diff options
Diffstat (limited to 'net')
-rw-r--r-- | net/can/af_can.c | 45 | ||||
-rw-r--r-- | net/can/raw.c | 24 | ||||
-rw-r--r-- | net/core/flow.c | 6 | ||||
-rw-r--r-- | net/decnet/dn_route.c | 2 | ||||
-rw-r--r-- | net/ipv4/netfilter/nf_nat_core.c | 6 | ||||
-rw-r--r-- | net/ipv4/route.c | 2 | ||||
-rw-r--r-- | net/iucv/af_iucv.c | 27 | ||||
-rw-r--r-- | net/iucv/iucv.c | 4 | ||||
-rw-r--r-- | net/netfilter/nf_conntrack_extend.c | 3 | ||||
-rw-r--r-- | net/netfilter/nf_conntrack_proto_tcp.c | 32 | ||||
-rw-r--r-- | net/netfilter/xt_iprange.c | 3 | ||||
-rw-r--r-- | net/sched/em_meta.c | 10 | ||||
-rw-r--r-- | net/tipc/addr.h | 5 | ||||
-rw-r--r-- | net/tipc/bcast.h | 13 | ||||
-rw-r--r-- | net/tipc/msg.h | 5 | ||||
-rw-r--r-- | net/tipc/socket.c | 14 | ||||
-rw-r--r-- | net/xfrm/xfrm_algo.c | 17 |
17 files changed, 119 insertions, 99 deletions
diff --git a/net/can/af_can.c b/net/can/af_can.c index 5158e886630f..36b9f22ed83a 100644 --- a/net/can/af_can.c +++ b/net/can/af_can.c | |||
@@ -118,7 +118,6 @@ static int can_create(struct net *net, struct socket *sock, int protocol) | |||
118 | { | 118 | { |
119 | struct sock *sk; | 119 | struct sock *sk; |
120 | struct can_proto *cp; | 120 | struct can_proto *cp; |
121 | char module_name[sizeof("can-proto-000")]; | ||
122 | int err = 0; | 121 | int err = 0; |
123 | 122 | ||
124 | sock->state = SS_UNCONNECTED; | 123 | sock->state = SS_UNCONNECTED; |
@@ -129,26 +128,21 @@ static int can_create(struct net *net, struct socket *sock, int protocol) | |||
129 | if (net != &init_net) | 128 | if (net != &init_net) |
130 | return -EAFNOSUPPORT; | 129 | return -EAFNOSUPPORT; |
131 | 130 | ||
131 | #ifdef CONFIG_KMOD | ||
132 | /* try to load protocol module, when CONFIG_KMOD is defined */ | 132 | /* try to load protocol module, when CONFIG_KMOD is defined */ |
133 | if (!proto_tab[protocol]) { | 133 | if (!proto_tab[protocol]) { |
134 | sprintf(module_name, "can-proto-%d", protocol); | 134 | err = request_module("can-proto-%d", protocol); |
135 | err = request_module(module_name); | ||
136 | 135 | ||
137 | /* | 136 | /* |
138 | * In case of error we only print a message but don't | 137 | * In case of error we only print a message but don't |
139 | * return the error code immediately. Below we will | 138 | * return the error code immediately. Below we will |
140 | * return -EPROTONOSUPPORT | 139 | * return -EPROTONOSUPPORT |
141 | */ | 140 | */ |
142 | if (err == -ENOSYS) { | 141 | if (err && printk_ratelimit()) |
143 | if (printk_ratelimit()) | 142 | printk(KERN_ERR "can: request_module " |
144 | printk(KERN_INFO "can: request_module(%s)" | 143 | "(can-proto-%d) failed.\n", protocol); |
145 | " not implemented.\n", module_name); | ||
146 | } else if (err) { | ||
147 | if (printk_ratelimit()) | ||
148 | printk(KERN_ERR "can: request_module(%s)" | ||
149 | " failed.\n", module_name); | ||
150 | } | ||
151 | } | 144 | } |
145 | #endif | ||
152 | 146 | ||
153 | spin_lock(&proto_tab_lock); | 147 | spin_lock(&proto_tab_lock); |
154 | cp = proto_tab[protocol]; | 148 | cp = proto_tab[protocol]; |
@@ -662,26 +656,26 @@ int can_proto_register(struct can_proto *cp) | |||
662 | return -EINVAL; | 656 | return -EINVAL; |
663 | } | 657 | } |
664 | 658 | ||
659 | err = proto_register(cp->prot, 0); | ||
660 | if (err < 0) | ||
661 | return err; | ||
662 | |||
665 | spin_lock(&proto_tab_lock); | 663 | spin_lock(&proto_tab_lock); |
666 | if (proto_tab[proto]) { | 664 | if (proto_tab[proto]) { |
667 | printk(KERN_ERR "can: protocol %d already registered\n", | 665 | printk(KERN_ERR "can: protocol %d already registered\n", |
668 | proto); | 666 | proto); |
669 | err = -EBUSY; | 667 | err = -EBUSY; |
670 | goto errout; | 668 | } else { |
669 | proto_tab[proto] = cp; | ||
670 | |||
671 | /* use generic ioctl function if not defined by module */ | ||
672 | if (!cp->ops->ioctl) | ||
673 | cp->ops->ioctl = can_ioctl; | ||
671 | } | 674 | } |
675 | spin_unlock(&proto_tab_lock); | ||
672 | 676 | ||
673 | err = proto_register(cp->prot, 0); | ||
674 | if (err < 0) | 677 | if (err < 0) |
675 | goto errout; | 678 | proto_unregister(cp->prot); |
676 | |||
677 | proto_tab[proto] = cp; | ||
678 | |||
679 | /* use generic ioctl function if the module doesn't bring its own */ | ||
680 | if (!cp->ops->ioctl) | ||
681 | cp->ops->ioctl = can_ioctl; | ||
682 | |||
683 | errout: | ||
684 | spin_unlock(&proto_tab_lock); | ||
685 | 679 | ||
686 | return err; | 680 | return err; |
687 | } | 681 | } |
@@ -700,9 +694,10 @@ void can_proto_unregister(struct can_proto *cp) | |||
700 | printk(KERN_ERR "BUG: can: protocol %d is not registered\n", | 694 | printk(KERN_ERR "BUG: can: protocol %d is not registered\n", |
701 | proto); | 695 | proto); |
702 | } | 696 | } |
703 | proto_unregister(cp->prot); | ||
704 | proto_tab[proto] = NULL; | 697 | proto_tab[proto] = NULL; |
705 | spin_unlock(&proto_tab_lock); | 698 | spin_unlock(&proto_tab_lock); |
699 | |||
700 | proto_unregister(cp->prot); | ||
706 | } | 701 | } |
707 | EXPORT_SYMBOL(can_proto_unregister); | 702 | EXPORT_SYMBOL(can_proto_unregister); |
708 | 703 | ||
diff --git a/net/can/raw.c b/net/can/raw.c index aeefd1419d00..94cd7f27c444 100644 --- a/net/can/raw.c +++ b/net/can/raw.c | |||
@@ -98,7 +98,6 @@ static void raw_rcv(struct sk_buff *skb, void *data) | |||
98 | struct sock *sk = (struct sock *)data; | 98 | struct sock *sk = (struct sock *)data; |
99 | struct raw_sock *ro = raw_sk(sk); | 99 | struct raw_sock *ro = raw_sk(sk); |
100 | struct sockaddr_can *addr; | 100 | struct sockaddr_can *addr; |
101 | int error; | ||
102 | 101 | ||
103 | if (!ro->recv_own_msgs) { | 102 | if (!ro->recv_own_msgs) { |
104 | /* check the received tx sock reference */ | 103 | /* check the received tx sock reference */ |
@@ -121,14 +120,12 @@ static void raw_rcv(struct sk_buff *skb, void *data) | |||
121 | addr->can_family = AF_CAN; | 120 | addr->can_family = AF_CAN; |
122 | addr->can_ifindex = skb->dev->ifindex; | 121 | addr->can_ifindex = skb->dev->ifindex; |
123 | 122 | ||
124 | error = sock_queue_rcv_skb(sk, skb); | 123 | if (sock_queue_rcv_skb(sk, skb) < 0) |
125 | if (error < 0) | ||
126 | kfree_skb(skb); | 124 | kfree_skb(skb); |
127 | } | 125 | } |
128 | 126 | ||
129 | static int raw_enable_filters(struct net_device *dev, struct sock *sk, | 127 | static int raw_enable_filters(struct net_device *dev, struct sock *sk, |
130 | struct can_filter *filter, | 128 | struct can_filter *filter, int count) |
131 | int count) | ||
132 | { | 129 | { |
133 | int err = 0; | 130 | int err = 0; |
134 | int i; | 131 | int i; |
@@ -163,8 +160,7 @@ static int raw_enable_errfilter(struct net_device *dev, struct sock *sk, | |||
163 | } | 160 | } |
164 | 161 | ||
165 | static void raw_disable_filters(struct net_device *dev, struct sock *sk, | 162 | static void raw_disable_filters(struct net_device *dev, struct sock *sk, |
166 | struct can_filter *filter, | 163 | struct can_filter *filter, int count) |
167 | int count) | ||
168 | { | 164 | { |
169 | int i; | 165 | int i; |
170 | 166 | ||
@@ -353,7 +349,6 @@ static int raw_bind(struct socket *sock, struct sockaddr *uaddr, int len) | |||
353 | /* filters set by default/setsockopt */ | 349 | /* filters set by default/setsockopt */ |
354 | err = raw_enable_allfilters(dev, sk); | 350 | err = raw_enable_allfilters(dev, sk); |
355 | dev_put(dev); | 351 | dev_put(dev); |
356 | |||
357 | } else { | 352 | } else { |
358 | ifindex = 0; | 353 | ifindex = 0; |
359 | 354 | ||
@@ -466,7 +461,6 @@ static int raw_setsockopt(struct socket *sock, int level, int optname, | |||
466 | if (err) { | 461 | if (err) { |
467 | if (count > 1) | 462 | if (count > 1) |
468 | kfree(filter); | 463 | kfree(filter); |
469 | |||
470 | goto out_fil; | 464 | goto out_fil; |
471 | } | 465 | } |
472 | 466 | ||
@@ -673,25 +667,25 @@ static int raw_recvmsg(struct kiocb *iocb, struct socket *sock, | |||
673 | { | 667 | { |
674 | struct sock *sk = sock->sk; | 668 | struct sock *sk = sock->sk; |
675 | struct sk_buff *skb; | 669 | struct sk_buff *skb; |
676 | int error = 0; | 670 | int err = 0; |
677 | int noblock; | 671 | int noblock; |
678 | 672 | ||
679 | noblock = flags & MSG_DONTWAIT; | 673 | noblock = flags & MSG_DONTWAIT; |
680 | flags &= ~MSG_DONTWAIT; | 674 | flags &= ~MSG_DONTWAIT; |
681 | 675 | ||
682 | skb = skb_recv_datagram(sk, flags, noblock, &error); | 676 | skb = skb_recv_datagram(sk, flags, noblock, &err); |
683 | if (!skb) | 677 | if (!skb) |
684 | return error; | 678 | return err; |
685 | 679 | ||
686 | if (size < skb->len) | 680 | if (size < skb->len) |
687 | msg->msg_flags |= MSG_TRUNC; | 681 | msg->msg_flags |= MSG_TRUNC; |
688 | else | 682 | else |
689 | size = skb->len; | 683 | size = skb->len; |
690 | 684 | ||
691 | error = memcpy_toiovec(msg->msg_iov, skb->data, size); | 685 | err = memcpy_toiovec(msg->msg_iov, skb->data, size); |
692 | if (error < 0) { | 686 | if (err < 0) { |
693 | skb_free_datagram(sk, skb); | 687 | skb_free_datagram(sk, skb); |
694 | return error; | 688 | return err; |
695 | } | 689 | } |
696 | 690 | ||
697 | sock_recv_timestamp(msg, sk, skb); | 691 | sock_recv_timestamp(msg, sk, skb); |
diff --git a/net/core/flow.c b/net/core/flow.c index 46b38e06e0d7..a77531c139b7 100644 --- a/net/core/flow.c +++ b/net/core/flow.c | |||
@@ -30,8 +30,8 @@ struct flow_cache_entry { | |||
30 | struct flow_cache_entry *next; | 30 | struct flow_cache_entry *next; |
31 | u16 family; | 31 | u16 family; |
32 | u8 dir; | 32 | u8 dir; |
33 | struct flowi key; | ||
34 | u32 genid; | 33 | u32 genid; |
34 | struct flowi key; | ||
35 | void *object; | 35 | void *object; |
36 | atomic_t *object_ref; | 36 | atomic_t *object_ref; |
37 | }; | 37 | }; |
@@ -52,7 +52,7 @@ struct flow_percpu_info { | |||
52 | int hash_rnd_recalc; | 52 | int hash_rnd_recalc; |
53 | u32 hash_rnd; | 53 | u32 hash_rnd; |
54 | int count; | 54 | int count; |
55 | } ____cacheline_aligned; | 55 | }; |
56 | static DEFINE_PER_CPU(struct flow_percpu_info, flow_hash_info) = { 0 }; | 56 | static DEFINE_PER_CPU(struct flow_percpu_info, flow_hash_info) = { 0 }; |
57 | 57 | ||
58 | #define flow_hash_rnd_recalc(cpu) \ | 58 | #define flow_hash_rnd_recalc(cpu) \ |
@@ -346,7 +346,7 @@ static int __init flow_cache_init(void) | |||
346 | 346 | ||
347 | flow_cachep = kmem_cache_create("flow_cache", | 347 | flow_cachep = kmem_cache_create("flow_cache", |
348 | sizeof(struct flow_cache_entry), | 348 | sizeof(struct flow_cache_entry), |
349 | 0, SLAB_HWCACHE_ALIGN|SLAB_PANIC, | 349 | 0, SLAB_PANIC, |
350 | NULL); | 350 | NULL); |
351 | flow_hash_shift = 10; | 351 | flow_hash_shift = 10; |
352 | flow_lwm = 2 * flow_hash_size; | 352 | flow_lwm = 2 * flow_hash_size; |
diff --git a/net/decnet/dn_route.c b/net/decnet/dn_route.c index 31be29b8b5a3..9dc0abb50eaf 100644 --- a/net/decnet/dn_route.c +++ b/net/decnet/dn_route.c | |||
@@ -94,7 +94,7 @@ struct dn_rt_hash_bucket | |||
94 | { | 94 | { |
95 | struct dn_route *chain; | 95 | struct dn_route *chain; |
96 | spinlock_t lock; | 96 | spinlock_t lock; |
97 | } __attribute__((__aligned__(8))); | 97 | }; |
98 | 98 | ||
99 | extern struct neigh_table dn_neigh_table; | 99 | extern struct neigh_table dn_neigh_table; |
100 | 100 | ||
diff --git a/net/ipv4/netfilter/nf_nat_core.c b/net/ipv4/netfilter/nf_nat_core.c index dd07362d2b8f..0d5fa3a54d04 100644 --- a/net/ipv4/netfilter/nf_nat_core.c +++ b/net/ipv4/netfilter/nf_nat_core.c | |||
@@ -600,10 +600,10 @@ static void nf_nat_cleanup_conntrack(struct nf_conn *ct) | |||
600 | spin_unlock_bh(&nf_nat_lock); | 600 | spin_unlock_bh(&nf_nat_lock); |
601 | } | 601 | } |
602 | 602 | ||
603 | static void nf_nat_move_storage(struct nf_conn *conntrack, void *old) | 603 | static void nf_nat_move_storage(void *new, void *old) |
604 | { | 604 | { |
605 | struct nf_conn_nat *new_nat = nf_ct_ext_find(conntrack, NF_CT_EXT_NAT); | 605 | struct nf_conn_nat *new_nat = new; |
606 | struct nf_conn_nat *old_nat = (struct nf_conn_nat *)old; | 606 | struct nf_conn_nat *old_nat = old; |
607 | struct nf_conn *ct = old_nat->ct; | 607 | struct nf_conn *ct = old_nat->ct; |
608 | 608 | ||
609 | if (!ct || !(ct->status & IPS_NAT_DONE_MASK)) | 609 | if (!ct || !(ct->status & IPS_NAT_DONE_MASK)) |
diff --git a/net/ipv4/route.c b/net/ipv4/route.c index 8842ecb9be48..525787b52b72 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c | |||
@@ -2041,7 +2041,7 @@ int ip_route_input(struct sk_buff *skb, __be32 daddr, __be32 saddr, | |||
2041 | int iif = dev->ifindex; | 2041 | int iif = dev->ifindex; |
2042 | struct net *net; | 2042 | struct net *net; |
2043 | 2043 | ||
2044 | net = skb->dev->nd_net; | 2044 | net = dev->nd_net; |
2045 | tos &= IPTOS_RT_MASK; | 2045 | tos &= IPTOS_RT_MASK; |
2046 | hash = rt_hash(daddr, saddr, iif); | 2046 | hash = rt_hash(daddr, saddr, iif); |
2047 | 2047 | ||
diff --git a/net/iucv/af_iucv.c b/net/iucv/af_iucv.c index 2255e3c082ed..fee22caf1bad 100644 --- a/net/iucv/af_iucv.c +++ b/net/iucv/af_iucv.c | |||
@@ -482,6 +482,10 @@ static int iucv_sock_connect(struct socket *sock, struct sockaddr *addr, | |||
482 | /* Create path. */ | 482 | /* Create path. */ |
483 | iucv->path = iucv_path_alloc(IUCV_QUEUELEN_DEFAULT, | 483 | iucv->path = iucv_path_alloc(IUCV_QUEUELEN_DEFAULT, |
484 | IPRMDATA, GFP_KERNEL); | 484 | IPRMDATA, GFP_KERNEL); |
485 | if (!iucv->path) { | ||
486 | err = -ENOMEM; | ||
487 | goto done; | ||
488 | } | ||
485 | err = iucv_path_connect(iucv->path, &af_iucv_handler, | 489 | err = iucv_path_connect(iucv->path, &af_iucv_handler, |
486 | sa->siucv_user_id, NULL, user_data, sk); | 490 | sa->siucv_user_id, NULL, user_data, sk); |
487 | if (err) { | 491 | if (err) { |
@@ -1094,6 +1098,8 @@ static void iucv_callback_rx(struct iucv_path *path, struct iucv_message *msg) | |||
1094 | 1098 | ||
1095 | save_message: | 1099 | save_message: |
1096 | save_msg = kzalloc(sizeof(struct sock_msg_q), GFP_ATOMIC | GFP_DMA); | 1100 | save_msg = kzalloc(sizeof(struct sock_msg_q), GFP_ATOMIC | GFP_DMA); |
1101 | if (!save_msg) | ||
1102 | return; | ||
1097 | save_msg->path = path; | 1103 | save_msg->path = path; |
1098 | save_msg->msg = *msg; | 1104 | save_msg->msg = *msg; |
1099 | 1105 | ||
@@ -1106,24 +1112,31 @@ static void iucv_callback_txdone(struct iucv_path *path, | |||
1106 | struct iucv_message *msg) | 1112 | struct iucv_message *msg) |
1107 | { | 1113 | { |
1108 | struct sock *sk = path->private; | 1114 | struct sock *sk = path->private; |
1109 | struct sk_buff *this; | 1115 | struct sk_buff *this = NULL; |
1110 | struct sk_buff_head *list = &iucv_sk(sk)->send_skb_q; | 1116 | struct sk_buff_head *list = &iucv_sk(sk)->send_skb_q; |
1111 | struct sk_buff *list_skb = list->next; | 1117 | struct sk_buff *list_skb = list->next; |
1112 | unsigned long flags; | 1118 | unsigned long flags; |
1113 | 1119 | ||
1114 | if (list_skb) { | 1120 | if (!skb_queue_empty(list)) { |
1115 | spin_lock_irqsave(&list->lock, flags); | 1121 | spin_lock_irqsave(&list->lock, flags); |
1116 | 1122 | ||
1117 | do { | 1123 | while (list_skb != (struct sk_buff *)list) { |
1118 | this = list_skb; | 1124 | if (!memcmp(&msg->tag, list_skb->cb, 4)) { |
1125 | this = list_skb; | ||
1126 | break; | ||
1127 | } | ||
1119 | list_skb = list_skb->next; | 1128 | list_skb = list_skb->next; |
1120 | } while (memcmp(&msg->tag, this->cb, 4) && list_skb); | 1129 | } |
1130 | if (this) | ||
1131 | __skb_unlink(this, list); | ||
1121 | 1132 | ||
1122 | spin_unlock_irqrestore(&list->lock, flags); | 1133 | spin_unlock_irqrestore(&list->lock, flags); |
1123 | 1134 | ||
1124 | skb_unlink(this, &iucv_sk(sk)->send_skb_q); | 1135 | if (this) |
1125 | kfree_skb(this); | 1136 | kfree_skb(this); |
1126 | } | 1137 | } |
1138 | if (!this) | ||
1139 | printk(KERN_ERR "AF_IUCV msg tag %u not found\n", msg->tag); | ||
1127 | 1140 | ||
1128 | if (sk->sk_state == IUCV_CLOSING) { | 1141 | if (sk->sk_state == IUCV_CLOSING) { |
1129 | if (skb_queue_empty(&iucv_sk(sk)->send_skb_q)) { | 1142 | if (skb_queue_empty(&iucv_sk(sk)->send_skb_q)) { |
diff --git a/net/iucv/iucv.c b/net/iucv/iucv.c index f13fe8821cbd..2753b0c448f3 100644 --- a/net/iucv/iucv.c +++ b/net/iucv/iucv.c | |||
@@ -693,9 +693,9 @@ int iucv_register(struct iucv_handler *handler, int smp) | |||
693 | iucv_setmask_up(); | 693 | iucv_setmask_up(); |
694 | INIT_LIST_HEAD(&handler->paths); | 694 | INIT_LIST_HEAD(&handler->paths); |
695 | 695 | ||
696 | spin_lock_irq(&iucv_table_lock); | 696 | spin_lock_bh(&iucv_table_lock); |
697 | list_add_tail(&handler->list, &iucv_handler_list); | 697 | list_add_tail(&handler->list, &iucv_handler_list); |
698 | spin_unlock_irq(&iucv_table_lock); | 698 | spin_unlock_bh(&iucv_table_lock); |
699 | rc = 0; | 699 | rc = 0; |
700 | out_mutex: | 700 | out_mutex: |
701 | mutex_unlock(&iucv_register_mutex); | 701 | mutex_unlock(&iucv_register_mutex); |
diff --git a/net/netfilter/nf_conntrack_extend.c b/net/netfilter/nf_conntrack_extend.c index cf6ba6659a80..8b9be1e978cd 100644 --- a/net/netfilter/nf_conntrack_extend.c +++ b/net/netfilter/nf_conntrack_extend.c | |||
@@ -109,7 +109,8 @@ void *__nf_ct_ext_add(struct nf_conn *ct, enum nf_ct_ext_id id, gfp_t gfp) | |||
109 | rcu_read_lock(); | 109 | rcu_read_lock(); |
110 | t = rcu_dereference(nf_ct_ext_types[i]); | 110 | t = rcu_dereference(nf_ct_ext_types[i]); |
111 | if (t && t->move) | 111 | if (t && t->move) |
112 | t->move(ct, ct->ext + ct->ext->offset[i]); | 112 | t->move((void *)new + new->offset[i], |
113 | (void *)ct->ext + ct->ext->offset[i]); | ||
113 | rcu_read_unlock(); | 114 | rcu_read_unlock(); |
114 | } | 115 | } |
115 | kfree(ct->ext); | 116 | kfree(ct->ext); |
diff --git a/net/netfilter/nf_conntrack_proto_tcp.c b/net/netfilter/nf_conntrack_proto_tcp.c index 3e0cccae5636..202d7fa09483 100644 --- a/net/netfilter/nf_conntrack_proto_tcp.c +++ b/net/netfilter/nf_conntrack_proto_tcp.c | |||
@@ -125,7 +125,7 @@ enum tcp_bit_set { | |||
125 | * CLOSE_WAIT: ACK seen (after FIN) | 125 | * CLOSE_WAIT: ACK seen (after FIN) |
126 | * LAST_ACK: FIN seen (after FIN) | 126 | * LAST_ACK: FIN seen (after FIN) |
127 | * TIME_WAIT: last ACK seen | 127 | * TIME_WAIT: last ACK seen |
128 | * CLOSE: closed connection | 128 | * CLOSE: closed connection (RST) |
129 | * | 129 | * |
130 | * LISTEN state is not used. | 130 | * LISTEN state is not used. |
131 | * | 131 | * |
@@ -824,7 +824,21 @@ static int tcp_packet(struct nf_conn *ct, | |||
824 | case TCP_CONNTRACK_SYN_SENT: | 824 | case TCP_CONNTRACK_SYN_SENT: |
825 | if (old_state < TCP_CONNTRACK_TIME_WAIT) | 825 | if (old_state < TCP_CONNTRACK_TIME_WAIT) |
826 | break; | 826 | break; |
827 | if ((ct->proto.tcp.seen[!dir].flags & IP_CT_TCP_FLAG_CLOSE_INIT) | 827 | /* RFC 1122: "When a connection is closed actively, |
828 | * it MUST linger in TIME-WAIT state for a time 2xMSL | ||
829 | * (Maximum Segment Lifetime). However, it MAY accept | ||
830 | * a new SYN from the remote TCP to reopen the connection | ||
831 | * directly from TIME-WAIT state, if..." | ||
832 | * We ignore the conditions because we are in the | ||
833 | * TIME-WAIT state anyway. | ||
834 | * | ||
835 | * Handle aborted connections: we and the server | ||
836 | * think there is an existing connection but the client | ||
837 | * aborts it and starts a new one. | ||
838 | */ | ||
839 | if (((ct->proto.tcp.seen[dir].flags | ||
840 | | ct->proto.tcp.seen[!dir].flags) | ||
841 | & IP_CT_TCP_FLAG_CLOSE_INIT) | ||
828 | || (ct->proto.tcp.last_dir == dir | 842 | || (ct->proto.tcp.last_dir == dir |
829 | && ct->proto.tcp.last_index == TCP_RST_SET)) { | 843 | && ct->proto.tcp.last_index == TCP_RST_SET)) { |
830 | /* Attempt to reopen a closed/aborted connection. | 844 | /* Attempt to reopen a closed/aborted connection. |
@@ -838,15 +852,22 @@ static int tcp_packet(struct nf_conn *ct, | |||
838 | case TCP_CONNTRACK_IGNORE: | 852 | case TCP_CONNTRACK_IGNORE: |
839 | /* Ignored packets: | 853 | /* Ignored packets: |
840 | * | 854 | * |
855 | * Our connection entry may be out of sync, so ignore | ||
856 | * packets which may signal the real connection between | ||
857 | * the client and the server. | ||
858 | * | ||
841 | * a) SYN in ORIGINAL | 859 | * a) SYN in ORIGINAL |
842 | * b) SYN/ACK in REPLY | 860 | * b) SYN/ACK in REPLY |
843 | * c) ACK in reply direction after initial SYN in original. | 861 | * c) ACK in reply direction after initial SYN in original. |
862 | * | ||
863 | * If the ignored packet is invalid, the receiver will send | ||
864 | * a RST we'll catch below. | ||
844 | */ | 865 | */ |
845 | if (index == TCP_SYNACK_SET | 866 | if (index == TCP_SYNACK_SET |
846 | && ct->proto.tcp.last_index == TCP_SYN_SET | 867 | && ct->proto.tcp.last_index == TCP_SYN_SET |
847 | && ct->proto.tcp.last_dir != dir | 868 | && ct->proto.tcp.last_dir != dir |
848 | && ntohl(th->ack_seq) == ct->proto.tcp.last_end) { | 869 | && ntohl(th->ack_seq) == ct->proto.tcp.last_end) { |
849 | /* This SYN/ACK acknowledges a SYN that we earlier | 870 | /* b) This SYN/ACK acknowledges a SYN that we earlier |
850 | * ignored as invalid. This means that the client and | 871 | * ignored as invalid. This means that the client and |
851 | * the server are both in sync, while the firewall is | 872 | * the server are both in sync, while the firewall is |
852 | * not. We kill this session and block the SYN/ACK so | 873 | * not. We kill this session and block the SYN/ACK so |
@@ -870,7 +891,7 @@ static int tcp_packet(struct nf_conn *ct, | |||
870 | write_unlock_bh(&tcp_lock); | 891 | write_unlock_bh(&tcp_lock); |
871 | if (LOG_INVALID(IPPROTO_TCP)) | 892 | if (LOG_INVALID(IPPROTO_TCP)) |
872 | nf_log_packet(pf, 0, skb, NULL, NULL, NULL, | 893 | nf_log_packet(pf, 0, skb, NULL, NULL, NULL, |
873 | "nf_ct_tcp: invalid packed ignored "); | 894 | "nf_ct_tcp: invalid packet ignored "); |
874 | return NF_ACCEPT; | 895 | return NF_ACCEPT; |
875 | case TCP_CONNTRACK_MAX: | 896 | case TCP_CONNTRACK_MAX: |
876 | /* Invalid packet */ | 897 | /* Invalid packet */ |
@@ -924,8 +945,7 @@ static int tcp_packet(struct nf_conn *ct, | |||
924 | 945 | ||
925 | ct->proto.tcp.state = new_state; | 946 | ct->proto.tcp.state = new_state; |
926 | if (old_state != new_state | 947 | if (old_state != new_state |
927 | && (new_state == TCP_CONNTRACK_FIN_WAIT | 948 | && new_state == TCP_CONNTRACK_CLOSE) |
928 | || new_state == TCP_CONNTRACK_CLOSE)) | ||
929 | ct->proto.tcp.seen[dir].flags |= IP_CT_TCP_FLAG_CLOSE_INIT; | 949 | ct->proto.tcp.seen[dir].flags |= IP_CT_TCP_FLAG_CLOSE_INIT; |
930 | timeout = ct->proto.tcp.retrans >= nf_ct_tcp_max_retrans | 950 | timeout = ct->proto.tcp.retrans >= nf_ct_tcp_max_retrans |
931 | && tcp_timeouts[new_state] > nf_ct_tcp_timeout_max_retrans | 951 | && tcp_timeouts[new_state] > nf_ct_tcp_timeout_max_retrans |
diff --git a/net/netfilter/xt_iprange.c b/net/netfilter/xt_iprange.c index 01035fc0e140..4f984dc60319 100644 --- a/net/netfilter/xt_iprange.c +++ b/net/netfilter/xt_iprange.c | |||
@@ -13,6 +13,7 @@ | |||
13 | #include <linux/ip.h> | 13 | #include <linux/ip.h> |
14 | #include <linux/ipv6.h> | 14 | #include <linux/ipv6.h> |
15 | #include <linux/netfilter/x_tables.h> | 15 | #include <linux/netfilter/x_tables.h> |
16 | #include <linux/netfilter/xt_iprange.h> | ||
16 | #include <linux/netfilter_ipv4/ipt_iprange.h> | 17 | #include <linux/netfilter_ipv4/ipt_iprange.h> |
17 | 18 | ||
18 | static bool | 19 | static bool |
@@ -148,7 +149,7 @@ static struct xt_match iprange_mt_reg[] __read_mostly = { | |||
148 | { | 149 | { |
149 | .name = "iprange", | 150 | .name = "iprange", |
150 | .revision = 1, | 151 | .revision = 1, |
151 | .family = AF_INET6, | 152 | .family = AF_INET, |
152 | .match = iprange_mt4, | 153 | .match = iprange_mt4, |
153 | .matchsize = sizeof(struct xt_iprange_mtinfo), | 154 | .matchsize = sizeof(struct xt_iprange_mtinfo), |
154 | .me = THIS_MODULE, | 155 | .me = THIS_MODULE, |
diff --git a/net/sched/em_meta.c b/net/sched/em_meta.c index 2a7e648fbcf4..d417ec8e3ca3 100644 --- a/net/sched/em_meta.c +++ b/net/sched/em_meta.c | |||
@@ -735,11 +735,13 @@ static int em_meta_match(struct sk_buff *skb, struct tcf_ematch *m, | |||
735 | 735 | ||
736 | static inline void meta_delete(struct meta_match *meta) | 736 | static inline void meta_delete(struct meta_match *meta) |
737 | { | 737 | { |
738 | struct meta_type_ops *ops = meta_type_ops(&meta->lvalue); | 738 | if (meta) { |
739 | struct meta_type_ops *ops = meta_type_ops(&meta->lvalue); | ||
739 | 740 | ||
740 | if (ops && ops->destroy) { | 741 | if (ops && ops->destroy) { |
741 | ops->destroy(&meta->lvalue); | 742 | ops->destroy(&meta->lvalue); |
742 | ops->destroy(&meta->rvalue); | 743 | ops->destroy(&meta->rvalue); |
744 | } | ||
743 | } | 745 | } |
744 | 746 | ||
745 | kfree(meta); | 747 | kfree(meta); |
diff --git a/net/tipc/addr.h b/net/tipc/addr.h index e4bd5335e48d..3ba67e6ce03e 100644 --- a/net/tipc/addr.h +++ b/net/tipc/addr.h | |||
@@ -57,11 +57,6 @@ static inline int in_own_cluster(u32 addr) | |||
57 | return !((addr ^ tipc_own_addr) >> 12); | 57 | return !((addr ^ tipc_own_addr) >> 12); |
58 | } | 58 | } |
59 | 59 | ||
60 | static inline int in_own_zone(u32 addr) | ||
61 | { | ||
62 | return !((addr ^ tipc_own_addr) >> 24); | ||
63 | } | ||
64 | |||
65 | static inline int is_slave(u32 addr) | 60 | static inline int is_slave(u32 addr) |
66 | { | 61 | { |
67 | return addr & 0x800; | 62 | return addr & 0x800; |
diff --git a/net/tipc/bcast.h b/net/tipc/bcast.h index f910ed29d055..a2416fa6b906 100644 --- a/net/tipc/bcast.h +++ b/net/tipc/bcast.h | |||
@@ -74,19 +74,6 @@ extern char tipc_bclink_name[]; | |||
74 | 74 | ||
75 | 75 | ||
76 | /** | 76 | /** |
77 | * nmap_get - determine if node exists in a node map | ||
78 | */ | ||
79 | |||
80 | static inline int tipc_nmap_get(struct node_map *nm_ptr, u32 node) | ||
81 | { | ||
82 | int n = tipc_node(node); | ||
83 | int w = n / WSIZE; | ||
84 | int b = n % WSIZE; | ||
85 | |||
86 | return nm_ptr->map[w] & (1 << b); | ||
87 | } | ||
88 | |||
89 | /** | ||
90 | * nmap_add - add a node to a node map | 77 | * nmap_add - add a node to a node map |
91 | */ | 78 | */ |
92 | 79 | ||
diff --git a/net/tipc/msg.h b/net/tipc/msg.h index ce2659836374..e9ef6df26562 100644 --- a/net/tipc/msg.h +++ b/net/tipc/msg.h | |||
@@ -663,11 +663,6 @@ static inline void msg_set_remote_node(struct tipc_msg *m, u32 a) | |||
663 | msg_set_word(m, msg_hdr_sz(m)/4, a); | 663 | msg_set_word(m, msg_hdr_sz(m)/4, a); |
664 | } | 664 | } |
665 | 665 | ||
666 | static inline int msg_dataoctet(struct tipc_msg *m, u32 pos) | ||
667 | { | ||
668 | return(msg_data(m)[pos + 4] != 0); | ||
669 | } | ||
670 | |||
671 | static inline void msg_set_dataoctet(struct tipc_msg *m, u32 pos) | 666 | static inline void msg_set_dataoctet(struct tipc_msg *m, u32 pos) |
672 | { | 667 | { |
673 | msg_data(m)[pos + 4] = 1; | 668 | msg_data(m)[pos + 4] = 1; |
diff --git a/net/tipc/socket.c b/net/tipc/socket.c index 24ddfd2ca38b..22909036b9bc 100644 --- a/net/tipc/socket.c +++ b/net/tipc/socket.c | |||
@@ -71,9 +71,9 @@ struct tipc_sock { | |||
71 | static u32 dispatch(struct tipc_port *tport, struct sk_buff *buf); | 71 | static u32 dispatch(struct tipc_port *tport, struct sk_buff *buf); |
72 | static void wakeupdispatch(struct tipc_port *tport); | 72 | static void wakeupdispatch(struct tipc_port *tport); |
73 | 73 | ||
74 | static struct proto_ops packet_ops; | 74 | static const struct proto_ops packet_ops; |
75 | static struct proto_ops stream_ops; | 75 | static const struct proto_ops stream_ops; |
76 | static struct proto_ops msg_ops; | 76 | static const struct proto_ops msg_ops; |
77 | 77 | ||
78 | static struct proto tipc_proto; | 78 | static struct proto tipc_proto; |
79 | 79 | ||
@@ -1615,7 +1615,7 @@ static int getsockopt(struct socket *sock, | |||
1615 | * Protocol switches for the various types of TIPC sockets | 1615 | * Protocol switches for the various types of TIPC sockets |
1616 | */ | 1616 | */ |
1617 | 1617 | ||
1618 | static struct proto_ops msg_ops = { | 1618 | static const struct proto_ops msg_ops = { |
1619 | .owner = THIS_MODULE, | 1619 | .owner = THIS_MODULE, |
1620 | .family = AF_TIPC, | 1620 | .family = AF_TIPC, |
1621 | .release = release, | 1621 | .release = release, |
@@ -1636,7 +1636,7 @@ static struct proto_ops msg_ops = { | |||
1636 | .sendpage = sock_no_sendpage | 1636 | .sendpage = sock_no_sendpage |
1637 | }; | 1637 | }; |
1638 | 1638 | ||
1639 | static struct proto_ops packet_ops = { | 1639 | static const struct proto_ops packet_ops = { |
1640 | .owner = THIS_MODULE, | 1640 | .owner = THIS_MODULE, |
1641 | .family = AF_TIPC, | 1641 | .family = AF_TIPC, |
1642 | .release = release, | 1642 | .release = release, |
@@ -1657,7 +1657,7 @@ static struct proto_ops packet_ops = { | |||
1657 | .sendpage = sock_no_sendpage | 1657 | .sendpage = sock_no_sendpage |
1658 | }; | 1658 | }; |
1659 | 1659 | ||
1660 | static struct proto_ops stream_ops = { | 1660 | static const struct proto_ops stream_ops = { |
1661 | .owner = THIS_MODULE, | 1661 | .owner = THIS_MODULE, |
1662 | .family = AF_TIPC, | 1662 | .family = AF_TIPC, |
1663 | .release = release, | 1663 | .release = release, |
@@ -1678,7 +1678,7 @@ static struct proto_ops stream_ops = { | |||
1678 | .sendpage = sock_no_sendpage | 1678 | .sendpage = sock_no_sendpage |
1679 | }; | 1679 | }; |
1680 | 1680 | ||
1681 | static struct net_proto_family tipc_family_ops = { | 1681 | static const struct net_proto_family tipc_family_ops = { |
1682 | .owner = THIS_MODULE, | 1682 | .owner = THIS_MODULE, |
1683 | .family = AF_TIPC, | 1683 | .family = AF_TIPC, |
1684 | .create = tipc_create | 1684 | .create = tipc_create |
diff --git a/net/xfrm/xfrm_algo.c b/net/xfrm/xfrm_algo.c index 6cc15250de69..8aa6440d689f 100644 --- a/net/xfrm/xfrm_algo.c +++ b/net/xfrm/xfrm_algo.c | |||
@@ -399,6 +399,23 @@ static struct xfrm_algo_desc ealg_list[] = { | |||
399 | .sadb_alg_maxbits = 256 | 399 | .sadb_alg_maxbits = 256 |
400 | } | 400 | } |
401 | }, | 401 | }, |
402 | { | ||
403 | .name = "rfc3686(ctr(aes))", | ||
404 | |||
405 | .uinfo = { | ||
406 | .encr = { | ||
407 | .blockbits = 128, | ||
408 | .defkeybits = 160, /* 128-bit key + 32-bit nonce */ | ||
409 | } | ||
410 | }, | ||
411 | |||
412 | .desc = { | ||
413 | .sadb_alg_id = SADB_X_EALG_AESCTR, | ||
414 | .sadb_alg_ivlen = 8, | ||
415 | .sadb_alg_minbits = 128, | ||
416 | .sadb_alg_maxbits = 256 | ||
417 | } | ||
418 | }, | ||
402 | }; | 419 | }; |
403 | 420 | ||
404 | static struct xfrm_algo_desc calg_list[] = { | 421 | static struct xfrm_algo_desc calg_list[] = { |