aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
Diffstat (limited to 'net')
-rw-r--r--net/8021q/vlanproc.c7
-rw-r--r--net/atm/proc.c6
-rw-r--r--net/bluetooth/bnep/core.c8
-rw-r--r--net/bluetooth/hci_event.c9
-rw-r--r--net/bluetooth/hci_sock.c2
-rw-r--r--net/bluetooth/l2cap.c2
-rw-r--r--net/bridge/br.c2
-rw-r--r--net/bridge/br_fdb.c4
-rw-r--r--net/bridge/br_if.c5
-rw-r--r--net/bridge/br_stp_bpdu.c4
-rw-r--r--net/can/bcm.c6
-rw-r--r--net/can/raw.c24
-rw-r--r--net/compat.c199
-rw-r--r--net/core/dev.c21
-rw-r--r--net/core/ethtool.c5
-rw-r--r--net/core/filter.c4
-rw-r--r--net/core/neighbour.c5
-rw-r--r--net/core/net-sysfs.c9
-rw-r--r--net/core/net-sysfs.h2
-rw-r--r--net/core/pktgen.c12
-rw-r--r--net/core/rtnetlink.c6
-rw-r--r--net/core/sock.c3
-rw-r--r--net/dccp/ccids/ccid2.c2
-rw-r--r--net/dccp/ccids/ccid3.c4
-rw-r--r--net/dccp/probe.c19
-rw-r--r--net/ipv4/af_inet.c2
-rw-r--r--net/ipv4/cipso_ipv4.c18
-rw-r--r--net/ipv4/fib_hash.c17
-rw-r--r--net/ipv4/fib_trie.c18
-rw-r--r--net/ipv4/icmp.c13
-rw-r--r--net/ipv4/ip_options.c12
-rw-r--r--net/ipv4/ip_output.c22
-rw-r--r--net/ipv4/ip_sockglue.c14
-rw-r--r--net/ipv4/ipconfig.c8
-rw-r--r--net/ipv4/ipvs/ip_vs_proto.c2
-rw-r--r--net/ipv4/ipvs/ip_vs_proto_ah.c1
-rw-r--r--net/ipv4/ipvs/ip_vs_proto_esp.c1
-rw-r--r--net/ipv4/ipvs/ip_vs_proto_tcp.c1
-rw-r--r--net/ipv4/ipvs/ip_vs_proto_udp.c1
-rw-r--r--net/ipv4/ipvs/ip_vs_sync.c80
-rw-r--r--net/ipv4/netfilter/ip_queue.c5
-rw-r--r--net/ipv4/netfilter/ipt_CLUSTERIP.c6
-rw-r--r--net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c2
-rw-r--r--net/ipv4/route.c49
-rw-r--r--net/ipv4/tcp.c2
-rw-r--r--net/ipv4/tcp_cong.c12
-rw-r--r--net/ipv4/tcp_cubic.c4
-rw-r--r--net/ipv4/tcp_hybla.c6
-rw-r--r--net/ipv4/tcp_input.c23
-rw-r--r--net/ipv4/tcp_ipv4.c46
-rw-r--r--net/ipv4/tcp_probe.c9
-rw-r--r--net/ipv4/tcp_vegas.c16
-rw-r--r--net/ipv4/tcp_veno.c14
-rw-r--r--net/ipv4/udp.c22
-rw-r--r--net/ipv6/addrconf.c7
-rw-r--r--net/ipv6/ip6_fib.c2
-rw-r--r--net/ipv6/ip6mr.c2
-rw-r--r--net/ipv6/ipv6_sockglue.c9
-rw-r--r--net/ipv6/netfilter/ip6_queue.c5
-rw-r--r--net/ipv6/proc.c6
-rw-r--r--net/ipv6/raw.c18
-rw-r--r--net/ipv6/reassembly.c4
-rw-r--r--net/ipv6/route.c5
-rw-r--r--net/irda/ircomm/ircomm_tty.c6
-rw-r--r--net/irda/iriap.c8
-rw-r--r--net/irda/irnet/irnet_irda.c65
-rw-r--r--net/irda/irnet/irnet_irda.h8
-rw-r--r--net/key/af_key.c24
-rw-r--r--net/mac80211/Kconfig4
-rw-r--r--net/mac80211/ieee80211_i.h2
-rw-r--r--net/mac80211/main.c47
-rw-r--r--net/mac80211/mesh.c17
-rw-r--r--net/mac80211/mesh.h3
-rw-r--r--net/mac80211/mesh_hwmp.c1
-rw-r--r--net/mac80211/mlme.c28
-rw-r--r--net/mac80211/rx.c2
-rw-r--r--net/mac80211/tkip.c6
-rw-r--r--net/mac80211/wme.c2
-rw-r--r--net/netfilter/nf_conntrack_core.c4
-rw-r--r--net/netfilter/nf_conntrack_standalone.c6
-rw-r--r--net/netfilter/nf_queue.c2
-rw-r--r--net/netfilter/nfnetlink_queue.c5
-rw-r--r--net/netfilter/x_tables.c15
-rw-r--r--net/netfilter/xt_TCPOPTSTRIP.c2
-rw-r--r--net/netfilter/xt_connbytes.c5
-rw-r--r--net/netfilter/xt_hashlimit.c12
-rw-r--r--net/netlabel/netlabel_unlabeled.c1
-rw-r--r--net/netlabel/netlabel_user.c4
-rw-r--r--net/netlabel/netlabel_user.h1
-rw-r--r--net/netlink/af_netlink.c1
-rw-r--r--net/rose/rose_route.c10
-rw-r--r--net/rxrpc/ar-transport.c3
-rw-r--r--net/rxrpc/rxkad.c2
-rw-r--r--net/sched/sch_generic.c1
-rw-r--r--net/sched/sch_sfq.c3
-rw-r--r--net/sctp/objcnt.c9
-rw-r--r--net/socket.c3
-rw-r--r--net/sunrpc/Makefile2
-rw-r--r--net/sunrpc/auth.c71
-rw-r--r--net/sunrpc/auth_generic.c177
-rw-r--r--net/sunrpc/auth_gss/auth_gss.c105
-rw-r--r--net/sunrpc/auth_gss/gss_generic_token.c4
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_crypto.c6
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_seal.c9
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_seqnum.c4
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_unseal.c2
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_wrap.c8
-rw-r--r--net/sunrpc/auth_gss/gss_spkm3_seal.c4
-rw-r--r--net/sunrpc/auth_gss/svcauth_gss.c9
-rw-r--r--net/sunrpc/auth_null.c3
-rw-r--r--net/sunrpc/auth_unix.c59
-rw-r--r--net/sunrpc/cache.c16
-rw-r--r--net/sunrpc/clnt.c50
-rw-r--r--net/sunrpc/rpcb_clnt.c2
-rw-r--r--net/sunrpc/sched.c264
-rw-r--r--net/sunrpc/stats.c8
-rw-r--r--net/sunrpc/svc.c25
-rw-r--r--net/sunrpc/svc_xprt.c30
-rw-r--r--net/sunrpc/svcauth_unix.c118
-rw-r--r--net/sunrpc/svcsock.c29
-rw-r--r--net/sunrpc/xprt.c82
-rw-r--r--net/sunrpc/xprtrdma/svc_rdma_transport.c2
-rw-r--r--net/sunrpc/xprtsock.c82
-rw-r--r--net/sysctl_net.c2
-rw-r--r--net/tipc/msg.h7
-rw-r--r--net/tipc/socket.c4
-rw-r--r--net/unix/af_unix.c6
-rw-r--r--net/xfrm/xfrm_algo.c3
-rw-r--r--net/xfrm/xfrm_output.c2
-rw-r--r--net/xfrm/xfrm_policy.c14
-rw-r--r--net/xfrm/xfrm_state.c15
-rw-r--r--net/xfrm/xfrm_user.c43
132 files changed, 1544 insertions, 889 deletions
diff --git a/net/8021q/vlanproc.c b/net/8021q/vlanproc.c
index daad0064e2c2..08b54b593d56 100644
--- a/net/8021q/vlanproc.c
+++ b/net/8021q/vlanproc.c
@@ -176,12 +176,11 @@ int vlan_proc_add_dev(struct net_device *vlandev)
176 struct vlan_dev_info *dev_info = vlan_dev_info(vlandev); 176 struct vlan_dev_info *dev_info = vlan_dev_info(vlandev);
177 struct vlan_net *vn = net_generic(dev_net(vlandev), vlan_net_id); 177 struct vlan_net *vn = net_generic(dev_net(vlandev), vlan_net_id);
178 178
179 dev_info->dent = proc_create(vlandev->name, S_IFREG|S_IRUSR|S_IWUSR, 179 dev_info->dent =
180 vn->proc_vlan_dir, &vlandev_fops); 180 proc_create_data(vlandev->name, S_IFREG|S_IRUSR|S_IWUSR,
181 vn->proc_vlan_dir, &vlandev_fops, vlandev);
181 if (!dev_info->dent) 182 if (!dev_info->dent)
182 return -ENOBUFS; 183 return -ENOBUFS;
183
184 dev_info->dent->data = vlandev;
185 return 0; 184 return 0;
186} 185}
187 186
diff --git a/net/atm/proc.c b/net/atm/proc.c
index 5c9f3d148135..49487b313f22 100644
--- a/net/atm/proc.c
+++ b/net/atm/proc.c
@@ -417,12 +417,10 @@ int atm_proc_dev_register(struct atm_dev *dev)
417 goto err_out; 417 goto err_out;
418 sprintf(dev->proc_name,"%s:%d",dev->type, dev->number); 418 sprintf(dev->proc_name,"%s:%d",dev->type, dev->number);
419 419
420 dev->proc_entry = proc_create(dev->proc_name, 0, atm_proc_root, 420 dev->proc_entry = proc_create_data(dev->proc_name, 0, atm_proc_root,
421 &proc_atm_dev_ops); 421 &proc_atm_dev_ops, dev);
422 if (!dev->proc_entry) 422 if (!dev->proc_entry)
423 goto err_free_name; 423 goto err_free_name;
424 dev->proc_entry->data = dev;
425 dev->proc_entry->owner = THIS_MODULE;
426 return 0; 424 return 0;
427err_free_name: 425err_free_name:
428 kfree(dev->proc_name); 426 kfree(dev->proc_name);
diff --git a/net/bluetooth/bnep/core.c b/net/bluetooth/bnep/core.c
index 347e935faaf0..f85d94643aaf 100644
--- a/net/bluetooth/bnep/core.c
+++ b/net/bluetooth/bnep/core.c
@@ -135,7 +135,7 @@ static int bnep_ctrl_set_netfilter(struct bnep_session *s, __be16 *data, int len
135 if (len < 2) 135 if (len < 2)
136 return -EILSEQ; 136 return -EILSEQ;
137 137
138 n = ntohs(get_unaligned(data)); 138 n = get_unaligned_be16(data);
139 data++; len -= 2; 139 data++; len -= 2;
140 140
141 if (len < n) 141 if (len < n)
@@ -150,8 +150,8 @@ static int bnep_ctrl_set_netfilter(struct bnep_session *s, __be16 *data, int len
150 int i; 150 int i;
151 151
152 for (i = 0; i < n; i++) { 152 for (i = 0; i < n; i++) {
153 f[i].start = ntohs(get_unaligned(data++)); 153 f[i].start = get_unaligned_be16(data++);
154 f[i].end = ntohs(get_unaligned(data++)); 154 f[i].end = get_unaligned_be16(data++);
155 155
156 BT_DBG("proto filter start %d end %d", 156 BT_DBG("proto filter start %d end %d",
157 f[i].start, f[i].end); 157 f[i].start, f[i].end);
@@ -180,7 +180,7 @@ static int bnep_ctrl_set_mcfilter(struct bnep_session *s, u8 *data, int len)
180 if (len < 2) 180 if (len < 2)
181 return -EILSEQ; 181 return -EILSEQ;
182 182
183 n = ntohs(get_unaligned((__be16 *) data)); 183 n = get_unaligned_be16(data);
184 data += 2; len -= 2; 184 data += 2; len -= 2;
185 185
186 if (len < n) 186 if (len < n)
diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
index 46df2e403df8..6aef8f24e581 100644
--- a/net/bluetooth/hci_event.c
+++ b/net/bluetooth/hci_event.c
@@ -129,8 +129,7 @@ static void hci_cc_write_link_policy(struct hci_dev *hdev, struct sk_buff *skb)
129 129
130 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle)); 130 conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(rp->handle));
131 if (conn) { 131 if (conn) {
132 __le16 policy = get_unaligned((__le16 *) (sent + 2)); 132 conn->link_policy = get_unaligned_le16(sent + 2);
133 conn->link_policy = __le16_to_cpu(policy);
134 } 133 }
135 134
136 hci_dev_unlock(hdev); 135 hci_dev_unlock(hdev);
@@ -313,7 +312,7 @@ static void hci_cc_write_voice_setting(struct hci_dev *hdev, struct sk_buff *skb
313 return; 312 return;
314 313
315 if (!status) { 314 if (!status) {
316 __u16 setting = __le16_to_cpu(get_unaligned((__le16 *) sent)); 315 __u16 setting = get_unaligned_le16(sent);
317 316
318 if (hdev->voice_setting != setting) { 317 if (hdev->voice_setting != setting) {
319 hdev->voice_setting = setting; 318 hdev->voice_setting = setting;
@@ -1152,8 +1151,8 @@ static inline void hci_num_comp_pkts_evt(struct hci_dev *hdev, struct sk_buff *s
1152 struct hci_conn *conn; 1151 struct hci_conn *conn;
1153 __u16 handle, count; 1152 __u16 handle, count;
1154 1153
1155 handle = __le16_to_cpu(get_unaligned(ptr++)); 1154 handle = get_unaligned_le16(ptr++);
1156 count = __le16_to_cpu(get_unaligned(ptr++)); 1155 count = get_unaligned_le16(ptr++);
1157 1156
1158 conn = hci_conn_hash_lookup_handle(hdev, handle); 1157 conn = hci_conn_hash_lookup_handle(hdev, handle);
1159 if (conn) { 1158 if (conn) {
diff --git a/net/bluetooth/hci_sock.c b/net/bluetooth/hci_sock.c
index 1d36c093523b..747fabd735d2 100644
--- a/net/bluetooth/hci_sock.c
+++ b/net/bluetooth/hci_sock.c
@@ -440,7 +440,7 @@ static int hci_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
440 skb->dev = (void *) hdev; 440 skb->dev = (void *) hdev;
441 441
442 if (bt_cb(skb)->pkt_type == HCI_COMMAND_PKT) { 442 if (bt_cb(skb)->pkt_type == HCI_COMMAND_PKT) {
443 u16 opcode = __le16_to_cpu(get_unaligned((__le16 *) skb->data)); 443 u16 opcode = get_unaligned_le16(skb->data);
444 u16 ogf = hci_opcode_ogf(opcode); 444 u16 ogf = hci_opcode_ogf(opcode);
445 u16 ocf = hci_opcode_ocf(opcode); 445 u16 ocf = hci_opcode_ocf(opcode);
446 446
diff --git a/net/bluetooth/l2cap.c b/net/bluetooth/l2cap.c
index a4849f2c1d81..6e180d255505 100644
--- a/net/bluetooth/l2cap.c
+++ b/net/bluetooth/l2cap.c
@@ -1827,7 +1827,7 @@ static inline int l2cap_information_rsp(struct l2cap_conn *conn, struct l2cap_cm
1827 del_timer(&conn->info_timer); 1827 del_timer(&conn->info_timer);
1828 1828
1829 if (type == L2CAP_IT_FEAT_MASK) 1829 if (type == L2CAP_IT_FEAT_MASK)
1830 conn->feat_mask = __le32_to_cpu(get_unaligned((__le32 *) rsp->data)); 1830 conn->feat_mask = get_unaligned_le32(rsp->data);
1831 1831
1832 l2cap_conn_start(conn); 1832 l2cap_conn_start(conn);
1833 1833
diff --git a/net/bridge/br.c b/net/bridge/br.c
index a90182873120..8f3c58e5f7a5 100644
--- a/net/bridge/br.c
+++ b/net/bridge/br.c
@@ -76,7 +76,6 @@ static void __exit br_deinit(void)
76 rcu_assign_pointer(br_stp_sap->rcv_func, NULL); 76 rcu_assign_pointer(br_stp_sap->rcv_func, NULL);
77 77
78 br_netlink_fini(); 78 br_netlink_fini();
79 br_netfilter_fini();
80 unregister_netdevice_notifier(&br_device_notifier); 79 unregister_netdevice_notifier(&br_device_notifier);
81 brioctl_set(NULL); 80 brioctl_set(NULL);
82 81
@@ -84,6 +83,7 @@ static void __exit br_deinit(void)
84 83
85 synchronize_net(); 84 synchronize_net();
86 85
86 br_netfilter_fini();
87 llc_sap_put(br_stp_sap); 87 llc_sap_put(br_stp_sap);
88 br_fdb_get_hook = NULL; 88 br_fdb_get_hook = NULL;
89 br_fdb_put_hook = NULL; 89 br_fdb_put_hook = NULL;
diff --git a/net/bridge/br_fdb.c b/net/bridge/br_fdb.c
index 9326c377822e..72c5976a5ce3 100644
--- a/net/bridge/br_fdb.c
+++ b/net/bridge/br_fdb.c
@@ -285,7 +285,11 @@ int br_fdb_fillbuf(struct net_bridge *br, void *buf,
285 285
286 /* convert from internal format to API */ 286 /* convert from internal format to API */
287 memcpy(fe->mac_addr, f->addr.addr, ETH_ALEN); 287 memcpy(fe->mac_addr, f->addr.addr, ETH_ALEN);
288
289 /* due to ABI compat need to split into hi/lo */
288 fe->port_no = f->dst->port_no; 290 fe->port_no = f->dst->port_no;
291 fe->port_hi = f->dst->port_no >> 8;
292
289 fe->is_local = f->is_local; 293 fe->is_local = f->is_local;
290 if (!f->is_static) 294 if (!f->is_static)
291 fe->ageing_timer_value = jiffies_to_clock_t(jiffies - f->ageing_timer); 295 fe->ageing_timer_value = jiffies_to_clock_t(jiffies - f->ageing_timer);
diff --git a/net/bridge/br_if.c b/net/bridge/br_if.c
index 298e0f463c56..77a981a1ee52 100644
--- a/net/bridge/br_if.c
+++ b/net/bridge/br_if.c
@@ -411,9 +411,12 @@ err2:
411 br_fdb_delete_by_port(br, p, 1); 411 br_fdb_delete_by_port(br, p, 1);
412err1: 412err1:
413 kobject_del(&p->kobj); 413 kobject_del(&p->kobj);
414 return err; 414 goto put_back;
415err0: 415err0:
416 kobject_put(&p->kobj); 416 kobject_put(&p->kobj);
417
418put_back:
419 dev_put(dev);
417 return err; 420 return err;
418} 421}
419 422
diff --git a/net/bridge/br_stp_bpdu.c b/net/bridge/br_stp_bpdu.c
index 8deab645ef75..ddeb6e5d45d6 100644
--- a/net/bridge/br_stp_bpdu.c
+++ b/net/bridge/br_stp_bpdu.c
@@ -58,12 +58,12 @@ static inline void br_set_ticks(unsigned char *dest, int j)
58{ 58{
59 unsigned long ticks = (STP_HZ * j)/ HZ; 59 unsigned long ticks = (STP_HZ * j)/ HZ;
60 60
61 put_unaligned(htons(ticks), (__be16 *)dest); 61 put_unaligned_be16(ticks, dest);
62} 62}
63 63
64static inline int br_get_ticks(const unsigned char *src) 64static inline int br_get_ticks(const unsigned char *src)
65{ 65{
66 unsigned long ticks = ntohs(get_unaligned((__be16 *)src)); 66 unsigned long ticks = get_unaligned_be16(src);
67 67
68 return DIV_ROUND_UP(ticks * HZ, STP_HZ); 68 return DIV_ROUND_UP(ticks * HZ, STP_HZ);
69} 69}
diff --git a/net/can/bcm.c b/net/can/bcm.c
index 74fd2d33aff4..d9a3a9d13bed 100644
--- a/net/can/bcm.c
+++ b/net/can/bcm.c
@@ -412,12 +412,6 @@ static void bcm_rx_changed(struct bcm_op *op, struct can_frame *data)
412 bcm_send_to_user(op, &head, data, 1); 412 bcm_send_to_user(op, &head, data, 1);
413} 413}
414 414
415/* TODO: move to linux/hrtimer.h */
416static inline int hrtimer_callback_running(struct hrtimer *timer)
417{
418 return timer->state & HRTIMER_STATE_CALLBACK;
419}
420
421/* 415/*
422 * bcm_rx_update_and_send - process a detected relevant receive content change 416 * bcm_rx_update_and_send - process a detected relevant receive content change
423 * 1. update the last received data 417 * 1. update the last received data
diff --git a/net/can/raw.c b/net/can/raw.c
index ead50c7c0d40..69877b8e7e9c 100644
--- a/net/can/raw.c
+++ b/net/can/raw.c
@@ -435,15 +435,13 @@ static int raw_setsockopt(struct socket *sock, int level, int optname,
435 if (!filter) 435 if (!filter)
436 return -ENOMEM; 436 return -ENOMEM;
437 437
438 err = copy_from_user(filter, optval, optlen); 438 if (copy_from_user(filter, optval, optlen)) {
439 if (err) {
440 kfree(filter); 439 kfree(filter);
441 return err; 440 return -EFAULT;
442 } 441 }
443 } else if (count == 1) { 442 } else if (count == 1) {
444 err = copy_from_user(&sfilter, optval, optlen); 443 if (copy_from_user(&sfilter, optval, optlen))
445 if (err) 444 return -EFAULT;
446 return err;
447 } 445 }
448 446
449 lock_sock(sk); 447 lock_sock(sk);
@@ -493,9 +491,8 @@ static int raw_setsockopt(struct socket *sock, int level, int optname,
493 if (optlen != sizeof(err_mask)) 491 if (optlen != sizeof(err_mask))
494 return -EINVAL; 492 return -EINVAL;
495 493
496 err = copy_from_user(&err_mask, optval, optlen); 494 if (copy_from_user(&err_mask, optval, optlen))
497 if (err) 495 return -EFAULT;
498 return err;
499 496
500 err_mask &= CAN_ERR_MASK; 497 err_mask &= CAN_ERR_MASK;
501 498
@@ -531,7 +528,8 @@ static int raw_setsockopt(struct socket *sock, int level, int optname,
531 if (optlen != sizeof(ro->loopback)) 528 if (optlen != sizeof(ro->loopback))
532 return -EINVAL; 529 return -EINVAL;
533 530
534 err = copy_from_user(&ro->loopback, optval, optlen); 531 if (copy_from_user(&ro->loopback, optval, optlen))
532 return -EFAULT;
535 533
536 break; 534 break;
537 535
@@ -539,7 +537,8 @@ static int raw_setsockopt(struct socket *sock, int level, int optname,
539 if (optlen != sizeof(ro->recv_own_msgs)) 537 if (optlen != sizeof(ro->recv_own_msgs))
540 return -EINVAL; 538 return -EINVAL;
541 539
542 err = copy_from_user(&ro->recv_own_msgs, optval, optlen); 540 if (copy_from_user(&ro->recv_own_msgs, optval, optlen))
541 return -EFAULT;
543 542
544 break; 543 break;
545 544
@@ -573,7 +572,8 @@ static int raw_getsockopt(struct socket *sock, int level, int optname,
573 int fsize = ro->count * sizeof(struct can_filter); 572 int fsize = ro->count * sizeof(struct can_filter);
574 if (len > fsize) 573 if (len > fsize)
575 len = fsize; 574 len = fsize;
576 err = copy_to_user(optval, ro->filter, len); 575 if (copy_to_user(optval, ro->filter, len))
576 err = -EFAULT;
577 } else 577 } else
578 len = 0; 578 len = 0;
579 release_sock(sk); 579 release_sock(sk);
diff --git a/net/compat.c b/net/compat.c
index 80013fb69a61..c823f6f290cb 100644
--- a/net/compat.c
+++ b/net/compat.c
@@ -24,6 +24,8 @@
24 24
25#include <net/scm.h> 25#include <net/scm.h>
26#include <net/sock.h> 26#include <net/sock.h>
27#include <net/ip.h>
28#include <net/ipv6.h>
27#include <asm/uaccess.h> 29#include <asm/uaccess.h>
28#include <net/compat.h> 30#include <net/compat.h>
29 31
@@ -521,6 +523,203 @@ asmlinkage long compat_sys_getsockopt(int fd, int level, int optname,
521 } 523 }
522 return err; 524 return err;
523} 525}
526
527struct compat_group_req {
528 __u32 gr_interface;
529 struct __kernel_sockaddr_storage gr_group
530 __attribute__ ((aligned(4)));
531} __attribute__ ((packed));
532
533struct compat_group_source_req {
534 __u32 gsr_interface;
535 struct __kernel_sockaddr_storage gsr_group
536 __attribute__ ((aligned(4)));
537 struct __kernel_sockaddr_storage gsr_source
538 __attribute__ ((aligned(4)));
539} __attribute__ ((packed));
540
541struct compat_group_filter {
542 __u32 gf_interface;
543 struct __kernel_sockaddr_storage gf_group
544 __attribute__ ((aligned(4)));
545 __u32 gf_fmode;
546 __u32 gf_numsrc;
547 struct __kernel_sockaddr_storage gf_slist[1]
548 __attribute__ ((aligned(4)));
549} __attribute__ ((packed));
550
551#define __COMPAT_GF0_SIZE (sizeof(struct compat_group_filter) - \
552 sizeof(struct __kernel_sockaddr_storage))
553
554
555int compat_mc_setsockopt(struct sock *sock, int level, int optname,
556 char __user *optval, int optlen,
557 int (*setsockopt)(struct sock *,int,int,char __user *,int))
558{
559 char __user *koptval = optval;
560 int koptlen = optlen;
561
562 switch (optname) {
563 case MCAST_JOIN_GROUP:
564 case MCAST_LEAVE_GROUP:
565 {
566 struct compat_group_req __user *gr32 = (void *)optval;
567 struct group_req __user *kgr =
568 compat_alloc_user_space(sizeof(struct group_req));
569 u32 interface;
570
571 if (!access_ok(VERIFY_READ, gr32, sizeof(*gr32)) ||
572 !access_ok(VERIFY_WRITE, kgr, sizeof(struct group_req)) ||
573 __get_user(interface, &gr32->gr_interface) ||
574 __put_user(interface, &kgr->gr_interface) ||
575 copy_in_user(&kgr->gr_group, &gr32->gr_group,
576 sizeof(kgr->gr_group)))
577 return -EFAULT;
578 koptval = (char __user *)kgr;
579 koptlen = sizeof(struct group_req);
580 break;
581 }
582 case MCAST_JOIN_SOURCE_GROUP:
583 case MCAST_LEAVE_SOURCE_GROUP:
584 case MCAST_BLOCK_SOURCE:
585 case MCAST_UNBLOCK_SOURCE:
586 {
587 struct compat_group_source_req __user *gsr32 = (void *)optval;
588 struct group_source_req __user *kgsr = compat_alloc_user_space(
589 sizeof(struct group_source_req));
590 u32 interface;
591
592 if (!access_ok(VERIFY_READ, gsr32, sizeof(*gsr32)) ||
593 !access_ok(VERIFY_WRITE, kgsr,
594 sizeof(struct group_source_req)) ||
595 __get_user(interface, &gsr32->gsr_interface) ||
596 __put_user(interface, &kgsr->gsr_interface) ||
597 copy_in_user(&kgsr->gsr_group, &gsr32->gsr_group,
598 sizeof(kgsr->gsr_group)) ||
599 copy_in_user(&kgsr->gsr_source, &gsr32->gsr_source,
600 sizeof(kgsr->gsr_source)))
601 return -EFAULT;
602 koptval = (char __user *)kgsr;
603 koptlen = sizeof(struct group_source_req);
604 break;
605 }
606 case MCAST_MSFILTER:
607 {
608 struct compat_group_filter __user *gf32 = (void *)optval;
609 struct group_filter __user *kgf;
610 u32 interface, fmode, numsrc;
611
612 if (!access_ok(VERIFY_READ, gf32, __COMPAT_GF0_SIZE) ||
613 __get_user(interface, &gf32->gf_interface) ||
614 __get_user(fmode, &gf32->gf_fmode) ||
615 __get_user(numsrc, &gf32->gf_numsrc))
616 return -EFAULT;
617 koptlen = optlen + sizeof(struct group_filter) -
618 sizeof(struct compat_group_filter);
619 if (koptlen < GROUP_FILTER_SIZE(numsrc))
620 return -EINVAL;
621 kgf = compat_alloc_user_space(koptlen);
622 if (!access_ok(VERIFY_WRITE, kgf, koptlen) ||
623 __put_user(interface, &kgf->gf_interface) ||
624 __put_user(fmode, &kgf->gf_fmode) ||
625 __put_user(numsrc, &kgf->gf_numsrc) ||
626 copy_in_user(&kgf->gf_group, &gf32->gf_group,
627 sizeof(kgf->gf_group)) ||
628 (numsrc && copy_in_user(kgf->gf_slist, gf32->gf_slist,
629 numsrc * sizeof(kgf->gf_slist[0]))))
630 return -EFAULT;
631 koptval = (char __user *)kgf;
632 break;
633 }
634
635 default:
636 break;
637 }
638 return setsockopt(sock, level, optname, koptval, koptlen);
639}
640
641EXPORT_SYMBOL(compat_mc_setsockopt);
642
643int compat_mc_getsockopt(struct sock *sock, int level, int optname,
644 char __user *optval, int __user *optlen,
645 int (*getsockopt)(struct sock *,int,int,char __user *,int __user *))
646{
647 struct compat_group_filter __user *gf32 = (void *)optval;
648 struct group_filter __user *kgf;
649 int __user *koptlen;
650 u32 interface, fmode, numsrc;
651 int klen, ulen, err;
652
653 if (optname != MCAST_MSFILTER)
654 return getsockopt(sock, level, optname, optval, optlen);
655
656 koptlen = compat_alloc_user_space(sizeof(*koptlen));
657 if (!access_ok(VERIFY_READ, optlen, sizeof(*optlen)) ||
658 __get_user(ulen, optlen))
659 return -EFAULT;
660
661 /* adjust len for pad */
662 klen = ulen + sizeof(*kgf) - sizeof(*gf32);
663
664 if (klen < GROUP_FILTER_SIZE(0))
665 return -EINVAL;
666
667 if (!access_ok(VERIFY_WRITE, koptlen, sizeof(*koptlen)) ||
668 __put_user(klen, koptlen))
669 return -EFAULT;
670
671 /* have to allow space for previous compat_alloc_user_space, too */
672 kgf = compat_alloc_user_space(klen+sizeof(*optlen));
673
674 if (!access_ok(VERIFY_READ, gf32, __COMPAT_GF0_SIZE) ||
675 __get_user(interface, &gf32->gf_interface) ||
676 __get_user(fmode, &gf32->gf_fmode) ||
677 __get_user(numsrc, &gf32->gf_numsrc) ||
678 __put_user(interface, &kgf->gf_interface) ||
679 __put_user(fmode, &kgf->gf_fmode) ||
680 __put_user(numsrc, &kgf->gf_numsrc) ||
681 copy_in_user(&kgf->gf_group,&gf32->gf_group,sizeof(kgf->gf_group)))
682 return -EFAULT;
683
684 err = getsockopt(sock, level, optname, (char __user *)kgf, koptlen);
685 if (err)
686 return err;
687
688 if (!access_ok(VERIFY_READ, koptlen, sizeof(*koptlen)) ||
689 __get_user(klen, koptlen))
690 return -EFAULT;
691
692 ulen = klen - (sizeof(*kgf)-sizeof(*gf32));
693
694 if (!access_ok(VERIFY_WRITE, optlen, sizeof(*optlen)) ||
695 __put_user(ulen, optlen))
696 return -EFAULT;
697
698 if (!access_ok(VERIFY_READ, kgf, klen) ||
699 !access_ok(VERIFY_WRITE, gf32, ulen) ||
700 __get_user(interface, &kgf->gf_interface) ||
701 __get_user(fmode, &kgf->gf_fmode) ||
702 __get_user(numsrc, &kgf->gf_numsrc) ||
703 __put_user(interface, &gf32->gf_interface) ||
704 __put_user(fmode, &gf32->gf_fmode) ||
705 __put_user(numsrc, &gf32->gf_numsrc))
706 return -EFAULT;
707 if (numsrc) {
708 int copylen;
709
710 klen -= GROUP_FILTER_SIZE(0);
711 copylen = numsrc * sizeof(gf32->gf_slist[0]);
712 if (copylen > klen)
713 copylen = klen;
714 if (copy_in_user(gf32->gf_slist, kgf->gf_slist, copylen))
715 return -EFAULT;
716 }
717 return err;
718}
719
720EXPORT_SYMBOL(compat_mc_getsockopt);
721
722
524/* Argument list sizes for compat_sys_socketcall */ 723/* Argument list sizes for compat_sys_socketcall */
525#define AL(x) ((x) * sizeof(u32)) 724#define AL(x) ((x) * sizeof(u32))
526static unsigned char nas[18]={AL(0),AL(3),AL(3),AL(3),AL(2),AL(3), 725static unsigned char nas[18]={AL(0),AL(3),AL(3),AL(3),AL(2),AL(3),
diff --git a/net/core/dev.c b/net/core/dev.c
index e1df1ab3e04a..d334446a8eaf 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -162,7 +162,7 @@ struct net_dma {
162 struct dma_client client; 162 struct dma_client client;
163 spinlock_t lock; 163 spinlock_t lock;
164 cpumask_t channel_mask; 164 cpumask_t channel_mask;
165 struct dma_chan *channels[NR_CPUS]; 165 struct dma_chan **channels;
166}; 166};
167 167
168static enum dma_state_client 168static enum dma_state_client
@@ -1524,7 +1524,7 @@ static int dev_gso_segment(struct sk_buff *skb)
1524 if (!segs) 1524 if (!segs)
1525 return 0; 1525 return 0;
1526 1526
1527 if (unlikely(IS_ERR(segs))) 1527 if (IS_ERR(segs))
1528 return PTR_ERR(segs); 1528 return PTR_ERR(segs);
1529 1529
1530 skb->next = segs; 1530 skb->next = segs;
@@ -2444,7 +2444,7 @@ static struct netif_rx_stats *softnet_get_online(loff_t *pos)
2444{ 2444{
2445 struct netif_rx_stats *rc = NULL; 2445 struct netif_rx_stats *rc = NULL;
2446 2446
2447 while (*pos < NR_CPUS) 2447 while (*pos < nr_cpu_ids)
2448 if (cpu_online(*pos)) { 2448 if (cpu_online(*pos)) {
2449 rc = &per_cpu(netdev_rx_stat, *pos); 2449 rc = &per_cpu(netdev_rx_stat, *pos);
2450 break; 2450 break;
@@ -3776,6 +3776,7 @@ int register_netdevice(struct net_device *dev)
3776 } 3776 }
3777 } 3777 }
3778 3778
3779 netdev_initialize_kobject(dev);
3779 ret = netdev_register_kobject(dev); 3780 ret = netdev_register_kobject(dev);
3780 if (ret) 3781 if (ret)
3781 goto err_uninit; 3782 goto err_uninit;
@@ -4208,7 +4209,8 @@ int dev_change_net_namespace(struct net_device *dev, struct net *net, const char
4208 } 4209 }
4209 4210
4210 /* Fixup kobjects */ 4211 /* Fixup kobjects */
4211 err = device_rename(&dev->dev, dev->name); 4212 netdev_unregister_kobject(dev);
4213 err = netdev_register_kobject(dev);
4212 WARN_ON(err); 4214 WARN_ON(err);
4213 4215
4214 /* Add the device back in the hashes */ 4216 /* Add the device back in the hashes */
@@ -4324,7 +4326,7 @@ netdev_dma_event(struct dma_client *client, struct dma_chan *chan,
4324 spin_lock(&net_dma->lock); 4326 spin_lock(&net_dma->lock);
4325 switch (state) { 4327 switch (state) {
4326 case DMA_RESOURCE_AVAILABLE: 4328 case DMA_RESOURCE_AVAILABLE:
4327 for (i = 0; i < NR_CPUS; i++) 4329 for (i = 0; i < nr_cpu_ids; i++)
4328 if (net_dma->channels[i] == chan) { 4330 if (net_dma->channels[i] == chan) {
4329 found = 1; 4331 found = 1;
4330 break; 4332 break;
@@ -4339,7 +4341,7 @@ netdev_dma_event(struct dma_client *client, struct dma_chan *chan,
4339 } 4341 }
4340 break; 4342 break;
4341 case DMA_RESOURCE_REMOVED: 4343 case DMA_RESOURCE_REMOVED:
4342 for (i = 0; i < NR_CPUS; i++) 4344 for (i = 0; i < nr_cpu_ids; i++)
4343 if (net_dma->channels[i] == chan) { 4345 if (net_dma->channels[i] == chan) {
4344 found = 1; 4346 found = 1;
4345 pos = i; 4347 pos = i;
@@ -4366,6 +4368,13 @@ netdev_dma_event(struct dma_client *client, struct dma_chan *chan,
4366 */ 4368 */
4367static int __init netdev_dma_register(void) 4369static int __init netdev_dma_register(void)
4368{ 4370{
4371 net_dma.channels = kzalloc(nr_cpu_ids * sizeof(struct net_dma),
4372 GFP_KERNEL);
4373 if (unlikely(!net_dma.channels)) {
4374 printk(KERN_NOTICE
4375 "netdev_dma: no memory for net_dma.channels\n");
4376 return -ENOMEM;
4377 }
4369 spin_lock_init(&net_dma.lock); 4378 spin_lock_init(&net_dma.lock);
4370 dma_cap_set(DMA_MEMCPY, net_dma.client.cap_mask); 4379 dma_cap_set(DMA_MEMCPY, net_dma.client.cap_mask);
4371 dma_async_client_register(&net_dma.client); 4380 dma_async_client_register(&net_dma.client);
diff --git a/net/core/ethtool.c b/net/core/ethtool.c
index a29b43d0b450..0133b5ebd545 100644
--- a/net/core/ethtool.c
+++ b/net/core/ethtool.c
@@ -323,6 +323,11 @@ static int ethtool_get_eeprom(struct net_device *dev, void __user *useraddr)
323 bytes_remaining -= eeprom.len; 323 bytes_remaining -= eeprom.len;
324 } 324 }
325 325
326 eeprom.len = userbuf - (useraddr + sizeof(eeprom));
327 eeprom.offset -= eeprom.len;
328 if (copy_to_user(useraddr, &eeprom, sizeof(eeprom)))
329 ret = -EFAULT;
330
326 kfree(data); 331 kfree(data);
327 return ret; 332 return ret;
328} 333}
diff --git a/net/core/filter.c b/net/core/filter.c
index f5f3cf603064..4f8369729a4e 100644
--- a/net/core/filter.c
+++ b/net/core/filter.c
@@ -213,7 +213,7 @@ unsigned int sk_run_filter(struct sk_buff *skb, struct sock_filter *filter, int
213load_w: 213load_w:
214 ptr = load_pointer(skb, k, 4, &tmp); 214 ptr = load_pointer(skb, k, 4, &tmp);
215 if (ptr != NULL) { 215 if (ptr != NULL) {
216 A = ntohl(get_unaligned((__be32 *)ptr)); 216 A = get_unaligned_be32(ptr);
217 continue; 217 continue;
218 } 218 }
219 break; 219 break;
@@ -222,7 +222,7 @@ load_w:
222load_h: 222load_h:
223 ptr = load_pointer(skb, k, 2, &tmp); 223 ptr = load_pointer(skb, k, 2, &tmp);
224 if (ptr != NULL) { 224 if (ptr != NULL) {
225 A = ntohs(get_unaligned((__be16 *)ptr)); 225 A = get_unaligned_be16(ptr);
226 continue; 226 continue;
227 } 227 }
228 break; 228 break;
diff --git a/net/core/neighbour.c b/net/core/neighbour.c
index 75075c303c44..5d9d7130bd6e 100644
--- a/net/core/neighbour.c
+++ b/net/core/neighbour.c
@@ -1430,11 +1430,10 @@ void neigh_table_init_no_netlink(struct neigh_table *tbl)
1430 panic("cannot create neighbour cache statistics"); 1430 panic("cannot create neighbour cache statistics");
1431 1431
1432#ifdef CONFIG_PROC_FS 1432#ifdef CONFIG_PROC_FS
1433 tbl->pde = proc_create(tbl->id, 0, init_net.proc_net_stat, 1433 tbl->pde = proc_create_data(tbl->id, 0, init_net.proc_net_stat,
1434 &neigh_stat_seq_fops); 1434 &neigh_stat_seq_fops, tbl);
1435 if (!tbl->pde) 1435 if (!tbl->pde)
1436 panic("cannot create neighbour proc dir entry"); 1436 panic("cannot create neighbour proc dir entry");
1437 tbl->pde->data = tbl;
1438#endif 1437#endif
1439 1438
1440 tbl->hash_mask = 1; 1439 tbl->hash_mask = 1;
diff --git a/net/core/net-sysfs.c b/net/core/net-sysfs.c
index 7635d3f72723..90e2177af081 100644
--- a/net/core/net-sysfs.c
+++ b/net/core/net-sysfs.c
@@ -87,6 +87,7 @@ static ssize_t netdev_store(struct device *dev, struct device_attribute *attr,
87 return ret; 87 return ret;
88} 88}
89 89
90NETDEVICE_SHOW(dev_id, fmt_hex);
90NETDEVICE_SHOW(addr_len, fmt_dec); 91NETDEVICE_SHOW(addr_len, fmt_dec);
91NETDEVICE_SHOW(iflink, fmt_dec); 92NETDEVICE_SHOW(iflink, fmt_dec);
92NETDEVICE_SHOW(ifindex, fmt_dec); 93NETDEVICE_SHOW(ifindex, fmt_dec);
@@ -210,6 +211,7 @@ static ssize_t store_tx_queue_len(struct device *dev,
210 211
211static struct device_attribute net_class_attributes[] = { 212static struct device_attribute net_class_attributes[] = {
212 __ATTR(addr_len, S_IRUGO, show_addr_len, NULL), 213 __ATTR(addr_len, S_IRUGO, show_addr_len, NULL),
214 __ATTR(dev_id, S_IRUGO, show_dev_id, NULL),
213 __ATTR(iflink, S_IRUGO, show_iflink, NULL), 215 __ATTR(iflink, S_IRUGO, show_iflink, NULL),
214 __ATTR(ifindex, S_IRUGO, show_ifindex, NULL), 216 __ATTR(ifindex, S_IRUGO, show_ifindex, NULL),
215 __ATTR(features, S_IRUGO, show_features, NULL), 217 __ATTR(features, S_IRUGO, show_features, NULL),
@@ -447,7 +449,6 @@ int netdev_register_kobject(struct net_device *net)
447 struct device *dev = &(net->dev); 449 struct device *dev = &(net->dev);
448 struct attribute_group **groups = net->sysfs_groups; 450 struct attribute_group **groups = net->sysfs_groups;
449 451
450 device_initialize(dev);
451 dev->class = &net_class; 452 dev->class = &net_class;
452 dev->platform_data = net; 453 dev->platform_data = net;
453 dev->groups = groups; 454 dev->groups = groups;
@@ -468,6 +469,12 @@ int netdev_register_kobject(struct net_device *net)
468 return device_add(dev); 469 return device_add(dev);
469} 470}
470 471
472void netdev_initialize_kobject(struct net_device *net)
473{
474 struct device *device = &(net->dev);
475 device_initialize(device);
476}
477
471int netdev_kobject_init(void) 478int netdev_kobject_init(void)
472{ 479{
473 return class_register(&net_class); 480 return class_register(&net_class);
diff --git a/net/core/net-sysfs.h b/net/core/net-sysfs.h
index f5f108db3924..14e7524260b3 100644
--- a/net/core/net-sysfs.h
+++ b/net/core/net-sysfs.h
@@ -4,5 +4,5 @@
4int netdev_kobject_init(void); 4int netdev_kobject_init(void);
5int netdev_register_kobject(struct net_device *); 5int netdev_register_kobject(struct net_device *);
6void netdev_unregister_kobject(struct net_device *); 6void netdev_unregister_kobject(struct net_device *);
7 7void netdev_initialize_kobject(struct net_device *);
8#endif 8#endif
diff --git a/net/core/pktgen.c b/net/core/pktgen.c
index a803b442234c..8dca21110493 100644
--- a/net/core/pktgen.c
+++ b/net/core/pktgen.c
@@ -3570,15 +3570,14 @@ static int pktgen_add_device(struct pktgen_thread *t, const char *ifname)
3570 if (err) 3570 if (err)
3571 goto out1; 3571 goto out1;
3572 3572
3573 pkt_dev->entry = proc_create(ifname, 0600, 3573 pkt_dev->entry = proc_create_data(ifname, 0600, pg_proc_dir,
3574 pg_proc_dir, &pktgen_if_fops); 3574 &pktgen_if_fops, pkt_dev);
3575 if (!pkt_dev->entry) { 3575 if (!pkt_dev->entry) {
3576 printk(KERN_ERR "pktgen: cannot create %s/%s procfs entry.\n", 3576 printk(KERN_ERR "pktgen: cannot create %s/%s procfs entry.\n",
3577 PG_PROC_DIR, ifname); 3577 PG_PROC_DIR, ifname);
3578 err = -EINVAL; 3578 err = -EINVAL;
3579 goto out2; 3579 goto out2;
3580 } 3580 }
3581 pkt_dev->entry->data = pkt_dev;
3582#ifdef CONFIG_XFRM 3581#ifdef CONFIG_XFRM
3583 pkt_dev->ipsmode = XFRM_MODE_TRANSPORT; 3582 pkt_dev->ipsmode = XFRM_MODE_TRANSPORT;
3584 pkt_dev->ipsproto = IPPROTO_ESP; 3583 pkt_dev->ipsproto = IPPROTO_ESP;
@@ -3628,7 +3627,8 @@ static int __init pktgen_create_thread(int cpu)
3628 kthread_bind(p, cpu); 3627 kthread_bind(p, cpu);
3629 t->tsk = p; 3628 t->tsk = p;
3630 3629
3631 pe = proc_create(t->tsk->comm, 0600, pg_proc_dir, &pktgen_thread_fops); 3630 pe = proc_create_data(t->tsk->comm, 0600, pg_proc_dir,
3631 &pktgen_thread_fops, t);
3632 if (!pe) { 3632 if (!pe) {
3633 printk(KERN_ERR "pktgen: cannot create %s/%s procfs entry.\n", 3633 printk(KERN_ERR "pktgen: cannot create %s/%s procfs entry.\n",
3634 PG_PROC_DIR, t->tsk->comm); 3634 PG_PROC_DIR, t->tsk->comm);
@@ -3638,8 +3638,6 @@ static int __init pktgen_create_thread(int cpu)
3638 return -EINVAL; 3638 return -EINVAL;
3639 } 3639 }
3640 3640
3641 pe->data = t;
3642
3643 wake_up_process(p); 3641 wake_up_process(p);
3644 3642
3645 return 0; 3643 return 0;
@@ -3716,8 +3714,6 @@ static int __init pg_init(void)
3716 return -EINVAL; 3714 return -EINVAL;
3717 } 3715 }
3718 3716
3719 pe->data = NULL;
3720
3721 /* Register us to receive netdevice events */ 3717 /* Register us to receive netdevice events */
3722 register_netdevice_notifier(&pktgen_notifier_block); 3718 register_netdevice_notifier(&pktgen_notifier_block);
3723 3719
diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
index bc39e417694a..cf857c4dc7b1 100644
--- a/net/core/rtnetlink.c
+++ b/net/core/rtnetlink.c
@@ -82,6 +82,11 @@ int rtnl_trylock(void)
82 return mutex_trylock(&rtnl_mutex); 82 return mutex_trylock(&rtnl_mutex);
83} 83}
84 84
85int rtnl_is_locked(void)
86{
87 return mutex_is_locked(&rtnl_mutex);
88}
89
85static struct rtnl_link *rtnl_msg_handlers[NPROTO]; 90static struct rtnl_link *rtnl_msg_handlers[NPROTO];
86 91
87static inline int rtm_msgindex(int msgtype) 92static inline int rtm_msgindex(int msgtype)
@@ -1402,6 +1407,7 @@ EXPORT_SYMBOL(rtnetlink_put_metrics);
1402EXPORT_SYMBOL(rtnl_lock); 1407EXPORT_SYMBOL(rtnl_lock);
1403EXPORT_SYMBOL(rtnl_trylock); 1408EXPORT_SYMBOL(rtnl_trylock);
1404EXPORT_SYMBOL(rtnl_unlock); 1409EXPORT_SYMBOL(rtnl_unlock);
1410EXPORT_SYMBOL(rtnl_is_locked);
1405EXPORT_SYMBOL(rtnl_unicast); 1411EXPORT_SYMBOL(rtnl_unicast);
1406EXPORT_SYMBOL(rtnl_notify); 1412EXPORT_SYMBOL(rtnl_notify);
1407EXPORT_SYMBOL(rtnl_set_sk_err); 1413EXPORT_SYMBOL(rtnl_set_sk_err);
diff --git a/net/core/sock.c b/net/core/sock.c
index 5dbb81bc9673..fa76f04fa9c6 100644
--- a/net/core/sock.c
+++ b/net/core/sock.c
@@ -228,11 +228,12 @@ static int sock_set_timeout(long *timeo_p, char __user *optval, int optlen)
228 static int warned __read_mostly; 228 static int warned __read_mostly;
229 229
230 *timeo_p = 0; 230 *timeo_p = 0;
231 if (warned < 10 && net_ratelimit()) 231 if (warned < 10 && net_ratelimit()) {
232 warned++; 232 warned++;
233 printk(KERN_INFO "sock_set_timeout: `%s' (pid %d) " 233 printk(KERN_INFO "sock_set_timeout: `%s' (pid %d) "
234 "tries to set negative timeout\n", 234 "tries to set negative timeout\n",
235 current->comm, task_pid_nr(current)); 235 current->comm, task_pid_nr(current));
236 }
236 return 0; 237 return 0;
237 } 238 }
238 *timeo_p = MAX_SCHEDULE_TIMEOUT; 239 *timeo_p = MAX_SCHEDULE_TIMEOUT;
diff --git a/net/dccp/ccids/ccid2.c b/net/dccp/ccids/ccid2.c
index b5b52ebb2693..8e9580874216 100644
--- a/net/dccp/ccids/ccid2.c
+++ b/net/dccp/ccids/ccid2.c
@@ -716,7 +716,7 @@ static int ccid2_hc_tx_init(struct ccid *ccid, struct sock *sk)
716 * packets for new connections, following the rules from [RFC3390]". 716 * packets for new connections, following the rules from [RFC3390]".
717 * We need to convert the bytes of RFC3390 into the packets of RFC 4341. 717 * We need to convert the bytes of RFC3390 into the packets of RFC 4341.
718 */ 718 */
719 hctx->ccid2hctx_cwnd = min(4U, max(2U, 4380U / dp->dccps_mss_cache)); 719 hctx->ccid2hctx_cwnd = clamp(4380U / dp->dccps_mss_cache, 2U, 4U);
720 720
721 /* Make sure that Ack Ratio is enabled and within bounds. */ 721 /* Make sure that Ack Ratio is enabled and within bounds. */
722 max_ratio = DIV_ROUND_UP(hctx->ccid2hctx_cwnd, 2); 722 max_ratio = DIV_ROUND_UP(hctx->ccid2hctx_cwnd, 2);
diff --git a/net/dccp/ccids/ccid3.c b/net/dccp/ccids/ccid3.c
index e76f460af0ea..cd61dea2eea1 100644
--- a/net/dccp/ccids/ccid3.c
+++ b/net/dccp/ccids/ccid3.c
@@ -88,8 +88,8 @@ static void ccid3_hc_tx_set_state(struct sock *sk,
88static inline u64 rfc3390_initial_rate(struct sock *sk) 88static inline u64 rfc3390_initial_rate(struct sock *sk)
89{ 89{
90 const struct ccid3_hc_tx_sock *hctx = ccid3_hc_tx_sk(sk); 90 const struct ccid3_hc_tx_sock *hctx = ccid3_hc_tx_sk(sk);
91 const __u32 w_init = min_t(__u32, 4 * hctx->ccid3hctx_s, 91 const __u32 w_init = clamp_t(__u32, 4380U,
92 max_t(__u32, 2 * hctx->ccid3hctx_s, 4380)); 92 2 * hctx->ccid3hctx_s, 4 * hctx->ccid3hctx_s);
93 93
94 return scaled_div(w_init << 6, hctx->ccid3hctx_rtt); 94 return scaled_div(w_init << 6, hctx->ccid3hctx_rtt);
95} 95}
diff --git a/net/dccp/probe.c b/net/dccp/probe.c
index 7053bb827bc8..0bcdc9250279 100644
--- a/net/dccp/probe.c
+++ b/net/dccp/probe.c
@@ -46,29 +46,24 @@ struct {
46 struct kfifo *fifo; 46 struct kfifo *fifo;
47 spinlock_t lock; 47 spinlock_t lock;
48 wait_queue_head_t wait; 48 wait_queue_head_t wait;
49 struct timeval tstart; 49 struct timespec tstart;
50} dccpw; 50} dccpw;
51 51
52static void printl(const char *fmt, ...) 52static void printl(const char *fmt, ...)
53{ 53{
54 va_list args; 54 va_list args;
55 int len; 55 int len;
56 struct timeval now; 56 struct timespec now;
57 char tbuf[256]; 57 char tbuf[256];
58 58
59 va_start(args, fmt); 59 va_start(args, fmt);
60 do_gettimeofday(&now); 60 getnstimeofday(&now);
61 61
62 now.tv_sec -= dccpw.tstart.tv_sec; 62 now = timespec_sub(now, dccpw.tstart);
63 now.tv_usec -= dccpw.tstart.tv_usec;
64 if (now.tv_usec < 0) {
65 --now.tv_sec;
66 now.tv_usec += 1000000;
67 }
68 63
69 len = sprintf(tbuf, "%lu.%06lu ", 64 len = sprintf(tbuf, "%lu.%06lu ",
70 (unsigned long) now.tv_sec, 65 (unsigned long) now.tv_sec,
71 (unsigned long) now.tv_usec); 66 (unsigned long) now.tv_nsec / NSEC_PER_USEC);
72 len += vscnprintf(tbuf+len, sizeof(tbuf)-len, fmt, args); 67 len += vscnprintf(tbuf+len, sizeof(tbuf)-len, fmt, args);
73 va_end(args); 68 va_end(args);
74 69
@@ -119,7 +114,7 @@ static struct jprobe dccp_send_probe = {
119static int dccpprobe_open(struct inode *inode, struct file *file) 114static int dccpprobe_open(struct inode *inode, struct file *file)
120{ 115{
121 kfifo_reset(dccpw.fifo); 116 kfifo_reset(dccpw.fifo);
122 do_gettimeofday(&dccpw.tstart); 117 getnstimeofday(&dccpw.tstart);
123 return 0; 118 return 0;
124} 119}
125 120
@@ -145,7 +140,7 @@ static ssize_t dccpprobe_read(struct file *file, char __user *buf,
145 goto out_free; 140 goto out_free;
146 141
147 cnt = kfifo_get(dccpw.fifo, tbuf, len); 142 cnt = kfifo_get(dccpw.fifo, tbuf, len);
148 error = copy_to_user(buf, tbuf, cnt); 143 error = copy_to_user(buf, tbuf, cnt) ? -EFAULT : 0;
149 144
150out_free: 145out_free:
151 vfree(tbuf); 146 vfree(tbuf);
diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c
index f2b5270efdaa..24eca23c2db3 100644
--- a/net/ipv4/af_inet.c
+++ b/net/ipv4/af_inet.c
@@ -1234,7 +1234,7 @@ static struct sk_buff *inet_gso_segment(struct sk_buff *skb, int features)
1234 segs = ops->gso_segment(skb, features); 1234 segs = ops->gso_segment(skb, features);
1235 rcu_read_unlock(); 1235 rcu_read_unlock();
1236 1236
1237 if (!segs || unlikely(IS_ERR(segs))) 1237 if (!segs || IS_ERR(segs))
1238 goto out; 1238 goto out;
1239 1239
1240 skb = segs; 1240 skb = segs;
diff --git a/net/ipv4/cipso_ipv4.c b/net/ipv4/cipso_ipv4.c
index 4637ded3dba8..05afb576d935 100644
--- a/net/ipv4/cipso_ipv4.c
+++ b/net/ipv4/cipso_ipv4.c
@@ -983,7 +983,7 @@ static int cipso_v4_map_cat_enum_valid(const struct cipso_v4_doi *doi_def,
983 return -EFAULT; 983 return -EFAULT;
984 984
985 for (iter = 0; iter < enumcat_len; iter += 2) { 985 for (iter = 0; iter < enumcat_len; iter += 2) {
986 cat = ntohs(get_unaligned((__be16 *)&enumcat[iter])); 986 cat = get_unaligned_be16(&enumcat[iter]);
987 if (cat <= cat_prev) 987 if (cat <= cat_prev)
988 return -EFAULT; 988 return -EFAULT;
989 cat_prev = cat; 989 cat_prev = cat;
@@ -1052,7 +1052,7 @@ static int cipso_v4_map_cat_enum_ntoh(const struct cipso_v4_doi *doi_def,
1052 1052
1053 for (iter = 0; iter < net_cat_len; iter += 2) { 1053 for (iter = 0; iter < net_cat_len; iter += 2) {
1054 ret_val = netlbl_secattr_catmap_setbit(secattr->attr.mls.cat, 1054 ret_val = netlbl_secattr_catmap_setbit(secattr->attr.mls.cat,
1055 ntohs(get_unaligned((__be16 *)&net_cat[iter])), 1055 get_unaligned_be16(&net_cat[iter]),
1056 GFP_ATOMIC); 1056 GFP_ATOMIC);
1057 if (ret_val != 0) 1057 if (ret_val != 0)
1058 return ret_val; 1058 return ret_val;
@@ -1086,10 +1086,9 @@ static int cipso_v4_map_cat_rng_valid(const struct cipso_v4_doi *doi_def,
1086 return -EFAULT; 1086 return -EFAULT;
1087 1087
1088 for (iter = 0; iter < rngcat_len; iter += 4) { 1088 for (iter = 0; iter < rngcat_len; iter += 4) {
1089 cat_high = ntohs(get_unaligned((__be16 *)&rngcat[iter])); 1089 cat_high = get_unaligned_be16(&rngcat[iter]);
1090 if ((iter + 4) <= rngcat_len) 1090 if ((iter + 4) <= rngcat_len)
1091 cat_low = ntohs( 1091 cat_low = get_unaligned_be16(&rngcat[iter + 2]);
1092 get_unaligned((__be16 *)&rngcat[iter + 2]));
1093 else 1092 else
1094 cat_low = 0; 1093 cat_low = 0;
1095 1094
@@ -1188,10 +1187,9 @@ static int cipso_v4_map_cat_rng_ntoh(const struct cipso_v4_doi *doi_def,
1188 u16 cat_high; 1187 u16 cat_high;
1189 1188
1190 for (net_iter = 0; net_iter < net_cat_len; net_iter += 4) { 1189 for (net_iter = 0; net_iter < net_cat_len; net_iter += 4) {
1191 cat_high = ntohs(get_unaligned((__be16 *)&net_cat[net_iter])); 1190 cat_high = get_unaligned_be16(&net_cat[net_iter]);
1192 if ((net_iter + 4) <= net_cat_len) 1191 if ((net_iter + 4) <= net_cat_len)
1193 cat_low = ntohs( 1192 cat_low = get_unaligned_be16(&net_cat[net_iter + 2]);
1194 get_unaligned((__be16 *)&net_cat[net_iter + 2]));
1195 else 1193 else
1196 cat_low = 0; 1194 cat_low = 0;
1197 1195
@@ -1562,7 +1560,7 @@ int cipso_v4_validate(unsigned char **option)
1562 } 1560 }
1563 1561
1564 rcu_read_lock(); 1562 rcu_read_lock();
1565 doi_def = cipso_v4_doi_search(ntohl(get_unaligned((__be32 *)&opt[2]))); 1563 doi_def = cipso_v4_doi_search(get_unaligned_be32(&opt[2]));
1566 if (doi_def == NULL) { 1564 if (doi_def == NULL) {
1567 err_offset = 2; 1565 err_offset = 2;
1568 goto validate_return_locked; 1566 goto validate_return_locked;
@@ -1843,7 +1841,7 @@ static int cipso_v4_getattr(const unsigned char *cipso,
1843 if (cipso_v4_cache_check(cipso, cipso[1], secattr) == 0) 1841 if (cipso_v4_cache_check(cipso, cipso[1], secattr) == 0)
1844 return 0; 1842 return 0;
1845 1843
1846 doi = ntohl(get_unaligned((__be32 *)&cipso[2])); 1844 doi = get_unaligned_be32(&cipso[2]);
1847 rcu_read_lock(); 1845 rcu_read_lock();
1848 doi_def = cipso_v4_doi_search(doi); 1846 doi_def = cipso_v4_doi_search(doi);
1849 if (doi_def == NULL) 1847 if (doi_def == NULL)
diff --git a/net/ipv4/fib_hash.c b/net/ipv4/fib_hash.c
index 02088deb0461..2e2fc3376ac9 100644
--- a/net/ipv4/fib_hash.c
+++ b/net/ipv4/fib_hash.c
@@ -1003,7 +1003,7 @@ static unsigned fib_flag_trans(int type, __be32 mask, struct fib_info *fi)
1003static int fib_seq_show(struct seq_file *seq, void *v) 1003static int fib_seq_show(struct seq_file *seq, void *v)
1004{ 1004{
1005 struct fib_iter_state *iter; 1005 struct fib_iter_state *iter;
1006 char bf[128]; 1006 int len;
1007 __be32 prefix, mask; 1007 __be32 prefix, mask;
1008 unsigned flags; 1008 unsigned flags;
1009 struct fib_node *f; 1009 struct fib_node *f;
@@ -1025,18 +1025,19 @@ static int fib_seq_show(struct seq_file *seq, void *v)
1025 mask = FZ_MASK(iter->zone); 1025 mask = FZ_MASK(iter->zone);
1026 flags = fib_flag_trans(fa->fa_type, mask, fi); 1026 flags = fib_flag_trans(fa->fa_type, mask, fi);
1027 if (fi) 1027 if (fi)
1028 snprintf(bf, sizeof(bf), 1028 seq_printf(seq,
1029 "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u", 1029 "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n",
1030 fi->fib_dev ? fi->fib_dev->name : "*", prefix, 1030 fi->fib_dev ? fi->fib_dev->name : "*", prefix,
1031 fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority, 1031 fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority,
1032 mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), 1032 mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0),
1033 fi->fib_window, 1033 fi->fib_window,
1034 fi->fib_rtt >> 3); 1034 fi->fib_rtt >> 3, &len);
1035 else 1035 else
1036 snprintf(bf, sizeof(bf), 1036 seq_printf(seq,
1037 "*\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u", 1037 "*\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n",
1038 prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0); 1038 prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len);
1039 seq_printf(seq, "%-127s\n", bf); 1039
1040 seq_printf(seq, "%*s\n", 127 - len, "");
1040out: 1041out:
1041 return 0; 1042 return 0;
1042} 1043}
diff --git a/net/ipv4/fib_trie.c b/net/ipv4/fib_trie.c
index ea294fffb9ce..4b02d14e7ab9 100644
--- a/net/ipv4/fib_trie.c
+++ b/net/ipv4/fib_trie.c
@@ -2602,15 +2602,16 @@ static int fib_route_seq_show(struct seq_file *seq, void *v)
2602 list_for_each_entry_rcu(fa, &li->falh, fa_list) { 2602 list_for_each_entry_rcu(fa, &li->falh, fa_list) {
2603 const struct fib_info *fi = fa->fa_info; 2603 const struct fib_info *fi = fa->fa_info;
2604 unsigned flags = fib_flag_trans(fa->fa_type, mask, fi); 2604 unsigned flags = fib_flag_trans(fa->fa_type, mask, fi);
2605 char bf[128]; 2605 int len;
2606 2606
2607 if (fa->fa_type == RTN_BROADCAST 2607 if (fa->fa_type == RTN_BROADCAST
2608 || fa->fa_type == RTN_MULTICAST) 2608 || fa->fa_type == RTN_MULTICAST)
2609 continue; 2609 continue;
2610 2610
2611 if (fi) 2611 if (fi)
2612 snprintf(bf, sizeof(bf), 2612 seq_printf(seq,
2613 "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u", 2613 "%s\t%08X\t%08X\t%04X\t%d\t%u\t"
2614 "%d\t%08X\t%d\t%u\t%u%n",
2614 fi->fib_dev ? fi->fib_dev->name : "*", 2615 fi->fib_dev ? fi->fib_dev->name : "*",
2615 prefix, 2616 prefix,
2616 fi->fib_nh->nh_gw, flags, 0, 0, 2617 fi->fib_nh->nh_gw, flags, 0, 0,
@@ -2619,14 +2620,15 @@ static int fib_route_seq_show(struct seq_file *seq, void *v)
2619 (fi->fib_advmss ? 2620 (fi->fib_advmss ?
2620 fi->fib_advmss + 40 : 0), 2621 fi->fib_advmss + 40 : 0),
2621 fi->fib_window, 2622 fi->fib_window,
2622 fi->fib_rtt >> 3); 2623 fi->fib_rtt >> 3, &len);
2623 else 2624 else
2624 snprintf(bf, sizeof(bf), 2625 seq_printf(seq,
2625 "*\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u", 2626 "*\t%08X\t%08X\t%04X\t%d\t%u\t"
2627 "%d\t%08X\t%d\t%u\t%u%n",
2626 prefix, 0, flags, 0, 0, 0, 2628 prefix, 0, flags, 0, 0, 0,
2627 mask, 0, 0, 0); 2629 mask, 0, 0, 0, &len);
2628 2630
2629 seq_printf(seq, "%-127s\n", bf); 2631 seq_printf(seq, "%*s\n", 127 - len, "");
2630 } 2632 }
2631 } 2633 }
2632 2634
diff --git a/net/ipv4/icmp.c b/net/ipv4/icmp.c
index f064031f2031..87397351ddac 100644
--- a/net/ipv4/icmp.c
+++ b/net/ipv4/icmp.c
@@ -691,7 +691,8 @@ static void icmp_unreach(struct sk_buff *skb)
691 NIPQUAD(iph->daddr)); 691 NIPQUAD(iph->daddr));
692 } else { 692 } else {
693 info = ip_rt_frag_needed(net, iph, 693 info = ip_rt_frag_needed(net, iph,
694 ntohs(icmph->un.frag.mtu)); 694 ntohs(icmph->un.frag.mtu),
695 skb->dev);
695 if (!info) 696 if (!info)
696 goto out; 697 goto out;
697 } 698 }
@@ -847,7 +848,7 @@ static void icmp_echo(struct sk_buff *skb)
847 */ 848 */
848static void icmp_timestamp(struct sk_buff *skb) 849static void icmp_timestamp(struct sk_buff *skb)
849{ 850{
850 struct timeval tv; 851 struct timespec tv;
851 struct icmp_bxm icmp_param; 852 struct icmp_bxm icmp_param;
852 /* 853 /*
853 * Too short. 854 * Too short.
@@ -858,9 +859,9 @@ static void icmp_timestamp(struct sk_buff *skb)
858 /* 859 /*
859 * Fill in the current time as ms since midnight UT: 860 * Fill in the current time as ms since midnight UT:
860 */ 861 */
861 do_gettimeofday(&tv); 862 getnstimeofday(&tv);
862 icmp_param.data.times[1] = htonl((tv.tv_sec % 86400) * 1000 + 863 icmp_param.data.times[1] = htonl((tv.tv_sec % 86400) * MSEC_PER_SEC +
863 tv.tv_usec / 1000); 864 tv.tv_nsec / NSEC_PER_MSEC);
864 icmp_param.data.times[2] = icmp_param.data.times[1]; 865 icmp_param.data.times[2] = icmp_param.data.times[1];
865 if (skb_copy_bits(skb, 0, &icmp_param.data.times[0], 4)) 866 if (skb_copy_bits(skb, 0, &icmp_param.data.times[0], 4))
866 BUG(); 867 BUG();
@@ -1144,7 +1145,7 @@ static void __net_exit icmp_sk_exit(struct net *net)
1144 net->ipv4.icmp_sk = NULL; 1145 net->ipv4.icmp_sk = NULL;
1145} 1146}
1146 1147
1147int __net_init icmp_sk_init(struct net *net) 1148static int __net_init icmp_sk_init(struct net *net)
1148{ 1149{
1149 int i, err; 1150 int i, err;
1150 1151
diff --git a/net/ipv4/ip_options.c b/net/ipv4/ip_options.c
index d107543d3f81..33126ad2cfdc 100644
--- a/net/ipv4/ip_options.c
+++ b/net/ipv4/ip_options.c
@@ -55,10 +55,10 @@ void ip_options_build(struct sk_buff * skb, struct ip_options * opt,
55 if (opt->ts_needaddr) 55 if (opt->ts_needaddr)
56 ip_rt_get_source(iph+opt->ts+iph[opt->ts+2]-9, rt); 56 ip_rt_get_source(iph+opt->ts+iph[opt->ts+2]-9, rt);
57 if (opt->ts_needtime) { 57 if (opt->ts_needtime) {
58 struct timeval tv; 58 struct timespec tv;
59 __be32 midtime; 59 __be32 midtime;
60 do_gettimeofday(&tv); 60 getnstimeofday(&tv);
61 midtime = htonl((tv.tv_sec % 86400) * 1000 + tv.tv_usec / 1000); 61 midtime = htonl((tv.tv_sec % 86400) * MSEC_PER_SEC + tv.tv_nsec / NSEC_PER_MSEC);
62 memcpy(iph+opt->ts+iph[opt->ts+2]-5, &midtime, 4); 62 memcpy(iph+opt->ts+iph[opt->ts+2]-5, &midtime, 4);
63 } 63 }
64 return; 64 return;
@@ -406,10 +406,10 @@ int ip_options_compile(struct net *net,
406 break; 406 break;
407 } 407 }
408 if (timeptr) { 408 if (timeptr) {
409 struct timeval tv; 409 struct timespec tv;
410 __be32 midtime; 410 __be32 midtime;
411 do_gettimeofday(&tv); 411 getnstimeofday(&tv);
412 midtime = htonl((tv.tv_sec % 86400) * 1000 + tv.tv_usec / 1000); 412 midtime = htonl((tv.tv_sec % 86400) * MSEC_PER_SEC + tv.tv_nsec / NSEC_PER_MSEC);
413 memcpy(timeptr, &midtime, sizeof(__be32)); 413 memcpy(timeptr, &midtime, sizeof(__be32));
414 opt->is_changed = 1; 414 opt->is_changed = 1;
415 } 415 }
diff --git a/net/ipv4/ip_output.c b/net/ipv4/ip_output.c
index 08349267ceb4..e527628f56cf 100644
--- a/net/ipv4/ip_output.c
+++ b/net/ipv4/ip_output.c
@@ -753,23 +753,15 @@ static inline int ip_ufo_append_data(struct sock *sk,
753 skb->ip_summed = CHECKSUM_PARTIAL; 753 skb->ip_summed = CHECKSUM_PARTIAL;
754 skb->csum = 0; 754 skb->csum = 0;
755 sk->sk_sndmsg_off = 0; 755 sk->sk_sndmsg_off = 0;
756 }
757 756
758 err = skb_append_datato_frags(sk,skb, getfrag, from, 757 /* specify the length of each IP datagram fragment */
759 (length - transhdrlen));
760 if (!err) {
761 /* specify the length of each IP datagram fragment*/
762 skb_shinfo(skb)->gso_size = mtu - fragheaderlen; 758 skb_shinfo(skb)->gso_size = mtu - fragheaderlen;
763 skb_shinfo(skb)->gso_type = SKB_GSO_UDP; 759 skb_shinfo(skb)->gso_type = SKB_GSO_UDP;
764 __skb_queue_tail(&sk->sk_write_queue, skb); 760 __skb_queue_tail(&sk->sk_write_queue, skb);
765
766 return 0;
767 } 761 }
768 /* There is not enough support do UFO , 762
769 * so follow normal path 763 return skb_append_datato_frags(sk, skb, getfrag, from,
770 */ 764 (length - transhdrlen));
771 kfree_skb(skb);
772 return err;
773} 765}
774 766
775/* 767/*
@@ -863,9 +855,9 @@ int ip_append_data(struct sock *sk,
863 csummode = CHECKSUM_PARTIAL; 855 csummode = CHECKSUM_PARTIAL;
864 856
865 inet->cork.length += length; 857 inet->cork.length += length;
866 if (((length > mtu) && (sk->sk_protocol == IPPROTO_UDP)) && 858 if (((length> mtu) || !skb_queue_empty(&sk->sk_write_queue)) &&
867 (rt->u.dst.dev->features & NETIF_F_UFO)) { 859 (sk->sk_protocol == IPPROTO_UDP) &&
868 860 (rt->u.dst.dev->features & NETIF_F_UFO)) {
869 err = ip_ufo_append_data(sk, getfrag, from, length, hh_len, 861 err = ip_ufo_append_data(sk, getfrag, from, length, hh_len,
870 fragheaderlen, transhdrlen, mtu, 862 fragheaderlen, transhdrlen, mtu,
871 flags); 863 flags);
diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c
index d8adfd4972e2..e0514e82308e 100644
--- a/net/ipv4/ip_sockglue.c
+++ b/net/ipv4/ip_sockglue.c
@@ -36,6 +36,7 @@
36#include <linux/mroute.h> 36#include <linux/mroute.h>
37#include <net/route.h> 37#include <net/route.h>
38#include <net/xfrm.h> 38#include <net/xfrm.h>
39#include <net/compat.h>
39#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 40#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
40#include <net/transp_v6.h> 41#include <net/transp_v6.h>
41#endif 42#endif
@@ -923,6 +924,10 @@ int compat_ip_setsockopt(struct sock *sk, int level, int optname,
923 if (level != SOL_IP) 924 if (level != SOL_IP)
924 return -ENOPROTOOPT; 925 return -ENOPROTOOPT;
925 926
927 if (optname >= MCAST_JOIN_GROUP && optname <= MCAST_MSFILTER)
928 return compat_mc_setsockopt(sk, level, optname, optval, optlen,
929 ip_setsockopt);
930
926 err = do_ip_setsockopt(sk, level, optname, optval, optlen); 931 err = do_ip_setsockopt(sk, level, optname, optval, optlen);
927#ifdef CONFIG_NETFILTER 932#ifdef CONFIG_NETFILTER
928 /* we need to exclude all possible ENOPROTOOPTs except default case */ 933 /* we need to exclude all possible ENOPROTOOPTs except default case */
@@ -1181,7 +1186,14 @@ int ip_getsockopt(struct sock *sk, int level,
1181int compat_ip_getsockopt(struct sock *sk, int level, int optname, 1186int compat_ip_getsockopt(struct sock *sk, int level, int optname,
1182 char __user *optval, int __user *optlen) 1187 char __user *optval, int __user *optlen)
1183{ 1188{
1184 int err = do_ip_getsockopt(sk, level, optname, optval, optlen); 1189 int err;
1190
1191 if (optname == MCAST_MSFILTER)
1192 return compat_mc_getsockopt(sk, level, optname, optval, optlen,
1193 ip_getsockopt);
1194
1195 err = do_ip_getsockopt(sk, level, optname, optval, optlen);
1196
1185#ifdef CONFIG_NETFILTER 1197#ifdef CONFIG_NETFILTER
1186 /* we need to exclude all possible ENOPROTOOPTs except default case */ 1198 /* we need to exclude all possible ENOPROTOOPTs except default case */
1187 if (err == -ENOPROTOOPT && optname != IP_PKTOPTIONS && 1199 if (err == -ENOPROTOOPT && optname != IP_PKTOPTIONS &&
diff --git a/net/ipv4/ipconfig.c b/net/ipv4/ipconfig.c
index 0f42d1c1f690..89dee4346f60 100644
--- a/net/ipv4/ipconfig.c
+++ b/net/ipv4/ipconfig.c
@@ -412,12 +412,12 @@ static struct packet_type rarp_packet_type __initdata = {
412 .func = ic_rarp_recv, 412 .func = ic_rarp_recv,
413}; 413};
414 414
415static inline void ic_rarp_init(void) 415static inline void __init ic_rarp_init(void)
416{ 416{
417 dev_add_pack(&rarp_packet_type); 417 dev_add_pack(&rarp_packet_type);
418} 418}
419 419
420static inline void ic_rarp_cleanup(void) 420static inline void __init ic_rarp_cleanup(void)
421{ 421{
422 dev_remove_pack(&rarp_packet_type); 422 dev_remove_pack(&rarp_packet_type);
423} 423}
@@ -682,7 +682,7 @@ static void __init ic_bootp_init_ext(u8 *e)
682/* 682/*
683 * Initialize the DHCP/BOOTP mechanism. 683 * Initialize the DHCP/BOOTP mechanism.
684 */ 684 */
685static inline void ic_bootp_init(void) 685static inline void __init ic_bootp_init(void)
686{ 686{
687 int i; 687 int i;
688 688
@@ -696,7 +696,7 @@ static inline void ic_bootp_init(void)
696/* 696/*
697 * DHCP/BOOTP cleanup. 697 * DHCP/BOOTP cleanup.
698 */ 698 */
699static inline void ic_bootp_cleanup(void) 699static inline void __init ic_bootp_cleanup(void)
700{ 700{
701 dev_remove_pack(&bootp_packet_type); 701 dev_remove_pack(&bootp_packet_type);
702} 702}
diff --git a/net/ipv4/ipvs/ip_vs_proto.c b/net/ipv4/ipvs/ip_vs_proto.c
index dde28a250d92..4b1c16cbb16b 100644
--- a/net/ipv4/ipvs/ip_vs_proto.c
+++ b/net/ipv4/ipvs/ip_vs_proto.c
@@ -148,7 +148,7 @@ const char * ip_vs_state_name(__u16 proto, int state)
148 struct ip_vs_protocol *pp = ip_vs_proto_get(proto); 148 struct ip_vs_protocol *pp = ip_vs_proto_get(proto);
149 149
150 if (pp == NULL || pp->state_name == NULL) 150 if (pp == NULL || pp->state_name == NULL)
151 return "ERR!"; 151 return (IPPROTO_IP == proto) ? "NONE" : "ERR!";
152 return pp->state_name(state); 152 return pp->state_name(state);
153} 153}
154 154
diff --git a/net/ipv4/ipvs/ip_vs_proto_ah.c b/net/ipv4/ipvs/ip_vs_proto_ah.c
index a842676e1c69..4bf835e1d86d 100644
--- a/net/ipv4/ipvs/ip_vs_proto_ah.c
+++ b/net/ipv4/ipvs/ip_vs_proto_ah.c
@@ -160,6 +160,7 @@ static void ah_exit(struct ip_vs_protocol *pp)
160struct ip_vs_protocol ip_vs_protocol_ah = { 160struct ip_vs_protocol ip_vs_protocol_ah = {
161 .name = "AH", 161 .name = "AH",
162 .protocol = IPPROTO_AH, 162 .protocol = IPPROTO_AH,
163 .num_states = 1,
163 .dont_defrag = 1, 164 .dont_defrag = 1,
164 .init = ah_init, 165 .init = ah_init,
165 .exit = ah_exit, 166 .exit = ah_exit,
diff --git a/net/ipv4/ipvs/ip_vs_proto_esp.c b/net/ipv4/ipvs/ip_vs_proto_esp.c
index aef0d3ee8e44..db6a6b7b1a0b 100644
--- a/net/ipv4/ipvs/ip_vs_proto_esp.c
+++ b/net/ipv4/ipvs/ip_vs_proto_esp.c
@@ -159,6 +159,7 @@ static void esp_exit(struct ip_vs_protocol *pp)
159struct ip_vs_protocol ip_vs_protocol_esp = { 159struct ip_vs_protocol ip_vs_protocol_esp = {
160 .name = "ESP", 160 .name = "ESP",
161 .protocol = IPPROTO_ESP, 161 .protocol = IPPROTO_ESP,
162 .num_states = 1,
162 .dont_defrag = 1, 163 .dont_defrag = 1,
163 .init = esp_init, 164 .init = esp_init,
164 .exit = esp_exit, 165 .exit = esp_exit,
diff --git a/net/ipv4/ipvs/ip_vs_proto_tcp.c b/net/ipv4/ipvs/ip_vs_proto_tcp.c
index 620e40ff79a9..b83dc14b0a4d 100644
--- a/net/ipv4/ipvs/ip_vs_proto_tcp.c
+++ b/net/ipv4/ipvs/ip_vs_proto_tcp.c
@@ -594,6 +594,7 @@ static void ip_vs_tcp_exit(struct ip_vs_protocol *pp)
594struct ip_vs_protocol ip_vs_protocol_tcp = { 594struct ip_vs_protocol ip_vs_protocol_tcp = {
595 .name = "TCP", 595 .name = "TCP",
596 .protocol = IPPROTO_TCP, 596 .protocol = IPPROTO_TCP,
597 .num_states = IP_VS_TCP_S_LAST,
597 .dont_defrag = 0, 598 .dont_defrag = 0,
598 .appcnt = ATOMIC_INIT(0), 599 .appcnt = ATOMIC_INIT(0),
599 .init = ip_vs_tcp_init, 600 .init = ip_vs_tcp_init,
diff --git a/net/ipv4/ipvs/ip_vs_proto_udp.c b/net/ipv4/ipvs/ip_vs_proto_udp.c
index 1caa2908373f..75771cb3cd6f 100644
--- a/net/ipv4/ipvs/ip_vs_proto_udp.c
+++ b/net/ipv4/ipvs/ip_vs_proto_udp.c
@@ -409,6 +409,7 @@ static void udp_exit(struct ip_vs_protocol *pp)
409struct ip_vs_protocol ip_vs_protocol_udp = { 409struct ip_vs_protocol ip_vs_protocol_udp = {
410 .name = "UDP", 410 .name = "UDP",
411 .protocol = IPPROTO_UDP, 411 .protocol = IPPROTO_UDP,
412 .num_states = IP_VS_UDP_S_LAST,
412 .dont_defrag = 0, 413 .dont_defrag = 0,
413 .init = udp_init, 414 .init = udp_init,
414 .exit = udp_exit, 415 .exit = udp_exit,
diff --git a/net/ipv4/ipvs/ip_vs_sync.c b/net/ipv4/ipvs/ip_vs_sync.c
index 69c56663cc9a..eff54efe0351 100644
--- a/net/ipv4/ipvs/ip_vs_sync.c
+++ b/net/ipv4/ipvs/ip_vs_sync.c
@@ -288,11 +288,16 @@ static void ip_vs_process_message(const char *buffer, const size_t buflen)
288 char *p; 288 char *p;
289 int i; 289 int i;
290 290
291 if (buflen < sizeof(struct ip_vs_sync_mesg)) {
292 IP_VS_ERR_RL("sync message header too short\n");
293 return;
294 }
295
291 /* Convert size back to host byte order */ 296 /* Convert size back to host byte order */
292 m->size = ntohs(m->size); 297 m->size = ntohs(m->size);
293 298
294 if (buflen != m->size) { 299 if (buflen != m->size) {
295 IP_VS_ERR("bogus message\n"); 300 IP_VS_ERR_RL("bogus sync message size\n");
296 return; 301 return;
297 } 302 }
298 303
@@ -307,9 +312,48 @@ static void ip_vs_process_message(const char *buffer, const size_t buflen)
307 for (i=0; i<m->nr_conns; i++) { 312 for (i=0; i<m->nr_conns; i++) {
308 unsigned flags, state; 313 unsigned flags, state;
309 314
310 s = (struct ip_vs_sync_conn *)p; 315 if (p + SIMPLE_CONN_SIZE > buffer+buflen) {
316 IP_VS_ERR_RL("bogus conn in sync message\n");
317 return;
318 }
319 s = (struct ip_vs_sync_conn *) p;
311 flags = ntohs(s->flags) | IP_VS_CONN_F_SYNC; 320 flags = ntohs(s->flags) | IP_VS_CONN_F_SYNC;
321 flags &= ~IP_VS_CONN_F_HASHED;
322 if (flags & IP_VS_CONN_F_SEQ_MASK) {
323 opt = (struct ip_vs_sync_conn_options *)&s[1];
324 p += FULL_CONN_SIZE;
325 if (p > buffer+buflen) {
326 IP_VS_ERR_RL("bogus conn options in sync message\n");
327 return;
328 }
329 } else {
330 opt = NULL;
331 p += SIMPLE_CONN_SIZE;
332 }
333
312 state = ntohs(s->state); 334 state = ntohs(s->state);
335 if (!(flags & IP_VS_CONN_F_TEMPLATE)) {
336 pp = ip_vs_proto_get(s->protocol);
337 if (!pp) {
338 IP_VS_ERR_RL("Unsupported protocol %u in sync msg\n",
339 s->protocol);
340 continue;
341 }
342 if (state >= pp->num_states) {
343 IP_VS_DBG(2, "Invalid %s state %u in sync msg\n",
344 pp->name, state);
345 continue;
346 }
347 } else {
348 /* protocol in templates is not used for state/timeout */
349 pp = NULL;
350 if (state > 0) {
351 IP_VS_DBG(2, "Invalid template state %u in sync msg\n",
352 state);
353 state = 0;
354 }
355 }
356
313 if (!(flags & IP_VS_CONN_F_TEMPLATE)) 357 if (!(flags & IP_VS_CONN_F_TEMPLATE))
314 cp = ip_vs_conn_in_get(s->protocol, 358 cp = ip_vs_conn_in_get(s->protocol,
315 s->caddr, s->cport, 359 s->caddr, s->cport,
@@ -345,14 +389,9 @@ static void ip_vs_process_message(const char *buffer, const size_t buflen)
345 IP_VS_ERR("ip_vs_conn_new failed\n"); 389 IP_VS_ERR("ip_vs_conn_new failed\n");
346 return; 390 return;
347 } 391 }
348 cp->state = state;
349 } else if (!cp->dest) { 392 } else if (!cp->dest) {
350 dest = ip_vs_try_bind_dest(cp); 393 dest = ip_vs_try_bind_dest(cp);
351 if (!dest) { 394 if (dest)
352 /* it is an unbound entry created by
353 * synchronization */
354 cp->flags = flags | IP_VS_CONN_F_HASHED;
355 } else
356 atomic_dec(&dest->refcnt); 395 atomic_dec(&dest->refcnt);
357 } else if ((cp->dest) && (cp->protocol == IPPROTO_TCP) && 396 } else if ((cp->dest) && (cp->protocol == IPPROTO_TCP) &&
358 (cp->state != state)) { 397 (cp->state != state)) {
@@ -371,23 +410,22 @@ static void ip_vs_process_message(const char *buffer, const size_t buflen)
371 } 410 }
372 } 411 }
373 412
374 if (flags & IP_VS_CONN_F_SEQ_MASK) { 413 if (opt)
375 opt = (struct ip_vs_sync_conn_options *)&s[1];
376 memcpy(&cp->in_seq, opt, sizeof(*opt)); 414 memcpy(&cp->in_seq, opt, sizeof(*opt));
377 p += FULL_CONN_SIZE;
378 } else
379 p += SIMPLE_CONN_SIZE;
380
381 atomic_set(&cp->in_pkts, sysctl_ip_vs_sync_threshold[0]); 415 atomic_set(&cp->in_pkts, sysctl_ip_vs_sync_threshold[0]);
382 cp->state = state; 416 cp->state = state;
383 pp = ip_vs_proto_get(s->protocol); 417 cp->old_state = cp->state;
384 cp->timeout = pp->timeout_table[cp->state]; 418 /*
419 * We can not recover the right timeout for templates
420 * in all cases, we can not find the right fwmark
421 * virtual service. If needed, we can do it for
422 * non-fwmark persistent services.
423 */
424 if (!(flags & IP_VS_CONN_F_TEMPLATE) && pp->timeout_table)
425 cp->timeout = pp->timeout_table[state];
426 else
427 cp->timeout = (3*60*HZ);
385 ip_vs_conn_put(cp); 428 ip_vs_conn_put(cp);
386
387 if (p > buffer+buflen) {
388 IP_VS_ERR("bogus message\n");
389 return;
390 }
391 } 429 }
392} 430}
393 431
diff --git a/net/ipv4/netfilter/ip_queue.c b/net/ipv4/netfilter/ip_queue.c
index 719be29f7506..26a37cedcf2e 100644
--- a/net/ipv4/netfilter/ip_queue.c
+++ b/net/ipv4/netfilter/ip_queue.c
@@ -296,9 +296,8 @@ ipq_mangle_ipv4(ipq_verdict_msg_t *v, struct nf_queue_entry *e)
296 if (v->data_len > 0xFFFF) 296 if (v->data_len > 0xFFFF)
297 return -EINVAL; 297 return -EINVAL;
298 if (diff > skb_tailroom(e->skb)) { 298 if (diff > skb_tailroom(e->skb)) {
299 nskb = skb_copy_expand(e->skb, 0, 299 nskb = skb_copy_expand(e->skb, skb_headroom(e->skb),
300 diff - skb_tailroom(e->skb), 300 diff, GFP_ATOMIC);
301 GFP_ATOMIC);
302 if (!nskb) { 301 if (!nskb) {
303 printk(KERN_WARNING "ip_queue: error " 302 printk(KERN_WARNING "ip_queue: error "
304 "in mangle, dropping packet\n"); 303 "in mangle, dropping packet\n");
diff --git a/net/ipv4/netfilter/ipt_CLUSTERIP.c b/net/ipv4/netfilter/ipt_CLUSTERIP.c
index 22d8e7cd9197..1819ad7ab910 100644
--- a/net/ipv4/netfilter/ipt_CLUSTERIP.c
+++ b/net/ipv4/netfilter/ipt_CLUSTERIP.c
@@ -169,14 +169,14 @@ clusterip_config_init(const struct ipt_clusterip_tgt_info *i, __be32 ip,
169 169
170 /* create proc dir entry */ 170 /* create proc dir entry */
171 sprintf(buffer, "%u.%u.%u.%u", NIPQUAD(ip)); 171 sprintf(buffer, "%u.%u.%u.%u", NIPQUAD(ip));
172 c->pde = proc_create(buffer, S_IWUSR|S_IRUSR, 172 c->pde = proc_create_data(buffer, S_IWUSR|S_IRUSR,
173 clusterip_procdir, &clusterip_proc_fops); 173 clusterip_procdir,
174 &clusterip_proc_fops, c);
174 if (!c->pde) { 175 if (!c->pde) {
175 kfree(c); 176 kfree(c);
176 return NULL; 177 return NULL;
177 } 178 }
178 } 179 }
179 c->pde->data = c;
180#endif 180#endif
181 181
182 write_lock_bh(&clusterip_lock); 182 write_lock_bh(&clusterip_lock);
diff --git a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
index cacb9cb27dab..5a955c440364 100644
--- a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
+++ b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
@@ -303,7 +303,7 @@ getorigdst(struct sock *sk, int optval, void __user *user, int *len)
303 const struct nf_conntrack_tuple_hash *h; 303 const struct nf_conntrack_tuple_hash *h;
304 struct nf_conntrack_tuple tuple; 304 struct nf_conntrack_tuple tuple;
305 305
306 NF_CT_TUPLE_U_BLANK(&tuple); 306 memset(&tuple, 0, sizeof(tuple));
307 tuple.src.u3.ip = inet->rcv_saddr; 307 tuple.src.u3.ip = inet->rcv_saddr;
308 tuple.src.u.tcp.port = inet->sport; 308 tuple.src.u.tcp.port = inet->sport;
309 tuple.dst.u3.ip = inet->daddr; 309 tuple.dst.u3.ip = inet->daddr;
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index 780e9484c825..5e3685c5c407 100644
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -367,10 +367,10 @@ static int rt_cache_seq_show(struct seq_file *seq, void *v)
367 "HHUptod\tSpecDst"); 367 "HHUptod\tSpecDst");
368 else { 368 else {
369 struct rtable *r = v; 369 struct rtable *r = v;
370 char temp[256]; 370 int len;
371 371
372 sprintf(temp, "%s\t%08lX\t%08lX\t%8X\t%d\t%u\t%d\t" 372 seq_printf(seq, "%s\t%08lX\t%08lX\t%8X\t%d\t%u\t%d\t"
373 "%08lX\t%d\t%u\t%u\t%02X\t%d\t%1d\t%08X", 373 "%08lX\t%d\t%u\t%u\t%02X\t%d\t%1d\t%08X%n",
374 r->u.dst.dev ? r->u.dst.dev->name : "*", 374 r->u.dst.dev ? r->u.dst.dev->name : "*",
375 (unsigned long)r->rt_dst, (unsigned long)r->rt_gateway, 375 (unsigned long)r->rt_dst, (unsigned long)r->rt_gateway,
376 r->rt_flags, atomic_read(&r->u.dst.__refcnt), 376 r->rt_flags, atomic_read(&r->u.dst.__refcnt),
@@ -384,8 +384,9 @@ static int rt_cache_seq_show(struct seq_file *seq, void *v)
384 r->u.dst.hh ? atomic_read(&r->u.dst.hh->hh_refcnt) : -1, 384 r->u.dst.hh ? atomic_read(&r->u.dst.hh->hh_refcnt) : -1,
385 r->u.dst.hh ? (r->u.dst.hh->hh_output == 385 r->u.dst.hh ? (r->u.dst.hh->hh_output ==
386 dev_queue_xmit) : 0, 386 dev_queue_xmit) : 0,
387 r->rt_spec_dst); 387 r->rt_spec_dst, &len);
388 seq_printf(seq, "%-127s\n", temp); 388
389 seq_printf(seq, "%*s\n", 127 - len, "");
389 } 390 }
390 return 0; 391 return 0;
391} 392}
@@ -1429,11 +1430,13 @@ static inline unsigned short guess_mtu(unsigned short old_mtu)
1429} 1430}
1430 1431
1431unsigned short ip_rt_frag_needed(struct net *net, struct iphdr *iph, 1432unsigned short ip_rt_frag_needed(struct net *net, struct iphdr *iph,
1432 unsigned short new_mtu) 1433 unsigned short new_mtu,
1434 struct net_device *dev)
1433{ 1435{
1434 int i; 1436 int i, k;
1435 unsigned short old_mtu = ntohs(iph->tot_len); 1437 unsigned short old_mtu = ntohs(iph->tot_len);
1436 struct rtable *rth; 1438 struct rtable *rth;
1439 int ikeys[2] = { dev->ifindex, 0 };
1437 __be32 skeys[2] = { iph->saddr, 0, }; 1440 __be32 skeys[2] = { iph->saddr, 0, };
1438 __be32 daddr = iph->daddr; 1441 __be32 daddr = iph->daddr;
1439 unsigned short est_mtu = 0; 1442 unsigned short est_mtu = 0;
@@ -1441,22 +1444,26 @@ unsigned short ip_rt_frag_needed(struct net *net, struct iphdr *iph,
1441 if (ipv4_config.no_pmtu_disc) 1444 if (ipv4_config.no_pmtu_disc)
1442 return 0; 1445 return 0;
1443 1446
1444 for (i = 0; i < 2; i++) { 1447 for (k = 0; k < 2; k++) {
1445 unsigned hash = rt_hash(daddr, skeys[i], 0); 1448 for (i = 0; i < 2; i++) {
1449 unsigned hash = rt_hash(daddr, skeys[i], ikeys[k]);
1446 1450
1447 rcu_read_lock(); 1451 rcu_read_lock();
1448 for (rth = rcu_dereference(rt_hash_table[hash].chain); rth; 1452 for (rth = rcu_dereference(rt_hash_table[hash].chain); rth;
1449 rth = rcu_dereference(rth->u.dst.rt_next)) { 1453 rth = rcu_dereference(rth->u.dst.rt_next)) {
1450 if (rth->fl.fl4_dst == daddr &&
1451 rth->fl.fl4_src == skeys[i] &&
1452 rth->rt_dst == daddr &&
1453 rth->rt_src == iph->saddr &&
1454 rth->fl.iif == 0 &&
1455 !(dst_metric_locked(&rth->u.dst, RTAX_MTU)) &&
1456 net_eq(dev_net(rth->u.dst.dev), net) &&
1457 rth->rt_genid == atomic_read(&rt_genid)) {
1458 unsigned short mtu = new_mtu; 1454 unsigned short mtu = new_mtu;
1459 1455
1456 if (rth->fl.fl4_dst != daddr ||
1457 rth->fl.fl4_src != skeys[i] ||
1458 rth->rt_dst != daddr ||
1459 rth->rt_src != iph->saddr ||
1460 rth->fl.oif != ikeys[k] ||
1461 rth->fl.iif != 0 ||
1462 dst_metric_locked(&rth->u.dst, RTAX_MTU) ||
1463 !net_eq(dev_net(rth->u.dst.dev), net) ||
1464 rth->rt_genid != atomic_read(&rt_genid))
1465 continue;
1466
1460 if (new_mtu < 68 || new_mtu >= old_mtu) { 1467 if (new_mtu < 68 || new_mtu >= old_mtu) {
1461 1468
1462 /* BSD 4.2 compatibility hack :-( */ 1469 /* BSD 4.2 compatibility hack :-( */
@@ -1482,8 +1489,8 @@ unsigned short ip_rt_frag_needed(struct net *net, struct iphdr *iph,
1482 est_mtu = mtu; 1489 est_mtu = mtu;
1483 } 1490 }
1484 } 1491 }
1492 rcu_read_unlock();
1485 } 1493 }
1486 rcu_read_unlock();
1487 } 1494 }
1488 return est_mtu ? : new_mtu; 1495 return est_mtu ? : new_mtu;
1489} 1496}
diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
index 58ac838bf460..f88653138621 100644
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -1722,7 +1722,7 @@ static int tcp_close_state(struct sock *sk)
1722 1722
1723/* 1723/*
1724 * Shutdown the sending side of a connection. Much like close except 1724 * Shutdown the sending side of a connection. Much like close except
1725 * that we don't receive shut down or set_sock_flag(sk, SOCK_DEAD). 1725 * that we don't receive shut down or sock_set_flag(sk, SOCK_DEAD).
1726 */ 1726 */
1727 1727
1728void tcp_shutdown(struct sock *sk, int how) 1728void tcp_shutdown(struct sock *sk, int how)
diff --git a/net/ipv4/tcp_cong.c b/net/ipv4/tcp_cong.c
index 3a6be23d222f..6a250828b767 100644
--- a/net/ipv4/tcp_cong.c
+++ b/net/ipv4/tcp_cong.c
@@ -285,14 +285,12 @@ int tcp_is_cwnd_limited(const struct sock *sk, u32 in_flight)
285 if (in_flight >= tp->snd_cwnd) 285 if (in_flight >= tp->snd_cwnd)
286 return 1; 286 return 1;
287 287
288 if (!sk_can_gso(sk))
289 return 0;
290
291 left = tp->snd_cwnd - in_flight; 288 left = tp->snd_cwnd - in_flight;
292 if (sysctl_tcp_tso_win_divisor) 289 if (sk_can_gso(sk) &&
293 return left * sysctl_tcp_tso_win_divisor < tp->snd_cwnd; 290 left * sysctl_tcp_tso_win_divisor < tp->snd_cwnd &&
294 else 291 left * tp->mss_cache < sk->sk_gso_max_size)
295 return left <= tcp_max_burst(tp); 292 return 1;
293 return left <= tcp_max_burst(tp);
296} 294}
297EXPORT_SYMBOL_GPL(tcp_is_cwnd_limited); 295EXPORT_SYMBOL_GPL(tcp_is_cwnd_limited);
298 296
diff --git a/net/ipv4/tcp_cubic.c b/net/ipv4/tcp_cubic.c
index eb5b9854c8c7..4a1221e5e8ee 100644
--- a/net/ipv4/tcp_cubic.c
+++ b/net/ipv4/tcp_cubic.c
@@ -15,8 +15,8 @@
15 15
16#include <linux/mm.h> 16#include <linux/mm.h>
17#include <linux/module.h> 17#include <linux/module.h>
18#include <linux/math64.h>
18#include <net/tcp.h> 19#include <net/tcp.h>
19#include <asm/div64.h>
20 20
21#define BICTCP_BETA_SCALE 1024 /* Scale factor beta calculation 21#define BICTCP_BETA_SCALE 1024 /* Scale factor beta calculation
22 * max_cwnd = snd_cwnd * beta 22 * max_cwnd = snd_cwnd * beta
@@ -128,7 +128,7 @@ static u32 cubic_root(u64 a)
128 * x = ( 2 * x + a / x ) / 3 128 * x = ( 2 * x + a / x ) / 3
129 * k+1 k k 129 * k+1 k k
130 */ 130 */
131 x = (2 * x + (u32)div64_64(a, (u64)x * (u64)(x - 1))); 131 x = (2 * x + (u32)div64_u64(a, (u64)x * (u64)(x - 1)));
132 x = ((x * 341) >> 10); 132 x = ((x * 341) >> 10);
133 return x; 133 return x;
134} 134}
diff --git a/net/ipv4/tcp_hybla.c b/net/ipv4/tcp_hybla.c
index 44618b675916..bfcbd148a89d 100644
--- a/net/ipv4/tcp_hybla.c
+++ b/net/ipv4/tcp_hybla.c
@@ -101,8 +101,10 @@ static void hybla_cong_avoid(struct sock *sk, u32 ack, u32 in_flight)
101 if (!tcp_is_cwnd_limited(sk, in_flight)) 101 if (!tcp_is_cwnd_limited(sk, in_flight))
102 return; 102 return;
103 103
104 if (!ca->hybla_en) 104 if (!ca->hybla_en) {
105 return tcp_reno_cong_avoid(sk, ack, in_flight); 105 tcp_reno_cong_avoid(sk, ack, in_flight);
106 return;
107 }
106 108
107 if (ca->rho == 0) 109 if (ca->rho == 0)
108 hybla_recalc_param(sk); 110 hybla_recalc_param(sk);
diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c
index cdc051bfdb4d..eda4f4a233f3 100644
--- a/net/ipv4/tcp_input.c
+++ b/net/ipv4/tcp_input.c
@@ -1172,8 +1172,8 @@ static int tcp_check_dsack(struct tcp_sock *tp, struct sk_buff *ack_skb,
1172 struct tcp_sack_block_wire *sp, int num_sacks, 1172 struct tcp_sack_block_wire *sp, int num_sacks,
1173 u32 prior_snd_una) 1173 u32 prior_snd_una)
1174{ 1174{
1175 u32 start_seq_0 = ntohl(get_unaligned(&sp[0].start_seq)); 1175 u32 start_seq_0 = get_unaligned_be32(&sp[0].start_seq);
1176 u32 end_seq_0 = ntohl(get_unaligned(&sp[0].end_seq)); 1176 u32 end_seq_0 = get_unaligned_be32(&sp[0].end_seq);
1177 int dup_sack = 0; 1177 int dup_sack = 0;
1178 1178
1179 if (before(start_seq_0, TCP_SKB_CB(ack_skb)->ack_seq)) { 1179 if (before(start_seq_0, TCP_SKB_CB(ack_skb)->ack_seq)) {
@@ -1181,8 +1181,8 @@ static int tcp_check_dsack(struct tcp_sock *tp, struct sk_buff *ack_skb,
1181 tcp_dsack_seen(tp); 1181 tcp_dsack_seen(tp);
1182 NET_INC_STATS_BH(LINUX_MIB_TCPDSACKRECV); 1182 NET_INC_STATS_BH(LINUX_MIB_TCPDSACKRECV);
1183 } else if (num_sacks > 1) { 1183 } else if (num_sacks > 1) {
1184 u32 end_seq_1 = ntohl(get_unaligned(&sp[1].end_seq)); 1184 u32 end_seq_1 = get_unaligned_be32(&sp[1].end_seq);
1185 u32 start_seq_1 = ntohl(get_unaligned(&sp[1].start_seq)); 1185 u32 start_seq_1 = get_unaligned_be32(&sp[1].start_seq);
1186 1186
1187 if (!after(end_seq_0, end_seq_1) && 1187 if (!after(end_seq_0, end_seq_1) &&
1188 !before(start_seq_0, start_seq_1)) { 1188 !before(start_seq_0, start_seq_1)) {
@@ -1453,8 +1453,8 @@ tcp_sacktag_write_queue(struct sock *sk, struct sk_buff *ack_skb,
1453 for (i = 0; i < num_sacks; i++) { 1453 for (i = 0; i < num_sacks; i++) {
1454 int dup_sack = !i && found_dup_sack; 1454 int dup_sack = !i && found_dup_sack;
1455 1455
1456 sp[used_sacks].start_seq = ntohl(get_unaligned(&sp_wire[i].start_seq)); 1456 sp[used_sacks].start_seq = get_unaligned_be32(&sp_wire[i].start_seq);
1457 sp[used_sacks].end_seq = ntohl(get_unaligned(&sp_wire[i].end_seq)); 1457 sp[used_sacks].end_seq = get_unaligned_be32(&sp_wire[i].end_seq);
1458 1458
1459 if (!tcp_is_sackblock_valid(tp, dup_sack, 1459 if (!tcp_is_sackblock_valid(tp, dup_sack,
1460 sp[used_sacks].start_seq, 1460 sp[used_sacks].start_seq,
@@ -2298,7 +2298,7 @@ static inline int tcp_packet_delayed(struct tcp_sock *tp)
2298{ 2298{
2299 return !tp->retrans_stamp || 2299 return !tp->retrans_stamp ||
2300 (tp->rx_opt.saw_tstamp && tp->rx_opt.rcv_tsecr && 2300 (tp->rx_opt.saw_tstamp && tp->rx_opt.rcv_tsecr &&
2301 (__s32)(tp->rx_opt.rcv_tsecr - tp->retrans_stamp) < 0); 2301 before(tp->rx_opt.rcv_tsecr, tp->retrans_stamp));
2302} 2302}
2303 2303
2304/* Undo procedures. */ 2304/* Undo procedures. */
@@ -3340,7 +3340,7 @@ void tcp_parse_options(struct sk_buff *skb, struct tcp_options_received *opt_rx,
3340 switch (opcode) { 3340 switch (opcode) {
3341 case TCPOPT_MSS: 3341 case TCPOPT_MSS:
3342 if (opsize == TCPOLEN_MSS && th->syn && !estab) { 3342 if (opsize == TCPOLEN_MSS && th->syn && !estab) {
3343 u16 in_mss = ntohs(get_unaligned((__be16 *)ptr)); 3343 u16 in_mss = get_unaligned_be16(ptr);
3344 if (in_mss) { 3344 if (in_mss) {
3345 if (opt_rx->user_mss && 3345 if (opt_rx->user_mss &&
3346 opt_rx->user_mss < in_mss) 3346 opt_rx->user_mss < in_mss)
@@ -3369,8 +3369,8 @@ void tcp_parse_options(struct sk_buff *skb, struct tcp_options_received *opt_rx,
3369 ((estab && opt_rx->tstamp_ok) || 3369 ((estab && opt_rx->tstamp_ok) ||
3370 (!estab && sysctl_tcp_timestamps))) { 3370 (!estab && sysctl_tcp_timestamps))) {
3371 opt_rx->saw_tstamp = 1; 3371 opt_rx->saw_tstamp = 1;
3372 opt_rx->rcv_tsval = ntohl(get_unaligned((__be32 *)ptr)); 3372 opt_rx->rcv_tsval = get_unaligned_be32(ptr);
3373 opt_rx->rcv_tsecr = ntohl(get_unaligned((__be32 *)(ptr+4))); 3373 opt_rx->rcv_tsecr = get_unaligned_be32(ptr + 4);
3374 } 3374 }
3375 break; 3375 break;
3376 case TCPOPT_SACK_PERM: 3376 case TCPOPT_SACK_PERM:
@@ -4925,8 +4925,7 @@ step5:
4925 tcp_data_snd_check(sk); 4925 tcp_data_snd_check(sk);
4926 tcp_ack_snd_check(sk); 4926 tcp_ack_snd_check(sk);
4927 4927
4928 if (tcp_defer_accept_check(sk)) 4928 tcp_defer_accept_check(sk);
4929 return -1;
4930 return 0; 4929 return 0;
4931 4930
4932csum_error: 4931csum_error:
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
index 776615180b93..cd601a866c2f 100644
--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c
@@ -2214,9 +2214,6 @@ static int tcp_seq_open(struct inode *inode, struct file *file)
2214 struct tcp_iter_state *s; 2214 struct tcp_iter_state *s;
2215 int err; 2215 int err;
2216 2216
2217 if (unlikely(afinfo == NULL))
2218 return -EINVAL;
2219
2220 err = seq_open_net(inode, file, &afinfo->seq_ops, 2217 err = seq_open_net(inode, file, &afinfo->seq_ops,
2221 sizeof(struct tcp_iter_state)); 2218 sizeof(struct tcp_iter_state));
2222 if (err < 0) 2219 if (err < 0)
@@ -2241,10 +2238,9 @@ int tcp_proc_register(struct net *net, struct tcp_seq_afinfo *afinfo)
2241 afinfo->seq_ops.next = tcp_seq_next; 2238 afinfo->seq_ops.next = tcp_seq_next;
2242 afinfo->seq_ops.stop = tcp_seq_stop; 2239 afinfo->seq_ops.stop = tcp_seq_stop;
2243 2240
2244 p = proc_net_fops_create(net, afinfo->name, S_IRUGO, &afinfo->seq_fops); 2241 p = proc_create_data(afinfo->name, S_IRUGO, net->proc_net,
2245 if (p) 2242 &afinfo->seq_fops, afinfo);
2246 p->data = afinfo; 2243 if (!p)
2247 else
2248 rc = -ENOMEM; 2244 rc = -ENOMEM;
2249 return rc; 2245 return rc;
2250} 2246}
@@ -2255,13 +2251,13 @@ void tcp_proc_unregister(struct net *net, struct tcp_seq_afinfo *afinfo)
2255} 2251}
2256 2252
2257static void get_openreq4(struct sock *sk, struct request_sock *req, 2253static void get_openreq4(struct sock *sk, struct request_sock *req,
2258 char *tmpbuf, int i, int uid) 2254 struct seq_file *f, int i, int uid, int *len)
2259{ 2255{
2260 const struct inet_request_sock *ireq = inet_rsk(req); 2256 const struct inet_request_sock *ireq = inet_rsk(req);
2261 int ttd = req->expires - jiffies; 2257 int ttd = req->expires - jiffies;
2262 2258
2263 sprintf(tmpbuf, "%4d: %08X:%04X %08X:%04X" 2259 seq_printf(f, "%4d: %08X:%04X %08X:%04X"
2264 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %u %d %p", 2260 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %u %d %p%n",
2265 i, 2261 i,
2266 ireq->loc_addr, 2262 ireq->loc_addr,
2267 ntohs(inet_sk(sk)->sport), 2263 ntohs(inet_sk(sk)->sport),
@@ -2276,10 +2272,11 @@ static void get_openreq4(struct sock *sk, struct request_sock *req,
2276 0, /* non standard timer */ 2272 0, /* non standard timer */
2277 0, /* open_requests have no inode */ 2273 0, /* open_requests have no inode */
2278 atomic_read(&sk->sk_refcnt), 2274 atomic_read(&sk->sk_refcnt),
2279 req); 2275 req,
2276 len);
2280} 2277}
2281 2278
2282static void get_tcp4_sock(struct sock *sk, char *tmpbuf, int i) 2279static void get_tcp4_sock(struct sock *sk, struct seq_file *f, int i, int *len)
2283{ 2280{
2284 int timer_active; 2281 int timer_active;
2285 unsigned long timer_expires; 2282 unsigned long timer_expires;
@@ -2305,8 +2302,8 @@ static void get_tcp4_sock(struct sock *sk, char *tmpbuf, int i)
2305 timer_expires = jiffies; 2302 timer_expires = jiffies;
2306 } 2303 }
2307 2304
2308 sprintf(tmpbuf, "%4d: %08X:%04X %08X:%04X %02X %08X:%08X %02X:%08lX " 2305 seq_printf(f, "%4d: %08X:%04X %08X:%04X %02X %08X:%08X %02X:%08lX "
2309 "%08X %5d %8d %lu %d %p %u %u %u %u %d", 2306 "%08X %5d %8d %lu %d %p %u %u %u %u %d%n",
2310 i, src, srcp, dest, destp, sk->sk_state, 2307 i, src, srcp, dest, destp, sk->sk_state,
2311 tp->write_seq - tp->snd_una, 2308 tp->write_seq - tp->snd_una,
2312 sk->sk_state == TCP_LISTEN ? sk->sk_ack_backlog : 2309 sk->sk_state == TCP_LISTEN ? sk->sk_ack_backlog :
@@ -2322,11 +2319,12 @@ static void get_tcp4_sock(struct sock *sk, char *tmpbuf, int i)
2322 icsk->icsk_ack.ato, 2319 icsk->icsk_ack.ato,
2323 (icsk->icsk_ack.quick << 1) | icsk->icsk_ack.pingpong, 2320 (icsk->icsk_ack.quick << 1) | icsk->icsk_ack.pingpong,
2324 tp->snd_cwnd, 2321 tp->snd_cwnd,
2325 tp->snd_ssthresh >= 0xFFFF ? -1 : tp->snd_ssthresh); 2322 tp->snd_ssthresh >= 0xFFFF ? -1 : tp->snd_ssthresh,
2323 len);
2326} 2324}
2327 2325
2328static void get_timewait4_sock(struct inet_timewait_sock *tw, 2326static void get_timewait4_sock(struct inet_timewait_sock *tw,
2329 char *tmpbuf, int i) 2327 struct seq_file *f, int i, int *len)
2330{ 2328{
2331 __be32 dest, src; 2329 __be32 dest, src;
2332 __u16 destp, srcp; 2330 __u16 destp, srcp;
@@ -2340,11 +2338,11 @@ static void get_timewait4_sock(struct inet_timewait_sock *tw,
2340 destp = ntohs(tw->tw_dport); 2338 destp = ntohs(tw->tw_dport);
2341 srcp = ntohs(tw->tw_sport); 2339 srcp = ntohs(tw->tw_sport);
2342 2340
2343 sprintf(tmpbuf, "%4d: %08X:%04X %08X:%04X" 2341 seq_printf(f, "%4d: %08X:%04X %08X:%04X"
2344 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p", 2342 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p%n",
2345 i, src, srcp, dest, destp, tw->tw_substate, 0, 0, 2343 i, src, srcp, dest, destp, tw->tw_substate, 0, 0,
2346 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0, 2344 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0,
2347 atomic_read(&tw->tw_refcnt), tw); 2345 atomic_read(&tw->tw_refcnt), tw, len);
2348} 2346}
2349 2347
2350#define TMPSZ 150 2348#define TMPSZ 150
@@ -2352,7 +2350,7 @@ static void get_timewait4_sock(struct inet_timewait_sock *tw,
2352static int tcp4_seq_show(struct seq_file *seq, void *v) 2350static int tcp4_seq_show(struct seq_file *seq, void *v)
2353{ 2351{
2354 struct tcp_iter_state* st; 2352 struct tcp_iter_state* st;
2355 char tmpbuf[TMPSZ + 1]; 2353 int len;
2356 2354
2357 if (v == SEQ_START_TOKEN) { 2355 if (v == SEQ_START_TOKEN) {
2358 seq_printf(seq, "%-*s\n", TMPSZ - 1, 2356 seq_printf(seq, "%-*s\n", TMPSZ - 1,
@@ -2366,16 +2364,16 @@ static int tcp4_seq_show(struct seq_file *seq, void *v)
2366 switch (st->state) { 2364 switch (st->state) {
2367 case TCP_SEQ_STATE_LISTENING: 2365 case TCP_SEQ_STATE_LISTENING:
2368 case TCP_SEQ_STATE_ESTABLISHED: 2366 case TCP_SEQ_STATE_ESTABLISHED:
2369 get_tcp4_sock(v, tmpbuf, st->num); 2367 get_tcp4_sock(v, seq, st->num, &len);
2370 break; 2368 break;
2371 case TCP_SEQ_STATE_OPENREQ: 2369 case TCP_SEQ_STATE_OPENREQ:
2372 get_openreq4(st->syn_wait_sk, v, tmpbuf, st->num, st->uid); 2370 get_openreq4(st->syn_wait_sk, v, seq, st->num, st->uid, &len);
2373 break; 2371 break;
2374 case TCP_SEQ_STATE_TIME_WAIT: 2372 case TCP_SEQ_STATE_TIME_WAIT:
2375 get_timewait4_sock(v, tmpbuf, st->num); 2373 get_timewait4_sock(v, seq, st->num, &len);
2376 break; 2374 break;
2377 } 2375 }
2378 seq_printf(seq, "%-*s\n", TMPSZ - 1, tmpbuf); 2376 seq_printf(seq, "%*s\n", TMPSZ - 1 - len, "");
2379out: 2377out:
2380 return 0; 2378 return 0;
2381} 2379}
diff --git a/net/ipv4/tcp_probe.c b/net/ipv4/tcp_probe.c
index 1c509592574a..5ff0ce6e9d39 100644
--- a/net/ipv4/tcp_probe.c
+++ b/net/ipv4/tcp_probe.c
@@ -190,19 +190,18 @@ static ssize_t tcpprobe_read(struct file *file, char __user *buf,
190 190
191 width = tcpprobe_sprint(tbuf, sizeof(tbuf)); 191 width = tcpprobe_sprint(tbuf, sizeof(tbuf));
192 192
193 if (width < len) 193 if (cnt + width < len)
194 tcp_probe.tail = (tcp_probe.tail + 1) % bufsize; 194 tcp_probe.tail = (tcp_probe.tail + 1) % bufsize;
195 195
196 spin_unlock_bh(&tcp_probe.lock); 196 spin_unlock_bh(&tcp_probe.lock);
197 197
198 /* if record greater than space available 198 /* if record greater than space available
199 return partial buffer (so far) */ 199 return partial buffer (so far) */
200 if (width >= len) 200 if (cnt + width >= len)
201 break; 201 break;
202 202
203 error = copy_to_user(buf + cnt, tbuf, width); 203 if (copy_to_user(buf + cnt, tbuf, width))
204 if (error) 204 return -EFAULT;
205 break;
206 cnt += width; 205 cnt += width;
207 } 206 }
208 207
diff --git a/net/ipv4/tcp_vegas.c b/net/ipv4/tcp_vegas.c
index be24d6ee34bd..14504dada116 100644
--- a/net/ipv4/tcp_vegas.c
+++ b/net/ipv4/tcp_vegas.c
@@ -167,8 +167,10 @@ static void tcp_vegas_cong_avoid(struct sock *sk, u32 ack, u32 in_flight)
167 struct tcp_sock *tp = tcp_sk(sk); 167 struct tcp_sock *tp = tcp_sk(sk);
168 struct vegas *vegas = inet_csk_ca(sk); 168 struct vegas *vegas = inet_csk_ca(sk);
169 169
170 if (!vegas->doing_vegas_now) 170 if (!vegas->doing_vegas_now) {
171 return tcp_reno_cong_avoid(sk, ack, in_flight); 171 tcp_reno_cong_avoid(sk, ack, in_flight);
172 return;
173 }
172 174
173 /* The key players are v_beg_snd_una and v_beg_snd_nxt. 175 /* The key players are v_beg_snd_una and v_beg_snd_nxt.
174 * 176 *
@@ -229,7 +231,8 @@ static void tcp_vegas_cong_avoid(struct sock *sk, u32 ack, u32 in_flight)
229 */ 231 */
230 tcp_reno_cong_avoid(sk, ack, in_flight); 232 tcp_reno_cong_avoid(sk, ack, in_flight);
231 } else { 233 } else {
232 u32 rtt, target_cwnd, diff; 234 u32 rtt, diff;
235 u64 target_cwnd;
233 236
234 /* We have enough RTT samples, so, using the Vegas 237 /* We have enough RTT samples, so, using the Vegas
235 * algorithm, we determine if we should increase or 238 * algorithm, we determine if we should increase or
@@ -252,8 +255,9 @@ static void tcp_vegas_cong_avoid(struct sock *sk, u32 ack, u32 in_flight)
252 * We keep it as a fixed point number with 255 * We keep it as a fixed point number with
253 * V_PARAM_SHIFT bits to the right of the binary point. 256 * V_PARAM_SHIFT bits to the right of the binary point.
254 */ 257 */
255 target_cwnd = ((old_wnd * vegas->baseRTT) 258 target_cwnd = ((u64)old_wnd * vegas->baseRTT);
256 << V_PARAM_SHIFT) / rtt; 259 target_cwnd <<= V_PARAM_SHIFT;
260 do_div(target_cwnd, rtt);
257 261
258 /* Calculate the difference between the window we had, 262 /* Calculate the difference between the window we had,
259 * and the window we would like to have. This quantity 263 * and the window we would like to have. This quantity
@@ -279,7 +283,7 @@ static void tcp_vegas_cong_avoid(struct sock *sk, u32 ack, u32 in_flight)
279 * utilization. 283 * utilization.
280 */ 284 */
281 tp->snd_cwnd = min(tp->snd_cwnd, 285 tp->snd_cwnd = min(tp->snd_cwnd,
282 (target_cwnd >> 286 ((u32)target_cwnd >>
283 V_PARAM_SHIFT)+1); 287 V_PARAM_SHIFT)+1);
284 288
285 } else if (tp->snd_cwnd <= tp->snd_ssthresh) { 289 } else if (tp->snd_cwnd <= tp->snd_ssthresh) {
diff --git a/net/ipv4/tcp_veno.c b/net/ipv4/tcp_veno.c
index d16689e98516..d08b2e855c22 100644
--- a/net/ipv4/tcp_veno.c
+++ b/net/ipv4/tcp_veno.c
@@ -119,8 +119,10 @@ static void tcp_veno_cong_avoid(struct sock *sk, u32 ack, u32 in_flight)
119 struct tcp_sock *tp = tcp_sk(sk); 119 struct tcp_sock *tp = tcp_sk(sk);
120 struct veno *veno = inet_csk_ca(sk); 120 struct veno *veno = inet_csk_ca(sk);
121 121
122 if (!veno->doing_veno_now) 122 if (!veno->doing_veno_now) {
123 return tcp_reno_cong_avoid(sk, ack, in_flight); 123 tcp_reno_cong_avoid(sk, ack, in_flight);
124 return;
125 }
124 126
125 /* limited by applications */ 127 /* limited by applications */
126 if (!tcp_is_cwnd_limited(sk, in_flight)) 128 if (!tcp_is_cwnd_limited(sk, in_flight))
@@ -133,7 +135,8 @@ static void tcp_veno_cong_avoid(struct sock *sk, u32 ack, u32 in_flight)
133 */ 135 */
134 tcp_reno_cong_avoid(sk, ack, in_flight); 136 tcp_reno_cong_avoid(sk, ack, in_flight);
135 } else { 137 } else {
136 u32 rtt, target_cwnd; 138 u64 target_cwnd;
139 u32 rtt;
137 140
138 /* We have enough rtt samples, so, using the Veno 141 /* We have enough rtt samples, so, using the Veno
139 * algorithm, we determine the state of the network. 142 * algorithm, we determine the state of the network.
@@ -141,8 +144,9 @@ static void tcp_veno_cong_avoid(struct sock *sk, u32 ack, u32 in_flight)
141 144
142 rtt = veno->minrtt; 145 rtt = veno->minrtt;
143 146
144 target_cwnd = ((tp->snd_cwnd * veno->basertt) 147 target_cwnd = (tp->snd_cwnd * veno->basertt);
145 << V_PARAM_SHIFT) / rtt; 148 target_cwnd <<= V_PARAM_SHIFT;
149 do_div(target_cwnd, rtt);
146 150
147 veno->diff = (tp->snd_cwnd << V_PARAM_SHIFT) - target_cwnd; 151 veno->diff = (tp->snd_cwnd << V_PARAM_SHIFT) - target_cwnd;
148 152
diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c
index b053ac795275..db1cb7c96d63 100644
--- a/net/ipv4/udp.c
+++ b/net/ipv4/udp.c
@@ -1605,10 +1605,9 @@ int udp_proc_register(struct net *net, struct udp_seq_afinfo *afinfo)
1605 afinfo->seq_ops.next = udp_seq_next; 1605 afinfo->seq_ops.next = udp_seq_next;
1606 afinfo->seq_ops.stop = udp_seq_stop; 1606 afinfo->seq_ops.stop = udp_seq_stop;
1607 1607
1608 p = proc_net_fops_create(net, afinfo->name, S_IRUGO, &afinfo->seq_fops); 1608 p = proc_create_data(afinfo->name, S_IRUGO, net->proc_net,
1609 if (p) 1609 &afinfo->seq_fops, afinfo);
1610 p->data = afinfo; 1610 if (!p)
1611 else
1612 rc = -ENOMEM; 1611 rc = -ENOMEM;
1613 return rc; 1612 return rc;
1614} 1613}
@@ -1619,7 +1618,8 @@ void udp_proc_unregister(struct net *net, struct udp_seq_afinfo *afinfo)
1619} 1618}
1620 1619
1621/* ------------------------------------------------------------------------ */ 1620/* ------------------------------------------------------------------------ */
1622static void udp4_format_sock(struct sock *sp, char *tmpbuf, int bucket) 1621static void udp4_format_sock(struct sock *sp, struct seq_file *f,
1622 int bucket, int *len)
1623{ 1623{
1624 struct inet_sock *inet = inet_sk(sp); 1624 struct inet_sock *inet = inet_sk(sp);
1625 __be32 dest = inet->daddr; 1625 __be32 dest = inet->daddr;
@@ -1627,13 +1627,13 @@ static void udp4_format_sock(struct sock *sp, char *tmpbuf, int bucket)
1627 __u16 destp = ntohs(inet->dport); 1627 __u16 destp = ntohs(inet->dport);
1628 __u16 srcp = ntohs(inet->sport); 1628 __u16 srcp = ntohs(inet->sport);
1629 1629
1630 sprintf(tmpbuf, "%4d: %08X:%04X %08X:%04X" 1630 seq_printf(f, "%4d: %08X:%04X %08X:%04X"
1631 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p", 1631 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p%n",
1632 bucket, src, srcp, dest, destp, sp->sk_state, 1632 bucket, src, srcp, dest, destp, sp->sk_state,
1633 atomic_read(&sp->sk_wmem_alloc), 1633 atomic_read(&sp->sk_wmem_alloc),
1634 atomic_read(&sp->sk_rmem_alloc), 1634 atomic_read(&sp->sk_rmem_alloc),
1635 0, 0L, 0, sock_i_uid(sp), 0, sock_i_ino(sp), 1635 0, 0L, 0, sock_i_uid(sp), 0, sock_i_ino(sp),
1636 atomic_read(&sp->sk_refcnt), sp); 1636 atomic_read(&sp->sk_refcnt), sp, len);
1637} 1637}
1638 1638
1639int udp4_seq_show(struct seq_file *seq, void *v) 1639int udp4_seq_show(struct seq_file *seq, void *v)
@@ -1644,11 +1644,11 @@ int udp4_seq_show(struct seq_file *seq, void *v)
1644 "rx_queue tr tm->when retrnsmt uid timeout " 1644 "rx_queue tr tm->when retrnsmt uid timeout "
1645 "inode"); 1645 "inode");
1646 else { 1646 else {
1647 char tmpbuf[129];
1648 struct udp_iter_state *state = seq->private; 1647 struct udp_iter_state *state = seq->private;
1648 int len;
1649 1649
1650 udp4_format_sock(v, tmpbuf, state->bucket); 1650 udp4_format_sock(v, seq, state->bucket, &len);
1651 seq_printf(seq, "%-127s\n", tmpbuf); 1651 seq_printf(seq, "%*s\n", 127 - len ,"");
1652 } 1652 }
1653 return 0; 1653 return 0;
1654} 1654}
diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
index 8a0fd4007bdb..e591e09e5e4e 100644
--- a/net/ipv6/addrconf.c
+++ b/net/ipv6/addrconf.c
@@ -4338,12 +4338,6 @@ int unregister_inet6addr_notifier(struct notifier_block *nb)
4338 4338
4339EXPORT_SYMBOL(unregister_inet6addr_notifier); 4339EXPORT_SYMBOL(unregister_inet6addr_notifier);
4340 4340
4341
4342static int addrconf_net_init(struct net *net)
4343{
4344 return 0;
4345}
4346
4347static void addrconf_net_exit(struct net *net) 4341static void addrconf_net_exit(struct net *net)
4348{ 4342{
4349 struct net_device *dev; 4343 struct net_device *dev;
@@ -4360,7 +4354,6 @@ static void addrconf_net_exit(struct net *net)
4360} 4354}
4361 4355
4362static struct pernet_operations addrconf_net_ops = { 4356static struct pernet_operations addrconf_net_ops = {
4363 .init = addrconf_net_init,
4364 .exit = addrconf_net_exit, 4357 .exit = addrconf_net_exit,
4365}; 4358};
4366 4359
diff --git a/net/ipv6/ip6_fib.c b/net/ipv6/ip6_fib.c
index 50f3f8f8a59b..1ee4fa17c129 100644
--- a/net/ipv6/ip6_fib.c
+++ b/net/ipv6/ip6_fib.c
@@ -1543,7 +1543,7 @@ out_timer:
1543static void fib6_net_exit(struct net *net) 1543static void fib6_net_exit(struct net *net)
1544{ 1544{
1545 rt6_ifdown(net, NULL); 1545 rt6_ifdown(net, NULL);
1546 del_timer(net->ipv6.ip6_fib_timer); 1546 del_timer_sync(net->ipv6.ip6_fib_timer);
1547 kfree(net->ipv6.ip6_fib_timer); 1547 kfree(net->ipv6.ip6_fib_timer);
1548#ifdef CONFIG_IPV6_MULTIPLE_TABLES 1548#ifdef CONFIG_IPV6_MULTIPLE_TABLES
1549 kfree(net->ipv6.fib6_local_tbl); 1549 kfree(net->ipv6.fib6_local_tbl);
diff --git a/net/ipv6/ip6mr.c b/net/ipv6/ip6mr.c
index c8c6e33d1163..2de3c464fe75 100644
--- a/net/ipv6/ip6mr.c
+++ b/net/ipv6/ip6mr.c
@@ -358,7 +358,7 @@ static int pim6_rcv(struct sk_buff *skb)
358 if (pim->type != ((PIM_VERSION << 4) | PIM_REGISTER) || 358 if (pim->type != ((PIM_VERSION << 4) | PIM_REGISTER) ||
359 (pim->flags & PIM_NULL_REGISTER) || 359 (pim->flags & PIM_NULL_REGISTER) ||
360 (ip_compute_csum((void *)pim, sizeof(*pim)) != 0 && 360 (ip_compute_csum((void *)pim, sizeof(*pim)) != 0 &&
361 (u16)csum_fold(skb_checksum(skb, 0, skb->len, 0)))) 361 csum_fold(skb_checksum(skb, 0, skb->len, 0))))
362 goto drop; 362 goto drop;
363 363
364 /* check if the inner packet is destined to mcast group */ 364 /* check if the inner packet is destined to mcast group */
diff --git a/net/ipv6/ipv6_sockglue.c b/net/ipv6/ipv6_sockglue.c
index 06de9d0e1f6b..56d55fecf8ec 100644
--- a/net/ipv6/ipv6_sockglue.c
+++ b/net/ipv6/ipv6_sockglue.c
@@ -52,6 +52,7 @@
52#include <net/udp.h> 52#include <net/udp.h>
53#include <net/udplite.h> 53#include <net/udplite.h>
54#include <net/xfrm.h> 54#include <net/xfrm.h>
55#include <net/compat.h>
55 56
56#include <asm/uaccess.h> 57#include <asm/uaccess.h>
57 58
@@ -779,6 +780,10 @@ int compat_ipv6_setsockopt(struct sock *sk, int level, int optname,
779 if (level != SOL_IPV6) 780 if (level != SOL_IPV6)
780 return -ENOPROTOOPT; 781 return -ENOPROTOOPT;
781 782
783 if (optname >= MCAST_JOIN_GROUP && optname <= MCAST_MSFILTER)
784 return compat_mc_setsockopt(sk, level, optname, optval, optlen,
785 ipv6_setsockopt);
786
782 err = do_ipv6_setsockopt(sk, level, optname, optval, optlen); 787 err = do_ipv6_setsockopt(sk, level, optname, optval, optlen);
783#ifdef CONFIG_NETFILTER 788#ifdef CONFIG_NETFILTER
784 /* we need to exclude all possible ENOPROTOOPTs except default case */ 789 /* we need to exclude all possible ENOPROTOOPTs except default case */
@@ -1122,6 +1127,10 @@ int compat_ipv6_getsockopt(struct sock *sk, int level, int optname,
1122 if (level != SOL_IPV6) 1127 if (level != SOL_IPV6)
1123 return -ENOPROTOOPT; 1128 return -ENOPROTOOPT;
1124 1129
1130 if (optname == MCAST_MSFILTER)
1131 return compat_mc_getsockopt(sk, level, optname, optval, optlen,
1132 ipv6_getsockopt);
1133
1125 err = do_ipv6_getsockopt(sk, level, optname, optval, optlen); 1134 err = do_ipv6_getsockopt(sk, level, optname, optval, optlen);
1126#ifdef CONFIG_NETFILTER 1135#ifdef CONFIG_NETFILTER
1127 /* we need to exclude all possible ENOPROTOOPTs except default case */ 1136 /* we need to exclude all possible ENOPROTOOPTs except default case */
diff --git a/net/ipv6/netfilter/ip6_queue.c b/net/ipv6/netfilter/ip6_queue.c
index 92a36c9e5402..2eff3ae8977d 100644
--- a/net/ipv6/netfilter/ip6_queue.c
+++ b/net/ipv6/netfilter/ip6_queue.c
@@ -298,9 +298,8 @@ ipq_mangle_ipv6(ipq_verdict_msg_t *v, struct nf_queue_entry *e)
298 if (v->data_len > 0xFFFF) 298 if (v->data_len > 0xFFFF)
299 return -EINVAL; 299 return -EINVAL;
300 if (diff > skb_tailroom(e->skb)) { 300 if (diff > skb_tailroom(e->skb)) {
301 nskb = skb_copy_expand(e->skb, 0, 301 nskb = skb_copy_expand(e->skb, skb_headroom(e->skb),
302 diff - skb_tailroom(e->skb), 302 diff, GFP_ATOMIC);
303 GFP_ATOMIC);
304 if (!nskb) { 303 if (!nskb) {
305 printk(KERN_WARNING "ip6_queue: OOM " 304 printk(KERN_WARNING "ip6_queue: OOM "
306 "in mangle, dropping packet\n"); 305 "in mangle, dropping packet\n");
diff --git a/net/ipv6/proc.c b/net/ipv6/proc.c
index ca8b82f96fe5..df0736a4cafa 100644
--- a/net/ipv6/proc.c
+++ b/net/ipv6/proc.c
@@ -247,13 +247,11 @@ int snmp6_register_dev(struct inet6_dev *idev)
247 if (!proc_net_devsnmp6) 247 if (!proc_net_devsnmp6)
248 return -ENOENT; 248 return -ENOENT;
249 249
250 p = proc_create(idev->dev->name, S_IRUGO, 250 p = proc_create_data(idev->dev->name, S_IRUGO,
251 proc_net_devsnmp6, &snmp6_seq_fops); 251 proc_net_devsnmp6, &snmp6_seq_fops, idev);
252 if (!p) 252 if (!p)
253 return -ENOMEM; 253 return -ENOMEM;
254 254
255 p->data = idev;
256
257 idev->stats.proc_dir_entry = p; 255 idev->stats.proc_dir_entry = p;
258 return 0; 256 return 0;
259} 257}
diff --git a/net/ipv6/raw.c b/net/ipv6/raw.c
index 6193b124cbc7..396f0ea11090 100644
--- a/net/ipv6/raw.c
+++ b/net/ipv6/raw.c
@@ -971,6 +971,19 @@ static int do_rawv6_setsockopt(struct sock *sk, int level, int optname,
971 971
972 switch (optname) { 972 switch (optname) {
973 case IPV6_CHECKSUM: 973 case IPV6_CHECKSUM:
974 if (inet_sk(sk)->num == IPPROTO_ICMPV6 &&
975 level == IPPROTO_IPV6) {
976 /*
977 * RFC3542 tells that IPV6_CHECKSUM socket
978 * option in the IPPROTO_IPV6 level is not
979 * allowed on ICMPv6 sockets.
980 * If you want to set it, use IPPROTO_RAW
981 * level IPV6_CHECKSUM socket option
982 * (Linux extension).
983 */
984 return -EINVAL;
985 }
986
974 /* You may get strange result with a positive odd offset; 987 /* You may get strange result with a positive odd offset;
975 RFC2292bis agrees with me. */ 988 RFC2292bis agrees with me. */
976 if (val > 0 && (val&1)) 989 if (val > 0 && (val&1))
@@ -1046,6 +1059,11 @@ static int do_rawv6_getsockopt(struct sock *sk, int level, int optname,
1046 1059
1047 switch (optname) { 1060 switch (optname) {
1048 case IPV6_CHECKSUM: 1061 case IPV6_CHECKSUM:
1062 /*
1063 * We allow getsockopt() for IPPROTO_IPV6-level
1064 * IPV6_CHECKSUM socket option on ICMPv6 sockets
1065 * since RFC3542 is silent about it.
1066 */
1049 if (rp->checksum == 0) 1067 if (rp->checksum == 0)
1050 val = -1; 1068 val = -1;
1051 else 1069 else
diff --git a/net/ipv6/reassembly.c b/net/ipv6/reassembly.c
index 7b247e3a16fe..798cabc7535b 100644
--- a/net/ipv6/reassembly.c
+++ b/net/ipv6/reassembly.c
@@ -197,6 +197,7 @@ static void ip6_frag_expire(unsigned long data)
197{ 197{
198 struct frag_queue *fq; 198 struct frag_queue *fq;
199 struct net_device *dev = NULL; 199 struct net_device *dev = NULL;
200 struct net *net;
200 201
201 fq = container_of((struct inet_frag_queue *)data, struct frag_queue, q); 202 fq = container_of((struct inet_frag_queue *)data, struct frag_queue, q);
202 203
@@ -207,7 +208,8 @@ static void ip6_frag_expire(unsigned long data)
207 208
208 fq_kill(fq); 209 fq_kill(fq);
209 210
210 dev = dev_get_by_index(&init_net, fq->iif); 211 net = container_of(fq->q.net, struct net, ipv6.frags);
212 dev = dev_get_by_index(net, fq->iif);
211 if (!dev) 213 if (!dev)
212 goto out; 214 goto out;
213 215
diff --git a/net/ipv6/route.c b/net/ipv6/route.c
index 210a079cfc6f..a493ad9b8914 100644
--- a/net/ipv6/route.c
+++ b/net/ipv6/route.c
@@ -150,7 +150,7 @@ static struct rt6_info ip6_null_entry_template = {
150static int ip6_pkt_prohibit(struct sk_buff *skb); 150static int ip6_pkt_prohibit(struct sk_buff *skb);
151static int ip6_pkt_prohibit_out(struct sk_buff *skb); 151static int ip6_pkt_prohibit_out(struct sk_buff *skb);
152 152
153struct rt6_info ip6_prohibit_entry_template = { 153static struct rt6_info ip6_prohibit_entry_template = {
154 .u = { 154 .u = {
155 .dst = { 155 .dst = {
156 .__refcnt = ATOMIC_INIT(1), 156 .__refcnt = ATOMIC_INIT(1),
@@ -2614,9 +2614,8 @@ struct ctl_table *ipv6_route_sysctl_init(struct net *net)
2614 2614
2615static int ip6_route_net_init(struct net *net) 2615static int ip6_route_net_init(struct net *net)
2616{ 2616{
2617 int ret = 0; 2617 int ret = -ENOMEM;
2618 2618
2619 ret = -ENOMEM;
2620 net->ipv6.ip6_dst_ops = kmemdup(&ip6_dst_ops_template, 2619 net->ipv6.ip6_dst_ops = kmemdup(&ip6_dst_ops_template,
2621 sizeof(*net->ipv6.ip6_dst_ops), 2620 sizeof(*net->ipv6.ip6_dst_ops),
2622 GFP_KERNEL); 2621 GFP_KERNEL);
diff --git a/net/irda/ircomm/ircomm_tty.c b/net/irda/ircomm/ircomm_tty.c
index d2620410cb0a..76c3057d0179 100644
--- a/net/irda/ircomm/ircomm_tty.c
+++ b/net/irda/ircomm/ircomm_tty.c
@@ -555,10 +555,8 @@ static void ircomm_tty_close(struct tty_struct *tty, struct file *filp)
555 555
556 ircomm_tty_shutdown(self); 556 ircomm_tty_shutdown(self);
557 557
558 if (tty->driver->flush_buffer) 558 tty_driver_flush_buffer(tty);
559 tty->driver->flush_buffer(tty); 559 tty_ldisc_flush(tty);
560 if (tty->ldisc.flush_buffer)
561 tty->ldisc.flush_buffer(tty);
562 560
563 tty->closing = 0; 561 tty->closing = 0;
564 self->tty = NULL; 562 self->tty = NULL;
diff --git a/net/irda/iriap.c b/net/irda/iriap.c
index 9e15c82960fe..4a105dc32dcd 100644
--- a/net/irda/iriap.c
+++ b/net/irda/iriap.c
@@ -451,12 +451,14 @@ static void iriap_getvaluebyclass_confirm(struct iriap_cb *self,
451 n = 2; 451 n = 2;
452 452
453 /* Get length, MSB first */ 453 /* Get length, MSB first */
454 len = be16_to_cpu(get_unaligned((__be16 *)(fp+n))); n += 2; 454 len = get_unaligned_be16(fp + n);
455 n += 2;
455 456
456 IRDA_DEBUG(4, "%s(), len=%d\n", __func__, len); 457 IRDA_DEBUG(4, "%s(), len=%d\n", __func__, len);
457 458
458 /* Get object ID, MSB first */ 459 /* Get object ID, MSB first */
459 obj_id = be16_to_cpu(get_unaligned((__be16 *)(fp+n))); n += 2; 460 obj_id = get_unaligned_be16(fp + n);
461 n += 2;
460 462
461 type = fp[n++]; 463 type = fp[n++];
462 IRDA_DEBUG(4, "%s(), Value type = %d\n", __func__, type); 464 IRDA_DEBUG(4, "%s(), Value type = %d\n", __func__, type);
@@ -506,7 +508,7 @@ static void iriap_getvaluebyclass_confirm(struct iriap_cb *self,
506 value = irias_new_string_value(fp+n); 508 value = irias_new_string_value(fp+n);
507 break; 509 break;
508 case IAS_OCT_SEQ: 510 case IAS_OCT_SEQ:
509 value_len = be16_to_cpu(get_unaligned((__be16 *)(fp+n))); 511 value_len = get_unaligned_be16(fp + n);
510 n += 2; 512 n += 2;
511 513
512 /* Will truncate to IAS_MAX_OCTET_STRING bytes */ 514 /* Will truncate to IAS_MAX_OCTET_STRING bytes */
diff --git a/net/irda/irnet/irnet_irda.c b/net/irda/irnet/irnet_irda.c
index a4f1439ffdd8..75497e55927d 100644
--- a/net/irda/irnet/irnet_irda.c
+++ b/net/irda/irnet/irnet_irda.c
@@ -9,6 +9,7 @@
9 */ 9 */
10 10
11#include "irnet_irda.h" /* Private header */ 11#include "irnet_irda.h" /* Private header */
12#include <linux/seq_file.h>
12 13
13/* 14/*
14 * PPP disconnect work: we need to make sure we're in 15 * PPP disconnect work: we need to make sure we're in
@@ -1717,34 +1718,23 @@ irnet_expiry_indication(discinfo_t * expiry,
1717 */ 1718 */
1718 1719
1719#ifdef CONFIG_PROC_FS 1720#ifdef CONFIG_PROC_FS
1720/*------------------------------------------------------------------*/
1721/*
1722 * Function irnet_proc_read (buf, start, offset, len, unused)
1723 *
1724 * Give some info to the /proc file system
1725 */
1726static int 1721static int
1727irnet_proc_read(char * buf, 1722irnet_proc_show(struct seq_file *m, void *v)
1728 char ** start,
1729 off_t offset,
1730 int len)
1731{ 1723{
1732 irnet_socket * self; 1724 irnet_socket * self;
1733 char * state; 1725 char * state;
1734 int i = 0; 1726 int i = 0;
1735 1727
1736 len = 0;
1737
1738 /* Get the IrNET server information... */ 1728 /* Get the IrNET server information... */
1739 len += sprintf(buf+len, "IrNET server - "); 1729 seq_printf(m, "IrNET server - ");
1740 len += sprintf(buf+len, "IrDA state: %s, ", 1730 seq_printf(m, "IrDA state: %s, ",
1741 (irnet_server.running ? "running" : "dead")); 1731 (irnet_server.running ? "running" : "dead"));
1742 len += sprintf(buf+len, "stsap_sel: %02x, ", irnet_server.s.stsap_sel); 1732 seq_printf(m, "stsap_sel: %02x, ", irnet_server.s.stsap_sel);
1743 len += sprintf(buf+len, "dtsap_sel: %02x\n", irnet_server.s.dtsap_sel); 1733 seq_printf(m, "dtsap_sel: %02x\n", irnet_server.s.dtsap_sel);
1744 1734
1745 /* Do we need to continue ? */ 1735 /* Do we need to continue ? */
1746 if(!irnet_server.running) 1736 if(!irnet_server.running)
1747 return len; 1737 return 0;
1748 1738
1749 /* Protect access to the instance list */ 1739 /* Protect access to the instance list */
1750 spin_lock_bh(&irnet_server.spinlock); 1740 spin_lock_bh(&irnet_server.spinlock);
@@ -1754,23 +1744,23 @@ irnet_proc_read(char * buf,
1754 while(self != NULL) 1744 while(self != NULL)
1755 { 1745 {
1756 /* Start printing info about the socket. */ 1746 /* Start printing info about the socket. */
1757 len += sprintf(buf+len, "\nIrNET socket %d - ", i++); 1747 seq_printf(m, "\nIrNET socket %d - ", i++);
1758 1748
1759 /* First, get the requested configuration */ 1749 /* First, get the requested configuration */
1760 len += sprintf(buf+len, "Requested IrDA name: \"%s\", ", self->rname); 1750 seq_printf(m, "Requested IrDA name: \"%s\", ", self->rname);
1761 len += sprintf(buf+len, "daddr: %08x, ", self->rdaddr); 1751 seq_printf(m, "daddr: %08x, ", self->rdaddr);
1762 len += sprintf(buf+len, "saddr: %08x\n", self->rsaddr); 1752 seq_printf(m, "saddr: %08x\n", self->rsaddr);
1763 1753
1764 /* Second, get all the PPP info */ 1754 /* Second, get all the PPP info */
1765 len += sprintf(buf+len, " PPP state: %s", 1755 seq_printf(m, " PPP state: %s",
1766 (self->ppp_open ? "registered" : "unregistered")); 1756 (self->ppp_open ? "registered" : "unregistered"));
1767 if(self->ppp_open) 1757 if(self->ppp_open)
1768 { 1758 {
1769 len += sprintf(buf+len, ", unit: ppp%d", 1759 seq_printf(m, ", unit: ppp%d",
1770 ppp_unit_number(&self->chan)); 1760 ppp_unit_number(&self->chan));
1771 len += sprintf(buf+len, ", channel: %d", 1761 seq_printf(m, ", channel: %d",
1772 ppp_channel_index(&self->chan)); 1762 ppp_channel_index(&self->chan));
1773 len += sprintf(buf+len, ", mru: %d", 1763 seq_printf(m, ", mru: %d",
1774 self->mru); 1764 self->mru);
1775 /* Maybe add self->flags ? Later... */ 1765 /* Maybe add self->flags ? Later... */
1776 } 1766 }
@@ -1789,10 +1779,10 @@ irnet_proc_read(char * buf,
1789 state = "weird"; 1779 state = "weird";
1790 else 1780 else
1791 state = "idle"; 1781 state = "idle";
1792 len += sprintf(buf+len, "\n IrDA state: %s, ", state); 1782 seq_printf(m, "\n IrDA state: %s, ", state);
1793 len += sprintf(buf+len, "daddr: %08x, ", self->daddr); 1783 seq_printf(m, "daddr: %08x, ", self->daddr);
1794 len += sprintf(buf+len, "stsap_sel: %02x, ", self->stsap_sel); 1784 seq_printf(m, "stsap_sel: %02x, ", self->stsap_sel);
1795 len += sprintf(buf+len, "dtsap_sel: %02x\n", self->dtsap_sel); 1785 seq_printf(m, "dtsap_sel: %02x\n", self->dtsap_sel);
1796 1786
1797 /* Next socket, please... */ 1787 /* Next socket, please... */
1798 self = (irnet_socket *) hashbin_get_next(irnet_server.list); 1788 self = (irnet_socket *) hashbin_get_next(irnet_server.list);
@@ -1801,8 +1791,21 @@ irnet_proc_read(char * buf,
1801 /* Spin lock end */ 1791 /* Spin lock end */
1802 spin_unlock_bh(&irnet_server.spinlock); 1792 spin_unlock_bh(&irnet_server.spinlock);
1803 1793
1804 return len; 1794 return 0;
1805} 1795}
1796
1797static int irnet_proc_open(struct inode *inode, struct file *file)
1798{
1799 return single_open(file, irnet_proc_show, NULL);
1800}
1801
1802static const struct file_operations irnet_proc_fops = {
1803 .owner = THIS_MODULE,
1804 .open = irnet_proc_open,
1805 .read = seq_read,
1806 .llseek = seq_lseek,
1807 .release = single_release,
1808};
1806#endif /* PROC_FS */ 1809#endif /* PROC_FS */
1807 1810
1808 1811
@@ -1841,7 +1844,7 @@ irda_irnet_init(void)
1841 1844
1842#ifdef CONFIG_PROC_FS 1845#ifdef CONFIG_PROC_FS
1843 /* Add a /proc file for irnet infos */ 1846 /* Add a /proc file for irnet infos */
1844 create_proc_info_entry("irnet", 0, proc_irda, irnet_proc_read); 1847 proc_create("irnet", 0, proc_irda, &irnet_proc_fops);
1845#endif /* CONFIG_PROC_FS */ 1848#endif /* CONFIG_PROC_FS */
1846 1849
1847 /* Setup the IrNET server */ 1850 /* Setup the IrNET server */
diff --git a/net/irda/irnet/irnet_irda.h b/net/irda/irnet/irnet_irda.h
index 0ba92d0d5204..3e408952a3f1 100644
--- a/net/irda/irnet/irnet_irda.h
+++ b/net/irda/irnet/irnet_irda.h
@@ -159,14 +159,6 @@ static void
159 DISCOVERY_MODE, 159 DISCOVERY_MODE,
160 void *); 160 void *);
161#endif 161#endif
162/* -------------------------- PROC ENTRY -------------------------- */
163#ifdef CONFIG_PROC_FS
164static int
165 irnet_proc_read(char *,
166 char **,
167 off_t,
168 int);
169#endif /* CONFIG_PROC_FS */
170 162
171/**************************** VARIABLES ****************************/ 163/**************************** VARIABLES ****************************/
172 164
diff --git a/net/key/af_key.c b/net/key/af_key.c
index 1fb0fe42a72e..9e7236ff6bcc 100644
--- a/net/key/af_key.c
+++ b/net/key/af_key.c
@@ -1498,7 +1498,8 @@ static int pfkey_add(struct sock *sk, struct sk_buff *skb, struct sadb_msg *hdr,
1498 err = xfrm_state_update(x); 1498 err = xfrm_state_update(x);
1499 1499
1500 xfrm_audit_state_add(x, err ? 0 : 1, 1500 xfrm_audit_state_add(x, err ? 0 : 1,
1501 audit_get_loginuid(current), 0); 1501 audit_get_loginuid(current),
1502 audit_get_sessionid(current), 0);
1502 1503
1503 if (err < 0) { 1504 if (err < 0) {
1504 x->km.state = XFRM_STATE_DEAD; 1505 x->km.state = XFRM_STATE_DEAD;
@@ -1552,7 +1553,8 @@ static int pfkey_delete(struct sock *sk, struct sk_buff *skb, struct sadb_msg *h
1552 km_state_notify(x, &c); 1553 km_state_notify(x, &c);
1553out: 1554out:
1554 xfrm_audit_state_delete(x, err ? 0 : 1, 1555 xfrm_audit_state_delete(x, err ? 0 : 1,
1555 audit_get_loginuid(current), 0); 1556 audit_get_loginuid(current),
1557 audit_get_sessionid(current), 0);
1556 xfrm_state_put(x); 1558 xfrm_state_put(x);
1557 1559
1558 return err; 1560 return err;
@@ -1728,6 +1730,7 @@ static int pfkey_flush(struct sock *sk, struct sk_buff *skb, struct sadb_msg *hd
1728 return -EINVAL; 1730 return -EINVAL;
1729 1731
1730 audit_info.loginuid = audit_get_loginuid(current); 1732 audit_info.loginuid = audit_get_loginuid(current);
1733 audit_info.sessionid = audit_get_sessionid(current);
1731 audit_info.secid = 0; 1734 audit_info.secid = 0;
1732 err = xfrm_state_flush(proto, &audit_info); 1735 err = xfrm_state_flush(proto, &audit_info);
1733 if (err) 1736 if (err)
@@ -1907,7 +1910,7 @@ parse_ipsecrequest(struct xfrm_policy *xp, struct sadb_x_ipsecrequest *rq)
1907 t->encap_family = xp->family; 1910 t->encap_family = xp->family;
1908 1911
1909 /* No way to set this via kame pfkey */ 1912 /* No way to set this via kame pfkey */
1910 t->aalgos = t->ealgos = t->calgos = ~0; 1913 t->allalgs = 1;
1911 xp->xfrm_nr++; 1914 xp->xfrm_nr++;
1912 return 0; 1915 return 0;
1913} 1916}
@@ -2324,7 +2327,8 @@ static int pfkey_spdadd(struct sock *sk, struct sk_buff *skb, struct sadb_msg *h
2324 hdr->sadb_msg_type != SADB_X_SPDUPDATE); 2327 hdr->sadb_msg_type != SADB_X_SPDUPDATE);
2325 2328
2326 xfrm_audit_policy_add(xp, err ? 0 : 1, 2329 xfrm_audit_policy_add(xp, err ? 0 : 1,
2327 audit_get_loginuid(current), 0); 2330 audit_get_loginuid(current),
2331 audit_get_sessionid(current), 0);
2328 2332
2329 if (err) 2333 if (err)
2330 goto out; 2334 goto out;
@@ -2356,7 +2360,7 @@ static int pfkey_spddelete(struct sock *sk, struct sk_buff *skb, struct sadb_msg
2356 struct xfrm_selector sel; 2360 struct xfrm_selector sel;
2357 struct km_event c; 2361 struct km_event c;
2358 struct sadb_x_sec_ctx *sec_ctx; 2362 struct sadb_x_sec_ctx *sec_ctx;
2359 struct xfrm_sec_ctx *pol_ctx; 2363 struct xfrm_sec_ctx *pol_ctx = NULL;
2360 2364
2361 if (!present_and_same_family(ext_hdrs[SADB_EXT_ADDRESS_SRC-1], 2365 if (!present_and_same_family(ext_hdrs[SADB_EXT_ADDRESS_SRC-1],
2362 ext_hdrs[SADB_EXT_ADDRESS_DST-1]) || 2366 ext_hdrs[SADB_EXT_ADDRESS_DST-1]) ||
@@ -2396,8 +2400,7 @@ static int pfkey_spddelete(struct sock *sk, struct sk_buff *skb, struct sadb_msg
2396 kfree(uctx); 2400 kfree(uctx);
2397 if (err) 2401 if (err)
2398 return err; 2402 return err;
2399 } else 2403 }
2400 pol_ctx = NULL;
2401 2404
2402 xp = xfrm_policy_bysel_ctx(XFRM_POLICY_TYPE_MAIN, 2405 xp = xfrm_policy_bysel_ctx(XFRM_POLICY_TYPE_MAIN,
2403 pol->sadb_x_policy_dir - 1, &sel, pol_ctx, 2406 pol->sadb_x_policy_dir - 1, &sel, pol_ctx,
@@ -2407,7 +2410,8 @@ static int pfkey_spddelete(struct sock *sk, struct sk_buff *skb, struct sadb_msg
2407 return -ENOENT; 2410 return -ENOENT;
2408 2411
2409 xfrm_audit_policy_delete(xp, err ? 0 : 1, 2412 xfrm_audit_policy_delete(xp, err ? 0 : 1,
2410 audit_get_loginuid(current), 0); 2413 audit_get_loginuid(current),
2414 audit_get_sessionid(current), 0);
2411 2415
2412 if (err) 2416 if (err)
2413 goto out; 2417 goto out;
@@ -2668,7 +2672,8 @@ static int pfkey_spdget(struct sock *sk, struct sk_buff *skb, struct sadb_msg *h
2668 2672
2669 if (delete) { 2673 if (delete) {
2670 xfrm_audit_policy_delete(xp, err ? 0 : 1, 2674 xfrm_audit_policy_delete(xp, err ? 0 : 1,
2671 audit_get_loginuid(current), 0); 2675 audit_get_loginuid(current),
2676 audit_get_sessionid(current), 0);
2672 2677
2673 if (err) 2678 if (err)
2674 goto out; 2679 goto out;
@@ -2768,6 +2773,7 @@ static int pfkey_spdflush(struct sock *sk, struct sk_buff *skb, struct sadb_msg
2768 int err; 2773 int err;
2769 2774
2770 audit_info.loginuid = audit_get_loginuid(current); 2775 audit_info.loginuid = audit_get_loginuid(current);
2776 audit_info.sessionid = audit_get_sessionid(current);
2771 audit_info.secid = 0; 2777 audit_info.secid = 0;
2772 err = xfrm_policy_flush(XFRM_POLICY_TYPE_MAIN, &audit_info); 2778 err = xfrm_policy_flush(XFRM_POLICY_TYPE_MAIN, &audit_info);
2773 if (err) 2779 if (err)
diff --git a/net/mac80211/Kconfig b/net/mac80211/Kconfig
index 520a5180a4f6..a24b459dd45a 100644
--- a/net/mac80211/Kconfig
+++ b/net/mac80211/Kconfig
@@ -73,7 +73,9 @@ config MAC80211_MESH
73 73
74config MAC80211_LEDS 74config MAC80211_LEDS
75 bool "Enable LED triggers" 75 bool "Enable LED triggers"
76 depends on MAC80211 && LEDS_TRIGGERS 76 depends on MAC80211
77 select NEW_LEDS
78 select LEDS_TRIGGERS
77 ---help--- 79 ---help---
78 This option enables a few LED triggers for different 80 This option enables a few LED triggers for different
79 packet receive/transmit events. 81 packet receive/transmit events.
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h
index 8e53ce7ed444..c7314bf4bec2 100644
--- a/net/mac80211/ieee80211_i.h
+++ b/net/mac80211/ieee80211_i.h
@@ -354,7 +354,7 @@ struct ieee80211_if_sta {
354 int preq_queue_len; 354 int preq_queue_len;
355 struct mesh_stats mshstats; 355 struct mesh_stats mshstats;
356 struct mesh_config mshcfg; 356 struct mesh_config mshcfg;
357 u8 mesh_seqnum[3]; 357 u32 mesh_seqnum;
358 bool accepting_plinks; 358 bool accepting_plinks;
359#endif 359#endif
360 u16 aid; 360 u16 aid;
diff --git a/net/mac80211/main.c b/net/mac80211/main.c
index e9a978979d38..9ad4e3631b6b 100644
--- a/net/mac80211/main.c
+++ b/net/mac80211/main.c
@@ -255,22 +255,8 @@ static int ieee80211_open(struct net_device *dev)
255 255
256 switch (sdata->vif.type) { 256 switch (sdata->vif.type) {
257 case IEEE80211_IF_TYPE_WDS: 257 case IEEE80211_IF_TYPE_WDS:
258 if (is_zero_ether_addr(sdata->u.wds.remote_addr)) 258 if (!is_valid_ether_addr(sdata->u.wds.remote_addr))
259 return -ENOLINK; 259 return -ENOLINK;
260
261 /* Create STA entry for the WDS peer */
262 sta = sta_info_alloc(sdata, sdata->u.wds.remote_addr,
263 GFP_KERNEL);
264 if (!sta)
265 return -ENOMEM;
266
267 sta->flags |= WLAN_STA_AUTHORIZED;
268
269 res = sta_info_insert(sta);
270 if (res) {
271 /* STA has been freed */
272 return res;
273 }
274 break; 260 break;
275 case IEEE80211_IF_TYPE_VLAN: 261 case IEEE80211_IF_TYPE_VLAN:
276 if (!sdata->u.vlan.ap) 262 if (!sdata->u.vlan.ap)
@@ -337,10 +323,8 @@ static int ieee80211_open(struct net_device *dev)
337 conf.type = sdata->vif.type; 323 conf.type = sdata->vif.type;
338 conf.mac_addr = dev->dev_addr; 324 conf.mac_addr = dev->dev_addr;
339 res = local->ops->add_interface(local_to_hw(local), &conf); 325 res = local->ops->add_interface(local_to_hw(local), &conf);
340 if (res && !local->open_count && local->ops->stop)
341 local->ops->stop(local_to_hw(local));
342 if (res) 326 if (res)
343 return res; 327 goto err_stop;
344 328
345 ieee80211_if_config(dev); 329 ieee80211_if_config(dev);
346 ieee80211_reset_erp_info(dev); 330 ieee80211_reset_erp_info(dev);
@@ -353,9 +337,29 @@ static int ieee80211_open(struct net_device *dev)
353 netif_carrier_on(dev); 337 netif_carrier_on(dev);
354 } 338 }
355 339
340 if (sdata->vif.type == IEEE80211_IF_TYPE_WDS) {
341 /* Create STA entry for the WDS peer */
342 sta = sta_info_alloc(sdata, sdata->u.wds.remote_addr,
343 GFP_KERNEL);
344 if (!sta) {
345 res = -ENOMEM;
346 goto err_del_interface;
347 }
348
349 sta->flags |= WLAN_STA_AUTHORIZED;
350
351 res = sta_info_insert(sta);
352 if (res) {
353 /* STA has been freed */
354 goto err_del_interface;
355 }
356 }
357
356 if (local->open_count == 0) { 358 if (local->open_count == 0) {
357 res = dev_open(local->mdev); 359 res = dev_open(local->mdev);
358 WARN_ON(res); 360 WARN_ON(res);
361 if (res)
362 goto err_del_interface;
359 tasklet_enable(&local->tx_pending_tasklet); 363 tasklet_enable(&local->tx_pending_tasklet);
360 tasklet_enable(&local->tasklet); 364 tasklet_enable(&local->tasklet);
361 } 365 }
@@ -390,6 +394,12 @@ static int ieee80211_open(struct net_device *dev)
390 netif_start_queue(dev); 394 netif_start_queue(dev);
391 395
392 return 0; 396 return 0;
397 err_del_interface:
398 local->ops->remove_interface(local_to_hw(local), &conf);
399 err_stop:
400 if (!local->open_count && local->ops->stop)
401 local->ops->stop(local_to_hw(local));
402 return res;
393} 403}
394 404
395static int ieee80211_stop(struct net_device *dev) 405static int ieee80211_stop(struct net_device *dev)
@@ -975,6 +985,7 @@ static int __ieee80211_if_config(struct net_device *dev,
975 conf.ssid_len = sdata->u.sta.ssid_len; 985 conf.ssid_len = sdata->u.sta.ssid_len;
976 } else if (ieee80211_vif_is_mesh(&sdata->vif)) { 986 } else if (ieee80211_vif_is_mesh(&sdata->vif)) {
977 conf.beacon = beacon; 987 conf.beacon = beacon;
988 conf.beacon_control = control;
978 ieee80211_start_mesh(dev); 989 ieee80211_start_mesh(dev);
979 } else if (sdata->vif.type == IEEE80211_IF_TYPE_AP) { 990 } else if (sdata->vif.type == IEEE80211_IF_TYPE_AP) {
980 conf.ssid = sdata->u.ap.ssid; 991 conf.ssid = sdata->u.ap.ssid;
diff --git a/net/mac80211/mesh.c b/net/mac80211/mesh.c
index 594a3356a508..f76bc26ae4d2 100644
--- a/net/mac80211/mesh.c
+++ b/net/mac80211/mesh.c
@@ -8,6 +8,7 @@
8 * published by the Free Software Foundation. 8 * published by the Free Software Foundation.
9 */ 9 */
10 10
11#include <asm/unaligned.h>
11#include "ieee80211_i.h" 12#include "ieee80211_i.h"
12#include "mesh.h" 13#include "mesh.h"
13 14
@@ -167,8 +168,8 @@ int mesh_rmc_check(u8 *sa, struct ieee80211s_hdr *mesh_hdr,
167 struct rmc_entry *p, *n; 168 struct rmc_entry *p, *n;
168 169
169 /* Don't care about endianness since only match matters */ 170 /* Don't care about endianness since only match matters */
170 memcpy(&seqnum, mesh_hdr->seqnum, sizeof(mesh_hdr->seqnum)); 171 memcpy(&seqnum, &mesh_hdr->seqnum, sizeof(mesh_hdr->seqnum));
171 idx = mesh_hdr->seqnum[0] & rmc->idx_mask; 172 idx = le32_to_cpu(mesh_hdr->seqnum) & rmc->idx_mask;
172 list_for_each_entry_safe(p, n, &rmc->bucket[idx].list, list) { 173 list_for_each_entry_safe(p, n, &rmc->bucket[idx].list, list) {
173 ++entries; 174 ++entries;
174 if (time_after(jiffies, p->exp_time) || 175 if (time_after(jiffies, p->exp_time) ||
@@ -393,16 +394,8 @@ int ieee80211_new_mesh_header(struct ieee80211s_hdr *meshhdr,
393{ 394{
394 meshhdr->flags = 0; 395 meshhdr->flags = 0;
395 meshhdr->ttl = sdata->u.sta.mshcfg.dot11MeshTTL; 396 meshhdr->ttl = sdata->u.sta.mshcfg.dot11MeshTTL;
396 397 put_unaligned(cpu_to_le32(sdata->u.sta.mesh_seqnum), &meshhdr->seqnum);
397 meshhdr->seqnum[0] = sdata->u.sta.mesh_seqnum[0]++; 398 sdata->u.sta.mesh_seqnum++;
398 meshhdr->seqnum[1] = sdata->u.sta.mesh_seqnum[1];
399 meshhdr->seqnum[2] = sdata->u.sta.mesh_seqnum[2];
400
401 if (sdata->u.sta.mesh_seqnum[0] == 0) {
402 sdata->u.sta.mesh_seqnum[1]++;
403 if (sdata->u.sta.mesh_seqnum[1] == 0)
404 sdata->u.sta.mesh_seqnum[2]++;
405 }
406 399
407 return 5; 400 return 5;
408} 401}
diff --git a/net/mac80211/mesh.h b/net/mac80211/mesh.h
index 742003d3a841..2e161f6d8288 100644
--- a/net/mac80211/mesh.h
+++ b/net/mac80211/mesh.h
@@ -13,6 +13,7 @@
13 13
14#include <linux/types.h> 14#include <linux/types.h>
15#include <linux/jhash.h> 15#include <linux/jhash.h>
16#include <asm/unaligned.h>
16#include "ieee80211_i.h" 17#include "ieee80211_i.h"
17 18
18 19
@@ -139,7 +140,7 @@ struct rmc_entry {
139 140
140struct mesh_rmc { 141struct mesh_rmc {
141 struct rmc_entry bucket[RMC_BUCKETS]; 142 struct rmc_entry bucket[RMC_BUCKETS];
142 u8 idx_mask; 143 u32 idx_mask;
143}; 144};
144 145
145 146
diff --git a/net/mac80211/mesh_hwmp.c b/net/mac80211/mesh_hwmp.c
index 02de8f1522a3..3df809222d1c 100644
--- a/net/mac80211/mesh_hwmp.c
+++ b/net/mac80211/mesh_hwmp.c
@@ -7,7 +7,6 @@
7 * published by the Free Software Foundation. 7 * published by the Free Software Foundation.
8 */ 8 */
9 9
10#include <asm/unaligned.h>
11#include "mesh.h" 10#include "mesh.h"
12 11
13#define TEST_FRAME_LEN 8192 12#define TEST_FRAME_LEN 8192
diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
index 6b75cb6c6300..a5e5c31c23ab 100644
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -2248,10 +2248,13 @@ static void ieee80211_rx_bss_put(struct net_device *dev,
2248 struct ieee80211_sta_bss *bss) 2248 struct ieee80211_sta_bss *bss)
2249{ 2249{
2250 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 2250 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2251 if (!atomic_dec_and_test(&bss->users)) 2251
2252 local_bh_disable();
2253 if (!atomic_dec_and_lock(&bss->users, &local->sta_bss_lock)) {
2254 local_bh_enable();
2252 return; 2255 return;
2256 }
2253 2257
2254 spin_lock_bh(&local->sta_bss_lock);
2255 __ieee80211_rx_bss_hash_del(dev, bss); 2258 __ieee80211_rx_bss_hash_del(dev, bss);
2256 list_del(&bss->list); 2259 list_del(&bss->list);
2257 spin_unlock_bh(&local->sta_bss_lock); 2260 spin_unlock_bh(&local->sta_bss_lock);
@@ -2709,7 +2712,26 @@ static void ieee80211_rx_bss_info(struct net_device *dev,
2709 bss->wmm_ie_len = elems.wmm_param_len + 2; 2712 bss->wmm_ie_len = elems.wmm_param_len + 2;
2710 } else 2713 } else
2711 bss->wmm_ie_len = 0; 2714 bss->wmm_ie_len = 0;
2712 } else if (!elems.wmm_param && bss->wmm_ie) { 2715 } else if (elems.wmm_info &&
2716 (!bss->wmm_ie || bss->wmm_ie_len != elems.wmm_info_len ||
2717 memcmp(bss->wmm_ie, elems.wmm_info, elems.wmm_info_len))) {
2718 /* As for certain AP's Fifth bit is not set in WMM IE in
2719 * beacon frames.So while parsing the beacon frame the
2720 * wmm_info structure is used instead of wmm_param.
2721 * wmm_info structure was never used to set bss->wmm_ie.
2722 * This code fixes this problem by copying the WME
2723 * information from wmm_info to bss->wmm_ie and enabling
2724 * n-band association.
2725 */
2726 kfree(bss->wmm_ie);
2727 bss->wmm_ie = kmalloc(elems.wmm_info_len + 2, GFP_ATOMIC);
2728 if (bss->wmm_ie) {
2729 memcpy(bss->wmm_ie, elems.wmm_info - 2,
2730 elems.wmm_info_len + 2);
2731 bss->wmm_ie_len = elems.wmm_info_len + 2;
2732 } else
2733 bss->wmm_ie_len = 0;
2734 } else if (!elems.wmm_param && !elems.wmm_info && bss->wmm_ie) {
2713 kfree(bss->wmm_ie); 2735 kfree(bss->wmm_ie);
2714 bss->wmm_ie = NULL; 2736 bss->wmm_ie = NULL;
2715 bss->wmm_ie_len = 0; 2737 bss->wmm_ie_len = 0;
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index 52e4554fdde7..02f436a86061 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -2170,7 +2170,7 @@ void __ieee80211_rx(struct ieee80211_hw *hw, struct sk_buff *skb,
2170 struct ieee80211_supported_band *sband; 2170 struct ieee80211_supported_band *sband;
2171 2171
2172 if (status->band < 0 || 2172 if (status->band < 0 ||
2173 status->band > IEEE80211_NUM_BANDS) { 2173 status->band >= IEEE80211_NUM_BANDS) {
2174 WARN_ON(1); 2174 WARN_ON(1);
2175 return; 2175 return;
2176 } 2176 }
diff --git a/net/mac80211/tkip.c b/net/mac80211/tkip.c
index dddbfd60f351..09093da24af6 100644
--- a/net/mac80211/tkip.c
+++ b/net/mac80211/tkip.c
@@ -230,10 +230,8 @@ void ieee80211_get_tkip_key(struct ieee80211_key_conf *keyconf,
230 230
231 iv16 = data[hdr_len] << 8; 231 iv16 = data[hdr_len] << 8;
232 iv16 += data[hdr_len + 2]; 232 iv16 += data[hdr_len + 2];
233 iv32 = data[hdr_len + 4] + 233 iv32 = data[hdr_len + 4] | (data[hdr_len + 5] << 8) |
234 (data[hdr_len + 5] >> 8) + 234 (data[hdr_len + 6] << 16) | (data[hdr_len + 7] << 24);
235 (data[hdr_len + 6] >> 16) +
236 (data[hdr_len + 7] >> 24);
237 235
238#ifdef CONFIG_TKIP_DEBUG 236#ifdef CONFIG_TKIP_DEBUG
239 printk(KERN_DEBUG "TKIP encrypt: iv16 = 0x%04x, iv32 = 0x%08x\n", 237 printk(KERN_DEBUG "TKIP encrypt: iv16 = 0x%04x, iv32 = 0x%08x\n",
diff --git a/net/mac80211/wme.c b/net/mac80211/wme.c
index 4e94e4026e78..64faa3dc488f 100644
--- a/net/mac80211/wme.c
+++ b/net/mac80211/wme.c
@@ -709,7 +709,7 @@ void ieee80211_requeue(struct ieee80211_local *local, int queue)
709 struct ieee80211_sched_data *q = qdisc_priv(root_qd); 709 struct ieee80211_sched_data *q = qdisc_priv(root_qd);
710 struct Qdisc *qdisc = q->queues[queue]; 710 struct Qdisc *qdisc = q->queues[queue];
711 struct sk_buff *skb = NULL; 711 struct sk_buff *skb = NULL;
712 u32 len = qdisc->q.qlen; 712 u32 len;
713 713
714 if (!qdisc || !qdisc->dequeue) 714 if (!qdisc || !qdisc->dequeue)
715 return; 715 return;
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
index 4eac65c74ed0..c4b1799da5d7 100644
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -104,7 +104,7 @@ nf_ct_get_tuple(const struct sk_buff *skb,
104 const struct nf_conntrack_l3proto *l3proto, 104 const struct nf_conntrack_l3proto *l3proto,
105 const struct nf_conntrack_l4proto *l4proto) 105 const struct nf_conntrack_l4proto *l4proto)
106{ 106{
107 NF_CT_TUPLE_U_BLANK(tuple); 107 memset(tuple, 0, sizeof(*tuple));
108 108
109 tuple->src.l3num = l3num; 109 tuple->src.l3num = l3num;
110 if (l3proto->pkt_to_tuple(skb, nhoff, tuple) == 0) 110 if (l3proto->pkt_to_tuple(skb, nhoff, tuple) == 0)
@@ -151,7 +151,7 @@ nf_ct_invert_tuple(struct nf_conntrack_tuple *inverse,
151 const struct nf_conntrack_l3proto *l3proto, 151 const struct nf_conntrack_l3proto *l3proto,
152 const struct nf_conntrack_l4proto *l4proto) 152 const struct nf_conntrack_l4proto *l4proto)
153{ 153{
154 NF_CT_TUPLE_U_BLANK(inverse); 154 memset(inverse, 0, sizeof(*inverse));
155 155
156 inverse->src.l3num = orig->src.l3num; 156 inverse->src.l3num = orig->src.l3num;
157 if (l3proto->invert_tuple(inverse, orig) == 0) 157 if (l3proto->invert_tuple(inverse, orig) == 0)
diff --git a/net/netfilter/nf_conntrack_standalone.c b/net/netfilter/nf_conntrack_standalone.c
index b59871f6bdda..46ea542d0df9 100644
--- a/net/netfilter/nf_conntrack_standalone.c
+++ b/net/netfilter/nf_conntrack_standalone.c
@@ -296,11 +296,11 @@ static int nf_conntrack_standalone_init_proc(void)
296 pde = proc_net_fops_create(&init_net, "nf_conntrack", 0440, &ct_file_ops); 296 pde = proc_net_fops_create(&init_net, "nf_conntrack", 0440, &ct_file_ops);
297 if (!pde) 297 if (!pde)
298 goto out_nf_conntrack; 298 goto out_nf_conntrack;
299 pde = create_proc_entry("nf_conntrack", S_IRUGO, init_net.proc_net_stat); 299
300 pde = proc_create("nf_conntrack", S_IRUGO, init_net.proc_net_stat,
301 &ct_cpu_seq_fops);
300 if (!pde) 302 if (!pde)
301 goto out_stat_nf_conntrack; 303 goto out_stat_nf_conntrack;
302 pde->proc_fops = &ct_cpu_seq_fops;
303 pde->owner = THIS_MODULE;
304 return 0; 304 return 0;
305 305
306out_stat_nf_conntrack: 306out_stat_nf_conntrack:
diff --git a/net/netfilter/nf_queue.c b/net/netfilter/nf_queue.c
index bbd26893c0c4..582ec3efc8a5 100644
--- a/net/netfilter/nf_queue.c
+++ b/net/netfilter/nf_queue.c
@@ -214,7 +214,7 @@ int nf_queue(struct sk_buff *skb,
214 214
215 segs = skb_gso_segment(skb, 0); 215 segs = skb_gso_segment(skb, 0);
216 kfree_skb(skb); 216 kfree_skb(skb);
217 if (unlikely(IS_ERR(segs))) 217 if (IS_ERR(segs))
218 return 1; 218 return 1;
219 219
220 do { 220 do {
diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c
index 2c9fe5c12894..3447025ce068 100644
--- a/net/netfilter/nfnetlink_queue.c
+++ b/net/netfilter/nfnetlink_queue.c
@@ -454,9 +454,8 @@ nfqnl_mangle(void *data, int data_len, struct nf_queue_entry *e)
454 if (data_len > 0xFFFF) 454 if (data_len > 0xFFFF)
455 return -EINVAL; 455 return -EINVAL;
456 if (diff > skb_tailroom(e->skb)) { 456 if (diff > skb_tailroom(e->skb)) {
457 nskb = skb_copy_expand(e->skb, 0, 457 nskb = skb_copy_expand(e->skb, skb_headroom(e->skb),
458 diff - skb_tailroom(e->skb), 458 diff, GFP_ATOMIC);
459 GFP_ATOMIC);
460 if (!nskb) { 459 if (!nskb) {
461 printk(KERN_WARNING "nf_queue: OOM " 460 printk(KERN_WARNING "nf_queue: OOM "
462 "in mangle, dropping packet\n"); 461 "in mangle, dropping packet\n");
diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c
index f52f7f810ac4..5d75cd86ebb3 100644
--- a/net/netfilter/x_tables.c
+++ b/net/netfilter/x_tables.c
@@ -787,7 +787,7 @@ static const struct file_operations xt_table_ops = {
787 .open = xt_table_open, 787 .open = xt_table_open,
788 .read = seq_read, 788 .read = seq_read,
789 .llseek = seq_lseek, 789 .llseek = seq_lseek,
790 .release = seq_release, 790 .release = seq_release_net,
791}; 791};
792 792
793static void *xt_match_seq_start(struct seq_file *seq, loff_t *pos) 793static void *xt_match_seq_start(struct seq_file *seq, loff_t *pos)
@@ -936,25 +936,24 @@ int xt_proto_init(struct net *net, int af)
936#ifdef CONFIG_PROC_FS 936#ifdef CONFIG_PROC_FS
937 strlcpy(buf, xt_prefix[af], sizeof(buf)); 937 strlcpy(buf, xt_prefix[af], sizeof(buf));
938 strlcat(buf, FORMAT_TABLES, sizeof(buf)); 938 strlcat(buf, FORMAT_TABLES, sizeof(buf));
939 proc = proc_net_fops_create(net, buf, 0440, &xt_table_ops); 939 proc = proc_create_data(buf, 0440, net->proc_net, &xt_table_ops,
940 (void *)(unsigned long)af);
940 if (!proc) 941 if (!proc)
941 goto out; 942 goto out;
942 proc->data = (void *)(unsigned long)af;
943
944 943
945 strlcpy(buf, xt_prefix[af], sizeof(buf)); 944 strlcpy(buf, xt_prefix[af], sizeof(buf));
946 strlcat(buf, FORMAT_MATCHES, sizeof(buf)); 945 strlcat(buf, FORMAT_MATCHES, sizeof(buf));
947 proc = proc_net_fops_create(net, buf, 0440, &xt_match_ops); 946 proc = proc_create_data(buf, 0440, net->proc_net, &xt_match_ops,
947 (void *)(unsigned long)af);
948 if (!proc) 948 if (!proc)
949 goto out_remove_tables; 949 goto out_remove_tables;
950 proc->data = (void *)(unsigned long)af;
951 950
952 strlcpy(buf, xt_prefix[af], sizeof(buf)); 951 strlcpy(buf, xt_prefix[af], sizeof(buf));
953 strlcat(buf, FORMAT_TARGETS, sizeof(buf)); 952 strlcat(buf, FORMAT_TARGETS, sizeof(buf));
954 proc = proc_net_fops_create(net, buf, 0440, &xt_target_ops); 953 proc = proc_create_data(buf, 0440, net->proc_net, &xt_target_ops,
954 (void *)(unsigned long)af);
955 if (!proc) 955 if (!proc)
956 goto out_remove_matches; 956 goto out_remove_matches;
957 proc->data = (void *)(unsigned long)af;
958#endif 957#endif
959 958
960 return 0; 959 return 0;
diff --git a/net/netfilter/xt_TCPOPTSTRIP.c b/net/netfilter/xt_TCPOPTSTRIP.c
index 3b2aa56833b9..9685b6fcbc81 100644
--- a/net/netfilter/xt_TCPOPTSTRIP.c
+++ b/net/netfilter/xt_TCPOPTSTRIP.c
@@ -90,7 +90,7 @@ tcpoptstrip_tg6(struct sk_buff *skb, const struct net_device *in,
90 const struct xt_target *target, const void *targinfo) 90 const struct xt_target *target, const void *targinfo)
91{ 91{
92 struct ipv6hdr *ipv6h = ipv6_hdr(skb); 92 struct ipv6hdr *ipv6h = ipv6_hdr(skb);
93 unsigned int tcphoff; 93 int tcphoff;
94 u_int8_t nexthdr; 94 u_int8_t nexthdr;
95 95
96 nexthdr = ipv6h->nexthdr; 96 nexthdr = ipv6h->nexthdr;
diff --git a/net/netfilter/xt_connbytes.c b/net/netfilter/xt_connbytes.c
index b15e7e2fa143..d7e8983cd37f 100644
--- a/net/netfilter/xt_connbytes.c
+++ b/net/netfilter/xt_connbytes.c
@@ -4,12 +4,11 @@
4#include <linux/module.h> 4#include <linux/module.h>
5#include <linux/bitops.h> 5#include <linux/bitops.h>
6#include <linux/skbuff.h> 6#include <linux/skbuff.h>
7#include <linux/math64.h>
7#include <linux/netfilter/x_tables.h> 8#include <linux/netfilter/x_tables.h>
8#include <linux/netfilter/xt_connbytes.h> 9#include <linux/netfilter/xt_connbytes.h>
9#include <net/netfilter/nf_conntrack.h> 10#include <net/netfilter/nf_conntrack.h>
10 11
11#include <asm/div64.h>
12
13MODULE_LICENSE("GPL"); 12MODULE_LICENSE("GPL");
14MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>"); 13MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>");
15MODULE_DESCRIPTION("Xtables: Number of packets/bytes per connection matching"); 14MODULE_DESCRIPTION("Xtables: Number of packets/bytes per connection matching");
@@ -82,7 +81,7 @@ connbytes_mt(const struct sk_buff *skb, const struct net_device *in,
82 break; 81 break;
83 } 82 }
84 if (pkts != 0) 83 if (pkts != 0)
85 what = div64_64(bytes, pkts); 84 what = div64_u64(bytes, pkts);
86 break; 85 break;
87 } 86 }
88 87
diff --git a/net/netfilter/xt_hashlimit.c b/net/netfilter/xt_hashlimit.c
index 40d344b21453..6809af542a2c 100644
--- a/net/netfilter/xt_hashlimit.c
+++ b/net/netfilter/xt_hashlimit.c
@@ -237,15 +237,15 @@ static int htable_create_v0(struct xt_hashlimit_info *minfo, int family)
237 hinfo->family = family; 237 hinfo->family = family;
238 hinfo->rnd_initialized = 0; 238 hinfo->rnd_initialized = 0;
239 spin_lock_init(&hinfo->lock); 239 spin_lock_init(&hinfo->lock);
240 hinfo->pde = proc_create(minfo->name, 0, 240 hinfo->pde =
241 proc_create_data(minfo->name, 0,
241 family == AF_INET ? hashlimit_procdir4 : 242 family == AF_INET ? hashlimit_procdir4 :
242 hashlimit_procdir6, 243 hashlimit_procdir6,
243 &dl_file_ops); 244 &dl_file_ops, hinfo);
244 if (!hinfo->pde) { 245 if (!hinfo->pde) {
245 vfree(hinfo); 246 vfree(hinfo);
246 return -1; 247 return -1;
247 } 248 }
248 hinfo->pde->data = hinfo;
249 249
250 setup_timer(&hinfo->timer, htable_gc, (unsigned long )hinfo); 250 setup_timer(&hinfo->timer, htable_gc, (unsigned long )hinfo);
251 hinfo->timer.expires = jiffies + msecs_to_jiffies(hinfo->cfg.gc_interval); 251 hinfo->timer.expires = jiffies + msecs_to_jiffies(hinfo->cfg.gc_interval);
@@ -301,15 +301,15 @@ static int htable_create(struct xt_hashlimit_mtinfo1 *minfo,
301 hinfo->rnd_initialized = 0; 301 hinfo->rnd_initialized = 0;
302 spin_lock_init(&hinfo->lock); 302 spin_lock_init(&hinfo->lock);
303 303
304 hinfo->pde = proc_create(minfo->name, 0, 304 hinfo->pde =
305 proc_create_data(minfo->name, 0,
305 family == AF_INET ? hashlimit_procdir4 : 306 family == AF_INET ? hashlimit_procdir4 :
306 hashlimit_procdir6, 307 hashlimit_procdir6,
307 &dl_file_ops); 308 &dl_file_ops, hinfo);
308 if (hinfo->pde == NULL) { 309 if (hinfo->pde == NULL) {
309 vfree(hinfo); 310 vfree(hinfo);
310 return -1; 311 return -1;
311 } 312 }
312 hinfo->pde->data = hinfo;
313 313
314 setup_timer(&hinfo->timer, htable_gc, (unsigned long)hinfo); 314 setup_timer(&hinfo->timer, htable_gc, (unsigned long)hinfo);
315 hinfo->timer.expires = jiffies + msecs_to_jiffies(hinfo->cfg.gc_interval); 315 hinfo->timer.expires = jiffies + msecs_to_jiffies(hinfo->cfg.gc_interval);
diff --git a/net/netlabel/netlabel_unlabeled.c b/net/netlabel/netlabel_unlabeled.c
index d282ad1570a7..0099da5b2591 100644
--- a/net/netlabel/netlabel_unlabeled.c
+++ b/net/netlabel/netlabel_unlabeled.c
@@ -1780,6 +1780,7 @@ int __init netlbl_unlabel_defconf(void)
1780 * messages so don't worry to much about these values. */ 1780 * messages so don't worry to much about these values. */
1781 security_task_getsecid(current, &audit_info.secid); 1781 security_task_getsecid(current, &audit_info.secid);
1782 audit_info.loginuid = 0; 1782 audit_info.loginuid = 0;
1783 audit_info.sessionid = 0;
1783 1784
1784 entry = kzalloc(sizeof(*entry), GFP_KERNEL); 1785 entry = kzalloc(sizeof(*entry), GFP_KERNEL);
1785 if (entry == NULL) 1786 if (entry == NULL)
diff --git a/net/netlabel/netlabel_user.c b/net/netlabel/netlabel_user.c
index b17d4203806e..68706b4e3bf8 100644
--- a/net/netlabel/netlabel_user.c
+++ b/net/netlabel/netlabel_user.c
@@ -107,7 +107,9 @@ struct audit_buffer *netlbl_audit_start_common(int type,
107 if (audit_buf == NULL) 107 if (audit_buf == NULL)
108 return NULL; 108 return NULL;
109 109
110 audit_log_format(audit_buf, "netlabel: auid=%u", audit_info->loginuid); 110 audit_log_format(audit_buf, "netlabel: auid=%u ses=%u",
111 audit_info->loginuid,
112 audit_info->sessionid);
111 113
112 if (audit_info->secid != 0 && 114 if (audit_info->secid != 0 &&
113 security_secid_to_secctx(audit_info->secid, 115 security_secid_to_secctx(audit_info->secid,
diff --git a/net/netlabel/netlabel_user.h b/net/netlabel/netlabel_user.h
index 6d7f4ab46c2b..6caef8b20611 100644
--- a/net/netlabel/netlabel_user.h
+++ b/net/netlabel/netlabel_user.h
@@ -51,6 +51,7 @@ static inline void netlbl_netlink_auditinfo(struct sk_buff *skb,
51{ 51{
52 audit_info->secid = NETLINK_CB(skb).sid; 52 audit_info->secid = NETLINK_CB(skb).sid;
53 audit_info->loginuid = NETLINK_CB(skb).loginuid; 53 audit_info->loginuid = NETLINK_CB(skb).loginuid;
54 audit_info->sessionid = NETLINK_CB(skb).sessionid;
54} 55}
55 56
56/* NetLabel NETLINK I/O functions */ 57/* NetLabel NETLINK I/O functions */
diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
index 46f3e44bb83a..9b97f8006c9c 100644
--- a/net/netlink/af_netlink.c
+++ b/net/netlink/af_netlink.c
@@ -1248,6 +1248,7 @@ static int netlink_sendmsg(struct kiocb *kiocb, struct socket *sock,
1248 NETLINK_CB(skb).pid = nlk->pid; 1248 NETLINK_CB(skb).pid = nlk->pid;
1249 NETLINK_CB(skb).dst_group = dst_group; 1249 NETLINK_CB(skb).dst_group = dst_group;
1250 NETLINK_CB(skb).loginuid = audit_get_loginuid(current); 1250 NETLINK_CB(skb).loginuid = audit_get_loginuid(current);
1251 NETLINK_CB(skb).sessionid = audit_get_sessionid(current);
1251 security_task_getsecid(current, &(NETLINK_CB(skb).sid)); 1252 security_task_getsecid(current, &(NETLINK_CB(skb).sid));
1252 memcpy(NETLINK_CREDS(skb), &siocb->scm->creds, sizeof(struct ucred)); 1253 memcpy(NETLINK_CREDS(skb), &siocb->scm->creds, sizeof(struct ucred));
1253 1254
diff --git a/net/rose/rose_route.c b/net/rose/rose_route.c
index fb9359fb2358..bd593871c81e 100644
--- a/net/rose/rose_route.c
+++ b/net/rose/rose_route.c
@@ -857,7 +857,6 @@ int rose_route_frame(struct sk_buff *skb, ax25_cb *ax25)
857 src_addr = (rose_address *)(skb->data + 9); 857 src_addr = (rose_address *)(skb->data + 9);
858 dest_addr = (rose_address *)(skb->data + 4); 858 dest_addr = (rose_address *)(skb->data + 4);
859 859
860 spin_lock_bh(&rose_node_list_lock);
861 spin_lock_bh(&rose_neigh_list_lock); 860 spin_lock_bh(&rose_neigh_list_lock);
862 spin_lock_bh(&rose_route_list_lock); 861 spin_lock_bh(&rose_route_list_lock);
863 862
@@ -1060,7 +1059,6 @@ int rose_route_frame(struct sk_buff *skb, ax25_cb *ax25)
1060out: 1059out:
1061 spin_unlock_bh(&rose_route_list_lock); 1060 spin_unlock_bh(&rose_route_list_lock);
1062 spin_unlock_bh(&rose_neigh_list_lock); 1061 spin_unlock_bh(&rose_neigh_list_lock);
1063 spin_unlock_bh(&rose_node_list_lock);
1064 1062
1065 return res; 1063 return res;
1066} 1064}
@@ -1068,12 +1066,12 @@ out:
1068#ifdef CONFIG_PROC_FS 1066#ifdef CONFIG_PROC_FS
1069 1067
1070static void *rose_node_start(struct seq_file *seq, loff_t *pos) 1068static void *rose_node_start(struct seq_file *seq, loff_t *pos)
1071 __acquires(rose_neigh_list_lock) 1069 __acquires(rose_node_list_lock)
1072{ 1070{
1073 struct rose_node *rose_node; 1071 struct rose_node *rose_node;
1074 int i = 1; 1072 int i = 1;
1075 1073
1076 spin_lock_bh(&rose_neigh_list_lock); 1074 spin_lock_bh(&rose_node_list_lock);
1077 if (*pos == 0) 1075 if (*pos == 0)
1078 return SEQ_START_TOKEN; 1076 return SEQ_START_TOKEN;
1079 1077
@@ -1092,9 +1090,9 @@ static void *rose_node_next(struct seq_file *seq, void *v, loff_t *pos)
1092} 1090}
1093 1091
1094static void rose_node_stop(struct seq_file *seq, void *v) 1092static void rose_node_stop(struct seq_file *seq, void *v)
1095 __releases(rose_neigh_list_lock) 1093 __releases(rose_node_list_lock)
1096{ 1094{
1097 spin_unlock_bh(&rose_neigh_list_lock); 1095 spin_unlock_bh(&rose_node_list_lock);
1098} 1096}
1099 1097
1100static int rose_node_show(struct seq_file *seq, void *v) 1098static int rose_node_show(struct seq_file *seq, void *v)
diff --git a/net/rxrpc/ar-transport.c b/net/rxrpc/ar-transport.c
index bb282a6a19f0..64069c8769a5 100644
--- a/net/rxrpc/ar-transport.c
+++ b/net/rxrpc/ar-transport.c
@@ -184,12 +184,13 @@ void rxrpc_put_transport(struct rxrpc_transport *trans)
184 ASSERTCMP(atomic_read(&trans->usage), >, 0); 184 ASSERTCMP(atomic_read(&trans->usage), >, 0);
185 185
186 trans->put_time = get_seconds(); 186 trans->put_time = get_seconds();
187 if (unlikely(atomic_dec_and_test(&trans->usage))) 187 if (unlikely(atomic_dec_and_test(&trans->usage))) {
188 _debug("zombie"); 188 _debug("zombie");
189 /* let the reaper determine the timeout to avoid a race with 189 /* let the reaper determine the timeout to avoid a race with
190 * overextending the timeout if the reaper is running at the 190 * overextending the timeout if the reaper is running at the
191 * same time */ 191 * same time */
192 rxrpc_queue_delayed_work(&rxrpc_transport_reap, 0); 192 rxrpc_queue_delayed_work(&rxrpc_transport_reap, 0);
193 }
193 _leave(""); 194 _leave("");
194} 195}
195 196
diff --git a/net/rxrpc/rxkad.c b/net/rxrpc/rxkad.c
index 6d38a81b336d..ba3f6e49fddc 100644
--- a/net/rxrpc/rxkad.c
+++ b/net/rxrpc/rxkad.c
@@ -493,8 +493,8 @@ static int rxkad_verify_packet(const struct rxrpc_call *call,
493 __be32 x[2]; 493 __be32 x[2];
494 } tmpbuf __attribute__((aligned(8))); /* must all be in same page */ 494 } tmpbuf __attribute__((aligned(8))); /* must all be in same page */
495 __be32 x; 495 __be32 x;
496 u16 y;
497 __be16 cksum; 496 __be16 cksum;
497 u32 y;
498 int ret; 498 int ret;
499 499
500 sp = rxrpc_skb(skb); 500 sp = rxrpc_skb(skb);
diff --git a/net/sched/sch_generic.c b/net/sched/sch_generic.c
index b741618e4d54..d355e5e47fe3 100644
--- a/net/sched/sch_generic.c
+++ b/net/sched/sch_generic.c
@@ -219,6 +219,7 @@ static void dev_watchdog(unsigned long arg)
219 printk(KERN_INFO "NETDEV WATCHDOG: %s: transmit timed out\n", 219 printk(KERN_INFO "NETDEV WATCHDOG: %s: transmit timed out\n",
220 dev->name); 220 dev->name);
221 dev->tx_timeout(dev); 221 dev->tx_timeout(dev);
222 WARN_ON_ONCE(1);
222 } 223 }
223 if (!mod_timer(&dev->watchdog_timer, round_jiffies(jiffies + dev->watchdog_timeo))) 224 if (!mod_timer(&dev->watchdog_timer, round_jiffies(jiffies + dev->watchdog_timeo)))
224 dev_hold(dev); 225 dev_hold(dev);
diff --git a/net/sched/sch_sfq.c b/net/sched/sch_sfq.c
index a20e2ef7704b..f0463d757a98 100644
--- a/net/sched/sch_sfq.c
+++ b/net/sched/sch_sfq.c
@@ -521,7 +521,8 @@ static void sfq_destroy(struct Qdisc *sch)
521 struct sfq_sched_data *q = qdisc_priv(sch); 521 struct sfq_sched_data *q = qdisc_priv(sch);
522 522
523 tcf_destroy_chain(q->filter_list); 523 tcf_destroy_chain(q->filter_list);
524 del_timer(&q->perturb_timer); 524 q->perturb_period = 0;
525 del_timer_sync(&q->perturb_timer);
525} 526}
526 527
527static int sfq_dump(struct Qdisc *sch, struct sk_buff *skb) 528static int sfq_dump(struct Qdisc *sch, struct sk_buff *skb)
diff --git a/net/sctp/objcnt.c b/net/sctp/objcnt.c
index cfeb07ea1b04..f73ec0ea93ba 100644
--- a/net/sctp/objcnt.c
+++ b/net/sctp/objcnt.c
@@ -83,13 +83,12 @@ static sctp_dbg_objcnt_entry_t sctp_dbg_objcnt[] = {
83 */ 83 */
84static int sctp_objcnt_seq_show(struct seq_file *seq, void *v) 84static int sctp_objcnt_seq_show(struct seq_file *seq, void *v)
85{ 85{
86 int i; 86 int i, len;
87 char temp[128];
88 87
89 i = (int)*(loff_t *)v; 88 i = (int)*(loff_t *)v;
90 sprintf(temp, "%s: %d", sctp_dbg_objcnt[i].label, 89 seq_printf(seq, "%s: %d%n", sctp_dbg_objcnt[i].label,
91 atomic_read(sctp_dbg_objcnt[i].counter)); 90 atomic_read(sctp_dbg_objcnt[i].counter), &len);
92 seq_printf(seq, "%-127s\n", temp); 91 seq_printf(seq, "%*s\n", 127 - len, "");
93 return 0; 92 return 0;
94} 93}
95 94
diff --git a/net/socket.c b/net/socket.c
index 9b5c917f8a6b..66c4a8cf6db9 100644
--- a/net/socket.c
+++ b/net/socket.c
@@ -2327,9 +2327,6 @@ int kernel_sock_shutdown(struct socket *sock, enum sock_shutdown_cmd how)
2327 return sock->ops->shutdown(sock, how); 2327 return sock->ops->shutdown(sock, how);
2328} 2328}
2329 2329
2330/* ABI emulation layers need these two */
2331EXPORT_SYMBOL(move_addr_to_kernel);
2332EXPORT_SYMBOL(move_addr_to_user);
2333EXPORT_SYMBOL(sock_create); 2330EXPORT_SYMBOL(sock_create);
2334EXPORT_SYMBOL(sock_create_kern); 2331EXPORT_SYMBOL(sock_create_kern);
2335EXPORT_SYMBOL(sock_create_lite); 2332EXPORT_SYMBOL(sock_create_lite);
diff --git a/net/sunrpc/Makefile b/net/sunrpc/Makefile
index 92e1dbe50947..5369aa369b35 100644
--- a/net/sunrpc/Makefile
+++ b/net/sunrpc/Makefile
@@ -8,7 +8,7 @@ obj-$(CONFIG_SUNRPC_GSS) += auth_gss/
8obj-$(CONFIG_SUNRPC_XPRT_RDMA) += xprtrdma/ 8obj-$(CONFIG_SUNRPC_XPRT_RDMA) += xprtrdma/
9 9
10sunrpc-y := clnt.o xprt.o socklib.o xprtsock.o sched.o \ 10sunrpc-y := clnt.o xprt.o socklib.o xprtsock.o sched.o \
11 auth.o auth_null.o auth_unix.o \ 11 auth.o auth_null.o auth_unix.o auth_generic.o \
12 svc.o svcsock.o svcauth.o svcauth_unix.o \ 12 svc.o svcsock.o svcauth.o svcauth_unix.o \
13 rpcb_clnt.o timer.o xdr.o \ 13 rpcb_clnt.o timer.o xdr.o \
14 sunrpc_syms.o cache.o rpc_pipe.o \ 14 sunrpc_syms.o cache.o rpc_pipe.o \
diff --git a/net/sunrpc/auth.c b/net/sunrpc/auth.c
index eca941ce298b..6bfea9ed6869 100644
--- a/net/sunrpc/auth.c
+++ b/net/sunrpc/auth.c
@@ -11,6 +11,7 @@
11#include <linux/module.h> 11#include <linux/module.h>
12#include <linux/slab.h> 12#include <linux/slab.h>
13#include <linux/errno.h> 13#include <linux/errno.h>
14#include <linux/hash.h>
14#include <linux/sunrpc/clnt.h> 15#include <linux/sunrpc/clnt.h>
15#include <linux/spinlock.h> 16#include <linux/spinlock.h>
16 17
@@ -219,6 +220,9 @@ rpcauth_destroy_credcache(struct rpc_auth *auth)
219} 220}
220EXPORT_SYMBOL_GPL(rpcauth_destroy_credcache); 221EXPORT_SYMBOL_GPL(rpcauth_destroy_credcache);
221 222
223
224#define RPC_AUTH_EXPIRY_MORATORIUM (60 * HZ)
225
222/* 226/*
223 * Remove stale credentials. Avoid sleeping inside the loop. 227 * Remove stale credentials. Avoid sleeping inside the loop.
224 */ 228 */
@@ -227,6 +231,7 @@ rpcauth_prune_expired(struct list_head *free, int nr_to_scan)
227{ 231{
228 spinlock_t *cache_lock; 232 spinlock_t *cache_lock;
229 struct rpc_cred *cred; 233 struct rpc_cred *cred;
234 unsigned long expired = jiffies - RPC_AUTH_EXPIRY_MORATORIUM;
230 235
231 while (!list_empty(&cred_unused)) { 236 while (!list_empty(&cred_unused)) {
232 cred = list_entry(cred_unused.next, struct rpc_cred, cr_lru); 237 cred = list_entry(cred_unused.next, struct rpc_cred, cr_lru);
@@ -234,6 +239,10 @@ rpcauth_prune_expired(struct list_head *free, int nr_to_scan)
234 number_cred_unused--; 239 number_cred_unused--;
235 if (atomic_read(&cred->cr_count) != 0) 240 if (atomic_read(&cred->cr_count) != 0)
236 continue; 241 continue;
242 /* Enforce a 5 second garbage collection moratorium */
243 if (time_in_range(cred->cr_expire, expired, jiffies) &&
244 test_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags) != 0)
245 continue;
237 cache_lock = &cred->cr_auth->au_credcache->lock; 246 cache_lock = &cred->cr_auth->au_credcache->lock;
238 spin_lock(cache_lock); 247 spin_lock(cache_lock);
239 if (atomic_read(&cred->cr_count) == 0) { 248 if (atomic_read(&cred->cr_count) == 0) {
@@ -280,10 +289,9 @@ rpcauth_lookup_credcache(struct rpc_auth *auth, struct auth_cred * acred,
280 struct hlist_node *pos; 289 struct hlist_node *pos;
281 struct rpc_cred *cred = NULL, 290 struct rpc_cred *cred = NULL,
282 *entry, *new; 291 *entry, *new;
283 int nr = 0; 292 unsigned int nr;
284 293
285 if (!(flags & RPCAUTH_LOOKUP_ROOTCREDS)) 294 nr = hash_long(acred->uid, RPC_CREDCACHE_HASHBITS);
286 nr = acred->uid & RPC_CREDCACHE_MASK;
287 295
288 rcu_read_lock(); 296 rcu_read_lock();
289 hlist_for_each_entry_rcu(entry, pos, &cache->hashtable[nr], cr_hash) { 297 hlist_for_each_entry_rcu(entry, pos, &cache->hashtable[nr], cr_hash) {
@@ -356,7 +364,6 @@ rpcauth_lookupcred(struct rpc_auth *auth, int flags)
356 put_group_info(acred.group_info); 364 put_group_info(acred.group_info);
357 return ret; 365 return ret;
358} 366}
359EXPORT_SYMBOL_GPL(rpcauth_lookupcred);
360 367
361void 368void
362rpcauth_init_cred(struct rpc_cred *cred, const struct auth_cred *acred, 369rpcauth_init_cred(struct rpc_cred *cred, const struct auth_cred *acred,
@@ -375,41 +382,58 @@ rpcauth_init_cred(struct rpc_cred *cred, const struct auth_cred *acred,
375} 382}
376EXPORT_SYMBOL_GPL(rpcauth_init_cred); 383EXPORT_SYMBOL_GPL(rpcauth_init_cred);
377 384
378struct rpc_cred * 385void
379rpcauth_bindcred(struct rpc_task *task) 386rpcauth_generic_bind_cred(struct rpc_task *task, struct rpc_cred *cred)
387{
388 task->tk_msg.rpc_cred = get_rpccred(cred);
389 dprintk("RPC: %5u holding %s cred %p\n", task->tk_pid,
390 cred->cr_auth->au_ops->au_name, cred);
391}
392EXPORT_SYMBOL_GPL(rpcauth_generic_bind_cred);
393
394static void
395rpcauth_bind_root_cred(struct rpc_task *task)
380{ 396{
381 struct rpc_auth *auth = task->tk_client->cl_auth; 397 struct rpc_auth *auth = task->tk_client->cl_auth;
382 struct auth_cred acred = { 398 struct auth_cred acred = {
383 .uid = current->fsuid, 399 .uid = 0,
384 .gid = current->fsgid, 400 .gid = 0,
385 .group_info = current->group_info,
386 }; 401 };
387 struct rpc_cred *ret; 402 struct rpc_cred *ret;
388 int flags = 0;
389 403
390 dprintk("RPC: %5u looking up %s cred\n", 404 dprintk("RPC: %5u looking up %s cred\n",
391 task->tk_pid, task->tk_client->cl_auth->au_ops->au_name); 405 task->tk_pid, task->tk_client->cl_auth->au_ops->au_name);
392 get_group_info(acred.group_info); 406 ret = auth->au_ops->lookup_cred(auth, &acred, 0);
393 if (task->tk_flags & RPC_TASK_ROOTCREDS) 407 if (!IS_ERR(ret))
394 flags |= RPCAUTH_LOOKUP_ROOTCREDS; 408 task->tk_msg.rpc_cred = ret;
395 ret = auth->au_ops->lookup_cred(auth, &acred, flags); 409 else
410 task->tk_status = PTR_ERR(ret);
411}
412
413static void
414rpcauth_bind_new_cred(struct rpc_task *task)
415{
416 struct rpc_auth *auth = task->tk_client->cl_auth;
417 struct rpc_cred *ret;
418
419 dprintk("RPC: %5u looking up %s cred\n",
420 task->tk_pid, auth->au_ops->au_name);
421 ret = rpcauth_lookupcred(auth, 0);
396 if (!IS_ERR(ret)) 422 if (!IS_ERR(ret))
397 task->tk_msg.rpc_cred = ret; 423 task->tk_msg.rpc_cred = ret;
398 else 424 else
399 task->tk_status = PTR_ERR(ret); 425 task->tk_status = PTR_ERR(ret);
400 put_group_info(acred.group_info);
401 return ret;
402} 426}
403 427
404void 428void
405rpcauth_holdcred(struct rpc_task *task) 429rpcauth_bindcred(struct rpc_task *task, struct rpc_cred *cred, int flags)
406{ 430{
407 struct rpc_cred *cred = task->tk_msg.rpc_cred; 431 if (cred != NULL)
408 if (cred != NULL) { 432 cred->cr_ops->crbind(task, cred);
409 get_rpccred(cred); 433 else if (flags & RPC_TASK_ROOTCREDS)
410 dprintk("RPC: %5u holding %s cred %p\n", task->tk_pid, 434 rpcauth_bind_root_cred(task);
411 cred->cr_auth->au_ops->au_name, cred); 435 else
412 } 436 rpcauth_bind_new_cred(task);
413} 437}
414 438
415void 439void
@@ -550,6 +574,7 @@ static struct shrinker rpc_cred_shrinker = {
550void __init rpcauth_init_module(void) 574void __init rpcauth_init_module(void)
551{ 575{
552 rpc_init_authunix(); 576 rpc_init_authunix();
577 rpc_init_generic_auth();
553 register_shrinker(&rpc_cred_shrinker); 578 register_shrinker(&rpc_cred_shrinker);
554} 579}
555 580
diff --git a/net/sunrpc/auth_generic.c b/net/sunrpc/auth_generic.c
new file mode 100644
index 000000000000..d927d9f57412
--- /dev/null
+++ b/net/sunrpc/auth_generic.c
@@ -0,0 +1,177 @@
1/*
2 * Generic RPC credential
3 *
4 * Copyright (C) 2008, Trond Myklebust <Trond.Myklebust@netapp.com>
5 */
6
7#include <linux/err.h>
8#include <linux/types.h>
9#include <linux/module.h>
10#include <linux/sched.h>
11#include <linux/sunrpc/auth.h>
12#include <linux/sunrpc/clnt.h>
13#include <linux/sunrpc/debug.h>
14#include <linux/sunrpc/sched.h>
15
16#ifdef RPC_DEBUG
17# define RPCDBG_FACILITY RPCDBG_AUTH
18#endif
19
20#define RPC_ANONYMOUS_USERID ((uid_t)-2)
21#define RPC_ANONYMOUS_GROUPID ((gid_t)-2)
22
23struct generic_cred {
24 struct rpc_cred gc_base;
25 struct auth_cred acred;
26};
27
28static struct rpc_auth generic_auth;
29static struct rpc_cred_cache generic_cred_cache;
30static const struct rpc_credops generic_credops;
31
32/*
33 * Public call interface
34 */
35struct rpc_cred *rpc_lookup_cred(void)
36{
37 return rpcauth_lookupcred(&generic_auth, 0);
38}
39EXPORT_SYMBOL_GPL(rpc_lookup_cred);
40
41/*
42 * Public call interface for looking up machine creds.
43 */
44struct rpc_cred *rpc_lookup_machine_cred(void)
45{
46 struct auth_cred acred = {
47 .uid = RPC_ANONYMOUS_USERID,
48 .gid = RPC_ANONYMOUS_GROUPID,
49 .machine_cred = 1,
50 };
51
52 dprintk("RPC: looking up machine cred\n");
53 return generic_auth.au_ops->lookup_cred(&generic_auth, &acred, 0);
54}
55EXPORT_SYMBOL_GPL(rpc_lookup_machine_cred);
56
57static void
58generic_bind_cred(struct rpc_task *task, struct rpc_cred *cred)
59{
60 struct rpc_auth *auth = task->tk_client->cl_auth;
61 struct auth_cred *acred = &container_of(cred, struct generic_cred, gc_base)->acred;
62 struct rpc_cred *ret;
63
64 ret = auth->au_ops->lookup_cred(auth, acred, 0);
65 if (!IS_ERR(ret))
66 task->tk_msg.rpc_cred = ret;
67 else
68 task->tk_status = PTR_ERR(ret);
69}
70
71/*
72 * Lookup generic creds for current process
73 */
74static struct rpc_cred *
75generic_lookup_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags)
76{
77 return rpcauth_lookup_credcache(&generic_auth, acred, flags);
78}
79
80static struct rpc_cred *
81generic_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags)
82{
83 struct generic_cred *gcred;
84
85 gcred = kmalloc(sizeof(*gcred), GFP_KERNEL);
86 if (gcred == NULL)
87 return ERR_PTR(-ENOMEM);
88
89 rpcauth_init_cred(&gcred->gc_base, acred, &generic_auth, &generic_credops);
90 gcred->gc_base.cr_flags = 1UL << RPCAUTH_CRED_UPTODATE;
91
92 gcred->acred.uid = acred->uid;
93 gcred->acred.gid = acred->gid;
94 gcred->acred.group_info = acred->group_info;
95 if (gcred->acred.group_info != NULL)
96 get_group_info(gcred->acred.group_info);
97 gcred->acred.machine_cred = acred->machine_cred;
98
99 dprintk("RPC: allocated %s cred %p for uid %d gid %d\n",
100 gcred->acred.machine_cred ? "machine" : "generic",
101 gcred, acred->uid, acred->gid);
102 return &gcred->gc_base;
103}
104
105static void
106generic_free_cred(struct rpc_cred *cred)
107{
108 struct generic_cred *gcred = container_of(cred, struct generic_cred, gc_base);
109
110 dprintk("RPC: generic_free_cred %p\n", gcred);
111 if (gcred->acred.group_info != NULL)
112 put_group_info(gcred->acred.group_info);
113 kfree(gcred);
114}
115
116static void
117generic_free_cred_callback(struct rcu_head *head)
118{
119 struct rpc_cred *cred = container_of(head, struct rpc_cred, cr_rcu);
120 generic_free_cred(cred);
121}
122
123static void
124generic_destroy_cred(struct rpc_cred *cred)
125{
126 call_rcu(&cred->cr_rcu, generic_free_cred_callback);
127}
128
129/*
130 * Match credentials against current process creds.
131 */
132static int
133generic_match(struct auth_cred *acred, struct rpc_cred *cred, int flags)
134{
135 struct generic_cred *gcred = container_of(cred, struct generic_cred, gc_base);
136
137 if (gcred->acred.uid != acred->uid ||
138 gcred->acred.gid != acred->gid ||
139 gcred->acred.group_info != acred->group_info ||
140 gcred->acred.machine_cred != acred->machine_cred)
141 return 0;
142 return 1;
143}
144
145void __init rpc_init_generic_auth(void)
146{
147 spin_lock_init(&generic_cred_cache.lock);
148}
149
150void __exit rpc_destroy_generic_auth(void)
151{
152 rpcauth_clear_credcache(&generic_cred_cache);
153}
154
155static struct rpc_cred_cache generic_cred_cache = {
156 {{ NULL, },},
157};
158
159static const struct rpc_authops generic_auth_ops = {
160 .owner = THIS_MODULE,
161 .au_name = "Generic",
162 .lookup_cred = generic_lookup_cred,
163 .crcreate = generic_create_cred,
164};
165
166static struct rpc_auth generic_auth = {
167 .au_ops = &generic_auth_ops,
168 .au_count = ATOMIC_INIT(0),
169 .au_credcache = &generic_cred_cache,
170};
171
172static const struct rpc_credops generic_credops = {
173 .cr_name = "Generic cred",
174 .crdestroy = generic_destroy_cred,
175 .crbind = generic_bind_cred,
176 .crmatch = generic_match,
177};
diff --git a/net/sunrpc/auth_gss/auth_gss.c b/net/sunrpc/auth_gss/auth_gss.c
index 5828e5c060ca..cc12d5f5d5da 100644
--- a/net/sunrpc/auth_gss/auth_gss.c
+++ b/net/sunrpc/auth_gss/auth_gss.c
@@ -114,27 +114,14 @@ static void
114gss_cred_set_ctx(struct rpc_cred *cred, struct gss_cl_ctx *ctx) 114gss_cred_set_ctx(struct rpc_cred *cred, struct gss_cl_ctx *ctx)
115{ 115{
116 struct gss_cred *gss_cred = container_of(cred, struct gss_cred, gc_base); 116 struct gss_cred *gss_cred = container_of(cred, struct gss_cred, gc_base);
117 struct gss_cl_ctx *old;
118 117
119 old = gss_cred->gc_ctx; 118 if (!test_bit(RPCAUTH_CRED_NEW, &cred->cr_flags))
119 return;
120 gss_get_ctx(ctx);
120 rcu_assign_pointer(gss_cred->gc_ctx, ctx); 121 rcu_assign_pointer(gss_cred->gc_ctx, ctx);
121 set_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags); 122 set_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags);
123 smp_mb__before_clear_bit();
122 clear_bit(RPCAUTH_CRED_NEW, &cred->cr_flags); 124 clear_bit(RPCAUTH_CRED_NEW, &cred->cr_flags);
123 if (old)
124 gss_put_ctx(old);
125}
126
127static int
128gss_cred_is_uptodate_ctx(struct rpc_cred *cred)
129{
130 struct gss_cred *gss_cred = container_of(cred, struct gss_cred, gc_base);
131 int res = 0;
132
133 rcu_read_lock();
134 if (test_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags) && gss_cred->gc_ctx)
135 res = 1;
136 rcu_read_unlock();
137 return res;
138} 125}
139 126
140static const void * 127static const void *
@@ -266,6 +253,7 @@ gss_release_msg(struct gss_upcall_msg *gss_msg)
266 BUG_ON(!list_empty(&gss_msg->list)); 253 BUG_ON(!list_empty(&gss_msg->list));
267 if (gss_msg->ctx != NULL) 254 if (gss_msg->ctx != NULL)
268 gss_put_ctx(gss_msg->ctx); 255 gss_put_ctx(gss_msg->ctx);
256 rpc_destroy_wait_queue(&gss_msg->rpc_waitqueue);
269 kfree(gss_msg); 257 kfree(gss_msg);
270} 258}
271 259
@@ -339,7 +327,7 @@ gss_upcall_callback(struct rpc_task *task)
339 327
340 spin_lock(&inode->i_lock); 328 spin_lock(&inode->i_lock);
341 if (gss_msg->ctx) 329 if (gss_msg->ctx)
342 gss_cred_set_ctx(task->tk_msg.rpc_cred, gss_get_ctx(gss_msg->ctx)); 330 gss_cred_set_ctx(task->tk_msg.rpc_cred, gss_msg->ctx);
343 else 331 else
344 task->tk_status = gss_msg->msg.errno; 332 task->tk_status = gss_msg->msg.errno;
345 gss_cred->gc_upcall = NULL; 333 gss_cred->gc_upcall = NULL;
@@ -370,9 +358,16 @@ gss_alloc_msg(struct gss_auth *gss_auth, uid_t uid)
370static struct gss_upcall_msg * 358static struct gss_upcall_msg *
371gss_setup_upcall(struct rpc_clnt *clnt, struct gss_auth *gss_auth, struct rpc_cred *cred) 359gss_setup_upcall(struct rpc_clnt *clnt, struct gss_auth *gss_auth, struct rpc_cred *cred)
372{ 360{
361 struct gss_cred *gss_cred = container_of(cred,
362 struct gss_cred, gc_base);
373 struct gss_upcall_msg *gss_new, *gss_msg; 363 struct gss_upcall_msg *gss_new, *gss_msg;
364 uid_t uid = cred->cr_uid;
374 365
375 gss_new = gss_alloc_msg(gss_auth, cred->cr_uid); 366 /* Special case: rpc.gssd assumes that uid == 0 implies machine creds */
367 if (gss_cred->gc_machine_cred != 0)
368 uid = 0;
369
370 gss_new = gss_alloc_msg(gss_auth, uid);
376 if (gss_new == NULL) 371 if (gss_new == NULL)
377 return ERR_PTR(-ENOMEM); 372 return ERR_PTR(-ENOMEM);
378 gss_msg = gss_add_msg(gss_auth, gss_new); 373 gss_msg = gss_add_msg(gss_auth, gss_new);
@@ -408,13 +403,17 @@ gss_refresh_upcall(struct rpc_task *task)
408 } 403 }
409 spin_lock(&inode->i_lock); 404 spin_lock(&inode->i_lock);
410 if (gss_cred->gc_upcall != NULL) 405 if (gss_cred->gc_upcall != NULL)
411 rpc_sleep_on(&gss_cred->gc_upcall->rpc_waitqueue, task, NULL, NULL); 406 rpc_sleep_on(&gss_cred->gc_upcall->rpc_waitqueue, task, NULL);
412 else if (gss_msg->ctx == NULL && gss_msg->msg.errno >= 0) { 407 else if (gss_msg->ctx != NULL) {
408 gss_cred_set_ctx(task->tk_msg.rpc_cred, gss_msg->ctx);
409 gss_cred->gc_upcall = NULL;
410 rpc_wake_up_status(&gss_msg->rpc_waitqueue, gss_msg->msg.errno);
411 } else if (gss_msg->msg.errno >= 0) {
413 task->tk_timeout = 0; 412 task->tk_timeout = 0;
414 gss_cred->gc_upcall = gss_msg; 413 gss_cred->gc_upcall = gss_msg;
415 /* gss_upcall_callback will release the reference to gss_upcall_msg */ 414 /* gss_upcall_callback will release the reference to gss_upcall_msg */
416 atomic_inc(&gss_msg->count); 415 atomic_inc(&gss_msg->count);
417 rpc_sleep_on(&gss_msg->rpc_waitqueue, task, gss_upcall_callback, NULL); 416 rpc_sleep_on(&gss_msg->rpc_waitqueue, task, gss_upcall_callback);
418 } else 417 } else
419 err = gss_msg->msg.errno; 418 err = gss_msg->msg.errno;
420 spin_unlock(&inode->i_lock); 419 spin_unlock(&inode->i_lock);
@@ -454,7 +453,7 @@ gss_create_upcall(struct gss_auth *gss_auth, struct gss_cred *gss_cred)
454 schedule(); 453 schedule();
455 } 454 }
456 if (gss_msg->ctx) 455 if (gss_msg->ctx)
457 gss_cred_set_ctx(cred, gss_get_ctx(gss_msg->ctx)); 456 gss_cred_set_ctx(cred, gss_msg->ctx);
458 else 457 else
459 err = gss_msg->msg.errno; 458 err = gss_msg->msg.errno;
460 spin_unlock(&inode->i_lock); 459 spin_unlock(&inode->i_lock);
@@ -709,7 +708,7 @@ gss_destroying_context(struct rpc_cred *cred)
709 struct rpc_task *task; 708 struct rpc_task *task;
710 709
711 if (gss_cred->gc_ctx == NULL || 710 if (gss_cred->gc_ctx == NULL ||
712 gss_cred->gc_ctx->gc_proc == RPC_GSS_PROC_DESTROY) 711 test_and_clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags) == 0)
713 return 0; 712 return 0;
714 713
715 gss_cred->gc_ctx->gc_proc = RPC_GSS_PROC_DESTROY; 714 gss_cred->gc_ctx->gc_proc = RPC_GSS_PROC_DESTROY;
@@ -719,7 +718,7 @@ gss_destroying_context(struct rpc_cred *cred)
719 * by the RPC call or by the put_rpccred() below */ 718 * by the RPC call or by the put_rpccred() below */
720 get_rpccred(cred); 719 get_rpccred(cred);
721 720
722 task = rpc_call_null(gss_auth->client, cred, RPC_TASK_ASYNC); 721 task = rpc_call_null(gss_auth->client, cred, RPC_TASK_ASYNC|RPC_TASK_SOFT);
723 if (!IS_ERR(task)) 722 if (!IS_ERR(task))
724 rpc_put_task(task); 723 rpc_put_task(task);
725 724
@@ -817,6 +816,7 @@ gss_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags)
817 */ 816 */
818 cred->gc_base.cr_flags = 1UL << RPCAUTH_CRED_NEW; 817 cred->gc_base.cr_flags = 1UL << RPCAUTH_CRED_NEW;
819 cred->gc_service = gss_auth->service; 818 cred->gc_service = gss_auth->service;
819 cred->gc_machine_cred = acred->machine_cred;
820 kref_get(&gss_auth->kref); 820 kref_get(&gss_auth->kref);
821 return &cred->gc_base; 821 return &cred->gc_base;
822 822
@@ -843,17 +843,16 @@ gss_match(struct auth_cred *acred, struct rpc_cred *rc, int flags)
843{ 843{
844 struct gss_cred *gss_cred = container_of(rc, struct gss_cred, gc_base); 844 struct gss_cred *gss_cred = container_of(rc, struct gss_cred, gc_base);
845 845
846 /* 846 if (test_bit(RPCAUTH_CRED_NEW, &rc->cr_flags))
847 * If the searchflags have set RPCAUTH_LOOKUP_NEW, then
848 * we don't really care if the credential has expired or not,
849 * since the caller should be prepared to reinitialise it.
850 */
851 if ((flags & RPCAUTH_LOOKUP_NEW) && test_bit(RPCAUTH_CRED_NEW, &rc->cr_flags))
852 goto out; 847 goto out;
853 /* Don't match with creds that have expired. */ 848 /* Don't match with creds that have expired. */
854 if (gss_cred->gc_ctx && time_after(jiffies, gss_cred->gc_ctx->gc_expiry)) 849 if (time_after(jiffies, gss_cred->gc_ctx->gc_expiry))
850 return 0;
851 if (!test_bit(RPCAUTH_CRED_UPTODATE, &rc->cr_flags))
855 return 0; 852 return 0;
856out: 853out:
854 if (acred->machine_cred != gss_cred->gc_machine_cred)
855 return 0;
857 return (rc->cr_uid == acred->uid); 856 return (rc->cr_uid == acred->uid);
858} 857}
859 858
@@ -917,16 +916,48 @@ out_put_ctx:
917 return NULL; 916 return NULL;
918} 917}
919 918
919static int gss_renew_cred(struct rpc_task *task)
920{
921 struct rpc_cred *oldcred = task->tk_msg.rpc_cred;
922 struct gss_cred *gss_cred = container_of(oldcred,
923 struct gss_cred,
924 gc_base);
925 struct rpc_auth *auth = oldcred->cr_auth;
926 struct auth_cred acred = {
927 .uid = oldcred->cr_uid,
928 .machine_cred = gss_cred->gc_machine_cred,
929 };
930 struct rpc_cred *new;
931
932 new = gss_lookup_cred(auth, &acred, RPCAUTH_LOOKUP_NEW);
933 if (IS_ERR(new))
934 return PTR_ERR(new);
935 task->tk_msg.rpc_cred = new;
936 put_rpccred(oldcred);
937 return 0;
938}
939
920/* 940/*
921* Refresh credentials. XXX - finish 941* Refresh credentials. XXX - finish
922*/ 942*/
923static int 943static int
924gss_refresh(struct rpc_task *task) 944gss_refresh(struct rpc_task *task)
925{ 945{
946 struct rpc_cred *cred = task->tk_msg.rpc_cred;
947 int ret = 0;
948
949 if (!test_bit(RPCAUTH_CRED_NEW, &cred->cr_flags) &&
950 !test_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags)) {
951 ret = gss_renew_cred(task);
952 if (ret < 0)
953 goto out;
954 cred = task->tk_msg.rpc_cred;
955 }
926 956
927 if (!gss_cred_is_uptodate_ctx(task->tk_msg.rpc_cred)) 957 if (test_bit(RPCAUTH_CRED_NEW, &cred->cr_flags))
928 return gss_refresh_upcall(task); 958 ret = gss_refresh_upcall(task);
929 return 0; 959out:
960 return ret;
930} 961}
931 962
932/* Dummy refresh routine: used only when destroying the context */ 963/* Dummy refresh routine: used only when destroying the context */
@@ -1286,9 +1317,7 @@ out:
1286static const struct rpc_authops authgss_ops = { 1317static const struct rpc_authops authgss_ops = {
1287 .owner = THIS_MODULE, 1318 .owner = THIS_MODULE,
1288 .au_flavor = RPC_AUTH_GSS, 1319 .au_flavor = RPC_AUTH_GSS,
1289#ifdef RPC_DEBUG
1290 .au_name = "RPCSEC_GSS", 1320 .au_name = "RPCSEC_GSS",
1291#endif
1292 .create = gss_create, 1321 .create = gss_create,
1293 .destroy = gss_destroy, 1322 .destroy = gss_destroy,
1294 .lookup_cred = gss_lookup_cred, 1323 .lookup_cred = gss_lookup_cred,
@@ -1299,6 +1328,7 @@ static const struct rpc_credops gss_credops = {
1299 .cr_name = "AUTH_GSS", 1328 .cr_name = "AUTH_GSS",
1300 .crdestroy = gss_destroy_cred, 1329 .crdestroy = gss_destroy_cred,
1301 .cr_init = gss_cred_init, 1330 .cr_init = gss_cred_init,
1331 .crbind = rpcauth_generic_bind_cred,
1302 .crmatch = gss_match, 1332 .crmatch = gss_match,
1303 .crmarshal = gss_marshal, 1333 .crmarshal = gss_marshal,
1304 .crrefresh = gss_refresh, 1334 .crrefresh = gss_refresh,
@@ -1310,6 +1340,7 @@ static const struct rpc_credops gss_credops = {
1310static const struct rpc_credops gss_nullops = { 1340static const struct rpc_credops gss_nullops = {
1311 .cr_name = "AUTH_GSS", 1341 .cr_name = "AUTH_GSS",
1312 .crdestroy = gss_destroy_cred, 1342 .crdestroy = gss_destroy_cred,
1343 .crbind = rpcauth_generic_bind_cred,
1313 .crmatch = gss_match, 1344 .crmatch = gss_match,
1314 .crmarshal = gss_marshal, 1345 .crmarshal = gss_marshal,
1315 .crrefresh = gss_refresh_null, 1346 .crrefresh = gss_refresh_null,
diff --git a/net/sunrpc/auth_gss/gss_generic_token.c b/net/sunrpc/auth_gss/gss_generic_token.c
index ea8c92ecdae5..d83b881685fe 100644
--- a/net/sunrpc/auth_gss/gss_generic_token.c
+++ b/net/sunrpc/auth_gss/gss_generic_token.c
@@ -148,7 +148,7 @@ int
148g_token_size(struct xdr_netobj *mech, unsigned int body_size) 148g_token_size(struct xdr_netobj *mech, unsigned int body_size)
149{ 149{
150 /* set body_size to sequence contents size */ 150 /* set body_size to sequence contents size */
151 body_size += 4 + (int) mech->len; /* NEED overflow check */ 151 body_size += 2 + (int) mech->len; /* NEED overflow check */
152 return(1 + der_length_size(body_size) + body_size); 152 return(1 + der_length_size(body_size) + body_size);
153} 153}
154 154
@@ -161,7 +161,7 @@ void
161g_make_token_header(struct xdr_netobj *mech, int body_size, unsigned char **buf) 161g_make_token_header(struct xdr_netobj *mech, int body_size, unsigned char **buf)
162{ 162{
163 *(*buf)++ = 0x60; 163 *(*buf)++ = 0x60;
164 der_write_length(buf, 4 + mech->len + body_size); 164 der_write_length(buf, 2 + mech->len + body_size);
165 *(*buf)++ = 0x06; 165 *(*buf)++ = 0x06;
166 *(*buf)++ = (unsigned char) mech->len; 166 *(*buf)++ = (unsigned char) mech->len;
167 TWRITE_STR(*buf, mech->data, ((int) mech->len)); 167 TWRITE_STR(*buf, mech->data, ((int) mech->len));
diff --git a/net/sunrpc/auth_gss/gss_krb5_crypto.c b/net/sunrpc/auth_gss/gss_krb5_crypto.c
index 0dd792338fa9..1d52308ca324 100644
--- a/net/sunrpc/auth_gss/gss_krb5_crypto.c
+++ b/net/sunrpc/auth_gss/gss_krb5_crypto.c
@@ -66,8 +66,8 @@ krb5_encrypt(
66 goto out; 66 goto out;
67 67
68 if (crypto_blkcipher_ivsize(tfm) > 16) { 68 if (crypto_blkcipher_ivsize(tfm) > 16) {
69 dprintk("RPC: gss_k5encrypt: tfm iv size to large %d\n", 69 dprintk("RPC: gss_k5encrypt: tfm iv size too large %d\n",
70 crypto_blkcipher_ivsize(tfm)); 70 crypto_blkcipher_ivsize(tfm));
71 goto out; 71 goto out;
72 } 72 }
73 73
@@ -102,7 +102,7 @@ krb5_decrypt(
102 goto out; 102 goto out;
103 103
104 if (crypto_blkcipher_ivsize(tfm) > 16) { 104 if (crypto_blkcipher_ivsize(tfm) > 16) {
105 dprintk("RPC: gss_k5decrypt: tfm iv size to large %d\n", 105 dprintk("RPC: gss_k5decrypt: tfm iv size too large %d\n",
106 crypto_blkcipher_ivsize(tfm)); 106 crypto_blkcipher_ivsize(tfm));
107 goto out; 107 goto out;
108 } 108 }
diff --git a/net/sunrpc/auth_gss/gss_krb5_seal.c b/net/sunrpc/auth_gss/gss_krb5_seal.c
index dedcbd6108f4..5f1d36dfbcf7 100644
--- a/net/sunrpc/auth_gss/gss_krb5_seal.c
+++ b/net/sunrpc/auth_gss/gss_krb5_seal.c
@@ -87,10 +87,10 @@ gss_get_mic_kerberos(struct gss_ctx *gss_ctx, struct xdr_buf *text,
87 87
88 now = get_seconds(); 88 now = get_seconds();
89 89
90 token->len = g_token_size(&ctx->mech_used, 22); 90 token->len = g_token_size(&ctx->mech_used, 24);
91 91
92 ptr = token->data; 92 ptr = token->data;
93 g_make_token_header(&ctx->mech_used, 22, &ptr); 93 g_make_token_header(&ctx->mech_used, 24, &ptr);
94 94
95 *ptr++ = (unsigned char) ((KG_TOK_MIC_MSG>>8)&0xff); 95 *ptr++ = (unsigned char) ((KG_TOK_MIC_MSG>>8)&0xff);
96 *ptr++ = (unsigned char) (KG_TOK_MIC_MSG&0xff); 96 *ptr++ = (unsigned char) (KG_TOK_MIC_MSG&0xff);
@@ -109,15 +109,14 @@ gss_get_mic_kerberos(struct gss_ctx *gss_ctx, struct xdr_buf *text,
109 md5cksum.data, md5cksum.len)) 109 md5cksum.data, md5cksum.len))
110 return GSS_S_FAILURE; 110 return GSS_S_FAILURE;
111 111
112 memcpy(krb5_hdr + 16, md5cksum.data + md5cksum.len - KRB5_CKSUM_LENGTH, 112 memcpy(krb5_hdr + 16, md5cksum.data + md5cksum.len - 8, 8);
113 KRB5_CKSUM_LENGTH);
114 113
115 spin_lock(&krb5_seq_lock); 114 spin_lock(&krb5_seq_lock);
116 seq_send = ctx->seq_send++; 115 seq_send = ctx->seq_send++;
117 spin_unlock(&krb5_seq_lock); 116 spin_unlock(&krb5_seq_lock);
118 117
119 if (krb5_make_seq_num(ctx->seq, ctx->initiate ? 0 : 0xff, 118 if (krb5_make_seq_num(ctx->seq, ctx->initiate ? 0 : 0xff,
120 ctx->seq_send, krb5_hdr + 16, krb5_hdr + 8)) 119 seq_send, krb5_hdr + 16, krb5_hdr + 8))
121 return GSS_S_FAILURE; 120 return GSS_S_FAILURE;
122 121
123 return (ctx->endtime < now) ? GSS_S_CONTEXT_EXPIRED : GSS_S_COMPLETE; 122 return (ctx->endtime < now) ? GSS_S_CONTEXT_EXPIRED : GSS_S_COMPLETE;
diff --git a/net/sunrpc/auth_gss/gss_krb5_seqnum.c b/net/sunrpc/auth_gss/gss_krb5_seqnum.c
index 43f3421f1e6a..f160be6c1a46 100644
--- a/net/sunrpc/auth_gss/gss_krb5_seqnum.c
+++ b/net/sunrpc/auth_gss/gss_krb5_seqnum.c
@@ -43,7 +43,7 @@
43s32 43s32
44krb5_make_seq_num(struct crypto_blkcipher *key, 44krb5_make_seq_num(struct crypto_blkcipher *key,
45 int direction, 45 int direction,
46 s32 seqnum, 46 u32 seqnum,
47 unsigned char *cksum, unsigned char *buf) 47 unsigned char *cksum, unsigned char *buf)
48{ 48{
49 unsigned char plain[8]; 49 unsigned char plain[8];
@@ -65,7 +65,7 @@ s32
65krb5_get_seq_num(struct crypto_blkcipher *key, 65krb5_get_seq_num(struct crypto_blkcipher *key,
66 unsigned char *cksum, 66 unsigned char *cksum,
67 unsigned char *buf, 67 unsigned char *buf,
68 int *direction, s32 * seqnum) 68 int *direction, u32 *seqnum)
69{ 69{
70 s32 code; 70 s32 code;
71 unsigned char plain[8]; 71 unsigned char plain[8];
diff --git a/net/sunrpc/auth_gss/gss_krb5_unseal.c b/net/sunrpc/auth_gss/gss_krb5_unseal.c
index e30a993466bc..d91a5d004803 100644
--- a/net/sunrpc/auth_gss/gss_krb5_unseal.c
+++ b/net/sunrpc/auth_gss/gss_krb5_unseal.c
@@ -82,7 +82,7 @@ gss_verify_mic_kerberos(struct gss_ctx *gss_ctx,
82 struct xdr_netobj md5cksum = {.len = 0, .data = cksumdata}; 82 struct xdr_netobj md5cksum = {.len = 0, .data = cksumdata};
83 s32 now; 83 s32 now;
84 int direction; 84 int direction;
85 s32 seqnum; 85 u32 seqnum;
86 unsigned char *ptr = (unsigned char *)read_token->data; 86 unsigned char *ptr = (unsigned char *)read_token->data;
87 int bodysize; 87 int bodysize;
88 88
diff --git a/net/sunrpc/auth_gss/gss_krb5_wrap.c b/net/sunrpc/auth_gss/gss_krb5_wrap.c
index 3bdc527ee64a..b00b1b426301 100644
--- a/net/sunrpc/auth_gss/gss_krb5_wrap.c
+++ b/net/sunrpc/auth_gss/gss_krb5_wrap.c
@@ -137,7 +137,7 @@ gss_wrap_kerberos(struct gss_ctx *ctx, int offset,
137 BUG_ON((buf->len - offset) % blocksize); 137 BUG_ON((buf->len - offset) % blocksize);
138 plainlen = blocksize + buf->len - offset; 138 plainlen = blocksize + buf->len - offset;
139 139
140 headlen = g_token_size(&kctx->mech_used, 22 + plainlen) - 140 headlen = g_token_size(&kctx->mech_used, 24 + plainlen) -
141 (buf->len - offset); 141 (buf->len - offset);
142 142
143 ptr = buf->head[0].iov_base + offset; 143 ptr = buf->head[0].iov_base + offset;
@@ -149,7 +149,7 @@ gss_wrap_kerberos(struct gss_ctx *ctx, int offset,
149 buf->len += headlen; 149 buf->len += headlen;
150 BUG_ON((buf->len - offset - headlen) % blocksize); 150 BUG_ON((buf->len - offset - headlen) % blocksize);
151 151
152 g_make_token_header(&kctx->mech_used, 22 + plainlen, &ptr); 152 g_make_token_header(&kctx->mech_used, 24 + plainlen, &ptr);
153 153
154 154
155 *ptr++ = (unsigned char) ((KG_TOK_WRAP_MSG>>8)&0xff); 155 *ptr++ = (unsigned char) ((KG_TOK_WRAP_MSG>>8)&0xff);
@@ -176,9 +176,7 @@ gss_wrap_kerberos(struct gss_ctx *ctx, int offset,
176 if (krb5_encrypt(kctx->seq, NULL, md5cksum.data, 176 if (krb5_encrypt(kctx->seq, NULL, md5cksum.data,
177 md5cksum.data, md5cksum.len)) 177 md5cksum.data, md5cksum.len))
178 return GSS_S_FAILURE; 178 return GSS_S_FAILURE;
179 memcpy(krb5_hdr + 16, 179 memcpy(krb5_hdr + 16, md5cksum.data + md5cksum.len - 8, 8);
180 md5cksum.data + md5cksum.len - KRB5_CKSUM_LENGTH,
181 KRB5_CKSUM_LENGTH);
182 180
183 spin_lock(&krb5_seq_lock); 181 spin_lock(&krb5_seq_lock);
184 seq_send = kctx->seq_send++; 182 seq_send = kctx->seq_send++;
diff --git a/net/sunrpc/auth_gss/gss_spkm3_seal.c b/net/sunrpc/auth_gss/gss_spkm3_seal.c
index abf17ce2e3b1..c832712f8d55 100644
--- a/net/sunrpc/auth_gss/gss_spkm3_seal.c
+++ b/net/sunrpc/auth_gss/gss_spkm3_seal.c
@@ -107,10 +107,10 @@ spkm3_make_token(struct spkm3_ctx *ctx,
107 tokenlen = 10 + ctxelen + 1 + md5elen + 1; 107 tokenlen = 10 + ctxelen + 1 + md5elen + 1;
108 108
109 /* Create token header using generic routines */ 109 /* Create token header using generic routines */
110 token->len = g_token_size(&ctx->mech_used, tokenlen); 110 token->len = g_token_size(&ctx->mech_used, tokenlen + 2);
111 111
112 ptr = token->data; 112 ptr = token->data;
113 g_make_token_header(&ctx->mech_used, tokenlen, &ptr); 113 g_make_token_header(&ctx->mech_used, tokenlen + 2, &ptr);
114 114
115 spkm3_make_mic_token(&ptr, tokenlen, &mic_hdr, &md5cksum, md5elen, md5zbit); 115 spkm3_make_mic_token(&ptr, tokenlen, &mic_hdr, &md5cksum, md5elen, md5zbit);
116 } else if (toktype == SPKM_WRAP_TOK) { /* Not Supported */ 116 } else if (toktype == SPKM_WRAP_TOK) { /* Not Supported */
diff --git a/net/sunrpc/auth_gss/svcauth_gss.c b/net/sunrpc/auth_gss/svcauth_gss.c
index 481f984e9a22..5905d56737d6 100644
--- a/net/sunrpc/auth_gss/svcauth_gss.c
+++ b/net/sunrpc/auth_gss/svcauth_gss.c
@@ -1146,7 +1146,7 @@ svcauth_gss_accept(struct svc_rqst *rqstp, __be32 *authp)
1146 case RPC_GSS_SVC_INTEGRITY: 1146 case RPC_GSS_SVC_INTEGRITY:
1147 if (unwrap_integ_data(&rqstp->rq_arg, 1147 if (unwrap_integ_data(&rqstp->rq_arg,
1148 gc->gc_seq, rsci->mechctx)) 1148 gc->gc_seq, rsci->mechctx))
1149 goto auth_err; 1149 goto garbage_args;
1150 /* placeholders for length and seq. number: */ 1150 /* placeholders for length and seq. number: */
1151 svc_putnl(resv, 0); 1151 svc_putnl(resv, 0);
1152 svc_putnl(resv, 0); 1152 svc_putnl(resv, 0);
@@ -1154,7 +1154,7 @@ svcauth_gss_accept(struct svc_rqst *rqstp, __be32 *authp)
1154 case RPC_GSS_SVC_PRIVACY: 1154 case RPC_GSS_SVC_PRIVACY:
1155 if (unwrap_priv_data(rqstp, &rqstp->rq_arg, 1155 if (unwrap_priv_data(rqstp, &rqstp->rq_arg,
1156 gc->gc_seq, rsci->mechctx)) 1156 gc->gc_seq, rsci->mechctx))
1157 goto auth_err; 1157 goto garbage_args;
1158 /* placeholders for length and seq. number: */ 1158 /* placeholders for length and seq. number: */
1159 svc_putnl(resv, 0); 1159 svc_putnl(resv, 0);
1160 svc_putnl(resv, 0); 1160 svc_putnl(resv, 0);
@@ -1169,6 +1169,11 @@ svcauth_gss_accept(struct svc_rqst *rqstp, __be32 *authp)
1169 ret = SVC_OK; 1169 ret = SVC_OK;
1170 goto out; 1170 goto out;
1171 } 1171 }
1172garbage_args:
1173 /* Restore write pointer to its original value: */
1174 xdr_ressize_check(rqstp, reject_stat);
1175 ret = SVC_GARBAGE;
1176 goto out;
1172auth_err: 1177auth_err:
1173 /* Restore write pointer to its original value: */ 1178 /* Restore write pointer to its original value: */
1174 xdr_ressize_check(rqstp, reject_stat); 1179 xdr_ressize_check(rqstp, reject_stat);
diff --git a/net/sunrpc/auth_null.c b/net/sunrpc/auth_null.c
index 537d0e8589dd..c70dd7f5258e 100644
--- a/net/sunrpc/auth_null.c
+++ b/net/sunrpc/auth_null.c
@@ -104,9 +104,7 @@ nul_validate(struct rpc_task *task, __be32 *p)
104const struct rpc_authops authnull_ops = { 104const struct rpc_authops authnull_ops = {
105 .owner = THIS_MODULE, 105 .owner = THIS_MODULE,
106 .au_flavor = RPC_AUTH_NULL, 106 .au_flavor = RPC_AUTH_NULL,
107#ifdef RPC_DEBUG
108 .au_name = "NULL", 107 .au_name = "NULL",
109#endif
110 .create = nul_create, 108 .create = nul_create,
111 .destroy = nul_destroy, 109 .destroy = nul_destroy,
112 .lookup_cred = nul_lookup_cred, 110 .lookup_cred = nul_lookup_cred,
@@ -125,6 +123,7 @@ static
125const struct rpc_credops null_credops = { 123const struct rpc_credops null_credops = {
126 .cr_name = "AUTH_NULL", 124 .cr_name = "AUTH_NULL",
127 .crdestroy = nul_destroy_cred, 125 .crdestroy = nul_destroy_cred,
126 .crbind = rpcauth_generic_bind_cred,
128 .crmatch = nul_match, 127 .crmatch = nul_match,
129 .crmarshal = nul_marshal, 128 .crmarshal = nul_marshal,
130 .crrefresh = nul_refresh, 129 .crrefresh = nul_refresh,
diff --git a/net/sunrpc/auth_unix.c b/net/sunrpc/auth_unix.c
index 5ed91e5bcee4..44920b90bdc4 100644
--- a/net/sunrpc/auth_unix.c
+++ b/net/sunrpc/auth_unix.c
@@ -60,7 +60,8 @@ static struct rpc_cred *
60unx_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags) 60unx_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags)
61{ 61{
62 struct unx_cred *cred; 62 struct unx_cred *cred;
63 int i; 63 unsigned int groups = 0;
64 unsigned int i;
64 65
65 dprintk("RPC: allocating UNIX cred for uid %d gid %d\n", 66 dprintk("RPC: allocating UNIX cred for uid %d gid %d\n",
66 acred->uid, acred->gid); 67 acred->uid, acred->gid);
@@ -70,21 +71,17 @@ unx_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags)
70 71
71 rpcauth_init_cred(&cred->uc_base, acred, auth, &unix_credops); 72 rpcauth_init_cred(&cred->uc_base, acred, auth, &unix_credops);
72 cred->uc_base.cr_flags = 1UL << RPCAUTH_CRED_UPTODATE; 73 cred->uc_base.cr_flags = 1UL << RPCAUTH_CRED_UPTODATE;
73 if (flags & RPCAUTH_LOOKUP_ROOTCREDS) { 74
74 cred->uc_uid = 0; 75 if (acred->group_info != NULL)
75 cred->uc_gid = 0; 76 groups = acred->group_info->ngroups;
76 cred->uc_gids[0] = NOGROUP; 77 if (groups > NFS_NGROUPS)
77 } else { 78 groups = NFS_NGROUPS;
78 int groups = acred->group_info->ngroups; 79
79 if (groups > NFS_NGROUPS) 80 cred->uc_gid = acred->gid;
80 groups = NFS_NGROUPS; 81 for (i = 0; i < groups; i++)
81 82 cred->uc_gids[i] = GROUP_AT(acred->group_info, i);
82 cred->uc_gid = acred->gid; 83 if (i < NFS_NGROUPS)
83 for (i = 0; i < groups; i++) 84 cred->uc_gids[i] = NOGROUP;
84 cred->uc_gids[i] = GROUP_AT(acred->group_info, i);
85 if (i < NFS_NGROUPS)
86 cred->uc_gids[i] = NOGROUP;
87 }
88 85
89 return &cred->uc_base; 86 return &cred->uc_base;
90} 87}
@@ -118,26 +115,21 @@ static int
118unx_match(struct auth_cred *acred, struct rpc_cred *rcred, int flags) 115unx_match(struct auth_cred *acred, struct rpc_cred *rcred, int flags)
119{ 116{
120 struct unx_cred *cred = container_of(rcred, struct unx_cred, uc_base); 117 struct unx_cred *cred = container_of(rcred, struct unx_cred, uc_base);
121 int i; 118 unsigned int groups = 0;
119 unsigned int i;
122 120
123 if (!(flags & RPCAUTH_LOOKUP_ROOTCREDS)) {
124 int groups;
125 121
126 if (cred->uc_uid != acred->uid 122 if (cred->uc_uid != acred->uid || cred->uc_gid != acred->gid)
127 || cred->uc_gid != acred->gid) 123 return 0;
128 return 0;
129 124
125 if (acred->group_info != NULL)
130 groups = acred->group_info->ngroups; 126 groups = acred->group_info->ngroups;
131 if (groups > NFS_NGROUPS) 127 if (groups > NFS_NGROUPS)
132 groups = NFS_NGROUPS; 128 groups = NFS_NGROUPS;
133 for (i = 0; i < groups ; i++) 129 for (i = 0; i < groups ; i++)
134 if (cred->uc_gids[i] != GROUP_AT(acred->group_info, i)) 130 if (cred->uc_gids[i] != GROUP_AT(acred->group_info, i))
135 return 0; 131 return 0;
136 return 1; 132 return 1;
137 }
138 return (cred->uc_uid == 0
139 && cred->uc_gid == 0
140 && cred->uc_gids[0] == (gid_t) NOGROUP);
141} 133}
142 134
143/* 135/*
@@ -218,9 +210,7 @@ void __init rpc_init_authunix(void)
218const struct rpc_authops authunix_ops = { 210const struct rpc_authops authunix_ops = {
219 .owner = THIS_MODULE, 211 .owner = THIS_MODULE,
220 .au_flavor = RPC_AUTH_UNIX, 212 .au_flavor = RPC_AUTH_UNIX,
221#ifdef RPC_DEBUG
222 .au_name = "UNIX", 213 .au_name = "UNIX",
223#endif
224 .create = unx_create, 214 .create = unx_create,
225 .destroy = unx_destroy, 215 .destroy = unx_destroy,
226 .lookup_cred = unx_lookup_cred, 216 .lookup_cred = unx_lookup_cred,
@@ -245,6 +235,7 @@ static
245const struct rpc_credops unix_credops = { 235const struct rpc_credops unix_credops = {
246 .cr_name = "AUTH_UNIX", 236 .cr_name = "AUTH_UNIX",
247 .crdestroy = unx_destroy_cred, 237 .crdestroy = unx_destroy_cred,
238 .crbind = rpcauth_generic_bind_cred,
248 .crmatch = unx_match, 239 .crmatch = unx_match,
249 .crmarshal = unx_marshal, 240 .crmarshal = unx_marshal,
250 .crrefresh = unx_refresh, 241 .crrefresh = unx_refresh,
diff --git a/net/sunrpc/cache.c b/net/sunrpc/cache.c
index b5f2786251b9..c9966713282a 100644
--- a/net/sunrpc/cache.c
+++ b/net/sunrpc/cache.c
@@ -316,31 +316,28 @@ static int create_cache_proc_entries(struct cache_detail *cd)
316 cd->proc_ent->owner = cd->owner; 316 cd->proc_ent->owner = cd->owner;
317 cd->channel_ent = cd->content_ent = NULL; 317 cd->channel_ent = cd->content_ent = NULL;
318 318
319 p = proc_create("flush", S_IFREG|S_IRUSR|S_IWUSR, 319 p = proc_create_data("flush", S_IFREG|S_IRUSR|S_IWUSR,
320 cd->proc_ent, &cache_flush_operations); 320 cd->proc_ent, &cache_flush_operations, cd);
321 cd->flush_ent = p; 321 cd->flush_ent = p;
322 if (p == NULL) 322 if (p == NULL)
323 goto out_nomem; 323 goto out_nomem;
324 p->owner = cd->owner; 324 p->owner = cd->owner;
325 p->data = cd;
326 325
327 if (cd->cache_request || cd->cache_parse) { 326 if (cd->cache_request || cd->cache_parse) {
328 p = proc_create("channel", S_IFREG|S_IRUSR|S_IWUSR, 327 p = proc_create_data("channel", S_IFREG|S_IRUSR|S_IWUSR,
329 cd->proc_ent, &cache_file_operations); 328 cd->proc_ent, &cache_file_operations, cd);
330 cd->channel_ent = p; 329 cd->channel_ent = p;
331 if (p == NULL) 330 if (p == NULL)
332 goto out_nomem; 331 goto out_nomem;
333 p->owner = cd->owner; 332 p->owner = cd->owner;
334 p->data = cd;
335 } 333 }
336 if (cd->cache_show) { 334 if (cd->cache_show) {
337 p = proc_create("content", S_IFREG|S_IRUSR|S_IWUSR, 335 p = proc_create_data("content", S_IFREG|S_IRUSR|S_IWUSR,
338 cd->proc_ent, &content_file_operations); 336 cd->proc_ent, &content_file_operations, cd);
339 cd->content_ent = p; 337 cd->content_ent = p;
340 if (p == NULL) 338 if (p == NULL)
341 goto out_nomem; 339 goto out_nomem;
342 p->owner = cd->owner; 340 p->owner = cd->owner;
343 p->data = cd;
344 } 341 }
345 return 0; 342 return 0;
346out_nomem: 343out_nomem:
@@ -571,7 +568,6 @@ static int cache_defer_req(struct cache_req *req, struct cache_head *item)
571 return -ETIMEDOUT; 568 return -ETIMEDOUT;
572 569
573 dreq->item = item; 570 dreq->item = item;
574 dreq->recv_time = get_seconds();
575 571
576 spin_lock(&cache_defer_lock); 572 spin_lock(&cache_defer_lock);
577 573
diff --git a/net/sunrpc/clnt.c b/net/sunrpc/clnt.c
index 7b96ff38002f..8945307556ec 100644
--- a/net/sunrpc/clnt.c
+++ b/net/sunrpc/clnt.c
@@ -544,7 +544,7 @@ EXPORT_SYMBOL_GPL(rpc_run_task);
544 * @msg: RPC call parameters 544 * @msg: RPC call parameters
545 * @flags: RPC call flags 545 * @flags: RPC call flags
546 */ 546 */
547int rpc_call_sync(struct rpc_clnt *clnt, struct rpc_message *msg, int flags) 547int rpc_call_sync(struct rpc_clnt *clnt, const struct rpc_message *msg, int flags)
548{ 548{
549 struct rpc_task *task; 549 struct rpc_task *task;
550 struct rpc_task_setup task_setup_data = { 550 struct rpc_task_setup task_setup_data = {
@@ -575,7 +575,7 @@ EXPORT_SYMBOL_GPL(rpc_call_sync);
575 * @data: user call data 575 * @data: user call data
576 */ 576 */
577int 577int
578rpc_call_async(struct rpc_clnt *clnt, struct rpc_message *msg, int flags, 578rpc_call_async(struct rpc_clnt *clnt, const struct rpc_message *msg, int flags,
579 const struct rpc_call_ops *tk_ops, void *data) 579 const struct rpc_call_ops *tk_ops, void *data)
580{ 580{
581 struct rpc_task *task; 581 struct rpc_task *task;
@@ -1062,7 +1062,7 @@ call_transmit(struct rpc_task *task)
1062 if (task->tk_msg.rpc_proc->p_decode != NULL) 1062 if (task->tk_msg.rpc_proc->p_decode != NULL)
1063 return; 1063 return;
1064 task->tk_action = rpc_exit_task; 1064 task->tk_action = rpc_exit_task;
1065 rpc_wake_up_task(task); 1065 rpc_wake_up_queued_task(&task->tk_xprt->pending, task);
1066} 1066}
1067 1067
1068/* 1068/*
@@ -1116,7 +1116,8 @@ call_status(struct rpc_task *task)
1116 case -ETIMEDOUT: 1116 case -ETIMEDOUT:
1117 task->tk_action = call_timeout; 1117 task->tk_action = call_timeout;
1118 if (task->tk_client->cl_discrtry) 1118 if (task->tk_client->cl_discrtry)
1119 xprt_force_disconnect(task->tk_xprt); 1119 xprt_conditional_disconnect(task->tk_xprt,
1120 req->rq_connect_cookie);
1120 break; 1121 break;
1121 case -ECONNREFUSED: 1122 case -ECONNREFUSED:
1122 case -ENOTCONN: 1123 case -ENOTCONN:
@@ -1168,6 +1169,11 @@ call_timeout(struct rpc_task *task)
1168 clnt->cl_protname, clnt->cl_server); 1169 clnt->cl_protname, clnt->cl_server);
1169 } 1170 }
1170 rpc_force_rebind(clnt); 1171 rpc_force_rebind(clnt);
1172 /*
1173 * Did our request time out due to an RPCSEC_GSS out-of-sequence
1174 * event? RFC2203 requires the server to drop all such requests.
1175 */
1176 rpcauth_invalcred(task);
1171 1177
1172retry: 1178retry:
1173 clnt->cl_stats->rpcretrans++; 1179 clnt->cl_stats->rpcretrans++;
@@ -1195,18 +1201,6 @@ call_decode(struct rpc_task *task)
1195 task->tk_flags &= ~RPC_CALL_MAJORSEEN; 1201 task->tk_flags &= ~RPC_CALL_MAJORSEEN;
1196 } 1202 }
1197 1203
1198 if (task->tk_status < 12) {
1199 if (!RPC_IS_SOFT(task)) {
1200 task->tk_action = call_bind;
1201 clnt->cl_stats->rpcretrans++;
1202 goto out_retry;
1203 }
1204 dprintk("RPC: %s: too small RPC reply size (%d bytes)\n",
1205 clnt->cl_protname, task->tk_status);
1206 task->tk_action = call_timeout;
1207 goto out_retry;
1208 }
1209
1210 /* 1204 /*
1211 * Ensure that we see all writes made by xprt_complete_rqst() 1205 * Ensure that we see all writes made by xprt_complete_rqst()
1212 * before it changed req->rq_received. 1206 * before it changed req->rq_received.
@@ -1218,6 +1212,18 @@ call_decode(struct rpc_task *task)
1218 WARN_ON(memcmp(&req->rq_rcv_buf, &req->rq_private_buf, 1212 WARN_ON(memcmp(&req->rq_rcv_buf, &req->rq_private_buf,
1219 sizeof(req->rq_rcv_buf)) != 0); 1213 sizeof(req->rq_rcv_buf)) != 0);
1220 1214
1215 if (req->rq_rcv_buf.len < 12) {
1216 if (!RPC_IS_SOFT(task)) {
1217 task->tk_action = call_bind;
1218 clnt->cl_stats->rpcretrans++;
1219 goto out_retry;
1220 }
1221 dprintk("RPC: %s: too small RPC reply size (%d bytes)\n",
1222 clnt->cl_protname, task->tk_status);
1223 task->tk_action = call_timeout;
1224 goto out_retry;
1225 }
1226
1221 /* Verify the RPC header */ 1227 /* Verify the RPC header */
1222 p = call_verify(task); 1228 p = call_verify(task);
1223 if (IS_ERR(p)) { 1229 if (IS_ERR(p)) {
@@ -1236,10 +1242,14 @@ call_decode(struct rpc_task *task)
1236 task->tk_status); 1242 task->tk_status);
1237 return; 1243 return;
1238out_retry: 1244out_retry:
1239 req->rq_received = req->rq_private_buf.len = 0;
1240 task->tk_status = 0; 1245 task->tk_status = 0;
1241 if (task->tk_client->cl_discrtry) 1246 /* Note: call_verify() may have freed the RPC slot */
1242 xprt_force_disconnect(task->tk_xprt); 1247 if (task->tk_rqstp == req) {
1248 req->rq_received = req->rq_rcv_buf.len = 0;
1249 if (task->tk_client->cl_discrtry)
1250 xprt_conditional_disconnect(task->tk_xprt,
1251 req->rq_connect_cookie);
1252 }
1243} 1253}
1244 1254
1245/* 1255/*
@@ -1531,7 +1541,7 @@ void rpc_show_tasks(void)
1531 proc = -1; 1541 proc = -1;
1532 1542
1533 if (RPC_IS_QUEUED(t)) 1543 if (RPC_IS_QUEUED(t))
1534 rpc_waitq = rpc_qname(t->u.tk_wait.rpc_waitq); 1544 rpc_waitq = rpc_qname(t->tk_waitqueue);
1535 1545
1536 printk("%5u %04d %04x %6d %8p %6d %8p %8ld %8s %8p %8p\n", 1546 printk("%5u %04d %04x %6d %8p %6d %8p %8ld %8s %8p %8p\n",
1537 t->tk_pid, proc, 1547 t->tk_pid, proc,
diff --git a/net/sunrpc/rpcb_clnt.c b/net/sunrpc/rpcb_clnt.c
index 56aa018dce3a..0517967a68bf 100644
--- a/net/sunrpc/rpcb_clnt.c
+++ b/net/sunrpc/rpcb_clnt.c
@@ -298,7 +298,7 @@ void rpcb_getport_async(struct rpc_task *task)
298 298
299 /* Put self on queue before sending rpcbind request, in case 299 /* Put self on queue before sending rpcbind request, in case
300 * rpcb_getport_done completes before we return from rpc_run_task */ 300 * rpcb_getport_done completes before we return from rpc_run_task */
301 rpc_sleep_on(&xprt->binding, task, NULL, NULL); 301 rpc_sleep_on(&xprt->binding, task, NULL);
302 302
303 /* Someone else may have bound if we slept */ 303 /* Someone else may have bound if we slept */
304 if (xprt_bound(xprt)) { 304 if (xprt_bound(xprt)) {
diff --git a/net/sunrpc/sched.c b/net/sunrpc/sched.c
index 4c669121e607..6eab9bf94baf 100644
--- a/net/sunrpc/sched.c
+++ b/net/sunrpc/sched.c
@@ -38,9 +38,9 @@ static struct kmem_cache *rpc_buffer_slabp __read_mostly;
38static mempool_t *rpc_task_mempool __read_mostly; 38static mempool_t *rpc_task_mempool __read_mostly;
39static mempool_t *rpc_buffer_mempool __read_mostly; 39static mempool_t *rpc_buffer_mempool __read_mostly;
40 40
41static void __rpc_default_timer(struct rpc_task *task);
42static void rpc_async_schedule(struct work_struct *); 41static void rpc_async_schedule(struct work_struct *);
43static void rpc_release_task(struct rpc_task *task); 42static void rpc_release_task(struct rpc_task *task);
43static void __rpc_queue_timer_fn(unsigned long ptr);
44 44
45/* 45/*
46 * RPC tasks sit here while waiting for conditions to improve. 46 * RPC tasks sit here while waiting for conditions to improve.
@@ -57,41 +57,30 @@ struct workqueue_struct *rpciod_workqueue;
57 * queue->lock and bh_disabled in order to avoid races within 57 * queue->lock and bh_disabled in order to avoid races within
58 * rpc_run_timer(). 58 * rpc_run_timer().
59 */ 59 */
60static inline void 60static void
61__rpc_disable_timer(struct rpc_task *task) 61__rpc_disable_timer(struct rpc_wait_queue *queue, struct rpc_task *task)
62{ 62{
63 if (task->tk_timeout == 0)
64 return;
63 dprintk("RPC: %5u disabling timer\n", task->tk_pid); 65 dprintk("RPC: %5u disabling timer\n", task->tk_pid);
64 task->tk_timeout_fn = NULL;
65 task->tk_timeout = 0; 66 task->tk_timeout = 0;
67 list_del(&task->u.tk_wait.timer_list);
68 if (list_empty(&queue->timer_list.list))
69 del_timer(&queue->timer_list.timer);
66} 70}
67 71
68/* 72static void
69 * Run a timeout function. 73rpc_set_queue_timer(struct rpc_wait_queue *queue, unsigned long expires)
70 * We use the callback in order to allow __rpc_wake_up_task()
71 * and friends to disable the timer synchronously on SMP systems
72 * without calling del_timer_sync(). The latter could cause a
73 * deadlock if called while we're holding spinlocks...
74 */
75static void rpc_run_timer(struct rpc_task *task)
76{ 74{
77 void (*callback)(struct rpc_task *); 75 queue->timer_list.expires = expires;
78 76 mod_timer(&queue->timer_list.timer, expires);
79 callback = task->tk_timeout_fn;
80 task->tk_timeout_fn = NULL;
81 if (callback && RPC_IS_QUEUED(task)) {
82 dprintk("RPC: %5u running timer\n", task->tk_pid);
83 callback(task);
84 }
85 smp_mb__before_clear_bit();
86 clear_bit(RPC_TASK_HAS_TIMER, &task->tk_runstate);
87 smp_mb__after_clear_bit();
88} 77}
89 78
90/* 79/*
91 * Set up a timer for the current task. 80 * Set up a timer for the current task.
92 */ 81 */
93static inline void 82static void
94__rpc_add_timer(struct rpc_task *task, rpc_action timer) 83__rpc_add_timer(struct rpc_wait_queue *queue, struct rpc_task *task)
95{ 84{
96 if (!task->tk_timeout) 85 if (!task->tk_timeout)
97 return; 86 return;
@@ -99,27 +88,10 @@ __rpc_add_timer(struct rpc_task *task, rpc_action timer)
99 dprintk("RPC: %5u setting alarm for %lu ms\n", 88 dprintk("RPC: %5u setting alarm for %lu ms\n",
100 task->tk_pid, task->tk_timeout * 1000 / HZ); 89 task->tk_pid, task->tk_timeout * 1000 / HZ);
101 90
102 if (timer) 91 task->u.tk_wait.expires = jiffies + task->tk_timeout;
103 task->tk_timeout_fn = timer; 92 if (list_empty(&queue->timer_list.list) || time_before(task->u.tk_wait.expires, queue->timer_list.expires))
104 else 93 rpc_set_queue_timer(queue, task->u.tk_wait.expires);
105 task->tk_timeout_fn = __rpc_default_timer; 94 list_add(&task->u.tk_wait.timer_list, &queue->timer_list.list);
106 set_bit(RPC_TASK_HAS_TIMER, &task->tk_runstate);
107 mod_timer(&task->tk_timer, jiffies + task->tk_timeout);
108}
109
110/*
111 * Delete any timer for the current task. Because we use del_timer_sync(),
112 * this function should never be called while holding queue->lock.
113 */
114static void
115rpc_delete_timer(struct rpc_task *task)
116{
117 if (RPC_IS_QUEUED(task))
118 return;
119 if (test_and_clear_bit(RPC_TASK_HAS_TIMER, &task->tk_runstate)) {
120 del_singleshot_timer_sync(&task->tk_timer);
121 dprintk("RPC: %5u deleting timer\n", task->tk_pid);
122 }
123} 95}
124 96
125/* 97/*
@@ -161,7 +133,7 @@ static void __rpc_add_wait_queue(struct rpc_wait_queue *queue, struct rpc_task *
161 list_add(&task->u.tk_wait.list, &queue->tasks[0]); 133 list_add(&task->u.tk_wait.list, &queue->tasks[0]);
162 else 134 else
163 list_add_tail(&task->u.tk_wait.list, &queue->tasks[0]); 135 list_add_tail(&task->u.tk_wait.list, &queue->tasks[0]);
164 task->u.tk_wait.rpc_waitq = queue; 136 task->tk_waitqueue = queue;
165 queue->qlen++; 137 queue->qlen++;
166 rpc_set_queued(task); 138 rpc_set_queued(task);
167 139
@@ -181,22 +153,18 @@ static void __rpc_remove_wait_queue_priority(struct rpc_task *task)
181 list_move(&t->u.tk_wait.list, &task->u.tk_wait.list); 153 list_move(&t->u.tk_wait.list, &task->u.tk_wait.list);
182 list_splice_init(&task->u.tk_wait.links, &t->u.tk_wait.links); 154 list_splice_init(&task->u.tk_wait.links, &t->u.tk_wait.links);
183 } 155 }
184 list_del(&task->u.tk_wait.list);
185} 156}
186 157
187/* 158/*
188 * Remove request from queue. 159 * Remove request from queue.
189 * Note: must be called with spin lock held. 160 * Note: must be called with spin lock held.
190 */ 161 */
191static void __rpc_remove_wait_queue(struct rpc_task *task) 162static void __rpc_remove_wait_queue(struct rpc_wait_queue *queue, struct rpc_task *task)
192{ 163{
193 struct rpc_wait_queue *queue; 164 __rpc_disable_timer(queue, task);
194 queue = task->u.tk_wait.rpc_waitq;
195
196 if (RPC_IS_PRIORITY(queue)) 165 if (RPC_IS_PRIORITY(queue))
197 __rpc_remove_wait_queue_priority(task); 166 __rpc_remove_wait_queue_priority(task);
198 else 167 list_del(&task->u.tk_wait.list);
199 list_del(&task->u.tk_wait.list);
200 queue->qlen--; 168 queue->qlen--;
201 dprintk("RPC: %5u removed from queue %p \"%s\"\n", 169 dprintk("RPC: %5u removed from queue %p \"%s\"\n",
202 task->tk_pid, queue, rpc_qname(queue)); 170 task->tk_pid, queue, rpc_qname(queue));
@@ -229,6 +197,9 @@ static void __rpc_init_priority_wait_queue(struct rpc_wait_queue *queue, const c
229 INIT_LIST_HEAD(&queue->tasks[i]); 197 INIT_LIST_HEAD(&queue->tasks[i]);
230 queue->maxpriority = nr_queues - 1; 198 queue->maxpriority = nr_queues - 1;
231 rpc_reset_waitqueue_priority(queue); 199 rpc_reset_waitqueue_priority(queue);
200 queue->qlen = 0;
201 setup_timer(&queue->timer_list.timer, __rpc_queue_timer_fn, (unsigned long)queue);
202 INIT_LIST_HEAD(&queue->timer_list.list);
232#ifdef RPC_DEBUG 203#ifdef RPC_DEBUG
233 queue->name = qname; 204 queue->name = qname;
234#endif 205#endif
@@ -245,6 +216,12 @@ void rpc_init_wait_queue(struct rpc_wait_queue *queue, const char *qname)
245} 216}
246EXPORT_SYMBOL_GPL(rpc_init_wait_queue); 217EXPORT_SYMBOL_GPL(rpc_init_wait_queue);
247 218
219void rpc_destroy_wait_queue(struct rpc_wait_queue *queue)
220{
221 del_timer_sync(&queue->timer_list.timer);
222}
223EXPORT_SYMBOL_GPL(rpc_destroy_wait_queue);
224
248static int rpc_wait_bit_killable(void *word) 225static int rpc_wait_bit_killable(void *word)
249{ 226{
250 if (fatal_signal_pending(current)) 227 if (fatal_signal_pending(current))
@@ -313,7 +290,6 @@ EXPORT_SYMBOL_GPL(__rpc_wait_for_completion_task);
313 */ 290 */
314static void rpc_make_runnable(struct rpc_task *task) 291static void rpc_make_runnable(struct rpc_task *task)
315{ 292{
316 BUG_ON(task->tk_timeout_fn);
317 rpc_clear_queued(task); 293 rpc_clear_queued(task);
318 if (rpc_test_and_set_running(task)) 294 if (rpc_test_and_set_running(task))
319 return; 295 return;
@@ -326,7 +302,7 @@ static void rpc_make_runnable(struct rpc_task *task)
326 int status; 302 int status;
327 303
328 INIT_WORK(&task->u.tk_work, rpc_async_schedule); 304 INIT_WORK(&task->u.tk_work, rpc_async_schedule);
329 status = queue_work(task->tk_workqueue, &task->u.tk_work); 305 status = queue_work(rpciod_workqueue, &task->u.tk_work);
330 if (status < 0) { 306 if (status < 0) {
331 printk(KERN_WARNING "RPC: failed to add task to queue: error: %d!\n", status); 307 printk(KERN_WARNING "RPC: failed to add task to queue: error: %d!\n", status);
332 task->tk_status = status; 308 task->tk_status = status;
@@ -343,7 +319,7 @@ static void rpc_make_runnable(struct rpc_task *task)
343 * as it's on a wait queue. 319 * as it's on a wait queue.
344 */ 320 */
345static void __rpc_sleep_on(struct rpc_wait_queue *q, struct rpc_task *task, 321static void __rpc_sleep_on(struct rpc_wait_queue *q, struct rpc_task *task,
346 rpc_action action, rpc_action timer) 322 rpc_action action)
347{ 323{
348 dprintk("RPC: %5u sleep_on(queue \"%s\" time %lu)\n", 324 dprintk("RPC: %5u sleep_on(queue \"%s\" time %lu)\n",
349 task->tk_pid, rpc_qname(q), jiffies); 325 task->tk_pid, rpc_qname(q), jiffies);
@@ -357,11 +333,11 @@ static void __rpc_sleep_on(struct rpc_wait_queue *q, struct rpc_task *task,
357 333
358 BUG_ON(task->tk_callback != NULL); 334 BUG_ON(task->tk_callback != NULL);
359 task->tk_callback = action; 335 task->tk_callback = action;
360 __rpc_add_timer(task, timer); 336 __rpc_add_timer(q, task);
361} 337}
362 338
363void rpc_sleep_on(struct rpc_wait_queue *q, struct rpc_task *task, 339void rpc_sleep_on(struct rpc_wait_queue *q, struct rpc_task *task,
364 rpc_action action, rpc_action timer) 340 rpc_action action)
365{ 341{
366 /* Mark the task as being activated if so needed */ 342 /* Mark the task as being activated if so needed */
367 rpc_set_active(task); 343 rpc_set_active(task);
@@ -370,18 +346,19 @@ void rpc_sleep_on(struct rpc_wait_queue *q, struct rpc_task *task,
370 * Protect the queue operations. 346 * Protect the queue operations.
371 */ 347 */
372 spin_lock_bh(&q->lock); 348 spin_lock_bh(&q->lock);
373 __rpc_sleep_on(q, task, action, timer); 349 __rpc_sleep_on(q, task, action);
374 spin_unlock_bh(&q->lock); 350 spin_unlock_bh(&q->lock);
375} 351}
376EXPORT_SYMBOL_GPL(rpc_sleep_on); 352EXPORT_SYMBOL_GPL(rpc_sleep_on);
377 353
378/** 354/**
379 * __rpc_do_wake_up_task - wake up a single rpc_task 355 * __rpc_do_wake_up_task - wake up a single rpc_task
356 * @queue: wait queue
380 * @task: task to be woken up 357 * @task: task to be woken up
381 * 358 *
382 * Caller must hold queue->lock, and have cleared the task queued flag. 359 * Caller must hold queue->lock, and have cleared the task queued flag.
383 */ 360 */
384static void __rpc_do_wake_up_task(struct rpc_task *task) 361static void __rpc_do_wake_up_task(struct rpc_wait_queue *queue, struct rpc_task *task)
385{ 362{
386 dprintk("RPC: %5u __rpc_wake_up_task (now %lu)\n", 363 dprintk("RPC: %5u __rpc_wake_up_task (now %lu)\n",
387 task->tk_pid, jiffies); 364 task->tk_pid, jiffies);
@@ -395,8 +372,7 @@ static void __rpc_do_wake_up_task(struct rpc_task *task)
395 return; 372 return;
396 } 373 }
397 374
398 __rpc_disable_timer(task); 375 __rpc_remove_wait_queue(queue, task);
399 __rpc_remove_wait_queue(task);
400 376
401 rpc_make_runnable(task); 377 rpc_make_runnable(task);
402 378
@@ -404,48 +380,32 @@ static void __rpc_do_wake_up_task(struct rpc_task *task)
404} 380}
405 381
406/* 382/*
407 * Wake up the specified task 383 * Wake up a queued task while the queue lock is being held
408 */ 384 */
409static void __rpc_wake_up_task(struct rpc_task *task) 385static void rpc_wake_up_task_queue_locked(struct rpc_wait_queue *queue, struct rpc_task *task)
410{ 386{
411 if (rpc_start_wakeup(task)) { 387 if (RPC_IS_QUEUED(task) && task->tk_waitqueue == queue)
412 if (RPC_IS_QUEUED(task)) 388 __rpc_do_wake_up_task(queue, task);
413 __rpc_do_wake_up_task(task);
414 rpc_finish_wakeup(task);
415 }
416} 389}
417 390
418/* 391/*
419 * Default timeout handler if none specified by user 392 * Wake up a task on a specific queue
420 */ 393 */
421static void 394void rpc_wake_up_queued_task(struct rpc_wait_queue *queue, struct rpc_task *task)
422__rpc_default_timer(struct rpc_task *task)
423{ 395{
424 dprintk("RPC: %5u timeout (default timer)\n", task->tk_pid); 396 spin_lock_bh(&queue->lock);
425 task->tk_status = -ETIMEDOUT; 397 rpc_wake_up_task_queue_locked(queue, task);
426 rpc_wake_up_task(task); 398 spin_unlock_bh(&queue->lock);
427} 399}
400EXPORT_SYMBOL_GPL(rpc_wake_up_queued_task);
428 401
429/* 402/*
430 * Wake up the specified task 403 * Wake up the specified task
431 */ 404 */
432void rpc_wake_up_task(struct rpc_task *task) 405static void rpc_wake_up_task(struct rpc_task *task)
433{ 406{
434 rcu_read_lock_bh(); 407 rpc_wake_up_queued_task(task->tk_waitqueue, task);
435 if (rpc_start_wakeup(task)) {
436 if (RPC_IS_QUEUED(task)) {
437 struct rpc_wait_queue *queue = task->u.tk_wait.rpc_waitq;
438
439 /* Note: we're already in a bh-safe context */
440 spin_lock(&queue->lock);
441 __rpc_do_wake_up_task(task);
442 spin_unlock(&queue->lock);
443 }
444 rpc_finish_wakeup(task);
445 }
446 rcu_read_unlock_bh();
447} 408}
448EXPORT_SYMBOL_GPL(rpc_wake_up_task);
449 409
450/* 410/*
451 * Wake up the next task on a priority queue. 411 * Wake up the next task on a priority queue.
@@ -495,7 +455,7 @@ new_queue:
495new_owner: 455new_owner:
496 rpc_set_waitqueue_owner(queue, task->tk_owner); 456 rpc_set_waitqueue_owner(queue, task->tk_owner);
497out: 457out:
498 __rpc_wake_up_task(task); 458 rpc_wake_up_task_queue_locked(queue, task);
499 return task; 459 return task;
500} 460}
501 461
@@ -508,16 +468,14 @@ struct rpc_task * rpc_wake_up_next(struct rpc_wait_queue *queue)
508 468
509 dprintk("RPC: wake_up_next(%p \"%s\")\n", 469 dprintk("RPC: wake_up_next(%p \"%s\")\n",
510 queue, rpc_qname(queue)); 470 queue, rpc_qname(queue));
511 rcu_read_lock_bh(); 471 spin_lock_bh(&queue->lock);
512 spin_lock(&queue->lock);
513 if (RPC_IS_PRIORITY(queue)) 472 if (RPC_IS_PRIORITY(queue))
514 task = __rpc_wake_up_next_priority(queue); 473 task = __rpc_wake_up_next_priority(queue);
515 else { 474 else {
516 task_for_first(task, &queue->tasks[0]) 475 task_for_first(task, &queue->tasks[0])
517 __rpc_wake_up_task(task); 476 rpc_wake_up_task_queue_locked(queue, task);
518 } 477 }
519 spin_unlock(&queue->lock); 478 spin_unlock_bh(&queue->lock);
520 rcu_read_unlock_bh();
521 479
522 return task; 480 return task;
523} 481}
@@ -534,18 +492,16 @@ void rpc_wake_up(struct rpc_wait_queue *queue)
534 struct rpc_task *task, *next; 492 struct rpc_task *task, *next;
535 struct list_head *head; 493 struct list_head *head;
536 494
537 rcu_read_lock_bh(); 495 spin_lock_bh(&queue->lock);
538 spin_lock(&queue->lock);
539 head = &queue->tasks[queue->maxpriority]; 496 head = &queue->tasks[queue->maxpriority];
540 for (;;) { 497 for (;;) {
541 list_for_each_entry_safe(task, next, head, u.tk_wait.list) 498 list_for_each_entry_safe(task, next, head, u.tk_wait.list)
542 __rpc_wake_up_task(task); 499 rpc_wake_up_task_queue_locked(queue, task);
543 if (head == &queue->tasks[0]) 500 if (head == &queue->tasks[0])
544 break; 501 break;
545 head--; 502 head--;
546 } 503 }
547 spin_unlock(&queue->lock); 504 spin_unlock_bh(&queue->lock);
548 rcu_read_unlock_bh();
549} 505}
550EXPORT_SYMBOL_GPL(rpc_wake_up); 506EXPORT_SYMBOL_GPL(rpc_wake_up);
551 507
@@ -561,26 +517,48 @@ void rpc_wake_up_status(struct rpc_wait_queue *queue, int status)
561 struct rpc_task *task, *next; 517 struct rpc_task *task, *next;
562 struct list_head *head; 518 struct list_head *head;
563 519
564 rcu_read_lock_bh(); 520 spin_lock_bh(&queue->lock);
565 spin_lock(&queue->lock);
566 head = &queue->tasks[queue->maxpriority]; 521 head = &queue->tasks[queue->maxpriority];
567 for (;;) { 522 for (;;) {
568 list_for_each_entry_safe(task, next, head, u.tk_wait.list) { 523 list_for_each_entry_safe(task, next, head, u.tk_wait.list) {
569 task->tk_status = status; 524 task->tk_status = status;
570 __rpc_wake_up_task(task); 525 rpc_wake_up_task_queue_locked(queue, task);
571 } 526 }
572 if (head == &queue->tasks[0]) 527 if (head == &queue->tasks[0])
573 break; 528 break;
574 head--; 529 head--;
575 } 530 }
576 spin_unlock(&queue->lock); 531 spin_unlock_bh(&queue->lock);
577 rcu_read_unlock_bh();
578} 532}
579EXPORT_SYMBOL_GPL(rpc_wake_up_status); 533EXPORT_SYMBOL_GPL(rpc_wake_up_status);
580 534
535static void __rpc_queue_timer_fn(unsigned long ptr)
536{
537 struct rpc_wait_queue *queue = (struct rpc_wait_queue *)ptr;
538 struct rpc_task *task, *n;
539 unsigned long expires, now, timeo;
540
541 spin_lock(&queue->lock);
542 expires = now = jiffies;
543 list_for_each_entry_safe(task, n, &queue->timer_list.list, u.tk_wait.timer_list) {
544 timeo = task->u.tk_wait.expires;
545 if (time_after_eq(now, timeo)) {
546 dprintk("RPC: %5u timeout\n", task->tk_pid);
547 task->tk_status = -ETIMEDOUT;
548 rpc_wake_up_task_queue_locked(queue, task);
549 continue;
550 }
551 if (expires == now || time_after(expires, timeo))
552 expires = timeo;
553 }
554 if (!list_empty(&queue->timer_list.list))
555 rpc_set_queue_timer(queue, expires);
556 spin_unlock(&queue->lock);
557}
558
581static void __rpc_atrun(struct rpc_task *task) 559static void __rpc_atrun(struct rpc_task *task)
582{ 560{
583 rpc_wake_up_task(task); 561 task->tk_status = 0;
584} 562}
585 563
586/* 564/*
@@ -589,7 +567,7 @@ static void __rpc_atrun(struct rpc_task *task)
589void rpc_delay(struct rpc_task *task, unsigned long delay) 567void rpc_delay(struct rpc_task *task, unsigned long delay)
590{ 568{
591 task->tk_timeout = delay; 569 task->tk_timeout = delay;
592 rpc_sleep_on(&delay_queue, task, NULL, __rpc_atrun); 570 rpc_sleep_on(&delay_queue, task, __rpc_atrun);
593} 571}
594EXPORT_SYMBOL_GPL(rpc_delay); 572EXPORT_SYMBOL_GPL(rpc_delay);
595 573
@@ -644,10 +622,6 @@ static void __rpc_execute(struct rpc_task *task)
644 BUG_ON(RPC_IS_QUEUED(task)); 622 BUG_ON(RPC_IS_QUEUED(task));
645 623
646 for (;;) { 624 for (;;) {
647 /*
648 * Garbage collection of pending timers...
649 */
650 rpc_delete_timer(task);
651 625
652 /* 626 /*
653 * Execute any pending callback. 627 * Execute any pending callback.
@@ -816,8 +790,6 @@ EXPORT_SYMBOL_GPL(rpc_free);
816static void rpc_init_task(struct rpc_task *task, const struct rpc_task_setup *task_setup_data) 790static void rpc_init_task(struct rpc_task *task, const struct rpc_task_setup *task_setup_data)
817{ 791{
818 memset(task, 0, sizeof(*task)); 792 memset(task, 0, sizeof(*task));
819 setup_timer(&task->tk_timer, (void (*)(unsigned long))rpc_run_timer,
820 (unsigned long)task);
821 atomic_set(&task->tk_count, 1); 793 atomic_set(&task->tk_count, 1);
822 task->tk_flags = task_setup_data->flags; 794 task->tk_flags = task_setup_data->flags;
823 task->tk_ops = task_setup_data->callback_ops; 795 task->tk_ops = task_setup_data->callback_ops;
@@ -832,7 +804,7 @@ static void rpc_init_task(struct rpc_task *task, const struct rpc_task_setup *ta
832 task->tk_owner = current->tgid; 804 task->tk_owner = current->tgid;
833 805
834 /* Initialize workqueue for async tasks */ 806 /* Initialize workqueue for async tasks */
835 task->tk_workqueue = rpciod_workqueue; 807 task->tk_workqueue = task_setup_data->workqueue;
836 808
837 task->tk_client = task_setup_data->rpc_client; 809 task->tk_client = task_setup_data->rpc_client;
838 if (task->tk_client != NULL) { 810 if (task->tk_client != NULL) {
@@ -845,12 +817,11 @@ static void rpc_init_task(struct rpc_task *task, const struct rpc_task_setup *ta
845 task->tk_action = rpc_prepare_task; 817 task->tk_action = rpc_prepare_task;
846 818
847 if (task_setup_data->rpc_message != NULL) { 819 if (task_setup_data->rpc_message != NULL) {
848 memcpy(&task->tk_msg, task_setup_data->rpc_message, sizeof(task->tk_msg)); 820 task->tk_msg.rpc_proc = task_setup_data->rpc_message->rpc_proc;
821 task->tk_msg.rpc_argp = task_setup_data->rpc_message->rpc_argp;
822 task->tk_msg.rpc_resp = task_setup_data->rpc_message->rpc_resp;
849 /* Bind the user cred */ 823 /* Bind the user cred */
850 if (task->tk_msg.rpc_cred != NULL) 824 rpcauth_bindcred(task, task_setup_data->rpc_message->rpc_cred, task_setup_data->flags);
851 rpcauth_holdcred(task);
852 else
853 rpcauth_bindcred(task);
854 if (task->tk_action == NULL) 825 if (task->tk_action == NULL)
855 rpc_call_start(task); 826 rpc_call_start(task);
856 } 827 }
@@ -868,13 +839,6 @@ rpc_alloc_task(void)
868 return (struct rpc_task *)mempool_alloc(rpc_task_mempool, GFP_NOFS); 839 return (struct rpc_task *)mempool_alloc(rpc_task_mempool, GFP_NOFS);
869} 840}
870 841
871static void rpc_free_task(struct rcu_head *rcu)
872{
873 struct rpc_task *task = container_of(rcu, struct rpc_task, u.tk_rcu);
874 dprintk("RPC: %5u freeing task\n", task->tk_pid);
875 mempool_free(task, rpc_task_mempool);
876}
877
878/* 842/*
879 * Create a new task for the specified client. 843 * Create a new task for the specified client.
880 */ 844 */
@@ -898,12 +862,25 @@ out:
898 return task; 862 return task;
899} 863}
900 864
901 865static void rpc_free_task(struct rpc_task *task)
902void rpc_put_task(struct rpc_task *task)
903{ 866{
904 const struct rpc_call_ops *tk_ops = task->tk_ops; 867 const struct rpc_call_ops *tk_ops = task->tk_ops;
905 void *calldata = task->tk_calldata; 868 void *calldata = task->tk_calldata;
906 869
870 if (task->tk_flags & RPC_TASK_DYNAMIC) {
871 dprintk("RPC: %5u freeing task\n", task->tk_pid);
872 mempool_free(task, rpc_task_mempool);
873 }
874 rpc_release_calldata(tk_ops, calldata);
875}
876
877static void rpc_async_release(struct work_struct *work)
878{
879 rpc_free_task(container_of(work, struct rpc_task, u.tk_work));
880}
881
882void rpc_put_task(struct rpc_task *task)
883{
907 if (!atomic_dec_and_test(&task->tk_count)) 884 if (!atomic_dec_and_test(&task->tk_count))
908 return; 885 return;
909 /* Release resources */ 886 /* Release resources */
@@ -915,9 +892,11 @@ void rpc_put_task(struct rpc_task *task)
915 rpc_release_client(task->tk_client); 892 rpc_release_client(task->tk_client);
916 task->tk_client = NULL; 893 task->tk_client = NULL;
917 } 894 }
918 if (task->tk_flags & RPC_TASK_DYNAMIC) 895 if (task->tk_workqueue != NULL) {
919 call_rcu_bh(&task->u.tk_rcu, rpc_free_task); 896 INIT_WORK(&task->u.tk_work, rpc_async_release);
920 rpc_release_calldata(tk_ops, calldata); 897 queue_work(task->tk_workqueue, &task->u.tk_work);
898 } else
899 rpc_free_task(task);
921} 900}
922EXPORT_SYMBOL_GPL(rpc_put_task); 901EXPORT_SYMBOL_GPL(rpc_put_task);
923 902
@@ -937,9 +916,6 @@ static void rpc_release_task(struct rpc_task *task)
937 } 916 }
938 BUG_ON (RPC_IS_QUEUED(task)); 917 BUG_ON (RPC_IS_QUEUED(task));
939 918
940 /* Synchronously delete any running timer */
941 rpc_delete_timer(task);
942
943#ifdef RPC_DEBUG 919#ifdef RPC_DEBUG
944 task->tk_magic = 0; 920 task->tk_magic = 0;
945#endif 921#endif
@@ -1029,11 +1005,20 @@ rpc_destroy_mempool(void)
1029 kmem_cache_destroy(rpc_task_slabp); 1005 kmem_cache_destroy(rpc_task_slabp);
1030 if (rpc_buffer_slabp) 1006 if (rpc_buffer_slabp)
1031 kmem_cache_destroy(rpc_buffer_slabp); 1007 kmem_cache_destroy(rpc_buffer_slabp);
1008 rpc_destroy_wait_queue(&delay_queue);
1032} 1009}
1033 1010
1034int 1011int
1035rpc_init_mempool(void) 1012rpc_init_mempool(void)
1036{ 1013{
1014 /*
1015 * The following is not strictly a mempool initialisation,
1016 * but there is no harm in doing it here
1017 */
1018 rpc_init_wait_queue(&delay_queue, "delayq");
1019 if (!rpciod_start())
1020 goto err_nomem;
1021
1037 rpc_task_slabp = kmem_cache_create("rpc_tasks", 1022 rpc_task_slabp = kmem_cache_create("rpc_tasks",
1038 sizeof(struct rpc_task), 1023 sizeof(struct rpc_task),
1039 0, SLAB_HWCACHE_ALIGN, 1024 0, SLAB_HWCACHE_ALIGN,
@@ -1054,13 +1039,6 @@ rpc_init_mempool(void)
1054 rpc_buffer_slabp); 1039 rpc_buffer_slabp);
1055 if (!rpc_buffer_mempool) 1040 if (!rpc_buffer_mempool)
1056 goto err_nomem; 1041 goto err_nomem;
1057 if (!rpciod_start())
1058 goto err_nomem;
1059 /*
1060 * The following is not strictly a mempool initialisation,
1061 * but there is no harm in doing it here
1062 */
1063 rpc_init_wait_queue(&delay_queue, "delayq");
1064 return 0; 1042 return 0;
1065err_nomem: 1043err_nomem:
1066 rpc_destroy_mempool(); 1044 rpc_destroy_mempool();
diff --git a/net/sunrpc/stats.c b/net/sunrpc/stats.c
index c6061a4346c8..50b049c6598a 100644
--- a/net/sunrpc/stats.c
+++ b/net/sunrpc/stats.c
@@ -224,16 +224,10 @@ EXPORT_SYMBOL_GPL(rpc_print_iostats);
224static inline struct proc_dir_entry * 224static inline struct proc_dir_entry *
225do_register(const char *name, void *data, const struct file_operations *fops) 225do_register(const char *name, void *data, const struct file_operations *fops)
226{ 226{
227 struct proc_dir_entry *ent;
228
229 rpc_proc_init(); 227 rpc_proc_init();
230 dprintk("RPC: registering /proc/net/rpc/%s\n", name); 228 dprintk("RPC: registering /proc/net/rpc/%s\n", name);
231 229
232 ent = proc_create(name, 0, proc_net_rpc, fops); 230 return proc_create_data(name, 0, proc_net_rpc, fops, data);
233 if (ent) {
234 ent->data = data;
235 }
236 return ent;
237} 231}
238 232
239struct proc_dir_entry * 233struct proc_dir_entry *
diff --git a/net/sunrpc/svc.c b/net/sunrpc/svc.c
index 090af78d68b5..d74c2d269539 100644
--- a/net/sunrpc/svc.c
+++ b/net/sunrpc/svc.c
@@ -510,8 +510,7 @@ EXPORT_SYMBOL(svc_destroy);
510static int 510static int
511svc_init_buffer(struct svc_rqst *rqstp, unsigned int size) 511svc_init_buffer(struct svc_rqst *rqstp, unsigned int size)
512{ 512{
513 int pages; 513 unsigned int pages, arghi;
514 int arghi;
515 514
516 pages = size / PAGE_SIZE + 1; /* extra page as we hold both request and reply. 515 pages = size / PAGE_SIZE + 1; /* extra page as we hold both request and reply.
517 * We assume one is at most one page 516 * We assume one is at most one page
@@ -525,7 +524,7 @@ svc_init_buffer(struct svc_rqst *rqstp, unsigned int size)
525 rqstp->rq_pages[arghi++] = p; 524 rqstp->rq_pages[arghi++] = p;
526 pages--; 525 pages--;
527 } 526 }
528 return ! pages; 527 return pages == 0;
529} 528}
530 529
531/* 530/*
@@ -534,8 +533,9 @@ svc_init_buffer(struct svc_rqst *rqstp, unsigned int size)
534static void 533static void
535svc_release_buffer(struct svc_rqst *rqstp) 534svc_release_buffer(struct svc_rqst *rqstp)
536{ 535{
537 int i; 536 unsigned int i;
538 for (i=0; i<ARRAY_SIZE(rqstp->rq_pages); i++) 537
538 for (i = 0; i < ARRAY_SIZE(rqstp->rq_pages); i++)
539 if (rqstp->rq_pages[i]) 539 if (rqstp->rq_pages[i])
540 put_page(rqstp->rq_pages[i]); 540 put_page(rqstp->rq_pages[i]);
541} 541}
@@ -590,7 +590,7 @@ __svc_create_thread(svc_thread_fn func, struct svc_serv *serv,
590 struct svc_rqst *rqstp; 590 struct svc_rqst *rqstp;
591 int error = -ENOMEM; 591 int error = -ENOMEM;
592 int have_oldmask = 0; 592 int have_oldmask = 0;
593 cpumask_t oldmask; 593 cpumask_t uninitialized_var(oldmask);
594 594
595 rqstp = svc_prepare_thread(serv, pool); 595 rqstp = svc_prepare_thread(serv, pool);
596 if (IS_ERR(rqstp)) { 596 if (IS_ERR(rqstp)) {
@@ -619,16 +619,6 @@ out_thread:
619} 619}
620 620
621/* 621/*
622 * Create a thread in the default pool. Caller must hold BKL.
623 */
624int
625svc_create_thread(svc_thread_fn func, struct svc_serv *serv)
626{
627 return __svc_create_thread(func, serv, &serv->sv_pools[0]);
628}
629EXPORT_SYMBOL(svc_create_thread);
630
631/*
632 * Choose a pool in which to create a new thread, for svc_set_num_threads 622 * Choose a pool in which to create a new thread, for svc_set_num_threads
633 */ 623 */
634static inline struct svc_pool * 624static inline struct svc_pool *
@@ -921,8 +911,7 @@ svc_process(struct svc_rqst *rqstp)
921 case SVC_OK: 911 case SVC_OK:
922 break; 912 break;
923 case SVC_GARBAGE: 913 case SVC_GARBAGE:
924 rpc_stat = rpc_garbage_args; 914 goto err_garbage;
925 goto err_bad;
926 case SVC_SYSERR: 915 case SVC_SYSERR:
927 rpc_stat = rpc_system_err; 916 rpc_stat = rpc_system_err;
928 goto err_bad; 917 goto err_bad;
diff --git a/net/sunrpc/svc_xprt.c b/net/sunrpc/svc_xprt.c
index 332eb47539e1..d8e8d79a8451 100644
--- a/net/sunrpc/svc_xprt.c
+++ b/net/sunrpc/svc_xprt.c
@@ -18,6 +18,7 @@
18#include <linux/skbuff.h> 18#include <linux/skbuff.h>
19#include <linux/file.h> 19#include <linux/file.h>
20#include <linux/freezer.h> 20#include <linux/freezer.h>
21#include <linux/kthread.h>
21#include <net/sock.h> 22#include <net/sock.h>
22#include <net/checksum.h> 23#include <net/checksum.h>
23#include <net/ip.h> 24#include <net/ip.h>
@@ -586,8 +587,12 @@ int svc_recv(struct svc_rqst *rqstp, long timeout)
586 while (rqstp->rq_pages[i] == NULL) { 587 while (rqstp->rq_pages[i] == NULL) {
587 struct page *p = alloc_page(GFP_KERNEL); 588 struct page *p = alloc_page(GFP_KERNEL);
588 if (!p) { 589 if (!p) {
589 int j = msecs_to_jiffies(500); 590 set_current_state(TASK_INTERRUPTIBLE);
590 schedule_timeout_uninterruptible(j); 591 if (signalled() || kthread_should_stop()) {
592 set_current_state(TASK_RUNNING);
593 return -EINTR;
594 }
595 schedule_timeout(msecs_to_jiffies(500));
591 } 596 }
592 rqstp->rq_pages[i] = p; 597 rqstp->rq_pages[i] = p;
593 } 598 }
@@ -607,7 +612,7 @@ int svc_recv(struct svc_rqst *rqstp, long timeout)
607 612
608 try_to_freeze(); 613 try_to_freeze();
609 cond_resched(); 614 cond_resched();
610 if (signalled()) 615 if (signalled() || kthread_should_stop())
611 return -EINTR; 616 return -EINTR;
612 617
613 spin_lock_bh(&pool->sp_lock); 618 spin_lock_bh(&pool->sp_lock);
@@ -626,6 +631,20 @@ int svc_recv(struct svc_rqst *rqstp, long timeout)
626 * to bring down the daemons ... 631 * to bring down the daemons ...
627 */ 632 */
628 set_current_state(TASK_INTERRUPTIBLE); 633 set_current_state(TASK_INTERRUPTIBLE);
634
635 /*
636 * checking kthread_should_stop() here allows us to avoid
637 * locking and signalling when stopping kthreads that call
638 * svc_recv. If the thread has already been woken up, then
639 * we can exit here without sleeping. If not, then it
640 * it'll be woken up quickly during the schedule_timeout
641 */
642 if (kthread_should_stop()) {
643 set_current_state(TASK_RUNNING);
644 spin_unlock_bh(&pool->sp_lock);
645 return -EINTR;
646 }
647
629 add_wait_queue(&rqstp->rq_wait, &wait); 648 add_wait_queue(&rqstp->rq_wait, &wait);
630 spin_unlock_bh(&pool->sp_lock); 649 spin_unlock_bh(&pool->sp_lock);
631 650
@@ -641,7 +660,10 @@ int svc_recv(struct svc_rqst *rqstp, long timeout)
641 svc_thread_dequeue(pool, rqstp); 660 svc_thread_dequeue(pool, rqstp);
642 spin_unlock_bh(&pool->sp_lock); 661 spin_unlock_bh(&pool->sp_lock);
643 dprintk("svc: server %p, no data yet\n", rqstp); 662 dprintk("svc: server %p, no data yet\n", rqstp);
644 return signalled()? -EINTR : -EAGAIN; 663 if (signalled() || kthread_should_stop())
664 return -EINTR;
665 else
666 return -EAGAIN;
645 } 667 }
646 } 668 }
647 spin_unlock_bh(&pool->sp_lock); 669 spin_unlock_bh(&pool->sp_lock);
diff --git a/net/sunrpc/svcauth_unix.c b/net/sunrpc/svcauth_unix.c
index 3c64051e4555..3f30ee6006ae 100644
--- a/net/sunrpc/svcauth_unix.c
+++ b/net/sunrpc/svcauth_unix.c
@@ -11,7 +11,8 @@
11#include <linux/hash.h> 11#include <linux/hash.h>
12#include <linux/string.h> 12#include <linux/string.h>
13#include <net/sock.h> 13#include <net/sock.h>
14 14#include <net/ipv6.h>
15#include <linux/kernel.h>
15#define RPCDBG_FACILITY RPCDBG_AUTH 16#define RPCDBG_FACILITY RPCDBG_AUTH
16 17
17 18
@@ -85,7 +86,7 @@ static void svcauth_unix_domain_release(struct auth_domain *dom)
85struct ip_map { 86struct ip_map {
86 struct cache_head h; 87 struct cache_head h;
87 char m_class[8]; /* e.g. "nfsd" */ 88 char m_class[8]; /* e.g. "nfsd" */
88 struct in_addr m_addr; 89 struct in6_addr m_addr;
89 struct unix_domain *m_client; 90 struct unix_domain *m_client;
90 int m_add_change; 91 int m_add_change;
91}; 92};
@@ -113,12 +114,19 @@ static inline int hash_ip(__be32 ip)
113 return (hash ^ (hash>>8)) & 0xff; 114 return (hash ^ (hash>>8)) & 0xff;
114} 115}
115#endif 116#endif
117static inline int hash_ip6(struct in6_addr ip)
118{
119 return (hash_ip(ip.s6_addr32[0]) ^
120 hash_ip(ip.s6_addr32[1]) ^
121 hash_ip(ip.s6_addr32[2]) ^
122 hash_ip(ip.s6_addr32[3]));
123}
116static int ip_map_match(struct cache_head *corig, struct cache_head *cnew) 124static int ip_map_match(struct cache_head *corig, struct cache_head *cnew)
117{ 125{
118 struct ip_map *orig = container_of(corig, struct ip_map, h); 126 struct ip_map *orig = container_of(corig, struct ip_map, h);
119 struct ip_map *new = container_of(cnew, struct ip_map, h); 127 struct ip_map *new = container_of(cnew, struct ip_map, h);
120 return strcmp(orig->m_class, new->m_class) == 0 128 return strcmp(orig->m_class, new->m_class) == 0
121 && orig->m_addr.s_addr == new->m_addr.s_addr; 129 && ipv6_addr_equal(&orig->m_addr, &new->m_addr);
122} 130}
123static void ip_map_init(struct cache_head *cnew, struct cache_head *citem) 131static void ip_map_init(struct cache_head *cnew, struct cache_head *citem)
124{ 132{
@@ -126,7 +134,7 @@ static void ip_map_init(struct cache_head *cnew, struct cache_head *citem)
126 struct ip_map *item = container_of(citem, struct ip_map, h); 134 struct ip_map *item = container_of(citem, struct ip_map, h);
127 135
128 strcpy(new->m_class, item->m_class); 136 strcpy(new->m_class, item->m_class);
129 new->m_addr.s_addr = item->m_addr.s_addr; 137 ipv6_addr_copy(&new->m_addr, &item->m_addr);
130} 138}
131static void update(struct cache_head *cnew, struct cache_head *citem) 139static void update(struct cache_head *cnew, struct cache_head *citem)
132{ 140{
@@ -150,22 +158,24 @@ static void ip_map_request(struct cache_detail *cd,
150 struct cache_head *h, 158 struct cache_head *h,
151 char **bpp, int *blen) 159 char **bpp, int *blen)
152{ 160{
153 char text_addr[20]; 161 char text_addr[40];
154 struct ip_map *im = container_of(h, struct ip_map, h); 162 struct ip_map *im = container_of(h, struct ip_map, h);
155 __be32 addr = im->m_addr.s_addr;
156
157 snprintf(text_addr, 20, "%u.%u.%u.%u",
158 ntohl(addr) >> 24 & 0xff,
159 ntohl(addr) >> 16 & 0xff,
160 ntohl(addr) >> 8 & 0xff,
161 ntohl(addr) >> 0 & 0xff);
162 163
164 if (ipv6_addr_v4mapped(&(im->m_addr))) {
165 snprintf(text_addr, 20, NIPQUAD_FMT,
166 ntohl(im->m_addr.s6_addr32[3]) >> 24 & 0xff,
167 ntohl(im->m_addr.s6_addr32[3]) >> 16 & 0xff,
168 ntohl(im->m_addr.s6_addr32[3]) >> 8 & 0xff,
169 ntohl(im->m_addr.s6_addr32[3]) >> 0 & 0xff);
170 } else {
171 snprintf(text_addr, 40, NIP6_FMT, NIP6(im->m_addr));
172 }
163 qword_add(bpp, blen, im->m_class); 173 qword_add(bpp, blen, im->m_class);
164 qword_add(bpp, blen, text_addr); 174 qword_add(bpp, blen, text_addr);
165 (*bpp)[-1] = '\n'; 175 (*bpp)[-1] = '\n';
166} 176}
167 177
168static struct ip_map *ip_map_lookup(char *class, struct in_addr addr); 178static struct ip_map *ip_map_lookup(char *class, struct in6_addr *addr);
169static int ip_map_update(struct ip_map *ipm, struct unix_domain *udom, time_t expiry); 179static int ip_map_update(struct ip_map *ipm, struct unix_domain *udom, time_t expiry);
170 180
171static int ip_map_parse(struct cache_detail *cd, 181static int ip_map_parse(struct cache_detail *cd,
@@ -176,10 +186,10 @@ static int ip_map_parse(struct cache_detail *cd,
176 * for scratch: */ 186 * for scratch: */
177 char *buf = mesg; 187 char *buf = mesg;
178 int len; 188 int len;
179 int b1,b2,b3,b4; 189 int b1, b2, b3, b4, b5, b6, b7, b8;
180 char c; 190 char c;
181 char class[8]; 191 char class[8];
182 struct in_addr addr; 192 struct in6_addr addr;
183 int err; 193 int err;
184 194
185 struct ip_map *ipmp; 195 struct ip_map *ipmp;
@@ -198,7 +208,23 @@ static int ip_map_parse(struct cache_detail *cd,
198 len = qword_get(&mesg, buf, mlen); 208 len = qword_get(&mesg, buf, mlen);
199 if (len <= 0) return -EINVAL; 209 if (len <= 0) return -EINVAL;
200 210
201 if (sscanf(buf, "%u.%u.%u.%u%c", &b1, &b2, &b3, &b4, &c) != 4) 211 if (sscanf(buf, NIPQUAD_FMT "%c", &b1, &b2, &b3, &b4, &c) == 4) {
212 addr.s6_addr32[0] = 0;
213 addr.s6_addr32[1] = 0;
214 addr.s6_addr32[2] = htonl(0xffff);
215 addr.s6_addr32[3] =
216 htonl((((((b1<<8)|b2)<<8)|b3)<<8)|b4);
217 } else if (sscanf(buf, NIP6_FMT "%c",
218 &b1, &b2, &b3, &b4, &b5, &b6, &b7, &b8, &c) == 8) {
219 addr.s6_addr16[0] = htons(b1);
220 addr.s6_addr16[1] = htons(b2);
221 addr.s6_addr16[2] = htons(b3);
222 addr.s6_addr16[3] = htons(b4);
223 addr.s6_addr16[4] = htons(b5);
224 addr.s6_addr16[5] = htons(b6);
225 addr.s6_addr16[6] = htons(b7);
226 addr.s6_addr16[7] = htons(b8);
227 } else
202 return -EINVAL; 228 return -EINVAL;
203 229
204 expiry = get_expiry(&mesg); 230 expiry = get_expiry(&mesg);
@@ -216,10 +242,7 @@ static int ip_map_parse(struct cache_detail *cd,
216 } else 242 } else
217 dom = NULL; 243 dom = NULL;
218 244
219 addr.s_addr = 245 ipmp = ip_map_lookup(class, &addr);
220 htonl((((((b1<<8)|b2)<<8)|b3)<<8)|b4);
221
222 ipmp = ip_map_lookup(class,addr);
223 if (ipmp) { 246 if (ipmp) {
224 err = ip_map_update(ipmp, 247 err = ip_map_update(ipmp,
225 container_of(dom, struct unix_domain, h), 248 container_of(dom, struct unix_domain, h),
@@ -239,7 +262,7 @@ static int ip_map_show(struct seq_file *m,
239 struct cache_head *h) 262 struct cache_head *h)
240{ 263{
241 struct ip_map *im; 264 struct ip_map *im;
242 struct in_addr addr; 265 struct in6_addr addr;
243 char *dom = "-no-domain-"; 266 char *dom = "-no-domain-";
244 267
245 if (h == NULL) { 268 if (h == NULL) {
@@ -248,20 +271,24 @@ static int ip_map_show(struct seq_file *m,
248 } 271 }
249 im = container_of(h, struct ip_map, h); 272 im = container_of(h, struct ip_map, h);
250 /* class addr domain */ 273 /* class addr domain */
251 addr = im->m_addr; 274 ipv6_addr_copy(&addr, &im->m_addr);
252 275
253 if (test_bit(CACHE_VALID, &h->flags) && 276 if (test_bit(CACHE_VALID, &h->flags) &&
254 !test_bit(CACHE_NEGATIVE, &h->flags)) 277 !test_bit(CACHE_NEGATIVE, &h->flags))
255 dom = im->m_client->h.name; 278 dom = im->m_client->h.name;
256 279
257 seq_printf(m, "%s %d.%d.%d.%d %s\n", 280 if (ipv6_addr_v4mapped(&addr)) {
258 im->m_class, 281 seq_printf(m, "%s" NIPQUAD_FMT "%s\n",
259 ntohl(addr.s_addr) >> 24 & 0xff, 282 im->m_class,
260 ntohl(addr.s_addr) >> 16 & 0xff, 283 ntohl(addr.s6_addr32[3]) >> 24 & 0xff,
261 ntohl(addr.s_addr) >> 8 & 0xff, 284 ntohl(addr.s6_addr32[3]) >> 16 & 0xff,
262 ntohl(addr.s_addr) >> 0 & 0xff, 285 ntohl(addr.s6_addr32[3]) >> 8 & 0xff,
263 dom 286 ntohl(addr.s6_addr32[3]) >> 0 & 0xff,
264 ); 287 dom);
288 } else {
289 seq_printf(m, "%s" NIP6_FMT "%s\n",
290 im->m_class, NIP6(addr), dom);
291 }
265 return 0; 292 return 0;
266} 293}
267 294
@@ -281,16 +308,16 @@ struct cache_detail ip_map_cache = {
281 .alloc = ip_map_alloc, 308 .alloc = ip_map_alloc,
282}; 309};
283 310
284static struct ip_map *ip_map_lookup(char *class, struct in_addr addr) 311static struct ip_map *ip_map_lookup(char *class, struct in6_addr *addr)
285{ 312{
286 struct ip_map ip; 313 struct ip_map ip;
287 struct cache_head *ch; 314 struct cache_head *ch;
288 315
289 strcpy(ip.m_class, class); 316 strcpy(ip.m_class, class);
290 ip.m_addr = addr; 317 ipv6_addr_copy(&ip.m_addr, addr);
291 ch = sunrpc_cache_lookup(&ip_map_cache, &ip.h, 318 ch = sunrpc_cache_lookup(&ip_map_cache, &ip.h,
292 hash_str(class, IP_HASHBITS) ^ 319 hash_str(class, IP_HASHBITS) ^
293 hash_ip(addr.s_addr)); 320 hash_ip6(*addr));
294 321
295 if (ch) 322 if (ch)
296 return container_of(ch, struct ip_map, h); 323 return container_of(ch, struct ip_map, h);
@@ -319,14 +346,14 @@ static int ip_map_update(struct ip_map *ipm, struct unix_domain *udom, time_t ex
319 ch = sunrpc_cache_update(&ip_map_cache, 346 ch = sunrpc_cache_update(&ip_map_cache,
320 &ip.h, &ipm->h, 347 &ip.h, &ipm->h,
321 hash_str(ipm->m_class, IP_HASHBITS) ^ 348 hash_str(ipm->m_class, IP_HASHBITS) ^
322 hash_ip(ipm->m_addr.s_addr)); 349 hash_ip6(ipm->m_addr));
323 if (!ch) 350 if (!ch)
324 return -ENOMEM; 351 return -ENOMEM;
325 cache_put(ch, &ip_map_cache); 352 cache_put(ch, &ip_map_cache);
326 return 0; 353 return 0;
327} 354}
328 355
329int auth_unix_add_addr(struct in_addr addr, struct auth_domain *dom) 356int auth_unix_add_addr(struct in6_addr *addr, struct auth_domain *dom)
330{ 357{
331 struct unix_domain *udom; 358 struct unix_domain *udom;
332 struct ip_map *ipmp; 359 struct ip_map *ipmp;
@@ -355,7 +382,7 @@ int auth_unix_forget_old(struct auth_domain *dom)
355} 382}
356EXPORT_SYMBOL(auth_unix_forget_old); 383EXPORT_SYMBOL(auth_unix_forget_old);
357 384
358struct auth_domain *auth_unix_lookup(struct in_addr addr) 385struct auth_domain *auth_unix_lookup(struct in6_addr *addr)
359{ 386{
360 struct ip_map *ipm; 387 struct ip_map *ipm;
361 struct auth_domain *rv; 388 struct auth_domain *rv;
@@ -650,9 +677,24 @@ static int unix_gid_find(uid_t uid, struct group_info **gip,
650int 677int
651svcauth_unix_set_client(struct svc_rqst *rqstp) 678svcauth_unix_set_client(struct svc_rqst *rqstp)
652{ 679{
653 struct sockaddr_in *sin = svc_addr_in(rqstp); 680 struct sockaddr_in *sin;
681 struct sockaddr_in6 *sin6, sin6_storage;
654 struct ip_map *ipm; 682 struct ip_map *ipm;
655 683
684 switch (rqstp->rq_addr.ss_family) {
685 case AF_INET:
686 sin = svc_addr_in(rqstp);
687 sin6 = &sin6_storage;
688 ipv6_addr_set(&sin6->sin6_addr, 0, 0,
689 htonl(0x0000FFFF), sin->sin_addr.s_addr);
690 break;
691 case AF_INET6:
692 sin6 = svc_addr_in6(rqstp);
693 break;
694 default:
695 BUG();
696 }
697
656 rqstp->rq_client = NULL; 698 rqstp->rq_client = NULL;
657 if (rqstp->rq_proc == 0) 699 if (rqstp->rq_proc == 0)
658 return SVC_OK; 700 return SVC_OK;
@@ -660,7 +702,7 @@ svcauth_unix_set_client(struct svc_rqst *rqstp)
660 ipm = ip_map_cached_get(rqstp); 702 ipm = ip_map_cached_get(rqstp);
661 if (ipm == NULL) 703 if (ipm == NULL)
662 ipm = ip_map_lookup(rqstp->rq_server->sv_program->pg_class, 704 ipm = ip_map_lookup(rqstp->rq_server->sv_program->pg_class,
663 sin->sin_addr); 705 &sin6->sin6_addr);
664 706
665 if (ipm == NULL) 707 if (ipm == NULL)
666 return SVC_DENIED; 708 return SVC_DENIED;
diff --git a/net/sunrpc/svcsock.c b/net/sunrpc/svcsock.c
index c475977de05a..3e65719f1ef6 100644
--- a/net/sunrpc/svcsock.c
+++ b/net/sunrpc/svcsock.c
@@ -38,6 +38,7 @@
38#include <net/checksum.h> 38#include <net/checksum.h>
39#include <net/ip.h> 39#include <net/ip.h>
40#include <net/ipv6.h> 40#include <net/ipv6.h>
41#include <net/tcp.h>
41#include <net/tcp_states.h> 42#include <net/tcp_states.h>
42#include <asm/uaccess.h> 43#include <asm/uaccess.h>
43#include <asm/ioctls.h> 44#include <asm/ioctls.h>
@@ -45,6 +46,7 @@
45#include <linux/sunrpc/types.h> 46#include <linux/sunrpc/types.h>
46#include <linux/sunrpc/clnt.h> 47#include <linux/sunrpc/clnt.h>
47#include <linux/sunrpc/xdr.h> 48#include <linux/sunrpc/xdr.h>
49#include <linux/sunrpc/msg_prot.h>
48#include <linux/sunrpc/svcsock.h> 50#include <linux/sunrpc/svcsock.h>
49#include <linux/sunrpc/stats.h> 51#include <linux/sunrpc/stats.h>
50 52
@@ -822,8 +824,8 @@ static int svc_tcp_recvfrom(struct svc_rqst *rqstp)
822 * the next four bytes. Otherwise try to gobble up as much as 824 * the next four bytes. Otherwise try to gobble up as much as
823 * possible up to the complete record length. 825 * possible up to the complete record length.
824 */ 826 */
825 if (svsk->sk_tcplen < 4) { 827 if (svsk->sk_tcplen < sizeof(rpc_fraghdr)) {
826 unsigned long want = 4 - svsk->sk_tcplen; 828 int want = sizeof(rpc_fraghdr) - svsk->sk_tcplen;
827 struct kvec iov; 829 struct kvec iov;
828 830
829 iov.iov_base = ((char *) &svsk->sk_reclen) + svsk->sk_tcplen; 831 iov.iov_base = ((char *) &svsk->sk_reclen) + svsk->sk_tcplen;
@@ -833,32 +835,31 @@ static int svc_tcp_recvfrom(struct svc_rqst *rqstp)
833 svsk->sk_tcplen += len; 835 svsk->sk_tcplen += len;
834 836
835 if (len < want) { 837 if (len < want) {
836 dprintk("svc: short recvfrom while reading record length (%d of %lu)\n", 838 dprintk("svc: short recvfrom while reading record "
837 len, want); 839 "length (%d of %d)\n", len, want);
838 svc_xprt_received(&svsk->sk_xprt); 840 svc_xprt_received(&svsk->sk_xprt);
839 return -EAGAIN; /* record header not complete */ 841 return -EAGAIN; /* record header not complete */
840 } 842 }
841 843
842 svsk->sk_reclen = ntohl(svsk->sk_reclen); 844 svsk->sk_reclen = ntohl(svsk->sk_reclen);
843 if (!(svsk->sk_reclen & 0x80000000)) { 845 if (!(svsk->sk_reclen & RPC_LAST_STREAM_FRAGMENT)) {
844 /* FIXME: technically, a record can be fragmented, 846 /* FIXME: technically, a record can be fragmented,
845 * and non-terminal fragments will not have the top 847 * and non-terminal fragments will not have the top
846 * bit set in the fragment length header. 848 * bit set in the fragment length header.
847 * But apparently no known nfs clients send fragmented 849 * But apparently no known nfs clients send fragmented
848 * records. */ 850 * records. */
849 if (net_ratelimit()) 851 if (net_ratelimit())
850 printk(KERN_NOTICE "RPC: bad TCP reclen 0x%08lx" 852 printk(KERN_NOTICE "RPC: multiple fragments "
851 " (non-terminal)\n", 853 "per record not supported\n");
852 (unsigned long) svsk->sk_reclen);
853 goto err_delete; 854 goto err_delete;
854 } 855 }
855 svsk->sk_reclen &= 0x7fffffff; 856 svsk->sk_reclen &= RPC_FRAGMENT_SIZE_MASK;
856 dprintk("svc: TCP record, %d bytes\n", svsk->sk_reclen); 857 dprintk("svc: TCP record, %d bytes\n", svsk->sk_reclen);
857 if (svsk->sk_reclen > serv->sv_max_mesg) { 858 if (svsk->sk_reclen > serv->sv_max_mesg) {
858 if (net_ratelimit()) 859 if (net_ratelimit())
859 printk(KERN_NOTICE "RPC: bad TCP reclen 0x%08lx" 860 printk(KERN_NOTICE "RPC: "
860 " (large)\n", 861 "fragment too large: 0x%08lx\n",
861 (unsigned long) svsk->sk_reclen); 862 (unsigned long)svsk->sk_reclen);
862 goto err_delete; 863 goto err_delete;
863 } 864 }
864 } 865 }
@@ -1045,7 +1046,6 @@ void svc_cleanup_xprt_sock(void)
1045static void svc_tcp_init(struct svc_sock *svsk, struct svc_serv *serv) 1046static void svc_tcp_init(struct svc_sock *svsk, struct svc_serv *serv)
1046{ 1047{
1047 struct sock *sk = svsk->sk_sk; 1048 struct sock *sk = svsk->sk_sk;
1048 struct tcp_sock *tp = tcp_sk(sk);
1049 1049
1050 svc_xprt_init(&svc_tcp_class, &svsk->sk_xprt, serv); 1050 svc_xprt_init(&svc_tcp_class, &svsk->sk_xprt, serv);
1051 set_bit(XPT_CACHE_AUTH, &svsk->sk_xprt.xpt_flags); 1051 set_bit(XPT_CACHE_AUTH, &svsk->sk_xprt.xpt_flags);
@@ -1063,7 +1063,7 @@ static void svc_tcp_init(struct svc_sock *svsk, struct svc_serv *serv)
1063 svsk->sk_reclen = 0; 1063 svsk->sk_reclen = 0;
1064 svsk->sk_tcplen = 0; 1064 svsk->sk_tcplen = 0;
1065 1065
1066 tp->nonagle = 1; /* disable Nagle's algorithm */ 1066 tcp_sk(sk)->nonagle |= TCP_NAGLE_OFF;
1067 1067
1068 /* initialise setting must have enough space to 1068 /* initialise setting must have enough space to
1069 * receive and respond to one request. 1069 * receive and respond to one request.
@@ -1101,6 +1101,7 @@ void svc_sock_update_bufs(struct svc_serv *serv)
1101 } 1101 }
1102 spin_unlock_bh(&serv->sv_lock); 1102 spin_unlock_bh(&serv->sv_lock);
1103} 1103}
1104EXPORT_SYMBOL(svc_sock_update_bufs);
1104 1105
1105/* 1106/*
1106 * Initialize socket for RPC use and create svc_sock struct 1107 * Initialize socket for RPC use and create svc_sock struct
diff --git a/net/sunrpc/xprt.c b/net/sunrpc/xprt.c
index d5553b8179f9..e1770f7ba0b3 100644
--- a/net/sunrpc/xprt.c
+++ b/net/sunrpc/xprt.c
@@ -188,9 +188,9 @@ out_sleep:
188 task->tk_timeout = 0; 188 task->tk_timeout = 0;
189 task->tk_status = -EAGAIN; 189 task->tk_status = -EAGAIN;
190 if (req && req->rq_ntrans) 190 if (req && req->rq_ntrans)
191 rpc_sleep_on(&xprt->resend, task, NULL, NULL); 191 rpc_sleep_on(&xprt->resend, task, NULL);
192 else 192 else
193 rpc_sleep_on(&xprt->sending, task, NULL, NULL); 193 rpc_sleep_on(&xprt->sending, task, NULL);
194 return 0; 194 return 0;
195} 195}
196EXPORT_SYMBOL_GPL(xprt_reserve_xprt); 196EXPORT_SYMBOL_GPL(xprt_reserve_xprt);
@@ -238,9 +238,9 @@ out_sleep:
238 task->tk_timeout = 0; 238 task->tk_timeout = 0;
239 task->tk_status = -EAGAIN; 239 task->tk_status = -EAGAIN;
240 if (req && req->rq_ntrans) 240 if (req && req->rq_ntrans)
241 rpc_sleep_on(&xprt->resend, task, NULL, NULL); 241 rpc_sleep_on(&xprt->resend, task, NULL);
242 else 242 else
243 rpc_sleep_on(&xprt->sending, task, NULL, NULL); 243 rpc_sleep_on(&xprt->sending, task, NULL);
244 return 0; 244 return 0;
245} 245}
246EXPORT_SYMBOL_GPL(xprt_reserve_xprt_cong); 246EXPORT_SYMBOL_GPL(xprt_reserve_xprt_cong);
@@ -445,15 +445,15 @@ EXPORT_SYMBOL_GPL(xprt_wake_pending_tasks);
445/** 445/**
446 * xprt_wait_for_buffer_space - wait for transport output buffer to clear 446 * xprt_wait_for_buffer_space - wait for transport output buffer to clear
447 * @task: task to be put to sleep 447 * @task: task to be put to sleep
448 * 448 * @action: function pointer to be executed after wait
449 */ 449 */
450void xprt_wait_for_buffer_space(struct rpc_task *task) 450void xprt_wait_for_buffer_space(struct rpc_task *task, rpc_action action)
451{ 451{
452 struct rpc_rqst *req = task->tk_rqstp; 452 struct rpc_rqst *req = task->tk_rqstp;
453 struct rpc_xprt *xprt = req->rq_xprt; 453 struct rpc_xprt *xprt = req->rq_xprt;
454 454
455 task->tk_timeout = req->rq_timeout; 455 task->tk_timeout = req->rq_timeout;
456 rpc_sleep_on(&xprt->pending, task, NULL, NULL); 456 rpc_sleep_on(&xprt->pending, task, action);
457} 457}
458EXPORT_SYMBOL_GPL(xprt_wait_for_buffer_space); 458EXPORT_SYMBOL_GPL(xprt_wait_for_buffer_space);
459 459
@@ -472,7 +472,7 @@ void xprt_write_space(struct rpc_xprt *xprt)
472 if (xprt->snd_task) { 472 if (xprt->snd_task) {
473 dprintk("RPC: write space: waking waiting task on " 473 dprintk("RPC: write space: waking waiting task on "
474 "xprt %p\n", xprt); 474 "xprt %p\n", xprt);
475 rpc_wake_up_task(xprt->snd_task); 475 rpc_wake_up_queued_task(&xprt->pending, xprt->snd_task);
476 } 476 }
477 spin_unlock_bh(&xprt->transport_lock); 477 spin_unlock_bh(&xprt->transport_lock);
478} 478}
@@ -602,11 +602,37 @@ void xprt_force_disconnect(struct rpc_xprt *xprt)
602 /* Try to schedule an autoclose RPC call */ 602 /* Try to schedule an autoclose RPC call */
603 if (test_and_set_bit(XPRT_LOCKED, &xprt->state) == 0) 603 if (test_and_set_bit(XPRT_LOCKED, &xprt->state) == 0)
604 queue_work(rpciod_workqueue, &xprt->task_cleanup); 604 queue_work(rpciod_workqueue, &xprt->task_cleanup);
605 else if (xprt->snd_task != NULL) 605 xprt_wake_pending_tasks(xprt, -ENOTCONN);
606 rpc_wake_up_task(xprt->snd_task); 606 spin_unlock_bh(&xprt->transport_lock);
607}
608
609/**
610 * xprt_conditional_disconnect - force a transport to disconnect
611 * @xprt: transport to disconnect
612 * @cookie: 'connection cookie'
613 *
614 * This attempts to break the connection if and only if 'cookie' matches
615 * the current transport 'connection cookie'. It ensures that we don't
616 * try to break the connection more than once when we need to retransmit
617 * a batch of RPC requests.
618 *
619 */
620void xprt_conditional_disconnect(struct rpc_xprt *xprt, unsigned int cookie)
621{
622 /* Don't race with the test_bit() in xprt_clear_locked() */
623 spin_lock_bh(&xprt->transport_lock);
624 if (cookie != xprt->connect_cookie)
625 goto out;
626 if (test_bit(XPRT_CLOSING, &xprt->state) || !xprt_connected(xprt))
627 goto out;
628 set_bit(XPRT_CLOSE_WAIT, &xprt->state);
629 /* Try to schedule an autoclose RPC call */
630 if (test_and_set_bit(XPRT_LOCKED, &xprt->state) == 0)
631 queue_work(rpciod_workqueue, &xprt->task_cleanup);
632 xprt_wake_pending_tasks(xprt, -ENOTCONN);
633out:
607 spin_unlock_bh(&xprt->transport_lock); 634 spin_unlock_bh(&xprt->transport_lock);
608} 635}
609EXPORT_SYMBOL_GPL(xprt_force_disconnect);
610 636
611static void 637static void
612xprt_init_autodisconnect(unsigned long data) 638xprt_init_autodisconnect(unsigned long data)
@@ -653,7 +679,7 @@ void xprt_connect(struct rpc_task *task)
653 task->tk_rqstp->rq_bytes_sent = 0; 679 task->tk_rqstp->rq_bytes_sent = 0;
654 680
655 task->tk_timeout = xprt->connect_timeout; 681 task->tk_timeout = xprt->connect_timeout;
656 rpc_sleep_on(&xprt->pending, task, xprt_connect_status, NULL); 682 rpc_sleep_on(&xprt->pending, task, xprt_connect_status);
657 xprt->stat.connect_start = jiffies; 683 xprt->stat.connect_start = jiffies;
658 xprt->ops->connect(task); 684 xprt->ops->connect(task);
659 } 685 }
@@ -749,18 +775,20 @@ EXPORT_SYMBOL_GPL(xprt_update_rtt);
749void xprt_complete_rqst(struct rpc_task *task, int copied) 775void xprt_complete_rqst(struct rpc_task *task, int copied)
750{ 776{
751 struct rpc_rqst *req = task->tk_rqstp; 777 struct rpc_rqst *req = task->tk_rqstp;
778 struct rpc_xprt *xprt = req->rq_xprt;
752 779
753 dprintk("RPC: %5u xid %08x complete (%d bytes received)\n", 780 dprintk("RPC: %5u xid %08x complete (%d bytes received)\n",
754 task->tk_pid, ntohl(req->rq_xid), copied); 781 task->tk_pid, ntohl(req->rq_xid), copied);
755 782
756 task->tk_xprt->stat.recvs++; 783 xprt->stat.recvs++;
757 task->tk_rtt = (long)jiffies - req->rq_xtime; 784 task->tk_rtt = (long)jiffies - req->rq_xtime;
758 785
759 list_del_init(&req->rq_list); 786 list_del_init(&req->rq_list);
787 req->rq_private_buf.len = copied;
760 /* Ensure all writes are done before we update req->rq_received */ 788 /* Ensure all writes are done before we update req->rq_received */
761 smp_wmb(); 789 smp_wmb();
762 req->rq_received = req->rq_private_buf.len = copied; 790 req->rq_received = copied;
763 rpc_wake_up_task(task); 791 rpc_wake_up_queued_task(&xprt->pending, task);
764} 792}
765EXPORT_SYMBOL_GPL(xprt_complete_rqst); 793EXPORT_SYMBOL_GPL(xprt_complete_rqst);
766 794
@@ -769,17 +797,17 @@ static void xprt_timer(struct rpc_task *task)
769 struct rpc_rqst *req = task->tk_rqstp; 797 struct rpc_rqst *req = task->tk_rqstp;
770 struct rpc_xprt *xprt = req->rq_xprt; 798 struct rpc_xprt *xprt = req->rq_xprt;
771 799
800 if (task->tk_status != -ETIMEDOUT)
801 return;
772 dprintk("RPC: %5u xprt_timer\n", task->tk_pid); 802 dprintk("RPC: %5u xprt_timer\n", task->tk_pid);
773 803
774 spin_lock(&xprt->transport_lock); 804 spin_lock_bh(&xprt->transport_lock);
775 if (!req->rq_received) { 805 if (!req->rq_received) {
776 if (xprt->ops->timer) 806 if (xprt->ops->timer)
777 xprt->ops->timer(task); 807 xprt->ops->timer(task);
778 task->tk_status = -ETIMEDOUT; 808 } else
779 } 809 task->tk_status = 0;
780 task->tk_timeout = 0; 810 spin_unlock_bh(&xprt->transport_lock);
781 rpc_wake_up_task(task);
782 spin_unlock(&xprt->transport_lock);
783} 811}
784 812
785/** 813/**
@@ -849,6 +877,7 @@ void xprt_transmit(struct rpc_task *task)
849 } else if (!req->rq_bytes_sent) 877 } else if (!req->rq_bytes_sent)
850 return; 878 return;
851 879
880 req->rq_connect_cookie = xprt->connect_cookie;
852 status = xprt->ops->send_request(task); 881 status = xprt->ops->send_request(task);
853 if (status == 0) { 882 if (status == 0) {
854 dprintk("RPC: %5u xmit complete\n", task->tk_pid); 883 dprintk("RPC: %5u xmit complete\n", task->tk_pid);
@@ -864,7 +893,7 @@ void xprt_transmit(struct rpc_task *task)
864 if (!xprt_connected(xprt)) 893 if (!xprt_connected(xprt))
865 task->tk_status = -ENOTCONN; 894 task->tk_status = -ENOTCONN;
866 else if (!req->rq_received) 895 else if (!req->rq_received)
867 rpc_sleep_on(&xprt->pending, task, NULL, xprt_timer); 896 rpc_sleep_on(&xprt->pending, task, xprt_timer);
868 spin_unlock_bh(&xprt->transport_lock); 897 spin_unlock_bh(&xprt->transport_lock);
869 return; 898 return;
870 } 899 }
@@ -875,7 +904,7 @@ void xprt_transmit(struct rpc_task *task)
875 */ 904 */
876 task->tk_status = status; 905 task->tk_status = status;
877 if (status == -ECONNREFUSED) 906 if (status == -ECONNREFUSED)
878 rpc_sleep_on(&xprt->sending, task, NULL, NULL); 907 rpc_sleep_on(&xprt->sending, task, NULL);
879} 908}
880 909
881static inline void do_xprt_reserve(struct rpc_task *task) 910static inline void do_xprt_reserve(struct rpc_task *task)
@@ -895,7 +924,7 @@ static inline void do_xprt_reserve(struct rpc_task *task)
895 dprintk("RPC: waiting for request slot\n"); 924 dprintk("RPC: waiting for request slot\n");
896 task->tk_status = -EAGAIN; 925 task->tk_status = -EAGAIN;
897 task->tk_timeout = 0; 926 task->tk_timeout = 0;
898 rpc_sleep_on(&xprt->backlog, task, NULL, NULL); 927 rpc_sleep_on(&xprt->backlog, task, NULL);
899} 928}
900 929
901/** 930/**
@@ -1052,6 +1081,11 @@ static void xprt_destroy(struct kref *kref)
1052 xprt->shutdown = 1; 1081 xprt->shutdown = 1;
1053 del_timer_sync(&xprt->timer); 1082 del_timer_sync(&xprt->timer);
1054 1083
1084 rpc_destroy_wait_queue(&xprt->binding);
1085 rpc_destroy_wait_queue(&xprt->pending);
1086 rpc_destroy_wait_queue(&xprt->sending);
1087 rpc_destroy_wait_queue(&xprt->resend);
1088 rpc_destroy_wait_queue(&xprt->backlog);
1055 /* 1089 /*
1056 * Tear down transport state and free the rpc_xprt 1090 * Tear down transport state and free the rpc_xprt
1057 */ 1091 */
diff --git a/net/sunrpc/xprtrdma/svc_rdma_transport.c b/net/sunrpc/xprtrdma/svc_rdma_transport.c
index 16fd3f6718ff..af408fc12634 100644
--- a/net/sunrpc/xprtrdma/svc_rdma_transport.c
+++ b/net/sunrpc/xprtrdma/svc_rdma_transport.c
@@ -1036,6 +1036,8 @@ int svc_rdma_send(struct svcxprt_rdma *xprt, struct ib_send_wr *wr)
1036 wait_event(xprt->sc_send_wait, 1036 wait_event(xprt->sc_send_wait,
1037 atomic_read(&xprt->sc_sq_count) < 1037 atomic_read(&xprt->sc_sq_count) <
1038 xprt->sc_sq_depth); 1038 xprt->sc_sq_depth);
1039 if (test_bit(XPT_CLOSE, &xprt->sc_xprt.xpt_flags))
1040 return 0;
1039 continue; 1041 continue;
1040 } 1042 }
1041 /* Bumped used SQ WR count and post */ 1043 /* Bumped used SQ WR count and post */
diff --git a/net/sunrpc/xprtsock.c b/net/sunrpc/xprtsock.c
index 613daf8c1ff7..ddbe981ab516 100644
--- a/net/sunrpc/xprtsock.c
+++ b/net/sunrpc/xprtsock.c
@@ -136,12 +136,6 @@ static ctl_table sunrpc_table[] = {
136#endif 136#endif
137 137
138/* 138/*
139 * How many times to try sending a request on a socket before waiting
140 * for the socket buffer to clear.
141 */
142#define XS_SENDMSG_RETRY (10U)
143
144/*
145 * Time out for an RPC UDP socket connect. UDP socket connects are 139 * Time out for an RPC UDP socket connect. UDP socket connects are
146 * synchronous, but we set a timeout anyway in case of resource 140 * synchronous, but we set a timeout anyway in case of resource
147 * exhaustion on the local host. 141 * exhaustion on the local host.
@@ -516,6 +510,14 @@ out:
516 return sent; 510 return sent;
517} 511}
518 512
513static void xs_nospace_callback(struct rpc_task *task)
514{
515 struct sock_xprt *transport = container_of(task->tk_rqstp->rq_xprt, struct sock_xprt, xprt);
516
517 transport->inet->sk_write_pending--;
518 clear_bit(SOCK_ASYNC_NOSPACE, &transport->sock->flags);
519}
520
519/** 521/**
520 * xs_nospace - place task on wait queue if transmit was incomplete 522 * xs_nospace - place task on wait queue if transmit was incomplete
521 * @task: task to put to sleep 523 * @task: task to put to sleep
@@ -531,20 +533,27 @@ static void xs_nospace(struct rpc_task *task)
531 task->tk_pid, req->rq_slen - req->rq_bytes_sent, 533 task->tk_pid, req->rq_slen - req->rq_bytes_sent,
532 req->rq_slen); 534 req->rq_slen);
533 535
534 if (test_bit(SOCK_ASYNC_NOSPACE, &transport->sock->flags)) { 536 /* Protect against races with write_space */
535 /* Protect against races with write_space */ 537 spin_lock_bh(&xprt->transport_lock);
536 spin_lock_bh(&xprt->transport_lock); 538
537 539 /* Don't race with disconnect */
538 /* Don't race with disconnect */ 540 if (xprt_connected(xprt)) {
539 if (!xprt_connected(xprt)) 541 if (test_bit(SOCK_ASYNC_NOSPACE, &transport->sock->flags)) {
540 task->tk_status = -ENOTCONN; 542 /*
541 else if (test_bit(SOCK_NOSPACE, &transport->sock->flags)) 543 * Notify TCP that we're limited by the application
542 xprt_wait_for_buffer_space(task); 544 * window size
545 */
546 set_bit(SOCK_NOSPACE, &transport->sock->flags);
547 transport->inet->sk_write_pending++;
548 /* ...and wait for more buffer space */
549 xprt_wait_for_buffer_space(task, xs_nospace_callback);
550 }
551 } else {
552 clear_bit(SOCK_ASYNC_NOSPACE, &transport->sock->flags);
553 task->tk_status = -ENOTCONN;
554 }
543 555
544 spin_unlock_bh(&xprt->transport_lock); 556 spin_unlock_bh(&xprt->transport_lock);
545 } else
546 /* Keep holding the socket if it is blocked */
547 rpc_delay(task, HZ>>4);
548} 557}
549 558
550/** 559/**
@@ -588,19 +597,20 @@ static int xs_udp_send_request(struct rpc_task *task)
588 } 597 }
589 598
590 switch (status) { 599 switch (status) {
600 case -EAGAIN:
601 xs_nospace(task);
602 break;
591 case -ENETUNREACH: 603 case -ENETUNREACH:
592 case -EPIPE: 604 case -EPIPE:
593 case -ECONNREFUSED: 605 case -ECONNREFUSED:
594 /* When the server has died, an ICMP port unreachable message 606 /* When the server has died, an ICMP port unreachable message
595 * prompts ECONNREFUSED. */ 607 * prompts ECONNREFUSED. */
596 break; 608 clear_bit(SOCK_ASYNC_NOSPACE, &transport->sock->flags);
597 case -EAGAIN:
598 xs_nospace(task);
599 break; 609 break;
600 default: 610 default:
611 clear_bit(SOCK_ASYNC_NOSPACE, &transport->sock->flags);
601 dprintk("RPC: sendmsg returned unrecognized error %d\n", 612 dprintk("RPC: sendmsg returned unrecognized error %d\n",
602 -status); 613 -status);
603 break;
604 } 614 }
605 615
606 return status; 616 return status;
@@ -650,7 +660,6 @@ static int xs_tcp_send_request(struct rpc_task *task)
650 struct sock_xprt *transport = container_of(xprt, struct sock_xprt, xprt); 660 struct sock_xprt *transport = container_of(xprt, struct sock_xprt, xprt);
651 struct xdr_buf *xdr = &req->rq_snd_buf; 661 struct xdr_buf *xdr = &req->rq_snd_buf;
652 int status; 662 int status;
653 unsigned int retry = 0;
654 663
655 xs_encode_tcp_record_marker(&req->rq_snd_buf); 664 xs_encode_tcp_record_marker(&req->rq_snd_buf);
656 665
@@ -681,9 +690,10 @@ static int xs_tcp_send_request(struct rpc_task *task)
681 return 0; 690 return 0;
682 } 691 }
683 692
693 if (status != 0)
694 continue;
684 status = -EAGAIN; 695 status = -EAGAIN;
685 if (retry++ > XS_SENDMSG_RETRY) 696 break;
686 break;
687 } 697 }
688 698
689 switch (status) { 699 switch (status) {
@@ -695,12 +705,13 @@ static int xs_tcp_send_request(struct rpc_task *task)
695 case -ENOTCONN: 705 case -ENOTCONN:
696 case -EPIPE: 706 case -EPIPE:
697 status = -ENOTCONN; 707 status = -ENOTCONN;
708 clear_bit(SOCK_ASYNC_NOSPACE, &transport->sock->flags);
698 break; 709 break;
699 default: 710 default:
700 dprintk("RPC: sendmsg returned unrecognized error %d\n", 711 dprintk("RPC: sendmsg returned unrecognized error %d\n",
701 -status); 712 -status);
713 clear_bit(SOCK_ASYNC_NOSPACE, &transport->sock->flags);
702 xs_tcp_shutdown(xprt); 714 xs_tcp_shutdown(xprt);
703 break;
704 } 715 }
705 716
706 return status; 717 return status;
@@ -1073,6 +1084,7 @@ static void xs_tcp_data_ready(struct sock *sk, int bytes)
1073{ 1084{
1074 struct rpc_xprt *xprt; 1085 struct rpc_xprt *xprt;
1075 read_descriptor_t rd_desc; 1086 read_descriptor_t rd_desc;
1087 int read;
1076 1088
1077 dprintk("RPC: xs_tcp_data_ready...\n"); 1089 dprintk("RPC: xs_tcp_data_ready...\n");
1078 1090
@@ -1084,8 +1096,10 @@ static void xs_tcp_data_ready(struct sock *sk, int bytes)
1084 1096
1085 /* We use rd_desc to pass struct xprt to xs_tcp_data_recv */ 1097 /* We use rd_desc to pass struct xprt to xs_tcp_data_recv */
1086 rd_desc.arg.data = xprt; 1098 rd_desc.arg.data = xprt;
1087 rd_desc.count = 65536; 1099 do {
1088 tcp_read_sock(sk, &rd_desc, xs_tcp_data_recv); 1100 rd_desc.count = 65536;
1101 read = tcp_read_sock(sk, &rd_desc, xs_tcp_data_recv);
1102 } while (read > 0);
1089out: 1103out:
1090 read_unlock(&sk->sk_callback_lock); 1104 read_unlock(&sk->sk_callback_lock);
1091} 1105}
@@ -1128,6 +1142,7 @@ static void xs_tcp_state_change(struct sock *sk)
1128 break; 1142 break;
1129 case TCP_FIN_WAIT1: 1143 case TCP_FIN_WAIT1:
1130 /* The client initiated a shutdown of the socket */ 1144 /* The client initiated a shutdown of the socket */
1145 xprt->connect_cookie++;
1131 xprt->reestablish_timeout = 0; 1146 xprt->reestablish_timeout = 0;
1132 set_bit(XPRT_CLOSING, &xprt->state); 1147 set_bit(XPRT_CLOSING, &xprt->state);
1133 smp_mb__before_clear_bit(); 1148 smp_mb__before_clear_bit();
@@ -1140,6 +1155,7 @@ static void xs_tcp_state_change(struct sock *sk)
1140 set_bit(XPRT_CLOSING, &xprt->state); 1155 set_bit(XPRT_CLOSING, &xprt->state);
1141 xprt_force_disconnect(xprt); 1156 xprt_force_disconnect(xprt);
1142 case TCP_SYN_SENT: 1157 case TCP_SYN_SENT:
1158 xprt->connect_cookie++;
1143 case TCP_CLOSING: 1159 case TCP_CLOSING:
1144 /* 1160 /*
1145 * If the server closed down the connection, make sure that 1161 * If the server closed down the connection, make sure that
@@ -1186,9 +1202,11 @@ static void xs_udp_write_space(struct sock *sk)
1186 1202
1187 if (unlikely(!(sock = sk->sk_socket))) 1203 if (unlikely(!(sock = sk->sk_socket)))
1188 goto out; 1204 goto out;
1205 clear_bit(SOCK_NOSPACE, &sock->flags);
1206
1189 if (unlikely(!(xprt = xprt_from_sock(sk)))) 1207 if (unlikely(!(xprt = xprt_from_sock(sk))))
1190 goto out; 1208 goto out;
1191 if (unlikely(!test_and_clear_bit(SOCK_NOSPACE, &sock->flags))) 1209 if (test_and_clear_bit(SOCK_ASYNC_NOSPACE, &sock->flags) == 0)
1192 goto out; 1210 goto out;
1193 1211
1194 xprt_write_space(xprt); 1212 xprt_write_space(xprt);
@@ -1219,9 +1237,11 @@ static void xs_tcp_write_space(struct sock *sk)
1219 1237
1220 if (unlikely(!(sock = sk->sk_socket))) 1238 if (unlikely(!(sock = sk->sk_socket)))
1221 goto out; 1239 goto out;
1240 clear_bit(SOCK_NOSPACE, &sock->flags);
1241
1222 if (unlikely(!(xprt = xprt_from_sock(sk)))) 1242 if (unlikely(!(xprt = xprt_from_sock(sk))))
1223 goto out; 1243 goto out;
1224 if (unlikely(!test_and_clear_bit(SOCK_NOSPACE, &sock->flags))) 1244 if (test_and_clear_bit(SOCK_ASYNC_NOSPACE, &sock->flags) == 0)
1225 goto out; 1245 goto out;
1226 1246
1227 xprt_write_space(xprt); 1247 xprt_write_space(xprt);
diff --git a/net/sysctl_net.c b/net/sysctl_net.c
index 665e856675a4..b4f0525f91af 100644
--- a/net/sysctl_net.c
+++ b/net/sysctl_net.c
@@ -82,6 +82,6 @@ EXPORT_SYMBOL_GPL(register_net_sysctl_table);
82 82
83void unregister_net_sysctl_table(struct ctl_table_header *header) 83void unregister_net_sysctl_table(struct ctl_table_header *header)
84{ 84{
85 return unregister_sysctl_table(header); 85 unregister_sysctl_table(header);
86} 86}
87EXPORT_SYMBOL_GPL(unregister_net_sysctl_table); 87EXPORT_SYMBOL_GPL(unregister_net_sysctl_table);
diff --git a/net/tipc/msg.h b/net/tipc/msg.h
index 6ad070d87702..ad487e8abcc2 100644
--- a/net/tipc/msg.h
+++ b/net/tipc/msg.h
@@ -70,10 +70,9 @@ static inline void msg_set_bits(struct tipc_msg *m, u32 w,
70 u32 pos, u32 mask, u32 val) 70 u32 pos, u32 mask, u32 val)
71{ 71{
72 val = (val & mask) << pos; 72 val = (val & mask) << pos;
73 val = htonl(val); 73 mask = mask << pos;
74 mask = htonl(mask << pos); 74 m->hdr[w] &= ~htonl(mask);
75 m->hdr[w] &= ~mask; 75 m->hdr[w] |= htonl(val);
76 m->hdr[w] |= val;
77} 76}
78 77
79/* 78/*
diff --git a/net/tipc/socket.c b/net/tipc/socket.c
index 05853159536a..230f9ca2ad6b 100644
--- a/net/tipc/socket.c
+++ b/net/tipc/socket.c
@@ -1756,8 +1756,8 @@ static int getsockopt(struct socket *sock,
1756 else if (len < sizeof(value)) { 1756 else if (len < sizeof(value)) {
1757 res = -EINVAL; 1757 res = -EINVAL;
1758 } 1758 }
1759 else if ((res = copy_to_user(ov, &value, sizeof(value)))) { 1759 else if (copy_to_user(ov, &value, sizeof(value))) {
1760 /* couldn't return value */ 1760 res = -EFAULT;
1761 } 1761 }
1762 else { 1762 else {
1763 res = put_user(sizeof(value), ol); 1763 res = put_user(sizeof(value), ol);
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
index 1454afcc06c4..e18cd3628db4 100644
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -2197,7 +2197,11 @@ static void __exit af_unix_exit(void)
2197 unregister_pernet_subsys(&unix_net_ops); 2197 unregister_pernet_subsys(&unix_net_ops);
2198} 2198}
2199 2199
2200module_init(af_unix_init); 2200/* Earlier than device_initcall() so that other drivers invoking
2201 request_module() don't end up in a loop when modprobe tries
2202 to use a UNIX socket. But later than subsys_initcall() because
2203 we depend on stuff initialised there */
2204fs_initcall(af_unix_init);
2201module_exit(af_unix_exit); 2205module_exit(af_unix_exit);
2202 2206
2203MODULE_LICENSE("GPL"); 2207MODULE_LICENSE("GPL");
diff --git a/net/xfrm/xfrm_algo.c b/net/xfrm/xfrm_algo.c
index 8aa6440d689f..ac765dd9c7f5 100644
--- a/net/xfrm/xfrm_algo.c
+++ b/net/xfrm/xfrm_algo.c
@@ -129,8 +129,7 @@ static struct xfrm_algo_desc aead_list[] = {
129 129
130static struct xfrm_algo_desc aalg_list[] = { 130static struct xfrm_algo_desc aalg_list[] = {
131{ 131{
132 .name = "hmac(digest_null)", 132 .name = "digest_null",
133 .compat = "digest_null",
134 133
135 .uinfo = { 134 .uinfo = {
136 .auth = { 135 .auth = {
diff --git a/net/xfrm/xfrm_output.c b/net/xfrm/xfrm_output.c
index 2519129c6d21..09cd9c0c2d80 100644
--- a/net/xfrm/xfrm_output.c
+++ b/net/xfrm/xfrm_output.c
@@ -150,7 +150,7 @@ static int xfrm_output_gso(struct sk_buff *skb)
150 150
151 segs = skb_gso_segment(skb, 0); 151 segs = skb_gso_segment(skb, 0);
152 kfree_skb(skb); 152 kfree_skb(skb);
153 if (unlikely(IS_ERR(segs))) 153 if (IS_ERR(segs))
154 return PTR_ERR(segs); 154 return PTR_ERR(segs);
155 155
156 do { 156 do {
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index ab4d0e598a2c..cae9fd815543 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -762,6 +762,7 @@ xfrm_policy_flush_secctx_check(u8 type, struct xfrm_audit *audit_info)
762 if (err) { 762 if (err) {
763 xfrm_audit_policy_delete(pol, 0, 763 xfrm_audit_policy_delete(pol, 0,
764 audit_info->loginuid, 764 audit_info->loginuid,
765 audit_info->sessionid,
765 audit_info->secid); 766 audit_info->secid);
766 return err; 767 return err;
767 } 768 }
@@ -777,6 +778,7 @@ xfrm_policy_flush_secctx_check(u8 type, struct xfrm_audit *audit_info)
777 if (err) { 778 if (err) {
778 xfrm_audit_policy_delete(pol, 0, 779 xfrm_audit_policy_delete(pol, 0,
779 audit_info->loginuid, 780 audit_info->loginuid,
781 audit_info->sessionid,
780 audit_info->secid); 782 audit_info->secid);
781 return err; 783 return err;
782 } 784 }
@@ -819,6 +821,7 @@ int xfrm_policy_flush(u8 type, struct xfrm_audit *audit_info)
819 write_unlock_bh(&xfrm_policy_lock); 821 write_unlock_bh(&xfrm_policy_lock);
820 822
821 xfrm_audit_policy_delete(pol, 1, audit_info->loginuid, 823 xfrm_audit_policy_delete(pol, 1, audit_info->loginuid,
824 audit_info->sessionid,
822 audit_info->secid); 825 audit_info->secid);
823 826
824 xfrm_policy_kill(pol); 827 xfrm_policy_kill(pol);
@@ -841,6 +844,7 @@ int xfrm_policy_flush(u8 type, struct xfrm_audit *audit_info)
841 844
842 xfrm_audit_policy_delete(pol, 1, 845 xfrm_audit_policy_delete(pol, 1,
843 audit_info->loginuid, 846 audit_info->loginuid,
847 audit_info->sessionid,
844 audit_info->secid); 848 audit_info->secid);
845 xfrm_policy_kill(pol); 849 xfrm_policy_kill(pol);
846 killed++; 850 killed++;
@@ -1819,7 +1823,7 @@ xfrm_state_ok(struct xfrm_tmpl *tmpl, struct xfrm_state *x,
1819 (x->id.spi == tmpl->id.spi || !tmpl->id.spi) && 1823 (x->id.spi == tmpl->id.spi || !tmpl->id.spi) &&
1820 (x->props.reqid == tmpl->reqid || !tmpl->reqid) && 1824 (x->props.reqid == tmpl->reqid || !tmpl->reqid) &&
1821 x->props.mode == tmpl->mode && 1825 x->props.mode == tmpl->mode &&
1822 ((tmpl->aalgos & (1<<x->props.aalgo)) || 1826 (tmpl->allalgs || (tmpl->aalgos & (1<<x->props.aalgo)) ||
1823 !(xfrm_id_proto_match(tmpl->id.proto, IPSEC_PROTO_ANY))) && 1827 !(xfrm_id_proto_match(tmpl->id.proto, IPSEC_PROTO_ANY))) &&
1824 !(x->props.mode != XFRM_MODE_TRANSPORT && 1828 !(x->props.mode != XFRM_MODE_TRANSPORT &&
1825 xfrm_state_addr_cmp(tmpl, x, family)); 1829 xfrm_state_addr_cmp(tmpl, x, family));
@@ -2472,14 +2476,14 @@ static void xfrm_audit_common_policyinfo(struct xfrm_policy *xp,
2472} 2476}
2473 2477
2474void xfrm_audit_policy_add(struct xfrm_policy *xp, int result, 2478void xfrm_audit_policy_add(struct xfrm_policy *xp, int result,
2475 u32 auid, u32 secid) 2479 uid_t auid, u32 sessionid, u32 secid)
2476{ 2480{
2477 struct audit_buffer *audit_buf; 2481 struct audit_buffer *audit_buf;
2478 2482
2479 audit_buf = xfrm_audit_start("SPD-add"); 2483 audit_buf = xfrm_audit_start("SPD-add");
2480 if (audit_buf == NULL) 2484 if (audit_buf == NULL)
2481 return; 2485 return;
2482 xfrm_audit_helper_usrinfo(auid, secid, audit_buf); 2486 xfrm_audit_helper_usrinfo(auid, sessionid, secid, audit_buf);
2483 audit_log_format(audit_buf, " res=%u", result); 2487 audit_log_format(audit_buf, " res=%u", result);
2484 xfrm_audit_common_policyinfo(xp, audit_buf); 2488 xfrm_audit_common_policyinfo(xp, audit_buf);
2485 audit_log_end(audit_buf); 2489 audit_log_end(audit_buf);
@@ -2487,14 +2491,14 @@ void xfrm_audit_policy_add(struct xfrm_policy *xp, int result,
2487EXPORT_SYMBOL_GPL(xfrm_audit_policy_add); 2491EXPORT_SYMBOL_GPL(xfrm_audit_policy_add);
2488 2492
2489void xfrm_audit_policy_delete(struct xfrm_policy *xp, int result, 2493void xfrm_audit_policy_delete(struct xfrm_policy *xp, int result,
2490 u32 auid, u32 secid) 2494 uid_t auid, u32 sessionid, u32 secid)
2491{ 2495{
2492 struct audit_buffer *audit_buf; 2496 struct audit_buffer *audit_buf;
2493 2497
2494 audit_buf = xfrm_audit_start("SPD-delete"); 2498 audit_buf = xfrm_audit_start("SPD-delete");
2495 if (audit_buf == NULL) 2499 if (audit_buf == NULL)
2496 return; 2500 return;
2497 xfrm_audit_helper_usrinfo(auid, secid, audit_buf); 2501 xfrm_audit_helper_usrinfo(auid, sessionid, secid, audit_buf);
2498 audit_log_format(audit_buf, " res=%u", result); 2502 audit_log_format(audit_buf, " res=%u", result);
2499 xfrm_audit_common_policyinfo(xp, audit_buf); 2503 xfrm_audit_common_policyinfo(xp, audit_buf);
2500 audit_log_end(audit_buf); 2504 audit_log_end(audit_buf);
diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
index 5dcc10b93c86..72fddafd891a 100644
--- a/net/xfrm/xfrm_state.c
+++ b/net/xfrm/xfrm_state.c
@@ -496,7 +496,8 @@ expired:
496 km_state_expired(x, 1, 0); 496 km_state_expired(x, 1, 0);
497 497
498 xfrm_audit_state_delete(x, err ? 0 : 1, 498 xfrm_audit_state_delete(x, err ? 0 : 1,
499 audit_get_loginuid(current), 0); 499 audit_get_loginuid(current),
500 audit_get_sessionid(current), 0);
500 501
501out: 502out:
502 spin_unlock(&x->lock); 503 spin_unlock(&x->lock);
@@ -603,6 +604,7 @@ xfrm_state_flush_secctx_check(u8 proto, struct xfrm_audit *audit_info)
603 (err = security_xfrm_state_delete(x)) != 0) { 604 (err = security_xfrm_state_delete(x)) != 0) {
604 xfrm_audit_state_delete(x, 0, 605 xfrm_audit_state_delete(x, 0,
605 audit_info->loginuid, 606 audit_info->loginuid,
607 audit_info->sessionid,
606 audit_info->secid); 608 audit_info->secid);
607 return err; 609 return err;
608 } 610 }
@@ -641,6 +643,7 @@ restart:
641 err = xfrm_state_delete(x); 643 err = xfrm_state_delete(x);
642 xfrm_audit_state_delete(x, err ? 0 : 1, 644 xfrm_audit_state_delete(x, err ? 0 : 1,
643 audit_info->loginuid, 645 audit_info->loginuid,
646 audit_info->sessionid,
644 audit_info->secid); 647 audit_info->secid);
645 xfrm_state_put(x); 648 xfrm_state_put(x);
646 649
@@ -2112,7 +2115,7 @@ static void xfrm_audit_helper_pktinfo(struct sk_buff *skb, u16 family,
2112 iph6 = ipv6_hdr(skb); 2115 iph6 = ipv6_hdr(skb);
2113 audit_log_format(audit_buf, 2116 audit_log_format(audit_buf,
2114 " src=" NIP6_FMT " dst=" NIP6_FMT 2117 " src=" NIP6_FMT " dst=" NIP6_FMT
2115 " flowlbl=0x%x%x%x", 2118 " flowlbl=0x%x%02x%02x",
2116 NIP6(iph6->saddr), 2119 NIP6(iph6->saddr),
2117 NIP6(iph6->daddr), 2120 NIP6(iph6->daddr),
2118 iph6->flow_lbl[0] & 0x0f, 2121 iph6->flow_lbl[0] & 0x0f,
@@ -2123,14 +2126,14 @@ static void xfrm_audit_helper_pktinfo(struct sk_buff *skb, u16 family,
2123} 2126}
2124 2127
2125void xfrm_audit_state_add(struct xfrm_state *x, int result, 2128void xfrm_audit_state_add(struct xfrm_state *x, int result,
2126 u32 auid, u32 secid) 2129 uid_t auid, u32 sessionid, u32 secid)
2127{ 2130{
2128 struct audit_buffer *audit_buf; 2131 struct audit_buffer *audit_buf;
2129 2132
2130 audit_buf = xfrm_audit_start("SAD-add"); 2133 audit_buf = xfrm_audit_start("SAD-add");
2131 if (audit_buf == NULL) 2134 if (audit_buf == NULL)
2132 return; 2135 return;
2133 xfrm_audit_helper_usrinfo(auid, secid, audit_buf); 2136 xfrm_audit_helper_usrinfo(auid, sessionid, secid, audit_buf);
2134 xfrm_audit_helper_sainfo(x, audit_buf); 2137 xfrm_audit_helper_sainfo(x, audit_buf);
2135 audit_log_format(audit_buf, " res=%u", result); 2138 audit_log_format(audit_buf, " res=%u", result);
2136 audit_log_end(audit_buf); 2139 audit_log_end(audit_buf);
@@ -2138,14 +2141,14 @@ void xfrm_audit_state_add(struct xfrm_state *x, int result,
2138EXPORT_SYMBOL_GPL(xfrm_audit_state_add); 2141EXPORT_SYMBOL_GPL(xfrm_audit_state_add);
2139 2142
2140void xfrm_audit_state_delete(struct xfrm_state *x, int result, 2143void xfrm_audit_state_delete(struct xfrm_state *x, int result,
2141 u32 auid, u32 secid) 2144 uid_t auid, u32 sessionid, u32 secid)
2142{ 2145{
2143 struct audit_buffer *audit_buf; 2146 struct audit_buffer *audit_buf;
2144 2147
2145 audit_buf = xfrm_audit_start("SAD-delete"); 2148 audit_buf = xfrm_audit_start("SAD-delete");
2146 if (audit_buf == NULL) 2149 if (audit_buf == NULL)
2147 return; 2150 return;
2148 xfrm_audit_helper_usrinfo(auid, secid, audit_buf); 2151 xfrm_audit_helper_usrinfo(auid, sessionid, secid, audit_buf);
2149 xfrm_audit_helper_sainfo(x, audit_buf); 2152 xfrm_audit_helper_sainfo(x, audit_buf);
2150 audit_log_format(audit_buf, " res=%u", result); 2153 audit_log_format(audit_buf, " res=%u", result);
2151 audit_log_end(audit_buf); 2154 audit_log_end(audit_buf);
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index 1810f5645bb5..a1b0fbe3ea35 100644
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -407,6 +407,9 @@ static int xfrm_add_sa(struct sk_buff *skb, struct nlmsghdr *nlh,
407 struct xfrm_state *x; 407 struct xfrm_state *x;
408 int err; 408 int err;
409 struct km_event c; 409 struct km_event c;
410 uid_t loginuid = NETLINK_CB(skb).loginuid;
411 u32 sessionid = NETLINK_CB(skb).sessionid;
412 u32 sid = NETLINK_CB(skb).sid;
410 413
411 err = verify_newsa_info(p, attrs); 414 err = verify_newsa_info(p, attrs);
412 if (err) 415 if (err)
@@ -422,8 +425,7 @@ static int xfrm_add_sa(struct sk_buff *skb, struct nlmsghdr *nlh,
422 else 425 else
423 err = xfrm_state_update(x); 426 err = xfrm_state_update(x);
424 427
425 xfrm_audit_state_add(x, err ? 0 : 1, NETLINK_CB(skb).loginuid, 428 xfrm_audit_state_add(x, err ? 0 : 1, loginuid, sessionid, sid);
426 NETLINK_CB(skb).sid);
427 429
428 if (err < 0) { 430 if (err < 0) {
429 x->km.state = XFRM_STATE_DEAD; 431 x->km.state = XFRM_STATE_DEAD;
@@ -478,6 +480,9 @@ static int xfrm_del_sa(struct sk_buff *skb, struct nlmsghdr *nlh,
478 int err = -ESRCH; 480 int err = -ESRCH;
479 struct km_event c; 481 struct km_event c;
480 struct xfrm_usersa_id *p = nlmsg_data(nlh); 482 struct xfrm_usersa_id *p = nlmsg_data(nlh);
483 uid_t loginuid = NETLINK_CB(skb).loginuid;
484 u32 sessionid = NETLINK_CB(skb).sessionid;
485 u32 sid = NETLINK_CB(skb).sid;
481 486
482 x = xfrm_user_state_lookup(p, attrs, &err); 487 x = xfrm_user_state_lookup(p, attrs, &err);
483 if (x == NULL) 488 if (x == NULL)
@@ -502,8 +507,7 @@ static int xfrm_del_sa(struct sk_buff *skb, struct nlmsghdr *nlh,
502 km_state_notify(x, &c); 507 km_state_notify(x, &c);
503 508
504out: 509out:
505 xfrm_audit_state_delete(x, err ? 0 : 1, NETLINK_CB(skb).loginuid, 510 xfrm_audit_state_delete(x, err ? 0 : 1, loginuid, sessionid, sid);
506 NETLINK_CB(skb).sid);
507 xfrm_state_put(x); 511 xfrm_state_put(x);
508 return err; 512 return err;
509} 513}
@@ -981,6 +985,8 @@ static void copy_templates(struct xfrm_policy *xp, struct xfrm_user_tmpl *ut,
981 t->aalgos = ut->aalgos; 985 t->aalgos = ut->aalgos;
982 t->ealgos = ut->ealgos; 986 t->ealgos = ut->ealgos;
983 t->calgos = ut->calgos; 987 t->calgos = ut->calgos;
988 /* If all masks are ~0, then we allow all algorithms. */
989 t->allalgs = !~(t->aalgos & t->ealgos & t->calgos);
984 t->encap_family = ut->family; 990 t->encap_family = ut->family;
985 } 991 }
986} 992}
@@ -1121,6 +1127,9 @@ static int xfrm_add_policy(struct sk_buff *skb, struct nlmsghdr *nlh,
1121 struct km_event c; 1127 struct km_event c;
1122 int err; 1128 int err;
1123 int excl; 1129 int excl;
1130 uid_t loginuid = NETLINK_CB(skb).loginuid;
1131 u32 sessionid = NETLINK_CB(skb).sessionid;
1132 u32 sid = NETLINK_CB(skb).sid;
1124 1133
1125 err = verify_newpolicy_info(p); 1134 err = verify_newpolicy_info(p);
1126 if (err) 1135 if (err)
@@ -1139,8 +1148,7 @@ static int xfrm_add_policy(struct sk_buff *skb, struct nlmsghdr *nlh,
1139 * a type XFRM_MSG_UPDPOLICY - JHS */ 1148 * a type XFRM_MSG_UPDPOLICY - JHS */
1140 excl = nlh->nlmsg_type == XFRM_MSG_NEWPOLICY; 1149 excl = nlh->nlmsg_type == XFRM_MSG_NEWPOLICY;
1141 err = xfrm_policy_insert(p->dir, xp, excl); 1150 err = xfrm_policy_insert(p->dir, xp, excl);
1142 xfrm_audit_policy_add(xp, err ? 0 : 1, NETLINK_CB(skb).loginuid, 1151 xfrm_audit_policy_add(xp, err ? 0 : 1, loginuid, sessionid, sid);
1143 NETLINK_CB(skb).sid);
1144 1152
1145 if (err) { 1153 if (err) {
1146 security_xfrm_policy_free(xp->security); 1154 security_xfrm_policy_free(xp->security);
@@ -1369,9 +1377,12 @@ static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh,
1369 NETLINK_CB(skb).pid); 1377 NETLINK_CB(skb).pid);
1370 } 1378 }
1371 } else { 1379 } else {
1372 xfrm_audit_policy_delete(xp, err ? 0 : 1, 1380 uid_t loginuid = NETLINK_CB(skb).loginuid;
1373 NETLINK_CB(skb).loginuid, 1381 u32 sessionid = NETLINK_CB(skb).sessionid;
1374 NETLINK_CB(skb).sid); 1382 u32 sid = NETLINK_CB(skb).sid;
1383
1384 xfrm_audit_policy_delete(xp, err ? 0 : 1, loginuid, sessionid,
1385 sid);
1375 1386
1376 if (err != 0) 1387 if (err != 0)
1377 goto out; 1388 goto out;
@@ -1397,6 +1408,7 @@ static int xfrm_flush_sa(struct sk_buff *skb, struct nlmsghdr *nlh,
1397 int err; 1408 int err;
1398 1409
1399 audit_info.loginuid = NETLINK_CB(skb).loginuid; 1410 audit_info.loginuid = NETLINK_CB(skb).loginuid;
1411 audit_info.sessionid = NETLINK_CB(skb).sessionid;
1400 audit_info.secid = NETLINK_CB(skb).sid; 1412 audit_info.secid = NETLINK_CB(skb).sid;
1401 err = xfrm_state_flush(p->proto, &audit_info); 1413 err = xfrm_state_flush(p->proto, &audit_info);
1402 if (err) 1414 if (err)
@@ -1544,6 +1556,7 @@ static int xfrm_flush_policy(struct sk_buff *skb, struct nlmsghdr *nlh,
1544 return err; 1556 return err;
1545 1557
1546 audit_info.loginuid = NETLINK_CB(skb).loginuid; 1558 audit_info.loginuid = NETLINK_CB(skb).loginuid;
1559 audit_info.sessionid = NETLINK_CB(skb).sessionid;
1547 audit_info.secid = NETLINK_CB(skb).sid; 1560 audit_info.secid = NETLINK_CB(skb).sid;
1548 err = xfrm_policy_flush(type, &audit_info); 1561 err = xfrm_policy_flush(type, &audit_info);
1549 if (err) 1562 if (err)
@@ -1602,9 +1615,11 @@ static int xfrm_add_pol_expire(struct sk_buff *skb, struct nlmsghdr *nlh,
1602 read_unlock(&xp->lock); 1615 read_unlock(&xp->lock);
1603 err = 0; 1616 err = 0;
1604 if (up->hard) { 1617 if (up->hard) {
1618 uid_t loginuid = NETLINK_CB(skb).loginuid;
1619 uid_t sessionid = NETLINK_CB(skb).sessionid;
1620 u32 sid = NETLINK_CB(skb).sid;
1605 xfrm_policy_delete(xp, p->dir); 1621 xfrm_policy_delete(xp, p->dir);
1606 xfrm_audit_policy_delete(xp, 1, NETLINK_CB(skb).loginuid, 1622 xfrm_audit_policy_delete(xp, 1, loginuid, sessionid, sid);
1607 NETLINK_CB(skb).sid);
1608 1623
1609 } else { 1624 } else {
1610 // reset the timers here? 1625 // reset the timers here?
@@ -1638,9 +1653,11 @@ static int xfrm_add_sa_expire(struct sk_buff *skb, struct nlmsghdr *nlh,
1638 km_state_expired(x, ue->hard, current->pid); 1653 km_state_expired(x, ue->hard, current->pid);
1639 1654
1640 if (ue->hard) { 1655 if (ue->hard) {
1656 uid_t loginuid = NETLINK_CB(skb).loginuid;
1657 uid_t sessionid = NETLINK_CB(skb).sessionid;
1658 u32 sid = NETLINK_CB(skb).sid;
1641 __xfrm_state_delete(x); 1659 __xfrm_state_delete(x);
1642 xfrm_audit_state_delete(x, 1, NETLINK_CB(skb).loginuid, 1660 xfrm_audit_state_delete(x, 1, loginuid, sessionid, sid);
1643 NETLINK_CB(skb).sid);
1644 } 1661 }
1645 err = 0; 1662 err = 0;
1646out: 1663out:
generated by cgit v1.2.2 (git 2.25.0) at 2025-01-08 07:14:01 -0500