[NET]: Kill skb-tc_classid
tree 05701d5210afd76fded4bd4268a0e7e8c90a06bf
parent 8728b834b226ffcf2c94a58530090e292af2a7bf
author Patrick McHardy [EMAIL PROTECTED] Wed, 10 Aug 2005 09:25:56 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:31:18 -0700
[NET]: Kill skb-tc_classid
Signed-off-by: Patrick McHardy [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/linux/skbuff.h |3 ---
include/net/act_api.h |2 +-
net/core/skbuff.c |2 --
net/sched/act_api.c|7 +--
net/sched/gact.c |2 +-
net/sched/ipt.c|2 +-
net/sched/mirred.c |2 +-
net/sched/pedit.c |2 +-
net/sched/police.c |3 ++-
net/sched/simple.c |2 +-
10 files changed, 9 insertions(+), 18 deletions(-)
diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h
--- a/include/linux/skbuff.h
+++ b/include/linux/skbuff.h
@@ -196,7 +196,6 @@ struct skb_shared_info {
* @private: Data which is private to the HIPPI implementation
* @tc_index: Traffic control index
* @tc_verd: traffic control verdict
- * @tc_classid: traffic control classid
*/
struct sk_buff {
@@ -275,9 +274,7 @@ struct sk_buff {
__u32 tc_index;/* traffic control index */
#ifdef CONFIG_NET_CLS_ACT
__u32 tc_verd; /* traffic control verdict */
- __u32 tc_classid;/* traffic control classid */
#endif
-
#endif
diff --git a/include/net/act_api.h b/include/net/act_api.h
--- a/include/net/act_api.h
+++ b/include/net/act_api.h
@@ -63,7 +63,7 @@ struct tc_action_ops
__u32 type; /* TBD to match kind */
__u32 capab; /* capabilities includes 4 bit version */
struct module *owner;
- int (*act)(struct sk_buff **, struct tc_action *);
+ int (*act)(struct sk_buff **, struct tc_action *, struct tcf_result
*);
int (*get_stats)(struct sk_buff *, struct tc_action *);
int (*dump)(struct sk_buff *, struct tc_action *,int , int);
int (*cleanup)(struct tc_action *, int bind);
diff --git a/net/core/skbuff.c b/net/core/skbuff.c
--- a/net/core/skbuff.c
+++ b/net/core/skbuff.c
@@ -300,7 +300,6 @@ void __kfree_skb(struct sk_buff *skb)
skb-tc_index = 0;
#ifdef CONFIG_NET_CLS_ACT
skb-tc_verd = 0;
- skb-tc_classid = 0;
#endif
#endif
@@ -376,7 +375,6 @@ struct sk_buff *skb_clone(struct sk_buff
n-tc_verd = CLR_TC_OK2MUNGE(n-tc_verd);
n-tc_verd = CLR_TC_MUNGED(n-tc_verd);
C(input_dev);
- C(tc_classid);
#endif
#endif
diff --git a/net/sched/act_api.c b/net/sched/act_api.c
--- a/net/sched/act_api.c
+++ b/net/sched/act_api.c
@@ -165,7 +165,7 @@ int tcf_action_exec(struct sk_buff *skb,
while ((a = act) != NULL) {
repeat:
if (a-ops a-ops-act) {
- ret = a-ops-act(skb, a);
+ ret = a-ops-act(skb, a, res);
if (TC_MUNGED skb-tc_verd) {
/* copied already, allow trampling */
skb-tc_verd = SET_TC_OK2MUNGE(skb-tc_verd);
@@ -179,11 +179,6 @@ repeat:
act = a-next;
}
exec_done:
- if (skb-tc_classid 0) {
- res-classid = skb-tc_classid;
- res-class = 0;
- skb-tc_classid = 0;
- }
return ret;
}
diff --git a/net/sched/gact.c b/net/sched/gact.c
--- a/net/sched/gact.c
+++ b/net/sched/gact.c
@@ -135,7 +135,7 @@ tcf_gact_cleanup(struct tc_action *a, in
}
static int
-tcf_gact(struct sk_buff **pskb, struct tc_action *a)
+tcf_gact(struct sk_buff **pskb, struct tc_action *a, struct tcf_result *res)
{
struct tcf_gact *p = PRIV(a, gact);
struct sk_buff *skb = *pskb;
diff --git a/net/sched/ipt.c b/net/sched/ipt.c
--- a/net/sched/ipt.c
+++ b/net/sched/ipt.c
@@ -201,7 +201,7 @@ tcf_ipt_cleanup(struct tc_action *a, int
}
static int
-tcf_ipt(struct sk_buff **pskb, struct tc_action *a)
+tcf_ipt(struct sk_buff **pskb, struct tc_action *a, struct tcf_result *res)
{
int ret = 0, result = 0;
struct tcf_ipt *p = PRIV(a, ipt);
diff --git a/net/sched/mirred.c b/net/sched/mirred.c
--- a/net/sched/mirred.c
+++ b/net/sched/mirred.c
@@ -158,7 +158,7 @@ tcf_mirred_cleanup(struct tc_action *a,
}
static int
-tcf_mirred(struct sk_buff **pskb, struct tc_action *a)
+tcf_mirred(struct sk_buff **pskb, struct tc_action *a, struct tcf_result *res)
{
struct tcf_mirred *p = PRIV(a, mirred);
struct net_device *dev;
diff --git a/net/sched/pedit.c b/net/sched/pedit.c
--- a/net/sched/pedit.c
+++ b/net/sched/pedit.c
@@ -130,7 +130,7 @@ tcf_pedit_cleanup(struct tc_action *a, i
}
static int
-tcf_pedit(struct sk_buff **pskb, struct tc_action *a)
+tcf_pedit(struct sk_buff **pskb, struct tc_action *a, struct tcf_result *res)
{
struct tcf_pedit *p = PRIV(a, pedit);
struct sk_buff *skb
[NETFITLER]: Add nfnetlink layer.
tree 1cbc3d1e64d3dd51404c8935e676beb468867979
parent ac3247baf8ecadf168642e3898b0212c29c79715
author Harald Welte [EMAIL PROTECTED] Wed, 10 Aug 2005 09:30:24 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:31:29 -0700
[NETFITLER]: Add nfnetlink layer.
Introduce nfnetlink (netfilter netlink) layer. This layer is used as
transport layer for all userspace communication of the new upcoming
netfilter subsystems, such as ctnetlink, nfnetlink_queue and some day even
the mythical pkttables ;)
Signed-off-by: Harald Welte [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/linux/netfilter/nfnetlink.h | 145 +++
net/Kconfig |2
net/Makefile|1
net/netfilter/Kconfig |5
net/netfilter/Makefile |1
net/netfilter/nfnetlink.c | 343
6 files changed, 497 insertions(+)
diff --git a/include/linux/netfilter/nfnetlink.h
b/include/linux/netfilter/nfnetlink.h
new file mode 100644
--- /dev/null
+++ b/include/linux/netfilter/nfnetlink.h
@@ -0,0 +1,145 @@
+#ifndef _NFNETLINK_H
+#define _NFNETLINK_H
+#include linux/types.h
+
+/* nfnetlink groups: Up to 32 maximum */
+#define NF_NETLINK_CONNTRACK_NEW 0x0001
+#define NF_NETLINK_CONNTRACK_UPDATE0x0002
+#define NF_NETLINK_CONNTRACK_DESTROY 0x0004
+#define NF_NETLINK_CONNTRACK_EXP_NEW 0x0008
+#define NF_NETLINK_CONNTRACK_EXP_UPDATE0x0010
+#define NF_NETLINK_CONNTRACK_EXP_DESTROY 0x0020
+
+/* Generic structure for encapsulation optional netfilter information.
+ * It is reminiscent of sockaddr, but with sa_family replaced
+ * with attribute type.
+ * ! This should someday be put somewhere generic as now rtnetlink and
+ * ! nfnetlink use the same attributes methods. - J. Schulist.
+ */
+
+struct nfattr
+{
+ u_int16_t nfa_len;
+ u_int16_t nfa_type;
+} __attribute__ ((packed));
+
+/* FIXME: Shamelessly copy and pasted from rtnetlink.h, it's time
+ * to put this in a generic file */
+
+#define NFA_ALIGNTO 4
+#define NFA_ALIGN(len) (((len) + NFA_ALIGNTO - 1) ~(NFA_ALIGNTO - 1))
+#define NFA_OK(nfa,len)((len) 0 (nfa)-nfa_len = sizeof(struct
nfattr) \
+(nfa)-nfa_len = (len))
+#define NFA_NEXT(nfa,attrlen) ((attrlen) -= NFA_ALIGN((nfa)-nfa_len), \
+ (struct nfattr *)(((char *)(nfa)) + NFA_ALIGN((nfa)-nfa_len)))
+#define NFA_LENGTH(len)(NFA_ALIGN(sizeof(struct nfattr)) + (len))
+#define NFA_SPACE(len) NFA_ALIGN(NFA_LENGTH(len))
+#define NFA_DATA(nfa) ((void *)(((char *)(nfa)) + NFA_LENGTH(0)))
+#define NFA_PAYLOAD(nfa) ((int)((nfa)-nfa_len) - NFA_LENGTH(0))
+#define NFA_NEST(skb, type) \
+({ struct nfattr *__start = (struct nfattr *) (skb)-tail; \
+ NFA_PUT(skb, type, 0, NULL); \
+ __start; })
+#define NFA_NEST_END(skb, start) \
+({ (start)-nfa_len = ((skb)-tail - (unsigned char *) (start)); \
+(skb)-len; })
+#define NFA_NEST_CANCEL(skb, start) \
+({ if (start) \
+skb_trim(skb, (unsigned char *) (start) - (skb)-data); \
+-1; })
+
+/* General form of address family dependent message.
+ */
+struct nfgenmsg {
+ u_int8_t nfgen_family; /* AF_xxx */
+ u_int8_t version; /* nfnetlink version */
+ u_int16_t res_id; /* resource id */
+} __attribute__ ((packed));
+
+#define NFNETLINK_V1 1
+
+#define NFM_NFA(n) ((struct nfattr *)(((char *)(n)) \
++ NLMSG_ALIGN(sizeof(struct nfgenmsg
+#define NFM_PAYLOAD(n) NLMSG_PAYLOAD(n, sizeof(struct nfgenmsg))
+
+/* netfilter netlink message types are split in two pieces:
+ * 8 bit subsystem, 8bit operation.
+ */
+
+#define NFNL_SUBSYS_ID(x) ((x 0xff00) 8)
+#define NFNL_MSG_TYPE(x) (x 0x00ff)
+
+enum nfnl_subsys_id {
+ NFNL_SUBSYS_NONE = 0,
+ NFNL_SUBSYS_CTNETLINK,
+ NFNL_SUBSYS_CTNETLINK_EXP,
+ NFNL_SUBSYS_IPTNETLINK,
+ NFNL_SUBSYS_QUEUE,
+ NFNL_SUBSYS_ULOG,
+ NFNL_SUBSYS_COUNT,
+};
+
+#ifdef __KERNEL__
+
+#include linux/capability.h
+
+struct nfnl_callback
+{
+ kernel_cap_t cap_required; /* capabilities required for this msg */
+ int (*call)(struct sock *nl, struct sk_buff *skb,
+ struct nlmsghdr *nlh, struct nfattr *cda[], int *errp);
+};
+
+struct nfnetlink_subsystem
+{
+ const char *name;
+ __u8 subsys_id; /* nfnetlink subsystem ID */
+ __u8 cb_count; /* number of callbacks */
+ u_int32_t attr_count; /* number of nfattr's */
+ struct nfnl_callback *cb; /* callback for individual types */
+};
+
+extern void __nfa_fill(struct sk_buff *skb, int attrtype,
+int attrlen, const void *data);
+#define NFA_PUT(skb, attrtype, attrlen, data) \
+({ if (skb_tailroom(skb) (int)NFA_SPACE(attrlen)) goto nfattr_failure; \
+ __nfa_fill(skb, attrtype, attrlen,
[NET]: Introduce SO_{SND,RCV}BUFFORCE socket options
tree ae10ad849dce6dbeec1b281fbd51214030f21902
parent f9e815b376dc19e6afc551cd755ac64e9e42d81f
author Patrick McHardy [EMAIL PROTECTED] Wed, 10 Aug 2005 09:30:51 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:31:35 -0700
[NET]: Introduce SO_{SND,RCV}BUFFORCE socket options
Allows overriding of sysctl_{wmem,rmrm}_max
Signed-off-by: Patrick McHardy [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/asm-alpha/socket.h |2 ++
include/asm-arm/socket.h |2 ++
include/asm-arm26/socket.h |2 ++
include/asm-cris/socket.h|2 ++
include/asm-frv/socket.h |2 ++
include/asm-h8300/socket.h |2 ++
include/asm-i386/socket.h|2 ++
include/asm-ia64/socket.h|2 ++
include/asm-m32r/socket.h|2 ++
include/asm-m68k/socket.h|2 ++
include/asm-mips/socket.h|2 ++
include/asm-parisc/socket.h |2 ++
include/asm-ppc/socket.h |2 ++
include/asm-ppc64/socket.h |2 ++
include/asm-s390/socket.h|2 ++
include/asm-sh/socket.h |2 ++
include/asm-sparc/socket.h |2 ++
include/asm-sparc64/socket.h |2 ++
include/asm-v850/socket.h|2 ++
include/asm-x86_64/socket.h |2 ++
include/asm-xtensa/socket.h |2 ++
net/core/sock.c | 18 --
22 files changed, 58 insertions(+), 2 deletions(-)
diff --git a/include/asm-alpha/socket.h b/include/asm-alpha/socket.h
--- a/include/asm-alpha/socket.h
+++ b/include/asm-alpha/socket.h
@@ -25,6 +25,8 @@
#define SO_ERROR 0x1007
#define SO_SNDBUF 0x1001
#define SO_RCVBUF 0x1002
+#define SO_SNDBUFFORCE 0x100a
+#define SO_RCVBUFFORCE 0x100b
#defineSO_RCVLOWAT 0x1010
#defineSO_SNDLOWAT 0x1011
#defineSO_RCVTIMEO 0x1012
diff --git a/include/asm-arm/socket.h b/include/asm-arm/socket.h
--- a/include/asm-arm/socket.h
+++ b/include/asm-arm/socket.h
@@ -14,6 +14,8 @@
#define SO_BROADCAST 6
#define SO_SNDBUF 7
#define SO_RCVBUF 8
+#define SO_SNDBUFFORCE 32
+#define SO_RCVBUFFORCE 33
#define SO_KEEPALIVE 9
#define SO_OOBINLINE 10
#define SO_NO_CHECK11
diff --git a/include/asm-arm26/socket.h b/include/asm-arm26/socket.h
--- a/include/asm-arm26/socket.h
+++ b/include/asm-arm26/socket.h
@@ -14,6 +14,8 @@
#define SO_BROADCAST 6
#define SO_SNDBUF 7
#define SO_RCVBUF 8
+#define SO_SNDBUFFORCE 32
+#define SO_RCVBUFFORCE 33
#define SO_KEEPALIVE 9
#define SO_OOBINLINE 10
#define SO_NO_CHECK11
diff --git a/include/asm-cris/socket.h b/include/asm-cris/socket.h
--- a/include/asm-cris/socket.h
+++ b/include/asm-cris/socket.h
@@ -16,6 +16,8 @@
#define SO_BROADCAST 6
#define SO_SNDBUF 7
#define SO_RCVBUF 8
+#define SO_SNDBUFFORCE 32
+#define SO_RCVBUFFORCE 33
#define SO_KEEPALIVE 9
#define SO_OOBINLINE 10
#define SO_NO_CHECK11
diff --git a/include/asm-frv/socket.h b/include/asm-frv/socket.h
--- a/include/asm-frv/socket.h
+++ b/include/asm-frv/socket.h
@@ -14,6 +14,8 @@
#define SO_BROADCAST 6
#define SO_SNDBUF 7
#define SO_RCVBUF 8
+#define SO_SNDBUFFORCE 32
+#define SO_RCVBUFFORCE 33
#define SO_KEEPALIVE 9
#define SO_OOBINLINE 10
#define SO_NO_CHECK11
diff --git a/include/asm-h8300/socket.h b/include/asm-h8300/socket.h
--- a/include/asm-h8300/socket.h
+++ b/include/asm-h8300/socket.h
@@ -14,6 +14,8 @@
#define SO_BROADCAST 6
#define SO_SNDBUF 7
#define SO_RCVBUF 8
+#define SO_SNDBUFFORCE 32
+#define SO_RCVBUFFORCE 33
#define SO_KEEPALIVE 9
#define SO_OOBINLINE 10
#define SO_NO_CHECK11
diff --git a/include/asm-i386/socket.h b/include/asm-i386/socket.h
--- a/include/asm-i386/socket.h
+++ b/include/asm-i386/socket.h
@@ -14,6 +14,8 @@
#define SO_BROADCAST 6
#define SO_SNDBUF 7
#define SO_RCVBUF 8
+#define SO_SNDBUFFORCE 32
+#define SO_RCVBUFFORCE 33
#define SO_KEEPALIVE 9
#define SO_OOBINLINE 10
#define SO_NO_CHECK11
diff --git a/include/asm-ia64/socket.h b/include/asm-ia64/socket.h
--- a/include/asm-ia64/socket.h
+++ b/include/asm-ia64/socket.h
@@ -23,6 +23,8 @@
#define SO_BROADCAST 6
#define SO_SNDBUF 7
#define SO_RCVBUF 8
+#define SO_SNDBUFFORCE 32
+#define SO_RCVBUFFORCE 33
#define SO_KEEPALIVE 9
#define SO_OOBINLINE 10
#define SO_NO_CHECK11
diff --git a/include/asm-m32r/socket.h b/include/asm-m32r/socket.h
--- a/include/asm-m32r/socket.h
+++ b/include/asm-m32r/socket.h
@@ -14,6 +14,8 @@
#define SO_BROADCAST 6
#define SO_SNDBUF 7
#define SO_RCVBUF 8
+#define SO_SNDBUFFORCE 32
+#define SO_RCVBUFFORCE 33
#define SO_KEEPALIVE 9
#define SO_OOBINLINE 10
#define SO_NO_CHECK11
diff --git a/include/asm-m68k/socket.h b/include/asm-m68k/socket.h
--- a/include/asm-m68k/socket.h
+++ b/include/asm-m68k/socket.h
@@ -14,6 +14,8 @@
#define SO_BROADCAST 6
#define SO_SNDBUF 7
#define SO_RCVBUF 8
+#define SO_SNDBUFFORCE 32
+#define SO_RCVBUFFORCE 33
#define
[REQSK]: Move the syn_table destroy from tcp_listen_stop to reqsk_queue_destroy
tree b0dd71b7e5ea6e8b17813cf6b3736a1b0f443ab7
parent 080774a243f56ce2195ace96fba3d18548ee48ce
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Wed, 10 Aug 2005 09:33:31
-0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:32:11 -0700
[REQSK]: Move the syn_table destroy from tcp_listen_stop to reqsk_queue_destroy
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/net/request_sock.h |5 -
net/core/request_sock.c| 26 ++
net/ipv4/tcp.c | 35 ++-
3 files changed, 40 insertions(+), 26 deletions(-)
diff --git a/include/net/request_sock.h b/include/net/request_sock.h
--- a/include/net/request_sock.h
+++ b/include/net/request_sock.h
@@ -89,6 +89,7 @@ struct listen_sock {
int qlen_young;
int clock_hand;
u32 hash_rnd;
+ u32 nr_table_entries;
struct request_sock *syn_table[0];
};
@@ -129,11 +130,13 @@ static inline struct listen_sock *reqsk_
return lopt;
}
-static inline void reqsk_queue_destroy(struct request_sock_queue *queue)
+static inline void __reqsk_queue_destroy(struct request_sock_queue *queue)
{
kfree(reqsk_queue_yank_listen_sk(queue));
}
+extern void reqsk_queue_destroy(struct request_sock_queue *queue);
+
static inline struct request_sock *
reqsk_queue_yank_acceptq(struct request_sock_queue *queue)
{
diff --git a/net/core/request_sock.c b/net/core/request_sock.c
--- a/net/core/request_sock.c
+++ b/net/core/request_sock.c
@@ -53,6 +53,7 @@ int reqsk_queue_alloc(struct request_soc
get_random_bytes(lopt-hash_rnd, sizeof(lopt-hash_rnd));
rwlock_init(queue-syn_wait_lock);
queue-rskq_accept_head = queue-rskq_accept_head = NULL;
+ lopt-nr_table_entries = nr_table_entries;
write_lock_bh(queue-syn_wait_lock);
queue-listen_opt = lopt;
@@ -62,3 +63,28 @@ int reqsk_queue_alloc(struct request_soc
}
EXPORT_SYMBOL(reqsk_queue_alloc);
+
+void reqsk_queue_destroy(struct request_sock_queue *queue)
+{
+ /* make all the listen_opt local to us */
+ struct listen_sock *lopt = reqsk_queue_yank_listen_sk(queue);
+
+ if (lopt-qlen != 0) {
+ int i;
+
+ for (i = 0; i lopt-nr_table_entries; i++) {
+ struct request_sock *req;
+
+ while ((req = lopt-syn_table[i]) != NULL) {
+ lopt-syn_table[i] = req-dl_next;
+ lopt-qlen--;
+ reqsk_free(req);
+ }
+ }
+ }
+
+ BUG_TRAP(lopt-qlen == 0);
+ kfree(lopt);
+}
+
+EXPORT_SYMBOL(reqsk_queue_destroy);
diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -487,7 +487,7 @@ int tcp_listen_start(struct sock *sk)
}
sk-sk_state = TCP_CLOSE;
- reqsk_queue_destroy(tp-accept_queue);
+ __reqsk_queue_destroy(tp-accept_queue);
return -EADDRINUSE;
}
@@ -499,38 +499,23 @@ int tcp_listen_start(struct sock *sk)
static void tcp_listen_stop (struct sock *sk)
{
struct tcp_sock *tp = tcp_sk(sk);
- struct listen_sock *lopt;
struct request_sock *acc_req;
struct request_sock *req;
- int i;
tcp_delete_keepalive_timer(sk);
/* make all the listen_opt local to us */
- lopt = reqsk_queue_yank_listen_sk(tp-accept_queue);
acc_req = reqsk_queue_yank_acceptq(tp-accept_queue);
- if (lopt-qlen) {
- for (i = 0; i TCP_SYNQ_HSIZE; i++) {
- while ((req = lopt-syn_table[i]) != NULL) {
- lopt-syn_table[i] = req-dl_next;
- lopt-qlen--;
- reqsk_free(req);
-
- /* Following specs, it would be better either to send FIN
-* (and enter FIN-WAIT-1, it is normal close)
-* or to send active reset (abort).
-* Certainly, it is pretty dangerous while synflood, but it is
-* bad justification for our negligence 8)
-* To be honest, we are not able to make either
-* of the variants now. --ANK
-*/
- }
- }
- }
- BUG_TRAP(!lopt-qlen);
-
- kfree(lopt);
+ /* Following specs, it would be better either to send FIN
+* (and enter FIN-WAIT-1, it is normal close)
+* or to send active reset (abort).
+* Certainly, it is pretty dangerous while synflood, but it is
+* bad justification for our negligence 8)
+* To be honest, we are not able to make either
+* of the variants now. --ANK
+*/
+
[NET]: Reduce tc_index/tc_verd to u16
tree d9bdbd412bec6474e6845480a806edd74c3a2808
parent 83e3609eba3818f6e18b8bf9442195169ac306b7
author Patrick McHardy [EMAIL PROTECTED] Wed, 10 Aug 2005 09:33:51 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:32:20 -0700
[NET]: Reduce tc_index/tc_verd to u16
Signed-off-by: Patrick McHardy [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/linux/skbuff.h |4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h
--- a/include/linux/skbuff.h
+++ b/include/linux/skbuff.h
@@ -265,9 +265,9 @@ struct sk_buff {
#endif
#endif /* CONFIG_NETFILTER */
#ifdef CONFIG_NET_SCHED
- __u32 tc_index;/* traffic control index */
+ __u16 tc_index; /* traffic control index */
#ifdef CONFIG_NET_CLS_ACT
- __u32 tc_verd; /* traffic control verdict */
+ __u16 tc_verd;/* traffic control verdict */
#endif
#endif
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
[NET]: Kill skb-real_dev
tree 6e933f4bdc8899009edb33642b908779f123fb4a
parent b6b99eb5409d75ae35390057cd28f3aedfbd4cf4
author David S. Miller [EMAIL PROTECTED] Wed, 10 Aug 2005 09:34:12 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:32:25 -0700
[NET]: Kill skb-real_dev
Bonding just wants the device before the skb_bond()
decapsulation occurs, so simply pass that original
device into packet_type-func() as an argument.
It remains to be seen whether we can use this same
exact thing to get rid of skb-input_dev as well.
Signed-off-by: David S. Miller [EMAIL PROTECTED]
drivers/block/aoe/aoenet.c |2 +-
drivers/net/bonding/bond_3ad.c | 11 ---
drivers/net/bonding/bond_3ad.h |2 +-
drivers/net/bonding/bond_alb.c |5 ++---
drivers/net/hamradio/bpqether.c |4 ++--
drivers/net/pppoe.c |6 --
drivers/net/wan/hdlc_generic.c |2 +-
drivers/net/wan/lapbether.c |2 +-
drivers/net/wan/syncppp.c |2 +-
include/linux/if_vlan.h |1 -
include/linux/netdevice.h | 10 ++
include/linux/skbuff.h |2 --
include/net/arp.h |2 +-
include/net/ax25.h |2 +-
include/net/datalink.h |2 +-
include/net/ip.h|2 +-
include/net/ipv6.h |3 ++-
include/net/llc.h |8 +---
include/net/p8022.h |3 ++-
include/net/psnap.h |2 +-
include/net/x25.h |2 +-
net/802/p8022.c |3 ++-
net/802/psnap.c |7 ---
net/8021q/vlan.h|2 +-
net/8021q/vlan_dev.c|2 +-
net/appletalk/aarp.c|2 +-
net/appletalk/ddp.c |6 +++---
net/ax25/ax25_in.c |8
net/core/dev.c | 35 +++
net/core/skbuff.c |2 --
net/decnet/af_decnet.c |2 +-
net/decnet/dn_route.c |2 +-
net/econet/af_econet.c |2 +-
net/ipv4/arp.c |4 ++--
net/ipv4/ip_input.c |2 +-
net/ipv4/ipconfig.c |8
net/ipv6/ip6_input.c|2 +-
net/ipx/af_ipx.c|2 +-
net/irda/irlap_frame.c |2 +-
net/irda/irmod.c|2 +-
net/llc/llc_core.c |3 ++-
net/llc/llc_input.c |4 ++--
net/netrom/nr_dev.c |2 +-
net/packet/af_packet.c |6 +++---
net/x25/x25_dev.c |2 +-
45 files changed, 96 insertions(+), 91 deletions(-)
diff --git a/drivers/block/aoe/aoenet.c b/drivers/block/aoe/aoenet.c
--- a/drivers/block/aoe/aoenet.c
+++ b/drivers/block/aoe/aoenet.c
@@ -120,7 +120,7 @@ aoenet_xmit(struct sk_buff *sl)
* (1) len doesn't include the header by default. I want this.
*/
static int
-aoenet_rcv(struct sk_buff *skb, struct net_device *ifp, struct packet_type *pt)
+aoenet_rcv(struct sk_buff *skb, struct net_device *ifp, struct packet_type
*pt, struct net_device *orig_dev)
{
struct aoe_hdr *h;
u32 n;
diff --git a/drivers/net/bonding/bond_3ad.c b/drivers/net/bonding/bond_3ad.c
--- a/drivers/net/bonding/bond_3ad.c
+++ b/drivers/net/bonding/bond_3ad.c
@@ -2419,22 +2419,19 @@ out:
return 0;
}
-int bond_3ad_lacpdu_recv(struct sk_buff *skb, struct net_device *dev, struct
packet_type* ptype)
+int bond_3ad_lacpdu_recv(struct sk_buff *skb, struct net_device *dev, struct
packet_type* ptype, struct net_device *orig_dev)
{
struct bonding *bond = dev-priv;
struct slave *slave = NULL;
int ret = NET_RX_DROP;
- if (!(dev-flags IFF_MASTER)) {
+ if (!(dev-flags IFF_MASTER))
goto out;
- }
read_lock(bond-lock);
- slave = bond_get_slave_by_dev((struct bonding *)dev-priv,
- skb-real_dev);
- if (slave == NULL) {
+ slave = bond_get_slave_by_dev((struct bonding *)dev-priv, orig_dev);
+ if (!slave)
goto out_unlock;
- }
bond_3ad_rx_indication((struct lacpdu *) skb-data, slave, skb-len);
diff --git a/drivers/net/bonding/bond_3ad.h b/drivers/net/bonding/bond_3ad.h
--- a/drivers/net/bonding/bond_3ad.h
+++ b/drivers/net/bonding/bond_3ad.h
@@ -295,6 +295,6 @@ void bond_3ad_adapter_duplex_changed(str
void bond_3ad_handle_link_change(struct slave *slave, char link);
int bond_3ad_get_active_agg_info(struct bonding *bond, struct ad_info
*ad_info);
int bond_3ad_xmit_xor(struct sk_buff *skb, struct net_device *dev);
-int bond_3ad_lacpdu_recv(struct sk_buff *skb, struct net_device *dev, struct
packet_type* ptype);
+int bond_3ad_lacpdu_recv(struct sk_buff *skb, struct net_device *dev, struct
packet_type* ptype, struct net_device *orig_dev);
#endif //__BOND_3AD_H__
diff --git a/drivers/net/bonding/bond_alb.c b/drivers/net/bonding/bond_alb.c
---
[IPV4]: possible cleanups
tree 020e6d1ccb1d7ce07cdb26b7317fa2ca58e689b3
parent f2ccd8fa06c8e302116e71df372f5c1f83432e03
author Adrian Bunk [EMAIL PROTECTED] Wed, 10 Aug 2005 09:35:47 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:33:20 -0700
[IPV4]: possible cleanups
This patch contains the following possible cleanups:
- make needlessly global code static
- #if 0 the following unused global function:
- xfrm4_state.c: xfrm4_state_fini
- remove the following unneeded EXPORT_SYMBOL's:
- ip_output.c: ip_finish_output
- ip_output.c: sysctl_ip_default_ttl
- fib_frontend.c: ip_dev_find
- inetpeer.c: inet_peer_idlock
- ip_options.c: ip_options_compile
- ip_options.c: ip_options_undo
- net/core/request_sock.c: sysctl_max_syn_backlog
Signed-off-by: Adrian Bunk [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/net/ip.h |2 --
include/net/route.h |4
include/net/xfrm.h |1 -
net/core/request_sock.c |1 -
net/ipv4/fib_frontend.c |1 -
net/ipv4/inetpeer.c |2 --
net/ipv4/ip_options.c|3 ---
net/ipv4/ip_output.c |7 +--
net/ipv4/multipath_drr.c |2 +-
net/ipv4/route.c |4 +++-
net/ipv4/xfrm4_state.c |2 ++
11 files changed, 7 insertions(+), 22 deletions(-)
diff --git a/include/net/ip.h b/include/net/ip.h
--- a/include/net/ip.h
+++ b/include/net/ip.h
@@ -140,8 +140,6 @@ struct ip_reply_arg {
void ip_send_reply(struct sock *sk, struct sk_buff *skb, struct ip_reply_arg
*arg,
unsigned int len);
-extern int ip_finish_output(struct sk_buff *skb);
-
struct ipv4_config
{
int log_martians;
diff --git a/include/net/route.h b/include/net/route.h
--- a/include/net/route.h
+++ b/include/net/route.h
@@ -105,10 +105,6 @@ struct rt_cache_stat
unsigned int out_hlist_search;
};
-extern struct rt_cache_stat *rt_cache_stat;
-#define RT_CACHE_STAT_INC(field) \
- (per_cpu_ptr(rt_cache_stat, raw_smp_processor_id())-field++)
-
extern struct ip_rt_acct *ip_rt_acct;
struct in_device;
diff --git a/include/net/xfrm.h b/include/net/xfrm.h
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -818,7 +818,6 @@ extern void xfrm6_init(void);
extern void xfrm6_fini(void);
extern void xfrm_state_init(void);
extern void xfrm4_state_init(void);
-extern void xfrm4_state_fini(void);
extern void xfrm6_state_init(void);
extern void xfrm6_state_fini(void);
diff --git a/net/core/request_sock.c b/net/core/request_sock.c
--- a/net/core/request_sock.c
+++ b/net/core/request_sock.c
@@ -32,7 +32,6 @@
* Further increasing requires to change hash table size.
*/
int sysctl_max_syn_backlog = 256;
-EXPORT_SYMBOL(sysctl_max_syn_backlog);
int reqsk_queue_alloc(struct request_sock_queue *queue,
const int nr_table_entries)
diff --git a/net/ipv4/fib_frontend.c b/net/ipv4/fib_frontend.c
--- a/net/ipv4/fib_frontend.c
+++ b/net/ipv4/fib_frontend.c
@@ -662,5 +662,4 @@ void __init ip_fib_init(void)
}
EXPORT_SYMBOL(inet_addr_type);
-EXPORT_SYMBOL(ip_dev_find);
EXPORT_SYMBOL(ip_rt_ioctl);
diff --git a/net/ipv4/inetpeer.c b/net/ipv4/inetpeer.c
--- a/net/ipv4/inetpeer.c
+++ b/net/ipv4/inetpeer.c
@@ -459,5 +459,3 @@ static void peer_check_expire(unsigned l
peer_total / inet_peer_threshold * HZ;
add_timer(peer_periodic_timer);
}
-
-EXPORT_SYMBOL(inet_peer_idlock);
diff --git a/net/ipv4/ip_options.c b/net/ipv4/ip_options.c
--- a/net/ipv4/ip_options.c
+++ b/net/ipv4/ip_options.c
@@ -620,6 +620,3 @@ int ip_options_rcv_srr(struct sk_buff *s
}
return 0;
}
-
-EXPORT_SYMBOL(ip_options_compile);
-EXPORT_SYMBOL(ip_options_undo);
diff --git a/net/ipv4/ip_output.c b/net/ipv4/ip_output.c
--- a/net/ipv4/ip_output.c
+++ b/net/ipv4/ip_output.c
@@ -205,7 +205,7 @@ static inline int ip_finish_output2(stru
return -EINVAL;
}
-int ip_finish_output(struct sk_buff *skb)
+static int ip_finish_output(struct sk_buff *skb)
{
struct net_device *dev = skb-dst-dev;
@@ -1328,12 +1328,7 @@ void __init ip_init(void)
#endif
}
-EXPORT_SYMBOL(ip_finish_output);
EXPORT_SYMBOL(ip_fragment);
EXPORT_SYMBOL(ip_generic_getfrag);
EXPORT_SYMBOL(ip_queue_xmit);
EXPORT_SYMBOL(ip_send_check);
-
-#ifdef CONFIG_SYSCTL
-EXPORT_SYMBOL(sysctl_ip_default_ttl);
-#endif
diff --git a/net/ipv4/multipath_drr.c b/net/ipv4/multipath_drr.c
--- a/net/ipv4/multipath_drr.c
+++ b/net/ipv4/multipath_drr.c
@@ -107,7 +107,7 @@ static int drr_dev_event(struct notifier
return NOTIFY_DONE;
}
-struct notifier_block drr_dev_notifier = {
+static struct notifier_block drr_dev_notifier = {
.notifier_call = drr_dev_event,
};
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -240,7 +240,9 @@ static unsigned rt_hash_mask;
static int rt_hash_log;
static unsigned int
[NET]: Remove explicit initializations of skb-input_dev
tree 69ae9d0c30afe54cea3e4c6119791c1318c2198d
parent 0742fd53a3774781255bd1e471e7aa2e4a82d5f7
author David S. Miller [EMAIL PROTECTED] Wed, 10 Aug 2005 09:36:29 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:33:26 -0700
[NET]: Remove explicit initializations of skb-input_dev
Instead, set it in one place, namely the beginning of
netif_receive_skb().
Based upon suggestions from Jamal Hadi Salim.
Signed-off-by: David S. Miller [EMAIL PROTECTED]
drivers/isdn/i4l/isdn_net.c |1 -
drivers/isdn/i4l/isdn_ppp.c |1 -
drivers/net/ppp_generic.c |1 -
include/net/pkt_cls.h |6 +++---
include/net/x25device.h |1 -
net/core/dev.c | 10 +-
net/ethernet/eth.c |1 -
7 files changed, 8 insertions(+), 13 deletions(-)
diff --git a/drivers/isdn/i4l/isdn_net.c b/drivers/isdn/i4l/isdn_net.c
--- a/drivers/isdn/i4l/isdn_net.c
+++ b/drivers/isdn/i4l/isdn_net.c
@@ -1786,7 +1786,6 @@ isdn_net_receive(struct net_device *ndev
lp-stats.rx_bytes += skb-len;
}
skb-dev = ndev;
- skb-input_dev = ndev;
skb-pkt_type = PACKET_HOST;
skb-mac.raw = skb-data;
#ifdef ISDN_DEBUG_NET_DUMP
diff --git a/drivers/isdn/i4l/isdn_ppp.c b/drivers/isdn/i4l/isdn_ppp.c
--- a/drivers/isdn/i4l/isdn_ppp.c
+++ b/drivers/isdn/i4l/isdn_ppp.c
@@ -1177,7 +1177,6 @@ isdn_ppp_push_higher(isdn_net_dev * net_
mlp-huptimer = 0;
#endif /* CONFIG_IPPP_FILTER */
skb-dev = dev;
- skb-input_dev = dev;
skb-mac.raw = skb-data;
netif_rx(skb);
/* net_dev-local-stats.rx_packets++; done in isdn_net.c */
diff --git a/drivers/net/ppp_generic.c b/drivers/net/ppp_generic.c
--- a/drivers/net/ppp_generic.c
+++ b/drivers/net/ppp_generic.c
@@ -1657,7 +1657,6 @@ ppp_receive_nonmp_frame(struct ppp *ppp,
skb-dev = ppp-dev;
skb-protocol = htons(npindex_to_ethertype[npi]);
skb-mac.raw = skb-data;
- skb-input_dev = ppp-dev;
netif_rx(skb);
ppp-dev-last_rx = jiffies;
}
diff --git a/include/net/pkt_cls.h b/include/net/pkt_cls.h
--- a/include/net/pkt_cls.h
+++ b/include/net/pkt_cls.h
@@ -352,10 +352,10 @@ tcf_change_indev(struct tcf_proto *tp, c
static inline int
tcf_match_indev(struct sk_buff *skb, char *indev)
{
- if (0 != indev[0]) {
- if (NULL == skb-input_dev)
+ if (indev[0]) {
+ if (!skb-input_dev)
return 0;
- else if (0 != strcmp(indev, skb-input_dev-name))
+ if (strcmp(indev, skb-input_dev-name))
return 0;
}
diff --git a/include/net/x25device.h b/include/net/x25device.h
--- a/include/net/x25device.h
+++ b/include/net/x25device.h
@@ -8,7 +8,6 @@
static inline __be16 x25_type_trans(struct sk_buff *skb, struct net_device
*dev)
{
skb-mac.raw = skb-data;
- skb-input_dev = skb-dev = dev;
skb-pkt_type = PACKET_HOST;
return htons(ETH_P_X25);
diff --git a/net/core/dev.c b/net/core/dev.c
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -1536,17 +1536,14 @@ static int ing_filter(struct sk_buff *sk
__u32 ttl = (__u32) G_TC_RTTL(skb-tc_verd);
if (MAX_RED_LOOP ttl++) {
printk(Redir loop detected Dropping packet (%s-%s)\n,
-
skb-input_dev?skb-input_dev-name:??,skb-dev-name);
+ skb-input_dev-name, skb-dev-name);
return TC_ACT_SHOT;
}
skb-tc_verd = SET_TC_RTTL(skb-tc_verd,ttl);
skb-tc_verd = SET_TC_AT(skb-tc_verd,AT_INGRESS);
- if (NULL == skb-input_dev) {
- skb-input_dev = skb-dev;
- printk(ing_filter: fixed %s out
%s\n,skb-input_dev-name,skb-dev-name);
- }
+
spin_lock(dev-ingress_lock);
if ((q = dev-qdisc_ingress) != NULL)
result = q-enqueue(skb, q);
@@ -1572,6 +1569,9 @@ int netif_receive_skb(struct sk_buff *sk
if (!skb-stamp.tv_sec)
net_timestamp(skb-stamp);
+ if (!skb-input_dev)
+ skb-input_dev = skb-dev;
+
orig_dev = skb_bond(skb);
__get_cpu_var(netdev_rx_stat).total++;
diff --git a/net/ethernet/eth.c b/net/ethernet/eth.c
--- a/net/ethernet/eth.c
+++ b/net/ethernet/eth.c
@@ -163,7 +163,6 @@ __be16 eth_type_trans(struct sk_buff *sk
skb-mac.raw=skb-data;
skb_pull(skb,ETH_HLEN);
eth = eth_hdr(skb);
- skb-input_dev = dev;
if(*eth-h_dest1)
{
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
[NETFILTER]: C99 initizalizers for NAT protocols
tree f5b3cb508fd9b2c63aa2c24d3dafc37c2c18941f
parent 86e65da9c1fc6fb421b9f796b597b3eced6b55ab
author Patrick McHardy [EMAIL PROTECTED] Wed, 10 Aug 2005 09:36:53 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:33:34 -0700
[NETFILTER]: C99 initizalizers for NAT protocols
Signed-off-by: Patrick McHardy [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
net/ipv4/netfilter/ip_nat_proto_icmp.c| 20 +++-
net/ipv4/netfilter/ip_nat_proto_tcp.c | 20 +++-
net/ipv4/netfilter/ip_nat_proto_udp.c | 20 +++-
net/ipv4/netfilter/ip_nat_proto_unknown.c | 13 +++--
4 files changed, 40 insertions(+), 33 deletions(-)
diff --git a/net/ipv4/netfilter/ip_nat_proto_icmp.c
b/net/ipv4/netfilter/ip_nat_proto_icmp.c
--- a/net/ipv4/netfilter/ip_nat_proto_icmp.c
+++ b/net/ipv4/netfilter/ip_nat_proto_icmp.c
@@ -106,16 +106,18 @@ icmp_print_range(char *buffer, const str
else return 0;
}
-struct ip_nat_protocol ip_nat_protocol_icmp
-= { ICMP, IPPROTO_ICMP, THIS_MODULE,
-icmp_manip_pkt,
-icmp_in_range,
-icmp_unique_tuple,
-icmp_print,
-icmp_print_range,
+struct ip_nat_protocol ip_nat_protocol_icmp = {
+ .name = ICMP,
+ .protonum = IPPROTO_ICMP,
+ .me = THIS_MODULE,
+ .manip_pkt = icmp_manip_pkt,
+ .in_range = icmp_in_range,
+ .unique_tuple = icmp_unique_tuple,
+ .print = icmp_print,
+ .print_range= icmp_print_range,
#if defined(CONFIG_IP_NF_CONNTRACK_NETLINK) || \
defined(CONFIG_IP_NF_CONNTRACK_NETLINK_MODULE)
-ip_nat_port_range_to_nfattr,
-ip_nat_port_nfattr_to_range,
+ .range_to_nfattr= ip_nat_port_range_to_nfattr,
+ .nfattr_to_range= ip_nat_port_nfattr_to_range,
#endif
};
diff --git a/net/ipv4/netfilter/ip_nat_proto_tcp.c
b/net/ipv4/netfilter/ip_nat_proto_tcp.c
--- a/net/ipv4/netfilter/ip_nat_proto_tcp.c
+++ b/net/ipv4/netfilter/ip_nat_proto_tcp.c
@@ -170,16 +170,18 @@ tcp_print_range(char *buffer, const stru
else return 0;
}
-struct ip_nat_protocol ip_nat_protocol_tcp
-= { TCP, IPPROTO_TCP, THIS_MODULE,
-tcp_manip_pkt,
-tcp_in_range,
-tcp_unique_tuple,
-tcp_print,
-tcp_print_range,
+struct ip_nat_protocol ip_nat_protocol_tcp = {
+ .name = TCP,
+ .protonum = IPPROTO_TCP,
+ .me = THIS_MODULE,
+ .manip_pkt = tcp_manip_pkt,
+ .in_range = tcp_in_range,
+ .unique_tuple = tcp_unique_tuple,
+ .print = tcp_print,
+ .print_range= tcp_print_range,
#if defined(CONFIG_IP_NF_CONNTRACK_NETLINK) || \
defined(CONFIG_IP_NF_CONNTRACK_NETLINK_MODULE)
-ip_nat_port_range_to_nfattr,
-ip_nat_port_nfattr_to_range,
+ .range_to_nfattr= ip_nat_port_range_to_nfattr,
+ .nfattr_to_range= ip_nat_port_nfattr_to_range,
#endif
};
diff --git a/net/ipv4/netfilter/ip_nat_proto_udp.c
b/net/ipv4/netfilter/ip_nat_proto_udp.c
--- a/net/ipv4/netfilter/ip_nat_proto_udp.c
+++ b/net/ipv4/netfilter/ip_nat_proto_udp.c
@@ -156,16 +156,18 @@ udp_print_range(char *buffer, const stru
else return 0;
}
-struct ip_nat_protocol ip_nat_protocol_udp
-= { UDP, IPPROTO_UDP, THIS_MODULE,
-udp_manip_pkt,
-udp_in_range,
-udp_unique_tuple,
-udp_print,
-udp_print_range,
+struct ip_nat_protocol ip_nat_protocol_udp = {
+ .name = UDP,
+ .protonum = IPPROTO_UDP,
+ .me = THIS_MODULE,
+ .manip_pkt = udp_manip_pkt,
+ .in_range = udp_in_range,
+ .unique_tuple = udp_unique_tuple,
+ .print = udp_print,
+ .print_range= udp_print_range,
#if defined(CONFIG_IP_NF_CONNTRACK_NETLINK) || \
defined(CONFIG_IP_NF_CONNTRACK_NETLINK_MODULE)
-ip_nat_port_range_to_nfattr,
-ip_nat_port_nfattr_to_range,
+ .range_to_nfattr= ip_nat_port_range_to_nfattr,
+ .nfattr_to_range= ip_nat_port_nfattr_to_range,
#endif
};
diff --git a/net/ipv4/netfilter/ip_nat_proto_unknown.c
b/net/ipv4/netfilter/ip_nat_proto_unknown.c
--- a/net/ipv4/netfilter/ip_nat_proto_unknown.c
+++ b/net/ipv4/netfilter/ip_nat_proto_unknown.c
@@ -61,10 +61,11 @@ unknown_print_range(char *buffer, const
}
struct ip_nat_protocol ip_nat_unknown_protocol = {
- unknown, 0, THIS_MODULE,
- unknown_manip_pkt,
- unknown_in_range,
- unknown_unique_tuple,
- unknown_print,
- unknown_print_range
+ .name = unknown,
+ .me = THIS_MODULE,
+ .manip_pkt = unknown_manip_pkt,
+ .in_range = unknown_in_range,
+ .unique_tuple
[NETFILTER]: Move ipv4 specific code from net/core/netfilter.c to net/ipv4/netfilter.c
tree 4c5963a206f67eda6f8ff74ac33f7ed7e4acc164
parent 089af26c706d1473f641c909fee7c878d29c1f1a
author Harald Welte [EMAIL PROTECTED] Wed, 10 Aug 2005 09:39:00 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:35:01 -0700
[NETFILTER]: Move ipv4 specific code from net/core/netfilter.c to
net/ipv4/netfilter.c
Netfilter cleanup
- Move ipv4 code from net/core/netfilter.c to net/ipv4/netfilter.c
- Move ipv6 netfilter code from net/ipv6/ip6_output.c to net/ipv6/netfilter.c
Signed-off-by: Harald Welte [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
net/core/netfilter.c | 72 -
net/ipv4/Makefile |2 -
net/ipv4/netfilter.c | 79 ++
net/ipv6/Makefile |2 -
net/ipv6/ip6_output.c | 32
net/ipv6/ipv6_syms.c |3 -
net/ipv6/netfilter.c | 43 +++
7 files changed, 124 insertions(+), 109 deletions(-)
diff --git a/net/core/netfilter.c b/net/core/netfilter.c
--- a/net/core/netfilter.c
+++ b/net/core/netfilter.c
@@ -22,12 +22,7 @@
#include linux/if.h
#include linux/netdevice.h
#include linux/inetdevice.h
-#include linux/tcp.h
-#include linux/udp.h
-#include linux/icmp.h
#include net/sock.h
-#include net/route.h
-#include linux/ip.h
/* In this code, we can be waiting indefinitely for userspace to
* service a packet if a hook returns NF_QUEUE. We could keep a count
@@ -447,73 +442,6 @@ void nf_reinject(struct sk_buff *skb, st
return;
}
-#ifdef CONFIG_INET
-/* route_me_harder function, used by iptable_nat, iptable_mangle + ip_queue */
-int ip_route_me_harder(struct sk_buff **pskb)
-{
- struct iphdr *iph = (*pskb)-nh.iph;
- struct rtable *rt;
- struct flowi fl = {};
- struct dst_entry *odst;
- unsigned int hh_len;
-
- /* some non-standard hacks like ipt_REJECT.c:send_reset() can cause
-* packets with foreign saddr to appear on the NF_IP_LOCAL_OUT hook.
-*/
- if (inet_addr_type(iph-saddr) == RTN_LOCAL) {
- fl.nl_u.ip4_u.daddr = iph-daddr;
- fl.nl_u.ip4_u.saddr = iph-saddr;
- fl.nl_u.ip4_u.tos = RT_TOS(iph-tos);
- fl.oif = (*pskb)-sk ? (*pskb)-sk-sk_bound_dev_if : 0;
-#ifdef CONFIG_IP_ROUTE_FWMARK
- fl.nl_u.ip4_u.fwmark = (*pskb)-nfmark;
-#endif
- fl.proto = iph-protocol;
- if (ip_route_output_key(rt, fl) != 0)
- return -1;
-
- /* Drop old route. */
- dst_release((*pskb)-dst);
- (*pskb)-dst = rt-u.dst;
- } else {
- /* non-local src, find valid iif to satisfy
-* rp-filter when calling ip_route_input. */
- fl.nl_u.ip4_u.daddr = iph-saddr;
- if (ip_route_output_key(rt, fl) != 0)
- return -1;
-
- odst = (*pskb)-dst;
- if (ip_route_input(*pskb, iph-daddr, iph-saddr,
- RT_TOS(iph-tos), rt-u.dst.dev) != 0) {
- dst_release(rt-u.dst);
- return -1;
- }
- dst_release(rt-u.dst);
- dst_release(odst);
- }
-
- if ((*pskb)-dst-error)
- return -1;
-
- /* Change in oif may mean change in hh_len. */
- hh_len = (*pskb)-dst-dev-hard_header_len;
- if (skb_headroom(*pskb) hh_len) {
- struct sk_buff *nskb;
-
- nskb = skb_realloc_headroom(*pskb, hh_len);
- if (!nskb)
- return -1;
- if ((*pskb)-sk)
- skb_set_owner_w(nskb, (*pskb)-sk);
- kfree_skb(*pskb);
- *pskb = nskb;
- }
-
- return 0;
-}
-EXPORT_SYMBOL(ip_route_me_harder);
-#endif /*CONFIG_INET*/
-
int skb_make_writable(struct sk_buff **pskb, unsigned int writable_len)
{
struct sk_buff *nskb;
diff --git a/net/ipv4/Makefile b/net/ipv4/Makefile
--- a/net/ipv4/Makefile
+++ b/net/ipv4/Makefile
@@ -8,7 +8,7 @@ obj-y := route.o inetpeer.o protocol
tcp.o tcp_input.o tcp_output.o tcp_timer.o tcp_ipv4.o \
tcp_minisocks.o tcp_cong.o \
datagram.o raw.o udp.o arp.o icmp.o devinet.o af_inet.o igmp.o \
-sysctl_net_ipv4.o fib_frontend.o fib_semantics.o
+sysctl_net_ipv4.o fib_frontend.o fib_semantics.o netfilter.o
obj-$(CONFIG_IP_FIB_HASH) += fib_hash.o
obj-$(CONFIG_IP_FIB_TRIE) += fib_trie.o
diff --git a/net/ipv4/netfilter.c b/net/ipv4/netfilter.c
new file mode 100644
--- /dev/null
+++ b/net/ipv4/netfilter.c
@@ -0,0 +1,79 @@
+#include linux/config.h
+
+#ifdef CONFIG_NETFILTER
+
+/* IPv4 specific functions of netfilter core */
+#include linux/kernel.h
+#include linux/netfilter.h
+
+#include linux/tcp.h
+#include linux/udp.h
+#include linux/icmp.h
+#include net/route.h
+#include
[NETLINK]: Add properly module refcounting for kernel netlink sockets.
tree 43d82e717922e6319cf8a8f9dc5ee902c651b491
parent 020b4c12dbe3868d792a01d7c1470cd837abe10f
author Harald Welte [EMAIL PROTECTED] Wed, 10 Aug 2005 09:40:55 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:35:08 -0700
[NETLINK]: Add properly module refcounting for kernel netlink sockets.
- Remove bogus code for compiling netlink as module
- Add module refcounting support for modules implementing a netlink
protocol
- Add support for autoloading modules that implement a netlink protocol
as soon as someone opens a socket for that protocol
Signed-off-by: Harald Welte [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
drivers/w1/w1_int.c |4 +
include/linux/net.h |3 +
include/linux/netlink.h |2
kernel/audit.c |3 -
lib/kobject_uevent.c|3 -
net/bridge/netfilter/ebt_ulog.c |2
net/core/rtnetlink.c|2
net/decnet/netfilter/dn_rtmsg.c |4 +
net/ipv4/fib_frontend.c |2
net/ipv4/netfilter/ip_queue.c |3 -
net/ipv4/netfilter/ipt_ULOG.c |3 -
net/ipv4/tcp_diag.c |3 -
net/ipv6/netfilter/ip6_queue.c |2
net/netfilter/nfnetlink.c |5 +
net/netlink/af_netlink.c| 108
net/xfrm/xfrm_user.c|4 +
security/selinux/netlink.c |2
17 files changed, 119 insertions(+), 36 deletions(-)
diff --git a/drivers/w1/w1_int.c b/drivers/w1/w1_int.c
--- a/drivers/w1/w1_int.c
+++ b/drivers/w1/w1_int.c
@@ -88,7 +88,7 @@ static struct w1_master * w1_alloc_dev(u
dev-groups = 23;
dev-seq = 1;
- dev-nls = netlink_kernel_create(NETLINK_W1, NULL);
+ dev-nls = netlink_kernel_create(NETLINK_W1, NULL, THIS_MODULE);
if (!dev-nls) {
printk(KERN_ERR Failed to create new netlink socket(%u) for w1
master %s.\n,
NETLINK_NFLOG, dev-dev.bus_id);
@@ -225,3 +225,5 @@ void w1_remove_master_device(struct w1_b
EXPORT_SYMBOL(w1_add_master_device);
EXPORT_SYMBOL(w1_remove_master_device);
+
+MODULE_ALIAS_NET_PF_PROTO(PF_NETLINK, NETLINK_W1);
diff --git a/include/linux/net.h b/include/linux/net.h
--- a/include/linux/net.h
+++ b/include/linux/net.h
@@ -282,5 +282,8 @@ static struct proto_ops name##_ops = {
#define MODULE_ALIAS_NETPROTO(proto) \
MODULE_ALIAS(net-pf- __stringify(proto))
+#define MODULE_ALIAS_NET_PF_PROTO(pf, proto) \
+ MODULE_ALIAS(net-pf- __stringify(pf) -proto- __stringify(proto))
+
#endif /* __KERNEL__ */
#endif /* _LINUX_NET_H */
diff --git a/include/linux/netlink.h b/include/linux/netlink.h
--- a/include/linux/netlink.h
+++ b/include/linux/netlink.h
@@ -117,7 +117,7 @@ struct netlink_skb_parms
#define NETLINK_CREDS(skb) (NETLINK_CB((skb)).creds)
-extern struct sock *netlink_kernel_create(int unit, void (*input)(struct sock
*sk, int len));
+extern struct sock *netlink_kernel_create(int unit, void (*input)(struct sock
*sk, int len), struct module *module);
extern void netlink_ack(struct sk_buff *in_skb, struct nlmsghdr *nlh, int err);
extern int netlink_unicast(struct sock *ssk, struct sk_buff *skb, __u32 pid,
int nonblock);
extern int netlink_broadcast(struct sock *ssk, struct sk_buff *skb, __u32 pid,
diff --git a/kernel/audit.c b/kernel/audit.c
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -514,7 +514,8 @@ static int __init audit_init(void)
{
printk(KERN_INFO audit: initializing netlink socket (%s)\n,
audit_default ? enabled : disabled);
- audit_sock = netlink_kernel_create(NETLINK_AUDIT, audit_receive);
+ audit_sock = netlink_kernel_create(NETLINK_AUDIT, audit_receive,
+ THIS_MODULE);
if (!audit_sock)
audit_panic(cannot initialize netlink socket);
diff --git a/lib/kobject_uevent.c b/lib/kobject_uevent.c
--- a/lib/kobject_uevent.c
+++ b/lib/kobject_uevent.c
@@ -153,7 +153,8 @@ EXPORT_SYMBOL_GPL(kobject_uevent_atomic)
static int __init kobject_uevent_init(void)
{
- uevent_sock = netlink_kernel_create(NETLINK_KOBJECT_UEVENT, NULL);
+ uevent_sock = netlink_kernel_create(NETLINK_KOBJECT_UEVENT, NULL,
+ THIS_MODULE);
if (!uevent_sock) {
printk(KERN_ERR
diff --git a/net/bridge/netfilter/ebt_ulog.c b/net/bridge/netfilter/ebt_ulog.c
--- a/net/bridge/netfilter/ebt_ulog.c
+++ b/net/bridge/netfilter/ebt_ulog.c
@@ -258,7 +258,7 @@ static int __init init(void)
spin_lock_init(ulog_buffers[i].lock);
}
- ebtulognl = netlink_kernel_create(NETLINK_NFLOG, NULL);
+ ebtulognl = netlink_kernel_create(NETLINK_NFLOG, NULL, THIS_MODULE);
if (!ebtulognl)
ret = -ENOMEM;
else if ((ret = ebt_register_watcher(ulog)))
diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
--- a/net/core/rtnetlink.c
+++
[NETFILTER]: Move reroute-after-queue code up to the nf_queue layer.
tree c2c3d03d8120831d487bb8fcc73e5dcbe13aebea
parent 4fdb3bb723db469717c6d38fda667d8b0fa86ebd
author Harald Welte [EMAIL PROTECTED] Wed, 10 Aug 2005 09:42:34 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:36:19 -0700
[NETFILTER]: Move reroute-after-queue code up to the nf_queue layer.
The rerouting functionality is required by the core, therefore it has
to be implemented by the core and not in individual queue handlers.
Signed-off-by: Harald Welte [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/linux/netfilter.h | 11 ++
include/linux/netfilter_ipv6.h |3 +
net/core/netfilter.c | 66 +
net/ipv4/netfilter.c | 64 ++-
net/ipv4/netfilter/ip_queue.c | 27
net/ipv6/af_inet6.c|7
net/ipv6/netfilter.c | 62 ++
net/ipv6/netfilter/ip6_queue.c | 24 --
8 files changed, 199 insertions(+), 65 deletions(-)
diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h
--- a/include/linux/netfilter.h
+++ b/include/linux/netfilter.h
@@ -198,6 +198,17 @@ extern void nf_invalidate_cache(int pf);
Returns true or false. */
extern int skb_make_writable(struct sk_buff **pskb, unsigned int writable_len);
+struct nf_queue_rerouter {
+ void (*save)(const struct sk_buff *skb, struct nf_info *info);
+ int (*reroute)(struct sk_buff **skb, const struct nf_info *info);
+ int rer_size;
+};
+
+#define nf_info_reroute(x) ((void *)x + sizeof(struct nf_info))
+
+extern int nf_register_queue_rerouter(int pf, struct nf_queue_rerouter *rer);
+extern int nf_unregister_queue_rerouter(int pf);
+
#else /* !CONFIG_NETFILTER */
#define NF_HOOK(pf, hook, skb, indev, outdev, okfn) (okfn)(skb)
static inline void nf_ct_attach(struct sk_buff *new, struct sk_buff *skb) {}
diff --git a/include/linux/netfilter_ipv6.h b/include/linux/netfilter_ipv6.h
--- a/include/linux/netfilter_ipv6.h
+++ b/include/linux/netfilter_ipv6.h
@@ -71,4 +71,7 @@ enum nf_ip6_hook_priorities {
NF_IP6_PRI_LAST = INT_MAX,
};
+int ipv6_netfilter_init(void);
+void ipv6_netfilter_fini(void);
+
#endif /*__LINUX_IP6_NETFILTER_H*/
diff --git a/net/core/netfilter.c b/net/core/netfilter.c
--- a/net/core/netfilter.c
+++ b/net/core/netfilter.c
@@ -53,6 +53,9 @@ static struct nf_queue_handler_t {
nf_queue_outfn_t outfn;
void *data;
} queue_handler[NPROTO];
+
+static struct nf_queue_rerouter *queue_rerouter;
+
static DEFINE_RWLOCK(queue_handler_lock);
int nf_register_hook(struct nf_hook_ops *reg)
@@ -260,11 +263,34 @@ int nf_unregister_queue_handler(int pf)
return 0;
}
+int nf_register_queue_rerouter(int pf, struct nf_queue_rerouter *rer)
+{
+ if (pf = NPROTO)
+ return -EINVAL;
+
+ write_lock_bh(queue_handler_lock);
+ memcpy(queue_rerouter[pf], rer, sizeof(queue_rerouter[pf]));
+ write_unlock_bh(queue_handler_lock);
+
+ return 0;
+}
+
+int nf_unregister_queue_rerouter(int pf)
+{
+ if (pf = NPROTO)
+ return -EINVAL;
+
+ write_lock_bh(queue_handler_lock);
+ memset(queue_rerouter[pf], 0, sizeof(queue_rerouter[pf]));
+ write_unlock_bh(queue_handler_lock);
+ return 0;
+}
+
/*
* Any packet that leaves via this function must come back
* through nf_reinject().
*/
-static int nf_queue(struct sk_buff *skb,
+static int nf_queue(struct sk_buff **skb,
struct list_head *elem,
int pf, unsigned int hook,
struct net_device *indev,
@@ -282,17 +308,17 @@ static int nf_queue(struct sk_buff *skb,
read_lock(queue_handler_lock);
if (!queue_handler[pf].outfn) {
read_unlock(queue_handler_lock);
- kfree_skb(skb);
+ kfree_skb(*skb);
return 1;
}
- info = kmalloc(sizeof(*info), GFP_ATOMIC);
+ info = kmalloc(sizeof(*info)+queue_rerouter[pf].rer_size, GFP_ATOMIC);
if (!info) {
if (net_ratelimit())
printk(KERN_ERR OOM queueing packet %p\n,
- skb);
+ *skb);
read_unlock(queue_handler_lock);
- kfree_skb(skb);
+ kfree_skb(*skb);
return 1;
}
@@ -311,15 +337,21 @@ static int nf_queue(struct sk_buff *skb,
if (outdev) dev_hold(outdev);
#ifdef CONFIG_BRIDGE_NETFILTER
- if (skb-nf_bridge) {
- physindev = skb-nf_bridge-physindev;
+ if ((*skb)-nf_bridge) {
+ physindev = (*skb)-nf_bridge-physindev;
if (physindev) dev_hold(physindev);
- physoutdev = skb-nf_bridge-physoutdev;
+ physoutdev = (*skb)-nf_bridge-physoutdev;
if (physoutdev) dev_hold(physoutdev);
[NETFILTER]: Core changes required by upcoming nfnetlink_queue code
tree f58711648f91bbd880fcada7718a2462f0249a78
parent 2cc7d5730957c4a3f3659d17d2ba5e06d5581c1f
author Harald Welte [EMAIL PROTECTED] Wed, 10 Aug 2005 09:43:44 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:36:49 -0700
[NETFILTER]: Core changes required by upcoming nfnetlink_queue code
- split netfiler verdict in 16bit verdict and 16bit queue number
- add 'queuenum' argument to nf_queue_outfn_t and its users ip[6]_queue
- move NFNL_SUBSYS_ definitions from enum to #define
- introduce autoloading for nfnetlink subsystem modules
- add MODULE_ALIAS_NFNL_SUBSYS macro
- add nf_unregister_queue_handlers() to register all handlers for a given
nf_queue_outfn_t
- add more verbose DEBUGP macro definition to nfnetlink.c
- make nfnetlink_subsys_register fail if subsys already exists
- add some more comments and debug statements to nfnetlink.c
Signed-off-by: Harald Welte [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/linux/netfilter.h | 14 +++-
include/linux/netfilter/nfnetlink.h | 20 +-
net/core/netfilter.c| 40 +---
net/ipv4/netfilter/ip_queue.c |3 +-
net/ipv6/netfilter/ip6_queue.c |3 +-
net/netfilter/nfnetlink.c | 28 +++--
6 files changed, 83 insertions(+), 25 deletions(-)
diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h
--- a/include/linux/netfilter.h
+++ b/include/linux/netfilter.h
@@ -21,6 +21,16 @@
#define NF_STOP 5
#define NF_MAX_VERDICT NF_STOP
+/* we overload the higher bits for encoding auxiliary data such as the queue
+ * number. Not nice, but better than additional function arguments. */
+#define NF_VERDICT_MASK 0x
+#define NF_VERDICT_BITS 16
+
+#define NF_VERDICT_QMASK 0x
+#define NF_VERDICT_QBITS 16
+
+#define NF_QUEUE_NR(x) ((x NF_VERDICT_QBITS) NF_VERDICT_QMASK || NF_QUEUE)
+
/* only for userspace compatibility */
#ifndef __KERNEL__
/* Generic cache responses from hook functions.
@@ -179,10 +189,12 @@ int nf_getsockopt(struct sock *sk, int p
/* Packet queuing */
typedef int (*nf_queue_outfn_t)(struct sk_buff *skb,
-struct nf_info *info, void *data);
+struct nf_info *info,
+ unsigned int queuenum, void *data);
extern int nf_register_queue_handler(int pf,
nf_queue_outfn_t outfn, void *data);
extern int nf_unregister_queue_handler(int pf);
+extern void nf_unregister_queue_handlers(nf_queue_outfn_t outfn);
extern void nf_reinject(struct sk_buff *skb,
struct nf_info *info,
unsigned int verdict);
diff --git a/include/linux/netfilter/nfnetlink.h
b/include/linux/netfilter/nfnetlink.h
--- a/include/linux/netfilter/nfnetlink.h
+++ b/include/linux/netfilter/nfnetlink.h
@@ -69,15 +69,14 @@ struct nfgenmsg {
#define NFNL_SUBSYS_ID(x) ((x 0xff00) 8)
#define NFNL_MSG_TYPE(x) (x 0x00ff)
-enum nfnl_subsys_id {
- NFNL_SUBSYS_NONE = 0,
- NFNL_SUBSYS_CTNETLINK,
- NFNL_SUBSYS_CTNETLINK_EXP,
- NFNL_SUBSYS_IPTNETLINK,
- NFNL_SUBSYS_QUEUE,
- NFNL_SUBSYS_ULOG,
- NFNL_SUBSYS_COUNT,
-};
+/* No enum here, otherwise __stringify() trick of MODULE_ALIAS_NFNL_SUBSYS()
+ * won't work anymore */
+#define NFNL_SUBSYS_NONE 0
+#define NFNL_SUBSYS_CTNETLINK 1
+#define NFNL_SUBSYS_CTNETLINK_EXP 2
+#define NFNL_SUBSYS_QUEUE 3
+#define NFNL_SUBSYS_ULOG 4
+#define NFNL_SUBSYS_COUNT 5
#ifdef __KERNEL__
@@ -142,5 +141,8 @@ extern int nfnetlink_send(struct sk_buff
int echo);
extern int nfnetlink_unicast(struct sk_buff *skb, u_int32_t pid, int flags);
+#define MODULE_ALIAS_NFNL_SUBSYS(subsys) \
+ MODULE_ALIAS(nfnetlink-subsys- __stringify(subsys))
+
#endif /* __KERNEL__ */
#endif /* _NFNETLINK_H */
diff --git a/net/core/netfilter.c b/net/core/netfilter.c
--- a/net/core/netfilter.c
+++ b/net/core/netfilter.c
@@ -221,7 +221,8 @@ static unsigned int nf_iterate(struct li
verdict = elem-hook(hook, skb, indev, outdev, okfn);
if (verdict != NF_ACCEPT) {
#ifdef CONFIG_NETFILTER_DEBUG
- if (unlikely(verdict NF_MAX_VERDICT)) {
+ if (unlikely((verdict NF_VERDICT_MASK)
+NF_MAX_VERDICT)) {
NFDEBUG(Evil return from %p(%u).\n,
elem-hook, hook);
continue;
@@ -239,6 +240,9 @@ int nf_register_queue_handler(int pf, nf
{
int ret;
+ if (pf = NPROTO)
+ return -EINVAL;
+
write_lock_bh(queue_handler_lock);
if (queue_handler[pf].outfn)
ret = -EBUSY;
@@ -255,6 +259,9 @@ int
[NETFILTER]: Add nfnetlink_queue netfilter queue handler over nfnetlink
tree 752acd1f26063b23e5629124ee0a33078d2fb9a1
parent 0ab43f84995f2c2fcc5cc58a9accaa1095e1317f
author Harald Welte [EMAIL PROTECTED] Wed, 10 Aug 2005 09:44:15 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:36:56 -0700
[NETFILTER]: Add nfnetlink_queue netfilter queue handler over nfnetlink
- Add new nfnetlink_queue module
- Add new ipt_NFQUEUE and ip6t_NFQUEUE modules to access queue numbers 1-65535
- Mark ip_queue and ip6_queue Kconfig options as OBSOLETE
- Update feature-removal-schedule to remove ip[6]_queue in December
Signed-off-by: Harald Welte [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
Documentation/feature-removal-schedule.txt | 12
include/linux/netfilter/nfnetlink_queue.h | 85 ++
include/linux/netfilter_ipv4/ipt_NFQUEUE.h | 16
net/ipv4/netfilter/Kconfig |6
net/ipv4/netfilter/Makefile|1
net/ipv4/netfilter/ipt_NFQUEUE.c | 70 ++
net/ipv6/netfilter/Kconfig | 11
net/ipv6/netfilter/Makefile|1
net/ipv6/netfilter/ip6t_NFQUEUE.c | 70 ++
net/netfilter/Kconfig |8
net/netfilter/Makefile |1
net/netfilter/nfnetlink_queue.c| 877 +
12 files changed, 1153 insertions(+), 5 deletions(-)
diff --git a/Documentation/feature-removal-schedule.txt
b/Documentation/feature-removal-schedule.txt
--- a/Documentation/feature-removal-schedule.txt
+++ b/Documentation/feature-removal-schedule.txt
@@ -135,3 +135,15 @@ Why: With the 16-bit PCMCIA subsystem no
pcmciautils package available at
http://kernel.org/pub/linux/utils/kernel/pcmcia/
Who: Dominik Brodowski [EMAIL PROTECTED]
+
+---
+
+What: ip_queue and ip6_queue (old ipv4-only and ipv6-only netfilter queue)
+When: December 2005
+Why: This interface has been obsoleted by the new layer3-independent
+ nfnetlink_queue. The Kernel interface is compatible, so the old
+ ip[6]tables QUEUE targets still work and will transparently handle
+ all packets into nfnetlink queue number 0. Userspace users will have
+ to link against API-compatible library on top of libnfnetlink_queue
+ instead of the current 'libipq'.
+Who: Harald Welte [EMAIL PROTECTED]
diff --git a/include/linux/netfilter/nfnetlink_queue.h
b/include/linux/netfilter/nfnetlink_queue.h
new file mode 100644
--- /dev/null
+++ b/include/linux/netfilter/nfnetlink_queue.h
@@ -0,0 +1,85 @@
+#ifndef _NFNETLINK_QUEUE_H
+#define _NFNETLINK_QUEUE_H
+
+#include linux/netfilter/nfnetlink.h
+
+enum nfqnl_msg_types {
+ NFQNL_MSG_PACKET, /* packet from kernel to userspace */
+ NFQNL_MSG_VERDICT, /* verdict from userspace to kernel */
+ NFQNL_MSG_CONFIG, /* connect to a particular queue */
+
+ NFQNL_MSG_MAX
+};
+
+struct nfqnl_msg_packet_hdr {
+ u_int32_t packet_id; /* unique ID of packet in queue */
+ u_int16_t hw_protocol;/* hw protocol (network order) */
+ u_int8_thook; /* netfilter hook */
+} __attribute__ ((packed));
+
+struct nfqnl_msg_packet_hw {
+ u_int16_t hw_addrlen;
+ u_int16_t _pad;
+ u_int8_thw_addr[8];
+} __attribute__ ((packed));
+
+struct nfqnl_msg_packet_timestamp {
+ u_int64_t sec;
+ u_int64_t usec;
+} __attribute__ ((packed));
+
+enum nfqnl_attr_type {
+ NFQA_UNSPEC,
+ NFQA_PACKET_HDR,
+ NFQA_VERDICT_HDR, /* nfqnl_msg_verdict_hrd */
+ NFQA_MARK, /* u_int32_t nfmark */
+ NFQA_TIMESTAMP, /* nfqnl_msg_packet_timestamp */
+ NFQA_IFINDEX_INDEV, /* u_int32_t ifindex */
+ NFQA_IFINDEX_OUTDEV,/* u_int32_t ifindex */
+ NFQA_HWADDR,/* nfqnl_msg_packet_hw */
+ NFQA_PAYLOAD, /* opaque data payload */
+
+ __NFQA_MAX
+};
+#define NFQA_MAX (__NFQA_MAX - 1)
+
+struct nfqnl_msg_verdict_hdr {
+ u_int32_t verdict;
+ u_int32_t id;
+} __attribute__ ((packed));
+
+
+enum nfqnl_msg_config_cmds {
+ NFQNL_CFG_CMD_NONE,
+ NFQNL_CFG_CMD_BIND,
+ NFQNL_CFG_CMD_UNBIND,
+ NFQNL_CFG_CMD_PF_BIND,
+ NFQNL_CFG_CMD_PF_UNBIND,
+};
+
+struct nfqnl_msg_config_cmd {
+ u_int8_tcommand;/* nfqnl_msg_config_cmds */
+ u_int8_t_pad;
+ u_int16_t pf; /* AF_xxx for PF_[UN]BIND */
+} __attribute__ ((packed));
+
+enum nfqnl_config_mode {
+ NFQNL_COPY_NONE,
+ NFQNL_COPY_META,
+ NFQNL_COPY_PACKET,
+};
+
+struct nfqnl_msg_config_params {
+ u_int32_t copy_range;
+ u_int8_tcopy_mode; /* enum nfqnl_config_mode */
+} __attribute__ ((packed));
+
+
+enum nfqnl_attr_config {
+ NFQA_CFG_UNSPEC,
+ NFQA_CFG_CMD,
[IPV6]: Check interface bindings on IPv6 raw socket reception
tree 1912652fdf55f1bcc703ae9a3dcb93036dcfca67
parent 7af4cc3fa158ff1dda6e7451c7e6afa6b0bb85cb
author Andrew McDonald [EMAIL PROTECTED] Wed, 10 Aug 2005 09:44:42 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:37:06 -0700
[IPV6]: Check interface bindings on IPv6 raw socket reception
Take account of whether a socket is bound to a particular device when
selecting an IPv6 raw socket to receive a packet. Also perform this
check when receiving IPv6 packets with router alert options.
Signed-off-by: Andrew McDonald [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/net/rawv6.h |3 ++-
net/ipv6/icmp.c |3 ++-
net/ipv6/ip6_output.c |4 +++-
net/ipv6/raw.c| 11 ---
4 files changed, 15 insertions(+), 6 deletions(-)
diff --git a/include/net/rawv6.h b/include/net/rawv6.h
--- a/include/net/rawv6.h
+++ b/include/net/rawv6.h
@@ -10,7 +10,8 @@ extern rwlock_t raw_v6_lock;
extern void ipv6_raw_deliver(struct sk_buff *skb, int nexthdr);
extern struct sock *__raw_v6_lookup(struct sock *sk, unsigned short num,
- struct in6_addr *loc_addr, struct in6_addr
*rmt_addr);
+ struct in6_addr *loc_addr, struct in6_addr
*rmt_addr,
+ int dif);
extern int rawv6_rcv(struct sock *sk,
struct sk_buff *skb);
diff --git a/net/ipv6/icmp.c b/net/ipv6/icmp.c
--- a/net/ipv6/icmp.c
+++ b/net/ipv6/icmp.c
@@ -551,7 +551,8 @@ static void icmpv6_notify(struct sk_buff
read_lock(raw_v6_lock);
if ((sk = sk_head(raw_v6_htable[hash])) != NULL) {
- while((sk = __raw_v6_lookup(sk, nexthdr, daddr, saddr))) {
+ while((sk = __raw_v6_lookup(sk, nexthdr, daddr, saddr,
+ skb-dev-ifindex))) {
rawv6_err(sk, skb, NULL, type, code, inner_offset,
info);
sk = sk_next(sk);
}
diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c
--- a/net/ipv6/ip6_output.c
+++ b/net/ipv6/ip6_output.c
@@ -277,7 +277,9 @@ static int ip6_call_ra_chain(struct sk_b
read_lock(ip6_ra_lock);
for (ra = ip6_ra_chain; ra; ra = ra-next) {
struct sock *sk = ra-sk;
- if (sk ra-sel == sel) {
+ if (sk ra-sel == sel
+ (!sk-sk_bound_dev_if ||
+sk-sk_bound_dev_if == skb-dev-ifindex)) {
if (last) {
struct sk_buff *skb2 = skb_clone(skb,
GFP_ATOMIC);
if (skb2)
diff --git a/net/ipv6/raw.c b/net/ipv6/raw.c
--- a/net/ipv6/raw.c
+++ b/net/ipv6/raw.c
@@ -81,7 +81,8 @@ static void raw_v6_unhash(struct sock *s
/* Grumble... icmp and ip_input want to get at this... */
struct sock *__raw_v6_lookup(struct sock *sk, unsigned short num,
-struct in6_addr *loc_addr, struct in6_addr
*rmt_addr)
+struct in6_addr *loc_addr, struct in6_addr
*rmt_addr,
+int dif)
{
struct hlist_node *node;
int is_multicast = ipv6_addr_is_multicast(loc_addr);
@@ -94,6 +95,9 @@ struct sock *__raw_v6_lookup(struct sock
!ipv6_addr_equal(np-daddr, rmt_addr))
continue;
+ if (sk-sk_bound_dev_if sk-sk_bound_dev_if != dif)
+ continue;
+
if (!ipv6_addr_any(np-rcv_saddr)) {
if (ipv6_addr_equal(np-rcv_saddr, loc_addr))
goto found;
@@ -160,7 +164,7 @@ void ipv6_raw_deliver(struct sk_buff *sk
if (sk == NULL)
goto out;
- sk = __raw_v6_lookup(sk, nexthdr, daddr, saddr);
+ sk = __raw_v6_lookup(sk, nexthdr, daddr, saddr, skb-dev-ifindex);
while (sk) {
if (nexthdr != IPPROTO_ICMPV6 || !icmpv6_filter(sk, skb)) {
@@ -170,7 +174,8 @@ void ipv6_raw_deliver(struct sk_buff *sk
if (clone)
rawv6_rcv(sk, clone);
}
- sk = __raw_v6_lookup(sk_next(sk), nexthdr, daddr, saddr);
+ sk = __raw_v6_lookup(sk_next(sk), nexthdr, daddr, saddr,
+skb-dev-ifindex);
}
out:
read_unlock(raw_v6_lock);
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
[IPV4/6]: Check if packet was actually delivered to a raw socket to decide whether to send an ICMP unreachable
tree 377297846b513224a30185fb279afd6640e361f5
parent 0bd1b59b15e4057101c89d4db15a3683c0d897f7
author Patrick McHardy [EMAIL PROTECTED] Wed, 10 Aug 2005 09:45:02 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:37:22 -0700
[IPV4/6]: Check if packet was actually delivered to a raw socket to decide
whether to send an ICMP unreachable
Signed-off-by: Patrick McHardy [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/net/raw.h|2 +-
include/net/rawv6.h |2 +-
net/ipv4/ip_input.c |4 ++--
net/ipv4/raw.c |5 -
net/ipv6/ip6_input.c |4 ++--
net/ipv6/raw.c |5 -
6 files changed, 14 insertions(+), 8 deletions(-)
diff --git a/include/net/raw.h b/include/net/raw.h
--- a/include/net/raw.h
+++ b/include/net/raw.h
@@ -37,6 +37,6 @@ extern struct sock *__raw_v4_lookup(stru
unsigned long raddr, unsigned long laddr,
int dif);
-extern void raw_v4_input(struct sk_buff *skb, struct iphdr *iph, int hash);
+extern int raw_v4_input(struct sk_buff *skb, struct iphdr *iph, int hash);
#endif /* _RAW_H */
diff --git a/include/net/rawv6.h b/include/net/rawv6.h
--- a/include/net/rawv6.h
+++ b/include/net/rawv6.h
@@ -7,7 +7,7 @@
extern struct hlist_head raw_v6_htable[RAWV6_HTABLE_SIZE];
extern rwlock_t raw_v6_lock;
-extern void ipv6_raw_deliver(struct sk_buff *skb, int nexthdr);
+extern int ipv6_raw_deliver(struct sk_buff *skb, int nexthdr);
extern struct sock *__raw_v6_lookup(struct sock *sk, unsigned short num,
struct in6_addr *loc_addr, struct in6_addr
*rmt_addr,
diff --git a/net/ipv4/ip_input.c b/net/ipv4/ip_input.c
--- a/net/ipv4/ip_input.c
+++ b/net/ipv4/ip_input.c
@@ -225,8 +225,8 @@ static inline int ip_local_deliver_finis
/* If there maybe a raw socket we must check - if not we
* don't care less
*/
- if (raw_sk)
- raw_v4_input(skb, skb-nh.iph, hash);
+ if (raw_sk !raw_v4_input(skb, skb-nh.iph, hash))
+ raw_sk = NULL;
if ((ipprot = rcu_dereference(inet_protos[hash])) != NULL) {
int ret;
diff --git a/net/ipv4/raw.c b/net/ipv4/raw.c
--- a/net/ipv4/raw.c
+++ b/net/ipv4/raw.c
@@ -150,10 +150,11 @@ static __inline__ int icmp_filter(struct
* RFC 1122: SHOULD pass TOS value up to the transport layer.
* - It does. And not only TOS, but all IP header.
*/
-void raw_v4_input(struct sk_buff *skb, struct iphdr *iph, int hash)
+int raw_v4_input(struct sk_buff *skb, struct iphdr *iph, int hash)
{
struct sock *sk;
struct hlist_head *head;
+ int delivered = 0;
read_lock(raw_v4_lock);
head = raw_v4_htable[hash];
@@ -164,6 +165,7 @@ void raw_v4_input(struct sk_buff *skb, s
skb-dev-ifindex);
while (sk) {
+ delivered = 1;
if (iph-protocol != IPPROTO_ICMP || !icmp_filter(sk, skb)) {
struct sk_buff *clone = skb_clone(skb, GFP_ATOMIC);
@@ -177,6 +179,7 @@ void raw_v4_input(struct sk_buff *skb, s
}
out:
read_unlock(raw_v4_lock);
+ return delivered;
}
void raw_err (struct sock *sk, struct sk_buff *skb, u32 info)
diff --git a/net/ipv6/ip6_input.c b/net/ipv6/ip6_input.c
--- a/net/ipv6/ip6_input.c
+++ b/net/ipv6/ip6_input.c
@@ -166,8 +166,8 @@ resubmit:
nexthdr = skb-nh.raw[nhoff];
raw_sk = sk_head(raw_v6_htable[nexthdr (MAX_INET_PROTOS - 1)]);
- if (raw_sk)
- ipv6_raw_deliver(skb, nexthdr);
+ if (raw_sk !ipv6_raw_deliver(skb, nexthdr))
+ raw_sk = NULL;
hash = nexthdr (MAX_INET_PROTOS - 1);
if ((ipprot = rcu_dereference(inet6_protos[hash])) != NULL) {
diff --git a/net/ipv6/raw.c b/net/ipv6/raw.c
--- a/net/ipv6/raw.c
+++ b/net/ipv6/raw.c
@@ -141,11 +141,12 @@ static __inline__ int icmpv6_filter(stru
*
* Caller owns SKB so we must make clones.
*/
-void ipv6_raw_deliver(struct sk_buff *skb, int nexthdr)
+int ipv6_raw_deliver(struct sk_buff *skb, int nexthdr)
{
struct in6_addr *saddr;
struct in6_addr *daddr;
struct sock *sk;
+ int delivered = 0;
__u8 hash;
saddr = skb-nh.ipv6h-saddr;
@@ -167,6 +168,7 @@ void ipv6_raw_deliver(struct sk_buff *sk
sk = __raw_v6_lookup(sk, nexthdr, daddr, saddr, skb-dev-ifindex);
while (sk) {
+ delivered = 1;
if (nexthdr != IPPROTO_ICMPV6 || !icmpv6_filter(sk, skb)) {
struct sk_buff *clone = skb_clone(skb, GFP_ATOMIC);
@@ -179,6 +181,7 @@ void ipv6_raw_deliver(struct sk_buff *sk
}
out:
read_unlock(raw_v6_lock);
+ return delivered;
}
/* This cleans up af_inet6 a bit. -DaveM */
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
[SOCK]: Rename __tcp_v4_rehash to __sk_prot_rehash
tree 2fd96c3476681cf76647592d4f162004b8c7416e
parent e6848976b721eeb5551cd94673faafeef78d9f35
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Wed, 10 Aug 2005 09:47:37
-0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:37:42 -0700
[SOCK]: Rename __tcp_v4_rehash to __sk_prot_rehash
This operation was already generic and DCCP will use it.
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/net/sock.h |9 +
net/ipv4/tcp_ipv4.c | 11 +--
2 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/include/net/sock.h b/include/net/sock.h
--- a/include/net/sock.h
+++ b/include/net/sock.h
@@ -612,6 +612,15 @@ static __inline__ void sock_prot_dec_use
prot-stats[smp_processor_id()].inuse--;
}
+/* With per-bucket locks this operation is not-atomic, so that
+ * this version is not worse.
+ */
+static inline void __sk_prot_rehash(struct sock *sk)
+{
+ sk-sk_prot-unhash(sk);
+ sk-sk_prot-hash(sk);
+}
+
/* About 10 seconds */
#define SOCK_DESTROY_TIME (10*HZ)
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c
@@ -1834,15 +1834,6 @@ do_time_wait:
goto discard_it;
}
-/* With per-bucket locks this operation is not-atomic, so that
- * this version is not worse.
- */
-static void __tcp_v4_rehash(struct sock *sk)
-{
- sk-sk_prot-unhash(sk);
- sk-sk_prot-hash(sk);
-}
-
static int tcp_v4_reselect_saddr(struct sock *sk)
{
struct inet_sock *inet = inet_sk(sk);
@@ -1889,7 +1880,7 @@ static int tcp_v4_reselect_saddr(struct
* Besides that, it does not check for connection
* uniqueness. Wait for troubles.
*/
- __tcp_v4_rehash(sk);
+ __sk_prot_rehash(sk);
return 0;
}
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
[SOCK]: Introduce sk_setup_caps
tree 152b75c0279b8f612412f24a5ab35ab6d5a208d8
parent 614c6cb4f225a7da9f13e5dd0fac3b531078eb9f
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Wed, 10 Aug 2005 09:49:02
-0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:37:48 -0700
[SOCK]: Introduce sk_setup_caps
From tcp_v4_setup_caps, that always is preceded by a call to
__sk_dst_set, so coalesce this sequence into sk_setup_caps, removing
one call to a TCP function in the IP layer.
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/net/sock.h | 10 ++
include/net/tcp.h|9 -
net/ipv4/ip_output.c |7 ++-
net/ipv4/tcp_ipv4.c | 12
net/ipv4/tcp_minisocks.c |1 +
5 files changed, 17 insertions(+), 22 deletions(-)
diff --git a/include/net/sock.h b/include/net/sock.h
--- a/include/net/sock.h
+++ b/include/net/sock.h
@@ -1025,6 +1025,16 @@ sk_dst_check(struct sock *sk, u32 cookie
return dst;
}
+static inline void sk_setup_caps(struct sock *sk, struct dst_entry *dst)
+{
+ __sk_dst_set(sk, dst);
+ sk-sk_route_caps = dst-dev-features;
+ if (sk-sk_route_caps NETIF_F_TSO) {
+ if (sock_flag(sk, SOCK_NO_LARGESEND) || dst-header_len)
+ sk-sk_route_caps = ~NETIF_F_TSO;
+ }
+}
+
static inline void sk_charge_skb(struct sock *sk, struct sk_buff *skb)
{
sk-sk_wmem_queued += skb-truesize;
diff --git a/include/net/tcp.h b/include/net/tcp.h
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -1658,15 +1658,6 @@ static inline int tcp_paws_check(const s
return 1;
}
-static inline void tcp_v4_setup_caps(struct sock *sk, struct dst_entry *dst)
-{
- sk-sk_route_caps = dst-dev-features;
- if (sk-sk_route_caps NETIF_F_TSO) {
- if (sock_flag(sk, SOCK_NO_LARGESEND) || dst-header_len)
- sk-sk_route_caps = ~NETIF_F_TSO;
- }
-}
-
#define TCP_CHECK_TIMER(sk) do { } while (0)
static inline int tcp_use_frto(const struct sock *sk)
diff --git a/net/ipv4/ip_output.c b/net/ipv4/ip_output.c
--- a/net/ipv4/ip_output.c
+++ b/net/ipv4/ip_output.c
@@ -69,13 +69,10 @@
#include net/ip.h
#include net/protocol.h
#include net/route.h
-#include net/tcp.h
-#include net/udp.h
#include linux/skbuff.h
#include net/sock.h
#include net/arp.h
#include net/icmp.h
-#include net/raw.h
#include net/checksum.h
#include net/inetpeer.h
#include net/checksum.h
@@ -84,6 +81,7 @@
#include linux/netfilter_bridge.h
#include linux/mroute.h
#include linux/netlink.h
+#include linux/tcp.h
/*
* Shall we try to damage output packets if routing dev changes?
@@ -329,8 +327,7 @@ int ip_queue_xmit(struct sk_buff *skb, i
if (ip_route_output_flow(rt, fl, sk, 0))
goto no_route;
}
- __sk_dst_set(sk, rt-u.dst);
- tcp_v4_setup_caps(sk, rt-u.dst);
+ sk_setup_caps(sk, rt-u.dst);
}
skb-dst = dst_clone(rt-u.dst);
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c
@@ -837,8 +837,7 @@ int tcp_v4_connect(struct sock *sk, stru
goto failure;
/* OK, now commit destination to socket. */
- __sk_dst_set(sk, rt-u.dst);
- tcp_v4_setup_caps(sk, rt-u.dst);
+ sk_setup_caps(sk, rt-u.dst);
if (!tp-write_seq)
tp-write_seq = secure_tcp_sequence_number(inet-saddr,
@@ -1553,8 +1552,7 @@ struct sock *tcp_v4_syn_recv_sock(struct
if (!newsk)
goto exit;
- newsk-sk_dst_cache = dst;
- tcp_v4_setup_caps(newsk, dst);
+ sk_setup_caps(newsk, dst);
newtp = tcp_sk(newsk);
newinet = inet_sk(newsk);
@@ -1855,8 +1853,7 @@ static int tcp_v4_reselect_saddr(struct
if (err)
return err;
- __sk_dst_set(sk, rt-u.dst);
- tcp_v4_setup_caps(sk, rt-u.dst);
+ sk_setup_caps(sk, rt-u.dst);
new_saddr = rt-rt_src;
@@ -1914,8 +1911,7 @@ int tcp_v4_rebuild_header(struct sock *s
err = ip_route_output_flow(rt, fl, sk, 0);
}
if (!err) {
- __sk_dst_set(sk, rt-u.dst);
- tcp_v4_setup_caps(sk, rt-u.dst);
+ sk_setup_caps(sk, rt-u.dst);
return 0;
}
diff --git a/net/ipv4/tcp_minisocks.c b/net/ipv4/tcp_minisocks.c
--- a/net/ipv4/tcp_minisocks.c
+++ b/net/ipv4/tcp_minisocks.c
@@ -711,6 +711,7 @@ struct sock *tcp_create_openreq_child(st
bh_lock_sock(newsk);
rwlock_init(newsk-sk_dst_lock);
+ newsk-sk_dst_cache = NULL;
atomic_set(newsk-sk_rmem_alloc, 0);
skb_queue_head_init(newsk-sk_receive_queue);
atomic_set(newsk-sk_wmem_alloc, 0);
-
To unsubscribe from this list: send the line
[NET]: Cleanup INET_REFCNT_DEBUG code
tree 6c78b0eb52614ff6386b603ca64091b5aefaa418
parent d13964f4490157b8a290903362bfbc54f750a6bc
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Wed, 10 Aug 2005 09:45:38
-0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:37:29 -0700
[NET]: Cleanup INET_REFCNT_DEBUG code
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/net/inet_common.h |1 -
include/net/ipv6.h|1 -
include/net/sock.h| 32 +++-
include/net/tcp.h |2 +-
net/core/sock.c |6 +-
net/ipv4/af_inet.c| 18 ++
net/ipv4/tcp.c|7 +--
net/ipv4/tcp_minisocks.c | 20
net/ipv6/af_inet6.c | 31 +++
net/ipv6/ipv6_sockglue.c | 15 ---
net/ipv6/tcp_ipv6.c | 18 +-
net/sctp/ipv6.c |5 +
net/sctp/protocol.c |4 +---
13 files changed, 86 insertions(+), 74 deletions(-)
diff --git a/include/net/inet_common.h b/include/net/inet_common.h
--- a/include/net/inet_common.h
+++ b/include/net/inet_common.h
@@ -29,7 +29,6 @@ extern unsigned int inet_poll(struct fi
extern int inet_listen(struct socket *sock, int backlog);
extern voidinet_sock_destruct(struct sock *sk);
-extern atomic_tinet_sock_nr;
extern int inet_bind(struct socket *sock,
struct sockaddr *uaddr, int addr_len);
diff --git a/include/net/ipv6.h b/include/net/ipv6.h
--- a/include/net/ipv6.h
+++ b/include/net/ipv6.h
@@ -145,7 +145,6 @@ DECLARE_SNMP_STAT(struct udp_mib, udp_st
#define UDP6_INC_STATS(field) SNMP_INC_STATS(udp_stats_in6, field)
#define UDP6_INC_STATS_BH(field) SNMP_INC_STATS_BH(udp_stats_in6, field)
#define UDP6_INC_STATS_USER(field) SNMP_INC_STATS_USER(udp_stats_in6,
field)
-extern atomic_tinet6_sock_nr;
int snmp6_register_dev(struct inet6_dev *idev);
int snmp6_unregister_dev(struct inet6_dev *idev);
diff --git a/include/net/sock.h b/include/net/sock.h
--- a/include/net/sock.h
+++ b/include/net/sock.h
@@ -491,6 +491,9 @@ extern int sk_wait_data(struct sock *sk,
struct request_sock_ops;
+/* Here is the right place to enable sock refcounting debugging */
+#define SOCK_REFCNT_DEBUG
+
/* Networking protocol blocks we attach to sockets.
* socket layer - transport layer interface
* transport - network interface is defined by struct inet_proto
@@ -561,7 +564,9 @@ struct proto {
charname[32];
struct list_headnode;
-
+#ifdef SOCK_REFCNT_DEBUG
+ atomic_tsocks;
+#endif
struct {
int inuse;
u8 __pad[SMP_CACHE_BYTES - sizeof(int)];
@@ -571,6 +576,31 @@ struct proto {
extern int proto_register(struct proto *prot, int alloc_slab);
extern void proto_unregister(struct proto *prot);
+#ifdef SOCK_REFCNT_DEBUG
+static inline void sk_refcnt_debug_inc(struct sock *sk)
+{
+ atomic_inc(sk-sk_prot-socks);
+}
+
+static inline void sk_refcnt_debug_dec(struct sock *sk)
+{
+ atomic_dec(sk-sk_prot-socks);
+ printk(KERN_DEBUG %s socket %p released, %d are still alive\n,
+ sk-sk_prot-name, sk, atomic_read(sk-sk_prot-socks));
+}
+
+static inline void sk_refcnt_debug_release(const struct sock *sk)
+{
+ if (atomic_read(sk-sk_refcnt) != 1)
+ printk(KERN_DEBUG Destruction of the %s socket %p delayed,
refcnt=%d\n,
+ sk-sk_prot-name, sk, atomic_read(sk-sk_refcnt));
+}
+#else /* SOCK_REFCNT_DEBUG */
+#define sk_refcnt_debug_inc(sk) do { } while (0)
+#define sk_refcnt_debug_dec(sk) do { } while (0)
+#define sk_refcnt_debug_release(sk) do { } while (0)
+#endif /* SOCK_REFCNT_DEBUG */
+
/* Called with local bh disabled */
static __inline__ void sock_prot_inc_use(struct proto *prot)
{
diff --git a/include/net/tcp.h b/include/net/tcp.h
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -306,7 +306,7 @@ extern kmem_cache_t *tcp_timewait_cachep
static inline void tcp_tw_put(struct tcp_tw_bucket *tw)
{
if (atomic_dec_and_test(tw-tw_refcnt)) {
-#ifdef INET_REFCNT_DEBUG
+#ifdef SOCK_REFCNT_DEBUG
printk(KERN_DEBUG tw_bucket %p released\n, tw);
#endif
kmem_cache_free(tcp_timewait_cachep, tw);
diff --git a/net/core/sock.c b/net/core/sock.c
--- a/net/core/sock.c
+++ b/net/core/sock.c
@@ -1367,11 +1367,7 @@ void sk_common_release(struct sock *sk)
xfrm_sk_free_policy(sk);
-#ifdef INET_REFCNT_DEBUG
- if (atomic_read(sk-sk_refcnt) != 1)
- printk(KERN_DEBUG Destruction of the socket %p delayed,
c=%d\n,
- sk, atomic_read(sk-sk_refcnt));
-#endif
+ sk_refcnt_debug_release(sk);
sock_put(sk);
}
diff --git
[INET]: Introduce inet_sk_rebuild_header
tree 9e3fe09e4f7468f119350d80a6ecb8d871a86dd0
parent 6cbb0df788b90777a7ed0f9d8261260353f48076
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Wed, 10 Aug 2005 09:50:02
-0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:37:55 -0700
[INET]: Introduce inet_sk_rebuild_header
From tcp_v4_rebuild_header, that already was pretty generic, I only
needed to use sk-sk_protocol instead of the hardcoded IPPROTO_TCP and
establish the requirement that INET transport layer protocols that
want to use this function map TCP_SYN_SENT to its equivalent state.
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/linux/ip.h |2
include/net/tcp.h|2
net/ipv4/af_inet.c | 113 +++
net/ipv4/ip_output.c |5 --
net/ipv4/tcp_ipv4.c | 98
net/ipv6/tcp_ipv6.c |2
6 files changed, 117 insertions(+), 105 deletions(-)
diff --git a/include/linux/ip.h b/include/linux/ip.h
--- a/include/linux/ip.h
+++ b/include/linux/ip.h
@@ -196,6 +196,8 @@ static inline void inet_sk_copy_descenda
#endif
#endif
+extern int inet_sk_rebuild_header(struct sock *sk);
+
struct iphdr {
#if defined(__LITTLE_ENDIAN_BITFIELD)
__u8ihl:4,
diff --git a/include/net/tcp.h b/include/net/tcp.h
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -799,8 +799,6 @@ extern void tcp_parse_options(struct s
* TCP v4 functions exported for the inet6 API
*/
-extern int tcp_v4_rebuild_header(struct sock *sk);
-
extern int tcp_v4_build_header(struct sock *sk,
struct sk_buff *skb);
diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c
--- a/net/ipv4/af_inet.c
+++ b/net/ipv4/af_inet.c
@@ -951,6 +951,119 @@ void inet_unregister_protosw(struct inet
}
}
+/*
+ * Shall we try to damage output packets if routing dev changes?
+ */
+
+int sysctl_ip_dynaddr;
+
+static int inet_sk_reselect_saddr(struct sock *sk)
+{
+ struct inet_sock *inet = inet_sk(sk);
+ int err;
+ struct rtable *rt;
+ __u32 old_saddr = inet-saddr;
+ __u32 new_saddr;
+ __u32 daddr = inet-daddr;
+
+ if (inet-opt inet-opt-srr)
+ daddr = inet-opt-faddr;
+
+ /* Query new route. */
+ err = ip_route_connect(rt, daddr, 0,
+ RT_CONN_FLAGS(sk),
+ sk-sk_bound_dev_if,
+ sk-sk_protocol,
+ inet-sport, inet-dport, sk);
+ if (err)
+ return err;
+
+ sk_setup_caps(sk, rt-u.dst);
+
+ new_saddr = rt-rt_src;
+
+ if (new_saddr == old_saddr)
+ return 0;
+
+ if (sysctl_ip_dynaddr 1) {
+ printk(KERN_INFO %s(): shifting inet-
+saddr from %d.%d.%d.%d to %d.%d.%d.%d\n,
+ __FUNCTION__,
+ NIPQUAD(old_saddr),
+ NIPQUAD(new_saddr));
+ }
+
+ inet-saddr = inet-rcv_saddr = new_saddr;
+
+ /*
+* XXX The only one ugly spot where we need to
+* XXX really change the sockets identity after
+* XXX it has entered the hashes. -DaveM
+*
+* Besides that, it does not check for connection
+* uniqueness. Wait for troubles.
+*/
+ __sk_prot_rehash(sk);
+ return 0;
+}
+
+int inet_sk_rebuild_header(struct sock *sk)
+{
+ struct inet_sock *inet = inet_sk(sk);
+ struct rtable *rt = (struct rtable *)__sk_dst_check(sk, 0);
+ u32 daddr;
+ int err;
+
+ /* Route is OK, nothing to do. */
+ if (rt)
+ return 0;
+
+ /* Reroute. */
+ daddr = inet-daddr;
+ if (inet-opt inet-opt-srr)
+ daddr = inet-opt-faddr;
+{
+ struct flowi fl = {
+ .oif = sk-sk_bound_dev_if,
+ .nl_u = {
+ .ip4_u = {
+ .daddr = daddr,
+ .saddr = inet-saddr,
+ .tos= RT_CONN_FLAGS(sk),
+ },
+ },
+ .proto = sk-sk_protocol,
+ .uli_u = {
+ .ports = {
+ .sport = inet-sport,
+ .dport = inet-dport,
+ },
+ },
+ };
+
+ err = ip_route_output_flow(rt, fl, sk, 0);
+}
+ if (!err)
+ sk_setup_caps(sk, rt-u.dst);
+ else {
+ /* Routing failed... */
+ sk-sk_route_caps = 0;
+ /*
+* Other protocols have to map its equivalent state to
TCP_SYN_SENT.
+* DCCP maps its DCCP_REQUESTING state
[NETFILTER]: Add refcounting and /proc/net/netfilter interface to nfnetlink_queue
tree 15f07f237723f682969fd63330097cef366e2aeb
parent 32519f11d38ea8f4f60896763bacec7db1760f9c
author Harald Welte [EMAIL PROTECTED] Wed, 10 Aug 2005 09:50:45 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:38:01 -0700
[NETFILTER]: Add refcounting and /proc/net/netfilter interface to
nfnetlink_queue
Signed-off-by: Harald Welte [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/linux/netfilter/nfnetlink_queue.h |1
net/netfilter/nfnetlink_queue.c | 248 ++
2 files changed, 221 insertions(+), 28 deletions(-)
diff --git a/include/linux/netfilter/nfnetlink_queue.h
b/include/linux/netfilter/nfnetlink_queue.h
--- a/include/linux/netfilter/nfnetlink_queue.h
+++ b/include/linux/netfilter/nfnetlink_queue.h
@@ -81,5 +81,6 @@ enum nfqnl_attr_config {
NFQA_CFG_PARAMS,/* nfqnl_msg_config_params */
__NFQA_CFG_MAX
};
+#define NFQA_CFG_MAX (__NFQA_CFG_MAX-1)
#endif /* _NFNETLINK_QUEUE_H */
diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c
--- a/net/netfilter/nfnetlink_queue.c
+++ b/net/netfilter/nfnetlink_queue.c
@@ -20,6 +20,7 @@
#include linux/notifier.h
#include linux/netdevice.h
#include linux/netfilter.h
+#include linux/proc_fs.h
#include linux/netfilter_ipv4.h
#include linux/netfilter_ipv6.h
#include linux/netfilter/nfnetlink.h
@@ -48,6 +49,7 @@ struct nfqnl_queue_entry {
struct nfqnl_instance {
struct hlist_node hlist;/* global list of queues */
+ atomic_t use;
int peer_pid;
unsigned int queue_maxlen;
@@ -105,17 +107,28 @@ __instance_lookup(u_int16_t queue_num)
}
static struct nfqnl_instance *
-instance_lookup(u_int16_t queue_num)
+instance_lookup_get(u_int16_t queue_num)
{
struct nfqnl_instance *inst;
read_lock_bh(instances_lock);
inst = __instance_lookup(queue_num);
+ if (inst)
+ atomic_inc(inst-use);
read_unlock_bh(instances_lock);
return inst;
}
+static void
+instance_put(struct nfqnl_instance *inst)
+{
+ if (inst atomic_dec_and_test(inst-use)) {
+ QDEBUG(kfree(inst=%p)\n, inst);
+ kfree(inst);
+ }
+}
+
static struct nfqnl_instance *
instance_create(u_int16_t queue_num, int pid)
{
@@ -141,6 +154,8 @@ instance_create(u_int16_t queue_num, int
inst-copy_range = 0xf;
inst-copy_mode = NFQNL_COPY_NONE;
atomic_set(inst-id_sequence, 0);
+ /* needs to be two, since we _put() after creation */
+ atomic_set(inst-use, 2);
inst-lock = SPIN_LOCK_UNLOCKED;
INIT_LIST_HEAD(inst-queue_list);
@@ -182,8 +197,8 @@ _instance_destroy2(struct nfqnl_instance
/* then flush all pending skbs from the queue */
nfqnl_flush(inst, NF_DROP);
- /* and finally free the data structure */
- kfree(inst);
+ /* and finally put the refcount */
+ instance_put(inst);
module_put(THIS_MODULE);
}
@@ -471,7 +486,7 @@ nfqnl_enqueue_packet(struct sk_buff *skb
QDEBUG(entered\n);
- queue = instance_lookup(queuenum);
+ queue = instance_lookup_get(queuenum);
if (!queue) {
QDEBUG(no queue instance matching\n);
return -EINVAL;
@@ -479,7 +494,8 @@ nfqnl_enqueue_packet(struct sk_buff *skb
if (queue-copy_mode == NFQNL_COPY_NONE) {
QDEBUG(mode COPY_NONE, aborting\n);
- return -EAGAIN;
+ status = -EAGAIN;
+ goto err_out_put;
}
entry = kmalloc(sizeof(*entry), GFP_ATOMIC);
@@ -487,7 +503,8 @@ nfqnl_enqueue_packet(struct sk_buff *skb
if (net_ratelimit())
printk(KERN_ERR
nf_queue: OOM in nfqnl_enqueue_packet()\n);
- return -ENOMEM;
+ status = -ENOMEM;
+ goto err_out_put;
}
entry-info = info;
@@ -523,6 +540,7 @@ nfqnl_enqueue_packet(struct sk_buff *skb
__enqueue_entry(queue, entry);
spin_unlock_bh(queue-lock);
+ instance_put(queue);
return status;
err_out_free_nskb:
@@ -533,6 +551,8 @@ err_out_unlock:
err_out_free:
kfree(entry);
+err_out_put:
+ instance_put(queue);
return status;
}
@@ -685,6 +705,12 @@ static struct notifier_block nfqnl_rtnl_
.notifier_call = nfqnl_rcv_nl_event,
};
+static const int nfqa_verdict_min[NFQA_MAX] = {
+ [NFQA_VERDICT_HDR-1]= sizeof(struct nfqnl_msg_verdict_hdr),
+ [NFQA_MARK-1] = sizeof(u_int32_t),
+ [NFQA_PAYLOAD-1]= 0,
+};
+
static int
nfqnl_recv_verdict(struct sock *ctnl, struct sk_buff *skb,
struct nlmsghdr *nlh, struct nfattr *nfqa[], int *errp)
@@ -696,26 +722,40 @@ nfqnl_recv_verdict(struct sock *ctnl, st
struct nfqnl_instance *queue;
unsigned int verdict;
struct
[NETFILTER]: Extend netfilter logging API
tree 55ca8bed99789cd6af07f6cc6ee99b0cf718a611
parent 838ab6364956d9bdcefe84712de1621cf20a40b3
author Harald Welte [EMAIL PROTECTED] Wed, 10 Aug 2005 09:58:27 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:38:07 -0700
[NETFILTER]: Extend netfilter logging API
This patch is in preparation to nfnetlink_log:
- loggers now have to register struct nf_logger instead of nf_logfn
- nf_log_unregister() replaced by nf_log_unregister_pf() and
nf_log_unregister_logger()
- add comment to ip[6]t_LOG.h to assure nobody redefines flags
- add /proc/net/netfilter/nf_log to tell user which logger is currently
registered for which address family
- if user has configured logging, but no logging backend (logger) is
available, always spit a message to syslog, not just the first time.
- split ip[6]t_LOG.c into two parts:
Backend: Always try to register as logger for the respective address family
Frontend: Always log via nf_log_packet() API
- modify all users of nf_log_packet() to accomodate additional argument
Signed-off-by: Harald Welte [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/linux/netfilter.h| 48 +-
include/linux/netfilter_ipv4/ipt_LOG.h |1
include/linux/netfilter_ipv6/ip6t_LOG.h |1
net/core/netfilter.c | 127 +++
net/ipv4/netfilter/ip_conntrack_proto_icmp.c |8 -
net/ipv4/netfilter/ip_conntrack_proto_tcp.c | 21 ++--
net/ipv4/netfilter/ip_conntrack_proto_udp.c |6 -
net/ipv4/netfilter/ipt_LOG.c | 86 ++
net/ipv4/netfilter/ipt_ULOG.c| 33 +--
net/ipv6/netfilter/ip6t_LOG.c| 93 +++
10 files changed, 299 insertions(+), 125 deletions(-)
diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h
--- a/include/linux/netfilter.h
+++ b/include/linux/netfilter.h
@@ -114,15 +114,51 @@ void nf_unregister_sockopt(struct nf_soc
extern struct list_head nf_hooks[NPROTO][NF_MAX_HOOKS];
-typedef void nf_logfn(unsigned int hooknum,
+/* those NF_LOG_* defines and struct nf_loginfo are legacy definitios that will
+ * disappear once iptables is replaced with pkttables. Please DO NOT use them
+ * for any new code! */
+#define NF_LOG_TCPSEQ 0x01/* Log TCP sequence numbers */
+#define NF_LOG_TCPOPT 0x02/* Log TCP options */
+#define NF_LOG_IPOPT 0x04/* Log IP options */
+#define NF_LOG_UID 0x08/* Log UID owning local socket */
+#define NF_LOG_MASK0x0f
+
+#define NF_LOG_TYPE_LOG0x01
+#define NF_LOG_TYPE_ULOG 0x02
+
+struct nf_loginfo {
+ u_int8_t type;
+ union {
+ struct {
+ u_int32_t copy_len;
+ u_int16_t group;
+ u_int16_t qthreshold;
+ } ulog;
+ struct {
+ u_int8_t level;
+ u_int8_t logflags;
+ } log;
+ } u;
+};
+
+typedef void nf_logfn(unsigned int pf,
+ unsigned int hooknum,
const struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
+ const struct nf_loginfo *li,
const char *prefix);
+struct nf_logger {
+ struct module *me;
+ nf_logfn*logfn;
+ char*name;
+};
+
/* Function to register/unregister log function. */
-int nf_log_register(int pf, nf_logfn *logfn);
-void nf_log_unregister(int pf, nf_logfn *logfn);
+int nf_log_register(int pf, struct nf_logger *logger);
+void nf_log_unregister_pf(int pf);
+void nf_log_unregister_logger(struct nf_logger *logger);
/* Calls the registered backend logging function */
void nf_log_packet(int pf,
@@ -130,6 +166,7 @@ void nf_log_packet(int pf,
const struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
+ struct nf_loginfo *li,
const char *fmt, ...);
/* Activate hook; either okfn or kfree_skb called, unless a hook
@@ -221,6 +258,11 @@ struct nf_queue_rerouter {
extern int nf_register_queue_rerouter(int pf, struct nf_queue_rerouter *rer);
extern int nf_unregister_queue_rerouter(int pf);
+#ifdef CONFIG_PROC_FS
+#include linux/proc_fs.h
+extern struct proc_dir_entry *proc_net_netfilter;
+#endif
+
#else /* !CONFIG_NETFILTER */
#define NF_HOOK(pf, hook, skb, indev, outdev, okfn) (okfn)(skb)
static inline void nf_ct_attach(struct sk_buff *new, struct sk_buff *skb) {}
diff --git a/include/linux/netfilter_ipv4/ipt_LOG.h
b/include/linux/netfilter_ipv4/ipt_LOG.h
--- a/include/linux/netfilter_ipv4/ipt_LOG.h
+++ b/include/linux/netfilter_ipv4/ipt_LOG.h
@@ -1,6 +1,7 @@
#ifndef _IPT_LOG_H
#define _IPT_LOG_H
+/* make sure
[NETFILTER]: Add new nfnetlink_log userspace packet logging facility
tree ce43bf3284ce162ccb34d4ee5a9981089df5bce0
parent 608c8e4f7b6e61cc783283e9dff8a465a5ad59bb
author Harald Welte [EMAIL PROTECTED] Wed, 10 Aug 2005 09:58:39 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:38:12 -0700
[NETFILTER]: Add new nfnetlink_log userspace packet logging facility
This is a generic (layer3 independent) version of what ipt_ULOG is already
doing for IPv4 today. ipt_ULOG, ebt_ulog and finally also ip[6]t_LOG will
be deprecated by this mechanism in the long term.
Signed-off-by: Harald Welte [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/linux/netfilter/nfnetlink_log.h | 85 ++
net/netfilter/Kconfig | 11
net/netfilter/Makefile |1
net/netfilter/nfnetlink_log.c | 995
net/netfilter/nfnetlink_queue.c |1
5 files changed, 1093 insertions(+)
diff --git a/include/linux/netfilter/nfnetlink_log.h
b/include/linux/netfilter/nfnetlink_log.h
new file mode 100644
--- /dev/null
+++ b/include/linux/netfilter/nfnetlink_log.h
@@ -0,0 +1,85 @@
+#ifndef _NFNETLINK_LOG_H
+#define _NFNETLINK_LOG_H
+
+/* This file describes the netlink messages (i.e. 'protocol packets'),
+ * and not any kind of function definitions. It is shared between kernel and
+ * userspace. Don't put kernel specific stuff in here */
+
+#include linux/netfilter/nfnetlink.h
+
+enum nfulnl_msg_types {
+ NFULNL_MSG_PACKET, /* packet from kernel to userspace */
+ NFULNL_MSG_CONFIG, /* connect to a particular queue */
+
+ NFULNL_MSG_MAX
+};
+
+struct nfulnl_msg_packet_hdr {
+ u_int16_t hw_protocol;/* hw protocol (network order) */
+ u_int8_thook; /* netfilter hook */
+ u_int8_t_pad;
+} __attribute__ ((packed));
+
+struct nfulnl_msg_packet_hw {
+ u_int16_t hw_addrlen;
+ u_int16_t _pad;
+ u_int8_thw_addr[8];
+} __attribute__ ((packed));
+
+struct nfulnl_msg_packet_timestamp {
+ u_int64_t sec;
+ u_int64_t usec;
+} __attribute__ ((packed));
+
+#define NFULNL_PREFIXLEN 30 /* just like old log target */
+
+enum nfulnl_attr_type {
+ NFULA_UNSPEC,
+ NFULA_PACKET_HDR,
+ NFULA_MARK, /* u_int32_t nfmark */
+ NFULA_TIMESTAMP,/* nfulnl_msg_packet_timestamp */
+ NFULA_IFINDEX_INDEV,/* u_int32_t ifindex */
+ NFULA_IFINDEX_OUTDEV, /* u_int32_t ifindex */
+ NFULA_HWADDR, /* nfulnl_msg_packet_hw */
+ NFULA_PAYLOAD, /* opaque data payload */
+ NFULA_PREFIX, /* string prefix */
+ NFULA_UID, /* user id of socket */
+
+ __NFULA_MAX
+};
+#define NFULA_MAX (__NFULA_MAX - 1)
+
+enum nfulnl_msg_config_cmds {
+ NFULNL_CFG_CMD_NONE,
+ NFULNL_CFG_CMD_BIND,
+ NFULNL_CFG_CMD_UNBIND,
+ NFULNL_CFG_CMD_PF_BIND,
+ NFULNL_CFG_CMD_PF_UNBIND,
+};
+
+struct nfulnl_msg_config_cmd {
+ u_int8_tcommand;/* nfulnl_msg_config_cmds */
+} __attribute__ ((packed));
+
+struct nfulnl_msg_config_mode {
+ u_int32_t copy_range;
+ u_int8_tcopy_mode;
+ u_int8_t_pad;
+} __attribute__ ((packed));
+
+enum nfulnl_attr_config {
+ NFULA_CFG_UNSPEC,
+ NFULA_CFG_CMD, /* nfulnl_msg_config_cmd */
+ NFULA_CFG_MODE, /* nfulnl_msg_config_mode */
+ NFULA_CFG_NLBUFSIZ, /* u_int32_t buffer size */
+ NFULA_CFG_TIMEOUT, /* u_int32_t in 1/100 s */
+ NFULA_CFG_QTHRESH, /* u_int32_t */
+ __NFULA_CFG_MAX
+};
+#define NFULA_CFG_MAX (__NFULA_CFG_MAX -1)
+
+#define NFULNL_COPY_NONE 0x00
+#define NFULNL_COPY_META 0x01
+#define NFULNL_COPY_PACKET 0x02
+
+#endif /* _NFNETLINK_LOG_H */
diff --git a/net/netfilter/Kconfig b/net/netfilter/Kconfig
--- a/net/netfilter/Kconfig
+++ b/net/netfilter/Kconfig
@@ -11,3 +11,14 @@ config NETFILTER_NETLINK_QUEUE
If this option isenabled, the kernel will include support
for queueing packets via NFNETLINK.
+config NETFILTER_NETLINK_LOG
+ tristate Netfilter LOG over NFNETLINK interface
+ depends on NETFILTER_NETLINK
+ help
+ If this option is enabled, the kernel will include support
+ for logging packets via NFNETLINK.
+
+ This obsoletes the existing ipt_ULOG and ebg_ulog mechanisms,
+ and is also scheduled to replace the old syslog-based ipt_LOG
+ and ip6t_LOG modules.
+
diff --git a/net/netfilter/Makefile b/net/netfilter/Makefile
--- a/net/netfilter/Makefile
+++ b/net/netfilter/Makefile
@@ -1,2 +1,3 @@
obj-$(CONFIG_NETFILTER_NETLINK) += nfnetlink.o
obj-$(CONFIG_NETFILTER_NETLINK_QUEUE) += nfnetlink_queue.o
+obj-$(CONFIG_NETFILTER_NETLINK_LOG) += nfnetlink_log.o
[INET]: Just rename the TCP hashtable functions/structs to inet_
tree 95736729a2f530204c4287a2af97ececd734
parent 304a16180fb6d2b153b45f6fbbcec1fa814496e5
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Wed, 10 Aug 2005 09:59:44
-0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:38:32 -0700
[INET]: Just rename the TCP hashtable functions/structs to inet_
This is to break down the complexity of the series of patches,
making it very clear that this one just does:
1. renames tcp_ prefixed hashtable functions and data structures that
were already mostly generic to inet_ to share it with DCCP and
other INET transport protocols.
2. Removes not used functions (__tb_head tb_head)
3. Removes some leftover prototypes in the headers (tcp_bucket_unlock
tcp_v4_build_header)
Next changesets will move tcp_sk(sk)-bind_hash to inet_sock so that we can
make functions such as tcp_inherit_port, __tcp_inherit_port, tcp_v4_get_port,
__tcp_put_port, generic and get others like tcp_destroy_sock closer to generic
(tcp_orphan_count will go to sk-sk_prot to allow this).
Eventually most of these functions will be used passing the transport protocol
inet_hashinfo structure.
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/linux/tcp.h |2
include/net/tcp.h| 93 ++---
net/ipv4/tcp.c | 15 +++---
net/ipv4/tcp_diag.c |4 -
net/ipv4/tcp_ipv4.c | 106 ---
net/ipv4/tcp_minisocks.c | 16 +++
net/ipv6/tcp_ipv6.c | 42 +-
7 files changed, 139 insertions(+), 139 deletions(-)
diff --git a/include/linux/tcp.h b/include/linux/tcp.h
--- a/include/linux/tcp.h
+++ b/include/linux/tcp.h
@@ -258,7 +258,7 @@ struct tcp_sock {
__u32 snd_sml;/* Last byte of the most recently transmitted
small packet */
__u32 rcv_tstamp; /* timestamp of last received ACK (for
keepalives) */
__u32 lsndtime; /* timestamp of last sent data packet (for
restart window) */
- struct tcp_bind_bucket *bind_hash;
+ struct inet_bind_bucket *bind_hash;
/* Delayed ACK control data */
struct {
__u8pending;/* ACK is pending */
diff --git a/include/net/tcp.h b/include/net/tcp.h
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -44,13 +44,13 @@
* New scheme, half the table is for TIME_WAIT, the other half is
* for the rest. I'll experiment with dynamic table growth later.
*/
-struct tcp_ehash_bucket {
+struct inet_ehash_bucket {
rwlock_t lock;
struct hlist_head chain;
} __attribute__((__aligned__(8)));
/* This is for listening sockets, thus all sockets which possess wildcards. */
-#define TCP_LHTABLE_SIZE 32 /* Yes, really, this is all you need. */
+#define INET_LHTABLE_SIZE 32 /* Yes, really, this is all you need. */
/* There are a few simple rules, which allow for local port reuse by
* an application. In essence:
@@ -83,31 +83,22 @@ struct tcp_ehash_bucket {
* users logged onto your box, isn't it nice to know that new data
* ports are created in O(1) time? I thought so. ;-) -DaveM
*/
-struct tcp_bind_bucket {
+struct inet_bind_bucket {
unsigned short port;
signed shortfastreuse;
struct hlist_node node;
struct hlist_head owners;
};
-#define tb_for_each(tb, node, head) hlist_for_each_entry(tb, node, head, node)
+#define inet_bind_bucket_for_each(tb, node, head) \
+ hlist_for_each_entry(tb, node, head, node)
-struct tcp_bind_hashbucket {
+struct inet_bind_hashbucket {
spinlock_t lock;
struct hlist_head chain;
};
-static inline struct tcp_bind_bucket *__tb_head(struct tcp_bind_hashbucket
*head)
-{
- return hlist_entry(head-chain.first, struct tcp_bind_bucket, node);
-}
-
-static inline struct tcp_bind_bucket *tb_head(struct tcp_bind_hashbucket *head)
-{
- return hlist_empty(head-chain) ? NULL : __tb_head(head);
-}
-
-extern struct tcp_hashinfo {
+struct inet_hashinfo {
/* This is for sockets with full identity only. Sockets here will
* always be without wildcards and will have the following invariant:
*
@@ -116,21 +107,21 @@ extern struct tcp_hashinfo {
* First half of the table is for sockets not in TIME_WAIT, second half
* is for TIME_WAIT sockets only.
*/
- struct tcp_ehash_bucket *__tcp_ehash;
+ struct inet_ehash_bucket*ehash;
/* Ok, let's try this, I give up, we do need a local binding
* TCP hash as well as the others for fast bind/connect.
*/
- struct tcp_bind_hashbucket *__tcp_bhash;
+ struct inet_bind_hashbucket *bhash;
- int __tcp_bhash_size;
- int __tcp_ehash_size;
+ int bhash_size;
+ int
[INET]: Move the TCP hashtable functions/structs to inet_hashtables.[ch]
tree 255d84f4f222161235d54f82793667509229
parent 0f7ff9274e72fd254fbd1ab117bbc1db6e7cdb34
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Wed, 10 Aug 2005 10:00:51
-0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:38:39 -0700
[INET]: Move the TCP hashtable functions/structs to inet_hashtables.[ch]
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/net/inet_common.h |5 +
include/net/inet_hashtables.h | 122 ++
include/net/tcp.h | 120 -
net/ipv4/Makefile |2
net/ipv4/inet_hashtables.c| 51 +
net/ipv4/tcp_ipv4.c | 26
6 files changed, 181 insertions(+), 145 deletions(-)
diff --git a/include/net/inet_common.h b/include/net/inet_common.h
--- a/include/net/inet_common.h
+++ b/include/net/inet_common.h
@@ -8,6 +8,11 @@ extern struct proto_opsinet_dgram_ops;
* INET4 prototypes used by INET6
*/
+struct msghdr;
+struct sock;
+struct sockaddr;
+struct socket;
+
extern voidinet_remove_sock(struct sock *sk1);
extern voidinet_put_sock(unsigned short num,
struct sock *sk);
diff --git a/include/net/inet_hashtables.h b/include/net/inet_hashtables.h
--- a/include/net/inet_hashtables.h
+++ b/include/net/inet_hashtables.h
@@ -14,8 +14,107 @@
#ifndef _INET_HASHTABLES_H
#define _INET_HASHTABLES_H
+#include linux/ip.h
+#include linux/list.h
+#include linux/slab.h
+#include linux/spinlock.h
#include linux/types.h
+/* This is for all connections with a full identity, no wildcards.
+ * New scheme, half the table is for TIME_WAIT, the other half is
+ * for the rest. I'll experiment with dynamic table growth later.
+ */
+struct inet_ehash_bucket {
+ rwlock_t lock;
+ struct hlist_head chain;
+} __attribute__((__aligned__(8)));
+
+/* There are a few simple rules, which allow for local port reuse by
+ * an application. In essence:
+ *
+ * 1) Sockets bound to different interfaces may share a local port.
+ *Failing that, goto test 2.
+ * 2) If all sockets have sk-sk_reuse set, and none of them are in
+ *TCP_LISTEN state, the port may be shared.
+ *Failing that, goto test 3.
+ * 3) If all sockets are bound to a specific inet_sk(sk)-rcv_saddr local
+ *address, and none of them are the same, the port may be
+ *shared.
+ *Failing this, the port cannot be shared.
+ *
+ * The interesting point, is test #2. This is what an FTP server does
+ * all day. To optimize this case we use a specific flag bit defined
+ * below. As we add sockets to a bind bucket list, we perform a
+ * check of: (newsk-sk_reuse (newsk-sk_state != TCP_LISTEN))
+ * As long as all sockets added to a bind bucket pass this test,
+ * the flag bit will be set.
+ * The resulting situation is that tcp_v[46]_verify_bind() can just check
+ * for this flag bit, if it is set and the socket trying to bind has
+ * sk-sk_reuse set, we don't even have to walk the owners list at all,
+ * we return that it is ok to bind this socket to the requested local port.
+ *
+ * Sounds like a lot of work, but it is worth it. In a more naive
+ * implementation (ie. current FreeBSD etc.) the entire list of ports
+ * must be walked for each data port opened by an ftp server. Needless
+ * to say, this does not scale at all. With a couple thousand FTP
+ * users logged onto your box, isn't it nice to know that new data
+ * ports are created in O(1) time? I thought so. ;-) -DaveM
+ */
+struct inet_bind_bucket {
+ unsigned short port;
+ signed shortfastreuse;
+ struct hlist_node node;
+ struct hlist_head owners;
+};
+
+#define inet_bind_bucket_for_each(tb, node, head) \
+ hlist_for_each_entry(tb, node, head, node)
+
+struct inet_bind_hashbucket {
+ spinlock_t lock;
+ struct hlist_head chain;
+};
+
+/* This is for listening sockets, thus all sockets which possess wildcards. */
+#define INET_LHTABLE_SIZE 32 /* Yes, really, this is all you need. */
+
+struct inet_hashinfo {
+ /* This is for sockets with full identity only. Sockets here will
+* always be without wildcards and will have the following invariant:
+*
+* TCP_ESTABLISHED = sk-sk_state TCP_CLOSE
+*
+* First half of the table is for sockets not in TIME_WAIT, second half
+* is for TIME_WAIT sockets only.
+*/
+ struct inet_ehash_bucket*ehash;
+
+ /* Ok, let's try this, I give up, we do need a local binding
+* TCP hash as well as the others for fast bind/connect.
+*/
+ struct inet_bind_hashbucket *bhash;
+
+ int bhash_size;
+ int
[INET]: Move bind_hash from tcp_sk to inet_sk
tree 964be5918610e6f89cc7f2fee48418979b48773b
parent 77d8bf9c6208eb535f05718168ffcc476be0ca8c
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Wed, 10 Aug 2005 10:01:14
-0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:38:48 -0700
[INET]: Move bind_hash from tcp_sk to inet_sk
This should really be in a inet_connection_sock, but I'm leaving it
for a later optimization, when some more fields common to INET
transport protocols now in tcp_sk or inet_sk will be chunked out into
inet_connection_sock, for now its better to concentrate on getting the
changes in the core merged to leave the DCCP tree with only DCCP
specific code.
Next changesets will take advantage of this move to generalise things
like tcp_bind_hash, tcp_put_port, tcp_inherit_port, making the later
receive a inet_hashinfo parameter, and even __tcp_tw_hashdance, etc in
the future, when tcp_tw_bucket gets transformed into the struct
timewait_sock hierarchy.
tcp_destroy_sock also is eligible as soon as tcp_orphan_count gets
moved to sk_prot.
A cascade of incremental changes will ultimately make the tcp_lookup
functions be fully generic.
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/linux/ip.h |2 ++
include/linux/tcp.h |1 -
include/net/tcp.h|2 +-
net/ipv4/tcp.c |4 ++--
net/ipv4/tcp_ipv4.c | 21 +++--
net/ipv4/tcp_minisocks.c | 15 ---
net/ipv6/tcp_ipv6.c |8
7 files changed, 28 insertions(+), 25 deletions(-)
diff --git a/include/linux/ip.h b/include/linux/ip.h
--- a/include/linux/ip.h
+++ b/include/linux/ip.h
@@ -128,6 +128,7 @@ static inline struct inet_request_sock *
return (struct inet_request_sock *)sk;
}
+struct inet_bind_bucket;
struct ipv6_pinfo;
struct inet_sock {
@@ -157,6 +158,7 @@ struct inet_sock {
int mc_index; /* Multicast device index */
__u32 mc_addr;
struct ip_mc_socklist *mc_list; /* Group array */
+ struct inet_bind_bucket *bind_hash;
/*
* Following members are used to retain the infomation to build
* an ip header on each ip fragmentation while the socket is corked.
diff --git a/include/linux/tcp.h b/include/linux/tcp.h
--- a/include/linux/tcp.h
+++ b/include/linux/tcp.h
@@ -258,7 +258,6 @@ struct tcp_sock {
__u32 snd_sml;/* Last byte of the most recently transmitted
small packet */
__u32 rcv_tstamp; /* timestamp of last received ACK (for
keepalives) */
__u32 lsndtime; /* timestamp of last sent data packet (for
restart window) */
- struct inet_bind_bucket *bind_hash;
/* Delayed ACK control data */
struct {
__u8pending;/* ACK is pending */
diff --git a/include/net/tcp.h b/include/net/tcp.h
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -1266,7 +1266,7 @@ static __inline__ void tcp_set_state(str
TCP_INC_STATS(TCP_MIB_ESTABRESETS);
sk-sk_prot-unhash(sk);
- if (tcp_sk(sk)-bind_hash
+ if (inet_sk(sk)-bind_hash
!(sk-sk_userlocks SOCK_BINDPORT_LOCK))
tcp_put_port(sk);
/* fall through */
diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -1575,7 +1575,7 @@ void tcp_destroy_sock(struct sock *sk)
BUG_TRAP(sk_unhashed(sk));
/* If it has not 0 inet_sk(sk)-num, it must be bound */
- BUG_TRAP(!inet_sk(sk)-num || tcp_sk(sk)-bind_hash);
+ BUG_TRAP(!inet_sk(sk)-num || inet_sk(sk)-bind_hash);
sk-sk_prot-destroy(sk);
@@ -1802,7 +1802,7 @@ int tcp_disconnect(struct sock *sk, int
tcp_sack_reset(tp-rx_opt);
__sk_dst_reset(sk);
- BUG_TRAP(!inet-num || tp-bind_hash);
+ BUG_TRAP(!inet-num || inet-bind_hash);
sk-sk_error_report(sk);
return err;
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c
@@ -113,9 +113,9 @@ static __inline__ void __tcp_inherit_por
struct inet_bind_bucket *tb;
spin_lock(head-lock);
- tb = tcp_sk(sk)-bind_hash;
+ tb = inet_sk(sk)-bind_hash;
sk_add_bind_node(child, tb-owners);
- tcp_sk(child)-bind_hash = tb;
+ inet_sk(child)-bind_hash = tb;
spin_unlock(head-lock);
}
@@ -129,9 +129,10 @@ inline void tcp_inherit_port(struct sock
void tcp_bind_hash(struct sock *sk, struct inet_bind_bucket *tb,
const unsigned short snum)
{
- inet_sk(sk)-num = snum;
+ struct inet_sock *inet = inet_sk(sk);
+ inet-num = snum;
sk_add_bind_node(sk, tb-owners);
- tcp_sk(sk)-bind_hash = tb;
+ inet-bind_hash = tb;
}
static inline int tcp_bind_conflict(struct sock *sk, struct inet_bind_bucket
*tb)
@@
[NETFILTER]: Fix multiple problems with the conntrack event cache
tree 27c2d22d98a9eed22749df1a8d32f72e1b5a2468
parent a55ebcc4c4532107ad9eee1c9bb698ab5f12c00f
author Patrick McHardy [EMAIL PROTECTED] Wed, 10 Aug 2005 10:02:13 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:38:54 -0700
[NETFILTER]: Fix multiple problems with the conntrack event cache
refcnt underflow: the reference count is decremented when a conntrack
entry is removed from the hash but it is not incremented when entering
new entries.
missing protection of process context against softirq context: all
cache operations need to locally disable softirqs to avoid races.
Additionally the event cache can't be initialized when a packet
enteres the conntrack code but needs to be initialized whenever we
cache an event and the stored conntrack entry doesn't match the
current one.
incorrect flushing of the event cache in ip_ct_iterate_cleanup:
without real locking we can't flush the cache for different CPUs
without incurring races. The cache for different CPUs can only be
flushed when no packets are going through the
code. ip_ct_iterate_cleanup doesn't need to drop all references, so
flushing is moved to the cleanup path.
Signed-off-by: Patrick McHardy [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/linux/netfilter_ipv4/ip_conntrack.h | 29 ++
include/linux/netfilter_ipv4/ip_conntrack_core.h | 14 +--
net/ipv4/netfilter/ip_conntrack_core.c | 107 ---
net/ipv4/netfilter/ip_conntrack_standalone.c |3
4 files changed, 58 insertions(+), 95 deletions(-)
diff --git a/include/linux/netfilter_ipv4/ip_conntrack.h
b/include/linux/netfilter_ipv4/ip_conntrack.h
--- a/include/linux/netfilter_ipv4/ip_conntrack.h
+++ b/include/linux/netfilter_ipv4/ip_conntrack.h
@@ -411,6 +411,7 @@ struct ip_conntrack_stat
#ifdef CONFIG_IP_NF_CONNTRACK_EVENTS
#include linux/notifier.h
+#include linux/interrupt.h
struct ip_conntrack_ecache {
struct ip_conntrack *ct;
@@ -445,26 +446,24 @@ ip_conntrack_expect_unregister_notifier(
return notifier_chain_unregister(ip_conntrack_expect_chain, nb);
}
+extern void ip_ct_deliver_cached_events(const struct ip_conntrack *ct);
+extern void __ip_ct_event_cache_init(struct ip_conntrack *ct);
+
static inline void
ip_conntrack_event_cache(enum ip_conntrack_events event,
const struct sk_buff *skb)
{
- struct ip_conntrack_ecache *ecache =
- __get_cpu_var(ip_conntrack_ecache);
-
- if (unlikely((struct ip_conntrack *) skb-nfct != ecache-ct)) {
- if (net_ratelimit()) {
- printk(KERN_ERR ctevent: skb-ct != ecache-ct !!!\n);
- dump_stack();
- }
- }
+ struct ip_conntrack *ct = (struct ip_conntrack *)skb-nfct;
+ struct ip_conntrack_ecache *ecache;
+
+ local_bh_disable();
+ ecache = __get_cpu_var(ip_conntrack_ecache);
+ if (ct != ecache-ct)
+ __ip_ct_event_cache_init(ct);
ecache-events |= event;
+ local_bh_enable();
}
-extern void
-ip_conntrack_deliver_cached_events_for(const struct ip_conntrack *ct);
-extern void ip_conntrack_event_cache_init(const struct sk_buff *skb);
-
static inline void ip_conntrack_event(enum ip_conntrack_events event,
struct ip_conntrack *ct)
{
@@ -483,9 +482,7 @@ static inline void ip_conntrack_event_ca
const struct sk_buff *skb) {}
static inline void ip_conntrack_event(enum ip_conntrack_events event,
struct ip_conntrack *ct) {}
-static inline void ip_conntrack_deliver_cached_events_for(
- struct ip_conntrack *ct) {}
-static inline void ip_conntrack_event_cache_init(const struct sk_buff *skb) {}
+static inline void ip_ct_deliver_cached_events(const struct ip_conntrack *ct)
{}
static inline void
ip_conntrack_expect_event(enum ip_conntrack_expect_events event,
struct ip_conntrack_expect *exp) {}
diff --git a/include/linux/netfilter_ipv4/ip_conntrack_core.h
b/include/linux/netfilter_ipv4/ip_conntrack_core.h
--- a/include/linux/netfilter_ipv4/ip_conntrack_core.h
+++ b/include/linux/netfilter_ipv4/ip_conntrack_core.h
@@ -44,18 +44,14 @@ static inline int ip_conntrack_confirm(s
struct ip_conntrack *ct = (struct ip_conntrack *)(*pskb)-nfct;
int ret = NF_ACCEPT;
- if (ct !is_confirmed(ct))
- ret = __ip_conntrack_confirm(pskb);
- ip_conntrack_deliver_cached_events_for(ct);
-
+ if (ct) {
+ if (!is_confirmed(ct))
+ ret = __ip_conntrack_confirm(pskb);
+ ip_ct_deliver_cached_events(ct);
+ }
return ret;
}
-#ifdef CONFIG_IP_NF_CONNTRACK_EVENTS
-struct ip_conntrack_ecache;
-extern void __ip_ct_deliver_cached_events(struct ip_conntrack_ecache
[NETFILTER]: remove bogus memset() calls from ip_conntrack_netlink.c
tree 4741237af1e0106a8b164f89c02f158247f1ebc1 parent a86888b925299330053d20e0eba03ac4d2648c4b author Pablo Neira [EMAIL PROTECTED] Wed, 10 Aug 2005 10:02:36 -0700 committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:39:00 -0700 [NETFILTER]: remove bogus memset() calls from ip_conntrack_netlink.c nfattr_parse_nested() calls nfattr_parse() which in turn does a memset on the 'tb' array. All callers therefore don't need to memset before calling it. Signed-off-by: Pablo Neira [EMAIL PROTECTED] Signed-off-by: Harald Welte [EMAIL PROTECTED] Signed-off-by: David S. Miller [EMAIL PROTECTED] net/ipv4/netfilter/ip_conntrack_netlink.c |8 1 files changed, 8 deletions(-) diff --git a/net/ipv4/netfilter/ip_conntrack_netlink.c b/net/ipv4/netfilter/ip_conntrack_netlink.c --- a/net/ipv4/netfilter/ip_conntrack_netlink.c +++ b/net/ipv4/netfilter/ip_conntrack_netlink.c @@ -479,7 +479,6 @@ ctnetlink_parse_tuple_ip(struct nfattr * DEBUGP(entered %s\n, __FUNCTION__); - memset(tb, 0, CTA_IP_MAX * sizeof(tb)); if (nfattr_parse_nested(tb, CTA_IP_MAX, attr) 0) goto nfattr_failure; @@ -522,8 +521,6 @@ ctnetlink_parse_tuple_proto(struct nfatt DEBUGP(entered %s\n, __FUNCTION__); - memset(tb, 0, CTA_PROTO_MAX * sizeof(tb)); - if (nfattr_parse_nested(tb, CTA_PROTO_MAX, attr) 0) goto nfattr_failure; @@ -556,7 +553,6 @@ ctnetlink_parse_tuple(struct nfattr *cda DEBUGP(entered %s\n, __FUNCTION__); - memset(tb, 0, CTA_TUPLE_MAX * sizeof(tb)); memset(tuple, 0, sizeof(*tuple)); if (nfattr_parse_nested(tb, CTA_TUPLE_MAX, cda[type-1]) 0) @@ -607,8 +603,6 @@ static int ctnetlink_parse_nat_proto(str DEBUGP(entered %s\n, __FUNCTION__); - memset(tb, 0, CTA_PROTONAT_MAX * sizeof(tb)); - if (nfattr_parse_nested(tb, CTA_PROTONAT_MAX, attr) 0) goto nfattr_failure; @@ -646,7 +640,6 @@ ctnetlink_parse_nat(struct nfattr *cda[] DEBUGP(entered %s\n, __FUNCTION__); - memset(tb, 0, CTA_NAT_MAX * sizeof(tb)); memset(range, 0, sizeof(*range)); if (nfattr_parse_nested(tb, CTA_NAT_MAX, cda[CTA_NAT-1]) 0) @@ -684,7 +677,6 @@ ctnetlink_parse_help(struct nfattr *attr struct nfattr *tb[CTA_HELP_MAX]; DEBUGP(entered %s\n, __FUNCTION__); - memset(tb, 0, CTA_HELP_MAX * sizeof(tb)); if (nfattr_parse_nested(tb, CTA_HELP_MAX, attr) 0) goto nfattr_failure; - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[NETFILTER]: conntrack_netlink: Fix locking during conntrack_create
tree b8f6cebd9e682882394b92e7e737436b3648e1d7
parent 94cd2b67641e7ddc2e6ed71d76e00116957423db
author Pablo Neira [EMAIL PROTECTED] Wed, 10 Aug 2005 10:02:55 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:39:05 -0700
[NETFILTER]: conntrack_netlink: Fix locking during conntrack_create
The current codepath allowed for ip_conntrack_lock to be unlock'ed twice.
Signed-off-by: Pablo Neira [EMAIL PROTECTED]
Signed-off-by: Harald Welte [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
net/ipv4/netfilter/ip_conntrack_netlink.c | 13 +++--
1 files changed, 7 insertions(+), 6 deletions(-)
diff --git a/net/ipv4/netfilter/ip_conntrack_netlink.c
b/net/ipv4/netfilter/ip_conntrack_netlink.c
--- a/net/ipv4/netfilter/ip_conntrack_netlink.c
+++ b/net/ipv4/netfilter/ip_conntrack_netlink.c
@@ -1052,13 +1052,14 @@ ctnetlink_new_conntrack(struct sock *ctn
err = -ENOENT;
if (nlh-nlmsg_flags NLM_F_CREATE)
err = ctnetlink_create_conntrack(cda, otuple, rtuple);
+ return err;
+ }
+ /* implicit 'else' */
+
+ /* we only allow nat config for new conntracks */
+ if (cda[CTA_NAT-1]) {
+ err = -EINVAL;
goto out_unlock;
- } else {
- /* we only allow nat config for new conntracks */
- if (cda[CTA_NAT-1]) {
- err = -EINVAL;
- goto out_unlock;
- }
}
/* We manipulate the conntrack inside the global conntrack table lock,
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
[NETFILTER]: fix ctnetlink 'create_expect' parsing
tree fd17d11fbbedf67f6e5edde8ce76d18a3f6230f2 parent 88aa0429048d08c18f2772782588f953bbbd79be author Harald Welte [EMAIL PROTECTED] Wed, 10 Aug 2005 10:03:22 -0700 committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:39:10 -0700 [NETFILTER]: fix ctnetlink 'create_expect' parsing There was a stupid copy+paste mistake where we parse the MASK nfattr into the tuple variable instead of the mask variable. This patch fixes it. Thanks to Pablo Neira. Signed-off-by: Harald Welte [EMAIL PROTECTED] Signed-off-by: David S. Miller [EMAIL PROTECTED] net/ipv4/netfilter/ip_conntrack_netlink.c |2 +- 1 files changed, 1 insertion(+), 1 deletion(-) diff --git a/net/ipv4/netfilter/ip_conntrack_netlink.c b/net/ipv4/netfilter/ip_conntrack_netlink.c --- a/net/ipv4/netfilter/ip_conntrack_netlink.c +++ b/net/ipv4/netfilter/ip_conntrack_netlink.c @@ -1388,7 +1388,7 @@ ctnetlink_create_expect(struct nfattr *c err = ctnetlink_parse_tuple(cda, tuple, CTA_EXPECT_TUPLE); if (err 0) return err; - err = ctnetlink_parse_tuple(cda, tuple, CTA_EXPECT_MASK); + err = ctnetlink_parse_tuple(cda, mask, CTA_EXPECT_MASK); if (err 0) return err; - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[NETFILTER]: attribute count is an attribute of message type, not subsytem
tree a5bc50c92c1627e373e3cf9efbaec5c1d3f1b2b7
parent bd9a26b7f2ee7567571bb5b7acc1a256c544a0dd
author Harald Welte [EMAIL PROTECTED] Wed, 10 Aug 2005 10:03:40 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:39:14 -0700
[NETFILTER]: attribute count is an attribute of message type, not subsytem
Prior to this patch, every nfnetlink subsystem had to specify it's
attribute count. However, in reality the attribute count depends on
the message type within the subsystem, not the subsystem itself. This
patch moves 'attr_count' from 'struct nfnetlink_subsys' into
nfnl_callback to fix this.
Signed-off-by: Harald Welte [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/linux/netfilter/nfnetlink.h |4 ++--
net/ipv4/netfilter/ip_conntrack_netlink.c |9 +++--
net/netfilter/nfnetlink.c | 20
net/netfilter/nfnetlink_log.c |5 +++--
net/netfilter/nfnetlink_queue.c |4 +++-
5 files changed, 31 insertions(+), 11 deletions(-)
diff --git a/include/linux/netfilter/nfnetlink.h
b/include/linux/netfilter/nfnetlink.h
--- a/include/linux/netfilter/nfnetlink.h
+++ b/include/linux/netfilter/nfnetlink.h
@@ -85,9 +85,10 @@ struct nfgenmsg {
struct nfnl_callback
{
- kernel_cap_t cap_required; /* capabilities required for this msg */
int (*call)(struct sock *nl, struct sk_buff *skb,
struct nlmsghdr *nlh, struct nfattr *cda[], int *errp);
+ kernel_cap_t cap_required; /* capabilities required for this msg */
+ u_int16_t attr_count; /* number of nfattr's */
};
struct nfnetlink_subsystem
@@ -95,7 +96,6 @@ struct nfnetlink_subsystem
const char *name;
__u8 subsys_id; /* nfnetlink subsystem ID */
__u8 cb_count; /* number of callbacks */
- u_int32_t attr_count; /* number of nfattr's */
struct nfnl_callback *cb; /* callback for individual types */
};
diff --git a/net/ipv4/netfilter/ip_conntrack_netlink.c
b/net/ipv4/netfilter/ip_conntrack_netlink.c
--- a/net/ipv4/netfilter/ip_conntrack_netlink.c
+++ b/net/ipv4/netfilter/ip_conntrack_netlink.c
@@ -1484,21 +1484,28 @@ static struct notifier_block ctnl_notifi
static struct nfnl_callback ctnl_cb[IPCTNL_MSG_MAX] = {
[IPCTNL_MSG_CT_NEW] = { .call = ctnetlink_new_conntrack,
+ .attr_count = CTA_MAX,
.cap_required = CAP_NET_ADMIN },
[IPCTNL_MSG_CT_GET] = { .call = ctnetlink_get_conntrack,
+ .attr_count = CTA_MAX,
.cap_required = CAP_NET_ADMIN },
[IPCTNL_MSG_CT_DELETE] = { .call = ctnetlink_del_conntrack,
+ .attr_count = CTA_MAX,
.cap_required = CAP_NET_ADMIN },
[IPCTNL_MSG_CT_GET_CTRZERO] = { .call = ctnetlink_get_conntrack,
+ .attr_count = CTA_MAX,
.cap_required = CAP_NET_ADMIN },
};
static struct nfnl_callback ctnl_exp_cb[IPCTNL_MSG_MAX] = {
[IPCTNL_MSG_EXP_GET]= { .call = ctnetlink_get_expect,
+ .attr_count = CTA_EXPECT_MAX,
.cap_required = CAP_NET_ADMIN },
[IPCTNL_MSG_EXP_NEW]= { .call = ctnetlink_new_expect,
+ .attr_count = CTA_EXPECT_MAX,
.cap_required = CAP_NET_ADMIN },
[IPCTNL_MSG_EXP_DELETE] = { .call = ctnetlink_del_expect,
+ .attr_count = CTA_EXPECT_MAX,
.cap_required = CAP_NET_ADMIN },
};
@@ -1506,7 +1513,6 @@ static struct nfnetlink_subsystem ctnl_s
.name = conntrack,
.subsys_id = NFNL_SUBSYS_CTNETLINK,
.cb_count = IPCTNL_MSG_MAX,
- .attr_count = CTA_MAX,
.cb = ctnl_cb,
};
@@ -1514,7 +1520,6 @@ static struct nfnetlink_subsystem ctnl_e
.name = conntrack_expect,
.subsys_id = NFNL_SUBSYS_CTNETLINK_EXP,
.cb_count = IPCTNL_MSG_EXP_MAX,
- .attr_count = CTA_MAX,
.cb = ctnl_exp_cb,
};
diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c
--- a/net/netfilter/nfnetlink.c
+++ b/net/netfilter/nfnetlink.c
@@ -155,8 +155,18 @@ nfnetlink_check_attributes(struct nfnetl
struct nlmsghdr *nlh, struct nfattr *cda[])
{
int min_len;
+ u_int16_t attr_count;
+ u_int8_t cb_id
[NETFILTER]: ctnetlink: make sure event order is correct
tree 1f480a6f147ace8c4fbaad5e94bca88152bba30d
parent 1444fc559b01aa5d4fedf4ee4f306a9e9cd56f95
author Pablo Neira Ayuso [EMAIL PROTECTED] Wed, 10 Aug 2005 10:05:52 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:40:13 -0700
[NETFILTER]: ctnetlink: make sure event order is correct
The following sequence is displayed during events dumping of an ICMP
connection: [NEW] [DESTROY] [UPDATE]
This happens because the event IPCT_DESTROY is delivered in
death_by_timeout(), that is called from the icmp protocol helper
(ct-timeout.function) once we see the reply.
To fix this, we move this event to destroy_conntrack().
Signed-off-by: Pablo Neira Ayuso [EMAIL PROTECTED]
Signed-off-by: Harald Welte [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
net/ipv4/netfilter/ip_conntrack_core.c |2 +-
1 files changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/ipv4/netfilter/ip_conntrack_core.c
b/net/ipv4/netfilter/ip_conntrack_core.c
--- a/net/ipv4/netfilter/ip_conntrack_core.c
+++ b/net/ipv4/netfilter/ip_conntrack_core.c
@@ -316,6 +316,7 @@ destroy_conntrack(struct nf_conntrack *n
IP_NF_ASSERT(atomic_read(nfct-use) == 0);
IP_NF_ASSERT(!timer_pending(ct-timeout));
+ ip_conntrack_event(IPCT_DESTROY, ct);
set_bit(IPS_DYING_BIT, ct-status);
/* To make sure we don't get any weird locking issues here:
@@ -355,7 +356,6 @@ static void death_by_timeout(unsigned lo
{
struct ip_conntrack *ct = (void *)ul_conntrack;
- ip_conntrack_event(IPCT_DESTROY, ct);
write_lock_bh(ip_conntrack_lock);
/* Inside lock so preempt is disabled on module removal path.
* Otherwise we can get spurious warnings. */
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
[NETFILTER]: cleanup nfnetlink_check_attributes()
tree 9f90bd210ca9d0d57bbdcd54beca2bc39c23c05d
parent 927ccbcc28dceee29dad876982768cca29738564
author Harald Welte [EMAIL PROTECTED] Wed, 10 Aug 2005 10:03:54 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:40:06 -0700
[NETFILTER]: cleanup nfnetlink_check_attributes()
1) memset return parameter 'cda' (nfattr pointer array) only on success
2) a message without attributes and just a 'struct nfgenmsg' is valid,
don't return -EINVAL
3) use likely() and unlikely() where apropriate
Signed-off-by: Harald Welte [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
net/netfilter/nfnetlink.c | 19 ++-
1 files changed, 10 insertions(+), 9 deletions(-)
diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c
--- a/net/netfilter/nfnetlink.c
+++ b/net/netfilter/nfnetlink.c
@@ -163,17 +163,16 @@ nfnetlink_check_attributes(struct nfnetl
cb_id, subsys-cb_count);
return -EINVAL;
}
-
- attr_count = subsys-cb[cb_id].attr_count;
-
- memset(cda, 0, sizeof(struct nfattr *) * attr_count);
- /* check attribute lengths. */
min_len = NLMSG_ALIGN(sizeof(struct nfgenmsg));
- if (nlh-nlmsg_len min_len)
+ if (unlikely(nlh-nlmsg_len min_len))
return -EINVAL;
- if (nlh-nlmsg_len min_len) {
+ attr_count = subsys-cb[cb_id].attr_count;
+ memset(cda, 0, sizeof(struct nfattr *) * attr_count);
+
+ /* check attribute lengths. */
+ if (likely(nlh-nlmsg_len min_len)) {
struct nfattr *attr = NFM_NFA(NLMSG_DATA(nlh));
int attrlen = nlh-nlmsg_len - NLMSG_ALIGN(min_len);
@@ -186,8 +185,10 @@ nfnetlink_check_attributes(struct nfnetl
}
attr = NFA_NEXT(attr, attrlen);
}
- } else
- return -EINVAL;
+ }
+
+ /* implicit: if nlmsg_len == min_len, we return 0, and an empty
+* (zeroed) cda[] array. The message is valid, but empty. */
return 0;
}
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
[NETFILTER]: don't use nested attributes for conntrack_expect
tree 03ce8666d82f7c41e2a7410b889fd6b5a4a60c5a
parent a42827b71b87fc9816d2f58626e825b0eb500efe
author Harald Welte [EMAIL PROTECTED] Wed, 10 Aug 2005 10:04:07 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:40:09 -0700
[NETFILTER]: don't use nested attributes for conntrack_expect
We used to use nested nfattr structures for ip_conntrack_expect. This is
bogus, since ip_conntrack and ip_conntrack_expect are communicated in
different netlink message types. both should be encoded at the top level
attributes, no extra nesting required. This patch addresses the issue.
Signed-off-by: Harald Welte [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/linux/netfilter/nfnetlink_conntrack.h |3
net/ipv4/netfilter/ip_conntrack_netlink.c | 85 +++---
2 files changed, 41 insertions(+), 47 deletions(-)
diff --git a/include/linux/netfilter/nfnetlink_conntrack.h
b/include/linux/netfilter/nfnetlink_conntrack.h
--- a/include/linux/netfilter/nfnetlink_conntrack.h
+++ b/include/linux/netfilter/nfnetlink_conntrack.h
@@ -33,7 +33,6 @@ enum ctattr_type {
CTA_COUNTERS_ORIG,
CTA_COUNTERS_REPLY,
CTA_USE,
- CTA_EXPECT,
CTA_ID,
__CTA_MAX
};
@@ -103,10 +102,12 @@ enum ctattr_protonat {
enum ctattr_expect {
CTA_EXPECT_UNSPEC,
+ CTA_EXPECT_MASTER,
CTA_EXPECT_TUPLE,
CTA_EXPECT_MASK,
CTA_EXPECT_TIMEOUT,
CTA_EXPECT_ID,
+ CTA_EXPECT_HELP_NAME,
__CTA_EXPECT_MAX
};
#define CTA_EXPECT_MAX (__CTA_EXPECT_MAX - 1)
diff --git a/net/ipv4/netfilter/ip_conntrack_netlink.c
b/net/ipv4/netfilter/ip_conntrack_netlink.c
--- a/net/ipv4/netfilter/ip_conntrack_netlink.c
+++ b/net/ipv4/netfilter/ip_conntrack_netlink.c
@@ -1100,18 +1100,21 @@ static inline int
ctnetlink_exp_dump_expect(struct sk_buff *skb,
const struct ip_conntrack_expect *exp)
{
+ struct ip_conntrack *master = exp-master;
u_int32_t timeout = htonl((exp-timeout.expires - jiffies) / HZ);
u_int32_t id = htonl(exp-id);
- struct nfattr *nest_parms = NFA_NEST(skb, CTA_EXPECT);
if (ctnetlink_exp_dump_tuple(skb, exp-tuple, CTA_EXPECT_TUPLE) 0)
goto nfattr_failure;
if (ctnetlink_exp_dump_tuple(skb, exp-mask, CTA_EXPECT_MASK) 0)
goto nfattr_failure;
+ if (ctnetlink_exp_dump_tuple(skb,
+master-tuplehash[IP_CT_DIR_ORIGINAL].tuple,
+CTA_EXPECT_MASTER) 0)
+ goto nfattr_failure;
NFA_PUT(skb, CTA_EXPECT_TIMEOUT, sizeof(timeout), timeout);
NFA_PUT(skb, CTA_EXPECT_ID, sizeof(u_int32_t), id);
- NFA_NEST_END(skb, nest_parms);
return 0;
@@ -1259,10 +1262,8 @@ ctnetlink_get_expect(struct sock *ctnl,
return 0;
}
- if (cda[CTA_TUPLE_ORIG-1])
- err = ctnetlink_parse_tuple(cda, tuple, CTA_TUPLE_ORIG);
- else if (cda[CTA_TUPLE_REPLY-1])
- err = ctnetlink_parse_tuple(cda, tuple, CTA_TUPLE_REPLY);
+ if (cda[CTA_EXPECT_MASTER-1])
+ err = ctnetlink_parse_tuple(cda, tuple, CTA_EXPECT_MASTER);
else
return -EINVAL;
@@ -1310,13 +1311,33 @@ ctnetlink_del_expect(struct sock *ctnl,
struct ip_conntrack_helper *h;
int err;
- /* delete by tuple needs either orig or reply tuple */
- if (cda[CTA_TUPLE_ORIG-1])
- err = ctnetlink_parse_tuple(cda, tuple, CTA_TUPLE_ORIG);
- else if (cda[CTA_TUPLE_REPLY-1])
- err = ctnetlink_parse_tuple(cda, tuple, CTA_TUPLE_REPLY);
- else if (cda[CTA_HELP_NAME-1]) {
- char *name = NFA_DATA(cda[CTA_HELP_NAME-1]);
+ if (cda[CTA_EXPECT_TUPLE-1]) {
+ /* delete a single expect by tuple */
+ err = ctnetlink_parse_tuple(cda, tuple, CTA_EXPECT_TUPLE);
+ if (err 0)
+ return err;
+
+ /* bump usage count to 2 */
+ exp = ip_conntrack_expect_find_get(tuple);
+ if (!exp)
+ return -ENOENT;
+
+ if (cda[CTA_EXPECT_ID-1]) {
+ u_int32_t id =
+ *(u_int32_t *)NFA_DATA(cda[CTA_EXPECT_ID-1]);
+ if (exp-id != ntohl(id)) {
+ ip_conntrack_expect_put(exp);
+ return -ENOENT;
+ }
+ }
+
+ /* after list removal, usage count == 1 */
+ ip_conntrack_unexpect_related(exp);
+ /* have to put what we 'get' above.
+* after this line usage count == 0 */
+ ip_conntrack_expect_put(exp);
+ } else if (cda[CTA_EXPECT_HELP_NAME-1]) {
+ char *name = NFA_DATA(cda[CTA_EXPECT_HELP_NAME-1]);
/* delete all
[NETFILTER]: fix conntrack refcount leak in unlink_expect()
tree 018066c05be0924990ed9a79ccef0ab553f6b710 parent 14a50bbaa51202b676a95e9b41bc5ed6c77aa9cc author Pablo Neira Ayuso [EMAIL PROTECTED] Wed, 10 Aug 2005 10:06:11 -0700 committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:40:17 -0700 [NETFILTER]: fix conntrack refcount leak in unlink_expect() In unlink_expect(), the expectation is removed from the list so the refcount must be dropped as well. Signed-off-by: Pablo Neira Ayuso [EMAIL PROTECTED] Signed-off-by: Harald Welte [EMAIL PROTECTED] Signed-off-by: David S. Miller [EMAIL PROTECTED] net/ipv4/netfilter/ip_conntrack_core.c |1 + 1 files changed, 1 insertion(+) diff --git a/net/ipv4/netfilter/ip_conntrack_core.c b/net/ipv4/netfilter/ip_conntrack_core.c --- a/net/ipv4/netfilter/ip_conntrack_core.c +++ b/net/ipv4/netfilter/ip_conntrack_core.c @@ -204,6 +204,7 @@ static void unlink_expect(struct ip_conn list_del(exp-list); CONNTRACK_STAT_INC(expect_delete); exp-master-expecting--; + ip_conntrack_expect_put(exp); } void __ip_ct_expect_unlink_destroy(struct ip_conntrack_expect *exp) - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[NETFILTER]: Fix typo in ctnl_exp_cb array (no bug, just memory waste)
tree 368bde8bbf20f61b72d0b9d3433c2ade0815207f
parent 37012f7fd326eb3c959428a4fe7e203e6304fe43
author Pablo Neira Ayuso [EMAIL PROTECTED] Wed, 10 Aug 2005 10:06:27 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:40:21 -0700
[NETFILTER]: Fix typo in ctnl_exp_cb array (no bug, just memory waste)
This fixes the size of the ctnl_exp_cb array that is IPCTNL_MSG_EXP_MAX
instead of IPCTNL_MSG_MAX. Simple typo.
Signed-off-by: Pablo Neira Ayuso [EMAIL PROTECTED]
Signed-off-by: Harald Welte [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
net/ipv4/netfilter/ip_conntrack_netlink.c |2 +-
1 files changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/ipv4/netfilter/ip_conntrack_netlink.c
b/net/ipv4/netfilter/ip_conntrack_netlink.c
--- a/net/ipv4/netfilter/ip_conntrack_netlink.c
+++ b/net/ipv4/netfilter/ip_conntrack_netlink.c
@@ -1490,7 +1490,7 @@ static struct nfnl_callback ctnl_cb[IPCT
.cap_required = CAP_NET_ADMIN },
};
-static struct nfnl_callback ctnl_exp_cb[IPCTNL_MSG_MAX] = {
+static struct nfnl_callback ctnl_exp_cb[IPCTNL_MSG_EXP_MAX] = {
[IPCTNL_MSG_EXP_GET]= { .call = ctnetlink_get_expect,
.attr_count = CTA_EXPECT_MAX,
.cap_required = CAP_NET_ADMIN },
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
[INET]: Move tcp_port_rover to inet_hashinfo
tree 004157924013e6c099cacac59f39d3dd61f3e0e5
parent 2d8c4ce51903636ce0f60addc8134aa50ab8fa76
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Wed, 10 Aug 2005 10:07:35
-0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:41:44 -0700
[INET]: Move tcp_port_rover to inet_hashinfo
Also expose all of the tcp_hashinfo members, i.e. killing those
tcp_ehash, etc macros, this will more clearly expose already generic
functions and some that need just a bit of work to become generic, as
we'll see in the upcoming changesets.
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/net/inet_hashtables.h |1
include/net/sock.h|2
include/net/tcp.h | 26 ++
net/ipv4/tcp.c| 42 -
net/ipv4/tcp_diag.c |8 +--
net/ipv4/tcp_ipv4.c | 101 --
net/ipv4/tcp_minisocks.c | 15 ++
net/ipv6/tcp_ipv6.c | 51 +++--
8 files changed, 118 insertions(+), 128 deletions(-)
diff --git a/include/net/inet_hashtables.h b/include/net/inet_hashtables.h
--- a/include/net/inet_hashtables.h
+++ b/include/net/inet_hashtables.h
@@ -117,6 +117,7 @@ struct inet_hashinfo {
wait_queue_head_t lhash_wait;
spinlock_t portalloc_lock;
kmem_cache_t*bind_bucket_cachep;
+ int port_rover;
};
static inline int inet_ehashfn(const __u32 laddr, const __u16 lport,
diff --git a/include/net/sock.h b/include/net/sock.h
--- a/include/net/sock.h
+++ b/include/net/sock.h
@@ -136,7 +136,7 @@ struct sock_common {
*@sk_no_check: %SO_NO_CHECK setting, wether or not checkup packets
*@sk_route_caps: route capabilities (e.g. %NETIF_F_TSO)
*@sk_lingertime: %SO_LINGER l_linger setting
- *@sk_hashent: hash entry in several tables (e.g. tcp_ehash)
+ *@sk_hashent: hash entry in several tables (e.g. inet_hashinfo.ehash)
*@sk_backlog: always used with the per-socket spinlock held
*@sk_callback_lock: used with the callbacks in the end of this struct
*@sk_error_queue: rarely used
diff --git a/include/net/tcp.h b/include/net/tcp.h
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -41,19 +41,7 @@
#endif
#include linux/seq_file.h
-extern struct inet_hashinfotcp_hashinfo;
-#define tcp_ehash (tcp_hashinfo.ehash)
-#define tcp_bhash (tcp_hashinfo.bhash)
-#define tcp_ehash_size (tcp_hashinfo.ehash_size)
-#define tcp_bhash_size (tcp_hashinfo.bhash_size)
-#define tcp_listening_hash (tcp_hashinfo.listening_hash)
-#define tcp_lhash_lock (tcp_hashinfo.lhash_lock)
-#define tcp_lhash_users(tcp_hashinfo.lhash_users)
-#define tcp_lhash_wait (tcp_hashinfo.lhash_wait)
-#define tcp_portalloc_lock (tcp_hashinfo.portalloc_lock)
-#define tcp_bucket_cachep (tcp_hashinfo.bind_bucket_cachep)
-
-extern int tcp_port_rover;
+extern struct inet_hashinfo tcp_hashinfo;
#if (BITS_PER_LONG == 64)
#define TCP_ADDRCMP_ALIGN_BYTES 8
@@ -1463,21 +1451,21 @@ extern void tcp_listen_wlock(void);
/* - We may sleep inside this lock.
* - If sleeping is not required (or called from BH),
- * use plain read_(un)lock(tcp_lhash_lock).
+ * use plain read_(un)lock(inet_hashinfo.lhash_lock).
*/
static inline void tcp_listen_lock(void)
{
/* read_lock synchronizes to candidates to writers */
- read_lock(tcp_lhash_lock);
- atomic_inc(tcp_lhash_users);
- read_unlock(tcp_lhash_lock);
+ read_lock(tcp_hashinfo.lhash_lock);
+ atomic_inc(tcp_hashinfo.lhash_users);
+ read_unlock(tcp_hashinfo.lhash_lock);
}
static inline void tcp_listen_unlock(void)
{
- if (atomic_dec_and_test(tcp_lhash_users))
- wake_up(tcp_lhash_wait);
+ if (atomic_dec_and_test(tcp_hashinfo.lhash_users))
+ wake_up(tcp_hashinfo.lhash_wait);
}
static inline int keepalive_intvl_when(const struct tcp_sock *tp)
diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -2257,11 +2257,11 @@ void __init tcp_init(void)
__skb_cb_too_small_for_tcp(sizeof(struct tcp_skb_cb),
sizeof(skb-cb));
- tcp_bucket_cachep = kmem_cache_create(tcp_bind_bucket,
- sizeof(struct inet_bind_bucket),
- 0, SLAB_HWCACHE_ALIGN,
- NULL, NULL);
- if (!tcp_bucket_cachep)
+ tcp_hashinfo.bind_bucket_cachep =
+ kmem_cache_create(tcp_bind_bucket,
+ sizeof(struct inet_bind_bucket), 0,
+ SLAB_HWCACHE_ALIGN, NULL, NULL);
+ if (!tcp_hashinfo.bind_bucket_cachep)
[INET]: Generalise tcp_v4_hash tcp_unhash
tree ba1188f1b38f5b608756d94395c919ab5f7b8b3c
parent c752f0739f09b803aed191c4765a3b6650a08653
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Wed, 10 Aug 2005 10:08:50
-0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:42:02 -0700
[INET]: Generalise tcp_v4_hash tcp_unhash
It really just makes the existing code be a helper function that
tcp_v4_hash and tcp_unhash uses, specifying the right inet_hashinfo,
tcp_hashinfo.
One thing I'll investigate at some point is to have the inet_hashinfo
pointer in sk_prot, so that we get all the hashtable information from
the sk pointer, this can lead to some extra indirections that may well
hurt performance/code size, we'll see. Ultimate idea would be that
sk_prot would provide _all_ the information about a protocol
implementation.
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/net/inet_hashtables.h | 34 ++
net/ipv4/tcp_ipv4.c | 29 ++---
2 files changed, 36 insertions(+), 27 deletions(-)
diff --git a/include/net/inet_hashtables.h b/include/net/inet_hashtables.h
--- a/include/net/inet_hashtables.h
+++ b/include/net/inet_hashtables.h
@@ -240,4 +240,38 @@ static inline void __inet_hash(struct in
if (listen_possible sk-sk_state == TCP_LISTEN)
wake_up(hashinfo-lhash_wait);
}
+
+static inline void inet_hash(struct inet_hashinfo *hashinfo, struct sock *sk)
+{
+ if (sk-sk_state != TCP_CLOSE) {
+ local_bh_disable();
+ __inet_hash(hashinfo, sk, 1);
+ local_bh_enable();
+ }
+}
+
+static inline void inet_unhash(struct inet_hashinfo *hashinfo, struct sock *sk)
+{
+ rwlock_t *lock;
+
+ if (sk_unhashed(sk))
+ goto out;
+
+ if (sk-sk_state == TCP_LISTEN) {
+ local_bh_disable();
+ inet_listen_wlock(hashinfo);
+ lock = hashinfo-lhash_lock;
+ } else {
+ struct inet_ehash_bucket *head =
hashinfo-ehash[sk-sk_hashent];
+ lock = head-lock;
+ write_lock_bh(head-lock);
+ }
+
+ if (__sk_del_node_init(sk))
+ sock_prot_dec_use(sk-sk_prot);
+ write_unlock_bh(lock);
+out:
+ if (sk-sk_state == TCP_LISTEN)
+ wake_up(hashinfo-lhash_wait);
+}
#endif /* _INET_HASHTABLES_H */
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c
@@ -230,37 +230,12 @@ fail:
static void tcp_v4_hash(struct sock *sk)
{
- if (sk-sk_state != TCP_CLOSE) {
- local_bh_disable();
- __inet_hash(tcp_hashinfo, sk, 1);
- local_bh_enable();
- }
+ inet_hash(tcp_hashinfo, sk);
}
void tcp_unhash(struct sock *sk)
{
- rwlock_t *lock;
-
- if (sk_unhashed(sk))
- goto ende;
-
- if (sk-sk_state == TCP_LISTEN) {
- local_bh_disable();
- inet_listen_wlock(tcp_hashinfo);
- lock = tcp_hashinfo.lhash_lock;
- } else {
- struct inet_ehash_bucket *head =
tcp_hashinfo.ehash[sk-sk_hashent];
- lock = head-lock;
- write_lock_bh(head-lock);
- }
-
- if (__sk_del_node_init(sk))
- sock_prot_dec_use(sk-sk_prot);
- write_unlock_bh(lock);
-
- ende:
- if (sk-sk_state == TCP_LISTEN)
- wake_up(tcp_hashinfo.lhash_wait);
+ inet_unhash(tcp_hashinfo, sk);
}
/* Don't inline this cruft. Here are some nice properties to
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
[INET]: Generalise tcp_v4_lookup_listener
tree 502ba8c1c445d0b0f4c19d1aa3b86b01ea88478d
parent 81849d106b1fb97f8e2d311c0c4d36347def55b8
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Wed, 10 Aug 2005 10:09:06
-0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:42:08 -0700
[INET]: Generalise tcp_v4_lookup_listener
[EMAIL PROTECTED] net-2.6.14]$ grep built-in /tmp/before /tmp/after
/tmp/before: 282560 131229312 304994 4a762 net/ipv4/built-in.o
/tmp/after: 282560 131229312 304994 4a762 net/ipv4/built-in.o
Will be used in DCCP, not exporting it right now not to get in Adrian
Bunk's exported-but-not-used-on-modules radar 8)
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/net/inet_hashtables.h | 36 ++
net/ipv4/inet_hashtables.c| 41 +
net/ipv4/tcp_ipv4.c | 81 ++
3 files changed, 82 insertions(+), 76 deletions(-)
diff --git a/include/net/inet_hashtables.h b/include/net/inet_hashtables.h
--- a/include/net/inet_hashtables.h
+++ b/include/net/inet_hashtables.h
@@ -16,8 +16,10 @@
#include linux/interrupt.h
#include linux/ip.h
+#include linux/ipv6.h
#include linux/list.h
#include linux/slab.h
+#include linux/socket.h
#include linux/spinlock.h
#include linux/types.h
#include linux/wait.h
@@ -274,4 +276,38 @@ out:
if (sk-sk_state == TCP_LISTEN)
wake_up(hashinfo-lhash_wait);
}
+
+extern struct sock *__inet_lookup_listener(const struct hlist_head *head,
+ const u32 daddr,
+ const unsigned short hnum,
+ const int dif);
+
+/* Optimize the common listener case. */
+static inline struct sock *inet_lookup_listener(struct inet_hashinfo *hashinfo,
+ const u32 daddr,
+ const unsigned short hnum,
+ const int dif)
+{
+ struct sock *sk = NULL;
+ struct hlist_head *head;
+
+ read_lock(hashinfo-lhash_lock);
+ head = hashinfo-listening_hash[inet_lhashfn(hnum)];
+ if (!hlist_empty(head)) {
+ const struct inet_sock *inet = inet_sk((sk = __sk_head(head)));
+
+ if (inet-num == hnum !sk-sk_node.next
+ (!inet-rcv_saddr || inet-rcv_saddr == daddr)
+ (sk-sk_family == PF_INET || !ipv6_only_sock(sk))
+ !sk-sk_bound_dev_if)
+ goto sherry_cache;
+ sk = __inet_lookup_listener(head, daddr, hnum, dif);
+ }
+ if (sk) {
+sherry_cache:
+ sock_hold(sk);
+ }
+ read_unlock(hashinfo-lhash_lock);
+ return sk;
+}
#endif /* _INET_HASHTABLES_H */
diff --git a/net/ipv4/inet_hashtables.c b/net/ipv4/inet_hashtables.c
--- a/net/ipv4/inet_hashtables.c
+++ b/net/ipv4/inet_hashtables.c
@@ -121,3 +121,44 @@ void inet_listen_wlock(struct inet_hashi
}
EXPORT_SYMBOL(inet_listen_wlock);
+
+/*
+ * Don't inline this cruft. Here are some nice properties to exploit here. The
+ * BSD API does not allow a listening sock to specify the remote port nor the
+ * remote address for the connection. So always assume those are both
+ * wildcarded during the search since they can never be otherwise.
+ */
+struct sock *__inet_lookup_listener(const struct hlist_head *head, const u32
daddr,
+ const unsigned short hnum, const int dif)
+{
+ struct sock *result = NULL, *sk;
+ const struct hlist_node *node;
+ int hiscore = -1;
+
+ sk_for_each(sk, node, head) {
+ const struct inet_sock *inet = inet_sk(sk);
+
+ if (inet-num == hnum !ipv6_only_sock(sk)) {
+ const __u32 rcv_saddr = inet-rcv_saddr;
+ int score = sk-sk_family == PF_INET ? 1 : 0;
+
+ if (rcv_saddr) {
+ if (rcv_saddr != daddr)
+ continue;
+ score += 2;
+ }
+ if (sk-sk_bound_dev_if) {
+ if (sk-sk_bound_dev_if != dif)
+ continue;
+ score += 2;
+ }
+ if (score == 5)
+ return sk;
+ if (score hiscore) {
+ hiscore = score;
+ result = sk;
+ }
+ }
+ }
+ return result;
+}
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c
@@ -238,78 +238,6 @@ void tcp_unhash(struct sock *sk)
inet_unhash(tcp_hashinfo, sk);
}
-/* Don't inline
[INET_TWSK]: Introduce inet_twsk_alloc
tree 098cc52c71d68465e7ee5fbae462d58126b68885
parent e48c414ee61f4ac8d5cff2973e66a7cbc8a93aa5
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Wed, 10 Aug 2005 10:09:59
-0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:42:26 -0700
[INET_TWSK]: Introduce inet_twsk_alloc
With the parts of tcp_time_wait that are not TCP specific, tcp_time_wait uses
it and so will dccp_time_wait.
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/net/inet_timewait_sock.h |3 +++
net/ipv4/inet_timewait_sock.c| 28
net/ipv4/tcp_minisocks.c | 24 ++--
3 files changed, 33 insertions(+), 22 deletions(-)
diff --git a/include/net/inet_timewait_sock.h b/include/net/inet_timewait_sock.h
--- a/include/net/inet_timewait_sock.h
+++ b/include/net/inet_timewait_sock.h
@@ -142,6 +142,9 @@ static inline void inet_twsk_put(struct
}
}
+extern struct inet_timewait_sock *inet_twsk_alloc(const struct sock *sk,
+ const int state);
+
extern void __inet_twsk_kill(struct inet_timewait_sock *tw,
struct inet_hashinfo *hashinfo);
diff --git a/net/ipv4/inet_timewait_sock.c b/net/ipv4/inet_timewait_sock.c
--- a/net/ipv4/inet_timewait_sock.c
+++ b/net/ipv4/inet_timewait_sock.c
@@ -81,3 +81,31 @@ void __inet_twsk_hashdance(struct inet_t
write_unlock(ehead-lock);
}
+
+struct inet_timewait_sock *inet_twsk_alloc(const struct sock *sk, const int
state)
+{
+ struct inet_timewait_sock *tw =
kmem_cache_alloc(sk-sk_prot_creator-twsk_slab,
+SLAB_ATOMIC);
+ if (tw != NULL) {
+ const struct inet_sock *inet = inet_sk(sk);
+
+ /* Give us an identity. */
+ tw-tw_daddr= inet-daddr;
+ tw-tw_rcv_saddr= inet-rcv_saddr;
+ tw-tw_bound_dev_if = sk-sk_bound_dev_if;
+ tw-tw_num = inet-num;
+ tw-tw_state= TCP_TIME_WAIT;
+ tw-tw_substate = state;
+ tw-tw_sport= inet-sport;
+ tw-tw_dport= inet-dport;
+ tw-tw_family = sk-sk_family;
+ tw-tw_reuse= sk-sk_reuse;
+ tw-tw_hashent = sk-sk_hashent;
+ tw-tw_ipv6only = 0;
+ tw-tw_prot = sk-sk_prot_creator;
+ atomic_set(tw-tw_refcnt, 1);
+ inet_twsk_dead_node_init(tw);
+ }
+
+ return tw;
+}
diff --git a/net/ipv4/tcp_minisocks.c b/net/ipv4/tcp_minisocks.c
--- a/net/ipv4/tcp_minisocks.c
+++ b/net/ipv4/tcp_minisocks.c
@@ -267,37 +267,18 @@ void tcp_time_wait(struct sock *sk, int
recycle_ok = tp-af_specific-remember_stamp(sk);
if (tcp_tw_count sysctl_tcp_max_tw_buckets)
- tw = kmem_cache_alloc(sk-sk_prot_creator-twsk_slab,
SLAB_ATOMIC);
+ tw = inet_twsk_alloc(sk, state);
if (tw != NULL) {
struct tcp_timewait_sock *tcptw = tcp_twsk((struct sock *)tw);
- const struct inet_sock *inet = inet_sk(sk);
const int rto = (tp-rto 2) - (tp-rto 1);
- /* Remember our protocol */
- tw-tw_prot = sk-sk_prot_creator;
-
- /* Give us an identity. */
- tw-tw_daddr= inet-daddr;
- tw-tw_rcv_saddr= inet-rcv_saddr;
- tw-tw_bound_dev_if = sk-sk_bound_dev_if;
- tw-tw_num = inet-num;
- tw-tw_state= TCP_TIME_WAIT;
- tw-tw_substate = state;
- tw-tw_sport= inet-sport;
- tw-tw_dport= inet-dport;
- tw-tw_family = sk-sk_family;
- tw-tw_reuse= sk-sk_reuse;
tw-tw_rcv_wscale = tp-rx_opt.rcv_wscale;
- atomic_set(tw-tw_refcnt, 1);
-
- tw-tw_hashent = sk-sk_hashent;
tcptw-tw_rcv_nxt = tp-rcv_nxt;
tcptw-tw_snd_nxt = tp-snd_nxt;
tcptw-tw_rcv_wnd = tcp_receive_window(tp);
tcptw-tw_ts_recent = tp-rx_opt.ts_recent;
tcptw-tw_ts_recent_stamp = tp-rx_opt.ts_recent_stamp;
- inet_twsk_dead_node_init(tw);
#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
if (tw-tw_family == PF_INET6) {
@@ -307,8 +288,7 @@ void tcp_time_wait(struct sock *sk, int
ipv6_addr_copy(tcp6tw-tw_v6_daddr, np-daddr);
ipv6_addr_copy(tcp6tw-tw_v6_rcv_saddr,
np-rcv_saddr);
tw-tw_ipv6only = np-ipv6only;
- } else
- tw-tw_ipv6only = 0;
+ }
#endif
[NET]: Just move the inet_connection_sock function from tcp sources
tree e4201b1e2356cea8b7bd8d68dfba06e84002a77d
parent 463c84b97f24010a67cd871746d6a7e4c925a5f9
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Wed, 10 Aug 2005 10:11:08
-0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:49:14 -0700
[NET]: Just move the inet_connection_sock function from tcp sources
Completing the previous changeset, this also generalises tcp_v4_synq_add,
renaming it to inet_csk_reqsk_queue_hash_add, already geing used in the
DCCP tree, which I plan to merge RSN.
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/linux/ipv6.h |7
include/net/inet_connection_sock.h | 152 ++
include/net/tcp.h | 160 --
net/ipv4/Makefile |2
net/ipv4/inet_connection_sock.c| 401 +
net/ipv4/tcp.c | 93
net/ipv4/tcp_input.c | 10
net/ipv4/tcp_ipv4.c| 210 ---
net/ipv4/tcp_output.c | 19 +
net/ipv4/tcp_timer.c | 65 -
10 files changed, 588 insertions(+), 531 deletions(-)
diff --git a/include/linux/ipv6.h b/include/linux/ipv6.h
--- a/include/linux/ipv6.h
+++ b/include/linux/ipv6.h
@@ -333,15 +333,10 @@ static inline struct in6_addr *tcp_v6_rc
return sk-sk_family == AF_INET6 ? __tcp_v6_rcv_saddr(sk) : NULL;
}
-static inline int inet_twsk_ipv6only(const struct sock *sk)
-{
- return inet_twsk(sk)-tw_ipv6only;
-}
-
static inline int inet_v6_ipv6only(const struct sock *sk)
{
return likely(sk-sk_state != TCP_TIME_WAIT) ?
- ipv6_only_sock(sk) : inet_twsk_ipv6only(sk);
+ ipv6_only_sock(sk) : inet_twsk(sk)-tw_ipv6only;
}
#else
#define __ipv6_only_sock(sk) 0
diff --git a/include/net/inet_connection_sock.h
b/include/net/inet_connection_sock.h
--- a/include/net/inet_connection_sock.h
+++ b/include/net/inet_connection_sock.h
@@ -16,9 +16,15 @@
#define _INET_CONNECTION_SOCK_H
#include linux/ip.h
+#include linux/string.h
#include linux/timer.h
#include net/request_sock.h
+#define INET_CSK_DEBUG 1
+
+/* Cancel timers, when they are not required. */
+#undef INET_CSK_CLEAR_TIMERS
+
struct inet_bind_bucket;
struct inet_hashinfo;
@@ -61,17 +67,107 @@ struct inet_connection_sock {
} icsk_ack;
};
+#define ICSK_TIME_RETRANS 1 /* Retransmit timer */
+#define ICSK_TIME_DACK 2 /* Delayed ack timer */
+#define ICSK_TIME_PROBE0 3 /* Zero window probe timer */
+#define ICSK_TIME_KEEPOPEN 4 /* Keepalive timer */
+
static inline struct inet_connection_sock *inet_csk(const struct sock *sk)
{
return (struct inet_connection_sock *)sk;
}
+enum inet_csk_ack_state_t {
+ ICSK_ACK_SCHED = 1,
+ ICSK_ACK_TIMER = 2,
+ ICSK_ACK_PUSHED = 4
+};
+
extern void inet_csk_init_xmit_timers(struct sock *sk,
void (*retransmit_handler)(unsigned long),
void (*delack_handler)(unsigned long),
void (*keepalive_handler)(unsigned long));
extern void inet_csk_clear_xmit_timers(struct sock *sk);
+static inline void inet_csk_schedule_ack(struct sock *sk)
+{
+ inet_csk(sk)-icsk_ack.pending |= ICSK_ACK_SCHED;
+}
+
+static inline int inet_csk_ack_scheduled(const struct sock *sk)
+{
+ return inet_csk(sk)-icsk_ack.pending ICSK_ACK_SCHED;
+}
+
+static inline void inet_csk_delack_init(struct sock *sk)
+{
+ memset(inet_csk(sk)-icsk_ack, 0, sizeof(inet_csk(sk)-icsk_ack));
+}
+
+extern void inet_csk_delete_keepalive_timer(struct sock *sk);
+extern void inet_csk_reset_keepalive_timer(struct sock *sk, unsigned long
timeout);
+
+#ifdef INET_CSK_DEBUG
+extern const char inet_csk_timer_bug_msg[];
+#endif
+
+static inline void inet_csk_clear_xmit_timer(struct sock *sk, const int what)
+{
+ struct inet_connection_sock *icsk = inet_csk(sk);
+
+ if (what == ICSK_TIME_RETRANS || what == ICSK_TIME_PROBE0) {
+ icsk-icsk_pending = 0;
+#ifdef INET_CSK_CLEAR_TIMERS
+ sk_stop_timer(sk, icsk-icsk_retransmit_timer);
+#endif
+ } else if (what == ICSK_TIME_DACK) {
+ icsk-icsk_ack.blocked = icsk-icsk_ack.pending = 0;
+#ifdef INET_CSK_CLEAR_TIMERS
+ sk_stop_timer(sk, icsk-icsk_delack_timer);
+#endif
+ }
+#ifdef INET_CSK_DEBUG
+ else {
+ pr_debug(inet_csk_timer_bug_msg);
+ }
+#endif
+}
+
+/*
+ * Reset the retransmission timer
+ */
+static inline void inet_csk_reset_xmit_timer(struct sock *sk, const int what,
+unsigned long when,
+const unsigned long max_when)
+{
+ struct inet_connection_sock *icsk = inet_csk(sk);
+
+ if (when max_when) {
+#ifdef INET_CSK_DEBUG
+
[ICSK]: Generalise tcp_listen_{start,stop}
tree 1c58ba5c3236499ec5abeedcc43faa7bed816b07
parent 9f1d2604c71498579609b1532fedc5a89276bb00
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Wed, 10 Aug 2005 10:11:41
-0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:49:24 -0700
[ICSK]: Generalise tcp_listen_{start,stop}
This also moved inet_iif from tcp to inet_hashtables.h, as it is
needed by the inet_lookup callers, perhaps this needs a bit of
polishing, but for now seems fine.
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/net/inet_hashtables.h |6 ++
include/net/sock.h|1 +
include/net/tcp.h |4 ++--
net/ipv4/af_inet.c|2 +-
net/ipv4/tcp.c| 38 +-
net/ipv4/tcp_ipv4.c |6 +-
net/ipv6/tcp_ipv6.c |1 +
7 files changed, 33 insertions(+), 25 deletions(-)
diff --git a/include/net/inet_hashtables.h b/include/net/inet_hashtables.h
--- a/include/net/inet_hashtables.h
+++ b/include/net/inet_hashtables.h
@@ -26,6 +26,7 @@
#include linux/wait.h
#include net/inet_connection_sock.h
+#include net/route.h
#include net/sock.h
#include net/tcp_states.h
@@ -280,6 +281,11 @@ out:
wake_up(hashinfo-lhash_wait);
}
+static inline int inet_iif(const struct sk_buff *skb)
+{
+ return ((struct rtable *)skb-dst)-rt_iif;
+}
+
extern struct sock *__inet_lookup_listener(const struct hlist_head *head,
const u32 daddr,
const unsigned short hnum,
diff --git a/include/net/sock.h b/include/net/sock.h
--- a/include/net/sock.h
+++ b/include/net/sock.h
@@ -558,6 +558,7 @@ struct proto {
kmem_cache_t*twsk_slab;
unsigned inttwsk_obj_size;
+ atomic_t*orphan_count;
struct request_sock_ops *rsk_prot;
diff --git a/include/net/tcp.h b/include/net/tcp.h
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -860,7 +860,7 @@ static __inline__ void tcp_update_wl(str
tp-snd_wl1 = seq;
}
-extern void tcp_destroy_sock(struct sock *sk);
+extern void inet_csk_destroy_sock(struct sock *sk);
/*
@@ -987,7 +987,7 @@ static __inline__ void tcp_done(struct s
if (!sock_flag(sk, SOCK_DEAD))
sk-sk_state_change(sk);
else
- tcp_destroy_sock(sk);
+ inet_csk_destroy_sock(sk);
}
static __inline__ void tcp_sack_reset(struct tcp_options_received *rx_opt)
diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c
--- a/net/ipv4/af_inet.c
+++ b/net/ipv4/af_inet.c
@@ -202,7 +202,7 @@ int inet_listen(struct socket *sock, int
* we can only allow the backlog to be adjusted.
*/
if (old_state != TCP_LISTEN) {
- err = tcp_listen_start(sk);
+ err = inet_csk_listen_start(sk, TCP_SYNQ_HSIZE);
if (err)
goto out;
}
diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -273,6 +273,8 @@ DEFINE_SNMP_STAT(struct tcp_mib, tcp_sta
atomic_t tcp_orphan_count = ATOMIC_INIT(0);
+EXPORT_SYMBOL_GPL(tcp_orphan_count);
+
int sysctl_tcp_mem[3];
int sysctl_tcp_wmem[3] = { 4 * 1024, 16 * 1024, 128 * 1024 };
int sysctl_tcp_rmem[3] = { 4 * 1024, 87380, 87380 * 2 };
@@ -454,12 +456,11 @@ int tcp_ioctl(struct sock *sk, int cmd,
return put_user(answ, (int __user *)arg);
}
-
-int tcp_listen_start(struct sock *sk)
+int inet_csk_listen_start(struct sock *sk, const int nr_table_entries)
{
struct inet_sock *inet = inet_sk(sk);
struct inet_connection_sock *icsk = inet_csk(sk);
- int rc = reqsk_queue_alloc(icsk-icsk_accept_queue, TCP_SYNQ_HSIZE);
+ int rc = reqsk_queue_alloc(icsk-icsk_accept_queue, nr_table_entries);
if (rc != 0)
return rc;
@@ -488,12 +489,13 @@ int tcp_listen_start(struct sock *sk)
return -EADDRINUSE;
}
+EXPORT_SYMBOL_GPL(inet_csk_listen_start);
+
/*
* This routine closes sockets which have been at least partially
* opened, but not yet accepted.
*/
-
-static void tcp_listen_stop (struct sock *sk)
+static void inet_csk_listen_stop(struct sock *sk)
{
struct inet_connection_sock *icsk = inet_csk(sk);
struct request_sock *acc_req;
@@ -524,13 +526,13 @@ static void tcp_listen_stop (struct sock
BUG_TRAP(!sock_owned_by_user(child));
sock_hold(child);
- tcp_disconnect(child, O_NONBLOCK);
+ sk-sk_prot-disconnect(child, O_NONBLOCK);
sock_orphan(child);
- atomic_inc(tcp_orphan_count);
+ atomic_inc(sk-sk_prot-orphan_count);
- tcp_destroy_sock(child);
+ inet_csk_destroy_sock(child);
bh_unlock_sock(child);
local_bh_enable();
@@ -542,6
[ICSK]: Introduce reqsk_queue_prune from code in tcp_synack_timer
tree 509c113d2622a28836303590ba1a40cecea59d3b
parent 0a5578cf8e5e045aaa68643c17ce885426697c6b
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Wed, 10 Aug 2005 10:11:56
-0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:49:29 -0700
[ICSK]: Introduce reqsk_queue_prune from code in tcp_synack_timer
With this we're very close to getting all of the current TCP
refactorings in my dccp-2.6 tree merged, next changeset will export
some functions needed by the current DCCP code and then dccp-2.6.git
will be born!
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/linux/tcp.h|2 -
include/net/inet_connection_sock.h |2 +
include/net/request_sock.h |7 +
include/net/tcp.h |3 +-
net/core/request_sock.c|1
net/ipv4/af_inet.c |1
net/ipv4/tcp.c | 21
net/ipv4/tcp_input.c | 11 ++--
net/ipv4/tcp_minisocks.c | 10
net/ipv4/tcp_timer.c | 46 ++---
10 files changed, 67 insertions(+), 37 deletions(-)
diff --git a/include/linux/tcp.h b/include/linux/tcp.h
--- a/include/linux/tcp.h
+++ b/include/linux/tcp.h
@@ -270,7 +270,7 @@ struct tcp_sock {
__u8frto_counter; /* Number of new acks after RTO */
__u8nonagle;/* Disable Nagle algorithm? */
- __u8defer_accept; /* User waits for some data after accept() */
+ /* ONE BYTE HOLE, TRY TO PACK */
/* RTT measurement */
__u32 srtt; /* smoothed round trip time 3*/
diff --git a/include/net/inet_connection_sock.h
b/include/net/inet_connection_sock.h
--- a/include/net/inet_connection_sock.h
+++ b/include/net/inet_connection_sock.h
@@ -239,4 +239,6 @@ static inline void inet_csk_reqsk_queue_
reqsk_free(req);
}
+extern void inet_csk_listen_stop(struct sock *sk);
+
#endif /* _INET_CONNECTION_SOCK_H */
diff --git a/include/net/request_sock.h b/include/net/request_sock.h
--- a/include/net/request_sock.h
+++ b/include/net/request_sock.h
@@ -97,6 +97,7 @@ struct listen_sock {
*
* @rskq_accept_head - FIFO head of established children
* @rskq_accept_tail - FIFO tail of established children
+ * @rskq_defer_accept - User waits for some data after accept()
* @syn_wait_lock - serializer
*
* %syn_wait_lock is necessary only to avoid proc interface having to grab the
main
@@ -112,6 +113,8 @@ struct request_sock_queue {
struct request_sock *rskq_accept_head;
struct request_sock *rskq_accept_tail;
rwlock_tsyn_wait_lock;
+ u8 rskq_defer_accept;
+ /* 3 bytes hole, try to pack */
struct listen_sock *listen_opt;
};
@@ -255,4 +258,8 @@ static inline void reqsk_queue_hash_req(
write_unlock(queue-syn_wait_lock);
}
+extern void reqsk_queue_prune(struct request_sock_queue *queue, struct sock
*parent,
+ const unsigned long interval, const unsigned long
timeout,
+ const unsigned long max_rto, int max_retries);
+
#endif /* _REQUEST_SOCK_H */
diff --git a/include/net/tcp.h b/include/net/tcp.h
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -423,7 +423,8 @@ extern int tcp_recvmsg(struct kiocb *i
size_t len, int nonblock,
int flags, int *addr_len);
-extern int tcp_listen_start(struct sock *sk);
+extern int inet_csk_listen_start(struct sock *sk,
+ const int
nr_table_entries);
extern voidtcp_parse_options(struct sk_buff *skb,
struct tcp_options_received
*opt_rx,
diff --git a/net/core/request_sock.c b/net/core/request_sock.c
--- a/net/core/request_sock.c
+++ b/net/core/request_sock.c
@@ -52,6 +52,7 @@ int reqsk_queue_alloc(struct request_soc
get_random_bytes(lopt-hash_rnd, sizeof(lopt-hash_rnd));
rwlock_init(queue-syn_wait_lock);
queue-rskq_accept_head = queue-rskq_accept_head = NULL;
+ queue-rskq_defer_accept = 0;
lopt-nr_table_entries = nr_table_entries;
write_lock_bh(queue-syn_wait_lock);
diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c
--- a/net/ipv4/af_inet.c
+++ b/net/ipv4/af_inet.c
@@ -99,6 +99,7 @@
#include net/arp.h
#include net/route.h
#include net/ip_fib.h
+#include net/inet_connection_sock.h
#include net/tcp.h
#include net/udp.h
#include linux/skbuff.h
diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -495,7 +495,7 @@ EXPORT_SYMBOL_GPL(inet_csk_listen_start)
* This routine closes sockets which have been at least partially
* opened,
[NET]: Export symbols needed by the current DCCP code
tree 76d087cbfe404755a385eef131f7063b48525695
parent 295f7324ff8d9ea58b4d3ec93b1aaa1d80e048a9
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Wed, 10 Aug 2005 10:12:12
-0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:49:35 -0700
[NET]: Export symbols needed by the current DCCP code
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
net/ipv4/inet_timewait_sock.c |2 ++
net/ipv4/ip_output.c |2 ++
net/ipv4/ip_sockglue.c|2 --
net/ipv4/route.c |4
4 files changed, 8 insertions(+), 2 deletions(-)
diff --git a/net/ipv4/inet_timewait_sock.c b/net/ipv4/inet_timewait_sock.c
--- a/net/ipv4/inet_timewait_sock.c
+++ b/net/ipv4/inet_timewait_sock.c
@@ -47,6 +47,8 @@ void __inet_twsk_kill(struct inet_timewa
inet_twsk_put(tw);
}
+EXPORT_SYMBOL_GPL(__inet_twsk_kill);
+
/*
* Enter the time wait state. This is called with locally disabled BH.
* Essentially we whip up a timewait bucket, copy the relevant info into it
diff --git a/net/ipv4/ip_output.c b/net/ipv4/ip_output.c
--- a/net/ipv4/ip_output.c
+++ b/net/ipv4/ip_output.c
@@ -158,6 +158,8 @@ int ip_build_and_send_pkt(struct sk_buff
dst_output);
}
+EXPORT_SYMBOL_GPL(ip_build_and_send_pkt);
+
static inline int ip_finish_output2(struct sk_buff *skb)
{
struct dst_entry *dst = skb-dst;
diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c
--- a/net/ipv4/ip_sockglue.c
+++ b/net/ipv4/ip_sockglue.c
@@ -1090,7 +1090,5 @@ int ip_getsockopt(struct sock *sk, int l
EXPORT_SYMBOL(ip_cmsg_recv);
-#ifdef CONFIG_IP_SCTP_MODULE
EXPORT_SYMBOL(ip_getsockopt);
EXPORT_SYMBOL(ip_setsockopt);
-#endif
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -2602,6 +2602,8 @@ int __ip_route_output_key(struct rtable
return ip_route_output_slow(rp, flp);
}
+EXPORT_SYMBOL_GPL(__ip_route_output_key);
+
int ip_route_output_flow(struct rtable **rp, struct flowi *flp, struct sock
*sk, int flags)
{
int err;
@@ -2620,6 +2622,8 @@ int ip_route_output_flow(struct rtable *
return 0;
}
+EXPORT_SYMBOL_GPL(ip_route_output_flow);
+
int ip_route_output_key(struct rtable **rp, struct flowi *flp)
{
return ip_route_output_flow(rp, flp, NULL, 0);
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
[ICSK]: Move generalised functions from tcp to inet_connection_sock
tree f82f0523c313228d64998fac30790edcfd0785c3
parent 7c657876b63cb1d8a2ec06f8fc6c37bb8412e66c
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Wed, 10 Aug 2005 10:15:09
-0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:49:50 -0700
[ICSK]: Move generalised functions from tcp to inet_connection_sock
This also improves reqsk_queue_prune and renames it to
inet_csk_reqsk_queue_prune, as it deals with both inet_connection_sock
and inet_request_sock objects, not just with request_sock ones thus
belonging to inet_request_sock.
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/net/inet_connection_sock.h |7 +
include/net/request_sock.h |4
include/net/tcp.h |6 -
net/dccp/timer.c |6 -
net/ipv4/inet_connection_sock.c| 214 +
net/ipv4/tcp.c | 120
net/ipv4/tcp_timer.c | 93
7 files changed, 224 insertions(+), 226 deletions(-)
diff --git a/include/net/inet_connection_sock.h
b/include/net/inet_connection_sock.h
--- a/include/net/inet_connection_sock.h
+++ b/include/net/inet_connection_sock.h
@@ -239,6 +239,13 @@ static inline void inet_csk_reqsk_queue_
reqsk_free(req);
}
+extern void inet_csk_reqsk_queue_prune(struct sock *parent,
+ const unsigned long interval,
+ const unsigned long timeout,
+ const unsigned long max_rto);
+
+extern void inet_csk_destroy_sock(struct sock *sk);
+extern int inet_csk_listen_start(struct sock *sk, const int nr_table_entries);
extern void inet_csk_listen_stop(struct sock *sk);
#endif /* _INET_CONNECTION_SOCK_H */
diff --git a/include/net/request_sock.h b/include/net/request_sock.h
--- a/include/net/request_sock.h
+++ b/include/net/request_sock.h
@@ -258,8 +258,4 @@ static inline void reqsk_queue_hash_req(
write_unlock(queue-syn_wait_lock);
}
-extern void reqsk_queue_prune(struct request_sock_queue *queue, struct sock
*parent,
- const unsigned long interval, const unsigned long
timeout,
- const unsigned long max_rto, int max_retries);
-
#endif /* _REQUEST_SOCK_H */
diff --git a/include/net/tcp.h b/include/net/tcp.h
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -423,9 +423,6 @@ extern int tcp_recvmsg(struct kiocb *i
size_t len, int nonblock,
int flags, int *addr_len);
-extern int inet_csk_listen_start(struct sock *sk,
- const int
nr_table_entries);
-
extern voidtcp_parse_options(struct sk_buff *skb,
struct tcp_options_received
*opt_rx,
int estab);
@@ -861,9 +858,6 @@ static __inline__ void tcp_update_wl(str
tp-snd_wl1 = seq;
}
-extern void inet_csk_destroy_sock(struct sock *sk);
-
-
/*
* Calculate(/check) TCP checksum
*/
diff --git a/net/dccp/timer.c b/net/dccp/timer.c
--- a/net/dccp/timer.c
+++ b/net/dccp/timer.c
@@ -220,11 +220,7 @@ out:
*/
static void dccp_response_timer(struct sock *sk)
{
- struct inet_connection_sock *icsk = inet_csk(sk);
- const int max_retries = icsk-icsk_syn_retries ? : TCP_SYNACK_RETRIES
/* FIXME sysctl_tcp_synack_retries */;
-
- reqsk_queue_prune(icsk-icsk_accept_queue, sk, TCP_SYNQ_INTERVAL,
- DCCP_TIMEOUT_INIT, DCCP_RTO_MAX, max_retries);
+ inet_csk_reqsk_queue_prune(sk, TCP_SYNQ_INTERVAL, DCCP_TIMEOUT_INIT,
DCCP_RTO_MAX);
}
static void dccp_keepalive_timer(unsigned long data)
diff --git a/net/ipv4/inet_connection_sock.c b/net/ipv4/inet_connection_sock.c
--- a/net/ipv4/inet_connection_sock.c
+++ b/net/ipv4/inet_connection_sock.c
@@ -23,6 +23,7 @@
#include net/ip.h
#include net/route.h
#include net/tcp_states.h
+#include net/xfrm.h
#ifdef INET_CSK_DEBUG
const char inet_csk_timer_bug_msg[] = inet_csk BUG: unknown timer value\n;
@@ -398,8 +399,100 @@ void inet_csk_reqsk_queue_hash_add(struc
inet_csk_reqsk_queue_added(sk, timeout);
}
+/* Only thing we need from tcp.h */
+extern int sysctl_tcp_synack_retries;
+
EXPORT_SYMBOL_GPL(inet_csk_reqsk_queue_hash_add);
+void inet_csk_reqsk_queue_prune(struct sock *parent,
+ const unsigned long interval,
+ const unsigned long timeout,
+ const unsigned long max_rto)
+{
+ struct inet_connection_sock *icsk = inet_csk(parent);
+ struct request_sock_queue *queue = icsk-icsk_accept_queue;
+ struct listen_sock *lopt = queue-listen_opt;
+ int max_retries =
[LIST]: Introduce list_for_each_entry_safe_continue
tree 7e24efa82b69765490c778ed5a7068b3b7613344 parent 95b81ef794278c835b321f6376b0522cd5df59b7 author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Wed, 10 Aug 2005 10:15:51 -0700 committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:50:04 -0700 [LIST]: Introduce list_for_each_entry_safe_continue Used in the dccp CCID3 code, that is going to be submitted RSN. Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED] Signed-off-by: David S. Miller [EMAIL PROTECTED] include/linux/list.h | 13 + 1 files changed, 13 insertions(+) diff --git a/include/linux/list.h b/include/linux/list.h --- a/include/linux/list.h +++ b/include/linux/list.h @@ -419,6 +419,19 @@ static inline void list_splice_init(stru pos = n, n = list_entry(n-member.next, typeof(*n), member)) /** + * list_for_each_entry_safe_continue - iterate over list of given type + * continuing after existing point safe against removal of list entry + * @pos: the type * to use as a loop counter. + * @n: another type * to use as temporary storage + * @head: the head for your list. + * @member:the name of the list_struct within the struct. + */ +#define list_for_each_entry_safe_continue(pos, n, head, member) \ + for (pos = n, n = list_entry(n-member.next, typeof(*n), member); \ +pos-member != (head); \ +pos = n, n = list_entry(n-member.next, typeof(*n), member)) + +/** * list_for_each_rcu - iterate over an rcu-protected list * @pos: the struct list_head to use as a loop counter. * @head: the head for your list. - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CCID3]: Reenable list_for_each_entry_safe_continue usage
tree 9ee923abbafb48b5f3220b817c84ba206914ab1c
parent 74459dc7bacda04d14626d239c8f5c4dac22560d
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Wed, 10 Aug 2005 10:16:04
-0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:50:08 -0700
[CCID3]: Reenable list_for_each_entry_safe_continue usage
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
net/dccp/ccids/ccid3.c | 10 +-
1 files changed, 1 insertion(+), 9 deletions(-)
diff --git a/net/dccp/ccids/ccid3.c b/net/dccp/ccids/ccid3.c
--- a/net/dccp/ccids/ccid3.c
+++ b/net/dccp/ccids/ccid3.c
@@ -1272,13 +1272,10 @@ static void ccid3_hc_tx_packet_recv(stru
ccid3_calc_new_delta(hctx);
/* remove all packets older than the one acked from history */
-#if 0
- FIXME!
list_for_each_entry_safe_continue(entry, next,
hctx-ccid3hctx_hist, ccid3htx_node) {
list_del_init(entry-ccid3htx_node);
ccid3_tx_hist_entry_delete(entry);
}
-#endif
if (hctx-ccid3hctx_x 10) {
ccid3_pr_debug(ccid3_hc_tx_packet_recv
hctx-ccid3hctx_x 10\n);
hctx-ccid3hctx_x = 10;
@@ -1820,8 +1817,7 @@ static void ccid3_hc_rx_detect_loss(stru
a_next = b_next;
num_later = 1;
-#if 0
- FIXME MERGE GIT!
+
list_for_each_entry_safe_continue(entry, a_next, hcrx-ccid3hcrx_hist,
ccid3hrx_node) {
if (num_later == 0) {
a_loss = entry;
@@ -1830,7 +1826,6 @@ static void ccid3_hc_rx_detect_loss(stru
entry-ccid3hrx_type == DCCP_PKT_DATAACK)
--num_later;
}
-#endif
if (a_loss == NULL) {
if (list_empty(hcrx-ccid3hcrx_loss_interval_hist)) {
@@ -1848,8 +1843,6 @@ static void ccid3_hc_rx_detect_loss(stru
/* Locate a lost data packet */
entry = packet = b_loss;
-#if 0
- FIXME MERGE GIT!
list_for_each_entry_safe_continue(entry, b_next, hcrx-ccid3hcrx_hist,
ccid3hrx_node) {
u64 delta = dccp_delta_seqno(entry-ccid3hrx_seqno,
packet-ccid3hrx_seqno);
@@ -1875,7 +1868,6 @@ static void ccid3_hc_rx_detect_loss(stru
if (packet == a_loss)
break;
}
-#endif
if (seq_loss != DCCP_MAX_SEQNO + 1)
win_loss = a_loss-ccid3hrx_win_count;
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
[TG3]: Add mailbox read method
tree 52d0002518d41a6eea12859f9134c17d2af6c473
parent 1ee582d8e49a1c9dd43b2599f1cd26507182a8d4
author Michael Chan [EMAIL PROTECTED] Wed, 10 Aug 2005 10:17:00 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:50:38 -0700
[TG3]: Add mailbox read method
This patch adds the mailbox read method and also adds an inline function
tw32_mailbox_f() for mailbox writes that require read flush.
Signed-off-by: Michael Chan [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
drivers/net/tg3.c | 41 +++--
drivers/net/tg3.h |1 +
2 files changed, 24 insertions(+), 18 deletions(-)
diff --git a/drivers/net/tg3.c b/drivers/net/tg3.c
--- a/drivers/net/tg3.c
+++ b/drivers/net/tg3.c
@@ -366,6 +366,12 @@ static void _tw32_flush(struct tg3 *tp,
}
}
+static inline void tw32_mailbox_flush(struct tg3 *tp, u32 off, u32 val)
+{
+ tp-write32_mbox(tp, off, val);
+ tp-read32_mbox(tp, off);
+}
+
static void tg3_write32_tx_mbox(struct tg3 *tp, u32 off, u32 val)
{
void __iomem *mbox = tp-regs + off;
@@ -387,8 +393,10 @@ static u32 tg3_read32(struct tg3 *tp, u3
}
#define tw32_mailbox(reg, val) tp-write32_mbox(tp, reg, val)
+#define tw32_mailbox_f(reg, val) tw32_mailbox_flush(tp, (reg), (val))
#define tw32_rx_mbox(reg, val) tp-write32_rx_mbox(tp, reg, val)
#define tw32_tx_mbox(reg, val) tp-write32_tx_mbox(tp, reg, val)
+#define tr32_mailbox(reg) tp-read32_mbox(tp, reg)
#define tw32(reg,val) tp-write32(tp, reg, val)
#define tw32_f(reg,val)_tw32_flush(tp,(reg),(val))
@@ -420,8 +428,7 @@ static void tg3_disable_ints(struct tg3
{
tw32(TG3PCI_MISC_HOST_CTRL,
(tp-misc_host_ctrl | MISC_HOST_CTRL_MASK_PCI_INT));
- tw32_mailbox(MAILBOX_INTERRUPT_0 + TG3_64BIT_REG_LOW, 0x0001);
- tr32(MAILBOX_INTERRUPT_0 + TG3_64BIT_REG_LOW);
+ tw32_mailbox_f(MAILBOX_INTERRUPT_0 + TG3_64BIT_REG_LOW, 0x0001);
}
static inline void tg3_cond_int(struct tg3 *tp)
@@ -437,9 +444,8 @@ static void tg3_enable_ints(struct tg3 *
tw32(TG3PCI_MISC_HOST_CTRL,
(tp-misc_host_ctrl ~MISC_HOST_CTRL_MASK_PCI_INT));
- tw32_mailbox(MAILBOX_INTERRUPT_0 + TG3_64BIT_REG_LOW,
-(tp-last_tag 24));
- tr32(MAILBOX_INTERRUPT_0 + TG3_64BIT_REG_LOW);
+ tw32_mailbox_f(MAILBOX_INTERRUPT_0 + TG3_64BIT_REG_LOW,
+ (tp-last_tag 24));
tg3_cond_int(tp);
}
@@ -3276,9 +3282,8 @@ static irqreturn_t tg3_interrupt(int irq
/* No work, shared interrupt perhaps? re-enable
* interrupts, and flush that PCI write
*/
- tw32_mailbox(MAILBOX_INTERRUPT_0 + TG3_64BIT_REG_LOW,
+ tw32_mailbox_f(MAILBOX_INTERRUPT_0 + TG3_64BIT_REG_LOW,
0x);
- tr32(MAILBOX_INTERRUPT_0 + TG3_64BIT_REG_LOW);
}
} else {/* shared interrupt */
handled = 0;
@@ -3321,9 +3326,8 @@ static irqreturn_t tg3_interrupt_tagged(
/* no work, shared interrupt perhaps? re-enable
* interrupts, and flush that PCI write
*/
- tw32_mailbox(MAILBOX_INTERRUPT_0 + TG3_64BIT_REG_LOW,
-tp-last_tag 24);
- tr32(MAILBOX_INTERRUPT_0 + TG3_64BIT_REG_LOW);
+ tw32_mailbox_f(MAILBOX_INTERRUPT_0 + TG3_64BIT_REG_LOW,
+ tp-last_tag 24);
}
} else {/* shared interrupt */
handled = 0;
@@ -5800,8 +5804,7 @@ static int tg3_reset_hw(struct tg3 *tp)
tw32_f(GRC_LOCAL_CTRL, tp-grc_local_ctrl);
udelay(100);
- tw32_mailbox(MAILBOX_INTERRUPT_0 + TG3_64BIT_REG_LOW, 0);
- tr32(MAILBOX_INTERRUPT_0 + TG3_64BIT_REG_LOW);
+ tw32_mailbox_f(MAILBOX_INTERRUPT_0 + TG3_64BIT_REG_LOW, 0);
tp-last_tag = 0;
if (!(tp-tg3_flags2 TG3_FLG2_5705_PLUS)) {
@@ -6190,7 +6193,8 @@ static int tg3_test_interrupt(struct tg3
HOSTCC_MODE_NOW);
for (i = 0; i 5; i++) {
- int_mbox = tr32(MAILBOX_INTERRUPT_0 + TG3_64BIT_REG_LOW);
+ int_mbox = tr32_mailbox(MAILBOX_INTERRUPT_0 +
+ TG3_64BIT_REG_LOW);
if (int_mbox != 0)
break;
msleep(10);
@@ -6590,10 +6594,10 @@ static int tg3_open(struct net_device *d
/* Mailboxes */
printk(DEBUG: SNDHOST_PROD[%08x%08x] SNDNIC_PROD[%08x%08x]\n,
- tr32(MAILBOX_SNDHOST_PROD_IDX_0 + 0x0),
- tr32(MAILBOX_SNDHOST_PROD_IDX_0 + 0x4),
- tr32(MAILBOX_SNDNIC_PROD_IDX_0 + 0x0),
- tr32(MAILBOX_SNDNIC_PROD_IDX_0 + 0x4));
+
[TG3]: Add indirect register method for 5703 behind ICH
tree ddeb1904b798bb69ed248840f25477bf8891d250
parent 09ee929cccfd0b56ea3724b3c6299fbbe813df43
author Michael Chan [EMAIL PROTECTED] Wed, 10 Aug 2005 10:17:14 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:50:42 -0700
[TG3]: Add indirect register method for 5703 behind ICH
This patch adds the new workaround for 5703 A1/A2 if it is behind
certain ICH bridges. The workaround disables memory and uses config.
cycles only to access all registers. The 5702/03 chips can mistakenly
decode the special cycles from the ICH chipsets as memory write cycles,
causing corruption of register and memory space. Only certain ICH
bridges will drive special cycles with non-zero data during the address
phase which can fall within the 5703's address range. This is not an ICH
bug as the PCI spec allows non-zero address during special cycles.
However, only these ICH bridges are known to drive non-zero addresses
during special cycles.
The indirect_lock is also changed to spin_lock_irqsave from spin_lock_bh
because it is used in irq handler when using the indirect method to
disable interrupts.
Signed-off-by: Michael Chan [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
drivers/net/tg3.c | 190 ++
drivers/net/tg3.h |1
2 files changed, 163 insertions(+), 28 deletions(-)
diff --git a/drivers/net/tg3.c b/drivers/net/tg3.c
--- a/drivers/net/tg3.c
+++ b/drivers/net/tg3.c
@@ -340,10 +340,12 @@ static struct {
static void tg3_write_indirect_reg32(struct tg3 *tp, u32 off, u32 val)
{
- spin_lock_bh(tp-indirect_lock);
+ unsigned long flags;
+
+ spin_lock_irqsave(tp-indirect_lock, flags);
pci_write_config_dword(tp-pdev, TG3PCI_REG_BASE_ADDR, off);
pci_write_config_dword(tp-pdev, TG3PCI_REG_DATA, val);
- spin_unlock_bh(tp-indirect_lock);
+ spin_unlock_irqrestore(tp-indirect_lock, flags);
}
static void tg3_write_flush_reg32(struct tg3 *tp, u32 off, u32 val)
@@ -352,24 +354,75 @@ static void tg3_write_flush_reg32(struct
readl(tp-regs + off);
}
-static void _tw32_flush(struct tg3 *tp, u32 off, u32 val)
+static u32 tg3_read_indirect_reg32(struct tg3 *tp, u32 off)
{
- if ((tp-tg3_flags TG3_FLAG_PCIX_TARGET_HWBUG) != 0) {
- spin_lock_bh(tp-indirect_lock);
- pci_write_config_dword(tp-pdev, TG3PCI_REG_BASE_ADDR, off);
- pci_write_config_dword(tp-pdev, TG3PCI_REG_DATA, val);
- spin_unlock_bh(tp-indirect_lock);
- } else {
- void __iomem *dest = tp-regs + off;
- writel(val, dest);
- readl(dest);/* always flush PCI write */
+ unsigned long flags;
+ u32 val;
+
+ spin_lock_irqsave(tp-indirect_lock, flags);
+ pci_write_config_dword(tp-pdev, TG3PCI_REG_BASE_ADDR, off);
+ pci_read_config_dword(tp-pdev, TG3PCI_REG_DATA, val);
+ spin_unlock_irqrestore(tp-indirect_lock, flags);
+ return val;
+}
+
+static void tg3_write_indirect_mbox(struct tg3 *tp, u32 off, u32 val)
+{
+ unsigned long flags;
+
+ if (off == (MAILBOX_RCVRET_CON_IDX_0 + TG3_64BIT_REG_LOW)) {
+ pci_write_config_dword(tp-pdev, TG3PCI_RCV_RET_RING_CON_IDX +
+ TG3_64BIT_REG_LOW, val);
+ return;
+ }
+ if (off == (MAILBOX_RCV_STD_PROD_IDX + TG3_64BIT_REG_LOW)) {
+ pci_write_config_dword(tp-pdev, TG3PCI_STD_RING_PROD_IDX +
+ TG3_64BIT_REG_LOW, val);
+ return;
}
+
+ spin_lock_irqsave(tp-indirect_lock, flags);
+ pci_write_config_dword(tp-pdev, TG3PCI_REG_BASE_ADDR, off + 0x5600);
+ pci_write_config_dword(tp-pdev, TG3PCI_REG_DATA, val);
+ spin_unlock_irqrestore(tp-indirect_lock, flags);
+
+ /* In indirect mode when disabling interrupts, we also need
+* to clear the interrupt bit in the GRC local ctrl register.
+*/
+ if ((off == (MAILBOX_INTERRUPT_0 + TG3_64BIT_REG_LOW))
+ (val == 0x1)) {
+ pci_write_config_dword(tp-pdev, TG3PCI_MISC_LOCAL_CTRL,
+ tp-grc_local_ctrl|GRC_LCLCTRL_CLEARINT);
+ }
+}
+
+static u32 tg3_read_indirect_mbox(struct tg3 *tp, u32 off)
+{
+ unsigned long flags;
+ u32 val;
+
+ spin_lock_irqsave(tp-indirect_lock, flags);
+ pci_write_config_dword(tp-pdev, TG3PCI_REG_BASE_ADDR, off + 0x5600);
+ pci_read_config_dword(tp-pdev, TG3PCI_REG_DATA, val);
+ spin_unlock_irqrestore(tp-indirect_lock, flags);
+ return val;
+}
+
+static void _tw32_flush(struct tg3 *tp, u32 off, u32 val)
+{
+ tp-write32(tp, off, val);
+ if (!(tp-tg3_flags TG3_FLAG_PCIX_TARGET_HWBUG)
+ !(tp-tg3_flags TG3_FLAG_5701_REG_WRITE_BUG)
+ !(tp-tg3_flags2 TG3_FLG2_ICH_WORKAROUND))
+ tp-read32(tp, off);/* flush */
}
static inline void
[TG3]: Eliminate one register write in tg3_restart_ints()
tree 3c24f5536451b44d53e58373f9d4718ae25ca094
parent 6892914fb7980d844f2bac859f4095df9ebd18da
author Michael Chan [EMAIL PROTECTED] Wed, 10 Aug 2005 10:17:28 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:50:45 -0700
[TG3]: Eliminate one register write in tg3_restart_ints()
The register write to register 0x68 to restart interrupts is unnecessary
as the interrupt wasn't masked in that register by the irq handler. This
will save one register write in the fast path.
Signed-off-by: Michael Chan [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
drivers/net/tg3.c |2 --
1 files changed, 2 deletions(-)
diff --git a/drivers/net/tg3.c b/drivers/net/tg3.c
--- a/drivers/net/tg3.c
+++ b/drivers/net/tg3.c
@@ -533,8 +533,6 @@ static inline unsigned int tg3_has_work(
*/
static void tg3_restart_ints(struct tg3 *tp)
{
- tw32(TG3PCI_MISC_HOST_CTRL,
- (tp-misc_host_ctrl ~MISC_HOST_CTRL_MASK_PCI_INT));
tw32_mailbox(MAILBOX_INTERRUPT_0 + TG3_64BIT_REG_LOW,
tp-last_tag 24);
mmiowb();
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
[NETFILTER]: split net/core/netfilter.c into net/netfilter/*.c
tree 8fefa0e00c4214c3d8ba06c5122c5977b3a9391a
parent 210a9ebef2d1bd32d9e9d81c84d538e237769cdb
author Harald Welte [EMAIL PROTECTED] Wed, 10 Aug 2005 10:21:49 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:51:11 -0700
[NETFILTER]: split net/core/netfilter.c into net/netfilter/*.c
This patch doesn't introduce any code changes, but merely splits the
core netfilter code into four separate files. It also moves it from
it's old location in net/core/ to the recently-created net/netfilter/
directory.
Signed-off-by: Harald Welte [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
net/core/netfilter.c | 737 ---
net/core/Makefile|1
net/netfilter/Makefile |4
net/netfilter/core.c | 216
net/netfilter/nf_internals.h | 39 ++
net/netfilter/nf_log.c | 165 +
net/netfilter/nf_queue.c | 273 +++
net/netfilter/nf_sockopt.c | 132 +++
8 files changed, 829 insertions(+), 738 deletions(-)
diff --git a/net/core/Makefile b/net/core/Makefile
--- a/net/core/Makefile
+++ b/net/core/Makefile
@@ -12,7 +12,6 @@ obj-y += dev.o ethtool.o dev_mcast
obj-$(CONFIG_XFRM) += flow.o
obj-$(CONFIG_SYSFS) += net-sysfs.o
-obj-$(CONFIG_NETFILTER) += netfilter.o
obj-$(CONFIG_NET_DIVERT) += dv.o
obj-$(CONFIG_NET_PKTGEN) += pktgen.o
obj-$(CONFIG_NET_RADIO) += wireless.o
diff --git a/net/core/netfilter.c b/net/core/netfilter.c
deleted file mode 100644
--- a/net/core/netfilter.c
+++ /dev/null
@@ -1,737 +0,0 @@
-/* netfilter.c: look after the filters for various protocols.
- * Heavily influenced by the old firewall.c by David Bonn and Alan Cox.
- *
- * Thanks to Rob `CmdrTaco' Malda for not influencing this code in any
- * way.
- *
- * Rusty Russell (C)2000 -- This code is GPL.
- *
- * February 2000: Modified by James Morris to have 1 queue per protocol.
- * 15-Mar-2000: Added NF_REPEAT --RR.
- * 08-May-2003: Internal logging interface added by Jozsef Kadlecsik.
- */
-#include linux/config.h
-#include linux/kernel.h
-#include linux/netfilter.h
-#include net/protocol.h
-#include linux/init.h
-#include linux/skbuff.h
-#include linux/wait.h
-#include linux/module.h
-#include linux/interrupt.h
-#include linux/if.h
-#include linux/netdevice.h
-#include linux/inetdevice.h
-#include linux/proc_fs.h
-#include net/sock.h
-
-/* In this code, we can be waiting indefinitely for userspace to
- * service a packet if a hook returns NF_QUEUE. We could keep a count
- * of skbuffs queued for userspace, and not deregister a hook unless
- * this is zero, but that sucks. Now, we simply check when the
- * packets come back: if the hook is gone, the packet is discarded. */
-#ifdef CONFIG_NETFILTER_DEBUG
-#define NFDEBUG(format, args...) printk(format , ## args)
-#else
-#define NFDEBUG(format, args...)
-#endif
-
-/* Sockopts only registered and called from user context, so
- net locking would be overkill. Also, [gs]etsockopt calls may
- sleep. */
-static DECLARE_MUTEX(nf_sockopt_mutex);
-
-struct list_head nf_hooks[NPROTO][NF_MAX_HOOKS];
-static LIST_HEAD(nf_sockopts);
-static DEFINE_SPINLOCK(nf_hook_lock);
-
-/*
- * A queue handler may be registered for each protocol. Each is protected by
- * long term mutex. The handler must provide an an outfn() to accept packets
- * for queueing and must reinject all packets it receives, no matter what.
- */
-static struct nf_queue_handler_t {
- nf_queue_outfn_t outfn;
- void *data;
-} queue_handler[NPROTO];
-
-static struct nf_queue_rerouter *queue_rerouter;
-
-static DEFINE_RWLOCK(queue_handler_lock);
-
-int nf_register_hook(struct nf_hook_ops *reg)
-{
- struct list_head *i;
-
- spin_lock_bh(nf_hook_lock);
- list_for_each(i, nf_hooks[reg-pf][reg-hooknum]) {
- if (reg-priority ((struct nf_hook_ops *)i)-priority)
- break;
- }
- list_add_rcu(reg-list, i-prev);
- spin_unlock_bh(nf_hook_lock);
-
- synchronize_net();
- return 0;
-}
-
-void nf_unregister_hook(struct nf_hook_ops *reg)
-{
- spin_lock_bh(nf_hook_lock);
- list_del_rcu(reg-list);
- spin_unlock_bh(nf_hook_lock);
-
- synchronize_net();
-}
-
-/* Do exclusive ranges overlap? */
-static inline int overlap(int min1, int max1, int min2, int max2)
-{
- return max1 min2 min1 max2;
-}
-
-/* Functions to register sockopt ranges (exclusive). */
-int nf_register_sockopt(struct nf_sockopt_ops *reg)
-{
- struct list_head *i;
- int ret = 0;
-
- if (down_interruptible(nf_sockopt_mutex) != 0)
- return -EINTR;
-
- list_for_each(i, nf_sockopts) {
- struct nf_sockopt_ops *ops = (struct nf_sockopt_ops *)i;
- if (ops-pf == reg-pf
-(overlap(ops-set_optmin, ops-set_optmax,
- reg-set_optmin, reg-set_optmax)
- ||
[NETFILTER]: add /proc/net/netfilter interface to nf_queue
tree 0d1133f5f499cab639784407f53938ba5060807f
parent fbcd923c3e0c8ec9e4ed64f5a4e5766807b32729
author Harald Welte [EMAIL PROTECTED] Wed, 10 Aug 2005 10:23:11 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:51:18 -0700
[NETFILTER]: add /proc/net/netfilter interface to nf_queue
This patch adds a /proc/net/netfilter/nf_queue file, similar to the
recently-added /proc/net/netfilter/nf_log. It indicates which queue
handler is registered to which protocol family. This is useful since
there are now multiple queue handlers in the treee (ip[6]_queue,
nfnetlink_queue).
Signed-off-by: Harald Welte [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/linux/netfilter.h | 13 +++-
net/ipv4/netfilter/ip_queue.c |9 ++-
net/ipv6/netfilter/ip6_queue.c |9 ++-
net/netfilter/nf_log.c |1
net/netfilter/nf_queue.c| 106
net/netfilter/nfnetlink_queue.c | 12 ++--
6 files changed, 116 insertions(+), 34 deletions(-)
diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h
--- a/include/linux/netfilter.h
+++ b/include/linux/netfilter.h
@@ -225,13 +225,16 @@ int nf_getsockopt(struct sock *sk, int p
int *len);
/* Packet queuing */
-typedef int (*nf_queue_outfn_t)(struct sk_buff *skb,
-struct nf_info *info,
- unsigned int queuenum, void *data);
+struct nf_queue_handler {
+ int (*outfn)(struct sk_buff *skb, struct nf_info *info,
+unsigned int queuenum, void *data);
+ void *data;
+ char *name;
+};
extern int nf_register_queue_handler(int pf,
- nf_queue_outfn_t outfn, void *data);
+ struct nf_queue_handler *qh);
extern int nf_unregister_queue_handler(int pf);
-extern void nf_unregister_queue_handlers(nf_queue_outfn_t outfn);
+extern void nf_unregister_queue_handlers(struct nf_queue_handler *qh);
extern void nf_reinject(struct sk_buff *skb,
struct nf_info *info,
unsigned int verdict);
diff --git a/net/ipv4/netfilter/ip_queue.c b/net/ipv4/netfilter/ip_queue.c
--- a/net/ipv4/netfilter/ip_queue.c
+++ b/net/ipv4/netfilter/ip_queue.c
@@ -656,6 +656,11 @@ ipq_get_info(char *buffer, char **start,
}
#endif /* CONFIG_PROC_FS */
+static struct nf_queue_handler nfqh = {
+ .name = ip_queue,
+ .outfn = ipq_enqueue_packet,
+};
+
static int
init_or_cleanup(int init)
{
@@ -684,7 +689,7 @@ init_or_cleanup(int init)
register_netdevice_notifier(ipq_dev_notifier);
ipq_sysctl_header = register_sysctl_table(ipq_root_table, 0);
- status = nf_register_queue_handler(PF_INET, ipq_enqueue_packet, NULL);
+ status = nf_register_queue_handler(PF_INET, nfqh);
if (status 0) {
printk(KERN_ERR ip_queue: failed to register queue handler\n);
goto cleanup_sysctl;
@@ -692,7 +697,7 @@ init_or_cleanup(int init)
return status;
cleanup:
- nf_unregister_queue_handlers(ipq_enqueue_packet);
+ nf_unregister_queue_handlers(nfqh);
synchronize_net();
ipq_flush(NF_DROP);
diff --git a/net/ipv6/netfilter/ip6_queue.c b/net/ipv6/netfilter/ip6_queue.c
--- a/net/ipv6/netfilter/ip6_queue.c
+++ b/net/ipv6/netfilter/ip6_queue.c
@@ -652,6 +652,11 @@ ipq_get_info(char *buffer, char **start,
return len;
}
+static struct nf_queue_handler nfqh = {
+ .name = ip6_queue,
+ .outfn = ipq_enqueue_packet,
+};
+
static int
init_or_cleanup(int init)
{
@@ -679,7 +684,7 @@ init_or_cleanup(int init)
register_netdevice_notifier(ipq_dev_notifier);
ipq_sysctl_header = register_sysctl_table(ipq_root_table, 0);
- status = nf_register_queue_handler(PF_INET6, ipq_enqueue_packet, NULL);
+ status = nf_register_queue_handler(PF_INET6, nfqh);
if (status 0) {
printk(KERN_ERR ip6_queue: failed to register queue
handler\n);
goto cleanup_sysctl;
@@ -687,7 +692,7 @@ init_or_cleanup(int init)
return status;
cleanup:
- nf_unregister_queue_handlers(ipq_enqueue_packet);
+ nf_unregister_queue_handlers(nfqh);
synchronize_net();
ipq_flush(NF_DROP);
diff --git a/net/netfilter/nf_log.c b/net/netfilter/nf_log.c
--- a/net/netfilter/nf_log.c
+++ b/net/netfilter/nf_log.c
@@ -5,6 +5,7 @@
#include linux/proc_fs.h
#include linux/skbuff.h
#include linux/netfilter.h
+#include linux/seq_file.h
#include net/protocol.h
#include nf_internals.h
diff --git a/net/netfilter/nf_queue.c b/net/netfilter/nf_queue.c
--- a/net/netfilter/nf_queue.c
+++ b/net/netfilter/nf_queue.c
@@ -5,6 +5,7 @@
#include linux/proc_fs.h
#include linux/skbuff.h
#include linux/netfilter.h
+#include linux/seq_file.h
#include net/protocol.h
#include nf_internals.h
@@ -14,17 +15,12 @@
[NETFILTER]: more verbose return codes from nf_{log,queue}
tree 650d0bdca48e7f3ea6bc356f6aa868f34c6a226f
parent bbd86b9fc469b7e91dc7444e6abb8930811d79cb
author Harald Welte [EMAIL PROTECTED] Wed, 10 Aug 2005 10:23:36 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:51:21 -0700
[NETFILTER]: more verbose return codes from nf_{log,queue}
This adds EEXIST to distinguish between the following return values:
0: nobody was registered, registration successful
EEXIST: the exact same handler was already registered, no registration
required
EBUSY: somebody else is registered, registration unsuccessful.
Signed-off-by: Harald Welte [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
net/netfilter/nf_log.c |6 +-
net/netfilter/nf_queue.c |6 +-
2 files changed, 10 insertions(+), 2 deletions(-)
diff --git a/net/netfilter/nf_log.c b/net/netfilter/nf_log.c
--- a/net/netfilter/nf_log.c
+++ b/net/netfilter/nf_log.c
@@ -18,6 +18,8 @@
static struct nf_logger *nf_logging[NPROTO]; /* = NULL */
static DEFINE_SPINLOCK(nf_log_lock);
+/* return EBUSY if somebody else is registered, EEXIST if the same logger
+ * is registred, 0 on success. */
int nf_log_register(int pf, struct nf_logger *logger)
{
int ret = -EBUSY;
@@ -28,7 +30,9 @@ int nf_log_register(int pf, struct nf_lo
if (!nf_logging[pf]) {
rcu_assign_pointer(nf_logging[pf], logger);
ret = 0;
- }
+ } else if (nf_logging[pf] == logger)
+ ret = -EEXIST;
+
spin_unlock(nf_log_lock);
return ret;
}
diff --git a/net/netfilter/nf_queue.c b/net/netfilter/nf_queue.c
--- a/net/netfilter/nf_queue.c
+++ b/net/netfilter/nf_queue.c
@@ -20,6 +20,8 @@ static struct nf_queue_rerouter *queue_r
static DEFINE_RWLOCK(queue_handler_lock);
+/* return EBUSY when somebody else is registered, return EEXIST if the
+ * same handler is registered, return 0 in case of success. */
int nf_register_queue_handler(int pf, struct nf_queue_handler *qh)
{
int ret;
@@ -28,7 +30,9 @@ int nf_register_queue_handler(int pf, st
return -EINVAL;
write_lock_bh(queue_handler_lock);
- if (queue_handler[pf])
+ if (queue_handler[pf] == qh)
+ ret = -EEXIST;
+ else if (queue_handler[pf])
ret = -EBUSY;
else {
queue_handler[pf] = qh;
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
[NETFILTER]: return ENOMEM when ip_conntrack_alloc() fails.
tree f485ca844f9b854ea53a92263d4cfb533849ee86
parent 8a61fadb3908454ccfa538aaa75eb1d22def5700
author Yasuyuki Kozakai [EMAIL PROTECTED] Wed, 10 Aug 2005 10:24:15 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:51:28 -0700
[NETFILTER]: return ENOMEM when ip_conntrack_alloc() fails.
This patch fixes the bug which doesn't return ERR_PTR(-ENOMEM) if it
failed to allocate memory space from slab cache. This bug leads to
erroneously not dropped packets under stress, and wrong statistic
counters ('invalid' is incremented instead of 'drop'). It was
introduced during the ctnetlink merge in the net-2.6.14 tree, so no
stable or mainline releases affected.
Signed-off-by: Yasuyuki Kozakai [EMAIL PROTECTED]
Signed-off-by: Harald Welte [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
net/ipv4/netfilter/ip_conntrack_core.c |7 ---
1 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/net/ipv4/netfilter/ip_conntrack_core.c
b/net/ipv4/netfilter/ip_conntrack_core.c
--- a/net/ipv4/netfilter/ip_conntrack_core.c
+++ b/net/ipv4/netfilter/ip_conntrack_core.c
@@ -655,7 +655,7 @@ struct ip_conntrack *ip_conntrack_alloc(
conntrack = kmem_cache_alloc(ip_conntrack_cachep, GFP_ATOMIC);
if (!conntrack) {
DEBUGP(Can't allocate conntrack.\n);
- return NULL;
+ return ERR_PTR(-ENOMEM);
}
memset(conntrack, 0, sizeof(*conntrack));
@@ -696,8 +696,9 @@ init_conntrack(struct ip_conntrack_tuple
return NULL;
}
- if (!(conntrack = ip_conntrack_alloc(tuple, repl_tuple)))
- return NULL;
+ conntrack = ip_conntrack_alloc(tuple, repl_tuple);
+ if (conntrack == NULL || IS_ERR(conntrack))
+ return (struct ip_conntrack_tuple_hash *)conntrack;
if (!protocol-new(conntrack, skb)) {
ip_conntrack_free(conntrack);
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
[IPV4]: fib_trie: Use const
tree 48fb873d1f030a49747cc574636e80a3a9e99ac2
parent 2f80b3c8262d0d646812f776db024d88d569a0c1
author Stephen Hemmigner [EMAIL PROTECTED] Wed, 10 Aug 2005 10:25:39 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:54:08 -0700
[IPV4]: fib_trie: Use const
Use const where possible and get rid of EXTRACT() macro
that was never used.
Signed-off-by: Stephen Hemmigner [EMAIL PROTECTED]
Signed-off-by: Robert Olsson [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
net/ipv4/fib_trie.c |7 ++-
1 files changed, 2 insertions(+), 5 deletions(-)
diff --git a/net/ipv4/fib_trie.c b/net/ipv4/fib_trie.c
--- a/net/ipv4/fib_trie.c
+++ b/net/ipv4/fib_trie.c
@@ -77,7 +77,6 @@
#undef CONFIG_IP_FIB_TRIE_STATS
#define MAX_CHILDS 16384
-#define EXTRACT(p, n, str) ((str)(p)(32-(n)))
#define KEYLENGTH (8*sizeof(t_key))
#define MASK_PFX(k, l) (((l)==0)?0:(k (KEYLENGTH-l)) (KEYLENGTH-l))
#define TKEY_GET_MASK(offset, bits) (((bits)==0)?0:((t_key)(-1) (KEYLENGTH
- bits) offset))
@@ -162,10 +161,8 @@ static int trie_debug = 0;
#define DBG(x...) do { if (trie_debug) printk(x); } while (0)
-static int tnode_full(struct tnode *tn, struct node *n);
static void put_child(struct trie *t, struct tnode *tn, int i, struct node *n);
static void tnode_put_child_reorg(struct tnode *tn, int i, struct node *n, int
wasfull);
-static int tnode_child_length(struct tnode *tn);
static struct node *resize(struct trie *t, struct tnode *tn);
static struct tnode *inflate(struct trie *t, struct tnode *tn);
static struct tnode *halve(struct trie *t, struct tnode *tn);
@@ -188,7 +185,7 @@ static inline struct node *tnode_get_chi
return tn-child[i];
}
-static inline int tnode_child_length(struct tnode *tn)
+static inline int tnode_child_length(const struct tnode *tn)
{
return 1 tn-bits;
}
@@ -400,7 +397,7 @@ static void tnode_free(struct tnode *tn)
* and no bits are skipped. See discussion in dyntree paper p. 6
*/
-static inline int tnode_full(struct tnode *tn, struct node *n)
+static inline int tnode_full(const struct tnode *tn, const struct node *n)
{
if (n == NULL || IS_LEAF(n))
return 0;
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
[NETFILTER]: New iptables DCCP protocol header match
tree 3e249fc3ecd33bdec336208a29f0a8fdea062439
parent e2e268665f6c01686b477a6b0cc5a70bab689d54
author Harald Welte [EMAIL PROTECTED] Wed, 10 Aug 2005 10:26:55 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:54:28 -0700
[NETFILTER]: New iptables DCCP protocol header match
Using this new iptables DCCP protocol header match, it is possible to
create simplistic stateless packet filtering rules for DCCP. It
permits matching of port numbers, packet type and options.
Signed-off-by: Harald Welte [EMAIL PROTECTED]
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/linux/dccp.h| 16 ++
include/linux/netfilter_ipv4/ipt_dccp.h | 23
net/ipv4/netfilter/Kconfig | 11 ++
net/ipv4/netfilter/Makefile |1
net/ipv4/netfilter/ipt_dccp.c | 176
5 files changed, 224 insertions(+), 3 deletions(-)
diff --git a/include/linux/dccp.h b/include/linux/dccp.h
--- a/include/linux/dccp.h
+++ b/include/linux/dccp.h
@@ -242,10 +242,15 @@ static inline struct dccp_hdr_ext *dccp_
return (struct dccp_hdr_ext *)(skb-h.raw + sizeof(struct dccp_hdr));
}
+static inline unsigned int __dccp_basic_hdr_len(const struct dccp_hdr *dh)
+{
+ return sizeof(*dh) + (dh-dccph_x ? sizeof(struct dccp_hdr_ext) : 0);
+}
+
static inline unsigned int dccp_basic_hdr_len(const struct sk_buff *skb)
{
const struct dccp_hdr *dh = dccp_hdr(skb);
- return sizeof(*dh) + (dh-dccph_x ? sizeof(struct dccp_hdr_ext) : 0);
+ return __dccp_basic_hdr_len(dh);
}
static inline __u64 dccp_hdr_seq(const struct sk_buff *skb)
@@ -297,10 +302,15 @@ static inline struct dccp_hdr_reset *dcc
return (struct dccp_hdr_reset *)(skb-h.raw + dccp_basic_hdr_len(skb));
}
+static inline unsigned int __dccp_hdr_len(const struct dccp_hdr *dh)
+{
+ return __dccp_basic_hdr_len(dh) +
+ dccp_packet_hdr_len(dh-dccph_type);
+}
+
static inline unsigned int dccp_hdr_len(const struct sk_buff *skb)
{
- return dccp_basic_hdr_len(skb) +
- dccp_packet_hdr_len(dccp_hdr(skb)-dccph_type);
+ return __dccp_hdr_len(dccp_hdr(skb));
}
diff --git a/include/linux/netfilter_ipv4/ipt_dccp.h
b/include/linux/netfilter_ipv4/ipt_dccp.h
new file mode 100644
--- /dev/null
+++ b/include/linux/netfilter_ipv4/ipt_dccp.h
@@ -0,0 +1,23 @@
+#ifndef _IPT_DCCP_H_
+#define _IPT_DCCP_H_
+
+#define IPT_DCCP_SRC_PORTS 0x01
+#define IPT_DCCP_DEST_PORTS0x02
+#define IPT_DCCP_TYPE 0x04
+#define IPT_DCCP_OPTION0x08
+
+#define IPT_DCCP_VALID_FLAGS 0x0f
+
+struct ipt_dccp_info {
+ u_int16_t dpts[2]; /* Min, Max */
+ u_int16_t spts[2]; /* Min, Max */
+
+ u_int16_t flags;
+ u_int16_t invflags;
+
+ u_int16_t typemask;
+ u_int8_t option;
+};
+
+#endif /* _IPT_DCCP_H_ */
+
diff --git a/net/ipv4/netfilter/Kconfig b/net/ipv4/netfilter/Kconfig
--- a/net/ipv4/netfilter/Kconfig
+++ b/net/ipv4/netfilter/Kconfig
@@ -354,6 +354,17 @@ config IP_NF_MATCH_SCTP
If you want to compile it as a module, say M here and read
file:Documentation/modules.txt. If unsure, say `N'.
+config IP_NF_MATCH_DCCP
+ tristate 'DCCP protocol match support'
+ depends on IP_NF_IPTABLES
+ help
+ With this option enabled, you will be able to use the iptables
+ `dccp' match in order to match on DCCP source/destination ports
+ and DCCP flags.
+
+ If you want to compile it as a module, say M here and read
+ file:Documentation/modules.txt. If unsure, say `N'.
+
config IP_NF_MATCH_COMMENT
tristate 'comment match support'
depends on IP_NF_IPTABLES
diff --git a/net/ipv4/netfilter/Makefile b/net/ipv4/netfilter/Makefile
--- a/net/ipv4/netfilter/Makefile
+++ b/net/ipv4/netfilter/Makefile
@@ -42,6 +42,7 @@ obj-$(CONFIG_IP_NF_MATCH_HELPER) += ipt_
obj-$(CONFIG_IP_NF_MATCH_LIMIT) += ipt_limit.o
obj-$(CONFIG_IP_NF_MATCH_HASHLIMIT) += ipt_hashlimit.o
obj-$(CONFIG_IP_NF_MATCH_SCTP) += ipt_sctp.o
+obj-$(CONFIG_IP_NF_MATCH_DCCP) += ipt_dccp.o
obj-$(CONFIG_IP_NF_MATCH_MARK) += ipt_mark.o
obj-$(CONFIG_IP_NF_MATCH_MAC) += ipt_mac.o
obj-$(CONFIG_IP_NF_MATCH_IPRANGE) += ipt_iprange.o
diff --git a/net/ipv4/netfilter/ipt_dccp.c b/net/ipv4/netfilter/ipt_dccp.c
new file mode 100644
--- /dev/null
+++ b/net/ipv4/netfilter/ipt_dccp.c
@@ -0,0 +1,176 @@
+/*
+ * iptables module for DCCP protocol header matching
+ *
+ * (C) 2005 by Harald Welte [EMAIL PROTECTED]
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include linux/module.h
+#include linux/skbuff.h
+#include linux/spinlock.h
+#include net/ip.h
+#include linux/dccp.h
+
+#include
[DCCP]: Fix u64 printf format warnings.
tree c0b6446bf3ebf84437eeb16d357a7845598de206
parent 1d3de414eb20d937d82c5219fd13ee4cedc499cb
author David S. Miller [EMAIL PROTECTED] Wed, 10 Aug 2005 10:27:14 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:54:34 -0700
[DCCP]: Fix u64 printf format warnings.
Signed-off-by: David S. Miller [EMAIL PROTECTED]
net/dccp/input.c |4 +++-
net/dccp/ipv4.c |6 --
net/dccp/minisocks.c |5 -
net/dccp/options.c | 35 +--
4 files changed, 36 insertions(+), 14 deletions(-)
diff --git a/net/dccp/input.c b/net/dccp/input.c
--- a/net/dccp/input.c
+++ b/net/dccp/input.c
@@ -274,7 +274,9 @@ static int dccp_rcv_request_sent_state_p
if (!between48(DCCP_SKB_CB(skb)-dccpd_ack_seq, dp-dccps_awl,
dp-dccps_awh)) {
dccp_pr_debug(invalid ackno: S.AWL=%llu, P.ackno=%llu,
S.AWH=%llu \n,
- dp-dccps_awl,
DCCP_SKB_CB(skb)-dccpd_ack_seq, dp-dccps_awh);
+ (unsigned long long) dp-dccps_awl,
+ (unsigned long long)
DCCP_SKB_CB(skb)-dccpd_ack_seq,
+ (unsigned long long) dp-dccps_awh);
goto out_invalid_packet;
}
diff --git a/net/dccp/ipv4.c b/net/dccp/ipv4.c
--- a/net/dccp/ipv4.c
+++ b/net/dccp/ipv4.c
@@ -1092,14 +1092,16 @@ int dccp_v4_rcv(struct sk_buff *skb)
dccp_packet_name(dh-dccph_type),
NIPQUAD(skb-nh.iph-saddr), ntohs(dh-dccph_sport),
NIPQUAD(skb-nh.iph-daddr), ntohs(dh-dccph_dport),
- DCCP_SKB_CB(skb)-dccpd_seq);
+ (unsigned long long) DCCP_SKB_CB(skb)-dccpd_seq);
if (dccp_packet_without_ack(skb)) {
DCCP_SKB_CB(skb)-dccpd_ack_seq = DCCP_PKT_WITHOUT_ACK_SEQ;
dccp_pr_debug_cat(\n);
} else {
DCCP_SKB_CB(skb)-dccpd_ack_seq = dccp_hdr_ack_seq(skb);
- dccp_pr_debug_cat(, ack=%llu\n,
DCCP_SKB_CB(skb)-dccpd_ack_seq);
+ dccp_pr_debug_cat(, ack=%llu\n,
+ (unsigned long long)
+ DCCP_SKB_CB(skb)-dccpd_ack_seq);
}
/* Step 2:
diff --git a/net/dccp/minisocks.c b/net/dccp/minisocks.c
--- a/net/dccp/minisocks.c
+++ b/net/dccp/minisocks.c
@@ -142,7 +142,10 @@ struct sock *dccp_check_req(struct sock
/* Invalid ACK */
if (DCCP_SKB_CB(skb)-dccpd_ack_seq != dccp_rsk(req)-dreq_iss) {
dccp_pr_debug(Invalid ACK number: ack_seq=%llu,
dreq_iss=%llu\n,
- DCCP_SKB_CB(skb)-dccpd_ack_seq,
dccp_rsk(req)-dreq_iss);
+ (unsigned long long)
+ DCCP_SKB_CB(skb)-dccpd_ack_seq,
+ (unsigned long long)
+ dccp_rsk(req)-dreq_iss);
goto drop;
}
diff --git a/net/dccp/options.c b/net/dccp/options.c
--- a/net/dccp/options.c
+++ b/net/dccp/options.c
@@ -119,7 +119,9 @@ int dccp_parse_options(struct sock *sk,
opt_recv-dccpor_ack_vector_idx = value - options;
dccp_pr_debug(%sACK vector 0, len=%d,
ack_ackno=%llu\n,
- debug_prefix, len,
DCCP_SKB_CB(skb)-dccpd_ack_seq);
+ debug_prefix, len,
+ (unsigned long long)
+ DCCP_SKB_CB(skb)-dccpd_ack_seq);
dccp_ackvector_print(DCCP_SKB_CB(skb)-dccpd_ack_seq,
value, len);
dccp_ackpkts_check_rcv_ackvector(dp-dccps_hc_rx_ackpkts, sk,
@@ -137,6 +139,7 @@ int dccp_parse_options(struct sock *sk,
dccp_pr_debug(%sTIMESTAMP=%u, ackno=%llu\n,
debug_prefix, opt_recv-dccpor_timestamp,
+ (unsigned long long)
DCCP_SKB_CB(skb)-dccpd_ack_seq);
break;
case DCCPO_TIMESTAMP_ECHO:
@@ -147,7 +150,9 @@ int dccp_parse_options(struct sock *sk,
dccp_pr_debug(%sTIMESTAMP_ECHO=%u, len=%d, ackno=%llu,
diff=%u\n,
debug_prefix,
opt_recv-dccpor_timestamp_echo,
- len + 2, DCCP_SKB_CB(skb)-dccpd_ack_seq,
+ len + 2,
+ (unsigned long long)
+ DCCP_SKB_CB(skb)-dccpd_ack_seq,
tcp_time_stamp -
opt_recv-dccpor_timestamp_echo);
opt_recv-dccpor_elapsed_time =
dccp_decode_value_var(value + 4, len - 4);
@@ -308,7 +313,8 @@ void dccp_insert_option_elapsed_time(str
[Bluetooth]: Update and cleanup of the virtual HCI driver
tree 464078550df33ac4f9c8eaf286e95a4f5f46a890
parent f6ccf55419c4f0021e7382f000f2fd14a29f3d3c
author Marcel Holtmann [EMAIL PROTECTED] Wed, 10 Aug 2005 10:27:37 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:54:42 -0700
[Bluetooth]: Update and cleanup of the virtual HCI driver
This patch cleans up the virtual HCI driver. It also adds support for
the dynamic minor device number allocation.
Signed-off-by: Marcel Holtmann [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
drivers/bluetooth/hci_vhci.h | 50 -
drivers/bluetooth/hci_vhci.c | 368 ++-
2 files changed, 194 insertions(+), 224 deletions(-)
diff --git a/drivers/bluetooth/hci_vhci.c b/drivers/bluetooth/hci_vhci.c
--- a/drivers/bluetooth/hci_vhci.c
+++ b/drivers/bluetooth/hci_vhci.c
@@ -1,229 +1,220 @@
-/*
- BlueZ - Bluetooth protocol stack for Linux
- Copyright (C) 2000-2001 Qualcomm Incorporated
-
- Written 2000,2001 by Maxim Krasnyansky [EMAIL PROTECTED]
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License version 2 as
- published by the Free Software Foundation;
-
- THE SOFTWARE IS PROVIDED AS IS, WITHOUT WARRANTY OF ANY KIND, EXPRESS
- OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
- IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
- CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
- WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-
- ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
- COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
- SOFTWARE IS DISCLAIMED.
-*/
-
/*
- * Bluetooth HCI virtual device driver.
*
- * $Id: hci_vhci.c,v 1.3 2002/04/17 17:37:20 maxk Exp $
+ * Bluetooth virtual HCI driver
+ *
+ * Copyright (C) 2000-2001 Qualcomm Incorporated
+ * Copyright (C) 2002-2003 Maxim Krasnyansky [EMAIL PROTECTED]
+ * Copyright (C) 2004-2005 Marcel Holtmann [EMAIL PROTECTED]
+ *
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
*/
-#define VERSION 1.1
#include linux/config.h
#include linux/module.h
-#include linux/errno.h
#include linux/kernel.h
-#include linux/major.h
-#include linux/sched.h
+#include linux/init.h
#include linux/slab.h
+#include linux/types.h
+#include linux/errno.h
+#include linux/sched.h
#include linux/poll.h
-#include linux/fcntl.h
-#include linux/init.h
-#include linux/random.h
#include linux/skbuff.h
#include linux/miscdevice.h
-#include asm/system.h
-#include asm/uaccess.h
-
#include net/bluetooth/bluetooth.h
#include net/bluetooth/hci_core.h
-#include hci_vhci.h
-/* HCI device part */
+#ifndef CONFIG_BT_HCIVHCI_DEBUG
+#undef BT_DBG
+#define BT_DBG(D...)
+#endif
+
+#define VERSION 1.2
+
+static int minor = MISC_DYNAMIC_MINOR;
-static int hci_vhci_open(struct hci_dev *hdev)
+struct vhci_data {
+ struct hci_dev *hdev;
+
+ unsigned long flags;
+
+ wait_queue_head_t read_wait;
+ struct sk_buff_head readq;
+
+ struct fasync_struct *fasync;
+};
+
+#define VHCI_FASYNC0x0010
+
+static struct miscdevice vhci_miscdev;
+
+static int vhci_open_dev(struct hci_dev *hdev)
{
set_bit(HCI_RUNNING, hdev-flags);
- return 0;
-}
-static int hci_vhci_flush(struct hci_dev *hdev)
-{
- struct hci_vhci_struct *hci_vhci = (struct hci_vhci_struct *)
hdev-driver_data;
- skb_queue_purge(hci_vhci-readq);
return 0;
}
-static int hci_vhci_close(struct hci_dev *hdev)
+static int vhci_close_dev(struct hci_dev *hdev)
{
+ struct vhci_data *vhci = hdev-driver_data;
+
if (!test_and_clear_bit(HCI_RUNNING, hdev-flags))
return 0;
- hci_vhci_flush(hdev);
+ skb_queue_purge(vhci-readq);
+
return 0;
}
-static void hci_vhci_destruct(struct hci_dev *hdev)
+static int vhci_flush(struct hci_dev *hdev)
{
- struct hci_vhci_struct *vhci;
+ struct vhci_data *vhci =
[Bluetooth]: Workaround for inquiry results with RSSI and page scan mode
tree f8eb941e9ba34345652ab6330ab6b84c8598dec1
parent 4aa769b99724953a6f322c648c0cfbe8c6616382
author Marcel Holtmann [EMAIL PROTECTED] Wed, 10 Aug 2005 10:27:49 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:54:47 -0700
[Bluetooth]: Workaround for inquiry results with RSSI and page scan mode
This patch implements a workaround for buggy Bluetooth 1.2 devices from
Silicon Wave. Their inquiry results with RSSI contain the page scan mode
field. This field was removed in the final Bluetooth 1.2 specification.
Signed-off-by: Marcel Holtmann [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/net/bluetooth/hci.h |9 +++
net/bluetooth/hci_event.c | 55 +---
2 files changed, 51 insertions(+), 13 deletions(-)
diff --git a/include/net/bluetooth/hci.h b/include/net/bluetooth/hci.h
--- a/include/net/bluetooth/hci.h
+++ b/include/net/bluetooth/hci.h
@@ -453,6 +453,15 @@ struct inquiry_info_with_rssi {
__u16clock_offset;
__s8 rssi;
} __attribute__ ((packed));
+struct inquiry_info_with_rssi_and_pscan_mode {
+ bdaddr_t bdaddr;
+ __u8 pscan_rep_mode;
+ __u8 pscan_period_mode;
+ __u8 pscan_mode;
+ __u8 dev_class[3];
+ __u16clock_offset;
+ __s8 rssi;
+} __attribute__ ((packed));
#define HCI_EV_CONN_COMPLETE 0x03
struct hci_ev_conn_complete {
diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
--- a/net/bluetooth/hci_event.c
+++ b/net/bluetooth/hci_event.c
@@ -484,14 +484,18 @@ static inline void hci_inquiry_complete_
/* Inquiry Result */
static inline void hci_inquiry_result_evt(struct hci_dev *hdev, struct sk_buff
*skb)
{
+ struct inquiry_data data;
struct inquiry_info *info = (struct inquiry_info *) (skb-data + 1);
int num_rsp = *((__u8 *) skb-data);
BT_DBG(%s num_rsp %d, hdev-name, num_rsp);
+ if (!num_rsp)
+ return;
+
hci_dev_lock(hdev);
+
for (; num_rsp; num_rsp--) {
- struct inquiry_data data;
bacpy(data.bdaddr, info-bdaddr);
data.pscan_rep_mode = info-pscan_rep_mode;
data.pscan_period_mode = info-pscan_period_mode;
@@ -502,30 +506,55 @@ static inline void hci_inquiry_result_ev
info++;
hci_inquiry_cache_update(hdev, data);
}
+
hci_dev_unlock(hdev);
}
/* Inquiry Result With RSSI */
static inline void hci_inquiry_result_with_rssi_evt(struct hci_dev *hdev,
struct sk_buff *skb)
{
- struct inquiry_info_with_rssi *info = (struct inquiry_info_with_rssi *)
(skb-data + 1);
+ struct inquiry_data data;
int num_rsp = *((__u8 *) skb-data);
BT_DBG(%s num_rsp %d, hdev-name, num_rsp);
+ if (!num_rsp)
+ return;
+
hci_dev_lock(hdev);
- for (; num_rsp; num_rsp--) {
- struct inquiry_data data;
- bacpy(data.bdaddr, info-bdaddr);
- data.pscan_rep_mode = info-pscan_rep_mode;
- data.pscan_period_mode = info-pscan_period_mode;
- data.pscan_mode = 0x00;
- memcpy(data.dev_class, info-dev_class, 3);
- data.clock_offset = info-clock_offset;
- data.rssi = info-rssi;
- info++;
- hci_inquiry_cache_update(hdev, data);
+
+ if ((skb-len - 1) / num_rsp != sizeof(struct inquiry_info_with_rssi)) {
+ struct inquiry_info_with_rssi_and_pscan_mode *info =
+ (struct inquiry_info_with_rssi_and_pscan_mode *)
(skb-data + 1);
+
+ for (; num_rsp; num_rsp--) {
+ bacpy(data.bdaddr, info-bdaddr);
+ data.pscan_rep_mode = info-pscan_rep_mode;
+ data.pscan_period_mode = info-pscan_period_mode;
+ data.pscan_mode = info-pscan_mode;
+ memcpy(data.dev_class, info-dev_class, 3);
+ data.clock_offset = info-clock_offset;
+ data.rssi = info-rssi;
+ info++;
+ hci_inquiry_cache_update(hdev, data);
+ }
+ } else {
+ struct inquiry_info_with_rssi *info =
+ (struct inquiry_info_with_rssi *) (skb-data + 1);
+
+ for (; num_rsp; num_rsp--) {
+ bacpy(data.bdaddr, info-bdaddr);
+ data.pscan_rep_mode = info-pscan_rep_mode;
+ data.pscan_period_mode = info-pscan_period_mode;
+ data.pscan_mode = 0x00;
+ memcpy(data.dev_class, info-dev_class, 3);
+ data.clock_offset = info-clock_offset;
+ data.rssi = info-rssi;
+
[Bluetooth]: Call tty_hangup() when DCD is de-asserted
tree 0cbd3c78723f3a66b9a35c725fa1328ebad28453
parent 85a1e930bf628700e8e9c166b1f5c1c26d3651cc
author Timo Ter�s [EMAIL PROTECTED] Wed, 10 Aug 2005 10:28:21 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:54:58 -0700
[Bluetooth]: Call tty_hangup() when DCD is de-asserted
The RFCOMM layer does not handle properly the de-assertation
of CD signal. It should call tty_hangup() to work properly.
Signed-off-by: Timo Ter�s [EMAIL PROTECTED]
Signed-off-by: Marcel Holtmann [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
net/bluetooth/rfcomm/tty.c |7 ++-
1 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/net/bluetooth/rfcomm/tty.c b/net/bluetooth/rfcomm/tty.c
--- a/net/bluetooth/rfcomm/tty.c
+++ b/net/bluetooth/rfcomm/tty.c
@@ -528,9 +528,14 @@ static void rfcomm_dev_modem_status(stru
struct rfcomm_dev *dev = dlc-owner;
if (!dev)
return;
-
+
BT_DBG(dlc %p dev %p v24_sig 0x%02x, dlc, dev, v24_sig);
+ if ((dev-modem_status TIOCM_CD) !(v24_sig RFCOMM_V24_DV)) {
+ if (dev-tty !C_CLOCAL(dev-tty))
+ tty_hangup(dev-tty);
+ }
+
dev-modem_status =
((v24_sig RFCOMM_V24_RTC) ? (TIOCM_DSR | TIOCM_DTR) : 0) |
((v24_sig RFCOMM_V24_RTR) ? (TIOCM_RTS | TIOCM_CTS) : 0) |
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
[Bluetooth]: Implement RFCOMM remote port negotiation
tree b9761b89aaba6537d06893091a2f43c9a8e17c3f
parent 7b9eb9e2099f6f4acd6a36bcd7820d27c3cf5ee3
author J. Suter [EMAIL PROTECTED] Wed, 10 Aug 2005 10:28:46 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:55:03 -0700
[Bluetooth]: Implement RFCOMM remote port negotiation
This patch implements the remote port negotiation (RPN) of the RFCOMM
protocol for Bluetooth.
Signed-off-by: J. Suter [EMAIL PROTECTED]
Signed-off-by: Marcel Holtmann [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/net/bluetooth/rfcomm.h | 12 +-
net/bluetooth/rfcomm/core.c| 71 +++
net/bluetooth/rfcomm/tty.c | 191 +
3 files changed, 202 insertions(+), 72 deletions(-)
diff --git a/include/net/bluetooth/rfcomm.h b/include/net/bluetooth/rfcomm.h
--- a/include/net/bluetooth/rfcomm.h
+++ b/include/net/bluetooth/rfcomm.h
@@ -80,9 +80,9 @@
#define RFCOMM_RPN_STOP_15 1
#define RFCOMM_RPN_PARITY_NONE 0x0
-#define RFCOMM_RPN_PARITY_ODD 0x4
-#define RFCOMM_RPN_PARITY_EVEN 0x5
-#define RFCOMM_RPN_PARITY_MARK 0x6
+#define RFCOMM_RPN_PARITY_ODD 0x1
+#define RFCOMM_RPN_PARITY_EVEN 0x3
+#define RFCOMM_RPN_PARITY_MARK 0x5
#define RFCOMM_RPN_PARITY_SPACE0x7
#define RFCOMM_RPN_FLOW_NONE 0x00
@@ -223,6 +223,12 @@ struct rfcomm_dlc {
#define RFCOMM_CFC_DISABLED 0
#define RFCOMM_CFC_ENABLED RFCOMM_MAX_CREDITS
+/* RFCOMM SEND RPN */
+int rfcomm_send_rpn(struct rfcomm_session *s, int cr, u8 dlci,
+ u8 bit_rate, u8 data_bits, u8 stop_bits,
+ u8 parity, u8 flow_ctrl_settings,
+ u8 xon_char, u8 xoff_char, u16 param_mask);
+
/* RFCOMM DLCs (channels) */
struct rfcomm_dlc *rfcomm_dlc_alloc(int prio);
void rfcomm_dlc_free(struct rfcomm_dlc *d);
diff --git a/net/bluetooth/rfcomm/core.c b/net/bluetooth/rfcomm/core.c
--- a/net/bluetooth/rfcomm/core.c
+++ b/net/bluetooth/rfcomm/core.c
@@ -21,10 +21,6 @@
SOFTWARE IS DISCLAIMED.
*/
-/*
- RPN support-Dirk Husemann [EMAIL PROTECTED]
-*/
-
/*
* Bluetooth RFCOMM core.
*
@@ -115,10 +111,10 @@ static void rfcomm_session_del(struct rf
#define __get_mcc_len(b) ((b 0xfe) 1)
/* RPN macros */
-#define __rpn_line_settings(data, stop, parity) ((data 0x3) | ((stop 0x1)
2) | ((parity 0x3) 3))
+#define __rpn_line_settings(data, stop, parity) ((data 0x3) | ((stop 0x1)
2) | ((parity 0x7) 3))
#define __get_rpn_data_bits(line) ((line) 0x3)
#define __get_rpn_stop_bits(line) (((line) 2) 0x1)
-#define __get_rpn_parity(line)(((line) 3) 0x3)
+#define __get_rpn_parity(line)(((line) 3) 0x7)
static inline void rfcomm_schedule(uint event)
{
@@ -780,10 +776,10 @@ static int rfcomm_send_pn(struct rfcomm_
return rfcomm_send_frame(s, buf, ptr - buf);
}
-static int rfcomm_send_rpn(struct rfcomm_session *s, int cr, u8 dlci,
- u8 bit_rate, u8 data_bits, u8 stop_bits,
- u8 parity, u8 flow_ctrl_settings,
- u8 xon_char, u8 xoff_char, u16 param_mask)
+int rfcomm_send_rpn(struct rfcomm_session *s, int cr, u8 dlci,
+ u8 bit_rate, u8 data_bits, u8 stop_bits,
+ u8 parity, u8 flow_ctrl_settings,
+ u8 xon_char, u8 xoff_char, u16 param_mask)
{
struct rfcomm_hdr *hdr;
struct rfcomm_mcc *mcc;
@@ -791,9 +787,9 @@ static int rfcomm_send_rpn(struct rfcomm
u8 buf[16], *ptr = buf;
BT_DBG(%p cr %d dlci %d bit_r 0x%x data_b 0x%x stop_b 0x%x parity 0x%x
- flwc_s 0x%x xon_c 0x%x xoff_c 0x%x p_mask 0x%x,
- s, cr, dlci, bit_rate, data_bits, stop_bits, parity,
- flow_ctrl_settings, xon_char, xoff_char, param_mask);
+flwc_s 0x%x xon_c 0x%x xoff_c 0x%x p_mask 0x%x,
+ s, cr, dlci, bit_rate, data_bits, stop_bits, parity,
+ flow_ctrl_settings, xon_char, xoff_char, param_mask);
hdr = (void *) ptr; ptr += sizeof(*hdr);
hdr-addr = __addr(s-initiator, 0);
@@ -1265,16 +1261,16 @@ static int rfcomm_recv_rpn(struct rfcomm
u8 xon_char = 0;
u8 xoff_char = 0;
u16 rpn_mask = RFCOMM_RPN_PM_ALL;
-
- BT_DBG(dlci %d cr %d len 0x%x bitr 0x%x line 0x%x flow 0x%x xonc 0x%x
xoffc 0x%x pm 0x%x,
- dlci, cr, len, rpn-bit_rate, rpn-line_settings, rpn-flow_ctrl,
- rpn-xon_char, rpn-xoff_char, rpn-param_mask);
-
- if (!cr)
+
+ BT_DBG(dlci %d cr %d len 0x%x bitr 0x%x line 0x%x flow 0x%x xonc 0x%x
xoffc 0x%x pm 0x%x,
+ dlci, cr, len, rpn-bit_rate, rpn-line_settings,
rpn-flow_ctrl,
+ rpn-xon_char, rpn-xoff_char, rpn-param_mask);
+
+ if (!cr)
return 0;
-
+
if (len == 1) {
- /* request: return default setting */
+ /* This is a
[Bluetooth]: Move packet type into the SKB control buffer
tree 96a1cbfe83a02e27fed3d30f1ac9f2fe05c17506
parent 2eb25a6c34504254760e67172f7518d6bfdd7676
author Marcel Holtmann [EMAIL PROTECTED] Wed, 10 Aug 2005 10:30:28 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:55:13 -0700
[Bluetooth]: Move packet type into the SKB control buffer
This patch moves the usage of packet type into the SKB control
buffer. After this patch it is now possible to shrink the sk_buff
structure and redefine its pkt_type.
Signed-off-by: Marcel Holtmann [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
drivers/bluetooth/bfusb.c |8
drivers/bluetooth/bluecard_cs.c | 24
drivers/bluetooth/bpa10x.c| 14 +++---
drivers/bluetooth/bt3c_cs.c | 12 ++--
drivers/bluetooth/btuart_cs.c | 10 +-
drivers/bluetooth/dtl1_cs.c | 10 +-
drivers/bluetooth/hci_bcsp.c | 18 +-
drivers/bluetooth/hci_h4.c|4 ++--
drivers/bluetooth/hci_ldisc.c |4 ++--
drivers/bluetooth/hci_usb.c | 21 +++--
drivers/bluetooth/hci_vhci.c | 28 ++--
include/net/bluetooth/bluetooth.h |3 ++-
net/bluetooth/hci_core.c | 16
net/bluetooth/hci_event.c |2 +-
net/bluetooth/hci_sock.c | 18 ++
15 files changed, 98 insertions(+), 94 deletions(-)
diff --git a/drivers/bluetooth/bfusb.c b/drivers/bluetooth/bfusb.c
--- a/drivers/bluetooth/bfusb.c
+++ b/drivers/bluetooth/bfusb.c
@@ -330,7 +330,7 @@ static inline int bfusb_recv_block(struc
}
skb-dev = (void *) bfusb-hdev;
- skb-pkt_type = pkt_type;
+ bt_cb(skb)-pkt_type = pkt_type;
bfusb-reassembly = skb;
} else {
@@ -485,7 +485,7 @@ static int bfusb_send_frame(struct sk_bu
unsigned char buf[3];
int sent = 0, size, count;
- BT_DBG(hdev %p skb %p type %d len %d, hdev, skb, skb-pkt_type,
skb-len);
+ BT_DBG(hdev %p skb %p type %d len %d, hdev, skb,
bt_cb(skb)-pkt_type, skb-len);
if (!hdev) {
BT_ERR(Frame for unknown HCI device (hdev=NULL));
@@ -497,7 +497,7 @@ static int bfusb_send_frame(struct sk_bu
bfusb = (struct bfusb *) hdev-driver_data;
- switch (skb-pkt_type) {
+ switch (bt_cb(skb)-pkt_type) {
case HCI_COMMAND_PKT:
hdev-stat.cmd_tx++;
break;
@@ -510,7 +510,7 @@ static int bfusb_send_frame(struct sk_bu
};
/* Prepend skb with frame type */
- memcpy(skb_push(skb, 1), (skb-pkt_type), 1);
+ memcpy(skb_push(skb, 1), bt_cb(skb)-pkt_type, 1);
count = skb-len;
diff --git a/drivers/bluetooth/bluecard_cs.c b/drivers/bluetooth/bluecard_cs.c
--- a/drivers/bluetooth/bluecard_cs.c
+++ b/drivers/bluetooth/bluecard_cs.c
@@ -270,7 +270,7 @@ static void bluecard_write_wakeup(blueca
if (!(skb = skb_dequeue((info-txq
break;
- if (skb-pkt_type 0x80) {
+ if (bt_cb(skb)-pkt_type 0x80) {
/* Disable RTS */
info-ctrl_reg |= REG_CONTROL_RTS;
outb(info-ctrl_reg, iobase + REG_CONTROL);
@@ -288,13 +288,13 @@ static void bluecard_write_wakeup(blueca
/* Mark the buffer as dirty */
clear_bit(ready_bit, (info-tx_state));
- if (skb-pkt_type 0x80) {
+ if (bt_cb(skb)-pkt_type 0x80) {
DECLARE_WAIT_QUEUE_HEAD(wq);
DEFINE_WAIT(wait);
unsigned char baud_reg;
- switch (skb-pkt_type) {
+ switch (bt_cb(skb)-pkt_type) {
case PKT_BAUD_RATE_460800:
baud_reg = REG_CONTROL_BAUD_RATE_460800;
break;
@@ -410,9 +410,9 @@ static void bluecard_receive(bluecard_in
if (info-rx_state == RECV_WAIT_PACKET_TYPE) {
info-rx_skb-dev = (void *) info-hdev;
- info-rx_skb-pkt_type = buf[i];
+ bt_cb(info-rx_skb)-pkt_type = buf[i];
- switch (info-rx_skb-pkt_type) {
+ switch (bt_cb(info-rx_skb)-pkt_type) {
case 0x00:
/* init packet */
@@ -444,7 +444,7 @@ static void bluecard_receive(bluecard_in
default:
/* unknown packet */
- BT_ERR(Unknown HCI packet with type 0x%02x
received, info-rx_skb-pkt_type);
+ BT_ERR(Unknown HCI packet with type 0x%02x
received, bt_cb(info-rx_skb)-pkt_type);
info-hdev-stat.err_rx++;
[DCCP]: Initialize icsk_rto in dccp_v4_init_sock
tree fc21dfde1ae4c64c2ebcc56e4cdc84641fc06229 parent 27258ee54f8cd4a43d09319aa5448145afc2cb8d author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Wed, 10 Aug 2005 10:31:11 -0700 committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:55:43 -0700 [DCCP]: Initialize icsk_rto in dccp_v4_init_sock Fixes nasty bug related to the retransmit timer (yeah, DCCP does retransmits) firing too early. Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED] Signed-off-by: David S. Miller [EMAIL PROTECTED] net/dccp/ipv4.c |1 + 1 files changed, 1 insertion(+) diff --git a/net/dccp/ipv4.c b/net/dccp/ipv4.c --- a/net/dccp/ipv4.c +++ b/net/dccp/ipv4.c @@ -1219,6 +1219,7 @@ static int dccp_v4_init_sock(struct sock dccp_ctl_socket_init = 0; dccp_init_xmit_timers(sk); + inet_csk(sk)-icsk_rto = DCCP_TIMEOUT_INIT; sk-sk_state = DCCP_CLOSED; dp-dccps_mss_cache = 536; dp-dccps_role = DCCP_ROLE_UNDEFINED; - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[TIMEWAIT]: Introduce inet_timewait_death_row
tree e16e99e32fb01ae3dfd221b5d47a88acfeb8
parent 0b4e03bf0bc43ad6250a1e2fa25fc3eb2b028977
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Wed, 10 Aug 2005 10:44:40
-0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:55:48 -0700
[TIMEWAIT]: Introduce inet_timewait_death_row
That groups all of the tables and variables associated to the TCP timewait
schedulling/recycling/killing code, that now can be isolated from the TCP
specific code and used by other transport protocols, such as DCCP.
Next changeset will move this code to net/ipv4/inet_timewait_sock.c
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/net/inet_timewait_sock.h | 57
include/net/tcp.h| 36 -
net/ipv4/proc.c |2
net/ipv4/sysctl_net_ipv4.c |4
net/ipv4/tcp.c |4
net/ipv4/tcp_ipv4.c | 11 -
net/ipv4/tcp_minisocks.c | 254 +++
net/ipv6/tcp_ipv6.c |9 -
8 files changed, 206 insertions(+), 171 deletions(-)
diff --git a/include/net/inet_timewait_sock.h b/include/net/inet_timewait_sock.h
--- a/include/net/inet_timewait_sock.h
+++ b/include/net/inet_timewait_sock.h
@@ -19,13 +19,69 @@
#include linux/ip.h
#include linux/list.h
+#include linux/timer.h
#include linux/types.h
+#include linux/workqueue.h
#include net/sock.h
#include net/tcp_states.h
#include asm/atomic.h
+struct inet_hashinfo;
+
+#define INET_TWDR_RECYCLE_SLOTS_LOG5
+#define INET_TWDR_RECYCLE_SLOTS(1
INET_TWDR_RECYCLE_SLOTS_LOG)
+
+/*
+ * If time 4sec, it is slow path, no recycling is required,
+ * so that we select tick to get range about 4 seconds.
+ */
+#if HZ = 16 || HZ 4096
+# error Unsupported: HZ = 16 or HZ 4096
+#elif HZ = 32
+# define INET_TWDR_RECYCLE_TICK (5 + 2 - INET_TWDR_RECYCLE_SLOTS_LOG)
+#elif HZ = 64
+# define INET_TWDR_RECYCLE_TICK (6 + 2 - INET_TWDR_RECYCLE_SLOTS_LOG)
+#elif HZ = 128
+# define INET_TWDR_RECYCLE_TICK (7 + 2 - INET_TWDR_RECYCLE_SLOTS_LOG)
+#elif HZ = 256
+# define INET_TWDR_RECYCLE_TICK (8 + 2 - INET_TWDR_RECYCLE_SLOTS_LOG)
+#elif HZ = 512
+# define INET_TWDR_RECYCLE_TICK (9 + 2 - INET_TWDR_RECYCLE_SLOTS_LOG)
+#elif HZ = 1024
+# define INET_TWDR_RECYCLE_TICK (10 + 2 - INET_TWDR_RECYCLE_SLOTS_LOG)
+#elif HZ = 2048
+# define INET_TWDR_RECYCLE_TICK (11 + 2 - INET_TWDR_RECYCLE_SLOTS_LOG)
+#else
+# define INET_TWDR_RECYCLE_TICK (12 + 2 - INET_TWDR_RECYCLE_SLOTS_LOG)
+#endif
+
+/* TIME_WAIT reaping mechanism. */
+#define INET_TWDR_TWKILL_SLOTS 8 /* Please keep this a power of 2. */
+
+#define INET_TWDR_TWKILL_QUOTA 100
+
+struct inet_timewait_death_row {
+ /* Short-time timewait calendar */
+ int twcal_hand;
+ int twcal_jiffie;
+ struct timer_list twcal_timer;
+ struct hlist_head twcal_row[INET_TWDR_RECYCLE_SLOTS];
+
+ spinlock_t death_lock;
+ int tw_count;
+ int period;
+ u32 thread_slots;
+ struct work_struct twkill_work;
+ struct timer_list tw_timer;
+ int slot;
+ struct hlist_head cells[INET_TWDR_TWKILL_SLOTS];
+ struct inet_hashinfo*hashinfo;
+ int sysctl_tw_recycle;
+ int sysctl_max_tw_buckets;
+};
+
#if (BITS_PER_LONG == 64)
#define INET_TIMEWAIT_ADDRCMP_ALIGN_BYTES 8
#else
@@ -33,7 +89,6 @@
#endif
struct inet_bind_bucket;
-struct inet_hashinfo;
/*
* This is a TIME_WAIT sock. It works around the memory consumption
diff --git a/include/net/tcp.h b/include/net/tcp.h
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -29,6 +29,7 @@
#include linux/percpu.h
#include net/inet_connection_sock.h
+#include net/inet_timewait_sock.h
#include net/inet_hashtables.h
#include net/checksum.h
#include net/request_sock.h
@@ -42,9 +43,9 @@
extern struct inet_hashinfo tcp_hashinfo;
extern atomic_t tcp_orphan_count;
-extern int tcp_tw_count;
extern void tcp_time_wait(struct sock *sk, int state, int timeo);
-extern void tcp_tw_deschedule(struct inet_timewait_sock *tw);
+extern void inet_twsk_deschedule(struct inet_timewait_sock *tw,
+struct inet_timewait_death_row *twdr);
#define MAX_TCP_HEADER (128 + MAX_HEADER)
@@ -148,33 +149,6 @@ extern void tcp_tw_deschedule(struct ine
* timestamps. It must be less than
* minimal timewait lifetime.
*/
-
-#define TCP_TW_RECYCLE_SLOTS_LOG 5
-#define TCP_TW_RECYCLE_SLOTS (1TCP_TW_RECYCLE_SLOTS_LOG)
-
-/* If time 4sec, it is slow path, no recycling is required,
- so that we select tick to get range about 4 seconds.
- */
-
-#if HZ = 16 || HZ 4096
-#
[TIMEWAIT]: Move inet_timewait_death_row routines to net/ipv4/inet_timewait_sock.c
tree d0990b1d6f5fd6b3b7ddce553a16cccf6f029651
parent 295ff7edb8f72b77d524759266f7524deae379b3
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Wed, 10 Aug 2005 10:45:03
-0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:55:58 -0700
[TIMEWAIT]: Move inet_timewait_death_row routines to
net/ipv4/inet_timewait_sock.c
Also export the ones that will be used in the next changeset, when
DCCP uses this infrastructure.
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/net/inet_timewait_sock.h | 10 +
include/net/tcp.h|2
net/ipv4/inet_timewait_sock.c| 270 +
net/ipv4/tcp_minisocks.c | 281 +--
4 files changed, 290 insertions(+), 273 deletions(-)
diff --git a/include/net/inet_timewait_sock.h b/include/net/inet_timewait_sock.h
--- a/include/net/inet_timewait_sock.h
+++ b/include/net/inet_timewait_sock.h
@@ -82,6 +82,10 @@ struct inet_timewait_death_row {
int sysctl_max_tw_buckets;
};
+extern void inet_twdr_hangman(unsigned long data);
+extern void inet_twdr_twkill_work(void *data);
+extern void inet_twdr_twcal_tick(unsigned long data);
+
#if (BITS_PER_LONG == 64)
#define INET_TIMEWAIT_ADDRCMP_ALIGN_BYTES 8
#else
@@ -206,4 +210,10 @@ extern void __inet_twsk_kill(struct inet
extern void __inet_twsk_hashdance(struct inet_timewait_sock *tw,
struct sock *sk,
struct inet_hashinfo *hashinfo);
+
+extern void inet_twsk_schedule(struct inet_timewait_sock *tw,
+ struct inet_timewait_death_row *twdr,
+ const int timeo, const int timewait_len);
+extern void inet_twsk_deschedule(struct inet_timewait_sock *tw,
+struct inet_timewait_death_row *twdr);
#endif /* _INET_TIMEWAIT_SOCK_ */
diff --git a/include/net/tcp.h b/include/net/tcp.h
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -44,8 +44,6 @@ extern struct inet_hashinfo tcp_hashinfo
extern atomic_t tcp_orphan_count;
extern void tcp_time_wait(struct sock *sk, int state, int timeo);
-extern void inet_twsk_deschedule(struct inet_timewait_sock *tw,
-struct inet_timewait_death_row *twdr);
#define MAX_TCP_HEADER (128 + MAX_HEADER)
diff --git a/net/ipv4/inet_timewait_sock.c b/net/ipv4/inet_timewait_sock.c
--- a/net/ipv4/inet_timewait_sock.c
+++ b/net/ipv4/inet_timewait_sock.c
@@ -12,6 +12,7 @@
#include net/inet_hashtables.h
#include net/inet_timewait_sock.h
+#include net/ip.h
/* Must be called with locally disabled BHs. */
void __inet_twsk_kill(struct inet_timewait_sock *tw, struct inet_hashinfo
*hashinfo)
@@ -85,6 +86,8 @@ void __inet_twsk_hashdance(struct inet_t
write_unlock(ehead-lock);
}
+EXPORT_SYMBOL_GPL(__inet_twsk_hashdance);
+
struct inet_timewait_sock *inet_twsk_alloc(const struct sock *sk, const int
state)
{
struct inet_timewait_sock *tw =
kmem_cache_alloc(sk-sk_prot_creator-twsk_slab,
@@ -112,3 +115,270 @@ struct inet_timewait_sock *inet_twsk_all
return tw;
}
+
+EXPORT_SYMBOL_GPL(inet_twsk_alloc);
+
+/* Returns non-zero if quota exceeded. */
+static int inet_twdr_do_twkill_work(struct inet_timewait_death_row *twdr,
+ const int slot)
+{
+ struct inet_timewait_sock *tw;
+ struct hlist_node *node;
+ unsigned int killed;
+ int ret;
+
+ /* NOTE: compare this to previous version where lock
+* was released after detaching chain. It was racy,
+* because tw buckets are scheduled in not serialized context
+* in 2.3 (with netfilter), and with softnet it is common, because
+* soft irqs are not sequenced.
+*/
+ killed = 0;
+ ret = 0;
+rescan:
+ inet_twsk_for_each_inmate(tw, node, twdr-cells[slot]) {
+ __inet_twsk_del_dead_node(tw);
+ spin_unlock(twdr-death_lock);
+ __inet_twsk_kill(tw, twdr-hashinfo);
+ inet_twsk_put(tw);
+ killed++;
+ spin_lock(twdr-death_lock);
+ if (killed INET_TWDR_TWKILL_QUOTA) {
+ ret = 1;
+ break;
+ }
+
+ /* While we dropped twdr-death_lock, another cpu may have
+* killed off the next TW bucket in the list, therefore
+* do a fresh re-read of the hlist head node with the
+* lock reacquired. We still use the hlist traversal
+* macro in order to get the prefetches.
+*/
+ goto rescan;
+ }
+
+ twdr-tw_count -= killed;
+ NET_ADD_STATS_BH(LINUX_MIB_TIMEWAITED, killed);
+
+ return ret;
+}
+
+void inet_twdr_hangman(unsigned long data)
+{
+ struct inet_timewait_death_row *twdr;
+ int
[DCCP]: Finish the TIMEWAIT minisock support
tree 1b2decb48c52d8f3f3abe04ffb8e0dca80f0747a
parent 696ab2d3bffc746fb8cf3712f066d42b9886aeed
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Wed, 10 Aug 2005 10:45:21
-0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:56:03 -0700
[DCCP]: Finish the TIMEWAIT minisock support
Using most of the infrastructure TCP uses, with a dccp_death_row,
etc. As per my current interpretation of the draft what we have with
this changeset seems to be all we need (or very close to it 8)).
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/linux/dccp.h |3 ++
net/dccp/ipv4.c | 15
net/dccp/minisocks.c | 60 ++-
3 files changed, 63 insertions(+), 15 deletions(-)
diff --git a/include/linux/dccp.h b/include/linux/dccp.h
--- a/include/linux/dccp.h
+++ b/include/linux/dccp.h
@@ -194,6 +194,7 @@ enum {
#include linux/workqueue.h
#include net/inet_connection_sock.h
+#include net/inet_timewait_sock.h
#include net/sock.h
#include net/tcp_states.h
#include net/tcp.h
@@ -354,6 +355,8 @@ static inline struct dccp_request_sock *
return (struct dccp_request_sock *)req;
}
+extern struct inet_timewait_death_row dccp_death_row;
+
/* Read about the ECN nonce to see why it is 253 */
#define DCCP_MAX_ACK_VECTOR_LEN 253
diff --git a/net/dccp/ipv4.c b/net/dccp/ipv4.c
--- a/net/dccp/ipv4.c
+++ b/net/dccp/ipv4.c
@@ -97,7 +97,7 @@ static int __dccp_v4_check_established(s
NET_INC_STATS_BH(LINUX_MIB_TIMEWAITRECYCLED);
} else if (tw != NULL) {
/* Silly. Should hash-dance instead... */
- dccp_tw_deschedule(tw);
+ inet_twsk_deschedule(tw, dccp_death_row);
NET_INC_STATS_BH(LINUX_MIB_TIMEWAITRECYCLED);
inet_twsk_put(tw);
@@ -201,7 +201,7 @@ ok:
spin_unlock(head-lock);
if (tw != NULL) {
- dccp_tw_deschedule(tw);
+ inet_twsk_deschedule(tw, dccp_death_row);
inet_twsk_put(tw);
}
@@ -1131,8 +1131,9 @@ int dccp_v4_rcv(struct sk_buff *skb)
*/
if (sk-sk_state == DCCP_TIME_WAIT) {
- dccp_pr_debug(sk-sk_state == DCCP_TIME_WAIT:
discard_and_relse\n);
-goto discard_and_relse;
+ dccp_pr_debug(sk-sk_state == DCCP_TIME_WAIT:
+ do_time_wait\n);
+goto do_time_wait;
}
if (!xfrm4_policy_check(sk, XFRM_POLICY_IN, skb)) {
@@ -1179,6 +1180,10 @@ discard_it:
discard_and_relse:
sock_put(sk);
goto discard_it;
+
+do_time_wait:
+ inet_twsk_put((struct inet_timewait_sock *)sk);
+ goto no_dccp_socket;
}
static int dccp_v4_init_sock(struct sock *sk)
@@ -1290,5 +1295,5 @@ struct proto dccp_v4_prot = {
.max_header = MAX_DCCP_HEADER,
.obj_size = sizeof(struct dccp_sock),
.rsk_prot = dccp_request_sock_ops,
- .twsk_obj_size = sizeof(struct inet_timewait_sock), /* FIXME!
create dccp_timewait_sock */
+ .twsk_obj_size = sizeof(struct inet_timewait_sock),
};
diff --git a/net/dccp/minisocks.c b/net/dccp/minisocks.c
--- a/net/dccp/minisocks.c
+++ b/net/dccp/minisocks.c
@@ -22,18 +22,58 @@
#include ccid.h
#include dccp.h
+struct inet_timewait_death_row dccp_death_row = {
+ .sysctl_max_tw_buckets = NR_FILE * 2,
+ .period = DCCP_TIMEWAIT_LEN / INET_TWDR_TWKILL_SLOTS,
+ .death_lock = SPIN_LOCK_UNLOCKED,
+ .hashinfo = dccp_hashinfo,
+ .tw_timer = TIMER_INITIALIZER(inet_twdr_hangman, 0,
+ (unsigned long)dccp_death_row),
+ .twkill_work= __WORK_INITIALIZER(dccp_death_row.twkill_work,
+inet_twdr_twkill_work,
+dccp_death_row),
+/* Short-time timewait calendar */
+
+ .twcal_hand = -1,
+ .twcal_timer= TIMER_INITIALIZER(inet_twdr_twcal_tick, 0,
+ (unsigned long)dccp_death_row),
+};
+
void dccp_time_wait(struct sock *sk, int state, int timeo)
{
- /* FIXME: Implement */
- dccp_pr_debug(Want to help? Start here\n);
- dccp_set_state(sk, state);
-}
+ struct inet_timewait_sock *tw = NULL;
-/* This is for handling early-kills of TIME_WAIT sockets. */
-void dccp_tw_deschedule(struct inet_timewait_sock *tw)
-{
- dccp_pr_debug(Want to help? Start here\n);
- __inet_twsk_kill(tw, dccp_hashinfo);
+ if (dccp_death_row.tw_count dccp_death_row.sysctl_max_tw_buckets)
+ tw = inet_twsk_alloc(sk, state);
+
+ if (tw != NULL) {
+ const struct inet_connection_sock *icsk = inet_csk(sk);
+ const int rto =
[NET]: Make NETDEBUG pure printk wrappers
tree b4004f01b2b0e935b95bcce9a78e60a9e9e17f65
parent 64cf1e5d8b5f88d56509260e08fa0d8314277350
author Patrick McHardy [EMAIL PROTECTED] Wed, 10 Aug 2005 10:50:53 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:56:08 -0700
[NET]: Make NETDEBUG pure printk wrappers
Signed-off-by: Patrick McHardy [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/net/sock.h |8
net/dccp/input.c |2 +-
net/dccp/options.c |8
net/ipv4/esp4.c| 12 ++--
net/ipv4/icmp.c| 12 +---
net/ipv4/igmp.c|2 +-
net/ipv4/ip_fragment.c |6 +++---
net/ipv4/ip_output.c |2 +-
net/ipv4/ipcomp.c |4 ++--
net/ipv4/tcp_ipv4.c| 11 +--
net/ipv4/udp.c | 32
net/ipv6/ah6.c | 13 ++---
net/ipv6/datagram.c|4 ++--
net/ipv6/esp6.c|3 +--
net/ipv6/exthdrs.c |8
net/ipv6/icmp.c| 20 +++-
net/ipv6/ip6_output.c |2 +-
net/ipv6/netfilter.c |3 +--
net/ipv6/raw.c |3 +--
net/ipv6/tcp_ipv6.c|2 +-
net/ipv6/udp.c |7 +++
21 files changed, 75 insertions(+), 89 deletions(-)
diff --git a/include/net/sock.h b/include/net/sock.h
--- a/include/net/sock.h
+++ b/include/net/sock.h
@@ -1316,11 +1316,11 @@ extern int sock_get_timestamp(struct soc
*/
#if 0
-#define NETDEBUG(x)do { } while (0)
-#define LIMIT_NETDEBUG(x) do {} while(0)
+#define NETDEBUG(fmt, args...) do { } while (0)
+#define LIMIT_NETDEBUG(fmt, args...) do { } while(0)
#else
-#define NETDEBUG(x)do { x; } while (0)
-#define LIMIT_NETDEBUG(x) do { if (net_ratelimit()) { x; } } while(0)
+#define NETDEBUG(fmt, args...) printk(fmt,##args)
+#define LIMIT_NETDEBUG(fmt, args...) do { if (net_ratelimit())
printk(fmt,##args); } while(0)
#endif
/*
diff --git a/net/dccp/input.c b/net/dccp/input.c
--- a/net/dccp/input.c
+++ b/net/dccp/input.c
@@ -161,7 +161,7 @@ int dccp_rcv_established(struct sock *sk
if (dccp_ackpkts_add(dp-dccps_hc_rx_ackpkts,
DCCP_SKB_CB(skb)-dccpd_seq,
DCCP_ACKPKTS_STATE_RECEIVED)) {
- LIMIT_NETDEBUG(pr_info(DCCP: acknowledgeable packets
buffer full!\n));
+ LIMIT_NETDEBUG(KERN_INFO DCCP: acknowledgeable packets
buffer full!\n);
ap-dccpap_ack_seqno = DCCP_MAX_SEQNO + 1;
inet_csk_schedule_ack(sk);
inet_csk_reset_xmit_timer(sk, ICSK_TIME_DACK,
TCP_DELACK_MIN, TCP_RTO_MAX);
diff --git a/net/dccp/options.c b/net/dccp/options.c
--- a/net/dccp/options.c
+++ b/net/dccp/options.c
@@ -231,7 +231,7 @@ void dccp_insert_option(struct sock *sk,
unsigned char *to;
if (DCCP_SKB_CB(skb)-dccpd_opt_len + len + 2 DCCP_MAX_OPT_LEN) {
- LIMIT_NETDEBUG(pr_info(DCCP: packet too small to insert %d
option!\n, option));
+ LIMIT_NETDEBUG(KERN_INFO DCCP: packet too small to insert %d
option!\n, option);
return;
}
@@ -299,7 +299,7 @@ void dccp_insert_option_elapsed_time(str
return;
if (DCCP_SKB_CB(skb)-dccpd_opt_len + len DCCP_MAX_OPT_LEN) {
- LIMIT_NETDEBUG(pr_info(DCCP: packet too small to insert
elapsed time!\n));
+ LIMIT_NETDEBUG(KERN_INFO DCCP: packet too small to insert
elapsed time!\n);
return;
}
@@ -335,7 +335,7 @@ static void dccp_insert_option_ack_vecto
dccp_insert_option_elapsed_time(sk, skb, elapsed_time);
if (DCCP_SKB_CB(skb)-dccpd_opt_len + len DCCP_MAX_OPT_LEN) {
- LIMIT_NETDEBUG(pr_info(DCCP: packet too small to insert ACK
Vector!\n));
+ LIMIT_NETDEBUG(KERN_INFO DCCP: packet too small to insert ACK
Vector!\n);
return;
}
@@ -412,7 +412,7 @@ static void dccp_insert_option_timestamp
unsigned char *to;
if (DCCP_SKB_CB(skb)-dccpd_opt_len + len DCCP_MAX_OPT_LEN) {
- LIMIT_NETDEBUG(pr_info(DCCP: packet too small to insert
timestamp echo!\n));
+ LIMIT_NETDEBUG(KERN_INFO DCCP: packet too small to insert
timestamp echo!\n);
return;
}
diff --git a/net/ipv4/esp4.c b/net/ipv4/esp4.c
--- a/net/ipv4/esp4.c
+++ b/net/ipv4/esp4.c
@@ -331,8 +331,8 @@ static void esp4_err(struct sk_buff *skb
x = xfrm_state_lookup((xfrm_address_t *)iph-daddr, esph-spi,
IPPROTO_ESP, AF_INET);
if (!x)
return;
- NETDEBUG(printk(KERN_DEBUG pmtu discovery on SA ESP/%08x/%08x\n,
- ntohl(esph-spi), ntohl(iph-daddr)));
+ NETDEBUG(KERN_DEBUG pmtu discovery on SA ESP/%08x/%08x\n,
+ntohl(esph-spi), ntohl(iph-daddr));
xfrm_state_put(x);
}
@@ -395,10 +395,10 @@ static int esp_init_state(struct
[CCID3]: Separate most of the packet history code
tree a131a54e9790b1b85e5c7f78a2e74e33af2bbd87
parent 540722ffc3a0d7e11d97a13e1ce6f3bc23b061c1
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Wed, 10 Aug 2005 18:59:38
-0300
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:56:28 -0700
[CCID3]: Separate most of the packet history code
This also changes the list_for_each_entry_safe_continue behaviour to match its
kerneldoc comment, that is, to start after the pos passed.
Also adds several helper functions from previously open coded fragments, making
the code more clear.
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
include/linux/list.h |3
net/dccp/Makefile |3
net/dccp/ccids/ccid3.c| 331 ++
net/dccp/ccids/ccid3.h| 18 --
net/dccp/packet_history.c | 198 +++
net/dccp/packet_history.h | 182 +
6 files changed, 520 insertions(+), 215 deletions(-)
diff --git a/include/linux/list.h b/include/linux/list.h
--- a/include/linux/list.h
+++ b/include/linux/list.h
@@ -427,7 +427,8 @@ static inline void list_splice_init(stru
* @member:the name of the list_struct within the struct.
*/
#define list_for_each_entry_safe_continue(pos, n, head, member)
\
- for (pos = n, n = list_entry(n-member.next, typeof(*n), member);
\
+ for (pos = list_entry(pos-member.next, typeof(*pos), member),
\
+ n = list_entry(pos-member.next, typeof(*pos), member);
\
pos-member != (head);
\
pos = n, n = list_entry(n-member.next, typeof(*n), member))
diff --git a/net/dccp/Makefile b/net/dccp/Makefile
--- a/net/dccp/Makefile
+++ b/net/dccp/Makefile
@@ -1,5 +1,6 @@
obj-$(CONFIG_IP_DCCP) += dccp.o
-dccp-y := ccid.o input.o ipv4.o minisocks.o options.o output.o proto.o timer.o
+dccp-y := ccid.o input.o ipv4.o minisocks.o options.o output.o proto.o \
+ timer.o packet_history.o
obj-y += ccids/
diff --git a/net/dccp/ccids/ccid3.c b/net/dccp/ccids/ccid3.c
--- a/net/dccp/ccids/ccid3.c
+++ b/net/dccp/ccids/ccid3.c
@@ -34,8 +34,10 @@
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
+#include linux/config.h
#include ../ccid.h
#include ../dccp.h
+#include ../packet_history.h
#include ccid3.h
#ifdef CCID3_DEBUG
@@ -82,60 +84,10 @@ enum ccid3_options {
static int ccid3_debug;
-static kmem_cache_t *ccid3_tx_hist_slab;
-static kmem_cache_t *ccid3_rx_hist_slab;
-static kmem_cache_t *ccid3_loss_interval_hist_slab;
-
-static inline struct ccid3_tx_hist_entry *ccid3_tx_hist_entry_new(int prio)
-{
- struct ccid3_tx_hist_entry *entry =
kmem_cache_alloc(ccid3_tx_hist_slab, prio);
-
- if (entry != NULL)
- entry-ccid3htx_sent = 0;
-
- return entry;
-}
-
-static inline void ccid3_tx_hist_entry_delete(struct ccid3_tx_hist_entry
*entry)
-{
- if (entry != NULL)
- kmem_cache_free(ccid3_tx_hist_slab, entry);
-}
-
-static inline struct ccid3_rx_hist_entry *ccid3_rx_hist_entry_new(struct sock
*sk,
- struct
sk_buff *skb,
- int prio)
-{
- struct ccid3_rx_hist_entry *entry =
kmem_cache_alloc(ccid3_rx_hist_slab, prio);
-
- if (entry != NULL) {
- const struct dccp_hdr *dh = dccp_hdr(skb);
-
- entry-ccid3hrx_seqno = DCCP_SKB_CB(skb)-dccpd_seq;
- entry-ccid3hrx_win_count = dh-dccph_ccval;
- entry-ccid3hrx_type = dh-dccph_type;
- entry-ccid3hrx_ndp =
dccp_sk(sk)-dccps_options_received.dccpor_ndp;
- do_gettimeofday((entry-ccid3hrx_tstamp));
- }
-
- return entry;
-}
-
-static inline void ccid3_rx_hist_entry_delete(struct ccid3_rx_hist_entry
*entry)
-{
- if (entry != NULL)
- kmem_cache_free(ccid3_rx_hist_slab, entry);
-}
+struct dccp_tx_hist *ccid3_tx_hist;
+struct dccp_rx_hist *ccid3_rx_hist;
-static void ccid3_rx_history_delete(struct list_head *hist)
-{
- struct ccid3_rx_hist_entry *entry, *next;
-
- list_for_each_entry_safe(entry, next, hist, ccid3hrx_node) {
- list_del_init(entry-ccid3hrx_node);
- kmem_cache_free(ccid3_rx_hist_slab, entry);
- }
-}
+static kmem_cache_t *ccid3_loss_interval_hist_slab;
static inline struct ccid3_loss_interval_hist_entry
*ccid3_loss_interval_hist_entry_new(int prio)
{
@@ -982,7 +934,7 @@ static int ccid3_hc_tx_send_packet(struc
{
struct dccp_sock *dp = dccp_sk(sk);
struct ccid3_hc_tx_sock *hctx = dp-dccps_hc_tx_ccid_private;
- struct ccid3_tx_hist_entry *new_packet = NULL;
+ struct dccp_tx_hist_entry *new_packet;
struct timeval now;
long delay;
int rc = -ENOTCONN;
@@ -997,12 +949,9 @@ static int ccid3_hc_tx_send_packet(struc
[CCID3]: Ditch USEC_IN_SEC as time.h has USEC_PER_SEC
tree 7d559e7006438b3f256e516d60ca89d153bcaf9d
parent 8c60f3fab55712f23f2bd557ceedfbb00c649f37
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Wed, 10 Aug 2005 19:29:27
-0300
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:56:33 -0700
[CCID3]: Ditch USEC_IN_SEC as time.h has USEC_PER_SEC
That is equivalent, no need to have a private one.
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
net/dccp/ccids/ccid3.c | 35 +++
1 files changed, 19 insertions(+), 16 deletions(-)
diff --git a/net/dccp/ccids/ccid3.c b/net/dccp/ccids/ccid3.c
--- a/net/dccp/ccids/ccid3.c
+++ b/net/dccp/ccids/ccid3.c
@@ -55,12 +55,10 @@ extern int ccid3_debug;
#define TFRC_STD_PACKET_SIZE 256
#define TFRC_MAX_PACKET_SIZE 65535
-#define USEC_IN_SEC100
-
-#define TFRC_INITIAL_TIMEOUT (2 * USEC_IN_SEC)
+#define TFRC_INITIAL_TIMEOUT (2 * USEC_PER_SEC)
/* two seconds as per CCID3 spec 11 */
-#define TFRC_OPSYS_HALF_TIME_GRAN (USEC_IN_SEC / (2 * HZ))
+#define TFRC_OPSYS_HALF_TIME_GRAN (USEC_PER_SEC / (2 * HZ))
/* above is in usecs - half the scheduling granularity as per RFC3448 4.6 */
#define TFRC_WIN_COUNT_PER_RTT 4
@@ -155,20 +153,23 @@ static inline void ccid3_hc_tx_set_state
hctx-ccid3hctx_state = state;
}
-static void timeval_sub(struct timeval large, struct timeval small, struct
timeval *result) {
-
+static void timeval_sub(struct timeval large, struct timeval small,
+ struct timeval *result)
+{
result-tv_sec = large.tv_sec-small.tv_sec;
if (large.tv_usec small.tv_usec) {
(result-tv_sec)--;
- result-tv_usec = USEC_IN_SEC+large.tv_usec-small.tv_usec;
+ result-tv_usec = USEC_PER_SEC +
+ large.tv_usec - small.tv_usec;
} else
result-tv_usec = large.tv_usec-small.tv_usec;
}
-static inline void timeval_fix(struct timeval *tv) {
- if (tv-tv_usec = USEC_IN_SEC) {
+static inline void timeval_fix(struct timeval *tv)
+{
+ if (tv-tv_usec = USEC_PER_SEC) {
tv-tv_sec++;
- tv-tv_usec -= USEC_IN_SEC;
+ tv-tv_usec -= USEC_PER_SEC;
}
}
@@ -1185,7 +1186,8 @@ static void ccid3_hc_tx_packet_recv(stru
r_sample);
/* Update timeout interval */
- inet_csk(sk)-icsk_rto = max_t(u32, 4 * hctx-ccid3hctx_rtt,
USEC_IN_SEC);
+ inet_csk(sk)-icsk_rto = max_t(u32, 4 * hctx-ccid3hctx_rtt,
+ USEC_PER_SEC);
/* Update receive rate */
hctx-ccid3hctx_x_recv = x_recv; /* x_recv in bytes per
second */
@@ -1210,7 +1212,7 @@ static void ccid3_hc_tx_packet_recv(stru
/* Update next send time */
if (hctx-ccid3hctx_t_ipi (hctx-ccid3hctx_t_nom).tv_usec) {
- (hctx-ccid3hctx_t_nom).tv_usec += USEC_IN_SEC;
+ hctx-ccid3hctx_t_nom.tv_usec += USEC_PER_SEC;
(hctx-ccid3hctx_t_nom).tv_sec--;
}
/* FIXME - if no feedback then t_ipi can go 1 second */
@@ -1344,7 +1346,7 @@ static int ccid3_hc_tx_init(struct sock
hctx-ccid3hctx_x = hctx-ccid3hctx_s; /* set transmission rate to
1 packet per second */
hctx-ccid3hctx_rtt = 4; /* See ccid3_hc_tx_packet_sent win_count
calculatation */
- inet_csk(sk)-icsk_rto = USEC_IN_SEC;
+ inet_csk(sk)-icsk_rto = USEC_PER_SEC;
hctx-ccid3hctx_state = TFRC_SSTATE_NO_SENT;
INIT_LIST_HEAD(hctx-ccid3hctx_hist);
init_timer(hctx-ccid3hctx_no_feedback_timer);
@@ -1531,7 +1533,8 @@ static void ccid3_hc_rx_send_feedback(st
if (delta == 0)
delta = 1; /* to prevent divide by zero */
- hcrx-ccid3hcrx_x_recv = (hcrx-ccid3hcrx_bytes_recv *
USEC_IN_SEC) / delta;
+ hcrx-ccid3hcrx_x_recv = (hcrx-ccid3hcrx_bytes_recv *
+ USEC_PER_SEC) / delta;
}
break;
default:
@@ -1669,7 +1672,7 @@ static u32 ccid3_hc_rx_calc_first_li(str
}
found:
timeval_sub(tstamp,tail-dccphrx_tstamp,tmp_tv);
- rtt = (tmp_tv.tv_sec * USEC_IN_SEC + tmp_tv.tv_usec) * 4 / interval;
+ rtt = (tmp_tv.tv_sec * USEC_PER_SEC + tmp_tv.tv_usec) * 4 / interval;
ccid3_pr_debug(%s, sk=%p, approximated RTT to %uus\n,
dccp_role(sk), sk, rtt);
if (rtt == 0)
@@ -1679,7 +1682,7 @@ found:
if (delta == 0)
delta = 1;
- x_recv = (hcrx-ccid3hcrx_bytes_recv * USEC_IN_SEC) / delta;
+ x_recv = (hcrx-ccid3hcrx_bytes_recv * USEC_PER_SEC) / delta;
tmp1 = (u64)x_recv * (u64)rtt;
do_div(tmp1,1000);
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of
[NETFILTER]: Fix compilation when no PROC_FS enabled
tree fde205886d09db76b0042092be0be7a509791349
parent e41aac41e3856c87fee52c5b8bca71705d15449b
author Harald Welte [EMAIL PROTECTED] Fri, 12 Aug 2005 05:30:45 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:56:54 -0700
[NETFILTER]: Fix compilation when no PROC_FS enabled
Signed-off-by: Harald Welte [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
net/netfilter/nf_log.c |4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/net/netfilter/nf_log.c b/net/netfilter/nf_log.c
--- a/net/netfilter/nf_log.c
+++ b/net/netfilter/nf_log.c
@@ -167,12 +167,12 @@ int __init netfilter_log_init(void)
{
#ifdef CONFIG_PROC_FS
struct proc_dir_entry *pde;
+
pde = create_proc_entry(nf_log, S_IRUGO, proc_net_netfilter);
-#endif
if (!pde)
return -1;
pde-proc_fops = nflog_file_ops;
-
+#endif
return 0;
}
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
[NETFILTER]: Fix NF_QUEUE_NR() macro
tree 4e7ba1b827e70d60cb6fd42ea18bd618757a8908 parent 622439270c74f3ad4f69d1417aca4bb3b79514f4 author Harald Welte [EMAIL PROTECTED] Fri, 12 Aug 2005 05:31:15 -0700 committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:57:03 -0700 [NETFILTER]: Fix NF_QUEUE_NR() macro I obviously wanted to use bitwise-or, not logical or. Signed-off-by: Harald Welte [EMAIL PROTECTED] Signed-off-by: David S. Miller [EMAIL PROTECTED] include/linux/netfilter.h |2 +- 1 files changed, 1 insertion(+), 1 deletion(-) diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h --- a/include/linux/netfilter.h +++ b/include/linux/netfilter.h @@ -29,7 +29,7 @@ #define NF_VERDICT_QMASK 0x #define NF_VERDICT_QBITS 16 -#define NF_QUEUE_NR(x) ((x NF_VERDICT_QBITS) NF_VERDICT_QMASK || NF_QUEUE) +#define NF_QUEUE_NR(x) ((x NF_VERDICT_QBITS) NF_VERDICT_QMASK | NF_QUEUE) /* only for userspace compatibility */ #ifndef __KERNEL__ - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[NET]: Deinline netif_carrier_{on,off}().
tree a4f4174ba8ccdedf892cc3358033b61e1a92babd
parent 5917ed961def82a4dba9198d11a75f79d115a8cb
author Denis Vlasenko [EMAIL PROTECTED] Fri, 12 Aug 2005 05:32:53 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:57:08 -0700
[NET]: Deinline netif_carrier_{on,off}().
# grep -r 'netif_carrier_o[nf]' linux-2.6.12 | wc -l
246
# size vmlinux.org vmlinux.carrier
textdata bss dec hex filename
4339634 1054414 259296 5653344 564360 vmlinux.org
4337710 1054414 259296 5651420 563bdc vmlinux.carrier
And this ain't an allyesconfig kernel!
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/linux/netdevice.h | 14 ++
net/sched/sch_generic.c | 16
2 files changed, 18 insertions(+), 12 deletions(-)
diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h
--- a/include/linux/netdevice.h
+++ b/include/linux/netdevice.h
@@ -699,19 +699,9 @@ static inline int netif_carrier_ok(const
extern void __netdev_watchdog_up(struct net_device *dev);
-static inline void netif_carrier_on(struct net_device *dev)
-{
- if (test_and_clear_bit(__LINK_STATE_NOCARRIER, dev-state))
- linkwatch_fire_event(dev);
- if (netif_running(dev))
- __netdev_watchdog_up(dev);
-}
+extern void netif_carrier_on(struct net_device *dev);
-static inline void netif_carrier_off(struct net_device *dev)
-{
- if (!test_and_set_bit(__LINK_STATE_NOCARRIER, dev-state))
- linkwatch_fire_event(dev);
-}
+extern void netif_carrier_off(struct net_device *dev);
/* Hot-plugging. */
static inline int netif_device_present(struct net_device *dev)
diff --git a/net/sched/sch_generic.c b/net/sched/sch_generic.c
--- a/net/sched/sch_generic.c
+++ b/net/sched/sch_generic.c
@@ -238,6 +238,20 @@ static void dev_watchdog_down(struct net
spin_unlock_bh(dev-xmit_lock);
}
+void netif_carrier_on(struct net_device *dev)
+{
+ if (test_and_clear_bit(__LINK_STATE_NOCARRIER, dev-state))
+ linkwatch_fire_event(dev);
+ if (netif_running(dev))
+ __netdev_watchdog_up(dev);
+}
+
+void netif_carrier_off(struct net_device *dev)
+{
+ if (!test_and_set_bit(__LINK_STATE_NOCARRIER, dev-state))
+ linkwatch_fire_event(dev);
+}
+
/* NOOP scheduler: the best scheduler, recommended for all interfaces
under all circumstances. It is difficult to invent anything faster or
cheaper.
@@ -600,6 +614,8 @@ void dev_shutdown(struct net_device *dev
}
EXPORT_SYMBOL(__netdev_watchdog_up);
+EXPORT_SYMBOL(netif_carrier_on);
+EXPORT_SYMBOL(netif_carrier_off);
EXPORT_SYMBOL(noop_qdisc);
EXPORT_SYMBOL(noop_qdisc_ops);
EXPORT_SYMBOL(qdisc_create_dflt);
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
[INET6_HASHTABLES]: Move inet6_lookup functions to net/ipv6/inet6_hashtables.c
tree 08e40652e7c9394277a0b5e08148c43a97d46670
parent 505cbfc577f3fa778005e2800b869eca25727d5f
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Fri, 12 Aug 2005 15:26:18
-0300
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:57:29 -0700
[INET6_HASHTABLES]: Move inet6_lookup functions to net/ipv6/inet6_hashtables.c
Doing this we allow tcp_diag to support IPV6 even if tcp_diag is compiled
statically and IPV6 is compiled as a module, removing the previous restriction
while not building any IPV6 code if it is not selected.
Now to work on the tcpdiag_register infrastructure and then to rename the whole
thing to inetdiag, reflecting its by then completely generic nature.
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/net/inet6_hashtables.h | 106 +++-
net/ipv4/Kconfig |4 -
net/ipv6/Makefile |2
net/ipv6/inet6_hashtables.c| 81 +
net/ipv6/tcp_ipv6.c| 154 -
5 files changed, 190 insertions(+), 157 deletions(-)
diff --git a/include/net/inet6_hashtables.h b/include/net/inet6_hashtables.h
--- a/include/net/inet6_hashtables.h
+++ b/include/net/inet6_hashtables.h
@@ -14,13 +14,117 @@
#ifndef _INET6_HASHTABLES_H
#define _INET6_HASHTABLES_H
+#include linux/config.h
+
+#if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE)
+#include linux/in6.h
+#include linux/ipv6.h
#include linux/types.h
-struct in6_addr;
+#include net/ipv6.h
+
struct inet_hashinfo;
+/* I have no idea if this is a good hash for v6 or not. -DaveM */
+static inline int inet6_ehashfn(const struct in6_addr *laddr, const u16 lport,
+ const struct in6_addr *faddr, const u16 fport,
+ const int ehash_size)
+{
+ int hashent = (lport ^ fport);
+
+ hashent ^= (laddr-s6_addr32[3] ^ faddr-s6_addr32[3]);
+ hashent ^= hashent 16;
+ hashent ^= hashent 8;
+ return (hashent (ehash_size - 1));
+}
+
+static inline int inet6_sk_ehashfn(const struct sock *sk, const int ehash_size)
+{
+ const struct inet_sock *inet = inet_sk(sk);
+ const struct ipv6_pinfo *np = inet6_sk(sk);
+ const struct in6_addr *laddr = np-rcv_saddr;
+ const struct in6_addr *faddr = np-daddr;
+ const __u16 lport = inet-num;
+ const __u16 fport = inet-dport;
+ return inet6_ehashfn(laddr, lport, faddr, fport, ehash_size);
+}
+
+/*
+ * Sockets in TCP_CLOSE state are _always_ taken out of the hash, so
+ * we need not check it for TCP lookups anymore, thanks Alexey. -DaveM
+ *
+ * The sockhash lock must be held as a reader here.
+ */
+static inline struct sock *
+ __inet6_lookup_established(struct inet_hashinfo *hashinfo,
+ const struct in6_addr *saddr,
+ const u16 sport,
+ const struct in6_addr *daddr,
+ const u16 hnum,
+ const int dif)
+{
+ struct sock *sk;
+ const struct hlist_node *node;
+ const __u32 ports = INET_COMBINED_PORTS(sport, hnum);
+ /* Optimize here for direct hit, only listening connections can
+* have wildcards anyways.
+*/
+ const int hash = inet6_ehashfn(daddr, hnum, saddr, sport,
+ hashinfo-ehash_size);
+ struct inet_ehash_bucket *head = hashinfo-ehash[hash];
+
+ read_lock(head-lock);
+ sk_for_each(sk, node, head-chain) {
+ /* For IPV6 do the cheaper port and family tests first. */
+ if (INET6_MATCH(sk, saddr, daddr, ports, dif))
+ goto hit; /* You sunk my battleship! */
+ }
+ /* Must check for a TIME_WAIT'er before going to listener hash. */
+ sk_for_each(sk, node, (head + hashinfo-ehash_size)-chain) {
+ const struct inet_timewait_sock *tw = inet_twsk(sk);
+
+ if(*((__u32 *)(tw-tw_dport)) == ports
+ sk-sk_family== PF_INET6) {
+ const struct tcp6_timewait_sock *tcp6tw = tcp6_twsk(sk);
+
+ if (ipv6_addr_equal(tcp6tw-tw_v6_daddr, saddr)
+ ipv6_addr_equal(tcp6tw-tw_v6_rcv_saddr, daddr)
+ (!sk-sk_bound_dev_if || sk-sk_bound_dev_if ==
dif))
+ goto hit;
+ }
+ }
+ read_unlock(head-lock);
+ return NULL;
+
+hit:
+ sock_hold(sk);
+ read_unlock(head-lock);
+ return sk;
+}
+
+extern struct sock *inet6_lookup_listener(struct inet_hashinfo *hashinfo,
+ const struct in6_addr *daddr,
+ const unsigned short hnum,
+
[TCPDIAG]: Introduce inet_diag_{register,unregister}
tree 403d4b49b4c1d51445f3ff279d75f74a39e2cc17
parent 5324a040ccc708998e61ea93e669b81312f0ae11
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Fri, 12 Aug 2005 15:27:49
-0300
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:57:38 -0700
[TCPDIAG]: Introduce inet_diag_{register,unregister}
Next changeset will rename tcp_diag to inet_diag and move the tcp_diag code out
of it and into a new tcp_diag.c, similar to the net/dccp/diag.c introduced in
this changeset, completing the transition to a generic inet_diag
infrastructure.
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/linux/tcp_diag.h | 19 +
net/dccp/Kconfig |5 +
net/dccp/Makefile|4 +
net/dccp/diag.c | 47 ++
net/ipv4/Kconfig |3
net/ipv4/tcp_diag.c | 153 ++-
6 files changed, 186 insertions(+), 45 deletions(-)
diff --git a/include/linux/tcp_diag.h b/include/linux/tcp_diag.h
--- a/include/linux/tcp_diag.h
+++ b/include/linux/tcp_diag.h
@@ -5,6 +5,8 @@
#define TCPDIAG_GETSOCK 18
#define DCCPDIAG_GETSOCK 19
+#define INET_DIAG_GETSOCK_MAX 24
+
/* Socket identity */
struct tcpdiag_sockid
{
@@ -125,4 +127,21 @@ struct tcpvegas_info {
__u32 tcpv_minrtt;
};
+#ifdef __KERNEL__
+struct sock;
+struct inet_hashinfo;
+
+struct inet_diag_handler {
+ struct inet_hashinfo*idiag_hashinfo;
+ void(*idiag_get_info)(struct sock *sk,
+ struct tcpdiagmsg *r,
+ void *info);
+ __u16 idiag_info_size;
+ __u16 idiag_type;
+};
+
+extern int inet_diag_register(const struct inet_diag_handler *handler);
+extern void inet_diag_unregister(const struct inet_diag_handler *handler);
+#endif /* __KERNEL__ */
+
#endif /* _TCP_DIAG_H_ */
diff --git a/net/dccp/Kconfig b/net/dccp/Kconfig
--- a/net/dccp/Kconfig
+++ b/net/dccp/Kconfig
@@ -19,6 +19,11 @@ config IP_DCCP
If in doubt, say N.
+config IP_DCCP_DIAG
+ depends on IP_DCCP IP_TCPDIAG
+ def_tristate y if (IP_DCCP = y IP_TCPDIAG = y)
+ def_tristate m
+
source net/dccp/ccids/Kconfig
endmenu
diff --git a/net/dccp/Makefile b/net/dccp/Makefile
--- a/net/dccp/Makefile
+++ b/net/dccp/Makefile
@@ -3,4 +3,8 @@ obj-$(CONFIG_IP_DCCP) += dccp.o
dccp-y := ccid.o input.o ipv4.o minisocks.o options.o output.o proto.o \
timer.o packet_history.o
+obj-$(CONFIG_IP_DCCP_DIAG) += dccp_diag.o
+
obj-y += ccids/
+
+dccp_diag-y := diag.o
diff --git a/net/dccp/diag.c b/net/dccp/diag.c
new file mode 100644
--- /dev/null
+++ b/net/dccp/diag.c
@@ -0,0 +1,47 @@
+/*
+ * net/dccp/diag.c
+ *
+ * An implementation of the DCCP protocol
+ * Arnaldo Carvalho de Melo [EMAIL PROTECTED]
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include linux/config.h
+
+#include linux/module.h
+#include linux/tcp_diag.h
+
+#include dccp.h
+
+static void dccp_diag_get_info(struct sock *sk, struct tcpdiagmsg *r,
+ void *_info)
+{
+ r-tcpdiag_rqueue = r-tcpdiag_wqueue = 0;
+}
+
+static struct inet_diag_handler dccp_diag_handler = {
+ .idiag_hashinfo = dccp_hashinfo,
+ .idiag_get_info = dccp_diag_get_info,
+ .idiag_type = DCCPDIAG_GETSOCK,
+ .idiag_info_size = 0,
+};
+
+static int __init dccp_diag_init(void)
+{
+ return inet_diag_register(dccp_diag_handler);
+}
+
+static void __exit dccp_diag_fini(void)
+{
+ inet_diag_unregister(dccp_diag_handler);
+}
+
+module_init(dccp_diag_init);
+module_exit(dccp_diag_fini);
+
+MODULE_LICENSE(GPL);
+MODULE_AUTHOR(Arnaldo Carvalho de Melo [EMAIL PROTECTED]);
+MODULE_DESCRIPTION(DCCP inet_diag handler);
diff --git a/net/ipv4/Kconfig b/net/ipv4/Kconfig
--- a/net/ipv4/Kconfig
+++ b/net/ipv4/Kconfig
@@ -423,9 +423,6 @@ config IP_TCPDIAG
If unsure, say Y.
-config IP_TCPDIAG_DCCP
- def_bool (IP_TCPDIAG=y IP_DCCP=y) || (IP_TCPDIAG=m IP_DCCP)
-
config TCP_CONG_ADVANCED
bool TCP: advanced congestion control
---help---
diff --git a/net/ipv4/tcp_diag.c b/net/ipv4/tcp_diag.c
--- a/net/ipv4/tcp_diag.c
+++ b/net/ipv4/tcp_diag.c
@@ -34,6 +34,8 @@
#include linux/tcp_diag.h
+static const struct inet_diag_handler **inet_diag_table;
+
struct tcpdiag_entry
{
u32 *saddr;
@@ -61,18 +63,24 @@ static int tcpdiag_fill(struct sk_buff *
const struct inet_connection_sock *icsk = inet_csk(sk);
struct tcpdiagmsg *r;
struct nlmsghdr *nlh;
- struct tcp_info *info = NULL;
+ void *info = NULL;
struct tcpdiag_meminfo *minfo = NULL;
unsigned char*b = skb-tail;
+ const
[INET_DIAG]: Rename tcp_diag.[ch] to inet_diag.[ch]
tree 30ab4f0cb01c493249a858ce315a1847a8c2e65f
parent 73c1f4a033675f168df7e98bbeeafca3c644b8a6
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Fri, 12 Aug 2005 18:56:38
-0300
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:57:48 -0700
[INET_DIAG]: Rename tcp_diag.[ch] to inet_diag.[ch]
Next changeset will introduce net/ipv4/tcp_diag.c, moving the code that was put
transitioanlly in inet_diag.c.
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/linux/tcp_diag.h | 138 ---
net/ipv4/tcp_diag.c | 892 -
include/linux/inet_diag.h | 138 +++
net/dccp/diag.c |2
net/ipv4/Makefile |2
net/ipv4/inet_diag.c | 893 ++
net/ipv4/tcp_vegas.c |2
net/ipv4/tcp_westwood.c |2
8 files changed, 1035 insertions(+), 1034 deletions(-)
diff --git a/include/linux/inet_diag.h b/include/linux/inet_diag.h
new file mode 100644
--- /dev/null
+++ b/include/linux/inet_diag.h
@@ -0,0 +1,138 @@
+#ifndef _INET_DIAG_H_
+#define _INET_DIAG_H_ 1
+
+/* Just some random number */
+#define TCPDIAG_GETSOCK 18
+#define DCCPDIAG_GETSOCK 19
+
+#define INET_DIAG_GETSOCK_MAX 24
+
+/* Socket identity */
+struct inet_diag_sockid {
+ __u16 idiag_sport;
+ __u16 idiag_dport;
+ __u32 idiag_src[4];
+ __u32 idiag_dst[4];
+ __u32 idiag_if;
+ __u32 idiag_cookie[2];
+#define INET_DIAG_NOCOOKIE (~0U)
+};
+
+/* Request structure */
+
+struct inet_diag_req {
+ __u8idiag_family; /* Family of addresses. */
+ __u8idiag_src_len;
+ __u8idiag_dst_len;
+ __u8idiag_ext; /* Query extended information */
+
+ struct inet_diag_sockid id;
+
+ __u32 idiag_states; /* States to dump */
+ __u32 idiag_dbs; /* Tables to dump (NI) */
+};
+
+enum {
+ INET_DIAG_REQ_NONE,
+ INET_DIAG_REQ_BYTECODE,
+};
+
+#define INET_DIAG_REQ_MAX INET_DIAG_REQ_BYTECODE
+
+/* Bytecode is sequence of 4 byte commands followed by variable arguments.
+ * All the commands identified by code are conditional jumps forward:
+ * to offset cc+yes or to offset cc+no. yes is supposed to be
+ * length of the command and its arguments.
+ */
+
+struct inet_diag_bc_op {
+ unsigned char code;
+ unsigned char yes;
+ unsigned short no;
+};
+
+enum {
+ INET_DIAG_BC_NOP,
+ INET_DIAG_BC_JMP,
+ INET_DIAG_BC_S_GE,
+ INET_DIAG_BC_S_LE,
+ INET_DIAG_BC_D_GE,
+ INET_DIAG_BC_D_LE,
+ INET_DIAG_BC_AUTO,
+ INET_DIAG_BC_S_COND,
+ INET_DIAG_BC_D_COND,
+};
+
+struct inet_diag_hostcond {
+ __u8family;
+ __u8prefix_len;
+ int port;
+ __u32 addr[0];
+};
+
+/* Base info structure. It contains socket identity (addrs/ports/cookie)
+ * and, alas, the information shown by netstat. */
+struct inet_diag_msg {
+ __u8idiag_family;
+ __u8idiag_state;
+ __u8idiag_timer;
+ __u8idiag_retrans;
+
+ struct inet_diag_sockid id;
+
+ __u32 idiag_expires;
+ __u32 idiag_rqueue;
+ __u32 idiag_wqueue;
+ __u32 idiag_uid;
+ __u32 idiag_inode;
+};
+
+/* Extensions */
+
+enum {
+ INET_DIAG_NONE,
+ INET_DIAG_MEMINFO,
+ INET_DIAG_INFO,
+ INET_DIAG_VEGASINFO,
+ INET_DIAG_CONG,
+};
+
+#define INET_DIAG_MAX INET_DIAG_CONG
+
+
+/* INET_DIAG_MEM */
+
+struct inet_diag_meminfo {
+ __u32 idiag_rmem;
+ __u32 idiag_wmem;
+ __u32 idiag_fmem;
+ __u32 idiag_tmem;
+};
+
+/* INET_DIAG_VEGASINFO */
+
+struct tcpvegas_info {
+ __u32 tcpv_enabled;
+ __u32 tcpv_rttcnt;
+ __u32 tcpv_rtt;
+ __u32 tcpv_minrtt;
+};
+
+#ifdef __KERNEL__
+struct sock;
+struct inet_hashinfo;
+
+struct inet_diag_handler {
+ struct inet_hashinfo*idiag_hashinfo;
+ void(*idiag_get_info)(struct sock *sk,
+ struct inet_diag_msg *r,
+ void *info);
+ __u16 idiag_info_size;
+ __u16 idiag_type;
+};
+
+extern int inet_diag_register(const struct inet_diag_handler *handler);
+extern void inet_diag_unregister(const struct inet_diag_handler *handler);
+#endif /* __KERNEL__ */
+
+#endif /* _INET_DIAG_H_ */
diff --git a/include/linux/tcp_diag.h b/include/linux/tcp_diag.h
deleted file mode 100644
--- a/include/linux/tcp_diag.h
+++ /dev/null
@@ -1,138 +0,0 @@
-#ifndef _INET_DIAG_H_
-#define _INET_DIAG_H_ 1
-
-/* Just some random number */
-#define TCPDIAG_GETSOCK 18
-#define DCCPDIAG_GETSOCK 19
-
-#define INET_DIAG_GETSOCK_MAX 24
-
-/* Socket identity */
-struct inet_diag_sockid {
- __u16 idiag_sport;
- __u16 idiag_dport;
- __u32
[INET_DIAG]: Move the tcp_diag interface to the proper place
tree b990ca4a3b8e2c08fbcf09ba18e9ae469754b2df
parent a8c2190ee7da1a1dc68ff1a6b5f03feb61e523a5
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Fri, 12 Aug 2005 18:59:17
-0300
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:57:54 -0700
[INET_DIAG]: Move the tcp_diag interface to the proper place
With this the previous setup is back, i.e. tcp_diag can be built as a module,
as dccp_diag and both share the infrastructure available in inet_diag.
If one selects CONFIG_INET_DIAG as module CONFIG_INET_TCP_DIAG will also be
built as a module, as will CONFIG_INET_DCCP_DIAG, if CONFIG_IP_DCCP was
selected static or as a module, if CONFIG_INET_DIAG is y, being statically
linked CONFIG_INET_TCP_DIAG will follow suit and CONFIG_INET_DCCP_DIAG will be
built in the same manner as CONFIG_IP_DCCP.
Now to aim at UDP, converting it to use inet_hashinfo, so that we can use
iproute2 for UDP sockets as well.
Ah, just to show an example of this new infrastructure working for DCCP :-)
[EMAIL PROTECTED] ~]# ./ss -dane
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 0 *:5001 *:* ino:942
sk:cfd503a0
ESTAB 0 0 127.0.0.1:5001 127.0.0.1:32770 ino:943
sk:cfd50a60
ESTAB 0 0 127.0.0.1:32770127.0.0.1:5001 ino:947
sk:cfd50700
TIME-WAIT 0 0 127.0.0.1:32769127.0.0.1:5001
timer:(timewait,3.430ms,0) ino:0 sk:cf209620
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/net/tcp.h|2 -
net/dccp/Kconfig |6 ++---
net/dccp/Makefile|6 ++---
net/ipv4/Kconfig |8 +--
net/ipv4/Makefile|3 +-
net/ipv4/inet_diag.c | 27 -
net/ipv4/tcp_diag.c | 54 +++
7 files changed, 70 insertions(+), 36 deletions(-)
diff --git a/include/net/tcp.h b/include/net/tcp.h
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -479,7 +479,7 @@ static inline void tcp_clear_xmit_timers
extern unsigned int tcp_sync_mss(struct sock *sk, u32 pmtu);
extern unsigned int tcp_current_mss(struct sock *sk, int large);
-/* tcp_diag.c */
+/* tcp.c */
extern void tcp_get_info(struct sock *, struct tcp_info *);
/* Read 'sendfile()'-style from a TCP socket */
diff --git a/net/dccp/Kconfig b/net/dccp/Kconfig
--- a/net/dccp/Kconfig
+++ b/net/dccp/Kconfig
@@ -19,9 +19,9 @@ config IP_DCCP
If in doubt, say N.
-config IP_DCCP_DIAG
- depends on IP_DCCP IP_INET_DIAG
- def_tristate y if (IP_DCCP = y IP_INET_DIAG = y)
+config INET_DCCP_DIAG
+ depends on IP_DCCP INET_DIAG
+ def_tristate y if (IP_DCCP = y INET_DIAG = y)
def_tristate m
source net/dccp/ccids/Kconfig
diff --git a/net/dccp/Makefile b/net/dccp/Makefile
--- a/net/dccp/Makefile
+++ b/net/dccp/Makefile
@@ -3,8 +3,8 @@ obj-$(CONFIG_IP_DCCP) += dccp.o
dccp-y := ccid.o input.o ipv4.o minisocks.o options.o output.o proto.o \
timer.o packet_history.o
-obj-$(CONFIG_IP_DCCP_DIAG) += dccp_diag.o
-
-obj-y += ccids/
+obj-$(CONFIG_INET_DCCP_DIAG) += dccp_diag.o
dccp_diag-y := diag.o
+
+obj-y += ccids/
diff --git a/net/ipv4/Kconfig b/net/ipv4/Kconfig
--- a/net/ipv4/Kconfig
+++ b/net/ipv4/Kconfig
@@ -413,8 +413,8 @@ config INET_TUNNEL
If unsure, say Y.
-config IP_INET_DIAG
- tristate IP: INET socket monitoring interface
+config INET_DIAG
+ tristate INET: socket monitoring interface
default y
---help---
Support for INET (TCP, DCCP, etc) socket monitoring interface used by
@@ -423,6 +423,10 @@ config IP_INET_DIAG
If unsure, say Y.
+config INET_TCP_DIAG
+ depends on INET_DIAG
+ def_tristate INET_DIAG
+
config TCP_CONG_ADVANCED
bool TCP: advanced congestion control
---help---
diff --git a/net/ipv4/Makefile b/net/ipv4/Makefile
--- a/net/ipv4/Makefile
+++ b/net/ipv4/Makefile
@@ -30,8 +30,9 @@ obj-$(CONFIG_IP_ROUTE_MULTIPATH_WRANDOM)
obj-$(CONFIG_IP_ROUTE_MULTIPATH_DRR) += multipath_drr.o
obj-$(CONFIG_NETFILTER)+= netfilter/
obj-$(CONFIG_IP_VS) += ipvs/
-obj-$(CONFIG_IP_INET_DIAG) += inet_diag.o
+obj-$(CONFIG_INET_DIAG) += inet_diag.o
obj-$(CONFIG_IP_ROUTE_MULTIPATH_CACHED) += multipath.o
+obj-$(CONFIG_INET_TCP_DIAG) += tcp_diag.o
obj-$(CONFIG_TCP_CONG_BIC) += tcp_bic.o
obj-$(CONFIG_TCP_CONG_WESTWOOD) += tcp_westwood.o
obj-$(CONFIG_TCP_CONG_HSTCP) += tcp_highspeed.o
diff --git a/net/ipv4/inet_diag.c b/net/ipv4/inet_diag.c
--- a/net/ipv4/inet_diag.c
+++ b/net/ipv4/inet_diag.c
@@ -797,25 +797,6 @@ static void inet_diag_rcv(struct sock *s
}
}
-static void tcp_diag_get_info(struct sock *sk, struct inet_diag_msg *r,
- void *_info)
-{
- const struct tcp_sock *tp = tcp_sk(sk);
- struct tcp_info *info = _info;
-
- r-idiag_rqueue = tp-rcv_nxt - tp-copied_seq;
-
[NETFILTER]: introduce and use aligned_u64 data type
tree 62317e893be4261f456d666efd1105b7871d36b9
parent 17b085eacef81a6286bd478f2ec75e04abb091cb
author Harald Welte [EMAIL PROTECTED] Sun, 14 Aug 2005 03:55:44 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:57:59 -0700
[NETFILTER]: introduce and use aligned_u64 data type
As proposed by Andi Kleen, this is required esp. for x86_64 architecture,
where 64bit code needs 8byte aligned 64bit data types, but 32bit userspace
apps will only align to 4bytes.
Signed-off-by: Harald Welte [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/linux/netfilter/nfnetlink_log.h |5 +++--
include/linux/netfilter/nfnetlink_queue.h |5 +++--
include/linux/types.h |3 +++
3 files changed, 9 insertions(+), 4 deletions(-)
diff --git a/include/linux/netfilter/nfnetlink_log.h
b/include/linux/netfilter/nfnetlink_log.h
--- a/include/linux/netfilter/nfnetlink_log.h
+++ b/include/linux/netfilter/nfnetlink_log.h
@@ -5,6 +5,7 @@
* and not any kind of function definitions. It is shared between kernel and
* userspace. Don't put kernel specific stuff in here */
+#include linux/types.h
#include linux/netfilter/nfnetlink.h
enum nfulnl_msg_types {
@@ -27,8 +28,8 @@ struct nfulnl_msg_packet_hw {
} __attribute__ ((packed));
struct nfulnl_msg_packet_timestamp {
- u_int64_t sec;
- u_int64_t usec;
+ aligned_u64 sec;
+ aligned_u64 usec;
} __attribute__ ((packed));
#define NFULNL_PREFIXLEN 30 /* just like old log target */
diff --git a/include/linux/netfilter/nfnetlink_queue.h
b/include/linux/netfilter/nfnetlink_queue.h
--- a/include/linux/netfilter/nfnetlink_queue.h
+++ b/include/linux/netfilter/nfnetlink_queue.h
@@ -1,6 +1,7 @@
#ifndef _NFNETLINK_QUEUE_H
#define _NFNETLINK_QUEUE_H
+#include linux/types.h
#include linux/netfilter/nfnetlink.h
enum nfqnl_msg_types {
@@ -24,8 +25,8 @@ struct nfqnl_msg_packet_hw {
} __attribute__ ((packed));
struct nfqnl_msg_packet_timestamp {
- u_int64_t sec;
- u_int64_t usec;
+ aligned_u64 sec;
+ aligned_u64 usec;
} __attribute__ ((packed));
enum nfqnl_attr_type {
diff --git a/include/linux/types.h b/include/linux/types.h
--- a/include/linux/types.h
+++ b/include/linux/types.h
@@ -123,6 +123,9 @@ typedef __u64 u_int64_t;
typedef__s64 int64_t;
#endif
+/* this is a special 64bit data type that is 8-byte aligned */
+#define aligned_u64 unsigned long long __attribute__((aligned(8)))
+
/*
* The type used for indexing onto a disc or disc partition.
* If required, asm/types.h can override it and define
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
[NETFILTER]: Add new iptables connbytes match
tree 1eaa57851bbc1094b92c539de8e7509aa297
parent 0ba2c6e8c0fb5cde5a23a213c2e7cb851b85c310
author Harald Welte [EMAIL PROTECTED] Sun, 14 Aug 2005 03:56:26 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:58:04 -0700
[NETFILTER]: Add new iptables connbytes match
This patch ads a new connbytes match that utilizes the CONFIG_NF_CT_ACCT
per-connection byte and packet counters. Using it you can do things like
packet classification on average packet size within a connection.
Signed-off-by: Harald Welte [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/linux/netfilter_ipv4/ipt_connbytes.h | 25
net/ipv4/netfilter/Kconfig | 11 +
net/ipv4/netfilter/Makefile |1
net/ipv4/netfilter/ipt_connbytes.c | 166 +++
4 files changed, 202 insertions(+), 1 deletion(-)
diff --git a/include/linux/netfilter_ipv4/ipt_connbytes.h
b/include/linux/netfilter_ipv4/ipt_connbytes.h
new file mode 100644
--- /dev/null
+++ b/include/linux/netfilter_ipv4/ipt_connbytes.h
@@ -0,0 +1,25 @@
+#ifndef _IPT_CONNBYTES_H
+#define _IPT_CONNBYTES_H
+
+enum ipt_connbytes_what {
+ IPT_CONNBYTES_WHAT_PKTS,
+ IPT_CONNBYTES_WHAT_BYTES,
+ IPT_CONNBYTES_WHAT_AVGPKT,
+};
+
+enum ipt_connbytes_direction {
+ IPT_CONNBYTES_DIR_ORIGINAL,
+ IPT_CONNBYTES_DIR_REPLY,
+ IPT_CONNBYTES_DIR_BOTH,
+};
+
+struct ipt_connbytes_info
+{
+ struct {
+ aligned_u64 from; /* count to be matched */
+ aligned_u64 to; /* count to be matched */
+ } count;
+ u_int8_t what; /* ipt_connbytes_what */
+ u_int8_t direction; /* ipt_connbytes_direction */
+};
+#endif
diff --git a/net/ipv4/netfilter/Kconfig b/net/ipv4/netfilter/Kconfig
--- a/net/ipv4/netfilter/Kconfig
+++ b/net/ipv4/netfilter/Kconfig
@@ -386,6 +386,16 @@ config IP_NF_MATCH_CONNMARK
file:Documentation/modules.txt. The module will be called
ipt_connmark.o. If unsure, say `N'.
+config IP_NF_MATCH_CONNBYTES
+ tristate 'Connection byte/packet counter match support'
+ depends on IP_NF_CT_ACCT IP_NF_IPTABLES
+ help
+ This option adds a `connbytes' match, which allows you to match the
+ number of bytes and/or packets for each direction within a connection.
+
+ If you want to compile it as a module, say M here and read
+ file:Documentation/modules.txt. If unsure, say `N'.
+
config IP_NF_MATCH_HASHLIMIT
tristate 'hashlimit match support'
depends on IP_NF_IPTABLES
@@ -723,6 +733,5 @@ config IP_NF_CONNTRACK_NETLINK
help
This option enables support for a netlink-based userspace interface
-
endmenu
diff --git a/net/ipv4/netfilter/Makefile b/net/ipv4/netfilter/Makefile
--- a/net/ipv4/netfilter/Makefile
+++ b/net/ipv4/netfilter/Makefile
@@ -59,6 +59,7 @@ obj-$(CONFIG_IP_NF_MATCH_TTL) += ipt_ttl
obj-$(CONFIG_IP_NF_MATCH_STATE) += ipt_state.o
obj-$(CONFIG_IP_NF_MATCH_CONNMARK) += ipt_connmark.o
obj-$(CONFIG_IP_NF_MATCH_CONNTRACK) += ipt_conntrack.o
+obj-$(CONFIG_IP_NF_MATCH_CONNBYTES) += ipt_connbytes.o
obj-$(CONFIG_IP_NF_MATCH_TCPMSS) += ipt_tcpmss.o
obj-$(CONFIG_IP_NF_MATCH_REALM) += ipt_realm.o
obj-$(CONFIG_IP_NF_MATCH_ADDRTYPE) += ipt_addrtype.o
diff --git a/net/ipv4/netfilter/ipt_connbytes.c
b/net/ipv4/netfilter/ipt_connbytes.c
new file mode 100644
--- /dev/null
+++ b/net/ipv4/netfilter/ipt_connbytes.c
@@ -0,0 +1,166 @@
+/* Kernel module to match connection tracking byte counter.
+ * GPL (C) 2002 Martin Devera ([EMAIL PROTECTED]).
+ *
+ * 2004-07-20 Harald Welte [EMAIL PROTECTED]
+ * - reimplemented to use per-connection accounting counters
+ * - add functionality to match number of packets
+ * - add functionality to match average packet size
+ * - add support to match directions seperately
+ *
+ */
+#include linux/module.h
+#include linux/skbuff.h
+#include linux/netfilter_ipv4/ip_conntrack.h
+#include linux/netfilter_ipv4/ip_tables.h
+#include linux/netfilter_ipv4/ipt_connbytes.h
+
+#include asm/div64.h
+#include asm/bitops.h
+
+MODULE_LICENSE(GPL);
+MODULE_AUTHOR(Harald Welte [EMAIL PROTECTED]);
+MODULE_DESCRIPTION(iptables match for matching number of pkts/bytes per
connection);
+
+/* 64bit divisor, dividend and result. dynamic precision */
+static u_int64_t div64_64(u_int64_t divisor, u_int64_t dividend)
+{
+ u_int64_t result = divisor;
+
+ if (dividend 0x) {
+ int first_bit = find_first_bit((unsigned long *) dividend,
sizeof(dividend));
+ /* calculate number of bits to shift. shift exactly enough
+* bits to make dividend fit in 32bits. */
+ int num_shift = (64 - 32 - first_bit);
+ /* first bit has to be 32, since dividend was 0x */
+ result = result num_shift;
+ dividend = dividend num_shift;
+ }
+
+
[NETFILTER]: Fix div64_64 in ipt_connbytes
tree d7c57be003aff2de6068acbe751182264acf3d25
parent 9d810fd2d28a9d672eca3136476af1a54a380bb2
author Patrick McHardy [EMAIL PROTECTED] Sun, 14 Aug 2005 03:57:58 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:58:11 -0700
[NETFILTER]: Fix div64_64 in ipt_connbytes
Signed-off-by: Patrick McHardy [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
net/ipv4/netfilter/ipt_connbytes.c | 22 +-
1 files changed, 9 insertions(+), 13 deletions(-)
diff --git a/net/ipv4/netfilter/ipt_connbytes.c
b/net/ipv4/netfilter/ipt_connbytes.c
--- a/net/ipv4/netfilter/ipt_connbytes.c
+++ b/net/ipv4/netfilter/ipt_connbytes.c
@@ -22,23 +22,19 @@ MODULE_AUTHOR(Harald Welte [EMAIL PROTECTED]
MODULE_DESCRIPTION(iptables match for matching number of pkts/bytes per
connection);
/* 64bit divisor, dividend and result. dynamic precision */
-static u_int64_t div64_64(u_int64_t divisor, u_int64_t dividend)
+static u_int64_t div64_64(u_int64_t dividend, u_int64_t divisor)
{
- u_int64_t result = divisor;
+ u_int32_t d = divisor;
- if (dividend 0x) {
- int first_bit = find_first_bit((unsigned long *) dividend,
sizeof(dividend));
- /* calculate number of bits to shift. shift exactly enough
-* bits to make dividend fit in 32bits. */
- int num_shift = (64 - 32 - first_bit);
- /* first bit has to be 32, since dividend was 0x */
- result = result num_shift;
- dividend = dividend num_shift;
- }
+ if (divisor 0xULL) {
+ unsigned int shift = fls(divisor 32);
- do_div(divisor, dividend);
+ d = divisor shift;
+ dividend = shift;
+ }
- return divisor;
+ do_div(dividend, d);
+ return dividend;
}
static int
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
[DCCP]: Introduce the DCCP Kernel hacking menu
tree e4d92f0fcbac811ae5954f771794165225b0726f
parent 531669a0a9041d60d13920973ef8aa4f743c14a0
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Sun, 14 Aug 2005 02:35:39
-0300
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:59:43 -0700
[DCCP]: Introduce the DCCP Kernel hacking menu
Only available if CONFIG_DEBUG_KERNEL is enabled in the Kernel
Hacking Menu.
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
net/dccp/Kconfig | 21 +
net/dccp/ccids/ccid3.c |9 +
net/dccp/dccp.h|7 +++
net/dccp/options.c | 18 +-
net/dccp/proto.c | 22 ++
5 files changed, 56 insertions(+), 21 deletions(-)
diff --git a/net/dccp/Kconfig b/net/dccp/Kconfig
--- a/net/dccp/Kconfig
+++ b/net/dccp/Kconfig
@@ -26,4 +26,25 @@ config INET_DCCP_DIAG
source net/dccp/ccids/Kconfig
+menu DCCP Kernel Hacking
+ depends on IP_DCCP=m DEBUG_KERNEL=y
+
+config IP_DCCP_DEBUG
+ bool DCCP debug messages
+ ---help---
+ Only use this if you're hacking DCCP.
+
+ Just say N.
+
+config IP_DCCP_UNLOAD_HACK
+ depends on IP_DCCP_CCID3=m
+ bool DCCP control sock unload hack
+ ---help---
+ Enable this to be able to unload the dccp module when the it
+ has only one refcount held, the control sock one. Just execute
+ rmmod dccp_ccid3 dccp
+
+ Just say N.
+endmenu
+
endmenu
diff --git a/net/dccp/ccids/ccid3.c b/net/dccp/ccids/ccid3.c
--- a/net/dccp/ccids/ccid3.c
+++ b/net/dccp/ccids/ccid3.c
@@ -2078,6 +2078,15 @@ module_init(ccid3_module_init);
static __exit void ccid3_module_exit(void)
{
+#ifdef CONFIG_IP_DCCP_UNLOAD_HACK
+ /*
+* Hack to use while developing, so that we get rid of the control
+* sock, that is what keeps a refcount on dccp.ko -acme
+*/
+ extern void dccp_ctl_sock_exit(void);
+
+ dccp_ctl_sock_exit();
+#endif
ccid_unregister(ccid3);
if (ccid3_tx_hist != NULL) {
diff --git a/net/dccp/dccp.h b/net/dccp/dccp.h
--- a/net/dccp/dccp.h
+++ b/net/dccp/dccp.h
@@ -11,14 +11,13 @@
* published by the Free Software Foundation.
*/
+#include linux/config.h
#include linux/dccp.h
#include net/snmp.h
#include net/sock.h
#include net/tcp.h
-#define DCCP_DEBUG
-
-#ifdef DCCP_DEBUG
+#ifdef CONFIG_IP_DCCP_DEBUG
extern int dccp_debug;
#define dccp_pr_debug(format, a...) \
@@ -426,7 +425,7 @@ extern int dccp_ackpkts_add(struct dccp_
extern void dccp_ackpkts_check_rcv_ackno(struct dccp_ackpkts *ap,
struct sock *sk, u64 ackno);
-#ifdef DCCP_DEBUG
+#ifdef CONFIG_IP_DCCP_DEBUG
extern void dccp_ackvector_print(const u64 ackno,
const unsigned char *vector, int len);
extern void dccp_ackpkts_print(const struct dccp_ackpkts *ap);
diff --git a/net/dccp/options.c b/net/dccp/options.c
--- a/net/dccp/options.c
+++ b/net/dccp/options.c
@@ -58,7 +58,7 @@ static u32 dccp_decode_value_var(const u
int dccp_parse_options(struct sock *sk, struct sk_buff *skb)
{
struct dccp_sock *dp = dccp_sk(sk);
-#ifdef DCCP_DEBUG
+#ifdef CONFIG_IP_DCCP_DEBUG
const char *debug_prefix = dp-dccps_role == DCCP_ROLE_CLIENT ?
CLIENT rx opt: : server rx opt: ;
#endif
@@ -303,7 +303,7 @@ void dccp_insert_option_elapsed_time(str
struct sk_buff *skb,
u32 elapsed_time)
{
-#ifdef DCCP_DEBUG
+#ifdef CONFIG_IP_DCCP_DEBUG
struct dccp_sock *dp = dccp_sk(sk);
const char *debug_prefix = dp-dccps_role == DCCP_ROLE_CLIENT ?
CLIENT TX opt: : server TX opt: ;
@@ -341,7 +341,7 @@ EXPORT_SYMBOL(dccp_insert_option_elapsed
static void dccp_insert_option_ack_vector(struct sock *sk, struct sk_buff *skb)
{
struct dccp_sock *dp = dccp_sk(sk);
-#ifdef DCCP_DEBUG
+#ifdef CONFIG_IP_DCCP_DEBUG
const char *debug_prefix = dp-dccps_role == DCCP_ROLE_CLIENT ?
CLIENT TX opt: : server TX opt: ;
#endif
@@ -425,7 +425,7 @@ static void dccp_insert_option_timestamp
struct sk_buff *skb)
{
struct dccp_sock *dp = dccp_sk(sk);
-#ifdef DCCP_DEBUG
+#ifdef CONFIG_IP_DCCP_DEBUG
const char *debug_prefix = dp-dccps_role == DCCP_ROLE_CLIENT ?
CLIENT TX opt: : server TX opt: ;
#endif
@@ -504,7 +504,7 @@ struct dccp_ackpkts *dccp_ackpkts_alloc(
struct dccp_ackpkts *ap = kmalloc(sizeof(*ap) + len, priority);
if (ap != NULL) {
-#ifdef DCCP_DEBUG
+#ifdef CONFIG_IP_DCCP_DEBUG
memset(ap-dccpap_buf, 0xFF, len);
#endif
ap-dccpap_buf_len = len;
@@ -526,7 +526,7 @@ struct dccp_ackpkts *dccp_ackpkts_alloc(
void
[DCCP]: Fix RESET handling in dccp_rcv_state_process
tree e6024532d165f5dc9987fe38fb84cb2076c86100
parent 725ba8eee3881e619c8e5a0116f1bdb6480ac2d9
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Sun, 14 Aug 2005 02:36:01
-0300
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 05:59:50 -0700
[DCCP]: Fix RESET handling in dccp_rcv_state_process
To avoid holding TIMEWAIT state for sockets in the LISTEN state.
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
net/dccp/input.c | 60 ++-
1 files changed, 42 insertions(+), 18 deletions(-)
diff --git a/net/dccp/input.c b/net/dccp/input.c
--- a/net/dccp/input.c
+++ b/net/dccp/input.c
@@ -402,7 +402,48 @@ int dccp_rcv_state_process(struct sock *
const int old_state = sk-sk_state;
int queued = 0;
- if (sk-sk_state != DCCP_LISTEN sk-sk_state != DCCP_REQUESTING) {
+ /*
+* Step 3: Process LISTEN state
+* (Continuing from dccp_v4_do_rcv and dccp_v6_do_rcv)
+*
+* If S.state == LISTEN,
+*If P.type == Request or P contains a valid Init Cookie
+* option,
+* * Must scan the packet's options to check for an Init
+* Cookie. Only the Init Cookie is processed here,
+* however; other options are processed in Step 8. This
+* scan need only be performed if the endpoint uses Init
+* Cookies *
+* * Generate a new socket and switch to that socket *
+* Set S := new socket for this port pair
+* S.state = RESPOND
+* Choose S.ISS (initial seqno) or set from Init Cookie
+* Set S.ISR, S.GSR, S.SWL, S.SWH from packet or Init Cookie
+* Continue with S.state == RESPOND
+* * A Response packet will be generated in Step 11 *
+*Otherwise,
+* Generate Reset(No Connection) unless P.type == Reset
+* Drop packet and return
+*
+* NOTE: the check for the packet types is done in
+* dccp_rcv_state_process
+*/
+ if (sk-sk_state == DCCP_LISTEN) {
+ if (dh-dccph_type == DCCP_PKT_REQUEST) {
+ if (dccp_v4_conn_request(sk, skb) 0)
+ return 1;
+
+ /* FIXME: do congestion control initialization */
+ goto discard;
+ }
+ if (dh-dccph_type == DCCP_PKT_RESET)
+ goto discard;
+
+ /* Caller (dccp_v4_do_rcv) will send Reset(No Connection)*/
+ return 1;
+ }
+
+ if (sk-sk_state != DCCP_REQUESTING) {
if (dccp_check_seqno(sk, skb))
goto discard;
@@ -484,23 +525,6 @@ int dccp_rcv_state_process(struct sock *
case DCCP_CLOSED:
return 1;
- case DCCP_LISTEN:
- if (dh-dccph_type == DCCP_PKT_ACK ||
- dh-dccph_type == DCCP_PKT_DATAACK)
- return 1;
-
- if (dh-dccph_type == DCCP_PKT_RESET)
- goto discard;
-
- if (dh-dccph_type == DCCP_PKT_REQUEST) {
- if (dccp_v4_conn_request(sk, skb) 0)
- return 1;
-
- /* FIXME: do congestion control initialization */
- goto discard;
- }
- goto discard;
-
case DCCP_REQUESTING:
/* FIXME: do congestion control initialization */
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
[NETLINK]: Return -EPROTONOSUPPORT in netlink_create() if no kernel socket is registered
tree abd497f5b7023ff748001d6ef182d74f882f1a07
parent ac6d439d2097b72ea0cbc2322ce1263a38bc1fd0
author Patrick McHardy [EMAIL PROTECTED] Mon, 15 Aug 2005 09:31:36 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 06:00:58 -0700
[NETLINK]: Return -EPROTONOSUPPORT in netlink_create() if no kernel socket is
registered
This is necessary for dynamic number of netlink groups to make sure we know
the number of possible groups before bind() is called. With this change pure
userspace communication using unused netlink protocols becomes impossible.
Signed-off-by: Patrick McHardy [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
net/netlink/af_netlink.c | 72 ---
1 files changed, 44 insertions(+), 28 deletions(-)
diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
--- a/net/netlink/af_netlink.c
+++ b/net/netlink/af_netlink.c
@@ -102,6 +102,7 @@ struct netlink_table {
struct hlist_head mc_list;
unsigned int nl_nonroot;
struct module *module;
+ int registered;
};
static struct netlink_table *nl_table;
@@ -343,11 +344,32 @@ static struct proto netlink_proto = {
.obj_size = sizeof(struct netlink_sock),
};
-static int netlink_create(struct socket *sock, int protocol)
+static int __netlink_create(struct socket *sock, int protocol)
{
struct sock *sk;
struct netlink_sock *nlk;
- struct module *module;
+
+ sock-ops = netlink_ops;
+
+ sk = sk_alloc(PF_NETLINK, GFP_KERNEL, netlink_proto, 1);
+ if (!sk)
+ return -ENOMEM;
+
+ sock_init_data(sock, sk);
+
+ nlk = nlk_sk(sk);
+ spin_lock_init(nlk-cb_lock);
+ init_waitqueue_head(nlk-wait);
+
+ sk-sk_destruct = netlink_sock_destruct;
+ sk-sk_protocol = protocol;
+ return 0;
+}
+
+static int netlink_create(struct socket *sock, int protocol)
+{
+ struct module *module = NULL;
+ int err = 0;
sock-state = SS_UNCONNECTED;
@@ -358,41 +380,33 @@ static int netlink_create(struct socket
return -EPROTONOSUPPORT;
netlink_lock_table();
- if (!nl_table[protocol].hash.entries) {
#ifdef CONFIG_KMOD
- /* We do 'best effort'. If we find a matching module,
-* it is loaded. If not, we don't return an error to
-* allow pure userspace-userspace communication. -HW
-*/
+ if (!nl_table[protocol].registered) {
netlink_unlock_table();
request_module(net-pf-%d-proto-%d, PF_NETLINK, protocol);
netlink_lock_table();
-#endif
}
- module = nl_table[protocol].module;
- if (!try_module_get(module))
- module = NULL;
+#endif
+ if (nl_table[protocol].registered
+ try_module_get(nl_table[protocol].module))
+ module = nl_table[protocol].module;
+ else
+ err = -EPROTONOSUPPORT;
netlink_unlock_table();
- sock-ops = netlink_ops;
-
- sk = sk_alloc(PF_NETLINK, GFP_KERNEL, netlink_proto, 1);
- if (!sk) {
- module_put(module);
- return -ENOMEM;
- }
-
- sock_init_data(sock, sk);
+ if (err)
+ goto out;
- nlk = nlk_sk(sk);
+ if ((err = __netlink_create(sock, protocol) 0))
+ goto out_module;
- nlk-module = module;
- spin_lock_init(nlk-cb_lock);
- init_waitqueue_head(nlk-wait);
- sk-sk_destruct = netlink_sock_destruct;
+ nlk_sk(sock-sk)-module = module;
+out:
+ return err;
- sk-sk_protocol = protocol;
- return 0;
+out_module:
+ module_put(module);
+ goto out;
}
static int netlink_release(struct socket *sock)
@@ -437,6 +451,7 @@ static int netlink_release(struct socket
if (nlk-flags NETLINK_KERNEL_SOCKET) {
netlink_table_grab();
nl_table[sk-sk_protocol].module = NULL;
+ nl_table[sk-sk_protocol].registered = 0;
netlink_table_ungrab();
}
@@ -1082,7 +1097,7 @@ netlink_kernel_create(int unit, void (*i
if (sock_create_lite(PF_NETLINK, SOCK_DGRAM, unit, sock))
return NULL;
- if (netlink_create(sock, unit) 0)
+ if (__netlink_create(sock, unit) 0)
goto out_sock_release;
sk = sock-sk;
@@ -1098,6 +1113,7 @@ netlink_kernel_create(int unit, void (*i
netlink_table_grab();
nl_table[unit].module = module;
+ nl_table[unit].registered = 1;
netlink_table_ungrab();
return sk;
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
[NETLINK]: Add groups argument to netlink_kernel_create
tree ef6604f16ceb13842a30311654e6a64aac716c48
parent 9a4595bc7e67962f13232ee55a64e063062c3a99
author Patrick McHardy [EMAIL PROTECTED] Tue, 16 Aug 2005 02:33:26 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 06:01:11 -0700
[NETLINK]: Add groups argument to netlink_kernel_create
Signed-off-by: Patrick McHardy [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
drivers/w1/w1_int.c |2 +-
include/linux/netlink.h |2 +-
kernel/audit.c |2 +-
lib/kobject_uevent.c|2 +-
net/bridge/netfilter/ebt_ulog.c |3 ++-
net/core/rtnetlink.c|3 ++-
net/decnet/netfilter/dn_rtmsg.c |4 ++--
net/ipv4/fib_frontend.c |2 +-
net/ipv4/inet_diag.c|2 +-
net/ipv4/netfilter/ip_queue.c |2 +-
net/ipv4/netfilter/ipt_ULOG.c |3 ++-
net/ipv6/netfilter/ip6_queue.c |3 ++-
net/netfilter/nfnetlink.c |4 ++--
net/netlink/af_netlink.c|6 --
net/xfrm/xfrm_user.c|4 ++--
security/selinux/netlink.c |3 ++-
16 files changed, 27 insertions(+), 20 deletions(-)
diff --git a/drivers/w1/w1_int.c b/drivers/w1/w1_int.c
--- a/drivers/w1/w1_int.c
+++ b/drivers/w1/w1_int.c
@@ -88,7 +88,7 @@ static struct w1_master * w1_alloc_dev(u
dev-groups = 1;
dev-seq = 1;
- dev-nls = netlink_kernel_create(NETLINK_W1, NULL, THIS_MODULE);
+ dev-nls = netlink_kernel_create(NETLINK_W1, 1, NULL, THIS_MODULE);
if (!dev-nls) {
printk(KERN_ERR Failed to create new netlink socket(%u) for w1
master %s.\n,
NETLINK_NFLOG, dev-dev.bus_id);
diff --git a/include/linux/netlink.h b/include/linux/netlink.h
--- a/include/linux/netlink.h
+++ b/include/linux/netlink.h
@@ -125,7 +125,7 @@ struct netlink_skb_parms
#define NETLINK_CREDS(skb) (NETLINK_CB((skb)).creds)
-extern struct sock *netlink_kernel_create(int unit, void (*input)(struct sock
*sk, int len), struct module *module);
+extern struct sock *netlink_kernel_create(int unit, unsigned int groups, void
(*input)(struct sock *sk, int len), struct module *module);
extern void netlink_ack(struct sk_buff *in_skb, struct nlmsghdr *nlh, int err);
extern int netlink_unicast(struct sock *ssk, struct sk_buff *skb, __u32 pid,
int nonblock);
extern int netlink_broadcast(struct sock *ssk, struct sk_buff *skb, __u32 pid,
diff --git a/kernel/audit.c b/kernel/audit.c
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -514,7 +514,7 @@ static int __init audit_init(void)
{
printk(KERN_INFO audit: initializing netlink socket (%s)\n,
audit_default ? enabled : disabled);
- audit_sock = netlink_kernel_create(NETLINK_AUDIT, audit_receive,
+ audit_sock = netlink_kernel_create(NETLINK_AUDIT, 0, audit_receive,
THIS_MODULE);
if (!audit_sock)
audit_panic(cannot initialize netlink socket);
diff --git a/lib/kobject_uevent.c b/lib/kobject_uevent.c
--- a/lib/kobject_uevent.c
+++ b/lib/kobject_uevent.c
@@ -154,7 +154,7 @@ EXPORT_SYMBOL_GPL(kobject_uevent_atomic)
static int __init kobject_uevent_init(void)
{
- uevent_sock = netlink_kernel_create(NETLINK_KOBJECT_UEVENT, NULL,
+ uevent_sock = netlink_kernel_create(NETLINK_KOBJECT_UEVENT, 1, NULL,
THIS_MODULE);
if (!uevent_sock) {
diff --git a/net/bridge/netfilter/ebt_ulog.c b/net/bridge/netfilter/ebt_ulog.c
--- a/net/bridge/netfilter/ebt_ulog.c
+++ b/net/bridge/netfilter/ebt_ulog.c
@@ -258,7 +258,8 @@ static int __init init(void)
spin_lock_init(ulog_buffers[i].lock);
}
- ebtulognl = netlink_kernel_create(NETLINK_NFLOG, NULL, THIS_MODULE);
+ ebtulognl = netlink_kernel_create(NETLINK_NFLOG, EBT_ULOG_MAXNLGROUPS,
+ NULL, THIS_MODULE);
if (!ebtulognl)
ret = -ENOMEM;
else if ((ret = ebt_register_watcher(ulog)))
diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
--- a/net/core/rtnetlink.c
+++ b/net/core/rtnetlink.c
@@ -708,7 +708,8 @@ void __init rtnetlink_init(void)
if (!rta_buf)
panic(rtnetlink_init: cannot allocate rta_buf\n);
- rtnl = netlink_kernel_create(NETLINK_ROUTE, rtnetlink_rcv, THIS_MODULE);
+ rtnl = netlink_kernel_create(NETLINK_ROUTE, RTNLGRP_MAX, rtnetlink_rcv,
+THIS_MODULE);
if (rtnl == NULL)
panic(rtnetlink_init: cannot initialize rtnetlink\n);
netlink_set_nonroot(NETLINK_ROUTE, NL_NONROOT_RECV);
diff --git a/net/decnet/netfilter/dn_rtmsg.c b/net/decnet/netfilter/dn_rtmsg.c
--- a/net/decnet/netfilter/dn_rtmsg.c
+++ b/net/decnet/netfilter/dn_rtmsg.c
@@ -138,8 +138,8 @@ static int __init init(void)
{
int rv = 0;
- dnrmg = netlink_kernel_create(NETLINK_DNRTMSG, dnrmg_receive_user_sk,
-
[SELINUX]: Update for tcp_diag rename to inet_diag.
tree c05cd2d0ec829d18a8f85ff8611c0e1424303f52
parent 066286071d3542243baa68166acb779187c848b3
author James Morris [EMAIL PROTECTED] Tue, 16 Aug 2005 10:34:48 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 06:01:15 -0700
[SELINUX]: Update for tcp_diag rename to inet_diag.
Also, support dccp sockets.
Signed-off-by: James Morris [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
security/selinux/hooks.c|2 +-
security/selinux/nlmsgtab.c |3 ++-
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -659,7 +659,7 @@ static inline u16 socket_type_to_securit
return SECCLASS_NETLINK_ROUTE_SOCKET;
case NETLINK_FIREWALL:
return SECCLASS_NETLINK_FIREWALL_SOCKET;
- case NETLINK_TCPDIAG:
+ case NETLINK_INET_DIAG:
return SECCLASS_NETLINK_TCPDIAG_SOCKET;
case NETLINK_NFLOG:
return SECCLASS_NETLINK_NFLOG_SOCKET;
diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c
--- a/security/selinux/nlmsgtab.c
+++ b/security/selinux/nlmsgtab.c
@@ -16,7 +16,7 @@
#include linux/rtnetlink.h
#include linux/if.h
#include linux/netfilter_ipv4/ip_queue.h
-#include linux/tcp_diag.h
+#include linux/inet_diag.h
#include linux/xfrm.h
#include linux/audit.h
@@ -76,6 +76,7 @@ static struct nlmsg_perm nlmsg_firewall_
static struct nlmsg_perm nlmsg_tcpdiag_perms[] =
{
{ TCPDIAG_GETSOCK, NETLINK_TCPDIAG_SOCKET__NLMSG_READ },
+ { DCCPDIAG_GETSOCK, NETLINK_TCPDIAG_SOCKET__NLMSG_READ },
};
static struct nlmsg_perm nlmsg_xfrm_perms[] =
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
[RXRPC]: Fix build failure introduced by skb-stamp changes.
tree d92a266b33deaa9a8ff78640df8126da61b97a76
parent 63a1222b1fd79c52491c14534b086bffbfaed8bf
author Andrew Morton [EMAIL PROTECTED] Tue, 16 Aug 2005 11:13:25 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 06:01:24 -0700
[RXRPC]: Fix build failure introduced by skb-stamp changes.
Signed-off-by: Andrew Morton [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
net/rxrpc/transport.c |2 +-
1 files changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/rxrpc/transport.c b/net/rxrpc/transport.c
--- a/net/rxrpc/transport.c
+++ b/net/rxrpc/transport.c
@@ -330,7 +330,7 @@ static int rxrpc_incoming_msg(struct rxr
msg-trans = trans;
msg-state = RXRPC_MSG_RECEIVED;
- msg-stamp = pkt-stamp;
+ skb_get_timestamp(pkt, msg-stamp);
if (msg-stamp.tv_sec == 0) {
do_gettimeofday(msg-stamp);
if (pkt-sk)
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
[NET]: Fix sparse warnings
tree abd31e5ebfadcf4f9024634eec8b11855029e512
parent 9deff7f2365958c5c5aa8cb5a0dd651c4dd83f8f
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Tue, 16 Aug 2005 08:18:02
-0300
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 06:01:32 -0700
[NET]: Fix sparse warnings
Of this type, mostly:
CHECK net/ipv6/netfilter.c
net/ipv6/netfilter.c:96:12: warning: symbol 'ipv6_netfilter_init' was not
declared. Should it be static?
net/ipv6/netfilter.c:101:6: warning: symbol 'ipv6_netfilter_fini' was not
declared. Should it be static?
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/linux/if_ether.h|2 +
include/linux/if_frad.h |6 +++--
include/linux/if_tr.h |4 +++
include/linux/igmp.h|3 ++
include/linux/net.h |7 ++
include/linux/netdevice.h | 10 +
include/linux/netfilter_ipv6.h |4 +--
include/linux/security.h|6 +++--
include/linux/skbuff.h |2 +
include/linux/socket.h |7 ++
include/net/addrconf.h |6 +
include/net/af_unix.h | 15 +
include/net/icmp.h |7 ++
include/net/ip.h| 23 +
include/net/ip_fib.h|5
include/net/ipv6.h | 35 ++--
include/net/p8022.h |2 +
include/net/raw.h |7 +-
include/net/route.h |2 +
include/net/sock.h | 12 +++
include/net/tcp.h | 12 +++
include/net/udp.h |5
init/main.c |2 -
kernel/sysctl.c |4 ---
net/802/p8023.c |1
net/802/sysctl_net_802.c|3 +-
net/core/dev.c |6 -
net/core/sysctl_net_core.c |9 +---
net/core/utils.c|2 +
net/core/wireless.c |4 ---
net/ethernet/eth.c |2 -
net/ethernet/sysctl_net_ether.c |1
net/ipv4/af_inet.c | 14 -
net/ipv4/datagram.c |1
net/ipv4/inetpeer.c |1
net/ipv4/ip_sockglue.c |2 -
net/ipv4/proc.c |3 --
net/ipv4/syncookies.c |2 -
net/ipv4/sysctl_net_ipv4.c | 43 ++--
net/ipv4/tcp_input.c|2 -
net/ipv4/tcp_ipv4.c |2 -
net/ipv6/addrconf.c |4 +--
net/ipv6/af_inet6.c | 24 --
net/ipv6/ipv6_sockglue.c|8 ---
net/ipv6/route.c|6 +
net/ipv6/sit.c |2 -
net/ipv6/sysctl_net_ipv6.c |3 --
net/ipv6/tcp_ipv6.c |4 ---
net/ipv6/udp.c |2 -
net/ipx/af_ipx.c|2 -
net/socket.c| 11 --
net/sysctl_net.c|8 ++-
net/unix/af_unix.c |8 ---
net/unix/sysctl_net_unix.c |2 -
54 files changed, 208 insertions(+), 162 deletions(-)
diff --git a/include/linux/if_ether.h b/include/linux/if_ether.h
--- a/include/linux/if_ether.h
+++ b/include/linux/if_ether.h
@@ -110,6 +110,8 @@ static inline struct ethhdr *eth_hdr(con
{
return (struct ethhdr *)skb-mac.raw;
}
+
+extern struct ctl_table ether_table[];
#endif
#endif /* _LINUX_IF_ETHER_H */
diff --git a/include/linux/if_frad.h b/include/linux/if_frad.h
--- a/include/linux/if_frad.h
+++ b/include/linux/if_frad.h
@@ -191,10 +191,12 @@ struct frad_local
int buffer; /* current buffer for S508 firmware */
};
-extern void dlci_ioctl_set(int (*hook)(unsigned int, void __user *));
-
#endif /* __KERNEL__ */
#endif /* CONFIG_DLCI || CONFIG_DLCI_MODULE */
+#ifdef __KERNEL__
+extern void dlci_ioctl_set(int (*hook)(unsigned int, void __user *));
+#endif
+
#endif
diff --git a/include/linux/if_tr.h b/include/linux/if_tr.h
--- a/include/linux/if_tr.h
+++ b/include/linux/if_tr.h
@@ -43,12 +43,16 @@ struct trh_hdr {
};
#ifdef __KERNEL__
+#include linux/config.h
#include linux/skbuff.h
static inline struct trh_hdr *tr_hdr(const struct sk_buff *skb)
{
return (struct trh_hdr *)skb-mac.raw;
}
+#ifdef CONFIG_SYSCTL
+extern struct ctl_table tr_table[];
+#endif
#endif
/* This is an Token-Ring LLC structure */
diff --git a/include/linux/igmp.h b/include/linux/igmp.h
--- a/include/linux/igmp.h
+++ b/include/linux/igmp.h
@@ -129,6 +129,9 @@ struct igmpv3_query {
#include linux/skbuff.h
#include linux/in.h
+extern int sysctl_igmp_max_memberships;
+extern int sysctl_igmp_max_msf;
+
struct ip_sf_socklist
{
unsigned intsl_max;
diff --git a/include/linux/net.h b/include/linux/net.h
--- a/include/linux/net.h
+++ b/include/linux/net.h
@@ -286,5 +286,12
[DCCP]: Fix the timestamp options
tree 8be8f0e0e19f58cc5cc9cb7d789f3283436712ed
parent bf0ff9e578ba7dd8331005f00ad7310122011f43
author Ian McDonald [EMAIL PROTECTED] Sat, 20 Aug 2005 06:23:43 -0300
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 06:02:34 -0700
[DCCP]: Fix the timestamp options
This changes timestamp, timestamp echo, and elapsed time to use units of 10
usecs as per DCCP spec. This has been tested to verify that times are correct.
Also fixed up length and used hton/ntoh more.
Still to add in later patches:
- actually use elapsed time to adjust RTT
(commented out as was prior to this patch)
- send options at times more closely following the spec
(content is now correct)
Signed-off-by: Ian McDonald [EMAIL PROTECTED]
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/linux/dccp.h |2 -
net/dccp/ccids/ccid3.c | 12 +-
net/dccp/dccp.h| 19 +-
net/dccp/options.c | 87 +
4 files changed, 79 insertions(+), 41 deletions(-)
diff --git a/include/linux/dccp.h b/include/linux/dccp.h
--- a/include/linux/dccp.h
+++ b/include/linux/dccp.h
@@ -415,7 +415,7 @@ struct dccp_sock {
__u64 dccps_gsr;
__u64 dccps_gar;
unsigned long dccps_service;
- unsigned long dccps_timestamp_time;
+ struct timeval dccps_timestamp_time;
__u32 dccps_timestamp_echo;
__u32 dccps_avg_packet_size;
unsigned long dccps_ndp_count;
diff --git a/net/dccp/ccids/ccid3.c b/net/dccp/ccids/ccid3.c
--- a/net/dccp/ccids/ccid3.c
+++ b/net/dccp/ccids/ccid3.c
@@ -2,12 +2,12 @@
* net/dccp/ccids/ccid3.c
*
* Copyright (c) 2005 The University of Waikato, Hamilton, New Zealand.
+ * Copyright (c) 2005 Ian McDonald [EMAIL PROTECTED]
*
* An implementation of the DCCP protocol
*
* This code has been developed by the University of Waikato WAND
* research group. For further information please see http://www.wand.net.nz/
- * or e-mail Ian McDonald - [EMAIL PROTECTED]
*
* This code also uses code from Lulea University, rereleased as GPL by its
* authors:
@@ -174,14 +174,6 @@ static inline void timeval_fix(struct ti
}
}
-/* returns the difference in usecs between timeval passed in and current time
*/
-static inline u32 now_delta(struct timeval tv) {
- struct timeval now;
-
- do_gettimeofday(now);
- return ((now.tv_sec-tv.tv_sec)*100+now.tv_usec-tv.tv_usec);
-}
-
#define CALCX_ARRSIZE 500
#define CALCX_SPLIT 5
@@ -1110,7 +1102,7 @@ static void ccid3_hc_tx_packet_recv(stru
struct ccid3_options_received *opt_recv;
struct dccp_tx_hist_entry *packet;
unsigned long next_tmout;
- u16 t_elapsed;
+ u32 t_elapsed;
u32 pinv;
u32 x_recv;
u32 r_sample;
diff --git a/net/dccp/dccp.h b/net/dccp/dccp.h
--- a/net/dccp/dccp.h
+++ b/net/dccp/dccp.h
@@ -4,7 +4,8 @@
* net/dccp/dccp.h
*
* An implementation of the DCCP protocol
- * Arnaldo Carvalho de Melo [EMAIL PROTECTED]
+ * Copyright (c) 2005 Arnaldo Carvalho de Melo [EMAIL PROTECTED]
+ * Copyright (c) 2005 Ian McDonald [EMAIL PROTECTED]
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 as
@@ -404,6 +405,7 @@ extern struct socket *dccp_ctl_socket;
* @dccpap_ack_nonce - the one-bit sum of the ECN Nonces for all State 0.
*
* @dccpap_buf_len - circular buffer length
+ * @dccpap_time- the time in usecs
* @dccpap_buf - circular buffer of acknowledgeable packets
*/
struct dccp_ackpkts {
@@ -416,7 +418,7 @@ struct dccp_ackpkts {
unsigned intdccpap_buf_vector_len;
unsigned intdccpap_ack_vector_len;
unsigned intdccpap_buf_len;
- unsigned long dccpap_time;
+ struct timeval dccpap_time;
u8 dccpap_buf_nonce;
u8 dccpap_ack_nonce;
u8 dccpap_buf[0];
@@ -430,6 +432,19 @@ extern int dccp_ackpkts_add(struct dccp_
extern void dccp_ackpkts_check_rcv_ackno(struct dccp_ackpkts *ap,
struct sock *sk, u64 ackno);
+/*
+ * Returns the difference in usecs between timeval
+ * passed in and current time
+ */
+static inline u32 now_delta(struct timeval tv)
+{
+ struct timeval now;
+
+ do_gettimeofday(now);
+ return (now.tv_sec - tv.tv_sec) * USEC_PER_SEC +
+ (now.tv_usec - tv.tv_usec);
+}
+
#ifdef CONFIG_IP_DCCP_DEBUG
extern void dccp_ackvector_print(const u64 ackno,
const unsigned char *vector, int len);
diff --git
[IPV4]: Consistency and whitespace cleanup of ip_rcv()
tree af64e1a3ca7755a7962282042c342abb92daeee1
parent 2c656491e9ce77e12337073973794c4be467a489
author Thomas Graf [EMAIL PROTECTED] Sun, 21 Aug 2005 07:25:29 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 06:02:53 -0700
[IPV4]: Consistency and whitespace cleanup of ip_rcv()
Signed-off-by: Thomas Graf [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
net/ipv4/ip_input.c | 29 ++---
1 files changed, 14 insertions(+), 15 deletions(-)
diff --git a/net/ipv4/ip_input.c b/net/ipv4/ip_input.c
--- a/net/ipv4/ip_input.c
+++ b/net/ipv4/ip_input.c
@@ -361,6 +361,7 @@ drop:
int ip_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type
*pt, struct net_device *orig_dev)
{
struct iphdr *iph;
+ u32 len;
/* When the interface is in promisc. mode, drop all the crap
* that it receives, do not try to analyse it.
@@ -392,7 +393,7 @@ int ip_rcv(struct sk_buff *skb, struct n
*/
if (iph-ihl 5 || iph-version != 4)
- goto inhdr_error;
+ goto inhdr_error;
if (!pskb_may_pull(skb, iph-ihl*4))
goto inhdr_error;
@@ -400,21 +401,19 @@ int ip_rcv(struct sk_buff *skb, struct n
iph = skb-nh.iph;
if (ip_fast_csum((u8 *)iph, iph-ihl) != 0)
- goto inhdr_error;
+ goto inhdr_error;
+
+ len = ntohs(iph-tot_len);
+ if (skb-len len || len (iph-ihl*4))
+ goto inhdr_error;
- {
- __u32 len = ntohs(iph-tot_len);
- if (skb-len len || len (iph-ihl2))
- goto inhdr_error;
-
- /* Our transport medium may have padded the buffer out. Now we
know it
-* is IP we can trim to the true length of the frame.
-* Note this now means skb-len holds ntohs(iph-tot_len).
-*/
- if (pskb_trim_rcsum(skb, len)) {
- IP_INC_STATS_BH(IPSTATS_MIB_INDISCARDS);
- goto drop;
- }
+ /* Our transport medium may have padded the buffer out. Now we know it
+* is IP we can trim to the true length of the frame.
+* Note this now means skb-len holds ntohs(iph-tot_len).
+*/
+ if (pskb_trim_rcsum(skb, len)) {
+ IP_INC_STATS_BH(IPSTATS_MIB_INDISCARDS);
+ goto drop;
}
return NF_HOOK(PF_INET, NF_IP_PRE_ROUTING, skb, dev, NULL,
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
[IPV4]: Move ip options parsing out of ip_rcv_finish()
tree 9e9cb6b08e0298bcd501c5e5b672c4ff6679a43a
parent e9c604227391308b185aa6b14c7f93b0a0c2e51b
author Thomas Graf [EMAIL PROTECTED] Sun, 21 Aug 2005 07:26:12 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 06:03:00 -0700
[IPV4]: Move ip options parsing out of ip_rcv_finish()
Signed-off-by: Thomas Graf [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
net/ipv4/ip_input.c | 93 ++--
1 files changed, 54 insertions(+), 39 deletions(-)
diff --git a/net/ipv4/ip_input.c b/net/ipv4/ip_input.c
--- a/net/ipv4/ip_input.c
+++ b/net/ipv4/ip_input.c
@@ -279,6 +279,58 @@ int ip_local_deliver(struct sk_buff *skb
ip_local_deliver_finish);
}
+static inline int ip_rcv_options(struct sk_buff *skb)
+{
+ struct ip_options *opt;
+ struct iphdr *iph;
+ struct net_device *dev = skb-dev;
+
+ /* It looks as overkill, because not all
+ IP options require packet mangling.
+ But it is the easiest for now, especially taking
+ into account that combination of IP options
+ and running sniffer is extremely rare condition.
+ --ANK (980813)
+ */
+ if (skb_cow(skb, skb_headroom(skb))) {
+ IP_INC_STATS_BH(IPSTATS_MIB_INDISCARDS);
+ goto drop;
+ }
+
+ iph = skb-nh.iph;
+
+ if (ip_options_compile(NULL, skb)) {
+ IP_INC_STATS_BH(IPSTATS_MIB_INHDRERRORS);
+ goto drop;
+ }
+
+ opt = (IPCB(skb)-opt);
+ if (unlikely(opt-srr)) {
+ struct in_device *in_dev = in_dev_get(dev);
+ if (in_dev) {
+ if (!IN_DEV_SOURCE_ROUTE(in_dev)) {
+ if (IN_DEV_LOG_MARTIANS(in_dev)
+ net_ratelimit())
+ printk(KERN_INFO source route option
+ %u.%u.%u.%u - %u.%u.%u.%u\n,
+ NIPQUAD(iph-saddr),
+ NIPQUAD(iph-daddr));
+ in_dev_put(in_dev);
+ goto drop;
+ }
+
+ in_dev_put(in_dev);
+ }
+
+ if (ip_options_rcv_srr(skb))
+ goto drop;
+ }
+
+ return 0;
+drop:
+ return -1;
+}
+
static inline int ip_rcv_finish(struct sk_buff *skb)
{
struct net_device *dev = skb-dev;
@@ -308,48 +360,11 @@ static inline int ip_rcv_finish(struct s
}
#endif
- if (iph-ihl 5) {
- struct ip_options *opt;
-
- /* It looks as overkill, because not all
- IP options require packet mangling.
- But it is the easiest for now, especially taking
- into account that combination of IP options
- and running sniffer is extremely rare condition.
- --ANK (980813)
- */
-
- if (skb_cow(skb, skb_headroom(skb))) {
- IP_INC_STATS_BH(IPSTATS_MIB_INDISCARDS);
- goto drop;
- }
- iph = skb-nh.iph;
-
- if (ip_options_compile(NULL, skb))
- goto inhdr_error;
-
- opt = (IPCB(skb)-opt);
- if (opt-srr) {
- struct in_device *in_dev = in_dev_get(dev);
- if (in_dev) {
- if (!IN_DEV_SOURCE_ROUTE(in_dev)) {
- if (IN_DEV_LOG_MARTIANS(in_dev)
net_ratelimit())
- printk(KERN_INFO source route
option %u.%u.%u.%u - %u.%u.%u.%u\n,
- NIPQUAD(iph-saddr),
NIPQUAD(iph-daddr));
- in_dev_put(in_dev);
- goto drop;
- }
- in_dev_put(in_dev);
- }
- if (ip_options_rcv_srr(skb))
- goto drop;
- }
- }
+ if (iph-ihl 5 ip_rcv_options(skb))
+ goto drop;
return dst_input(skb);
-inhdr_error:
- IP_INC_STATS_BH(IPSTATS_MIB_INHDRERRORS);
drop:
kfree_skb(skb);
return NET_RX_DROP;
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
[IPV4]: Avoid common branch mispredictions in ip_rcv_finish()
tree f3a0e434a460a8abf50329ed4b99eea037fe65e0
parent d245407e758b14c464c609b632873f85709360c7
author Thomas Graf [EMAIL PROTECTED] Sun, 21 Aug 2005 07:26:30 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 06:03:03 -0700
[IPV4]: Avoid common branch mispredictions in ip_rcv_finish()
Signed-off-by: Thomas Graf [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
net/ipv4/ip_input.c | 10 +-
1 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/net/ipv4/ip_input.c b/net/ipv4/ip_input.c
--- a/net/ipv4/ip_input.c
+++ b/net/ipv4/ip_input.c
@@ -333,16 +333,16 @@ drop:
static inline int ip_rcv_finish(struct sk_buff *skb)
{
- struct net_device *dev = skb-dev;
struct iphdr *iph = skb-nh.iph;
- int err;
/*
* Initialise the virtual path cache for the packet. It describes
* how the packet travels inside Linux networking.
*/
- if (skb-dst == NULL) {
- if ((err = ip_route_input(skb, iph-daddr, iph-saddr,
iph-tos, dev))) {
+ if (likely(skb-dst == NULL)) {
+ int err = ip_route_input(skb, iph-daddr, iph-saddr, iph-tos,
+skb-dev);
+ if (unlikely(err)) {
if (err == -EHOSTUNREACH)
IP_INC_STATS_BH(IPSTATS_MIB_INADDRERRORS);
goto drop;
@@ -350,7 +350,7 @@ static inline int ip_rcv_finish(struct s
}
#ifdef CONFIG_NET_CLS_ROUTE
- if (skb-dst-tclassid) {
+ if (unlikely(skb-dst-tclassid)) {
struct ip_rt_acct *st = ip_rt_acct + 256*smp_processor_id();
u32 idx = skb-dst-tclassid;
st[idx0xFF].o_packets++;
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
[CCID3]: Reintroduce ccid3hctx_t_rto
tree d975d49f4be2187002ae86e1f5a7a30956231697
parent 33d043d65bbd3d97efca96c9bbada443cac3c4da
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Sun, 21 Aug 2005 11:07:37
-0300
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 06:03:18 -0700
[CCID3]: Reintroduce ccid3hctx_t_rto
CCID3 keeps this variable in usecs, inet_connection_socks in jiffies,
so to avoid Mars orbiter losses lets reintroduce ccid3hctx_t_rto 8)
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
net/dccp/ccids/ccid3.c | 10 +-
net/dccp/ccids/ccid3.h |1 +
2 files changed, 6 insertions(+), 5 deletions(-)
diff --git a/net/dccp/ccids/ccid3.c b/net/dccp/ccids/ccid3.c
--- a/net/dccp/ccids/ccid3.c
+++ b/net/dccp/ccids/ccid3.c
@@ -905,7 +905,7 @@ static void ccid3_hc_tx_no_feedback_time
hctx-ccid3hctx_x = 10;
}
/* Schedule no feedback timer to expire in max(4 * R, 2 * s /
X) */
- next_tmout = max_t(u32, inet_csk(sk)-icsk_rto,
+ next_tmout = max_t(u32, hctx-ccid3hctx_t_rto,
2 * (hctx-ccid3hctx_s * 10) /
(hctx-ccid3hctx_x / 10));
break;
default:
@@ -1180,8 +1180,8 @@ static void ccid3_hc_tx_packet_recv(stru
r_sample);
/* Update timeout interval */
- inet_csk(sk)-icsk_rto = max_t(u32, 4 * hctx-ccid3hctx_rtt,
- USEC_PER_SEC);
+ hctx-ccid3hctx_t_rto = max_t(u32, 4 * hctx-ccid3hctx_rtt,
+ USEC_PER_SEC);
/* Update receive rate */
hctx-ccid3hctx_x_recv = x_recv; /* x_recv in bytes per
second */
@@ -1227,7 +1227,7 @@ static void ccid3_hc_tx_packet_recv(stru
/* to prevent divide by zero below */
/* Schedule no feedback timer to expire in max(4 * R, 2 * s /
X) */
- next_tmout = max(inet_csk(sk)-icsk_rto,
+ next_tmout = max(hctx-ccid3hctx_t_rto,
(2 * (hctx-ccid3hctx_s * 10) /
(hctx-ccid3hctx_x / 10)));
/* maths with 10 and 10 is to prevent overflow with 32 bit
*/
@@ -1340,7 +1340,7 @@ static int ccid3_hc_tx_init(struct sock
hctx-ccid3hctx_x = hctx-ccid3hctx_s; /* set transmission rate to
1 packet per second */
hctx-ccid3hctx_rtt = 4; /* See ccid3_hc_tx_packet_sent win_count
calculatation */
- inet_csk(sk)-icsk_rto = USEC_PER_SEC;
+ hctx-ccid3hctx_t_rto = USEC_PER_SEC;
hctx-ccid3hctx_state = TFRC_SSTATE_NO_SENT;
INIT_LIST_HEAD(hctx-ccid3hctx_hist);
init_timer(hctx-ccid3hctx_no_feedback_timer);
diff --git a/net/dccp/ccids/ccid3.h b/net/dccp/ccids/ccid3.h
--- a/net/dccp/ccids/ccid3.h
+++ b/net/dccp/ccids/ccid3.h
@@ -80,6 +80,7 @@ struct ccid3_hc_tx_sock {
struct timer_list ccid3hctx_no_feedback_timer;
struct timeval ccid3hctx_t_ld;
struct timeval ccid3hctx_t_nom;
+ u32 ccid3hctx_t_rto;
u32 ccid3hctx_t_ipi;
u32 ccid3hctx_delta;
struct list_headccid3hctx_hist;
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
[DCCP]: Fix seqno setting in dccp_v4_ctl_send_reset
tree 77379d35e53a7c531e78659e8244652b8c6635d5 parent c68e64cfb5ac675b002215b5659146b73d2e9d5d author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Sun, 21 Aug 2005 11:33:48 -0300 committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 06:03:25 -0700 [DCCP]: Fix seqno setting in dccp_v4_ctl_send_reset Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED] Signed-off-by: David S. Miller [EMAIL PROTECTED] net/dccp/ipv4.c |8 +++- 1 files changed, 7 insertions(+), 1 deletion(-) diff --git a/net/dccp/ipv4.c b/net/dccp/ipv4.c --- a/net/dccp/ipv4.c +++ b/net/dccp/ipv4.c @@ -887,6 +887,7 @@ static void dccp_v4_ctl_send_reset(struc sizeof(struct dccp_hdr_reset); struct sk_buff *skb; struct dst_entry *dst; + u64 seqno; /* Never send a reset in response to a reset. */ if (rxdh-dccph_type == DCCP_PKT_RESET) @@ -920,7 +921,12 @@ static void dccp_v4_ctl_send_reset(struc dccp_hdr_reset(skb)-dccph_reset_code = DCCP_SKB_CB(rxskb)-dccpd_reset_code; - dccp_hdr_set_seq(dh, DCCP_SKB_CB(rxskb)-dccpd_ack_seq); + /* See 8.3.1. Abnormal Termination in draft-ietf-dccp-spec-11 */ + seqno = 0; + if (DCCP_SKB_CB(rxskb)-dccpd_ack_seq != DCCP_PKT_WITHOUT_ACK_SEQ) + dccp_set_seqno(seqno, DCCP_SKB_CB(rxskb)-dccpd_ack_seq + 1); + + dccp_hdr_set_seq(dh, seqno); dccp_hdr_set_ack(dccp_hdr_ack_bits(skb), DCCP_SKB_CB(rxskb)-dccpd_seq); - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[DCCP]: Give more info on Step 6 failure debug printk
tree 08a6b91f57e6c7c66a4839ba4fb3c0bf570cebf6
parent 2807d4ffb0dccb8f932c3e1701b6b6163153d333
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Sun, 21 Aug 2005 11:35:18
-0300
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 06:03:33 -0700
[DCCP]: Give more info on Step 6 failure debug printk
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
net/dccp/input.c | 11 +--
1 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/net/dccp/input.c b/net/dccp/input.c
--- a/net/dccp/input.c
+++ b/net/dccp/input.c
@@ -136,8 +136,15 @@ static int dccp_check_seqno(struct sock
DCCP_PKT_WITHOUT_ACK_SEQ))
dp-dccps_gar = DCCP_SKB_CB(skb)-dccpd_ack_seq;
} else {
- LIMIT_NETDEBUG(KERN_WARNING DCCP: Step 6 failed,
- sending SYNC...\n);
+ LIMIT_NETDEBUG(KERN_WARNING DCCP: Step 6 failed for %s packet,
+ (LSWL(%llu) = P.seqno(%llu) =
S.SWH(%llu)) and
+ (P.ackno %s or LAWL(%llu) =
P.ackno(%llu) = S.AWH(%llu),
+ sending SYNC...\n,
+ dccp_packet_name(dh-dccph_type),
+ lswl, DCCP_SKB_CB(skb)-dccpd_seq, dp-dccps_swh,
+ (DCCP_SKB_CB(skb)-dccpd_ack_seq ==
+ DCCP_PKT_WITHOUT_ACK_SEQ) ? doesn't exist :
exists,
+ lawl, DCCP_SKB_CB(skb)-dccpd_ack_seq,
dp-dccps_awh);
dccp_send_sync(sk, DCCP_SKB_CB(skb)-dccpd_seq, DCCP_PKT_SYNC);
return -1;
}
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
[DCCP]: Fix the ACK and SEQ window variables settings
tree bbe5f7fc56074224ded47113974dbc3db550b303
parent a3054d48b9b9d6290eccc9fc09c286ef450d9b1d
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Sun, 21 Aug 2005 11:36:45
-0300
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 06:03:42 -0700
[DCCP]: Fix the ACK and SEQ window variables settings
This is from a first audit, more eyeballs are more than welcome.
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
net/dccp/dccp.h | 12
net/dccp/input.c | 14 +-
net/dccp/ipv4.c | 10 ++
net/dccp/minisocks.c | 13 +
net/dccp/timer.c |2 +-
5 files changed, 41 insertions(+), 10 deletions(-)
diff --git a/net/dccp/dccp.h b/net/dccp/dccp.h
--- a/net/dccp/dccp.h
+++ b/net/dccp/dccp.h
@@ -340,13 +340,11 @@ static inline void dccp_hdr_set_ack(stru
static inline void dccp_update_gsr(struct sock *sk, u64 seq)
{
struct dccp_sock *dp = dccp_sk(sk);
- u64 tmp_gsr;
- dccp_set_seqno(tmp_gsr,
+ dp-dccps_gsr = seq;
+ dccp_set_seqno(dp-dccps_swl,
(dp-dccps_gsr + 1 -
(dp-dccps_options.dccpo_sequence_window / 4)));
- dp-dccps_gsr = seq;
- dccp_set_seqno(dp-dccps_swl, max48(tmp_gsr, dp-dccps_isr));
dccp_set_seqno(dp-dccps_swh,
(dp-dccps_gsr +
(3 * dp-dccps_options.dccpo_sequence_window) / 4));
@@ -355,13 +353,11 @@ static inline void dccp_update_gsr(struc
static inline void dccp_update_gss(struct sock *sk, u64 seq)
{
struct dccp_sock *dp = dccp_sk(sk);
- u64 tmp_gss;
- dccp_set_seqno(tmp_gss,
+ dp-dccps_awh = dp-dccps_gss = seq;
+ dccp_set_seqno(dp-dccps_awl,
(dp-dccps_gss -
dp-dccps_options.dccpo_sequence_window + 1));
- dp-dccps_awl = max48(tmp_gss, dp-dccps_iss);
- dp-dccps_awh = dp-dccps_gss = seq;
}
extern void dccp_insert_options(struct sock *sk, struct sk_buff *skb);
diff --git a/net/dccp/input.c b/net/dccp/input.c
--- a/net/dccp/input.c
+++ b/net/dccp/input.c
@@ -314,7 +314,19 @@ static int dccp_rcv_request_sent_state_p
}
dp-dccps_isr = DCCP_SKB_CB(skb)-dccpd_seq;
- dccp_update_gsr(sk, DCCP_SKB_CB(skb)-dccpd_seq);
+ dccp_update_gsr(sk, dp-dccps_isr);
+ /*
+* SWL and AWL are initially adjusted so that they are not less
than
+* the initial Sequence Numbers received and sent, respectively:
+* SWL := max(GSR + 1 - floor(W/4), ISR),
+* AWL := max(GSS - W' + 1, ISS).
+* These adjustments MUST be applied only at the beginning of
the
+* connection.
+*
+* AWL was adjusted in dccp_v4_connect -acme
+*/
+ dccp_set_seqno(dp-dccps_swl,
+ max48(dp-dccps_swl, dp-dccps_isr));
if (ccid_hc_rx_init(dp-dccps_hc_rx_ccid, sk) != 0 ||
ccid_hc_tx_init(dp-dccps_hc_tx_ccid, sk) != 0) {
diff --git a/net/dccp/ipv4.c b/net/dccp/ipv4.c
--- a/net/dccp/ipv4.c
+++ b/net/dccp/ipv4.c
@@ -309,6 +309,16 @@ static int dccp_v4_connect(struct sock *
usin-sin_port);
dccp_update_gss(sk, dp-dccps_iss);
+ /*
+* SWL and AWL are initially adjusted so that they are not less than
+* the initial Sequence Numbers received and sent, respectively:
+* SWL := max(GSR + 1 - floor(W/4), ISR),
+* AWL := max(GSS - W' + 1, ISS).
+* These adjustments MUST be applied only at the beginning of the
+* connection.
+*/
+ dccp_set_seqno(dp-dccps_awl, max48(dp-dccps_awl, dp-dccps_iss));
+
inet-id = dp-dccps_iss ^ jiffies;
err = dccp_connect(sk);
diff --git a/net/dccp/minisocks.c b/net/dccp/minisocks.c
--- a/net/dccp/minisocks.c
+++ b/net/dccp/minisocks.c
@@ -146,6 +146,19 @@ out_free:
newdp-dccps_iss = dreq-dreq_iss;
dccp_update_gss(newsk, dreq-dreq_iss);
+ /*
+* SWL and AWL are initially adjusted so that they are not less
than
+* the initial Sequence Numbers received and sent, respectively:
+* SWL := max(GSR + 1 - floor(W/4), ISR),
+* AWL := max(GSS - W' + 1, ISS).
+* These adjustments MUST be applied only at the beginning of
the
+* connection.
+*/
+ dccp_set_seqno(newdp-dccps_swl,
+ max48(newdp-dccps_swl, newdp-dccps_isr));
+ dccp_set_seqno(newdp-dccps_awl,
+ max48(newdp-dccps_awl, newdp-dccps_iss));
+
dccp_init_xmit_timers(newsk);
[DCCP]: Fix ackno setting in SYNC/SYNCACK packets
tree 3a72f0f6e92bec1db7cd4431fc04f454ac1d4569
parent 03ace394ac9bcad38043a381ae5f4860b9c9fa1c
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Sun, 21 Aug 2005 11:40:16
-0300
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 06:03:52 -0700
[DCCP]: Fix ackno setting in SYNC/SYNCACK packets
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
net/dccp/output.c | 10 +++---
1 files changed, 3 insertions(+), 7 deletions(-)
diff --git a/net/dccp/output.c b/net/dccp/output.c
--- a/net/dccp/output.c
+++ b/net/dccp/output.c
@@ -44,15 +44,8 @@ int dccp_transmit_skb(struct sock *sk, s
int err, set_ack = 1;
u64 ackno = dp-dccps_gsr;
- /*
-* FIXME: study DCCP_PKT_SYNC[ACK] to see what is the right
-* thing to do here...
-*/
dccp_inc_seqno(dp-dccps_gss);
- dcb-dccpd_seq = dp-dccps_gss;
- dccp_insert_options(sk, skb);
-
switch (dcb-dccpd_type) {
case DCCP_PKT_DATA:
set_ack = 0;
@@ -62,6 +55,9 @@ int dccp_transmit_skb(struct sock *sk, s
ackno = dcb-dccpd_seq;
break;
}
+
+ dcb-dccpd_seq = dp-dccps_gss;
+ dccp_insert_options(sk, skb);
skb-h.raw = skb_push(skb, dccp_header_size);
dh = dccp_hdr(skb);
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
[NETFILTER]: Add string match
tree d259de5c48a54b7017ee21b5a141c223f8b082e6
parent 24117727b753426d85ba09671c24854834f81b2c
author Pablo Neira Ayuso [EMAIL PROTECTED] Mon, 22 Aug 2005 13:30:34 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 06:04:07 -0700
[NETFILTER]: Add string match
Signed-off-by: Pablo Neira Ayuso [EMAIL PROTECTED]
Signed-off-by: Patrick McHardy [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/linux/netfilter_ipv4/ipt_string.h | 18 +
net/ipv4/netfilter/Kconfig| 12 +++
net/ipv4/netfilter/Makefile |1
net/ipv4/netfilter/ipt_string.c | 91 ++
4 files changed, 122 insertions(+)
diff --git a/include/linux/netfilter_ipv4/ipt_string.h
b/include/linux/netfilter_ipv4/ipt_string.h
new file mode 100644
--- /dev/null
+++ b/include/linux/netfilter_ipv4/ipt_string.h
@@ -0,0 +1,18 @@
+#ifndef _IPT_STRING_H
+#define _IPT_STRING_H
+
+#define IPT_STRING_MAX_PATTERN_SIZE 128
+#define IPT_STRING_MAX_ALGO_NAME_SIZE 16
+
+struct ipt_string_info
+{
+ u_int16_t from_offset;
+ u_int16_t to_offset;
+ char algo[IPT_STRING_MAX_ALGO_NAME_SIZE];
+ char pattern[IPT_STRING_MAX_PATTERN_SIZE];
+ u_int8_t patlen;
+ u_int8_t invert;
+ struct ts_config __attribute__((aligned(8))) *config;
+};
+
+#endif /*_IPT_STRING_H*/
diff --git a/net/ipv4/netfilter/Kconfig b/net/ipv4/netfilter/Kconfig
--- a/net/ipv4/netfilter/Kconfig
+++ b/net/ipv4/netfilter/Kconfig
@@ -410,6 +410,18 @@ config IP_NF_MATCH_HASHLIMIT
destination IP' or `500pps from any given source IP' with a single
IPtables rule.
+config IP_NF_MATCH_STRING
+ tristate 'string match support'
+ depends on IP_NF_IPTABLES
+ select TEXTSEARCH
+ select TEXTSEARCH_KMP
+ select TEXTSEARCH_FSM
+ help
+ This option adds a `string' match, which allows you to look for
+ pattern matchings in packets.
+
+ To compile it as a module, choose M here. If unsure, say N.
+
# `filter', generic and specific targets
config IP_NF_FILTER
tristate Packet filtering
diff --git a/net/ipv4/netfilter/Makefile b/net/ipv4/netfilter/Makefile
--- a/net/ipv4/netfilter/Makefile
+++ b/net/ipv4/netfilter/Makefile
@@ -65,6 +65,7 @@ obj-$(CONFIG_IP_NF_MATCH_REALM) += ipt_r
obj-$(CONFIG_IP_NF_MATCH_ADDRTYPE) += ipt_addrtype.o
obj-$(CONFIG_IP_NF_MATCH_PHYSDEV) += ipt_physdev.o
obj-$(CONFIG_IP_NF_MATCH_COMMENT) += ipt_comment.o
+obj-$(CONFIG_IP_NF_MATCH_STRING) += ipt_string.o
# targets
obj-$(CONFIG_IP_NF_TARGET_REJECT) += ipt_REJECT.o
diff --git a/net/ipv4/netfilter/ipt_string.c b/net/ipv4/netfilter/ipt_string.c
new file mode 100644
--- /dev/null
+++ b/net/ipv4/netfilter/ipt_string.c
@@ -0,0 +1,91 @@
+/* String matching match for iptables
+ *
+ * (C) 2005 Pablo Neira Ayuso [EMAIL PROTECTED]
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include linux/init.h
+#include linux/module.h
+#include linux/kernel.h
+#include linux/skbuff.h
+#include linux/netfilter_ipv4/ip_tables.h
+#include linux/netfilter_ipv4/ipt_string.h
+#include linux/textsearch.h
+
+MODULE_AUTHOR(Pablo Neira Ayuso [EMAIL PROTECTED]);
+MODULE_DESCRIPTION(IP tables string match module);
+MODULE_LICENSE(GPL);
+
+static int match(const struct sk_buff *skb,
+const struct net_device *in,
+const struct net_device *out,
+const void *matchinfo,
+int offset,
+int *hotdrop)
+{
+ struct ts_state state;
+ struct ipt_string_info *conf = (struct ipt_string_info *) matchinfo;
+
+ memset(state, 0, sizeof(struct ts_state));
+
+ return (skb_find_text((struct sk_buff *)skb, conf-from_offset,
+conf-to_offset, conf-config, state)
+!= UINT_MAX) !conf-invert;
+}
+
+#define STRING_TEXT_PRIV(m) ((struct ipt_string_info *) m)
+
+static int checkentry(const char *tablename,
+ const struct ipt_ip *ip,
+ void *matchinfo,
+ unsigned int matchsize,
+ unsigned int hook_mask)
+{
+ struct ipt_string_info *conf = matchinfo;
+ struct ts_config *ts_conf;
+
+ if (matchsize != IPT_ALIGN(sizeof(struct ipt_string_info)))
+ return 0;
+
+ /* Damn, can't handle this case properly with iptables... */
+ if (conf-from_offset conf-to_offset)
+ return 0;
+
+ ts_conf = textsearch_prepare(conf-algo, conf-pattern, conf-patlen,
+GFP_KERNEL, TS_AUTOLOAD);
+ if (IS_ERR(ts_conf))
+ return 0;
+
+ conf-config = ts_conf;
+
+ return 1;
+}
+
+static void destroy(void *matchinfo, unsigned int matchsize)
+{
+
[NETFILTER]: Add IPv6 REJECT target
tree ee5d5e0b203149938a5151126b2e3ae46051dfbf
parent 7567662ba896ee0c33d6215f32e2011488a6d1bf
author Patrick McHardy [EMAIL PROTECTED] Mon, 22 Aug 2005 13:31:06 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 06:04:12 -0700
[NETFILTER]: Add IPv6 REJECT target
Originally written by Yasuyuki Kozakai [EMAIL PROTECTED],
taken from netfilter patch-o-matic and fixed up to work with current
kernels.
Signed-off-by: Patrick McHardy [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/linux/netfilter_ipv6/ip6t_REJECT.h | 18 +
net/ipv6/netfilter/Kconfig | 10 +
net/ipv6/netfilter/Makefile|1
net/ipv6/netfilter/ip6t_REJECT.c | 284 +
4 files changed, 313 insertions(+)
diff --git a/include/linux/netfilter_ipv6/ip6t_REJECT.h
b/include/linux/netfilter_ipv6/ip6t_REJECT.h
new file mode 100644
--- /dev/null
+++ b/include/linux/netfilter_ipv6/ip6t_REJECT.h
@@ -0,0 +1,18 @@
+#ifndef _IP6T_REJECT_H
+#define _IP6T_REJECT_H
+
+enum ip6t_reject_with {
+ IP6T_ICMP6_NO_ROUTE,
+ IP6T_ICMP6_ADM_PROHIBITED,
+ IP6T_ICMP6_NOT_NEIGHBOUR,
+ IP6T_ICMP6_ADDR_UNREACH,
+ IP6T_ICMP6_PORT_UNREACH,
+ IP6T_ICMP6_ECHOREPLY,
+ IP6T_TCP_RESET
+};
+
+struct ip6t_reject_info {
+ u_int32_t with; /* reject type */
+};
+
+#endif /*_IP6T_REJECT_H*/
diff --git a/net/ipv6/netfilter/Kconfig b/net/ipv6/netfilter/Kconfig
--- a/net/ipv6/netfilter/Kconfig
+++ b/net/ipv6/netfilter/Kconfig
@@ -199,6 +199,16 @@ config IP6_NF_TARGET_LOG
To compile it as a module, choose M here. If unsure, say N.
+config IP6_NF_TARGET_REJECT
+ tristate REJECT target support
+ depends on IP6_NF_FILTER
+ help
+ The REJECT target allows a filtering rule to specify that an ICMPv6
+ error should be issued in response to an incoming packet, rather
+ than silently being dropped.
+
+ To compile it as a module, choose M here. If unsure, say N.
+
# if [ $CONFIG_IP6_NF_FILTER != n ]; then
#dep_tristate 'REJECT target support' CONFIG_IP6_NF_TARGET_REJECT
$CONFIG_IP6_NF_FILTER
#if [ $CONFIG_EXPERIMENTAL = y ]; then
diff --git a/net/ipv6/netfilter/Makefile b/net/ipv6/netfilter/Makefile
--- a/net/ipv6/netfilter/Makefile
+++ b/net/ipv6/netfilter/Makefile
@@ -24,4 +24,5 @@ obj-$(CONFIG_IP6_NF_QUEUE) += ip6_queue.
obj-$(CONFIG_IP6_NF_TARGET_LOG) += ip6t_LOG.o
obj-$(CONFIG_IP6_NF_RAW) += ip6table_raw.o
obj-$(CONFIG_IP6_NF_MATCH_HL) += ip6t_hl.o
+obj-$(CONFIG_IP6_NF_TARGET_REJECT) += ip6t_REJECT.o
obj-$(CONFIG_NETFILTER_NETLINK_QUEUE) += ip6t_NFQUEUE.o
diff --git a/net/ipv6/netfilter/ip6t_REJECT.c b/net/ipv6/netfilter/ip6t_REJECT.c
new file mode 100644
--- /dev/null
+++ b/net/ipv6/netfilter/ip6t_REJECT.c
@@ -0,0 +1,284 @@
+/*
+ * IP6 tables REJECT target module
+ * Linux INET6 implementation
+ *
+ * Copyright (C)2003 USAGI/WIDE Project
+ *
+ * Authors:
+ * Yasuyuki Kozakai[EMAIL PROTECTED]
+ *
+ * Based on net/ipv4/netfilter/ipt_REJECT.c
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version
+ * 2 of the License, or (at your option) any later version.
+ */
+
+#include linux/config.h
+#include linux/module.h
+#include linux/skbuff.h
+#include linux/icmpv6.h
+#include linux/netdevice.h
+#include net/ipv6.h
+#include net/tcp.h
+#include net/icmp.h
+#include net/ip6_checksum.h
+#include net/ip6_fib.h
+#include net/ip6_route.h
+#include net/flow.h
+#include linux/netfilter_ipv6/ip6_tables.h
+#include linux/netfilter_ipv6/ip6t_REJECT.h
+
+MODULE_AUTHOR(Yasuyuki KOZAKAI [EMAIL PROTECTED]);
+MODULE_DESCRIPTION(IP6 tables REJECT target module);
+MODULE_LICENSE(GPL);
+
+#if 0
+#define DEBUGP printk
+#else
+#define DEBUGP(format, args...)
+#endif
+
+/* Send RST reply */
+static void send_reset(struct sk_buff *oldskb)
+{
+ struct sk_buff *nskb;
+ struct tcphdr otcph, *tcph;
+ unsigned int otcplen, hh_len;
+ int tcphoff, needs_ack;
+ struct ipv6hdr *oip6h = oldskb-nh.ipv6h, *ip6h;
+ struct dst_entry *dst = NULL;
+ u8 proto;
+ struct flowi fl;
+
+ if ((!(ipv6_addr_type(oip6h-saddr) IPV6_ADDR_UNICAST)) ||
+ (!(ipv6_addr_type(oip6h-daddr) IPV6_ADDR_UNICAST))) {
+ DEBUGP(ip6t_REJECT: addr is not unicast.\n);
+ return;
+ }
+
+ proto = oip6h-nexthdr;
+ tcphoff = ipv6_skip_exthdr(oldskb, ((u8*)(oip6h+1) - oldskb-data),
proto);
+
+ if ((tcphoff 0) || (tcphoff oldskb-len)) {
+ DEBUGP(ip6t_REJECT: Can't get TCP header.\n);
+ return;
+ }
+
+ otcplen = oldskb-len - tcphoff;
+
+ /* IP header checks: fragment, too short. */
+ if ((proto != IPPROTO_TCP) || (otcplen sizeof(struct tcphdr))) {
+ DEBUGP(ip6t_REJECT: proto(%d) !=
[NETFILTER]: Add goto target
tree 393fc1fb09668faf3968726f6e8e5039109224a9
parent 764d8a9f240729534a1d8a0ffd39e722cf5cc5af
author Patrick McHardy [EMAIL PROTECTED] Mon, 22 Aug 2005 13:31:43 -0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 06:04:18 -0700
[NETFILTER]: Add goto target
Originally written by Henrik Nordstrom [EMAIL PROTECTED], taken
from netfilter patch-o-matic and added ip6_tables support.
Signed-off-by: Patrick McHardy [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/linux/netfilter_ipv4/ip_tables.h |3 ++-
include/linux/netfilter_ipv6/ip6_tables.h |3 ++-
net/ipv4/netfilter/ip_tables.c|4 ++--
net/ipv6/netfilter/ip6_tables.c |4 ++--
4 files changed, 8 insertions(+), 6 deletions(-)
diff --git a/include/linux/netfilter_ipv4/ip_tables.h
b/include/linux/netfilter_ipv4/ip_tables.h
--- a/include/linux/netfilter_ipv4/ip_tables.h
+++ b/include/linux/netfilter_ipv4/ip_tables.h
@@ -109,7 +109,8 @@ struct ipt_counters
/* Values for flag field in struct ipt_ip (general ip structure). */
#define IPT_F_FRAG 0x01/* Set if rule is a fragment rule */
-#define IPT_F_MASK 0x01/* All possible flag bits mask. */
+#define IPT_F_GOTO 0x02/* Set if jump is a goto */
+#define IPT_F_MASK 0x03/* All possible flag bits mask. */
/* Values for inv field in struct ipt_ip. */
#define IPT_INV_VIA_IN 0x01/* Invert the sense of IN IFACE. */
diff --git a/include/linux/netfilter_ipv6/ip6_tables.h
b/include/linux/netfilter_ipv6/ip6_tables.h
--- a/include/linux/netfilter_ipv6/ip6_tables.h
+++ b/include/linux/netfilter_ipv6/ip6_tables.h
@@ -111,7 +111,8 @@ struct ip6t_counters
#define IP6T_F_PROTO 0x01/* Set if rule cares about upper
protocols */
#define IP6T_F_TOS 0x02/* Match the TOS. */
-#define IP6T_F_MASK0x03/* All possible flag bits mask. */
+#define IP6T_F_GOTO0x04/* Set if jump is a goto */
+#define IP6T_F_MASK0x07/* All possible flag bits mask. */
/* Values for inv field in struct ip6t_ip6. */
#define IP6T_INV_VIA_IN0x01/* Invert the sense of IN
IFACE. */
diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c
--- a/net/ipv4/netfilter/ip_tables.c
+++ b/net/ipv4/netfilter/ip_tables.c
@@ -340,8 +340,8 @@ ipt_do_table(struct sk_buff **pskb,
back-comefrom);
continue;
}
- if (table_base + v
- != (void *)e + e-next_offset) {
+ if (table_base + v != (void *)e + e-next_offset
+!(e-ip.flags IPT_F_GOTO)) {
/* Save old back ptr in next entry */
struct ipt_entry *next
= (void *)e + e-next_offset;
diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c
--- a/net/ipv6/netfilter/ip6_tables.c
+++ b/net/ipv6/netfilter/ip6_tables.c
@@ -433,8 +433,8 @@ ip6t_do_table(struct sk_buff **pskb,
back-comefrom);
continue;
}
- if (table_base + v
- != (void *)e + e-next_offset) {
+ if (table_base + v != (void *)e + e-next_offset
+!(e-ipv6.flags IP6T_F_GOTO)) {
/* Save old back ptr in next entry */
struct ip6t_entry *next
= (void *)e + e-next_offset;
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
[DCCP]: Introduce dccp_get_info
tree f2ce23b6e5898a6bec8726f17104074516559397
parent 4fded33b3e8177d1d2eec0ccc69af8dfe8b4c3c3
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Wed, 24 Aug 2005 11:52:35
-0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 06:05:07 -0700
[DCCP]: Introduce dccp_get_info
And also hc_tx and hc_rx get_info functions for the CCIDs to fill in
information that is specific to them.
For now reusing struct tcp_info, later I'll try to figure out a better
solution, for now its really nice to get this kind of info:
[EMAIL PROTECTED] ~]# ./ss -danemi
State Recv-Q Send-Q Local Addr:Port Peer Addr:Port
LISTEN 0 0*:5001 *:* ino:628 sk:c1340040
mem:(r0,w0,f0,t0) cwnd:0 ssthresh:0
ESTAB 0 0 172.20.0.2:5001 172.20.0.1:32785 ino:629 sk:c13409a0
mem:(r0,w0,f0,t0) ts rto:1000 rtt:0.004/0 cwnd:0 ssthresh:0
rcv_rtt:61.377
This, for instance, shows that we're not congestion controlling ACKs,
as the above output is in the ttcp receiving host, and ttcp is a one
way app, i.e. the received never calls sendmsg, so
ccid_hc_tx_send_packet is never called, so the TX half connection
stays in TFRC_SSTATE_NO_SENT state and hctx_rtt is never calculated,
stays with the value set in ccid3_hc_tx_init, 4us, as show above in
milliseconds (0.004ms), upcoming patches will fix this.
rcv_rtt seems sane tho, matching ping results :-)
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
net/dccp/ccid.h| 18 ++
net/dccp/ccids/ccid3.c | 27 +++
net/dccp/diag.c| 26 +-
3 files changed, 70 insertions(+), 1 deletion(-)
diff --git a/net/dccp/ccid.h b/net/dccp/ccid.h
--- a/net/dccp/ccid.h
+++ b/net/dccp/ccid.h
@@ -50,6 +50,10 @@ struct ccid {
struct sk_buff *skb, int len);
void(*ccid_hc_tx_packet_sent)(struct sock *sk, int more,
int len);
+ void(*ccid_hc_rx_get_info)(struct sock *sk,
+ struct tcp_info *info);
+ void(*ccid_hc_tx_get_info)(struct sock *sk,
+ struct tcp_info *info);
};
extern intccid_register(struct ccid *ccid);
@@ -159,4 +163,18 @@ static inline void ccid_hc_rx_insert_opt
if (ccid-ccid_hc_rx_insert_options != NULL)
ccid-ccid_hc_rx_insert_options(sk, skb);
}
+
+static inline void ccid_hc_rx_get_info(struct ccid *ccid, struct sock *sk,
+ struct tcp_info *info)
+{
+ if (ccid-ccid_hc_rx_get_info != NULL)
+ ccid-ccid_hc_rx_get_info(sk, info);
+}
+
+static inline void ccid_hc_tx_get_info(struct ccid *ccid, struct sock *sk,
+ struct tcp_info *info)
+{
+ if (ccid-ccid_hc_tx_get_info != NULL)
+ ccid-ccid_hc_tx_get_info(sk, info);
+}
#endif /* _CCID_H */
diff --git a/net/dccp/ccids/ccid3.c b/net/dccp/ccids/ccid3.c
--- a/net/dccp/ccids/ccid3.c
+++ b/net/dccp/ccids/ccid3.c
@@ -2020,6 +2020,31 @@ static void ccid3_hc_rx_exit(struct sock
dp-dccps_hc_rx_ccid_private = NULL;
}
+static void ccid3_hc_rx_get_info(struct sock *sk, struct tcp_info *info)
+{
+ const struct dccp_sock *dp = dccp_sk(sk);
+ const struct ccid3_hc_rx_sock *hcrx = dp-dccps_hc_rx_ccid_private;
+
+ if (hcrx == NULL)
+ return;
+
+ info-tcpi_ca_state = hcrx-ccid3hcrx_state;
+ info-tcpi_options |= TCPI_OPT_TIMESTAMPS;
+ info-tcpi_rcv_rtt = hcrx-ccid3hcrx_rtt;
+}
+
+static void ccid3_hc_tx_get_info(struct sock *sk, struct tcp_info *info)
+{
+ const struct dccp_sock *dp = dccp_sk(sk);
+ const struct ccid3_hc_tx_sock *hctx = dp-dccps_hc_tx_ccid_private;
+
+ if (hctx == NULL)
+ return;
+
+ info-tcpi_rto = hctx-ccid3hctx_t_rto;
+ info-tcpi_rtt = hctx-ccid3hctx_rtt;
+}
+
static struct ccid ccid3 = {
.ccid_id = 3,
.ccid_name = ccid3,
@@ -2037,6 +2062,8 @@ static struct ccid ccid3 = {
.ccid_hc_rx_exit = ccid3_hc_rx_exit,
.ccid_hc_rx_insert_options = ccid3_hc_rx_insert_options,
.ccid_hc_rx_packet_recv= ccid3_hc_rx_packet_recv,
+ .ccid_hc_rx_get_info = ccid3_hc_rx_get_info,
+ .ccid_hc_tx_get_info = ccid3_hc_tx_get_info,
};
module_param(ccid3_debug, int, 0444);
diff --git a/net/dccp/diag.c b/net/dccp/diag.c
--- a/net/dccp/diag.c
+++ b/net/dccp/diag.c
@@ -14,19 +14,43 @@
#include linux/module.h
#include linux/inet_diag.h
+#include ccid.h
#include dccp.h
+static void dccp_get_info(struct sock *sk, struct tcp_info *info)
+{
+ struct dccp_sock *dp = dccp_sk(sk);
+ const struct inet_connection_sock *icsk = inet_csk(sk);
+
+
[ICSK]: Generalise tcp_listen_poll
tree 70951f8d97dc191df3c772c830b667ad7af6dfd9
parent 2babe1f6fea717c36c008c878fe095d1ca5696c1
author Arnaldo Carvalho de Melo [EMAIL PROTECTED] Wed, 24 Aug 2005 11:52:58
-0700
committer David S. Miller [EMAIL PROTECTED] Tue, 30 Aug 2005 06:05:32 -0700
[ICSK]: Generalise tcp_listen_poll
Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED]
Signed-off-by: David S. Miller [EMAIL PROTECTED]
include/net/inet_connection_sock.h | 10 ++
net/ipv4/tcp.c | 11 +--
2 files changed, 11 insertions(+), 10 deletions(-)
diff --git a/include/net/inet_connection_sock.h
b/include/net/inet_connection_sock.h
--- a/include/net/inet_connection_sock.h
+++ b/include/net/inet_connection_sock.h
@@ -260,6 +260,16 @@ extern void inet_csk_reqsk_queue_prune(s
const unsigned long max_rto);
extern void inet_csk_destroy_sock(struct sock *sk);
+
+/*
+ * LISTEN is a special case for poll..
+ */
+static inline unsigned int inet_csk_listen_poll(const struct sock *sk)
+{
+ return !reqsk_queue_empty(inet_csk(sk)-icsk_accept_queue) ?
+ (POLLIN | POLLRDNORM) : 0;
+}
+
extern int inet_csk_listen_start(struct sock *sk, const int nr_table_entries);
extern void inet_csk_listen_stop(struct sock *sk);
diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -310,15 +310,6 @@ void tcp_enter_memory_pressure(void)
EXPORT_SYMBOL(tcp_enter_memory_pressure);
/*
- * LISTEN is a special case for poll..
- */
-static __inline__ unsigned int tcp_listen_poll(struct sock *sk,
- poll_table *wait)
-{
- return !reqsk_queue_empty(inet_csk(sk)-icsk_accept_queue) ? (POLLIN |
POLLRDNORM) : 0;
-}
-
-/*
* Wait for a TCP event.
*
* Note that we don't need to lock the socket, as the upper poll layers
@@ -333,7 +324,7 @@ unsigned int tcp_poll(struct file *file,
poll_wait(file, sk-sk_sleep, wait);
if (sk-sk_state == TCP_LISTEN)
- return tcp_listen_poll(sk, wait);
+ return inet_csk_listen_poll(sk);
/* Socket is not locked. We are protected from async events
by poll logic and correct handling of state changes
-
To unsubscribe from this list: send the line unsubscribe git-commits-head in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
