diff options
Diffstat (limited to 'net')
334 files changed, 675 insertions, 482 deletions
diff --git a/net/802/fc.c b/net/802/fc.c index 282c4ab1abe..2a27e37bc4c 100644 --- a/net/802/fc.c +++ b/net/802/fc.c @@ -10,7 +10,6 @@ * v 1.0 03/22/99 */ -#include <linux/config.h> #include <asm/uaccess.h> #include <asm/system.h> #include <linux/types.h> diff --git a/net/802/fddi.c b/net/802/fddi.c index ac242a4bc34..797c6d961de 100644 --- a/net/802/fddi.c +++ b/net/802/fddi.c @@ -26,7 +26,6 @@ * Maciej W. Rozycki : IPv6 support */ -#include <linux/config.h> #include <linux/module.h> #include <asm/system.h> #include <linux/types.h> diff --git a/net/802/sysctl_net_802.c b/net/802/sysctl_net_802.c index 700129556c1..ead56037398 100644 --- a/net/802/sysctl_net_802.c +++ b/net/802/sysctl_net_802.c @@ -10,7 +10,6 @@ * 2 of the License, or (at your option) any later version. */ -#include <linux/config.h> #include <linux/mm.h> #include <linux/if_tr.h> #include <linux/sysctl.h> diff --git a/net/802/tr.c b/net/802/tr.c index e9dc803f2fe..d7d8f40c4fe 100644 --- a/net/802/tr.c +++ b/net/802/tr.c @@ -17,7 +17,6 @@ #include <asm/uaccess.h> #include <asm/system.h> -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> #include <linux/kernel.h> diff --git a/net/8021q/vlanproc.c b/net/8021q/vlanproc.c index 7b214cffc95..a8fc0de1f96 100644 --- a/net/8021q/vlanproc.c +++ b/net/8021q/vlanproc.c @@ -17,7 +17,6 @@ * Jan 20, 1998 Ben Greear Initial Version *****************************************************************************/ -#include <linux/config.h> #include <linux/module.h> #include <linux/stddef.h> /* offsetof(), etc. */ #include <linux/errno.h> /* return codes */ diff --git a/net/appletalk/aarp.c b/net/appletalk/aarp.c index 7076097debc..f3777ec5bcb 100644 --- a/net/appletalk/aarp.c +++ b/net/appletalk/aarp.c @@ -29,7 +29,6 @@ * */ -#include <linux/config.h> #include <linux/if_arp.h> #include <net/sock.h> #include <net/datalink.h> diff --git a/net/appletalk/atalk_proc.c b/net/appletalk/atalk_proc.c index dc4048dd98c..7ae4916cd26 100644 --- a/net/appletalk/atalk_proc.c +++ b/net/appletalk/atalk_proc.c @@ -8,7 +8,6 @@ * Free Software Foundation, version 2. */ -#include <linux/config.h> #include <linux/init.h> #include <linux/proc_fs.h> #include <linux/seq_file.h> diff --git a/net/appletalk/ddp.c b/net/appletalk/ddp.c index 7b1eb9a4fc9..5ee96d4b40e 100644 --- a/net/appletalk/ddp.c +++ b/net/appletalk/ddp.c @@ -51,7 +51,6 @@ * */ -#include <linux/config.h> #include <linux/capability.h> #include <linux/module.h> #include <linux/if_arp.h> diff --git a/net/appletalk/sysctl_net_atalk.c b/net/appletalk/sysctl_net_atalk.c index af7f0604395..40b0af7437a 100644 --- a/net/appletalk/sysctl_net_atalk.c +++ b/net/appletalk/sysctl_net_atalk.c @@ -6,7 +6,6 @@ * Dynamic registration, added aarp entries. (5/30/97 Chris Horn) */ -#include <linux/config.h> #include <linux/sysctl.h> #include <net/sock.h> #include <linux/atalk.h> diff --git a/net/atm/Makefile b/net/atm/Makefile index d5818751f6b..89656d6c0b9 100644 --- a/net/atm/Makefile +++ b/net/atm/Makefile @@ -2,7 +2,7 @@ # Makefile for the ATM Protocol Families. # -atm-y := addr.o pvc.o signaling.o svc.o ioctl.o common.o atm_misc.o raw.o resources.o +atm-y := addr.o pvc.o signaling.o svc.o ioctl.o common.o atm_misc.o raw.o resources.o atm_sysfs.o mpoa-objs := mpc.o mpoa_caches.o mpoa_proc.o obj-$(CONFIG_ATM) += atm.o diff --git a/net/atm/atm_sysfs.c b/net/atm/atm_sysfs.c new file mode 100644 index 00000000000..5df4b9a068b --- /dev/null +++ b/net/atm/atm_sysfs.c @@ -0,0 +1,176 @@ +/* ATM driver model support. */ + +#include <linux/config.h> +#include <linux/kernel.h> +#include <linux/init.h> +#include <linux/kobject.h> +#include <linux/atmdev.h> +#include "common.h" +#include "resources.h" + +#define to_atm_dev(cldev) container_of(cldev, struct atm_dev, class_dev) + +static ssize_t show_type(struct class_device *cdev, char *buf) +{ + struct atm_dev *adev = to_atm_dev(cdev); + return sprintf(buf, "%s\n", adev->type); +} + +static ssize_t show_address(struct class_device *cdev, char *buf) +{ + char *pos = buf; + struct atm_dev *adev = to_atm_dev(cdev); + int i; + + for (i = 0; i < (ESI_LEN - 1); i++) + pos += sprintf(pos, "%02x:", adev->esi[i]); + pos += sprintf(pos, "%02x\n", adev->esi[i]); + + return pos - buf; +} + +static ssize_t show_atmaddress(struct class_device *cdev, char *buf) +{ + unsigned long flags; + char *pos = buf; + struct atm_dev *adev = to_atm_dev(cdev); + struct atm_dev_addr *aaddr; + int bin[] = { 1, 2, 10, 6, 1 }, *fmt = bin; + int i, j; + + spin_lock_irqsave(&adev->lock, flags); + list_for_each_entry(aaddr, &adev->local, entry) { + for(i = 0, j = 0; i < ATM_ESA_LEN; ++i, ++j) { + if (j == *fmt) { + pos += sprintf(pos, "."); + ++fmt; + j = 0; + } + pos += sprintf(pos, "%02x", aaddr->addr.sas_addr.prv[i]); + } + pos += sprintf(pos, "\n"); + } + spin_unlock_irqrestore(&adev->lock, flags); + + return pos - buf; +} + +static ssize_t show_carrier(struct class_device *cdev, char *buf) +{ + char *pos = buf; + struct atm_dev *adev = to_atm_dev(cdev); + + pos += sprintf(pos, "%d\n", + adev->signal == ATM_PHY_SIG_LOST ? 0 : 1); + + return pos - buf; +} + +static ssize_t show_link_rate(struct class_device *cdev, char *buf) +{ + char *pos = buf; + struct atm_dev *adev = to_atm_dev(cdev); + int link_rate; + + /* show the link rate, not the data rate */ + switch (adev->link_rate) { + case ATM_OC3_PCR: + link_rate = 155520000; + break; + case ATM_OC12_PCR: + link_rate = 622080000; + break; + case ATM_25_PCR: + link_rate = 25600000; + break; + default: + link_rate = adev->link_rate * 8 * 53; + } + pos += sprintf(pos, "%d\n", link_rate); + + return pos - buf; +} + +static CLASS_DEVICE_ATTR(address, S_IRUGO, show_address, NULL); +static CLASS_DEVICE_ATTR(atmaddress, S_IRUGO, show_atmaddress, NULL); +static CLASS_DEVICE_ATTR(carrier, S_IRUGO, show_carrier, NULL); +static CLASS_DEVICE_ATTR(type, S_IRUGO, show_type, NULL); +static CLASS_DEVICE_ATTR(link_rate, S_IRUGO, show_link_rate, NULL); + +static struct class_device_attribute *atm_attrs[] = { + &class_device_attr_atmaddress, + &class_device_attr_address, + &class_device_attr_carrier, + &class_device_attr_type, + &class_device_attr_link_rate, + NULL +}; + +static int atm_uevent(struct class_device *cdev, char **envp, int num_envp, char *buf, int size) +{ + struct atm_dev *adev; + int i = 0, len = 0; + + if (!cdev) + return -ENODEV; + + adev = to_atm_dev(cdev); + if (!adev) + return -ENODEV; + + if (add_uevent_var(envp, num_envp, &i, buf, size, &len, + "NAME=%s%d", adev->type, adev->number)) + return -ENOMEM; + + envp[i] = NULL; + return 0; +} + +static void atm_release(struct class_device *cdev) +{ + struct atm_dev *adev = to_atm_dev(cdev); + + kfree(adev); +} + +static struct class atm_class = { + .name = "atm", + .release = atm_release, + .uevent = atm_uevent, +}; + +int atm_register_sysfs(struct atm_dev *adev) +{ + struct class_device *cdev = &adev->class_dev; + int i, err; + + cdev->class = &atm_class; + class_set_devdata(cdev, adev); + + snprintf(cdev->class_id, BUS_ID_SIZE, "%s%d", adev->type, adev->number); + err = class_device_register(cdev); + if (err < 0) + return err; + + for (i = 0; atm_attrs[i]; i++) + class_device_create_file(cdev, atm_attrs[i]); + + return 0; +} + +void atm_unregister_sysfs(struct atm_dev *adev) +{ + struct class_device *cdev = &adev->class_dev; + + class_device_del(cdev); +} + +int __init atm_sysfs_init(void) +{ + return class_register(&atm_class); +} + +void __exit atm_sysfs_exit(void) +{ + class_unregister(&atm_class); +} diff --git a/net/atm/br2684.c b/net/atm/br2684.c index 680ccb12aae..a487233dc46 100644 --- a/net/atm/br2684.c +++ b/net/atm/br2684.c @@ -5,7 +5,6 @@ Author: Marcell GAL, 2000, XDSL Ltd, Hungary */ #include <linux/module.h> -#include <linux/config.h> #include <linux/init.h> #include <linux/kernel.h> #include <linux/list.h> diff --git a/net/atm/clip.c b/net/atm/clip.c index f92f9c94d2c..87a454f5c89 100644 --- a/net/atm/clip.c +++ b/net/atm/clip.c @@ -2,7 +2,6 @@ /* Written 1995-2000 by Werner Almesberger, EPFL LRC/ICA */ -#include <linux/config.h> #include <linux/string.h> #include <linux/errno.h> #include <linux/kernel.h> /* for UINT_MAX */ diff --git a/net/atm/common.c b/net/atm/common.c index ae002220fa9..fbabff49446 100644 --- a/net/atm/common.c +++ b/net/atm/common.c @@ -3,7 +3,6 @@ /* Written 1995-2000 by Werner Almesberger, EPFL LRC/ICA */ -#include <linux/config.h> #include <linux/module.h> #include <linux/kmod.h> #include <linux/net.h> /* struct socket, struct proto_ops */ @@ -791,8 +790,14 @@ static int __init atm_init(void) printk(KERN_ERR "atm_proc_init() failed with %d\n",error); goto out_atmsvc_exit; } + if ((error = atm_sysfs_init()) < 0) { + printk(KERN_ERR "atm_sysfs_init() failed with %d\n",error); + goto out_atmproc_exit; + } out: return error; +out_atmproc_exit: + atm_proc_exit(); out_atmsvc_exit: atmsvc_exit(); out_atmpvc_exit: @@ -805,6 +810,7 @@ out_unregister_vcc_proto: static void __exit atm_exit(void) { atm_proc_exit(); + atm_sysfs_exit(); atmsvc_exit(); atmpvc_exit(); proto_unregister(&vcc_proto); diff --git a/net/atm/common.h b/net/atm/common.h index 4887c317cef..a422da7788f 100644 --- a/net/atm/common.h +++ b/net/atm/common.h @@ -28,6 +28,8 @@ int atmpvc_init(void); void atmpvc_exit(void); int atmsvc_init(void); void atmsvc_exit(void); +int atm_sysfs_init(void); +void atm_sysfs_exit(void); #ifdef CONFIG_PROC_FS int atm_proc_init(void); diff --git a/net/atm/ioctl.c b/net/atm/ioctl.c index 851cfa6312a..8c2022c3e81 100644 --- a/net/atm/ioctl.c +++ b/net/atm/ioctl.c @@ -4,7 +4,6 @@ /* 2003 John Levon <levon@movementarian.org> */ -#include <linux/config.h> #include <linux/module.h> #include <linux/kmod.h> #include <linux/net.h> /* struct socket, struct proto_ops */ diff --git a/net/atm/lec.c b/net/atm/lec.c index c4fc722fef9..4b68a18171c 100644 --- a/net/atm/lec.c +++ b/net/atm/lec.c @@ -4,7 +4,6 @@ * */ -#include <linux/config.h> #include <linux/kernel.h> #include <linux/bitops.h> #include <linux/capability.h> diff --git a/net/atm/lec.h b/net/atm/lec.h index 6606082b29a..c22a8bfa1f8 100644 --- a/net/atm/lec.h +++ b/net/atm/lec.h @@ -9,7 +9,6 @@ #ifndef _LEC_H_ #define _LEC_H_ -#include <linux/config.h> #include <linux/atmdev.h> #include <linux/netdevice.h> #include <linux/atmlec.h> diff --git a/net/atm/mpc.c b/net/atm/mpc.c index 5fe77df0018..9aafe1e2f04 100644 --- a/net/atm/mpc.c +++ b/net/atm/mpc.c @@ -25,7 +25,6 @@ #include <linux/atmlec.h> #include <linux/atmmpc.h> /* Modular too */ -#include <linux/config.h> #include <linux/module.h> #include "lec.h" diff --git a/net/atm/mpoa_proc.c b/net/atm/mpoa_proc.c index 60834b5a14d..d37b8911b3a 100644 --- a/net/atm/mpoa_proc.c +++ b/net/atm/mpoa_proc.c @@ -1,4 +1,3 @@ -#include <linux/config.h> #ifdef CONFIG_PROC_FS #include <linux/errno.h> diff --git a/net/atm/pppoatm.c b/net/atm/pppoatm.c index 1489067c1e8..76a7d8ff6c0 100644 --- a/net/atm/pppoatm.c +++ b/net/atm/pppoatm.c @@ -34,7 +34,6 @@ */ #include <linux/module.h> -#include <linux/config.h> #include <linux/init.h> #include <linux/skbuff.h> #include <linux/atm.h> diff --git a/net/atm/proc.c b/net/atm/proc.c index 4041054e528..3f95b0886a6 100644 --- a/net/atm/proc.c +++ b/net/atm/proc.c @@ -8,7 +8,6 @@ * the reader. */ -#include <linux/config.h> #include <linux/module.h> /* for EXPORT_SYMBOL */ #include <linux/string.h> #include <linux/types.h> diff --git a/net/atm/pvc.c b/net/atm/pvc.c index f2c541774dc..b2148b43a42 100644 --- a/net/atm/pvc.c +++ b/net/atm/pvc.c @@ -3,7 +3,6 @@ /* Written 1995-2000 by Werner Almesberger, EPFL LRC/ICA */ -#include <linux/config.h> #include <linux/net.h> /* struct socket, struct proto_ops */ #include <linux/atm.h> /* ATM stuff */ #include <linux/atmdev.h> /* ATM devices */ diff --git a/net/atm/resources.c b/net/atm/resources.c index 18ac80698f8..de25c6408b0 100644 --- a/net/atm/resources.c +++ b/net/atm/resources.c @@ -8,7 +8,6 @@ * use the default destruct function initialized by sock_init_data */ -#include <linux/config.h> #include <linux/ctype.h> #include <linux/string.h> #include <linux/atmdev.h> @@ -114,14 +113,27 @@ struct atm_dev *atm_dev_register(const char *type, const struct atmdev_ops *ops, printk(KERN_ERR "atm_dev_register: " "atm_proc_dev_register failed for dev %s\n", type); - mutex_unlock(&atm_dev_mutex); - kfree(dev); - return NULL; + goto out_fail; + } + + if (atm_register_sysfs(dev) < 0) { + printk(KERN_ERR "atm_dev_register: " + "atm_register_sysfs failed for dev %s\n", + type); + atm_proc_dev_deregister(dev); + goto out_fail; } + list_add_tail(&dev->dev_list, &atm_devs); - mutex_unlock(&atm_dev_mutex); +out: + mutex_unlock(&atm_dev_mutex); return dev; + +out_fail: + kfree(dev); + dev = NULL; + goto out; } @@ -140,6 +152,7 @@ void atm_dev_deregister(struct atm_dev *dev) mutex_unlock(&atm_dev_mutex); atm_dev_release_vccs(dev); + atm_unregister_sysfs(dev); atm_proc_dev_deregister(dev); atm_dev_put(dev); diff --git a/net/atm/resources.h b/net/atm/resources.h index ac7222fee7a..1d004aaaeec 100644 --- a/net/atm/resources.h +++ b/net/atm/resources.h @@ -6,7 +6,6 @@ #ifndef NET_ATM_RESOURCES_H #define NET_ATM_RESOURCES_H -#include <linux/config.h> #include <linux/atmdev.h> #include <linux/mutex.h> @@ -43,4 +42,6 @@ static inline void atm_proc_dev_deregister(struct atm_dev *dev) #endif /* CONFIG_PROC_FS */ +int atm_register_sysfs(struct atm_dev *adev); +void atm_unregister_sysfs(struct atm_dev *adev); #endif diff --git a/net/ax25/af_ax25.c b/net/ax25/af_ax25.c index a2e0dd047e9..10a3c0aa839 100644 --- a/net/ax25/af_ax25.c +++ b/net/ax25/af_ax25.c @@ -13,7 +13,6 @@ * Copyright (C) Hans Alblas PE1AYX (hans@esrac.ele.tue.nl) * Copyright (C) Frederic Rible F1OAT (frible@teaser.fr) */ -#include <linux/config.h> #include <linux/capability.h> #include <linux/module.h> #include <linux/errno.h> diff --git a/net/ax25/ax25_dev.c b/net/ax25/ax25_dev.c index dab77efe34a..47e6e790bd6 100644 --- a/net/ax25/ax25_dev.c +++ b/net/ax25/ax25_dev.c @@ -6,7 +6,6 @@ * * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk) */ -#include <linux/config.h> #include <linux/errno.h> #include <linux/types.h> #include <linux/socket.h> diff --git a/net/ax25/ax25_iface.c b/net/ax25/ax25_iface.c index 3bb152710b7..77ba07c6768 100644 --- a/net/ax25/ax25_iface.c +++ b/net/ax25/ax25_iface.c @@ -6,7 +6,6 @@ * * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk) */ -#include <linux/config.h> #include <linux/errno.h> #include <linux/types.h> #include <linux/socket.h> diff --git a/net/ax25/ax25_ip.c b/net/ax25/ax25_ip.c index a0b534f80f1..9be5c15e63d 100644 --- a/net/ax25/ax25_ip.c +++ b/net/ax25/ax25_ip.c @@ -6,7 +6,6 @@ * * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk) */ -#include <linux/config.h> #include <linux/errno.h> #include <linux/types.h> #include <linux/socket.h> diff --git a/net/ax25/ax25_out.c b/net/ax25/ax25_out.c index 5d99852b239..d7736e58533 100644 --- a/net/ax25/ax25_out.c +++ b/net/ax25/ax25_out.c @@ -8,7 +8,6 @@ * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk) * Copyright (C) Joerg Reuter DL1BKE (jreuter@yaina.de) */ -#include <linux/config.h> #include <linux/errno.h> #include <linux/types.h> #include <linux/socket.h> diff --git a/net/ax25/ax25_timer.c b/net/ax25/ax25_timer.c index ec254057f21..72594867fab 100644 --- a/net/ax25/ax25_timer.c +++ b/net/ax25/ax25_timer.c @@ -12,7 +12,6 @@ * Copyright (C) Frederic Rible F1OAT (frible@teaser.fr) * Copyright (C) 2002 Ralf Baechle DO1GRB (ralf@gnu.org) */ -#include <linux/config.h> #include <linux/errno.h> #include <linux/types.h> #include <linux/socket.h> diff --git a/net/ax25/sysctl_net_ax25.c b/net/ax25/sysctl_net_ax25.c index bdb64c36df1..369a75b160f 100644 --- a/net/ax25/sysctl_net_ax25.c +++ b/net/ax25/sysctl_net_ax25.c @@ -6,7 +6,6 @@ * * Copyright (C) 1996 Mike Shaver (shaver@zeroknowledge.com) */ -#include <linux/config.h> #include <linux/mm.h> #include <linux/sysctl.h> #include <linux/spinlock.h> diff --git a/net/bluetooth/af_bluetooth.c b/net/bluetooth/af_bluetooth.c index 469eda0f0df..51f867062e1 100644 --- a/net/bluetooth/af_bluetooth.c +++ b/net/bluetooth/af_bluetooth.c @@ -24,7 +24,6 @@ /* Bluetooth address family and sockets. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> diff --git a/net/bluetooth/bnep/core.c b/net/bluetooth/bnep/core.c index d908d49dc9f..e620061fb50 100644 --- a/net/bluetooth/bnep/core.c +++ b/net/bluetooth/bnep/core.c @@ -29,7 +29,6 @@ * $Id: core.c,v 1.20 2002/08/04 21:23:58 maxk Exp $ */ -#include <linux/config.h> #include <linux/module.h> #include <linux/kernel.h> diff --git a/net/bluetooth/bnep/netdev.c b/net/bluetooth/bnep/netdev.c index 921204f95f4..7f7b27db6a8 100644 --- a/net/bluetooth/bnep/netdev.c +++ b/net/bluetooth/bnep/netdev.c @@ -29,7 +29,6 @@ * $Id: netdev.c,v 1.8 2002/08/04 21:23:58 maxk Exp $ */ -#include <linux/config.h> #include <linux/module.h> #include <linux/socket.h> diff --git a/net/bluetooth/bnep/sock.c b/net/bluetooth/bnep/sock.c index 2bfe796cf05..28c55835422 100644 --- a/net/bluetooth/bnep/sock.c +++ b/net/bluetooth/bnep/sock.c @@ -28,7 +28,6 @@ * $Id: sock.c,v 1.4 2002/08/04 21:23:58 maxk Exp $ */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> diff --git a/net/bluetooth/cmtp/capi.c b/net/bluetooth/cmtp/capi.c index b2e7e38531c..6fb47e00e18 100644 --- a/net/bluetooth/cmtp/capi.c +++ b/net/bluetooth/cmtp/capi.c @@ -20,7 +20,6 @@ SOFTWARE IS DISCLAIMED. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> diff --git a/net/bluetooth/cmtp/core.c b/net/bluetooth/cmtp/core.c index 901eff7ebe7..182254a580e 100644 --- a/net/bluetooth/cmtp/core.c +++ b/net/bluetooth/cmtp/core.c @@ -20,7 +20,6 @@ SOFTWARE IS DISCLAIMED. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> diff --git a/net/bluetooth/cmtp/sock.c b/net/bluetooth/cmtp/sock.c index 8f8fad23f78..10ad7fd91d8 100644 --- a/net/bluetooth/cmtp/sock.c +++ b/net/bluetooth/cmtp/sock.c @@ -20,7 +20,6 @@ SOFTWARE IS DISCLAIMED. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> diff --git a/net/bluetooth/hci_conn.c b/net/bluetooth/hci_conn.c index f812ed129e5..5c0c2b1ef34 100644 --- a/net/bluetooth/hci_conn.c +++ b/net/bluetooth/hci_conn.c @@ -24,7 +24,6 @@ /* Bluetooth HCI connection handling. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> diff --git a/net/bluetooth/hci_core.c b/net/bluetooth/hci_core.c index a49a6975092..f67240beb0d 100644 --- a/net/bluetooth/hci_core.c +++ b/net/bluetooth/hci_core.c @@ -24,7 +24,6 @@ /* Bluetooth HCI core. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/kmod.h> diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c index eb64555d1fb..618bacee1b1 100644 --- a/net/bluetooth/hci_event.c +++ b/net/bluetooth/hci_event.c @@ -24,7 +24,6 @@ /* Bluetooth HCI event handling. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> diff --git a/net/bluetooth/hci_sock.c b/net/bluetooth/hci_sock.c index 97bdec73d17..1a35d343e08 100644 --- a/net/bluetooth/hci_sock.c +++ b/net/bluetooth/hci_sock.c @@ -24,7 +24,6 @@ /* Bluetooth HCI sockets. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> diff --git a/net/bluetooth/hci_sysfs.c b/net/bluetooth/hci_sysfs.c index 0ed38740388..19b234c86f3 100644 --- a/net/bluetooth/hci_sysfs.c +++ b/net/bluetooth/hci_sysfs.c @@ -1,6 +1,5 @@ /* Bluetooth HCI driver model support. */ -#include <linux/config.h> #include <linux/kernel.h> #include <linux/init.h> diff --git a/net/bluetooth/hidp/core.c b/net/bluetooth/hidp/core.c index cdb9cfafd96..b9c24a55425 100644 --- a/net/bluetooth/hidp/core.c +++ b/net/bluetooth/hidp/core.c @@ -20,7 +20,6 @@ SOFTWARE IS DISCLAIMED. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> diff --git a/net/bluetooth/hidp/sock.c b/net/bluetooth/hidp/sock.c index b8f67761b88..099646e4e2e 100644 --- a/net/bluetooth/hidp/sock.c +++ b/net/bluetooth/hidp/sock.c @@ -20,7 +20,6 @@ SOFTWARE IS DISCLAIMED. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> diff --git a/net/bluetooth/l2cap.c b/net/bluetooth/l2cap.c index f6b4a808535..770101177da 100644 --- a/net/bluetooth/l2cap.c +++ b/net/bluetooth/l2cap.c @@ -24,7 +24,6 @@ /* Bluetooth L2CAP core and sockets. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> diff --git a/net/bluetooth/lib.c b/net/bluetooth/lib.c index ee6a6697991..e5fd0cb70ae 100644 --- a/net/bluetooth/lib.c +++ b/net/bluetooth/lib.c @@ -24,7 +24,6 @@ /* Bluetooth kernel library. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/kernel.h> diff --git a/net/bluetooth/rfcomm/core.c b/net/bluetooth/rfcomm/core.c index e99010ce8bb..bd46e8927f2 100644 --- a/net/bluetooth/rfcomm/core.c +++ b/net/bluetooth/rfcomm/core.c @@ -27,7 +27,6 @@ * $Id: core.c,v 1.42 2002/10/01 23:26:25 maxk Exp $ */ -#include <linux/config.h> #include <linux/module.h> #include <linux/errno.h> #include <linux/kernel.h> diff --git a/net/bluetooth/rfcomm/sock.c b/net/bluetooth/rfcomm/sock.c index 757d2dd3b02..4e9962c8cfa 100644 --- a/net/bluetooth/rfcomm/sock.c +++ b/net/bluetooth/rfcomm/sock.c @@ -27,7 +27,6 @@ * $Id: sock.c,v 1.24 2002/10/03 01:00:34 maxk Exp $ */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> diff --git a/net/bluetooth/rfcomm/tty.c b/net/bluetooth/rfcomm/tty.c index b81fad89332..2ff2d5b87c9 100644 --- a/net/bluetooth/rfcomm/tty.c +++ b/net/bluetooth/rfcomm/tty.c @@ -27,7 +27,6 @@ * $Id: tty.c,v 1.24 2002/10/03 01:54:38 holtmann Exp $ */ -#include <linux/config.h> #include <linux/module.h> #include <linux/tty.h> @@ -1021,13 +1020,12 @@ int rfcomm_init_ttys(void) rfcomm_tty_driver->owner = THIS_MODULE; rfcomm_tty_driver->driver_name = "rfcomm"; - rfcomm_tty_driver->devfs_name = "bluetooth/rfcomm/"; rfcomm_tty_driver->name = "rfcomm"; rfcomm_tty_driver->major = RFCOMM_TTY_MAJOR; rfcomm_tty_driver->minor_start = RFCOMM_TTY_MINOR; rfcomm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL; rfcomm_tty_driver->subtype = SERIAL_TYPE_NORMAL; - rfcomm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_NO_DEVFS; + rfcomm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV; rfcomm_tty_driver->init_termios = tty_std_termios; rfcomm_tty_driver->init_termios.c_cflag = B9600 | CS8 | CREAD | HUPCL | CLOCAL; tty_set_operations(rfcomm_tty_driver, &rfcomm_ops); diff --git a/net/bluetooth/sco.c b/net/bluetooth/sco.c index 0c2d13ad69b..a5f1e44db5d 100644 --- a/net/bluetooth/sco.c +++ b/net/bluetooth/sco.c @@ -24,7 +24,6 @@ /* Bluetooth SCO sockets. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> diff --git a/net/bridge/br.c b/net/bridge/br.c index 654401ceb2d..2994387999a 100644 --- a/net/bridge/br.c +++ b/net/bridge/br.c @@ -13,7 +13,6 @@ * 2 of the License, or (at your option) any later version. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/kernel.h> #include <linux/netdevice.h> diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c index 2afdc7c0736..f8dbcee80eb 100644 --- a/net/bridge/br_device.c +++ b/net/bridge/br_device.c @@ -184,6 +184,6 @@ void br_dev_setup(struct net_device *dev) dev->set_mac_address = br_set_mac_address; dev->priv_flags = IFF_EBRIDGE; - dev->features = NETIF_F_SG | NETIF_F_FRAGLIST - | NETIF_F_HIGHDMA | NETIF_F_TSO | NETIF_F_NO_CSUM; + dev->features = NETIF_F_SG | NETIF_F_FRAGLIST | NETIF_F_HIGHDMA | + NETIF_F_TSO | NETIF_F_NO_CSUM | NETIF_F_GSO_ROBUST; } diff --git a/net/bridge/br_if.c b/net/bridge/br_if.c index 07956ecf545..f55ef682ef8 100644 --- a/net/bridge/br_if.c +++ b/net/bridge/br_if.c @@ -392,7 +392,8 @@ void br_features_recompute(struct net_bridge *br) features &= feature; } - br->dev->features = features | checksum | NETIF_F_LLTX; + br->dev->features = features | checksum | NETIF_F_LLTX | + NETIF_F_GSO_ROBUST; } /* called with RTNL */ diff --git a/net/bridge/netfilter/ebt_ulog.c b/net/bridge/netfilter/ebt_ulog.c index ee5a5176126..02693a230dc 100644 --- a/net/bridge/netfilter/ebt_ulog.c +++ b/net/bridge/netfilter/ebt_ulog.c @@ -29,7 +29,6 @@ */ #include <linux/module.h> -#include <linux/config.h> #include <linux/spinlock.h> #include <linux/socket.h> #include <linux/skbuff.h> diff --git a/net/core/dev.c b/net/core/dev.c index f1c52cbd6ef..066a60a7528 100644 --- a/net/core/dev.c +++ b/net/core/dev.c @@ -76,7 +76,6 @@ #include <asm/system.h> #include <linux/bitops.h> #include <linux/capability.h> -#include <linux/config.h> #include <linux/cpu.h> #include <linux/types.h> #include <linux/kernel.h> @@ -1190,11 +1189,14 @@ out: /** * skb_gso_segment - Perform segmentation on skb. * @skb: buffer to segment - * @sg: whether scatter-gather is supported on the target. + * @features: features for the output path (see dev->features) * * This function segments the given skb and returns a list of segments. + * + * It may return NULL if the skb requires no segmentation. This is + * only possible when GSO is used for verifying header integrity. */ -struct sk_buff *skb_gso_segment(struct sk_buff *skb, int sg) +struct sk_buff *skb_gso_segment(struct sk_buff *skb, int features) { struct sk_buff *segs = ERR_PTR(-EPROTONOSUPPORT); struct packet_type *ptype; @@ -1210,12 +1212,14 @@ struct sk_buff *skb_gso_segment(struct sk_buff *skb, int sg) rcu_read_lock(); list_for_each_entry_rcu(ptype, &ptype_base[ntohs(type) & 15], list) { if (ptype->type == type && !ptype->dev && ptype->gso_segment) { - segs = ptype->gso_segment(skb, sg); + segs = ptype->gso_segment(skb, features); break; } } rcu_read_unlock(); + __skb_push(skb, skb->data - skb->mac.raw); + return segs; } @@ -1234,7 +1238,6 @@ void netdev_rx_csum_fault(struct net_device *dev) EXPORT_SYMBOL(netdev_rx_csum_fault); #endif -#ifdef CONFIG_HIGHMEM /* Actually, we should eliminate this check as soon as we know, that: * 1. IOMMU is present and allows to map all the memory. * 2. No high memory really exists on this machine. @@ -1242,6 +1245,7 @@ EXPORT_SYMBOL(netdev_rx_csum_fault); static inline int illegal_highdma(struct net_device *dev, struct sk_buff *skb) { +#ifdef CONFIG_HIGHMEM int i; if (dev->features & NETIF_F_HIGHDMA) @@ -1251,11 +1255,9 @@ static inline int illegal_highdma(struct net_device *dev, struct sk_buff *skb) if (PageHighMem(skb_shinfo(skb)->frags[i].page)) return 1; +#endif return 0; } -#else -#define illegal_highdma(dev, skb) (0) -#endif struct dev_gso_cb { void (*destructor)(struct sk_buff *skb); @@ -1291,9 +1293,15 @@ static int dev_gso_segment(struct sk_buff *skb) { struct net_device *dev = skb->dev; struct sk_buff *segs; + int features = dev->features & ~(illegal_highdma(dev, skb) ? + NETIF_F_SG : 0); + + segs = skb_gso_segment(skb, features); + + /* Verifying header integrity only. */ + if (!segs) + return 0; - segs = skb_gso_segment(skb, dev->features & NETIF_F_SG && - !illegal_highdma(dev, skb)); if (unlikely(IS_ERR(segs))) return PTR_ERR(segs); @@ -1310,13 +1318,17 @@ int dev_hard_start_xmit(struct sk_buff *skb, struct net_device *dev) if (netdev_nit) dev_queue_xmit_nit(skb, dev); - if (!netif_needs_gso(dev, skb)) - return dev->hard_start_xmit(skb, dev); + if (netif_needs_gso(dev, skb)) { + if (unlikely(dev_gso_segment(skb))) + goto out_kfree_skb; + if (skb->next) + goto gso; + } - if (unlikely(dev_gso_segment(skb))) - goto out_kfree_skb; + return dev->hard_start_xmit(skb, dev); } +gso: do { struct sk_buff *nskb = skb->next; int rc; diff --git a/net/core/link_watch.c b/net/core/link_watch.c index 0f37266411b..4b36114744c 100644 --- a/net/core/link_watch.c +++ b/net/core/link_watch.c @@ -11,7 +11,6 @@ * */ -#include <linux/config.h> #include <linux/module.h> #include <linux/netdevice.h> #include <linux/if.h> diff --git a/net/core/neighbour.c b/net/core/neighbour.c index 50a8c73caf9..7ad681f5e71 100644 --- a/net/core/neighbour.c +++ b/net/core/neighbour.c @@ -15,7 +15,6 @@ * Harald Welte Add neighbour cache statistics like rtstat */ -#include <linux/config.h> #include <linux/types.h> #include <linux/kernel.h> #include <linux/module.h> diff --git a/net/core/net-sysfs.c b/net/core/net-sysfs.c index 47a6fceb677..13472762b18 100644 --- a/net/core/net-sysfs.c +++ b/net/core/net-sysfs.c @@ -10,7 +10,6 @@ */ #include <linux/capability.h> -#include <linux/config.h> #include <linux/kernel.h> #include <linux/netdevice.h> #include <linux/if_arp.h> diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c index 3fcfa9c59e1..20e5bb73f14 100644 --- a/net/core/rtnetlink.c +++ b/net/core/rtnetlink.c @@ -16,7 +16,6 @@ * Vitaly E. Lavrov RTA_OK arithmetics was wrong. */ -#include <linux/config.h> #include <linux/errno.h> #include <linux/module.h> #include <linux/types.h> @@ -663,7 +662,7 @@ rtnetlink_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh, int *errp) sz_idx = type>>2; kind = type&3; - if (kind != 2 && security_netlink_recv(skb)) { + if (kind != 2 && security_netlink_recv(skb, CAP_NET_ADMIN)) { *errp = -EPERM; return -1; } diff --git a/net/core/skbuff.c b/net/core/skbuff.c index 6edbb90cbce..7cfbdb215ba 100644 --- a/net/core/skbuff.c +++ b/net/core/skbuff.c @@ -38,7 +38,6 @@ * The functions in this file will not compile correctly with gcc 2.4.x */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> #include <linux/kernel.h> @@ -272,7 +271,7 @@ static void skb_clone_fraglist(struct sk_buff *skb) skb_get(list); } -void skb_release_data(struct sk_buff *skb) +static void skb_release_data(struct sk_buff *skb) { if (!skb->cloned || !atomic_sub_return(skb->nohdr ? (1 << SKB_DATAREF_SHIFT) + 1 : 1, @@ -1848,13 +1847,13 @@ EXPORT_SYMBOL_GPL(skb_pull_rcsum); /** * skb_segment - Perform protocol segmentation on skb. * @skb: buffer to segment - * @sg: whether scatter-gather can be used for generated segments + * @features: features for the output path (see dev->features) * * This function performs segmentation on the given skb. It returns * the segment at the given position. It returns NULL if there are * no more segments to generate, or when an error is encountered. */ -struct sk_buff *skb_segment(struct sk_buff *skb, int sg) +struct sk_buff *skb_segment(struct sk_buff *skb, int features) { struct sk_buff *segs = NULL; struct sk_buff *tail = NULL; @@ -1863,6 +1862,7 @@ struct sk_buff *skb_segment(struct sk_buff *skb, int sg) unsigned int offset = doffset; unsigned int headroom; unsigned int len; + int sg = features & NETIF_F_SG; int nfrags = skb_shinfo(skb)->nr_frags; int err = -ENOMEM; int i = 0; diff --git a/net/core/sock.c b/net/core/sock.c index 5d820c37665..533b9317144 100644 --- a/net/core/sock.c +++ b/net/core/sock.c @@ -92,7 +92,6 @@ */ #include <linux/capability.h> -#include <linux/config.h> #include <linux/errno.h> #include <linux/types.h> #include <linux/socket.h> @@ -565,6 +564,13 @@ set_rcvbuf: ret = -ENONET; break; + case SO_PASSSEC: + if (valbool) + set_bit(SOCK_PASSSEC, &sock->flags); + else + clear_bit(SOCK_PASSSEC, &sock->flags); + break; + /* We implement the SO_SNDLOWAT etc to not be settable (1003.1g 5.3) */ default: @@ -723,6 +729,10 @@ int sock_getsockopt(struct socket *sock, int level, int optname, v.val = sk->sk_state == TCP_LISTEN; break; + case SO_PASSSEC: + v.val = test_bit(SOCK_PASSSEC, &sock->flags) ? 1 : 0; + break; + case SO_PEERSEC: return security_socket_getpeersec_stream(sock, optval, optlen, len); diff --git a/net/core/sysctl_net_core.c b/net/core/sysctl_net_core.c index 71045365672..02534131d88 100644 --- a/net/core/sysctl_net_core.c +++ b/net/core/sysctl_net_core.c @@ -7,7 +7,6 @@ #include <linux/mm.h> #include <linux/sysctl.h> -#include <linux/config.h> #include <linux/module.h> #include <linux/socket.h> #include <net/sock.h> diff --git a/net/dccp/ackvec.h b/net/dccp/ackvec.h index ec7a89bb7b3..0adf4b56c34 100644 --- a/net/dccp/ackvec.h +++ b/net/dccp/ackvec.h @@ -11,7 +11,6 @@ * published by the Free Software Foundation. */ -#include <linux/config.h> #include <linux/compiler.h> #include <linux/list.h> #include <linux/time.h> diff --git a/net/dccp/ccids/ccid2.c b/net/dccp/ccids/ccid2.c index d4f9e2d3345..e9615627dcd 100644 --- a/net/dccp/ccids/ccid2.c +++ b/net/dccp/ccids/ccid2.c @@ -30,7 +30,6 @@ * - jiffies wrapping */ -#include <linux/config.h> #include "../ccid.h" #include "../dccp.h" #include "ccid2.h" diff --git a/net/dccp/ccids/ccid3.c b/net/dccp/ccids/ccid3.c index b4a51d0355a..c39bff706cf 100644 --- a/net/dccp/ccids/ccid3.c +++ b/net/dccp/ccids/ccid3.c @@ -34,7 +34,6 @@ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ -#include <linux/config.h> #include "../ccid.h" #include "../dccp.h" #include "lib/packet_history.h" diff --git a/net/dccp/ccids/ccid3.h b/net/dccp/ccids/ccid3.h index f18b96d4e5a..5ade4f668b2 100644 --- a/net/dccp/ccids/ccid3.h +++ b/net/dccp/ccids/ccid3.h @@ -36,7 +36,6 @@ #ifndef _DCCP_CCID3_H_ #define _DCCP_CCID3_H_ -#include <linux/config.h> #include <linux/list.h> #include <linux/time.h> #include <linux/types.h> diff --git a/net/dccp/ccids/lib/loss_interval.c b/net/dccp/ccids/lib/loss_interval.c index 4c01a54143a..5d7b7d86438 100644 --- a/net/dccp/ccids/lib/loss_interval.c +++ b/net/dccp/ccids/lib/loss_interval.c @@ -11,7 +11,6 @@ * (at your option) any later version. */ -#include <linux/config.h> #include <linux/module.h> #include "loss_interval.h" diff --git a/net/dccp/ccids/lib/loss_interval.h b/net/dccp/ccids/lib/loss_interval.h index 417d9d82df3..43bf78269d1 100644 --- a/net/dccp/ccids/lib/loss_interval.h +++ b/net/dccp/ccids/lib/loss_interval.h @@ -13,7 +13,6 @@ * any later version. */ -#include <linux/config.h> #include <linux/list.h> #include <linux/slab.h> #include <linux/time.h> diff --git a/net/dccp/ccids/lib/packet_history.c b/net/dccp/ccids/lib/packet_history.c index d3f9d205383..ad98d6a322e 100644 --- a/net/dccp/ccids/lib/packet_history.c +++ b/net/dccp/ccids/lib/packet_history.c @@ -34,7 +34,6 @@ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/string.h> diff --git a/net/dccp/ccids/lib/packet_history.h b/net/dccp/ccids/lib/packet_history.h index 122e96737ff..673c209e4e8 100644 --- a/net/dccp/ccids/lib/packet_history.h +++ b/net/dccp/ccids/lib/packet_history.h @@ -37,7 +37,6 @@ #ifndef _DCCP_PKT_HIST_ #define _DCCP_PKT_HIST_ -#include <linux/config.h> #include <linux/list.h> #include <linux/slab.h> #include <linux/time.h> diff --git a/net/dccp/ccids/lib/tfrc_equation.c b/net/dccp/ccids/lib/tfrc_equation.c index add3cae65e2..4fd2ebebf5a 100644 --- a/net/dccp/ccids/lib/tfrc_equation.c +++ b/net/dccp/ccids/lib/tfrc_equation.c @@ -12,7 +12,6 @@ * (at your option) any later version. */ -#include <linux/config.h> #include <linux/module.h> #include <asm/div64.h> diff --git a/net/dccp/dccp.h b/net/dccp/dccp.h index 1fe50914868..d00a2f4ee5d 100644 --- a/net/dccp/dccp.h +++ b/net/dccp/dccp.h @@ -12,7 +12,6 @@ * published by the Free Software Foundation. */ -#include <linux/config.h> #include <linux/dccp.h> #include <net/snmp.h> #include <net/sock.h> diff --git a/net/dccp/diag.c b/net/dccp/diag.c index 0f25dc39596..0f3745585a9 100644 --- a/net/dccp/diag.c +++ b/net/dccp/diag.c @@ -9,7 +9,6 @@ * published by the Free Software Foundation. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/inet_diag.h> diff --git a/net/dccp/feat.c b/net/dccp/feat.c index b39e2a59788..a1b0682ee77 100644 --- a/net/dccp/feat.c +++ b/net/dccp/feat.c @@ -10,7 +10,6 @@ * 2 of the License, or (at your option) any later version. */ -#include <linux/config.h> #include <linux/module.h> #include "dccp.h" diff --git a/net/dccp/input.c b/net/dccp/input.c index bfc53665516..7f9dc6ac58c 100644 --- a/net/dccp/input.c +++ b/net/dccp/input.c @@ -10,7 +10,6 @@ * 2 of the License, or (at your option) any later version. */ -#include <linux/config.h> #include <linux/dccp.h> #include <linux/skbuff.h> diff --git a/net/dccp/ipv4.c b/net/dccp/ipv4.c index f2c011fd2ba..c3073e7e81d 100644 --- a/net/dccp/ipv4.c +++ b/net/dccp/ipv4.c @@ -10,7 +10,6 @@ * 2 of the License, or (at your option) any later version. */ -#include <linux/config.h> #include <linux/dccp.h> #include <linux/icmp.h> #include <linux/module.h> diff --git a/net/dccp/ipv6.c b/net/dccp/ipv6.c index 65e2ab0886e..ff42bc43263 100644 --- a/net/dccp/ipv6.c +++ b/net/dccp/ipv6.c @@ -12,7 +12,6 @@ * 2 of the License, or (at your option) any later version. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/random.h> #include <linux/xfrm.h> diff --git a/net/dccp/ipv6.h b/net/dccp/ipv6.h index e4d4e930927..6eef81fdbe5 100644 --- a/net/dccp/ipv6.h +++ b/net/dccp/ipv6.h @@ -11,7 +11,6 @@ * published by the Free Software Foundation. */ -#include <linux/config.h> #include <linux/dccp.h> #include <linux/ipv6.h> diff --git a/net/dccp/minisocks.c b/net/dccp/minisocks.c index c0349e5b055..9045438d6b3 100644 --- a/net/dccp/minisocks.c +++ b/net/dccp/minisocks.c @@ -10,7 +10,6 @@ * 2 of the License, or (at your option) any later version. */ -#include <linux/config.h> #include <linux/dccp.h> #include <linux/skbuff.h> #include <linux/timer.h> diff --git a/net/dccp/options.c b/net/dccp/options.c index e9feb2a0c77..c3cda1e39aa 100644 --- a/net/dccp/options.c +++ b/net/dccp/options.c @@ -11,7 +11,6 @@ * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. */ -#include <linux/config.h> #include <linux/dccp.h> #include <linux/module.h> #include <linux/types.h> diff --git a/net/dccp/output.c b/net/dccp/output.c index 7409e4a3abd..58669beee13 100644 --- a/net/dccp/output.c +++ b/net/dccp/output.c @@ -10,7 +10,6 @@ * 2 of the License, or (at your option) any later version. */ -#include <linux/config.h> #include <linux/dccp.h> #include <linux/kernel.h> #include <linux/skbuff.h> diff --git a/net/dccp/proto.c b/net/dccp/proto.c index 5317fd3e669..f4f0627ea41 100644 --- a/net/dccp/proto.c +++ b/net/dccp/proto.c @@ -9,7 +9,6 @@ * published by the Free Software Foundation. */ -#include <linux/config.h> #include <linux/dccp.h> #include <linux/module.h> #include <linux/types.h> diff --git a/net/dccp/sysctl.c b/net/dccp/sysctl.c index 64c89e9c229..c1ba9451bc3 100644 --- a/net/dccp/sysctl.c +++ b/net/dccp/sysctl.c @@ -9,7 +9,6 @@ * as published by the Free Software Foundation. */ -#include <linux/config.h> #include <linux/mm.h> #include <linux/sysctl.h> diff --git a/net/dccp/timer.c b/net/dccp/timer.c index 5244415e5f1..8447742f561 100644 --- a/net/dccp/timer.c +++ b/net/dccp/timer.c @@ -10,7 +10,6 @@ * 2 of the License, or (at your option) any later version. */ -#include <linux/config.h> #include <linux/dccp.h> #include <linux/skbuff.h> diff --git a/net/decnet/af_decnet.c b/net/decnet/af_decnet.c index 2b289ef20ab..5486247735f 100644 --- a/net/decnet/af_decnet.c +++ b/net/decnet/af_decnet.c @@ -99,7 +99,6 @@ Version 0.0.6 2.1.110 07-aug-98 Eduardo Marcelo Serrat dn_bind fixes *******************************************************************************/ -#include <linux/config.h> #include <linux/module.h> #include <linux/errno.h> #include <linux/types.h> diff --git a/net/decnet/dn_dev.c b/net/decnet/dn_dev.c index a26ff9f4457..98a25208440 100644 --- a/net/decnet/dn_dev.c +++ b/net/decnet/dn_dev.c @@ -24,7 +24,6 @@ * devices. All mtu based now. */ -#include <linux/config.h> #include <linux/capability.h> #include <linux/module.h> #include <linux/moduleparam.h> diff --git a/net/decnet/dn_fib.c b/net/decnet/dn_fib.c index bd4ce8681a1..0375077391b 100644 --- a/net/decnet/dn_fib.c +++ b/net/decnet/dn_fib.c @@ -17,7 +17,6 @@ * this code was copied from it. * */ -#include <linux/config.h> #include <linux/string.h> #include <linux/net.h> #include <linux/socket.h> diff --git a/net/decnet/dn_neigh.c b/net/decnet/dn_neigh.c index 66e230c3b32..5ce9c9e0565 100644 --- a/net/decnet/dn_neigh.c +++ b/net/decnet/dn_neigh.c @@ -24,7 +24,6 @@ * */ -#include <linux/config.h> #include <linux/net.h> #include <linux/module.h> #include <linux/socket.h> diff --git a/net/decnet/dn_nsp_in.c b/net/decnet/dn_nsp_in.c index a2ba9db1c37..86f7f3b28e7 100644 --- a/net/decnet/dn_nsp_in.c +++ b/net/decnet/dn_nsp_in.c @@ -45,7 +45,6 @@ GNU General Public License for more details. *******************************************************************************/ -#include <linux/config.h> #include <linux/errno.h> #include <linux/types.h> #include <linux/socket.h> diff --git a/net/decnet/dn_route.c b/net/decnet/dn_route.c index 5abf7057af0..1355614ec11 100644 --- a/net/decnet/dn_route.c +++ b/net/decnet/dn_route.c @@ -55,7 +55,6 @@ GNU General Public License for more details. *******************************************************************************/ -#include <linux/config.h> #include <linux/errno.h> #include <linux/types.h> #include <linux/socket.h> diff --git a/net/decnet/dn_rules.c b/net/decnet/dn_rules.c index 446faafe206..06e785fe575 100644 --- a/net/decnet/dn_rules.c +++ b/net/decnet/dn_rules.c @@ -13,7 +13,6 @@ * Changes: * */ -#include <linux/config.h> #include <linux/string.h> #include <linux/net.h> #include <linux/socket.h> diff --git a/net/decnet/dn_table.c b/net/decnet/dn_table.c index 0ebc46af1bd..37d9d0a1ac8 100644 --- a/net/decnet/dn_table.c +++ b/net/decnet/dn_table.c @@ -12,7 +12,6 @@ * Changes: * */ -#include <linux/config.h> #include <linux/string.h> #include <linux/net.h> #include <linux/socket.h> diff --git a/net/decnet/netfilter/dn_rtmsg.c b/net/decnet/netfilter/dn_rtmsg.c index 74133ecd770..8b99bd33540 100644 --- a/net/decnet/netfilter/dn_rtmsg.c +++ b/net/decnet/netfilter/dn_rtmsg.c @@ -107,7 +107,7 @@ static inline void dnrmg_receive_user_skb(struct sk_buff *skb) if (nlh->nlmsg_len < sizeof(*nlh) || skb->len < nlh->nlmsg_len) return; - if (!cap_raised(NETLINK_CB(skb).eff_cap, CAP_NET_ADMIN)) + if (security_netlink_recv(skb, CAP_NET_ADMIN)) RCV_SKB_FAIL(-EPERM); /* Eventually we might send routing messages too */ diff --git a/net/decnet/sysctl_net_decnet.c b/net/decnet/sysctl_net_decnet.c index bda5920215f..e246f054f36 100644 --- a/net/decnet/sysctl_net_decnet.c +++ b/net/decnet/sysctl_net_decnet.c @@ -13,7 +13,6 @@ * Steve Whitehouse - Memory buffer settings, like the tcp ones * */ -#include <linux/config.h> #include <linux/mm.h> #include <linux/sysctl.h> #include <linux/fs.h> diff --git a/net/econet/af_econet.c b/net/econet/af_econet.c index 868265619db..309ae4c6549 100644 --- a/net/econet/af_econet.c +++ b/net/econet/af_econet.c @@ -9,7 +9,6 @@ * */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> diff --git a/net/ethernet/eth.c b/net/ethernet/eth.c index c971f14712e..387c71c584e 100644 --- a/net/ethernet/eth.c +++ b/net/ethernet/eth.c @@ -51,7 +51,6 @@ #include <linux/etherdevice.h> #include <linux/skbuff.h> #include <linux/errno.h> -#include <linux/config.h> #include <linux/init.h> #include <linux/if_ether.h> #include <net/dst.h> diff --git a/net/ieee80211/ieee80211_crypt_ccmp.c b/net/ieee80211/ieee80211_crypt_ccmp.c index 78b2d13e80e..492647382ad 100644 --- a/net/ieee80211/ieee80211_crypt_ccmp.c +++ b/net/ieee80211/ieee80211_crypt_ccmp.c @@ -9,7 +9,6 @@ * more details. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/init.h> #include <linux/slab.h> diff --git a/net/ieee80211/ieee80211_crypt_tkip.c b/net/ieee80211/ieee80211_crypt_tkip.c index 3fa5df2e1f0..34dba0ba545 100644 --- a/net/ieee80211/ieee80211_crypt_tkip.c +++ b/net/ieee80211/ieee80211_crypt_tkip.c @@ -9,7 +9,6 @@ * more details. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/init.h> #include <linux/slab.h> diff --git a/net/ieee80211/ieee80211_crypt_wep.c b/net/ieee80211/ieee80211_crypt_wep.c index 649e581fa56..c5a87724aab 100644 --- a/net/ieee80211/ieee80211_crypt_wep.c +++ b/net/ieee80211/ieee80211_crypt_wep.c @@ -9,7 +9,6 @@ * more details. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/init.h> #include <linux/slab.h> diff --git a/net/ieee80211/ieee80211_geo.c b/net/ieee80211/ieee80211_geo.c index 192243ab35e..305a09de85a 100644 --- a/net/ieee80211/ieee80211_geo.c +++ b/net/ieee80211/ieee80211_geo.c @@ -24,7 +24,6 @@ ******************************************************************************/ #include <linux/compiler.h> -#include <linux/config.h> #include <linux/errno.h> #include <linux/if_arp.h> #include <linux/in6.h> diff --git a/net/ieee80211/ieee80211_module.c b/net/ieee80211/ieee80211_module.c index 2cb84d84f67..13b1e5fff7e 100644 --- a/net/ieee80211/ieee80211_module.c +++ b/net/ieee80211/ieee80211_module.c @@ -31,7 +31,6 @@ *******************************************************************************/ #include <linux/compiler.h> -#include <linux/config.h> #include <linux/errno.h> #include <linux/if_arp.h> #include <linux/in6.h> diff --git a/net/ieee80211/ieee80211_rx.c b/net/ieee80211/ieee80211_rx.c index 2bf567fd5a1..47ccf159372 100644 --- a/net/ieee80211/ieee80211_rx.c +++ b/net/ieee80211/ieee80211_rx.c @@ -14,7 +14,6 @@ */ #include <linux/compiler.h> -#include <linux/config.h> #include <linux/errno.h> #include <linux/if_arp.h> #include <linux/in6.h> diff --git a/net/ieee80211/ieee80211_tx.c b/net/ieee80211/ieee80211_tx.c index 6a5de1b8445..de148ae594f 100644 --- a/net/ieee80211/ieee80211_tx.c +++ b/net/ieee80211/ieee80211_tx.c @@ -24,7 +24,6 @@ ******************************************************************************/ #include <linux/compiler.h> -#include <linux/config.h> #include <linux/errno.h> #include <linux/if_arp.h> #include <linux/in6.h> diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c index 461216b4794..8d157157bf8 100644 --- a/net/ipv4/af_inet.c +++ b/net/ipv4/af_inet.c @@ -1097,7 +1097,7 @@ int inet_sk_rebuild_header(struct sock *sk) EXPORT_SYMBOL(inet_sk_rebuild_header); -static struct sk_buff *inet_gso_segment(struct sk_buff *skb, int sg) +static struct sk_buff *inet_gso_segment(struct sk_buff *skb, int features) { struct sk_buff *segs = ERR_PTR(-EINVAL); struct iphdr *iph; @@ -1126,10 +1126,10 @@ static struct sk_buff *inet_gso_segment(struct sk_buff *skb, int sg) rcu_read_lock(); ops = rcu_dereference(inet_protos[proto]); if (ops && ops->gso_segment) - segs = ops->gso_segment(skb, sg); + segs = ops->gso_segment(skb, features); rcu_read_unlock(); - if (IS_ERR(segs)) + if (!segs || unlikely(IS_ERR(segs))) goto out; skb = segs; diff --git a/net/ipv4/ah4.c b/net/ipv4/ah4.c index c7782230080..8e748be36c5 100644 --- a/net/ipv4/ah4.c +++ b/net/ipv4/ah4.c @@ -1,4 +1,3 @@ -#include <linux/config.h> #include <linux/module.h> #include <net/ip.h> #include <net/xfrm.h> diff --git a/net/ipv4/arp.c b/net/ipv4/arp.c index 4749d504c62..7b51b3bdb54 100644 --- a/net/ipv4/arp.c +++ b/net/ipv4/arp.c @@ -80,7 +80,6 @@ #include <linux/kernel.h> #include <linux/sched.h> #include <linux/capability.h> -#include <linux/config.h> #include <linux/socket.h> #include <linux/sockios.h> #include <linux/errno.h> diff --git a/net/ipv4/datagram.c b/net/ipv4/datagram.c index c1b42b5257f..ec5da4fbd9f 100644 --- a/net/ipv4/datagram.c +++ b/net/ipv4/datagram.c @@ -11,7 +11,6 @@ * 2 of the License, or (at your option) any later version. */ -#include <linux/config.h> #include <linux/types.h> #include <linux/module.h> #include <linux/ip.h> diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c index 54419b27686..a7c65e9e5ec 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c @@ -27,7 +27,6 @@ * if no match found. */ -#include <linux/config.h> #include <asm/uaccess.h> #include <asm/system.h> diff --git a/net/ipv4/esp4.c b/net/ipv4/esp4.c index 9bbdd449455..4e112738b3f 100644 --- a/net/ipv4/esp4.c +++ b/net/ipv4/esp4.c @@ -1,4 +1,3 @@ -#include <linux/config.h> #include <linux/module.h> #include <net/ip.h> #include <net/xfrm.h> diff --git a/net/ipv4/fib_frontend.c b/net/ipv4/fib_frontend.c index 31387abf53a..ba2a70745a6 100644 --- a/net/ipv4/fib_frontend.c +++ b/net/ipv4/fib_frontend.c @@ -15,7 +15,6 @@ * 2 of the License, or (at your option) any later version. */ -#include <linux/config.h> #include <linux/module.h> #include <asm/uaccess.h> #include <asm/system.h> diff --git a/net/ipv4/fib_hash.c b/net/ipv4/fib_hash.c index e2890ec8159..3c1d32ad35f 100644 --- a/net/ipv4/fib_hash.c +++ b/net/ipv4/fib_hash.c @@ -15,7 +15,6 @@ * 2 of the License, or (at your option) any later version. */ -#include <linux/config.h> #include <asm/uaccess.h> #include <asm/system.h> #include <linux/bitops.h> diff --git a/net/ipv4/fib_rules.c b/net/ipv4/fib_rules.c index ec566f3e66c..6c642d11d4c 100644 --- a/net/ipv4/fib_rules.c +++ b/net/ipv4/fib_rules.c @@ -19,7 +19,6 @@ * Marc Boucher : routing by fwmark */ -#include <linux/config.h> #include <asm/uaccess.h> #include <asm/system.h> #include <linux/bitops.h> diff --git a/net/ipv4/fib_semantics.c b/net/ipv4/fib_semantics.c index 0f4145babb1..5f87533684d 100644 --- a/net/ipv4/fib_semantics.c +++ b/net/ipv4/fib_semantics.c @@ -15,7 +15,6 @@ * 2 of the License, or (at your option) any later version. */ -#include <linux/config.h> #include <asm/uaccess.h> #include <asm/system.h> #include <linux/bitops.h> diff --git a/net/ipv4/fib_trie.c b/net/ipv4/fib_trie.c index 95a639f2e3d..1cb65305e10 100644 --- a/net/ipv4/fib_trie.c +++ b/net/ipv4/fib_trie.c @@ -52,7 +52,6 @@ #define VERSION "0.407" -#include <linux/config.h> #include <asm/uaccess.h> #include <asm/system.h> #include <asm/bitops.h> diff --git a/net/ipv4/icmp.c b/net/ipv4/icmp.c index 017900172f7..4c86ac3d882 100644 --- a/net/ipv4/icmp.c +++ b/net/ipv4/icmp.c @@ -64,7 +64,6 @@ * */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> #include <linux/jiffies.h> diff --git a/net/ipv4/igmp.c b/net/ipv4/igmp.c index ab680c851aa..d299c8e547d 100644 --- a/net/ipv4/igmp.c +++ b/net/ipv4/igmp.c @@ -72,7 +72,6 @@ * Vinay Kulkarni */ -#include <linux/config.h> #include <linux/module.h> #include <asm/uaccess.h> #include <asm/system.h> diff --git a/net/ipv4/inet_connection_sock.c b/net/ipv4/inet_connection_sock.c index 9a01bb81f8b..e50a1bfd7cc 100644 --- a/net/ipv4/inet_connection_sock.c +++ b/net/ipv4/inet_connection_sock.c @@ -13,7 +13,6 @@ * 2 of the License, or(at your option) any later version. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/jhash.h> diff --git a/net/ipv4/inet_diag.c b/net/ipv4/inet_diag.c index 457db99c76d..8e7e41b66c7 100644 --- a/net/ipv4/inet_diag.c +++ b/net/ipv4/inet_diag.c @@ -11,7 +11,6 @@ * 2 of the License, or (at your option) any later version. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> #include <linux/fcntl.h> diff --git a/net/ipv4/inet_hashtables.c b/net/ipv4/inet_hashtables.c index ee9b5515b9a..95fac553299 100644 --- a/net/ipv4/inet_hashtables.c +++ b/net/ipv4/inet_hashtables.c @@ -13,7 +13,6 @@ * 2 of the License, or (at your option) any later version. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/random.h> #include <linux/sched.h> diff --git a/net/ipv4/inet_timewait_sock.c b/net/ipv4/inet_timewait_sock.c index 417f126c749..cdd805344c6 100644 --- a/net/ipv4/inet_timewait_sock.c +++ b/net/ipv4/inet_timewait_sock.c @@ -8,7 +8,6 @@ * From code orinally in TCP */ -#include <linux/config.h> #include <net/inet_hashtables.h> #include <net/inet_timewait_sock.h> diff --git a/net/ipv4/ip_forward.c b/net/ipv4/ip_forward.c index 9f0bb529ab7..a22d11d2911 100644 --- a/net/ipv4/ip_forward.c +++ b/net/ipv4/ip_forward.c @@ -21,7 +21,6 @@ * Mike McLagan : Routing by source */ -#include <linux/config.h> #include <linux/types.h> #include <linux/mm.h> #include <linux/sched.h> diff --git a/net/ipv4/ip_fragment.c b/net/ipv4/ip_fragment.c index da734c43917..b84b53a4752 100644 --- a/net/ipv4/ip_fragment.c +++ b/net/ipv4/ip_fragment.c @@ -23,7 +23,6 @@ */ #include <linux/compiler.h> -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> #include <linux/mm.h> diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c index ab99bebdcdc..6ff9b10d956 100644 --- a/net/ipv4/ip_gre.c +++ b/net/ipv4/ip_gre.c @@ -11,7 +11,6 @@ */ #include <linux/capability.h> -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> #include <linux/sched.h> diff --git a/net/ipv4/ip_input.c b/net/ipv4/ip_input.c index c9026dbf4c9..e1a7dba2fa8 100644 --- a/net/ipv4/ip_input.c +++ b/net/ipv4/ip_input.c @@ -121,7 +121,6 @@ #include <linux/kernel.h> #include <linux/string.h> #include <linux/errno.h> -#include <linux/config.h> #include <linux/net.h> #include <linux/socket.h> diff --git a/net/ipv4/ip_output.c b/net/ipv4/ip_output.c index 7624fd1d8f9..ca0e714613f 100644 --- a/net/ipv4/ip_output.c +++ b/net/ipv4/ip_output.c @@ -53,7 +53,6 @@ #include <linux/mm.h> #include <linux/string.h> #include <linux/errno.h> -#include <linux/config.h> #include <linux/socket.h> #include <linux/sockios.h> @@ -744,7 +743,7 @@ static inline int ip_ufo_append_data(struct sock *sk, if (!err) { /* specify the length of each IP datagram fragment*/ skb_shinfo(skb)->gso_size = mtu - fragheaderlen; - skb_shinfo(skb)->gso_type = SKB_GSO_UDPV4; + skb_shinfo(skb)->gso_type = SKB_GSO_UDP; __skb_queue_tail(&sk->sk_write_queue, skb); return 0; @@ -1089,7 +1088,7 @@ ssize_t ip_append_page(struct sock *sk, struct page *page, if ((sk->sk_protocol == IPPROTO_UDP) && (rt->u.dst.dev->features & NETIF_F_UFO)) { skb_shinfo(skb)->gso_size = mtu - fragheaderlen; - skb_shinfo(skb)->gso_type = SKB_GSO_UDPV4; + skb_shinfo(skb)->gso_type = SKB_GSO_UDP; } diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c index 12e0bf19f24..84f43a3c909 100644 --- a/net/ipv4/ip_sockglue.c +++ b/net/ipv4/ip_sockglue.c @@ -17,7 +17,6 @@ * Mike McLagan : Routing by source */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> #include <linux/mm.h> diff --git a/net/ipv4/ipcomp.c b/net/ipv4/ipcomp.c index 3ed8b57a100..8e037484753 100644 --- a/net/ipv4/ipcomp.c +++ b/net/ipv4/ipcomp.c @@ -13,7 +13,6 @@ * - Compression stats. * - Adaptive compression. */ -#include <linux/config.h> #include <linux/module.h> #include <asm/scatterlist.h> #include <asm/semaphore.h> diff --git a/net/ipv4/ipip.c b/net/ipv4/ipip.c index ea398ee43f2..3291d5192aa 100644 --- a/net/ipv4/ipip.c +++ b/net/ipv4/ipip.c @@ -94,7 +94,6 @@ #include <linux/capability.h> -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> #include <linux/sched.h> diff --git a/net/ipv4/ipmr.c b/net/ipv4/ipmr.c index 717ab7d6d7b..ba33f8621c6 100644 --- a/net/ipv4/ipmr.c +++ b/net/ipv4/ipmr.c @@ -28,7 +28,6 @@ * */ -#include <linux/config.h> #include <asm/system.h> #include <asm/uaccess.h> #include <linux/types.h> diff --git a/net/ipv4/ipvs/ip_vs_est.c b/net/ipv4/ipvs/ip_vs_est.c index c453e1e57f4..4c1940381ba 100644 --- a/net/ipv4/ipvs/ip_vs_est.c +++ b/net/ipv4/ipvs/ip_vs_est.c @@ -13,7 +13,6 @@ * Changes: * */ -#include <linux/config.h> #include <linux/kernel.h> #include <linux/jiffies.h> #include <linux/slab.h> diff --git a/net/ipv4/multipath_drr.c b/net/ipv4/multipath_drr.c index db67373f9b3..252e837b17a 100644 --- a/net/ipv4/multipath_drr.c +++ b/net/ipv4/multipath_drr.c @@ -12,7 +12,6 @@ * 2 of the License, or (at your option) any later version. */ -#include <linux/config.h> #include <asm/system.h> #include <asm/uaccess.h> #include <linux/types.h> diff --git a/net/ipv4/multipath_random.c b/net/ipv4/multipath_random.c index 5249dbe7c55..b8c289f247c 100644 --- a/net/ipv4/multipath_random.c +++ b/net/ipv4/multipath_random.c @@ -12,7 +12,6 @@ * 2 of the License, or (at your option) any later version. */ -#include <linux/config.h> #include <asm/system.h> #include <asm/uaccess.h> #include <linux/types.h> diff --git a/net/ipv4/multipath_rr.c b/net/ipv4/multipath_rr.c index b6cd2870478..bba5abe5542 100644 --- a/net/ipv4/multipath_rr.c +++ b/net/ipv4/multipath_rr.c @@ -12,7 +12,6 @@ * 2 of the License, or (at your option) any later version. */ -#include <linux/config.h> #include <asm/system.h> #include <asm/uaccess.h> #include <linux/types.h> diff --git a/net/ipv4/multipath_wrandom.c b/net/ipv4/multipath_wrandom.c index 342d0b9098f..d25ec4ae09e 100644 --- a/net/ipv4/multipath_wrandom.c +++ b/net/ipv4/multipath_wrandom.c @@ -12,7 +12,6 @@ * 2 of the License, or (at your option) any later version. */ -#include <linux/config.h> #include <asm/system.h> #include <asm/uaccess.h> #include <linux/types.h> diff --git a/net/ipv4/netfilter/Kconfig b/net/ipv4/netfilter/Kconfig index e1d7f5fbc52..ef0b5aac583 100644 --- a/net/ipv4/netfilter/Kconfig +++ b/net/ipv4/netfilter/Kconfig @@ -332,7 +332,7 @@ config IP_NF_MATCH_HASHLIMIT help This option adds a new iptables `hashlimit' match. - As opposed to `limit', this match dynamically crates a hash table + As opposed to `limit', this match dynamically creates a hash table of limit buckets, based on your selection of source/destination ip addresses and/or ports. diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c index d0d19192026..80c73ca9011 100644 --- a/net/ipv4/netfilter/arp_tables.c +++ b/net/ipv4/netfilter/arp_tables.c @@ -9,7 +9,6 @@ * */ -#include <linux/config.h> #include <linux/kernel.h> #include <linux/skbuff.h> #include <linux/netdevice.h> @@ -1120,7 +1119,8 @@ int arpt_register_table(struct arpt_table *table, return ret; } - if (xt_register_table(table, &bootstrap, newinfo) != 0) { + ret = xt_register_table(table, &bootstrap, newinfo); + if (ret != 0) { xt_free_table_info(newinfo); return ret; } diff --git a/net/ipv4/netfilter/ip_conntrack_core.c b/net/ipv4/netfilter/ip_conntrack_core.c index 7e4cf9a4d15..aa459177c3f 100644 --- a/net/ipv4/netfilter/ip_conntrack_core.c +++ b/net/ipv4/netfilter/ip_conntrack_core.c @@ -17,7 +17,6 @@ * - export ip_conntrack[_expect]_{find_get,put} functions * */ -#include <linux/config.h> #include <linux/types.h> #include <linux/icmp.h> #include <linux/ip.h> diff --git a/net/ipv4/netfilter/ip_conntrack_ftp.c b/net/ipv4/netfilter/ip_conntrack_ftp.c index 4dcf526c394..1d18c863f06 100644 --- a/net/ipv4/netfilter/ip_conntrack_ftp.c +++ b/net/ipv4/netfilter/ip_conntrack_ftp.c @@ -8,7 +8,6 @@ * published by the Free Software Foundation. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/netfilter.h> #include <linux/ip.h> diff --git a/net/ipv4/netfilter/ip_conntrack_helper_h323.c b/net/ipv4/netfilter/ip_conntrack_helper_h323.c index 0665674218c..af35235672d 100644 --- a/net/ipv4/netfilter/ip_conntrack_helper_h323.c +++ b/net/ipv4/netfilter/ip_conntrack_helper_h323.c @@ -11,7 +11,6 @@ * For more information, please see http://nath323.sourceforge.net/ */ -#include <linux/config.h> #include <linux/module.h> #include <linux/netfilter.h> #include <linux/ip.h> diff --git a/net/ipv4/netfilter/ip_conntrack_helper_pptp.c b/net/ipv4/netfilter/ip_conntrack_helper_pptp.c index 8ccfe17bb25..b020a33e65e 100644 --- a/net/ipv4/netfilter/ip_conntrack_helper_pptp.c +++ b/net/ipv4/netfilter/ip_conntrack_helper_pptp.c @@ -46,7 +46,6 @@ * */ -#include <linux/config.h> #include <linux/module.h> #include <linux/netfilter.h> #include <linux/ip.h> diff --git a/net/ipv4/netfilter/ip_conntrack_irc.c b/net/ipv4/netfilter/ip_conntrack_irc.c index a2ac5ce544b..44889075f3b 100644 --- a/net/ipv4/netfilter/ip_conntrack_irc.c +++ b/net/ipv4/netfilter/ip_conntrack_irc.c @@ -22,7 +22,6 @@ * */ -#include <linux/config.h> #include <linux/module.h> #include <linux/netfilter.h> #include <linux/ip.h> diff --git a/net/ipv4/netfilter/ip_conntrack_proto_gre.c b/net/ipv4/netfilter/ip_conntrack_proto_gre.c index 21ee124c046..4ee016c427b 100644 --- a/net/ipv4/netfilter/ip_conntrack_proto_gre.c +++ b/net/ipv4/netfilter/ip_conntrack_proto_gre.c @@ -23,7 +23,6 @@ * */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> #include <linux/timer.h> diff --git a/net/ipv4/netfilter/ip_conntrack_proto_sctp.c b/net/ipv4/netfilter/ip_conntrack_proto_sctp.c index 0416073c560..2d3612cd5f1 100644 --- a/net/ipv4/netfilter/ip_conntrack_proto_sctp.c +++ b/net/ipv4/netfilter/ip_conntrack_proto_sctp.c @@ -254,7 +254,7 @@ static int do_basic_checks(struct ip_conntrack *conntrack, } DEBUGP("Basic checks passed\n"); - return 0; + return count == 0; } static int new_state(enum ip_conntrack_dir dir, diff --git a/net/ipv4/netfilter/ip_conntrack_proto_tcp.c b/net/ipv4/netfilter/ip_conntrack_proto_tcp.c index c5c2ce5cdeb..fb920e76ec1 100644 --- a/net/ipv4/netfilter/ip_conntrack_proto_tcp.c +++ b/net/ipv4/netfilter/ip_conntrack_proto_tcp.c @@ -19,7 +19,6 @@ * version 2.2 */ -#include <linux/config.h> #include <linux/types.h> #include <linux/sched.h> #include <linux/timer.h> diff --git a/net/ipv4/netfilter/ip_conntrack_standalone.c b/net/ipv4/netfilter/ip_conntrack_standalone.c index 88445aac3f2..7bd3c22003a 100644 --- a/net/ipv4/netfilter/ip_conntrack_standalone.c +++ b/net/ipv4/netfilter/ip_conntrack_standalone.c @@ -12,7 +12,6 @@ * published by the Free Software Foundation. */ -#include <linux/config.h> #include <linux/types.h> #include <linux/ip.h> #include <linux/netfilter.h> diff --git a/net/ipv4/netfilter/ip_nat_helper.c b/net/ipv4/netfilter/ip_nat_helper.c index 5d506e0564d..cbcaa45370a 100644 --- a/net/ipv4/netfilter/ip_nat_helper.c +++ b/net/ipv4/netfilter/ip_nat_helper.c @@ -15,7 +15,6 @@ * - make ip_nat_resize_packet more generic (TCP and UDP) * - add ip_nat_mangle_udp_packet */ -#include <linux/config.h> #include <linux/module.h> #include <linux/kmod.h> #include <linux/types.h> diff --git a/net/ipv4/netfilter/ip_nat_helper_pptp.c b/net/ipv4/netfilter/ip_nat_helper_pptp.c index f3977726ff0..1d149964dc3 100644 --- a/net/ipv4/netfilter/ip_nat_helper_pptp.c +++ b/net/ipv4/netfilter/ip_nat_helper_pptp.c @@ -35,7 +35,6 @@ * */ -#include <linux/config.h> #include <linux/module.h> #include <linux/ip.h> #include <linux/tcp.h> diff --git a/net/ipv4/netfilter/ip_nat_proto_gre.c b/net/ipv4/netfilter/ip_nat_proto_gre.c index 96ceabaec40..38acfdf540e 100644 --- a/net/ipv4/netfilter/ip_nat_proto_gre.c +++ b/net/ipv4/netfilter/ip_nat_proto_gre.c @@ -23,7 +23,6 @@ * */ -#include <linux/config.h> #include <linux/module.h> #include <linux/ip.h> #include <linux/netfilter_ipv4/ip_nat.h> diff --git a/net/ipv4/netfilter/ip_nat_snmp_basic.c b/net/ipv4/netfilter/ip_nat_snmp_basic.c index d20d557f915..0b1b416759c 100644 --- a/net/ipv4/netfilter/ip_nat_snmp_basic.c +++ b/net/ipv4/netfilter/ip_nat_snmp_basic.c @@ -43,7 +43,6 @@ * 2000-08-06: Convert to new helper API (Harald Welte). * */ -#include <linux/config.h> #include <linux/in.h> #include <linux/module.h> #include <linux/types.h> diff --git a/net/ipv4/netfilter/ip_nat_standalone.c b/net/ipv4/netfilter/ip_nat_standalone.c index 67e676783da..17de077a790 100644 --- a/net/ipv4/netfilter/ip_nat_standalone.c +++ b/net/ipv4/netfilter/ip_nat_standalone.c @@ -18,7 +18,6 @@ * - now capable of multiple expectations for one master * */ -#include <linux/config.h> #include <linux/types.h> #include <linux/icmp.h> #include <linux/ip.h> diff --git a/net/ipv4/netfilter/ip_queue.c b/net/ipv4/netfilter/ip_queue.c index b93f0494362..198ac36db86 100644 --- a/net/ipv4/netfilter/ip_queue.c +++ b/net/ipv4/netfilter/ip_queue.c @@ -457,11 +457,19 @@ dev_cmp(struct ipq_queue_entry *entry, unsigned long ifindex) if (entry->info->indev) if (entry->info->indev->ifindex == ifindex) return 1; - if (entry->info->outdev) if (entry->info->outdev->ifindex == ifindex) return 1; - +#ifdef CONFIG_BRIDGE_NETFILTER + if (entry->skb->nf_bridge) { + if (entry->skb->nf_bridge->physindev && + entry->skb->nf_bridge->physindev->ifindex == ifindex) + return 1; + if (entry->skb->nf_bridge->physoutdev && + entry->skb->nf_bridge->physoutdev->ifindex == ifindex) + return 1; + } +#endif return 0; } @@ -507,7 +515,7 @@ ipq_rcv_skb(struct sk_buff *skb) if (type <= IPQM_BASE) return; - if (security_netlink_recv(skb)) + if (security_netlink_recv(skb, CAP_NET_ADMIN)) RCV_SKB_FAIL(-EPERM); write_lock_bh(&queue_lock); diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c index 706c0025ec5..fc5bdd5eb7d 100644 --- a/net/ipv4/netfilter/ip_tables.c +++ b/net/ipv4/netfilter/ip_tables.c @@ -14,7 +14,6 @@ * 08 Oct 2005 Harald Welte <lafore@netfilter.org> * - Generalize into "x_tables" layer and "{ip,ip6,arp}_tables" */ -#include <linux/config.h> #include <linux/cache.h> #include <linux/capability.h> #include <linux/skbuff.h> @@ -2113,7 +2112,8 @@ int ipt_register_table(struct xt_table *table, const struct ipt_replace *repl) return ret; } - if (xt_register_table(table, &bootstrap, newinfo) != 0) { + ret = xt_register_table(table, &bootstrap, newinfo); + if (ret != 0) { xt_free_table_info(newinfo); return ret; } diff --git a/net/ipv4/netfilter/ipt_CLUSTERIP.c b/net/ipv4/netfilter/ipt_CLUSTERIP.c index dbc83c5d7aa..cbffeae3f56 100644 --- a/net/ipv4/netfilter/ipt_CLUSTERIP.c +++ b/net/ipv4/netfilter/ipt_CLUSTERIP.c @@ -10,7 +10,6 @@ * */ #include <linux/module.h> -#include <linux/config.h> #include <linux/proc_fs.h> #include <linux/jhash.h> #include <linux/bitops.h> diff --git a/net/ipv4/netfilter/ipt_MASQUERADE.c b/net/ipv4/netfilter/ipt_MASQUERADE.c index 8b3e7f99b86..ebd94f2abf0 100644 --- a/net/ipv4/netfilter/ipt_MASQUERADE.c +++ b/net/ipv4/netfilter/ipt_MASQUERADE.c @@ -9,7 +9,6 @@ * published by the Free Software Foundation. */ -#include <linux/config.h> #include <linux/types.h> #include <linux/inetdevice.h> #include <linux/ip.h> diff --git a/net/ipv4/netfilter/ipt_NETMAP.c b/net/ipv4/netfilter/ipt_NETMAP.c index 2fcf1075b02..736c4b5a86a 100644 --- a/net/ipv4/netfilter/ipt_NETMAP.c +++ b/net/ipv4/netfilter/ipt_NETMAP.c @@ -10,7 +10,6 @@ * published by the Free Software Foundation. */ -#include <linux/config.h> #include <linux/ip.h> #include <linux/module.h> #include <linux/netdevice.h> diff --git a/net/ipv4/netfilter/ipt_REJECT.c b/net/ipv4/netfilter/ipt_REJECT.c index 431a3ce6f7b..269bc2067cb 100644 --- a/net/ipv4/netfilter/ipt_REJECT.c +++ b/net/ipv4/netfilter/ipt_REJECT.c @@ -12,7 +12,6 @@ * published by the Free Software Foundation. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/skbuff.h> #include <linux/ip.h> diff --git a/net/ipv4/netfilter/ipt_ULOG.c b/net/ipv4/netfilter/ipt_ULOG.c index c84cc03389d..d7dd7fe7051 100644 --- a/net/ipv4/netfilter/ipt_ULOG.c +++ b/net/ipv4/netfilter/ipt_ULOG.c @@ -47,7 +47,6 @@ */ #include <linux/module.h> -#include <linux/config.h> #include <linux/spinlock.h> #include <linux/socket.h> #include <linux/skbuff.h> diff --git a/net/ipv4/netfilter/iptable_mangle.c b/net/ipv4/netfilter/iptable_mangle.c index 397b95cc026..4e7998beda6 100644 --- a/net/ipv4/netfilter/iptable_mangle.c +++ b/net/ipv4/netfilter/iptable_mangle.c @@ -10,7 +10,6 @@ * * Extended to all five netfilter hooks by Brad Chapman & Harald Welte */ -#include <linux/config.h> #include <linux/module.h> #include <linux/netfilter_ipv4/ip_tables.h> #include <linux/netdevice.h> diff --git a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c index 8cc8e1b3677..0af803df82b 100644 --- a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c +++ b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c @@ -14,7 +14,6 @@ * Derived from net/ipv4/netfilter/ip_conntrack_standalone.c */ -#include <linux/config.h> #include <linux/types.h> #include <linux/ip.h> #include <linux/netfilter.h> diff --git a/net/ipv4/protocol.c b/net/ipv4/protocol.c index 291831e792a..05f5114828e 100644 --- a/net/ipv4/protocol.c +++ b/net/ipv4/protocol.c @@ -32,7 +32,6 @@ #include <linux/kernel.h> #include <linux/sched.h> #include <linux/string.h> -#include <linux/config.h> #include <linux/socket.h> #include <linux/in.h> #include <linux/inet.h> diff --git a/net/ipv4/route.c b/net/ipv4/route.c index 60b11aece5c..da44fabf4dc 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c @@ -64,7 +64,6 @@ * 2 of the License, or (at your option) any later version. */ -#include <linux/config.h> #include <linux/module.h> #include <asm/uaccess.h> #include <asm/system.h> diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c index ce4cd5f3551..70cea9d08a3 100644 --- a/net/ipv4/sysctl_net_ipv4.c +++ b/net/ipv4/sysctl_net_ipv4.c @@ -10,7 +10,6 @@ #include <linux/mm.h> #include <linux/module.h> #include <linux/sysctl.h> -#include <linux/config.h> #include <linux/igmp.h> #include <linux/inetdevice.h> #include <net/snmp.h> diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c index c04176be7ed..804458712d8 100644 --- a/net/ipv4/tcp.c +++ b/net/ipv4/tcp.c @@ -247,7 +247,6 @@ * TCP_CLOSE socket is finished */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> #include <linux/fcntl.h> @@ -643,7 +642,7 @@ static inline int select_size(struct sock *sk, struct tcp_sock *tp) int tmp = tp->mss_cache; if (sk->sk_route_caps & NETIF_F_SG) { - if (sk->sk_route_caps & NETIF_F_TSO) + if (sk_can_gso(sk)) tmp = 0; else { int pgbreak = SKB_MAX_HEAD(MAX_TCP_HEADER); @@ -2145,7 +2144,7 @@ int compat_tcp_getsockopt(struct sock *sk, int level, int optname, EXPORT_SYMBOL(compat_tcp_getsockopt); #endif -struct sk_buff *tcp_tso_segment(struct sk_buff *skb, int sg) +struct sk_buff *tcp_tso_segment(struct sk_buff *skb, int features) { struct sk_buff *segs = ERR_PTR(-EINVAL); struct tcphdr *th; @@ -2169,7 +2168,17 @@ struct sk_buff *tcp_tso_segment(struct sk_buff *skb, int sg) oldlen = (u16)~skb->len; __skb_pull(skb, thlen); - segs = skb_segment(skb, sg); + if (skb_gso_ok(skb, features | NETIF_F_GSO_ROBUST)) { + /* Packet is from an untrusted source, reset gso_segs. */ + int mss = skb_shinfo(skb)->gso_size; + + skb_shinfo(skb)->gso_segs = (skb->len + mss - 1) / mss; + + segs = NULL; + goto out; + } + + segs = skb_segment(skb, features); if (IS_ERR(segs)) goto out; @@ -2205,6 +2214,7 @@ struct sk_buff *tcp_tso_segment(struct sk_buff *skb, int sg) out: return segs; } +EXPORT_SYMBOL(tcp_tso_segment); extern void __skb_cb_too_small_for_tcp(int, int); extern struct tcp_congestion_ops tcp_reno; diff --git a/net/ipv4/tcp_bic.c b/net/ipv4/tcp_bic.c index b2d9021ad22..b0134ab0837 100644 --- a/net/ipv4/tcp_bic.c +++ b/net/ipv4/tcp_bic.c @@ -12,7 +12,6 @@ * this behaves the same as the original Reno. */ -#include <linux/config.h> #include <linux/mm.h> #include <linux/module.h> #include <net/tcp.h> diff --git a/net/ipv4/tcp_cong.c b/net/ipv4/tcp_cong.c index 857eefc52aa..5765f9d0317 100644 --- a/net/ipv4/tcp_cong.c +++ b/net/ipv4/tcp_cong.c @@ -6,7 +6,6 @@ * Copyright (C) 2005 Stephen Hemminger <shemminger@osdl.org> */ -#include <linux/config.h> #include <linux/module.h> #include <linux/mm.h> #include <linux/types.h> diff --git a/net/ipv4/tcp_cubic.c b/net/ipv4/tcp_cubic.c index 78b7a6b9e4d..2be27980ca7 100644 --- a/net/ipv4/tcp_cubic.c +++ b/net/ipv4/tcp_cubic.c @@ -12,7 +12,6 @@ * this behaves the same as the original Reno. */ -#include <linux/config.h> #include <linux/mm.h> #include <linux/module.h> #include <net/tcp.h> diff --git a/net/ipv4/tcp_diag.c b/net/ipv4/tcp_diag.c index c148c108188..57c5f0b10e6 100644 --- a/net/ipv4/tcp_diag.c +++ b/net/ipv4/tcp_diag.c @@ -11,7 +11,6 @@ * 2 of the License, or (at your option) any later version. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/inet_diag.h> @@ -26,7 +25,10 @@ static void tcp_diag_get_info(struct sock *sk, struct inet_diag_msg *r, const struct tcp_sock *tp = tcp_sk(sk); struct tcp_info *info = _info; - r->idiag_rqueue = tp->rcv_nxt - tp->copied_seq; + if (sk->sk_state == TCP_LISTEN) + r->idiag_rqueue = sk->sk_ack_backlog; + else + r->idiag_rqueue = tp->rcv_nxt - tp->copied_seq; r->idiag_wqueue = tp->write_seq - tp->snd_una; if (info != NULL) tcp_get_info(sk, info); diff --git a/net/ipv4/tcp_highspeed.c b/net/ipv4/tcp_highspeed.c index 1120245b237..aaa1538c069 100644 --- a/net/ipv4/tcp_highspeed.c +++ b/net/ipv4/tcp_highspeed.c @@ -6,7 +6,6 @@ * John Heffner <jheffner@psc.edu> */ -#include <linux/config.h> #include <linux/module.h> #include <net/tcp.h> diff --git a/net/ipv4/tcp_htcp.c b/net/ipv4/tcp_htcp.c index 3d92c185926..6edfe5e4510 100644 --- a/net/ipv4/tcp_htcp.c +++ b/net/ipv4/tcp_htcp.c @@ -6,7 +6,6 @@ * http://www.hamilton.ie/net/htcp3.pdf */ -#include <linux/config.h> #include <linux/mm.h> #include <linux/module.h> #include <net/tcp.h> diff --git a/net/ipv4/tcp_hybla.c b/net/ipv4/tcp_hybla.c index 40dbb387751..7406e0c5fb8 100644 --- a/net/ipv4/tcp_hybla.c +++ b/net/ipv4/tcp_hybla.c @@ -10,7 +10,6 @@ * root at danielinux.net */ -#include <linux/config.h> #include <linux/module.h> #include <net/tcp.h> diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c index 94fe5b1f9dc..738dad9f7d4 100644 --- a/net/ipv4/tcp_input.c +++ b/net/ipv4/tcp_input.c @@ -63,7 +63,6 @@ * Pasi Sarolahti: F-RTO for dealing with spurious RTOs */ -#include <linux/config.h> #include <linux/mm.h> #include <linux/module.h> #include <linux/sysctl.h> @@ -4178,8 +4177,6 @@ static int tcp_rcv_synsent_state_process(struct sock *sk, struct sk_buff *skb, */ TCP_ECN_rcv_synack(tp, th); - if (tp->ecn_flags&TCP_ECN_OK) - sock_set_flag(sk, SOCK_NO_LARGESEND); tp->snd_wl1 = TCP_SKB_CB(skb)->seq; tcp_ack(sk, skb, FLAG_SLOWPATH); @@ -4322,8 +4319,6 @@ discard: tp->max_window = tp->snd_wnd; TCP_ECN_rcv_syn(tp, th); - if (tp->ecn_flags&TCP_ECN_OK) - sock_set_flag(sk, SOCK_NO_LARGESEND); tcp_mtup_init(sk); tcp_sync_mss(sk, icsk->icsk_pmtu_cookie); diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index 25ecc6e2478..8355b729fa9 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c @@ -52,7 +52,6 @@ * a single port at the same time. */ -#include <linux/config.h> #include <linux/types.h> #include <linux/fcntl.h> @@ -242,6 +241,7 @@ int tcp_v4_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len) goto failure; /* OK, now commit destination to socket. */ + sk->sk_gso_type = SKB_GSO_TCPV4; sk_setup_caps(sk, &rt->u.dst); if (!tp->write_seq) @@ -884,6 +884,7 @@ struct sock *tcp_v4_syn_recv_sock(struct sock *sk, struct sk_buff *skb, if (!newsk) goto exit; + newsk->sk_gso_type = SKB_GSO_TCPV4; sk_setup_caps(newsk, dst); newtp = tcp_sk(newsk); @@ -1726,7 +1727,8 @@ static void get_tcp4_sock(struct sock *sp, char *tmpbuf, int i) sprintf(tmpbuf, "%4d: %08X:%04X %08X:%04X %02X %08X:%08X %02X:%08lX " "%08X %5d %8d %lu %d %p %u %u %u %u %d", i, src, srcp, dest, destp, sp->sk_state, - tp->write_seq - tp->snd_una, tp->rcv_nxt - tp->copied_seq, + tp->write_seq - tp->snd_una, + (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq), timer_active, jiffies_to_clock_t(timer_expires - jiffies), icsk->icsk_retransmits, diff --git a/net/ipv4/tcp_minisocks.c b/net/ipv4/tcp_minisocks.c index 2b9b7f6c7f7..e0851697ad5 100644 --- a/net/ipv4/tcp_minisocks.c +++ b/net/ipv4/tcp_minisocks.c @@ -20,7 +20,6 @@ * Jorge Cwik, <jorge@laser.satlink.net> */ -#include <linux/config.h> #include <linux/mm.h> #include <linux/module.h> #include <linux/sysctl.h> @@ -440,8 +439,6 @@ struct sock *tcp_create_openreq_child(struct sock *sk, struct request_sock *req, newicsk->icsk_ack.last_seg_size = skb->len - newtp->tcp_header_len; newtp->rx_opt.mss_clamp = req->mss; TCP_ECN_openreq_child(newtp, req); - if (newtp->ecn_flags&TCP_ECN_OK) - sock_set_flag(newsk, SOCK_NO_LARGESEND); TCP_INC_STATS_BH(TCP_MIB_PASSIVEOPENS); } diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c index bdd71db8bf9..5c08ea20a18 100644 --- a/net/ipv4/tcp_output.c +++ b/net/ipv4/tcp_output.c @@ -510,8 +510,7 @@ static void tcp_queue_skb(struct sock *sk, struct sk_buff *skb) static void tcp_set_skb_tso_segs(struct sock *sk, struct sk_buff *skb, unsigned int mss_now) { - if (skb->len <= mss_now || - !(sk->sk_route_caps & NETIF_F_TSO)) { + if (skb->len <= mss_now || !sk_can_gso(sk)) { /* Avoid the costly divide in the normal * non-TSO case. */ @@ -525,7 +524,7 @@ static void tcp_set_skb_tso_segs(struct sock *sk, struct sk_buff *skb, unsigned factor /= mss_now; skb_shinfo(skb)->gso_segs = factor; skb_shinfo(skb)->gso_size = mss_now; - skb_shinfo(skb)->gso_type = SKB_GSO_TCPV4; + skb_shinfo(skb)->gso_type = sk->sk_gso_type; } } @@ -824,9 +823,7 @@ unsigned int tcp_current_mss(struct sock *sk, int large_allowed) mss_now = tp->mss_cache; - if (large_allowed && - (sk->sk_route_caps & NETIF_F_TSO) && - !tp->urg_mode) + if (large_allowed && sk_can_gso(sk) && !tp->urg_mode) doing_tso = 1; if (dst) { @@ -2044,8 +2041,6 @@ struct sk_buff * tcp_make_synack(struct sock *sk, struct dst_entry *dst, memset(th, 0, sizeof(struct tcphdr)); th->syn = 1; th->ack = 1; - if (dst->dev->features&NETIF_F_TSO) - ireq->ecn_ok = 0; TCP_ECN_make_synack(req, th); th->source = inet_sk(sk)->sport; th->dest = ireq->rmt_port; diff --git a/net/ipv4/tcp_scalable.c b/net/ipv4/tcp_scalable.c index 26d7486ee50..4624501e968 100644 --- a/net/ipv4/tcp_scalable.c +++ b/net/ipv4/tcp_scalable.c @@ -5,7 +5,6 @@ * John Heffner <jheffner@sc.edu> */ -#include <linux/config.h> #include <linux/module.h> #include <net/tcp.h> diff --git a/net/ipv4/tcp_vegas.c b/net/ipv4/tcp_vegas.c index 3b740349505..490360b5b4b 100644 --- a/net/ipv4/tcp_vegas.c +++ b/net/ipv4/tcp_vegas.c @@ -31,7 +31,6 @@ * assumed senders never went idle. */ -#include <linux/config.h> #include <linux/mm.h> #include <linux/module.h> #include <linux/skbuff.h> diff --git a/net/ipv4/tcp_westwood.c b/net/ipv4/tcp_westwood.c index 4247da1384b..5446312ffd2 100644 --- a/net/ipv4/tcp_westwood.c +++ b/net/ipv4/tcp_westwood.c @@ -21,7 +21,6 @@ * ssthresh after packet loss. The probing phase is as the original Reno. */ -#include <linux/config.h> #include <linux/mm.h> #include <linux/module.h> #include <linux/skbuff.h> diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c index 3f93292b0ad..9bfcddad695 100644 --- a/net/ipv4/udp.c +++ b/net/ipv4/udp.c @@ -91,7 +91,6 @@ #include <linux/errno.h> #include <linux/timer.h> #include <linux/mm.h> -#include <linux/config.h> #include <linux/inet.h> #include <linux/ipv6.h> #include <linux/netdevice.h> diff --git a/net/ipv4/xfrm4_policy.c b/net/ipv4/xfrm4_policy.c index c0465284dfa..8f50eae47d0 100644 --- a/net/ipv4/xfrm4_policy.c +++ b/net/ipv4/xfrm4_policy.c @@ -9,7 +9,6 @@ */ #include <linux/compiler.h> -#include <linux/config.h> #include <linux/inetdevice.h> #include <net/xfrm.h> #include <net/ip.h> diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c index 4da664538f5..c250d0af10d 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c @@ -40,7 +40,6 @@ * status etc. */ -#include <linux/config.h> #include <linux/errno.h> #include <linux/types.h> #include <linux/socket.h> diff --git a/net/ipv6/af_inet6.c b/net/ipv6/af_inet6.c index e19457fe4f6..5a0ba58b86c 100644 --- a/net/ipv6/af_inet6.c +++ b/net/ipv6/af_inet6.c @@ -23,7 +23,6 @@ #include <linux/module.h> #include <linux/capability.h> -#include <linux/config.h> #include <linux/errno.h> #include <linux/types.h> #include <linux/socket.h> @@ -660,8 +659,6 @@ int inet6_sk_rebuild_header(struct sock *sk) } ip6_dst_store(sk, dst, NULL); - sk->sk_route_caps = dst->dev->features & - ~(NETIF_F_IP_CSUM | NETIF_F_TSO); } return 0; diff --git a/net/ipv6/ah6.c b/net/ipv6/ah6.c index d31c0d6c044..9d4831bd433 100644 --- a/net/ipv6/ah6.c +++ b/net/ipv6/ah6.c @@ -24,7 +24,6 @@ * This file is derived from net/ipv4/ah.c. */ -#include <linux/config.h> #include <linux/module.h> #include <net/ip.h> #include <net/ah.h> diff --git a/net/ipv6/anycast.c b/net/ipv6/anycast.c index 39ec528923f..f6881d7a038 100644 --- a/net/ipv6/anycast.c +++ b/net/ipv6/anycast.c @@ -14,7 +14,6 @@ */ #include <linux/capability.h> -#include <linux/config.h> #include <linux/module.h> #include <linux/errno.h> #include <linux/types.h> diff --git a/net/ipv6/esp6.c b/net/ipv6/esp6.c index a15a6f320f7..a278d5e862f 100644 --- a/net/ipv6/esp6.c +++ b/net/ipv6/esp6.c @@ -24,7 +24,6 @@ * This file is derived from net/ipv4/esp.c */ -#include <linux/config.h> #include <linux/module.h> #include <net/ip.h> #include <net/xfrm.h> diff --git a/net/ipv6/exthdrs.c b/net/ipv6/exthdrs.c index a18d4256372..9d0ee7f0eeb 100644 --- a/net/ipv6/exthdrs.c +++ b/net/ipv6/exthdrs.c @@ -179,7 +179,7 @@ static int ipv6_destopt_rcv(struct sk_buff **skbp) static struct inet6_protocol destopt_protocol = { .handler = ipv6_destopt_rcv, - .flags = INET6_PROTO_NOPOLICY, + .flags = INET6_PROTO_NOPOLICY | INET6_PROTO_GSO_EXTHDR, }; void __init ipv6_destopt_init(void) @@ -340,7 +340,7 @@ looped_back: static struct inet6_protocol rthdr_protocol = { .handler = ipv6_rthdr_rcv, - .flags = INET6_PROTO_NOPOLICY, + .flags = INET6_PROTO_NOPOLICY | INET6_PROTO_GSO_EXTHDR, }; void __init ipv6_rthdr_init(void) diff --git a/net/ipv6/inet6_connection_sock.c b/net/ipv6/inet6_connection_sock.c index eb2865d5ae2..5c950cc79d8 100644 --- a/net/ipv6/inet6_connection_sock.c +++ b/net/ipv6/inet6_connection_sock.c @@ -13,7 +13,6 @@ * 2 of the License, or(at your option) any later version. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/in6.h> #include <linux/ipv6.h> @@ -187,8 +186,6 @@ int inet6_csk_xmit(struct sk_buff *skb, int ipfragok) } ip6_dst_store(sk, dst, NULL); - sk->sk_route_caps = dst->dev->features & - ~(NETIF_F_IP_CSUM | NETIF_F_TSO); } skb->dst = dst_clone(dst); diff --git a/net/ipv6/inet6_hashtables.c b/net/ipv6/inet6_hashtables.c index 2ae84c96167..d2f3fc990bf 100644 --- a/net/ipv6/inet6_hashtables.c +++ b/net/ipv6/inet6_hashtables.c @@ -14,7 +14,6 @@ * 2 of the License, or (at your option) any later version. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/random.h> diff --git a/net/ipv6/ip6_fib.c b/net/ipv6/ip6_fib.c index 2cb6149349b..764221220af 100644 --- a/net/ipv6/ip6_fib.c +++ b/net/ipv6/ip6_fib.c @@ -19,7 +19,6 @@ * remove ip6_null_entry from the top of * routing table. */ -#include <linux/config.h> #include <linux/errno.h> #include <linux/types.h> #include <linux/net.h> diff --git a/net/ipv6/ip6_flowlabel.c b/net/ipv6/ip6_flowlabel.c index f9ca63912fb..1d672b0547f 100644 --- a/net/ipv6/ip6_flowlabel.c +++ b/net/ipv6/ip6_flowlabel.c @@ -10,7 +10,6 @@ */ #include <linux/capability.h> -#include <linux/config.h> #include <linux/errno.h> #include <linux/types.h> #include <linux/socket.h> diff --git a/net/ipv6/ip6_input.c b/net/ipv6/ip6_input.c index aceee252503..df8f051c0fc 100644 --- a/net/ipv6/ip6_input.c +++ b/net/ipv6/ip6_input.c @@ -84,14 +84,9 @@ int ipv6_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt */ IP6CB(skb)->iif = skb->dst ? ((struct rt6_info *)skb->dst)->rt6i_idev->dev->ifindex : dev->ifindex; - if (skb->len < sizeof(struct ipv6hdr)) + if (unlikely(!pskb_may_pull(skb, sizeof(*hdr)))) goto err; - if (!pskb_may_pull(skb, sizeof(struct ipv6hdr))) { - IP6_INC_STATS_BH(IPSTATS_MIB_INHDRERRORS); - goto drop; - } - hdr = skb->nh.ipv6h; if (hdr->version != 6) diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c index abb94de3376..2c5b44575af 100644 --- a/net/ipv6/ip6_output.c +++ b/net/ipv6/ip6_output.c @@ -28,7 +28,6 @@ * for datagram xmit */ -#include <linux/config.h> #include <linux/errno.h> #include <linux/types.h> #include <linux/string.h> @@ -230,7 +229,7 @@ int ip6_xmit(struct sock *sk, struct sk_buff *skb, struct flowi *fl, skb->priority = sk->sk_priority; mtu = dst_mtu(dst); - if ((skb->len <= mtu) || ipfragok) { + if ((skb->len <= mtu) || ipfragok || skb_shinfo(skb)->gso_size) { IP6_INC_STATS(IPSTATS_MIB_OUTREQUESTS); return NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, skb, NULL, dst->dev, dst_output); @@ -835,7 +834,7 @@ static inline int ip6_ufo_append_data(struct sock *sk, /* specify the length of each IP datagram fragment*/ skb_shinfo(skb)->gso_size = mtu - fragheaderlen - sizeof(struct frag_hdr); - skb_shinfo(skb)->gso_type = SKB_GSO_UDPV4; + skb_shinfo(skb)->gso_type = SKB_GSO_UDP; ipv6_select_ident(skb, &fhdr); skb_shinfo(skb)->ip6_frag_id = fhdr.identification; __skb_queue_tail(&sk->sk_write_queue, skb); diff --git a/net/ipv6/ip6_tunnel.c b/net/ipv6/ip6_tunnel.c index a995796b5a5..bc77c0e1a94 100644 --- a/net/ipv6/ip6_tunnel.c +++ b/net/ipv6/ip6_tunnel.c @@ -19,7 +19,6 @@ * */ -#include <linux/config.h> #include <linux/module.h> #include <linux/capability.h> #include <linux/errno.h> diff --git a/net/ipv6/ipcomp6.c b/net/ipv6/ipcomp6.c index f28cd37feed..b285b035708 100644 --- a/net/ipv6/ipcomp6.c +++ b/net/ipv6/ipcomp6.c @@ -30,7 +30,6 @@ * The decompression of IP datagram MUST be done after the reassembly, * AH/ESP processing. */ -#include <linux/config.h> #include <linux/module.h> #include <net/ip.h> #include <net/xfrm.h> diff --git a/net/ipv6/ipv6_sockglue.c b/net/ipv6/ipv6_sockglue.c index 4c20eeb3d56..c28e5c28744 100644 --- a/net/ipv6/ipv6_sockglue.c +++ b/net/ipv6/ipv6_sockglue.c @@ -27,7 +27,6 @@ #include <linux/module.h> #include <linux/capability.h> -#include <linux/config.h> #include <linux/errno.h> #include <linux/types.h> #include <linux/socket.h> @@ -58,9 +57,71 @@ DEFINE_SNMP_STAT(struct ipstats_mib, ipv6_statistics) __read_mostly; +static struct sk_buff *ipv6_gso_segment(struct sk_buff *skb, int features) +{ + struct sk_buff *segs = ERR_PTR(-EINVAL); + struct ipv6hdr *ipv6h; + struct inet6_protocol *ops; + int proto; + + if (unlikely(!pskb_may_pull(skb, sizeof(*ipv6h)))) + goto out; + + ipv6h = skb->nh.ipv6h; + proto = ipv6h->nexthdr; + __skb_pull(skb, sizeof(*ipv6h)); + + rcu_read_lock(); + for (;;) { + struct ipv6_opt_hdr *opth; + int len; + + if (proto != NEXTHDR_HOP) { + ops = rcu_dereference(inet6_protos[proto]); + + if (unlikely(!ops)) + goto unlock; + + if (!(ops->flags & INET6_PROTO_GSO_EXTHDR)) + break; + } + + if (unlikely(!pskb_may_pull(skb, 8))) + goto unlock; + + opth = (void *)skb->data; + len = opth->hdrlen * 8 + 8; + + if (unlikely(!pskb_may_pull(skb, len))) + goto unlock; + + proto = opth->nexthdr; + __skb_pull(skb, len); + } + + skb->h.raw = skb->data; + if (likely(ops->gso_segment)) + segs = ops->gso_segment(skb, features); + +unlock: + rcu_read_unlock(); + + if (unlikely(IS_ERR(segs))) + goto out; + + for (skb = segs; skb; skb = skb->next) { + ipv6h = skb->nh.ipv6h; + ipv6h->payload_len = htons(skb->len - skb->mac_len); + } + +out: + return segs; +} + static struct packet_type ipv6_packet_type = { .type = __constant_htons(ETH_P_IPV6), .func = ipv6_rcv, + .gso_segment = ipv6_gso_segment, }; struct ip6_ra_chain *ip6_ra_chain; diff --git a/net/ipv6/ipv6_syms.c b/net/ipv6/ipv6_syms.c index 16482785bdf..dd4d1ce7776 100644 --- a/net/ipv6/ipv6_syms.c +++ b/net/ipv6/ipv6_syms.c @@ -1,5 +1,4 @@ -#include <linux/config.h> #include <linux/module.h> #include <net/protocol.h> #include <net/ipv6.h> diff --git a/net/ipv6/mcast.c b/net/ipv6/mcast.c index 6e871afbb2c..9d697d4dcff 100644 --- a/net/ipv6/mcast.c +++ b/net/ipv6/mcast.c @@ -28,7 +28,6 @@ * - MLDv2 support */ -#include <linux/config.h> #include <linux/module.h> #include <linux/errno.h> #include <linux/types.h> diff --git a/net/ipv6/ndisc.c b/net/ipv6/ndisc.c index dfa20d3be9b..b50055b9278 100644 --- a/net/ipv6/ndisc.c +++ b/net/ipv6/ndisc.c @@ -48,7 +48,6 @@ #endif #include <linux/module.h> -#include <linux/config.h> #include <linux/errno.h> #include <linux/types.h> #include <linux/socket.h> diff --git a/net/ipv6/netfilter/ip6_queue.c b/net/ipv6/netfilter/ip6_queue.c index b4b7d441af2..968a14be0d0 100644 --- a/net/ipv6/netfilter/ip6_queue.c +++ b/net/ipv6/netfilter/ip6_queue.c @@ -505,7 +505,7 @@ ipq_rcv_skb(struct sk_buff *skb) if (type <= IPQM_BASE) return; - if (security_netlink_recv(skb)) + if (security_netlink_recv(skb, CAP_NET_ADMIN)) RCV_SKB_FAIL(-EPERM); write_lock_bh(&queue_lock); diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c index 2e72f89a701..7ef143c0ebf 100644 --- a/net/ipv6/netfilter/ip6_tables.c +++ b/net/ipv6/netfilter/ip6_tables.c @@ -19,7 +19,6 @@ */ #include <linux/capability.h> -#include <linux/config.h> #include <linux/in.h> #include <linux/skbuff.h> #include <linux/kmod.h> @@ -1281,7 +1280,8 @@ int ip6t_register_table(struct xt_table *table, return ret; } - if (xt_register_table(table, &bootstrap, newinfo) != 0) { + ret = xt_register_table(table, &bootstrap, newinfo); + if (ret != 0) { xt_free_table_info(newinfo); return ret; } diff --git a/net/ipv6/netfilter/ip6t_REJECT.c b/net/ipv6/netfilter/ip6t_REJECT.c index de1175c27f6..8629ba195d2 100644 --- a/net/ipv6/netfilter/ip6t_REJECT.c +++ b/net/ipv6/netfilter/ip6t_REJECT.c @@ -15,7 +15,6 @@ * 2 of the License, or (at your option) any later version. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/skbuff.h> #include <linux/icmpv6.h> diff --git a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c index 2a71c3b669f..c2ab38ff46a 100644 --- a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c +++ b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c @@ -20,7 +20,6 @@ * structures. */ -#include <linux/config.h> #include <linux/types.h> #include <linux/ipv6.h> #include <linux/in6.h> diff --git a/net/ipv6/netfilter/nf_conntrack_reasm.c b/net/ipv6/netfilter/nf_conntrack_reasm.c index c32a029e43f..00d5583807f 100644 --- a/net/ipv6/netfilter/nf_conntrack_reasm.c +++ b/net/ipv6/netfilter/nf_conntrack_reasm.c @@ -14,7 +14,6 @@ * 2 of the License, or (at your option) any later version. */ -#include <linux/config.h> #include <linux/errno.h> #include <linux/types.h> #include <linux/string.h> diff --git a/net/ipv6/proc.c b/net/ipv6/proc.c index 779ddf77f4d..efee7a6301a 100644 --- a/net/ipv6/proc.c +++ b/net/ipv6/proc.c @@ -17,7 +17,6 @@ * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. */ -#include <linux/config.h> #include <linux/sched.h> #include <linux/socket.h> #include <linux/net.h> diff --git a/net/ipv6/reassembly.c b/net/ipv6/reassembly.c index eef985e010e..4e299c69e1c 100644 --- a/net/ipv6/reassembly.c +++ b/net/ipv6/reassembly.c @@ -28,7 +28,6 @@ * YOSHIFUJI,H. @USAGI Always remove fragment header to * calculate ICV correctly. */ -#include <linux/config.h> #include <linux/errno.h> #include <linux/types.h> #include <linux/string.h> diff --git a/net/ipv6/route.c b/net/ipv6/route.c index e728980160d..87c39c978cd 100644 --- a/net/ipv6/route.c +++ b/net/ipv6/route.c @@ -25,7 +25,6 @@ */ #include <linux/capability.h> -#include <linux/config.h> #include <linux/errno.h> #include <linux/types.h> #include <linux/times.h> diff --git a/net/ipv6/sit.c b/net/ipv6/sit.c index 6578c3080f4..c56aeece2bf 100644 --- a/net/ipv6/sit.c +++ b/net/ipv6/sit.c @@ -18,7 +18,6 @@ * Nate Thompson <nate@thebog.net>: 6to4 support */ -#include <linux/config.h> #include <linux/module.h> #include <linux/capability.h> #include <linux/errno.h> diff --git a/net/ipv6/sysctl_net_ipv6.c b/net/ipv6/sysctl_net_ipv6.c index 8eff9fa1e98..7a4639db134 100644 --- a/net/ipv6/sysctl_net_ipv6.c +++ b/net/ipv6/sysctl_net_ipv6.c @@ -7,7 +7,6 @@ #include <linux/mm.h> #include <linux/sysctl.h> -#include <linux/config.h> #include <linux/in6.h> #include <linux/ipv6.h> #include <net/ndisc.h> diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c index a50eb306e9e..5bdcb9002cf 100644 --- a/net/ipv6/tcp_ipv6.c +++ b/net/ipv6/tcp_ipv6.c @@ -26,7 +26,6 @@ */ #include <linux/module.h> -#include <linux/config.h> #include <linux/errno.h> #include <linux/types.h> #include <linux/socket.h> @@ -270,9 +269,8 @@ static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr, ipv6_addr_copy(&np->saddr, saddr); inet->rcv_saddr = LOOPBACK4_IPV6; + sk->sk_gso_type = SKB_GSO_TCPV6; ip6_dst_store(sk, dst, NULL); - sk->sk_route_caps = dst->dev->features & - ~(NETIF_F_IP_CSUM | NETIF_F_TSO); icsk->icsk_ext_hdr_len = 0; if (np->opt) @@ -930,9 +928,8 @@ static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb, * comment in that function for the gory details. -acme */ + sk->sk_gso_type = SKB_GSO_TCPV6; ip6_dst_store(newsk, dst, NULL); - newsk->sk_route_caps = dst->dev->features & - ~(NETIF_F_IP_CSUM | NETIF_F_TSO); newtcp6sk = (struct tcp6_sock *)newsk; inet_sk(newsk)->pinet6 = &newtcp6sk->inet6; @@ -1469,7 +1466,8 @@ static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i) dest->s6_addr32[0], dest->s6_addr32[1], dest->s6_addr32[2], dest->s6_addr32[3], destp, sp->sk_state, - tp->write_seq-tp->snd_una, tp->rcv_nxt-tp->copied_seq, + tp->write_seq-tp->snd_una, + (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq), timer_active, jiffies_to_clock_t(timer_expires - jiffies), icsk->icsk_retransmits, @@ -1605,6 +1603,7 @@ struct proto tcpv6_prot = { static struct inet6_protocol tcpv6_protocol = { .handler = tcp_v6_rcv, .err_handler = tcp_v6_err, + .gso_segment = tcp_tso_segment, .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL, }; diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c index 8d3432a70f3..ccc57f434cd 100644 --- a/net/ipv6/udp.c +++ b/net/ipv6/udp.c @@ -23,7 +23,6 @@ * 2 of the License, or (at your option) any later version. */ -#include <linux/config.h> #include <linux/errno.h> #include <linux/types.h> #include <linux/socket.h> diff --git a/net/ipv6/xfrm6_policy.c b/net/ipv6/xfrm6_policy.c index ee715f2691e..73cd250aecb 100644 --- a/net/ipv6/xfrm6_policy.c +++ b/net/ipv6/xfrm6_policy.c @@ -12,7 +12,6 @@ */ #include <linux/compiler.h> -#include <linux/config.h> #include <linux/netdevice.h> #include <net/addrconf.h> #include <net/xfrm.h> diff --git a/net/ipv6/xfrm6_tunnel.c b/net/ipv6/xfrm6_tunnel.c index d37768e5064..6b44fe8516c 100644 --- a/net/ipv6/xfrm6_tunnel.c +++ b/net/ipv6/xfrm6_tunnel.c @@ -21,7 +21,6 @@ * Based on net/ipv4/xfrm4_tunnel.c * */ -#include <linux/config.h> #include <linux/module.h> #include <linux/xfrm.h> #include <linux/list.h> diff --git a/net/ipx/af_ipx.c b/net/ipx/af_ipx.c index 811d998725b..aa34ff4b707 100644 --- a/net/ipx/af_ipx.c +++ b/net/ipx/af_ipx.c @@ -28,7 +28,6 @@ * See net/ipx/ChangeLog. */ -#include <linux/config.h> #include <linux/capability.h> #include <linux/errno.h> #include <linux/if_arp.h> diff --git a/net/ipx/ipx_proc.c b/net/ipx/ipx_proc.c index 1f73d9ea434..4c0c71206e5 100644 --- a/net/ipx/ipx_proc.c +++ b/net/ipx/ipx_proc.c @@ -4,7 +4,6 @@ * Copyright(C) Arnaldo Carvalho de Melo <acme@conectiva.com.br>, 2002 */ -#include <linux/config.h> #include <linux/init.h> #ifdef CONFIG_PROC_FS #include <linux/proc_fs.h> diff --git a/net/ipx/ipx_route.c b/net/ipx/ipx_route.c index bba3431cd9a..a30dbb1e08f 100644 --- a/net/ipx/ipx_route.c +++ b/net/ipx/ipx_route.c @@ -7,7 +7,6 @@ * See net/ipx/ChangeLog. */ -#include <linux/config.h> #include <linux/list.h> #include <linux/route.h> #include <linux/spinlock.h> diff --git a/net/ipx/sysctl_net_ipx.c b/net/ipx/sysctl_net_ipx.c index 510eda96d10..fa574735c76 100644 --- a/net/ipx/sysctl_net_ipx.c +++ b/net/ipx/sysctl_net_ipx.c @@ -6,7 +6,6 @@ * Added /proc/sys/net/ipx/ipx_pprop_broadcasting - acme March 4, 2001 */ -#include <linux/config.h> #include <linux/mm.h> #include <linux/sysctl.h> diff --git a/net/irda/af_irda.c b/net/irda/af_irda.c index 2f37c9f35e2..7fae48a53bf 100644 --- a/net/irda/af_irda.c +++ b/net/irda/af_irda.c @@ -42,7 +42,6 @@ * ********************************************************************/ -#include <linux/config.h> #include <linux/capability.h> #include <linux/module.h> #include <linux/types.h> diff --git a/net/irda/ircomm/ircomm_core.c b/net/irda/ircomm/ircomm_core.c index 28688197885..9c4a902a9db 100644 --- a/net/irda/ircomm/ircomm_core.c +++ b/net/irda/ircomm/ircomm_core.c @@ -29,7 +29,6 @@ * ********************************************************************/ -#include <linux/config.h> #include <linux/module.h> #include <linux/sched.h> #include <linux/proc_fs.h> diff --git a/net/irda/ircomm/ircomm_tty.c b/net/irda/ircomm/ircomm_tty.c index 6f20b4206e0..b400f27851f 100644 --- a/net/irda/ircomm/ircomm_tty.c +++ b/net/irda/ircomm/ircomm_tty.c @@ -30,7 +30,6 @@ * ********************************************************************/ -#include <linux/config.h> #include <linux/init.h> #include <linux/module.h> #include <linux/fs.h> @@ -124,7 +123,6 @@ static int __init ircomm_tty_init(void) driver->owner = THIS_MODULE; driver->driver_name = "ircomm"; driver->name = "ircomm"; - driver->devfs_name = "ircomm"; driver->major = IRCOMM_TTY_MAJOR; driver->minor_start = IRCOMM_TTY_MINOR; driver->type = TTY_DRIVER_TYPE_SERIAL; diff --git a/net/irda/irda_device.c b/net/irda/irda_device.c index e3debbdb67f..ba40e5495f5 100644 --- a/net/irda/irda_device.c +++ b/net/irda/irda_device.c @@ -29,7 +29,6 @@ * ********************************************************************/ -#include <linux/config.h> #include <linux/string.h> #include <linux/proc_fs.h> #include <linux/skbuff.h> diff --git a/net/irda/iriap.c b/net/irda/iriap.c index 2d2e2b1919f..a0472652a44 100644 --- a/net/irda/iriap.c +++ b/net/irda/iriap.c @@ -24,7 +24,6 @@ * ********************************************************************/ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> #include <linux/skbuff.h> diff --git a/net/irda/irlan/irlan_client.c b/net/irda/irlan/irlan_client.c index f8e6cb0db04..95cf1234ea1 100644 --- a/net/irda/irlan/irlan_client.c +++ b/net/irda/irlan/irlan_client.c @@ -173,13 +173,14 @@ void irlan_client_discovery_indication(discinfo_t *discovery, rcu_read_lock(); self = irlan_get_any(); if (self) { - IRDA_ASSERT(self->magic == IRLAN_MAGIC, return;); + IRDA_ASSERT(self->magic == IRLAN_MAGIC, goto out;); IRDA_DEBUG(1, "%s(), Found instance (%08x)!\n", __FUNCTION__ , daddr); irlan_client_wakeup(self, saddr, daddr); } +IRDA_ASSERT_LABEL(out:) rcu_read_unlock(); } diff --git a/net/irda/irlan/irlan_common.c b/net/irda/irlan/irlan_common.c index 657d1221057..bd659dd545a 100644 --- a/net/irda/irlan/irlan_common.c +++ b/net/irda/irlan/irlan_common.c @@ -23,7 +23,6 @@ * ********************************************************************/ -#include <linux/config.h> #include <linux/module.h> #include <linux/kernel.h> diff --git a/net/irda/irlan/irlan_eth.c b/net/irda/irlan/irlan_eth.c index 953e255d2bc..b0ccc455b74 100644 --- a/net/irda/irlan/irlan_eth.c +++ b/net/irda/irlan/irlan_eth.c @@ -25,7 +25,6 @@ * ********************************************************************/ -#include <linux/config.h> #include <linux/netdevice.h> #include <linux/etherdevice.h> #include <linux/inetdevice.h> diff --git a/net/irda/irlap.c b/net/irda/irlap.c index a16528657b4..cade355ac8a 100644 --- a/net/irda/irlap.c +++ b/net/irda/irlap.c @@ -29,7 +29,6 @@ * ********************************************************************/ -#include <linux/config.h> #include <linux/slab.h> #include <linux/string.h> #include <linux/skbuff.h> diff --git a/net/irda/irlap_event.c b/net/irda/irlap_event.c index a505b545760..99faff68c39 100644 --- a/net/irda/irlap_event.c +++ b/net/irda/irlap_event.c @@ -25,7 +25,6 @@ * ********************************************************************/ -#include <linux/config.h> #include <linux/string.h> #include <linux/kernel.h> #include <linux/delay.h> diff --git a/net/irda/irlmp.c b/net/irda/irlmp.c index 57ea160f470..129ad64c15b 100644 --- a/net/irda/irlmp.c +++ b/net/irda/irlmp.c @@ -24,7 +24,6 @@ * ********************************************************************/ -#include <linux/config.h> #include <linux/module.h> #include <linux/slab.h> #include <linux/string.h> diff --git a/net/irda/irlmp_event.c b/net/irda/irlmp_event.c index 26649f6528e..4c90dd1b450 100644 --- a/net/irda/irlmp_event.c +++ b/net/irda/irlmp_event.c @@ -24,7 +24,6 @@ * ********************************************************************/ -#include <linux/config.h> #include <linux/kernel.h> #include <net/irda/irda.h> diff --git a/net/irda/irlmp_frame.c b/net/irda/irlmp_frame.c index 91cd268172f..39761a1d18f 100644 --- a/net/irda/irlmp_frame.c +++ b/net/irda/irlmp_frame.c @@ -24,7 +24,6 @@ * ********************************************************************/ -#include <linux/config.h> #include <linux/skbuff.h> #include <linux/kernel.h> diff --git a/net/irda/irmod.c b/net/irda/irmod.c index 634901dd156..2869b16e417 100644 --- a/net/irda/irmod.c +++ b/net/irda/irmod.c @@ -31,7 +31,6 @@ * Jean II */ -#include <linux/config.h> #include <linux/module.h> #include <linux/moduleparam.h> diff --git a/net/irda/irnet/irnet.h b/net/irda/irnet/irnet.h index e4fe1e80029..80887528e77 100644 --- a/net/irda/irnet/irnet.h +++ b/net/irda/irnet/irnet.h @@ -244,12 +244,10 @@ #include <linux/skbuff.h> #include <linux/tty.h> #include <linux/proc_fs.h> -#include <linux/devfs_fs_kernel.h> #include <linux/netdevice.h> #include <linux/miscdevice.h> #include <linux/poll.h> #include <linux/capability.h> -#include <linux/config.h> #include <linux/ctype.h> /* isspace() */ #include <asm/uaccess.h> #include <linux/init.h> diff --git a/net/irda/irsysctl.c b/net/irda/irsysctl.c index 1b1c4193359..86805c3d832 100644 --- a/net/irda/irsysctl.c +++ b/net/irda/irsysctl.c @@ -23,7 +23,6 @@ * ********************************************************************/ -#include <linux/config.h> #include <linux/mm.h> #include <linux/ctype.h> #include <linux/sysctl.h> diff --git a/net/irda/irttp.c b/net/irda/irttp.c index 8aff254cb41..49c51c5f1a8 100644 --- a/net/irda/irttp.c +++ b/net/irda/irttp.c @@ -24,7 +24,6 @@ * ********************************************************************/ -#include <linux/config.h> #include <linux/skbuff.h> #include <linux/init.h> #include <linux/seq_file.h> diff --git a/net/irda/qos.c b/net/irda/qos.c index ddfb5c502a9..95a69c013ee 100644 --- a/net/irda/qos.c +++ b/net/irda/qos.c @@ -30,7 +30,6 @@ * ********************************************************************/ -#include <linux/config.h> #include <asm/byteorder.h> #include <net/irda/irda.h> diff --git a/net/irda/timer.c b/net/irda/timer.c index 0e17f976add..3871a2b911f 100644 --- a/net/irda/timer.c +++ b/net/irda/timer.c @@ -25,7 +25,6 @@ ********************************************************************/ #include <asm/system.h> -#include <linux/config.h> #include <linux/delay.h> #include <net/irda/timer.h> diff --git a/net/key/af_key.c b/net/key/af_key.c index d5e2121ea20..3a95b2ee469 100644 --- a/net/key/af_key.c +++ b/net/key/af_key.c @@ -14,7 +14,6 @@ * Derek Atkins <derek@ihtfp.com> */ -#include <linux/config.h> #include <linux/capability.h> #include <linux/module.h> #include <linux/kernel.h> diff --git a/net/llc/af_llc.c b/net/llc/af_llc.c index 75c9b148080..d6cfe84d521 100644 --- a/net/llc/af_llc.c +++ b/net/llc/af_llc.c @@ -20,7 +20,6 @@ * * See the GNU General Public License for more details. */ -#include <linux/config.h> #include <linux/compiler.h> #include <linux/kernel.h> #include <linux/module.h> diff --git a/net/llc/llc_if.c b/net/llc/llc_if.c index 5ae47be7dde..a89917130a7 100644 --- a/net/llc/llc_if.c +++ b/net/llc/llc_if.c @@ -11,7 +11,6 @@ * * See the GNU General Public License for more details. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/kernel.h> #include <linux/netdevice.h> diff --git a/net/llc/llc_proc.c b/net/llc/llc_proc.c index bd531cb235a..19308fece3a 100644 --- a/net/llc/llc_proc.c +++ b/net/llc/llc_proc.c @@ -12,7 +12,6 @@ * See the GNU General Public License for more details. */ -#include <linux/config.h> #include <linux/init.h> #include <linux/kernel.h> #include <linux/proc_fs.h> diff --git a/net/llc/llc_station.c b/net/llc/llc_station.c index f37dbf8ef12..8275bd33bd9 100644 --- a/net/llc/llc_station.c +++ b/net/llc/llc_station.c @@ -11,7 +11,6 @@ * * See the GNU General Public License for more details. */ -#include <linux/config.h> #include <linux/init.h> #include <linux/module.h> #include <net/llc.h> diff --git a/net/llc/sysctl_net_llc.c b/net/llc/sysctl_net_llc.c index d1eaddb1363..45d7dd92a08 100644 --- a/net/llc/sysctl_net_llc.c +++ b/net/llc/sysctl_net_llc.c @@ -4,7 +4,6 @@ * Arnaldo Carvalho de Melo <acme@conectiva.com.br> */ -#include <linux/config.h> #include <linux/mm.h> #include <linux/init.h> #include <linux/sysctl.h> diff --git a/net/netfilter/Kconfig b/net/netfilter/Kconfig index b1622b7de1c..42a178aa30f 100644 --- a/net/netfilter/Kconfig +++ b/net/netfilter/Kconfig @@ -411,7 +411,10 @@ config NETFILTER_XT_MATCH_STATISTIC tristate '"statistic" match support' depends on NETFILTER_XTABLES help - statistic module + This option adds a `statistic' match, which allows you to match + on packets periodically or randomly with a given percentage. + + To compile it as a module, choose M here. If unsure, say N. config NETFILTER_XT_MATCH_STRING tristate '"string" match support' diff --git a/net/netfilter/core.c b/net/netfilter/core.c index 8455a32ea5c..5d29d5e2362 100644 --- a/net/netfilter/core.c +++ b/net/netfilter/core.c @@ -10,7 +10,6 @@ * 15-Mar-2000: Added NF_REPEAT --RR. * 08-May-2003: Internal logging interface added by Jozsef Kadlecsik. */ -#include <linux/config.h> #include <linux/kernel.h> #include <linux/netfilter.h> #include <net/protocol.h> diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c index cd299f4b7db..8f2261965a6 100644 --- a/net/netfilter/nf_conntrack_core.c +++ b/net/netfilter/nf_conntrack_core.c @@ -29,7 +29,6 @@ * Derived from net/ipv4/netfilter/ip_conntrack_core.c */ -#include <linux/config.h> #include <linux/types.h> #include <linux/netfilter.h> #include <linux/module.h> diff --git a/net/netfilter/nf_conntrack_ftp.c b/net/netfilter/nf_conntrack_ftp.c index 11d3be24353..960972d225f 100644 --- a/net/netfilter/nf_conntrack_ftp.c +++ b/net/netfilter/nf_conntrack_ftp.c @@ -15,7 +15,6 @@ * Derived from net/ipv4/netfilter/ip_conntrack_ftp.c */ -#include <linux/config.h> #include <linux/module.h> #include <linux/moduleparam.h> #include <linux/netfilter.h> diff --git a/net/netfilter/nf_conntrack_l3proto_generic.c b/net/netfilter/nf_conntrack_l3proto_generic.c index 3fc58e454d4..21e0bc91cf2 100644 --- a/net/netfilter/nf_conntrack_l3proto_generic.c +++ b/net/netfilter/nf_conntrack_l3proto_generic.c @@ -15,7 +15,6 @@ * Yasuyuki Kozakai @USAGI <yasuyuki.kozakai@toshiba.co.jp> */ -#include <linux/config.h> #include <linux/types.h> #include <linux/ip.h> #include <linux/netfilter.h> diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c index b8c7c567c9d..af4845971f7 100644 --- a/net/netfilter/nf_conntrack_netlink.c +++ b/net/netfilter/nf_conntrack_netlink.c @@ -29,6 +29,7 @@ #include <linux/errno.h> #include <linux/netlink.h> #include <linux/spinlock.h> +#include <linux/interrupt.h> #include <linux/notifier.h> #include <linux/netfilter.h> diff --git a/net/netfilter/nf_conntrack_proto_sctp.c b/net/netfilter/nf_conntrack_proto_sctp.c index 0c6da496cfa..9bd8a7877fd 100644 --- a/net/netfilter/nf_conntrack_proto_sctp.c +++ b/net/netfilter/nf_conntrack_proto_sctp.c @@ -28,6 +28,8 @@ #include <linux/sctp.h> #include <linux/string.h> #include <linux/seq_file.h> +#include <linux/spinlock.h> +#include <linux/interrupt.h> #include <net/netfilter/nf_conntrack.h> #include <net/netfilter/nf_conntrack_protocol.h> @@ -259,7 +261,7 @@ static int do_basic_checks(struct nf_conn *conntrack, } DEBUGP("Basic checks passed\n"); - return 0; + return count == 0; } static int new_state(enum ip_conntrack_dir dir, diff --git a/net/netfilter/nf_conntrack_proto_tcp.c b/net/netfilter/nf_conntrack_proto_tcp.c index 12fb7c0a150..af8adcba23a 100644 --- a/net/netfilter/nf_conntrack_proto_tcp.c +++ b/net/netfilter/nf_conntrack_proto_tcp.c @@ -24,7 +24,6 @@ * version 2.2 */ -#include <linux/config.h> #include <linux/types.h> #include <linux/sched.h> #include <linux/timer.h> diff --git a/net/netfilter/nf_conntrack_standalone.c b/net/netfilter/nf_conntrack_standalone.c index e34c574f035..5fcab2ef231 100644 --- a/net/netfilter/nf_conntrack_standalone.c +++ b/net/netfilter/nf_conntrack_standalone.c @@ -17,7 +17,6 @@ * Derived from net/ipv4/netfilter/ip_conntrack_standalone.c */ -#include <linux/config.h> #include <linux/types.h> #include <linux/netfilter.h> #include <linux/module.h> diff --git a/net/netfilter/nf_internals.h b/net/netfilter/nf_internals.h index 6bdee291061..86e392bfe83 100644 --- a/net/netfilter/nf_internals.h +++ b/net/netfilter/nf_internals.h @@ -1,7 +1,6 @@ #ifndef _NF_INTERNALS_H #define _NF_INTERNALS_H -#include <linux/config.h> #include <linux/list.h> #include <linux/skbuff.h> #include <linux/netdevice.h> diff --git a/net/netfilter/nf_log.c b/net/netfilter/nf_log.c index 3e76bd0824a..8901b3a07f7 100644 --- a/net/netfilter/nf_log.c +++ b/net/netfilter/nf_log.c @@ -1,4 +1,3 @@ -#include <linux/config.h> #include <linux/kernel.h> #include <linux/init.h> #include <linux/module.h> diff --git a/net/netfilter/nf_queue.c b/net/netfilter/nf_queue.c index ee8f70889f4..bb6fcee452c 100644 --- a/net/netfilter/nf_queue.c +++ b/net/netfilter/nf_queue.c @@ -1,4 +1,3 @@ -#include <linux/config.h> #include <linux/kernel.h> #include <linux/init.h> #include <linux/module.h> diff --git a/net/netfilter/nf_sockopt.c b/net/netfilter/nf_sockopt.c index 0a63d7dac7b..c2e44e90e43 100644 --- a/net/netfilter/nf_sockopt.c +++ b/net/netfilter/nf_sockopt.c @@ -1,4 +1,3 @@ -#include <linux/config.h> #include <linux/kernel.h> #include <linux/init.h> #include <linux/module.h> diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c index b88e82a1a98..52fdfa2686c 100644 --- a/net/netfilter/nfnetlink.c +++ b/net/netfilter/nfnetlink.c @@ -14,7 +14,6 @@ * of the GNU General Public License, incorporated herein by reference. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> #include <linux/socket.h> @@ -229,7 +228,7 @@ static int nfnetlink_rcv_msg(struct sk_buff *skb, NFNL_SUBSYS_ID(nlh->nlmsg_type), NFNL_MSG_TYPE(nlh->nlmsg_type)); - if (!cap_raised(NETLINK_CB(skb).eff_cap, CAP_NET_ADMIN)) { + if (security_netlink_recv(skb, CAP_NET_ADMIN)) { DEBUGP("missing CAP_NET_ADMIN\n"); *errp = -EPERM; return -1; diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c index 86a4ac33de3..49ef41e34c4 100644 --- a/net/netfilter/nfnetlink_queue.c +++ b/net/netfilter/nfnetlink_queue.c @@ -680,11 +680,19 @@ dev_cmp(struct nfqnl_queue_entry *entry, unsigned long ifindex) if (entinf->indev) if (entinf->indev->ifindex == ifindex) return 1; - if (entinf->outdev) if (entinf->outdev->ifindex == ifindex) return 1; - +#ifdef CONFIG_BRIDGE_NETFILTER + if (entry->skb->nf_bridge) { + if (entry->skb->nf_bridge->physindev && + entry->skb->nf_bridge->physindev->ifindex == ifindex) + return 1; + if (entry->skb->nf_bridge->physoutdev && + entry->skb->nf_bridge->physoutdev->ifindex == ifindex) + return 1; + } +#endif return 0; } diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c index 99293c63ff7..174e8f97009 100644 --- a/net/netfilter/x_tables.c +++ b/net/netfilter/x_tables.c @@ -13,7 +13,6 @@ * */ -#include <linux/config.h> #include <linux/kernel.h> #include <linux/socket.h> #include <linux/net.h> diff --git a/net/netfilter/xt_policy.c b/net/netfilter/xt_policy.c index a3aa62fbda6..ba1ca03abad 100644 --- a/net/netfilter/xt_policy.c +++ b/net/netfilter/xt_policy.c @@ -8,7 +8,6 @@ */ #include <linux/kernel.h> -#include <linux/config.h> #include <linux/module.h> #include <linux/skbuff.h> #include <linux/init.h> diff --git a/net/netfilter/xt_sctp.c b/net/netfilter/xt_sctp.c index 9316c753692..843383e01d4 100644 --- a/net/netfilter/xt_sctp.c +++ b/net/netfilter/xt_sctp.c @@ -151,7 +151,7 @@ match(const struct sk_buff *skb, && SCCHECK(((ntohs(sh->dest) >= info->dpts[0]) && (ntohs(sh->dest) <= info->dpts[1])), XT_SCTP_DEST_PORTS, info->flags, info->invflags) - && SCCHECK(match_packet(skb, protoff, + && SCCHECK(match_packet(skb, protoff + sizeof (sctp_sctphdr_t), info->chunkmap, info->chunk_match_type, info->flag_info, info->flag_count, hotdrop), diff --git a/net/netfilter/xt_tcpudp.c b/net/netfilter/xt_tcpudp.c index 1b61dac9c87..a9a63aa6893 100644 --- a/net/netfilter/xt_tcpudp.c +++ b/net/netfilter/xt_tcpudp.c @@ -260,7 +260,7 @@ static int __init xt_tcpudp_init(void) return ret; out_unreg_udp: - xt_unregister_match(&tcp_matchstruct); + xt_unregister_match(&udp_matchstruct); out_unreg_tcp6: xt_unregister_match(&tcp6_matchstruct); out_unreg_tcp: diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c index 3862e73d14d..70cee82a98b 100644 --- a/net/netlink/af_netlink.c +++ b/net/netlink/af_netlink.c @@ -21,7 +21,6 @@ * mandatory if CONFIG_NET=y these days */ -#include <linux/config.h> #include <linux/module.h> #include <linux/capability.h> diff --git a/net/netlink/attr.c b/net/netlink/attr.c index fffef4ab276..dddbd15135a 100644 --- a/net/netlink/attr.c +++ b/net/netlink/attr.c @@ -5,7 +5,6 @@ * Alexey Kuznetsov <kuznet@ms2.inr.ac.ru> */ -#include <linux/config.h> #include <linux/module.h> #include <linux/kernel.h> #include <linux/errno.h> diff --git a/net/netlink/genetlink.c b/net/netlink/genetlink.c index f329b72578f..a298f77cc3e 100644 --- a/net/netlink/genetlink.c +++ b/net/netlink/genetlink.c @@ -5,7 +5,6 @@ * Thomas Graf <tgraf@suug.ch> */ -#include <linux/config.h> #include <linux/module.h> #include <linux/kernel.h> #include <linux/errno.h> @@ -320,7 +319,7 @@ static int genl_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh, goto errout; } - if ((ops->flags & GENL_ADMIN_PERM) && security_netlink_recv(skb)) { + if ((ops->flags & GENL_ADMIN_PERM) && security_netlink_recv(skb, CAP_NET_ADMIN)) { err = -EPERM; goto errout; } diff --git a/net/netrom/af_netrom.c b/net/netrom/af_netrom.c index 3669cb953e6..eba6df054b1 100644 --- a/net/netrom/af_netrom.c +++ b/net/netrom/af_netrom.c @@ -8,7 +8,6 @@ * Copyright Alan Cox GW4PTS (alan@lxorguk.ukuu.org.uk) * Copyright Darryl Miles G7LED (dlm@g7led.demon.co.uk) */ -#include <linux/config.h> #include <linux/module.h> #include <linux/moduleparam.h> #include <linux/capability.h> diff --git a/net/netrom/nr_dev.c b/net/netrom/nr_dev.c index 621e5586ab0..9b8eb54971a 100644 --- a/net/netrom/nr_dev.c +++ b/net/netrom/nr_dev.c @@ -6,7 +6,6 @@ * * Copyright Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk) */ -#include <linux/config.h> #include <linux/module.h> #include <linux/proc_fs.h> #include <linux/kernel.h> diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c index 9db7dbdb16e..f9cef367159 100644 --- a/net/packet/af_packet.c +++ b/net/packet/af_packet.c @@ -49,7 +49,6 @@ * */ -#include <linux/config.h> #include <linux/types.h> #include <linux/sched.h> #include <linux/mm.h> diff --git a/net/rose/af_rose.c b/net/rose/af_rose.c index 55564efccf1..7799fe82aeb 100644 --- a/net/rose/af_rose.c +++ b/net/rose/af_rose.c @@ -10,7 +10,6 @@ * Copyright (C) Tomi Manninen OH2BNS (oh2bns@sral.fi) */ -#include <linux/config.h> #include <linux/capability.h> #include <linux/module.h> #include <linux/moduleparam.h> diff --git a/net/rose/rose_dev.c b/net/rose/rose_dev.c index 2a1bf8e119e..9d0bf2a1ea3 100644 --- a/net/rose/rose_dev.c +++ b/net/rose/rose_dev.c @@ -6,7 +6,6 @@ * * Copyright (C) Jonathan Naylor G4KLX (g4klx@g4klx.demon.co.uk) */ -#include <linux/config.h> #include <linux/module.h> #include <linux/proc_fs.h> #include <linux/kernel.h> diff --git a/net/rxrpc/rxrpc_syms.c b/net/rxrpc/rxrpc_syms.c index 56adf16fed0..9896fd87a4d 100644 --- a/net/rxrpc/rxrpc_syms.c +++ b/net/rxrpc/rxrpc_syms.c @@ -9,7 +9,6 @@ * 2 of the License, or (at your option) any later version. */ -#include <linux/config.h> #include <linux/module.h> #include <rxrpc/transport.h> diff --git a/net/rxrpc/sysctl.c b/net/rxrpc/sysctl.c index fbf98729c74..6374df7e77d 100644 --- a/net/rxrpc/sysctl.c +++ b/net/rxrpc/sysctl.c @@ -9,7 +9,6 @@ * 2 of the License, or (at your option) any later version. */ -#include <linux/config.h> #include <linux/sched.h> #include <linux/slab.h> #include <linux/module.h> diff --git a/net/sched/Kconfig b/net/sched/Kconfig index 13eeee58288..8298ea9ffe1 100644 --- a/net/sched/Kconfig +++ b/net/sched/Kconfig @@ -305,7 +305,7 @@ config NET_CLS_U32 tristate "Universal 32bit comparisons w/ hashing (U32)" select NET_CLS ---help--- - Say Y here to be able to classify packetes using a universal + Say Y here to be able to classify packets using a universal 32bit pieces based comparison scheme. To compile this code as a module, choose M here: the @@ -485,7 +485,7 @@ config NET_ACT_IPT tristate "IPtables targets" depends on NET_CLS_ACT && NETFILTER && IP_NF_IPTABLES ---help--- - Say Y here to be able to invoke iptables targets after succesful + Say Y here to be able to invoke iptables targets after successful classification. To compile this code as a module, choose M here: the @@ -537,8 +537,8 @@ config NET_ESTIMATOR ---help--- Say Y here to allow using rate estimators to estimate the current rate-of-flow for network devices, queues, etc. This module is - automaticaly selected if needed but can be selected manually for - statstical purposes. + automatically selected if needed but can be selected manually for + statistical purposes. endif # NET_SCHED diff --git a/net/sched/act_api.c b/net/sched/act_api.c index 2ffa11c6e8d..5b9397b3323 100644 --- a/net/sched/act_api.c +++ b/net/sched/act_api.c @@ -14,7 +14,6 @@ #include <asm/uaccess.h> #include <asm/system.h> #include <linux/bitops.h> -#include <linux/config.h> #include <linux/types.h> #include <linux/kernel.h> #include <linux/sched.h> diff --git a/net/sched/act_gact.c b/net/sched/act_gact.c index a1e68f78dcc..e75a147ad60 100644 --- a/net/sched/act_gact.c +++ b/net/sched/act_gact.c @@ -13,7 +13,6 @@ #include <asm/uaccess.h> #include <asm/system.h> #include <linux/bitops.h> -#include <linux/config.h> #include <linux/types.h> #include <linux/kernel.h> #include <linux/sched.h> diff --git a/net/sched/act_ipt.c b/net/sched/act_ipt.c index 37640c6fc01..d799e01248c 100644 --- a/net/sched/act_ipt.c +++ b/net/sched/act_ipt.c @@ -14,7 +14,6 @@ #include <asm/uaccess.h> #include <asm/system.h> #include <asm/bitops.h> -#include <linux/config.h> #include <linux/types.h> #include <linux/kernel.h> #include <linux/sched.h> diff --git a/net/sched/act_mirred.c b/net/sched/act_mirred.c index 4fcccbd5088..fc562047ecc 100644 --- a/net/sched/act_mirred.c +++ b/net/sched/act_mirred.c @@ -15,7 +15,6 @@ #include <asm/uaccess.h> #include <asm/system.h> #include <asm/bitops.h> -#include <linux/config.h> #include <linux/types.h> #include <linux/kernel.h> #include <linux/sched.h> diff --git a/net/sched/act_pedit.c b/net/sched/act_pedit.c index 1742a68e012..58b3a865204 100644 --- a/net/sched/act_pedit.c +++ b/net/sched/act_pedit.c @@ -12,7 +12,6 @@ #include <asm/uaccess.h> #include <asm/system.h> #include <asm/bitops.h> -#include <linux/config.h> #include <linux/types.h> #include <linux/kernel.h> #include <linux/sched.h> diff --git a/net/sched/act_police.c b/net/sched/act_police.c index 24c348fa892..47e00bd9625 100644 --- a/net/sched/act_police.c +++ b/net/sched/act_police.c @@ -13,7 +13,6 @@ #include <asm/uaccess.h> #include <asm/system.h> #include <linux/bitops.h> -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> #include <linux/kernel.h> diff --git a/net/sched/act_simple.c b/net/sched/act_simple.c index e5f2e1f431e..17105c82537 100644 --- a/net/sched/act_simple.c +++ b/net/sched/act_simple.c @@ -10,7 +10,6 @@ * */ -#include <linux/config.h> #include <linux/module.h> #include <linux/init.h> #include <linux/kernel.h> diff --git a/net/sched/cls_api.c b/net/sched/cls_api.c index b4d89fbb378..7e14f14058e 100644 --- a/net/sched/cls_api.c +++ b/net/sched/cls_api.c @@ -17,7 +17,6 @@ #include <asm/uaccess.h> #include <asm/system.h> #include <linux/bitops.h> -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> #include <linux/kernel.h> diff --git a/net/sched/cls_basic.c b/net/sched/cls_basic.c index dfb300bb6ba..61507f006b1 100644 --- a/net/sched/cls_basic.c +++ b/net/sched/cls_basic.c @@ -9,7 +9,6 @@ * Authors: Thomas Graf <tgraf@suug.ch> */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> #include <linux/kernel.h> diff --git a/net/sched/cls_fw.c b/net/sched/cls_fw.c index 75470486e40..d41de91fc4f 100644 --- a/net/sched/cls_fw.c +++ b/net/sched/cls_fw.c @@ -18,7 +18,6 @@ * */ -#include <linux/config.h> #include <linux/module.h> #include <asm/uaccess.h> #include <asm/system.h> diff --git a/net/sched/cls_route.c b/net/sched/cls_route.c index 520ff716dab..c2e71900f7b 100644 --- a/net/sched/cls_route.c +++ b/net/sched/cls_route.c @@ -10,7 +10,6 @@ */ #include <linux/module.h> -#include <linux/config.h> #include <asm/uaccess.h> #include <asm/system.h> #include <linux/bitops.h> diff --git a/net/sched/cls_rsvp.h b/net/sched/cls_rsvp.h index 572f06be3b0..ba874197162 100644 --- a/net/sched/cls_rsvp.h +++ b/net/sched/cls_rsvp.h @@ -65,7 +65,6 @@ Well, as result, despite its simplicity, we get a pretty powerful classification engine. */ -#include <linux/config.h> struct rsvp_head { diff --git a/net/sched/cls_tcindex.c b/net/sched/cls_tcindex.c index 9f921174c8a..7870e7bb0ba 100644 --- a/net/sched/cls_tcindex.c +++ b/net/sched/cls_tcindex.c @@ -4,7 +4,6 @@ * Written 1998,1999 by Werner Almesberger, EPFL ICA */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> #include <linux/kernel.h> diff --git a/net/sched/cls_u32.c b/net/sched/cls_u32.c index 78e052591fa..d712edcd1bc 100644 --- a/net/sched/cls_u32.c +++ b/net/sched/cls_u32.c @@ -33,7 +33,6 @@ #include <asm/uaccess.h> #include <asm/system.h> #include <linux/bitops.h> -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> #include <linux/kernel.h> diff --git a/net/sched/em_cmp.c b/net/sched/em_cmp.c index bf1f00f8b1b..8ed93c39b4e 100644 --- a/net/sched/em_cmp.c +++ b/net/sched/em_cmp.c @@ -9,7 +9,6 @@ * Authors: Thomas Graf <tgraf@suug.ch> */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> #include <linux/kernel.h> diff --git a/net/sched/em_meta.c b/net/sched/em_meta.c index 700844d49d7..698372954f4 100644 --- a/net/sched/em_meta.c +++ b/net/sched/em_meta.c @@ -58,7 +58,6 @@ * only available if that subsytem is enabled in the kernel. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> #include <linux/kernel.h> diff --git a/net/sched/em_nbyte.c b/net/sched/em_nbyte.c index 71ea926a9f0..cc80babfd79 100644 --- a/net/sched/em_nbyte.c +++ b/net/sched/em_nbyte.c @@ -9,7 +9,6 @@ * Authors: Thomas Graf <tgraf@suug.ch> */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> #include <linux/kernel.h> diff --git a/net/sched/em_text.c b/net/sched/em_text.c index 77beabc91fa..aa17d8f7c4c 100644 --- a/net/sched/em_text.c +++ b/net/sched/em_text.c @@ -9,7 +9,6 @@ * Authors: Thomas Graf <tgraf@suug.ch> */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> #include <linux/kernel.h> diff --git a/net/sched/em_u32.c b/net/sched/em_u32.c index 34e7e51e601..e3ddfce0ac8 100644 --- a/net/sched/em_u32.c +++ b/net/sched/em_u32.c @@ -12,7 +12,6 @@ * Based on net/sched/cls_u32.c */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> #include <linux/kernel.h> diff --git a/net/sched/ematch.c b/net/sched/ematch.c index 5cb956b721e..2405a86093a 100644 --- a/net/sched/ematch.c +++ b/net/sched/ematch.c @@ -81,7 +81,6 @@ * open up a beer to watch the compilation going. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> #include <linux/kernel.h> diff --git a/net/sched/sch_api.c b/net/sched/sch_api.c index 31570b9a6e9..c7844bacbbc 100644 --- a/net/sched/sch_api.c +++ b/net/sched/sch_api.c @@ -15,7 +15,6 @@ * Jamal Hadi Salim <hadi@nortelnetworks.com>: 990601: ingress support */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> #include <linux/kernel.h> diff --git a/net/sched/sch_atm.c b/net/sched/sch_atm.c index ac7cb60d1e2..dbf44da0912 100644 --- a/net/sched/sch_atm.c +++ b/net/sched/sch_atm.c @@ -3,7 +3,6 @@ /* Written 1998-2000 by Werner Almesberger, EPFL ICA */ -#include <linux/config.h> #include <linux/module.h> #include <linux/init.h> #include <linux/string.h> diff --git a/net/sched/sch_blackhole.c b/net/sched/sch_blackhole.c index 81f0b8346d1..cb0c456aa34 100644 --- a/net/sched/sch_blackhole.c +++ b/net/sched/sch_blackhole.c @@ -11,7 +11,6 @@ * Note: Quantum tunneling is not supported. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> #include <linux/kernel.h> diff --git a/net/sched/sch_cbq.c b/net/sched/sch_cbq.c index 6cd81708bf7..80b7f6a8d00 100644 --- a/net/sched/sch_cbq.c +++ b/net/sched/sch_cbq.c @@ -10,7 +10,6 @@ * */ -#include <linux/config.h> #include <linux/module.h> #include <asm/uaccess.h> #include <asm/system.h> diff --git a/net/sched/sch_dsmark.c b/net/sched/sch_dsmark.c index f6320ca7049..11c8a2119b9 100644 --- a/net/sched/sch_dsmark.c +++ b/net/sched/sch_dsmark.c @@ -3,7 +3,6 @@ /* Written 1998-2000 by Werner Almesberger, EPFL ICA */ -#include <linux/config.h> #include <linux/module.h> #include <linux/init.h> #include <linux/types.h> diff --git a/net/sched/sch_fifo.c b/net/sched/sch_fifo.c index 033083bf0e7..c2689f4ba8d 100644 --- a/net/sched/sch_fifo.c +++ b/net/sched/sch_fifo.c @@ -9,7 +9,6 @@ * Authors: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru> */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> #include <linux/kernel.h> diff --git a/net/sched/sch_generic.c b/net/sched/sch_generic.c index 74d4a1dceee..d735f51686a 100644 --- a/net/sched/sch_generic.c +++ b/net/sched/sch_generic.c @@ -14,7 +14,6 @@ #include <asm/uaccess.h> #include <asm/system.h> #include <linux/bitops.h> -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> #include <linux/kernel.h> diff --git a/net/sched/sch_gred.c b/net/sched/sch_gred.c index 29a2dd9f302..0cafdd5feb1 100644 --- a/net/sched/sch_gred.c +++ b/net/sched/sch_gred.c @@ -18,7 +18,6 @@ * For all the glorious comments look at include/net/red.h */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> #include <linux/kernel.h> diff --git a/net/sched/sch_hfsc.c b/net/sched/sch_hfsc.c index f1c7bd29f2c..6b1b4a981e8 100644 --- a/net/sched/sch_hfsc.c +++ b/net/sched/sch_hfsc.c @@ -50,7 +50,6 @@ */ #include <linux/kernel.h> -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> #include <linux/errno.h> diff --git a/net/sched/sch_htb.c b/net/sched/sch_htb.c index 3ec95df4a85..34afe41fa2f 100644 --- a/net/sched/sch_htb.c +++ b/net/sched/sch_htb.c @@ -27,7 +27,6 @@ * * $Id: sch_htb.c,v 1.25 2003/12/07 11:08:25 devik Exp devik $ */ -#include <linux/config.h> #include <linux/module.h> #include <asm/uaccess.h> #include <asm/system.h> diff --git a/net/sched/sch_ingress.c b/net/sched/sch_ingress.c index 8edc32a6ad2..c3242f727d4 100644 --- a/net/sched/sch_ingress.c +++ b/net/sched/sch_ingress.c @@ -7,7 +7,6 @@ * Authors: Jamal Hadi Salim 1999 */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> #include <linux/skbuff.h> diff --git a/net/sched/sch_netem.c b/net/sched/sch_netem.c index 5a4a4d0ae50..c5bd8064e6d 100644 --- a/net/sched/sch_netem.c +++ b/net/sched/sch_netem.c @@ -13,7 +13,6 @@ * Catalin(ux aka Dino) BOIE <catab at umbrella dot ro> */ -#include <linux/config.h> #include <linux/module.h> #include <linux/bitops.h> #include <linux/types.h> diff --git a/net/sched/sch_prio.c b/net/sched/sch_prio.c index 3395ca7bcad..a5fa03c0c19 100644 --- a/net/sched/sch_prio.c +++ b/net/sched/sch_prio.c @@ -11,7 +11,6 @@ * Init -- EINVAL when opt undefined */ -#include <linux/config.h> #include <linux/module.h> #include <asm/uaccess.h> #include <asm/system.h> diff --git a/net/sched/sch_red.c b/net/sched/sch_red.c index 2be563cba72..d65cadddea6 100644 --- a/net/sched/sch_red.c +++ b/net/sched/sch_red.c @@ -14,7 +14,6 @@ * J Hadi Salim 980816: ECN support */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> #include <linux/kernel.h> diff --git a/net/sched/sch_sfq.c b/net/sched/sch_sfq.c index e057768f68b..d0d6e595a78 100644 --- a/net/sched/sch_sfq.c +++ b/net/sched/sch_sfq.c @@ -9,7 +9,6 @@ * Authors: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru> */ -#include <linux/config.h> #include <linux/module.h> #include <asm/uaccess.h> #include <asm/system.h> diff --git a/net/sched/sch_tbf.c b/net/sched/sch_tbf.c index d8e03c74ca7..d9a5d298d75 100644 --- a/net/sched/sch_tbf.c +++ b/net/sched/sch_tbf.c @@ -12,7 +12,6 @@ * */ -#include <linux/config.h> #include <linux/module.h> #include <asm/uaccess.h> #include <asm/system.h> diff --git a/net/sctp/socket.c b/net/sctp/socket.c index b811691c35b..0a2c71d0d8a 100644 --- a/net/sctp/socket.c +++ b/net/sctp/socket.c @@ -57,7 +57,6 @@ * be incorporated into the next SCTP release. */ -#include <linux/config.h> #include <linux/types.h> #include <linux/kernel.h> #include <linux/wait.h> diff --git a/net/socket.c b/net/socket.c index 565f5e8d119..b4848ce0d6a 100644 --- a/net/socket.c +++ b/net/socket.c @@ -58,7 +58,6 @@ * Based upon Swansea University Computer Society NET3.039 */ -#include <linux/config.h> #include <linux/mm.h> #include <linux/smp_lock.h> #include <linux/socket.h> diff --git a/net/sunrpc/auth_gss/gss_mech_switch.c b/net/sunrpc/auth_gss/gss_mech_switch.c index f8bac6ccd52..d88468d21c3 100644 --- a/net/sunrpc/auth_gss/gss_mech_switch.c +++ b/net/sunrpc/auth_gss/gss_mech_switch.c @@ -224,7 +224,8 @@ EXPORT_SYMBOL(gss_service_to_auth_domain_name); void gss_mech_put(struct gss_api_mech * gm) { - module_put(gm->gm_owner); + if (gm) + module_put(gm->gm_owner); } EXPORT_SYMBOL(gss_mech_put); @@ -307,8 +308,7 @@ gss_delete_sec_context(struct gss_ctx **context_handle) (*context_handle)->mech_type->gm_ops ->gss_delete_sec_context((*context_handle) ->internal_ctx_id); - if ((*context_handle)->mech_type) - gss_mech_put((*context_handle)->mech_type); + gss_mech_put((*context_handle)->mech_type); kfree(*context_handle); *context_handle=NULL; return GSS_S_COMPLETE; diff --git a/net/sunrpc/auth_gss/svcauth_gss.c b/net/sunrpc/auth_gss/svcauth_gss.c index d51e316c582..94217ec9e2d 100644 --- a/net/sunrpc/auth_gss/svcauth_gss.c +++ b/net/sunrpc/auth_gss/svcauth_gss.c @@ -425,6 +425,7 @@ static int rsc_parse(struct cache_detail *cd, struct rsc rsci, *rscp = NULL; time_t expiry; int status = -EINVAL; + struct gss_api_mech *gm = NULL; memset(&rsci, 0, sizeof(rsci)); /* context handle */ @@ -453,7 +454,6 @@ static int rsc_parse(struct cache_detail *cd, set_bit(CACHE_NEGATIVE, &rsci.h.flags); else { int N, i; - struct gss_api_mech *gm; /* gid */ if (get_int(&mesg, &rsci.cred.cr_gid)) @@ -488,21 +488,17 @@ static int rsc_parse(struct cache_detail *cd, status = -EINVAL; /* mech-specific data: */ len = qword_get(&mesg, buf, mlen); - if (len < 0) { - gss_mech_put(gm); + if (len < 0) goto out; - } status = gss_import_sec_context(buf, len, gm, &rsci.mechctx); - if (status) { - gss_mech_put(gm); + if (status) goto out; - } - gss_mech_put(gm); } rsci.h.expiry_time = expiry; rscp = rsc_update(&rsci, rscp); status = 0; out: + gss_mech_put(gm); rsc_free(&rsci); if (rscp) cache_put(&rscp->h, &rsc_cache); @@ -836,6 +832,74 @@ out: return stat; } +static inline int +total_buf_len(struct xdr_buf *buf) +{ + return buf->head[0].iov_len + buf->page_len + buf->tail[0].iov_len; +} + +static void +fix_priv_head(struct xdr_buf *buf, int pad) +{ + if (buf->page_len == 0) { + /* We need to adjust head and buf->len in tandem in this + * case to make svc_defer() work--it finds the original + * buffer start using buf->len - buf->head[0].iov_len. */ + buf->head[0].iov_len -= pad; + } +} + +static int +unwrap_priv_data(struct svc_rqst *rqstp, struct xdr_buf *buf, u32 seq, struct gss_ctx *ctx) +{ + u32 priv_len, maj_stat; + int pad, saved_len, remaining_len, offset; + + rqstp->rq_sendfile_ok = 0; + + priv_len = ntohl(svc_getu32(&buf->head[0])); + if (rqstp->rq_deferred) { + /* Already decrypted last time through! The sequence number + * check at out_seq is unnecessary but harmless: */ + goto out_seq; + } + /* buf->len is the number of bytes from the original start of the + * request to the end, where head[0].iov_len is just the bytes + * not yet read from the head, so these two values are different: */ + remaining_len = total_buf_len(buf); + if (priv_len > remaining_len) + return -EINVAL; + pad = remaining_len - priv_len; + buf->len -= pad; + fix_priv_head(buf, pad); + + /* Maybe it would be better to give gss_unwrap a length parameter: */ + saved_len = buf->len; + buf->len = priv_len; + maj_stat = gss_unwrap(ctx, 0, buf); + pad = priv_len - buf->len; + buf->len = saved_len; + buf->len -= pad; + /* The upper layers assume the buffer is aligned on 4-byte boundaries. + * In the krb5p case, at least, the data ends up offset, so we need to + * move it around. */ + /* XXX: This is very inefficient. It would be better to either do + * this while we encrypt, or maybe in the receive code, if we can peak + * ahead and work out the service and mechanism there. */ + offset = buf->head[0].iov_len % 4; + if (offset) { + buf->buflen = RPCSVC_MAXPAYLOAD; + xdr_shift_buf(buf, offset); + fix_priv_head(buf, pad); + } + if (maj_stat != GSS_S_COMPLETE) + return -EINVAL; +out_seq: + if (ntohl(svc_getu32(&buf->head[0])) != seq) + return -EINVAL; + return 0; +} + struct gss_svc_data { /* decoded gss client cred: */ struct rpc_gss_wire_cred clcred; @@ -1051,7 +1115,14 @@ svcauth_gss_accept(struct svc_rqst *rqstp, u32 *authp) svc_putu32(resv, 0); break; case RPC_GSS_SVC_PRIVACY: - /* currently unsupported */ + if (unwrap_priv_data(rqstp, &rqstp->rq_arg, + gc->gc_seq, rsci->mechctx)) + goto auth_err; + /* placeholders for length and seq. number: */ + svcdata->body_start = resv->iov_base + resv->iov_len; + svc_putu32(resv, 0); + svc_putu32(resv, 0); + break; default: goto auth_err; } @@ -1076,8 +1147,8 @@ out: return ret; } -static int -svcauth_gss_release(struct svc_rqst *rqstp) +static inline int +svcauth_gss_wrap_resp_integ(struct svc_rqst *rqstp) { struct gss_svc_data *gsd = (struct gss_svc_data *)rqstp->rq_auth_data; struct rpc_gss_wire_cred *gc = &gsd->clcred; @@ -1089,69 +1160,147 @@ svcauth_gss_release(struct svc_rqst *rqstp) int integ_offset, integ_len; int stat = -EINVAL; + p = gsd->body_start; + gsd->body_start = NULL; + /* move accept_stat to right place: */ + memcpy(p, p + 2, 4); + /* Don't wrap in failure case: */ + /* Counting on not getting here if call was not even accepted! */ + if (*p != rpc_success) { + resbuf->head[0].iov_len -= 2 * 4; + goto out; + } + p++; + integ_offset = (u8 *)(p + 1) - (u8 *)resbuf->head[0].iov_base; + integ_len = resbuf->len - integ_offset; + BUG_ON(integ_len % 4); + *p++ = htonl(integ_len); + *p++ = htonl(gc->gc_seq); + if (xdr_buf_subsegment(resbuf, &integ_buf, integ_offset, + integ_len)) + BUG(); + if (resbuf->page_len == 0 + && resbuf->head[0].iov_len + RPC_MAX_AUTH_SIZE + < PAGE_SIZE) { + BUG_ON(resbuf->tail[0].iov_len); + /* Use head for everything */ + resv = &resbuf->head[0]; + } else if (resbuf->tail[0].iov_base == NULL) { + if (resbuf->head[0].iov_len + RPC_MAX_AUTH_SIZE > PAGE_SIZE) + goto out_err; + resbuf->tail[0].iov_base = resbuf->head[0].iov_base + + resbuf->head[0].iov_len; + resbuf->tail[0].iov_len = 0; + rqstp->rq_restailpage = 0; + resv = &resbuf->tail[0]; + } else { + resv = &resbuf->tail[0]; + } + mic.data = (u8 *)resv->iov_base + resv->iov_len + 4; + if (gss_get_mic(gsd->rsci->mechctx, &integ_buf, &mic)) + goto out_err; + svc_putu32(resv, htonl(mic.len)); + memset(mic.data + mic.len, 0, + round_up_to_quad(mic.len) - mic.len); + resv->iov_len += XDR_QUADLEN(mic.len) << 2; + /* not strictly required: */ + resbuf->len += XDR_QUADLEN(mic.len) << 2; + BUG_ON(resv->iov_len > PAGE_SIZE); +out: + stat = 0; +out_err: + return stat; +} + +static inline int +svcauth_gss_wrap_resp_priv(struct svc_rqst *rqstp) +{ + struct gss_svc_data *gsd = (struct gss_svc_data *)rqstp->rq_auth_data; + struct rpc_gss_wire_cred *gc = &gsd->clcred; + struct xdr_buf *resbuf = &rqstp->rq_res; + struct page **inpages = NULL; + u32 *p; + int offset, *len; + int pad; + + p = gsd->body_start; + gsd->body_start = NULL; + /* move accept_stat to right place: */ + memcpy(p, p + 2, 4); + /* Don't wrap in failure case: */ + /* Counting on not getting here if call was not even accepted! */ + if (*p != rpc_success) { + resbuf->head[0].iov_len -= 2 * 4; + return 0; + } + p++; + len = p++; + offset = (u8 *)p - (u8 *)resbuf->head[0].iov_base; + *p++ = htonl(gc->gc_seq); + inpages = resbuf->pages; + /* XXX: Would be better to write some xdr helper functions for + * nfs{2,3,4}xdr.c that place the data right, instead of copying: */ + if (resbuf->tail[0].iov_base && rqstp->rq_restailpage == 0) { + BUG_ON(resbuf->tail[0].iov_base >= resbuf->head[0].iov_base + + PAGE_SIZE); + BUG_ON(resbuf->tail[0].iov_base < resbuf->head[0].iov_base); + if (resbuf->tail[0].iov_len + resbuf->head[0].iov_len + + 2 * RPC_MAX_AUTH_SIZE > PAGE_SIZE) + return -ENOMEM; + memmove(resbuf->tail[0].iov_base + RPC_MAX_AUTH_SIZE, + resbuf->tail[0].iov_base, + resbuf->tail[0].iov_len); + resbuf->tail[0].iov_base += RPC_MAX_AUTH_SIZE; + } + if (resbuf->tail[0].iov_base == NULL) { + if (resbuf->head[0].iov_len + 2*RPC_MAX_AUTH_SIZE > PAGE_SIZE) + return -ENOMEM; + resbuf->tail[0].iov_base = resbuf->head[0].iov_base + + resbuf->head[0].iov_len + RPC_MAX_AUTH_SIZE; + resbuf->tail[0].iov_len = 0; + rqstp->rq_restailpage = 0; + } + if (gss_wrap(gsd->rsci->mechctx, offset, resbuf, inpages)) + return -ENOMEM; + *len = htonl(resbuf->len - offset); + pad = 3 - ((resbuf->len - offset - 1)&3); + p = (u32 *)(resbuf->tail[0].iov_base + resbuf->tail[0].iov_len); + memset(p, 0, pad); + resbuf->tail[0].iov_len += pad; + resbuf->len += pad; + return 0; +} + +static int +svcauth_gss_release(struct svc_rqst *rqstp) +{ + struct gss_svc_data *gsd = (struct gss_svc_data *)rqstp->rq_auth_data; + struct rpc_gss_wire_cred *gc = &gsd->clcred; + struct xdr_buf *resbuf = &rqstp->rq_res; + int stat = -EINVAL; + if (gc->gc_proc != RPC_GSS_PROC_DATA) goto out; /* Release can be called twice, but we only wrap once. */ if (gsd->body_start == NULL) goto out; /* normally not set till svc_send, but we need it here: */ - resbuf->len = resbuf->head[0].iov_len - + resbuf->page_len + resbuf->tail[0].iov_len; + /* XXX: what for? Do we mess it up the moment we call svc_putu32 + * or whatever? */ + resbuf->len = total_buf_len(resbuf); switch (gc->gc_svc) { case RPC_GSS_SVC_NONE: break; case RPC_GSS_SVC_INTEGRITY: - p = gsd->body_start; - gsd->body_start = NULL; - /* move accept_stat to right place: */ - memcpy(p, p + 2, 4); - /* don't wrap in failure case: */ - /* Note: counting on not getting here if call was not even - * accepted! */ - if (*p != rpc_success) { - resbuf->head[0].iov_len -= 2 * 4; - goto out; - } - p++; - integ_offset = (u8 *)(p + 1) - (u8 *)resbuf->head[0].iov_base; - integ_len = resbuf->len - integ_offset; - BUG_ON(integ_len % 4); - *p++ = htonl(integ_len); - *p++ = htonl(gc->gc_seq); - if (xdr_buf_subsegment(resbuf, &integ_buf, integ_offset, - integ_len)) - BUG(); - if (resbuf->page_len == 0 - && resbuf->head[0].iov_len + RPC_MAX_AUTH_SIZE - < PAGE_SIZE) { - BUG_ON(resbuf->tail[0].iov_len); - /* Use head for everything */ - resv = &resbuf->head[0]; - } else if (resbuf->tail[0].iov_base == NULL) { - if (resbuf->head[0].iov_len + RPC_MAX_AUTH_SIZE - > PAGE_SIZE) - goto out_err; - resbuf->tail[0].iov_base = - resbuf->head[0].iov_base - + resbuf->head[0].iov_len; - resbuf->tail[0].iov_len = 0; - rqstp->rq_restailpage = 0; - resv = &resbuf->tail[0]; - } else { - resv = &resbuf->tail[0]; - } - mic.data = (u8 *)resv->iov_base + resv->iov_len + 4; - if (gss_get_mic(gsd->rsci->mechctx, &integ_buf, &mic)) + stat = svcauth_gss_wrap_resp_integ(rqstp); + if (stat) goto out_err; - svc_putu32(resv, htonl(mic.len)); - memset(mic.data + mic.len, 0, - round_up_to_quad(mic.len) - mic.len); - resv->iov_len += XDR_QUADLEN(mic.len) << 2; - /* not strictly required: */ - resbuf->len += XDR_QUADLEN(mic.len) << 2; - BUG_ON(resv->iov_len > PAGE_SIZE); break; case RPC_GSS_SVC_PRIVACY: + stat = svcauth_gss_wrap_resp_priv(rqstp); + if (stat) + goto out_err; + break; default: goto out_err; } diff --git a/net/sunrpc/pmap_clnt.c b/net/sunrpc/pmap_clnt.c index d25b054ec92..623180f224c 100644 --- a/net/sunrpc/pmap_clnt.c +++ b/net/sunrpc/pmap_clnt.c @@ -6,7 +6,6 @@ * Copyright (C) 1996, Olaf Kirch <okir@monad.swb.de> */ -#include <linux/config.h> #include <linux/types.h> #include <linux/socket.h> #include <linux/kernel.h> diff --git a/net/sunrpc/rpc_pipe.c b/net/sunrpc/rpc_pipe.c index dafe793c774..6db6006616c 100644 --- a/net/sunrpc/rpc_pipe.c +++ b/net/sunrpc/rpc_pipe.c @@ -8,7 +8,6 @@ * Copyright (c) 2002, Trond Myklebust <trond.myklebust@fys.uio.no> * */ -#include <linux/config.h> #include <linux/module.h> #include <linux/slab.h> #include <linux/string.h> diff --git a/net/sunrpc/sunrpc_syms.c b/net/sunrpc/sunrpc_syms.c index 769114f0f88..f38f939ce95 100644 --- a/net/sunrpc/sunrpc_syms.c +++ b/net/sunrpc/sunrpc_syms.c @@ -6,7 +6,6 @@ * Copyright (C) 1997 Olaf Kirch <okir@monad.swb.de> */ -#include <linux/config.h> #include <linux/module.h> #include <linux/types.h> diff --git a/net/sunrpc/svc.c b/net/sunrpc/svc.c index b08419e1fc6..01ba60a4957 100644 --- a/net/sunrpc/svc.c +++ b/net/sunrpc/svc.c @@ -280,7 +280,10 @@ svc_process(struct svc_serv *serv, struct svc_rqst *rqstp) rqstp->rq_res.page_base = 0; rqstp->rq_res.page_len = 0; rqstp->rq_res.buflen = PAGE_SIZE; + rqstp->rq_res.tail[0].iov_base = NULL; rqstp->rq_res.tail[0].iov_len = 0; + /* Will be turned off only in gss privacy case: */ + rqstp->rq_sendfile_ok = 1; /* tcp needs a space for the record length... */ if (rqstp->rq_prot == IPPROTO_TCP) svc_putu32(resv, 0); diff --git a/net/sunrpc/sysctl.c b/net/sunrpc/sysctl.c index 1065904841f..d89b048ad6b 100644 --- a/net/sunrpc/sysctl.c +++ b/net/sunrpc/sysctl.c @@ -7,7 +7,6 @@ * impossible at the moment. */ -#include <linux/config.h> #include <linux/types.h> #include <linux/linkage.h> #include <linux/ctype.h> diff --git a/net/sysctl_net.c b/net/sysctl_net.c index 58a1b6b42dd..cd4eafbab1b 100644 --- a/net/sysctl_net.c +++ b/net/sysctl_net.c @@ -12,7 +12,6 @@ * */ -#include <linux/config.h> #include <linux/mm.h> #include <linux/sysctl.h> diff --git a/net/tipc/core.c b/net/tipc/core.c index 5003acb1591..0539a836285 100644 --- a/net/tipc/core.c +++ b/net/tipc/core.c @@ -191,7 +191,8 @@ static int __init tipc_init(void) int res; tipc_log_reinit(CONFIG_TIPC_LOG); - info("Activated (compiled " __DATE__ " " __TIME__ ")\n"); + info("Activated (version " TIPC_MOD_VER + " compiled " __DATE__ " " __TIME__ ")\n"); tipc_own_addr = 0; tipc_remote_management = 1; diff --git a/net/tipc/link.c b/net/tipc/link.c index d6465805374..c6831c75cfa 100644 --- a/net/tipc/link.c +++ b/net/tipc/link.c @@ -2,7 +2,7 @@ * net/tipc/link.c: TIPC link code * * Copyright (c) 1996-2006, Ericsson AB - * Copyright (c) 2004-2005, Wind River Systems + * Copyright (c) 2004-2006, Wind River Systems * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -988,17 +988,18 @@ static int link_bundle_buf(struct link *l_ptr, struct tipc_msg *bundler_msg = buf_msg(bundler); struct tipc_msg *msg = buf_msg(buf); u32 size = msg_size(msg); - u32 to_pos = align(msg_size(bundler_msg)); - u32 rest = link_max_pkt(l_ptr) - to_pos; + u32 bundle_size = msg_size(bundler_msg); + u32 to_pos = align(bundle_size); + u32 pad = to_pos - bundle_size; if (msg_user(bundler_msg) != MSG_BUNDLER) return 0; if (msg_type(bundler_msg) != OPEN_MSG) return 0; - if (rest < align(size)) + if (skb_tailroom(bundler) < (pad + size)) return 0; - skb_put(bundler, (to_pos - msg_size(bundler_msg)) + size); + skb_put(bundler, pad + size); memcpy(bundler->data + to_pos, buf->data, size); msg_set_size(bundler_msg, to_pos + size); msg_set_msgcnt(bundler_msg, msg_msgcnt(bundler_msg) + 1); diff --git a/net/tipc/node.c b/net/tipc/node.c index 861322b935d..fc6d09630cc 100644 --- a/net/tipc/node.c +++ b/net/tipc/node.c @@ -2,7 +2,7 @@ * net/tipc/node.c: TIPC node management routines * * Copyright (c) 2000-2006, Ericsson AB - * Copyright (c) 2005, Wind River Systems + * Copyright (c) 2005-2006, Wind River Systems * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -592,6 +592,7 @@ struct sk_buff *tipc_node_get_nodes(const void *req_tlv_area, int req_tlv_space) struct sk_buff *buf; struct node *n_ptr; struct tipc_node_info node_info; + u32 payload_size; if (!TLV_CHECK(req_tlv_area, req_tlv_space, TIPC_TLV_NET_ADDR)) return tipc_cfg_reply_error_string(TIPC_CFG_TLV_ERROR); @@ -608,8 +609,11 @@ struct sk_buff *tipc_node_get_nodes(const void *req_tlv_area, int req_tlv_space) /* For now, get space for all other nodes (will need to modify this when slave nodes are supported */ - buf = tipc_cfg_reply_alloc(TLV_SPACE(sizeof(node_info)) * - (tipc_max_nodes - 1)); + payload_size = TLV_SPACE(sizeof(node_info)) * (tipc_max_nodes - 1); + if (payload_size > 32768u) + return tipc_cfg_reply_error_string(TIPC_CFG_NOT_SUPPORTED + " (too many nodes)"); + buf = tipc_cfg_reply_alloc(payload_size); if (!buf) return NULL; @@ -633,6 +637,7 @@ struct sk_buff *tipc_node_get_links(const void *req_tlv_area, int req_tlv_space) struct sk_buff *buf; struct node *n_ptr; struct tipc_link_info link_info; + u32 payload_size; if (!TLV_CHECK(req_tlv_area, req_tlv_space, TIPC_TLV_NET_ADDR)) return tipc_cfg_reply_error_string(TIPC_CFG_TLV_ERROR); @@ -645,12 +650,15 @@ struct sk_buff *tipc_node_get_links(const void *req_tlv_area, int req_tlv_space) if (!tipc_nodes) return tipc_cfg_reply_none(); - - /* For now, get space for 2 links to all other nodes + bcast link - (will need to modify this when slave nodes are supported */ - - buf = tipc_cfg_reply_alloc(TLV_SPACE(sizeof(link_info)) * - (2 * (tipc_max_nodes - 1) + 1)); + + /* Get space for all unicast links + multicast link */ + + payload_size = TLV_SPACE(sizeof(link_info)) * + (tipc_net.zones[tipc_zone(tipc_own_addr)]->links + 1); + if (payload_size > 32768u) + return tipc_cfg_reply_error_string(TIPC_CFG_NOT_SUPPORTED + " (too many links)"); + buf = tipc_cfg_reply_alloc(payload_size); if (!buf) return NULL; diff --git a/net/tipc/zone.h b/net/tipc/zone.h index 267999c5a24..5ab3d08602e 100644 --- a/net/tipc/zone.h +++ b/net/tipc/zone.h @@ -2,7 +2,7 @@ * net/tipc/zone.h: Include file for TIPC zone management routines * * Copyright (c) 2000-2006, Ericsson AB - * Copyright (c) 2005, Wind River Systems + * Copyright (c) 2005-2006, Wind River Systems * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -45,7 +45,7 @@ * struct _zone - TIPC zone structure * @addr: network address of zone * @clusters: array of pointers to all clusters within zone - * @links: (used for inter-zone communication) + * @links: number of (unicast) links to zone */ struct _zone { diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c index d901465ce01..aca65010942 100644 --- a/net/unix/af_unix.c +++ b/net/unix/af_unix.c @@ -83,7 +83,6 @@ */ #include <linux/module.h> -#include <linux/config.h> #include <linux/kernel.h> #include <linux/signal.h> #include <linux/sched.h> @@ -128,6 +127,30 @@ static atomic_t unix_nr_socks = ATOMIC_INIT(0); #define UNIX_ABSTRACT(sk) (unix_sk(sk)->addr->hash != UNIX_HASH_SIZE) +#ifdef CONFIG_SECURITY_NETWORK +static void unix_get_peersec_dgram(struct sk_buff *skb) +{ + int err; + + err = security_socket_getpeersec_dgram(skb, UNIXSECDATA(skb), + UNIXSECLEN(skb)); + if (err) + *(UNIXSECDATA(skb)) = NULL; +} + +static inline void unix_set_secdata(struct scm_cookie *scm, struct sk_buff *skb) +{ + scm->secdata = *UNIXSECDATA(skb); + scm->seclen = *UNIXSECLEN(skb); +} +#else +static void unix_get_peersec_dgram(struct sk_buff *skb) +{ } + +static inline void unix_set_secdata(struct scm_cookie *scm, struct sk_buff *skb) +{ } +#endif /* CONFIG_SECURITY_NETWORK */ + /* * SMP locking strategy: * hash table is protected with spinlock unix_table_lock @@ -1291,6 +1314,8 @@ static int unix_dgram_sendmsg(struct kiocb *kiocb, struct socket *sock, if (siocb->scm->fp) unix_attach_fds(siocb->scm, skb); + unix_get_peersec_dgram(skb); + skb->h.raw = skb->data; err = memcpy_fromiovec(skb_put(skb,len), msg->msg_iov, len); if (err) @@ -1570,6 +1595,7 @@ static int unix_dgram_recvmsg(struct kiocb *iocb, struct socket *sock, memset(&tmp_scm, 0, sizeof(tmp_scm)); } siocb->scm->creds = *UNIXCREDS(skb); + unix_set_secdata(siocb->scm, skb); if (!(flags & MSG_PEEK)) { diff --git a/net/wanrouter/af_wanpipe.c b/net/wanrouter/af_wanpipe.c index b1265187b4a..a690cf773b6 100644 --- a/net/wanrouter/af_wanpipe.c +++ b/net/wanrouter/af_wanpipe.c @@ -32,7 +32,6 @@ * ******************************************************************************/ -#include <linux/config.h> #include <linux/types.h> #include <linux/sched.h> #include <linux/mm.h> diff --git a/net/wanrouter/wanmain.c b/net/wanrouter/wanmain.c index c34833dc7cc..ad8e8a79779 100644 --- a/net/wanrouter/wanmain.c +++ b/net/wanrouter/wanmain.c @@ -42,7 +42,6 @@ * Jun 02, 1999 Gideon Hack Updates for Linux 2.0.X and 2.2.X kernels. *****************************************************************************/ -#include <linux/config.h> #include <linux/stddef.h> /* offsetof(), etc. */ #include <linux/capability.h> #include <linux/errno.h> /* return codes */ diff --git a/net/wanrouter/wanproc.c b/net/wanrouter/wanproc.c index c28ba5a4720..930ea59463a 100644 --- a/net/wanrouter/wanproc.c +++ b/net/wanrouter/wanproc.c @@ -20,7 +20,6 @@ * Dec 13, 1996 Gene Kozin Initial version (based on Sangoma's WANPIPE) *****************************************************************************/ -#include <linux/config.h> #include <linux/init.h> /* __initfunc et al. */ #include <linux/stddef.h> /* offsetof(), etc. */ #include <linux/errno.h> /* return codes */ diff --git a/net/x25/af_x25.c b/net/x25/af_x25.c index 282ce4e40d7..52a2726d327 100644 --- a/net/x25/af_x25.c +++ b/net/x25/af_x25.c @@ -35,7 +35,6 @@ * response */ -#include <linux/config.h> #include <linux/module.h> #include <linux/capability.h> #include <linux/errno.h> diff --git a/net/x25/x25_dev.c b/net/x25/x25_dev.c index adfe7b8df35..47b68a30167 100644 --- a/net/x25/x25_dev.c +++ b/net/x25/x25_dev.c @@ -17,7 +17,6 @@ * 2000-09-04 Henner Eisen Prevent freeing a dangling skb. */ -#include <linux/config.h> #include <linux/kernel.h> #include <linux/netdevice.h> #include <linux/skbuff.h> diff --git a/net/x25/x25_proc.c b/net/x25/x25_proc.c index dfb80116c59..a11837d361d 100644 --- a/net/x25/x25_proc.c +++ b/net/x25/x25_proc.c @@ -17,7 +17,6 @@ * 2002/10/06 Arnaldo Carvalho de Melo seq_file support */ -#include <linux/config.h> #include <linux/init.h> #include <linux/proc_fs.h> #include <linux/seq_file.h> diff --git a/net/x25/x25_route.c b/net/x25/x25_route.c index 6c5d3751703..2a3fe986b24 100644 --- a/net/x25/x25_route.c +++ b/net/x25/x25_route.c @@ -17,7 +17,6 @@ * X.25 001 Jonathan Naylor Started coding. */ -#include <linux/config.h> #include <linux/if_arp.h> #include <linux/init.h> #include <net/x25.h> diff --git a/net/xfrm/xfrm_algo.c b/net/xfrm/xfrm_algo.c index 6ed3302312f..04e1aea58bc 100644 --- a/net/xfrm/xfrm_algo.c +++ b/net/xfrm/xfrm_algo.c @@ -9,7 +9,6 @@ * any later version. */ -#include <linux/config.h> #include <linux/module.h> #include <linux/kernel.h> #include <linux/pfkeyv2.h> diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c index b8936926c24..405b741dff4 100644 --- a/net/xfrm/xfrm_policy.c +++ b/net/xfrm/xfrm_policy.c @@ -13,7 +13,6 @@ * */ -#include <linux/config.h> #include <linux/slab.h> #include <linux/kmod.h> #include <linux/list.h> diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c index 17b29ec3c41..43f00fc28a3 100644 --- a/net/xfrm/xfrm_state.c +++ b/net/xfrm/xfrm_state.c @@ -1164,8 +1164,6 @@ int xfrm_state_mtu(struct xfrm_state *x, int mtu) return res; } -EXPORT_SYMBOL(xfrm_state_mtu); - int xfrm_init_state(struct xfrm_state *x) { struct xfrm_state_afinfo *afinfo; diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c index c21dc26141e..3e6a722d072 100644 --- a/net/xfrm/xfrm_user.c +++ b/net/xfrm/xfrm_user.c @@ -1435,7 +1435,7 @@ static int xfrm_user_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh, int *err link = &xfrm_dispatch[type]; /* All operations require privileges, even GET */ - if (security_netlink_recv(skb)) { + if (security_netlink_recv(skb, CAP_NET_ADMIN)) { *errp = -EPERM; return -1; } |