18 files changed, 73 insertions, 31 deletions

diff --git a/net/bluetooth/bnep/core.c b/net/bluetooth/bnep/core.c
index 1c8f4a0c5f43..1f78c3e336d8 100644
--- a/net/bluetooth/bnep/core.c
+++ b/net/bluetooth/bnep/core.c
@@ -36,6 +36,7 @@
 #include <linux/signal.h>
 #include <linux/init.h>
 #include <linux/wait.h>
+#include <linux/freezer.h>
 #include <linux/errno.h>
 #include <linux/net.h>
 #include <net/sock.h>
@@ -474,7 +475,6 @@ static int bnep_session(void *arg)
 
         daemonize("kbnepd %s", dev->name);
         set_user_nice(current, -15);
-        current->flags |= PF_NOFREEZE;
 
         init_waitqueue_entry(&wait, current);
         add_wait_queue(sk->sk_sleep, &wait);
diff --git a/net/bluetooth/cmtp/core.c b/net/bluetooth/cmtp/core.c
index 66bef1ccee2a..ca60a4517fd3 100644
--- a/net/bluetooth/cmtp/core.c
+++ b/net/bluetooth/cmtp/core.c
@@ -29,6 +29,7 @@
 #include <linux/slab.h>
 #include <linux/poll.h>
 #include <linux/fcntl.h>
+#include <linux/freezer.h>
 #include <linux/skbuff.h>
 #include <linux/socket.h>
 #include <linux/ioctl.h>
@@ -287,7 +288,6 @@ static int cmtp_session(void *arg)
 
         daemonize("kcmtpd_ctr_%d", session->num);
         set_user_nice(current, -15);
-        current->flags |= PF_NOFREEZE;
 
         init_waitqueue_entry(&wait, current);
         add_wait_queue(sk->sk_sleep, &wait);
diff --git a/net/bluetooth/hidp/core.c b/net/bluetooth/hidp/core.c
index 450eb0244bbf..64d89ca28847 100644
--- a/net/bluetooth/hidp/core.c
+++ b/net/bluetooth/hidp/core.c
@@ -28,6 +28,7 @@
 #include <linux/sched.h>
 #include <linux/slab.h>
 #include <linux/poll.h>
+#include <linux/freezer.h>
 #include <linux/fcntl.h>
 #include <linux/skbuff.h>
 #include <linux/socket.h>
@@ -547,7 +548,6 @@ static int hidp_session(void *arg)
 
         daemonize("khidpd_%04x%04x", vendor, product);
         set_user_nice(current, -15);
-        current->flags |= PF_NOFREEZE;
 
         init_waitqueue_entry(&ctrl_wait, current);
         init_waitqueue_entry(&intr_wait, current);
diff --git a/net/bluetooth/rfcomm/core.c b/net/bluetooth/rfcomm/core.c
index 52e04df323ea..bb7220770f2c 100644
--- a/net/bluetooth/rfcomm/core.c
+++ b/net/bluetooth/rfcomm/core.c
@@ -33,6 +33,7 @@
 #include <linux/sched.h>
 #include <linux/signal.h>
 #include <linux/init.h>
+#include <linux/freezer.h>
 #include <linux/wait.h>
 #include <linux/device.h>
 #include <linux/net.h>
@@ -1940,7 +1941,6 @@ static int rfcomm_run(void *unused)
 
         daemonize("krfcommd");
         set_user_nice(current, -10);
-        current->flags |= PF_NOFREEZE;
 
         BT_DBG("");
 
diff --git a/net/compat.c b/net/compat.c
index 9a0f5f2b90c8..d74d82155d78 100644
--- a/net/compat.c
+++ b/net/compat.c
@@ -276,7 +276,8 @@ void scm_detach_fds_compat(struct msghdr *kmsg, struct scm_cookie *scm)
                 err = security_file_receive(fp[i]);
                 if (err)
                         break;
-                err = get_unused_fd();
+                err = get_unused_fd_flags(MSG_CMSG_CLOEXEC & kmsg->msg_flags
+                                          ? O_CLOEXEC : 0);
                 if (err < 0)
                         break;
                 new_fd = err;
diff --git a/net/core/netpoll.c b/net/core/netpoll.c
index d1264e9a50a8..de1b26aa5720 100644
--- a/net/core/netpoll.c
+++ b/net/core/netpoll.c
@@ -124,13 +124,6 @@ static void poll_napi(struct netpoll *np)
         if (test_bit(__LINK_STATE_RX_SCHED, &np->dev->state) &&
             npinfo->poll_owner != smp_processor_id() &&
             spin_trylock(&npinfo->poll_lock)) {
-                /* When calling dev->poll from poll_napi, we may end up in
-                 * netif_rx_complete. However, only the CPU to which the
-                 * device was queued is allowed to remove it from poll_list.
-                 * Setting POLL_LIST_FROZEN tells netif_rx_complete
-                 * to leave the NAPI state alone.
-                 */
-                set_bit(__LINK_STATE_POLL_LIST_FROZEN, &np->dev->state);
                 npinfo->rx_flags |= NETPOLL_RX_DROP;
                 atomic_inc(&trapped);
 
@@ -138,7 +131,6 @@ static void poll_napi(struct netpoll *np)
 
                 atomic_dec(&trapped);
                 npinfo->rx_flags &= ~NETPOLL_RX_DROP;
-                clear_bit(__LINK_STATE_POLL_LIST_FROZEN, &np->dev->state);
                 spin_unlock(&npinfo->poll_lock);
         }
 }
diff --git a/net/core/pktgen.c b/net/core/pktgen.c
index 75215331b045..bca787fdbc51 100644
--- a/net/core/pktgen.c
+++ b/net/core/pktgen.c
@@ -3465,6 +3465,8 @@ static int pktgen_thread_worker(void *arg)
 
         set_current_state(TASK_INTERRUPTIBLE);
 
+        set_freezable();
+
         while (!kthread_should_stop()) {
                 pkt_dev = next_to_run(t);
 
diff --git a/net/core/scm.c b/net/core/scm.c
index 292ad8d5ad76..44c4ec2c8769 100644
--- a/net/core/scm.c
+++ b/net/core/scm.c
@@ -228,7 +228,8 @@ void scm_detach_fds(struct msghdr *msg, struct scm_cookie *scm)
                 err = security_file_receive(fp[i]);
                 if (err)
                         break;
-                err = get_unused_fd();
+                err = get_unused_fd_flags(MSG_CMSG_CLOEXEC & msg->msg_flags
+                                          ? O_CLOEXEC : 0);
                 if (err < 0)
                         break;
                 new_fd = err;
diff --git a/net/ieee80211/softmac/ieee80211softmac_assoc.c b/net/ieee80211/softmac/ieee80211softmac_assoc.c
index cc8110bdd579..afb6c6698b27 100644
--- a/net/ieee80211/softmac/ieee80211softmac_assoc.c
+++ b/net/ieee80211/softmac/ieee80211softmac_assoc.c
@@ -271,8 +271,11 @@ ieee80211softmac_assoc_work(struct work_struct *work)
                          */
                         dprintk(KERN_INFO PFX "Associate: Scanning for networks first.\n");
                         ieee80211softmac_notify(mac->dev, IEEE80211SOFTMAC_EVENT_SCAN_FINISHED, ieee80211softmac_assoc_notify_scan, NULL);
-                        if (ieee80211softmac_start_scan(mac))
+                        if (ieee80211softmac_start_scan(mac)) {
                                 dprintk(KERN_INFO PFX "Associate: failed to initiate scan. Is device up?\n");
+                                mac->associnfo.associating = 0;
+                                mac->associnfo.associated = 0;
+                        }
                         goto out;
                 } else {
                         mac->associnfo.associating = 0;
diff --git a/net/netlabel/netlabel_user.c b/net/netlabel/netlabel_user.c
index 42f12bd65964..89dcc485653b 100644
--- a/net/netlabel/netlabel_user.c
+++ b/net/netlabel/netlabel_user.c
@@ -46,10 +46,6 @@
 #include "netlabel_cipso_v4.h"
 #include "netlabel_user.h"
 
-/* do not do any auditing if audit_enabled == 0, see kernel/audit.c for
- * details */
-extern int audit_enabled;
-
 /*
  * NetLabel NETLINK Setup Functions
  */
diff --git a/net/socket.c b/net/socket.c
index f4530196a70a..b71114250046 100644
--- a/net/socket.c
+++ b/net/socket.c
@@ -1939,9 +1939,7 @@ asmlinkage long sys_recvmsg(int fd, struct msghdr __user *msg,
         total_len = err;
 
         cmsg_ptr = (unsigned long)msg_sys.msg_control;
-        msg_sys.msg_flags = 0;
-        if (MSG_CMSG_COMPAT & flags)
-                msg_sys.msg_flags = MSG_CMSG_COMPAT;
+        msg_sys.msg_flags = flags & (MSG_CMSG_CLOEXEC|MSG_CMSG_COMPAT);
 
         if (sock->file->f_flags & O_NONBLOCK)
                 flags |= MSG_DONTWAIT;
diff --git a/net/sunrpc/auth.c b/net/sunrpc/auth.c
index aa55d0a03e6f..29a8ecc60928 100644
--- a/net/sunrpc/auth.c
+++ b/net/sunrpc/auth.c
@@ -543,17 +543,18 @@ rpcauth_uptodatecred(struct rpc_task *task)
                 test_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags) != 0;
 }
 
-
-static struct shrinker *rpc_cred_shrinker;
+static struct shrinker rpc_cred_shrinker = {
+        .shrink = rpcauth_cache_shrinker,
+        .seeks = DEFAULT_SEEKS,
+};
 
 void __init rpcauth_init_module(void)
 {
         rpc_init_authunix();
-        rpc_cred_shrinker = set_shrinker(DEFAULT_SEEKS, rpcauth_cache_shrinker);
+        register_shrinker(&rpc_cred_shrinker);
 }
 
 void __exit rpcauth_remove_module(void)
 {
-        if (rpc_cred_shrinker != NULL)
-                remove_shrinker(rpc_cred_shrinker);
+        unregister_shrinker(&rpc_cred_shrinker);
 }
diff --git a/net/sunrpc/auth_gss/auth_gss.c b/net/sunrpc/auth_gss/auth_gss.c
index baf4096d52d4..abfda33bac64 100644
--- a/net/sunrpc/auth_gss/auth_gss.c
+++ b/net/sunrpc/auth_gss/auth_gss.c
@@ -43,6 +43,7 @@
 #include <linux/types.h>
 #include <linux/slab.h>
 #include <linux/sched.h>
+#include <linux/smp_lock.h>
 #include <linux/pagemap.h>
 #include <linux/sunrpc/clnt.h>
 #include <linux/sunrpc/auth.h>
diff --git a/net/sunrpc/auth_gss/gss_krb5_mech.c b/net/sunrpc/auth_gss/gss_krb5_mech.c
index 71b9daefdff3..9843eacef11d 100644
--- a/net/sunrpc/auth_gss/gss_krb5_mech.c
+++ b/net/sunrpc/auth_gss/gss_krb5_mech.c
@@ -231,6 +231,7 @@ static struct pf_desc gss_kerberos_pfs[] = {
 static struct gss_api_mech gss_kerberos_mech = {
         .gm_name        = "krb5",
         .gm_owner       = THIS_MODULE,
+        .gm_oid         = {9, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x02"},
         .gm_ops         = &gss_kerberos_ops,
         .gm_pf_num      = ARRAY_SIZE(gss_kerberos_pfs),
         .gm_pfs         = gss_kerberos_pfs,
diff --git a/net/sunrpc/auth_gss/gss_mech_switch.c b/net/sunrpc/auth_gss/gss_mech_switch.c
index 26872517ccf3..61801a069ff0 100644
--- a/net/sunrpc/auth_gss/gss_mech_switch.c
+++ b/net/sunrpc/auth_gss/gss_mech_switch.c
@@ -194,6 +194,20 @@ gss_mech_get_by_pseudoflavor(u32 pseudoflavor)
 EXPORT_SYMBOL(gss_mech_get_by_pseudoflavor);
 
 u32
+gss_svc_to_pseudoflavor(struct gss_api_mech *gm, u32 service)
+{
+        int i;
+
+        for (i = 0; i < gm->gm_pf_num; i++) {
+                if (gm->gm_pfs[i].service == service) {
+                        return gm->gm_pfs[i].pseudoflavor;
+                }
+        }
+        return RPC_AUTH_MAXFLAVOR; /* illegal value */
+}
+EXPORT_SYMBOL(gss_svc_to_pseudoflavor);
+
+u32
 gss_pseudoflavor_to_service(struct gss_api_mech *gm, u32 pseudoflavor)
 {
         int i;
diff --git a/net/sunrpc/auth_gss/gss_spkm3_mech.c b/net/sunrpc/auth_gss/gss_spkm3_mech.c
index 577d590e755f..5deb4b6e4514 100644
--- a/net/sunrpc/auth_gss/gss_spkm3_mech.c
+++ b/net/sunrpc/auth_gss/gss_spkm3_mech.c
@@ -217,6 +217,7 @@ static struct pf_desc gss_spkm3_pfs[] = {
 static struct gss_api_mech gss_spkm3_mech = {
         .gm_name        = "spkm3",
         .gm_owner       = THIS_MODULE,
+        .gm_oid         = {7, "\053\006\001\005\005\001\003"},
         .gm_ops         = &gss_spkm3_ops,
         .gm_pf_num      = ARRAY_SIZE(gss_spkm3_pfs),
         .gm_pfs         = gss_spkm3_pfs,
diff --git a/net/sunrpc/auth_gss/svcauth_gss.c b/net/sunrpc/auth_gss/svcauth_gss.c
index c094583386fd..490697542fc2 100644
--- a/net/sunrpc/auth_gss/svcauth_gss.c
+++ b/net/sunrpc/auth_gss/svcauth_gss.c
@@ -743,6 +743,15 @@ find_gss_auth_domain(struct gss_ctx *ctx, u32 svc)
 
 static struct auth_ops svcauthops_gss;
 
+u32 svcauth_gss_flavor(struct auth_domain *dom)
+{
+        struct gss_domain *gd = container_of(dom, struct gss_domain, h);
+
+        return gd->pseudoflavor;
+}
+
+EXPORT_SYMBOL(svcauth_gss_flavor);
+
 int
 svcauth_gss_register_pseudoflavor(u32 pseudoflavor, char * name)
 {
@@ -913,10 +922,23 @@ svcauth_gss_set_client(struct svc_rqst *rqstp)
         struct gss_svc_data *svcdata = rqstp->rq_auth_data;
         struct rsc *rsci = svcdata->rsci;
         struct rpc_gss_wire_cred *gc = &svcdata->clcred;
+        int stat;
 
-        rqstp->rq_client = find_gss_auth_domain(rsci->mechctx, gc->gc_svc);
-        if (rqstp->rq_client == NULL)
+        /*
+         * A gss export can be specified either by:
+         *      export  *(sec=krb5,rw)
+         * or by
+         *      export gss/krb5(rw)
+         * The latter is deprecated; but for backwards compatibility reasons
+         * the nfsd code will still fall back on trying it if the former
+         * doesn't work; so we try to make both available to nfsd, below.
+         */
+        rqstp->rq_gssclient = find_gss_auth_domain(rsci->mechctx, gc->gc_svc);
+        if (rqstp->rq_gssclient == NULL)
                 return SVC_DENIED;
+        stat = svcauth_unix_set_client(rqstp);
+        if (stat == SVC_DROP)
+                return stat;
         return SVC_OK;
 }
 
@@ -1088,7 +1110,6 @@ svcauth_gss_accept(struct svc_rqst *rqstp, __be32 *authp)
                         svc_putnl(resv, GSS_SEQ_WIN);
                         if (svc_safe_putnetobj(resv, &rsip->out_token))
                                 goto drop;
-                        rqstp->rq_client = NULL;
                 }
                 goto complete;
         case RPC_GSS_PROC_DESTROY:
@@ -1131,6 +1152,8 @@ svcauth_gss_accept(struct svc_rqst *rqstp, __be32 *authp)
                 }
                 svcdata->rsci = rsci;
                 cache_get(&rsci->h);
+                rqstp->rq_flavor = gss_svc_to_pseudoflavor(
+                                        rsci->mechctx->mech_type, gc->gc_svc);
                 ret = SVC_OK;
                 goto out;
         }
@@ -1317,6 +1340,9 @@ out_err:
         if (rqstp->rq_client)
                 auth_domain_put(rqstp->rq_client);
         rqstp->rq_client = NULL;
+        if (rqstp->rq_gssclient)
+                auth_domain_put(rqstp->rq_gssclient);
+        rqstp->rq_gssclient = NULL;
         if (rqstp->rq_cred.cr_group_info)
                 put_group_info(rqstp->rq_cred.cr_group_info);
         rqstp->rq_cred.cr_group_info = NULL;
diff --git a/net/sunrpc/svcauth_unix.c b/net/sunrpc/svcauth_unix.c
index 07dcd20cbee4..411479411b21 100644
--- a/net/sunrpc/svcauth_unix.c
+++ b/net/sunrpc/svcauth_unix.c
@@ -5,6 +5,7 @@
 #include <linux/sunrpc/xdr.h>
 #include <linux/sunrpc/svcsock.h>
 #include <linux/sunrpc/svcauth.h>
+#include <linux/sunrpc/gss_api.h>
 #include <linux/err.h>
 #include <linux/seq_file.h>
 #include <linux/hash.h>
@@ -637,7 +638,7 @@ static int unix_gid_find(uid_t uid, struct group_info **gip,
         }
 }
 
-static int
+int
 svcauth_unix_set_client(struct svc_rqst *rqstp)
 {
         struct sockaddr_in *sin = svc_addr_in(rqstp);
@@ -672,6 +673,8 @@ svcauth_unix_set_client(struct svc_rqst *rqstp)
         return SVC_OK;
 }
 
+EXPORT_SYMBOL(svcauth_unix_set_client);
+
 static int
 svcauth_null_accept(struct svc_rqst *rqstp, __be32 *authp)
 {
@@ -707,6 +710,7 @@ svcauth_null_accept(struct svc_rqst *rqstp, __be32 *authp)
         svc_putnl(resv, RPC_AUTH_NULL);
         svc_putnl(resv, 0);
 
+        rqstp->rq_flavor = RPC_AUTH_NULL;
         return SVC_OK;
 }
 
@@ -784,6 +788,7 @@ svcauth_unix_accept(struct svc_rqst *rqstp, __be32 *authp)
         svc_putnl(resv, RPC_AUTH_NULL);
         svc_putnl(resv, 0);
 
+        rqstp->rq_flavor = RPC_AUTH_UNIX;
         return SVC_OK;
 
 badcred: