diff options
Diffstat (limited to 'include/net')
80 files changed, 1898 insertions, 1059 deletions
diff --git a/include/net/9p/9p.h b/include/net/9p/9p.h index 625346c47ee..585eb449699 100644 --- a/include/net/9p/9p.h +++ b/include/net/9p/9p.h @@ -124,6 +124,7 @@ enum { P9_DMSOCKET = 0x00100000, P9_DMSETUID = 0x00080000, P9_DMSETGID = 0x00040000, + P9_DMSETVTX = 0x00010000, }; /* qid.types */ diff --git a/include/net/9p/client.h b/include/net/9p/client.h index 9b9221a2139..e52f93d9ac5 100644 --- a/include/net/9p/client.h +++ b/include/net/9p/client.h @@ -3,6 +3,7 @@ * * 9P Client Definitions * + * Copyright (C) 2008 by Eric Van Hensbergen <ericvh@gmail.com> * Copyright (C) 2007 by Latchesar Ionkov <lucho@ionkov.net> * * This program is free software; you can redistribute it and/or modify @@ -29,6 +30,7 @@ struct p9_client { spinlock_t lock; /* protect client structure */ int msize; unsigned char dotu; + struct p9_trans_module *trans_mod; struct p9_trans *trans; struct p9_conn *conn; @@ -52,8 +54,7 @@ struct p9_fid { struct list_head dlist; /* list of all fids attached to a dentry */ }; -struct p9_client *p9_client_create(struct p9_trans *trans, int msize, - int dotu); +struct p9_client *p9_client_create(const char *dev_name, char *options); void p9_client_destroy(struct p9_client *clnt); void p9_client_disconnect(struct p9_client *clnt); struct p9_fid *p9_client_attach(struct p9_client *clnt, struct p9_fid *afid, diff --git a/include/net/9p/conn.h b/include/net/9p/conn.h deleted file mode 100644 index 756d8784f95..00000000000 --- a/include/net/9p/conn.h +++ /dev/null @@ -1,57 +0,0 @@ -/* - * include/net/9p/conn.h - * - * Connection Definitions - * - * Copyright (C) 2005 by Latchesar Ionkov <lucho@ionkov.net> - * Copyright (C) 2004 by Eric Van Hensbergen <ericvh@gmail.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License version 2 - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to: - * Free Software Foundation - * 51 Franklin Street, Fifth Floor - * Boston, MA 02111-1301 USA - * - */ - -#ifndef NET_9P_CONN_H -#define NET_9P_CONN_H - -#undef P9_NONBLOCK - -struct p9_conn; -struct p9_req; - -/** - * p9_mux_req_callback - callback function that is called when the - * response of a request is received. The callback is called from - * a workqueue and shouldn't block. - * - * @req - request - * @a - the pointer that was specified when the request was send to be - * passed to the callback - */ -typedef void (*p9_conn_req_callback)(struct p9_req *req, void *a); - -struct p9_conn *p9_conn_create(struct p9_trans *trans, int msize, - unsigned char *dotu); -void p9_conn_destroy(struct p9_conn *); -int p9_conn_rpc(struct p9_conn *m, struct p9_fcall *tc, struct p9_fcall **rc); - -#ifdef P9_NONBLOCK -int p9_conn_rpcnb(struct p9_conn *m, struct p9_fcall *tc, - p9_conn_req_callback cb, void *a); -#endif /* P9_NONBLOCK */ - -void p9_conn_cancel(struct p9_conn *m, int err); - -#endif /* NET_9P_CONN_H */ diff --git a/include/net/9p/transport.h b/include/net/9p/transport.h index 9dd4a05619a..d2209ae9d18 100644 --- a/include/net/9p/transport.h +++ b/include/net/9p/transport.h @@ -4,7 +4,7 @@ * Transport Definition * * Copyright (C) 2005 by Latchesar Ionkov <lucho@ionkov.net> - * Copyright (C) 2004 by Eric Van Hensbergen <ericvh@gmail.com> + * Copyright (C) 2004-2008 by Eric Van Hensbergen <ericvh@gmail.com> * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 @@ -34,11 +34,12 @@ enum p9_trans_status { struct p9_trans { enum p9_trans_status status; + int msize; + unsigned char extended; void *priv; - int (*write) (struct p9_trans *, void *, int); - int (*read) (struct p9_trans *, void *, int); void (*close) (struct p9_trans *); - unsigned int (*poll)(struct p9_trans *, struct poll_table_struct *); + int (*rpc) (struct p9_trans *t, struct p9_fcall *tc, + struct p9_fcall **rc); }; struct p9_trans_module { @@ -46,7 +47,7 @@ struct p9_trans_module { char *name; /* name of transport */ int maxsize; /* max message size of transport */ int def; /* this transport should be default */ - struct p9_trans * (*create)(const char *devname, char *options); + struct p9_trans * (*create)(const char *, char *, int, unsigned char); }; void v9fs_register_trans(struct p9_trans_module *m); diff --git a/include/net/act_api.h b/include/net/act_api.h index 68b4eaf7719..565eed8fe49 100644 --- a/include/net/act_api.h +++ b/include/net/act_api.h @@ -89,7 +89,7 @@ struct tc_action_ops { int (*dump)(struct sk_buff *, struct tc_action *, int, int); int (*cleanup)(struct tc_action *, int bind); int (*lookup)(struct tc_action *, u32); - int (*init)(struct rtattr *, struct rtattr *, struct tc_action *, int , int); + int (*init)(struct nlattr *, struct nlattr *, struct tc_action *, int , int); int (*walk)(struct sk_buff *, struct netlink_callback *, int, struct tc_action *); }; @@ -104,7 +104,7 @@ extern u32 tcf_hash_new_index(u32 *idx_gen, struct tcf_hashinfo *hinfo); extern int tcf_hash_search(struct tc_action *a, u32 index); extern struct tcf_common *tcf_hash_check(u32 index, struct tc_action *a, int bind, struct tcf_hashinfo *hinfo); -extern struct tcf_common *tcf_hash_create(u32 index, struct rtattr *est, +extern struct tcf_common *tcf_hash_create(u32 index, struct nlattr *est, struct tc_action *a, int size, int bind, u32 *idx_gen, struct tcf_hashinfo *hinfo); @@ -114,8 +114,8 @@ extern int tcf_register_action(struct tc_action_ops *a); extern int tcf_unregister_action(struct tc_action_ops *a); extern void tcf_action_destroy(struct tc_action *a, int bind); extern int tcf_action_exec(struct sk_buff *skb, struct tc_action *a, struct tcf_result *res); -extern struct tc_action *tcf_action_init(struct rtattr *rta, struct rtattr *est, char *n, int ovr, int bind, int *err); -extern struct tc_action *tcf_action_init_1(struct rtattr *rta, struct rtattr *est, char *n, int ovr, int bind, int *err); +extern struct tc_action *tcf_action_init(struct nlattr *nla, struct nlattr *est, char *n, int ovr, int bind); +extern struct tc_action *tcf_action_init_1(struct nlattr *nla, struct nlattr *est, char *n, int ovr, int bind); extern int tcf_action_dump(struct sk_buff *skb, struct tc_action *a, int, int); extern int tcf_action_dump_old(struct sk_buff *skb, struct tc_action *a, int, int); extern int tcf_action_dump_1(struct sk_buff *skb, struct tc_action *a, int, int); diff --git a/include/net/addrconf.h b/include/net/addrconf.h index 33b593e1744..496503c0384 100644 --- a/include/net/addrconf.h +++ b/include/net/addrconf.h @@ -17,6 +17,7 @@ #define IPV6_MAX_ADDRESSES 16 +#include <linux/in.h> #include <linux/in6.h> struct prefix_info { @@ -58,15 +59,20 @@ extern int addrconf_add_ifaddr(void __user *arg); extern int addrconf_del_ifaddr(void __user *arg); extern int addrconf_set_dstaddr(void __user *arg); -extern int ipv6_chk_addr(struct in6_addr *addr, +extern int ipv6_chk_addr(struct net *net, + struct in6_addr *addr, struct net_device *dev, int strict); + #if defined(CONFIG_IPV6_MIP6) || defined(CONFIG_IPV6_MIP6_MODULE) -extern int ipv6_chk_home_addr(struct in6_addr *addr); +extern int ipv6_chk_home_addr(struct net *net, + struct in6_addr *addr); #endif -extern struct inet6_ifaddr * ipv6_get_ifaddr(struct in6_addr *addr, - struct net_device *dev, - int strict); +extern struct inet6_ifaddr *ipv6_get_ifaddr(struct net *net, + struct in6_addr *addr, + struct net_device *dev, + int strict); + extern int ipv6_get_saddr(struct dst_entry *dst, struct in6_addr *daddr, struct in6_addr *saddr); @@ -84,6 +90,14 @@ extern void addrconf_leave_solict(struct inet6_dev *idev, struct in6_addr *addr); /* + * IPv6 Address Label subsystem (addrlabel.c) + */ +extern int ipv6_addr_label_init(void); +extern void ipv6_addr_label_rtnl_register(void); +extern u32 ipv6_addr_label(const struct in6_addr *addr, + int type, int ifindex); + +/* * multicast prototypes (mcast.c) */ extern int ipv6_sock_mc_join(struct sock *sk, int ifindex, @@ -241,6 +255,26 @@ static inline int ipv6_addr_is_ll_all_routers(const struct in6_addr *addr) addr->s6_addr32[3] == htonl(0x00000002)); } +static inline int ipv6_isatap_eui64(u8 *eui, __be32 addr) +{ + eui[0] = (ipv4_is_zeronet(addr) || ipv4_is_private_10(addr) || + ipv4_is_loopback(addr) || ipv4_is_linklocal_169(addr) || + ipv4_is_private_172(addr) || ipv4_is_test_192(addr) || + ipv4_is_anycast_6to4(addr) || ipv4_is_private_192(addr) || + ipv4_is_test_198(addr) || ipv4_is_multicast(addr) || + ipv4_is_lbcast(addr)) ? 0x00 : 0x02; + eui[1] = 0; + eui[2] = 0x5E; + eui[3] = 0xFE; + memcpy (eui+4, &addr, 4); + return 0; +} + +static inline int ipv6_addr_is_isatap(const struct in6_addr *addr) +{ + return ((addr->s6_addr32[2] | htonl(0x02000000)) == htonl(0x02005EFE)); +} + #ifdef CONFIG_PROC_FS extern int if6_proc_init(void); extern void if6_proc_exit(void); diff --git a/include/net/af_unix.h b/include/net/af_unix.h index a1c805d7f48..2dfa96b0575 100644 --- a/include/net/af_unix.h +++ b/include/net/af_unix.h @@ -59,12 +59,11 @@ struct unix_sock { #define unix_sk(__sk) ((struct unix_sock *)__sk) #ifdef CONFIG_SYSCTL -extern int sysctl_unix_max_dgram_qlen; -extern void unix_sysctl_register(void); -extern void unix_sysctl_unregister(void); +extern int unix_sysctl_register(struct net *net); +extern void unix_sysctl_unregister(struct net *net); #else -static inline void unix_sysctl_register(void) {} -static inline void unix_sysctl_unregister(void) {} +static inline int unix_sysctl_register(struct net *net) { return 0; } +static inline void unix_sysctl_unregister(struct net *net) {} #endif #endif #endif diff --git a/include/net/arp.h b/include/net/arp.h index f0266456860..c236270ec95 100644 --- a/include/net/arp.h +++ b/include/net/arp.h @@ -5,24 +5,25 @@ #include <linux/if_arp.h> #include <net/neighbour.h> -#define HAVE_ARP_CREATE extern struct neigh_table arp_tbl; extern void arp_init(void); extern int arp_find(unsigned char *haddr, struct sk_buff *skb); -extern int arp_ioctl(unsigned int cmd, void __user *arg); +extern int arp_ioctl(struct net *net, unsigned int cmd, void __user *arg); extern void arp_send(int type, int ptype, __be32 dest_ip, struct net_device *dev, __be32 src_ip, - unsigned char *dest_hw, unsigned char *src_hw, unsigned char *th); + const unsigned char *dest_hw, + const unsigned char *src_hw, const unsigned char *th); extern int arp_bind_neighbour(struct dst_entry *dst); extern int arp_mc_map(__be32 addr, u8 *haddr, struct net_device *dev, int dir); extern void arp_ifdown(struct net_device *dev); extern struct sk_buff *arp_create(int type, int ptype, __be32 dest_ip, struct net_device *dev, __be32 src_ip, - unsigned char *dest_hw, unsigned char *src_hw, - unsigned char *target_hw); + const unsigned char *dest_hw, + const unsigned char *src_hw, + const unsigned char *target_hw); extern void arp_xmit(struct sk_buff *skb); extern struct neigh_ops arp_broken_ops; diff --git a/include/net/ax25.h b/include/net/ax25.h index 4e3cd93f81f..32a57e1dee3 100644 --- a/include/net/ax25.h +++ b/include/net/ax25.h @@ -35,7 +35,7 @@ #define AX25_P_ATALK 0xca /* Appletalk */ #define AX25_P_ATALK_ARP 0xcb /* Appletalk ARP */ #define AX25_P_IP 0xcc /* ARPA Internet Protocol */ -#define AX25_P_ARP 0xcd /* ARPA Adress Resolution */ +#define AX25_P_ARP 0xcd /* ARPA Address Resolution */ #define AX25_P_FLEXNET 0xce /* FlexNet */ #define AX25_P_NETROM 0xcf /* NET/ROM */ #define AX25_P_TEXT 0xF0 /* No layer 3 protocol impl. */ diff --git a/include/net/bluetooth/rfcomm.h b/include/net/bluetooth/rfcomm.h index 25aa575db80..98ec7a32068 100644 --- a/include/net/bluetooth/rfcomm.h +++ b/include/net/bluetooth/rfcomm.h @@ -252,8 +252,8 @@ static inline void rfcomm_dlc_put(struct rfcomm_dlc *d) rfcomm_dlc_free(d); } -extern void FASTCALL(__rfcomm_dlc_throttle(struct rfcomm_dlc *d)); -extern void FASTCALL(__rfcomm_dlc_unthrottle(struct rfcomm_dlc *d)); +extern void __rfcomm_dlc_throttle(struct rfcomm_dlc *d); +extern void __rfcomm_dlc_unthrottle(struct rfcomm_dlc *d); static inline void rfcomm_dlc_throttle(struct rfcomm_dlc *d) { diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h index d30960e1755..bcc480b8892 100644 --- a/include/net/cfg80211.h +++ b/include/net/cfg80211.h @@ -49,6 +49,120 @@ extern int ieee80211_radiotap_iterator_next( struct ieee80211_radiotap_iterator *iterator); + /** + * struct key_params - key information + * + * Information about a key + * + * @key: key material + * @key_len: length of key material + * @cipher: cipher suite selector + * @seq: sequence counter (IV/PN) for TKIP and CCMP keys, only used + * with the get_key() callback, must be in little endian, + * length given by @seq_len. + */ +struct key_params { + u8 *key; + u8 *seq; + int key_len; + int seq_len; + u32 cipher; +}; + +/** + * struct beacon_parameters - beacon parameters + * + * Used to configure the beacon for an interface. + * + * @head: head portion of beacon (before TIM IE) + * or %NULL if not changed + * @tail: tail portion of beacon (after TIM IE) + * or %NULL if not changed + * @interval: beacon interval or zero if not changed + * @dtim_period: DTIM period or zero if not changed + * @head_len: length of @head + * @tail_len: length of @tail + */ +struct beacon_parameters { + u8 *head, *tail; + int interval, dtim_period; + int head_len, tail_len; +}; + +/** + * enum station_flags - station flags + * + * Station capability flags. Note that these must be the bits + * according to the nl80211 flags. + * + * @STATION_FLAG_CHANGED: station flags were changed + * @STATION_FLAG_AUTHORIZED: station is authorized to send frames (802.1X) + * @STATION_FLAG_SHORT_PREAMBLE: station is capable of receiving frames + * with short preambles + * @STATION_FLAG_WME: station is WME/QoS capable + */ +enum station_flags { + STATION_FLAG_CHANGED = 1<<0, + STATION_FLAG_AUTHORIZED = 1<<NL80211_STA_FLAG_AUTHORIZED, + STATION_FLAG_SHORT_PREAMBLE = 1<<NL80211_STA_FLAG_SHORT_PREAMBLE, + STATION_FLAG_WME = 1<<NL80211_STA_FLAG_WME, +}; + +/** + * struct station_parameters - station parameters + * + * Used to change and create a new station. + * + * @vlan: vlan interface station should belong to + * @supported_rates: supported rates in IEEE 802.11 format + * (or NULL for no change) + * @supported_rates_len: number of supported rates + * @station_flags: station flags (see &enum station_flags) + * @listen_interval: listen interval or -1 for no change + * @aid: AID or zero for no change + */ +struct station_parameters { + u8 *supported_rates; + struct net_device *vlan; + u32 station_flags; + int listen_interval; + u16 aid; + u8 supported_rates_len; +}; + +/** + * enum station_stats_flags - station statistics flags + * + * Used by the driver to indicate which info in &struct station_stats + * it has filled in during get_station(). + * + * @STATION_STAT_INACTIVE_TIME: @inactive_time filled + * @STATION_STAT_RX_BYTES: @rx_bytes filled + * @STATION_STAT_TX_BYTES: @tx_bytes filled + */ +enum station_stats_flags { + STATION_STAT_INACTIVE_TIME = 1<<0, + STATION_STAT_RX_BYTES = 1<<1, + STATION_STAT_TX_BYTES = 1<<2, +}; + +/** + * struct station_stats - station statistics + * + * Station information filled by driver for get_station(). + * + * @filled: bitflag of flags from &enum station_stats_flags + * @inactive_time: time since last station activity (tx/rx) in milliseconds + * @rx_bytes: bytes received from this station + * @tx_bytes: bytes transmitted to this station + */ +struct station_stats { + u32 filled; + u32 inactive_time; + u32 rx_bytes; + u32 tx_bytes; +}; + /* from net/wireless.h */ struct wiphy; @@ -71,6 +185,31 @@ struct wiphy; * * @change_virtual_intf: change type of virtual interface * + * @add_key: add a key with the given parameters. @mac_addr will be %NULL + * when adding a group key. + * + * @get_key: get information about the key with the given parameters. + * @mac_addr will be %NULL when requesting information for a group + * key. All pointers given to the @callback function need not be valid + * after it returns. + * + * @del_key: remove a key given the @mac_addr (%NULL for a group key) + * and @key_index + * + * @set_default_key: set the default key on an interface + * + * @add_beacon: Add a beacon with given parameters, @head, @interval + * and @dtim_period will be valid, @tail is optional. + * @set_beacon: Change the beacon parameters for an access point mode + * interface. This should reject the call when no beacon has been + * configured. + * @del_beacon: Remove beacon configuration and stop sending the beacon. + * + * @add_station: Add a new station. + * + * @del_station: Remove a station; @mac may be NULL to remove all stations. + * + * @change_station: Modify a given station. */ struct cfg80211_ops { int (*add_virtual_intf)(struct wiphy *wiphy, char *name, @@ -78,6 +217,34 @@ struct cfg80211_ops { int (*del_virtual_intf)(struct wiphy *wiphy, int ifindex); int (*change_virtual_intf)(struct wiphy *wiphy, int ifindex, enum nl80211_iftype type); + + int (*add_key)(struct wiphy *wiphy, struct net_device *netdev, + u8 key_index, u8 *mac_addr, + struct key_params *params); + int (*get_key)(struct wiphy *wiphy, struct net_device *netdev, + u8 key_index, u8 *mac_addr, void *cookie, + void (*callback)(void *cookie, struct key_params*)); + int (*del_key)(struct wiphy *wiphy, struct net_device *netdev, + u8 key_index, u8 *mac_addr); + int (*set_default_key)(struct wiphy *wiphy, + struct net_device *netdev, + u8 key_index); + + int (*add_beacon)(struct wiphy *wiphy, struct net_device *dev, + struct beacon_parameters *info); + int (*set_beacon)(struct wiphy *wiphy, struct net_device *dev, + struct beacon_parameters *info); + int (*del_beacon)(struct wiphy *wiphy, struct net_device *dev); + + + int (*add_station)(struct wiphy *wiphy, struct net_device *dev, + u8 *mac, struct station_parameters *params); + int (*del_station)(struct wiphy *wiphy, struct net_device *dev, + u8 *mac); + int (*change_station)(struct wiphy *wiphy, struct net_device *dev, + u8 *mac, struct station_parameters *params); + int (*get_station)(struct wiphy *wiphy, struct net_device *dev, + u8 *mac, struct station_stats *stats); }; #endif /* __NET_CFG80211_H */ diff --git a/include/net/checksum.h b/include/net/checksum.h index 124246172a8..07602b7fa21 100644 --- a/include/net/checksum.h +++ b/include/net/checksum.h @@ -93,4 +93,29 @@ static inline __wsum csum_unfold(__sum16 n) } #define CSUM_MANGLED_0 ((__force __sum16)0xffff) + +static inline void csum_replace4(__sum16 *sum, __be32 from, __be32 to) +{ + __be32 diff[] = { ~from, to }; + + *sum = csum_fold(csum_partial((char *)diff, sizeof(diff), ~csum_unfold(*sum))); +} + +static inline void csum_replace2(__sum16 *sum, __be16 from, __be16 to) +{ + csum_replace4(sum, (__force __be32)from, (__force __be32)to); +} + +struct sk_buff; +extern void inet_proto_csum_replace4(__sum16 *sum, struct sk_buff *skb, + __be32 from, __be32 to, int pseudohdr); + +static inline void inet_proto_csum_replace2(__sum16 *sum, struct sk_buff *skb, + __be16 from, __be16 to, + int pseudohdr) +{ + inet_proto_csum_replace4(sum, skb, (__force __be32)from, + (__force __be32)to, pseudohdr); +} + #endif diff --git a/include/net/dsfield.h b/include/net/dsfield.h index eb65bf2e250..8a8d4e06900 100644 --- a/include/net/dsfield.h +++ b/include/net/dsfield.h @@ -12,15 +12,15 @@ #include <asm/byteorder.h> -static inline __u8 ipv4_get_dsfield(struct iphdr *iph) +static inline __u8 ipv4_get_dsfield(const struct iphdr *iph) { return iph->tos; } -static inline __u8 ipv6_get_dsfield(struct ipv6hdr *ipv6h) +static inline __u8 ipv6_get_dsfield(const struct ipv6hdr *ipv6h) { - return ntohs(*(__be16 *) ipv6h) >> 4; + return ntohs(*(const __be16 *)ipv6h) >> 4; } diff --git a/include/net/dst.h b/include/net/dst.h index 2f65e894b82..e3ac7d0fc4e 100644 --- a/include/net/dst.h +++ b/include/net/dst.h @@ -50,14 +50,17 @@ struct dst_entry unsigned long expires; unsigned short header_len; /* more space at head required */ - unsigned short nfheader_len; /* more non-fragment space at head required */ unsigned short trailer_len; /* space to reserve at tail */ u32 metrics[RTAX_MAX]; struct dst_entry *path; unsigned long rate_last; /* rate limiting for ICMP */ - unsigned long rate_tokens; + unsigned int rate_tokens; + +#ifdef CONFIG_NET_CLS_ROUTE + __u32 tclassid; +#endif struct neighbour *neighbour; struct hh_cache *hh; @@ -66,10 +69,6 @@ struct dst_entry int (*input)(struct sk_buff*); int (*output)(struct sk_buff*); -#ifdef CONFIG_NET_CLS_ROUTE - __u32 tclassid; -#endif - struct dst_ops *ops; unsigned long lastuse; @@ -81,7 +80,6 @@ struct dst_entry struct rt6_info *rt6_next; struct dn_route *dn_next; }; - char info[0]; }; @@ -91,7 +89,7 @@ struct dst_ops __be16 protocol; unsigned gc_thresh; - int (*gc)(void); + int (*gc)(struct dst_ops *ops); struct dst_entry * (*check)(struct dst_entry *, __u32 cookie); void (*destroy)(struct dst_entry *); void (*ifdown)(struct dst_entry *, @@ -99,10 +97,12 @@ struct dst_ops struct dst_entry * (*negative_advice)(struct dst_entry *); void (*link_failure)(struct sk_buff *); void (*update_pmtu)(struct dst_entry *dst, u32 mtu); + int (*local_out)(struct sk_buff *skb); int entry_size; atomic_t entries; struct kmem_cache *kmem_cachep; + struct net *dst_net; }; #ifdef __KERNEL__ @@ -180,6 +180,7 @@ static inline struct dst_entry *dst_pop(struct dst_entry *dst) return child; } +extern int dst_discard(struct sk_buff *skb); extern void * dst_alloc(struct dst_ops * ops); extern void __dst_free(struct dst_entry * dst); extern struct dst_entry *dst_destroy(struct dst_entry * dst); @@ -264,6 +265,12 @@ static inline struct dst_entry *dst_check(struct dst_entry *dst, u32 cookie) extern void dst_init(void); +/* Flags for xfrm_lookup flags argument. */ +enum { + XFRM_LOOKUP_WAIT = 1 << 0, + XFRM_LOOKUP_ICMP = 1 << 1, +}; + struct flowi; #ifndef CONFIG_XFRM static inline int xfrm_lookup(struct dst_entry **dst_p, struct flowi *fl, diff --git a/include/net/esp.h b/include/net/esp.h index c05f529bff2..d58451331db 100644 --- a/include/net/esp.h +++ b/include/net/esp.h @@ -1,58 +1,20 @@ #ifndef _NET_ESP_H #define _NET_ESP_H -#include <linux/crypto.h> -#include <net/xfrm.h> -#include <linux/scatterlist.h> +#include <linux/skbuff.h> -#define ESP_NUM_FAST_SG 4 +struct crypto_aead; -struct esp_data -{ - struct scatterlist sgbuf[ESP_NUM_FAST_SG]; - - /* Confidentiality */ - struct { - int padlen; /* 0..255 */ - /* ivlen is offset from enc_data, where encrypted data start. - * It is logically different of crypto_tfm_alg_ivsize(tfm). - * We assume that it is either zero (no ivec), or - * >= crypto_tfm_alg_ivsize(tfm). */ - int ivlen; - int ivinitted; - u8 *ivec; /* ivec buffer */ - struct crypto_blkcipher *tfm; /* crypto handle */ - } conf; - - /* Integrity. It is active when icv_full_len != 0 */ - struct { - u8 *work_icv; - int icv_full_len; - int icv_trunc_len; - struct crypto_hash *tfm; - } auth; +struct esp_data { + /* 0..255 */ + int padlen; + + /* Confidentiality & Integrity */ + struct crypto_aead *aead; }; extern void *pskb_put(struct sk_buff *skb, struct sk_buff *tail, int len); -static inline int esp_mac_digest(struct esp_data *esp, struct sk_buff *skb, - int offset, int len) -{ - struct hash_desc desc; - int err; - - desc.tfm = esp->auth.tfm; - desc.flags = 0; - - err = crypto_hash_init(&desc); - if (unlikely(err)) - return err; - err = skb_icv_walk(skb, &desc, offset, len, crypto_hash_update); - if (unlikely(err)) - return err; - return crypto_hash_final(&desc, esp->auth.work_icv); -} - struct ip_esp_hdr; static inline struct ip_esp_hdr *ip_esp_hdr(const struct sk_buff *skb) diff --git a/include/net/fib_rules.h b/include/net/fib_rules.h index 41a301e3864..34349f9f433 100644 --- a/include/net/fib_rules.h +++ b/include/net/fib_rules.h @@ -22,6 +22,7 @@ struct fib_rule u32 target; struct fib_rule * ctarget; struct rcu_head rcu; + struct net * fr_net; }; struct fib_lookup_arg @@ -56,7 +57,7 @@ struct fib_rules_ops int (*fill)(struct fib_rule *, struct sk_buff *, struct nlmsghdr *, struct fib_rule_hdr *); - u32 (*default_pref)(void); + u32 (*default_pref)(struct fib_rules_ops *ops); size_t (*nlmsg_payload)(struct fib_rule *); /* Called after modifications to the rules set, must flush @@ -67,6 +68,7 @@ struct fib_rules_ops const struct nla_policy *policy; struct list_head rules_list; struct module *owner; + struct net *fro_net; }; #define FRA_GENERIC_POLICY \ @@ -101,8 +103,9 @@ static inline u32 frh_get_table(struct fib_rule_hdr *frh, struct nlattr **nla) return frh->table; } -extern int fib_rules_register(struct fib_rules_ops *); -extern int fib_rules_unregister(struct fib_rules_ops *); +extern int fib_rules_register(struct fib_rules_ops *); +extern void fib_rules_unregister(struct fib_rules_ops *); +extern void fib_rules_cleanup_ops(struct fib_rules_ops *); extern int fib_rules_lookup(struct fib_rules_ops *, struct flowi *, int flags, diff --git a/include/net/flow.h b/include/net/flow.h index af59fa5cc1f..ad16e0076c8 100644 --- a/include/net/flow.h +++ b/include/net/flow.h @@ -48,7 +48,6 @@ struct flowi { __u8 proto; __u8 flags; -#define FLOWI_FLAG_MULTIPATHOLDROUTE 0x01 union { struct { __be16 sport; diff --git a/include/net/gen_stats.h b/include/net/gen_stats.h index 0b95cf031d6..8cd8185fa2e 100644 --- a/include/net/gen_stats.h +++ b/include/net/gen_stats.h @@ -10,7 +10,7 @@ struct gnet_dump { spinlock_t * lock; struct sk_buff * skb; - struct rtattr * tail; + struct nlattr * tail; /* Backward compatability */ int compat_tc_stats; @@ -39,11 +39,11 @@ extern int gnet_stats_finish_copy(struct gnet_dump *d); extern int gen_new_estimator(struct gnet_stats_basic *bstats, struct gnet_stats_rate_est *rate_est, - spinlock_t *stats_lock, struct rtattr *opt); + spinlock_t *stats_lock, struct nlattr *opt); extern void gen_kill_estimator(struct gnet_stats_basic *bstats, struct gnet_stats_rate_est *rate_est); extern int gen_replace_estimator(struct gnet_stats_basic *bstats, struct gnet_stats_rate_est *rate_est, - spinlock_t *stats_lock, struct rtattr *opt); + spinlock_t *stats_lock, struct nlattr *opt); #endif diff --git a/include/net/ieee80211.h b/include/net/ieee80211.h index 164d1321116..285b2adfa64 100644 --- a/include/net/ieee80211.h +++ b/include/net/ieee80211.h @@ -115,8 +115,16 @@ extern u32 ieee80211_debug_level; do { if (ieee80211_debug_level & (level)) \ printk(KERN_DEBUG "ieee80211: %c %s " fmt, \ in_interrupt() ? 'I' : 'U', __FUNCTION__ , ## args); } while (0) +static inline bool ieee80211_ratelimit_debug(u32 level) +{ + return (ieee80211_debug_level & level) && net_ratelimit(); +} #else #define IEEE80211_DEBUG(level, fmt, args...) do {} while (0) +static inline bool ieee80211_ratelimit_debug(u32 level) +{ + return false; +} #endif /* CONFIG_IEEE80211_DEBUG */ /* escape_essid() is intended to be used in debug (and possibly error) @@ -669,7 +677,7 @@ struct ieee80211_probe_request { struct ieee80211_probe_response { struct ieee80211_hdr_3addr header; - u32 time_stamp[2]; + __le32 time_stamp[2]; __le16 beacon_interval; __le16 capability; /* SSID, supported rates, FH params, DS params, @@ -710,8 +718,8 @@ struct ieee80211_txb { u8 encrypted; u8 rts_included; u8 reserved; - __le16 frag_size; - __le16 payload_size; + u16 frag_size; + u16 payload_size; struct sk_buff *fragments[0]; }; diff --git a/include/net/if_inet6.h b/include/net/if_inet6.h index 448eccb2063..b2cfc492725 100644 --- a/include/net/if_inet6.h +++ b/include/net/if_inet6.h @@ -112,13 +112,13 @@ struct ifmcaddr6 struct ip6_sf_list *mca_sources; struct ip6_sf_list *mca_tomb; unsigned int mca_sfmode; + unsigned char mca_crcount; unsigned long mca_sfcount[2]; struct timer_list mca_timer; unsigned mca_flags; int mca_users; atomic_t mca_refcnt; spinlock_t mca_lock; - unsigned char mca_crcount; unsigned long mca_cstamp; unsigned long mca_tstamp; }; @@ -166,11 +166,11 @@ struct inet6_dev struct ifmcaddr6 *mc_list; struct ifmcaddr6 *mc_tomb; rwlock_t mc_lock; - unsigned long mc_v1_seen; - unsigned long mc_maxdelay; unsigned char mc_qrv; unsigned char mc_gq_running; unsigned char mc_ifc_count; + unsigned long mc_v1_seen; + unsigned long mc_maxdelay; struct timer_list mc_gq_timer; /* general query timer */ struct timer_list mc_ifc_timer; /* interface change timer */ @@ -269,18 +269,21 @@ static inline void ipv6_arcnet_mc_map(const struct in6_addr *addr, char *buf) buf[0] = 0x00; } -static inline void ipv6_ib_mc_map(struct in6_addr *addr, char *buf) +static inline void ipv6_ib_mc_map(const struct in6_addr *addr, + const unsigned char *broadcast, char *buf) { + unsigned char scope = broadcast[5] & 0xF; + buf[0] = 0; /* Reserved */ buf[1] = 0xff; /* Multicast QPN */ buf[2] = 0xff; buf[3] = 0xff; buf[4] = 0xff; - buf[5] = 0x12; /* link local scope */ + buf[5] = 0x10 | scope; /* scope from broadcast address */ buf[6] = 0x60; /* IPv6 signature */ buf[7] = 0x1b; - buf[8] = 0; /* P_Key */ - buf[9] = 0; + buf[8] = broadcast[8]; /* P_Key */ + buf[9] = broadcast[9]; memcpy(buf + 10, addr->s6_addr + 6, 10); } #endif diff --git a/include/net/inet6_hashtables.h b/include/net/inet6_hashtables.h index 668056b4bb0..62a5b691858 100644 --- a/include/net/inet6_hashtables.h +++ b/include/net/inet6_hashtables.h @@ -49,7 +49,7 @@ static inline int inet6_sk_ehashfn(const struct sock *sk) return inet6_ehashfn(laddr, lport, faddr, fport); } -extern void __inet6_hash(struct inet_hashinfo *hashinfo, struct sock *sk); +extern void __inet6_hash(struct sock *sk); /* * Sockets in TCP_CLOSE state are _always_ taken out of the hash, so @@ -57,34 +57,37 @@ extern void __inet6_hash(struct inet_hashinfo *hashinfo, struct sock *sk); * * The sockhash lock must be held as a reader here. */ -extern struct sock *__inet6_lookup_established(struct inet_hashinfo *hashinfo, +extern struct sock *__inet6_lookup_established(struct net *net, + struct inet_hashinfo *hashinfo, const struct in6_addr *saddr, const __be16 sport, const struct in6_addr *daddr, const u16 hnum, const int dif); -extern struct sock *inet6_lookup_listener(struct inet_hashinfo *hashinfo, +extern struct sock *inet6_lookup_listener(struct net *net, + struct inet_hashinfo *hashinfo, const struct in6_addr *daddr, const unsigned short hnum, const int dif); -static inline struct sock *__inet6_lookup(struct inet_hashinfo *hashinfo, +static inline struct sock *__inet6_lookup(struct net *net, + struct inet_hashinfo *hashinfo, const struct in6_addr *saddr, const __be16 sport, const struct in6_addr *daddr, const u16 hnum, const int dif) { - struct sock *sk = __inet6_lookup_established(hashinfo, saddr, sport, - daddr, hnum, dif); + struct sock *sk = __inet6_lookup_established(net, hashinfo, saddr, + sport, daddr, hnum, dif); if (sk) return sk; - return inet6_lookup_listener(hashinfo, daddr, hnum, dif); + return inet6_lookup_listener(net, hashinfo, daddr, hnum, dif); } -extern struct sock *inet6_lookup(struct inet_hashinfo *hashinfo, +extern struct sock *inet6_lookup(struct net *net, struct inet_hashinfo *hashinfo, const struct in6_addr *saddr, const __be16 sport, const struct in6_addr *daddr, const __be16 dport, const int dif); diff --git a/include/net/inet_connection_sock.h b/include/net/inet_connection_sock.h index 133cf30d2d7..f00f0573627 100644 --- a/include/net/inet_connection_sock.h +++ b/include/net/inet_connection_sock.h @@ -29,7 +29,6 @@ #undef INET_CSK_CLEAR_TIMERS struct inet_bind_bucket; -struct inet_hashinfo; struct tcp_congestion_ops; /* @@ -59,6 +58,8 @@ struct inet_connection_sock_af_ops { int level, int optname, char __user *optval, int __user *optlen); void (*addr2sockaddr)(struct sock *sk, struct sockaddr *); + int (*bind_conflict)(const struct sock *sk, + const struct inet_bind_bucket *tb); }; /** inet_connection_sock - INET connection oriented sock @@ -244,10 +245,7 @@ extern struct request_sock *inet_csk_search_req(const struct sock *sk, const __be32 laddr); extern int inet_csk_bind_conflict(const struct sock *sk, const struct inet_bind_bucket *tb); -extern int inet_csk_get_port(struct inet_hashinfo *hashinfo, - struct sock *sk, unsigned short snum, - int (*bind_conflict)(const struct sock *sk, - const struct inet_bind_bucket *tb)); +extern int inet_csk_get_port(struct sock *sk, unsigned short snum); extern struct dst_entry* inet_csk_route_req(struct sock *sk, const struct request_sock *req); diff --git a/include/net/inet_ecn.h b/include/net/inet_ecn.h index de8399a7977..ba33db05385 100644 --- a/include/net/inet_ecn.h +++ b/include/net/inet_ecn.h @@ -83,9 +83,9 @@ static inline void IP_ECN_clear(struct iphdr *iph) iph->tos &= ~INET_ECN_MASK; } -static inline void ipv4_copy_dscp(struct iphdr *outer, struct iphdr *inner) +static inline void ipv4_copy_dscp(unsigned int dscp, struct iphdr *inner) { - u32 dscp = ipv4_get_dsfield(outer) & ~INET_ECN_MASK; + dscp &= ~INET_ECN_MASK; ipv4_change_dsfield(inner, INET_ECN_MASK, dscp); } @@ -104,9 +104,9 @@ static inline void IP6_ECN_clear(struct ipv6hdr *iph) *(__be32*)iph &= ~htonl(INET_ECN_MASK << 20); } -static inline void ipv6_copy_dscp(struct ipv6hdr *outer, struct ipv6hdr *inner) +static inline void ipv6_copy_dscp(unsigned int dscp, struct ipv6hdr *inner) { - u32 dscp = ipv6_get_dsfield(outer) & ~INET_ECN_MASK; + dscp &= ~INET_ECN_MASK; ipv6_change_dsfield(inner, INET_ECN_MASK, dscp); } diff --git a/include/net/inet_frag.h b/include/net/inet_frag.h index 954def40897..7374251b978 100644 --- a/include/net/inet_frag.h +++ b/include/net/inet_frag.h @@ -1,8 +1,20 @@ #ifndef __NET_FRAG_H__ #define __NET_FRAG_H__ +struct netns_frags { + int nqueues; + atomic_t mem; + struct list_head lru_list; + + /* sysctls */ + int timeout; + int high_thresh; + int low_thresh; +}; + struct inet_frag_queue { struct hlist_node list; + struct netns_frags *net; struct list_head lru_list; /* lru list member */ spinlock_t lock; atomic_t refcnt; @@ -20,23 +32,13 @@ struct inet_frag_queue { #define INETFRAGS_HASHSZ 64 -struct inet_frags_ctl { - int high_thresh; - int low_thresh; - int timeout; - int secret_interval; -}; - struct inet_frags { - struct list_head lru_list; struct hlist_head hash[INETFRAGS_HASHSZ]; rwlock_t lock; u32 rnd; - int nqueues; int qsize; - atomic_t mem; + int secret_interval; struct timer_list secret_timer; - struct inet_frags_ctl *ctl; unsigned int (*hashfn)(struct inet_frag_queue *); void (*constructor)(struct inet_frag_queue *q, @@ -51,12 +53,15 @@ struct inet_frags { void inet_frags_init(struct inet_frags *); void inet_frags_fini(struct inet_frags *); +void inet_frags_init_net(struct netns_frags *nf); +void inet_frags_exit_net(struct netns_frags *nf, struct inet_frags *f); + void inet_frag_kill(struct inet_frag_queue *q, struct inet_frags *f); void inet_frag_destroy(struct inet_frag_queue *q, struct inet_frags *f, int *work); -int inet_frag_evictor(struct inet_frags *f); -struct inet_frag_queue *inet_frag_find(struct inet_frags *f, void *key, - unsigned int hash); +int inet_frag_evictor(struct netns_frags *nf, struct inet_frags *f); +struct inet_frag_queue *inet_frag_find(struct netns_frags *nf, + struct inet_frags *f, void *key, unsigned int hash); static inline void inet_frag_put(struct inet_frag_queue *q, struct inet_frags *f) { diff --git a/include/net/inet_hashtables.h b/include/net/inet_hashtables.h index 469216d9366..97dc35ad09b 100644 --- a/include/net/inet_hashtables.h +++ b/include/net/inet_hashtables.h @@ -74,6 +74,7 @@ struct inet_ehash_bucket { * ports are created in O(1) time? I thought so. ;-) -DaveM */ struct inet_bind_bucket { + struct net *ib_net; unsigned short port; signed short fastreuse; struct hlist_node node; @@ -186,15 +187,15 @@ static inline void inet_ehash_locks_free(struct inet_hashinfo *hashinfo) if (size > PAGE_SIZE) vfree(hashinfo->ehash_locks); else -#else - kfree(hashinfo->ehash_locks); #endif + kfree(hashinfo->ehash_locks); hashinfo->ehash_locks = NULL; } } extern struct inet_bind_bucket * inet_bind_bucket_create(struct kmem_cache *cachep, + struct net *net, struct inet_bind_hashbucket *head, const unsigned short snum); extern void inet_bind_bucket_destroy(struct kmem_cache *cachep, @@ -220,9 +221,9 @@ static inline int inet_sk_listen_hashfn(const struct sock *sk) } /* Caller must disable local BH processing. */ -static inline void __inet_inherit_port(struct inet_hashinfo *table, - struct sock *sk, struct sock *child) +static inline void __inet_inherit_port(struct sock *sk, struct sock *child) { + struct inet_hashinfo *table = sk->sk_prot->hashinfo; const int bhash = inet_bhashfn(inet_sk(child)->num, table->bhash_size); struct inet_bind_hashbucket *head = &table->bhash[bhash]; struct inet_bind_bucket *tb; @@ -234,15 +235,14 @@ static inline void __inet_inherit_port(struct inet_hashinfo *table, spin_unlock(&head->lock); } -static inline void inet_inherit_port(struct inet_hashinfo *table, - struct sock *sk, struct sock *child) +static inline void inet_inherit_port(struct sock *sk, struct sock *child) { local_bh_disable(); - __inet_inherit_port(table, sk, child); + __inet_inherit_port(sk, child); local_bh_enable(); } -extern void inet_put_port(struct inet_hashinfo *table, struct sock *sk); +extern void inet_put_port(struct sock *sk); extern void inet_listen_wlock(struct inet_hashinfo *hashinfo); @@ -265,74 +265,21 @@ static inline void inet_listen_unlock(struct inet_hashinfo *hashinfo) wake_up(&hashinfo->lhash_wait); } -static inline void __inet_hash(struct inet_hashinfo *hashinfo, - struct sock *sk, const int listen_possible) -{ - struct hlist_head *list; - rwlock_t *lock; - - BUG_TRAP(sk_unhashed(sk)); - if (listen_possible && sk->sk_state == TCP_LISTEN) { - list = &hashinfo->listening_hash[inet_sk_listen_hashfn(sk)]; - lock = &hashinfo->lhash_lock; - inet_listen_wlock(hashinfo); - } else { - struct inet_ehash_bucket *head; - sk->sk_hash = inet_sk_ehashfn(sk); - head = inet_ehash_bucket(hashinfo, sk->sk_hash); - list = &head->chain; - lock = inet_ehash_lockp(hashinfo, sk->sk_hash); - write_lock(lock); - } - __sk_add_node(sk, list); - sock_prot_inc_use(sk->sk_prot); - write_unlock(lock); - if (listen_possible && sk->sk_state == TCP_LISTEN) - wake_up(&hashinfo->lhash_wait); -} - -static inline void inet_hash(struct inet_hashinfo *hashinfo, struct sock *sk) -{ - if (sk->sk_state != TCP_CLOSE) { - local_bh_disable(); - __inet_hash(hashinfo, sk, 1); - local_bh_enable(); - } -} - -static inline void inet_unhash(struct inet_hashinfo *hashinfo, struct sock *sk) -{ - rwlock_t *lock; - - if (sk_unhashed(sk)) - goto out; - - if (sk->sk_state == TCP_LISTEN) { - local_bh_disable(); - inet_listen_wlock(hashinfo); - lock = &hashinfo->lhash_lock; - } else { - lock = inet_ehash_lockp(hashinfo, sk->sk_hash); - write_lock_bh(lock); - } +extern void __inet_hash_nolisten(struct sock *sk); +extern void inet_hash(struct sock *sk); +extern void inet_unhash(struct sock *sk); - if (__sk_del_node_init(sk)) - sock_prot_dec_use(sk->sk_prot); - write_unlock_bh(lock); -out: - if (sk->sk_state == TCP_LISTEN) - wake_up(&hashinfo->lhash_wait); -} - -extern struct sock *__inet_lookup_listener(struct inet_hashinfo *hashinfo, +extern struct sock *__inet_lookup_listener(struct net *net, + struct inet_hashinfo *hashinfo, const __be32 daddr, const unsigned short hnum, const int dif); -static inline struct sock *inet_lookup_listener(struct inet_hashinfo *hashinfo, - __be32 daddr, __be16 dport, int dif) +static inline struct sock *inet_lookup_listener(struct net *net, + struct inet_hashinfo *hashinfo, + __be32 daddr, __be16 dport, int dif) { - return __inet_lookup_listener(hashinfo, daddr, ntohs(dport), dif); + return __inet_lookup_listener(net, hashinfo, daddr, ntohs(dport), dif); } /* Socket demux engine toys. */ @@ -366,26 +313,26 @@ typedef __u64 __bitwise __addrpair; (((__force __u64)(__be32)(__daddr)) << 32) | \ ((__force __u64)(__be32)(__saddr))); #endif /* __BIG_ENDIAN */ -#define INET_MATCH(__sk, __hash, __cookie, __saddr, __daddr, __ports, __dif)\ - (((__sk)->sk_hash == (__hash)) && \ +#define INET_MATCH(__sk, __net, __hash, __cookie, __saddr, __daddr, __ports, __dif)\ + (((__sk)->sk_hash == (__hash)) && ((__sk)->sk_net == (__net)) && \ ((*((__addrpair *)&(inet_sk(__sk)->daddr))) == (__cookie)) && \ ((*((__portpair *)&(inet_sk(__sk)->dport))) == (__ports)) && \ (!((__sk)->sk_bound_dev_if) || ((__sk)->sk_bound_dev_if == (__dif)))) -#define INET_TW_MATCH(__sk, __hash, __cookie, __saddr, __daddr, __ports, __dif)\ - (((__sk)->sk_hash == (__hash)) && \ +#define INET_TW_MATCH(__sk, __net, __hash, __cookie, __saddr, __daddr, __ports, __dif)\ + (((__sk)->sk_hash == (__hash)) && ((__sk)->sk_net == (__net)) && \ ((*((__addrpair *)&(inet_twsk(__sk)->tw_daddr))) == (__cookie)) && \ ((*((__portpair *)&(inet_twsk(__sk)->tw_dport))) == (__ports)) && \ (!((__sk)->sk_bound_dev_if) || ((__sk)->sk_bound_dev_if == (__dif)))) #else /* 32-bit arch */ #define INET_ADDR_COOKIE(__name, __saddr, __daddr) -#define INET_MATCH(__sk, __hash, __cookie, __saddr, __daddr, __ports, __dif) \ - (((__sk)->sk_hash == (__hash)) && \ +#define INET_MATCH(__sk, __net, __hash, __cookie, __saddr, __daddr, __ports, __dif) \ + (((__sk)->sk_hash == (__hash)) && ((__sk)->sk_net == (__net)) && \ (inet_sk(__sk)->daddr == (__saddr)) && \ (inet_sk(__sk)->rcv_saddr == (__daddr)) && \ ((*((__portpair *)&(inet_sk(__sk)->dport))) == (__ports)) && \ (!((__sk)->sk_bound_dev_if) || ((__sk)->sk_bound_dev_if == (__dif)))) -#define INET_TW_MATCH(__sk, __hash,__cookie, __saddr, __daddr, __ports, __dif) \ - (((__sk)->sk_hash == (__hash)) && \ +#define INET_TW_MATCH(__sk, __net, __hash,__cookie, __saddr, __daddr, __ports, __dif) \ + (((__sk)->sk_hash == (__hash)) && ((__sk)->sk_net == (__net)) && \ (inet_twsk(__sk)->tw_daddr == (__saddr)) && \ (inet_twsk(__sk)->tw_rcv_saddr == (__daddr)) && \ ((*((__portpair *)&(inet_twsk(__sk)->tw_dport))) == (__ports)) && \ @@ -398,66 +345,36 @@ typedef __u64 __bitwise __addrpair; * * Local BH must be disabled here. */ -static inline struct sock * - __inet_lookup_established(struct inet_hashinfo *hashinfo, - const __be32 saddr, const __be16 sport, - const __be32 daddr, const u16 hnum, - const int dif) -{ - INET_ADDR_COOKIE(acookie, saddr, daddr) - const __portpair ports = INET_COMBINED_PORTS(sport, hnum); - struct sock *sk; - const struct hlist_node *node; - /* Optimize here for direct hit, only listening connections can - * have wildcards anyways. - */ - unsigned int hash = inet_ehashfn(daddr, hnum, saddr, sport); - struct inet_ehash_bucket *head = inet_ehash_bucket(hashinfo, hash); - rwlock_t *lock = inet_ehash_lockp(hashinfo, hash); - - prefetch(head->chain.first); - read_lock(lock); - sk_for_each(sk, node, &head->chain) { - if (INET_MATCH(sk, hash, acookie, saddr, daddr, ports, dif)) - goto hit; /* You sunk my battleship! */ - } - - /* Must check for a TIME_WAIT'er before going to listener hash. */ - sk_for_each(sk, node, &head->twchain) { - if (INET_TW_MATCH(sk, hash, acookie, saddr, daddr, ports, dif)) - goto hit; - } - sk = NULL; -out: - read_unlock(lock); - return sk; -hit: - sock_hold(sk); - goto out; -} +extern struct sock * __inet_lookup_established(struct net *net, + struct inet_hashinfo *hashinfo, + const __be32 saddr, const __be16 sport, + const __be32 daddr, const u16 hnum, const int dif); static inline struct sock * - inet_lookup_established(struct inet_hashinfo *hashinfo, + inet_lookup_established(struct net *net, struct inet_hashinfo *hashinfo, const __be32 saddr, const __be16 sport, const __be32 daddr, const __be16 dport, const int dif) { - return __inet_lookup_established(hashinfo, saddr, sport, daddr, + return __inet_lookup_established(net, hashinfo, saddr, sport, daddr, ntohs(dport), dif); } -static inline struct sock *__inet_lookup(struct inet_hashinfo *hashinfo, +static inline struct sock *__inet_lookup(struct net *net, + struct inet_hashinfo *hashinfo, const __be32 saddr, const __be16 sport, const __be32 daddr, const __be16 dport, const int dif) { u16 hnum = ntohs(dport); - struct sock *sk = __inet_lookup_established(hashinfo, saddr, sport, daddr, - hnum, dif); - return sk ? : __inet_lookup_listener(hashinfo, daddr, hnum, dif); + struct sock *sk = __inet_lookup_established(net, hashinfo, + saddr, sport, daddr, hnum, dif); + + return sk ? : __inet_lookup_listener(net, hashinfo, daddr, hnum, dif); } -static inline struct sock *inet_lookup(struct inet_hashinfo *hashinfo, +static inline struct sock *inet_lookup(struct net *net, + struct inet_hashinfo *hashinfo, const __be32 saddr, const __be16 sport, const __be32 daddr, const __be16 dport, const int dif) @@ -465,12 +382,17 @@ static inline struct sock *inet_lookup(struct inet_hashinfo *hashinfo, struct sock *sk; local_bh_disable(); - sk = __inet_lookup(hashinfo, saddr, sport, daddr, dport, dif); + sk = __inet_lookup(net, hashinfo, saddr, sport, daddr, dport, dif); local_bh_enable(); return sk; } +extern int __inet_hash_connect(struct inet_timewait_death_row *death_row, + struct sock *sk, u32 port_offset, + int (*check_established)(struct inet_timewait_death_row *, + struct sock *, __u16, struct inet_timewait_sock **), + void (*hash)(struct sock *sk)); extern int inet_hash_connect(struct inet_timewait_death_row *death_row, struct sock *sk); #endif /* _INET_HASHTABLES_H */ diff --git a/include/net/inet_timewait_sock.h b/include/net/inet_timewait_sock.h index abaff059727..296547bfb0b 100644 --- a/include/net/inet_timewait_sock.h +++ b/include/net/inet_timewait_sock.h @@ -116,6 +116,7 @@ struct inet_timewait_sock { #define tw_hash __tw_common.skc_hash #define tw_prot __tw_common.skc_prot #define tw_net __tw_common.skc_net + int tw_timeout; volatile unsigned char tw_substate; /* 3 bits hole, try to pack */ unsigned char tw_rcv_wscale; @@ -130,7 +131,6 @@ struct inet_timewait_sock { __u8 tw_ipv6only:1; /* 15 bits hole, try to pack */ __u16 tw_ipv6_offset; - int tw_timeout; unsigned long tw_ttd; struct inet_bind_bucket *tw_tb; struct hlist_node tw_death_node; @@ -193,19 +193,7 @@ static inline __be32 inet_rcv_saddr(const struct sock *sk) inet_sk(sk)->rcv_saddr : inet_twsk(sk)->tw_rcv_saddr; } -static inline void inet_twsk_put(struct inet_timewait_sock *tw) -{ - if (atomic_dec_and_test(&tw->tw_refcnt)) { - struct module *owner = tw->tw_prot->owner; - twsk_destructor((struct sock *)tw); -#ifdef SOCK_REFCNT_DEBUG - printk(KERN_DEBUG "%s timewait_sock %p released\n", - tw->tw_prot->name, tw); -#endif - kmem_cache_free(tw->tw_prot->twsk_prot->twsk_slab, tw); - module_put(owner); - } -} +extern void inet_twsk_put(struct inet_timewait_sock *tw); extern struct inet_timewait_sock *inet_twsk_alloc(const struct sock *sk, const int state); diff --git a/include/net/ip.h b/include/net/ip.h index 840dd91b513..9f50d4f1f15 100644 --- a/include/net/ip.h +++ b/include/net/ip.h @@ -82,8 +82,6 @@ struct packet_type; struct rtable; struct sockaddr; -extern void ip_mc_dropsocket(struct sock *); -extern void ip_mc_dropdevice(struct net_device *dev); extern int igmp_mc_proc_init(void); /* @@ -102,6 +100,8 @@ extern int ip_mc_output(struct sk_buff *skb); extern int ip_fragment(struct sk_buff *skb, int (*output)(struct sk_buff *)); extern int ip_do_nat(struct sk_buff *skb); extern void ip_send_check(struct iphdr *ip); +extern int __ip_local_out(struct sk_buff *skb); +extern int ip_local_out(struct sk_buff *skb); extern int ip_queue_xmit(struct sk_buff *skb, int ipfragok); extern void ip_init(void); extern int ip_append_data(struct sock *sk, @@ -169,7 +169,7 @@ DECLARE_SNMP_STAT(struct linux_mib, net_statistics); #define NET_ADD_STATS_USER(field, adnd) SNMP_ADD_STATS_USER(net_statistics, field, adnd) extern unsigned long snmp_fold_field(void *mib[], int offt); -extern int snmp_mib_init(void *ptr[2], size_t mibsize, size_t mibalign); +extern int snmp_mib_init(void *ptr[2], size_t mibsize); extern void snmp_mib_free(void *ptr[2]); extern void inet_get_local_port_range(int *low, int *high); @@ -177,10 +177,7 @@ extern void inet_get_local_port_range(int *low, int *high); extern int sysctl_ip_default_ttl; extern int sysctl_ip_nonlocal_bind; -/* From ip_fragment.c */ -struct inet_frags_ctl; -extern struct inet_frags_ctl ip4_frags_ctl; -extern int sysctl_ipfrag_max_dist; +extern struct ctl_path net_ipv4_ctl_path[]; /* From inetpeer.c */ extern int inet_peer_threshold; @@ -266,20 +263,22 @@ static inline void ip_eth_mc_map(__be32 naddr, char *buf) * Leave P_Key as 0 to be filled in by driver. */ -static inline void ip_ib_mc_map(__be32 naddr, char *buf) +static inline void ip_ib_mc_map(__be32 naddr, const unsigned char *broadcast, char *buf) { __u32 addr; + unsigned char scope = broadcast[5] & 0xF; + buf[0] = 0; /* Reserved */ buf[1] = 0xff; /* Multicast QPN */ buf[2] = 0xff; buf[3] = 0xff; addr = ntohl(naddr); buf[4] = 0xff; - buf[5] = 0x12; /* link local scope */ + buf[5] = 0x10 | scope; /* scope from broadcast address */ buf[6] = 0x40; /* IPv4 signature */ buf[7] = 0x1b; - buf[8] = 0; /* P_Key */ - buf[9] = 0; + buf[8] = broadcast[8]; /* P_Key */ + buf[9] = broadcast[9]; buf[10] = 0; buf[11] = 0; buf[12] = 0; @@ -317,7 +316,7 @@ static __inline__ void inet_reset_saddr(struct sock *sk) extern int ip_call_ra_chain(struct sk_buff *skb); /* - * Functions provided by ip_fragment.o + * Functions provided by ip_fragment.c */ enum ip_defrag_users @@ -332,15 +331,14 @@ enum ip_defrag_users }; int ip_defrag(struct sk_buff *skb, u32 user); -int ip_frag_mem(void); -int ip_frag_nqueues(void); +int ip_frag_mem(struct net *net); +int ip_frag_nqueues(struct net *net); /* * Functions provided by ip_forward.c */ extern int ip_forward(struct sk_buff *skb); -extern int ip_net_unreachable(struct sk_buff *skb); /* * Functions provided by ip_options.c @@ -391,6 +389,4 @@ int ipv4_doint_and_flush_strategy(ctl_table *table, int __user *name, int nlen, extern int ip_misc_proc_init(void); #endif -extern struct ctl_table ipv4_table[]; - #endif /* _IP_H */ diff --git a/include/net/ip6_fib.h b/include/net/ip6_fib.h index 857821360bb..d8d85b13364 100644 --- a/include/net/ip6_fib.h +++ b/include/net/ip6_fib.h @@ -99,16 +99,21 @@ struct rt6_info u32 rt6i_flags; u32 rt6i_metric; atomic_t rt6i_ref; - struct fib6_table *rt6i_table; - struct rt6key rt6i_dst; - struct rt6key rt6i_src; + /* more non-fragment space at head required */ + unsigned short rt6i_nfheader_len; u8 rt6i_protocol; + struct fib6_table *rt6i_table; + + struct rt6key rt6i_dst; + #ifdef CONFIG_XFRM u32 rt6i_flow_cache_genid; #endif + + struct rt6key rt6i_src; }; static inline struct inet6_dev *ip6_dst_idev(struct dst_entry *dst) @@ -219,10 +224,20 @@ extern void fib6_run_gc(unsigned long dummy); extern void fib6_gc_cleanup(void); -extern void fib6_init(void); +extern int fib6_init(void); -extern void fib6_rules_init(void); +#ifdef CONFIG_IPV6_MULTIPLE_TABLES +extern int fib6_rules_init(void); extern void fib6_rules_cleanup(void); - +#else +static inline int fib6_rules_init(void) +{ + return 0; +} +static inline void fib6_rules_cleanup(void) +{ + return ; +} +#endif #endif #endif diff --git a/include/net/ip6_route.h b/include/net/ip6_route.h index 5456fdd6d04..faac0eee1ef 100644 --- a/include/net/ip6_route.h +++ b/include/net/ip6_route.h @@ -43,14 +43,12 @@ extern struct rt6_info ip6_prohibit_entry; extern struct rt6_info ip6_blk_hole_entry; #endif -extern int ip6_rt_gc_interval; - extern void ip6_route_input(struct sk_buff *skb); extern struct dst_entry * ip6_route_output(struct sock *sk, struct flowi *fl); -extern void ip6_route_init(void); +extern int ip6_route_init(void); extern void ip6_route_cleanup(void); extern int ipv6_route_ioctl(unsigned int cmd, void __user *arg); diff --git a/include/net/ip6_tunnel.h b/include/net/ip6_tunnel.h index 29c9da707c7..c17fa1fdc35 100644 --- a/include/net/ip6_tunnel.h +++ b/include/net/ip6_tunnel.h @@ -23,7 +23,7 @@ struct ip6_tnl { struct net_device *dev; /* virtual device associated with tunnel */ struct net_device_stats stat; /* statistics for tunnel device */ int recursion; /* depth of hard_start_xmit recursion */ - struct ip6_tnl_parm parms; /* tunnel configuration paramters */ + struct ip6_tnl_parm parms; /* tunnel configuration parameters */ struct flowi fl; /* flowi template for xmit */ struct dst_entry *dst_cache; /* cached dst */ u32 dst_cookie; diff --git a/include/net/ip_fib.h b/include/net/ip_fib.h index ed514bfb61b..8b12667f7a2 100644 --- a/include/net/ip_fib.h +++ b/include/net/ip_fib.h @@ -69,6 +69,7 @@ struct fib_nh { struct fib_info { struct hlist_node fib_hash; struct hlist_node fib_lhash; + struct net *fib_net; int fib_treeref; atomic_t fib_clntref; int fib_dead; @@ -125,11 +126,15 @@ struct fib_result_nl { #define FIB_RES_NH(res) ((res).fi->fib_nh[(res).nh_sel]) #define FIB_RES_RESET(res) ((res).nh_sel = 0) +#define FIB_TABLE_HASHSZ 2 + #else /* CONFIG_IP_ROUTE_MULTIPATH */ #define FIB_RES_NH(res) ((res).fi->fib_nh[0]) #define FIB_RES_RESET(res) +#define FIB_TABLE_HASHSZ 256 + #endif /* CONFIG_IP_ROUTE_MULTIPATH */ #define FIB_RES_PREFSRC(res) ((res).fi->fib_prefsrc ? : __fib_res_prefsrc(&res)) @@ -141,6 +146,7 @@ struct fib_table { struct hlist_node tb_hlist; u32 tb_id; unsigned tb_stamp; + int tb_default; int (*tb_lookup)(struct fib_table *tb, const struct flowi *flp, struct fib_result *res); int (*tb_insert)(struct fib_table *, struct fib_config *); int (*tb_delete)(struct fib_table *, struct fib_config *); @@ -155,50 +161,51 @@ struct fib_table { #ifndef CONFIG_IP_MULTIPLE_TABLES -extern struct fib_table *ip_fib_local_table; -extern struct fib_table *ip_fib_main_table; +#define TABLE_LOCAL_INDEX 0 +#define TABLE_MAIN_INDEX 1 -static inline struct fib_table *fib_get_table(u32 id) +static inline struct fib_table *fib_get_table(struct net *net, u32 id) { - if (id != RT_TABLE_LOCAL) - return ip_fib_main_table; - return ip_fib_local_table; -} + struct hlist_head *ptr; -static inline struct fib_table *fib_new_table(u32 id) -{ - return fib_get_table(id); + ptr = id == RT_TABLE_LOCAL ? + &net->ipv4.fib_table_hash[TABLE_LOCAL_INDEX] : + &net->ipv4.fib_table_hash[TABLE_MAIN_INDEX]; + return hlist_entry(ptr->first, struct fib_table, tb_hlist); } -static inline int fib_lookup(const struct flowi *flp, struct fib_result *res) +static inline struct fib_table *fib_new_table(struct net *net, u32 id) { - if (ip_fib_local_table->tb_lookup(ip_fib_local_table, flp, res) && - ip_fib_main_table->tb_lookup(ip_fib_main_table, flp, res)) - return -ENETUNREACH; - return 0; + return fib_get_table(net, id); } -static inline void fib_select_default(const struct flowi *flp, struct fib_result *res) +static inline int fib_lookup(struct net *net, const struct flowi *flp, + struct fib_result *res) { - if (FIB_RES_GW(*res) && FIB_RES_NH(*res).nh_scope == RT_SCOPE_LINK) - ip_fib_main_table->tb_select_default(ip_fib_main_table, flp, res); + struct fib_table *table; + + table = fib_get_table(net, RT_TABLE_LOCAL); + if (!table->tb_lookup(table, flp, res)) + return 0; + + table = fib_get_table(net, RT_TABLE_MAIN); + if (!table->tb_lookup(table, flp, res)) + return 0; + return -ENETUNREACH; } #else /* CONFIG_IP_MULTIPLE_TABLES */ -extern void __init fib4_rules_init(void); +extern int __net_init fib4_rules_init(struct net *net); +extern void __net_exit fib4_rules_exit(struct net *net); #ifdef CONFIG_NET_CLS_ROUTE extern u32 fib_rules_tclass(struct fib_result *res); #endif -#define ip_fib_local_table fib_get_table(RT_TABLE_LOCAL) -#define ip_fib_main_table fib_get_table(RT_TABLE_MAIN) - -extern int fib_lookup(struct flowi *flp, struct fib_result *res); +extern int fib_lookup(struct net *n, struct flowi *flp, struct fib_result *res); -extern struct fib_table *fib_new_table(u32 id); -extern struct fib_table *fib_get_table(u32 id); -extern void fib_select_default(const struct flowi *flp, struct fib_result *res); +extern struct fib_table *fib_new_table(struct net *net, u32 id); +extern struct fib_table *fib_get_table(struct net *net, u32 id); #endif /* CONFIG_IP_MULTIPLE_TABLES */ @@ -207,18 +214,20 @@ extern const struct nla_policy rtm_ipv4_policy[]; extern void ip_fib_init(void); extern int fib_validate_source(__be32 src, __be32 dst, u8 tos, int oif, struct net_device *dev, __be32 *spec_dst, u32 *itag); -extern void fib_select_multipath(const struct flowi *flp, struct fib_result *res); - -struct rtentry; +extern void fib_select_default(struct net *net, const struct flowi *flp, + struct fib_result *res); /* Exported by fib_semantics.c */ extern int ip_fib_check_default(__be32 gw, struct net_device *dev); -extern int fib_sync_down(__be32 local, struct net_device *dev, int force); +extern int fib_sync_down_dev(struct net_device *dev, int force); +extern int fib_sync_down_addr(struct net *net, __be32 local); extern int fib_sync_up(struct net_device *dev); extern __be32 __fib_res_prefsrc(struct fib_result *res); +extern void fib_select_multipath(const struct flowi *flp, struct fib_result *res); -/* Exported by fib_hash.c */ -extern struct fib_table *fib_hash_init(u32 id); +/* Exported by fib_{hash|trie}.c */ +extern void fib_hash_init(void); +extern struct fib_table *fib_hash_table(u32 id); static inline void fib_combine_itag(u32 *itag, struct fib_result *res) { @@ -255,8 +264,16 @@ static inline void fib_res_put(struct fib_result *res) } #ifdef CONFIG_PROC_FS -extern int fib_proc_init(void); -extern void fib_proc_exit(void); +extern int __net_init fib_proc_init(struct net *net); +extern void __net_exit fib_proc_exit(struct net *net); +#else +static inline int fib_proc_init(struct net *net) +{ + return 0; +} +static inline void fib_proc_exit(struct net *net) +{ +} #endif #endif /* _NET_FIB_H */ diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index 67ea2c0c0ab..56f3c94ae62 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -9,6 +9,8 @@ #include <asm/types.h> /* For __uXX types */ #include <linux/types.h> /* For __beXX types in userland */ +#include <linux/sysctl.h> /* For ctl_path */ + #define IP_VS_VERSION_CODE 0x010201 #define NVERSION(version) \ (version >> 16) & 0xFF, \ @@ -328,40 +330,6 @@ extern int ip_vs_get_debug_level(void); #define FTPDATA __constant_htons(20) /* - * IPVS sysctl variables under the /proc/sys/net/ipv4/vs/ - */ -#define NET_IPV4_VS 21 - -enum { - NET_IPV4_VS_DEBUG_LEVEL=1, - NET_IPV4_VS_AMEMTHRESH=2, - NET_IPV4_VS_AMDROPRATE=3, - NET_IPV4_VS_DROP_ENTRY=4, - NET_IPV4_VS_DROP_PACKET=5, - NET_IPV4_VS_SECURE_TCP=6, - NET_IPV4_VS_TO_ES=7, - NET_IPV4_VS_TO_SS=8, - NET_IPV4_VS_TO_SR=9, - NET_IPV4_VS_TO_FW=10, - NET_IPV4_VS_TO_TW=11, - NET_IPV4_VS_TO_CL=12, - NET_IPV4_VS_TO_CW=13, - NET_IPV4_VS_TO_LA=14, - NET_IPV4_VS_TO_LI=15, - NET_IPV4_VS_TO_SA=16, - NET_IPV4_VS_TO_UDP=17, - NET_IPV4_VS_TO_ICMP=18, - NET_IPV4_VS_LBLC_EXPIRE=19, - NET_IPV4_VS_LBLCR_EXPIRE=20, - NET_IPV4_VS_CACHE_BYPASS=22, - NET_IPV4_VS_EXPIRE_NODEST_CONN=23, - NET_IPV4_VS_SYNC_THRESHOLD=24, - NET_IPV4_VS_NAT_ICMP_SEND=25, - NET_IPV4_VS_EXPIRE_QUIESCENT_TEMPLATE=26, - NET_IPV4_VS_LAST -}; - -/* * TCP State Values */ enum { @@ -710,7 +678,6 @@ extern const char *ip_vs_proto_name(unsigned proto); extern void ip_vs_init_hash_table(struct list_head *table, int rows); #define IP_VS_INIT_HASH_TABLE(t) ip_vs_init_hash_table(t, sizeof(t)/sizeof(t[0])) -#define IP_VS_APP_TYPE_UNSPEC 0 #define IP_VS_APP_TYPE_FTP 1 /* @@ -769,7 +736,6 @@ extern const char * ip_vs_state_name(__u16 proto, int state); extern void ip_vs_tcp_conn_listen(struct ip_vs_conn *cp); extern int ip_vs_check_template(struct ip_vs_conn *ct); -extern void ip_vs_secure_tcp_set(int on); extern void ip_vs_random_dropentry(void); extern int ip_vs_conn_init(void); extern void ip_vs_conn_cleanup(void); @@ -890,6 +856,7 @@ extern int sysctl_ip_vs_expire_quiescent_template; extern int sysctl_ip_vs_sync_threshold[2]; extern int sysctl_ip_vs_nat_icmp_send; extern struct ip_vs_stats ip_vs_stats; +extern struct ctl_path net_vs_ctl_path[]; extern struct ip_vs_service * ip_vs_service_get(__u32 fwmark, __u16 protocol, __be32 vaddr, __be16 vport); diff --git a/include/net/ipip.h b/include/net/ipip.h index 7cdc914322f..549e132bca9 100644 --- a/include/net/ipip.h +++ b/include/net/ipip.h @@ -2,6 +2,7 @@ #define __NET_IPIP_H 1 #include <linux/if_tunnel.h> +#include <net/ip.h> /* Keep error state on tunnel for 30 sec */ #define IPTUNNEL_ERR_TIMEO (30*HZ) @@ -30,11 +31,9 @@ struct ip_tunnel int pkt_len = skb->len; \ \ skb->ip_summed = CHECKSUM_NONE; \ - iph->tot_len = htons(skb->len); \ ip_select_ident(iph, &rt->u.dst, NULL); \ - ip_send_check(iph); \ \ - err = NF_HOOK(PF_INET, NF_IP_LOCAL_OUT, skb, NULL, rt->u.dst.dev, dst_output);\ + err = ip_local_out(skb); \ if (net_xmit_eval(err) == 0) { \ stats->tx_bytes += pkt_len; \ stats->tx_packets++; \ diff --git a/include/net/ipv6.h b/include/net/ipv6.h index ae328b680ff..c0c019f72ba 100644 --- a/include/net/ipv6.h +++ b/include/net/ipv6.h @@ -109,8 +109,8 @@ struct frag_hdr { #include <net/sock.h> /* sysctls */ -extern int sysctl_ipv6_bindv6only; extern int sysctl_mld_max_msf; +extern struct ctl_path net_ipv6_ctl_path[]; #define _DEVINC(statname, modifier, idev, field) \ ({ \ @@ -143,14 +143,6 @@ DECLARE_SNMP_STAT(struct icmpv6msg_mib, icmpv6msg_statistics); #define ICMP6_INC_STATS_BH(idev, field) _DEVINC(icmpv6, _BH, idev, field) #define ICMP6_INC_STATS_USER(idev, field) _DEVINC(icmpv6, _USER, idev, field) -#define ICMP6_INC_STATS_OFFSET_BH(idev, field, offset) ({ \ - struct inet6_dev *_idev = idev; \ - __typeof__(offset) _offset = (offset); \ - if (likely(_idev != NULL)) \ - SNMP_INC_STATS_OFFSET_BH(_idev->stats.icmpv6, field, _offset); \ - SNMP_INC_STATS_OFFSET_BH(icmpv6_statistics, field, _offset); \ -}) - #define ICMP6MSGOUT_INC_STATS(idev, field) \ _DEVINC(icmpv6msg, , idev, field +256) #define ICMP6MSGOUT_INC_STATS_BH(idev, field) \ @@ -164,15 +156,6 @@ DECLARE_SNMP_STAT(struct icmpv6msg_mib, icmpv6msg_statistics); #define ICMP6MSGIN_INC_STATS_USER(idev, field) \ _DEVINC(icmpv6msg, _USER, idev, field) -DECLARE_SNMP_STAT(struct udp_mib, udp_stats_in6); -DECLARE_SNMP_STAT(struct udp_mib, udplite_stats_in6); -#define UDP6_INC_STATS_BH(field, is_udplite) do { \ - if (is_udplite) SNMP_INC_STATS_BH(udplite_stats_in6, field); \ - else SNMP_INC_STATS_BH(udp_stats_in6, field); } while(0) -#define UDP6_INC_STATS_USER(field, is_udplite) do { \ - if (is_udplite) SNMP_INC_STATS_USER(udplite_stats_in6, field); \ - else SNMP_INC_STATS_USER(udp_stats_in6, field); } while(0) - struct ip6_ra_chain { struct ip6_ra_chain *next; @@ -236,7 +219,7 @@ extern struct ipv6_txoptions *fl6_merge_options(struct ipv6_txoptions * opt_spac struct ipv6_txoptions * fopt); extern void fl6_free_socklist(struct sock *sk); extern int ipv6_flowlabel_opt(struct sock *sk, char __user *optval, int optlen); -extern void ip6_flowlabel_init(void); +extern int ip6_flowlabel_init(void); extern void ip6_flowlabel_cleanup(void); static inline void fl6_sock_release(struct ip6_flowlabel *fl) @@ -261,8 +244,8 @@ struct ipv6_txoptions *ipv6_fixup_options(struct ipv6_txoptions *opt_space, extern int ipv6_opt_accepted(struct sock *sk, struct sk_buff *skb); -int ip6_frag_nqueues(void); -int ip6_frag_mem(void); +int ip6_frag_nqueues(struct net *net); +int ip6_frag_mem(struct net *net); #define IPV6_FRAG_TIMEOUT (60*HZ) /* 60 seconds */ @@ -509,6 +492,9 @@ extern int ip6_forward(struct sk_buff *skb); extern int ip6_input(struct sk_buff *skb); extern int ip6_mc_input(struct sk_buff *skb); +extern int __ip6_local_out(struct sk_buff *skb); +extern int ip6_local_out(struct sk_buff *skb); + /* * Extension header (options) processing */ @@ -559,7 +545,7 @@ extern int compat_ipv6_getsockopt(struct sock *sk, char __user *optval, int __user *optlen); -extern void ipv6_packet_init(void); +extern int ipv6_packet_init(void); extern void ipv6_packet_cleanup(void); @@ -585,9 +571,6 @@ extern int inet6_hash_connect(struct inet_timewait_death_row *death_row, /* * reassembly.c */ -struct inet_frags_ctl; -extern struct inet_frags_ctl ip6_frags_ctl; - extern const struct proto_ops inet6_stream_ops; extern const struct proto_ops inet6_dgram_ops; @@ -631,10 +614,12 @@ static inline int snmp6_unregister_dev(struct inet6_dev *idev) #endif #ifdef CONFIG_SYSCTL -extern ctl_table ipv6_route_table[]; -extern ctl_table ipv6_icmp_table[]; +extern ctl_table ipv6_route_table_template[]; +extern ctl_table ipv6_icmp_table_template[]; -extern void ipv6_sysctl_register(void); +extern struct ctl_table *ipv6_icmp_sysctl_init(struct net *net); +extern struct ctl_table *ipv6_route_sysctl_init(struct net *net); +extern int ipv6_sysctl_register(void); extern void ipv6_sysctl_unregister(void); #endif diff --git a/include/net/irda/discovery.h b/include/net/irda/discovery.h index eb0f9de4729..e4efad1f9ef 100644 --- a/include/net/irda/discovery.h +++ b/include/net/irda/discovery.h @@ -80,7 +80,7 @@ typedef struct discovery_t { irda_queue_t q; /* Must be first! */ discinfo_t data; /* Basic discovery information */ - int name_len; /* Lenght of nickname */ + int name_len; /* Length of nickname */ LAP_REASON condition; /* More info about the discovery */ int gen_addr_bit; /* Need to generate a new device diff --git a/include/net/irda/irda_device.h b/include/net/irda/irda_device.h index bca19ca7bdd..f70e9b39eba 100644 --- a/include/net/irda/irda_device.h +++ b/include/net/irda/irda_device.h @@ -228,21 +228,8 @@ static inline int irda_device_txqueue_empty(const struct net_device *dev) int irda_device_set_raw_mode(struct net_device* self, int status); struct net_device *alloc_irdadev(int sizeof_priv); -/* Dongle interface */ -void irda_device_unregister_dongle(struct dongle_reg *dongle); -int irda_device_register_dongle(struct dongle_reg *dongle); -dongle_t *irda_device_dongle_init(struct net_device *dev, int type); -int irda_device_dongle_cleanup(dongle_t *dongle); - void irda_setup_dma(int channel, dma_addr_t buffer, int count, int mode); -void irda_task_delete(struct irda_task *task); -struct irda_task *irda_task_execute(void *instance, - IRDA_TASK_CALLBACK function, - IRDA_TASK_CALLBACK finished, - struct irda_task *parent, void *param); -void irda_task_next_state(struct irda_task *task, IRDA_TASK_STATE state); - /* * Function irda_get_mtt (skb) * diff --git a/include/net/mac80211.h b/include/net/mac80211.h index 17b60391fcd..9083bafb63c 100644 --- a/include/net/mac80211.h +++ b/include/net/mac80211.h @@ -139,17 +139,54 @@ enum ieee80211_phymode { }; /** + * struct ieee80211_ht_info - describing STA's HT capabilities + * + * This structure describes most essential parameters needed + * to describe 802.11n HT capabilities for an STA. + * + * @ht_supported: is HT supported by STA, 0: no, 1: yes + * @cap: HT capabilities map as described in 802.11n spec + * @ampdu_factor: Maximum A-MPDU length factor + * @ampdu_density: Minimum A-MPDU spacing + * @supp_mcs_set: Supported MCS set as described in 802.11n spec + */ +struct ieee80211_ht_info { + u8 ht_supported; + u16 cap; /* use IEEE80211_HT_CAP_ */ + u8 ampdu_factor; + u8 ampdu_density; + u8 supp_mcs_set[16]; +}; + +/** + * struct ieee80211_ht_bss_info - describing BSS's HT characteristics + * + * This structure describes most essential parameters needed + * to describe 802.11n HT characteristics in a BSS + * + * @primary_channel: channel number of primery channel + * @bss_cap: 802.11n's general BSS capabilities (e.g. channel width) + * @bss_op_mode: 802.11n's BSS operation modes (e.g. HT protection) + */ +struct ieee80211_ht_bss_info { + u8 primary_channel; + u8 bss_cap; /* use IEEE80211_HT_IE_CHA_ */ + u8 bss_op_mode; /* use IEEE80211_HT_IE_ */ +}; + +/** * struct ieee80211_hw_mode - PHY mode definition * * This structure describes the capabilities supported by the device * in a single PHY mode. * + * @list: internal + * @channels: pointer to array of supported channels + * @rates: pointer to array of supported bitrates * @mode: the PHY mode for this definition * @num_channels: number of supported channels - * @channels: pointer to array of supported channels * @num_rates: number of supported bitrates - * @rates: pointer to array of supported bitrates - * @list: internal + * @ht_info: PHY's 802.11n HT abilities for this mode */ struct ieee80211_hw_mode { struct list_head list; @@ -158,6 +195,7 @@ struct ieee80211_hw_mode { enum ieee80211_phymode mode; int num_channels; int num_rates; + struct ieee80211_ht_info ht_info; }; /** @@ -237,11 +275,49 @@ struct ieee80211_low_level_stats { unsigned int dot11RTSSuccessCount; }; +/** + * enum ieee80211_bss_change - BSS change notification flags + * + * These flags are used with the bss_info_changed() callback + * to indicate which BSS parameter changed. + * + * @BSS_CHANGED_ASSOC: association status changed (associated/disassociated), + * also implies a change in the AID. + * @BSS_CHANGED_ERP_CTS_PROT: CTS protection changed + * @BSS_CHANGED_ERP_PREAMBLE: preamble changed + */ +enum ieee80211_bss_change { + BSS_CHANGED_ASSOC = 1<<0, + BSS_CHANGED_ERP_CTS_PROT = 1<<1, + BSS_CHANGED_ERP_PREAMBLE = 1<<2, +}; + +/** + * struct ieee80211_bss_conf - holds the BSS's changing parameters + * + * This structure keeps information about a BSS (and an association + * to that BSS) that can change during the lifetime of the BSS. + * + * @assoc: association status + * @aid: association ID number, valid only when @assoc is true + * @use_cts_prot: use CTS protection + * @use_short_preamble: use 802.11b short preamble + */ +struct ieee80211_bss_conf { + /* association related data */ + bool assoc; + u16 aid; + /* erp related data */ + bool use_cts_prot; + bool use_short_preamble; +}; + /* Transmit control fields. This data structure is passed to low-level driver * with each TX frame. The low-level driver is responsible for configuring * the hardware to use given values (depending on what is supported). */ struct ieee80211_tx_control { + struct ieee80211_vif *vif; int tx_rate; /* Transmit rate, given as the hw specific value for the * rate (from struct ieee80211_rate) */ int rts_cts_rate; /* Transmit rate for RTS/CTS frame, given as the hw @@ -269,6 +345,9 @@ struct ieee80211_tx_control { * using the through * set_retry_limit configured * long retry value */ +#define IEEE80211_TXCTL_EAPOL_FRAME (1<<11) /* internal to mac80211 */ +#define IEEE80211_TXCTL_SEND_AFTER_DTIM (1<<12) /* send this frame after DTIM + * beacon */ u32 flags; /* tx control flags defined * above */ u8 key_idx; /* keyidx from hw->set_key(), undefined if @@ -291,7 +370,6 @@ struct ieee80211_tx_control { * packet dropping when probing higher rates, if hw * supports multiple retry rates. -1 = not used */ int type; /* internal */ - int ifindex; /* internal */ }; @@ -312,6 +390,8 @@ struct ieee80211_tx_control { * the frame. * @RX_FLAG_FAILED_PLCP_CRC: Set this flag if the PCLP check failed on * the frame. + * @RX_FLAG_TSFT: The timestamp passed in the RX status (@mactime field) + * is valid. */ enum mac80211_rx_flags { RX_FLAG_MMIC_ERROR = 1<<0, @@ -321,6 +401,7 @@ enum mac80211_rx_flags { RX_FLAG_IV_STRIPPED = 1<<4, RX_FLAG_FAILED_FCS_CRC = 1<<5, RX_FLAG_FAILED_PLCP_CRC = 1<<6, + RX_FLAG_TSFT = 1<<7, }; /** @@ -406,11 +487,12 @@ struct ieee80211_tx_status { * * @IEEE80211_CONF_SHORT_SLOT_TIME: use 802.11g short slot time * @IEEE80211_CONF_RADIOTAP: add radiotap header at receive time (if supported) - * + * @IEEE80211_CONF_SUPPORT_HT_MODE: use 802.11n HT capabilities (if supported) */ enum ieee80211_conf_flags { - IEEE80211_CONF_SHORT_SLOT_TIME = 1<<0, - IEEE80211_CONF_RADIOTAP = 1<<1, + IEEE80211_CONF_SHORT_SLOT_TIME = (1<<0), + IEEE80211_CONF_RADIOTAP = (1<<1), + IEEE80211_CONF_SUPPORT_HT_MODE = (1<<2), }; /** @@ -434,6 +516,8 @@ enum ieee80211_conf_flags { * @antenna_sel_tx: transmit antenna selection, 0: default/diversity, * 1/2: antenna 0/1 * @antenna_sel_rx: receive antenna selection, like @antenna_sel_tx + * @ht_conf: describes current self configuration of 802.11n HT capabilies + * @ht_bss_conf: describes current BSS configuration of 802.11n HT parameters */ struct ieee80211_conf { int channel; /* IEEE 802.11 channel number */ @@ -452,6 +536,9 @@ struct ieee80211_conf { u8 antenna_max; u8 antenna_sel_tx; u8 antenna_sel_rx; + + struct ieee80211_ht_info ht_conf; + struct ieee80211_ht_bss_info ht_bss_conf; }; /** @@ -480,13 +567,27 @@ enum ieee80211_if_types { }; /** + * struct ieee80211_vif - per-interface data + * + * Data in this structure is continually present for driver + * use during the life of a virtual interface. + * + * @type: type of this virtual interface + * @drv_priv: data area for driver use, will always be aligned to + * sizeof(void *). + */ +struct ieee80211_vif { + enum ieee80211_if_types type; + /* must be last */ + u8 drv_priv[0] __attribute__((__aligned__(sizeof(void *)))); +}; + +/** * struct ieee80211_if_init_conf - initial configuration of an interface * - * @if_id: internal interface ID. This number has no particular meaning to - * drivers and the only allowed usage is to pass it to - * ieee80211_beacon_get() and ieee80211_get_buffered_bc() functions. - * This field is not valid for monitor interfaces - * (interfaces of %IEEE80211_IF_TYPE_MNTR type). + * @vif: pointer to a driver-use per-interface structure. The pointer + * itself is also used for various functions including + * ieee80211_beacon_get() and ieee80211_get_buffered_bc(). * @type: one of &enum ieee80211_if_types constants. Determines the type of * added/removed interface. * @mac_addr: pointer to MAC address of the interface. This pointer is valid @@ -503,8 +604,8 @@ enum ieee80211_if_types { * in pure monitor mode. */ struct ieee80211_if_init_conf { - int if_id; enum ieee80211_if_types type; + struct ieee80211_vif *vif; void *mac_addr; }; @@ -597,9 +698,6 @@ struct ieee80211_key_conf { u8 key[0]; }; -#define IEEE80211_SEQ_COUNTER_RX 0 -#define IEEE80211_SEQ_COUNTER_TX 1 - /** * enum set_key_cmd - key command * @@ -710,6 +808,9 @@ enum ieee80211_hw_flags { * @rate_control_algorithm: rate control algorithm for this hardware. * If unset (NULL), the default algorithm will be used. Must be * set before calling ieee80211_register_hw(). + * + * @vif_data_size: size (in bytes) of the drv_priv data area + * within &struct ieee80211_vif. */ struct ieee80211_hw { struct ieee80211_conf conf; @@ -720,6 +821,7 @@ struct ieee80211_hw { u32 flags; unsigned int extra_tx_headroom; int channel_change_time; + int vif_data_size; u8 queues; s8 max_rssi; s8 max_signal; @@ -859,19 +961,18 @@ enum ieee80211_filter_flags { }; /** - * enum ieee80211_erp_change_flags - erp change flags + * enum ieee80211_ampdu_mlme_action - A-MPDU actions * - * These flags are used with the erp_ie_changed() callback in - * &struct ieee80211_ops to indicate which parameter(s) changed. - * @IEEE80211_ERP_CHANGE_PROTECTION: protection changed - * @IEEE80211_ERP_CHANGE_PREAMBLE: barker preamble mode changed + * These flags are used with the ampdu_action() callback in + * &struct ieee80211_ops to indicate which action is needed. + * @IEEE80211_AMPDU_RX_START: start Rx aggregation + * @IEEE80211_AMPDU_RX_STOP: stop Rx aggregation */ -enum ieee80211_erp_change_flags { - IEEE80211_ERP_CHANGE_PROTECTION = 1<<0, - IEEE80211_ERP_CHANGE_PREAMBLE = 1<<1, +enum ieee80211_ampdu_mlme_action { + IEEE80211_AMPDU_RX_START, + IEEE80211_AMPDU_RX_STOP, }; - /** * struct ieee80211_ops - callbacks from mac80211 to the driver * @@ -927,6 +1028,14 @@ enum ieee80211_erp_change_flags { * @config_interface: Handler for configuration requests related to interfaces * (e.g. BSSID changes.) * + * @bss_info_changed: Handler for configuration requests related to BSS + * parameters that may vary during BSS's lifespan, and may affect low + * level driver (e.g. assoc/disassoc status, erp parameters). + * This function should not be used if no BSS has been set, unless + * for association indication. The @changed parameter indicates which + * of the bss parameters has changed when a call is made. This callback + * has to be atomic. + * * @configure_filter: Configure the device's RX filter. * See the section "Frame filtering" for more information. * This callback must be implemented and atomic. @@ -946,9 +1055,9 @@ enum ieee80211_erp_change_flags { * * @get_stats: return low-level statistics * - * @get_sequence_counter: For devices that have internal sequence counters this - * callback allows mac80211 to access the current value of a counter. - * This callback seems not well-defined, tell us if you need it. + * @get_tkip_seq: If your device implements TKIP encryption in hardware this + * callback should be provided to read the TKIP transmit IVs (both IV32 + * and IV16) for the given key from hardware. * * @set_rts_threshold: Configuration of RTS threshold (if device needs it) * @@ -961,8 +1070,6 @@ enum ieee80211_erp_change_flags { * @sta_notify: Notifies low level driver about addition or removal * of assocaited station or AP. * - * @erp_ie_changed: Handle ERP IE change notifications. Must be atomic. - * * @conf_tx: Configure TX queue parameters (EDCF (aifs, cw_min, cw_max), * bursting) for a hardware TX queue. The @queue parameter uses the * %IEEE80211_TX_QUEUE_* constants. Must be atomic. @@ -997,6 +1104,14 @@ enum ieee80211_erp_change_flags { * @tx_last_beacon: Determine whether the last IBSS beacon was sent by us. * This is needed only for IBSS mode and the result of this function is * used to determine whether to reply to Probe Requests. + * + * @conf_ht: Configures low level driver with 802.11n HT data. Must be atomic. + * + * @ampdu_action: Perform a certain A-MPDU action + * The RA/TID combination determines the destination and TID we want + * the ampdu action to be performed for. The action is defined through + * ieee80211_ampdu_mlme_action. Starting sequence number (@ssn) + * is the first frame we expect to perform the action on. */ struct ieee80211_ops { int (*tx)(struct ieee80211_hw *hw, struct sk_buff *skb, @@ -1009,7 +1124,12 @@ struct ieee80211_ops { struct ieee80211_if_init_conf *conf); int (*config)(struct ieee80211_hw *hw, struct ieee80211_conf *conf); int (*config_interface)(struct ieee80211_hw *hw, - int if_id, struct ieee80211_if_conf *conf); + struct ieee80211_vif *vif, + struct ieee80211_if_conf *conf); + void (*bss_info_changed)(struct ieee80211_hw *hw, + struct ieee80211_vif *vif, + struct ieee80211_bss_conf *info, + u32 changed); void (*configure_filter)(struct ieee80211_hw *hw, unsigned int changed_flags, unsigned int *total_flags, @@ -1021,17 +1141,14 @@ struct ieee80211_ops { int (*hw_scan)(struct ieee80211_hw *hw, u8 *ssid, size_t len); int (*get_stats)(struct ieee80211_hw *hw, struct ieee80211_low_level_stats *stats); - int (*get_sequence_counter)(struct ieee80211_hw *hw, - u8* addr, u8 keyidx, u8 txrx, - u32* iv32, u16* iv16); + void (*get_tkip_seq)(struct ieee80211_hw *hw, u8 hw_key_idx, + u32 *iv32, u16 *iv16); int (*set_rts_threshold)(struct ieee80211_hw *hw, u32 value); int (*set_frag_threshold)(struct ieee80211_hw *hw, u32 value); int (*set_retry_limit)(struct ieee80211_hw *hw, u32 short_retry, u32 long_retr); - void (*sta_notify)(struct ieee80211_hw *hw, int if_id, + void (*sta_notify)(struct ieee80211_hw *hw, struct ieee80211_vif *vif, enum sta_notify_cmd, const u8 *addr); - void (*erp_ie_changed)(struct ieee80211_hw *hw, u8 changes, - int cts_protection, int preamble); int (*conf_tx)(struct ieee80211_hw *hw, int queue, const struct ieee80211_tx_queue_params *params); int (*get_tx_stats)(struct ieee80211_hw *hw, @@ -1042,6 +1159,10 @@ struct ieee80211_ops { struct sk_buff *skb, struct ieee80211_tx_control *control); int (*tx_last_beacon)(struct ieee80211_hw *hw); + int (*conf_ht)(struct ieee80211_hw *hw, struct ieee80211_conf *conf); + int (*ampdu_action)(struct ieee80211_hw *hw, + enum ieee80211_ampdu_mlme_action action, + const u8 *ra, u16 tid, u16 ssn); }; /** @@ -1073,6 +1194,7 @@ int ieee80211_register_hw(struct ieee80211_hw *hw); extern char *__ieee80211_get_tx_led_name(struct ieee80211_hw *hw); extern char *__ieee80211_get_rx_led_name(struct ieee80211_hw *hw); extern char *__ieee80211_get_assoc_led_name(struct ieee80211_hw *hw); +extern char *__ieee80211_get_radio_led_name(struct ieee80211_hw *hw); #endif /** * ieee80211_get_tx_led_name - get name of TX LED @@ -1112,6 +1234,16 @@ static inline char *ieee80211_get_rx_led_name(struct ieee80211_hw *hw) #endif } +/** + * ieee80211_get_assoc_led_name - get name of association LED + * + * mac80211 creates a association LED trigger for each wireless hardware + * that can be used to drive LEDs if your driver registers a LED device. + * This function returns the name (or %NULL if not configured for LEDs) + * of the trigger so you can automatically link the LED device. + * + * @hw: the hardware to get the LED trigger name for + */ static inline char *ieee80211_get_assoc_led_name(struct ieee80211_hw *hw) { #ifdef CONFIG_MAC80211_LEDS @@ -1121,6 +1253,24 @@ static inline char *ieee80211_get_assoc_led_name(struct ieee80211_hw *hw) #endif } +/** + * ieee80211_get_radio_led_name - get name of radio LED + * + * mac80211 creates a radio change LED trigger for each wireless hardware + * that can be used to drive LEDs if your driver registers a LED device. + * This function returns the name (or %NULL if not configured for LEDs) + * of the trigger so you can automatically link the LED device. + * + * @hw: the hardware to get the LED trigger name for + */ +static inline char *ieee80211_get_radio_led_name(struct ieee80211_hw *hw) +{ +#ifdef CONFIG_MAC80211_LEDS + return __ieee80211_get_radio_led_name(hw); +#else + return NULL; +#endif +} /* Register a new hardware PHYMODE capability to the stack. */ int ieee80211_register_hwmode(struct ieee80211_hw *hw, @@ -1210,7 +1360,7 @@ void ieee80211_tx_status_irqsafe(struct ieee80211_hw *hw, /** * ieee80211_beacon_get - beacon generation function * @hw: pointer obtained from ieee80211_alloc_hw(). - * @if_id: interface ID from &struct ieee80211_if_init_conf. + * @vif: &struct ieee80211_vif pointer from &struct ieee80211_if_init_conf. * @control: will be filled with information needed to send this beacon. * * If the beacon frames are generated by the host system (i.e., not in @@ -1221,13 +1371,13 @@ void ieee80211_tx_status_irqsafe(struct ieee80211_hw *hw, * is responsible of freeing it. */ struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw, - int if_id, + struct ieee80211_vif *vif, struct ieee80211_tx_control *control); /** * ieee80211_rts_get - RTS frame generation function * @hw: pointer obtained from ieee80211_alloc_hw(). - * @if_id: interface ID from &struct ieee80211_if_init_conf. + * @vif: &struct ieee80211_vif pointer from &struct ieee80211_if_init_conf. * @frame: pointer to the frame that is going to be protected by the RTS. * @frame_len: the frame length (in octets). * @frame_txctl: &struct ieee80211_tx_control of the frame. @@ -1238,7 +1388,7 @@ struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw, * the next RTS frame from the 802.11 code. The low-level is responsible * for calling this function before and RTS frame is needed. */ -void ieee80211_rts_get(struct ieee80211_hw *hw, int if_id, +void ieee80211_rts_get(struct ieee80211_hw *hw, struct ieee80211_vif *vif, const void *frame, size_t frame_len, const struct ieee80211_tx_control *frame_txctl, struct ieee80211_rts *rts); @@ -1246,7 +1396,7 @@ void ieee80211_rts_get(struct ieee80211_hw *hw, int if_id, /** * ieee80211_rts_duration - Get the duration field for an RTS frame * @hw: pointer obtained from ieee80211_alloc_hw(). - * @if_id: interface ID from &struct ieee80211_if_init_conf. + * @vif: &struct ieee80211_vif pointer from &struct ieee80211_if_init_conf. * @frame_len: the length of the frame that is going to be protected by the RTS. * @frame_txctl: &struct ieee80211_tx_control of the frame. * @@ -1254,14 +1404,14 @@ void ieee80211_rts_get(struct ieee80211_hw *hw, int if_id, * the duration field, the low-level driver uses this function to receive * the duration field value in little-endian byteorder. */ -__le16 ieee80211_rts_duration(struct ieee80211_hw *hw, int if_id, - size_t frame_len, +__le16 ieee80211_rts_duration(struct ieee80211_hw *hw, + struct ieee80211_vif *vif, size_t frame_len, const struct ieee80211_tx_control *frame_txctl); /** * ieee80211_ctstoself_get - CTS-to-self frame generation function * @hw: pointer obtained from ieee80211_alloc_hw(). - * @if_id: interface ID from &struct ieee80211_if_init_conf. + * @vif: &struct ieee80211_vif pointer from &struct ieee80211_if_init_conf. * @frame: pointer to the frame that is going to be protected by the CTS-to-self. * @frame_len: the frame length (in octets). * @frame_txctl: &struct ieee80211_tx_control of the frame. @@ -1272,7 +1422,8 @@ __le16 ieee80211_rts_duration(struct ieee80211_hw *hw, int if_id, * the next CTS-to-self frame from the 802.11 code. The low-level is responsible * for calling this function before and CTS-to-self frame is needed. */ -void ieee80211_ctstoself_get(struct ieee80211_hw *hw, int if_id, +void ieee80211_ctstoself_get(struct ieee80211_hw *hw, + struct ieee80211_vif *vif, const void *frame, size_t frame_len, const struct ieee80211_tx_control *frame_txctl, struct ieee80211_cts *cts); @@ -1280,7 +1431,7 @@ void ieee80211_ctstoself_get(struct ieee80211_hw *hw, int if_id, /** * ieee80211_ctstoself_duration - Get the duration field for a CTS-to-self frame * @hw: pointer obtained from ieee80211_alloc_hw(). - * @if_id: interface ID from &struct ieee80211_if_init_conf. + * @vif: &struct ieee80211_vif pointer from &struct ieee80211_if_init_conf. * @frame_len: the length of the frame that is going to be protected by the CTS-to-self. * @frame_txctl: &struct ieee80211_tx_control of the frame. * @@ -1288,28 +1439,30 @@ void ieee80211_ctstoself_get(struct ieee80211_hw *hw, int if_id, * the duration field, the low-level driver uses this function to receive * the duration field value in little-endian byteorder. */ -__le16 ieee80211_ctstoself_duration(struct ieee80211_hw *hw, int if_id, +__le16 ieee80211_ctstoself_duration(struct ieee80211_hw *hw, + struct ieee80211_vif *vif, size_t frame_len, const struct ieee80211_tx_control *frame_txctl); /** * ieee80211_generic_frame_duration - Calculate the duration field for a frame * @hw: pointer obtained from ieee80211_alloc_hw(). - * @if_id: interface ID from &struct ieee80211_if_init_conf. + * @vif: &struct ieee80211_vif pointer from &struct ieee80211_if_init_conf. * @frame_len: the length of the frame. * @rate: the rate (in 100kbps) at which the frame is going to be transmitted. * * Calculate the duration field of some generic frame, given its * length and transmission rate (in 100kbps). */ -__le16 ieee80211_generic_frame_duration(struct ieee80211_hw *hw, int if_id, +__le16 ieee80211_generic_frame_duration(struct ieee80211_hw *hw, + struct ieee80211_vif *vif, size_t frame_len, int rate); /** * ieee80211_get_buffered_bc - accessing buffered broadcast and multicast frames * @hw: pointer as obtained from ieee80211_alloc_hw(). - * @if_id: interface ID from &struct ieee80211_if_init_conf. + * @vif: &struct ieee80211_vif pointer from &struct ieee80211_if_init_conf. * @control: will be filled with information needed to send returned frame. * * Function for accessing buffered broadcast and multicast frames. If @@ -1328,7 +1481,7 @@ __le16 ieee80211_generic_frame_duration(struct ieee80211_hw *hw, int if_id, * use common code for all beacons. */ struct sk_buff * -ieee80211_get_buffered_bc(struct ieee80211_hw *hw, int if_id, +ieee80211_get_buffered_bc(struct ieee80211_hw *hw, struct ieee80211_vif *vif, struct ieee80211_tx_control *control); /** @@ -1406,4 +1559,19 @@ void ieee80211_wake_queues(struct ieee80211_hw *hw); */ void ieee80211_scan_completed(struct ieee80211_hw *hw); +/** + * ieee80211_iterate_active_interfaces - iterate active interfaces + * + * This function iterates over the interfaces associated with a given + * hardware that are currently active and calls the callback for them. + * + * @hw: the hardware struct of which the interfaces should be iterated over + * @iterator: the iterator function to call, cannot sleep + * @data: first argument of the iterator function + */ +void ieee80211_iterate_active_interfaces(struct ieee80211_hw *hw, + void (*iterator)(void *data, u8 *mac, + struct ieee80211_vif *vif), + void *data); + #endif /* MAC80211_H */ diff --git a/include/net/neighbour.h b/include/net/neighbour.h index a4f26187fc1..ebbfb509822 100644 --- a/include/net/neighbour.h +++ b/include/net/neighbour.h @@ -26,6 +26,10 @@ #include <linux/sysctl.h> #include <net/rtnetlink.h> +/* + * NUD stands for "neighbor unreachability detection" + */ + #define NUD_IN_TIMER (NUD_INCOMPLETE|NUD_REACHABLE|NUD_DELAY|NUD_PROBE) #define NUD_VALID (NUD_PERMANENT|NUD_NOARP|NUD_REACHABLE|NUD_PROBE|NUD_STALE|NUD_DELAY) #define NUD_CONNECTED (NUD_PERMANENT|NUD_NOARP|NUD_REACHABLE) @@ -34,6 +38,7 @@ struct neighbour; struct neigh_parms { + struct net *net; struct net_device *dev; struct neigh_parms *next; int (*neigh_setup)(struct neighbour *); @@ -126,7 +131,8 @@ struct neigh_ops struct pneigh_entry { struct pneigh_entry *next; - struct net_device *dev; + struct net *net; + struct net_device *dev; u8 flags; u8 key[0]; }; @@ -187,6 +193,7 @@ extern struct neighbour * neigh_lookup(struct neigh_table *tbl, const void *pkey, struct net_device *dev); extern struct neighbour * neigh_lookup_nodev(struct neigh_table *tbl, + struct net *net, const void *pkey); extern struct neighbour * neigh_create(struct neigh_table *tbl, const void *pkey, @@ -206,13 +213,12 @@ extern struct neighbour *neigh_event_ns(struct neigh_table *tbl, extern struct neigh_parms *neigh_parms_alloc(struct net_device *dev, struct neigh_table *tbl); extern void neigh_parms_release(struct neigh_table *tbl, struct neigh_parms *parms); -extern void neigh_parms_destroy(struct neigh_parms *parms); extern unsigned long neigh_rand_reach_time(unsigned long base); extern void pneigh_enqueue(struct neigh_table *tbl, struct neigh_parms *p, struct sk_buff *skb); -extern struct pneigh_entry *pneigh_lookup(struct neigh_table *tbl, const void *key, struct net_device *dev, int creat); -extern int pneigh_delete(struct neigh_table *tbl, const void *key, struct net_device *dev); +extern struct pneigh_entry *pneigh_lookup(struct neigh_table *tbl, struct net *net, const void *key, struct net_device *dev, int creat); +extern int pneigh_delete(struct neigh_table *tbl, struct net *net, const void *key, struct net_device *dev); extern void neigh_app_ns(struct neighbour *n); extern void neigh_for_each(struct neigh_table *tbl, void (*cb)(struct neighbour *, void *), void *cookie); @@ -220,6 +226,7 @@ extern void __neigh_for_each_release(struct neigh_table *tbl, int (*cb)(struct n extern void pneigh_for_each(struct neigh_table *tbl, void (*cb)(struct pneigh_entry *)); struct neigh_seq_state { + struct seq_net_private p; struct neigh_table *tbl; void *(*neigh_sub_iter)(struct neigh_seq_state *state, struct neighbour *n, loff_t *pos); @@ -246,12 +253,6 @@ static inline void __neigh_parms_put(struct neigh_parms *parms) atomic_dec(&parms->refcnt); } -static inline void neigh_parms_put(struct neigh_parms *parms) -{ - if (atomic_dec_and_test(&parms->refcnt)) - neigh_parms_destroy(parms); -} - static inline struct neigh_parms *neigh_parms_clone(struct neigh_parms *parms) { atomic_inc(&parms->refcnt); @@ -288,10 +289,6 @@ static inline int neigh_is_connected(struct neighbour *neigh) return neigh->nud_state&NUD_CONNECTED; } -static inline int neigh_is_valid(struct neighbour *neigh) -{ - return neigh->nud_state&NUD_VALID; -} static inline int neigh_event_send(struct neighbour *neigh, struct sk_buff *skb) { diff --git a/include/net/net_namespace.h b/include/net/net_namespace.h index 5dd6d90b37e..28738b7d53e 100644 --- a/include/net/net_namespace.h +++ b/include/net/net_namespace.h @@ -8,8 +8,17 @@ #include <linux/workqueue.h> #include <linux/list.h> +#include <net/netns/unix.h> +#include <net/netns/packet.h> +#include <net/netns/ipv4.h> +#include <net/netns/ipv6.h> +#include <net/netns/x_tables.h> + struct proc_dir_entry; struct net_device; +struct sock; +struct ctl_table_header; + struct net { atomic_t count; /* To decided when the network * namespace should be freed. @@ -24,11 +33,33 @@ struct net { struct proc_dir_entry *proc_net_stat; struct proc_dir_entry *proc_net_root; + struct list_head sysctl_table_headers; + struct net_device *loopback_dev; /* The loopback */ struct list_head dev_base_head; struct hlist_head *dev_name_head; struct hlist_head *dev_index_head; + + /* core fib_rules */ + struct list_head rules_ops; + spinlock_t rules_mod_lock; + + struct sock *rtnl; /* rtnetlink socket */ + + /* core sysctls */ + struct ctl_table_header *sysctl_core_hdr; + int sysctl_somaxconn; + + struct netns_packet packet; + struct netns_unix unx; + struct netns_ipv4 ipv4; +#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) + struct netns_ipv6 ipv6; +#endif +#ifdef CONFIG_NETFILTER + struct netns_xt xt; +#endif }; #ifdef CONFIG_NET @@ -137,4 +168,11 @@ extern void unregister_pernet_subsys(struct pernet_operations *); extern int register_pernet_device(struct pernet_operations *); extern void unregister_pernet_device(struct pernet_operations *); +struct ctl_path; +struct ctl_table; +struct ctl_table_header; +extern struct ctl_table_header *register_net_sysctl_table(struct net *net, + const struct ctl_path *path, struct ctl_table *table); +extern void unregister_net_sysctl_table(struct ctl_table_header *header); + #endif /* __NET_NET_NAMESPACE_H */ diff --git a/include/net/netevent.h b/include/net/netevent.h index e5d21624142..e82b7bab3ff 100644 --- a/include/net/netevent.h +++ b/include/net/netevent.h @@ -12,7 +12,7 @@ */ #ifdef __KERNEL__ -#include <net/dst.h> +struct dst_entry; struct netevent_redirect { struct dst_entry *old; diff --git a/include/net/netfilter/ipv6/nf_conntrack_ipv6.h b/include/net/netfilter/ipv6/nf_conntrack_ipv6.h index f703533fb4d..abc55ad75c2 100644 --- a/include/net/netfilter/ipv6/nf_conntrack_ipv6.h +++ b/include/net/netfilter/ipv6/nf_conntrack_ipv6.h @@ -16,6 +16,8 @@ extern void nf_ct_frag6_output(unsigned int hooknum, struct sk_buff *skb, int (*okfn)(struct sk_buff *)); struct inet_frags_ctl; -extern struct inet_frags_ctl nf_frags_ctl; + +#include <linux/sysctl.h> +extern struct ctl_table nf_ct_ipv6_sysctl_table[]; #endif /* _NF_CONNTRACK_IPV6_H*/ diff --git a/include/net/netfilter/nf_conntrack.h b/include/net/netfilter/nf_conntrack.h index 90fb66d99d0..90b3e7f5df5 100644 --- a/include/net/netfilter/nf_conntrack.h +++ b/include/net/netfilter/nf_conntrack.h @@ -129,6 +129,8 @@ struct nf_conn /* Extensions */ struct nf_ct_ext *ext; + + struct rcu_head rcu; }; static inline struct nf_conn * @@ -143,7 +145,7 @@ nf_ct_tuplehash_to_ctrack(const struct nf_conntrack_tuple_hash *hash) /* Alter reply tuple (maybe alter helper). */ extern void -nf_conntrack_alter_reply(struct nf_conn *conntrack, +nf_conntrack_alter_reply(struct nf_conn *ct, const struct nf_conntrack_tuple *newreply); /* Is this tuple taken? (ignoring any belonging to the given @@ -171,13 +173,12 @@ static inline void nf_ct_put(struct nf_conn *ct) extern int nf_ct_l3proto_try_module_get(unsigned short l3proto); extern void nf_ct_l3proto_module_put(unsigned short l3proto); -extern struct hlist_head *nf_ct_alloc_hashtable(int *sizep, int *vmalloced); +extern struct hlist_head *nf_ct_alloc_hashtable(unsigned int *sizep, int *vmalloced); extern void nf_ct_free_hashtable(struct hlist_head *hash, int vmalloced, - int size); + unsigned int size); extern struct nf_conntrack_tuple_hash * -__nf_conntrack_find(const struct nf_conntrack_tuple *tuple, - const struct nf_conn *ignored_conntrack); +__nf_conntrack_find(const struct nf_conntrack_tuple *tuple); extern void nf_conntrack_hash_insert(struct nf_conn *ct); @@ -215,16 +216,14 @@ static inline void nf_ct_refresh(struct nf_conn *ct, /* These are for NAT. Icky. */ /* Update TCP window tracking data when NAT mangles the packet */ -extern void nf_conntrack_tcp_update(struct sk_buff *skb, +extern void nf_conntrack_tcp_update(const struct sk_buff *skb, unsigned int dataoff, - struct nf_conn *conntrack, + struct nf_conn *ct, int dir); /* Fake conntrack entry for untracked connections */ extern struct nf_conn nf_conntrack_untracked; -extern int nf_ct_no_defrag; - /* Iterate over all conntracks: if iter returns true, it's deleted. */ extern void nf_ct_iterate_cleanup(int (*iter)(struct nf_conn *i, void *data), void *data); @@ -249,6 +248,7 @@ static inline int nf_ct_is_untracked(const struct sk_buff *skb) return (skb->nfct == &nf_conntrack_untracked.ct_general); } +extern int nf_conntrack_set_hashsize(const char *val, struct kernel_param *kp); extern unsigned int nf_conntrack_htable_size; extern int nf_conntrack_checksum; extern atomic_t nf_conntrack_count; @@ -263,10 +263,5 @@ do { \ local_bh_enable(); \ } while (0) -extern int -nf_conntrack_register_cache(u_int32_t features, const char *name, size_t size); -extern void -nf_conntrack_unregister_cache(u_int32_t features); - #endif /* __KERNEL__ */ #endif /* _NF_CONNTRACK_H */ diff --git a/include/net/netfilter/nf_conntrack_core.h b/include/net/netfilter/nf_conntrack_core.h index a532e7b5ed6..9ee26469c75 100644 --- a/include/net/netfilter/nf_conntrack_core.h +++ b/include/net/netfilter/nf_conntrack_core.h @@ -30,16 +30,6 @@ extern void nf_conntrack_cleanup(void); extern int nf_conntrack_proto_init(void); extern void nf_conntrack_proto_fini(void); -extern int nf_conntrack_helper_init(void); -extern void nf_conntrack_helper_fini(void); - -struct nf_conntrack_l3proto; -extern struct nf_conntrack_l3proto *nf_ct_find_l3proto(u_int16_t pf); -/* Like above, but you already have conntrack read lock. */ -extern struct nf_conntrack_l3proto *__nf_ct_find_l3proto(u_int16_t l3proto); - -struct nf_conntrack_l4proto; - extern int nf_ct_get_tuple(const struct sk_buff *skb, unsigned int nhoff, @@ -76,15 +66,13 @@ static inline int nf_conntrack_confirm(struct sk_buff *skb) return ret; } -extern void __nf_conntrack_attach(struct sk_buff *nskb, struct sk_buff *skb); - int print_tuple(struct seq_file *s, const struct nf_conntrack_tuple *tuple, - struct nf_conntrack_l3proto *l3proto, - struct nf_conntrack_l4proto *proto); + const struct nf_conntrack_l3proto *l3proto, + const struct nf_conntrack_l4proto *proto); extern struct hlist_head *nf_conntrack_hash; -extern rwlock_t nf_conntrack_lock ; +extern spinlock_t nf_conntrack_lock ; extern struct hlist_head unconfirmed; #endif /* _NF_CONNTRACK_CORE_H */ diff --git a/include/net/netfilter/nf_conntrack_expect.h b/include/net/netfilter/nf_conntrack_expect.h index b47c04f12db..cb608a1b44e 100644 --- a/include/net/netfilter/nf_conntrack_expect.h +++ b/include/net/netfilter/nf_conntrack_expect.h @@ -49,6 +49,8 @@ struct nf_conntrack_expect /* Direction relative to the master connection. */ enum ip_conntrack_dir dir; #endif + + struct rcu_head rcu; }; #define NF_CT_EXPECT_PERMANENT 0x1 @@ -73,8 +75,8 @@ void nf_ct_unexpect_related(struct nf_conntrack_expect *exp); nf_ct_expect_related. You will have to call put afterwards. */ struct nf_conntrack_expect *nf_ct_expect_alloc(struct nf_conn *me); void nf_ct_expect_init(struct nf_conntrack_expect *, int, - union nf_conntrack_address *, - union nf_conntrack_address *, + union nf_inet_addr *, + union nf_inet_addr *, u_int8_t, __be16 *, __be16 *); void nf_ct_expect_put(struct nf_conntrack_expect *exp); int nf_ct_expect_related(struct nf_conntrack_expect *expect); diff --git a/include/net/netfilter/nf_conntrack_helper.h b/include/net/netfilter/nf_conntrack_helper.h index d7b2d5483a7..4ca125e9b3c 100644 --- a/include/net/netfilter/nf_conntrack_helper.h +++ b/include/net/netfilter/nf_conntrack_helper.h @@ -43,12 +43,8 @@ extern struct nf_conntrack_helper * __nf_ct_helper_find(const struct nf_conntrack_tuple *tuple); extern struct nf_conntrack_helper * -nf_ct_helper_find_get( const struct nf_conntrack_tuple *tuple); - -extern struct nf_conntrack_helper * __nf_conntrack_helper_find_byname(const char *name); -extern void nf_ct_helper_put(struct nf_conntrack_helper *helper); extern int nf_conntrack_helper_register(struct nf_conntrack_helper *); extern void nf_conntrack_helper_unregister(struct nf_conntrack_helper *); @@ -58,4 +54,8 @@ static inline struct nf_conn_help *nfct_help(const struct nf_conn *ct) { return nf_ct_ext_find(ct, NF_CT_EXT_HELPER); } + +extern int nf_conntrack_helper_init(void); +extern void nf_conntrack_helper_fini(void); + #endif /*_NF_CONNTRACK_HELPER_H*/ diff --git a/include/net/netfilter/nf_conntrack_l3proto.h b/include/net/netfilter/nf_conntrack_l3proto.h index 15888fc7b72..b886e3ae6ca 100644 --- a/include/net/netfilter/nf_conntrack_l3proto.h +++ b/include/net/netfilter/nf_conntrack_l3proto.h @@ -42,11 +42,8 @@ struct nf_conntrack_l3proto int (*print_tuple)(struct seq_file *s, const struct nf_conntrack_tuple *); - /* Print out the private part of the conntrack. */ - int (*print_conntrack)(struct seq_file *s, const struct nf_conn *); - /* Returns verdict for packet, or -1 for invalid. */ - int (*packet)(struct nf_conn *conntrack, + int (*packet)(struct nf_conn *ct, const struct sk_buff *skb, enum ip_conntrack_info ctinfo); @@ -54,7 +51,7 @@ struct nf_conntrack_l3proto * Called when a new connection for this protocol found; * returns TRUE if it's OK. If so, packet() called next. */ - int (*new)(struct nf_conn *conntrack, const struct sk_buff *skb); + int (*new)(struct nf_conn *ct, const struct sk_buff *skb); /* * Called before tracking. @@ -73,7 +70,7 @@ struct nf_conntrack_l3proto #ifdef CONFIG_SYSCTL struct ctl_table_header *ctl_table_header; - struct ctl_table *ctl_table_path; + struct ctl_path *ctl_table_path; struct ctl_table *ctl_table; #endif /* CONFIG_SYSCTL */ diff --git a/include/net/netfilter/nf_conntrack_l4proto.h b/include/net/netfilter/nf_conntrack_l4proto.h index fb50c217ba0..efc16eccddb 100644 --- a/include/net/netfilter/nf_conntrack_l4proto.h +++ b/include/net/netfilter/nf_conntrack_l4proto.h @@ -23,9 +23,6 @@ struct nf_conntrack_l4proto /* L4 Protocol number. */ u_int8_t l4proto; - /* Protocol name */ - const char *name; - /* Try to fill in the third arg: dataoff is offset past network protocol hdr. Return true if possible. */ int (*pkt_to_tuple)(const struct sk_buff *skb, @@ -38,15 +35,8 @@ struct nf_conntrack_l4proto int (*invert_tuple)(struct nf_conntrack_tuple *inverse, const struct nf_conntrack_tuple *orig); - /* Print out the per-protocol part of the tuple. Return like seq_* */ - int (*print_tuple)(struct seq_file *s, - const struct nf_conntrack_tuple *); - - /* Print out the private part of the conntrack. */ - int (*print_conntrack)(struct seq_file *s, const struct nf_conn *); - /* Returns verdict for packet, or -1 for invalid. */ - int (*packet)(struct nf_conn *conntrack, + int (*packet)(struct nf_conn *ct, const struct sk_buff *skb, unsigned int dataoff, enum ip_conntrack_info ctinfo, @@ -55,16 +45,23 @@ struct nf_conntrack_l4proto /* Called when a new connection for this protocol found; * returns TRUE if it's OK. If so, packet() called next. */ - int (*new)(struct nf_conn *conntrack, const struct sk_buff *skb, + int (*new)(struct nf_conn *ct, const struct sk_buff *skb, unsigned int dataoff); /* Called when a conntrack entry is destroyed */ - void (*destroy)(struct nf_conn *conntrack); + void (*destroy)(struct nf_conn *ct); int (*error)(struct sk_buff *skb, unsigned int dataoff, enum ip_conntrack_info *ctinfo, int pf, unsigned int hooknum); + /* Print out the per-protocol part of the tuple. Return like seq_* */ + int (*print_tuple)(struct seq_file *s, + const struct nf_conntrack_tuple *); + + /* Print out the private part of the conntrack. */ + int (*print_conntrack)(struct seq_file *s, const struct nf_conn *); + /* convert protoinfo to nfnetink attributes */ int (*to_nlattr)(struct sk_buff *skb, struct nlattr *nla, const struct nf_conn *ct); @@ -87,6 +84,8 @@ struct nf_conntrack_l4proto struct ctl_table *ctl_compat_table; #endif #endif + /* Protocol name */ + const char *name; /* Module (if any) which this is connected to. */ struct module *me; diff --git a/include/net/netfilter/nf_conntrack_tuple.h b/include/net/netfilter/nf_conntrack_tuple.h index c48e390f4b0..e69ab2e8759 100644 --- a/include/net/netfilter/nf_conntrack_tuple.h +++ b/include/net/netfilter/nf_conntrack_tuple.h @@ -10,6 +10,7 @@ #ifndef _NF_CONNTRACK_TUPLE_H #define _NF_CONNTRACK_TUPLE_H +#include <linux/netfilter/x_tables.h> #include <linux/netfilter/nf_conntrack_tuple_common.h> /* A `tuple' is a structure containing the information to uniquely @@ -20,15 +21,7 @@ "non-manipulatable" lines, for the benefit of the NAT code. */ -#define NF_CT_TUPLE_L3SIZE 4 - -/* The l3 protocol-specific manipulable parts of the tuple: always in - network order! */ -union nf_conntrack_address { - u_int32_t all[NF_CT_TUPLE_L3SIZE]; - __be32 ip; - __be32 ip6[4]; -}; +#define NF_CT_TUPLE_L3SIZE ARRAY_SIZE(((union nf_inet_addr *)NULL)->all) /* The protocol-specific manipulable parts of the tuple: always in network order! */ @@ -57,7 +50,7 @@ union nf_conntrack_man_proto /* The manipulable part of the tuple. */ struct nf_conntrack_man { - union nf_conntrack_address u3; + union nf_inet_addr u3; union nf_conntrack_man_proto u; /* Layer 3 protocol */ u_int16_t l3num; @@ -70,7 +63,7 @@ struct nf_conntrack_tuple /* These are the parts of the tuple which are fixed. */ struct { - union nf_conntrack_address u3; + union nf_inet_addr u3; union { /* Add other protocols here. */ __be16 all; @@ -103,7 +96,7 @@ struct nf_conntrack_tuple struct nf_conntrack_tuple_mask { struct { - union nf_conntrack_address u3; + union nf_inet_addr u3; union nf_conntrack_man_proto u; } src; }; @@ -139,34 +132,33 @@ struct nf_conntrack_tuple_hash #endif /* __KERNEL__ */ -static inline int nf_ct_tuple_src_equal(const struct nf_conntrack_tuple *t1, - const struct nf_conntrack_tuple *t2) +static inline int __nf_ct_tuple_src_equal(const struct nf_conntrack_tuple *t1, + const struct nf_conntrack_tuple *t2) { return (t1->src.u3.all[0] == t2->src.u3.all[0] && t1->src.u3.all[1] == t2->src.u3.all[1] && t1->src.u3.all[2] == t2->src.u3.all[2] && t1->src.u3.all[3] == t2->src.u3.all[3] && t1->src.u.all == t2->src.u.all && - t1->src.l3num == t2->src.l3num && - t1->dst.protonum == t2->dst.protonum); + t1->src.l3num == t2->src.l3num); } -static inline int nf_ct_tuple_dst_equal(const struct nf_conntrack_tuple *t1, - const struct nf_conntrack_tuple *t2) +static inline int __nf_ct_tuple_dst_equal(const struct nf_conntrack_tuple *t1, + const struct nf_conntrack_tuple *t2) { return (t1->dst.u3.all[0] == t2->dst.u3.all[0] && t1->dst.u3.all[1] == t2->dst.u3.all[1] && t1->dst.u3.all[2] == t2->dst.u3.all[2] && t1->dst.u3.all[3] == t2->dst.u3.all[3] && t1->dst.u.all == t2->dst.u.all && - t1->src.l3num == t2->src.l3num && t1->dst.protonum == t2->dst.protonum); } static inline int nf_ct_tuple_equal(const struct nf_conntrack_tuple *t1, const struct nf_conntrack_tuple *t2) { - return nf_ct_tuple_src_equal(t1, t2) && nf_ct_tuple_dst_equal(t1, t2); + return __nf_ct_tuple_src_equal(t1, t2) && + __nf_ct_tuple_dst_equal(t1, t2); } static inline int nf_ct_tuple_mask_equal(const struct nf_conntrack_tuple_mask *m1, @@ -206,7 +198,7 @@ static inline int nf_ct_tuple_mask_cmp(const struct nf_conntrack_tuple *t, const struct nf_conntrack_tuple_mask *mask) { return nf_ct_tuple_src_mask_cmp(t, tuple, mask) && - nf_ct_tuple_dst_equal(t, tuple); + __nf_ct_tuple_dst_equal(t, tuple); } #endif /* _NF_CONNTRACK_TUPLE_H */ diff --git a/include/net/netfilter/nf_log.h b/include/net/netfilter/nf_log.h new file mode 100644 index 00000000000..8c6b5ae4553 --- /dev/null +++ b/include/net/netfilter/nf_log.h @@ -0,0 +1,59 @@ +#ifndef _NF_LOG_H +#define _NF_LOG_H + +/* those NF_LOG_* defines and struct nf_loginfo are legacy definitios that will + * disappear once iptables is replaced with pkttables. Please DO NOT use them + * for any new code! */ +#define NF_LOG_TCPSEQ 0x01 /* Log TCP sequence numbers */ +#define NF_LOG_TCPOPT 0x02 /* Log TCP options */ +#define NF_LOG_IPOPT 0x04 /* Log IP options */ +#define NF_LOG_UID 0x08 /* Log UID owning local socket */ +#define NF_LOG_MASK 0x0f + +#define NF_LOG_TYPE_LOG 0x01 +#define NF_LOG_TYPE_ULOG 0x02 + +struct nf_loginfo { + u_int8_t type; + union { + struct { + u_int32_t copy_len; + u_int16_t group; + u_int16_t qthreshold; + } ulog; + struct { + u_int8_t level; + u_int8_t logflags; + } log; + } u; +}; + +typedef void nf_logfn(unsigned int pf, + unsigned int hooknum, + const struct sk_buff *skb, + const struct net_device *in, + const struct net_device *out, + const struct nf_loginfo *li, + const char *prefix); + +struct nf_logger { + struct module *me; + nf_logfn *logfn; + char *name; +}; + +/* Function to register/unregister log function. */ +int nf_log_register(int pf, const struct nf_logger *logger); +void nf_log_unregister(const struct nf_logger *logger); +void nf_log_unregister_pf(int pf); + +/* Calls the registered backend logging function */ +void nf_log_packet(int pf, + unsigned int hooknum, + const struct sk_buff *skb, + const struct net_device *in, + const struct net_device *out, + const struct nf_loginfo *li, + const char *fmt, ...) __attribute__ ((format(printf,7,8))); + +#endif /* _NF_LOG_H */ diff --git a/include/net/netfilter/nf_nat.h b/include/net/netfilter/nf_nat.h index 6ae52f7c9f5..9dc1039ff78 100644 --- a/include/net/netfilter/nf_nat.h +++ b/include/net/netfilter/nf_nat.h @@ -12,7 +12,8 @@ enum nf_nat_manip_type }; /* SRC manip occurs POST_ROUTING or LOCAL_IN */ -#define HOOK2MANIP(hooknum) ((hooknum) != NF_IP_POST_ROUTING && (hooknum) != NF_IP_LOCAL_IN) +#define HOOK2MANIP(hooknum) ((hooknum) != NF_INET_POST_ROUTING && \ + (hooknum) != NF_INET_LOCAL_IN) #define IP_NAT_RANGE_MAP_IPS 1 #define IP_NAT_RANGE_PROTO_SPECIFIED 2 @@ -79,7 +80,7 @@ struct nf_conn_nat /* Set up the info structure to map into this range. */ extern unsigned int nf_nat_setup_info(struct nf_conn *ct, const struct nf_nat_range *range, - unsigned int hooknum); + enum nf_nat_manip_type maniptype); /* Is this tuple already taken? (not by us)*/ extern int nf_nat_used_tuple(const struct nf_conntrack_tuple *tuple, diff --git a/include/net/netfilter/nf_nat_protocol.h b/include/net/netfilter/nf_nat_protocol.h index 04578bfe23e..4aa0edbb5b9 100644 --- a/include/net/netfilter/nf_nat_protocol.h +++ b/include/net/netfilter/nf_nat_protocol.h @@ -46,21 +46,21 @@ struct nf_nat_protocol }; /* Protocol registration. */ -extern int nf_nat_protocol_register(struct nf_nat_protocol *proto); -extern void nf_nat_protocol_unregister(struct nf_nat_protocol *proto); +extern int nf_nat_protocol_register(const struct nf_nat_protocol *proto); +extern void nf_nat_protocol_unregister(const struct nf_nat_protocol *proto); -extern struct nf_nat_protocol *nf_nat_proto_find_get(u_int8_t protocol); -extern void nf_nat_proto_put(struct nf_nat_protocol *proto); +extern const struct nf_nat_protocol *nf_nat_proto_find_get(u_int8_t protocol); +extern void nf_nat_proto_put(const struct nf_nat_protocol *proto); /* Built-in protocols. */ -extern struct nf_nat_protocol nf_nat_protocol_tcp; -extern struct nf_nat_protocol nf_nat_protocol_udp; -extern struct nf_nat_protocol nf_nat_protocol_icmp; -extern struct nf_nat_protocol nf_nat_unknown_protocol; +extern const struct nf_nat_protocol nf_nat_protocol_tcp; +extern const struct nf_nat_protocol nf_nat_protocol_udp; +extern const struct nf_nat_protocol nf_nat_protocol_icmp; +extern const struct nf_nat_protocol nf_nat_unknown_protocol; extern int init_protocols(void) __init; extern void cleanup_protocols(void); -extern struct nf_nat_protocol *find_nat_proto(u_int16_t protonum); +extern const struct nf_nat_protocol *find_nat_proto(u_int16_t protonum); extern int nf_nat_port_range_to_nlattr(struct sk_buff *skb, const struct nf_nat_range *range); diff --git a/include/net/netfilter/nf_queue.h b/include/net/netfilter/nf_queue.h new file mode 100644 index 00000000000..d030044e923 --- /dev/null +++ b/include/net/netfilter/nf_queue.h @@ -0,0 +1,34 @@ +#ifndef _NF_QUEUE_H +#define _NF_QUEUE_H + +/* Each queued (to userspace) skbuff has one of these. */ +struct nf_queue_entry { + struct list_head list; + struct sk_buff *skb; + unsigned int id; + + struct nf_hook_ops *elem; + int pf; + unsigned int hook; + struct net_device *indev; + struct net_device *outdev; + int (*okfn)(struct sk_buff *); +}; + +#define nf_queue_entry_reroute(x) ((void *)x + sizeof(struct nf_queue_entry)) + +/* Packet queuing */ +struct nf_queue_handler { + int (*outfn)(struct nf_queue_entry *entry, + unsigned int queuenum); + char *name; +}; + +extern int nf_register_queue_handler(int pf, + const struct nf_queue_handler *qh); +extern int nf_unregister_queue_handler(int pf, + const struct nf_queue_handler *qh); +extern void nf_unregister_queue_handlers(const struct nf_queue_handler *qh); +extern void nf_reinject(struct nf_queue_entry *entry, unsigned int verdict); + +#endif /* _NF_QUEUE_H */ diff --git a/include/net/netfilter/xt_rateest.h b/include/net/netfilter/xt_rateest.h new file mode 100644 index 00000000000..65d594dffbf --- /dev/null +++ b/include/net/netfilter/xt_rateest.h @@ -0,0 +1,17 @@ +#ifndef _XT_RATEEST_H +#define _XT_RATEEST_H + +struct xt_rateest { + struct hlist_node list; + char name[IFNAMSIZ]; + unsigned int refcnt; + spinlock_t lock; + struct gnet_estimator params; + struct gnet_stats_rate_est rstats; + struct gnet_stats_basic bstats; +}; + +extern struct xt_rateest *xt_rateest_lookup(const char *name); +extern void xt_rateest_put(struct xt_rateest *est); + +#endif /* _XT_RATEEST_H */ diff --git a/include/net/netlabel.h b/include/net/netlabel.h index 2e5b2f6f9fa..0ca67d73c7a 100644 --- a/include/net/netlabel.h +++ b/include/net/netlabel.h @@ -36,6 +36,8 @@ #include <net/netlink.h> #include <asm/atomic.h> +struct cipso_v4_doi; + /* * NetLabel - A management interface for maintaining network packet label * mapping tables for explicit packet labling protocols. @@ -67,7 +69,11 @@ * NetLabel NETLINK protocol */ -#define NETLBL_PROTO_VERSION 1 +/* NetLabel NETLINK protocol version + * 1: initial version + * 2: added static labels for unlabeled connections + */ +#define NETLBL_PROTO_VERSION 2 /* NetLabel NETLINK types/families */ #define NETLBL_NLTYPE_NONE 0 @@ -99,23 +105,49 @@ struct netlbl_audit { uid_t loginuid; }; -/* Domain mapping definition struct */ -struct netlbl_dom_map; - -/* Domain mapping operations */ -int netlbl_domhsh_remove(const char *domain, struct netlbl_audit *audit_info); +/* + * LSM security attributes + */ -/* LSM security attributes */ +/** + * struct netlbl_lsm_cache - NetLabel LSM security attribute cache + * @refcount: atomic reference counter + * @free: LSM supplied function to free the cache data + * @data: LSM supplied cache data + * + * Description: + * This structure is provided for LSMs which wish to make use of the NetLabel + * caching mechanism to store LSM specific data/attributes in the NetLabel + * cache. If the LSM has to perform a lot of translation from the NetLabel + * security attributes into it's own internal representation then the cache + * mechanism can provide a way to eliminate some or all of that translation + * overhead on a cache hit. + * + */ struct netlbl_lsm_cache { atomic_t refcount; void (*free) (const void *data); void *data; }; -/* The catmap bitmap field MUST be a power of two in length and large + +/** + * struct netlbl_lsm_secattr_catmap - NetLabel LSM secattr category bitmap + * @startbit: the value of the lowest order bit in the bitmap + * @bitmap: the category bitmap + * @next: pointer to the next bitmap "node" or NULL + * + * Description: + * This structure is used to represent category bitmaps. Due to the large + * number of categories supported by most labeling protocols it is not + * practical to transfer a full bitmap internally so NetLabel adopts a sparse + * bitmap structure modeled after SELinux's ebitmap structure. + * The catmap bitmap field MUST be a power of two in length and large * enough to hold at least 240 bits. Special care (i.e. check the code!) * should be used when changing these values as the LSM implementation * probably has functions which rely on the sizes of these types to speed - * processing. */ + * processing. + * + */ #define NETLBL_CATMAP_MAPTYPE u64 #define NETLBL_CATMAP_MAPCNT 4 #define NETLBL_CATMAP_MAPSIZE (sizeof(NETLBL_CATMAP_MAPTYPE) * 8) @@ -127,22 +159,48 @@ struct netlbl_lsm_secattr_catmap { NETLBL_CATMAP_MAPTYPE bitmap[NETLBL_CATMAP_MAPCNT]; struct netlbl_lsm_secattr_catmap *next; }; + +/** + * struct netlbl_lsm_secattr - NetLabel LSM security attributes + * @flags: indicate which attributes are contained in this structure + * @type: indicate the NLTYPE of the attributes + * @domain: the NetLabel LSM domain + * @cache: NetLabel LSM specific cache + * @attr.mls: MLS sensitivity label + * @attr.mls.cat: MLS category bitmap + * @attr.mls.lvl: MLS sensitivity level + * @attr.secid: LSM specific secid token + * + * Description: + * This structure is used to pass security attributes between NetLabel and the + * LSM modules. The flags field is used to specify which fields within the + * struct are valid and valid values can be created by bitwise OR'ing the + * NETLBL_SECATTR_* defines. The domain field is typically set by the LSM to + * specify domain specific configuration settings and is not usually used by + * NetLabel itself when returning security attributes to the LSM. + * + */ #define NETLBL_SECATTR_NONE 0x00000000 #define NETLBL_SECATTR_DOMAIN 0x00000001 #define NETLBL_SECATTR_CACHE 0x00000002 #define NETLBL_SECATTR_MLS_LVL 0x00000004 #define NETLBL_SECATTR_MLS_CAT 0x00000008 +#define NETLBL_SECATTR_SECID 0x00000010 #define NETLBL_SECATTR_CACHEABLE (NETLBL_SECATTR_MLS_LVL | \ - NETLBL_SECATTR_MLS_CAT) + NETLBL_SECATTR_MLS_CAT | \ + NETLBL_SECATTR_SECID) struct netlbl_lsm_secattr { u32 flags; - + u32 type; char *domain; - - u32 mls_lvl; - struct netlbl_lsm_secattr_catmap *mls_cat; - struct netlbl_lsm_cache *cache; + union { + struct { + struct netlbl_lsm_secattr_catmap *cat; + u32 lvl; + } mls; + u32 secid; + } attr; }; /* @@ -231,10 +289,7 @@ static inline void netlbl_secattr_catmap_free( */ static inline void netlbl_secattr_init(struct netlbl_lsm_secattr *secattr) { - secattr->flags = 0; - secattr->domain = NULL; - secattr->mls_cat = NULL; - secattr->cache = NULL; + memset(secattr, 0, sizeof(*secattr)); } /** @@ -248,11 +303,11 @@ static inline void netlbl_secattr_init(struct netlbl_lsm_secattr *secattr) */ static inline void netlbl_secattr_destroy(struct netlbl_lsm_secattr *secattr) { - if (secattr->cache) - netlbl_secattr_cache_free(secattr->cache); kfree(secattr->domain); - if (secattr->mls_cat) - netlbl_secattr_catmap_free(secattr->mls_cat); + if (secattr->flags & NETLBL_SECATTR_CACHE) + netlbl_secattr_cache_free(secattr->cache); + if (secattr->flags & NETLBL_SECATTR_MLS_CAT) + netlbl_secattr_catmap_free(secattr->attr.mls.cat); } /** @@ -285,6 +340,19 @@ static inline void netlbl_secattr_free(struct netlbl_lsm_secattr *secattr) #ifdef CONFIG_NETLABEL /* + * LSM configuration operations + */ +int netlbl_cfg_map_del(const char *domain, struct netlbl_audit *audit_info); +int netlbl_cfg_unlbl_add_map(const char *domain, + struct netlbl_audit *audit_info); +int netlbl_cfg_cipsov4_add(struct cipso_v4_doi *doi_def, + struct netlbl_audit *audit_info); +int netlbl_cfg_cipsov4_add_map(struct cipso_v4_doi *doi_def, + const char *domain, + struct netlbl_audit *audit_info); +int netlbl_cfg_cipsov4_del(u32 doi, struct netlbl_audit *audit_info); + +/* * LSM security attribute operations */ int netlbl_secattr_catmap_walk(struct netlbl_lsm_secattr_catmap *catmap, @@ -300,7 +368,7 @@ int netlbl_secattr_catmap_setrng(struct netlbl_lsm_secattr_catmap *catmap, gfp_t flags); /* - * LSM protocol operations + * LSM protocol operations (NetLabel LSM/kernel API) */ int netlbl_enabled(void); int netlbl_sock_setattr(struct sock *sk, @@ -308,6 +376,7 @@ int netlbl_sock_setattr(struct sock *sk, int netlbl_sock_getattr(struct sock *sk, struct netlbl_lsm_secattr *secattr); int netlbl_skbuff_getattr(const struct sk_buff *skb, + u16 family, struct netlbl_lsm_secattr *secattr); void netlbl_skbuff_err(struct sk_buff *skb, int error); @@ -318,6 +387,32 @@ void netlbl_cache_invalidate(void); int netlbl_cache_add(const struct sk_buff *skb, const struct netlbl_lsm_secattr *secattr); #else +static inline int netlbl_cfg_map_del(const char *domain, + struct netlbl_audit *audit_info) +{ + return -ENOSYS; +} +static inline int netlbl_cfg_unlbl_add_map(const char *domain, + struct netlbl_audit *audit_info) +{ + return -ENOSYS; +} +static inline int netlbl_cfg_cipsov4_add(struct cipso_v4_doi *doi_def, + struct netlbl_audit *audit_info) +{ + return -ENOSYS; +} +static inline int netlbl_cfg_cipsov4_add_map(struct cipso_v4_doi *doi_def, + const char *domain, + struct netlbl_audit *audit_info) +{ + return -ENOSYS; +} +static inline int netlbl_cfg_cipsov4_del(u32 doi, + struct netlbl_audit *audit_info) +{ + return -ENOSYS; +} static inline int netlbl_secattr_catmap_walk( struct netlbl_lsm_secattr_catmap *catmap, u32 offset) @@ -360,6 +455,7 @@ static inline int netlbl_sock_getattr(struct sock *sk, return -ENOSYS; } static inline int netlbl_skbuff_getattr(const struct sk_buff *skb, + u16 family, struct netlbl_lsm_secattr *secattr) { return -ENOSYS; diff --git a/include/net/netlink.h b/include/net/netlink.h index 9298218c07f..a5506c42f03 100644 --- a/include/net/netlink.h +++ b/include/net/netlink.h @@ -91,6 +91,7 @@ * nla_reserve_nohdr(skb, len) reserve room for an attribute w/o hdr * nla_put(skb, type, len, data) add attribute to skb * nla_put_nohdr(skb, len, data) add attribute w/o hdr + * nla_append(skb, len, data) append data to skb * * Attribute Construction for Basic Types: * nla_put_u8(skb, type, value) add u8 attribute to skb @@ -217,6 +218,7 @@ struct nla_policy { */ struct nl_info { struct nlmsghdr *nlh; + struct net *nl_net; u32 pid; }; @@ -253,6 +255,8 @@ extern int nla_put(struct sk_buff *skb, int attrtype, int attrlen, const void *data); extern int nla_put_nohdr(struct sk_buff *skb, int attrlen, const void *data); +extern int nla_append(struct sk_buff *skb, int attrlen, + const void *data); /************************************************************************** * Netlink Messages @@ -862,7 +866,7 @@ static inline int nla_put_msecs(struct sk_buff *skb, int attrtype, #define NLA_PUT(skb, attrtype, attrlen, data) \ do { \ - if (nla_put(skb, attrtype, attrlen, data) < 0) \ + if (unlikely(nla_put(skb, attrtype, attrlen, data) < 0)) \ goto nla_put_failure; \ } while(0) @@ -881,6 +885,9 @@ static inline int nla_put_msecs(struct sk_buff *skb, int attrtype, #define NLA_PUT_LE16(skb, attrtype, value) \ NLA_PUT_TYPE(skb, __le16, attrtype, value) +#define NLA_PUT_BE16(skb, attrtype, value) \ + NLA_PUT_TYPE(skb, __be16, attrtype, value) + #define NLA_PUT_U32(skb, attrtype, value) \ NLA_PUT_TYPE(skb, u32, attrtype, value) @@ -927,6 +934,15 @@ static inline u16 nla_get_u16(struct nlattr *nla) } /** + * nla_get_be16 - return payload of __be16 attribute + * @nla: __be16 netlink attribute + */ +static inline __be16 nla_get_be16(struct nlattr *nla) +{ + return *(__be16 *) nla_data(nla); +} + +/** * nla_get_le16 - return payload of __le16 attribute * @nla: __le16 netlink attribute */ diff --git a/include/net/netns/ipv4.h b/include/net/netns/ipv4.h new file mode 100644 index 00000000000..a9b4f608629 --- /dev/null +++ b/include/net/netns/ipv4.h @@ -0,0 +1,37 @@ +/* + * ipv4 in net namespaces + */ + +#ifndef __NETNS_IPV4_H__ +#define __NETNS_IPV4_H__ + +#include <net/inet_frag.h> + +struct ctl_table_header; +struct ipv4_devconf; +struct fib_rules_ops; +struct hlist_head; +struct sock; + +struct netns_ipv4 { +#ifdef CONFIG_SYSCTL + struct ctl_table_header *forw_hdr; + struct ctl_table_header *frags_hdr; +#endif + struct ipv4_devconf *devconf_all; + struct ipv4_devconf *devconf_dflt; +#ifdef CONFIG_IP_MULTIPLE_TABLES + struct fib_rules_ops *rules_ops; +#endif + struct hlist_head *fib_table_hash; + struct sock *fibnl; + + struct netns_frags frags; +#ifdef CONFIG_NETFILTER + struct xt_table *iptable_filter; + struct xt_table *iptable_mangle; + struct xt_table *iptable_raw; + struct xt_table *arptable_filter; +#endif +}; +#endif diff --git a/include/net/netns/ipv6.h b/include/net/netns/ipv6.h new file mode 100644 index 00000000000..1dd7de4e419 --- /dev/null +++ b/include/net/netns/ipv6.h @@ -0,0 +1,40 @@ +/* + * ipv6 in net namespaces + */ + +#include <net/inet_frag.h> + +#ifndef __NETNS_IPV6_H__ +#define __NETNS_IPV6_H__ + +struct ctl_table_header; + +struct netns_sysctl_ipv6 { +#ifdef CONFIG_SYSCTL + struct ctl_table_header *table; + struct ctl_table_header *frags_hdr; +#endif + int bindv6only; + int flush_delay; + int ip6_rt_max_size; + int ip6_rt_gc_min_interval; + int ip6_rt_gc_timeout; + int ip6_rt_gc_interval; + int ip6_rt_gc_elasticity; + int ip6_rt_mtu_expires; + int ip6_rt_min_advmss; + int icmpv6_time; +}; + +struct netns_ipv6 { + struct netns_sysctl_ipv6 sysctl; + struct ipv6_devconf *devconf_all; + struct ipv6_devconf *devconf_dflt; + struct netns_frags frags; +#ifdef CONFIG_NETFILTER + struct xt_table *ip6table_filter; + struct xt_table *ip6table_mangle; + struct xt_table *ip6table_raw; +#endif +}; +#endif diff --git a/include/net/netns/packet.h b/include/net/netns/packet.h new file mode 100644 index 00000000000..637daf69888 --- /dev/null +++ b/include/net/netns/packet.h @@ -0,0 +1,15 @@ +/* + * Packet network namespace + */ +#ifndef __NETNS_PACKET_H__ +#define __NETNS_PACKET_H__ + +#include <linux/list.h> +#include <linux/spinlock.h> + +struct netns_packet { + rwlock_t sklist_lock; + struct hlist_head sklist; +}; + +#endif /* __NETNS_PACKET_H__ */ diff --git a/include/net/netns/unix.h b/include/net/netns/unix.h new file mode 100644 index 00000000000..284649d4dfb --- /dev/null +++ b/include/net/netns/unix.h @@ -0,0 +1,13 @@ +/* + * Unix network namespace + */ +#ifndef __NETNS_UNIX_H__ +#define __NETNS_UNIX_H__ + +struct ctl_table_header; +struct netns_unix { + int sysctl_max_dgram_qlen; + struct ctl_table_header *ctl; +}; + +#endif /* __NETNS_UNIX_H__ */ diff --git a/include/net/netns/x_tables.h b/include/net/netns/x_tables.h new file mode 100644 index 00000000000..0cb63ed2c1f --- /dev/null +++ b/include/net/netns/x_tables.h @@ -0,0 +1,10 @@ +#ifndef __NETNS_X_TABLES_H +#define __NETNS_X_TABLES_H + +#include <linux/list.h> +#include <linux/net.h> + +struct netns_xt { + struct list_head tables[NPROTO]; +}; +#endif diff --git a/include/net/pkt_cls.h b/include/net/pkt_cls.h index f285de69c61..d349c66ef82 100644 --- a/include/net/pkt_cls.h +++ b/include/net/pkt_cls.h @@ -2,7 +2,6 @@ #define __NET_PKT_CLS_H #include <linux/pkt_cls.h> -#include <net/net_namespace.h> #include <net/sch_generic.h> #include <net/act_api.h> @@ -130,16 +129,16 @@ tcf_exts_exec(struct sk_buff *skb, struct tcf_exts *exts, return 0; } -extern int tcf_exts_validate(struct tcf_proto *tp, struct rtattr **tb, - struct rtattr *rate_tlv, struct tcf_exts *exts, - struct tcf_ext_map *map); +extern int tcf_exts_validate(struct tcf_proto *tp, struct nlattr **tb, + struct nlattr *rate_tlv, struct tcf_exts *exts, + const struct tcf_ext_map *map); extern void tcf_exts_destroy(struct tcf_proto *tp, struct tcf_exts *exts); extern void tcf_exts_change(struct tcf_proto *tp, struct tcf_exts *dst, struct tcf_exts *src); extern int tcf_exts_dump(struct sk_buff *skb, struct tcf_exts *exts, - struct tcf_ext_map *map); + const struct tcf_ext_map *map); extern int tcf_exts_dump_stats(struct sk_buff *skb, struct tcf_exts *exts, - struct tcf_ext_map *map); + const struct tcf_ext_map *map); /** * struct tcf_pkt_info - packet information @@ -248,7 +247,7 @@ struct tcf_ematch_ops extern int tcf_em_register(struct tcf_ematch_ops *); extern int tcf_em_unregister(struct tcf_ematch_ops *); -extern int tcf_em_tree_validate(struct tcf_proto *, struct rtattr *, +extern int tcf_em_tree_validate(struct tcf_proto *, struct nlattr *, struct tcf_ematch_tree *); extern void tcf_em_tree_destroy(struct tcf_proto *, struct tcf_ematch_tree *); extern int tcf_em_tree_dump(struct sk_buff *, struct tcf_ematch_tree *, int); @@ -336,10 +335,12 @@ static inline int tcf_valid_offset(const struct sk_buff *skb, } #ifdef CONFIG_NET_CLS_IND +#include <net/net_namespace.h> + static inline int -tcf_change_indev(struct tcf_proto *tp, char *indev, struct rtattr *indev_tlv) +tcf_change_indev(struct tcf_proto *tp, char *indev, struct nlattr *indev_tlv) { - if (rtattr_strlcpy(indev, indev_tlv, IFNAMSIZ) >= IFNAMSIZ) + if (nla_strlcpy(indev, indev_tlv, IFNAMSIZ) >= IFNAMSIZ) return -EINVAL; return 0; } diff --git a/include/net/pkt_sched.h b/include/net/pkt_sched.h index ab61809a961..46fb4d80c74 100644 --- a/include/net/pkt_sched.h +++ b/include/net/pkt_sched.h @@ -77,7 +77,7 @@ extern int unregister_qdisc(struct Qdisc_ops *qops); extern struct Qdisc *qdisc_lookup(struct net_device *dev, u32 handle); extern struct Qdisc *qdisc_lookup_class(struct net_device *dev, u32 handle); extern struct qdisc_rate_table *qdisc_get_rtab(struct tc_ratespec *r, - struct rtattr *tab); + struct nlattr *tab); extern void qdisc_put_rtab(struct qdisc_rate_table *tab); extern void __qdisc_run(struct net_device *dev); diff --git a/include/net/protocol.h b/include/net/protocol.h index 1166ffb4b3e..ad8c584233a 100644 --- a/include/net/protocol.h +++ b/include/net/protocol.h @@ -102,7 +102,7 @@ extern void inet_unregister_protosw(struct inet_protosw *p); #if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE) extern int inet6_add_protocol(struct inet6_protocol *prot, unsigned char num); extern int inet6_del_protocol(struct inet6_protocol *prot, unsigned char num); -extern void inet6_register_protosw(struct inet_protosw *p); +extern int inet6_register_protosw(struct inet_protosw *p); extern void inet6_unregister_protosw(struct inet_protosw *p); #endif diff --git a/include/net/raw.h b/include/net/raw.h index e4af5978194..1828f81fe37 100644 --- a/include/net/raw.h +++ b/include/net/raw.h @@ -22,27 +22,38 @@ extern struct proto raw_prot; -extern void raw_err(struct sock *, struct sk_buff *, u32 info); -extern int raw_rcv(struct sock *, struct sk_buff *); - -/* Note: v4 ICMP wants to get at this stuff, if you change the - * hashing mechanism, make sure you update icmp.c as well. - */ -#define RAWV4_HTABLE_SIZE MAX_INET_PROTOS -extern struct hlist_head raw_v4_htable[RAWV4_HTABLE_SIZE]; - -extern rwlock_t raw_v4_lock; +void raw_icmp_error(struct sk_buff *, int, u32); +int raw_local_deliver(struct sk_buff *, int); +extern int raw_rcv(struct sock *, struct sk_buff *); -extern struct sock *__raw_v4_lookup(struct sock *sk, unsigned short num, - __be32 raddr, __be32 laddr, - int dif); +#define RAW_HTABLE_SIZE MAX_INET_PROTOS -extern int raw_v4_input(struct sk_buff *skb, struct iphdr *iph, int hash); +struct raw_hashinfo { + rwlock_t lock; + struct hlist_head ht[RAW_HTABLE_SIZE]; +}; #ifdef CONFIG_PROC_FS extern int raw_proc_init(void); extern void raw_proc_exit(void); + +struct raw_iter_state { + struct seq_net_private p; + int bucket; + struct raw_hashinfo *h; +}; + +#define raw_seq_private(seq) ((struct raw_iter_state *)(seq)->private) +void *raw_seq_start(struct seq_file *seq, loff_t *pos); +void *raw_seq_next(struct seq_file *seq, void *v, loff_t *pos); +void raw_seq_stop(struct seq_file *seq, void *v); +int raw_seq_open(struct inode *ino, struct file *file, + struct raw_hashinfo *h, const struct seq_operations *ops); + #endif +void raw_hash_sk(struct sock *sk, struct raw_hashinfo *h); +void raw_unhash_sk(struct sock *sk, struct raw_hashinfo *h); + #endif /* _RAW_H */ diff --git a/include/net/rawv6.h b/include/net/rawv6.h index a5819891d52..8a22599f26b 100644 --- a/include/net/rawv6.h +++ b/include/net/rawv6.h @@ -5,26 +5,13 @@ #include <net/protocol.h> -#define RAWV6_HTABLE_SIZE MAX_INET_PROTOS -extern struct hlist_head raw_v6_htable[RAWV6_HTABLE_SIZE]; -extern rwlock_t raw_v6_lock; - -extern int ipv6_raw_deliver(struct sk_buff *skb, int nexthdr); - -extern struct sock *__raw_v6_lookup(struct sock *sk, unsigned short num, - struct in6_addr *loc_addr, struct in6_addr *rmt_addr, - int dif); +void raw6_icmp_error(struct sk_buff *, int nexthdr, + int type, int code, int inner_offset, __be32); +int raw6_local_deliver(struct sk_buff *, int); extern int rawv6_rcv(struct sock *sk, struct sk_buff *skb); - -extern void rawv6_err(struct sock *sk, - struct sk_buff *skb, - struct inet6_skb_parm *opt, - int type, int code, - int offset, __be32 info); - #if defined(CONFIG_IPV6_MIP6) || defined(CONFIG_IPV6_MIP6_MODULE) int rawv6_mh_filter_register(int (*filter)(struct sock *sock, struct sk_buff *skb)); diff --git a/include/net/route.h b/include/net/route.h index f7ce6259f86..eadad590142 100644 --- a/include/net/route.h +++ b/include/net/route.h @@ -27,12 +27,14 @@ #include <net/dst.h> #include <net/inetpeer.h> #include <net/flow.h> +#include <net/sock.h> #include <linux/in_route.h> #include <linux/rtnetlink.h> #include <linux/route.h> #include <linux/ip.h> #include <linux/cache.h> #include <linux/security.h> +#include <net/sock.h> #ifndef __KERNEL__ #warning This file is not supposed to be used outside of kernel. @@ -60,6 +62,7 @@ struct rtable struct in_device *idev; + int rt_genid; unsigned rt_flags; __u16 rt_type; @@ -109,18 +112,18 @@ struct in_device; extern int ip_rt_init(void); extern void ip_rt_redirect(__be32 old_gw, __be32 dst, __be32 new_gw, __be32 src, struct net_device *dev); -extern void ip_rt_advice(struct rtable **rp, int advice); extern void rt_cache_flush(int how); -extern int __ip_route_output_key(struct rtable **, const struct flowi *flp); -extern int ip_route_output_key(struct rtable **, struct flowi *flp); -extern int ip_route_output_flow(struct rtable **rp, struct flowi *flp, struct sock *sk, int flags); +extern int __ip_route_output_key(struct net *, struct rtable **, const struct flowi *flp); +extern int ip_route_output_key(struct net *, struct rtable **, struct flowi *flp); +extern int ip_route_output_flow(struct net *, struct rtable **rp, struct flowi *flp, struct sock *sk, int flags); extern int ip_route_input(struct sk_buff*, __be32 dst, __be32 src, u8 tos, struct net_device *devin); -extern unsigned short ip_rt_frag_needed(struct iphdr *iph, unsigned short new_mtu); +extern unsigned short ip_rt_frag_needed(struct net *net, struct iphdr *iph, unsigned short new_mtu); extern void ip_rt_send_redirect(struct sk_buff *skb); -extern unsigned inet_addr_type(__be32 addr); +extern unsigned inet_addr_type(struct net *net, __be32 addr); +extern unsigned inet_dev_addr_type(struct net *net, const struct net_device *dev, __be32 addr); extern void ip_rt_multicast_event(struct in_device *); -extern int ip_rt_ioctl(unsigned int cmd, void __user *arg); +extern int ip_rt_ioctl(struct net *, unsigned int cmd, void __user *arg); extern void ip_rt_get_source(u8 *src, struct rtable *rt); extern int ip_rt_dump(struct sk_buff *skb, struct netlink_callback *cb); @@ -148,6 +151,7 @@ static inline int ip_route_connect(struct rtable **rp, __be32 dst, int flags) { struct flowi fl = { .oif = oif, + .mark = sk->sk_mark, .nl_u = { .ip4_u = { .daddr = dst, .saddr = src, .tos = tos } }, @@ -157,8 +161,9 @@ static inline int ip_route_connect(struct rtable **rp, __be32 dst, .dport = dport } } }; int err; + struct net *net = sk->sk_net; if (!dst || !src) { - err = __ip_route_output_key(rp, &fl); + err = __ip_route_output_key(net, rp, &fl); if (err) return err; fl.fl4_dst = (*rp)->rt_dst; @@ -167,7 +172,7 @@ static inline int ip_route_connect(struct rtable **rp, __be32 dst, *rp = NULL; } security_sk_classify_flow(sk, &fl); - return ip_route_output_flow(rp, &fl, sk, flags); + return ip_route_output_flow(net, rp, &fl, sk, flags); } static inline int ip_route_newports(struct rtable **rp, u8 protocol, @@ -184,7 +189,7 @@ static inline int ip_route_newports(struct rtable **rp, u8 protocol, ip_rt_put(*rp); *rp = NULL; security_sk_classify_flow(sk, &fl); - return ip_route_output_flow(rp, &fl, sk, 0); + return ip_route_output_flow(sk->sk_net, rp, &fl, sk, 0); } return 0; } diff --git a/include/net/sch_generic.h b/include/net/sch_generic.h index c9265518a37..ab502ec1c61 100644 --- a/include/net/sch_generic.h +++ b/include/net/sch_generic.h @@ -66,7 +66,7 @@ struct Qdisc_class_ops unsigned long (*get)(struct Qdisc *, u32 classid); void (*put)(struct Qdisc *, unsigned long); int (*change)(struct Qdisc *, u32, u32, - struct rtattr **, unsigned long *); + struct nlattr **, unsigned long *); int (*delete)(struct Qdisc *, unsigned long); void (*walk)(struct Qdisc *, struct qdisc_walker * arg); @@ -86,7 +86,7 @@ struct Qdisc_class_ops struct Qdisc_ops { struct Qdisc_ops *next; - struct Qdisc_class_ops *cl_ops; + const struct Qdisc_class_ops *cl_ops; char id[IFNAMSIZ]; int priv_size; @@ -95,10 +95,10 @@ struct Qdisc_ops int (*requeue)(struct sk_buff *, struct Qdisc *); unsigned int (*drop)(struct Qdisc *); - int (*init)(struct Qdisc *, struct rtattr *arg); + int (*init)(struct Qdisc *, struct nlattr *arg); void (*reset)(struct Qdisc *); void (*destroy)(struct Qdisc *); - int (*change)(struct Qdisc *, struct rtattr *arg); + int (*change)(struct Qdisc *, struct nlattr *arg); int (*dump)(struct Qdisc *, struct sk_buff *); int (*dump_stats)(struct Qdisc *, struct gnet_dump *); @@ -126,7 +126,7 @@ struct tcf_proto_ops unsigned long (*get)(struct tcf_proto*, u32 handle); void (*put)(struct tcf_proto*, unsigned long); int (*change)(struct tcf_proto*, unsigned long, - u32 handle, struct rtattr **, + u32 handle, struct nlattr **, unsigned long *); int (*delete)(struct tcf_proto*, unsigned long); void (*walk)(struct tcf_proto*, struct tcf_walker *arg); @@ -325,7 +325,6 @@ static inline struct sk_buff *skb_act_clone(struct sk_buff *skb, gfp_t gfp_mask) n->tc_verd = SET_TC_VERD(n->tc_verd, 0); n->tc_verd = CLR_TC_OK2MUNGE(n->tc_verd); n->tc_verd = CLR_TC_MUNGED(n->tc_verd); - n->iif = skb->iif; } return n; } diff --git a/include/net/sctp/checksum.h b/include/net/sctp/checksum.h new file mode 100644 index 00000000000..ba75c67cb99 --- /dev/null +++ b/include/net/sctp/checksum.h @@ -0,0 +1,78 @@ +/* SCTP kernel reference Implementation + * Copyright (c) 1999-2001 Motorola, Inc. + * Copyright (c) 2001-2003 International Business Machines, Corp. + * + * This file is part of the SCTP kernel reference Implementation + * + * SCTP Checksum functions + * + * The SCTP reference implementation is free software; + * you can redistribute it and/or modify it under the terms of + * the GNU General Public License as published by + * the Free Software Foundation; either version 2, or (at your option) + * any later version. + * + * The SCTP reference implementation is distributed in the hope that it + * will be useful, but WITHOUT ANY WARRANTY; without even the implied + * ************************ + * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * See the GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with GNU CC; see the file COPYING. If not, write to + * the Free Software Foundation, 59 Temple Place - Suite 330, + * Boston, MA 02111-1307, USA. + * + * Please send any bug reports or fixes you make to the + * email address(es): + * lksctp developers <lksctp-developers@lists.sourceforge.net> + * + * Or submit a bug report through the following website: + * http://www.sf.net/projects/lksctp + * + * Written or modified by: + * Dinakaran Joseph + * Jon Grimm <jgrimm@us.ibm.com> + * Sridhar Samudrala <sri@us.ibm.com> + * + * Rewritten to use libcrc32c by: + * Vlad Yasevich <vladislav.yasevich@hp.com> + * + * Any bugs reported given to us we will try to fix... any fixes shared will + * be incorporated into the next SCTP release. + */ + +#include <linux/types.h> +#include <net/sctp/sctp.h> +#include <linux/crc32c.h> + +static inline __u32 sctp_start_cksum(__u8 *buffer, __u16 length) +{ + __u32 crc = ~(__u32) 0; + __u8 zero[sizeof(__u32)] = {0}; + + /* Optimize this routine to be SCTP specific, knowing how + * to skip the checksum field of the SCTP header. + */ + + /* Calculate CRC up to the checksum. */ + crc = crc32c(crc, buffer, sizeof(struct sctphdr) - sizeof(__u32)); + + /* Skip checksum field of the header. */ + crc = crc32c(crc, zero, sizeof(__u32)); + + /* Calculate the rest of the CRC. */ + crc = crc32c(crc, &buffer[sizeof(struct sctphdr)], + length - sizeof(struct sctphdr)); + return crc; +} + +static inline __u32 sctp_update_cksum(__u8 *buffer, __u16 length, __u32 crc32) +{ + return crc32c(crc32, buffer, length); +} + +static inline __u32 sctp_end_cksum(__u32 crc32) +{ + return ntohl(~crc32); +} diff --git a/include/net/sctp/constants.h b/include/net/sctp/constants.h index f30b537d695..fefcba67bd1 100644 --- a/include/net/sctp/constants.h +++ b/include/net/sctp/constants.h @@ -365,36 +365,12 @@ typedef enum { * Also, RFC 8.4, non-unicast addresses are not considered valid SCTP * addresses. */ -#define IS_IPV4_UNUSABLE_ADDRESS(a) \ - ((htonl(INADDR_BROADCAST) == *a) || \ - (MULTICAST(*a)) || \ - (((unsigned char *)(a))[0] == 0) || \ - ((((unsigned char *)(a))[0] == 198) && \ - (((unsigned char *)(a))[1] == 18) && \ - (((unsigned char *)(a))[2] == 0)) || \ - ((((unsigned char *)(a))[0] == 192) && \ - (((unsigned char *)(a))[1] == 88) && \ - (((unsigned char *)(a))[2] == 99))) - -/* IPv4 Link-local addresses: 169.254.0.0/16. */ -#define IS_IPV4_LINK_ADDRESS(a) \ - ((((unsigned char *)(a))[0] == 169) && \ - (((unsigned char *)(a))[1] == 254)) - -/* RFC 1918 "Address Allocation for Private Internets" defines the IPv4 - * private address space as the following: - * - * 10.0.0.0 - 10.255.255.255 (10/8 prefix) - * 172.16.0.0.0 - 172.31.255.255 (172.16/12 prefix) - * 192.168.0.0 - 192.168.255.255 (192.168/16 prefix) - */ -#define IS_IPV4_PRIVATE_ADDRESS(a) \ - ((((unsigned char *)(a))[0] == 10) || \ - ((((unsigned char *)(a))[0] == 172) && \ - (((unsigned char *)(a))[1] >= 16) && \ - (((unsigned char *)(a))[1] < 32)) || \ - ((((unsigned char *)(a))[0] == 192) && \ - (((unsigned char *)(a))[1] == 168))) +#define IS_IPV4_UNUSABLE_ADDRESS(a) \ + ((htonl(INADDR_BROADCAST) == a) || \ + ipv4_is_multicast(a) || \ + ipv4_is_zeronet(a) || \ + ipv4_is_test_198(a) || \ + ipv4_is_anycast_6to4(a)) /* Flags used for the bind address copy functions. */ #define SCTP_ADDR6_ALLOWED 0x00000001 /* IPv6 address is allowed by @@ -441,11 +417,14 @@ enum { SCTP_AUTH_HMAC_ID_RESERVED_0, SCTP_AUTH_HMAC_ID_SHA1, SCTP_AUTH_HMAC_ID_RESERVED_2, - SCTP_AUTH_HMAC_ID_SHA256 +#if defined (CONFIG_CRYPTO_SHA256) || defined (CONFIG_CRYPTO_SHA256_MODULE) + SCTP_AUTH_HMAC_ID_SHA256, +#endif + __SCTP_AUTH_HMAC_MAX }; -#define SCTP_AUTH_HMAC_ID_MAX SCTP_AUTH_HMAC_ID_SHA256 -#define SCTP_AUTH_NUM_HMACS (SCTP_AUTH_HMAC_ID_SHA256 + 1) +#define SCTP_AUTH_HMAC_ID_MAX __SCTP_AUTH_HMAC_MAX - 1 +#define SCTP_AUTH_NUM_HMACS __SCTP_AUTH_HMAC_MAX #define SCTP_SHA1_SIG_SIZE 20 #define SCTP_SHA256_SIG_SIZE 32 diff --git a/include/net/sctp/sctp.h b/include/net/sctp/sctp.h index 34318a33a94..4977b0a8153 100644 --- a/include/net/sctp/sctp.h +++ b/include/net/sctp/sctp.h @@ -150,13 +150,6 @@ int sctp_primitive_REQUESTHEARTBEAT(struct sctp_association *, void *arg); int sctp_primitive_ASCONF(struct sctp_association *, void *arg); /* - * sctp/crc32c.c - */ -__u32 sctp_start_cksum(__u8 *ptr, __u16 count); -__u32 sctp_update_cksum(__u8 *ptr, __u16 count, __u32 cksum); -__u32 sctp_end_cksum(__u32 cksum); - -/* * sctp/input.c */ int sctp_rcv(struct sk_buff *skb); @@ -470,8 +463,7 @@ static inline void sctp_skb_set_owner_r(struct sk_buff *skb, struct sock *sk) skb->destructor = sctp_sock_rfree; atomic_add(event->rmem_len, &sk->sk_rmem_alloc); /* - * This mimics the behavior of - * sk_stream_set_owner_r + * This mimics the behavior of skb_set_owner_r */ sk->sk_forward_alloc -= event->rmem_len; } diff --git a/include/net/sctp/structs.h b/include/net/sctp/structs.h index eb3113c38a9..4d591bfce45 100644 --- a/include/net/sctp/structs.h +++ b/include/net/sctp/structs.h @@ -301,7 +301,7 @@ struct sctp_sock { /* The default SACK delay timeout for new associations. */ __u32 sackdelay; - /* Flags controling Heartbeat, SACK delay, and Path MTU Discovery. */ + /* Flags controlling Heartbeat, SACK delay, and Path MTU Discovery. */ __u32 param_flags; struct sctp_initmsg initmsg; @@ -451,6 +451,7 @@ union sctp_params { struct sctp_random_param *random; struct sctp_chunks_param *chunks; struct sctp_hmac_algo_param *hmac_algo; + struct sctp_addip_param *addip; }; /* RFC 2960. Section 3.3.5 Heartbeat. @@ -743,6 +744,7 @@ struct sctp_chunk { __u8 tsn_missing_report; /* Data chunk missing counter. */ __u8 data_accepted; /* At least 1 chunk in this packet accepted */ __u8 auth; /* IN: was auth'ed | OUT: needs auth */ + __u8 has_asconf; /* IN: have seen an asconf before */ }; void sctp_chunk_hold(struct sctp_chunk *); @@ -758,12 +760,18 @@ void sctp_init_addrs(struct sctp_chunk *, union sctp_addr *, union sctp_addr *); const union sctp_addr *sctp_source(const struct sctp_chunk *chunk); +enum { + SCTP_ADDR_NEW, /* new address added to assoc/ep */ + SCTP_ADDR_SRC, /* address can be used as source */ + SCTP_ADDR_DEL, /* address about to be deleted */ +}; + /* This is a structure for holding either an IPv6 or an IPv4 address. */ struct sctp_sockaddr_entry { struct list_head list; struct rcu_head rcu; union sctp_addr a; - __u8 use_as_src; + __u8 state; __u8 valid; }; @@ -955,7 +963,7 @@ struct sctp_transport { /* PMTU : The current known path MTU. */ __u32 pathmtu; - /* Flags controling Heartbeat, SACK delay, and Path MTU Discovery. */ + /* Flags controlling Heartbeat, SACK delay, and Path MTU Discovery. */ __u32 param_flags; /* The number of times INIT has been sent on this transport. */ @@ -1184,11 +1192,16 @@ int sctp_bind_addr_copy(struct sctp_bind_addr *dest, const struct sctp_bind_addr *src, sctp_scope_t scope, gfp_t gfp, int flags); +int sctp_bind_addr_dup(struct sctp_bind_addr *dest, + const struct sctp_bind_addr *src, + gfp_t gfp); int sctp_add_bind_addr(struct sctp_bind_addr *, union sctp_addr *, - __u8 use_as_src, gfp_t gfp); + __u8 addr_state, gfp_t gfp); int sctp_del_bind_addr(struct sctp_bind_addr *, union sctp_addr *); int sctp_bind_addr_match(struct sctp_bind_addr *, const union sctp_addr *, struct sctp_sock *); +int sctp_bind_addr_state(const struct sctp_bind_addr *bp, + const union sctp_addr *addr); union sctp_addr *sctp_find_unmatch_addr(struct sctp_bind_addr *bp, const union sctp_addr *addrs, int addrcnt, @@ -1635,7 +1648,7 @@ struct sctp_association { */ __u32 pathmtu; - /* Flags controling Heartbeat, SACK delay, and Path MTU Discovery. */ + /* Flags controlling Heartbeat, SACK delay, and Path MTU Discovery. */ __u32 param_flags; /* SACK delay timeout */ @@ -1781,20 +1794,16 @@ struct sctp_association { */ struct sctp_chunk *addip_last_asconf; - /* ADDIP Section 4.2 Upon reception of an ASCONF Chunk. + /* ADDIP Section 5.2 Upon reception of an ASCONF Chunk. * - * IMPLEMENTATION NOTE: As an optimization a receiver may wish - * to save the last ASCONF-ACK for some predetermined period - * of time and instead of re-processing the ASCONF (with the - * same serial number) it may just re-transmit the - * ASCONF-ACK. It may wish to use the arrival of a new serial - * number to discard the previously saved ASCONF-ACK or any - * other means it may choose to expire the saved ASCONF-ACK. + * This is needed to implement itmes E1 - E4 of the updated + * spec. Here is the justification: * - * [This is our saved ASCONF-ACK. We invalidate it when a new - * ASCONF serial number arrives.] + * Since the peer may bundle multiple ASCONF chunks toward us, + * we now need the ability to cache multiple ACKs. The section + * describes in detail how they are cached and cleaned up. */ - struct sctp_chunk *addip_last_asconf_ack; + struct list_head asconf_ack_list; /* These ASCONF chunks are waiting to be sent. * @@ -1935,12 +1944,19 @@ void sctp_assoc_rwnd_increase(struct sctp_association *, unsigned); void sctp_assoc_rwnd_decrease(struct sctp_association *, unsigned); void sctp_assoc_set_primary(struct sctp_association *, struct sctp_transport *); +void sctp_assoc_del_nonprimary_peers(struct sctp_association *, + struct sctp_transport *); int sctp_assoc_set_bind_addr_from_ep(struct sctp_association *, gfp_t); int sctp_assoc_set_bind_addr_from_cookie(struct sctp_association *, struct sctp_cookie*, gfp_t gfp); int sctp_assoc_set_id(struct sctp_association *, gfp_t); +void sctp_assoc_clean_asconf_ack_cache(const struct sctp_association *asoc); +struct sctp_chunk *sctp_assoc_lookup_asconf_ack( + const struct sctp_association *asoc, + __be32 serial); + int sctp_cmp_addr_exact(const union sctp_addr *ss1, const union sctp_addr *ss2); diff --git a/include/net/sctp/user.h b/include/net/sctp/user.h index 00848b641f5..954090b1e35 100644 --- a/include/net/sctp/user.h +++ b/include/net/sctp/user.h @@ -450,7 +450,7 @@ enum sctp_sn_type { SCTP_SHUTDOWN_EVENT, SCTP_PARTIAL_DELIVERY_EVENT, SCTP_ADAPTATION_INDICATION, - SCTP_AUTHENTICATION_EVENT, + SCTP_AUTHENTICATION_INDICATION, }; /* Notification error codes used to fill up the error fields in some diff --git a/include/net/snmp.h b/include/net/snmp.h index ea206bff0dc..ce2f4850751 100644 --- a/include/net/snmp.h +++ b/include/net/snmp.h @@ -23,6 +23,7 @@ #include <linux/cache.h> #include <linux/snmp.h> +#include <linux/smp.h> /* * Mibs are stored in array of unsigned long. @@ -117,6 +118,11 @@ struct linux_mib { unsigned long mibs[LINUX_MIB_MAX]; }; +/* Linux Xfrm */ +#define LINUX_MIB_XFRMMAX __LINUX_MIB_XFRMMAX +struct linux_xfrm_mib { + unsigned long mibs[LINUX_MIB_XFRMMAX]; +}; /* * FIXME: On x86 and some other CPUs the split into user and softirq parts @@ -134,17 +140,27 @@ struct linux_mib { #define SNMP_INC_STATS_BH(mib, field) \ (per_cpu_ptr(mib[0], raw_smp_processor_id())->mibs[field]++) -#define SNMP_INC_STATS_OFFSET_BH(mib, field, offset) \ - (per_cpu_ptr(mib[0], raw_smp_processor_id())->mibs[field + (offset)]++) #define SNMP_INC_STATS_USER(mib, field) \ - (per_cpu_ptr(mib[1], raw_smp_processor_id())->mibs[field]++) + do { \ + per_cpu_ptr(mib[1], get_cpu())->mibs[field]++; \ + put_cpu(); \ + } while (0) #define SNMP_INC_STATS(mib, field) \ - (per_cpu_ptr(mib[!in_softirq()], raw_smp_processor_id())->mibs[field]++) + do { \ + per_cpu_ptr(mib[!in_softirq()], get_cpu())->mibs[field]++; \ + put_cpu(); \ + } while (0) #define SNMP_DEC_STATS(mib, field) \ - (per_cpu_ptr(mib[!in_softirq()], raw_smp_processor_id())->mibs[field]--) + do { \ + per_cpu_ptr(mib[!in_softirq()], get_cpu())->mibs[field]--; \ + put_cpu(); \ + } while (0) #define SNMP_ADD_STATS_BH(mib, field, addend) \ (per_cpu_ptr(mib[0], raw_smp_processor_id())->mibs[field] += addend) #define SNMP_ADD_STATS_USER(mib, field, addend) \ - (per_cpu_ptr(mib[1], raw_smp_processor_id())->mibs[field] += addend) + do { \ + per_cpu_ptr(mib[1], get_cpu())->mibs[field] += addend; \ + put_cpu(); \ + } while (0) #endif diff --git a/include/net/sock.h b/include/net/sock.h index 567e468d749..8a7889b3581 100644 --- a/include/net/sock.h +++ b/include/net/sock.h @@ -47,6 +47,7 @@ #include <linux/module.h> #include <linux/lockdep.h> #include <linux/netdevice.h> +#include <linux/pcounter.h> #include <linux/skbuff.h> /* struct sk_buff */ #include <linux/mm.h> #include <linux/security.h> @@ -56,7 +57,6 @@ #include <asm/atomic.h> #include <net/dst.h> #include <net/checksum.h> -#include <net/net_namespace.h> /* * This structure really needs to be cleaned up. @@ -94,6 +94,7 @@ typedef struct { struct sock; struct proto; +struct net; /** * struct sock_common - minimal network layer representation of sockets @@ -145,7 +146,8 @@ struct sock_common { * @sk_forward_alloc: space allocated forward * @sk_allocation: allocation mode * @sk_sndbuf: size of send buffer in bytes - * @sk_flags: %SO_LINGER (l_onoff), %SO_BROADCAST, %SO_KEEPALIVE, %SO_OOBINLINE settings + * @sk_flags: %SO_LINGER (l_onoff), %SO_BROADCAST, %SO_KEEPALIVE, + * %SO_OOBINLINE settings * @sk_no_check: %SO_NO_CHECK setting, wether or not checkup packets * @sk_route_caps: route capabilities (e.g. %NETIF_F_TSO) * @sk_gso_type: GSO type (e.g. %SKB_GSO_TCPV4) @@ -153,9 +155,12 @@ struct sock_common { * @sk_backlog: always used with the per-socket spinlock held * @sk_callback_lock: used with the callbacks in the end of this struct * @sk_error_queue: rarely used - * @sk_prot_creator: sk_prot of original sock creator (see ipv6_setsockopt, IPV6_ADDRFORM for instance) + * @sk_prot_creator: sk_prot of original sock creator (see ipv6_setsockopt, + * IPV6_ADDRFORM for instance) * @sk_err: last error - * @sk_err_soft: errors that don't cause failure but are the cause of a persistent failure not just 'timed out' + * @sk_err_soft: errors that don't cause failure but are the cause of a + * persistent failure not just 'timed out' + * @sk_drops: raw drops counter * @sk_ack_backlog: current listen backlog * @sk_max_ack_backlog: listen backlog set in listen() * @sk_priority: %SO_PRIORITY setting @@ -239,6 +244,7 @@ struct sock { rwlock_t sk_callback_lock; int sk_err, sk_err_soft; + atomic_t sk_drops; unsigned short sk_ack_backlog; unsigned short sk_max_ack_backlog; __u32 sk_priority; @@ -256,6 +262,8 @@ struct sock { __u32 sk_sndmsg_off; int sk_write_pending; void *sk_security; + __u32 sk_mark; + /* XXX 4 bytes hole on 64 bit */ void (*sk_state_change)(struct sock *sk); void (*sk_data_ready)(struct sock *sk, int bytes); void (*sk_write_space)(struct sock *sk); @@ -439,7 +447,7 @@ static inline int sk_acceptq_is_full(struct sock *sk) */ static inline int sk_stream_min_wspace(struct sock *sk) { - return sk->sk_wmem_queued / 2; + return sk->sk_wmem_queued >> 1; } static inline int sk_stream_wspace(struct sock *sk) @@ -454,25 +462,6 @@ static inline int sk_stream_memory_free(struct sock *sk) return sk->sk_wmem_queued < sk->sk_sndbuf; } -extern void sk_stream_rfree(struct sk_buff *skb); - -static inline void sk_stream_set_owner_r(struct sk_buff *skb, struct sock *sk) -{ - skb->sk = sk; - skb->destructor = sk_stream_rfree; - atomic_add(skb->truesize, &sk->sk_rmem_alloc); - sk->sk_forward_alloc -= skb->truesize; -} - -static inline void sk_stream_free_skb(struct sock *sk, struct sk_buff *skb) -{ - skb_truesize_check(skb); - sock_set_flag(sk, SOCK_QUEUE_SHRUNK); - sk->sk_wmem_queued -= skb->truesize; - sk->sk_forward_alloc += skb->truesize; - __kfree_skb(skb); -} - /* The per-socket spinlock must be held here. */ static inline void sk_add_backlog(struct sock *sk, struct sk_buff *skb) { @@ -507,6 +496,7 @@ extern int sk_wait_data(struct sock *sk, long *timeo); struct request_sock_ops; struct timewait_sock_ops; +struct inet_hashinfo; /* Networking protocol blocks we attach to sockets. * socket layer -> transport layer interface @@ -560,14 +550,11 @@ struct proto { void (*unhash)(struct sock *sk); int (*get_port)(struct sock *sk, unsigned short snum); -#ifdef CONFIG_SMP /* Keeping track of sockets in use */ - void (*inuse_add)(struct proto *prot, int inc); - int (*inuse_getval)(const struct proto *prot); - int *inuse_ptr; -#else - int inuse; +#ifdef CONFIG_PROC_FS + struct pcounter inuse; #endif + /* Memory pressure */ void (*enter_memory_pressure)(void); atomic_t *memory_allocated; /* Current allocated memory. */ @@ -575,7 +562,7 @@ struct proto { /* * Pressure flag: try to collapse. * Technical note: it is used by multiple contexts non atomically. - * All the sk_stream_mem_schedule() is of this nature: accounting + * All the __sk_mem_schedule() is of this nature: accounting * is strict, actions are advisory and have some latency. */ int *memory_pressure; @@ -592,6 +579,8 @@ struct proto { struct request_sock_ops *rsk_prot; struct timewait_sock_ops *twsk_prot; + struct inet_hashinfo *hashinfo; + struct module *owner; char name[32]; @@ -602,36 +591,6 @@ struct proto { #endif }; -/* - * Special macros to let protos use a fast version of inuse{get|add} - * using a static percpu variable per proto instead of an allocated one, - * saving one dereference. - * This might be changed if/when dynamic percpu vars become fast. - */ -#ifdef CONFIG_SMP -# define DEFINE_PROTO_INUSE(NAME) \ -static DEFINE_PER_CPU(int, NAME##_inuse); \ -static void NAME##_inuse_add(struct proto *prot, int inc) \ -{ \ - __get_cpu_var(NAME##_inuse) += inc; \ -} \ - \ -static int NAME##_inuse_getval(const struct proto *prot)\ -{ \ - int res = 0, cpu; \ - \ - for_each_possible_cpu(cpu) \ - res += per_cpu(NAME##_inuse, cpu); \ - return res; \ -} -# define REF_PROTO_INUSE(NAME) \ - .inuse_add = NAME##_inuse_add, \ - .inuse_getval = NAME##_inuse_getval, -#else -# define DEFINE_PROTO_INUSE(NAME) -# define REF_PROTO_INUSE(NAME) -#endif - extern int proto_register(struct proto *prot, int alloc_slab); extern void proto_unregister(struct proto *prot); @@ -660,33 +619,42 @@ static inline void sk_refcnt_debug_release(const struct sock *sk) #define sk_refcnt_debug_release(sk) do { } while (0) #endif /* SOCK_REFCNT_DEBUG */ + +#ifdef CONFIG_PROC_FS +# define DEFINE_PROTO_INUSE(NAME) DEFINE_PCOUNTER(NAME) +# define REF_PROTO_INUSE(NAME) PCOUNTER_MEMBER_INITIALIZER(NAME, .inuse) /* Called with local bh disabled */ -static __inline__ void sock_prot_inc_use(struct proto *prot) +static inline void sock_prot_inuse_add(struct proto *prot, int inc) { -#ifdef CONFIG_SMP - prot->inuse_add(prot, 1); -#else - prot->inuse++; -#endif + pcounter_add(&prot->inuse, inc); } - -static __inline__ void sock_prot_dec_use(struct proto *prot) +static inline int sock_prot_inuse_init(struct proto *proto) { -#ifdef CONFIG_SMP - prot->inuse_add(prot, -1); -#else - prot->inuse--; -#endif + return pcounter_alloc(&proto->inuse); } - -static __inline__ int sock_prot_inuse(struct proto *proto) +static inline int sock_prot_inuse_get(struct proto *proto) +{ + return pcounter_getval(&proto->inuse); +} +static inline void sock_prot_inuse_free(struct proto *proto) { -#ifdef CONFIG_SMP - return proto->inuse_getval(proto); + pcounter_free(&proto->inuse); +} #else - return proto->inuse; -#endif +# define DEFINE_PROTO_INUSE(NAME) +# define REF_PROTO_INUSE(NAME) +static void inline sock_prot_inuse_add(struct proto *prot, int inc) +{ +} +static int inline sock_prot_inuse_init(struct proto *proto) +{ + return 0; +} +static void inline sock_prot_inuse_free(struct proto *proto) +{ } +#endif + /* With per-bucket locks this operation is not-atomic, so that * this version is not worse. @@ -750,32 +718,81 @@ static inline struct inode *SOCK_INODE(struct socket *socket) return &container_of(socket, struct socket_alloc, socket)->vfs_inode; } -extern void __sk_stream_mem_reclaim(struct sock *sk); -extern int sk_stream_mem_schedule(struct sock *sk, int size, int kind); +/* + * Functions for memory accounting + */ +extern int __sk_mem_schedule(struct sock *sk, int size, int kind); +extern void __sk_mem_reclaim(struct sock *sk); -#define SK_STREAM_MEM_QUANTUM ((int)PAGE_SIZE) +#define SK_MEM_QUANTUM ((int)PAGE_SIZE) +#define SK_MEM_QUANTUM_SHIFT ilog2(SK_MEM_QUANTUM) +#define SK_MEM_SEND 0 +#define SK_MEM_RECV 1 -static inline int sk_stream_pages(int amt) +static inline int sk_mem_pages(int amt) { - return DIV_ROUND_UP(amt, SK_STREAM_MEM_QUANTUM); + return (amt + SK_MEM_QUANTUM - 1) >> SK_MEM_QUANTUM_SHIFT; } -static inline void sk_stream_mem_reclaim(struct sock *sk) +static inline int sk_has_account(struct sock *sk) { - if (sk->sk_forward_alloc >= SK_STREAM_MEM_QUANTUM) - __sk_stream_mem_reclaim(sk); + /* return true if protocol supports memory accounting */ + return !!sk->sk_prot->memory_allocated; } -static inline int sk_stream_rmem_schedule(struct sock *sk, struct sk_buff *skb) +static inline int sk_wmem_schedule(struct sock *sk, int size) { - return (int)skb->truesize <= sk->sk_forward_alloc || - sk_stream_mem_schedule(sk, skb->truesize, 1); + if (!sk_has_account(sk)) + return 1; + return size <= sk->sk_forward_alloc || + __sk_mem_schedule(sk, size, SK_MEM_SEND); } -static inline int sk_stream_wmem_schedule(struct sock *sk, int size) +static inline int sk_rmem_schedule(struct sock *sk, int size) { + if (!sk_has_account(sk)) + return 1; return size <= sk->sk_forward_alloc || - sk_stream_mem_schedule(sk, size, 0); + __sk_mem_schedule(sk, size, SK_MEM_RECV); +} + +static inline void sk_mem_reclaim(struct sock *sk) +{ + if (!sk_has_account(sk)) + return; + if (sk->sk_forward_alloc >= SK_MEM_QUANTUM) + __sk_mem_reclaim(sk); +} + +static inline void sk_mem_reclaim_partial(struct sock *sk) +{ + if (!sk_has_account(sk)) + return; + if (sk->sk_forward_alloc > SK_MEM_QUANTUM) + __sk_mem_reclaim(sk); +} + +static inline void sk_mem_charge(struct sock *sk, int size) +{ + if (!sk_has_account(sk)) + return; + sk->sk_forward_alloc -= size; +} + +static inline void sk_mem_uncharge(struct sock *sk, int size) +{ + if (!sk_has_account(sk)) + return; + sk->sk_forward_alloc += size; +} + +static inline void sk_wmem_free_skb(struct sock *sk, struct sk_buff *skb) +{ + skb_truesize_check(skb); + sock_set_flag(sk, SOCK_QUEUE_SHRUNK); + sk->sk_wmem_queued -= skb->truesize; + sk_mem_uncharge(sk, skb->truesize); + __kfree_skb(skb); } /* Used by processes to "lock" a socket state, so that @@ -812,14 +829,14 @@ do { \ lockdep_init_map(&(sk)->sk_lock.dep_map, (name), (key), 0); \ } while (0) -extern void FASTCALL(lock_sock_nested(struct sock *sk, int subclass)); +extern void lock_sock_nested(struct sock *sk, int subclass); static inline void lock_sock(struct sock *sk) { lock_sock_nested(sk, 0); } -extern void FASTCALL(release_sock(struct sock *sk)); +extern void release_sock(struct sock *sk); /* BH context may only use the following locking interface. */ #define bh_lock_sock(__sk) spin_lock(&((__sk)->sk_lock.slock)) @@ -944,7 +961,7 @@ static inline int sk_filter(struct sock *sk, struct sk_buff *skb) return err; rcu_read_lock_bh(); - filter = sk->sk_filter; + filter = rcu_dereference(sk->sk_filter); if (filter) { unsigned int pkt_len = sk_run_filter(skb, filter->insns, filter->len); @@ -1113,12 +1130,6 @@ static inline int sk_can_gso(const struct sock *sk) extern void sk_setup_caps(struct sock *sk, struct dst_entry *dst); -static inline void sk_charge_skb(struct sock *sk, struct sk_buff *skb) -{ - sk->sk_wmem_queued += skb->truesize; - sk->sk_forward_alloc -= skb->truesize; -} - static inline int skb_copy_to_page(struct sock *sk, char __user *from, struct sk_buff *skb, struct page *page, int off, int copy) @@ -1138,7 +1149,7 @@ static inline int skb_copy_to_page(struct sock *sk, char __user *from, skb->data_len += copy; skb->truesize += copy; sk->sk_wmem_queued += copy; - sk->sk_forward_alloc -= copy; + sk_mem_charge(sk, copy); return 0; } @@ -1164,6 +1175,7 @@ static inline void skb_set_owner_r(struct sk_buff *skb, struct sock *sk) skb->sk = sk; skb->destructor = sock_rfree; atomic_add(skb->truesize, &sk->sk_rmem_alloc); + sk_mem_charge(sk, skb->truesize); } extern void sk_reset_timer(struct sock *sk, struct timer_list* timer, @@ -1225,42 +1237,12 @@ static inline void sk_wake_async(struct sock *sk, int how, int band) static inline void sk_stream_moderate_sndbuf(struct sock *sk) { if (!(sk->sk_userlocks & SOCK_SNDBUF_LOCK)) { - sk->sk_sndbuf = min(sk->sk_sndbuf, sk->sk_wmem_queued / 2); + sk->sk_sndbuf = min(sk->sk_sndbuf, sk->sk_wmem_queued >> 1); sk->sk_sndbuf = max(sk->sk_sndbuf, SOCK_MIN_SNDBUF); } } -static inline struct sk_buff *sk_stream_alloc_pskb(struct sock *sk, - int size, int mem, - gfp_t gfp) -{ - struct sk_buff *skb; - - skb = alloc_skb_fclone(size + sk->sk_prot->max_header, gfp); - if (skb) { - skb->truesize += mem; - if (sk_stream_wmem_schedule(sk, skb->truesize)) { - /* - * Make sure that we have exactly size bytes - * available to the caller, no more, no less. - */ - skb_reserve(skb, skb_tailroom(skb) - size); - return skb; - } - __kfree_skb(skb); - } else { - sk->sk_prot->enter_memory_pressure(); - sk_stream_moderate_sndbuf(sk); - } - return NULL; -} - -static inline struct sk_buff *sk_stream_alloc_skb(struct sock *sk, - int size, - gfp_t gfp) -{ - return sk_stream_alloc_pskb(sk, size, 0, gfp); -} +struct sk_buff *sk_stream_alloc_skb(struct sock *sk, int size, gfp_t gfp); static inline struct page *sk_stream_alloc_page(struct sock *sk) { @@ -1279,7 +1261,7 @@ static inline struct page *sk_stream_alloc_page(struct sock *sk) */ static inline int sock_writeable(const struct sock *sk) { - return atomic_read(&sk->sk_wmem_alloc) < (sk->sk_sndbuf / 2); + return atomic_read(&sk->sk_wmem_alloc) < (sk->sk_sndbuf >> 1); } static inline gfp_t gfp_any(void) @@ -1388,23 +1370,11 @@ extern int net_msg_warn; lock_sock(sk); \ } -static inline void sock_valbool_flag(struct sock *sk, int bit, int valbool) -{ - if (valbool) - sock_set_flag(sk, bit); - else - sock_reset_flag(sk, bit); -} - extern __u32 sysctl_wmem_max; extern __u32 sysctl_rmem_max; extern void sk_init(void); -#ifdef CONFIG_SYSCTL -extern struct ctl_table core_table[]; -#endif - extern int sysctl_optmem_max; extern __u32 sysctl_wmem_default; diff --git a/include/net/tcp.h b/include/net/tcp.h index d695cea7730..7de4ea3a04d 100644 --- a/include/net/tcp.h +++ b/include/net/tcp.h @@ -309,6 +309,9 @@ extern int tcp_twsk_unique(struct sock *sk, extern void tcp_twsk_destructor(struct sock *sk); +extern ssize_t tcp_splice_read(struct socket *sk, loff_t *ppos, + struct pipe_inode_info *pipe, size_t len, unsigned int flags); + static inline void tcp_dec_quickack_mode(struct sock *sk, const unsigned int pkts) { @@ -575,10 +578,6 @@ struct tcp_skb_cb { #define TCPCB_EVER_RETRANS 0x80 /* Ever retransmitted frame */ #define TCPCB_RETRANS (TCPCB_SACKED_RETRANS|TCPCB_EVER_RETRANS) -#define TCPCB_URG 0x20 /* Urgent pointer advanced here */ - -#define TCPCB_AT_TAIL (TCPCB_URG) - __u16 urg_ptr; /* Valid w/URG flags is set. */ __u32 ack_seq; /* Sequence number ACK'd */ }; @@ -649,7 +648,7 @@ struct tcp_congestion_ops { /* lower bound for congestion window (optional) */ u32 (*min_cwnd)(const struct sock *sk); /* do new cwnd calculation (required) */ - void (*cong_avoid)(struct sock *sk, u32 ack, u32 in_flight, int good_ack); + void (*cong_avoid)(struct sock *sk, u32 ack, u32 in_flight); /* call before changing ca_state (optional) */ void (*set_state)(struct sock *sk, u8 new_state); /* call when cwnd event occurs (optional) */ @@ -680,7 +679,7 @@ extern void tcp_slow_start(struct tcp_sock *tp); extern struct tcp_congestion_ops tcp_init_congestion_ops; extern u32 tcp_reno_ssthresh(struct sock *sk); -extern void tcp_reno_cong_avoid(struct sock *sk, u32 ack, u32 in_flight, int flag); +extern void tcp_reno_cong_avoid(struct sock *sk, u32 ack, u32 in_flight); extern u32 tcp_reno_min_cwnd(const struct sock *sk); extern struct tcp_congestion_ops tcp_reno; @@ -782,26 +781,12 @@ static __inline__ __u32 tcp_max_burst(const struct tcp_sock *tp) return 3; } -/* RFC2861 Check whether we are limited by application or congestion window - * This is the inverse of cwnd check in tcp_tso_should_defer - */ -static inline int tcp_is_cwnd_limited(const struct sock *sk, u32 in_flight) +/* Returns end sequence number of the receiver's advertised window */ +static inline u32 tcp_wnd_end(const struct tcp_sock *tp) { - const struct tcp_sock *tp = tcp_sk(sk); - u32 left; - - if (in_flight >= tp->snd_cwnd) - return 1; - - if (!sk_can_gso(sk)) - return 0; - - left = tp->snd_cwnd - in_flight; - if (sysctl_tcp_tso_win_divisor) - return left * sysctl_tcp_tso_win_divisor < tp->snd_cwnd; - else - return left <= tcp_max_burst(tp); + return tp->snd_una + tp->snd_wnd; } +extern int tcp_is_cwnd_limited(const struct sock *sk, u32 in_flight); static inline void tcp_minshall_update(struct tcp_sock *tp, unsigned int mss, const struct sk_buff *skb) @@ -921,40 +906,7 @@ static const char *statename[]={ "Close Wait","Last ACK","Listen","Closing" }; #endif - -static inline void tcp_set_state(struct sock *sk, int state) -{ - int oldstate = sk->sk_state; - - switch (state) { - case TCP_ESTABLISHED: - if (oldstate != TCP_ESTABLISHED) - TCP_INC_STATS(TCP_MIB_CURRESTAB); - break; - - case TCP_CLOSE: - if (oldstate == TCP_CLOSE_WAIT || oldstate == TCP_ESTABLISHED) - TCP_INC_STATS(TCP_MIB_ESTABRESETS); - - sk->sk_prot->unhash(sk); - if (inet_csk(sk)->icsk_bind_hash && - !(sk->sk_userlocks & SOCK_BINDPORT_LOCK)) - inet_put_port(&tcp_hashinfo, sk); - /* fall through */ - default: - if (oldstate==TCP_ESTABLISHED) - TCP_DEC_STATS(TCP_MIB_CURRESTAB); - } - - /* Change state AFTER socket is unhashed to avoid closed - * socket sitting in hash tables. - */ - sk->sk_state = state; - -#ifdef STATE_TRACE - SOCK_DEBUG(sk, "TCP sk=%p, State %s -> %s\n",sk, statename[oldstate],statename[state]); -#endif -} +extern void tcp_set_state(struct sock *sk, int state); extern void tcp_done(struct sock *sk); @@ -1078,7 +1030,6 @@ static inline void tcp_clear_retrans_hints_partial(struct tcp_sock *tp) static inline void tcp_clear_all_retrans_hints(struct tcp_sock *tp) { tcp_clear_retrans_hints_partial(tp); - tp->fastpath_skb_hint = NULL; } /* MD5 Signature */ @@ -1153,7 +1104,8 @@ extern int tcp_v4_calc_md5_hash(char *md5_hash, struct dst_entry *dst, struct request_sock *req, struct tcphdr *th, - int protocol, int tcplen); + int protocol, + unsigned int tcplen); extern struct tcp_md5sig_key *tcp_v4_md5_lookup(struct sock *sk, struct sock *addr_sk); @@ -1193,8 +1145,8 @@ static inline void tcp_write_queue_purge(struct sock *sk) struct sk_buff *skb; while ((skb = __skb_dequeue(&sk->sk_write_queue)) != NULL) - sk_stream_free_skb(sk, skb); - sk_stream_mem_reclaim(sk); + sk_wmem_free_skb(sk, skb); + sk_mem_reclaim(sk); } static inline struct sk_buff *tcp_write_queue_head(struct sock *sk) @@ -1227,6 +1179,11 @@ static inline struct sk_buff *tcp_write_queue_next(struct sock *sk, struct sk_bu for (; (skb != (struct sk_buff *)&(sk)->sk_write_queue);\ skb = skb->next) +#define tcp_for_write_queue_from_safe(skb, tmp, sk) \ + for (tmp = skb->next; \ + (skb != (struct sk_buff *)&(sk)->sk_write_queue); \ + skb = tmp, tmp = skb->next) + static inline struct sk_buff *tcp_send_head(struct sock *sk) { return sk->sk_send_head; @@ -1234,14 +1191,9 @@ static inline struct sk_buff *tcp_send_head(struct sock *sk) static inline void tcp_advance_send_head(struct sock *sk, struct sk_buff *skb) { - struct tcp_sock *tp = tcp_sk(sk); - sk->sk_send_head = skb->next; if (sk->sk_send_head == (struct sk_buff *)&sk->sk_write_queue) sk->sk_send_head = NULL; - /* Don't override Nagle indefinately with F-RTO */ - if (tp->frto_counter == 2) - tp->frto_counter = 3; } static inline void tcp_check_send_head(struct sock *sk, struct sk_buff *skb_unlinked) @@ -1265,8 +1217,12 @@ static inline void tcp_add_write_queue_tail(struct sock *sk, struct sk_buff *skb __tcp_add_write_queue_tail(sk, skb); /* Queue it, remembering where we must start sending. */ - if (sk->sk_send_head == NULL) + if (sk->sk_send_head == NULL) { sk->sk_send_head = skb; + + if (tcp_sk(sk)->highest_sack == NULL) + tcp_sk(sk)->highest_sack = skb; + } } static inline void __tcp_add_write_queue_head(struct sock *sk, struct sk_buff *skb) @@ -1288,6 +1244,9 @@ static inline void tcp_insert_write_queue_before(struct sk_buff *new, struct sock *sk) { __skb_insert(new, skb->prev, skb, &sk->sk_write_queue); + + if (sk->sk_send_head == skb) + sk->sk_send_head = new; } static inline void tcp_unlink_write_queue(struct sk_buff *skb, struct sock *sk) @@ -1306,6 +1265,45 @@ static inline int tcp_write_queue_empty(struct sock *sk) return skb_queue_empty(&sk->sk_write_queue); } +/* Start sequence of the highest skb with SACKed bit, valid only if + * sacked > 0 or when the caller has ensured validity by itself. + */ +static inline u32 tcp_highest_sack_seq(struct tcp_sock *tp) +{ + if (!tp->sacked_out) + return tp->snd_una; + + if (tp->highest_sack == NULL) + return tp->snd_nxt; + + return TCP_SKB_CB(tp->highest_sack)->seq; +} + +static inline void tcp_advance_highest_sack(struct sock *sk, struct sk_buff *skb) +{ + tcp_sk(sk)->highest_sack = tcp_skb_is_last(sk, skb) ? NULL : + tcp_write_queue_next(sk, skb); +} + +static inline struct sk_buff *tcp_highest_sack(struct sock *sk) +{ + return tcp_sk(sk)->highest_sack; +} + +static inline void tcp_highest_sack_reset(struct sock *sk) +{ + tcp_sk(sk)->highest_sack = tcp_write_queue_head(sk); +} + +/* Called when old skb is about to be deleted (to be combined with new skb) */ +static inline void tcp_highest_sack_combine(struct sock *sk, + struct sk_buff *old, + struct sk_buff *new) +{ + if (tcp_sk(sk)->sacked_out && (old == tcp_sk(sk)->highest_sack)) + tcp_sk(sk)->highest_sack = new; +} + /* /proc */ enum tcp_seq_states { TCP_SEQ_STATE_LISTENING, @@ -1356,7 +1354,8 @@ struct tcp_sock_af_ops { struct dst_entry *dst, struct request_sock *req, struct tcphdr *th, - int protocol, int len); + int protocol, + unsigned int len); int (*md5_add) (struct sock *sk, struct sock *addr_sk, u8 *newkey, diff --git a/include/net/transp_v6.h b/include/net/transp_v6.h index 409da3a9a45..27394e0447d 100644 --- a/include/net/transp_v6.h +++ b/include/net/transp_v6.h @@ -17,16 +17,20 @@ extern struct proto tcpv6_prot; struct flowi; /* extention headers */ -extern void ipv6_rthdr_init(void); -extern void ipv6_frag_init(void); -extern void ipv6_nodata_init(void); -extern void ipv6_destopt_init(void); +extern int ipv6_exthdrs_init(void); +extern void ipv6_exthdrs_exit(void); +extern int ipv6_frag_init(void); +extern void ipv6_frag_exit(void); /* transport protocols */ -extern void rawv6_init(void); -extern void udpv6_init(void); -extern void udplitev6_init(void); -extern void tcpv6_init(void); +extern int rawv6_init(void); +extern void rawv6_exit(void); +extern int udpv6_init(void); +extern void udpv6_exit(void); +extern int udplitev6_init(void); +extern void udplitev6_exit(void); +extern int tcpv6_init(void); +extern void tcpv6_exit(void); extern int udpv6_connect(struct sock *sk, struct sockaddr *uaddr, diff --git a/include/net/udp.h b/include/net/udp.h index 98755ebaf16..c6669c0a74c 100644 --- a/include/net/udp.h +++ b/include/net/udp.h @@ -65,6 +65,13 @@ extern rwlock_t udp_hash_lock; extern struct proto udp_prot; +extern atomic_t udp_memory_allocated; + +/* sysctl variables for udp */ +extern int sysctl_udp_mem[3]; +extern int sysctl_udp_rmem_min; +extern int sysctl_udp_wmem_min; + struct sk_buff; /* @@ -108,7 +115,7 @@ static inline void udp_lib_unhash(struct sock *sk) write_lock_bh(&udp_hash_lock); if (sk_del_node_init(sk)) { inet_sk(sk)->num = 0; - sock_prot_dec_use(sk->sk_prot); + sock_prot_inuse_add(sk->sk_prot, -1); } write_unlock_bh(&udp_hash_lock); } @@ -139,6 +146,12 @@ extern int udp_lib_setsockopt(struct sock *sk, int level, int optname, int (*push_pending_frames)(struct sock *)); DECLARE_SNMP_STAT(struct udp_mib, udp_statistics); +DECLARE_SNMP_STAT(struct udp_mib, udp_stats_in6); + +/* UDP-Lite does not have a standardized MIB yet, so we inherit from UDP */ +DECLARE_SNMP_STAT(struct udp_mib, udplite_statistics); +DECLARE_SNMP_STAT(struct udp_mib, udplite_stats_in6); + /* * SNMP statistics for UDP and UDP-Lite */ @@ -149,6 +162,25 @@ DECLARE_SNMP_STAT(struct udp_mib, udp_statistics); if (is_udplite) SNMP_INC_STATS_BH(udplite_statistics, field); \ else SNMP_INC_STATS_BH(udp_statistics, field); } while(0) +#define UDP6_INC_STATS_BH(field, is_udplite) do { \ + if (is_udplite) SNMP_INC_STATS_BH(udplite_stats_in6, field); \ + else SNMP_INC_STATS_BH(udp_stats_in6, field); } while(0) +#define UDP6_INC_STATS_USER(field, is_udplite) do { \ + if (is_udplite) SNMP_INC_STATS_USER(udplite_stats_in6, field); \ + else SNMP_INC_STATS_USER(udp_stats_in6, field); } while(0) + +#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) +#define UDPX_INC_STATS_BH(sk, field) \ + do { \ + if ((sk)->sk_family == AF_INET) \ + UDP_INC_STATS_BH(field, 0); \ + else \ + UDP6_INC_STATS_BH(field, 0); \ + } while (0); +#else +#define UDPX_INC_STATS_BH(sk, field) UDP_INC_STATS_BH(field, 0) +#endif + /* /proc */ struct udp_seq_afinfo { struct module *owner; @@ -173,4 +205,6 @@ extern void udp_proc_unregister(struct udp_seq_afinfo *afinfo); extern int udp4_proc_init(void); extern void udp4_proc_exit(void); #endif + +extern void udp_init(void); #endif /* _UDP_H */ diff --git a/include/net/udplite.h b/include/net/udplite.h index 635b0eafca9..b76b2e377af 100644 --- a/include/net/udplite.h +++ b/include/net/udplite.h @@ -13,9 +13,6 @@ extern struct proto udplite_prot; extern struct hlist_head udplite_hash[UDP_HTABLE_SIZE]; -/* UDP-Lite does not have a standardized MIB yet, so we inherit from UDP */ -DECLARE_SNMP_STAT(struct udp_mib, udplite_statistics); - /* * Checksum computation is all in software, hence simpler getfrag. */ diff --git a/include/net/veth.h b/include/net/veth.h deleted file mode 100644 index 3354c1eb424..00000000000 --- a/include/net/veth.h +++ /dev/null @@ -1,12 +0,0 @@ -#ifndef __NET_VETH_H_ -#define __NET_VETH_H_ - -enum { - VETH_INFO_UNSPEC, - VETH_INFO_PEER, - - __VETH_INFO_MAX -#define VETH_INFO_MAX (__VETH_INFO_MAX - 1) -}; - -#endif diff --git a/include/net/xfrm.h b/include/net/xfrm.h index 58dfa82889a..ac72116636c 100644 --- a/include/net/xfrm.h +++ b/include/net/xfrm.h @@ -19,6 +19,9 @@ #include <net/route.h> #include <net/ipv6.h> #include <net/ip6_fib.h> +#ifdef CONFIG_XFRM_STATISTICS +#include <net/snmp.h> +#endif #define XFRM_PROTO_ESP 50 #define XFRM_PROTO_AH 51 @@ -34,6 +37,17 @@ #define MODULE_ALIAS_XFRM_TYPE(family, proto) \ MODULE_ALIAS("xfrm-type-" __stringify(family) "-" __stringify(proto)) +#ifdef CONFIG_XFRM_STATISTICS +DECLARE_SNMP_STAT(struct linux_xfrm_mib, xfrm_statistics); +#define XFRM_INC_STATS(field) SNMP_INC_STATS(xfrm_statistics, field) +#define XFRM_INC_STATS_BH(field) SNMP_INC_STATS_BH(xfrm_statistics, field) +#define XFRM_INC_STATS_USER(field) SNMP_INC_STATS_USER(xfrm_statistics, field) +#else +#define XFRM_INC_STATS(field) +#define XFRM_INC_STATS_BH(field) +#define XFRM_INC_STATS_USER(field) +#endif + extern struct sock *xfrm_nl; extern u32 sysctl_xfrm_aevent_etime; extern u32 sysctl_xfrm_aevent_rseqth; @@ -145,6 +159,7 @@ struct xfrm_state struct xfrm_algo *aalg; struct xfrm_algo *ealg; struct xfrm_algo *calg; + struct xfrm_algo_aead *aead; /* Data for encapsulator */ struct xfrm_encap_tmpl *encap; @@ -183,11 +198,11 @@ struct xfrm_state struct timer_list timer; /* Last used time */ - u64 lastused; + unsigned long lastused; /* Reference to data common to all the instances of this * transformer. */ - struct xfrm_type *type; + const struct xfrm_type *type; struct xfrm_mode *inner_mode; struct xfrm_mode *outer_mode; @@ -227,22 +242,26 @@ struct km_event u32 event; }; +struct net_device; struct xfrm_type; struct xfrm_dst; struct xfrm_policy_afinfo { unsigned short family; struct dst_ops *dst_ops; void (*garbage_collect)(void); - int (*dst_lookup)(struct xfrm_dst **dst, struct flowi *fl); + struct dst_entry *(*dst_lookup)(int tos, xfrm_address_t *saddr, + xfrm_address_t *daddr); int (*get_saddr)(xfrm_address_t *saddr, xfrm_address_t *daddr); struct dst_entry *(*find_bundle)(struct flowi *fl, struct xfrm_policy *policy); - int (*bundle_create)(struct xfrm_policy *policy, - struct xfrm_state **xfrm, - int nx, - struct flowi *fl, - struct dst_entry **dst_p); void (*decode_session)(struct sk_buff *skb, - struct flowi *fl); + struct flowi *fl, + int reverse); + int (*get_tos)(struct flowi *fl); + int (*init_path)(struct xfrm_dst *path, + struct dst_entry *dst, + int nfheader_len); + int (*fill_dst)(struct xfrm_dst *xdst, + struct net_device *dev); }; extern int xfrm_policy_register_afinfo(struct xfrm_policy_afinfo *afinfo); @@ -257,8 +276,10 @@ extern int __xfrm_state_delete(struct xfrm_state *x); struct xfrm_state_afinfo { unsigned int family; + unsigned int proto; + unsigned int eth_proto; struct module *owner; - struct xfrm_type *type_map[IPPROTO_MAX]; + const struct xfrm_type *type_map[IPPROTO_MAX]; struct xfrm_mode *mode_map[XFRM_MODE_MAX]; int (*init_flags)(struct xfrm_state *x); void (*init_tempsel)(struct xfrm_state *x, struct flowi *fl, @@ -267,6 +288,12 @@ struct xfrm_state_afinfo { int (*tmpl_sort)(struct xfrm_tmpl **dst, struct xfrm_tmpl **src, int n); int (*state_sort)(struct xfrm_state **dst, struct xfrm_state **src, int n); int (*output)(struct sk_buff *skb); + int (*extract_input)(struct xfrm_state *x, + struct sk_buff *skb); + int (*extract_output)(struct xfrm_state *x, + struct sk_buff *skb); + int (*transport_finish)(struct sk_buff *skb, + int async); }; extern int xfrm_state_register_afinfo(struct xfrm_state_afinfo *afinfo); @@ -282,6 +309,8 @@ struct xfrm_type __u8 flags; #define XFRM_TYPE_NON_FRAGMENT 1 #define XFRM_TYPE_REPLAY_PROT 2 +#define XFRM_TYPE_LOCAL_COADDR 4 +#define XFRM_TYPE_REMOTE_COADDR 8 int (*init_state)(struct xfrm_state *x); void (*destructor)(struct xfrm_state *); @@ -289,16 +318,35 @@ struct xfrm_type int (*output)(struct xfrm_state *, struct sk_buff *pskb); int (*reject)(struct xfrm_state *, struct sk_buff *, struct flowi *); int (*hdr_offset)(struct xfrm_state *, struct sk_buff *, u8 **); - xfrm_address_t *(*local_addr)(struct xfrm_state *, xfrm_address_t *); - xfrm_address_t *(*remote_addr)(struct xfrm_state *, xfrm_address_t *); /* Estimate maximal size of result of transformation of a dgram */ u32 (*get_mtu)(struct xfrm_state *, int size); }; -extern int xfrm_register_type(struct xfrm_type *type, unsigned short family); -extern int xfrm_unregister_type(struct xfrm_type *type, unsigned short family); +extern int xfrm_register_type(const struct xfrm_type *type, unsigned short family); +extern int xfrm_unregister_type(const struct xfrm_type *type, unsigned short family); struct xfrm_mode { + /* + * Remove encapsulation header. + * + * The IP header will be moved over the top of the encapsulation + * header. + * + * On entry, the transport header shall point to where the IP header + * should be and the network header shall be set to where the IP + * header currently is. skb->data shall point to the start of the + * payload. + */ + int (*input2)(struct xfrm_state *x, struct sk_buff *skb); + + /* + * This is the actual input entry point. + * + * For transport mode and equivalent this would be identical to + * input2 (which does not need to be set). While tunnel mode + * and equivalent would set this to the tunnel encapsulation function + * xfrm4_prepare_input that would in turn call input2. + */ int (*input)(struct xfrm_state *x, struct sk_buff *skb); /* @@ -312,7 +360,18 @@ struct xfrm_mode { * header. The value of the network header will always point * to the top IP header while skb->data will point to the payload. */ - int (*output)(struct xfrm_state *x,struct sk_buff *skb); + int (*output2)(struct xfrm_state *x,struct sk_buff *skb); + + /* + * This is the actual output entry point. + * + * For transport mode and equivalent this would be identical to + * output2 (which does not need to be set). While tunnel mode + * and equivalent would set this to a tunnel encapsulation function + * (xfrm4_prepare_output or xfrm6_prepare_output) that would in turn + * call output2. + */ + int (*output)(struct xfrm_state *x, struct sk_buff *skb); struct xfrm_state_afinfo *afinfo; struct module *owner; @@ -454,6 +513,51 @@ struct xfrm_skb_cb { #define XFRM_SKB_CB(__skb) ((struct xfrm_skb_cb *)&((__skb)->cb[0])) +/* + * This structure is used by the afinfo prepare_input/prepare_output functions + * to transmit header information to the mode input/output functions. + */ +struct xfrm_mode_skb_cb { + union { + struct inet_skb_parm h4; + struct inet6_skb_parm h6; + } header; + + /* Copied from header for IPv4, always set to zero and DF for IPv6. */ + __be16 id; + __be16 frag_off; + + /* TOS for IPv4, class for IPv6. */ + u8 tos; + + /* TTL for IPv4, hop limitfor IPv6. */ + u8 ttl; + + /* Protocol for IPv4, NH for IPv6. */ + u8 protocol; + + /* Used by IPv6 only, zero for IPv4. */ + u8 flow_lbl[3]; +}; + +#define XFRM_MODE_SKB_CB(__skb) ((struct xfrm_mode_skb_cb *)&((__skb)->cb[0])) + +/* + * This structure is used by the input processing to locate the SPI and + * related information. + */ +struct xfrm_spi_skb_cb { + union { + struct inet_skb_parm h4; + struct inet6_skb_parm h6; + } header; + + unsigned int daddroff; + unsigned int family; +}; + +#define XFRM_SPI_SKB_CB(__skb) ((struct xfrm_spi_skb_cb *)&((__skb)->cb[0])) + /* Audit Information */ struct xfrm_audit { @@ -462,41 +566,59 @@ struct xfrm_audit }; #ifdef CONFIG_AUDITSYSCALL -static inline struct audit_buffer *xfrm_audit_start(u32 auid, u32 sid) +static inline struct audit_buffer *xfrm_audit_start(const char *op) { struct audit_buffer *audit_buf = NULL; - char *secctx; - u32 secctx_len; + if (audit_enabled == 0) + return NULL; audit_buf = audit_log_start(current->audit_context, GFP_ATOMIC, - AUDIT_MAC_IPSEC_EVENT); + AUDIT_MAC_IPSEC_EVENT); if (audit_buf == NULL) return NULL; + audit_log_format(audit_buf, "op=%s", op); + return audit_buf; +} - audit_log_format(audit_buf, "auid=%u", auid); +static inline void xfrm_audit_helper_usrinfo(u32 auid, u32 secid, + struct audit_buffer *audit_buf) +{ + char *secctx; + u32 secctx_len; - if (sid != 0 && - security_secid_to_secctx(sid, &secctx, &secctx_len) == 0) { + audit_log_format(audit_buf, " auid=%u", auid); + if (secid != 0 && + security_secid_to_secctx(secid, &secctx, &secctx_len) == 0) { audit_log_format(audit_buf, " subj=%s", secctx); security_release_secctx(secctx, secctx_len); } else audit_log_task_context(audit_buf); - return audit_buf; } extern void xfrm_audit_policy_add(struct xfrm_policy *xp, int result, - u32 auid, u32 sid); + u32 auid, u32 secid); extern void xfrm_audit_policy_delete(struct xfrm_policy *xp, int result, - u32 auid, u32 sid); + u32 auid, u32 secid); extern void xfrm_audit_state_add(struct xfrm_state *x, int result, - u32 auid, u32 sid); + u32 auid, u32 secid); extern void xfrm_audit_state_delete(struct xfrm_state *x, int result, - u32 auid, u32 sid); + u32 auid, u32 secid); +extern void xfrm_audit_state_replay_overflow(struct xfrm_state *x, + struct sk_buff *skb); +extern void xfrm_audit_state_notfound_simple(struct sk_buff *skb, u16 family); +extern void xfrm_audit_state_notfound(struct sk_buff *skb, u16 family, + __be32 net_spi, __be32 net_seq); +extern void xfrm_audit_state_icvfail(struct xfrm_state *x, + struct sk_buff *skb, u8 proto); #else #define xfrm_audit_policy_add(x, r, a, s) do { ; } while (0) #define xfrm_audit_policy_delete(x, r, a, s) do { ; } while (0) #define xfrm_audit_state_add(x, r, a, s) do { ; } while (0) #define xfrm_audit_state_delete(x, r, a, s) do { ; } while (0) +#define xfrm_audit_state_replay_overflow(x, s) do { ; } while (0) +#define xfrm_audit_state_notfound_simple(s, f) do { ; } while (0) +#define xfrm_audit_state_notfound(s, f, sp, sq) do { ; } while (0) +#define xfrm_audit_state_icvfail(x, s, p) do { ; } while (0) #endif /* CONFIG_AUDITSYSCALL */ static inline void xfrm_pol_hold(struct xfrm_policy *policy) @@ -505,12 +627,12 @@ static inline void xfrm_pol_hold(struct xfrm_policy *policy) atomic_inc(&policy->refcnt); } -extern void __xfrm_policy_destroy(struct xfrm_policy *policy); +extern void xfrm_policy_destroy(struct xfrm_policy *policy); static inline void xfrm_pol_put(struct xfrm_policy *policy) { if (atomic_dec_and_test(&policy->refcnt)) - __xfrm_policy_destroy(policy); + xfrm_policy_destroy(policy); } #ifdef CONFIG_XFRM_SUB_POLICY @@ -757,17 +879,25 @@ xfrm_state_addr_cmp(struct xfrm_tmpl *tmpl, struct xfrm_state *x, unsigned short } #ifdef CONFIG_XFRM - extern int __xfrm_policy_check(struct sock *, int dir, struct sk_buff *skb, unsigned short family); -static inline int xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *skb, unsigned short family) +static inline int __xfrm_policy_check2(struct sock *sk, int dir, + struct sk_buff *skb, + unsigned int family, int reverse) { + int ndir = dir | (reverse ? XFRM_POLICY_MASK + 1 : 0); + if (sk && sk->sk_policy[XFRM_POLICY_IN]) - return __xfrm_policy_check(sk, dir, skb, family); + return __xfrm_policy_check(sk, ndir, skb, family); return (!xfrm_policy_count[dir] && !skb->sp) || (skb->dst->flags & DST_NOPOLICY) || - __xfrm_policy_check(sk, dir, skb, family); + __xfrm_policy_check(sk, ndir, skb, family); +} + +static inline int xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *skb, unsigned short family) +{ + return __xfrm_policy_check2(sk, dir, skb, family, 0); } static inline int xfrm4_policy_check(struct sock *sk, int dir, struct sk_buff *skb) @@ -780,7 +910,34 @@ static inline int xfrm6_policy_check(struct sock *sk, int dir, struct sk_buff *s return xfrm_policy_check(sk, dir, skb, AF_INET6); } -extern int xfrm_decode_session(struct sk_buff *skb, struct flowi *fl, unsigned short family); +static inline int xfrm4_policy_check_reverse(struct sock *sk, int dir, + struct sk_buff *skb) +{ + return __xfrm_policy_check2(sk, dir, skb, AF_INET, 1); +} + +static inline int xfrm6_policy_check_reverse(struct sock *sk, int dir, + struct sk_buff *skb) +{ + return __xfrm_policy_check2(sk, dir, skb, AF_INET6, 1); +} + +extern int __xfrm_decode_session(struct sk_buff *skb, struct flowi *fl, + unsigned int family, int reverse); + +static inline int xfrm_decode_session(struct sk_buff *skb, struct flowi *fl, + unsigned int family) +{ + return __xfrm_decode_session(skb, fl, family, 0); +} + +static inline int xfrm_decode_session_reverse(struct sk_buff *skb, + struct flowi *fl, + unsigned int family) +{ + return __xfrm_decode_session(skb, fl, family, 1); +} + extern int __xfrm_route_forward(struct sk_buff *skb, unsigned short family); static inline int xfrm_route_forward(struct sk_buff *skb, unsigned short family) @@ -841,6 +998,22 @@ static inline int xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *sk { return 1; } +static inline int xfrm_decode_session_reverse(struct sk_buff *skb, + struct flowi *fl, + unsigned int family) +{ + return -ENOSYS; +} +static inline int xfrm4_policy_check_reverse(struct sock *sk, int dir, + struct sk_buff *skb) +{ + return 1; +} +static inline int xfrm6_policy_check_reverse(struct sock *sk, int dir, + struct sk_buff *skb) +{ + return 1; +} #endif static __inline__ @@ -936,6 +1109,10 @@ static inline int xfrm_id_proto_match(u8 proto, u8 userproto) /* * xfrm algorithm information */ +struct xfrm_algo_aead_info { + u16 icv_truncbits; +}; + struct xfrm_algo_auth_info { u16 icv_truncbits; u16 icv_fullbits; @@ -955,6 +1132,7 @@ struct xfrm_algo_desc { char *compat; u8 available:1; union { + struct xfrm_algo_aead_info aead; struct xfrm_algo_auth_info auth; struct xfrm_algo_encr_info encr; struct xfrm_algo_comp_info comp; @@ -981,12 +1159,27 @@ struct xfrm6_tunnel { extern void xfrm_init(void); extern void xfrm4_init(void); -extern void xfrm6_init(void); -extern void xfrm6_fini(void); extern void xfrm_state_init(void); extern void xfrm4_state_init(void); -extern void xfrm6_state_init(void); +#ifdef CONFIG_XFRM +extern int xfrm6_init(void); +extern void xfrm6_fini(void); +extern int xfrm6_state_init(void); extern void xfrm6_state_fini(void); +#else +static inline int xfrm6_init(void) +{ + return 0; +} +static inline void xfrm6_fini(void) +{ + ; +} +#endif + +#ifdef CONFIG_XFRM_STATISTICS +extern int xfrm_proc_init(void); +#endif extern int xfrm_state_walk(u8 proto, int (*func)(struct xfrm_state *, int, void*), void *); extern struct xfrm_state *xfrm_state_alloc(void); @@ -1045,14 +1238,23 @@ extern int xfrm_state_delete(struct xfrm_state *x); extern int xfrm_state_flush(u8 proto, struct xfrm_audit *audit_info); extern void xfrm_sad_getinfo(struct xfrmk_sadinfo *si); extern void xfrm_spd_getinfo(struct xfrmk_spdinfo *si); -extern int xfrm_replay_check(struct xfrm_state *x, __be32 seq); +extern int xfrm_replay_check(struct xfrm_state *x, + struct sk_buff *skb, __be32 seq); extern void xfrm_replay_advance(struct xfrm_state *x, __be32 seq); extern void xfrm_replay_notify(struct xfrm_state *x, int event); extern int xfrm_state_mtu(struct xfrm_state *x, int mtu); extern int xfrm_init_state(struct xfrm_state *x); +extern int xfrm_prepare_input(struct xfrm_state *x, struct sk_buff *skb); +extern int xfrm_input(struct sk_buff *skb, int nexthdr, __be32 spi, + int encap_type); +extern int xfrm_input_resume(struct sk_buff *skb, int nexthdr); +extern int xfrm_output_resume(struct sk_buff *skb, int err); extern int xfrm_output(struct sk_buff *skb); +extern int xfrm4_extract_header(struct sk_buff *skb); +extern int xfrm4_extract_input(struct xfrm_state *x, struct sk_buff *skb); extern int xfrm4_rcv_encap(struct sk_buff *skb, int nexthdr, __be32 spi, int encap_type); +extern int xfrm4_transport_finish(struct sk_buff *skb, int async); extern int xfrm4_rcv(struct sk_buff *skb); static inline int xfrm4_rcv_spi(struct sk_buff *skb, int nexthdr, __be32 spi) @@ -1060,10 +1262,15 @@ static inline int xfrm4_rcv_spi(struct sk_buff *skb, int nexthdr, __be32 spi) return xfrm4_rcv_encap(skb, nexthdr, spi, 0); } +extern int xfrm4_extract_output(struct xfrm_state *x, struct sk_buff *skb); +extern int xfrm4_prepare_output(struct xfrm_state *x, struct sk_buff *skb); extern int xfrm4_output(struct sk_buff *skb); extern int xfrm4_tunnel_register(struct xfrm_tunnel *handler, unsigned short family); extern int xfrm4_tunnel_deregister(struct xfrm_tunnel *handler, unsigned short family); +extern int xfrm6_extract_header(struct sk_buff *skb); +extern int xfrm6_extract_input(struct xfrm_state *x, struct sk_buff *skb); extern int xfrm6_rcv_spi(struct sk_buff *skb, int nexthdr, __be32 spi); +extern int xfrm6_transport_finish(struct sk_buff *skb, int async); extern int xfrm6_rcv(struct sk_buff *skb); extern int xfrm6_input_addr(struct sk_buff *skb, xfrm_address_t *daddr, xfrm_address_t *saddr, u8 proto); @@ -1072,6 +1279,8 @@ extern int xfrm6_tunnel_deregister(struct xfrm6_tunnel *handler, unsigned short extern __be32 xfrm6_tunnel_alloc_spi(xfrm_address_t *saddr); extern void xfrm6_tunnel_free_spi(xfrm_address_t *saddr); extern __be32 xfrm6_tunnel_spi_lookup(xfrm_address_t *saddr); +extern int xfrm6_extract_output(struct xfrm_state *x, struct sk_buff *skb); +extern int xfrm6_prepare_output(struct xfrm_state *x, struct sk_buff *skb); extern int xfrm6_output(struct sk_buff *skb); extern int xfrm6_find_1stfragopt(struct xfrm_state *x, struct sk_buff *skb, u8 **prevhdr); @@ -1079,7 +1288,6 @@ extern int xfrm6_find_1stfragopt(struct xfrm_state *x, struct sk_buff *skb, #ifdef CONFIG_XFRM extern int xfrm4_udp_encap_rcv(struct sock *sk, struct sk_buff *skb); extern int xfrm_user_policy(struct sock *sk, int optname, u8 __user *optval, int optlen); -extern int xfrm_dst_lookup(struct xfrm_dst **dst, struct flowi *fl, unsigned short family); #else static inline int xfrm_user_policy(struct sock *sk, int optname, u8 __user *optval, int optlen) { @@ -1092,11 +1300,6 @@ static inline int xfrm4_udp_encap_rcv(struct sock *sk, struct sk_buff *skb) kfree_skb(skb); return 0; } - -static inline int xfrm_dst_lookup(struct xfrm_dst **dst, struct flowi *fl, unsigned short family) -{ - return -EINVAL; -} #endif struct xfrm_policy *xfrm_policy_alloc(gfp_t gfp); @@ -1113,11 +1316,9 @@ extern int xfrm_alloc_spi(struct xfrm_state *x, u32 minspi, u32 maxspi); struct xfrm_state * xfrm_find_acq(u8 mode, u32 reqid, u8 proto, xfrm_address_t *daddr, xfrm_address_t *saddr, int create, unsigned short family); -extern int xfrm_policy_flush(u8 type, struct xfrm_audit *audit_info); extern int xfrm_sk_policy_insert(struct sock *sk, int dir, struct xfrm_policy *pol); extern int xfrm_bundle_ok(struct xfrm_policy *pol, struct xfrm_dst *xdst, struct flowi *fl, int family, int strict); -extern void xfrm_init_pmtu(struct dst_entry *dst); #ifdef CONFIG_XFRM_MIGRATE extern int km_migrate(struct xfrm_selector *sel, u8 dir, u8 type, @@ -1148,6 +1349,8 @@ extern struct xfrm_algo_desc *xfrm_calg_get_byid(int alg_id); extern struct xfrm_algo_desc *xfrm_aalg_get_byname(char *name, int probe); extern struct xfrm_algo_desc *xfrm_ealg_get_byname(char *name, int probe); extern struct xfrm_algo_desc *xfrm_calg_get_byname(char *name, int probe); +extern struct xfrm_algo_desc *xfrm_aead_get_byname(char *name, int icv_len, + int probe); struct hash_desc; struct scatterlist; @@ -1188,10 +1391,15 @@ static inline int xfrm_aevent_is_on(void) return ret; } +static inline int xfrm_alg_len(struct xfrm_algo *alg) +{ + return sizeof(*alg) + ((alg->alg_key_len + 7) / 8); +} + #ifdef CONFIG_XFRM_MIGRATE static inline struct xfrm_algo *xfrm_algo_clone(struct xfrm_algo *orig) { - return (struct xfrm_algo *)kmemdup(orig, sizeof(*orig) + orig->alg_key_len, GFP_KERNEL); + return kmemdup(orig, xfrm_alg_len(orig), GFP_KERNEL); } static inline void xfrm_states_put(struct xfrm_state **states, int n) @@ -1209,4 +1417,9 @@ static inline void xfrm_states_delete(struct xfrm_state **states, int n) } #endif +static inline struct xfrm_state *xfrm_input_state(struct sk_buff *skb) +{ + return skb->sp->xvec[skb->sp->len - 1]; +} + #endif /* _NET_XFRM_H */ |