aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
Diffstat (limited to 'net')
-rw-r--r--net/core/pktgen.c3
-rw-r--r--net/dcb/dcbnl.c16
-rw-r--r--net/ipv4/ah4.c2
-rw-r--r--net/ipv4/esp4.c2
-rw-r--r--net/ipv4/ip_gre.c2
-rw-r--r--net/ipv4/ipcomp.c6
-rw-r--r--net/ipv4/sysctl_net_ipv4.c14
-rw-r--r--net/ipv4/tcp.c14
-rw-r--r--net/ipv4/tcp_input.c12
-rw-r--r--net/ipv4/tcp_timer.c21
-rw-r--r--net/ipv6/ah6.c2
-rw-r--r--net/ipv6/esp6.c2
-rw-r--r--net/ipv6/exthdrs.c2
-rw-r--r--net/ipv6/icmp.c10
-rw-r--r--net/ipv6/ip6_fib.c17
-rw-r--r--net/ipv6/ip6_input.c3
-rw-r--r--net/ipv6/ip6_output.c11
-rw-r--r--net/ipv6/ip6_tunnel.c6
-rw-r--r--net/ipv6/ipcomp6.c6
-rw-r--r--net/ipv6/mip6.c2
-rw-r--r--net/ipv6/netfilter/ip6t_REJECT.c2
-rw-r--r--net/ipv6/reassembly.c2
-rw-r--r--net/ipv6/route.c4
-rw-r--r--net/ipv6/sit.c2
-rw-r--r--net/ipv6/tunnel6.c4
-rw-r--r--net/ipv6/udp.c5
-rw-r--r--net/ipv6/xfrm6_input.c2
-rw-r--r--net/ipv6/xfrm6_output.c2
-rw-r--r--net/irda/irnetlink.c2
-rw-r--r--net/key/af_key.c129
-rw-r--r--net/netfilter/ipvs/ip_vs_core.c5
-rw-r--r--net/netfilter/ipvs/ip_vs_xmit.c10
-rw-r--r--net/packet/af_packet.c62
-rw-r--r--net/unix/af_unix.c2
-rw-r--r--net/wimax/op-msg.c3
-rw-r--r--net/wimax/op-reset.c3
-rw-r--r--net/wimax/op-rfkill.c3
-rw-r--r--net/wimax/op-state-get.c3
-rw-r--r--net/wimax/stack.c3
-rw-r--r--net/wireless/nl80211.c14
-rw-r--r--net/xfrm/xfrm_input.c2
-rw-r--r--net/xfrm/xfrm_policy.c37
-rw-r--r--net/xfrm/xfrm_proc.c1
-rw-r--r--net/xfrm/xfrm_state.c78
-rw-r--r--net/xfrm/xfrm_user.c107
45 files changed, 388 insertions, 252 deletions
diff --git a/net/core/pktgen.c b/net/core/pktgen.c
index 2e692afdc55d..43923811bd6a 100644
--- a/net/core/pktgen.c
+++ b/net/core/pktgen.c
@@ -2188,12 +2188,13 @@ static inline int f_pick(struct pktgen_dev *pkt_dev)
2188/* If there was already an IPSEC SA, we keep it as is, else 2188/* If there was already an IPSEC SA, we keep it as is, else
2189 * we go look for it ... 2189 * we go look for it ...
2190*/ 2190*/
2191#define DUMMY_MARK 0
2191static void get_ipsec_sa(struct pktgen_dev *pkt_dev, int flow) 2192static void get_ipsec_sa(struct pktgen_dev *pkt_dev, int flow)
2192{ 2193{
2193 struct xfrm_state *x = pkt_dev->flows[flow].x; 2194 struct xfrm_state *x = pkt_dev->flows[flow].x;
2194 if (!x) { 2195 if (!x) {
2195 /*slow path: we dont already have xfrm_state*/ 2196 /*slow path: we dont already have xfrm_state*/
2196 x = xfrm_stateonly_find(&init_net, 2197 x = xfrm_stateonly_find(&init_net, DUMMY_MARK,
2197 (xfrm_address_t *)&pkt_dev->cur_daddr, 2198 (xfrm_address_t *)&pkt_dev->cur_daddr,
2198 (xfrm_address_t *)&pkt_dev->cur_saddr, 2199 (xfrm_address_t *)&pkt_dev->cur_saddr,
2199 AF_INET, 2200 AF_INET,
diff --git a/net/dcb/dcbnl.c b/net/dcb/dcbnl.c
index db9f5b39388f..813e399220a7 100644
--- a/net/dcb/dcbnl.c
+++ b/net/dcb/dcbnl.c
@@ -54,7 +54,7 @@ MODULE_LICENSE("GPL");
54/**************** DCB attribute policies *************************************/ 54/**************** DCB attribute policies *************************************/
55 55
56/* DCB netlink attributes policy */ 56/* DCB netlink attributes policy */
57static struct nla_policy dcbnl_rtnl_policy[DCB_ATTR_MAX + 1] = { 57static const struct nla_policy dcbnl_rtnl_policy[DCB_ATTR_MAX + 1] = {
58 [DCB_ATTR_IFNAME] = {.type = NLA_NUL_STRING, .len = IFNAMSIZ - 1}, 58 [DCB_ATTR_IFNAME] = {.type = NLA_NUL_STRING, .len = IFNAMSIZ - 1},
59 [DCB_ATTR_STATE] = {.type = NLA_U8}, 59 [DCB_ATTR_STATE] = {.type = NLA_U8},
60 [DCB_ATTR_PFC_CFG] = {.type = NLA_NESTED}, 60 [DCB_ATTR_PFC_CFG] = {.type = NLA_NESTED},
@@ -68,7 +68,7 @@ static struct nla_policy dcbnl_rtnl_policy[DCB_ATTR_MAX + 1] = {
68}; 68};
69 69
70/* DCB priority flow control to User Priority nested attributes */ 70/* DCB priority flow control to User Priority nested attributes */
71static struct nla_policy dcbnl_pfc_up_nest[DCB_PFC_UP_ATTR_MAX + 1] = { 71static const struct nla_policy dcbnl_pfc_up_nest[DCB_PFC_UP_ATTR_MAX + 1] = {
72 [DCB_PFC_UP_ATTR_0] = {.type = NLA_U8}, 72 [DCB_PFC_UP_ATTR_0] = {.type = NLA_U8},
73 [DCB_PFC_UP_ATTR_1] = {.type = NLA_U8}, 73 [DCB_PFC_UP_ATTR_1] = {.type = NLA_U8},
74 [DCB_PFC_UP_ATTR_2] = {.type = NLA_U8}, 74 [DCB_PFC_UP_ATTR_2] = {.type = NLA_U8},
@@ -81,7 +81,7 @@ static struct nla_policy dcbnl_pfc_up_nest[DCB_PFC_UP_ATTR_MAX + 1] = {
81}; 81};
82 82
83/* DCB priority grouping nested attributes */ 83/* DCB priority grouping nested attributes */
84static struct nla_policy dcbnl_pg_nest[DCB_PG_ATTR_MAX + 1] = { 84static const struct nla_policy dcbnl_pg_nest[DCB_PG_ATTR_MAX + 1] = {
85 [DCB_PG_ATTR_TC_0] = {.type = NLA_NESTED}, 85 [DCB_PG_ATTR_TC_0] = {.type = NLA_NESTED},
86 [DCB_PG_ATTR_TC_1] = {.type = NLA_NESTED}, 86 [DCB_PG_ATTR_TC_1] = {.type = NLA_NESTED},
87 [DCB_PG_ATTR_TC_2] = {.type = NLA_NESTED}, 87 [DCB_PG_ATTR_TC_2] = {.type = NLA_NESTED},
@@ -103,7 +103,7 @@ static struct nla_policy dcbnl_pg_nest[DCB_PG_ATTR_MAX + 1] = {
103}; 103};
104 104
105/* DCB traffic class nested attributes. */ 105/* DCB traffic class nested attributes. */
106static struct nla_policy dcbnl_tc_param_nest[DCB_TC_ATTR_PARAM_MAX + 1] = { 106static const struct nla_policy dcbnl_tc_param_nest[DCB_TC_ATTR_PARAM_MAX + 1] = {
107 [DCB_TC_ATTR_PARAM_PGID] = {.type = NLA_U8}, 107 [DCB_TC_ATTR_PARAM_PGID] = {.type = NLA_U8},
108 [DCB_TC_ATTR_PARAM_UP_MAPPING] = {.type = NLA_U8}, 108 [DCB_TC_ATTR_PARAM_UP_MAPPING] = {.type = NLA_U8},
109 [DCB_TC_ATTR_PARAM_STRICT_PRIO] = {.type = NLA_U8}, 109 [DCB_TC_ATTR_PARAM_STRICT_PRIO] = {.type = NLA_U8},
@@ -112,7 +112,7 @@ static struct nla_policy dcbnl_tc_param_nest[DCB_TC_ATTR_PARAM_MAX + 1] = {
112}; 112};
113 113
114/* DCB capabilities nested attributes. */ 114/* DCB capabilities nested attributes. */
115static struct nla_policy dcbnl_cap_nest[DCB_CAP_ATTR_MAX + 1] = { 115static const struct nla_policy dcbnl_cap_nest[DCB_CAP_ATTR_MAX + 1] = {
116 [DCB_CAP_ATTR_ALL] = {.type = NLA_FLAG}, 116 [DCB_CAP_ATTR_ALL] = {.type = NLA_FLAG},
117 [DCB_CAP_ATTR_PG] = {.type = NLA_U8}, 117 [DCB_CAP_ATTR_PG] = {.type = NLA_U8},
118 [DCB_CAP_ATTR_PFC] = {.type = NLA_U8}, 118 [DCB_CAP_ATTR_PFC] = {.type = NLA_U8},
@@ -124,14 +124,14 @@ static struct nla_policy dcbnl_cap_nest[DCB_CAP_ATTR_MAX + 1] = {
124}; 124};
125 125
126/* DCB capabilities nested attributes. */ 126/* DCB capabilities nested attributes. */
127static struct nla_policy dcbnl_numtcs_nest[DCB_NUMTCS_ATTR_MAX + 1] = { 127static const struct nla_policy dcbnl_numtcs_nest[DCB_NUMTCS_ATTR_MAX + 1] = {
128 [DCB_NUMTCS_ATTR_ALL] = {.type = NLA_FLAG}, 128 [DCB_NUMTCS_ATTR_ALL] = {.type = NLA_FLAG},
129 [DCB_NUMTCS_ATTR_PG] = {.type = NLA_U8}, 129 [DCB_NUMTCS_ATTR_PG] = {.type = NLA_U8},
130 [DCB_NUMTCS_ATTR_PFC] = {.type = NLA_U8}, 130 [DCB_NUMTCS_ATTR_PFC] = {.type = NLA_U8},
131}; 131};
132 132
133/* DCB BCN nested attributes. */ 133/* DCB BCN nested attributes. */
134static struct nla_policy dcbnl_bcn_nest[DCB_BCN_ATTR_MAX + 1] = { 134static const struct nla_policy dcbnl_bcn_nest[DCB_BCN_ATTR_MAX + 1] = {
135 [DCB_BCN_ATTR_RP_0] = {.type = NLA_U8}, 135 [DCB_BCN_ATTR_RP_0] = {.type = NLA_U8},
136 [DCB_BCN_ATTR_RP_1] = {.type = NLA_U8}, 136 [DCB_BCN_ATTR_RP_1] = {.type = NLA_U8},
137 [DCB_BCN_ATTR_RP_2] = {.type = NLA_U8}, 137 [DCB_BCN_ATTR_RP_2] = {.type = NLA_U8},
@@ -160,7 +160,7 @@ static struct nla_policy dcbnl_bcn_nest[DCB_BCN_ATTR_MAX + 1] = {
160}; 160};
161 161
162/* DCB APP nested attributes. */ 162/* DCB APP nested attributes. */
163static struct nla_policy dcbnl_app_nest[DCB_APP_ATTR_MAX + 1] = { 163static const struct nla_policy dcbnl_app_nest[DCB_APP_ATTR_MAX + 1] = {
164 [DCB_APP_ATTR_IDTYPE] = {.type = NLA_U8}, 164 [DCB_APP_ATTR_IDTYPE] = {.type = NLA_U8},
165 [DCB_APP_ATTR_ID] = {.type = NLA_U16}, 165 [DCB_APP_ATTR_ID] = {.type = NLA_U16},
166 [DCB_APP_ATTR_PRIORITY] = {.type = NLA_U8}, 166 [DCB_APP_ATTR_PRIORITY] = {.type = NLA_U8},
diff --git a/net/ipv4/ah4.c b/net/ipv4/ah4.c
index 7ed3e4ae93ae..987b47dc69ad 100644
--- a/net/ipv4/ah4.c
+++ b/net/ipv4/ah4.c
@@ -393,7 +393,7 @@ static void ah4_err(struct sk_buff *skb, u32 info)
393 icmp_hdr(skb)->code != ICMP_FRAG_NEEDED) 393 icmp_hdr(skb)->code != ICMP_FRAG_NEEDED)
394 return; 394 return;
395 395
396 x = xfrm_state_lookup(net, (xfrm_address_t *)&iph->daddr, ah->spi, IPPROTO_AH, AF_INET); 396 x = xfrm_state_lookup(net, skb->mark, (xfrm_address_t *)&iph->daddr, ah->spi, IPPROTO_AH, AF_INET);
397 if (!x) 397 if (!x)
398 return; 398 return;
399 printk(KERN_DEBUG "pmtu discovery on SA AH/%08x/%08x\n", 399 printk(KERN_DEBUG "pmtu discovery on SA AH/%08x/%08x\n",
diff --git a/net/ipv4/esp4.c b/net/ipv4/esp4.c
index 1948895beb6d..14ca1f1c3fb0 100644
--- a/net/ipv4/esp4.c
+++ b/net/ipv4/esp4.c
@@ -422,7 +422,7 @@ static void esp4_err(struct sk_buff *skb, u32 info)
422 icmp_hdr(skb)->code != ICMP_FRAG_NEEDED) 422 icmp_hdr(skb)->code != ICMP_FRAG_NEEDED)
423 return; 423 return;
424 424
425 x = xfrm_state_lookup(net, (xfrm_address_t *)&iph->daddr, esph->spi, IPPROTO_ESP, AF_INET); 425 x = xfrm_state_lookup(net, skb->mark, (xfrm_address_t *)&iph->daddr, esph->spi, IPPROTO_ESP, AF_INET);
426 if (!x) 426 if (!x)
427 return; 427 return;
428 NETDEBUG(KERN_DEBUG "pmtu discovery on SA ESP/%08x/%08x\n", 428 NETDEBUG(KERN_DEBUG "pmtu discovery on SA ESP/%08x/%08x\n",
diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c
index a2a5983dbf03..c0c5274d0271 100644
--- a/net/ipv4/ip_gre.c
+++ b/net/ipv4/ip_gre.c
@@ -793,7 +793,7 @@ static netdev_tx_t ipgre_tunnel_xmit(struct sk_buff *skb, struct net_device *dev
793 } 793 }
794 794
795 if (mtu >= IPV6_MIN_MTU && mtu < skb->len - tunnel->hlen + gre_hlen) { 795 if (mtu >= IPV6_MIN_MTU && mtu < skb->len - tunnel->hlen + gre_hlen) {
796 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, dev); 796 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
797 ip_rt_put(rt); 797 ip_rt_put(rt);
798 goto tx_error; 798 goto tx_error;
799 } 799 }
diff --git a/net/ipv4/ipcomp.c b/net/ipv4/ipcomp.c
index 83ed71500898..629067571f02 100644
--- a/net/ipv4/ipcomp.c
+++ b/net/ipv4/ipcomp.c
@@ -36,7 +36,7 @@ static void ipcomp4_err(struct sk_buff *skb, u32 info)
36 return; 36 return;
37 37
38 spi = htonl(ntohs(ipch->cpi)); 38 spi = htonl(ntohs(ipch->cpi));
39 x = xfrm_state_lookup(net, (xfrm_address_t *)&iph->daddr, 39 x = xfrm_state_lookup(net, skb->mark, (xfrm_address_t *)&iph->daddr,
40 spi, IPPROTO_COMP, AF_INET); 40 spi, IPPROTO_COMP, AF_INET);
41 if (!x) 41 if (!x)
42 return; 42 return;
@@ -63,6 +63,7 @@ static struct xfrm_state *ipcomp_tunnel_create(struct xfrm_state *x)
63 t->props.mode = x->props.mode; 63 t->props.mode = x->props.mode;
64 t->props.saddr.a4 = x->props.saddr.a4; 64 t->props.saddr.a4 = x->props.saddr.a4;
65 t->props.flags = x->props.flags; 65 t->props.flags = x->props.flags;
66 memcpy(&t->mark, &x->mark, sizeof(t->mark));
66 67
67 if (xfrm_init_state(t)) 68 if (xfrm_init_state(t))
68 goto error; 69 goto error;
@@ -87,8 +88,9 @@ static int ipcomp_tunnel_attach(struct xfrm_state *x)
87 struct net *net = xs_net(x); 88 struct net *net = xs_net(x);
88 int err = 0; 89 int err = 0;
89 struct xfrm_state *t; 90 struct xfrm_state *t;
91 u32 mark = x->mark.v & x->mark.m;
90 92
91 t = xfrm_state_lookup(net, (xfrm_address_t *)&x->id.daddr.a4, 93 t = xfrm_state_lookup(net, mark, (xfrm_address_t *)&x->id.daddr.a4,
92 x->props.saddr.a4, IPPROTO_IPIP, AF_INET); 94 x->props.saddr.a4, IPPROTO_IPIP, AF_INET);
93 if (!t) { 95 if (!t) {
94 t = ipcomp_tunnel_create(x); 96 t = ipcomp_tunnel_create(x);
diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c
index 7e3712ce3994..c1bc074f61b7 100644
--- a/net/ipv4/sysctl_net_ipv4.c
+++ b/net/ipv4/sysctl_net_ipv4.c
@@ -576,6 +576,20 @@ static struct ctl_table ipv4_table[] = {
576 .proc_handler = proc_dointvec 576 .proc_handler = proc_dointvec
577 }, 577 },
578 { 578 {
579 .procname = "tcp_thin_linear_timeouts",
580 .data = &sysctl_tcp_thin_linear_timeouts,
581 .maxlen = sizeof(int),
582 .mode = 0644,
583 .proc_handler = proc_dointvec
584 },
585 {
586 .procname = "tcp_thin_dupack",
587 .data = &sysctl_tcp_thin_dupack,
588 .maxlen = sizeof(int),
589 .mode = 0644,
590 .proc_handler = proc_dointvec
591 },
592 {
579 .procname = "udp_mem", 593 .procname = "udp_mem",
580 .data = &sysctl_udp_mem, 594 .data = &sysctl_udp_mem,
581 .maxlen = sizeof(sysctl_udp_mem), 595 .maxlen = sizeof(sysctl_udp_mem),
diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
index e471d037fcc9..5901010fad55 100644
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -2229,6 +2229,20 @@ static int do_tcp_setsockopt(struct sock *sk, int level,
2229 } 2229 }
2230 break; 2230 break;
2231 2231
2232 case TCP_THIN_LINEAR_TIMEOUTS:
2233 if (val < 0 || val > 1)
2234 err = -EINVAL;
2235 else
2236 tp->thin_lto = val;
2237 break;
2238
2239 case TCP_THIN_DUPACK:
2240 if (val < 0 || val > 1)
2241 err = -EINVAL;
2242 else
2243 tp->thin_dupack = val;
2244 break;
2245
2232 case TCP_CORK: 2246 case TCP_CORK:
2233 /* When set indicates to always queue non-full frames. 2247 /* When set indicates to always queue non-full frames.
2234 * Later the user clears this option and we transmit 2248 * Later the user clears this option and we transmit
diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c
index 3fddc69ccccc..788851ca8c5d 100644
--- a/net/ipv4/tcp_input.c
+++ b/net/ipv4/tcp_input.c
@@ -89,6 +89,8 @@ int sysctl_tcp_frto __read_mostly = 2;
89int sysctl_tcp_frto_response __read_mostly; 89int sysctl_tcp_frto_response __read_mostly;
90int sysctl_tcp_nometrics_save __read_mostly; 90int sysctl_tcp_nometrics_save __read_mostly;
91 91
92int sysctl_tcp_thin_dupack __read_mostly;
93
92int sysctl_tcp_moderate_rcvbuf __read_mostly = 1; 94int sysctl_tcp_moderate_rcvbuf __read_mostly = 1;
93int sysctl_tcp_abc __read_mostly; 95int sysctl_tcp_abc __read_mostly;
94 96
@@ -2447,6 +2449,16 @@ static int tcp_time_to_recover(struct sock *sk)
2447 return 1; 2449 return 1;
2448 } 2450 }
2449 2451
2452 /* If a thin stream is detected, retransmit after first
2453 * received dupack. Employ only if SACK is supported in order
2454 * to avoid possible corner-case series of spurious retransmissions
2455 * Use only if there are no unsent data.
2456 */
2457 if ((tp->thin_dupack || sysctl_tcp_thin_dupack) &&
2458 tcp_stream_is_thin(tp) && tcp_dupack_heuristics(tp) > 1 &&
2459 tcp_is_sack(tp) && !tcp_send_head(sk))
2460 return 1;
2461
2450 return 0; 2462 return 0;
2451} 2463}
2452 2464
diff --git a/net/ipv4/tcp_timer.c b/net/ipv4/tcp_timer.c
index de7d1bf9114f..a17629b8912e 100644
--- a/net/ipv4/tcp_timer.c
+++ b/net/ipv4/tcp_timer.c
@@ -29,6 +29,7 @@ int sysctl_tcp_keepalive_intvl __read_mostly = TCP_KEEPALIVE_INTVL;
29int sysctl_tcp_retries1 __read_mostly = TCP_RETR1; 29int sysctl_tcp_retries1 __read_mostly = TCP_RETR1;
30int sysctl_tcp_retries2 __read_mostly = TCP_RETR2; 30int sysctl_tcp_retries2 __read_mostly = TCP_RETR2;
31int sysctl_tcp_orphan_retries __read_mostly; 31int sysctl_tcp_orphan_retries __read_mostly;
32int sysctl_tcp_thin_linear_timeouts __read_mostly;
32 33
33static void tcp_write_timer(unsigned long); 34static void tcp_write_timer(unsigned long);
34static void tcp_delack_timer(unsigned long); 35static void tcp_delack_timer(unsigned long);
@@ -415,7 +416,25 @@ void tcp_retransmit_timer(struct sock *sk)
415 icsk->icsk_retransmits++; 416 icsk->icsk_retransmits++;
416 417
417out_reset_timer: 418out_reset_timer:
418 icsk->icsk_rto = min(icsk->icsk_rto << 1, TCP_RTO_MAX); 419 /* If stream is thin, use linear timeouts. Since 'icsk_backoff' is
420 * used to reset timer, set to 0. Recalculate 'icsk_rto' as this
421 * might be increased if the stream oscillates between thin and thick,
422 * thus the old value might already be too high compared to the value
423 * set by 'tcp_set_rto' in tcp_input.c which resets the rto without
424 * backoff. Limit to TCP_THIN_LINEAR_RETRIES before initiating
425 * exponential backoff behaviour to avoid continue hammering
426 * linear-timeout retransmissions into a black hole
427 */
428 if (sk->sk_state == TCP_ESTABLISHED &&
429 (tp->thin_lto || sysctl_tcp_thin_linear_timeouts) &&
430 tcp_stream_is_thin(tp) &&
431 icsk->icsk_retransmits <= TCP_THIN_LINEAR_RETRIES) {
432 icsk->icsk_backoff = 0;
433 icsk->icsk_rto = min(__tcp_set_rto(tp), TCP_RTO_MAX);
434 } else {
435 /* Use normal (exponential) backoff */
436 icsk->icsk_rto = min(icsk->icsk_rto << 1, TCP_RTO_MAX);
437 }
419 inet_csk_reset_xmit_timer(sk, ICSK_TIME_RETRANS, icsk->icsk_rto, TCP_RTO_MAX); 438 inet_csk_reset_xmit_timer(sk, ICSK_TIME_RETRANS, icsk->icsk_rto, TCP_RTO_MAX);
420 if (retransmits_timed_out(sk, sysctl_tcp_retries1 + 1)) 439 if (retransmits_timed_out(sk, sysctl_tcp_retries1 + 1))
421 __sk_dst_reset(sk); 440 __sk_dst_reset(sk);
diff --git a/net/ipv6/ah6.c b/net/ipv6/ah6.c
index c2f300c314be..5ac89025f9de 100644
--- a/net/ipv6/ah6.c
+++ b/net/ipv6/ah6.c
@@ -614,7 +614,7 @@ static void ah6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
614 type != ICMPV6_PKT_TOOBIG) 614 type != ICMPV6_PKT_TOOBIG)
615 return; 615 return;
616 616
617 x = xfrm_state_lookup(net, (xfrm_address_t *)&iph->daddr, ah->spi, IPPROTO_AH, AF_INET6); 617 x = xfrm_state_lookup(net, skb->mark, (xfrm_address_t *)&iph->daddr, ah->spi, IPPROTO_AH, AF_INET6);
618 if (!x) 618 if (!x)
619 return; 619 return;
620 620
diff --git a/net/ipv6/esp6.c b/net/ipv6/esp6.c
index 668a46b655e6..ee9b93bdd6a2 100644
--- a/net/ipv6/esp6.c
+++ b/net/ipv6/esp6.c
@@ -365,7 +365,7 @@ static void esp6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
365 type != ICMPV6_PKT_TOOBIG) 365 type != ICMPV6_PKT_TOOBIG)
366 return; 366 return;
367 367
368 x = xfrm_state_lookup(net, (xfrm_address_t *)&iph->daddr, esph->spi, IPPROTO_ESP, AF_INET6); 368 x = xfrm_state_lookup(net, skb->mark, (xfrm_address_t *)&iph->daddr, esph->spi, IPPROTO_ESP, AF_INET6);
369 if (!x) 369 if (!x)
370 return; 370 return;
371 printk(KERN_DEBUG "pmtu discovery on SA ESP/%08x/%pI6\n", 371 printk(KERN_DEBUG "pmtu discovery on SA ESP/%08x/%pI6\n",
diff --git a/net/ipv6/exthdrs.c b/net/ipv6/exthdrs.c
index 4bac362b1335..074f2c084f9f 100644
--- a/net/ipv6/exthdrs.c
+++ b/net/ipv6/exthdrs.c
@@ -481,7 +481,7 @@ looped_back:
481 IP6_INC_STATS_BH(net, ip6_dst_idev(skb_dst(skb)), 481 IP6_INC_STATS_BH(net, ip6_dst_idev(skb_dst(skb)),
482 IPSTATS_MIB_INHDRERRORS); 482 IPSTATS_MIB_INHDRERRORS);
483 icmpv6_send(skb, ICMPV6_TIME_EXCEED, ICMPV6_EXC_HOPLIMIT, 483 icmpv6_send(skb, ICMPV6_TIME_EXCEED, ICMPV6_EXC_HOPLIMIT,
484 0, skb->dev); 484 0);
485 kfree_skb(skb); 485 kfree_skb(skb);
486 return -1; 486 return -1;
487 } 487 }
diff --git a/net/ipv6/icmp.c b/net/ipv6/icmp.c
index 217dbc2e28d4..eb9abe24bdf0 100644
--- a/net/ipv6/icmp.c
+++ b/net/ipv6/icmp.c
@@ -67,11 +67,6 @@
67#include <asm/uaccess.h> 67#include <asm/uaccess.h>
68#include <asm/system.h> 68#include <asm/system.h>
69 69
70DEFINE_SNMP_STAT(struct icmpv6_mib, icmpv6_statistics) __read_mostly;
71EXPORT_SYMBOL(icmpv6_statistics);
72DEFINE_SNMP_STAT(struct icmpv6msg_mib, icmpv6msg_statistics) __read_mostly;
73EXPORT_SYMBOL(icmpv6msg_statistics);
74
75/* 70/*
76 * The ICMP socket(s). This is the most convenient way to flow control 71 * The ICMP socket(s). This is the most convenient way to flow control
77 * our ICMP output as well as maintain a clean interface throughout 72 * our ICMP output as well as maintain a clean interface throughout
@@ -119,7 +114,7 @@ static __inline__ void icmpv6_xmit_unlock(struct sock *sk)
119 */ 114 */
120void icmpv6_param_prob(struct sk_buff *skb, u8 code, int pos) 115void icmpv6_param_prob(struct sk_buff *skb, u8 code, int pos)
121{ 116{
122 icmpv6_send(skb, ICMPV6_PARAMPROB, code, pos, skb->dev); 117 icmpv6_send(skb, ICMPV6_PARAMPROB, code, pos);
123 kfree_skb(skb); 118 kfree_skb(skb);
124} 119}
125 120
@@ -305,8 +300,7 @@ static inline void mip6_addr_swap(struct sk_buff *skb) {}
305/* 300/*
306 * Send an ICMP message in response to a packet in error 301 * Send an ICMP message in response to a packet in error
307 */ 302 */
308void icmpv6_send(struct sk_buff *skb, u8 type, u8 code, __u32 info, 303void icmpv6_send(struct sk_buff *skb, u8 type, u8 code, __u32 info)
309 struct net_device *dev)
310{ 304{
311 struct net *net = dev_net(skb->dev); 305 struct net *net = dev_net(skb->dev);
312 struct inet6_dev *idev = NULL; 306 struct inet6_dev *idev = NULL;
diff --git a/net/ipv6/ip6_fib.c b/net/ipv6/ip6_fib.c
index 77e122f53ea6..2f9847924fa5 100644
--- a/net/ipv6/ip6_fib.c
+++ b/net/ipv6/ip6_fib.c
@@ -93,29 +93,20 @@ static __u32 rt_sernum;
93 93
94static void fib6_gc_timer_cb(unsigned long arg); 94static void fib6_gc_timer_cb(unsigned long arg);
95 95
96static struct fib6_walker_t fib6_walker_list = { 96static LIST_HEAD(fib6_walkers);
97 .prev = &fib6_walker_list, 97#define FOR_WALKERS(w) list_for_each_entry(w, &fib6_walkers, lh)
98 .next = &fib6_walker_list,
99};
100
101#define FOR_WALKERS(w) for ((w)=fib6_walker_list.next; (w) != &fib6_walker_list; (w)=(w)->next)
102 98
103static inline void fib6_walker_link(struct fib6_walker_t *w) 99static inline void fib6_walker_link(struct fib6_walker_t *w)
104{ 100{
105 write_lock_bh(&fib6_walker_lock); 101 write_lock_bh(&fib6_walker_lock);
106 w->next = fib6_walker_list.next; 102 list_add(&w->lh, &fib6_walkers);
107 w->prev = &fib6_walker_list;
108 w->next->prev = w;
109 w->prev->next = w;
110 write_unlock_bh(&fib6_walker_lock); 103 write_unlock_bh(&fib6_walker_lock);
111} 104}
112 105
113static inline void fib6_walker_unlink(struct fib6_walker_t *w) 106static inline void fib6_walker_unlink(struct fib6_walker_t *w)
114{ 107{
115 write_lock_bh(&fib6_walker_lock); 108 write_lock_bh(&fib6_walker_lock);
116 w->next->prev = w->prev; 109 list_del(&w->lh);
117 w->prev->next = w->next;
118 w->prev = w->next = w;
119 write_unlock_bh(&fib6_walker_lock); 110 write_unlock_bh(&fib6_walker_lock);
120} 111}
121static __inline__ u32 fib6_new_sernum(void) 112static __inline__ u32 fib6_new_sernum(void)
diff --git a/net/ipv6/ip6_input.c b/net/ipv6/ip6_input.c
index 237e2dba6e94..e28f9203deca 100644
--- a/net/ipv6/ip6_input.c
+++ b/net/ipv6/ip6_input.c
@@ -216,8 +216,7 @@ resubmit:
216 IP6_INC_STATS_BH(net, idev, 216 IP6_INC_STATS_BH(net, idev,
217 IPSTATS_MIB_INUNKNOWNPROTOS); 217 IPSTATS_MIB_INUNKNOWNPROTOS);
218 icmpv6_send(skb, ICMPV6_PARAMPROB, 218 icmpv6_send(skb, ICMPV6_PARAMPROB,
219 ICMPV6_UNK_NEXTHDR, nhoff, 219 ICMPV6_UNK_NEXTHDR, nhoff);
220 skb->dev);
221 } 220 }
222 } else 221 } else
223 IP6_INC_STATS_BH(net, idev, IPSTATS_MIB_INDELIVERS); 222 IP6_INC_STATS_BH(net, idev, IPSTATS_MIB_INDELIVERS);
diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c
index eb6d09728633..1a5fe9ad1947 100644
--- a/net/ipv6/ip6_output.c
+++ b/net/ipv6/ip6_output.c
@@ -267,7 +267,7 @@ int ip6_xmit(struct sock *sk, struct sk_buff *skb, struct flowi *fl,
267 if (net_ratelimit()) 267 if (net_ratelimit())
268 printk(KERN_DEBUG "IPv6: sending pkt_too_big to self\n"); 268 printk(KERN_DEBUG "IPv6: sending pkt_too_big to self\n");
269 skb->dev = dst->dev; 269 skb->dev = dst->dev;
270 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, skb->dev); 270 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
271 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)), IPSTATS_MIB_FRAGFAILS); 271 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)), IPSTATS_MIB_FRAGFAILS);
272 kfree_skb(skb); 272 kfree_skb(skb);
273 return -EMSGSIZE; 273 return -EMSGSIZE;
@@ -441,8 +441,7 @@ int ip6_forward(struct sk_buff *skb)
441 if (hdr->hop_limit <= 1) { 441 if (hdr->hop_limit <= 1) {
442 /* Force OUTPUT device used as source address */ 442 /* Force OUTPUT device used as source address */
443 skb->dev = dst->dev; 443 skb->dev = dst->dev;
444 icmpv6_send(skb, ICMPV6_TIME_EXCEED, ICMPV6_EXC_HOPLIMIT, 444 icmpv6_send(skb, ICMPV6_TIME_EXCEED, ICMPV6_EXC_HOPLIMIT, 0);
445 0, skb->dev);
446 IP6_INC_STATS_BH(net, 445 IP6_INC_STATS_BH(net,
447 ip6_dst_idev(dst), IPSTATS_MIB_INHDRERRORS); 446 ip6_dst_idev(dst), IPSTATS_MIB_INHDRERRORS);
448 447
@@ -504,7 +503,7 @@ int ip6_forward(struct sk_buff *skb)
504 goto error; 503 goto error;
505 if (addrtype & IPV6_ADDR_LINKLOCAL) { 504 if (addrtype & IPV6_ADDR_LINKLOCAL) {
506 icmpv6_send(skb, ICMPV6_DEST_UNREACH, 505 icmpv6_send(skb, ICMPV6_DEST_UNREACH,
507 ICMPV6_NOT_NEIGHBOUR, 0, skb->dev); 506 ICMPV6_NOT_NEIGHBOUR, 0);
508 goto error; 507 goto error;
509 } 508 }
510 } 509 }
@@ -512,7 +511,7 @@ int ip6_forward(struct sk_buff *skb)
512 if (skb->len > dst_mtu(dst)) { 511 if (skb->len > dst_mtu(dst)) {
513 /* Again, force OUTPUT device used as source address */ 512 /* Again, force OUTPUT device used as source address */
514 skb->dev = dst->dev; 513 skb->dev = dst->dev;
515 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, dst_mtu(dst), skb->dev); 514 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, dst_mtu(dst));
516 IP6_INC_STATS_BH(net, 515 IP6_INC_STATS_BH(net,
517 ip6_dst_idev(dst), IPSTATS_MIB_INTOOBIGERRORS); 516 ip6_dst_idev(dst), IPSTATS_MIB_INTOOBIGERRORS);
518 IP6_INC_STATS_BH(net, 517 IP6_INC_STATS_BH(net,
@@ -627,7 +626,7 @@ static int ip6_fragment(struct sk_buff *skb, int (*output)(struct sk_buff *))
627 */ 626 */
628 if (!skb->local_df) { 627 if (!skb->local_df) {
629 skb->dev = skb_dst(skb)->dev; 628 skb->dev = skb_dst(skb)->dev;
630 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, skb->dev); 629 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
631 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)), 630 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)),
632 IPSTATS_MIB_FRAGFAILS); 631 IPSTATS_MIB_FRAGFAILS);
633 kfree_skb(skb); 632 kfree_skb(skb);
diff --git a/net/ipv6/ip6_tunnel.c b/net/ipv6/ip6_tunnel.c
index 9b02492d8706..138980eec214 100644
--- a/net/ipv6/ip6_tunnel.c
+++ b/net/ipv6/ip6_tunnel.c
@@ -622,7 +622,7 @@ ip6ip6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
622 if (rt && rt->rt6i_dev) 622 if (rt && rt->rt6i_dev)
623 skb2->dev = rt->rt6i_dev; 623 skb2->dev = rt->rt6i_dev;
624 624
625 icmpv6_send(skb2, rel_type, rel_code, rel_info, skb2->dev); 625 icmpv6_send(skb2, rel_type, rel_code, rel_info);
626 626
627 if (rt) 627 if (rt)
628 dst_release(&rt->u.dst); 628 dst_release(&rt->u.dst);
@@ -1014,7 +1014,7 @@ ip6ip6_tnl_xmit(struct sk_buff *skb, struct net_device *dev)
1014 tel = (struct ipv6_tlv_tnl_enc_lim *)&skb_network_header(skb)[offset]; 1014 tel = (struct ipv6_tlv_tnl_enc_lim *)&skb_network_header(skb)[offset];
1015 if (tel->encap_limit == 0) { 1015 if (tel->encap_limit == 0) {
1016 icmpv6_send(skb, ICMPV6_PARAMPROB, 1016 icmpv6_send(skb, ICMPV6_PARAMPROB,
1017 ICMPV6_HDR_FIELD, offset + 2, skb->dev); 1017 ICMPV6_HDR_FIELD, offset + 2);
1018 return -1; 1018 return -1;
1019 } 1019 }
1020 encap_limit = tel->encap_limit - 1; 1020 encap_limit = tel->encap_limit - 1;
@@ -1033,7 +1033,7 @@ ip6ip6_tnl_xmit(struct sk_buff *skb, struct net_device *dev)
1033 err = ip6_tnl_xmit2(skb, dev, dsfield, &fl, encap_limit, &mtu); 1033 err = ip6_tnl_xmit2(skb, dev, dsfield, &fl, encap_limit, &mtu);
1034 if (err != 0) { 1034 if (err != 0) {
1035 if (err == -EMSGSIZE) 1035 if (err == -EMSGSIZE)
1036 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, dev); 1036 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
1037 return -1; 1037 return -1;
1038 } 1038 }
1039 1039
diff --git a/net/ipv6/ipcomp6.c b/net/ipv6/ipcomp6.c
index bb42f39c1db8..85cccd6ed0b7 100644
--- a/net/ipv6/ipcomp6.c
+++ b/net/ipv6/ipcomp6.c
@@ -64,7 +64,7 @@ static void ipcomp6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
64 return; 64 return;
65 65
66 spi = htonl(ntohs(ipcomph->cpi)); 66 spi = htonl(ntohs(ipcomph->cpi));
67 x = xfrm_state_lookup(net, (xfrm_address_t *)&iph->daddr, spi, IPPROTO_COMP, AF_INET6); 67 x = xfrm_state_lookup(net, skb->mark, (xfrm_address_t *)&iph->daddr, spi, IPPROTO_COMP, AF_INET6);
68 if (!x) 68 if (!x)
69 return; 69 return;
70 70
@@ -92,6 +92,7 @@ static struct xfrm_state *ipcomp6_tunnel_create(struct xfrm_state *x)
92 t->props.family = AF_INET6; 92 t->props.family = AF_INET6;
93 t->props.mode = x->props.mode; 93 t->props.mode = x->props.mode;
94 memcpy(t->props.saddr.a6, x->props.saddr.a6, sizeof(struct in6_addr)); 94 memcpy(t->props.saddr.a6, x->props.saddr.a6, sizeof(struct in6_addr));
95 memcpy(&t->mark, &x->mark, sizeof(t->mark));
95 96
96 if (xfrm_init_state(t)) 97 if (xfrm_init_state(t))
97 goto error; 98 goto error;
@@ -114,10 +115,11 @@ static int ipcomp6_tunnel_attach(struct xfrm_state *x)
114 int err = 0; 115 int err = 0;
115 struct xfrm_state *t = NULL; 116 struct xfrm_state *t = NULL;
116 __be32 spi; 117 __be32 spi;
118 u32 mark = x->mark.m & x->mark.v;
117 119
118 spi = xfrm6_tunnel_spi_lookup(net, (xfrm_address_t *)&x->props.saddr); 120 spi = xfrm6_tunnel_spi_lookup(net, (xfrm_address_t *)&x->props.saddr);
119 if (spi) 121 if (spi)
120 t = xfrm_state_lookup(net, (xfrm_address_t *)&x->id.daddr, 122 t = xfrm_state_lookup(net, mark, (xfrm_address_t *)&x->id.daddr,
121 spi, IPPROTO_IPV6, AF_INET6); 123 spi, IPPROTO_IPV6, AF_INET6);
122 if (!t) { 124 if (!t) {
123 t = ipcomp6_tunnel_create(x); 125 t = ipcomp6_tunnel_create(x);
diff --git a/net/ipv6/mip6.c b/net/ipv6/mip6.c
index f797e8c6f3b3..2794b6002836 100644
--- a/net/ipv6/mip6.c
+++ b/net/ipv6/mip6.c
@@ -56,7 +56,7 @@ static inline void *mip6_padn(__u8 *data, __u8 padlen)
56 56
57static inline void mip6_param_prob(struct sk_buff *skb, u8 code, int pos) 57static inline void mip6_param_prob(struct sk_buff *skb, u8 code, int pos)
58{ 58{
59 icmpv6_send(skb, ICMPV6_PARAMPROB, code, pos, skb->dev); 59 icmpv6_send(skb, ICMPV6_PARAMPROB, code, pos);
60} 60}
61 61
62static int mip6_mh_len(int type) 62static int mip6_mh_len(int type)
diff --git a/net/ipv6/netfilter/ip6t_REJECT.c b/net/ipv6/netfilter/ip6t_REJECT.c
index 8311ca31816a..dd8afbaf00a8 100644
--- a/net/ipv6/netfilter/ip6t_REJECT.c
+++ b/net/ipv6/netfilter/ip6t_REJECT.c
@@ -169,7 +169,7 @@ send_unreach(struct net *net, struct sk_buff *skb_in, unsigned char code,
169 if (hooknum == NF_INET_LOCAL_OUT && skb_in->dev == NULL) 169 if (hooknum == NF_INET_LOCAL_OUT && skb_in->dev == NULL)
170 skb_in->dev = net->loopback_dev; 170 skb_in->dev = net->loopback_dev;
171 171
172 icmpv6_send(skb_in, ICMPV6_DEST_UNREACH, code, 0, NULL); 172 icmpv6_send(skb_in, ICMPV6_DEST_UNREACH, code, 0);
173} 173}
174 174
175static unsigned int 175static unsigned int
diff --git a/net/ipv6/reassembly.c b/net/ipv6/reassembly.c
index b2847ed6a7d9..a555156e9779 100644
--- a/net/ipv6/reassembly.c
+++ b/net/ipv6/reassembly.c
@@ -228,7 +228,7 @@ static void ip6_frag_expire(unsigned long data)
228 pointer directly, device might already disappeared. 228 pointer directly, device might already disappeared.
229 */ 229 */
230 fq->q.fragments->dev = dev; 230 fq->q.fragments->dev = dev;
231 icmpv6_send(fq->q.fragments, ICMPV6_TIME_EXCEED, ICMPV6_EXC_FRAGTIME, 0, dev); 231 icmpv6_send(fq->q.fragments, ICMPV6_TIME_EXCEED, ICMPV6_EXC_FRAGTIME, 0);
232out_rcu_unlock: 232out_rcu_unlock:
233 rcu_read_unlock(); 233 rcu_read_unlock();
234out: 234out:
diff --git a/net/ipv6/route.c b/net/ipv6/route.c
index 8500156f2637..88c0a5c49ae8 100644
--- a/net/ipv6/route.c
+++ b/net/ipv6/route.c
@@ -909,7 +909,7 @@ static void ip6_link_failure(struct sk_buff *skb)
909{ 909{
910 struct rt6_info *rt; 910 struct rt6_info *rt;
911 911
912 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_ADDR_UNREACH, 0, skb->dev); 912 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_ADDR_UNREACH, 0);
913 913
914 rt = (struct rt6_info *) skb_dst(skb); 914 rt = (struct rt6_info *) skb_dst(skb);
915 if (rt) { 915 if (rt) {
@@ -1884,7 +1884,7 @@ static int ip6_pkt_drop(struct sk_buff *skb, u8 code, int ipstats_mib_noroutes)
1884 ipstats_mib_noroutes); 1884 ipstats_mib_noroutes);
1885 break; 1885 break;
1886 } 1886 }
1887 icmpv6_send(skb, ICMPV6_DEST_UNREACH, code, 0, skb->dev); 1887 icmpv6_send(skb, ICMPV6_DEST_UNREACH, code, 0);
1888 kfree_skb(skb); 1888 kfree_skb(skb);
1889 return 0; 1889 return 0;
1890} 1890}
diff --git a/net/ipv6/sit.c b/net/ipv6/sit.c
index 96eb2d4641c4..b1eea811be48 100644
--- a/net/ipv6/sit.c
+++ b/net/ipv6/sit.c
@@ -743,7 +743,7 @@ static netdev_tx_t ipip6_tunnel_xmit(struct sk_buff *skb,
743 skb_dst(skb)->ops->update_pmtu(skb_dst(skb), mtu); 743 skb_dst(skb)->ops->update_pmtu(skb_dst(skb), mtu);
744 744
745 if (skb->len > mtu) { 745 if (skb->len > mtu) {
746 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, dev); 746 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
747 ip_rt_put(rt); 747 ip_rt_put(rt);
748 goto tx_error; 748 goto tx_error;
749 } 749 }
diff --git a/net/ipv6/tunnel6.c b/net/ipv6/tunnel6.c
index 51e2832d13a6..e17bc1dfc1a4 100644
--- a/net/ipv6/tunnel6.c
+++ b/net/ipv6/tunnel6.c
@@ -98,7 +98,7 @@ static int tunnel6_rcv(struct sk_buff *skb)
98 if (!handler->handler(skb)) 98 if (!handler->handler(skb))
99 return 0; 99 return 0;
100 100
101 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_PORT_UNREACH, 0, skb->dev); 101 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_PORT_UNREACH, 0);
102 102
103drop: 103drop:
104 kfree_skb(skb); 104 kfree_skb(skb);
@@ -116,7 +116,7 @@ static int tunnel46_rcv(struct sk_buff *skb)
116 if (!handler->handler(skb)) 116 if (!handler->handler(skb))
117 return 0; 117 return 0;
118 118
119 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_PORT_UNREACH, 0, skb->dev); 119 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_PORT_UNREACH, 0);
120 120
121drop: 121drop:
122 kfree_skb(skb); 122 kfree_skb(skb);
diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c
index a7af9d68cd6c..52b8347ae3b2 100644
--- a/net/ipv6/udp.c
+++ b/net/ipv6/udp.c
@@ -680,12 +680,11 @@ static inline int udp6_csum_init(struct sk_buff *skb, struct udphdr *uh,
680int __udp6_lib_rcv(struct sk_buff *skb, struct udp_table *udptable, 680int __udp6_lib_rcv(struct sk_buff *skb, struct udp_table *udptable,
681 int proto) 681 int proto)
682{ 682{
683 struct net *net = dev_net(skb->dev);
683 struct sock *sk; 684 struct sock *sk;
684 struct udphdr *uh; 685 struct udphdr *uh;
685 struct net_device *dev = skb->dev;
686 struct in6_addr *saddr, *daddr; 686 struct in6_addr *saddr, *daddr;
687 u32 ulen = 0; 687 u32 ulen = 0;
688 struct net *net = dev_net(skb->dev);
689 688
690 if (!pskb_may_pull(skb, sizeof(struct udphdr))) 689 if (!pskb_may_pull(skb, sizeof(struct udphdr)))
691 goto short_packet; 690 goto short_packet;
@@ -744,7 +743,7 @@ int __udp6_lib_rcv(struct sk_buff *skb, struct udp_table *udptable,
744 UDP6_INC_STATS_BH(net, UDP_MIB_NOPORTS, 743 UDP6_INC_STATS_BH(net, UDP_MIB_NOPORTS,
745 proto == IPPROTO_UDPLITE); 744 proto == IPPROTO_UDPLITE);
746 745
747 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_PORT_UNREACH, 0, dev); 746 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_PORT_UNREACH, 0);
748 747
749 kfree_skb(skb); 748 kfree_skb(skb);
750 return 0; 749 return 0;
diff --git a/net/ipv6/xfrm6_input.c b/net/ipv6/xfrm6_input.c
index 9084582d236b..2bc98ede1235 100644
--- a/net/ipv6/xfrm6_input.c
+++ b/net/ipv6/xfrm6_input.c
@@ -101,7 +101,7 @@ int xfrm6_input_addr(struct sk_buff *skb, xfrm_address_t *daddr,
101 break; 101 break;
102 } 102 }
103 103
104 x = xfrm_state_lookup_byaddr(net, dst, src, proto, AF_INET6); 104 x = xfrm_state_lookup_byaddr(net, skb->mark, dst, src, proto, AF_INET6);
105 if (!x) 105 if (!x)
106 continue; 106 continue;
107 107
diff --git a/net/ipv6/xfrm6_output.c b/net/ipv6/xfrm6_output.c
index c4f4eef032a3..0c92112dcba3 100644
--- a/net/ipv6/xfrm6_output.c
+++ b/net/ipv6/xfrm6_output.c
@@ -38,7 +38,7 @@ static int xfrm6_tunnel_check_size(struct sk_buff *skb)
38 38
39 if (!skb->local_df && skb->len > mtu) { 39 if (!skb->local_df && skb->len > mtu) {
40 skb->dev = dst->dev; 40 skb->dev = dst->dev;
41 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, skb->dev); 41 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
42 ret = -EMSGSIZE; 42 ret = -EMSGSIZE;
43 } 43 }
44 44
diff --git a/net/irda/irnetlink.c b/net/irda/irnetlink.c
index 476b307bd801..69b5b75f5431 100644
--- a/net/irda/irnetlink.c
+++ b/net/irda/irnetlink.c
@@ -124,7 +124,7 @@ static int irda_nl_get_mode(struct sk_buff *skb, struct genl_info *info)
124 return ret; 124 return ret;
125} 125}
126 126
127static struct nla_policy irda_nl_policy[IRDA_NL_ATTR_MAX + 1] = { 127static const struct nla_policy irda_nl_policy[IRDA_NL_ATTR_MAX + 1] = {
128 [IRDA_NL_ATTR_IFNAME] = { .type = NLA_NUL_STRING, 128 [IRDA_NL_ATTR_IFNAME] = { .type = NLA_NUL_STRING,
129 .len = IFNAMSIZ-1 }, 129 .len = IFNAMSIZ-1 },
130 [IRDA_NL_ATTR_MODE] = { .type = NLA_U32 }, 130 [IRDA_NL_ATTR_MODE] = { .type = NLA_U32 },
diff --git a/net/key/af_key.c b/net/key/af_key.c
index 79d2c0f3c334..368707882647 100644
--- a/net/key/af_key.c
+++ b/net/key/af_key.c
@@ -41,10 +41,10 @@ struct netns_pfkey {
41 struct hlist_head table; 41 struct hlist_head table;
42 atomic_t socks_nr; 42 atomic_t socks_nr;
43}; 43};
44static DECLARE_WAIT_QUEUE_HEAD(pfkey_table_wait); 44static DEFINE_MUTEX(pfkey_mutex);
45static DEFINE_RWLOCK(pfkey_table_lock);
46static atomic_t pfkey_table_users = ATOMIC_INIT(0);
47 45
46#define DUMMY_MARK 0
47static struct xfrm_mark dummy_mark = {0, 0};
48struct pfkey_sock { 48struct pfkey_sock {
49 /* struct sock must be the first member of struct pfkey_sock */ 49 /* struct sock must be the first member of struct pfkey_sock */
50 struct sock sk; 50 struct sock sk;
@@ -108,50 +108,6 @@ static void pfkey_sock_destruct(struct sock *sk)
108 atomic_dec(&net_pfkey->socks_nr); 108 atomic_dec(&net_pfkey->socks_nr);
109} 109}
110 110
111static void pfkey_table_grab(void)
112{
113 write_lock_bh(&pfkey_table_lock);
114
115 if (atomic_read(&pfkey_table_users)) {
116 DECLARE_WAITQUEUE(wait, current);
117
118 add_wait_queue_exclusive(&pfkey_table_wait, &wait);
119 for(;;) {
120 set_current_state(TASK_UNINTERRUPTIBLE);
121 if (atomic_read(&pfkey_table_users) == 0)
122 break;
123 write_unlock_bh(&pfkey_table_lock);
124 schedule();
125 write_lock_bh(&pfkey_table_lock);
126 }
127
128 __set_current_state(TASK_RUNNING);
129 remove_wait_queue(&pfkey_table_wait, &wait);
130 }
131}
132
133static __inline__ void pfkey_table_ungrab(void)
134{
135 write_unlock_bh(&pfkey_table_lock);
136 wake_up(&pfkey_table_wait);
137}
138
139static __inline__ void pfkey_lock_table(void)
140{
141 /* read_lock() synchronizes us to pfkey_table_grab */
142
143 read_lock(&pfkey_table_lock);
144 atomic_inc(&pfkey_table_users);
145 read_unlock(&pfkey_table_lock);
146}
147
148static __inline__ void pfkey_unlock_table(void)
149{
150 if (atomic_dec_and_test(&pfkey_table_users))
151 wake_up(&pfkey_table_wait);
152}
153
154
155static const struct proto_ops pfkey_ops; 111static const struct proto_ops pfkey_ops;
156 112
157static void pfkey_insert(struct sock *sk) 113static void pfkey_insert(struct sock *sk)
@@ -159,16 +115,16 @@ static void pfkey_insert(struct sock *sk)
159 struct net *net = sock_net(sk); 115 struct net *net = sock_net(sk);
160 struct netns_pfkey *net_pfkey = net_generic(net, pfkey_net_id); 116 struct netns_pfkey *net_pfkey = net_generic(net, pfkey_net_id);
161 117
162 pfkey_table_grab(); 118 mutex_lock(&pfkey_mutex);
163 sk_add_node(sk, &net_pfkey->table); 119 sk_add_node_rcu(sk, &net_pfkey->table);
164 pfkey_table_ungrab(); 120 mutex_unlock(&pfkey_mutex);
165} 121}
166 122
167static void pfkey_remove(struct sock *sk) 123static void pfkey_remove(struct sock *sk)
168{ 124{
169 pfkey_table_grab(); 125 mutex_lock(&pfkey_mutex);
170 sk_del_node_init(sk); 126 sk_del_node_init_rcu(sk);
171 pfkey_table_ungrab(); 127 mutex_unlock(&pfkey_mutex);
172} 128}
173 129
174static struct proto key_proto = { 130static struct proto key_proto = {
@@ -223,6 +179,8 @@ static int pfkey_release(struct socket *sock)
223 sock_orphan(sk); 179 sock_orphan(sk);
224 sock->sk = NULL; 180 sock->sk = NULL;
225 skb_queue_purge(&sk->sk_write_queue); 181 skb_queue_purge(&sk->sk_write_queue);
182
183 synchronize_rcu();
226 sock_put(sk); 184 sock_put(sk);
227 185
228 return 0; 186 return 0;
@@ -277,8 +235,8 @@ static int pfkey_broadcast(struct sk_buff *skb, gfp_t allocation,
277 if (!skb) 235 if (!skb)
278 return -ENOMEM; 236 return -ENOMEM;
279 237
280 pfkey_lock_table(); 238 rcu_read_lock();
281 sk_for_each(sk, node, &net_pfkey->table) { 239 sk_for_each_rcu(sk, node, &net_pfkey->table) {
282 struct pfkey_sock *pfk = pfkey_sk(sk); 240 struct pfkey_sock *pfk = pfkey_sk(sk);
283 int err2; 241 int err2;
284 242
@@ -309,7 +267,7 @@ static int pfkey_broadcast(struct sk_buff *skb, gfp_t allocation,
309 if ((broadcast_flags & BROADCAST_REGISTERED) && err) 267 if ((broadcast_flags & BROADCAST_REGISTERED) && err)
310 err = err2; 268 err = err2;
311 } 269 }
312 pfkey_unlock_table(); 270 rcu_read_unlock();
313 271
314 if (one_sk != NULL) 272 if (one_sk != NULL)
315 err = pfkey_broadcast_one(skb, &skb2, allocation, one_sk); 273 err = pfkey_broadcast_one(skb, &skb2, allocation, one_sk);
@@ -691,7 +649,7 @@ static struct xfrm_state *pfkey_xfrm_state_lookup(struct net *net, struct sadb_
691 if (!xaddr) 649 if (!xaddr)
692 return NULL; 650 return NULL;
693 651
694 return xfrm_state_lookup(net, xaddr, sa->sadb_sa_spi, proto, family); 652 return xfrm_state_lookup(net, DUMMY_MARK, xaddr, sa->sadb_sa_spi, proto, family);
695} 653}
696 654
697#define PFKEY_ALIGN8(a) (1 + (((a) - 1) | (8 - 1))) 655#define PFKEY_ALIGN8(a) (1 + (((a) - 1) | (8 - 1)))
@@ -1360,7 +1318,7 @@ static int pfkey_getspi(struct sock *sk, struct sk_buff *skb, struct sadb_msg *h
1360 } 1318 }
1361 1319
1362 if (hdr->sadb_msg_seq) { 1320 if (hdr->sadb_msg_seq) {
1363 x = xfrm_find_acq_byseq(net, hdr->sadb_msg_seq); 1321 x = xfrm_find_acq_byseq(net, DUMMY_MARK, hdr->sadb_msg_seq);
1364 if (x && xfrm_addr_cmp(&x->id.daddr, xdaddr, family)) { 1322 if (x && xfrm_addr_cmp(&x->id.daddr, xdaddr, family)) {
1365 xfrm_state_put(x); 1323 xfrm_state_put(x);
1366 x = NULL; 1324 x = NULL;
@@ -1368,7 +1326,7 @@ static int pfkey_getspi(struct sock *sk, struct sk_buff *skb, struct sadb_msg *h
1368 } 1326 }
1369 1327
1370 if (!x) 1328 if (!x)
1371 x = xfrm_find_acq(net, mode, reqid, proto, xdaddr, xsaddr, 1, family); 1329 x = xfrm_find_acq(net, &dummy_mark, mode, reqid, proto, xdaddr, xsaddr, 1, family);
1372 1330
1373 if (x == NULL) 1331 if (x == NULL)
1374 return -ENOENT; 1332 return -ENOENT;
@@ -1417,7 +1375,7 @@ static int pfkey_acquire(struct sock *sk, struct sk_buff *skb, struct sadb_msg *
1417 if (hdr->sadb_msg_seq == 0 || hdr->sadb_msg_errno == 0) 1375 if (hdr->sadb_msg_seq == 0 || hdr->sadb_msg_errno == 0)
1418 return 0; 1376 return 0;
1419 1377
1420 x = xfrm_find_acq_byseq(net, hdr->sadb_msg_seq); 1378 x = xfrm_find_acq_byseq(net, DUMMY_MARK, hdr->sadb_msg_seq);
1421 if (x == NULL) 1379 if (x == NULL)
1422 return 0; 1380 return 0;
1423 1381
@@ -1712,6 +1670,23 @@ static int pfkey_register(struct sock *sk, struct sk_buff *skb, struct sadb_msg
1712 return 0; 1670 return 0;
1713} 1671}
1714 1672
1673static int unicast_flush_resp(struct sock *sk, struct sadb_msg *ihdr)
1674{
1675 struct sk_buff *skb;
1676 struct sadb_msg *hdr;
1677
1678 skb = alloc_skb(sizeof(struct sadb_msg) + 16, GFP_ATOMIC);
1679 if (!skb)
1680 return -ENOBUFS;
1681
1682 hdr = (struct sadb_msg *) skb_put(skb, sizeof(struct sadb_msg));
1683 memcpy(hdr, ihdr, sizeof(struct sadb_msg));
1684 hdr->sadb_msg_errno = (uint8_t) 0;
1685 hdr->sadb_msg_len = (sizeof(struct sadb_msg) / sizeof(uint64_t));
1686
1687 return pfkey_broadcast(skb, GFP_ATOMIC, BROADCAST_ONE, sk, sock_net(sk));
1688}
1689
1715static int key_notify_sa_flush(struct km_event *c) 1690static int key_notify_sa_flush(struct km_event *c)
1716{ 1691{
1717 struct sk_buff *skb; 1692 struct sk_buff *skb;
@@ -1740,7 +1715,7 @@ static int pfkey_flush(struct sock *sk, struct sk_buff *skb, struct sadb_msg *hd
1740 unsigned proto; 1715 unsigned proto;
1741 struct km_event c; 1716 struct km_event c;
1742 struct xfrm_audit audit_info; 1717 struct xfrm_audit audit_info;
1743 int err; 1718 int err, err2;
1744 1719
1745 proto = pfkey_satype2proto(hdr->sadb_msg_satype); 1720 proto = pfkey_satype2proto(hdr->sadb_msg_satype);
1746 if (proto == 0) 1721 if (proto == 0)
@@ -1750,8 +1725,13 @@ static int pfkey_flush(struct sock *sk, struct sk_buff *skb, struct sadb_msg *hd
1750 audit_info.sessionid = audit_get_sessionid(current); 1725 audit_info.sessionid = audit_get_sessionid(current);
1751 audit_info.secid = 0; 1726 audit_info.secid = 0;
1752 err = xfrm_state_flush(net, proto, &audit_info); 1727 err = xfrm_state_flush(net, proto, &audit_info);
1753 if (err) 1728 err2 = unicast_flush_resp(sk, hdr);
1754 return err; 1729 if (err || err2) {
1730 if (err == -ESRCH) /* empty table - go quietly */
1731 err = 0;
1732 return err ? err : err2;
1733 }
1734
1755 c.data.proto = proto; 1735 c.data.proto = proto;
1756 c.seq = hdr->sadb_msg_seq; 1736 c.seq = hdr->sadb_msg_seq;
1757 c.pid = hdr->sadb_msg_pid; 1737 c.pid = hdr->sadb_msg_pid;
@@ -2346,7 +2326,7 @@ static int pfkey_spddelete(struct sock *sk, struct sk_buff *skb, struct sadb_msg
2346 return err; 2326 return err;
2347 } 2327 }
2348 2328
2349 xp = xfrm_policy_bysel_ctx(net, XFRM_POLICY_TYPE_MAIN, 2329 xp = xfrm_policy_bysel_ctx(net, DUMMY_MARK, XFRM_POLICY_TYPE_MAIN,
2350 pol->sadb_x_policy_dir - 1, &sel, pol_ctx, 2330 pol->sadb_x_policy_dir - 1, &sel, pol_ctx,
2351 1, &err); 2331 1, &err);
2352 security_xfrm_policy_free(pol_ctx); 2332 security_xfrm_policy_free(pol_ctx);
@@ -2594,8 +2574,8 @@ static int pfkey_spdget(struct sock *sk, struct sk_buff *skb, struct sadb_msg *h
2594 return -EINVAL; 2574 return -EINVAL;
2595 2575
2596 delete = (hdr->sadb_msg_type == SADB_X_SPDDELETE2); 2576 delete = (hdr->sadb_msg_type == SADB_X_SPDDELETE2);
2597 xp = xfrm_policy_byid(net, XFRM_POLICY_TYPE_MAIN, dir, 2577 xp = xfrm_policy_byid(net, DUMMY_MARK, XFRM_POLICY_TYPE_MAIN,
2598 pol->sadb_x_policy_id, delete, &err); 2578 dir, pol->sadb_x_policy_id, delete, &err);
2599 if (xp == NULL) 2579 if (xp == NULL)
2600 return -ENOENT; 2580 return -ENOENT;
2601 2581
@@ -2706,14 +2686,19 @@ static int pfkey_spdflush(struct sock *sk, struct sk_buff *skb, struct sadb_msg
2706 struct net *net = sock_net(sk); 2686 struct net *net = sock_net(sk);
2707 struct km_event c; 2687 struct km_event c;
2708 struct xfrm_audit audit_info; 2688 struct xfrm_audit audit_info;
2709 int err; 2689 int err, err2;
2710 2690
2711 audit_info.loginuid = audit_get_loginuid(current); 2691 audit_info.loginuid = audit_get_loginuid(current);
2712 audit_info.sessionid = audit_get_sessionid(current); 2692 audit_info.sessionid = audit_get_sessionid(current);
2713 audit_info.secid = 0; 2693 audit_info.secid = 0;
2714 err = xfrm_policy_flush(net, XFRM_POLICY_TYPE_MAIN, &audit_info); 2694 err = xfrm_policy_flush(net, XFRM_POLICY_TYPE_MAIN, &audit_info);
2715 if (err) 2695 err2 = unicast_flush_resp(sk, hdr);
2696 if (err || err2) {
2697 if (err == -ESRCH) /* empty table - old silent behavior */
2698 return 0;
2716 return err; 2699 return err;
2700 }
2701
2717 c.data.type = XFRM_POLICY_TYPE_MAIN; 2702 c.data.type = XFRM_POLICY_TYPE_MAIN;
2718 c.event = XFRM_MSG_FLUSHPOLICY; 2703 c.event = XFRM_MSG_FLUSHPOLICY;
2719 c.pid = hdr->sadb_msg_pid; 2704 c.pid = hdr->sadb_msg_pid;
@@ -3675,8 +3660,8 @@ static void *pfkey_seq_start(struct seq_file *f, loff_t *ppos)
3675 struct net *net = seq_file_net(f); 3660 struct net *net = seq_file_net(f);
3676 struct netns_pfkey *net_pfkey = net_generic(net, pfkey_net_id); 3661 struct netns_pfkey *net_pfkey = net_generic(net, pfkey_net_id);
3677 3662
3678 read_lock(&pfkey_table_lock); 3663 rcu_read_lock();
3679 return seq_hlist_start_head(&net_pfkey->table, *ppos); 3664 return seq_hlist_start_head_rcu(&net_pfkey->table, *ppos);
3680} 3665}
3681 3666
3682static void *pfkey_seq_next(struct seq_file *f, void *v, loff_t *ppos) 3667static void *pfkey_seq_next(struct seq_file *f, void *v, loff_t *ppos)
@@ -3684,12 +3669,12 @@ static void *pfkey_seq_next(struct seq_file *f, void *v, loff_t *ppos)
3684 struct net *net = seq_file_net(f); 3669 struct net *net = seq_file_net(f);
3685 struct netns_pfkey *net_pfkey = net_generic(net, pfkey_net_id); 3670 struct netns_pfkey *net_pfkey = net_generic(net, pfkey_net_id);
3686 3671
3687 return seq_hlist_next(v, &net_pfkey->table, ppos); 3672 return seq_hlist_next_rcu(v, &net_pfkey->table, ppos);
3688} 3673}
3689 3674
3690static void pfkey_seq_stop(struct seq_file *f, void *v) 3675static void pfkey_seq_stop(struct seq_file *f, void *v)
3691{ 3676{
3692 read_unlock(&pfkey_table_lock); 3677 rcu_read_unlock();
3693} 3678}
3694 3679
3695static const struct seq_operations pfkey_seq_ops = { 3680static const struct seq_operations pfkey_seq_ops = {
diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/ipvs/ip_vs_core.c
index 72e96d823ebf..44590887a92c 100644
--- a/net/netfilter/ipvs/ip_vs_core.c
+++ b/net/netfilter/ipvs/ip_vs_core.c
@@ -515,8 +515,7 @@ int ip_vs_leave(struct ip_vs_service *svc, struct sk_buff *skb,
515 */ 515 */
516#ifdef CONFIG_IP_VS_IPV6 516#ifdef CONFIG_IP_VS_IPV6
517 if (svc->af == AF_INET6) 517 if (svc->af == AF_INET6)
518 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_PORT_UNREACH, 0, 518 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_PORT_UNREACH, 0);
519 skb->dev);
520 else 519 else
521#endif 520#endif
522 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH, 0); 521 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH, 0);
@@ -1048,7 +1047,7 @@ ip_vs_out(unsigned int hooknum, struct sk_buff *skb,
1048 icmpv6_send(skb, 1047 icmpv6_send(skb,
1049 ICMPV6_DEST_UNREACH, 1048 ICMPV6_DEST_UNREACH,
1050 ICMPV6_PORT_UNREACH, 1049 ICMPV6_PORT_UNREACH,
1051 0, skb->dev); 1050 0);
1052 else 1051 else
1053#endif 1052#endif
1054 icmp_send(skb, 1053 icmp_send(skb,
diff --git a/net/netfilter/ipvs/ip_vs_xmit.c b/net/netfilter/ipvs/ip_vs_xmit.c
index 30b3189bd29c..223b5018c7dc 100644
--- a/net/netfilter/ipvs/ip_vs_xmit.c
+++ b/net/netfilter/ipvs/ip_vs_xmit.c
@@ -311,7 +311,7 @@ ip_vs_bypass_xmit_v6(struct sk_buff *skb, struct ip_vs_conn *cp,
311 mtu = dst_mtu(&rt->u.dst); 311 mtu = dst_mtu(&rt->u.dst);
312 if (skb->len > mtu) { 312 if (skb->len > mtu) {
313 dst_release(&rt->u.dst); 313 dst_release(&rt->u.dst);
314 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, skb->dev); 314 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
315 IP_VS_DBG_RL("%s(): frag needed\n", __func__); 315 IP_VS_DBG_RL("%s(): frag needed\n", __func__);
316 goto tx_error; 316 goto tx_error;
317 } 317 }
@@ -454,7 +454,7 @@ ip_vs_nat_xmit_v6(struct sk_buff *skb, struct ip_vs_conn *cp,
454 mtu = dst_mtu(&rt->u.dst); 454 mtu = dst_mtu(&rt->u.dst);
455 if (skb->len > mtu) { 455 if (skb->len > mtu) {
456 dst_release(&rt->u.dst); 456 dst_release(&rt->u.dst);
457 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, skb->dev); 457 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
458 IP_VS_DBG_RL_PKT(0, pp, skb, 0, 458 IP_VS_DBG_RL_PKT(0, pp, skb, 0,
459 "ip_vs_nat_xmit_v6(): frag needed for"); 459 "ip_vs_nat_xmit_v6(): frag needed for");
460 goto tx_error; 460 goto tx_error;
@@ -672,7 +672,7 @@ ip_vs_tunnel_xmit_v6(struct sk_buff *skb, struct ip_vs_conn *cp,
672 skb_dst(skb)->ops->update_pmtu(skb_dst(skb), mtu); 672 skb_dst(skb)->ops->update_pmtu(skb_dst(skb), mtu);
673 673
674 if (mtu < ntohs(old_iph->payload_len) + sizeof(struct ipv6hdr)) { 674 if (mtu < ntohs(old_iph->payload_len) + sizeof(struct ipv6hdr)) {
675 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, skb->dev); 675 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
676 dst_release(&rt->u.dst); 676 dst_release(&rt->u.dst);
677 IP_VS_DBG_RL("%s(): frag needed\n", __func__); 677 IP_VS_DBG_RL("%s(): frag needed\n", __func__);
678 goto tx_error; 678 goto tx_error;
@@ -814,7 +814,7 @@ ip_vs_dr_xmit_v6(struct sk_buff *skb, struct ip_vs_conn *cp,
814 /* MTU checking */ 814 /* MTU checking */
815 mtu = dst_mtu(&rt->u.dst); 815 mtu = dst_mtu(&rt->u.dst);
816 if (skb->len > mtu) { 816 if (skb->len > mtu) {
817 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, skb->dev); 817 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
818 dst_release(&rt->u.dst); 818 dst_release(&rt->u.dst);
819 IP_VS_DBG_RL("%s(): frag needed\n", __func__); 819 IP_VS_DBG_RL("%s(): frag needed\n", __func__);
820 goto tx_error; 820 goto tx_error;
@@ -965,7 +965,7 @@ ip_vs_icmp_xmit_v6(struct sk_buff *skb, struct ip_vs_conn *cp,
965 mtu = dst_mtu(&rt->u.dst); 965 mtu = dst_mtu(&rt->u.dst);
966 if (skb->len > mtu) { 966 if (skb->len > mtu) {
967 dst_release(&rt->u.dst); 967 dst_release(&rt->u.dst);
968 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, skb->dev); 968 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
969 IP_VS_DBG_RL("%s(): frag needed\n", __func__); 969 IP_VS_DBG_RL("%s(): frag needed\n", __func__);
970 goto tx_error; 970 goto tx_error;
971 } 971 }
diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c
index 10f7295bcefb..2f0369367ee0 100644
--- a/net/packet/af_packet.c
+++ b/net/packet/af_packet.c
@@ -1262,24 +1262,22 @@ static int packet_release(struct socket *sock)
1262 net = sock_net(sk); 1262 net = sock_net(sk);
1263 po = pkt_sk(sk); 1263 po = pkt_sk(sk);
1264 1264
1265 write_lock_bh(&net->packet.sklist_lock); 1265 spin_lock_bh(&net->packet.sklist_lock);
1266 sk_del_node_init(sk); 1266 sk_del_node_init_rcu(sk);
1267 sock_prot_inuse_add(net, sk->sk_prot, -1); 1267 sock_prot_inuse_add(net, sk->sk_prot, -1);
1268 write_unlock_bh(&net->packet.sklist_lock); 1268 spin_unlock_bh(&net->packet.sklist_lock);
1269
1270 /*
1271 * Unhook packet receive handler.
1272 */
1273 1269
1270 spin_lock(&po->bind_lock);
1274 if (po->running) { 1271 if (po->running) {
1275 /* 1272 /*
1276 * Remove the protocol hook 1273 * Remove from protocol table
1277 */ 1274 */
1278 dev_remove_pack(&po->prot_hook);
1279 po->running = 0; 1275 po->running = 0;
1280 po->num = 0; 1276 po->num = 0;
1277 __dev_remove_pack(&po->prot_hook);
1281 __sock_put(sk); 1278 __sock_put(sk);
1282 } 1279 }
1280 spin_unlock(&po->bind_lock);
1283 1281
1284 packet_flush_mclist(sk); 1282 packet_flush_mclist(sk);
1285 1283
@@ -1291,10 +1289,10 @@ static int packet_release(struct socket *sock)
1291 if (po->tx_ring.pg_vec) 1289 if (po->tx_ring.pg_vec)
1292 packet_set_ring(sk, &req, 1, 1); 1290 packet_set_ring(sk, &req, 1, 1);
1293 1291
1292 synchronize_net();
1294 /* 1293 /*
1295 * Now the socket is dead. No more input will appear. 1294 * Now the socket is dead. No more input will appear.
1296 */ 1295 */
1297
1298 sock_orphan(sk); 1296 sock_orphan(sk);
1299 sock->sk = NULL; 1297 sock->sk = NULL;
1300 1298
@@ -1478,10 +1476,11 @@ static int packet_create(struct net *net, struct socket *sock, int protocol,
1478 po->running = 1; 1476 po->running = 1;
1479 } 1477 }
1480 1478
1481 write_lock_bh(&net->packet.sklist_lock); 1479 spin_lock_bh(&net->packet.sklist_lock);
1482 sk_add_node(sk, &net->packet.sklist); 1480 sk_add_node_rcu(sk, &net->packet.sklist);
1483 sock_prot_inuse_add(net, &packet_proto, 1); 1481 sock_prot_inuse_add(net, &packet_proto, 1);
1484 write_unlock_bh(&net->packet.sklist_lock); 1482 spin_unlock_bh(&net->packet.sklist_lock);
1483
1485 return 0; 1484 return 0;
1486out: 1485out:
1487 return err; 1486 return err;
@@ -2075,8 +2074,8 @@ static int packet_notifier(struct notifier_block *this, unsigned long msg, void
2075 struct net_device *dev = data; 2074 struct net_device *dev = data;
2076 struct net *net = dev_net(dev); 2075 struct net *net = dev_net(dev);
2077 2076
2078 read_lock(&net->packet.sklist_lock); 2077 rcu_read_lock();
2079 sk_for_each(sk, node, &net->packet.sklist) { 2078 sk_for_each_rcu(sk, node, &net->packet.sklist) {
2080 struct packet_sock *po = pkt_sk(sk); 2079 struct packet_sock *po = pkt_sk(sk);
2081 2080
2082 switch (msg) { 2081 switch (msg) {
@@ -2104,18 +2103,19 @@ static int packet_notifier(struct notifier_block *this, unsigned long msg, void
2104 } 2103 }
2105 break; 2104 break;
2106 case NETDEV_UP: 2105 case NETDEV_UP:
2107 spin_lock(&po->bind_lock); 2106 if (dev->ifindex == po->ifindex) {
2108 if (dev->ifindex == po->ifindex && po->num && 2107 spin_lock(&po->bind_lock);
2109 !po->running) { 2108 if (po->num && !po->running) {
2110 dev_add_pack(&po->prot_hook); 2109 dev_add_pack(&po->prot_hook);
2111 sock_hold(sk); 2110 sock_hold(sk);
2112 po->running = 1; 2111 po->running = 1;
2112 }
2113 spin_unlock(&po->bind_lock);
2113 } 2114 }
2114 spin_unlock(&po->bind_lock);
2115 break; 2115 break;
2116 } 2116 }
2117 } 2117 }
2118 read_unlock(&net->packet.sklist_lock); 2118 rcu_read_unlock();
2119 return NOTIFY_DONE; 2119 return NOTIFY_DONE;
2120} 2120}
2121 2121
@@ -2512,24 +2512,24 @@ static struct notifier_block packet_netdev_notifier = {
2512#ifdef CONFIG_PROC_FS 2512#ifdef CONFIG_PROC_FS
2513 2513
2514static void *packet_seq_start(struct seq_file *seq, loff_t *pos) 2514static void *packet_seq_start(struct seq_file *seq, loff_t *pos)
2515 __acquires(seq_file_net(seq)->packet.sklist_lock) 2515 __acquires(RCU)
2516{ 2516{
2517 struct net *net = seq_file_net(seq); 2517 struct net *net = seq_file_net(seq);
2518 read_lock(&net->packet.sklist_lock); 2518
2519 return seq_hlist_start_head(&net->packet.sklist, *pos); 2519 rcu_read_lock();
2520 return seq_hlist_start_head_rcu(&net->packet.sklist, *pos);
2520} 2521}
2521 2522
2522static void *packet_seq_next(struct seq_file *seq, void *v, loff_t *pos) 2523static void *packet_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2523{ 2524{
2524 struct net *net = seq_file_net(seq); 2525 struct net *net = seq_file_net(seq);
2525 return seq_hlist_next(v, &net->packet.sklist, pos); 2526 return seq_hlist_next_rcu(v, &net->packet.sklist, pos);
2526} 2527}
2527 2528
2528static void packet_seq_stop(struct seq_file *seq, void *v) 2529static void packet_seq_stop(struct seq_file *seq, void *v)
2529 __releases(seq_file_net(seq)->packet.sklist_lock) 2530 __releases(RCU)
2530{ 2531{
2531 struct net *net = seq_file_net(seq); 2532 rcu_read_unlock();
2532 read_unlock(&net->packet.sklist_lock);
2533} 2533}
2534 2534
2535static int packet_seq_show(struct seq_file *seq, void *v) 2535static int packet_seq_show(struct seq_file *seq, void *v)
@@ -2581,7 +2581,7 @@ static const struct file_operations packet_seq_fops = {
2581 2581
2582static int __net_init packet_net_init(struct net *net) 2582static int __net_init packet_net_init(struct net *net)
2583{ 2583{
2584 rwlock_init(&net->packet.sklist_lock); 2584 spin_lock_init(&net->packet.sklist_lock);
2585 INIT_HLIST_HEAD(&net->packet.sklist); 2585 INIT_HLIST_HEAD(&net->packet.sklist);
2586 2586
2587 if (!proc_net_fops_create(net, "packet", 0, &packet_seq_fops)) 2587 if (!proc_net_fops_create(net, "packet", 0, &packet_seq_fops))
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
index 9bc9b92bc099..3d9122e78f41 100644
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -144,7 +144,7 @@ static inline void unix_set_secdata(struct scm_cookie *scm, struct sk_buff *skb)
144/* 144/*
145 * SMP locking strategy: 145 * SMP locking strategy:
146 * hash table is protected with spinlock unix_table_lock 146 * hash table is protected with spinlock unix_table_lock
147 * each socket state is protected by separate rwlock. 147 * each socket state is protected by separate spin lock.
148 */ 148 */
149 149
150static inline unsigned unix_hash_fold(__wsum n) 150static inline unsigned unix_hash_fold(__wsum n)
diff --git a/net/wimax/op-msg.c b/net/wimax/op-msg.c
index d3bfb6ef13ae..7718657e93dc 100644
--- a/net/wimax/op-msg.c
+++ b/net/wimax/op-msg.c
@@ -320,8 +320,7 @@ int wimax_msg(struct wimax_dev *wimax_dev, const char *pipe_name,
320EXPORT_SYMBOL_GPL(wimax_msg); 320EXPORT_SYMBOL_GPL(wimax_msg);
321 321
322 322
323static const 323static const struct nla_policy wimax_gnl_msg_policy[WIMAX_GNL_ATTR_MAX + 1] = {
324struct nla_policy wimax_gnl_msg_policy[WIMAX_GNL_ATTR_MAX + 1] = {
325 [WIMAX_GNL_MSG_IFIDX] = { 324 [WIMAX_GNL_MSG_IFIDX] = {
326 .type = NLA_U32, 325 .type = NLA_U32,
327 }, 326 },
diff --git a/net/wimax/op-reset.c b/net/wimax/op-reset.c
index 35f370091f4f..4dc82a54ba30 100644
--- a/net/wimax/op-reset.c
+++ b/net/wimax/op-reset.c
@@ -91,8 +91,7 @@ int wimax_reset(struct wimax_dev *wimax_dev)
91EXPORT_SYMBOL(wimax_reset); 91EXPORT_SYMBOL(wimax_reset);
92 92
93 93
94static const 94static const struct nla_policy wimax_gnl_reset_policy[WIMAX_GNL_ATTR_MAX + 1] = {
95struct nla_policy wimax_gnl_reset_policy[WIMAX_GNL_ATTR_MAX + 1] = {
96 [WIMAX_GNL_RESET_IFIDX] = { 95 [WIMAX_GNL_RESET_IFIDX] = {
97 .type = NLA_U32, 96 .type = NLA_U32,
98 }, 97 },
diff --git a/net/wimax/op-rfkill.c b/net/wimax/op-rfkill.c
index ae752a64d920..e978c7136c97 100644
--- a/net/wimax/op-rfkill.c
+++ b/net/wimax/op-rfkill.c
@@ -410,8 +410,7 @@ void wimax_rfkill_rm(struct wimax_dev *wimax_dev)
410 * just query). 410 * just query).
411 */ 411 */
412 412
413static const 413static const struct nla_policy wimax_gnl_rfkill_policy[WIMAX_GNL_ATTR_MAX + 1] = {
414struct nla_policy wimax_gnl_rfkill_policy[WIMAX_GNL_ATTR_MAX + 1] = {
415 [WIMAX_GNL_RFKILL_IFIDX] = { 414 [WIMAX_GNL_RFKILL_IFIDX] = {
416 .type = NLA_U32, 415 .type = NLA_U32,
417 }, 416 },
diff --git a/net/wimax/op-state-get.c b/net/wimax/op-state-get.c
index a76b8fcb056d..11ad3356eb56 100644
--- a/net/wimax/op-state-get.c
+++ b/net/wimax/op-state-get.c
@@ -33,8 +33,7 @@
33#include "debug-levels.h" 33#include "debug-levels.h"
34 34
35 35
36static const 36static const struct nla_policy wimax_gnl_state_get_policy[WIMAX_GNL_ATTR_MAX + 1] = {
37struct nla_policy wimax_gnl_state_get_policy[WIMAX_GNL_ATTR_MAX + 1] = {
38 [WIMAX_GNL_STGET_IFIDX] = { 37 [WIMAX_GNL_STGET_IFIDX] = {
39 .type = NLA_U32, 38 .type = NLA_U32,
40 }, 39 },
diff --git a/net/wimax/stack.c b/net/wimax/stack.c
index c8866412f830..813e1eaea29b 100644
--- a/net/wimax/stack.c
+++ b/net/wimax/stack.c
@@ -75,8 +75,7 @@ MODULE_PARM_DESC(debug,
75 * close to where the data is generated. 75 * close to where the data is generated.
76 */ 76 */
77/* 77/*
78static const 78static const struct nla_policy wimax_gnl_re_status_change[WIMAX_GNL_ATTR_MAX + 1] = {
79struct nla_policy wimax_gnl_re_status_change[WIMAX_GNL_ATTR_MAX + 1] = {
80 [WIMAX_GNL_STCH_STATE_OLD] = { .type = NLA_U8 }, 79 [WIMAX_GNL_STCH_STATE_OLD] = { .type = NLA_U8 },
81 [WIMAX_GNL_STCH_STATE_NEW] = { .type = NLA_U8 }, 80 [WIMAX_GNL_STCH_STATE_NEW] = { .type = NLA_U8 },
82}; 81};
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index 5b79ecf17bea..a001ea32cb7d 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -58,7 +58,7 @@ static int get_rdev_dev_by_info_ifindex(struct genl_info *info,
58} 58}
59 59
60/* policy for the attributes */ 60/* policy for the attributes */
61static struct nla_policy nl80211_policy[NL80211_ATTR_MAX+1] __read_mostly = { 61static const struct nla_policy nl80211_policy[NL80211_ATTR_MAX+1] = {
62 [NL80211_ATTR_WIPHY] = { .type = NLA_U32 }, 62 [NL80211_ATTR_WIPHY] = { .type = NLA_U32 },
63 [NL80211_ATTR_WIPHY_NAME] = { .type = NLA_NUL_STRING, 63 [NL80211_ATTR_WIPHY_NAME] = { .type = NLA_NUL_STRING,
64 .len = 20-1 }, 64 .len = 20-1 },
@@ -148,8 +148,7 @@ static struct nla_policy nl80211_policy[NL80211_ATTR_MAX+1] __read_mostly = {
148}; 148};
149 149
150/* policy for the attributes */ 150/* policy for the attributes */
151static struct nla_policy 151static const struct nla_policy nl80211_key_policy[NL80211_KEY_MAX + 1] = {
152nl80211_key_policy[NL80211_KEY_MAX + 1] __read_mostly = {
153 [NL80211_KEY_DATA] = { .type = NLA_BINARY, .len = WLAN_MAX_KEY_LEN }, 152 [NL80211_KEY_DATA] = { .type = NLA_BINARY, .len = WLAN_MAX_KEY_LEN },
154 [NL80211_KEY_IDX] = { .type = NLA_U8 }, 153 [NL80211_KEY_IDX] = { .type = NLA_U8 },
155 [NL80211_KEY_CIPHER] = { .type = NLA_U32 }, 154 [NL80211_KEY_CIPHER] = { .type = NLA_U32 },
@@ -2501,8 +2500,7 @@ static int nl80211_set_bss(struct sk_buff *skb, struct genl_info *info)
2501 return err; 2500 return err;
2502} 2501}
2503 2502
2504static const struct nla_policy 2503static const struct nla_policy reg_rule_policy[NL80211_REG_RULE_ATTR_MAX + 1] = {
2505 reg_rule_policy[NL80211_REG_RULE_ATTR_MAX + 1] = {
2506 [NL80211_ATTR_REG_RULE_FLAGS] = { .type = NLA_U32 }, 2504 [NL80211_ATTR_REG_RULE_FLAGS] = { .type = NLA_U32 },
2507 [NL80211_ATTR_FREQ_RANGE_START] = { .type = NLA_U32 }, 2505 [NL80211_ATTR_FREQ_RANGE_START] = { .type = NLA_U32 },
2508 [NL80211_ATTR_FREQ_RANGE_END] = { .type = NLA_U32 }, 2506 [NL80211_ATTR_FREQ_RANGE_END] = { .type = NLA_U32 },
@@ -2671,8 +2669,7 @@ do {\
2671 } \ 2669 } \
2672} while (0);\ 2670} while (0);\
2673 2671
2674static struct nla_policy 2672static const struct nla_policy nl80211_meshconf_params_policy[NL80211_MESHCONF_ATTR_MAX+1] = {
2675nl80211_meshconf_params_policy[NL80211_MESHCONF_ATTR_MAX+1] __read_mostly = {
2676 [NL80211_MESHCONF_RETRY_TIMEOUT] = { .type = NLA_U16 }, 2673 [NL80211_MESHCONF_RETRY_TIMEOUT] = { .type = NLA_U16 },
2677 [NL80211_MESHCONF_CONFIRM_TIMEOUT] = { .type = NLA_U16 }, 2674 [NL80211_MESHCONF_CONFIRM_TIMEOUT] = { .type = NLA_U16 },
2678 [NL80211_MESHCONF_HOLDING_TIMEOUT] = { .type = NLA_U16 }, 2675 [NL80211_MESHCONF_HOLDING_TIMEOUT] = { .type = NLA_U16 },
@@ -4470,8 +4467,7 @@ static u32 rateset_to_mask(struct ieee80211_supported_band *sband,
4470 return mask; 4467 return mask;
4471} 4468}
4472 4469
4473static struct nla_policy 4470static const struct nla_policy nl80211_txattr_policy[NL80211_TXRATE_MAX + 1] = {
4474nl80211_txattr_policy[NL80211_TXRATE_MAX + 1] __read_mostly = {
4475 [NL80211_TXRATE_LEGACY] = { .type = NLA_BINARY, 4471 [NL80211_TXRATE_LEGACY] = { .type = NLA_BINARY,
4476 .len = NL80211_MAX_SUPP_RATES }, 4472 .len = NL80211_MAX_SUPP_RATES },
4477}; 4473};
diff --git a/net/xfrm/xfrm_input.c b/net/xfrm/xfrm_input.c
index e0009c17d809..45f1c98d4fce 100644
--- a/net/xfrm/xfrm_input.c
+++ b/net/xfrm/xfrm_input.c
@@ -152,7 +152,7 @@ int xfrm_input(struct sk_buff *skb, int nexthdr, __be32 spi, int encap_type)
152 goto drop; 152 goto drop;
153 } 153 }
154 154
155 x = xfrm_state_lookup(net, daddr, spi, nexthdr, family); 155 x = xfrm_state_lookup(net, skb->mark, daddr, spi, nexthdr, family);
156 if (x == NULL) { 156 if (x == NULL) {
157 XFRM_INC_STATS(net, LINUX_MIB_XFRMINNOSTATES); 157 XFRM_INC_STATS(net, LINUX_MIB_XFRMINNOSTATES);
158 xfrm_audit_state_notfound(skb, family, spi, seq); 158 xfrm_audit_state_notfound(skb, family, spi, seq);
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index 2c5d93181f13..34a5ef8316e7 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -556,6 +556,7 @@ int xfrm_policy_insert(int dir, struct xfrm_policy *policy, int excl)
556 struct hlist_head *chain; 556 struct hlist_head *chain;
557 struct hlist_node *entry, *newpos; 557 struct hlist_node *entry, *newpos;
558 struct dst_entry *gc_list; 558 struct dst_entry *gc_list;
559 u32 mark = policy->mark.v & policy->mark.m;
559 560
560 write_lock_bh(&xfrm_policy_lock); 561 write_lock_bh(&xfrm_policy_lock);
561 chain = policy_hash_bysel(net, &policy->selector, policy->family, dir); 562 chain = policy_hash_bysel(net, &policy->selector, policy->family, dir);
@@ -564,6 +565,7 @@ int xfrm_policy_insert(int dir, struct xfrm_policy *policy, int excl)
564 hlist_for_each_entry(pol, entry, chain, bydst) { 565 hlist_for_each_entry(pol, entry, chain, bydst) {
565 if (pol->type == policy->type && 566 if (pol->type == policy->type &&
566 !selector_cmp(&pol->selector, &policy->selector) && 567 !selector_cmp(&pol->selector, &policy->selector) &&
568 (mark & pol->mark.m) == pol->mark.v &&
567 xfrm_sec_ctx_match(pol->security, policy->security) && 569 xfrm_sec_ctx_match(pol->security, policy->security) &&
568 !WARN_ON(delpol)) { 570 !WARN_ON(delpol)) {
569 if (excl) { 571 if (excl) {
@@ -635,8 +637,8 @@ int xfrm_policy_insert(int dir, struct xfrm_policy *policy, int excl)
635} 637}
636EXPORT_SYMBOL(xfrm_policy_insert); 638EXPORT_SYMBOL(xfrm_policy_insert);
637 639
638struct xfrm_policy *xfrm_policy_bysel_ctx(struct net *net, u8 type, int dir, 640struct xfrm_policy *xfrm_policy_bysel_ctx(struct net *net, u32 mark, u8 type,
639 struct xfrm_selector *sel, 641 int dir, struct xfrm_selector *sel,
640 struct xfrm_sec_ctx *ctx, int delete, 642 struct xfrm_sec_ctx *ctx, int delete,
641 int *err) 643 int *err)
642{ 644{
@@ -650,6 +652,7 @@ struct xfrm_policy *xfrm_policy_bysel_ctx(struct net *net, u8 type, int dir,
650 ret = NULL; 652 ret = NULL;
651 hlist_for_each_entry(pol, entry, chain, bydst) { 653 hlist_for_each_entry(pol, entry, chain, bydst) {
652 if (pol->type == type && 654 if (pol->type == type &&
655 (mark & pol->mark.m) == pol->mark.v &&
653 !selector_cmp(sel, &pol->selector) && 656 !selector_cmp(sel, &pol->selector) &&
654 xfrm_sec_ctx_match(ctx, pol->security)) { 657 xfrm_sec_ctx_match(ctx, pol->security)) {
655 xfrm_pol_hold(pol); 658 xfrm_pol_hold(pol);
@@ -676,8 +679,8 @@ struct xfrm_policy *xfrm_policy_bysel_ctx(struct net *net, u8 type, int dir,
676} 679}
677EXPORT_SYMBOL(xfrm_policy_bysel_ctx); 680EXPORT_SYMBOL(xfrm_policy_bysel_ctx);
678 681
679struct xfrm_policy *xfrm_policy_byid(struct net *net, u8 type, int dir, u32 id, 682struct xfrm_policy *xfrm_policy_byid(struct net *net, u32 mark, u8 type,
680 int delete, int *err) 683 int dir, u32 id, int delete, int *err)
681{ 684{
682 struct xfrm_policy *pol, *ret; 685 struct xfrm_policy *pol, *ret;
683 struct hlist_head *chain; 686 struct hlist_head *chain;
@@ -692,7 +695,8 @@ struct xfrm_policy *xfrm_policy_byid(struct net *net, u8 type, int dir, u32 id,
692 chain = net->xfrm.policy_byidx + idx_hash(net, id); 695 chain = net->xfrm.policy_byidx + idx_hash(net, id);
693 ret = NULL; 696 ret = NULL;
694 hlist_for_each_entry(pol, entry, chain, byidx) { 697 hlist_for_each_entry(pol, entry, chain, byidx) {
695 if (pol->type == type && pol->index == id) { 698 if (pol->type == type && pol->index == id &&
699 (mark & pol->mark.m) == pol->mark.v) {
696 xfrm_pol_hold(pol); 700 xfrm_pol_hold(pol);
697 if (delete) { 701 if (delete) {
698 *err = security_xfrm_policy_delete( 702 *err = security_xfrm_policy_delete(
@@ -771,7 +775,8 @@ xfrm_policy_flush_secctx_check(struct net *net, u8 type, struct xfrm_audit *audi
771 775
772int xfrm_policy_flush(struct net *net, u8 type, struct xfrm_audit *audit_info) 776int xfrm_policy_flush(struct net *net, u8 type, struct xfrm_audit *audit_info)
773{ 777{
774 int dir, err = 0; 778 int dir, err = 0, cnt = 0;
779 struct xfrm_policy *dp;
775 780
776 write_lock_bh(&xfrm_policy_lock); 781 write_lock_bh(&xfrm_policy_lock);
777 782
@@ -789,8 +794,10 @@ int xfrm_policy_flush(struct net *net, u8 type, struct xfrm_audit *audit_info)
789 &net->xfrm.policy_inexact[dir], bydst) { 794 &net->xfrm.policy_inexact[dir], bydst) {
790 if (pol->type != type) 795 if (pol->type != type)
791 continue; 796 continue;
792 __xfrm_policy_unlink(pol, dir); 797 dp = __xfrm_policy_unlink(pol, dir);
793 write_unlock_bh(&xfrm_policy_lock); 798 write_unlock_bh(&xfrm_policy_lock);
799 if (dp)
800 cnt++;
794 801
795 xfrm_audit_policy_delete(pol, 1, audit_info->loginuid, 802 xfrm_audit_policy_delete(pol, 1, audit_info->loginuid,
796 audit_info->sessionid, 803 audit_info->sessionid,
@@ -809,8 +816,10 @@ int xfrm_policy_flush(struct net *net, u8 type, struct xfrm_audit *audit_info)
809 bydst) { 816 bydst) {
810 if (pol->type != type) 817 if (pol->type != type)
811 continue; 818 continue;
812 __xfrm_policy_unlink(pol, dir); 819 dp = __xfrm_policy_unlink(pol, dir);
813 write_unlock_bh(&xfrm_policy_lock); 820 write_unlock_bh(&xfrm_policy_lock);
821 if (dp)
822 cnt++;
814 823
815 xfrm_audit_policy_delete(pol, 1, 824 xfrm_audit_policy_delete(pol, 1,
816 audit_info->loginuid, 825 audit_info->loginuid,
@@ -824,6 +833,8 @@ int xfrm_policy_flush(struct net *net, u8 type, struct xfrm_audit *audit_info)
824 } 833 }
825 834
826 } 835 }
836 if (!cnt)
837 err = -ESRCH;
827 atomic_inc(&flow_cache_genid); 838 atomic_inc(&flow_cache_genid);
828out: 839out:
829 write_unlock_bh(&xfrm_policy_lock); 840 write_unlock_bh(&xfrm_policy_lock);
@@ -909,6 +920,7 @@ static int xfrm_policy_match(struct xfrm_policy *pol, struct flowi *fl,
909 int match, ret = -ESRCH; 920 int match, ret = -ESRCH;
910 921
911 if (pol->family != family || 922 if (pol->family != family ||
923 (fl->mark & pol->mark.m) != pol->mark.v ||
912 pol->type != type) 924 pol->type != type)
913 return ret; 925 return ret;
914 926
@@ -1033,6 +1045,10 @@ static struct xfrm_policy *xfrm_sk_policy_lookup(struct sock *sk, int dir, struc
1033 int err = 0; 1045 int err = 0;
1034 1046
1035 if (match) { 1047 if (match) {
1048 if ((sk->sk_mark & pol->mark.m) != pol->mark.v) {
1049 pol = NULL;
1050 goto out;
1051 }
1036 err = security_xfrm_policy_lookup(pol->security, 1052 err = security_xfrm_policy_lookup(pol->security,
1037 fl->secid, 1053 fl->secid,
1038 policy_to_flow_dir(dir)); 1054 policy_to_flow_dir(dir));
@@ -1045,6 +1061,7 @@ static struct xfrm_policy *xfrm_sk_policy_lookup(struct sock *sk, int dir, struc
1045 } else 1061 } else
1046 pol = NULL; 1062 pol = NULL;
1047 } 1063 }
1064out:
1048 read_unlock_bh(&xfrm_policy_lock); 1065 read_unlock_bh(&xfrm_policy_lock);
1049 return pol; 1066 return pol;
1050} 1067}
@@ -1137,6 +1154,7 @@ static struct xfrm_policy *clone_policy(struct xfrm_policy *old, int dir)
1137 } 1154 }
1138 newp->lft = old->lft; 1155 newp->lft = old->lft;
1139 newp->curlft = old->curlft; 1156 newp->curlft = old->curlft;
1157 newp->mark = old->mark;
1140 newp->action = old->action; 1158 newp->action = old->action;
1141 newp->flags = old->flags; 1159 newp->flags = old->flags;
1142 newp->xfrm_nr = old->xfrm_nr; 1160 newp->xfrm_nr = old->xfrm_nr;
@@ -2045,8 +2063,7 @@ int __xfrm_route_forward(struct sk_buff *skb, unsigned short family)
2045 int res; 2063 int res;
2046 2064
2047 if (xfrm_decode_session(skb, &fl, family) < 0) { 2065 if (xfrm_decode_session(skb, &fl, family) < 0) {
2048 /* XXX: we should have something like FWDHDRERROR here. */ 2066 XFRM_INC_STATS(net, LINUX_MIB_XFRMFWDHDRERROR);
2049 XFRM_INC_STATS(net, LINUX_MIB_XFRMINHDRERROR);
2050 return 0; 2067 return 0;
2051 } 2068 }
2052 2069
diff --git a/net/xfrm/xfrm_proc.c b/net/xfrm/xfrm_proc.c
index 003f2c437ac3..58d9ae005597 100644
--- a/net/xfrm/xfrm_proc.c
+++ b/net/xfrm/xfrm_proc.c
@@ -41,6 +41,7 @@ static const struct snmp_mib xfrm_mib_list[] = {
41 SNMP_MIB_ITEM("XfrmOutPolBlock", LINUX_MIB_XFRMOUTPOLBLOCK), 41 SNMP_MIB_ITEM("XfrmOutPolBlock", LINUX_MIB_XFRMOUTPOLBLOCK),
42 SNMP_MIB_ITEM("XfrmOutPolDead", LINUX_MIB_XFRMOUTPOLDEAD), 42 SNMP_MIB_ITEM("XfrmOutPolDead", LINUX_MIB_XFRMOUTPOLDEAD),
43 SNMP_MIB_ITEM("XfrmOutPolError", LINUX_MIB_XFRMOUTPOLERROR), 43 SNMP_MIB_ITEM("XfrmOutPolError", LINUX_MIB_XFRMOUTPOLERROR),
44 SNMP_MIB_ITEM("XfrmFwdHdrError", LINUX_MIB_XFRMFWDHDRERROR),
44 SNMP_MIB_SENTINEL 45 SNMP_MIB_SENTINEL
45}; 46};
46 47
diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
index c9d6a5f1348d..17d5b96f2fc8 100644
--- a/net/xfrm/xfrm_state.c
+++ b/net/xfrm/xfrm_state.c
@@ -603,13 +603,14 @@ xfrm_state_flush_secctx_check(struct net *net, u8 proto, struct xfrm_audit *audi
603 603
604int xfrm_state_flush(struct net *net, u8 proto, struct xfrm_audit *audit_info) 604int xfrm_state_flush(struct net *net, u8 proto, struct xfrm_audit *audit_info)
605{ 605{
606 int i, err = 0; 606 int i, err = 0, cnt = 0;
607 607
608 spin_lock_bh(&xfrm_state_lock); 608 spin_lock_bh(&xfrm_state_lock);
609 err = xfrm_state_flush_secctx_check(net, proto, audit_info); 609 err = xfrm_state_flush_secctx_check(net, proto, audit_info);
610 if (err) 610 if (err)
611 goto out; 611 goto out;
612 612
613 err = -ESRCH;
613 for (i = 0; i <= net->xfrm.state_hmask; i++) { 614 for (i = 0; i <= net->xfrm.state_hmask; i++) {
614 struct hlist_node *entry; 615 struct hlist_node *entry;
615 struct xfrm_state *x; 616 struct xfrm_state *x;
@@ -626,13 +627,16 @@ restart:
626 audit_info->sessionid, 627 audit_info->sessionid,
627 audit_info->secid); 628 audit_info->secid);
628 xfrm_state_put(x); 629 xfrm_state_put(x);
630 if (!err)
631 cnt++;
629 632
630 spin_lock_bh(&xfrm_state_lock); 633 spin_lock_bh(&xfrm_state_lock);
631 goto restart; 634 goto restart;
632 } 635 }
633 } 636 }
634 } 637 }
635 err = 0; 638 if (cnt)
639 err = 0;
636 640
637out: 641out:
638 spin_unlock_bh(&xfrm_state_lock); 642 spin_unlock_bh(&xfrm_state_lock);
@@ -665,7 +669,7 @@ xfrm_init_tempsel(struct xfrm_state *x, struct flowi *fl,
665 return 0; 669 return 0;
666} 670}
667 671
668static struct xfrm_state *__xfrm_state_lookup(struct net *net, xfrm_address_t *daddr, __be32 spi, u8 proto, unsigned short family) 672static struct xfrm_state *__xfrm_state_lookup(struct net *net, u32 mark, xfrm_address_t *daddr, __be32 spi, u8 proto, unsigned short family)
669{ 673{
670 unsigned int h = xfrm_spi_hash(net, daddr, spi, proto, family); 674 unsigned int h = xfrm_spi_hash(net, daddr, spi, proto, family);
671 struct xfrm_state *x; 675 struct xfrm_state *x;
@@ -678,6 +682,8 @@ static struct xfrm_state *__xfrm_state_lookup(struct net *net, xfrm_address_t *d
678 xfrm_addr_cmp(&x->id.daddr, daddr, family)) 682 xfrm_addr_cmp(&x->id.daddr, daddr, family))
679 continue; 683 continue;
680 684
685 if ((mark & x->mark.m) != x->mark.v)
686 continue;
681 xfrm_state_hold(x); 687 xfrm_state_hold(x);
682 return x; 688 return x;
683 } 689 }
@@ -685,7 +691,7 @@ static struct xfrm_state *__xfrm_state_lookup(struct net *net, xfrm_address_t *d
685 return NULL; 691 return NULL;
686} 692}
687 693
688static struct xfrm_state *__xfrm_state_lookup_byaddr(struct net *net, xfrm_address_t *daddr, xfrm_address_t *saddr, u8 proto, unsigned short family) 694static struct xfrm_state *__xfrm_state_lookup_byaddr(struct net *net, u32 mark, xfrm_address_t *daddr, xfrm_address_t *saddr, u8 proto, unsigned short family)
689{ 695{
690 unsigned int h = xfrm_src_hash(net, daddr, saddr, family); 696 unsigned int h = xfrm_src_hash(net, daddr, saddr, family);
691 struct xfrm_state *x; 697 struct xfrm_state *x;
@@ -698,6 +704,8 @@ static struct xfrm_state *__xfrm_state_lookup_byaddr(struct net *net, xfrm_addre
698 xfrm_addr_cmp(&x->props.saddr, saddr, family)) 704 xfrm_addr_cmp(&x->props.saddr, saddr, family))
699 continue; 705 continue;
700 706
707 if ((mark & x->mark.m) != x->mark.v)
708 continue;
701 xfrm_state_hold(x); 709 xfrm_state_hold(x);
702 return x; 710 return x;
703 } 711 }
@@ -709,12 +717,14 @@ static inline struct xfrm_state *
709__xfrm_state_locate(struct xfrm_state *x, int use_spi, int family) 717__xfrm_state_locate(struct xfrm_state *x, int use_spi, int family)
710{ 718{
711 struct net *net = xs_net(x); 719 struct net *net = xs_net(x);
720 u32 mark = x->mark.v & x->mark.m;
712 721
713 if (use_spi) 722 if (use_spi)
714 return __xfrm_state_lookup(net, &x->id.daddr, x->id.spi, 723 return __xfrm_state_lookup(net, mark, &x->id.daddr,
715 x->id.proto, family); 724 x->id.spi, x->id.proto, family);
716 else 725 else
717 return __xfrm_state_lookup_byaddr(net, &x->id.daddr, 726 return __xfrm_state_lookup_byaddr(net, mark,
727 &x->id.daddr,
718 &x->props.saddr, 728 &x->props.saddr,
719 x->id.proto, family); 729 x->id.proto, family);
720} 730}
@@ -779,6 +789,7 @@ xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr,
779 int acquire_in_progress = 0; 789 int acquire_in_progress = 0;
780 int error = 0; 790 int error = 0;
781 struct xfrm_state *best = NULL; 791 struct xfrm_state *best = NULL;
792 u32 mark = pol->mark.v & pol->mark.m;
782 793
783 to_put = NULL; 794 to_put = NULL;
784 795
@@ -787,6 +798,7 @@ xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr,
787 hlist_for_each_entry(x, entry, net->xfrm.state_bydst+h, bydst) { 798 hlist_for_each_entry(x, entry, net->xfrm.state_bydst+h, bydst) {
788 if (x->props.family == family && 799 if (x->props.family == family &&
789 x->props.reqid == tmpl->reqid && 800 x->props.reqid == tmpl->reqid &&
801 (mark & x->mark.m) == x->mark.v &&
790 !(x->props.flags & XFRM_STATE_WILDRECV) && 802 !(x->props.flags & XFRM_STATE_WILDRECV) &&
791 xfrm_state_addr_check(x, daddr, saddr, family) && 803 xfrm_state_addr_check(x, daddr, saddr, family) &&
792 tmpl->mode == x->props.mode && 804 tmpl->mode == x->props.mode &&
@@ -802,6 +814,7 @@ xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr,
802 hlist_for_each_entry(x, entry, net->xfrm.state_bydst+h_wildcard, bydst) { 814 hlist_for_each_entry(x, entry, net->xfrm.state_bydst+h_wildcard, bydst) {
803 if (x->props.family == family && 815 if (x->props.family == family &&
804 x->props.reqid == tmpl->reqid && 816 x->props.reqid == tmpl->reqid &&
817 (mark & x->mark.m) == x->mark.v &&
805 !(x->props.flags & XFRM_STATE_WILDRECV) && 818 !(x->props.flags & XFRM_STATE_WILDRECV) &&
806 xfrm_state_addr_check(x, daddr, saddr, family) && 819 xfrm_state_addr_check(x, daddr, saddr, family) &&
807 tmpl->mode == x->props.mode && 820 tmpl->mode == x->props.mode &&
@@ -815,7 +828,7 @@ found:
815 x = best; 828 x = best;
816 if (!x && !error && !acquire_in_progress) { 829 if (!x && !error && !acquire_in_progress) {
817 if (tmpl->id.spi && 830 if (tmpl->id.spi &&
818 (x0 = __xfrm_state_lookup(net, daddr, tmpl->id.spi, 831 (x0 = __xfrm_state_lookup(net, mark, daddr, tmpl->id.spi,
819 tmpl->id.proto, family)) != NULL) { 832 tmpl->id.proto, family)) != NULL) {
820 to_put = x0; 833 to_put = x0;
821 error = -EEXIST; 834 error = -EEXIST;
@@ -829,6 +842,7 @@ found:
829 /* Initialize temporary selector matching only 842 /* Initialize temporary selector matching only
830 * to current session. */ 843 * to current session. */
831 xfrm_init_tempsel(x, fl, tmpl, daddr, saddr, family); 844 xfrm_init_tempsel(x, fl, tmpl, daddr, saddr, family);
845 memcpy(&x->mark, &pol->mark, sizeof(x->mark));
832 846
833 error = security_xfrm_state_alloc_acquire(x, pol->security, fl->secid); 847 error = security_xfrm_state_alloc_acquire(x, pol->security, fl->secid);
834 if (error) { 848 if (error) {
@@ -871,7 +885,7 @@ out:
871} 885}
872 886
873struct xfrm_state * 887struct xfrm_state *
874xfrm_stateonly_find(struct net *net, 888xfrm_stateonly_find(struct net *net, u32 mark,
875 xfrm_address_t *daddr, xfrm_address_t *saddr, 889 xfrm_address_t *daddr, xfrm_address_t *saddr,
876 unsigned short family, u8 mode, u8 proto, u32 reqid) 890 unsigned short family, u8 mode, u8 proto, u32 reqid)
877{ 891{
@@ -884,6 +898,7 @@ xfrm_stateonly_find(struct net *net,
884 hlist_for_each_entry(x, entry, net->xfrm.state_bydst+h, bydst) { 898 hlist_for_each_entry(x, entry, net->xfrm.state_bydst+h, bydst) {
885 if (x->props.family == family && 899 if (x->props.family == family &&
886 x->props.reqid == reqid && 900 x->props.reqid == reqid &&
901 (mark & x->mark.m) == x->mark.v &&
887 !(x->props.flags & XFRM_STATE_WILDRECV) && 902 !(x->props.flags & XFRM_STATE_WILDRECV) &&
888 xfrm_state_addr_check(x, daddr, saddr, family) && 903 xfrm_state_addr_check(x, daddr, saddr, family) &&
889 mode == x->props.mode && 904 mode == x->props.mode &&
@@ -946,11 +961,13 @@ static void __xfrm_state_bump_genids(struct xfrm_state *xnew)
946 struct xfrm_state *x; 961 struct xfrm_state *x;
947 struct hlist_node *entry; 962 struct hlist_node *entry;
948 unsigned int h; 963 unsigned int h;
964 u32 mark = xnew->mark.v & xnew->mark.m;
949 965
950 h = xfrm_dst_hash(net, &xnew->id.daddr, &xnew->props.saddr, reqid, family); 966 h = xfrm_dst_hash(net, &xnew->id.daddr, &xnew->props.saddr, reqid, family);
951 hlist_for_each_entry(x, entry, net->xfrm.state_bydst+h, bydst) { 967 hlist_for_each_entry(x, entry, net->xfrm.state_bydst+h, bydst) {
952 if (x->props.family == family && 968 if (x->props.family == family &&
953 x->props.reqid == reqid && 969 x->props.reqid == reqid &&
970 (mark & x->mark.m) == x->mark.v &&
954 !xfrm_addr_cmp(&x->id.daddr, &xnew->id.daddr, family) && 971 !xfrm_addr_cmp(&x->id.daddr, &xnew->id.daddr, family) &&
955 !xfrm_addr_cmp(&x->props.saddr, &xnew->props.saddr, family)) 972 !xfrm_addr_cmp(&x->props.saddr, &xnew->props.saddr, family))
956 x->genid = xfrm_state_genid; 973 x->genid = xfrm_state_genid;
@@ -967,11 +984,12 @@ void xfrm_state_insert(struct xfrm_state *x)
967EXPORT_SYMBOL(xfrm_state_insert); 984EXPORT_SYMBOL(xfrm_state_insert);
968 985
969/* xfrm_state_lock is held */ 986/* xfrm_state_lock is held */
970static struct xfrm_state *__find_acq_core(struct net *net, unsigned short family, u8 mode, u32 reqid, u8 proto, xfrm_address_t *daddr, xfrm_address_t *saddr, int create) 987static struct xfrm_state *__find_acq_core(struct net *net, struct xfrm_mark *m, unsigned short family, u8 mode, u32 reqid, u8 proto, xfrm_address_t *daddr, xfrm_address_t *saddr, int create)
971{ 988{
972 unsigned int h = xfrm_dst_hash(net, daddr, saddr, reqid, family); 989 unsigned int h = xfrm_dst_hash(net, daddr, saddr, reqid, family);
973 struct hlist_node *entry; 990 struct hlist_node *entry;
974 struct xfrm_state *x; 991 struct xfrm_state *x;
992 u32 mark = m->v & m->m;
975 993
976 hlist_for_each_entry(x, entry, net->xfrm.state_bydst+h, bydst) { 994 hlist_for_each_entry(x, entry, net->xfrm.state_bydst+h, bydst) {
977 if (x->props.reqid != reqid || 995 if (x->props.reqid != reqid ||
@@ -980,6 +998,7 @@ static struct xfrm_state *__find_acq_core(struct net *net, unsigned short family
980 x->km.state != XFRM_STATE_ACQ || 998 x->km.state != XFRM_STATE_ACQ ||
981 x->id.spi != 0 || 999 x->id.spi != 0 ||
982 x->id.proto != proto || 1000 x->id.proto != proto ||
1001 (mark & x->mark.m) != x->mark.v ||
983 xfrm_addr_cmp(&x->id.daddr, daddr, family) || 1002 xfrm_addr_cmp(&x->id.daddr, daddr, family) ||
984 xfrm_addr_cmp(&x->props.saddr, saddr, family)) 1003 xfrm_addr_cmp(&x->props.saddr, saddr, family))
985 continue; 1004 continue;
@@ -1022,6 +1041,8 @@ static struct xfrm_state *__find_acq_core(struct net *net, unsigned short family
1022 x->props.family = family; 1041 x->props.family = family;
1023 x->props.mode = mode; 1042 x->props.mode = mode;
1024 x->props.reqid = reqid; 1043 x->props.reqid = reqid;
1044 x->mark.v = m->v;
1045 x->mark.m = m->m;
1025 x->lft.hard_add_expires_seconds = net->xfrm.sysctl_acq_expires; 1046 x->lft.hard_add_expires_seconds = net->xfrm.sysctl_acq_expires;
1026 xfrm_state_hold(x); 1047 xfrm_state_hold(x);
1027 tasklet_hrtimer_start(&x->mtimer, ktime_set(net->xfrm.sysctl_acq_expires, 0), HRTIMER_MODE_REL); 1048 tasklet_hrtimer_start(&x->mtimer, ktime_set(net->xfrm.sysctl_acq_expires, 0), HRTIMER_MODE_REL);
@@ -1038,7 +1059,7 @@ static struct xfrm_state *__find_acq_core(struct net *net, unsigned short family
1038 return x; 1059 return x;
1039} 1060}
1040 1061
1041static struct xfrm_state *__xfrm_find_acq_byseq(struct net *net, u32 seq); 1062static struct xfrm_state *__xfrm_find_acq_byseq(struct net *net, u32 mark, u32 seq);
1042 1063
1043int xfrm_state_add(struct xfrm_state *x) 1064int xfrm_state_add(struct xfrm_state *x)
1044{ 1065{
@@ -1046,6 +1067,7 @@ int xfrm_state_add(struct xfrm_state *x)
1046 struct xfrm_state *x1, *to_put; 1067 struct xfrm_state *x1, *to_put;
1047 int family; 1068 int family;
1048 int err; 1069 int err;
1070 u32 mark = x->mark.v & x->mark.m;
1049 int use_spi = xfrm_id_proto_match(x->id.proto, IPSEC_PROTO_ANY); 1071 int use_spi = xfrm_id_proto_match(x->id.proto, IPSEC_PROTO_ANY);
1050 1072
1051 family = x->props.family; 1073 family = x->props.family;
@@ -1063,7 +1085,7 @@ int xfrm_state_add(struct xfrm_state *x)
1063 } 1085 }
1064 1086
1065 if (use_spi && x->km.seq) { 1087 if (use_spi && x->km.seq) {
1066 x1 = __xfrm_find_acq_byseq(net, x->km.seq); 1088 x1 = __xfrm_find_acq_byseq(net, mark, x->km.seq);
1067 if (x1 && ((x1->id.proto != x->id.proto) || 1089 if (x1 && ((x1->id.proto != x->id.proto) ||
1068 xfrm_addr_cmp(&x1->id.daddr, &x->id.daddr, family))) { 1090 xfrm_addr_cmp(&x1->id.daddr, &x->id.daddr, family))) {
1069 to_put = x1; 1091 to_put = x1;
@@ -1072,8 +1094,8 @@ int xfrm_state_add(struct xfrm_state *x)
1072 } 1094 }
1073 1095
1074 if (use_spi && !x1) 1096 if (use_spi && !x1)
1075 x1 = __find_acq_core(net, family, x->props.mode, x->props.reqid, 1097 x1 = __find_acq_core(net, &x->mark, family, x->props.mode,
1076 x->id.proto, 1098 x->props.reqid, x->id.proto,
1077 &x->id.daddr, &x->props.saddr, 0); 1099 &x->id.daddr, &x->props.saddr, 0);
1078 1100
1079 __xfrm_state_bump_genids(x); 1101 __xfrm_state_bump_genids(x);
@@ -1147,6 +1169,8 @@ static struct xfrm_state *xfrm_state_clone(struct xfrm_state *orig, int *errp)
1147 goto error; 1169 goto error;
1148 } 1170 }
1149 1171
1172 memcpy(&x->mark, &orig->mark, sizeof(x->mark));
1173
1150 err = xfrm_init_state(x); 1174 err = xfrm_init_state(x);
1151 if (err) 1175 if (err)
1152 goto error; 1176 goto error;
@@ -1338,41 +1362,41 @@ int xfrm_state_check_expire(struct xfrm_state *x)
1338EXPORT_SYMBOL(xfrm_state_check_expire); 1362EXPORT_SYMBOL(xfrm_state_check_expire);
1339 1363
1340struct xfrm_state * 1364struct xfrm_state *
1341xfrm_state_lookup(struct net *net, xfrm_address_t *daddr, __be32 spi, u8 proto, 1365xfrm_state_lookup(struct net *net, u32 mark, xfrm_address_t *daddr, __be32 spi,
1342 unsigned short family) 1366 u8 proto, unsigned short family)
1343{ 1367{
1344 struct xfrm_state *x; 1368 struct xfrm_state *x;
1345 1369
1346 spin_lock_bh(&xfrm_state_lock); 1370 spin_lock_bh(&xfrm_state_lock);
1347 x = __xfrm_state_lookup(net, daddr, spi, proto, family); 1371 x = __xfrm_state_lookup(net, mark, daddr, spi, proto, family);
1348 spin_unlock_bh(&xfrm_state_lock); 1372 spin_unlock_bh(&xfrm_state_lock);
1349 return x; 1373 return x;
1350} 1374}
1351EXPORT_SYMBOL(xfrm_state_lookup); 1375EXPORT_SYMBOL(xfrm_state_lookup);
1352 1376
1353struct xfrm_state * 1377struct xfrm_state *
1354xfrm_state_lookup_byaddr(struct net *net, 1378xfrm_state_lookup_byaddr(struct net *net, u32 mark,
1355 xfrm_address_t *daddr, xfrm_address_t *saddr, 1379 xfrm_address_t *daddr, xfrm_address_t *saddr,
1356 u8 proto, unsigned short family) 1380 u8 proto, unsigned short family)
1357{ 1381{
1358 struct xfrm_state *x; 1382 struct xfrm_state *x;
1359 1383
1360 spin_lock_bh(&xfrm_state_lock); 1384 spin_lock_bh(&xfrm_state_lock);
1361 x = __xfrm_state_lookup_byaddr(net, daddr, saddr, proto, family); 1385 x = __xfrm_state_lookup_byaddr(net, mark, daddr, saddr, proto, family);
1362 spin_unlock_bh(&xfrm_state_lock); 1386 spin_unlock_bh(&xfrm_state_lock);
1363 return x; 1387 return x;
1364} 1388}
1365EXPORT_SYMBOL(xfrm_state_lookup_byaddr); 1389EXPORT_SYMBOL(xfrm_state_lookup_byaddr);
1366 1390
1367struct xfrm_state * 1391struct xfrm_state *
1368xfrm_find_acq(struct net *net, u8 mode, u32 reqid, u8 proto, 1392xfrm_find_acq(struct net *net, struct xfrm_mark *mark, u8 mode, u32 reqid, u8 proto,
1369 xfrm_address_t *daddr, xfrm_address_t *saddr, 1393 xfrm_address_t *daddr, xfrm_address_t *saddr,
1370 int create, unsigned short family) 1394 int create, unsigned short family)
1371{ 1395{
1372 struct xfrm_state *x; 1396 struct xfrm_state *x;
1373 1397
1374 spin_lock_bh(&xfrm_state_lock); 1398 spin_lock_bh(&xfrm_state_lock);
1375 x = __find_acq_core(net, family, mode, reqid, proto, daddr, saddr, create); 1399 x = __find_acq_core(net, mark, family, mode, reqid, proto, daddr, saddr, create);
1376 spin_unlock_bh(&xfrm_state_lock); 1400 spin_unlock_bh(&xfrm_state_lock);
1377 1401
1378 return x; 1402 return x;
@@ -1419,7 +1443,7 @@ EXPORT_SYMBOL(xfrm_state_sort);
1419 1443
1420/* Silly enough, but I'm lazy to build resolution list */ 1444/* Silly enough, but I'm lazy to build resolution list */
1421 1445
1422static struct xfrm_state *__xfrm_find_acq_byseq(struct net *net, u32 seq) 1446static struct xfrm_state *__xfrm_find_acq_byseq(struct net *net, u32 mark, u32 seq)
1423{ 1447{
1424 int i; 1448 int i;
1425 1449
@@ -1429,6 +1453,7 @@ static struct xfrm_state *__xfrm_find_acq_byseq(struct net *net, u32 seq)
1429 1453
1430 hlist_for_each_entry(x, entry, net->xfrm.state_bydst+i, bydst) { 1454 hlist_for_each_entry(x, entry, net->xfrm.state_bydst+i, bydst) {
1431 if (x->km.seq == seq && 1455 if (x->km.seq == seq &&
1456 (mark & x->mark.m) == x->mark.v &&
1432 x->km.state == XFRM_STATE_ACQ) { 1457 x->km.state == XFRM_STATE_ACQ) {
1433 xfrm_state_hold(x); 1458 xfrm_state_hold(x);
1434 return x; 1459 return x;
@@ -1438,12 +1463,12 @@ static struct xfrm_state *__xfrm_find_acq_byseq(struct net *net, u32 seq)
1438 return NULL; 1463 return NULL;
1439} 1464}
1440 1465
1441struct xfrm_state *xfrm_find_acq_byseq(struct net *net, u32 seq) 1466struct xfrm_state *xfrm_find_acq_byseq(struct net *net, u32 mark, u32 seq)
1442{ 1467{
1443 struct xfrm_state *x; 1468 struct xfrm_state *x;
1444 1469
1445 spin_lock_bh(&xfrm_state_lock); 1470 spin_lock_bh(&xfrm_state_lock);
1446 x = __xfrm_find_acq_byseq(net, seq); 1471 x = __xfrm_find_acq_byseq(net, mark, seq);
1447 spin_unlock_bh(&xfrm_state_lock); 1472 spin_unlock_bh(&xfrm_state_lock);
1448 return x; 1473 return x;
1449} 1474}
@@ -1470,6 +1495,7 @@ int xfrm_alloc_spi(struct xfrm_state *x, u32 low, u32 high)
1470 int err = -ENOENT; 1495 int err = -ENOENT;
1471 __be32 minspi = htonl(low); 1496 __be32 minspi = htonl(low);
1472 __be32 maxspi = htonl(high); 1497 __be32 maxspi = htonl(high);
1498 u32 mark = x->mark.v & x->mark.m;
1473 1499
1474 spin_lock_bh(&x->lock); 1500 spin_lock_bh(&x->lock);
1475 if (x->km.state == XFRM_STATE_DEAD) 1501 if (x->km.state == XFRM_STATE_DEAD)
@@ -1482,7 +1508,7 @@ int xfrm_alloc_spi(struct xfrm_state *x, u32 low, u32 high)
1482 err = -ENOENT; 1508 err = -ENOENT;
1483 1509
1484 if (minspi == maxspi) { 1510 if (minspi == maxspi) {
1485 x0 = xfrm_state_lookup(net, &x->id.daddr, minspi, x->id.proto, x->props.family); 1511 x0 = xfrm_state_lookup(net, mark, &x->id.daddr, minspi, x->id.proto, x->props.family);
1486 if (x0) { 1512 if (x0) {
1487 xfrm_state_put(x0); 1513 xfrm_state_put(x0);
1488 goto unlock; 1514 goto unlock;
@@ -1492,7 +1518,7 @@ int xfrm_alloc_spi(struct xfrm_state *x, u32 low, u32 high)
1492 u32 spi = 0; 1518 u32 spi = 0;
1493 for (h=0; h<high-low+1; h++) { 1519 for (h=0; h<high-low+1; h++) {
1494 spi = low + net_random()%(high-low+1); 1520 spi = low + net_random()%(high-low+1);
1495 x0 = xfrm_state_lookup(net, &x->id.daddr, htonl(spi), x->id.proto, x->props.family); 1521 x0 = xfrm_state_lookup(net, mark, &x->id.daddr, htonl(spi), x->id.proto, x->props.family);
1496 if (x0 == NULL) { 1522 if (x0 == NULL) {
1497 x->id.spi = htonl(spi); 1523 x->id.spi = htonl(spi);
1498 break; 1524 break;
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index 943c8712bd97..6106b72826d3 100644
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -446,6 +446,8 @@ static struct xfrm_state *xfrm_state_construct(struct net *net,
446 goto error; 446 goto error;
447 } 447 }
448 448
449 xfrm_mark_get(attrs, &x->mark);
450
449 err = xfrm_init_state(x); 451 err = xfrm_init_state(x);
450 if (err) 452 if (err)
451 goto error; 453 goto error;
@@ -526,11 +528,13 @@ static struct xfrm_state *xfrm_user_state_lookup(struct net *net,
526 int *errp) 528 int *errp)
527{ 529{
528 struct xfrm_state *x = NULL; 530 struct xfrm_state *x = NULL;
531 struct xfrm_mark m;
529 int err; 532 int err;
533 u32 mark = xfrm_mark_get(attrs, &m);
530 534
531 if (xfrm_id_proto_match(p->proto, IPSEC_PROTO_ANY)) { 535 if (xfrm_id_proto_match(p->proto, IPSEC_PROTO_ANY)) {
532 err = -ESRCH; 536 err = -ESRCH;
533 x = xfrm_state_lookup(net, &p->daddr, p->spi, p->proto, p->family); 537 x = xfrm_state_lookup(net, mark, &p->daddr, p->spi, p->proto, p->family);
534 } else { 538 } else {
535 xfrm_address_t *saddr = NULL; 539 xfrm_address_t *saddr = NULL;
536 540
@@ -541,7 +545,8 @@ static struct xfrm_state *xfrm_user_state_lookup(struct net *net,
541 } 545 }
542 546
543 err = -ESRCH; 547 err = -ESRCH;
544 x = xfrm_state_lookup_byaddr(net, &p->daddr, saddr, 548 x = xfrm_state_lookup_byaddr(net, mark,
549 &p->daddr, saddr,
545 p->proto, p->family); 550 p->proto, p->family);
546 } 551 }
547 552
@@ -683,6 +688,9 @@ static int copy_to_user_state_extra(struct xfrm_state *x,
683 if (x->encap) 688 if (x->encap)
684 NLA_PUT(skb, XFRMA_ENCAP, sizeof(*x->encap), x->encap); 689 NLA_PUT(skb, XFRMA_ENCAP, sizeof(*x->encap), x->encap);
685 690
691 if (xfrm_mark_put(skb, &x->mark))
692 goto nla_put_failure;
693
686 if (x->security && copy_sec_ctx(x->security, skb) < 0) 694 if (x->security && copy_sec_ctx(x->security, skb) < 0)
687 goto nla_put_failure; 695 goto nla_put_failure;
688 696
@@ -947,6 +955,8 @@ static int xfrm_alloc_userspi(struct sk_buff *skb, struct nlmsghdr *nlh,
947 xfrm_address_t *daddr; 955 xfrm_address_t *daddr;
948 int family; 956 int family;
949 int err; 957 int err;
958 u32 mark;
959 struct xfrm_mark m;
950 960
951 p = nlmsg_data(nlh); 961 p = nlmsg_data(nlh);
952 err = verify_userspi_info(p); 962 err = verify_userspi_info(p);
@@ -957,8 +967,10 @@ static int xfrm_alloc_userspi(struct sk_buff *skb, struct nlmsghdr *nlh,
957 daddr = &p->info.id.daddr; 967 daddr = &p->info.id.daddr;
958 968
959 x = NULL; 969 x = NULL;
970
971 mark = xfrm_mark_get(attrs, &m);
960 if (p->info.seq) { 972 if (p->info.seq) {
961 x = xfrm_find_acq_byseq(net, p->info.seq); 973 x = xfrm_find_acq_byseq(net, mark, p->info.seq);
962 if (x && xfrm_addr_cmp(&x->id.daddr, daddr, family)) { 974 if (x && xfrm_addr_cmp(&x->id.daddr, daddr, family)) {
963 xfrm_state_put(x); 975 xfrm_state_put(x);
964 x = NULL; 976 x = NULL;
@@ -966,7 +978,7 @@ static int xfrm_alloc_userspi(struct sk_buff *skb, struct nlmsghdr *nlh,
966 } 978 }
967 979
968 if (!x) 980 if (!x)
969 x = xfrm_find_acq(net, p->info.mode, p->info.reqid, 981 x = xfrm_find_acq(net, &m, p->info.mode, p->info.reqid,
970 p->info.id.proto, daddr, 982 p->info.id.proto, daddr,
971 &p->info.saddr, 1, 983 &p->info.saddr, 1,
972 family); 984 family);
@@ -1220,6 +1232,8 @@ static struct xfrm_policy *xfrm_policy_construct(struct net *net, struct xfrm_us
1220 if (err) 1232 if (err)
1221 goto error; 1233 goto error;
1222 1234
1235 xfrm_mark_get(attrs, &xp->mark);
1236
1223 return xp; 1237 return xp;
1224 error: 1238 error:
1225 *errp = err; 1239 *errp = err;
@@ -1366,10 +1380,13 @@ static int dump_one_policy(struct xfrm_policy *xp, int dir, int count, void *ptr
1366 goto nlmsg_failure; 1380 goto nlmsg_failure;
1367 if (copy_to_user_policy_type(xp->type, skb) < 0) 1381 if (copy_to_user_policy_type(xp->type, skb) < 0)
1368 goto nlmsg_failure; 1382 goto nlmsg_failure;
1383 if (xfrm_mark_put(skb, &xp->mark))
1384 goto nla_put_failure;
1369 1385
1370 nlmsg_end(skb, nlh); 1386 nlmsg_end(skb, nlh);
1371 return 0; 1387 return 0;
1372 1388
1389nla_put_failure:
1373nlmsg_failure: 1390nlmsg_failure:
1374 nlmsg_cancel(skb, nlh); 1391 nlmsg_cancel(skb, nlh);
1375 return -EMSGSIZE; 1392 return -EMSGSIZE;
@@ -1441,6 +1458,8 @@ static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh,
1441 int err; 1458 int err;
1442 struct km_event c; 1459 struct km_event c;
1443 int delete; 1460 int delete;
1461 struct xfrm_mark m;
1462 u32 mark = xfrm_mark_get(attrs, &m);
1444 1463
1445 p = nlmsg_data(nlh); 1464 p = nlmsg_data(nlh);
1446 delete = nlh->nlmsg_type == XFRM_MSG_DELPOLICY; 1465 delete = nlh->nlmsg_type == XFRM_MSG_DELPOLICY;
@@ -1454,7 +1473,7 @@ static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh,
1454 return err; 1473 return err;
1455 1474
1456 if (p->index) 1475 if (p->index)
1457 xp = xfrm_policy_byid(net, type, p->dir, p->index, delete, &err); 1476 xp = xfrm_policy_byid(net, mark, type, p->dir, p->index, delete, &err);
1458 else { 1477 else {
1459 struct nlattr *rt = attrs[XFRMA_SEC_CTX]; 1478 struct nlattr *rt = attrs[XFRMA_SEC_CTX];
1460 struct xfrm_sec_ctx *ctx; 1479 struct xfrm_sec_ctx *ctx;
@@ -1471,8 +1490,8 @@ static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh,
1471 if (err) 1490 if (err)
1472 return err; 1491 return err;
1473 } 1492 }
1474 xp = xfrm_policy_bysel_ctx(net, type, p->dir, &p->sel, ctx, 1493 xp = xfrm_policy_bysel_ctx(net, mark, type, p->dir, &p->sel,
1475 delete, &err); 1494 ctx, delete, &err);
1476 security_xfrm_policy_free(ctx); 1495 security_xfrm_policy_free(ctx);
1477 } 1496 }
1478 if (xp == NULL) 1497 if (xp == NULL)
@@ -1524,8 +1543,11 @@ static int xfrm_flush_sa(struct sk_buff *skb, struct nlmsghdr *nlh,
1524 audit_info.sessionid = NETLINK_CB(skb).sessionid; 1543 audit_info.sessionid = NETLINK_CB(skb).sessionid;
1525 audit_info.secid = NETLINK_CB(skb).sid; 1544 audit_info.secid = NETLINK_CB(skb).sid;
1526 err = xfrm_state_flush(net, p->proto, &audit_info); 1545 err = xfrm_state_flush(net, p->proto, &audit_info);
1527 if (err) 1546 if (err) {
1547 if (err == -ESRCH) /* empty table */
1548 return 0;
1528 return err; 1549 return err;
1550 }
1529 c.data.proto = p->proto; 1551 c.data.proto = p->proto;
1530 c.event = nlh->nlmsg_type; 1552 c.event = nlh->nlmsg_type;
1531 c.seq = nlh->nlmsg_seq; 1553 c.seq = nlh->nlmsg_seq;
@@ -1541,6 +1563,7 @@ static inline size_t xfrm_aevent_msgsize(void)
1541 return NLMSG_ALIGN(sizeof(struct xfrm_aevent_id)) 1563 return NLMSG_ALIGN(sizeof(struct xfrm_aevent_id))
1542 + nla_total_size(sizeof(struct xfrm_replay_state)) 1564 + nla_total_size(sizeof(struct xfrm_replay_state))
1543 + nla_total_size(sizeof(struct xfrm_lifetime_cur)) 1565 + nla_total_size(sizeof(struct xfrm_lifetime_cur))
1566 + nla_total_size(sizeof(struct xfrm_mark))
1544 + nla_total_size(4) /* XFRM_AE_RTHR */ 1567 + nla_total_size(4) /* XFRM_AE_RTHR */
1545 + nla_total_size(4); /* XFRM_AE_ETHR */ 1568 + nla_total_size(4); /* XFRM_AE_ETHR */
1546} 1569}
@@ -1573,6 +1596,9 @@ static int build_aevent(struct sk_buff *skb, struct xfrm_state *x, struct km_eve
1573 NLA_PUT_U32(skb, XFRMA_ETIMER_THRESH, 1596 NLA_PUT_U32(skb, XFRMA_ETIMER_THRESH,
1574 x->replay_maxage * 10 / HZ); 1597 x->replay_maxage * 10 / HZ);
1575 1598
1599 if (xfrm_mark_put(skb, &x->mark))
1600 goto nla_put_failure;
1601
1576 return nlmsg_end(skb, nlh); 1602 return nlmsg_end(skb, nlh);
1577 1603
1578nla_put_failure: 1604nla_put_failure:
@@ -1588,6 +1614,8 @@ static int xfrm_get_ae(struct sk_buff *skb, struct nlmsghdr *nlh,
1588 struct sk_buff *r_skb; 1614 struct sk_buff *r_skb;
1589 int err; 1615 int err;
1590 struct km_event c; 1616 struct km_event c;
1617 u32 mark;
1618 struct xfrm_mark m;
1591 struct xfrm_aevent_id *p = nlmsg_data(nlh); 1619 struct xfrm_aevent_id *p = nlmsg_data(nlh);
1592 struct xfrm_usersa_id *id = &p->sa_id; 1620 struct xfrm_usersa_id *id = &p->sa_id;
1593 1621
@@ -1595,7 +1623,9 @@ static int xfrm_get_ae(struct sk_buff *skb, struct nlmsghdr *nlh,
1595 if (r_skb == NULL) 1623 if (r_skb == NULL)
1596 return -ENOMEM; 1624 return -ENOMEM;
1597 1625
1598 x = xfrm_state_lookup(net, &id->daddr, id->spi, id->proto, id->family); 1626 mark = xfrm_mark_get(attrs, &m);
1627
1628 x = xfrm_state_lookup(net, mark, &id->daddr, id->spi, id->proto, id->family);
1599 if (x == NULL) { 1629 if (x == NULL) {
1600 kfree_skb(r_skb); 1630 kfree_skb(r_skb);
1601 return -ESRCH; 1631 return -ESRCH;
@@ -1626,6 +1656,8 @@ static int xfrm_new_ae(struct sk_buff *skb, struct nlmsghdr *nlh,
1626 struct xfrm_state *x; 1656 struct xfrm_state *x;
1627 struct km_event c; 1657 struct km_event c;
1628 int err = - EINVAL; 1658 int err = - EINVAL;
1659 u32 mark = 0;
1660 struct xfrm_mark m;
1629 struct xfrm_aevent_id *p = nlmsg_data(nlh); 1661 struct xfrm_aevent_id *p = nlmsg_data(nlh);
1630 struct nlattr *rp = attrs[XFRMA_REPLAY_VAL]; 1662 struct nlattr *rp = attrs[XFRMA_REPLAY_VAL];
1631 struct nlattr *lt = attrs[XFRMA_LTIME_VAL]; 1663 struct nlattr *lt = attrs[XFRMA_LTIME_VAL];
@@ -1637,7 +1669,9 @@ static int xfrm_new_ae(struct sk_buff *skb, struct nlmsghdr *nlh,
1637 if (!(nlh->nlmsg_flags&NLM_F_REPLACE)) 1669 if (!(nlh->nlmsg_flags&NLM_F_REPLACE))
1638 return err; 1670 return err;
1639 1671
1640 x = xfrm_state_lookup(net, &p->sa_id.daddr, p->sa_id.spi, p->sa_id.proto, p->sa_id.family); 1672 mark = xfrm_mark_get(attrs, &m);
1673
1674 x = xfrm_state_lookup(net, mark, &p->sa_id.daddr, p->sa_id.spi, p->sa_id.proto, p->sa_id.family);
1641 if (x == NULL) 1675 if (x == NULL)
1642 return -ESRCH; 1676 return -ESRCH;
1643 1677
@@ -1676,8 +1710,12 @@ static int xfrm_flush_policy(struct sk_buff *skb, struct nlmsghdr *nlh,
1676 audit_info.sessionid = NETLINK_CB(skb).sessionid; 1710 audit_info.sessionid = NETLINK_CB(skb).sessionid;
1677 audit_info.secid = NETLINK_CB(skb).sid; 1711 audit_info.secid = NETLINK_CB(skb).sid;
1678 err = xfrm_policy_flush(net, type, &audit_info); 1712 err = xfrm_policy_flush(net, type, &audit_info);
1679 if (err) 1713 if (err) {
1714 if (err == -ESRCH) /* empty table */
1715 return 0;
1680 return err; 1716 return err;
1717 }
1718
1681 c.data.type = type; 1719 c.data.type = type;
1682 c.event = nlh->nlmsg_type; 1720 c.event = nlh->nlmsg_type;
1683 c.seq = nlh->nlmsg_seq; 1721 c.seq = nlh->nlmsg_seq;
@@ -1696,13 +1734,15 @@ static int xfrm_add_pol_expire(struct sk_buff *skb, struct nlmsghdr *nlh,
1696 struct xfrm_userpolicy_info *p = &up->pol; 1734 struct xfrm_userpolicy_info *p = &up->pol;
1697 u8 type = XFRM_POLICY_TYPE_MAIN; 1735 u8 type = XFRM_POLICY_TYPE_MAIN;
1698 int err = -ENOENT; 1736 int err = -ENOENT;
1737 struct xfrm_mark m;
1738 u32 mark = xfrm_mark_get(attrs, &m);
1699 1739
1700 err = copy_from_user_policy_type(&type, attrs); 1740 err = copy_from_user_policy_type(&type, attrs);
1701 if (err) 1741 if (err)
1702 return err; 1742 return err;
1703 1743
1704 if (p->index) 1744 if (p->index)
1705 xp = xfrm_policy_byid(net, type, p->dir, p->index, 0, &err); 1745 xp = xfrm_policy_byid(net, mark, type, p->dir, p->index, 0, &err);
1706 else { 1746 else {
1707 struct nlattr *rt = attrs[XFRMA_SEC_CTX]; 1747 struct nlattr *rt = attrs[XFRMA_SEC_CTX];
1708 struct xfrm_sec_ctx *ctx; 1748 struct xfrm_sec_ctx *ctx;
@@ -1719,7 +1759,8 @@ static int xfrm_add_pol_expire(struct sk_buff *skb, struct nlmsghdr *nlh,
1719 if (err) 1759 if (err)
1720 return err; 1760 return err;
1721 } 1761 }
1722 xp = xfrm_policy_bysel_ctx(net, type, p->dir, &p->sel, ctx, 0, &err); 1762 xp = xfrm_policy_bysel_ctx(net, mark, type, p->dir,
1763 &p->sel, ctx, 0, &err);
1723 security_xfrm_policy_free(ctx); 1764 security_xfrm_policy_free(ctx);
1724 } 1765 }
1725 if (xp == NULL) 1766 if (xp == NULL)
@@ -1759,8 +1800,10 @@ static int xfrm_add_sa_expire(struct sk_buff *skb, struct nlmsghdr *nlh,
1759 int err; 1800 int err;
1760 struct xfrm_user_expire *ue = nlmsg_data(nlh); 1801 struct xfrm_user_expire *ue = nlmsg_data(nlh);
1761 struct xfrm_usersa_info *p = &ue->state; 1802 struct xfrm_usersa_info *p = &ue->state;
1803 struct xfrm_mark m;
1804 u32 mark = xfrm_mark_get(attrs, &m);;
1762 1805
1763 x = xfrm_state_lookup(net, &p->id.daddr, p->id.spi, p->id.proto, p->family); 1806 x = xfrm_state_lookup(net, mark, &p->id.daddr, p->id.spi, p->id.proto, p->family);
1764 1807
1765 err = -ENOENT; 1808 err = -ENOENT;
1766 if (x == NULL) 1809 if (x == NULL)
@@ -1794,6 +1837,7 @@ static int xfrm_add_acquire(struct sk_buff *skb, struct nlmsghdr *nlh,
1794 struct xfrm_user_tmpl *ut; 1837 struct xfrm_user_tmpl *ut;
1795 int i; 1838 int i;
1796 struct nlattr *rt = attrs[XFRMA_TMPL]; 1839 struct nlattr *rt = attrs[XFRMA_TMPL];
1840 struct xfrm_mark mark;
1797 1841
1798 struct xfrm_user_acquire *ua = nlmsg_data(nlh); 1842 struct xfrm_user_acquire *ua = nlmsg_data(nlh);
1799 struct xfrm_state *x = xfrm_state_alloc(net); 1843 struct xfrm_state *x = xfrm_state_alloc(net);
@@ -1802,6 +1846,8 @@ static int xfrm_add_acquire(struct sk_buff *skb, struct nlmsghdr *nlh,
1802 if (!x) 1846 if (!x)
1803 goto nomem; 1847 goto nomem;
1804 1848
1849 xfrm_mark_get(attrs, &mark);
1850
1805 err = verify_newpolicy_info(&ua->policy); 1851 err = verify_newpolicy_info(&ua->policy);
1806 if (err) 1852 if (err)
1807 goto bad_policy; 1853 goto bad_policy;
@@ -1814,7 +1860,8 @@ static int xfrm_add_acquire(struct sk_buff *skb, struct nlmsghdr *nlh,
1814 memcpy(&x->id, &ua->id, sizeof(ua->id)); 1860 memcpy(&x->id, &ua->id, sizeof(ua->id));
1815 memcpy(&x->props.saddr, &ua->saddr, sizeof(ua->saddr)); 1861 memcpy(&x->props.saddr, &ua->saddr, sizeof(ua->saddr));
1816 memcpy(&x->sel, &ua->sel, sizeof(ua->sel)); 1862 memcpy(&x->sel, &ua->sel, sizeof(ua->sel));
1817 1863 xp->mark.m = x->mark.m = mark.m;
1864 xp->mark.v = x->mark.v = mark.v;
1818 ut = nla_data(rt); 1865 ut = nla_data(rt);
1819 /* extract the templates and for each call km_key */ 1866 /* extract the templates and for each call km_key */
1820 for (i = 0; i < xp->xfrm_nr; i++, ut++) { 1867 for (i = 0; i < xp->xfrm_nr; i++, ut++) {
@@ -2074,6 +2121,7 @@ static const struct nla_policy xfrma_policy[XFRMA_MAX+1] = {
2074 [XFRMA_POLICY_TYPE] = { .len = sizeof(struct xfrm_userpolicy_type)}, 2121 [XFRMA_POLICY_TYPE] = { .len = sizeof(struct xfrm_userpolicy_type)},
2075 [XFRMA_MIGRATE] = { .len = sizeof(struct xfrm_user_migrate) }, 2122 [XFRMA_MIGRATE] = { .len = sizeof(struct xfrm_user_migrate) },
2076 [XFRMA_KMADDRESS] = { .len = sizeof(struct xfrm_user_kmaddress) }, 2123 [XFRMA_KMADDRESS] = { .len = sizeof(struct xfrm_user_kmaddress) },
2124 [XFRMA_MARK] = { .len = sizeof(struct xfrm_mark) },
2077}; 2125};
2078 2126
2079static struct xfrm_link { 2127static struct xfrm_link {
@@ -2153,7 +2201,8 @@ static void xfrm_netlink_rcv(struct sk_buff *skb)
2153 2201
2154static inline size_t xfrm_expire_msgsize(void) 2202static inline size_t xfrm_expire_msgsize(void)
2155{ 2203{
2156 return NLMSG_ALIGN(sizeof(struct xfrm_user_expire)); 2204 return NLMSG_ALIGN(sizeof(struct xfrm_user_expire))
2205 + nla_total_size(sizeof(struct xfrm_mark));
2157} 2206}
2158 2207
2159static int build_expire(struct sk_buff *skb, struct xfrm_state *x, struct km_event *c) 2208static int build_expire(struct sk_buff *skb, struct xfrm_state *x, struct km_event *c)
@@ -2169,7 +2218,13 @@ static int build_expire(struct sk_buff *skb, struct xfrm_state *x, struct km_eve
2169 copy_to_user_state(x, &ue->state); 2218 copy_to_user_state(x, &ue->state);
2170 ue->hard = (c->data.hard != 0) ? 1 : 0; 2219 ue->hard = (c->data.hard != 0) ? 1 : 0;
2171 2220
2221 if (xfrm_mark_put(skb, &x->mark))
2222 goto nla_put_failure;
2223
2172 return nlmsg_end(skb, nlh); 2224 return nlmsg_end(skb, nlh);
2225
2226nla_put_failure:
2227 return -EMSGSIZE;
2173} 2228}
2174 2229
2175static int xfrm_exp_state_notify(struct xfrm_state *x, struct km_event *c) 2230static int xfrm_exp_state_notify(struct xfrm_state *x, struct km_event *c)
@@ -2181,8 +2236,10 @@ static int xfrm_exp_state_notify(struct xfrm_state *x, struct km_event *c)
2181 if (skb == NULL) 2236 if (skb == NULL)
2182 return -ENOMEM; 2237 return -ENOMEM;
2183 2238
2184 if (build_expire(skb, x, c) < 0) 2239 if (build_expire(skb, x, c) < 0) {
2185 BUG(); 2240 kfree_skb(skb);
2241 return -EMSGSIZE;
2242 }
2186 2243
2187 return nlmsg_multicast(net->xfrm.nlsk, skb, 0, XFRMNLGRP_EXPIRE, GFP_ATOMIC); 2244 return nlmsg_multicast(net->xfrm.nlsk, skb, 0, XFRMNLGRP_EXPIRE, GFP_ATOMIC);
2188} 2245}
@@ -2270,6 +2327,7 @@ static int xfrm_notify_sa(struct xfrm_state *x, struct km_event *c)
2270 if (c->event == XFRM_MSG_DELSA) { 2327 if (c->event == XFRM_MSG_DELSA) {
2271 len += nla_total_size(headlen); 2328 len += nla_total_size(headlen);
2272 headlen = sizeof(*id); 2329 headlen = sizeof(*id);
2330 len += nla_total_size(sizeof(struct xfrm_mark));
2273 } 2331 }
2274 len += NLMSG_ALIGN(headlen); 2332 len += NLMSG_ALIGN(headlen);
2275 2333
@@ -2340,6 +2398,7 @@ static inline size_t xfrm_acquire_msgsize(struct xfrm_state *x,
2340{ 2398{
2341 return NLMSG_ALIGN(sizeof(struct xfrm_user_acquire)) 2399 return NLMSG_ALIGN(sizeof(struct xfrm_user_acquire))
2342 + nla_total_size(sizeof(struct xfrm_user_tmpl) * xp->xfrm_nr) 2400 + nla_total_size(sizeof(struct xfrm_user_tmpl) * xp->xfrm_nr)
2401 + nla_total_size(sizeof(struct xfrm_mark))
2343 + nla_total_size(xfrm_user_sec_ctx_size(x->security)) 2402 + nla_total_size(xfrm_user_sec_ctx_size(x->security))
2344 + userpolicy_type_attrsize(); 2403 + userpolicy_type_attrsize();
2345} 2404}
@@ -2372,9 +2431,12 @@ static int build_acquire(struct sk_buff *skb, struct xfrm_state *x,
2372 goto nlmsg_failure; 2431 goto nlmsg_failure;
2373 if (copy_to_user_policy_type(xp->type, skb) < 0) 2432 if (copy_to_user_policy_type(xp->type, skb) < 0)
2374 goto nlmsg_failure; 2433 goto nlmsg_failure;
2434 if (xfrm_mark_put(skb, &xp->mark))
2435 goto nla_put_failure;
2375 2436
2376 return nlmsg_end(skb, nlh); 2437 return nlmsg_end(skb, nlh);
2377 2438
2439nla_put_failure:
2378nlmsg_failure: 2440nlmsg_failure:
2379 nlmsg_cancel(skb, nlh); 2441 nlmsg_cancel(skb, nlh);
2380 return -EMSGSIZE; 2442 return -EMSGSIZE;
@@ -2461,6 +2523,7 @@ static inline size_t xfrm_polexpire_msgsize(struct xfrm_policy *xp)
2461 return NLMSG_ALIGN(sizeof(struct xfrm_user_polexpire)) 2523 return NLMSG_ALIGN(sizeof(struct xfrm_user_polexpire))
2462 + nla_total_size(sizeof(struct xfrm_user_tmpl) * xp->xfrm_nr) 2524 + nla_total_size(sizeof(struct xfrm_user_tmpl) * xp->xfrm_nr)
2463 + nla_total_size(xfrm_user_sec_ctx_size(xp->security)) 2525 + nla_total_size(xfrm_user_sec_ctx_size(xp->security))
2526 + nla_total_size(sizeof(struct xfrm_mark))
2464 + userpolicy_type_attrsize(); 2527 + userpolicy_type_attrsize();
2465} 2528}
2466 2529
@@ -2483,10 +2546,13 @@ static int build_polexpire(struct sk_buff *skb, struct xfrm_policy *xp,
2483 goto nlmsg_failure; 2546 goto nlmsg_failure;
2484 if (copy_to_user_policy_type(xp->type, skb) < 0) 2547 if (copy_to_user_policy_type(xp->type, skb) < 0)
2485 goto nlmsg_failure; 2548 goto nlmsg_failure;
2549 if (xfrm_mark_put(skb, &xp->mark))
2550 goto nla_put_failure;
2486 upe->hard = !!hard; 2551 upe->hard = !!hard;
2487 2552
2488 return nlmsg_end(skb, nlh); 2553 return nlmsg_end(skb, nlh);
2489 2554
2555nla_put_failure:
2490nlmsg_failure: 2556nlmsg_failure:
2491 nlmsg_cancel(skb, nlh); 2557 nlmsg_cancel(skb, nlh);
2492 return -EMSGSIZE; 2558 return -EMSGSIZE;
@@ -2523,6 +2589,7 @@ static int xfrm_notify_policy(struct xfrm_policy *xp, int dir, struct km_event *
2523 headlen = sizeof(*id); 2589 headlen = sizeof(*id);
2524 } 2590 }
2525 len += userpolicy_type_attrsize(); 2591 len += userpolicy_type_attrsize();
2592 len += nla_total_size(sizeof(struct xfrm_mark));
2526 len += NLMSG_ALIGN(headlen); 2593 len += NLMSG_ALIGN(headlen);
2527 2594
2528 skb = nlmsg_new(len, GFP_ATOMIC); 2595 skb = nlmsg_new(len, GFP_ATOMIC);
@@ -2558,10 +2625,14 @@ static int xfrm_notify_policy(struct xfrm_policy *xp, int dir, struct km_event *
2558 if (copy_to_user_policy_type(xp->type, skb) < 0) 2625 if (copy_to_user_policy_type(xp->type, skb) < 0)
2559 goto nlmsg_failure; 2626 goto nlmsg_failure;
2560 2627
2628 if (xfrm_mark_put(skb, &xp->mark))
2629 goto nla_put_failure;
2630
2561 nlmsg_end(skb, nlh); 2631 nlmsg_end(skb, nlh);
2562 2632
2563 return nlmsg_multicast(net->xfrm.nlsk, skb, 0, XFRMNLGRP_POLICY, GFP_ATOMIC); 2633 return nlmsg_multicast(net->xfrm.nlsk, skb, 0, XFRMNLGRP_POLICY, GFP_ATOMIC);
2564 2634
2635nla_put_failure:
2565nlmsg_failure: 2636nlmsg_failure:
2566 kfree_skb(skb); 2637 kfree_skb(skb);
2567 return -1; 2638 return -1;
generated by cgit v1.2.2 (git 2.25.0) at 2024-10-24 16:31:45 -0400