Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6

Linus Torvalds
2 parents 57d1c91fa6 a2167dc62e
Showing 20 changed files Side-by-side Diff
include/linux/filter.h
include/linux/inet.h
include/linux/ip.h
include/net/sock.h
net/atm/br2684.c
net/bridge/br_input.c
net/bridge/br_netfilter.c
net/core/filter.c
net/core/pktgen.c
net/core/utils.c
net/ethernet/eth.c
net/ipv4/ip_fragment.c
net/ipv4/ip_output.c
net/ipv4/ipvs/ip_vs_xmit.c
net/ipv4/netfilter/ipt_helper.c
net/x25/af_x25.c
net/xfrm/xfrm_user.c
security/selinux/include/av_perm_to_string.h
security/selinux/include/av_permissions.h
security/selinux/xfrm.c
@@ -143,7 +143,7 @@
 struct sk_buff;
 struct sock;
  
-extern int sk_run_filter(struct sk_buff *skb, struct sock_filter *filter, int flen);
+extern unsigned int sk_run_filter(struct sk_buff *skb, struct sock_filter *filter, int flen);
 extern int sk_attach_filter(struct sock_fprog *fprog, struct sock *sk);
 extern int sk_chk_filter(struct sock_filter *filter, int flen);
 #endif /* __KERNEL__ */
@@ -45,7 +45,7 @@
 #ifdef __KERNEL__
 #include <linux/types.h>
  
-extern __u32 in_aton(const char *str);
+extern __be32 in_aton(const char *str);
 #endif
 #endif	/* _LINUX_INET_H */
@@ -90,14 +90,14 @@
 #error	"Please fix <asm/byteorder.h>"
 #endif
 	__u8	tos;
-	__u16	tot_len;
-	__u16	id;
-	__u16	frag_off;
+	__be16	tot_len;
+	__be16	id;
+	__be16	frag_off;
 	__u8	ttl;
 	__u8	protocol;
 	__u16	check;
-	__u32	saddr;
-	__u32	daddr;
+	__be32	saddr;
+	__be32	daddr;
 	/*The options start here. */
 };
  
@@ -856,8 +856,8 @@
  
 		filter = sk->sk_filter;
 		if (filter) {
-			int pkt_len = sk_run_filter(skb, filter->insns,
-						    filter->len);
+			unsigned int pkt_len = sk_run_filter(skb, filter->insns,
+							     filter->len);
 			if (!pkt_len)
 				err = -EPERM;
 			else
@@ -295,7 +295,7 @@
 	unsigned char *rawp;
 	eth = eth_hdr(skb);
  
-	if (*eth->h_dest & 1) {
+	if (is_multicast_ether_addr(eth->h_dest)) {
 		if (memcmp(eth->h_dest, dev->broadcast, ETH_ALEN) == 0)
 			skb->pkt_type = PACKET_BROADCAST;
 		else
@@ -68,7 +68,7 @@
 		}
 	}
  
-	if (dest[0] & 1) {
+	if (is_multicast_ether_addr(dest)) {
 		br_flood_forward(br, skb, !passedup);
 		if (!passedup)
 			br_pass_frame_up(br, skb);
@@ -394,8 +394,9 @@
  * target in particular.  Save the original destination IP
  * address to be able to detect DNAT afterwards. */
 static unsigned int br_nf_pre_routing(unsigned int hook, struct sk_buff **pskb,
-   const struct net_device *in, const struct net_device *out,
-   int (*okfn)(struct sk_buff *))
+				      const struct net_device *in,
+				      const struct net_device *out,
+				      int (*okfn)(struct sk_buff *))
 {
 	struct iphdr *iph;
 	__u32 len;
  
@@ -412,8 +413,10 @@
 			goto out;
  
 		if (skb->protocol == __constant_htons(ETH_P_8021Q)) {
+			u8 *vhdr = skb->data;
 			skb_pull(skb, VLAN_HLEN);
-			(skb)->nh.raw += VLAN_HLEN;
+			skb_postpull_rcsum(skb, vhdr, VLAN_HLEN);
+			skb->nh.raw += VLAN_HLEN;
 		}
 		return br_nf_pre_routing_ipv6(hook, skb, in, out, okfn);
 	}
  
@@ -429,8 +432,10 @@
 		goto out;
  
 	if (skb->protocol == __constant_htons(ETH_P_8021Q)) {
+		u8 *vhdr = skb->data;
 		skb_pull(skb, VLAN_HLEN);
-		(skb)->nh.raw += VLAN_HLEN;
+		skb_postpull_rcsum(skb, vhdr, VLAN_HLEN);
+		skb->nh.raw += VLAN_HLEN;
 	}
  
 	if (!pskb_may_pull(skb, sizeof(struct iphdr)))
@@ -75,7 +75,7 @@
  * len is the number of filter blocks in the array.
  */
  
-int sk_run_filter(struct sk_buff *skb, struct sock_filter *filter, int flen)
+unsigned int sk_run_filter(struct sk_buff *skb, struct sock_filter *filter, int flen)
 {
 	struct sock_filter *fentry;	/* We walk down these */
 	void *ptr;
  
@@ -241,9 +241,9 @@
 			A = X;
 			continue;
 		case BPF_RET|BPF_K:
-			return ((unsigned int)fentry->k);
+			return fentry->k;
 		case BPF_RET|BPF_A:
-			return ((unsigned int)A);
+			return A;
 		case BPF_ST:
 			mem[fentry->k] = A;
 			continue;
@@ -473,7 +473,6 @@
  
 static int pktgen_remove_device(struct pktgen_thread* t, struct pktgen_dev *i);
 static int pktgen_add_device(struct pktgen_thread* t, const char* ifname);
-static struct pktgen_thread* pktgen_find_thread(const char* name);
 static struct pktgen_dev *pktgen_find_dev(struct pktgen_thread* t, const char* ifname);
 static int pktgen_device_event(struct notifier_block *, unsigned long, void *);
 static void pktgen_run_all_threads(void);
@@ -2883,7 +2882,7 @@
 	return add_dev_to_thread(t, pkt_dev);
 }
  
-static struct pktgen_thread *pktgen_find_thread(const char* name) 
+static struct pktgen_thread * __init pktgen_find_thread(const char* name) 
 {
         struct pktgen_thread *t = NULL;
  
@@ -2900,7 +2899,7 @@
         return t;
 }
  
-static int pktgen_create_thread(const char* name, int cpu) 
+static int __init pktgen_create_thread(const char* name, int cpu) 
 {
         struct pktgen_thread *t = NULL;
 	struct proc_dir_entry *pe;
@@ -162,7 +162,7 @@
  * is otherwise not dependent on the TCP/IP stack.
  */
  
-__u32 in_aton(const char *str)
+__be32 in_aton(const char *str)
 {
 	unsigned long l;
 	unsigned int val;
@@ -163,7 +163,7 @@
 	skb_pull(skb,ETH_HLEN);
 	eth = eth_hdr(skb);
  
-	if (*eth->h_dest&1) {
+	if (is_multicast_ether_addr(eth->h_dest)) {
 		if (!compare_ether_addr(eth->h_dest, dev->broadcast))
 			skb->pkt_type = PACKET_BROADCAST;
 		else
@@ -383,7 +383,7 @@
  */
 static inline struct ipq *ip_find(struct iphdr *iph, u32 user)
 {
-	__u16 id = iph->id;
+	__be16 id = iph->id;
 	__u32 saddr = iph->saddr;
 	__u32 daddr = iph->daddr;
 	__u8 protocol = iph->protocol;
@@ -418,7 +418,7 @@
 	struct sk_buff *skb2;
 	unsigned int mtu, hlen, left, len, ll_rs;
 	int offset;
-	int not_last_frag;
+	__be16 not_last_frag;
 	struct rtable *rt = (struct rtable*)skb->dst;
 	int err = 0;
  
@@ -1180,7 +1180,7 @@
 	struct ip_options *opt = NULL;
 	struct rtable *rt = inet->cork.rt;
 	struct iphdr *iph;
-	int df = 0;
+	__be16 df = 0;
 	__u8 ttl;
 	int err = 0;
  
@@ -322,7 +322,7 @@
 	struct net_device *tdev;		/* Device to other host */
 	struct iphdr  *old_iph = skb->nh.iph;
 	u8     tos = old_iph->tos;
-	u16    df = old_iph->frag_off;
+	__be16 df = old_iph->frag_off;
 	struct iphdr  *iph;			/* Our new IP header */
 	int    max_headroom;			/* The extra header space needed */
 	int    mtu;
@@ -13,6 +13,7 @@
 #include <linux/module.h>
 #include <linux/skbuff.h>
 #include <linux/netfilter.h>
+#include <linux/interrupt.h>
 #if defined(CONFIG_IP_NF_CONNTRACK) || defined(CONFIG_IP_NF_CONNTRACK_MODULE)
 #include <linux/netfilter_ipv4/ip_conntrack.h>
 #include <linux/netfilter_ipv4/ip_conntrack_core.h>
@@ -540,12 +540,7 @@
 	sk->sk_state       = TCP_ESTABLISHED;
 	sk->sk_sleep       = osk->sk_sleep;
 	sk->sk_backlog_rcv = osk->sk_backlog_rcv;
-
-	if (sock_flag(osk, SOCK_ZAPPED))
-		sock_set_flag(sk, SOCK_ZAPPED);
-	
-	if (sock_flag(osk, SOCK_DBG))
-		sock_set_flag(sk, SOCK_DBG);
+	sock_copy_flags(sk, osk);
  
 	ox25 = x25_sk(osk);
 	x25->t21        = ox25->t21;
@@ -802,6 +802,7 @@
 	excl = nlh->nlmsg_type == XFRM_MSG_NEWPOLICY;
 	err = xfrm_policy_insert(p->dir, xp, excl);
 	if (err) {
+		security_xfrm_policy_free(xp);
 		kfree(xp);
 		return err;
 	}
@@ -238,6 +238,5 @@
    S_(SECCLASS_NSCD, NSCD__SHMEMHOST, "shmemhost")
    S_(SECCLASS_ASSOCIATION, ASSOCIATION__SENDTO, "sendto")
    S_(SECCLASS_ASSOCIATION, ASSOCIATION__RECVFROM, "recvfrom")
-   S_(SECCLASS_ASSOCIATION, ASSOCIATION__RELABELFROM, "relabelfrom")
-   S_(SECCLASS_ASSOCIATION, ASSOCIATION__RELABELTO, "relabelto")
+   S_(SECCLASS_ASSOCIATION, ASSOCIATION__SETCONTEXT, "setcontext")
@@ -908,8 +908,7 @@
  
 #define ASSOCIATION__SENDTO                       0x00000001UL
 #define ASSOCIATION__RECVFROM                     0x00000002UL
-#define ASSOCIATION__RELABELFROM                  0x00000004UL
-#define ASSOCIATION__RELABELTO                    0x00000008UL
+#define ASSOCIATION__SETCONTEXT                   0x00000004UL
  
 #define NETLINK_KOBJECT_UEVENT_SOCKET__IOCTL      0x00000001UL
 #define NETLINK_KOBJECT_UEVENT_SOCKET__READ       0x00000002UL
@@ -137,15 +137,9 @@
 	 * Must be permitted to relabel from default socket type (process type)
 	 * to specified context
 	 */
-	rc = avc_has_perm(tsec->sid, tsec->sid,
-			  SECCLASS_ASSOCIATION,
-			  ASSOCIATION__RELABELFROM, NULL);
-	if (rc)
-		goto out;
-
 	rc = avc_has_perm(tsec->sid, ctx->ctx_sid,
 			  SECCLASS_ASSOCIATION,
-			  ASSOCIATION__RELABELTO, NULL);
+			  ASSOCIATION__SETCONTEXT, NULL);
 	if (rc)
 		goto out;
...	...	@@ -143,7 +143,7 @@
143	143	struct sk_buff;
144	144	struct sock;
145	145
146		-extern int sk_run_filter(struct sk_buff skb, struct sock_filter filter, int flen);
	146	+extern unsigned int sk_run_filter(struct sk_buff skb, struct sock_filter filter, int flen);
147	147	extern int sk_attach_filter(struct sock_fprog fprog, struct sock sk);
148	148	extern int sk_chk_filter(struct sock_filter *filter, int flen);
149	149	#endif /* __KERNEL__ */
...	...	@@ -45,7 +45,7 @@
45	45	#ifdef __KERNEL__
46	46	#include <linux/types.h>
47	47
48		-extern __u32 in_aton(const char *str);
	48	+extern __be32 in_aton(const char *str);
49	49	#endif
50	50	#endif /* _LINUX_INET_H */
...	...	@@ -90,14 +90,14 @@
90	90	#error "Please fix <asm/byteorder.h>"
91	91	#endif
92	92	__u8 tos;
93		- __u16 tot_len;
94		- __u16 id;
95		- __u16 frag_off;
	93	+ __be16 tot_len;
	94	+ __be16 id;
	95	+ __be16 frag_off;
96	96	__u8 ttl;
97	97	__u8 protocol;
98	98	__u16 check;
99		- __u32 saddr;
100		- __u32 daddr;
	99	+ __be32 saddr;
	100	+ __be32 daddr;
101	101	/The options start here. /
102	102	};
103	103
...	...	@@ -856,8 +856,8 @@
856	856
857	857	filter = sk->sk_filter;
858	858	if (filter) {
859		- int pkt_len = sk_run_filter(skb, filter->insns,
860		- filter->len);
	859	+ unsigned int pkt_len = sk_run_filter(skb, filter->insns,
	860	+ filter->len);
861	861	if (!pkt_len)
862	862	err = -EPERM;
863	863	else
...	...	@@ -295,7 +295,7 @@
295	295	unsigned char *rawp;
296	296	eth = eth_hdr(skb);
297	297
298		- if (*eth->h_dest & 1) {
	298	+ if (is_multicast_ether_addr(eth->h_dest)) {
299	299	if (memcmp(eth->h_dest, dev->broadcast, ETH_ALEN) == 0)
300	300	skb->pkt_type = PACKET_BROADCAST;
301	301	else
...	...	@@ -68,7 +68,7 @@
68	68	}
69	69	}
70	70
71		- if (dest[0] & 1) {
	71	+ if (is_multicast_ether_addr(dest)) {
72	72	br_flood_forward(br, skb, !passedup);
73	73	if (!passedup)
74	74	br_pass_frame_up(br, skb);
...	...	@@ -394,8 +394,9 @@
394	394	* target in particular. Save the original destination IP
395	395	* address to be able to detect DNAT afterwards. */
396	396	static unsigned int br_nf_pre_routing(unsigned int hook, struct sk_buff **pskb,
397		- const struct net_device in, const struct net_device out,
398		- int (okfn)(struct sk_buff ))
	397	+ const struct net_device *in,
	398	+ const struct net_device *out,
	399	+ int (okfn)(struct sk_buff ))
399	400	{
400	401	struct iphdr *iph;
401	402	__u32 len;
402	403
...	...	@@ -412,8 +413,10 @@
412	413	goto out;
413	414
414	415	if (skb->protocol == __constant_htons(ETH_P_8021Q)) {
	416	+ u8 *vhdr = skb->data;
415	417	skb_pull(skb, VLAN_HLEN);
416		- (skb)->nh.raw += VLAN_HLEN;
	418	+ skb_postpull_rcsum(skb, vhdr, VLAN_HLEN);
	419	+ skb->nh.raw += VLAN_HLEN;
417	420	}
418	421	return br_nf_pre_routing_ipv6(hook, skb, in, out, okfn);
419	422	}
420	423
...	...	@@ -429,8 +432,10 @@
429	432	goto out;
430	433
431	434	if (skb->protocol == __constant_htons(ETH_P_8021Q)) {
	435	+ u8 *vhdr = skb->data;
432	436	skb_pull(skb, VLAN_HLEN);
433		- (skb)->nh.raw += VLAN_HLEN;
	437	+ skb_postpull_rcsum(skb, vhdr, VLAN_HLEN);
	438	+ skb->nh.raw += VLAN_HLEN;
434	439	}
435	440
436	441	if (!pskb_may_pull(skb, sizeof(struct iphdr)))
...	...	@@ -75,7 +75,7 @@
75	75	* len is the number of filter blocks in the array.
76	76	*/
77	77
78		-int sk_run_filter(struct sk_buff skb, struct sock_filter filter, int flen)
	78	+unsigned int sk_run_filter(struct sk_buff skb, struct sock_filter filter, int flen)
79	79	{
80	80	struct sock_filter fentry; / We walk down these */
81	81	void *ptr;
82	82
...	...	@@ -241,9 +241,9 @@
241	241	A = X;
242	242	continue;
243	243	case BPF_RET\|BPF_K:
244		- return ((unsigned int)fentry->k);
	244	+ return fentry->k;
245	245	case BPF_RET\|BPF_A:
246		- return ((unsigned int)A);
	246	+ return A;
247	247	case BPF_ST:
248	248	mem[fentry->k] = A;
249	249	continue;
...	...	@@ -473,7 +473,6 @@
473	473
474	474	static int pktgen_remove_device(struct pktgen_thread* t, struct pktgen_dev *i);
475	475	static int pktgen_add_device(struct pktgen_thread* t, const char* ifname);
476		-static struct pktgen_thread* pktgen_find_thread(const char* name);
477	476	static struct pktgen_dev pktgen_find_dev(struct pktgen_thread t, const char* ifname);
478	477	static int pktgen_device_event(struct notifier_block , unsigned long, void );
479	478	static void pktgen_run_all_threads(void);
...	...	@@ -2883,7 +2882,7 @@
2883	2882	return add_dev_to_thread(t, pkt_dev);
2884	2883	}
2885	2884
2886		-static struct pktgen_thread pktgen_find_thread(const char name)
	2885	+static struct pktgen_thread * __init pktgen_find_thread(const char* name)
2887	2886	{
2888	2887	struct pktgen_thread *t = NULL;
2889	2888
...	...	@@ -2900,7 +2899,7 @@
2900	2899	return t;
2901	2900	}
2902	2901
2903		-static int pktgen_create_thread(const char* name, int cpu)
	2902	+static int __init pktgen_create_thread(const char* name, int cpu)
2904	2903	{
2905	2904	struct pktgen_thread *t = NULL;
2906	2905	struct proc_dir_entry *pe;
...	...	@@ -162,7 +162,7 @@
162	162	* is otherwise not dependent on the TCP/IP stack.
163	163	*/
164	164
165		-__u32 in_aton(const char *str)
	165	+__be32 in_aton(const char *str)
166	166	{
167	167	unsigned long l;
168	168	unsigned int val;