tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: (27 commits)
slcan: fix ldisc->open retval
net/usb: mark LG VL600 LTE modem ethernet interface as WWAN
xfrm: Don't allow esn with disabled anti replay detection
xfrm: Assign the inner mode output function to the dst entry
net: dev_close() should check IFF_UP
vlan: fix GVRP at dismantle time
netfilter: revert a2361c8735e07322023aedc36e4938b35af31eb0
netfilter: IPv6: fix DSCP mangle code
netfilter: IPv6: initialize TOS field in REJECT target module
IPVS: init and cleanup restructuring
IPVS: Change of socket usage to enable name space exit.
netfilter: ebtables: only call xt_compat_add_offset once per rule
netfilter: fix ebtables compat support
netfilter: ctnetlink: fix timestamp support for new conntracks
pch_gbe: support ML7223 IOH
PCH_GbE : Fixed the issue of checksum judgment
PCH_GbE : Fixed the issue of collision detection
NET: slip, fix ldisc->open retval
be2net: Fixed bugs related to PVID.
ehea: fix wrongly reported speed and port
...
+423
-233
+7
-1
drivers/net/Kconfig
+7
-1
drivers/net/Kconfig
···
2536
2536
source "drivers/net/stmmac/Kconfig"
2537
2537
2538
2538
config PCH_GBE
2539
-
tristate "PCH Gigabit Ethernet"
2539
+
tristate "Intel EG20T PCH / OKI SEMICONDUCTOR ML7223 IOH GbE"
2540
2540
depends on PCI
2541
2541
select MII
2542
2542
---help---
···
2547
2547
Using this interface, it is able to access system devices connected
2548
2548
to Gigabit Ethernet.
2549
2549
This driver enables Gigabit Ethernet function.
2550
+
2551
+
This driver also can be used for OKI SEMICONDUCTOR IOH(Input/
2552
+
Output Hub), ML7223.
2553
+
ML7223 IOH is for MP(Media Phone) use.
2554
+
ML7223 is companion chip for Intel Atom E6xx series.
2555
+
ML7223 is completely compatible for Intel EG20T PCH.
2550
2556
2551
2557
endif # NETDEV_1000
2552
2558
+1
-1
drivers/net/benet/be.h
+1
-1
drivers/net/benet/be.h
+1
-1
drivers/net/benet/be_cmds.c
+1
-1
drivers/net/benet/be_cmds.c
+12
-6
drivers/net/benet/be_main.c
+12
-6
drivers/net/benet/be_main.c
···
1018
1018
kfree_skb(skb);
1019
1019
return;
1020
1020
}
1021
-
vlan_hwaccel_receive_skb(skb, adapter->vlan_grp, rxcp->vid);
1021
+
vlan_hwaccel_receive_skb(skb, adapter->vlan_grp,
1022
+
rxcp->vlan_tag);
1022
1023
} else {
1023
1024
netif_receive_skb(skb);
1024
1025
}
···
1077
1076
if (likely(!rxcp->vlanf))
1078
1077
napi_gro_frags(&eq_obj->napi);
1079
1078
else
1080
-
vlan_gro_frags(&eq_obj->napi, adapter->vlan_grp, rxcp->vid);
1079
+
vlan_gro_frags(&eq_obj->napi, adapter->vlan_grp,
1080
+
rxcp->vlan_tag);
1081
1081
}
1082
1082
1083
1083
static void be_parse_rx_compl_v1(struct be_adapter *adapter,
···
1104
1102
rxcp->pkt_type =
1105
1103
AMAP_GET_BITS(struct amap_eth_rx_compl_v1, cast_enc, compl);
1106
1104
rxcp->vtm = AMAP_GET_BITS(struct amap_eth_rx_compl_v1, vtm, compl);
1107
-
rxcp->vid = AMAP_GET_BITS(struct amap_eth_rx_compl_v1, vlan_tag, compl);
1105
+
rxcp->vlan_tag = AMAP_GET_BITS(struct amap_eth_rx_compl_v1, vlan_tag,
1106
+
compl);
1108
1107
}
1109
1108
1110
1109
static void be_parse_rx_compl_v0(struct be_adapter *adapter,
···
1131
1128
rxcp->pkt_type =
1132
1129
AMAP_GET_BITS(struct amap_eth_rx_compl_v0, cast_enc, compl);
1133
1130
rxcp->vtm = AMAP_GET_BITS(struct amap_eth_rx_compl_v0, vtm, compl);
1134
-
rxcp->vid = AMAP_GET_BITS(struct amap_eth_rx_compl_v0, vlan_tag, compl);
1131
+
rxcp->vlan_tag = AMAP_GET_BITS(struct amap_eth_rx_compl_v0, vlan_tag,
1132
+
compl);
1135
1133
}
1136
1134
1137
1135
static struct be_rx_compl_info *be_rx_compl_get(struct be_rx_obj *rxo)
···
1159
1155
rxcp->vlanf = 0;
1160
1156
1161
1157
if (!lancer_chip(adapter))
1162
-
rxcp->vid = swab16(rxcp->vid);
1158
+
rxcp->vlan_tag = swab16(rxcp->vlan_tag);
1163
1159
1164
-
if ((adapter->pvid == rxcp->vid) && !adapter->vlan_tag[rxcp->vid])
1160
+
if (((adapter->pvid & VLAN_VID_MASK) ==
1161
+
(rxcp->vlan_tag & VLAN_VID_MASK)) &&
1162
+
!adapter->vlan_tag[rxcp->vlan_tag])
1165
1163
rxcp->vlanf = 0;
1166
1164
1167
1165
/* As the compl has been parsed, reset it; we wont touch it again */
+1
-1
drivers/net/can/sja1000/sja1000.c
+1
-1
drivers/net/can/sja1000/sja1000.c
···
346
346
| (priv->read_reg(priv, REG_ID2) >> 5);
347
347
}
348
348
349
+
cf->can_dlc = get_can_dlc(fi & 0x0F);
349
350
if (fi & FI_RTR) {
350
351
id |= CAN_RTR_FLAG;
351
352
} else {
352
-
cf->can_dlc = get_can_dlc(fi & 0x0F);
353
353
for (i = 0; i < cf->can_dlc; i++)
354
354
cf->data[i] = priv->read_reg(priv, dreg++);
355
355
}
+3
-1
drivers/net/can/slcan.c
+3
-1
drivers/net/can/slcan.c
···
583
583
/* Done. We have linked the TTY line to a channel. */
584
584
rtnl_unlock();
585
585
tty->receive_room = 65536; /* We don't flow control */
586
-
return sl->dev->base_addr;
586
+
587
+
/* TTY layer expects 0 on success */
588
+
return 0;
587
589
588
590
err_free_chan:
589
591
sl->tty = NULL;
+13
-8
drivers/net/ehea/ehea_ethtool.c
+13
-8
drivers/net/ehea/ehea_ethtool.c
···
55
55
cmd->duplex = -1;
56
56
}
57
57
58
-
cmd->supported = (SUPPORTED_10000baseT_Full | SUPPORTED_1000baseT_Full
59
-
| SUPPORTED_100baseT_Full | SUPPORTED_100baseT_Half
60
-
| SUPPORTED_10baseT_Full | SUPPORTED_10baseT_Half
61
-
| SUPPORTED_Autoneg | SUPPORTED_FIBRE);
58
+
if (cmd->speed == SPEED_10000) {
59
+
cmd->supported = (SUPPORTED_10000baseT_Full | SUPPORTED_FIBRE);
60
+
cmd->advertising = (ADVERTISED_10000baseT_Full | ADVERTISED_FIBRE);
61
+
cmd->port = PORT_FIBRE;
62
+
} else {
63
+
cmd->supported = (SUPPORTED_1000baseT_Full | SUPPORTED_100baseT_Full
64
+
| SUPPORTED_100baseT_Half | SUPPORTED_10baseT_Full
65
+
| SUPPORTED_10baseT_Half | SUPPORTED_Autoneg
66
+
| SUPPORTED_TP);
67
+
cmd->advertising = (ADVERTISED_1000baseT_Full | ADVERTISED_Autoneg
68
+
| ADVERTISED_TP);
69
+
cmd->port = PORT_TP;
70
+
}
62
71
63
-
cmd->advertising = (ADVERTISED_10000baseT_Full | ADVERTISED_Autoneg
64
-
| ADVERTISED_FIBRE);
65
-
66
-
cmd->port = PORT_FIBRE;
67
72
cmd->autoneg = port->autoneg == 1 ? AUTONEG_ENABLE : AUTONEG_DISABLE;
68
73
69
74
return 0;
+16
-7
drivers/net/pch_gbe/pch_gbe_main.c
+16
-7
drivers/net/pch_gbe/pch_gbe_main.c
···
34
34
#define PCH_GBE_COPYBREAK_DEFAULT 256
35
35
#define PCH_GBE_PCI_BAR 1
36
36
37
+
/* Macros for ML7223 */
38
+
#define PCI_VENDOR_ID_ROHM 0x10db
39
+
#define PCI_DEVICE_ID_ROHM_ML7223_GBE 0x8013
40
+
37
41
#define PCH_GBE_TX_WEIGHT 64
38
42
#define PCH_GBE_RX_WEIGHT 64
39
43
#define PCH_GBE_RX_BUFFER_WRITE 16
···
47
43
48
44
#define PCH_GBE_MAC_RGMII_CTRL_SETTING ( \
49
45
PCH_GBE_CHIP_TYPE_INTERNAL | \
50
-
PCH_GBE_RGMII_MODE_RGMII | \
51
-
PCH_GBE_CRS_SEL \
46
+
PCH_GBE_RGMII_MODE_RGMII \
52
47
)
53
48
54
49
/* Ethertype field values */
···
1497
1494
/* Write meta date of skb */
1498
1495
skb_put(skb, length);
1499
1496
skb->protocol = eth_type_trans(skb, netdev);
1500
-
if ((tcp_ip_status & PCH_GBE_RXD_ACC_STAT_TCPIPOK) ==
1501
-
PCH_GBE_RXD_ACC_STAT_TCPIPOK) {
1502
-
skb->ip_summed = CHECKSUM_UNNECESSARY;
1503
-
} else {
1497
+
if (tcp_ip_status & PCH_GBE_RXD_ACC_STAT_TCPIPOK)
1504
1498
skb->ip_summed = CHECKSUM_NONE;
1505
-
}
1499
+
else
1500
+
skb->ip_summed = CHECKSUM_UNNECESSARY;
1501
+
1506
1502
napi_gro_receive(&adapter->napi, skb);
1507
1503
(*work_done)++;
1508
1504
pr_debug("Receive skb->ip_summed: %d length: %d\n",
···
2417
2415
static DEFINE_PCI_DEVICE_TABLE(pch_gbe_pcidev_id) = {
2418
2416
{.vendor = PCI_VENDOR_ID_INTEL,
2419
2417
.device = PCI_DEVICE_ID_INTEL_IOH1_GBE,
2418
+
.subvendor = PCI_ANY_ID,
2419
+
.subdevice = PCI_ANY_ID,
2420
+
.class = (PCI_CLASS_NETWORK_ETHERNET << 8),
2421
+
.class_mask = (0xFFFF00)
2422
+
},
2423
+
{.vendor = PCI_VENDOR_ID_ROHM,
2424
+
.device = PCI_DEVICE_ID_ROHM_ML7223_GBE,
2420
2425
.subvendor = PCI_ANY_ID,
2421
2426
.subdevice = PCI_ANY_ID,
2422
2427
.class = (PCI_CLASS_NETWORK_ETHERNET << 8),
+3
-1
drivers/net/slip.c
+3
-1
drivers/net/slip.c
···
853
853
/* Done. We have linked the TTY line to a channel. */
854
854
rtnl_unlock();
855
855
tty->receive_room = 65536; /* We don't flow control */
856
-
return sl->dev->base_addr;
856
+
857
+
/* TTY layer expects 0 on success */
858
+
return 0;
857
859
858
860
err_free_bufs:
859
861
sl_free_bufs(sl);
+1
-1
drivers/net/usb/cdc_ether.c
+1
-1
drivers/net/usb/cdc_ether.c
+9
-5
drivers/net/usb/ipheth.c
+9
-5
drivers/net/usb/ipheth.c
···
65
65
#define IPHETH_USBINTF_PROTO 1
66
66
67
67
#define IPHETH_BUF_SIZE 1516
68
+
#define IPHETH_IP_ALIGN 2 /* padding at front of URB */
68
69
#define IPHETH_TX_TIMEOUT (5 * HZ)
69
70
70
71
#define IPHETH_INTFNUM 2
···
203
202
return;
204
203
}
205
204
206
-
len = urb->actual_length;
207
-
buf = urb->transfer_buffer;
205
+
if (urb->actual_length <= IPHETH_IP_ALIGN) {
206
+
dev->net->stats.rx_length_errors++;
207
+
return;
208
+
}
209
+
len = urb->actual_length - IPHETH_IP_ALIGN;
210
+
buf = urb->transfer_buffer + IPHETH_IP_ALIGN;
208
211
209
-
skb = dev_alloc_skb(NET_IP_ALIGN + len);
212
+
skb = dev_alloc_skb(len);
210
213
if (!skb) {
211
214
err("%s: dev_alloc_skb: -ENOMEM", __func__);
212
215
dev->net->stats.rx_dropped++;
213
216
return;
214
217
}
215
218
216
-
skb_reserve(skb, NET_IP_ALIGN);
217
-
memcpy(skb_put(skb, len), buf + NET_IP_ALIGN, len - NET_IP_ALIGN);
219
+
memcpy(skb_put(skb, len), buf, len);
218
220
skb->dev = dev->net;
219
221
skb->protocol = eth_type_trans(skb, dev->net);
220
222
+7
-3
drivers/net/usb/usbnet.c
+7
-3
drivers/net/usb/usbnet.c
···
645
645
struct driver_info *info = dev->driver_info;
646
646
int retval;
647
647
648
+
clear_bit(EVENT_DEV_OPEN, &dev->flags);
648
649
netif_stop_queue (net);
649
650
650
651
netif_info(dev, ifdown, dev->net,
···
1525
1524
smp_mb();
1526
1525
clear_bit(EVENT_DEV_ASLEEP, &dev->flags);
1527
1526
spin_unlock_irq(&dev->txq.lock);
1528
-
if (!(dev->txq.qlen >= TX_QLEN(dev)))
1529
-
netif_start_queue(dev->net);
1530
-
tasklet_schedule (&dev->bh);
1527
+
1528
+
if (test_bit(EVENT_DEV_OPEN, &dev->flags)) {
1529
+
if (!(dev->txq.qlen >= TX_QLEN(dev)))
1530
+
netif_start_queue(dev->net);
1531
+
tasklet_schedule (&dev->bh);
1532
+
}
1531
1533
}
1532
1534
return 0;
1533
1535
}
+6
-4
drivers/net/vmxnet3/vmxnet3_drv.c
+6
-4
drivers/net/vmxnet3/vmxnet3_drv.c
···
178
178
vmxnet3_process_events(struct vmxnet3_adapter *adapter)
179
179
{
180
180
int i;
181
+
unsigned long flags;
181
182
u32 events = le32_to_cpu(adapter->shared->ecr);
182
183
if (!events)
183
184
return;
···
191
190
192
191
/* Check if there is an error on xmit/recv queues */
193
192
if (events & (VMXNET3_ECR_TQERR | VMXNET3_ECR_RQERR)) {
194
-
spin_lock(&adapter->cmd_lock);
193
+
spin_lock_irqsave(&adapter->cmd_lock, flags);
195
194
VMXNET3_WRITE_BAR1_REG(adapter, VMXNET3_REG_CMD,
196
195
VMXNET3_CMD_GET_QUEUE_STATUS);
197
-
spin_unlock(&adapter->cmd_lock);
196
+
spin_unlock_irqrestore(&adapter->cmd_lock, flags);
198
197
199
198
for (i = 0; i < adapter->num_tx_queues; i++)
200
199
if (adapter->tqd_start[i].status.stopped)
···
2734
2733
vmxnet3_alloc_intr_resources(struct vmxnet3_adapter *adapter)
2735
2734
{
2736
2735
u32 cfg;
2736
+
unsigned long flags;
2737
2737
2738
2738
/* intr settings */
2739
-
spin_lock(&adapter->cmd_lock);
2739
+
spin_lock_irqsave(&adapter->cmd_lock, flags);
2740
2740
VMXNET3_WRITE_BAR1_REG(adapter, VMXNET3_REG_CMD,
2741
2741
VMXNET3_CMD_GET_CONF_INTR);
2742
2742
cfg = VMXNET3_READ_BAR1_REG(adapter, VMXNET3_REG_CMD);
2743
-
spin_unlock(&adapter->cmd_lock);
2743
+
spin_unlock_irqrestore(&adapter->cmd_lock, flags);
2744
2744
adapter->intr.type = cfg & 0x3;
2745
2745
adapter->intr.mask_mode = (cfg >> 2) & 0x3;
2746
2746
+17
include/net/ip_vs.h
+17
include/net/ip_vs.h
···
791
791
/* IPVS in network namespace */
792
792
struct netns_ipvs {
793
793
int gen; /* Generation */
794
+
int enable; /* enable like nf_hooks do */
794
795
/*
795
796
* Hash table: for real service lookups
796
797
*/
···
1090
1089
atomic_inc(&ctl_cp->n_control);
1091
1090
}
1092
1091
1092
+
/*
1093
+
* IPVS netns init & cleanup functions
1094
+
*/
1095
+
extern int __ip_vs_estimator_init(struct net *net);
1096
+
extern int __ip_vs_control_init(struct net *net);
1097
+
extern int __ip_vs_protocol_init(struct net *net);
1098
+
extern int __ip_vs_app_init(struct net *net);
1099
+
extern int __ip_vs_conn_init(struct net *net);
1100
+
extern int __ip_vs_sync_init(struct net *net);
1101
+
extern void __ip_vs_conn_cleanup(struct net *net);
1102
+
extern void __ip_vs_app_cleanup(struct net *net);
1103
+
extern void __ip_vs_protocol_cleanup(struct net *net);
1104
+
extern void __ip_vs_control_cleanup(struct net *net);
1105
+
extern void __ip_vs_estimator_cleanup(struct net *net);
1106
+
extern void __ip_vs_sync_cleanup(struct net *net);
1107
+
extern void __ip_vs_service_cleanup(struct net *net);
1093
1108
1094
1109
/*
1095
1110
* IPVS application functions
+3
include/net/xfrm.h
+3
include/net/xfrm.h
···
324
324
int (*tmpl_sort)(struct xfrm_tmpl **dst, struct xfrm_tmpl **src, int n);
325
325
int (*state_sort)(struct xfrm_state **dst, struct xfrm_state **src, int n);
326
326
int (*output)(struct sk_buff *skb);
327
+
int (*output_finish)(struct sk_buff *skb);
327
328
int (*extract_input)(struct xfrm_state *x,
328
329
struct sk_buff *skb);
329
330
int (*extract_output)(struct xfrm_state *x,
···
1455
1454
extern int xfrm4_extract_output(struct xfrm_state *x, struct sk_buff *skb);
1456
1455
extern int xfrm4_prepare_output(struct xfrm_state *x, struct sk_buff *skb);
1457
1456
extern int xfrm4_output(struct sk_buff *skb);
1457
+
extern int xfrm4_output_finish(struct sk_buff *skb);
1458
1458
extern int xfrm4_tunnel_register(struct xfrm_tunnel *handler, unsigned short family);
1459
1459
extern int xfrm4_tunnel_deregister(struct xfrm_tunnel *handler, unsigned short family);
1460
1460
extern int xfrm6_extract_header(struct sk_buff *skb);
···
1472
1470
extern int xfrm6_extract_output(struct xfrm_state *x, struct sk_buff *skb);
1473
1471
extern int xfrm6_prepare_output(struct xfrm_state *x, struct sk_buff *skb);
1474
1472
extern int xfrm6_output(struct sk_buff *skb);
1473
+
extern int xfrm6_output_finish(struct sk_buff *skb);
1475
1474
extern int xfrm6_find_1stfragopt(struct xfrm_state *x, struct sk_buff *skb,
1476
1475
u8 **prevhdr);
1477
1476
+3
net/8021q/vlan.c
+3
net/8021q/vlan.c
-3
net/8021q/vlan_dev.c
-3
net/8021q/vlan_dev.c
···
487
487
struct vlan_dev_info *vlan = vlan_dev_info(dev);
488
488
struct net_device *real_dev = vlan->real_dev;
489
489
490
-
if (vlan->flags & VLAN_FLAG_GVRP)
491
-
vlan_gvrp_request_leave(dev);
492
-
493
490
dev_mc_unsync(real_dev, dev);
494
491
dev_uc_unsync(real_dev, dev);
495
492
if (dev->flags & IFF_ALLMULTI)
+11
-53
net/bridge/netfilter/ebtables.c
+11
-53
net/bridge/netfilter/ebtables.c
···
1766
1766
1767
1767
newinfo->entries_size = size;
1768
1768
1769
-
xt_compat_init_offsets(AF_INET, info->nentries);
1769
+
xt_compat_init_offsets(NFPROTO_BRIDGE, info->nentries);
1770
1770
return EBT_ENTRY_ITERATE(entries, size, compat_calc_entry, info,
1771
1771
entries, newinfo);
1772
1772
}
···
1882
1882
struct xt_match *match;
1883
1883
struct xt_target *wt;
1884
1884
void *dst = NULL;
1885
-
int off, pad = 0, ret = 0;
1885
+
int off, pad = 0;
1886
1886
unsigned int size_kern, entry_offset, match_size = mwt->match_size;
1887
1887
1888
1888
strlcpy(name, mwt->u.name, sizeof(name));
···
1933
1933
size_kern = wt->targetsize;
1934
1934
module_put(wt->me);
1935
1935
break;
1936
-
}
1937
-
1938
-
if (!dst) {
1939
-
ret = xt_compat_add_offset(NFPROTO_BRIDGE, entry_offset,
1940
-
off + ebt_compat_entry_padsize());
1941
-
if (ret < 0)
1942
-
return ret;
1943
1936
}
1944
1937
1945
1938
state->buf_kern_offset += match_size + off;
···
2009
2016
return growth;
2010
2017
}
2011
2018
2012
-
#define EBT_COMPAT_WATCHER_ITERATE(e, fn, args...) \
2013
-
({ \
2014
-
unsigned int __i; \
2015
-
int __ret = 0; \
2016
-
struct compat_ebt_entry_mwt *__watcher; \
2017
-
\
2018
-
for (__i = e->watchers_offset; \
2019
-
__i < (e)->target_offset; \
2020
-
__i += __watcher->watcher_size + \
2021
-
sizeof(struct compat_ebt_entry_mwt)) { \
2022
-
__watcher = (void *)(e) + __i; \
2023
-
__ret = fn(__watcher , ## args); \
2024
-
if (__ret != 0) \
2025
-
break; \
2026
-
} \
2027
-
if (__ret == 0) { \
2028
-
if (__i != (e)->target_offset) \
2029
-
__ret = -EINVAL; \
2030
-
} \
2031
-
__ret; \
2032
-
})
2033
-
2034
-
#define EBT_COMPAT_MATCH_ITERATE(e, fn, args...) \
2035
-
({ \
2036
-
unsigned int __i; \
2037
-
int __ret = 0; \
2038
-
struct compat_ebt_entry_mwt *__match; \
2039
-
\
2040
-
for (__i = sizeof(struct ebt_entry); \
2041
-
__i < (e)->watchers_offset; \
2042
-
__i += __match->match_size + \
2043
-
sizeof(struct compat_ebt_entry_mwt)) { \
2044
-
__match = (void *)(e) + __i; \
2045
-
__ret = fn(__match , ## args); \
2046
-
if (__ret != 0) \
2047
-
break; \
2048
-
} \
2049
-
if (__ret == 0) { \
2050
-
if (__i != (e)->watchers_offset) \
2051
-
__ret = -EINVAL; \
2052
-
} \
2053
-
__ret; \
2054
-
})
2055
-
2056
2019
/* called for all ebt_entry structures. */
2057
2020
static int size_entry_mwt(struct ebt_entry *entry, const unsigned char *base,
2058
2021
unsigned int *total,
···
2079
2130
offsets_update[i], offsets[j] + new_offset);
2080
2131
offsets_update[i] = offsets[j] + new_offset;
2081
2132
}
2133
+
}
2134
+
2135
+
if (state->buf_kern_start == NULL) {
2136
+
unsigned int offset = buf_start - (char *) base;
2137
+
2138
+
ret = xt_compat_add_offset(NFPROTO_BRIDGE, offset, new_offset);
2139
+
if (ret < 0)
2140
+
return ret;
2082
2141
}
2083
2142
2084
2143
startoff = state->buf_user_offset - startoff;
···
2197
2240
2198
2241
xt_compat_lock(NFPROTO_BRIDGE);
2199
2242
2243
+
xt_compat_init_offsets(NFPROTO_BRIDGE, tmp.nentries);
2200
2244
ret = compat_copy_entries(entries_tmp, tmp.entries_size, &state);
2201
2245
if (ret < 0)
2202
2246
goto out_unlock;
+6
-4
net/core/dev.c
+6
-4
net/core/dev.c
···
1284
1284
*/
1285
1285
int dev_close(struct net_device *dev)
1286
1286
{
1287
-
LIST_HEAD(single);
1287
+
if (dev->flags & IFF_UP) {
1288
+
LIST_HEAD(single);
1288
1289
1289
-
list_add(&dev->unreg_list, &single);
1290
-
dev_close_many(&single);
1291
-
list_del(&single);
1290
+
list_add(&dev->unreg_list, &single);
1291
+
dev_close_many(&single);
1292
+
list_del(&single);
1293
+
}
1292
1294
return 0;
1293
1295
}
1294
1296
EXPORT_SYMBOL(dev_close);
+2
net/dccp/options.c
+2
net/dccp/options.c
+15
-16
net/ipv4/ip_fragment.c
+15
-16
net/ipv4/ip_fragment.c
···
223
223
224
224
if ((qp->q.last_in & INET_FRAG_FIRST_IN) && qp->q.fragments != NULL) {
225
225
struct sk_buff *head = qp->q.fragments;
226
+
const struct iphdr *iph;
227
+
int err;
226
228
227
229
rcu_read_lock();
228
230
head->dev = dev_get_by_index_rcu(net, qp->iif);
229
231
if (!head->dev)
230
232
goto out_rcu_unlock;
231
233
234
+
/* skb dst is stale, drop it, and perform route lookup again */
235
+
skb_dst_drop(head);
236
+
iph = ip_hdr(head);
237
+
err = ip_route_input_noref(head, iph->daddr, iph->saddr,
238
+
iph->tos, head->dev);
239
+
if (err)
240
+
goto out_rcu_unlock;
241
+
232
242
/*
233
-
* Only search router table for the head fragment,
234
-
* when defraging timeout at PRE_ROUTING HOOK.
243
+
* Only an end host needs to send an ICMP
244
+
* "Fragment Reassembly Timeout" message, per RFC792.
235
245
*/
236
-
if (qp->user == IP_DEFRAG_CONNTRACK_IN && !skb_dst(head)) {
237
-
const struct iphdr *iph = ip_hdr(head);
238
-
int err = ip_route_input(head, iph->daddr, iph->saddr,
239
-
iph->tos, head->dev);
240
-
if (unlikely(err))
241
-
goto out_rcu_unlock;
246
+
if (qp->user == IP_DEFRAG_CONNTRACK_IN &&
247
+
skb_rtable(head)->rt_type != RTN_LOCAL)
248
+
goto out_rcu_unlock;
242
249
243
-
/*
244
-
* Only an end host needs to send an ICMP
245
-
* "Fragment Reassembly Timeout" message, per RFC792.
246
-
*/
247
-
if (skb_rtable(head)->rt_type != RTN_LOCAL)
248
-
goto out_rcu_unlock;
249
-
250
-
}
251
250
252
251
/* Send an ICMP "Fragment Reassembly Timeout" message. */
253
252
icmp_send(head, ICMP_TIME_EXCEEDED, ICMP_EXC_FRAGTIME, 0);
+7
-2
net/ipv4/tcp_cubic.c
+7
-2
net/ipv4/tcp_cubic.c
···
93
93
u32 ack_cnt; /* number of acks */
94
94
u32 tcp_cwnd; /* estimated tcp cwnd */
95
95
#define ACK_RATIO_SHIFT 4
96
+
#define ACK_RATIO_LIMIT (32u << ACK_RATIO_SHIFT)
96
97
u16 delayed_ack; /* estimate the ratio of Packets/ACKs << 4 */
97
98
u8 sample_cnt; /* number of samples to decide curr_rtt */
98
99
u8 found; /* the exit point is found? */
···
399
398
u32 delay;
400
399
401
400
if (icsk->icsk_ca_state == TCP_CA_Open) {
402
-
cnt -= ca->delayed_ack >> ACK_RATIO_SHIFT;
403
-
ca->delayed_ack += cnt;
401
+
u32 ratio = ca->delayed_ack;
402
+
403
+
ratio -= ca->delayed_ack >> ACK_RATIO_SHIFT;
404
+
ratio += cnt;
405
+
406
+
ca->delayed_ack = min(ratio, ACK_RATIO_LIMIT);
404
407
}
405
408
406
409
/* Some calls are for duplicates without timetamps */
+6
-2
net/ipv4/xfrm4_output.c
+6
-2
net/ipv4/xfrm4_output.c
···
69
69
}
70
70
EXPORT_SYMBOL(xfrm4_prepare_output);
71
71
72
-
static int xfrm4_output_finish(struct sk_buff *skb)
72
+
int xfrm4_output_finish(struct sk_buff *skb)
73
73
{
74
74
#ifdef CONFIG_NETFILTER
75
75
if (!skb_dst(skb)->xfrm) {
···
86
86
87
87
int xfrm4_output(struct sk_buff *skb)
88
88
{
89
+
struct dst_entry *dst = skb_dst(skb);
90
+
struct xfrm_state *x = dst->xfrm;
91
+
89
92
return NF_HOOK_COND(NFPROTO_IPV4, NF_INET_POST_ROUTING, skb,
90
-
NULL, skb_dst(skb)->dev, xfrm4_output_finish,
93
+
NULL, dst->dev,
94
+
x->outer_mode->afinfo->output_finish,
91
95
!(IPCB(skb)->flags & IPSKB_REROUTED));
92
96
}
+1
net/ipv4/xfrm4_state.c
+1
net/ipv4/xfrm4_state.c
···
78
78
.init_tempsel = __xfrm4_init_tempsel,
79
79
.init_temprop = xfrm4_init_temprop,
80
80
.output = xfrm4_output,
81
+
.output_finish = xfrm4_output_finish,
81
82
.extract_input = xfrm4_extract_input,
82
83
.extract_output = xfrm4_extract_output,
83
84
.transport_finish = xfrm4_transport_finish,
+3
-1
net/ipv6/netfilter/ip6t_REJECT.c
+3
-1
net/ipv6/netfilter/ip6t_REJECT.c
···
45
45
int tcphoff, needs_ack;
46
46
const struct ipv6hdr *oip6h = ipv6_hdr(oldskb);
47
47
struct ipv6hdr *ip6h;
48
+
#define DEFAULT_TOS_VALUE 0x0U
49
+
const __u8 tclass = DEFAULT_TOS_VALUE;
48
50
struct dst_entry *dst = NULL;
49
51
u8 proto;
50
52
struct flowi6 fl6;
···
126
124
skb_put(nskb, sizeof(struct ipv6hdr));
127
125
skb_reset_network_header(nskb);
128
126
ip6h = ipv6_hdr(nskb);
129
-
ip6h->version = 6;
127
+
*(__be32 *)ip6h = htonl(0x60000000 | (tclass << 20));
130
128
ip6h->hop_limit = ip6_dst_hoplimit(dst);
131
129
ip6h->nexthdr = IPPROTO_TCP;
132
130
ipv6_addr_copy(&ip6h->saddr, &oip6h->daddr);
+3
-3
net/ipv6/xfrm6_output.c
+3
-3
net/ipv6/xfrm6_output.c
···
79
79
}
80
80
EXPORT_SYMBOL(xfrm6_prepare_output);
81
81
82
-
static int xfrm6_output_finish(struct sk_buff *skb)
82
+
int xfrm6_output_finish(struct sk_buff *skb)
83
83
{
84
84
#ifdef CONFIG_NETFILTER
85
85
IP6CB(skb)->flags |= IP6SKB_XFRM_TRANSFORMED;
···
97
97
if ((x && x->props.mode == XFRM_MODE_TUNNEL) &&
98
98
((skb->len > ip6_skb_dst_mtu(skb) && !skb_is_gso(skb)) ||
99
99
dst_allfrag(skb_dst(skb)))) {
100
-
return ip6_fragment(skb, xfrm6_output_finish);
100
+
return ip6_fragment(skb, x->outer_mode->afinfo->output_finish);
101
101
}
102
-
return xfrm6_output_finish(skb);
102
+
return x->outer_mode->afinfo->output_finish(skb);
103
103
}
104
104
105
105
int xfrm6_output(struct sk_buff *skb)
+1
net/ipv6/xfrm6_state.c
+1
net/ipv6/xfrm6_state.c
···
178
178
.tmpl_sort = __xfrm6_tmpl_sort,
179
179
.state_sort = __xfrm6_state_sort,
180
180
.output = xfrm6_output,
181
+
.output_finish = xfrm6_output_finish,
181
182
.extract_input = xfrm6_extract_input,
182
183
.extract_output = xfrm6_extract_output,
183
184
.transport_finish = xfrm6_transport_finish,
+3
-12
net/netfilter/ipvs/ip_vs_app.c
+3
-12
net/netfilter/ipvs/ip_vs_app.c
···
576
576
};
577
577
#endif
578
578
579
-
static int __net_init __ip_vs_app_init(struct net *net)
579
+
int __net_init __ip_vs_app_init(struct net *net)
580
580
{
581
581
struct netns_ipvs *ipvs = net_ipvs(net);
582
582
···
585
585
return 0;
586
586
}
587
587
588
-
static void __net_exit __ip_vs_app_cleanup(struct net *net)
588
+
void __net_exit __ip_vs_app_cleanup(struct net *net)
589
589
{
590
590
proc_net_remove(net, "ip_vs_app");
591
591
}
592
592
593
-
static struct pernet_operations ip_vs_app_ops = {
594
-
.init = __ip_vs_app_init,
595
-
.exit = __ip_vs_app_cleanup,
596
-
};
597
-
598
593
int __init ip_vs_app_init(void)
599
594
{
600
-
int rv;
601
-
602
-
rv = register_pernet_subsys(&ip_vs_app_ops);
603
-
return rv;
595
+
return 0;
604
596
}
605
597
606
598
607
599
void ip_vs_app_cleanup(void)
608
600
{
609
-
unregister_pernet_subsys(&ip_vs_app_ops);
610
601
}
+2
-10
net/netfilter/ipvs/ip_vs_conn.c
+2
-10
net/netfilter/ipvs/ip_vs_conn.c
···
1258
1258
return 0;
1259
1259
}
1260
1260
1261
-
static void __net_exit __ip_vs_conn_cleanup(struct net *net)
1261
+
void __net_exit __ip_vs_conn_cleanup(struct net *net)
1262
1262
{
1263
1263
/* flush all the connection entries first */
1264
1264
ip_vs_conn_flush(net);
1265
1265
proc_net_remove(net, "ip_vs_conn");
1266
1266
proc_net_remove(net, "ip_vs_conn_sync");
1267
1267
}
1268
-
static struct pernet_operations ipvs_conn_ops = {
1269
-
.init = __ip_vs_conn_init,
1270
-
.exit = __ip_vs_conn_cleanup,
1271
-
};
1272
1268
1273
1269
int __init ip_vs_conn_init(void)
1274
1270
{
1275
1271
int idx;
1276
-
int retc;
1277
1272
1278
1273
/* Compute size and mask */
1279
1274
ip_vs_conn_tab_size = 1 << ip_vs_conn_tab_bits;
···
1304
1309
rwlock_init(&__ip_vs_conntbl_lock_array[idx].l);
1305
1310
}
1306
1311
1307
-
retc = register_pernet_subsys(&ipvs_conn_ops);
1308
-
1309
1312
/* calculate the random value for connection hash */
1310
1313
get_random_bytes(&ip_vs_conn_rnd, sizeof(ip_vs_conn_rnd));
1311
1314
1312
-
return retc;
1315
+
return 0;
1313
1316
}
1314
1317
1315
1318
void ip_vs_conn_cleanup(void)
1316
1319
{
1317
-
unregister_pernet_subsys(&ipvs_conn_ops);
1318
1320
/* Release the empty cache */
1319
1321
kmem_cache_destroy(ip_vs_conn_cachep);
1320
1322
vfree(ip_vs_conn_tab);
+93
-10
net/netfilter/ipvs/ip_vs_core.c
+93
-10
net/netfilter/ipvs/ip_vs_core.c
···
1113
1113
return NF_ACCEPT;
1114
1114
1115
1115
net = skb_net(skb);
1116
+
if (!net_ipvs(net)->enable)
1117
+
return NF_ACCEPT;
1118
+
1116
1119
ip_vs_fill_iphdr(af, skb_network_header(skb), &iph);
1117
1120
#ifdef CONFIG_IP_VS_IPV6
1118
1121
if (af == AF_INET6) {
···
1346
1343
return NF_ACCEPT; /* The packet looks wrong, ignore */
1347
1344
1348
1345
net = skb_net(skb);
1346
+
1349
1347
pd = ip_vs_proto_data_get(net, cih->protocol);
1350
1348
if (!pd)
1351
1349
return NF_ACCEPT;
···
1533
1529
IP_VS_DBG_ADDR(af, &iph.daddr), hooknum);
1534
1530
return NF_ACCEPT;
1535
1531
}
1532
+
/* ipvs enabled in this netns ? */
1533
+
net = skb_net(skb);
1534
+
if (!net_ipvs(net)->enable)
1535
+
return NF_ACCEPT;
1536
+
1536
1537
ip_vs_fill_iphdr(af, skb_network_header(skb), &iph);
1537
1538
1538
1539
/* Bad... Do not break raw sockets */
···
1571
1562
ip_vs_fill_iphdr(af, skb_network_header(skb), &iph);
1572
1563
}
1573
1564
1574
-
net = skb_net(skb);
1575
1565
/* Protocol supported? */
1576
1566
pd = ip_vs_proto_data_get(net, iph.protocol);
1577
1567
if (unlikely(!pd))
···
1596
1588
}
1597
1589
1598
1590
IP_VS_DBG_PKT(11, af, pp, skb, 0, "Incoming packet");
1599
-
net = skb_net(skb);
1600
1591
ipvs = net_ipvs(net);
1601
1592
/* Check the server status */
1602
1593
if (cp->dest && !(cp->dest->flags & IP_VS_DEST_F_AVAILABLE)) {
···
1750
1743
int (*okfn)(struct sk_buff *))
1751
1744
{
1752
1745
int r;
1746
+
struct net *net;
1753
1747
1754
1748
if (ip_hdr(skb)->protocol != IPPROTO_ICMP)
1749
+
return NF_ACCEPT;
1750
+
1751
+
/* ipvs enabled in this netns ? */
1752
+
net = skb_net(skb);
1753
+
if (!net_ipvs(net)->enable)
1755
1754
return NF_ACCEPT;
1756
1755
1757
1756
return ip_vs_in_icmp(skb, &r, hooknum);
···
1770
1757
int (*okfn)(struct sk_buff *))
1771
1758
{
1772
1759
int r;
1760
+
struct net *net;
1773
1761
1774
1762
if (ipv6_hdr(skb)->nexthdr != IPPROTO_ICMPV6)
1763
+
return NF_ACCEPT;
1764
+
1765
+
/* ipvs enabled in this netns ? */
1766
+
net = skb_net(skb);
1767
+
if (!net_ipvs(net)->enable)
1775
1768
return NF_ACCEPT;
1776
1769
1777
1770
return ip_vs_in_icmp_v6(skb, &r, hooknum);
···
1903
1884
pr_err("%s(): no memory.\n", __func__);
1904
1885
return -ENOMEM;
1905
1886
}
1887
+
/* Hold the beast until a service is registerd */
1888
+
ipvs->enable = 0;
1906
1889
ipvs->net = net;
1907
1890
/* Counters used for creating unique names */
1908
1891
ipvs->gen = atomic_read(&ipvs_netns_cnt);
1909
1892
atomic_inc(&ipvs_netns_cnt);
1910
1893
net->ipvs = ipvs;
1894
+
1895
+
if (__ip_vs_estimator_init(net) < 0)
1896
+
goto estimator_fail;
1897
+
1898
+
if (__ip_vs_control_init(net) < 0)
1899
+
goto control_fail;
1900
+
1901
+
if (__ip_vs_protocol_init(net) < 0)
1902
+
goto protocol_fail;
1903
+
1904
+
if (__ip_vs_app_init(net) < 0)
1905
+
goto app_fail;
1906
+
1907
+
if (__ip_vs_conn_init(net) < 0)
1908
+
goto conn_fail;
1909
+
1910
+
if (__ip_vs_sync_init(net) < 0)
1911
+
goto sync_fail;
1912
+
1911
1913
printk(KERN_INFO "IPVS: Creating netns size=%zu id=%d\n",
1912
1914
sizeof(struct netns_ipvs), ipvs->gen);
1913
1915
return 0;
1916
+
/*
1917
+
* Error handling
1918
+
*/
1919
+
1920
+
sync_fail:
1921
+
__ip_vs_conn_cleanup(net);
1922
+
conn_fail:
1923
+
__ip_vs_app_cleanup(net);
1924
+
app_fail:
1925
+
__ip_vs_protocol_cleanup(net);
1926
+
protocol_fail:
1927
+
__ip_vs_control_cleanup(net);
1928
+
control_fail:
1929
+
__ip_vs_estimator_cleanup(net);
1930
+
estimator_fail:
1931
+
return -ENOMEM;
1914
1932
}
1915
1933
1916
1934
static void __net_exit __ip_vs_cleanup(struct net *net)
1917
1935
{
1918
-
IP_VS_DBG(10, "ipvs netns %d released\n", net_ipvs(net)->gen);
1936
+
__ip_vs_service_cleanup(net); /* ip_vs_flush() with locks */
1937
+
__ip_vs_conn_cleanup(net);
1938
+
__ip_vs_app_cleanup(net);
1939
+
__ip_vs_protocol_cleanup(net);
1940
+
__ip_vs_control_cleanup(net);
1941
+
__ip_vs_estimator_cleanup(net);
1942
+
IP_VS_DBG(2, "ipvs netns %d released\n", net_ipvs(net)->gen);
1943
+
}
1944
+
1945
+
static void __net_exit __ip_vs_dev_cleanup(struct net *net)
1946
+
{
1947
+
EnterFunction(2);
1948
+
net_ipvs(net)->enable = 0; /* Disable packet reception */
1949
+
__ip_vs_sync_cleanup(net);
1950
+
LeaveFunction(2);
1919
1951
}
1920
1952
1921
1953
static struct pernet_operations ipvs_core_ops = {
···
1976
1906
.size = sizeof(struct netns_ipvs),
1977
1907
};
1978
1908
1909
+
static struct pernet_operations ipvs_core_dev_ops = {
1910
+
.exit = __ip_vs_dev_cleanup,
1911
+
};
1912
+
1979
1913
/*
1980
1914
* Initialize IP Virtual Server
1981
1915
*/
1982
1916
static int __init ip_vs_init(void)
1983
1917
{
1984
1918
int ret;
1985
-
1986
-
ret = register_pernet_subsys(&ipvs_core_ops); /* Alloc ip_vs struct */
1987
-
if (ret < 0)
1988
-
return ret;
1989
1919
1990
1920
ip_vs_estimator_init();
1991
1921
ret = ip_vs_control_init();
···
2014
1944
goto cleanup_conn;
2015
1945
}
2016
1946
1947
+
ret = register_pernet_subsys(&ipvs_core_ops); /* Alloc ip_vs struct */
1948
+
if (ret < 0)
1949
+
goto cleanup_sync;
1950
+
1951
+
ret = register_pernet_device(&ipvs_core_dev_ops);
1952
+
if (ret < 0)
1953
+
goto cleanup_sub;
1954
+
2017
1955
ret = nf_register_hooks(ip_vs_ops, ARRAY_SIZE(ip_vs_ops));
2018
1956
if (ret < 0) {
2019
1957
pr_err("can't register hooks.\n");
2020
-
goto cleanup_sync;
1958
+
goto cleanup_dev;
2021
1959
}
2022
1960
2023
1961
pr_info("ipvs loaded.\n");
1962
+
2024
1963
return ret;
2025
1964
1965
+
cleanup_dev:
1966
+
unregister_pernet_device(&ipvs_core_dev_ops);
1967
+
cleanup_sub:
1968
+
unregister_pernet_subsys(&ipvs_core_ops);
2026
1969
cleanup_sync:
2027
1970
ip_vs_sync_cleanup();
2028
1971
cleanup_conn:
···
2047
1964
ip_vs_control_cleanup();
2048
1965
cleanup_estimator:
2049
1966
ip_vs_estimator_cleanup();
2050
-
unregister_pernet_subsys(&ipvs_core_ops); /* free ip_vs struct */
2051
1967
return ret;
2052
1968
}
2053
1969
2054
1970
static void __exit ip_vs_cleanup(void)
2055
1971
{
2056
1972
nf_unregister_hooks(ip_vs_ops, ARRAY_SIZE(ip_vs_ops));
1973
+
unregister_pernet_device(&ipvs_core_dev_ops);
1974
+
unregister_pernet_subsys(&ipvs_core_ops); /* free ip_vs struct */
2057
1975
ip_vs_sync_cleanup();
2058
1976
ip_vs_conn_cleanup();
2059
1977
ip_vs_app_cleanup();
2060
1978
ip_vs_protocol_cleanup();
2061
1979
ip_vs_control_cleanup();
2062
1980
ip_vs_estimator_cleanup();
2063
-
unregister_pernet_subsys(&ipvs_core_ops); /* free ip_vs struct */
2064
1981
pr_info("ipvs unloaded.\n");
2065
1982
}
2066
1983
+101
-19
net/netfilter/ipvs/ip_vs_ctl.c
+101
-19
net/netfilter/ipvs/ip_vs_ctl.c
···
69
69
}
70
70
#endif
71
71
72
+
73
+
/* Protos */
74
+
static void __ip_vs_del_service(struct ip_vs_service *svc);
75
+
76
+
72
77
#ifdef CONFIG_IP_VS_IPV6
73
78
/* Taken from rt6_fill_node() in net/ipv6/route.c, is there a better way? */
74
79
static int __ip_vs_addr_is_local_v6(struct net *net,
···
1219
1214
write_unlock_bh(&__ip_vs_svc_lock);
1220
1215
1221
1216
*svc_p = svc;
1217
+
/* Now there is a service - full throttle */
1218
+
ipvs->enable = 1;
1222
1219
return 0;
1223
1220
1224
1221
···
1479
1472
return 0;
1480
1473
}
1481
1474
1475
+
/*
1476
+
* Delete service by {netns} in the service table.
1477
+
* Called by __ip_vs_cleanup()
1478
+
*/
1479
+
void __ip_vs_service_cleanup(struct net *net)
1480
+
{
1481
+
EnterFunction(2);
1482
+
/* Check for "full" addressed entries */
1483
+
mutex_lock(&__ip_vs_mutex);
1484
+
ip_vs_flush(net);
1485
+
mutex_unlock(&__ip_vs_mutex);
1486
+
LeaveFunction(2);
1487
+
}
1488
+
/*
1489
+
* Release dst hold by dst_cache
1490
+
*/
1491
+
static inline void
1492
+
__ip_vs_dev_reset(struct ip_vs_dest *dest, struct net_device *dev)
1493
+
{
1494
+
spin_lock_bh(&dest->dst_lock);
1495
+
if (dest->dst_cache && dest->dst_cache->dev == dev) {
1496
+
IP_VS_DBG_BUF(3, "Reset dev:%s dest %s:%u ,dest->refcnt=%d\n",
1497
+
dev->name,
1498
+
IP_VS_DBG_ADDR(dest->af, &dest->addr),
1499
+
ntohs(dest->port),
1500
+
atomic_read(&dest->refcnt));
1501
+
ip_vs_dst_reset(dest);
1502
+
}
1503
+
spin_unlock_bh(&dest->dst_lock);
1504
+
1505
+
}
1506
+
/*
1507
+
* Netdev event receiver
1508
+
* Currently only NETDEV_UNREGISTER is handled, i.e. if we hold a reference to
1509
+
* a device that is "unregister" it must be released.
1510
+
*/
1511
+
static int ip_vs_dst_event(struct notifier_block *this, unsigned long event,
1512
+
void *ptr)
1513
+
{
1514
+
struct net_device *dev = ptr;
1515
+
struct net *net = dev_net(dev);
1516
+
struct ip_vs_service *svc;
1517
+
struct ip_vs_dest *dest;
1518
+
unsigned int idx;
1519
+
1520
+
if (event != NETDEV_UNREGISTER)
1521
+
return NOTIFY_DONE;
1522
+
IP_VS_DBG(3, "%s() dev=%s\n", __func__, dev->name);
1523
+
EnterFunction(2);
1524
+
mutex_lock(&__ip_vs_mutex);
1525
+
for (idx = 0; idx < IP_VS_SVC_TAB_SIZE; idx++) {
1526
+
list_for_each_entry(svc, &ip_vs_svc_table[idx], s_list) {
1527
+
if (net_eq(svc->net, net)) {
1528
+
list_for_each_entry(dest, &svc->destinations,
1529
+
n_list) {
1530
+
__ip_vs_dev_reset(dest, dev);
1531
+
}
1532
+
}
1533
+
}
1534
+
1535
+
list_for_each_entry(svc, &ip_vs_svc_fwm_table[idx], f_list) {
1536
+
if (net_eq(svc->net, net)) {
1537
+
list_for_each_entry(dest, &svc->destinations,
1538
+
n_list) {
1539
+
__ip_vs_dev_reset(dest, dev);
1540
+
}
1541
+
}
1542
+
1543
+
}
1544
+
}
1545
+
1546
+
list_for_each_entry(dest, &net_ipvs(net)->dest_trash, n_list) {
1547
+
__ip_vs_dev_reset(dest, dev);
1548
+
}
1549
+
mutex_unlock(&__ip_vs_mutex);
1550
+
LeaveFunction(2);
1551
+
return NOTIFY_DONE;
1552
+
}
1482
1553
1483
1554
/*
1484
1555
* Zero counters in a service or all services
···
3673
3588
3674
3589
#endif
3675
3590
3591
+
static struct notifier_block ip_vs_dst_notifier = {
3592
+
.notifier_call = ip_vs_dst_event,
3593
+
};
3594
+
3676
3595
int __net_init __ip_vs_control_init(struct net *net)
3677
3596
{
3678
3597
int idx;
···
3715
3626
return -ENOMEM;
3716
3627
}
3717
3628
3718
-
static void __net_exit __ip_vs_control_cleanup(struct net *net)
3629
+
void __net_exit __ip_vs_control_cleanup(struct net *net)
3719
3630
{
3720
3631
struct netns_ipvs *ipvs = net_ipvs(net);
3721
3632
···
3727
3638
proc_net_remove(net, "ip_vs");
3728
3639
free_percpu(ipvs->tot_stats.cpustats);
3729
3640
}
3730
-
3731
-
static struct pernet_operations ipvs_control_ops = {
3732
-
.init = __ip_vs_control_init,
3733
-
.exit = __ip_vs_control_cleanup,
3734
-
};
3735
3641
3736
3642
int __init ip_vs_control_init(void)
3737
3643
{
···
3741
3657
INIT_LIST_HEAD(&ip_vs_svc_fwm_table[idx]);
3742
3658
}
3743
3659
3744
-
ret = register_pernet_subsys(&ipvs_control_ops);
3745
-
if (ret) {
3746
-
pr_err("cannot register namespace.\n");
3747
-
goto err;
3748
-
}
3749
-
3750
3660
smp_wmb(); /* Do we really need it now ? */
3751
3661
3752
3662
ret = nf_register_sockopt(&ip_vs_sockopts);
3753
3663
if (ret) {
3754
3664
pr_err("cannot register sockopt.\n");
3755
-
goto err_net;
3665
+
goto err_sock;
3756
3666
}
3757
3667
3758
3668
ret = ip_vs_genl_register();
3759
3669
if (ret) {
3760
3670
pr_err("cannot register Generic Netlink interface.\n");
3761
-
nf_unregister_sockopt(&ip_vs_sockopts);
3762
-
goto err_net;
3671
+
goto err_genl;
3763
3672
}
3673
+
3674
+
ret = register_netdevice_notifier(&ip_vs_dst_notifier);
3675
+
if (ret < 0)
3676
+
goto err_notf;
3764
3677
3765
3678
LeaveFunction(2);
3766
3679
return 0;
3767
3680
3768
-
err_net:
3769
-
unregister_pernet_subsys(&ipvs_control_ops);
3770
-
err:
3681
+
err_notf:
3682
+
ip_vs_genl_unregister();
3683
+
err_genl:
3684
+
nf_unregister_sockopt(&ip_vs_sockopts);
3685
+
err_sock:
3771
3686
return ret;
3772
3687
}
3773
3688
···
3774
3691
void ip_vs_control_cleanup(void)
3775
3692
{
3776
3693
EnterFunction(2);
3777
-
unregister_pernet_subsys(&ipvs_control_ops);
3778
3694
ip_vs_genl_unregister();
3779
3695
nf_unregister_sockopt(&ip_vs_sockopts);
3780
3696
LeaveFunction(2);
+3
-11
net/netfilter/ipvs/ip_vs_est.c
+3
-11
net/netfilter/ipvs/ip_vs_est.c
···
192
192
dst->outbps = (e->outbps + 0xF) >> 5;
193
193
}
194
194
195
-
static int __net_init __ip_vs_estimator_init(struct net *net)
195
+
int __net_init __ip_vs_estimator_init(struct net *net)
196
196
{
197
197
struct netns_ipvs *ipvs = net_ipvs(net);
198
198
···
203
203
return 0;
204
204
}
205
205
206
-
static void __net_exit __ip_vs_estimator_exit(struct net *net)
206
+
void __net_exit __ip_vs_estimator_cleanup(struct net *net)
207
207
{
208
208
del_timer_sync(&net_ipvs(net)->est_timer);
209
209
}
210
-
static struct pernet_operations ip_vs_app_ops = {
211
-
.init = __ip_vs_estimator_init,
212
-
.exit = __ip_vs_estimator_exit,
213
-
};
214
210
215
211
int __init ip_vs_estimator_init(void)
216
212
{
217
-
int rv;
218
-
219
-
rv = register_pernet_subsys(&ip_vs_app_ops);
220
-
return rv;
213
+
return 0;
221
214
}
222
215
223
216
void ip_vs_estimator_cleanup(void)
224
217
{
225
-
unregister_pernet_subsys(&ip_vs_app_ops);
226
218
}
+2
-9
net/netfilter/ipvs/ip_vs_proto.c
+2
-9
net/netfilter/ipvs/ip_vs_proto.c
···
316
316
/*
317
317
* per network name-space init
318
318
*/
319
-
static int __net_init __ip_vs_protocol_init(struct net *net)
319
+
int __net_init __ip_vs_protocol_init(struct net *net)
320
320
{
321
321
#ifdef CONFIG_IP_VS_PROTO_TCP
322
322
register_ip_vs_proto_netns(net, &ip_vs_protocol_tcp);
···
336
336
return 0;
337
337
}
338
338
339
-
static void __net_exit __ip_vs_protocol_cleanup(struct net *net)
339
+
void __net_exit __ip_vs_protocol_cleanup(struct net *net)
340
340
{
341
341
struct netns_ipvs *ipvs = net_ipvs(net);
342
342
struct ip_vs_proto_data *pd;
···
348
348
unregister_ip_vs_proto_netns(net, pd);
349
349
}
350
350
}
351
-
352
-
static struct pernet_operations ipvs_proto_ops = {
353
-
.init = __ip_vs_protocol_init,
354
-
.exit = __ip_vs_protocol_cleanup,
355
-
};
356
351
357
352
int __init ip_vs_protocol_init(void)
358
353
{
···
377
382
REGISTER_PROTOCOL(&ip_vs_protocol_esp);
378
383
#endif
379
384
pr_info("Registered protocols (%s)\n", &protocols[2]);
380
-
return register_pernet_subsys(&ipvs_proto_ops);
381
385
382
386
return 0;
383
387
}
···
387
393
struct ip_vs_protocol *pp;
388
394
int i;
389
395
390
-
unregister_pernet_subsys(&ipvs_proto_ops);
391
396
/* unregister all the ipvs protocols */
392
397
for (i = 0; i < IP_VS_PROTO_TAB_SIZE; i++) {
393
398
while ((pp = ip_vs_proto_table[i]) != NULL)
+38
-29
net/netfilter/ipvs/ip_vs_sync.c
+38
-29
net/netfilter/ipvs/ip_vs_sync.c
···
1303
1303
struct socket *sock;
1304
1304
int result;
1305
1305
1306
-
/* First create a socket */
1307
-
result = __sock_create(net, PF_INET, SOCK_DGRAM, IPPROTO_UDP, &sock, 1);
1306
+
/* First create a socket move it to right name space later */
1307
+
result = sock_create_kern(PF_INET, SOCK_DGRAM, IPPROTO_UDP, &sock);
1308
1308
if (result < 0) {
1309
1309
pr_err("Error during creation of socket; terminating\n");
1310
1310
return ERR_PTR(result);
1311
1311
}
1312
-
1312
+
/*
1313
+
* Kernel sockets that are a part of a namespace, should not
1314
+
* hold a reference to a namespace in order to allow to stop it.
1315
+
* After sk_change_net should be released using sk_release_kernel.
1316
+
*/
1317
+
sk_change_net(sock->sk, net);
1313
1318
result = set_mcast_if(sock->sk, ipvs->master_mcast_ifn);
1314
1319
if (result < 0) {
1315
1320
pr_err("Error setting outbound mcast interface\n");
···
1339
1334
1340
1335
return sock;
1341
1336
1342
-
error:
1343
-
sock_release(sock);
1337
+
error:
1338
+
sk_release_kernel(sock->sk);
1344
1339
return ERR_PTR(result);
1345
1340
}
1346
1341
···
1355
1350
int result;
1356
1351
1357
1352
/* First create a socket */
1358
-
result = __sock_create(net, PF_INET, SOCK_DGRAM, IPPROTO_UDP, &sock, 1);
1353
+
result = sock_create_kern(PF_INET, SOCK_DGRAM, IPPROTO_UDP, &sock);
1359
1354
if (result < 0) {
1360
1355
pr_err("Error during creation of socket; terminating\n");
1361
1356
return ERR_PTR(result);
1362
1357
}
1363
-
1358
+
/*
1359
+
* Kernel sockets that are a part of a namespace, should not
1360
+
* hold a reference to a namespace in order to allow to stop it.
1361
+
* After sk_change_net should be released using sk_release_kernel.
1362
+
*/
1363
+
sk_change_net(sock->sk, net);
1364
1364
/* it is equivalent to the REUSEADDR option in user-space */
1365
1365
sock->sk->sk_reuse = 1;
1366
1366
···
1387
1377
1388
1378
return sock;
1389
1379
1390
-
error:
1391
-
sock_release(sock);
1380
+
error:
1381
+
sk_release_kernel(sock->sk);
1392
1382
return ERR_PTR(result);
1393
1383
}
1394
1384
···
1483
1473
ip_vs_sync_buff_release(sb);
1484
1474
1485
1475
/* release the sending multicast socket */
1486
-
sock_release(tinfo->sock);
1476
+
sk_release_kernel(tinfo->sock->sk);
1487
1477
kfree(tinfo);
1488
1478
1489
1479
return 0;
···
1523
1513
}
1524
1514
1525
1515
/* release the sending multicast socket */
1526
-
sock_release(tinfo->sock);
1516
+
sk_release_kernel(tinfo->sock->sk);
1527
1517
kfree(tinfo->buf);
1528
1518
kfree(tinfo);
1529
1519
···
1611
1601
outbuf:
1612
1602
kfree(buf);
1613
1603
outsocket:
1614
-
sock_release(sock);
1604
+
sk_release_kernel(sock->sk);
1615
1605
out:
1616
1606
return result;
1617
1607
}
···
1620
1610
int stop_sync_thread(struct net *net, int state)
1621
1611
{
1622
1612
struct netns_ipvs *ipvs = net_ipvs(net);
1613
+
int retc = -EINVAL;
1623
1614
1624
1615
IP_VS_DBG(7, "%s(): pid %d\n", __func__, task_pid_nr(current));
1625
1616
···
1640
1629
spin_lock_bh(&ipvs->sync_lock);
1641
1630
ipvs->sync_state &= ~IP_VS_STATE_MASTER;
1642
1631
spin_unlock_bh(&ipvs->sync_lock);
1643
-
kthread_stop(ipvs->master_thread);
1632
+
retc = kthread_stop(ipvs->master_thread);
1644
1633
ipvs->master_thread = NULL;
1645
1634
} else if (state == IP_VS_STATE_BACKUP) {
1646
1635
if (!ipvs->backup_thread)
···
1650
1639
task_pid_nr(ipvs->backup_thread));
1651
1640
1652
1641
ipvs->sync_state &= ~IP_VS_STATE_BACKUP;
1653
-
kthread_stop(ipvs->backup_thread);
1642
+
retc = kthread_stop(ipvs->backup_thread);
1654
1643
ipvs->backup_thread = NULL;
1655
-
} else {
1656
-
return -EINVAL;
1657
1644
}
1658
1645
1659
1646
/* decrease the module use count */
1660
1647
ip_vs_use_count_dec();
1661
1648
1662
-
return 0;
1649
+
return retc;
1663
1650
}
1664
1651
1665
1652
/*
1666
1653
* Initialize data struct for each netns
1667
1654
*/
1668
-
static int __net_init __ip_vs_sync_init(struct net *net)
1655
+
int __net_init __ip_vs_sync_init(struct net *net)
1669
1656
{
1670
1657
struct netns_ipvs *ipvs = net_ipvs(net);
1671
1658
···
1677
1668
return 0;
1678
1669
}
1679
1670
1680
-
static void __ip_vs_sync_cleanup(struct net *net)
1671
+
void __ip_vs_sync_cleanup(struct net *net)
1681
1672
{
1682
-
stop_sync_thread(net, IP_VS_STATE_MASTER);
1683
-
stop_sync_thread(net, IP_VS_STATE_BACKUP);
1673
+
int retc;
1674
+
1675
+
retc = stop_sync_thread(net, IP_VS_STATE_MASTER);
1676
+
if (retc && retc != -ESRCH)
1677
+
pr_err("Failed to stop Master Daemon\n");
1678
+
1679
+
retc = stop_sync_thread(net, IP_VS_STATE_BACKUP);
1680
+
if (retc && retc != -ESRCH)
1681
+
pr_err("Failed to stop Backup Daemon\n");
1684
1682
}
1685
-
1686
-
static struct pernet_operations ipvs_sync_ops = {
1687
-
.init = __ip_vs_sync_init,
1688
-
.exit = __ip_vs_sync_cleanup,
1689
-
};
1690
-
1691
1683
1692
1684
int __init ip_vs_sync_init(void)
1693
1685
{
1694
-
return register_pernet_subsys(&ipvs_sync_ops);
1686
+
return 0;
1695
1687
}
1696
1688
1697
1689
void ip_vs_sync_cleanup(void)
1698
1690
{
1699
-
unregister_pernet_subsys(&ipvs_sync_ops);
1700
1691
}
+4
net/netfilter/nf_conntrack_netlink.c
+4
net/netfilter/nf_conntrack_netlink.c
···
1334
1334
struct nf_conn *ct;
1335
1335
int err = -EINVAL;
1336
1336
struct nf_conntrack_helper *helper;
1337
+
struct nf_conn_tstamp *tstamp;
1337
1338
1338
1339
ct = nf_conntrack_alloc(net, zone, otuple, rtuple, GFP_ATOMIC);
1339
1340
if (IS_ERR(ct))
···
1452
1451
__set_bit(IPS_EXPECTED_BIT, &ct->status);
1453
1452
ct->master = master_ct;
1454
1453
}
1454
+
tstamp = nf_conn_tstamp_find(ct);
1455
+
if (tstamp)
1456
+
tstamp->start = ktime_to_ns(ktime_get_real());
1455
1457
1456
1458
add_timer(&ct->timeout);
1457
1459
nf_conntrack_hash_insert(ct);
+2
-2
net/netfilter/x_tables.c
+2
-2
net/netfilter/x_tables.c
···
455
455
vfree(xt[af].compat_tab);
456
456
xt[af].compat_tab = NULL;
457
457
xt[af].number = 0;
458
+
xt[af].cur = 0;
458
459
}
459
460
}
460
461
EXPORT_SYMBOL_GPL(xt_compat_flush_offsets);
···
474
473
else
475
474
return mid ? tmp[mid - 1].delta : 0;
476
475
}
477
-
WARN_ON_ONCE(1);
478
-
return 0;
476
+
return left ? tmp[left - 1].delta : 0;
479
477
}
480
478
EXPORT_SYMBOL_GPL(xt_compat_calc_jump);
481
479
+1
-1
net/netfilter/xt_DSCP.c
+1
-1
net/netfilter/xt_DSCP.c
-5
net/netfilter/xt_conntrack.c
-5
net/netfilter/xt_conntrack.c
···
272
272
{
273
273
int ret;
274
274
275
-
if (strcmp(par->table, "raw") == 0) {
276
-
pr_info("state is undetermined at the time of raw table\n");
277
-
return -EINVAL;
278
-
}
279
-
280
275
ret = nf_ct_l3proto_try_module_get(par->family);
281
276
if (ret < 0)
282
277
pr_info("cannot load conntrack support for proto=%u\n",
+13
-1
net/xfrm/xfrm_policy.c
+13
-1
net/xfrm/xfrm_policy.c
···
1406
1406
struct net *net = xp_net(policy);
1407
1407
unsigned long now = jiffies;
1408
1408
struct net_device *dev;
1409
+
struct xfrm_mode *inner_mode;
1409
1410
struct dst_entry *dst_prev = NULL;
1410
1411
struct dst_entry *dst0 = NULL;
1411
1412
int i = 0;
···
1437
1436
goto put_states;
1438
1437
}
1439
1438
1439
+
if (xfrm[i]->sel.family == AF_UNSPEC) {
1440
+
inner_mode = xfrm_ip2inner_mode(xfrm[i],
1441
+
xfrm_af2proto(family));
1442
+
if (!inner_mode) {
1443
+
err = -EAFNOSUPPORT;
1444
+
dst_release(dst);
1445
+
goto put_states;
1446
+
}
1447
+
} else
1448
+
inner_mode = xfrm[i]->inner_mode;
1449
+
1440
1450
if (!dst_prev)
1441
1451
dst0 = dst1;
1442
1452
else {
···
1476
1464
dst1->lastuse = now;
1477
1465
1478
1466
dst1->input = dst_discard;
1479
-
dst1->output = xfrm[i]->outer_mode->afinfo->output;
1467
+
dst1->output = inner_mode->afinfo->output;
1480
1468
1481
1469
dst1->next = dst_prev;
1482
1470
dst_prev = dst1;
+3
net/xfrm/xfrm_replay.c
+3
net/xfrm/xfrm_replay.c
···
535
535
replay_esn->bmp_len * sizeof(__u32) * 8)
536
536
return -EINVAL;
537
537
538
+
if ((x->props.flags & XFRM_STATE_ESN) && replay_esn->replay_window == 0)
539
+
return -EINVAL;
540
+
538
541
if ((x->props.flags & XFRM_STATE_ESN) && x->replay_esn)
539
542
x->repl = &xfrm_replay_esn;
540
543
else