diff options
Diffstat (limited to 'net')
-rw-r--r-- | net/bluetooth/hci_sysfs.c | 6 | ||||
-rw-r--r-- | net/ipv4/tcp_vegas.c | 11 | ||||
-rw-r--r-- | net/netfilter/nf_conntrack_proto_dccp.c | 4 | ||||
-rw-r--r-- | net/netfilter/nf_conntrack_proto_tcp.c | 18 | ||||
-rw-r--r-- | net/netfilter/nfnetlink_log.c | 6 | ||||
-rw-r--r-- | net/netfilter/xt_hashlimit.c | 2 | ||||
-rw-r--r-- | net/sched/cls_api.c | 23 | ||||
-rw-r--r-- | net/sched/cls_cgroup.c | 22 |
8 files changed, 66 insertions, 26 deletions
diff --git a/net/bluetooth/hci_sysfs.c b/net/bluetooth/hci_sysfs.c index 4cc3624bd22d..95f7a7a544b4 100644 --- a/net/bluetooth/hci_sysfs.c +++ b/net/bluetooth/hci_sysfs.c | |||
@@ -90,9 +90,6 @@ static void add_conn(struct work_struct *work) | |||
90 | struct hci_conn *conn = container_of(work, struct hci_conn, work_add); | 90 | struct hci_conn *conn = container_of(work, struct hci_conn, work_add); |
91 | struct hci_dev *hdev = conn->hdev; | 91 | struct hci_dev *hdev = conn->hdev; |
92 | 92 | ||
93 | /* ensure previous del is complete */ | ||
94 | flush_work(&conn->work_del); | ||
95 | |||
96 | dev_set_name(&conn->dev, "%s:%d", hdev->name, conn->handle); | 93 | dev_set_name(&conn->dev, "%s:%d", hdev->name, conn->handle); |
97 | 94 | ||
98 | if (device_add(&conn->dev) < 0) { | 95 | if (device_add(&conn->dev) < 0) { |
@@ -118,9 +115,6 @@ static void del_conn(struct work_struct *work) | |||
118 | struct hci_conn *conn = container_of(work, struct hci_conn, work_del); | 115 | struct hci_conn *conn = container_of(work, struct hci_conn, work_del); |
119 | struct hci_dev *hdev = conn->hdev; | 116 | struct hci_dev *hdev = conn->hdev; |
120 | 117 | ||
121 | /* ensure previous add is complete */ | ||
122 | flush_work(&conn->work_add); | ||
123 | |||
124 | if (!device_is_registered(&conn->dev)) | 118 | if (!device_is_registered(&conn->dev)) |
125 | return; | 119 | return; |
126 | 120 | ||
diff --git a/net/ipv4/tcp_vegas.c b/net/ipv4/tcp_vegas.c index a453aac91bd3..c6743eec9b7d 100644 --- a/net/ipv4/tcp_vegas.c +++ b/net/ipv4/tcp_vegas.c | |||
@@ -158,6 +158,11 @@ void tcp_vegas_cwnd_event(struct sock *sk, enum tcp_ca_event event) | |||
158 | } | 158 | } |
159 | EXPORT_SYMBOL_GPL(tcp_vegas_cwnd_event); | 159 | EXPORT_SYMBOL_GPL(tcp_vegas_cwnd_event); |
160 | 160 | ||
161 | static inline u32 tcp_vegas_ssthresh(struct tcp_sock *tp) | ||
162 | { | ||
163 | return min(tp->snd_ssthresh, tp->snd_cwnd-1); | ||
164 | } | ||
165 | |||
161 | static void tcp_vegas_cong_avoid(struct sock *sk, u32 ack, u32 in_flight) | 166 | static void tcp_vegas_cong_avoid(struct sock *sk, u32 ack, u32 in_flight) |
162 | { | 167 | { |
163 | struct tcp_sock *tp = tcp_sk(sk); | 168 | struct tcp_sock *tp = tcp_sk(sk); |
@@ -221,11 +226,10 @@ static void tcp_vegas_cong_avoid(struct sock *sk, u32 ack, u32 in_flight) | |||
221 | */ | 226 | */ |
222 | diff = tp->snd_cwnd * (rtt-vegas->baseRTT) / vegas->baseRTT; | 227 | diff = tp->snd_cwnd * (rtt-vegas->baseRTT) / vegas->baseRTT; |
223 | 228 | ||
224 | if (diff > gamma && tp->snd_ssthresh > 2 ) { | 229 | if (diff > gamma && tp->snd_cwnd <= tp->snd_ssthresh) { |
225 | /* Going too fast. Time to slow down | 230 | /* Going too fast. Time to slow down |
226 | * and switch to congestion avoidance. | 231 | * and switch to congestion avoidance. |
227 | */ | 232 | */ |
228 | tp->snd_ssthresh = 2; | ||
229 | 233 | ||
230 | /* Set cwnd to match the actual rate | 234 | /* Set cwnd to match the actual rate |
231 | * exactly: | 235 | * exactly: |
@@ -235,6 +239,7 @@ static void tcp_vegas_cong_avoid(struct sock *sk, u32 ack, u32 in_flight) | |||
235 | * utilization. | 239 | * utilization. |
236 | */ | 240 | */ |
237 | tp->snd_cwnd = min(tp->snd_cwnd, (u32)target_cwnd+1); | 241 | tp->snd_cwnd = min(tp->snd_cwnd, (u32)target_cwnd+1); |
242 | tp->snd_ssthresh = tcp_vegas_ssthresh(tp); | ||
238 | 243 | ||
239 | } else if (tp->snd_cwnd <= tp->snd_ssthresh) { | 244 | } else if (tp->snd_cwnd <= tp->snd_ssthresh) { |
240 | /* Slow start. */ | 245 | /* Slow start. */ |
@@ -250,6 +255,8 @@ static void tcp_vegas_cong_avoid(struct sock *sk, u32 ack, u32 in_flight) | |||
250 | * we slow down. | 255 | * we slow down. |
251 | */ | 256 | */ |
252 | tp->snd_cwnd--; | 257 | tp->snd_cwnd--; |
258 | tp->snd_ssthresh | ||
259 | = tcp_vegas_ssthresh(tp); | ||
253 | } else if (diff < alpha) { | 260 | } else if (diff < alpha) { |
254 | /* We don't have enough extra packets | 261 | /* We don't have enough extra packets |
255 | * in the network, so speed up. | 262 | * in the network, so speed up. |
diff --git a/net/netfilter/nf_conntrack_proto_dccp.c b/net/netfilter/nf_conntrack_proto_dccp.c index 8e757dd53396..aee0d6bea309 100644 --- a/net/netfilter/nf_conntrack_proto_dccp.c +++ b/net/netfilter/nf_conntrack_proto_dccp.c | |||
@@ -22,6 +22,7 @@ | |||
22 | #include <linux/netfilter/nfnetlink_conntrack.h> | 22 | #include <linux/netfilter/nfnetlink_conntrack.h> |
23 | #include <net/netfilter/nf_conntrack.h> | 23 | #include <net/netfilter/nf_conntrack.h> |
24 | #include <net/netfilter/nf_conntrack_l4proto.h> | 24 | #include <net/netfilter/nf_conntrack_l4proto.h> |
25 | #include <net/netfilter/nf_conntrack_ecache.h> | ||
25 | #include <net/netfilter/nf_log.h> | 26 | #include <net/netfilter/nf_log.h> |
26 | 27 | ||
27 | static DEFINE_RWLOCK(dccp_lock); | 28 | static DEFINE_RWLOCK(dccp_lock); |
@@ -553,6 +554,9 @@ static int dccp_packet(struct nf_conn *ct, const struct sk_buff *skb, | |||
553 | ct->proto.dccp.state = new_state; | 554 | ct->proto.dccp.state = new_state; |
554 | write_unlock_bh(&dccp_lock); | 555 | write_unlock_bh(&dccp_lock); |
555 | 556 | ||
557 | if (new_state != old_state) | ||
558 | nf_conntrack_event_cache(IPCT_PROTOINFO, ct); | ||
559 | |||
556 | dn = dccp_pernet(net); | 560 | dn = dccp_pernet(net); |
557 | nf_ct_refresh_acct(ct, ctinfo, skb, dn->dccp_timeout[new_state]); | 561 | nf_ct_refresh_acct(ct, ctinfo, skb, dn->dccp_timeout[new_state]); |
558 | 562 | ||
diff --git a/net/netfilter/nf_conntrack_proto_tcp.c b/net/netfilter/nf_conntrack_proto_tcp.c index b5ccf2b4b2e7..97a6e93d742e 100644 --- a/net/netfilter/nf_conntrack_proto_tcp.c +++ b/net/netfilter/nf_conntrack_proto_tcp.c | |||
@@ -634,6 +634,14 @@ static bool tcp_in_window(const struct nf_conn *ct, | |||
634 | sender->td_end = end; | 634 | sender->td_end = end; |
635 | sender->flags |= IP_CT_TCP_FLAG_DATA_UNACKNOWLEDGED; | 635 | sender->flags |= IP_CT_TCP_FLAG_DATA_UNACKNOWLEDGED; |
636 | } | 636 | } |
637 | if (tcph->ack) { | ||
638 | if (!(sender->flags & IP_CT_TCP_FLAG_MAXACK_SET)) { | ||
639 | sender->td_maxack = ack; | ||
640 | sender->flags |= IP_CT_TCP_FLAG_MAXACK_SET; | ||
641 | } else if (after(ack, sender->td_maxack)) | ||
642 | sender->td_maxack = ack; | ||
643 | } | ||
644 | |||
637 | /* | 645 | /* |
638 | * Update receiver data. | 646 | * Update receiver data. |
639 | */ | 647 | */ |
@@ -919,6 +927,16 @@ static int tcp_packet(struct nf_conn *ct, | |||
919 | return -NF_ACCEPT; | 927 | return -NF_ACCEPT; |
920 | case TCP_CONNTRACK_CLOSE: | 928 | case TCP_CONNTRACK_CLOSE: |
921 | if (index == TCP_RST_SET | 929 | if (index == TCP_RST_SET |
930 | && (ct->proto.tcp.seen[!dir].flags & IP_CT_TCP_FLAG_MAXACK_SET) | ||
931 | && before(ntohl(th->seq), ct->proto.tcp.seen[!dir].td_maxack)) { | ||
932 | /* Invalid RST */ | ||
933 | write_unlock_bh(&tcp_lock); | ||
934 | if (LOG_INVALID(net, IPPROTO_TCP)) | ||
935 | nf_log_packet(pf, 0, skb, NULL, NULL, NULL, | ||
936 | "nf_ct_tcp: invalid RST "); | ||
937 | return -NF_ACCEPT; | ||
938 | } | ||
939 | if (index == TCP_RST_SET | ||
922 | && ((test_bit(IPS_SEEN_REPLY_BIT, &ct->status) | 940 | && ((test_bit(IPS_SEEN_REPLY_BIT, &ct->status) |
923 | && ct->proto.tcp.last_index == TCP_SYN_SET) | 941 | && ct->proto.tcp.last_index == TCP_SYN_SET) |
924 | || (!test_bit(IPS_ASSURED_BIT, &ct->status) | 942 | || (!test_bit(IPS_ASSURED_BIT, &ct->status) |
diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c index fd326ac27ec8..66a6dd5c519a 100644 --- a/net/netfilter/nfnetlink_log.c +++ b/net/netfilter/nfnetlink_log.c | |||
@@ -581,6 +581,12 @@ nfulnl_log_packet(u_int8_t pf, | |||
581 | + nla_total_size(sizeof(struct nfulnl_msg_packet_hw)) | 581 | + nla_total_size(sizeof(struct nfulnl_msg_packet_hw)) |
582 | + nla_total_size(sizeof(struct nfulnl_msg_packet_timestamp)); | 582 | + nla_total_size(sizeof(struct nfulnl_msg_packet_timestamp)); |
583 | 583 | ||
584 | if (in && skb_mac_header_was_set(skb)) { | ||
585 | size += nla_total_size(skb->dev->hard_header_len) | ||
586 | + nla_total_size(sizeof(u_int16_t)) /* hwtype */ | ||
587 | + nla_total_size(sizeof(u_int16_t)); /* hwlen */ | ||
588 | } | ||
589 | |||
584 | spin_lock_bh(&inst->lock); | 590 | spin_lock_bh(&inst->lock); |
585 | 591 | ||
586 | if (inst->flags & NFULNL_CFG_F_SEQ) | 592 | if (inst->flags & NFULNL_CFG_F_SEQ) |
diff --git a/net/netfilter/xt_hashlimit.c b/net/netfilter/xt_hashlimit.c index a5b5369c30f9..219dcdbe388c 100644 --- a/net/netfilter/xt_hashlimit.c +++ b/net/netfilter/xt_hashlimit.c | |||
@@ -926,7 +926,7 @@ static int dl_seq_show(struct seq_file *s, void *v) | |||
926 | if (!hlist_empty(&htable->hash[*bucket])) { | 926 | if (!hlist_empty(&htable->hash[*bucket])) { |
927 | hlist_for_each_entry(ent, pos, &htable->hash[*bucket], node) | 927 | hlist_for_each_entry(ent, pos, &htable->hash[*bucket], node) |
928 | if (dl_seq_real_show(ent, htable->family, s)) | 928 | if (dl_seq_real_show(ent, htable->family, s)) |
929 | return 1; | 929 | return -1; |
930 | } | 930 | } |
931 | return 0; | 931 | return 0; |
932 | } | 932 | } |
diff --git a/net/sched/cls_api.c b/net/sched/cls_api.c index 0759f32e9dca..09cdcdfe7e91 100644 --- a/net/sched/cls_api.c +++ b/net/sched/cls_api.c | |||
@@ -135,6 +135,7 @@ static int tc_ctl_tfilter(struct sk_buff *skb, struct nlmsghdr *n, void *arg) | |||
135 | unsigned long cl; | 135 | unsigned long cl; |
136 | unsigned long fh; | 136 | unsigned long fh; |
137 | int err; | 137 | int err; |
138 | int tp_created = 0; | ||
138 | 139 | ||
139 | if (net != &init_net) | 140 | if (net != &init_net) |
140 | return -EINVAL; | 141 | return -EINVAL; |
@@ -266,10 +267,7 @@ replay: | |||
266 | goto errout; | 267 | goto errout; |
267 | } | 268 | } |
268 | 269 | ||
269 | spin_lock_bh(root_lock); | 270 | tp_created = 1; |
270 | tp->next = *back; | ||
271 | *back = tp; | ||
272 | spin_unlock_bh(root_lock); | ||
273 | 271 | ||
274 | } else if (tca[TCA_KIND] && nla_strcmp(tca[TCA_KIND], tp->ops->kind)) | 272 | } else if (tca[TCA_KIND] && nla_strcmp(tca[TCA_KIND], tp->ops->kind)) |
275 | goto errout; | 273 | goto errout; |
@@ -296,8 +294,11 @@ replay: | |||
296 | switch (n->nlmsg_type) { | 294 | switch (n->nlmsg_type) { |
297 | case RTM_NEWTFILTER: | 295 | case RTM_NEWTFILTER: |
298 | err = -EEXIST; | 296 | err = -EEXIST; |
299 | if (n->nlmsg_flags & NLM_F_EXCL) | 297 | if (n->nlmsg_flags & NLM_F_EXCL) { |
298 | if (tp_created) | ||
299 | tcf_destroy(tp); | ||
300 | goto errout; | 300 | goto errout; |
301 | } | ||
301 | break; | 302 | break; |
302 | case RTM_DELTFILTER: | 303 | case RTM_DELTFILTER: |
303 | err = tp->ops->delete(tp, fh); | 304 | err = tp->ops->delete(tp, fh); |
@@ -314,8 +315,18 @@ replay: | |||
314 | } | 315 | } |
315 | 316 | ||
316 | err = tp->ops->change(tp, cl, t->tcm_handle, tca, &fh); | 317 | err = tp->ops->change(tp, cl, t->tcm_handle, tca, &fh); |
317 | if (err == 0) | 318 | if (err == 0) { |
319 | if (tp_created) { | ||
320 | spin_lock_bh(root_lock); | ||
321 | tp->next = *back; | ||
322 | *back = tp; | ||
323 | spin_unlock_bh(root_lock); | ||
324 | } | ||
318 | tfilter_notify(skb, n, tp, fh, RTM_NEWTFILTER); | 325 | tfilter_notify(skb, n, tp, fh, RTM_NEWTFILTER); |
326 | } else { | ||
327 | if (tp_created) | ||
328 | tcf_destroy(tp); | ||
329 | } | ||
319 | 330 | ||
320 | errout: | 331 | errout: |
321 | if (cl) | 332 | if (cl) |
diff --git a/net/sched/cls_cgroup.c b/net/sched/cls_cgroup.c index 1ab4542e61e0..0f815cc6a3db 100644 --- a/net/sched/cls_cgroup.c +++ b/net/sched/cls_cgroup.c | |||
@@ -98,8 +98,7 @@ static int cls_cgroup_classify(struct sk_buff *skb, struct tcf_proto *tp, | |||
98 | struct tcf_result *res) | 98 | struct tcf_result *res) |
99 | { | 99 | { |
100 | struct cls_cgroup_head *head = tp->root; | 100 | struct cls_cgroup_head *head = tp->root; |
101 | struct cgroup_cls_state *cs; | 101 | u32 classid; |
102 | int ret = 0; | ||
103 | 102 | ||
104 | /* | 103 | /* |
105 | * Due to the nature of the classifier it is required to ignore all | 104 | * Due to the nature of the classifier it is required to ignore all |
@@ -115,17 +114,18 @@ static int cls_cgroup_classify(struct sk_buff *skb, struct tcf_proto *tp, | |||
115 | return -1; | 114 | return -1; |
116 | 115 | ||
117 | rcu_read_lock(); | 116 | rcu_read_lock(); |
118 | cs = task_cls_state(current); | 117 | classid = task_cls_state(current)->classid; |
119 | if (cs->classid && tcf_em_tree_match(skb, &head->ematches, NULL)) { | ||
120 | res->classid = cs->classid; | ||
121 | res->class = 0; | ||
122 | ret = tcf_exts_exec(skb, &head->exts, res); | ||
123 | } else | ||
124 | ret = -1; | ||
125 | |||
126 | rcu_read_unlock(); | 118 | rcu_read_unlock(); |
127 | 119 | ||
128 | return ret; | 120 | if (!classid) |
121 | return -1; | ||
122 | |||
123 | if (!tcf_em_tree_match(skb, &head->ematches, NULL)) | ||
124 | return -1; | ||
125 | |||
126 | res->classid = classid; | ||
127 | res->class = 0; | ||
128 | return tcf_exts_exec(skb, &head->exts, res); | ||
129 | } | 129 | } |
130 | 130 | ||
131 | static unsigned long cls_cgroup_get(struct tcf_proto *tp, u32 handle) | 131 | static unsigned long cls_cgroup_get(struct tcf_proto *tp, u32 handle) |