aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
Diffstat (limited to 'net')
-rw-r--r--net/bluetooth/l2cap.c144
-rw-r--r--net/core/sock.c14
-rw-r--r--net/core/sysctl_net_core.c9
-rw-r--r--net/dccp/Kconfig15
-rw-r--r--net/dccp/ccids/ccid3.c3
-rw-r--r--net/dccp/ipv6.c10
-rw-r--r--net/ipv4/fib_hash.c6
-rw-r--r--net/ipv4/fib_lookup.h3
-rw-r--r--net/ipv4/fib_semantics.c5
-rw-r--r--net/ipv4/fib_trie.c6
-rw-r--r--net/ipv4/ipvs/Kconfig30
-rw-r--r--net/ipv4/netfilter/nf_nat_ftp.c20
-rw-r--r--net/ipv4/netfilter/nf_nat_h323.c6
-rw-r--r--net/ipv4/route.c71
-rw-r--r--net/ipv6/addrconf.c31
-rw-r--r--net/ipv6/datagram.c8
-rw-r--r--net/ipv6/raw.c8
-rw-r--r--net/ipv6/route.c63
-rw-r--r--net/ipv6/tcp_ipv6.c8
-rw-r--r--net/ipv6/udp.c8
-rw-r--r--net/netfilter/nf_conntrack_ftp.c13
-rw-r--r--net/netfilter/nf_conntrack_h323_main.c41
-rw-r--r--net/netfilter/nf_conntrack_h323_types.c31
-rw-r--r--net/sched/sch_generic.c2
-rw-r--r--net/sched/sch_htb.c5
-rw-r--r--net/sctp/Kconfig14
-rw-r--r--net/tipc/Kconfig24
-rw-r--r--net/tipc/eth_media.c10
-rw-r--r--net/xfrm/xfrm_policy.c28
29 files changed, 406 insertions, 230 deletions
diff --git a/net/bluetooth/l2cap.c b/net/bluetooth/l2cap.c
index a59b1fb63b..670ff95ca6 100644
--- a/net/bluetooth/l2cap.c
+++ b/net/bluetooth/l2cap.c
@@ -507,6 +507,7 @@ static void l2cap_sock_init(struct sock *sk, struct sock *parent)
507 } 507 }
508 508
509 /* Default config options */ 509 /* Default config options */
510 pi->conf_len = 0;
510 pi->conf_mtu = L2CAP_DEFAULT_MTU; 511 pi->conf_mtu = L2CAP_DEFAULT_MTU;
511 pi->flush_to = L2CAP_DEFAULT_FLUSH_TO; 512 pi->flush_to = L2CAP_DEFAULT_FLUSH_TO;
512} 513}
@@ -1271,42 +1272,6 @@ static inline int l2cap_get_conf_opt(void **ptr, int *type, int *olen, unsigned
1271 return len; 1272 return len;
1272} 1273}
1273 1274
1274static inline void l2cap_parse_conf_req(struct sock *sk, void *data, int len)
1275{
1276 int type, hint, olen;
1277 unsigned long val;
1278 void *ptr = data;
1279
1280 BT_DBG("sk %p len %d", sk, len);
1281
1282 while (len >= L2CAP_CONF_OPT_SIZE) {
1283 len -= l2cap_get_conf_opt(&ptr, &type, &olen, &val);
1284
1285 hint = type & 0x80;
1286 type &= 0x7f;
1287
1288 switch (type) {
1289 case L2CAP_CONF_MTU:
1290 l2cap_pi(sk)->conf_mtu = val;
1291 break;
1292
1293 case L2CAP_CONF_FLUSH_TO:
1294 l2cap_pi(sk)->flush_to = val;
1295 break;
1296
1297 case L2CAP_CONF_QOS:
1298 break;
1299
1300 default:
1301 if (hint)
1302 break;
1303
1304 /* FIXME: Reject unknown option */
1305 break;
1306 }
1307 }
1308}
1309
1310static void l2cap_add_conf_opt(void **ptr, u8 type, u8 len, unsigned long val) 1275static void l2cap_add_conf_opt(void **ptr, u8 type, u8 len, unsigned long val)
1311{ 1276{
1312 struct l2cap_conf_opt *opt = *ptr; 1277 struct l2cap_conf_opt *opt = *ptr;
@@ -1358,39 +1323,75 @@ static int l2cap_build_conf_req(struct sock *sk, void *data)
1358 return ptr - data; 1323 return ptr - data;
1359} 1324}
1360 1325
1361static inline int l2cap_conf_output(struct sock *sk, void **ptr) 1326static int l2cap_parse_conf_req(struct sock *sk, void *data)
1362{ 1327{
1363 struct l2cap_pinfo *pi = l2cap_pi(sk); 1328 struct l2cap_pinfo *pi = l2cap_pi(sk);
1364 int result = 0; 1329 struct l2cap_conf_rsp *rsp = data;
1330 void *ptr = rsp->data;
1331 void *req = pi->conf_req;
1332 int len = pi->conf_len;
1333 int type, hint, olen;
1334 unsigned long val;
1335 u16 result = L2CAP_CONF_SUCCESS;
1365 1336
1366 /* Configure output options and let the other side know 1337 BT_DBG("sk %p", sk);
1367 * which ones we don't like. */ 1338
1368 if (pi->conf_mtu < pi->omtu) 1339 while (len >= L2CAP_CONF_OPT_SIZE) {
1369 result = L2CAP_CONF_UNACCEPT; 1340 len -= l2cap_get_conf_opt(&req, &type, &olen, &val);
1370 else
1371 pi->omtu = pi->conf_mtu;
1372 1341
1373 l2cap_add_conf_opt(ptr, L2CAP_CONF_MTU, 2, pi->omtu); 1342 hint = type & 0x80;
1343 type &= 0x7f;
1344
1345 switch (type) {
1346 case L2CAP_CONF_MTU:
1347 pi->conf_mtu = val;
1348 break;
1349
1350 case L2CAP_CONF_FLUSH_TO:
1351 pi->flush_to = val;
1352 break;
1353
1354 case L2CAP_CONF_QOS:
1355 break;
1356
1357 default:
1358 if (hint)
1359 break;
1360
1361 result = L2CAP_CONF_UNKNOWN;
1362 *((u8 *) ptr++) = type;
1363 break;
1364 }
1365 }
1366
1367 if (result == L2CAP_CONF_SUCCESS) {
1368 /* Configure output options and let the other side know
1369 * which ones we don't like. */
1370
1371 if (pi->conf_mtu < pi->omtu)
1372 result = L2CAP_CONF_UNACCEPT;
1373 else
1374 pi->omtu = pi->conf_mtu;
1375
1376 l2cap_add_conf_opt(&ptr, L2CAP_CONF_MTU, 2, pi->omtu);
1377 }
1374 1378
1375 BT_DBG("sk %p result %d", sk, result); 1379 rsp->scid = cpu_to_le16(pi->dcid);
1376 return result; 1380 rsp->result = cpu_to_le16(result);
1381 rsp->flags = cpu_to_le16(0x0000);
1382
1383 return ptr - data;
1377} 1384}
1378 1385
1379static int l2cap_build_conf_rsp(struct sock *sk, void *data, int *result) 1386static int l2cap_build_conf_rsp(struct sock *sk, void *data, u16 result, u16 flags)
1380{ 1387{
1381 struct l2cap_conf_rsp *rsp = data; 1388 struct l2cap_conf_rsp *rsp = data;
1382 void *ptr = rsp->data; 1389 void *ptr = rsp->data;
1383 u16 flags = 0;
1384
1385 BT_DBG("sk %p complete %d", sk, result ? 1 : 0);
1386 1390
1387 if (result) 1391 BT_DBG("sk %p", sk);
1388 *result = l2cap_conf_output(sk, &ptr);
1389 else
1390 flags = 0x0001;
1391 1392
1392 rsp->scid = cpu_to_le16(l2cap_pi(sk)->dcid); 1393 rsp->scid = cpu_to_le16(l2cap_pi(sk)->dcid);
1393 rsp->result = cpu_to_le16(result ? *result : 0); 1394 rsp->result = cpu_to_le16(result);
1394 rsp->flags = cpu_to_le16(flags); 1395 rsp->flags = cpu_to_le16(flags);
1395 1396
1396 return ptr - data; 1397 return ptr - data;
@@ -1535,7 +1536,7 @@ static inline int l2cap_config_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr
1535 u16 dcid, flags; 1536 u16 dcid, flags;
1536 u8 rsp[64]; 1537 u8 rsp[64];
1537 struct sock *sk; 1538 struct sock *sk;
1538 int result; 1539 int len;
1539 1540
1540 dcid = __le16_to_cpu(req->dcid); 1541 dcid = __le16_to_cpu(req->dcid);
1541 flags = __le16_to_cpu(req->flags); 1542 flags = __le16_to_cpu(req->flags);
@@ -1548,25 +1549,40 @@ static inline int l2cap_config_req(struct l2cap_conn *conn, struct l2cap_cmd_hdr
1548 if (sk->sk_state == BT_DISCONN) 1549 if (sk->sk_state == BT_DISCONN)
1549 goto unlock; 1550 goto unlock;
1550 1551
1551 l2cap_parse_conf_req(sk, req->data, cmd->len - sizeof(*req)); 1552 /* Reject if config buffer is too small. */
1553 len = cmd->len - sizeof(*req);
1554 if (l2cap_pi(sk)->conf_len + len > sizeof(l2cap_pi(sk)->conf_req)) {
1555 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP,
1556 l2cap_build_conf_rsp(sk, rsp,
1557 L2CAP_CONF_REJECT, flags), rsp);
1558 goto unlock;
1559 }
1560
1561 /* Store config. */
1562 memcpy(l2cap_pi(sk)->conf_req + l2cap_pi(sk)->conf_len, req->data, len);
1563 l2cap_pi(sk)->conf_len += len;
1552 1564
1553 if (flags & 0x0001) { 1565 if (flags & 0x0001) {
1554 /* Incomplete config. Send empty response. */ 1566 /* Incomplete config. Send empty response. */
1555 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, 1567 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP,
1556 l2cap_build_conf_rsp(sk, rsp, NULL), rsp); 1568 l2cap_build_conf_rsp(sk, rsp,
1569 L2CAP_CONF_SUCCESS, 0x0001), rsp);
1557 goto unlock; 1570 goto unlock;
1558 } 1571 }
1559 1572
1560 /* Complete config. */ 1573 /* Complete config. */
1561 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, 1574 len = l2cap_parse_conf_req(sk, rsp);
1562 l2cap_build_conf_rsp(sk, rsp, &result), rsp); 1575 if (len < 0)
1563
1564 if (result)
1565 goto unlock; 1576 goto unlock;
1566 1577
1567 /* Output config done */ 1578 l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, len, rsp);
1579
1580 /* Output config done. */
1568 l2cap_pi(sk)->conf_state |= L2CAP_CONF_OUTPUT_DONE; 1581 l2cap_pi(sk)->conf_state |= L2CAP_CONF_OUTPUT_DONE;
1569 1582
1583 /* Reset config buffer. */
1584 l2cap_pi(sk)->conf_len = 0;
1585
1570 if (l2cap_pi(sk)->conf_state & L2CAP_CONF_INPUT_DONE) { 1586 if (l2cap_pi(sk)->conf_state & L2CAP_CONF_INPUT_DONE) {
1571 sk->sk_state = BT_CONNECTED; 1587 sk->sk_state = BT_CONNECTED;
1572 l2cap_chan_ready(sk); 1588 l2cap_chan_ready(sk);
diff --git a/net/core/sock.c b/net/core/sock.c
index 22183c2ef2..7e51d3a5e4 100644
--- a/net/core/sock.c
+++ b/net/core/sock.c
@@ -206,7 +206,19 @@ static int sock_set_timeout(long *timeo_p, char __user *optval, int optlen)
206 return -EINVAL; 206 return -EINVAL;
207 if (copy_from_user(&tv, optval, sizeof(tv))) 207 if (copy_from_user(&tv, optval, sizeof(tv)))
208 return -EFAULT; 208 return -EFAULT;
209 209 if (tv.tv_usec < 0 || tv.tv_usec >= USEC_PER_SEC)
210 return -EDOM;
211
212 if (tv.tv_sec < 0) {
213 static int warned = 0;
214 *timeo_p = 0;
215 if (warned < 10 && net_ratelimit())
216 warned++;
217 printk(KERN_INFO "sock_set_timeout: `%s' (pid %d) "
218 "tries to set negative timeout\n",
219 current->comm, current->pid);
220 return 0;
221 }
210 *timeo_p = MAX_SCHEDULE_TIMEOUT; 222 *timeo_p = MAX_SCHEDULE_TIMEOUT;
211 if (tv.tv_sec == 0 && tv.tv_usec == 0) 223 if (tv.tv_sec == 0 && tv.tv_usec == 0)
212 return 0; 224 return 0;
diff --git a/net/core/sysctl_net_core.c b/net/core/sysctl_net_core.c
index b29712033d..f34aca041a 100644
--- a/net/core/sysctl_net_core.c
+++ b/net/core/sysctl_net_core.c
@@ -24,6 +24,7 @@ extern int sysctl_core_destroy_delay;
24#ifdef CONFIG_XFRM 24#ifdef CONFIG_XFRM
25extern u32 sysctl_xfrm_aevent_etime; 25extern u32 sysctl_xfrm_aevent_etime;
26extern u32 sysctl_xfrm_aevent_rseqth; 26extern u32 sysctl_xfrm_aevent_rseqth;
27extern int sysctl_xfrm_larval_drop;
27#endif 28#endif
28 29
29ctl_table core_table[] = { 30ctl_table core_table[] = {
@@ -118,6 +119,14 @@ ctl_table core_table[] = {
118 .mode = 0644, 119 .mode = 0644,
119 .proc_handler = &proc_dointvec 120 .proc_handler = &proc_dointvec
120 }, 121 },
122 {
123 .ctl_name = CTL_UNNUMBERED,
124 .procname = "xfrm_larval_drop",
125 .data = &sysctl_xfrm_larval_drop,
126 .maxlen = sizeof(int),
127 .mode = 0644,
128 .proc_handler = &proc_dointvec
129 },
121#endif /* CONFIG_XFRM */ 130#endif /* CONFIG_XFRM */
122#endif /* CONFIG_NET */ 131#endif /* CONFIG_NET */
123 { 132 {
diff --git a/net/dccp/Kconfig b/net/dccp/Kconfig
index b8a68dd410..0549e4719b 100644
--- a/net/dccp/Kconfig
+++ b/net/dccp/Kconfig
@@ -1,8 +1,6 @@
1menu "DCCP Configuration (EXPERIMENTAL)" 1menuconfig IP_DCCP
2 depends on INET && EXPERIMENTAL
3
4config IP_DCCP
5 tristate "The DCCP Protocol (EXPERIMENTAL)" 2 tristate "The DCCP Protocol (EXPERIMENTAL)"
3 depends on INET && EXPERIMENTAL
6 ---help--- 4 ---help---
7 Datagram Congestion Control Protocol (RFC 4340) 5 Datagram Congestion Control Protocol (RFC 4340)
8 6
@@ -19,19 +17,20 @@ config IP_DCCP
19 17
20 If in doubt, say N. 18 If in doubt, say N.
21 19
20if IP_DCCP
21
22config INET_DCCP_DIAG 22config INET_DCCP_DIAG
23 depends on IP_DCCP && INET_DIAG 23 depends on INET_DIAG
24 def_tristate y if (IP_DCCP = y && INET_DIAG = y) 24 def_tristate y if (IP_DCCP = y && INET_DIAG = y)
25 def_tristate m 25 def_tristate m
26 26
27config IP_DCCP_ACKVEC 27config IP_DCCP_ACKVEC
28 depends on IP_DCCP
29 bool 28 bool
30 29
31source "net/dccp/ccids/Kconfig" 30source "net/dccp/ccids/Kconfig"
32 31
33menu "DCCP Kernel Hacking" 32menu "DCCP Kernel Hacking"
34 depends on IP_DCCP && DEBUG_KERNEL=y 33 depends on DEBUG_KERNEL=y
35 34
36config IP_DCCP_DEBUG 35config IP_DCCP_DEBUG
37 bool "DCCP debug messages" 36 bool "DCCP debug messages"
@@ -61,4 +60,4 @@ config NET_DCCPPROBE
61 60
62endmenu 61endmenu
63 62
64endmenu 63endif # IP_DDCP
diff --git a/net/dccp/ccids/ccid3.c b/net/dccp/ccids/ccid3.c
index d7d9ce7372..ec7fa4d67f 100644
--- a/net/dccp/ccids/ccid3.c
+++ b/net/dccp/ccids/ccid3.c
@@ -419,7 +419,6 @@ static void ccid3_hc_tx_packet_sent(struct sock *sk, int more,
419 419
420static void ccid3_hc_tx_packet_recv(struct sock *sk, struct sk_buff *skb) 420static void ccid3_hc_tx_packet_recv(struct sock *sk, struct sk_buff *skb)
421{ 421{
422 const struct dccp_sock *dp = dccp_sk(sk);
423 struct ccid3_hc_tx_sock *hctx = ccid3_hc_tx_sk(sk); 422 struct ccid3_hc_tx_sock *hctx = ccid3_hc_tx_sk(sk);
424 struct ccid3_options_received *opt_recv; 423 struct ccid3_options_received *opt_recv;
425 struct dccp_tx_hist_entry *packet; 424 struct dccp_tx_hist_entry *packet;
@@ -491,7 +490,7 @@ static void ccid3_hc_tx_packet_recv(struct sock *sk, struct sk_buff *skb)
491 ccid3_pr_debug("%s(%p), s=%u, MSS=%u, " 490 ccid3_pr_debug("%s(%p), s=%u, MSS=%u, "
492 "R_sample=%uus, X=%u\n", dccp_role(sk), 491 "R_sample=%uus, X=%u\n", dccp_role(sk),
493 sk, hctx->ccid3hctx_s, 492 sk, hctx->ccid3hctx_s,
494 dp->dccps_mss_cache, r_sample, 493 dccp_sk(sk)->dccps_mss_cache, r_sample,
495 (unsigned)(hctx->ccid3hctx_x >> 6)); 494 (unsigned)(hctx->ccid3hctx_x >> 6));
496 495
497 ccid3_hc_tx_set_state(sk, TFRC_SSTATE_FBACK); 496 ccid3_hc_tx_set_state(sk, TFRC_SSTATE_FBACK);
diff --git a/net/dccp/ipv6.c b/net/dccp/ipv6.c
index 64eac2515a..31737cdf15 100644
--- a/net/dccp/ipv6.c
+++ b/net/dccp/ipv6.c
@@ -1043,9 +1043,13 @@ static int dccp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
1043 if (final_p) 1043 if (final_p)
1044 ipv6_addr_copy(&fl.fl6_dst, final_p); 1044 ipv6_addr_copy(&fl.fl6_dst, final_p);
1045 1045
1046 err = xfrm_lookup(&dst, &fl, sk, 1); 1046 err = __xfrm_lookup(&dst, &fl, sk, 1);
1047 if (err < 0) 1047 if (err < 0) {
1048 goto failure; 1048 if (err == -EREMOTE)
1049 err = ip6_dst_blackhole(sk, &dst, &fl);
1050 if (err < 0)
1051 goto failure;
1052 }
1049 1053
1050 if (saddr == NULL) { 1054 if (saddr == NULL) {
1051 saddr = &fl.fl6_src; 1055 saddr = &fl.fl6_src;
diff --git a/net/ipv4/fib_hash.c b/net/ipv4/fib_hash.c
index 9cfecf1215..07e843a47d 100644
--- a/net/ipv4/fib_hash.c
+++ b/net/ipv4/fib_hash.c
@@ -456,6 +456,8 @@ static int fn_hash_insert(struct fib_table *tb, struct fib_config *cfg)
456 fib_release_info(fi_drop); 456 fib_release_info(fi_drop);
457 if (state & FA_S_ACCESSED) 457 if (state & FA_S_ACCESSED)
458 rt_cache_flush(-1); 458 rt_cache_flush(-1);
459 rtmsg_fib(RTM_NEWROUTE, key, fa, cfg->fc_dst_len, tb->tb_id,
460 &cfg->fc_nlinfo, NLM_F_REPLACE);
459 return 0; 461 return 0;
460 } 462 }
461 463
@@ -523,7 +525,7 @@ static int fn_hash_insert(struct fib_table *tb, struct fib_config *cfg)
523 rt_cache_flush(-1); 525 rt_cache_flush(-1);
524 526
525 rtmsg_fib(RTM_NEWROUTE, key, new_fa, cfg->fc_dst_len, tb->tb_id, 527 rtmsg_fib(RTM_NEWROUTE, key, new_fa, cfg->fc_dst_len, tb->tb_id,
526 &cfg->fc_nlinfo); 528 &cfg->fc_nlinfo, 0);
527 return 0; 529 return 0;
528 530
529out_free_new_fa: 531out_free_new_fa:
@@ -589,7 +591,7 @@ static int fn_hash_delete(struct fib_table *tb, struct fib_config *cfg)
589 591
590 fa = fa_to_delete; 592 fa = fa_to_delete;
591 rtmsg_fib(RTM_DELROUTE, key, fa, cfg->fc_dst_len, 593 rtmsg_fib(RTM_DELROUTE, key, fa, cfg->fc_dst_len,
592 tb->tb_id, &cfg->fc_nlinfo); 594 tb->tb_id, &cfg->fc_nlinfo, 0);
593 595
594 kill_fn = 0; 596 kill_fn = 0;
595 write_lock_bh(&fib_hash_lock); 597 write_lock_bh(&fib_hash_lock);
diff --git a/net/ipv4/fib_lookup.h b/net/ipv4/fib_lookup.h
index 0e8b70bad4..eef9eec17e 100644
--- a/net/ipv4/fib_lookup.h
+++ b/net/ipv4/fib_lookup.h
@@ -30,7 +30,8 @@ extern int fib_dump_info(struct sk_buff *skb, u32 pid, u32 seq, int event,
30 int dst_len, u8 tos, struct fib_info *fi, 30 int dst_len, u8 tos, struct fib_info *fi,
31 unsigned int); 31 unsigned int);
32extern void rtmsg_fib(int event, __be32 key, struct fib_alias *fa, 32extern void rtmsg_fib(int event, __be32 key, struct fib_alias *fa,
33 int dst_len, u32 tb_id, struct nl_info *info); 33 int dst_len, u32 tb_id, struct nl_info *info,
34 unsigned int nlm_flags);
34extern struct fib_alias *fib_find_alias(struct list_head *fah, 35extern struct fib_alias *fib_find_alias(struct list_head *fah,
35 u8 tos, u32 prio); 36 u8 tos, u32 prio);
36extern int fib_detect_death(struct fib_info *fi, int order, 37extern int fib_detect_death(struct fib_info *fi, int order,
diff --git a/net/ipv4/fib_semantics.c b/net/ipv4/fib_semantics.c
index 406ea7050a..bb94550d95 100644
--- a/net/ipv4/fib_semantics.c
+++ b/net/ipv4/fib_semantics.c
@@ -301,7 +301,8 @@ static inline size_t fib_nlmsg_size(struct fib_info *fi)
301} 301}
302 302
303void rtmsg_fib(int event, __be32 key, struct fib_alias *fa, 303void rtmsg_fib(int event, __be32 key, struct fib_alias *fa,
304 int dst_len, u32 tb_id, struct nl_info *info) 304 int dst_len, u32 tb_id, struct nl_info *info,
305 unsigned int nlm_flags)
305{ 306{
306 struct sk_buff *skb; 307 struct sk_buff *skb;
307 u32 seq = info->nlh ? info->nlh->nlmsg_seq : 0; 308 u32 seq = info->nlh ? info->nlh->nlmsg_seq : 0;
@@ -313,7 +314,7 @@ void rtmsg_fib(int event, __be32 key, struct fib_alias *fa,
313 314
314 err = fib_dump_info(skb, info->pid, seq, event, tb_id, 315 err = fib_dump_info(skb, info->pid, seq, event, tb_id,
315 fa->fa_type, fa->fa_scope, key, dst_len, 316 fa->fa_type, fa->fa_scope, key, dst_len,
316 fa->fa_tos, fa->fa_info, 0); 317 fa->fa_tos, fa->fa_info, nlm_flags);
317 if (err < 0) { 318 if (err < 0) {
318 /* -EMSGSIZE implies BUG in fib_nlmsg_size() */ 319 /* -EMSGSIZE implies BUG in fib_nlmsg_size() */
319 WARN_ON(err == -EMSGSIZE); 320 WARN_ON(err == -EMSGSIZE);
diff --git a/net/ipv4/fib_trie.c b/net/ipv4/fib_trie.c
index 9be7da7c3a..30e332ade6 100644
--- a/net/ipv4/fib_trie.c
+++ b/net/ipv4/fib_trie.c
@@ -1226,6 +1226,8 @@ static int fn_trie_insert(struct fib_table *tb, struct fib_config *cfg)
1226 fib_release_info(fi_drop); 1226 fib_release_info(fi_drop);
1227 if (state & FA_S_ACCESSED) 1227 if (state & FA_S_ACCESSED)
1228 rt_cache_flush(-1); 1228 rt_cache_flush(-1);
1229 rtmsg_fib(RTM_NEWROUTE, htonl(key), new_fa, plen,
1230 tb->tb_id, &cfg->fc_nlinfo, NLM_F_REPLACE);
1229 1231
1230 goto succeeded; 1232 goto succeeded;
1231 } 1233 }
@@ -1278,7 +1280,7 @@ static int fn_trie_insert(struct fib_table *tb, struct fib_config *cfg)
1278 1280
1279 rt_cache_flush(-1); 1281 rt_cache_flush(-1);
1280 rtmsg_fib(RTM_NEWROUTE, htonl(key), new_fa, plen, tb->tb_id, 1282 rtmsg_fib(RTM_NEWROUTE, htonl(key), new_fa, plen, tb->tb_id,
1281 &cfg->fc_nlinfo); 1283 &cfg->fc_nlinfo, 0);
1282succeeded: 1284succeeded:
1283 return 0; 1285 return 0;
1284 1286
@@ -1624,7 +1626,7 @@ static int fn_trie_delete(struct fib_table *tb, struct fib_config *cfg)
1624 1626
1625 fa = fa_to_delete; 1627 fa = fa_to_delete;
1626 rtmsg_fib(RTM_DELROUTE, htonl(key), fa, plen, tb->tb_id, 1628 rtmsg_fib(RTM_DELROUTE, htonl(key), fa, plen, tb->tb_id,
1627 &cfg->fc_nlinfo); 1629 &cfg->fc_nlinfo, 0);
1628 1630
1629 l = fib_find_node(t, key); 1631 l = fib_find_node(t, key);
1630 li = find_leaf_info(l, plen); 1632 li = find_leaf_info(l, plen);
diff --git a/net/ipv4/ipvs/Kconfig b/net/ipv4/ipvs/Kconfig
index 891b9355cf..09d0c3f356 100644
--- a/net/ipv4/ipvs/Kconfig
+++ b/net/ipv4/ipvs/Kconfig
@@ -1,10 +1,7 @@
1# 1#
2# IP Virtual Server configuration 2# IP Virtual Server configuration
3# 3#
4menu "IP: Virtual Server Configuration" 4menuconfig IP_VS
5 depends on NETFILTER
6
7config IP_VS
8 tristate "IP virtual server support (EXPERIMENTAL)" 5 tristate "IP virtual server support (EXPERIMENTAL)"
9 depends on NETFILTER 6 depends on NETFILTER
10 ---help--- 7 ---help---
@@ -25,9 +22,10 @@ config IP_VS
25 If you want to compile it in kernel, say Y. To compile it as a 22 If you want to compile it in kernel, say Y. To compile it as a
26 module, choose M here. If unsure, say N. 23 module, choose M here. If unsure, say N.
27 24
25if IP_VS
26
28config IP_VS_DEBUG 27config IP_VS_DEBUG
29 bool "IP virtual server debugging" 28 bool "IP virtual server debugging"
30 depends on IP_VS
31 ---help--- 29 ---help---
32 Say Y here if you want to get additional messages useful in 30 Say Y here if you want to get additional messages useful in
33 debugging the IP virtual server code. You can change the debug 31 debugging the IP virtual server code. You can change the debug
@@ -35,7 +33,6 @@ config IP_VS_DEBUG
35 33
36config IP_VS_TAB_BITS 34config IP_VS_TAB_BITS
37 int "IPVS connection table size (the Nth power of 2)" 35 int "IPVS connection table size (the Nth power of 2)"
38 depends on IP_VS
39 default "12" 36 default "12"
40 ---help--- 37 ---help---
41 The IPVS connection hash table uses the chaining scheme to handle 38 The IPVS connection hash table uses the chaining scheme to handle
@@ -61,42 +58,35 @@ config IP_VS_TAB_BITS
61 needed for your box. 58 needed for your box.
62 59
63comment "IPVS transport protocol load balancing support" 60comment "IPVS transport protocol load balancing support"
64 depends on IP_VS
65 61
66config IP_VS_PROTO_TCP 62config IP_VS_PROTO_TCP
67 bool "TCP load balancing support" 63 bool "TCP load balancing support"
68 depends on IP_VS
69 ---help--- 64 ---help---
70 This option enables support for load balancing TCP transport 65 This option enables support for load balancing TCP transport
71 protocol. Say Y if unsure. 66 protocol. Say Y if unsure.
72 67
73config IP_VS_PROTO_UDP 68config IP_VS_PROTO_UDP
74 bool "UDP load balancing support" 69 bool "UDP load balancing support"
75 depends on IP_VS
76 ---help--- 70 ---help---
77 This option enables support for load balancing UDP transport 71 This option enables support for load balancing UDP transport
78 protocol. Say Y if unsure. 72 protocol. Say Y if unsure.
79 73
80config IP_VS_PROTO_ESP 74config IP_VS_PROTO_ESP
81 bool "ESP load balancing support" 75 bool "ESP load balancing support"
82 depends on IP_VS
83 ---help--- 76 ---help---
84 This option enables support for load balancing ESP (Encapsulation 77 This option enables support for load balancing ESP (Encapsulation
85 Security Payload) transport protocol. Say Y if unsure. 78 Security Payload) transport protocol. Say Y if unsure.
86 79
87config IP_VS_PROTO_AH 80config IP_VS_PROTO_AH
88 bool "AH load balancing support" 81 bool "AH load balancing support"
89 depends on IP_VS
90 ---help--- 82 ---help---
91 This option enables support for load balancing AH (Authentication 83 This option enables support for load balancing AH (Authentication
92 Header) transport protocol. Say Y if unsure. 84 Header) transport protocol. Say Y if unsure.
93 85
94comment "IPVS scheduler" 86comment "IPVS scheduler"
95 depends on IP_VS
96 87
97config IP_VS_RR 88config IP_VS_RR
98 tristate "round-robin scheduling" 89 tristate "round-robin scheduling"
99 depends on IP_VS
100 ---help--- 90 ---help---
101 The robin-robin scheduling algorithm simply directs network 91 The robin-robin scheduling algorithm simply directs network
102 connections to different real servers in a round-robin manner. 92 connections to different real servers in a round-robin manner.
@@ -106,7 +96,6 @@ config IP_VS_RR
106 96
107config IP_VS_WRR 97config IP_VS_WRR
108 tristate "weighted round-robin scheduling" 98 tristate "weighted round-robin scheduling"
109 depends on IP_VS
110 ---help--- 99 ---help---
111 The weighted robin-robin scheduling algorithm directs network 100 The weighted robin-robin scheduling algorithm directs network
112 connections to different real servers based on server weights 101 connections to different real servers based on server weights
@@ -120,7 +109,6 @@ config IP_VS_WRR
120 109
121config IP_VS_LC 110config IP_VS_LC
122 tristate "least-connection scheduling" 111 tristate "least-connection scheduling"
123 depends on IP_VS
124 ---help--- 112 ---help---
125 The least-connection scheduling algorithm directs network 113 The least-connection scheduling algorithm directs network
126 connections to the server with the least number of active 114 connections to the server with the least number of active
@@ -131,7 +119,6 @@ config IP_VS_LC
131 119
132config IP_VS_WLC 120config IP_VS_WLC
133 tristate "weighted least-connection scheduling" 121 tristate "weighted least-connection scheduling"
134 depends on IP_VS
135 ---help--- 122 ---help---
136 The weighted least-connection scheduling algorithm directs network 123 The weighted least-connection scheduling algorithm directs network
137 connections to the server with the least active connections 124 connections to the server with the least active connections
@@ -142,7 +129,6 @@ config IP_VS_WLC
142 129
143config IP_VS_LBLC 130config IP_VS_LBLC
144 tristate "locality-based least-connection scheduling" 131 tristate "locality-based least-connection scheduling"
145 depends on IP_VS
146 ---help--- 132 ---help---
147 The locality-based least-connection scheduling algorithm is for 133 The locality-based least-connection scheduling algorithm is for
148 destination IP load balancing. It is usually used in cache cluster. 134 destination IP load balancing. It is usually used in cache cluster.
@@ -157,7 +143,6 @@ config IP_VS_LBLC
157 143
158config IP_VS_LBLCR 144config IP_VS_LBLCR
159 tristate "locality-based least-connection with replication scheduling" 145 tristate "locality-based least-connection with replication scheduling"
160 depends on IP_VS
161 ---help--- 146 ---help---
162 The locality-based least-connection with replication scheduling 147 The locality-based least-connection with replication scheduling
163 algorithm is also for destination IP load balancing. It is 148 algorithm is also for destination IP load balancing. It is
@@ -176,7 +161,6 @@ config IP_VS_LBLCR
176 161
177config IP_VS_DH 162config IP_VS_DH
178 tristate "destination hashing scheduling" 163 tristate "destination hashing scheduling"
179 depends on IP_VS
180 ---help--- 164 ---help---
181 The destination hashing scheduling algorithm assigns network 165 The destination hashing scheduling algorithm assigns network
182 connections to the servers through looking up a statically assigned 166 connections to the servers through looking up a statically assigned
@@ -187,7 +171,6 @@ config IP_VS_DH
187 171
188config IP_VS_SH 172config IP_VS_SH
189 tristate "source hashing scheduling" 173 tristate "source hashing scheduling"
190 depends on IP_VS
191 ---help--- 174 ---help---
192 The source hashing scheduling algorithm assigns network 175 The source hashing scheduling algorithm assigns network
193 connections to the servers through looking up a statically assigned 176 connections to the servers through looking up a statically assigned
@@ -198,7 +181,6 @@ config IP_VS_SH
198 181
199config IP_VS_SED 182config IP_VS_SED
200 tristate "shortest expected delay scheduling" 183 tristate "shortest expected delay scheduling"
201 depends on IP_VS
202 ---help--- 184 ---help---
203 The shortest expected delay scheduling algorithm assigns network 185 The shortest expected delay scheduling algorithm assigns network
204 connections to the server with the shortest expected delay. The 186 connections to the server with the shortest expected delay. The
@@ -212,7 +194,6 @@ config IP_VS_SED
212 194
213config IP_VS_NQ 195config IP_VS_NQ
214 tristate "never queue scheduling" 196 tristate "never queue scheduling"
215 depends on IP_VS
216 ---help--- 197 ---help---
217 The never queue scheduling algorithm adopts a two-speed model. 198 The never queue scheduling algorithm adopts a two-speed model.
218 When there is an idle server available, the job will be sent to 199 When there is an idle server available, the job will be sent to
@@ -225,11 +206,10 @@ config IP_VS_NQ
225 module, choose M here. If unsure, say N. 206 module, choose M here. If unsure, say N.
226 207
227comment 'IPVS application helper' 208comment 'IPVS application helper'
228 depends on IP_VS
229 209
230config IP_VS_FTP 210config IP_VS_FTP
231 tristate "FTP protocol helper" 211 tristate "FTP protocol helper"
232 depends on IP_VS && IP_VS_PROTO_TCP 212 depends on IP_VS_PROTO_TCP
233 ---help--- 213 ---help---
234 FTP is a protocol that transfers IP address and/or port number in 214 FTP is a protocol that transfers IP address and/or port number in
235 the payload. In the virtual server via Network Address Translation, 215 the payload. In the virtual server via Network Address Translation,
@@ -241,4 +221,4 @@ config IP_VS_FTP
241 If you want to compile it in kernel, say Y. To compile it as a 221 If you want to compile it in kernel, say Y. To compile it as a
242 module, choose M here. If unsure, say N. 222 module, choose M here. If unsure, say N.
243 223
244endmenu 224endif # IP_VS
diff --git a/net/ipv4/netfilter/nf_nat_ftp.c b/net/ipv4/netfilter/nf_nat_ftp.c
index 751b598017..e6bc8e5a72 100644
--- a/net/ipv4/netfilter/nf_nat_ftp.c
+++ b/net/ipv4/netfilter/nf_nat_ftp.c
@@ -40,8 +40,7 @@ mangle_rfc959_packet(struct sk_buff **pskb,
40 unsigned int matchoff, 40 unsigned int matchoff,
41 unsigned int matchlen, 41 unsigned int matchlen,
42 struct nf_conn *ct, 42 struct nf_conn *ct,
43 enum ip_conntrack_info ctinfo, 43 enum ip_conntrack_info ctinfo)
44 u32 *seq)
45{ 44{
46 char buffer[sizeof("nnn,nnn,nnn,nnn,nnn,nnn")]; 45 char buffer[sizeof("nnn,nnn,nnn,nnn,nnn,nnn")];
47 46
@@ -50,7 +49,6 @@ mangle_rfc959_packet(struct sk_buff **pskb,
50 49
51 DEBUGP("calling nf_nat_mangle_tcp_packet\n"); 50 DEBUGP("calling nf_nat_mangle_tcp_packet\n");
52 51
53 *seq += strlen(buffer) - matchlen;
54 return nf_nat_mangle_tcp_packet(pskb, ct, ctinfo, matchoff, 52 return nf_nat_mangle_tcp_packet(pskb, ct, ctinfo, matchoff,
55 matchlen, buffer, strlen(buffer)); 53 matchlen, buffer, strlen(buffer));
56} 54}
@@ -63,8 +61,7 @@ mangle_eprt_packet(struct sk_buff **pskb,
63 unsigned int matchoff, 61 unsigned int matchoff,
64 unsigned int matchlen, 62 unsigned int matchlen,
65 struct nf_conn *ct, 63 struct nf_conn *ct,
66 enum ip_conntrack_info ctinfo, 64 enum ip_conntrack_info ctinfo)
67 u32 *seq)
68{ 65{
69 char buffer[sizeof("|1|255.255.255.255|65535|")]; 66 char buffer[sizeof("|1|255.255.255.255|65535|")];
70 67
@@ -72,7 +69,6 @@ mangle_eprt_packet(struct sk_buff **pskb,
72 69
73 DEBUGP("calling nf_nat_mangle_tcp_packet\n"); 70 DEBUGP("calling nf_nat_mangle_tcp_packet\n");
74 71
75 *seq += strlen(buffer) - matchlen;
76 return nf_nat_mangle_tcp_packet(pskb, ct, ctinfo, matchoff, 72 return nf_nat_mangle_tcp_packet(pskb, ct, ctinfo, matchoff,
77 matchlen, buffer, strlen(buffer)); 73 matchlen, buffer, strlen(buffer));
78} 74}
@@ -85,8 +81,7 @@ mangle_epsv_packet(struct sk_buff **pskb,
85 unsigned int matchoff, 81 unsigned int matchoff,
86 unsigned int matchlen, 82 unsigned int matchlen,
87 struct nf_conn *ct, 83 struct nf_conn *ct,
88 enum ip_conntrack_info ctinfo, 84 enum ip_conntrack_info ctinfo)
89 u32 *seq)
90{ 85{
91 char buffer[sizeof("|||65535|")]; 86 char buffer[sizeof("|||65535|")];
92 87
@@ -94,14 +89,13 @@ mangle_epsv_packet(struct sk_buff **pskb,
94 89
95 DEBUGP("calling nf_nat_mangle_tcp_packet\n"); 90 DEBUGP("calling nf_nat_mangle_tcp_packet\n");
96 91
97 *seq += strlen(buffer) - matchlen;
98 return nf_nat_mangle_tcp_packet(pskb, ct, ctinfo, matchoff, 92 return nf_nat_mangle_tcp_packet(pskb, ct, ctinfo, matchoff,
99 matchlen, buffer, strlen(buffer)); 93 matchlen, buffer, strlen(buffer));
100} 94}
101 95
102static int (*mangle[])(struct sk_buff **, __be32, u_int16_t, 96static int (*mangle[])(struct sk_buff **, __be32, u_int16_t,
103 unsigned int, unsigned int, struct nf_conn *, 97 unsigned int, unsigned int, struct nf_conn *,
104 enum ip_conntrack_info, u32 *seq) 98 enum ip_conntrack_info)
105= { 99= {
106 [NF_CT_FTP_PORT] = mangle_rfc959_packet, 100 [NF_CT_FTP_PORT] = mangle_rfc959_packet,
107 [NF_CT_FTP_PASV] = mangle_rfc959_packet, 101 [NF_CT_FTP_PASV] = mangle_rfc959_packet,
@@ -116,8 +110,7 @@ static unsigned int nf_nat_ftp(struct sk_buff **pskb,
116 enum nf_ct_ftp_type type, 110 enum nf_ct_ftp_type type,
117 unsigned int matchoff, 111 unsigned int matchoff,
118 unsigned int matchlen, 112 unsigned int matchlen,
119 struct nf_conntrack_expect *exp, 113 struct nf_conntrack_expect *exp)
120 u32 *seq)
121{ 114{
122 __be32 newip; 115 __be32 newip;
123 u_int16_t port; 116 u_int16_t port;
@@ -145,8 +138,7 @@ static unsigned int nf_nat_ftp(struct sk_buff **pskb,
145 if (port == 0) 138 if (port == 0)
146 return NF_DROP; 139 return NF_DROP;
147 140
148 if (!mangle[type](pskb, newip, port, matchoff, matchlen, ct, ctinfo, 141 if (!mangle[type](pskb, newip, port, matchoff, matchlen, ct, ctinfo)) {
149 seq)) {
150 nf_conntrack_unexpect_related(exp); 142 nf_conntrack_unexpect_related(exp);
151 return NF_DROP; 143 return NF_DROP;
152 } 144 }
diff --git a/net/ipv4/netfilter/nf_nat_h323.c b/net/ipv4/netfilter/nf_nat_h323.c
index fcebc968d3..c5d2a2d690 100644
--- a/net/ipv4/netfilter/nf_nat_h323.c
+++ b/net/ipv4/netfilter/nf_nat_h323.c
@@ -455,9 +455,9 @@ static int nat_q931(struct sk_buff **pskb, struct nf_conn *ct,
455 if (idx > 0 && 455 if (idx > 0 &&
456 get_h225_addr(ct, *data, &taddr[0], &addr, &port) && 456 get_h225_addr(ct, *data, &taddr[0], &addr, &port) &&
457 (ntohl(addr.ip) & 0xff000000) == 0x7f000000) { 457 (ntohl(addr.ip) & 0xff000000) == 0x7f000000) {
458 set_h225_addr_hook(pskb, data, 0, &taddr[0], 458 set_h225_addr(pskb, data, 0, &taddr[0],
459 &ct->tuplehash[!dir].tuple.dst.u3, 459 &ct->tuplehash[!dir].tuple.dst.u3,
460 info->sig_port[!dir]); 460 info->sig_port[!dir]);
461 } 461 }
462 } else { 462 } else {
463 nf_conntrack_unexpect_related(exp); 463 nf_conntrack_unexpect_related(exp);
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index df9fe4f2e8..8603cfb271 100644
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -2598,6 +2598,69 @@ int __ip_route_output_key(struct rtable **rp, const struct flowi *flp)
2598 2598
2599EXPORT_SYMBOL_GPL(__ip_route_output_key); 2599EXPORT_SYMBOL_GPL(__ip_route_output_key);
2600 2600
2601static void ipv4_rt_blackhole_update_pmtu(struct dst_entry *dst, u32 mtu)
2602{
2603}
2604
2605static struct dst_ops ipv4_dst_blackhole_ops = {
2606 .family = AF_INET,
2607 .protocol = __constant_htons(ETH_P_IP),
2608 .destroy = ipv4_dst_destroy,
2609 .check = ipv4_dst_check,
2610 .update_pmtu = ipv4_rt_blackhole_update_pmtu,
2611 .entry_size = sizeof(struct rtable),
2612};
2613
2614
2615static int ipv4_blackhole_output(struct sk_buff *skb)
2616{
2617 kfree_skb(skb);
2618 return 0;
2619}
2620
2621static int ipv4_dst_blackhole(struct rtable **rp, struct flowi *flp, struct sock *sk)
2622{
2623 struct rtable *ort = *rp;
2624 struct rtable *rt = (struct rtable *)
2625 dst_alloc(&ipv4_dst_blackhole_ops);
2626
2627 if (rt) {
2628 struct dst_entry *new = &rt->u.dst;
2629
2630 atomic_set(&new->__refcnt, 1);
2631 new->__use = 1;
2632 new->input = ipv4_blackhole_output;
2633 new->output = ipv4_blackhole_output;
2634 memcpy(new->metrics, ort->u.dst.metrics, RTAX_MAX*sizeof(u32));
2635
2636 new->dev = ort->u.dst.dev;
2637 if (new->dev)
2638 dev_hold(new->dev);
2639
2640 rt->fl = ort->fl;
2641
2642 rt->idev = ort->idev;
2643 if (rt->idev)
2644 in_dev_hold(rt->idev);
2645 rt->rt_flags = ort->rt_flags;
2646 rt->rt_type = ort->rt_type;
2647 rt->rt_dst = ort->rt_dst;
2648 rt->rt_src = ort->rt_src;
2649 rt->rt_iif = ort->rt_iif;
2650 rt->rt_gateway = ort->rt_gateway;
2651 rt->rt_spec_dst = ort->rt_spec_dst;
2652 rt->peer = ort->peer;
2653 if (rt->peer)
2654 atomic_inc(&rt->peer->refcnt);
2655
2656 dst_free(new);
2657 }
2658
2659 dst_release(&(*rp)->u.dst);
2660 *rp = rt;
2661 return (rt ? 0 : -ENOMEM);
2662}
2663
2601int ip_route_output_flow(struct rtable **rp, struct flowi *flp, struct sock *sk, int flags) 2664int ip_route_output_flow(struct rtable **rp, struct flowi *flp, struct sock *sk, int flags)
2602{ 2665{
2603 int err; 2666 int err;
@@ -2610,7 +2673,11 @@ int ip_route_output_flow(struct rtable **rp, struct flowi *flp, struct sock *sk,
2610 flp->fl4_src = (*rp)->rt_src; 2673 flp->fl4_src = (*rp)->rt_src;
2611 if (!flp->fl4_dst) 2674 if (!flp->fl4_dst)
2612 flp->fl4_dst = (*rp)->rt_dst; 2675 flp->fl4_dst = (*rp)->rt_dst;
2613 return xfrm_lookup((struct dst_entry **)rp, flp, sk, flags); 2676 err = __xfrm_lookup((struct dst_entry **)rp, flp, sk, flags);
2677 if (err == -EREMOTE)
2678 err = ipv4_dst_blackhole(rp, flp, sk);
2679
2680 return err;
2614 } 2681 }
2615 2682
2616 return 0; 2683 return 0;
@@ -3139,6 +3206,8 @@ int __init ip_rt_init(void)
3139 kmem_cache_create("ip_dst_cache", sizeof(struct rtable), 0, 3206 kmem_cache_create("ip_dst_cache", sizeof(struct rtable), 0,
3140 SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL, NULL); 3207 SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL, NULL);
3141 3208
3209 ipv4_dst_blackhole_ops.kmem_cachep = ipv4_dst_ops.kmem_cachep;
3210
3142 rt_hash_table = (struct rt_hash_bucket *) 3211 rt_hash_table = (struct rt_hash_bucket *)
3143 alloc_large_system_hash("IP route cache", 3212 alloc_large_system_hash("IP route cache",
3144 sizeof(struct rt_hash_bucket), 3213 sizeof(struct rt_hash_bucket),
diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
index c7ea248fae..329de679ac 100644
--- a/net/ipv6/addrconf.c
+++ b/net/ipv6/addrconf.c
@@ -2154,15 +2154,6 @@ static void addrconf_dev_config(struct net_device *dev)
2154 2154
2155 ASSERT_RTNL(); 2155 ASSERT_RTNL();
2156 2156
2157 if ((dev->type != ARPHRD_ETHER) &&
2158 (dev->type != ARPHRD_FDDI) &&
2159 (dev->type != ARPHRD_IEEE802_TR) &&
2160 (dev->type != ARPHRD_ARCNET) &&
2161 (dev->type != ARPHRD_INFINIBAND)) {
2162 /* Alas, we support only Ethernet autoconfiguration. */
2163 return;
2164 }
2165
2166 idev = addrconf_add_dev(dev); 2157 idev = addrconf_add_dev(dev);
2167 if (idev == NULL) 2158 if (idev == NULL)
2168 return; 2159 return;
@@ -2250,13 +2241,33 @@ static void addrconf_ip6_tnl_config(struct net_device *dev)
2250 ip6_tnl_add_linklocal(idev); 2241 ip6_tnl_add_linklocal(idev);
2251} 2242}
2252 2243
2244static int ipv6_hwtype(struct net_device *dev)
2245{
2246 if ((dev->type == ARPHRD_ETHER) ||
2247 (dev->type == ARPHRD_LOOPBACK) ||
2248 (dev->type == ARPHRD_SIT) ||
2249 (dev->type == ARPHRD_TUNNEL6) ||
2250 (dev->type == ARPHRD_FDDI) ||
2251 (dev->type == ARPHRD_IEEE802_TR) ||
2252 (dev->type == ARPHRD_ARCNET) ||
2253 (dev->type == ARPHRD_INFINIBAND))
2254 return 1;
2255
2256 return 0;
2257}
2258
2253static int addrconf_notify(struct notifier_block *this, unsigned long event, 2259static int addrconf_notify(struct notifier_block *this, unsigned long event,
2254 void * data) 2260 void * data)
2255{ 2261{
2256 struct net_device *dev = (struct net_device *) data; 2262 struct net_device *dev = (struct net_device *) data;
2257 struct inet6_dev *idev = __in6_dev_get(dev); 2263 struct inet6_dev *idev;
2258 int run_pending = 0; 2264 int run_pending = 0;
2259 2265
2266 if (!ipv6_hwtype(dev))
2267 return NOTIFY_OK;
2268
2269 idev = __in6_dev_get(dev);
2270
2260 switch(event) { 2271 switch(event) {
2261 case NETDEV_REGISTER: 2272 case NETDEV_REGISTER:
2262 if (!idev) { 2273 if (!idev) {
diff --git a/net/ipv6/datagram.c b/net/ipv6/datagram.c
index 403eee66b9..b1fe7ac5dc 100644
--- a/net/ipv6/datagram.c
+++ b/net/ipv6/datagram.c
@@ -177,8 +177,12 @@ ipv4_connected:
177 if (final_p) 177 if (final_p)
178 ipv6_addr_copy(&fl.fl6_dst, final_p); 178 ipv6_addr_copy(&fl.fl6_dst, final_p);
179 179
180 if ((err = xfrm_lookup(&dst, &fl, sk, 1)) < 0) 180 if ((err = __xfrm_lookup(&dst, &fl, sk, 1)) < 0) {
181 goto out; 181 if (err == -EREMOTE)
182 err = ip6_dst_blackhole(sk, &dst, &fl);
183 if (err < 0)
184 goto out;
185 }
182 186
183 /* source address lookup done in ip6_dst_lookup */ 187 /* source address lookup done in ip6_dst_lookup */
184 188
diff --git a/net/ipv6/raw.c b/net/ipv6/raw.c
index 009a1047fc..a58459a766 100644
--- a/net/ipv6/raw.c
+++ b/net/ipv6/raw.c
@@ -818,8 +818,12 @@ static int rawv6_sendmsg(struct kiocb *iocb, struct sock *sk,
818 if (final_p) 818 if (final_p)
819 ipv6_addr_copy(&fl.fl6_dst, final_p); 819 ipv6_addr_copy(&fl.fl6_dst, final_p);
820 820
821 if ((err = xfrm_lookup(&dst, &fl, sk, 1)) < 0) 821 if ((err = __xfrm_lookup(&dst, &fl, sk, 1)) < 0) {
822 goto out; 822 if (err == -EREMOTE)
823 err = ip6_dst_blackhole(sk, &dst, &fl);
824 if (err < 0)
825 goto out;
826 }
823 827
824 if (hlimit < 0) { 828 if (hlimit < 0) {
825 if (ipv6_addr_is_multicast(&fl.fl6_dst)) 829 if (ipv6_addr_is_multicast(&fl.fl6_dst))
diff --git a/net/ipv6/route.c b/net/ipv6/route.c
index b46ad53044..1324b06796 100644
--- a/net/ipv6/route.c
+++ b/net/ipv6/route.c
@@ -119,6 +119,19 @@ static struct dst_ops ip6_dst_ops = {
119 .entry_size = sizeof(struct rt6_info), 119 .entry_size = sizeof(struct rt6_info),
120}; 120};
121 121
122static void ip6_rt_blackhole_update_pmtu(struct dst_entry *dst, u32 mtu)
123{
124}
125
126static struct dst_ops ip6_dst_blackhole_ops = {
127 .family = AF_INET6,
128 .protocol = __constant_htons(ETH_P_IPV6),
129 .destroy = ip6_dst_destroy,
130 .check = ip6_dst_check,
131 .update_pmtu = ip6_rt_blackhole_update_pmtu,
132 .entry_size = sizeof(struct rt6_info),
133};
134
122struct rt6_info ip6_null_entry = { 135struct rt6_info ip6_null_entry = {
123 .u = { 136 .u = {
124 .dst = { 137 .dst = {
@@ -833,6 +846,54 @@ struct dst_entry * ip6_route_output(struct sock *sk, struct flowi *fl)
833 846
834EXPORT_SYMBOL(ip6_route_output); 847EXPORT_SYMBOL(ip6_route_output);
835 848
849static int ip6_blackhole_output(struct sk_buff *skb)
850{
851 kfree_skb(skb);
852 return 0;
853}
854
855int ip6_dst_blackhole(struct sock *sk, struct dst_entry **dstp, struct flowi *fl)
856{
857 struct rt6_info *ort = (struct rt6_info *) *dstp;
858 struct rt6_info *rt = (struct rt6_info *)
859 dst_alloc(&ip6_dst_blackhole_ops);
860 struct dst_entry *new = NULL;
861
862 if (rt) {
863 new = &rt->u.dst;
864
865 atomic_set(&new->__refcnt, 1);
866 new->__use = 1;
867 new->input = ip6_blackhole_output;
868 new->output = ip6_blackhole_output;
869
870 memcpy(new->metrics, ort->u.dst.metrics, RTAX_MAX*sizeof(u32));
871 new->dev = ort->u.dst.dev;
872 if (new->dev)
873 dev_hold(new->dev);
874 rt->rt6i_idev = ort->rt6i_idev;
875 if (rt->rt6i_idev)
876 in6_dev_hold(rt->rt6i_idev);
877 rt->rt6i_expires = 0;
878
879 ipv6_addr_copy(&rt->rt6i_gateway, &ort->rt6i_gateway);
880 rt->rt6i_flags = ort->rt6i_flags & ~RTF_EXPIRES;
881 rt->rt6i_metric = 0;
882
883 memcpy(&rt->rt6i_dst, &ort->rt6i_dst, sizeof(struct rt6key));
884#ifdef CONFIG_IPV6_SUBTREES
885 memcpy(&rt->rt6i_src, &ort->rt6i_src, sizeof(struct rt6key));
886#endif
887
888 dst_free(new);
889 }
890
891 dst_release(*dstp);
892 *dstp = new;
893 return (new ? 0 : -ENOMEM);
894}
895EXPORT_SYMBOL_GPL(ip6_dst_blackhole);
896
836/* 897/*
837 * Destination cache support functions 898 * Destination cache support functions
838 */ 899 */
@@ -2495,6 +2556,8 @@ void __init ip6_route_init(void)
2495 ip6_dst_ops.kmem_cachep = 2556 ip6_dst_ops.kmem_cachep =
2496 kmem_cache_create("ip6_dst_cache", sizeof(struct rt6_info), 0, 2557 kmem_cache_create("ip6_dst_cache", sizeof(struct rt6_info), 0,
2497 SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL, NULL); 2558 SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL, NULL);
2559 ip6_dst_blackhole_ops.kmem_cachep = ip6_dst_ops.kmem_cachep;
2560
2498 fib6_init(); 2561 fib6_init();
2499#ifdef CONFIG_PROC_FS 2562#ifdef CONFIG_PROC_FS
2500 p = proc_net_create("ipv6_route", 0, rt6_proc_info); 2563 p = proc_net_create("ipv6_route", 0, rt6_proc_info);
diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c
index e2f25ea43b..4f06a51ad4 100644
--- a/net/ipv6/tcp_ipv6.c
+++ b/net/ipv6/tcp_ipv6.c
@@ -265,8 +265,12 @@ static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
265 if (final_p) 265 if (final_p)
266 ipv6_addr_copy(&fl.fl6_dst, final_p); 266 ipv6_addr_copy(&fl.fl6_dst, final_p);
267 267
268 if ((err = xfrm_lookup(&dst, &fl, sk, 1)) < 0) 268 if ((err = __xfrm_lookup(&dst, &fl, sk, 1)) < 0) {
269 goto failure; 269 if (err == -EREMOTE)
270 err = ip6_dst_blackhole(sk, &dst, &fl);
271 if (err < 0)
272 goto failure;
273 }
270 274
271 if (saddr == NULL) { 275 if (saddr == NULL) {
272 saddr = &fl.fl6_src; 276 saddr = &fl.fl6_src;
diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c
index a7ae59c954..d1fbddd172 100644
--- a/net/ipv6/udp.c
+++ b/net/ipv6/udp.c
@@ -767,8 +767,12 @@ do_udp_sendmsg:
767 if (final_p) 767 if (final_p)
768 ipv6_addr_copy(&fl.fl6_dst, final_p); 768 ipv6_addr_copy(&fl.fl6_dst, final_p);
769 769
770 if ((err = xfrm_lookup(&dst, &fl, sk, 1)) < 0) 770 if ((err = __xfrm_lookup(&dst, &fl, sk, 1)) < 0) {
771 goto out; 771 if (err == -EREMOTE)
772 err = ip6_dst_blackhole(sk, &dst, &fl);
773 if (err < 0)
774 goto out;
775 }
772 776
773 if (hlimit < 0) { 777 if (hlimit < 0) {
774 if (ipv6_addr_is_multicast(&fl.fl6_dst)) 778 if (ipv6_addr_is_multicast(&fl.fl6_dst))
diff --git a/net/netfilter/nf_conntrack_ftp.c b/net/netfilter/nf_conntrack_ftp.c
index a186799f65..82db2aa53b 100644
--- a/net/netfilter/nf_conntrack_ftp.c
+++ b/net/netfilter/nf_conntrack_ftp.c
@@ -48,8 +48,7 @@ unsigned int (*nf_nat_ftp_hook)(struct sk_buff **pskb,
48 enum nf_ct_ftp_type type, 48 enum nf_ct_ftp_type type,
49 unsigned int matchoff, 49 unsigned int matchoff,
50 unsigned int matchlen, 50 unsigned int matchlen,
51 struct nf_conntrack_expect *exp, 51 struct nf_conntrack_expect *exp);
52 u32 *seq);
53EXPORT_SYMBOL_GPL(nf_nat_ftp_hook); 52EXPORT_SYMBOL_GPL(nf_nat_ftp_hook);
54 53
55#if 0 54#if 0
@@ -335,15 +334,17 @@ static void update_nl_seq(u32 nl_seq, struct nf_ct_ftp_master *info, int dir,
335 if (info->seq_aft_nl[dir][i] == nl_seq) 334 if (info->seq_aft_nl[dir][i] == nl_seq)
336 return; 335 return;
337 336
338 if (oldest == info->seq_aft_nl_num[dir] 337 if (oldest == info->seq_aft_nl_num[dir] ||
339 || before(info->seq_aft_nl[dir][i], oldest)) 338 before(info->seq_aft_nl[dir][i],
339 info->seq_aft_nl[dir][oldest]))
340 oldest = i; 340 oldest = i;
341 } 341 }
342 342
343 if (info->seq_aft_nl_num[dir] < NUM_SEQ_TO_REMEMBER) { 343 if (info->seq_aft_nl_num[dir] < NUM_SEQ_TO_REMEMBER) {
344 info->seq_aft_nl[dir][info->seq_aft_nl_num[dir]++] = nl_seq; 344 info->seq_aft_nl[dir][info->seq_aft_nl_num[dir]++] = nl_seq;
345 nf_conntrack_event_cache(IPCT_HELPINFO_VOLATILE, skb); 345 nf_conntrack_event_cache(IPCT_HELPINFO_VOLATILE, skb);
346 } else if (oldest != NUM_SEQ_TO_REMEMBER) { 346 } else if (oldest != NUM_SEQ_TO_REMEMBER &&
347 after(nl_seq, info->seq_aft_nl[dir][oldest])) {
347 info->seq_aft_nl[dir][oldest] = nl_seq; 348 info->seq_aft_nl[dir][oldest] = nl_seq;
348 nf_conntrack_event_cache(IPCT_HELPINFO_VOLATILE, skb); 349 nf_conntrack_event_cache(IPCT_HELPINFO_VOLATILE, skb);
349 } 350 }
@@ -519,7 +520,7 @@ static int help(struct sk_buff **pskb,
519 nf_nat_ftp = rcu_dereference(nf_nat_ftp_hook); 520 nf_nat_ftp = rcu_dereference(nf_nat_ftp_hook);
520 if (nf_nat_ftp && ct->status & IPS_NAT_MASK) 521 if (nf_nat_ftp && ct->status & IPS_NAT_MASK)
521 ret = nf_nat_ftp(pskb, ctinfo, search[dir][i].ftptype, 522 ret = nf_nat_ftp(pskb, ctinfo, search[dir][i].ftptype,
522 matchoff, matchlen, exp, &seq); 523 matchoff, matchlen, exp);
523 else { 524 else {
524 /* Can't expect this? Best to drop packet now. */ 525 /* Can't expect this? Best to drop packet now. */
525 if (nf_conntrack_expect_related(exp) != 0) 526 if (nf_conntrack_expect_related(exp) != 0)
diff --git a/net/netfilter/nf_conntrack_h323_main.c b/net/netfilter/nf_conntrack_h323_main.c
index b284db73ca..a1b95acad2 100644
--- a/net/netfilter/nf_conntrack_h323_main.c
+++ b/net/netfilter/nf_conntrack_h323_main.c
@@ -520,6 +520,16 @@ static int process_olca(struct sk_buff **pskb, struct nf_conn *ct,
520 } 520 }
521 } 521 }
522 522
523 if ((olca->options & eOpenLogicalChannelAck_separateStack) &&
524 olca->separateStack.networkAddress.choice ==
525 eNetworkAccessParameters_networkAddress_localAreaAddress) {
526 ret = expect_t120(pskb, ct, ctinfo, data, dataoff,
527 &olca->separateStack.networkAddress.
528 localAreaAddress);
529 if (ret < 0)
530 return -1;
531 }
532
523 return 0; 533 return 0;
524} 534}
525 535
@@ -640,7 +650,7 @@ int get_h225_addr(struct nf_conn *ct, unsigned char *data,
640 case eTransportAddress_ip6Address: 650 case eTransportAddress_ip6Address:
641 if (family != AF_INET6) 651 if (family != AF_INET6)
642 return 0; 652 return 0;
643 p = data + taddr->ip6Address.ip6; 653 p = data + taddr->ip6Address.ip;
644 len = 16; 654 len = 16;
645 break; 655 break;
646 default: 656 default:
@@ -977,30 +987,6 @@ static int process_alerting(struct sk_buff **pskb, struct nf_conn *ct,
977} 987}
978 988
979/****************************************************************************/ 989/****************************************************************************/
980static int process_information(struct sk_buff **pskb,
981 struct nf_conn *ct,
982 enum ip_conntrack_info ctinfo,
983 unsigned char **data, int dataoff,
984 Information_UUIE *info)
985{
986 int ret;
987 int i;
988
989 DEBUGP("nf_ct_q931: Information\n");
990
991 if (info->options & eInformation_UUIE_fastStart) {
992 for (i = 0; i < info->fastStart.count; i++) {
993 ret = process_olc(pskb, ct, ctinfo, data, dataoff,
994 &info->fastStart.item[i]);
995 if (ret < 0)
996 return -1;
997 }
998 }
999
1000 return 0;
1001}
1002
1003/****************************************************************************/
1004static int process_facility(struct sk_buff **pskb, struct nf_conn *ct, 990static int process_facility(struct sk_buff **pskb, struct nf_conn *ct,
1005 enum ip_conntrack_info ctinfo, 991 enum ip_conntrack_info ctinfo,
1006 unsigned char **data, int dataoff, 992 unsigned char **data, int dataoff,
@@ -1096,11 +1082,6 @@ static int process_q931(struct sk_buff **pskb, struct nf_conn *ct,
1096 ret = process_alerting(pskb, ct, ctinfo, data, dataoff, 1082 ret = process_alerting(pskb, ct, ctinfo, data, dataoff,
1097 &pdu->h323_message_body.alerting); 1083 &pdu->h323_message_body.alerting);
1098 break; 1084 break;
1099 case eH323_UU_PDU_h323_message_body_information:
1100 ret = process_information(pskb, ct, ctinfo, data, dataoff,
1101 &pdu->h323_message_body.
1102 information);
1103 break;
1104 case eH323_UU_PDU_h323_message_body_facility: 1085 case eH323_UU_PDU_h323_message_body_facility:
1105 ret = process_facility(pskb, ct, ctinfo, data, dataoff, 1086 ret = process_facility(pskb, ct, ctinfo, data, dataoff,
1106 &pdu->h323_message_body.facility); 1087 &pdu->h323_message_body.facility);
diff --git a/net/netfilter/nf_conntrack_h323_types.c b/net/netfilter/nf_conntrack_h323_types.c
index 4c6f8b3b12..3a21fdf1a2 100644
--- a/net/netfilter/nf_conntrack_h323_types.c
+++ b/net/netfilter/nf_conntrack_h323_types.c
@@ -1,4 +1,4 @@
1/* Generated by Jing Min Zhao's ASN.1 parser, Apr 20 2006 1/* Generated by Jing Min Zhao's ASN.1 parser, May 16 2007
2 * 2 *
3 * Copyright (c) 2006 Jing Min Zhao <zhaojingmin@users.sourceforge.net> 3 * Copyright (c) 2006 Jing Min Zhao <zhaojingmin@users.sourceforge.net>
4 * 4 *
@@ -37,7 +37,7 @@ static field_t _TransportAddress_ipxAddress[] = { /* SEQUENCE */
37 37
38static field_t _TransportAddress_ip6Address[] = { /* SEQUENCE */ 38static field_t _TransportAddress_ip6Address[] = { /* SEQUENCE */
39 {FNAME("ip") OCTSTR, FIXD, 16, 0, DECODE, 39 {FNAME("ip") OCTSTR, FIXD, 16, 0, DECODE,
40 offsetof(TransportAddress_ip6Address, ip6), NULL}, 40 offsetof(TransportAddress_ip6Address, ip), NULL},
41 {FNAME("port") INT, WORD, 0, 0, SKIP, 0, NULL}, 41 {FNAME("port") INT, WORD, 0, 0, SKIP, 0, NULL},
42}; 42};
43 43
@@ -67,7 +67,8 @@ static field_t _TransportAddress[] = { /* CHOICE */
67 {FNAME("ipxAddress") SEQ, 0, 3, 3, SKIP, 0, 67 {FNAME("ipxAddress") SEQ, 0, 3, 3, SKIP, 0,
68 _TransportAddress_ipxAddress}, 68 _TransportAddress_ipxAddress},
69 {FNAME("ip6Address") SEQ, 0, 2, 2, DECODE | EXT, 69 {FNAME("ip6Address") SEQ, 0, 2, 2, DECODE | EXT,
70 offsetof(TransportAddress, ip6Address), _TransportAddress_ip6Address}, 70 offsetof(TransportAddress, ip6Address),
71 _TransportAddress_ip6Address},
71 {FNAME("netBios") OCTSTR, FIXD, 16, 0, SKIP, 0, NULL}, 72 {FNAME("netBios") OCTSTR, FIXD, 16, 0, SKIP, 0, NULL},
72 {FNAME("nsap") OCTSTR, 5, 1, 0, SKIP, 0, NULL}, 73 {FNAME("nsap") OCTSTR, 5, 1, 0, SKIP, 0, NULL},
73 {FNAME("nonStandardAddress") SEQ, 0, 2, 2, SKIP, 0, 74 {FNAME("nonStandardAddress") SEQ, 0, 2, 2, SKIP, 0,
@@ -638,7 +639,8 @@ static field_t _UnicastAddress_iPXAddress[] = { /* SEQUENCE */
638}; 639};
639 640
640static field_t _UnicastAddress_iP6Address[] = { /* SEQUENCE */ 641static field_t _UnicastAddress_iP6Address[] = { /* SEQUENCE */
641 {FNAME("network") OCTSTR, FIXD, 16, 0, SKIP, 0, NULL}, 642 {FNAME("network") OCTSTR, FIXD, 16, 0, DECODE,
643 offsetof(UnicastAddress_iP6Address, network), NULL},
642 {FNAME("tsapIdentifier") INT, WORD, 0, 0, SKIP, 0, NULL}, 644 {FNAME("tsapIdentifier") INT, WORD, 0, 0, SKIP, 0, NULL},
643}; 645};
644 646
@@ -665,8 +667,8 @@ static field_t _UnicastAddress[] = { /* CHOICE */
665 offsetof(UnicastAddress, iPAddress), _UnicastAddress_iPAddress}, 667 offsetof(UnicastAddress, iPAddress), _UnicastAddress_iPAddress},
666 {FNAME("iPXAddress") SEQ, 0, 3, 3, SKIP | EXT, 0, 668 {FNAME("iPXAddress") SEQ, 0, 3, 3, SKIP | EXT, 0,
667 _UnicastAddress_iPXAddress}, 669 _UnicastAddress_iPXAddress},
668 {FNAME("iP6Address") SEQ, 0, 2, 2, SKIP | EXT, 0, 670 {FNAME("iP6Address") SEQ, 0, 2, 2, DECODE | EXT,
669 _UnicastAddress_iP6Address}, 671 offsetof(UnicastAddress, iP6Address), _UnicastAddress_iP6Address},
670 {FNAME("netBios") OCTSTR, FIXD, 16, 0, SKIP, 0, NULL}, 672 {FNAME("netBios") OCTSTR, FIXD, 16, 0, SKIP, 0, NULL},
671 {FNAME("iPSourceRouteAddress") SEQ, 0, 4, 4, SKIP | EXT, 0, 673 {FNAME("iPSourceRouteAddress") SEQ, 0, 4, 4, SKIP | EXT, 0,
672 _UnicastAddress_iPSourceRouteAddress}, 674 _UnicastAddress_iPSourceRouteAddress},
@@ -984,19 +986,12 @@ static field_t _Alerting_UUIE[] = { /* SEQUENCE */
984 {FNAME("featureSet") SEQ, 3, 4, 4, SKIP | EXT | OPT, 0, NULL}, 986 {FNAME("featureSet") SEQ, 3, 4, 4, SKIP | EXT | OPT, 0, NULL},
985}; 987};
986 988
987static field_t _Information_UUIE_fastStart[] = { /* SEQUENCE OF */
988 {FNAME("item") SEQ, 1, 3, 5, DECODE | OPEN | EXT,
989 sizeof(OpenLogicalChannel), _OpenLogicalChannel}
990 ,
991};
992
993static field_t _Information_UUIE[] = { /* SEQUENCE */ 989static field_t _Information_UUIE[] = { /* SEQUENCE */
994 {FNAME("protocolIdentifier") OID, BYTE, 0, 0, SKIP, 0, NULL}, 990 {FNAME("protocolIdentifier") OID, BYTE, 0, 0, SKIP, 0, NULL},
995 {FNAME("callIdentifier") SEQ, 0, 1, 1, SKIP | EXT, 0, NULL}, 991 {FNAME("callIdentifier") SEQ, 0, 1, 1, SKIP | EXT, 0, NULL},
996 {FNAME("tokens") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, 992 {FNAME("tokens") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL},
997 {FNAME("cryptoTokens") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, 993 {FNAME("cryptoTokens") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL},
998 {FNAME("fastStart") SEQOF, SEMI, 0, 30, DECODE | OPT, 994 {FNAME("fastStart") SEQOF, SEMI, 0, 30, SKIP | OPT, 0, NULL},
999 offsetof(Information_UUIE, fastStart), _Information_UUIE_fastStart},
1000 {FNAME("fastConnectRefused") NUL, FIXD, 0, 0, SKIP | OPT, 0, NULL}, 995 {FNAME("fastConnectRefused") NUL, FIXD, 0, 0, SKIP | OPT, 0, NULL},
1001 {FNAME("circuitInfo") SEQ, 3, 3, 3, SKIP | EXT | OPT, 0, NULL}, 996 {FNAME("circuitInfo") SEQ, 3, 3, 3, SKIP | EXT | OPT, 0, NULL},
1002}; 997};
@@ -1343,9 +1338,7 @@ static field_t _H323_UU_PDU_h323_message_body[] = { /* CHOICE */
1343 offsetof(H323_UU_PDU_h323_message_body, connect), _Connect_UUIE}, 1338 offsetof(H323_UU_PDU_h323_message_body, connect), _Connect_UUIE},
1344 {FNAME("alerting") SEQ, 1, 3, 17, DECODE | EXT, 1339 {FNAME("alerting") SEQ, 1, 3, 17, DECODE | EXT,
1345 offsetof(H323_UU_PDU_h323_message_body, alerting), _Alerting_UUIE}, 1340 offsetof(H323_UU_PDU_h323_message_body, alerting), _Alerting_UUIE},
1346 {FNAME("information") SEQ, 0, 1, 7, DECODE | EXT, 1341 {FNAME("information") SEQ, 0, 1, 7, SKIP | EXT, 0, _Information_UUIE},
1347 offsetof(H323_UU_PDU_h323_message_body, information),
1348 _Information_UUIE},
1349 {FNAME("releaseComplete") SEQ, 1, 2, 11, SKIP | EXT, 0, 1342 {FNAME("releaseComplete") SEQ, 1, 2, 11, SKIP | EXT, 0,
1350 _ReleaseComplete_UUIE}, 1343 _ReleaseComplete_UUIE},
1351 {FNAME("facility") SEQ, 3, 5, 21, DECODE | EXT, 1344 {FNAME("facility") SEQ, 3, 5, 21, DECODE | EXT,
@@ -1430,7 +1423,9 @@ static field_t _OpenLogicalChannelAck[] = { /* SEQUENCE */
1430 DECODE | EXT | OPT, offsetof(OpenLogicalChannelAck, 1423 DECODE | EXT | OPT, offsetof(OpenLogicalChannelAck,
1431 reverseLogicalChannelParameters), 1424 reverseLogicalChannelParameters),
1432 _OpenLogicalChannelAck_reverseLogicalChannelParameters}, 1425 _OpenLogicalChannelAck_reverseLogicalChannelParameters},
1433 {FNAME("separateStack") SEQ, 2, 4, 5, SKIP | EXT | OPT, 0, NULL}, 1426 {FNAME("separateStack") SEQ, 2, 4, 5, DECODE | EXT | OPT,
1427 offsetof(OpenLogicalChannelAck, separateStack),
1428 _NetworkAccessParameters},
1434 {FNAME("forwardMultiplexAckParameters") CHOICE, 0, 1, 1, 1429 {FNAME("forwardMultiplexAckParameters") CHOICE, 0, 1, 1,
1435 DECODE | EXT | OPT, offsetof(OpenLogicalChannelAck, 1430 DECODE | EXT | OPT, offsetof(OpenLogicalChannelAck,
1436 forwardMultiplexAckParameters), 1431 forwardMultiplexAckParameters),
diff --git a/net/sched/sch_generic.c b/net/sched/sch_generic.c
index f28bb2dc58..cbefe22558 100644
--- a/net/sched/sch_generic.c
+++ b/net/sched/sch_generic.c
@@ -169,8 +169,8 @@ requeue:
169 else 169 else
170 q->ops->requeue(skb, q); 170 q->ops->requeue(skb, q);
171 netif_schedule(dev); 171 netif_schedule(dev);
172 return 0;
173 } 172 }
173 return 0;
174 174
175out: 175out:
176 BUG_ON((int) q->q.qlen < 0); 176 BUG_ON((int) q->q.qlen < 0);
diff --git a/net/sched/sch_htb.c b/net/sched/sch_htb.c
index 99bcec8dd0..035788c5b7 100644
--- a/net/sched/sch_htb.c
+++ b/net/sched/sch_htb.c
@@ -976,8 +976,9 @@ static struct sk_buff *htb_dequeue(struct Qdisc *sch)
976 976
977 if (q->now >= q->near_ev_cache[level]) { 977 if (q->now >= q->near_ev_cache[level]) {
978 event = htb_do_events(q, level); 978 event = htb_do_events(q, level);
979 q->near_ev_cache[level] = event ? event : 979 if (!event)
980 PSCHED_TICKS_PER_SEC; 980 event = q->now + PSCHED_TICKS_PER_SEC;
981 q->near_ev_cache[level] = event;
981 } else 982 } else
982 event = q->near_ev_cache[level]; 983 event = q->near_ev_cache[level];
983 984
diff --git a/net/sctp/Kconfig b/net/sctp/Kconfig
index 9cba49e2ad..8210f549c4 100644
--- a/net/sctp/Kconfig
+++ b/net/sctp/Kconfig
@@ -2,11 +2,9 @@
2# SCTP configuration 2# SCTP configuration
3# 3#
4 4
5menu "SCTP Configuration (EXPERIMENTAL)" 5menuconfig IP_SCTP
6 depends on INET && EXPERIMENTAL
7
8config IP_SCTP
9 tristate "The SCTP Protocol (EXPERIMENTAL)" 6 tristate "The SCTP Protocol (EXPERIMENTAL)"
7 depends on INET && EXPERIMENTAL
10 depends on IPV6 || IPV6=n 8 depends on IPV6 || IPV6=n
11 select CRYPTO if SCTP_HMAC_SHA1 || SCTP_HMAC_MD5 9 select CRYPTO if SCTP_HMAC_SHA1 || SCTP_HMAC_MD5
12 select CRYPTO_HMAC if SCTP_HMAC_SHA1 || SCTP_HMAC_MD5 10 select CRYPTO_HMAC if SCTP_HMAC_SHA1 || SCTP_HMAC_MD5
@@ -36,9 +34,10 @@ config IP_SCTP
36 34
37 If in doubt, say N. 35 If in doubt, say N.
38 36
37if IP_SCTP
38
39config SCTP_DBG_MSG 39config SCTP_DBG_MSG
40 bool "SCTP: Debug messages" 40 bool "SCTP: Debug messages"
41 depends on IP_SCTP
42 help 41 help
43 If you say Y, this will enable verbose debugging messages. 42 If you say Y, this will enable verbose debugging messages.
44 43
@@ -47,7 +46,6 @@ config SCTP_DBG_MSG
47 46
48config SCTP_DBG_OBJCNT 47config SCTP_DBG_OBJCNT
49 bool "SCTP: Debug object counts" 48 bool "SCTP: Debug object counts"
50 depends on IP_SCTP
51 help 49 help
52 If you say Y, this will enable debugging support for counting the 50 If you say Y, this will enable debugging support for counting the
53 type of objects that are currently allocated. This is useful for 51 type of objects that are currently allocated. This is useful for
@@ -59,7 +57,6 @@ config SCTP_DBG_OBJCNT
59 57
60choice 58choice
61 prompt "SCTP: Cookie HMAC Algorithm" 59 prompt "SCTP: Cookie HMAC Algorithm"
62 depends on IP_SCTP
63 default SCTP_HMAC_MD5 60 default SCTP_HMAC_MD5
64 help 61 help
65 HMAC algorithm to be used during association initialization. It 62 HMAC algorithm to be used during association initialization. It
@@ -86,4 +83,5 @@ config SCTP_HMAC_MD5
86 advised to use either HMAC-MD5 or HMAC-SHA1. 83 advised to use either HMAC-MD5 or HMAC-SHA1.
87 84
88endchoice 85endchoice
89endmenu 86
87endif # IP_SCTP
diff --git a/net/tipc/Kconfig b/net/tipc/Kconfig
index f9e367d946..3b30d1130b 100644
--- a/net/tipc/Kconfig
+++ b/net/tipc/Kconfig
@@ -2,11 +2,9 @@
2# TIPC configuration 2# TIPC configuration
3# 3#
4 4
5menu "TIPC Configuration (EXPERIMENTAL)" 5menuconfig TIPC
6 depends on INET && EXPERIMENTAL
7
8config TIPC
9 tristate "The TIPC Protocol (EXPERIMENTAL)" 6 tristate "The TIPC Protocol (EXPERIMENTAL)"
7 depends on INET && EXPERIMENTAL
10 ---help--- 8 ---help---
11 The Transparent Inter Process Communication (TIPC) protocol is 9 The Transparent Inter Process Communication (TIPC) protocol is
12 specially designed for intra cluster communication. This protocol 10 specially designed for intra cluster communication. This protocol
@@ -22,9 +20,10 @@ config TIPC
22 20
23 If in doubt, say N. 21 If in doubt, say N.
24 22
23if TIPC
24
25config TIPC_ADVANCED 25config TIPC_ADVANCED
26 bool "TIPC: Advanced configuration" 26 bool "TIPC: Advanced configuration"
27 depends on TIPC
28 default n 27 default n
29 help 28 help
30 Saying Y here will open some advanced configuration 29 Saying Y here will open some advanced configuration
@@ -33,7 +32,7 @@ config TIPC_ADVANCED
33 32
34config TIPC_ZONES 33config TIPC_ZONES
35 int "Maximum number of zones in network" 34 int "Maximum number of zones in network"
36 depends on TIPC && TIPC_ADVANCED 35 depends on TIPC_ADVANCED
37 default "3" 36 default "3"
38 help 37 help
39 Max number of zones inside TIPC network. Max supported value 38 Max number of zones inside TIPC network. Max supported value
@@ -44,7 +43,7 @@ config TIPC_ZONES
44 43
45config TIPC_CLUSTERS 44config TIPC_CLUSTERS
46 int "Maximum number of clusters in a zone" 45 int "Maximum number of clusters in a zone"
47 depends on TIPC && TIPC_ADVANCED 46 depends on TIPC_ADVANCED
48 default "1" 47 default "1"
49 help 48 help
50 ***Only 1 (one cluster in a zone) is supported by current code. 49 ***Only 1 (one cluster in a zone) is supported by current code.
@@ -59,7 +58,7 @@ config TIPC_CLUSTERS
59 58
60config TIPC_NODES 59config TIPC_NODES
61 int "Maximum number of nodes in cluster" 60 int "Maximum number of nodes in cluster"
62 depends on TIPC && TIPC_ADVANCED 61 depends on TIPC_ADVANCED
63 default "255" 62 default "255"
64 help 63 help
65 Maximum number of nodes inside a TIPC cluster. Maximum 64 Maximum number of nodes inside a TIPC cluster. Maximum
@@ -70,7 +69,7 @@ config TIPC_NODES
70 69
71config TIPC_SLAVE_NODES 70config TIPC_SLAVE_NODES
72 int "Maximum number of slave nodes in cluster" 71 int "Maximum number of slave nodes in cluster"
73 depends on TIPC && TIPC_ADVANCED 72 depends on TIPC_ADVANCED
74 default "0" 73 default "0"
75 help 74 help
76 ***This capability is not supported by current code.*** 75 ***This capability is not supported by current code.***
@@ -83,7 +82,7 @@ config TIPC_SLAVE_NODES
83 82
84config TIPC_PORTS 83config TIPC_PORTS
85 int "Maximum number of ports in a node" 84 int "Maximum number of ports in a node"
86 depends on TIPC && TIPC_ADVANCED 85 depends on TIPC_ADVANCED
87 default "8191" 86 default "8191"
88 help 87 help
89 Maximum number of ports within a node. Maximum 88 Maximum number of ports within a node. Maximum
@@ -94,7 +93,7 @@ config TIPC_PORTS
94 93
95config TIPC_LOG 94config TIPC_LOG
96 int "Size of log buffer" 95 int "Size of log buffer"
97 depends on TIPC && TIPC_ADVANCED 96 depends on TIPC_ADVANCED
98 default 0 97 default 0
99 help 98 help
100 Size (in bytes) of TIPC's internal log buffer, which records the 99 Size (in bytes) of TIPC's internal log buffer, which records the
@@ -106,7 +105,6 @@ config TIPC_LOG
106 105
107config TIPC_DEBUG 106config TIPC_DEBUG
108 bool "Enable debugging support" 107 bool "Enable debugging support"
109 depends on TIPC
110 default n 108 default n
111 help 109 help
112 This will enable debugging of TIPC. 110 This will enable debugging of TIPC.
@@ -114,4 +112,4 @@ config TIPC_DEBUG
114 Only say Y here if you are having trouble with TIPC. It will 112 Only say Y here if you are having trouble with TIPC. It will
115 enable the display of detailed information about what is going on. 113 enable the display of detailed information about what is going on.
116 114
117endmenu 115endif # TIPC
diff --git a/net/tipc/eth_media.c b/net/tipc/eth_media.c
index 0ee6ded18f..77d2d9ce89 100644
--- a/net/tipc/eth_media.c
+++ b/net/tipc/eth_media.c
@@ -120,18 +120,20 @@ static int recv_msg(struct sk_buff *buf, struct net_device *dev,
120 120
121static int enable_bearer(struct tipc_bearer *tb_ptr) 121static int enable_bearer(struct tipc_bearer *tb_ptr)
122{ 122{
123 struct net_device *dev, *pdev; 123 struct net_device *dev = NULL;
124 struct net_device *pdev = NULL;
124 struct eth_bearer *eb_ptr = &eth_bearers[0]; 125 struct eth_bearer *eb_ptr = &eth_bearers[0];
125 struct eth_bearer *stop = &eth_bearers[MAX_ETH_BEARERS]; 126 struct eth_bearer *stop = &eth_bearers[MAX_ETH_BEARERS];
126 char *driver_name = strchr((const char *)tb_ptr->name, ':') + 1; 127 char *driver_name = strchr((const char *)tb_ptr->name, ':') + 1;
127 128
128 /* Find device with specified name */ 129 /* Find device with specified name */
129 dev = NULL; 130
130 for_each_netdev(pdev) 131 for_each_netdev(pdev){
131 if (!strncmp(dev->name, driver_name, IFNAMSIZ)) { 132 if (!strncmp(pdev->name, driver_name, IFNAMSIZ)) {
132 dev = pdev; 133 dev = pdev;
133 break; 134 break;
134 } 135 }
136 }
135 if (!dev) 137 if (!dev)
136 return -ENODEV; 138 return -ENODEV;
137 139
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index d0882e53b6..b8bab89616 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -29,6 +29,8 @@
29 29
30#include "xfrm_hash.h" 30#include "xfrm_hash.h"
31 31
32int sysctl_xfrm_larval_drop;
33
32DEFINE_MUTEX(xfrm_cfg_mutex); 34DEFINE_MUTEX(xfrm_cfg_mutex);
33EXPORT_SYMBOL(xfrm_cfg_mutex); 35EXPORT_SYMBOL(xfrm_cfg_mutex);
34 36
@@ -1390,8 +1392,8 @@ static int stale_bundle(struct dst_entry *dst);
1390 * At the moment we eat a raw IP route. Mostly to speed up lookups 1392 * At the moment we eat a raw IP route. Mostly to speed up lookups
1391 * on interfaces with disabled IPsec. 1393 * on interfaces with disabled IPsec.
1392 */ 1394 */
1393int xfrm_lookup(struct dst_entry **dst_p, struct flowi *fl, 1395int __xfrm_lookup(struct dst_entry **dst_p, struct flowi *fl,
1394 struct sock *sk, int flags) 1396 struct sock *sk, int flags)
1395{ 1397{
1396 struct xfrm_policy *policy; 1398 struct xfrm_policy *policy;
1397 struct xfrm_policy *pols[XFRM_POLICY_TYPE_MAX]; 1399 struct xfrm_policy *pols[XFRM_POLICY_TYPE_MAX];
@@ -1509,6 +1511,13 @@ restart:
1509 1511
1510 if (unlikely(nx<0)) { 1512 if (unlikely(nx<0)) {
1511 err = nx; 1513 err = nx;
1514 if (err == -EAGAIN && sysctl_xfrm_larval_drop) {
1515 /* EREMOTE tells the caller to generate
1516 * a one-shot blackhole route.
1517 */
1518 xfrm_pol_put(policy);
1519 return -EREMOTE;
1520 }
1512 if (err == -EAGAIN && flags) { 1521 if (err == -EAGAIN && flags) {
1513 DECLARE_WAITQUEUE(wait, current); 1522 DECLARE_WAITQUEUE(wait, current);
1514 1523
@@ -1598,6 +1607,21 @@ error:
1598 *dst_p = NULL; 1607 *dst_p = NULL;
1599 return err; 1608 return err;
1600} 1609}
1610EXPORT_SYMBOL(__xfrm_lookup);
1611
1612int xfrm_lookup(struct dst_entry **dst_p, struct flowi *fl,
1613 struct sock *sk, int flags)
1614{
1615 int err = __xfrm_lookup(dst_p, fl, sk, flags);
1616
1617 if (err == -EREMOTE) {
1618 dst_release(*dst_p);
1619 *dst_p = NULL;
1620 err = -EAGAIN;
1621 }
1622
1623 return err;
1624}
1601EXPORT_SYMBOL(xfrm_lookup); 1625EXPORT_SYMBOL(xfrm_lookup);
1602 1626
1603static inline int 1627static inline int
generated by cgit v1.2.2 (git 2.25.0) at 2025-03-27 19:42:38 -0400