);
83 pdata_mapped_pages = 0;
84 return -EIO;
85 }
86 rpinfo->rp_nr_pages = pdata_mapped_pages; 81 rpinfo->rp_nr_pages = pdata_mapped_pages;
87 if (*pdata_off) { 82 if (*pdata_off) {
88 *pdata_len = first_page_bytes; 83 *pdata_len = first_page_bytes;
diff --git a/net/bluetooth/hci_core.c b/net/bluetooth/hci_core.c
index c83f618282f7..b5a8afc2be33 100644
--- a/net/bluetooth/hci_core.c
+++ b/net/bluetooth/hci_core.c
@@ -587,10 +587,8 @@ static int hci_dev_do_close(struct hci_dev *hdev)
587 hci_req_cancel(hdev, ENODEV); 587 hci_req_cancel(hdev, ENODEV);
588 hci_req_lock(hdev); 588 hci_req_lock(hdev);
589 589
590 /* Stop timer, it might be running */
591 del_timer_sync(&hdev->cmd_timer);
592
593 if (!test_and_clear_bit(HCI_UP, &hdev->flags)) { 590 if (!test_and_clear_bit(HCI_UP, &hdev->flags)) {
591 del_timer_sync(&hdev->cmd_timer);
594 hci_req_unlock(hdev); 592 hci_req_unlock(hdev);
595 return 0; 593 return 0;
596 } 594 }
@@ -629,6 +627,7 @@ static int hci_dev_do_close(struct hci_dev *hdev)
629 627
630 /* Drop last sent command */ 628 /* Drop last sent command */
631 if (hdev->sent_cmd) { 629 if (hdev->sent_cmd) {
630 del_timer_sync(&hdev->cmd_timer);
632 kfree_skb(hdev->sent_cmd); 631 kfree_skb(hdev->sent_cmd);
633 hdev->sent_cmd = NULL; 632 hdev->sent_cmd = NULL;
634 } 633 }
diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
index cebe7588469f..b2570159a044 100644
--- a/net/bluetooth/hci_event.c
+++ b/net/bluetooth/hci_event.c
@@ -2387,8 +2387,6 @@ static inline void hci_io_capa_reply_evt(struct hci_dev *hdev, struct sk_buff *s
2387 if (!conn) 2387 if (!conn)
2388 goto unlock; 2388 goto unlock;
2389 2389
2390 hci_conn_hold(conn);
2391
2392 conn->remote_cap = ev->capability; 2390 conn->remote_cap = ev->capability;
2393 conn->remote_oob = ev->oob_data; 2391 conn->remote_oob = ev->oob_data;
2394 conn->remote_auth = ev->authentication; 2392 conn->remote_auth = ev->authentication;
diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c
index ca27f3a41536..2c8dd4494c63 100644
--- a/net/bluetooth/l2cap_core.c
+++ b/net/bluetooth/l2cap_core.c
@@ -1051,6 +1051,7 @@ static void l2cap_retransmit_one_frame(struct sock *sk, u8 tx_seq)
1051 tx_skb = skb_clone(skb, GFP_ATOMIC); 1051 tx_skb = skb_clone(skb, GFP_ATOMIC);
1052 bt_cb(skb)->retries++; 1052 bt_cb(skb)->retries++;
1053 control = get_unaligned_le16(tx_skb->data + L2CAP_HDR_SIZE); 1053 control = get_unaligned_le16(tx_skb->data + L2CAP_HDR_SIZE);
1054 control &= L2CAP_CTRL_SAR;
1054 1055
1055 if (pi->conn_state & L2CAP_CONN_SEND_FBIT) { 1056 if (pi->conn_state & L2CAP_CONN_SEND_FBIT) {
1056 control |= L2CAP_CTRL_FINAL; 1057 control |= L2CAP_CTRL_FINAL;
diff --git a/net/bridge/br_input.c b/net/bridge/br_input.c
index e2160792e1bc..0c7badad62af 100644
--- a/net/bridge/br_input.c
+++ b/net/bridge/br_input.c
@@ -164,7 +164,7 @@ rx_handler_result_t br_handle_frame(struct sk_buff **pskb)
164 goto drop; 164 goto drop;
165 165
166 /* If STP is turned off, then forward */ 166 /* If STP is turned off, then forward */
167 if (p->br->stp_enabled == BR_NO_STP) 167 if (p->br->stp_enabled == BR_NO_STP && dest[5] == 0)
168 goto forward; 168 goto forward;
169 169
170 if (NF_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_IN, skb, skb->dev, 170 if (NF_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_IN, skb, skb->dev,
diff --git a/net/bridge/br_netfilter.c b/net/bridge/br_netfilter.c
index f3bc322c5891..74ef4d4846a4 100644
--- a/net/bridge/br_netfilter.c
+++ b/net/bridge/br_netfilter.c
@@ -737,7 +737,7 @@ static unsigned int br_nf_forward_ip(unsigned int hook, struct sk_buff *skb,
737 nf_bridge->mask |= BRNF_PKT_TYPE; 737 nf_bridge->mask |= BRNF_PKT_TYPE;
738 } 738 }
739 739
740 if (br_parse_ip_options(skb)) 740 if (pf == PF_INET && br_parse_ip_options(skb))
741 return NF_DROP; 741 return NF_DROP;
742 742
743 /* The physdev module checks on this */ 743 /* The physdev module checks on this */
diff --git a/net/bridge/netfilter/ebtables.c b/net/bridge/netfilter/ebtables.c
index 893669caa8de..1a92b369c820 100644
--- a/net/bridge/netfilter/ebtables.c
+++ b/net/bridge/netfilter/ebtables.c
@@ -1766,7 +1766,7 @@ static int compat_table_info(const struct ebt_table_info *info,
1766 1766
1767 newinfo->entries_size = size; 1767 newinfo->entries_size = size;
1768 1768
1769 xt_compat_init_offsets(AF_INET, info->nentries); 1769 xt_compat_init_offsets(NFPROTO_BRIDGE, info->nentries);
1770 return EBT_ENTRY_ITERATE(entries, size, compat_calc_entry, info, 1770 return EBT_ENTRY_ITERATE(entries, size, compat_calc_entry, info,
1771 entries, newinfo); 1771 entries, newinfo);
1772} 1772}
@@ -1882,7 +1882,7 @@ static int compat_mtw_from_user(struct compat_ebt_entry_mwt *mwt,
1882 struct xt_match *match; 1882 struct xt_match *match;
1883 struct xt_target *wt; 1883 struct xt_target *wt;
1884 void *dst = NULL; 1884 void *dst = NULL;
1885 int off, pad = 0, ret = 0; 1885 int off, pad = 0;
1886 unsigned int size_kern, entry_offset, match_size = mwt->match_size; 1886 unsigned int size_kern, entry_offset, match_size = mwt->match_size;
1887 1887
1888 strlcpy(name, mwt->u.name, sizeof(name)); 1888 strlcpy(name, mwt->u.name, sizeof(name));
@@ -1935,13 +1935,6 @@ static int compat_mtw_from_user(struct compat_ebt_entry_mwt *mwt,
1935 break; 1935 break;
1936 } 1936 }
1937 1937
1938 if (!dst) {
1939 ret = xt_compat_add_offset(NFPROTO_BRIDGE, entry_offset,
1940 off + ebt_compat_entry_padsize());
1941 if (ret < 0)
1942 return ret;
1943 }
1944
1945 state->buf_kern_offset += match_size + off; 1938 state->buf_kern_offset += match_size + off;
1946 state->buf_user_offset += match_size; 1939 state->buf_user_offset += match_size;
1947 pad = XT_ALIGN(size_kern) - size_kern; 1940 pad = XT_ALIGN(size_kern) - size_kern;
@@ -2016,50 +2009,6 @@ static int ebt_size_mwt(struct compat_ebt_entry_mwt *match32,
2016 return growth; 2009 return growth;
2017} 2010}
2018 2011
2019#define EBT_COMPAT_WATCHER_ITERATE(e, fn, args...) \
2020({ \
2021 unsigned int __i; \
2022 int __ret = 0; \
2023 struct compat_ebt_entry_mwt *__watcher; \
2024 \
2025 for (__i = e->watchers_offset; \
2026 __i < (e)->target_offset; \
2027 __i += __watcher->watcher_size + \
2028 sizeof(struct compat_ebt_entry_mwt)) { \
2029 __watcher = (void *)(e) + __i; \
2030 __ret = fn(__watcher , ## args); \
2031 if (__ret != 0) \
2032 break; \
2033 } \
2034 if (__ret == 0) { \
2035 if (__i != (e)->target_offset) \
2036 __ret = -EINVAL; \
2037 } \
2038 __ret; \
2039})
2040
2041#define EBT_COMPAT_MATCH_ITERATE(e, fn, args...) \
2042({ \
2043 unsigned int __i; \
2044 int __ret = 0; \
2045 struct compat_ebt_entry_mwt *__match; \
2046 \
2047 for (__i = sizeof(struct ebt_entry); \
2048 __i < (e)->watchers_offset; \
2049 __i += __match->match_size + \
2050 sizeof(struct compat_ebt_entry_mwt)) { \
2051 __match = (void *)(e) + __i; \
2052 __ret = fn(__match , ## args); \
2053 if (__ret != 0) \
2054 break; \
2055 } \
2056 if (__ret == 0) { \
2057 if (__i != (e)->watchers_offset) \
2058 __ret = -EINVAL; \
2059 } \
2060 __ret; \
2061})
2062
2063/* called for all ebt_entry structures. */ 2012/* called for all ebt_entry structures. */
2064static int size_entry_mwt(struct ebt_entry *entry, const unsigned char *base, 2013static int size_entry_mwt(struct ebt_entry *entry, const unsigned char *base,
2065 unsigned int *total, 2014 unsigned int *total,
@@ -2132,6 +2081,14 @@ static int size_entry_mwt(struct ebt_entry *entry, const unsigned char *base,
2132 } 2081 }
2133 } 2082 }
2134 2083
2084 if (state->buf_kern_start == NULL) {
2085 unsigned int offset = buf_start - (char *) base;
2086
2087 ret = xt_compat_add_offset(NFPROTO_BRIDGE, offset, new_offset);
2088 if (ret < 0)
2089 return ret;
2090 }
2091
2135 startoff = state->buf_user_offset - startoff; 2092 startoff = state->buf_user_offset - startoff;
2136 2093
2137 BUG_ON(*total < startoff); 2094 BUG_ON(*total < startoff);
@@ -2240,6 +2197,7 @@ static int compat_do_replace(struct net *net, void __user *user,
2240 2197
2241 xt_compat_lock(NFPROTO_BRIDGE); 2198 xt_compat_lock(NFPROTO_BRIDGE);
2242 2199
2200 xt_compat_init_offsets(NFPROTO_BRIDGE, tmp.nentries);
2243 ret = compat_copy_entries(entries_tmp, tmp.entries_size, &state); 2201 ret = compat_copy_entries(entries_tmp, tmp.entries_size, &state);
2244 if (ret < 0) 2202 if (ret < 0)
2245 goto out_unlock; 2203 goto out_unlock;
diff --git a/net/can/bcm.c b/net/can/bcm.c
index 57b1aed79014..8a6a05e7c3c8 100644
--- a/net/can/bcm.c
+++ b/net/can/bcm.c
@@ -1427,9 +1427,14 @@ static int bcm_init(struct sock *sk)
1427static int bcm_release(struct socket *sock) 1427static int bcm_release(struct socket *sock)
1428{ 1428{
1429 struct sock *sk = sock->sk; 1429 struct sock *sk = sock->sk;
1430 struct bcm_sock *bo = bcm_sk(sk); 1430 struct bcm_sock *bo;
1431 struct bcm_op *op, *next; 1431 struct bcm_op *op, *next;
1432 1432
1433 if (sk == NULL)
1434 return 0;
1435
1436 bo = bcm_sk(sk);
1437
1433 /* remove bcm_ops, timer, rx_unregister(), etc. */ 1438 /* remove bcm_ops, timer, rx_unregister(), etc. */
1434 1439
1435 unregister_netdevice_notifier(&bo->notifier); 1440 unregister_netdevice_notifier(&bo->notifier);
diff --git a/net/can/raw.c b/net/can/raw.c
index 649acfa7c70a..0eb39a7fdf64 100644
--- a/net/can/raw.c
+++ b/net/can/raw.c
@@ -305,7 +305,12 @@ static int raw_init(struct sock *sk)
305static int raw_release(struct socket *sock) 305static int raw_release(struct socket *sock)
306{ 306{
307 struct sock *sk = sock->sk; 307 struct sock *sk = sock->sk;
308 struct raw_sock *ro = raw_sk(sk); 308 struct raw_sock *ro;
309
310 if (!sk)
311 return 0;
312
313 ro = raw_sk(sk);
309 314
310 unregister_netdevice_notifier(&ro->notifier); 315 unregister_netdevice_notifier(&ro->notifier);
311 316
diff --git a/net/ceph/messenger.c b/net/ceph/messenger.c
index 05f357828a2f..e15a82ccc05f 100644
--- a/net/ceph/messenger.c
+++ b/net/ceph/messenger.c
@@ -2267,6 +2267,19 @@ struct ceph_msg *ceph_msg_new(int type, int front_len, gfp_t flags)
2267 m->more_to_follow = false; 2267 m->more_to_follow = false;
2268 m->pool = NULL; 2268 m->pool = NULL;
2269 2269
2270 /* middle */
2271 m->middle = NULL;
2272
2273 /* data */
2274 m->nr_pages = 0;
2275 m->page_alignment = 0;
2276 m->pages = NULL;
2277 m->pagelist = NULL;
2278 m->bio = NULL;
2279 m->bio_iter = NULL;
2280 m->bio_seg = 0;
2281 m->trail = NULL;
2282
2270 /* front */ 2283 /* front */
2271 if (front_len) { 2284 if (front_len) {
2272 if (front_len > PAGE_CACHE_SIZE) { 2285 if (front_len > PAGE_CACHE_SIZE) {
@@ -2286,19 +2299,6 @@ struct ceph_msg *ceph_msg_new(int type, int front_len, gfp_t flags)
2286 } 2299 }
2287 m->front.iov_len = front_len; 2300 m->front.iov_len = front_len;
2288 2301
2289 /* middle */
2290 m->middle = NULL;
2291
2292 /* data */
2293 m->nr_pages = 0;
2294 m->page_alignment = 0;
2295 m->pages = NULL;
2296 m->pagelist = NULL;
2297 m->bio = NULL;
2298 m->bio_iter = NULL;
2299 m->bio_seg = 0;
2300 m->trail = NULL;
2301
2302 dout("ceph_msg_new %p front %d\n", m, front_len); 2302 dout("ceph_msg_new %p front %d\n", m, front_len);
2303 return m; 2303 return m;
2304 2304
diff --git a/net/ceph/osd_client.c b/net/ceph/osd_client.c
index 5a80f41c0cba..6b5dda1cb5df 100644
--- a/net/ceph/osd_client.c
+++ b/net/ceph/osd_client.c
@@ -470,8 +470,8 @@ struct ceph_osd_request *ceph_osdc_new_request(struct ceph_osd_client *osdc,
470 snapc, ops, 470 snapc, ops,
471 use_mempool, 471 use_mempool,
472 GFP_NOFS, NULL, NULL); 472 GFP_NOFS, NULL, NULL);
473 if (IS_ERR(req)) 473 if (!req)
474 return req; 474 return NULL;
475 475
476 /* calculate max write size */ 476 /* calculate max write size */
477 calc_layout(osdc, vino, layout, off, plen, req, ops); 477 calc_layout(osdc, vino, layout, off, plen, req, ops);
diff --git a/net/core/dev.c b/net/core/dev.c
index c2ac599fa0f6..b624fe4d9bd7 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -1284,11 +1284,13 @@ static int dev_close_many(struct list_head *head)
1284 */ 1284 */
1285int dev_close(struct net_device *dev) 1285int dev_close(struct net_device *dev)
1286{ 1286{
1287 LIST_HEAD(single); 1287 if (dev->flags & IFF_UP) {
1288 LIST_HEAD(single);
1288 1289
1289 list_add(&dev->unreg_list, &single); 1290 list_add(&dev->unreg_list, &single);
1290 dev_close_many(&single); 1291 dev_close_many(&single);
1291 list_del(&single); 1292 list_del(&single);
1293 }
1292 return 0; 1294 return 0;
1293} 1295}
1294EXPORT_SYMBOL(dev_close); 1296EXPORT_SYMBOL(dev_close);
@@ -4773,7 +4775,7 @@ static int dev_ifsioc_locked(struct net *net, struct ifreq *ifr, unsigned int cm
4773 * is never reached 4775 * is never reached
4774 */ 4776 */
4775 WARN_ON(1); 4777 WARN_ON(1);
4776 err = -EINVAL; 4778 err = -ENOTTY;
4777 break; 4779 break;
4778 4780
4779 } 4781 }
@@ -5041,7 +5043,7 @@ int dev_ioctl(struct net *net, unsigned int cmd, void __user *arg)
5041 /* Set the per device memory buffer space. 5043 /* Set the per device memory buffer space.
5042 * Not applicable in our case */ 5044 * Not applicable in our case */
5043 case SIOCSIFLINK: 5045 case SIOCSIFLINK:
5044 return -EINVAL; 5046 return -ENOTTY;
5045 5047
5046 /* 5048 /*
5047 * Unknown or private ioctl. 5049 * Unknown or private ioctl.
@@ -5062,7 +5064,7 @@ int dev_ioctl(struct net *net, unsigned int cmd, void __user *arg)
5062 /* Take care of Wireless Extensions */ 5064 /* Take care of Wireless Extensions */
5063 if (cmd >= SIOCIWFIRST && cmd <= SIOCIWLAST) 5065 if (cmd >= SIOCIWFIRST && cmd <= SIOCIWLAST)
5064 return wext_handle_ioctl(net, &ifr, cmd, arg); 5066 return wext_handle_ioctl(net, &ifr, cmd, arg);
5065 return -EINVAL; 5067 return -ENOTTY;
5066 } 5068 }
5067} 5069}
5068 5070
@@ -5184,27 +5186,27 @@ u32 netdev_fix_features(struct net_device *dev, u32 features)
5184 /* Fix illegal checksum combinations */ 5186 /* Fix illegal checksum combinations */
5185 if ((features & NETIF_F_HW_CSUM) && 5187 if ((features & NETIF_F_HW_CSUM) &&
5186 (features & (NETIF_F_IP_CSUM|NETIF_F_IPV6_CSUM))) { 5188 (features & (NETIF_F_IP_CSUM|NETIF_F_IPV6_CSUM))) {
5187 netdev_info(dev, "mixed HW and IP checksum settings.\n"); 5189 netdev_warn(dev, "mixed HW and IP checksum settings.\n");
5188 features &= ~(NETIF_F_IP_CSUM|NETIF_F_IPV6_CSUM); 5190 features &= ~(NETIF_F_IP_CSUM|NETIF_F_IPV6_CSUM);
5189 } 5191 }
5190 5192
5191 if ((features & NETIF_F_NO_CSUM) && 5193 if ((features & NETIF_F_NO_CSUM) &&
5192 (features & (NETIF_F_HW_CSUM|NETIF_F_IP_CSUM|NETIF_F_IPV6_CSUM))) { 5194 (features & (NETIF_F_HW_CSUM|NETIF_F_IP_CSUM|NETIF_F_IPV6_CSUM))) {
5193 netdev_info(dev, "mixed no checksumming and other settings.\n"); 5195 netdev_warn(dev, "mixed no checksumming and other settings.\n");
5194 features &= ~(NETIF_F_IP_CSUM|NETIF_F_IPV6_CSUM|NETIF_F_HW_CSUM); 5196 features &= ~(NETIF_F_IP_CSUM|NETIF_F_IPV6_CSUM|NETIF_F_HW_CSUM);
5195 } 5197 }
5196 5198
5197 /* Fix illegal SG+CSUM combinations. */ 5199 /* Fix illegal SG+CSUM combinations. */
5198 if ((features & NETIF_F_SG) && 5200 if ((features & NETIF_F_SG) &&
5199 !(features & NETIF_F_ALL_CSUM)) { 5201 !(features & NETIF_F_ALL_CSUM)) {
5200 netdev_info(dev, 5202 netdev_dbg(dev,
5201 "Dropping NETIF_F_SG since no checksum feature.\n"); 5203 "Dropping NETIF_F_SG since no checksum feature.\n");
5202 features &= ~NETIF_F_SG; 5204 features &= ~NETIF_F_SG;
5203 } 5205 }
5204 5206
5205 /* TSO requires that SG is present as well. */ 5207 /* TSO requires that SG is present as well. */
5206 if ((features & NETIF_F_ALL_TSO) && !(features & NETIF_F_SG)) { 5208 if ((features & NETIF_F_ALL_TSO) && !(features & NETIF_F_SG)) {
5207 netdev_info(dev, "Dropping TSO features since no SG feature.\n"); 5209 netdev_dbg(dev, "Dropping TSO features since no SG feature.\n");
5208 features &= ~NETIF_F_ALL_TSO; 5210 features &= ~NETIF_F_ALL_TSO;
5209 } 5211 }
5210 5212
@@ -5214,7 +5216,7 @@ u32 netdev_fix_features(struct net_device *dev, u32 features)
5214 5216
5215 /* Software GSO depends on SG. */ 5217 /* Software GSO depends on SG. */
5216 if ((features & NETIF_F_GSO) && !(features & NETIF_F_SG)) { 5218 if ((features & NETIF_F_GSO) && !(features & NETIF_F_SG)) {
5217 netdev_info(dev, "Dropping NETIF_F_GSO since no SG feature.\n"); 5219 netdev_dbg(dev, "Dropping NETIF_F_GSO since no SG feature.\n");
5218 features &= ~NETIF_F_GSO; 5220 features &= ~NETIF_F_GSO;
5219 } 5221 }
5220 5222
@@ -5224,13 +5226,13 @@ u32 netdev_fix_features(struct net_device *dev, u32 features)
5224 if (!((features & NETIF_F_GEN_CSUM) || 5226 if (!((features & NETIF_F_GEN_CSUM) ||
5225 (features & (NETIF_F_IP_CSUM|NETIF_F_IPV6_CSUM)) 5227 (features & (NETIF_F_IP_CSUM|NETIF_F_IPV6_CSUM))
5226 == (NETIF_F_IP_CSUM|NETIF_F_IPV6_CSUM))) { 5228 == (NETIF_F_IP_CSUM|NETIF_F_IPV6_CSUM))) {
5227 netdev_info(dev, 5229 netdev_dbg(dev,
5228 "Dropping NETIF_F_UFO since no checksum offload features.\n"); 5230 "Dropping NETIF_F_UFO since no checksum offload features.\n");
5229 features &= ~NETIF_F_UFO; 5231 features &= ~NETIF_F_UFO;
5230 } 5232 }
5231 5233
5232 if (!(features & NETIF_F_SG)) { 5234 if (!(features & NETIF_F_SG)) {
5233 netdev_info(dev, 5235 netdev_dbg(dev,
5234 "Dropping NETIF_F_UFO since no NETIF_F_SG feature.\n"); 5236 "Dropping NETIF_F_UFO since no NETIF_F_SG feature.\n");
5235 features &= ~NETIF_F_UFO; 5237 features &= ~NETIF_F_UFO;
5236 } 5238 }
@@ -5412,12 +5414,6 @@ int register_netdevice(struct net_device *dev)
5412 dev->features |= NETIF_F_SOFT_FEATURES; 5414 dev->features |= NETIF_F_SOFT_FEATURES;
5413 dev->wanted_features = dev->features & dev->hw_features; 5415 dev->wanted_features = dev->features & dev->hw_features;
5414 5416
5415 /* Avoid warning from netdev_fix_features() for GSO without SG */
5416 if (!(dev->wanted_features & NETIF_F_SG)) {
5417 dev->wanted_features &= ~NETIF_F_GSO;
5418 dev->features &= ~NETIF_F_GSO;
5419 }
5420
5421 /* Enable GRO and NETIF_F_HIGHDMA for vlans by default, 5417 /* Enable GRO and NETIF_F_HIGHDMA for vlans by default,
5422 * vlan_dev_init() will do the dev->features check, so these features 5418 * vlan_dev_init() will do the dev->features check, so these features
5423 * are enabled only if supported by underlying device. 5419 * are enabled only if supported by underlying device.
diff --git a/net/dccp/options.c b/net/dccp/options.c
index f06ffcfc8d71..4b2ab657ac8e 100644
--- a/net/dccp/options.c
+++ b/net/dccp/options.c
@@ -123,6 +123,8 @@ int dccp_parse_options(struct sock *sk, struct dccp_request_sock *dreq,
123 case DCCPO_CHANGE_L ... DCCPO_CONFIRM_R: 123 case DCCPO_CHANGE_L ... DCCPO_CONFIRM_R:
124 if (pkt_type == DCCP_PKT_DATA) /* RFC 4340, 6 */ 124 if (pkt_type == DCCP_PKT_DATA) /* RFC 4340, 6 */
125 break; 125 break;
126 if (len == 0)
127 goto out_invalid_option;
126 rc = dccp_feat_parse_options(sk, dreq, mandatory, opt, 128 rc = dccp_feat_parse_options(sk, dreq, mandatory, opt,
127 *value, value + 1, len - 1); 129 *value, value + 1, len - 1);
128 if (rc) 130 if (rc)
diff --git a/net/dsa/Kconfig b/net/dsa/Kconfig
index 87bb5f4de0e8..c53ded2a98df 100644
--- a/net/dsa/Kconfig
+++ b/net/dsa/Kconfig
@@ -41,12 +41,12 @@ config NET_DSA_MV88E6XXX_NEED_PPU
41 default n 41 default n
42 42
43config NET_DSA_MV88E6131 43config NET_DSA_MV88E6131
44 bool "Marvell 88E6095/6095F/6131 ethernet switch chip support" 44 bool "Marvell 88E6085/6095/6095F/6131 ethernet switch chip support"
45 select NET_DSA_MV88E6XXX 45 select NET_DSA_MV88E6XXX
46 select NET_DSA_MV88E6XXX_NEED_PPU 46 select NET_DSA_MV88E6XXX_NEED_PPU
47 select NET_DSA_TAG_DSA 47 select NET_DSA_TAG_DSA
48 ---help--- 48 ---help---
49 This enables support for the Marvell 88E6095/6095F/6131 49 This enables support for the Marvell 88E6085/6095/6095F/6131
50 ethernet switch chips. 50 ethernet switch chips.
51 51
52config NET_DSA_MV88E6123_61_65 52config NET_DSA_MV88E6123_61_65
diff --git a/net/dsa/mv88e6131.c b/net/dsa/mv88e6131.c
index 3da418894efc..45f7411e90ba 100644
--- a/net/dsa/mv88e6131.c
+++ b/net/dsa/mv88e6131.c
@@ -207,8 +207,15 @@ static int mv88e6131_setup_port(struct dsa_switch *ds, int p)
207 * mode, but do not enable forwarding of unknown unicasts. 207 * mode, but do not enable forwarding of unknown unicasts.
208 */ 208 */
209 val = 0x0433; 209 val = 0x0433;
210 if (p == dsa_upstream_port(ds)) 210 if (p == dsa_upstream_port(ds)) {
211 val |= 0x0104; 211 val |= 0x0104;
212 /*
213 * On 6085, unknown multicast forward is controlled
214 * here rather than in Port Control 2 register.
215 */
216 if (ps->id == ID_6085)
217 val |= 0x0008;
218 }
212 if (ds->dsa_port_mask & (1 << p)) 219 if (ds->dsa_port_mask & (1 << p))
213 val |= 0x0100; 220 val |= 0x0100;
214 REG_WRITE(addr, 0x04, val); 221 REG_WRITE(addr, 0x04, val);
@@ -251,10 +258,19 @@ static int mv88e6131_setup_port(struct dsa_switch *ds, int p)
251 * If this is the upstream port for this switch, enable 258 * If this is the upstream port for this switch, enable
252 * forwarding of unknown multicast addresses. 259 * forwarding of unknown multicast addresses.
253 */ 260 */
254 val = 0x0080 | dsa_upstream_port(ds); 261 if (ps->id == ID_6085)
255 if (p == dsa_upstream_port(ds)) 262 /*
256 val |= 0x0040; 263 * on 6085, bits 3:0 are reserved, bit 6 control ARP
257 REG_WRITE(addr, 0x08, val); 264 * mirroring, and multicast forward is handled in
265 * Port Control register.
266 */
267 REG_WRITE(addr, 0x08, 0x0080);
268 else {
269 val = 0x0080 | dsa_upstream_port(ds);
270 if (p == dsa_upstream_port(ds))
271 val |= 0x0040;
272 REG_WRITE(addr, 0x08, val);
273 }
258 274
259 /* 275 /*
260 * Rate Control: disable ingress rate limiting. 276 * Rate Control: disable ingress rate limiting.
diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c
index 5345b0bee6df..cd9ca0811cfa 100644
--- a/net/ipv4/devinet.c
+++ b/net/ipv4/devinet.c
@@ -1680,7 +1680,7 @@ static void __devinet_sysctl_unregister(struct ipv4_devconf *cnf)
1680 return; 1680 return;
1681 1681
1682 cnf->sysctl = NULL; 1682 cnf->sysctl = NULL;
1683 unregister_sysctl_table(t->sysctl_header); 1683 unregister_net_sysctl_table(t->sysctl_header);
1684 kfree(t->dev_name); 1684 kfree(t->dev_name);
1685 kfree(t); 1685 kfree(t);
1686} 1686}
diff --git a/net/ipv4/fib_trie.c b/net/ipv4/fib_trie.c
index e9013d6c1f51..5fe9b8b41df3 100644
--- a/net/ipv4/fib_trie.c
+++ b/net/ipv4/fib_trie.c
@@ -1978,9 +1978,6 @@ struct fib_table *fib_trie_table(u32 id)
1978 t = (struct trie *) tb->tb_data; 1978 t = (struct trie *) tb->tb_data;
1979 memset(t, 0, sizeof(*t)); 1979 memset(t, 0, sizeof(*t));
1980 1980
1981 if (id == RT_TABLE_LOCAL)
1982 pr_info("IPv4 FIB: Using LC-trie version %s\n", VERSION);
1983
1984 return tb; 1981 return tb;
1985} 1982}
1986 1983
diff --git a/net/ipv4/ip_fragment.c b/net/ipv4/ip_fragment.c
index a1151b8adf3c..b1d282f11be7 100644
--- a/net/ipv4/ip_fragment.c
+++ b/net/ipv4/ip_fragment.c
@@ -223,31 +223,30 @@ static void ip_expire(unsigned long arg)
223 223
224 if ((qp->q.last_in & INET_FRAG_FIRST_IN) && qp->q.fragments != NULL) { 224 if ((qp->q.last_in & INET_FRAG_FIRST_IN) && qp->q.fragments != NULL) {
225 struct sk_buff *head = qp->q.fragments; 225 struct sk_buff *head = qp->q.fragments;
226 const struct iphdr *iph;
227 int err;
226 228
227 rcu_read_lock(); 229 rcu_read_lock();
228 head->dev = dev_get_by_index_rcu(net, qp->iif); 230 head->dev = dev_get_by_index_rcu(net, qp->iif);
229 if (!head->dev) 231 if (!head->dev)
230 goto out_rcu_unlock; 232 goto out_rcu_unlock;
231 233
234 /* skb dst is stale, drop it, and perform route lookup again */
235 skb_dst_drop(head);
236 iph = ip_hdr(head);
237 err = ip_route_input_noref(head, iph->daddr, iph->saddr,
238 iph->tos, head->dev);
239 if (err)
240 goto out_rcu_unlock;
241
232 /* 242 /*
233 * Only search router table for the head fragment, 243 * Only an end host needs to send an ICMP
234 * when defraging timeout at PRE_ROUTING HOOK. 244 * "Fragment Reassembly Timeout" message, per RFC792.
235 */ 245 */
236 if (qp->user == IP_DEFRAG_CONNTRACK_IN && !skb_dst(head)) { 246 if (qp->user == IP_DEFRAG_CONNTRACK_IN &&
237 const struct iphdr *iph = ip_hdr(head); 247 skb_rtable(head)->rt_type != RTN_LOCAL)
238 int err = ip_route_input(head, iph->daddr, iph->saddr, 248 goto out_rcu_unlock;
239 iph->tos, head->dev);
240 if (unlikely(err))
241 goto out_rcu_unlock;
242
243 /*
244 * Only an end host needs to send an ICMP
245 * "Fragment Reassembly Timeout" message, per RFC792.
246 */
247 if (skb_rtable(head)->rt_type != RTN_LOCAL)
248 goto out_rcu_unlock;
249 249
250 }
251 250
252 /* Send an ICMP "Fragment Reassembly Timeout" message. */ 251 /* Send an ICMP "Fragment Reassembly Timeout" message. */
253 icmp_send(head, ICMP_TIME_EXCEEDED, ICMP_EXC_FRAGTIME, 0); 252 icmp_send(head, ICMP_TIME_EXCEEDED, ICMP_EXC_FRAGTIME, 0);
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index c1acf69858fd..99e6e4bb1c72 100644
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -2690,6 +2690,12 @@ static void ipv4_rt_blackhole_update_pmtu(struct dst_entry *dst, u32 mtu)
2690{ 2690{
2691} 2691}
2692 2692
2693static u32 *ipv4_rt_blackhole_cow_metrics(struct dst_entry *dst,
2694 unsigned long old)
2695{
2696 return NULL;
2697}
2698
2693static struct dst_ops ipv4_dst_blackhole_ops = { 2699static struct dst_ops ipv4_dst_blackhole_ops = {
2694 .family = AF_INET, 2700 .family = AF_INET,
2695 .protocol = cpu_to_be16(ETH_P_IP), 2701 .protocol = cpu_to_be16(ETH_P_IP),
@@ -2698,6 +2704,7 @@ static struct dst_ops ipv4_dst_blackhole_ops = {
2698 .default_mtu = ipv4_blackhole_default_mtu, 2704 .default_mtu = ipv4_blackhole_default_mtu,
2699 .default_advmss = ipv4_default_advmss, 2705 .default_advmss = ipv4_default_advmss,
2700 .update_pmtu = ipv4_rt_blackhole_update_pmtu, 2706 .update_pmtu = ipv4_rt_blackhole_update_pmtu,
2707 .cow_metrics = ipv4_rt_blackhole_cow_metrics,
2701}; 2708};
2702 2709
2703struct dst_entry *ipv4_blackhole_route(struct net *net, struct dst_entry *dst_orig) 2710struct dst_entry *ipv4_blackhole_route(struct net *net, struct dst_entry *dst_orig)
diff --git a/net/ipv4/tcp_cubic.c b/net/ipv4/tcp_cubic.c
index 34340c9c95fa..f376b05cca81 100644
--- a/net/ipv4/tcp_cubic.c
+++ b/net/ipv4/tcp_cubic.c
@@ -93,6 +93,7 @@ struct bictcp {
93 u32 ack_cnt; /* number of acks */ 93 u32 ack_cnt; /* number of acks */
94 u32 tcp_cwnd; /* estimated tcp cwnd */ 94 u32 tcp_cwnd; /* estimated tcp cwnd */
95#define ACK_RATIO_SHIFT 4 95#define ACK_RATIO_SHIFT 4
96#define ACK_RATIO_LIMIT (32u << ACK_RATIO_SHIFT)
96 u16 delayed_ack; /* estimate the ratio of Packets/ACKs << 4 */ 97 u16 delayed_ack; /* estimate the ratio of Packets/ACKs << 4 */
97 u8 sample_cnt; /* number of samples to decide curr_rtt */ 98 u8 sample_cnt; /* number of samples to decide curr_rtt */
98 u8 found; /* the exit point is found? */ 99 u8 found; /* the exit point is found? */
@@ -398,8 +399,12 @@ static void bictcp_acked(struct sock *sk, u32 cnt, s32 rtt_us)
398 u32 delay; 399 u32 delay;
399 400
400 if (icsk->icsk_ca_state == TCP_CA_Open) { 401 if (icsk->icsk_ca_state == TCP_CA_Open) {
401 cnt -= ca->delayed_ack >> ACK_RATIO_SHIFT; 402 u32 ratio = ca->delayed_ack;
402 ca->delayed_ack += cnt; 403
404 ratio -= ca->delayed_ack >> ACK_RATIO_SHIFT;
405 ratio += cnt;
406
407 ca->delayed_ack = min(ratio, ACK_RATIO_LIMIT);
403 } 408 }
404 409
405 /* Some calls are for duplicates without timetamps */ 410 /* Some calls are for duplicates without timetamps */
diff --git a/net/ipv4/xfrm4_output.c b/net/ipv4/xfrm4_output.c
index 571aa96a175c..2d51840e53a1 100644
--- a/net/ipv4/xfrm4_output.c
+++ b/net/ipv4/xfrm4_output.c
@@ -69,7 +69,7 @@ int xfrm4_prepare_output(struct xfrm_state *x, struct sk_buff *skb)
69} 69}
70EXPORT_SYMBOL(xfrm4_prepare_output); 70EXPORT_SYMBOL(xfrm4_prepare_output);
71 71
72static int xfrm4_output_finish(struct sk_buff *skb) 72int xfrm4_output_finish(struct sk_buff *skb)
73{ 73{
74#ifdef CONFIG_NETFILTER 74#ifdef CONFIG_NETFILTER
75 if (!skb_dst(skb)->xfrm) { 75 if (!skb_dst(skb)->xfrm) {
@@ -86,7 +86,11 @@ static int xfrm4_output_finish(struct sk_buff *skb)
86 86
87int xfrm4_output(struct sk_buff *skb) 87int xfrm4_output(struct sk_buff *skb)
88{ 88{
89 struct dst_entry *dst = skb_dst(skb);
90 struct xfrm_state *x = dst->xfrm;
91
89 return NF_HOOK_COND(NFPROTO_IPV4, NF_INET_POST_ROUTING, skb, 92 return NF_HOOK_COND(NFPROTO_IPV4, NF_INET_POST_ROUTING, skb,
90 NULL, skb_dst(skb)->dev, xfrm4_output_finish, 93 NULL, dst->dev,
94 x->outer_mode->afinfo->output_finish,
91 !(IPCB(skb)->flags & IPSKB_REROUTED)); 95 !(IPCB(skb)->flags & IPSKB_REROUTED));
92} 96}
diff --git a/net/ipv4/xfrm4_state.c b/net/ipv4/xfrm4_state.c
index 1717c64628d1..805d63ef4340 100644
--- a/net/ipv4/xfrm4_state.c
+++ b/net/ipv4/xfrm4_state.c
@@ -78,6 +78,7 @@ static struct xfrm_state_afinfo xfrm4_state_afinfo = {
78 .init_tempsel = __xfrm4_init_tempsel, 78 .init_tempsel = __xfrm4_init_tempsel,
79 .init_temprop = xfrm4_init_temprop, 79 .init_temprop = xfrm4_init_temprop,
80 .output = xfrm4_output, 80 .output = xfrm4_output,
81 .output_finish = xfrm4_output_finish,
81 .extract_input = xfrm4_extract_input, 82 .extract_input = xfrm4_extract_input,
82 .extract_output = xfrm4_extract_output, 83 .extract_output = xfrm4_extract_output,
83 .transport_finish = xfrm4_transport_finish, 84 .transport_finish = xfrm4_transport_finish,
diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
index 1493534116df..a7bda0757053 100644
--- a/net/ipv6/addrconf.c
+++ b/net/ipv6/addrconf.c
@@ -4537,7 +4537,7 @@ static void __addrconf_sysctl_unregister(struct ipv6_devconf *p)
4537 4537
4538 t = p->sysctl; 4538 t = p->sysctl;
4539 p->sysctl = NULL; 4539 p->sysctl = NULL;
4540 unregister_sysctl_table(t->sysctl_header); 4540 unregister_net_sysctl_table(t->sysctl_header);
4541 kfree(t->dev_name); 4541 kfree(t->dev_name);
4542 kfree(t); 4542 kfree(t);
4543} 4543}
diff --git a/net/ipv6/esp6.c b/net/ipv6/esp6.c
index 5aa8ec88f194..59dccfbb5b11 100644
--- a/net/ipv6/esp6.c
+++ b/net/ipv6/esp6.c
@@ -371,7 +371,7 @@ static int esp6_input(struct xfrm_state *x, struct sk_buff *skb)
371 iv = esp_tmp_iv(aead, tmp, seqhilen); 371 iv = esp_tmp_iv(aead, tmp, seqhilen);
372 req = esp_tmp_req(aead, iv); 372 req = esp_tmp_req(aead, iv);
373 asg = esp_req_sg(aead, req); 373 asg = esp_req_sg(aead, req);
374 sg = asg + 1; 374 sg = asg + sglists;
375 375
376 skb->ip_summed = CHECKSUM_NONE; 376 skb->ip_summed = CHECKSUM_NONE;
377 377
diff --git a/net/ipv6/netfilter/ip6t_REJECT.c b/net/ipv6/netfilter/ip6t_REJECT.c
index 28e74488a329..a5a4c5dd5396 100644
--- a/net/ipv6/netfilter/ip6t_REJECT.c
+++ b/net/ipv6/netfilter/ip6t_REJECT.c
@@ -45,6 +45,8 @@ static void send_reset(struct net *net, struct sk_buff *oldskb)
45 int tcphoff, needs_ack; 45 int tcphoff, needs_ack;
46 const struct ipv6hdr *oip6h = ipv6_hdr(oldskb); 46 const struct ipv6hdr *oip6h = ipv6_hdr(oldskb);
47 struct ipv6hdr *ip6h; 47 struct ipv6hdr *ip6h;
48#define DEFAULT_TOS_VALUE 0x0U
49 const __u8 tclass = DEFAULT_TOS_VALUE;
48 struct dst_entry *dst = NULL; 50 struct dst_entry *dst = NULL;
49 u8 proto; 51 u8 proto;
50 struct flowi6 fl6; 52 struct flowi6 fl6;
@@ -124,7 +126,7 @@ static void send_reset(struct net *net, struct sk_buff *oldskb)
124 skb_put(nskb, sizeof(struct ipv6hdr)); 126 skb_put(nskb, sizeof(struct ipv6hdr));
125 skb_reset_network_header(nskb); 127 skb_reset_network_header(nskb);
126 ip6h = ipv6_hdr(nskb); 128 ip6h = ipv6_hdr(nskb);
127 ip6h->version = 6; 129 *(__be32 *)ip6h = htonl(0x60000000 | (tclass << 20));
128 ip6h->hop_limit = ip6_dst_hoplimit(dst); 130 ip6h->hop_limit = ip6_dst_hoplimit(dst);
129 ip6h->nexthdr = IPPROTO_TCP; 131 ip6h->nexthdr = IPPROTO_TCP;
130 ipv6_addr_copy(&ip6h->saddr, &oip6h->daddr); 132 ipv6_addr_copy(&ip6h->saddr, &oip6h->daddr);
diff --git a/net/ipv6/route.c b/net/ipv6/route.c
index 843406f14d7b..fd0eec6f88c6 100644
--- a/net/ipv6/route.c
+++ b/net/ipv6/route.c
@@ -153,6 +153,12 @@ static void ip6_rt_blackhole_update_pmtu(struct dst_entry *dst, u32 mtu)
153{ 153{
154} 154}
155 155
156static u32 *ip6_rt_blackhole_cow_metrics(struct dst_entry *dst,
157 unsigned long old)
158{
159 return NULL;
160}
161
156static struct dst_ops ip6_dst_blackhole_ops = { 162static struct dst_ops ip6_dst_blackhole_ops = {
157 .family = AF_INET6, 163 .family = AF_INET6,
158 .protocol = cpu_to_be16(ETH_P_IPV6), 164 .protocol = cpu_to_be16(ETH_P_IPV6),
@@ -161,6 +167,7 @@ static struct dst_ops ip6_dst_blackhole_ops = {
161 .default_mtu = ip6_blackhole_default_mtu, 167 .default_mtu = ip6_blackhole_default_mtu,
162 .default_advmss = ip6_default_advmss, 168 .default_advmss = ip6_default_advmss,
163 .update_pmtu = ip6_rt_blackhole_update_pmtu, 169 .update_pmtu = ip6_rt_blackhole_update_pmtu,
170 .cow_metrics = ip6_rt_blackhole_cow_metrics,
164}; 171};
165 172
166static const u32 ip6_template_metrics[RTAX_MAX] = { 173static const u32 ip6_template_metrics[RTAX_MAX] = {
@@ -2012,7 +2019,6 @@ struct rt6_info *addrconf_dst_alloc(struct inet6_dev *idev,
2012 rt->dst.output = ip6_output; 2019 rt->dst.output = ip6_output;
2013 rt->rt6i_dev = net->loopback_dev; 2020 rt->rt6i_dev = net->loopback_dev;
2014 rt->rt6i_idev = idev; 2021 rt->rt6i_idev = idev;
2015 dst_metric_set(&rt->dst, RTAX_HOPLIMIT, -1);
2016 rt->dst.obsolete = -1; 2022 rt->dst.obsolete = -1;
2017 2023
2018 rt->rt6i_flags = RTF_UP | RTF_NONEXTHOP; 2024 rt->rt6i_flags = RTF_UP | RTF_NONEXTHOP;
diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c
index 15c37746845e..9e305d74b3d4 100644
--- a/net/ipv6/udp.c
+++ b/net/ipv6/udp.c
@@ -1335,7 +1335,7 @@ static struct sk_buff *udp6_ufo_fragment(struct sk_buff *skb, u32 features)
1335 skb->ip_summed = CHECKSUM_NONE; 1335 skb->ip_summed = CHECKSUM_NONE;
1336 1336
1337 /* Check if there is enough headroom to insert fragment header. */ 1337 /* Check if there is enough headroom to insert fragment header. */
1338 if ((skb_headroom(skb) < frag_hdr_sz) && 1338 if ((skb_mac_header(skb) < skb->head + frag_hdr_sz) &&
1339 pskb_expand_head(skb, frag_hdr_sz, 0, GFP_ATOMIC)) 1339 pskb_expand_head(skb, frag_hdr_sz, 0, GFP_ATOMIC))
1340 goto out; 1340 goto out;
1341 1341
diff --git a/net/ipv6/xfrm6_output.c b/net/ipv6/xfrm6_output.c
index 8e688b3de9ab..49a91c5f5623 100644
--- a/net/ipv6/xfrm6_output.c
+++ b/net/ipv6/xfrm6_output.c
@@ -79,7 +79,7 @@ int xfrm6_prepare_output(struct xfrm_state *x, struct sk_buff *skb)
79} 79}
80EXPORT_SYMBOL(xfrm6_prepare_output); 80EXPORT_SYMBOL(xfrm6_prepare_output);
81 81
82static int xfrm6_output_finish(struct sk_buff *skb) 82int xfrm6_output_finish(struct sk_buff *skb)
83{ 83{
84#ifdef CONFIG_NETFILTER 84#ifdef CONFIG_NETFILTER
85 IP6CB(skb)->flags |= IP6SKB_XFRM_TRANSFORMED; 85 IP6CB(skb)->flags |= IP6SKB_XFRM_TRANSFORMED;
@@ -97,9 +97,9 @@ static int __xfrm6_output(struct sk_buff *skb)
97 if ((x && x->props.mode == XFRM_MODE_TUNNEL) && 97 if ((x && x->props.mode == XFRM_MODE_TUNNEL) &&
98 ((skb->len > ip6_skb_dst_mtu(skb) && !skb_is_gso(skb)) || 98 ((skb->len > ip6_skb_dst_mtu(skb) && !skb_is_gso(skb)) ||
99 dst_allfrag(skb_dst(skb)))) { 99 dst_allfrag(skb_dst(skb)))) {
100 return ip6_fragment(skb, xfrm6_output_finish); 100 return ip6_fragment(skb, x->outer_mode->afinfo->output_finish);
101 } 101 }
102 return xfrm6_output_finish(skb); 102 return x->outer_mode->afinfo->output_finish(skb);
103} 103}
104 104
105int xfrm6_output(struct sk_buff *skb) 105int xfrm6_output(struct sk_buff *skb)
diff --git a/net/ipv6/xfrm6_state.c b/net/ipv6/xfrm6_state.c
index afe941e9415c..248f0b2a7ee9 100644
--- a/net/ipv6/xfrm6_state.c
+++ b/net/ipv6/xfrm6_state.c
@@ -178,6 +178,7 @@ static struct xfrm_state_afinfo xfrm6_state_afinfo = {
178 .tmpl_sort = __xfrm6_tmpl_sort, 178 .tmpl_sort = __xfrm6_tmpl_sort,
179 .state_sort = __xfrm6_state_sort, 179 .state_sort = __xfrm6_state_sort,
180 .output = xfrm6_output, 180 .output = xfrm6_output,
181 .output_finish = xfrm6_output_finish,
181 .extract_input = xfrm6_extract_input, 182 .extract_input = xfrm6_extract_input,
182 .extract_output = xfrm6_extract_output, 183 .extract_output = xfrm6_extract_output,
183 .transport_finish = xfrm6_transport_finish, 184 .transport_finish = xfrm6_transport_finish,
diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c
index 334213571ad0..44049733c4ea 100644
--- a/net/mac80211/cfg.c
+++ b/net/mac80211/cfg.c
@@ -1504,6 +1504,8 @@ int __ieee80211_request_smps(struct ieee80211_sub_if_data *sdata,
1504 enum ieee80211_smps_mode old_req; 1504 enum ieee80211_smps_mode old_req;
1505 int err; 1505 int err;
1506 1506
1507 lockdep_assert_held(&sdata->u.mgd.mtx);
1508
1507 old_req = sdata->u.mgd.req_smps; 1509 old_req = sdata->u.mgd.req_smps;
1508 sdata->u.mgd.req_smps = smps_mode; 1510 sdata->u.mgd.req_smps = smps_mode;
1509 1511
diff --git a/net/mac80211/debugfs_netdev.c b/net/mac80211/debugfs_netdev.c
index dacace6b1393..9ea7c0d0103f 100644
--- a/net/mac80211/debugfs_netdev.c
+++ b/net/mac80211/debugfs_netdev.c
@@ -177,9 +177,9 @@ static int ieee80211_set_smps(struct ieee80211_sub_if_data *sdata,
177 if (sdata->vif.type != NL80211_IFTYPE_STATION) 177 if (sdata->vif.type != NL80211_IFTYPE_STATION)
178 return -EOPNOTSUPP; 178 return -EOPNOTSUPP;
179 179
180 mutex_lock(&local->iflist_mtx); 180 mutex_lock(&sdata->u.mgd.mtx);
181 err = __ieee80211_request_smps(sdata, smps_mode); 181 err = __ieee80211_request_smps(sdata, smps_mode);
182 mutex_unlock(&local->iflist_mtx); 182 mutex_unlock(&sdata->u.mgd.mtx);
183 183
184 return err; 184 return err;
185} 185}
diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c
index ce4596ed1268..bd1224fd216a 100644
--- a/net/mac80211/tx.c
+++ b/net/mac80211/tx.c
@@ -237,6 +237,10 @@ ieee80211_tx_h_dynamic_ps(struct ieee80211_tx_data *tx)
237 &local->dynamic_ps_disable_work); 237 &local->dynamic_ps_disable_work);
238 } 238 }
239 239
240 /* Don't restart the timer if we're not disassociated */
241 if (!ifmgd->associated)
242 return TX_CONTINUE;
243
240 mod_timer(&local->dynamic_ps_timer, jiffies + 244 mod_timer(&local->dynamic_ps_timer, jiffies +
241 msecs_to_jiffies(local->hw.conf.dynamic_ps_timeout)); 245 msecs_to_jiffies(local->hw.conf.dynamic_ps_timeout));
242 246
diff --git a/net/netfilter/ipvs/ip_vs_app.c b/net/netfilter/ipvs/ip_vs_app.c
index 2dc6de13ac18..059af3120be7 100644
--- a/net/netfilter/ipvs/ip_vs_app.c
+++ b/net/netfilter/ipvs/ip_vs_app.c
@@ -572,11 +572,11 @@ static const struct file_operations ip_vs_app_fops = {
572 .open = ip_vs_app_open, 572 .open = ip_vs_app_open,
573 .read = seq_read, 573 .read = seq_read,
574 .llseek = seq_lseek, 574 .llseek = seq_lseek,
575 .release = seq_release, 575 .release = seq_release_net,
576}; 576};
577#endif 577#endif
578 578
579static int __net_init __ip_vs_app_init(struct net *net) 579int __net_init __ip_vs_app_init(struct net *net)
580{ 580{
581 struct netns_ipvs *ipvs = net_ipvs(net); 581 struct netns_ipvs *ipvs = net_ipvs(net);
582 582
@@ -585,26 +585,17 @@ static int __net_init __ip_vs_app_init(struct net *net)
585 return 0; 585 return 0;
586} 586}
587 587
588static void __net_exit __ip_vs_app_cleanup(struct net *net) 588void __net_exit __ip_vs_app_cleanup(struct net *net)
589{ 589{
590 proc_net_remove(net, "ip_vs_app"); 590 proc_net_remove(net, "ip_vs_app");
591} 591}
592 592
593static struct pernet_operations ip_vs_app_ops = {
594 .init = __ip_vs_app_init,
595 .exit = __ip_vs_app_cleanup,
596};
597
598int __init ip_vs_app_init(void) 593int __init ip_vs_app_init(void)
599{ 594{
600 int rv; 595 return 0;
601
602 rv = register_pernet_subsys(&ip_vs_app_ops);
603 return rv;
604} 596}
605 597
606 598
607void ip_vs_app_cleanup(void) 599void ip_vs_app_cleanup(void)
608{ 600{
609 unregister_pernet_subsys(&ip_vs_app_ops);
610} 601}
diff --git a/net/netfilter/ipvs/ip_vs_conn.c b/net/netfilter/ipvs/ip_vs_conn.c
index c97bd45975be..bf28ac2fc99b 100644
--- a/net/netfilter/ipvs/ip_vs_conn.c
+++ b/net/netfilter/ipvs/ip_vs_conn.c
@@ -1046,7 +1046,7 @@ static const struct file_operations ip_vs_conn_fops = {
1046 .open = ip_vs_conn_open, 1046 .open = ip_vs_conn_open,
1047 .read = seq_read, 1047 .read = seq_read,
1048 .llseek = seq_lseek, 1048 .llseek = seq_lseek,
1049 .release = seq_release, 1049 .release = seq_release_net,
1050}; 1050};
1051 1051
1052static const char *ip_vs_origin_name(unsigned flags) 1052static const char *ip_vs_origin_name(unsigned flags)
@@ -1114,7 +1114,7 @@ static const struct file_operations ip_vs_conn_sync_fops = {
1114 .open = ip_vs_conn_sync_open, 1114 .open = ip_vs_conn_sync_open,
1115 .read = seq_read, 1115 .read = seq_read,
1116 .llseek = seq_lseek, 1116 .llseek = seq_lseek,
1117 .release = seq_release, 1117 .release = seq_release_net,
1118}; 1118};
1119 1119
1120#endif 1120#endif
@@ -1258,22 +1258,17 @@ int __net_init __ip_vs_conn_init(struct net *net)
1258 return 0; 1258 return 0;
1259} 1259}
1260 1260
1261static void __net_exit __ip_vs_conn_cleanup(struct net *net) 1261void __net_exit __ip_vs_conn_cleanup(struct net *net)
1262{ 1262{
1263 /* flush all the connection entries first */ 1263 /* flush all the connection entries first */
1264 ip_vs_conn_flush(net); 1264 ip_vs_conn_flush(net);
1265 proc_net_remove(net, "ip_vs_conn"); 1265 proc_net_remove(net, "ip_vs_conn");
1266 proc_net_remove(net, "ip_vs_conn_sync"); 1266 proc_net_remove(net, "ip_vs_conn_sync");
1267} 1267}
1268static struct pernet_operations ipvs_conn_ops = {
1269 .init = __ip_vs_conn_init,
1270 .exit = __ip_vs_conn_cleanup,
1271};
1272 1268
1273int __init ip_vs_conn_init(void) 1269int __init ip_vs_conn_init(void)
1274{ 1270{
1275 int idx; 1271 int idx;
1276 int retc;
1277 1272
1278 /* Compute size and mask */ 1273 /* Compute size and mask */
1279 ip_vs_conn_tab_size = 1 << ip_vs_conn_tab_bits; 1274 ip_vs_conn_tab_size = 1 << ip_vs_conn_tab_bits;
@@ -1309,17 +1304,14 @@ int __init ip_vs_conn_init(void)
1309 rwlock_init(&__ip_vs_conntbl_lock_array[idx].l); 1304 rwlock_init(&__ip_vs_conntbl_lock_array[idx].l);
1310 } 1305 }
1311 1306
1312 retc = register_pernet_subsys(&ipvs_conn_ops);
1313
1314 /* calculate the random value for connection hash */ 1307 /* calculate the random value for connection hash */
1315 get_random_bytes(&ip_vs_conn_rnd, sizeof(ip_vs_conn_rnd)); 1308 get_random_bytes(&ip_vs_conn_rnd, sizeof(ip_vs_conn_rnd));
1316 1309
1317 return retc; 1310 return 0;
1318} 1311}
1319 1312
1320void ip_vs_conn_cleanup(void) 1313void ip_vs_conn_cleanup(void)
1321{ 1314{
1322 unregister_pernet_subsys(&ipvs_conn_ops);
1323 /* Release the empty cache */ 1315 /* Release the empty cache */
1324 kmem_cache_destroy(ip_vs_conn_cachep); 1316 kmem_cache_destroy(ip_vs_conn_cachep);
1325 vfree(ip_vs_conn_tab); 1317 vfree(ip_vs_conn_tab);
diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/ipvs/ip_vs_core.c
index 07accf6b2401..a74dae6c5dbc 100644
--- a/net/netfilter/ipvs/ip_vs_core.c
+++ b/net/netfilter/ipvs/ip_vs_core.c
@@ -1113,6 +1113,9 @@ ip_vs_out(unsigned int hooknum, struct sk_buff *skb, int af)
1113 return NF_ACCEPT; 1113 return NF_ACCEPT;
1114 1114
1115 net = skb_net(skb); 1115 net = skb_net(skb);
1116 if (!net_ipvs(net)->enable)
1117 return NF_ACCEPT;
1118
1116 ip_vs_fill_iphdr(af, skb_network_header(skb), &iph); 1119 ip_vs_fill_iphdr(af, skb_network_header(skb), &iph);
1117#ifdef CONFIG_IP_VS_IPV6 1120#ifdef CONFIG_IP_VS_IPV6
1118 if (af == AF_INET6) { 1121 if (af == AF_INET6) {
@@ -1343,6 +1346,7 @@ ip_vs_in_icmp(struct sk_buff *skb, int *related, unsigned int hooknum)
1343 return NF_ACCEPT; /* The packet looks wrong, ignore */ 1346 return NF_ACCEPT; /* The packet looks wrong, ignore */
1344 1347
1345 net = skb_net(skb); 1348 net = skb_net(skb);
1349
1346 pd = ip_vs_proto_data_get(net, cih->protocol); 1350 pd = ip_vs_proto_data_get(net, cih->protocol);
1347 if (!pd) 1351 if (!pd)
1348 return NF_ACCEPT; 1352 return NF_ACCEPT;
@@ -1529,6 +1533,11 @@ ip_vs_in(unsigned int hooknum, struct sk_buff *skb, int af)
1529 IP_VS_DBG_ADDR(af, &iph.daddr), hooknum); 1533 IP_VS_DBG_ADDR(af, &iph.daddr), hooknum);
1530 return NF_ACCEPT; 1534 return NF_ACCEPT;
1531 } 1535 }
1536 /* ipvs enabled in this netns ? */
1537 net = skb_net(skb);
1538 if (!net_ipvs(net)->enable)
1539 return NF_ACCEPT;
1540
1532 ip_vs_fill_iphdr(af, skb_network_header(skb), &iph); 1541 ip_vs_fill_iphdr(af, skb_network_header(skb), &iph);
1533 1542
1534 /* Bad... Do not break raw sockets */ 1543 /* Bad... Do not break raw sockets */
@@ -1562,7 +1571,6 @@ ip_vs_in(unsigned int hooknum, struct sk_buff *skb, int af)
1562 ip_vs_fill_iphdr(af, skb_network_header(skb), &iph); 1571 ip_vs_fill_iphdr(af, skb_network_header(skb), &iph);
1563 } 1572 }
1564 1573
1565 net = skb_net(skb);
1566 /* Protocol supported? */ 1574 /* Protocol supported? */
1567 pd = ip_vs_proto_data_get(net, iph.protocol); 1575 pd = ip_vs_proto_data_get(net, iph.protocol);
1568 if (unlikely(!pd)) 1576 if (unlikely(!pd))
@@ -1588,7 +1596,6 @@ ip_vs_in(unsigned int hooknum, struct sk_buff *skb, int af)
1588 } 1596 }
1589 1597
1590 IP_VS_DBG_PKT(11, af, pp, skb, 0, "Incoming packet"); 1598 IP_VS_DBG_PKT(11, af, pp, skb, 0, "Incoming packet");
1591 net = skb_net(skb);
1592 ipvs = net_ipvs(net); 1599 ipvs = net_ipvs(net);
1593 /* Check the server status */ 1600 /* Check the server status */
1594 if (cp->dest && !(cp->dest->flags & IP_VS_DEST_F_AVAILABLE)) { 1601 if (cp->dest && !(cp->dest->flags & IP_VS_DEST_F_AVAILABLE)) {
@@ -1743,10 +1750,16 @@ ip_vs_forward_icmp(unsigned int hooknum, struct sk_buff *skb,
1743 int (*okfn)(struct sk_buff *)) 1750 int (*okfn)(struct sk_buff *))
1744{ 1751{
1745 int r; 1752 int r;
1753 struct net *net;
1746 1754
1747 if (ip_hdr(skb)->protocol != IPPROTO_ICMP) 1755 if (ip_hdr(skb)->protocol != IPPROTO_ICMP)
1748 return NF_ACCEPT; 1756 return NF_ACCEPT;
1749 1757
1758 /* ipvs enabled in this netns ? */
1759 net = skb_net(skb);
1760 if (!net_ipvs(net)->enable)
1761 return NF_ACCEPT;
1762
1750 return ip_vs_in_icmp(skb, &r, hooknum); 1763 return ip_vs_in_icmp(skb, &r, hooknum);
1751} 1764}
1752 1765
@@ -1757,10 +1770,16 @@ ip_vs_forward_icmp_v6(unsigned int hooknum, struct sk_buff *skb,
1757 int (*okfn)(struct sk_buff *)) 1770 int (*okfn)(struct sk_buff *))
1758{ 1771{
1759 int r; 1772 int r;
1773 struct net *net;
1760 1774
1761 if (ipv6_hdr(skb)->nexthdr != IPPROTO_ICMPV6) 1775 if (ipv6_hdr(skb)->nexthdr != IPPROTO_ICMPV6)
1762 return NF_ACCEPT; 1776 return NF_ACCEPT;
1763 1777
1778 /* ipvs enabled in this netns ? */
1779 net = skb_net(skb);
1780 if (!net_ipvs(net)->enable)
1781 return NF_ACCEPT;
1782
1764 return ip_vs_in_icmp_v6(skb, &r, hooknum); 1783 return ip_vs_in_icmp_v6(skb, &r, hooknum);
1765} 1784}
1766#endif 1785#endif
@@ -1884,19 +1903,70 @@ static int __net_init __ip_vs_init(struct net *net)
1884 pr_err("%s(): no memory.\n", __func__); 1903 pr_err("%s(): no memory.\n", __func__);
1885 return -ENOMEM; 1904 return -ENOMEM;
1886 } 1905 }
1906 /* Hold the beast until a service is registerd */
1907 ipvs->enable = 0;
1887 ipvs->net = net; 1908 ipvs->net = net;
1888 /* Counters used for creating unique names */ 1909 /* Counters used for creating unique names */
1889 ipvs->gen = atomic_read(&ipvs_netns_cnt); 1910 ipvs->gen = atomic_read(&ipvs_netns_cnt);
1890 atomic_inc(&ipvs_netns_cnt); 1911 atomic_inc(&ipvs_netns_cnt);
1891 net->ipvs = ipvs; 1912 net->ipvs = ipvs;
1913
1914 if (__ip_vs_estimator_init(net) < 0)
1915 goto estimator_fail;
1916
1917 if (__ip_vs_control_init(net) < 0)
1918 goto control_fail;
1919
1920 if (__ip_vs_protocol_init(net) < 0)
1921 goto protocol_fail;
1922
1923 if (__ip_vs_app_init(net) < 0)
1924 goto app_fail;
1925
1926 if (__ip_vs_conn_init(net) < 0)
1927 goto conn_fail;
1928
1929 if (__ip_vs_sync_init(net) < 0)
1930 goto sync_fail;
1931
1892 printk(KERN_INFO "IPVS: Creating netns size=%zu id=%d\n", 1932 printk(KERN_INFO "IPVS: Creating netns size=%zu id=%d\n",
1893 sizeof(struct netns_ipvs), ipvs->gen); 1933 sizeof(struct netns_ipvs), ipvs->gen);
1894 return 0; 1934 return 0;
1935/*
1936 * Error handling
1937 */
1938
1939sync_fail:
1940 __ip_vs_conn_cleanup(net);
1941conn_fail:
1942 __ip_vs_app_cleanup(net);
1943app_fail:
1944 __ip_vs_protocol_cleanup(net);
1945protocol_fail:
1946 __ip_vs_control_cleanup(net);
1947control_fail:
1948 __ip_vs_estimator_cleanup(net);
1949estimator_fail:
1950 return -ENOMEM;
1895} 1951}
1896 1952
1897static void __net_exit __ip_vs_cleanup(struct net *net) 1953static void __net_exit __ip_vs_cleanup(struct net *net)
1898{ 1954{
1899 IP_VS_DBG(10, "ipvs netns %d released\n", net_ipvs(net)->gen); 1955 __ip_vs_service_cleanup(net); /* ip_vs_flush() with locks */
1956 __ip_vs_conn_cleanup(net);
1957 __ip_vs_app_cleanup(net);
1958 __ip_vs_protocol_cleanup(net);
1959 __ip_vs_control_cleanup(net);
1960 __ip_vs_estimator_cleanup(net);
1961 IP_VS_DBG(2, "ipvs netns %d released\n", net_ipvs(net)->gen);
1962}
1963
1964static void __net_exit __ip_vs_dev_cleanup(struct net *net)
1965{
1966 EnterFunction(2);
1967 net_ipvs(net)->enable = 0; /* Disable packet reception */
1968 __ip_vs_sync_cleanup(net);
1969 LeaveFunction(2);
1900} 1970}
1901 1971
1902static struct pernet_operations ipvs_core_ops = { 1972static struct pernet_operations ipvs_core_ops = {
@@ -1906,6 +1976,10 @@ static struct pernet_operations ipvs_core_ops = {
1906 .size = sizeof(struct netns_ipvs), 1976 .size = sizeof(struct netns_ipvs),
1907}; 1977};
1908 1978
1979static struct pernet_operations ipvs_core_dev_ops = {
1980 .exit = __ip_vs_dev_cleanup,
1981};
1982
1909/* 1983/*
1910 * Initialize IP Virtual Server 1984 * Initialize IP Virtual Server
1911 */ 1985 */
@@ -1913,10 +1987,6 @@ static int __init ip_vs_init(void)
1913{ 1987{
1914 int ret; 1988 int ret;
1915 1989
1916 ret = register_pernet_subsys(&ipvs_core_ops); /* Alloc ip_vs struct */
1917 if (ret < 0)
1918 return ret;
1919
1920 ip_vs_estimator_init(); 1990 ip_vs_estimator_init();
1921 ret = ip_vs_control_init(); 1991 ret = ip_vs_control_init();
1922 if (ret < 0) { 1992 if (ret < 0) {
@@ -1944,15 +2014,28 @@ static int __init ip_vs_init(void)
1944 goto cleanup_conn; 2014 goto cleanup_conn;
1945 } 2015 }
1946 2016
2017 ret = register_pernet_subsys(&ipvs_core_ops); /* Alloc ip_vs struct */
2018 if (ret < 0)
2019 goto cleanup_sync;
2020
2021 ret = register_pernet_device(&ipvs_core_dev_ops);
2022 if (ret < 0)
2023 goto cleanup_sub;
2024
1947 ret = nf_register_hooks(ip_vs_ops, ARRAY_SIZE(ip_vs_ops)); 2025 ret = nf_register_hooks(ip_vs_ops, ARRAY_SIZE(ip_vs_ops));
1948 if (ret < 0) { 2026 if (ret < 0) {
1949 pr_err("can't register hooks.\n"); 2027 pr_err("can't register hooks.\n");
1950 goto cleanup_sync; 2028 goto cleanup_dev;
1951 } 2029 }
1952 2030
1953 pr_info("ipvs loaded.\n"); 2031 pr_info("ipvs loaded.\n");
2032
1954 return ret; 2033 return ret;
1955 2034
2035cleanup_dev:
2036 unregister_pernet_device(&ipvs_core_dev_ops);
2037cleanup_sub:
2038 unregister_pernet_subsys(&ipvs_core_ops);
1956cleanup_sync: 2039cleanup_sync:
1957 ip_vs_sync_cleanup(); 2040 ip_vs_sync_cleanup();
1958 cleanup_conn: 2041 cleanup_conn:
@@ -1964,20 +2047,20 @@ cleanup_sync:
1964 ip_vs_control_cleanup(); 2047 ip_vs_control_cleanup();
1965 cleanup_estimator: 2048 cleanup_estimator:
1966 ip_vs_estimator_cleanup(); 2049 ip_vs_estimator_cleanup();
1967 unregister_pernet_subsys(&ipvs_core_ops); /* free ip_vs struct */
1968 return ret; 2050 return ret;
1969} 2051}
1970 2052
1971static void __exit ip_vs_cleanup(void) 2053static void __exit ip_vs_cleanup(void)
1972{ 2054{
1973 nf_unregister_hooks(ip_vs_ops, ARRAY_SIZE(ip_vs_ops)); 2055 nf_unregister_hooks(ip_vs_ops, ARRAY_SIZE(ip_vs_ops));
2056 unregister_pernet_device(&ipvs_core_dev_ops);
2057 unregister_pernet_subsys(&ipvs_core_ops); /* free ip_vs struct */
1974 ip_vs_sync_cleanup(); 2058 ip_vs_sync_cleanup();
1975 ip_vs_conn_cleanup(); 2059 ip_vs_conn_cleanup();
1976 ip_vs_app_cleanup(); 2060 ip_vs_app_cleanup();
1977 ip_vs_protocol_cleanup(); 2061 ip_vs_protocol_cleanup();
1978 ip_vs_control_cleanup(); 2062 ip_vs_control_cleanup();
1979 ip_vs_estimator_cleanup(); 2063 ip_vs_estimator_cleanup();
1980 unregister_pernet_subsys(&ipvs_core_ops); /* free ip_vs struct */
1981 pr_info("ipvs unloaded.\n"); 2064 pr_info("ipvs unloaded.\n");
1982} 2065}
1983 2066
diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c
index ae47090bf45f..37890f228b19 100644
--- a/net/netfilter/ipvs/ip_vs_ctl.c
+++ b/net/netfilter/ipvs/ip_vs_ctl.c
@@ -69,6 +69,11 @@ int ip_vs_get_debug_level(void)
69} 69}
70#endif 70#endif
71 71
72
73/* Protos */
74static void __ip_vs_del_service(struct ip_vs_service *svc);
75
76
72#ifdef CONFIG_IP_VS_IPV6 77#ifdef CONFIG_IP_VS_IPV6
73/* Taken from rt6_fill_node() in net/ipv6/route.c, is there a better way? */ 78/* Taken from rt6_fill_node() in net/ipv6/route.c, is there a better way? */
74static int __ip_vs_addr_is_local_v6(struct net *net, 79static int __ip_vs_addr_is_local_v6(struct net *net,
@@ -1214,6 +1219,8 @@ ip_vs_add_service(struct net *net, struct ip_vs_service_user_kern *u,
1214 write_unlock_bh(&__ip_vs_svc_lock); 1219 write_unlock_bh(&__ip_vs_svc_lock);
1215 1220
1216 *svc_p = svc; 1221 *svc_p = svc;
1222 /* Now there is a service - full throttle */
1223 ipvs->enable = 1;
1217 return 0; 1224 return 0;
1218 1225
1219 1226
@@ -1472,6 +1479,84 @@ static int ip_vs_flush(struct net *net)
1472 return 0; 1479 return 0;
1473} 1480}
1474 1481
1482/*
1483 * Delete service by {netns} in the service table.
1484 * Called by __ip_vs_cleanup()
1485 */
1486void __ip_vs_service_cleanup(struct net *net)
1487{
1488 EnterFunction(2);
1489 /* Check for "full" addressed entries */
1490 mutex_lock(&__ip_vs_mutex);
1491 ip_vs_flush(net);
1492 mutex_unlock(&__ip_vs_mutex);
1493 LeaveFunction(2);
1494}
1495/*
1496 * Release dst hold by dst_cache
1497 */
1498static inline void
1499__ip_vs_dev_reset(struct ip_vs_dest *dest, struct net_device *dev)
1500{
1501 spin_lock_bh(&dest->dst_lock);
1502 if (dest->dst_cache && dest->dst_cache->dev == dev) {
1503 IP_VS_DBG_BUF(3, "Reset dev:%s dest %s:%u ,dest->refcnt=%d\n",
1504 dev->name,
1505 IP_VS_DBG_ADDR(dest->af, &dest->addr),
1506 ntohs(dest->port),
1507 atomic_read(&dest->refcnt));
1508 ip_vs_dst_reset(dest);
1509 }
1510 spin_unlock_bh(&dest->dst_lock);
1511
1512}
1513/*
1514 * Netdev event receiver
1515 * Currently only NETDEV_UNREGISTER is handled, i.e. if we hold a reference to
1516 * a device that is "unregister" it must be released.
1517 */
1518static int ip_vs_dst_event(struct notifier_block *this, unsigned long event,
1519 void *ptr)
1520{
1521 struct net_device *dev = ptr;
1522 struct net *net = dev_net(dev);
1523 struct ip_vs_service *svc;
1524 struct ip_vs_dest *dest;
1525 unsigned int idx;
1526
1527 if (event != NETDEV_UNREGISTER)
1528 return NOTIFY_DONE;
1529 IP_VS_DBG(3, "%s() dev=%s\n", __func__, dev->name);
1530 EnterFunction(2);
1531 mutex_lock(&__ip_vs_mutex);
1532 for (idx = 0; idx < IP_VS_SVC_TAB_SIZE; idx++) {
1533 list_for_each_entry(svc, &ip_vs_svc_table[idx], s_list) {
1534 if (net_eq(svc->net, net)) {
1535 list_for_each_entry(dest, &svc->destinations,
1536 n_list) {
1537 __ip_vs_dev_reset(dest, dev);
1538 }
1539 }
1540 }
1541
1542 list_for_each_entry(svc, &ip_vs_svc_fwm_table[idx], f_list) {
1543 if (net_eq(svc->net, net)) {
1544 list_for_each_entry(dest, &svc->destinations,
1545 n_list) {
1546 __ip_vs_dev_reset(dest, dev);
1547 }
1548 }
1549
1550 }
1551 }
1552
1553 list_for_each_entry(dest, &net_ipvs(net)->dest_trash, n_list) {
1554 __ip_vs_dev_reset(dest, dev);
1555 }
1556 mutex_unlock(&__ip_vs_mutex);
1557 LeaveFunction(2);
1558 return NOTIFY_DONE;
1559}
1475 1560
1476/* 1561/*
1477 * Zero counters in a service or all services 1562 * Zero counters in a service or all services
@@ -1981,7 +2066,7 @@ static const struct file_operations ip_vs_info_fops = {
1981 .open = ip_vs_info_open, 2066 .open = ip_vs_info_open,
1982 .read = seq_read, 2067 .read = seq_read,
1983 .llseek = seq_lseek, 2068 .llseek = seq_lseek,
1984 .release = seq_release_private, 2069 .release = seq_release_net,
1985}; 2070};
1986 2071
1987#endif 2072#endif
@@ -2024,7 +2109,7 @@ static const struct file_operations ip_vs_stats_fops = {
2024 .open = ip_vs_stats_seq_open, 2109 .open = ip_vs_stats_seq_open,
2025 .read = seq_read, 2110 .read = seq_read,
2026 .llseek = seq_lseek, 2111 .llseek = seq_lseek,
2027 .release = single_release, 2112 .release = single_release_net,
2028}; 2113};
2029 2114
2030static int ip_vs_stats_percpu_show(struct seq_file *seq, void *v) 2115static int ip_vs_stats_percpu_show(struct seq_file *seq, void *v)
@@ -2093,7 +2178,7 @@ static const struct file_operations ip_vs_stats_percpu_fops = {
2093 .open = ip_vs_stats_percpu_seq_open, 2178 .open = ip_vs_stats_percpu_seq_open,
2094 .read = seq_read, 2179 .read = seq_read,
2095 .llseek = seq_lseek, 2180 .llseek = seq_lseek,
2096 .release = single_release, 2181 .release = single_release_net,
2097}; 2182};
2098#endif 2183#endif
2099 2184
@@ -3588,6 +3673,10 @@ void __net_init __ip_vs_control_cleanup_sysctl(struct net *net) { }
3588 3673
3589#endif 3674#endif
3590 3675
3676static struct notifier_block ip_vs_dst_notifier = {
3677 .notifier_call = ip_vs_dst_event,
3678};
3679
3591int __net_init __ip_vs_control_init(struct net *net) 3680int __net_init __ip_vs_control_init(struct net *net)
3592{ 3681{
3593 int idx; 3682 int idx;
@@ -3626,7 +3715,7 @@ err:
3626 return -ENOMEM; 3715 return -ENOMEM;
3627} 3716}
3628 3717
3629static void __net_exit __ip_vs_control_cleanup(struct net *net) 3718void __net_exit __ip_vs_control_cleanup(struct net *net)
3630{ 3719{
3631 struct netns_ipvs *ipvs = net_ipvs(net); 3720 struct netns_ipvs *ipvs = net_ipvs(net);
3632 3721
@@ -3639,11 +3728,6 @@ static void __net_exit __ip_vs_control_cleanup(struct net *net)
3639 free_percpu(ipvs->tot_stats.cpustats); 3728 free_percpu(ipvs->tot_stats.cpustats);
3640} 3729}
3641 3730
3642static struct pernet_operations ipvs_control_ops = {
3643 .init = __ip_vs_control_init,
3644 .exit = __ip_vs_control_cleanup,
3645};
3646
3647int __init ip_vs_control_init(void) 3731int __init ip_vs_control_init(void)
3648{ 3732{
3649 int idx; 3733 int idx;
@@ -3657,33 +3741,32 @@ int __init ip_vs_control_init(void)
3657 INIT_LIST_HEAD(&ip_vs_svc_fwm_table[idx]); 3741 INIT_LIST_HEAD(&ip_vs_svc_fwm_table[idx]);
3658 } 3742 }
3659 3743
3660 ret = register_pernet_subsys(&ipvs_control_ops);
3661 if (ret) {
3662 pr_err("cannot register namespace.\n");
3663 goto err;
3664 }
3665
3666 smp_wmb(); /* Do we really need it now ? */ 3744 smp_wmb(); /* Do we really need it now ? */
3667 3745
3668 ret = nf_register_sockopt(&ip_vs_sockopts); 3746 ret = nf_register_sockopt(&ip_vs_sockopts);
3669 if (ret) { 3747 if (ret) {
3670 pr_err("cannot register sockopt.\n"); 3748 pr_err("cannot register sockopt.\n");
3671 goto err_net; 3749 goto err_sock;
3672 } 3750 }
3673 3751
3674 ret = ip_vs_genl_register(); 3752 ret = ip_vs_genl_register();
3675 if (ret) { 3753 if (ret) {
3676 pr_err("cannot register Generic Netlink interface.\n"); 3754 pr_err("cannot register Generic Netlink interface.\n");
3677 nf_unregister_sockopt(&ip_vs_sockopts); 3755 goto err_genl;
3678 goto err_net;
3679 } 3756 }
3680 3757
3758 ret = register_netdevice_notifier(&ip_vs_dst_notifier);
3759 if (ret < 0)
3760 goto err_notf;
3761
3681 LeaveFunction(2); 3762 LeaveFunction(2);
3682 return 0; 3763 return 0;
3683 3764
3684err_net: 3765err_notf:
3685 unregister_pernet_subsys(&ipvs_control_ops); 3766 ip_vs_genl_unregister();
3686err: 3767err_genl:
3768 nf_unregister_sockopt(&ip_vs_sockopts);
3769err_sock:
3687 return ret; 3770 return ret;
3688} 3771}
3689 3772
@@ -3691,7 +3774,6 @@ err:
3691void ip_vs_control_cleanup(void) 3774void ip_vs_control_cleanup(void)
3692{ 3775{
3693 EnterFunction(2); 3776 EnterFunction(2);
3694 unregister_pernet_subsys(&ipvs_control_ops);
3695 ip_vs_genl_unregister(); 3777 ip_vs_genl_unregister();
3696 nf_unregister_sockopt(&ip_vs_sockopts); 3778 nf_unregister_sockopt(&ip_vs_sockopts);
3697 LeaveFunction(2); 3779 LeaveFunction(2);
diff --git a/net/netfilter/ipvs/ip_vs_est.c b/net/netfilter/ipvs/ip_vs_est.c
index 8c8766ca56ad..508cce98777c 100644
--- a/net/netfilter/ipvs/ip_vs_est.c
+++ b/net/netfilter/ipvs/ip_vs_est.c
@@ -192,7 +192,7 @@ void ip_vs_read_estimator(struct ip_vs_stats_user *dst,
192 dst->outbps = (e->outbps + 0xF) >> 5; 192 dst->outbps = (e->outbps + 0xF) >> 5;
193} 193}
194 194
195static int __net_init __ip_vs_estimator_init(struct net *net) 195int __net_init __ip_vs_estimator_init(struct net *net)
196{ 196{
197 struct netns_ipvs *ipvs = net_ipvs(net); 197 struct netns_ipvs *ipvs = net_ipvs(net);
198 198
@@ -203,24 +203,16 @@ static int __net_init __ip_vs_estimator_init(struct net *net)
203 return 0; 203 return 0;
204} 204}
205 205
206static void __net_exit __ip_vs_estimator_exit(struct net *net) 206void __net_exit __ip_vs_estimator_cleanup(struct net *net)
207{ 207{
208 del_timer_sync(&net_ipvs(net)->est_timer); 208 del_timer_sync(&net_ipvs(net)->est_timer);
209} 209}
210static struct pernet_operations ip_vs_app_ops = {
211 .init = __ip_vs_estimator_init,
212 .exit = __ip_vs_estimator_exit,
213};
214 210
215int __init ip_vs_estimator_init(void) 211int __init ip_vs_estimator_init(void)
216{ 212{
217 int rv; 213 return 0;
218
219 rv = register_pernet_subsys(&ip_vs_app_ops);
220 return rv;
221} 214}
222 215
223void ip_vs_estimator_cleanup(void) 216void ip_vs_estimator_cleanup(void)
224{ 217{
225 unregister_pernet_subsys(&ip_vs_app_ops);
226} 218}
diff --git a/net/netfilter/ipvs/ip_vs_proto.c b/net/netfilter/ipvs/ip_vs_proto.c
index 17484a4416ef..eb86028536fc 100644
--- a/net/netfilter/ipvs/ip_vs_proto.c
+++ b/net/netfilter/ipvs/ip_vs_proto.c
@@ -316,7 +316,7 @@ ip_vs_tcpudp_debug_packet(int af, struct ip_vs_protocol *pp,
316/* 316/*
317 * per network name-space init 317 * per network name-space init
318 */ 318 */
319static int __net_init __ip_vs_protocol_init(struct net *net) 319int __net_init __ip_vs_protocol_init(struct net *net)
320{ 320{
321#ifdef CONFIG_IP_VS_PROTO_TCP 321#ifdef CONFIG_IP_VS_PROTO_TCP
322 register_ip_vs_proto_netns(net, &ip_vs_protocol_tcp); 322 register_ip_vs_proto_netns(net, &ip_vs_protocol_tcp);
@@ -336,7 +336,7 @@ static int __net_init __ip_vs_protocol_init(struct net *net)
336 return 0; 336 return 0;
337} 337}
338 338
339static void __net_exit __ip_vs_protocol_cleanup(struct net *net) 339void __net_exit __ip_vs_protocol_cleanup(struct net *net)
340{ 340{
341 struct netns_ipvs *ipvs = net_ipvs(net); 341 struct netns_ipvs *ipvs = net_ipvs(net);
342 struct ip_vs_proto_data *pd; 342 struct ip_vs_proto_data *pd;
@@ -349,11 +349,6 @@ static void __net_exit __ip_vs_protocol_cleanup(struct net *net)
349 } 349 }
350} 350}
351 351
352static struct pernet_operations ipvs_proto_ops = {
353 .init = __ip_vs_protocol_init,
354 .exit = __ip_vs_protocol_cleanup,
355};
356
357int __init ip_vs_protocol_init(void) 352int __init ip_vs_protocol_init(void)
358{ 353{
359 char protocols[64]; 354 char protocols[64];
@@ -382,7 +377,6 @@ int __init ip_vs_protocol_init(void)
382 REGISTER_PROTOCOL(&ip_vs_protocol_esp); 377 REGISTER_PROTOCOL(&ip_vs_protocol_esp);
383#endif 378#endif
384 pr_info("Registered protocols (%s)\n", &protocols[2]); 379 pr_info("Registered protocols (%s)\n", &protocols[2]);
385 return register_pernet_subsys(&ipvs_proto_ops);
386 380
387 return 0; 381 return 0;
388} 382}
@@ -393,7 +387,6 @@ void ip_vs_protocol_cleanup(void)
393 struct ip_vs_protocol *pp; 387 struct ip_vs_protocol *pp;
394 int i; 388 int i;
395 389
396 unregister_pernet_subsys(&ipvs_proto_ops);
397 /* unregister all the ipvs protocols */ 390 /* unregister all the ipvs protocols */
398 for (i = 0; i < IP_VS_PROTO_TAB_SIZE; i++) { 391 for (i = 0; i < IP_VS_PROTO_TAB_SIZE; i++) {
399 while ((pp = ip_vs_proto_table[i]) != NULL) 392 while ((pp = ip_vs_proto_table[i]) != NULL)
diff --git a/net/netfilter/ipvs/ip_vs_sync.c b/net/netfilter/ipvs/ip_vs_sync.c
index 3e7961e85e9c..e292e5bddc70 100644
--- a/net/netfilter/ipvs/ip_vs_sync.c
+++ b/net/netfilter/ipvs/ip_vs_sync.c
@@ -1303,13 +1303,18 @@ static struct socket *make_send_sock(struct net *net)
1303 struct socket *sock; 1303 struct socket *sock;
1304 int result; 1304 int result;
1305 1305
1306 /* First create a socket */ 1306 /* First create a socket move it to right name space later */
1307 result = __sock_create(net, PF_INET, SOCK_DGRAM, IPPROTO_UDP, &sock, 1); 1307 result = sock_create_kern(PF_INET, SOCK_DGRAM, IPPROTO_UDP, &sock);
1308 if (result < 0) { 1308 if (result < 0) {
1309 pr_err("Error during creation of socket; terminating\n"); 1309 pr_err("Error during creation of socket; terminating\n");
1310 return ERR_PTR(result); 1310 return ERR_PTR(result);
1311 } 1311 }
1312 1312 /*
1313 * Kernel sockets that are a part of a namespace, should not
1314 * hold a reference to a namespace in order to allow to stop it.
1315 * After sk_change_net should be released using sk_release_kernel.
1316 */
1317 sk_change_net(sock->sk, net);
1313 result = set_mcast_if(sock->sk, ipvs->master_mcast_ifn); 1318 result = set_mcast_if(sock->sk, ipvs->master_mcast_ifn);
1314 if (result < 0) { 1319 if (result < 0) {
1315 pr_err("Error setting outbound mcast interface\n"); 1320 pr_err("Error setting outbound mcast interface\n");
@@ -1334,8 +1339,8 @@ static struct socket *make_send_sock(struct net *net)
1334 1339
1335 return sock; 1340 return sock;
1336 1341
1337 error: 1342error:
1338 sock_release(sock); 1343 sk_release_kernel(sock->sk);
1339 return ERR_PTR(result); 1344 return ERR_PTR(result);
1340} 1345}
1341 1346
@@ -1350,12 +1355,17 @@ static struct socket *make_receive_sock(struct net *net)
1350 int result; 1355 int result;
1351 1356
1352 /* First create a socket */ 1357 /* First create a socket */
1353 result = __sock_create(net, PF_INET, SOCK_DGRAM, IPPROTO_UDP, &sock, 1); 1358 result = sock_create_kern(PF_INET, SOCK_DGRAM, IPPROTO_UDP, &sock);
1354 if (result < 0) { 1359 if (result < 0) {
1355 pr_err("Error during creation of socket; terminating\n"); 1360 pr_err("Error during creation of socket; terminating\n");
1356 return ERR_PTR(result); 1361 return ERR_PTR(result);
1357 } 1362 }
1358 1363 /*
1364 * Kernel sockets that are a part of a namespace, should not
1365 * hold a reference to a namespace in order to allow to stop it.
1366 * After sk_change_net should be released using sk_release_kernel.
1367 */
1368 sk_change_net(sock->sk, net);
1359 /* it is equivalent to the REUSEADDR option in user-space */ 1369 /* it is equivalent to the REUSEADDR option in user-space */
1360 sock->sk->sk_reuse = 1; 1370 sock->sk->sk_reuse = 1;
1361 1371
@@ -1377,8 +1387,8 @@ static struct socket *make_receive_sock(struct net *net)
1377 1387
1378 return sock; 1388 return sock;
1379 1389
1380 error: 1390error:
1381 sock_release(sock); 1391 sk_release_kernel(sock->sk);
1382 return ERR_PTR(result); 1392 return ERR_PTR(result);
1383} 1393}
1384 1394
@@ -1473,7 +1483,7 @@ static int sync_thread_master(void *data)
1473 ip_vs_sync_buff_release(sb); 1483 ip_vs_sync_buff_release(sb);
1474 1484
1475 /* release the sending multicast socket */ 1485 /* release the sending multicast socket */
1476 sock_release(tinfo->sock); 1486 sk_release_kernel(tinfo->sock->sk);
1477 kfree(tinfo); 1487 kfree(tinfo);
1478 1488
1479 return 0; 1489 return 0;
@@ -1513,7 +1523,7 @@ static int sync_thread_backup(void *data)
1513 } 1523 }
1514 1524
1515 /* release the sending multicast socket */ 1525 /* release the sending multicast socket */
1516 sock_release(tinfo->sock); 1526 sk_release_kernel(tinfo->sock->sk);
1517 kfree(tinfo->buf); 1527 kfree(tinfo->buf);
1518 kfree(tinfo); 1528 kfree(tinfo);
1519 1529
@@ -1601,7 +1611,7 @@ outtinfo:
1601outbuf: 1611outbuf:
1602 kfree(buf); 1612 kfree(buf);
1603outsocket: 1613outsocket:
1604 sock_release(sock); 1614 sk_release_kernel(sock->sk);
1605out: 1615out:
1606 return result; 1616 return result;
1607} 1617}
@@ -1610,6 +1620,7 @@ out:
1610int stop_sync_thread(struct net *net, int state) 1620int stop_sync_thread(struct net *net, int state)
1611{ 1621{
1612 struct netns_ipvs *ipvs = net_ipvs(net); 1622 struct netns_ipvs *ipvs = net_ipvs(net);
1623 int retc = -EINVAL;
1613 1624
1614 IP_VS_DBG(7, "%s(): pid %d\n", __func__, task_pid_nr(current)); 1625 IP_VS_DBG(7, "%s(): pid %d\n", __func__, task_pid_nr(current));
1615 1626
@@ -1629,7 +1640,7 @@ int stop_sync_thread(struct net *net, int state)
1629 spin_lock_bh(&ipvs->sync_lock); 1640 spin_lock_bh(&ipvs->sync_lock);
1630 ipvs->sync_state &= ~IP_VS_STATE_MASTER; 1641 ipvs->sync_state &= ~IP_VS_STATE_MASTER;
1631 spin_unlock_bh(&ipvs->sync_lock); 1642 spin_unlock_bh(&ipvs->sync_lock);
1632 kthread_stop(ipvs->master_thread); 1643 retc = kthread_stop(ipvs->master_thread);
1633 ipvs->master_thread = NULL; 1644 ipvs->master_thread = NULL;
1634 } else if (state == IP_VS_STATE_BACKUP) { 1645 } else if (state == IP_VS_STATE_BACKUP) {
1635 if (!ipvs->backup_thread) 1646 if (!ipvs->backup_thread)
@@ -1639,22 +1650,20 @@ int stop_sync_thread(struct net *net, int state)
1639 task_pid_nr(ipvs->backup_thread)); 1650 task_pid_nr(ipvs->backup_thread));
1640 1651
1641 ipvs->sync_state &= ~IP_VS_STATE_BACKUP; 1652 ipvs->sync_state &= ~IP_VS_STATE_BACKUP;
1642 kthread_stop(ipvs->backup_thread); 1653 retc = kthread_stop(ipvs->backup_thread);
1643 ipvs->backup_thread = NULL; 1654 ipvs->backup_thread = NULL;
1644 } else {
1645 return -EINVAL;
1646 } 1655 }
1647 1656
1648 /* decrease the module use count */ 1657 /* decrease the module use count */
1649 ip_vs_use_count_dec(); 1658 ip_vs_use_count_dec();
1650 1659
1651 return 0; 1660 return retc;
1652} 1661}
1653 1662
1654/* 1663/*
1655 * Initialize data struct for each netns 1664 * Initialize data struct for each netns
1656 */ 1665 */
1657static int __net_init __ip_vs_sync_init(struct net *net) 1666int __net_init __ip_vs_sync_init(struct net *net)
1658{ 1667{
1659 struct netns_ipvs *ipvs = net_ipvs(net); 1668 struct netns_ipvs *ipvs = net_ipvs(net);
1660 1669
@@ -1668,24 +1677,24 @@ static int __net_init __ip_vs_sync_init(struct net *net)
1668 return 0; 1677 return 0;
1669} 1678}
1670 1679
1671static void __ip_vs_sync_cleanup(struct net *net) 1680void __ip_vs_sync_cleanup(struct net *net)
1672{ 1681{
1673 stop_sync_thread(net, IP_VS_STATE_MASTER); 1682 int retc;
1674 stop_sync_thread(net, IP_VS_STATE_BACKUP);
1675}
1676 1683
1677static struct pernet_operations ipvs_sync_ops = { 1684 retc = stop_sync_thread(net, IP_VS_STATE_MASTER);
1678 .init = __ip_vs_sync_init, 1685 if (retc && retc != -ESRCH)
1679 .exit = __ip_vs_sync_cleanup, 1686 pr_err("Failed to stop Master Daemon\n");
1680};
1681 1687
1688 retc = stop_sync_thread(net, IP_VS_STATE_BACKUP);
1689 if (retc && retc != -ESRCH)
1690 pr_err("Failed to stop Backup Daemon\n");
1691}
1682 1692
1683int __init ip_vs_sync_init(void) 1693int __init ip_vs_sync_init(void)
1684{ 1694{
1685 return register_pernet_subsys(&ipvs_sync_ops); 1695 return 0;
1686} 1696}
1687 1697
1688void ip_vs_sync_cleanup(void) 1698void ip_vs_sync_cleanup(void)
1689{ 1699{
1690 unregister_pernet_subsys(&ipvs_sync_ops);
1691} 1700}
diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c
index 30bf8a167fc8..482e90c61850 100644
--- a/net/netfilter/nf_conntrack_netlink.c
+++ b/net/netfilter/nf_conntrack_netlink.c
@@ -1334,6 +1334,7 @@ ctnetlink_create_conntrack(struct net *net, u16 zone,
1334 struct nf_conn *ct; 1334 struct nf_conn *ct;
1335 int err = -EINVAL; 1335 int err = -EINVAL;
1336 struct nf_conntrack_helper *helper; 1336 struct nf_conntrack_helper *helper;
1337 struct nf_conn_tstamp *tstamp;
1337 1338
1338 ct = nf_conntrack_alloc(net, zone, otuple, rtuple, GFP_ATOMIC); 1339 ct = nf_conntrack_alloc(net, zone, otuple, rtuple, GFP_ATOMIC);
1339 if (IS_ERR(ct)) 1340 if (IS_ERR(ct))
@@ -1451,6 +1452,9 @@ ctnetlink_create_conntrack(struct net *net, u16 zone,
1451 __set_bit(IPS_EXPECTED_BIT, &ct->status); 1452 __set_bit(IPS_EXPECTED_BIT, &ct->status);
1452 ct->master = master_ct; 1453 ct->master = master_ct;
1453 } 1454 }
1455 tstamp = nf_conn_tstamp_find(ct);
1456 if (tstamp)
1457 tstamp->start = ktime_to_ns(ktime_get_real());
1454 1458
1455 add_timer(&ct->timeout); 1459 add_timer(&ct->timeout);
1456 nf_conntrack_hash_insert(ct); 1460 nf_conntrack_hash_insert(ct);
diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c
index a9adf4c6b299..8a025a585d2f 100644
--- a/net/netfilter/x_tables.c
+++ b/net/netfilter/x_tables.c
@@ -455,6 +455,7 @@ void xt_compat_flush_offsets(u_int8_t af)
455 vfree(xt[af].compat_tab); 455 vfree(xt[af].compat_tab);
456 xt[af].compat_tab = NULL; 456 xt[af].compat_tab = NULL;
457 xt[af].number = 0; 457 xt[af].number = 0;
458 xt[af].cur = 0;
458 } 459 }
459} 460}
460EXPORT_SYMBOL_GPL(xt_compat_flush_offsets); 461EXPORT_SYMBOL_GPL(xt_compat_flush_offsets);
@@ -473,8 +474,7 @@ int xt_compat_calc_jump(u_int8_t af, unsigned int offset)
473 else 474 else
474 return mid ? tmp[mid - 1].delta : 0; 475 return mid ? tmp[mid - 1].delta : 0;
475 } 476 }
476 WARN_ON_ONCE(1); 477 return left ? tmp[left - 1].delta : 0;
477 return 0;
478} 478}
479EXPORT_SYMBOL_GPL(xt_compat_calc_jump); 479EXPORT_SYMBOL_GPL(xt_compat_calc_jump);
480 480
diff --git a/net/netfilter/xt_DSCP.c b/net/netfilter/xt_DSCP.c
index 0a229191e55b..ae8271652efa 100644
--- a/net/netfilter/xt_DSCP.c
+++ b/net/netfilter/xt_DSCP.c
@@ -99,7 +99,7 @@ tos_tg6(struct sk_buff *skb, const struct xt_action_param *par)
99 u_int8_t orig, nv; 99 u_int8_t orig, nv;
100 100
101 orig = ipv6_get_dsfield(iph); 101 orig = ipv6_get_dsfield(iph);
102 nv = (orig & info->tos_mask) ^ info->tos_value; 102 nv = (orig & ~info->tos_mask) ^ info->tos_value;
103 103
104 if (orig != nv) { 104 if (orig != nv) {
105 if (!skb_make_writable(skb, sizeof(struct iphdr))) 105 if (!skb_make_writable(skb, sizeof(struct iphdr)))
diff --git a/net/netfilter/xt_conntrack.c b/net/netfilter/xt_conntrack.c
index 481a86fdc409..61805d7b38aa 100644
--- a/net/netfilter/xt_conntrack.c
+++ b/net/netfilter/xt_conntrack.c
@@ -272,11 +272,6 @@ static int conntrack_mt_check(const struct xt_mtchk_param *par)
272{ 272{
273 int ret; 273 int ret;
274 274
275 if (strcmp(par->table, "raw") == 0) {
276 pr_info("state is undetermined at the time of raw table\n");
277 return -EINVAL;
278 }
279
280 ret = nf_ct_l3proto_try_module_get(par->family); 275 ret = nf_ct_l3proto_try_module_get(par->family);
281 if (ret < 0) 276 if (ret < 0)
282 pr_info("cannot load conntrack support for proto=%u\n", 277 pr_info("cannot load conntrack support for proto=%u\n",
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
index 3a43a8304768..b1d75beb7e20 100644
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -524,6 +524,8 @@ static int unix_dgram_connect(struct socket *, struct sockaddr *,
524 int, int); 524 int, int);
525static int unix_seqpacket_sendmsg(struct kiocb *, struct socket *, 525static int unix_seqpacket_sendmsg(struct kiocb *, struct socket *,
526 struct msghdr *, size_t); 526 struct msghdr *, size_t);
527static int unix_seqpacket_recvmsg(struct kiocb *, struct socket *,
528 struct msghdr *, size_t, int);
527 529
528static const struct proto_ops unix_stream_ops = { 530static const struct proto_ops unix_stream_ops = {
529 .family = PF_UNIX, 531 .family = PF_UNIX,
@@ -583,7 +585,7 @@ static const struct proto_ops unix_seqpacket_ops = {
583 .setsockopt = sock_no_setsockopt, 585 .setsockopt = sock_no_setsockopt,
584 .getsockopt = sock_no_getsockopt, 586 .getsockopt = sock_no_getsockopt,
585 .sendmsg = unix_seqpacket_sendmsg, 587 .sendmsg = unix_seqpacket_sendmsg,
586 .recvmsg = unix_dgram_recvmsg, 588 .recvmsg = unix_seqpacket_recvmsg,
587 .mmap = sock_no_mmap, 589 .mmap = sock_no_mmap,
588 .sendpage = sock_no_sendpage, 590 .sendpage = sock_no_sendpage,
589}; 591};
@@ -1699,6 +1701,18 @@ static int unix_seqpacket_sendmsg(struct kiocb *kiocb, struct socket *sock,
1699 return unix_dgram_sendmsg(kiocb, sock, msg, len); 1701 return unix_dgram_sendmsg(kiocb, sock, msg, len);
1700} 1702}
1701 1703
1704static int unix_seqpacket_recvmsg(struct kiocb *iocb, struct socket *sock,
1705 struct msghdr *msg, size_t size,
1706 int flags)
1707{
1708 struct sock *sk = sock->sk;
1709
1710 if (sk->sk_state != TCP_ESTABLISHED)
1711 return -ENOTCONN;
1712
1713 return unix_dgram_recvmsg(iocb, sock, msg, size, flags);
1714}
1715
1702static void unix_copy_addr(struct msghdr *msg, struct sock *sk) 1716static void unix_copy_addr(struct msghdr *msg, struct sock *sk)
1703{ 1717{
1704 struct unix_sock *u = unix_sk(sk); 1718 struct unix_sock *u = unix_sk(sk);
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index 15792d8b6272..b4d745ea8ee1 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -1406,6 +1406,7 @@ static struct dst_entry *xfrm_bundle_create(struct xfrm_policy *policy,
1406 struct net *net = xp_net(policy); 1406 struct net *net = xp_net(policy);
1407 unsigned long now = jiffies; 1407 unsigned long now = jiffies;
1408 struct net_device *dev; 1408 struct net_device *dev;
1409 struct xfrm_mode *inner_mode;
1409 struct dst_entry *dst_prev = NULL; 1410 struct dst_entry *dst_prev = NULL;
1410 struct dst_entry *dst0 = NULL; 1411 struct dst_entry *dst0 = NULL;
1411 int i = 0; 1412 int i = 0;
@@ -1436,6 +1437,17 @@ static struct dst_entry *xfrm_bundle_create(struct xfrm_policy *policy,
1436 goto put_states; 1437 goto put_states;
1437 } 1438 }
1438 1439
1440 if (xfrm[i]->sel.family == AF_UNSPEC) {
1441 inner_mode = xfrm_ip2inner_mode(xfrm[i],
1442 xfrm_af2proto(family));
1443 if (!inner_mode) {
1444 err = -EAFNOSUPPORT;
1445 dst_release(dst);
1446 goto put_states;
1447 }
1448 } else
1449 inner_mode = xfrm[i]->inner_mode;
1450
1439 if (!dst_prev) 1451 if (!dst_prev)
1440 dst0 = dst1; 1452 dst0 = dst1;
1441 else { 1453 else {
@@ -1464,7 +1476,7 @@ static struct dst_entry *xfrm_bundle_create(struct xfrm_policy *policy,
1464 dst1->lastuse = now; 1476 dst1->lastuse = now;
1465 1477
1466 dst1->input = dst_discard; 1478 dst1->input = dst_discard;
1467 dst1->output = xfrm[i]->outer_mode->afinfo->output; 1479 dst1->output = inner_mode->afinfo->output;
1468 1480
1469 dst1->next = dst_prev; 1481 dst1->next = dst_prev;
1470 dst_prev = dst1; 1482 dst_prev = dst1;
diff --git a/net/xfrm/xfrm_replay.c b/net/xfrm/xfrm_replay.c
index f218385950ca..47f1b8638df9 100644
--- a/net/xfrm/xfrm_replay.c
+++ b/net/xfrm/xfrm_replay.c
@@ -532,9 +532,12 @@ int xfrm_init_replay(struct xfrm_state *x)
532 532
533 if (replay_esn) { 533 if (replay_esn) {
534 if (replay_esn->replay_window > 534 if (replay_esn->replay_window >
535 replay_esn->bmp_len * sizeof(__u32)) 535 replay_esn->bmp_len * sizeof(__u32) * 8)
536 return -EINVAL; 536 return -EINVAL;
537 537
538 if ((x->props.flags & XFRM_STATE_ESN) && replay_esn->replay_window == 0)
539 return -EINVAL;
540
538 if ((x->props.flags & XFRM_STATE_ESN) && x->replay_esn) 541 if ((x->props.flags & XFRM_STATE_ESN) && x->replay_esn)
539 x->repl = &xfrm_replay_esn; 542 x->repl = &xfrm_replay_esn;
540 else 543 else
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index 5d1d60d3ca83..c658cb3bc7c3 100644
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -124,6 +124,9 @@ static inline int verify_replay(struct xfrm_usersa_info *p,
124{ 124{
125 struct nlattr *rt = attrs[XFRMA_REPLAY_ESN_VAL]; 125 struct nlattr *rt = attrs[XFRMA_REPLAY_ESN_VAL];
126 126
127 if ((p->flags & XFRM_STATE_ESN) && !rt)
128 return -EINVAL;
129
127 if (!rt) 130 if (!rt)
128 return 0; 131 return 0;
129 132
generated by cgit v1.2.2 (git 2.25.0) at 2025-06-03 03:06:02 -0400