diff options
Diffstat (limited to 'net')
379 files changed, 23539 insertions, 7874 deletions
diff --git a/net/802/psnap.c b/net/802/psnap.c index 34e4296..270b9d2 100644 --- a/net/802/psnap.c +++ b/net/802/psnap.c @@ -59,10 +59,8 @@ static int snap_rcv(struct sk_buff *skb, struct net_device *dev, proto = find_snap_client(skb->h.raw); if (proto) { /* Pass the frame on. */ - u8 *hdr = skb->data; skb->h.raw += 5; - skb_pull(skb, 5); - skb_postpull_rcsum(skb, hdr, 5); + skb_pull_rcsum(skb, 5); rc = proto->rcvfunc(skb, dev, &snap_packet_type, orig_dev); } else { skb->sk = NULL; diff --git a/net/8021q/vlan.c b/net/8021q/vlan.c index fa76220..3948949 100644 --- a/net/8021q/vlan.c +++ b/net/8021q/vlan.c @@ -69,7 +69,7 @@ static struct packet_type vlan_packet_type = { /* Bits of netdev state that are propagated from real device to virtual */ #define VLAN_LINK_STATE_MASK \ - ((1<<__LINK_STATE_PRESENT)|(1<<__LINK_STATE_NOCARRIER)) + ((1<<__LINK_STATE_PRESENT)|(1<<__LINK_STATE_NOCARRIER)|(1<<__LINK_STATE_DORMANT)) /* End of global variables definitions. */ @@ -344,6 +344,26 @@ static void vlan_setup(struct net_device *new_dev) new_dev->do_ioctl = vlan_dev_ioctl; } +static void vlan_transfer_operstate(const struct net_device *dev, struct net_device *vlandev) +{ + /* Have to respect userspace enforced dormant state + * of real device, also must allow supplicant running + * on VLAN device + */ + if (dev->operstate == IF_OPER_DORMANT) + netif_dormant_on(vlandev); + else + netif_dormant_off(vlandev); + + if (netif_carrier_ok(dev)) { + if (!netif_carrier_ok(vlandev)) + netif_carrier_on(vlandev); + } else { + if (netif_carrier_ok(vlandev)) + netif_carrier_off(vlandev); + } +} + /* Attach a VLAN device to a mac address (ie Ethernet Card). * Returns the device that was created, or NULL if there was * an error of some kind. @@ -450,7 +470,7 @@ static struct net_device *register_vlan_device(const char *eth_IF_name, new_dev->flags = real_dev->flags; new_dev->flags &= ~IFF_UP; - new_dev->state = real_dev->state & VLAN_LINK_STATE_MASK; + new_dev->state = real_dev->state & ~(1<<__LINK_STATE_START); /* need 4 bytes for extra VLAN header info, * hope the underlying device can handle it. @@ -498,6 +518,10 @@ static struct net_device *register_vlan_device(const char *eth_IF_name, if (register_netdevice(new_dev)) goto out_free_newdev; + new_dev->iflink = real_dev->ifindex; + vlan_transfer_operstate(real_dev, new_dev); + linkwatch_fire_event(new_dev); /* _MUST_ call rfc2863_policy() */ + /* So, got the sucker initialized, now lets place * it into our local structure. */ @@ -573,25 +597,12 @@ static int vlan_device_event(struct notifier_block *unused, unsigned long event, switch (event) { case NETDEV_CHANGE: /* Propagate real device state to vlan devices */ - flgs = dev->state & VLAN_LINK_STATE_MASK; for (i = 0; i < VLAN_GROUP_ARRAY_LEN; i++) { vlandev = grp->vlan_devices[i]; if (!vlandev) continue; - if (netif_carrier_ok(dev)) { - if (!netif_carrier_ok(vlandev)) - netif_carrier_on(vlandev); - } else { - if (netif_carrier_ok(vlandev)) - netif_carrier_off(vlandev); - } - - if ((vlandev->state & VLAN_LINK_STATE_MASK) != flgs) { - vlandev->state = (vlandev->state &~ VLAN_LINK_STATE_MASK) - | flgs; - netdev_state_change(vlandev); - } + vlan_transfer_operstate(dev, vlandev); } break; diff --git a/net/8021q/vlan_dev.c b/net/8021q/vlan_dev.c index 0f604d22..da9cfe9 100644 --- a/net/8021q/vlan_dev.c +++ b/net/8021q/vlan_dev.c @@ -163,10 +163,8 @@ int vlan_skb_recv(struct sk_buff *skb, struct net_device *dev, stats->rx_packets++; stats->rx_bytes += skb->len; - skb_pull(skb, VLAN_HLEN); /* take off the VLAN header (4 bytes currently) */ - - /* Need to correct hardware checksum */ - skb_postpull_rcsum(skb, vhdr, VLAN_HLEN); + /* Take off the VLAN header (4 bytes currently) */ + skb_pull_rcsum(skb, VLAN_HLEN); /* Ok, lets check to make sure the device (dev) we * came in on is what this VLAN is attached to. diff --git a/net/Kconfig b/net/Kconfig index 5126f58..4193cdc 100644 --- a/net/Kconfig +++ b/net/Kconfig @@ -224,6 +224,9 @@ source "net/irda/Kconfig" source "net/bluetooth/Kconfig" source "net/ieee80211/Kconfig" +config WIRELESS_EXT + bool + endif # if NET endmenu # Networking diff --git a/net/appletalk/ddp.c b/net/appletalk/ddp.c index 697ac55e..7b1eb9a 100644 --- a/net/appletalk/ddp.c +++ b/net/appletalk/ddp.c @@ -1819,6 +1819,22 @@ static int atalk_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) return rc; } + +#ifdef CONFIG_COMPAT +static int atalk_compat_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) +{ + /* + * All Appletalk ioctls except SIOCATALKDIFADDR are standard. And + * SIOCATALKDIFADDR is handled by upper layer as well, so there is + * nothing to do. Eventually SIOCATALKDIFADDR should be moved + * here so there is no generic SIOCPROTOPRIVATE translation in the + * system. + */ + return -ENOIOCTLCMD; +} +#endif + + static struct net_proto_family atalk_family_ops = { .family = PF_APPLETALK, .create = atalk_create, @@ -1836,6 +1852,9 @@ static const struct proto_ops SOCKOPS_WRAPPED(atalk_dgram_ops) = { .getname = atalk_getname, .poll = datagram_poll, .ioctl = atalk_ioctl, +#ifdef CONFIG_COMPAT + .compat_ioctl = atalk_compat_ioctl, +#endif .listen = sock_no_listen, .shutdown = sock_no_shutdown, .setsockopt = sock_no_setsockopt, diff --git a/net/atm/clip.c b/net/atm/clip.c index 73370de..3ab4e79 100644 --- a/net/atm/clip.c +++ b/net/atm/clip.c @@ -289,7 +289,6 @@ static void clip_neigh_error(struct neighbour *neigh,struct sk_buff *skb) static struct neigh_ops clip_neigh_ops = { .family = AF_INET, - .destructor = clip_neigh_destroy, .solicit = clip_neigh_solicit, .error_report = clip_neigh_error, .output = dev_queue_xmit, @@ -347,6 +346,7 @@ static struct neigh_table clip_tbl = { /* parameters are copied from ARP ... */ .parms = { .tbl = &clip_tbl, + .neigh_destructor = clip_neigh_destroy, .base_reachable_time = 30 * HZ, .retrans_time = 1 * HZ, .gc_staletime = 60 * HZ, diff --git a/net/atm/common.c b/net/atm/common.c index 6656b11..ae00222 100644 --- a/net/atm/common.c +++ b/net/atm/common.c @@ -451,12 +451,12 @@ int vcc_connect(struct socket *sock, int itf, short vpi, int vci) dev = try_then_request_module(atm_dev_lookup(itf), "atm-device-%d", itf); } else { dev = NULL; - down(&atm_dev_mutex); + mutex_lock(&atm_dev_mutex); if (!list_empty(&atm_devs)) { dev = list_entry(atm_devs.next, struct atm_dev, dev_list); atm_dev_hold(dev); } - up(&atm_dev_mutex); + mutex_unlock(&atm_dev_mutex); } if (!dev) return -ENODEV; diff --git a/net/atm/ioctl.c b/net/atm/ioctl.c index eb109af..851cfa6 100644 --- a/net/atm/ioctl.c +++ b/net/atm/ioctl.c @@ -18,6 +18,7 @@ #include <linux/atmmpc.h> #include <net/atmclip.h> #include <linux/atmlec.h> +#include <linux/mutex.h> #include <asm/ioctls.h> #include "resources.h" @@ -25,22 +26,22 @@ #include "common.h" -static DECLARE_MUTEX(ioctl_mutex); +static DEFINE_MUTEX(ioctl_mutex); static LIST_HEAD(ioctl_list); void register_atm_ioctl(struct atm_ioctl *ioctl) { - down(&ioctl_mutex); + mutex_lock(&ioctl_mutex); list_add_tail(&ioctl->list, &ioctl_list); - up(&ioctl_mutex); + mutex_unlock(&ioctl_mutex); } void deregister_atm_ioctl(struct atm_ioctl *ioctl) { - down(&ioctl_mutex); + mutex_lock(&ioctl_mutex); list_del(&ioctl->list); - up(&ioctl_mutex); + mutex_unlock(&ioctl_mutex); } EXPORT_SYMBOL(register_atm_ioctl); @@ -137,7 +138,7 @@ int vcc_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) error = -ENOIOCTLCMD; - down(&ioctl_mutex); + mutex_lock(&ioctl_mutex); list_for_each(pos, &ioctl_list) { struct atm_ioctl * ic = list_entry(pos, struct atm_ioctl, list); if (try_module_get(ic->owner)) { @@ -147,7 +148,7 @@ int vcc_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) break; } } - up(&ioctl_mutex); + mutex_unlock(&ioctl_mutex); if (error != -ENOIOCTLCMD) goto done; diff --git a/net/atm/resources.c b/net/atm/resources.c index 2241905..18ac806 100644 --- a/net/atm/resources.c +++ b/net/atm/resources.c @@ -18,6 +18,8 @@ #include <linux/bitops.h> #include <linux/capability.h> #include <linux/delay.h> +#include <linux/mutex.h> + #include <net/sock.h> /* for struct sock */ #include "common.h" @@ -26,7 +28,7 @@ LIST_HEAD(atm_devs); -DECLARE_MUTEX(atm_dev_mutex); +DEFINE_MUTEX(atm_dev_mutex); static struct atm_dev *__alloc_atm_dev(const char *type) { @@ -65,9 +67,9 @@ struct atm_dev *atm_dev_lookup(int number) { struct atm_dev *dev; - down(&atm_dev_mutex); + mutex_lock(&atm_dev_mutex); dev = __atm_dev_lookup(number); - up(&atm_dev_mutex); + mutex_unlock(&atm_dev_mutex); return dev; } @@ -83,11 +85,11 @@ struct atm_dev *atm_dev_register(const char *type, const struct atmdev_ops *ops, type); return NULL; } - down(&atm_dev_mutex); + mutex_lock(&atm_dev_mutex); if (number != -1) { if ((inuse = __atm_dev_lookup(number))) { atm_dev_put(inuse); - up(&atm_dev_mutex); + mutex_unlock(&atm_dev_mutex); kfree(dev); return NULL; } @@ -112,12 +114,12 @@ struct atm_dev *atm_dev_register(const char *type, const struct atmdev_ops *ops, printk(KERN_ERR "atm_dev_register: " "atm_proc_dev_register failed for dev %s\n", type); - up(&atm_dev_mutex); + mutex_unlock(&atm_dev_mutex); kfree(dev); return NULL; } list_add_tail(&dev->dev_list, &atm_devs); - up(&atm_dev_mutex); + mutex_unlock(&atm_dev_mutex); return dev; } @@ -133,9 +135,9 @@ void atm_dev_deregister(struct atm_dev *dev) * with same number can appear, such we need deregister proc, * release async all vccs and remove them from vccs list too */ - down(&atm_dev_mutex); + mutex_lock(&atm_dev_mutex); list_del(&dev->dev_list); - up(&atm_dev_mutex); + mutex_unlock(&atm_dev_mutex); atm_dev_release_vccs(dev); atm_proc_dev_deregister(dev); @@ -196,16 +198,16 @@ int atm_dev_ioctl(unsigned int cmd, void __user *arg) return -EFAULT; if (get_user(len, &iobuf->length)) return -EFAULT; - down(&atm_dev_mutex); + mutex_lock(&atm_dev_mutex); list_for_each(p, &atm_devs) size += sizeof(int); if (size > len) { - up(&atm_dev_mutex); + mutex_unlock(&atm_dev_mutex); return -E2BIG; } tmp_buf = kmalloc(size, GFP_ATOMIC); if (!tmp_buf) { - up(&atm_dev_mutex); + mutex_unlock(&atm_dev_mutex); return -ENOMEM; } tmp_p = tmp_buf; @@ -213,7 +215,7 @@ int atm_dev_ioctl(unsigned int cmd, void __user *arg) dev = list_entry(p, struct atm_dev, dev_list); *tmp_p++ = dev->number; } - up(&atm_dev_mutex); + mutex_unlock(&atm_dev_mutex); error = ((copy_to_user(buf, tmp_buf, size)) || put_user(size, &iobuf->length)) ? -EFAULT : 0; @@ -400,13 +402,13 @@ static __inline__ void *dev_get_idx(loff_t left) void *atm_dev_seq_start(struct seq_file *seq, loff_t *pos) { - down(&atm_dev_mutex); + mutex_lock(&atm_dev_mutex); return *pos ? dev_get_idx(*pos) : (void *) 1; } void atm_dev_seq_stop(struct seq_file *seq, void *v) { - up(&atm_dev_mutex); + mutex_unlock(&atm_dev_mutex); } void *atm_dev_seq_next(struct seq_file *seq, void *v, loff_t *pos) diff --git a/net/atm/resources.h b/net/atm/resources.h index b7fb82a..ac7222f 100644 --- a/net/atm/resources.h +++ b/net/atm/resources.h @@ -8,10 +8,11 @@ #include <linux/config.h> #include <linux/atmdev.h> +#include <linux/mutex.h> extern struct list_head atm_devs; -extern struct semaphore atm_dev_mutex; +extern struct mutex atm_dev_mutex; int atm_dev_ioctl(unsigned int cmd, void __user *arg); diff --git a/net/bluetooth/af_bluetooth.c b/net/bluetooth/af_bluetooth.c index fb031fe..469eda0 100644 --- a/net/bluetooth/af_bluetooth.c +++ b/net/bluetooth/af_bluetooth.c @@ -238,6 +238,9 @@ unsigned int bt_sock_poll(struct file * file, struct socket *sock, poll_table *w if (sk->sk_err || !skb_queue_empty(&sk->sk_error_queue)) mask |= POLLERR; + if (sk->sk_shutdown & RCV_SHUTDOWN) + mask |= POLLRDHUP; + if (sk->sk_shutdown == SHUTDOWN_MASK) mask |= POLLHUP; diff --git a/net/bluetooth/bnep/core.c b/net/bluetooth/bnep/core.c index cbb20c3..d908d49 100644 --- a/net/bluetooth/bnep/core.c +++ b/net/bluetooth/bnep/core.c @@ -532,8 +532,8 @@ int bnep_add_connection(struct bnep_connadd_req *req, struct socket *sock) dev = alloc_netdev(sizeof(struct bnep_session), (*req->device) ? req->device : "bnep%d", bnep_net_setup); - if (!dev) - return ENOMEM; + if (!dev) + return -ENOMEM; down_write(&bnep_session_sem); diff --git a/net/bluetooth/hci_core.c b/net/bluetooth/hci_core.c index 9106354..a49a697 100644 --- a/net/bluetooth/hci_core.c +++ b/net/bluetooth/hci_core.c @@ -73,23 +73,23 @@ DEFINE_RWLOCK(hci_cb_list_lock); struct hci_proto *hci_proto[HCI_MAX_PROTO]; /* HCI notifiers list */ -static struct notifier_block *hci_notifier; +static ATOMIC_NOTIFIER_HEAD(hci_notifier); /* ---- HCI notifications ---- */ int hci_register_notifier(struct notifier_block *nb) { - return notifier_chain_register(&hci_notifier, nb); + return atomic_notifier_chain_register(&hci_notifier, nb); } int hci_unregister_notifier(struct notifier_block *nb) { - return notifier_chain_unregister(&hci_notifier, nb); + return atomic_notifier_chain_unregister(&hci_notifier, nb); } static void hci_notify(struct hci_dev *hdev, int event) { - notifier_call_chain(&hci_notifier, event, hdev); + atomic_notifier_call_chain(&hci_notifier, event, hdev); } /* ---- HCI requests ---- */ diff --git a/net/bluetooth/rfcomm/core.c b/net/bluetooth/rfcomm/core.c index 5b4253c..e99010c 100644 --- a/net/bluetooth/rfcomm/core.c +++ b/net/bluetooth/rfcomm/core.c @@ -37,6 +37,8 @@ #include <linux/wait.h> #include <linux/device.h> #include <linux/net.h> +#include <linux/mutex.h> + #include <net/sock.h> #include <asm/uaccess.h> #include <asm/unaligned.h> @@ -57,9 +59,9 @@ static unsigned int l2cap_mtu = RFCOMM_MAX_L2CAP_MTU; static struct task_struct *rfcomm_thread; -static DECLARE_MUTEX(rfcomm_sem); -#define rfcomm_lock() down(&rfcomm_sem); -#define rfcomm_unlock() up(&rfcomm_sem); +static DEFINE_MUTEX(rfcomm_mutex); +#define rfcomm_lock() mutex_lock(&rfcomm_mutex) +#define rfcomm_unlock() mutex_unlock(&rfcomm_mutex) static unsigned long rfcomm_event; diff --git a/net/bridge/Kconfig b/net/bridge/Kconfig index db23d59..12265af 100644 --- a/net/bridge/Kconfig +++ b/net/bridge/Kconfig @@ -4,6 +4,7 @@ config BRIDGE tristate "802.1d Ethernet Bridging" + select LLC ---help--- If you say Y here, then your Linux box will be able to act as an Ethernet bridge, which means that the different Ethernet segments it diff --git a/net/bridge/br.c b/net/bridge/br.c index 188cc1a..22d806c 100644 --- a/net/bridge/br.c +++ b/net/bridge/br.c @@ -19,13 +19,23 @@ #include <linux/netdevice.h> #include <linux/etherdevice.h> #include <linux/init.h> +#include <linux/llc.h> +#include <net/llc.h> #include "br_private.h" int (*br_should_route_hook) (struct sk_buff **pskb) = NULL; +static struct llc_sap *br_stp_sap; + static int __init br_init(void) { + br_stp_sap = llc_sap_open(LLC_SAP_BSPAN, br_stp_rcv); + if (!br_stp_sap) { + printk(KERN_ERR "bridge: can't register sap for STP\n"); + return -EBUSY; + } + br_fdb_init(); #ifdef CONFIG_BRIDGE_NETFILTER @@ -45,6 +55,8 @@ static int __init br_init(void) static void __exit br_deinit(void) { + llc_sap_close(br_stp_sap); + #ifdef CONFIG_BRIDGE_NETFILTER br_netfilter_fini(); #endif diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c index 0b33a7b..0c88a2a 100644 --- a/net/bridge/br_device.c +++ b/net/bridge/br_device.c @@ -27,6 +27,7 @@ static struct net_device_stats *br_dev_get_stats(struct net_device *dev) return &br->statistics; } +/* net device transmit always called with no BH (preempt_disabled) */ int br_dev_xmit(struct sk_buff *skb, struct net_device *dev) { struct net_bridge *br = netdev_priv(dev); @@ -39,7 +40,6 @@ int br_dev_xmit(struct sk_buff *skb, struct net_device *dev) skb->mac.raw = skb->data; skb_pull(skb, ETH_HLEN); - rcu_read_lock(); if (dest[0] & 1) br_flood_deliver(br, skb, 0); else if ((dst = __br_fdb_get(br, dest)) != NULL) @@ -47,7 +47,6 @@ int br_dev_xmit(struct sk_buff *skb, struct net_device *dev) else br_flood_deliver(br, skb, 0); - rcu_read_unlock(); return 0; } diff --git a/net/bridge/br_fdb.c b/net/bridge/br_fdb.c index 1f08a59..3a73b8c 100644 --- a/net/bridge/br_fdb.c +++ b/net/bridge/br_fdb.c @@ -341,7 +341,6 @@ void br_fdb_update(struct net_bridge *br, struct net_bridge_port *source, if (hold_time(br) == 0) return; - rcu_read_lock(); fdb = fdb_find(head, addr); if (likely(fdb)) { /* attempt to update an entry for a local interface */ @@ -356,13 +355,12 @@ void br_fdb_update(struct net_bridge *br, struct net_bridge_port *source, fdb->ageing_timer = jiffies; } } else { - spin_lock_bh(&br->hash_lock); + spin_lock(&br->hash_lock); if (!fdb_find(head, addr)) fdb_create(head, source, addr, 0); /* else we lose race and someone else inserts * it first, don't bother updating */ - spin_unlock_bh(&br->hash_lock); + spin_unlock(&br->hash_lock); } - rcu_read_unlock(); } diff --git a/net/bridge/br_if.c b/net/bridge/br_if.c index f36b35e..59eef42 100644 --- a/net/bridge/br_if.c +++ b/net/bridge/br_if.c @@ -210,7 +210,8 @@ static struct net_device *new_bridge_dev(const char *name) br->bridge_id.prio[0] = 0x80; br->bridge_id.prio[1] = 0x00; - memset(br->bridge_id.addr, 0, ETH_ALEN); + + memcpy(br->group_addr, br_group_address, ETH_ALEN); br->feature_mask = dev->features; br->stp_enabled = 0; @@ -237,12 +238,11 @@ static int find_portno(struct net_bridge *br) struct net_bridge_port *p; unsigned long *inuse; - inuse = kmalloc(BITS_TO_LONGS(BR_MAX_PORTS)*sizeof(unsigned long), + inuse = kcalloc(BITS_TO_LONGS(BR_MAX_PORTS), sizeof(unsigned long), GFP_KERNEL); if (!inuse) return -ENOMEM; - memset(inuse, 0, BITS_TO_LONGS(BR_MAX_PORTS)*sizeof(unsigned long)); set_bit(0, inuse); /* zero is reserved */ list_for_each_entry(p, &br->port_list, list) { set_bit(p->port_no, inuse); @@ -264,11 +264,10 @@ static struct net_bridge_port *new_nbp(struct net_bridge *br, if (index < 0) return ERR_PTR(index); - p = kmalloc(sizeof(*p), GFP_KERNEL); + p = kzalloc(sizeof(*p), GFP_KERNEL); if (p == NULL) return ERR_PTR(-ENOMEM); - memset(p, 0, sizeof(*p)); p->br = br; dev_hold(dev); p->dev = dev; diff --git a/net/bridge/br_input.c b/net/bridge/br_input.c index 4eef837..b776656 100644 --- a/net/bridge/br_input.c +++ b/net/bridge/br_input.c @@ -19,13 +19,8 @@ #include <linux/netfilter_bridge.h> #include "br_private.h" -const unsigned char bridge_ula[6] = { 0x01, 0x80, 0xc2, 0x00, 0x00, 0x00 }; - -static int br_pass_frame_up_finish(struct sk_buff *skb) -{ - netif_receive_skb(skb); - return 0; -} +/* Bridge group multicast address 802.1d (pg 51). */ +const u8 br_group_address[ETH_ALEN] = { 0x01, 0x80, 0xc2, 0x00, 0x00, 0x00 }; static void br_pass_frame_up(struct net_bridge *br, struct sk_buff *skb) { @@ -38,7 +33,7 @@ static void br_pass_frame_up(struct net_bridge *br, struct sk_buff *skb) skb->dev = br->dev; NF_HOOK(PF_BRIDGE, NF_BR_LOCAL_IN, skb, indev, NULL, - br_pass_frame_up_finish); + netif_receive_skb); } /* note: already called with rcu_read_lock (preempt_disabled) */ @@ -100,6 +95,25 @@ drop: goto out; } +/* note: already called with rcu_read_lock (preempt_disabled) */ +static int br_handle_local_finish(struct sk_buff *skb) +{ + struct net_bridge_port *p = rcu_dereference(skb->dev->br_port); + + if (p && p->state != BR_STATE_DISABLED) + br_fdb_update(p->br, p, eth_hdr(skb)->h_source); + + return 0; /* process further */ +} + +/* Does address match the link local multicast address. + * 01:80:c2:00:00:0X + */ +static inline int is_link_local(const unsigned char *dest) +{ + return memcmp(dest, br_group_address, 5) == 0 && (dest[5] & 0xf0) == 0; +} + /* * Called via br_handle_frame_hook. * Return 0 if *pskb should be processed furthur @@ -117,15 +131,10 @@ int br_handle_frame(struct net_bridge_port *p, struct sk_buff **pskb) if (!is_valid_ether_addr(eth_hdr(skb)->h_source)) goto err; - if (p->br->stp_enabled && - !memcmp(dest, bridge_ula, 5) && - !(dest[5] & 0xF0)) { - if (!dest[5]) { - NF_HOOK(PF_BRIDGE, NF_BR_LOCAL_IN, skb, skb->dev, - NULL, br_stp_handle_bpdu); - return 1; - } - goto err; + if (unlikely(is_link_local(dest))) { + skb->pkt_type = PACKET_HOST; + return NF_HOOK(PF_BRIDGE, NF_BR_LOCAL_IN, skb, skb->dev, + NULL, br_handle_local_finish) != 0; } if (p->state == BR_STATE_FORWARDING || p->state == BR_STATE_LEARNING) { diff --git a/net/bridge/br_netfilter.c b/net/bridge/br_netfilter.c index e060aad..f29450b 100644 --- a/net/bridge/br_netfilter.c +++ b/net/bridge/br_netfilter.c @@ -61,15 +61,25 @@ static int brnf_filter_vlan_tagged = 1; #define brnf_filter_vlan_tagged 1 #endif -#define IS_VLAN_IP (skb->protocol == __constant_htons(ETH_P_8021Q) && \ - hdr->h_vlan_encapsulated_proto == __constant_htons(ETH_P_IP) && \ - brnf_filter_vlan_tagged) -#define IS_VLAN_IPV6 (skb->protocol == __constant_htons(ETH_P_8021Q) && \ - hdr->h_vlan_encapsulated_proto == __constant_htons(ETH_P_IPV6) && \ - brnf_filter_vlan_tagged) -#define IS_VLAN_ARP (skb->protocol == __constant_htons(ETH_P_8021Q) && \ - hdr->h_vlan_encapsulated_proto == __constant_htons(ETH_P_ARP) && \ - brnf_filter_vlan_tagged) +static __be16 inline vlan_proto(const struct sk_buff *skb) +{ + return vlan_eth_hdr(skb)->h_vlan_encapsulated_proto; +} + +#define IS_VLAN_IP(skb) \ + (skb->protocol == htons(ETH_P_8021Q) && \ + vlan_proto(skb) == htons(ETH_P_IP) && \ + brnf_filter_vlan_tagged) + +#define IS_VLAN_IPV6(skb) \ + (skb->protocol == htons(ETH_P_8021Q) && \ + vlan_proto(skb) == htons(ETH_P_IPV6) &&\ + brnf_filter_vlan_tagged) + +#define IS_VLAN_ARP(skb) \ + (skb->protocol == htons(ETH_P_8021Q) && \ + vlan_proto(skb) == htons(ETH_P_ARP) && \ + brnf_filter_vlan_tagged) /* We need these fake structures to make netfilter happy -- * lots of places assume that skb->dst != NULL, which isn't @@ -103,6 +113,25 @@ static inline struct net_device *bridge_parent(const struct net_device *dev) return port ? port->br->dev : NULL; } +static inline struct nf_bridge_info *nf_bridge_alloc(struct sk_buff *skb) +{ + skb->nf_bridge = kzalloc(sizeof(struct nf_bridge_info), GFP_ATOMIC); + if (likely(skb->nf_bridge)) + atomic_set(&(skb->nf_bridge->use), 1); + + return skb->nf_bridge; +} + +static inline void nf_bridge_save_header(struct sk_buff *skb) +{ + int header_size = 16; + + if (skb->protocol == htons(ETH_P_8021Q)) + header_size = 18; + + memcpy(skb->nf_bridge->data, skb->data - header_size, header_size); +} + /* PF_BRIDGE/PRE_ROUTING *********************************************/ /* Undo the changes made for ip6tables PREROUTING and continue the * bridge PRE_ROUTING hook. */ @@ -120,7 +149,7 @@ static int br_nf_pre_routing_finish_ipv6(struct sk_buff *skb) dst_hold(skb->dst); skb->dev = nf_bridge->physindev; - if (skb->protocol == __constant_htons(ETH_P_8021Q)) { + if (skb->protocol == htons(ETH_P_8021Q)) { skb_push(skb, VLAN_HLEN); skb->nh.raw -= VLAN_HLEN; } @@ -136,7 +165,7 @@ static void __br_dnat_complain(void) if (jiffies - last_complaint >= 5 * HZ) { printk(KERN_WARNING "Performing cross-bridge DNAT requires IP " - "forwarding to be enabled\n"); + "forwarding to be enabled\n"); last_complaint = jiffies; } } @@ -196,7 +225,7 @@ static int br_nf_pre_routing_finish_bridge(struct sk_buff *skb) if (!skb->dev) kfree_skb(skb); else { - if (skb->protocol == __constant_htons(ETH_P_8021Q)) { + if (skb->protocol == htons(ETH_P_8021Q)) { skb_pull(skb, VLAN_HLEN); skb->nh.raw += VLAN_HLEN; } @@ -218,12 +247,17 @@ static int br_nf_pre_routing_finish(struct sk_buff *skb) nf_bridge->mask ^= BRNF_NF_BRIDGE_PREROUTING; if (dnat_took_place(skb)) { - if (ip_route_input(skb, iph->daddr, iph->saddr, iph->tos, - dev)) { + if (ip_route_input(skb, iph->daddr, iph->saddr, iph->tos, dev)) { struct rtable *rt; - struct flowi fl = { .nl_u = - { .ip4_u = { .daddr = iph->daddr, .saddr = 0 , - .tos = RT_TOS(iph->tos)} }, .proto = 0}; + struct flowi fl = { + .nl_u = { + .ip4_u = { + .daddr = iph->daddr, + .saddr = 0, + .tos = RT_TOS(iph->tos) }, + }, + .proto = 0, + }; if (!ip_route_output_key(&rt, &fl)) { /* - Bridged-and-DNAT'ed traffic doesn't @@ -247,7 +281,7 @@ bridged_dnat: nf_bridge->mask |= BRNF_BRIDGED_DNAT; skb->dev = nf_bridge->physindev; if (skb->protocol == - __constant_htons(ETH_P_8021Q)) { + htons(ETH_P_8021Q)) { skb_push(skb, VLAN_HLEN); skb->nh.raw -= VLAN_HLEN; } @@ -257,8 +291,7 @@ bridged_dnat: 1); return 0; } - memcpy(eth_hdr(skb)->h_dest, dev->dev_addr, - ETH_ALEN); + memcpy(eth_hdr(skb)->h_dest, dev->dev_addr, ETH_ALEN); skb->pkt_type = PACKET_HOST; } } else { @@ -267,7 +300,7 @@ bridged_dnat: } skb->dev = nf_bridge->physindev; - if (skb->protocol == __constant_htons(ETH_P_8021Q)) { + if (skb->protocol == htons(ETH_P_8021Q)) { skb_push(skb, VLAN_HLEN); skb->nh.raw -= VLAN_HLEN; } @@ -297,10 +330,10 @@ static struct net_device *setup_pre_routing(struct sk_buff *skb) /* We only check the length. A bridge shouldn't do any hop-by-hop stuff anyway */ static int check_hbh_len(struct sk_buff *skb) { - unsigned char *raw = (u8*)(skb->nh.ipv6h+1); + unsigned char *raw = (u8 *) (skb->nh.ipv6h + 1); u32 pkt_len; int off = raw - skb->nh.raw; - int len = (raw[1]+1)<<3; + int len = (raw[1] + 1) << 3; if ((raw + len) - skb->data > skb_headlen(skb)) goto bad; @@ -309,7 +342,7 @@ static int check_hbh_len(struct sk_buff *skb) len -= 2; while (len > 0) { - int optlen = skb->nh.raw[off+1]+2; + int optlen = skb->nh.raw[off + 1] + 2; switch (skb->nh.raw[off]) { case IPV6_TLV_PAD0: @@ -320,16 +353,16 @@ static int check_hbh_len(struct sk_buff *skb) break; case IPV6_TLV_JUMBO: - if (skb->nh.raw[off+1] != 4 || (off&3) != 2) + if (skb->nh.raw[off + 1] != 4 || (off & 3) != 2) goto bad; - pkt_len = ntohl(*(u32*)(skb->nh.raw+off+2)); + pkt_len = ntohl(*(u32 *) (skb->nh.raw + off + 2)); if (pkt_len <= IPV6_MAXPLEN || skb->nh.ipv6h->payload_len) goto bad; if (pkt_len > skb->len - sizeof(struct ipv6hdr)) goto bad; if (pskb_trim_rcsum(skb, - pkt_len+sizeof(struct ipv6hdr))) + pkt_len + sizeof(struct ipv6hdr))) goto bad; break; default: @@ -350,12 +383,13 @@ bad: /* Replicate the checks that IPv6 does on packet reception and pass the packet * to ip6tables, which doesn't support NAT, so things are fairly simple. */ static unsigned int br_nf_pre_routing_ipv6(unsigned int hook, - struct sk_buff *skb, const struct net_device *in, - const struct net_device *out, int (*okfn)(struct sk_buff *)) + struct sk_buff *skb, + const struct net_device *in, + const struct net_device *out, + int (*okfn)(struct sk_buff *)) { struct ipv6hdr *hdr; u32 pkt_len; - struct nf_bridge_info *nf_bridge; if (skb->len < sizeof(struct ipv6hdr)) goto inhdr_error; @@ -381,10 +415,10 @@ static unsigned int br_nf_pre_routing_ipv6(unsigned int hook, } } if (hdr->nexthdr == NEXTHDR_HOP && check_hbh_len(skb)) - goto inhdr_error; + goto inhdr_error; - nf_bridge_put(skb->nf_bridge); - if ((nf_bridge = nf_bridge_alloc(skb)) == NULL) + nf_bridge_put(skb->nf_bridge); + if (!nf_bridge_alloc(skb)) return NF_DROP; if (!setup_pre_routing(skb)) return NF_DROP; @@ -412,10 +446,8 @@ static unsigned int br_nf_pre_routing(unsigned int hook, struct sk_buff **pskb, struct iphdr *iph; __u32 len; struct sk_buff *skb = *pskb; - struct nf_bridge_info *nf_bridge; - struct vlan_ethhdr *hdr = vlan_eth_hdr(*pskb); - if (skb->protocol == __constant_htons(ETH_P_IPV6) || IS_VLAN_IPV6) { + if (skb->protocol == htons(ETH_P_IPV6) || IS_VLAN_IPV6(skb)) { #ifdef CONFIG_SYSCTL if (!brnf_call_ip6tables) return NF_ACCEPT; @@ -423,10 +455,8 @@ static unsigned int br_nf_pre_routing(unsigned int hook, struct sk_buff **pskb, if ((skb = skb_share_check(*pskb, GFP_ATOMIC)) == NULL) goto out; - if (skb->protocol == __constant_htons(ETH_P_8021Q)) { - u8 *vhdr = skb->data; - skb_pull(skb, VLAN_HLEN); - skb_postpull_rcsum(skb, vhdr, VLAN_HLEN); + if (skb->protocol == htons(ETH_P_8021Q)) { + skb_pull_rcsum(skb, VLAN_HLEN); skb->nh.raw += VLAN_HLEN; } return br_nf_pre_routing_ipv6(hook, skb, in, out, okfn); @@ -436,16 +466,14 @@ static unsigned int br_nf_pre_routing(unsigned int hook, struct sk_buff **pskb, return NF_ACCEPT; #endif - if (skb->protocol != __constant_htons(ETH_P_IP) && !IS_VLAN_IP) + if (skb->protocol != htons(ETH_P_IP) && !IS_VLAN_IP(skb)) return NF_ACCEPT; if ((skb = skb_share_check(*pskb, GFP_ATOMIC)) == NULL) goto out; - if (skb->protocol == __constant_htons(ETH_P_8021Q)) { - u8 *vhdr = skb->data; - skb_pull(skb, VLAN_HLEN); - skb_postpull_rcsum(skb, vhdr, VLAN_HLEN); + if (skb->protocol == htons(ETH_P_8021Q)) { + skb_pull_rcsum(skb, VLAN_HLEN); skb->nh.raw += VLAN_HLEN; } @@ -456,15 +484,15 @@ static unsigned int br_nf_pre_routing(unsigned int hook, struct sk_buff **pskb, if (iph->ihl < 5 || iph->version != 4) goto inhdr_error; - if (!pskb_may_pull(skb, 4*iph->ihl)) + if (!pskb_may_pull(skb, 4 * iph->ihl)) goto inhdr_error; iph = skb->nh.iph; - if (ip_fast_csum((__u8 *)iph, iph->ihl) != 0) + if (ip_fast_csum((__u8 *) iph, iph->ihl) != 0) goto inhdr_error; len = ntohs(iph->tot_len); - if (skb->len < len || len < 4*iph->ihl) + if (skb->len < len || len < 4 * iph->ihl) goto inhdr_error; if (skb->len > len) { @@ -473,8 +501,8 @@ static unsigned int br_nf_pre_routing(unsigned int hook, struct sk_buff **pskb, skb->ip_summed = CHECKSUM_NONE; } - nf_bridge_put(skb->nf_bridge); - if ((nf_bridge = nf_bridge_alloc(skb)) == NULL) + nf_bridge_put(skb->nf_bridge); + if (!nf_bridge_alloc(skb)) return NF_DROP; if (!setup_pre_routing(skb)) return NF_DROP; @@ -486,7 +514,7 @@ static unsigned int br_nf_pre_routing(unsigned int hook, struct sk_buff **pskb, return NF_STOLEN; inhdr_error: -// IP_INC_STATS_BH(IpInHdrErrors); +// IP_INC_STATS_BH(IpInHdrErrors); out: return NF_DROP; } @@ -500,8 +528,9 @@ out: * register an IPv4 PRE_ROUTING 'sabotage' hook that will * prevent this from happening. */ static unsigned int br_nf_local_in(unsigned int hook, struct sk_buff **pskb, - const struct net_device *in, const struct net_device *out, - int (*okfn)(struct sk_buff *)) + const struct net_device *in, + const struct net_device *out, + int (*okfn)(struct sk_buff *)) { struct sk_buff *skb = *pskb; @@ -513,15 +542,13 @@ static unsigned int br_nf_local_in(unsigned int hook, struct sk_buff **pskb, return NF_ACCEPT; } - /* PF_BRIDGE/FORWARD *************************************************/ static int br_nf_forward_finish(struct sk_buff *skb) { struct nf_bridge_info *nf_bridge = skb->nf_bridge; struct net_device *in; - struct vlan_ethhdr *hdr = vlan_eth_hdr(skb); - if (skb->protocol != __constant_htons(ETH_P_ARP) && !IS_VLAN_ARP) { + if (skb->protocol != htons(ETH_P_ARP) && !IS_VLAN_ARP(skb)) { in = nf_bridge->physindev; if (nf_bridge->mask & BRNF_PKT_TYPE) { skb->pkt_type = PACKET_OTHERHOST; @@ -530,12 +557,12 @@ static int br_nf_forward_finish(struct sk_buff *skb) } else { in = *((struct net_device **)(skb->cb)); } - if (skb->protocol == __constant_htons(ETH_P_8021Q)) { + if (skb->protocol == htons(ETH_P_8021Q)) { skb_push(skb, VLAN_HLEN); skb->nh.raw -= VLAN_HLEN; } NF_HOOK_THRESH(PF_BRIDGE, NF_BR_FORWARD, skb, in, - skb->dev, br_forward_finish, 1); + skb->dev, br_forward_finish, 1); return 0; } @@ -545,12 +572,12 @@ static int br_nf_forward_finish(struct sk_buff *skb) * because of the physdev module. For ARP, indev and outdev are the * bridge ports. */ static unsigned int br_nf_forward_ip(unsigned int hook, struct sk_buff **pskb, - const struct net_device *in, const struct net_device *out, - int (*okfn)(struct sk_buff *)) + const struct net_device *in, + const struct net_device *out, + int (*okfn)(struct sk_buff *)) { struct sk_buff *skb = *pskb; struct nf_bridge_info *nf_bridge; - struct vlan_ethhdr *hdr = vlan_eth_hdr(skb); struct net_device *parent; int pf; @@ -561,12 +588,12 @@ static unsigned int br_nf_forward_ip(unsigned int hook, struct sk_buff **pskb, if (!parent) return NF_DROP; - if (skb->protocol == __constant_htons(ETH_P_IP) || IS_VLAN_IP) + if (skb->protocol == htons(ETH_P_IP) || IS_VLAN_IP(skb)) pf = PF_INET; else pf = PF_INET6; - if (skb->protocol == __constant_htons(ETH_P_8021Q)) { + if (skb->protocol == htons(ETH_P_8021Q)) { skb_pull(*pskb, VLAN_HLEN); (*pskb)->nh.raw += VLAN_HLEN; } @@ -588,11 +615,11 @@ static unsigned int br_nf_forward_ip(unsigned int hook, struct sk_buff **pskb, } static unsigned int br_nf_forward_arp(unsigned int hook, struct sk_buff **pskb, - const struct net_device *in, const struct net_device *out, - int (*okfn)(struct sk_buff *)) + const struct net_device *in, + const struct net_device *out, + int (*okfn)(struct sk_buff *)) { struct sk_buff *skb = *pskb; - struct vlan_ethhdr *hdr = vlan_eth_hdr(skb); struct net_device **d = (struct net_device **)(skb->cb); #ifdef CONFIG_SYSCTL @@ -600,15 +627,15 @@ static unsigned int br_nf_forward_arp(unsigned int hook, struct sk_buff **pskb, return NF_ACCEPT; #endif - if (skb->protocol != __constant_htons(ETH_P_ARP)) { - if (!IS_VLAN_ARP) + if (skb->protocol != htons(ETH_P_ARP)) { + if (!IS_VLAN_ARP(skb)) return NF_ACCEPT; skb_pull(*pskb, VLAN_HLEN); (*pskb)->nh.raw += VLAN_HLEN; } if (skb->nh.arph->ar_pln != 4) { - if (IS_VLAN_ARP) { + if (IS_VLAN_ARP(skb)) { skb_push(*pskb, VLAN_HLEN); (*pskb)->nh.raw -= VLAN_HLEN; } @@ -621,17 +648,16 @@ static unsigned int br_nf_forward_arp(unsigned int hook, struct sk_buff **pskb, return NF_STOLEN; } - /* PF_BRIDGE/LOCAL_OUT ***********************************************/ static int br_nf_local_out_finish(struct sk_buff *skb) { - if (skb->protocol == __constant_htons(ETH_P_8021Q)) { + if (skb->protocol == htons(ETH_P_8021Q)) { skb_push(skb, VLAN_HLEN); skb->nh.raw -= VLAN_HLEN; } NF_HOOK_THRESH(PF_BRIDGE, NF_BR_LOCAL_OUT, skb, NULL, skb->dev, - br_forward_finish, NF_BR_PRI_FIRST + 1); + br_forward_finish, NF_BR_PRI_FIRST + 1); return 0; } @@ -657,19 +683,19 @@ static int br_nf_local_out_finish(struct sk_buff *skb) * even routed packets that didn't arrive on a bridge interface have their * nf_bridge->physindev set. */ static unsigned int br_nf_local_out(unsigned int hook, struct sk_buff **pskb, - const struct net_device *in, const struct net_device *out, - int (*okfn)(struct sk_buff *)) + const struct net_device *in, + const struct net_device *out, + int (*okfn)(struct sk_buff *)) { struct net_device *realindev, *realoutdev; struct sk_buff *skb = *pskb; struct nf_bridge_info *nf_bridge; - struct vlan_ethhdr *hdr = vlan_eth_hdr(skb); int pf; if (!skb->nf_bridge) return NF_ACCEPT; - if (skb->protocol == __constant_htons(ETH_P_IP) || IS_VLAN_IP) + if (skb->protocol == htons(ETH_P_IP) || IS_VLAN_IP(skb)) pf = PF_INET; else pf = PF_INET6; @@ -695,7 +721,7 @@ static unsigned int br_nf_local_out(unsigned int hook, struct sk_buff **pskb, skb->pkt_type = PACKET_OTHERHOST; nf_bridge->mask ^= BRNF_PKT_TYPE; } - if (skb->protocol == __constant_htons(ETH_P_8021Q)) { + if (skb->protocol == htons(ETH_P_8021Q)) { skb_push(skb, VLAN_HLEN); skb->nh.raw -= VLAN_HLEN; } @@ -713,14 +739,14 @@ static unsigned int br_nf_local_out(unsigned int hook, struct sk_buff **pskb, if (nf_bridge->netoutdev) realoutdev = nf_bridge->netoutdev; #endif - if (skb->protocol == __constant_htons(ETH_P_8021Q)) { + if (skb->protocol == htons(ETH_P_8021Q)) { skb_pull(skb, VLAN_HLEN); (*pskb)->nh.raw += VLAN_HLEN; } /* IP forwarded traffic has a physindev, locally * generated traffic hasn't. */ if (realindev != NULL) { - if (!(nf_bridge->mask & BRNF_DONT_TAKE_PARENT) ) { + if (!(nf_bridge->mask & BRNF_DONT_TAKE_PARENT)) { struct net_device *parent = bridge_parent(realindev); if (parent) realindev = parent; @@ -742,12 +768,12 @@ out: /* PF_BRIDGE/POST_ROUTING ********************************************/ static unsigned int br_nf_post_routing(unsigned int hook, struct sk_buff **pskb, - const struct net_device *in, const struct net_device *out, - int (*okfn)(struct sk_buff *)) + const struct net_device *in, + const struct net_device *out, + int (*okfn)(struct sk_buff *)) { struct sk_buff *skb = *pskb; struct nf_bridge_info *nf_bridge = (*pskb)->nf_bridge; - struct vlan_ethhdr *hdr = vlan_eth_hdr(skb); struct net_device *realoutdev = bridge_parent(skb->dev); int pf; @@ -756,7 +782,7 @@ static unsigned int br_nf_post_routing(unsigned int hook, struct sk_buff **pskb, * keep the check just to be sure... */ if (skb->mac.raw < skb->head || skb->mac.raw + ETH_HLEN > skb->data) { printk(KERN_CRIT "br_netfilter: Argh!! br_nf_post_routing: " - "bad mac.raw pointer."); + "bad mac.raw pointer."); goto print_error; } #endif @@ -767,7 +793,7 @@ static unsigned int br_nf_post_routing(unsigned int hook, struct sk_buff **pskb, if (!realoutdev) return NF_DROP; - if (skb->protocol == __constant_htons(ETH_P_IP) || IS_VLAN_IP) + if (skb->protocol == htons(ETH_P_IP) || IS_VLAN_IP(skb)) pf = PF_INET; else pf = PF_INET6; @@ -786,7 +812,7 @@ static unsigned int br_nf_post_routing(unsigned int hook, struct sk_buff **pskb, nf_bridge->mask |= BRNF_PKT_TYPE; } - if (skb->protocol == __constant_htons(ETH_P_8021Q)) { + if (skb->protocol == htons(ETH_P_8021Q)) { skb_pull(skb, VLAN_HLEN); skb->nh.raw += VLAN_HLEN; } @@ -798,7 +824,7 @@ static unsigned int br_nf_post_routing(unsigned int hook, struct sk_buff **pskb, realoutdev = nf_bridge->netoutdev; #endif NF_HOOK(pf, NF_IP_POST_ROUTING, skb, NULL, realoutdev, - br_dev_queue_push_xmit); + br_dev_queue_push_xmit); return NF_STOLEN; @@ -810,18 +836,18 @@ print_error: printk("[%s]", realoutdev->name); } printk(" head:%p, raw:%p, data:%p\n", skb->head, skb->mac.raw, - skb->data); + skb->data); return NF_ACCEPT; #endif } - /* IP/SABOTAGE *****************************************************/ /* Don't hand locally destined packets to PF_INET(6)/PRE_ROUTING * for the second time. */ static unsigned int ip_sabotage_in(unsigned int hook, struct sk_buff **pskb, - const struct net_device *in, const struct net_device *out, - int (*okfn)(struct sk_buff *)) + const struct net_device *in, + const struct net_device *out, + int (*okfn)(struct sk_buff *)) { if ((*pskb)->nf_bridge && !((*pskb)->nf_bridge->mask & BRNF_NF_BRIDGE_PREROUTING)) { @@ -835,18 +861,18 @@ static unsigned int ip_sabotage_in(unsigned int hook, struct sk_buff **pskb, * and PF_INET(6)/POST_ROUTING until we have done the forwarding * decision in the bridge code and have determined nf_bridge->physoutdev. */ static unsigned int ip_sabotage_out(unsigned int hook, struct sk_buff **pskb, - const struct net_device *in, const struct net_device *out, - int (*okfn)(struct sk_buff *)) + const struct net_device *in, + const struct net_device *out, + int (*okfn)(struct sk_buff *)) { struct sk_buff *skb = *pskb; if ((out->hard_start_xmit == br_dev_xmit && - okfn != br_nf_forward_finish && - okfn != br_nf_local_out_finish && - okfn != br_dev_queue_push_xmit) + okfn != br_nf_forward_finish && + okfn != br_nf_local_out_finish && okfn != br_dev_queue_push_xmit) #if defined(CONFIG_VLAN_8021Q) || defined(CONFIG_VLAN_8021Q_MODULE) || ((out->priv_flags & IFF_802_1Q_VLAN) && - VLAN_DEV_INFO(out)->real_dev->hard_start_xmit == br_dev_xmit) + VLAN_DEV_INFO(out)->real_dev->hard_start_xmit == br_dev_xmit) #endif ) { struct nf_bridge_info *nf_bridge; @@ -971,8 +997,8 @@ static struct nf_hook_ops br_nf_ops[] = { #ifdef CONFIG_SYSCTL static -int brnf_sysctl_call_tables(ctl_table *ctl, int write, struct file * filp, - void __user *buffer, size_t *lenp, loff_t *ppos) +int brnf_sysctl_call_tables(ctl_table * ctl, int write, struct file *filp, + void __user * buffer, size_t * lenp, loff_t * ppos) { int ret; @@ -1059,7 +1085,8 @@ int br_netfilter_init(void) #ifdef CONFIG_SYSCTL brnf_sysctl_header = register_sysctl_table(brnf_net_table, 0); if (brnf_sysctl_header == NULL) { - printk(KERN_WARNING "br_netfilter: can't register to sysctl.\n"); + printk(KERN_WARNING + "br_netfilter: can't register to sysctl.\n"); for (i = 0; i < ARRAY_SIZE(br_nf_ops); i++) nf_unregister_hook(&br_nf_ops[i]); return -EFAULT; diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h index 8f10e09..86ecea7 100644 --- a/net/bridge/br_private.h +++ b/net/bridge/br_private.h @@ -109,6 +109,7 @@ struct net_bridge unsigned long bridge_hello_time; unsigned long bridge_forward_delay; + u8 group_addr[ETH_ALEN]; u16 root_port; unsigned char stp_enabled; unsigned char topology_change; @@ -122,7 +123,7 @@ struct net_bridge }; extern struct notifier_block br_device_notifier; -extern const unsigned char bridge_ula[6]; +extern const u8 br_group_address[ETH_ALEN]; /* called under bridge lock */ static inline int br_is_root_bridge(const struct net_bridge *br) @@ -217,7 +218,8 @@ extern void br_stp_set_path_cost(struct net_bridge_port *p, extern ssize_t br_show_bridge_id(char *buf, const struct bridge_id *id); /* br_stp_bpdu.c */ -extern int br_stp_handle_bpdu(struct sk_buff *skb); +extern int br_stp_rcv(struct sk_buff *skb, struct net_device *dev, + struct packet_type *pt, struct net_device *orig_dev); /* br_stp_timer.c */ extern void br_stp_timer_init(struct net_bridge *br); diff --git a/net/bridge/br_stp_bpdu.c b/net/bridge/br_stp_bpdu.c index 296f6a4..a7ba0cc 100644 --- a/net/bridge/br_stp_bpdu.c +++ b/net/bridge/br_stp_bpdu.c @@ -15,158 +15,163 @@ #include <linux/kernel.h> #include <linux/netfilter_bridge.h> +#include <linux/etherdevice.h> +#include <linux/llc.h> +#include <net/llc.h> +#include <net/llc_pdu.h> +#include <asm/unaligned.h> #include "br_private.h" #include "br_private_stp.h" -#define JIFFIES_TO_TICKS(j) (((j) << 8) / HZ) -#define TICKS_TO_JIFFIES(j) (((j) * HZ) >> 8) +#define STP_HZ 256 -static void br_send_bpdu(struct net_bridge_port *p, unsigned char *data, int length) +#define LLC_RESERVE sizeof(struct llc_pdu_un) + +static void br_send_bpdu(struct net_bridge_port *p, + const unsigned char *data, int length) { - struct net_device *dev; struct sk_buff *skb; - int size; if (!p->br->stp_enabled) return; - size = length + 2*ETH_ALEN + 2; - if (size < 60) - size = 60; - - dev = p->dev; - - if ((skb = dev_alloc_skb(size)) == NULL) { - printk(KERN_INFO "br: memory squeeze!\n"); + skb = dev_alloc_skb(length+LLC_RESERVE); + if (!skb) return; - } - skb->dev = dev; + skb->dev = p->dev; skb->protocol = htons(ETH_P_802_2); - skb->mac.raw = skb_put(skb, size); - memcpy(skb->mac.raw, bridge_ula, ETH_ALEN); - memcpy(skb->mac.raw+ETH_ALEN, dev->dev_addr, ETH_ALEN); - skb->mac.raw[2*ETH_ALEN] = 0; - skb->mac.raw[2*ETH_ALEN+1] = length; - skb->nh.raw = skb->mac.raw + 2*ETH_ALEN + 2; - memcpy(skb->nh.raw, data, length); - memset(skb->nh.raw + length, 0xa5, size - length - 2*ETH_ALEN - 2); + + skb_reserve(skb, LLC_RESERVE); + memcpy(__skb_put(skb, length), data, length); + + llc_pdu_header_init(skb, LLC_PDU_TYPE_U, LLC_SAP_BSPAN, + LLC_SAP_BSPAN, LLC_PDU_CMD); + llc_pdu_init_as_ui_cmd(skb); + + llc_mac_hdr_init(skb, p->dev->dev_addr, p->br->group_addr); NF_HOOK(PF_BRIDGE, NF_BR_LOCAL_OUT, skb, NULL, skb->dev, dev_queue_xmit); } -static __inline__ void br_set_ticks(unsigned char *dest, int jiff) +static inline void br_set_ticks(unsigned char *dest, int j) { - __u16 ticks; + unsigned long ticks = (STP_HZ * j)/ HZ; - ticks = JIFFIES_TO_TICKS(jiff); - dest[0] = (ticks >> 8) & 0xFF; - dest[1] = ticks & 0xFF; + put_unaligned(htons(ticks), (__be16 *)dest); } -static __inline__ int br_get_ticks(unsigned char *dest) +static inline int br_get_ticks(const unsigned char *src) { - return TICKS_TO_JIFFIES((dest[0] << 8) | dest[1]); + unsigned long ticks = ntohs(get_unaligned((__be16 *)src)); + + return (ticks * HZ + STP_HZ - 1) / STP_HZ; } /* called under bridge lock */ void br_send_config_bpdu(struct net_bridge_port *p, struct br_config_bpdu *bpdu) { - unsigned char buf[38]; - - buf[0] = 0x42; - buf[1] = 0x42; - buf[2] = 0x03; - buf[3] = 0; - buf[4] = 0; - buf[5] = 0; - buf[6] = BPDU_TYPE_CONFIG; - buf[7] = (bpdu->topology_change ? 0x01 : 0) | + unsigned char buf[35]; + + buf[0] = 0; + buf[1] = 0; + buf[2] = 0; + buf[3] = BPDU_TYPE_CONFIG; + buf[4] = (bpdu->topology_change ? 0x01 : 0) | (bpdu->topology_change_ack ? 0x80 : 0); - buf[8] = bpdu->root.prio[0]; - buf[9] = bpdu->root.prio[1]; - buf[10] = bpdu->root.addr[0]; - buf[11] = bpdu->root.addr[1]; - buf[12] = bpdu->root.addr[2]; - buf[13] = bpdu->root.addr[3]; - buf[14] = bpdu->root.addr[4]; - buf[15] = bpdu->root.addr[5]; - buf[16] = (bpdu->root_path_cost >> 24) & 0xFF; - buf[17] = (bpdu->root_path_cost >> 16) & 0xFF; - buf[18] = (bpdu->root_path_cost >> 8) & 0xFF; - buf[19] = bpdu->root_path_cost & 0xFF; - buf[20] = bpdu->bridge_id.prio[0]; - buf[21] = bpdu->bridge_id.prio[1]; - buf[22] = bpdu->bridge_id.addr[0]; - buf[23] = bpdu->bridge_id.addr[1]; - buf[24] = bpdu->bridge_id.addr[2]; - buf[25] = bpdu->bridge_id.addr[3]; - buf[26] = bpdu->bridge_id.addr[4]; - buf[27] = bpdu->bridge_id.addr[5]; - buf[28] = (bpdu->port_id >> 8) & 0xFF; - buf[29] = bpdu->port_id & 0xFF; - - br_set_ticks(buf+30, bpdu->message_age); - br_set_ticks(buf+32, bpdu->max_age); - br_set_ticks(buf+34, bpdu->hello_time); - br_set_ticks(buf+36, bpdu->forward_delay); - - br_send_bpdu(p, buf, 38); + buf[5] = bpdu->root.prio[0]; + buf[6] = bpdu->root.prio[1]; + buf[7] = bpdu->root.addr[0]; + buf[8] = bpdu->root.addr[1]; + buf[9] = bpdu->root.addr[2]; + buf[10] = bpdu->root.addr[3]; + buf[11] = bpdu->root.addr[4]; + buf[12] = bpdu->root.addr[5]; + buf[13] = (bpdu->root_path_cost >> 24) & 0xFF; + buf[14] = (bpdu->root_path_cost >> 16) & 0xFF; + buf[15] = (bpdu->root_path_cost >> 8) & 0xFF; + buf[16] = bpdu->root_path_cost & 0xFF; + buf[17] = bpdu->bridge_id.prio[0]; + buf[18] = bpdu->bridge_id.prio[1]; + buf[19] = bpdu->bridge_id.addr[0]; + buf[20] = bpdu->bridge_id.addr[1]; + buf[21] = bpdu->bridge_id.addr[2]; + buf[22] = bpdu->bridge_id.addr[3]; + buf[23] = bpdu->bridge_id.addr[4]; + buf[24] = bpdu->bridge_id.addr[5]; + buf[25] = (bpdu->port_id >> 8) & 0xFF; + buf[26] = bpdu->port_id & 0xFF; + + br_set_ticks(buf+27, bpdu->message_age); + br_set_ticks(buf+29, bpdu->max_age); + br_set_ticks(buf+31, bpdu->hello_time); + br_set_ticks(buf+33, bpdu->forward_delay); + + br_send_bpdu(p, buf, 35); } /* called under bridge lock */ void br_send_tcn_bpdu(struct net_bridge_port *p) { - unsigned char buf[7]; - - buf[0] = 0x42; - buf[1] = 0x42; - buf[2] = 0x03; - buf[3] = 0; - buf[4] = 0; - buf[5] = 0; - buf[6] = BPDU_TYPE_TCN; + unsigned char buf[4]; + + buf[0] = 0; + buf[1] = 0; + buf[2] = 0; + buf[3] = BPDU_TYPE_TCN; br_send_bpdu(p, buf, 7); } -static const unsigned char header[6] = {0x42, 0x42, 0x03, 0x00, 0x00, 0x00}; - -/* NO locks, but rcu_read_lock (preempt_disabled) */ -int br_stp_handle_bpdu(struct sk_buff *skb) +/* + * Called from llc. + * + * NO locks, but rcu_read_lock (preempt_disabled) + */ +int br_stp_rcv(struct sk_buff *skb, struct net_device *dev, + struct packet_type *pt, struct net_device *orig_dev) { - struct net_bridge_port *p = rcu_dereference(skb->dev->br_port); + const struct llc_pdu_un *pdu = llc_pdu_un_hdr(skb); + const unsigned char *dest = eth_hdr(skb)->h_dest; + struct net_bridge_port *p = rcu_dereference(dev->br_port); struct net_bridge *br; - unsigned char *buf; + const unsigned char *buf; if (!p) goto err; - br = p->br; - spin_lock(&br->lock); + if (pdu->ssap != LLC_SAP_BSPAN + || pdu->dsap != LLC_SAP_BSPAN + || pdu->ctrl_1 != LLC_PDU_TYPE_U) + goto err; - if (p->state == BR_STATE_DISABLED || !(br->dev->flags & IFF_UP)) - goto out; + if (!pskb_may_pull(skb, 4)) + goto err; + + /* compare of protocol id and version */ + buf = skb->data; + if (buf[0] != 0 || buf[1] != 0 || buf[2] != 0) + goto err; - /* insert into forwarding database after filtering to avoid spoofing */ - br_fdb_update(br, p, eth_hdr(skb)->h_source); + br = p->br; + spin_lock(&br->lock); - if (!br->stp_enabled) + if (p->state == BR_STATE_DISABLED + || !br->stp_enabled + || !(br->dev->flags & IFF_UP)) goto out; - /* need at least the 802 and STP headers */ - if (!pskb_may_pull(skb, sizeof(header)+1) || - memcmp(skb->data, header, sizeof(header))) + if (compare_ether_addr(dest, br->group_addr) != 0) goto out; - buf = skb_pull(skb, sizeof(header)); + buf = skb_pull(skb, 3); if (buf[0] == BPDU_TYPE_CONFIG) { struct br_config_bpdu bpdu; if (!pskb_may_pull(skb, 32)) - goto out; + goto out; buf = skb->data; bpdu.topology_change = (buf[1] & 0x01) ? 1 : 0; diff --git a/net/bridge/br_stp_timer.c b/net/bridge/br_stp_timer.c index 9bef55f..d0fcde8 100644 --- a/net/bridge/br_stp_timer.c +++ b/net/bridge/br_stp_timer.c @@ -39,13 +39,13 @@ static void br_hello_timer_expired(unsigned long arg) struct net_bridge *br = (struct net_bridge *)arg; pr_debug("%s: hello timer expired\n", br->dev->name); - spin_lock_bh(&br->lock); + spin_lock(&br->lock); if (br->dev->flags & IFF_UP) { br_config_bpdu_generation(br); mod_timer(&br->hello_timer, jiffies + br->hello_time); } - spin_unlock_bh(&br->lock); + spin_unlock(&br->lock); } static void br_message_age_timer_expired(unsigned long arg) @@ -71,7 +71,7 @@ static void br_message_age_timer_expired(unsigned long arg) * running when we are the root bridge. So.. this was_root * check is redundant. I'm leaving it in for now, though. */ - spin_lock_bh(&br->lock); + spin_lock(&br->lock); if (p->state == BR_STATE_DISABLED) goto unlock; was_root = br_is_root_bridge(br); @@ -82,7 +82,7 @@ static void br_message_age_timer_expired(unsigned long arg) if (br_is_root_bridge(br) && !was_root) br_become_root_bridge(br); unlock: - spin_unlock_bh(&br->lock); + spin_unlock(&br->lock); } static void br_forward_delay_timer_expired(unsigned long arg) @@ -92,7 +92,7 @@ static void br_forward_delay_timer_expired(unsigned long arg) pr_debug("%s: %d(%s) forward delay timer\n", br->dev->name, p->port_no, p->dev->name); - spin_lock_bh(&br->lock); + spin_lock(&br->lock); if (p->state == BR_STATE_LISTENING) { p->state = BR_STATE_LEARNING; mod_timer(&p->forward_delay_timer, @@ -103,7 +103,7 @@ static void br_forward_delay_timer_expired(unsigned long arg) br_topology_change_detection(br); } br_log_state(p); - spin_unlock_bh(&br->lock); + spin_unlock(&br->lock); } static void br_tcn_timer_expired(unsigned long arg) @@ -111,13 +111,13 @@ static void br_tcn_timer_expired(unsigned long arg) struct net_bridge *br = (struct net_bridge *) arg; pr_debug("%s: tcn timer expired\n", br->dev->name); - spin_lock_bh(&br->lock); + spin_lock(&br->lock); if (br->dev->flags & IFF_UP) { br_transmit_tcn(br); mod_timer(&br->tcn_timer,jiffies + br->bridge_hello_time); } - spin_unlock_bh(&br->lock); + spin_unlock(&br->lock); } static void br_topology_change_timer_expired(unsigned long arg) @@ -125,10 +125,10 @@ static void br_topology_change_timer_expired(unsigned long arg) struct net_bridge *br = (struct net_bridge *) arg; pr_debug("%s: topo change timer expired\n", br->dev->name); - spin_lock_bh(&br->lock); + spin_lock(&br->lock); br->topology_change_detected = 0; br->topology_change = 0; - spin_unlock_bh(&br->lock); + spin_unlock(&br->lock); } static void br_hold_timer_expired(unsigned long arg) @@ -138,45 +138,36 @@ static void br_hold_timer_expired(unsigned long arg) pr_debug("%s: %d(%s) hold timer expired\n", p->br->dev->name, p->port_no, p->dev->name); - spin_lock_bh(&p->br->lock); + spin_lock(&p->br->lock); if (p->config_pending) br_transmit_config(p); - spin_unlock_bh(&p->br->lock); -} - -static inline void br_timer_init(struct timer_list *timer, - void (*_function)(unsigned long), - unsigned long _data) -{ - init_timer(timer); - timer->function = _function; - timer->data = _data; + spin_unlock(&p->br->lock); } void br_stp_timer_init(struct net_bridge *br) { - br_timer_init(&br->hello_timer, br_hello_timer_expired, + setup_timer(&br->hello_timer, br_hello_timer_expired, (unsigned long) br); - br_timer_init(&br->tcn_timer, br_tcn_timer_expired, + setup_timer(&br->tcn_timer, br_tcn_timer_expired, (unsigned long) br); - br_timer_init(&br->topology_change_timer, + setup_timer(&br->topology_change_timer, br_topology_change_timer_expired, (unsigned long) br); - br_timer_init(&br->gc_timer, br_fdb_cleanup, (unsigned long) br); + setup_timer(&br->gc_timer, br_fdb_cleanup, (unsigned long) br); } void br_stp_port_timer_init(struct net_bridge_port *p) { - br_timer_init(&p->message_age_timer, br_message_age_timer_expired, + setup_timer(&p->message_age_timer, br_message_age_timer_expired, (unsigned long) p); - br_timer_init(&p->forward_delay_timer, br_forward_delay_timer_expired, + setup_timer(&p->forward_delay_timer, br_forward_delay_timer_expired, (unsigned long) p); - br_timer_init(&p->hold_timer, br_hold_timer_expired, + setup_timer(&p->hold_timer, br_hold_timer_expired, (unsigned long) p); } diff --git a/net/bridge/br_sysfs_br.c b/net/bridge/br_sysfs_br.c index 6f577f1..96bcb2f 100644 --- a/net/bridge/br_sysfs_br.c +++ b/net/bridge/br_sysfs_br.c @@ -242,6 +242,54 @@ static ssize_t show_gc_timer(struct class_device *cd, char *buf) } static CLASS_DEVICE_ATTR(gc_timer, S_IRUGO, show_gc_timer, NULL); +static ssize_t show_group_addr(struct class_device *cd, char *buf) +{ + struct net_bridge *br = to_bridge(cd); + return sprintf(buf, "%x:%x:%x:%x:%x:%x\n", + br->group_addr[0], br->group_addr[1], + br->group_addr[2], br->group_addr[3], + br->group_addr[4], br->group_addr[5]); +} + +static ssize_t store_group_addr(struct class_device *cd, const char *buf, + size_t len) +{ + struct net_bridge *br = to_bridge(cd); + unsigned new_addr[6]; + int i; + + if (!capable(CAP_NET_ADMIN)) + return -EPERM; + + if (sscanf(buf, "%x:%x:%x:%x:%x:%x", + &new_addr[0], &new_addr[1], &new_addr[2], + &new_addr[3], &new_addr[4], &new_addr[5]) != 6) + return -EINVAL; + + /* Must be 01:80:c2:00:00:0X */ + for (i = 0; i < 5; i++) + if (new_addr[i] != br_group_address[i]) + return -EINVAL; + + if (new_addr[5] & ~0xf) + return -EINVAL; + + if (new_addr[5] == 1 /* 802.3x Pause address */ + || new_addr[5] == 2 /* 802.3ad Slow protocols */ + || new_addr[5] == 3) /* 802.1X PAE address */ + return -EINVAL; + + spin_lock_bh(&br->lock); + for (i = 0; i < 6; i++) + br->group_addr[i] = new_addr[i]; + spin_unlock_bh(&br->lock); + return len; +} + +static CLASS_DEVICE_ATTR(group_addr, S_IRUGO | S_IWUSR, + show_group_addr, store_group_addr); + + static struct attribute *bridge_attrs[] = { &class_device_attr_forward_delay.attr, &class_device_attr_hello_time.attr, @@ -259,6 +307,7 @@ static struct attribute *bridge_attrs[] = { &class_device_attr_tcn_timer.attr, &class_device_attr_topology_change_timer.attr, &class_device_attr_gc_timer.attr, + &class_device_attr_group_addr.attr, NULL }; diff --git a/net/bridge/netfilter/ebt_802_3.c b/net/bridge/netfilter/ebt_802_3.c index 468ebdf..d42f63f 100644 --- a/net/bridge/netfilter/ebt_802_3.c +++ b/net/bridge/netfilter/ebt_802_3.c @@ -58,16 +58,16 @@ static struct ebt_match filter_802_3 = .me = THIS_MODULE, }; -static int __init init(void) +static int __init ebt_802_3_init(void) { return ebt_register_match(&filter_802_3); } -static void __exit fini(void) +static void __exit ebt_802_3_fini(void) { ebt_unregister_match(&filter_802_3); } -module_init(init); -module_exit(fini); +module_init(ebt_802_3_init); +module_exit(ebt_802_3_fini); MODULE_LICENSE("GPL"); diff --git a/net/bridge/netfilter/ebt_among.c b/net/bridge/netfilter/ebt_among.c index 5a1f5e3..a614485 100644 --- a/net/bridge/netfilter/ebt_among.c +++ b/net/bridge/netfilter/ebt_among.c @@ -213,16 +213,16 @@ static struct ebt_match filter_among = { .me = THIS_MODULE, }; -static int __init init(void) +static int __init ebt_among_init(void) { return ebt_register_match(&filter_among); } -static void __exit fini(void) +static void __exit ebt_among_fini(void) { ebt_unregister_match(&filter_among); } -module_init(init); -module_exit(fini); +module_init(ebt_among_init); +module_exit(ebt_among_fini); MODULE_LICENSE("GPL"); diff --git a/net/bridge/netfilter/ebt_arp.c b/net/bridge/netfilter/ebt_arp.c index b94c48c..a6c81d9 100644 --- a/net/bridge/netfilter/ebt_arp.c +++ b/net/bridge/netfilter/ebt_arp.c @@ -125,16 +125,16 @@ static struct ebt_match filter_arp = .me = THIS_MODULE, }; -static int __init init(void) +static int __init ebt_arp_init(void) { return ebt_register_match(&filter_arp); } -static void __exit fini(void) +static void __exit ebt_arp_fini(void) { ebt_unregister_match(&filter_arp); } -module_init(init); -module_exit(fini); +module_init(ebt_arp_init); +module_exit(ebt_arp_fini); MODULE_LICENSE("GPL"); diff --git a/net/bridge/netfilter/ebt_arpreply.c b/net/bridge/netfilter/ebt_arpreply.c index b934de9..d19fc4b 100644 --- a/net/bridge/netfilter/ebt_arpreply.c +++ b/net/bridge/netfilter/ebt_arpreply.c @@ -82,16 +82,16 @@ static struct ebt_target reply_target = .me = THIS_MODULE, }; -static int __init init(void) +static int __init ebt_arpreply_init(void) { return ebt_register_target(&reply_target); } -static void __exit fini(void) +static void __exit ebt_arpreply_fini(void) { ebt_unregister_target(&reply_target); } -module_init(init); -module_exit(fini); +module_init(ebt_arpreply_init); +module_exit(ebt_arpreply_fini); MODULE_LICENSE("GPL"); diff --git a/net/bridge/netfilter/ebt_dnat.c b/net/bridge/netfilter/ebt_dnat.c index f546308..4582659 100644 --- a/net/bridge/netfilter/ebt_dnat.c +++ b/net/bridge/netfilter/ebt_dnat.c @@ -61,16 +61,16 @@ static struct ebt_target dnat = .me = THIS_MODULE, }; -static int __init init(void) +static int __init ebt_dnat_init(void) { return ebt_register_target(&dnat); } -static void __exit fini(void) +static void __exit ebt_dnat_fini(void) { ebt_unregister_target(&dnat); } -module_init(init); -module_exit(fini); +module_init(ebt_dnat_init); +module_exit(ebt_dnat_fini); MODULE_LICENSE("GPL"); diff --git a/net/bridge/netfilter/ebt_ip.c b/net/bridge/netfilter/ebt_ip.c index dc5d0b2..65b665c 100644 --- a/net/bridge/netfilter/ebt_ip.c +++ b/net/bridge/netfilter/ebt_ip.c @@ -112,16 +112,16 @@ static struct ebt_match filter_ip = .me = THIS_MODULE, }; -static int __init init(void) +static int __init ebt_ip_init(void) { return ebt_register_match(&filter_ip); } -static void __exit fini(void) +static void __exit ebt_ip_fini(void) { ebt_unregister_match(&filter_ip); } -module_init(init); -module_exit(fini); +module_init(ebt_ip_init); +module_exit(ebt_ip_fini); MODULE_LICENSE("GPL"); diff --git a/net/bridge/netfilter/ebt_limit.c b/net/bridge/netfilter/ebt_limit.c index 637c884..d48fa5c 100644 --- a/net/bridge/netfilter/ebt_limit.c +++ b/net/bridge/netfilter/ebt_limit.c @@ -98,16 +98,16 @@ static struct ebt_match ebt_limit_reg = .me = THIS_MODULE, }; -static int __init init(void) +static int __init ebt_limit_init(void) { return ebt_register_match(&ebt_limit_reg); } -static void __exit fini(void) +static void __exit ebt_limit_fini(void) { ebt_unregister_match(&ebt_limit_reg); } -module_init(init); -module_exit(fini); +module_init(ebt_limit_init); +module_exit(ebt_limit_fini); MODULE_LICENSE("GPL"); diff --git a/net/bridge/netfilter/ebt_log.c b/net/bridge/netfilter/ebt_log.c index 288ff1d..d159c92 100644 --- a/net/bridge/netfilter/ebt_log.c +++ b/net/bridge/netfilter/ebt_log.c @@ -188,7 +188,7 @@ static struct nf_logger ebt_log_logger = { .me = THIS_MODULE, }; -static int __init init(void) +static int __init ebt_log_init(void) { int ret; @@ -205,12 +205,12 @@ static int __init init(void) return 0; } -static void __exit fini(void) +static void __exit ebt_log_fini(void) { nf_log_unregister_logger(&ebt_log_logger); ebt_unregister_watcher(&log); } -module_init(init); -module_exit(fini); +module_init(ebt_log_init); +module_exit(ebt_log_fini); MODULE_LICENSE("GPL"); diff --git a/net/bridge/netfilter/ebt_mark.c b/net/bridge/netfilter/ebt_mark.c index c93d35a..770c0df 100644 --- a/net/bridge/netfilter/ebt_mark.c +++ b/net/bridge/netfilter/ebt_mark.c @@ -52,16 +52,16 @@ static struct ebt_target mark_target = .me = THIS_MODULE, }; -static int __init init(void) +static int __init ebt_mark_init(void) { return ebt_register_target(&mark_target); } -static void __exit fini(void) +static void __exit ebt_mark_fini(void) { ebt_unregister_target(&mark_target); } -module_init(init); -module_exit(fini); +module_init(ebt_mark_init); +module_exit(ebt_mark_fini); MODULE_LICENSE("GPL"); diff --git a/net/bridge/netfilter/ebt_mark_m.c b/net/bridge/netfilter/ebt_mark_m.c index 625102d..a6413e4 100644 --- a/net/bridge/netfilter/ebt_mark_m.c +++ b/net/bridge/netfilter/ebt_mark_m.c @@ -47,16 +47,16 @@ static struct ebt_match filter_mark = .me = THIS_MODULE, }; -static int __init init(void) +static int __init ebt_mark_m_init(void) { return ebt_register_match(&filter_mark); } -static void __exit fini(void) +static void __exit ebt_mark_m_fini(void) { ebt_unregister_match(&filter_mark); } -module_init(init); -module_exit(fini); +module_init(ebt_mark_m_init); +module_exit(ebt_mark_m_fini); MODULE_LICENSE("GPL"); diff --git a/net/bridge/netfilter/ebt_pkttype.c b/net/bridge/netfilter/ebt_pkttype.c index ecd3b42..4fffd70 100644 --- a/net/bridge/netfilter/ebt_pkttype.c +++ b/net/bridge/netfilter/ebt_pkttype.c @@ -44,16 +44,16 @@ static struct ebt_match filter_pkttype = .me = THIS_MODULE, }; -static int __init init(void) +static int __init ebt_pkttype_init(void) { return ebt_register_match(&filter_pkttype); } -static void __exit fini(void) +static void __exit ebt_pkttype_fini(void) { ebt_unregister_match(&filter_pkttype); } -module_init(init); -module_exit(fini); +module_init(ebt_pkttype_init); +module_exit(ebt_pkttype_fini); MODULE_LICENSE("GPL"); diff --git a/net/bridge/netfilter/ebt_redirect.c b/net/bridge/netfilter/ebt_redirect.c index 1538b43..9f378ea 100644 --- a/net/bridge/netfilter/ebt_redirect.c +++ b/net/bridge/netfilter/ebt_redirect.c @@ -66,16 +66,16 @@ static struct ebt_target redirect_target = .me = THIS_MODULE, }; -static int __init init(void) +static int __init ebt_redirect_init(void) { return ebt_register_target(&redirect_target); } -static void __exit fini(void) +static void __exit ebt_redirect_fini(void) { ebt_unregister_target(&redirect_target); } -module_init(init); -module_exit(fini); +module_init(ebt_redirect_init); +module_exit(ebt_redirect_fini); MODULE_LICENSE("GPL"); diff --git a/net/bridge/netfilter/ebt_snat.c b/net/bridge/netfilter/ebt_snat.c index 1529bdc..cbb33e2 100644 --- a/net/bridge/netfilter/ebt_snat.c +++ b/net/bridge/netfilter/ebt_snat.c @@ -61,16 +61,16 @@ static struct ebt_target snat = .me = THIS_MODULE, }; -static int __init init(void) +static int __init ebt_snat_init(void) { return ebt_register_target(&snat); } -static void __exit fini(void) +static void __exit ebt_snat_fini(void) { ebt_unregister_target(&snat); } -module_init(init); -module_exit(fini); +module_init(ebt_snat_init); +module_exit(ebt_snat_fini); MODULE_LICENSE("GPL"); diff --git a/net/bridge/netfilter/ebt_stp.c b/net/bridge/netfilter/ebt_stp.c index 0248c67..a0bed82 100644 --- a/net/bridge/netfilter/ebt_stp.c +++ b/net/bridge/netfilter/ebt_stp.c @@ -180,16 +180,16 @@ static struct ebt_match filter_stp = .me = THIS_MODULE, }; -static int __init init(void) +static int __init ebt_stp_init(void) { return ebt_register_match(&filter_stp); } -static void __exit fini(void) +static void __exit ebt_stp_fini(void) { ebt_unregister_match(&filter_stp); } -module_init(init); -module_exit(fini); +module_init(ebt_stp_init); +module_exit(ebt_stp_fini); MODULE_LICENSE("GPL"); diff --git a/net/bridge/netfilter/ebt_ulog.c b/net/bridge/netfilter/ebt_ulog.c index 802baf7..ee5a517 100644 --- a/net/bridge/netfilter/ebt_ulog.c +++ b/net/bridge/netfilter/ebt_ulog.c @@ -281,7 +281,7 @@ static struct nf_logger ebt_ulog_logger = { .me = THIS_MODULE, }; -static int __init init(void) +static int __init ebt_ulog_init(void) { int i, ret = 0; @@ -316,7 +316,7 @@ static int __init init(void) return ret; } -static void __exit fini(void) +static void __exit ebt_ulog_fini(void) { ebt_ulog_buff_t *ub; int i; @@ -337,8 +337,8 @@ static void __exit fini(void) sock_release(ebtulognl->sk_socket); } -module_init(init); -module_exit(fini); +module_init(ebt_ulog_init); +module_exit(ebt_ulog_fini); MODULE_LICENSE("GPL"); MODULE_AUTHOR("Bart De Schuymer <bdschuym@pandora.be>"); MODULE_DESCRIPTION("ebtables userspace logging module for bridged Ethernet" diff --git a/net/bridge/netfilter/ebt_vlan.c b/net/bridge/netfilter/ebt_vlan.c index db60d73..a2b4528 100644 --- a/net/bridge/netfilter/ebt_vlan.c +++ b/net/bridge/netfilter/ebt_vlan.c @@ -178,7 +178,7 @@ static struct ebt_match filter_vlan = { .me = THIS_MODULE, }; -static int __init init(void) +static int __init ebt_vlan_init(void) { DEBUG_MSG("ebtables 802.1Q extension module v" MODULE_VERS "\n"); @@ -186,10 +186,10 @@ static int __init init(void) return ebt_register_match(&filter_vlan); } -static void __exit fini(void) +static void __exit ebt_vlan_fini(void) { ebt_unregister_match(&filter_vlan); } -module_init(init); -module_exit(fini); +module_init(ebt_vlan_init); +module_exit(ebt_vlan_fini); diff --git a/net/bridge/netfilter/ebtable_broute.c b/net/bridge/netfilter/ebtable_broute.c index 1767c94..9a6e548 100644 --- a/net/bridge/netfilter/ebtable_broute.c +++ b/net/bridge/netfilter/ebtable_broute.c @@ -62,7 +62,7 @@ static int ebt_broute(struct sk_buff **pskb) return 0; /* bridge it */ } -static int __init init(void) +static int __init ebtable_broute_init(void) { int ret; @@ -74,13 +74,13 @@ static int __init init(void) return ret; } -static void __exit fini(void) +static void __exit ebtable_broute_fini(void) { br_should_route_hook = NULL; synchronize_net(); ebt_unregister_table(&broute_table); } -module_init(init); -module_exit(fini); +module_init(ebtable_broute_init); +module_exit(ebtable_broute_fini); MODULE_LICENSE("GPL"); diff --git a/net/bridge/netfilter/ebtable_filter.c b/net/bridge/netfilter/ebtable_filter.c index c18666e..3d5bd44 100644 --- a/net/bridge/netfilter/ebtable_filter.c +++ b/net/bridge/netfilter/ebtable_filter.c @@ -91,7 +91,7 @@ static struct nf_hook_ops ebt_ops_filter[] = { }, }; -static int __init init(void) +static int __init ebtable_filter_init(void) { int i, j, ret; @@ -109,7 +109,7 @@ cleanup: return ret; } -static void __exit fini(void) +static void __exit ebtable_filter_fini(void) { int i; @@ -118,6 +118,6 @@ static void __exit fini(void) ebt_unregister_table(&frame_filter); } -module_init(init); -module_exit(fini); +module_init(ebtable_filter_init); +module_exit(ebtable_filter_fini); MODULE_LICENSE("GPL"); diff --git a/net/bridge/netfilter/ebtable_nat.c b/net/bridge/netfilter/ebtable_nat.c index 828cac2..04dd42e 100644 --- a/net/bridge/netfilter/ebtable_nat.c +++ b/net/bridge/netfilter/ebtable_nat.c @@ -98,7 +98,7 @@ static struct nf_hook_ops ebt_ops_nat[] = { }, }; -static int __init init(void) +static int __init ebtable_nat_init(void) { int i, ret, j; @@ -116,7 +116,7 @@ cleanup: return ret; } -static void __exit fini(void) +static void __exit ebtable_nat_fini(void) { int i; @@ -125,6 +125,6 @@ static void __exit fini(void) ebt_unregister_table(&frame_nat); } -module_init(init); -module_exit(fini); +module_init(ebtable_nat_init); +module_exit(ebtable_nat_fini); MODULE_LICENSE("GPL"); diff --git a/net/bridge/netfilter/ebtables.c b/net/bridge/netfilter/ebtables.c index cbd4020..01eae97 100644 --- a/net/bridge/netfilter/ebtables.c +++ b/net/bridge/netfilter/ebtables.c @@ -35,6 +35,7 @@ #define ASSERT_READ_LOCK(x) #define ASSERT_WRITE_LOCK(x) #include <linux/netfilter_ipv4/listhelp.h> +#include <linux/mutex.h> #if 0 /* use this for remote debugging @@ -81,7 +82,7 @@ static void print_string(char *str) -static DECLARE_MUTEX(ebt_mutex); +static DEFINE_MUTEX(ebt_mutex); static LIST_HEAD(ebt_tables); static LIST_HEAD(ebt_targets); static LIST_HEAD(ebt_matches); @@ -296,18 +297,18 @@ letscontinue: /* If it succeeds, returns element and locks mutex */ static inline void * find_inlist_lock_noload(struct list_head *head, const char *name, int *error, - struct semaphore *mutex) + struct mutex *mutex) { void *ret; - *error = down_interruptible(mutex); + *error = mutex_lock_interruptible(mutex); if (*error != 0) return NULL; ret = list_named_find(head, name); if (!ret) { *error = -ENOENT; - up(mutex); + mutex_unlock(mutex); } return ret; } @@ -317,7 +318,7 @@ find_inlist_lock_noload(struct list_head *head, const char *name, int *error, #else static void * find_inlist_lock(struct list_head *head, const char *name, const char *prefix, - int *error, struct semaphore *mutex) + int *error, struct mutex *mutex) { void *ret; @@ -331,25 +332,25 @@ find_inlist_lock(struct list_head *head, const char *name, const char *prefix, #endif static inline struct ebt_table * -find_table_lock(const char *name, int *error, struct semaphore *mutex) +find_table_lock(const char *name, int *error, struct mutex *mutex) { return find_inlist_lock(&ebt_tables, name, "ebtable_", error, mutex); } static inline struct ebt_match * -find_match_lock(const char *name, int *error, struct semaphore *mutex) +find_match_lock(const char *name, int *error, struct mutex *mutex) { return find_inlist_lock(&ebt_matches, name, "ebt_", error, mutex); } static inline struct ebt_watcher * -find_watcher_lock(const char *name, int *error, struct semaphore *mutex) +find_watcher_lock(const char *name, int *error, struct mutex *mutex) { return find_inlist_lock(&ebt_watchers, name, "ebt_", error, mutex); } static inline struct ebt_target * -find_target_lock(const char *name, int *error, struct semaphore *mutex) +find_target_lock(const char *name, int *error, struct mutex *mutex) { return find_inlist_lock(&ebt_targets, name, "ebt_", error, mutex); } @@ -369,10 +370,10 @@ ebt_check_match(struct ebt_entry_match *m, struct ebt_entry *e, return ret; m->u.match = match; if (!try_module_get(match->me)) { - up(&ebt_mutex); + mutex_unlock(&ebt_mutex); return -ENOENT; } - up(&ebt_mutex); + mutex_unlock(&ebt_mutex); if (match->check && match->check(name, hookmask, e, m->data, m->match_size) != 0) { BUGPRINT("match->check failed\n"); @@ -398,10 +399,10 @@ ebt_check_watcher(struct ebt_entry_watcher *w, struct ebt_entry *e, return ret; w->u.watcher = watcher; if (!try_module_get(watcher->me)) { - up(&ebt_mutex); + mutex_unlock(&ebt_mutex); return -ENOENT; } - up(&ebt_mutex); + mutex_unlock(&ebt_mutex); if (watcher->check && watcher->check(name, hookmask, e, w->data, w->watcher_size) != 0) { BUGPRINT("watcher->check failed\n"); @@ -638,11 +639,11 @@ ebt_check_entry(struct ebt_entry *e, struct ebt_table_info *newinfo, if (!target) goto cleanup_watchers; if (!try_module_get(target->me)) { - up(&ebt_mutex); + mutex_unlock(&ebt_mutex); ret = -ENOENT; goto cleanup_watchers; } - up(&ebt_mutex); + mutex_unlock(&ebt_mutex); t->u.target = target; if (t->u.target == &ebt_standard_target) { @@ -1015,7 +1016,7 @@ static int do_replace(void __user *user, unsigned int len) t->private = newinfo; write_unlock_bh(&t->lock); - up(&ebt_mutex); + mutex_unlock(&ebt_mutex); /* so, a user can change the chains while having messed up her counter allocation. Only reason why this is done is because this way the lock is held only once, while this doesn't bring the kernel into a @@ -1045,7 +1046,7 @@ static int do_replace(void __user *user, unsigned int len) return ret; free_unlock: - up(&ebt_mutex); + mutex_unlock(&ebt_mutex); free_iterate: EBT_ENTRY_ITERATE(newinfo->entries, newinfo->entries_size, ebt_cleanup_entry, NULL); @@ -1068,69 +1069,69 @@ int ebt_register_target(struct ebt_target *target) { int ret; - ret = down_interruptible(&ebt_mutex); + ret = mutex_lock_interruptible(&ebt_mutex); if (ret != 0) return ret; if (!list_named_insert(&ebt_targets, target)) { - up(&ebt_mutex); + mutex_unlock(&ebt_mutex); return -EEXIST; } - up(&ebt_mutex); + mutex_unlock(&ebt_mutex); return 0; } void ebt_unregister_target(struct ebt_target *target) { - down(&ebt_mutex); + mutex_lock(&ebt_mutex); LIST_DELETE(&ebt_targets, target); - up(&ebt_mutex); + mutex_unlock(&ebt_mutex); } int ebt_register_match(struct ebt_match *match) { int ret; - ret = down_interruptible(&ebt_mutex); + ret = mutex_lock_interruptible(&ebt_mutex); if (ret != 0) return ret; if (!list_named_insert(&ebt_matches, match)) { - up(&ebt_mutex); + mutex_unlock(&ebt_mutex); return -EEXIST; } - up(&ebt_mutex); + mutex_unlock(&ebt_mutex); return 0; } void ebt_unregister_match(struct ebt_match *match) { - down(&ebt_mutex); + mutex_lock(&ebt_mutex); LIST_DELETE(&ebt_matches, match); - up(&ebt_mutex); + mutex_unlock(&ebt_mutex); } int ebt_register_watcher(struct ebt_watcher *watcher) { int ret; - ret = down_interruptible(&ebt_mutex); + ret = mutex_lock_interruptible(&ebt_mutex); if (ret != 0) return ret; if (!list_named_insert(&ebt_watchers, watcher)) { - up(&ebt_mutex); + mutex_unlock(&ebt_mutex); return -EEXIST; } - up(&ebt_mutex); + mutex_unlock(&ebt_mutex); return 0; } void ebt_unregister_watcher(struct ebt_watcher *watcher) { - down(&ebt_mutex); + mutex_lock(&ebt_mutex); LIST_DELETE(&ebt_watchers, watcher); - up(&ebt_mutex); + mutex_unlock(&ebt_mutex); } int ebt_register_table(struct ebt_table *table) @@ -1178,7 +1179,7 @@ int ebt_register_table(struct ebt_table *table) table->private = newinfo; rwlock_init(&table->lock); - ret = down_interruptible(&ebt_mutex); + ret = mutex_lock_interruptible(&ebt_mutex); if (ret != 0) goto free_chainstack; @@ -1194,10 +1195,10 @@ int ebt_register_table(struct ebt_table *table) goto free_unlock; } list_prepend(&ebt_tables, table); - up(&ebt_mutex); + mutex_unlock(&ebt_mutex); return 0; free_unlock: - up(&ebt_mutex); + mutex_unlock(&ebt_mutex); free_chainstack: if (newinfo->chainstack) { for_each_cpu(i) @@ -1218,9 +1219,9 @@ void ebt_unregister_table(struct ebt_table *table) BUGPRINT("Request to unregister NULL table!!!\n"); return; } - down(&ebt_mutex); + mutex_lock(&ebt_mutex); LIST_DELETE(&ebt_tables, table); - up(&ebt_mutex); + mutex_unlock(&ebt_mutex); vfree(table->private->entries); if (table->private->chainstack) { for_each_cpu(i) @@ -1281,7 +1282,7 @@ static int update_counters(void __user *user, unsigned int len) write_unlock_bh(&t->lock); ret = 0; unlock_mutex: - up(&ebt_mutex); + mutex_unlock(&ebt_mutex); free_tmp: vfree(tmp); return ret; @@ -1328,7 +1329,7 @@ static inline int ebt_make_names(struct ebt_entry *e, char *base, char *ubase) return 0; } -/* called with ebt_mutex down */ +/* called with ebt_mutex locked */ static int copy_everything_to_user(struct ebt_table *t, void __user *user, int *len, int cmd) { @@ -1440,7 +1441,7 @@ static int do_ebt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) case EBT_SO_GET_INIT_INFO: if (*len != sizeof(struct ebt_replace)){ ret = -EINVAL; - up(&ebt_mutex); + mutex_unlock(&ebt_mutex); break; } if (cmd == EBT_SO_GET_INFO) { @@ -1452,7 +1453,7 @@ static int do_ebt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) tmp.entries_size = t->table->entries_size; tmp.valid_hooks = t->table->valid_hooks; } - up(&ebt_mutex); + mutex_unlock(&ebt_mutex); if (copy_to_user(user, &tmp, *len) != 0){ BUGPRINT("c2u Didn't work\n"); ret = -EFAULT; @@ -1464,11 +1465,11 @@ static int do_ebt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) case EBT_SO_GET_ENTRIES: case EBT_SO_GET_INIT_ENTRIES: ret = copy_everything_to_user(t, user, len, cmd); - up(&ebt_mutex); + mutex_unlock(&ebt_mutex); break; default: - up(&ebt_mutex); + mutex_unlock(&ebt_mutex); ret = -EINVAL; } @@ -1476,17 +1477,23 @@ static int do_ebt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) } static struct nf_sockopt_ops ebt_sockopts = -{ { NULL, NULL }, PF_INET, EBT_BASE_CTL, EBT_SO_SET_MAX + 1, do_ebt_set_ctl, - EBT_BASE_CTL, EBT_SO_GET_MAX + 1, do_ebt_get_ctl, 0, NULL +{ + .pf = PF_INET, + .set_optmin = EBT_BASE_CTL, + .set_optmax = EBT_SO_SET_MAX + 1, + .set = do_ebt_set_ctl, + .get_optmin = EBT_BASE_CTL, + .get_optmax = EBT_SO_GET_MAX + 1, + .get = do_ebt_get_ctl, }; -static int __init init(void) +static int __init ebtables_init(void) { int ret; - down(&ebt_mutex); + mutex_lock(&ebt_mutex); list_named_insert(&ebt_targets, &ebt_standard_target); - up(&ebt_mutex); + mutex_unlock(&ebt_mutex); if ((ret = nf_register_sockopt(&ebt_sockopts)) < 0) return ret; @@ -1494,7 +1501,7 @@ static int __init init(void) return 0; } -static void __exit fini(void) +static void __exit ebtables_fini(void) { nf_unregister_sockopt(&ebt_sockopts); printk(KERN_NOTICE "Ebtables v2.0 unregistered\n"); @@ -1509,6 +1516,6 @@ EXPORT_SYMBOL(ebt_unregister_watcher); EXPORT_SYMBOL(ebt_register_target); EXPORT_SYMBOL(ebt_unregister_target); EXPORT_SYMBOL(ebt_do_table); -module_init(init); -module_exit(fini); +module_init(ebtables_init); +module_exit(ebtables_fini); MODULE_LICENSE("GPL"); diff --git a/net/compat.c b/net/compat.c index e593dac..8fd37cd 100644 --- a/net/compat.c +++ b/net/compat.c @@ -416,7 +416,7 @@ struct compat_sock_fprog { compat_uptr_t filter; /* struct sock_filter * */ }; -static int do_set_attach_filter(int fd, int level, int optname, +static int do_set_attach_filter(struct socket *sock, int level, int optname, char __user *optval, int optlen) { struct compat_sock_fprog __user *fprog32 = (struct compat_sock_fprog __user *)optval; @@ -432,11 +432,12 @@ static int do_set_attach_filter(int fd, int level, int optname, __put_user(compat_ptr(ptr), &kfprog->filter)) return -EFAULT; - return sys_setsockopt(fd, level, optname, (char __user *)kfprog, + return sock_setsockopt(sock, level, optname, (char __user *)kfprog, sizeof(struct sock_fprog)); } -static int do_set_sock_timeout(int fd, int level, int optname, char __user *optval, int optlen) +static int do_set_sock_timeout(struct socket *sock, int level, + int optname, char __user *optval, int optlen) { struct compat_timeval __user *up = (struct compat_timeval __user *) optval; struct timeval ktime; @@ -451,30 +452,61 @@ static int do_set_sock_timeout(int fd, int level, int optname, char __user *optv return -EFAULT; old_fs = get_fs(); set_fs(KERNEL_DS); - err = sys_setsockopt(fd, level, optname, (char *) &ktime, sizeof(ktime)); + err = sock_setsockopt(sock, level, optname, (char *) &ktime, sizeof(ktime)); set_fs(old_fs); return err; } +static int compat_sock_setsockopt(struct socket *sock, int level, int optname, + char __user *optval, int optlen) +{ + if (optname == SO_ATTACH_FILTER) + return do_set_attach_filter(sock, level, optname, + optval, optlen); + if (optname == SO_RCVTIMEO || optname == SO_SNDTIMEO) + return do_set_sock_timeout(sock, level, optname, optval, optlen); + + return sock_setsockopt(sock, level, optname, optval, optlen); +} + asmlinkage long compat_sys_setsockopt(int fd, int level, int optname, char __user *optval, int optlen) { + int err; + struct socket *sock; + /* SO_SET_REPLACE seems to be the same in all levels */ if (optname == IPT_SO_SET_REPLACE) return do_netfilter_replace(fd, level, optname, optval, optlen); - if (level == SOL_SOCKET && optname == SO_ATTACH_FILTER) - return do_set_attach_filter(fd, level, optname, - optval, optlen); - if (level == SOL_SOCKET && - (optname == SO_RCVTIMEO || optname == SO_SNDTIMEO)) - return do_set_sock_timeout(fd, level, optname, optval, optlen); - return sys_setsockopt(fd, level, optname, optval, optlen); + if (optlen < 0) + return -EINVAL; + + if ((sock = sockfd_lookup(fd, &err))!=NULL) + { + err = security_socket_setsockopt(sock,level,optname); + if (err) { + sockfd_put(sock); + return err; + } + + if (level == SOL_SOCKET) + err = compat_sock_setsockopt(sock, level, + optname, optval, optlen); + else if (sock->ops->compat_setsockopt) + err = sock->ops->compat_setsockopt(sock, level, + optname, optval, optlen); + else + err = sock->ops->setsockopt(sock, level, + optname, optval, optlen); + sockfd_put(sock); + } + return err; } -static int do_get_sock_timeout(int fd, int level, int optname, +static int do_get_sock_timeout(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen) { struct compat_timeval __user *up; @@ -490,7 +522,7 @@ static int do_get_sock_timeout(int fd, int level, int optname, len = sizeof(ktime); old_fs = get_fs(); set_fs(KERNEL_DS); - err = sys_getsockopt(fd, level, optname, (char *) &ktime, &len); + err = sock_getsockopt(sock, level, optname, (char *) &ktime, &len); set_fs(old_fs); if (!err) { @@ -503,15 +535,61 @@ static int do_get_sock_timeout(int fd, int level, int optname, return err; } -asmlinkage long compat_sys_getsockopt(int fd, int level, int optname, +static int compat_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen) { - if (level == SOL_SOCKET && - (optname == SO_RCVTIMEO || optname == SO_SNDTIMEO)) - return do_get_sock_timeout(fd, level, optname, optval, optlen); - return sys_getsockopt(fd, level, optname, optval, optlen); + if (optname == SO_RCVTIMEO || optname == SO_SNDTIMEO) + return do_get_sock_timeout(sock, level, optname, optval, optlen); + return sock_getsockopt(sock, level, optname, optval, optlen); +} + +int compat_sock_get_timestamp(struct sock *sk, struct timeval __user *userstamp) +{ + struct compat_timeval __user *ctv = + (struct compat_timeval __user*) userstamp; + int err = -ENOENT; + + if (!sock_flag(sk, SOCK_TIMESTAMP)) + sock_enable_timestamp(sk); + if (sk->sk_stamp.tv_sec == -1) + return err; + if (sk->sk_stamp.tv_sec == 0) + do_gettimeofday(&sk->sk_stamp); + if (put_user(sk->sk_stamp.tv_sec, &ctv->tv_sec) || + put_user(sk->sk_stamp.tv_usec, &ctv->tv_usec)) + err = -EFAULT; + return err; } +EXPORT_SYMBOL(compat_sock_get_timestamp); + +asmlinkage long compat_sys_getsockopt(int fd, int level, int optname, + char __user *optval, int __user *optlen) +{ + int err; + struct socket *sock; + + if ((sock = sockfd_lookup(fd, &err))!=NULL) + { + err = security_socket_getsockopt(sock, level, + optname); + if (err) { + sockfd_put(sock); + return err; + } + if (level == SOL_SOCKET) + err = compat_sock_getsockopt(sock, level, + optname, optval, optlen); + else if (sock->ops->compat_getsockopt) + err = sock->ops->compat_getsockopt(sock, level, + optname, optval, optlen); + else + err = sock->ops->getsockopt(sock, level, + optname, optval, optlen); + sockfd_put(sock); + } + return err; +} /* Argument list sizes for compat_sys_socketcall */ #define AL(x) ((x) * sizeof(u32)) static unsigned char nas[18]={AL(0),AL(3),AL(3),AL(3),AL(2),AL(3), diff --git a/net/core/Makefile b/net/core/Makefile index 630da0f..79fe12c 100644 --- a/net/core/Makefile +++ b/net/core/Makefile @@ -14,5 +14,5 @@ obj-$(CONFIG_XFRM) += flow.o obj-$(CONFIG_SYSFS) += net-sysfs.o obj-$(CONFIG_NET_DIVERT) += dv.o obj-$(CONFIG_NET_PKTGEN) += pktgen.o -obj-$(CONFIG_NET_RADIO) += wireless.o +obj-$(CONFIG_WIRELESS_EXT) += wireless.o obj-$(CONFIG_NETPOLL) += netpoll.o diff --git a/net/core/datagram.c b/net/core/datagram.c index b8ce6bf..aecddcc 100644 --- a/net/core/datagram.c +++ b/net/core/datagram.c @@ -500,6 +500,8 @@ unsigned int datagram_poll(struct file *file, struct socket *sock, /* exceptional events? */ if (sk->sk_err || !skb_queue_empty(&sk->sk_error_queue)) mask |= POLLERR; + if (sk->sk_shutdown & RCV_SHUTDOWN) + mask |= POLLRDHUP; if (sk->sk_shutdown == SHUTDOWN_MASK) mask |= POLLHUP; diff --git a/net/core/dev.c b/net/core/dev.c index 2afb0de..a3ab11f 100644 --- a/net/core/dev.c +++ b/net/core/dev.c @@ -81,6 +81,7 @@ #include <linux/types.h> #include <linux/kernel.h> #include <linux/sched.h> +#include <linux/mutex.h> #include <linux/string.h> #include <linux/mm.h> #include <linux/socket.h> @@ -110,11 +111,10 @@ #include <linux/netpoll.h> #include <linux/rcupdate.h> #include <linux/delay.h> -#ifdef CONFIG_NET_RADIO -#include <linux/wireless.h> /* Note : will define WIRELESS_EXT */ +#include <linux/wireless.h> #include <net/iw_handler.h> -#endif /* CONFIG_NET_RADIO */ #include <asm/current.h> +#include <linux/audit.h> /* * The list of packet types we will receive (as opposed to discard) @@ -193,7 +193,7 @@ static inline struct hlist_head *dev_index_hash(int ifindex) * Our notifier list */ -static struct notifier_block *netdev_chain; +static BLOCKING_NOTIFIER_HEAD(netdev_chain); /* * Device drivers call our routines to queue packets here. We empty the @@ -736,7 +736,8 @@ int dev_change_name(struct net_device *dev, char *newname) if (!err) { hlist_del(&dev->name_hlist); hlist_add_head(&dev->name_hlist, dev_name_hash(dev->name)); - notifier_call_chain(&netdev_chain, NETDEV_CHANGENAME, dev); + blocking_notifier_call_chain(&netdev_chain, + NETDEV_CHANGENAME, dev); } return err; @@ -750,7 +751,7 @@ int dev_change_name(struct net_device *dev, char *newname) */ void netdev_features_change(struct net_device *dev) { - notifier_call_chain(&netdev_chain, NETDEV_FEAT_CHANGE, dev); + blocking_notifier_call_chain(&netdev_chain, NETDEV_FEAT_CHANGE, dev); } EXPORT_SYMBOL(netdev_features_change); @@ -765,7 +766,8 @@ EXPORT_SYMBOL(netdev_features_change); void netdev_state_change(struct net_device *dev) { if (dev->flags & IFF_UP) { - notifier_call_chain(&netdev_chain, NETDEV_CHANGE, dev); + blocking_notifier_call_chain(&netdev_chain, + NETDEV_CHANGE, dev); rtmsg_ifinfo(RTM_NEWLINK, dev, 0); } } @@ -862,7 +864,7 @@ int dev_open(struct net_device *dev) /* * ... and announce new interface. */ - notifier_call_chain(&netdev_chain, NETDEV_UP, dev); + blocking_notifier_call_chain(&netdev_chain, NETDEV_UP, dev); } return ret; } @@ -885,7 +887,7 @@ int dev_close(struct net_device *dev) * Tell people we are going down, so that they can * prepare to death, when device is still operating. */ - notifier_call_chain(&netdev_chain, NETDEV_GOING_DOWN, dev); + blocking_notifier_call_chain(&netdev_chain, NETDEV_GOING_DOWN, dev); dev_deactivate(dev); @@ -922,7 +924,7 @@ int dev_close(struct net_device *dev) /* * Tell people we are down */ - notifier_call_chain(&netdev_chain, NETDEV_DOWN, dev); + blocking_notifier_call_chain(&netdev_chain, NETDEV_DOWN, dev); return 0; } @@ -953,7 +955,7 @@ int register_netdevice_notifier(struct notifier_block *nb) int err; rtnl_lock(); - err = notifier_chain_register(&netdev_chain, nb); + err = blocking_notifier_chain_register(&netdev_chain, nb); if (!err) { for (dev = dev_base; dev; dev = dev->next) { nb->notifier_call(nb, NETDEV_REGISTER, dev); @@ -978,7 +980,12 @@ int register_netdevice_notifier(struct notifier_block *nb) int unregister_netdevice_notifier(struct notifier_block *nb) { - return notifier_chain_unregister(&netdev_chain, nb); + int err; + + rtnl_lock(); + err = blocking_notifier_chain_unregister(&netdev_chain, nb); + rtnl_unlock(); + return err; } /** @@ -987,12 +994,12 @@ int unregister_netdevice_notifier(struct notifier_block *nb) * @v: pointer passed unmodified to notifier function * * Call all network notifier blocks. Parameters and return value - * are as for notifier_call_chain(). + * are as for blocking_notifier_call_chain(). */ int call_netdevice_notifiers(unsigned long val, void *v) { - return notifier_call_chain(&netdev_chain, val, v); + return blocking_notifier_call_chain(&netdev_chain, val, v); } /* When > 0 there are consumers of rx skb time stamps */ @@ -1448,8 +1455,29 @@ static inline struct net_device *skb_bond(struct sk_buff *skb) { struct net_device *dev = skb->dev; - if (dev->master) + if (dev->master) { + /* + * On bonding slaves other than the currently active + * slave, suppress duplicates except for 802.3ad + * ETH_P_SLOW and alb non-mcast/bcast. + */ + if (dev->priv_flags & IFF_SLAVE_INACTIVE) { + if (dev->master->priv_flags & IFF_MASTER_ALB) { + if (skb->pkt_type != PACKET_BROADCAST && + skb->pkt_type != PACKET_MULTICAST) + goto keep; + } + + if (dev->master->priv_flags & IFF_MASTER_8023AD && + skb->protocol == __constant_htons(ETH_P_SLOW)) + goto keep; + + kfree_skb(skb); + return NULL; + } +keep: skb->dev = dev->master; + } return dev; } @@ -1593,6 +1621,9 @@ int netif_receive_skb(struct sk_buff *skb) orig_dev = skb_bond(skb); + if (!orig_dev) + return NET_RX_DROP; + __get_cpu_var(netdev_rx_stat).total++; skb->h.raw = skb->nh.raw = skb->data; @@ -1737,8 +1768,7 @@ static void net_rx_action(struct softirq_action *h) if (dev->quota <= 0 || dev->poll(dev, &budget)) { netpoll_poll_unlock(have); local_irq_disable(); - list_del(&dev->poll_list); - list_add_tail(&dev->poll_list, &queue->poll_list); + list_move_tail(&dev->poll_list, &queue->poll_list); if (dev->quota < 0) dev->quota += dev->weight; else @@ -2028,7 +2058,7 @@ static struct file_operations softnet_seq_fops = { .release = seq_release, }; -#ifdef WIRELESS_EXT +#ifdef CONFIG_WIRELESS_EXT extern int wireless_proc_init(void); #else #define wireless_proc_init() 0 @@ -2120,6 +2150,12 @@ void dev_set_promiscuity(struct net_device *dev, int inc) printk(KERN_INFO "device %s %s promiscuous mode\n", dev->name, (dev->flags & IFF_PROMISC) ? "entered" : "left"); + audit_log(current->audit_context, GFP_ATOMIC, + AUDIT_ANOM_PROMISCUOUS, + "dev=%s prom=%d old_prom=%d auid=%u", + dev->name, (dev->flags & IFF_PROMISC), + (old_flags & IFF_PROMISC), + audit_get_loginuid(current->audit_context)); } } @@ -2152,12 +2188,20 @@ unsigned dev_get_flags(const struct net_device *dev) flags = (dev->flags & ~(IFF_PROMISC | IFF_ALLMULTI | - IFF_RUNNING)) | + IFF_RUNNING | + IFF_LOWER_UP | + IFF_DORMANT)) | (dev->gflags & (IFF_PROMISC | IFF_ALLMULTI)); - if (netif_running(dev) && netif_carrier_ok(dev)) - flags |= IFF_RUNNING; + if (netif_running(dev)) { + if (netif_oper_up(dev)) + flags |= IFF_RUNNING; + if (netif_carrier_ok(dev)) + flags |= IFF_LOWER_UP; + if (netif_dormant(dev)) + flags |= IFF_DORMANT; + } return flags; } @@ -2200,7 +2244,8 @@ int dev_change_flags(struct net_device *dev, unsigned flags) if (dev->flags & IFF_UP && ((old_flags ^ dev->flags) &~ (IFF_UP | IFF_PROMISC | IFF_ALLMULTI | IFF_VOLATILE))) - notifier_call_chain(&netdev_chain, NETDEV_CHANGE, dev); + blocking_notifier_call_chain(&netdev_chain, + NETDEV_CHANGE, dev); if ((flags ^ dev->gflags) & IFF_PROMISC) { int inc = (flags & IFF_PROMISC) ? +1 : -1; @@ -2244,8 +2289,8 @@ int dev_set_mtu(struct net_device *dev, int new_mtu) else dev->mtu = new_mtu; if (!err && dev->flags & IFF_UP) - notifier_call_chain(&netdev_chain, - NETDEV_CHANGEMTU, dev); + blocking_notifier_call_chain(&netdev_chain, + NETDEV_CHANGEMTU, dev); return err; } @@ -2261,7 +2306,8 @@ int dev_set_mac_address(struct net_device *dev, struct sockaddr *sa) return -ENODEV; err = dev->set_mac_address(dev, sa); if (!err) - notifier_call_chain(&netdev_chain, NETDEV_CHANGEADDR, dev); + blocking_notifier_call_chain(&netdev_chain, + NETDEV_CHANGEADDR, dev); return err; } @@ -2317,7 +2363,7 @@ static int dev_ifsioc(struct ifreq *ifr, unsigned int cmd) return -EINVAL; memcpy(dev->broadcast, ifr->ifr_hwaddr.sa_data, min(sizeof ifr->ifr_hwaddr.sa_data, (size_t) dev->addr_len)); - notifier_call_chain(&netdev_chain, + blocking_notifier_call_chain(&netdev_chain, NETDEV_CHANGEADDR, dev); return 0; @@ -2436,9 +2482,9 @@ int dev_ioctl(unsigned int cmd, void __user *arg) */ if (cmd == SIOCGIFCONF) { - rtnl_shlock(); + rtnl_lock(); ret = dev_ifconf((char __user *) arg); - rtnl_shunlock(); + rtnl_unlock(); return ret; } if (cmd == SIOCGIFNAME) @@ -2582,7 +2628,7 @@ int dev_ioctl(unsigned int cmd, void __user *arg) ret = -EFAULT; return ret; } -#ifdef WIRELESS_EXT +#ifdef CONFIG_WIRELESS_EXT /* Take care of Wireless Extensions */ if (cmd >= SIOCIWFIRST && cmd <= SIOCIWLAST) { /* If command is `set a parameter', or @@ -2603,7 +2649,7 @@ int dev_ioctl(unsigned int cmd, void __user *arg) ret = -EFAULT; return ret; } -#endif /* WIRELESS_EXT */ +#endif /* CONFIG_WIRELESS_EXT */ return -EINVAL; } } @@ -2771,7 +2817,7 @@ int register_netdevice(struct net_device *dev) write_unlock_bh(&dev_base_lock); /* Notify protocols, that a new device appeared. */ - notifier_call_chain(&netdev_chain, NETDEV_REGISTER, dev); + blocking_notifier_call_chain(&netdev_chain, NETDEV_REGISTER, dev); /* Finish registration after unlock */ net_set_todo(dev); @@ -2847,10 +2893,10 @@ static void netdev_wait_allrefs(struct net_device *dev) rebroadcast_time = warning_time = jiffies; while (atomic_read(&dev->refcnt) != 0) { if (time_after(jiffies, rebroadcast_time + 1 * HZ)) { - rtnl_shlock(); + rtnl_lock(); /* Rebroadcast unregister notification */ - notifier_call_chain(&netdev_chain, + blocking_notifier_call_chain(&netdev_chain, NETDEV_UNREGISTER, dev); if (test_bit(__LINK_STATE_LINKWATCH_PENDING, @@ -2864,7 +2910,7 @@ static void netdev_wait_allrefs(struct net_device *dev) linkwatch_run_queue(); } - rtnl_shunlock(); + __rtnl_unlock(); rebroadcast_time = jiffies; } @@ -2902,7 +2948,7 @@ static void netdev_wait_allrefs(struct net_device *dev) * 2) Since we run with the RTNL semaphore not held, we can sleep * safely in order to wait for the netdev refcnt to drop to zero. */ -static DECLARE_MUTEX(net_todo_run_mutex); +static DEFINE_MUTEX(net_todo_run_mutex); void netdev_run_todo(void) { struct list_head list = LIST_HEAD_INIT(list); @@ -2910,7 +2956,7 @@ void netdev_run_todo(void) /* Need to guard against multiple cpu's getting out of order. */ - down(&net_todo_run_mutex); + mutex_lock(&net_todo_run_mutex); /* Not safe to do outside the semaphore. We must not return * until all unregister events invoked by the local processor @@ -2967,7 +3013,7 @@ void netdev_run_todo(void) } out: - up(&net_todo_run_mutex); + mutex_unlock(&net_todo_run_mutex); } /** @@ -3106,7 +3152,7 @@ int unregister_netdevice(struct net_device *dev) /* Notify protocols, that we are about to destroy this device. They should clean all the things. */ - notifier_call_chain(&netdev_chain, NETDEV_UNREGISTER, dev); + blocking_notifier_call_chain(&netdev_chain, NETDEV_UNREGISTER, dev); /* * Flush the multicast chain diff --git a/net/core/flow.c b/net/core/flow.c index c4f2538..55789f8 100644 --- a/net/core/flow.c +++ b/net/core/flow.c @@ -20,6 +20,7 @@ #include <linux/notifier.h> #include <linux/cpu.h> #include <linux/cpumask.h> +#include <linux/mutex.h> #include <net/flow.h> #include <asm/atomic.h> #include <asm/semaphore.h> @@ -287,11 +288,11 @@ static void flow_cache_flush_per_cpu(void *data) void flow_cache_flush(void) { struct flow_flush_info info; - static DECLARE_MUTEX(flow_flush_sem); + static DEFINE_MUTEX(flow_flush_sem); /* Don't want cpus going down or up during this. */ lock_cpu_hotplug(); - down(&flow_flush_sem); + mutex_lock(&flow_flush_sem); atomic_set(&info.cpuleft, num_online_cpus()); init_completion(&info.completion); @@ -301,7 +302,7 @@ void flow_cache_flush(void) local_bh_enable(); wait_for_completion(&info.completion); - up(&flow_flush_sem); + mutex_unlock(&flow_flush_sem); unlock_cpu_hotplug(); } diff --git a/net/core/link_watch.c b/net/core/link_watch.c index d43d120..341de44 100644 --- a/net/core/link_watch.c +++ b/net/core/link_watch.c @@ -49,6 +49,45 @@ struct lw_event { /* Avoid kmalloc() for most systems */ static struct lw_event singleevent; +static unsigned char default_operstate(const struct net_device *dev) +{ + if (!netif_carrier_ok(dev)) + return (dev->ifindex != dev->iflink ? + IF_OPER_LOWERLAYERDOWN : IF_OPER_DOWN); + + if (netif_dormant(dev)) + return IF_OPER_DORMANT; + + return IF_OPER_UP; +} + + +static void rfc2863_policy(struct net_device *dev) +{ + unsigned char operstate = default_operstate(dev); + + if (operstate == dev->operstate) + return; + + write_lock_bh(&dev_base_lock); + + switch(dev->link_mode) { + case IF_LINK_MODE_DORMANT: + if (operstate == IF_OPER_UP) + operstate = IF_OPER_DORMANT; + break; + + case IF_LINK_MODE_DEFAULT: + default: + break; + }; + + dev->operstate = operstate; + + write_unlock_bh(&dev_base_lock); +} + + /* Must be called with the rtnl semaphore held */ void linkwatch_run_queue(void) { @@ -74,6 +113,7 @@ void linkwatch_run_queue(void) */ clear_bit(__LINK_STATE_LINKWATCH_PENDING, &dev->state); + rfc2863_policy(dev); if (dev->flags & IFF_UP) { if (netif_carrier_ok(dev)) { WARN_ON(dev->qdisc_sleeping == &noop_qdisc); @@ -99,9 +139,9 @@ static void linkwatch_event(void *dummy) linkwatch_nextevent = jiffies + HZ; clear_bit(LW_RUNNING, &linkwatch_flags); - rtnl_shlock(); + rtnl_lock(); linkwatch_run_queue(); - rtnl_shunlock(); + rtnl_unlock(); } diff --git a/net/core/neighbour.c b/net/core/neighbour.c index e68700f..0c86668 100644 --- a/net/core/neighbour.c +++ b/net/core/neighbour.c @@ -586,8 +586,8 @@ void neigh_destroy(struct neighbour *neigh) kfree(hh); } - if (neigh->ops && neigh->ops->destructor) - (neigh->ops->destructor)(neigh); + if (neigh->parms->neigh_destructor) + (neigh->parms->neigh_destructor)(neigh); skb_queue_purge(&neigh->arp_queue); @@ -750,11 +750,13 @@ static void neigh_timer_handler(unsigned long arg) neigh->used + neigh->parms->delay_probe_time)) { NEIGH_PRINTK2("neigh %p is delayed.\n", neigh); neigh->nud_state = NUD_DELAY; + neigh->updated = jiffies; neigh_suspect(neigh); next = now + neigh->parms->delay_probe_time; } else { NEIGH_PRINTK2("neigh %p is suspected.\n", neigh); neigh->nud_state = NUD_STALE; + neigh->updated = jiffies; neigh_suspect(neigh); } } else if (state & NUD_DELAY) { @@ -762,11 +764,13 @@ static void neigh_timer_handler(unsigned long arg) neigh->confirmed + neigh->parms->delay_probe_time)) { NEIGH_PRINTK2("neigh %p is now reachable.\n", neigh); neigh->nud_state = NUD_REACHABLE; + neigh->updated = jiffies; neigh_connect(neigh); next = neigh->confirmed + neigh->parms->reachable_time; } else { NEIGH_PRINTK2("neigh %p is probed.\n", neigh); neigh->nud_state = NUD_PROBE; + neigh->updated = jiffies; atomic_set(&neigh->probes, 0); next = now + neigh->parms->retrans_time; } @@ -780,6 +784,7 @@ static void neigh_timer_handler(unsigned long arg) struct sk_buff *skb; neigh->nud_state = NUD_FAILED; + neigh->updated = jiffies; notify = 1; NEIGH_CACHE_STAT_INC(neigh->tbl, res_failed); NEIGH_PRINTK2("neigh %p is failed.\n", neigh); @@ -843,10 +848,12 @@ int __neigh_event_send(struct neighbour *neigh, struct sk_buff *skb) if (neigh->parms->mcast_probes + neigh->parms->app_probes) { atomic_set(&neigh->probes, neigh->parms->ucast_probes); neigh->nud_state = NUD_INCOMPLETE; + neigh->updated = jiffies; neigh_hold(neigh); neigh_add_timer(neigh, now + 1); } else { neigh->nud_state = NUD_FAILED; + neigh->updated = jiffies; write_unlock_bh(&neigh->lock); if (skb) @@ -857,6 +864,7 @@ int __neigh_event_send(struct neighbour *neigh, struct sk_buff *skb) NEIGH_PRINTK2("neigh %p is delayed.\n", neigh); neigh_hold(neigh); neigh->nud_state = NUD_DELAY; + neigh->updated = jiffies; neigh_add_timer(neigh, jiffies + neigh->parms->delay_probe_time); } diff --git a/net/core/net-sysfs.c b/net/core/net-sysfs.c index e8b2acb..21b6846 100644 --- a/net/core/net-sysfs.c +++ b/net/core/net-sysfs.c @@ -91,6 +91,7 @@ NETDEVICE_SHOW(iflink, fmt_dec); NETDEVICE_SHOW(ifindex, fmt_dec); NETDEVICE_SHOW(features, fmt_long_hex); NETDEVICE_SHOW(type, fmt_dec); +NETDEVICE_SHOW(link_mode, fmt_dec); /* use same locking rules as GIFHWADDR ioctl's */ static ssize_t format_addr(char *buf, const unsigned char *addr, int len) @@ -133,6 +134,43 @@ static ssize_t show_carrier(struct class_device *dev, char *buf) return -EINVAL; } +static ssize_t show_dormant(struct class_device *dev, char *buf) +{ + struct net_device *netdev = to_net_dev(dev); + + if (netif_running(netdev)) + return sprintf(buf, fmt_dec, !!netif_dormant(netdev)); + + return -EINVAL; +} + +static const char *operstates[] = { + "unknown", + "notpresent", /* currently unused */ + "down", + "lowerlayerdown", + "testing", /* currently unused */ + "dormant", + "up" +}; + +static ssize_t show_operstate(struct class_device *dev, char *buf) +{ + const struct net_device *netdev = to_net_dev(dev); + unsigned char operstate; + + read_lock(&dev_base_lock); + operstate = netdev->operstate; + if (!netif_running(netdev)) + operstate = IF_OPER_DOWN; + read_unlock(&dev_base_lock); + + if (operstate >= sizeof(operstates)) + return -EINVAL; /* should not happen */ + + return sprintf(buf, "%s\n", operstates[operstate]); +} + /* read-write attributes */ NETDEVICE_SHOW(mtu, fmt_dec); @@ -190,9 +228,12 @@ static struct class_device_attribute net_class_attributes[] = { __ATTR(ifindex, S_IRUGO, show_ifindex, NULL), __ATTR(features, S_IRUGO, show_features, NULL), __ATTR(type, S_IRUGO, show_type, NULL), + __ATTR(link_mode, S_IRUGO, show_link_mode, NULL), __ATTR(address, S_IRUGO, show_address, NULL), __ATTR(broadcast, S_IRUGO, show_broadcast, NULL), __ATTR(carrier, S_IRUGO, show_carrier, NULL), + __ATTR(dormant, S_IRUGO, show_dormant, NULL), + __ATTR(operstate, S_IRUGO, show_operstate, NULL), __ATTR(mtu, S_IRUGO | S_IWUSR, show_mtu, store_mtu), __ATTR(flags, S_IRUGO | S_IWUSR, show_flags, store_flags), __ATTR(tx_queue_len, S_IRUGO | S_IWUSR, show_tx_queue_len, diff --git a/net/core/netpoll.c b/net/core/netpoll.c index ea51f8d..e8e05ce 100644 --- a/net/core/netpoll.c +++ b/net/core/netpoll.c @@ -669,14 +669,14 @@ int netpoll_setup(struct netpoll *np) printk(KERN_INFO "%s: device %s not up yet, forcing it\n", np->name, np->dev_name); - rtnl_shlock(); + rtnl_lock(); if (dev_change_flags(ndev, ndev->flags | IFF_UP) < 0) { printk(KERN_ERR "%s: failed to open %s\n", np->name, np->dev_name); - rtnl_shunlock(); + rtnl_unlock(); goto release; } - rtnl_shunlock(); + rtnl_unlock(); atleast = jiffies + HZ/10; atmost = jiffies + 4*HZ; diff --git a/net/core/pktgen.c b/net/core/pktgen.c index da16f8f..c23e9c0 100644 --- a/net/core/pktgen.c +++ b/net/core/pktgen.c @@ -106,6 +106,9 @@ * * interruptible_sleep_on_timeout() replaced Nishanth Aravamudan <nacc@us.ibm.com> * 050103 + * + * MPLS support by Steven Whitehouse <steve@chygwyn.com> + * */ #include <linux/sys.h> #include <linux/types.h> @@ -113,6 +116,7 @@ #include <linux/moduleparam.h> #include <linux/kernel.h> #include <linux/smp_lock.h> +#include <linux/mutex.h> #include <linux/sched.h> #include <linux/slab.h> #include <linux/vmalloc.h> @@ -125,6 +129,7 @@ #include <linux/capability.h> #include <linux/delay.h> #include <linux/timer.h> +#include <linux/list.h> #include <linux/init.h> #include <linux/skbuff.h> #include <linux/netdevice.h> @@ -149,38 +154,37 @@ #include <asm/io.h> #include <asm/dma.h> #include <asm/uaccess.h> -#include <asm/div64.h> /* do_div */ +#include <asm/div64.h> /* do_div */ #include <asm/timex.h> - -#define VERSION "pktgen v2.63: Packet Generator for packet performance testing.\n" +#define VERSION "pktgen v2.67: Packet Generator for packet performance testing.\n" /* #define PG_DEBUG(a) a */ -#define PG_DEBUG(a) +#define PG_DEBUG(a) /* The buckets are exponential in 'width' */ #define LAT_BUCKETS_MAX 32 #define IP_NAME_SZ 32 +#define MAX_MPLS_LABELS 16 /* This is the max label stack depth */ +#define MPLS_STACK_BOTTOM __constant_htonl(0x00000100) /* Device flag bits */ -#define F_IPSRC_RND (1<<0) /* IP-Src Random */ -#define F_IPDST_RND (1<<1) /* IP-Dst Random */ -#define F_UDPSRC_RND (1<<2) /* UDP-Src Random */ -#define F_UDPDST_RND (1<<3) /* UDP-Dst Random */ -#define F_MACSRC_RND (1<<4) /* MAC-Src Random */ -#define F_MACDST_RND (1<<5) /* MAC-Dst Random */ -#define F_TXSIZE_RND (1<<6) /* Transmit size is random */ -#define F_IPV6 (1<<7) /* Interface in IPV6 Mode */ +#define F_IPSRC_RND (1<<0) /* IP-Src Random */ +#define F_IPDST_RND (1<<1) /* IP-Dst Random */ +#define F_UDPSRC_RND (1<<2) /* UDP-Src Random */ +#define F_UDPDST_RND (1<<3) /* UDP-Dst Random */ +#define F_MACSRC_RND (1<<4) /* MAC-Src Random */ +#define F_MACDST_RND (1<<5) /* MAC-Dst Random */ +#define F_TXSIZE_RND (1<<6) /* Transmit size is random */ +#define F_IPV6 (1<<7) /* Interface in IPV6 Mode */ +#define F_MPLS_RND (1<<8) /* Random MPLS labels */ /* Thread control flag bits */ -#define T_TERMINATE (1<<0) -#define T_STOP (1<<1) /* Stop run */ -#define T_RUN (1<<2) /* Start run */ -#define T_REMDEV (1<<3) /* Remove all devs */ - -/* Locks */ -#define thread_lock() down(&pktgen_sem) -#define thread_unlock() up(&pktgen_sem) +#define T_TERMINATE (1<<0) +#define T_STOP (1<<1) /* Stop run */ +#define T_RUN (1<<2) /* Start run */ +#define T_REMDEVALL (1<<3) /* Remove all devs */ +#define T_REMDEV (1<<4) /* Remove one dev */ /* If lock -- can be removed after some work */ #define if_lock(t) spin_lock(&(t->if_lock)); @@ -194,10 +198,9 @@ static struct proc_dir_entry *pg_proc_dir = NULL; #define MAX_CFLOWS 65536 -struct flow_state -{ - __u32 cur_daddr; - int count; +struct flow_state { + __u32 cur_daddr; + int count; }; struct pktgen_dev { @@ -206,141 +209,148 @@ struct pktgen_dev { * Try to keep frequent/infrequent used vars. separated. */ - char ifname[IFNAMSIZ]; - char result[512]; - - struct pktgen_thread* pg_thread; /* the owner */ - struct pktgen_dev *next; /* Used for chaining in the thread's run-queue */ - - int running; /* if this changes to false, the test will stop */ - - /* If min != max, then we will either do a linear iteration, or - * we will do a random selection from within the range. - */ - __u32 flags; - - int min_pkt_size; /* = ETH_ZLEN; */ - int max_pkt_size; /* = ETH_ZLEN; */ - int nfrags; - __u32 delay_us; /* Default delay */ - __u32 delay_ns; - __u64 count; /* Default No packets to send */ - __u64 sofar; /* How many pkts we've sent so far */ - __u64 tx_bytes; /* How many bytes we've transmitted */ - __u64 errors; /* Errors when trying to transmit, pkts will be re-sent */ - - /* runtime counters relating to clone_skb */ - __u64 next_tx_us; /* timestamp of when to tx next */ - __u32 next_tx_ns; - - __u64 allocated_skbs; - __u32 clone_count; - int last_ok; /* Was last skb sent? - * Or a failed transmit of some sort? This will keep - * sequence numbers in order, for example. - */ - __u64 started_at; /* micro-seconds */ - __u64 stopped_at; /* micro-seconds */ - __u64 idle_acc; /* micro-seconds */ - __u32 seq_num; - - int clone_skb; /* Use multiple SKBs during packet gen. If this number - * is greater than 1, then that many copies of the same - * packet will be sent before a new packet is allocated. - * For instance, if you want to send 1024 identical packets - * before creating a new packet, set clone_skb to 1024. - */ - - char dst_min[IP_NAME_SZ]; /* IP, ie 1.2.3.4 */ - char dst_max[IP_NAME_SZ]; /* IP, ie 1.2.3.4 */ - char src_min[IP_NAME_SZ]; /* IP, ie 1.2.3.4 */ - char src_max[IP_NAME_SZ]; /* IP, ie 1.2.3.4 */ - - struct in6_addr in6_saddr; - struct in6_addr in6_daddr; - struct in6_addr cur_in6_daddr; - struct in6_addr cur_in6_saddr; + char ifname[IFNAMSIZ]; + char result[512]; + + struct pktgen_thread *pg_thread; /* the owner */ + struct list_head list; /* Used for chaining in the thread's run-queue */ + + int running; /* if this changes to false, the test will stop */ + + /* If min != max, then we will either do a linear iteration, or + * we will do a random selection from within the range. + */ + __u32 flags; + int removal_mark; /* non-zero => the device is marked for + * removal by worker thread */ + + int min_pkt_size; /* = ETH_ZLEN; */ + int max_pkt_size; /* = ETH_ZLEN; */ + int nfrags; + __u32 delay_us; /* Default delay */ + __u32 delay_ns; + __u64 count; /* Default No packets to send */ + __u64 sofar; /* How many pkts we've sent so far */ + __u64 tx_bytes; /* How many bytes we've transmitted */ + __u64 errors; /* Errors when trying to transmit, pkts will be re-sent */ + + /* runtime counters relating to clone_skb */ + __u64 next_tx_us; /* timestamp of when to tx next */ + __u32 next_tx_ns; + + __u64 allocated_skbs; + __u32 clone_count; + int last_ok; /* Was last skb sent? + * Or a failed transmit of some sort? This will keep + * sequence numbers in order, for example. + */ + __u64 started_at; /* micro-seconds */ + __u64 stopped_at; /* micro-seconds */ + __u64 idle_acc; /* micro-seconds */ + __u32 seq_num; + + int clone_skb; /* Use multiple SKBs during packet gen. If this number + * is greater than 1, then that many copies of the same + * packet will be sent before a new packet is allocated. + * For instance, if you want to send 1024 identical packets + * before creating a new packet, set clone_skb to 1024. + */ + + char dst_min[IP_NAME_SZ]; /* IP, ie 1.2.3.4 */ + char dst_max[IP_NAME_SZ]; /* IP, ie 1.2.3.4 */ + char src_min[IP_NAME_SZ]; /* IP, ie 1.2.3.4 */ + char src_max[IP_NAME_SZ]; /* IP, ie 1.2.3.4 */ + + struct in6_addr in6_saddr; + struct in6_addr in6_daddr; + struct in6_addr cur_in6_daddr; + struct in6_addr cur_in6_saddr; /* For ranges */ - struct in6_addr min_in6_daddr; - struct in6_addr max_in6_daddr; - struct in6_addr min_in6_saddr; - struct in6_addr max_in6_saddr; - - /* If we're doing ranges, random or incremental, then this - * defines the min/max for those ranges. - */ - __u32 saddr_min; /* inclusive, source IP address */ - __u32 saddr_max; /* exclusive, source IP address */ - __u32 daddr_min; /* inclusive, dest IP address */ - __u32 daddr_max; /* exclusive, dest IP address */ - - __u16 udp_src_min; /* inclusive, source UDP port */ - __u16 udp_src_max; /* exclusive, source UDP port */ - __u16 udp_dst_min; /* inclusive, dest UDP port */ - __u16 udp_dst_max; /* exclusive, dest UDP port */ - - __u32 src_mac_count; /* How many MACs to iterate through */ - __u32 dst_mac_count; /* How many MACs to iterate through */ - - unsigned char dst_mac[ETH_ALEN]; - unsigned char src_mac[ETH_ALEN]; - - __u32 cur_dst_mac_offset; - __u32 cur_src_mac_offset; - __u32 cur_saddr; - __u32 cur_daddr; - __u16 cur_udp_dst; - __u16 cur_udp_src; - __u32 cur_pkt_size; - - __u8 hh[14]; - /* = { - 0x00, 0x80, 0xC8, 0x79, 0xB3, 0xCB, - - We fill in SRC address later - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x08, 0x00 - }; - */ - __u16 pad; /* pad out the hh struct to an even 16 bytes */ - - struct sk_buff* skb; /* skb we are to transmit next, mainly used for when we - * are transmitting the same one multiple times - */ - struct net_device* odev; /* The out-going device. Note that the device should - * have it's pg_info pointer pointing back to this - * device. This will be set when the user specifies - * the out-going device name (not when the inject is - * started as it used to do.) - */ + struct in6_addr min_in6_daddr; + struct in6_addr max_in6_daddr; + struct in6_addr min_in6_saddr; + struct in6_addr max_in6_saddr; + + /* If we're doing ranges, random or incremental, then this + * defines the min/max for those ranges. + */ + __u32 saddr_min; /* inclusive, source IP address */ + __u32 saddr_max; /* exclusive, source IP address */ + __u32 daddr_min; /* inclusive, dest IP address */ + __u32 daddr_max; /* exclusive, dest IP address */ + + __u16 udp_src_min; /* inclusive, source UDP port */ + __u16 udp_src_max; /* exclusive, source UDP port */ + __u16 udp_dst_min; /* inclusive, dest UDP port */ + __u16 udp_dst_max; /* exclusive, dest UDP port */ + + /* MPLS */ + unsigned nr_labels; /* Depth of stack, 0 = no MPLS */ + __be32 labels[MAX_MPLS_LABELS]; + + __u32 src_mac_count; /* How many MACs to iterate through */ + __u32 dst_mac_count; /* How many MACs to iterate through */ + + unsigned char dst_mac[ETH_ALEN]; + unsigned char src_mac[ETH_ALEN]; + + __u32 cur_dst_mac_offset; + __u32 cur_src_mac_offset; + __u32 cur_saddr; + __u32 cur_daddr; + __u16 cur_udp_dst; + __u16 cur_udp_src; + __u32 cur_pkt_size; + + __u8 hh[14]; + /* = { + 0x00, 0x80, 0xC8, 0x79, 0xB3, 0xCB, + + We fill in SRC address later + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x08, 0x00 + }; + */ + __u16 pad; /* pad out the hh struct to an even 16 bytes */ + + struct sk_buff *skb; /* skb we are to transmit next, mainly used for when we + * are transmitting the same one multiple times + */ + struct net_device *odev; /* The out-going device. Note that the device should + * have it's pg_info pointer pointing back to this + * device. This will be set when the user specifies + * the out-going device name (not when the inject is + * started as it used to do.) + */ struct flow_state *flows; - unsigned cflows; /* Concurrent flows (config) */ - unsigned lflow; /* Flow length (config) */ - unsigned nflows; /* accumulated flows (stats) */ + unsigned cflows; /* Concurrent flows (config) */ + unsigned lflow; /* Flow length (config) */ + unsigned nflows; /* accumulated flows (stats) */ }; struct pktgen_hdr { - __u32 pgh_magic; - __u32 seq_num; + __u32 pgh_magic; + __u32 seq_num; __u32 tv_sec; __u32 tv_usec; }; struct pktgen_thread { - spinlock_t if_lock; - struct pktgen_dev *if_list; /* All device here */ - struct pktgen_thread* next; - char name[32]; - char result[512]; - u32 max_before_softirq; /* We'll call do_softirq to prevent starvation. */ - - /* Field for thread to receive "posted" events terminate, stop ifs etc.*/ - - u32 control; + spinlock_t if_lock; + struct list_head if_list; /* All device here */ + struct list_head th_list; + int removed; + char name[32]; + char result[512]; + u32 max_before_softirq; /* We'll call do_softirq to prevent starvation. */ + + /* Field for thread to receive "posted" events terminate, stop ifs etc. */ + + u32 control; int pid; int cpu; - wait_queue_head_t queue; + wait_queue_head_t queue; }; #define REMOVE 1 @@ -364,77 +374,76 @@ struct pktgen_thread { */ static inline s64 divremdi3(s64 x, s64 y, int type) { - u64 a = (x < 0) ? -x : x; - u64 b = (y < 0) ? -y : y; - u64 res = 0, d = 1; - - if (b > 0) { - while (b < a) { - b <<= 1; - d <<= 1; - } - } - - do { - if ( a >= b ) { - a -= b; - res += d; - } - b >>= 1; - d >>= 1; - } - while (d); - - if (PG_DIV == type) { - return (((x ^ y) & (1ll<<63)) == 0) ? res : -(s64)res; - } - else { - return ((x & (1ll<<63)) == 0) ? a : -(s64)a; - } + u64 a = (x < 0) ? -x : x; + u64 b = (y < 0) ? -y : y; + u64 res = 0, d = 1; + + if (b > 0) { + while (b < a) { + b <<= 1; + d <<= 1; + } + } + + do { + if (a >= b) { + a -= b; + res += d; + } + b >>= 1; + d >>= 1; + } + while (d); + + if (PG_DIV == type) { + return (((x ^ y) & (1ll << 63)) == 0) ? res : -(s64) res; + } else { + return ((x & (1ll << 63)) == 0) ? a : -(s64) a; + } } /* End of hacks to deal with 64-bit math on x86 */ /** Convert to milliseconds */ -static inline __u64 tv_to_ms(const struct timeval* tv) +static inline __u64 tv_to_ms(const struct timeval *tv) { - __u64 ms = tv->tv_usec / 1000; - ms += (__u64)tv->tv_sec * (__u64)1000; - return ms; + __u64 ms = tv->tv_usec / 1000; + ms += (__u64) tv->tv_sec * (__u64) 1000; + return ms; } - /** Convert to micro-seconds */ -static inline __u64 tv_to_us(const struct timeval* tv) +static inline __u64 tv_to_us(const struct timeval *tv) { - __u64 us = tv->tv_usec; - us += (__u64)tv->tv_sec * (__u64)1000000; - return us; + __u64 us = tv->tv_usec; + us += (__u64) tv->tv_sec * (__u64) 1000000; + return us; } -static inline __u64 pg_div(__u64 n, __u32 base) { - __u64 tmp = n; - do_div(tmp, base); - /* printk("pktgen: pg_div, n: %llu base: %d rv: %llu\n", - n, base, tmp); */ - return tmp; +static inline __u64 pg_div(__u64 n, __u32 base) +{ + __u64 tmp = n; + do_div(tmp, base); + /* printk("pktgen: pg_div, n: %llu base: %d rv: %llu\n", + n, base, tmp); */ + return tmp; } -static inline __u64 pg_div64(__u64 n, __u64 base) +static inline __u64 pg_div64(__u64 n, __u64 base) { - __u64 tmp = n; + __u64 tmp = n; /* * How do we know if the architecture we are running on * supports division with 64 bit base? * */ -#if defined(__sparc_v9__) || defined(__powerpc64__) || defined(__alpha__) || defined(__x86_64__) || defined(__ia64__) +#if defined(__sparc_v9__) || defined(__powerpc64__) || defined(__alpha__) || defined(__x86_64__) || defined(__ia64__) - do_div(tmp, base); + do_div(tmp, base); #else - tmp = divremdi3(n, base, PG_DIV); + tmp = divremdi3(n, base, PG_DIV); #endif - return tmp; + return tmp; } static inline u32 pktgen_random(void) @@ -448,51 +457,51 @@ static inline u32 pktgen_random(void) #endif } -static inline __u64 getCurMs(void) +static inline __u64 getCurMs(void) { - struct timeval tv; - do_gettimeofday(&tv); - return tv_to_ms(&tv); + struct timeval tv; + do_gettimeofday(&tv); + return tv_to_ms(&tv); } -static inline __u64 getCurUs(void) +static inline __u64 getCurUs(void) { - struct timeval tv; - do_gettimeofday(&tv); - return tv_to_us(&tv); + struct timeval tv; + do_gettimeofday(&tv); + return tv_to_us(&tv); } -static inline __u64 tv_diff(const struct timeval* a, const struct timeval* b) +static inline __u64 tv_diff(const struct timeval *a, const struct timeval *b) { - return tv_to_us(a) - tv_to_us(b); + return tv_to_us(a) - tv_to_us(b); } - /* old include end */ static char version[] __initdata = VERSION; -static int pktgen_remove_device(struct pktgen_thread* t, struct pktgen_dev *i); -static int pktgen_add_device(struct pktgen_thread* t, const char* ifname); -static struct pktgen_dev *pktgen_find_dev(struct pktgen_thread* t, const char* ifname); +static int pktgen_remove_device(struct pktgen_thread *t, struct pktgen_dev *i); +static int pktgen_add_device(struct pktgen_thread *t, const char *ifname); +static struct pktgen_dev *pktgen_find_dev(struct pktgen_thread *t, + const char *ifname); static int pktgen_device_event(struct notifier_block *, unsigned long, void *); static void pktgen_run_all_threads(void); static void pktgen_stop_all_threads_ifs(void); static int pktgen_stop_device(struct pktgen_dev *pkt_dev); -static void pktgen_stop(struct pktgen_thread* t); +static void pktgen_stop(struct pktgen_thread *t); static void pktgen_clear_counters(struct pktgen_dev *pkt_dev); -static struct pktgen_dev *pktgen_NN_threads(const char* dev_name, int remove); -static unsigned int scan_ip6(const char *s,char ip[16]); -static unsigned int fmt_ip6(char *s,const char ip[16]); +static int pktgen_mark_device(const char *ifname); +static unsigned int scan_ip6(const char *s, char ip[16]); +static unsigned int fmt_ip6(char *s, const char ip[16]); /* Module parameters, defaults. */ -static int pg_count_d = 1000; /* 1000 pkts by default */ +static int pg_count_d = 1000; /* 1000 pkts by default */ static int pg_delay_d; static int pg_clone_skb_d; static int debug; -static DECLARE_MUTEX(pktgen_sem); -static struct pktgen_thread *pktgen_threads = NULL; +static DEFINE_MUTEX(pktgen_thread_lock); +static LIST_HEAD(pktgen_threads); static struct notifier_block pktgen_notifier_block = { .notifier_call = pktgen_device_event, @@ -504,21 +513,21 @@ static struct notifier_block pktgen_notifier_block = { */ static int pgctrl_show(struct seq_file *seq, void *v) -{ +{ seq_puts(seq, VERSION); return 0; } -static ssize_t pgctrl_write(struct file* file,const char __user * buf, - size_t count, loff_t *ppos) +static ssize_t pgctrl_write(struct file *file, const char __user * buf, + size_t count, loff_t * ppos) { int err = 0; char data[128]; - if (!capable(CAP_NET_ADMIN)){ - err = -EPERM; + if (!capable(CAP_NET_ADMIN)) { + err = -EPERM; goto out; - } + } if (count > sizeof(data)) count = sizeof(data); @@ -526,22 +535,22 @@ static ssize_t pgctrl_write(struct file* file,const char __user * buf, if (copy_from_user(data, buf, count)) { err = -EFAULT; goto out; - } - data[count-1] = 0; /* Make string */ + } + data[count - 1] = 0; /* Make string */ - if (!strcmp(data, "stop")) + if (!strcmp(data, "stop")) pktgen_stop_all_threads_ifs(); - else if (!strcmp(data, "start")) + else if (!strcmp(data, "start")) pktgen_run_all_threads(); - else + else printk("pktgen: Unknown command: %s\n", data); err = count; - out: - return err; +out: + return err; } static int pgctrl_open(struct inode *inode, struct file *file) @@ -550,147 +559,194 @@ static int pgctrl_open(struct inode *inode, struct file *file) } static struct file_operations pktgen_fops = { - .owner = THIS_MODULE, - .open = pgctrl_open, - .read = seq_read, - .llseek = seq_lseek, - .write = pgctrl_write, - .release = single_release, + .owner = THIS_MODULE, + .open = pgctrl_open, + .read = seq_read, + .llseek = seq_lseek, + .write = pgctrl_write, + .release = single_release, }; static int pktgen_if_show(struct seq_file *seq, void *v) { int i; - struct pktgen_dev *pkt_dev = seq->private; - __u64 sa; - __u64 stopped; - __u64 now = getCurUs(); - - seq_printf(seq, "Params: count %llu min_pkt_size: %u max_pkt_size: %u\n", - (unsigned long long) pkt_dev->count, - pkt_dev->min_pkt_size, pkt_dev->max_pkt_size); + struct pktgen_dev *pkt_dev = seq->private; + __u64 sa; + __u64 stopped; + __u64 now = getCurUs(); + + seq_printf(seq, + "Params: count %llu min_pkt_size: %u max_pkt_size: %u\n", + (unsigned long long)pkt_dev->count, pkt_dev->min_pkt_size, + pkt_dev->max_pkt_size); + + seq_printf(seq, + " frags: %d delay: %u clone_skb: %d ifname: %s\n", + pkt_dev->nfrags, + 1000 * pkt_dev->delay_us + pkt_dev->delay_ns, + pkt_dev->clone_skb, pkt_dev->ifname); + + seq_printf(seq, " flows: %u flowlen: %u\n", pkt_dev->cflows, + pkt_dev->lflow); + + if (pkt_dev->flags & F_IPV6) { + char b1[128], b2[128], b3[128]; + fmt_ip6(b1, pkt_dev->in6_saddr.s6_addr); + fmt_ip6(b2, pkt_dev->min_in6_saddr.s6_addr); + fmt_ip6(b3, pkt_dev->max_in6_saddr.s6_addr); + seq_printf(seq, + " saddr: %s min_saddr: %s max_saddr: %s\n", b1, + b2, b3); + + fmt_ip6(b1, pkt_dev->in6_daddr.s6_addr); + fmt_ip6(b2, pkt_dev->min_in6_daddr.s6_addr); + fmt_ip6(b3, pkt_dev->max_in6_daddr.s6_addr); + seq_printf(seq, + " daddr: %s min_daddr: %s max_daddr: %s\n", b1, + b2, b3); + + } else + seq_printf(seq, + " dst_min: %s dst_max: %s\n src_min: %s src_max: %s\n", + pkt_dev->dst_min, pkt_dev->dst_max, pkt_dev->src_min, + pkt_dev->src_max); + + seq_puts(seq, " src_mac: "); + + if (is_zero_ether_addr(pkt_dev->src_mac)) + for (i = 0; i < 6; i++) + seq_printf(seq, "%02X%s", pkt_dev->odev->dev_addr[i], + i == 5 ? " " : ":"); + else + for (i = 0; i < 6; i++) + seq_printf(seq, "%02X%s", pkt_dev->src_mac[i], + i == 5 ? " " : ":"); + + seq_printf(seq, "dst_mac: "); + for (i = 0; i < 6; i++) + seq_printf(seq, "%02X%s", pkt_dev->dst_mac[i], + i == 5 ? "\n" : ":"); + + seq_printf(seq, + " udp_src_min: %d udp_src_max: %d udp_dst_min: %d udp_dst_max: %d\n", + pkt_dev->udp_src_min, pkt_dev->udp_src_max, + pkt_dev->udp_dst_min, pkt_dev->udp_dst_max); + + seq_printf(seq, + " src_mac_count: %d dst_mac_count: %d\n", + pkt_dev->src_mac_count, pkt_dev->dst_mac_count); - seq_printf(seq, " frags: %d delay: %u clone_skb: %d ifname: %s\n", - pkt_dev->nfrags, 1000*pkt_dev->delay_us+pkt_dev->delay_ns, pkt_dev->clone_skb, pkt_dev->ifname); + if (pkt_dev->nr_labels) { + unsigned i; + seq_printf(seq, " mpls: "); + for(i = 0; i < pkt_dev->nr_labels; i++) + seq_printf(seq, "%08x%s", ntohl(pkt_dev->labels[i]), + i == pkt_dev->nr_labels-1 ? "\n" : ", "); + } - seq_printf(seq, " flows: %u flowlen: %u\n", pkt_dev->cflows, pkt_dev->lflow); + seq_printf(seq, " Flags: "); + if (pkt_dev->flags & F_IPV6) + seq_printf(seq, "IPV6 "); - if(pkt_dev->flags & F_IPV6) { - char b1[128], b2[128], b3[128]; - fmt_ip6(b1, pkt_dev->in6_saddr.s6_addr); - fmt_ip6(b2, pkt_dev->min_in6_saddr.s6_addr); - fmt_ip6(b3, pkt_dev->max_in6_saddr.s6_addr); - seq_printf(seq, " saddr: %s min_saddr: %s max_saddr: %s\n", b1, b2, b3); + if (pkt_dev->flags & F_IPSRC_RND) + seq_printf(seq, "IPSRC_RND "); - fmt_ip6(b1, pkt_dev->in6_daddr.s6_addr); - fmt_ip6(b2, pkt_dev->min_in6_daddr.s6_addr); - fmt_ip6(b3, pkt_dev->max_in6_daddr.s6_addr); - seq_printf(seq, " daddr: %s min_daddr: %s max_daddr: %s\n", b1, b2, b3); + if (pkt_dev->flags & F_IPDST_RND) + seq_printf(seq, "IPDST_RND "); - } - else - seq_printf(seq," dst_min: %s dst_max: %s\n src_min: %s src_max: %s\n", - pkt_dev->dst_min, pkt_dev->dst_max, pkt_dev->src_min, pkt_dev->src_max); + if (pkt_dev->flags & F_TXSIZE_RND) + seq_printf(seq, "TXSIZE_RND "); - seq_puts(seq, " src_mac: "); + if (pkt_dev->flags & F_UDPSRC_RND) + seq_printf(seq, "UDPSRC_RND "); - if (is_zero_ether_addr(pkt_dev->src_mac)) - for (i = 0; i < 6; i++) - seq_printf(seq, "%02X%s", pkt_dev->odev->dev_addr[i], i == 5 ? " " : ":"); - else - for (i = 0; i < 6; i++) - seq_printf(seq, "%02X%s", pkt_dev->src_mac[i], i == 5 ? " " : ":"); + if (pkt_dev->flags & F_UDPDST_RND) + seq_printf(seq, "UDPDST_RND "); - seq_printf(seq, "dst_mac: "); - for (i = 0; i < 6; i++) - seq_printf(seq, "%02X%s", pkt_dev->dst_mac[i], i == 5 ? "\n" : ":"); + if (pkt_dev->flags & F_MPLS_RND) + seq_printf(seq, "MPLS_RND "); - seq_printf(seq, " udp_src_min: %d udp_src_max: %d udp_dst_min: %d udp_dst_max: %d\n", - pkt_dev->udp_src_min, pkt_dev->udp_src_max, pkt_dev->udp_dst_min, - pkt_dev->udp_dst_max); + if (pkt_dev->flags & F_MACSRC_RND) + seq_printf(seq, "MACSRC_RND "); - seq_printf(seq, " src_mac_count: %d dst_mac_count: %d \n Flags: ", - pkt_dev->src_mac_count, pkt_dev->dst_mac_count); + if (pkt_dev->flags & F_MACDST_RND) + seq_printf(seq, "MACDST_RND "); + seq_puts(seq, "\n"); - if (pkt_dev->flags & F_IPV6) - seq_printf(seq, "IPV6 "); - - if (pkt_dev->flags & F_IPSRC_RND) - seq_printf(seq, "IPSRC_RND "); - - if (pkt_dev->flags & F_IPDST_RND) - seq_printf(seq, "IPDST_RND "); - - if (pkt_dev->flags & F_TXSIZE_RND) - seq_printf(seq, "TXSIZE_RND "); - - if (pkt_dev->flags & F_UDPSRC_RND) - seq_printf(seq, "UDPSRC_RND "); - - if (pkt_dev->flags & F_UDPDST_RND) - seq_printf(seq, "UDPDST_RND "); - - if (pkt_dev->flags & F_MACSRC_RND) - seq_printf(seq, "MACSRC_RND "); - - if (pkt_dev->flags & F_MACDST_RND) - seq_printf(seq, "MACDST_RND "); - - - seq_puts(seq, "\n"); - - sa = pkt_dev->started_at; - stopped = pkt_dev->stopped_at; - if (pkt_dev->running) - stopped = now; /* not really stopped, more like last-running-at */ - - seq_printf(seq, "Current:\n pkts-sofar: %llu errors: %llu\n started: %lluus stopped: %lluus idle: %lluus\n", - (unsigned long long) pkt_dev->sofar, - (unsigned long long) pkt_dev->errors, - (unsigned long long) sa, - (unsigned long long) stopped, - (unsigned long long) pkt_dev->idle_acc); - - seq_printf(seq, " seq_num: %d cur_dst_mac_offset: %d cur_src_mac_offset: %d\n", + sa = pkt_dev->started_at; + stopped = pkt_dev->stopped_at; + if (pkt_dev->running) + stopped = now; /* not really stopped, more like last-running-at */ + + seq_printf(seq, + "Current:\n pkts-sofar: %llu errors: %llu\n started: %lluus stopped: %lluus idle: %lluus\n", + (unsigned long long)pkt_dev->sofar, + (unsigned long long)pkt_dev->errors, (unsigned long long)sa, + (unsigned long long)stopped, + (unsigned long long)pkt_dev->idle_acc); + + seq_printf(seq, + " seq_num: %d cur_dst_mac_offset: %d cur_src_mac_offset: %d\n", pkt_dev->seq_num, pkt_dev->cur_dst_mac_offset, pkt_dev->cur_src_mac_offset); - if(pkt_dev->flags & F_IPV6) { + if (pkt_dev->flags & F_IPV6) { char b1[128], b2[128]; - fmt_ip6(b1, pkt_dev->cur_in6_daddr.s6_addr); - fmt_ip6(b2, pkt_dev->cur_in6_saddr.s6_addr); - seq_printf(seq, " cur_saddr: %s cur_daddr: %s\n", b2, b1); - } - else - seq_printf(seq, " cur_saddr: 0x%x cur_daddr: 0x%x\n", + fmt_ip6(b1, pkt_dev->cur_in6_daddr.s6_addr); + fmt_ip6(b2, pkt_dev->cur_in6_saddr.s6_addr); + seq_printf(seq, " cur_saddr: %s cur_daddr: %s\n", b2, b1); + } else + seq_printf(seq, " cur_saddr: 0x%x cur_daddr: 0x%x\n", pkt_dev->cur_saddr, pkt_dev->cur_daddr); - - seq_printf(seq, " cur_udp_dst: %d cur_udp_src: %d\n", + seq_printf(seq, " cur_udp_dst: %d cur_udp_src: %d\n", pkt_dev->cur_udp_dst, pkt_dev->cur_udp_src); - seq_printf(seq, " flows: %u\n", pkt_dev->nflows); + seq_printf(seq, " flows: %u\n", pkt_dev->nflows); if (pkt_dev->result[0]) - seq_printf(seq, "Result: %s\n", pkt_dev->result); + seq_printf(seq, "Result: %s\n", pkt_dev->result); else - seq_printf(seq, "Result: Idle\n"); + seq_printf(seq, "Result: Idle\n"); return 0; } -static int count_trail_chars(const char __user *user_buffer, unsigned int maxlen) +static int hex32_arg(const char __user *user_buffer, __u32 *num) +{ + int i = 0; + *num = 0; + + for(; i < 8; i++) { + char c; + *num <<= 4; + if (get_user(c, &user_buffer[i])) + return -EFAULT; + if ((c >= '0') && (c <= '9')) + *num |= c - '0'; + else if ((c >= 'a') && (c <= 'f')) + *num |= c - 'a' + 10; + else if ((c >= 'A') && (c <= 'F')) + *num |= c - 'A' + 10; + else + break; + } + return i; +} + +static int count_trail_chars(const char __user * user_buffer, + unsigned int maxlen) { int i; for (i = 0; i < maxlen; i++) { - char c; - if (get_user(c, &user_buffer[i])) - return -EFAULT; - switch (c) { + char c; + if (get_user(c, &user_buffer[i])) + return -EFAULT; + switch (c) { case '\"': case '\n': case '\r': @@ -706,34 +762,34 @@ done: return i; } -static unsigned long num_arg(const char __user *user_buffer, unsigned long maxlen, - unsigned long *num) +static unsigned long num_arg(const char __user * user_buffer, + unsigned long maxlen, unsigned long *num) { int i = 0; *num = 0; - - for(; i < maxlen; i++) { - char c; - if (get_user(c, &user_buffer[i])) - return -EFAULT; - if ((c >= '0') && (c <= '9')) { + + for (; i < maxlen; i++) { + char c; + if (get_user(c, &user_buffer[i])) + return -EFAULT; + if ((c >= '0') && (c <= '9')) { *num *= 10; - *num += c -'0'; + *num += c - '0'; } else break; } return i; } -static int strn_len(const char __user *user_buffer, unsigned int maxlen) +static int strn_len(const char __user * user_buffer, unsigned int maxlen) { int i = 0; - for(; i < maxlen; i++) { - char c; - if (get_user(c, &user_buffer[i])) - return -EFAULT; - switch (c) { + for (; i < maxlen; i++) { + char c; + if (get_user(c, &user_buffer[i])) + return -EFAULT; + switch (c) { case '\"': case '\n': case '\r': @@ -746,119 +802,162 @@ static int strn_len(const char __user *user_buffer, unsigned int maxlen) }; } done_str: + return i; +} + +static ssize_t get_labels(const char __user *buffer, struct pktgen_dev *pkt_dev) +{ + unsigned n = 0; + char c; + ssize_t i = 0; + int len; + + pkt_dev->nr_labels = 0; + do { + __u32 tmp; + len = hex32_arg(&buffer[i], &tmp); + if (len <= 0) + return len; + pkt_dev->labels[n] = htonl(tmp); + if (pkt_dev->labels[n] & MPLS_STACK_BOTTOM) + pkt_dev->flags |= F_MPLS_RND; + i += len; + if (get_user(c, &buffer[i])) + return -EFAULT; + i++; + n++; + if (n >= MAX_MPLS_LABELS) + return -E2BIG; + } while(c == ','); + pkt_dev->nr_labels = n; return i; } -static ssize_t pktgen_if_write(struct file *file, const char __user *user_buffer, - size_t count, loff_t *offset) +static ssize_t pktgen_if_write(struct file *file, + const char __user * user_buffer, size_t count, + loff_t * offset) { - struct seq_file *seq = (struct seq_file *) file->private_data; - struct pktgen_dev *pkt_dev = seq->private; + struct seq_file *seq = (struct seq_file *)file->private_data; + struct pktgen_dev *pkt_dev = seq->private; int i = 0, max, len; char name[16], valstr[32]; unsigned long value = 0; - char* pg_result = NULL; - int tmp = 0; + char *pg_result = NULL; + int tmp = 0; char buf[128]; - - pg_result = &(pkt_dev->result[0]); - + + pg_result = &(pkt_dev->result[0]); + if (count < 1) { printk("pktgen: wrong command format\n"); return -EINVAL; } - + max = count - i; tmp = count_trail_chars(&user_buffer[i], max); - if (tmp < 0) { + if (tmp < 0) { printk("pktgen: illegal format\n"); - return tmp; + return tmp; } - i += tmp; - + i += tmp; + /* Read variable name */ len = strn_len(&user_buffer[i], sizeof(name) - 1); - if (len < 0) { return len; } + if (len < 0) { + return len; + } memset(name, 0, sizeof(name)); - if (copy_from_user(name, &user_buffer[i], len) ) + if (copy_from_user(name, &user_buffer[i], len)) return -EFAULT; i += len; - - max = count -i; + + max = count - i; len = count_trail_chars(&user_buffer[i], max); - if (len < 0) - return len; - + if (len < 0) + return len; + i += len; if (debug) { - char tb[count + 1]; - if (copy_from_user(tb, user_buffer, count)) + char tb[count + 1]; + if (copy_from_user(tb, user_buffer, count)) return -EFAULT; - tb[count] = 0; + tb[count] = 0; printk("pktgen: %s,%lu buffer -:%s:-\n", name, - (unsigned long) count, tb); - } + (unsigned long)count, tb); + } if (!strcmp(name, "min_pkt_size")) { len = num_arg(&user_buffer[i], 10, &value); - if (len < 0) { return len; } + if (len < 0) { + return len; + } i += len; - if (value < 14+20+8) - value = 14+20+8; - if (value != pkt_dev->min_pkt_size) { - pkt_dev->min_pkt_size = value; - pkt_dev->cur_pkt_size = value; - } - sprintf(pg_result, "OK: min_pkt_size=%u", pkt_dev->min_pkt_size); + if (value < 14 + 20 + 8) + value = 14 + 20 + 8; + if (value != pkt_dev->min_pkt_size) { + pkt_dev->min_pkt_size = value; + pkt_dev->cur_pkt_size = value; + } + sprintf(pg_result, "OK: min_pkt_size=%u", + pkt_dev->min_pkt_size); return count; } - if (!strcmp(name, "max_pkt_size")) { + if (!strcmp(name, "max_pkt_size")) { len = num_arg(&user_buffer[i], 10, &value); - if (len < 0) { return len; } + if (len < 0) { + return len; + } i += len; - if (value < 14+20+8) - value = 14+20+8; - if (value != pkt_dev->max_pkt_size) { - pkt_dev->max_pkt_size = value; - pkt_dev->cur_pkt_size = value; - } - sprintf(pg_result, "OK: max_pkt_size=%u", pkt_dev->max_pkt_size); + if (value < 14 + 20 + 8) + value = 14 + 20 + 8; + if (value != pkt_dev->max_pkt_size) { + pkt_dev->max_pkt_size = value; + pkt_dev->cur_pkt_size = value; + } + sprintf(pg_result, "OK: max_pkt_size=%u", + pkt_dev->max_pkt_size); return count; } - /* Shortcut for min = max */ + /* Shortcut for min = max */ if (!strcmp(name, "pkt_size")) { len = num_arg(&user_buffer[i], 10, &value); - if (len < 0) { return len; } + if (len < 0) { + return len; + } i += len; - if (value < 14+20+8) - value = 14+20+8; - if (value != pkt_dev->min_pkt_size) { - pkt_dev->min_pkt_size = value; - pkt_dev->max_pkt_size = value; - pkt_dev->cur_pkt_size = value; - } + if (value < 14 + 20 + 8) + value = 14 + 20 + 8; + if (value != pkt_dev->min_pkt_size) { + pkt_dev->min_pkt_size = value; + pkt_dev->max_pkt_size = value; + pkt_dev->cur_pkt_size = value; + } sprintf(pg_result, "OK: pkt_size=%u", pkt_dev->min_pkt_size); return count; } - if (!strcmp(name, "debug")) { + if (!strcmp(name, "debug")) { len = num_arg(&user_buffer[i], 10, &value); - if (len < 0) { return len; } + if (len < 0) { + return len; + } i += len; - debug = value; + debug = value; sprintf(pg_result, "OK: debug=%u", debug); return count; } - if (!strcmp(name, "frags")) { + if (!strcmp(name, "frags")) { len = num_arg(&user_buffer[i], 10, &value); - if (len < 0) { return len; } + if (len < 0) { + return len; + } i += len; pkt_dev->nfrags = value; sprintf(pg_result, "OK: frags=%u", pkt_dev->nfrags); @@ -866,7 +965,9 @@ static ssize_t pktgen_if_write(struct file *file, const char __user *user_buffer } if (!strcmp(name, "delay")) { len = num_arg(&user_buffer[i], 10, &value); - if (len < 0) { return len; } + if (len < 0) { + return len; + } i += len; if (value == 0x7FFFFFFF) { pkt_dev->delay_us = 0x7FFFFFFF; @@ -875,308 +976,353 @@ static ssize_t pktgen_if_write(struct file *file, const char __user *user_buffer pkt_dev->delay_us = value / 1000; pkt_dev->delay_ns = value % 1000; } - sprintf(pg_result, "OK: delay=%u", 1000*pkt_dev->delay_us+pkt_dev->delay_ns); + sprintf(pg_result, "OK: delay=%u", + 1000 * pkt_dev->delay_us + pkt_dev->delay_ns); return count; } - if (!strcmp(name, "udp_src_min")) { + if (!strcmp(name, "udp_src_min")) { len = num_arg(&user_buffer[i], 10, &value); - if (len < 0) { return len; } + if (len < 0) { + return len; + } i += len; - if (value != pkt_dev->udp_src_min) { - pkt_dev->udp_src_min = value; - pkt_dev->cur_udp_src = value; - } + if (value != pkt_dev->udp_src_min) { + pkt_dev->udp_src_min = value; + pkt_dev->cur_udp_src = value; + } sprintf(pg_result, "OK: udp_src_min=%u", pkt_dev->udp_src_min); return count; } - if (!strcmp(name, "udp_dst_min")) { + if (!strcmp(name, "udp_dst_min")) { len = num_arg(&user_buffer[i], 10, &value); - if (len < 0) { return len; } + if (len < 0) { + return len; + } i += len; - if (value != pkt_dev->udp_dst_min) { - pkt_dev->udp_dst_min = value; - pkt_dev->cur_udp_dst = value; - } + if (value != pkt_dev->udp_dst_min) { + pkt_dev->udp_dst_min = value; + pkt_dev->cur_udp_dst = value; + } sprintf(pg_result, "OK: udp_dst_min=%u", pkt_dev->udp_dst_min); return count; } - if (!strcmp(name, "udp_src_max")) { + if (!strcmp(name, "udp_src_max")) { len = num_arg(&user_buffer[i], 10, &value); - if (len < 0) { return len; } + if (len < 0) { + return len; + } i += len; - if (value != pkt_dev->udp_src_max) { - pkt_dev->udp_src_max = value; - pkt_dev->cur_udp_src = value; - } + if (value != pkt_dev->udp_src_max) { + pkt_dev->udp_src_max = value; + pkt_dev->cur_udp_src = value; + } sprintf(pg_result, "OK: udp_src_max=%u", pkt_dev->udp_src_max); return count; } - if (!strcmp(name, "udp_dst_max")) { + if (!strcmp(name, "udp_dst_max")) { len = num_arg(&user_buffer[i], 10, &value); - if (len < 0) { return len; } + if (len < 0) { + return len; + } i += len; - if (value != pkt_dev->udp_dst_max) { - pkt_dev->udp_dst_max = value; - pkt_dev->cur_udp_dst = value; - } + if (value != pkt_dev->udp_dst_max) { + pkt_dev->udp_dst_max = value; + pkt_dev->cur_udp_dst = value; + } sprintf(pg_result, "OK: udp_dst_max=%u", pkt_dev->udp_dst_max); return count; } if (!strcmp(name, "clone_skb")) { len = num_arg(&user_buffer[i], 10, &value); - if (len < 0) { return len; } + if (len < 0) { + return len; + } i += len; - pkt_dev->clone_skb = value; - + pkt_dev->clone_skb = value; + sprintf(pg_result, "OK: clone_skb=%d", pkt_dev->clone_skb); return count; } if (!strcmp(name, "count")) { len = num_arg(&user_buffer[i], 10, &value); - if (len < 0) { return len; } + if (len < 0) { + return len; + } i += len; pkt_dev->count = value; sprintf(pg_result, "OK: count=%llu", - (unsigned long long) pkt_dev->count); + (unsigned long long)pkt_dev->count); return count; } if (!strcmp(name, "src_mac_count")) { len = num_arg(&user_buffer[i], 10, &value); - if (len < 0) { return len; } + if (len < 0) { + return len; + } i += len; if (pkt_dev->src_mac_count != value) { - pkt_dev->src_mac_count = value; - pkt_dev->cur_src_mac_offset = 0; - } - sprintf(pg_result, "OK: src_mac_count=%d", pkt_dev->src_mac_count); + pkt_dev->src_mac_count = value; + pkt_dev->cur_src_mac_offset = 0; + } + sprintf(pg_result, "OK: src_mac_count=%d", + pkt_dev->src_mac_count); return count; } if (!strcmp(name, "dst_mac_count")) { len = num_arg(&user_buffer[i], 10, &value); - if (len < 0) { return len; } + if (len < 0) { + return len; + } i += len; if (pkt_dev->dst_mac_count != value) { - pkt_dev->dst_mac_count = value; - pkt_dev->cur_dst_mac_offset = 0; - } - sprintf(pg_result, "OK: dst_mac_count=%d", pkt_dev->dst_mac_count); + pkt_dev->dst_mac_count = value; + pkt_dev->cur_dst_mac_offset = 0; + } + sprintf(pg_result, "OK: dst_mac_count=%d", + pkt_dev->dst_mac_count); return count; } if (!strcmp(name, "flag")) { - char f[32]; - memset(f, 0, 32); + char f[32]; + memset(f, 0, 32); len = strn_len(&user_buffer[i], sizeof(f) - 1); - if (len < 0) { return len; } + if (len < 0) { + return len; + } if (copy_from_user(f, &user_buffer[i], len)) return -EFAULT; i += len; - if (strcmp(f, "IPSRC_RND") == 0) - pkt_dev->flags |= F_IPSRC_RND; - - else if (strcmp(f, "!IPSRC_RND") == 0) - pkt_dev->flags &= ~F_IPSRC_RND; - - else if (strcmp(f, "TXSIZE_RND") == 0) - pkt_dev->flags |= F_TXSIZE_RND; - - else if (strcmp(f, "!TXSIZE_RND") == 0) - pkt_dev->flags &= ~F_TXSIZE_RND; - - else if (strcmp(f, "IPDST_RND") == 0) - pkt_dev->flags |= F_IPDST_RND; - - else if (strcmp(f, "!IPDST_RND") == 0) - pkt_dev->flags &= ~F_IPDST_RND; - - else if (strcmp(f, "UDPSRC_RND") == 0) - pkt_dev->flags |= F_UDPSRC_RND; - - else if (strcmp(f, "!UDPSRC_RND") == 0) - pkt_dev->flags &= ~F_UDPSRC_RND; - - else if (strcmp(f, "UDPDST_RND") == 0) - pkt_dev->flags |= F_UDPDST_RND; - - else if (strcmp(f, "!UDPDST_RND") == 0) - pkt_dev->flags &= ~F_UDPDST_RND; - - else if (strcmp(f, "MACSRC_RND") == 0) - pkt_dev->flags |= F_MACSRC_RND; - - else if (strcmp(f, "!MACSRC_RND") == 0) - pkt_dev->flags &= ~F_MACSRC_RND; - - else if (strcmp(f, "MACDST_RND") == 0) - pkt_dev->flags |= F_MACDST_RND; - - else if (strcmp(f, "!MACDST_RND") == 0) - pkt_dev->flags &= ~F_MACDST_RND; - - else { - sprintf(pg_result, "Flag -:%s:- unknown\nAvailable flags, (prepend ! to un-set flag):\n%s", - f, - "IPSRC_RND, IPDST_RND, TXSIZE_RND, UDPSRC_RND, UDPDST_RND, MACSRC_RND, MACDST_RND\n"); - return count; - } + if (strcmp(f, "IPSRC_RND") == 0) + pkt_dev->flags |= F_IPSRC_RND; + + else if (strcmp(f, "!IPSRC_RND") == 0) + pkt_dev->flags &= ~F_IPSRC_RND; + + else if (strcmp(f, "TXSIZE_RND") == 0) + pkt_dev->flags |= F_TXSIZE_RND; + + else if (strcmp(f, "!TXSIZE_RND") == 0) + pkt_dev->flags &= ~F_TXSIZE_RND; + + else if (strcmp(f, "IPDST_RND") == 0) + pkt_dev->flags |= F_IPDST_RND; + + else if (strcmp(f, "!IPDST_RND") == 0) + pkt_dev->flags &= ~F_IPDST_RND; + + else if (strcmp(f, "UDPSRC_RND") == 0) + pkt_dev->flags |= F_UDPSRC_RND; + + else if (strcmp(f, "!UDPSRC_RND") == 0) + pkt_dev->flags &= ~F_UDPSRC_RND; + + else if (strcmp(f, "UDPDST_RND") == 0) + pkt_dev->flags |= F_UDPDST_RND; + + else if (strcmp(f, "!UDPDST_RND") == 0) + pkt_dev->flags &= ~F_UDPDST_RND; + + else if (strcmp(f, "MACSRC_RND") == 0) + pkt_dev->flags |= F_MACSRC_RND; + + else if (strcmp(f, "!MACSRC_RND") == 0) + pkt_dev->flags &= ~F_MACSRC_RND; + + else if (strcmp(f, "MACDST_RND") == 0) + pkt_dev->flags |= F_MACDST_RND; + + else if (strcmp(f, "!MACDST_RND") == 0) + pkt_dev->flags &= ~F_MACDST_RND; + + else if (strcmp(f, "MPLS_RND") == 0) + pkt_dev->flags |= F_MPLS_RND; + + else if (strcmp(f, "!MPLS_RND") == 0) + pkt_dev->flags &= ~F_MPLS_RND; + + else { + sprintf(pg_result, + "Flag -:%s:- unknown\nAvailable flags, (prepend ! to un-set flag):\n%s", + f, + "IPSRC_RND, IPDST_RND, TXSIZE_RND, UDPSRC_RND, UDPDST_RND, MACSRC_RND, MACDST_RND\n"); + return count; + } sprintf(pg_result, "OK: flags=0x%x", pkt_dev->flags); return count; } if (!strcmp(name, "dst_min") || !strcmp(name, "dst")) { len = strn_len(&user_buffer[i], sizeof(pkt_dev->dst_min) - 1); - if (len < 0) { return len; } + if (len < 0) { + return len; + } - if (copy_from_user(buf, &user_buffer[i], len)) + if (copy_from_user(buf, &user_buffer[i], len)) return -EFAULT; - buf[len] = 0; - if (strcmp(buf, pkt_dev->dst_min) != 0) { - memset(pkt_dev->dst_min, 0, sizeof(pkt_dev->dst_min)); - strncpy(pkt_dev->dst_min, buf, len); - pkt_dev->daddr_min = in_aton(pkt_dev->dst_min); - pkt_dev->cur_daddr = pkt_dev->daddr_min; - } - if(debug) - printk("pktgen: dst_min set to: %s\n", pkt_dev->dst_min); - i += len; + buf[len] = 0; + if (strcmp(buf, pkt_dev->dst_min) != 0) { + memset(pkt_dev->dst_min, 0, sizeof(pkt_dev->dst_min)); + strncpy(pkt_dev->dst_min, buf, len); + pkt_dev->daddr_min = in_aton(pkt_dev->dst_min); + pkt_dev->cur_daddr = pkt_dev->daddr_min; + } + if (debug) + printk("pktgen: dst_min set to: %s\n", + pkt_dev->dst_min); + i += len; sprintf(pg_result, "OK: dst_min=%s", pkt_dev->dst_min); return count; } if (!strcmp(name, "dst_max")) { len = strn_len(&user_buffer[i], sizeof(pkt_dev->dst_max) - 1); - if (len < 0) { return len; } + if (len < 0) { + return len; + } - if (copy_from_user(buf, &user_buffer[i], len)) + if (copy_from_user(buf, &user_buffer[i], len)) return -EFAULT; - buf[len] = 0; - if (strcmp(buf, pkt_dev->dst_max) != 0) { - memset(pkt_dev->dst_max, 0, sizeof(pkt_dev->dst_max)); - strncpy(pkt_dev->dst_max, buf, len); - pkt_dev->daddr_max = in_aton(pkt_dev->dst_max); - pkt_dev->cur_daddr = pkt_dev->daddr_max; - } - if(debug) - printk("pktgen: dst_max set to: %s\n", pkt_dev->dst_max); + buf[len] = 0; + if (strcmp(buf, pkt_dev->dst_max) != 0) { + memset(pkt_dev->dst_max, 0, sizeof(pkt_dev->dst_max)); + strncpy(pkt_dev->dst_max, buf, len); + pkt_dev->daddr_max = in_aton(pkt_dev->dst_max); + pkt_dev->cur_daddr = pkt_dev->daddr_max; + } + if (debug) + printk("pktgen: dst_max set to: %s\n", + pkt_dev->dst_max); i += len; sprintf(pg_result, "OK: dst_max=%s", pkt_dev->dst_max); return count; } if (!strcmp(name, "dst6")) { len = strn_len(&user_buffer[i], sizeof(buf) - 1); - if (len < 0) return len; + if (len < 0) + return len; pkt_dev->flags |= F_IPV6; - if (copy_from_user(buf, &user_buffer[i], len)) + if (copy_from_user(buf, &user_buffer[i], len)) return -EFAULT; - buf[len] = 0; + buf[len] = 0; scan_ip6(buf, pkt_dev->in6_daddr.s6_addr); - fmt_ip6(buf, pkt_dev->in6_daddr.s6_addr); + fmt_ip6(buf, pkt_dev->in6_daddr.s6_addr); ipv6_addr_copy(&pkt_dev->cur_in6_daddr, &pkt_dev->in6_daddr); - if(debug) + if (debug) printk("pktgen: dst6 set to: %s\n", buf); - i += len; + i += len; sprintf(pg_result, "OK: dst6=%s", buf); return count; } if (!strcmp(name, "dst6_min")) { len = strn_len(&user_buffer[i], sizeof(buf) - 1); - if (len < 0) return len; + if (len < 0) + return len; pkt_dev->flags |= F_IPV6; - if (copy_from_user(buf, &user_buffer[i], len)) + if (copy_from_user(buf, &user_buffer[i], len)) return -EFAULT; - buf[len] = 0; + buf[len] = 0; scan_ip6(buf, pkt_dev->min_in6_daddr.s6_addr); - fmt_ip6(buf, pkt_dev->min_in6_daddr.s6_addr); + fmt_ip6(buf, pkt_dev->min_in6_daddr.s6_addr); - ipv6_addr_copy(&pkt_dev->cur_in6_daddr, &pkt_dev->min_in6_daddr); - if(debug) + ipv6_addr_copy(&pkt_dev->cur_in6_daddr, + &pkt_dev->min_in6_daddr); + if (debug) printk("pktgen: dst6_min set to: %s\n", buf); - i += len; + i += len; sprintf(pg_result, "OK: dst6_min=%s", buf); return count; } if (!strcmp(name, "dst6_max")) { len = strn_len(&user_buffer[i], sizeof(buf) - 1); - if (len < 0) return len; + if (len < 0) + return len; pkt_dev->flags |= F_IPV6; - if (copy_from_user(buf, &user_buffer[i], len)) + if (copy_from_user(buf, &user_buffer[i], len)) return -EFAULT; - buf[len] = 0; + buf[len] = 0; scan_ip6(buf, pkt_dev->max_in6_daddr.s6_addr); - fmt_ip6(buf, pkt_dev->max_in6_daddr.s6_addr); + fmt_ip6(buf, pkt_dev->max_in6_daddr.s6_addr); - if(debug) + if (debug) printk("pktgen: dst6_max set to: %s\n", buf); - i += len; + i += len; sprintf(pg_result, "OK: dst6_max=%s", buf); return count; } if (!strcmp(name, "src6")) { len = strn_len(&user_buffer[i], sizeof(buf) - 1); - if (len < 0) return len; + if (len < 0) + return len; pkt_dev->flags |= F_IPV6; - if (copy_from_user(buf, &user_buffer[i], len)) + if (copy_from_user(buf, &user_buffer[i], len)) return -EFAULT; - buf[len] = 0; + buf[len] = 0; scan_ip6(buf, pkt_dev->in6_saddr.s6_addr); - fmt_ip6(buf, pkt_dev->in6_saddr.s6_addr); + fmt_ip6(buf, pkt_dev->in6_saddr.s6_addr); ipv6_addr_copy(&pkt_dev->cur_in6_saddr, &pkt_dev->in6_saddr); - if(debug) + if (debug) printk("pktgen: src6 set to: %s\n", buf); - - i += len; + + i += len; sprintf(pg_result, "OK: src6=%s", buf); return count; } if (!strcmp(name, "src_min")) { len = strn_len(&user_buffer[i], sizeof(pkt_dev->src_min) - 1); - if (len < 0) { return len; } - if (copy_from_user(buf, &user_buffer[i], len)) + if (len < 0) { + return len; + } + if (copy_from_user(buf, &user_buffer[i], len)) return -EFAULT; - buf[len] = 0; - if (strcmp(buf, pkt_dev->src_min) != 0) { - memset(pkt_dev->src_min, 0, sizeof(pkt_dev->src_min)); - strncpy(pkt_dev->src_min, buf, len); - pkt_dev->saddr_min = in_aton(pkt_dev->src_min); - pkt_dev->cur_saddr = pkt_dev->saddr_min; - } - if(debug) - printk("pktgen: src_min set to: %s\n", pkt_dev->src_min); + buf[len] = 0; + if (strcmp(buf, pkt_dev->src_min) != 0) { + memset(pkt_dev->src_min, 0, sizeof(pkt_dev->src_min)); + strncpy(pkt_dev->src_min, buf, len); + pkt_dev->saddr_min = in_aton(pkt_dev->src_min); + pkt_dev->cur_saddr = pkt_dev->saddr_min; + } + if (debug) + printk("pktgen: src_min set to: %s\n", + pkt_dev->src_min); i += len; sprintf(pg_result, "OK: src_min=%s", pkt_dev->src_min); return count; } if (!strcmp(name, "src_max")) { len = strn_len(&user_buffer[i], sizeof(pkt_dev->src_max) - 1); - if (len < 0) { return len; } - if (copy_from_user(buf, &user_buffer[i], len)) + if (len < 0) { + return len; + } + if (copy_from_user(buf, &user_buffer[i], len)) return -EFAULT; - buf[len] = 0; - if (strcmp(buf, pkt_dev->src_max) != 0) { - memset(pkt_dev->src_max, 0, sizeof(pkt_dev->src_max)); - strncpy(pkt_dev->src_max, buf, len); - pkt_dev->saddr_max = in_aton(pkt_dev->src_max); - pkt_dev->cur_saddr = pkt_dev->saddr_max; - } - if(debug) - printk("pktgen: src_max set to: %s\n", pkt_dev->src_max); + buf[len] = 0; + if (strcmp(buf, pkt_dev->src_max) != 0) { + memset(pkt_dev->src_max, 0, sizeof(pkt_dev->src_max)); + strncpy(pkt_dev->src_max, buf, len); + pkt_dev->saddr_max = in_aton(pkt_dev->src_max); + pkt_dev->cur_saddr = pkt_dev->saddr_max; + } + if (debug) + printk("pktgen: src_max set to: %s\n", + pkt_dev->src_max); i += len; sprintf(pg_result, "OK: src_max=%s", pkt_dev->src_max); return count; @@ -1186,15 +1332,17 @@ static ssize_t pktgen_if_write(struct file *file, const char __user *user_buffer unsigned char old_dmac[ETH_ALEN]; unsigned char *m = pkt_dev->dst_mac; memcpy(old_dmac, pkt_dev->dst_mac, ETH_ALEN); - + len = strn_len(&user_buffer[i], sizeof(valstr) - 1); - if (len < 0) { return len; } + if (len < 0) { + return len; + } memset(valstr, 0, sizeof(valstr)); - if( copy_from_user(valstr, &user_buffer[i], len)) + if (copy_from_user(valstr, &user_buffer[i], len)) return -EFAULT; i += len; - for(*m = 0;*v && m < pkt_dev->dst_mac + 6; v++) { + for (*m = 0; *v && m < pkt_dev->dst_mac + 6; v++) { if (*v >= '0' && *v <= '9') { *m *= 16; *m += *v - '0'; @@ -1216,7 +1364,7 @@ static ssize_t pktgen_if_write(struct file *file, const char __user *user_buffer /* Set up Dest MAC */ if (compare_ether_addr(old_dmac, pkt_dev->dst_mac)) memcpy(&(pkt_dev->hh[0]), pkt_dev->dst_mac, ETH_ALEN); - + sprintf(pg_result, "OK: dstmac"); return count; } @@ -1225,13 +1373,15 @@ static ssize_t pktgen_if_write(struct file *file, const char __user *user_buffer unsigned char *m = pkt_dev->src_mac; len = strn_len(&user_buffer[i], sizeof(valstr) - 1); - if (len < 0) { return len; } + if (len < 0) { + return len; + } memset(valstr, 0, sizeof(valstr)); - if( copy_from_user(valstr, &user_buffer[i], len)) + if (copy_from_user(valstr, &user_buffer[i], len)) return -EFAULT; i += len; - for(*m = 0;*v && m < pkt_dev->src_mac + 6; v++) { + for (*m = 0; *v && m < pkt_dev->src_mac + 6; v++) { if (*v >= '0' && *v <= '9') { *m *= 16; *m += *v - '0'; @@ -1248,21 +1398,23 @@ static ssize_t pktgen_if_write(struct file *file, const char __user *user_buffer m++; *m = 0; } - } + } - sprintf(pg_result, "OK: srcmac"); + sprintf(pg_result, "OK: srcmac"); return count; } - if (!strcmp(name, "clear_counters")) { - pktgen_clear_counters(pkt_dev); - sprintf(pg_result, "OK: Clearing counters.\n"); - return count; - } + if (!strcmp(name, "clear_counters")) { + pktgen_clear_counters(pkt_dev); + sprintf(pg_result, "OK: Clearing counters.\n"); + return count; + } if (!strcmp(name, "flows")) { len = num_arg(&user_buffer[i], 10, &value); - if (len < 0) { return len; } + if (len < 0) { + return len; + } i += len; if (value > MAX_CFLOWS) value = MAX_CFLOWS; @@ -1274,13 +1426,28 @@ static ssize_t pktgen_if_write(struct file *file, const char __user *user_buffer if (!strcmp(name, "flowlen")) { len = num_arg(&user_buffer[i], 10, &value); - if (len < 0) { return len; } + if (len < 0) { + return len; + } i += len; pkt_dev->lflow = value; sprintf(pg_result, "OK: flowlen=%u", pkt_dev->lflow); return count; } - + + if (!strcmp(name, "mpls")) { + unsigned n, offset; + len = get_labels(&user_buffer[i], pkt_dev); + if (len < 0) { return len; } + i += len; + offset = sprintf(pg_result, "OK: mpls="); + for(n = 0; n < pkt_dev->nr_labels; n++) + offset += sprintf(pg_result + offset, + "%08x%s", ntohl(pkt_dev->labels[n]), + n == pkt_dev->nr_labels-1 ? "" : ","); + return count; + } + sprintf(pkt_dev->result, "No such parameter \"%s\"", name); return -EINVAL; } @@ -1291,35 +1458,35 @@ static int pktgen_if_open(struct inode *inode, struct file *file) } static struct file_operations pktgen_if_fops = { - .owner = THIS_MODULE, - .open = pktgen_if_open, - .read = seq_read, - .llseek = seq_lseek, - .write = pktgen_if_write, - .release = single_release, + .owner = THIS_MODULE, + .open = pktgen_if_open, + .read = seq_read, + .llseek = seq_lseek, + .write = pktgen_if_write, + .release = single_release, }; static int pktgen_thread_show(struct seq_file *seq, void *v) { - struct pktgen_thread *t = seq->private; - struct pktgen_dev *pkt_dev = NULL; + struct pktgen_thread *t = seq->private; + struct pktgen_dev *pkt_dev; BUG_ON(!t); seq_printf(seq, "Name: %s max_before_softirq: %d\n", - t->name, t->max_before_softirq); + t->name, t->max_before_softirq); + + seq_printf(seq, "Running: "); - seq_printf(seq, "Running: "); - - if_lock(t); - for(pkt_dev = t->if_list;pkt_dev; pkt_dev = pkt_dev->next) - if(pkt_dev->running) + if_lock(t); + list_for_each_entry(pkt_dev, &t->if_list, list) + if (pkt_dev->running) seq_printf(seq, "%s ", pkt_dev->ifname); - - seq_printf(seq, "\nStopped: "); - for(pkt_dev = t->if_list;pkt_dev; pkt_dev = pkt_dev->next) - if(!pkt_dev->running) + seq_printf(seq, "\nStopped: "); + + list_for_each_entry(pkt_dev, &t->if_list, list) + if (!pkt_dev->running) seq_printf(seq, "%s ", pkt_dev->ifname); if (t->result[0]) @@ -1327,30 +1494,30 @@ static int pktgen_thread_show(struct seq_file *seq, void *v) else seq_printf(seq, "\nResult: NA\n"); - if_unlock(t); + if_unlock(t); return 0; } static ssize_t pktgen_thread_write(struct file *file, - const char __user *user_buffer, - size_t count, loff_t *offset) + const char __user * user_buffer, + size_t count, loff_t * offset) { - struct seq_file *seq = (struct seq_file *) file->private_data; - struct pktgen_thread *t = seq->private; + struct seq_file *seq = (struct seq_file *)file->private_data; + struct pktgen_thread *t = seq->private; int i = 0, max, len, ret; char name[40]; - char *pg_result; - unsigned long value = 0; + char *pg_result; + unsigned long value = 0; if (count < 1) { - // sprintf(pg_result, "Wrong command format"); + // sprintf(pg_result, "Wrong command format"); return -EINVAL; } max = count - i; - len = count_trail_chars(&user_buffer[i], max); - if (len < 0) + len = count_trail_chars(&user_buffer[i], max); + if (len < 0) return len; i += len; @@ -1358,26 +1525,25 @@ static ssize_t pktgen_thread_write(struct file *file, /* Read variable name */ len = strn_len(&user_buffer[i], sizeof(name) - 1); - if (len < 0) + if (len < 0) return len; - + memset(name, 0, sizeof(name)); if (copy_from_user(name, &user_buffer[i], len)) return -EFAULT; i += len; - max = count -i; + max = count - i; len = count_trail_chars(&user_buffer[i], max); - if (len < 0) + if (len < 0) return len; i += len; if (debug) - printk("pktgen: t=%s, count=%lu\n", name, - (unsigned long) count); + printk("pktgen: t=%s, count=%lu\n", name, (unsigned long)count); - if(!t) { + if (!t) { printk("pktgen: ERROR: No thread\n"); ret = -EINVAL; goto out; @@ -1385,48 +1551,47 @@ static ssize_t pktgen_thread_write(struct file *file, pg_result = &(t->result[0]); - if (!strcmp(name, "add_device")) { - char f[32]; - memset(f, 0, 32); + if (!strcmp(name, "add_device")) { + char f[32]; + memset(f, 0, 32); len = strn_len(&user_buffer[i], sizeof(f) - 1); - if (len < 0) { - ret = len; + if (len < 0) { + ret = len; goto out; } - if( copy_from_user(f, &user_buffer[i], len) ) + if (copy_from_user(f, &user_buffer[i], len)) return -EFAULT; i += len; - thread_lock(); - pktgen_add_device(t, f); - thread_unlock(); - ret = count; - sprintf(pg_result, "OK: add_device=%s", f); + mutex_lock(&pktgen_thread_lock); + pktgen_add_device(t, f); + mutex_unlock(&pktgen_thread_lock); + ret = count; + sprintf(pg_result, "OK: add_device=%s", f); goto out; } - if (!strcmp(name, "rem_device_all")) { - thread_lock(); - t->control |= T_REMDEV; - thread_unlock(); - schedule_timeout_interruptible(msecs_to_jiffies(125)); /* Propagate thread->control */ + if (!strcmp(name, "rem_device_all")) { + mutex_lock(&pktgen_thread_lock); + t->control |= T_REMDEVALL; + mutex_unlock(&pktgen_thread_lock); + schedule_timeout_interruptible(msecs_to_jiffies(125)); /* Propagate thread->control */ ret = count; - sprintf(pg_result, "OK: rem_device_all"); + sprintf(pg_result, "OK: rem_device_all"); goto out; } - if (!strcmp(name, "max_before_softirq")) { - len = num_arg(&user_buffer[i], 10, &value); - thread_lock(); - t->max_before_softirq = value; - thread_unlock(); - ret = count; - sprintf(pg_result, "OK: max_before_softirq=%lu", value); + if (!strcmp(name, "max_before_softirq")) { + len = num_arg(&user_buffer[i], 10, &value); + mutex_lock(&pktgen_thread_lock); + t->max_before_softirq = value; + mutex_unlock(&pktgen_thread_lock); + ret = count; + sprintf(pg_result, "OK: max_before_softirq=%lu", value); goto out; } ret = -EINVAL; - out: - +out: return ret; } @@ -1436,47 +1601,78 @@ static int pktgen_thread_open(struct inode *inode, struct file *file) } static struct file_operations pktgen_thread_fops = { - .owner = THIS_MODULE, - .open = pktgen_thread_open, - .read = seq_read, - .llseek = seq_lseek, - .write = pktgen_thread_write, - .release = single_release, + .owner = THIS_MODULE, + .open = pktgen_thread_open, + .read = seq_read, + .llseek = seq_lseek, + .write = pktgen_thread_write, + .release = single_release, }; /* Think find or remove for NN */ -static struct pktgen_dev *__pktgen_NN_threads(const char* ifname, int remove) +static struct pktgen_dev *__pktgen_NN_threads(const char *ifname, int remove) { struct pktgen_thread *t; struct pktgen_dev *pkt_dev = NULL; - t = pktgen_threads; - - while (t) { + list_for_each_entry(t, &pktgen_threads, th_list) { pkt_dev = pktgen_find_dev(t, ifname); if (pkt_dev) { - if(remove) { - if_lock(t); - pktgen_remove_device(t, pkt_dev); - if_unlock(t); - } + if (remove) { + if_lock(t); + pkt_dev->removal_mark = 1; + t->control |= T_REMDEV; + if_unlock(t); + } break; } - t = t->next; } - return pkt_dev; + return pkt_dev; } -static struct pktgen_dev *pktgen_NN_threads(const char* ifname, int remove) +/* + * mark a device for removal + */ +static int pktgen_mark_device(const char *ifname) { struct pktgen_dev *pkt_dev = NULL; - thread_lock(); - pkt_dev = __pktgen_NN_threads(ifname, remove); - thread_unlock(); - return pkt_dev; + const int max_tries = 10, msec_per_try = 125; + int i = 0; + int ret = 0; + + mutex_lock(&pktgen_thread_lock); + PG_DEBUG(printk("pktgen: pktgen_mark_device marking %s for removal\n", + ifname)); + + while (1) { + + pkt_dev = __pktgen_NN_threads(ifname, REMOVE); + if (pkt_dev == NULL) + break; /* success */ + + mutex_unlock(&pktgen_thread_lock); + PG_DEBUG(printk("pktgen: pktgen_mark_device waiting for %s " + "to disappear....\n", ifname)); + schedule_timeout_interruptible(msecs_to_jiffies(msec_per_try)); + mutex_lock(&pktgen_thread_lock); + + if (++i >= max_tries) { + printk("pktgen_mark_device: timed out after waiting " + "%d msec for device %s to be removed\n", + msec_per_try * i, ifname); + ret = 1; + break; + } + + } + + mutex_unlock(&pktgen_thread_lock); + + return ret; } -static int pktgen_device_event(struct notifier_block *unused, unsigned long event, void *ptr) +static int pktgen_device_event(struct notifier_block *unused, + unsigned long event, void *ptr) { struct net_device *dev = (struct net_device *)(ptr); @@ -1491,9 +1687,9 @@ static int pktgen_device_event(struct notifier_block *unused, unsigned long even case NETDEV_UP: /* Ignore for now */ break; - + case NETDEV_UNREGISTER: - pktgen_NN_threads(dev->name, REMOVE); + pktgen_mark_device(dev->name); break; }; @@ -1502,15 +1698,16 @@ static int pktgen_device_event(struct notifier_block *unused, unsigned long even /* Associate pktgen_dev with a device. */ -static struct net_device* pktgen_setup_dev(struct pktgen_dev *pkt_dev) { +static struct net_device *pktgen_setup_dev(struct pktgen_dev *pkt_dev) +{ struct net_device *odev; /* Clean old setups */ if (pkt_dev->odev) { dev_put(pkt_dev->odev); - pkt_dev->odev = NULL; - } + pkt_dev->odev = NULL; + } odev = dev_get_by_name(pkt_dev->ifname); @@ -1519,7 +1716,8 @@ static struct net_device* pktgen_setup_dev(struct pktgen_dev *pkt_dev) { goto out; } if (odev->type != ARPHRD_ETHER) { - printk("pktgen: not an ethernet device: \"%s\"\n", pkt_dev->ifname); + printk("pktgen: not an ethernet device: \"%s\"\n", + pkt_dev->ifname); goto out_put; } if (!netif_running(odev)) { @@ -1527,13 +1725,13 @@ static struct net_device* pktgen_setup_dev(struct pktgen_dev *pkt_dev) { goto out_put; } pkt_dev->odev = odev; - - return pkt_dev->odev; + + return pkt_dev->odev; out_put: dev_put(odev); out: - return NULL; + return NULL; } @@ -1543,59 +1741,64 @@ out: static void pktgen_setup_inject(struct pktgen_dev *pkt_dev) { /* Try once more, just in case it works now. */ - if (!pkt_dev->odev) - pktgen_setup_dev(pkt_dev); - - if (!pkt_dev->odev) { - printk("pktgen: ERROR: pkt_dev->odev == NULL in setup_inject.\n"); - sprintf(pkt_dev->result, "ERROR: pkt_dev->odev == NULL in setup_inject.\n"); - return; - } - - /* Default to the interface's mac if not explicitly set. */ + if (!pkt_dev->odev) + pktgen_setup_dev(pkt_dev); + + if (!pkt_dev->odev) { + printk("pktgen: ERROR: pkt_dev->odev == NULL in setup_inject.\n"); + sprintf(pkt_dev->result, + "ERROR: pkt_dev->odev == NULL in setup_inject.\n"); + return; + } + + /* Default to the interface's mac if not explicitly set. */ if (is_zero_ether_addr(pkt_dev->src_mac)) - memcpy(&(pkt_dev->hh[6]), pkt_dev->odev->dev_addr, ETH_ALEN); + memcpy(&(pkt_dev->hh[6]), pkt_dev->odev->dev_addr, ETH_ALEN); - /* Set up Dest MAC */ + /* Set up Dest MAC */ memcpy(&(pkt_dev->hh[0]), pkt_dev->dst_mac, ETH_ALEN); - /* Set up pkt size */ - pkt_dev->cur_pkt_size = pkt_dev->min_pkt_size; - - if(pkt_dev->flags & F_IPV6) { + /* Set up pkt size */ + pkt_dev->cur_pkt_size = pkt_dev->min_pkt_size; + + if (pkt_dev->flags & F_IPV6) { /* * Skip this automatic address setting until locks or functions * gets exported */ #ifdef NOTNOW - int i, set = 0, err=1; + int i, set = 0, err = 1; struct inet6_dev *idev; - for(i=0; i< IN6_ADDR_HSIZE; i++) - if(pkt_dev->cur_in6_saddr.s6_addr[i]) { + for (i = 0; i < IN6_ADDR_HSIZE; i++) + if (pkt_dev->cur_in6_saddr.s6_addr[i]) { set = 1; break; } - if(!set) { - + if (!set) { + /* * Use linklevel address if unconfigured. * * use ipv6_get_lladdr if/when it's get exported */ - read_lock(&addrconf_lock); if ((idev = __in6_dev_get(pkt_dev->odev)) != NULL) { struct inet6_ifaddr *ifp; read_lock_bh(&idev->lock); - for (ifp=idev->addr_list; ifp; ifp=ifp->if_next) { - if (ifp->scope == IFA_LINK && !(ifp->flags&IFA_F_TENTATIVE)) { - ipv6_addr_copy(&pkt_dev->cur_in6_saddr, &ifp->addr); + for (ifp = idev->addr_list; ifp; + ifp = ifp->if_next) { + if (ifp->scope == IFA_LINK + && !(ifp-> + flags & IFA_F_TENTATIVE)) { + ipv6_addr_copy(&pkt_dev-> + cur_in6_saddr, + &ifp->addr); err = 0; break; } @@ -1603,28 +1806,28 @@ static void pktgen_setup_inject(struct pktgen_dev *pkt_dev) read_unlock_bh(&idev->lock); } read_unlock(&addrconf_lock); - if(err) printk("pktgen: ERROR: IPv6 link address not availble.\n"); + if (err) + printk("pktgen: ERROR: IPv6 link address not availble.\n"); } #endif - } - else { + } else { pkt_dev->saddr_min = 0; pkt_dev->saddr_max = 0; if (strlen(pkt_dev->src_min) == 0) { - - struct in_device *in_dev; + + struct in_device *in_dev; rcu_read_lock(); in_dev = __in_dev_get_rcu(pkt_dev->odev); if (in_dev) { if (in_dev->ifa_list) { - pkt_dev->saddr_min = in_dev->ifa_list->ifa_address; + pkt_dev->saddr_min = + in_dev->ifa_list->ifa_address; pkt_dev->saddr_max = pkt_dev->saddr_min; } } rcu_read_unlock(); - } - else { + } else { pkt_dev->saddr_min = in_aton(pkt_dev->src_min); pkt_dev->saddr_max = in_aton(pkt_dev->src_max); } @@ -1632,13 +1835,13 @@ static void pktgen_setup_inject(struct pktgen_dev *pkt_dev) pkt_dev->daddr_min = in_aton(pkt_dev->dst_min); pkt_dev->daddr_max = in_aton(pkt_dev->dst_max); } - /* Initialize current values. */ - pkt_dev->cur_dst_mac_offset = 0; - pkt_dev->cur_src_mac_offset = 0; - pkt_dev->cur_saddr = pkt_dev->saddr_min; - pkt_dev->cur_daddr = pkt_dev->daddr_min; - pkt_dev->cur_udp_dst = pkt_dev->udp_dst_min; - pkt_dev->cur_udp_src = pkt_dev->udp_src_min; + /* Initialize current values. */ + pkt_dev->cur_dst_mac_offset = 0; + pkt_dev->cur_src_mac_offset = 0; + pkt_dev->cur_saddr = pkt_dev->saddr_min; + pkt_dev->cur_daddr = pkt_dev->daddr_min; + pkt_dev->cur_udp_dst = pkt_dev->udp_dst_min; + pkt_dev->cur_udp_src = pkt_dev->udp_src_min; pkt_dev->nflows = 0; } @@ -1651,7 +1854,7 @@ static void spin(struct pktgen_dev *pkt_dev, __u64 spin_until_us) printk(KERN_INFO "sleeping for %d\n", (int)(spin_until_us - now)); while (now < spin_until_us) { /* TODO: optimize sleeping behavior */ - if (spin_until_us - now > jiffies_to_usecs(1)+1) + if (spin_until_us - now > jiffies_to_usecs(1) + 1) schedule_timeout_interruptible(1); else if (spin_until_us - now > 100) { do_softirq(); @@ -1667,102 +1870,119 @@ static void spin(struct pktgen_dev *pkt_dev, __u64 spin_until_us) pkt_dev->idle_acc += now - start; } - /* Increment/randomize headers according to flags and current values * for IP src/dest, UDP src/dst port, MAC-Addr src/dst */ -static void mod_cur_headers(struct pktgen_dev *pkt_dev) { - __u32 imn; - __u32 imx; - int flow = 0; +static void mod_cur_headers(struct pktgen_dev *pkt_dev) +{ + __u32 imn; + __u32 imx; + int flow = 0; - if(pkt_dev->cflows) { + if (pkt_dev->cflows) { flow = pktgen_random() % pkt_dev->cflows; - + if (pkt_dev->flows[flow].count > pkt_dev->lflow) pkt_dev->flows[flow].count = 0; - } - + } /* Deal with source MAC */ - if (pkt_dev->src_mac_count > 1) { - __u32 mc; - __u32 tmp; - - if (pkt_dev->flags & F_MACSRC_RND) - mc = pktgen_random() % (pkt_dev->src_mac_count); - else { - mc = pkt_dev->cur_src_mac_offset++; - if (pkt_dev->cur_src_mac_offset > pkt_dev->src_mac_count) - pkt_dev->cur_src_mac_offset = 0; - } - - tmp = pkt_dev->src_mac[5] + (mc & 0xFF); - pkt_dev->hh[11] = tmp; - tmp = (pkt_dev->src_mac[4] + ((mc >> 8) & 0xFF) + (tmp >> 8)); - pkt_dev->hh[10] = tmp; - tmp = (pkt_dev->src_mac[3] + ((mc >> 16) & 0xFF) + (tmp >> 8)); - pkt_dev->hh[9] = tmp; - tmp = (pkt_dev->src_mac[2] + ((mc >> 24) & 0xFF) + (tmp >> 8)); - pkt_dev->hh[8] = tmp; - tmp = (pkt_dev->src_mac[1] + (tmp >> 8)); - pkt_dev->hh[7] = tmp; - } - - /* Deal with Destination MAC */ - if (pkt_dev->dst_mac_count > 1) { - __u32 mc; - __u32 tmp; - - if (pkt_dev->flags & F_MACDST_RND) - mc = pktgen_random() % (pkt_dev->dst_mac_count); - - else { - mc = pkt_dev->cur_dst_mac_offset++; - if (pkt_dev->cur_dst_mac_offset > pkt_dev->dst_mac_count) { - pkt_dev->cur_dst_mac_offset = 0; - } - } - - tmp = pkt_dev->dst_mac[5] + (mc & 0xFF); - pkt_dev->hh[5] = tmp; - tmp = (pkt_dev->dst_mac[4] + ((mc >> 8) & 0xFF) + (tmp >> 8)); - pkt_dev->hh[4] = tmp; - tmp = (pkt_dev->dst_mac[3] + ((mc >> 16) & 0xFF) + (tmp >> 8)); - pkt_dev->hh[3] = tmp; - tmp = (pkt_dev->dst_mac[2] + ((mc >> 24) & 0xFF) + (tmp >> 8)); - pkt_dev->hh[2] = tmp; - tmp = (pkt_dev->dst_mac[1] + (tmp >> 8)); - pkt_dev->hh[1] = tmp; - } - - if (pkt_dev->udp_src_min < pkt_dev->udp_src_max) { - if (pkt_dev->flags & F_UDPSRC_RND) - pkt_dev->cur_udp_src = ((pktgen_random() % (pkt_dev->udp_src_max - pkt_dev->udp_src_min)) + pkt_dev->udp_src_min); - - else { + if (pkt_dev->src_mac_count > 1) { + __u32 mc; + __u32 tmp; + + if (pkt_dev->flags & F_MACSRC_RND) + mc = pktgen_random() % (pkt_dev->src_mac_count); + else { + mc = pkt_dev->cur_src_mac_offset++; + if (pkt_dev->cur_src_mac_offset > + pkt_dev->src_mac_count) + pkt_dev->cur_src_mac_offset = 0; + } + + tmp = pkt_dev->src_mac[5] + (mc & 0xFF); + pkt_dev->hh[11] = tmp; + tmp = (pkt_dev->src_mac[4] + ((mc >> 8) & 0xFF) + (tmp >> 8)); + pkt_dev->hh[10] = tmp; + tmp = (pkt_dev->src_mac[3] + ((mc >> 16) & 0xFF) + (tmp >> 8)); + pkt_dev->hh[9] = tmp; + tmp = (pkt_dev->src_mac[2] + ((mc >> 24) & 0xFF) + (tmp >> 8)); + pkt_dev->hh[8] = tmp; + tmp = (pkt_dev->src_mac[1] + (tmp >> 8)); + pkt_dev->hh[7] = tmp; + } + + /* Deal with Destination MAC */ + if (pkt_dev->dst_mac_count > 1) { + __u32 mc; + __u32 tmp; + + if (pkt_dev->flags & F_MACDST_RND) + mc = pktgen_random() % (pkt_dev->dst_mac_count); + + else { + mc = pkt_dev->cur_dst_mac_offset++; + if (pkt_dev->cur_dst_mac_offset > + pkt_dev->dst_mac_count) { + pkt_dev->cur_dst_mac_offset = 0; + } + } + + tmp = pkt_dev->dst_mac[5] + (mc & 0xFF); + pkt_dev->hh[5] = tmp; + tmp = (pkt_dev->dst_mac[4] + ((mc >> 8) & 0xFF) + (tmp >> 8)); + pkt_dev->hh[4] = tmp; + tmp = (pkt_dev->dst_mac[3] + ((mc >> 16) & 0xFF) + (tmp >> 8)); + pkt_dev->hh[3] = tmp; + tmp = (pkt_dev->dst_mac[2] + ((mc >> 24) & 0xFF) + (tmp >> 8)); + pkt_dev->hh[2] = tmp; + tmp = (pkt_dev->dst_mac[1] + (tmp >> 8)); + pkt_dev->hh[1] = tmp; + } + + if (pkt_dev->flags & F_MPLS_RND) { + unsigned i; + for(i = 0; i < pkt_dev->nr_labels; i++) + if (pkt_dev->labels[i] & MPLS_STACK_BOTTOM) + pkt_dev->labels[i] = MPLS_STACK_BOTTOM | + (pktgen_random() & + htonl(0x000fffff)); + } + + if (pkt_dev->udp_src_min < pkt_dev->udp_src_max) { + if (pkt_dev->flags & F_UDPSRC_RND) + pkt_dev->cur_udp_src = + ((pktgen_random() % + (pkt_dev->udp_src_max - pkt_dev->udp_src_min)) + + pkt_dev->udp_src_min); + + else { pkt_dev->cur_udp_src++; if (pkt_dev->cur_udp_src >= pkt_dev->udp_src_max) pkt_dev->cur_udp_src = pkt_dev->udp_src_min; - } - } - - if (pkt_dev->udp_dst_min < pkt_dev->udp_dst_max) { - if (pkt_dev->flags & F_UDPDST_RND) { - pkt_dev->cur_udp_dst = ((pktgen_random() % (pkt_dev->udp_dst_max - pkt_dev->udp_dst_min)) + pkt_dev->udp_dst_min); - } - else { + } + } + + if (pkt_dev->udp_dst_min < pkt_dev->udp_dst_max) { + if (pkt_dev->flags & F_UDPDST_RND) { + pkt_dev->cur_udp_dst = + ((pktgen_random() % + (pkt_dev->udp_dst_max - pkt_dev->udp_dst_min)) + + pkt_dev->udp_dst_min); + } else { pkt_dev->cur_udp_dst++; - if (pkt_dev->cur_udp_dst >= pkt_dev->udp_dst_max) + if (pkt_dev->cur_udp_dst >= pkt_dev->udp_dst_max) pkt_dev->cur_udp_dst = pkt_dev->udp_dst_min; - } - } + } + } if (!(pkt_dev->flags & F_IPV6)) { - if ((imn = ntohl(pkt_dev->saddr_min)) < (imx = ntohl(pkt_dev->saddr_max))) { + if ((imn = ntohl(pkt_dev->saddr_min)) < (imx = + ntohl(pkt_dev-> + saddr_max))) { __u32 t; - if (pkt_dev->flags & F_IPSRC_RND) + if (pkt_dev->flags & F_IPSRC_RND) t = ((pktgen_random() % (imx - imn)) + imn); else { t = ntohl(pkt_dev->cur_saddr); @@ -1773,25 +1993,32 @@ static void mod_cur_headers(struct pktgen_dev *pkt_dev) { } pkt_dev->cur_saddr = htonl(t); } - + if (pkt_dev->cflows && pkt_dev->flows[flow].count != 0) { pkt_dev->cur_daddr = pkt_dev->flows[flow].cur_daddr; } else { - if ((imn = ntohl(pkt_dev->daddr_min)) < (imx = ntohl(pkt_dev->daddr_max))) { + if ((imn = ntohl(pkt_dev->daddr_min)) < (imx = + ntohl(pkt_dev-> + daddr_max))) + { __u32 t; if (pkt_dev->flags & F_IPDST_RND) { - t = ((pktgen_random() % (imx - imn)) + imn); + t = ((pktgen_random() % (imx - imn)) + + imn); t = htonl(t); - while( LOOPBACK(t) || MULTICAST(t) || BADCLASS(t) || ZERONET(t) || LOCAL_MCAST(t) ) { - t = ((pktgen_random() % (imx - imn)) + imn); + while (LOOPBACK(t) || MULTICAST(t) + || BADCLASS(t) || ZERONET(t) + || LOCAL_MCAST(t)) { + t = ((pktgen_random() % + (imx - imn)) + imn); t = htonl(t); } pkt_dev->cur_daddr = t; } - + else { t = ntohl(pkt_dev->cur_daddr); t++; @@ -1801,67 +2028,82 @@ static void mod_cur_headers(struct pktgen_dev *pkt_dev) { pkt_dev->cur_daddr = htonl(t); } } - if(pkt_dev->cflows) { - pkt_dev->flows[flow].cur_daddr = pkt_dev->cur_daddr; + if (pkt_dev->cflows) { + pkt_dev->flows[flow].cur_daddr = + pkt_dev->cur_daddr; pkt_dev->nflows++; } } - } - else /* IPV6 * */ - { - if(pkt_dev->min_in6_daddr.s6_addr32[0] == 0 && - pkt_dev->min_in6_daddr.s6_addr32[1] == 0 && - pkt_dev->min_in6_daddr.s6_addr32[2] == 0 && - pkt_dev->min_in6_daddr.s6_addr32[3] == 0); + } else { /* IPV6 * */ + + if (pkt_dev->min_in6_daddr.s6_addr32[0] == 0 && + pkt_dev->min_in6_daddr.s6_addr32[1] == 0 && + pkt_dev->min_in6_daddr.s6_addr32[2] == 0 && + pkt_dev->min_in6_daddr.s6_addr32[3] == 0) ; else { int i; /* Only random destinations yet */ - for(i=0; i < 4; i++) { + for (i = 0; i < 4; i++) { pkt_dev->cur_in6_daddr.s6_addr32[i] = - ((pktgen_random() | - pkt_dev->min_in6_daddr.s6_addr32[i]) & - pkt_dev->max_in6_daddr.s6_addr32[i]); + ((pktgen_random() | + pkt_dev->min_in6_daddr.s6_addr32[i]) & + pkt_dev->max_in6_daddr.s6_addr32[i]); } - } + } } - if (pkt_dev->min_pkt_size < pkt_dev->max_pkt_size) { - __u32 t; - if (pkt_dev->flags & F_TXSIZE_RND) { - t = ((pktgen_random() % (pkt_dev->max_pkt_size - pkt_dev->min_pkt_size)) - + pkt_dev->min_pkt_size); - } - else { + if (pkt_dev->min_pkt_size < pkt_dev->max_pkt_size) { + __u32 t; + if (pkt_dev->flags & F_TXSIZE_RND) { + t = ((pktgen_random() % + (pkt_dev->max_pkt_size - pkt_dev->min_pkt_size)) + + pkt_dev->min_pkt_size); + } else { t = pkt_dev->cur_pkt_size + 1; - if (t > pkt_dev->max_pkt_size) + if (t > pkt_dev->max_pkt_size) t = pkt_dev->min_pkt_size; - } - pkt_dev->cur_pkt_size = t; - } + } + pkt_dev->cur_pkt_size = t; + } pkt_dev->flows[flow].count++; } +static void mpls_push(__be32 *mpls, struct pktgen_dev *pkt_dev) +{ + unsigned i; + for(i = 0; i < pkt_dev->nr_labels; i++) { + *mpls++ = pkt_dev->labels[i] & ~MPLS_STACK_BOTTOM; + } + mpls--; + *mpls |= MPLS_STACK_BOTTOM; +} -static struct sk_buff *fill_packet_ipv4(struct net_device *odev, - struct pktgen_dev *pkt_dev) +static struct sk_buff *fill_packet_ipv4(struct net_device *odev, + struct pktgen_dev *pkt_dev) { struct sk_buff *skb = NULL; __u8 *eth; struct udphdr *udph; int datalen, iplen; struct iphdr *iph; - struct pktgen_hdr *pgh = NULL; - + struct pktgen_hdr *pgh = NULL; + __be16 protocol = __constant_htons(ETH_P_IP); + __be32 *mpls; + + if (pkt_dev->nr_labels) + protocol = __constant_htons(ETH_P_MPLS_UC); + /* Update any of the values, used when we're incrementing various * fields. */ mod_cur_headers(pkt_dev); datalen = (odev->hard_header_len + 16) & ~0xf; - skb = alloc_skb(pkt_dev->cur_pkt_size + 64 + datalen, GFP_ATOMIC); + skb = alloc_skb(pkt_dev->cur_pkt_size + 64 + datalen + + pkt_dev->nr_labels*sizeof(u32), GFP_ATOMIC); if (!skb) { sprintf(pkt_dev->result, "No memory"); return NULL; @@ -1871,51 +2113,56 @@ static struct sk_buff *fill_packet_ipv4(struct net_device *odev, /* Reserve for ethernet and IP header */ eth = (__u8 *) skb_push(skb, 14); + mpls = (__be32 *)skb_put(skb, pkt_dev->nr_labels*sizeof(__u32)); + if (pkt_dev->nr_labels) + mpls_push(mpls, pkt_dev); iph = (struct iphdr *)skb_put(skb, sizeof(struct iphdr)); udph = (struct udphdr *)skb_put(skb, sizeof(struct udphdr)); memcpy(eth, pkt_dev->hh, 12); - *(u16*)ð[12] = __constant_htons(ETH_P_IP); + *(u16 *) & eth[12] = protocol; - datalen = pkt_dev->cur_pkt_size - 14 - 20 - 8; /* Eth + IPh + UDPh */ - if (datalen < sizeof(struct pktgen_hdr)) + /* Eth + IPh + UDPh + mpls */ + datalen = pkt_dev->cur_pkt_size - 14 - 20 - 8 - + pkt_dev->nr_labels*sizeof(u32); + if (datalen < sizeof(struct pktgen_hdr)) datalen = sizeof(struct pktgen_hdr); - + udph->source = htons(pkt_dev->cur_udp_src); udph->dest = htons(pkt_dev->cur_udp_dst); - udph->len = htons(datalen + 8); /* DATA + udphdr */ - udph->check = 0; /* No checksum */ + udph->len = htons(datalen + 8); /* DATA + udphdr */ + udph->check = 0; /* No checksum */ iph->ihl = 5; iph->version = 4; iph->ttl = 32; iph->tos = 0; - iph->protocol = IPPROTO_UDP; /* UDP */ + iph->protocol = IPPROTO_UDP; /* UDP */ iph->saddr = pkt_dev->cur_saddr; iph->daddr = pkt_dev->cur_daddr; iph->frag_off = 0; iplen = 20 + 8 + datalen; iph->tot_len = htons(iplen); iph->check = 0; - iph->check = ip_fast_csum((void *) iph, iph->ihl); - skb->protocol = __constant_htons(ETH_P_IP); - skb->mac.raw = ((u8 *)iph) - 14; + iph->check = ip_fast_csum((void *)iph, iph->ihl); + skb->protocol = protocol; + skb->mac.raw = ((u8 *) iph) - 14 - pkt_dev->nr_labels*sizeof(u32); skb->dev = odev; skb->pkt_type = PACKET_HOST; - if (pkt_dev->nfrags <= 0) - pgh = (struct pktgen_hdr *)skb_put(skb, datalen); + if (pkt_dev->nfrags <= 0) + pgh = (struct pktgen_hdr *)skb_put(skb, datalen); else { int frags = pkt_dev->nfrags; int i; - pgh = (struct pktgen_hdr*)(((char*)(udph)) + 8); - + pgh = (struct pktgen_hdr *)(((char *)(udph)) + 8); + if (frags > MAX_SKB_FRAGS) frags = MAX_SKB_FRAGS; - if (datalen > frags*PAGE_SIZE) { - skb_put(skb, datalen-frags*PAGE_SIZE); - datalen = frags*PAGE_SIZE; + if (datalen > frags * PAGE_SIZE) { + skb_put(skb, datalen - frags * PAGE_SIZE); + datalen = frags * PAGE_SIZE; } i = 0; @@ -1924,7 +2171,7 @@ static struct sk_buff *fill_packet_ipv4(struct net_device *odev, skb_shinfo(skb)->frags[i].page = page; skb_shinfo(skb)->frags[i].page_offset = 0; skb_shinfo(skb)->frags[i].size = - (datalen < PAGE_SIZE ? datalen : PAGE_SIZE); + (datalen < PAGE_SIZE ? datalen : PAGE_SIZE); datalen -= skb_shinfo(skb)->frags[i].size; skb->len += skb_shinfo(skb)->frags[i].size; skb->data_len += skb_shinfo(skb)->frags[i].size; @@ -1944,30 +2191,33 @@ static struct sk_buff *fill_packet_ipv4(struct net_device *odev, skb_shinfo(skb)->frags[i - 1].size -= rem; - skb_shinfo(skb)->frags[i] = skb_shinfo(skb)->frags[i - 1]; + skb_shinfo(skb)->frags[i] = + skb_shinfo(skb)->frags[i - 1]; get_page(skb_shinfo(skb)->frags[i].page); - skb_shinfo(skb)->frags[i].page = skb_shinfo(skb)->frags[i - 1].page; - skb_shinfo(skb)->frags[i].page_offset += skb_shinfo(skb)->frags[i - 1].size; + skb_shinfo(skb)->frags[i].page = + skb_shinfo(skb)->frags[i - 1].page; + skb_shinfo(skb)->frags[i].page_offset += + skb_shinfo(skb)->frags[i - 1].size; skb_shinfo(skb)->frags[i].size = rem; i++; skb_shinfo(skb)->nr_frags = i; } } - /* Stamp the time, and sequence number, convert them to network byte order */ + /* Stamp the time, and sequence number, convert them to network byte order */ + + if (pgh) { + struct timeval timestamp; + + pgh->pgh_magic = htonl(PKTGEN_MAGIC); + pgh->seq_num = htonl(pkt_dev->seq_num); + + do_gettimeofday(×tamp); + pgh->tv_sec = htonl(timestamp.tv_sec); + pgh->tv_usec = htonl(timestamp.tv_usec); + } + pkt_dev->seq_num++; - if (pgh) { - struct timeval timestamp; - - pgh->pgh_magic = htonl(PKTGEN_MAGIC); - pgh->seq_num = htonl(pkt_dev->seq_num); - - do_gettimeofday(×tamp); - pgh->tv_sec = htonl(timestamp.tv_sec); - pgh->tv_usec = htonl(timestamp.tv_usec); - } - pkt_dev->seq_num++; - return skb; } @@ -1980,23 +2230,24 @@ static struct sk_buff *fill_packet_ipv4(struct net_device *odev, * --ro */ -static unsigned int scan_ip6(const char *s,char ip[16]) +static unsigned int scan_ip6(const char *s, char ip[16]) { unsigned int i; - unsigned int len=0; + unsigned int len = 0; unsigned long u; char suffix[16]; - unsigned int prefixlen=0; - unsigned int suffixlen=0; + unsigned int prefixlen = 0; + unsigned int suffixlen = 0; __u32 tmp; - for (i=0; i<16; i++) ip[i]=0; + for (i = 0; i < 16; i++) + ip[i] = 0; for (;;) { if (*s == ':') { len++; - if (s[1] == ':') { /* Found "::", skip to part 2 */ - s+=2; + if (s[1] == ':') { /* Found "::", skip to part 2 */ + s += 2; len++; break; } @@ -2004,136 +2255,162 @@ static unsigned int scan_ip6(const char *s,char ip[16]) } { char *tmp; - u=simple_strtoul(s,&tmp,16); - i=tmp-s; + u = simple_strtoul(s, &tmp, 16); + i = tmp - s; } - if (!i) return 0; - if (prefixlen==12 && s[i]=='.') { + if (!i) + return 0; + if (prefixlen == 12 && s[i] == '.') { /* the last 4 bytes may be written as IPv4 address */ tmp = in_aton(s); - memcpy((struct in_addr*)(ip+12), &tmp, sizeof(tmp)); - return i+len; + memcpy((struct in_addr *)(ip + 12), &tmp, sizeof(tmp)); + return i + len; } ip[prefixlen++] = (u >> 8); ip[prefixlen++] = (u & 255); - s += i; len += i; - if (prefixlen==16) + s += i; + len += i; + if (prefixlen == 16) return len; } /* part 2, after "::" */ for (;;) { if (*s == ':') { - if (suffixlen==0) + if (suffixlen == 0) break; s++; len++; - } else if (suffixlen!=0) + } else if (suffixlen != 0) break; { char *tmp; - u=simple_strtol(s,&tmp,16); - i=tmp-s; + u = simple_strtol(s, &tmp, 16); + i = tmp - s; } if (!i) { - if (*s) len--; + if (*s) + len--; break; } - if (suffixlen+prefixlen<=12 && s[i]=='.') { + if (suffixlen + prefixlen <= 12 && s[i] == '.') { tmp = in_aton(s); - memcpy((struct in_addr*)(suffix+suffixlen), &tmp, sizeof(tmp)); - suffixlen+=4; - len+=strlen(s); + memcpy((struct in_addr *)(suffix + suffixlen), &tmp, + sizeof(tmp)); + suffixlen += 4; + len += strlen(s); break; } suffix[suffixlen++] = (u >> 8); suffix[suffixlen++] = (u & 255); - s += i; len += i; - if (prefixlen+suffixlen==16) + s += i; + len += i; + if (prefixlen + suffixlen == 16) break; } - for (i=0; i<suffixlen; i++) - ip[16-suffixlen+i] = suffix[i]; + for (i = 0; i < suffixlen; i++) + ip[16 - suffixlen + i] = suffix[i]; return len; } -static char tohex(char hexdigit) { - return hexdigit>9?hexdigit+'a'-10:hexdigit+'0'; +static char tohex(char hexdigit) +{ + return hexdigit > 9 ? hexdigit + 'a' - 10 : hexdigit + '0'; } -static int fmt_xlong(char* s,unsigned int i) { - char* bak=s; - *s=tohex((i>>12)&0xf); if (s!=bak || *s!='0') ++s; - *s=tohex((i>>8)&0xf); if (s!=bak || *s!='0') ++s; - *s=tohex((i>>4)&0xf); if (s!=bak || *s!='0') ++s; - *s=tohex(i&0xf); - return s-bak+1; +static int fmt_xlong(char *s, unsigned int i) +{ + char *bak = s; + *s = tohex((i >> 12) & 0xf); + if (s != bak || *s != '0') + ++s; + *s = tohex((i >> 8) & 0xf); + if (s != bak || *s != '0') + ++s; + *s = tohex((i >> 4) & 0xf); + if (s != bak || *s != '0') + ++s; + *s = tohex(i & 0xf); + return s - bak + 1; } -static unsigned int fmt_ip6(char *s,const char ip[16]) { +static unsigned int fmt_ip6(char *s, const char ip[16]) +{ unsigned int len; unsigned int i; unsigned int temp; unsigned int compressing; int j; - len = 0; compressing = 0; - for (j=0; j<16; j+=2) { + len = 0; + compressing = 0; + for (j = 0; j < 16; j += 2) { #ifdef V4MAPPEDPREFIX - if (j==12 && !memcmp(ip,V4mappedprefix,12)) { - inet_ntoa_r(*(struct in_addr*)(ip+12),s); - temp=strlen(s); - return len+temp; + if (j == 12 && !memcmp(ip, V4mappedprefix, 12)) { + inet_ntoa_r(*(struct in_addr *)(ip + 12), s); + temp = strlen(s); + return len + temp; } #endif - temp = ((unsigned long) (unsigned char) ip[j] << 8) + - (unsigned long) (unsigned char) ip[j+1]; + temp = ((unsigned long)(unsigned char)ip[j] << 8) + + (unsigned long)(unsigned char)ip[j + 1]; if (temp == 0) { if (!compressing) { - compressing=1; - if (j==0) { - *s++=':'; ++len; + compressing = 1; + if (j == 0) { + *s++ = ':'; + ++len; } } } else { if (compressing) { - compressing=0; - *s++=':'; ++len; + compressing = 0; + *s++ = ':'; + ++len; } - i = fmt_xlong(s,temp); len += i; s += i; - if (j<14) { + i = fmt_xlong(s, temp); + len += i; + s += i; + if (j < 14) { *s++ = ':'; ++len; } } } if (compressing) { - *s++=':'; ++len; + *s++ = ':'; + ++len; } - *s=0; + *s = 0; return len; } -static struct sk_buff *fill_packet_ipv6(struct net_device *odev, - struct pktgen_dev *pkt_dev) +static struct sk_buff *fill_packet_ipv6(struct net_device *odev, + struct pktgen_dev *pkt_dev) { struct sk_buff *skb = NULL; __u8 *eth; struct udphdr *udph; int datalen; struct ipv6hdr *iph; - struct pktgen_hdr *pgh = NULL; + struct pktgen_hdr *pgh = NULL; + __be16 protocol = __constant_htons(ETH_P_IPV6); + __be32 *mpls; + + if (pkt_dev->nr_labels) + protocol = __constant_htons(ETH_P_MPLS_UC); /* Update any of the values, used when we're incrementing various * fields. */ mod_cur_headers(pkt_dev); - skb = alloc_skb(pkt_dev->cur_pkt_size + 64 + 16, GFP_ATOMIC); + skb = alloc_skb(pkt_dev->cur_pkt_size + 64 + 16 + + pkt_dev->nr_labels*sizeof(u32), GFP_ATOMIC); if (!skb) { sprintf(pkt_dev->result, "No memory"); return NULL; @@ -2143,27 +2420,33 @@ static struct sk_buff *fill_packet_ipv6(struct net_device *odev, /* Reserve for ethernet and IP header */ eth = (__u8 *) skb_push(skb, 14); + mpls = (__be32 *)skb_put(skb, pkt_dev->nr_labels*sizeof(__u32)); + if (pkt_dev->nr_labels) + mpls_push(mpls, pkt_dev); iph = (struct ipv6hdr *)skb_put(skb, sizeof(struct ipv6hdr)); udph = (struct udphdr *)skb_put(skb, sizeof(struct udphdr)); memcpy(eth, pkt_dev->hh, 12); - *(u16*)ð[12] = __constant_htons(ETH_P_IPV6); + *(u16 *) & eth[12] = __constant_htons(ETH_P_IPV6); - datalen = pkt_dev->cur_pkt_size-14- - sizeof(struct ipv6hdr)-sizeof(struct udphdr); /* Eth + IPh + UDPh */ + /* Eth + IPh + UDPh + mpls */ + datalen = pkt_dev->cur_pkt_size - 14 - + sizeof(struct ipv6hdr) - sizeof(struct udphdr) - + pkt_dev->nr_labels*sizeof(u32); - if (datalen < sizeof(struct pktgen_hdr)) { + if (datalen < sizeof(struct pktgen_hdr)) { datalen = sizeof(struct pktgen_hdr); if (net_ratelimit()) - printk(KERN_INFO "pktgen: increased datalen to %d\n", datalen); + printk(KERN_INFO "pktgen: increased datalen to %d\n", + datalen); } udph->source = htons(pkt_dev->cur_udp_src); udph->dest = htons(pkt_dev->cur_udp_dst); - udph->len = htons(datalen + sizeof(struct udphdr)); - udph->check = 0; /* No checksum */ + udph->len = htons(datalen + sizeof(struct udphdr)); + udph->check = 0; /* No checksum */ - *(u32*)iph = __constant_htonl(0x60000000); /* Version + flow */ + *(u32 *) iph = __constant_htonl(0x60000000); /* Version + flow */ iph->hop_limit = 32; @@ -2173,24 +2456,24 @@ static struct sk_buff *fill_packet_ipv6(struct net_device *odev, ipv6_addr_copy(&iph->daddr, &pkt_dev->cur_in6_daddr); ipv6_addr_copy(&iph->saddr, &pkt_dev->cur_in6_saddr); - skb->mac.raw = ((u8 *)iph) - 14; - skb->protocol = __constant_htons(ETH_P_IPV6); + skb->mac.raw = ((u8 *) iph) - 14 - pkt_dev->nr_labels*sizeof(u32); + skb->protocol = protocol; skb->dev = odev; skb->pkt_type = PACKET_HOST; - if (pkt_dev->nfrags <= 0) - pgh = (struct pktgen_hdr *)skb_put(skb, datalen); + if (pkt_dev->nfrags <= 0) + pgh = (struct pktgen_hdr *)skb_put(skb, datalen); else { int frags = pkt_dev->nfrags; int i; - pgh = (struct pktgen_hdr*)(((char*)(udph)) + 8); - + pgh = (struct pktgen_hdr *)(((char *)(udph)) + 8); + if (frags > MAX_SKB_FRAGS) frags = MAX_SKB_FRAGS; - if (datalen > frags*PAGE_SIZE) { - skb_put(skb, datalen-frags*PAGE_SIZE); - datalen = frags*PAGE_SIZE; + if (datalen > frags * PAGE_SIZE) { + skb_put(skb, datalen - frags * PAGE_SIZE); + datalen = frags * PAGE_SIZE; } i = 0; @@ -2199,7 +2482,7 @@ static struct sk_buff *fill_packet_ipv6(struct net_device *odev, skb_shinfo(skb)->frags[i].page = page; skb_shinfo(skb)->frags[i].page_offset = 0; skb_shinfo(skb)->frags[i].size = - (datalen < PAGE_SIZE ? datalen : PAGE_SIZE); + (datalen < PAGE_SIZE ? datalen : PAGE_SIZE); datalen -= skb_shinfo(skb)->frags[i].size; skb->len += skb_shinfo(skb)->frags[i].size; skb->data_len += skb_shinfo(skb)->frags[i].size; @@ -2219,305 +2502,333 @@ static struct sk_buff *fill_packet_ipv6(struct net_device *odev, skb_shinfo(skb)->frags[i - 1].size -= rem; - skb_shinfo(skb)->frags[i] = skb_shinfo(skb)->frags[i - 1]; + skb_shinfo(skb)->frags[i] = + skb_shinfo(skb)->frags[i - 1]; get_page(skb_shinfo(skb)->frags[i].page); - skb_shinfo(skb)->frags[i].page = skb_shinfo(skb)->frags[i - 1].page; - skb_shinfo(skb)->frags[i].page_offset += skb_shinfo(skb)->frags[i - 1].size; + skb_shinfo(skb)->frags[i].page = + skb_shinfo(skb)->frags[i - 1].page; + skb_shinfo(skb)->frags[i].page_offset += + skb_shinfo(skb)->frags[i - 1].size; skb_shinfo(skb)->frags[i].size = rem; i++; skb_shinfo(skb)->nr_frags = i; } } - /* Stamp the time, and sequence number, convert them to network byte order */ + /* Stamp the time, and sequence number, convert them to network byte order */ /* should we update cloned packets too ? */ - if (pgh) { - struct timeval timestamp; - - pgh->pgh_magic = htonl(PKTGEN_MAGIC); - pgh->seq_num = htonl(pkt_dev->seq_num); - - do_gettimeofday(×tamp); - pgh->tv_sec = htonl(timestamp.tv_sec); - pgh->tv_usec = htonl(timestamp.tv_usec); - } - pkt_dev->seq_num++; - + if (pgh) { + struct timeval timestamp; + + pgh->pgh_magic = htonl(PKTGEN_MAGIC); + pgh->seq_num = htonl(pkt_dev->seq_num); + + do_gettimeofday(×tamp); + pgh->tv_sec = htonl(timestamp.tv_sec); + pgh->tv_usec = htonl(timestamp.tv_usec); + } + pkt_dev->seq_num++; + return skb; } -static inline struct sk_buff *fill_packet(struct net_device *odev, - struct pktgen_dev *pkt_dev) +static inline struct sk_buff *fill_packet(struct net_device *odev, + struct pktgen_dev *pkt_dev) { - if(pkt_dev->flags & F_IPV6) + if (pkt_dev->flags & F_IPV6) return fill_packet_ipv6(odev, pkt_dev); else return fill_packet_ipv4(odev, pkt_dev); } -static void pktgen_clear_counters(struct pktgen_dev *pkt_dev) +static void pktgen_clear_counters(struct pktgen_dev *pkt_dev) { - pkt_dev->seq_num = 1; - pkt_dev->idle_acc = 0; + pkt_dev->seq_num = 1; + pkt_dev->idle_acc = 0; pkt_dev->sofar = 0; - pkt_dev->tx_bytes = 0; - pkt_dev->errors = 0; + pkt_dev->tx_bytes = 0; + pkt_dev->errors = 0; } /* Set up structure for sending pkts, clear counters */ static void pktgen_run(struct pktgen_thread *t) { - struct pktgen_dev *pkt_dev = NULL; + struct pktgen_dev *pkt_dev; int started = 0; PG_DEBUG(printk("pktgen: entering pktgen_run. %p\n", t)); if_lock(t); - for (pkt_dev = t->if_list; pkt_dev; pkt_dev = pkt_dev->next ) { + list_for_each_entry(pkt_dev, &t->if_list, list) { /* * setup odev and create initial packet. */ pktgen_setup_inject(pkt_dev); - if(pkt_dev->odev) { + if (pkt_dev->odev) { pktgen_clear_counters(pkt_dev); - pkt_dev->running = 1; /* Cranke yeself! */ + pkt_dev->running = 1; /* Cranke yeself! */ pkt_dev->skb = NULL; pkt_dev->started_at = getCurUs(); - pkt_dev->next_tx_us = getCurUs(); /* Transmit immediately */ + pkt_dev->next_tx_us = getCurUs(); /* Transmit immediately */ pkt_dev->next_tx_ns = 0; - + strcpy(pkt_dev->result, "Starting"); started++; - } - else + } else strcpy(pkt_dev->result, "Error starting"); } if_unlock(t); - if(started) t->control &= ~(T_STOP); + if (started) + t->control &= ~(T_STOP); } static void pktgen_stop_all_threads_ifs(void) { - struct pktgen_thread *t = pktgen_threads; + struct pktgen_thread *t; - PG_DEBUG(printk("pktgen: entering pktgen_stop_all_threads.\n")); + PG_DEBUG(printk("pktgen: entering pktgen_stop_all_threads_ifs.\n")); - thread_lock(); - while(t) { - pktgen_stop(t); - t = t->next; - } - thread_unlock(); + mutex_lock(&pktgen_thread_lock); + + list_for_each_entry(t, &pktgen_threads, th_list) + t->control |= T_STOP; + + mutex_unlock(&pktgen_thread_lock); } -static int thread_is_running(struct pktgen_thread *t ) +static int thread_is_running(struct pktgen_thread *t) { - struct pktgen_dev *next; - int res = 0; + struct pktgen_dev *pkt_dev; + int res = 0; - for(next=t->if_list; next; next=next->next) { - if(next->running) { + list_for_each_entry(pkt_dev, &t->if_list, list) + if (pkt_dev->running) { res = 1; break; } - } - return res; + return res; } -static int pktgen_wait_thread_run(struct pktgen_thread *t ) +static int pktgen_wait_thread_run(struct pktgen_thread *t) { - if_lock(t); + if_lock(t); - while(thread_is_running(t)) { + while (thread_is_running(t)) { - if_unlock(t); + if_unlock(t); - msleep_interruptible(100); + msleep_interruptible(100); - if (signal_pending(current)) - goto signal; - if_lock(t); - } - if_unlock(t); - return 1; - signal: - return 0; + if (signal_pending(current)) + goto signal; + if_lock(t); + } + if_unlock(t); + return 1; +signal: + return 0; } static int pktgen_wait_all_threads_run(void) { - struct pktgen_thread *t = pktgen_threads; + struct pktgen_thread *t; int sig = 1; - - while (t) { + + mutex_lock(&pktgen_thread_lock); + + list_for_each_entry(t, &pktgen_threads, th_list) { sig = pktgen_wait_thread_run(t); - if( sig == 0 ) break; - thread_lock(); - t=t->next; - thread_unlock(); - } - if(sig == 0) { - thread_lock(); - while (t) { - t->control |= (T_STOP); - t=t->next; - } - thread_unlock(); + if (sig == 0) + break; } + + if (sig == 0) + list_for_each_entry(t, &pktgen_threads, th_list) + t->control |= (T_STOP); + + mutex_unlock(&pktgen_thread_lock); return sig; } static void pktgen_run_all_threads(void) { - struct pktgen_thread *t = pktgen_threads; + struct pktgen_thread *t; PG_DEBUG(printk("pktgen: entering pktgen_run_all_threads.\n")); - thread_lock(); + mutex_lock(&pktgen_thread_lock); - while(t) { + list_for_each_entry(t, &pktgen_threads, th_list) t->control |= (T_RUN); - t = t->next; - } - thread_unlock(); - schedule_timeout_interruptible(msecs_to_jiffies(125)); /* Propagate thread->control */ - + mutex_unlock(&pktgen_thread_lock); + + schedule_timeout_interruptible(msecs_to_jiffies(125)); /* Propagate thread->control */ + pktgen_wait_all_threads_run(); } - static void show_results(struct pktgen_dev *pkt_dev, int nr_frags) { - __u64 total_us, bps, mbps, pps, idle; - char *p = pkt_dev->result; - - total_us = pkt_dev->stopped_at - pkt_dev->started_at; - - idle = pkt_dev->idle_acc; - - p += sprintf(p, "OK: %llu(c%llu+d%llu) usec, %llu (%dbyte,%dfrags)\n", - (unsigned long long) total_us, - (unsigned long long)(total_us - idle), - (unsigned long long) idle, - (unsigned long long) pkt_dev->sofar, - pkt_dev->cur_pkt_size, nr_frags); - - pps = pkt_dev->sofar * USEC_PER_SEC; - - while ((total_us >> 32) != 0) { - pps >>= 1; - total_us >>= 1; - } - - do_div(pps, total_us); - - bps = pps * 8 * pkt_dev->cur_pkt_size; - - mbps = bps; - do_div(mbps, 1000000); - p += sprintf(p, " %llupps %lluMb/sec (%llubps) errors: %llu", - (unsigned long long) pps, - (unsigned long long) mbps, - (unsigned long long) bps, - (unsigned long long) pkt_dev->errors); + __u64 total_us, bps, mbps, pps, idle; + char *p = pkt_dev->result; + + total_us = pkt_dev->stopped_at - pkt_dev->started_at; + + idle = pkt_dev->idle_acc; + + p += sprintf(p, "OK: %llu(c%llu+d%llu) usec, %llu (%dbyte,%dfrags)\n", + (unsigned long long)total_us, + (unsigned long long)(total_us - idle), + (unsigned long long)idle, + (unsigned long long)pkt_dev->sofar, + pkt_dev->cur_pkt_size, nr_frags); + + pps = pkt_dev->sofar * USEC_PER_SEC; + + while ((total_us >> 32) != 0) { + pps >>= 1; + total_us >>= 1; + } + + do_div(pps, total_us); + + bps = pps * 8 * pkt_dev->cur_pkt_size; + + mbps = bps; + do_div(mbps, 1000000); + p += sprintf(p, " %llupps %lluMb/sec (%llubps) errors: %llu", + (unsigned long long)pps, + (unsigned long long)mbps, + (unsigned long long)bps, + (unsigned long long)pkt_dev->errors); } - /* Set stopped-at timer, remove from running list, do counters & statistics */ -static int pktgen_stop_device(struct pktgen_dev *pkt_dev) +static int pktgen_stop_device(struct pktgen_dev *pkt_dev) { - - if (!pkt_dev->running) { - printk("pktgen: interface: %s is already stopped\n", pkt_dev->ifname); - return -EINVAL; - } + int nr_frags = pkt_dev->skb ? skb_shinfo(pkt_dev->skb)->nr_frags : -1; - pkt_dev->stopped_at = getCurUs(); - pkt_dev->running = 0; + if (!pkt_dev->running) { + printk("pktgen: interface: %s is already stopped\n", + pkt_dev->ifname); + return -EINVAL; + } - show_results(pkt_dev, skb_shinfo(pkt_dev->skb)->nr_frags); + pkt_dev->stopped_at = getCurUs(); + pkt_dev->running = 0; - if (pkt_dev->skb) - kfree_skb(pkt_dev->skb); + show_results(pkt_dev, nr_frags); - pkt_dev->skb = NULL; - - return 0; + return 0; } -static struct pktgen_dev *next_to_run(struct pktgen_thread *t ) +static struct pktgen_dev *next_to_run(struct pktgen_thread *t) { - struct pktgen_dev *next, *best = NULL; - + struct pktgen_dev *pkt_dev, *best = NULL; + if_lock(t); - for(next=t->if_list; next ; next=next->next) { - if(!next->running) continue; - if(best == NULL) best=next; - else if ( next->next_tx_us < best->next_tx_us) - best = next; + list_for_each_entry(pkt_dev, &t->if_list, list) { + if (!pkt_dev->running) + continue; + if (best == NULL) + best = pkt_dev; + else if (pkt_dev->next_tx_us < best->next_tx_us) + best = pkt_dev; } if_unlock(t); - return best; + return best; } -static void pktgen_stop(struct pktgen_thread *t) { - struct pktgen_dev *next = NULL; +static void pktgen_stop(struct pktgen_thread *t) +{ + struct pktgen_dev *pkt_dev; - PG_DEBUG(printk("pktgen: entering pktgen_stop.\n")); + PG_DEBUG(printk("pktgen: entering pktgen_stop\n")); - if_lock(t); + if_lock(t); + + list_for_each_entry(pkt_dev, &t->if_list, list) { + pktgen_stop_device(pkt_dev); + if (pkt_dev->skb) + kfree_skb(pkt_dev->skb); - for(next=t->if_list; next; next=next->next) - pktgen_stop_device(next); + pkt_dev->skb = NULL; + } - if_unlock(t); + if_unlock(t); } -static void pktgen_rem_all_ifs(struct pktgen_thread *t) +/* + * one of our devices needs to be removed - find it + * and remove it + */ +static void pktgen_rem_one_if(struct pktgen_thread *t) { - struct pktgen_dev *cur, *next = NULL; - - /* Remove all devices, free mem */ - - if_lock(t); - - for(cur=t->if_list; cur; cur=next) { - next = cur->next; + struct list_head *q, *n; + struct pktgen_dev *cur; + + PG_DEBUG(printk("pktgen: entering pktgen_rem_one_if\n")); + + if_lock(t); + + list_for_each_safe(q, n, &t->if_list) { + cur = list_entry(q, struct pktgen_dev, list); + + if (!cur->removal_mark) + continue; + + if (cur->skb) + kfree_skb(cur->skb); + cur->skb = NULL; + pktgen_remove_device(t, cur); + + break; } - if_unlock(t); + if_unlock(t); } -static void pktgen_rem_thread(struct pktgen_thread *t) +static void pktgen_rem_all_ifs(struct pktgen_thread *t) { - /* Remove from the thread list */ + struct list_head *q, *n; + struct pktgen_dev *cur; - struct pktgen_thread *tmp = pktgen_threads; + /* Remove all devices, free mem */ - remove_proc_entry(t->name, pg_proc_dir); + PG_DEBUG(printk("pktgen: entering pktgen_rem_all_ifs\n")); + if_lock(t); - thread_lock(); + list_for_each_safe(q, n, &t->if_list) { + cur = list_entry(q, struct pktgen_dev, list); - if (tmp == t) - pktgen_threads = tmp->next; - else { - while (tmp) { - if (tmp->next == t) { - tmp->next = t->next; - t->next = NULL; - break; - } - tmp = tmp->next; - } + if (cur->skb) + kfree_skb(cur->skb); + cur->skb = NULL; + + pktgen_remove_device(t, cur); } - thread_unlock(); + + if_unlock(t); +} + +static void pktgen_rem_thread(struct pktgen_thread *t) +{ + /* Remove from the thread list */ + + remove_proc_entry(t->name, pg_proc_dir); + + mutex_lock(&pktgen_thread_lock); + + list_del(&t->th_list); + + mutex_unlock(&pktgen_thread_lock); } static __inline__ void pktgen_xmit(struct pktgen_dev *pkt_dev) @@ -2527,7 +2838,7 @@ static __inline__ void pktgen_xmit(struct pktgen_dev *pkt_dev) int ret; odev = pkt_dev->odev; - + if (pkt_dev->delay_us || pkt_dev->delay_ns) { u64 now; @@ -2544,67 +2855,71 @@ static __inline__ void pktgen_xmit(struct pktgen_dev *pkt_dev) goto out; } } - + if (netif_queue_stopped(odev) || need_resched()) { idle_start = getCurUs(); - + if (!netif_running(odev)) { pktgen_stop_device(pkt_dev); + if (pkt_dev->skb) + kfree_skb(pkt_dev->skb); + pkt_dev->skb = NULL; goto out; } - if (need_resched()) + if (need_resched()) schedule(); - + pkt_dev->idle_acc += getCurUs() - idle_start; - + if (netif_queue_stopped(odev)) { - pkt_dev->next_tx_us = getCurUs(); /* TODO */ + pkt_dev->next_tx_us = getCurUs(); /* TODO */ pkt_dev->next_tx_ns = 0; - goto out; /* Try the next interface */ + goto out; /* Try the next interface */ } } - + if (pkt_dev->last_ok || !pkt_dev->skb) { - if ((++pkt_dev->clone_count >= pkt_dev->clone_skb ) || (!pkt_dev->skb)) { + if ((++pkt_dev->clone_count >= pkt_dev->clone_skb) + || (!pkt_dev->skb)) { /* build a new pkt */ - if (pkt_dev->skb) + if (pkt_dev->skb) kfree_skb(pkt_dev->skb); - + pkt_dev->skb = fill_packet(odev, pkt_dev); if (pkt_dev->skb == NULL) { printk("pktgen: ERROR: couldn't allocate skb in fill_packet.\n"); schedule(); - pkt_dev->clone_count--; /* back out increment, OOM */ + pkt_dev->clone_count--; /* back out increment, OOM */ goto out; } pkt_dev->allocated_skbs++; - pkt_dev->clone_count = 0; /* reset counter */ + pkt_dev->clone_count = 0; /* reset counter */ } } - + spin_lock_bh(&odev->xmit_lock); if (!netif_queue_stopped(odev)) { atomic_inc(&(pkt_dev->skb->users)); -retry_now: + retry_now: ret = odev->hard_start_xmit(pkt_dev->skb, odev); if (likely(ret == NETDEV_TX_OK)) { - pkt_dev->last_ok = 1; + pkt_dev->last_ok = 1; pkt_dev->sofar++; pkt_dev->seq_num++; pkt_dev->tx_bytes += pkt_dev->cur_pkt_size; - - } else if (ret == NETDEV_TX_LOCKED + + } else if (ret == NETDEV_TX_LOCKED && (odev->features & NETIF_F_LLTX)) { cpu_relax(); goto retry_now; - } else { /* Retry it next time */ - + } else { /* Retry it next time */ + atomic_dec(&(pkt_dev->skb->users)); - + if (debug && net_ratelimit()) printk(KERN_INFO "pktgen: Hard xmit error\n"); - + pkt_dev->errors++; pkt_dev->last_ok = 0; } @@ -2619,16 +2934,16 @@ retry_now: pkt_dev->next_tx_us++; pkt_dev->next_tx_ns -= 1000; } - } + } - else { /* Retry it next time */ - pkt_dev->last_ok = 0; - pkt_dev->next_tx_us = getCurUs(); /* TODO */ + else { /* Retry it next time */ + pkt_dev->last_ok = 0; + pkt_dev->next_tx_us = getCurUs(); /* TODO */ pkt_dev->next_tx_ns = 0; - } + } spin_unlock_bh(&odev->xmit_lock); - + /* If pkt_dev->count is zero, then run forever */ if ((pkt_dev->count != 0) && (pkt_dev->sofar >= pkt_dev->count)) { if (atomic_read(&(pkt_dev->skb->users)) != 1) { @@ -2641,72 +2956,74 @@ retry_now: } pkt_dev->idle_acc += getCurUs() - idle_start; } - + /* Done with this */ pktgen_stop_device(pkt_dev); - } - out:; - } + if (pkt_dev->skb) + kfree_skb(pkt_dev->skb); + pkt_dev->skb = NULL; + } +out:; +} /* * Main loop of the thread goes here */ -static void pktgen_thread_worker(struct pktgen_thread *t) +static void pktgen_thread_worker(struct pktgen_thread *t) { DEFINE_WAIT(wait); - struct pktgen_dev *pkt_dev = NULL; + struct pktgen_dev *pkt_dev = NULL; int cpu = t->cpu; sigset_t tmpsig; u32 max_before_softirq; - u32 tx_since_softirq = 0; + u32 tx_since_softirq = 0; daemonize("pktgen/%d", cpu); - /* Block all signals except SIGKILL, SIGSTOP and SIGTERM */ + /* Block all signals except SIGKILL, SIGSTOP and SIGTERM */ - spin_lock_irq(¤t->sighand->siglock); - tmpsig = current->blocked; - siginitsetinv(¤t->blocked, - sigmask(SIGKILL) | - sigmask(SIGSTOP)| - sigmask(SIGTERM)); + spin_lock_irq(¤t->sighand->siglock); + tmpsig = current->blocked; + siginitsetinv(¤t->blocked, + sigmask(SIGKILL) | sigmask(SIGSTOP) | sigmask(SIGTERM)); - recalc_sigpending(); - spin_unlock_irq(¤t->sighand->siglock); + recalc_sigpending(); + spin_unlock_irq(¤t->sighand->siglock); /* Migrate to the right CPU */ set_cpus_allowed(current, cpumask_of_cpu(cpu)); - if (smp_processor_id() != cpu) - BUG(); + if (smp_processor_id() != cpu) + BUG(); init_waitqueue_head(&t->queue); t->control &= ~(T_TERMINATE); t->control &= ~(T_RUN); t->control &= ~(T_STOP); + t->control &= ~(T_REMDEVALL); t->control &= ~(T_REMDEV); - t->pid = current->pid; + t->pid = current->pid; - PG_DEBUG(printk("pktgen: starting pktgen/%d: pid=%d\n", cpu, current->pid)); + PG_DEBUG(printk("pktgen: starting pktgen/%d: pid=%d\n", cpu, current->pid)); max_before_softirq = t->max_before_softirq; - - __set_current_state(TASK_INTERRUPTIBLE); - mb(); - while (1) { - + __set_current_state(TASK_INTERRUPTIBLE); + mb(); + + while (1) { + __set_current_state(TASK_RUNNING); /* * Get next dev to xmit -- if any. */ - pkt_dev = next_to_run(t); - - if (pkt_dev) { + pkt_dev = next_to_run(t); + + if (pkt_dev) { pktgen_xmit(pkt_dev); @@ -2724,115 +3041,125 @@ static void pktgen_thread_worker(struct pktgen_thread *t) } } else { prepare_to_wait(&(t->queue), &wait, TASK_INTERRUPTIBLE); - schedule_timeout(HZ/10); + schedule_timeout(HZ / 10); finish_wait(&(t->queue), &wait); } - /* + /* * Back from sleep, either due to the timeout or signal. * We check if we have any "posted" work for us. */ - if (t->control & T_TERMINATE || signal_pending(current)) - /* we received a request to terminate ourself */ - break; - + if (t->control & T_TERMINATE || signal_pending(current)) + /* we received a request to terminate ourself */ + break; - if(t->control & T_STOP) { + if (t->control & T_STOP) { pktgen_stop(t); t->control &= ~(T_STOP); } - if(t->control & T_RUN) { + if (t->control & T_RUN) { pktgen_run(t); t->control &= ~(T_RUN); } - if(t->control & T_REMDEV) { + if (t->control & T_REMDEVALL) { pktgen_rem_all_ifs(t); + t->control &= ~(T_REMDEVALL); + } + + if (t->control & T_REMDEV) { + pktgen_rem_one_if(t); t->control &= ~(T_REMDEV); } - if (need_resched()) + if (need_resched()) schedule(); - } + } + + PG_DEBUG(printk("pktgen: %s stopping all device\n", t->name)); + pktgen_stop(t); - PG_DEBUG(printk("pktgen: %s stopping all device\n", t->name)); - pktgen_stop(t); + PG_DEBUG(printk("pktgen: %s removing all device\n", t->name)); + pktgen_rem_all_ifs(t); - PG_DEBUG(printk("pktgen: %s removing all device\n", t->name)); - pktgen_rem_all_ifs(t); + PG_DEBUG(printk("pktgen: %s removing thread.\n", t->name)); + pktgen_rem_thread(t); - PG_DEBUG(printk("pktgen: %s removing thread.\n", t->name)); - pktgen_rem_thread(t); + t->removed = 1; } -static struct pktgen_dev *pktgen_find_dev(struct pktgen_thread *t, const char* ifname) +static struct pktgen_dev *pktgen_find_dev(struct pktgen_thread *t, + const char *ifname) { - struct pktgen_dev *pkt_dev = NULL; - if_lock(t); - - for(pkt_dev=t->if_list; pkt_dev; pkt_dev = pkt_dev->next ) { - if (strncmp(pkt_dev->ifname, ifname, IFNAMSIZ) == 0) { - break; - } - } - - if_unlock(t); - PG_DEBUG(printk("pktgen: find_dev(%s) returning %p\n", ifname,pkt_dev)); - return pkt_dev; + struct pktgen_dev *p, *pkt_dev = NULL; + if_lock(t); + + list_for_each_entry(p, &t->if_list, list) + if (strncmp(p->ifname, ifname, IFNAMSIZ) == 0) { + pkt_dev = p; + break; + } + + if_unlock(t); + PG_DEBUG(printk("pktgen: find_dev(%s) returning %p\n", ifname, pkt_dev)); + return pkt_dev; } /* * Adds a dev at front of if_list. */ -static int add_dev_to_thread(struct pktgen_thread *t, struct pktgen_dev *pkt_dev) +static int add_dev_to_thread(struct pktgen_thread *t, + struct pktgen_dev *pkt_dev) { int rv = 0; - - if_lock(t); - - if (pkt_dev->pg_thread) { - printk("pktgen: ERROR: already assigned to a thread.\n"); - rv = -EBUSY; - goto out; - } - pkt_dev->next =t->if_list; t->if_list=pkt_dev; - pkt_dev->pg_thread = t; + + if_lock(t); + + if (pkt_dev->pg_thread) { + printk("pktgen: ERROR: already assigned to a thread.\n"); + rv = -EBUSY; + goto out; + } + + list_add(&pkt_dev->list, &t->if_list); + pkt_dev->pg_thread = t; pkt_dev->running = 0; - out: - if_unlock(t); - return rv; +out: + if_unlock(t); + return rv; } /* Called under thread lock */ -static int pktgen_add_device(struct pktgen_thread *t, const char* ifname) +static int pktgen_add_device(struct pktgen_thread *t, const char *ifname) { - struct pktgen_dev *pkt_dev; + struct pktgen_dev *pkt_dev; struct proc_dir_entry *pe; - + /* We don't allow a device to be on several threads */ pkt_dev = __pktgen_NN_threads(ifname, FIND); if (pkt_dev) { - printk("pktgen: ERROR: interface already used.\n"); - return -EBUSY; - } + printk("pktgen: ERROR: interface already used.\n"); + return -EBUSY; + } pkt_dev = kzalloc(sizeof(struct pktgen_dev), GFP_KERNEL); if (!pkt_dev) return -ENOMEM; - pkt_dev->flows = vmalloc(MAX_CFLOWS*sizeof(struct flow_state)); + pkt_dev->flows = vmalloc(MAX_CFLOWS * sizeof(struct flow_state)); if (pkt_dev->flows == NULL) { kfree(pkt_dev); return -ENOMEM; } - memset(pkt_dev->flows, 0, MAX_CFLOWS*sizeof(struct flow_state)); + memset(pkt_dev->flows, 0, MAX_CFLOWS * sizeof(struct flow_state)); + pkt_dev->removal_mark = 0; pkt_dev->min_pkt_size = ETH_ZLEN; pkt_dev->max_pkt_size = ETH_ZLEN; pkt_dev->nfrags = 0; @@ -2841,14 +3168,14 @@ static int pktgen_add_device(struct pktgen_thread *t, const char* ifname) pkt_dev->delay_ns = pg_delay_d % 1000; pkt_dev->count = pg_count_d; pkt_dev->sofar = 0; - pkt_dev->udp_src_min = 9; /* sink port */ + pkt_dev->udp_src_min = 9; /* sink port */ pkt_dev->udp_src_max = 9; pkt_dev->udp_dst_min = 9; pkt_dev->udp_dst_max = 9; strncpy(pkt_dev->ifname, ifname, IFNAMSIZ); - if (! pktgen_setup_dev(pkt_dev)) { + if (!pktgen_setup_dev(pkt_dev)) { printk("pktgen: ERROR: pktgen_setup_dev failed.\n"); if (pkt_dev->flows) vfree(pkt_dev->flows); @@ -2871,65 +3198,74 @@ static int pktgen_add_device(struct pktgen_thread *t, const char* ifname) return add_dev_to_thread(t, pkt_dev); } -static struct pktgen_thread * __init pktgen_find_thread(const char* name) +static struct pktgen_thread *__init pktgen_find_thread(const char *name) { - struct pktgen_thread *t = NULL; + struct pktgen_thread *t; - thread_lock(); + mutex_lock(&pktgen_thread_lock); - t = pktgen_threads; - while (t) { - if (strcmp(t->name, name) == 0) - break; + list_for_each_entry(t, &pktgen_threads, th_list) + if (strcmp(t->name, name) == 0) { + mutex_unlock(&pktgen_thread_lock); + return t; + } - t = t->next; - } - thread_unlock(); - return t; + mutex_unlock(&pktgen_thread_lock); + return NULL; } -static int __init pktgen_create_thread(const char* name, int cpu) +static int __init pktgen_create_thread(const char *name, int cpu) { - struct pktgen_thread *t = NULL; + int err; + struct pktgen_thread *t = NULL; struct proc_dir_entry *pe; - if (strlen(name) > 31) { - printk("pktgen: ERROR: Thread name cannot be more than 31 characters.\n"); - return -EINVAL; - } - - if (pktgen_find_thread(name)) { - printk("pktgen: ERROR: thread: %s already exists\n", name); - return -EINVAL; - } - - t = kzalloc(sizeof(struct pktgen_thread), GFP_KERNEL); - if (!t) { - printk("pktgen: ERROR: out of memory, can't create new thread.\n"); - return -ENOMEM; - } - - strcpy(t->name, name); - spin_lock_init(&t->if_lock); + if (strlen(name) > 31) { + printk("pktgen: ERROR: Thread name cannot be more than 31 characters.\n"); + return -EINVAL; + } + + if (pktgen_find_thread(name)) { + printk("pktgen: ERROR: thread: %s already exists\n", name); + return -EINVAL; + } + + t = kzalloc(sizeof(struct pktgen_thread), GFP_KERNEL); + if (!t) { + printk("pktgen: ERROR: out of memory, can't create new thread.\n"); + return -ENOMEM; + } + + strcpy(t->name, name); + spin_lock_init(&t->if_lock); t->cpu = cpu; - - pe = create_proc_entry(t->name, 0600, pg_proc_dir); - if (!pe) { - printk("pktgen: cannot create %s/%s procfs entry.\n", + + pe = create_proc_entry(t->name, 0600, pg_proc_dir); + if (!pe) { + printk("pktgen: cannot create %s/%s procfs entry.\n", PG_PROC_DIR, t->name); - kfree(t); - return -EINVAL; - } + kfree(t); + return -EINVAL; + } pe->proc_fops = &pktgen_thread_fops; pe->data = t; - t->next = pktgen_threads; - pktgen_threads = t; + INIT_LIST_HEAD(&t->if_list); + + list_add_tail(&t->th_list, &pktgen_threads); + + t->removed = 0; - if (kernel_thread((void *) pktgen_thread_worker, (void *) t, - CLONE_FS | CLONE_FILES | CLONE_SIGHAND) < 0) + err = kernel_thread((void *)pktgen_thread_worker, (void *)t, + CLONE_FS | CLONE_FILES | CLONE_SIGHAND); + if (err < 0) { printk("pktgen: kernel_thread() failed for cpu %d\n", t->cpu); + remove_proc_entry(t->name, pg_proc_dir); + list_del(&t->th_list); + kfree(t); + return err; + } return 0; } @@ -2937,55 +3273,52 @@ static int __init pktgen_create_thread(const char* name, int cpu) /* * Removes a device from the thread if_list. */ -static void _rem_dev_from_if_list(struct pktgen_thread *t, struct pktgen_dev *pkt_dev) +static void _rem_dev_from_if_list(struct pktgen_thread *t, + struct pktgen_dev *pkt_dev) { - struct pktgen_dev *i, *prev = NULL; - - i = t->if_list; + struct list_head *q, *n; + struct pktgen_dev *p; - while(i) { - if(i == pkt_dev) { - if(prev) prev->next = i->next; - else t->if_list = NULL; - break; - } - prev = i; - i=i->next; + list_for_each_safe(q, n, &t->if_list) { + p = list_entry(q, struct pktgen_dev, list); + if (p == pkt_dev) + list_del(&p->list); } } -static int pktgen_remove_device(struct pktgen_thread *t, struct pktgen_dev *pkt_dev) +static int pktgen_remove_device(struct pktgen_thread *t, + struct pktgen_dev *pkt_dev) { PG_DEBUG(printk("pktgen: remove_device pkt_dev=%p\n", pkt_dev)); - if (pkt_dev->running) { - printk("pktgen:WARNING: trying to remove a running interface, stopping it now.\n"); - pktgen_stop_device(pkt_dev); - } - - /* Dis-associate from the interface */ + if (pkt_dev->running) { + printk("pktgen:WARNING: trying to remove a running interface, stopping it now.\n"); + pktgen_stop_device(pkt_dev); + } + + /* Dis-associate from the interface */ if (pkt_dev->odev) { dev_put(pkt_dev->odev); - pkt_dev->odev = NULL; - } - + pkt_dev->odev = NULL; + } + /* And update the thread if_list */ _rem_dev_from_if_list(t, pkt_dev); - /* Clean up proc file system */ + /* Clean up proc file system */ remove_proc_entry(pkt_dev->ifname, pg_proc_dir); if (pkt_dev->flows) vfree(pkt_dev->flows); kfree(pkt_dev); - return 0; + return 0; } -static int __init pg_init(void) +static int __init pg_init(void) { int cpu; struct proc_dir_entry *pe; @@ -2998,50 +3331,65 @@ static int __init pg_init(void) pg_proc_dir->owner = THIS_MODULE; pe = create_proc_entry(PGCTRL, 0600, pg_proc_dir); - if (pe == NULL) { - printk("pktgen: ERROR: cannot create %s procfs entry.\n", PGCTRL); + if (pe == NULL) { + printk("pktgen: ERROR: cannot create %s procfs entry.\n", + PGCTRL); proc_net_remove(PG_PROC_DIR); - return -EINVAL; - } + return -EINVAL; + } - pe->proc_fops = &pktgen_fops; - pe->data = NULL; + pe->proc_fops = &pktgen_fops; + pe->data = NULL; /* Register us to receive netdevice events */ register_netdevice_notifier(&pktgen_notifier_block); - + for_each_online_cpu(cpu) { + int err; char buf[30]; - sprintf(buf, "kpktgend_%i", cpu); - pktgen_create_thread(buf, cpu); - } - return 0; + sprintf(buf, "kpktgend_%i", cpu); + err = pktgen_create_thread(buf, cpu); + if (err) + printk("pktgen: WARNING: Cannot create thread for cpu %d (%d)\n", + cpu, err); + } + + if (list_empty(&pktgen_threads)) { + printk("pktgen: ERROR: Initialization failed for all threads\n"); + unregister_netdevice_notifier(&pktgen_notifier_block); + remove_proc_entry(PGCTRL, pg_proc_dir); + proc_net_remove(PG_PROC_DIR); + return -ENODEV; + } + + return 0; } static void __exit pg_cleanup(void) { + struct pktgen_thread *t; + struct list_head *q, *n; wait_queue_head_t queue; init_waitqueue_head(&queue); - /* Stop all interfaces & threads */ + /* Stop all interfaces & threads */ - while (pktgen_threads) { - struct pktgen_thread *t = pktgen_threads; - pktgen_threads->control |= (T_TERMINATE); + list_for_each_safe(q, n, &pktgen_threads) { + t = list_entry(q, struct pktgen_thread, th_list); + t->control |= (T_TERMINATE); - wait_event_interruptible_timeout(queue, (t != pktgen_threads), HZ); - } + wait_event_interruptible_timeout(queue, (t->removed == 1), HZ); + } - /* Un-register us from receiving netdevice events */ + /* Un-register us from receiving netdevice events */ unregister_netdevice_notifier(&pktgen_notifier_block); - /* Clean up proc file system */ + /* Clean up proc file system */ remove_proc_entry(PGCTRL, pg_proc_dir); proc_net_remove(PG_PROC_DIR); } - module_init(pg_init); module_exit(pg_cleanup); diff --git a/net/core/request_sock.c b/net/core/request_sock.c index 98f0fc9..1e44eda 100644 --- a/net/core/request_sock.c +++ b/net/core/request_sock.c @@ -51,7 +51,7 @@ int reqsk_queue_alloc(struct request_sock_queue *queue, get_random_bytes(&lopt->hash_rnd, sizeof(lopt->hash_rnd)); rwlock_init(&queue->syn_wait_lock); - queue->rskq_accept_head = queue->rskq_accept_head = NULL; + queue->rskq_accept_head = NULL; lopt->nr_table_entries = nr_table_entries; write_lock_bh(&queue->syn_wait_lock); diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c index eca2976..3fcfa9c 100644 --- a/net/core/rtnetlink.c +++ b/net/core/rtnetlink.c @@ -35,6 +35,7 @@ #include <linux/skbuff.h> #include <linux/init.h> #include <linux/security.h> +#include <linux/mutex.h> #include <asm/uaccess.h> #include <asm/system.h> @@ -50,26 +51,36 @@ #include <net/sock.h> #include <net/pkt_sched.h> #include <net/netlink.h> +#ifdef CONFIG_NET_WIRELESS_RTNETLINK +#include <linux/wireless.h> +#include <net/iw_handler.h> +#endif /* CONFIG_NET_WIRELESS_RTNETLINK */ -DECLARE_MUTEX(rtnl_sem); +static DEFINE_MUTEX(rtnl_mutex); void rtnl_lock(void) { - rtnl_shlock(); + mutex_lock(&rtnl_mutex); } -int rtnl_lock_interruptible(void) +void __rtnl_unlock(void) { - return down_interruptible(&rtnl_sem); + mutex_unlock(&rtnl_mutex); } - + void rtnl_unlock(void) { - rtnl_shunlock(); - + mutex_unlock(&rtnl_mutex); + if (rtnl && rtnl->sk_receive_queue.qlen) + rtnl->sk_data_ready(rtnl, 0); netdev_run_todo(); } +int rtnl_trylock(void) +{ + return mutex_trylock(&rtnl_mutex); +} + int rtattr_parse(struct rtattr *tb[], int maxattr, struct rtattr *rta, int len) { memset(tb, 0, sizeof(struct rtattr*)*maxattr); @@ -179,6 +190,33 @@ rtattr_failure: } +static void set_operstate(struct net_device *dev, unsigned char transition) +{ + unsigned char operstate = dev->operstate; + + switch(transition) { + case IF_OPER_UP: + if ((operstate == IF_OPER_DORMANT || + operstate == IF_OPER_UNKNOWN) && + !netif_dormant(dev)) + operstate = IF_OPER_UP; + break; + + case IF_OPER_DORMANT: + if (operstate == IF_OPER_UP || + operstate == IF_OPER_UNKNOWN) + operstate = IF_OPER_DORMANT; + break; + }; + + if (dev->operstate != operstate) { + write_lock_bh(&dev_base_lock); + dev->operstate = operstate; + write_unlock_bh(&dev_base_lock); + netdev_state_change(dev); + } +} + static int rtnetlink_fill_ifinfo(struct sk_buff *skb, struct net_device *dev, int type, u32 pid, u32 seq, u32 change, unsigned int flags) @@ -209,6 +247,13 @@ static int rtnetlink_fill_ifinfo(struct sk_buff *skb, struct net_device *dev, } if (1) { + u8 operstate = netif_running(dev)?dev->operstate:IF_OPER_DOWN; + u8 link_mode = dev->link_mode; + RTA_PUT(skb, IFLA_OPERSTATE, sizeof(operstate), &operstate); + RTA_PUT(skb, IFLA_LINKMODE, sizeof(link_mode), &link_mode); + } + + if (1) { struct rtnl_link_ifmap map = { .mem_start = dev->mem_start, .mem_end = dev->mem_end, @@ -399,6 +444,22 @@ static int do_setlink(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) dev->weight = *((u32 *) RTA_DATA(ida[IFLA_WEIGHT - 1])); } + if (ida[IFLA_OPERSTATE - 1]) { + if (ida[IFLA_OPERSTATE - 1]->rta_len != RTA_LENGTH(sizeof(u8))) + goto out; + + set_operstate(dev, *((u8 *) RTA_DATA(ida[IFLA_OPERSTATE - 1]))); + } + + if (ida[IFLA_LINKMODE - 1]) { + if (ida[IFLA_LINKMODE - 1]->rta_len != RTA_LENGTH(sizeof(u8))) + goto out; + + write_lock_bh(&dev_base_lock); + dev->link_mode = *((u8 *) RTA_DATA(ida[IFLA_LINKMODE - 1])); + write_unlock_bh(&dev_base_lock); + } + if (ifm->ifi_index >= 0 && ida[IFLA_IFNAME - 1]) { char ifname[IFNAMSIZ]; @@ -410,6 +471,17 @@ static int do_setlink(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) goto out; } +#ifdef CONFIG_NET_WIRELESS_RTNETLINK + if (ida[IFLA_WIRELESS - 1]) { + + /* Call Wireless Extensions. + * Various stuff checked in there... */ + err = wireless_rtnetlink_set(dev, RTA_DATA(ida[IFLA_WIRELESS - 1]), ida[IFLA_WIRELESS - 1]->rta_len); + if (err) + goto out; + } +#endif /* CONFIG_NET_WIRELESS_RTNETLINK */ + err = 0; out: @@ -420,6 +492,83 @@ out: return err; } +#ifdef CONFIG_NET_WIRELESS_RTNETLINK +static int do_getlink(struct sk_buff *in_skb, struct nlmsghdr* in_nlh, void *arg) +{ + struct ifinfomsg *ifm = NLMSG_DATA(in_nlh); + struct rtattr **ida = arg; + struct net_device *dev; + struct ifinfomsg *r; + struct nlmsghdr *nlh; + int err = -ENOBUFS; + struct sk_buff *skb; + unsigned char *b; + char *iw_buf = NULL; + int iw_buf_len = 0; + + if (ifm->ifi_index >= 0) + dev = dev_get_by_index(ifm->ifi_index); + else + return -EINVAL; + if (!dev) + return -ENODEV; + +#ifdef CONFIG_NET_WIRELESS_RTNETLINK + if (ida[IFLA_WIRELESS - 1]) { + + /* Call Wireless Extensions. We need to know the size before + * we can alloc. Various stuff checked in there... */ + err = wireless_rtnetlink_get(dev, RTA_DATA(ida[IFLA_WIRELESS - 1]), ida[IFLA_WIRELESS - 1]->rta_len, &iw_buf, &iw_buf_len); + if (err) + goto out; + } +#endif /* CONFIG_NET_WIRELESS_RTNETLINK */ + + /* Create a skb big enough to include all the data. + * Some requests are way bigger than 4k... Jean II */ + skb = alloc_skb((NLMSG_LENGTH(sizeof(*r))) + (RTA_SPACE(iw_buf_len)), + GFP_KERNEL); + if (!skb) + goto out; + b = skb->tail; + + /* Put in the message the usual good stuff */ + nlh = NLMSG_PUT(skb, NETLINK_CB(in_skb).pid, in_nlh->nlmsg_seq, + RTM_NEWLINK, sizeof(*r)); + r = NLMSG_DATA(nlh); + r->ifi_family = AF_UNSPEC; + r->__ifi_pad = 0; + r->ifi_type = dev->type; + r->ifi_index = dev->ifindex; + r->ifi_flags = dev->flags; + r->ifi_change = 0; + + /* Put the wireless payload if it exist */ + if(iw_buf != NULL) + RTA_PUT(skb, IFLA_WIRELESS, iw_buf_len, + iw_buf + IW_EV_POINT_OFF); + + nlh->nlmsg_len = skb->tail - b; + + /* Needed ? */ + NETLINK_CB(skb).dst_pid = NETLINK_CB(in_skb).pid; + + err = netlink_unicast(rtnl, skb, NETLINK_CB(in_skb).pid, MSG_DONTWAIT); + if (err > 0) + err = 0; +out: + if(iw_buf != NULL) + kfree(iw_buf); + dev_put(dev); + return err; + +rtattr_failure: +nlmsg_failure: + kfree_skb(skb); + goto out; +} +#endif /* CONFIG_NET_WIRELESS_RTNETLINK */ + static int rtnetlink_dump_all(struct sk_buff *skb, struct netlink_callback *cb) { int idx; @@ -575,9 +724,9 @@ static void rtnetlink_rcv(struct sock *sk, int len) unsigned int qlen = 0; do { - rtnl_lock(); + mutex_lock(&rtnl_mutex); netlink_run_queue(sk, &qlen, &rtnetlink_rcv_msg); - up(&rtnl_sem); + mutex_unlock(&rtnl_mutex); netdev_run_todo(); } while (qlen); @@ -585,7 +734,11 @@ static void rtnetlink_rcv(struct sock *sk, int len) static struct rtnetlink_link link_rtnetlink_table[RTM_NR_MSGTYPES] = { - [RTM_GETLINK - RTM_BASE] = { .dumpit = rtnetlink_dump_ifinfo }, + [RTM_GETLINK - RTM_BASE] = { +#ifdef CONFIG_NET_WIRELESS_RTNETLINK + .doit = do_getlink, +#endif /* CONFIG_NET_WIRELESS_RTNETLINK */ + .dumpit = rtnetlink_dump_ifinfo }, [RTM_SETLINK - RTM_BASE] = { .doit = do_setlink }, [RTM_GETADDR - RTM_BASE] = { .dumpit = rtnetlink_dump_all }, [RTM_GETROUTE - RTM_BASE] = { .dumpit = rtnetlink_dump_all }, @@ -654,6 +807,5 @@ EXPORT_SYMBOL(rtnetlink_links); EXPORT_SYMBOL(rtnetlink_put_metrics); EXPORT_SYMBOL(rtnl); EXPORT_SYMBOL(rtnl_lock); -EXPORT_SYMBOL(rtnl_lock_interruptible); -EXPORT_SYMBOL(rtnl_sem); +EXPORT_SYMBOL(rtnl_trylock); EXPORT_SYMBOL(rtnl_unlock); diff --git a/net/core/skbuff.c b/net/core/skbuff.c index 2144952..09464fa 100644 --- a/net/core/skbuff.c +++ b/net/core/skbuff.c @@ -149,7 +149,7 @@ struct sk_buff *__alloc_skb(unsigned int size, gfp_t gfp_mask, /* Get the DATA. Size must match skb_add_mtu(). */ size = SKB_DATA_ALIGN(size); - data = kmalloc(size + sizeof(struct skb_shared_info), gfp_mask); + data = ____kmalloc(size + sizeof(struct skb_shared_info), gfp_mask); if (!data) goto nodata; @@ -356,6 +356,24 @@ void __kfree_skb(struct sk_buff *skb) } /** + * kfree_skb - free an sk_buff + * @skb: buffer to free + * + * Drop a reference to the buffer and free it if the usage count has + * hit zero. + */ +void kfree_skb(struct sk_buff *skb) +{ + if (unlikely(!skb)) + return; + if (likely(atomic_read(&skb->users) == 1)) + smp_rmb(); + else if (likely(!atomic_dec_and_test(&skb->users))) + return; + __kfree_skb(skb); +} + +/** * skb_clone - duplicate an sk_buff * @skb: buffer to clone * @gfp_mask: allocation priority @@ -1777,6 +1795,29 @@ int skb_append_datato_frags(struct sock *sk, struct sk_buff *skb, return 0; } +/** + * skb_pull_rcsum - pull skb and update receive checksum + * @skb: buffer to update + * @start: start of data before pull + * @len: length of data pulled + * + * This function performs an skb_pull on the packet and updates + * update the CHECKSUM_HW checksum. It should be used on receive + * path processing instead of skb_pull unless you know that the + * checksum difference is zero (e.g., a valid IP header) or you + * are setting ip_summed to CHECKSUM_NONE. + */ +unsigned char *skb_pull_rcsum(struct sk_buff *skb, unsigned int len) +{ + BUG_ON(len > skb->len); + skb->len -= len; + BUG_ON(skb->len < skb->data_len); + skb_postpull_rcsum(skb, skb->data, len); + return skb->data += len; +} + +EXPORT_SYMBOL_GPL(skb_pull_rcsum); + void __init skb_init(void) { skbuff_head_cache = kmem_cache_create("skbuff_head_cache", @@ -1799,6 +1840,7 @@ void __init skb_init(void) EXPORT_SYMBOL(___pskb_trim); EXPORT_SYMBOL(__kfree_skb); +EXPORT_SYMBOL(kfree_skb); EXPORT_SYMBOL(__pskb_pull_tail); EXPORT_SYMBOL(__alloc_skb); EXPORT_SYMBOL(pskb_copy); diff --git a/net/core/sock.c b/net/core/sock.c index 6e00811..a96ea7d 100644 --- a/net/core/sock.c +++ b/net/core/sock.c @@ -187,6 +187,99 @@ static void sock_disable_timestamp(struct sock *sk) } +int sock_queue_rcv_skb(struct sock *sk, struct sk_buff *skb) +{ + int err = 0; + int skb_len; + + /* Cast skb->rcvbuf to unsigned... It's pointless, but reduces + number of warnings when compiling with -W --ANK + */ + if (atomic_read(&sk->sk_rmem_alloc) + skb->truesize >= + (unsigned)sk->sk_rcvbuf) { + err = -ENOMEM; + goto out; + } + + /* It would be deadlock, if sock_queue_rcv_skb is used + with socket lock! We assume that users of this + function are lock free. + */ + err = sk_filter(sk, skb, 1); + if (err) + goto out; + + skb->dev = NULL; + skb_set_owner_r(skb, sk); + + /* Cache the SKB length before we tack it onto the receive + * queue. Once it is added it no longer belongs to us and + * may be freed by other threads of control pulling packets + * from the queue. + */ + skb_len = skb->len; + + skb_queue_tail(&sk->sk_receive_queue, skb); + + if (!sock_flag(sk, SOCK_DEAD)) + sk->sk_data_ready(sk, skb_len); +out: + return err; +} +EXPORT_SYMBOL(sock_queue_rcv_skb); + +int sk_receive_skb(struct sock *sk, struct sk_buff *skb) +{ + int rc = NET_RX_SUCCESS; + + if (sk_filter(sk, skb, 0)) + goto discard_and_relse; + + skb->dev = NULL; + + bh_lock_sock(sk); + if (!sock_owned_by_user(sk)) + rc = sk->sk_backlog_rcv(sk, skb); + else + sk_add_backlog(sk, skb); + bh_unlock_sock(sk); +out: + sock_put(sk); + return rc; +discard_and_relse: + kfree_skb(skb); + goto out; +} +EXPORT_SYMBOL(sk_receive_skb); + +struct dst_entry *__sk_dst_check(struct sock *sk, u32 cookie) +{ + struct dst_entry *dst = sk->sk_dst_cache; + + if (dst && dst->obsolete && dst->ops->check(dst, cookie) == NULL) { + sk->sk_dst_cache = NULL; + dst_release(dst); + return NULL; + } + + return dst; +} +EXPORT_SYMBOL(__sk_dst_check); + +struct dst_entry *sk_dst_check(struct sock *sk, u32 cookie) +{ + struct dst_entry *dst = sk_dst_get(sk); + + if (dst && dst->obsolete && dst->ops->check(dst, cookie) == NULL) { + sk_dst_reset(sk); + dst_release(dst); + return NULL; + } + + return dst; +} +EXPORT_SYMBOL(sk_dst_check); + /* * This is meant for all protocols to use and covers goings on * at the socket level. Everything here is generic. @@ -404,8 +497,9 @@ set_rcvbuf: if (!valbool) { sk->sk_bound_dev_if = 0; } else { - if (optlen > IFNAMSIZ) - optlen = IFNAMSIZ; + if (optlen > IFNAMSIZ - 1) + optlen = IFNAMSIZ - 1; + memset(devname, 0, sizeof(devname)); if (copy_from_user(devname, optval, optlen)) { ret = -EFAULT; break; @@ -616,7 +710,7 @@ int sock_getsockopt(struct socket *sock, int level, int optname, break; case SO_PEERSEC: - return security_socket_getpeersec(sock, optval, optlen, len); + return security_socket_getpeersec_stream(sock, optval, optlen, len); default: return(-ENOPROTOOPT); @@ -1385,6 +1479,20 @@ int sock_common_getsockopt(struct socket *sock, int level, int optname, EXPORT_SYMBOL(sock_common_getsockopt); +#ifdef CONFIG_COMPAT +int compat_sock_common_getsockopt(struct socket *sock, int level, int optname, + char __user *optval, int __user *optlen) +{ + struct sock *sk = sock->sk; + + if (sk->sk_prot->compat_setsockopt != NULL) + return sk->sk_prot->compat_getsockopt(sk, level, optname, + optval, optlen); + return sk->sk_prot->getsockopt(sk, level, optname, optval, optlen); +} +EXPORT_SYMBOL(compat_sock_common_getsockopt); +#endif + int sock_common_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t size, int flags) { @@ -1414,6 +1522,20 @@ int sock_common_setsockopt(struct socket *sock, int level, int optname, EXPORT_SYMBOL(sock_common_setsockopt); +#ifdef CONFIG_COMPAT +int compat_sock_common_setsockopt(struct socket *sock, int level, int optname, + char __user *optval, int optlen) +{ + struct sock *sk = sock->sk; + + if (sk->sk_prot->compat_setsockopt != NULL) + return sk->sk_prot->compat_setsockopt(sk, level, optname, + optval, optlen); + return sk->sk_prot->setsockopt(sk, level, optname, optval, optlen); +} +EXPORT_SYMBOL(compat_sock_common_setsockopt); +#endif + void sk_common_release(struct sock *sk) { if (sk->sk_prot->destroy) diff --git a/net/core/sysctl_net_core.c b/net/core/sysctl_net_core.c index 2f278c8..7104536 100644 --- a/net/core/sysctl_net_core.c +++ b/net/core/sysctl_net_core.c @@ -26,6 +26,11 @@ extern int sysctl_core_destroy_delay; extern char sysctl_divert_version[]; #endif /* CONFIG_NET_DIVERT */ +#ifdef CONFIG_XFRM +extern u32 sysctl_xfrm_aevent_etime; +extern u32 sysctl_xfrm_aevent_rseqth; +#endif + ctl_table core_table[] = { #ifdef CONFIG_NET { @@ -111,6 +116,24 @@ ctl_table core_table[] = { .proc_handler = &proc_dostring }, #endif /* CONFIG_NET_DIVERT */ +#ifdef CONFIG_XFRM + { + .ctl_name = NET_CORE_AEVENT_ETIME, + .procname = "xfrm_aevent_etime", + .data = &sysctl_xfrm_aevent_etime, + .maxlen = sizeof(u32), + .mode = 0644, + .proc_handler = &proc_dointvec + }, + { + .ctl_name = NET_CORE_AEVENT_RSEQTH, + .procname = "xfrm_aevent_rseqth", + .data = &sysctl_xfrm_aevent_rseqth, + .maxlen = sizeof(u32), + .mode = 0644, + .proc_handler = &proc_dointvec + }, +#endif /* CONFIG_XFRM */ #endif /* CONFIG_NET */ { .ctl_name = NET_CORE_SOMAXCONN, diff --git a/net/core/wireless.c b/net/core/wireless.c index 2add7ed..81d6995 100644 --- a/net/core/wireless.c +++ b/net/core/wireless.c @@ -2,7 +2,7 @@ * This file implement the Wireless Extensions APIs. * * Authors : Jean Tourrilhes - HPL - <jt@hpl.hp.com> - * Copyright (c) 1997-2005 Jean Tourrilhes, All Rights Reserved. + * Copyright (c) 1997-2006 Jean Tourrilhes, All Rights Reserved. * * (As all part of the Linux kernel, this file is GPL) */ @@ -65,6 +65,9 @@ * o Start deprecating dev->get_wireless_stats, output a warning * o If IW_QUAL_DBM is set, show dBm values in /proc/net/wireless * o Don't loose INVALID/DBM flags when clearing UPDATED flags (iwstats) + * + * v8 - 17.02.06 - Jean II + * o RtNetlink requests support (SET/GET) */ /***************************** INCLUDES *****************************/ @@ -89,11 +92,13 @@ /* Debugging stuff */ #undef WE_IOCTL_DEBUG /* Debug IOCTL API */ +#undef WE_RTNETLINK_DEBUG /* Debug RtNetlink API */ #undef WE_EVENT_DEBUG /* Debug Event dispatcher */ #undef WE_SPY_DEBUG /* Debug enhanced spy support */ /* Options */ -#define WE_EVENT_NETLINK /* Propagate events using rtnetlink */ +//CONFIG_NET_WIRELESS_RTNETLINK /* Wireless requests over RtNetlink */ +#define WE_EVENT_RTNETLINK /* Propagate events using RtNetlink */ #define WE_SET_EVENT /* Generate an event on some set commands */ /************************* GLOBAL VARIABLES *************************/ @@ -156,13 +161,18 @@ static const struct iw_ioctl_description standard_ioctl[] = { .header_type = IW_HEADER_TYPE_NULL, }, [SIOCGIWPRIV - SIOCIWFIRST] = { /* (handled directly by us) */ - .header_type = IW_HEADER_TYPE_NULL, + .header_type = IW_HEADER_TYPE_POINT, + .token_size = sizeof(struct iw_priv_args), + .max_tokens = 16, + .flags = IW_DESCR_FLAG_NOMAX, }, [SIOCSIWSTATS - SIOCIWFIRST] = { .header_type = IW_HEADER_TYPE_NULL, }, [SIOCGIWSTATS - SIOCIWFIRST] = { /* (handled directly by us) */ - .header_type = IW_HEADER_TYPE_NULL, + .header_type = IW_HEADER_TYPE_POINT, + .token_size = 1, + .max_tokens = sizeof(struct iw_statistics), .flags = IW_DESCR_FLAG_DUMP, }, [SIOCSIWSPY - SIOCIWFIRST] = { @@ -529,6 +539,70 @@ static inline int adjust_priv_size(__u16 args, return num * iw_priv_type_size[type]; } +/* ---------------------------------------------------------------- */ +/* + * Standard Wireless Handler : get wireless stats + * Allow programatic access to /proc/net/wireless even if /proc + * doesn't exist... Also more efficient... + */ +static int iw_handler_get_iwstats(struct net_device * dev, + struct iw_request_info * info, + union iwreq_data * wrqu, + char * extra) +{ + /* Get stats from the driver */ + struct iw_statistics *stats; + + stats = get_wireless_stats(dev); + if (stats != (struct iw_statistics *) NULL) { + + /* Copy statistics to extra */ + memcpy(extra, stats, sizeof(struct iw_statistics)); + wrqu->data.length = sizeof(struct iw_statistics); + + /* Check if we need to clear the updated flag */ + if(wrqu->data.flags != 0) + stats->qual.updated &= ~IW_QUAL_ALL_UPDATED; + return 0; + } else + return -EOPNOTSUPP; +} + +/* ---------------------------------------------------------------- */ +/* + * Standard Wireless Handler : get iwpriv definitions + * Export the driver private handler definition + * They will be picked up by tools like iwpriv... + */ +static int iw_handler_get_private(struct net_device * dev, + struct iw_request_info * info, + union iwreq_data * wrqu, + char * extra) +{ + /* Check if the driver has something to export */ + if((dev->wireless_handlers->num_private_args == 0) || + (dev->wireless_handlers->private_args == NULL)) + return -EOPNOTSUPP; + + /* Check if there is enough buffer up there */ + if(wrqu->data.length < dev->wireless_handlers->num_private_args) { + /* User space can't know in advance how large the buffer + * needs to be. Give it a hint, so that we can support + * any size buffer we want somewhat efficiently... */ + wrqu->data.length = dev->wireless_handlers->num_private_args; + return -E2BIG; + } + + /* Set the number of available ioctls. */ + wrqu->data.length = dev->wireless_handlers->num_private_args; + + /* Copy structure to the user buffer. */ + memcpy(extra, dev->wireless_handlers->private_args, + sizeof(struct iw_priv_args) * wrqu->data.length); + + return 0; +} + /******************** /proc/net/wireless SUPPORT ********************/ /* @@ -630,81 +704,14 @@ int __init wireless_proc_init(void) /* ---------------------------------------------------------------- */ /* - * Allow programatic access to /proc/net/wireless even if /proc - * doesn't exist... Also more efficient... - */ -static inline int dev_iwstats(struct net_device *dev, struct ifreq *ifr) -{ - /* Get stats from the driver */ - struct iw_statistics *stats; - - stats = get_wireless_stats(dev); - if (stats != (struct iw_statistics *) NULL) { - struct iwreq * wrq = (struct iwreq *)ifr; - - /* Copy statistics to the user buffer */ - if(copy_to_user(wrq->u.data.pointer, stats, - sizeof(struct iw_statistics))) - return -EFAULT; - - /* Check if we need to clear the updated flag */ - if(wrq->u.data.flags != 0) - stats->qual.updated &= ~IW_QUAL_ALL_UPDATED; - return 0; - } else - return -EOPNOTSUPP; -} - -/* ---------------------------------------------------------------- */ -/* - * Export the driver private handler definition - * They will be picked up by tools like iwpriv... - */ -static inline int ioctl_export_private(struct net_device * dev, - struct ifreq * ifr) -{ - struct iwreq * iwr = (struct iwreq *) ifr; - - /* Check if the driver has something to export */ - if((dev->wireless_handlers->num_private_args == 0) || - (dev->wireless_handlers->private_args == NULL)) - return -EOPNOTSUPP; - - /* Check NULL pointer */ - if(iwr->u.data.pointer == NULL) - return -EFAULT; - - /* Check if there is enough buffer up there */ - if(iwr->u.data.length < dev->wireless_handlers->num_private_args) { - /* User space can't know in advance how large the buffer - * needs to be. Give it a hint, so that we can support - * any size buffer we want somewhat efficiently... */ - iwr->u.data.length = dev->wireless_handlers->num_private_args; - return -E2BIG; - } - - /* Set the number of available ioctls. */ - iwr->u.data.length = dev->wireless_handlers->num_private_args; - - /* Copy structure to the user buffer. */ - if (copy_to_user(iwr->u.data.pointer, - dev->wireless_handlers->private_args, - sizeof(struct iw_priv_args) * iwr->u.data.length)) - return -EFAULT; - - return 0; -} - -/* ---------------------------------------------------------------- */ -/* * Wrapper to call a standard Wireless Extension handler. * We do various checks and also take care of moving data between * user space and kernel space. */ -static inline int ioctl_standard_call(struct net_device * dev, - struct ifreq * ifr, - unsigned int cmd, - iw_handler handler) +static int ioctl_standard_call(struct net_device * dev, + struct ifreq * ifr, + unsigned int cmd, + iw_handler handler) { struct iwreq * iwr = (struct iwreq *) ifr; const struct iw_ioctl_description * descr; @@ -1048,14 +1055,20 @@ int wireless_process_ioctl(struct ifreq *ifr, unsigned int cmd) { case SIOCGIWSTATS: /* Get Wireless Stats */ - return dev_iwstats(dev, ifr); + return ioctl_standard_call(dev, + ifr, + cmd, + &iw_handler_get_iwstats); case SIOCGIWPRIV: /* Check if we have some wireless handlers defined */ if(dev->wireless_handlers != NULL) { /* We export to user space the definition of * the private handler ourselves */ - return ioctl_export_private(dev, ifr); + return ioctl_standard_call(dev, + ifr, + cmd, + &iw_handler_get_private); } // ## Fall-through for old API ## default: @@ -1088,16 +1101,739 @@ int wireless_process_ioctl(struct ifreq *ifr, unsigned int cmd) return -EINVAL; } +/********************** RTNETLINK REQUEST API **********************/ +/* + * The alternate user space API to configure all those Wireless Extensions + * is through RtNetlink. + * This API support only the new driver API (iw_handler). + * + * This RtNetlink API use the same query/reply model as the ioctl API. + * Maximum effort has been done to fit in the RtNetlink model, and + * we support both RtNetlink Set and RtNelink Get operations. + * On the other hand, we don't offer Dump operations because of the + * following reasons : + * o Large number of parameters, most optional + * o Large size of some parameters (> 100 bytes) + * o Each parameters need to be extracted from hardware + * o Scan requests can take seconds and disable network activity. + * Because of this high cost/overhead, we want to return only the + * parameters the user application is really interested in. + * We could offer partial Dump using the IW_DESCR_FLAG_DUMP flag. + * + * The API uses the standard RtNetlink socket. When the RtNetlink code + * find a IFLA_WIRELESS field in a RtNetlink SET_LINK request, + * it calls here. + */ + +#ifdef CONFIG_NET_WIRELESS_RTNETLINK +/* ---------------------------------------------------------------- */ +/* + * Wrapper to call a standard Wireless Extension GET handler. + * We do various checks and call the handler with the proper args. + */ +static int rtnetlink_standard_get(struct net_device * dev, + struct iw_event * request, + int request_len, + iw_handler handler, + char ** p_buf, + int * p_len) +{ + const struct iw_ioctl_description * descr = NULL; + unsigned int cmd; + union iwreq_data * wrqu; + int hdr_len; + struct iw_request_info info; + char * buffer = NULL; + int buffer_size = 0; + int ret = -EINVAL; + + /* Get the description of the Request */ + cmd = request->cmd; + if((cmd - SIOCIWFIRST) >= standard_ioctl_num) + return -EOPNOTSUPP; + descr = &(standard_ioctl[cmd - SIOCIWFIRST]); + +#ifdef WE_RTNETLINK_DEBUG + printk(KERN_DEBUG "%s (WE.r) : Found standard handler for 0x%04X\n", + dev->name, cmd); + printk(KERN_DEBUG "%s (WE.r) : Header type : %d, Token type : %d, size : %d, token : %d\n", dev->name, descr->header_type, descr->token_type, descr->token_size, descr->max_tokens); +#endif /* WE_RTNETLINK_DEBUG */ + + /* Check if wrqu is complete */ + hdr_len = event_type_size[descr->header_type]; + if(request_len < hdr_len) { +#ifdef WE_RTNETLINK_DEBUG + printk(KERN_DEBUG + "%s (WE.r) : Wireless request too short (%d)\n", + dev->name, request_len); +#endif /* WE_RTNETLINK_DEBUG */ + return -EINVAL; + } + + /* Prepare the call */ + info.cmd = cmd; + info.flags = 0; + + /* Check if we have extra data in the reply or not */ + if(descr->header_type != IW_HEADER_TYPE_POINT) { + + /* Create the kernel buffer that we will return. + * It's at an offset to match the TYPE_POINT case... */ + buffer_size = request_len + IW_EV_POINT_OFF; + buffer = kmalloc(buffer_size, GFP_KERNEL); + if (buffer == NULL) { + return -ENOMEM; + } + /* Copy event data */ + memcpy(buffer + IW_EV_POINT_OFF, request, request_len); + /* Use our own copy of wrqu */ + wrqu = (union iwreq_data *) (buffer + IW_EV_POINT_OFF + + IW_EV_LCP_LEN); + + /* No extra arguments. Trivial to handle */ + ret = handler(dev, &info, wrqu, NULL); + + } else { + union iwreq_data wrqu_point; + char * extra = NULL; + int extra_size = 0; + + /* Get a temp copy of wrqu (skip pointer) */ + memcpy(((char *) &wrqu_point) + IW_EV_POINT_OFF, + ((char *) request) + IW_EV_LCP_LEN, + IW_EV_POINT_LEN - IW_EV_LCP_LEN); + + /* Calculate space needed by arguments. Always allocate + * for max space. Easier, and won't last long... */ + extra_size = descr->max_tokens * descr->token_size; + /* Support for very large requests */ + if((descr->flags & IW_DESCR_FLAG_NOMAX) && + (wrqu_point.data.length > descr->max_tokens)) + extra_size = (wrqu_point.data.length + * descr->token_size); + buffer_size = extra_size + IW_EV_POINT_LEN + IW_EV_POINT_OFF; +#ifdef WE_RTNETLINK_DEBUG + printk(KERN_DEBUG "%s (WE.r) : Malloc %d bytes (%d bytes)\n", + dev->name, extra_size, buffer_size); +#endif /* WE_RTNETLINK_DEBUG */ + + /* Create the kernel buffer that we will return */ + buffer = kmalloc(buffer_size, GFP_KERNEL); + if (buffer == NULL) { + return -ENOMEM; + } + + /* Put wrqu in the right place (just before extra). + * Leave space for IWE header and dummy pointer... + * Note that IW_EV_LCP_LEN==4 bytes, so it's still aligned... + */ + memcpy(buffer + IW_EV_LCP_LEN + IW_EV_POINT_OFF, + ((char *) &wrqu_point) + IW_EV_POINT_OFF, + IW_EV_POINT_LEN - IW_EV_LCP_LEN); + wrqu = (union iwreq_data *) (buffer + IW_EV_LCP_LEN); + + /* Extra comes logically after that. Offset +12 bytes. */ + extra = buffer + IW_EV_POINT_OFF + IW_EV_POINT_LEN; + + /* Call the handler */ + ret = handler(dev, &info, wrqu, extra); + + /* Calculate real returned length */ + extra_size = (wrqu->data.length * descr->token_size); + /* Re-adjust reply size */ + request->len = extra_size + IW_EV_POINT_LEN; + + /* Put the iwe header where it should, i.e. scrap the + * dummy pointer. */ + memcpy(buffer + IW_EV_POINT_OFF, request, IW_EV_LCP_LEN); + +#ifdef WE_RTNETLINK_DEBUG + printk(KERN_DEBUG "%s (WE.r) : Reply 0x%04X, hdr_len %d, tokens %d, extra_size %d, buffer_size %d\n", dev->name, cmd, hdr_len, wrqu->data.length, extra_size, buffer_size); +#endif /* WE_RTNETLINK_DEBUG */ + + /* Check if there is enough buffer up there */ + if(wrqu_point.data.length < wrqu->data.length) + ret = -E2BIG; + } + + /* Return the buffer to the caller */ + if (!ret) { + *p_buf = buffer; + *p_len = request->len; + } else { + /* Cleanup */ + if(buffer) + kfree(buffer); + } + + return ret; +} + +/* ---------------------------------------------------------------- */ +/* + * Wrapper to call a standard Wireless Extension SET handler. + * We do various checks and call the handler with the proper args. + */ +static inline int rtnetlink_standard_set(struct net_device * dev, + struct iw_event * request, + int request_len, + iw_handler handler) +{ + const struct iw_ioctl_description * descr = NULL; + unsigned int cmd; + union iwreq_data * wrqu; + union iwreq_data wrqu_point; + int hdr_len; + char * extra = NULL; + int extra_size = 0; + struct iw_request_info info; + int ret = -EINVAL; + + /* Get the description of the Request */ + cmd = request->cmd; + if((cmd - SIOCIWFIRST) >= standard_ioctl_num) + return -EOPNOTSUPP; + descr = &(standard_ioctl[cmd - SIOCIWFIRST]); + +#ifdef WE_RTNETLINK_DEBUG + printk(KERN_DEBUG "%s (WE.r) : Found standard SET handler for 0x%04X\n", + dev->name, cmd); + printk(KERN_DEBUG "%s (WE.r) : Header type : %d, Token type : %d, size : %d, token : %d\n", dev->name, descr->header_type, descr->token_type, descr->token_size, descr->max_tokens); +#endif /* WE_RTNETLINK_DEBUG */ + + /* Extract fixed header from request. This is properly aligned. */ + wrqu = &request->u; + + /* Check if wrqu is complete */ + hdr_len = event_type_size[descr->header_type]; + if(request_len < hdr_len) { +#ifdef WE_RTNETLINK_DEBUG + printk(KERN_DEBUG + "%s (WE.r) : Wireless request too short (%d)\n", + dev->name, request_len); +#endif /* WE_RTNETLINK_DEBUG */ + return -EINVAL; + } + + /* Prepare the call */ + info.cmd = cmd; + info.flags = 0; + + /* Check if we have extra data in the request or not */ + if(descr->header_type != IW_HEADER_TYPE_POINT) { + + /* No extra arguments. Trivial to handle */ + ret = handler(dev, &info, wrqu, NULL); + + } else { + int extra_len; + + /* Put wrqu in the right place (skip pointer) */ + memcpy(((char *) &wrqu_point) + IW_EV_POINT_OFF, + wrqu, IW_EV_POINT_LEN - IW_EV_LCP_LEN); + /* Don't forget about the event code... */ + wrqu = &wrqu_point; + + /* Check if number of token fits within bounds */ + if(wrqu_point.data.length > descr->max_tokens) + return -E2BIG; + if(wrqu_point.data.length < descr->min_tokens) + return -EINVAL; + + /* Real length of payload */ + extra_len = wrqu_point.data.length * descr->token_size; + + /* Check if request is self consistent */ + if((request_len - hdr_len) < extra_len) { +#ifdef WE_RTNETLINK_DEBUG + printk(KERN_DEBUG "%s (WE.r) : Wireless request data too short (%d)\n", + dev->name, extra_size); +#endif /* WE_RTNETLINK_DEBUG */ + return -EINVAL; + } + +#ifdef WE_RTNETLINK_DEBUG + printk(KERN_DEBUG "%s (WE.r) : Malloc %d bytes\n", + dev->name, extra_size); +#endif /* WE_RTNETLINK_DEBUG */ + + /* Always allocate for max space. Easier, and won't last + * long... */ + extra_size = descr->max_tokens * descr->token_size; + extra = kmalloc(extra_size, GFP_KERNEL); + if (extra == NULL) + return -ENOMEM; + + /* Copy extra in aligned buffer */ + memcpy(extra, ((char *) request) + hdr_len, extra_len); + + /* Call the handler */ + ret = handler(dev, &info, &wrqu_point, extra); + } + +#ifdef WE_SET_EVENT + /* Generate an event to notify listeners of the change */ + if((descr->flags & IW_DESCR_FLAG_EVENT) && + ((ret == 0) || (ret == -EIWCOMMIT))) { + if(descr->flags & IW_DESCR_FLAG_RESTRICT) + /* If the event is restricted, don't + * export the payload */ + wireless_send_event(dev, cmd, wrqu, NULL); + else + wireless_send_event(dev, cmd, wrqu, extra); + } +#endif /* WE_SET_EVENT */ + + /* Cleanup - I told you it wasn't that long ;-) */ + if(extra) + kfree(extra); + + /* Call commit handler if needed and defined */ + if(ret == -EIWCOMMIT) + ret = call_commit_handler(dev); + + return ret; +} + +/* ---------------------------------------------------------------- */ +/* + * Wrapper to call a private Wireless Extension GET handler. + * Same as above... + * It's not as nice and slimline as the standard wrapper. The cause + * is struct iw_priv_args, which was not really designed for the + * job we are going here. + * + * IMPORTANT : This function prevent to set and get data on the same + * IOCTL and enforce the SET/GET convention. Not doing it would be + * far too hairy... + * If you need to set and get data at the same time, please don't use + * a iw_handler but process it in your ioctl handler (i.e. use the + * old driver API). + */ +static inline int rtnetlink_private_get(struct net_device * dev, + struct iw_event * request, + int request_len, + iw_handler handler, + char ** p_buf, + int * p_len) +{ + const struct iw_priv_args * descr = NULL; + unsigned int cmd; + union iwreq_data * wrqu; + int hdr_len; + struct iw_request_info info; + int extra_size = 0; + int i; + char * buffer = NULL; + int buffer_size = 0; + int ret = -EINVAL; + + /* Get the description of the Request */ + cmd = request->cmd; + for(i = 0; i < dev->wireless_handlers->num_private_args; i++) + if(cmd == dev->wireless_handlers->private_args[i].cmd) { + descr = &(dev->wireless_handlers->private_args[i]); + break; + } + if(descr == NULL) + return -EOPNOTSUPP; + +#ifdef WE_RTNETLINK_DEBUG + printk(KERN_DEBUG "%s (WE.r) : Found private handler for 0x%04X\n", + dev->name, cmd); + printk(KERN_DEBUG "%s (WE.r) : Name %s, set %X, get %X\n", + dev->name, descr->name, descr->set_args, descr->get_args); +#endif /* WE_RTNETLINK_DEBUG */ + + /* Compute the max size of the get arguments */ + extra_size = get_priv_size(descr->get_args); + + /* Does it fits in wrqu ? */ + if((descr->get_args & IW_PRIV_SIZE_FIXED) && + (extra_size <= IFNAMSIZ)) { + hdr_len = extra_size; + extra_size = 0; + } else { + hdr_len = IW_EV_POINT_LEN; + } + + /* Check if wrqu is complete */ + if(request_len < hdr_len) { +#ifdef WE_RTNETLINK_DEBUG + printk(KERN_DEBUG + "%s (WE.r) : Wireless request too short (%d)\n", + dev->name, request_len); +#endif /* WE_RTNETLINK_DEBUG */ + return -EINVAL; + } + + /* Prepare the call */ + info.cmd = cmd; + info.flags = 0; + + /* Check if we have a pointer to user space data or not. */ + if(extra_size == 0) { + + /* Create the kernel buffer that we will return. + * It's at an offset to match the TYPE_POINT case... */ + buffer_size = request_len + IW_EV_POINT_OFF; + buffer = kmalloc(buffer_size, GFP_KERNEL); + if (buffer == NULL) { + return -ENOMEM; + } + /* Copy event data */ + memcpy(buffer + IW_EV_POINT_OFF, request, request_len); + /* Use our own copy of wrqu */ + wrqu = (union iwreq_data *) (buffer + IW_EV_POINT_OFF + + IW_EV_LCP_LEN); + + /* No extra arguments. Trivial to handle */ + ret = handler(dev, &info, wrqu, (char *) wrqu); + + } else { + char * extra; + + /* Buffer for full reply */ + buffer_size = extra_size + IW_EV_POINT_LEN + IW_EV_POINT_OFF; + +#ifdef WE_RTNETLINK_DEBUG + printk(KERN_DEBUG "%s (WE.r) : Malloc %d bytes (%d bytes)\n", + dev->name, extra_size, buffer_size); +#endif /* WE_RTNETLINK_DEBUG */ + + /* Create the kernel buffer that we will return */ + buffer = kmalloc(buffer_size, GFP_KERNEL); + if (buffer == NULL) { + return -ENOMEM; + } + + /* Put wrqu in the right place (just before extra). + * Leave space for IWE header and dummy pointer... + * Note that IW_EV_LCP_LEN==4 bytes, so it's still aligned... + */ + memcpy(buffer + IW_EV_LCP_LEN + IW_EV_POINT_OFF, + ((char *) request) + IW_EV_LCP_LEN, + IW_EV_POINT_LEN - IW_EV_LCP_LEN); + wrqu = (union iwreq_data *) (buffer + IW_EV_LCP_LEN); + + /* Extra comes logically after that. Offset +12 bytes. */ + extra = buffer + IW_EV_POINT_OFF + IW_EV_POINT_LEN; + + /* Call the handler */ + ret = handler(dev, &info, wrqu, extra); + + /* Adjust for the actual length if it's variable, + * avoid leaking kernel bits outside. */ + if (!(descr->get_args & IW_PRIV_SIZE_FIXED)) + extra_size = adjust_priv_size(descr->get_args, wrqu); + /* Re-adjust reply size */ + request->len = extra_size + IW_EV_POINT_LEN; + + /* Put the iwe header where it should, i.e. scrap the + * dummy pointer. */ + memcpy(buffer + IW_EV_POINT_OFF, request, IW_EV_LCP_LEN); + +#ifdef WE_RTNETLINK_DEBUG + printk(KERN_DEBUG "%s (WE.r) : Reply 0x%04X, hdr_len %d, tokens %d, extra_size %d, buffer_size %d\n", dev->name, cmd, hdr_len, wrqu->data.length, extra_size, buffer_size); +#endif /* WE_RTNETLINK_DEBUG */ + } + + /* Return the buffer to the caller */ + if (!ret) { + *p_buf = buffer; + *p_len = request->len; + } else { + /* Cleanup */ + if(buffer) + kfree(buffer); + } + + return ret; +} + +/* ---------------------------------------------------------------- */ +/* + * Wrapper to call a private Wireless Extension SET handler. + * Same as above... + * It's not as nice and slimline as the standard wrapper. The cause + * is struct iw_priv_args, which was not really designed for the + * job we are going here. + * + * IMPORTANT : This function prevent to set and get data on the same + * IOCTL and enforce the SET/GET convention. Not doing it would be + * far too hairy... + * If you need to set and get data at the same time, please don't use + * a iw_handler but process it in your ioctl handler (i.e. use the + * old driver API). + */ +static inline int rtnetlink_private_set(struct net_device * dev, + struct iw_event * request, + int request_len, + iw_handler handler) +{ + const struct iw_priv_args * descr = NULL; + unsigned int cmd; + union iwreq_data * wrqu; + union iwreq_data wrqu_point; + int hdr_len; + char * extra = NULL; + int extra_size = 0; + int offset = 0; /* For sub-ioctls */ + struct iw_request_info info; + int i; + int ret = -EINVAL; + + /* Get the description of the Request */ + cmd = request->cmd; + for(i = 0; i < dev->wireless_handlers->num_private_args; i++) + if(cmd == dev->wireless_handlers->private_args[i].cmd) { + descr = &(dev->wireless_handlers->private_args[i]); + break; + } + if(descr == NULL) + return -EOPNOTSUPP; + +#ifdef WE_RTNETLINK_DEBUG + printk(KERN_DEBUG "%s (WE.r) : Found private handler for 0x%04X\n", + ifr->ifr_name, cmd); + printk(KERN_DEBUG "%s (WE.r) : Name %s, set %X, get %X\n", + dev->name, descr->name, descr->set_args, descr->get_args); +#endif /* WE_RTNETLINK_DEBUG */ + + /* Compute the size of the set arguments */ + /* Check for sub-ioctl handler */ + if(descr->name[0] == '\0') + /* Reserve one int for sub-ioctl index */ + offset = sizeof(__u32); + + /* Size of set arguments */ + extra_size = get_priv_size(descr->set_args); + + /* Does it fits in wrqu ? */ + if((descr->set_args & IW_PRIV_SIZE_FIXED) && + (extra_size <= IFNAMSIZ)) { + hdr_len = IW_EV_LCP_LEN + extra_size; + extra_size = 0; + } else { + hdr_len = IW_EV_POINT_LEN; + } + + /* Extract fixed header from request. This is properly aligned. */ + wrqu = &request->u; + + /* Check if wrqu is complete */ + if(request_len < hdr_len) { +#ifdef WE_RTNETLINK_DEBUG + printk(KERN_DEBUG + "%s (WE.r) : Wireless request too short (%d)\n", + dev->name, request_len); +#endif /* WE_RTNETLINK_DEBUG */ + return -EINVAL; + } + + /* Prepare the call */ + info.cmd = cmd; + info.flags = 0; + + /* Check if we have a pointer to user space data or not. */ + if(extra_size == 0) { + + /* No extra arguments. Trivial to handle */ + ret = handler(dev, &info, wrqu, (char *) wrqu); + + } else { + int extra_len; + + /* Put wrqu in the right place (skip pointer) */ + memcpy(((char *) &wrqu_point) + IW_EV_POINT_OFF, + wrqu, IW_EV_POINT_LEN - IW_EV_LCP_LEN); + + /* Does it fits within bounds ? */ + if(wrqu_point.data.length > (descr->set_args & + IW_PRIV_SIZE_MASK)) + return -E2BIG; + + /* Real length of payload */ + extra_len = adjust_priv_size(descr->set_args, &wrqu_point); + + /* Check if request is self consistent */ + if((request_len - hdr_len) < extra_len) { +#ifdef WE_RTNETLINK_DEBUG + printk(KERN_DEBUG "%s (WE.r) : Wireless request data too short (%d)\n", + dev->name, extra_size); +#endif /* WE_RTNETLINK_DEBUG */ + return -EINVAL; + } + +#ifdef WE_RTNETLINK_DEBUG + printk(KERN_DEBUG "%s (WE.r) : Malloc %d bytes\n", + dev->name, extra_size); +#endif /* WE_RTNETLINK_DEBUG */ + + /* Always allocate for max space. Easier, and won't last + * long... */ + extra = kmalloc(extra_size, GFP_KERNEL); + if (extra == NULL) + return -ENOMEM; + + /* Copy extra in aligned buffer */ + memcpy(extra, ((char *) request) + hdr_len, extra_len); + + /* Call the handler */ + ret = handler(dev, &info, &wrqu_point, extra); + + /* Cleanup - I told you it wasn't that long ;-) */ + kfree(extra); + } + + /* Call commit handler if needed and defined */ + if(ret == -EIWCOMMIT) + ret = call_commit_handler(dev); + + return ret; +} + +/* ---------------------------------------------------------------- */ +/* + * Main RtNetlink dispatcher. Called from the main networking code + * (do_getlink() in net/core/rtnetlink.c). + * Check the type of Request and call the appropriate wrapper... + */ +int wireless_rtnetlink_get(struct net_device * dev, + char * data, + int len, + char ** p_buf, + int * p_len) +{ + struct iw_event * request = (struct iw_event *) data; + iw_handler handler; + + /* Check length */ + if(len < IW_EV_LCP_LEN) { + printk(KERN_DEBUG "%s (WE.r) : RtNetlink request too short (%d)\n", + dev->name, len); + return -EINVAL; + } + + /* ReCheck length (len may have padding) */ + if(request->len > len) { + printk(KERN_DEBUG "%s (WE.r) : RtNetlink request len invalid (%d-%d)\n", + dev->name, request->len, len); + return -EINVAL; + } + + /* Only accept GET requests in here */ + if(!IW_IS_GET(request->cmd)) + return -EOPNOTSUPP; + + /* Special cases */ + if(request->cmd == SIOCGIWSTATS) + /* Get Wireless Stats */ + return rtnetlink_standard_get(dev, + request, + request->len, + &iw_handler_get_iwstats, + p_buf, p_len); + if(request->cmd == SIOCGIWPRIV) { + /* Check if we have some wireless handlers defined */ + if(dev->wireless_handlers == NULL) + return -EOPNOTSUPP; + /* Get Wireless Stats */ + return rtnetlink_standard_get(dev, + request, + request->len, + &iw_handler_get_private, + p_buf, p_len); + } + + /* Basic check */ + if (!netif_device_present(dev)) + return -ENODEV; + + /* Try to find the handler */ + handler = get_handler(dev, request->cmd); + if(handler != NULL) { + /* Standard and private are not the same */ + if(request->cmd < SIOCIWFIRSTPRIV) + return rtnetlink_standard_get(dev, + request, + request->len, + handler, + p_buf, p_len); + else + return rtnetlink_private_get(dev, + request, + request->len, + handler, + p_buf, p_len); + } + + return -EOPNOTSUPP; +} + +/* ---------------------------------------------------------------- */ +/* + * Main RtNetlink dispatcher. Called from the main networking code + * (do_setlink() in net/core/rtnetlink.c). + * Check the type of Request and call the appropriate wrapper... + */ +int wireless_rtnetlink_set(struct net_device * dev, + char * data, + int len) +{ + struct iw_event * request = (struct iw_event *) data; + iw_handler handler; + + /* Check length */ + if(len < IW_EV_LCP_LEN) { + printk(KERN_DEBUG "%s (WE.r) : RtNetlink request too short (%d)\n", + dev->name, len); + return -EINVAL; + } + + /* ReCheck length (len may have padding) */ + if(request->len > len) { + printk(KERN_DEBUG "%s (WE.r) : RtNetlink request len invalid (%d-%d)\n", + dev->name, request->len, len); + return -EINVAL; + } + + /* Only accept SET requests in here */ + if(!IW_IS_SET(request->cmd)) + return -EOPNOTSUPP; + + /* Basic check */ + if (!netif_device_present(dev)) + return -ENODEV; + + /* New driver API : try to find the handler */ + handler = get_handler(dev, request->cmd); + if(handler != NULL) { + /* Standard and private are not the same */ + if(request->cmd < SIOCIWFIRSTPRIV) + return rtnetlink_standard_set(dev, + request, + request->len, + handler); + else + return rtnetlink_private_set(dev, + request, + request->len, + handler); + } + + return -EOPNOTSUPP; +} +#endif /* CONFIG_NET_WIRELESS_RTNETLINK */ + + /************************* EVENT PROCESSING *************************/ /* * Process events generated by the wireless layer or the driver. * Most often, the event will be propagated through rtnetlink */ -#ifdef WE_EVENT_NETLINK -/* "rtnl" is defined in net/core/rtnetlink.c, but we need it here. - * It is declared in <linux/rtnetlink.h> */ - +#ifdef WE_EVENT_RTNETLINK /* ---------------------------------------------------------------- */ /* * Fill a rtnetlink message with our event data. @@ -1121,12 +1857,11 @@ static inline int rtnetlink_fill_iwinfo(struct sk_buff * skb, r->__ifi_pad = 0; r->ifi_type = dev->type; r->ifi_index = dev->ifindex; - r->ifi_flags = dev->flags; + r->ifi_flags = dev_get_flags(dev); r->ifi_change = 0; /* Wireless changes don't affect those flags */ /* Add the wireless events in the netlink packet */ - RTA_PUT(skb, IFLA_WIRELESS, - event_len, event); + RTA_PUT(skb, IFLA_WIRELESS, event_len, event); nlh->nlmsg_len = skb->tail - b; return skb->len; @@ -1163,7 +1898,7 @@ static inline void rtmsg_iwinfo(struct net_device * dev, NETLINK_CB(skb).dst_group = RTNLGRP_LINK; netlink_broadcast(rtnl, skb, 0, RTNLGRP_LINK, GFP_ATOMIC); } -#endif /* WE_EVENT_NETLINK */ +#endif /* WE_EVENT_RTNETLINK */ /* ---------------------------------------------------------------- */ /* @@ -1255,10 +1990,10 @@ void wireless_send_event(struct net_device * dev, if(extra != NULL) memcpy(((char *) event) + hdr_len, extra, extra_len); -#ifdef WE_EVENT_NETLINK - /* rtnetlink event channel */ +#ifdef WE_EVENT_RTNETLINK + /* Send via the RtNetlink event channel */ rtmsg_iwinfo(dev, (char *) event, event_len); -#endif /* WE_EVENT_NETLINK */ +#endif /* WE_EVENT_RTNETLINK */ /* Cleanup */ kfree(event); diff --git a/net/dccp/Kconfig b/net/dccp/Kconfig index 187ac18..7e096ba 100644 --- a/net/dccp/Kconfig +++ b/net/dccp/Kconfig @@ -24,6 +24,10 @@ config INET_DCCP_DIAG def_tristate y if (IP_DCCP = y && INET_DIAG = y) def_tristate m +config IP_DCCP_ACKVEC + depends on IP_DCCP + def_bool N + source "net/dccp/ccids/Kconfig" menu "DCCP Kernel Hacking" @@ -36,15 +40,6 @@ config IP_DCCP_DEBUG Just say N. -config IP_DCCP_UNLOAD_HACK - depends on IP_DCCP=m && IP_DCCP_CCID3=m - bool "DCCP control sock unload hack" - ---help--- - Enable this to be able to unload the dccp module when the it - has only one refcount held, the control sock one. Just execute - "rmmod dccp_ccid3 dccp" - - Just say N. endmenu endmenu diff --git a/net/dccp/Makefile b/net/dccp/Makefile index 87b27ff..7696e21 100644 --- a/net/dccp/Makefile +++ b/net/dccp/Makefile @@ -2,15 +2,18 @@ obj-$(CONFIG_IPV6) += dccp_ipv6.o dccp_ipv6-y := ipv6.o -obj-$(CONFIG_IP_DCCP) += dccp.o +obj-$(CONFIG_IP_DCCP) += dccp.o dccp_ipv4.o -dccp-y := ccid.o input.o ipv4.o minisocks.o options.o output.o proto.o \ - timer.o +dccp-y := ccid.o feat.o input.o minisocks.o options.o output.o proto.o timer.o + +dccp_ipv4-y := ipv4.o dccp-$(CONFIG_IP_DCCP_ACKVEC) += ackvec.o obj-$(CONFIG_INET_DCCP_DIAG) += dccp_diag.o +dccp-$(CONFIG_SYSCTL) += sysctl.o + dccp_diag-y := diag.o obj-y += ccids/ diff --git a/net/dccp/ackvec.c b/net/dccp/ackvec.c index 2c77daf..b5981e5 100644 --- a/net/dccp/ackvec.c +++ b/net/dccp/ackvec.c @@ -13,36 +13,83 @@ #include "dccp.h" #include <linux/dccp.h> +#include <linux/init.h> +#include <linux/errno.h> +#include <linux/kernel.h> #include <linux/skbuff.h> +#include <linux/slab.h> #include <net/sock.h> +static kmem_cache_t *dccp_ackvec_slab; +static kmem_cache_t *dccp_ackvec_record_slab; + +static struct dccp_ackvec_record *dccp_ackvec_record_new(void) +{ + struct dccp_ackvec_record *avr = + kmem_cache_alloc(dccp_ackvec_record_slab, GFP_ATOMIC); + + if (avr != NULL) + INIT_LIST_HEAD(&avr->dccpavr_node); + + return avr; +} + +static void dccp_ackvec_record_delete(struct dccp_ackvec_record *avr) +{ + if (unlikely(avr == NULL)) + return; + /* Check if deleting a linked record */ + WARN_ON(!list_empty(&avr->dccpavr_node)); + kmem_cache_free(dccp_ackvec_record_slab, avr); +} + +static void dccp_ackvec_insert_avr(struct dccp_ackvec *av, + struct dccp_ackvec_record *avr) +{ + /* + * AVRs are sorted by seqno. Since we are sending them in order, we + * just add the AVR at the head of the list. + * -sorbo. + */ + if (!list_empty(&av->dccpav_records)) { + const struct dccp_ackvec_record *head = + list_entry(av->dccpav_records.next, + struct dccp_ackvec_record, + dccpavr_node); + BUG_ON(before48(avr->dccpavr_ack_seqno, + head->dccpavr_ack_seqno)); + } + + list_add(&avr->dccpavr_node, &av->dccpav_records); +} + int dccp_insert_option_ackvec(struct sock *sk, struct sk_buff *skb) { struct dccp_sock *dp = dccp_sk(sk); +#ifdef CONFIG_IP_DCCP_DEBUG + const char *debug_prefix = dp->dccps_role == DCCP_ROLE_CLIENT ? + "CLIENT tx: " : "server tx: "; +#endif struct dccp_ackvec *av = dp->dccps_hc_rx_ackvec; int len = av->dccpav_vec_len + 2; struct timeval now; u32 elapsed_time; unsigned char *to, *from; + struct dccp_ackvec_record *avr; + + if (DCCP_SKB_CB(skb)->dccpd_opt_len + len > DCCP_MAX_OPT_LEN) + return -1; dccp_timestamp(sk, &now); elapsed_time = timeval_delta(&now, &av->dccpav_time) / 10; - if (elapsed_time != 0) - dccp_insert_option_elapsed_time(sk, skb, elapsed_time); - - if (DCCP_SKB_CB(skb)->dccpd_opt_len + len > DCCP_MAX_OPT_LEN) + if (elapsed_time != 0 && + dccp_insert_option_elapsed_time(sk, skb, elapsed_time)) return -1; - /* - * XXX: now we have just one ack vector sent record, so - * we have to wait for it to be cleared. - * - * Of course this is not acceptable, but this is just for - * basic testing now. - */ - if (av->dccpav_ack_seqno != DCCP_MAX_SEQNO + 1) + avr = dccp_ackvec_record_new(); + if (avr == NULL) return -1; DCCP_SKB_CB(skb)->dccpd_opt_len += len; @@ -55,8 +102,8 @@ int dccp_insert_option_ackvec(struct sock *sk, struct sk_buff *skb) from = av->dccpav_buf + av->dccpav_buf_head; /* Check if buf_head wraps */ - if ((int)av->dccpav_buf_head + len > av->dccpav_vec_len) { - const u32 tailsize = av->dccpav_vec_len - av->dccpav_buf_head; + if ((int)av->dccpav_buf_head + len > DCCP_MAX_ACKVEC_LEN) { + const u32 tailsize = DCCP_MAX_ACKVEC_LEN - av->dccpav_buf_head; memcpy(to, from, tailsize); to += tailsize; @@ -73,45 +120,37 @@ int dccp_insert_option_ackvec(struct sock *sk, struct sk_buff *skb) * sequence number it used for the ack packet; ack_ptr will equal * buf_head; ack_ackno will equal buf_ackno; and ack_nonce will * equal buf_nonce. - * - * This implemention uses just one ack record for now. */ - av->dccpav_ack_seqno = DCCP_SKB_CB(skb)->dccpd_seq; - av->dccpav_ack_ptr = av->dccpav_buf_head; - av->dccpav_ack_ackno = av->dccpav_buf_ackno; - av->dccpav_ack_nonce = av->dccpav_buf_nonce; - av->dccpav_sent_len = av->dccpav_vec_len; + avr->dccpavr_ack_seqno = DCCP_SKB_CB(skb)->dccpd_seq; + avr->dccpavr_ack_ptr = av->dccpav_buf_head; + avr->dccpavr_ack_ackno = av->dccpav_buf_ackno; + avr->dccpavr_ack_nonce = av->dccpav_buf_nonce; + avr->dccpavr_sent_len = av->dccpav_vec_len; + + dccp_ackvec_insert_avr(av, avr); dccp_pr_debug("%sACK Vector 0, len=%d, ack_seqno=%llu, " "ack_ackno=%llu\n", - debug_prefix, av->dccpav_sent_len, - (unsigned long long)av->dccpav_ack_seqno, - (unsigned long long)av->dccpav_ack_ackno); - return -1; + debug_prefix, avr->dccpavr_sent_len, + (unsigned long long)avr->dccpavr_ack_seqno, + (unsigned long long)avr->dccpavr_ack_ackno); + return 0; } -struct dccp_ackvec *dccp_ackvec_alloc(const unsigned int len, - const gfp_t priority) +struct dccp_ackvec *dccp_ackvec_alloc(const gfp_t priority) { - struct dccp_ackvec *av; - - BUG_ON(len == 0); + struct dccp_ackvec *av = kmem_cache_alloc(dccp_ackvec_slab, priority); - if (len > DCCP_MAX_ACKVEC_LEN) - return NULL; - - av = kmalloc(sizeof(*av) + len, priority); if (av != NULL) { - av->dccpav_buf_len = len; av->dccpav_buf_head = - av->dccpav_buf_tail = av->dccpav_buf_len - 1; - av->dccpav_buf_ackno = - av->dccpav_ack_ackno = av->dccpav_ack_seqno = ~0LLU; + av->dccpav_buf_tail = DCCP_MAX_ACKVEC_LEN - 1; + av->dccpav_buf_ackno = DCCP_MAX_SEQNO + 1; av->dccpav_buf_nonce = av->dccpav_buf_nonce = 0; av->dccpav_ack_ptr = 0; av->dccpav_time.tv_sec = 0; av->dccpav_time.tv_usec = 0; av->dccpav_sent_len = av->dccpav_vec_len = 0; + INIT_LIST_HEAD(&av->dccpav_records); } return av; @@ -119,7 +158,20 @@ struct dccp_ackvec *dccp_ackvec_alloc(const unsigned int len, void dccp_ackvec_free(struct dccp_ackvec *av) { - kfree(av); + if (unlikely(av == NULL)) + return; + + if (!list_empty(&av->dccpav_records)) { + struct dccp_ackvec_record *avr, *next; + + list_for_each_entry_safe(avr, next, &av->dccpav_records, + dccpavr_node) { + list_del_init(&avr->dccpavr_node); + dccp_ackvec_record_delete(avr); + } + } + + kmem_cache_free(dccp_ackvec_slab, av); } static inline u8 dccp_ackvec_state(const struct dccp_ackvec *av, @@ -146,7 +198,7 @@ static inline int dccp_ackvec_set_buf_head_state(struct dccp_ackvec *av, unsigned int gap; long new_head; - if (av->dccpav_vec_len + packets > av->dccpav_buf_len) + if (av->dccpav_vec_len + packets > DCCP_MAX_ACKVEC_LEN) return -ENOBUFS; gap = packets - 1; @@ -158,7 +210,7 @@ static inline int dccp_ackvec_set_buf_head_state(struct dccp_ackvec *av, gap + new_head + 1); gap = -new_head; } - new_head += av->dccpav_buf_len; + new_head += DCCP_MAX_ACKVEC_LEN; } av->dccpav_buf_head = new_head; @@ -251,7 +303,7 @@ int dccp_ackvec_add(struct dccp_ackvec *av, const struct sock *sk, goto out_duplicate; delta -= len + 1; - if (++index == av->dccpav_buf_len) + if (++index == DCCP_MAX_ACKVEC_LEN) index = 0; } } @@ -259,7 +311,6 @@ int dccp_ackvec_add(struct dccp_ackvec *av, const struct sock *sk, av->dccpav_buf_ackno = ackno; dccp_timestamp(sk, &av->dccpav_time); out: - dccp_pr_debug(""); return 0; out_duplicate: @@ -297,44 +348,50 @@ void dccp_ackvec_print(const struct dccp_ackvec *av) } #endif -static void dccp_ackvec_throw_away_ack_record(struct dccp_ackvec *av) +static void dccp_ackvec_throw_record(struct dccp_ackvec *av, + struct dccp_ackvec_record *avr) { - /* - * As we're keeping track of the ack vector size (dccpav_vec_len) and - * the sent ack vector size (dccpav_sent_len) we don't need - * dccpav_buf_tail at all, but keep this code here as in the future - * we'll implement a vector of ack records, as suggested in - * draft-ietf-dccp-spec-11.txt Appendix A. -acme - */ -#if 0 - u32 new_buf_tail = av->dccpav_ack_ptr + 1; - if (new_buf_tail >= av->dccpav_vec_len) - new_buf_tail -= av->dccpav_vec_len; - av->dccpav_buf_tail = new_buf_tail; -#endif - av->dccpav_vec_len -= av->dccpav_sent_len; + struct dccp_ackvec_record *next; + + av->dccpav_buf_tail = avr->dccpavr_ack_ptr - 1; + if (av->dccpav_buf_tail == 0) + av->dccpav_buf_tail = DCCP_MAX_ACKVEC_LEN - 1; + + av->dccpav_vec_len -= avr->dccpavr_sent_len; + + /* free records */ + list_for_each_entry_safe_from(avr, next, &av->dccpav_records, + dccpavr_node) { + list_del_init(&avr->dccpavr_node); + dccp_ackvec_record_delete(avr); + } } void dccp_ackvec_check_rcv_ackno(struct dccp_ackvec *av, struct sock *sk, const u64 ackno) { - /* Check if we actually sent an ACK vector */ - if (av->dccpav_ack_seqno == DCCP_MAX_SEQNO + 1) - return; + struct dccp_ackvec_record *avr; - if (ackno == av->dccpav_ack_seqno) { + /* + * If we traverse backwards, it should be faster when we have large + * windows. We will be receiving ACKs for stuff we sent a while back + * -sorbo. + */ + list_for_each_entry_reverse(avr, &av->dccpav_records, dccpavr_node) { + if (ackno == avr->dccpavr_ack_seqno) { #ifdef CONFIG_IP_DCCP_DEBUG - struct dccp_sock *dp = dccp_sk(sk); - const char *debug_prefix = dp->dccps_role == DCCP_ROLE_CLIENT ? - "CLIENT rx ack: " : "server rx ack: "; + struct dccp_sock *dp = dccp_sk(sk); + const char *debug_prefix = dp->dccps_role == DCCP_ROLE_CLIENT ? + "CLIENT rx ack: " : "server rx ack: "; #endif - dccp_pr_debug("%sACK packet 0, len=%d, ack_seqno=%llu, " - "ack_ackno=%llu, ACKED!\n", - debug_prefix, 1, - (unsigned long long)av->dccpav_ack_seqno, - (unsigned long long)av->dccpav_ack_ackno); - dccp_ackvec_throw_away_ack_record(av); - av->dccpav_ack_seqno = DCCP_MAX_SEQNO + 1; + dccp_pr_debug("%sACK packet 0, len=%d, ack_seqno=%llu, " + "ack_ackno=%llu, ACKED!\n", + debug_prefix, 1, + (unsigned long long)avr->dccpavr_ack_seqno, + (unsigned long long)avr->dccpavr_ack_ackno); + dccp_ackvec_throw_record(av, avr); + break; + } } } @@ -344,28 +401,20 @@ static void dccp_ackvec_check_rcv_ackvector(struct dccp_ackvec *av, const unsigned char *vector) { unsigned char i; + struct dccp_ackvec_record *avr; /* Check if we actually sent an ACK vector */ - if (av->dccpav_ack_seqno == DCCP_MAX_SEQNO + 1) - return; - /* - * We're in the receiver half connection, so if the received an ACK - * vector ackno (e.g. 50) before dccpav_ack_seqno (e.g. 52), we're - * not interested. - * - * Extra explanation with example: - * - * if we received an ACK vector with ackno 50, it can only be acking - * 50, 49, 48, etc, not 52 (the seqno for the ACK vector we sent). - */ - /* dccp_pr_debug("is %llu < %llu? ", ackno, av->dccpav_ack_seqno); */ - if (before48(ackno, av->dccpav_ack_seqno)) { - /* dccp_pr_debug_cat("yes\n"); */ + if (list_empty(&av->dccpav_records)) return; - } - /* dccp_pr_debug_cat("no\n"); */ i = len; + /* + * XXX + * I think it might be more efficient to work backwards. See comment on + * rcv_ackno. -sorbo. + */ + avr = list_entry(av->dccpav_records.next, struct dccp_ackvec_record, + dccpavr_node); while (i--) { const u8 rl = *vector & DCCP_ACKVEC_LEN_MASK; u64 ackno_end_rl; @@ -373,14 +422,20 @@ static void dccp_ackvec_check_rcv_ackvector(struct dccp_ackvec *av, dccp_set_seqno(&ackno_end_rl, ackno - rl); /* - * dccp_pr_debug("is %llu <= %llu <= %llu? ", ackno_end_rl, - * av->dccpav_ack_seqno, ackno); + * If our AVR sequence number is greater than the ack, go + * forward in the AVR list until it is not so. */ - if (between48(av->dccpav_ack_seqno, ackno_end_rl, ackno)) { + list_for_each_entry_from(avr, &av->dccpav_records, + dccpavr_node) { + if (!after48(avr->dccpavr_ack_seqno, ackno)) + goto found; + } + /* End of the dccpav_records list, not found, exit */ + break; +found: + if (between48(avr->dccpavr_ack_seqno, ackno_end_rl, ackno)) { const u8 state = (*vector & DCCP_ACKVEC_STATE_MASK) >> 6; - /* dccp_pr_debug_cat("yes\n"); */ - if (state != DCCP_ACKVEC_STATE_NOT_RECEIVED) { #ifdef CONFIG_IP_DCCP_DEBUG struct dccp_sock *dp = dccp_sk(sk); @@ -393,19 +448,16 @@ static void dccp_ackvec_check_rcv_ackvector(struct dccp_ackvec *av, "ACKED!\n", debug_prefix, len, (unsigned long long) - av->dccpav_ack_seqno, + avr->dccpavr_ack_seqno, (unsigned long long) - av->dccpav_ack_ackno); - dccp_ackvec_throw_away_ack_record(av); + avr->dccpavr_ack_ackno); + dccp_ackvec_throw_record(av, avr); } /* - * If dccpav_ack_seqno was not received, no problem - * we'll send another ACK vector. + * If it wasn't received, continue scanning... we might + * find another one. */ - av->dccpav_ack_seqno = DCCP_MAX_SEQNO + 1; - break; } - /* dccp_pr_debug_cat("no\n"); */ dccp_set_seqno(&ackno, ackno_end_rl - 1); ++vector; @@ -424,3 +476,43 @@ int dccp_ackvec_parse(struct sock *sk, const struct sk_buff *skb, len, value); return 0; } + +static char dccp_ackvec_slab_msg[] __initdata = + KERN_CRIT "DCCP: Unable to create ack vectors slab caches\n"; + +int __init dccp_ackvec_init(void) +{ + dccp_ackvec_slab = kmem_cache_create("dccp_ackvec", + sizeof(struct dccp_ackvec), 0, + SLAB_HWCACHE_ALIGN, NULL, NULL); + if (dccp_ackvec_slab == NULL) + goto out_err; + + dccp_ackvec_record_slab = + kmem_cache_create("dccp_ackvec_record", + sizeof(struct dccp_ackvec_record), + 0, SLAB_HWCACHE_ALIGN, NULL, NULL); + if (dccp_ackvec_record_slab == NULL) + goto out_destroy_slab; + + return 0; + +out_destroy_slab: + kmem_cache_destroy(dccp_ackvec_slab); + dccp_ackvec_slab = NULL; +out_err: + printk(dccp_ackvec_slab_msg); + return -ENOBUFS; +} + +void dccp_ackvec_exit(void) +{ + if (dccp_ackvec_slab != NULL) { + kmem_cache_destroy(dccp_ackvec_slab); + dccp_ackvec_slab = NULL; + } + if (dccp_ackvec_record_slab != NULL) { + kmem_cache_destroy(dccp_ackvec_record_slab); + dccp_ackvec_record_slab = NULL; + } +} diff --git a/net/dccp/ackvec.h b/net/dccp/ackvec.h index f7dfb5f..ec7a89b 100644 --- a/net/dccp/ackvec.h +++ b/net/dccp/ackvec.h @@ -13,6 +13,7 @@ #include <linux/config.h> #include <linux/compiler.h> +#include <linux/list.h> #include <linux/time.h> #include <linux/types.h> @@ -42,39 +43,57 @@ * Ack Vectors it has recently sent. For each packet sent carrying an * Ack Vector, it remembers four variables: * - * @dccpav_ack_seqno - the Sequence Number used for the packet - * (HC-Receiver seqno) * @dccpav_ack_ptr - the value of buf_head at the time of acknowledgement. - * @dccpav_ack_ackno - the Acknowledgement Number used for the packet - * (HC-Sender seqno) + * @dccpav_records - list of dccp_ackvec_record * @dccpav_ack_nonce - the one-bit sum of the ECN Nonces for all State 0. * - * @dccpav_buf_len - circular buffer length * @dccpav_time - the time in usecs * @dccpav_buf - circular buffer of acknowledgeable packets */ struct dccp_ackvec { u64 dccpav_buf_ackno; - u64 dccpav_ack_seqno; - u64 dccpav_ack_ackno; + struct list_head dccpav_records; struct timeval dccpav_time; u8 dccpav_buf_head; u8 dccpav_buf_tail; u8 dccpav_ack_ptr; u8 dccpav_sent_len; u8 dccpav_vec_len; - u8 dccpav_buf_len; u8 dccpav_buf_nonce; u8 dccpav_ack_nonce; - u8 dccpav_buf[0]; + u8 dccpav_buf[DCCP_MAX_ACKVEC_LEN]; +}; + +/** struct dccp_ackvec_record - ack vector record + * + * ACK vector record as defined in Appendix A of spec. + * + * The list is sorted by dccpavr_ack_seqno + * + * @dccpavr_node - node in dccpav_records + * @dccpavr_ack_seqno - sequence number of the packet this record was sent on + * @dccpavr_ack_ackno - sequence number being acknowledged + * @dccpavr_ack_ptr - pointer into dccpav_buf where this record starts + * @dccpavr_ack_nonce - dccpav_ack_nonce at the time this record was sent + * @dccpavr_sent_len - lenght of the record in dccpav_buf + */ +struct dccp_ackvec_record { + struct list_head dccpavr_node; + u64 dccpavr_ack_seqno; + u64 dccpavr_ack_ackno; + u8 dccpavr_ack_ptr; + u8 dccpavr_ack_nonce; + u8 dccpavr_sent_len; }; struct sock; struct sk_buff; #ifdef CONFIG_IP_DCCP_ACKVEC -extern struct dccp_ackvec *dccp_ackvec_alloc(unsigned int len, - const gfp_t priority); +extern int dccp_ackvec_init(void); +extern void dccp_ackvec_exit(void); + +extern struct dccp_ackvec *dccp_ackvec_alloc(const gfp_t priority); extern void dccp_ackvec_free(struct dccp_ackvec *av); extern int dccp_ackvec_add(struct dccp_ackvec *av, const struct sock *sk, @@ -92,8 +111,16 @@ static inline int dccp_ackvec_pending(const struct dccp_ackvec *av) return av->dccpav_sent_len != av->dccpav_vec_len; } #else /* CONFIG_IP_DCCP_ACKVEC */ -static inline struct dccp_ackvec *dccp_ackvec_alloc(unsigned int len, - const gfp_t priority) +static inline int dccp_ackvec_init(void) +{ + return 0; +} + +static inline void dccp_ackvec_exit(void) +{ +} + +static inline struct dccp_ackvec *dccp_ackvec_alloc(const gfp_t priority) { return NULL; } diff --git a/net/dccp/ccid.c b/net/dccp/ccid.c index 9d8fc0e..ff05e59 100644 --- a/net/dccp/ccid.c +++ b/net/dccp/ccid.c @@ -13,7 +13,7 @@ #include "ccid.h" -static struct ccid *ccids[CCID_MAX]; +static struct ccid_operations *ccids[CCID_MAX]; #if defined(CONFIG_SMP) || defined(CONFIG_PREEMPT) static atomic_t ccids_lockct = ATOMIC_INIT(0); static DEFINE_SPINLOCK(ccids_lock); @@ -55,85 +55,202 @@ static inline void ccids_read_unlock(void) #define ccids_read_unlock() do { } while(0) #endif -int ccid_register(struct ccid *ccid) +static kmem_cache_t *ccid_kmem_cache_create(int obj_size, const char *fmt,...) { - int err; + kmem_cache_t *slab; + char slab_name_fmt[32], *slab_name; + va_list args; - if (ccid->ccid_init == NULL) - return -1; + va_start(args, fmt); + vsnprintf(slab_name_fmt, sizeof(slab_name_fmt), fmt, args); + va_end(args); + + slab_name = kstrdup(slab_name_fmt, GFP_KERNEL); + if (slab_name == NULL) + return NULL; + slab = kmem_cache_create(slab_name, sizeof(struct ccid) + obj_size, 0, + SLAB_HWCACHE_ALIGN, NULL, NULL); + if (slab == NULL) + kfree(slab_name); + return slab; +} + +static void ccid_kmem_cache_destroy(kmem_cache_t *slab) +{ + if (slab != NULL) { + const char *name = kmem_cache_name(slab); + + kmem_cache_destroy(slab); + kfree(name); + } +} + +int ccid_register(struct ccid_operations *ccid_ops) +{ + int err = -ENOBUFS; + + ccid_ops->ccid_hc_rx_slab = + ccid_kmem_cache_create(ccid_ops->ccid_hc_rx_obj_size, + "%s_hc_rx_sock", + ccid_ops->ccid_name); + if (ccid_ops->ccid_hc_rx_slab == NULL) + goto out; + + ccid_ops->ccid_hc_tx_slab = + ccid_kmem_cache_create(ccid_ops->ccid_hc_tx_obj_size, + "%s_hc_tx_sock", + ccid_ops->ccid_name); + if (ccid_ops->ccid_hc_tx_slab == NULL) + goto out_free_rx_slab; ccids_write_lock(); err = -EEXIST; - if (ccids[ccid->ccid_id] == NULL) { - ccids[ccid->ccid_id] = ccid; + if (ccids[ccid_ops->ccid_id] == NULL) { + ccids[ccid_ops->ccid_id] = ccid_ops; err = 0; } ccids_write_unlock(); - if (err == 0) - pr_info("CCID: Registered CCID %d (%s)\n", - ccid->ccid_id, ccid->ccid_name); + if (err != 0) + goto out_free_tx_slab; + + pr_info("CCID: Registered CCID %d (%s)\n", + ccid_ops->ccid_id, ccid_ops->ccid_name); +out: return err; +out_free_tx_slab: + ccid_kmem_cache_destroy(ccid_ops->ccid_hc_tx_slab); + ccid_ops->ccid_hc_tx_slab = NULL; + goto out; +out_free_rx_slab: + ccid_kmem_cache_destroy(ccid_ops->ccid_hc_rx_slab); + ccid_ops->ccid_hc_rx_slab = NULL; + goto out; } EXPORT_SYMBOL_GPL(ccid_register); -int ccid_unregister(struct ccid *ccid) +int ccid_unregister(struct ccid_operations *ccid_ops) { ccids_write_lock(); - ccids[ccid->ccid_id] = NULL; + ccids[ccid_ops->ccid_id] = NULL; ccids_write_unlock(); + + ccid_kmem_cache_destroy(ccid_ops->ccid_hc_tx_slab); + ccid_ops->ccid_hc_tx_slab = NULL; + ccid_kmem_cache_destroy(ccid_ops->ccid_hc_rx_slab); + ccid_ops->ccid_hc_rx_slab = NULL; + pr_info("CCID: Unregistered CCID %d (%s)\n", - ccid->ccid_id, ccid->ccid_name); + ccid_ops->ccid_id, ccid_ops->ccid_name); return 0; } EXPORT_SYMBOL_GPL(ccid_unregister); -struct ccid *ccid_init(unsigned char id, struct sock *sk) +struct ccid *ccid_new(unsigned char id, struct sock *sk, int rx, gfp_t gfp) { - struct ccid *ccid; + struct ccid_operations *ccid_ops; + struct ccid *ccid = NULL; + ccids_read_lock(); #ifdef CONFIG_KMOD - if (ccids[id] == NULL) + if (ccids[id] == NULL) { + /* We only try to load if in process context */ + ccids_read_unlock(); + if (gfp & GFP_ATOMIC) + goto out; request_module("net-dccp-ccid-%d", id); + ccids_read_lock(); + } #endif - ccids_read_lock(); + ccid_ops = ccids[id]; + if (ccid_ops == NULL) + goto out_unlock; - ccid = ccids[id]; - if (ccid == NULL) - goto out; + if (!try_module_get(ccid_ops->ccid_owner)) + goto out_unlock; - if (!try_module_get(ccid->ccid_owner)) - goto out_err; + ccids_read_unlock(); - if (ccid->ccid_init(sk) != 0) + ccid = kmem_cache_alloc(rx ? ccid_ops->ccid_hc_rx_slab : + ccid_ops->ccid_hc_tx_slab, gfp); + if (ccid == NULL) goto out_module_put; + ccid->ccid_ops = ccid_ops; + if (rx) { + memset(ccid + 1, 0, ccid_ops->ccid_hc_rx_obj_size); + if (ccid->ccid_ops->ccid_hc_rx_init != NULL && + ccid->ccid_ops->ccid_hc_rx_init(ccid, sk) != 0) + goto out_free_ccid; + } else { + memset(ccid + 1, 0, ccid_ops->ccid_hc_tx_obj_size); + if (ccid->ccid_ops->ccid_hc_tx_init != NULL && + ccid->ccid_ops->ccid_hc_tx_init(ccid, sk) != 0) + goto out_free_ccid; + } out: - ccids_read_unlock(); return ccid; -out_module_put: - module_put(ccid->ccid_owner); -out_err: +out_unlock: + ccids_read_unlock(); + goto out; +out_free_ccid: + kmem_cache_free(rx ? ccid_ops->ccid_hc_rx_slab : + ccid_ops->ccid_hc_tx_slab, ccid); ccid = NULL; +out_module_put: + module_put(ccid_ops->ccid_owner); goto out; } -EXPORT_SYMBOL_GPL(ccid_init); +EXPORT_SYMBOL_GPL(ccid_new); + +struct ccid *ccid_hc_rx_new(unsigned char id, struct sock *sk, gfp_t gfp) +{ + return ccid_new(id, sk, 1, gfp); +} + +EXPORT_SYMBOL_GPL(ccid_hc_rx_new); + +struct ccid *ccid_hc_tx_new(unsigned char id,struct sock *sk, gfp_t gfp) +{ + return ccid_new(id, sk, 0, gfp); +} + +EXPORT_SYMBOL_GPL(ccid_hc_tx_new); -void ccid_exit(struct ccid *ccid, struct sock *sk) +static void ccid_delete(struct ccid *ccid, struct sock *sk, int rx) { + struct ccid_operations *ccid_ops; + if (ccid == NULL) return; + ccid_ops = ccid->ccid_ops; + if (rx) { + if (ccid_ops->ccid_hc_rx_exit != NULL) + ccid_ops->ccid_hc_rx_exit(sk); + kmem_cache_free(ccid_ops->ccid_hc_rx_slab, ccid); + } else { + if (ccid_ops->ccid_hc_tx_exit != NULL) + ccid_ops->ccid_hc_tx_exit(sk); + kmem_cache_free(ccid_ops->ccid_hc_tx_slab, ccid); + } ccids_read_lock(); + if (ccids[ccid_ops->ccid_id] != NULL) + module_put(ccid_ops->ccid_owner); + ccids_read_unlock(); +} - if (ccids[ccid->ccid_id] != NULL) { - if (ccid->ccid_exit != NULL) - ccid->ccid_exit(sk); - module_put(ccid->ccid_owner); - } +void ccid_hc_rx_delete(struct ccid *ccid, struct sock *sk) +{ + ccid_delete(ccid, sk, 1); +} - ccids_read_unlock(); +EXPORT_SYMBOL_GPL(ccid_hc_rx_delete); + +void ccid_hc_tx_delete(struct ccid *ccid, struct sock *sk) +{ + ccid_delete(ccid, sk, 0); } -EXPORT_SYMBOL_GPL(ccid_exit); +EXPORT_SYMBOL_GPL(ccid_hc_tx_delete); diff --git a/net/dccp/ccid.h b/net/dccp/ccid.h index de681c6..f7eb6c6 100644 --- a/net/dccp/ccid.h +++ b/net/dccp/ccid.h @@ -23,14 +23,16 @@ struct tcp_info; -struct ccid { +struct ccid_operations { unsigned char ccid_id; const char *ccid_name; struct module *ccid_owner; - int (*ccid_init)(struct sock *sk); - void (*ccid_exit)(struct sock *sk); - int (*ccid_hc_rx_init)(struct sock *sk); - int (*ccid_hc_tx_init)(struct sock *sk); + kmem_cache_t *ccid_hc_rx_slab; + __u32 ccid_hc_rx_obj_size; + kmem_cache_t *ccid_hc_tx_slab; + __u32 ccid_hc_tx_obj_size; + int (*ccid_hc_rx_init)(struct ccid *ccid, struct sock *sk); + int (*ccid_hc_tx_init)(struct ccid *ccid, struct sock *sk); void (*ccid_hc_rx_exit)(struct sock *sk); void (*ccid_hc_tx_exit)(struct sock *sk); void (*ccid_hc_rx_packet_recv)(struct sock *sk, @@ -39,9 +41,9 @@ struct ccid { unsigned char option, unsigned char len, u16 idx, unsigned char* value); - void (*ccid_hc_rx_insert_options)(struct sock *sk, + int (*ccid_hc_rx_insert_options)(struct sock *sk, struct sk_buff *skb); - void (*ccid_hc_tx_insert_options)(struct sock *sk, + int (*ccid_hc_tx_insert_options)(struct sock *sk, struct sk_buff *skb); void (*ccid_hc_tx_packet_recv)(struct sock *sk, struct sk_buff *skb); @@ -67,75 +69,58 @@ struct ccid { int __user *optlen); }; -extern int ccid_register(struct ccid *ccid); -extern int ccid_unregister(struct ccid *ccid); +extern int ccid_register(struct ccid_operations *ccid_ops); +extern int ccid_unregister(struct ccid_operations *ccid_ops); -extern struct ccid *ccid_init(unsigned char id, struct sock *sk); -extern void ccid_exit(struct ccid *ccid, struct sock *sk); +struct ccid { + struct ccid_operations *ccid_ops; + char ccid_priv[0]; +}; -static inline void __ccid_get(struct ccid *ccid) +static inline void *ccid_priv(const struct ccid *ccid) { - __module_get(ccid->ccid_owner); + return (void *)ccid->ccid_priv; } +extern struct ccid *ccid_new(unsigned char id, struct sock *sk, int rx, + gfp_t gfp); + +extern struct ccid *ccid_hc_rx_new(unsigned char id, struct sock *sk, + gfp_t gfp); +extern struct ccid *ccid_hc_tx_new(unsigned char id, struct sock *sk, + gfp_t gfp); + +extern void ccid_hc_rx_delete(struct ccid *ccid, struct sock *sk); +extern void ccid_hc_tx_delete(struct ccid *ccid, struct sock *sk); + static inline int ccid_hc_tx_send_packet(struct ccid *ccid, struct sock *sk, struct sk_buff *skb, int len) { int rc = 0; - if (ccid->ccid_hc_tx_send_packet != NULL) - rc = ccid->ccid_hc_tx_send_packet(sk, skb, len); + if (ccid->ccid_ops->ccid_hc_tx_send_packet != NULL) + rc = ccid->ccid_ops->ccid_hc_tx_send_packet(sk, skb, len); return rc; } static inline void ccid_hc_tx_packet_sent(struct ccid *ccid, struct sock *sk, int more, int len) { - if (ccid->ccid_hc_tx_packet_sent != NULL) - ccid->ccid_hc_tx_packet_sent(sk, more, len); -} - -static inline int ccid_hc_rx_init(struct ccid *ccid, struct sock *sk) -{ - int rc = 0; - if (ccid->ccid_hc_rx_init != NULL) - rc = ccid->ccid_hc_rx_init(sk); - return rc; -} - -static inline int ccid_hc_tx_init(struct ccid *ccid, struct sock *sk) -{ - int rc = 0; - if (ccid->ccid_hc_tx_init != NULL) - rc = ccid->ccid_hc_tx_init(sk); - return rc; -} - -static inline void ccid_hc_rx_exit(struct ccid *ccid, struct sock *sk) -{ - if (ccid != NULL && ccid->ccid_hc_rx_exit != NULL && - dccp_sk(sk)->dccps_hc_rx_ccid_private != NULL) - ccid->ccid_hc_rx_exit(sk); -} - -static inline void ccid_hc_tx_exit(struct ccid *ccid, struct sock *sk) -{ - if (ccid != NULL && ccid->ccid_hc_tx_exit != NULL && - dccp_sk(sk)->dccps_hc_tx_ccid_private != NULL) - ccid->ccid_hc_tx_exit(sk); + if (ccid->ccid_ops->ccid_hc_tx_packet_sent != NULL) + ccid->ccid_ops->ccid_hc_tx_packet_sent(sk, more, len); } static inline void ccid_hc_rx_packet_recv(struct ccid *ccid, struct sock *sk, struct sk_buff *skb) { - if (ccid->ccid_hc_rx_packet_recv != NULL) - ccid->ccid_hc_rx_packet_recv(sk, skb); + if (ccid->ccid_ops->ccid_hc_rx_packet_recv != NULL) + ccid->ccid_ops->ccid_hc_rx_packet_recv(sk, skb); } static inline void ccid_hc_tx_packet_recv(struct ccid *ccid, struct sock *sk, struct sk_buff *skb) { - if (ccid->ccid_hc_tx_packet_recv != NULL) - ccid->ccid_hc_tx_packet_recv(sk, skb); + if (ccid->ccid_ops->ccid_hc_tx_packet_recv != NULL) + ccid->ccid_ops->ccid_hc_tx_packet_recv(sk, skb); } static inline int ccid_hc_tx_parse_options(struct ccid *ccid, struct sock *sk, @@ -144,8 +129,8 @@ static inline int ccid_hc_tx_parse_options(struct ccid *ccid, struct sock *sk, unsigned char* value) { int rc = 0; - if (ccid->ccid_hc_tx_parse_options != NULL) - rc = ccid->ccid_hc_tx_parse_options(sk, option, len, idx, + if (ccid->ccid_ops->ccid_hc_tx_parse_options != NULL) + rc = ccid->ccid_ops->ccid_hc_tx_parse_options(sk, option, len, idx, value); return rc; } @@ -156,37 +141,39 @@ static inline int ccid_hc_rx_parse_options(struct ccid *ccid, struct sock *sk, unsigned char* value) { int rc = 0; - if (ccid->ccid_hc_rx_parse_options != NULL) - rc = ccid->ccid_hc_rx_parse_options(sk, option, len, idx, value); + if (ccid->ccid_ops->ccid_hc_rx_parse_options != NULL) + rc = ccid->ccid_ops->ccid_hc_rx_parse_options(sk, option, len, idx, value); return rc; } -static inline void ccid_hc_tx_insert_options(struct ccid *ccid, struct sock *sk, - struct sk_buff *skb) +static inline int ccid_hc_tx_insert_options(struct ccid *ccid, struct sock *sk, + struct sk_buff *skb) { - if (ccid->ccid_hc_tx_insert_options != NULL) - ccid->ccid_hc_tx_insert_options(sk, skb); + if (ccid->ccid_ops->ccid_hc_tx_insert_options != NULL) + return ccid->ccid_ops->ccid_hc_tx_insert_options(sk, skb); + return 0; } -static inline void ccid_hc_rx_insert_options(struct ccid *ccid, struct sock *sk, - struct sk_buff *skb) +static inline int ccid_hc_rx_insert_options(struct ccid *ccid, struct sock *sk, + struct sk_buff *skb) { - if (ccid->ccid_hc_rx_insert_options != NULL) - ccid->ccid_hc_rx_insert_options(sk, skb); + if (ccid->ccid_ops->ccid_hc_rx_insert_options != NULL) + return ccid->ccid_ops->ccid_hc_rx_insert_options(sk, skb); + return 0; } static inline void ccid_hc_rx_get_info(struct ccid *ccid, struct sock *sk, struct tcp_info *info) { - if (ccid->ccid_hc_rx_get_info != NULL) - ccid->ccid_hc_rx_get_info(sk, info); + if (ccid->ccid_ops->ccid_hc_rx_get_info != NULL) + ccid->ccid_ops->ccid_hc_rx_get_info(sk, info); } static inline void ccid_hc_tx_get_info(struct ccid *ccid, struct sock *sk, struct tcp_info *info) { - if (ccid->ccid_hc_tx_get_info != NULL) - ccid->ccid_hc_tx_get_info(sk, info); + if (ccid->ccid_ops->ccid_hc_tx_get_info != NULL) + ccid->ccid_ops->ccid_hc_tx_get_info(sk, info); } static inline int ccid_hc_rx_getsockopt(struct ccid *ccid, struct sock *sk, @@ -194,8 +181,8 @@ static inline int ccid_hc_rx_getsockopt(struct ccid *ccid, struct sock *sk, u32 __user *optval, int __user *optlen) { int rc = -ENOPROTOOPT; - if (ccid->ccid_hc_rx_getsockopt != NULL) - rc = ccid->ccid_hc_rx_getsockopt(sk, optname, len, + if (ccid->ccid_ops->ccid_hc_rx_getsockopt != NULL) + rc = ccid->ccid_ops->ccid_hc_rx_getsockopt(sk, optname, len, optval, optlen); return rc; } @@ -205,8 +192,8 @@ static inline int ccid_hc_tx_getsockopt(struct ccid *ccid, struct sock *sk, u32 __user *optval, int __user *optlen) { int rc = -ENOPROTOOPT; - if (ccid->ccid_hc_tx_getsockopt != NULL) - rc = ccid->ccid_hc_tx_getsockopt(sk, optname, len, + if (ccid->ccid_ops->ccid_hc_tx_getsockopt != NULL) + rc = ccid->ccid_ops->ccid_hc_tx_getsockopt(sk, optname, len, optval, optlen); return rc; } diff --git a/net/dccp/ccids/Kconfig b/net/dccp/ccids/Kconfig index 7684d83..ca00191 100644 --- a/net/dccp/ccids/Kconfig +++ b/net/dccp/ccids/Kconfig @@ -1,9 +1,39 @@ menu "DCCP CCIDs Configuration (EXPERIMENTAL)" depends on IP_DCCP && EXPERIMENTAL +config IP_DCCP_CCID2 + tristate "CCID2 (TCP-Like) (EXPERIMENTAL)" + depends on IP_DCCP + def_tristate IP_DCCP + select IP_DCCP_ACKVEC + ---help--- + CCID 2, TCP-like Congestion Control, denotes Additive Increase, + Multiplicative Decrease (AIMD) congestion control with behavior + modelled directly on TCP, including congestion window, slow start, + timeouts, and so forth [RFC 2581]. CCID 2 achieves maximum + bandwidth over the long term, consistent with the use of end-to-end + congestion control, but halves its congestion window in response to + each congestion event. This leads to the abrupt rate changes + typical of TCP. Applications should use CCID 2 if they prefer + maximum bandwidth utilization to steadiness of rate. This is often + the case for applications that are not playing their data directly + to the user. For example, a hypothetical application that + transferred files over DCCP, using application-level retransmissions + for lost packets, would prefer CCID 2 to CCID 3. On-line games may + also prefer CCID 2. + + CCID 2 is further described in: + http://www.icir.org/kohler/dccp/draft-ietf-dccp-ccid2-10.txt + + This text was extracted from: + http://www.icir.org/kohler/dccp/draft-ietf-dccp-spec-13.txt + + If in doubt, say M. + config IP_DCCP_CCID3 - tristate "CCID3 (TFRC) (EXPERIMENTAL)" + tristate "CCID3 (TCP-Friendly) (EXPERIMENTAL)" depends on IP_DCCP + def_tristate IP_DCCP ---help--- CCID 3 denotes TCP-Friendly Rate Control (TFRC), an equation-based rate-controlled congestion control mechanism. TFRC is designed to @@ -15,10 +45,15 @@ config IP_DCCP_CCID3 suitable than CCID 2 for applications such streaming media where a relatively smooth sending rate is of importance. - CCID 3 is further described in [CCID 3 PROFILE]. The TFRC - congestion control algorithms were initially described in RFC 3448. + CCID 3 is further described in: + + http://www.icir.org/kohler/dccp/draft-ietf-dccp-ccid3-11.txt. + + The TFRC congestion control algorithms were initially described in + RFC 3448. - This text was extracted from draft-ietf-dccp-spec-11.txt. + This text was extracted from: + http://www.icir.org/kohler/dccp/draft-ietf-dccp-spec-13.txt If in doubt, say M. diff --git a/net/dccp/ccids/Makefile b/net/dccp/ccids/Makefile index 956f79f..438f20b 100644 --- a/net/dccp/ccids/Makefile +++ b/net/dccp/ccids/Makefile @@ -2,4 +2,8 @@ obj-$(CONFIG_IP_DCCP_CCID3) += dccp_ccid3.o dccp_ccid3-y := ccid3.o +obj-$(CONFIG_IP_DCCP_CCID2) += dccp_ccid2.o + +dccp_ccid2-y := ccid2.o + obj-y += lib/ diff --git a/net/dccp/ccids/ccid2.c b/net/dccp/ccids/ccid2.c new file mode 100644 index 0000000..d4f9e2d --- /dev/null +++ b/net/dccp/ccids/ccid2.c @@ -0,0 +1,779 @@ +/* + * net/dccp/ccids/ccid2.c + * + * Copyright (c) 2005, 2006 Andrea Bittau <a.bittau@cs.ucl.ac.uk> + * + * Changes to meet Linux coding standards, and DCCP infrastructure fixes. + * + * Copyright (c) 2006 Arnaldo Carvalho de Melo <acme@conectiva.com.br> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + +/* + * This implementation should follow: draft-ietf-dccp-ccid2-10.txt + * + * BUGS: + * - sequence number wrapping + * - jiffies wrapping + */ + +#include <linux/config.h> +#include "../ccid.h" +#include "../dccp.h" +#include "ccid2.h" + +static int ccid2_debug; + +#undef CCID2_DEBUG +#ifdef CCID2_DEBUG +#define ccid2_pr_debug(format, a...) \ + do { if (ccid2_debug) \ + printk(KERN_DEBUG "%s: " format, __FUNCTION__, ##a); \ + } while (0) +#else +#define ccid2_pr_debug(format, a...) +#endif + +static const int ccid2_seq_len = 128; + +#ifdef CCID2_DEBUG +static void ccid2_hc_tx_check_sanity(const struct ccid2_hc_tx_sock *hctx) +{ + int len = 0; + int pipe = 0; + struct ccid2_seq *seqp = hctx->ccid2hctx_seqh; + + /* there is data in the chain */ + if (seqp != hctx->ccid2hctx_seqt) { + seqp = seqp->ccid2s_prev; + len++; + if (!seqp->ccid2s_acked) + pipe++; + + while (seqp != hctx->ccid2hctx_seqt) { + struct ccid2_seq *prev = seqp->ccid2s_prev; + + len++; + if (!prev->ccid2s_acked) + pipe++; + + /* packets are sent sequentially */ + BUG_ON(seqp->ccid2s_seq <= prev->ccid2s_seq); + BUG_ON(seqp->ccid2s_sent < prev->ccid2s_sent); + BUG_ON(len > ccid2_seq_len); + + seqp = prev; + } + } + + BUG_ON(pipe != hctx->ccid2hctx_pipe); + ccid2_pr_debug("len of chain=%d\n", len); + + do { + seqp = seqp->ccid2s_prev; + len++; + BUG_ON(len > ccid2_seq_len); + } while (seqp != hctx->ccid2hctx_seqh); + + BUG_ON(len != ccid2_seq_len); + ccid2_pr_debug("total len=%d\n", len); +} +#else +#define ccid2_hc_tx_check_sanity(hctx) do {} while (0) +#endif + +static int ccid2_hc_tx_send_packet(struct sock *sk, + struct sk_buff *skb, int len) +{ + struct ccid2_hc_tx_sock *hctx; + + switch (DCCP_SKB_CB(skb)->dccpd_type) { + case 0: /* XXX data packets from userland come through like this */ + case DCCP_PKT_DATA: + case DCCP_PKT_DATAACK: + break; + /* No congestion control on other packets */ + default: + return 0; + } + + hctx = ccid2_hc_tx_sk(sk); + + ccid2_pr_debug("pipe=%d cwnd=%d\n", hctx->ccid2hctx_pipe, + hctx->ccid2hctx_cwnd); + + if (hctx->ccid2hctx_pipe < hctx->ccid2hctx_cwnd) { + /* OK we can send... make sure previous packet was sent off */ + if (!hctx->ccid2hctx_sendwait) { + hctx->ccid2hctx_sendwait = 1; + return 0; + } + } + + return 100; /* XXX */ +} + +static void ccid2_change_l_ack_ratio(struct sock *sk, int val) +{ + struct dccp_sock *dp = dccp_sk(sk); + /* + * XXX I don't really agree with val != 2. If cwnd is 1, ack ratio + * should be 1... it shouldn't be allowed to become 2. + * -sorbo. + */ + if (val != 2) { + const struct ccid2_hc_tx_sock *hctx = ccid2_hc_tx_sk(sk); + int max = hctx->ccid2hctx_cwnd / 2; + + /* round up */ + if (hctx->ccid2hctx_cwnd & 1) + max++; + + if (val > max) + val = max; + } + + ccid2_pr_debug("changing local ack ratio to %d\n", val); + WARN_ON(val <= 0); + dp->dccps_l_ack_ratio = val; +} + +static void ccid2_change_cwnd(struct sock *sk, int val) +{ + struct ccid2_hc_tx_sock *hctx = ccid2_hc_tx_sk(sk); + + if (val == 0) + val = 1; + + /* XXX do we need to change ack ratio? */ + ccid2_pr_debug("change cwnd to %d\n", val); + + BUG_ON(val < 1); + hctx->ccid2hctx_cwnd = val; +} + +static void ccid2_start_rto_timer(struct sock *sk); + +static void ccid2_hc_tx_rto_expire(unsigned long data) +{ + struct sock *sk = (struct sock *)data; + struct ccid2_hc_tx_sock *hctx = ccid2_hc_tx_sk(sk); + long s; + + bh_lock_sock(sk); + if (sock_owned_by_user(sk)) { + sk_reset_timer(sk, &hctx->ccid2hctx_rtotimer, + jiffies + HZ / 5); + goto out; + } + + ccid2_pr_debug("RTO_EXPIRE\n"); + + ccid2_hc_tx_check_sanity(hctx); + + /* back-off timer */ + hctx->ccid2hctx_rto <<= 1; + + s = hctx->ccid2hctx_rto / HZ; + if (s > 60) + hctx->ccid2hctx_rto = 60 * HZ; + + ccid2_start_rto_timer(sk); + + /* adjust pipe, cwnd etc */ + hctx->ccid2hctx_pipe = 0; + hctx->ccid2hctx_ssthresh = hctx->ccid2hctx_cwnd >> 1; + if (hctx->ccid2hctx_ssthresh < 2) + hctx->ccid2hctx_ssthresh = 2; + ccid2_change_cwnd(sk, 1); + + /* clear state about stuff we sent */ + hctx->ccid2hctx_seqt = hctx->ccid2hctx_seqh; + hctx->ccid2hctx_ssacks = 0; + hctx->ccid2hctx_acks = 0; + hctx->ccid2hctx_sent = 0; + + /* clear ack ratio state. */ + hctx->ccid2hctx_arsent = 0; + hctx->ccid2hctx_ackloss = 0; + hctx->ccid2hctx_rpseq = 0; + hctx->ccid2hctx_rpdupack = -1; + ccid2_change_l_ack_ratio(sk, 1); + ccid2_hc_tx_check_sanity(hctx); +out: + bh_unlock_sock(sk); + sock_put(sk); +} + +static void ccid2_start_rto_timer(struct sock *sk) +{ + struct ccid2_hc_tx_sock *hctx = ccid2_hc_tx_sk(sk); + + ccid2_pr_debug("setting RTO timeout=%ld\n", hctx->ccid2hctx_rto); + + BUG_ON(timer_pending(&hctx->ccid2hctx_rtotimer)); + sk_reset_timer(sk, &hctx->ccid2hctx_rtotimer, + jiffies + hctx->ccid2hctx_rto); +} + +static void ccid2_hc_tx_packet_sent(struct sock *sk, int more, int len) +{ + struct dccp_sock *dp = dccp_sk(sk); + struct ccid2_hc_tx_sock *hctx = ccid2_hc_tx_sk(sk); + u64 seq; + + ccid2_hc_tx_check_sanity(hctx); + + BUG_ON(!hctx->ccid2hctx_sendwait); + hctx->ccid2hctx_sendwait = 0; + hctx->ccid2hctx_pipe++; + BUG_ON(hctx->ccid2hctx_pipe < 0); + + /* There is an issue. What if another packet is sent between + * packet_send() and packet_sent(). Then the sequence number would be + * wrong. + * -sorbo. + */ + seq = dp->dccps_gss; + + hctx->ccid2hctx_seqh->ccid2s_seq = seq; + hctx->ccid2hctx_seqh->ccid2s_acked = 0; + hctx->ccid2hctx_seqh->ccid2s_sent = jiffies; + hctx->ccid2hctx_seqh = hctx->ccid2hctx_seqh->ccid2s_next; + + ccid2_pr_debug("cwnd=%d pipe=%d\n", hctx->ccid2hctx_cwnd, + hctx->ccid2hctx_pipe); + + if (hctx->ccid2hctx_seqh == hctx->ccid2hctx_seqt) { + /* XXX allocate more space */ + WARN_ON(1); + } + + hctx->ccid2hctx_sent++; + + /* Ack Ratio. Need to maintain a concept of how many windows we sent */ + hctx->ccid2hctx_arsent++; + /* We had an ack loss in this window... */ + if (hctx->ccid2hctx_ackloss) { + if (hctx->ccid2hctx_arsent >= hctx->ccid2hctx_cwnd) { + hctx->ccid2hctx_arsent = 0; + hctx->ccid2hctx_ackloss = 0; + } + } else { + /* No acks lost up to now... */ + /* decrease ack ratio if enough packets were sent */ + if (dp->dccps_l_ack_ratio > 1) { + /* XXX don't calculate denominator each time */ + int denom = dp->dccps_l_ack_ratio * dp->dccps_l_ack_ratio - + dp->dccps_l_ack_ratio; + + denom = hctx->ccid2hctx_cwnd * hctx->ccid2hctx_cwnd / denom; + + if (hctx->ccid2hctx_arsent >= denom) { + ccid2_change_l_ack_ratio(sk, dp->dccps_l_ack_ratio - 1); + hctx->ccid2hctx_arsent = 0; + } + } else { + /* we can't increase ack ratio further [1] */ + hctx->ccid2hctx_arsent = 0; /* or maybe set it to cwnd*/ + } + } + + /* setup RTO timer */ + if (!timer_pending(&hctx->ccid2hctx_rtotimer)) + ccid2_start_rto_timer(sk); + +#ifdef CCID2_DEBUG + ccid2_pr_debug("pipe=%d\n", hctx->ccid2hctx_pipe); + ccid2_pr_debug("Sent: seq=%llu\n", seq); + do { + struct ccid2_seq *seqp = hctx->ccid2hctx_seqt; + + while (seqp != hctx->ccid2hctx_seqh) { + ccid2_pr_debug("out seq=%llu acked=%d time=%lu\n", + seqp->ccid2s_seq, seqp->ccid2s_acked, + seqp->ccid2s_sent); + seqp = seqp->ccid2s_next; + } + } while (0); + ccid2_pr_debug("=========\n"); + ccid2_hc_tx_check_sanity(hctx); +#endif +} + +/* XXX Lame code duplication! + * returns -1 if none was found. + * else returns the next offset to use in the function call. + */ +static int ccid2_ackvector(struct sock *sk, struct sk_buff *skb, int offset, + unsigned char **vec, unsigned char *veclen) +{ + const struct dccp_hdr *dh = dccp_hdr(skb); + unsigned char *options = (unsigned char *)dh + dccp_hdr_len(skb); + unsigned char *opt_ptr; + const unsigned char *opt_end = (unsigned char *)dh + + (dh->dccph_doff * 4); + unsigned char opt, len; + unsigned char *value; + + BUG_ON(offset < 0); + options += offset; + opt_ptr = options; + if (opt_ptr >= opt_end) + return -1; + + while (opt_ptr != opt_end) { + opt = *opt_ptr++; + len = 0; + value = NULL; + + /* Check if this isn't a single byte option */ + if (opt > DCCPO_MAX_RESERVED) { + if (opt_ptr == opt_end) + goto out_invalid_option; + + len = *opt_ptr++; + if (len < 3) + goto out_invalid_option; + /* + * Remove the type and len fields, leaving + * just the value size + */ + len -= 2; + value = opt_ptr; + opt_ptr += len; + + if (opt_ptr > opt_end) + goto out_invalid_option; + } + + switch (opt) { + case DCCPO_ACK_VECTOR_0: + case DCCPO_ACK_VECTOR_1: + *vec = value; + *veclen = len; + return offset + (opt_ptr - options); + } + } + + return -1; + +out_invalid_option: + BUG_ON(1); /* should never happen... options were previously parsed ! */ + return -1; +} + +static void ccid2_hc_tx_kill_rto_timer(struct sock *sk) +{ + struct ccid2_hc_tx_sock *hctx = ccid2_hc_tx_sk(sk); + + sk_stop_timer(sk, &hctx->ccid2hctx_rtotimer); + ccid2_pr_debug("deleted RTO timer\n"); +} + +static inline void ccid2_new_ack(struct sock *sk, + struct ccid2_seq *seqp, + unsigned int *maxincr) +{ + struct ccid2_hc_tx_sock *hctx = ccid2_hc_tx_sk(sk); + + /* slow start */ + if (hctx->ccid2hctx_cwnd < hctx->ccid2hctx_ssthresh) { + hctx->ccid2hctx_acks = 0; + + /* We can increase cwnd at most maxincr [ack_ratio/2] */ + if (*maxincr) { + /* increase every 2 acks */ + hctx->ccid2hctx_ssacks++; + if (hctx->ccid2hctx_ssacks == 2) { + ccid2_change_cwnd(sk, hctx->ccid2hctx_cwnd + 1); + hctx->ccid2hctx_ssacks = 0; + *maxincr = *maxincr - 1; + } + } else { + /* increased cwnd enough for this single ack */ + hctx->ccid2hctx_ssacks = 0; + } + } else { + hctx->ccid2hctx_ssacks = 0; + hctx->ccid2hctx_acks++; + + if (hctx->ccid2hctx_acks >= hctx->ccid2hctx_cwnd) { + ccid2_change_cwnd(sk, hctx->ccid2hctx_cwnd + 1); + hctx->ccid2hctx_acks = 0; + } + } + + /* update RTO */ + if (hctx->ccid2hctx_srtt == -1 || + (jiffies - hctx->ccid2hctx_lastrtt) >= hctx->ccid2hctx_srtt) { + unsigned long r = jiffies - seqp->ccid2s_sent; + int s; + + /* first measurement */ + if (hctx->ccid2hctx_srtt == -1) { + ccid2_pr_debug("R: %lu Time=%lu seq=%llu\n", + r, jiffies, seqp->ccid2s_seq); + hctx->ccid2hctx_srtt = r; + hctx->ccid2hctx_rttvar = r >> 1; + } else { + /* RTTVAR */ + long tmp = hctx->ccid2hctx_srtt - r; + if (tmp < 0) + tmp *= -1; + + tmp >>= 2; + hctx->ccid2hctx_rttvar *= 3; + hctx->ccid2hctx_rttvar >>= 2; + hctx->ccid2hctx_rttvar += tmp; + + /* SRTT */ + hctx->ccid2hctx_srtt *= 7; + hctx->ccid2hctx_srtt >>= 3; + tmp = r >> 3; + hctx->ccid2hctx_srtt += tmp; + } + s = hctx->ccid2hctx_rttvar << 2; + /* clock granularity is 1 when based on jiffies */ + if (!s) + s = 1; + hctx->ccid2hctx_rto = hctx->ccid2hctx_srtt + s; + + /* must be at least a second */ + s = hctx->ccid2hctx_rto / HZ; + /* DCCP doesn't require this [but I like it cuz my code sux] */ +#if 1 + if (s < 1) + hctx->ccid2hctx_rto = HZ; +#endif + /* max 60 seconds */ + if (s > 60) + hctx->ccid2hctx_rto = HZ * 60; + + hctx->ccid2hctx_lastrtt = jiffies; + + ccid2_pr_debug("srtt: %ld rttvar: %ld rto: %ld (HZ=%d) R=%lu\n", + hctx->ccid2hctx_srtt, hctx->ccid2hctx_rttvar, + hctx->ccid2hctx_rto, HZ, r); + hctx->ccid2hctx_sent = 0; + } + + /* we got a new ack, so re-start RTO timer */ + ccid2_hc_tx_kill_rto_timer(sk); + ccid2_start_rto_timer(sk); +} + +static void ccid2_hc_tx_dec_pipe(struct sock *sk) +{ + struct ccid2_hc_tx_sock *hctx = ccid2_hc_tx_sk(sk); + + hctx->ccid2hctx_pipe--; + BUG_ON(hctx->ccid2hctx_pipe < 0); + + if (hctx->ccid2hctx_pipe == 0) + ccid2_hc_tx_kill_rto_timer(sk); +} + +static void ccid2_hc_tx_packet_recv(struct sock *sk, struct sk_buff *skb) +{ + struct dccp_sock *dp = dccp_sk(sk); + struct ccid2_hc_tx_sock *hctx = ccid2_hc_tx_sk(sk); + u64 ackno, seqno; + struct ccid2_seq *seqp; + unsigned char *vector; + unsigned char veclen; + int offset = 0; + int done = 0; + int loss = 0; + unsigned int maxincr = 0; + + ccid2_hc_tx_check_sanity(hctx); + /* check reverse path congestion */ + seqno = DCCP_SKB_CB(skb)->dccpd_seq; + + /* XXX this whole "algorithm" is broken. Need to fix it to keep track + * of the seqnos of the dupacks so that rpseq and rpdupack are correct + * -sorbo. + */ + /* need to bootstrap */ + if (hctx->ccid2hctx_rpdupack == -1) { + hctx->ccid2hctx_rpdupack = 0; + hctx->ccid2hctx_rpseq = seqno; + } else { + /* check if packet is consecutive */ + if ((hctx->ccid2hctx_rpseq + 1) == seqno) + hctx->ccid2hctx_rpseq++; + /* it's a later packet */ + else if (after48(seqno, hctx->ccid2hctx_rpseq)) { + hctx->ccid2hctx_rpdupack++; + + /* check if we got enough dupacks */ + if (hctx->ccid2hctx_rpdupack >= + hctx->ccid2hctx_numdupack) { + hctx->ccid2hctx_rpdupack = -1; /* XXX lame */ + hctx->ccid2hctx_rpseq = 0; + + ccid2_change_l_ack_ratio(sk, dp->dccps_l_ack_ratio << 1); + } + } + } + + /* check forward path congestion */ + /* still didn't send out new data packets */ + if (hctx->ccid2hctx_seqh == hctx->ccid2hctx_seqt) + return; + + switch (DCCP_SKB_CB(skb)->dccpd_type) { + case DCCP_PKT_ACK: + case DCCP_PKT_DATAACK: + break; + default: + return; + } + + ackno = DCCP_SKB_CB(skb)->dccpd_ack_seq; + seqp = hctx->ccid2hctx_seqh->ccid2s_prev; + + /* If in slow-start, cwnd can increase at most Ack Ratio / 2 packets for + * this single ack. I round up. + * -sorbo. + */ + maxincr = dp->dccps_l_ack_ratio >> 1; + maxincr++; + + /* go through all ack vectors */ + while ((offset = ccid2_ackvector(sk, skb, offset, + &vector, &veclen)) != -1) { + /* go through this ack vector */ + while (veclen--) { + const u8 rl = *vector & DCCP_ACKVEC_LEN_MASK; + u64 ackno_end_rl; + + dccp_set_seqno(&ackno_end_rl, ackno - rl); + ccid2_pr_debug("ackvec start:%llu end:%llu\n", ackno, + ackno_end_rl); + /* if the seqno we are analyzing is larger than the + * current ackno, then move towards the tail of our + * seqnos. + */ + while (after48(seqp->ccid2s_seq, ackno)) { + if (seqp == hctx->ccid2hctx_seqt) { + done = 1; + break; + } + seqp = seqp->ccid2s_prev; + } + if (done) + break; + + /* check all seqnos in the range of the vector + * run length + */ + while (between48(seqp->ccid2s_seq,ackno_end_rl,ackno)) { + const u8 state = (*vector & + DCCP_ACKVEC_STATE_MASK) >> 6; + + /* new packet received or marked */ + if (state != DCCP_ACKVEC_STATE_NOT_RECEIVED && + !seqp->ccid2s_acked) { + if (state == + DCCP_ACKVEC_STATE_ECN_MARKED) { + loss = 1; + } else + ccid2_new_ack(sk, seqp, + &maxincr); + + seqp->ccid2s_acked = 1; + ccid2_pr_debug("Got ack for %llu\n", + seqp->ccid2s_seq); + ccid2_hc_tx_dec_pipe(sk); + } + if (seqp == hctx->ccid2hctx_seqt) { + done = 1; + break; + } + seqp = seqp->ccid2s_next; + } + if (done) + break; + + + dccp_set_seqno(&ackno, ackno_end_rl - 1); + vector++; + } + if (done) + break; + } + + /* The state about what is acked should be correct now + * Check for NUMDUPACK + */ + seqp = hctx->ccid2hctx_seqh->ccid2s_prev; + done = 0; + while (1) { + if (seqp->ccid2s_acked) { + done++; + if (done == hctx->ccid2hctx_numdupack) + break; + } + if (seqp == hctx->ccid2hctx_seqt) + break; + seqp = seqp->ccid2s_prev; + } + + /* If there are at least 3 acknowledgements, anything unacknowledged + * below the last sequence number is considered lost + */ + if (done == hctx->ccid2hctx_numdupack) { + struct ccid2_seq *last_acked = seqp; + + /* check for lost packets */ + while (1) { + if (!seqp->ccid2s_acked) { + loss = 1; + ccid2_hc_tx_dec_pipe(sk); + } + if (seqp == hctx->ccid2hctx_seqt) + break; + seqp = seqp->ccid2s_prev; + } + + hctx->ccid2hctx_seqt = last_acked; + } + + /* trim acked packets in tail */ + while (hctx->ccid2hctx_seqt != hctx->ccid2hctx_seqh) { + if (!hctx->ccid2hctx_seqt->ccid2s_acked) + break; + + hctx->ccid2hctx_seqt = hctx->ccid2hctx_seqt->ccid2s_next; + } + + if (loss) { + /* XXX do bit shifts guarantee a 0 as the new bit? */ + ccid2_change_cwnd(sk, hctx->ccid2hctx_cwnd >> 1); + hctx->ccid2hctx_ssthresh = hctx->ccid2hctx_cwnd; + if (hctx->ccid2hctx_ssthresh < 2) + hctx->ccid2hctx_ssthresh = 2; + } + + ccid2_hc_tx_check_sanity(hctx); +} + +static int ccid2_hc_tx_init(struct ccid *ccid, struct sock *sk) +{ + struct ccid2_hc_tx_sock *hctx = ccid_priv(ccid); + int seqcount = ccid2_seq_len; + int i; + + /* XXX init variables with proper values */ + hctx->ccid2hctx_cwnd = 1; + hctx->ccid2hctx_ssthresh = 10; + hctx->ccid2hctx_numdupack = 3; + + /* XXX init ~ to window size... */ + hctx->ccid2hctx_seqbuf = kmalloc(sizeof(*hctx->ccid2hctx_seqbuf) * + seqcount, gfp_any()); + if (hctx->ccid2hctx_seqbuf == NULL) + return -ENOMEM; + + for (i = 0; i < (seqcount - 1); i++) { + hctx->ccid2hctx_seqbuf[i].ccid2s_next = + &hctx->ccid2hctx_seqbuf[i + 1]; + hctx->ccid2hctx_seqbuf[i + 1].ccid2s_prev = + &hctx->ccid2hctx_seqbuf[i]; + } + hctx->ccid2hctx_seqbuf[seqcount - 1].ccid2s_next = + hctx->ccid2hctx_seqbuf; + hctx->ccid2hctx_seqbuf->ccid2s_prev = + &hctx->ccid2hctx_seqbuf[seqcount - 1]; + + hctx->ccid2hctx_seqh = hctx->ccid2hctx_seqbuf; + hctx->ccid2hctx_seqt = hctx->ccid2hctx_seqh; + hctx->ccid2hctx_sent = 0; + hctx->ccid2hctx_rto = 3 * HZ; + hctx->ccid2hctx_srtt = -1; + hctx->ccid2hctx_rttvar = -1; + hctx->ccid2hctx_lastrtt = 0; + hctx->ccid2hctx_rpdupack = -1; + + hctx->ccid2hctx_rtotimer.function = &ccid2_hc_tx_rto_expire; + hctx->ccid2hctx_rtotimer.data = (unsigned long)sk; + init_timer(&hctx->ccid2hctx_rtotimer); + + ccid2_hc_tx_check_sanity(hctx); + return 0; +} + +static void ccid2_hc_tx_exit(struct sock *sk) +{ + struct ccid2_hc_tx_sock *hctx = ccid2_hc_tx_sk(sk); + + ccid2_hc_tx_kill_rto_timer(sk); + kfree(hctx->ccid2hctx_seqbuf); + hctx->ccid2hctx_seqbuf = NULL; +} + +static void ccid2_hc_rx_packet_recv(struct sock *sk, struct sk_buff *skb) +{ + const struct dccp_sock *dp = dccp_sk(sk); + struct ccid2_hc_rx_sock *hcrx = ccid2_hc_rx_sk(sk); + + switch (DCCP_SKB_CB(skb)->dccpd_type) { + case DCCP_PKT_DATA: + case DCCP_PKT_DATAACK: + hcrx->ccid2hcrx_data++; + if (hcrx->ccid2hcrx_data >= dp->dccps_r_ack_ratio) { + dccp_send_ack(sk); + hcrx->ccid2hcrx_data = 0; + } + break; + } +} + +static struct ccid_operations ccid2 = { + .ccid_id = 2, + .ccid_name = "ccid2", + .ccid_owner = THIS_MODULE, + .ccid_hc_tx_obj_size = sizeof(struct ccid2_hc_tx_sock), + .ccid_hc_tx_init = ccid2_hc_tx_init, + .ccid_hc_tx_exit = ccid2_hc_tx_exit, + .ccid_hc_tx_send_packet = ccid2_hc_tx_send_packet, + .ccid_hc_tx_packet_sent = ccid2_hc_tx_packet_sent, + .ccid_hc_tx_packet_recv = ccid2_hc_tx_packet_recv, + .ccid_hc_rx_obj_size = sizeof(struct ccid2_hc_rx_sock), + .ccid_hc_rx_packet_recv = ccid2_hc_rx_packet_recv, +}; + +module_param(ccid2_debug, int, 0444); +MODULE_PARM_DESC(ccid2_debug, "Enable debug messages"); + +static __init int ccid2_module_init(void) +{ + return ccid_register(&ccid2); +} +module_init(ccid2_module_init); + +static __exit void ccid2_module_exit(void) +{ + ccid_unregister(&ccid2); +} +module_exit(ccid2_module_exit); + +MODULE_AUTHOR("Andrea Bittau <a.bittau@cs.ucl.ac.uk>"); +MODULE_DESCRIPTION("DCCP TCP-Like (CCID2) CCID"); +MODULE_LICENSE("GPL"); +MODULE_ALIAS("net-dccp-ccid-2"); diff --git a/net/dccp/ccids/ccid2.h b/net/dccp/ccids/ccid2.h new file mode 100644 index 0000000..451a874 --- /dev/null +++ b/net/dccp/ccids/ccid2.h @@ -0,0 +1,85 @@ +/* + * net/dccp/ccids/ccid2.h + * + * Copyright (c) 2005 Andrea Bittau <a.bittau@cs.ucl.ac.uk> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ +#ifndef _DCCP_CCID2_H_ +#define _DCCP_CCID2_H_ + +#include <linux/dccp.h> +#include <linux/timer.h> +#include <linux/types.h> +#include "../ccid.h" + +struct sock; + +struct ccid2_seq { + u64 ccid2s_seq; + unsigned long ccid2s_sent; + int ccid2s_acked; + struct ccid2_seq *ccid2s_prev; + struct ccid2_seq *ccid2s_next; +}; + +/** struct ccid2_hc_tx_sock - CCID2 TX half connection + * + * @ccid2hctx_ssacks - ACKs recv in slow start + * @ccid2hctx_acks - ACKS recv in AI phase + * @ccid2hctx_sent - packets sent in this window + * @ccid2hctx_lastrtt -time RTT was last measured + * @ccid2hctx_arsent - packets sent [ack ratio] + * @ccid2hctx_ackloss - ack was lost in this win + * @ccid2hctx_rpseq - last consecutive seqno + * @ccid2hctx_rpdupack - dupacks since rpseq +*/ +struct ccid2_hc_tx_sock { + int ccid2hctx_cwnd; + int ccid2hctx_ssacks; + int ccid2hctx_acks; + int ccid2hctx_ssthresh; + int ccid2hctx_pipe; + int ccid2hctx_numdupack; + struct ccid2_seq *ccid2hctx_seqbuf; + struct ccid2_seq *ccid2hctx_seqh; + struct ccid2_seq *ccid2hctx_seqt; + long ccid2hctx_rto; + long ccid2hctx_srtt; + long ccid2hctx_rttvar; + int ccid2hctx_sent; + unsigned long ccid2hctx_lastrtt; + struct timer_list ccid2hctx_rtotimer; + unsigned long ccid2hctx_arsent; + int ccid2hctx_ackloss; + u64 ccid2hctx_rpseq; + int ccid2hctx_rpdupack; + int ccid2hctx_sendwait; +}; + +struct ccid2_hc_rx_sock { + int ccid2hcrx_data; +}; + +static inline struct ccid2_hc_tx_sock *ccid2_hc_tx_sk(const struct sock *sk) +{ + return ccid_priv(dccp_sk(sk)->dccps_hc_tx_ccid); +} + +static inline struct ccid2_hc_rx_sock *ccid2_hc_rx_sk(const struct sock *sk) +{ + return ccid_priv(dccp_sk(sk)->dccps_hc_rx_ccid); +} +#endif /* _DCCP_CCID2_H_ */ diff --git a/net/dccp/ccids/ccid3.c b/net/dccp/ccids/ccid3.c index 35d1d34..b4a51d0 100644 --- a/net/dccp/ccids/ccid3.c +++ b/net/dccp/ccids/ccid3.c @@ -46,7 +46,7 @@ * Reason for maths here is to avoid 32 bit overflow when a is big. * With this we get close to the limit. */ -static inline u32 usecs_div(const u32 a, const u32 b) +static u32 usecs_div(const u32 a, const u32 b) { const u32 div = a < (UINT_MAX / (USEC_PER_SEC / 10)) ? 10 : a < (UINT_MAX / (USEC_PER_SEC / 50)) ? 50 : @@ -76,15 +76,6 @@ static struct dccp_tx_hist *ccid3_tx_hist; static struct dccp_rx_hist *ccid3_rx_hist; static struct dccp_li_hist *ccid3_li_hist; -static int ccid3_init(struct sock *sk) -{ - return 0; -} - -static void ccid3_exit(struct sock *sk) -{ -} - /* TFRC sender states */ enum ccid3_hc_tx_states { TFRC_SSTATE_NO_SENT = 1, @@ -107,8 +98,8 @@ static const char *ccid3_tx_state_name(enum ccid3_hc_tx_states state) } #endif -static inline void ccid3_hc_tx_set_state(struct sock *sk, - enum ccid3_hc_tx_states state) +static void ccid3_hc_tx_set_state(struct sock *sk, + enum ccid3_hc_tx_states state) { struct ccid3_hc_tx_sock *hctx = ccid3_hc_tx_sk(sk); enum ccid3_hc_tx_states oldstate = hctx->ccid3hctx_state; @@ -316,8 +307,6 @@ static int ccid3_hc_tx_send_packet(struct sock *sk, switch (hctx->ccid3hctx_state) { case TFRC_SSTATE_NO_SENT: - hctx->ccid3hctx_no_feedback_timer.function = ccid3_hc_tx_no_feedback_timer; - hctx->ccid3hctx_no_feedback_timer.data = (unsigned long)sk; sk_reset_timer(sk, &hctx->ccid3hctx_no_feedback_timer, jiffies + usecs_to_jiffies(TFRC_INITIAL_TIMEOUT)); hctx->ccid3hctx_last_win_count = 0; @@ -585,16 +574,15 @@ static void ccid3_hc_tx_packet_recv(struct sock *sk, struct sk_buff *skb) } } -static void ccid3_hc_tx_insert_options(struct sock *sk, struct sk_buff *skb) +static int ccid3_hc_tx_insert_options(struct sock *sk, struct sk_buff *skb) { const struct ccid3_hc_tx_sock *hctx = ccid3_hc_tx_sk(sk); BUG_ON(hctx == NULL); - if (!(sk->sk_state == DCCP_OPEN || sk->sk_state == DCCP_PARTOPEN)) - return; - - DCCP_SKB_CB(skb)->dccpd_ccval = hctx->ccid3hctx_last_win_count; + if (sk->sk_state == DCCP_OPEN || sk->sk_state == DCCP_PARTOPEN) + DCCP_SKB_CB(skb)->dccpd_ccval = hctx->ccid3hctx_last_win_count; + return 0; } static int ccid3_hc_tx_parse_options(struct sock *sk, unsigned char option, @@ -626,7 +614,7 @@ static int ccid3_hc_tx_parse_options(struct sock *sk, unsigned char option, __FUNCTION__, dccp_role(sk), sk); rc = -EINVAL; } else { - opt_recv->ccid3or_loss_event_rate = ntohl(*(u32 *)value); + opt_recv->ccid3or_loss_event_rate = ntohl(*(__be32 *)value); ccid3_pr_debug("%s, sk=%p, LOSS_EVENT_RATE=%u\n", dccp_role(sk), sk, opt_recv->ccid3or_loss_event_rate); @@ -647,7 +635,7 @@ static int ccid3_hc_tx_parse_options(struct sock *sk, unsigned char option, __FUNCTION__, dccp_role(sk), sk); rc = -EINVAL; } else { - opt_recv->ccid3or_receive_rate = ntohl(*(u32 *)value); + opt_recv->ccid3or_receive_rate = ntohl(*(__be32 *)value); ccid3_pr_debug("%s, sk=%p, RECEIVE_RATE=%u\n", dccp_role(sk), sk, opt_recv->ccid3or_receive_rate); @@ -658,17 +646,10 @@ static int ccid3_hc_tx_parse_options(struct sock *sk, unsigned char option, return rc; } -static int ccid3_hc_tx_init(struct sock *sk) +static int ccid3_hc_tx_init(struct ccid *ccid, struct sock *sk) { struct dccp_sock *dp = dccp_sk(sk); - struct ccid3_hc_tx_sock *hctx; - - dp->dccps_hc_tx_ccid_private = kmalloc(sizeof(*hctx), gfp_any()); - if (dp->dccps_hc_tx_ccid_private == NULL) - return -ENOMEM; - - hctx = ccid3_hc_tx_sk(sk); - memset(hctx, 0, sizeof(*hctx)); + struct ccid3_hc_tx_sock *hctx = ccid_priv(ccid); if (dp->dccps_packet_size >= TFRC_MIN_PACKET_SIZE && dp->dccps_packet_size <= TFRC_MAX_PACKET_SIZE) @@ -681,6 +662,9 @@ static int ccid3_hc_tx_init(struct sock *sk) hctx->ccid3hctx_t_rto = USEC_PER_SEC; hctx->ccid3hctx_state = TFRC_SSTATE_NO_SENT; INIT_LIST_HEAD(&hctx->ccid3hctx_hist); + + hctx->ccid3hctx_no_feedback_timer.function = ccid3_hc_tx_no_feedback_timer; + hctx->ccid3hctx_no_feedback_timer.data = (unsigned long)sk; init_timer(&hctx->ccid3hctx_no_feedback_timer); return 0; @@ -688,7 +672,6 @@ static int ccid3_hc_tx_init(struct sock *sk) static void ccid3_hc_tx_exit(struct sock *sk) { - struct dccp_sock *dp = dccp_sk(sk); struct ccid3_hc_tx_sock *hctx = ccid3_hc_tx_sk(sk); BUG_ON(hctx == NULL); @@ -698,9 +681,6 @@ static void ccid3_hc_tx_exit(struct sock *sk) /* Empty packet history */ dccp_tx_hist_purge(ccid3_tx_hist, &hctx->ccid3hctx_hist); - - kfree(dp->dccps_hc_tx_ccid_private); - dp->dccps_hc_tx_ccid_private = NULL; } /* @@ -727,8 +707,8 @@ static const char *ccid3_rx_state_name(enum ccid3_hc_rx_states state) } #endif -static inline void ccid3_hc_rx_set_state(struct sock *sk, - enum ccid3_hc_rx_states state) +static void ccid3_hc_rx_set_state(struct sock *sk, + enum ccid3_hc_rx_states state) { struct ccid3_hc_rx_sock *hcrx = ccid3_hc_rx_sk(sk); enum ccid3_hc_rx_states oldstate = hcrx->ccid3hcrx_state; @@ -793,31 +773,35 @@ static void ccid3_hc_rx_send_feedback(struct sock *sk) dccp_send_ack(sk); } -static void ccid3_hc_rx_insert_options(struct sock *sk, struct sk_buff *skb) +static int ccid3_hc_rx_insert_options(struct sock *sk, struct sk_buff *skb) { const struct ccid3_hc_rx_sock *hcrx = ccid3_hc_rx_sk(sk); - u32 x_recv, pinv; + __be32 x_recv, pinv; BUG_ON(hcrx == NULL); if (!(sk->sk_state == DCCP_OPEN || sk->sk_state == DCCP_PARTOPEN)) - return; + return 0; DCCP_SKB_CB(skb)->dccpd_ccval = hcrx->ccid3hcrx_last_counter; if (dccp_packet_without_ack(skb)) - return; - - if (hcrx->ccid3hcrx_elapsed_time != 0) - dccp_insert_option_elapsed_time(sk, skb, - hcrx->ccid3hcrx_elapsed_time); - dccp_insert_option_timestamp(sk, skb); + return 0; + x_recv = htonl(hcrx->ccid3hcrx_x_recv); pinv = htonl(hcrx->ccid3hcrx_pinv); - dccp_insert_option(sk, skb, TFRC_OPT_LOSS_EVENT_RATE, - &pinv, sizeof(pinv)); - dccp_insert_option(sk, skb, TFRC_OPT_RECEIVE_RATE, - &x_recv, sizeof(x_recv)); + + if ((hcrx->ccid3hcrx_elapsed_time != 0 && + dccp_insert_option_elapsed_time(sk, skb, + hcrx->ccid3hcrx_elapsed_time)) || + dccp_insert_option_timestamp(sk, skb) || + dccp_insert_option(sk, skb, TFRC_OPT_LOSS_EVENT_RATE, + &pinv, sizeof(pinv)) || + dccp_insert_option(sk, skb, TFRC_OPT_RECEIVE_RATE, + &x_recv, sizeof(x_recv))) + return -1; + + return 0; } /* calculate first loss interval @@ -1047,20 +1031,13 @@ static void ccid3_hc_rx_packet_recv(struct sock *sk, struct sk_buff *skb) } } -static int ccid3_hc_rx_init(struct sock *sk) +static int ccid3_hc_rx_init(struct ccid *ccid, struct sock *sk) { struct dccp_sock *dp = dccp_sk(sk); - struct ccid3_hc_rx_sock *hcrx; + struct ccid3_hc_rx_sock *hcrx = ccid_priv(ccid); ccid3_pr_debug("%s, sk=%p\n", dccp_role(sk), sk); - dp->dccps_hc_rx_ccid_private = kmalloc(sizeof(*hcrx), gfp_any()); - if (dp->dccps_hc_rx_ccid_private == NULL) - return -ENOMEM; - - hcrx = ccid3_hc_rx_sk(sk); - memset(hcrx, 0, sizeof(*hcrx)); - if (dp->dccps_packet_size >= TFRC_MIN_PACKET_SIZE && dp->dccps_packet_size <= TFRC_MAX_PACKET_SIZE) hcrx->ccid3hcrx_s = dp->dccps_packet_size; @@ -1079,7 +1056,6 @@ static int ccid3_hc_rx_init(struct sock *sk) static void ccid3_hc_rx_exit(struct sock *sk) { struct ccid3_hc_rx_sock *hcrx = ccid3_hc_rx_sk(sk); - struct dccp_sock *dp = dccp_sk(sk); BUG_ON(hcrx == NULL); @@ -1090,9 +1066,6 @@ static void ccid3_hc_rx_exit(struct sock *sk) /* Empty loss interval history */ dccp_li_hist_purge(ccid3_li_hist, &hcrx->ccid3hcrx_li_hist); - - kfree(dp->dccps_hc_rx_ccid_private); - dp->dccps_hc_rx_ccid_private = NULL; } static void ccid3_hc_rx_get_info(struct sock *sk, struct tcp_info *info) @@ -1178,12 +1151,11 @@ static int ccid3_hc_tx_getsockopt(struct sock *sk, const int optname, int len, return 0; } -static struct ccid ccid3 = { +static struct ccid_operations ccid3 = { .ccid_id = 3, .ccid_name = "ccid3", .ccid_owner = THIS_MODULE, - .ccid_init = ccid3_init, - .ccid_exit = ccid3_exit, + .ccid_hc_tx_obj_size = sizeof(struct ccid3_hc_tx_sock), .ccid_hc_tx_init = ccid3_hc_tx_init, .ccid_hc_tx_exit = ccid3_hc_tx_exit, .ccid_hc_tx_send_packet = ccid3_hc_tx_send_packet, @@ -1191,6 +1163,7 @@ static struct ccid ccid3 = { .ccid_hc_tx_packet_recv = ccid3_hc_tx_packet_recv, .ccid_hc_tx_insert_options = ccid3_hc_tx_insert_options, .ccid_hc_tx_parse_options = ccid3_hc_tx_parse_options, + .ccid_hc_rx_obj_size = sizeof(struct ccid3_hc_rx_sock), .ccid_hc_rx_init = ccid3_hc_rx_init, .ccid_hc_rx_exit = ccid3_hc_rx_exit, .ccid_hc_rx_insert_options = ccid3_hc_rx_insert_options, @@ -1241,15 +1214,6 @@ module_init(ccid3_module_init); static __exit void ccid3_module_exit(void) { -#ifdef CONFIG_IP_DCCP_UNLOAD_HACK - /* - * Hack to use while developing, so that we get rid of the control - * sock, that is what keeps a refcount on dccp.ko -acme - */ - extern void dccp_ctl_sock_exit(void); - - dccp_ctl_sock_exit(); -#endif ccid_unregister(&ccid3); if (ccid3_tx_hist != NULL) { diff --git a/net/dccp/ccids/ccid3.h b/net/dccp/ccids/ccid3.h index 0bde458..f18b96d4 100644 --- a/net/dccp/ccids/ccid3.h +++ b/net/dccp/ccids/ccid3.h @@ -41,6 +41,7 @@ #include <linux/time.h> #include <linux/types.h> #include <linux/tfrc.h> +#include "../ccid.h" #define TFRC_MIN_PACKET_SIZE 16 #define TFRC_STD_PACKET_SIZE 256 @@ -135,12 +136,12 @@ struct ccid3_hc_rx_sock { static inline struct ccid3_hc_tx_sock *ccid3_hc_tx_sk(const struct sock *sk) { - return dccp_sk(sk)->dccps_hc_tx_ccid_private; + return ccid_priv(dccp_sk(sk)->dccps_hc_tx_ccid); } static inline struct ccid3_hc_rx_sock *ccid3_hc_rx_sk(const struct sock *sk) { - return dccp_sk(sk)->dccps_hc_rx_ccid_private; + return ccid_priv(dccp_sk(sk)->dccps_hc_rx_ccid); } #endif /* _DCCP_CCID3_H_ */ diff --git a/net/dccp/dccp.h b/net/dccp/dccp.h index 93f26dd..1fe5091 100644 --- a/net/dccp/dccp.h +++ b/net/dccp/dccp.h @@ -59,8 +59,6 @@ extern void dccp_time_wait(struct sock *sk, int state, int timeo); #define DCCP_RTO_MAX ((unsigned)(120 * HZ)) /* FIXME: using TCP value */ -extern struct proto dccp_prot; - /* is seq1 < seq2 ? */ static inline int before48(const u64 seq1, const u64 seq2) { @@ -120,7 +118,6 @@ DECLARE_SNMP_STAT(struct dccp_mib, dccp_statistics); extern int dccp_retransmit_skb(struct sock *sk, struct sk_buff *skb); -extern int dccp_send_response(struct sock *sk); extern void dccp_send_ack(struct sock *sk); extern void dccp_send_delayed_ack(struct sock *sk); extern void dccp_send_sync(struct sock *sk, const u64 seq, @@ -140,53 +137,8 @@ extern unsigned int dccp_sync_mss(struct sock *sk, u32 pmtu); extern const char *dccp_packet_name(const int type); extern const char *dccp_state_name(const int state); -static inline void dccp_set_state(struct sock *sk, const int state) -{ - const int oldstate = sk->sk_state; - - dccp_pr_debug("%s(%p) %-10.10s -> %s\n", - dccp_role(sk), sk, - dccp_state_name(oldstate), dccp_state_name(state)); - WARN_ON(state == oldstate); - - switch (state) { - case DCCP_OPEN: - if (oldstate != DCCP_OPEN) - DCCP_INC_STATS(DCCP_MIB_CURRESTAB); - break; - - case DCCP_CLOSED: - if (oldstate == DCCP_CLOSING || oldstate == DCCP_OPEN) - DCCP_INC_STATS(DCCP_MIB_ESTABRESETS); - - sk->sk_prot->unhash(sk); - if (inet_csk(sk)->icsk_bind_hash != NULL && - !(sk->sk_userlocks & SOCK_BINDPORT_LOCK)) - inet_put_port(&dccp_hashinfo, sk); - /* fall through */ - default: - if (oldstate == DCCP_OPEN) - DCCP_DEC_STATS(DCCP_MIB_CURRESTAB); - } - - /* Change state AFTER socket is unhashed to avoid closed - * socket sitting in hash tables. - */ - sk->sk_state = state; -} - -static inline void dccp_done(struct sock *sk) -{ - dccp_set_state(sk, DCCP_CLOSED); - dccp_clear_xmit_timers(sk); - - sk->sk_shutdown = SHUTDOWN_MASK; - - if (!sock_flag(sk, SOCK_DEAD)) - sk->sk_state_change(sk); - else - inet_csk_destroy_sock(sk); -} +extern void dccp_set_state(struct sock *sk, const int state); +extern void dccp_done(struct sock *sk); static inline void dccp_openreq_init(struct request_sock *req, struct dccp_sock *dp, @@ -209,10 +161,6 @@ extern struct sock *dccp_create_openreq_child(struct sock *sk, extern int dccp_v4_do_rcv(struct sock *sk, struct sk_buff *skb); -extern void dccp_v4_err(struct sk_buff *skb, u32); - -extern int dccp_v4_rcv(struct sk_buff *skb); - extern struct sock *dccp_v4_request_recv_sock(struct sock *sk, struct sk_buff *skb, struct request_sock *req, @@ -228,24 +176,30 @@ extern int dccp_rcv_state_process(struct sock *sk, struct sk_buff *skb, extern int dccp_rcv_established(struct sock *sk, struct sk_buff *skb, const struct dccp_hdr *dh, const unsigned len); -extern int dccp_v4_init_sock(struct sock *sk); -extern int dccp_v4_destroy_sock(struct sock *sk); +extern int dccp_init_sock(struct sock *sk, const __u8 ctl_sock_initialized); +extern int dccp_destroy_sock(struct sock *sk); extern void dccp_close(struct sock *sk, long timeout); extern struct sk_buff *dccp_make_response(struct sock *sk, struct dst_entry *dst, struct request_sock *req); -extern struct sk_buff *dccp_make_reset(struct sock *sk, - struct dst_entry *dst, - enum dccp_reset_codes code); extern int dccp_connect(struct sock *sk); extern int dccp_disconnect(struct sock *sk, int flags); +extern void dccp_hash(struct sock *sk); extern void dccp_unhash(struct sock *sk); extern int dccp_getsockopt(struct sock *sk, int level, int optname, char __user *optval, int __user *optlen); extern int dccp_setsockopt(struct sock *sk, int level, int optname, char __user *optval, int optlen); +#ifdef CONFIG_COMPAT +extern int compat_dccp_getsockopt(struct sock *sk, + int level, int optname, + char __user *optval, int __user *optlen); +extern int compat_dccp_setsockopt(struct sock *sk, + int level, int optname, + char __user *optval, int optlen); +#endif extern int dccp_ioctl(struct sock *sk, int cmd, unsigned long arg); extern int dccp_sendmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, size_t size); @@ -262,15 +216,14 @@ extern int dccp_v4_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len); extern int dccp_v4_checksum(const struct sk_buff *skb, - const u32 saddr, const u32 daddr); + const __be32 saddr, const __be32 daddr); -extern int dccp_v4_send_reset(struct sock *sk, - enum dccp_reset_codes code); +extern int dccp_send_reset(struct sock *sk, enum dccp_reset_codes code); extern void dccp_send_close(struct sock *sk, const int active); extern int dccp_invalid_packet(struct sk_buff *skb); static inline int dccp_bad_service_code(const struct sock *sk, - const __u32 service) + const __be32 service) { const struct dccp_sock *dp = dccp_sk(sk); @@ -334,41 +287,29 @@ static inline void dccp_hdr_set_seq(struct dccp_hdr *dh, const u64 gss) { struct dccp_hdr_ext *dhx = (struct dccp_hdr_ext *)((void *)dh + sizeof(*dh)); - -#if defined(__LITTLE_ENDIAN_BITFIELD) - dh->dccph_seq = htonl((gss >> 32)) >> 8; -#elif defined(__BIG_ENDIAN_BITFIELD) - dh->dccph_seq = htonl((gss >> 32)); -#else -#error "Adjust your <asm/byteorder.h> defines" -#endif + dh->dccph_seq2 = 0; + dh->dccph_seq = htons((gss >> 32) & 0xfffff); dhx->dccph_seq_low = htonl(gss & 0xffffffff); } static inline void dccp_hdr_set_ack(struct dccp_hdr_ack_bits *dhack, const u64 gsr) { -#if defined(__LITTLE_ENDIAN_BITFIELD) - dhack->dccph_ack_nr_high = htonl((gsr >> 32)) >> 8; -#elif defined(__BIG_ENDIAN_BITFIELD) - dhack->dccph_ack_nr_high = htonl((gsr >> 32)); -#else -#error "Adjust your <asm/byteorder.h> defines" -#endif + dhack->dccph_reserved1 = 0; + dhack->dccph_ack_nr_high = htons(gsr >> 32); dhack->dccph_ack_nr_low = htonl(gsr & 0xffffffff); } static inline void dccp_update_gsr(struct sock *sk, u64 seq) { struct dccp_sock *dp = dccp_sk(sk); + const struct dccp_minisock *dmsk = dccp_msk(sk); dp->dccps_gsr = seq; dccp_set_seqno(&dp->dccps_swl, - (dp->dccps_gsr + 1 - - (dp->dccps_options.dccpo_sequence_window / 4))); + dp->dccps_gsr + 1 - (dmsk->dccpms_sequence_window / 4)); dccp_set_seqno(&dp->dccps_swh, - (dp->dccps_gsr + - (3 * dp->dccps_options.dccpo_sequence_window) / 4)); + dp->dccps_gsr + (3 * dmsk->dccpms_sequence_window) / 4); } static inline void dccp_update_gss(struct sock *sk, u64 seq) @@ -378,7 +319,7 @@ static inline void dccp_update_gss(struct sock *sk, u64 seq) dp->dccps_awh = dp->dccps_gss = seq; dccp_set_seqno(&dp->dccps_awl, (dp->dccps_gss - - dp->dccps_options.dccpo_sequence_window + 1)); + dccp_msk(sk)->dccpms_sequence_window + 1)); } static inline int dccp_ack_pending(const struct sock *sk) @@ -386,24 +327,22 @@ static inline int dccp_ack_pending(const struct sock *sk) const struct dccp_sock *dp = dccp_sk(sk); return dp->dccps_timestamp_echo != 0 || #ifdef CONFIG_IP_DCCP_ACKVEC - (dp->dccps_options.dccpo_send_ack_vector && + (dccp_msk(sk)->dccpms_send_ack_vector && dccp_ackvec_pending(dp->dccps_hc_rx_ackvec)) || #endif inet_csk_ack_scheduled(sk); } -extern void dccp_insert_options(struct sock *sk, struct sk_buff *skb); -extern void dccp_insert_option_elapsed_time(struct sock *sk, +extern int dccp_insert_options(struct sock *sk, struct sk_buff *skb); +extern int dccp_insert_option_elapsed_time(struct sock *sk, struct sk_buff *skb, u32 elapsed_time); -extern void dccp_insert_option_timestamp(struct sock *sk, +extern int dccp_insert_option_timestamp(struct sock *sk, struct sk_buff *skb); -extern void dccp_insert_option(struct sock *sk, struct sk_buff *skb, +extern int dccp_insert_option(struct sock *sk, struct sk_buff *skb, unsigned char option, const void *value, unsigned char len); -extern struct socket *dccp_ctl_socket; - extern void dccp_timestamp(const struct sock *sk, struct timeval *tv); static inline suseconds_t timeval_usecs(const struct timeval *tv) @@ -444,4 +383,18 @@ static inline void timeval_sub_usecs(struct timeval *tv, } } +#ifdef CONFIG_SYSCTL +extern int dccp_sysctl_init(void); +extern void dccp_sysctl_exit(void); +#else +static inline int dccp_sysctl_init(void) +{ + return 0; +} + +static inline void dccp_sysctl_exit(void) +{ +} +#endif + #endif /* _DCCP_H */ diff --git a/net/dccp/diag.c b/net/dccp/diag.c index 3f78c00..0f25dc3 100644 --- a/net/dccp/diag.c +++ b/net/dccp/diag.c @@ -30,7 +30,7 @@ static void dccp_get_info(struct sock *sk, struct tcp_info *info) info->tcpi_backoff = icsk->icsk_backoff; info->tcpi_pmtu = icsk->icsk_pmtu_cookie; - if (dp->dccps_options.dccpo_send_ack_vector) + if (dccp_msk(sk)->dccpms_send_ack_vector) info->tcpi_options |= TCPI_OPT_SACK; ccid_hc_rx_get_info(dp->dccps_hc_rx_ccid, sk, info); diff --git a/net/dccp/feat.c b/net/dccp/feat.c new file mode 100644 index 0000000..e3dd30d --- /dev/null +++ b/net/dccp/feat.c @@ -0,0 +1,586 @@ +/* + * net/dccp/feat.c + * + * An implementation of the DCCP protocol + * Andrea Bittau <a.bittau@cs.ucl.ac.uk> + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version + * 2 of the License, or (at your option) any later version. + */ + +#include <linux/config.h> +#include <linux/module.h> + +#include "dccp.h" +#include "ccid.h" +#include "feat.h" + +#define DCCP_FEAT_SP_NOAGREE (-123) + +int dccp_feat_change(struct dccp_minisock *dmsk, u8 type, u8 feature, + u8 *val, u8 len, gfp_t gfp) +{ + struct dccp_opt_pend *opt; + + dccp_pr_debug("feat change type=%d feat=%d\n", type, feature); + + /* XXX sanity check feat change request */ + + /* check if that feature is already being negotiated */ + list_for_each_entry(opt, &dmsk->dccpms_pending, dccpop_node) { + /* ok we found a negotiation for this option already */ + if (opt->dccpop_feat == feature && opt->dccpop_type == type) { + dccp_pr_debug("Replacing old\n"); + /* replace */ + BUG_ON(opt->dccpop_val == NULL); + kfree(opt->dccpop_val); + opt->dccpop_val = val; + opt->dccpop_len = len; + opt->dccpop_conf = 0; + return 0; + } + } + + /* negotiation for a new feature */ + opt = kmalloc(sizeof(*opt), gfp); + if (opt == NULL) + return -ENOMEM; + + opt->dccpop_type = type; + opt->dccpop_feat = feature; + opt->dccpop_len = len; + opt->dccpop_val = val; + opt->dccpop_conf = 0; + opt->dccpop_sc = NULL; + + BUG_ON(opt->dccpop_val == NULL); + + list_add_tail(&opt->dccpop_node, &dmsk->dccpms_pending); + return 0; +} + +EXPORT_SYMBOL_GPL(dccp_feat_change); + +static int dccp_feat_update_ccid(struct sock *sk, u8 type, u8 new_ccid_nr) +{ + struct dccp_sock *dp = dccp_sk(sk); + struct dccp_minisock *dmsk = dccp_msk(sk); + /* figure out if we are changing our CCID or the peer's */ + const int rx = type == DCCPO_CHANGE_R; + const u8 ccid_nr = rx ? dmsk->dccpms_rx_ccid : dmsk->dccpms_tx_ccid; + struct ccid *new_ccid; + + /* Check if nothing is being changed. */ + if (ccid_nr == new_ccid_nr) + return 0; + + new_ccid = ccid_new(new_ccid_nr, sk, rx, GFP_ATOMIC); + if (new_ccid == NULL) + return -ENOMEM; + + if (rx) { + ccid_hc_rx_delete(dp->dccps_hc_rx_ccid, sk); + dp->dccps_hc_rx_ccid = new_ccid; + dmsk->dccpms_rx_ccid = new_ccid_nr; + } else { + ccid_hc_tx_delete(dp->dccps_hc_tx_ccid, sk); + dp->dccps_hc_tx_ccid = new_ccid; + dmsk->dccpms_tx_ccid = new_ccid_nr; + } + + return 0; +} + +/* XXX taking only u8 vals */ +static int dccp_feat_update(struct sock *sk, u8 type, u8 feat, u8 val) +{ + dccp_pr_debug("changing [%d] feat %d to %d\n", type, feat, val); + + switch (feat) { + case DCCPF_CCID: + return dccp_feat_update_ccid(sk, type, val); + default: + dccp_pr_debug("IMPLEMENT changing [%d] feat %d to %d\n", + type, feat, val); + break; + } + return 0; +} + +static int dccp_feat_reconcile(struct sock *sk, struct dccp_opt_pend *opt, + u8 *rpref, u8 rlen) +{ + struct dccp_sock *dp = dccp_sk(sk); + u8 *spref, slen, *res = NULL; + int i, j, rc, agree = 1; + + BUG_ON(rpref == NULL); + + /* check if we are the black sheep */ + if (dp->dccps_role == DCCP_ROLE_CLIENT) { + spref = rpref; + slen = rlen; + rpref = opt->dccpop_val; + rlen = opt->dccpop_len; + } else { + spref = opt->dccpop_val; + slen = opt->dccpop_len; + } + /* + * Now we have server preference list in spref and client preference in + * rpref + */ + BUG_ON(spref == NULL); + BUG_ON(rpref == NULL); + + /* FIXME sanity check vals */ + + /* Are values in any order? XXX Lame "algorithm" here */ + /* XXX assume values are 1 byte */ + for (i = 0; i < slen; i++) { + for (j = 0; j < rlen; j++) { + if (spref[i] == rpref[j]) { + res = &spref[i]; + break; + } + } + if (res) + break; + } + + /* we didn't agree on anything */ + if (res == NULL) { + /* confirm previous value */ + switch (opt->dccpop_feat) { + case DCCPF_CCID: + /* XXX did i get this right? =P */ + if (opt->dccpop_type == DCCPO_CHANGE_L) + res = &dccp_msk(sk)->dccpms_tx_ccid; + else + res = &dccp_msk(sk)->dccpms_rx_ccid; + break; + + default: + WARN_ON(1); /* XXX implement res */ + return -EFAULT; + } + + dccp_pr_debug("Don't agree... reconfirming %d\n", *res); + agree = 0; /* this is used for mandatory options... */ + } + + /* need to put result and our preference list */ + /* XXX assume 1 byte vals */ + rlen = 1 + opt->dccpop_len; + rpref = kmalloc(rlen, GFP_ATOMIC); + if (rpref == NULL) + return -ENOMEM; + + *rpref = *res; + memcpy(&rpref[1], opt->dccpop_val, opt->dccpop_len); + + /* put it in the "confirm queue" */ + if (opt->dccpop_sc == NULL) { + opt->dccpop_sc = kmalloc(sizeof(*opt->dccpop_sc), GFP_ATOMIC); + if (opt->dccpop_sc == NULL) { + kfree(rpref); + return -ENOMEM; + } + } else { + /* recycle the confirm slot */ + BUG_ON(opt->dccpop_sc->dccpoc_val == NULL); + kfree(opt->dccpop_sc->dccpoc_val); + dccp_pr_debug("recycling confirm slot\n"); + } + memset(opt->dccpop_sc, 0, sizeof(*opt->dccpop_sc)); + + opt->dccpop_sc->dccpoc_val = rpref; + opt->dccpop_sc->dccpoc_len = rlen; + + /* update the option on our side [we are about to send the confirm] */ + rc = dccp_feat_update(sk, opt->dccpop_type, opt->dccpop_feat, *res); + if (rc) { + kfree(opt->dccpop_sc->dccpoc_val); + kfree(opt->dccpop_sc); + opt->dccpop_sc = 0; + return rc; + } + + dccp_pr_debug("Will confirm %d\n", *rpref); + + /* say we want to change to X but we just got a confirm X, suppress our + * change + */ + if (!opt->dccpop_conf) { + if (*opt->dccpop_val == *res) + opt->dccpop_conf = 1; + dccp_pr_debug("won't ask for change of same feature\n"); + } + + return agree ? 0 : DCCP_FEAT_SP_NOAGREE; /* used for mandatory opts */ +} + +static int dccp_feat_sp(struct sock *sk, u8 type, u8 feature, u8 *val, u8 len) +{ + struct dccp_minisock *dmsk = dccp_msk(sk); + struct dccp_opt_pend *opt; + int rc = 1; + u8 t; + + /* + * We received a CHANGE. We gotta match it against our own preference + * list. If we got a CHANGE_R it means it's a change for us, so we need + * to compare our CHANGE_L list. + */ + if (type == DCCPO_CHANGE_L) + t = DCCPO_CHANGE_R; + else + t = DCCPO_CHANGE_L; + + /* find our preference list for this feature */ + list_for_each_entry(opt, &dmsk->dccpms_pending, dccpop_node) { + if (opt->dccpop_type != t || opt->dccpop_feat != feature) + continue; + + /* find the winner from the two preference lists */ + rc = dccp_feat_reconcile(sk, opt, val, len); + break; + } + + /* We didn't deal with the change. This can happen if we have no + * preference list for the feature. In fact, it just shouldn't + * happen---if we understand a feature, we should have a preference list + * with at least the default value. + */ + BUG_ON(rc == 1); + + return rc; +} + +static int dccp_feat_nn(struct sock *sk, u8 type, u8 feature, u8 *val, u8 len) +{ + struct dccp_opt_pend *opt; + struct dccp_minisock *dmsk = dccp_msk(sk); + u8 *copy; + int rc; + + /* NN features must be change L */ + if (type == DCCPO_CHANGE_R) { + dccp_pr_debug("received CHANGE_R %d for NN feat %d\n", + type, feature); + return -EFAULT; + } + + /* XXX sanity check opt val */ + + /* copy option so we can confirm it */ + opt = kzalloc(sizeof(*opt), GFP_ATOMIC); + if (opt == NULL) + return -ENOMEM; + + copy = kmalloc(len, GFP_ATOMIC); + if (copy == NULL) { + kfree(opt); + return -ENOMEM; + } + memcpy(copy, val, len); + + opt->dccpop_type = DCCPO_CONFIRM_R; /* NN can only confirm R */ + opt->dccpop_feat = feature; + opt->dccpop_val = copy; + opt->dccpop_len = len; + + /* change feature */ + rc = dccp_feat_update(sk, type, feature, *val); + if (rc) { + kfree(opt->dccpop_val); + kfree(opt); + return rc; + } + + dccp_pr_debug("Confirming NN feature %d (val=%d)\n", feature, *copy); + list_add_tail(&opt->dccpop_node, &dmsk->dccpms_conf); + + return 0; +} + +static void dccp_feat_empty_confirm(struct dccp_minisock *dmsk, + u8 type, u8 feature) +{ + /* XXX check if other confirms for that are queued and recycle slot */ + struct dccp_opt_pend *opt = kzalloc(sizeof(*opt), GFP_ATOMIC); + + if (opt == NULL) { + /* XXX what do we do? Ignoring should be fine. It's a change + * after all =P + */ + return; + } + + opt->dccpop_type = type == DCCPO_CHANGE_L ? DCCPO_CONFIRM_R : + DCCPO_CONFIRM_L; + opt->dccpop_feat = feature; + opt->dccpop_val = 0; + opt->dccpop_len = 0; + + /* change feature */ + dccp_pr_debug("Empty confirm feature %d type %d\n", feature, type); + list_add_tail(&opt->dccpop_node, &dmsk->dccpms_conf); +} + +static void dccp_feat_flush_confirm(struct sock *sk) +{ + struct dccp_minisock *dmsk = dccp_msk(sk); + /* Check if there is anything to confirm in the first place */ + int yes = !list_empty(&dmsk->dccpms_conf); + + if (!yes) { + struct dccp_opt_pend *opt; + + list_for_each_entry(opt, &dmsk->dccpms_pending, dccpop_node) { + if (opt->dccpop_conf) { + yes = 1; + break; + } + } + } + + if (!yes) + return; + + /* OK there is something to confirm... */ + /* XXX check if packet is in flight? Send delayed ack?? */ + if (sk->sk_state == DCCP_OPEN) + dccp_send_ack(sk); +} + +int dccp_feat_change_recv(struct sock *sk, u8 type, u8 feature, u8 *val, u8 len) +{ + int rc; + + dccp_pr_debug("got feat change type=%d feat=%d\n", type, feature); + + /* figure out if it's SP or NN feature */ + switch (feature) { + /* deal with SP features */ + case DCCPF_CCID: + rc = dccp_feat_sp(sk, type, feature, val, len); + break; + + /* deal with NN features */ + case DCCPF_ACK_RATIO: + rc = dccp_feat_nn(sk, type, feature, val, len); + break; + + /* XXX implement other features */ + default: + rc = -EFAULT; + break; + } + + /* check if there were problems changing features */ + if (rc) { + /* If we don't agree on SP, we sent a confirm for old value. + * However we propagate rc to caller in case option was + * mandatory + */ + if (rc != DCCP_FEAT_SP_NOAGREE) + dccp_feat_empty_confirm(dccp_msk(sk), type, feature); + } + + /* generate the confirm [if required] */ + dccp_feat_flush_confirm(sk); + + return rc; +} + +EXPORT_SYMBOL_GPL(dccp_feat_change_recv); + +int dccp_feat_confirm_recv(struct sock *sk, u8 type, u8 feature, + u8 *val, u8 len) +{ + u8 t; + struct dccp_opt_pend *opt; + struct dccp_minisock *dmsk = dccp_msk(sk); + int rc = 1; + int all_confirmed = 1; + + dccp_pr_debug("got feat confirm type=%d feat=%d\n", type, feature); + + /* XXX sanity check type & feat */ + + /* locate our change request */ + t = type == DCCPO_CONFIRM_L ? DCCPO_CHANGE_R : DCCPO_CHANGE_L; + + list_for_each_entry(opt, &dmsk->dccpms_pending, dccpop_node) { + if (!opt->dccpop_conf && opt->dccpop_type == t && + opt->dccpop_feat == feature) { + /* we found it */ + /* XXX do sanity check */ + + opt->dccpop_conf = 1; + + /* We got a confirmation---change the option */ + dccp_feat_update(sk, opt->dccpop_type, + opt->dccpop_feat, *val); + + dccp_pr_debug("feat %d type %d confirmed %d\n", + feature, type, *val); + rc = 0; + break; + } + + if (!opt->dccpop_conf) + all_confirmed = 0; + } + + /* fix re-transmit timer */ + /* XXX gotta make sure that no option negotiation occurs during + * connection shutdown. Consider that the CLOSEREQ is sent and timer is + * on. if all options are confirmed it might kill timer which should + * remain alive until close is received. + */ + if (all_confirmed) { + dccp_pr_debug("clear feat negotiation timer %p\n", sk); + inet_csk_clear_xmit_timer(sk, ICSK_TIME_RETRANS); + } + + if (rc) + dccp_pr_debug("feat %d type %d never requested\n", + feature, type); + return 0; +} + +EXPORT_SYMBOL_GPL(dccp_feat_confirm_recv); + +void dccp_feat_clean(struct dccp_minisock *dmsk) +{ + struct dccp_opt_pend *opt, *next; + + list_for_each_entry_safe(opt, next, &dmsk->dccpms_pending, + dccpop_node) { + BUG_ON(opt->dccpop_val == NULL); + kfree(opt->dccpop_val); + + if (opt->dccpop_sc != NULL) { + BUG_ON(opt->dccpop_sc->dccpoc_val == NULL); + kfree(opt->dccpop_sc->dccpoc_val); + kfree(opt->dccpop_sc); + } + + kfree(opt); + } + INIT_LIST_HEAD(&dmsk->dccpms_pending); + + list_for_each_entry_safe(opt, next, &dmsk->dccpms_conf, dccpop_node) { + BUG_ON(opt == NULL); + if (opt->dccpop_val != NULL) + kfree(opt->dccpop_val); + kfree(opt); + } + INIT_LIST_HEAD(&dmsk->dccpms_conf); +} + +EXPORT_SYMBOL_GPL(dccp_feat_clean); + +/* this is to be called only when a listening sock creates its child. It is + * assumed by the function---the confirm is not duplicated, but rather it is + * "passed on". + */ +int dccp_feat_clone(struct sock *oldsk, struct sock *newsk) +{ + struct dccp_minisock *olddmsk = dccp_msk(oldsk); + struct dccp_minisock *newdmsk = dccp_msk(newsk); + struct dccp_opt_pend *opt; + int rc = 0; + + INIT_LIST_HEAD(&newdmsk->dccpms_pending); + INIT_LIST_HEAD(&newdmsk->dccpms_conf); + + list_for_each_entry(opt, &olddmsk->dccpms_pending, dccpop_node) { + struct dccp_opt_pend *newopt; + /* copy the value of the option */ + u8 *val = kmalloc(opt->dccpop_len, GFP_ATOMIC); + + if (val == NULL) + goto out_clean; + memcpy(val, opt->dccpop_val, opt->dccpop_len); + + newopt = kmalloc(sizeof(*newopt), GFP_ATOMIC); + if (newopt == NULL) { + kfree(val); + goto out_clean; + } + + /* insert the option */ + memcpy(newopt, opt, sizeof(*newopt)); + newopt->dccpop_val = val; + list_add_tail(&newopt->dccpop_node, &newdmsk->dccpms_pending); + + /* XXX what happens with backlogs and multiple connections at + * once... + */ + /* the master socket no longer needs to worry about confirms */ + opt->dccpop_sc = 0; /* it's not a memleak---new socket has it */ + + /* reset state for a new socket */ + opt->dccpop_conf = 0; + } + + /* XXX not doing anything about the conf queue */ + +out: + return rc; + +out_clean: + dccp_feat_clean(newdmsk); + rc = -ENOMEM; + goto out; +} + +EXPORT_SYMBOL_GPL(dccp_feat_clone); + +static int __dccp_feat_init(struct dccp_minisock *dmsk, u8 type, u8 feat, + u8 *val, u8 len) +{ + int rc = -ENOMEM; + u8 *copy = kmalloc(len, GFP_KERNEL); + + if (copy != NULL) { + memcpy(copy, val, len); + rc = dccp_feat_change(dmsk, type, feat, copy, len, GFP_KERNEL); + if (rc) + kfree(copy); + } + return rc; +} + +int dccp_feat_init(struct dccp_minisock *dmsk) +{ + int rc; + + INIT_LIST_HEAD(&dmsk->dccpms_pending); + INIT_LIST_HEAD(&dmsk->dccpms_conf); + + /* CCID L */ + rc = __dccp_feat_init(dmsk, DCCPO_CHANGE_L, DCCPF_CCID, + &dmsk->dccpms_tx_ccid, 1); + if (rc) + goto out; + + /* CCID R */ + rc = __dccp_feat_init(dmsk, DCCPO_CHANGE_R, DCCPF_CCID, + &dmsk->dccpms_rx_ccid, 1); + if (rc) + goto out; + + /* Ack ratio */ + rc = __dccp_feat_init(dmsk, DCCPO_CHANGE_L, DCCPF_ACK_RATIO, + &dmsk->dccpms_ack_ratio, 1); +out: + return rc; +} + +EXPORT_SYMBOL_GPL(dccp_feat_init); diff --git a/net/dccp/feat.h b/net/dccp/feat.h new file mode 100644 index 0000000..6048373 --- /dev/null +++ b/net/dccp/feat.h @@ -0,0 +1,29 @@ +#ifndef _DCCP_FEAT_H +#define _DCCP_FEAT_H +/* + * net/dccp/feat.h + * + * An implementation of the DCCP protocol + * Copyright (c) 2005 Andrea Bittau <a.bittau@cs.ucl.ac.uk> + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + */ + +#include <linux/types.h> + +struct sock; +struct dccp_minisock; + +extern int dccp_feat_change(struct dccp_minisock *dmsk, u8 type, u8 feature, + u8 *val, u8 len, gfp_t gfp); +extern int dccp_feat_change_recv(struct sock *sk, u8 type, u8 feature, + u8 *val, u8 len); +extern int dccp_feat_confirm_recv(struct sock *sk, u8 type, u8 feature, + u8 *val, u8 len); +extern void dccp_feat_clean(struct dccp_minisock *dmsk); +extern int dccp_feat_clone(struct sock *oldsk, struct sock *newsk); +extern int dccp_feat_init(struct dccp_minisock *dmsk); + +#endif /* _DCCP_FEAT_H */ diff --git a/net/dccp/input.c b/net/dccp/input.c index b6cba72..bfc5366 100644 --- a/net/dccp/input.c +++ b/net/dccp/input.c @@ -32,7 +32,7 @@ static void dccp_fin(struct sock *sk, struct sk_buff *skb) static void dccp_rcv_close(struct sock *sk, struct sk_buff *skb) { - dccp_v4_send_reset(sk, DCCP_RESET_CODE_CLOSED); + dccp_send_reset(sk, DCCP_RESET_CODE_CLOSED); dccp_fin(sk, skb); dccp_set_state(sk, DCCP_CLOSED); sk_wake_async(sk, 1, POLL_HUP); @@ -56,11 +56,11 @@ static void dccp_rcv_closereq(struct sock *sk, struct sk_buff *skb) dccp_send_close(sk, 0); } -static inline void dccp_event_ack_recv(struct sock *sk, struct sk_buff *skb) +static void dccp_event_ack_recv(struct sock *sk, struct sk_buff *skb) { struct dccp_sock *dp = dccp_sk(sk); - if (dp->dccps_options.dccpo_send_ack_vector) + if (dccp_msk(sk)->dccpms_send_ack_vector) dccp_ackvec_check_rcv_ackno(dp->dccps_hc_rx_ackvec, sk, DCCP_SKB_CB(skb)->dccpd_ack_seq); } @@ -151,9 +151,8 @@ static int dccp_check_seqno(struct sock *sk, struct sk_buff *skb) return 0; } -static inline int __dccp_rcv_established(struct sock *sk, struct sk_buff *skb, - const struct dccp_hdr *dh, - const unsigned len) +static int __dccp_rcv_established(struct sock *sk, struct sk_buff *skb, + const struct dccp_hdr *dh, const unsigned len) { struct dccp_sock *dp = dccp_sk(sk); @@ -247,7 +246,7 @@ int dccp_rcv_established(struct sock *sk, struct sk_buff *skb, if (DCCP_SKB_CB(skb)->dccpd_ack_seq != DCCP_PKT_WITHOUT_ACK_SEQ) dccp_event_ack_recv(sk, skb); - if (dp->dccps_options.dccpo_send_ack_vector && + if (dccp_msk(sk)->dccpms_send_ack_vector && dccp_ackvec_add(dp->dccps_hc_rx_ackvec, sk, DCCP_SKB_CB(skb)->dccpd_seq, DCCP_ACKVEC_STATE_RECEIVED)) @@ -300,7 +299,10 @@ static int dccp_rcv_request_sent_state_process(struct sock *sk, goto out_invalid_packet; } - if (dp->dccps_options.dccpo_send_ack_vector && + if (dccp_parse_options(sk, skb)) + goto out_invalid_packet; + + if (dccp_msk(sk)->dccpms_send_ack_vector && dccp_ackvec_add(dp->dccps_hc_rx_ackvec, sk, DCCP_SKB_CB(skb)->dccpd_seq, DCCP_ACKVEC_STATE_RECEIVED)) @@ -321,14 +323,6 @@ static int dccp_rcv_request_sent_state_process(struct sock *sk, dccp_set_seqno(&dp->dccps_swl, max48(dp->dccps_swl, dp->dccps_isr)); - if (ccid_hc_rx_init(dp->dccps_hc_rx_ccid, sk) != 0 || - ccid_hc_tx_init(dp->dccps_hc_tx_ccid, sk) != 0) { - ccid_hc_rx_exit(dp->dccps_hc_rx_ccid, sk); - ccid_hc_tx_exit(dp->dccps_hc_tx_ccid, sk); - /* FIXME: send appropriate RESET code */ - goto out_invalid_packet; - } - dccp_sync_mss(sk, icsk->icsk_pmtu_cookie); /* @@ -492,7 +486,7 @@ int dccp_rcv_state_process(struct sock *sk, struct sk_buff *skb, if (dcb->dccpd_ack_seq != DCCP_PKT_WITHOUT_ACK_SEQ) dccp_event_ack_recv(sk, skb); - if (dp->dccps_options.dccpo_send_ack_vector && + if (dccp_msk(sk)->dccpms_send_ack_vector && dccp_ackvec_add(dp->dccps_hc_rx_ackvec, sk, DCCP_SKB_CB(skb)->dccpd_seq, DCCP_ACKVEC_STATE_RECEIVED)) diff --git a/net/dccp/ipv4.c b/net/dccp/ipv4.c index dc0487b..2904799 100644 --- a/net/dccp/ipv4.c +++ b/net/dccp/ipv4.c @@ -18,8 +18,10 @@ #include <linux/random.h> #include <net/icmp.h> +#include <net/inet_common.h> #include <net/inet_hashtables.h> #include <net/inet_sock.h> +#include <net/protocol.h> #include <net/sock.h> #include <net/timewait_sock.h> #include <net/tcp_states.h> @@ -28,14 +30,14 @@ #include "ackvec.h" #include "ccid.h" #include "dccp.h" +#include "feat.h" -struct inet_hashinfo __cacheline_aligned dccp_hashinfo = { - .lhash_lock = RW_LOCK_UNLOCKED, - .lhash_users = ATOMIC_INIT(0), - .lhash_wait = __WAIT_QUEUE_HEAD_INITIALIZER(dccp_hashinfo.lhash_wait), -}; - -EXPORT_SYMBOL_GPL(dccp_hashinfo); +/* + * This is the global socket data structure used for responding to + * the Out-of-the-blue (OOTB) packets. A control sock will be created + * for this socket at the initialization time. + */ +static struct socket *dccp_v4_ctl_socket; static int dccp_v4_get_port(struct sock *sk, const unsigned short snum) { @@ -43,18 +45,6 @@ static int dccp_v4_get_port(struct sock *sk, const unsigned short snum) inet_csk_bind_conflict); } -static void dccp_v4_hash(struct sock *sk) -{ - inet_hash(&dccp_hashinfo, sk); -} - -void dccp_unhash(struct sock *sk) -{ - inet_unhash(&dccp_hashinfo, sk); -} - -EXPORT_SYMBOL_GPL(dccp_unhash); - int dccp_v4_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len) { struct inet_sock *inet = inet_sk(sk); @@ -207,11 +197,12 @@ static inline void dccp_do_pmtu_discovery(struct sock *sk, } /* else let the usual retransmit timer handle it */ } -static void dccp_v4_ctl_send_ack(struct sk_buff *rxskb) +static void dccp_v4_reqsk_send_ack(struct sk_buff *rxskb, + struct request_sock *req) { int err; struct dccp_hdr *rxdh = dccp_hdr(rxskb), *dh; - const int dccp_hdr_ack_len = sizeof(struct dccp_hdr) + + const u32 dccp_hdr_ack_len = sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits); struct sk_buff *skb; @@ -219,12 +210,12 @@ static void dccp_v4_ctl_send_ack(struct sk_buff *rxskb) if (((struct rtable *)rxskb->dst)->rt_type != RTN_LOCAL) return; - skb = alloc_skb(MAX_DCCP_HEADER + 15, GFP_ATOMIC); + skb = alloc_skb(dccp_v4_ctl_socket->sk->sk_prot->max_header, GFP_ATOMIC); if (skb == NULL) return; /* Reserve space for headers. */ - skb_reserve(skb, MAX_DCCP_HEADER); + skb_reserve(skb, dccp_v4_ctl_socket->sk->sk_prot->max_header); skb->dst = dst_clone(rxskb->dst); @@ -243,11 +234,11 @@ static void dccp_v4_ctl_send_ack(struct sk_buff *rxskb) dccp_hdr_set_ack(dccp_hdr_ack_bits(skb), DCCP_SKB_CB(rxskb)->dccpd_seq); - bh_lock_sock(dccp_ctl_socket->sk); - err = ip_build_and_send_pkt(skb, dccp_ctl_socket->sk, + bh_lock_sock(dccp_v4_ctl_socket->sk); + err = ip_build_and_send_pkt(skb, dccp_v4_ctl_socket->sk, rxskb->nh.iph->daddr, rxskb->nh.iph->saddr, NULL); - bh_unlock_sock(dccp_ctl_socket->sk); + bh_unlock_sock(dccp_v4_ctl_socket->sk); if (err == NET_XMIT_CN || err == 0) { DCCP_INC_STATS_BH(DCCP_MIB_OUTSEGS); @@ -255,12 +246,6 @@ static void dccp_v4_ctl_send_ack(struct sk_buff *rxskb) } } -static void dccp_v4_reqsk_send_ack(struct sk_buff *skb, - struct request_sock *req) -{ - dccp_v4_ctl_send_ack(skb); -} - static int dccp_v4_send_response(struct sock *sk, struct request_sock *req, struct dst_entry *dst) { @@ -275,7 +260,10 @@ static int dccp_v4_send_response(struct sock *sk, struct request_sock *req, skb = dccp_make_response(sk, dst, req); if (skb != NULL) { const struct inet_request_sock *ireq = inet_rsk(req); + struct dccp_hdr *dh = dccp_hdr(skb); + dh->dccph_checksum = dccp_v4_checksum(skb, ireq->loc_addr, + ireq->rmt_addr); memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt)); err = ip_build_and_send_pkt(skb, sk, ireq->loc_addr, ireq->rmt_addr, @@ -301,7 +289,7 @@ out: * check at all. A more general error queue to queue errors for later handling * is probably better. */ -void dccp_v4_err(struct sk_buff *skb, u32 info) +static void dccp_v4_err(struct sk_buff *skb, u32 info) { const struct iphdr *iph = (struct iphdr *)skb->data; const struct dccp_hdr *dh = (struct dccp_hdr *)(skb->data + @@ -456,32 +444,6 @@ void dccp_v4_send_check(struct sock *sk, int len, struct sk_buff *skb) EXPORT_SYMBOL_GPL(dccp_v4_send_check); -int dccp_v4_send_reset(struct sock *sk, enum dccp_reset_codes code) -{ - struct sk_buff *skb; - /* - * FIXME: what if rebuild_header fails? - * Should we be doing a rebuild_header here? - */ - int err = inet_sk_rebuild_header(sk); - - if (err != 0) - return err; - - skb = dccp_make_reset(sk, sk->sk_dst_cache, code); - if (skb != NULL) { - const struct inet_sock *inet = inet_sk(sk); - - memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt)); - err = ip_build_and_send_pkt(skb, sk, - inet->saddr, inet->daddr, NULL); - if (err == NET_XMIT_CN) - err = 0; - } - - return err; -} - static inline u64 dccp_v4_init_sequence(const struct sock *sk, const struct sk_buff *skb) { @@ -497,9 +459,9 @@ int dccp_v4_conn_request(struct sock *sk, struct sk_buff *skb) struct dccp_sock dp; struct request_sock *req; struct dccp_request_sock *dreq; - const __u32 saddr = skb->nh.iph->saddr; - const __u32 daddr = skb->nh.iph->daddr; - const __u32 service = dccp_hdr_request(skb)->dccph_req_service; + const __be32 saddr = skb->nh.iph->saddr; + const __be32 daddr = skb->nh.iph->daddr; + const __be32 service = dccp_hdr_request(skb)->dccph_req_service; struct dccp_skb_cb *dcb = DCCP_SKB_CB(skb); __u8 reset_code = DCCP_RESET_CODE_TOO_BUSY; @@ -535,7 +497,8 @@ int dccp_v4_conn_request(struct sock *sk, struct sk_buff *skb) if (req == NULL) goto drop; - /* FIXME: process options */ + if (dccp_parse_options(sk, skb)) + goto drop; dccp_openreq_init(req, &dp, skb); @@ -660,8 +623,8 @@ static struct sock *dccp_v4_hnd_req(struct sock *sk, struct sk_buff *skb) return sk; } -int dccp_v4_checksum(const struct sk_buff *skb, const u32 saddr, - const u32 daddr) +int dccp_v4_checksum(const struct sk_buff *skb, const __be32 saddr, + const __be32 daddr) { const struct dccp_hdr* dh = dccp_hdr(skb); int checksum_len; @@ -680,8 +643,10 @@ int dccp_v4_checksum(const struct sk_buff *skb, const u32 saddr, IPPROTO_DCCP, tmp); } +EXPORT_SYMBOL_GPL(dccp_v4_checksum); + static int dccp_v4_verify_checksum(struct sk_buff *skb, - const u32 saddr, const u32 daddr) + const __be32 saddr, const __be32 daddr) { struct dccp_hdr *dh = dccp_hdr(skb); int checksum_len; @@ -741,16 +706,17 @@ static void dccp_v4_ctl_send_reset(struct sk_buff *rxskb) if (((struct rtable *)rxskb->dst)->rt_type != RTN_LOCAL) return; - dst = dccp_v4_route_skb(dccp_ctl_socket->sk, rxskb); + dst = dccp_v4_route_skb(dccp_v4_ctl_socket->sk, rxskb); if (dst == NULL) return; - skb = alloc_skb(MAX_DCCP_HEADER + 15, GFP_ATOMIC); + skb = alloc_skb(dccp_v4_ctl_socket->sk->sk_prot->max_header, + GFP_ATOMIC); if (skb == NULL) goto out; /* Reserve space for headers. */ - skb_reserve(skb, MAX_DCCP_HEADER); + skb_reserve(skb, dccp_v4_ctl_socket->sk->sk_prot->max_header); skb->dst = dst_clone(dst); skb->h.raw = skb_push(skb, dccp_hdr_reset_len); @@ -778,11 +744,11 @@ static void dccp_v4_ctl_send_reset(struct sk_buff *rxskb) dh->dccph_checksum = dccp_v4_checksum(skb, rxskb->nh.iph->saddr, rxskb->nh.iph->daddr); - bh_lock_sock(dccp_ctl_socket->sk); - err = ip_build_and_send_pkt(skb, dccp_ctl_socket->sk, + bh_lock_sock(dccp_v4_ctl_socket->sk); + err = ip_build_and_send_pkt(skb, dccp_v4_ctl_socket->sk, rxskb->nh.iph->daddr, rxskb->nh.iph->saddr, NULL); - bh_unlock_sock(dccp_ctl_socket->sk); + bh_unlock_sock(dccp_v4_ctl_socket->sk); if (err == NET_XMIT_CN || err == 0) { DCCP_INC_STATS_BH(DCCP_MIB_OUTSEGS); @@ -912,7 +878,7 @@ int dccp_invalid_packet(struct sk_buff *skb) EXPORT_SYMBOL_GPL(dccp_invalid_packet); /* this is called when real data arrives */ -int dccp_v4_rcv(struct sk_buff *skb) +static int dccp_v4_rcv(struct sk_buff *skb) { const struct dccp_hdr *dh; struct sock *sk; @@ -1019,111 +985,37 @@ do_time_wait: goto no_dccp_socket; } -struct inet_connection_sock_af_ops dccp_ipv4_af_ops = { - .queue_xmit = ip_queue_xmit, - .send_check = dccp_v4_send_check, - .rebuild_header = inet_sk_rebuild_header, - .conn_request = dccp_v4_conn_request, - .syn_recv_sock = dccp_v4_request_recv_sock, - .net_header_len = sizeof(struct iphdr), - .setsockopt = ip_setsockopt, - .getsockopt = ip_getsockopt, - .addr2sockaddr = inet_csk_addr2sockaddr, - .sockaddr_len = sizeof(struct sockaddr_in), +static struct inet_connection_sock_af_ops dccp_ipv4_af_ops = { + .queue_xmit = ip_queue_xmit, + .send_check = dccp_v4_send_check, + .rebuild_header = inet_sk_rebuild_header, + .conn_request = dccp_v4_conn_request, + .syn_recv_sock = dccp_v4_request_recv_sock, + .net_header_len = sizeof(struct iphdr), + .setsockopt = ip_setsockopt, + .getsockopt = ip_getsockopt, + .addr2sockaddr = inet_csk_addr2sockaddr, + .sockaddr_len = sizeof(struct sockaddr_in), +#ifdef CONFIG_COMPAT + .compat_setsockopt = compat_ip_setsockopt, + .compat_getsockopt = compat_ip_getsockopt, +#endif }; -int dccp_v4_init_sock(struct sock *sk) -{ - struct dccp_sock *dp = dccp_sk(sk); - struct inet_connection_sock *icsk = inet_csk(sk); - static int dccp_ctl_socket_init = 1; - - dccp_options_init(&dp->dccps_options); - do_gettimeofday(&dp->dccps_epoch); - - if (dp->dccps_options.dccpo_send_ack_vector) { - dp->dccps_hc_rx_ackvec = dccp_ackvec_alloc(DCCP_MAX_ACKVEC_LEN, - GFP_KERNEL); - if (dp->dccps_hc_rx_ackvec == NULL) - return -ENOMEM; - } - - /* - * FIXME: We're hardcoding the CCID, and doing this at this point makes - * the listening (master) sock get CCID control blocks, which is not - * necessary, but for now, to not mess with the test userspace apps, - * lets leave it here, later the real solution is to do this in a - * setsockopt(CCIDs-I-want/accept). -acme - */ - if (likely(!dccp_ctl_socket_init)) { - dp->dccps_hc_rx_ccid = ccid_init(dp->dccps_options.dccpo_rx_ccid, - sk); - dp->dccps_hc_tx_ccid = ccid_init(dp->dccps_options.dccpo_tx_ccid, - sk); - if (dp->dccps_hc_rx_ccid == NULL || - dp->dccps_hc_tx_ccid == NULL) { - ccid_exit(dp->dccps_hc_rx_ccid, sk); - ccid_exit(dp->dccps_hc_tx_ccid, sk); - if (dp->dccps_options.dccpo_send_ack_vector) { - dccp_ackvec_free(dp->dccps_hc_rx_ackvec); - dp->dccps_hc_rx_ackvec = NULL; - } - dp->dccps_hc_rx_ccid = dp->dccps_hc_tx_ccid = NULL; - return -ENOMEM; - } - } else - dccp_ctl_socket_init = 0; - - dccp_init_xmit_timers(sk); - icsk->icsk_rto = DCCP_TIMEOUT_INIT; - sk->sk_state = DCCP_CLOSED; - sk->sk_write_space = dccp_write_space; - icsk->icsk_af_ops = &dccp_ipv4_af_ops; - icsk->icsk_sync_mss = dccp_sync_mss; - dp->dccps_mss_cache = 536; - dp->dccps_role = DCCP_ROLE_UNDEFINED; - dp->dccps_service = DCCP_SERVICE_INVALID_VALUE; - - return 0; -} - -EXPORT_SYMBOL_GPL(dccp_v4_init_sock); - -int dccp_v4_destroy_sock(struct sock *sk) +static int dccp_v4_init_sock(struct sock *sk) { - struct dccp_sock *dp = dccp_sk(sk); + static __u8 dccp_v4_ctl_sock_initialized; + int err = dccp_init_sock(sk, dccp_v4_ctl_sock_initialized); - /* - * DCCP doesn't use sk_write_queue, just sk_send_head - * for retransmissions - */ - if (sk->sk_send_head != NULL) { - kfree_skb(sk->sk_send_head); - sk->sk_send_head = NULL; + if (err == 0) { + if (unlikely(!dccp_v4_ctl_sock_initialized)) + dccp_v4_ctl_sock_initialized = 1; + inet_csk(sk)->icsk_af_ops = &dccp_ipv4_af_ops; } - /* Clean up a referenced DCCP bind bucket. */ - if (inet_csk(sk)->icsk_bind_hash != NULL) - inet_put_port(&dccp_hashinfo, sk); - - kfree(dp->dccps_service_list); - dp->dccps_service_list = NULL; - - ccid_hc_rx_exit(dp->dccps_hc_rx_ccid, sk); - ccid_hc_tx_exit(dp->dccps_hc_tx_ccid, sk); - if (dp->dccps_options.dccpo_send_ack_vector) { - dccp_ackvec_free(dp->dccps_hc_rx_ackvec); - dp->dccps_hc_rx_ackvec = NULL; - } - ccid_exit(dp->dccps_hc_rx_ccid, sk); - ccid_exit(dp->dccps_hc_tx_ccid, sk); - dp->dccps_hc_rx_ccid = dp->dccps_hc_tx_ccid = NULL; - - return 0; + return err; } -EXPORT_SYMBOL_GPL(dccp_v4_destroy_sock); - static void dccp_v4_reqsk_destructor(struct request_sock *req) { kfree(inet_rsk(req)->opt); @@ -1142,7 +1034,7 @@ static struct timewait_sock_ops dccp_timewait_sock_ops = { .twsk_obj_size = sizeof(struct inet_timewait_sock), }; -struct proto dccp_prot = { +static struct proto dccp_v4_prot = { .name = "DCCP", .owner = THIS_MODULE, .close = dccp_close, @@ -1155,17 +1047,110 @@ struct proto dccp_prot = { .sendmsg = dccp_sendmsg, .recvmsg = dccp_recvmsg, .backlog_rcv = dccp_v4_do_rcv, - .hash = dccp_v4_hash, + .hash = dccp_hash, .unhash = dccp_unhash, .accept = inet_csk_accept, .get_port = dccp_v4_get_port, .shutdown = dccp_shutdown, - .destroy = dccp_v4_destroy_sock, + .destroy = dccp_destroy_sock, .orphan_count = &dccp_orphan_count, .max_header = MAX_DCCP_HEADER, .obj_size = sizeof(struct dccp_sock), .rsk_prot = &dccp_request_sock_ops, .twsk_prot = &dccp_timewait_sock_ops, +#ifdef CONFIG_COMPAT + .compat_setsockopt = compat_dccp_setsockopt, + .compat_getsockopt = compat_dccp_getsockopt, +#endif +}; + +static struct net_protocol dccp_v4_protocol = { + .handler = dccp_v4_rcv, + .err_handler = dccp_v4_err, + .no_policy = 1, +}; + +static const struct proto_ops inet_dccp_ops = { + .family = PF_INET, + .owner = THIS_MODULE, + .release = inet_release, + .bind = inet_bind, + .connect = inet_stream_connect, + .socketpair = sock_no_socketpair, + .accept = inet_accept, + .getname = inet_getname, + /* FIXME: work on tcp_poll to rename it to inet_csk_poll */ + .poll = dccp_poll, + .ioctl = inet_ioctl, + /* FIXME: work on inet_listen to rename it to sock_common_listen */ + .listen = inet_dccp_listen, + .shutdown = inet_shutdown, + .setsockopt = sock_common_setsockopt, + .getsockopt = sock_common_getsockopt, + .sendmsg = inet_sendmsg, + .recvmsg = sock_common_recvmsg, + .mmap = sock_no_mmap, + .sendpage = sock_no_sendpage, +#ifdef CONFIG_COMPAT + .compat_setsockopt = compat_sock_common_setsockopt, + .compat_getsockopt = compat_sock_common_getsockopt, +#endif }; -EXPORT_SYMBOL_GPL(dccp_prot); +static struct inet_protosw dccp_v4_protosw = { + .type = SOCK_DCCP, + .protocol = IPPROTO_DCCP, + .prot = &dccp_v4_prot, + .ops = &inet_dccp_ops, + .capability = -1, + .no_check = 0, + .flags = INET_PROTOSW_ICSK, +}; + +static int __init dccp_v4_init(void) +{ + int err = proto_register(&dccp_v4_prot, 1); + + if (err != 0) + goto out; + + err = inet_add_protocol(&dccp_v4_protocol, IPPROTO_DCCP); + if (err != 0) + goto out_proto_unregister; + + inet_register_protosw(&dccp_v4_protosw); + + err = inet_csk_ctl_sock_create(&dccp_v4_ctl_socket, PF_INET, + SOCK_DCCP, IPPROTO_DCCP); + if (err) + goto out_unregister_protosw; +out: + return err; +out_unregister_protosw: + inet_unregister_protosw(&dccp_v4_protosw); + inet_del_protocol(&dccp_v4_protocol, IPPROTO_DCCP); +out_proto_unregister: + proto_unregister(&dccp_v4_prot); + goto out; +} + +static void __exit dccp_v4_exit(void) +{ + inet_unregister_protosw(&dccp_v4_protosw); + inet_del_protocol(&dccp_v4_protocol, IPPROTO_DCCP); + proto_unregister(&dccp_v4_prot); +} + +module_init(dccp_v4_init); +module_exit(dccp_v4_exit); + +/* + * __stringify doesn't likes enums, so use SOCK_DCCP (6) and IPPROTO_DCCP (33) + * values directly, Also cover the case where the protocol is not specified, + * i.e. net-pf-PF_INET-proto-0-type-SOCK_DCCP + */ +MODULE_ALIAS("net-pf-" __stringify(PF_INET) "-proto-33-type-6"); +MODULE_ALIAS("net-pf-" __stringify(PF_INET) "-proto-0-type-6"); +MODULE_LICENSE("GPL"); +MODULE_AUTHOR("Arnaldo Carvalho de Melo <acme@mandriva.com>"); +MODULE_DESCRIPTION("DCCP - Datagram Congestion Controlled Protocol"); diff --git a/net/dccp/ipv6.c b/net/dccp/ipv6.c index 80c4d04..65e2ab0 100644 --- a/net/dccp/ipv6.c +++ b/net/dccp/ipv6.c @@ -1,6 +1,6 @@ /* * DCCP over IPv6 - * Linux INET6 implementation + * Linux INET6 implementation * * Based on net/dccp6/ipv6.c * @@ -33,6 +33,9 @@ #include "dccp.h" #include "ipv6.h" +/* Socket used for sending RSTs and ACKs */ +static struct socket *dccp_v6_ctl_socket; + static void dccp_v6_ctl_send_reset(struct sk_buff *skb); static void dccp_v6_reqsk_send_ack(struct sk_buff *skb, struct request_sock *req); @@ -53,7 +56,7 @@ static void dccp_v6_hash(struct sock *sk) { if (sk->sk_state != DCCP_CLOSED) { if (inet_csk(sk)->icsk_af_ops == &dccp_ipv6_mapped) { - dccp_prot.hash(sk); + dccp_hash(sk); return; } local_bh_disable(); @@ -63,8 +66,8 @@ static void dccp_v6_hash(struct sock *sk) } static inline u16 dccp_v6_check(struct dccp_hdr *dh, int len, - struct in6_addr *saddr, - struct in6_addr *daddr, + struct in6_addr *saddr, + struct in6_addr *daddr, unsigned long base) { return csum_ipv6_magic(saddr, daddr, len, IPPROTO_DCCP, base); @@ -79,17 +82,17 @@ static __u32 dccp_v6_init_sequence(struct sock *sk, struct sk_buff *skb) skb->nh.ipv6h->saddr.s6_addr32, dh->dccph_dport, dh->dccph_sport); - else - return secure_dccp_sequence_number(skb->nh.iph->daddr, - skb->nh.iph->saddr, - dh->dccph_dport, - dh->dccph_sport); + + return secure_dccp_sequence_number(skb->nh.iph->daddr, + skb->nh.iph->saddr, + dh->dccph_dport, + dh->dccph_sport); } -static int dccp_v6_connect(struct sock *sk, struct sockaddr *uaddr, +static int dccp_v6_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len) { - struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr; + struct sockaddr_in6 *usin = (struct sockaddr_in6 *)uaddr; struct inet_connection_sock *icsk = inet_csk(sk); struct inet_sock *inet = inet_sk(sk); struct ipv6_pinfo *np = inet6_sk(sk); @@ -102,10 +105,10 @@ static int dccp_v6_connect(struct sock *sk, struct sockaddr *uaddr, dp->dccps_role = DCCP_ROLE_CLIENT; - if (addr_len < SIN6_LEN_RFC2133) + if (addr_len < SIN6_LEN_RFC2133) return -EINVAL; - if (usin->sin6_family != AF_INET6) + if (usin->sin6_family != AF_INET6) return -EAFNOSUPPORT; memset(&fl, 0, sizeof(fl)); @@ -122,17 +125,15 @@ static int dccp_v6_connect(struct sock *sk, struct sockaddr *uaddr, fl6_sock_release(flowlabel); } } - /* - * connect() to INADDR_ANY means loopback (BSD'ism). - */ - - if (ipv6_addr_any(&usin->sin6_addr)) - usin->sin6_addr.s6_addr[15] = 0x1; + * connect() to INADDR_ANY means loopback (BSD'ism). + */ + if (ipv6_addr_any(&usin->sin6_addr)) + usin->sin6_addr.s6_addr[15] = 1; addr_type = ipv6_addr_type(&usin->sin6_addr); - if(addr_type & IPV6_ADDR_MULTICAST) + if (addr_type & IPV6_ADDR_MULTICAST) return -ENETUNREACH; if (addr_type & IPV6_ADDR_LINKLOCAL) { @@ -157,9 +158,8 @@ static int dccp_v6_connect(struct sock *sk, struct sockaddr *uaddr, np->flow_label = fl.fl6_flowlabel; /* - * DCCP over IPv4 + * DCCP over IPv4 */ - if (addr_type == IPV6_ADDR_MAPPED) { u32 exthdrlen = icsk->icsk_ext_hdr_len; struct sockaddr_in sin; @@ -177,7 +177,6 @@ static int dccp_v6_connect(struct sock *sk, struct sockaddr *uaddr, sk->sk_backlog_rcv = dccp_v4_do_rcv; err = dccp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin)); - if (err) { icsk->icsk_ext_hdr_len = exthdrlen; icsk->icsk_af_ops = &dccp_ipv6_af_ops; @@ -203,8 +202,9 @@ static int dccp_v6_connect(struct sock *sk, struct sockaddr *uaddr, fl.fl_ip_dport = usin->sin6_port; fl.fl_ip_sport = inet->sport; - if (np->opt && np->opt->srcrt) { - struct rt0_hdr *rt0 = (struct rt0_hdr *)np->opt->srcrt; + if (np->opt != NULL && np->opt->srcrt != NULL) { + const struct rt0_hdr *rt0 = (struct rt0_hdr *)np->opt->srcrt; + ipv6_addr_copy(&final, &fl.fl6_dst); ipv6_addr_copy(&fl.fl6_dst, rt0->addr); final_p = &final; @@ -213,10 +213,12 @@ static int dccp_v6_connect(struct sock *sk, struct sockaddr *uaddr, err = ip6_dst_lookup(sk, &dst, &fl); if (err) goto failure; + if (final_p) ipv6_addr_copy(&fl.fl6_dst, final_p); - if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) + err = xfrm_lookup(&dst, &fl, sk, 0); + if (err < 0) goto failure; if (saddr == NULL) { @@ -231,7 +233,7 @@ static int dccp_v6_connect(struct sock *sk, struct sockaddr *uaddr, ip6_dst_store(sk, dst, NULL); icsk->icsk_ext_hdr_len = 0; - if (np->opt) + if (np->opt != NULL) icsk->icsk_ext_hdr_len = (np->opt->opt_flen + np->opt->opt_nflen); @@ -264,7 +266,7 @@ failure: } static void dccp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, - int type, int code, int offset, __u32 info) + int type, int code, int offset, __be32 info) { struct ipv6hdr *hdr = (struct ipv6hdr *)skb->data; const struct dccp_hdr *dh = (struct dccp_hdr *)(skb->data + offset); @@ -305,7 +307,6 @@ static void dccp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, /* icmp should have updated the destination cache entry */ dst = __sk_dst_check(sk, np->dst_cookie); - if (dst == NULL) { struct inet_sock *inet = inet_sk(sk); struct flowi fl; @@ -322,16 +323,17 @@ static void dccp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, fl.fl_ip_dport = inet->dport; fl.fl_ip_sport = inet->sport; - if ((err = ip6_dst_lookup(sk, &dst, &fl))) { + err = ip6_dst_lookup(sk, &dst, &fl); + if (err) { sk->sk_err_soft = -err; goto out; } - if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) { + err = xfrm_lookup(&dst, &fl, sk, 0); + if (err < 0) { sk->sk_err_soft = -err; goto out; } - } else dst_hold(dst); @@ -355,11 +357,12 @@ static void dccp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, req = inet6_csk_search_req(sk, &prev, dh->dccph_dport, &hdr->daddr, &hdr->saddr, inet6_iif(skb)); - if (!req) + if (req == NULL) goto out; - /* ICMPs are not backlogged, hence we cannot get - * an established socket here. + /* + * ICMPs are not backlogged, hence we cannot get an established + * socket here. */ BUG_TRAP(req->sk == NULL); @@ -373,7 +376,7 @@ static void dccp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, case DCCP_REQUESTING: case DCCP_RESPOND: /* Cannot happen. - It can, it SYNs are crossed. --ANK */ + It can, it SYNs are crossed. --ANK */ if (!sock_owned_by_user(sk)) { DCCP_INC_STATS_BH(DCCP_MIB_ATTEMPTFAILS); sk->sk_err = err; @@ -382,7 +385,6 @@ static void dccp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, * (see connect in sock.c) */ sk->sk_error_report(sk); - dccp_done(sk); } else sk->sk_err_soft = err; @@ -428,14 +430,16 @@ static int dccp_v6_send_response(struct sock *sk, struct request_sock *req, ireq6->pktopts) { struct sk_buff *pktopts = ireq6->pktopts; struct inet6_skb_parm *rxopt = IP6CB(pktopts); + if (rxopt->srcrt) opt = ipv6_invert_rthdr(sk, (struct ipv6_rt_hdr *)(pktopts->nh.raw + rxopt->srcrt)); } - if (opt && opt->srcrt) { - struct rt0_hdr *rt0 = (struct rt0_hdr *)opt->srcrt; + if (opt != NULL && opt->srcrt != NULL) { + const struct rt0_hdr *rt0 = (struct rt0_hdr *)opt->srcrt; + ipv6_addr_copy(&final, &fl.fl6_dst); ipv6_addr_copy(&fl.fl6_dst, rt0->addr); final_p = &final; @@ -444,15 +448,19 @@ static int dccp_v6_send_response(struct sock *sk, struct request_sock *req, err = ip6_dst_lookup(sk, &dst, &fl); if (err) goto done; + if (final_p) ipv6_addr_copy(&fl.fl6_dst, final_p); - if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) + + err = xfrm_lookup(&dst, &fl, sk, 0); + if (err < 0) goto done; } skb = dccp_make_response(sk, dst, req); if (skb != NULL) { struct dccp_hdr *dh = dccp_hdr(skb); + dh->dccph_checksum = dccp_v6_check(dh, skb->len, &ireq6->loc_addr, &ireq6->rmt_addr, @@ -466,7 +474,7 @@ static int dccp_v6_send_response(struct sock *sk, struct request_sock *req, } done: - if (opt && opt != np->opt) + if (opt != NULL && opt != np->opt) sock_kfree_s(sk, opt, opt->tot_len); dst_release(dst); return err; @@ -497,7 +505,7 @@ static void dccp_v6_send_check(struct sock *sk, int len, struct sk_buff *skb) struct dccp_hdr *dh = dccp_hdr(skb); dh->dccph_checksum = csum_ipv6_magic(&np->saddr, &np->daddr, - len, IPPROTO_DCCP, + len, IPPROTO_DCCP, csum_partial((char *)dh, dh->dccph_doff << 2, skb->csum)); @@ -505,8 +513,8 @@ static void dccp_v6_send_check(struct sock *sk, int len, struct sk_buff *skb) static void dccp_v6_ctl_send_reset(struct sk_buff *rxskb) { - struct dccp_hdr *rxdh = dccp_hdr(rxskb), *dh; - const int dccp_hdr_reset_len = sizeof(struct dccp_hdr) + + struct dccp_hdr *rxdh = dccp_hdr(rxskb), *dh; + const u32 dccp_hdr_reset_len = sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_reset); struct sk_buff *skb; @@ -517,20 +525,14 @@ static void dccp_v6_ctl_send_reset(struct sk_buff *rxskb) return; if (!ipv6_unicast_destination(rxskb)) - return; - - /* - * We need to grab some memory, and put together an RST, - * and then put it into the queue to be sent. - */ + return; - skb = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + - dccp_hdr_reset_len, GFP_ATOMIC); - if (skb == NULL) + skb = alloc_skb(dccp_v6_ctl_socket->sk->sk_prot->max_header, + GFP_ATOMIC); + if (skb == NULL) return; - skb_reserve(skb, MAX_HEADER + sizeof(struct ipv6hdr) + - dccp_hdr_reset_len); + skb_reserve(skb, dccp_v6_ctl_socket->sk->sk_prot->max_header); skb->h.raw = skb_push(skb, dccp_hdr_reset_len); dh = dccp_hdr(skb); @@ -568,7 +570,7 @@ static void dccp_v6_ctl_send_reset(struct sk_buff *rxskb) /* sk = NULL, but it is safe for now. RST socket required. */ if (!ip6_dst_lookup(NULL, &skb->dst, &fl)) { if (xfrm_lookup(&skb->dst, &fl, NULL, 0) >= 0) { - ip6_xmit(NULL, skb, &fl, NULL, 0); + ip6_xmit(dccp_v6_ctl_socket->sk, skb, &fl, NULL, 0); DCCP_INC_STATS_BH(DCCP_MIB_OUTSEGS); DCCP_INC_STATS_BH(DCCP_MIB_OUTRSTS); return; @@ -578,22 +580,22 @@ static void dccp_v6_ctl_send_reset(struct sk_buff *rxskb) kfree_skb(skb); } -static void dccp_v6_ctl_send_ack(struct sk_buff *rxskb) +static void dccp_v6_reqsk_send_ack(struct sk_buff *rxskb, + struct request_sock *req) { struct flowi fl; struct dccp_hdr *rxdh = dccp_hdr(rxskb), *dh; - const int dccp_hdr_ack_len = sizeof(struct dccp_hdr) + + const u32 dccp_hdr_ack_len = sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_ack_bits); struct sk_buff *skb; - skb = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + - dccp_hdr_ack_len, GFP_ATOMIC); + skb = alloc_skb(dccp_v6_ctl_socket->sk->sk_prot->max_header, + GFP_ATOMIC); if (skb == NULL) return; - skb_reserve(skb, MAX_HEADER + sizeof(struct ipv6hdr) + - dccp_hdr_ack_len); + skb_reserve(skb, dccp_v6_ctl_socket->sk->sk_prot->max_header); skb->h.raw = skb_push(skb, dccp_hdr_ack_len); dh = dccp_hdr(skb); @@ -605,7 +607,7 @@ static void dccp_v6_ctl_send_ack(struct sk_buff *rxskb) dh->dccph_dport = rxdh->dccph_sport; dh->dccph_doff = dccp_hdr_ack_len / 4; dh->dccph_x = 1; - + dccp_hdr_set_seq(dh, DCCP_SKB_CB(rxskb)->dccpd_ack_seq); dccp_hdr_set_ack(dccp_hdr_ack_bits(skb), DCCP_SKB_CB(rxskb)->dccpd_seq); @@ -623,7 +625,7 @@ static void dccp_v6_ctl_send_ack(struct sk_buff *rxskb) if (!ip6_dst_lookup(NULL, &skb->dst, &fl)) { if (xfrm_lookup(&skb->dst, &fl, NULL, 0) >= 0) { - ip6_xmit(NULL, skb, &fl, NULL, 0); + ip6_xmit(dccp_v6_ctl_socket->sk, skb, &fl, NULL, 0); DCCP_INC_STATS_BH(DCCP_MIB_OUTSEGS); return; } @@ -632,12 +634,6 @@ static void dccp_v6_ctl_send_ack(struct sk_buff *rxskb) kfree_skb(skb); } -static void dccp_v6_reqsk_send_ack(struct sk_buff *skb, - struct request_sock *req) -{ - dccp_v6_ctl_send_ack(skb); -} - static struct sock *dccp_v6_hnd_req(struct sock *sk,struct sk_buff *skb) { const struct dccp_hdr *dh = dccp_hdr(skb); @@ -657,7 +653,6 @@ static struct sock *dccp_v6_hnd_req(struct sock *sk,struct sk_buff *skb) &iph->saddr, dh->dccph_sport, &iph->daddr, ntohs(dh->dccph_dport), inet6_iif(skb)); - if (nsk != NULL) { if (nsk->sk_state != DCCP_TIME_WAIT) { bh_lock_sock(nsk); @@ -678,7 +673,7 @@ static int dccp_v6_conn_request(struct sock *sk, struct sk_buff *skb) struct dccp_request_sock *dreq; struct inet6_request_sock *ireq6; struct ipv6_pinfo *np = inet6_sk(sk); - const __u32 service = dccp_hdr_request(skb)->dccph_req_service; + const __be32 service = dccp_hdr_request(skb)->dccph_req_service; struct dccp_skb_cb *dcb = DCCP_SKB_CB(skb); __u8 reset_code = DCCP_RESET_CODE_TOO_BUSY; @@ -686,17 +681,17 @@ static int dccp_v6_conn_request(struct sock *sk, struct sk_buff *skb) return dccp_v4_conn_request(sk, skb); if (!ipv6_unicast_destination(skb)) - goto drop; + goto drop; if (dccp_bad_service_code(sk, service)) { reset_code = DCCP_RESET_CODE_BAD_SERVICE_CODE; goto drop; } /* - * There are no SYN attacks on IPv6, yet... + * There are no SYN attacks on IPv6, yet... */ if (inet_csk_reqsk_queue_is_full(sk)) - goto drop; + goto drop; if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1) goto drop; @@ -730,7 +725,7 @@ static int dccp_v6_conn_request(struct sock *sk, struct sk_buff *skb) ipv6_addr_type(&ireq6->rmt_addr) & IPV6_ADDR_LINKLOCAL) ireq6->iif = inet6_iif(skb); - /* + /* * Step 3: Process LISTEN state * * Set S.ISR, S.GSR, S.SWL, S.SWH from packet or Init Cookie @@ -774,9 +769,8 @@ static struct sock *dccp_v6_request_recv_sock(struct sock *sk, /* * v6 mapped */ - newsk = dccp_v4_request_recv_sock(sk, skb, req, dst); - if (newsk == NULL) + if (newsk == NULL) return NULL; newdp6 = (struct dccp6_sock *)newsk; @@ -822,9 +816,9 @@ static struct sock *dccp_v6_request_recv_sock(struct sock *sk, if (sk_acceptq_is_full(sk)) goto out_overflow; - if (np->rxopt.bits.osrcrt == 2 && - opt == NULL && ireq6->pktopts) { - struct inet6_skb_parm *rxopt = IP6CB(ireq6->pktopts); + if (np->rxopt.bits.osrcrt == 2 && opt == NULL && ireq6->pktopts) { + const struct inet6_skb_parm *rxopt = IP6CB(ireq6->pktopts); + if (rxopt->srcrt) opt = ipv6_invert_rthdr(sk, (struct ipv6_rt_hdr *)(ireq6->pktopts->nh.raw + @@ -838,8 +832,9 @@ static struct sock *dccp_v6_request_recv_sock(struct sock *sk, memset(&fl, 0, sizeof(fl)); fl.proto = IPPROTO_DCCP; ipv6_addr_copy(&fl.fl6_dst, &ireq6->rmt_addr); - if (opt && opt->srcrt) { - struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt; + if (opt != NULL && opt->srcrt != NULL) { + const struct rt0_hdr *rt0 = (struct rt0_hdr *)opt->srcrt; + ipv6_addr_copy(&final, &fl.fl6_dst); ipv6_addr_copy(&fl.fl6_dst, rt0->addr); final_p = &final; @@ -857,7 +852,7 @@ static struct sock *dccp_v6_request_recv_sock(struct sock *sk, if ((xfrm_lookup(&dst, &fl, sk, 0)) < 0) goto out; - } + } newsk = dccp_create_openreq_child(sk, req, skb); if (newsk == NULL) @@ -870,9 +865,8 @@ static struct sock *dccp_v6_request_recv_sock(struct sock *sk, */ ip6_dst_store(newsk, dst, NULL); - newsk->sk_route_caps = dst->dev->features & - ~(NETIF_F_IP_CSUM | NETIF_F_TSO); - + newsk->sk_route_caps = dst->dev->features & ~(NETIF_F_IP_CSUM | + NETIF_F_TSO); newdp6 = (struct dccp6_sock *)newsk; newinet = inet_sk(newsk); newinet->pinet6 = &newdp6->inet6; @@ -886,7 +880,7 @@ static struct sock *dccp_v6_request_recv_sock(struct sock *sk, ipv6_addr_copy(&newnp->rcv_saddr, &ireq6->loc_addr); newsk->sk_bound_dev_if = ireq6->iif; - /* Now IPv6 options... + /* Now IPv6 options... First: no IPv4 options. */ @@ -908,20 +902,20 @@ static struct sock *dccp_v6_request_recv_sock(struct sock *sk, newnp->mcast_oif = inet6_iif(skb); newnp->mcast_hops = skb->nh.ipv6h->hop_limit; - /* Clone native IPv6 options from listening socket (if any) - - Yes, keeping reference count would be much more clever, - but we make one more one thing there: reattach optmem - to newsk. + /* + * Clone native IPv6 options from listening socket (if any) + * + * Yes, keeping reference count would be much more clever, but we make + * one more one thing there: reattach optmem to newsk. */ - if (opt) { + if (opt != NULL) { newnp->opt = ipv6_dup_options(newsk, opt); if (opt != np->opt) sock_kfree_s(sk, opt, opt->tot_len); } inet_csk(newsk)->icsk_ext_hdr_len = 0; - if (newnp->opt) + if (newnp->opt != NULL) inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen + newnp->opt->opt_flen); @@ -938,7 +932,7 @@ out_overflow: NET_INC_STATS_BH(LINUX_MIB_LISTENOVERFLOWS); out: NET_INC_STATS_BH(LINUX_MIB_LISTENDROPS); - if (opt && opt != np->opt) + if (opt != NULL && opt != np->opt) sock_kfree_s(sk, opt, opt->tot_len); dst_release(dst); return NULL; @@ -972,8 +966,8 @@ static int dccp_v6_do_rcv(struct sock *sk, struct sk_buff *skb) goto discard; /* - * socket locking is here for SMP purposes as backlog rcv - * is currently called with bh processing disabled. + * socket locking is here for SMP purposes as backlog rcv is currently + * called with bh processing disabled. */ /* Do Stevens' IPV6_PKTOPTIONS. @@ -998,20 +992,20 @@ static int dccp_v6_do_rcv(struct sock *sk, struct sk_buff *skb) return 0; } - if (sk->sk_state == DCCP_LISTEN) { + if (sk->sk_state == DCCP_LISTEN) { struct sock *nsk = dccp_v6_hnd_req(sk, skb); - if (!nsk) - goto discard; + if (nsk == NULL) + goto discard; /* * Queue it on the new socket if the new socket is active, * otherwise we just shortcircuit this and continue with * the new socket.. */ - if(nsk != sk) { + if (nsk != sk) { if (dccp_child_process(sk, nsk, skb)) goto reset; - if (opt_skb) + if (opt_skb != NULL) __kfree_skb(opt_skb); return 0; } @@ -1024,7 +1018,7 @@ static int dccp_v6_do_rcv(struct sock *sk, struct sk_buff *skb) reset: dccp_v6_ctl_send_reset(skb); discard: - if (opt_skb) + if (opt_skb != NULL) __kfree_skb(opt_skb); kfree_skb(skb); return 0; @@ -1057,7 +1051,7 @@ static int dccp_v6_rcv(struct sk_buff **pskb) dh->dccph_sport, &skb->nh.ipv6h->daddr, ntohs(dh->dccph_dport), inet6_iif(skb)); - /* + /* * Step 2: * If no socket ... * Generate Reset(No Connection) unless P.type == Reset @@ -1066,15 +1060,14 @@ static int dccp_v6_rcv(struct sk_buff **pskb) if (sk == NULL) goto no_dccp_socket; - /* + /* * Step 2: * ... or S.state == TIMEWAIT, * Generate Reset(No Connection) unless P.type == Reset * Drop packet and return */ - if (sk->sk_state == DCCP_TIME_WAIT) - goto do_time_wait; + goto do_time_wait; if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb)) goto discard_and_relse; @@ -1113,32 +1106,40 @@ do_time_wait: } static struct inet_connection_sock_af_ops dccp_ipv6_af_ops = { - .queue_xmit = inet6_csk_xmit, - .send_check = dccp_v6_send_check, - .rebuild_header = inet6_sk_rebuild_header, - .conn_request = dccp_v6_conn_request, - .syn_recv_sock = dccp_v6_request_recv_sock, - .net_header_len = sizeof(struct ipv6hdr), - .setsockopt = ipv6_setsockopt, - .getsockopt = ipv6_getsockopt, - .addr2sockaddr = inet6_csk_addr2sockaddr, - .sockaddr_len = sizeof(struct sockaddr_in6) + .queue_xmit = inet6_csk_xmit, + .send_check = dccp_v6_send_check, + .rebuild_header = inet6_sk_rebuild_header, + .conn_request = dccp_v6_conn_request, + .syn_recv_sock = dccp_v6_request_recv_sock, + .net_header_len = sizeof(struct ipv6hdr), + .setsockopt = ipv6_setsockopt, + .getsockopt = ipv6_getsockopt, + .addr2sockaddr = inet6_csk_addr2sockaddr, + .sockaddr_len = sizeof(struct sockaddr_in6), +#ifdef CONFIG_COMPAT + .compat_setsockopt = compat_ipv6_setsockopt, + .compat_getsockopt = compat_ipv6_getsockopt, +#endif }; /* * DCCP over IPv4 via INET6 API */ static struct inet_connection_sock_af_ops dccp_ipv6_mapped = { - .queue_xmit = ip_queue_xmit, - .send_check = dccp_v4_send_check, - .rebuild_header = inet_sk_rebuild_header, - .conn_request = dccp_v6_conn_request, - .syn_recv_sock = dccp_v6_request_recv_sock, - .net_header_len = sizeof(struct iphdr), - .setsockopt = ipv6_setsockopt, - .getsockopt = ipv6_getsockopt, - .addr2sockaddr = inet6_csk_addr2sockaddr, - .sockaddr_len = sizeof(struct sockaddr_in6) + .queue_xmit = ip_queue_xmit, + .send_check = dccp_v4_send_check, + .rebuild_header = inet_sk_rebuild_header, + .conn_request = dccp_v6_conn_request, + .syn_recv_sock = dccp_v6_request_recv_sock, + .net_header_len = sizeof(struct iphdr), + .setsockopt = ipv6_setsockopt, + .getsockopt = ipv6_getsockopt, + .addr2sockaddr = inet6_csk_addr2sockaddr, + .sockaddr_len = sizeof(struct sockaddr_in6), +#ifdef CONFIG_COMPAT + .compat_setsockopt = compat_ipv6_setsockopt, + .compat_getsockopt = compat_ipv6_getsockopt, +#endif }; /* NOTE: A lot of things set to zero explicitly by call to @@ -1146,71 +1147,83 @@ static struct inet_connection_sock_af_ops dccp_ipv6_mapped = { */ static int dccp_v6_init_sock(struct sock *sk) { - int err = dccp_v4_init_sock(sk); + static __u8 dccp_v6_ctl_sock_initialized; + int err = dccp_init_sock(sk, dccp_v6_ctl_sock_initialized); - if (err == 0) + if (err == 0) { + if (unlikely(!dccp_v6_ctl_sock_initialized)) + dccp_v6_ctl_sock_initialized = 1; inet_csk(sk)->icsk_af_ops = &dccp_ipv6_af_ops; + } return err; } static int dccp_v6_destroy_sock(struct sock *sk) { - dccp_v4_destroy_sock(sk); + dccp_destroy_sock(sk); return inet6_destroy_sock(sk); } static struct proto dccp_v6_prot = { - .name = "DCCPv6", - .owner = THIS_MODULE, - .close = dccp_close, - .connect = dccp_v6_connect, - .disconnect = dccp_disconnect, - .ioctl = dccp_ioctl, - .init = dccp_v6_init_sock, - .setsockopt = dccp_setsockopt, - .getsockopt = dccp_getsockopt, - .sendmsg = dccp_sendmsg, - .recvmsg = dccp_recvmsg, - .backlog_rcv = dccp_v6_do_rcv, - .hash = dccp_v6_hash, - .unhash = dccp_unhash, - .accept = inet_csk_accept, - .get_port = dccp_v6_get_port, - .shutdown = dccp_shutdown, - .destroy = dccp_v6_destroy_sock, - .orphan_count = &dccp_orphan_count, - .max_header = MAX_DCCP_HEADER, - .obj_size = sizeof(struct dccp6_sock), - .rsk_prot = &dccp6_request_sock_ops, - .twsk_prot = &dccp6_timewait_sock_ops, + .name = "DCCPv6", + .owner = THIS_MODULE, + .close = dccp_close, + .connect = dccp_v6_connect, + .disconnect = dccp_disconnect, + .ioctl = dccp_ioctl, + .init = dccp_v6_init_sock, + .setsockopt = dccp_setsockopt, + .getsockopt = dccp_getsockopt, + .sendmsg = dccp_sendmsg, + .recvmsg = dccp_recvmsg, + .backlog_rcv = dccp_v6_do_rcv, + .hash = dccp_v6_hash, + .unhash = dccp_unhash, + .accept = inet_csk_accept, + .get_port = dccp_v6_get_port, + .shutdown = dccp_shutdown, + .destroy = dccp_v6_destroy_sock, + .orphan_count = &dccp_orphan_count, + .max_header = MAX_DCCP_HEADER, + .obj_size = sizeof(struct dccp6_sock), + .rsk_prot = &dccp6_request_sock_ops, + .twsk_prot = &dccp6_timewait_sock_ops, +#ifdef CONFIG_COMPAT + .compat_setsockopt = compat_dccp_setsockopt, + .compat_getsockopt = compat_dccp_getsockopt, +#endif }; static struct inet6_protocol dccp_v6_protocol = { - .handler = dccp_v6_rcv, - .err_handler = dccp_v6_err, - .flags = INET6_PROTO_NOPOLICY | INET6_PROTO_FINAL, + .handler = dccp_v6_rcv, + .err_handler = dccp_v6_err, + .flags = INET6_PROTO_NOPOLICY | INET6_PROTO_FINAL, }; static struct proto_ops inet6_dccp_ops = { - .family = PF_INET6, - .owner = THIS_MODULE, - .release = inet6_release, - .bind = inet6_bind, - .connect = inet_stream_connect, - .socketpair = sock_no_socketpair, - .accept = inet_accept, - .getname = inet6_getname, - .poll = dccp_poll, - .ioctl = inet6_ioctl, - .listen = inet_dccp_listen, - .shutdown = inet_shutdown, - .setsockopt = sock_common_setsockopt, - .getsockopt = sock_common_getsockopt, - .sendmsg = inet_sendmsg, - .recvmsg = sock_common_recvmsg, - .mmap = sock_no_mmap, - .sendpage = sock_no_sendpage, + .family = PF_INET6, + .owner = THIS_MODULE, + .release = inet6_release, + .bind = inet6_bind, + .connect = inet_stream_connect, + .socketpair = sock_no_socketpair, + .accept = inet_accept, + .getname = inet6_getname, + .poll = dccp_poll, + .ioctl = inet6_ioctl, + .listen = inet_dccp_listen, + .shutdown = inet_shutdown, + .setsockopt = sock_common_setsockopt, + .getsockopt = sock_common_getsockopt, + .sendmsg = inet_sendmsg, + .recvmsg = sock_common_recvmsg, + .mmap = sock_no_mmap, + .sendpage = sock_no_sendpage, +#ifdef CONFIG_COMPAT + .compat_setsockopt = compat_sock_common_setsockopt, + .compat_getsockopt = compat_sock_common_getsockopt, +#endif }; static struct inet_protosw dccp_v6_protosw = { @@ -1234,8 +1247,16 @@ static int __init dccp_v6_init(void) goto out_unregister_proto; inet6_register_protosw(&dccp_v6_protosw); + + err = inet_csk_ctl_sock_create(&dccp_v6_ctl_socket, PF_INET6, + SOCK_DCCP, IPPROTO_DCCP); + if (err != 0) + goto out_unregister_protosw; out: return err; +out_unregister_protosw: + inet6_del_protocol(&dccp_v6_protocol, IPPROTO_DCCP); + inet6_unregister_protosw(&dccp_v6_protosw); out_unregister_proto: proto_unregister(&dccp_v6_prot); goto out; diff --git a/net/dccp/minisocks.c b/net/dccp/minisocks.c index 29261fc..c0349e5 100644 --- a/net/dccp/minisocks.c +++ b/net/dccp/minisocks.c @@ -22,6 +22,7 @@ #include "ackvec.h" #include "ccid.h" #include "dccp.h" +#include "feat.h" struct inet_timewait_death_row dccp_death_row = { .sysctl_max_tw_buckets = NR_FILE * 2, @@ -106,6 +107,7 @@ struct sock *dccp_create_openreq_child(struct sock *sk, const struct dccp_request_sock *dreq = dccp_rsk(req); struct inet_connection_sock *newicsk = inet_csk(sk); struct dccp_sock *newdp = dccp_sk(newsk); + struct dccp_minisock *newdmsk = dccp_msk(newsk); newdp->dccps_role = DCCP_ROLE_SERVER; newdp->dccps_hc_rx_ackvec = NULL; @@ -114,27 +116,27 @@ struct sock *dccp_create_openreq_child(struct sock *sk, newicsk->icsk_rto = DCCP_TIMEOUT_INIT; do_gettimeofday(&newdp->dccps_epoch); - if (newdp->dccps_options.dccpo_send_ack_vector) { + if (dccp_feat_clone(sk, newsk)) + goto out_free; + + if (newdmsk->dccpms_send_ack_vector) { newdp->dccps_hc_rx_ackvec = - dccp_ackvec_alloc(DCCP_MAX_ACKVEC_LEN, - GFP_ATOMIC); - /* - * XXX: We're using the same CCIDs set on the parent, - * i.e. sk_clone copied the master sock and left the - * CCID pointers for this child, that is why we do the - * __ccid_get calls. - */ + dccp_ackvec_alloc(GFP_ATOMIC); if (unlikely(newdp->dccps_hc_rx_ackvec == NULL)) goto out_free; } - if (unlikely(ccid_hc_rx_init(newdp->dccps_hc_rx_ccid, - newsk) != 0 || - ccid_hc_tx_init(newdp->dccps_hc_tx_ccid, - newsk) != 0)) { + newdp->dccps_hc_rx_ccid = + ccid_hc_rx_new(newdmsk->dccpms_rx_ccid, + newsk, GFP_ATOMIC); + newdp->dccps_hc_tx_ccid = + ccid_hc_tx_new(newdmsk->dccpms_tx_ccid, + newsk, GFP_ATOMIC); + if (unlikely(newdp->dccps_hc_rx_ccid == NULL || + newdp->dccps_hc_tx_ccid == NULL)) { dccp_ackvec_free(newdp->dccps_hc_rx_ackvec); - ccid_hc_rx_exit(newdp->dccps_hc_rx_ccid, newsk); - ccid_hc_tx_exit(newdp->dccps_hc_tx_ccid, newsk); + ccid_hc_rx_delete(newdp->dccps_hc_rx_ccid, newsk); + ccid_hc_tx_delete(newdp->dccps_hc_tx_ccid, newsk); out_free: /* It is still raw copy of parent, so invalidate * destructor and make plain sk_free() */ @@ -143,9 +145,6 @@ out_free: return NULL; } - __ccid_get(newdp->dccps_hc_rx_ccid); - __ccid_get(newdp->dccps_hc_tx_ccid); - /* * Step 3: Process LISTEN state * @@ -155,7 +154,7 @@ out_free: */ /* See dccp_v4_conn_request */ - newdp->dccps_options.dccpo_sequence_window = req->rcv_wnd; + newdmsk->dccpms_sequence_window = req->rcv_wnd; newdp->dccps_gar = newdp->dccps_isr = dreq->dreq_isr; dccp_update_gsr(newsk, dreq->dreq_isr); diff --git a/net/dccp/options.c b/net/dccp/options.c index 0a76426..e9feb2a 100644 --- a/net/dccp/options.c +++ b/net/dccp/options.c @@ -21,19 +21,23 @@ #include "ackvec.h" #include "ccid.h" #include "dccp.h" +#include "feat.h" -/* stores the default values for new connection. may be changed with sysctl */ -static const struct dccp_options dccpo_default_values = { - .dccpo_sequence_window = DCCPF_INITIAL_SEQUENCE_WINDOW, - .dccpo_rx_ccid = DCCPF_INITIAL_CCID, - .dccpo_tx_ccid = DCCPF_INITIAL_CCID, - .dccpo_send_ack_vector = DCCPF_INITIAL_SEND_ACK_VECTOR, - .dccpo_send_ndp_count = DCCPF_INITIAL_SEND_NDP_COUNT, -}; +int dccp_feat_default_sequence_window = DCCPF_INITIAL_SEQUENCE_WINDOW; +int dccp_feat_default_rx_ccid = DCCPF_INITIAL_CCID; +int dccp_feat_default_tx_ccid = DCCPF_INITIAL_CCID; +int dccp_feat_default_ack_ratio = DCCPF_INITIAL_ACK_RATIO; +int dccp_feat_default_send_ack_vector = DCCPF_INITIAL_SEND_ACK_VECTOR; +int dccp_feat_default_send_ndp_count = DCCPF_INITIAL_SEND_NDP_COUNT; -void dccp_options_init(struct dccp_options *dccpo) +void dccp_minisock_init(struct dccp_minisock *dmsk) { - memcpy(dccpo, &dccpo_default_values, sizeof(*dccpo)); + dmsk->dccpms_sequence_window = dccp_feat_default_sequence_window; + dmsk->dccpms_rx_ccid = dccp_feat_default_rx_ccid; + dmsk->dccpms_tx_ccid = dccp_feat_default_tx_ccid; + dmsk->dccpms_ack_ratio = dccp_feat_default_ack_ratio; + dmsk->dccpms_send_ack_vector = dccp_feat_default_send_ack_vector; + dmsk->dccpms_send_ndp_count = dccp_feat_default_send_ndp_count; } static u32 dccp_decode_value_var(const unsigned char *bf, const u8 len) @@ -69,9 +73,12 @@ int dccp_parse_options(struct sock *sk, struct sk_buff *skb) unsigned char opt, len; unsigned char *value; u32 elapsed_time; + int rc; + int mandatory = 0; memset(opt_recv, 0, sizeof(*opt_recv)); + opt = len = 0; while (opt_ptr != opt_end) { opt = *opt_ptr++; len = 0; @@ -100,6 +107,12 @@ int dccp_parse_options(struct sock *sk, struct sk_buff *skb) switch (opt) { case DCCPO_PADDING: break; + case DCCPO_MANDATORY: + if (mandatory) + goto out_invalid_option; + if (pkt_type != DCCP_PKT_DATA) + mandatory = 1; + break; case DCCPO_NDP_COUNT: if (len > 3) goto out_invalid_option; @@ -108,12 +121,37 @@ int dccp_parse_options(struct sock *sk, struct sk_buff *skb) dccp_pr_debug("%sNDP count=%d\n", debug_prefix, opt_recv->dccpor_ndp); break; + case DCCPO_CHANGE_L: + /* fall through */ + case DCCPO_CHANGE_R: + if (len < 2) + goto out_invalid_option; + rc = dccp_feat_change_recv(sk, opt, *value, value + 1, + len - 1); + /* + * When there is a change error, change_recv is + * responsible for dealing with it. i.e. reply with an + * empty confirm. + * If the change was mandatory, then we need to die. + */ + if (rc && mandatory) + goto out_invalid_option; + break; + case DCCPO_CONFIRM_L: + /* fall through */ + case DCCPO_CONFIRM_R: + if (len < 2) + goto out_invalid_option; + if (dccp_feat_confirm_recv(sk, opt, *value, + value + 1, len - 1)) + goto out_invalid_option; + break; case DCCPO_ACK_VECTOR_0: case DCCPO_ACK_VECTOR_1: if (pkt_type == DCCP_PKT_DATA) - continue; + break; - if (dp->dccps_options.dccpo_send_ack_vector && + if (dccp_msk(sk)->dccpms_send_ack_vector && dccp_ackvec_parse(sk, skb, opt, value, len)) goto out_invalid_option; break; @@ -121,7 +159,7 @@ int dccp_parse_options(struct sock *sk, struct sk_buff *skb) if (len != 4) goto out_invalid_option; - opt_recv->dccpor_timestamp = ntohl(*(u32 *)value); + opt_recv->dccpor_timestamp = ntohl(*(__be32 *)value); dp->dccps_timestamp_echo = opt_recv->dccpor_timestamp; dccp_timestamp(sk, &dp->dccps_timestamp_time); @@ -135,7 +173,7 @@ int dccp_parse_options(struct sock *sk, struct sk_buff *skb) if (len != 4 && len != 6 && len != 8) goto out_invalid_option; - opt_recv->dccpor_timestamp_echo = ntohl(*(u32 *)value); + opt_recv->dccpor_timestamp_echo = ntohl(*(__be32 *)value); dccp_pr_debug("%sTIMESTAMP_ECHO=%u, len=%d, ackno=%llu, ", debug_prefix, @@ -149,9 +187,9 @@ int dccp_parse_options(struct sock *sk, struct sk_buff *skb) break; if (len == 6) - elapsed_time = ntohs(*(u16 *)(value + 4)); + elapsed_time = ntohs(*(__be16 *)(value + 4)); else - elapsed_time = ntohl(*(u32 *)(value + 4)); + elapsed_time = ntohl(*(__be32 *)(value + 4)); /* Give precedence to the biggest ELAPSED_TIME */ if (elapsed_time > opt_recv->dccpor_elapsed_time) @@ -165,9 +203,9 @@ int dccp_parse_options(struct sock *sk, struct sk_buff *skb) continue; if (len == 2) - elapsed_time = ntohs(*(u16 *)value); + elapsed_time = ntohs(*(__be16 *)value); else - elapsed_time = ntohl(*(u32 *)value); + elapsed_time = ntohl(*(__be32 *)value); if (elapsed_time > opt_recv->dccpor_elapsed_time) opt_recv->dccpor_elapsed_time = elapsed_time; @@ -208,8 +246,15 @@ int dccp_parse_options(struct sock *sk, struct sk_buff *skb) sk, opt, len); break; } + + if (opt != DCCPO_MANDATORY) + mandatory = 0; } + /* mandatory was the last byte in option list -> reset connection */ + if (mandatory) + goto out_invalid_option; + return 0; out_invalid_option: @@ -219,6 +264,8 @@ out_invalid_option: return -1; } +EXPORT_SYMBOL_GPL(dccp_parse_options); + static void dccp_encode_value_var(const u32 value, unsigned char *to, const unsigned int len) { @@ -237,17 +284,14 @@ static inline int dccp_ndp_len(const int ndp) return likely(ndp <= 0xFF) ? 1 : ndp <= 0xFFFF ? 2 : 3; } -void dccp_insert_option(struct sock *sk, struct sk_buff *skb, +int dccp_insert_option(struct sock *sk, struct sk_buff *skb, const unsigned char option, const void *value, const unsigned char len) { unsigned char *to; - if (DCCP_SKB_CB(skb)->dccpd_opt_len + len + 2 > DCCP_MAX_OPT_LEN) { - LIMIT_NETDEBUG(KERN_INFO "DCCP: packet too small to insert " - "%d option!\n", option); - return; - } + if (DCCP_SKB_CB(skb)->dccpd_opt_len + len + 2 > DCCP_MAX_OPT_LEN) + return -1; DCCP_SKB_CB(skb)->dccpd_opt_len += len + 2; @@ -256,11 +300,12 @@ void dccp_insert_option(struct sock *sk, struct sk_buff *skb, *to++ = len + 2; memcpy(to, value, len); + return 0; } EXPORT_SYMBOL_GPL(dccp_insert_option); -static void dccp_insert_option_ndp(struct sock *sk, struct sk_buff *skb) +static int dccp_insert_option_ndp(struct sock *sk, struct sk_buff *skb) { struct dccp_sock *dp = dccp_sk(sk); int ndp = dp->dccps_ndp_count; @@ -276,7 +321,7 @@ static void dccp_insert_option_ndp(struct sock *sk, struct sk_buff *skb) const int len = ndp_len + 2; if (DCCP_SKB_CB(skb)->dccpd_opt_len + len > DCCP_MAX_OPT_LEN) - return; + return -1; DCCP_SKB_CB(skb)->dccpd_opt_len += len; @@ -285,6 +330,8 @@ static void dccp_insert_option_ndp(struct sock *sk, struct sk_buff *skb) *ptr++ = len; dccp_encode_value_var(ndp, ptr, ndp_len); } + + return 0; } static inline int dccp_elapsed_time_len(const u32 elapsed_time) @@ -292,27 +339,18 @@ static inline int dccp_elapsed_time_len(const u32 elapsed_time) return elapsed_time == 0 ? 0 : elapsed_time <= 0xFFFF ? 2 : 4; } -void dccp_insert_option_elapsed_time(struct sock *sk, - struct sk_buff *skb, - u32 elapsed_time) +int dccp_insert_option_elapsed_time(struct sock *sk, struct sk_buff *skb, + u32 elapsed_time) { -#ifdef CONFIG_IP_DCCP_DEBUG - struct dccp_sock *dp = dccp_sk(sk); - const char *debug_prefix = dp->dccps_role == DCCP_ROLE_CLIENT ? - "CLIENT TX opt: " : "server TX opt: "; -#endif const int elapsed_time_len = dccp_elapsed_time_len(elapsed_time); const int len = 2 + elapsed_time_len; unsigned char *to; if (elapsed_time_len == 0) - return; + return 0; - if (DCCP_SKB_CB(skb)->dccpd_opt_len + len > DCCP_MAX_OPT_LEN) { - LIMIT_NETDEBUG(KERN_INFO "DCCP: packet too small to " - "insert elapsed time!\n"); - return; - } + if (DCCP_SKB_CB(skb)->dccpd_opt_len + len > DCCP_MAX_OPT_LEN) + return -1; DCCP_SKB_CB(skb)->dccpd_opt_len += len; @@ -321,17 +359,14 @@ void dccp_insert_option_elapsed_time(struct sock *sk, *to++ = len; if (elapsed_time_len == 2) { - const u16 var16 = htons((u16)elapsed_time); + const __be16 var16 = htons((u16)elapsed_time); memcpy(to, &var16, 2); } else { - const u32 var32 = htonl(elapsed_time); + const __be32 var32 = htonl(elapsed_time); memcpy(to, &var32, 4); } - dccp_pr_debug("%sELAPSED_TIME=%u, len=%d, seqno=%llu\n", - debug_prefix, elapsed_time, - len, - (unsigned long long) DCCP_SKB_CB(skb)->dccpd_seq); + return 0; } EXPORT_SYMBOL_GPL(dccp_insert_option_elapsed_time); @@ -352,32 +387,27 @@ void dccp_timestamp(const struct sock *sk, struct timeval *tv) EXPORT_SYMBOL_GPL(dccp_timestamp); -void dccp_insert_option_timestamp(struct sock *sk, struct sk_buff *skb) +int dccp_insert_option_timestamp(struct sock *sk, struct sk_buff *skb) { struct timeval tv; - u32 now; - + __be32 now; + dccp_timestamp(sk, &tv); - now = timeval_usecs(&tv) / 10; + now = htonl(timeval_usecs(&tv) / 10); /* yes this will overflow but that is the point as we want a * 10 usec 32 bit timer which mean it wraps every 11.9 hours */ - now = htonl(now); - dccp_insert_option(sk, skb, DCCPO_TIMESTAMP, &now, sizeof(now)); + return dccp_insert_option(sk, skb, DCCPO_TIMESTAMP, &now, sizeof(now)); } EXPORT_SYMBOL_GPL(dccp_insert_option_timestamp); -static void dccp_insert_option_timestamp_echo(struct sock *sk, - struct sk_buff *skb) +static int dccp_insert_option_timestamp_echo(struct sock *sk, + struct sk_buff *skb) { struct dccp_sock *dp = dccp_sk(sk); -#ifdef CONFIG_IP_DCCP_DEBUG - const char *debug_prefix = dp->dccps_role == DCCP_ROLE_CLIENT ? - "CLIENT TX opt: " : "server TX opt: "; -#endif struct timeval now; - u32 tstamp_echo; + __be32 tstamp_echo; u32 elapsed_time; int len, elapsed_time_len; unsigned char *to; @@ -387,11 +417,8 @@ static void dccp_insert_option_timestamp_echo(struct sock *sk, elapsed_time_len = dccp_elapsed_time_len(elapsed_time); len = 6 + elapsed_time_len; - if (DCCP_SKB_CB(skb)->dccpd_opt_len + len > DCCP_MAX_OPT_LEN) { - LIMIT_NETDEBUG(KERN_INFO "DCCP: packet too small to insert " - "timestamp echo!\n"); - return; - } + if (DCCP_SKB_CB(skb)->dccpd_opt_len + len > DCCP_MAX_OPT_LEN) + return -1; DCCP_SKB_CB(skb)->dccpd_opt_len += len; @@ -402,51 +429,149 @@ static void dccp_insert_option_timestamp_echo(struct sock *sk, tstamp_echo = htonl(dp->dccps_timestamp_echo); memcpy(to, &tstamp_echo, 4); to += 4; - + if (elapsed_time_len == 2) { - const u16 var16 = htons((u16)elapsed_time); + const __be16 var16 = htons((u16)elapsed_time); memcpy(to, &var16, 2); } else if (elapsed_time_len == 4) { - const u32 var32 = htonl(elapsed_time); + const __be32 var32 = htonl(elapsed_time); memcpy(to, &var32, 4); } - dccp_pr_debug("%sTIMESTAMP_ECHO=%u, len=%d, seqno=%llu\n", - debug_prefix, dp->dccps_timestamp_echo, - len, - (unsigned long long) DCCP_SKB_CB(skb)->dccpd_seq); - dp->dccps_timestamp_echo = 0; dp->dccps_timestamp_time.tv_sec = 0; dp->dccps_timestamp_time.tv_usec = 0; + return 0; } -void dccp_insert_options(struct sock *sk, struct sk_buff *skb) +static int dccp_insert_feat_opt(struct sk_buff *skb, u8 type, u8 feat, + u8 *val, u8 len) +{ + u8 *to; + + if (DCCP_SKB_CB(skb)->dccpd_opt_len + len + 3 > DCCP_MAX_OPT_LEN) { + LIMIT_NETDEBUG(KERN_INFO "DCCP: packet too small" + " to insert feature %d option!\n", feat); + return -1; + } + + DCCP_SKB_CB(skb)->dccpd_opt_len += len + 3; + + to = skb_push(skb, len + 3); + *to++ = type; + *to++ = len + 3; + *to++ = feat; + + if (len) + memcpy(to, val, len); + dccp_pr_debug("option %d feat %d len %d\n", type, feat, len); + + return 0; +} + +static int dccp_insert_options_feat(struct sock *sk, struct sk_buff *skb) { struct dccp_sock *dp = dccp_sk(sk); + struct dccp_minisock *dmsk = dccp_msk(sk); + struct dccp_opt_pend *opt, *next; + int change = 0; + + /* confirm any options [NN opts] */ + list_for_each_entry_safe(opt, next, &dmsk->dccpms_conf, dccpop_node) { + dccp_insert_feat_opt(skb, opt->dccpop_type, + opt->dccpop_feat, opt->dccpop_val, + opt->dccpop_len); + /* fear empty confirms */ + if (opt->dccpop_val) + kfree(opt->dccpop_val); + kfree(opt); + } + INIT_LIST_HEAD(&dmsk->dccpms_conf); + + /* see which features we need to send */ + list_for_each_entry(opt, &dmsk->dccpms_pending, dccpop_node) { + /* see if we need to send any confirm */ + if (opt->dccpop_sc) { + dccp_insert_feat_opt(skb, opt->dccpop_type + 1, + opt->dccpop_feat, + opt->dccpop_sc->dccpoc_val, + opt->dccpop_sc->dccpoc_len); + + BUG_ON(!opt->dccpop_sc->dccpoc_val); + kfree(opt->dccpop_sc->dccpoc_val); + kfree(opt->dccpop_sc); + opt->dccpop_sc = NULL; + } + + /* any option not confirmed, re-send it */ + if (!opt->dccpop_conf) { + dccp_insert_feat_opt(skb, opt->dccpop_type, + opt->dccpop_feat, opt->dccpop_val, + opt->dccpop_len); + change++; + } + } + + /* Retransmit timer. + * If this is the master listening sock, we don't set a timer on it. It + * should be fine because if the dude doesn't receive our RESPONSE + * [which will contain the CHANGE] he will send another REQUEST which + * will "retrnasmit" the change. + */ + if (change && dp->dccps_role != DCCP_ROLE_LISTEN) { + dccp_pr_debug("reset feat negotiation timer %p\n", sk); + + /* XXX don't reset the timer on re-transmissions. I.e. reset it + * only when sending new stuff i guess. Currently the timer + * never backs off because on re-transmission it just resets it! + */ + inet_csk_reset_xmit_timer(sk, ICSK_TIME_RETRANS, + inet_csk(sk)->icsk_rto, DCCP_RTO_MAX); + } + + return 0; +} + +int dccp_insert_options(struct sock *sk, struct sk_buff *skb) +{ + struct dccp_sock *dp = dccp_sk(sk); + struct dccp_minisock *dmsk = dccp_msk(sk); DCCP_SKB_CB(skb)->dccpd_opt_len = 0; - if (dp->dccps_options.dccpo_send_ndp_count) - dccp_insert_option_ndp(sk, skb); + if (dmsk->dccpms_send_ndp_count && + dccp_insert_option_ndp(sk, skb)) + return -1; if (!dccp_packet_without_ack(skb)) { - if (dp->dccps_options.dccpo_send_ack_vector && - dccp_ackvec_pending(dp->dccps_hc_rx_ackvec)) - dccp_insert_option_ackvec(sk, skb); - if (dp->dccps_timestamp_echo != 0) - dccp_insert_option_timestamp_echo(sk, skb); + if (dmsk->dccpms_send_ack_vector && + dccp_ackvec_pending(dp->dccps_hc_rx_ackvec) && + dccp_insert_option_ackvec(sk, skb)) + return -1; + + if (dp->dccps_timestamp_echo != 0 && + dccp_insert_option_timestamp_echo(sk, skb)) + return -1; } if (dp->dccps_hc_rx_insert_options) { - ccid_hc_rx_insert_options(dp->dccps_hc_rx_ccid, sk, skb); + if (ccid_hc_rx_insert_options(dp->dccps_hc_rx_ccid, sk, skb)) + return -1; dp->dccps_hc_rx_insert_options = 0; } if (dp->dccps_hc_tx_insert_options) { - ccid_hc_tx_insert_options(dp->dccps_hc_tx_ccid, sk, skb); + if (ccid_hc_tx_insert_options(dp->dccps_hc_tx_ccid, sk, skb)) + return -1; dp->dccps_hc_tx_insert_options = 0; } + /* Feature negotiation */ + /* Data packets can't do feat negotiation */ + if (DCCP_SKB_CB(skb)->dccpd_type != DCCP_PKT_DATA && + DCCP_SKB_CB(skb)->dccpd_type != DCCP_PKT_DATAACK && + dccp_insert_options_feat(sk, skb)) + return -1; + /* XXX: insert other options when appropriate */ if (DCCP_SKB_CB(skb)->dccpd_opt_len != 0) { @@ -459,4 +584,6 @@ void dccp_insert_options(struct sock *sk, struct sk_buff *skb) DCCP_SKB_CB(skb)->dccpd_opt_len += padding; } } + + return 0; } diff --git a/net/dccp/output.c b/net/dccp/output.c index efd7ffb..7409e4a 100644 --- a/net/dccp/output.c +++ b/net/dccp/output.c @@ -27,7 +27,7 @@ static inline void dccp_event_ack_sent(struct sock *sk) inet_csk_clear_xmit_timer(sk, ICSK_TIME_DACK); } -static inline void dccp_skb_entail(struct sock *sk, struct sk_buff *skb) +static void dccp_skb_entail(struct sock *sk, struct sk_buff *skb) { skb_set_owner_w(skb, sk); WARN_ON(sk->sk_send_head); @@ -49,7 +49,7 @@ static int dccp_transmit_skb(struct sock *sk, struct sk_buff *skb) struct dccp_skb_cb *dcb = DCCP_SKB_CB(skb); struct dccp_hdr *dh; /* XXX For now we're using only 48 bits sequence numbers */ - const int dccp_header_size = sizeof(*dh) + + const u32 dccp_header_size = sizeof(*dh) + sizeof(struct dccp_hdr_ext) + dccp_packet_hdr_len(dcb->dccpd_type); int err, set_ack = 1; @@ -64,6 +64,10 @@ static int dccp_transmit_skb(struct sock *sk, struct sk_buff *skb) case DCCP_PKT_DATAACK: break; + case DCCP_PKT_REQUEST: + set_ack = 0; + /* fall through */ + case DCCP_PKT_SYNC: case DCCP_PKT_SYNCACK: ackno = dcb->dccpd_seq; @@ -79,7 +83,11 @@ static int dccp_transmit_skb(struct sock *sk, struct sk_buff *skb) } dcb->dccpd_seq = dp->dccps_gss; - dccp_insert_options(sk, skb); + + if (dccp_insert_options(sk, skb)) { + kfree_skb(skb); + return -EPROTO; + } skb->h.raw = skb_push(skb, dccp_header_size); dh = dccp_hdr(skb); @@ -275,17 +283,16 @@ struct sk_buff *dccp_make_response(struct sock *sk, struct dst_entry *dst, { struct dccp_hdr *dh; struct dccp_request_sock *dreq; - const int dccp_header_size = sizeof(struct dccp_hdr) + + const u32 dccp_header_size = sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_response); - struct sk_buff *skb = sock_wmalloc(sk, MAX_HEADER + DCCP_MAX_OPT_LEN + - dccp_header_size, 1, + struct sk_buff *skb = sock_wmalloc(sk, sk->sk_prot->max_header, 1, GFP_ATOMIC); if (skb == NULL) return NULL; /* Reserve space for headers. */ - skb_reserve(skb, MAX_HEADER + DCCP_MAX_OPT_LEN + dccp_header_size); + skb_reserve(skb, sk->sk_prot->max_header); skb->dst = dst_clone(dst); skb->csum = 0; @@ -293,7 +300,11 @@ struct sk_buff *dccp_make_response(struct sock *sk, struct dst_entry *dst, dreq = dccp_rsk(req); DCCP_SKB_CB(skb)->dccpd_type = DCCP_PKT_RESPONSE; DCCP_SKB_CB(skb)->dccpd_seq = dreq->dreq_iss; - dccp_insert_options(sk, skb); + + if (dccp_insert_options(sk, skb)) { + kfree_skb(skb); + return NULL; + } skb->h.raw = skb_push(skb, dccp_header_size); @@ -310,32 +321,28 @@ struct sk_buff *dccp_make_response(struct sock *sk, struct dst_entry *dst, dccp_hdr_set_ack(dccp_hdr_ack_bits(skb), dreq->dreq_isr); dccp_hdr_response(skb)->dccph_resp_service = dreq->dreq_service; - dh->dccph_checksum = dccp_v4_checksum(skb, inet_rsk(req)->loc_addr, - inet_rsk(req)->rmt_addr); - DCCP_INC_STATS(DCCP_MIB_OUTSEGS); return skb; } EXPORT_SYMBOL_GPL(dccp_make_response); -struct sk_buff *dccp_make_reset(struct sock *sk, struct dst_entry *dst, - const enum dccp_reset_codes code) +static struct sk_buff *dccp_make_reset(struct sock *sk, struct dst_entry *dst, + const enum dccp_reset_codes code) { struct dccp_hdr *dh; struct dccp_sock *dp = dccp_sk(sk); - const int dccp_header_size = sizeof(struct dccp_hdr) + + const u32 dccp_header_size = sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + sizeof(struct dccp_hdr_reset); - struct sk_buff *skb = sock_wmalloc(sk, MAX_HEADER + DCCP_MAX_OPT_LEN + - dccp_header_size, 1, + struct sk_buff *skb = sock_wmalloc(sk, sk->sk_prot->max_header, 1, GFP_ATOMIC); if (skb == NULL) return NULL; /* Reserve space for headers. */ - skb_reserve(skb, MAX_HEADER + DCCP_MAX_OPT_LEN + dccp_header_size); + skb_reserve(skb, sk->sk_prot->max_header); skb->dst = dst_clone(dst); skb->csum = 0; @@ -345,7 +352,11 @@ struct sk_buff *dccp_make_reset(struct sock *sk, struct dst_entry *dst, DCCP_SKB_CB(skb)->dccpd_reset_code = code; DCCP_SKB_CB(skb)->dccpd_type = DCCP_PKT_RESET; DCCP_SKB_CB(skb)->dccpd_seq = dp->dccps_gss; - dccp_insert_options(sk, skb); + + if (dccp_insert_options(sk, skb)) { + kfree_skb(skb); + return NULL; + } skb->h.raw = skb_push(skb, dccp_header_size); @@ -362,14 +373,34 @@ struct sk_buff *dccp_make_reset(struct sock *sk, struct dst_entry *dst, dccp_hdr_set_ack(dccp_hdr_ack_bits(skb), dp->dccps_gsr); dccp_hdr_reset(skb)->dccph_reset_code = code; - - dh->dccph_checksum = dccp_v4_checksum(skb, inet_sk(sk)->saddr, - inet_sk(sk)->daddr); + inet_csk(sk)->icsk_af_ops->send_check(sk, skb->len, skb); DCCP_INC_STATS(DCCP_MIB_OUTSEGS); return skb; } +int dccp_send_reset(struct sock *sk, enum dccp_reset_codes code) +{ + /* + * FIXME: what if rebuild_header fails? + * Should we be doing a rebuild_header here? + */ + int err = inet_sk_rebuild_header(sk); + + if (err == 0) { + struct sk_buff *skb = dccp_make_reset(sk, sk->sk_dst_cache, + code); + if (skb != NULL) { + memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt)); + err = inet_csk(sk)->icsk_af_ops->queue_xmit(skb, 0); + if (err == NET_XMIT_CN) + err = 0; + } + } + + return err; +} + /* * Do all connect socket setups that can be done AF independent. */ @@ -405,12 +436,12 @@ int dccp_connect(struct sock *sk) dccp_connect_init(sk); - skb = alloc_skb(MAX_DCCP_HEADER + 15, sk->sk_allocation); + skb = alloc_skb(sk->sk_prot->max_header, sk->sk_allocation); if (unlikely(skb == NULL)) return -ENOBUFS; /* Reserve space for headers. */ - skb_reserve(skb, MAX_DCCP_HEADER); + skb_reserve(skb, sk->sk_prot->max_header); DCCP_SKB_CB(skb)->dccpd_type = DCCP_PKT_REQUEST; skb->csum = 0; @@ -431,7 +462,8 @@ void dccp_send_ack(struct sock *sk) { /* If we have been reset, we may not send again. */ if (sk->sk_state != DCCP_CLOSED) { - struct sk_buff *skb = alloc_skb(MAX_DCCP_HEADER, GFP_ATOMIC); + struct sk_buff *skb = alloc_skb(sk->sk_prot->max_header, + GFP_ATOMIC); if (skb == NULL) { inet_csk_schedule_ack(sk); @@ -443,7 +475,7 @@ void dccp_send_ack(struct sock *sk) } /* Reserve space for headers */ - skb_reserve(skb, MAX_DCCP_HEADER); + skb_reserve(skb, sk->sk_prot->max_header); skb->csum = 0; DCCP_SKB_CB(skb)->dccpd_type = DCCP_PKT_ACK; dccp_transmit_skb(sk, skb); @@ -490,14 +522,14 @@ void dccp_send_sync(struct sock *sk, const u64 seq, * dccp_transmit_skb() will set the ownership to this * sock. */ - struct sk_buff *skb = alloc_skb(MAX_DCCP_HEADER, GFP_ATOMIC); + struct sk_buff *skb = alloc_skb(sk->sk_prot->max_header, GFP_ATOMIC); if (skb == NULL) /* FIXME: how to make sure the sync is sent? */ return; /* Reserve space for headers and prepare control bits. */ - skb_reserve(skb, MAX_DCCP_HEADER); + skb_reserve(skb, sk->sk_prot->max_header); skb->csum = 0; DCCP_SKB_CB(skb)->dccpd_type = pkt_type; DCCP_SKB_CB(skb)->dccpd_seq = seq; @@ -505,6 +537,8 @@ void dccp_send_sync(struct sock *sk, const u64 seq, dccp_transmit_skb(sk, skb); } +EXPORT_SYMBOL_GPL(dccp_send_sync); + /* * Send a DCCP_PKT_CLOSE/CLOSEREQ. The caller locks the socket for us. This * cannot be allowed to fail queueing a DCCP_PKT_CLOSE/CLOSEREQ frame under diff --git a/net/dccp/proto.c b/net/dccp/proto.c index 65b11ea..1ff7328 100644 --- a/net/dccp/proto.c +++ b/net/dccp/proto.c @@ -23,9 +23,7 @@ #include <linux/random.h> #include <net/checksum.h> -#include <net/inet_common.h> #include <net/inet_sock.h> -#include <net/protocol.h> #include <net/sock.h> #include <net/xfrm.h> @@ -37,6 +35,7 @@ #include "ccid.h" #include "dccp.h" +#include "feat.h" DEFINE_SNMP_STAT(struct dccp_mib, dccp_statistics) __read_mostly; @@ -46,12 +45,66 @@ atomic_t dccp_orphan_count = ATOMIC_INIT(0); EXPORT_SYMBOL_GPL(dccp_orphan_count); -static struct net_protocol dccp_protocol = { - .handler = dccp_v4_rcv, - .err_handler = dccp_v4_err, - .no_policy = 1, +struct inet_hashinfo __cacheline_aligned dccp_hashinfo = { + .lhash_lock = RW_LOCK_UNLOCKED, + .lhash_users = ATOMIC_INIT(0), + .lhash_wait = __WAIT_QUEUE_HEAD_INITIALIZER(dccp_hashinfo.lhash_wait), }; +EXPORT_SYMBOL_GPL(dccp_hashinfo); + +void dccp_set_state(struct sock *sk, const int state) +{ + const int oldstate = sk->sk_state; + + dccp_pr_debug("%s(%p) %-10.10s -> %s\n", + dccp_role(sk), sk, + dccp_state_name(oldstate), dccp_state_name(state)); + WARN_ON(state == oldstate); + + switch (state) { + case DCCP_OPEN: + if (oldstate != DCCP_OPEN) + DCCP_INC_STATS(DCCP_MIB_CURRESTAB); + break; + + case DCCP_CLOSED: + if (oldstate == DCCP_CLOSING || oldstate == DCCP_OPEN) + DCCP_INC_STATS(DCCP_MIB_ESTABRESETS); + + sk->sk_prot->unhash(sk); + if (inet_csk(sk)->icsk_bind_hash != NULL && + !(sk->sk_userlocks & SOCK_BINDPORT_LOCK)) + inet_put_port(&dccp_hashinfo, sk); + /* fall through */ + default: + if (oldstate == DCCP_OPEN) + DCCP_DEC_STATS(DCCP_MIB_CURRESTAB); + } + + /* Change state AFTER socket is unhashed to avoid closed + * socket sitting in hash tables. + */ + sk->sk_state = state; +} + +EXPORT_SYMBOL_GPL(dccp_set_state); + +void dccp_done(struct sock *sk) +{ + dccp_set_state(sk, DCCP_CLOSED); + dccp_clear_xmit_timers(sk); + + sk->sk_shutdown = SHUTDOWN_MASK; + + if (!sock_flag(sk, SOCK_DEAD)) + sk->sk_state_change(sk); + else + inet_csk_destroy_sock(sk); +} + +EXPORT_SYMBOL_GPL(dccp_done); + const char *dccp_packet_name(const int type) { static const char *dccp_packet_names[] = { @@ -96,6 +149,120 @@ const char *dccp_state_name(const int state) EXPORT_SYMBOL_GPL(dccp_state_name); +void dccp_hash(struct sock *sk) +{ + inet_hash(&dccp_hashinfo, sk); +} + +EXPORT_SYMBOL_GPL(dccp_hash); + +void dccp_unhash(struct sock *sk) +{ + inet_unhash(&dccp_hashinfo, sk); +} + +EXPORT_SYMBOL_GPL(dccp_unhash); + +int dccp_init_sock(struct sock *sk, const __u8 ctl_sock_initialized) +{ + struct dccp_sock *dp = dccp_sk(sk); + struct dccp_minisock *dmsk = dccp_msk(sk); + struct inet_connection_sock *icsk = inet_csk(sk); + + dccp_minisock_init(&dp->dccps_minisock); + do_gettimeofday(&dp->dccps_epoch); + + /* + * FIXME: We're hardcoding the CCID, and doing this at this point makes + * the listening (master) sock get CCID control blocks, which is not + * necessary, but for now, to not mess with the test userspace apps, + * lets leave it here, later the real solution is to do this in a + * setsockopt(CCIDs-I-want/accept). -acme + */ + if (likely(ctl_sock_initialized)) { + int rc = dccp_feat_init(dmsk); + + if (rc) + return rc; + + if (dmsk->dccpms_send_ack_vector) { + dp->dccps_hc_rx_ackvec = dccp_ackvec_alloc(GFP_KERNEL); + if (dp->dccps_hc_rx_ackvec == NULL) + return -ENOMEM; + } + dp->dccps_hc_rx_ccid = ccid_hc_rx_new(dmsk->dccpms_rx_ccid, + sk, GFP_KERNEL); + dp->dccps_hc_tx_ccid = ccid_hc_tx_new(dmsk->dccpms_tx_ccid, + sk, GFP_KERNEL); + if (unlikely(dp->dccps_hc_rx_ccid == NULL || + dp->dccps_hc_tx_ccid == NULL)) { + ccid_hc_rx_delete(dp->dccps_hc_rx_ccid, sk); + ccid_hc_tx_delete(dp->dccps_hc_tx_ccid, sk); + if (dmsk->dccpms_send_ack_vector) { + dccp_ackvec_free(dp->dccps_hc_rx_ackvec); + dp->dccps_hc_rx_ackvec = NULL; + } + dp->dccps_hc_rx_ccid = dp->dccps_hc_tx_ccid = NULL; + return -ENOMEM; + } + } else { + /* control socket doesn't need feat nego */ + INIT_LIST_HEAD(&dmsk->dccpms_pending); + INIT_LIST_HEAD(&dmsk->dccpms_conf); + } + + dccp_init_xmit_timers(sk); + icsk->icsk_rto = DCCP_TIMEOUT_INIT; + sk->sk_state = DCCP_CLOSED; + sk->sk_write_space = dccp_write_space; + icsk->icsk_sync_mss = dccp_sync_mss; + dp->dccps_mss_cache = 536; + dp->dccps_role = DCCP_ROLE_UNDEFINED; + dp->dccps_service = DCCP_SERVICE_INVALID_VALUE; + dp->dccps_l_ack_ratio = dp->dccps_r_ack_ratio = 1; + + return 0; +} + +EXPORT_SYMBOL_GPL(dccp_init_sock); + +int dccp_destroy_sock(struct sock *sk) +{ + struct dccp_sock *dp = dccp_sk(sk); + struct dccp_minisock *dmsk = dccp_msk(sk); + + /* + * DCCP doesn't use sk_write_queue, just sk_send_head + * for retransmissions + */ + if (sk->sk_send_head != NULL) { + kfree_skb(sk->sk_send_head); + sk->sk_send_head = NULL; + } + + /* Clean up a referenced DCCP bind bucket. */ + if (inet_csk(sk)->icsk_bind_hash != NULL) + inet_put_port(&dccp_hashinfo, sk); + + kfree(dp->dccps_service_list); + dp->dccps_service_list = NULL; + + if (dmsk->dccpms_send_ack_vector) { + dccp_ackvec_free(dp->dccps_hc_rx_ackvec); + dp->dccps_hc_rx_ackvec = NULL; + } + ccid_hc_rx_delete(dp->dccps_hc_rx_ccid, sk); + ccid_hc_tx_delete(dp->dccps_hc_tx_ccid, sk); + dp->dccps_hc_rx_ccid = dp->dccps_hc_tx_ccid = NULL; + + /* clean up feature negotiation state */ + dccp_feat_clean(dmsk); + + return 0; +} + +EXPORT_SYMBOL_GPL(dccp_destroy_sock); + static inline int dccp_listen_start(struct sock *sk) { struct dccp_sock *dp = dccp_sk(sk); @@ -183,7 +350,7 @@ unsigned int dccp_poll(struct file *file, struct socket *sock, if (sk->sk_shutdown == SHUTDOWN_MASK || sk->sk_state == DCCP_CLOSED) mask |= POLLHUP; if (sk->sk_shutdown & RCV_SHUTDOWN) - mask |= POLLIN | POLLRDNORM; + mask |= POLLIN | POLLRDNORM | POLLRDHUP; /* Connected? */ if ((1 << sk->sk_state) & ~(DCCPF_REQUESTING | DCCPF_RESPOND)) { @@ -220,7 +387,7 @@ int dccp_ioctl(struct sock *sk, int cmd, unsigned long arg) EXPORT_SYMBOL_GPL(dccp_ioctl); -static int dccp_setsockopt_service(struct sock *sk, const u32 service, +static int dccp_setsockopt_service(struct sock *sk, const __be32 service, char __user *optval, int optlen) { struct dccp_sock *dp = dccp_sk(sk); @@ -255,18 +422,46 @@ static int dccp_setsockopt_service(struct sock *sk, const u32 service, return 0; } -int dccp_setsockopt(struct sock *sk, int level, int optname, - char __user *optval, int optlen) +/* byte 1 is feature. the rest is the preference list */ +static int dccp_setsockopt_change(struct sock *sk, int type, + struct dccp_so_feat __user *optval) +{ + struct dccp_so_feat opt; + u8 *val; + int rc; + + if (copy_from_user(&opt, optval, sizeof(opt))) + return -EFAULT; + + val = kmalloc(opt.dccpsf_len, GFP_KERNEL); + if (!val) + return -ENOMEM; + + if (copy_from_user(val, opt.dccpsf_val, opt.dccpsf_len)) { + rc = -EFAULT; + goto out_free_val; + } + + rc = dccp_feat_change(dccp_msk(sk), type, opt.dccpsf_feat, + val, opt.dccpsf_len, GFP_KERNEL); + if (rc) + goto out_free_val; + +out: + return rc; + +out_free_val: + kfree(val); + goto out; +} + +static int do_dccp_setsockopt(struct sock *sk, int level, int optname, + char __user *optval, int optlen) { struct dccp_sock *dp; int err; int val; - if (level != SOL_DCCP) - return inet_csk(sk)->icsk_af_ops->setsockopt(sk, level, - optname, optval, - optlen); - if (optlen < sizeof(int)) return -EINVAL; @@ -284,6 +479,25 @@ int dccp_setsockopt(struct sock *sk, int level, int optname, case DCCP_SOCKOPT_PACKET_SIZE: dp->dccps_packet_size = val; break; + + case DCCP_SOCKOPT_CHANGE_L: + if (optlen != sizeof(struct dccp_so_feat)) + err = -EINVAL; + else + err = dccp_setsockopt_change(sk, DCCPO_CHANGE_L, + (struct dccp_so_feat *) + optval); + break; + + case DCCP_SOCKOPT_CHANGE_R: + if (optlen != sizeof(struct dccp_so_feat)) + err = -EINVAL; + else + err = dccp_setsockopt_change(sk, DCCPO_CHANGE_R, + (struct dccp_so_feat *) + optval); + break; + default: err = -ENOPROTOOPT; break; @@ -293,10 +507,33 @@ int dccp_setsockopt(struct sock *sk, int level, int optname, return err; } +int dccp_setsockopt(struct sock *sk, int level, int optname, + char __user *optval, int optlen) +{ + if (level != SOL_DCCP) + return inet_csk(sk)->icsk_af_ops->setsockopt(sk, level, + optname, optval, + optlen); + return do_dccp_setsockopt(sk, level, optname, optval, optlen); +} + EXPORT_SYMBOL_GPL(dccp_setsockopt); +#ifdef CONFIG_COMPAT +int compat_dccp_setsockopt(struct sock *sk, int level, int optname, + char __user *optval, int optlen) +{ + if (level != SOL_DCCP) + return inet_csk_compat_setsockopt(sk, level, optname, + optval, optlen); + return do_dccp_setsockopt(sk, level, optname, optval, optlen); +} + +EXPORT_SYMBOL_GPL(compat_dccp_setsockopt); +#endif + static int dccp_getsockopt_service(struct sock *sk, int len, - u32 __user *optval, + __be32 __user *optval, int __user *optlen) { const struct dccp_sock *dp = dccp_sk(sk); @@ -326,16 +563,12 @@ out: return err; } -int dccp_getsockopt(struct sock *sk, int level, int optname, +static int do_dccp_getsockopt(struct sock *sk, int level, int optname, char __user *optval, int __user *optlen) { struct dccp_sock *dp; int val, len; - if (level != SOL_DCCP) - return inet_csk(sk)->icsk_af_ops->getsockopt(sk, level, - optname, optval, - optlen); if (get_user(len, optlen)) return -EFAULT; @@ -351,7 +584,7 @@ int dccp_getsockopt(struct sock *sk, int level, int optname, break; case DCCP_SOCKOPT_SERVICE: return dccp_getsockopt_service(sk, len, - (u32 __user *)optval, optlen); + (__be32 __user *)optval, optlen); case 128 ... 191: return ccid_hc_rx_getsockopt(dp->dccps_hc_rx_ccid, sk, optname, len, (u32 __user *)optval, optlen); @@ -368,8 +601,31 @@ int dccp_getsockopt(struct sock *sk, int level, int optname, return 0; } +int dccp_getsockopt(struct sock *sk, int level, int optname, + char __user *optval, int __user *optlen) +{ + if (level != SOL_DCCP) + return inet_csk(sk)->icsk_af_ops->getsockopt(sk, level, + optname, optval, + optlen); + return do_dccp_getsockopt(sk, level, optname, optval, optlen); +} + EXPORT_SYMBOL_GPL(dccp_getsockopt); +#ifdef CONFIG_COMPAT +int compat_dccp_getsockopt(struct sock *sk, int level, int optname, + char __user *optval, int __user *optlen) +{ + if (level != SOL_DCCP) + return inet_csk_compat_getsockopt(sk, level, optname, + optval, optlen); + return do_dccp_getsockopt(sk, level, optname, optval, optlen); +} + +EXPORT_SYMBOL_GPL(compat_dccp_getsockopt); +#endif + int dccp_sendmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, size_t len) { @@ -679,84 +935,7 @@ void dccp_shutdown(struct sock *sk, int how) EXPORT_SYMBOL_GPL(dccp_shutdown); -static const struct proto_ops inet_dccp_ops = { - .family = PF_INET, - .owner = THIS_MODULE, - .release = inet_release, - .bind = inet_bind, - .connect = inet_stream_connect, - .socketpair = sock_no_socketpair, - .accept = inet_accept, - .getname = inet_getname, - /* FIXME: work on tcp_poll to rename it to inet_csk_poll */ - .poll = dccp_poll, - .ioctl = inet_ioctl, - /* FIXME: work on inet_listen to rename it to sock_common_listen */ - .listen = inet_dccp_listen, - .shutdown = inet_shutdown, - .setsockopt = sock_common_setsockopt, - .getsockopt = sock_common_getsockopt, - .sendmsg = inet_sendmsg, - .recvmsg = sock_common_recvmsg, - .mmap = sock_no_mmap, - .sendpage = sock_no_sendpage, -}; - -extern struct net_proto_family inet_family_ops; - -static struct inet_protosw dccp_v4_protosw = { - .type = SOCK_DCCP, - .protocol = IPPROTO_DCCP, - .prot = &dccp_prot, - .ops = &inet_dccp_ops, - .capability = -1, - .no_check = 0, - .flags = INET_PROTOSW_ICSK, -}; - -/* - * This is the global socket data structure used for responding to - * the Out-of-the-blue (OOTB) packets. A control sock will be created - * for this socket at the initialization time. - */ -struct socket *dccp_ctl_socket; - -static char dccp_ctl_socket_err_msg[] __initdata = - KERN_ERR "DCCP: Failed to create the control socket.\n"; - -static int __init dccp_ctl_sock_init(void) -{ - int rc = sock_create_kern(PF_INET, SOCK_DCCP, IPPROTO_DCCP, - &dccp_ctl_socket); - if (rc < 0) - printk(dccp_ctl_socket_err_msg); - else { - dccp_ctl_socket->sk->sk_allocation = GFP_ATOMIC; - inet_sk(dccp_ctl_socket->sk)->uc_ttl = -1; - - /* Unhash it so that IP input processing does not even - * see it, we do not wish this socket to see incoming - * packets. - */ - dccp_ctl_socket->sk->sk_prot->unhash(dccp_ctl_socket->sk); - } - - return rc; -} - -#ifdef CONFIG_IP_DCCP_UNLOAD_HACK -void dccp_ctl_sock_exit(void) -{ - if (dccp_ctl_socket != NULL) { - sock_release(dccp_ctl_socket); - dccp_ctl_socket = NULL; - } -} - -EXPORT_SYMBOL_GPL(dccp_ctl_sock_exit); -#endif - -static int __init init_dccp_v4_mibs(void) +static int __init dccp_mib_init(void) { int rc = -ENOMEM; @@ -778,6 +957,13 @@ out_free_one: } +static void dccp_mib_exit(void) +{ + free_percpu(dccp_statistics[0]); + free_percpu(dccp_statistics[1]); + dccp_statistics[0] = dccp_statistics[1] = NULL; +} + static int thash_entries; module_param(thash_entries, int, 0444); MODULE_PARM_DESC(thash_entries, "Number of ehash buckets"); @@ -794,17 +980,14 @@ static int __init dccp_init(void) { unsigned long goal; int ehash_order, bhash_order, i; - int rc = proto_register(&dccp_prot, 1); - - if (rc) - goto out; + int rc = -ENOBUFS; dccp_hashinfo.bind_bucket_cachep = kmem_cache_create("dccp_bind_bucket", sizeof(struct inet_bind_bucket), 0, SLAB_HWCACHE_ALIGN, NULL, NULL); if (!dccp_hashinfo.bind_bucket_cachep) - goto out_proto_unregister; + goto out; /* * Size and allocate the main established and bind bucket @@ -866,27 +1049,23 @@ static int __init dccp_init(void) INIT_HLIST_HEAD(&dccp_hashinfo.bhash[i].chain); } - if (init_dccp_v4_mibs()) + rc = dccp_mib_init(); + if (rc) goto out_free_dccp_bhash; - rc = -EAGAIN; - if (inet_add_protocol(&dccp_protocol, IPPROTO_DCCP)) - goto out_free_dccp_v4_mibs; - - inet_register_protosw(&dccp_v4_protosw); + rc = dccp_ackvec_init(); + if (rc) + goto out_free_dccp_mib; - rc = dccp_ctl_sock_init(); + rc = dccp_sysctl_init(); if (rc) - goto out_unregister_protosw; + goto out_ackvec_exit; out: return rc; -out_unregister_protosw: - inet_unregister_protosw(&dccp_v4_protosw); - inet_del_protocol(&dccp_protocol, IPPROTO_DCCP); -out_free_dccp_v4_mibs: - free_percpu(dccp_statistics[0]); - free_percpu(dccp_statistics[1]); - dccp_statistics[0] = dccp_statistics[1] = NULL; +out_ackvec_exit: + dccp_ackvec_exit(); +out_free_dccp_mib: + dccp_mib_exit(); out_free_dccp_bhash: free_pages((unsigned long)dccp_hashinfo.bhash, bhash_order); dccp_hashinfo.bhash = NULL; @@ -896,23 +1075,12 @@ out_free_dccp_ehash: out_free_bind_bucket_cachep: kmem_cache_destroy(dccp_hashinfo.bind_bucket_cachep); dccp_hashinfo.bind_bucket_cachep = NULL; -out_proto_unregister: - proto_unregister(&dccp_prot); goto out; } -static const char dccp_del_proto_err_msg[] __exitdata = - KERN_ERR "can't remove dccp net_protocol\n"; - static void __exit dccp_fini(void) { - inet_unregister_protosw(&dccp_v4_protosw); - - if (inet_del_protocol(&dccp_protocol, IPPROTO_DCCP) < 0) - printk(dccp_del_proto_err_msg); - - free_percpu(dccp_statistics[0]); - free_percpu(dccp_statistics[1]); + dccp_mib_exit(); free_pages((unsigned long)dccp_hashinfo.bhash, get_order(dccp_hashinfo.bhash_size * sizeof(struct inet_bind_hashbucket))); @@ -920,19 +1088,13 @@ static void __exit dccp_fini(void) get_order(dccp_hashinfo.ehash_size * sizeof(struct inet_ehash_bucket))); kmem_cache_destroy(dccp_hashinfo.bind_bucket_cachep); - proto_unregister(&dccp_prot); + dccp_ackvec_exit(); + dccp_sysctl_exit(); } module_init(dccp_init); module_exit(dccp_fini); -/* - * __stringify doesn't likes enums, so use SOCK_DCCP (6) and IPPROTO_DCCP (33) - * values directly, Also cover the case where the protocol is not specified, - * i.e. net-pf-PF_INET-proto-0-type-SOCK_DCCP - */ -MODULE_ALIAS("net-pf-" __stringify(PF_INET) "-proto-33-type-6"); -MODULE_ALIAS("net-pf-" __stringify(PF_INET) "-proto-0-type-6"); MODULE_LICENSE("GPL"); MODULE_AUTHOR("Arnaldo Carvalho de Melo <acme@conectiva.com.br>"); MODULE_DESCRIPTION("DCCP - Datagram Congestion Controlled Protocol"); diff --git a/net/dccp/sysctl.c b/net/dccp/sysctl.c new file mode 100644 index 0000000..64c89e9 --- /dev/null +++ b/net/dccp/sysctl.c @@ -0,0 +1,124 @@ +/* + * net/dccp/sysctl.c + * + * An implementation of the DCCP protocol + * Arnaldo Carvalho de Melo <acme@mandriva.com> + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License v2 + * as published by the Free Software Foundation. + */ + +#include <linux/config.h> +#include <linux/mm.h> +#include <linux/sysctl.h> + +#ifndef CONFIG_SYSCTL +#error This file should not be compiled without CONFIG_SYSCTL defined +#endif + +extern int dccp_feat_default_sequence_window; +extern int dccp_feat_default_rx_ccid; +extern int dccp_feat_default_tx_ccid; +extern int dccp_feat_default_ack_ratio; +extern int dccp_feat_default_send_ack_vector; +extern int dccp_feat_default_send_ndp_count; + +static struct ctl_table dccp_default_table[] = { + { + .ctl_name = NET_DCCP_DEFAULT_SEQ_WINDOW, + .procname = "seq_window", + .data = &dccp_feat_default_sequence_window, + .maxlen = sizeof(dccp_feat_default_sequence_window), + .mode = 0644, + .proc_handler = proc_dointvec, + }, + { + .ctl_name = NET_DCCP_DEFAULT_RX_CCID, + .procname = "rx_ccid", + .data = &dccp_feat_default_rx_ccid, + .maxlen = sizeof(dccp_feat_default_rx_ccid), + .mode = 0644, + .proc_handler = proc_dointvec, + }, + { + .ctl_name = NET_DCCP_DEFAULT_TX_CCID, + .procname = "tx_ccid", + .data = &dccp_feat_default_tx_ccid, + .maxlen = sizeof(dccp_feat_default_tx_ccid), + .mode = 0644, + .proc_handler = proc_dointvec, + }, + { + .ctl_name = NET_DCCP_DEFAULT_ACK_RATIO, + .procname = "ack_ratio", + .data = &dccp_feat_default_ack_ratio, + .maxlen = sizeof(dccp_feat_default_ack_ratio), + .mode = 0644, + .proc_handler = proc_dointvec, + }, + { + .ctl_name = NET_DCCP_DEFAULT_SEND_ACKVEC, + .procname = "send_ackvec", + .data = &dccp_feat_default_send_ack_vector, + .maxlen = sizeof(dccp_feat_default_send_ack_vector), + .mode = 0644, + .proc_handler = proc_dointvec, + }, + { + .ctl_name = NET_DCCP_DEFAULT_SEND_NDP, + .procname = "send_ndp", + .data = &dccp_feat_default_send_ndp_count, + .maxlen = sizeof(dccp_feat_default_send_ndp_count), + .mode = 0644, + .proc_handler = proc_dointvec, + }, + { .ctl_name = 0, } +}; + +static struct ctl_table dccp_table[] = { + { + .ctl_name = NET_DCCP_DEFAULT, + .procname = "default", + .mode = 0555, + .child = dccp_default_table, + }, + { .ctl_name = 0, }, +}; + +static struct ctl_table dccp_dir_table[] = { + { + .ctl_name = NET_DCCP, + .procname = "dccp", + .mode = 0555, + .child = dccp_table, + }, + { .ctl_name = 0, }, +}; + +static struct ctl_table dccp_root_table[] = { + { + .ctl_name = CTL_NET, + .procname = "net", + .mode = 0555, + .child = dccp_dir_table, + }, + { .ctl_name = 0, }, +}; + +static struct ctl_table_header *dccp_table_header; + +int __init dccp_sysctl_init(void) +{ + dccp_table_header = register_sysctl_table(dccp_root_table, 1); + + return dccp_table_header != NULL ? 0 : -ENOMEM; +} + +void dccp_sysctl_exit(void) +{ + if (dccp_table_header != NULL) { + unregister_sysctl_table(dccp_table_header); + dccp_table_header = NULL; + } +} diff --git a/net/dccp/timer.c b/net/dccp/timer.c index aa34b57..5244415 100644 --- a/net/dccp/timer.c +++ b/net/dccp/timer.c @@ -31,7 +31,7 @@ static void dccp_write_err(struct sock *sk) sk->sk_err = sk->sk_err_soft ? : ETIMEDOUT; sk->sk_error_report(sk); - dccp_v4_send_reset(sk, DCCP_RESET_CODE_ABORTED); + dccp_send_reset(sk, DCCP_RESET_CODE_ABORTED); dccp_done(sk); DCCP_INC_STATS_BH(DCCP_MIB_ABORTONTIMEOUT); } @@ -141,6 +141,17 @@ static void dccp_retransmit_timer(struct sock *sk) { struct inet_connection_sock *icsk = inet_csk(sk); + /* retransmit timer is used for feature negotiation throughout + * connection. In this case, no packet is re-transmitted, but rather an + * ack is generated and pending changes are splaced into its options. + */ + if (sk->sk_send_head == NULL) { + dccp_pr_debug("feat negotiation retransmit timeout %p\n", sk); + if (sk->sk_state == DCCP_OPEN) + dccp_send_ack(sk); + goto backoff; + } + /* * sk->sk_send_head has to have one skb with * DCCP_SKB_CB(skb)->dccpd_type set to one of the retransmittable DCCP @@ -177,6 +188,7 @@ static void dccp_retransmit_timer(struct sock *sk) goto out; } +backoff: icsk->icsk_backoff++; icsk->icsk_retransmits++; diff --git a/net/decnet/af_decnet.c b/net/decnet/af_decnet.c index ce4aaf9..2b289ef 100644 --- a/net/decnet/af_decnet.c +++ b/net/decnet/af_decnet.c @@ -172,7 +172,7 @@ static struct hlist_head *dn_find_list(struct sock *sk) /* * Valid ports are those greater than zero and not already in use. */ -static int check_port(unsigned short port) +static int check_port(__le16 port) { struct sock *sk; struct hlist_node *node; @@ -661,7 +661,7 @@ disc_reject: } } -char *dn_addr2asc(dn_address addr, char *buf) +char *dn_addr2asc(__u16 addr, char *buf) { unsigned short node, area; @@ -801,7 +801,7 @@ static int dn_auto_bind(struct socket *sock) /* End of compatibility stuff */ scp->addr.sdn_add.a_len = dn_htons(2); - rv = dn_dev_bind_default((dn_address *)scp->addr.sdn_add.a_addr); + rv = dn_dev_bind_default((__le16 *)scp->addr.sdn_add.a_addr); if (rv == 0) { rv = dn_hash_sock(sk); if (rv) @@ -1021,7 +1021,7 @@ static void dn_user_copy(struct sk_buff *skb, struct optdata_dn *opt) opt->opt_optl = *ptr++; opt->opt_status = 0; memcpy(opt->opt_data, ptr, opt->opt_optl); - skb_pull(skb, opt->opt_optl + 1); + skb_pull(skb, dn_ntohs(opt->opt_optl) + 1); } @@ -1121,8 +1121,8 @@ static int dn_accept(struct socket *sock, struct socket *newsock, int flags) skb_pull(skb, dn_username2sockaddr(skb->data, skb->len, &(DN_SK(newsk)->addr), &type)); skb_pull(skb, dn_username2sockaddr(skb->data, skb->len, &(DN_SK(newsk)->peer), &type)); - *(dn_address *)(DN_SK(newsk)->peer.sdn_add.a_addr) = cb->src; - *(dn_address *)(DN_SK(newsk)->addr.sdn_add.a_addr) = cb->dst; + *(__le16 *)(DN_SK(newsk)->peer.sdn_add.a_addr) = cb->src; + *(__le16 *)(DN_SK(newsk)->addr.sdn_add.a_addr) = cb->dst; menuver = *skb->data; skb_pull(skb, 1); @@ -1365,7 +1365,7 @@ static int __dn_setsockopt(struct socket *sock, int level,int optname, char __us if (optlen != sizeof(struct optdata_dn)) return -EINVAL; - if (u.opt.opt_optl > 16) + if (dn_ntohs(u.opt.opt_optl) > 16) return -EINVAL; memcpy(&scp->conndata_out, &u.opt, optlen); @@ -1378,7 +1378,7 @@ static int __dn_setsockopt(struct socket *sock, int level,int optname, char __us if (optlen != sizeof(struct optdata_dn)) return -EINVAL; - if (u.opt.opt_optl > 16) + if (dn_ntohs(u.opt.opt_optl) > 16) return -EINVAL; memcpy(&scp->discdata_out, &u.opt, optlen); @@ -1693,7 +1693,7 @@ static int dn_recvmsg(struct kiocb *iocb, struct socket *sock, if (rv) goto out; - if (flags & ~(MSG_PEEK|MSG_OOB|MSG_WAITALL|MSG_DONTWAIT|MSG_NOSIGNAL)) { + if (flags & ~(MSG_CMSG_COMPAT|MSG_PEEK|MSG_OOB|MSG_WAITALL|MSG_DONTWAIT|MSG_NOSIGNAL)) { rv = -EOPNOTSUPP; goto out; } diff --git a/net/decnet/dn_dev.c b/net/decnet/dn_dev.c index efbead8..d2ae989 100644 --- a/net/decnet/dn_dev.c +++ b/net/decnet/dn_dev.c @@ -64,11 +64,11 @@ extern struct neigh_table dn_neigh_table; /* * decnet_address is kept in network order. */ -dn_address decnet_address = 0; +__le16 decnet_address = 0; static DEFINE_RWLOCK(dndev_lock); static struct net_device *decnet_default_device; -static struct notifier_block *dnaddr_chain; +static BLOCKING_NOTIFIER_HEAD(dnaddr_chain); static struct dn_dev *dn_dev_create(struct net_device *dev, int *err); static void dn_dev_delete(struct net_device *dev); @@ -439,14 +439,14 @@ static void dn_dev_del_ifa(struct dn_dev *dn_db, struct dn_ifaddr **ifap, int de *ifap = ifa1->ifa_next; if (dn_db->dev->type == ARPHRD_ETHER) { - if (ifa1->ifa_local != dn_htons(dn_eth2dn(dev->dev_addr))) { + if (ifa1->ifa_local != dn_eth2dn(dev->dev_addr)) { dn_dn2eth(mac_addr, ifa1->ifa_local); dev_mc_delete(dev, mac_addr, ETH_ALEN, 0); } } rtmsg_ifa(RTM_DELADDR, ifa1); - notifier_call_chain(&dnaddr_chain, NETDEV_DOWN, ifa1); + blocking_notifier_call_chain(&dnaddr_chain, NETDEV_DOWN, ifa1); if (destroy) { dn_dev_free_ifa(ifa1); @@ -470,7 +470,7 @@ static int dn_dev_insert_ifa(struct dn_dev *dn_db, struct dn_ifaddr *ifa) } if (dev->type == ARPHRD_ETHER) { - if (ifa->ifa_local != dn_htons(dn_eth2dn(dev->dev_addr))) { + if (ifa->ifa_local != dn_eth2dn(dev->dev_addr)) { dn_dn2eth(mac_addr, ifa->ifa_local); dev_mc_add(dev, mac_addr, ETH_ALEN, 0); dev_mc_upload(dev); @@ -481,7 +481,7 @@ static int dn_dev_insert_ifa(struct dn_dev *dn_db, struct dn_ifaddr *ifa) dn_db->ifa_list = ifa; rtmsg_ifa(RTM_NEWADDR, ifa); - notifier_call_chain(&dnaddr_chain, NETDEV_UP, ifa); + blocking_notifier_call_chain(&dnaddr_chain, NETDEV_UP, ifa); return 0; } @@ -561,7 +561,7 @@ int dn_dev_ioctl(unsigned int cmd, void __user *arg) switch(cmd) { case SIOCGIFADDR: - *((dn_address *)sdn->sdn_nodeaddr) = ifa->ifa_local; + *((__le16 *)sdn->sdn_nodeaddr) = ifa->ifa_local; goto rarok; case SIOCSIFADDR: @@ -804,7 +804,7 @@ done: return skb->len; } -static int dn_dev_get_first(struct net_device *dev, dn_address *addr) +static int dn_dev_get_first(struct net_device *dev, __le16 *addr) { struct dn_dev *dn_db = (struct dn_dev *)dev->dn_ptr; struct dn_ifaddr *ifa; @@ -830,7 +830,7 @@ out: * a sensible default. Eventually the routing code will take care of all the * nasties for us I hope. */ -int dn_dev_bind_default(dn_address *addr) +int dn_dev_bind_default(__le16 *addr) { struct net_device *dev; int rv; @@ -853,7 +853,7 @@ static void dn_send_endnode_hello(struct net_device *dev, struct dn_ifaddr *ifa) { struct endnode_hello_message *msg; struct sk_buff *skb = NULL; - unsigned short int *pktlen; + __le16 *pktlen; struct dn_dev *dn_db = (struct dn_dev *)dev->dn_ptr; if ((skb = dn_alloc_skb(NULL, sizeof(*msg), GFP_ATOMIC)) == NULL) @@ -882,7 +882,7 @@ static void dn_send_endnode_hello(struct net_device *dev, struct dn_ifaddr *ifa) msg->datalen = 0x02; memset(msg->data, 0xAA, 2); - pktlen = (unsigned short *)skb_push(skb,2); + pktlen = (__le16 *)skb_push(skb,2); *pktlen = dn_htons(skb->len - 2); skb->nh.raw = skb->data; @@ -926,7 +926,7 @@ static void dn_send_router_hello(struct net_device *dev, struct dn_ifaddr *ifa) size_t size; unsigned char *ptr; unsigned char *i1, *i2; - unsigned short *pktlen; + __le16 *pktlen; char *src; if (mtu2blksize(dev) < (26 + 7)) @@ -955,11 +955,11 @@ static void dn_send_router_hello(struct net_device *dev, struct dn_ifaddr *ifa) ptr += ETH_ALEN; *ptr++ = dn_db->parms.forwarding == 1 ? DN_RT_INFO_L1RT : DN_RT_INFO_L2RT; - *((unsigned short *)ptr) = dn_htons(mtu2blksize(dev)); + *((__le16 *)ptr) = dn_htons(mtu2blksize(dev)); ptr += 2; *ptr++ = dn_db->parms.priority; /* Priority */ *ptr++ = 0; /* Area: Reserved */ - *((unsigned short *)ptr) = dn_htons((unsigned short)dn_db->parms.t3); + *((__le16 *)ptr) = dn_htons((unsigned short)dn_db->parms.t3); ptr += 2; *ptr++ = 0; /* MPD: Reserved */ i1 = ptr++; @@ -974,7 +974,7 @@ static void dn_send_router_hello(struct net_device *dev, struct dn_ifaddr *ifa) skb_trim(skb, (27 + *i2)); - pktlen = (unsigned short *)skb_push(skb, 2); + pktlen = (__le16 *)skb_push(skb, 2); *pktlen = dn_htons(skb->len - 2); skb->nh.raw = skb->data; @@ -1016,7 +1016,7 @@ static void dn_send_ptp_hello(struct net_device *dev, struct dn_ifaddr *ifa) ptr = skb_put(skb, 2 + 4 + tdlen); *ptr++ = DN_RT_PKT_HELO; - *((dn_address *)ptr) = ifa->ifa_local; + *((__le16 *)ptr) = ifa->ifa_local; ptr += 2; *ptr++ = tdlen; @@ -1150,7 +1150,7 @@ struct dn_dev *dn_dev_create(struct net_device *dev, int *err) void dn_dev_up(struct net_device *dev) { struct dn_ifaddr *ifa; - dn_address addr = decnet_address; + __le16 addr = decnet_address; int maybe_default = 0; struct dn_dev *dn_db = (struct dn_dev *)dev->dn_ptr; @@ -1173,7 +1173,7 @@ void dn_dev_up(struct net_device *dev) if (dev->type == ARPHRD_ETHER) { if (memcmp(dev->dev_addr, dn_hiord, 4) != 0) return; - addr = dn_htons(dn_eth2dn(dev->dev_addr)); + addr = dn_eth2dn(dev->dev_addr); maybe_default = 1; } @@ -1285,12 +1285,12 @@ void dn_dev_devices_on(void) int register_dnaddr_notifier(struct notifier_block *nb) { - return notifier_chain_register(&dnaddr_chain, nb); + return blocking_notifier_chain_register(&dnaddr_chain, nb); } int unregister_dnaddr_notifier(struct notifier_block *nb) { - return notifier_chain_unregister(&dnaddr_chain, nb); + return blocking_notifier_chain_unregister(&dnaddr_chain, nb); } #ifdef CONFIG_PROC_FS @@ -1385,8 +1385,8 @@ static int dn_dev_seq_show(struct seq_file *seq, void *v) mtu2blksize(dev), dn_db->parms.priority, dn_db->parms.state, dn_db->parms.name, - dn_db->router ? dn_addr2asc(dn_ntohs(*(dn_address *)dn_db->router->primary_key), router_buf) : "", - dn_db->peer ? dn_addr2asc(dn_ntohs(*(dn_address *)dn_db->peer->primary_key), peer_buf) : ""); + dn_db->router ? dn_addr2asc(dn_ntohs(*(__le16 *)dn_db->router->primary_key), router_buf) : "", + dn_db->peer ? dn_addr2asc(dn_ntohs(*(__le16 *)dn_db->peer->primary_key), peer_buf) : ""); } return 0; } diff --git a/net/decnet/dn_fib.c b/net/decnet/dn_fib.c index 99bc061..bd4ce86 100644 --- a/net/decnet/dn_fib.c +++ b/net/decnet/dn_fib.c @@ -143,11 +143,11 @@ static inline struct dn_fib_info *dn_fib_find_info(const struct dn_fib_info *nfi return NULL; } -u16 dn_fib_get_attr16(struct rtattr *attr, int attrlen, int type) +__le16 dn_fib_get_attr16(struct rtattr *attr, int attrlen, int type) { while(RTA_OK(attr,attrlen)) { if (attr->rta_type == type) - return *(u16*)RTA_DATA(attr); + return *(__le16*)RTA_DATA(attr); attr = RTA_NEXT(attr, attrlen); } @@ -565,7 +565,7 @@ int dn_fib_dump(struct sk_buff *skb, struct netlink_callback *cb) return skb->len; } -static void fib_magic(int cmd, int type, __u16 dst, int dst_len, struct dn_ifaddr *ifa) +static void fib_magic(int cmd, int type, __le16 dst, int dst_len, struct dn_ifaddr *ifa) { struct dn_fib_table *tb; struct { @@ -684,7 +684,7 @@ static int dn_fib_dnaddr_event(struct notifier_block *this, unsigned long event, return NOTIFY_DONE; } -int dn_fib_sync_down(dn_address local, struct net_device *dev, int force) +int dn_fib_sync_down(__le16 local, struct net_device *dev, int force) { int ret = 0; int scope = RT_SCOPE_NOWHERE; diff --git a/net/decnet/dn_neigh.c b/net/decnet/dn_neigh.c index 33ab256..7c8692c 100644 --- a/net/decnet/dn_neigh.c +++ b/net/decnet/dn_neigh.c @@ -95,7 +95,7 @@ static struct neigh_ops dn_phase3_ops = { struct neigh_table dn_neigh_table = { .family = PF_DECnet, .entry_size = sizeof(struct dn_neigh), - .key_len = sizeof(dn_address), + .key_len = sizeof(__le16), .hash = dn_neigh_hash, .constructor = dn_neigh_construct, .id = "dn_neigh_cache", @@ -123,7 +123,7 @@ struct neigh_table dn_neigh_table = { static u32 dn_neigh_hash(const void *pkey, const struct net_device *dev) { - return jhash_2words(*(dn_address *)pkey, 0, dn_neigh_table.hash_rnd); + return jhash_2words(*(__u16 *)pkey, 0, dn_neigh_table.hash_rnd); } static int dn_neigh_construct(struct neighbour *neigh) @@ -249,14 +249,14 @@ static int dn_long_output(struct sk_buff *skb) data = skb_push(skb, sizeof(struct dn_long_packet) + 3); lp = (struct dn_long_packet *)(data+3); - *((unsigned short *)data) = dn_htons(skb->len - 2); + *((__le16 *)data) = dn_htons(skb->len - 2); *(data + 2) = 1 | DN_RT_F_PF; /* Padding */ lp->msgflg = DN_RT_PKT_LONG|(cb->rt_flags&(DN_RT_F_IE|DN_RT_F_RQR|DN_RT_F_RTS)); lp->d_area = lp->d_subarea = 0; - dn_dn2eth(lp->d_id, dn_ntohs(cb->dst)); + dn_dn2eth(lp->d_id, cb->dst); lp->s_area = lp->s_subarea = 0; - dn_dn2eth(lp->s_id, dn_ntohs(cb->src)); + dn_dn2eth(lp->s_id, cb->src); lp->nl2 = 0; lp->visit_ct = cb->hops & 0x3f; lp->s_class = 0; @@ -293,7 +293,7 @@ static int dn_short_output(struct sk_buff *skb) } data = skb_push(skb, sizeof(struct dn_short_packet) + 2); - *((unsigned short *)data) = dn_htons(skb->len - 2); + *((__le16 *)data) = dn_htons(skb->len - 2); sp = (struct dn_short_packet *)(data+2); sp->msgflg = DN_RT_PKT_SHORT|(cb->rt_flags&(DN_RT_F_RQR|DN_RT_F_RTS)); @@ -335,7 +335,7 @@ static int dn_phase3_output(struct sk_buff *skb) } data = skb_push(skb, sizeof(struct dn_short_packet) + 2); - *((unsigned short *)data) = dn_htons(skb->len - 2); + *((__le16 *)data) = dn_htons(skb->len - 2); sp = (struct dn_short_packet *)(data + 2); sp->msgflg = DN_RT_PKT_SHORT|(cb->rt_flags&(DN_RT_F_RQR|DN_RT_F_RTS)); @@ -373,9 +373,9 @@ int dn_neigh_router_hello(struct sk_buff *skb) struct neighbour *neigh; struct dn_neigh *dn; struct dn_dev *dn_db; - dn_address src; + __le16 src; - src = dn_htons(dn_eth2dn(msg->id)); + src = dn_eth2dn(msg->id); neigh = __neigh_lookup(&dn_neigh_table, &src, skb->dev, 1); @@ -409,7 +409,7 @@ int dn_neigh_router_hello(struct sk_buff *skb) } /* Only use routers in our area */ - if ((dn_ntohs(src)>>10) == dn_ntohs((decnet_address)>>10)) { + if ((dn_ntohs(src)>>10) == (dn_ntohs((decnet_address))>>10)) { if (!dn_db->router) { dn_db->router = neigh_clone(neigh); } else { @@ -433,9 +433,9 @@ int dn_neigh_endnode_hello(struct sk_buff *skb) struct endnode_hello_message *msg = (struct endnode_hello_message *)skb->data; struct neighbour *neigh; struct dn_neigh *dn; - dn_address src; + __le16 src; - src = dn_htons(dn_eth2dn(msg->id)); + src = dn_eth2dn(msg->id); neigh = __neigh_lookup(&dn_neigh_table, &src, skb->dev, 1); diff --git a/net/decnet/dn_nsp_in.c b/net/decnet/dn_nsp_in.c index 44bda85..547523b 100644 --- a/net/decnet/dn_nsp_in.c +++ b/net/decnet/dn_nsp_in.c @@ -85,7 +85,7 @@ static void dn_log_martian(struct sk_buff *skb, const char *msg) if (decnet_log_martians && net_ratelimit()) { char *devname = skb->dev ? skb->dev->name : "???"; struct dn_skb_cb *cb = DN_SKB_CB(skb); - printk(KERN_INFO "DECnet: Martian packet (%s) dev=%s src=0x%04hx dst=0x%04hx srcport=0x%04hx dstport=0x%04hx\n", msg, devname, cb->src, cb->dst, cb->src_port, cb->dst_port); + printk(KERN_INFO "DECnet: Martian packet (%s) dev=%s src=0x%04hx dst=0x%04hx srcport=0x%04hx dstport=0x%04hx\n", msg, devname, dn_ntohs(cb->src), dn_ntohs(cb->dst), dn_ntohs(cb->src_port), dn_ntohs(cb->dst_port)); } } @@ -128,7 +128,7 @@ static void dn_ack(struct sock *sk, struct sk_buff *skb, unsigned short ack) */ static int dn_process_ack(struct sock *sk, struct sk_buff *skb, int oth) { - unsigned short *ptr = (unsigned short *)skb->data; + __le16 *ptr = (__le16 *)skb->data; int len = 0; unsigned short ack; @@ -346,7 +346,7 @@ static void dn_nsp_conn_conf(struct sock *sk, struct sk_buff *skb) ptr = skb->data; cb->services = *ptr++; cb->info = *ptr++; - cb->segsize = dn_ntohs(*(__u16 *)ptr); + cb->segsize = dn_ntohs(*(__le16 *)ptr); if ((scp->state == DN_CI) || (scp->state == DN_CD)) { scp->persist = 0; @@ -363,7 +363,7 @@ static void dn_nsp_conn_conf(struct sock *sk, struct sk_buff *skb) if (skb->len > 0) { unsigned char dlen = *skb->data; if ((dlen <= 16) && (dlen <= skb->len)) { - scp->conndata_in.opt_optl = dlen; + scp->conndata_in.opt_optl = dn_htons((__u16)dlen); memcpy(scp->conndata_in.opt_data, skb->data + 1, dlen); } } @@ -397,17 +397,17 @@ static void dn_nsp_disc_init(struct sock *sk, struct sk_buff *skb) if (skb->len < 2) goto out; - reason = dn_ntohs(*(__u16 *)skb->data); + reason = dn_ntohs(*(__le16 *)skb->data); skb_pull(skb, 2); - scp->discdata_in.opt_status = reason; + scp->discdata_in.opt_status = dn_htons(reason); scp->discdata_in.opt_optl = 0; memset(scp->discdata_in.opt_data, 0, 16); if (skb->len > 0) { unsigned char dlen = *skb->data; if ((dlen <= 16) && (dlen <= skb->len)) { - scp->discdata_in.opt_optl = dlen; + scp->discdata_in.opt_optl = dn_htons((__u16)dlen); memcpy(scp->discdata_in.opt_data, skb->data + 1, dlen); } } @@ -464,7 +464,7 @@ static void dn_nsp_disc_conf(struct sock *sk, struct sk_buff *skb) if (skb->len != 2) goto out; - reason = dn_ntohs(*(__u16 *)skb->data); + reason = dn_ntohs(*(__le16 *)skb->data); sk->sk_state = TCP_CLOSE; @@ -513,7 +513,7 @@ static void dn_nsp_linkservice(struct sock *sk, struct sk_buff *skb) if (skb->len != 4) goto out; - segnum = dn_ntohs(*(__u16 *)ptr); + segnum = dn_ntohs(*(__le16 *)ptr); ptr += 2; lsflags = *(unsigned char *)ptr++; fcval = *ptr; @@ -621,7 +621,7 @@ static void dn_nsp_otherdata(struct sock *sk, struct sk_buff *skb) if (skb->len < 2) goto out; - cb->segnum = segnum = dn_ntohs(*(__u16 *)skb->data); + cb->segnum = segnum = dn_ntohs(*(__le16 *)skb->data); skb_pull(skb, 2); if (seq_next(scp->numoth_rcv, segnum)) { @@ -649,7 +649,7 @@ static void dn_nsp_data(struct sock *sk, struct sk_buff *skb) if (skb->len < 2) goto out; - cb->segnum = segnum = dn_ntohs(*(__u16 *)skb->data); + cb->segnum = segnum = dn_ntohs(*(__le16 *)skb->data); skb_pull(skb, 2); if (seq_next(scp->numdat_rcv, segnum)) { @@ -760,7 +760,7 @@ static int dn_nsp_rx_packet(struct sk_buff *skb) /* * Grab the destination address. */ - cb->dst_port = *(unsigned short *)ptr; + cb->dst_port = *(__le16 *)ptr; cb->src_port = 0; ptr += 2; @@ -768,7 +768,7 @@ static int dn_nsp_rx_packet(struct sk_buff *skb) * If not a connack, grab the source address too. */ if (pskb_may_pull(skb, 5)) { - cb->src_port = *(unsigned short *)ptr; + cb->src_port = *(__le16 *)ptr; ptr += 2; skb_pull(skb, 5); } @@ -778,7 +778,7 @@ static int dn_nsp_rx_packet(struct sk_buff *skb) * Swap src & dst and look up in the normal way. */ if (unlikely(cb->rt_flags & DN_RT_F_RTS)) { - unsigned short tmp = cb->dst_port; + __le16 tmp = cb->dst_port; cb->dst_port = cb->src_port; cb->src_port = tmp; tmp = cb->dst; diff --git a/net/decnet/dn_nsp_out.c b/net/decnet/dn_nsp_out.c index c96c767..c2e21cd 100644 --- a/net/decnet/dn_nsp_out.c +++ b/net/decnet/dn_nsp_out.c @@ -287,26 +287,26 @@ int dn_nsp_xmit_timeout(struct sock *sk) return 0; } -static inline unsigned char *dn_mk_common_header(struct dn_scp *scp, struct sk_buff *skb, unsigned char msgflag, int len) +static inline __le16 *dn_mk_common_header(struct dn_scp *scp, struct sk_buff *skb, unsigned char msgflag, int len) { unsigned char *ptr = skb_push(skb, len); BUG_ON(len < 5); *ptr++ = msgflag; - *((unsigned short *)ptr) = scp->addrrem; + *((__le16 *)ptr) = scp->addrrem; ptr += 2; - *((unsigned short *)ptr) = scp->addrloc; + *((__le16 *)ptr) = scp->addrloc; ptr += 2; - return ptr; + return (__le16 __force *)ptr; } -static unsigned short *dn_mk_ack_header(struct sock *sk, struct sk_buff *skb, unsigned char msgflag, int hlen, int other) +static __le16 *dn_mk_ack_header(struct sock *sk, struct sk_buff *skb, unsigned char msgflag, int hlen, int other) { struct dn_scp *scp = DN_SK(sk); unsigned short acknum = scp->numdat_rcv & 0x0FFF; unsigned short ackcrs = scp->numoth_rcv & 0x0FFF; - unsigned short *ptr; + __le16 *ptr; BUG_ON(hlen < 9); @@ -325,7 +325,7 @@ static unsigned short *dn_mk_ack_header(struct sock *sk, struct sk_buff *skb, un /* Set "cross subchannel" bit in ackcrs */ ackcrs |= 0x2000; - ptr = (unsigned short *)dn_mk_common_header(scp, skb, msgflag, hlen); + ptr = (__le16 *)dn_mk_common_header(scp, skb, msgflag, hlen); *ptr++ = dn_htons(acknum); *ptr++ = dn_htons(ackcrs); @@ -333,11 +333,11 @@ static unsigned short *dn_mk_ack_header(struct sock *sk, struct sk_buff *skb, un return ptr; } -static unsigned short *dn_nsp_mk_data_header(struct sock *sk, struct sk_buff *skb, int oth) +static __le16 *dn_nsp_mk_data_header(struct sock *sk, struct sk_buff *skb, int oth) { struct dn_scp *scp = DN_SK(sk); struct dn_skb_cb *cb = DN_SKB_CB(skb); - unsigned short *ptr = dn_mk_ack_header(sk, skb, cb->nsp_flags, 11, oth); + __le16 *ptr = dn_mk_ack_header(sk, skb, cb->nsp_flags, 11, oth); if (unlikely(oth)) { cb->segnum = scp->numoth; @@ -524,9 +524,9 @@ void dn_send_conn_conf(struct sock *sk, gfp_t gfp) struct dn_scp *scp = DN_SK(sk); struct sk_buff *skb = NULL; struct nsp_conn_init_msg *msg; - unsigned char len = scp->conndata_out.opt_optl; + __u8 len = (__u8)dn_ntohs(scp->conndata_out.opt_optl); - if ((skb = dn_alloc_skb(sk, 50 + scp->conndata_out.opt_optl, gfp)) == NULL) + if ((skb = dn_alloc_skb(sk, 50 + dn_ntohs(scp->conndata_out.opt_optl), gfp)) == NULL) return; msg = (struct nsp_conn_init_msg *)skb_put(skb, sizeof(*msg)); @@ -553,7 +553,7 @@ void dn_send_conn_conf(struct sock *sk, gfp_t gfp) static __inline__ void dn_nsp_do_disc(struct sock *sk, unsigned char msgflg, unsigned short reason, gfp_t gfp, struct dst_entry *dst, - int ddl, unsigned char *dd, __u16 rem, __u16 loc) + int ddl, unsigned char *dd, __le16 rem, __le16 loc) { struct sk_buff *skb = NULL; int size = 7 + ddl + ((msgflg == NSP_DISCINIT) ? 1 : 0); @@ -561,7 +561,7 @@ static __inline__ void dn_nsp_do_disc(struct sock *sk, unsigned char msgflg, if ((dst == NULL) || (rem == 0)) { if (net_ratelimit()) - printk(KERN_DEBUG "DECnet: dn_nsp_do_disc: BUG! Please report this to SteveW@ACM.org rem=%u dst=%p\n", (unsigned)rem, dst); + printk(KERN_DEBUG "DECnet: dn_nsp_do_disc: BUG! Please report this to SteveW@ACM.org rem=%u dst=%p\n", dn_ntohs(rem), dst); return; } @@ -570,11 +570,11 @@ static __inline__ void dn_nsp_do_disc(struct sock *sk, unsigned char msgflg, msg = skb_put(skb, size); *msg++ = msgflg; - *(__u16 *)msg = rem; + *(__le16 *)msg = rem; msg += 2; - *(__u16 *)msg = loc; + *(__le16 *)msg = loc; msg += 2; - *(__u16 *)msg = dn_htons(reason); + *(__le16 *)msg = dn_htons(reason); msg += 2; if (msgflg == NSP_DISCINIT) *msg++ = ddl; @@ -600,10 +600,10 @@ void dn_nsp_send_disc(struct sock *sk, unsigned char msgflg, int ddl = 0; if (msgflg == NSP_DISCINIT) - ddl = scp->discdata_out.opt_optl; + ddl = dn_ntohs(scp->discdata_out.opt_optl); if (reason == 0) - reason = scp->discdata_out.opt_status; + reason = dn_ntohs(scp->discdata_out.opt_status); dn_nsp_do_disc(sk, msgflg, reason, gfp, sk->sk_dst_cache, ddl, scp->discdata_out.opt_data, scp->addrrem, scp->addrloc); @@ -708,7 +708,7 @@ void dn_nsp_send_conninit(struct sock *sk, unsigned char msgflg) if (aux > 0) memcpy(skb_put(skb, aux), scp->accessdata.acc_acc, aux); - aux = scp->conndata_out.opt_optl; + aux = (__u8)dn_ntohs(scp->conndata_out.opt_optl); *skb_put(skb, 1) = aux; if (aux > 0) memcpy(skb_put(skb,aux), scp->conndata_out.opt_data, aux); diff --git a/net/decnet/dn_route.c b/net/decnet/dn_route.c index 3407f19..e172cf9 100644 --- a/net/decnet/dn_route.c +++ b/net/decnet/dn_route.c @@ -133,9 +133,9 @@ static struct dst_ops dn_dst_ops = { .entries = ATOMIC_INIT(0), }; -static __inline__ unsigned dn_hash(unsigned short src, unsigned short dst) +static __inline__ unsigned dn_hash(__le16 src, __le16 dst) { - unsigned short tmp = src ^ dst; + __u16 tmp = (__u16 __force)(src ^ dst); tmp ^= (tmp >> 3); tmp ^= (tmp >> 5); tmp ^= (tmp >> 10); @@ -149,8 +149,7 @@ static inline void dnrt_free(struct dn_route *rt) static inline void dnrt_drop(struct dn_route *rt) { - if (rt) - dst_release(&rt->u.dst); + dst_release(&rt->u.dst); call_rcu_bh(&rt->u.dst.rcu_head, dst_rcu_free); } @@ -379,9 +378,9 @@ static int dn_return_short(struct sk_buff *skb) { struct dn_skb_cb *cb; unsigned char *ptr; - dn_address *src; - dn_address *dst; - dn_address tmp; + __le16 *src; + __le16 *dst; + __le16 tmp; /* Add back headers */ skb_push(skb, skb->data - skb->nh.raw); @@ -394,9 +393,9 @@ static int dn_return_short(struct sk_buff *skb) ptr = skb->data + 2; *ptr++ = (cb->rt_flags & ~DN_RT_F_RQR) | DN_RT_F_RTS; - dst = (dn_address *)ptr; + dst = (__le16 *)ptr; ptr += 2; - src = (dn_address *)ptr; + src = (__le16 *)ptr; ptr += 2; *ptr = 0; /* Zero hop count */ @@ -475,7 +474,8 @@ static int dn_route_rx_packet(struct sk_buff *skb) struct dn_skb_cb *cb = DN_SKB_CB(skb); printk(KERN_DEBUG "DECnet: dn_route_rx_packet: rt_flags=0x%02x dev=%s len=%d src=0x%04hx dst=0x%04hx err=%d type=%d\n", - (int)cb->rt_flags, devname, skb->len, cb->src, cb->dst, + (int)cb->rt_flags, devname, skb->len, + dn_ntohs(cb->src), dn_ntohs(cb->dst), err, skb->pkt_type); } @@ -505,7 +505,7 @@ static int dn_route_rx_long(struct sk_buff *skb) /* Destination info */ ptr += 2; - cb->dst = dn_htons(dn_eth2dn(ptr)); + cb->dst = dn_eth2dn(ptr); if (memcmp(ptr, dn_hiord_addr, 4) != 0) goto drop_it; ptr += 6; @@ -513,7 +513,7 @@ static int dn_route_rx_long(struct sk_buff *skb) /* Source info */ ptr += 2; - cb->src = dn_htons(dn_eth2dn(ptr)); + cb->src = dn_eth2dn(ptr); if (memcmp(ptr, dn_hiord_addr, 4) != 0) goto drop_it; ptr += 6; @@ -541,9 +541,9 @@ static int dn_route_rx_short(struct sk_buff *skb) skb_pull(skb, 5); skb->h.raw = skb->data; - cb->dst = *(dn_address *)ptr; + cb->dst = *(__le16 *)ptr; ptr += 2; - cb->src = *(dn_address *)ptr; + cb->src = *(__le16 *)ptr; ptr += 2; cb->hops = *ptr & 0x3f; @@ -575,7 +575,7 @@ int dn_route_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type { struct dn_skb_cb *cb; unsigned char flags = 0; - __u16 len = dn_ntohs(*(__u16 *)skb->data); + __u16 len = dn_ntohs(*(__le16 *)skb->data); struct dn_dev *dn = (struct dn_dev *)dev->dn_ptr; unsigned char padlen = 0; @@ -782,7 +782,7 @@ static int dn_rt_bug(struct sk_buff *skb) struct dn_skb_cb *cb = DN_SKB_CB(skb); printk(KERN_DEBUG "dn_rt_bug: skb from:%04x to:%04x\n", - cb->src, cb->dst); + dn_ntohs(cb->src), dn_ntohs(cb->dst)); } kfree_skb(skb); @@ -823,7 +823,7 @@ static int dn_rt_set_next_hop(struct dn_route *rt, struct dn_fib_res *res) return 0; } -static inline int dn_match_addr(__u16 addr1, __u16 addr2) +static inline int dn_match_addr(__le16 addr1, __le16 addr2) { __u16 tmp = dn_ntohs(addr1) ^ dn_ntohs(addr2); int match = 16; @@ -834,9 +834,9 @@ static inline int dn_match_addr(__u16 addr1, __u16 addr2) return match; } -static __u16 dnet_select_source(const struct net_device *dev, __u16 daddr, int scope) +static __le16 dnet_select_source(const struct net_device *dev, __le16 daddr, int scope) { - __u16 saddr = 0; + __le16 saddr = 0; struct dn_dev *dn_db = dev->dn_ptr; struct dn_ifaddr *ifa; int best_match = 0; @@ -861,14 +861,14 @@ static __u16 dnet_select_source(const struct net_device *dev, __u16 daddr, int s return saddr; } -static inline __u16 __dn_fib_res_prefsrc(struct dn_fib_res *res) +static inline __le16 __dn_fib_res_prefsrc(struct dn_fib_res *res) { return dnet_select_source(DN_FIB_RES_DEV(*res), DN_FIB_RES_GW(*res), res->scope); } -static inline __u16 dn_fib_rules_map_destination(__u16 daddr, struct dn_fib_res *res) +static inline __le16 dn_fib_rules_map_destination(__le16 daddr, struct dn_fib_res *res) { - __u16 mask = dnet_make_mask(res->prefixlen); + __le16 mask = dnet_make_mask(res->prefixlen); return (daddr&~mask)|res->fi->fib_nh->nh_gw; } @@ -892,12 +892,13 @@ static int dn_route_output_slow(struct dst_entry **pprt, const struct flowi *old struct dn_fib_res res = { .fi = NULL, .type = RTN_UNICAST }; int err; int free_res = 0; - __u16 gateway = 0; + __le16 gateway = 0; if (decnet_debug_level & 16) printk(KERN_DEBUG "dn_route_output_slow: dst=%04x src=%04x mark=%d" - " iif=%d oif=%d\n", oldflp->fld_dst, oldflp->fld_src, + " iif=%d oif=%d\n", dn_ntohs(oldflp->fld_dst), + dn_ntohs(oldflp->fld_src), oldflp->fld_fwmark, loopback_dev.ifindex, oldflp->oif); /* If we have an output interface, verify its a DECnet device */ @@ -961,8 +962,9 @@ source_ok: if (decnet_debug_level & 16) printk(KERN_DEBUG "dn_route_output_slow: initial checks complete." - " dst=%o4x src=%04x oif=%d try_hard=%d\n", fl.fld_dst, - fl.fld_src, fl.oif, try_hard); + " dst=%o4x src=%04x oif=%d try_hard=%d\n", + dn_ntohs(fl.fld_dst), dn_ntohs(fl.fld_src), + fl.oif, try_hard); /* * N.B. If the kernel is compiled without router support then @@ -1218,8 +1220,8 @@ static int dn_route_input_slow(struct sk_buff *skb) struct neighbour *neigh = NULL; unsigned hash; int flags = 0; - __u16 gateway = 0; - __u16 local_src = 0; + __le16 gateway = 0; + __le16 local_src = 0; struct flowi fl = { .nl_u = { .dn_u = { .daddr = cb->dst, .saddr = cb->src, @@ -1266,7 +1268,7 @@ static int dn_route_input_slow(struct sk_buff *skb) res.type = RTN_LOCAL; flags |= RTCF_DIRECTSRC; } else { - __u16 src_map = fl.fld_src; + __le16 src_map = fl.fld_src; free_res = 1; out_dev = DN_FIB_RES_DEV(res); diff --git a/net/decnet/dn_rules.c b/net/decnet/dn_rules.c index 1060de7..446faaf 100644 --- a/net/decnet/dn_rules.c +++ b/net/decnet/dn_rules.c @@ -27,6 +27,8 @@ #include <linux/timer.h> #include <linux/spinlock.h> #include <linux/in_route.h> +#include <linux/list.h> +#include <linux/rcupdate.h> #include <asm/atomic.h> #include <asm/uaccess.h> #include <net/neighbour.h> @@ -39,18 +41,18 @@ struct dn_fib_rule { - struct dn_fib_rule *r_next; + struct hlist_node r_hlist; atomic_t r_clntref; u32 r_preference; unsigned char r_table; unsigned char r_action; unsigned char r_dst_len; unsigned char r_src_len; - dn_address r_src; - dn_address r_srcmask; - dn_address r_dst; - dn_address r_dstmask; - dn_address r_srcmap; + __le16 r_src; + __le16 r_srcmask; + __le16 r_dst; + __le16 r_dstmask; + __le16 r_srcmap; u8 r_flags; #ifdef CONFIG_DECNET_ROUTE_FWMARK u32 r_fwmark; @@ -58,6 +60,7 @@ struct dn_fib_rule int r_ifindex; char r_ifname[IFNAMSIZ]; int r_dead; + struct rcu_head rcu; }; static struct dn_fib_rule default_rule = { @@ -67,18 +70,17 @@ static struct dn_fib_rule default_rule = { .r_action = RTN_UNICAST }; -static struct dn_fib_rule *dn_fib_rules = &default_rule; -static DEFINE_RWLOCK(dn_fib_rules_lock); - +static struct hlist_head dn_fib_rules; int dn_fib_rtm_delrule(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) { struct rtattr **rta = arg; struct rtmsg *rtm = NLMSG_DATA(nlh); - struct dn_fib_rule *r, **rp; + struct dn_fib_rule *r; + struct hlist_node *node; int err = -ESRCH; - for(rp=&dn_fib_rules; (r=*rp) != NULL; rp = &r->r_next) { + hlist_for_each_entry(r, node, &dn_fib_rules, r_hlist) { if ((!rta[RTA_SRC-1] || memcmp(RTA_DATA(rta[RTA_SRC-1]), &r->r_src, 2) == 0) && rtm->rtm_src_len == r->r_src_len && rtm->rtm_dst_len == r->r_dst_len && @@ -95,10 +97,8 @@ int dn_fib_rtm_delrule(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) if (r == &default_rule) break; - write_lock_bh(&dn_fib_rules_lock); - *rp = r->r_next; + hlist_del_rcu(&r->r_hlist); r->r_dead = 1; - write_unlock_bh(&dn_fib_rules_lock); dn_fib_rule_put(r); err = 0; break; @@ -108,11 +108,17 @@ int dn_fib_rtm_delrule(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) return err; } +static inline void dn_fib_rule_put_rcu(struct rcu_head *head) +{ + struct dn_fib_rule *r = container_of(head, struct dn_fib_rule, rcu); + kfree(r); +} + void dn_fib_rule_put(struct dn_fib_rule *r) { if (atomic_dec_and_test(&r->r_clntref)) { if (r->r_dead) - kfree(r); + call_rcu(&r->rcu, dn_fib_rule_put_rcu); else printk(KERN_DEBUG "Attempt to free alive dn_fib_rule\n"); } @@ -123,7 +129,8 @@ int dn_fib_rtm_newrule(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) { struct rtattr **rta = arg; struct rtmsg *rtm = NLMSG_DATA(nlh); - struct dn_fib_rule *r, *new_r, **rp; + struct dn_fib_rule *r, *new_r, *last = NULL; + struct hlist_node *node = NULL; unsigned char table_id; if (rtm->rtm_src_len > 16 || rtm->rtm_dst_len > 16) @@ -149,6 +156,7 @@ int dn_fib_rtm_newrule(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) if (!new_r) return -ENOMEM; memset(new_r, 0, sizeof(*new_r)); + if (rta[RTA_SRC-1]) memcpy(&new_r->r_src, RTA_DATA(rta[RTA_SRC-1]), 2); if (rta[RTA_DST-1]) @@ -179,27 +187,26 @@ int dn_fib_rtm_newrule(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) } } - rp = &dn_fib_rules; + r = container_of(dn_fib_rules.first, struct dn_fib_rule, r_hlist); if (!new_r->r_preference) { - r = dn_fib_rules; - if (r && (r = r->r_next) != NULL) { - rp = &dn_fib_rules->r_next; + if (r && r->r_hlist.next != NULL) { + r = container_of(r->r_hlist.next, struct dn_fib_rule, r_hlist); if (r->r_preference) new_r->r_preference = r->r_preference - 1; } } - while((r=*rp) != NULL) { + hlist_for_each_entry(r, node, &dn_fib_rules, r_hlist) { if (r->r_preference > new_r->r_preference) break; - rp = &r->r_next; + last = r; } - - new_r->r_next = r; atomic_inc(&new_r->r_clntref); - write_lock_bh(&dn_fib_rules_lock); - *rp = new_r; - write_unlock_bh(&dn_fib_rules_lock); + + if (last) + hlist_add_after_rcu(&last->r_hlist, &new_r->r_hlist); + else + hlist_add_before_rcu(&new_r->r_hlist, &r->r_hlist); return 0; } @@ -208,12 +215,14 @@ int dn_fib_lookup(const struct flowi *flp, struct dn_fib_res *res) { struct dn_fib_rule *r, *policy; struct dn_fib_table *tb; - dn_address saddr = flp->fld_src; - dn_address daddr = flp->fld_dst; + __le16 saddr = flp->fld_src; + __le16 daddr = flp->fld_dst; + struct hlist_node *node; int err; - read_lock(&dn_fib_rules_lock); - for(r = dn_fib_rules; r; r = r->r_next) { + rcu_read_lock(); + + hlist_for_each_entry_rcu(r, node, &dn_fib_rules, r_hlist) { if (((saddr^r->r_src) & r->r_srcmask) || ((daddr^r->r_dst) & r->r_dstmask) || #ifdef CONFIG_DECNET_ROUTE_FWMARK @@ -228,14 +237,14 @@ int dn_fib_lookup(const struct flowi *flp, struct dn_fib_res *res) policy = r; break; case RTN_UNREACHABLE: - read_unlock(&dn_fib_rules_lock); + rcu_read_unlock(); return -ENETUNREACH; default: case RTN_BLACKHOLE: - read_unlock(&dn_fib_rules_lock); + rcu_read_unlock(); return -EINVAL; case RTN_PROHIBIT: - read_unlock(&dn_fib_rules_lock); + rcu_read_unlock(); return -EACCES; } @@ -246,20 +255,20 @@ int dn_fib_lookup(const struct flowi *flp, struct dn_fib_res *res) res->r = policy; if (policy) atomic_inc(&policy->r_clntref); - read_unlock(&dn_fib_rules_lock); + rcu_read_unlock(); return 0; } if (err < 0 && err != -EAGAIN) { - read_unlock(&dn_fib_rules_lock); + rcu_read_unlock(); return err; } } - read_unlock(&dn_fib_rules_lock); + rcu_read_unlock(); return -ESRCH; } -unsigned dnet_addr_type(__u16 addr) +unsigned dnet_addr_type(__le16 addr) { struct flowi fl = { .nl_u = { .dn_u = { .daddr = addr } } }; struct dn_fib_res res; @@ -277,7 +286,7 @@ unsigned dnet_addr_type(__u16 addr) return ret; } -__u16 dn_fib_rules_policy(__u16 saddr, struct dn_fib_res *res, unsigned *flags) +__le16 dn_fib_rules_policy(__le16 saddr, struct dn_fib_res *res, unsigned *flags) { struct dn_fib_rule *r = res->r; @@ -297,27 +306,23 @@ __u16 dn_fib_rules_policy(__u16 saddr, struct dn_fib_res *res, unsigned *flags) static void dn_fib_rules_detach(struct net_device *dev) { + struct hlist_node *node; struct dn_fib_rule *r; - for(r = dn_fib_rules; r; r = r->r_next) { - if (r->r_ifindex == dev->ifindex) { - write_lock_bh(&dn_fib_rules_lock); + hlist_for_each_entry(r, node, &dn_fib_rules, r_hlist) { + if (r->r_ifindex == dev->ifindex) r->r_ifindex = -1; - write_unlock_bh(&dn_fib_rules_lock); - } } } static void dn_fib_rules_attach(struct net_device *dev) { + struct hlist_node *node; struct dn_fib_rule *r; - for(r = dn_fib_rules; r; r = r->r_next) { - if (r->r_ifindex == -1 && strcmp(dev->name, r->r_ifname) == 0) { - write_lock_bh(&dn_fib_rules_lock); + hlist_for_each_entry(r, node, &dn_fib_rules, r_hlist) { + if (r->r_ifindex == -1 && strcmp(dev->name, r->r_ifname) == 0) r->r_ifindex = dev->ifindex; - write_unlock_bh(&dn_fib_rules_lock); - } } } @@ -387,18 +392,20 @@ rtattr_failure: int dn_fib_dump_rules(struct sk_buff *skb, struct netlink_callback *cb) { - int idx; + int idx = 0; int s_idx = cb->args[0]; struct dn_fib_rule *r; + struct hlist_node *node; - read_lock(&dn_fib_rules_lock); - for(r = dn_fib_rules, idx = 0; r; r = r->r_next, idx++) { + rcu_read_lock(); + hlist_for_each_entry(r, node, &dn_fib_rules, r_hlist) { if (idx < s_idx) continue; if (dn_fib_fill_rule(skb, r, cb, NLM_F_MULTI) < 0) break; + idx++; } - read_unlock(&dn_fib_rules_lock); + rcu_read_unlock(); cb->args[0] = idx; return skb->len; @@ -406,6 +413,8 @@ int dn_fib_dump_rules(struct sk_buff *skb, struct netlink_callback *cb) void __init dn_fib_rules_init(void) { + INIT_HLIST_HEAD(&dn_fib_rules); + hlist_add_head(&default_rule.r_hlist, &dn_fib_rules); register_netdevice_notifier(&dn_fib_rules_notifier); } diff --git a/net/decnet/dn_table.c b/net/decnet/dn_table.c index 6f8b565..0ebc46a 100644 --- a/net/decnet/dn_table.c +++ b/net/decnet/dn_table.c @@ -46,7 +46,7 @@ struct dn_zone u32 dz_hashmask; #define DZ_HASHMASK(dz) ((dz)->dz_hashmask) int dz_order; - u16 dz_mask; + __le16 dz_mask; #define DZ_MASK(dz) ((dz)->dz_mask) }; @@ -84,14 +84,14 @@ static int dn_fib_hash_zombies; static inline dn_fib_idx_t dn_hash(dn_fib_key_t key, struct dn_zone *dz) { - u16 h = ntohs(key.datum)>>(16 - dz->dz_order); + u16 h = dn_ntohs(key.datum)>>(16 - dz->dz_order); h ^= (h >> 10); h ^= (h >> 6); h &= DZ_HASHMASK(dz); return *(dn_fib_idx_t *)&h; } -static inline dn_fib_key_t dz_key(u16 dst, struct dn_zone *dz) +static inline dn_fib_key_t dz_key(__le16 dst, struct dn_zone *dz) { dn_fib_key_t k; k.datum = dst & DZ_MASK(dz); @@ -250,7 +250,7 @@ static int dn_fib_nh_match(struct rtmsg *r, struct nlmsghdr *nlh, struct dn_kern for_nexthops(fi) { int attrlen = nhlen - sizeof(struct rtnexthop); - dn_address gw; + __le16 gw; if (attrlen < 0 || (nhlen -= nhp->rtnh_len) < 0) return -EINVAL; @@ -457,7 +457,7 @@ static int dn_fib_table_insert(struct dn_fib_table *tb, struct rtmsg *r, struct dz_key_0(key); if (rta->rta_dst) { - dn_address dst; + __le16 dst; memcpy(&dst, rta->rta_dst, 2); if (dst & ~DZ_MASK(dz)) return -EINVAL; @@ -593,7 +593,7 @@ static int dn_fib_table_delete(struct dn_fib_table *tb, struct rtmsg *r, struct dz_key_0(key); if (rta->rta_dst) { - dn_address dst; + __le16 dst; memcpy(&dst, rta->rta_dst, 2); if (dst & ~DZ_MASK(dz)) return -EINVAL; diff --git a/net/decnet/netfilter/dn_rtmsg.c b/net/decnet/netfilter/dn_rtmsg.c index 16a5a31..74133ec 100644 --- a/net/decnet/netfilter/dn_rtmsg.c +++ b/net/decnet/netfilter/dn_rtmsg.c @@ -133,7 +133,7 @@ static struct nf_hook_ops dnrmg_ops = { .priority = NF_DN_PRI_DNRTMSG, }; -static int __init init(void) +static int __init dn_rtmsg_init(void) { int rv = 0; @@ -152,7 +152,7 @@ static int __init init(void) return rv; } -static void __exit fini(void) +static void __exit dn_rtmsg_fini(void) { nf_unregister_hook(&dnrmg_ops); sock_release(dnrmg->sk_socket); @@ -164,6 +164,6 @@ MODULE_AUTHOR("Steven Whitehouse <steve@chygwyn.com>"); MODULE_LICENSE("GPL"); MODULE_ALIAS_NET_PF_PROTO(PF_NETLINK, NETLINK_DNRTMSG); -module_init(init); -module_exit(fini); +module_init(dn_rtmsg_init); +module_exit(dn_rtmsg_fini); diff --git a/net/decnet/sysctl_net_decnet.c b/net/decnet/sysctl_net_decnet.c index 0e9d2c5..bda5920 100644 --- a/net/decnet/sysctl_net_decnet.c +++ b/net/decnet/sysctl_net_decnet.c @@ -86,9 +86,9 @@ static void strip_it(char *str) * Simple routine to parse an ascii DECnet address * into a network order address. */ -static int parse_addr(dn_address *addr, char *str) +static int parse_addr(__le16 *addr, char *str) { - dn_address area, node; + __u16 area, node; while(*str && !ISNUM(*str)) str++; @@ -139,7 +139,7 @@ static int dn_node_address_strategy(ctl_table *table, int __user *name, int nlen void **context) { size_t len; - dn_address addr; + __le16 addr; if (oldval && oldlenp) { if (get_user(len, oldlenp)) @@ -147,14 +147,14 @@ static int dn_node_address_strategy(ctl_table *table, int __user *name, int nlen if (len) { if (len != sizeof(unsigned short)) return -EINVAL; - if (put_user(decnet_address, (unsigned short __user *)oldval)) + if (put_user(decnet_address, (__le16 __user *)oldval)) return -EFAULT; } } if (newval && newlen) { if (newlen != sizeof(unsigned short)) return -EINVAL; - if (get_user(addr, (unsigned short __user *)newval)) + if (get_user(addr, (__le16 __user *)newval)) return -EFAULT; dn_dev_devices_off(); @@ -173,7 +173,7 @@ static int dn_node_address_handler(ctl_table *table, int write, { char addr[DN_ASCBUF_LEN]; size_t len; - dn_address dnaddr; + __le16 dnaddr; if (!*lenp || (*ppos && !write)) { *lenp = 0; diff --git a/net/econet/af_econet.c b/net/econet/af_econet.c index c792994..8682656 100644 --- a/net/econet/af_econet.c +++ b/net/econet/af_econet.c @@ -42,6 +42,7 @@ #include <linux/spinlock.h> #include <linux/rcupdate.h> #include <linux/bitops.h> +#include <linux/mutex.h> #include <asm/uaccess.h> #include <asm/system.h> @@ -49,6 +50,7 @@ static const struct proto_ops econet_ops; static struct hlist_head econet_sklist; static DEFINE_RWLOCK(econet_lock); +static DEFINE_MUTEX(econet_mutex); /* Since there are only 256 possible network numbers (or fewer, depends how you count) it makes sense to use a simple lookup table. */ @@ -124,6 +126,8 @@ static int econet_recvmsg(struct kiocb *iocb, struct socket *sock, msg->msg_namelen = sizeof(struct sockaddr_ec); + mutex_lock(&econet_mutex); + /* * Call the generic datagram receiver. This handles all sorts * of horrible races and re-entrancy so we can forget about it @@ -174,6 +178,7 @@ static int econet_recvmsg(struct kiocb *iocb, struct socket *sock, out_free: skb_free_datagram(sk, skb); out: + mutex_unlock(&econet_mutex); return err; } @@ -184,8 +189,8 @@ out: static int econet_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len) { struct sockaddr_ec *sec = (struct sockaddr_ec *)uaddr; - struct sock *sk=sock->sk; - struct econet_sock *eo = ec_sk(sk); + struct sock *sk; + struct econet_sock *eo; /* * Check legality @@ -195,11 +200,18 @@ static int econet_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len sec->sec_family != AF_ECONET) return -EINVAL; + mutex_lock(&econet_mutex); + + sk = sock->sk; + eo = ec_sk(sk); + eo->cb = sec->cb; eo->port = sec->port; eo->station = sec->addr.station; eo->net = sec->addr.net; + mutex_unlock(&econet_mutex); + return 0; } @@ -284,6 +296,8 @@ static int econet_sendmsg(struct kiocb *iocb, struct socket *sock, * Get and verify the address. */ + mutex_lock(&econet_mutex); + if (saddr == NULL) { struct econet_sock *eo = ec_sk(sk); @@ -292,8 +306,10 @@ static int econet_sendmsg(struct kiocb *iocb, struct socket *sock, port = eo->port; cb = eo->cb; } else { - if (msg->msg_namelen < sizeof(struct sockaddr_ec)) + if (msg->msg_namelen < sizeof(struct sockaddr_ec)) { + mutex_unlock(&econet_mutex); return -EINVAL; + } addr.station = saddr->addr.station; addr.net = saddr->addr.net; port = saddr->port; @@ -304,19 +320,21 @@ static int econet_sendmsg(struct kiocb *iocb, struct socket *sock, dev = net2dev_map[addr.net]; /* If not directly reachable, use some default */ - if (dev == NULL) - { + if (dev == NULL) { dev = net2dev_map[0]; /* No interfaces at all? */ - if (dev == NULL) + if (dev == NULL) { + mutex_unlock(&econet_mutex); return -ENETDOWN; + } } - if (len + 15 > dev->mtu) + if (len + 15 > dev->mtu) { + mutex_unlock(&econet_mutex); return -EMSGSIZE; + } - if (dev->type == ARPHRD_ECONET) - { + if (dev->type == ARPHRD_ECONET) { /* Real hardware Econet. We're not worthy etc. */ #ifdef CONFIG_ECONET_NATIVE unsigned short proto = 0; @@ -374,6 +392,7 @@ static int econet_sendmsg(struct kiocb *iocb, struct socket *sock, dev_queue_xmit(skb); dev_put(dev); + mutex_unlock(&econet_mutex); return(len); out_free: @@ -384,14 +403,18 @@ static int econet_sendmsg(struct kiocb *iocb, struct socket *sock, #else err = -EPROTOTYPE; #endif + mutex_unlock(&econet_mutex); + return err; } #ifdef CONFIG_ECONET_AUNUDP /* AUN virtual Econet. */ - if (udpsock == NULL) + if (udpsock == NULL) { + mutex_unlock(&econet_mutex); return -ENETDOWN; /* No socket - can't send */ + } /* Make up a UDP datagram and hand it off to some higher intellect. */ @@ -438,8 +461,10 @@ static int econet_sendmsg(struct kiocb *iocb, struct socket *sock, void __user *base = msg->msg_iov[i].iov_base; size_t len = msg->msg_iov[i].iov_len; /* Check it now since we switch to KERNEL_DS later. */ - if (!access_ok(VERIFY_READ, base, len)) + if (!access_ok(VERIFY_READ, base, len)) { + mutex_unlock(&econet_mutex); return -EFAULT; + } iov[i+1].iov_base = base; iov[i+1].iov_len = len; size += len; @@ -447,8 +472,11 @@ static int econet_sendmsg(struct kiocb *iocb, struct socket *sock, /* Get a skbuff (no data, just holds our cb information) */ if ((skb = sock_alloc_send_skb(sk, 0, - msg->msg_flags & MSG_DONTWAIT, &err)) == NULL) + msg->msg_flags & MSG_DONTWAIT, + &err)) == NULL) { + mutex_unlock(&econet_mutex); return err; + } eb = (struct ec_cb *)&skb->cb; @@ -475,6 +503,8 @@ static int econet_sendmsg(struct kiocb *iocb, struct socket *sock, #else err = -EPROTOTYPE; #endif + mutex_unlock(&econet_mutex); + return err; } @@ -485,18 +515,25 @@ static int econet_sendmsg(struct kiocb *iocb, struct socket *sock, static int econet_getname(struct socket *sock, struct sockaddr *uaddr, int *uaddr_len, int peer) { - struct sock *sk = sock->sk; - struct econet_sock *eo = ec_sk(sk); + struct sock *sk; + struct econet_sock *eo; struct sockaddr_ec *sec = (struct sockaddr_ec *)uaddr; if (peer) return -EOPNOTSUPP; + mutex_lock(&econet_mutex); + + sk = sock->sk; + eo = ec_sk(sk); + sec->sec_family = AF_ECONET; sec->port = eo->port; sec->addr.station = eo->station; sec->addr.net = eo->net; + mutex_unlock(&econet_mutex); + *uaddr_len = sizeof(*sec); return 0; } @@ -522,10 +559,13 @@ static void econet_destroy_timer(unsigned long data) static int econet_release(struct socket *sock) { - struct sock *sk = sock->sk; + struct sock *sk; + mutex_lock(&econet_mutex); + + sk = sock->sk; if (!sk) - return 0; + goto out_unlock; econet_remove_socket(&econet_sklist, sk); @@ -549,10 +589,14 @@ static int econet_release(struct socket *sock) sk->sk_timer.expires = jiffies + HZ; sk->sk_timer.function = econet_destroy_timer; add_timer(&sk->sk_timer); - return 0; + + goto out_unlock; } sk_free(sk); + +out_unlock: + mutex_unlock(&econet_mutex); return 0; } @@ -608,6 +652,7 @@ static int ec_dev_ioctl(struct socket *sock, unsigned int cmd, void __user *arg) struct ec_device *edev; struct net_device *dev; struct sockaddr_ec *sec; + int err; /* * Fetch the caller's info block into kernel space @@ -621,38 +666,35 @@ static int ec_dev_ioctl(struct socket *sock, unsigned int cmd, void __user *arg) sec = (struct sockaddr_ec *)&ifr.ifr_addr; - switch (cmd) - { + mutex_lock(&econet_mutex); + + err = 0; + switch (cmd) { case SIOCSIFADDR: edev = dev->ec_ptr; - if (edev == NULL) - { + if (edev == NULL) { /* Magic up a new one. */ edev = kmalloc(sizeof(struct ec_device), GFP_KERNEL); if (edev == NULL) { - printk("af_ec: memory squeeze.\n"); - dev_put(dev); - return -ENOMEM; + err = -ENOMEM; + break; } memset(edev, 0, sizeof(struct ec_device)); dev->ec_ptr = edev; - } - else + } else net2dev_map[edev->net] = NULL; edev->station = sec->addr.station; edev->net = sec->addr.net; net2dev_map[sec->addr.net] = dev; if (!net2dev_map[0]) net2dev_map[0] = dev; - dev_put(dev); - return 0; + break; case SIOCGIFADDR: edev = dev->ec_ptr; - if (edev == NULL) - { - dev_put(dev); - return -ENODEV; + if (edev == NULL) { + err = -ENODEV; + break; } memset(sec, 0, sizeof(struct sockaddr_ec)); sec->addr.station = edev->station; @@ -660,12 +702,19 @@ static int ec_dev_ioctl(struct socket *sock, unsigned int cmd, void __user *arg) sec->sec_family = AF_ECONET; dev_put(dev); if (copy_to_user(arg, &ifr, sizeof(struct ifreq))) - return -EFAULT; - return 0; + err = -EFAULT; + break; + + default: + err = -EINVAL; + break; } + mutex_unlock(&econet_mutex); + dev_put(dev); - return -EINVAL; + + return err; } /* @@ -699,7 +748,7 @@ static struct net_proto_family econet_family_ops = { .owner = THIS_MODULE, }; -static const struct proto_ops SOCKOPS_WRAPPED(econet_ops) = { +static const struct proto_ops econet_ops = { .family = PF_ECONET, .owner = THIS_MODULE, .release = econet_release, @@ -720,9 +769,6 @@ static const struct proto_ops SOCKOPS_WRAPPED(econet_ops) = { .sendpage = sock_no_sendpage, }; -#include <linux/smp_lock.h> -SOCKOPS_WRAP(econet, PF_ECONET); - #if defined(CONFIG_ECONET_AUNUDP) || defined(CONFIG_ECONET_NATIVE) /* * Find the listening socket, if any, for the given data. diff --git a/net/ieee80211/Kconfig b/net/ieee80211/Kconfig index d18ccba..dbb0852 100644 --- a/net/ieee80211/Kconfig +++ b/net/ieee80211/Kconfig @@ -66,3 +66,4 @@ config IEEE80211_CRYPT_TKIP This can be compiled as a modules and it will be called "ieee80211_crypt_tkip". +source "net/ieee80211/softmac/Kconfig" diff --git a/net/ieee80211/Makefile b/net/ieee80211/Makefile index f988417..796a7c7 100644 --- a/net/ieee80211/Makefile +++ b/net/ieee80211/Makefile @@ -10,3 +10,4 @@ ieee80211-objs := \ ieee80211_wx.o \ ieee80211_geo.o +obj-$(CONFIG_IEEE80211_SOFTMAC) += softmac/ diff --git a/net/ieee80211/ieee80211_crypt.c b/net/ieee80211/ieee80211_crypt.c index ecc9bb1..cb71d79 100644 --- a/net/ieee80211/ieee80211_crypt.c +++ b/net/ieee80211/ieee80211_crypt.c @@ -18,7 +18,6 @@ #include <linux/string.h> #include <net/ieee80211.h> - MODULE_AUTHOR("Jouni Malinen"); MODULE_DESCRIPTION("HostAP crypto"); MODULE_LICENSE("GPL"); @@ -33,11 +32,11 @@ static DEFINE_SPINLOCK(ieee80211_crypto_lock); void ieee80211_crypt_deinit_entries(struct ieee80211_device *ieee, int force) { - struct ieee80211_crypt_data *entry, *next; + struct ieee80211_crypt_data *entry, *next; unsigned long flags; spin_lock_irqsave(&ieee->lock, flags); - list_for_each_entry_safe(entry, next, &ieee->crypt_deinit_list, list) { + list_for_each_entry_safe(entry, next, &ieee->crypt_deinit_list, list) { if (atomic_read(&entry->refcnt) != 0 && !force) continue; @@ -141,9 +140,9 @@ int ieee80211_unregister_crypto_ops(struct ieee80211_crypto_ops *ops) spin_unlock_irqrestore(&ieee80211_crypto_lock, flags); return -EINVAL; - found: + found: printk(KERN_DEBUG "ieee80211_crypt: unregistered algorithm " - "'%s'\n", ops->name); + "'%s'\n", ops->name); list_del(&alg->list); spin_unlock_irqrestore(&ieee80211_crypto_lock, flags); kfree(alg); @@ -163,7 +162,7 @@ struct ieee80211_crypto_ops *ieee80211_get_crypto_ops(const char *name) spin_unlock_irqrestore(&ieee80211_crypto_lock, flags); return NULL; - found: + found: spin_unlock_irqrestore(&ieee80211_crypto_lock, flags); return alg->ops; } diff --git a/net/ieee80211/ieee80211_crypt_ccmp.c b/net/ieee80211/ieee80211_crypt_ccmp.c index 3840d19..78b2d13 100644 --- a/net/ieee80211/ieee80211_crypt_ccmp.c +++ b/net/ieee80211/ieee80211_crypt_ccmp.c @@ -190,7 +190,8 @@ static void ccmp_init_blocks(struct crypto_tfm *tfm, ieee80211_ccmp_aes_encrypt(tfm, b0, s0); } -static int ieee80211_ccmp_hdr(struct sk_buff *skb, int hdr_len, void *priv) +static int ieee80211_ccmp_hdr(struct sk_buff *skb, int hdr_len, + u8 *aeskey, int keylen, void *priv) { struct ieee80211_ccmp_data *key = priv; int i; @@ -199,6 +200,9 @@ static int ieee80211_ccmp_hdr(struct sk_buff *skb, int hdr_len, void *priv) if (skb_headroom(skb) < CCMP_HDR_LEN || skb->len < hdr_len) return -1; + if (aeskey != NULL && keylen >= CCMP_TK_LEN) + memcpy(aeskey, key->key, CCMP_TK_LEN); + pos = skb_push(skb, CCMP_HDR_LEN); memmove(pos, pos + CCMP_HDR_LEN, hdr_len); pos += hdr_len; @@ -238,7 +242,7 @@ static int ieee80211_ccmp_encrypt(struct sk_buff *skb, int hdr_len, void *priv) return -1; data_len = skb->len - hdr_len; - len = ieee80211_ccmp_hdr(skb, hdr_len, priv); + len = ieee80211_ccmp_hdr(skb, hdr_len, NULL, 0, priv); if (len < 0) return -1; diff --git a/net/ieee80211/ieee80211_crypt_tkip.c b/net/ieee80211/ieee80211_crypt_tkip.c index e098832..93def94 100644 --- a/net/ieee80211/ieee80211_crypt_tkip.c +++ b/net/ieee80211/ieee80211_crypt_tkip.c @@ -80,10 +80,9 @@ static void *ieee80211_tkip_init(int key_idx) { struct ieee80211_tkip_data *priv; - priv = kmalloc(sizeof(*priv), GFP_ATOMIC); + priv = kzalloc(sizeof(*priv), GFP_ATOMIC); if (priv == NULL) goto fail; - memset(priv, 0, sizeof(*priv)); priv->key_idx = key_idx; @@ -271,34 +270,33 @@ static void tkip_mixing_phase2(u8 * WEPSeed, const u8 * TK, const u16 * TTAK, #endif } -static u8 *ieee80211_tkip_hdr(struct sk_buff *skb, int hdr_len, void *priv) +static int ieee80211_tkip_hdr(struct sk_buff *skb, int hdr_len, + u8 * rc4key, int keylen, void *priv) { struct ieee80211_tkip_data *tkey = priv; int len; - u8 *rc4key, *pos, *icv; + u8 *pos; struct ieee80211_hdr_4addr *hdr; - u32 crc; hdr = (struct ieee80211_hdr_4addr *)skb->data; if (skb_headroom(skb) < 8 || skb->len < hdr_len) - return NULL; + return -1; + + if (rc4key == NULL || keylen < 16) + return -1; if (!tkey->tx_phase1_done) { tkip_mixing_phase1(tkey->tx_ttak, tkey->key, hdr->addr2, tkey->tx_iv32); tkey->tx_phase1_done = 1; } - rc4key = kmalloc(16, GFP_ATOMIC); - if (!rc4key) - return NULL; tkip_mixing_phase2(rc4key, tkey->key, tkey->tx_ttak, tkey->tx_iv16); len = skb->len - hdr_len; pos = skb_push(skb, 8); memmove(pos, pos + 8, hdr_len); pos += hdr_len; - icv = skb_put(skb, 4); *pos++ = *rc4key; *pos++ = *(rc4key + 1); @@ -309,28 +307,28 @@ static u8 *ieee80211_tkip_hdr(struct sk_buff *skb, int hdr_len, void *priv) *pos++ = (tkey->tx_iv32 >> 16) & 0xff; *pos++ = (tkey->tx_iv32 >> 24) & 0xff; - crc = ~crc32_le(~0, pos, len); - icv[0] = crc; - icv[1] = crc >> 8; - icv[2] = crc >> 16; - icv[3] = crc >> 24; + tkey->tx_iv16++; + if (tkey->tx_iv16 == 0) { + tkey->tx_phase1_done = 0; + tkey->tx_iv32++; + } - return rc4key; + return 8; } static int ieee80211_tkip_encrypt(struct sk_buff *skb, int hdr_len, void *priv) { struct ieee80211_tkip_data *tkey = priv; int len; - const u8 *rc4key; - u8 *pos; + u8 rc4key[16], *pos, *icv; + u32 crc; struct scatterlist sg; if (tkey->flags & IEEE80211_CRYPTO_TKIP_COUNTERMEASURES) { if (net_ratelimit()) { struct ieee80211_hdr_4addr *hdr = (struct ieee80211_hdr_4addr *)skb->data; - printk(KERN_DEBUG "TKIP countermeasures: dropped " + printk(KERN_DEBUG ": TKIP countermeasures: dropped " "TX packet to " MAC_FMT "\n", MAC_ARG(hdr->addr1)); } @@ -343,22 +341,23 @@ static int ieee80211_tkip_encrypt(struct sk_buff *skb, int hdr_len, void *priv) len = skb->len - hdr_len; pos = skb->data + hdr_len; - rc4key = ieee80211_tkip_hdr(skb, hdr_len, priv); - if (!rc4key) + if ((ieee80211_tkip_hdr(skb, hdr_len, rc4key, 16, priv)) < 0) return -1; + icv = skb_put(skb, 4); + + crc = ~crc32_le(~0, pos, len); + icv[0] = crc; + icv[1] = crc >> 8; + icv[2] = crc >> 16; + icv[3] = crc >> 24; + crypto_cipher_setkey(tkey->tfm_arc4, rc4key, 16); sg.page = virt_to_page(pos); sg.offset = offset_in_page(pos); sg.length = len + 4; crypto_cipher_encrypt(tkey->tfm_arc4, &sg, &sg, len + 4); - tkey->tx_iv16++; - if (tkey->tx_iv16 == 0) { - tkey->tx_phase1_done = 0; - tkey->tx_iv32++; - } - return 0; } @@ -379,7 +378,7 @@ static int ieee80211_tkip_decrypt(struct sk_buff *skb, int hdr_len, void *priv) if (tkey->flags & IEEE80211_CRYPTO_TKIP_COUNTERMEASURES) { if (net_ratelimit()) { - printk(KERN_DEBUG "TKIP countermeasures: dropped " + printk(KERN_DEBUG ": TKIP countermeasures: dropped " "received packet from " MAC_FMT "\n", MAC_ARG(hdr->addr2)); } @@ -695,6 +694,7 @@ static struct ieee80211_crypto_ops ieee80211_crypt_tkip = { .name = "TKIP", .init = ieee80211_tkip_init, .deinit = ieee80211_tkip_deinit, + .build_iv = ieee80211_tkip_hdr, .encrypt_mpdu = ieee80211_tkip_encrypt, .decrypt_mpdu = ieee80211_tkip_decrypt, .encrypt_msdu = ieee80211_michael_mic_add, diff --git a/net/ieee80211/ieee80211_crypt_wep.c b/net/ieee80211/ieee80211_crypt_wep.c index f8dca31..649e581 100644 --- a/net/ieee80211/ieee80211_crypt_wep.c +++ b/net/ieee80211/ieee80211_crypt_wep.c @@ -76,7 +76,8 @@ static void prism2_wep_deinit(void *priv) } /* Add WEP IV/key info to a frame that has at least 4 bytes of headroom */ -static int prism2_wep_build_iv(struct sk_buff *skb, int hdr_len, void *priv) +static int prism2_wep_build_iv(struct sk_buff *skb, int hdr_len, + u8 *key, int keylen, void *priv) { struct prism2_wep_data *wep = priv; u32 klen, len; @@ -131,7 +132,7 @@ static int prism2_wep_encrypt(struct sk_buff *skb, int hdr_len, void *priv) return -1; /* add the IV to the frame */ - if (prism2_wep_build_iv(skb, hdr_len, priv)) + if (prism2_wep_build_iv(skb, hdr_len, NULL, 0, priv)) return -1; /* Copy the IV into the first 3 bytes of the key */ diff --git a/net/ieee80211/ieee80211_geo.c b/net/ieee80211/ieee80211_geo.c index 610cc5c..192243a 100644 --- a/net/ieee80211/ieee80211_geo.c +++ b/net/ieee80211/ieee80211_geo.c @@ -50,7 +50,8 @@ int ieee80211_is_valid_channel(struct ieee80211_device *ieee, u8 channel) /* Driver needs to initialize the geography map before using * these helper functions */ - BUG_ON(ieee->geo.bg_channels == 0 && ieee->geo.a_channels == 0); + if (ieee->geo.bg_channels == 0 && ieee->geo.a_channels == 0) + return 0; if (ieee->freq_band & IEEE80211_24GHZ_BAND) for (i = 0; i < ieee->geo.bg_channels; i++) @@ -58,13 +59,15 @@ int ieee80211_is_valid_channel(struct ieee80211_device *ieee, u8 channel) * this is a B only channel, we don't see it * as valid. */ if ((ieee->geo.bg[i].channel == channel) && + !(ieee->geo.bg[i].flags & IEEE80211_CH_INVALID) && (!(ieee->mode & IEEE_G) || !(ieee->geo.bg[i].flags & IEEE80211_CH_B_ONLY))) return IEEE80211_24GHZ_BAND; if (ieee->freq_band & IEEE80211_52GHZ_BAND) for (i = 0; i < ieee->geo.a_channels; i++) - if (ieee->geo.a[i].channel == channel) + if ((ieee->geo.a[i].channel == channel) && + !(ieee->geo.a[i].flags & IEEE80211_CH_INVALID)) return IEEE80211_52GHZ_BAND; return 0; @@ -76,7 +79,8 @@ int ieee80211_channel_to_index(struct ieee80211_device *ieee, u8 channel) /* Driver needs to initialize the geography map before using * these helper functions */ - BUG_ON(ieee->geo.bg_channels == 0 && ieee->geo.a_channels == 0); + if (ieee->geo.bg_channels == 0 && ieee->geo.a_channels == 0) + return -1; if (ieee->freq_band & IEEE80211_24GHZ_BAND) for (i = 0; i < ieee->geo.bg_channels; i++) @@ -97,7 +101,8 @@ u8 ieee80211_freq_to_channel(struct ieee80211_device * ieee, u32 freq) /* Driver needs to initialize the geography map before using * these helper functions */ - BUG_ON(ieee->geo.bg_channels == 0 && ieee->geo.a_channels == 0); + if (ieee->geo.bg_channels == 0 && ieee->geo.a_channels == 0) + return 0; freq /= 100000; @@ -133,6 +138,41 @@ const struct ieee80211_geo *ieee80211_get_geo(struct ieee80211_device *ieee) return &ieee->geo; } +u8 ieee80211_get_channel_flags(struct ieee80211_device * ieee, u8 channel) +{ + int index = ieee80211_channel_to_index(ieee, channel); + + if (index == -1) + return IEEE80211_CH_INVALID; + + if (channel <= IEEE80211_24GHZ_CHANNELS) + return ieee->geo.bg[index].flags; + + return ieee->geo.a[index].flags; +} + +static const struct ieee80211_channel bad_channel = { + .channel = 0, + .flags = IEEE80211_CH_INVALID, + .max_power = 0, +}; + +const struct ieee80211_channel *ieee80211_get_channel(struct ieee80211_device + *ieee, u8 channel) +{ + int index = ieee80211_channel_to_index(ieee, channel); + + if (index == -1) + return &bad_channel; + + if (channel <= IEEE80211_24GHZ_CHANNELS) + return &ieee->geo.bg[index]; + + return &ieee->geo.a[index]; +} + +EXPORT_SYMBOL(ieee80211_get_channel); +EXPORT_SYMBOL(ieee80211_get_channel_flags); EXPORT_SYMBOL(ieee80211_is_valid_channel); EXPORT_SYMBOL(ieee80211_freq_to_channel); EXPORT_SYMBOL(ieee80211_channel_to_index); diff --git a/net/ieee80211/ieee80211_module.c b/net/ieee80211/ieee80211_module.c index 90d18b7..2cb84d8 100644 --- a/net/ieee80211/ieee80211_module.c +++ b/net/ieee80211/ieee80211_module.c @@ -82,10 +82,28 @@ static int ieee80211_networks_allocate(struct ieee80211_device *ieee) return 0; } +void ieee80211_network_reset(struct ieee80211_network *network) +{ + if (!network) + return; + + if (network->ibss_dfs) { + kfree(network->ibss_dfs); + network->ibss_dfs = NULL; + } +} + static inline void ieee80211_networks_free(struct ieee80211_device *ieee) { + int i; + if (!ieee->networks) return; + + for (i = 0; i < MAX_NETWORK_COUNT; i++) + if (ieee->networks[i].ibss_dfs) + kfree(ieee->networks[i].ibss_dfs); + kfree(ieee->networks); ieee->networks = NULL; } @@ -195,7 +213,7 @@ void free_ieee80211(struct net_device *dev) static int debug = 0; u32 ieee80211_debug_level = 0; -struct proc_dir_entry *ieee80211_proc = NULL; +static struct proc_dir_entry *ieee80211_proc = NULL; static int show_debug_level(char *page, char **start, off_t offset, int count, int *eof, void *data) diff --git a/net/ieee80211/ieee80211_rx.c b/net/ieee80211/ieee80211_rx.c index 7ac6a71..604b7b0 100644 --- a/net/ieee80211/ieee80211_rx.c +++ b/net/ieee80211/ieee80211_rx.c @@ -369,8 +369,8 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb, /* Put this code here so that we avoid duplicating it in all * Rx paths. - Jean II */ +#ifdef CONFIG_WIRELESS_EXT #ifdef IW_WIRELESS_SPY /* defined in iw_handler.h */ -#ifdef CONFIG_NET_RADIO /* If spy monitoring on */ if (ieee->spy_data.spy_number > 0) { struct iw_quality wstats; @@ -397,8 +397,8 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb, /* Update spy records */ wireless_spy_update(ieee->dev, hdr->addr2, &wstats); } -#endif /* CONFIG_NET_RADIO */ #endif /* IW_WIRELESS_SPY */ +#endif /* CONFIG_WIRELESS_EXT */ #ifdef NOT_YET hostap_update_rx_stats(local->ap, hdr, rx_stats); @@ -574,7 +574,7 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb, /* skb: hdr + (possibly fragmented) plaintext payload */ // PR: FIXME: hostap has additional conditions in the "if" below: // ieee->host_decrypt && (fc & IEEE80211_FCTL_PROTECTED) && - if ((frag != 0 || (fc & IEEE80211_FCTL_MOREFRAGS))) { + if ((frag != 0) || (fc & IEEE80211_FCTL_MOREFRAGS)) { int flen; struct sk_buff *frag_skb = ieee80211_frag_cache_get(ieee, hdr); IEEE80211_DEBUG_FRAG("Rx Fragment received (%u)\n", frag); @@ -754,7 +754,14 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb, memset(skb->cb, 0, sizeof(skb->cb)); skb->dev = dev; skb->ip_summed = CHECKSUM_NONE; /* 802.11 crc not sufficient */ - netif_rx(skb); + if (netif_rx(skb) == NET_RX_DROP) { + /* netif_rx always succeeds, but it might drop + * the packet. If it drops the packet, we log that + * in our stats. */ + IEEE80211_DEBUG_DROP + ("RX: netif_rx dropped the packet\n"); + stats->rx_dropped++; + } } rx_exit: @@ -773,6 +780,80 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb, return 0; } +/* Filter out unrelated packets, call ieee80211_rx[_mgt] */ +int ieee80211_rx_any(struct ieee80211_device *ieee, + struct sk_buff *skb, struct ieee80211_rx_stats *stats) +{ + struct ieee80211_hdr_4addr *hdr; + int is_packet_for_us; + u16 fc; + + if (ieee->iw_mode == IW_MODE_MONITOR) + return ieee80211_rx(ieee, skb, stats) ? 0 : -EINVAL; + + hdr = (struct ieee80211_hdr_4addr *)skb->data; + fc = le16_to_cpu(hdr->frame_ctl); + + if ((fc & IEEE80211_FCTL_VERS) != 0) + return -EINVAL; + + switch (fc & IEEE80211_FCTL_FTYPE) { + case IEEE80211_FTYPE_MGMT: + ieee80211_rx_mgt(ieee, hdr, stats); + return 0; + case IEEE80211_FTYPE_DATA: + break; + case IEEE80211_FTYPE_CTL: + return 0; + default: + return -EINVAL; + } + + is_packet_for_us = 0; + switch (ieee->iw_mode) { + case IW_MODE_ADHOC: + /* our BSS and not from/to DS */ + if (memcmp(hdr->addr3, ieee->bssid, ETH_ALEN) == 0) + if ((fc & (IEEE80211_FCTL_TODS+IEEE80211_FCTL_FROMDS)) == 0) { + /* promisc: get all */ + if (ieee->dev->flags & IFF_PROMISC) + is_packet_for_us = 1; + /* to us */ + else if (memcmp(hdr->addr1, ieee->dev->dev_addr, ETH_ALEN) == 0) + is_packet_for_us = 1; + /* mcast */ + else if (is_multicast_ether_addr(hdr->addr1)) + is_packet_for_us = 1; + } + break; + case IW_MODE_INFRA: + /* our BSS (== from our AP) and from DS */ + if (memcmp(hdr->addr2, ieee->bssid, ETH_ALEN) == 0) + if ((fc & (IEEE80211_FCTL_TODS+IEEE80211_FCTL_FROMDS)) == IEEE80211_FCTL_FROMDS) { + /* promisc: get all */ + if (ieee->dev->flags & IFF_PROMISC) + is_packet_for_us = 1; + /* to us */ + else if (memcmp(hdr->addr1, ieee->dev->dev_addr, ETH_ALEN) == 0) + is_packet_for_us = 1; + /* mcast */ + else if (is_multicast_ether_addr(hdr->addr1)) { + /* not our own packet bcasted from AP */ + if (memcmp(hdr->addr3, ieee->dev->dev_addr, ETH_ALEN)) + is_packet_for_us = 1; + } + } + break; + default: + /* ? */ + break; + } + + if (is_packet_for_us) + return (ieee80211_rx(ieee, skb, stats) ? 0 : -EINVAL); + return 0; +} + #define MGMT_FRAME_FIXED_PART_LENGTH 0x24 static u8 qos_oui[QOS_OUI_LEN] = { 0x00, 0x50, 0xF2 }; @@ -930,6 +1011,45 @@ static int ieee80211_parse_qos_info_param_IE(struct ieee80211_info_element return rc; } +#ifdef CONFIG_IEEE80211_DEBUG +#define MFIE_STRING(x) case MFIE_TYPE_ ##x: return #x + +static const char *get_info_element_string(u16 id) +{ + switch (id) { + MFIE_STRING(SSID); + MFIE_STRING(RATES); + MFIE_STRING(FH_SET); + MFIE_STRING(DS_SET); + MFIE_STRING(CF_SET); + MFIE_STRING(TIM); + MFIE_STRING(IBSS_SET); + MFIE_STRING(COUNTRY); + MFIE_STRING(HOP_PARAMS); + MFIE_STRING(HOP_TABLE); + MFIE_STRING(REQUEST); + MFIE_STRING(CHALLENGE); + MFIE_STRING(POWER_CONSTRAINT); + MFIE_STRING(POWER_CAPABILITY); + MFIE_STRING(TPC_REQUEST); + MFIE_STRING(TPC_REPORT); + MFIE_STRING(SUPP_CHANNELS); + MFIE_STRING(CSA); + MFIE_STRING(MEASURE_REQUEST); + MFIE_STRING(MEASURE_REPORT); + MFIE_STRING(QUIET); + MFIE_STRING(IBSS_DFS); + MFIE_STRING(ERP_INFO); + MFIE_STRING(RSN); + MFIE_STRING(RATES_EX); + MFIE_STRING(GENERIC); + MFIE_STRING(QOS_PARAMETER); + default: + return "UNKNOWN"; + } +} +#endif + static int ieee80211_parse_info_param(struct ieee80211_info_element *info_element, u16 length, struct ieee80211_network *network) @@ -1040,7 +1160,9 @@ static int ieee80211_parse_info_param(struct ieee80211_info_element break; case MFIE_TYPE_TIM: - IEEE80211_DEBUG_MGMT("MFIE_TYPE_TIM: ignored\n"); + network->tim.tim_count = info_element->data[0]; + network->tim.tim_period = info_element->data[1]; + IEEE80211_DEBUG_MGMT("MFIE_TYPE_TIM: partially ignored\n"); break; case MFIE_TYPE_ERP_INFO: @@ -1091,10 +1213,49 @@ static int ieee80211_parse_info_param(struct ieee80211_info_element printk(KERN_ERR "QoS Error need to parse QOS_PARAMETER IE\n"); break; + /* 802.11h */ + case MFIE_TYPE_POWER_CONSTRAINT: + network->power_constraint = info_element->data[0]; + network->flags |= NETWORK_HAS_POWER_CONSTRAINT; + break; + + case MFIE_TYPE_CSA: + network->power_constraint = info_element->data[0]; + network->flags |= NETWORK_HAS_CSA; + break; + + case MFIE_TYPE_QUIET: + network->quiet.count = info_element->data[0]; + network->quiet.period = info_element->data[1]; + network->quiet.duration = info_element->data[2]; + network->quiet.offset = info_element->data[3]; + network->flags |= NETWORK_HAS_QUIET; + break; + + case MFIE_TYPE_IBSS_DFS: + if (network->ibss_dfs) + break; + network->ibss_dfs = + kmalloc(info_element->len, GFP_ATOMIC); + if (!network->ibss_dfs) + return 1; + memcpy(network->ibss_dfs, info_element->data, + info_element->len); + network->flags |= NETWORK_HAS_IBSS_DFS; + break; + + case MFIE_TYPE_TPC_REPORT: + network->tpc_report.transmit_power = + info_element->data[0]; + network->tpc_report.link_margin = info_element->data[1]; + network->flags |= NETWORK_HAS_TPC_REPORT; + break; default: - IEEE80211_DEBUG_MGMT("unsupported IE %d\n", - info_element->id); + IEEE80211_DEBUG_MGMT + ("Unsupported info element: %s (%d)\n", + get_info_element_string(info_element->id), + info_element->id); break; } @@ -1110,7 +1271,9 @@ static int ieee80211_parse_info_param(struct ieee80211_info_element static int ieee80211_handle_assoc_resp(struct ieee80211_device *ieee, struct ieee80211_assoc_response *frame, struct ieee80211_rx_stats *stats) { - struct ieee80211_network network_resp; + struct ieee80211_network network_resp = { + .ibss_dfs = NULL, + }; struct ieee80211_network *network = &network_resp; struct net_device *dev = ieee->dev; @@ -1253,7 +1416,22 @@ static void update_network(struct ieee80211_network *dst, int qos_active; u8 old_param; - memcpy(&dst->stats, &src->stats, sizeof(struct ieee80211_rx_stats)); + ieee80211_network_reset(dst); + dst->ibss_dfs = src->ibss_dfs; + + /* We only update the statistics if they were created by receiving + * the network information on the actual channel the network is on. + * + * This keeps beacons received on neighbor channels from bringing + * down the signal level of an AP. */ + if (dst->channel == src->stats.received_channel) + memcpy(&dst->stats, &src->stats, + sizeof(struct ieee80211_rx_stats)); + else + IEEE80211_DEBUG_SCAN("Network " MAC_FMT " info received " + "off channel (%d vs. %d)\n", MAC_ARG(src->bssid), + dst->channel, src->stats.received_channel); + dst->capability = src->capability; memcpy(dst->rates, src->rates, src->rates_len); dst->rates_len = src->rates_len; @@ -1269,6 +1447,7 @@ static void update_network(struct ieee80211_network *dst, dst->listen_interval = src->listen_interval; dst->atim_window = src->atim_window; dst->erp_value = src->erp_value; + dst->tim = src->tim; memcpy(dst->wpa_ie, src->wpa_ie, src->wpa_ie_len); dst->wpa_ie_len = src->wpa_ie_len; @@ -1313,7 +1492,9 @@ static void ieee80211_process_probe_response(struct ieee80211_device *stats) { struct net_device *dev = ieee->dev; - struct ieee80211_network network; + struct ieee80211_network network = { + .ibss_dfs = NULL, + }; struct ieee80211_network *target; struct ieee80211_network *oldest = NULL; #ifdef CONFIG_IEEE80211_DEBUG @@ -1386,6 +1567,7 @@ static void ieee80211_process_probe_response(struct ieee80211_device escape_essid(target->ssid, target->ssid_len), MAC_ARG(target->bssid)); + ieee80211_network_reset(target); } else { /* Otherwise just pull from the free list */ target = list_entry(ieee->network_free_list.next, @@ -1402,6 +1584,7 @@ static void ieee80211_process_probe_response(struct ieee80211_device "BEACON" : "PROBE RESPONSE"); #endif memcpy(target, &network, sizeof(*target)); + network.ibss_dfs = NULL; list_add_tail(&target->list, &ieee->network_list); } else { IEEE80211_DEBUG_SCAN("Updating '%s' (" MAC_FMT ") via %s.\n", @@ -1411,6 +1594,7 @@ static void ieee80211_process_probe_response(struct ieee80211_device is_beacon(beacon->header.frame_ctl) ? "BEACON" : "PROBE RESPONSE"); update_network(target, &network); + network.ibss_dfs = NULL; } spin_unlock_irqrestore(&ieee->lock, flags); @@ -1495,10 +1679,43 @@ void ieee80211_rx_mgt(struct ieee80211_device *ieee, header); break; + case IEEE80211_STYPE_ACTION: + IEEE80211_DEBUG_MGMT("ACTION\n"); + if (ieee->handle_action) + ieee->handle_action(ieee->dev, + (struct ieee80211_action *) + header, stats); + break; + + case IEEE80211_STYPE_REASSOC_REQ: + IEEE80211_DEBUG_MGMT("received reassoc (%d)\n", + WLAN_FC_GET_STYPE(le16_to_cpu + (header->frame_ctl))); + + IEEE80211_WARNING("%s: IEEE80211_REASSOC_REQ received\n", + ieee->dev->name); + if (ieee->handle_reassoc_request != NULL) + ieee->handle_reassoc_request(ieee->dev, + (struct ieee80211_reassoc_request *) + header); + break; + + case IEEE80211_STYPE_ASSOC_REQ: + IEEE80211_DEBUG_MGMT("received assoc (%d)\n", + WLAN_FC_GET_STYPE(le16_to_cpu + (header->frame_ctl))); + + IEEE80211_WARNING("%s: IEEE80211_ASSOC_REQ received\n", + ieee->dev->name); + if (ieee->handle_assoc_request != NULL) + ieee->handle_assoc_request(ieee->dev); + break; + case IEEE80211_STYPE_DEAUTH: - printk("DEAUTH from AP\n"); + IEEE80211_DEBUG_MGMT("DEAUTH\n"); if (ieee->handle_deauth != NULL) - ieee->handle_deauth(ieee->dev, (struct ieee80211_auth *) + ieee->handle_deauth(ieee->dev, + (struct ieee80211_deauth *) header); break; default: diff --git a/net/ieee80211/ieee80211_tx.c b/net/ieee80211/ieee80211_tx.c index 8fdd943..8b4332f 100644 --- a/net/ieee80211/ieee80211_tx.c +++ b/net/ieee80211/ieee80211_tx.c @@ -56,7 +56,18 @@ Desc. | ctrl | dura | DA/RA | TA | SA | Sequ | Frame | fcs | `--------------------------------------------------| |------' Total: 28 non-data bytes `----.----' | - .- 'Frame data' expands to <---------------------------' + .- 'Frame data' expands, if WEP enabled, to <----------' + | + V + ,-----------------------. +Bytes | 4 | 0-2296 | 4 | + |-----|-----------|-----| +Desc. | IV | Encrypted | ICV | + | | Packet | | + `-----| |-----' + `-----.-----' + | + .- 'Encrypted Packet' expands to | V ,---------------------------------------------------. @@ -65,18 +76,7 @@ Bytes | 1 | 1 | 1 | 3 | 2 | 0-2304 | Desc. | SNAP | SNAP | Control |Eth Tunnel| Type | IP | | DSAP | SSAP | | | | Packet | | 0xAA | 0xAA |0x03 (UI)|0x00-00-F8| | | - `-----------------------------------------| | -Total: 8 non-data bytes `----.----' - | - .- 'IP Packet' expands, if WEP enabled, to <--' - | - V - ,-----------------------. -Bytes | 4 | 0-2296 | 4 | - |-----|-----------|-----| -Desc. | IV | Encrypted | ICV | - | | IP Packet | | - `-----------------------' + `---------------------------------------------------- Total: 8 non-data bytes 802.3 Ethernet Data Frame @@ -470,7 +470,9 @@ int ieee80211_xmit(struct sk_buff *skb, struct net_device *dev) atomic_inc(&crypt->refcnt); if (crypt->ops->build_iv) crypt->ops->build_iv(skb_frag, hdr_len, - crypt->priv); + ieee->sec.keys[ieee->sec.active_key], + ieee->sec.key_sizes[ieee->sec.active_key], + crypt->priv); atomic_dec(&crypt->refcnt); } diff --git a/net/ieee80211/ieee80211_wx.c b/net/ieee80211/ieee80211_wx.c index f87c6b8..b885fd1 100644 --- a/net/ieee80211/ieee80211_wx.c +++ b/net/ieee80211/ieee80211_wx.c @@ -42,7 +42,7 @@ static const char *ieee80211_modes[] = { }; #define MAX_CUSTOM_LEN 64 -static char *ipw2100_translate_scan(struct ieee80211_device *ieee, +static char *ieee80211_translate_scan(struct ieee80211_device *ieee, char *start, char *stop, struct ieee80211_network *network) { @@ -149,9 +149,7 @@ static char *ipw2100_translate_scan(struct ieee80211_device *ieee, iwe.u.qual.updated |= IW_QUAL_QUAL_INVALID | IW_QUAL_LEVEL_INVALID; iwe.u.qual.qual = 0; - iwe.u.qual.level = 0; } else { - iwe.u.qual.level = network->stats.rssi; if (ieee->perfect_rssi == ieee->worst_rssi) iwe.u.qual.qual = 100; else @@ -179,6 +177,13 @@ static char *ipw2100_translate_scan(struct ieee80211_device *ieee, iwe.u.qual.noise = network->stats.noise; } + if (!(network->stats.mask & IEEE80211_STATMASK_SIGNAL)) { + iwe.u.qual.updated |= IW_QUAL_LEVEL_INVALID; + iwe.u.qual.level = 0; + } else { + iwe.u.qual.level = network->stats.signal; + } + start = iwe_stream_add_event(start, stop, &iwe, IW_EV_QUAL_LEN); iwe.cmd = IWEVCUSTOM; @@ -188,33 +193,21 @@ static char *ipw2100_translate_scan(struct ieee80211_device *ieee, if (iwe.u.data.length) start = iwe_stream_add_point(start, stop, &iwe, custom); + memset(&iwe, 0, sizeof(iwe)); if (network->wpa_ie_len) { - char buf[MAX_WPA_IE_LEN * 2 + 30]; - - u8 *p = buf; - p += sprintf(p, "wpa_ie="); - for (i = 0; i < network->wpa_ie_len; i++) { - p += sprintf(p, "%02x", network->wpa_ie[i]); - } - - memset(&iwe, 0, sizeof(iwe)); - iwe.cmd = IWEVCUSTOM; - iwe.u.data.length = strlen(buf); + char buf[MAX_WPA_IE_LEN]; + memcpy(buf, network->wpa_ie, network->wpa_ie_len); + iwe.cmd = IWEVGENIE; + iwe.u.data.length = network->wpa_ie_len; start = iwe_stream_add_point(start, stop, &iwe, buf); } + memset(&iwe, 0, sizeof(iwe)); if (network->rsn_ie_len) { - char buf[MAX_WPA_IE_LEN * 2 + 30]; - - u8 *p = buf; - p += sprintf(p, "rsn_ie="); - for (i = 0; i < network->rsn_ie_len; i++) { - p += sprintf(p, "%02x", network->rsn_ie[i]); - } - - memset(&iwe, 0, sizeof(iwe)); - iwe.cmd = IWEVCUSTOM; - iwe.u.data.length = strlen(buf); + char buf[MAX_WPA_IE_LEN]; + memcpy(buf, network->rsn_ie, network->rsn_ie_len); + iwe.cmd = IWEVGENIE; + iwe.u.data.length = network->rsn_ie_len; start = iwe_stream_add_point(start, stop, &iwe, buf); } @@ -229,6 +222,28 @@ static char *ipw2100_translate_scan(struct ieee80211_device *ieee, if (iwe.u.data.length) start = iwe_stream_add_point(start, stop, &iwe, custom); + /* Add spectrum management information */ + iwe.cmd = -1; + p = custom; + p += snprintf(p, MAX_CUSTOM_LEN - (p - custom), " Channel flags: "); + + if (ieee80211_get_channel_flags(ieee, network->channel) & + IEEE80211_CH_INVALID) { + iwe.cmd = IWEVCUSTOM; + p += snprintf(p, MAX_CUSTOM_LEN - (p - custom), "INVALID "); + } + + if (ieee80211_get_channel_flags(ieee, network->channel) & + IEEE80211_CH_RADAR_DETECT) { + iwe.cmd = IWEVCUSTOM; + p += snprintf(p, MAX_CUSTOM_LEN - (p - custom), "DFS "); + } + + if (iwe.cmd == IWEVCUSTOM) { + iwe.u.data.length = p - custom; + start = iwe_stream_add_point(start, stop, &iwe, custom); + } + return start; } @@ -259,7 +274,7 @@ int ieee80211_wx_get_scan(struct ieee80211_device *ieee, if (ieee->scan_age == 0 || time_after(network->last_scanned + ieee->scan_age, jiffies)) - ev = ipw2100_translate_scan(ieee, ev, stop, network); + ev = ieee80211_translate_scan(ieee, ev, stop, network); else IEEE80211_DEBUG_SCAN("Not showing network '%s (" MAC_FMT ")' due to age (%dms).\n", @@ -734,9 +749,98 @@ int ieee80211_wx_get_encodeext(struct ieee80211_device *ieee, return 0; } +int ieee80211_wx_set_auth(struct net_device *dev, + struct iw_request_info *info, + union iwreq_data *wrqu, + char *extra) +{ + struct ieee80211_device *ieee = netdev_priv(dev); + unsigned long flags; + int err = 0; + + spin_lock_irqsave(&ieee->lock, flags); + + switch (wrqu->param.flags & IW_AUTH_INDEX) { + case IW_AUTH_WPA_VERSION: + case IW_AUTH_CIPHER_PAIRWISE: + case IW_AUTH_CIPHER_GROUP: + case IW_AUTH_KEY_MGMT: + /* + * Host AP driver does not use these parameters and allows + * wpa_supplicant to control them internally. + */ + break; + case IW_AUTH_TKIP_COUNTERMEASURES: + break; /* FIXME */ + case IW_AUTH_DROP_UNENCRYPTED: + ieee->drop_unencrypted = !!wrqu->param.value; + break; + case IW_AUTH_80211_AUTH_ALG: + break; /* FIXME */ + case IW_AUTH_WPA_ENABLED: + ieee->privacy_invoked = ieee->wpa_enabled = !!wrqu->param.value; + break; + case IW_AUTH_RX_UNENCRYPTED_EAPOL: + ieee->ieee802_1x = !!wrqu->param.value; + break; + case IW_AUTH_PRIVACY_INVOKED: + ieee->privacy_invoked = !!wrqu->param.value; + break; + default: + err = -EOPNOTSUPP; + break; + } + spin_unlock_irqrestore(&ieee->lock, flags); + return err; +} + +int ieee80211_wx_get_auth(struct net_device *dev, + struct iw_request_info *info, + union iwreq_data *wrqu, + char *extra) +{ + struct ieee80211_device *ieee = netdev_priv(dev); + unsigned long flags; + int err = 0; + + spin_lock_irqsave(&ieee->lock, flags); + + switch (wrqu->param.flags & IW_AUTH_INDEX) { + case IW_AUTH_WPA_VERSION: + case IW_AUTH_CIPHER_PAIRWISE: + case IW_AUTH_CIPHER_GROUP: + case IW_AUTH_KEY_MGMT: + case IW_AUTH_TKIP_COUNTERMEASURES: /* FIXME */ + case IW_AUTH_80211_AUTH_ALG: /* FIXME */ + /* + * Host AP driver does not use these parameters and allows + * wpa_supplicant to control them internally. + */ + err = -EOPNOTSUPP; + break; + case IW_AUTH_DROP_UNENCRYPTED: + wrqu->param.value = ieee->drop_unencrypted; + break; + case IW_AUTH_WPA_ENABLED: + wrqu->param.value = ieee->wpa_enabled; + break; + case IW_AUTH_RX_UNENCRYPTED_EAPOL: + wrqu->param.value = ieee->ieee802_1x; + break; + default: + err = -EOPNOTSUPP; + break; + } + spin_unlock_irqrestore(&ieee->lock, flags); + return err; +} + EXPORT_SYMBOL(ieee80211_wx_set_encodeext); EXPORT_SYMBOL(ieee80211_wx_get_encodeext); EXPORT_SYMBOL(ieee80211_wx_get_scan); EXPORT_SYMBOL(ieee80211_wx_set_encode); EXPORT_SYMBOL(ieee80211_wx_get_encode); + +EXPORT_SYMBOL_GPL(ieee80211_wx_set_auth); +EXPORT_SYMBOL_GPL(ieee80211_wx_get_auth); diff --git a/net/ieee80211/softmac/Kconfig b/net/ieee80211/softmac/Kconfig new file mode 100644 index 0000000..6cd9f34 --- /dev/null +++ b/net/ieee80211/softmac/Kconfig @@ -0,0 +1,10 @@ +config IEEE80211_SOFTMAC + tristate "Software MAC add-on to the IEEE 802.11 networking stack" + depends on IEEE80211 && EXPERIMENTAL + ---help--- + This option enables the hardware independent software MAC addon + for the IEEE 802.11 networking stack. + +config IEEE80211_SOFTMAC_DEBUG + bool "Enable full debugging output" + depends on IEEE80211_SOFTMAC diff --git a/net/ieee80211/softmac/Makefile b/net/ieee80211/softmac/Makefile new file mode 100644 index 0000000..bfcb391 --- /dev/null +++ b/net/ieee80211/softmac/Makefile @@ -0,0 +1,9 @@ +obj-$(CONFIG_IEEE80211_SOFTMAC) += ieee80211softmac.o +ieee80211softmac-objs := \ + ieee80211softmac_io.o \ + ieee80211softmac_auth.o \ + ieee80211softmac_module.o \ + ieee80211softmac_scan.o \ + ieee80211softmac_wx.o \ + ieee80211softmac_assoc.o \ + ieee80211softmac_event.o diff --git a/net/ieee80211/softmac/ieee80211softmac_assoc.c b/net/ieee80211/softmac/ieee80211softmac_assoc.c new file mode 100644 index 0000000..be61de78 --- /dev/null +++ b/net/ieee80211/softmac/ieee80211softmac_assoc.c @@ -0,0 +1,396 @@ +/* + * This file contains the softmac's association logic. + * + * Copyright (c) 2005, 2006 Johannes Berg <johannes@sipsolutions.net> + * Joseph Jezak <josejx@gentoo.org> + * Larry Finger <Larry.Finger@lwfinger.net> + * Danny van Dyk <kugelfang@gentoo.org> + * Michael Buesch <mbuesch@freenet.de> + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of version 2 of the GNU General Public License as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + * + * The full GNU General Public License is included in this distribution in the + * file called COPYING. + */ + +#include "ieee80211softmac_priv.h" + +/* + * Overview + * + * Before you can associate, you have to authenticate. + * + */ + +/* Sends out an association request to the desired AP */ +static void +ieee80211softmac_assoc(struct ieee80211softmac_device *mac, struct ieee80211softmac_network *net) +{ + unsigned long flags; + + /* Switch to correct channel for this network */ + mac->set_channel(mac->dev, net->channel); + + /* Send association request */ + ieee80211softmac_send_mgt_frame(mac, net, IEEE80211_STYPE_ASSOC_REQ, 0); + + dprintk(KERN_INFO PFX "sent association request!\n"); + + /* Change the state to associating */ + spin_lock_irqsave(&mac->lock, flags); + mac->associnfo.associating = 1; + mac->associated = 0; /* just to make sure */ + spin_unlock_irqrestore(&mac->lock, flags); + + /* Set a timer for timeout */ + /* FIXME: make timeout configurable */ + schedule_delayed_work(&mac->associnfo.timeout, 5 * HZ); +} + +void +ieee80211softmac_assoc_timeout(void *d) +{ + struct ieee80211softmac_device *mac = (struct ieee80211softmac_device *)d; + unsigned long flags; + + spin_lock_irqsave(&mac->lock, flags); + /* we might race against ieee80211softmac_handle_assoc_response, + * so make sure only one of us does something */ + if (!mac->associnfo.associating) { + spin_unlock_irqrestore(&mac->lock, flags); + return; + } + mac->associnfo.associating = 0; + mac->associnfo.bssvalid = 0; + mac->associated = 0; + spin_unlock_irqrestore(&mac->lock, flags); + + dprintk(KERN_INFO PFX "assoc request timed out!\n"); + /* FIXME: we need to know the network here. that requires a bit of restructuring */ + ieee80211softmac_call_events(mac, IEEE80211SOFTMAC_EVENT_ASSOCIATE_TIMEOUT, NULL); +} + +/* Sends out a disassociation request to the desired AP */ +static void +ieee80211softmac_disassoc(struct ieee80211softmac_device *mac, u16 reason) +{ + unsigned long flags; + struct ieee80211softmac_network *found; + + if (mac->associnfo.bssvalid && mac->associated) { + found = ieee80211softmac_get_network_by_bssid(mac, mac->associnfo.bssid); + if (found) + ieee80211softmac_send_mgt_frame(mac, found, IEEE80211_STYPE_DISASSOC, reason); + } else if (mac->associnfo.associating) { + cancel_delayed_work(&mac->associnfo.timeout); + } + + /* Change our state */ + spin_lock_irqsave(&mac->lock, flags); + /* Do NOT clear bssvalid as that will break ieee80211softmac_assoc_work! */ + mac->associated = 0; + mac->associnfo.associating = 0; + spin_unlock_irqrestore(&mac->lock, flags); +} + +static inline int +we_support_all_basic_rates(struct ieee80211softmac_device *mac, u8 *from, u8 from_len) +{ + int idx, search, found; + u8 rate, search_rate; + + for (idx = 0; idx < (from_len); idx++) { + rate = (from)[idx]; + if (!(rate & IEEE80211_BASIC_RATE_MASK)) + continue; + found = 0; + rate &= ~IEEE80211_BASIC_RATE_MASK; + for (search = 0; search < mac->ratesinfo.count; search++) { + search_rate = mac->ratesinfo.rates[search]; + search_rate &= ~IEEE80211_BASIC_RATE_MASK; + if (rate == search_rate) { + found = 1; + break; + } + } + if (!found) + return 0; + } + return 1; +} + +static int +network_matches_request(struct ieee80211softmac_device *mac, struct ieee80211_network *net) +{ + /* we cannot associate to networks whose name we don't know */ + if (ieee80211_is_empty_essid(net->ssid, net->ssid_len)) + return 0; + /* do not associate to a network whose BSSBasicRateSet we cannot support */ + if (!we_support_all_basic_rates(mac, net->rates, net->rates_len)) + return 0; + /* do we really need to check the ex rates? */ + if (!we_support_all_basic_rates(mac, net->rates_ex, net->rates_ex_len)) + return 0; + + /* if 'ANY' network requested, take any that doesn't have privacy enabled */ + if (mac->associnfo.req_essid.len == 0 + && !(net->capability & WLAN_CAPABILITY_PRIVACY)) + return 1; + if (net->ssid_len != mac->associnfo.req_essid.len) + return 0; + if (!memcmp(net->ssid, mac->associnfo.req_essid.data, mac->associnfo.req_essid.len)) + return 1; + return 0; +} + +static void +ieee80211softmac_assoc_notify(struct net_device *dev, void *context) +{ + struct ieee80211softmac_device *mac = ieee80211_priv(dev); + ieee80211softmac_assoc_work((void*)mac); +} + +/* This function is called to handle userspace requests (asynchronously) */ +void +ieee80211softmac_assoc_work(void *d) +{ + struct ieee80211softmac_device *mac = (struct ieee80211softmac_device *)d; + struct ieee80211softmac_network *found = NULL; + struct ieee80211_network *net = NULL, *best = NULL; + unsigned long flags; + + /* meh */ + if (mac->associated) + ieee80211softmac_disassoc(mac, WLAN_REASON_DISASSOC_STA_HAS_LEFT); + + /* try to find the requested network in our list, if we found one already */ + if (mac->associnfo.bssvalid) + found = ieee80211softmac_get_network_by_bssid(mac, mac->associnfo.bssid); + + /* Search the ieee80211 networks for this network if we didn't find it by bssid, + * but only if we've scanned at least once (to get a better list of networks to + * select from). If we have not scanned before, the !found logic below will be + * invoked and will scan. */ + if (!found && (mac->associnfo.scan_retry < IEEE80211SOFTMAC_ASSOC_SCAN_RETRY_LIMIT)) + { + s8 rssi = -128; /* if I don't initialise, gcc emits an invalid warning + because it cannot follow the best pointer logic. */ + spin_lock_irqsave(&mac->ieee->lock, flags); + list_for_each_entry(net, &mac->ieee->network_list, list) { + /* we're supposed to find the network with + * the best signal here, as we're asked to join + * any network with a specific ESSID, and many + * different ones could have that. + * + * I'll for now just go with the reported rssi. + * + * We also should take into account the rateset + * here to find the best BSSID to try. + */ + if (network_matches_request(mac, net)) { + if (!best) { + best = net; + rssi = best->stats.rssi; + continue; + } + /* we already had a matching network, so + * compare their properties to get the + * better of the two ... (see above) + */ + if (rssi < net->stats.rssi) { + best = net; + rssi = best->stats.rssi; + } + } + } + /* if we unlock here, we might get interrupted and the `best' + * pointer could go stale */ + if (best) { + found = ieee80211softmac_create_network(mac, best); + /* if found is still NULL, then we got -ENOMEM somewhere */ + if (found) + ieee80211softmac_add_network(mac, found); + } + spin_unlock_irqrestore(&mac->ieee->lock, flags); + } + + if (!found) { + if (mac->associnfo.scan_retry > 0) { + spin_lock_irqsave(&mac->lock, flags); + mac->associnfo.scan_retry--; + spin_unlock_irqrestore(&mac->lock, flags); + + /* We know of no such network. Let's scan. + * NB: this also happens if we had no memory to copy the network info... + * Maybe we can hope to have more memory after scanning finishes ;) + */ + dprintk(KERN_INFO PFX "Associate: Scanning for networks first.\n"); + ieee80211softmac_notify(mac->dev, IEEE80211SOFTMAC_EVENT_SCAN_FINISHED, ieee80211softmac_assoc_notify, NULL); + if (ieee80211softmac_start_scan(mac)) + dprintk(KERN_INFO PFX "Associate: failed to initiate scan. Is device up?\n"); + return; + } + else { + spin_lock_irqsave(&mac->lock, flags); + mac->associnfo.associating = 0; + mac->associated = 0; + spin_unlock_irqrestore(&mac->lock, flags); + + dprintk(KERN_INFO PFX "Unable to find matching network after scan!\n"); + ieee80211softmac_call_events(mac, IEEE80211SOFTMAC_EVENT_ASSOCIATE_NET_NOT_FOUND, NULL); + return; + } + } + + mac->associnfo.bssvalid = 1; + memcpy(mac->associnfo.bssid, found->bssid, ETH_ALEN); + /* copy the ESSID for displaying it */ + mac->associnfo.associate_essid.len = found->essid.len; + memcpy(mac->associnfo.associate_essid.data, found->essid.data, IW_ESSID_MAX_SIZE + 1); + + /* we found a network! authenticate (if necessary) and associate to it. */ + if (!found->authenticated) { + /* This relies on the fact that _auth_req only queues the work, + * otherwise adding the notification would be racy. */ + if (!ieee80211softmac_auth_req(mac, found)) { + dprintk(KERN_INFO PFX "cannot associate without being authenticated, requested authentication\n"); + ieee80211softmac_notify_internal(mac, IEEE80211SOFTMAC_EVENT_ANY, found, ieee80211softmac_assoc_notify, NULL, GFP_KERNEL); + } else { + printkl(KERN_WARNING PFX "Not authenticated, but requesting authentication failed. Giving up to associate\n"); + ieee80211softmac_call_events(mac, IEEE80211SOFTMAC_EVENT_ASSOCIATE_FAILED, found); + } + return; + } + /* finally! now we can start associating */ + ieee80211softmac_assoc(mac, found); +} + +/* call this to do whatever is necessary when we're associated */ +static void +ieee80211softmac_associated(struct ieee80211softmac_device *mac, + struct ieee80211_assoc_response * resp, + struct ieee80211softmac_network *net) +{ + mac->associnfo.associating = 0; + mac->associated = 1; + if (mac->set_bssid_filter) + mac->set_bssid_filter(mac->dev, net->bssid); + memcpy(mac->ieee->bssid, net->bssid, ETH_ALEN); + netif_carrier_on(mac->dev); + + mac->association_id = le16_to_cpup(&resp->aid); +} + +/* received frame handling functions */ +int +ieee80211softmac_handle_assoc_response(struct net_device * dev, + struct ieee80211_assoc_response * resp, + struct ieee80211_network * _ieee80211_network_do_not_use) +{ + /* NOTE: the network parameter has to be ignored by + * this code because it is the ieee80211's pointer + * to the struct, not ours (we made a copy) + */ + struct ieee80211softmac_device *mac = ieee80211_priv(dev); + u16 status = le16_to_cpup(&resp->status); + struct ieee80211softmac_network *network = NULL; + unsigned long flags; + + spin_lock_irqsave(&mac->lock, flags); + + if (!mac->associnfo.associating) { + /* we race against the timeout function, so make sure + * only one of us can do work */ + spin_unlock_irqrestore(&mac->lock, flags); + return 0; + } + network = ieee80211softmac_get_network_by_bssid_locked(mac, resp->header.addr3); + + /* someone sending us things without us knowing him? Ignore. */ + if (!network) { + dprintk(KERN_INFO PFX "Received unrequested assocation response from " MAC_FMT "\n", MAC_ARG(resp->header.addr3)); + spin_unlock_irqrestore(&mac->lock, flags); + return 0; + } + + /* now that we know it was for us, we can cancel the timeout */ + cancel_delayed_work(&mac->associnfo.timeout); + + switch (status) { + case 0: + dprintk(KERN_INFO PFX "associated!\n"); + ieee80211softmac_associated(mac, resp, network); + ieee80211softmac_call_events_locked(mac, IEEE80211SOFTMAC_EVENT_ASSOCIATED, network); + break; + case WLAN_REASON_STA_REQ_ASSOC_WITHOUT_AUTH: + if (!network->auth_desynced_once) { + /* there seem to be a few rare cases where our view of + * the world is obscured, or buggy APs that don't DEAUTH + * us properly. So we handle that, but allow it only once. + */ + printkl(KERN_INFO PFX "We were not authenticated during association, retrying...\n"); + network->authenticated = 0; + /* we don't want to do this more than once ... */ + network->auth_desynced_once = 1; + schedule_work(&mac->associnfo.work); + break; + } + default: + dprintk(KERN_INFO PFX "associating failed (reason: 0x%x)!\n", status); + mac->associnfo.associating = 0; + mac->associnfo.bssvalid = 0; + mac->associated = 0; + ieee80211softmac_call_events_locked(mac, IEEE80211SOFTMAC_EVENT_ASSOCIATE_FAILED, network); + } + + spin_unlock_irqrestore(&mac->lock, flags); + return 0; +} + +int +ieee80211softmac_handle_disassoc(struct net_device * dev, + struct ieee80211_disassoc *disassoc) +{ + struct ieee80211softmac_device *mac = ieee80211_priv(dev); + unsigned long flags; + if (memcmp(disassoc->header.addr2, mac->associnfo.bssid, ETH_ALEN)) + return 0; + if (memcmp(disassoc->header.addr1, mac->dev->dev_addr, ETH_ALEN)) + return 0; + dprintk(KERN_INFO PFX "got disassoc frame\n"); + netif_carrier_off(dev); + spin_lock_irqsave(&mac->lock, flags); + mac->associnfo.bssvalid = 0; + mac->associated = 0; + schedule_work(&mac->associnfo.work); + spin_unlock_irqrestore(&mac->lock, flags); + + return 0; +} + +int +ieee80211softmac_handle_reassoc_req(struct net_device * dev, + struct ieee80211_reassoc_request * resp) +{ + struct ieee80211softmac_device *mac = ieee80211_priv(dev); + struct ieee80211softmac_network *network; + + network = ieee80211softmac_get_network_by_bssid(mac, resp->header.addr3); + if (!network) { + dprintkl(KERN_INFO PFX "reassoc request from unknown network\n"); + return 0; + } + ieee80211softmac_assoc(mac, network); + return 0; +} diff --git a/net/ieee80211/softmac/ieee80211softmac_auth.c b/net/ieee80211/softmac/ieee80211softmac_auth.c new file mode 100644 index 0000000..9a0eac6 --- /dev/null +++ b/net/ieee80211/softmac/ieee80211softmac_auth.c @@ -0,0 +1,364 @@ +/* + * This file contains the softmac's authentication logic. + * + * Copyright (c) 2005, 2006 Johannes Berg <johannes@sipsolutions.net> + * Joseph Jezak <josejx@gentoo.org> + * Larry Finger <Larry.Finger@lwfinger.net> + * Danny van Dyk <kugelfang@gentoo.org> + * Michael Buesch <mbuesch@freenet.de> + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of version 2 of the GNU General Public License as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + * + * The full GNU General Public License is included in this distribution in the + * file called COPYING. + */ + +#include "ieee80211softmac_priv.h" + +static void ieee80211softmac_auth_queue(void *data); + +/* Queues an auth request to the desired AP */ +int +ieee80211softmac_auth_req(struct ieee80211softmac_device *mac, + struct ieee80211softmac_network *net) +{ + struct ieee80211softmac_auth_queue_item *auth; + unsigned long flags; + + if (net->authenticating) + return 0; + + /* Add the network if it's not already added */ + ieee80211softmac_add_network(mac, net); + + dprintk(KERN_NOTICE PFX "Queueing Authentication Request to "MAC_FMT"\n", MAC_ARG(net->bssid)); + /* Queue the auth request */ + auth = (struct ieee80211softmac_auth_queue_item *) + kmalloc(sizeof(struct ieee80211softmac_auth_queue_item), GFP_KERNEL); + if(auth == NULL) + return -ENOMEM; + + auth->net = net; + auth->mac = mac; + auth->retry = IEEE80211SOFTMAC_AUTH_RETRY_LIMIT; + auth->state = IEEE80211SOFTMAC_AUTH_OPEN_REQUEST; + INIT_WORK(&auth->work, &ieee80211softmac_auth_queue, (void *)auth); + + /* Lock (for list) */ + spin_lock_irqsave(&mac->lock, flags); + + /* add to list */ + list_add_tail(&auth->list, &mac->auth_queue); + schedule_work(&auth->work); + spin_unlock_irqrestore(&mac->lock, flags); + + return 0; +} + + +/* Sends an auth request to the desired AP and handles timeouts */ +static void +ieee80211softmac_auth_queue(void *data) +{ + struct ieee80211softmac_device *mac; + struct ieee80211softmac_auth_queue_item *auth; + struct ieee80211softmac_network *net; + unsigned long flags; + + auth = (struct ieee80211softmac_auth_queue_item *)data; + net = auth->net; + mac = auth->mac; + + if(auth->retry > 0) { + /* Switch to correct channel for this network */ + mac->set_channel(mac->dev, net->channel); + + /* Lock and set flags */ + spin_lock_irqsave(&mac->lock, flags); + net->authenticated = 0; + net->authenticating = 1; + /* add a timeout call so we eventually give up waiting for an auth reply */ + schedule_delayed_work(&auth->work, IEEE80211SOFTMAC_AUTH_TIMEOUT); + auth->retry--; + spin_unlock_irqrestore(&mac->lock, flags); + if (ieee80211softmac_send_mgt_frame(mac, auth->net, IEEE80211_STYPE_AUTH, auth->state)) + dprintk(KERN_NOTICE PFX "Sending Authentication Request to "MAC_FMT" failed (this shouldn't happen, wait for the timeout).\n", MAC_ARG(net->bssid)); + else + dprintk(KERN_NOTICE PFX "Sent Authentication Request to "MAC_FMT".\n", MAC_ARG(net->bssid)); + return; + } + + printkl(KERN_WARNING PFX "Authentication timed out with "MAC_FMT"\n", MAC_ARG(net->bssid)); + /* Remove this item from the queue */ + spin_lock_irqsave(&mac->lock, flags); + ieee80211softmac_call_events_locked(mac, IEEE80211SOFTMAC_EVENT_AUTH_TIMEOUT, net); + cancel_delayed_work(&auth->work); /* just to make sure... */ + list_del(&auth->list); + spin_unlock_irqrestore(&mac->lock, flags); + /* Free it */ + kfree(auth); +} + +/* Handle the auth response from the AP + * This should be registered with ieee80211 as handle_auth + */ +int +ieee80211softmac_auth_resp(struct net_device *dev, struct ieee80211_auth *auth) +{ + + struct list_head *list_ptr; + struct ieee80211softmac_device *mac = ieee80211_priv(dev); + struct ieee80211softmac_auth_queue_item *aq = NULL; + struct ieee80211softmac_network *net = NULL; + unsigned long flags; + u8 * data; + + /* Find correct auth queue item */ + spin_lock_irqsave(&mac->lock, flags); + list_for_each(list_ptr, &mac->auth_queue) { + aq = list_entry(list_ptr, struct ieee80211softmac_auth_queue_item, list); + net = aq->net; + if (!memcmp(net->bssid, auth->header.addr2, ETH_ALEN)) + break; + else + aq = NULL; + } + spin_unlock_irqrestore(&mac->lock, flags); + + /* Make sure that we've got an auth queue item for this request */ + if(aq == NULL) + { + printkl(KERN_DEBUG PFX "Authentication response received from "MAC_FMT" but no queue item exists.\n", MAC_ARG(auth->header.addr2)); + /* Error #? */ + return -1; + } + + /* Check for out of order authentication */ + if(!net->authenticating) + { + printkl(KERN_DEBUG PFX "Authentication response received from "MAC_FMT" but did not request authentication.\n",MAC_ARG(auth->header.addr2)); + return -1; + } + + /* Parse the auth packet */ + switch(auth->algorithm) { + case WLAN_AUTH_OPEN: + /* Check the status code of the response */ + + switch(auth->status) { + case WLAN_STATUS_SUCCESS: + /* Update the status to Authenticated */ + spin_lock_irqsave(&mac->lock, flags); + net->authenticating = 0; + net->authenticated = 1; + spin_unlock_irqrestore(&mac->lock, flags); + + /* Send event */ + printkl(KERN_NOTICE PFX "Open Authentication completed with "MAC_FMT"\n", MAC_ARG(net->bssid)); + ieee80211softmac_call_events(mac, IEEE80211SOFTMAC_EVENT_AUTHENTICATED, net); + break; + default: + /* Lock and reset flags */ + spin_lock_irqsave(&mac->lock, flags); + net->authenticated = 0; + net->authenticating = 0; + spin_unlock_irqrestore(&mac->lock, flags); + + printkl(KERN_NOTICE PFX "Open Authentication with "MAC_FMT" failed, error code: %i\n", + MAC_ARG(net->bssid), le16_to_cpup(&auth->status)); + /* Count the error? */ + break; + } + goto free_aq; + break; + case WLAN_AUTH_SHARED_KEY: + /* Figure out where we are in the process */ + switch(auth->transaction) { + case IEEE80211SOFTMAC_AUTH_SHARED_CHALLENGE: + /* Check to make sure we have a challenge IE */ + data = (u8 *)auth->info_element; + if(*data++ != MFIE_TYPE_CHALLENGE){ + printkl(KERN_NOTICE PFX "Shared Key Authentication failed due to a missing challenge.\n"); + break; + } + /* Save the challenge */ + spin_lock_irqsave(&mac->lock, flags); + net->challenge_len = *data++; + if(net->challenge_len > WLAN_AUTH_CHALLENGE_LEN) + net->challenge_len = WLAN_AUTH_CHALLENGE_LEN; + if(net->challenge != NULL) + kfree(net->challenge); + net->challenge = kmalloc(net->challenge_len, GFP_ATOMIC); + memcpy(net->challenge, data, net->challenge_len); + aq->state = IEEE80211SOFTMAC_AUTH_SHARED_RESPONSE; + spin_unlock_irqrestore(&mac->lock, flags); + + /* Switch to correct channel for this network */ + mac->set_channel(mac->dev, net->channel); + + /* Send our response (How to encrypt?) */ + ieee80211softmac_send_mgt_frame(mac, aq->net, IEEE80211_STYPE_AUTH, aq->state); + break; + case IEEE80211SOFTMAC_AUTH_SHARED_PASS: + /* Check the status code of the response */ + switch(auth->status) { + case WLAN_STATUS_SUCCESS: + /* Update the status to Authenticated */ + spin_lock_irqsave(&mac->lock, flags); + net->authenticating = 0; + net->authenticated = 1; + spin_unlock_irqrestore(&mac->lock, flags); + printkl(KERN_NOTICE PFX "Shared Key Authentication completed with "MAC_FMT"\n", + MAC_ARG(net->bssid)); + break; + default: + printkl(KERN_NOTICE PFX "Shared Key Authentication with "MAC_FMT" failed, error code: %i\n", + MAC_ARG(net->bssid), le16_to_cpup(&auth->status)); + /* Lock and reset flags */ + spin_lock_irqsave(&mac->lock, flags); + net->authenticating = 0; + net->authenticated = 0; + spin_unlock_irqrestore(&mac->lock, flags); + /* Count the error? */ + break; + } + goto free_aq; + break; + default: + printkl(KERN_WARNING PFX "Unhandled Authentication Step: %i\n", auth->transaction); + break; + } + goto free_aq; + break; + default: + /* ERROR */ + goto free_aq; + break; + } + return 0; +free_aq: + /* Cancel the timeout */ + spin_lock_irqsave(&mac->lock, flags); + cancel_delayed_work(&aq->work); + /* Remove this item from the queue */ + list_del(&aq->list); + spin_unlock_irqrestore(&mac->lock, flags); + + /* Free it */ + kfree(aq); + return 0; +} + +/* + * Handle deauthorization + */ +static void +ieee80211softmac_deauth_from_net(struct ieee80211softmac_device *mac, + struct ieee80211softmac_network *net) +{ + struct ieee80211softmac_auth_queue_item *aq = NULL; + struct list_head *list_ptr; + unsigned long flags; + + /* Lock and reset status flags */ + spin_lock_irqsave(&mac->lock, flags); + net->authenticating = 0; + net->authenticated = 0; + + /* Find correct auth queue item, if it exists */ + list_for_each(list_ptr, &mac->auth_queue) { + aq = list_entry(list_ptr, struct ieee80211softmac_auth_queue_item, list); + if (!memcmp(net->bssid, aq->net->bssid, ETH_ALEN)) + break; + else + aq = NULL; + } + + /* Cancel pending work */ + if(aq != NULL) + /* Not entirely safe? What about running work? */ + cancel_delayed_work(&aq->work); + + /* Free our network ref */ + ieee80211softmac_del_network_locked(mac, net); + if(net->challenge != NULL) + kfree(net->challenge); + kfree(net); + + /* can't transmit data right now... */ + netif_carrier_off(mac->dev); + /* let's try to re-associate */ + schedule_work(&mac->associnfo.work); + spin_unlock_irqrestore(&mac->lock, flags); +} + +/* + * Sends a deauth request to the desired AP + */ +int +ieee80211softmac_deauth_req(struct ieee80211softmac_device *mac, + struct ieee80211softmac_network *net, int reason) +{ + int ret; + + /* Make sure the network is authenticated */ + if (!net->authenticated) + { + printkl(KERN_DEBUG PFX "Can't send deauthentication packet, network is not authenticated.\n"); + /* Error okay? */ + return -EPERM; + } + + /* Send the de-auth packet */ + if((ret = ieee80211softmac_send_mgt_frame(mac, net, IEEE80211_STYPE_DEAUTH, reason))) + return ret; + + ieee80211softmac_deauth_from_net(mac, net); + return 0; +} + +/* + * This should be registered with ieee80211 as handle_deauth + */ +int +ieee80211softmac_deauth_resp(struct net_device *dev, struct ieee80211_deauth *deauth) +{ + + struct ieee80211softmac_network *net = NULL; + struct ieee80211softmac_device *mac = ieee80211_priv(dev); + + if (!deauth) { + dprintk("deauth without deauth packet. eek!\n"); + return 0; + } + + net = ieee80211softmac_get_network_by_bssid(mac, deauth->header.addr2); + + if (net == NULL) { + printkl(KERN_DEBUG PFX "Received deauthentication packet from "MAC_FMT", but that network is unknown.\n", + MAC_ARG(deauth->header.addr2)); + return 0; + } + + /* Make sure the network is authenticated */ + if(!net->authenticated) + { + printkl(KERN_DEBUG PFX "Can't perform deauthentication, network is not authenticated.\n"); + /* Error okay? */ + return -EPERM; + } + + ieee80211softmac_deauth_from_net(mac, net); + return 0; +} diff --git a/net/ieee80211/softmac/ieee80211softmac_event.c b/net/ieee80211/softmac/ieee80211softmac_event.c new file mode 100644 index 0000000..0a52bbd --- /dev/null +++ b/net/ieee80211/softmac/ieee80211softmac_event.c @@ -0,0 +1,159 @@ +/* + * Event system + * Also see comments in public header file and longer explanation below. + * + * Copyright (c) 2005, 2006 Johannes Berg <johannes@sipsolutions.net> + * Joseph Jezak <josejx@gentoo.org> + * Larry Finger <Larry.Finger@lwfinger.net> + * Danny van Dyk <kugelfang@gentoo.org> + * Michael Buesch <mbuesch@freenet.de> + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of version 2 of the GNU General Public License as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + * + * The full GNU General Public License is included in this distribution in the + * file called COPYING. + */ + +#include "ieee80211softmac_priv.h" + +/* + * Each event has associated to it + * - an event type (see constants in public header) + * - an event context (see below) + * - the function to be called + * - a context (extra parameter to call the function with) + * - and the softmac struct + * + * The event context is private and can only be used from + * within this module. Its meaning varies with the event + * type: + * SCAN_FINISHED: no special meaning + * ASSOCIATED, + * ASSOCIATE_FAILED, + * ASSOCIATE_TIMEOUT, + * AUTHENTICATED, + * AUTH_FAILED, + * AUTH_TIMEOUT: a pointer to the network struct + * ... + * Code within this module can use the event context to be only + * called when the event is true for that specific context + * as per above table. + * If the event context is NULL, then the notification is always called, + * regardless of the event context. The event context is not passed to + * the callback, it is assumed that the context suffices. + * + * You can also use the event context only by setting the event type + * to -1 (private use only), in which case you'll be notified + * whenever the event context matches. + */ + +static char *event_descriptions[IEEE80211SOFTMAC_EVENT_LAST+1] = { + "scan finished", + "associated", + "associating failed", + "associating timed out", + "authenticated", + "authenticating failed", + "authenticating timed out", + "associating failed because no suitable network was found", +}; + + +static void +ieee80211softmac_notify_callback(void *d) +{ + struct ieee80211softmac_event event = *(struct ieee80211softmac_event*) d; + kfree(d); + + event.fun(event.mac->dev, event.context); +} + +int +ieee80211softmac_notify_internal(struct ieee80211softmac_device *mac, + int event, void *event_context, notify_function_ptr fun, void *context, gfp_t gfp_mask) +{ + struct ieee80211softmac_event *eventptr; + unsigned long flags; + + if (event < -1 || event > IEEE80211SOFTMAC_EVENT_LAST) + return -ENOSYS; + + if (!fun) + return -EINVAL; + + eventptr = kmalloc(sizeof(struct ieee80211softmac_event), gfp_mask); + if (!eventptr) + return -ENOMEM; + + eventptr->event_type = event; + INIT_WORK(&eventptr->work, ieee80211softmac_notify_callback, eventptr); + eventptr->fun = fun; + eventptr->context = context; + eventptr->mac = mac; + eventptr->event_context = event_context; + + spin_lock_irqsave(&mac->lock, flags); + list_add(&eventptr->list, &mac->events); + spin_unlock_irqrestore(&mac->lock, flags); + + return 0; +} + +int +ieee80211softmac_notify_gfp(struct net_device *dev, + int event, notify_function_ptr fun, void *context, gfp_t gfp_mask) +{ + struct ieee80211softmac_device *mac = ieee80211_priv(dev); + + if (event < 0 || event > IEEE80211SOFTMAC_EVENT_LAST) + return -ENOSYS; + + return ieee80211softmac_notify_internal(mac, event, NULL, fun, context, gfp_mask); +} +EXPORT_SYMBOL_GPL(ieee80211softmac_notify_gfp); + +/* private -- calling all callbacks that were specified */ +void +ieee80211softmac_call_events_locked(struct ieee80211softmac_device *mac, int event, void *event_ctx) +{ + struct ieee80211softmac_event *eventptr, *tmp; + union iwreq_data wrqu; + char *msg; + + if (event >= 0) { + msg = event_descriptions[event]; + wrqu.data.length = strlen(msg); + wireless_send_event(mac->dev, IWEVCUSTOM, &wrqu, msg); + } + + if (!list_empty(&mac->events)) + list_for_each_entry_safe(eventptr, tmp, &mac->events, list) { + if ((eventptr->event_type == event || eventptr->event_type == -1) + && (eventptr->event_context == NULL || eventptr->event_context == event_ctx)) { + list_del(&eventptr->list); + schedule_work(&eventptr->work); + } + } +} + +void +ieee80211softmac_call_events(struct ieee80211softmac_device *mac, int event, void *event_ctx) +{ + unsigned long flags; + + spin_lock_irqsave(&mac->lock, flags); + ieee80211softmac_call_events_locked(mac, event, event_ctx); + + spin_unlock_irqrestore(&mac->lock, flags); +} diff --git a/net/ieee80211/softmac/ieee80211softmac_io.c b/net/ieee80211/softmac/ieee80211softmac_io.c new file mode 100644 index 0000000..febc51d --- /dev/null +++ b/net/ieee80211/softmac/ieee80211softmac_io.c @@ -0,0 +1,474 @@ +/* + * Some parts based on code from net80211 + * Copyright (c) 2001 Atsushi Onoe + * Copyright (c) 2002-2005 Sam Leffler, Errno Consulting + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * Alternatively, this software may be distributed under the terms of the + * GNU General Public License ("GPL") version 2 as published by the Free + * Software Foundation. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#include "ieee80211softmac_priv.h" + +/* Helper functions for inserting data into the frames */ + +/* + * Adds an ESSID element to the frame + * + */ +static u8 * +ieee80211softmac_add_essid(u8 *dst, struct ieee80211softmac_essid *essid) +{ + if (essid) { + *dst++ = MFIE_TYPE_SSID; + *dst++ = essid->len; + memcpy(dst, essid->data, essid->len); + return dst+essid->len; + } else { + *dst++ = MFIE_TYPE_SSID; + *dst++ = 0; + return dst; + } +} + +/* Adds Supported Rates and if required Extended Rates Information Element + * to the frame, ASSUMES WE HAVE A SORTED LIST OF RATES */ +static u8 * +ieee80211softmac_frame_add_rates(u8 *dst, const struct ieee80211softmac_ratesinfo *r) +{ + int cck_len, ofdm_len; + *dst++ = MFIE_TYPE_RATES; + + for(cck_len=0; ieee80211_is_cck_rate(r->rates[cck_len]) && (cck_len < r->count);cck_len++); + + if(cck_len > IEEE80211SOFTMAC_MAX_RATES_LEN) + cck_len = IEEE80211SOFTMAC_MAX_RATES_LEN; + *dst++ = cck_len; + memcpy(dst, r->rates, cck_len); + dst += cck_len; + + if(cck_len < r->count){ + for (ofdm_len=0; ieee80211_is_ofdm_rate(r->rates[ofdm_len + cck_len]) && (ofdm_len + cck_len < r->count); ofdm_len++); + if (ofdm_len > 0) { + if (ofdm_len > IEEE80211SOFTMAC_MAX_EX_RATES_LEN) + ofdm_len = IEEE80211SOFTMAC_MAX_EX_RATES_LEN; + *dst++ = MFIE_TYPE_RATES_EX; + *dst++ = ofdm_len; + memcpy(dst, r->rates + cck_len, ofdm_len); + dst += ofdm_len; + } + } + return dst; +} + +/* Allocate a management frame */ +static u8 * +ieee80211softmac_alloc_mgt(u32 size) +{ + u8 * data; + + /* Add the header and FCS to the size */ + size = size + IEEE80211_3ADDR_LEN; + if(size > IEEE80211_DATA_LEN) + return NULL; + /* Allocate the frame */ + data = kmalloc(size, GFP_ATOMIC); + memset(data, 0, size); + return data; +} + +/* + * Add a 2 Address Header + */ +static void +ieee80211softmac_hdr_2addr(struct ieee80211softmac_device *mac, + struct ieee80211_hdr_2addr *header, u32 type, u8 *dest) +{ + /* Fill in the frame control flags */ + header->frame_ctl = cpu_to_le16(type); + /* Control packets always have WEP turned off */ + if(type > IEEE80211_STYPE_CFENDACK && type < IEEE80211_STYPE_PSPOLL) + header->frame_ctl |= mac->ieee->sec.level ? cpu_to_le16(IEEE80211_FCTL_PROTECTED) : 0; + + /* Fill in the duration */ + header->duration_id = 0; + /* FIXME: How do I find this? + * calculate. But most drivers just fill in 0 (except if it's a station id of course) */ + + /* Fill in the Destination Address */ + if(dest == NULL) + memset(header->addr1, 0xFF, ETH_ALEN); + else + memcpy(header->addr1, dest, ETH_ALEN); + /* Fill in the Source Address */ + memcpy(header->addr2, mac->ieee->dev->dev_addr, ETH_ALEN); + +} + + +/* Add a 3 Address Header */ +static void +ieee80211softmac_hdr_3addr(struct ieee80211softmac_device *mac, + struct ieee80211_hdr_3addr *header, u32 type, u8 *dest, u8 *bssid) +{ + /* This is common with 2addr, so use that instead */ + ieee80211softmac_hdr_2addr(mac, (struct ieee80211_hdr_2addr *)header, type, dest); + + /* Fill in the BSS ID */ + if(bssid == NULL) + memset(header->addr3, 0xFF, ETH_ALEN); + else + memcpy(header->addr3, bssid, ETH_ALEN); + + /* Fill in the sequence # */ + /* FIXME: I need to add this to the softmac struct + * shouldn't the sequence number be in ieee80211? */ +} + + +/***************************************************************************** + * Create Management packets + *****************************************************************************/ + +/* Creates an association request packet */ +static u32 +ieee80211softmac_assoc_req(struct ieee80211_assoc_request **pkt, + struct ieee80211softmac_device *mac, struct ieee80211softmac_network *net) +{ + u8 *data; + (*pkt) = (struct ieee80211_assoc_request *)ieee80211softmac_alloc_mgt( + 2 + /* Capability Info */ + 2 + /* Listen Interval */ + /* SSID IE */ + 1 + 1 + IW_ESSID_MAX_SIZE + + /* Rates IE */ + 1 + 1 + IEEE80211SOFTMAC_MAX_RATES_LEN + + /* Extended Rates IE */ + 1 + 1 + IEEE80211SOFTMAC_MAX_EX_RATES_LEN + + /* WPA IE if present */ + mac->wpa.IElen + /* Other IE's? Optional? + * Yeah, probably need an extra IE parameter -- lots of vendors like to + * fill in their own IEs */ + ); + if (unlikely((*pkt) == NULL)) + return 0; + ieee80211softmac_hdr_3addr(mac, &((*pkt)->header), IEEE80211_STYPE_ASSOC_REQ, net->bssid, net->bssid); + + /* Fill in capability Info */ + (*pkt)->capability = (mac->ieee->iw_mode == IW_MODE_MASTER) || (mac->ieee->iw_mode == IW_MODE_INFRA) ? + cpu_to_le16(WLAN_CAPABILITY_ESS) : + cpu_to_le16(WLAN_CAPABILITY_IBSS); + /* Need to add this + (*pkt)->capability |= mac->ieee->short_slot ? + cpu_to_le16(WLAN_CAPABILITY_SHORT_SLOT_TIME) : 0; + */ + (*pkt)->capability |= mac->ieee->sec.level ? cpu_to_le16(WLAN_CAPABILITY_PRIVACY) : 0; + /* Fill in Listen Interval (?) */ + (*pkt)->listen_interval = cpu_to_le16(10); + + data = (u8 *)(*pkt)->info_element; + /* Add SSID */ + data = ieee80211softmac_add_essid(data, &net->essid); + /* Add Rates */ + data = ieee80211softmac_frame_add_rates(data, &mac->ratesinfo); + /* Add WPA IE */ + if (mac->wpa.IElen && mac->wpa.IE) { + memcpy(data, mac->wpa.IE, mac->wpa.IElen); + data += mac->wpa.IElen; + } + /* Return the number of used bytes */ + return (data - (u8*)(*pkt)); +} + +/* Create a reassociation request packet */ +static u32 +ieee80211softmac_reassoc_req(struct ieee80211_reassoc_request **pkt, + struct ieee80211softmac_device *mac, struct ieee80211softmac_network *net) +{ + u8 *data; + (*pkt) = (struct ieee80211_reassoc_request *)ieee80211softmac_alloc_mgt( + 2 + /* Capability Info */ + 2 + /* Listen Interval */ + ETH_ALEN + /* AP MAC */ + /* SSID IE */ + 1 + 1 + IW_ESSID_MAX_SIZE + + /* Rates IE */ + 1 + 1 + IEEE80211SOFTMAC_MAX_RATES_LEN + + /* Extended Rates IE */ + 1 + 1 + IEEE80211SOFTMAC_MAX_EX_RATES_LEN + /* Other IE's? */ + ); + if (unlikely((*pkt) == NULL)) + return 0; + ieee80211softmac_hdr_3addr(mac, &((*pkt)->header), IEEE80211_STYPE_REASSOC_REQ, net->bssid, net->bssid); + + /* Fill in capability Info */ + (*pkt)->capability = mac->ieee->iw_mode == IW_MODE_MASTER ? + cpu_to_le16(WLAN_CAPABILITY_ESS) : + cpu_to_le16(WLAN_CAPABILITY_IBSS); + /* + (*pkt)->capability |= mac->ieee->short_slot ? + cpu_to_le16(WLAN_CAPABILITY_SHORT_SLOT_TIME) : 0; + */ + (*pkt)->capability |= mac->ieee->sec.level ? + cpu_to_le16(WLAN_CAPABILITY_PRIVACY) : 0; + + /* Fill in Listen Interval (?) */ + (*pkt)->listen_interval = cpu_to_le16(10); + /* Fill in the current AP MAC */ + memcpy((*pkt)->current_ap, mac->ieee->bssid, ETH_ALEN); + + data = (u8 *)(*pkt)->info_element; + /* Add SSID */ + data = ieee80211softmac_add_essid(data, &net->essid); + /* Add Rates */ + data = ieee80211softmac_frame_add_rates(data, &mac->ratesinfo); + /* Return packet size */ + return (data - (u8 *)(*pkt)); +} + +/* Create an authentication packet */ +static u32 +ieee80211softmac_auth(struct ieee80211_auth **pkt, + struct ieee80211softmac_device *mac, struct ieee80211softmac_network *net, + u16 transaction, u16 status) +{ + u8 *data; + /* Allocate Packet */ + (*pkt) = (struct ieee80211_auth *)ieee80211softmac_alloc_mgt( + 2 + /* Auth Algorithm */ + 2 + /* Auth Transaction Seq */ + 2 + /* Status Code */ + /* Challenge Text IE */ + mac->ieee->open_wep ? 0 : + 1 + 1 + WLAN_AUTH_CHALLENGE_LEN + ); + if (unlikely((*pkt) == NULL)) + return 0; + ieee80211softmac_hdr_3addr(mac, &((*pkt)->header), IEEE80211_STYPE_AUTH, net->bssid, net->bssid); + + /* Algorithm */ + (*pkt)->algorithm = mac->ieee->open_wep ? + cpu_to_le16(WLAN_AUTH_OPEN) : + cpu_to_le16(WLAN_AUTH_SHARED_KEY); + /* Transaction */ + (*pkt)->transaction = cpu_to_le16(transaction); + /* Status */ + (*pkt)->status = cpu_to_le16(status); + + data = (u8 *)(*pkt)->info_element; + /* Challenge Text */ + if(!mac->ieee->open_wep){ + *data = MFIE_TYPE_CHALLENGE; + data++; + + /* Copy the challenge in */ + // *data = challenge length + // data += sizeof(u16); + // memcpy(data, challenge, challenge length); + // data += challenge length; + + /* Add the full size to the packet length */ + } + + /* Return the packet size */ + return (data - (u8 *)(*pkt)); +} + +/* Create a disassocation or deauthentication packet */ +static u32 +ieee80211softmac_disassoc_deauth(struct ieee80211_disassoc **pkt, + struct ieee80211softmac_device *mac, struct ieee80211softmac_network *net, + u16 type, u16 reason) +{ + /* Allocate Packet */ + (*pkt) = (struct ieee80211_disassoc *)ieee80211softmac_alloc_mgt(2); + if (unlikely((*pkt) == NULL)) + return 0; + ieee80211softmac_hdr_3addr(mac, &((*pkt)->header), type, net->bssid, net->bssid); + /* Reason */ + (*pkt)->reason = cpu_to_le16(reason); + /* Return the packet size */ + return (2 + IEEE80211_3ADDR_LEN); +} + +/* Create a probe request packet */ +static u32 +ieee80211softmac_probe_req(struct ieee80211_probe_request **pkt, + struct ieee80211softmac_device *mac, struct ieee80211softmac_essid *essid) +{ + u8 *data; + /* Allocate Packet */ + (*pkt) = (struct ieee80211_probe_request *)ieee80211softmac_alloc_mgt( + /* SSID of requested network */ + 1 + 1 + IW_ESSID_MAX_SIZE + + /* Rates IE */ + 1 + 1 + IEEE80211SOFTMAC_MAX_RATES_LEN + + /* Extended Rates IE */ + 1 + 1 + IEEE80211SOFTMAC_MAX_EX_RATES_LEN + ); + if (unlikely((*pkt) == NULL)) + return 0; + ieee80211softmac_hdr_3addr(mac, &((*pkt)->header), IEEE80211_STYPE_PROBE_REQ, NULL, NULL); + + data = (u8 *)(*pkt)->info_element; + /* Add ESSID (can be NULL) */ + data = ieee80211softmac_add_essid(data, essid); + /* Add Rates */ + data = ieee80211softmac_frame_add_rates(data, &mac->ratesinfo); + /* Return packet size */ + return (data - (u8 *)(*pkt)); +} + +/* Create a probe response packet */ +/* FIXME: Not complete */ +static u32 +ieee80211softmac_probe_resp(struct ieee80211_probe_response **pkt, + struct ieee80211softmac_device *mac, struct ieee80211softmac_network *net) +{ + u8 *data; + /* Allocate Packet */ + (*pkt) = (struct ieee80211_probe_response *)ieee80211softmac_alloc_mgt( + 8 + /* Timestamp */ + 2 + /* Beacon Interval */ + 2 + /* Capability Info */ + /* SSID IE */ + 1 + 1 + IW_ESSID_MAX_SIZE + + 7 + /* FH Parameter Set */ + 2 + /* DS Parameter Set */ + 8 + /* CF Parameter Set */ + 4 /* IBSS Parameter Set */ + ); + if (unlikely((*pkt) == NULL)) + return 0; + ieee80211softmac_hdr_3addr(mac, &((*pkt)->header), IEEE80211_STYPE_PROBE_RESP, net->bssid, net->bssid); + data = (u8 *)(*pkt)->info_element; + + /* Return the packet size */ + return (data - (u8 *)(*pkt)); +} + + +/* Sends a manangement packet + * FIXME: document the use of the arg parameter + * for _AUTH: (transaction #) | (status << 16) + */ +int +ieee80211softmac_send_mgt_frame(struct ieee80211softmac_device *mac, + void *ptrarg, u32 type, u32 arg) +{ + void *pkt = NULL; + u32 pkt_size = 0; + + switch(type) { + case IEEE80211_STYPE_ASSOC_REQ: + pkt_size = ieee80211softmac_assoc_req((struct ieee80211_assoc_request **)(&pkt), mac, (struct ieee80211softmac_network *)ptrarg); + break; + case IEEE80211_STYPE_REASSOC_REQ: + pkt_size = ieee80211softmac_reassoc_req((struct ieee80211_reassoc_request **)(&pkt), mac, (struct ieee80211softmac_network *)ptrarg); + break; + case IEEE80211_STYPE_AUTH: + pkt_size = ieee80211softmac_auth((struct ieee80211_auth **)(&pkt), mac, (struct ieee80211softmac_network *)ptrarg, (u16)(arg & 0xFFFF), (u16) (arg >> 16)); + break; + case IEEE80211_STYPE_DISASSOC: + case IEEE80211_STYPE_DEAUTH: + pkt_size = ieee80211softmac_disassoc_deauth((struct ieee80211_disassoc **)(&pkt), mac, (struct ieee80211softmac_network *)ptrarg, type, (u16)(arg & 0xFFFF)); + break; + case IEEE80211_STYPE_PROBE_REQ: + pkt_size = ieee80211softmac_probe_req((struct ieee80211_probe_request **)(&pkt), mac, (struct ieee80211softmac_essid *)ptrarg); + break; + case IEEE80211_STYPE_PROBE_RESP: + pkt_size = ieee80211softmac_probe_resp((struct ieee80211_probe_response **)(&pkt), mac, (struct ieee80211softmac_network *)ptrarg); + break; + default: + printkl(KERN_DEBUG PFX "Unsupported Management Frame type: %i\n", type); + return -EINVAL; + }; + + if(pkt_size == 0 || pkt == NULL) { + printkl(KERN_DEBUG PFX "Error, packet is nonexistant or 0 length\n"); + return -ENOMEM; + } + + /* Send the packet to the ieee80211 layer for tx */ + /* we defined softmac->mgmt_xmit for this. Should we keep it + * as it is (that means we'd need to wrap this into a txb), + * modify the prototype (so it matches this function), + * or get rid of it alltogether? + * Does this work for you now? + */ + ieee80211_tx_frame(mac->ieee, (struct ieee80211_hdr *)pkt, pkt_size); + + kfree(pkt); + return 0; +} + + +/* Create an rts/cts frame */ +static u32 +ieee80211softmac_rts_cts(struct ieee80211_hdr_2addr **pkt, + struct ieee80211softmac_device *mac, struct ieee80211softmac_network *net, + u32 type) +{ + /* Allocate Packet */ + (*pkt) = kmalloc(IEEE80211_2ADDR_LEN, GFP_ATOMIC); + memset(*pkt, 0, IEEE80211_2ADDR_LEN); + if((*pkt) == NULL) + return 0; + ieee80211softmac_hdr_2addr(mac, (*pkt), type, net->bssid); + return IEEE80211_2ADDR_LEN; +} + + +/* Sends a control packet */ +static int +ieee80211softmac_send_ctl_frame(struct ieee80211softmac_device *mac, + struct ieee80211softmac_network *net, u32 type, u32 arg) +{ + void *pkt = NULL; + u32 pkt_size = 0; + + switch(type) { + case IEEE80211_STYPE_RTS: + case IEEE80211_STYPE_CTS: + pkt_size = ieee80211softmac_rts_cts((struct ieee80211_hdr_2addr **)(&pkt), mac, net, type); + break; + default: + printkl(KERN_DEBUG PFX "Unsupported Control Frame type: %i\n", type); + return -EINVAL; + } + + if(pkt_size == 0) + return -ENOMEM; + + /* Send the packet to the ieee80211 layer for tx */ + ieee80211_tx_frame(mac->ieee, (struct ieee80211_hdr *) pkt, pkt_size); + + kfree(pkt); + return 0; +} diff --git a/net/ieee80211/softmac/ieee80211softmac_module.c b/net/ieee80211/softmac/ieee80211softmac_module.c new file mode 100644 index 0000000..60f06a31 --- /dev/null +++ b/net/ieee80211/softmac/ieee80211softmac_module.c @@ -0,0 +1,462 @@ +/* + * Contains some basic softmac functions along with module registration code etc. + * + * Copyright (c) 2005, 2006 Johannes Berg <johannes@sipsolutions.net> + * Joseph Jezak <josejx@gentoo.org> + * Larry Finger <Larry.Finger@lwfinger.net> + * Danny van Dyk <kugelfang@gentoo.org> + * Michael Buesch <mbuesch@freenet.de> + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of version 2 of the GNU General Public License as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + * + * The full GNU General Public License is included in this distribution in the + * file called COPYING. + */ + +#include "ieee80211softmac_priv.h" +#include <linux/sort.h> + +struct net_device *alloc_ieee80211softmac(int sizeof_priv) +{ + struct ieee80211softmac_device *softmac; + struct net_device *dev; + + dev = alloc_ieee80211(sizeof(struct ieee80211softmac_device) + sizeof_priv); + softmac = ieee80211_priv(dev); + softmac->dev = dev; + softmac->ieee = netdev_priv(dev); + spin_lock_init(&softmac->lock); + + softmac->ieee->handle_auth = ieee80211softmac_auth_resp; + softmac->ieee->handle_deauth = ieee80211softmac_deauth_resp; + softmac->ieee->handle_assoc_response = ieee80211softmac_handle_assoc_response; + softmac->ieee->handle_reassoc_request = ieee80211softmac_handle_reassoc_req; + softmac->ieee->handle_disassoc = ieee80211softmac_handle_disassoc; + softmac->scaninfo = NULL; + + /* TODO: initialise all the other callbacks in the ieee struct + * (once they're written) + */ + + INIT_LIST_HEAD(&softmac->auth_queue); + INIT_LIST_HEAD(&softmac->network_list); + INIT_LIST_HEAD(&softmac->events); + + INIT_WORK(&softmac->associnfo.work, ieee80211softmac_assoc_work, softmac); + INIT_WORK(&softmac->associnfo.timeout, ieee80211softmac_assoc_timeout, softmac); + softmac->start_scan = ieee80211softmac_start_scan_implementation; + softmac->wait_for_scan = ieee80211softmac_wait_for_scan_implementation; + softmac->stop_scan = ieee80211softmac_stop_scan_implementation; + + //TODO: The mcast rate has to be assigned dynamically somewhere (in scanning, association. Not sure...) + // It has to be set to the highest rate all stations in the current network can handle. + softmac->txrates.mcast_rate = IEEE80211_CCK_RATE_1MB; + softmac->txrates.mcast_fallback = IEEE80211_CCK_RATE_1MB; + /* This is reassigned in ieee80211softmac_start to sane values. */ + softmac->txrates.default_rate = IEEE80211_CCK_RATE_1MB; + softmac->txrates.default_fallback = IEEE80211_CCK_RATE_1MB; + + /* to start with, we can't send anything ... */ + netif_carrier_off(dev); + + return dev; +} +EXPORT_SYMBOL_GPL(alloc_ieee80211softmac); + +/* Clears the pending work queue items, stops all scans, etc. */ +void +ieee80211softmac_clear_pending_work(struct ieee80211softmac_device *sm) +{ + unsigned long flags; + struct ieee80211softmac_event *eventptr, *eventtmp; + struct ieee80211softmac_auth_queue_item *authptr, *authtmp; + struct ieee80211softmac_network *netptr, *nettmp; + + ieee80211softmac_stop_scan(sm); + ieee80211softmac_wait_for_scan(sm); + + spin_lock_irqsave(&sm->lock, flags); + /* Free all pending assoc work items */ + cancel_delayed_work(&sm->associnfo.work); + + /* Free all pending scan work items */ + if(sm->scaninfo != NULL) + cancel_delayed_work(&sm->scaninfo->softmac_scan); + + /* Free all pending auth work items */ + list_for_each_entry(authptr, &sm->auth_queue, list) + cancel_delayed_work(&authptr->work); + + /* delete all pending event calls and work items */ + list_for_each_entry_safe(eventptr, eventtmp, &sm->events, list) + cancel_delayed_work(&eventptr->work); + + spin_unlock_irqrestore(&sm->lock, flags); + flush_scheduled_work(); + + /* now we should be save and no longer need locking... */ + spin_lock_irqsave(&sm->lock, flags); + /* Free all pending auth work items */ + list_for_each_entry_safe(authptr, authtmp, &sm->auth_queue, list) { + list_del(&authptr->list); + kfree(authptr); + } + + /* delete all pending event calls and work items */ + list_for_each_entry_safe(eventptr, eventtmp, &sm->events, list) { + list_del(&eventptr->list); + kfree(eventptr); + } + + /* Free all networks */ + list_for_each_entry_safe(netptr, nettmp, &sm->network_list, list) { + ieee80211softmac_del_network_locked(sm, netptr); + if(netptr->challenge != NULL) + kfree(netptr->challenge); + kfree(netptr); + } + + spin_unlock_irqrestore(&sm->lock, flags); +} +EXPORT_SYMBOL_GPL(ieee80211softmac_clear_pending_work); + +void free_ieee80211softmac(struct net_device *dev) +{ + struct ieee80211softmac_device *sm = ieee80211_priv(dev); + ieee80211softmac_clear_pending_work(sm); + kfree(sm->scaninfo); + kfree(sm->wpa.IE); + free_ieee80211(dev); +} +EXPORT_SYMBOL_GPL(free_ieee80211softmac); + +static void ieee80211softmac_start_check_rates(struct ieee80211softmac_device *mac) +{ + struct ieee80211softmac_ratesinfo *ri = &mac->ratesinfo; + /* I took out the sorting check, we're seperating by modulation now. */ + if (ri->count) + return; + /* otherwise assume we hav'em all! */ + if (mac->ieee->modulation & IEEE80211_CCK_MODULATION) { + ri->rates[ri->count++] = IEEE80211_CCK_RATE_1MB; + ri->rates[ri->count++] = IEEE80211_CCK_RATE_2MB; + ri->rates[ri->count++] = IEEE80211_CCK_RATE_5MB; + ri->rates[ri->count++] = IEEE80211_CCK_RATE_11MB; + } + if (mac->ieee->modulation & IEEE80211_OFDM_MODULATION) { + ri->rates[ri->count++] = IEEE80211_OFDM_RATE_6MB; + ri->rates[ri->count++] = IEEE80211_OFDM_RATE_9MB; + ri->rates[ri->count++] = IEEE80211_OFDM_RATE_12MB; + ri->rates[ri->count++] = IEEE80211_OFDM_RATE_18MB; + ri->rates[ri->count++] = IEEE80211_OFDM_RATE_24MB; + ri->rates[ri->count++] = IEEE80211_OFDM_RATE_36MB; + ri->rates[ri->count++] = IEEE80211_OFDM_RATE_48MB; + ri->rates[ri->count++] = IEEE80211_OFDM_RATE_54MB; + } +} + +void ieee80211softmac_start(struct net_device *dev) +{ + struct ieee80211softmac_device *mac = ieee80211_priv(dev); + struct ieee80211_device *ieee = mac->ieee; + u32 change = 0; + struct ieee80211softmac_txrates oldrates; + + ieee80211softmac_start_check_rates(mac); + + /* TODO: We need some kind of state machine to lower the default rates + * if we loose too many packets. + */ + /* Change the default txrate to the highest possible value. + * The txrate machine will lower it, if it is too high. + */ + if (mac->txrates_change) + oldrates = mac->txrates; + /* FIXME: We don't correctly handle backing down to lower + rates, so 801.11g devices start off at 11M for now. People + can manually change it if they really need to, but 11M is + more reliable. Note similar logic in + ieee80211softmac_wx_set_rate() */ + if (ieee->modulation & IEEE80211_CCK_MODULATION) { + mac->txrates.default_rate = IEEE80211_CCK_RATE_11MB; + change |= IEEE80211SOFTMAC_TXRATECHG_DEFAULT; + mac->txrates.default_fallback = IEEE80211_CCK_RATE_5MB; + change |= IEEE80211SOFTMAC_TXRATECHG_DEFAULT_FBACK; + } else if (ieee->modulation & IEEE80211_OFDM_MODULATION) { + mac->txrates.default_rate = IEEE80211_OFDM_RATE_54MB; + change |= IEEE80211SOFTMAC_TXRATECHG_DEFAULT; + mac->txrates.default_fallback = IEEE80211_OFDM_RATE_24MB; + change |= IEEE80211SOFTMAC_TXRATECHG_DEFAULT_FBACK; + } else + assert(0); + if (mac->txrates_change) + mac->txrates_change(dev, change, &oldrates); +} +EXPORT_SYMBOL_GPL(ieee80211softmac_start); + +void ieee80211softmac_stop(struct net_device *dev) +{ + struct ieee80211softmac_device *mac = ieee80211_priv(dev); + + ieee80211softmac_clear_pending_work(mac); +} +EXPORT_SYMBOL_GPL(ieee80211softmac_stop); + +void ieee80211softmac_set_rates(struct net_device *dev, u8 count, u8 *rates) +{ + struct ieee80211softmac_device *mac = ieee80211_priv(dev); + unsigned long flags; + + spin_lock_irqsave(&mac->lock, flags); + memcpy(mac->ratesinfo.rates, rates, count); + mac->ratesinfo.count = count; + spin_unlock_irqrestore(&mac->lock, flags); +} +EXPORT_SYMBOL_GPL(ieee80211softmac_set_rates); + +static u8 raise_rate(struct ieee80211softmac_device *mac, u8 rate) +{ + int i; + struct ieee80211softmac_ratesinfo *ri = &mac->ratesinfo; + + for (i=0; i<ri->count-1; i++) { + if (ri->rates[i] == rate) + return ri->rates[i+1]; + } + /* I guess we can't go any higher... */ + return ri->rates[ri->count]; +} + +u8 ieee80211softmac_lower_rate_delta(struct ieee80211softmac_device *mac, u8 rate, int delta) +{ + int i; + struct ieee80211softmac_ratesinfo *ri = &mac->ratesinfo; + + for (i=delta; i<ri->count; i++) { + if (ri->rates[i] == rate) + return ri->rates[i-delta]; + } + /* I guess we can't go any lower... */ + return ri->rates[0]; +} + +static void ieee80211softmac_add_txrates_badness(struct ieee80211softmac_device *mac, + int amount) +{ + struct ieee80211softmac_txrates oldrates; + u8 default_rate = mac->txrates.default_rate; + u8 default_fallback = mac->txrates.default_fallback; + u32 changes = 0; + + //TODO: This is highly experimental code. + // Maybe the dynamic rate selection does not work + // and it has to be removed again. + +printk("badness %d\n", mac->txrate_badness); + mac->txrate_badness += amount; + if (mac->txrate_badness <= -1000) { + /* Very small badness. Try a faster bitrate. */ + if (mac->txrates_change) + memcpy(&oldrates, &mac->txrates, sizeof(oldrates)); + default_rate = raise_rate(mac, default_rate); + changes |= IEEE80211SOFTMAC_TXRATECHG_DEFAULT; + default_fallback = get_fallback_rate(mac, default_rate); + changes |= IEEE80211SOFTMAC_TXRATECHG_DEFAULT_FBACK; + mac->txrate_badness = 0; +printk("Bitrate raised to %u\n", default_rate); + } else if (mac->txrate_badness >= 10000) { + /* Very high badness. Try a slower bitrate. */ + if (mac->txrates_change) + memcpy(&oldrates, &mac->txrates, sizeof(oldrates)); + default_rate = lower_rate(mac, default_rate); + changes |= IEEE80211SOFTMAC_TXRATECHG_DEFAULT; + default_fallback = get_fallback_rate(mac, default_rate); + changes |= IEEE80211SOFTMAC_TXRATECHG_DEFAULT_FBACK; + mac->txrate_badness = 0; +printk("Bitrate lowered to %u\n", default_rate); + } + + mac->txrates.default_rate = default_rate; + mac->txrates.default_fallback = default_fallback; + + if (changes && mac->txrates_change) + mac->txrates_change(mac->dev, changes, &oldrates); +} + +void ieee80211softmac_fragment_lost(struct net_device *dev, + u16 wl_seq) +{ + struct ieee80211softmac_device *mac = ieee80211_priv(dev); + unsigned long flags; + + spin_lock_irqsave(&mac->lock, flags); + ieee80211softmac_add_txrates_badness(mac, 1000); + //TODO + + spin_unlock_irqrestore(&mac->lock, flags); +} +EXPORT_SYMBOL_GPL(ieee80211softmac_fragment_lost); + +static int rate_cmp(const void *a_, const void *b_) { + u8 *a, *b; + a = (u8*)a_; + b = (u8*)b_; + return ((*a & ~IEEE80211_BASIC_RATE_MASK) - (*b & ~IEEE80211_BASIC_RATE_MASK)); +} + +/* Allocate a softmac network struct and fill it from a network */ +struct ieee80211softmac_network * +ieee80211softmac_create_network(struct ieee80211softmac_device *mac, + struct ieee80211_network *net) +{ + struct ieee80211softmac_network *softnet; + softnet = kzalloc(sizeof(struct ieee80211softmac_network), GFP_ATOMIC); + if(softnet == NULL) + return NULL; + memcpy(softnet->bssid, net->bssid, ETH_ALEN); + softnet->channel = net->channel; + softnet->essid.len = net->ssid_len; + memcpy(softnet->essid.data, net->ssid, softnet->essid.len); + + /* copy rates over */ + softnet->supported_rates.count = net->rates_len; + memcpy(&softnet->supported_rates.rates[0], net->rates, net->rates_len); + memcpy(&softnet->supported_rates.rates[softnet->supported_rates.count], net->rates_ex, net->rates_ex_len); + softnet->supported_rates.count += net->rates_ex_len; + sort(softnet->supported_rates.rates, softnet->supported_rates.count, sizeof(softnet->supported_rates.rates[0]), rate_cmp, NULL); + + softnet->capabilities = net->capability; + return softnet; +} + + +/* Add a network to the list, while locked */ +void +ieee80211softmac_add_network_locked(struct ieee80211softmac_device *mac, + struct ieee80211softmac_network *add_net) +{ + struct list_head *list_ptr; + struct ieee80211softmac_network *softmac_net = NULL; + + list_for_each(list_ptr, &mac->network_list) { + softmac_net = list_entry(list_ptr, struct ieee80211softmac_network, list); + if(!memcmp(softmac_net->bssid, add_net->bssid, ETH_ALEN)) + break; + else + softmac_net = NULL; + } + if(softmac_net == NULL) + list_add(&(add_net->list), &mac->network_list); +} + +/* Add a network to the list, with locking */ +void +ieee80211softmac_add_network(struct ieee80211softmac_device *mac, + struct ieee80211softmac_network *add_net) +{ + unsigned long flags; + spin_lock_irqsave(&mac->lock, flags); + ieee80211softmac_add_network_locked(mac, add_net); + spin_unlock_irqrestore(&mac->lock, flags); +} + + +/* Delete a network from the list, while locked*/ +void +ieee80211softmac_del_network_locked(struct ieee80211softmac_device *mac, + struct ieee80211softmac_network *del_net) +{ + list_del(&(del_net->list)); +} + +/* Delete a network from the list with locking */ +void +ieee80211softmac_del_network(struct ieee80211softmac_device *mac, + struct ieee80211softmac_network *del_net) +{ + unsigned long flags; + spin_lock_irqsave(&mac->lock, flags); + ieee80211softmac_del_network_locked(mac, del_net); + spin_unlock_irqrestore(&mac->lock, flags); +} + +/* Get a network from the list by MAC while locked */ +struct ieee80211softmac_network * +ieee80211softmac_get_network_by_bssid_locked(struct ieee80211softmac_device *mac, + u8 *bssid) +{ + struct list_head *list_ptr; + struct ieee80211softmac_network *softmac_net = NULL; + list_for_each(list_ptr, &mac->network_list) { + softmac_net = list_entry(list_ptr, struct ieee80211softmac_network, list); + if(!memcmp(softmac_net->bssid, bssid, ETH_ALEN)) + break; + else + softmac_net = NULL; + } + return softmac_net; +} + +/* Get a network from the list by BSSID with locking */ +struct ieee80211softmac_network * +ieee80211softmac_get_network_by_bssid(struct ieee80211softmac_device *mac, + u8 *bssid) +{ + unsigned long flags; + struct ieee80211softmac_network *softmac_net; + + spin_lock_irqsave(&mac->lock, flags); + softmac_net = ieee80211softmac_get_network_by_bssid_locked(mac, bssid); + spin_unlock_irqrestore(&mac->lock, flags); + return softmac_net; +} + +/* Get a network from the list by ESSID while locked */ +struct ieee80211softmac_network * +ieee80211softmac_get_network_by_essid_locked(struct ieee80211softmac_device *mac, + struct ieee80211softmac_essid *essid) +{ + struct list_head *list_ptr; + struct ieee80211softmac_network *softmac_net = NULL; + + list_for_each(list_ptr, &mac->network_list) { + softmac_net = list_entry(list_ptr, struct ieee80211softmac_network, list); + if (softmac_net->essid.len == essid->len && + !memcmp(softmac_net->essid.data, essid->data, essid->len)) + return softmac_net; + } + return NULL; +} + +/* Get a network from the list by ESSID with locking */ +struct ieee80211softmac_network * +ieee80211softmac_get_network_by_essid(struct ieee80211softmac_device *mac, + struct ieee80211softmac_essid *essid) +{ + unsigned long flags; + struct ieee80211softmac_network *softmac_net = NULL; + + spin_lock_irqsave(&mac->lock, flags); + softmac_net = ieee80211softmac_get_network_by_essid_locked(mac, essid); + spin_unlock_irqrestore(&mac->lock, flags); + return softmac_net; +} + +MODULE_LICENSE("GPL"); +MODULE_AUTHOR("Johannes Berg"); +MODULE_AUTHOR("Joseph Jezak"); +MODULE_AUTHOR("Larry Finger"); +MODULE_AUTHOR("Danny van Dyk"); +MODULE_AUTHOR("Michael Buesch"); +MODULE_DESCRIPTION("802.11 software MAC"); diff --git a/net/ieee80211/softmac/ieee80211softmac_priv.h b/net/ieee80211/softmac/ieee80211softmac_priv.h new file mode 100644 index 0000000..65d9816 --- /dev/null +++ b/net/ieee80211/softmac/ieee80211softmac_priv.h @@ -0,0 +1,230 @@ +/* + * Internal softmac API definitions. + * + * Copyright (c) 2005, 2006 Johannes Berg <johannes@sipsolutions.net> + * Joseph Jezak <josejx@gentoo.org> + * Larry Finger <Larry.Finger@lwfinger.net> + * Danny van Dyk <kugelfang@gentoo.org> + * Michael Buesch <mbuesch@freenet.de> + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of version 2 of the GNU General Public License as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + * + * The full GNU General Public License is included in this distribution in the + * file called COPYING. + */ + +#ifndef IEEE80211SOFTMAC_PRIV_H_ +#define IEEE80211SOFTMAC_PRIV_H_ + +#include <net/ieee80211softmac.h> +#include <net/ieee80211softmac_wx.h> +#include <linux/kernel.h> +#include <linux/stringify.h> + + +#define PFX "SoftMAC: " + +#ifdef assert +# undef assert +#endif +#ifdef CONFIG_IEEE80211_SOFTMAC_DEBUG +#define assert(expr) \ + do { \ + if (unlikely(!(expr))) { \ + printkl(KERN_ERR PFX "ASSERTION FAILED (%s) at: %s:%d:%s()\n", #expr, \ + __FILE__, __LINE__, __FUNCTION__); \ + } \ + } while (0) +#else +#define assert(expr) do {} while (0) +#endif + +/* rate limited printk(). */ +#ifdef printkl +# undef printkl +#endif +#define printkl(f, x...) do { if (printk_ratelimit()) printk(f ,##x); } while (0) +/* rate limited printk() for debugging */ +#ifdef dprintkl +# undef dprintkl +#endif +#ifdef CONFIG_IEEE80211_SOFTMAC_DEBUG +# define dprintkl printkl +#else +# define dprintkl(f, x...) do { /* nothing */ } while (0) +#endif + +/* debugging printk() */ +#ifdef dprintk +# undef dprintk +#endif +#ifdef CONFIG_IEEE80211_SOFTMAC_DEBUG +# define dprintk(f, x...) do { printk(f ,##x); } while (0) +#else +# define dprintk(f, x...) do { /* nothing */ } while (0) +#endif + +/* private definitions and prototypes */ + +/*** prototypes from _scan.c */ +void ieee80211softmac_scan(void *sm); +/* for internal use if scanning is needed */ +int ieee80211softmac_start_scan(struct ieee80211softmac_device *mac); +void ieee80211softmac_stop_scan(struct ieee80211softmac_device *mac); +void ieee80211softmac_wait_for_scan(struct ieee80211softmac_device *mac); + +/* for use by _module.c to assign to the callbacks */ +int ieee80211softmac_start_scan_implementation(struct net_device *dev); +void ieee80211softmac_stop_scan_implementation(struct net_device *dev); +void ieee80211softmac_wait_for_scan_implementation(struct net_device *dev); + +/*** Network prototypes from _module.c */ +struct ieee80211softmac_network * ieee80211softmac_create_network( + struct ieee80211softmac_device *mac, struct ieee80211_network *net); +void ieee80211softmac_add_network_locked(struct ieee80211softmac_device *mac, + struct ieee80211softmac_network *net); +void ieee80211softmac_add_network(struct ieee80211softmac_device *mac, + struct ieee80211softmac_network *net); +void ieee80211softmac_del_network_locked(struct ieee80211softmac_device *mac, + struct ieee80211softmac_network *net); +void ieee80211softmac_del_network(struct ieee80211softmac_device *mac, + struct ieee80211softmac_network *net); +struct ieee80211softmac_network * ieee80211softmac_get_network_by_bssid_locked( + struct ieee80211softmac_device *mac, u8 *ea); +struct ieee80211softmac_network * ieee80211softmac_get_network_by_bssid( + struct ieee80211softmac_device *mac, u8 *ea); +struct ieee80211softmac_network * ieee80211softmac_get_network_by_ssid_locked( + struct ieee80211softmac_device *mac, u8 *ssid, u8 ssid_len); +struct ieee80211softmac_network * ieee80211softmac_get_network_by_ssid( + struct ieee80211softmac_device *mac, u8 *ssid, u8 ssid_len); +struct ieee80211softmac_network * +ieee80211softmac_get_network_by_essid_locked(struct ieee80211softmac_device *mac, + struct ieee80211softmac_essid *essid); +struct ieee80211softmac_network * +ieee80211softmac_get_network_by_essid(struct ieee80211softmac_device *mac, + struct ieee80211softmac_essid *essid); + +/* Rates related */ +u8 ieee80211softmac_lower_rate_delta(struct ieee80211softmac_device *mac, u8 rate, int delta); +static inline u8 lower_rate(struct ieee80211softmac_device *mac, u8 rate) { + return ieee80211softmac_lower_rate_delta(mac, rate, 1); +} + +static inline u8 get_fallback_rate(struct ieee80211softmac_device *mac, u8 rate) +{ + return ieee80211softmac_lower_rate_delta(mac, rate, 2); +} + + +/*** prototypes from _io.c */ +int ieee80211softmac_send_mgt_frame(struct ieee80211softmac_device *mac, + void* ptrarg, u32 type, u32 arg); + +/*** prototypes from _auth.c */ +/* do these have to go into the public header? */ +int ieee80211softmac_auth_req(struct ieee80211softmac_device *mac, struct ieee80211softmac_network *net); +int ieee80211softmac_deauth_req(struct ieee80211softmac_device *mac, struct ieee80211softmac_network *net, int reason); + +/* for use by _module.c to assign to the callbacks */ +int ieee80211softmac_auth_resp(struct net_device *dev, struct ieee80211_auth *auth); +int ieee80211softmac_deauth_resp(struct net_device *dev, struct ieee80211_deauth *deauth); + +/*** prototypes from _assoc.c */ +void ieee80211softmac_assoc_work(void *d); +int ieee80211softmac_handle_assoc_response(struct net_device * dev, + struct ieee80211_assoc_response * resp, + struct ieee80211_network * network); +int ieee80211softmac_handle_disassoc(struct net_device * dev, + struct ieee80211_disassoc * disassoc); +int ieee80211softmac_handle_reassoc_req(struct net_device * dev, + struct ieee80211_reassoc_request * reassoc); +void ieee80211softmac_assoc_timeout(void *d); + +/* some helper functions */ +static inline int ieee80211softmac_scan_handlers_check_self(struct ieee80211softmac_device *sm) +{ + return (sm->start_scan == ieee80211softmac_start_scan_implementation) && + (sm->stop_scan == ieee80211softmac_stop_scan_implementation) && + (sm->wait_for_scan == ieee80211softmac_wait_for_scan_implementation); +} + +static inline int ieee80211softmac_scan_sanity_check(struct ieee80211softmac_device *sm) +{ + return ((sm->start_scan != ieee80211softmac_start_scan_implementation) && + (sm->stop_scan != ieee80211softmac_stop_scan_implementation) && + (sm->wait_for_scan != ieee80211softmac_wait_for_scan_implementation) + ) || ieee80211softmac_scan_handlers_check_self(sm); +} + +#define IEEE80211SOFTMAC_PROBE_DELAY HZ/50 +#define IEEE80211SOFTMAC_WORKQUEUE_NAME_LEN (17 + IFNAMSIZ) + +struct ieee80211softmac_network { + struct list_head list; /* List */ + /* Network information copied from ieee80211_network */ + u8 bssid[ETH_ALEN]; + u8 channel; + struct ieee80211softmac_essid essid; + + struct ieee80211softmac_ratesinfo supported_rates; + + /* SoftMAC specific */ + u16 authenticating:1, /* Status Flags */ + authenticated:1, + auth_desynced_once:1; + + u16 capabilities; /* Capabilities bitfield */ + u8 challenge_len; /* Auth Challenge length */ + char *challenge; /* Challenge Text */ +}; + +/* structure used to keep track of networks we're auth'ing to */ +struct ieee80211softmac_auth_queue_item { + struct list_head list; /* List head */ + struct ieee80211softmac_network *net; /* Network to auth */ + struct ieee80211softmac_device *mac; /* SoftMAC device */ + u8 retry; /* Retry limit */ + u8 state; /* Auth State */ + struct work_struct work; /* Work queue */ +}; + +/* scanning information */ +struct ieee80211softmac_scaninfo { + u8 current_channel_idx, + number_channels; + struct ieee80211_channel *channels; + u8 started:1, + stop:1; + u8 skip_flags; + struct completion finished; + struct work_struct softmac_scan; +}; + +/* private event struct */ +struct ieee80211softmac_event { + struct list_head list; + int event_type; + void *event_context; + struct work_struct work; + notify_function_ptr fun; + void *context; + struct ieee80211softmac_device *mac; +}; + +void ieee80211softmac_call_events(struct ieee80211softmac_device *mac, int event, void *event_context); +void ieee80211softmac_call_events_locked(struct ieee80211softmac_device *mac, int event, void *event_context); +int ieee80211softmac_notify_internal(struct ieee80211softmac_device *mac, + int event, void *event_context, notify_function_ptr fun, void *context, gfp_t gfp_mask); + +#endif /* IEEE80211SOFTMAC_PRIV_H_ */ diff --git a/net/ieee80211/softmac/ieee80211softmac_scan.c b/net/ieee80211/softmac/ieee80211softmac_scan.c new file mode 100644 index 0000000..bb9ab8b --- /dev/null +++ b/net/ieee80211/softmac/ieee80211softmac_scan.c @@ -0,0 +1,244 @@ +/* + * Scanning routines. + * + * These are not exported because they're assigned to the function pointers. + * + * Copyright (c) 2005, 2006 Johannes Berg <johannes@sipsolutions.net> + * Joseph Jezak <josejx@gentoo.org> + * Larry Finger <Larry.Finger@lwfinger.net> + * Danny van Dyk <kugelfang@gentoo.org> + * Michael Buesch <mbuesch@freenet.de> + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of version 2 of the GNU General Public License as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + * + * The full GNU General Public License is included in this distribution in the + * file called COPYING. + */ + +#include <linux/completion.h> +#include "ieee80211softmac_priv.h" + +/* internal, use to trigger scanning if needed. + * Returns -EBUSY if already scanning, + * result of start_scan otherwise */ +int +ieee80211softmac_start_scan(struct ieee80211softmac_device *sm) +{ + unsigned long flags; + int ret; + + spin_lock_irqsave(&sm->lock, flags); + if (sm->scanning) + { + spin_unlock_irqrestore(&sm->lock, flags); + return -EINPROGRESS; + } + sm->scanning = 1; + spin_unlock_irqrestore(&sm->lock, flags); + + ret = sm->start_scan(sm->dev); + if (ret) { + spin_lock_irqsave(&sm->lock, flags); + sm->scanning = 0; + spin_unlock_irqrestore(&sm->lock, flags); + } + return ret; +} + +void +ieee80211softmac_stop_scan(struct ieee80211softmac_device *sm) +{ + unsigned long flags; + + spin_lock_irqsave(&sm->lock, flags); + + if (!sm->scanning) { + spin_unlock_irqrestore(&sm->lock, flags); + return; + } + + spin_unlock_irqrestore(&sm->lock, flags); + sm->stop_scan(sm->dev); +} + +void +ieee80211softmac_wait_for_scan(struct ieee80211softmac_device *sm) +{ + unsigned long flags; + + spin_lock_irqsave(&sm->lock, flags); + + if (!sm->scanning) { + spin_unlock_irqrestore(&sm->lock, flags); + return; + } + + spin_unlock_irqrestore(&sm->lock, flags); + sm->wait_for_scan(sm->dev); +} + + +/* internal scanning implementation follows */ +void ieee80211softmac_scan(void *d) +{ + int invalid_channel; + u8 current_channel_idx; + struct ieee80211softmac_device *sm = (struct ieee80211softmac_device *)d; + struct ieee80211softmac_scaninfo *si = sm->scaninfo; + unsigned long flags; + + while (!(si->stop) && (si->current_channel_idx < si->number_channels)) { + current_channel_idx = si->current_channel_idx; + si->current_channel_idx++; /* go to the next channel */ + + invalid_channel = (si->skip_flags & si->channels[current_channel_idx].flags); + + if (!invalid_channel) { + sm->set_channel(sm->dev, si->channels[current_channel_idx].channel); + // FIXME make this user configurable (active/passive) + if(ieee80211softmac_send_mgt_frame(sm, NULL, IEEE80211_STYPE_PROBE_REQ, 0)) + printkl(KERN_DEBUG PFX "Sending Probe Request Failed\n"); + + /* also send directed management frame for the network we're looking for */ + // TODO: is this if correct, or should we do this only if scanning from assoc request? + if (sm->associnfo.req_essid.len) + ieee80211softmac_send_mgt_frame(sm, &sm->associnfo.req_essid, IEEE80211_STYPE_PROBE_REQ, 0); + schedule_delayed_work(&si->softmac_scan, IEEE80211SOFTMAC_PROBE_DELAY); + return; + } else { + dprintk(PFX "Not probing Channel %d (not allowed here)\n", si->channels[current_channel_idx].channel); + } + } + + spin_lock_irqsave(&sm->lock, flags); + cancel_delayed_work(&si->softmac_scan); + si->started = 0; + spin_unlock_irqrestore(&sm->lock, flags); + + dprintk(PFX "Scanning finished\n"); + ieee80211softmac_scan_finished(sm); + complete_all(&sm->scaninfo->finished); +} + +static inline struct ieee80211softmac_scaninfo *allocate_scaninfo(struct ieee80211softmac_device *mac) +{ + /* ugh. can we call this without having the spinlock held? */ + struct ieee80211softmac_scaninfo *info = kmalloc(sizeof(struct ieee80211softmac_scaninfo), GFP_ATOMIC); + if (unlikely(!info)) + return NULL; + INIT_WORK(&info->softmac_scan, ieee80211softmac_scan, mac); + init_completion(&info->finished); + return info; +} + +int ieee80211softmac_start_scan_implementation(struct net_device *dev) +{ + struct ieee80211softmac_device *sm = ieee80211_priv(dev); + unsigned long flags; + + if (!(dev->flags & IFF_UP)) + return -ENODEV; + + assert(ieee80211softmac_scan_handlers_check_self(sm)); + if (!ieee80211softmac_scan_handlers_check_self(sm)) + return -EINVAL; + + spin_lock_irqsave(&sm->lock, flags); + /* it looks like we need to hold the lock here + * to make sure we don't allocate two of these... */ + if (unlikely(!sm->scaninfo)) + sm->scaninfo = allocate_scaninfo(sm); + if (unlikely(!sm->scaninfo)) { + spin_unlock_irqrestore(&sm->lock, flags); + return -ENOMEM; + } + + sm->scaninfo->skip_flags = IEEE80211_CH_INVALID; + if (0 /* not scanning in IEEE802.11b */)//TODO + sm->scaninfo->skip_flags |= IEEE80211_CH_B_ONLY; + if (0 /* IEEE802.11a */) {//TODO + sm->scaninfo->channels = sm->ieee->geo.a; + sm->scaninfo->number_channels = sm->ieee->geo.a_channels; + } else { + sm->scaninfo->channels = sm->ieee->geo.bg; + sm->scaninfo->number_channels = sm->ieee->geo.bg_channels; + } + dprintk(PFX "Start scanning with channel: %d\n", sm->scaninfo->channels[0].channel); + dprintk(PFX "Scanning %d channels\n", sm->scaninfo->number_channels); + sm->scaninfo->current_channel_idx = 0; + sm->scaninfo->started = 1; + sm->scaninfo->stop = 0; + INIT_COMPLETION(sm->scaninfo->finished); + schedule_work(&sm->scaninfo->softmac_scan); + spin_unlock_irqrestore(&sm->lock, flags); + return 0; +} + +void ieee80211softmac_stop_scan_implementation(struct net_device *dev) +{ + struct ieee80211softmac_device *sm = ieee80211_priv(dev); + unsigned long flags; + + assert(ieee80211softmac_scan_handlers_check_self(sm)); + if (!ieee80211softmac_scan_handlers_check_self(sm)) + return; + + spin_lock_irqsave(&sm->lock, flags); + assert(sm->scaninfo != NULL); + if (sm->scaninfo) { + if (sm->scaninfo->started) + sm->scaninfo->stop = 1; + else + complete_all(&sm->scaninfo->finished); + } + spin_unlock_irqrestore(&sm->lock, flags); +} + +void ieee80211softmac_wait_for_scan_implementation(struct net_device *dev) +{ + struct ieee80211softmac_device *sm = ieee80211_priv(dev); + unsigned long flags; + + assert(ieee80211softmac_scan_handlers_check_self(sm)); + if (!ieee80211softmac_scan_handlers_check_self(sm)) + return; + + spin_lock_irqsave(&sm->lock, flags); + if (!sm->scaninfo->started) { + spin_unlock_irqrestore(&sm->lock, flags); + return; + } + spin_unlock_irqrestore(&sm->lock, flags); + wait_for_completion(&sm->scaninfo->finished); +} + +/* this is what drivers (that do scanning) call when they're done */ +void ieee80211softmac_scan_finished(struct ieee80211softmac_device *sm) +{ + unsigned long flags; + + spin_lock_irqsave(&sm->lock, flags); + sm->scanning = 0; + spin_unlock_irqrestore(&sm->lock, flags); + + if (sm->associnfo.bssvalid) { + struct ieee80211softmac_network *net; + + net = ieee80211softmac_get_network_by_bssid(sm, sm->associnfo.bssid); + if (net) + sm->set_channel(sm->dev, net->channel); + } + ieee80211softmac_call_events(sm, IEEE80211SOFTMAC_EVENT_SCAN_FINISHED, NULL); +} +EXPORT_SYMBOL_GPL(ieee80211softmac_scan_finished); diff --git a/net/ieee80211/softmac/ieee80211softmac_wx.c b/net/ieee80211/softmac/ieee80211softmac_wx.c new file mode 100644 index 0000000..b559aa9 --- /dev/null +++ b/net/ieee80211/softmac/ieee80211softmac_wx.c @@ -0,0 +1,416 @@ +/* + * This file contains our _wx handlers. Make sure you EXPORT_SYMBOL_GPL them + * + * Copyright (c) 2005, 2006 Johannes Berg <johannes@sipsolutions.net> + * Joseph Jezak <josejx@gentoo.org> + * Larry Finger <Larry.Finger@lwfinger.net> + * Danny van Dyk <kugelfang@gentoo.org> + * Michael Buesch <mbuesch@freenet.de> + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of version 2 of the GNU General Public License as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + * + * The full GNU General Public License is included in this distribution in the + * file called COPYING. + */ + +#include "ieee80211softmac_priv.h" + +#include <net/iw_handler.h> + + +int +ieee80211softmac_wx_trigger_scan(struct net_device *net_dev, + struct iw_request_info *info, + union iwreq_data *data, + char *extra) +{ + struct ieee80211softmac_device *sm = ieee80211_priv(net_dev); + return ieee80211softmac_start_scan(sm); +} +EXPORT_SYMBOL_GPL(ieee80211softmac_wx_trigger_scan); + + +int +ieee80211softmac_wx_get_scan_results(struct net_device *net_dev, + struct iw_request_info *info, + union iwreq_data *data, + char *extra) +{ + struct ieee80211softmac_device *sm = ieee80211_priv(net_dev); + return ieee80211_wx_get_scan(sm->ieee, info, data, extra); +} +EXPORT_SYMBOL_GPL(ieee80211softmac_wx_get_scan_results); + +int +ieee80211softmac_wx_set_essid(struct net_device *net_dev, + struct iw_request_info *info, + union iwreq_data *data, + char *extra) +{ + struct ieee80211softmac_device *sm = ieee80211_priv(net_dev); + int length = 0; + unsigned long flags; + + spin_lock_irqsave(&sm->lock, flags); + + sm->associnfo.static_essid = 0; + + if (data->essid.flags && data->essid.length && extra /*required?*/) { + length = min(data->essid.length - 1, IW_ESSID_MAX_SIZE); + if (length) { + memcpy(sm->associnfo.req_essid.data, extra, length); + sm->associnfo.static_essid = 1; + } + } + sm->associnfo.scan_retry = IEEE80211SOFTMAC_ASSOC_SCAN_RETRY_LIMIT; + + /* set our requested ESSID length. + * If applicable, we have already copied the data in */ + sm->associnfo.req_essid.len = length; + + /* queue lower level code to do work (if necessary) */ + schedule_work(&sm->associnfo.work); + + spin_unlock_irqrestore(&sm->lock, flags); + return 0; +} +EXPORT_SYMBOL_GPL(ieee80211softmac_wx_set_essid); + +int +ieee80211softmac_wx_get_essid(struct net_device *net_dev, + struct iw_request_info *info, + union iwreq_data *data, + char *extra) +{ + struct ieee80211softmac_device *sm = ieee80211_priv(net_dev); + unsigned long flags; + + /* avoid getting inconsistent information */ + spin_lock_irqsave(&sm->lock, flags); + /* If all fails, return ANY (empty) */ + data->essid.length = 0; + data->essid.flags = 0; /* active */ + + /* If we have a statically configured ESSID then return it */ + if (sm->associnfo.static_essid) { + data->essid.length = sm->associnfo.req_essid.len; + data->essid.flags = 1; /* active */ + memcpy(extra, sm->associnfo.req_essid.data, sm->associnfo.req_essid.len); + } + + /* If we're associating/associated, return that */ + if (sm->associated || sm->associnfo.associating) { + data->essid.length = sm->associnfo.associate_essid.len; + data->essid.flags = 1; /* active */ + memcpy(extra, sm->associnfo.associate_essid.data, sm->associnfo.associate_essid.len); + } + spin_unlock_irqrestore(&sm->lock, flags); + return 0; +} +EXPORT_SYMBOL_GPL(ieee80211softmac_wx_get_essid); + +int +ieee80211softmac_wx_set_rate(struct net_device *net_dev, + struct iw_request_info *info, + union iwreq_data *data, + char *extra) +{ + struct ieee80211softmac_device *mac = ieee80211_priv(net_dev); + struct ieee80211_device *ieee = mac->ieee; + unsigned long flags; + s32 in_rate = data->bitrate.value; + u8 rate; + int is_ofdm = 0; + int err = -EINVAL; + + if (in_rate == -1) { + /* FIXME: We don't correctly handle backing down to lower + rates, so 801.11g devices start off at 11M for now. People + can manually change it if they really need to, but 11M is + more reliable. Note similar logic in + ieee80211softmac_wx_set_rate() */ + if (ieee->modulation & IEEE80211_CCK_MODULATION) + in_rate = 11000000; + else + in_rate = 54000000; + } + + switch (in_rate) { + case 1000000: + rate = IEEE80211_CCK_RATE_1MB; + break; + case 2000000: + rate = IEEE80211_CCK_RATE_2MB; + break; + case 5500000: + rate = IEEE80211_CCK_RATE_5MB; + break; + case 11000000: + rate = IEEE80211_CCK_RATE_11MB; + break; + case 6000000: + rate = IEEE80211_OFDM_RATE_6MB; + is_ofdm = 1; + break; + case 9000000: + rate = IEEE80211_OFDM_RATE_9MB; + is_ofdm = 1; + break; + case 12000000: + rate = IEEE80211_OFDM_RATE_12MB; + is_ofdm = 1; + break; + case 18000000: + rate = IEEE80211_OFDM_RATE_18MB; + is_ofdm = 1; + break; + case 24000000: + rate = IEEE80211_OFDM_RATE_24MB; + is_ofdm = 1; + break; + case 36000000: + rate = IEEE80211_OFDM_RATE_36MB; + is_ofdm = 1; + break; + case 48000000: + rate = IEEE80211_OFDM_RATE_48MB; + is_ofdm = 1; + break; + case 54000000: + rate = IEEE80211_OFDM_RATE_54MB; + is_ofdm = 1; + break; + default: + goto out; + } + + spin_lock_irqsave(&mac->lock, flags); + + /* Check if correct modulation for this PHY. */ + if (is_ofdm && !(ieee->modulation & IEEE80211_OFDM_MODULATION)) + goto out_unlock; + + mac->txrates.default_rate = rate; + mac->txrates.default_fallback = lower_rate(mac, rate); + err = 0; + +out_unlock: + spin_unlock_irqrestore(&mac->lock, flags); +out: + return err; +} +EXPORT_SYMBOL_GPL(ieee80211softmac_wx_set_rate); + +int +ieee80211softmac_wx_get_rate(struct net_device *net_dev, + struct iw_request_info *info, + union iwreq_data *data, + char *extra) +{ + struct ieee80211softmac_device *mac = ieee80211_priv(net_dev); + unsigned long flags; + int err = -EINVAL; + + spin_lock_irqsave(&mac->lock, flags); + switch (mac->txrates.default_rate) { + case IEEE80211_CCK_RATE_1MB: + data->bitrate.value = 1000000; + break; + case IEEE80211_CCK_RATE_2MB: + data->bitrate.value = 2000000; + break; + case IEEE80211_CCK_RATE_5MB: + data->bitrate.value = 5500000; + break; + case IEEE80211_CCK_RATE_11MB: + data->bitrate.value = 11000000; + break; + case IEEE80211_OFDM_RATE_6MB: + data->bitrate.value = 6000000; + break; + case IEEE80211_OFDM_RATE_9MB: + data->bitrate.value = 9000000; + break; + case IEEE80211_OFDM_RATE_12MB: + data->bitrate.value = 12000000; + break; + case IEEE80211_OFDM_RATE_18MB: + data->bitrate.value = 18000000; + break; + case IEEE80211_OFDM_RATE_24MB: + data->bitrate.value = 24000000; + break; + case IEEE80211_OFDM_RATE_36MB: + data->bitrate.value = 36000000; + break; + case IEEE80211_OFDM_RATE_48MB: + data->bitrate.value = 48000000; + break; + case IEEE80211_OFDM_RATE_54MB: + data->bitrate.value = 54000000; + break; + default: + assert(0); + goto out_unlock; + } + err = 0; +out_unlock: + spin_unlock_irqrestore(&mac->lock, flags); + + return err; +} +EXPORT_SYMBOL_GPL(ieee80211softmac_wx_get_rate); + +int +ieee80211softmac_wx_get_wap(struct net_device *net_dev, + struct iw_request_info *info, + union iwreq_data *data, + char *extra) +{ + struct ieee80211softmac_device *mac = ieee80211_priv(net_dev); + int err = 0; + unsigned long flags; + + spin_lock_irqsave(&mac->lock, flags); + if (mac->associnfo.bssvalid) + memcpy(data->ap_addr.sa_data, mac->associnfo.bssid, ETH_ALEN); + else + memset(data->ap_addr.sa_data, 0xff, ETH_ALEN); + data->ap_addr.sa_family = ARPHRD_ETHER; + spin_unlock_irqrestore(&mac->lock, flags); + return err; +} +EXPORT_SYMBOL_GPL(ieee80211softmac_wx_get_wap); + +int +ieee80211softmac_wx_set_wap(struct net_device *net_dev, + struct iw_request_info *info, + union iwreq_data *data, + char *extra) +{ + struct ieee80211softmac_device *mac = ieee80211_priv(net_dev); + static const unsigned char any[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff}; + static const unsigned char off[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00}; + unsigned long flags; + + /* sanity check */ + if (data->ap_addr.sa_family != ARPHRD_ETHER) { + return -EINVAL; + } + + spin_lock_irqsave(&mac->lock, flags); + if (!memcmp(any, data->ap_addr.sa_data, ETH_ALEN) || + !memcmp(off, data->ap_addr.sa_data, ETH_ALEN)) { + schedule_work(&mac->associnfo.work); + goto out; + } else { + if (!memcmp(mac->associnfo.bssid, data->ap_addr.sa_data, ETH_ALEN)) { + if (mac->associnfo.associating || mac->associated) { + /* bssid unchanged and associated or associating - just return */ + goto out; + } + } else { + /* copy new value in data->ap_addr.sa_data to bssid */ + memcpy(mac->associnfo.bssid, data->ap_addr.sa_data, ETH_ALEN); + } + /* queue associate if new bssid or (old one again and not associated) */ + schedule_work(&mac->associnfo.work); + } + +out: + spin_unlock_irqrestore(&mac->lock, flags); + return 0; +} +EXPORT_SYMBOL_GPL(ieee80211softmac_wx_set_wap); + +int +ieee80211softmac_wx_set_genie(struct net_device *dev, + struct iw_request_info *info, + union iwreq_data *wrqu, + char *extra) +{ + struct ieee80211softmac_device *mac = ieee80211_priv(dev); + unsigned long flags; + int err = 0; + char *buf; + int i; + + spin_lock_irqsave(&mac->lock, flags); + /* bleh. shouldn't be locked for that kmalloc... */ + + if (wrqu->data.length) { + if ((wrqu->data.length < 2) || (extra[1]+2 != wrqu->data.length)) { + /* this is an IE, so the length must be + * correct. Is it possible though that + * more than one IE is passed in? + */ + err = -EINVAL; + goto out; + } + if (mac->wpa.IEbuflen <= wrqu->data.length) { + buf = kmalloc(wrqu->data.length, GFP_ATOMIC); + if (!buf) { + err = -ENOMEM; + goto out; + } + kfree(mac->wpa.IE); + mac->wpa.IE = buf; + mac->wpa.IEbuflen = wrqu->data.length; + } + memcpy(mac->wpa.IE, extra, wrqu->data.length); + dprintk(KERN_INFO PFX "generic IE set to "); + for (i=0;i<wrqu->data.length;i++) + dprintk("%.2x", mac->wpa.IE[i]); + dprintk("\n"); + mac->wpa.IElen = wrqu->data.length; + } else { + kfree(mac->wpa.IE); + mac->wpa.IE = NULL; + mac->wpa.IElen = 0; + mac->wpa.IEbuflen = 0; + } + + out: + spin_unlock_irqrestore(&mac->lock, flags); + return err; +} +EXPORT_SYMBOL_GPL(ieee80211softmac_wx_set_genie); + +int +ieee80211softmac_wx_get_genie(struct net_device *dev, + struct iw_request_info *info, + union iwreq_data *wrqu, + char *extra) +{ + struct ieee80211softmac_device *mac = ieee80211_priv(dev); + unsigned long flags; + int err = 0; + int space = wrqu->data.length; + + spin_lock_irqsave(&mac->lock, flags); + + wrqu->data.length = 0; + + if (mac->wpa.IE && mac->wpa.IElen) { + wrqu->data.length = mac->wpa.IElen; + if (mac->wpa.IElen <= space) + memcpy(extra, mac->wpa.IE, mac->wpa.IElen); + else + err = -E2BIG; + } + spin_unlock_irqrestore(&mac->lock, flags); + return err; +} +EXPORT_SYMBOL_GPL(ieee80211softmac_wx_get_genie); + diff --git a/net/ipv4/Kconfig b/net/ipv4/Kconfig index 011cca7..e40f753 100644 --- a/net/ipv4/Kconfig +++ b/net/ipv4/Kconfig @@ -235,6 +235,7 @@ config IP_PNP_RARP # bool ' IP: ARP support' CONFIG_IP_PNP_ARP config NET_IPIP tristate "IP: tunneling" + select INET_TUNNEL ---help--- Tunneling means encapsulating data of one protocol type within another protocol and sending it over a channel that understands the @@ -395,7 +396,7 @@ config INET_ESP config INET_IPCOMP tristate "IP: IPComp transformation" select XFRM - select INET_TUNNEL + select INET_XFRM_TUNNEL select CRYPTO select CRYPTO_DEFLATE ---help--- @@ -404,14 +405,14 @@ config INET_IPCOMP If unsure, say Y. +config INET_XFRM_TUNNEL + tristate + select INET_TUNNEL + default n + config INET_TUNNEL - tristate "IP: tunnel transformation" - select XFRM - ---help--- - Support for generic IP tunnel transformation, which is required by - the IP tunneling module as well as tunnel mode IPComp. - - If unsure, say Y. + tristate + default n config INET_DIAG tristate "INET: socket monitoring interface" diff --git a/net/ipv4/Makefile b/net/ipv4/Makefile index 35e5f59..9ef50a0 100644 --- a/net/ipv4/Makefile +++ b/net/ipv4/Makefile @@ -22,7 +22,8 @@ obj-$(CONFIG_SYN_COOKIES) += syncookies.o obj-$(CONFIG_INET_AH) += ah4.o obj-$(CONFIG_INET_ESP) += esp4.o obj-$(CONFIG_INET_IPCOMP) += ipcomp.o -obj-$(CONFIG_INET_TUNNEL) += xfrm4_tunnel.o +obj-$(CONFIG_INET_XFRM_TUNNEL) += xfrm4_tunnel.o +obj-$(CONFIG_INET_TUNNEL) += tunnel4.o obj-$(CONFIG_IP_PNP) += ipconfig.o obj-$(CONFIG_IP_ROUTE_MULTIPATH_RR) += multipath_rr.o obj-$(CONFIG_IP_ROUTE_MULTIPATH_RANDOM) += multipath_random.o diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c index 97c276f..dc206f1 100644 --- a/net/ipv4/af_inet.c +++ b/net/ipv4/af_inet.c @@ -788,45 +788,53 @@ int inet_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) } const struct proto_ops inet_stream_ops = { - .family = PF_INET, - .owner = THIS_MODULE, - .release = inet_release, - .bind = inet_bind, - .connect = inet_stream_connect, - .socketpair = sock_no_socketpair, - .accept = inet_accept, - .getname = inet_getname, - .poll = tcp_poll, - .ioctl = inet_ioctl, - .listen = inet_listen, - .shutdown = inet_shutdown, - .setsockopt = sock_common_setsockopt, - .getsockopt = sock_common_getsockopt, - .sendmsg = inet_sendmsg, - .recvmsg = sock_common_recvmsg, - .mmap = sock_no_mmap, - .sendpage = tcp_sendpage + .family = PF_INET, + .owner = THIS_MODULE, + .release = inet_release, + .bind = inet_bind, + .connect = inet_stream_connect, + .socketpair = sock_no_socketpair, + .accept = inet_accept, + .getname = inet_getname, + .poll = tcp_poll, + .ioctl = inet_ioctl, + .listen = inet_listen, + .shutdown = inet_shutdown, + .setsockopt = sock_common_setsockopt, + .getsockopt = sock_common_getsockopt, + .sendmsg = inet_sendmsg, + .recvmsg = sock_common_recvmsg, + .mmap = sock_no_mmap, + .sendpage = tcp_sendpage, +#ifdef CONFIG_COMPAT + .compat_setsockopt = compat_sock_common_setsockopt, + .compat_getsockopt = compat_sock_common_getsockopt, +#endif }; const struct proto_ops inet_dgram_ops = { - .family = PF_INET, - .owner = THIS_MODULE, - .release = inet_release, - .bind = inet_bind, - .connect = inet_dgram_connect, - .socketpair = sock_no_socketpair, - .accept = sock_no_accept, - .getname = inet_getname, - .poll = udp_poll, - .ioctl = inet_ioctl, - .listen = sock_no_listen, - .shutdown = inet_shutdown, - .setsockopt = sock_common_setsockopt, - .getsockopt = sock_common_getsockopt, - .sendmsg = inet_sendmsg, - .recvmsg = sock_common_recvmsg, - .mmap = sock_no_mmap, - .sendpage = inet_sendpage, + .family = PF_INET, + .owner = THIS_MODULE, + .release = inet_release, + .bind = inet_bind, + .connect = inet_dgram_connect, + .socketpair = sock_no_socketpair, + .accept = sock_no_accept, + .getname = inet_getname, + .poll = udp_poll, + .ioctl = inet_ioctl, + .listen = sock_no_listen, + .shutdown = inet_shutdown, + .setsockopt = sock_common_setsockopt, + .getsockopt = sock_common_getsockopt, + .sendmsg = inet_sendmsg, + .recvmsg = sock_common_recvmsg, + .mmap = sock_no_mmap, + .sendpage = inet_sendpage, +#ifdef CONFIG_COMPAT + .compat_setsockopt = compat_sock_common_setsockopt, + .compat_getsockopt = compat_sock_common_getsockopt, +#endif }; /* @@ -834,24 +842,28 @@ const struct proto_ops inet_dgram_ops = { * udp_poll */ static const struct proto_ops inet_sockraw_ops = { - .family = PF_INET, - .owner = THIS_MODULE, - .release = inet_release, - .bind = inet_bind, - .connect = inet_dgram_connect, - .socketpair = sock_no_socketpair, - .accept = sock_no_accept, - .getname = inet_getname, - .poll = datagram_poll, - .ioctl = inet_ioctl, - .listen = sock_no_listen, - .shutdown = inet_shutdown, - .setsockopt = sock_common_setsockopt, - .getsockopt = sock_common_getsockopt, - .sendmsg = inet_sendmsg, - .recvmsg = sock_common_recvmsg, - .mmap = sock_no_mmap, - .sendpage = inet_sendpage, + .family = PF_INET, + .owner = THIS_MODULE, + .release = inet_release, + .bind = inet_bind, + .connect = inet_dgram_connect, + .socketpair = sock_no_socketpair, + .accept = sock_no_accept, + .getname = inet_getname, + .poll = datagram_poll, + .ioctl = inet_ioctl, + .listen = sock_no_listen, + .shutdown = inet_shutdown, + .setsockopt = sock_common_setsockopt, + .getsockopt = sock_common_getsockopt, + .sendmsg = inet_sendmsg, + .recvmsg = sock_common_recvmsg, + .mmap = sock_no_mmap, + .sendpage = inet_sendpage, +#ifdef CONFIG_COMPAT + .compat_setsockopt = compat_sock_common_setsockopt, + .compat_getsockopt = compat_sock_common_getsockopt, +#endif }; static struct net_proto_family inet_family_ops = { diff --git a/net/ipv4/ah4.c b/net/ipv4/ah4.c index aed537f..e16d8b4 100644 --- a/net/ipv4/ah4.c +++ b/net/ipv4/ah4.c @@ -97,6 +97,7 @@ static int ah_output(struct xfrm_state *x, struct sk_buff *skb) ah->reserved = 0; ah->spi = x->id.spi; ah->seq_no = htonl(++x->replay.oseq); + xfrm_aevent_doreplay(x); ahp->icv(ahp, skb, ah->auth_data); top_iph->tos = iph->tos; diff --git a/net/ipv4/arp.c b/net/ipv4/arp.c index accdefe..041dadd 100644 --- a/net/ipv4/arp.c +++ b/net/ipv4/arp.c @@ -879,16 +879,16 @@ static int arp_process(struct sk_buff *skb) n = __neigh_lookup(&arp_tbl, &sip, dev, 0); -#ifdef CONFIG_IP_ACCEPT_UNSOLICITED_ARP - /* Unsolicited ARP is not accepted by default. - It is possible, that this option should be enabled for some - devices (strip is candidate) - */ - if (n == NULL && - arp->ar_op == htons(ARPOP_REPLY) && - inet_addr_type(sip) == RTN_UNICAST) - n = __neigh_lookup(&arp_tbl, &sip, dev, -1); -#endif + if (ipv4_devconf.arp_accept) { + /* Unsolicited ARP is not accepted by default. + It is possible, that this option should be enabled for some + devices (strip is candidate) + */ + if (n == NULL && + arp->ar_op == htons(ARPOP_REPLY) && + inet_addr_type(sip) == RTN_UNICAST) + n = __neigh_lookup(&arp_tbl, &sip, dev, -1); + } if (n) { int state = NUD_REACHABLE; diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c index 3ffa60d..81c2f78 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c @@ -81,7 +81,7 @@ static struct ipv4_devconf ipv4_devconf_dflt = { static void rtmsg_ifa(int event, struct in_ifaddr *); -static struct notifier_block *inetaddr_chain; +static BLOCKING_NOTIFIER_HEAD(inetaddr_chain); static void inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap, int destroy); #ifdef CONFIG_SYSCTL @@ -267,7 +267,8 @@ static void inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap, *ifap1 = ifa->ifa_next; rtmsg_ifa(RTM_DELADDR, ifa); - notifier_call_chain(&inetaddr_chain, NETDEV_DOWN, ifa); + blocking_notifier_call_chain(&inetaddr_chain, + NETDEV_DOWN, ifa); inet_free_ifa(ifa); } else { promote = ifa; @@ -291,7 +292,7 @@ static void inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap, So that, this order is correct. */ rtmsg_ifa(RTM_DELADDR, ifa1); - notifier_call_chain(&inetaddr_chain, NETDEV_DOWN, ifa1); + blocking_notifier_call_chain(&inetaddr_chain, NETDEV_DOWN, ifa1); if (promote) { @@ -303,7 +304,8 @@ static void inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap, promote->ifa_flags &= ~IFA_F_SECONDARY; rtmsg_ifa(RTM_NEWADDR, promote); - notifier_call_chain(&inetaddr_chain, NETDEV_UP, promote); + blocking_notifier_call_chain(&inetaddr_chain, + NETDEV_UP, promote); for (ifa = promote->ifa_next; ifa; ifa = ifa->ifa_next) { if (ifa1->ifa_mask != ifa->ifa_mask || !inet_ifa_match(ifa1->ifa_address, ifa)) @@ -366,7 +368,7 @@ static int inet_insert_ifa(struct in_ifaddr *ifa) Notifier will trigger FIB update, so that listeners of netlink will know about new ifaddr */ rtmsg_ifa(RTM_NEWADDR, ifa); - notifier_call_chain(&inetaddr_chain, NETDEV_UP, ifa); + blocking_notifier_call_chain(&inetaddr_chain, NETDEV_UP, ifa); return 0; } @@ -938,12 +940,12 @@ u32 inet_confirm_addr(const struct net_device *dev, u32 dst, u32 local, int scop int register_inetaddr_notifier(struct notifier_block *nb) { - return notifier_chain_register(&inetaddr_chain, nb); + return blocking_notifier_chain_register(&inetaddr_chain, nb); } int unregister_inetaddr_notifier(struct notifier_block *nb) { - return notifier_chain_unregister(&inetaddr_chain, nb); + return blocking_notifier_chain_unregister(&inetaddr_chain, nb); } /* Rename ifa_labels for a device name change. Make some effort to preserve existing @@ -1394,6 +1396,14 @@ static struct devinet_sysctl_table { .proc_handler = &proc_dointvec, }, { + .ctl_name = NET_IPV4_CONF_ARP_ACCEPT, + .procname = "arp_accept", + .data = &ipv4_devconf.arp_accept, + .maxlen = sizeof(int), + .mode = 0644, + .proc_handler = &proc_dointvec, + }, + { .ctl_name = NET_IPV4_CONF_NOXFRM, .procname = "disable_xfrm", .data = &ipv4_devconf.no_xfrm, diff --git a/net/ipv4/esp4.c b/net/ipv4/esp4.c index 09590f3..bf88c62 100644 --- a/net/ipv4/esp4.c +++ b/net/ipv4/esp4.c @@ -90,6 +90,7 @@ static int esp_output(struct xfrm_state *x, struct sk_buff *skb) esph->spi = x->id.spi; esph->seq_no = htonl(++x->replay.oseq); + xfrm_aevent_doreplay(x); if (esp->conf.ivlen) crypto_cipher_set_iv(tfm, esp->conf.ivec, crypto_tfm_alg_ivsize(tfm)); diff --git a/net/ipv4/fib_rules.c b/net/ipv4/fib_rules.c index 0dd4d06..ec566f3 100644 --- a/net/ipv4/fib_rules.c +++ b/net/ipv4/fib_rules.c @@ -40,6 +40,8 @@ #include <linux/skbuff.h> #include <linux/netlink.h> #include <linux/init.h> +#include <linux/list.h> +#include <linux/rcupdate.h> #include <net/ip.h> #include <net/protocol.h> @@ -52,7 +54,7 @@ struct fib_rule { - struct fib_rule *r_next; + struct hlist_node hlist; atomic_t r_clntref; u32 r_preference; unsigned char r_table; @@ -75,6 +77,7 @@ struct fib_rule #endif char r_ifname[IFNAMSIZ]; int r_dead; + struct rcu_head rcu; }; static struct fib_rule default_rule = { @@ -85,7 +88,6 @@ static struct fib_rule default_rule = { }; static struct fib_rule main_rule = { - .r_next = &default_rule, .r_clntref = ATOMIC_INIT(2), .r_preference = 0x7FFE, .r_table = RT_TABLE_MAIN, @@ -93,23 +95,26 @@ static struct fib_rule main_rule = { }; static struct fib_rule local_rule = { - .r_next = &main_rule, .r_clntref = ATOMIC_INIT(2), .r_table = RT_TABLE_LOCAL, .r_action = RTN_UNICAST, }; -static struct fib_rule *fib_rules = &local_rule; -static DEFINE_RWLOCK(fib_rules_lock); +static struct hlist_head fib_rules; + +/* writer func called from netlink -- rtnl_sem hold*/ + +static void rtmsg_rule(int, struct fib_rule *); int inet_rtm_delrule(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) { struct rtattr **rta = arg; struct rtmsg *rtm = NLMSG_DATA(nlh); - struct fib_rule *r, **rp; + struct fib_rule *r; + struct hlist_node *node; int err = -ESRCH; - for (rp=&fib_rules; (r=*rp) != NULL; rp=&r->r_next) { + hlist_for_each_entry(r, node, &fib_rules, hlist) { if ((!rta[RTA_SRC-1] || memcmp(RTA_DATA(rta[RTA_SRC-1]), &r->r_src, 4) == 0) && rtm->rtm_src_len == r->r_src_len && rtm->rtm_dst_len == r->r_dst_len && @@ -126,10 +131,9 @@ int inet_rtm_delrule(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) if (r == &local_rule) break; - write_lock_bh(&fib_rules_lock); - *rp = r->r_next; + hlist_del_rcu(&r->hlist); r->r_dead = 1; - write_unlock_bh(&fib_rules_lock); + rtmsg_rule(RTM_DELRULE, r); fib_rule_put(r); err = 0; break; @@ -150,21 +154,30 @@ static struct fib_table *fib_empty_table(void) return NULL; } +static inline void fib_rule_put_rcu(struct rcu_head *head) +{ + struct fib_rule *r = container_of(head, struct fib_rule, rcu); + kfree(r); +} + void fib_rule_put(struct fib_rule *r) { if (atomic_dec_and_test(&r->r_clntref)) { if (r->r_dead) - kfree(r); + call_rcu(&r->rcu, fib_rule_put_rcu); else printk("Freeing alive rule %p\n", r); } } +/* writer func called from netlink -- rtnl_sem hold*/ + int inet_rtm_newrule(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) { struct rtattr **rta = arg; struct rtmsg *rtm = NLMSG_DATA(nlh); - struct fib_rule *r, *new_r, **rp; + struct fib_rule *r, *new_r, *last = NULL; + struct hlist_node *node = NULL; unsigned char table_id; if (rtm->rtm_src_len > 32 || rtm->rtm_dst_len > 32 || @@ -188,6 +201,7 @@ int inet_rtm_newrule(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) if (!new_r) return -ENOMEM; memset(new_r, 0, sizeof(*new_r)); + if (rta[RTA_SRC-1]) memcpy(&new_r->r_src, RTA_DATA(rta[RTA_SRC-1]), 4); if (rta[RTA_DST-1]) @@ -220,28 +234,29 @@ int inet_rtm_newrule(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) if (rta[RTA_FLOW-1]) memcpy(&new_r->r_tclassid, RTA_DATA(rta[RTA_FLOW-1]), 4); #endif + r = container_of(fib_rules.first, struct fib_rule, hlist); - rp = &fib_rules; if (!new_r->r_preference) { - r = fib_rules; - if (r && (r = r->r_next) != NULL) { - rp = &fib_rules->r_next; + if (r && r->hlist.next != NULL) { + r = container_of(r->hlist.next, struct fib_rule, hlist); if (r->r_preference) new_r->r_preference = r->r_preference - 1; } } - while ( (r = *rp) != NULL ) { + hlist_for_each_entry(r, node, &fib_rules, hlist) { if (r->r_preference > new_r->r_preference) break; - rp = &r->r_next; + last = r; } - - new_r->r_next = r; atomic_inc(&new_r->r_clntref); - write_lock_bh(&fib_rules_lock); - *rp = new_r; - write_unlock_bh(&fib_rules_lock); + + if (last) + hlist_add_after_rcu(&last->hlist, &new_r->hlist); + else + hlist_add_before_rcu(&new_r->hlist, &r->hlist); + + rtmsg_rule(RTM_NEWRULE, new_r); return 0; } @@ -254,30 +269,30 @@ u32 fib_rules_tclass(struct fib_result *res) } #endif +/* callers should hold rtnl semaphore */ static void fib_rules_detach(struct net_device *dev) { + struct hlist_node *node; struct fib_rule *r; - for (r=fib_rules; r; r=r->r_next) { - if (r->r_ifindex == dev->ifindex) { - write_lock_bh(&fib_rules_lock); + hlist_for_each_entry(r, node, &fib_rules, hlist) { + if (r->r_ifindex == dev->ifindex) r->r_ifindex = -1; - write_unlock_bh(&fib_rules_lock); - } + } } +/* callers should hold rtnl semaphore */ + static void fib_rules_attach(struct net_device *dev) { + struct hlist_node *node; struct fib_rule *r; - for (r=fib_rules; r; r=r->r_next) { - if (r->r_ifindex == -1 && strcmp(dev->name, r->r_ifname) == 0) { - write_lock_bh(&fib_rules_lock); + hlist_for_each_entry(r, node, &fib_rules, hlist) { + if (r->r_ifindex == -1 && strcmp(dev->name, r->r_ifname) == 0) r->r_ifindex = dev->ifindex; - write_unlock_bh(&fib_rules_lock); - } } } @@ -286,14 +301,17 @@ int fib_lookup(const struct flowi *flp, struct fib_result *res) int err; struct fib_rule *r, *policy; struct fib_table *tb; + struct hlist_node *node; u32 daddr = flp->fl4_dst; u32 saddr = flp->fl4_src; FRprintk("Lookup: %u.%u.%u.%u <- %u.%u.%u.%u ", NIPQUAD(flp->fl4_dst), NIPQUAD(flp->fl4_src)); - read_lock(&fib_rules_lock); - for (r = fib_rules; r; r=r->r_next) { + + rcu_read_lock(); + + hlist_for_each_entry_rcu(r, node, &fib_rules, hlist) { if (((saddr^r->r_src) & r->r_srcmask) || ((daddr^r->r_dst) & r->r_dstmask) || (r->r_tos && r->r_tos != flp->fl4_tos) || @@ -309,14 +327,14 @@ FRprintk("tb %d r %d ", r->r_table, r->r_action); policy = r; break; case RTN_UNREACHABLE: - read_unlock(&fib_rules_lock); + rcu_read_unlock(); return -ENETUNREACH; default: case RTN_BLACKHOLE: - read_unlock(&fib_rules_lock); + rcu_read_unlock(); return -EINVAL; case RTN_PROHIBIT: - read_unlock(&fib_rules_lock); + rcu_read_unlock(); return -EACCES; } @@ -327,16 +345,16 @@ FRprintk("tb %d r %d ", r->r_table, r->r_action); res->r = policy; if (policy) atomic_inc(&policy->r_clntref); - read_unlock(&fib_rules_lock); + rcu_read_unlock(); return 0; } if (err < 0 && err != -EAGAIN) { - read_unlock(&fib_rules_lock); + rcu_read_unlock(); return err; } } FRprintk("FAILURE\n"); - read_unlock(&fib_rules_lock); + rcu_read_unlock(); return -ENETUNREACH; } @@ -368,14 +386,14 @@ static struct notifier_block fib_rules_notifier = { static __inline__ int inet_fill_rule(struct sk_buff *skb, struct fib_rule *r, - struct netlink_callback *cb, + u32 pid, u32 seq, int event, unsigned int flags) { struct rtmsg *rtm; struct nlmsghdr *nlh; unsigned char *b = skb->tail; - nlh = NLMSG_NEW_ANSWER(skb, cb, RTM_NEWRULE, sizeof(*rtm), flags); + nlh = NLMSG_NEW(skb, pid, seq, event, sizeof(*rtm), flags); rtm = NLMSG_DATA(nlh); rtm->rtm_family = AF_INET; rtm->rtm_dst_len = r->r_dst_len; @@ -414,20 +432,42 @@ rtattr_failure: return -1; } +/* callers should hold rtnl semaphore */ + +static void rtmsg_rule(int event, struct fib_rule *r) +{ + int size = NLMSG_SPACE(sizeof(struct rtmsg) + 128); + struct sk_buff *skb = alloc_skb(size, GFP_KERNEL); + + if (!skb) + netlink_set_err(rtnl, 0, RTNLGRP_IPV4_RULE, ENOBUFS); + else if (inet_fill_rule(skb, r, 0, 0, event, 0) < 0) { + kfree_skb(skb); + netlink_set_err(rtnl, 0, RTNLGRP_IPV4_RULE, EINVAL); + } else { + netlink_broadcast(rtnl, skb, 0, RTNLGRP_IPV4_RULE, GFP_KERNEL); + } +} + int inet_dump_rules(struct sk_buff *skb, struct netlink_callback *cb) { - int idx; + int idx = 0; int s_idx = cb->args[0]; struct fib_rule *r; + struct hlist_node *node; + + rcu_read_lock(); + hlist_for_each_entry(r, node, &fib_rules, hlist) { - read_lock(&fib_rules_lock); - for (r=fib_rules, idx=0; r; r = r->r_next, idx++) { if (idx < s_idx) continue; - if (inet_fill_rule(skb, r, cb, NLM_F_MULTI) < 0) + if (inet_fill_rule(skb, r, NETLINK_CB(cb->skb).pid, + cb->nlh->nlmsg_seq, + RTM_NEWRULE, NLM_F_MULTI) < 0) break; + idx++; } - read_unlock(&fib_rules_lock); + rcu_read_unlock(); cb->args[0] = idx; return skb->len; @@ -435,5 +475,9 @@ int inet_dump_rules(struct sk_buff *skb, struct netlink_callback *cb) void __init fib_rules_init(void) { + INIT_HLIST_HEAD(&fib_rules); + hlist_add_head(&local_rule.hlist, &fib_rules); + hlist_add_after(&local_rule.hlist, &main_rule.hlist); + hlist_add_after(&main_rule.hlist, &default_rule.hlist); register_netdevice_notifier(&fib_rules_notifier); } diff --git a/net/ipv4/fib_trie.c b/net/ipv4/fib_trie.c index e320b32..ccd3efc 100644 --- a/net/ipv4/fib_trie.c +++ b/net/ipv4/fib_trie.c @@ -50,7 +50,7 @@ * Patrick McHardy <kaber@trash.net> */ -#define VERSION "0.404" +#define VERSION "0.406" #include <linux/config.h> #include <asm/uaccess.h> @@ -84,7 +84,7 @@ #include "fib_lookup.h" #undef CONFIG_IP_FIB_TRIE_STATS -#define MAX_CHILDS 16384 +#define MAX_STAT_DEPTH 32 #define KEYLENGTH (8*sizeof(t_key)) #define MASK_PFX(k, l) (((l)==0)?0:(k >> (KEYLENGTH-l)) << (KEYLENGTH-l)) @@ -154,7 +154,7 @@ struct trie_stat { unsigned int tnodes; unsigned int leaves; unsigned int nullpointers; - unsigned int nodesizes[MAX_CHILDS]; + unsigned int nodesizes[MAX_STAT_DEPTH]; }; struct trie { @@ -2040,7 +2040,15 @@ rescan: static struct node *fib_trie_get_first(struct fib_trie_iter *iter, struct trie *t) { - struct node *n = rcu_dereference(t->trie); + struct node *n ; + + if(!t) + return NULL; + + n = rcu_dereference(t->trie); + + if(!iter) + return NULL; if (n && IS_TNODE(n)) { iter->tnode = (struct tnode *) n; @@ -2072,7 +2080,9 @@ static void trie_collect_stats(struct trie *t, struct trie_stat *s) int i; s->tnodes++; - s->nodesizes[tn->bits]++; + if(tn->bits < MAX_STAT_DEPTH) + s->nodesizes[tn->bits]++; + for (i = 0; i < (1<<tn->bits); i++) if (!tn->child[i]) s->nullpointers++; @@ -2102,8 +2112,8 @@ static void trie_show_stats(struct seq_file *seq, struct trie_stat *stat) seq_printf(seq, "\tInternal nodes: %d\n\t", stat->tnodes); bytes += sizeof(struct tnode) * stat->tnodes; - max = MAX_CHILDS-1; - while (max >= 0 && stat->nodesizes[max] == 0) + max = MAX_STAT_DEPTH; + while (max > 0 && stat->nodesizes[max-1] == 0) max--; pointers = 0; diff --git a/net/ipv4/icmp.c b/net/ipv4/icmp.c index e7bbff4..9831fd2 100644 --- a/net/ipv4/icmp.c +++ b/net/ipv4/icmp.c @@ -753,7 +753,7 @@ static void icmp_redirect(struct sk_buff *skb) case ICMP_REDIR_HOST: case ICMP_REDIR_HOSTTOS: ip_rt_redirect(skb->nh.iph->saddr, ip, skb->h.icmph->un.gateway, - iph->saddr, iph->tos, skb->dev); + iph->saddr, skb->dev); break; } out: diff --git a/net/ipv4/igmp.c b/net/ipv4/igmp.c index 64ce52b..d512239 100644 --- a/net/ipv4/igmp.c +++ b/net/ipv4/igmp.c @@ -1382,7 +1382,7 @@ static struct in_device * ip_mc_find_dev(struct ip_mreqn *imr) dev = ip_dev_find(imr->imr_address.s_addr); if (!dev) return NULL; - __dev_put(dev); + dev_put(dev); } if (!dev && !ip_route_output_key(&rt, &fl)) { @@ -1730,7 +1730,7 @@ int ip_mc_join_group(struct sock *sk , struct ip_mreqn *imr) if (!MULTICAST(addr)) return -EINVAL; - rtnl_shlock(); + rtnl_lock(); in_dev = ip_mc_find_dev(imr); @@ -1763,7 +1763,7 @@ int ip_mc_join_group(struct sock *sk , struct ip_mreqn *imr) ip_mc_inc_group(in_dev, addr); err = 0; done: - rtnl_shunlock(); + rtnl_unlock(); return err; } @@ -1837,7 +1837,7 @@ int ip_mc_source(int add, int omode, struct sock *sk, struct if (!MULTICAST(addr)) return -EINVAL; - rtnl_shlock(); + rtnl_lock(); imr.imr_multiaddr.s_addr = mreqs->imr_multiaddr; imr.imr_address.s_addr = mreqs->imr_interface; @@ -1947,7 +1947,7 @@ int ip_mc_source(int add, int omode, struct sock *sk, struct ip_mc_add_src(in_dev, &mreqs->imr_multiaddr, omode, 1, &mreqs->imr_sourceaddr, 1); done: - rtnl_shunlock(); + rtnl_unlock(); if (leavegroup) return ip_mc_leave_group(sk, &imr); return err; @@ -1970,7 +1970,7 @@ int ip_mc_msfilter(struct sock *sk, struct ip_msfilter *msf, int ifindex) msf->imsf_fmode != MCAST_EXCLUDE) return -EINVAL; - rtnl_shlock(); + rtnl_lock(); imr.imr_multiaddr.s_addr = msf->imsf_multiaddr; imr.imr_address.s_addr = msf->imsf_interface; @@ -2030,7 +2030,7 @@ int ip_mc_msfilter(struct sock *sk, struct ip_msfilter *msf, int ifindex) pmc->sfmode = msf->imsf_fmode; err = 0; done: - rtnl_shunlock(); + rtnl_unlock(); if (leavegroup) err = ip_mc_leave_group(sk, &imr); return err; @@ -2050,7 +2050,7 @@ int ip_mc_msfget(struct sock *sk, struct ip_msfilter *msf, if (!MULTICAST(addr)) return -EINVAL; - rtnl_shlock(); + rtnl_lock(); imr.imr_multiaddr.s_addr = msf->imsf_multiaddr; imr.imr_address.s_addr = msf->imsf_interface; @@ -2072,7 +2072,7 @@ int ip_mc_msfget(struct sock *sk, struct ip_msfilter *msf, goto done; msf->imsf_fmode = pmc->sfmode; psl = pmc->sflist; - rtnl_shunlock(); + rtnl_unlock(); if (!psl) { len = 0; count = 0; @@ -2091,7 +2091,7 @@ int ip_mc_msfget(struct sock *sk, struct ip_msfilter *msf, return -EFAULT; return 0; done: - rtnl_shunlock(); + rtnl_unlock(); return err; } @@ -2112,7 +2112,7 @@ int ip_mc_gsfget(struct sock *sk, struct group_filter *gsf, if (!MULTICAST(addr)) return -EINVAL; - rtnl_shlock(); + rtnl_lock(); err = -EADDRNOTAVAIL; @@ -2125,7 +2125,7 @@ int ip_mc_gsfget(struct sock *sk, struct group_filter *gsf, goto done; gsf->gf_fmode = pmc->sfmode; psl = pmc->sflist; - rtnl_shunlock(); + rtnl_unlock(); count = psl ? psl->sl_count : 0; copycount = count < gsf->gf_numsrc ? count : gsf->gf_numsrc; gsf->gf_numsrc = count; @@ -2146,7 +2146,7 @@ int ip_mc_gsfget(struct sock *sk, struct group_filter *gsf, } return 0; done: - rtnl_shunlock(); + rtnl_unlock(); return err; } diff --git a/net/ipv4/inet_connection_sock.c b/net/ipv4/inet_connection_sock.c index ae20281..9a01bb8 100644 --- a/net/ipv4/inet_connection_sock.c +++ b/net/ipv4/inet_connection_sock.c @@ -648,3 +648,52 @@ void inet_csk_addr2sockaddr(struct sock *sk, struct sockaddr *uaddr) } EXPORT_SYMBOL_GPL(inet_csk_addr2sockaddr); + +int inet_csk_ctl_sock_create(struct socket **sock, unsigned short family, + unsigned short type, unsigned char protocol) +{ + int rc = sock_create_kern(family, type, protocol, sock); + + if (rc == 0) { + (*sock)->sk->sk_allocation = GFP_ATOMIC; + inet_sk((*sock)->sk)->uc_ttl = -1; + /* + * Unhash it so that IP input processing does not even see it, + * we do not wish this socket to see incoming packets. + */ + (*sock)->sk->sk_prot->unhash((*sock)->sk); + } + return rc; +} + +EXPORT_SYMBOL_GPL(inet_csk_ctl_sock_create); + +#ifdef CONFIG_COMPAT +int inet_csk_compat_getsockopt(struct sock *sk, int level, int optname, + char __user *optval, int __user *optlen) +{ + const struct inet_connection_sock *icsk = inet_csk(sk); + + if (icsk->icsk_af_ops->compat_getsockopt != NULL) + return icsk->icsk_af_ops->compat_getsockopt(sk, level, optname, + optval, optlen); + return icsk->icsk_af_ops->getsockopt(sk, level, optname, + optval, optlen); +} + +EXPORT_SYMBOL_GPL(inet_csk_compat_getsockopt); + +int inet_csk_compat_setsockopt(struct sock *sk, int level, int optname, + char __user *optval, int optlen) +{ + const struct inet_connection_sock *icsk = inet_csk(sk); + + if (icsk->icsk_af_ops->compat_setsockopt != NULL) + return icsk->icsk_af_ops->compat_setsockopt(sk, level, optname, + optval, optlen); + return icsk->icsk_af_ops->setsockopt(sk, level, optname, + optval, optlen); +} + +EXPORT_SYMBOL_GPL(inet_csk_compat_setsockopt); +#endif diff --git a/net/ipv4/inet_hashtables.c b/net/ipv4/inet_hashtables.c index 3322811..ef7366f 100644 --- a/net/ipv4/inet_hashtables.c +++ b/net/ipv4/inet_hashtables.c @@ -315,7 +315,7 @@ ok: spin_unlock(&head->lock); if (tw) { - inet_twsk_deschedule(tw, death_row);; + inet_twsk_deschedule(tw, death_row); inet_twsk_put(tw); } diff --git a/net/ipv4/ip_output.c b/net/ipv4/ip_output.c index 8ee4d01..f75ff1d 100644 --- a/net/ipv4/ip_output.c +++ b/net/ipv4/ip_output.c @@ -1249,11 +1249,7 @@ int ip_push_pending_frames(struct sock *sk) iph->tos = inet->tos; iph->tot_len = htons(skb->len); iph->frag_off = df; - if (!df) { - __ip_select_ident(iph, &rt->u.dst, 0); - } else { - iph->id = htons(inet->id++); - } + ip_select_ident(iph, &rt->u.dst, sk); iph->ttl = ttl; iph->protocol = sk->sk_protocol; iph->saddr = rt->rt_src; diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c index 2bf8d78..12e0bf1 100644 --- a/net/ipv4/ip_sockglue.c +++ b/net/ipv4/ip_sockglue.c @@ -50,6 +50,7 @@ #define IP_CMSG_TOS 4 #define IP_CMSG_RECVOPTS 8 #define IP_CMSG_RETOPTS 16 +#define IP_CMSG_PASSSEC 32 /* * SOL_IP control messages. @@ -109,6 +110,19 @@ static void ip_cmsg_recv_retopts(struct msghdr *msg, struct sk_buff *skb) put_cmsg(msg, SOL_IP, IP_RETOPTS, opt->optlen, opt->__data); } +static void ip_cmsg_recv_security(struct msghdr *msg, struct sk_buff *skb) +{ + char *secdata; + u32 seclen; + int err; + + err = security_socket_getpeersec_dgram(skb, &secdata, &seclen); + if (err) + return; + + put_cmsg(msg, SOL_IP, SCM_SECURITY, seclen, secdata); +} + void ip_cmsg_recv(struct msghdr *msg, struct sk_buff *skb) { @@ -138,6 +152,11 @@ void ip_cmsg_recv(struct msghdr *msg, struct sk_buff *skb) if (flags & 1) ip_cmsg_recv_retopts(msg, skb); + if ((flags>>=1) == 0) + return; + + if (flags & 1) + ip_cmsg_recv_security(msg, skb); } int ip_cmsg_send(struct msghdr *msg, struct ipcm_cookie *ipc) @@ -380,20 +399,19 @@ out: * an IP socket. */ -int ip_setsockopt(struct sock *sk, int level, int optname, char __user *optval, int optlen) +static int do_ip_setsockopt(struct sock *sk, int level, + int optname, char __user *optval, int optlen) { struct inet_sock *inet = inet_sk(sk); int val=0,err; - if (level != SOL_IP) - return -ENOPROTOOPT; - if (((1<<optname) & ((1<<IP_PKTINFO) | (1<<IP_RECVTTL) | (1<<IP_RECVOPTS) | (1<<IP_RECVTOS) | (1<<IP_RETOPTS) | (1<<IP_TOS) | (1<<IP_TTL) | (1<<IP_HDRINCL) | (1<<IP_MTU_DISCOVER) | (1<<IP_RECVERR) | - (1<<IP_ROUTER_ALERT) | (1<<IP_FREEBIND))) || + (1<<IP_ROUTER_ALERT) | (1<<IP_FREEBIND) | + (1<<IP_PASSSEC))) || optname == IP_MULTICAST_TTL || optname == IP_MULTICAST_LOOP) { if (optlen >= sizeof(int)) { @@ -478,6 +496,12 @@ int ip_setsockopt(struct sock *sk, int level, int optname, char __user *optval, else inet->cmsg_flags &= ~IP_CMSG_RETOPTS; break; + case IP_PASSSEC: + if (val) + inet->cmsg_flags |= IP_CMSG_PASSSEC; + else + inet->cmsg_flags &= ~IP_CMSG_PASSSEC; + break; case IP_TOS: /* This sets both TOS and Precedence */ if (sk->sk_type == SOCK_STREAM) { val &= ~3; @@ -849,12 +873,7 @@ mc_msf_out: break; default: -#ifdef CONFIG_NETFILTER - err = nf_setsockopt(sk, PF_INET, optname, optval, - optlen); -#else err = -ENOPROTOOPT; -#endif break; } release_sock(sk); @@ -865,12 +884,68 @@ e_inval: return -EINVAL; } +int ip_setsockopt(struct sock *sk, int level, + int optname, char __user *optval, int optlen) +{ + int err; + + if (level != SOL_IP) + return -ENOPROTOOPT; + + err = do_ip_setsockopt(sk, level, optname, optval, optlen); +#ifdef CONFIG_NETFILTER + /* we need to exclude all possible ENOPROTOOPTs except default case */ + if (err == -ENOPROTOOPT && optname != IP_HDRINCL && + optname != IP_IPSEC_POLICY && optname != IP_XFRM_POLICY +#ifdef CONFIG_IP_MROUTE + && (optname < MRT_BASE || optname > (MRT_BASE + 10)) +#endif + ) { + lock_sock(sk); + err = nf_setsockopt(sk, PF_INET, optname, optval, optlen); + release_sock(sk); + } +#endif + return err; +} + +#ifdef CONFIG_COMPAT +int compat_ip_setsockopt(struct sock *sk, int level, int optname, + char __user *optval, int optlen) +{ + int err; + + if (level != SOL_IP) + return -ENOPROTOOPT; + + err = do_ip_setsockopt(sk, level, optname, optval, optlen); +#ifdef CONFIG_NETFILTER + /* we need to exclude all possible ENOPROTOOPTs except default case */ + if (err == -ENOPROTOOPT && optname != IP_HDRINCL && + optname != IP_IPSEC_POLICY && optname != IP_XFRM_POLICY +#ifdef CONFIG_IP_MROUTE + && (optname < MRT_BASE || optname > (MRT_BASE + 10)) +#endif + ) { + lock_sock(sk); + err = compat_nf_setsockopt(sk, PF_INET, optname, + optval, optlen); + release_sock(sk); + } +#endif + return err; +} + +EXPORT_SYMBOL(compat_ip_setsockopt); +#endif + /* * Get the options. Note for future reference. The GET of IP options gets the * _received_ ones. The set sets the _sent_ ones. */ -int ip_getsockopt(struct sock *sk, int level, int optname, char __user *optval, int __user *optlen) +static int do_ip_getsockopt(struct sock *sk, int level, int optname, + char __user *optval, int __user *optlen) { struct inet_sock *inet = inet_sk(sk); int val; @@ -932,6 +1007,9 @@ int ip_getsockopt(struct sock *sk, int level, int optname, char __user *optval, case IP_RETOPTS: val = (inet->cmsg_flags & IP_CMSG_RETOPTS) != 0; break; + case IP_PASSSEC: + val = (inet->cmsg_flags & IP_CMSG_PASSSEC) != 0; + break; case IP_TOS: val = inet->tos; break; @@ -1051,17 +1129,8 @@ int ip_getsockopt(struct sock *sk, int level, int optname, char __user *optval, val = inet->freebind; break; default: -#ifdef CONFIG_NETFILTER - val = nf_getsockopt(sk, PF_INET, optname, optval, - &len); - release_sock(sk); - if (val >= 0) - val = put_user(len, optlen); - return val; -#else release_sock(sk); return -ENOPROTOOPT; -#endif } release_sock(sk); @@ -1082,6 +1151,67 @@ int ip_getsockopt(struct sock *sk, int level, int optname, char __user *optval, return 0; } +int ip_getsockopt(struct sock *sk, int level, + int optname, char __user *optval, int __user *optlen) +{ + int err; + + err = do_ip_getsockopt(sk, level, optname, optval, optlen); +#ifdef CONFIG_NETFILTER + /* we need to exclude all possible ENOPROTOOPTs except default case */ + if (err == -ENOPROTOOPT && optname != IP_PKTOPTIONS +#ifdef CONFIG_IP_MROUTE + && (optname < MRT_BASE || optname > MRT_BASE+10) +#endif + ) { + int len; + + if(get_user(len,optlen)) + return -EFAULT; + + lock_sock(sk); + err = nf_getsockopt(sk, PF_INET, optname, optval, + &len); + release_sock(sk); + if (err >= 0) + err = put_user(len, optlen); + return err; + } +#endif + return err; +} + +#ifdef CONFIG_COMPAT +int compat_ip_getsockopt(struct sock *sk, int level, int optname, + char __user *optval, int __user *optlen) +{ + int err = do_ip_getsockopt(sk, level, optname, optval, optlen); +#ifdef CONFIG_NETFILTER + /* we need to exclude all possible ENOPROTOOPTs except default case */ + if (err == -ENOPROTOOPT && optname != IP_PKTOPTIONS +#ifdef CONFIG_IP_MROUTE + && (optname < MRT_BASE || optname > MRT_BASE+10) +#endif + ) { + int len; + + if (get_user(len, optlen)) + return -EFAULT; + + lock_sock(sk); + err = compat_nf_getsockopt(sk, PF_INET, optname, optval, &len); + release_sock(sk); + if (err >= 0) + err = put_user(len, optlen); + return err; + } +#endif + return err; +} + +EXPORT_SYMBOL(compat_ip_getsockopt); +#endif + EXPORT_SYMBOL(ip_cmsg_recv); EXPORT_SYMBOL(ip_getsockopt); diff --git a/net/ipv4/ipcomp.c b/net/ipv4/ipcomp.c index d64e2ec..c95020f 100644 --- a/net/ipv4/ipcomp.c +++ b/net/ipv4/ipcomp.c @@ -24,6 +24,7 @@ #include <linux/list.h> #include <linux/vmalloc.h> #include <linux/rtnetlink.h> +#include <linux/mutex.h> #include <net/ip.h> #include <net/xfrm.h> #include <net/icmp.h> @@ -36,7 +37,7 @@ struct ipcomp_tfms { int users; }; -static DECLARE_MUTEX(ipcomp_resource_sem); +static DEFINE_MUTEX(ipcomp_resource_mutex); static void **ipcomp_scratches; static int ipcomp_scratch_users; static LIST_HEAD(ipcomp_tfms_list); @@ -253,7 +254,7 @@ error: } /* - * Must be protected by xfrm_cfg_sem. State and tunnel user references are + * Must be protected by xfrm_cfg_mutex. State and tunnel user references are * always incremented on success. */ static int ipcomp_tunnel_attach(struct xfrm_state *x) @@ -411,9 +412,9 @@ static void ipcomp_destroy(struct xfrm_state *x) if (!ipcd) return; xfrm_state_delete_tunnel(x); - down(&ipcomp_resource_sem); + mutex_lock(&ipcomp_resource_mutex); ipcomp_free_data(ipcd); - up(&ipcomp_resource_sem); + mutex_unlock(&ipcomp_resource_mutex); kfree(ipcd); } @@ -440,14 +441,14 @@ static int ipcomp_init_state(struct xfrm_state *x) if (x->props.mode) x->props.header_len += sizeof(struct iphdr); - down(&ipcomp_resource_sem); + mutex_lock(&ipcomp_resource_mutex); if (!ipcomp_alloc_scratches()) goto error; ipcd->tfms = ipcomp_alloc_tfms(x->calg->alg_name); if (!ipcd->tfms) goto error; - up(&ipcomp_resource_sem); + mutex_unlock(&ipcomp_resource_mutex); if (x->props.mode) { err = ipcomp_tunnel_attach(x); @@ -464,10 +465,10 @@ out: return err; error_tunnel: - down(&ipcomp_resource_sem); + mutex_lock(&ipcomp_resource_mutex); error: ipcomp_free_data(ipcd); - up(&ipcomp_resource_sem); + mutex_unlock(&ipcomp_resource_mutex); kfree(ipcd); goto out; } diff --git a/net/ipv4/ipconfig.c b/net/ipv4/ipconfig.c index bb3613e..cb8a92f 100644 --- a/net/ipv4/ipconfig.c +++ b/net/ipv4/ipconfig.c @@ -186,7 +186,7 @@ static int __init ic_open_devs(void) unsigned short oflags; last = &ic_first_dev; - rtnl_shlock(); + rtnl_lock(); /* bring loopback device up first */ if (dev_change_flags(&loopback_dev, loopback_dev.flags | IFF_UP) < 0) @@ -215,7 +215,7 @@ static int __init ic_open_devs(void) continue; } if (!(d = kmalloc(sizeof(struct ic_device), GFP_KERNEL))) { - rtnl_shunlock(); + rtnl_unlock(); return -1; } d->dev = dev; @@ -232,7 +232,7 @@ static int __init ic_open_devs(void) dev->name, able, d->xid)); } } - rtnl_shunlock(); + rtnl_unlock(); *last = NULL; @@ -251,7 +251,7 @@ static void __init ic_close_devs(void) struct ic_device *d, *next; struct net_device *dev; - rtnl_shlock(); + rtnl_lock(); next = ic_first_dev; while ((d = next)) { next = d->next; @@ -262,7 +262,7 @@ static void __init ic_close_devs(void) } kfree(d); } - rtnl_shunlock(); + rtnl_unlock(); } /* diff --git a/net/ipv4/ipip.c b/net/ipv4/ipip.c index 03d1374..eef07b0 100644 --- a/net/ipv4/ipip.c +++ b/net/ipv4/ipip.c @@ -114,7 +114,6 @@ #include <net/sock.h> #include <net/ip.h> #include <net/icmp.h> -#include <net/protocol.h> #include <net/ipip.h> #include <net/inet_ecn.h> #include <net/xfrm.h> @@ -274,7 +273,7 @@ static void ipip_tunnel_uninit(struct net_device *dev) dev_put(dev); } -static void ipip_err(struct sk_buff *skb, u32 info) +static int ipip_err(struct sk_buff *skb, u32 info) { #ifndef I_WISH_WORLD_WERE_PERFECT @@ -286,21 +285,22 @@ static void ipip_err(struct sk_buff *skb, u32 info) int type = skb->h.icmph->type; int code = skb->h.icmph->code; struct ip_tunnel *t; + int err; switch (type) { default: case ICMP_PARAMETERPROB: - return; + return 0; case ICMP_DEST_UNREACH: switch (code) { case ICMP_SR_FAILED: case ICMP_PORT_UNREACH: /* Impossible event. */ - return; + return 0; case ICMP_FRAG_NEEDED: /* Soft state for pmtu is maintained by IP core. */ - return; + return 0; default: /* All others are translated to HOST_UNREACH. rfc2003 contains "deep thoughts" about NET_UNREACH, @@ -311,14 +311,18 @@ static void ipip_err(struct sk_buff *skb, u32 info) break; case ICMP_TIME_EXCEEDED: if (code != ICMP_EXC_TTL) - return; + return 0; break; } + err = -ENOENT; + read_lock(&ipip_lock); t = ipip_tunnel_lookup(iph->daddr, iph->saddr); if (t == NULL || t->parms.iph.daddr == 0) goto out; + + err = 0; if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED) goto out; @@ -329,7 +333,7 @@ static void ipip_err(struct sk_buff *skb, u32 info) t->err_time = jiffies; out: read_unlock(&ipip_lock); - return; + return err; #else struct iphdr *iph = (struct iphdr*)dp; int hlen = iph->ihl<<2; @@ -344,15 +348,15 @@ out: struct rtable *rt; if (len < hlen + sizeof(struct iphdr)) - return; + return 0; eiph = (struct iphdr*)(dp + hlen); switch (type) { default: - return; + return 0; case ICMP_PARAMETERPROB: if (skb->h.icmph->un.gateway < hlen) - return; + return 0; /* So... This guy found something strange INSIDE encapsulated packet. Well, he is fool, but what can we do ? @@ -366,16 +370,16 @@ out: case ICMP_SR_FAILED: case ICMP_PORT_UNREACH: /* Impossible event. */ - return; + return 0; case ICMP_FRAG_NEEDED: /* And it is the only really necessary thing :-) */ rel_info = ntohs(skb->h.icmph->un.frag.mtu); if (rel_info < hlen+68) - return; + return 0; rel_info -= hlen; /* BSD 4.2 MORE DOES NOT EXIST IN NATURE. */ if (rel_info > ntohs(eiph->tot_len)) - return; + return 0; break; default: /* All others are translated to HOST_UNREACH. @@ -389,14 +393,14 @@ out: break; case ICMP_TIME_EXCEEDED: if (code != ICMP_EXC_TTL) - return; + return 0; break; } /* Prepare fake skb to feed it to icmp_send */ skb2 = skb_clone(skb, GFP_ATOMIC); if (skb2 == NULL) - return; + return 0; dst_release(skb2->dst); skb2->dst = NULL; skb_pull(skb2, skb->data - (u8*)eiph); @@ -409,7 +413,7 @@ out: fl.proto = IPPROTO_IPIP; if (ip_route_output_key(&rt, &key)) { kfree_skb(skb2); - return; + return 0; } skb2->dev = rt->u.dst.dev; @@ -424,14 +428,14 @@ out: rt->u.dst.dev->type != ARPHRD_TUNNEL) { ip_rt_put(rt); kfree_skb(skb2); - return; + return 0; } } else { ip_rt_put(rt); if (ip_route_input(skb2, eiph->daddr, eiph->saddr, eiph->tos, skb2->dev) || skb2->dst->dev->type != ARPHRD_TUNNEL) { kfree_skb(skb2); - return; + return 0; } } @@ -439,7 +443,7 @@ out: if (type == ICMP_DEST_UNREACH && code == ICMP_FRAG_NEEDED) { if (rel_info > dst_mtu(skb2->dst)) { kfree_skb(skb2); - return; + return 0; } skb2->dst->ops->update_pmtu(skb2->dst, rel_info); rel_info = htonl(rel_info); @@ -453,7 +457,7 @@ out: icmp_send(skb2, rel_type, rel_code, rel_info); kfree_skb(skb2); - return; + return 0; #endif } @@ -855,39 +859,12 @@ static int __init ipip_fb_tunnel_init(struct net_device *dev) return 0; } -#ifdef CONFIG_INET_TUNNEL static struct xfrm_tunnel ipip_handler = { .handler = ipip_rcv, .err_handler = ipip_err, + .priority = 1, }; -static inline int ipip_register(void) -{ - return xfrm4_tunnel_register(&ipip_handler); -} - -static inline int ipip_unregister(void) -{ - return xfrm4_tunnel_deregister(&ipip_handler); -} -#else -static struct net_protocol ipip_protocol = { - .handler = ipip_rcv, - .err_handler = ipip_err, - .no_policy = 1, -}; - -static inline int ipip_register(void) -{ - return inet_add_protocol(&ipip_protocol, IPPROTO_IPIP); -} - -static inline int ipip_unregister(void) -{ - return inet_del_protocol(&ipip_protocol, IPPROTO_IPIP); -} -#endif - static char banner[] __initdata = KERN_INFO "IPv4 over IPv4 tunneling driver\n"; @@ -897,7 +874,7 @@ static int __init ipip_init(void) printk(banner); - if (ipip_register() < 0) { + if (xfrm4_tunnel_register(&ipip_handler)) { printk(KERN_INFO "ipip init: can't register tunnel\n"); return -EAGAIN; } @@ -919,7 +896,7 @@ static int __init ipip_init(void) err2: free_netdev(ipip_fb_tunnel_dev); err1: - ipip_unregister(); + xfrm4_tunnel_deregister(&ipip_handler); goto out; } @@ -939,7 +916,7 @@ static void __exit ipip_destroy_tunnels(void) static void __exit ipip_fini(void) { - if (ipip_unregister() < 0) + if (xfrm4_tunnel_deregister(&ipip_handler)) printk(KERN_INFO "ipip close: can't deregister tunnel\n"); rtnl_lock(); diff --git a/net/ipv4/ipmr.c b/net/ipv4/ipmr.c index 5c94c22..717ab7d 100644 --- a/net/ipv4/ipmr.c +++ b/net/ipv4/ipmr.c @@ -415,10 +415,10 @@ static int vif_add(struct vifctl *vifc, int mrtsock) return -ENOBUFS; break; case 0: - dev=ip_dev_find(vifc->vifc_lcl_addr.s_addr); + dev = ip_dev_find(vifc->vifc_lcl_addr.s_addr); if (!dev) return -EADDRNOTAVAIL; - __dev_put(dev); + dev_put(dev); break; default: return -EINVAL; diff --git a/net/ipv4/ipvs/ip_vs_app.c b/net/ipv4/ipvs/ip_vs_app.c index 9b176a9..e775233 100644 --- a/net/ipv4/ipvs/ip_vs_app.c +++ b/net/ipv4/ipvs/ip_vs_app.c @@ -31,6 +31,7 @@ #include <linux/stat.h> #include <linux/proc_fs.h> #include <linux/seq_file.h> +#include <linux/mutex.h> #include <net/ip_vs.h> @@ -40,7 +41,7 @@ EXPORT_SYMBOL(register_ip_vs_app_inc); /* ipvs application list head */ static LIST_HEAD(ip_vs_app_list); -static DECLARE_MUTEX(__ip_vs_app_mutex); +static DEFINE_MUTEX(__ip_vs_app_mutex); /* @@ -173,11 +174,11 @@ register_ip_vs_app_inc(struct ip_vs_app *app, __u16 proto, __u16 port) { int result; - down(&__ip_vs_app_mutex); + mutex_lock(&__ip_vs_app_mutex); result = ip_vs_app_inc_new(app, proto, port); - up(&__ip_vs_app_mutex); + mutex_unlock(&__ip_vs_app_mutex); return result; } @@ -191,11 +192,11 @@ int register_ip_vs_app(struct ip_vs_app *app) /* increase the module use count */ ip_vs_use_count_inc(); - down(&__ip_vs_app_mutex); + mutex_lock(&__ip_vs_app_mutex); list_add(&app->a_list, &ip_vs_app_list); - up(&__ip_vs_app_mutex); + mutex_unlock(&__ip_vs_app_mutex); return 0; } @@ -209,7 +210,7 @@ void unregister_ip_vs_app(struct ip_vs_app *app) { struct ip_vs_app *inc, *nxt; - down(&__ip_vs_app_mutex); + mutex_lock(&__ip_vs_app_mutex); list_for_each_entry_safe(inc, nxt, &app->incs_list, a_list) { ip_vs_app_inc_release(inc); @@ -217,7 +218,7 @@ void unregister_ip_vs_app(struct ip_vs_app *app) list_del(&app->a_list); - up(&__ip_vs_app_mutex); + mutex_unlock(&__ip_vs_app_mutex); /* decrease the module use count */ ip_vs_use_count_dec(); @@ -498,7 +499,7 @@ static struct ip_vs_app *ip_vs_app_idx(loff_t pos) static void *ip_vs_app_seq_start(struct seq_file *seq, loff_t *pos) { - down(&__ip_vs_app_mutex); + mutex_lock(&__ip_vs_app_mutex); return *pos ? ip_vs_app_idx(*pos - 1) : SEQ_START_TOKEN; } @@ -530,7 +531,7 @@ static void *ip_vs_app_seq_next(struct seq_file *seq, void *v, loff_t *pos) static void ip_vs_app_seq_stop(struct seq_file *seq, void *v) { - up(&__ip_vs_app_mutex); + mutex_unlock(&__ip_vs_app_mutex); } static int ip_vs_app_seq_show(struct seq_file *seq, void *v) diff --git a/net/ipv4/ipvs/ip_vs_ctl.c b/net/ipv4/ipvs/ip_vs_ctl.c index 7f0288b..f28ec68 100644 --- a/net/ipv4/ipvs/ip_vs_ctl.c +++ b/net/ipv4/ipvs/ip_vs_ctl.c @@ -34,6 +34,7 @@ #include <linux/netfilter.h> #include <linux/netfilter_ipv4.h> +#include <linux/mutex.h> #include <net/ip.h> #include <net/route.h> @@ -44,7 +45,7 @@ #include <net/ip_vs.h> /* semaphore for IPVS sockopts. And, [gs]etsockopt may sleep. */ -static DECLARE_MUTEX(__ip_vs_mutex); +static DEFINE_MUTEX(__ip_vs_mutex); /* lock for service table */ static DEFINE_RWLOCK(__ip_vs_svc_lock); @@ -1950,7 +1951,7 @@ do_ip_vs_set_ctl(struct sock *sk, int cmd, void __user *user, unsigned int len) /* increase the module use count */ ip_vs_use_count_inc(); - if (down_interruptible(&__ip_vs_mutex)) { + if (mutex_lock_interruptible(&__ip_vs_mutex)) { ret = -ERESTARTSYS; goto out_dec; } @@ -2041,7 +2042,7 @@ do_ip_vs_set_ctl(struct sock *sk, int cmd, void __user *user, unsigned int len) ip_vs_service_put(svc); out_unlock: - up(&__ip_vs_mutex); + mutex_unlock(&__ip_vs_mutex); out_dec: /* decrease the module use count */ ip_vs_use_count_dec(); @@ -2211,7 +2212,7 @@ do_ip_vs_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) if (copy_from_user(arg, user, get_arglen[GET_CMDID(cmd)]) != 0) return -EFAULT; - if (down_interruptible(&__ip_vs_mutex)) + if (mutex_lock_interruptible(&__ip_vs_mutex)) return -ERESTARTSYS; switch (cmd) { @@ -2330,7 +2331,7 @@ do_ip_vs_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) } out: - up(&__ip_vs_mutex); + mutex_unlock(&__ip_vs_mutex); return ret; } diff --git a/net/ipv4/netfilter.c b/net/ipv4/netfilter.c index ed42cdc..b5ad9ac 100644 --- a/net/ipv4/netfilter.c +++ b/net/ipv4/netfilter.c @@ -167,15 +167,15 @@ static struct nf_queue_rerouter ip_reroute = { .reroute = queue_reroute, }; -static int init(void) +static int ipv4_netfilter_init(void) { return nf_register_queue_rerouter(PF_INET, &ip_reroute); } -static void fini(void) +static void ipv4_netfilter_fini(void) { nf_unregister_queue_rerouter(PF_INET); } -module_init(init); -module_exit(fini); +module_init(ipv4_netfilter_init); +module_exit(ipv4_netfilter_fini); diff --git a/net/ipv4/netfilter/Kconfig b/net/ipv4/netfilter/Kconfig index db78303..882b842 100644 --- a/net/ipv4/netfilter/Kconfig +++ b/net/ipv4/netfilter/Kconfig @@ -168,6 +168,26 @@ config IP_NF_PPTP If you want to compile it as a module, say M here and read Documentation/modules.txt. If unsure, say `N'. +config IP_NF_H323 + tristate 'H.323 protocol support' + depends on IP_NF_CONNTRACK + help + H.323 is a VoIP signalling protocol from ITU-T. As one of the most + important VoIP protocols, it is widely used by voice hardware and + software including voice gateways, IP phones, Netmeeting, OpenPhone, + Gnomemeeting, etc. + + With this module you can support H.323 on a connection tracking/NAT + firewall. + + This module supports RAS, Fast-start, H.245 tunnelling, RTP/RTCP + and T.120 based data and applications including audio, video, FAX, + chat, whiteboard, file transfer, etc. For more information, please + see http://nath323.sourceforge.net/. + + If you want to compile it as a module, say 'M' here and read + Documentation/modules.txt. If unsure, say 'N'. + config IP_NF_QUEUE tristate "IP Userspace queueing via NETLINK (OBSOLETE)" help @@ -303,16 +323,6 @@ config IP_NF_MATCH_HASHLIMIT destination IP' or `500pps from any given source IP' with a single IPtables rule. -config IP_NF_MATCH_POLICY - tristate "IPsec policy match support" - depends on IP_NF_IPTABLES && XFRM - help - Policy matching allows you to match packets based on the - IPsec policy that was used during decapsulation/will - be used during encapsulation. - - To compile it as a module, choose M here. If unsure, say N. - # `filter', generic and specific targets config IP_NF_FILTER tristate "Packet filtering" @@ -494,6 +504,12 @@ config IP_NF_NAT_PPTP default IP_NF_NAT if IP_NF_PPTP=y default m if IP_NF_PPTP=m +config IP_NF_NAT_H323 + tristate + depends on IP_NF_IPTABLES!=n && IP_NF_CONNTRACK!=n && IP_NF_NAT!=n + default IP_NF_NAT if IP_NF_H323=y + default m if IP_NF_H323=m + # mangle + specific targets config IP_NF_MANGLE tristate "Packet mangling" diff --git a/net/ipv4/netfilter/Makefile b/net/ipv4/netfilter/Makefile index e5c5b32..f2cd9a6 100644 --- a/net/ipv4/netfilter/Makefile +++ b/net/ipv4/netfilter/Makefile @@ -10,6 +10,9 @@ iptable_nat-objs := ip_nat_rule.o ip_nat_standalone.o ip_conntrack_pptp-objs := ip_conntrack_helper_pptp.o ip_conntrack_proto_gre.o ip_nat_pptp-objs := ip_nat_helper_pptp.o ip_nat_proto_gre.o +ip_conntrack_h323-objs := ip_conntrack_helper_h323.o ip_conntrack_helper_h323_asn1.o +ip_nat_h323-objs := ip_nat_helper_h323.o + # connection tracking obj-$(CONFIG_IP_NF_CONNTRACK) += ip_conntrack.o obj-$(CONFIG_IP_NF_NAT) += ip_nat.o @@ -22,6 +25,7 @@ obj-$(CONFIG_IP_NF_CONNTRACK_NETLINK) += ip_conntrack_netlink.o obj-$(CONFIG_IP_NF_CT_PROTO_SCTP) += ip_conntrack_proto_sctp.o # connection tracking helpers +obj-$(CONFIG_IP_NF_H323) += ip_conntrack_h323.o obj-$(CONFIG_IP_NF_PPTP) += ip_conntrack_pptp.o obj-$(CONFIG_IP_NF_AMANDA) += ip_conntrack_amanda.o obj-$(CONFIG_IP_NF_TFTP) += ip_conntrack_tftp.o @@ -30,6 +34,7 @@ obj-$(CONFIG_IP_NF_IRC) += ip_conntrack_irc.o obj-$(CONFIG_IP_NF_NETBIOS_NS) += ip_conntrack_netbios_ns.o # NAT helpers +obj-$(CONFIG_IP_NF_NAT_H323) += ip_nat_h323.o obj-$(CONFIG_IP_NF_NAT_PPTP) += ip_nat_pptp.o obj-$(CONFIG_IP_NF_NAT_AMANDA) += ip_nat_amanda.o obj-$(CONFIG_IP_NF_NAT_TFTP) += ip_nat_tftp.o @@ -57,7 +62,6 @@ obj-$(CONFIG_IP_NF_MATCH_DSCP) += ipt_dscp.o obj-$(CONFIG_IP_NF_MATCH_AH_ESP) += ipt_ah.o ipt_esp.o obj-$(CONFIG_IP_NF_MATCH_TTL) += ipt_ttl.o obj-$(CONFIG_IP_NF_MATCH_ADDRTYPE) += ipt_addrtype.o -obj-$(CONFIG_IP_NF_MATCH_POLICY) += ipt_policy.o # targets obj-$(CONFIG_IP_NF_TARGET_REJECT) += ipt_REJECT.o diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c index 7d7ab94..a44a5d7 100644 --- a/net/ipv4/netfilter/arp_tables.c +++ b/net/ipv4/netfilter/arp_tables.c @@ -22,7 +22,7 @@ #include <linux/init.h> #include <asm/uaccess.h> -#include <asm/semaphore.h> +#include <linux/mutex.h> #include <linux/netfilter/x_tables.h> #include <linux/netfilter_arp/arp_tables.h> @@ -208,6 +208,7 @@ static unsigned int arpt_error(struct sk_buff **pskb, const struct net_device *in, const struct net_device *out, unsigned int hooknum, + const struct xt_target *target, const void *targinfo, void *userinfo) { @@ -300,6 +301,7 @@ unsigned int arpt_do_table(struct sk_buff **pskb, verdict = t->u.kernel.target->target(pskb, in, out, hook, + t->u.kernel.target, t->data, userdata); @@ -480,26 +482,31 @@ static inline int check_entry(struct arpt_entry *e, const char *name, unsigned i } t->u.kernel.target = target; + ret = xt_check_target(target, NF_ARP, t->u.target_size - sizeof(*t), + name, e->comefrom, 0, 0); + if (ret) + goto err; + if (t->u.kernel.target == &arpt_standard_target) { if (!standard_check(t, size)) { ret = -EINVAL; goto out; } } else if (t->u.kernel.target->checkentry - && !t->u.kernel.target->checkentry(name, e, t->data, + && !t->u.kernel.target->checkentry(name, e, target, t->data, t->u.target_size - sizeof(*t), e->comefrom)) { - module_put(t->u.kernel.target->me); duprintf("arp_tables: check failed for `%s'.\n", t->u.kernel.target->name); ret = -EINVAL; - goto out; + goto err; } (*i)++; return 0; - +err: + module_put(t->u.kernel.target->me); out: return ret; } @@ -555,7 +562,7 @@ static inline int cleanup_entry(struct arpt_entry *e, unsigned int *i) t = arpt_get_target(e); if (t->u.kernel.target->destroy) - t->u.kernel.target->destroy(t->data, + t->u.kernel.target->destroy(t->u.kernel.target, t->data, t->u.target_size - sizeof(*t)); module_put(t->u.kernel.target->me); return 0; @@ -1138,11 +1145,15 @@ void arpt_unregister_table(struct arpt_table *table) /* The built-in targets: standard (NULL) and error. */ static struct arpt_target arpt_standard_target = { .name = ARPT_STANDARD_TARGET, + .targetsize = sizeof(int), + .family = NF_ARP, }; static struct arpt_target arpt_error_target = { .name = ARPT_ERROR_TARGET, .target = arpt_error, + .targetsize = ARPT_FUNCTION_MAXNAMELEN, + .family = NF_ARP, }; static struct nf_sockopt_ops arpt_sockopts = { @@ -1155,15 +1166,15 @@ static struct nf_sockopt_ops arpt_sockopts = { .get = do_arpt_get_ctl, }; -static int __init init(void) +static int __init arp_tables_init(void) { int ret; xt_proto_init(NF_ARP); /* Noone else will be downing sem now, so we won't sleep */ - xt_register_target(NF_ARP, &arpt_standard_target); - xt_register_target(NF_ARP, &arpt_error_target); + xt_register_target(&arpt_standard_target); + xt_register_target(&arpt_error_target); /* Register setsockopt */ ret = nf_register_sockopt(&arpt_sockopts); @@ -1176,7 +1187,7 @@ static int __init init(void) return 0; } -static void __exit fini(void) +static void __exit arp_tables_fini(void) { nf_unregister_sockopt(&arpt_sockopts); xt_proto_fini(NF_ARP); @@ -1186,5 +1197,5 @@ EXPORT_SYMBOL(arpt_register_table); EXPORT_SYMBOL(arpt_unregister_table); EXPORT_SYMBOL(arpt_do_table); -module_init(init); -module_exit(fini); +module_init(arp_tables_init); +module_exit(arp_tables_fini); diff --git a/net/ipv4/netfilter/arpt_mangle.c b/net/ipv4/netfilter/arpt_mangle.c index c97650a..a58325c 100644 --- a/net/ipv4/netfilter/arpt_mangle.c +++ b/net/ipv4/netfilter/arpt_mangle.c @@ -8,9 +8,10 @@ MODULE_AUTHOR("Bart De Schuymer <bdschuym@pandora.be>"); MODULE_DESCRIPTION("arptables arp payload mangle target"); static unsigned int -target(struct sk_buff **pskb, const struct net_device *in, - const struct net_device *out, unsigned int hooknum, const void *targinfo, - void *userinfo) +target(struct sk_buff **pskb, + const struct net_device *in, const struct net_device *out, + unsigned int hooknum, const struct xt_target *target, + const void *targinfo, void *userinfo) { const struct arpt_mangle *mangle = targinfo; struct arphdr *arp; @@ -65,8 +66,8 @@ target(struct sk_buff **pskb, const struct net_device *in, } static int -checkentry(const char *tablename, const void *e, void *targinfo, - unsigned int targinfosize, unsigned int hook_mask) +checkentry(const char *tablename, const void *e, const struct xt_target *target, + void *targinfo, unsigned int targinfosize, unsigned int hook_mask) { const struct arpt_mangle *mangle = targinfo; @@ -80,15 +81,15 @@ checkentry(const char *tablename, const void *e, void *targinfo, return 1; } -static struct arpt_target arpt_mangle_reg -= { - .name = "mangle", - .target = target, - .checkentry = checkentry, - .me = THIS_MODULE, +static struct arpt_target arpt_mangle_reg = { + .name = "mangle", + .target = target, + .targetsize = sizeof(struct arpt_mangle), + .checkentry = checkentry, + .me = THIS_MODULE, }; -static int __init init(void) +static int __init arpt_mangle_init(void) { if (arpt_register_target(&arpt_mangle_reg)) return -EINVAL; @@ -96,10 +97,10 @@ static int __init init(void) return 0; } -static void __exit fini(void) +static void __exit arpt_mangle_fini(void) { arpt_unregister_target(&arpt_mangle_reg); } -module_init(init); -module_exit(fini); +module_init(arpt_mangle_init); +module_exit(arpt_mangle_fini); diff --git a/net/ipv4/netfilter/arptable_filter.c b/net/ipv4/netfilter/arptable_filter.c index f6ab45f..d0d379c 100644 --- a/net/ipv4/netfilter/arptable_filter.c +++ b/net/ipv4/netfilter/arptable_filter.c @@ -179,7 +179,7 @@ static struct nf_hook_ops arpt_ops[] = { }, }; -static int __init init(void) +static int __init arptable_filter_init(void) { int ret, i; @@ -201,7 +201,7 @@ cleanup_hooks: return ret; } -static void __exit fini(void) +static void __exit arptable_filter_fini(void) { unsigned int i; @@ -211,5 +211,5 @@ static void __exit fini(void) arpt_unregister_table(&packet_filter); } -module_init(init); -module_exit(fini); +module_init(arptable_filter_init); +module_exit(arptable_filter_fini); diff --git a/net/ipv4/netfilter/ip_conntrack_amanda.c b/net/ipv4/netfilter/ip_conntrack_amanda.c index 84e4f79..a604b1c 100644 --- a/net/ipv4/netfilter/ip_conntrack_amanda.c +++ b/net/ipv4/netfilter/ip_conntrack_amanda.c @@ -153,13 +153,13 @@ static struct ip_conntrack_helper amanda_helper = { }, }; -static void __exit fini(void) +static void __exit ip_conntrack_amanda_fini(void) { ip_conntrack_helper_unregister(&amanda_helper); kfree(amanda_buffer); } -static int __init init(void) +static int __init ip_conntrack_amanda_init(void) { int ret; @@ -177,5 +177,5 @@ static int __init init(void) } -module_init(init); -module_exit(fini); +module_init(ip_conntrack_amanda_init); +module_exit(ip_conntrack_amanda_fini); diff --git a/net/ipv4/netfilter/ip_conntrack_core.c b/net/ipv4/netfilter/ip_conntrack_core.c index 84c66db..ceaabc1 100644 --- a/net/ipv4/netfilter/ip_conntrack_core.c +++ b/net/ipv4/netfilter/ip_conntrack_core.c @@ -77,11 +77,11 @@ unsigned int ip_ct_log_invalid; static LIST_HEAD(unconfirmed); static int ip_conntrack_vmalloc; -static unsigned int ip_conntrack_next_id = 1; -static unsigned int ip_conntrack_expect_next_id = 1; +static unsigned int ip_conntrack_next_id; +static unsigned int ip_conntrack_expect_next_id; #ifdef CONFIG_IP_NF_CONNTRACK_EVENTS -struct notifier_block *ip_conntrack_chain; -struct notifier_block *ip_conntrack_expect_chain; +ATOMIC_NOTIFIER_HEAD(ip_conntrack_chain); +ATOMIC_NOTIFIER_HEAD(ip_conntrack_expect_chain); DEFINE_PER_CPU(struct ip_conntrack_ecache, ip_conntrack_ecache); @@ -92,7 +92,7 @@ __ip_ct_deliver_cached_events(struct ip_conntrack_ecache *ecache) { DEBUGP("ecache: delivering events for %p\n", ecache->ct); if (is_confirmed(ecache->ct) && !is_dying(ecache->ct) && ecache->events) - notifier_call_chain(&ip_conntrack_chain, ecache->events, + atomic_notifier_call_chain(&ip_conntrack_chain, ecache->events, ecache->ct); ecache->events = 0; ip_conntrack_put(ecache->ct); diff --git a/net/ipv4/netfilter/ip_conntrack_ftp.c b/net/ipv4/netfilter/ip_conntrack_ftp.c index e627e58..3e542bf 100644 --- a/net/ipv4/netfilter/ip_conntrack_ftp.c +++ b/net/ipv4/netfilter/ip_conntrack_ftp.c @@ -453,7 +453,7 @@ static struct ip_conntrack_helper ftp[MAX_PORTS]; static char ftp_names[MAX_PORTS][sizeof("ftp-65535")]; /* Not __exit: called from init() */ -static void fini(void) +static void ip_conntrack_ftp_fini(void) { int i; for (i = 0; i < ports_c; i++) { @@ -465,7 +465,7 @@ static void fini(void) kfree(ftp_buffer); } -static int __init init(void) +static int __init ip_conntrack_ftp_init(void) { int i, ret; char *tmpname; @@ -499,12 +499,12 @@ static int __init init(void) ret = ip_conntrack_helper_register(&ftp[i]); if (ret) { - fini(); + ip_conntrack_ftp_fini(); return ret; } } return 0; } -module_init(init); -module_exit(fini); +module_init(ip_conntrack_ftp_init); +module_exit(ip_conntrack_ftp_fini); diff --git a/net/ipv4/netfilter/ip_conntrack_helper_h323.c b/net/ipv4/netfilter/ip_conntrack_helper_h323.c new file mode 100644 index 0000000..daeb139 --- /dev/null +++ b/net/ipv4/netfilter/ip_conntrack_helper_h323.c @@ -0,0 +1,1731 @@ +/* + * H.323 connection tracking helper + * + * Copyright (c) 2006 Jing Min Zhao <zhaojingmin@users.sourceforge.net> + * + * This source code is licensed under General Public License version 2. + * + * Based on the 'brute force' H.323 connection tracking module by + * Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> + * + * For more information, please see http://nath323.sourceforge.net/ + * + * Changes: + * 2006-02-01 - initial version 0.1 + * + * 2006-02-20 - version 0.2 + * 1. Changed source format to follow kernel conventions + * 2. Deleted some unnecessary structures + * 3. Minor fixes + * + * 2006-03-10 - version 0.3 + * 1. Added support for multiple TPKTs in one packet (suggested by + * Patrick McHardy) + * 2. Avoid excessive stack usage (based on Patrick McHardy's patch) + * 3. Added support for non-linear skb (based on Patrick McHardy's patch) + * 4. Fixed missing H.245 module owner (Patrick McHardy) + * 5. Avoid long RAS expectation chains (Patrick McHardy) + * 6. Fixed incorrect __exit attribute (Patrick McHardy) + * 7. Eliminated unnecessary return code + * 8. Fixed incorrect use of NAT data from conntrack code (suggested by + * Patrick McHardy) + * 9. Fixed TTL calculation error in RCF + * 10. Added TTL support in RRQ + * 11. Better support for separate TPKT header and data + * + * 2006-03-15 - version 0.4 + * 1. Added support for T.120 channels + * 2. Added parameter gkrouted_only (suggested by Patrick McHardy) + * 3. Splitted ASN.1 code and data (suggested by Patrick McHardy) + * 4. Sort ASN.1 data to avoid forwarding declarations (suggested by + * Patrick McHardy) + * 5. Reset next TPKT data length in get_tpkt_data() + */ + +#include <linux/config.h> +#include <linux/module.h> +#include <linux/netfilter.h> +#include <linux/ip.h> +#include <net/tcp.h> +#include <linux/netfilter_ipv4/ip_conntrack.h> +#include <linux/netfilter_ipv4/ip_conntrack_core.h> +#include <linux/netfilter_ipv4/ip_conntrack_helper.h> +#include <linux/netfilter_ipv4/ip_conntrack_tuple.h> +#include <linux/netfilter_ipv4/ip_conntrack_h323.h> +#include <linux/moduleparam.h> + +#include "ip_conntrack_helper_h323_asn1.h" + +#if 0 +#define DEBUGP printk +#else +#define DEBUGP(format, args...) +#endif + +/* Parameters */ +static int gkrouted_only = 1; +module_param(gkrouted_only, int, 0600); +MODULE_PARM_DESC(gkrouted_only, "only accept calls from gatekeeper"); + +/* Hooks for NAT */ +int (*set_h245_addr_hook) (struct sk_buff ** pskb, + unsigned char **data, int dataoff, + H245_TransportAddress * addr, + u_int32_t ip, u_int16_t port); +int (*set_h225_addr_hook) (struct sk_buff ** pskb, + unsigned char **data, int dataoff, + TransportAddress * addr, + u_int32_t ip, u_int16_t port); +int (*set_sig_addr_hook) (struct sk_buff ** pskb, + struct ip_conntrack * ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, + TransportAddress * addr, int count); +int (*set_ras_addr_hook) (struct sk_buff ** pskb, + struct ip_conntrack * ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, + TransportAddress * addr, int count); +int (*nat_rtp_rtcp_hook) (struct sk_buff ** pskb, + struct ip_conntrack * ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, int dataoff, + H245_TransportAddress * addr, + u_int16_t port, u_int16_t rtp_port, + struct ip_conntrack_expect * rtp_exp, + struct ip_conntrack_expect * rtcp_exp); +int (*nat_t120_hook) (struct sk_buff ** pskb, + struct ip_conntrack * ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, int dataoff, + H245_TransportAddress * addr, u_int16_t port, + struct ip_conntrack_expect * exp); +int (*nat_h245_hook) (struct sk_buff ** pskb, + struct ip_conntrack * ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, int dataoff, + TransportAddress * addr, u_int16_t port, + struct ip_conntrack_expect * exp); +int (*nat_q931_hook) (struct sk_buff ** pskb, + struct ip_conntrack * ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, TransportAddress * addr, int idx, + u_int16_t port, struct ip_conntrack_expect * exp); + + +static DEFINE_SPINLOCK(ip_h323_lock); +static char *h323_buffer; + +/****************************************************************************/ +static int get_tpkt_data(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, int *datalen, int *dataoff) +{ + struct ip_ct_h323_master *info = &ct->help.ct_h323_info; + int dir = CTINFO2DIR(ctinfo); + struct tcphdr _tcph, *th; + int tcpdatalen; + int tcpdataoff; + unsigned char *tpkt; + int tpktlen; + int tpktoff; + + /* Get TCP header */ + th = skb_header_pointer(*pskb, (*pskb)->nh.iph->ihl * 4, + sizeof(_tcph), &_tcph); + if (th == NULL) + return 0; + + /* Get TCP data offset */ + tcpdataoff = (*pskb)->nh.iph->ihl * 4 + th->doff * 4; + + /* Get TCP data length */ + tcpdatalen = (*pskb)->len - tcpdataoff; + if (tcpdatalen <= 0) /* No TCP data */ + goto clear_out; + + if (*data == NULL) { /* first TPKT */ + /* Get first TPKT pointer */ + tpkt = skb_header_pointer(*pskb, tcpdataoff, tcpdatalen, + h323_buffer); + BUG_ON(tpkt == NULL); + + /* Validate TPKT identifier */ + if (tcpdatalen < 4 || tpkt[0] != 0x03 || tpkt[1] != 0) { + /* Netmeeting sends TPKT header and data separately */ + if (info->tpkt_len[dir] > 0) { + DEBUGP("ip_ct_h323: previous packet " + "indicated separate TPKT data of %hu " + "bytes\n", info->tpkt_len[dir]); + if (info->tpkt_len[dir] <= tcpdatalen) { + /* Yes, there was a TPKT header + * received */ + *data = tpkt; + *datalen = info->tpkt_len[dir]; + *dataoff = 0; + goto out; + } + + /* Fragmented TPKT */ + if (net_ratelimit()) + printk("ip_ct_h323: " + "fragmented TPKT\n"); + goto clear_out; + } + + /* It is not even a TPKT */ + return 0; + } + tpktoff = 0; + } else { /* Next TPKT */ + tpktoff = *dataoff + *datalen; + tcpdatalen -= tpktoff; + if (tcpdatalen <= 4) /* No more TPKT */ + goto clear_out; + tpkt = *data + *datalen; + + /* Validate TPKT identifier */ + if (tpkt[0] != 0x03 || tpkt[1] != 0) + goto clear_out; + } + + /* Validate TPKT length */ + tpktlen = tpkt[2] * 256 + tpkt[3]; + if (tpktlen > tcpdatalen) { + if (tcpdatalen == 4) { /* Separate TPKT header */ + /* Netmeeting sends TPKT header and data separately */ + DEBUGP("ip_ct_h323: separate TPKT header indicates " + "there will be TPKT data of %hu bytes\n", + tpktlen - 4); + info->tpkt_len[dir] = tpktlen - 4; + return 0; + } + + if (net_ratelimit()) + printk("ip_ct_h323: incomplete TPKT (fragmented?)\n"); + goto clear_out; + } + + /* This is the encapsulated data */ + *data = tpkt + 4; + *datalen = tpktlen - 4; + *dataoff = tpktoff + 4; + + out: + /* Clear TPKT length */ + info->tpkt_len[dir] = 0; + return 1; + + clear_out: + info->tpkt_len[dir] = 0; + return 0; +} + +/****************************************************************************/ +int get_h245_addr(unsigned char *data, H245_TransportAddress * addr, + u_int32_t * ip, u_int16_t * port) +{ + unsigned char *p; + + if (addr->choice != eH245_TransportAddress_unicastAddress || + addr->unicastAddress.choice != eUnicastAddress_iPAddress) + return 0; + + p = data + addr->unicastAddress.iPAddress.network; + *ip = htonl((p[0] << 24) | (p[1] << 16) | (p[2] << 8) | (p[3])); + *port = (p[4] << 8) | (p[5]); + + return 1; +} + +/****************************************************************************/ +static int expect_rtp_rtcp(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, int dataoff, + H245_TransportAddress * addr) +{ + int dir = CTINFO2DIR(ctinfo); + int ret = 0; + u_int32_t ip; + u_int16_t port; + u_int16_t rtp_port; + struct ip_conntrack_expect *rtp_exp; + struct ip_conntrack_expect *rtcp_exp; + + /* Read RTP or RTCP address */ + if (!get_h245_addr(*data, addr, &ip, &port) || + ip != ct->tuplehash[dir].tuple.src.ip || port == 0) + return 0; + + /* RTP port is even */ + rtp_port = port & (~1); + + /* Create expect for RTP */ + if ((rtp_exp = ip_conntrack_expect_alloc(ct)) == NULL) + return -1; + rtp_exp->tuple.src.ip = ct->tuplehash[!dir].tuple.src.ip; + rtp_exp->tuple.src.u.udp.port = 0; + rtp_exp->tuple.dst.ip = ct->tuplehash[!dir].tuple.dst.ip; + rtp_exp->tuple.dst.u.udp.port = htons(rtp_port); + rtp_exp->tuple.dst.protonum = IPPROTO_UDP; + rtp_exp->mask.src.ip = 0xFFFFFFFF; + rtp_exp->mask.src.u.udp.port = 0; + rtp_exp->mask.dst.ip = 0xFFFFFFFF; + rtp_exp->mask.dst.u.udp.port = 0xFFFF; + rtp_exp->mask.dst.protonum = 0xFF; + rtp_exp->flags = 0; + + /* Create expect for RTCP */ + if ((rtcp_exp = ip_conntrack_expect_alloc(ct)) == NULL) { + ip_conntrack_expect_put(rtp_exp); + return -1; + } + rtcp_exp->tuple.src.ip = ct->tuplehash[!dir].tuple.src.ip; + rtcp_exp->tuple.src.u.udp.port = 0; + rtcp_exp->tuple.dst.ip = ct->tuplehash[!dir].tuple.dst.ip; + rtcp_exp->tuple.dst.u.udp.port = htons(rtp_port + 1); + rtcp_exp->tuple.dst.protonum = IPPROTO_UDP; + rtcp_exp->mask.src.ip = 0xFFFFFFFF; + rtcp_exp->mask.src.u.udp.port = 0; + rtcp_exp->mask.dst.ip = 0xFFFFFFFF; + rtcp_exp->mask.dst.u.udp.port = 0xFFFF; + rtcp_exp->mask.dst.protonum = 0xFF; + rtcp_exp->flags = 0; + + if (ct->tuplehash[dir].tuple.src.ip != + ct->tuplehash[!dir].tuple.dst.ip && nat_rtp_rtcp_hook) { + /* NAT needed */ + ret = nat_rtp_rtcp_hook(pskb, ct, ctinfo, data, dataoff, + addr, port, rtp_port, rtp_exp, + rtcp_exp); + } else { /* Conntrack only */ + rtp_exp->expectfn = NULL; + rtcp_exp->expectfn = NULL; + + if (ip_conntrack_expect_related(rtp_exp) == 0) { + if (ip_conntrack_expect_related(rtcp_exp) == 0) { + DEBUGP("ip_ct_h323: expect RTP " + "%u.%u.%u.%u:%hu->%u.%u.%u.%u:%hu\n", + NIPQUAD(rtp_exp->tuple.src.ip), + ntohs(rtp_exp->tuple.src.u.udp.port), + NIPQUAD(rtp_exp->tuple.dst.ip), + ntohs(rtp_exp->tuple.dst.u.udp.port)); + DEBUGP("ip_ct_h323: expect RTCP " + "%u.%u.%u.%u:%hu->%u.%u.%u.%u:%hu\n", + NIPQUAD(rtcp_exp->tuple.src.ip), + ntohs(rtcp_exp->tuple.src.u.udp.port), + NIPQUAD(rtcp_exp->tuple.dst.ip), + ntohs(rtcp_exp->tuple.dst.u.udp.port)); + } else { + ip_conntrack_unexpect_related(rtp_exp); + ret = -1; + } + } else + ret = -1; + } + + ip_conntrack_expect_put(rtp_exp); + ip_conntrack_expect_put(rtcp_exp); + + return ret; +} + +/****************************************************************************/ +static int expect_t120(struct sk_buff **pskb, + struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, int dataoff, + H245_TransportAddress * addr) +{ + int dir = CTINFO2DIR(ctinfo); + int ret = 0; + u_int32_t ip; + u_int16_t port; + struct ip_conntrack_expect *exp = NULL; + + /* Read T.120 address */ + if (!get_h245_addr(*data, addr, &ip, &port) || + ip != ct->tuplehash[dir].tuple.src.ip || port == 0) + return 0; + + /* Create expect for T.120 connections */ + if ((exp = ip_conntrack_expect_alloc(ct)) == NULL) + return -1; + exp->tuple.src.ip = ct->tuplehash[!dir].tuple.src.ip; + exp->tuple.src.u.tcp.port = 0; + exp->tuple.dst.ip = ct->tuplehash[!dir].tuple.dst.ip; + exp->tuple.dst.u.tcp.port = htons(port); + exp->tuple.dst.protonum = IPPROTO_TCP; + exp->mask.src.ip = 0xFFFFFFFF; + exp->mask.src.u.tcp.port = 0; + exp->mask.dst.ip = 0xFFFFFFFF; + exp->mask.dst.u.tcp.port = 0xFFFF; + exp->mask.dst.protonum = 0xFF; + exp->flags = IP_CT_EXPECT_PERMANENT; /* Accept multiple channels */ + + if (ct->tuplehash[dir].tuple.src.ip != + ct->tuplehash[!dir].tuple.dst.ip && nat_t120_hook) { + /* NAT needed */ + ret = nat_t120_hook(pskb, ct, ctinfo, data, dataoff, addr, + port, exp); + } else { /* Conntrack only */ + exp->expectfn = NULL; + if (ip_conntrack_expect_related(exp) == 0) { + DEBUGP("ip_ct_h323: expect T.120 " + "%u.%u.%u.%u:%hu->%u.%u.%u.%u:%hu\n", + NIPQUAD(exp->tuple.src.ip), + ntohs(exp->tuple.src.u.tcp.port), + NIPQUAD(exp->tuple.dst.ip), + ntohs(exp->tuple.dst.u.tcp.port)); + } else + ret = -1; + } + + ip_conntrack_expect_put(exp); + + return ret; +} + +/****************************************************************************/ +static int process_h245_channel(struct sk_buff **pskb, + struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, int dataoff, + H2250LogicalChannelParameters * channel) +{ + int ret; + + if (channel->options & eH2250LogicalChannelParameters_mediaChannel) { + /* RTP */ + ret = expect_rtp_rtcp(pskb, ct, ctinfo, data, dataoff, + &channel->mediaChannel); + if (ret < 0) + return -1; + } + + if (channel-> + options & eH2250LogicalChannelParameters_mediaControlChannel) { + /* RTCP */ + ret = expect_rtp_rtcp(pskb, ct, ctinfo, data, dataoff, + &channel->mediaControlChannel); + if (ret < 0) + return -1; + } + + return 0; +} + +/****************************************************************************/ +static int process_olc(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, int dataoff, + OpenLogicalChannel * olc) +{ + int ret; + + DEBUGP("ip_ct_h323: OpenLogicalChannel\n"); + + if (olc->forwardLogicalChannelParameters.multiplexParameters.choice == + eOpenLogicalChannel_forwardLogicalChannelParameters_multiplexParameters_h2250LogicalChannelParameters) + { + ret = process_h245_channel(pskb, ct, ctinfo, data, dataoff, + &olc-> + forwardLogicalChannelParameters. + multiplexParameters. + h2250LogicalChannelParameters); + if (ret < 0) + return -1; + } + + if ((olc->options & + eOpenLogicalChannel_reverseLogicalChannelParameters) && + (olc->reverseLogicalChannelParameters.options & + eOpenLogicalChannel_reverseLogicalChannelParameters_multiplexParameters) + && (olc->reverseLogicalChannelParameters.multiplexParameters. + choice == + eOpenLogicalChannel_reverseLogicalChannelParameters_multiplexParameters_h2250LogicalChannelParameters)) + { + ret = + process_h245_channel(pskb, ct, ctinfo, data, dataoff, + &olc-> + reverseLogicalChannelParameters. + multiplexParameters. + h2250LogicalChannelParameters); + if (ret < 0) + return -1; + } + + if ((olc->options & eOpenLogicalChannel_separateStack) && + olc->forwardLogicalChannelParameters.dataType.choice == + eDataType_data && + olc->forwardLogicalChannelParameters.dataType.data.application. + choice == eDataApplicationCapability_application_t120 && + olc->forwardLogicalChannelParameters.dataType.data.application. + t120.choice == eDataProtocolCapability_separateLANStack && + olc->separateStack.networkAddress.choice == + eNetworkAccessParameters_networkAddress_localAreaAddress) { + ret = expect_t120(pskb, ct, ctinfo, data, dataoff, + &olc->separateStack.networkAddress. + localAreaAddress); + if (ret < 0) + return -1; + } + + return 0; +} + +/****************************************************************************/ +static int process_olca(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, int dataoff, + OpenLogicalChannelAck * olca) +{ + H2250LogicalChannelAckParameters *ack; + int ret; + + DEBUGP("ip_ct_h323: OpenLogicalChannelAck\n"); + + if ((olca->options & + eOpenLogicalChannelAck_reverseLogicalChannelParameters) && + (olca->reverseLogicalChannelParameters.options & + eOpenLogicalChannelAck_reverseLogicalChannelParameters_multiplexParameters) + && (olca->reverseLogicalChannelParameters.multiplexParameters. + choice == + eOpenLogicalChannelAck_reverseLogicalChannelParameters_multiplexParameters_h2250LogicalChannelParameters)) + { + ret = process_h245_channel(pskb, ct, ctinfo, data, dataoff, + &olca-> + reverseLogicalChannelParameters. + multiplexParameters. + h2250LogicalChannelParameters); + if (ret < 0) + return -1; + } + + if ((olca->options & + eOpenLogicalChannelAck_forwardMultiplexAckParameters) && + (olca->forwardMultiplexAckParameters.choice == + eOpenLogicalChannelAck_forwardMultiplexAckParameters_h2250LogicalChannelAckParameters)) + { + ack = &olca->forwardMultiplexAckParameters. + h2250LogicalChannelAckParameters; + if (ack->options & + eH2250LogicalChannelAckParameters_mediaChannel) { + /* RTP */ + ret = expect_rtp_rtcp(pskb, ct, ctinfo, data, dataoff, + &ack->mediaChannel); + if (ret < 0) + return -1; + } + + if (ack->options & + eH2250LogicalChannelAckParameters_mediaControlChannel) { + /* RTCP */ + ret = expect_rtp_rtcp(pskb, ct, ctinfo, data, dataoff, + &ack->mediaControlChannel); + if (ret < 0) + return -1; + } + } + + return 0; +} + +/****************************************************************************/ +static int process_h245(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, int dataoff, + MultimediaSystemControlMessage * mscm) +{ + switch (mscm->choice) { + case eMultimediaSystemControlMessage_request: + if (mscm->request.choice == + eRequestMessage_openLogicalChannel) { + return process_olc(pskb, ct, ctinfo, data, dataoff, + &mscm->request.openLogicalChannel); + } + DEBUGP("ip_ct_h323: H.245 Request %d\n", + mscm->request.choice); + break; + case eMultimediaSystemControlMessage_response: + if (mscm->response.choice == + eResponseMessage_openLogicalChannelAck) { + return process_olca(pskb, ct, ctinfo, data, dataoff, + &mscm->response. + openLogicalChannelAck); + } + DEBUGP("ip_ct_h323: H.245 Response %d\n", + mscm->response.choice); + break; + default: + DEBUGP("ip_ct_h323: H.245 signal %d\n", mscm->choice); + break; + } + + return 0; +} + +/****************************************************************************/ +static int h245_help(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo) +{ + static MultimediaSystemControlMessage mscm; + unsigned char *data = NULL; + int datalen; + int dataoff; + int ret; + + /* Until there's been traffic both ways, don't look in packets. */ + if (ctinfo != IP_CT_ESTABLISHED + && ctinfo != IP_CT_ESTABLISHED + IP_CT_IS_REPLY) { + return NF_ACCEPT; + } + DEBUGP("ip_ct_h245: skblen = %u\n", (*pskb)->len); + + spin_lock_bh(&ip_h323_lock); + + /* Process each TPKT */ + while (get_tpkt_data(pskb, ct, ctinfo, &data, &datalen, &dataoff)) { + DEBUGP("ip_ct_h245: TPKT %u.%u.%u.%u->%u.%u.%u.%u, len=%d\n", + NIPQUAD((*pskb)->nh.iph->saddr), + NIPQUAD((*pskb)->nh.iph->daddr), datalen); + + /* Decode H.245 signal */ + ret = DecodeMultimediaSystemControlMessage(data, datalen, + &mscm); + if (ret < 0) { + if (net_ratelimit()) + printk("ip_ct_h245: decoding error: %s\n", + ret == H323_ERROR_BOUND ? + "out of bound" : "out of range"); + /* We don't drop when decoding error */ + break; + } + + /* Process H.245 signal */ + if (process_h245(pskb, ct, ctinfo, &data, dataoff, &mscm) < 0) + goto drop; + } + + spin_unlock_bh(&ip_h323_lock); + return NF_ACCEPT; + + drop: + spin_unlock_bh(&ip_h323_lock); + if (net_ratelimit()) + printk("ip_ct_h245: packet dropped\n"); + return NF_DROP; +} + +/****************************************************************************/ +static struct ip_conntrack_helper ip_conntrack_helper_h245 = { + .name = "H.245", + .me = THIS_MODULE, + .max_expected = H323_RTP_CHANNEL_MAX * 4 + 2 /* T.120 */ , + .timeout = 240, + .tuple = {.dst = {.protonum = IPPROTO_TCP}}, + .mask = {.src = {.u = {0xFFFF}}, + .dst = {.protonum = 0xFF}}, + .help = h245_help +}; + +/****************************************************************************/ +void ip_conntrack_h245_expect(struct ip_conntrack *new, + struct ip_conntrack_expect *this) +{ + write_lock_bh(&ip_conntrack_lock); + new->helper = &ip_conntrack_helper_h245; + write_unlock_bh(&ip_conntrack_lock); +} + +/****************************************************************************/ +int get_h225_addr(unsigned char *data, TransportAddress * addr, + u_int32_t * ip, u_int16_t * port) +{ + unsigned char *p; + + if (addr->choice != eTransportAddress_ipAddress) + return 0; + + p = data + addr->ipAddress.ip; + *ip = htonl((p[0] << 24) | (p[1] << 16) | (p[2] << 8) | (p[3])); + *port = (p[4] << 8) | (p[5]); + + return 1; +} + +/****************************************************************************/ +static int expect_h245(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, int dataoff, + TransportAddress * addr) +{ + int dir = CTINFO2DIR(ctinfo); + int ret = 0; + u_int32_t ip; + u_int16_t port; + struct ip_conntrack_expect *exp = NULL; + + /* Read h245Address */ + if (!get_h225_addr(*data, addr, &ip, &port) || + ip != ct->tuplehash[dir].tuple.src.ip || port == 0) + return 0; + + /* Create expect for h245 connection */ + if ((exp = ip_conntrack_expect_alloc(ct)) == NULL) + return -1; + exp->tuple.src.ip = ct->tuplehash[!dir].tuple.src.ip; + exp->tuple.src.u.tcp.port = 0; + exp->tuple.dst.ip = ct->tuplehash[!dir].tuple.dst.ip; + exp->tuple.dst.u.tcp.port = htons(port); + exp->tuple.dst.protonum = IPPROTO_TCP; + exp->mask.src.ip = 0xFFFFFFFF; + exp->mask.src.u.tcp.port = 0; + exp->mask.dst.ip = 0xFFFFFFFF; + exp->mask.dst.u.tcp.port = 0xFFFF; + exp->mask.dst.protonum = 0xFF; + exp->flags = 0; + + if (ct->tuplehash[dir].tuple.src.ip != + ct->tuplehash[!dir].tuple.dst.ip && nat_h245_hook) { + /* NAT needed */ + ret = nat_h245_hook(pskb, ct, ctinfo, data, dataoff, addr, + port, exp); + } else { /* Conntrack only */ + exp->expectfn = ip_conntrack_h245_expect; + + if (ip_conntrack_expect_related(exp) == 0) { + DEBUGP("ip_ct_q931: expect H.245 " + "%u.%u.%u.%u:%hu->%u.%u.%u.%u:%hu\n", + NIPQUAD(exp->tuple.src.ip), + ntohs(exp->tuple.src.u.tcp.port), + NIPQUAD(exp->tuple.dst.ip), + ntohs(exp->tuple.dst.u.tcp.port)); + } else + ret = -1; + } + + ip_conntrack_expect_put(exp); + + return ret; +} + +/****************************************************************************/ +static int process_setup(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, int dataoff, + Setup_UUIE * setup) +{ + int dir = CTINFO2DIR(ctinfo); + int ret; + int i; + u_int32_t ip; + u_int16_t port; + + DEBUGP("ip_ct_q931: Setup\n"); + + if (setup->options & eSetup_UUIE_h245Address) { + ret = expect_h245(pskb, ct, ctinfo, data, dataoff, + &setup->h245Address); + if (ret < 0) + return -1; + } + + if ((setup->options & eSetup_UUIE_destCallSignalAddress) && + (set_h225_addr_hook) && + get_h225_addr(*data, &setup->destCallSignalAddress, &ip, &port) && + ip != ct->tuplehash[!dir].tuple.src.ip) { + DEBUGP("ip_ct_q931: set destCallSignalAddress " + "%u.%u.%u.%u:%hu->%u.%u.%u.%u:%hu\n", + NIPQUAD(ip), port, + NIPQUAD(ct->tuplehash[!dir].tuple.src.ip), + ntohs(ct->tuplehash[!dir].tuple.src.u.tcp.port)); + ret = set_h225_addr_hook(pskb, data, dataoff, + &setup->destCallSignalAddress, + ct->tuplehash[!dir].tuple.src.ip, + ntohs(ct->tuplehash[!dir].tuple.src. + u.tcp.port)); + if (ret < 0) + return -1; + } + + if ((setup->options & eSetup_UUIE_sourceCallSignalAddress) && + (set_h225_addr_hook) && + get_h225_addr(*data, &setup->sourceCallSignalAddress, &ip, &port) + && ip != ct->tuplehash[!dir].tuple.dst.ip) { + DEBUGP("ip_ct_q931: set sourceCallSignalAddress " + "%u.%u.%u.%u:%hu->%u.%u.%u.%u:%hu\n", + NIPQUAD(ip), port, + NIPQUAD(ct->tuplehash[!dir].tuple.dst.ip), + ntohs(ct->tuplehash[!dir].tuple.dst.u.tcp.port)); + ret = set_h225_addr_hook(pskb, data, dataoff, + &setup->sourceCallSignalAddress, + ct->tuplehash[!dir].tuple.dst.ip, + ntohs(ct->tuplehash[!dir].tuple.dst. + u.tcp.port)); + if (ret < 0) + return -1; + } + + if (setup->options & eSetup_UUIE_fastStart) { + for (i = 0; i < setup->fastStart.count; i++) { + ret = process_olc(pskb, ct, ctinfo, data, dataoff, + &setup->fastStart.item[i]); + if (ret < 0) + return -1; + } + } + + return 0; +} + +/****************************************************************************/ +static int process_callproceeding(struct sk_buff **pskb, + struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, int dataoff, + CallProceeding_UUIE * callproc) +{ + int ret; + int i; + + DEBUGP("ip_ct_q931: CallProceeding\n"); + + if (callproc->options & eCallProceeding_UUIE_h245Address) { + ret = expect_h245(pskb, ct, ctinfo, data, dataoff, + &callproc->h245Address); + if (ret < 0) + return -1; + } + + if (callproc->options & eCallProceeding_UUIE_fastStart) { + for (i = 0; i < callproc->fastStart.count; i++) { + ret = process_olc(pskb, ct, ctinfo, data, dataoff, + &callproc->fastStart.item[i]); + if (ret < 0) + return -1; + } + } + + return 0; +} + +/****************************************************************************/ +static int process_connect(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, int dataoff, + Connect_UUIE * connect) +{ + int ret; + int i; + + DEBUGP("ip_ct_q931: Connect\n"); + + if (connect->options & eConnect_UUIE_h245Address) { + ret = expect_h245(pskb, ct, ctinfo, data, dataoff, + &connect->h245Address); + if (ret < 0) + return -1; + } + + if (connect->options & eConnect_UUIE_fastStart) { + for (i = 0; i < connect->fastStart.count; i++) { + ret = process_olc(pskb, ct, ctinfo, data, dataoff, + &connect->fastStart.item[i]); + if (ret < 0) + return -1; + } + } + + return 0; +} + +/****************************************************************************/ +static int process_alerting(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, int dataoff, + Alerting_UUIE * alert) +{ + int ret; + int i; + + DEBUGP("ip_ct_q931: Alerting\n"); + + if (alert->options & eAlerting_UUIE_h245Address) { + ret = expect_h245(pskb, ct, ctinfo, data, dataoff, + &alert->h245Address); + if (ret < 0) + return -1; + } + + if (alert->options & eAlerting_UUIE_fastStart) { + for (i = 0; i < alert->fastStart.count; i++) { + ret = process_olc(pskb, ct, ctinfo, data, dataoff, + &alert->fastStart.item[i]); + if (ret < 0) + return -1; + } + } + + return 0; +} + +/****************************************************************************/ +static int process_information(struct sk_buff **pskb, + struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, int dataoff, + Information_UUIE * info) +{ + int ret; + int i; + + DEBUGP("ip_ct_q931: Information\n"); + + if (info->options & eInformation_UUIE_fastStart) { + for (i = 0; i < info->fastStart.count; i++) { + ret = process_olc(pskb, ct, ctinfo, data, dataoff, + &info->fastStart.item[i]); + if (ret < 0) + return -1; + } + } + + return 0; +} + +/****************************************************************************/ +static int process_facility(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, int dataoff, + Facility_UUIE * facility) +{ + int ret; + int i; + + DEBUGP("ip_ct_q931: Facility\n"); + + if (facility->options & eFacility_UUIE_h245Address) { + ret = expect_h245(pskb, ct, ctinfo, data, dataoff, + &facility->h245Address); + if (ret < 0) + return -1; + } + + if (facility->options & eFacility_UUIE_fastStart) { + for (i = 0; i < facility->fastStart.count; i++) { + ret = process_olc(pskb, ct, ctinfo, data, dataoff, + &facility->fastStart.item[i]); + if (ret < 0) + return -1; + } + } + + return 0; +} + +/****************************************************************************/ +static int process_progress(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, int dataoff, + Progress_UUIE * progress) +{ + int ret; + int i; + + DEBUGP("ip_ct_q931: Progress\n"); + + if (progress->options & eProgress_UUIE_h245Address) { + ret = expect_h245(pskb, ct, ctinfo, data, dataoff, + &progress->h245Address); + if (ret < 0) + return -1; + } + + if (progress->options & eProgress_UUIE_fastStart) { + for (i = 0; i < progress->fastStart.count; i++) { + ret = process_olc(pskb, ct, ctinfo, data, dataoff, + &progress->fastStart.item[i]); + if (ret < 0) + return -1; + } + } + + return 0; +} + +/****************************************************************************/ +static int process_q931(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, int dataoff, Q931 * q931) +{ + H323_UU_PDU *pdu = &q931->UUIE.h323_uu_pdu; + int i; + int ret = 0; + + switch (pdu->h323_message_body.choice) { + case eH323_UU_PDU_h323_message_body_setup: + ret = process_setup(pskb, ct, ctinfo, data, dataoff, + &pdu->h323_message_body.setup); + break; + case eH323_UU_PDU_h323_message_body_callProceeding: + ret = process_callproceeding(pskb, ct, ctinfo, data, dataoff, + &pdu->h323_message_body. + callProceeding); + break; + case eH323_UU_PDU_h323_message_body_connect: + ret = process_connect(pskb, ct, ctinfo, data, dataoff, + &pdu->h323_message_body.connect); + break; + case eH323_UU_PDU_h323_message_body_alerting: + ret = process_alerting(pskb, ct, ctinfo, data, dataoff, + &pdu->h323_message_body.alerting); + break; + case eH323_UU_PDU_h323_message_body_information: + ret = process_information(pskb, ct, ctinfo, data, dataoff, + &pdu->h323_message_body. + information); + break; + case eH323_UU_PDU_h323_message_body_facility: + ret = process_facility(pskb, ct, ctinfo, data, dataoff, + &pdu->h323_message_body.facility); + break; + case eH323_UU_PDU_h323_message_body_progress: + ret = process_progress(pskb, ct, ctinfo, data, dataoff, + &pdu->h323_message_body.progress); + break; + default: + DEBUGP("ip_ct_q931: Q.931 signal %d\n", + pdu->h323_message_body.choice); + break; + } + + if (ret < 0) + return -1; + + if (pdu->options & eH323_UU_PDU_h245Control) { + for (i = 0; i < pdu->h245Control.count; i++) { + ret = process_h245(pskb, ct, ctinfo, data, dataoff, + &pdu->h245Control.item[i]); + if (ret < 0) + return -1; + } + } + + return 0; +} + +/****************************************************************************/ +static int q931_help(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo) +{ + static Q931 q931; + unsigned char *data = NULL; + int datalen; + int dataoff; + int ret; + + /* Until there's been traffic both ways, don't look in packets. */ + if (ctinfo != IP_CT_ESTABLISHED + && ctinfo != IP_CT_ESTABLISHED + IP_CT_IS_REPLY) { + return NF_ACCEPT; + } + DEBUGP("ip_ct_q931: skblen = %u\n", (*pskb)->len); + + spin_lock_bh(&ip_h323_lock); + + /* Process each TPKT */ + while (get_tpkt_data(pskb, ct, ctinfo, &data, &datalen, &dataoff)) { + DEBUGP("ip_ct_q931: TPKT %u.%u.%u.%u->%u.%u.%u.%u, len=%d\n", + NIPQUAD((*pskb)->nh.iph->saddr), + NIPQUAD((*pskb)->nh.iph->daddr), datalen); + + /* Decode Q.931 signal */ + ret = DecodeQ931(data, datalen, &q931); + if (ret < 0) { + if (net_ratelimit()) + printk("ip_ct_q931: decoding error: %s\n", + ret == H323_ERROR_BOUND ? + "out of bound" : "out of range"); + /* We don't drop when decoding error */ + break; + } + + /* Process Q.931 signal */ + if (process_q931(pskb, ct, ctinfo, &data, dataoff, &q931) < 0) + goto drop; + } + + spin_unlock_bh(&ip_h323_lock); + return NF_ACCEPT; + + drop: + spin_unlock_bh(&ip_h323_lock); + if (net_ratelimit()) + printk("ip_ct_q931: packet dropped\n"); + return NF_DROP; +} + +/****************************************************************************/ +static struct ip_conntrack_helper ip_conntrack_helper_q931 = { + .name = "Q.931", + .me = THIS_MODULE, + .max_expected = H323_RTP_CHANNEL_MAX * 4 + 4 /* T.120 and H.245 */ , + .timeout = 240, + .tuple = {.src = {.u = {__constant_htons(Q931_PORT)}}, + .dst = {.protonum = IPPROTO_TCP}}, + .mask = {.src = {.u = {0xFFFF}}, + .dst = {.protonum = 0xFF}}, + .help = q931_help +}; + +/****************************************************************************/ +void ip_conntrack_q931_expect(struct ip_conntrack *new, + struct ip_conntrack_expect *this) +{ + write_lock_bh(&ip_conntrack_lock); + new->helper = &ip_conntrack_helper_q931; + write_unlock_bh(&ip_conntrack_lock); +} + +/****************************************************************************/ +static unsigned char *get_udp_data(struct sk_buff **pskb, int *datalen) +{ + struct udphdr _uh, *uh; + int dataoff; + + uh = skb_header_pointer(*pskb, (*pskb)->nh.iph->ihl * 4, sizeof(_uh), + &_uh); + if (uh == NULL) + return NULL; + dataoff = (*pskb)->nh.iph->ihl * 4 + sizeof(_uh); + if (dataoff >= (*pskb)->len) + return NULL; + *datalen = (*pskb)->len - dataoff; + return skb_header_pointer(*pskb, dataoff, *datalen, h323_buffer); +} + +/****************************************************************************/ +static struct ip_conntrack_expect *find_expect(struct ip_conntrack *ct, + u_int32_t ip, u_int16_t port) +{ + struct ip_conntrack_expect *exp; + struct ip_conntrack_tuple tuple; + + tuple.src.ip = 0; + tuple.src.u.tcp.port = 0; + tuple.dst.ip = ip; + tuple.dst.u.tcp.port = htons(port); + tuple.dst.protonum = IPPROTO_TCP; + + exp = __ip_conntrack_expect_find(&tuple); + if (exp->master == ct) + return exp; + return NULL; +} + +/****************************************************************************/ +static int set_expect_timeout(struct ip_conntrack_expect *exp, + unsigned timeout) +{ + if (!exp || !del_timer(&exp->timeout)) + return 0; + + exp->timeout.expires = jiffies + timeout * HZ; + add_timer(&exp->timeout); + + return 1; +} + +/****************************************************************************/ +static int expect_q931(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, + TransportAddress * addr, int count) +{ + struct ip_ct_h323_master *info = &ct->help.ct_h323_info; + int dir = CTINFO2DIR(ctinfo); + int ret = 0; + int i; + u_int32_t ip; + u_int16_t port; + struct ip_conntrack_expect *exp; + + /* Look for the first related address */ + for (i = 0; i < count; i++) { + if (get_h225_addr(*data, &addr[i], &ip, &port) && + ip == ct->tuplehash[dir].tuple.src.ip && port != 0) + break; + } + + if (i >= count) /* Not found */ + return 0; + + /* Create expect for Q.931 */ + if ((exp = ip_conntrack_expect_alloc(ct)) == NULL) + return -1; + exp->tuple.src.ip = gkrouted_only ? /* only accept calls from GK? */ + ct->tuplehash[!dir].tuple.src.ip : 0; + exp->tuple.src.u.tcp.port = 0; + exp->tuple.dst.ip = ct->tuplehash[!dir].tuple.dst.ip; + exp->tuple.dst.u.tcp.port = htons(port); + exp->tuple.dst.protonum = IPPROTO_TCP; + exp->mask.src.ip = gkrouted_only ? 0xFFFFFFFF : 0; + exp->mask.src.u.tcp.port = 0; + exp->mask.dst.ip = 0xFFFFFFFF; + exp->mask.dst.u.tcp.port = 0xFFFF; + exp->mask.dst.protonum = 0xFF; + exp->flags = IP_CT_EXPECT_PERMANENT; /* Accept multiple calls */ + + if (nat_q931_hook) { /* Need NAT */ + ret = nat_q931_hook(pskb, ct, ctinfo, data, addr, i, + port, exp); + } else { /* Conntrack only */ + exp->expectfn = ip_conntrack_q931_expect; + + if (ip_conntrack_expect_related(exp) == 0) { + DEBUGP("ip_ct_ras: expect Q.931 " + "%u.%u.%u.%u:%hu->%u.%u.%u.%u:%hu\n", + NIPQUAD(exp->tuple.src.ip), + ntohs(exp->tuple.src.u.tcp.port), + NIPQUAD(exp->tuple.dst.ip), + ntohs(exp->tuple.dst.u.tcp.port)); + + /* Save port for looking up expect in processing RCF */ + info->sig_port[dir] = port; + } else + ret = -1; + } + + ip_conntrack_expect_put(exp); + + return ret; +} + +/****************************************************************************/ +static int process_grq(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, GatekeeperRequest * grq) +{ + DEBUGP("ip_ct_ras: GRQ\n"); + + if (set_ras_addr_hook) /* NATed */ + return set_ras_addr_hook(pskb, ct, ctinfo, data, + &grq->rasAddress, 1); + return 0; +} + +/* Declare before using */ +static void ip_conntrack_ras_expect(struct ip_conntrack *new, + struct ip_conntrack_expect *this); + +/****************************************************************************/ +static int process_gcf(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, GatekeeperConfirm * gcf) +{ + int dir = CTINFO2DIR(ctinfo); + int ret = 0; + u_int32_t ip; + u_int16_t port; + struct ip_conntrack_expect *exp; + + DEBUGP("ip_ct_ras: GCF\n"); + + if (!get_h225_addr(*data, &gcf->rasAddress, &ip, &port)) + return 0; + + /* Registration port is the same as discovery port */ + if (ip == ct->tuplehash[dir].tuple.src.ip && + port == ntohs(ct->tuplehash[dir].tuple.src.u.udp.port)) + return 0; + + /* Avoid RAS expectation loops. A GCF is never expected. */ + if (test_bit(IPS_EXPECTED_BIT, &ct->status)) + return 0; + + /* Need new expect */ + if ((exp = ip_conntrack_expect_alloc(ct)) == NULL) + return -1; + exp->tuple.src.ip = ct->tuplehash[!dir].tuple.src.ip; + exp->tuple.src.u.tcp.port = 0; + exp->tuple.dst.ip = ip; + exp->tuple.dst.u.tcp.port = htons(port); + exp->tuple.dst.protonum = IPPROTO_UDP; + exp->mask.src.ip = 0xFFFFFFFF; + exp->mask.src.u.tcp.port = 0; + exp->mask.dst.ip = 0xFFFFFFFF; + exp->mask.dst.u.tcp.port = 0xFFFF; + exp->mask.dst.protonum = 0xFF; + exp->flags = 0; + exp->expectfn = ip_conntrack_ras_expect; + if (ip_conntrack_expect_related(exp) == 0) { + DEBUGP("ip_ct_ras: expect RAS " + "%u.%u.%u.%u:%hu->%u.%u.%u.%u:%hu\n", + NIPQUAD(exp->tuple.src.ip), + ntohs(exp->tuple.src.u.tcp.port), + NIPQUAD(exp->tuple.dst.ip), + ntohs(exp->tuple.dst.u.tcp.port)); + } else + ret = -1; + + ip_conntrack_expect_put(exp); + + return ret; +} + +/****************************************************************************/ +static int process_rrq(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, RegistrationRequest * rrq) +{ + struct ip_ct_h323_master *info = &ct->help.ct_h323_info; + int ret; + + DEBUGP("ip_ct_ras: RRQ\n"); + + ret = expect_q931(pskb, ct, ctinfo, data, + rrq->callSignalAddress.item, + rrq->callSignalAddress.count); + if (ret < 0) + return -1; + + if (set_ras_addr_hook) { + ret = set_ras_addr_hook(pskb, ct, ctinfo, data, + rrq->rasAddress.item, + rrq->rasAddress.count); + if (ret < 0) + return -1; + } + + if (rrq->options & eRegistrationRequest_timeToLive) { + DEBUGP("ip_ct_ras: RRQ TTL = %u seconds\n", rrq->timeToLive); + info->timeout = rrq->timeToLive; + } else + info->timeout = 0; + + return 0; +} + +/****************************************************************************/ +static int process_rcf(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, RegistrationConfirm * rcf) +{ + struct ip_ct_h323_master *info = &ct->help.ct_h323_info; + int dir = CTINFO2DIR(ctinfo); + int ret; + struct ip_conntrack_expect *exp; + + DEBUGP("ip_ct_ras: RCF\n"); + + if (set_sig_addr_hook) { + ret = set_sig_addr_hook(pskb, ct, ctinfo, data, + rcf->callSignalAddress.item, + rcf->callSignalAddress.count); + if (ret < 0) + return -1; + } + + if (rcf->options & eRegistrationConfirm_timeToLive) { + DEBUGP("ip_ct_ras: RCF TTL = %u seconds\n", rcf->timeToLive); + info->timeout = rcf->timeToLive; + } + + if (info->timeout > 0) { + DEBUGP + ("ip_ct_ras: set RAS connection timeout to %u seconds\n", + info->timeout); + ip_ct_refresh_acct(ct, ctinfo, NULL, info->timeout * HZ); + + /* Set expect timeout */ + read_lock_bh(&ip_conntrack_lock); + exp = find_expect(ct, ct->tuplehash[dir].tuple.dst.ip, + info->sig_port[!dir]); + if (exp) { + DEBUGP("ip_ct_ras: set Q.931 expect " + "(%u.%u.%u.%u:%hu->%u.%u.%u.%u:%hu) " + "timeout to %u seconds\n", + NIPQUAD(exp->tuple.src.ip), + ntohs(exp->tuple.src.u.tcp.port), + NIPQUAD(exp->tuple.dst.ip), + ntohs(exp->tuple.dst.u.tcp.port), + info->timeout); + set_expect_timeout(exp, info->timeout); + } + read_unlock_bh(&ip_conntrack_lock); + } + + return 0; +} + +/****************************************************************************/ +static int process_urq(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, UnregistrationRequest * urq) +{ + struct ip_ct_h323_master *info = &ct->help.ct_h323_info; + int dir = CTINFO2DIR(ctinfo); + int ret; + + DEBUGP("ip_ct_ras: URQ\n"); + + if (set_sig_addr_hook) { + ret = set_sig_addr_hook(pskb, ct, ctinfo, data, + urq->callSignalAddress.item, + urq->callSignalAddress.count); + if (ret < 0) + return -1; + } + + /* Clear old expect */ + ip_ct_remove_expectations(ct); + info->sig_port[dir] = 0; + info->sig_port[!dir] = 0; + + /* Give it 30 seconds for UCF or URJ */ + ip_ct_refresh_acct(ct, ctinfo, NULL, 30 * HZ); + + return 0; +} + +/****************************************************************************/ +static int process_arq(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, AdmissionRequest * arq) +{ + struct ip_ct_h323_master *info = &ct->help.ct_h323_info; + int dir = CTINFO2DIR(ctinfo); + u_int32_t ip; + u_int16_t port; + + DEBUGP("ip_ct_ras: ARQ\n"); + + if ((arq->options & eAdmissionRequest_destCallSignalAddress) && + get_h225_addr(*data, &arq->destCallSignalAddress, &ip, &port) && + ip == ct->tuplehash[dir].tuple.src.ip && + port == info->sig_port[dir] && set_h225_addr_hook) { + /* Answering ARQ */ + return set_h225_addr_hook(pskb, data, 0, + &arq->destCallSignalAddress, + ct->tuplehash[!dir].tuple.dst.ip, + info->sig_port[!dir]); + } + + if ((arq->options & eAdmissionRequest_srcCallSignalAddress) && + get_h225_addr(*data, &arq->srcCallSignalAddress, &ip, &port) && + ip == ct->tuplehash[dir].tuple.src.ip && set_h225_addr_hook) { + /* Calling ARQ */ + return set_h225_addr_hook(pskb, data, 0, + &arq->srcCallSignalAddress, + ct->tuplehash[!dir].tuple.dst.ip, + port); + } + + return 0; +} + +/****************************************************************************/ +static int process_acf(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, AdmissionConfirm * acf) +{ + int dir = CTINFO2DIR(ctinfo); + int ret = 0; + u_int32_t ip; + u_int16_t port; + struct ip_conntrack_expect *exp; + + DEBUGP("ip_ct_ras: ACF\n"); + + if (!get_h225_addr(*data, &acf->destCallSignalAddress, &ip, &port)) + return 0; + + if (ip == ct->tuplehash[dir].tuple.dst.ip) { /* Answering ACF */ + if (set_sig_addr_hook) + return set_sig_addr_hook(pskb, ct, ctinfo, data, + &acf->destCallSignalAddress, + 1); + return 0; + } + + /* Need new expect */ + if ((exp = ip_conntrack_expect_alloc(ct)) == NULL) + return -1; + exp->tuple.src.ip = ct->tuplehash[!dir].tuple.src.ip; + exp->tuple.src.u.tcp.port = 0; + exp->tuple.dst.ip = ip; + exp->tuple.dst.u.tcp.port = htons(port); + exp->tuple.dst.protonum = IPPROTO_TCP; + exp->mask.src.ip = 0xFFFFFFFF; + exp->mask.src.u.tcp.port = 0; + exp->mask.dst.ip = 0xFFFFFFFF; + exp->mask.dst.u.tcp.port = 0xFFFF; + exp->mask.dst.protonum = 0xFF; + exp->flags = IP_CT_EXPECT_PERMANENT; + exp->expectfn = ip_conntrack_q931_expect; + + if (ip_conntrack_expect_related(exp) == 0) { + DEBUGP("ip_ct_ras: expect Q.931 " + "%u.%u.%u.%u:%hu->%u.%u.%u.%u:%hu\n", + NIPQUAD(exp->tuple.src.ip), + ntohs(exp->tuple.src.u.tcp.port), + NIPQUAD(exp->tuple.dst.ip), + ntohs(exp->tuple.dst.u.tcp.port)); + } else + ret = -1; + + ip_conntrack_expect_put(exp); + + return ret; +} + +/****************************************************************************/ +static int process_lrq(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, LocationRequest * lrq) +{ + DEBUGP("ip_ct_ras: LRQ\n"); + + if (set_ras_addr_hook) + return set_ras_addr_hook(pskb, ct, ctinfo, data, + &lrq->replyAddress, 1); + return 0; +} + +/****************************************************************************/ +static int process_lcf(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, LocationConfirm * lcf) +{ + int dir = CTINFO2DIR(ctinfo); + int ret = 0; + u_int32_t ip; + u_int16_t port; + struct ip_conntrack_expect *exp = NULL; + + DEBUGP("ip_ct_ras: LCF\n"); + + if (!get_h225_addr(*data, &lcf->callSignalAddress, &ip, &port)) + return 0; + + /* Need new expect for call signal */ + if ((exp = ip_conntrack_expect_alloc(ct)) == NULL) + return -1; + exp->tuple.src.ip = ct->tuplehash[!dir].tuple.src.ip; + exp->tuple.src.u.tcp.port = 0; + exp->tuple.dst.ip = ip; + exp->tuple.dst.u.tcp.port = htons(port); + exp->tuple.dst.protonum = IPPROTO_TCP; + exp->mask.src.ip = 0xFFFFFFFF; + exp->mask.src.u.tcp.port = 0; + exp->mask.dst.ip = 0xFFFFFFFF; + exp->mask.dst.u.tcp.port = 0xFFFF; + exp->mask.dst.protonum = 0xFF; + exp->flags = IP_CT_EXPECT_PERMANENT; + exp->expectfn = ip_conntrack_q931_expect; + + if (ip_conntrack_expect_related(exp) == 0) { + DEBUGP("ip_ct_ras: expect Q.931 " + "%u.%u.%u.%u:%hu->%u.%u.%u.%u:%hu\n", + NIPQUAD(exp->tuple.src.ip), + ntohs(exp->tuple.src.u.tcp.port), + NIPQUAD(exp->tuple.dst.ip), + ntohs(exp->tuple.dst.u.tcp.port)); + } else + ret = -1; + + ip_conntrack_expect_put(exp); + + /* Ignore rasAddress */ + + return ret; +} + +/****************************************************************************/ +static int process_irr(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, InfoRequestResponse * irr) +{ + int ret; + + DEBUGP("ip_ct_ras: IRR\n"); + + if (set_ras_addr_hook) { + ret = set_ras_addr_hook(pskb, ct, ctinfo, data, + &irr->rasAddress, 1); + if (ret < 0) + return -1; + } + + if (set_sig_addr_hook) { + ret = set_sig_addr_hook(pskb, ct, ctinfo, data, + irr->callSignalAddress.item, + irr->callSignalAddress.count); + if (ret < 0) + return -1; + } + + return 0; +} + +/****************************************************************************/ +static int process_ras(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, RasMessage * ras) +{ + switch (ras->choice) { + case eRasMessage_gatekeeperRequest: + return process_grq(pskb, ct, ctinfo, data, + &ras->gatekeeperRequest); + case eRasMessage_gatekeeperConfirm: + return process_gcf(pskb, ct, ctinfo, data, + &ras->gatekeeperConfirm); + case eRasMessage_registrationRequest: + return process_rrq(pskb, ct, ctinfo, data, + &ras->registrationRequest); + case eRasMessage_registrationConfirm: + return process_rcf(pskb, ct, ctinfo, data, + &ras->registrationConfirm); + case eRasMessage_unregistrationRequest: + return process_urq(pskb, ct, ctinfo, data, + &ras->unregistrationRequest); + case eRasMessage_admissionRequest: + return process_arq(pskb, ct, ctinfo, data, + &ras->admissionRequest); + case eRasMessage_admissionConfirm: + return process_acf(pskb, ct, ctinfo, data, + &ras->admissionConfirm); + case eRasMessage_locationRequest: + return process_lrq(pskb, ct, ctinfo, data, + &ras->locationRequest); + case eRasMessage_locationConfirm: + return process_lcf(pskb, ct, ctinfo, data, + &ras->locationConfirm); + case eRasMessage_infoRequestResponse: + return process_irr(pskb, ct, ctinfo, data, + &ras->infoRequestResponse); + default: + DEBUGP("ip_ct_ras: RAS message %d\n", ras->choice); + break; + } + + return 0; +} + +/****************************************************************************/ +static int ras_help(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo) +{ + static RasMessage ras; + unsigned char *data; + int datalen = 0; + int ret; + + DEBUGP("ip_ct_ras: skblen = %u\n", (*pskb)->len); + + spin_lock_bh(&ip_h323_lock); + + /* Get UDP data */ + data = get_udp_data(pskb, &datalen); + if (data == NULL) + goto accept; + DEBUGP("ip_ct_ras: RAS message %u.%u.%u.%u->%u.%u.%u.%u, len=%d\n", + NIPQUAD((*pskb)->nh.iph->saddr), + NIPQUAD((*pskb)->nh.iph->daddr), datalen); + + /* Decode RAS message */ + ret = DecodeRasMessage(data, datalen, &ras); + if (ret < 0) { + if (net_ratelimit()) + printk("ip_ct_ras: decoding error: %s\n", + ret == H323_ERROR_BOUND ? + "out of bound" : "out of range"); + goto accept; + } + + /* Process RAS message */ + if (process_ras(pskb, ct, ctinfo, &data, &ras) < 0) + goto drop; + + accept: + spin_unlock_bh(&ip_h323_lock); + return NF_ACCEPT; + + drop: + spin_unlock_bh(&ip_h323_lock); + if (net_ratelimit()) + printk("ip_ct_ras: packet dropped\n"); + return NF_DROP; +} + +/****************************************************************************/ +static struct ip_conntrack_helper ip_conntrack_helper_ras = { + .name = "RAS", + .me = THIS_MODULE, + .max_expected = 32, + .timeout = 240, + .tuple = {.src = {.u = {__constant_htons(RAS_PORT)}}, + .dst = {.protonum = IPPROTO_UDP}}, + .mask = {.src = {.u = {0xFFFE}}, + .dst = {.protonum = 0xFF}}, + .help = ras_help, +}; + +/****************************************************************************/ +static void ip_conntrack_ras_expect(struct ip_conntrack *new, + struct ip_conntrack_expect *this) +{ + write_lock_bh(&ip_conntrack_lock); + new->helper = &ip_conntrack_helper_ras; + write_unlock_bh(&ip_conntrack_lock); +} + +/****************************************************************************/ +/* Not __exit - called from init() */ +static void fini(void) +{ + ip_conntrack_helper_unregister(&ip_conntrack_helper_ras); + ip_conntrack_helper_unregister(&ip_conntrack_helper_q931); + kfree(h323_buffer); + DEBUGP("ip_ct_h323: fini\n"); +} + +/****************************************************************************/ +static int __init init(void) +{ + int ret; + + h323_buffer = kmalloc(65536, GFP_KERNEL); + if (!h323_buffer) + return -ENOMEM; + if ((ret = ip_conntrack_helper_register(&ip_conntrack_helper_q931)) || + (ret = ip_conntrack_helper_register(&ip_conntrack_helper_ras))) { + fini(); + return ret; + } + + DEBUGP("ip_ct_h323: init success\n"); + return 0; +} + +/****************************************************************************/ +module_init(init); +module_exit(fini); + +EXPORT_SYMBOL(get_h245_addr); +EXPORT_SYMBOL(get_h225_addr); +EXPORT_SYMBOL(ip_conntrack_h245_expect); +EXPORT_SYMBOL(ip_conntrack_q931_expect); +EXPORT_SYMBOL(set_h245_addr_hook); +EXPORT_SYMBOL(set_h225_addr_hook); +EXPORT_SYMBOL(set_sig_addr_hook); +EXPORT_SYMBOL(set_ras_addr_hook); +EXPORT_SYMBOL(nat_rtp_rtcp_hook); +EXPORT_SYMBOL(nat_t120_hook); +EXPORT_SYMBOL(nat_h245_hook); +EXPORT_SYMBOL(nat_q931_hook); + +MODULE_AUTHOR("Jing Min Zhao <zhaojingmin@users.sourceforge.net>"); +MODULE_DESCRIPTION("H.323 connection tracking helper"); +MODULE_LICENSE("GPL"); diff --git a/net/ipv4/netfilter/ip_conntrack_helper_h323_asn1.c b/net/ipv4/netfilter/ip_conntrack_helper_h323_asn1.c new file mode 100644 index 0000000..afa5251 --- /dev/null +++ b/net/ipv4/netfilter/ip_conntrack_helper_h323_asn1.c @@ -0,0 +1,870 @@ +/**************************************************************************** + * ip_conntrack_helper_h323_asn1.c - BER and PER decoding library for H.323 + * conntrack/NAT module. + * + * Copyright (c) 2006 by Jing Min Zhao <zhaojingmin@hotmail.com> + * + * This source code is licensed under General Public License version 2. + * + * See ip_conntrack_helper_h323_asn1.h for details. + * + ****************************************************************************/ + +#ifdef __KERNEL__ +#include <linux/kernel.h> +#else +#include <stdio.h> +#endif +#include "ip_conntrack_helper_h323_asn1.h" + +/* Trace Flag */ +#ifndef H323_TRACE +#define H323_TRACE 0 +#endif + +#if H323_TRACE +#define TAB_SIZE 4 +#define IFTHEN(cond, act) if(cond){act;} +#ifdef __KERNEL__ +#define PRINT printk +#else +#define PRINT printf +#endif +#define FNAME(name) name, +#else +#define IFTHEN(cond, act) +#define PRINT(fmt, args...) +#define FNAME(name) +#endif + +/* ASN.1 Types */ +#define NUL 0 +#define BOOL 1 +#define OID 2 +#define INT 3 +#define ENUM 4 +#define BITSTR 5 +#define NUMSTR 6 +#define NUMDGT 6 +#define TBCDSTR 6 +#define OCTSTR 7 +#define PRTSTR 7 +#define IA5STR 7 +#define GENSTR 7 +#define BMPSTR 8 +#define SEQ 9 +#define SET 9 +#define SEQOF 10 +#define SETOF 10 +#define CHOICE 11 + +/* Constraint Types */ +#define FIXD 0 +/* #define BITS 1-8 */ +#define BYTE 9 +#define WORD 10 +#define CONS 11 +#define SEMI 12 +#define UNCO 13 + +/* ASN.1 Type Attributes */ +#define SKIP 0 +#define STOP 1 +#define DECODE 2 +#define EXT 4 +#define OPEN 8 +#define OPT 16 + + +/* ASN.1 Field Structure */ +typedef struct field_t { +#if H323_TRACE + char *name; +#endif + unsigned char type; + unsigned char sz; + unsigned char lb; + unsigned char ub; + unsigned short attr; + unsigned short offset; + struct field_t *fields; +} field_t; + +/* Bit Stream */ +typedef struct { + unsigned char *buf; + unsigned char *beg; + unsigned char *end; + unsigned char *cur; + unsigned bit; +} bitstr_t; + +/* Tool Functions */ +#define INC_BIT(bs) if((++bs->bit)>7){bs->cur++;bs->bit=0;} +#define INC_BITS(bs,b) if((bs->bit+=b)>7){bs->cur+=bs->bit>>3;bs->bit&=7;} +#define BYTE_ALIGN(bs) if(bs->bit){bs->cur++;bs->bit=0;} +#define CHECK_BOUND(bs,n) if(bs->cur+(n)>bs->end)return(H323_ERROR_BOUND) +static unsigned get_len(bitstr_t * bs); +static unsigned get_bit(bitstr_t * bs); +static unsigned get_bits(bitstr_t * bs, unsigned b); +static unsigned get_bitmap(bitstr_t * bs, unsigned b); +static unsigned get_uint(bitstr_t * bs, int b); + +/* Decoder Functions */ +static int decode_nul(bitstr_t * bs, field_t * f, char *base, int level); +static int decode_bool(bitstr_t * bs, field_t * f, char *base, int level); +static int decode_oid(bitstr_t * bs, field_t * f, char *base, int level); +static int decode_int(bitstr_t * bs, field_t * f, char *base, int level); +static int decode_enum(bitstr_t * bs, field_t * f, char *base, int level); +static int decode_bitstr(bitstr_t * bs, field_t * f, char *base, int level); +static int decode_numstr(bitstr_t * bs, field_t * f, char *base, int level); +static int decode_octstr(bitstr_t * bs, field_t * f, char *base, int level); +static int decode_bmpstr(bitstr_t * bs, field_t * f, char *base, int level); +static int decode_seq(bitstr_t * bs, field_t * f, char *base, int level); +static int decode_seqof(bitstr_t * bs, field_t * f, char *base, int level); +static int decode_choice(bitstr_t * bs, field_t * f, char *base, int level); + +/* Decoder Functions Vector */ +typedef int (*decoder_t) (bitstr_t *, field_t *, char *, int); +static decoder_t Decoders[] = { + decode_nul, + decode_bool, + decode_oid, + decode_int, + decode_enum, + decode_bitstr, + decode_numstr, + decode_octstr, + decode_bmpstr, + decode_seq, + decode_seqof, + decode_choice, +}; + +/**************************************************************************** + * H.323 Types + ****************************************************************************/ +#include "ip_conntrack_helper_h323_types.c" + +/**************************************************************************** + * Functions + ****************************************************************************/ +/* Assume bs is aligned && v < 16384 */ +unsigned get_len(bitstr_t * bs) +{ + unsigned v; + + v = *bs->cur++; + + if (v & 0x80) { + v &= 0x3f; + v <<= 8; + v += *bs->cur++; + } + + return v; +} + +/****************************************************************************/ +unsigned get_bit(bitstr_t * bs) +{ + unsigned b = (*bs->cur) & (0x80 >> bs->bit); + + INC_BIT(bs); + + return b; +} + +/****************************************************************************/ +/* Assume b <= 8 */ +unsigned get_bits(bitstr_t * bs, unsigned b) +{ + unsigned v, l; + + v = (*bs->cur) & (0xffU >> bs->bit); + l = b + bs->bit; + + if (l < 8) { + v >>= 8 - l; + bs->bit = l; + } else if (l == 8) { + bs->cur++; + bs->bit = 0; + } else { /* l > 8 */ + + v <<= 8; + v += *(++bs->cur); + v >>= 16 - l; + bs->bit = l - 8; + } + + return v; +} + +/****************************************************************************/ +/* Assume b <= 32 */ +unsigned get_bitmap(bitstr_t * bs, unsigned b) +{ + unsigned v, l, shift, bytes; + + if (!b) + return 0; + + l = bs->bit + b; + + if (l < 8) { + v = (unsigned) (*bs->cur) << (bs->bit + 24); + bs->bit = l; + } else if (l == 8) { + v = (unsigned) (*bs->cur++) << (bs->bit + 24); + bs->bit = 0; + } else { + for (bytes = l >> 3, shift = 24, v = 0; bytes; + bytes--, shift -= 8) + v |= (unsigned) (*bs->cur++) << shift; + + if (l < 32) { + v |= (unsigned) (*bs->cur) << shift; + v <<= bs->bit; + } else if (l > 32) { + v <<= bs->bit; + v |= (*bs->cur) >> (8 - bs->bit); + } + + bs->bit = l & 0x7; + } + + v &= 0xffffffff << (32 - b); + + return v; +} + +/**************************************************************************** + * Assume bs is aligned and sizeof(unsigned int) == 4 + ****************************************************************************/ +unsigned get_uint(bitstr_t * bs, int b) +{ + unsigned v = 0; + + switch (b) { + case 4: + v |= *bs->cur++; + v <<= 8; + case 3: + v |= *bs->cur++; + v <<= 8; + case 2: + v |= *bs->cur++; + v <<= 8; + case 1: + v |= *bs->cur++; + break; + } + return v; +} + +/****************************************************************************/ +int decode_nul(bitstr_t * bs, field_t * f, char *base, int level) +{ + PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name); + + return H323_ERROR_NONE; +} + +/****************************************************************************/ +int decode_bool(bitstr_t * bs, field_t * f, char *base, int level) +{ + PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name); + + INC_BIT(bs); + + CHECK_BOUND(bs, 0); + return H323_ERROR_NONE; +} + +/****************************************************************************/ +int decode_oid(bitstr_t * bs, field_t * f, char *base, int level) +{ + int len; + + PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name); + + BYTE_ALIGN(bs); + CHECK_BOUND(bs, 1); + len = *bs->cur++; + bs->cur += len; + + CHECK_BOUND(bs, 0); + return H323_ERROR_NONE; +} + +/****************************************************************************/ +int decode_int(bitstr_t * bs, field_t * f, char *base, int level) +{ + unsigned len; + + PRINT("%*.s%s", level * TAB_SIZE, " ", f->name); + + switch (f->sz) { + case BYTE: /* Range == 256 */ + BYTE_ALIGN(bs); + bs->cur++; + break; + case WORD: /* 257 <= Range <= 64K */ + BYTE_ALIGN(bs); + bs->cur += 2; + break; + case CONS: /* 64K < Range < 4G */ + len = get_bits(bs, 2) + 1; + BYTE_ALIGN(bs); + if (base && (f->attr & DECODE)) { /* timeToLive */ + unsigned v = get_uint(bs, len) + f->lb; + PRINT(" = %u", v); + *((unsigned *) (base + f->offset)) = v; + } + bs->cur += len; + break; + case UNCO: + BYTE_ALIGN(bs); + CHECK_BOUND(bs, 2); + len = get_len(bs); + bs->cur += len; + break; + default: /* 2 <= Range <= 255 */ + INC_BITS(bs, f->sz); + break; + } + + PRINT("\n"); + + CHECK_BOUND(bs, 0); + return H323_ERROR_NONE; +} + +/****************************************************************************/ +int decode_enum(bitstr_t * bs, field_t * f, char *base, int level) +{ + PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name); + + if ((f->attr & EXT) && get_bit(bs)) { + INC_BITS(bs, 7); + } else { + INC_BITS(bs, f->sz); + } + + CHECK_BOUND(bs, 0); + return H323_ERROR_NONE; +} + +/****************************************************************************/ +int decode_bitstr(bitstr_t * bs, field_t * f, char *base, int level) +{ + unsigned len; + + PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name); + + BYTE_ALIGN(bs); + switch (f->sz) { + case FIXD: /* fixed length > 16 */ + len = f->lb; + break; + case WORD: /* 2-byte length */ + CHECK_BOUND(bs, 2); + len = (*bs->cur++) << 8; + len += (*bs->cur++) + f->lb; + break; + case SEMI: + CHECK_BOUND(bs, 2); + len = get_len(bs); + break; + default: + len = 0; + break; + } + + bs->cur += len >> 3; + bs->bit = len & 7; + + CHECK_BOUND(bs, 0); + return H323_ERROR_NONE; +} + +/****************************************************************************/ +int decode_numstr(bitstr_t * bs, field_t * f, char *base, int level) +{ + unsigned len; + + PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name); + + /* 2 <= Range <= 255 */ + len = get_bits(bs, f->sz) + f->lb; + + BYTE_ALIGN(bs); + INC_BITS(bs, (len << 2)); + + CHECK_BOUND(bs, 0); + return H323_ERROR_NONE; +} + +/****************************************************************************/ +int decode_octstr(bitstr_t * bs, field_t * f, char *base, int level) +{ + unsigned len; + + PRINT("%*.s%s", level * TAB_SIZE, " ", f->name); + + switch (f->sz) { + case FIXD: /* Range == 1 */ + if (f->lb > 2) { + BYTE_ALIGN(bs); + if (base && (f->attr & DECODE)) { + /* The IP Address */ + IFTHEN(f->lb == 4, + PRINT(" = %d.%d.%d.%d:%d", + bs->cur[0], bs->cur[1], + bs->cur[2], bs->cur[3], + bs->cur[4] * 256 + bs->cur[5])); + *((unsigned *) (base + f->offset)) = + bs->cur - bs->buf; + } + } + len = f->lb; + break; + case BYTE: /* Range == 256 */ + BYTE_ALIGN(bs); + CHECK_BOUND(bs, 1); + len = (*bs->cur++) + f->lb; + break; + case SEMI: + BYTE_ALIGN(bs); + CHECK_BOUND(bs, 2); + len = get_len(bs) + f->lb; + break; + default: /* 2 <= Range <= 255 */ + len = get_bits(bs, f->sz) + f->lb; + BYTE_ALIGN(bs); + break; + } + + bs->cur += len; + + PRINT("\n"); + + CHECK_BOUND(bs, 0); + return H323_ERROR_NONE; +} + +/****************************************************************************/ +int decode_bmpstr(bitstr_t * bs, field_t * f, char *base, int level) +{ + unsigned len; + + PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name); + + switch (f->sz) { + case BYTE: /* Range == 256 */ + BYTE_ALIGN(bs); + CHECK_BOUND(bs, 1); + len = (*bs->cur++) + f->lb; + break; + default: /* 2 <= Range <= 255 */ + len = get_bits(bs, f->sz) + f->lb; + BYTE_ALIGN(bs); + break; + } + + bs->cur += len << 1; + + CHECK_BOUND(bs, 0); + return H323_ERROR_NONE; +} + +/****************************************************************************/ +int decode_seq(bitstr_t * bs, field_t * f, char *base, int level) +{ + unsigned ext, bmp, i, opt, len = 0, bmp2, bmp2_len; + int err; + field_t *son; + unsigned char *beg = NULL; + + PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name); + + /* Decode? */ + base = (base && (f->attr & DECODE)) ? base + f->offset : NULL; + + /* Extensible? */ + ext = (f->attr & EXT) ? get_bit(bs) : 0; + + /* Get fields bitmap */ + bmp = get_bitmap(bs, f->sz); + if (base) + *(unsigned *) base = bmp; + + /* Decode the root components */ + for (i = opt = 0, son = f->fields; i < f->lb; i++, son++) { + if (son->attr & STOP) { + PRINT("%*.s%s\n", (level + 1) * TAB_SIZE, " ", + son->name); + return H323_ERROR_STOP; + } + + if (son->attr & OPT) { /* Optional component */ + if (!((0x80000000U >> (opt++)) & bmp)) /* Not exist */ + continue; + } + + /* Decode */ + if (son->attr & OPEN) { /* Open field */ + CHECK_BOUND(bs, 2); + len = get_len(bs); + CHECK_BOUND(bs, len); + if (!base) { + PRINT("%*.s%s\n", (level + 1) * TAB_SIZE, + " ", son->name); + bs->cur += len; + continue; + } + beg = bs->cur; + + /* Decode */ + if ((err = (Decoders[son->type]) (bs, son, base, + level + 1)) > + H323_ERROR_STOP) + return err; + + bs->cur = beg + len; + bs->bit = 0; + } else if ((err = (Decoders[son->type]) (bs, son, base, + level + 1))) + return err; + } + + /* No extension? */ + if (!ext) + return H323_ERROR_NONE; + + /* Get the extension bitmap */ + bmp2_len = get_bits(bs, 7) + 1; + CHECK_BOUND(bs, (bmp2_len + 7) >> 3); + bmp2 = get_bitmap(bs, bmp2_len); + bmp |= bmp2 >> f->sz; + if (base) + *(unsigned *) base = bmp; + BYTE_ALIGN(bs); + + /* Decode the extension components */ + for (opt = 0; opt < bmp2_len; opt++, i++, son++) { + if (son->attr & STOP) { + PRINT("%*.s%s\n", (level + 1) * TAB_SIZE, " ", + son->name); + return H323_ERROR_STOP; + } + + if (!((0x80000000 >> opt) & bmp2)) /* Not present */ + continue; + + /* Check Range */ + if (i >= f->ub) { /* Newer Version? */ + CHECK_BOUND(bs, 2); + len = get_len(bs); + CHECK_BOUND(bs, len); + bs->cur += len; + continue; + } + + CHECK_BOUND(bs, 2); + len = get_len(bs); + CHECK_BOUND(bs, len); + if (!base || !(son->attr & DECODE)) { + PRINT("%*.s%s\n", (level + 1) * TAB_SIZE, " ", + son->name); + bs->cur += len; + continue; + } + beg = bs->cur; + + if ((err = (Decoders[son->type]) (bs, son, base, + level + 1)) > + H323_ERROR_STOP) + return err; + + bs->cur = beg + len; + bs->bit = 0; + } + return H323_ERROR_NONE; +} + +/****************************************************************************/ +int decode_seqof(bitstr_t * bs, field_t * f, char *base, int level) +{ + unsigned count, effective_count = 0, i, len = 0; + int err; + field_t *son; + unsigned char *beg = NULL; + + PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name); + + /* Decode? */ + base = (base && (f->attr & DECODE)) ? base + f->offset : NULL; + + /* Decode item count */ + switch (f->sz) { + case BYTE: + BYTE_ALIGN(bs); + CHECK_BOUND(bs, 1); + count = *bs->cur++; + break; + case WORD: + BYTE_ALIGN(bs); + CHECK_BOUND(bs, 2); + count = *bs->cur++; + count <<= 8; + count = *bs->cur++; + break; + case SEMI: + BYTE_ALIGN(bs); + CHECK_BOUND(bs, 2); + count = get_len(bs); + break; + default: + count = get_bits(bs, f->sz); + break; + } + count += f->lb; + + /* Write Count */ + if (base) { + effective_count = count > f->ub ? f->ub : count; + *(unsigned *) base = effective_count; + base += sizeof(unsigned); + } + + /* Decode nested field */ + son = f->fields; + if (base) + base -= son->offset; + for (i = 0; i < count; i++) { + if (son->attr & OPEN) { + BYTE_ALIGN(bs); + len = get_len(bs); + CHECK_BOUND(bs, len); + if (!base || !(son->attr & DECODE)) { + PRINT("%*.s%s\n", (level + 1) * TAB_SIZE, + " ", son->name); + bs->cur += len; + continue; + } + beg = bs->cur; + + if ((err = (Decoders[son->type]) (bs, son, + i < + effective_count ? + base : NULL, + level + 1)) > + H323_ERROR_STOP) + return err; + + bs->cur = beg + len; + bs->bit = 0; + } else + if ((err = (Decoders[son->type]) (bs, son, + i < effective_count ? + base : NULL, + level + 1))) + return err; + + if (base) + base += son->offset; + } + + return H323_ERROR_NONE; +} + + +/****************************************************************************/ +int decode_choice(bitstr_t * bs, field_t * f, char *base, int level) +{ + unsigned type, ext, len = 0; + int err; + field_t *son; + unsigned char *beg = NULL; + + PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name); + + /* Decode? */ + base = (base && (f->attr & DECODE)) ? base + f->offset : NULL; + + /* Decode the choice index number */ + if ((f->attr & EXT) && get_bit(bs)) { + ext = 1; + type = get_bits(bs, 7) + f->lb; + } else { + ext = 0; + type = get_bits(bs, f->sz); + } + + /* Check Range */ + if (type >= f->ub) { /* Newer version? */ + BYTE_ALIGN(bs); + len = get_len(bs); + CHECK_BOUND(bs, len); + bs->cur += len; + return H323_ERROR_NONE; + } + + /* Write Type */ + if (base) + *(unsigned *) base = type; + + /* Transfer to son level */ + son = &f->fields[type]; + if (son->attr & STOP) { + PRINT("%*.s%s\n", (level + 1) * TAB_SIZE, " ", son->name); + return H323_ERROR_STOP; + } + + if (ext || (son->attr & OPEN)) { + BYTE_ALIGN(bs); + len = get_len(bs); + CHECK_BOUND(bs, len); + if (!base || !(son->attr & DECODE)) { + PRINT("%*.s%s\n", (level + 1) * TAB_SIZE, " ", + son->name); + bs->cur += len; + return H323_ERROR_NONE; + } + beg = bs->cur; + + if ((err = (Decoders[son->type]) (bs, son, base, level + 1)) > + H323_ERROR_STOP) + return err; + + bs->cur = beg + len; + bs->bit = 0; + } else if ((err = (Decoders[son->type]) (bs, son, base, level + 1))) + return err; + + return H323_ERROR_NONE; +} + +/****************************************************************************/ +int DecodeRasMessage(unsigned char *buf, size_t sz, RasMessage * ras) +{ + static field_t ras_message = { + FNAME("RasMessage") CHOICE, 5, 24, 32, DECODE | EXT, + 0, _RasMessage + }; + bitstr_t bs; + + bs.buf = bs.beg = bs.cur = buf; + bs.end = buf + sz; + bs.bit = 0; + + return decode_choice(&bs, &ras_message, (char *) ras, 0); +} + +/****************************************************************************/ +static int DecodeH323_UserInformation(unsigned char *buf, unsigned char *beg, + size_t sz, H323_UserInformation * uuie) +{ + static field_t h323_userinformation = { + FNAME("H323-UserInformation") SEQ, 1, 2, 2, DECODE | EXT, + 0, _H323_UserInformation + }; + bitstr_t bs; + + bs.buf = buf; + bs.beg = bs.cur = beg; + bs.end = beg + sz; + bs.bit = 0; + + return decode_seq(&bs, &h323_userinformation, (char *) uuie, 0); +} + +/****************************************************************************/ +int DecodeMultimediaSystemControlMessage(unsigned char *buf, size_t sz, + MultimediaSystemControlMessage * + mscm) +{ + static field_t multimediasystemcontrolmessage = { + FNAME("MultimediaSystemControlMessage") CHOICE, 2, 4, 4, + DECODE | EXT, 0, _MultimediaSystemControlMessage + }; + bitstr_t bs; + + bs.buf = bs.beg = bs.cur = buf; + bs.end = buf + sz; + bs.bit = 0; + + return decode_choice(&bs, &multimediasystemcontrolmessage, + (char *) mscm, 0); +} + +/****************************************************************************/ +int DecodeQ931(unsigned char *buf, size_t sz, Q931 * q931) +{ + unsigned char *p = buf; + int len; + + if (!p || sz < 1) + return H323_ERROR_BOUND; + + /* Protocol Discriminator */ + if (*p != 0x08) { + PRINT("Unknown Protocol Discriminator\n"); + return H323_ERROR_RANGE; + } + p++; + sz--; + + /* CallReferenceValue */ + if (sz < 1) + return H323_ERROR_BOUND; + len = *p++; + sz--; + if (sz < len) + return H323_ERROR_BOUND; + p += len; + sz -= len; + + /* Message Type */ + if (sz < 1) + return H323_ERROR_BOUND; + q931->MessageType = *p++; + PRINT("MessageType = %02X\n", q931->MessageType); + if (*p & 0x80) { + p++; + sz--; + } + + /* Decode Information Elements */ + while (sz > 0) { + if (*p == 0x7e) { /* UserUserIE */ + if (sz < 3) + break; + p++; + len = *p++ << 8; + len |= *p++; + sz -= 3; + if (sz < len) + break; + p++; + len--; + return DecodeH323_UserInformation(buf, p, len, + &q931->UUIE); + } + p++; + sz--; + if (sz < 1) + break; + len = *p++; + if (sz < len) + break; + p += len; + sz -= len; + } + + PRINT("Q.931 UUIE not found\n"); + + return H323_ERROR_BOUND; +} diff --git a/net/ipv4/netfilter/ip_conntrack_helper_h323_asn1.h b/net/ipv4/netfilter/ip_conntrack_helper_h323_asn1.h new file mode 100644 index 0000000..0bd8280 --- /dev/null +++ b/net/ipv4/netfilter/ip_conntrack_helper_h323_asn1.h @@ -0,0 +1,98 @@ +/**************************************************************************** + * ip_conntrack_helper_h323_asn1.h - BER and PER decoding library for H.323 + * conntrack/NAT module. + * + * Copyright (c) 2006 by Jing Min Zhao <zhaojingmin@hotmail.com> + * + * This source code is licensed under General Public License version 2. + * + * + * This library is based on H.225 version 4, H.235 version 2 and H.245 + * version 7. It is extremely optimized to decode only the absolutely + * necessary objects in a signal for Linux kernel NAT module use, so don't + * expect it to be a full ASN.1 library. + * + * Features: + * + * 1. Small. The total size of code plus data is less than 20 KB (IA32). + * 2. Fast. Decoding Netmeeting's Setup signal 1 million times on a PIII 866 + * takes only 3.9 seconds. + * 3. No memory allocation. It uses a static object. No need to initialize or + * cleanup. + * 4. Thread safe. + * 5. Support embedded architectures that has no misaligned memory access + * support. + * + * Limitations: + * + * 1. At most 30 faststart entries. Actually this is limited by ethernet's MTU. + * If a Setup signal contains more than 30 faststart, the packet size will + * very likely exceed the MTU size, then the TPKT will be fragmented. I + * don't know how to handle this in a Netfilter module. Anybody can help? + * Although I think 30 is enough for most of the cases. + * 2. IPv4 addresses only. + * + ****************************************************************************/ + +#ifndef _IP_CONNTRACK_HELPER_H323_ASN1_H_ +#define _IP_CONNTRACK_HELPER_H323_ASN1_H_ + +/***************************************************************************** + * H.323 Types + ****************************************************************************/ +#include "ip_conntrack_helper_h323_types.h" + +typedef struct { + enum { + Q931_NationalEscape = 0x00, + Q931_Alerting = 0x01, + Q931_CallProceeding = 0x02, + Q931_Connect = 0x07, + Q931_ConnectAck = 0x0F, + Q931_Progress = 0x03, + Q931_Setup = 0x05, + Q931_SetupAck = 0x0D, + Q931_Resume = 0x26, + Q931_ResumeAck = 0x2E, + Q931_ResumeReject = 0x22, + Q931_Suspend = 0x25, + Q931_SuspendAck = 0x2D, + Q931_SuspendReject = 0x21, + Q931_UserInformation = 0x20, + Q931_Disconnect = 0x45, + Q931_Release = 0x4D, + Q931_ReleaseComplete = 0x5A, + Q931_Restart = 0x46, + Q931_RestartAck = 0x4E, + Q931_Segment = 0x60, + Q931_CongestionCtrl = 0x79, + Q931_Information = 0x7B, + Q931_Notify = 0x6E, + Q931_Status = 0x7D, + Q931_StatusEnquiry = 0x75, + Q931_Facility = 0x62 + } MessageType; + H323_UserInformation UUIE; +} Q931; + +/***************************************************************************** + * Decode Functions Return Codes + ****************************************************************************/ + +#define H323_ERROR_NONE 0 /* Decoded successfully */ +#define H323_ERROR_STOP 1 /* Decoding stopped, not really an error */ +#define H323_ERROR_BOUND -1 +#define H323_ERROR_RANGE -2 + + +/***************************************************************************** + * Decode Functions + ****************************************************************************/ + +int DecodeRasMessage(unsigned char *buf, size_t sz, RasMessage * ras); +int DecodeQ931(unsigned char *buf, size_t sz, Q931 * q931); +int DecodeMultimediaSystemControlMessage(unsigned char *buf, size_t sz, + MultimediaSystemControlMessage * + mscm); + +#endif diff --git a/net/ipv4/netfilter/ip_conntrack_helper_h323_types.c b/net/ipv4/netfilter/ip_conntrack_helper_h323_types.c new file mode 100644 index 0000000..022c47b --- /dev/null +++ b/net/ipv4/netfilter/ip_conntrack_helper_h323_types.c @@ -0,0 +1,1926 @@ +/* Generated by Jing Min Zhao's ASN.1 parser, Mar 15 2006 + * + * Copyright (c) 2006 Jing Min Zhao <zhaojingmin@users.sourceforge.net> + * + * This source code is licensed under General Public License version 2. + */ + +static field_t _TransportAddress_ipAddress[] = { /* SEQUENCE */ + {FNAME("ip") OCTSTR, FIXD, 4, 0, DECODE, + offsetof(TransportAddress_ipAddress, ip), NULL}, + {FNAME("port") INT, WORD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _TransportAddress_ipSourceRoute_route[] = { /* SEQUENCE OF */ + {FNAME("item") OCTSTR, FIXD, 4, 0, SKIP, 0, NULL}, +}; + +static field_t _TransportAddress_ipSourceRoute_routing[] = { /* CHOICE */ + {FNAME("strict") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("loose") NUL, FIXD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _TransportAddress_ipSourceRoute[] = { /* SEQUENCE */ + {FNAME("ip") OCTSTR, FIXD, 4, 0, SKIP, 0, NULL}, + {FNAME("port") INT, WORD, 0, 0, SKIP, 0, NULL}, + {FNAME("route") SEQOF, SEMI, 0, 0, SKIP, 0, + _TransportAddress_ipSourceRoute_route}, + {FNAME("routing") CHOICE, 1, 2, 2, SKIP | EXT, 0, + _TransportAddress_ipSourceRoute_routing}, +}; + +static field_t _TransportAddress_ipxAddress[] = { /* SEQUENCE */ + {FNAME("node") OCTSTR, FIXD, 6, 0, SKIP, 0, NULL}, + {FNAME("netnum") OCTSTR, FIXD, 4, 0, SKIP, 0, NULL}, + {FNAME("port") OCTSTR, FIXD, 2, 0, SKIP, 0, NULL}, +}; + +static field_t _TransportAddress_ip6Address[] = { /* SEQUENCE */ + {FNAME("ip") OCTSTR, FIXD, 16, 0, SKIP, 0, NULL}, + {FNAME("port") INT, WORD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _H221NonStandard[] = { /* SEQUENCE */ + {FNAME("t35CountryCode") INT, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("t35Extension") INT, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("manufacturerCode") INT, WORD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _NonStandardIdentifier[] = { /* CHOICE */ + {FNAME("object") OID, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("h221NonStandard") SEQ, 0, 3, 3, SKIP | EXT, 0, + _H221NonStandard}, +}; + +static field_t _NonStandardParameter[] = { /* SEQUENCE */ + {FNAME("nonStandardIdentifier") CHOICE, 1, 2, 2, SKIP | EXT, 0, + _NonStandardIdentifier}, + {FNAME("data") OCTSTR, SEMI, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _TransportAddress[] = { /* CHOICE */ + {FNAME("ipAddress") SEQ, 0, 2, 2, DECODE, + offsetof(TransportAddress, ipAddress), _TransportAddress_ipAddress}, + {FNAME("ipSourceRoute") SEQ, 0, 4, 4, SKIP | EXT, 0, + _TransportAddress_ipSourceRoute}, + {FNAME("ipxAddress") SEQ, 0, 3, 3, SKIP, 0, + _TransportAddress_ipxAddress}, + {FNAME("ip6Address") SEQ, 0, 2, 2, SKIP | EXT, 0, + _TransportAddress_ip6Address}, + {FNAME("netBios") OCTSTR, FIXD, 16, 0, SKIP, 0, NULL}, + {FNAME("nsap") OCTSTR, 5, 1, 0, SKIP, 0, NULL}, + {FNAME("nonStandardAddress") SEQ, 0, 2, 2, SKIP, 0, + _NonStandardParameter}, +}; + +static field_t _AliasAddress[] = { /* CHOICE */ + {FNAME("dialedDigits") NUMDGT, 7, 1, 0, SKIP, 0, NULL}, + {FNAME("h323-ID") BMPSTR, BYTE, 1, 0, SKIP, 0, NULL}, + {FNAME("url-ID") IA5STR, WORD, 1, 0, SKIP, 0, NULL}, + {FNAME("transportID") CHOICE, 3, 7, 7, SKIP | EXT, 0, NULL}, + {FNAME("email-ID") IA5STR, WORD, 1, 0, SKIP, 0, NULL}, + {FNAME("partyNumber") CHOICE, 3, 5, 5, SKIP | EXT, 0, NULL}, + {FNAME("mobileUIM") CHOICE, 1, 2, 2, SKIP | EXT, 0, NULL}, +}; + +static field_t _Setup_UUIE_sourceAddress[] = { /* SEQUENCE OF */ + {FNAME("item") CHOICE, 1, 2, 7, SKIP | EXT, 0, _AliasAddress}, +}; + +static field_t _VendorIdentifier[] = { /* SEQUENCE */ + {FNAME("vendor") SEQ, 0, 3, 3, SKIP | EXT, 0, _H221NonStandard}, + {FNAME("productId") OCTSTR, BYTE, 1, 0, SKIP | OPT, 0, NULL}, + {FNAME("versionId") OCTSTR, BYTE, 1, 0, SKIP | OPT, 0, NULL}, +}; + +static field_t _GatekeeperInfo[] = { /* SEQUENCE */ + {FNAME("nonStandardData") SEQ, 0, 2, 2, SKIP | OPT, 0, + _NonStandardParameter}, +}; + +static field_t _H310Caps[] = { /* SEQUENCE */ + {FNAME("nonStandardData") SEQ, 0, 2, 2, SKIP | OPT, 0, + _NonStandardParameter}, + {FNAME("dataRatesSupported") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("supportedPrefixes") SEQOF, SEMI, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _H320Caps[] = { /* SEQUENCE */ + {FNAME("nonStandardData") SEQ, 0, 2, 2, SKIP | OPT, 0, + _NonStandardParameter}, + {FNAME("dataRatesSupported") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("supportedPrefixes") SEQOF, SEMI, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _H321Caps[] = { /* SEQUENCE */ + {FNAME("nonStandardData") SEQ, 0, 2, 2, SKIP | OPT, 0, + _NonStandardParameter}, + {FNAME("dataRatesSupported") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("supportedPrefixes") SEQOF, SEMI, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _H322Caps[] = { /* SEQUENCE */ + {FNAME("nonStandardData") SEQ, 0, 2, 2, SKIP | OPT, 0, + _NonStandardParameter}, + {FNAME("dataRatesSupported") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("supportedPrefixes") SEQOF, SEMI, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _H323Caps[] = { /* SEQUENCE */ + {FNAME("nonStandardData") SEQ, 0, 2, 2, SKIP | OPT, 0, + _NonStandardParameter}, + {FNAME("dataRatesSupported") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("supportedPrefixes") SEQOF, SEMI, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _H324Caps[] = { /* SEQUENCE */ + {FNAME("nonStandardData") SEQ, 0, 2, 2, SKIP | OPT, 0, + _NonStandardParameter}, + {FNAME("dataRatesSupported") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("supportedPrefixes") SEQOF, SEMI, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _VoiceCaps[] = { /* SEQUENCE */ + {FNAME("nonStandardData") SEQ, 0, 2, 2, SKIP | OPT, 0, + _NonStandardParameter}, + {FNAME("dataRatesSupported") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("supportedPrefixes") SEQOF, SEMI, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _T120OnlyCaps[] = { /* SEQUENCE */ + {FNAME("nonStandardData") SEQ, 0, 2, 2, SKIP | OPT, 0, + _NonStandardParameter}, + {FNAME("dataRatesSupported") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("supportedPrefixes") SEQOF, SEMI, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _SupportedProtocols[] = { /* CHOICE */ + {FNAME("nonStandardData") SEQ, 0, 2, 2, SKIP, 0, + _NonStandardParameter}, + {FNAME("h310") SEQ, 1, 1, 3, SKIP | EXT, 0, _H310Caps}, + {FNAME("h320") SEQ, 1, 1, 3, SKIP | EXT, 0, _H320Caps}, + {FNAME("h321") SEQ, 1, 1, 3, SKIP | EXT, 0, _H321Caps}, + {FNAME("h322") SEQ, 1, 1, 3, SKIP | EXT, 0, _H322Caps}, + {FNAME("h323") SEQ, 1, 1, 3, SKIP | EXT, 0, _H323Caps}, + {FNAME("h324") SEQ, 1, 1, 3, SKIP | EXT, 0, _H324Caps}, + {FNAME("voice") SEQ, 1, 1, 3, SKIP | EXT, 0, _VoiceCaps}, + {FNAME("t120-only") SEQ, 1, 1, 3, SKIP | EXT, 0, _T120OnlyCaps}, + {FNAME("nonStandardProtocol") SEQ, 2, 3, 3, SKIP | EXT, 0, NULL}, + {FNAME("t38FaxAnnexbOnly") SEQ, 2, 5, 5, SKIP | EXT, 0, NULL}, +}; + +static field_t _GatewayInfo_protocol[] = { /* SEQUENCE OF */ + {FNAME("item") CHOICE, 4, 9, 11, SKIP | EXT, 0, _SupportedProtocols}, +}; + +static field_t _GatewayInfo[] = { /* SEQUENCE */ + {FNAME("protocol") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, + _GatewayInfo_protocol}, + {FNAME("nonStandardData") SEQ, 0, 2, 2, SKIP | OPT, 0, + _NonStandardParameter}, +}; + +static field_t _McuInfo[] = { /* SEQUENCE */ + {FNAME("nonStandardData") SEQ, 0, 2, 2, SKIP | OPT, 0, + _NonStandardParameter}, + {FNAME("protocol") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, +}; + +static field_t _TerminalInfo[] = { /* SEQUENCE */ + {FNAME("nonStandardData") SEQ, 0, 2, 2, SKIP | OPT, 0, + _NonStandardParameter}, +}; + +static field_t _EndpointType[] = { /* SEQUENCE */ + {FNAME("nonStandardData") SEQ, 0, 2, 2, SKIP | OPT, 0, + _NonStandardParameter}, + {FNAME("vendor") SEQ, 2, 3, 3, SKIP | EXT | OPT, 0, + _VendorIdentifier}, + {FNAME("gatekeeper") SEQ, 1, 1, 1, SKIP | EXT | OPT, 0, + _GatekeeperInfo}, + {FNAME("gateway") SEQ, 2, 2, 2, SKIP | EXT | OPT, 0, _GatewayInfo}, + {FNAME("mcu") SEQ, 1, 1, 2, SKIP | EXT | OPT, 0, _McuInfo}, + {FNAME("terminal") SEQ, 1, 1, 1, SKIP | EXT | OPT, 0, _TerminalInfo}, + {FNAME("mc") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("undefinedNode") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("set") BITSTR, FIXD, 32, 0, SKIP | OPT, 0, NULL}, + {FNAME("supportedTunnelledProtocols") SEQOF, SEMI, 0, 0, SKIP | OPT, + 0, NULL}, +}; + +static field_t _Setup_UUIE_destinationAddress[] = { /* SEQUENCE OF */ + {FNAME("item") CHOICE, 1, 2, 7, SKIP | EXT, 0, _AliasAddress}, +}; + +static field_t _Setup_UUIE_destExtraCallInfo[] = { /* SEQUENCE OF */ + {FNAME("item") CHOICE, 1, 2, 7, SKIP | EXT, 0, _AliasAddress}, +}; + +static field_t _Setup_UUIE_destExtraCRV[] = { /* SEQUENCE OF */ + {FNAME("item") INT, WORD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _Setup_UUIE_conferenceGoal[] = { /* CHOICE */ + {FNAME("create") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("join") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("invite") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("capability-negotiation") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("callIndependentSupplementaryService") NUL, FIXD, 0, 0, SKIP, + 0, NULL}, +}; + +static field_t _Q954Details[] = { /* SEQUENCE */ + {FNAME("conferenceCalling") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("threePartyService") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _QseriesOptions[] = { /* SEQUENCE */ + {FNAME("q932Full") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("q951Full") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("q952Full") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("q953Full") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("q955Full") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("q956Full") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("q957Full") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("q954Info") SEQ, 0, 2, 2, SKIP | EXT, 0, _Q954Details}, +}; + +static field_t _CallType[] = { /* CHOICE */ + {FNAME("pointToPoint") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("oneToN") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("nToOne") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("nToN") NUL, FIXD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _H245_NonStandardIdentifier_h221NonStandard[] = { /* SEQUENCE */ + {FNAME("t35CountryCode") INT, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("t35Extension") INT, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("manufacturerCode") INT, WORD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _H245_NonStandardIdentifier[] = { /* CHOICE */ + {FNAME("object") OID, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("h221NonStandard") SEQ, 0, 3, 3, SKIP, 0, + _H245_NonStandardIdentifier_h221NonStandard}, +}; + +static field_t _H245_NonStandardParameter[] = { /* SEQUENCE */ + {FNAME("nonStandardIdentifier") CHOICE, 1, 2, 2, SKIP, 0, + _H245_NonStandardIdentifier}, + {FNAME("data") OCTSTR, SEMI, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _H261VideoCapability[] = { /* SEQUENCE */ + {FNAME("qcifMPI") INT, 2, 1, 0, SKIP | OPT, 0, NULL}, + {FNAME("cifMPI") INT, 2, 1, 0, SKIP | OPT, 0, NULL}, + {FNAME("temporalSpatialTradeOffCapability") BOOL, FIXD, 0, 0, SKIP, 0, + NULL}, + {FNAME("maxBitRate") INT, WORD, 1, 0, SKIP, 0, NULL}, + {FNAME("stillImageTransmission") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("videoBadMBsCap") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _H262VideoCapability[] = { /* SEQUENCE */ + {FNAME("profileAndLevel-SPatML") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("profileAndLevel-MPatLL") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("profileAndLevel-MPatML") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("profileAndLevel-MPatH-14") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("profileAndLevel-MPatHL") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("profileAndLevel-SNRatLL") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("profileAndLevel-SNRatML") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("profileAndLevel-SpatialatH-14") BOOL, FIXD, 0, 0, SKIP, 0, + NULL}, + {FNAME("profileAndLevel-HPatML") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("profileAndLevel-HPatH-14") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("profileAndLevel-HPatHL") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("videoBitRate") INT, CONS, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("vbvBufferSize") INT, CONS, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("samplesPerLine") INT, WORD, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("linesPerFrame") INT, WORD, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("framesPerSecond") INT, 4, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("luminanceSampleRate") INT, CONS, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("videoBadMBsCap") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _H263VideoCapability[] = { /* SEQUENCE */ + {FNAME("sqcifMPI") INT, 5, 1, 0, SKIP | OPT, 0, NULL}, + {FNAME("qcifMPI") INT, 5, 1, 0, SKIP | OPT, 0, NULL}, + {FNAME("cifMPI") INT, 5, 1, 0, SKIP | OPT, 0, NULL}, + {FNAME("cif4MPI") INT, 5, 1, 0, SKIP | OPT, 0, NULL}, + {FNAME("cif16MPI") INT, 5, 1, 0, SKIP | OPT, 0, NULL}, + {FNAME("maxBitRate") INT, CONS, 1, 0, SKIP, 0, NULL}, + {FNAME("unrestrictedVector") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("arithmeticCoding") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("advancedPrediction") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("pbFrames") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("temporalSpatialTradeOffCapability") BOOL, FIXD, 0, 0, SKIP, 0, + NULL}, + {FNAME("hrd-B") INT, CONS, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("bppMaxKb") INT, WORD, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("slowSqcifMPI") INT, WORD, 1, 0, SKIP | OPT, 0, NULL}, + {FNAME("slowQcifMPI") INT, WORD, 1, 0, SKIP | OPT, 0, NULL}, + {FNAME("slowCifMPI") INT, WORD, 1, 0, SKIP | OPT, 0, NULL}, + {FNAME("slowCif4MPI") INT, WORD, 1, 0, SKIP | OPT, 0, NULL}, + {FNAME("slowCif16MPI") INT, WORD, 1, 0, SKIP | OPT, 0, NULL}, + {FNAME("errorCompensation") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("enhancementLayerInfo") SEQ, 3, 4, 4, SKIP | EXT | OPT, 0, + NULL}, + {FNAME("h263Options") SEQ, 5, 29, 31, SKIP | EXT | OPT, 0, NULL}, +}; + +static field_t _IS11172VideoCapability[] = { /* SEQUENCE */ + {FNAME("constrainedBitstream") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("videoBitRate") INT, CONS, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("vbvBufferSize") INT, CONS, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("samplesPerLine") INT, WORD, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("linesPerFrame") INT, WORD, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("pictureRate") INT, 4, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("luminanceSampleRate") INT, CONS, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("videoBadMBsCap") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _VideoCapability[] = { /* CHOICE */ + {FNAME("nonStandard") SEQ, 0, 2, 2, SKIP, 0, + _H245_NonStandardParameter}, + {FNAME("h261VideoCapability") SEQ, 2, 5, 6, SKIP | EXT, 0, + _H261VideoCapability}, + {FNAME("h262VideoCapability") SEQ, 6, 17, 18, SKIP | EXT, 0, + _H262VideoCapability}, + {FNAME("h263VideoCapability") SEQ, 7, 13, 21, SKIP | EXT, 0, + _H263VideoCapability}, + {FNAME("is11172VideoCapability") SEQ, 6, 7, 8, SKIP | EXT, 0, + _IS11172VideoCapability}, + {FNAME("genericVideoCapability") SEQ, 5, 6, 6, SKIP | EXT, 0, NULL}, +}; + +static field_t _AudioCapability_g7231[] = { /* SEQUENCE */ + {FNAME("maxAl-sduAudioFrames") INT, BYTE, 1, 0, SKIP, 0, NULL}, + {FNAME("silenceSuppression") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _IS11172AudioCapability[] = { /* SEQUENCE */ + {FNAME("audioLayer1") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("audioLayer2") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("audioLayer3") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("audioSampling32k") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("audioSampling44k1") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("audioSampling48k") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("singleChannel") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("twoChannels") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("bitRate") INT, WORD, 1, 0, SKIP, 0, NULL}, +}; + +static field_t _IS13818AudioCapability[] = { /* SEQUENCE */ + {FNAME("audioLayer1") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("audioLayer2") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("audioLayer3") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("audioSampling16k") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("audioSampling22k05") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("audioSampling24k") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("audioSampling32k") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("audioSampling44k1") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("audioSampling48k") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("singleChannel") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("twoChannels") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("threeChannels2-1") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("threeChannels3-0") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("fourChannels2-0-2-0") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("fourChannels2-2") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("fourChannels3-1") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("fiveChannels3-0-2-0") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("fiveChannels3-2") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("lowFrequencyEnhancement") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("multilingual") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("bitRate") INT, WORD, 1, 0, SKIP, 0, NULL}, +}; + +static field_t _AudioCapability[] = { /* CHOICE */ + {FNAME("nonStandard") SEQ, 0, 2, 2, SKIP, 0, + _H245_NonStandardParameter}, + {FNAME("g711Alaw64k") INT, BYTE, 1, 0, SKIP, 0, NULL}, + {FNAME("g711Alaw56k") INT, BYTE, 1, 0, SKIP, 0, NULL}, + {FNAME("g711Ulaw64k") INT, BYTE, 1, 0, SKIP, 0, NULL}, + {FNAME("g711Ulaw56k") INT, BYTE, 1, 0, SKIP, 0, NULL}, + {FNAME("g722-64k") INT, BYTE, 1, 0, SKIP, 0, NULL}, + {FNAME("g722-56k") INT, BYTE, 1, 0, SKIP, 0, NULL}, + {FNAME("g722-48k") INT, BYTE, 1, 0, SKIP, 0, NULL}, + {FNAME("g7231") SEQ, 0, 2, 2, SKIP, 0, _AudioCapability_g7231}, + {FNAME("g728") INT, BYTE, 1, 0, SKIP, 0, NULL}, + {FNAME("g729") INT, BYTE, 1, 0, SKIP, 0, NULL}, + {FNAME("g729AnnexA") INT, BYTE, 1, 0, SKIP, 0, NULL}, + {FNAME("is11172AudioCapability") SEQ, 0, 9, 9, SKIP | EXT, 0, + _IS11172AudioCapability}, + {FNAME("is13818AudioCapability") SEQ, 0, 21, 21, SKIP | EXT, 0, + _IS13818AudioCapability}, + {FNAME("g729wAnnexB") INT, BYTE, 1, 0, SKIP, 0, NULL}, + {FNAME("g729AnnexAwAnnexB") INT, BYTE, 1, 0, SKIP, 0, NULL}, + {FNAME("g7231AnnexCCapability") SEQ, 1, 3, 3, SKIP | EXT, 0, NULL}, + {FNAME("gsmFullRate") SEQ, 0, 3, 3, SKIP | EXT, 0, NULL}, + {FNAME("gsmHalfRate") SEQ, 0, 3, 3, SKIP | EXT, 0, NULL}, + {FNAME("gsmEnhancedFullRate") SEQ, 0, 3, 3, SKIP | EXT, 0, NULL}, + {FNAME("genericAudioCapability") SEQ, 5, 6, 6, SKIP | EXT, 0, NULL}, + {FNAME("g729Extensions") SEQ, 1, 8, 8, SKIP | EXT, 0, NULL}, +}; + +static field_t _DataProtocolCapability[] = { /* CHOICE */ + {FNAME("nonStandard") SEQ, 0, 2, 2, SKIP, 0, + _H245_NonStandardParameter}, + {FNAME("v14buffered") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("v42lapm") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("hdlcFrameTunnelling") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("h310SeparateVCStack") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("h310SingleVCStack") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("transparent") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("segmentationAndReassembly") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("hdlcFrameTunnelingwSAR") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("v120") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("separateLANStack") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("v76wCompression") CHOICE, 2, 3, 3, SKIP | EXT, 0, NULL}, + {FNAME("tcp") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("udp") NUL, FIXD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _T84Profile_t84Restricted[] = { /* SEQUENCE */ + {FNAME("qcif") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("cif") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("ccir601Seq") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("ccir601Prog") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("hdtvSeq") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("hdtvProg") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("g3FacsMH200x100") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("g3FacsMH200x200") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("g4FacsMMR200x100") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("g4FacsMMR200x200") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("jbig200x200Seq") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("jbig200x200Prog") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("jbig300x300Seq") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("jbig300x300Prog") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("digPhotoLow") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("digPhotoMedSeq") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("digPhotoMedProg") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("digPhotoHighSeq") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("digPhotoHighProg") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _T84Profile[] = { /* CHOICE */ + {FNAME("t84Unrestricted") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("t84Restricted") SEQ, 0, 19, 19, SKIP | EXT, 0, + _T84Profile_t84Restricted}, +}; + +static field_t _DataApplicationCapability_application_t84[] = { /* SEQUENCE */ + {FNAME("t84Protocol") CHOICE, 3, 7, 14, SKIP | EXT, 0, + _DataProtocolCapability}, + {FNAME("t84Profile") CHOICE, 1, 2, 2, SKIP, 0, _T84Profile}, +}; + +static field_t _DataApplicationCapability_application_nlpid[] = { /* SEQUENCE */ + {FNAME("nlpidProtocol") CHOICE, 3, 7, 14, SKIP | EXT, 0, + _DataProtocolCapability}, + {FNAME("nlpidData") OCTSTR, SEMI, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _DataApplicationCapability_application[] = { /* CHOICE */ + {FNAME("nonStandard") SEQ, 0, 2, 2, SKIP, 0, + _H245_NonStandardParameter}, + {FNAME("t120") CHOICE, 3, 7, 14, DECODE | EXT, + offsetof(DataApplicationCapability_application, t120), + _DataProtocolCapability}, + {FNAME("dsm-cc") CHOICE, 3, 7, 14, SKIP | EXT, 0, + _DataProtocolCapability}, + {FNAME("userData") CHOICE, 3, 7, 14, SKIP | EXT, 0, + _DataProtocolCapability}, + {FNAME("t84") SEQ, 0, 2, 2, SKIP, 0, + _DataApplicationCapability_application_t84}, + {FNAME("t434") CHOICE, 3, 7, 14, SKIP | EXT, 0, + _DataProtocolCapability}, + {FNAME("h224") CHOICE, 3, 7, 14, SKIP | EXT, 0, + _DataProtocolCapability}, + {FNAME("nlpid") SEQ, 0, 2, 2, SKIP, 0, + _DataApplicationCapability_application_nlpid}, + {FNAME("dsvdControl") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("h222DataPartitioning") CHOICE, 3, 7, 14, SKIP | EXT, 0, + _DataProtocolCapability}, + {FNAME("t30fax") CHOICE, 3, 7, 14, SKIP | EXT, 0, NULL}, + {FNAME("t140") CHOICE, 3, 7, 14, SKIP | EXT, 0, NULL}, + {FNAME("t38fax") SEQ, 0, 2, 2, SKIP, 0, NULL}, + {FNAME("genericDataCapability") SEQ, 5, 6, 6, SKIP | EXT, 0, NULL}, +}; + +static field_t _DataApplicationCapability[] = { /* SEQUENCE */ + {FNAME("application") CHOICE, 4, 10, 14, DECODE | EXT, + offsetof(DataApplicationCapability, application), + _DataApplicationCapability_application}, + {FNAME("maxBitRate") INT, CONS, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _EncryptionMode[] = { /* CHOICE */ + {FNAME("nonStandard") SEQ, 0, 2, 2, SKIP, 0, + _H245_NonStandardParameter}, + {FNAME("h233Encryption") NUL, FIXD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _DataType[] = { /* CHOICE */ + {FNAME("nonStandard") SEQ, 0, 2, 2, SKIP, 0, + _H245_NonStandardParameter}, + {FNAME("nullData") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("videoData") CHOICE, 3, 5, 6, SKIP | EXT, 0, _VideoCapability}, + {FNAME("audioData") CHOICE, 4, 14, 22, SKIP | EXT, 0, + _AudioCapability}, + {FNAME("data") SEQ, 0, 2, 2, DECODE | EXT, offsetof(DataType, data), + _DataApplicationCapability}, + {FNAME("encryptionData") CHOICE, 1, 2, 2, SKIP | EXT, 0, + _EncryptionMode}, + {FNAME("h235Control") SEQ, 0, 2, 2, SKIP, 0, NULL}, + {FNAME("h235Media") SEQ, 0, 2, 2, SKIP | EXT, 0, NULL}, + {FNAME("multiplexedStream") SEQ, 0, 2, 2, SKIP | EXT, 0, NULL}, +}; + +static field_t _H222LogicalChannelParameters[] = { /* SEQUENCE */ + {FNAME("resourceID") INT, WORD, 0, 0, SKIP, 0, NULL}, + {FNAME("subChannelID") INT, WORD, 0, 0, SKIP, 0, NULL}, + {FNAME("pcr-pid") INT, WORD, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("programDescriptors") OCTSTR, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("streamDescriptors") OCTSTR, SEMI, 0, 0, SKIP | OPT, 0, NULL}, +}; + +static field_t _H223LogicalChannelParameters_adaptationLayerType_al3[] = { /* SEQUENCE */ + {FNAME("controlFieldOctets") INT, 2, 0, 0, SKIP, 0, NULL}, + {FNAME("sendBufferSize") INT, CONS, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _H223LogicalChannelParameters_adaptationLayerType[] = { /* CHOICE */ + {FNAME("nonStandard") SEQ, 0, 2, 2, SKIP, 0, + _H245_NonStandardParameter}, + {FNAME("al1Framed") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("al1NotFramed") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("al2WithoutSequenceNumbers") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("al2WithSequenceNumbers") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("al3") SEQ, 0, 2, 2, SKIP, 0, + _H223LogicalChannelParameters_adaptationLayerType_al3}, + {FNAME("al1M") SEQ, 0, 7, 8, SKIP | EXT, 0, NULL}, + {FNAME("al2M") SEQ, 0, 2, 2, SKIP | EXT, 0, NULL}, + {FNAME("al3M") SEQ, 0, 5, 6, SKIP | EXT, 0, NULL}, +}; + +static field_t _H223LogicalChannelParameters[] = { /* SEQUENCE */ + {FNAME("adaptationLayerType") CHOICE, 3, 6, 9, SKIP | EXT, 0, + _H223LogicalChannelParameters_adaptationLayerType}, + {FNAME("segmentableFlag") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _CRCLength[] = { /* CHOICE */ + {FNAME("crc8bit") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("crc16bit") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("crc32bit") NUL, FIXD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _V76HDLCParameters[] = { /* SEQUENCE */ + {FNAME("crcLength") CHOICE, 2, 3, 3, SKIP | EXT, 0, _CRCLength}, + {FNAME("n401") INT, WORD, 1, 0, SKIP, 0, NULL}, + {FNAME("loopbackTestProcedure") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _V76LogicalChannelParameters_suspendResume[] = { /* CHOICE */ + {FNAME("noSuspendResume") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("suspendResumewAddress") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("suspendResumewoAddress") NUL, FIXD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _V76LogicalChannelParameters_mode_eRM_recovery[] = { /* CHOICE */ + {FNAME("rej") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("sREJ") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("mSREJ") NUL, FIXD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _V76LogicalChannelParameters_mode_eRM[] = { /* SEQUENCE */ + {FNAME("windowSize") INT, 7, 1, 0, SKIP, 0, NULL}, + {FNAME("recovery") CHOICE, 2, 3, 3, SKIP | EXT, 0, + _V76LogicalChannelParameters_mode_eRM_recovery}, +}; + +static field_t _V76LogicalChannelParameters_mode[] = { /* CHOICE */ + {FNAME("eRM") SEQ, 0, 2, 2, SKIP | EXT, 0, + _V76LogicalChannelParameters_mode_eRM}, + {FNAME("uNERM") NUL, FIXD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _V75Parameters[] = { /* SEQUENCE */ + {FNAME("audioHeaderPresent") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _V76LogicalChannelParameters[] = { /* SEQUENCE */ + {FNAME("hdlcParameters") SEQ, 0, 3, 3, SKIP | EXT, 0, + _V76HDLCParameters}, + {FNAME("suspendResume") CHOICE, 2, 3, 3, SKIP | EXT, 0, + _V76LogicalChannelParameters_suspendResume}, + {FNAME("uIH") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("mode") CHOICE, 1, 2, 2, SKIP | EXT, 0, + _V76LogicalChannelParameters_mode}, + {FNAME("v75Parameters") SEQ, 0, 1, 1, SKIP | EXT, 0, _V75Parameters}, +}; + +static field_t _H2250LogicalChannelParameters_nonStandard[] = { /* SEQUENCE OF */ + {FNAME("item") SEQ, 0, 2, 2, SKIP, 0, _H245_NonStandardParameter}, +}; + +static field_t _UnicastAddress_iPAddress[] = { /* SEQUENCE */ + {FNAME("network") OCTSTR, FIXD, 4, 0, DECODE, + offsetof(UnicastAddress_iPAddress, network), NULL}, + {FNAME("tsapIdentifier") INT, WORD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _UnicastAddress_iPXAddress[] = { /* SEQUENCE */ + {FNAME("node") OCTSTR, FIXD, 6, 0, SKIP, 0, NULL}, + {FNAME("netnum") OCTSTR, FIXD, 4, 0, SKIP, 0, NULL}, + {FNAME("tsapIdentifier") OCTSTR, FIXD, 2, 0, SKIP, 0, NULL}, +}; + +static field_t _UnicastAddress_iP6Address[] = { /* SEQUENCE */ + {FNAME("network") OCTSTR, FIXD, 16, 0, SKIP, 0, NULL}, + {FNAME("tsapIdentifier") INT, WORD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _UnicastAddress_iPSourceRouteAddress_routing[] = { /* CHOICE */ + {FNAME("strict") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("loose") NUL, FIXD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _UnicastAddress_iPSourceRouteAddress_route[] = { /* SEQUENCE OF */ + {FNAME("item") OCTSTR, FIXD, 4, 0, SKIP, 0, NULL}, +}; + +static field_t _UnicastAddress_iPSourceRouteAddress[] = { /* SEQUENCE */ + {FNAME("routing") CHOICE, 1, 2, 2, SKIP, 0, + _UnicastAddress_iPSourceRouteAddress_routing}, + {FNAME("network") OCTSTR, FIXD, 4, 0, SKIP, 0, NULL}, + {FNAME("tsapIdentifier") INT, WORD, 0, 0, SKIP, 0, NULL}, + {FNAME("route") SEQOF, SEMI, 0, 0, SKIP, 0, + _UnicastAddress_iPSourceRouteAddress_route}, +}; + +static field_t _UnicastAddress[] = { /* CHOICE */ + {FNAME("iPAddress") SEQ, 0, 2, 2, DECODE | EXT, + offsetof(UnicastAddress, iPAddress), _UnicastAddress_iPAddress}, + {FNAME("iPXAddress") SEQ, 0, 3, 3, SKIP | EXT, 0, + _UnicastAddress_iPXAddress}, + {FNAME("iP6Address") SEQ, 0, 2, 2, SKIP | EXT, 0, + _UnicastAddress_iP6Address}, + {FNAME("netBios") OCTSTR, FIXD, 16, 0, SKIP, 0, NULL}, + {FNAME("iPSourceRouteAddress") SEQ, 0, 4, 4, SKIP | EXT, 0, + _UnicastAddress_iPSourceRouteAddress}, + {FNAME("nsap") OCTSTR, 5, 1, 0, SKIP, 0, NULL}, + {FNAME("nonStandardAddress") SEQ, 0, 2, 2, SKIP, 0, NULL}, +}; + +static field_t _MulticastAddress_iPAddress[] = { /* SEQUENCE */ + {FNAME("network") OCTSTR, FIXD, 4, 0, SKIP, 0, NULL}, + {FNAME("tsapIdentifier") INT, WORD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _MulticastAddress_iP6Address[] = { /* SEQUENCE */ + {FNAME("network") OCTSTR, FIXD, 16, 0, SKIP, 0, NULL}, + {FNAME("tsapIdentifier") INT, WORD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _MulticastAddress[] = { /* CHOICE */ + {FNAME("iPAddress") SEQ, 0, 2, 2, SKIP | EXT, 0, + _MulticastAddress_iPAddress}, + {FNAME("iP6Address") SEQ, 0, 2, 2, SKIP | EXT, 0, + _MulticastAddress_iP6Address}, + {FNAME("nsap") OCTSTR, 5, 1, 0, SKIP, 0, NULL}, + {FNAME("nonStandardAddress") SEQ, 0, 2, 2, SKIP, 0, NULL}, +}; + +static field_t _H245_TransportAddress[] = { /* CHOICE */ + {FNAME("unicastAddress") CHOICE, 3, 5, 7, DECODE | EXT, + offsetof(H245_TransportAddress, unicastAddress), _UnicastAddress}, + {FNAME("multicastAddress") CHOICE, 1, 2, 4, SKIP | EXT, 0, + _MulticastAddress}, +}; + +static field_t _H2250LogicalChannelParameters[] = { /* SEQUENCE */ + {FNAME("nonStandard") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, + _H2250LogicalChannelParameters_nonStandard}, + {FNAME("sessionID") INT, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("associatedSessionID") INT, 8, 1, 0, SKIP | OPT, 0, NULL}, + {FNAME("mediaChannel") CHOICE, 1, 2, 2, DECODE | EXT | OPT, + offsetof(H2250LogicalChannelParameters, mediaChannel), + _H245_TransportAddress}, + {FNAME("mediaGuaranteedDelivery") BOOL, FIXD, 0, 0, SKIP | OPT, 0, + NULL}, + {FNAME("mediaControlChannel") CHOICE, 1, 2, 2, DECODE | EXT | OPT, + offsetof(H2250LogicalChannelParameters, mediaControlChannel), + _H245_TransportAddress}, + {FNAME("mediaControlGuaranteedDelivery") BOOL, FIXD, 0, 0, STOP | OPT, + 0, NULL}, + {FNAME("silenceSuppression") BOOL, FIXD, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("destination") SEQ, 0, 2, 2, STOP | EXT | OPT, 0, NULL}, + {FNAME("dynamicRTPPayloadType") INT, 5, 96, 0, STOP | OPT, 0, NULL}, + {FNAME("mediaPacketization") CHOICE, 0, 1, 2, STOP | EXT | OPT, 0, + NULL}, + {FNAME("transportCapability") SEQ, 3, 3, 3, STOP | EXT | OPT, 0, + NULL}, + {FNAME("redundancyEncoding") SEQ, 1, 2, 2, STOP | EXT | OPT, 0, NULL}, + {FNAME("source") SEQ, 0, 2, 2, SKIP | EXT | OPT, 0, NULL}, +}; + +static field_t _OpenLogicalChannel_forwardLogicalChannelParameters_multiplexParameters[] = { /* CHOICE */ + {FNAME("h222LogicalChannelParameters") SEQ, 3, 5, 5, SKIP | EXT, 0, + _H222LogicalChannelParameters}, + {FNAME("h223LogicalChannelParameters") SEQ, 0, 2, 2, SKIP | EXT, 0, + _H223LogicalChannelParameters}, + {FNAME("v76LogicalChannelParameters") SEQ, 0, 5, 5, SKIP | EXT, 0, + _V76LogicalChannelParameters}, + {FNAME("h2250LogicalChannelParameters") SEQ, 10, 11, 14, DECODE | EXT, + offsetof + (OpenLogicalChannel_forwardLogicalChannelParameters_multiplexParameters, + h2250LogicalChannelParameters), _H2250LogicalChannelParameters}, + {FNAME("none") NUL, FIXD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _OpenLogicalChannel_forwardLogicalChannelParameters[] = { /* SEQUENCE */ + {FNAME("portNumber") INT, WORD, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("dataType") CHOICE, 3, 6, 9, DECODE | EXT, + offsetof(OpenLogicalChannel_forwardLogicalChannelParameters, + dataType), _DataType}, + {FNAME("multiplexParameters") CHOICE, 2, 3, 5, DECODE | EXT, + offsetof(OpenLogicalChannel_forwardLogicalChannelParameters, + multiplexParameters), + _OpenLogicalChannel_forwardLogicalChannelParameters_multiplexParameters}, + {FNAME("forwardLogicalChannelDependency") INT, WORD, 1, 0, SKIP | OPT, + 0, NULL}, + {FNAME("replacementFor") INT, WORD, 1, 0, SKIP | OPT, 0, NULL}, +}; + +static field_t _OpenLogicalChannel_reverseLogicalChannelParameters_multiplexParameters[] = { /* CHOICE */ + {FNAME("h223LogicalChannelParameters") SEQ, 0, 2, 2, SKIP | EXT, 0, + _H223LogicalChannelParameters}, + {FNAME("v76LogicalChannelParameters") SEQ, 0, 5, 5, SKIP | EXT, 0, + _V76LogicalChannelParameters}, + {FNAME("h2250LogicalChannelParameters") SEQ, 10, 11, 14, DECODE | EXT, + offsetof + (OpenLogicalChannel_reverseLogicalChannelParameters_multiplexParameters, + h2250LogicalChannelParameters), _H2250LogicalChannelParameters}, +}; + +static field_t _OpenLogicalChannel_reverseLogicalChannelParameters[] = { /* SEQUENCE */ + {FNAME("dataType") CHOICE, 3, 6, 9, SKIP | EXT, 0, _DataType}, + {FNAME("multiplexParameters") CHOICE, 1, 2, 3, DECODE | EXT | OPT, + offsetof(OpenLogicalChannel_reverseLogicalChannelParameters, + multiplexParameters), + _OpenLogicalChannel_reverseLogicalChannelParameters_multiplexParameters}, + {FNAME("reverseLogicalChannelDependency") INT, WORD, 1, 0, SKIP | OPT, + 0, NULL}, + {FNAME("replacementFor") INT, WORD, 1, 0, SKIP | OPT, 0, NULL}, +}; + +static field_t _NetworkAccessParameters_distribution[] = { /* CHOICE */ + {FNAME("unicast") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("multicast") NUL, FIXD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _Q2931Address_address[] = { /* CHOICE */ + {FNAME("internationalNumber") NUMSTR, 4, 1, 0, SKIP, 0, NULL}, + {FNAME("nsapAddress") OCTSTR, 5, 1, 0, SKIP, 0, NULL}, +}; + +static field_t _Q2931Address[] = { /* SEQUENCE */ + {FNAME("address") CHOICE, 1, 2, 2, SKIP | EXT, 0, + _Q2931Address_address}, + {FNAME("subaddress") OCTSTR, 5, 1, 0, SKIP | OPT, 0, NULL}, +}; + +static field_t _NetworkAccessParameters_networkAddress[] = { /* CHOICE */ + {FNAME("q2931Address") SEQ, 1, 2, 2, SKIP | EXT, 0, _Q2931Address}, + {FNAME("e164Address") NUMDGT, 7, 1, 0, SKIP, 0, NULL}, + {FNAME("localAreaAddress") CHOICE, 1, 2, 2, DECODE | EXT, + offsetof(NetworkAccessParameters_networkAddress, localAreaAddress), + _H245_TransportAddress}, +}; + +static field_t _NetworkAccessParameters[] = { /* SEQUENCE */ + {FNAME("distribution") CHOICE, 1, 2, 2, SKIP | EXT | OPT, 0, + _NetworkAccessParameters_distribution}, + {FNAME("networkAddress") CHOICE, 2, 3, 3, DECODE | EXT, + offsetof(NetworkAccessParameters, networkAddress), + _NetworkAccessParameters_networkAddress}, + {FNAME("associateConference") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("externalReference") OCTSTR, 8, 1, 0, SKIP | OPT, 0, NULL}, + {FNAME("t120SetupProcedure") CHOICE, 2, 3, 3, SKIP | EXT | OPT, 0, + NULL}, +}; + +static field_t _OpenLogicalChannel[] = { /* SEQUENCE */ + {FNAME("forwardLogicalChannelNumber") INT, WORD, 1, 0, SKIP, 0, NULL}, + {FNAME("forwardLogicalChannelParameters") SEQ, 1, 3, 5, DECODE | EXT, + offsetof(OpenLogicalChannel, forwardLogicalChannelParameters), + _OpenLogicalChannel_forwardLogicalChannelParameters}, + {FNAME("reverseLogicalChannelParameters") SEQ, 1, 2, 4, + DECODE | EXT | OPT, offsetof(OpenLogicalChannel, + reverseLogicalChannelParameters), + _OpenLogicalChannel_reverseLogicalChannelParameters}, + {FNAME("separateStack") SEQ, 2, 4, 5, DECODE | EXT | OPT, + offsetof(OpenLogicalChannel, separateStack), + _NetworkAccessParameters}, + {FNAME("encryptionSync") SEQ, 2, 4, 4, STOP | EXT | OPT, 0, NULL}, +}; + +static field_t _Setup_UUIE_fastStart[] = { /* SEQUENCE OF */ + {FNAME("item") SEQ, 1, 3, 5, DECODE | OPEN | EXT, + sizeof(OpenLogicalChannel), _OpenLogicalChannel} + , +}; + +static field_t _Setup_UUIE[] = { /* SEQUENCE */ + {FNAME("protocolIdentifier") OID, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("h245Address") CHOICE, 3, 7, 7, DECODE | EXT | OPT, + offsetof(Setup_UUIE, h245Address), _TransportAddress}, + {FNAME("sourceAddress") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, + _Setup_UUIE_sourceAddress}, + {FNAME("sourceInfo") SEQ, 6, 8, 10, SKIP | EXT, 0, _EndpointType}, + {FNAME("destinationAddress") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, + _Setup_UUIE_destinationAddress}, + {FNAME("destCallSignalAddress") CHOICE, 3, 7, 7, DECODE | EXT | OPT, + offsetof(Setup_UUIE, destCallSignalAddress), _TransportAddress}, + {FNAME("destExtraCallInfo") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, + _Setup_UUIE_destExtraCallInfo}, + {FNAME("destExtraCRV") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, + _Setup_UUIE_destExtraCRV}, + {FNAME("activeMC") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("conferenceID") OCTSTR, FIXD, 16, 0, SKIP, 0, NULL}, + {FNAME("conferenceGoal") CHOICE, 2, 3, 5, SKIP | EXT, 0, + _Setup_UUIE_conferenceGoal}, + {FNAME("callServices") SEQ, 0, 8, 8, SKIP | EXT | OPT, 0, + _QseriesOptions}, + {FNAME("callType") CHOICE, 2, 4, 4, SKIP | EXT, 0, _CallType}, + {FNAME("sourceCallSignalAddress") CHOICE, 3, 7, 7, DECODE | EXT | OPT, + offsetof(Setup_UUIE, sourceCallSignalAddress), _TransportAddress}, + {FNAME("remoteExtensionAddress") CHOICE, 1, 2, 7, SKIP | EXT | OPT, 0, + NULL}, + {FNAME("callIdentifier") SEQ, 0, 1, 1, SKIP | EXT, 0, NULL}, + {FNAME("h245SecurityCapability") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, + NULL}, + {FNAME("tokens") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("cryptoTokens") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("fastStart") SEQOF, SEMI, 0, 30, DECODE | OPT, + offsetof(Setup_UUIE, fastStart), _Setup_UUIE_fastStart}, + {FNAME("mediaWaitForConnect") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("canOverlapSend") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("endpointIdentifier") BMPSTR, 7, 1, 0, STOP | OPT, 0, NULL}, + {FNAME("multipleCalls") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("maintainConnection") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("connectionParameters") SEQ, 0, 3, 3, SKIP | EXT | OPT, 0, + NULL}, + {FNAME("language") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("presentationIndicator") CHOICE, 2, 3, 3, SKIP | EXT | OPT, 0, + NULL}, + {FNAME("screeningIndicator") ENUM, 2, 0, 0, SKIP | EXT | OPT, 0, + NULL}, + {FNAME("serviceControl") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("symmetricOperationRequired") NUL, FIXD, 0, 0, SKIP | OPT, 0, + NULL}, + {FNAME("capacity") SEQ, 2, 2, 2, SKIP | EXT | OPT, 0, NULL}, + {FNAME("circuitInfo") SEQ, 3, 3, 3, SKIP | EXT | OPT, 0, NULL}, + {FNAME("desiredProtocols") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("neededFeatures") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("desiredFeatures") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("supportedFeatures") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("parallelH245Control") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("additionalSourceAddresses") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, + NULL}, +}; + +static field_t _CallProceeding_UUIE_fastStart[] = { /* SEQUENCE OF */ + {FNAME("item") SEQ, 1, 3, 5, DECODE | OPEN | EXT, + sizeof(OpenLogicalChannel), _OpenLogicalChannel} + , +}; + +static field_t _CallProceeding_UUIE[] = { /* SEQUENCE */ + {FNAME("protocolIdentifier") OID, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("destinationInfo") SEQ, 6, 8, 10, SKIP | EXT, 0, + _EndpointType}, + {FNAME("h245Address") CHOICE, 3, 7, 7, DECODE | EXT | OPT, + offsetof(CallProceeding_UUIE, h245Address), _TransportAddress}, + {FNAME("callIdentifier") SEQ, 0, 1, 1, SKIP | EXT, 0, NULL}, + {FNAME("h245SecurityMode") CHOICE, 2, 4, 4, SKIP | EXT | OPT, 0, + NULL}, + {FNAME("tokens") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("cryptoTokens") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("fastStart") SEQOF, SEMI, 0, 30, DECODE | OPT, + offsetof(CallProceeding_UUIE, fastStart), + _CallProceeding_UUIE_fastStart}, + {FNAME("multipleCalls") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("maintainConnection") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("fastConnectRefused") NUL, FIXD, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("featureSet") SEQ, 3, 4, 4, SKIP | EXT | OPT, 0, NULL}, +}; + +static field_t _Connect_UUIE_fastStart[] = { /* SEQUENCE OF */ + {FNAME("item") SEQ, 1, 3, 5, DECODE | OPEN | EXT, + sizeof(OpenLogicalChannel), _OpenLogicalChannel} + , +}; + +static field_t _Connect_UUIE[] = { /* SEQUENCE */ + {FNAME("protocolIdentifier") OID, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("h245Address") CHOICE, 3, 7, 7, DECODE | EXT | OPT, + offsetof(Connect_UUIE, h245Address), _TransportAddress}, + {FNAME("destinationInfo") SEQ, 6, 8, 10, SKIP | EXT, 0, + _EndpointType}, + {FNAME("conferenceID") OCTSTR, FIXD, 16, 0, SKIP, 0, NULL}, + {FNAME("callIdentifier") SEQ, 0, 1, 1, SKIP | EXT, 0, NULL}, + {FNAME("h245SecurityMode") CHOICE, 2, 4, 4, SKIP | EXT | OPT, 0, + NULL}, + {FNAME("tokens") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("cryptoTokens") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("fastStart") SEQOF, SEMI, 0, 30, DECODE | OPT, + offsetof(Connect_UUIE, fastStart), _Connect_UUIE_fastStart}, + {FNAME("multipleCalls") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("maintainConnection") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("language") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("connectedAddress") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("presentationIndicator") CHOICE, 2, 3, 3, SKIP | EXT | OPT, 0, + NULL}, + {FNAME("screeningIndicator") ENUM, 2, 0, 0, SKIP | EXT | OPT, 0, + NULL}, + {FNAME("fastConnectRefused") NUL, FIXD, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("serviceControl") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("capacity") SEQ, 2, 2, 2, SKIP | EXT | OPT, 0, NULL}, + {FNAME("featureSet") SEQ, 3, 4, 4, SKIP | EXT | OPT, 0, NULL}, +}; + +static field_t _Alerting_UUIE_fastStart[] = { /* SEQUENCE OF */ + {FNAME("item") SEQ, 1, 3, 5, DECODE | OPEN | EXT, + sizeof(OpenLogicalChannel), _OpenLogicalChannel} + , +}; + +static field_t _Alerting_UUIE[] = { /* SEQUENCE */ + {FNAME("protocolIdentifier") OID, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("destinationInfo") SEQ, 6, 8, 10, SKIP | EXT, 0, + _EndpointType}, + {FNAME("h245Address") CHOICE, 3, 7, 7, DECODE | EXT | OPT, + offsetof(Alerting_UUIE, h245Address), _TransportAddress}, + {FNAME("callIdentifier") SEQ, 0, 1, 1, SKIP | EXT, 0, NULL}, + {FNAME("h245SecurityMode") CHOICE, 2, 4, 4, SKIP | EXT | OPT, 0, + NULL}, + {FNAME("tokens") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("cryptoTokens") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("fastStart") SEQOF, SEMI, 0, 30, DECODE | OPT, + offsetof(Alerting_UUIE, fastStart), _Alerting_UUIE_fastStart}, + {FNAME("multipleCalls") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("maintainConnection") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("alertingAddress") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("presentationIndicator") CHOICE, 2, 3, 3, SKIP | EXT | OPT, 0, + NULL}, + {FNAME("screeningIndicator") ENUM, 2, 0, 0, SKIP | EXT | OPT, 0, + NULL}, + {FNAME("fastConnectRefused") NUL, FIXD, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("serviceControl") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("capacity") SEQ, 2, 2, 2, SKIP | EXT | OPT, 0, NULL}, + {FNAME("featureSet") SEQ, 3, 4, 4, SKIP | EXT | OPT, 0, NULL}, +}; + +static field_t _Information_UUIE_fastStart[] = { /* SEQUENCE OF */ + {FNAME("item") SEQ, 1, 3, 5, DECODE | OPEN | EXT, + sizeof(OpenLogicalChannel), _OpenLogicalChannel} + , +}; + +static field_t _Information_UUIE[] = { /* SEQUENCE */ + {FNAME("protocolIdentifier") OID, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("callIdentifier") SEQ, 0, 1, 1, SKIP | EXT, 0, NULL}, + {FNAME("tokens") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("cryptoTokens") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("fastStart") SEQOF, SEMI, 0, 30, DECODE | OPT, + offsetof(Information_UUIE, fastStart), _Information_UUIE_fastStart}, + {FNAME("fastConnectRefused") NUL, FIXD, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("circuitInfo") SEQ, 3, 3, 3, SKIP | EXT | OPT, 0, NULL}, +}; + +static field_t _ReleaseCompleteReason[] = { /* CHOICE */ + {FNAME("noBandwidth") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("gatekeeperResources") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("unreachableDestination") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("destinationRejection") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("invalidRevision") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("noPermission") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("unreachableGatekeeper") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("gatewayResources") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("badFormatAddress") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("adaptiveBusy") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("inConf") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("undefinedReason") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("facilityCallDeflection") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("securityDenied") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("calledPartyNotRegistered") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("callerNotRegistered") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("newConnectionNeeded") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("nonStandardReason") SEQ, 0, 2, 2, SKIP, 0, NULL}, + {FNAME("replaceWithConferenceInvite") OCTSTR, FIXD, 16, 0, SKIP, 0, + NULL}, + {FNAME("genericDataReason") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("neededFeatureNotSupported") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("tunnelledSignallingRejected") NUL, FIXD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _ReleaseComplete_UUIE[] = { /* SEQUENCE */ + {FNAME("protocolIdentifier") OID, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("reason") CHOICE, 4, 12, 22, SKIP | EXT | OPT, 0, + _ReleaseCompleteReason}, + {FNAME("callIdentifier") SEQ, 0, 1, 1, SKIP | EXT, 0, NULL}, + {FNAME("tokens") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("cryptoTokens") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("busyAddress") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("presentationIndicator") CHOICE, 2, 3, 3, SKIP | EXT | OPT, 0, + NULL}, + {FNAME("screeningIndicator") ENUM, 2, 0, 0, SKIP | EXT | OPT, 0, + NULL}, + {FNAME("capacity") SEQ, 2, 2, 2, SKIP | EXT | OPT, 0, NULL}, + {FNAME("serviceControl") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("featureSet") SEQ, 3, 4, 4, SKIP | EXT | OPT, 0, NULL}, +}; + +static field_t _Facility_UUIE_alternativeAliasAddress[] = { /* SEQUENCE OF */ + {FNAME("item") CHOICE, 1, 2, 7, SKIP | EXT, 0, _AliasAddress}, +}; + +static field_t _FacilityReason[] = { /* CHOICE */ + {FNAME("routeCallToGatekeeper") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("callForwarded") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("routeCallToMC") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("undefinedReason") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("conferenceListChoice") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("startH245") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("noH245") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("newTokens") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("featureSetUpdate") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("forwardedElements") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("transportedInformation") NUL, FIXD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _Facility_UUIE_fastStart[] = { /* SEQUENCE OF */ + {FNAME("item") SEQ, 1, 3, 5, DECODE | OPEN | EXT, + sizeof(OpenLogicalChannel), _OpenLogicalChannel} + , +}; + +static field_t _Facility_UUIE[] = { /* SEQUENCE */ + {FNAME("protocolIdentifier") OID, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("alternativeAddress") CHOICE, 3, 7, 7, SKIP | EXT | OPT, 0, + _TransportAddress}, + {FNAME("alternativeAliasAddress") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, + _Facility_UUIE_alternativeAliasAddress}, + {FNAME("conferenceID") OCTSTR, FIXD, 16, 0, SKIP | OPT, 0, NULL}, + {FNAME("reason") CHOICE, 2, 4, 11, DECODE | EXT, + offsetof(Facility_UUIE, reason), _FacilityReason}, + {FNAME("callIdentifier") SEQ, 0, 1, 1, SKIP | EXT, 0, NULL}, + {FNAME("destExtraCallInfo") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("remoteExtensionAddress") CHOICE, 1, 2, 7, SKIP | EXT | OPT, 0, + NULL}, + {FNAME("tokens") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("cryptoTokens") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("conferences") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("h245Address") CHOICE, 3, 7, 7, DECODE | EXT | OPT, + offsetof(Facility_UUIE, h245Address), _TransportAddress}, + {FNAME("fastStart") SEQOF, SEMI, 0, 30, DECODE | OPT, + offsetof(Facility_UUIE, fastStart), _Facility_UUIE_fastStart}, + {FNAME("multipleCalls") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("maintainConnection") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("fastConnectRefused") NUL, FIXD, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("serviceControl") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("circuitInfo") SEQ, 3, 3, 3, SKIP | EXT | OPT, 0, NULL}, + {FNAME("featureSet") SEQ, 3, 4, 4, SKIP | EXT | OPT, 0, NULL}, + {FNAME("destinationInfo") SEQ, 6, 8, 10, SKIP | EXT | OPT, 0, NULL}, + {FNAME("h245SecurityMode") CHOICE, 2, 4, 4, SKIP | EXT | OPT, 0, + NULL}, +}; + +static field_t _CallIdentifier[] = { /* SEQUENCE */ + {FNAME("guid") OCTSTR, FIXD, 16, 0, SKIP, 0, NULL}, +}; + +static field_t _SecurityServiceMode[] = { /* CHOICE */ + {FNAME("nonStandard") SEQ, 0, 2, 2, SKIP, 0, _NonStandardParameter}, + {FNAME("none") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("default") NUL, FIXD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _SecurityCapabilities[] = { /* SEQUENCE */ + {FNAME("nonStandard") SEQ, 0, 2, 2, SKIP | OPT, 0, + _NonStandardParameter}, + {FNAME("encryption") CHOICE, 2, 3, 3, SKIP | EXT, 0, + _SecurityServiceMode}, + {FNAME("authenticaton") CHOICE, 2, 3, 3, SKIP | EXT, 0, + _SecurityServiceMode}, + {FNAME("integrity") CHOICE, 2, 3, 3, SKIP | EXT, 0, + _SecurityServiceMode}, +}; + +static field_t _H245Security[] = { /* CHOICE */ + {FNAME("nonStandard") SEQ, 0, 2, 2, SKIP, 0, _NonStandardParameter}, + {FNAME("noSecurity") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("tls") SEQ, 1, 4, 4, SKIP | EXT, 0, _SecurityCapabilities}, + {FNAME("ipsec") SEQ, 1, 4, 4, SKIP | EXT, 0, _SecurityCapabilities}, +}; + +static field_t _DHset[] = { /* SEQUENCE */ + {FNAME("halfkey") BITSTR, WORD, 0, 0, SKIP, 0, NULL}, + {FNAME("modSize") BITSTR, WORD, 0, 0, SKIP, 0, NULL}, + {FNAME("generator") BITSTR, WORD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _TypedCertificate[] = { /* SEQUENCE */ + {FNAME("type") OID, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("certificate") OCTSTR, SEMI, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _H235_NonStandardParameter[] = { /* SEQUENCE */ + {FNAME("nonStandardIdentifier") OID, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("data") OCTSTR, SEMI, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _ClearToken[] = { /* SEQUENCE */ + {FNAME("tokenOID") OID, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("timeStamp") INT, CONS, 1, 0, SKIP | OPT, 0, NULL}, + {FNAME("password") BMPSTR, 7, 1, 0, SKIP | OPT, 0, NULL}, + {FNAME("dhkey") SEQ, 0, 3, 3, SKIP | EXT | OPT, 0, _DHset}, + {FNAME("challenge") OCTSTR, 7, 8, 0, SKIP | OPT, 0, NULL}, + {FNAME("random") INT, UNCO, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("certificate") SEQ, 0, 2, 2, SKIP | EXT | OPT, 0, + _TypedCertificate}, + {FNAME("generalID") BMPSTR, 7, 1, 0, SKIP | OPT, 0, NULL}, + {FNAME("nonStandard") SEQ, 0, 2, 2, SKIP | OPT, 0, + _H235_NonStandardParameter}, + {FNAME("eckasdhkey") CHOICE, 1, 2, 2, SKIP | EXT | OPT, 0, NULL}, + {FNAME("sendersID") BMPSTR, 7, 1, 0, SKIP | OPT, 0, NULL}, +}; + +static field_t _Progress_UUIE_tokens[] = { /* SEQUENCE OF */ + {FNAME("item") SEQ, 8, 9, 11, SKIP | EXT, 0, _ClearToken}, +}; + +static field_t _Params[] = { /* SEQUENCE */ + {FNAME("ranInt") INT, UNCO, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("iv8") OCTSTR, FIXD, 8, 0, SKIP | OPT, 0, NULL}, + {FNAME("iv16") OCTSTR, FIXD, 16, 0, SKIP | OPT, 0, NULL}, +}; + +static field_t _CryptoH323Token_cryptoEPPwdHash_token[] = { /* SEQUENCE */ + {FNAME("algorithmOID") OID, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("paramS") SEQ, 2, 2, 3, SKIP | EXT, 0, _Params}, + {FNAME("hash") BITSTR, SEMI, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _CryptoH323Token_cryptoEPPwdHash[] = { /* SEQUENCE */ + {FNAME("alias") CHOICE, 1, 2, 7, SKIP | EXT, 0, _AliasAddress}, + {FNAME("timeStamp") INT, CONS, 1, 0, SKIP, 0, NULL}, + {FNAME("token") SEQ, 0, 3, 3, SKIP, 0, + _CryptoH323Token_cryptoEPPwdHash_token}, +}; + +static field_t _CryptoH323Token_cryptoGKPwdHash_token[] = { /* SEQUENCE */ + {FNAME("algorithmOID") OID, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("paramS") SEQ, 2, 2, 3, SKIP | EXT, 0, _Params}, + {FNAME("hash") BITSTR, SEMI, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _CryptoH323Token_cryptoGKPwdHash[] = { /* SEQUENCE */ + {FNAME("gatekeeperId") BMPSTR, 7, 1, 0, SKIP, 0, NULL}, + {FNAME("timeStamp") INT, CONS, 1, 0, SKIP, 0, NULL}, + {FNAME("token") SEQ, 0, 3, 3, SKIP, 0, + _CryptoH323Token_cryptoGKPwdHash_token}, +}; + +static field_t _CryptoH323Token_cryptoEPPwdEncr[] = { /* SEQUENCE */ + {FNAME("algorithmOID") OID, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("paramS") SEQ, 2, 2, 3, SKIP | EXT, 0, _Params}, + {FNAME("encryptedData") OCTSTR, SEMI, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _CryptoH323Token_cryptoGKPwdEncr[] = { /* SEQUENCE */ + {FNAME("algorithmOID") OID, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("paramS") SEQ, 2, 2, 3, SKIP | EXT, 0, _Params}, + {FNAME("encryptedData") OCTSTR, SEMI, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _CryptoH323Token_cryptoEPCert[] = { /* SEQUENCE */ + {FNAME("toBeSigned") SEQ, 8, 9, 11, SKIP | OPEN | EXT, 0, NULL}, + {FNAME("algorithmOID") OID, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("paramS") SEQ, 2, 2, 3, SKIP | EXT, 0, _Params}, + {FNAME("signature") BITSTR, SEMI, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _CryptoH323Token_cryptoGKCert[] = { /* SEQUENCE */ + {FNAME("toBeSigned") SEQ, 8, 9, 11, SKIP | OPEN | EXT, 0, NULL}, + {FNAME("algorithmOID") OID, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("paramS") SEQ, 2, 2, 3, SKIP | EXT, 0, _Params}, + {FNAME("signature") BITSTR, SEMI, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _CryptoH323Token_cryptoFastStart[] = { /* SEQUENCE */ + {FNAME("toBeSigned") SEQ, 8, 9, 11, SKIP | OPEN | EXT, 0, NULL}, + {FNAME("algorithmOID") OID, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("paramS") SEQ, 2, 2, 3, SKIP | EXT, 0, _Params}, + {FNAME("signature") BITSTR, SEMI, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _CryptoToken_cryptoEncryptedToken_token[] = { /* SEQUENCE */ + {FNAME("algorithmOID") OID, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("paramS") SEQ, 2, 2, 3, SKIP | EXT, 0, _Params}, + {FNAME("encryptedData") OCTSTR, SEMI, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _CryptoToken_cryptoEncryptedToken[] = { /* SEQUENCE */ + {FNAME("tokenOID") OID, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("token") SEQ, 0, 3, 3, SKIP, 0, + _CryptoToken_cryptoEncryptedToken_token}, +}; + +static field_t _CryptoToken_cryptoSignedToken_token[] = { /* SEQUENCE */ + {FNAME("toBeSigned") SEQ, 8, 9, 11, SKIP | OPEN | EXT, 0, NULL}, + {FNAME("algorithmOID") OID, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("paramS") SEQ, 2, 2, 3, SKIP | EXT, 0, _Params}, + {FNAME("signature") BITSTR, SEMI, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _CryptoToken_cryptoSignedToken[] = { /* SEQUENCE */ + {FNAME("tokenOID") OID, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("token") SEQ, 0, 4, 4, SKIP, 0, + _CryptoToken_cryptoSignedToken_token}, +}; + +static field_t _CryptoToken_cryptoHashedToken_token[] = { /* SEQUENCE */ + {FNAME("algorithmOID") OID, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("paramS") SEQ, 2, 2, 3, SKIP | EXT, 0, _Params}, + {FNAME("hash") BITSTR, SEMI, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _CryptoToken_cryptoHashedToken[] = { /* SEQUENCE */ + {FNAME("tokenOID") OID, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("hashedVals") SEQ, 8, 9, 11, SKIP | EXT, 0, _ClearToken}, + {FNAME("token") SEQ, 0, 3, 3, SKIP, 0, + _CryptoToken_cryptoHashedToken_token}, +}; + +static field_t _CryptoToken_cryptoPwdEncr[] = { /* SEQUENCE */ + {FNAME("algorithmOID") OID, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("paramS") SEQ, 2, 2, 3, SKIP | EXT, 0, _Params}, + {FNAME("encryptedData") OCTSTR, SEMI, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _CryptoToken[] = { /* CHOICE */ + {FNAME("cryptoEncryptedToken") SEQ, 0, 2, 2, SKIP, 0, + _CryptoToken_cryptoEncryptedToken}, + {FNAME("cryptoSignedToken") SEQ, 0, 2, 2, SKIP, 0, + _CryptoToken_cryptoSignedToken}, + {FNAME("cryptoHashedToken") SEQ, 0, 3, 3, SKIP, 0, + _CryptoToken_cryptoHashedToken}, + {FNAME("cryptoPwdEncr") SEQ, 0, 3, 3, SKIP, 0, + _CryptoToken_cryptoPwdEncr}, +}; + +static field_t _CryptoH323Token[] = { /* CHOICE */ + {FNAME("cryptoEPPwdHash") SEQ, 0, 3, 3, SKIP, 0, + _CryptoH323Token_cryptoEPPwdHash}, + {FNAME("cryptoGKPwdHash") SEQ, 0, 3, 3, SKIP, 0, + _CryptoH323Token_cryptoGKPwdHash}, + {FNAME("cryptoEPPwdEncr") SEQ, 0, 3, 3, SKIP, 0, + _CryptoH323Token_cryptoEPPwdEncr}, + {FNAME("cryptoGKPwdEncr") SEQ, 0, 3, 3, SKIP, 0, + _CryptoH323Token_cryptoGKPwdEncr}, + {FNAME("cryptoEPCert") SEQ, 0, 4, 4, SKIP, 0, + _CryptoH323Token_cryptoEPCert}, + {FNAME("cryptoGKCert") SEQ, 0, 4, 4, SKIP, 0, + _CryptoH323Token_cryptoGKCert}, + {FNAME("cryptoFastStart") SEQ, 0, 4, 4, SKIP, 0, + _CryptoH323Token_cryptoFastStart}, + {FNAME("nestedcryptoToken") CHOICE, 2, 4, 4, SKIP | EXT, 0, + _CryptoToken}, +}; + +static field_t _Progress_UUIE_cryptoTokens[] = { /* SEQUENCE OF */ + {FNAME("item") CHOICE, 3, 8, 8, SKIP | EXT, 0, _CryptoH323Token}, +}; + +static field_t _Progress_UUIE_fastStart[] = { /* SEQUENCE OF */ + {FNAME("item") SEQ, 1, 3, 5, DECODE | OPEN | EXT, + sizeof(OpenLogicalChannel), _OpenLogicalChannel} + , +}; + +static field_t _Progress_UUIE[] = { /* SEQUENCE */ + {FNAME("protocolIdentifier") OID, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("destinationInfo") SEQ, 6, 8, 10, SKIP | EXT, 0, + _EndpointType}, + {FNAME("h245Address") CHOICE, 3, 7, 7, DECODE | EXT | OPT, + offsetof(Progress_UUIE, h245Address), _TransportAddress}, + {FNAME("callIdentifier") SEQ, 0, 1, 1, SKIP | EXT, 0, + _CallIdentifier}, + {FNAME("h245SecurityMode") CHOICE, 2, 4, 4, SKIP | EXT | OPT, 0, + _H245Security}, + {FNAME("tokens") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, + _Progress_UUIE_tokens}, + {FNAME("cryptoTokens") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, + _Progress_UUIE_cryptoTokens}, + {FNAME("fastStart") SEQOF, SEMI, 0, 30, DECODE | OPT, + offsetof(Progress_UUIE, fastStart), _Progress_UUIE_fastStart}, + {FNAME("multipleCalls") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("maintainConnection") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("fastConnectRefused") NUL, FIXD, 0, 0, SKIP | OPT, 0, NULL}, +}; + +static field_t _H323_UU_PDU_h323_message_body[] = { /* CHOICE */ + {FNAME("setup") SEQ, 7, 13, 39, DECODE | EXT, + offsetof(H323_UU_PDU_h323_message_body, setup), _Setup_UUIE}, + {FNAME("callProceeding") SEQ, 1, 3, 12, DECODE | EXT, + offsetof(H323_UU_PDU_h323_message_body, callProceeding), + _CallProceeding_UUIE}, + {FNAME("connect") SEQ, 1, 4, 19, DECODE | EXT, + offsetof(H323_UU_PDU_h323_message_body, connect), _Connect_UUIE}, + {FNAME("alerting") SEQ, 1, 3, 17, DECODE | EXT, + offsetof(H323_UU_PDU_h323_message_body, alerting), _Alerting_UUIE}, + {FNAME("information") SEQ, 0, 1, 7, DECODE | EXT, + offsetof(H323_UU_PDU_h323_message_body, information), + _Information_UUIE}, + {FNAME("releaseComplete") SEQ, 1, 2, 11, SKIP | EXT, 0, + _ReleaseComplete_UUIE}, + {FNAME("facility") SEQ, 3, 5, 21, DECODE | EXT, + offsetof(H323_UU_PDU_h323_message_body, facility), _Facility_UUIE}, + {FNAME("progress") SEQ, 5, 8, 11, DECODE | EXT, + offsetof(H323_UU_PDU_h323_message_body, progress), _Progress_UUIE}, + {FNAME("empty") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("status") SEQ, 2, 4, 4, SKIP | EXT, 0, NULL}, + {FNAME("statusInquiry") SEQ, 2, 4, 4, SKIP | EXT, 0, NULL}, + {FNAME("setupAcknowledge") SEQ, 2, 4, 4, SKIP | EXT, 0, NULL}, + {FNAME("notify") SEQ, 2, 4, 4, SKIP | EXT, 0, NULL}, +}; + +static field_t _RequestMessage[] = { /* CHOICE */ + {FNAME("nonStandard") SEQ, 0, 1, 1, STOP | EXT, 0, NULL}, + {FNAME("masterSlaveDetermination") SEQ, 0, 2, 2, STOP | EXT, 0, NULL}, + {FNAME("terminalCapabilitySet") SEQ, 3, 5, 5, STOP | EXT, 0, NULL}, + {FNAME("openLogicalChannel") SEQ, 1, 3, 5, DECODE | EXT, + offsetof(RequestMessage, openLogicalChannel), _OpenLogicalChannel}, + {FNAME("closeLogicalChannel") SEQ, 0, 2, 3, STOP | EXT, 0, NULL}, + {FNAME("requestChannelClose") SEQ, 0, 1, 3, STOP | EXT, 0, NULL}, + {FNAME("multiplexEntrySend") SEQ, 0, 2, 2, STOP | EXT, 0, NULL}, + {FNAME("requestMultiplexEntry") SEQ, 0, 1, 1, STOP | EXT, 0, NULL}, + {FNAME("requestMode") SEQ, 0, 2, 2, STOP | EXT, 0, NULL}, + {FNAME("roundTripDelayRequest") SEQ, 0, 1, 1, STOP | EXT, 0, NULL}, + {FNAME("maintenanceLoopRequest") SEQ, 0, 1, 1, STOP | EXT, 0, NULL}, + {FNAME("communicationModeRequest") SEQ, 0, 0, 0, STOP | EXT, 0, NULL}, + {FNAME("conferenceRequest") CHOICE, 3, 8, 16, STOP | EXT, 0, NULL}, + {FNAME("multilinkRequest") CHOICE, 3, 5, 5, STOP | EXT, 0, NULL}, + {FNAME("logicalChannelRateRequest") SEQ, 0, 3, 3, STOP | EXT, 0, + NULL}, +}; + +static field_t _OpenLogicalChannelAck_reverseLogicalChannelParameters_multiplexParameters[] = { /* CHOICE */ + {FNAME("h222LogicalChannelParameters") SEQ, 3, 5, 5, SKIP | EXT, 0, + _H222LogicalChannelParameters}, + {FNAME("h2250LogicalChannelParameters") SEQ, 10, 11, 14, DECODE | EXT, + offsetof + (OpenLogicalChannelAck_reverseLogicalChannelParameters_multiplexParameters, + h2250LogicalChannelParameters), _H2250LogicalChannelParameters}, +}; + +static field_t _OpenLogicalChannelAck_reverseLogicalChannelParameters[] = { /* SEQUENCE */ + {FNAME("reverseLogicalChannelNumber") INT, WORD, 1, 0, SKIP, 0, NULL}, + {FNAME("portNumber") INT, WORD, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("multiplexParameters") CHOICE, 0, 1, 2, DECODE | EXT | OPT, + offsetof(OpenLogicalChannelAck_reverseLogicalChannelParameters, + multiplexParameters), + _OpenLogicalChannelAck_reverseLogicalChannelParameters_multiplexParameters}, + {FNAME("replacementFor") INT, WORD, 1, 0, SKIP | OPT, 0, NULL}, +}; + +static field_t _H2250LogicalChannelAckParameters_nonStandard[] = { /* SEQUENCE OF */ + {FNAME("item") SEQ, 0, 2, 2, SKIP, 0, _H245_NonStandardParameter}, +}; + +static field_t _H2250LogicalChannelAckParameters[] = { /* SEQUENCE */ + {FNAME("nonStandard") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, + _H2250LogicalChannelAckParameters_nonStandard}, + {FNAME("sessionID") INT, 8, 1, 0, SKIP | OPT, 0, NULL}, + {FNAME("mediaChannel") CHOICE, 1, 2, 2, DECODE | EXT | OPT, + offsetof(H2250LogicalChannelAckParameters, mediaChannel), + _H245_TransportAddress}, + {FNAME("mediaControlChannel") CHOICE, 1, 2, 2, DECODE | EXT | OPT, + offsetof(H2250LogicalChannelAckParameters, mediaControlChannel), + _H245_TransportAddress}, + {FNAME("dynamicRTPPayloadType") INT, 5, 96, 0, SKIP | OPT, 0, NULL}, + {FNAME("flowControlToZero") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("portNumber") INT, WORD, 0, 0, SKIP | OPT, 0, NULL}, +}; + +static field_t _OpenLogicalChannelAck_forwardMultiplexAckParameters[] = { /* CHOICE */ + {FNAME("h2250LogicalChannelAckParameters") SEQ, 5, 5, 7, DECODE | EXT, + offsetof(OpenLogicalChannelAck_forwardMultiplexAckParameters, + h2250LogicalChannelAckParameters), + _H2250LogicalChannelAckParameters}, +}; + +static field_t _OpenLogicalChannelAck[] = { /* SEQUENCE */ + {FNAME("forwardLogicalChannelNumber") INT, WORD, 1, 0, SKIP, 0, NULL}, + {FNAME("reverseLogicalChannelParameters") SEQ, 2, 3, 4, + DECODE | EXT | OPT, offsetof(OpenLogicalChannelAck, + reverseLogicalChannelParameters), + _OpenLogicalChannelAck_reverseLogicalChannelParameters}, + {FNAME("separateStack") SEQ, 2, 4, 5, SKIP | EXT | OPT, 0, NULL}, + {FNAME("forwardMultiplexAckParameters") CHOICE, 0, 1, 1, + DECODE | EXT | OPT, offsetof(OpenLogicalChannelAck, + forwardMultiplexAckParameters), + _OpenLogicalChannelAck_forwardMultiplexAckParameters}, + {FNAME("encryptionSync") SEQ, 2, 4, 4, STOP | EXT | OPT, 0, NULL}, +}; + +static field_t _ResponseMessage[] = { /* CHOICE */ + {FNAME("nonStandard") SEQ, 0, 1, 1, STOP | EXT, 0, NULL}, + {FNAME("masterSlaveDeterminationAck") SEQ, 0, 1, 1, STOP | EXT, 0, + NULL}, + {FNAME("masterSlaveDeterminationReject") SEQ, 0, 1, 1, STOP | EXT, 0, + NULL}, + {FNAME("terminalCapabilitySetAck") SEQ, 0, 1, 1, STOP | EXT, 0, NULL}, + {FNAME("terminalCapabilitySetReject") SEQ, 0, 2, 2, STOP | EXT, 0, + NULL}, + {FNAME("openLogicalChannelAck") SEQ, 1, 2, 5, DECODE | EXT, + offsetof(ResponseMessage, openLogicalChannelAck), + _OpenLogicalChannelAck}, + {FNAME("openLogicalChannelReject") SEQ, 0, 2, 2, STOP | EXT, 0, NULL}, + {FNAME("closeLogicalChannelAck") SEQ, 0, 1, 1, STOP | EXT, 0, NULL}, + {FNAME("requestChannelCloseAck") SEQ, 0, 1, 1, STOP | EXT, 0, NULL}, + {FNAME("requestChannelCloseReject") SEQ, 0, 2, 2, STOP | EXT, 0, + NULL}, + {FNAME("multiplexEntrySendAck") SEQ, 0, 2, 2, STOP | EXT, 0, NULL}, + {FNAME("multiplexEntrySendReject") SEQ, 0, 2, 2, STOP | EXT, 0, NULL}, + {FNAME("requestMultiplexEntryAck") SEQ, 0, 1, 1, STOP | EXT, 0, NULL}, + {FNAME("requestMultiplexEntryReject") SEQ, 0, 2, 2, STOP | EXT, 0, + NULL}, + {FNAME("requestModeAck") SEQ, 0, 2, 2, STOP | EXT, 0, NULL}, + {FNAME("requestModeReject") SEQ, 0, 2, 2, STOP | EXT, 0, NULL}, + {FNAME("roundTripDelayResponse") SEQ, 0, 1, 1, STOP | EXT, 0, NULL}, + {FNAME("maintenanceLoopAck") SEQ, 0, 1, 1, STOP | EXT, 0, NULL}, + {FNAME("maintenanceLoopReject") SEQ, 0, 2, 2, STOP | EXT, 0, NULL}, + {FNAME("communicationModeResponse") CHOICE, 0, 1, 1, STOP | EXT, 0, + NULL}, + {FNAME("conferenceResponse") CHOICE, 3, 8, 16, STOP | EXT, 0, NULL}, + {FNAME("multilinkResponse") CHOICE, 3, 5, 5, STOP | EXT, 0, NULL}, + {FNAME("logicalChannelRateAcknowledge") SEQ, 0, 3, 3, STOP | EXT, 0, + NULL}, + {FNAME("logicalChannelRateReject") SEQ, 1, 4, 4, STOP | EXT, 0, NULL}, +}; + +static field_t _MultimediaSystemControlMessage[] = { /* CHOICE */ + {FNAME("request") CHOICE, 4, 11, 15, DECODE | EXT, + offsetof(MultimediaSystemControlMessage, request), _RequestMessage}, + {FNAME("response") CHOICE, 5, 19, 24, DECODE | EXT, + offsetof(MultimediaSystemControlMessage, response), + _ResponseMessage}, + {FNAME("command") CHOICE, 3, 7, 12, STOP | EXT, 0, NULL}, + {FNAME("indication") CHOICE, 4, 14, 23, STOP | EXT, 0, NULL}, +}; + +static field_t _H323_UU_PDU_h245Control[] = { /* SEQUENCE OF */ + {FNAME("item") CHOICE, 2, 4, 4, DECODE | OPEN | EXT, + sizeof(MultimediaSystemControlMessage), + _MultimediaSystemControlMessage} + , +}; + +static field_t _H323_UU_PDU[] = { /* SEQUENCE */ + {FNAME("h323-message-body") CHOICE, 3, 7, 13, DECODE | EXT, + offsetof(H323_UU_PDU, h323_message_body), + _H323_UU_PDU_h323_message_body}, + {FNAME("nonStandardData") SEQ, 0, 2, 2, SKIP | OPT, 0, + _NonStandardParameter}, + {FNAME("h4501SupplementaryService") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, + NULL}, + {FNAME("h245Tunneling") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("h245Control") SEQOF, SEMI, 0, 4, DECODE | OPT, + offsetof(H323_UU_PDU, h245Control), _H323_UU_PDU_h245Control}, + {FNAME("nonStandardControl") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("callLinkage") SEQ, 2, 2, 2, STOP | EXT | OPT, 0, NULL}, + {FNAME("tunnelledSignallingMessage") SEQ, 2, 4, 4, STOP | EXT | OPT, + 0, NULL}, + {FNAME("provisionalRespToH245Tunneling") NUL, FIXD, 0, 0, STOP | OPT, + 0, NULL}, + {FNAME("stimulusControl") SEQ, 3, 3, 3, STOP | EXT | OPT, 0, NULL}, + {FNAME("genericData") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, +}; + +static field_t _H323_UserInformation[] = { /* SEQUENCE */ + {FNAME("h323-uu-pdu") SEQ, 1, 2, 11, DECODE | EXT, + offsetof(H323_UserInformation, h323_uu_pdu), _H323_UU_PDU}, + {FNAME("user-data") SEQ, 0, 2, 2, STOP | EXT | OPT, 0, NULL}, +}; + +static field_t _GatekeeperRequest[] = { /* SEQUENCE */ + {FNAME("requestSeqNum") INT, WORD, 1, 0, SKIP, 0, NULL}, + {FNAME("protocolIdentifier") OID, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("nonStandardData") SEQ, 0, 2, 2, SKIP | OPT, 0, + _NonStandardParameter}, + {FNAME("rasAddress") CHOICE, 3, 7, 7, DECODE | EXT, + offsetof(GatekeeperRequest, rasAddress), _TransportAddress}, + {FNAME("endpointType") SEQ, 6, 8, 10, STOP | EXT, 0, NULL}, + {FNAME("gatekeeperIdentifier") BMPSTR, 7, 1, 0, STOP | OPT, 0, NULL}, + {FNAME("callServices") SEQ, 0, 8, 8, STOP | EXT | OPT, 0, NULL}, + {FNAME("endpointAlias") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("alternateEndpoints") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("tokens") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("cryptoTokens") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("authenticationCapability") SEQOF, SEMI, 0, 0, STOP | OPT, 0, + NULL}, + {FNAME("algorithmOIDs") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("integrity") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("integrityCheckValue") SEQ, 0, 2, 2, STOP | OPT, 0, NULL}, + {FNAME("supportsAltGK") NUL, FIXD, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("featureSet") SEQ, 3, 4, 4, STOP | EXT | OPT, 0, NULL}, + {FNAME("genericData") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, +}; + +static field_t _GatekeeperConfirm[] = { /* SEQUENCE */ + {FNAME("requestSeqNum") INT, WORD, 1, 0, SKIP, 0, NULL}, + {FNAME("protocolIdentifier") OID, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("nonStandardData") SEQ, 0, 2, 2, SKIP | OPT, 0, + _NonStandardParameter}, + {FNAME("gatekeeperIdentifier") BMPSTR, 7, 1, 0, SKIP | OPT, 0, NULL}, + {FNAME("rasAddress") CHOICE, 3, 7, 7, DECODE | EXT, + offsetof(GatekeeperConfirm, rasAddress), _TransportAddress}, + {FNAME("alternateGatekeeper") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("authenticationMode") CHOICE, 3, 7, 8, STOP | EXT | OPT, 0, + NULL}, + {FNAME("tokens") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("cryptoTokens") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("algorithmOID") OID, BYTE, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("integrity") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("integrityCheckValue") SEQ, 0, 2, 2, STOP | OPT, 0, NULL}, + {FNAME("featureSet") SEQ, 3, 4, 4, STOP | EXT | OPT, 0, NULL}, + {FNAME("genericData") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, +}; + +static field_t _RegistrationRequest_callSignalAddress[] = { /* SEQUENCE OF */ + {FNAME("item") CHOICE, 3, 7, 7, DECODE | EXT, + sizeof(TransportAddress), _TransportAddress} + , +}; + +static field_t _RegistrationRequest_rasAddress[] = { /* SEQUENCE OF */ + {FNAME("item") CHOICE, 3, 7, 7, DECODE | EXT, + sizeof(TransportAddress), _TransportAddress} + , +}; + +static field_t _RegistrationRequest_terminalAlias[] = { /* SEQUENCE OF */ + {FNAME("item") CHOICE, 1, 2, 7, SKIP | EXT, 0, _AliasAddress}, +}; + +static field_t _RegistrationRequest[] = { /* SEQUENCE */ + {FNAME("requestSeqNum") INT, WORD, 1, 0, SKIP, 0, NULL}, + {FNAME("protocolIdentifier") OID, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("nonStandardData") SEQ, 0, 2, 2, SKIP | OPT, 0, + _NonStandardParameter}, + {FNAME("discoveryComplete") BOOL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("callSignalAddress") SEQOF, SEMI, 0, 10, DECODE, + offsetof(RegistrationRequest, callSignalAddress), + _RegistrationRequest_callSignalAddress}, + {FNAME("rasAddress") SEQOF, SEMI, 0, 10, DECODE, + offsetof(RegistrationRequest, rasAddress), + _RegistrationRequest_rasAddress}, + {FNAME("terminalType") SEQ, 6, 8, 10, SKIP | EXT, 0, _EndpointType}, + {FNAME("terminalAlias") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, + _RegistrationRequest_terminalAlias}, + {FNAME("gatekeeperIdentifier") BMPSTR, 7, 1, 0, SKIP | OPT, 0, NULL}, + {FNAME("endpointVendor") SEQ, 2, 3, 3, SKIP | EXT, 0, + _VendorIdentifier}, + {FNAME("alternateEndpoints") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("timeToLive") INT, CONS, 1, 0, DECODE | OPT, + offsetof(RegistrationRequest, timeToLive), NULL}, + {FNAME("tokens") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("cryptoTokens") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("integrityCheckValue") SEQ, 0, 2, 2, STOP | OPT, 0, NULL}, + {FNAME("keepAlive") BOOL, FIXD, 0, 0, STOP, 0, NULL}, + {FNAME("endpointIdentifier") BMPSTR, 7, 1, 0, STOP | OPT, 0, NULL}, + {FNAME("willSupplyUUIEs") BOOL, FIXD, 0, 0, STOP, 0, NULL}, + {FNAME("maintainConnection") BOOL, FIXD, 0, 0, STOP, 0, NULL}, + {FNAME("alternateTransportAddresses") SEQ, 1, 1, 1, STOP | EXT | OPT, + 0, NULL}, + {FNAME("additiveRegistration") NUL, FIXD, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("terminalAliasPattern") SEQOF, SEMI, 0, 0, STOP | OPT, 0, + NULL}, + {FNAME("supportsAltGK") NUL, FIXD, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("usageReportingCapability") SEQ, 3, 4, 4, STOP | EXT | OPT, 0, + NULL}, + {FNAME("multipleCalls") BOOL, FIXD, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("supportedH248Packages") SEQOF, SEMI, 0, 0, STOP | OPT, 0, + NULL}, + {FNAME("callCreditCapability") SEQ, 2, 2, 2, STOP | EXT | OPT, 0, + NULL}, + {FNAME("capacityReportingCapability") SEQ, 0, 1, 1, STOP | EXT | OPT, + 0, NULL}, + {FNAME("capacity") SEQ, 2, 2, 2, STOP | EXT | OPT, 0, NULL}, + {FNAME("featureSet") SEQ, 3, 4, 4, STOP | EXT | OPT, 0, NULL}, + {FNAME("genericData") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, +}; + +static field_t _RegistrationConfirm_callSignalAddress[] = { /* SEQUENCE OF */ + {FNAME("item") CHOICE, 3, 7, 7, DECODE | EXT, + sizeof(TransportAddress), _TransportAddress} + , +}; + +static field_t _RegistrationConfirm_terminalAlias[] = { /* SEQUENCE OF */ + {FNAME("item") CHOICE, 1, 2, 7, SKIP | EXT, 0, _AliasAddress}, +}; + +static field_t _RegistrationConfirm[] = { /* SEQUENCE */ + {FNAME("requestSeqNum") INT, WORD, 1, 0, SKIP, 0, NULL}, + {FNAME("protocolIdentifier") OID, BYTE, 0, 0, SKIP, 0, NULL}, + {FNAME("nonStandardData") SEQ, 0, 2, 2, SKIP | OPT, 0, + _NonStandardParameter}, + {FNAME("callSignalAddress") SEQOF, SEMI, 0, 10, DECODE, + offsetof(RegistrationConfirm, callSignalAddress), + _RegistrationConfirm_callSignalAddress}, + {FNAME("terminalAlias") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, + _RegistrationConfirm_terminalAlias}, + {FNAME("gatekeeperIdentifier") BMPSTR, 7, 1, 0, SKIP | OPT, 0, NULL}, + {FNAME("endpointIdentifier") BMPSTR, 7, 1, 0, SKIP, 0, NULL}, + {FNAME("alternateGatekeeper") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, NULL}, + {FNAME("timeToLive") INT, CONS, 1, 0, DECODE | OPT, + offsetof(RegistrationConfirm, timeToLive), NULL}, + {FNAME("tokens") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("cryptoTokens") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("integrityCheckValue") SEQ, 0, 2, 2, STOP | OPT, 0, NULL}, + {FNAME("willRespondToIRR") BOOL, FIXD, 0, 0, STOP, 0, NULL}, + {FNAME("preGrantedARQ") SEQ, 0, 4, 8, STOP | EXT | OPT, 0, NULL}, + {FNAME("maintainConnection") BOOL, FIXD, 0, 0, STOP, 0, NULL}, + {FNAME("serviceControl") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("supportsAdditiveRegistration") NUL, FIXD, 0, 0, STOP | OPT, 0, + NULL}, + {FNAME("terminalAliasPattern") SEQOF, SEMI, 0, 0, STOP | OPT, 0, + NULL}, + {FNAME("supportedPrefixes") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("usageSpec") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("featureServerAlias") CHOICE, 1, 2, 7, STOP | EXT | OPT, 0, + NULL}, + {FNAME("capacityReportingSpec") SEQ, 0, 1, 1, STOP | EXT | OPT, 0, + NULL}, + {FNAME("featureSet") SEQ, 3, 4, 4, STOP | EXT | OPT, 0, NULL}, + {FNAME("genericData") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, +}; + +static field_t _UnregistrationRequest_callSignalAddress[] = { /* SEQUENCE OF */ + {FNAME("item") CHOICE, 3, 7, 7, DECODE | EXT, + sizeof(TransportAddress), _TransportAddress} + , +}; + +static field_t _UnregistrationRequest[] = { /* SEQUENCE */ + {FNAME("requestSeqNum") INT, WORD, 1, 0, SKIP, 0, NULL}, + {FNAME("callSignalAddress") SEQOF, SEMI, 0, 10, DECODE, + offsetof(UnregistrationRequest, callSignalAddress), + _UnregistrationRequest_callSignalAddress}, + {FNAME("endpointAlias") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("nonStandardData") SEQ, 0, 2, 2, STOP | OPT, 0, NULL}, + {FNAME("endpointIdentifier") BMPSTR, 7, 1, 0, STOP | OPT, 0, NULL}, + {FNAME("alternateEndpoints") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("gatekeeperIdentifier") BMPSTR, 7, 1, 0, STOP | OPT, 0, NULL}, + {FNAME("tokens") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("cryptoTokens") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("integrityCheckValue") SEQ, 0, 2, 2, STOP | OPT, 0, NULL}, + {FNAME("reason") CHOICE, 2, 4, 5, STOP | EXT | OPT, 0, NULL}, + {FNAME("endpointAliasPattern") SEQOF, SEMI, 0, 0, STOP | OPT, 0, + NULL}, + {FNAME("supportedPrefixes") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("alternateGatekeeper") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("genericData") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, +}; + +static field_t _CallModel[] = { /* CHOICE */ + {FNAME("direct") NUL, FIXD, 0, 0, SKIP, 0, NULL}, + {FNAME("gatekeeperRouted") NUL, FIXD, 0, 0, SKIP, 0, NULL}, +}; + +static field_t _AdmissionRequest_destinationInfo[] = { /* SEQUENCE OF */ + {FNAME("item") CHOICE, 1, 2, 7, SKIP | EXT, 0, _AliasAddress}, +}; + +static field_t _AdmissionRequest_destExtraCallInfo[] = { /* SEQUENCE OF */ + {FNAME("item") CHOICE, 1, 2, 7, SKIP | EXT, 0, _AliasAddress}, +}; + +static field_t _AdmissionRequest_srcInfo[] = { /* SEQUENCE OF */ + {FNAME("item") CHOICE, 1, 2, 7, SKIP | EXT, 0, _AliasAddress}, +}; + +static field_t _AdmissionRequest[] = { /* SEQUENCE */ + {FNAME("requestSeqNum") INT, WORD, 1, 0, SKIP, 0, NULL}, + {FNAME("callType") CHOICE, 2, 4, 4, SKIP | EXT, 0, _CallType}, + {FNAME("callModel") CHOICE, 1, 2, 2, SKIP | EXT | OPT, 0, _CallModel}, + {FNAME("endpointIdentifier") BMPSTR, 7, 1, 0, SKIP, 0, NULL}, + {FNAME("destinationInfo") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, + _AdmissionRequest_destinationInfo}, + {FNAME("destCallSignalAddress") CHOICE, 3, 7, 7, DECODE | EXT | OPT, + offsetof(AdmissionRequest, destCallSignalAddress), + _TransportAddress}, + {FNAME("destExtraCallInfo") SEQOF, SEMI, 0, 0, SKIP | OPT, 0, + _AdmissionRequest_destExtraCallInfo}, + {FNAME("srcInfo") SEQOF, SEMI, 0, 0, SKIP, 0, + _AdmissionRequest_srcInfo}, + {FNAME("srcCallSignalAddress") CHOICE, 3, 7, 7, DECODE | EXT | OPT, + offsetof(AdmissionRequest, srcCallSignalAddress), _TransportAddress}, + {FNAME("bandWidth") INT, CONS, 0, 0, STOP, 0, NULL}, + {FNAME("callReferenceValue") INT, WORD, 0, 0, STOP, 0, NULL}, + {FNAME("nonStandardData") SEQ, 0, 2, 2, STOP | OPT, 0, NULL}, + {FNAME("callServices") SEQ, 0, 8, 8, STOP | EXT | OPT, 0, NULL}, + {FNAME("conferenceID") OCTSTR, FIXD, 16, 0, STOP, 0, NULL}, + {FNAME("activeMC") BOOL, FIXD, 0, 0, STOP, 0, NULL}, + {FNAME("answerCall") BOOL, FIXD, 0, 0, STOP, 0, NULL}, + {FNAME("canMapAlias") BOOL, FIXD, 0, 0, STOP, 0, NULL}, + {FNAME("callIdentifier") SEQ, 0, 1, 1, STOP | EXT, 0, NULL}, + {FNAME("srcAlternatives") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("destAlternatives") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("gatekeeperIdentifier") BMPSTR, 7, 1, 0, STOP | OPT, 0, NULL}, + {FNAME("tokens") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("cryptoTokens") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("integrityCheckValue") SEQ, 0, 2, 2, STOP | OPT, 0, NULL}, + {FNAME("transportQOS") CHOICE, 2, 3, 3, STOP | EXT | OPT, 0, NULL}, + {FNAME("willSupplyUUIEs") BOOL, FIXD, 0, 0, STOP, 0, NULL}, + {FNAME("callLinkage") SEQ, 2, 2, 2, STOP | EXT | OPT, 0, NULL}, + {FNAME("gatewayDataRate") SEQ, 2, 3, 3, STOP | EXT | OPT, 0, NULL}, + {FNAME("capacity") SEQ, 2, 2, 2, STOP | EXT | OPT, 0, NULL}, + {FNAME("circuitInfo") SEQ, 3, 3, 3, STOP | EXT | OPT, 0, NULL}, + {FNAME("desiredProtocols") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("desiredTunnelledProtocol") SEQ, 1, 2, 2, STOP | EXT | OPT, 0, + NULL}, + {FNAME("featureSet") SEQ, 3, 4, 4, STOP | EXT | OPT, 0, NULL}, + {FNAME("genericData") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, +}; + +static field_t _AdmissionConfirm[] = { /* SEQUENCE */ + {FNAME("requestSeqNum") INT, WORD, 1, 0, SKIP, 0, NULL}, + {FNAME("bandWidth") INT, CONS, 0, 0, SKIP, 0, NULL}, + {FNAME("callModel") CHOICE, 1, 2, 2, SKIP | EXT, 0, _CallModel}, + {FNAME("destCallSignalAddress") CHOICE, 3, 7, 7, DECODE | EXT, + offsetof(AdmissionConfirm, destCallSignalAddress), + _TransportAddress}, + {FNAME("irrFrequency") INT, WORD, 1, 0, STOP | OPT, 0, NULL}, + {FNAME("nonStandardData") SEQ, 0, 2, 2, STOP | OPT, 0, NULL}, + {FNAME("destinationInfo") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("destExtraCallInfo") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("destinationType") SEQ, 6, 8, 10, STOP | EXT | OPT, 0, NULL}, + {FNAME("remoteExtensionAddress") SEQOF, SEMI, 0, 0, STOP | OPT, 0, + NULL}, + {FNAME("alternateEndpoints") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("tokens") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("cryptoTokens") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("integrityCheckValue") SEQ, 0, 2, 2, STOP | OPT, 0, NULL}, + {FNAME("transportQOS") CHOICE, 2, 3, 3, STOP | EXT | OPT, 0, NULL}, + {FNAME("willRespondToIRR") BOOL, FIXD, 0, 0, STOP, 0, NULL}, + {FNAME("uuiesRequested") SEQ, 0, 9, 13, STOP | EXT, 0, NULL}, + {FNAME("language") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("alternateTransportAddresses") SEQ, 1, 1, 1, STOP | EXT | OPT, + 0, NULL}, + {FNAME("useSpecifiedTransport") CHOICE, 1, 2, 2, STOP | EXT | OPT, 0, + NULL}, + {FNAME("circuitInfo") SEQ, 3, 3, 3, STOP | EXT | OPT, 0, NULL}, + {FNAME("usageSpec") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("supportedProtocols") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("serviceControl") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("multipleCalls") BOOL, FIXD, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("featureSet") SEQ, 3, 4, 4, STOP | EXT | OPT, 0, NULL}, + {FNAME("genericData") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, +}; + +static field_t _LocationRequest_destinationInfo[] = { /* SEQUENCE OF */ + {FNAME("item") CHOICE, 1, 2, 7, SKIP | EXT, 0, _AliasAddress}, +}; + +static field_t _LocationRequest[] = { /* SEQUENCE */ + {FNAME("requestSeqNum") INT, WORD, 1, 0, SKIP, 0, NULL}, + {FNAME("endpointIdentifier") BMPSTR, 7, 1, 0, SKIP | OPT, 0, NULL}, + {FNAME("destinationInfo") SEQOF, SEMI, 0, 0, SKIP, 0, + _LocationRequest_destinationInfo}, + {FNAME("nonStandardData") SEQ, 0, 2, 2, SKIP | OPT, 0, + _NonStandardParameter}, + {FNAME("replyAddress") CHOICE, 3, 7, 7, DECODE | EXT, + offsetof(LocationRequest, replyAddress), _TransportAddress}, + {FNAME("sourceInfo") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("canMapAlias") BOOL, FIXD, 0, 0, STOP, 0, NULL}, + {FNAME("gatekeeperIdentifier") BMPSTR, 7, 1, 0, STOP | OPT, 0, NULL}, + {FNAME("tokens") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("cryptoTokens") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("integrityCheckValue") SEQ, 0, 2, 2, STOP | OPT, 0, NULL}, + {FNAME("desiredProtocols") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("desiredTunnelledProtocol") SEQ, 1, 2, 2, STOP | EXT | OPT, 0, + NULL}, + {FNAME("featureSet") SEQ, 3, 4, 4, STOP | EXT | OPT, 0, NULL}, + {FNAME("genericData") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("hopCount") INT, 8, 1, 0, STOP | OPT, 0, NULL}, + {FNAME("circuitInfo") SEQ, 3, 3, 3, STOP | EXT | OPT, 0, NULL}, +}; + +static field_t _LocationConfirm[] = { /* SEQUENCE */ + {FNAME("requestSeqNum") INT, WORD, 1, 0, SKIP, 0, NULL}, + {FNAME("callSignalAddress") CHOICE, 3, 7, 7, DECODE | EXT, + offsetof(LocationConfirm, callSignalAddress), _TransportAddress}, + {FNAME("rasAddress") CHOICE, 3, 7, 7, DECODE | EXT, + offsetof(LocationConfirm, rasAddress), _TransportAddress}, + {FNAME("nonStandardData") SEQ, 0, 2, 2, STOP | OPT, 0, NULL}, + {FNAME("destinationInfo") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("destExtraCallInfo") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("destinationType") SEQ, 6, 8, 10, STOP | EXT | OPT, 0, NULL}, + {FNAME("remoteExtensionAddress") SEQOF, SEMI, 0, 0, STOP | OPT, 0, + NULL}, + {FNAME("alternateEndpoints") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("tokens") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("cryptoTokens") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("integrityCheckValue") SEQ, 0, 2, 2, STOP | OPT, 0, NULL}, + {FNAME("alternateTransportAddresses") SEQ, 1, 1, 1, STOP | EXT | OPT, + 0, NULL}, + {FNAME("supportedProtocols") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("multipleCalls") BOOL, FIXD, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("featureSet") SEQ, 3, 4, 4, STOP | EXT | OPT, 0, NULL}, + {FNAME("genericData") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("circuitInfo") SEQ, 3, 3, 3, STOP | EXT | OPT, 0, NULL}, + {FNAME("serviceControl") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, +}; + +static field_t _InfoRequestResponse_callSignalAddress[] = { /* SEQUENCE OF */ + {FNAME("item") CHOICE, 3, 7, 7, DECODE | EXT, + sizeof(TransportAddress), _TransportAddress} + , +}; + +static field_t _InfoRequestResponse[] = { /* SEQUENCE */ + {FNAME("nonStandardData") SEQ, 0, 2, 2, SKIP | OPT, 0, + _NonStandardParameter}, + {FNAME("requestSeqNum") INT, WORD, 1, 0, SKIP, 0, NULL}, + {FNAME("endpointType") SEQ, 6, 8, 10, SKIP | EXT, 0, _EndpointType}, + {FNAME("endpointIdentifier") BMPSTR, 7, 1, 0, SKIP, 0, NULL}, + {FNAME("rasAddress") CHOICE, 3, 7, 7, DECODE | EXT, + offsetof(InfoRequestResponse, rasAddress), _TransportAddress}, + {FNAME("callSignalAddress") SEQOF, SEMI, 0, 10, DECODE, + offsetof(InfoRequestResponse, callSignalAddress), + _InfoRequestResponse_callSignalAddress}, + {FNAME("endpointAlias") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("perCallInfo") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("tokens") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("cryptoTokens") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, + {FNAME("integrityCheckValue") SEQ, 0, 2, 2, STOP | OPT, 0, NULL}, + {FNAME("needResponse") BOOL, FIXD, 0, 0, STOP, 0, NULL}, + {FNAME("capacity") SEQ, 2, 2, 2, STOP | EXT | OPT, 0, NULL}, + {FNAME("irrStatus") CHOICE, 2, 4, 4, STOP | EXT | OPT, 0, NULL}, + {FNAME("unsolicited") BOOL, FIXD, 0, 0, STOP, 0, NULL}, + {FNAME("genericData") SEQOF, SEMI, 0, 0, STOP | OPT, 0, NULL}, +}; + +static field_t _RasMessage[] = { /* CHOICE */ + {FNAME("gatekeeperRequest") SEQ, 4, 8, 18, DECODE | EXT, + offsetof(RasMessage, gatekeeperRequest), _GatekeeperRequest}, + {FNAME("gatekeeperConfirm") SEQ, 2, 5, 14, DECODE | EXT, + offsetof(RasMessage, gatekeeperConfirm), _GatekeeperConfirm}, + {FNAME("gatekeeperReject") SEQ, 2, 5, 11, STOP | EXT, 0, NULL}, + {FNAME("registrationRequest") SEQ, 3, 10, 31, DECODE | EXT, + offsetof(RasMessage, registrationRequest), _RegistrationRequest}, + {FNAME("registrationConfirm") SEQ, 3, 7, 24, DECODE | EXT, + offsetof(RasMessage, registrationConfirm), _RegistrationConfirm}, + {FNAME("registrationReject") SEQ, 2, 5, 11, STOP | EXT, 0, NULL}, + {FNAME("unregistrationRequest") SEQ, 3, 5, 15, DECODE | EXT, + offsetof(RasMessage, unregistrationRequest), _UnregistrationRequest}, + {FNAME("unregistrationConfirm") SEQ, 1, 2, 6, STOP | EXT, 0, NULL}, + {FNAME("unregistrationReject") SEQ, 1, 3, 8, STOP | EXT, 0, NULL}, + {FNAME("admissionRequest") SEQ, 7, 16, 34, DECODE | EXT, + offsetof(RasMessage, admissionRequest), _AdmissionRequest}, + {FNAME("admissionConfirm") SEQ, 2, 6, 27, DECODE | EXT, + offsetof(RasMessage, admissionConfirm), _AdmissionConfirm}, + {FNAME("admissionReject") SEQ, 1, 3, 11, STOP | EXT, 0, NULL}, + {FNAME("bandwidthRequest") SEQ, 2, 7, 18, STOP | EXT, 0, NULL}, + {FNAME("bandwidthConfirm") SEQ, 1, 3, 8, STOP | EXT, 0, NULL}, + {FNAME("bandwidthReject") SEQ, 1, 4, 9, STOP | EXT, 0, NULL}, + {FNAME("disengageRequest") SEQ, 1, 6, 19, STOP | EXT, 0, NULL}, + {FNAME("disengageConfirm") SEQ, 1, 2, 9, STOP | EXT, 0, NULL}, + {FNAME("disengageReject") SEQ, 1, 3, 8, STOP | EXT, 0, NULL}, + {FNAME("locationRequest") SEQ, 2, 5, 17, DECODE | EXT, + offsetof(RasMessage, locationRequest), _LocationRequest}, + {FNAME("locationConfirm") SEQ, 1, 4, 19, DECODE | EXT, + offsetof(RasMessage, locationConfirm), _LocationConfirm}, + {FNAME("locationReject") SEQ, 1, 3, 10, STOP | EXT, 0, NULL}, + {FNAME("infoRequest") SEQ, 2, 4, 15, STOP | EXT, 0, NULL}, + {FNAME("infoRequestResponse") SEQ, 3, 8, 16, DECODE | EXT, + offsetof(RasMessage, infoRequestResponse), _InfoRequestResponse}, + {FNAME("nonStandardMessage") SEQ, 0, 2, 7, STOP | EXT, 0, NULL}, + {FNAME("unknownMessageResponse") SEQ, 0, 1, 5, STOP | EXT, 0, NULL}, + {FNAME("requestInProgress") SEQ, 4, 6, 6, STOP | EXT, 0, NULL}, + {FNAME("resourcesAvailableIndicate") SEQ, 4, 9, 11, STOP | EXT, 0, + NULL}, + {FNAME("resourcesAvailableConfirm") SEQ, 4, 6, 7, STOP | EXT, 0, + NULL}, + {FNAME("infoRequestAck") SEQ, 4, 5, 5, STOP | EXT, 0, NULL}, + {FNAME("infoRequestNak") SEQ, 5, 7, 7, STOP | EXT, 0, NULL}, + {FNAME("serviceControlIndication") SEQ, 8, 10, 10, STOP | EXT, 0, + NULL}, + {FNAME("serviceControlResponse") SEQ, 7, 8, 8, STOP | EXT, 0, NULL}, +}; diff --git a/net/ipv4/netfilter/ip_conntrack_helper_h323_types.h b/net/ipv4/netfilter/ip_conntrack_helper_h323_types.h new file mode 100644 index 0000000..cc98f7a --- /dev/null +++ b/net/ipv4/netfilter/ip_conntrack_helper_h323_types.h @@ -0,0 +1,938 @@ +/* Generated by Jing Min Zhao's ASN.1 parser, Mar 15 2006 + * + * Copyright (c) 2006 Jing Min Zhao <zhaojingmin@users.sourceforge.net> + * + * This source code is licensed under General Public License version 2. + */ + +typedef struct TransportAddress_ipAddress { /* SEQUENCE */ + int options; /* No use */ + unsigned ip; +} TransportAddress_ipAddress; + +typedef struct TransportAddress { /* CHOICE */ + enum { + eTransportAddress_ipAddress, + eTransportAddress_ipSourceRoute, + eTransportAddress_ipxAddress, + eTransportAddress_ip6Address, + eTransportAddress_netBios, + eTransportAddress_nsap, + eTransportAddress_nonStandardAddress, + } choice; + union { + TransportAddress_ipAddress ipAddress; + }; +} TransportAddress; + +typedef struct DataProtocolCapability { /* CHOICE */ + enum { + eDataProtocolCapability_nonStandard, + eDataProtocolCapability_v14buffered, + eDataProtocolCapability_v42lapm, + eDataProtocolCapability_hdlcFrameTunnelling, + eDataProtocolCapability_h310SeparateVCStack, + eDataProtocolCapability_h310SingleVCStack, + eDataProtocolCapability_transparent, + eDataProtocolCapability_segmentationAndReassembly, + eDataProtocolCapability_hdlcFrameTunnelingwSAR, + eDataProtocolCapability_v120, + eDataProtocolCapability_separateLANStack, + eDataProtocolCapability_v76wCompression, + eDataProtocolCapability_tcp, + eDataProtocolCapability_udp, + } choice; +} DataProtocolCapability; + +typedef struct DataApplicationCapability_application { /* CHOICE */ + enum { + eDataApplicationCapability_application_nonStandard, + eDataApplicationCapability_application_t120, + eDataApplicationCapability_application_dsm_cc, + eDataApplicationCapability_application_userData, + eDataApplicationCapability_application_t84, + eDataApplicationCapability_application_t434, + eDataApplicationCapability_application_h224, + eDataApplicationCapability_application_nlpid, + eDataApplicationCapability_application_dsvdControl, + eDataApplicationCapability_application_h222DataPartitioning, + eDataApplicationCapability_application_t30fax, + eDataApplicationCapability_application_t140, + eDataApplicationCapability_application_t38fax, + eDataApplicationCapability_application_genericDataCapability, + } choice; + union { + DataProtocolCapability t120; + }; +} DataApplicationCapability_application; + +typedef struct DataApplicationCapability { /* SEQUENCE */ + int options; /* No use */ + DataApplicationCapability_application application; +} DataApplicationCapability; + +typedef struct DataType { /* CHOICE */ + enum { + eDataType_nonStandard, + eDataType_nullData, + eDataType_videoData, + eDataType_audioData, + eDataType_data, + eDataType_encryptionData, + eDataType_h235Control, + eDataType_h235Media, + eDataType_multiplexedStream, + } choice; + union { + DataApplicationCapability data; + }; +} DataType; + +typedef struct UnicastAddress_iPAddress { /* SEQUENCE */ + int options; /* No use */ + unsigned network; +} UnicastAddress_iPAddress; + +typedef struct UnicastAddress { /* CHOICE */ + enum { + eUnicastAddress_iPAddress, + eUnicastAddress_iPXAddress, + eUnicastAddress_iP6Address, + eUnicastAddress_netBios, + eUnicastAddress_iPSourceRouteAddress, + eUnicastAddress_nsap, + eUnicastAddress_nonStandardAddress, + } choice; + union { + UnicastAddress_iPAddress iPAddress; + }; +} UnicastAddress; + +typedef struct H245_TransportAddress { /* CHOICE */ + enum { + eH245_TransportAddress_unicastAddress, + eH245_TransportAddress_multicastAddress, + } choice; + union { + UnicastAddress unicastAddress; + }; +} H245_TransportAddress; + +typedef struct H2250LogicalChannelParameters { /* SEQUENCE */ + enum { + eH2250LogicalChannelParameters_nonStandard = (1 << 31), + eH2250LogicalChannelParameters_associatedSessionID = + (1 << 30), + eH2250LogicalChannelParameters_mediaChannel = (1 << 29), + eH2250LogicalChannelParameters_mediaGuaranteedDelivery = + (1 << 28), + eH2250LogicalChannelParameters_mediaControlChannel = + (1 << 27), + eH2250LogicalChannelParameters_mediaControlGuaranteedDelivery + = (1 << 26), + eH2250LogicalChannelParameters_silenceSuppression = (1 << 25), + eH2250LogicalChannelParameters_destination = (1 << 24), + eH2250LogicalChannelParameters_dynamicRTPPayloadType = + (1 << 23), + eH2250LogicalChannelParameters_mediaPacketization = (1 << 22), + eH2250LogicalChannelParameters_transportCapability = + (1 << 21), + eH2250LogicalChannelParameters_redundancyEncoding = (1 << 20), + eH2250LogicalChannelParameters_source = (1 << 19), + } options; + H245_TransportAddress mediaChannel; + H245_TransportAddress mediaControlChannel; +} H2250LogicalChannelParameters; + +typedef struct OpenLogicalChannel_forwardLogicalChannelParameters_multiplexParameters { /* CHOICE */ + enum { + eOpenLogicalChannel_forwardLogicalChannelParameters_multiplexParameters_h222LogicalChannelParameters, + eOpenLogicalChannel_forwardLogicalChannelParameters_multiplexParameters_h223LogicalChannelParameters, + eOpenLogicalChannel_forwardLogicalChannelParameters_multiplexParameters_v76LogicalChannelParameters, + eOpenLogicalChannel_forwardLogicalChannelParameters_multiplexParameters_h2250LogicalChannelParameters, + eOpenLogicalChannel_forwardLogicalChannelParameters_multiplexParameters_none, + } choice; + union { + H2250LogicalChannelParameters h2250LogicalChannelParameters; + }; +} OpenLogicalChannel_forwardLogicalChannelParameters_multiplexParameters; + +typedef struct OpenLogicalChannel_forwardLogicalChannelParameters { /* SEQUENCE */ + enum { + eOpenLogicalChannel_forwardLogicalChannelParameters_portNumber + = (1 << 31), + eOpenLogicalChannel_forwardLogicalChannelParameters_forwardLogicalChannelDependency + = (1 << 30), + eOpenLogicalChannel_forwardLogicalChannelParameters_replacementFor + = (1 << 29), + } options; + DataType dataType; + OpenLogicalChannel_forwardLogicalChannelParameters_multiplexParameters + multiplexParameters; +} OpenLogicalChannel_forwardLogicalChannelParameters; + +typedef struct OpenLogicalChannel_reverseLogicalChannelParameters_multiplexParameters { /* CHOICE */ + enum { + eOpenLogicalChannel_reverseLogicalChannelParameters_multiplexParameters_h223LogicalChannelParameters, + eOpenLogicalChannel_reverseLogicalChannelParameters_multiplexParameters_v76LogicalChannelParameters, + eOpenLogicalChannel_reverseLogicalChannelParameters_multiplexParameters_h2250LogicalChannelParameters, + } choice; + union { + H2250LogicalChannelParameters h2250LogicalChannelParameters; + }; +} OpenLogicalChannel_reverseLogicalChannelParameters_multiplexParameters; + +typedef struct OpenLogicalChannel_reverseLogicalChannelParameters { /* SEQUENCE */ + enum { + eOpenLogicalChannel_reverseLogicalChannelParameters_multiplexParameters + = (1 << 31), + eOpenLogicalChannel_reverseLogicalChannelParameters_reverseLogicalChannelDependency + = (1 << 30), + eOpenLogicalChannel_reverseLogicalChannelParameters_replacementFor + = (1 << 29), + } options; + OpenLogicalChannel_reverseLogicalChannelParameters_multiplexParameters + multiplexParameters; +} OpenLogicalChannel_reverseLogicalChannelParameters; + +typedef struct NetworkAccessParameters_networkAddress { /* CHOICE */ + enum { + eNetworkAccessParameters_networkAddress_q2931Address, + eNetworkAccessParameters_networkAddress_e164Address, + eNetworkAccessParameters_networkAddress_localAreaAddress, + } choice; + union { + H245_TransportAddress localAreaAddress; + }; +} NetworkAccessParameters_networkAddress; + +typedef struct NetworkAccessParameters { /* SEQUENCE */ + enum { + eNetworkAccessParameters_distribution = (1 << 31), + eNetworkAccessParameters_externalReference = (1 << 30), + eNetworkAccessParameters_t120SetupProcedure = (1 << 29), + } options; + NetworkAccessParameters_networkAddress networkAddress; +} NetworkAccessParameters; + +typedef struct OpenLogicalChannel { /* SEQUENCE */ + enum { + eOpenLogicalChannel_reverseLogicalChannelParameters = + (1 << 31), + eOpenLogicalChannel_separateStack = (1 << 30), + eOpenLogicalChannel_encryptionSync = (1 << 29), + } options; + OpenLogicalChannel_forwardLogicalChannelParameters + forwardLogicalChannelParameters; + OpenLogicalChannel_reverseLogicalChannelParameters + reverseLogicalChannelParameters; + NetworkAccessParameters separateStack; +} OpenLogicalChannel; + +typedef struct Setup_UUIE_fastStart { /* SEQUENCE OF */ + int count; + OpenLogicalChannel item[30]; +} Setup_UUIE_fastStart; + +typedef struct Setup_UUIE { /* SEQUENCE */ + enum { + eSetup_UUIE_h245Address = (1 << 31), + eSetup_UUIE_sourceAddress = (1 << 30), + eSetup_UUIE_destinationAddress = (1 << 29), + eSetup_UUIE_destCallSignalAddress = (1 << 28), + eSetup_UUIE_destExtraCallInfo = (1 << 27), + eSetup_UUIE_destExtraCRV = (1 << 26), + eSetup_UUIE_callServices = (1 << 25), + eSetup_UUIE_sourceCallSignalAddress = (1 << 24), + eSetup_UUIE_remoteExtensionAddress = (1 << 23), + eSetup_UUIE_callIdentifier = (1 << 22), + eSetup_UUIE_h245SecurityCapability = (1 << 21), + eSetup_UUIE_tokens = (1 << 20), + eSetup_UUIE_cryptoTokens = (1 << 19), + eSetup_UUIE_fastStart = (1 << 18), + eSetup_UUIE_mediaWaitForConnect = (1 << 17), + eSetup_UUIE_canOverlapSend = (1 << 16), + eSetup_UUIE_endpointIdentifier = (1 << 15), + eSetup_UUIE_multipleCalls = (1 << 14), + eSetup_UUIE_maintainConnection = (1 << 13), + eSetup_UUIE_connectionParameters = (1 << 12), + eSetup_UUIE_language = (1 << 11), + eSetup_UUIE_presentationIndicator = (1 << 10), + eSetup_UUIE_screeningIndicator = (1 << 9), + eSetup_UUIE_serviceControl = (1 << 8), + eSetup_UUIE_symmetricOperationRequired = (1 << 7), + eSetup_UUIE_capacity = (1 << 6), + eSetup_UUIE_circuitInfo = (1 << 5), + eSetup_UUIE_desiredProtocols = (1 << 4), + eSetup_UUIE_neededFeatures = (1 << 3), + eSetup_UUIE_desiredFeatures = (1 << 2), + eSetup_UUIE_supportedFeatures = (1 << 1), + eSetup_UUIE_parallelH245Control = (1 << 0), + } options; + TransportAddress h245Address; + TransportAddress destCallSignalAddress; + TransportAddress sourceCallSignalAddress; + Setup_UUIE_fastStart fastStart; +} Setup_UUIE; + +typedef struct CallProceeding_UUIE_fastStart { /* SEQUENCE OF */ + int count; + OpenLogicalChannel item[30]; +} CallProceeding_UUIE_fastStart; + +typedef struct CallProceeding_UUIE { /* SEQUENCE */ + enum { + eCallProceeding_UUIE_h245Address = (1 << 31), + eCallProceeding_UUIE_callIdentifier = (1 << 30), + eCallProceeding_UUIE_h245SecurityMode = (1 << 29), + eCallProceeding_UUIE_tokens = (1 << 28), + eCallProceeding_UUIE_cryptoTokens = (1 << 27), + eCallProceeding_UUIE_fastStart = (1 << 26), + eCallProceeding_UUIE_multipleCalls = (1 << 25), + eCallProceeding_UUIE_maintainConnection = (1 << 24), + eCallProceeding_UUIE_fastConnectRefused = (1 << 23), + eCallProceeding_UUIE_featureSet = (1 << 22), + } options; + TransportAddress h245Address; + CallProceeding_UUIE_fastStart fastStart; +} CallProceeding_UUIE; + +typedef struct Connect_UUIE_fastStart { /* SEQUENCE OF */ + int count; + OpenLogicalChannel item[30]; +} Connect_UUIE_fastStart; + +typedef struct Connect_UUIE { /* SEQUENCE */ + enum { + eConnect_UUIE_h245Address = (1 << 31), + eConnect_UUIE_callIdentifier = (1 << 30), + eConnect_UUIE_h245SecurityMode = (1 << 29), + eConnect_UUIE_tokens = (1 << 28), + eConnect_UUIE_cryptoTokens = (1 << 27), + eConnect_UUIE_fastStart = (1 << 26), + eConnect_UUIE_multipleCalls = (1 << 25), + eConnect_UUIE_maintainConnection = (1 << 24), + eConnect_UUIE_language = (1 << 23), + eConnect_UUIE_connectedAddress = (1 << 22), + eConnect_UUIE_presentationIndicator = (1 << 21), + eConnect_UUIE_screeningIndicator = (1 << 20), + eConnect_UUIE_fastConnectRefused = (1 << 19), + eConnect_UUIE_serviceControl = (1 << 18), + eConnect_UUIE_capacity = (1 << 17), + eConnect_UUIE_featureSet = (1 << 16), + } options; + TransportAddress h245Address; + Connect_UUIE_fastStart fastStart; +} Connect_UUIE; + +typedef struct Alerting_UUIE_fastStart { /* SEQUENCE OF */ + int count; + OpenLogicalChannel item[30]; +} Alerting_UUIE_fastStart; + +typedef struct Alerting_UUIE { /* SEQUENCE */ + enum { + eAlerting_UUIE_h245Address = (1 << 31), + eAlerting_UUIE_callIdentifier = (1 << 30), + eAlerting_UUIE_h245SecurityMode = (1 << 29), + eAlerting_UUIE_tokens = (1 << 28), + eAlerting_UUIE_cryptoTokens = (1 << 27), + eAlerting_UUIE_fastStart = (1 << 26), + eAlerting_UUIE_multipleCalls = (1 << 25), + eAlerting_UUIE_maintainConnection = (1 << 24), + eAlerting_UUIE_alertingAddress = (1 << 23), + eAlerting_UUIE_presentationIndicator = (1 << 22), + eAlerting_UUIE_screeningIndicator = (1 << 21), + eAlerting_UUIE_fastConnectRefused = (1 << 20), + eAlerting_UUIE_serviceControl = (1 << 19), + eAlerting_UUIE_capacity = (1 << 18), + eAlerting_UUIE_featureSet = (1 << 17), + } options; + TransportAddress h245Address; + Alerting_UUIE_fastStart fastStart; +} Alerting_UUIE; + +typedef struct Information_UUIE_fastStart { /* SEQUENCE OF */ + int count; + OpenLogicalChannel item[30]; +} Information_UUIE_fastStart; + +typedef struct Information_UUIE { /* SEQUENCE */ + enum { + eInformation_UUIE_callIdentifier = (1 << 31), + eInformation_UUIE_tokens = (1 << 30), + eInformation_UUIE_cryptoTokens = (1 << 29), + eInformation_UUIE_fastStart = (1 << 28), + eInformation_UUIE_fastConnectRefused = (1 << 27), + eInformation_UUIE_circuitInfo = (1 << 26), + } options; + Information_UUIE_fastStart fastStart; +} Information_UUIE; + +typedef struct FacilityReason { /* CHOICE */ + enum { + eFacilityReason_routeCallToGatekeeper, + eFacilityReason_callForwarded, + eFacilityReason_routeCallToMC, + eFacilityReason_undefinedReason, + eFacilityReason_conferenceListChoice, + eFacilityReason_startH245, + eFacilityReason_noH245, + eFacilityReason_newTokens, + eFacilityReason_featureSetUpdate, + eFacilityReason_forwardedElements, + eFacilityReason_transportedInformation, + } choice; +} FacilityReason; + +typedef struct Facility_UUIE_fastStart { /* SEQUENCE OF */ + int count; + OpenLogicalChannel item[30]; +} Facility_UUIE_fastStart; + +typedef struct Facility_UUIE { /* SEQUENCE */ + enum { + eFacility_UUIE_alternativeAddress = (1 << 31), + eFacility_UUIE_alternativeAliasAddress = (1 << 30), + eFacility_UUIE_conferenceID = (1 << 29), + eFacility_UUIE_callIdentifier = (1 << 28), + eFacility_UUIE_destExtraCallInfo = (1 << 27), + eFacility_UUIE_remoteExtensionAddress = (1 << 26), + eFacility_UUIE_tokens = (1 << 25), + eFacility_UUIE_cryptoTokens = (1 << 24), + eFacility_UUIE_conferences = (1 << 23), + eFacility_UUIE_h245Address = (1 << 22), + eFacility_UUIE_fastStart = (1 << 21), + eFacility_UUIE_multipleCalls = (1 << 20), + eFacility_UUIE_maintainConnection = (1 << 19), + eFacility_UUIE_fastConnectRefused = (1 << 18), + eFacility_UUIE_serviceControl = (1 << 17), + eFacility_UUIE_circuitInfo = (1 << 16), + eFacility_UUIE_featureSet = (1 << 15), + eFacility_UUIE_destinationInfo = (1 << 14), + eFacility_UUIE_h245SecurityMode = (1 << 13), + } options; + FacilityReason reason; + TransportAddress h245Address; + Facility_UUIE_fastStart fastStart; +} Facility_UUIE; + +typedef struct Progress_UUIE_fastStart { /* SEQUENCE OF */ + int count; + OpenLogicalChannel item[30]; +} Progress_UUIE_fastStart; + +typedef struct Progress_UUIE { /* SEQUENCE */ + enum { + eProgress_UUIE_h245Address = (1 << 31), + eProgress_UUIE_h245SecurityMode = (1 << 30), + eProgress_UUIE_tokens = (1 << 29), + eProgress_UUIE_cryptoTokens = (1 << 28), + eProgress_UUIE_fastStart = (1 << 27), + eProgress_UUIE_multipleCalls = (1 << 26), + eProgress_UUIE_maintainConnection = (1 << 25), + eProgress_UUIE_fastConnectRefused = (1 << 24), + } options; + TransportAddress h245Address; + Progress_UUIE_fastStart fastStart; +} Progress_UUIE; + +typedef struct H323_UU_PDU_h323_message_body { /* CHOICE */ + enum { + eH323_UU_PDU_h323_message_body_setup, + eH323_UU_PDU_h323_message_body_callProceeding, + eH323_UU_PDU_h323_message_body_connect, + eH323_UU_PDU_h323_message_body_alerting, + eH323_UU_PDU_h323_message_body_information, + eH323_UU_PDU_h323_message_body_releaseComplete, + eH323_UU_PDU_h323_message_body_facility, + eH323_UU_PDU_h323_message_body_progress, + eH323_UU_PDU_h323_message_body_empty, + eH323_UU_PDU_h323_message_body_status, + eH323_UU_PDU_h323_message_body_statusInquiry, + eH323_UU_PDU_h323_message_body_setupAcknowledge, + eH323_UU_PDU_h323_message_body_notify, + } choice; + union { + Setup_UUIE setup; + CallProceeding_UUIE callProceeding; + Connect_UUIE connect; + Alerting_UUIE alerting; + Information_UUIE information; + Facility_UUIE facility; + Progress_UUIE progress; + }; +} H323_UU_PDU_h323_message_body; + +typedef struct RequestMessage { /* CHOICE */ + enum { + eRequestMessage_nonStandard, + eRequestMessage_masterSlaveDetermination, + eRequestMessage_terminalCapabilitySet, + eRequestMessage_openLogicalChannel, + eRequestMessage_closeLogicalChannel, + eRequestMessage_requestChannelClose, + eRequestMessage_multiplexEntrySend, + eRequestMessage_requestMultiplexEntry, + eRequestMessage_requestMode, + eRequestMessage_roundTripDelayRequest, + eRequestMessage_maintenanceLoopRequest, + eRequestMessage_communicationModeRequest, + eRequestMessage_conferenceRequest, + eRequestMessage_multilinkRequest, + eRequestMessage_logicalChannelRateRequest, + } choice; + union { + OpenLogicalChannel openLogicalChannel; + }; +} RequestMessage; + +typedef struct OpenLogicalChannelAck_reverseLogicalChannelParameters_multiplexParameters { /* CHOICE */ + enum { + eOpenLogicalChannelAck_reverseLogicalChannelParameters_multiplexParameters_h222LogicalChannelParameters, + eOpenLogicalChannelAck_reverseLogicalChannelParameters_multiplexParameters_h2250LogicalChannelParameters, + } choice; + union { + H2250LogicalChannelParameters h2250LogicalChannelParameters; + }; +} OpenLogicalChannelAck_reverseLogicalChannelParameters_multiplexParameters; + +typedef struct OpenLogicalChannelAck_reverseLogicalChannelParameters { /* SEQUENCE */ + enum { + eOpenLogicalChannelAck_reverseLogicalChannelParameters_portNumber + = (1 << 31), + eOpenLogicalChannelAck_reverseLogicalChannelParameters_multiplexParameters + = (1 << 30), + eOpenLogicalChannelAck_reverseLogicalChannelParameters_replacementFor + = (1 << 29), + } options; + OpenLogicalChannelAck_reverseLogicalChannelParameters_multiplexParameters + multiplexParameters; +} OpenLogicalChannelAck_reverseLogicalChannelParameters; + +typedef struct H2250LogicalChannelAckParameters { /* SEQUENCE */ + enum { + eH2250LogicalChannelAckParameters_nonStandard = (1 << 31), + eH2250LogicalChannelAckParameters_sessionID = (1 << 30), + eH2250LogicalChannelAckParameters_mediaChannel = (1 << 29), + eH2250LogicalChannelAckParameters_mediaControlChannel = + (1 << 28), + eH2250LogicalChannelAckParameters_dynamicRTPPayloadType = + (1 << 27), + eH2250LogicalChannelAckParameters_flowControlToZero = + (1 << 26), + eH2250LogicalChannelAckParameters_portNumber = (1 << 25), + } options; + H245_TransportAddress mediaChannel; + H245_TransportAddress mediaControlChannel; +} H2250LogicalChannelAckParameters; + +typedef struct OpenLogicalChannelAck_forwardMultiplexAckParameters { /* CHOICE */ + enum { + eOpenLogicalChannelAck_forwardMultiplexAckParameters_h2250LogicalChannelAckParameters, + } choice; + union { + H2250LogicalChannelAckParameters + h2250LogicalChannelAckParameters; + }; +} OpenLogicalChannelAck_forwardMultiplexAckParameters; + +typedef struct OpenLogicalChannelAck { /* SEQUENCE */ + enum { + eOpenLogicalChannelAck_reverseLogicalChannelParameters = + (1 << 31), + eOpenLogicalChannelAck_separateStack = (1 << 30), + eOpenLogicalChannelAck_forwardMultiplexAckParameters = + (1 << 29), + eOpenLogicalChannelAck_encryptionSync = (1 << 28), + } options; + OpenLogicalChannelAck_reverseLogicalChannelParameters + reverseLogicalChannelParameters; + OpenLogicalChannelAck_forwardMultiplexAckParameters + forwardMultiplexAckParameters; +} OpenLogicalChannelAck; + +typedef struct ResponseMessage { /* CHOICE */ + enum { + eResponseMessage_nonStandard, + eResponseMessage_masterSlaveDeterminationAck, + eResponseMessage_masterSlaveDeterminationReject, + eResponseMessage_terminalCapabilitySetAck, + eResponseMessage_terminalCapabilitySetReject, + eResponseMessage_openLogicalChannelAck, + eResponseMessage_openLogicalChannelReject, + eResponseMessage_closeLogicalChannelAck, + eResponseMessage_requestChannelCloseAck, + eResponseMessage_requestChannelCloseReject, + eResponseMessage_multiplexEntrySendAck, + eResponseMessage_multiplexEntrySendReject, + eResponseMessage_requestMultiplexEntryAck, + eResponseMessage_requestMultiplexEntryReject, + eResponseMessage_requestModeAck, + eResponseMessage_requestModeReject, + eResponseMessage_roundTripDelayResponse, + eResponseMessage_maintenanceLoopAck, + eResponseMessage_maintenanceLoopReject, + eResponseMessage_communicationModeResponse, + eResponseMessage_conferenceResponse, + eResponseMessage_multilinkResponse, + eResponseMessage_logicalChannelRateAcknowledge, + eResponseMessage_logicalChannelRateReject, + } choice; + union { + OpenLogicalChannelAck openLogicalChannelAck; + }; +} ResponseMessage; + +typedef struct MultimediaSystemControlMessage { /* CHOICE */ + enum { + eMultimediaSystemControlMessage_request, + eMultimediaSystemControlMessage_response, + eMultimediaSystemControlMessage_command, + eMultimediaSystemControlMessage_indication, + } choice; + union { + RequestMessage request; + ResponseMessage response; + }; +} MultimediaSystemControlMessage; + +typedef struct H323_UU_PDU_h245Control { /* SEQUENCE OF */ + int count; + MultimediaSystemControlMessage item[4]; +} H323_UU_PDU_h245Control; + +typedef struct H323_UU_PDU { /* SEQUENCE */ + enum { + eH323_UU_PDU_nonStandardData = (1 << 31), + eH323_UU_PDU_h4501SupplementaryService = (1 << 30), + eH323_UU_PDU_h245Tunneling = (1 << 29), + eH323_UU_PDU_h245Control = (1 << 28), + eH323_UU_PDU_nonStandardControl = (1 << 27), + eH323_UU_PDU_callLinkage = (1 << 26), + eH323_UU_PDU_tunnelledSignallingMessage = (1 << 25), + eH323_UU_PDU_provisionalRespToH245Tunneling = (1 << 24), + eH323_UU_PDU_stimulusControl = (1 << 23), + eH323_UU_PDU_genericData = (1 << 22), + } options; + H323_UU_PDU_h323_message_body h323_message_body; + H323_UU_PDU_h245Control h245Control; +} H323_UU_PDU; + +typedef struct H323_UserInformation { /* SEQUENCE */ + enum { + eH323_UserInformation_user_data = (1 << 31), + } options; + H323_UU_PDU h323_uu_pdu; +} H323_UserInformation; + +typedef struct GatekeeperRequest { /* SEQUENCE */ + enum { + eGatekeeperRequest_nonStandardData = (1 << 31), + eGatekeeperRequest_gatekeeperIdentifier = (1 << 30), + eGatekeeperRequest_callServices = (1 << 29), + eGatekeeperRequest_endpointAlias = (1 << 28), + eGatekeeperRequest_alternateEndpoints = (1 << 27), + eGatekeeperRequest_tokens = (1 << 26), + eGatekeeperRequest_cryptoTokens = (1 << 25), + eGatekeeperRequest_authenticationCapability = (1 << 24), + eGatekeeperRequest_algorithmOIDs = (1 << 23), + eGatekeeperRequest_integrity = (1 << 22), + eGatekeeperRequest_integrityCheckValue = (1 << 21), + eGatekeeperRequest_supportsAltGK = (1 << 20), + eGatekeeperRequest_featureSet = (1 << 19), + eGatekeeperRequest_genericData = (1 << 18), + } options; + TransportAddress rasAddress; +} GatekeeperRequest; + +typedef struct GatekeeperConfirm { /* SEQUENCE */ + enum { + eGatekeeperConfirm_nonStandardData = (1 << 31), + eGatekeeperConfirm_gatekeeperIdentifier = (1 << 30), + eGatekeeperConfirm_alternateGatekeeper = (1 << 29), + eGatekeeperConfirm_authenticationMode = (1 << 28), + eGatekeeperConfirm_tokens = (1 << 27), + eGatekeeperConfirm_cryptoTokens = (1 << 26), + eGatekeeperConfirm_algorithmOID = (1 << 25), + eGatekeeperConfirm_integrity = (1 << 24), + eGatekeeperConfirm_integrityCheckValue = (1 << 23), + eGatekeeperConfirm_featureSet = (1 << 22), + eGatekeeperConfirm_genericData = (1 << 21), + } options; + TransportAddress rasAddress; +} GatekeeperConfirm; + +typedef struct RegistrationRequest_callSignalAddress { /* SEQUENCE OF */ + int count; + TransportAddress item[10]; +} RegistrationRequest_callSignalAddress; + +typedef struct RegistrationRequest_rasAddress { /* SEQUENCE OF */ + int count; + TransportAddress item[10]; +} RegistrationRequest_rasAddress; + +typedef struct RegistrationRequest { /* SEQUENCE */ + enum { + eRegistrationRequest_nonStandardData = (1 << 31), + eRegistrationRequest_terminalAlias = (1 << 30), + eRegistrationRequest_gatekeeperIdentifier = (1 << 29), + eRegistrationRequest_alternateEndpoints = (1 << 28), + eRegistrationRequest_timeToLive = (1 << 27), + eRegistrationRequest_tokens = (1 << 26), + eRegistrationRequest_cryptoTokens = (1 << 25), + eRegistrationRequest_integrityCheckValue = (1 << 24), + eRegistrationRequest_keepAlive = (1 << 23), + eRegistrationRequest_endpointIdentifier = (1 << 22), + eRegistrationRequest_willSupplyUUIEs = (1 << 21), + eRegistrationRequest_maintainConnection = (1 << 20), + eRegistrationRequest_alternateTransportAddresses = (1 << 19), + eRegistrationRequest_additiveRegistration = (1 << 18), + eRegistrationRequest_terminalAliasPattern = (1 << 17), + eRegistrationRequest_supportsAltGK = (1 << 16), + eRegistrationRequest_usageReportingCapability = (1 << 15), + eRegistrationRequest_multipleCalls = (1 << 14), + eRegistrationRequest_supportedH248Packages = (1 << 13), + eRegistrationRequest_callCreditCapability = (1 << 12), + eRegistrationRequest_capacityReportingCapability = (1 << 11), + eRegistrationRequest_capacity = (1 << 10), + eRegistrationRequest_featureSet = (1 << 9), + eRegistrationRequest_genericData = (1 << 8), + } options; + RegistrationRequest_callSignalAddress callSignalAddress; + RegistrationRequest_rasAddress rasAddress; + unsigned timeToLive; +} RegistrationRequest; + +typedef struct RegistrationConfirm_callSignalAddress { /* SEQUENCE OF */ + int count; + TransportAddress item[10]; +} RegistrationConfirm_callSignalAddress; + +typedef struct RegistrationConfirm { /* SEQUENCE */ + enum { + eRegistrationConfirm_nonStandardData = (1 << 31), + eRegistrationConfirm_terminalAlias = (1 << 30), + eRegistrationConfirm_gatekeeperIdentifier = (1 << 29), + eRegistrationConfirm_alternateGatekeeper = (1 << 28), + eRegistrationConfirm_timeToLive = (1 << 27), + eRegistrationConfirm_tokens = (1 << 26), + eRegistrationConfirm_cryptoTokens = (1 << 25), + eRegistrationConfirm_integrityCheckValue = (1 << 24), + eRegistrationConfirm_willRespondToIRR = (1 << 23), + eRegistrationConfirm_preGrantedARQ = (1 << 22), + eRegistrationConfirm_maintainConnection = (1 << 21), + eRegistrationConfirm_serviceControl = (1 << 20), + eRegistrationConfirm_supportsAdditiveRegistration = (1 << 19), + eRegistrationConfirm_terminalAliasPattern = (1 << 18), + eRegistrationConfirm_supportedPrefixes = (1 << 17), + eRegistrationConfirm_usageSpec = (1 << 16), + eRegistrationConfirm_featureServerAlias = (1 << 15), + eRegistrationConfirm_capacityReportingSpec = (1 << 14), + eRegistrationConfirm_featureSet = (1 << 13), + eRegistrationConfirm_genericData = (1 << 12), + } options; + RegistrationConfirm_callSignalAddress callSignalAddress; + unsigned timeToLive; +} RegistrationConfirm; + +typedef struct UnregistrationRequest_callSignalAddress { /* SEQUENCE OF */ + int count; + TransportAddress item[10]; +} UnregistrationRequest_callSignalAddress; + +typedef struct UnregistrationRequest { /* SEQUENCE */ + enum { + eUnregistrationRequest_endpointAlias = (1 << 31), + eUnregistrationRequest_nonStandardData = (1 << 30), + eUnregistrationRequest_endpointIdentifier = (1 << 29), + eUnregistrationRequest_alternateEndpoints = (1 << 28), + eUnregistrationRequest_gatekeeperIdentifier = (1 << 27), + eUnregistrationRequest_tokens = (1 << 26), + eUnregistrationRequest_cryptoTokens = (1 << 25), + eUnregistrationRequest_integrityCheckValue = (1 << 24), + eUnregistrationRequest_reason = (1 << 23), + eUnregistrationRequest_endpointAliasPattern = (1 << 22), + eUnregistrationRequest_supportedPrefixes = (1 << 21), + eUnregistrationRequest_alternateGatekeeper = (1 << 20), + eUnregistrationRequest_genericData = (1 << 19), + } options; + UnregistrationRequest_callSignalAddress callSignalAddress; +} UnregistrationRequest; + +typedef struct AdmissionRequest { /* SEQUENCE */ + enum { + eAdmissionRequest_callModel = (1 << 31), + eAdmissionRequest_destinationInfo = (1 << 30), + eAdmissionRequest_destCallSignalAddress = (1 << 29), + eAdmissionRequest_destExtraCallInfo = (1 << 28), + eAdmissionRequest_srcCallSignalAddress = (1 << 27), + eAdmissionRequest_nonStandardData = (1 << 26), + eAdmissionRequest_callServices = (1 << 25), + eAdmissionRequest_canMapAlias = (1 << 24), + eAdmissionRequest_callIdentifier = (1 << 23), + eAdmissionRequest_srcAlternatives = (1 << 22), + eAdmissionRequest_destAlternatives = (1 << 21), + eAdmissionRequest_gatekeeperIdentifier = (1 << 20), + eAdmissionRequest_tokens = (1 << 19), + eAdmissionRequest_cryptoTokens = (1 << 18), + eAdmissionRequest_integrityCheckValue = (1 << 17), + eAdmissionRequest_transportQOS = (1 << 16), + eAdmissionRequest_willSupplyUUIEs = (1 << 15), + eAdmissionRequest_callLinkage = (1 << 14), + eAdmissionRequest_gatewayDataRate = (1 << 13), + eAdmissionRequest_capacity = (1 << 12), + eAdmissionRequest_circuitInfo = (1 << 11), + eAdmissionRequest_desiredProtocols = (1 << 10), + eAdmissionRequest_desiredTunnelledProtocol = (1 << 9), + eAdmissionRequest_featureSet = (1 << 8), + eAdmissionRequest_genericData = (1 << 7), + } options; + TransportAddress destCallSignalAddress; + TransportAddress srcCallSignalAddress; +} AdmissionRequest; + +typedef struct AdmissionConfirm { /* SEQUENCE */ + enum { + eAdmissionConfirm_irrFrequency = (1 << 31), + eAdmissionConfirm_nonStandardData = (1 << 30), + eAdmissionConfirm_destinationInfo = (1 << 29), + eAdmissionConfirm_destExtraCallInfo = (1 << 28), + eAdmissionConfirm_destinationType = (1 << 27), + eAdmissionConfirm_remoteExtensionAddress = (1 << 26), + eAdmissionConfirm_alternateEndpoints = (1 << 25), + eAdmissionConfirm_tokens = (1 << 24), + eAdmissionConfirm_cryptoTokens = (1 << 23), + eAdmissionConfirm_integrityCheckValue = (1 << 22), + eAdmissionConfirm_transportQOS = (1 << 21), + eAdmissionConfirm_willRespondToIRR = (1 << 20), + eAdmissionConfirm_uuiesRequested = (1 << 19), + eAdmissionConfirm_language = (1 << 18), + eAdmissionConfirm_alternateTransportAddresses = (1 << 17), + eAdmissionConfirm_useSpecifiedTransport = (1 << 16), + eAdmissionConfirm_circuitInfo = (1 << 15), + eAdmissionConfirm_usageSpec = (1 << 14), + eAdmissionConfirm_supportedProtocols = (1 << 13), + eAdmissionConfirm_serviceControl = (1 << 12), + eAdmissionConfirm_multipleCalls = (1 << 11), + eAdmissionConfirm_featureSet = (1 << 10), + eAdmissionConfirm_genericData = (1 << 9), + } options; + TransportAddress destCallSignalAddress; +} AdmissionConfirm; + +typedef struct LocationRequest { /* SEQUENCE */ + enum { + eLocationRequest_endpointIdentifier = (1 << 31), + eLocationRequest_nonStandardData = (1 << 30), + eLocationRequest_sourceInfo = (1 << 29), + eLocationRequest_canMapAlias = (1 << 28), + eLocationRequest_gatekeeperIdentifier = (1 << 27), + eLocationRequest_tokens = (1 << 26), + eLocationRequest_cryptoTokens = (1 << 25), + eLocationRequest_integrityCheckValue = (1 << 24), + eLocationRequest_desiredProtocols = (1 << 23), + eLocationRequest_desiredTunnelledProtocol = (1 << 22), + eLocationRequest_featureSet = (1 << 21), + eLocationRequest_genericData = (1 << 20), + eLocationRequest_hopCount = (1 << 19), + eLocationRequest_circuitInfo = (1 << 18), + } options; + TransportAddress replyAddress; +} LocationRequest; + +typedef struct LocationConfirm { /* SEQUENCE */ + enum { + eLocationConfirm_nonStandardData = (1 << 31), + eLocationConfirm_destinationInfo = (1 << 30), + eLocationConfirm_destExtraCallInfo = (1 << 29), + eLocationConfirm_destinationType = (1 << 28), + eLocationConfirm_remoteExtensionAddress = (1 << 27), + eLocationConfirm_alternateEndpoints = (1 << 26), + eLocationConfirm_tokens = (1 << 25), + eLocationConfirm_cryptoTokens = (1 << 24), + eLocationConfirm_integrityCheckValue = (1 << 23), + eLocationConfirm_alternateTransportAddresses = (1 << 22), + eLocationConfirm_supportedProtocols = (1 << 21), + eLocationConfirm_multipleCalls = (1 << 20), + eLocationConfirm_featureSet = (1 << 19), + eLocationConfirm_genericData = (1 << 18), + eLocationConfirm_circuitInfo = (1 << 17), + eLocationConfirm_serviceControl = (1 << 16), + } options; + TransportAddress callSignalAddress; + TransportAddress rasAddress; +} LocationConfirm; + +typedef struct InfoRequestResponse_callSignalAddress { /* SEQUENCE OF */ + int count; + TransportAddress item[10]; +} InfoRequestResponse_callSignalAddress; + +typedef struct InfoRequestResponse { /* SEQUENCE */ + enum { + eInfoRequestResponse_nonStandardData = (1 << 31), + eInfoRequestResponse_endpointAlias = (1 << 30), + eInfoRequestResponse_perCallInfo = (1 << 29), + eInfoRequestResponse_tokens = (1 << 28), + eInfoRequestResponse_cryptoTokens = (1 << 27), + eInfoRequestResponse_integrityCheckValue = (1 << 26), + eInfoRequestResponse_needResponse = (1 << 25), + eInfoRequestResponse_capacity = (1 << 24), + eInfoRequestResponse_irrStatus = (1 << 23), + eInfoRequestResponse_unsolicited = (1 << 22), + eInfoRequestResponse_genericData = (1 << 21), + } options; + TransportAddress rasAddress; + InfoRequestResponse_callSignalAddress callSignalAddress; +} InfoRequestResponse; + +typedef struct RasMessage { /* CHOICE */ + enum { + eRasMessage_gatekeeperRequest, + eRasMessage_gatekeeperConfirm, + eRasMessage_gatekeeperReject, + eRasMessage_registrationRequest, + eRasMessage_registrationConfirm, + eRasMessage_registrationReject, + eRasMessage_unregistrationRequest, + eRasMessage_unregistrationConfirm, + eRasMessage_unregistrationReject, + eRasMessage_admissionRequest, + eRasMessage_admissionConfirm, + eRasMessage_admissionReject, + eRasMessage_bandwidthRequest, + eRasMessage_bandwidthConfirm, + eRasMessage_bandwidthReject, + eRasMessage_disengageRequest, + eRasMessage_disengageConfirm, + eRasMessage_disengageReject, + eRasMessage_locationRequest, + eRasMessage_locationConfirm, + eRasMessage_locationReject, + eRasMessage_infoRequest, + eRasMessage_infoRequestResponse, + eRasMessage_nonStandardMessage, + eRasMessage_unknownMessageResponse, + eRasMessage_requestInProgress, + eRasMessage_resourcesAvailableIndicate, + eRasMessage_resourcesAvailableConfirm, + eRasMessage_infoRequestAck, + eRasMessage_infoRequestNak, + eRasMessage_serviceControlIndication, + eRasMessage_serviceControlResponse, + } choice; + union { + GatekeeperRequest gatekeeperRequest; + GatekeeperConfirm gatekeeperConfirm; + RegistrationRequest registrationRequest; + RegistrationConfirm registrationConfirm; + UnregistrationRequest unregistrationRequest; + AdmissionRequest admissionRequest; + AdmissionConfirm admissionConfirm; + LocationRequest locationRequest; + LocationConfirm locationConfirm; + InfoRequestResponse infoRequestResponse; + }; +} RasMessage; diff --git a/net/ipv4/netfilter/ip_conntrack_helper_pptp.c b/net/ipv4/netfilter/ip_conntrack_helper_pptp.c index d716bba..7d3ba43 100644 --- a/net/ipv4/netfilter/ip_conntrack_helper_pptp.c +++ b/net/ipv4/netfilter/ip_conntrack_helper_pptp.c @@ -766,7 +766,7 @@ extern void ip_ct_proto_gre_fini(void); extern int __init ip_ct_proto_gre_init(void); /* ip_conntrack_pptp initialization */ -static int __init init(void) +static int __init ip_conntrack_helper_pptp_init(void) { int retcode; @@ -786,15 +786,15 @@ static int __init init(void) return 0; } -static void __exit fini(void) +static void __exit ip_conntrack_helper_pptp_fini(void) { ip_conntrack_helper_unregister(&pptp); ip_ct_proto_gre_fini(); printk("ip_conntrack_pptp version %s unloaded\n", IP_CT_PPTP_VERSION); } -module_init(init); -module_exit(fini); +module_init(ip_conntrack_helper_pptp_init); +module_exit(ip_conntrack_helper_pptp_fini); EXPORT_SYMBOL(ip_nat_pptp_hook_outbound); EXPORT_SYMBOL(ip_nat_pptp_hook_inbound); diff --git a/net/ipv4/netfilter/ip_conntrack_irc.c b/net/ipv4/netfilter/ip_conntrack_irc.c index c51a2cf..a2ac5ce 100644 --- a/net/ipv4/netfilter/ip_conntrack_irc.c +++ b/net/ipv4/netfilter/ip_conntrack_irc.c @@ -242,9 +242,9 @@ static int help(struct sk_buff **pskb, static struct ip_conntrack_helper irc_helpers[MAX_PORTS]; static char irc_names[MAX_PORTS][sizeof("irc-65535")]; -static void fini(void); +static void ip_conntrack_irc_fini(void); -static int __init init(void) +static int __init ip_conntrack_irc_init(void) { int i, ret; struct ip_conntrack_helper *hlpr; @@ -288,7 +288,7 @@ static int __init init(void) if (ret) { printk("ip_conntrack_irc: ERROR registering port %d\n", ports[i]); - fini(); + ip_conntrack_irc_fini(); return -EBUSY; } } @@ -297,7 +297,7 @@ static int __init init(void) /* This function is intentionally _NOT_ defined as __exit, because * it is needed by the init function */ -static void fini(void) +static void ip_conntrack_irc_fini(void) { int i; for (i = 0; i < ports_c; i++) { @@ -308,5 +308,5 @@ static void fini(void) kfree(irc_buffer); } -module_init(init); -module_exit(fini); +module_init(ip_conntrack_irc_init); +module_exit(ip_conntrack_irc_fini); diff --git a/net/ipv4/netfilter/ip_conntrack_netbios_ns.c b/net/ipv4/netfilter/ip_conntrack_netbios_ns.c index 4e68e16..a566a81 100644 --- a/net/ipv4/netfilter/ip_conntrack_netbios_ns.c +++ b/net/ipv4/netfilter/ip_conntrack_netbios_ns.c @@ -127,16 +127,16 @@ static struct ip_conntrack_helper helper = { .help = help, }; -static int __init init(void) +static int __init ip_conntrack_netbios_ns_init(void) { helper.timeout = timeout; return ip_conntrack_helper_register(&helper); } -static void __exit fini(void) +static void __exit ip_conntrack_netbios_ns_fini(void) { ip_conntrack_helper_unregister(&helper); } -module_init(init); -module_exit(fini); +module_init(ip_conntrack_netbios_ns_init); +module_exit(ip_conntrack_netbios_ns_fini); diff --git a/net/ipv4/netfilter/ip_conntrack_netlink.c b/net/ipv4/netfilter/ip_conntrack_netlink.c index e0b5926..9b6e19b 100644 --- a/net/ipv4/netfilter/ip_conntrack_netlink.c +++ b/net/ipv4/netfilter/ip_conntrack_netlink.c @@ -4,7 +4,7 @@ * (C) 2001 by Jay Schulist <jschlst@samba.org> * (C) 2002-2005 by Harald Welte <laforge@gnumonks.org> * (C) 2003 by Patrick Mchardy <kaber@trash.net> - * (C) 2005 by Pablo Neira Ayuso <pablo@eurodev.net> + * (C) 2005-2006 by Pablo Neira Ayuso <pablo@eurodev.net> * * I've reworked this stuff to use attributes instead of conntrack * structures. 5.44 am. I need more tea. --pablo 05/07/11. @@ -53,20 +53,18 @@ static char __initdata version[] = "0.90"; static inline int ctnetlink_dump_tuples_proto(struct sk_buff *skb, - const struct ip_conntrack_tuple *tuple) + const struct ip_conntrack_tuple *tuple, + struct ip_conntrack_protocol *proto) { - struct ip_conntrack_protocol *proto; int ret = 0; + struct nfattr *nest_parms = NFA_NEST(skb, CTA_TUPLE_PROTO); NFA_PUT(skb, CTA_PROTO_NUM, sizeof(u_int8_t), &tuple->dst.protonum); - /* If no protocol helper is found, this function will return the - * generic protocol helper, so proto won't *ever* be NULL */ - proto = ip_conntrack_proto_find_get(tuple->dst.protonum); if (likely(proto->tuple_to_nfattr)) ret = proto->tuple_to_nfattr(skb, tuple); - ip_conntrack_proto_put(proto); + NFA_NEST_END(skb, nest_parms); return ret; @@ -75,28 +73,41 @@ nfattr_failure: } static inline int -ctnetlink_dump_tuples(struct sk_buff *skb, - const struct ip_conntrack_tuple *tuple) +ctnetlink_dump_tuples_ip(struct sk_buff *skb, + const struct ip_conntrack_tuple *tuple) { - struct nfattr *nest_parms; - int ret; + struct nfattr *nest_parms = NFA_NEST(skb, CTA_TUPLE_IP); - nest_parms = NFA_NEST(skb, CTA_TUPLE_IP); NFA_PUT(skb, CTA_IP_V4_SRC, sizeof(u_int32_t), &tuple->src.ip); NFA_PUT(skb, CTA_IP_V4_DST, sizeof(u_int32_t), &tuple->dst.ip); - NFA_NEST_END(skb, nest_parms); - nest_parms = NFA_NEST(skb, CTA_TUPLE_PROTO); - ret = ctnetlink_dump_tuples_proto(skb, tuple); NFA_NEST_END(skb, nest_parms); - return ret; + return 0; nfattr_failure: return -1; } static inline int +ctnetlink_dump_tuples(struct sk_buff *skb, + const struct ip_conntrack_tuple *tuple) +{ + int ret; + struct ip_conntrack_protocol *proto; + + ret = ctnetlink_dump_tuples_ip(skb, tuple); + if (unlikely(ret < 0)) + return ret; + + proto = ip_conntrack_proto_find_get(tuple->dst.protonum); + ret = ctnetlink_dump_tuples_proto(skb, tuple, proto); + ip_conntrack_proto_put(proto); + + return ret; +} + +static inline int ctnetlink_dump_status(struct sk_buff *skb, const struct ip_conntrack *ct) { u_int32_t status = htonl((u_int32_t) ct->status); @@ -327,9 +338,10 @@ static int ctnetlink_conntrack_event(struct notifier_block *this, group = NFNLGRP_CONNTRACK_UPDATE; } else return NOTIFY_DONE; - - /* FIXME: Check if there are any listeners before, don't hurt performance */ - + + if (!nfnetlink_has_listeners(group)) + return NOTIFY_DONE; + skb = alloc_skb(NLMSG_GOODSIZE, GFP_ATOMIC); if (!skb) return NOTIFY_DONE; @@ -1134,6 +1146,33 @@ nfattr_failure: } static inline int +ctnetlink_exp_dump_mask(struct sk_buff *skb, + const struct ip_conntrack_tuple *tuple, + const struct ip_conntrack_tuple *mask) +{ + int ret; + struct ip_conntrack_protocol *proto; + struct nfattr *nest_parms = NFA_NEST(skb, CTA_EXPECT_MASK); + + ret = ctnetlink_dump_tuples_ip(skb, mask); + if (unlikely(ret < 0)) + goto nfattr_failure; + + proto = ip_conntrack_proto_find_get(tuple->dst.protonum); + ret = ctnetlink_dump_tuples_proto(skb, mask, proto); + ip_conntrack_proto_put(proto); + if (unlikely(ret < 0)) + goto nfattr_failure; + + NFA_NEST_END(skb, nest_parms); + + return 0; + +nfattr_failure: + return -1; +} + +static inline int ctnetlink_exp_dump_expect(struct sk_buff *skb, const struct ip_conntrack_expect *exp) { @@ -1143,7 +1182,7 @@ ctnetlink_exp_dump_expect(struct sk_buff *skb, if (ctnetlink_exp_dump_tuple(skb, &exp->tuple, CTA_EXPECT_TUPLE) < 0) goto nfattr_failure; - if (ctnetlink_exp_dump_tuple(skb, &exp->mask, CTA_EXPECT_MASK) < 0) + if (ctnetlink_exp_dump_mask(skb, &exp->tuple, &exp->mask) < 0) goto nfattr_failure; if (ctnetlink_exp_dump_tuple(skb, &master->tuplehash[IP_CT_DIR_ORIGINAL].tuple, diff --git a/net/ipv4/netfilter/ip_conntrack_proto_sctp.c b/net/ipv4/netfilter/ip_conntrack_proto_sctp.c index be602e8..5259abd 100644 --- a/net/ipv4/netfilter/ip_conntrack_proto_sctp.c +++ b/net/ipv4/netfilter/ip_conntrack_proto_sctp.c @@ -609,7 +609,7 @@ static ctl_table ip_ct_net_table[] = { static struct ctl_table_header *ip_ct_sysctl_header; #endif -static int __init init(void) +static int __init ip_conntrack_proto_sctp_init(void) { int ret; @@ -640,7 +640,7 @@ static int __init init(void) return ret; } -static void __exit fini(void) +static void __exit ip_conntrack_proto_sctp_fini(void) { ip_conntrack_protocol_unregister(&ip_conntrack_protocol_sctp); #ifdef CONFIG_SYSCTL @@ -649,8 +649,8 @@ static void __exit fini(void) DEBUGP("SCTP conntrack module unloaded\n"); } -module_init(init); -module_exit(fini); +module_init(ip_conntrack_proto_sctp_init); +module_exit(ip_conntrack_proto_sctp_fini); MODULE_LICENSE("GPL"); MODULE_AUTHOR("Kiran Kumar Immidi"); diff --git a/net/ipv4/netfilter/ip_conntrack_standalone.c b/net/ipv4/netfilter/ip_conntrack_standalone.c index 833fcb4..5207602 100644 --- a/net/ipv4/netfilter/ip_conntrack_standalone.c +++ b/net/ipv4/netfilter/ip_conntrack_standalone.c @@ -929,18 +929,18 @@ void ip_conntrack_protocol_unregister(struct ip_conntrack_protocol *proto) ip_ct_iterate_cleanup(kill_proto, &proto->proto); } -static int __init init(void) +static int __init ip_conntrack_standalone_init(void) { return init_or_cleanup(1); } -static void __exit fini(void) +static void __exit ip_conntrack_standalone_fini(void) { init_or_cleanup(0); } -module_init(init); -module_exit(fini); +module_init(ip_conntrack_standalone_init); +module_exit(ip_conntrack_standalone_fini); /* Some modules need us, but don't depend directly on any symbol. They should call this. */ diff --git a/net/ipv4/netfilter/ip_conntrack_tftp.c b/net/ipv4/netfilter/ip_conntrack_tftp.c index 4ba4463..7e33d3b 100644 --- a/net/ipv4/netfilter/ip_conntrack_tftp.c +++ b/net/ipv4/netfilter/ip_conntrack_tftp.c @@ -103,7 +103,7 @@ static int tftp_help(struct sk_buff **pskb, static struct ip_conntrack_helper tftp[MAX_PORTS]; static char tftp_names[MAX_PORTS][sizeof("tftp-65535")]; -static void fini(void) +static void ip_conntrack_tftp_fini(void) { int i; @@ -114,7 +114,7 @@ static void fini(void) } } -static int __init init(void) +static int __init ip_conntrack_tftp_init(void) { int i, ret; char *tmpname; @@ -148,12 +148,12 @@ static int __init init(void) if (ret) { printk("ERROR registering helper for port %d\n", ports[i]); - fini(); + ip_conntrack_tftp_fini(); return(ret); } } return(0); } -module_init(init); -module_exit(fini); +module_init(ip_conntrack_tftp_init); +module_exit(ip_conntrack_tftp_fini); diff --git a/net/ipv4/netfilter/ip_nat_amanda.c b/net/ipv4/netfilter/ip_nat_amanda.c index 706c807..3a88871 100644 --- a/net/ipv4/netfilter/ip_nat_amanda.c +++ b/net/ipv4/netfilter/ip_nat_amanda.c @@ -68,19 +68,19 @@ static unsigned int help(struct sk_buff **pskb, return ret; } -static void __exit fini(void) +static void __exit ip_nat_amanda_fini(void) { ip_nat_amanda_hook = NULL; /* Make sure noone calls it, meanwhile. */ synchronize_net(); } -static int __init init(void) +static int __init ip_nat_amanda_init(void) { BUG_ON(ip_nat_amanda_hook); ip_nat_amanda_hook = help; return 0; } -module_init(init); -module_exit(fini); +module_init(ip_nat_amanda_init); +module_exit(ip_nat_amanda_fini); diff --git a/net/ipv4/netfilter/ip_nat_ftp.c b/net/ipv4/netfilter/ip_nat_ftp.c index b8daab3..3328fc5 100644 --- a/net/ipv4/netfilter/ip_nat_ftp.c +++ b/net/ipv4/netfilter/ip_nat_ftp.c @@ -154,14 +154,14 @@ static unsigned int ip_nat_ftp(struct sk_buff **pskb, return NF_ACCEPT; } -static void __exit fini(void) +static void __exit ip_nat_ftp_fini(void) { ip_nat_ftp_hook = NULL; /* Make sure noone calls it, meanwhile. */ synchronize_net(); } -static int __init init(void) +static int __init ip_nat_ftp_init(void) { BUG_ON(ip_nat_ftp_hook); ip_nat_ftp_hook = ip_nat_ftp; @@ -177,5 +177,5 @@ static int warn_set(const char *val, struct kernel_param *kp) } module_param_call(ports, warn_set, NULL, NULL, 0); -module_init(init); -module_exit(fini); +module_init(ip_nat_ftp_init); +module_exit(ip_nat_ftp_fini); diff --git a/net/ipv4/netfilter/ip_nat_helper_h323.c b/net/ipv4/netfilter/ip_nat_helper_h323.c new file mode 100644 index 0000000..a0bc883 --- /dev/null +++ b/net/ipv4/netfilter/ip_nat_helper_h323.c @@ -0,0 +1,605 @@ +/* + * H.323 extension for NAT alteration. + * + * Copyright (c) 2006 Jing Min Zhao <zhaojingmin@users.sourceforge.net> + * + * This source code is licensed under General Public License version 2. + * + * Based on the 'brute force' H.323 NAT module by + * Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> + * + * Changes: + * 2006-02-01 - initial version 0.1 + * + * 2006-02-20 - version 0.2 + * 1. Changed source format to follow kernel conventions + * 2. Deleted some unnecessary structures + * 3. Minor fixes + * + * 2006-03-10 - version 0.3 + * 1. Added support for multiple TPKTs in one packet (suggested by + * Patrick McHardy) + * 2. Added support for non-linear skb (based on Patrick McHardy's patch) + * 3. Eliminated unnecessary return code + * + * 2006-03-15 - version 0.4 + * 1. Added support for T.120 channels + * 2. Added parameter gkrouted_only (suggested by Patrick McHardy) + */ + +#include <linux/module.h> +#include <linux/netfilter_ipv4.h> +#include <linux/netfilter.h> +#include <linux/ip.h> +#include <linux/tcp.h> +#include <linux/moduleparam.h> +#include <net/tcp.h> +#include <linux/netfilter_ipv4/ip_nat.h> +#include <linux/netfilter_ipv4/ip_nat_helper.h> +#include <linux/netfilter_ipv4/ip_nat_rule.h> +#include <linux/netfilter_ipv4/ip_conntrack_tuple.h> +#include <linux/netfilter_ipv4/ip_conntrack_h323.h> +#include <linux/netfilter_ipv4/ip_conntrack_helper.h> + +#include "ip_conntrack_helper_h323_asn1.h" + +#if 0 +#define DEBUGP printk +#else +#define DEBUGP(format, args...) +#endif + +extern int get_h245_addr(unsigned char *data, H245_TransportAddress * addr, + u_int32_t * ip, u_int16_t * port); +extern int get_h225_addr(unsigned char *data, TransportAddress * addr, + u_int32_t * ip, u_int16_t * port); +extern void ip_conntrack_h245_expect(struct ip_conntrack *new, + struct ip_conntrack_expect *this); +extern void ip_conntrack_q931_expect(struct ip_conntrack *new, + struct ip_conntrack_expect *this); +extern int (*set_h245_addr_hook) (struct sk_buff ** pskb, + unsigned char **data, int dataoff, + H245_TransportAddress * addr, + u_int32_t ip, u_int16_t port); +extern int (*set_h225_addr_hook) (struct sk_buff ** pskb, + unsigned char **data, int dataoff, + TransportAddress * addr, + u_int32_t ip, u_int16_t port); +extern int (*set_sig_addr_hook) (struct sk_buff ** pskb, + struct ip_conntrack * ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, + TransportAddress * addr, int count); +extern int (*set_ras_addr_hook) (struct sk_buff ** pskb, + struct ip_conntrack * ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, + TransportAddress * addr, int count); +extern int (*nat_rtp_rtcp_hook) (struct sk_buff ** pskb, + struct ip_conntrack * ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, int dataoff, + H245_TransportAddress * addr, + u_int16_t port, u_int16_t rtp_port, + struct ip_conntrack_expect * rtp_exp, + struct ip_conntrack_expect * rtcp_exp); +extern int (*nat_t120_hook) (struct sk_buff ** pskb, struct ip_conntrack * ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, int dataoff, + H245_TransportAddress * addr, u_int16_t port, + struct ip_conntrack_expect * exp); +extern int (*nat_h245_hook) (struct sk_buff ** pskb, struct ip_conntrack * ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, int dataoff, + TransportAddress * addr, u_int16_t port, + struct ip_conntrack_expect * exp); +extern int (*nat_q931_hook) (struct sk_buff ** pskb, struct ip_conntrack * ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, TransportAddress * addr, + int idx, u_int16_t port, + struct ip_conntrack_expect * exp); + + +/****************************************************************************/ +static int set_addr(struct sk_buff **pskb, + unsigned char **data, int dataoff, + unsigned int addroff, u_int32_t ip, u_int16_t port) +{ + enum ip_conntrack_info ctinfo; + struct ip_conntrack *ct = ip_conntrack_get(*pskb, &ctinfo); + struct { + u_int32_t ip; + u_int16_t port; + } __attribute__ ((__packed__)) buf; + struct tcphdr _tcph, *th; + + buf.ip = ip; + buf.port = htons(port); + addroff += dataoff; + + if ((*pskb)->nh.iph->protocol == IPPROTO_TCP) { + if (!ip_nat_mangle_tcp_packet(pskb, ct, ctinfo, + addroff, sizeof(buf), + (char *) &buf, sizeof(buf))) { + if (net_ratelimit()) + printk("ip_nat_h323: ip_nat_mangle_tcp_packet" + " error\n"); + return -1; + } + + /* Relocate data pointer */ + th = skb_header_pointer(*pskb, (*pskb)->nh.iph->ihl * 4, + sizeof(_tcph), &_tcph); + if (th == NULL) + return -1; + *data = (*pskb)->data + (*pskb)->nh.iph->ihl * 4 + + th->doff * 4 + dataoff; + } else { + if (!ip_nat_mangle_udp_packet(pskb, ct, ctinfo, + addroff, sizeof(buf), + (char *) &buf, sizeof(buf))) { + if (net_ratelimit()) + printk("ip_nat_h323: ip_nat_mangle_udp_packet" + " error\n"); + return -1; + } + /* ip_nat_mangle_udp_packet uses skb_make_writable() to copy + * or pull everything in a linear buffer, so we can safely + * use the skb pointers now */ + *data = (*pskb)->data + (*pskb)->nh.iph->ihl * 4 + + sizeof(struct udphdr); + } + + return 0; +} + +/****************************************************************************/ +static int set_h225_addr(struct sk_buff **pskb, + unsigned char **data, int dataoff, + TransportAddress * addr, + u_int32_t ip, u_int16_t port) +{ + return set_addr(pskb, data, dataoff, addr->ipAddress.ip, ip, port); +} + +/****************************************************************************/ +static int set_h245_addr(struct sk_buff **pskb, + unsigned char **data, int dataoff, + H245_TransportAddress * addr, + u_int32_t ip, u_int16_t port) +{ + return set_addr(pskb, data, dataoff, + addr->unicastAddress.iPAddress.network, ip, port); +} + +/****************************************************************************/ +static int set_sig_addr(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, + TransportAddress * addr, int count) +{ + struct ip_ct_h323_master *info = &ct->help.ct_h323_info; + int dir = CTINFO2DIR(ctinfo); + int i; + u_int32_t ip; + u_int16_t port; + + for (i = 0; i < count; i++) { + if (get_h225_addr(*data, &addr[i], &ip, &port)) { + if (ip == ct->tuplehash[dir].tuple.src.ip && + port == info->sig_port[dir]) { + /* GW->GK */ + + /* Fix for Gnomemeeting */ + if (i > 0 && + get_h225_addr(*data, &addr[0], + &ip, &port) && + (ntohl(ip) & 0xff000000) == 0x7f000000) + i = 0; + + DEBUGP + ("ip_nat_ras: set signal address " + "%u.%u.%u.%u:%hu->%u.%u.%u.%u:%hu\n", + NIPQUAD(ip), port, + NIPQUAD(ct->tuplehash[!dir].tuple.dst. + ip), info->sig_port[!dir]); + return set_h225_addr(pskb, data, 0, &addr[i], + ct->tuplehash[!dir]. + tuple.dst.ip, + info->sig_port[!dir]); + } else if (ip == ct->tuplehash[dir].tuple.dst.ip && + port == info->sig_port[dir]) { + /* GK->GW */ + DEBUGP + ("ip_nat_ras: set signal address " + "%u.%u.%u.%u:%hu->%u.%u.%u.%u:%hu\n", + NIPQUAD(ip), port, + NIPQUAD(ct->tuplehash[!dir].tuple.src. + ip), info->sig_port[!dir]); + return set_h225_addr(pskb, data, 0, &addr[i], + ct->tuplehash[!dir]. + tuple.src.ip, + info->sig_port[!dir]); + } + } + } + + return 0; +} + +/****************************************************************************/ +static int set_ras_addr(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, + TransportAddress * addr, int count) +{ + int dir = CTINFO2DIR(ctinfo); + int i; + u_int32_t ip; + u_int16_t port; + + for (i = 0; i < count; i++) { + if (get_h225_addr(*data, &addr[i], &ip, &port) && + ip == ct->tuplehash[dir].tuple.src.ip && + port == ntohs(ct->tuplehash[dir].tuple.src.u.udp.port)) { + DEBUGP("ip_nat_ras: set rasAddress " + "%u.%u.%u.%u:%hu->%u.%u.%u.%u:%hu\n", + NIPQUAD(ip), port, + NIPQUAD(ct->tuplehash[!dir].tuple.dst.ip), + ntohs(ct->tuplehash[!dir].tuple.dst.u.udp. + port)); + return set_h225_addr(pskb, data, 0, &addr[i], + ct->tuplehash[!dir].tuple.dst.ip, + ntohs(ct->tuplehash[!dir].tuple. + dst.u.udp.port)); + } + } + + return 0; +} + +/****************************************************************************/ +static int nat_rtp_rtcp(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, int dataoff, + H245_TransportAddress * addr, + u_int16_t port, u_int16_t rtp_port, + struct ip_conntrack_expect *rtp_exp, + struct ip_conntrack_expect *rtcp_exp) +{ + struct ip_ct_h323_master *info = &ct->help.ct_h323_info; + int dir = CTINFO2DIR(ctinfo); + int i; + u_int16_t nated_port; + + /* Set expectations for NAT */ + rtp_exp->saved_proto.udp.port = rtp_exp->tuple.dst.u.udp.port; + rtp_exp->expectfn = ip_nat_follow_master; + rtp_exp->dir = !dir; + rtcp_exp->saved_proto.udp.port = rtcp_exp->tuple.dst.u.udp.port; + rtcp_exp->expectfn = ip_nat_follow_master; + rtcp_exp->dir = !dir; + + /* Lookup existing expects */ + for (i = 0; i < H323_RTP_CHANNEL_MAX; i++) { + if (info->rtp_port[i][dir] == rtp_port) { + /* Expected */ + + /* Use allocated ports first. This will refresh + * the expects */ + rtp_exp->tuple.dst.u.udp.port = + htons(info->rtp_port[i][dir]); + rtcp_exp->tuple.dst.u.udp.port = + htons(info->rtp_port[i][dir] + 1); + break; + } else if (info->rtp_port[i][dir] == 0) { + /* Not expected */ + break; + } + } + + /* Run out of expectations */ + if (i >= H323_RTP_CHANNEL_MAX) { + if (net_ratelimit()) + printk("ip_nat_h323: out of expectations\n"); + return 0; + } + + /* Try to get a pair of ports. */ + for (nated_port = ntohs(rtp_exp->tuple.dst.u.udp.port); + nated_port != 0; nated_port += 2) { + rtp_exp->tuple.dst.u.udp.port = htons(nated_port); + if (ip_conntrack_expect_related(rtp_exp) == 0) { + rtcp_exp->tuple.dst.u.udp.port = + htons(nated_port + 1); + if (ip_conntrack_expect_related(rtcp_exp) == 0) + break; + ip_conntrack_unexpect_related(rtp_exp); + } + } + + if (nated_port == 0) { /* No port available */ + if (net_ratelimit()) + printk("ip_nat_h323: out of RTP ports\n"); + return 0; + } + + /* Modify signal */ + if (set_h245_addr(pskb, data, dataoff, addr, + ct->tuplehash[!dir].tuple.dst.ip, + (port & 1) ? nated_port + 1 : nated_port) == 0) { + /* Save ports */ + info->rtp_port[i][dir] = rtp_port; + info->rtp_port[i][!dir] = nated_port; + } else { + ip_conntrack_unexpect_related(rtp_exp); + ip_conntrack_unexpect_related(rtcp_exp); + return -1; + } + + /* Success */ + DEBUGP("ip_nat_h323: expect RTP %u.%u.%u.%u:%hu->%u.%u.%u.%u:%hu\n", + NIPQUAD(rtp_exp->tuple.src.ip), + ntohs(rtp_exp->tuple.src.u.udp.port), + NIPQUAD(rtp_exp->tuple.dst.ip), + ntohs(rtp_exp->tuple.dst.u.udp.port)); + DEBUGP("ip_nat_h323: expect RTCP %u.%u.%u.%u:%hu->%u.%u.%u.%u:%hu\n", + NIPQUAD(rtcp_exp->tuple.src.ip), + ntohs(rtcp_exp->tuple.src.u.udp.port), + NIPQUAD(rtcp_exp->tuple.dst.ip), + ntohs(rtcp_exp->tuple.dst.u.udp.port)); + + return 0; +} + +/****************************************************************************/ +static int nat_t120(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, int dataoff, + H245_TransportAddress * addr, u_int16_t port, + struct ip_conntrack_expect *exp) +{ + int dir = CTINFO2DIR(ctinfo); + u_int16_t nated_port = port; + + /* Set expectations for NAT */ + exp->saved_proto.tcp.port = exp->tuple.dst.u.tcp.port; + exp->expectfn = ip_nat_follow_master; + exp->dir = !dir; + + /* Try to get same port: if not, try to change it. */ + for (; nated_port != 0; nated_port++) { + exp->tuple.dst.u.tcp.port = htons(nated_port); + if (ip_conntrack_expect_related(exp) == 0) + break; + } + + if (nated_port == 0) { /* No port available */ + if (net_ratelimit()) + printk("ip_nat_h323: out of TCP ports\n"); + return 0; + } + + /* Modify signal */ + if (set_h245_addr(pskb, data, dataoff, addr, + ct->tuplehash[!dir].tuple.dst.ip, nated_port) < 0) { + ip_conntrack_unexpect_related(exp); + return -1; + } + + DEBUGP("ip_nat_h323: expect T.120 %u.%u.%u.%u:%hu->%u.%u.%u.%u:%hu\n", + NIPQUAD(exp->tuple.src.ip), ntohs(exp->tuple.src.u.tcp.port), + NIPQUAD(exp->tuple.dst.ip), ntohs(exp->tuple.dst.u.tcp.port)); + + return 0; +} + +/**************************************************************************** + * This conntrack expect function replaces ip_conntrack_h245_expect() + * which was set by ip_conntrack_helper_h323.c. It calls both + * ip_nat_follow_master() and ip_conntrack_h245_expect() + ****************************************************************************/ +static void ip_nat_h245_expect(struct ip_conntrack *new, + struct ip_conntrack_expect *this) +{ + ip_nat_follow_master(new, this); + ip_conntrack_h245_expect(new, this); +} + +/****************************************************************************/ +static int nat_h245(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, int dataoff, + TransportAddress * addr, u_int16_t port, + struct ip_conntrack_expect *exp) +{ + struct ip_ct_h323_master *info = &ct->help.ct_h323_info; + int dir = CTINFO2DIR(ctinfo); + u_int16_t nated_port = port; + + /* Set expectations for NAT */ + exp->saved_proto.tcp.port = exp->tuple.dst.u.tcp.port; + exp->expectfn = ip_nat_h245_expect; + exp->dir = !dir; + + /* Check existing expects */ + if (info->sig_port[dir] == port) + nated_port = info->sig_port[!dir]; + + /* Try to get same port: if not, try to change it. */ + for (; nated_port != 0; nated_port++) { + exp->tuple.dst.u.tcp.port = htons(nated_port); + if (ip_conntrack_expect_related(exp) == 0) + break; + } + + if (nated_port == 0) { /* No port available */ + if (net_ratelimit()) + printk("ip_nat_q931: out of TCP ports\n"); + return 0; + } + + /* Modify signal */ + if (set_h225_addr(pskb, data, dataoff, addr, + ct->tuplehash[!dir].tuple.dst.ip, + nated_port) == 0) { + /* Save ports */ + info->sig_port[dir] = port; + info->sig_port[!dir] = nated_port; + } else { + ip_conntrack_unexpect_related(exp); + return -1; + } + + DEBUGP("ip_nat_q931: expect H.245 %u.%u.%u.%u:%hu->%u.%u.%u.%u:%hu\n", + NIPQUAD(exp->tuple.src.ip), ntohs(exp->tuple.src.u.tcp.port), + NIPQUAD(exp->tuple.dst.ip), ntohs(exp->tuple.dst.u.tcp.port)); + + return 0; +} + +/**************************************************************************** + * This conntrack expect function replaces ip_conntrack_q931_expect() + * which was set by ip_conntrack_helper_h323.c. + ****************************************************************************/ +static void ip_nat_q931_expect(struct ip_conntrack *new, + struct ip_conntrack_expect *this) +{ + struct ip_nat_range range; + + if (this->tuple.src.ip != 0) { /* Only accept calls from GK */ + ip_nat_follow_master(new, this); + goto out; + } + + /* This must be a fresh one. */ + BUG_ON(new->status & IPS_NAT_DONE_MASK); + + /* Change src to where master sends to */ + range.flags = IP_NAT_RANGE_MAP_IPS; + range.min_ip = range.max_ip = new->tuplehash[!this->dir].tuple.src.ip; + + /* hook doesn't matter, but it has to do source manip */ + ip_nat_setup_info(new, &range, NF_IP_POST_ROUTING); + + /* For DST manip, map port here to where it's expected. */ + range.flags = (IP_NAT_RANGE_MAP_IPS | IP_NAT_RANGE_PROTO_SPECIFIED); + range.min = range.max = this->saved_proto; + range.min_ip = range.max_ip = + new->master->tuplehash[!this->dir].tuple.src.ip; + + /* hook doesn't matter, but it has to do destination manip */ + ip_nat_setup_info(new, &range, NF_IP_PRE_ROUTING); + + out: + ip_conntrack_q931_expect(new, this); +} + +/****************************************************************************/ +static int nat_q931(struct sk_buff **pskb, struct ip_conntrack *ct, + enum ip_conntrack_info ctinfo, + unsigned char **data, TransportAddress * addr, int idx, + u_int16_t port, struct ip_conntrack_expect *exp) +{ + struct ip_ct_h323_master *info = &ct->help.ct_h323_info; + int dir = CTINFO2DIR(ctinfo); + u_int16_t nated_port = port; + u_int32_t ip; + + /* Set expectations for NAT */ + exp->saved_proto.tcp.port = exp->tuple.dst.u.tcp.port; + exp->expectfn = ip_nat_q931_expect; + exp->dir = !dir; + + /* Check existing expects */ + if (info->sig_port[dir] == port) + nated_port = info->sig_port[!dir]; + + /* Try to get same port: if not, try to change it. */ + for (; nated_port != 0; nated_port++) { + exp->tuple.dst.u.tcp.port = htons(nated_port); + if (ip_conntrack_expect_related(exp) == 0) + break; + } + + if (nated_port == 0) { /* No port available */ + if (net_ratelimit()) + printk("ip_nat_ras: out of TCP ports\n"); + return 0; + } + + /* Modify signal */ + if (set_h225_addr(pskb, data, 0, &addr[idx], + ct->tuplehash[!dir].tuple.dst.ip, + nated_port) == 0) { + /* Save ports */ + info->sig_port[dir] = port; + info->sig_port[!dir] = nated_port; + + /* Fix for Gnomemeeting */ + if (idx > 0 && + get_h225_addr(*data, &addr[0], &ip, &port) && + (ntohl(ip) & 0xff000000) == 0x7f000000) { + set_h225_addr_hook(pskb, data, 0, &addr[0], + ct->tuplehash[!dir].tuple.dst.ip, + info->sig_port[!dir]); + } + } else { + ip_conntrack_unexpect_related(exp); + return -1; + } + + /* Success */ + DEBUGP("ip_nat_ras: expect Q.931 %u.%u.%u.%u:%hu->%u.%u.%u.%u:%hu\n", + NIPQUAD(exp->tuple.src.ip), ntohs(exp->tuple.src.u.tcp.port), + NIPQUAD(exp->tuple.dst.ip), ntohs(exp->tuple.dst.u.tcp.port)); + + return 0; +} + +/****************************************************************************/ +static int __init init(void) +{ + BUG_ON(set_h245_addr_hook != NULL); + BUG_ON(set_h225_addr_hook != NULL); + BUG_ON(set_sig_addr_hook != NULL); + BUG_ON(set_ras_addr_hook != NULL); + BUG_ON(nat_rtp_rtcp_hook != NULL); + BUG_ON(nat_t120_hook != NULL); + BUG_ON(nat_h245_hook != NULL); + BUG_ON(nat_q931_hook != NULL); + + set_h245_addr_hook = set_h245_addr; + set_h225_addr_hook = set_h225_addr; + set_sig_addr_hook = set_sig_addr; + set_ras_addr_hook = set_ras_addr; + nat_rtp_rtcp_hook = nat_rtp_rtcp; + nat_t120_hook = nat_t120; + nat_h245_hook = nat_h245; + nat_q931_hook = nat_q931; + + DEBUGP("ip_nat_h323: init success\n"); + return 0; +} + +/****************************************************************************/ +static void __exit fini(void) +{ + set_h245_addr_hook = NULL; + set_h225_addr_hook = NULL; + set_sig_addr_hook = NULL; + set_ras_addr_hook = NULL; + nat_rtp_rtcp_hook = NULL; + nat_t120_hook = NULL; + nat_h245_hook = NULL; + nat_q931_hook = NULL; + synchronize_net(); +} + +/****************************************************************************/ +module_init(init); +module_exit(fini); + +MODULE_AUTHOR("Jing Min Zhao <zhaojingmin@users.sourceforge.net>"); +MODULE_DESCRIPTION("H.323 NAT helper"); +MODULE_LICENSE("GPL"); diff --git a/net/ipv4/netfilter/ip_nat_helper_pptp.c b/net/ipv4/netfilter/ip_nat_helper_pptp.c index ac004895..f397772 100644 --- a/net/ipv4/netfilter/ip_nat_helper_pptp.c +++ b/net/ipv4/netfilter/ip_nat_helper_pptp.c @@ -52,6 +52,8 @@ #define IP_NAT_PPTP_VERSION "3.0" +#define REQ_CID(req, off) (*(u_int16_t *)((char *)(req) + (off))) + MODULE_LICENSE("GPL"); MODULE_AUTHOR("Harald Welte <laforge@gnumonks.org>"); MODULE_DESCRIPTION("Netfilter NAT helper module for PPTP"); @@ -198,7 +200,7 @@ pptp_outbound_pkt(struct sk_buff **pskb, /* only OUT_CALL_REQUEST, IN_CALL_REPLY, CALL_CLEAR_REQUEST pass * down to here */ DEBUGP("altering call id from 0x%04x to 0x%04x\n", - ntohs(*(u_int16_t *)pptpReq + cid_off), ntohs(new_callid)); + ntohs(REQ_CID(pptpReq, cid_off)), ntohs(new_callid)); /* mangle packet */ if (ip_nat_mangle_tcp_packet(pskb, ct, ctinfo, @@ -342,7 +344,7 @@ pptp_inbound_pkt(struct sk_buff **pskb, /* mangle packet */ DEBUGP("altering peer call id from 0x%04x to 0x%04x\n", - ntohs(*(u_int16_t *)pptpReq + pcid_off), ntohs(new_pcid)); + ntohs(REQ_CID(pptpReq, pcid_off)), ntohs(new_pcid)); if (ip_nat_mangle_tcp_packet(pskb, ct, ctinfo, pcid_off + sizeof(struct pptp_pkt_hdr) + @@ -353,7 +355,7 @@ pptp_inbound_pkt(struct sk_buff **pskb, if (new_cid) { DEBUGP("altering call id from 0x%04x to 0x%04x\n", - ntohs(*(u_int16_t *)pptpReq + cid_off), ntohs(new_cid)); + ntohs(REQ_CID(pptpReq, cid_off)), ntohs(new_cid)); if (ip_nat_mangle_tcp_packet(pskb, ct, ctinfo, cid_off + sizeof(struct pptp_pkt_hdr) + sizeof(struct PptpControlHeader), @@ -368,7 +370,7 @@ pptp_inbound_pkt(struct sk_buff **pskb, extern int __init ip_nat_proto_gre_init(void); extern void __exit ip_nat_proto_gre_fini(void); -static int __init init(void) +static int __init ip_nat_helper_pptp_init(void) { int ret; @@ -394,7 +396,7 @@ static int __init init(void) return 0; } -static void __exit fini(void) +static void __exit ip_nat_helper_pptp_fini(void) { DEBUGP("cleanup_module\n" ); @@ -410,5 +412,5 @@ static void __exit fini(void) printk("ip_nat_pptp version %s unloaded\n", IP_NAT_PPTP_VERSION); } -module_init(init); -module_exit(fini); +module_init(ip_nat_helper_pptp_init); +module_exit(ip_nat_helper_pptp_fini); diff --git a/net/ipv4/netfilter/ip_nat_irc.c b/net/ipv4/netfilter/ip_nat_irc.c index 461c833..a767123 100644 --- a/net/ipv4/netfilter/ip_nat_irc.c +++ b/net/ipv4/netfilter/ip_nat_irc.c @@ -96,14 +96,14 @@ static unsigned int help(struct sk_buff **pskb, return ret; } -static void __exit fini(void) +static void __exit ip_nat_irc_fini(void) { ip_nat_irc_hook = NULL; /* Make sure noone calls it, meanwhile. */ synchronize_net(); } -static int __init init(void) +static int __init ip_nat_irc_init(void) { BUG_ON(ip_nat_irc_hook); ip_nat_irc_hook = help; @@ -119,5 +119,5 @@ static int warn_set(const char *val, struct kernel_param *kp) } module_param_call(ports, warn_set, NULL, NULL, 0); -module_init(init); -module_exit(fini); +module_init(ip_nat_irc_init); +module_exit(ip_nat_irc_fini); diff --git a/net/ipv4/netfilter/ip_nat_rule.c b/net/ipv4/netfilter/ip_nat_rule.c index 1de8628..efba8c4 100644 --- a/net/ipv4/netfilter/ip_nat_rule.c +++ b/net/ipv4/netfilter/ip_nat_rule.c @@ -103,6 +103,7 @@ static unsigned int ipt_snat_target(struct sk_buff **pskb, const struct net_device *in, const struct net_device *out, unsigned int hooknum, + const struct ipt_target *target, const void *targinfo, void *userinfo) { @@ -145,6 +146,7 @@ static unsigned int ipt_dnat_target(struct sk_buff **pskb, const struct net_device *in, const struct net_device *out, unsigned int hooknum, + const struct ipt_target *target, const void *targinfo, void *userinfo) { @@ -170,6 +172,7 @@ static unsigned int ipt_dnat_target(struct sk_buff **pskb, static int ipt_snat_checkentry(const char *tablename, const void *entry, + const struct ipt_target *target, void *targinfo, unsigned int targinfosize, unsigned int hook_mask) @@ -181,28 +184,12 @@ static int ipt_snat_checkentry(const char *tablename, printk("SNAT: multiple ranges no longer supported\n"); return 0; } - - if (targinfosize != IPT_ALIGN(sizeof(struct ip_nat_multi_range_compat))) { - DEBUGP("SNAT: Target size %u wrong for %u ranges\n", - targinfosize, mr->rangesize); - return 0; - } - - /* Only allow these for NAT. */ - if (strcmp(tablename, "nat") != 0) { - DEBUGP("SNAT: wrong table %s\n", tablename); - return 0; - } - - if (hook_mask & ~(1 << NF_IP_POST_ROUTING)) { - DEBUGP("SNAT: hook mask 0x%x bad\n", hook_mask); - return 0; - } return 1; } static int ipt_dnat_checkentry(const char *tablename, const void *entry, + const struct ipt_target *target, void *targinfo, unsigned int targinfosize, unsigned int hook_mask) @@ -214,24 +201,6 @@ static int ipt_dnat_checkentry(const char *tablename, printk("DNAT: multiple ranges no longer supported\n"); return 0; } - - if (targinfosize != IPT_ALIGN(sizeof(struct ip_nat_multi_range_compat))) { - DEBUGP("DNAT: Target size %u wrong for %u ranges\n", - targinfosize, mr->rangesize); - return 0; - } - - /* Only allow these for NAT. */ - if (strcmp(tablename, "nat") != 0) { - DEBUGP("DNAT: wrong table %s\n", tablename); - return 0; - } - - if (hook_mask & ~((1 << NF_IP_PRE_ROUTING) | (1 << NF_IP_LOCAL_OUT))) { - DEBUGP("DNAT: hook mask 0x%x bad\n", hook_mask); - return 0; - } - return 1; } @@ -299,12 +268,18 @@ int ip_nat_rule_find(struct sk_buff **pskb, static struct ipt_target ipt_snat_reg = { .name = "SNAT", .target = ipt_snat_target, + .targetsize = sizeof(struct ip_nat_multi_range_compat), + .table = "nat", + .hooks = 1 << NF_IP_POST_ROUTING, .checkentry = ipt_snat_checkentry, }; static struct ipt_target ipt_dnat_reg = { .name = "DNAT", .target = ipt_dnat_target, + .targetsize = sizeof(struct ip_nat_multi_range_compat), + .table = "nat", + .hooks = 1 << NF_IP_PRE_ROUTING, .checkentry = ipt_dnat_checkentry, }; diff --git a/net/ipv4/netfilter/ip_nat_snmp_basic.c b/net/ipv4/netfilter/ip_nat_snmp_basic.c index 4f95d47..c622538 100644 --- a/net/ipv4/netfilter/ip_nat_snmp_basic.c +++ b/net/ipv4/netfilter/ip_nat_snmp_basic.c @@ -250,6 +250,7 @@ static unsigned char asn1_header_decode(struct asn1_ctx *ctx, if (!asn1_id_decode(ctx, cls, con, tag)) return 0; + def = len = 0; if (!asn1_length_decode(ctx, &def, &len)) return 0; @@ -669,7 +670,7 @@ static unsigned char snmp_object_decode(struct asn1_ctx *ctx, unsigned char *eoc, *end, *p; unsigned long *lp, *id; unsigned long ul; - long l; + long l; *obj = NULL; id = NULL; @@ -699,11 +700,13 @@ static unsigned char snmp_object_decode(struct asn1_ctx *ctx, return 0; } + type = 0; if (!snmp_tag_cls2syntax(tag, cls, &type)) { kfree(id); return 0; } + l = 0; switch (type) { case SNMP_INTEGER: len = sizeof(long); @@ -1321,7 +1324,7 @@ static struct ip_conntrack_helper snmp_trap_helper = { * *****************************************************************************/ -static int __init init(void) +static int __init ip_nat_snmp_basic_init(void) { int ret = 0; @@ -1336,13 +1339,13 @@ static int __init init(void) return ret; } -static void __exit fini(void) +static void __exit ip_nat_snmp_basic_fini(void) { ip_conntrack_helper_unregister(&snmp_helper); ip_conntrack_helper_unregister(&snmp_trap_helper); } -module_init(init); -module_exit(fini); +module_init(ip_nat_snmp_basic_init); +module_exit(ip_nat_snmp_basic_fini); module_param(debug, bool, 0600); diff --git a/net/ipv4/netfilter/ip_nat_standalone.c b/net/ipv4/netfilter/ip_nat_standalone.c index ab1f88f..3505b0d 100644 --- a/net/ipv4/netfilter/ip_nat_standalone.c +++ b/net/ipv4/netfilter/ip_nat_standalone.c @@ -394,7 +394,7 @@ static int init_or_cleanup(int init) ret = nf_register_hook(&ip_nat_local_out_ops); if (ret < 0) { printk("ip_nat_init: can't register local out hook.\n"); - goto cleanup_adjustout_ops;; + goto cleanup_adjustout_ops; } ret = nf_register_hook(&ip_nat_local_in_ops); if (ret < 0) { @@ -425,17 +425,17 @@ static int init_or_cleanup(int init) return ret; } -static int __init init(void) +static int __init ip_nat_standalone_init(void) { return init_or_cleanup(1); } -static void __exit fini(void) +static void __exit ip_nat_standalone_fini(void) { init_or_cleanup(0); } -module_init(init); -module_exit(fini); +module_init(ip_nat_standalone_init); +module_exit(ip_nat_standalone_fini); MODULE_LICENSE("GPL"); diff --git a/net/ipv4/netfilter/ip_nat_tftp.c b/net/ipv4/netfilter/ip_nat_tftp.c index 43c3bd7..94a7801 100644 --- a/net/ipv4/netfilter/ip_nat_tftp.c +++ b/net/ipv4/netfilter/ip_nat_tftp.c @@ -53,19 +53,19 @@ static unsigned int help(struct sk_buff **pskb, return NF_ACCEPT; } -static void __exit fini(void) +static void __exit ip_nat_tftp_fini(void) { ip_nat_tftp_hook = NULL; /* Make sure noone calls it, meanwhile. */ synchronize_net(); } -static int __init init(void) +static int __init ip_nat_tftp_init(void) { BUG_ON(ip_nat_tftp_hook); ip_nat_tftp_hook = help; return 0; } -module_init(init); -module_exit(fini); +module_init(ip_nat_tftp_init); +module_exit(ip_nat_tftp_fini); diff --git a/net/ipv4/netfilter/ip_queue.c b/net/ipv4/netfilter/ip_queue.c index 08f80e2..896a244 100644 --- a/net/ipv4/netfilter/ip_queue.c +++ b/net/ipv4/netfilter/ip_queue.c @@ -35,6 +35,7 @@ #include <linux/sysctl.h> #include <linux/proc_fs.h> #include <linux/security.h> +#include <linux/mutex.h> #include <net/sock.h> #include <net/route.h> @@ -61,7 +62,7 @@ static unsigned int queue_dropped = 0; static unsigned int queue_user_dropped = 0; static struct sock *ipqnl; static LIST_HEAD(queue_list); -static DECLARE_MUTEX(ipqnl_sem); +static DEFINE_MUTEX(ipqnl_mutex); static void ipq_issue_verdict(struct ipq_queue_entry *entry, int verdict) @@ -539,7 +540,7 @@ ipq_rcv_sk(struct sock *sk, int len) struct sk_buff *skb; unsigned int qlen; - down(&ipqnl_sem); + mutex_lock(&ipqnl_mutex); for (qlen = skb_queue_len(&sk->sk_receive_queue); qlen; qlen--) { skb = skb_dequeue(&sk->sk_receive_queue); @@ -547,7 +548,7 @@ ipq_rcv_sk(struct sock *sk, int len) kfree_skb(skb); } - up(&ipqnl_sem); + mutex_unlock(&ipqnl_mutex); } static int @@ -708,21 +709,21 @@ cleanup_sysctl: cleanup_ipqnl: sock_release(ipqnl->sk_socket); - down(&ipqnl_sem); - up(&ipqnl_sem); + mutex_lock(&ipqnl_mutex); + mutex_unlock(&ipqnl_mutex); cleanup_netlink_notifier: netlink_unregister_notifier(&ipq_nl_notifier); return status; } -static int __init init(void) +static int __init ip_queue_init(void) { return init_or_cleanup(1); } -static void __exit fini(void) +static void __exit ip_queue_fini(void) { init_or_cleanup(0); } @@ -731,5 +732,5 @@ MODULE_DESCRIPTION("IPv4 packet queue handler"); MODULE_AUTHOR("James Morris <jmorris@intercode.com.au>"); MODULE_LICENSE("GPL"); -module_init(init); -module_exit(fini); +module_init(ip_queue_init); +module_exit(ip_queue_fini); diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c index 16f47c6..460fd90 100644 --- a/net/ipv4/netfilter/ip_tables.c +++ b/net/ipv4/netfilter/ip_tables.c @@ -25,7 +25,7 @@ #include <linux/icmp.h> #include <net/ip.h> #include <asm/uaccess.h> -#include <asm/semaphore.h> +#include <linux/mutex.h> #include <linux/proc_fs.h> #include <linux/err.h> #include <linux/cpumask.h> @@ -179,6 +179,7 @@ ipt_error(struct sk_buff **pskb, const struct net_device *in, const struct net_device *out, unsigned int hooknum, + const struct xt_target *target, const void *targinfo, void *userinfo) { @@ -197,8 +198,8 @@ int do_match(struct ipt_entry_match *m, int *hotdrop) { /* Stop iteration if it doesn't match */ - if (!m->u.kernel.match->match(skb, in, out, m->data, offset, - skb->nh.iph->ihl*4, hotdrop)) + if (!m->u.kernel.match->match(skb, in, out, m->u.kernel.match, m->data, + offset, skb->nh.iph->ihl*4, hotdrop)) return 1; else return 0; @@ -305,6 +306,7 @@ ipt_do_table(struct sk_buff **pskb, verdict = t->u.kernel.target->target(pskb, in, out, hook, + t->u.kernel.target, t->data, userdata); @@ -464,7 +466,7 @@ cleanup_match(struct ipt_entry_match *m, unsigned int *i) return 1; if (m->u.kernel.match->destroy) - m->u.kernel.match->destroy(m->data, + m->u.kernel.match->destroy(m->u.kernel.match, m->data, m->u.match_size - sizeof(*m)); module_put(m->u.kernel.match->me); return 0; @@ -477,21 +479,12 @@ standard_check(const struct ipt_entry_target *t, struct ipt_standard_target *targ = (void *)t; /* Check standard info. */ - if (t->u.target_size - != IPT_ALIGN(sizeof(struct ipt_standard_target))) { - duprintf("standard_check: target size %u != %u\n", - t->u.target_size, - IPT_ALIGN(sizeof(struct ipt_standard_target))); - return 0; - } - if (targ->verdict >= 0 && targ->verdict > max_offset - sizeof(struct ipt_entry)) { duprintf("ipt_standard_check: bad verdict (%i)\n", targ->verdict); return 0; } - if (targ->verdict < -NF_MAX_VERDICT - 1) { duprintf("ipt_standard_check: bad negative verdict (%i)\n", targ->verdict); @@ -508,6 +501,7 @@ check_match(struct ipt_entry_match *m, unsigned int *i) { struct ipt_match *match; + int ret; match = try_then_request_module(xt_find_match(AF_INET, m->u.user.name, m->u.user.revision), @@ -518,18 +512,27 @@ check_match(struct ipt_entry_match *m, } m->u.kernel.match = match; + ret = xt_check_match(match, AF_INET, m->u.match_size - sizeof(*m), + name, hookmask, ip->proto, + ip->invflags & IPT_INV_PROTO); + if (ret) + goto err; + if (m->u.kernel.match->checkentry - && !m->u.kernel.match->checkentry(name, ip, m->data, + && !m->u.kernel.match->checkentry(name, ip, match, m->data, m->u.match_size - sizeof(*m), hookmask)) { - module_put(m->u.kernel.match->me); duprintf("ip_tables: check failed for `%s'.\n", m->u.kernel.match->name); - return -EINVAL; + ret = -EINVAL; + goto err; } (*i)++; return 0; +err: + module_put(m->u.kernel.match->me); + return ret; } static struct ipt_target ipt_standard_target; @@ -565,26 +568,32 @@ check_entry(struct ipt_entry *e, const char *name, unsigned int size, } t->u.kernel.target = target; + ret = xt_check_target(target, AF_INET, t->u.target_size - sizeof(*t), + name, e->comefrom, e->ip.proto, + e->ip.invflags & IPT_INV_PROTO); + if (ret) + goto err; + if (t->u.kernel.target == &ipt_standard_target) { if (!standard_check(t, size)) { ret = -EINVAL; goto cleanup_matches; } } else if (t->u.kernel.target->checkentry - && !t->u.kernel.target->checkentry(name, e, t->data, + && !t->u.kernel.target->checkentry(name, e, target, t->data, t->u.target_size - sizeof(*t), e->comefrom)) { - module_put(t->u.kernel.target->me); duprintf("ip_tables: check failed for `%s'.\n", t->u.kernel.target->name); ret = -EINVAL; - goto cleanup_matches; + goto err; } (*i)++; return 0; - + err: + module_put(t->u.kernel.target->me); cleanup_matches: IPT_MATCH_ITERATE(e, cleanup_match, &j); return ret; @@ -645,7 +654,7 @@ cleanup_entry(struct ipt_entry *e, unsigned int *i) IPT_MATCH_ITERATE(e, cleanup_match, NULL); t = ipt_get_target(e); if (t->u.kernel.target->destroy) - t->u.kernel.target->destroy(t->data, + t->u.kernel.target->destroy(t->u.kernel.target, t->data, t->u.target_size - sizeof(*t)); module_put(t->u.kernel.target->me); return 0; @@ -1277,6 +1286,7 @@ static int icmp_match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -1310,28 +1320,29 @@ icmp_match(const struct sk_buff *skb, static int icmp_checkentry(const char *tablename, const void *info, + const struct xt_match *match, void *matchinfo, unsigned int matchsize, unsigned int hook_mask) { - const struct ipt_ip *ip = info; const struct ipt_icmp *icmpinfo = matchinfo; - /* Must specify proto == ICMP, and no unknown invflags */ - return ip->proto == IPPROTO_ICMP - && !(ip->invflags & IPT_INV_PROTO) - && matchsize == IPT_ALIGN(sizeof(struct ipt_icmp)) - && !(icmpinfo->invflags & ~IPT_ICMP_INV); + /* Must specify no unknown invflags */ + return !(icmpinfo->invflags & ~IPT_ICMP_INV); } /* The built-in targets: standard (NULL) and error. */ static struct ipt_target ipt_standard_target = { .name = IPT_STANDARD_TARGET, + .targetsize = sizeof(int), + .family = AF_INET, }; static struct ipt_target ipt_error_target = { .name = IPT_ERROR_TARGET, .target = ipt_error, + .targetsize = IPT_FUNCTION_MAXNAMELEN, + .family = AF_INET, }; static struct nf_sockopt_ops ipt_sockopts = { @@ -1346,20 +1357,23 @@ static struct nf_sockopt_ops ipt_sockopts = { static struct ipt_match icmp_matchstruct = { .name = "icmp", - .match = &icmp_match, - .checkentry = &icmp_checkentry, + .match = icmp_match, + .matchsize = sizeof(struct ipt_icmp), + .proto = IPPROTO_ICMP, + .family = AF_INET, + .checkentry = icmp_checkentry, }; -static int __init init(void) +static int __init ip_tables_init(void) { int ret; xt_proto_init(AF_INET); /* Noone else will be downing sem now, so we won't sleep */ - xt_register_target(AF_INET, &ipt_standard_target); - xt_register_target(AF_INET, &ipt_error_target); - xt_register_match(AF_INET, &icmp_matchstruct); + xt_register_target(&ipt_standard_target); + xt_register_target(&ipt_error_target); + xt_register_match(&icmp_matchstruct); /* Register setsockopt */ ret = nf_register_sockopt(&ipt_sockopts); @@ -1372,13 +1386,13 @@ static int __init init(void) return 0; } -static void __exit fini(void) +static void __exit ip_tables_fini(void) { nf_unregister_sockopt(&ipt_sockopts); - xt_unregister_match(AF_INET, &icmp_matchstruct); - xt_unregister_target(AF_INET, &ipt_error_target); - xt_unregister_target(AF_INET, &ipt_standard_target); + xt_unregister_match(&icmp_matchstruct); + xt_unregister_target(&ipt_error_target); + xt_unregister_target(&ipt_standard_target); xt_proto_fini(AF_INET); } @@ -1386,5 +1400,5 @@ static void __exit fini(void) EXPORT_SYMBOL(ipt_register_table); EXPORT_SYMBOL(ipt_unregister_table); EXPORT_SYMBOL(ipt_do_table); -module_init(init); -module_exit(fini); +module_init(ip_tables_init); +module_exit(ip_tables_fini); diff --git a/net/ipv4/netfilter/ipt_CLUSTERIP.c b/net/ipv4/netfilter/ipt_CLUSTERIP.c index d9bc971..e4768a3 100644 --- a/net/ipv4/netfilter/ipt_CLUSTERIP.c +++ b/net/ipv4/netfilter/ipt_CLUSTERIP.c @@ -311,6 +311,7 @@ target(struct sk_buff **pskb, const struct net_device *in, const struct net_device *out, unsigned int hooknum, + const struct xt_target *target, const void *targinfo, void *userinfo) { @@ -380,6 +381,7 @@ target(struct sk_buff **pskb, static int checkentry(const char *tablename, const void *e_void, + const struct xt_target *target, void *targinfo, unsigned int targinfosize, unsigned int hook_mask) @@ -389,13 +391,6 @@ checkentry(const char *tablename, struct clusterip_config *config; - if (targinfosize != IPT_ALIGN(sizeof(struct ipt_clusterip_tgt_info))) { - printk(KERN_WARNING "CLUSTERIP: targinfosize %u != %Zu\n", - targinfosize, - IPT_ALIGN(sizeof(struct ipt_clusterip_tgt_info))); - return 0; - } - if (cipinfo->hash_mode != CLUSTERIP_HASHMODE_SIP && cipinfo->hash_mode != CLUSTERIP_HASHMODE_SIP_SPT && cipinfo->hash_mode != CLUSTERIP_HASHMODE_SIP_SPT_DPT) { @@ -465,9 +460,10 @@ checkentry(const char *tablename, } /* drop reference count of cluster config when rule is deleted */ -static void destroy(void *matchinfo, unsigned int matchinfosize) +static void destroy(const struct xt_target *target, void *targinfo, + unsigned int targinfosize) { - struct ipt_clusterip_tgt_info *cipinfo = matchinfo; + struct ipt_clusterip_tgt_info *cipinfo = targinfo; /* if no more entries are referencing the config, remove it * from the list and destroy the proc entry */ @@ -476,12 +472,13 @@ static void destroy(void *matchinfo, unsigned int matchinfosize) clusterip_config_put(cipinfo->config); } -static struct ipt_target clusterip_tgt = { - .name = "CLUSTERIP", - .target = &target, - .checkentry = &checkentry, - .destroy = &destroy, - .me = THIS_MODULE +static struct ipt_target clusterip_tgt = { + .name = "CLUSTERIP", + .target = target, + .targetsize = sizeof(struct ipt_clusterip_tgt_info), + .checkentry = checkentry, + .destroy = destroy, + .me = THIS_MODULE }; @@ -773,15 +770,15 @@ cleanup_none: return -EINVAL; } -static int __init init(void) +static int __init ipt_clusterip_init(void) { return init_or_cleanup(0); } -static void __exit fini(void) +static void __exit ipt_clusterip_fini(void) { init_or_cleanup(1); } -module_init(init); -module_exit(fini); +module_init(ipt_clusterip_init); +module_exit(ipt_clusterip_fini); diff --git a/net/ipv4/netfilter/ipt_DSCP.c b/net/ipv4/netfilter/ipt_DSCP.c index 898cdf7..c8e9712 100644 --- a/net/ipv4/netfilter/ipt_DSCP.c +++ b/net/ipv4/netfilter/ipt_DSCP.c @@ -29,6 +29,7 @@ target(struct sk_buff **pskb, const struct net_device *in, const struct net_device *out, unsigned int hooknum, + const struct xt_target *target, const void *targinfo, void *userinfo) { @@ -58,48 +59,38 @@ target(struct sk_buff **pskb, static int checkentry(const char *tablename, const void *e_void, + const struct xt_target *target, void *targinfo, unsigned int targinfosize, unsigned int hook_mask) { const u_int8_t dscp = ((struct ipt_DSCP_info *)targinfo)->dscp; - if (targinfosize != IPT_ALIGN(sizeof(struct ipt_DSCP_info))) { - printk(KERN_WARNING "DSCP: targinfosize %u != %Zu\n", - targinfosize, - IPT_ALIGN(sizeof(struct ipt_DSCP_info))); - return 0; - } - - if (strcmp(tablename, "mangle") != 0) { - printk(KERN_WARNING "DSCP: can only be called from \"mangle\" table, not \"%s\"\n", tablename); - return 0; - } - if ((dscp > IPT_DSCP_MAX)) { printk(KERN_WARNING "DSCP: dscp %x out of range\n", dscp); return 0; } - return 1; } static struct ipt_target ipt_dscp_reg = { .name = "DSCP", .target = target, + .targetsize = sizeof(struct ipt_DSCP_info), + .table = "mangle", .checkentry = checkentry, .me = THIS_MODULE, }; -static int __init init(void) +static int __init ipt_dscp_init(void) { return ipt_register_target(&ipt_dscp_reg); } -static void __exit fini(void) +static void __exit ipt_dscp_fini(void) { ipt_unregister_target(&ipt_dscp_reg); } -module_init(init); -module_exit(fini); +module_init(ipt_dscp_init); +module_exit(ipt_dscp_fini); diff --git a/net/ipv4/netfilter/ipt_ECN.c b/net/ipv4/netfilter/ipt_ECN.c index 7064454..4adf5c9 100644 --- a/net/ipv4/netfilter/ipt_ECN.c +++ b/net/ipv4/netfilter/ipt_ECN.c @@ -94,6 +94,7 @@ target(struct sk_buff **pskb, const struct net_device *in, const struct net_device *out, unsigned int hooknum, + const struct xt_target *target, const void *targinfo, void *userinfo) { @@ -114,6 +115,7 @@ target(struct sk_buff **pskb, static int checkentry(const char *tablename, const void *e_void, + const struct xt_target *target, void *targinfo, unsigned int targinfosize, unsigned int hook_mask) @@ -121,18 +123,6 @@ checkentry(const char *tablename, const struct ipt_ECN_info *einfo = (struct ipt_ECN_info *)targinfo; const struct ipt_entry *e = e_void; - if (targinfosize != IPT_ALIGN(sizeof(struct ipt_ECN_info))) { - printk(KERN_WARNING "ECN: targinfosize %u != %Zu\n", - targinfosize, - IPT_ALIGN(sizeof(struct ipt_ECN_info))); - return 0; - } - - if (strcmp(tablename, "mangle") != 0) { - printk(KERN_WARNING "ECN: can only be called from \"mangle\" table, not \"%s\"\n", tablename); - return 0; - } - if (einfo->operation & IPT_ECN_OP_MASK) { printk(KERN_WARNING "ECN: unsupported ECN operation %x\n", einfo->operation); @@ -143,33 +133,33 @@ checkentry(const char *tablename, einfo->ip_ect); return 0; } - if ((einfo->operation & (IPT_ECN_OP_SET_ECE|IPT_ECN_OP_SET_CWR)) && (e->ip.proto != IPPROTO_TCP || (e->ip.invflags & IPT_INV_PROTO))) { printk(KERN_WARNING "ECN: cannot use TCP operations on a " "non-tcp rule\n"); return 0; } - return 1; } static struct ipt_target ipt_ecn_reg = { .name = "ECN", .target = target, + .targetsize = sizeof(struct ipt_ECN_info), + .table = "mangle", .checkentry = checkentry, .me = THIS_MODULE, }; -static int __init init(void) +static int __init ipt_ecn_init(void) { return ipt_register_target(&ipt_ecn_reg); } -static void __exit fini(void) +static void __exit ipt_ecn_fini(void) { ipt_unregister_target(&ipt_ecn_reg); } -module_init(init); -module_exit(fini); +module_init(ipt_ecn_init); +module_exit(ipt_ecn_fini); diff --git a/net/ipv4/netfilter/ipt_LOG.c b/net/ipv4/netfilter/ipt_LOG.c index cc27545..39fd4c2 100644 --- a/net/ipv4/netfilter/ipt_LOG.c +++ b/net/ipv4/netfilter/ipt_LOG.c @@ -415,6 +415,7 @@ ipt_log_target(struct sk_buff **pskb, const struct net_device *in, const struct net_device *out, unsigned int hooknum, + const struct xt_target *target, const void *targinfo, void *userinfo) { @@ -437,35 +438,29 @@ ipt_log_target(struct sk_buff **pskb, static int ipt_log_checkentry(const char *tablename, const void *e, + const struct xt_target *target, void *targinfo, unsigned int targinfosize, unsigned int hook_mask) { const struct ipt_log_info *loginfo = targinfo; - if (targinfosize != IPT_ALIGN(sizeof(struct ipt_log_info))) { - DEBUGP("LOG: targinfosize %u != %u\n", - targinfosize, IPT_ALIGN(sizeof(struct ipt_log_info))); - return 0; - } - if (loginfo->level >= 8) { DEBUGP("LOG: level %u >= 8\n", loginfo->level); return 0; } - if (loginfo->prefix[sizeof(loginfo->prefix)-1] != '\0') { DEBUGP("LOG: prefix term %i\n", loginfo->prefix[sizeof(loginfo->prefix)-1]); return 0; } - return 1; } static struct ipt_target ipt_log_reg = { .name = "LOG", .target = ipt_log_target, + .targetsize = sizeof(struct ipt_log_info), .checkentry = ipt_log_checkentry, .me = THIS_MODULE, }; @@ -476,7 +471,7 @@ static struct nf_logger ipt_log_logger ={ .me = THIS_MODULE, }; -static int __init init(void) +static int __init ipt_log_init(void) { if (ipt_register_target(&ipt_log_reg)) return -EINVAL; @@ -490,11 +485,11 @@ static int __init init(void) return 0; } -static void __exit fini(void) +static void __exit ipt_log_fini(void) { nf_log_unregister_logger(&ipt_log_logger); ipt_unregister_target(&ipt_log_reg); } -module_init(init); -module_exit(fini); +module_init(ipt_log_init); +module_exit(ipt_log_fini); diff --git a/net/ipv4/netfilter/ipt_MASQUERADE.c b/net/ipv4/netfilter/ipt_MASQUERADE.c index 12c56d3..8b3e7f9 100644 --- a/net/ipv4/netfilter/ipt_MASQUERADE.c +++ b/net/ipv4/netfilter/ipt_MASQUERADE.c @@ -41,25 +41,13 @@ static DEFINE_RWLOCK(masq_lock); static int masquerade_check(const char *tablename, const void *e, + const struct xt_target *target, void *targinfo, unsigned int targinfosize, unsigned int hook_mask) { const struct ip_nat_multi_range_compat *mr = targinfo; - if (strcmp(tablename, "nat") != 0) { - DEBUGP("masquerade_check: bad table `%s'.\n", tablename); - return 0; - } - if (targinfosize != IPT_ALIGN(sizeof(*mr))) { - DEBUGP("masquerade_check: size %u != %u.\n", - targinfosize, sizeof(*mr)); - return 0; - } - if (hook_mask & ~(1 << NF_IP_POST_ROUTING)) { - DEBUGP("masquerade_check: bad hooks %x.\n", hook_mask); - return 0; - } if (mr->range[0].flags & IP_NAT_RANGE_MAP_IPS) { DEBUGP("masquerade_check: bad MAP_IPS.\n"); return 0; @@ -76,6 +64,7 @@ masquerade_target(struct sk_buff **pskb, const struct net_device *in, const struct net_device *out, unsigned int hooknum, + const struct xt_target *target, const void *targinfo, void *userinfo) { @@ -179,11 +168,14 @@ static struct notifier_block masq_inet_notifier = { static struct ipt_target masquerade = { .name = "MASQUERADE", .target = masquerade_target, + .targetsize = sizeof(struct ip_nat_multi_range_compat), + .table = "nat", + .hooks = 1 << NF_IP_POST_ROUTING, .checkentry = masquerade_check, .me = THIS_MODULE, }; -static int __init init(void) +static int __init ipt_masquerade_init(void) { int ret; @@ -199,12 +191,12 @@ static int __init init(void) return ret; } -static void __exit fini(void) +static void __exit ipt_masquerade_fini(void) { ipt_unregister_target(&masquerade); unregister_netdevice_notifier(&masq_dev_notifier); unregister_inetaddr_notifier(&masq_inet_notifier); } -module_init(init); -module_exit(fini); +module_init(ipt_masquerade_init); +module_exit(ipt_masquerade_fini); diff --git a/net/ipv4/netfilter/ipt_NETMAP.c b/net/ipv4/netfilter/ipt_NETMAP.c index b074467..2fcf107 100644 --- a/net/ipv4/netfilter/ipt_NETMAP.c +++ b/net/ipv4/netfilter/ipt_NETMAP.c @@ -32,25 +32,13 @@ MODULE_DESCRIPTION("iptables 1:1 NAT mapping of IP networks target"); static int check(const char *tablename, const void *e, + const struct xt_target *target, void *targinfo, unsigned int targinfosize, unsigned int hook_mask) { const struct ip_nat_multi_range_compat *mr = targinfo; - if (strcmp(tablename, "nat") != 0) { - DEBUGP(MODULENAME":check: bad table `%s'.\n", tablename); - return 0; - } - if (targinfosize != IPT_ALIGN(sizeof(*mr))) { - DEBUGP(MODULENAME":check: size %u.\n", targinfosize); - return 0; - } - if (hook_mask & ~((1 << NF_IP_PRE_ROUTING) | (1 << NF_IP_POST_ROUTING) | - (1 << NF_IP_LOCAL_OUT))) { - DEBUGP(MODULENAME":check: bad hooks %x.\n", hook_mask); - return 0; - } if (!(mr->range[0].flags & IP_NAT_RANGE_MAP_IPS)) { DEBUGP(MODULENAME":check: bad MAP_IPS.\n"); return 0; @@ -67,6 +55,7 @@ target(struct sk_buff **pskb, const struct net_device *in, const struct net_device *out, unsigned int hooknum, + const struct xt_target *target, const void *targinfo, void *userinfo) { @@ -101,19 +90,23 @@ target(struct sk_buff **pskb, static struct ipt_target target_module = { .name = MODULENAME, .target = target, + .targetsize = sizeof(struct ip_nat_multi_range_compat), + .table = "nat", + .hooks = (1 << NF_IP_PRE_ROUTING) | (1 << NF_IP_POST_ROUTING) | + (1 << NF_IP_LOCAL_OUT), .checkentry = check, .me = THIS_MODULE }; -static int __init init(void) +static int __init ipt_netmap_init(void) { return ipt_register_target(&target_module); } -static void __exit fini(void) +static void __exit ipt_netmap_fini(void) { ipt_unregister_target(&target_module); } -module_init(init); -module_exit(fini); +module_init(ipt_netmap_init); +module_exit(ipt_netmap_fini); diff --git a/net/ipv4/netfilter/ipt_REDIRECT.c b/net/ipv4/netfilter/ipt_REDIRECT.c index 140be51..f290463 100644 --- a/net/ipv4/netfilter/ipt_REDIRECT.c +++ b/net/ipv4/netfilter/ipt_REDIRECT.c @@ -34,24 +34,13 @@ MODULE_DESCRIPTION("iptables REDIRECT target module"); static int redirect_check(const char *tablename, const void *e, + const struct xt_target *target, void *targinfo, unsigned int targinfosize, unsigned int hook_mask) { const struct ip_nat_multi_range_compat *mr = targinfo; - if (strcmp(tablename, "nat") != 0) { - DEBUGP("redirect_check: bad table `%s'.\n", table); - return 0; - } - if (targinfosize != IPT_ALIGN(sizeof(*mr))) { - DEBUGP("redirect_check: size %u.\n", targinfosize); - return 0; - } - if (hook_mask & ~((1 << NF_IP_PRE_ROUTING) | (1 << NF_IP_LOCAL_OUT))) { - DEBUGP("redirect_check: bad hooks %x.\n", hook_mask); - return 0; - } if (mr->range[0].flags & IP_NAT_RANGE_MAP_IPS) { DEBUGP("redirect_check: bad MAP_IPS.\n"); return 0; @@ -68,6 +57,7 @@ redirect_target(struct sk_buff **pskb, const struct net_device *in, const struct net_device *out, unsigned int hooknum, + const struct xt_target *target, const void *targinfo, void *userinfo) { @@ -115,19 +105,22 @@ redirect_target(struct sk_buff **pskb, static struct ipt_target redirect_reg = { .name = "REDIRECT", .target = redirect_target, + .targetsize = sizeof(struct ip_nat_multi_range_compat), + .table = "nat", + .hooks = (1 << NF_IP_PRE_ROUTING) | (1 << NF_IP_LOCAL_OUT), .checkentry = redirect_check, .me = THIS_MODULE, }; -static int __init init(void) +static int __init ipt_redirect_init(void) { return ipt_register_target(&redirect_reg); } -static void __exit fini(void) +static void __exit ipt_redirect_fini(void) { ipt_unregister_target(&redirect_reg); } -module_init(init); -module_exit(fini); +module_init(ipt_redirect_init); +module_exit(ipt_redirect_fini); diff --git a/net/ipv4/netfilter/ipt_REJECT.c b/net/ipv4/netfilter/ipt_REJECT.c index 3eb47aa..4269a54 100644 --- a/net/ipv4/netfilter/ipt_REJECT.c +++ b/net/ipv4/netfilter/ipt_REJECT.c @@ -154,10 +154,6 @@ static void send_reset(struct sk_buff *oldskb, int hook) /* This packet will not be the same as the other: clear nf fields */ nf_reset(nskb); nskb->nfmark = 0; -#ifdef CONFIG_BRIDGE_NETFILTER - nf_bridge_put(nskb->nf_bridge); - nskb->nf_bridge = NULL; -#endif tcph = (struct tcphdr *)((u_int32_t*)nskb->nh.iph + nskb->nh.iph->ihl); @@ -236,6 +232,7 @@ static unsigned int reject(struct sk_buff **pskb, const struct net_device *in, const struct net_device *out, unsigned int hooknum, + const struct xt_target *target, const void *targinfo, void *userinfo) { @@ -283,6 +280,7 @@ static unsigned int reject(struct sk_buff **pskb, static int check(const char *tablename, const void *e_void, + const struct xt_target *target, void *targinfo, unsigned int targinfosize, unsigned int hook_mask) @@ -290,23 +288,6 @@ static int check(const char *tablename, const struct ipt_reject_info *rejinfo = targinfo; const struct ipt_entry *e = e_void; - if (targinfosize != IPT_ALIGN(sizeof(struct ipt_reject_info))) { - DEBUGP("REJECT: targinfosize %u != 0\n", targinfosize); - return 0; - } - - /* Only allow these for packet filtering. */ - if (strcmp(tablename, "filter") != 0) { - DEBUGP("REJECT: bad table `%s'.\n", tablename); - return 0; - } - if ((hook_mask & ~((1 << NF_IP_LOCAL_IN) - | (1 << NF_IP_FORWARD) - | (1 << NF_IP_LOCAL_OUT))) != 0) { - DEBUGP("REJECT: bad hook mask %X\n", hook_mask); - return 0; - } - if (rejinfo->with == IPT_ICMP_ECHOREPLY) { printk("REJECT: ECHOREPLY no longer supported.\n"); return 0; @@ -318,26 +299,29 @@ static int check(const char *tablename, return 0; } } - return 1; } static struct ipt_target ipt_reject_reg = { .name = "REJECT", .target = reject, + .targetsize = sizeof(struct ipt_reject_info), + .table = "filter", + .hooks = (1 << NF_IP_LOCAL_IN) | (1 << NF_IP_FORWARD) | + (1 << NF_IP_LOCAL_OUT), .checkentry = check, .me = THIS_MODULE, }; -static int __init init(void) +static int __init ipt_reject_init(void) { return ipt_register_target(&ipt_reject_reg); } -static void __exit fini(void) +static void __exit ipt_reject_fini(void) { ipt_unregister_target(&ipt_reject_reg); } -module_init(init); -module_exit(fini); +module_init(ipt_reject_init); +module_exit(ipt_reject_fini); diff --git a/net/ipv4/netfilter/ipt_SAME.c b/net/ipv4/netfilter/ipt_SAME.c index a22de59..7169b09 100644 --- a/net/ipv4/netfilter/ipt_SAME.c +++ b/net/ipv4/netfilter/ipt_SAME.c @@ -50,6 +50,7 @@ MODULE_DESCRIPTION("iptables special SNAT module for consistent sourceip"); static int same_check(const char *tablename, const void *e, + const struct xt_target *target, void *targinfo, unsigned int targinfosize, unsigned int hook_mask) @@ -59,18 +60,6 @@ same_check(const char *tablename, mr->ipnum = 0; - if (strcmp(tablename, "nat") != 0) { - DEBUGP("same_check: bad table `%s'.\n", tablename); - return 0; - } - if (targinfosize != IPT_ALIGN(sizeof(*mr))) { - DEBUGP("same_check: size %u.\n", targinfosize); - return 0; - } - if (hook_mask & ~(1 << NF_IP_PRE_ROUTING | 1 << NF_IP_POST_ROUTING)) { - DEBUGP("same_check: bad hooks %x.\n", hook_mask); - return 0; - } if (mr->rangesize < 1) { DEBUGP("same_check: need at least one dest range.\n"); return 0; @@ -127,7 +116,7 @@ same_check(const char *tablename, } static void -same_destroy(void *targinfo, +same_destroy(const struct xt_target *target, void *targinfo, unsigned int targinfosize) { struct ipt_same_info *mr = targinfo; @@ -143,6 +132,7 @@ same_target(struct sk_buff **pskb, const struct net_device *in, const struct net_device *out, unsigned int hooknum, + const struct xt_target *target, const void *targinfo, void *userinfo) { @@ -191,21 +181,24 @@ same_target(struct sk_buff **pskb, static struct ipt_target same_reg = { .name = "SAME", .target = same_target, + .targetsize = sizeof(struct ipt_same_info), + .table = "nat", + .hooks = (1 << NF_IP_PRE_ROUTING | 1 << NF_IP_POST_ROUTING), .checkentry = same_check, .destroy = same_destroy, .me = THIS_MODULE, }; -static int __init init(void) +static int __init ipt_same_init(void) { return ipt_register_target(&same_reg); } -static void __exit fini(void) +static void __exit ipt_same_fini(void) { ipt_unregister_target(&same_reg); } -module_init(init); -module_exit(fini); +module_init(ipt_same_init); +module_exit(ipt_same_fini); diff --git a/net/ipv4/netfilter/ipt_TCPMSS.c b/net/ipv4/netfilter/ipt_TCPMSS.c index c122841..ef2fe5b 100644 --- a/net/ipv4/netfilter/ipt_TCPMSS.c +++ b/net/ipv4/netfilter/ipt_TCPMSS.c @@ -48,6 +48,7 @@ ipt_tcpmss_target(struct sk_buff **pskb, const struct net_device *in, const struct net_device *out, unsigned int hooknum, + const struct xt_target *target, const void *targinfo, void *userinfo) { @@ -211,6 +212,7 @@ static inline int find_syn_match(const struct ipt_entry_match *m) static int ipt_tcpmss_checkentry(const char *tablename, const void *e_void, + const struct xt_target *target, void *targinfo, unsigned int targinfosize, unsigned int hook_mask) @@ -218,13 +220,6 @@ ipt_tcpmss_checkentry(const char *tablename, const struct ipt_tcpmss_info *tcpmssinfo = targinfo; const struct ipt_entry *e = e_void; - if (targinfosize != IPT_ALIGN(sizeof(struct ipt_tcpmss_info))) { - DEBUGP("ipt_tcpmss_checkentry: targinfosize %u != %u\n", - targinfosize, IPT_ALIGN(sizeof(struct ipt_tcpmss_info))); - return 0; - } - - if((tcpmssinfo->mss == IPT_TCPMSS_CLAMP_PMTU) && ((hook_mask & ~((1 << NF_IP_FORWARD) | (1 << NF_IP_LOCAL_OUT) @@ -233,11 +228,8 @@ ipt_tcpmss_checkentry(const char *tablename, return 0; } - if (e->ip.proto == IPPROTO_TCP - && !(e->ip.invflags & IPT_INV_PROTO) - && IPT_MATCH_ITERATE(e, find_syn_match)) + if (IPT_MATCH_ITERATE(e, find_syn_match)) return 1; - printk("TCPMSS: Only works on TCP SYN packets\n"); return 0; } @@ -245,19 +237,21 @@ ipt_tcpmss_checkentry(const char *tablename, static struct ipt_target ipt_tcpmss_reg = { .name = "TCPMSS", .target = ipt_tcpmss_target, + .targetsize = sizeof(struct ipt_tcpmss_info), + .proto = IPPROTO_TCP, .checkentry = ipt_tcpmss_checkentry, .me = THIS_MODULE, }; -static int __init init(void) +static int __init ipt_tcpmss_init(void) { return ipt_register_target(&ipt_tcpmss_reg); } -static void __exit fini(void) +static void __exit ipt_tcpmss_fini(void) { ipt_unregister_target(&ipt_tcpmss_reg); } -module_init(init); -module_exit(fini); +module_init(ipt_tcpmss_init); +module_exit(ipt_tcpmss_fini); diff --git a/net/ipv4/netfilter/ipt_TOS.c b/net/ipv4/netfilter/ipt_TOS.c index 3a44a56..1c7a5ca 100644 --- a/net/ipv4/netfilter/ipt_TOS.c +++ b/net/ipv4/netfilter/ipt_TOS.c @@ -25,6 +25,7 @@ target(struct sk_buff **pskb, const struct net_device *in, const struct net_device *out, unsigned int hooknum, + const struct xt_target *target, const void *targinfo, void *userinfo) { @@ -53,24 +54,13 @@ target(struct sk_buff **pskb, static int checkentry(const char *tablename, const void *e_void, + const struct xt_target *target, void *targinfo, unsigned int targinfosize, unsigned int hook_mask) { const u_int8_t tos = ((struct ipt_tos_target_info *)targinfo)->tos; - if (targinfosize != IPT_ALIGN(sizeof(struct ipt_tos_target_info))) { - printk(KERN_WARNING "TOS: targinfosize %u != %Zu\n", - targinfosize, - IPT_ALIGN(sizeof(struct ipt_tos_target_info))); - return 0; - } - - if (strcmp(tablename, "mangle") != 0) { - printk(KERN_WARNING "TOS: can only be called from \"mangle\" table, not \"%s\"\n", tablename); - return 0; - } - if (tos != IPTOS_LOWDELAY && tos != IPTOS_THROUGHPUT && tos != IPTOS_RELIABILITY @@ -79,26 +69,27 @@ checkentry(const char *tablename, printk(KERN_WARNING "TOS: bad tos value %#x\n", tos); return 0; } - return 1; } static struct ipt_target ipt_tos_reg = { .name = "TOS", .target = target, + .targetsize = sizeof(struct ipt_tos_target_info), + .table = "mangle", .checkentry = checkentry, .me = THIS_MODULE, }; -static int __init init(void) +static int __init ipt_tos_init(void) { return ipt_register_target(&ipt_tos_reg); } -static void __exit fini(void) +static void __exit ipt_tos_fini(void) { ipt_unregister_target(&ipt_tos_reg); } -module_init(init); -module_exit(fini); +module_init(ipt_tos_init); +module_exit(ipt_tos_fini); diff --git a/net/ipv4/netfilter/ipt_TTL.c b/net/ipv4/netfilter/ipt_TTL.c index b769eb2..f48892a 100644 --- a/net/ipv4/netfilter/ipt_TTL.c +++ b/net/ipv4/netfilter/ipt_TTL.c @@ -20,9 +20,10 @@ MODULE_DESCRIPTION("IP tables TTL modification module"); MODULE_LICENSE("GPL"); static unsigned int -ipt_ttl_target(struct sk_buff **pskb, const struct net_device *in, - const struct net_device *out, unsigned int hooknum, - const void *targinfo, void *userinfo) +ipt_ttl_target(struct sk_buff **pskb, + const struct net_device *in, const struct net_device *out, + unsigned int hooknum, const struct xt_target *target, + const void *targinfo, void *userinfo) { struct iphdr *iph; const struct ipt_TTL_info *info = targinfo; @@ -67,53 +68,41 @@ ipt_ttl_target(struct sk_buff **pskb, const struct net_device *in, static int ipt_ttl_checkentry(const char *tablename, const void *e, + const struct xt_target *target, void *targinfo, unsigned int targinfosize, unsigned int hook_mask) { struct ipt_TTL_info *info = targinfo; - if (targinfosize != IPT_ALIGN(sizeof(struct ipt_TTL_info))) { - printk(KERN_WARNING "ipt_TTL: targinfosize %u != %Zu\n", - targinfosize, - IPT_ALIGN(sizeof(struct ipt_TTL_info))); - return 0; - } - - if (strcmp(tablename, "mangle")) { - printk(KERN_WARNING "ipt_TTL: can only be called from " - "\"mangle\" table, not \"%s\"\n", tablename); - return 0; - } - if (info->mode > IPT_TTL_MAXMODE) { printk(KERN_WARNING "ipt_TTL: invalid or unknown Mode %u\n", info->mode); return 0; } - if ((info->mode != IPT_TTL_SET) && (info->ttl == 0)) return 0; - return 1; } static struct ipt_target ipt_TTL = { .name = "TTL", .target = ipt_ttl_target, + .targetsize = sizeof(struct ipt_TTL_info), + .table = "mangle", .checkentry = ipt_ttl_checkentry, .me = THIS_MODULE, }; -static int __init init(void) +static int __init ipt_ttl_init(void) { return ipt_register_target(&ipt_TTL); } -static void __exit fini(void) +static void __exit ipt_ttl_fini(void) { ipt_unregister_target(&ipt_TTL); } -module_init(init); -module_exit(fini); +module_init(ipt_ttl_init); +module_exit(ipt_ttl_fini); diff --git a/net/ipv4/netfilter/ipt_ULOG.c b/net/ipv4/netfilter/ipt_ULOG.c index 180a9ea..c84cc03 100644 --- a/net/ipv4/netfilter/ipt_ULOG.c +++ b/net/ipv4/netfilter/ipt_ULOG.c @@ -303,6 +303,7 @@ static unsigned int ipt_ulog_target(struct sk_buff **pskb, const struct net_device *in, const struct net_device *out, unsigned int hooknum, + const struct xt_target *target, const void *targinfo, void *userinfo) { struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *) targinfo; @@ -339,46 +340,41 @@ static void ipt_logfn(unsigned int pf, static int ipt_ulog_checkentry(const char *tablename, const void *e, + const struct xt_target *target, void *targinfo, unsigned int targinfosize, unsigned int hookmask) { struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *) targinfo; - if (targinfosize != IPT_ALIGN(sizeof(struct ipt_ulog_info))) { - DEBUGP("ipt_ULOG: targinfosize %u != 0\n", targinfosize); - return 0; - } - if (loginfo->prefix[sizeof(loginfo->prefix) - 1] != '\0') { DEBUGP("ipt_ULOG: prefix term %i\n", loginfo->prefix[sizeof(loginfo->prefix) - 1]); return 0; } - if (loginfo->qthreshold > ULOG_MAX_QLEN) { DEBUGP("ipt_ULOG: queue threshold %i > MAX_QLEN\n", loginfo->qthreshold); return 0; } - return 1; } static struct ipt_target ipt_ulog_reg = { .name = "ULOG", .target = ipt_ulog_target, + .targetsize = sizeof(struct ipt_ulog_info), .checkentry = ipt_ulog_checkentry, .me = THIS_MODULE, }; static struct nf_logger ipt_ulog_logger = { .name = "ipt_ULOG", - .logfn = &ipt_logfn, + .logfn = ipt_logfn, .me = THIS_MODULE, }; -static int __init init(void) +static int __init ipt_ulog_init(void) { int i; @@ -411,7 +407,7 @@ static int __init init(void) return 0; } -static void __exit fini(void) +static void __exit ipt_ulog_fini(void) { ulog_buff_t *ub; int i; @@ -439,5 +435,5 @@ static void __exit fini(void) } -module_init(init); -module_exit(fini); +module_init(ipt_ulog_init); +module_exit(ipt_ulog_fini); diff --git a/net/ipv4/netfilter/ipt_addrtype.c b/net/ipv4/netfilter/ipt_addrtype.c index d6b83a9..893dae2 100644 --- a/net/ipv4/netfilter/ipt_addrtype.c +++ b/net/ipv4/netfilter/ipt_addrtype.c @@ -27,8 +27,9 @@ static inline int match_type(u_int32_t addr, u_int16_t mask) return !!(mask & (1 << inet_addr_type(addr))); } -static int match(const struct sk_buff *skb, const struct net_device *in, - const struct net_device *out, const void *matchinfo, +static int match(const struct sk_buff *skb, + const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, int *hotdrop) { const struct ipt_addrtype_info *info = matchinfo; @@ -43,35 +44,22 @@ static int match(const struct sk_buff *skb, const struct net_device *in, return ret; } -static int checkentry(const char *tablename, const void *ip, - void *matchinfo, unsigned int matchsize, - unsigned int hook_mask) -{ - if (matchsize != IPT_ALIGN(sizeof(struct ipt_addrtype_info))) { - printk(KERN_ERR "ipt_addrtype: invalid size (%u != %Zu)\n", - matchsize, IPT_ALIGN(sizeof(struct ipt_addrtype_info))); - return 0; - } - - return 1; -} - static struct ipt_match addrtype_match = { .name = "addrtype", .match = match, - .checkentry = checkentry, + .matchsize = sizeof(struct ipt_addrtype_info), .me = THIS_MODULE }; -static int __init init(void) +static int __init ipt_addrtype_init(void) { return ipt_register_match(&addrtype_match); } -static void __exit fini(void) +static void __exit ipt_addrtype_fini(void) { ipt_unregister_match(&addrtype_match); } -module_init(init); -module_exit(fini); +module_init(ipt_addrtype_init); +module_exit(ipt_addrtype_fini); diff --git a/net/ipv4/netfilter/ipt_ah.c b/net/ipv4/netfilter/ipt_ah.c index 144adfe..2927135 100644 --- a/net/ipv4/netfilter/ipt_ah.c +++ b/net/ipv4/netfilter/ipt_ah.c @@ -39,6 +39,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -71,49 +72,39 @@ match(const struct sk_buff *skb, static int checkentry(const char *tablename, const void *ip_void, + const struct xt_match *match, void *matchinfo, unsigned int matchinfosize, unsigned int hook_mask) { const struct ipt_ah *ahinfo = matchinfo; - const struct ipt_ip *ip = ip_void; - /* Must specify proto == AH, and no unknown invflags */ - if (ip->proto != IPPROTO_AH || (ip->invflags & IPT_INV_PROTO)) { - duprintf("ipt_ah: Protocol %u != %u\n", ip->proto, - IPPROTO_AH); - return 0; - } - if (matchinfosize != IPT_ALIGN(sizeof(struct ipt_ah))) { - duprintf("ipt_ah: matchsize %u != %u\n", - matchinfosize, IPT_ALIGN(sizeof(struct ipt_ah))); - return 0; - } + /* Must specify no unknown invflags */ if (ahinfo->invflags & ~IPT_AH_INV_MASK) { - duprintf("ipt_ah: unknown flags %X\n", - ahinfo->invflags); + duprintf("ipt_ah: unknown flags %X\n", ahinfo->invflags); return 0; } - return 1; } static struct ipt_match ah_match = { .name = "ah", - .match = &match, - .checkentry = &checkentry, + .match = match, + .matchsize = sizeof(struct ipt_ah), + .proto = IPPROTO_AH, + .checkentry = checkentry, .me = THIS_MODULE, }; -static int __init init(void) +static int __init ipt_ah_init(void) { return ipt_register_match(&ah_match); } -static void __exit cleanup(void) +static void __exit ipt_ah_fini(void) { ipt_unregister_match(&ah_match); } -module_init(init); -module_exit(cleanup); +module_init(ipt_ah_init); +module_exit(ipt_ah_fini); diff --git a/net/ipv4/netfilter/ipt_dscp.c b/net/ipv4/netfilter/ipt_dscp.c index 92063b4..4717759 100644 --- a/net/ipv4/netfilter/ipt_dscp.c +++ b/net/ipv4/netfilter/ipt_dscp.c @@ -19,8 +19,9 @@ MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>"); MODULE_DESCRIPTION("iptables DSCP matching module"); MODULE_LICENSE("GPL"); -static int match(const struct sk_buff *skb, const struct net_device *in, - const struct net_device *out, const void *matchinfo, +static int match(const struct sk_buff *skb, + const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, int *hotdrop) { const struct ipt_dscp_info *info = matchinfo; @@ -31,33 +32,23 @@ static int match(const struct sk_buff *skb, const struct net_device *in, return ((iph->tos&IPT_DSCP_MASK) == sh_dscp) ^ info->invert; } -static int checkentry(const char *tablename, const void *ip, - void *matchinfo, unsigned int matchsize, - unsigned int hook_mask) -{ - if (matchsize != IPT_ALIGN(sizeof(struct ipt_dscp_info))) - return 0; - - return 1; -} - static struct ipt_match dscp_match = { .name = "dscp", - .match = &match, - .checkentry = &checkentry, + .match = match, + .matchsize = sizeof(struct ipt_dscp_info), .me = THIS_MODULE, }; -static int __init init(void) +static int __init ipt_dscp_init(void) { return ipt_register_match(&dscp_match); } -static void __exit fini(void) +static void __exit ipt_dscp_fini(void) { ipt_unregister_match(&dscp_match); } -module_init(init); -module_exit(fini); +module_init(ipt_dscp_init); +module_exit(ipt_dscp_fini); diff --git a/net/ipv4/netfilter/ipt_ecn.c b/net/ipv4/netfilter/ipt_ecn.c index e68b0c7..b282504 100644 --- a/net/ipv4/netfilter/ipt_ecn.c +++ b/net/ipv4/netfilter/ipt_ecn.c @@ -65,8 +65,9 @@ static inline int match_tcp(const struct sk_buff *skb, return 1; } -static int match(const struct sk_buff *skb, const struct net_device *in, - const struct net_device *out, const void *matchinfo, +static int match(const struct sk_buff *skb, + const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, int *hotdrop) { const struct ipt_ecn_info *info = matchinfo; @@ -86,15 +87,13 @@ static int match(const struct sk_buff *skb, const struct net_device *in, } static int checkentry(const char *tablename, const void *ip_void, + const struct xt_match *match, void *matchinfo, unsigned int matchsize, unsigned int hook_mask) { const struct ipt_ecn_info *info = matchinfo; const struct ipt_ip *ip = ip_void; - if (matchsize != IPT_ALIGN(sizeof(struct ipt_ecn_info))) - return 0; - if (info->operation & IPT_ECN_OP_MATCH_MASK) return 0; @@ -113,20 +112,21 @@ static int checkentry(const char *tablename, const void *ip_void, static struct ipt_match ecn_match = { .name = "ecn", - .match = &match, - .checkentry = &checkentry, + .match = match, + .matchsize = sizeof(struct ipt_ecn_info), + .checkentry = checkentry, .me = THIS_MODULE, }; -static int __init init(void) +static int __init ipt_ecn_init(void) { return ipt_register_match(&ecn_match); } -static void __exit fini(void) +static void __exit ipt_ecn_fini(void) { ipt_unregister_match(&ecn_match); } -module_init(init); -module_exit(fini); +module_init(ipt_ecn_init); +module_exit(ipt_ecn_fini); diff --git a/net/ipv4/netfilter/ipt_esp.c b/net/ipv4/netfilter/ipt_esp.c index 9de191a..3840b41 100644 --- a/net/ipv4/netfilter/ipt_esp.c +++ b/net/ipv4/netfilter/ipt_esp.c @@ -40,6 +40,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -72,49 +73,39 @@ match(const struct sk_buff *skb, static int checkentry(const char *tablename, const void *ip_void, + const struct xt_match *match, void *matchinfo, unsigned int matchinfosize, unsigned int hook_mask) { const struct ipt_esp *espinfo = matchinfo; - const struct ipt_ip *ip = ip_void; - /* Must specify proto == ESP, and no unknown invflags */ - if (ip->proto != IPPROTO_ESP || (ip->invflags & IPT_INV_PROTO)) { - duprintf("ipt_esp: Protocol %u != %u\n", ip->proto, - IPPROTO_ESP); - return 0; - } - if (matchinfosize != IPT_ALIGN(sizeof(struct ipt_esp))) { - duprintf("ipt_esp: matchsize %u != %u\n", - matchinfosize, IPT_ALIGN(sizeof(struct ipt_esp))); - return 0; - } + /* Must specify no unknown invflags */ if (espinfo->invflags & ~IPT_ESP_INV_MASK) { - duprintf("ipt_esp: unknown flags %X\n", - espinfo->invflags); + duprintf("ipt_esp: unknown flags %X\n", espinfo->invflags); return 0; } - return 1; } static struct ipt_match esp_match = { .name = "esp", - .match = &match, - .checkentry = &checkentry, + .match = match, + .matchsize = sizeof(struct ipt_esp), + .proto = IPPROTO_ESP, + .checkentry = checkentry, .me = THIS_MODULE, }; -static int __init init(void) +static int __init ipt_esp_init(void) { return ipt_register_match(&esp_match); } -static void __exit cleanup(void) +static void __exit ipt_esp_fini(void) { ipt_unregister_match(&esp_match); } -module_init(init); -module_exit(cleanup); +module_init(ipt_esp_init); +module_exit(ipt_esp_fini); diff --git a/net/ipv4/netfilter/ipt_hashlimit.c b/net/ipv4/netfilter/ipt_hashlimit.c index 4fe48c1..7c6836c 100644 --- a/net/ipv4/netfilter/ipt_hashlimit.c +++ b/net/ipv4/netfilter/ipt_hashlimit.c @@ -40,6 +40,7 @@ /* FIXME: this is just for IP_NF_ASSERRT */ #include <linux/netfilter_ipv4/ip_conntrack.h> +#include <linux/mutex.h> MODULE_LICENSE("GPL"); MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>"); @@ -92,7 +93,7 @@ struct ipt_hashlimit_htable { }; static DEFINE_SPINLOCK(hashlimit_lock); /* protects htables list */ -static DECLARE_MUTEX(hlimit_mutex); /* additional checkentry protection */ +static DEFINE_MUTEX(hlimit_mutex); /* additional checkentry protection */ static HLIST_HEAD(hashlimit_htables); static kmem_cache_t *hashlimit_cachep __read_mostly; @@ -427,6 +428,7 @@ static int hashlimit_match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -506,15 +508,13 @@ hashlimit_match(const struct sk_buff *skb, static int hashlimit_checkentry(const char *tablename, const void *inf, + const struct xt_match *match, void *matchinfo, unsigned int matchsize, unsigned int hook_mask) { struct ipt_hashlimit_info *r = matchinfo; - if (matchsize != IPT_ALIGN(sizeof(struct ipt_hashlimit_info))) - return 0; - /* Check for overflow. */ if (r->cfg.burst == 0 || user2credits(r->cfg.avg * r->cfg.burst) < @@ -543,13 +543,13 @@ hashlimit_checkentry(const char *tablename, * call vmalloc, and that can sleep. And we cannot just re-search * the list of htable's in htable_create(), since then we would * create duplicate proc files. -HW */ - down(&hlimit_mutex); + mutex_lock(&hlimit_mutex); r->hinfo = htable_find_get(r->name); if (!r->hinfo && (htable_create(r) != 0)) { - up(&hlimit_mutex); + mutex_unlock(&hlimit_mutex); return 0; } - up(&hlimit_mutex); + mutex_unlock(&hlimit_mutex); /* Ugly hack: For SMP, we only want to use one set */ r->u.master = r; @@ -558,19 +558,21 @@ hashlimit_checkentry(const char *tablename, } static void -hashlimit_destroy(void *matchinfo, unsigned int matchsize) +hashlimit_destroy(const struct xt_match *match, void *matchinfo, + unsigned int matchsize) { struct ipt_hashlimit_info *r = (struct ipt_hashlimit_info *) matchinfo; htable_put(r->hinfo); } -static struct ipt_match ipt_hashlimit = { - .name = "hashlimit", - .match = hashlimit_match, - .checkentry = hashlimit_checkentry, - .destroy = hashlimit_destroy, - .me = THIS_MODULE +static struct ipt_match ipt_hashlimit = { + .name = "hashlimit", + .match = hashlimit_match, + .matchsize = sizeof(struct ipt_hashlimit_info), + .checkentry = hashlimit_checkentry, + .destroy = hashlimit_destroy, + .me = THIS_MODULE }; /* PROC stuff */ @@ -717,15 +719,15 @@ cleanup_nothing: } -static int __init init(void) +static int __init ipt_hashlimit_init(void) { return init_or_fini(0); } -static void __exit fini(void) +static void __exit ipt_hashlimit_fini(void) { init_or_fini(1); } -module_init(init); -module_exit(fini); +module_init(ipt_hashlimit_init); +module_exit(ipt_hashlimit_fini); diff --git a/net/ipv4/netfilter/ipt_iprange.c b/net/ipv4/netfilter/ipt_iprange.c index 13fb16f..5202edd 100644 --- a/net/ipv4/netfilter/ipt_iprange.c +++ b/net/ipv4/netfilter/ipt_iprange.c @@ -27,6 +27,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, int *hotdrop) { @@ -62,38 +63,23 @@ match(const struct sk_buff *skb, return 1; } -static int check(const char *tablename, - const void *inf, - void *matchinfo, - unsigned int matchsize, - unsigned int hook_mask) -{ - /* verify size */ - if (matchsize != IPT_ALIGN(sizeof(struct ipt_iprange_info))) - return 0; - - return 1; -} - -static struct ipt_match iprange_match = -{ - .list = { NULL, NULL }, - .name = "iprange", - .match = &match, - .checkentry = &check, - .destroy = NULL, - .me = THIS_MODULE +static struct ipt_match iprange_match = { + .name = "iprange", + .match = match, + .matchsize = sizeof(struct ipt_iprange_info), + .destroy = NULL, + .me = THIS_MODULE }; -static int __init init(void) +static int __init ipt_iprange_init(void) { return ipt_register_match(&iprange_match); } -static void __exit fini(void) +static void __exit ipt_iprange_fini(void) { ipt_unregister_match(&iprange_match); } -module_init(init); -module_exit(fini); +module_init(ipt_iprange_init); +module_exit(ipt_iprange_fini); diff --git a/net/ipv4/netfilter/ipt_multiport.c b/net/ipv4/netfilter/ipt_multiport.c index 2d52326..ac95d83 100644 --- a/net/ipv4/netfilter/ipt_multiport.c +++ b/net/ipv4/netfilter/ipt_multiport.c @@ -95,6 +95,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -127,6 +128,7 @@ static int match_v1(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -153,44 +155,23 @@ match_v1(const struct sk_buff *skb, return ports_match_v1(multiinfo, ntohs(pptr[0]), ntohs(pptr[1])); } -/* Called when user tries to insert an entry of this type. */ -static int -checkentry(const char *tablename, - const void *ip, - void *matchinfo, - unsigned int matchsize, - unsigned int hook_mask) -{ - return (matchsize == IPT_ALIGN(sizeof(struct ipt_multiport))); -} - -static int -checkentry_v1(const char *tablename, - const void *ip, - void *matchinfo, - unsigned int matchsize, - unsigned int hook_mask) -{ - return (matchsize == IPT_ALIGN(sizeof(struct ipt_multiport_v1))); -} - static struct ipt_match multiport_match = { .name = "multiport", .revision = 0, - .match = &match, - .checkentry = &checkentry, + .match = match, + .matchsize = sizeof(struct ipt_multiport), .me = THIS_MODULE, }; static struct ipt_match multiport_match_v1 = { .name = "multiport", .revision = 1, - .match = &match_v1, - .checkentry = &checkentry_v1, + .match = match_v1, + .matchsize = sizeof(struct ipt_multiport_v1), .me = THIS_MODULE, }; -static int __init init(void) +static int __init ipt_multiport_init(void) { int err; @@ -204,11 +185,11 @@ static int __init init(void) return err; } -static void __exit fini(void) +static void __exit ipt_multiport_fini(void) { ipt_unregister_match(&multiport_match); ipt_unregister_match(&multiport_match_v1); } -module_init(init); -module_exit(fini); +module_init(ipt_multiport_init); +module_exit(ipt_multiport_fini); diff --git a/net/ipv4/netfilter/ipt_owner.c b/net/ipv4/netfilter/ipt_owner.c index 4843d0c..5ac6ac0 100644 --- a/net/ipv4/netfilter/ipt_owner.c +++ b/net/ipv4/netfilter/ipt_owner.c @@ -25,6 +25,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -53,49 +54,39 @@ match(const struct sk_buff *skb, static int checkentry(const char *tablename, const void *ip, + const struct xt_match *match, void *matchinfo, unsigned int matchsize, unsigned int hook_mask) { const struct ipt_owner_info *info = matchinfo; - if (hook_mask - & ~((1 << NF_IP_LOCAL_OUT) | (1 << NF_IP_POST_ROUTING))) { - printk("ipt_owner: only valid for LOCAL_OUT or POST_ROUTING.\n"); - return 0; - } - - if (matchsize != IPT_ALIGN(sizeof(struct ipt_owner_info))) { - printk("Matchsize %u != %Zu\n", matchsize, - IPT_ALIGN(sizeof(struct ipt_owner_info))); - return 0; - } - if (info->match & (IPT_OWNER_PID|IPT_OWNER_SID|IPT_OWNER_COMM)) { printk("ipt_owner: pid, sid and command matching " "not supported anymore\n"); return 0; } - return 1; } static struct ipt_match owner_match = { .name = "owner", - .match = &match, - .checkentry = &checkentry, + .match = match, + .matchsize = sizeof(struct ipt_owner_info), + .hooks = (1 << NF_IP_LOCAL_OUT) | (1 << NF_IP_POST_ROUTING), + .checkentry = checkentry, .me = THIS_MODULE, }; -static int __init init(void) +static int __init ipt_owner_init(void) { return ipt_register_match(&owner_match); } -static void __exit fini(void) +static void __exit ipt_owner_fini(void) { ipt_unregister_match(&owner_match); } -module_init(init); -module_exit(fini); +module_init(ipt_owner_init); +module_exit(ipt_owner_fini); diff --git a/net/ipv4/netfilter/ipt_policy.c b/net/ipv4/netfilter/ipt_policy.c deleted file mode 100644 index 5a7a265..0000000 --- a/net/ipv4/netfilter/ipt_policy.c +++ /dev/null @@ -1,176 +0,0 @@ -/* IP tables module for matching IPsec policy - * - * Copyright (c) 2004,2005 Patrick McHardy, <kaber@trash.net> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License version 2 as - * published by the Free Software Foundation. - */ - -#include <linux/kernel.h> -#include <linux/config.h> -#include <linux/module.h> -#include <linux/skbuff.h> -#include <linux/init.h> -#include <net/xfrm.h> - -#include <linux/netfilter_ipv4.h> -#include <linux/netfilter_ipv4/ip_tables.h> -#include <linux/netfilter_ipv4/ipt_policy.h> - -MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>"); -MODULE_DESCRIPTION("IPtables IPsec policy matching module"); -MODULE_LICENSE("GPL"); - - -static inline int -match_xfrm_state(struct xfrm_state *x, const struct ipt_policy_elem *e) -{ -#define MATCH_ADDR(x,y,z) (!e->match.x || \ - ((e->x.a4.s_addr == (e->y.a4.s_addr & (z))) \ - ^ e->invert.x)) -#define MATCH(x,y) (!e->match.x || ((e->x == (y)) ^ e->invert.x)) - - return MATCH_ADDR(saddr, smask, x->props.saddr.a4) && - MATCH_ADDR(daddr, dmask, x->id.daddr.a4) && - MATCH(proto, x->id.proto) && - MATCH(mode, x->props.mode) && - MATCH(spi, x->id.spi) && - MATCH(reqid, x->props.reqid); -} - -static int -match_policy_in(const struct sk_buff *skb, const struct ipt_policy_info *info) -{ - const struct ipt_policy_elem *e; - struct sec_path *sp = skb->sp; - int strict = info->flags & IPT_POLICY_MATCH_STRICT; - int i, pos; - - if (sp == NULL) - return -1; - if (strict && info->len != sp->len) - return 0; - - for (i = sp->len - 1; i >= 0; i--) { - pos = strict ? i - sp->len + 1 : 0; - if (pos >= info->len) - return 0; - e = &info->pol[pos]; - - if (match_xfrm_state(sp->x[i].xvec, e)) { - if (!strict) - return 1; - } else if (strict) - return 0; - } - - return strict ? 1 : 0; -} - -static int -match_policy_out(const struct sk_buff *skb, const struct ipt_policy_info *info) -{ - const struct ipt_policy_elem *e; - struct dst_entry *dst = skb->dst; - int strict = info->flags & IPT_POLICY_MATCH_STRICT; - int i, pos; - - if (dst->xfrm == NULL) - return -1; - - for (i = 0; dst && dst->xfrm; dst = dst->child, i++) { - pos = strict ? i : 0; - if (pos >= info->len) - return 0; - e = &info->pol[pos]; - - if (match_xfrm_state(dst->xfrm, e)) { - if (!strict) - return 1; - } else if (strict) - return 0; - } - - return strict ? i == info->len : 0; -} - -static int match(const struct sk_buff *skb, - const struct net_device *in, - const struct net_device *out, - const void *matchinfo, - int offset, - unsigned int protoff, - int *hotdrop) -{ - const struct ipt_policy_info *info = matchinfo; - int ret; - - if (info->flags & IPT_POLICY_MATCH_IN) - ret = match_policy_in(skb, info); - else - ret = match_policy_out(skb, info); - - if (ret < 0) - ret = info->flags & IPT_POLICY_MATCH_NONE ? 1 : 0; - else if (info->flags & IPT_POLICY_MATCH_NONE) - ret = 0; - - return ret; -} - -static int checkentry(const char *tablename, const void *ip_void, - void *matchinfo, unsigned int matchsize, - unsigned int hook_mask) -{ - struct ipt_policy_info *info = matchinfo; - - if (matchsize != IPT_ALIGN(sizeof(*info))) { - printk(KERN_ERR "ipt_policy: matchsize %u != %zu\n", - matchsize, IPT_ALIGN(sizeof(*info))); - return 0; - } - if (!(info->flags & (IPT_POLICY_MATCH_IN|IPT_POLICY_MATCH_OUT))) { - printk(KERN_ERR "ipt_policy: neither incoming nor " - "outgoing policy selected\n"); - return 0; - } - if (hook_mask & (1 << NF_IP_PRE_ROUTING | 1 << NF_IP_LOCAL_IN) - && info->flags & IPT_POLICY_MATCH_OUT) { - printk(KERN_ERR "ipt_policy: output policy not valid in " - "PRE_ROUTING and INPUT\n"); - return 0; - } - if (hook_mask & (1 << NF_IP_POST_ROUTING | 1 << NF_IP_LOCAL_OUT) - && info->flags & IPT_POLICY_MATCH_IN) { - printk(KERN_ERR "ipt_policy: input policy not valid in " - "POST_ROUTING and OUTPUT\n"); - return 0; - } - if (info->len > IPT_POLICY_MAX_ELEM) { - printk(KERN_ERR "ipt_policy: too many policy elements\n"); - return 0; - } - - return 1; -} - -static struct ipt_match policy_match = { - .name = "policy", - .match = match, - .checkentry = checkentry, - .me = THIS_MODULE, -}; - -static int __init init(void) -{ - return ipt_register_match(&policy_match); -} - -static void __exit fini(void) -{ - ipt_unregister_match(&policy_match); -} - -module_init(init); -module_exit(fini); diff --git a/net/ipv4/netfilter/ipt_recent.c b/net/ipv4/netfilter/ipt_recent.c index 44611d6..1438432 100644 --- a/net/ipv4/netfilter/ipt_recent.c +++ b/net/ipv4/netfilter/ipt_recent.c @@ -102,6 +102,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -318,7 +319,7 @@ static int ip_recent_ctrl(struct file *file, const char __user *input, unsigned skb->nh.iph->daddr = 0; /* Clear ttl since we have no way of knowing it */ skb->nh.iph->ttl = 0; - match(skb,NULL,NULL,info,0,0,NULL); + match(skb,NULL,NULL,NULL,info,0,0,NULL); kfree(skb->nh.iph); out_free_skb: @@ -356,6 +357,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -657,6 +659,7 @@ match(const struct sk_buff *skb, static int checkentry(const char *tablename, const void *ip, + const struct xt_match *match, void *matchinfo, unsigned int matchsize, unsigned int hook_mask) @@ -670,8 +673,6 @@ checkentry(const char *tablename, if(debug) printk(KERN_INFO RECENT_NAME ": checkentry() entered.\n"); #endif - if (matchsize != IPT_ALIGN(sizeof(struct ipt_recent_info))) return 0; - /* seconds and hit_count only valid for CHECK/UPDATE */ if(info->check_set & IPT_RECENT_SET) { flag++; if(info->seconds || info->hit_count) return 0; } if(info->check_set & IPT_RECENT_REMOVE) { flag++; if(info->seconds || info->hit_count) return 0; } @@ -871,7 +872,7 @@ checkentry(const char *tablename, * up its memory. */ static void -destroy(void *matchinfo, unsigned int matchsize) +destroy(const struct xt_match *match, void *matchinfo, unsigned int matchsize) { const struct ipt_recent_info *info = matchinfo; struct recent_ip_tables *curr_table, *last_table; @@ -951,16 +952,17 @@ destroy(void *matchinfo, unsigned int matchsize) /* This is the structure we pass to ipt_register to register our * module with iptables. */ -static struct ipt_match recent_match = { - .name = "recent", - .match = &match, - .checkentry = &checkentry, - .destroy = &destroy, - .me = THIS_MODULE +static struct ipt_match recent_match = { + .name = "recent", + .match = match, + .matchsize = sizeof(struct ipt_recent_info), + .checkentry = checkentry, + .destroy = destroy, + .me = THIS_MODULE }; /* Kernel module initialization. */ -static int __init init(void) +static int __init ipt_recent_init(void) { int err, count; @@ -993,7 +995,7 @@ static int __init init(void) } /* Kernel module destruction. */ -static void __exit fini(void) +static void __exit ipt_recent_fini(void) { ipt_unregister_match(&recent_match); @@ -1001,5 +1003,5 @@ static void __exit fini(void) } /* Register our module with the kernel. */ -module_init(init); -module_exit(fini); +module_init(ipt_recent_init); +module_exit(ipt_recent_fini); diff --git a/net/ipv4/netfilter/ipt_tos.c b/net/ipv4/netfilter/ipt_tos.c index 9ab765e..5549c39 100644 --- a/net/ipv4/netfilter/ipt_tos.c +++ b/net/ipv4/netfilter/ipt_tos.c @@ -21,6 +21,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -31,35 +32,22 @@ match(const struct sk_buff *skb, return (skb->nh.iph->tos == info->tos) ^ info->invert; } -static int -checkentry(const char *tablename, - const void *ip, - void *matchinfo, - unsigned int matchsize, - unsigned int hook_mask) -{ - if (matchsize != IPT_ALIGN(sizeof(struct ipt_tos_info))) - return 0; - - return 1; -} - static struct ipt_match tos_match = { .name = "tos", - .match = &match, - .checkentry = &checkentry, + .match = match, + .matchsize = sizeof(struct ipt_tos_info), .me = THIS_MODULE, }; -static int __init init(void) +static int __init ipt_multiport_init(void) { return ipt_register_match(&tos_match); } -static void __exit fini(void) +static void __exit ipt_multiport_fini(void) { ipt_unregister_match(&tos_match); } -module_init(init); -module_exit(fini); +module_init(ipt_multiport_init); +module_exit(ipt_multiport_fini); diff --git a/net/ipv4/netfilter/ipt_ttl.c b/net/ipv4/netfilter/ipt_ttl.c index 82da53f..a5243bd 100644 --- a/net/ipv4/netfilter/ipt_ttl.c +++ b/net/ipv4/netfilter/ipt_ttl.c @@ -19,8 +19,9 @@ MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>"); MODULE_DESCRIPTION("IP tables TTL matching module"); MODULE_LICENSE("GPL"); -static int match(const struct sk_buff *skb, const struct net_device *in, - const struct net_device *out, const void *matchinfo, +static int match(const struct sk_buff *skb, + const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, int *hotdrop) { const struct ipt_ttl_info *info = matchinfo; @@ -47,33 +48,23 @@ static int match(const struct sk_buff *skb, const struct net_device *in, return 0; } -static int checkentry(const char *tablename, const void *ip, - void *matchinfo, unsigned int matchsize, - unsigned int hook_mask) -{ - if (matchsize != IPT_ALIGN(sizeof(struct ipt_ttl_info))) - return 0; - - return 1; -} - static struct ipt_match ttl_match = { .name = "ttl", - .match = &match, - .checkentry = &checkentry, + .match = match, + .matchsize = sizeof(struct ipt_ttl_info), .me = THIS_MODULE, }; -static int __init init(void) +static int __init ipt_ttl_init(void) { return ipt_register_match(&ttl_match); } -static void __exit fini(void) +static void __exit ipt_ttl_fini(void) { ipt_unregister_match(&ttl_match); } -module_init(init); -module_exit(fini); +module_init(ipt_ttl_init); +module_exit(ipt_ttl_fini); diff --git a/net/ipv4/netfilter/iptable_filter.c b/net/ipv4/netfilter/iptable_filter.c index 212a307..3d80aefe 100644 --- a/net/ipv4/netfilter/iptable_filter.c +++ b/net/ipv4/netfilter/iptable_filter.c @@ -139,7 +139,7 @@ static struct nf_hook_ops ipt_ops[] = { static int forward = NF_ACCEPT; module_param(forward, bool, 0000); -static int __init init(void) +static int __init iptable_filter_init(void) { int ret; @@ -181,7 +181,7 @@ static int __init init(void) return ret; } -static void __exit fini(void) +static void __exit iptable_filter_fini(void) { unsigned int i; @@ -191,5 +191,5 @@ static void __exit fini(void) ipt_unregister_table(&packet_filter); } -module_init(init); -module_exit(fini); +module_init(iptable_filter_init); +module_exit(iptable_filter_fini); diff --git a/net/ipv4/netfilter/iptable_mangle.c b/net/ipv4/netfilter/iptable_mangle.c index 3212a5c..412fc96 100644 --- a/net/ipv4/netfilter/iptable_mangle.c +++ b/net/ipv4/netfilter/iptable_mangle.c @@ -201,7 +201,7 @@ static struct nf_hook_ops ipt_ops[] = { }, }; -static int __init init(void) +static int __init iptable_mangle_init(void) { int ret; @@ -247,7 +247,7 @@ static int __init init(void) return ret; } -static void __exit fini(void) +static void __exit iptable_mangle_fini(void) { unsigned int i; @@ -257,5 +257,5 @@ static void __exit fini(void) ipt_unregister_table(&packet_mangler); } -module_init(init); -module_exit(fini); +module_init(iptable_mangle_init); +module_exit(iptable_mangle_fini); diff --git a/net/ipv4/netfilter/iptable_raw.c b/net/ipv4/netfilter/iptable_raw.c index fdb9e9c..03cc79a 100644 --- a/net/ipv4/netfilter/iptable_raw.c +++ b/net/ipv4/netfilter/iptable_raw.c @@ -116,7 +116,7 @@ static struct nf_hook_ops ipt_ops[] = { }, }; -static int __init init(void) +static int __init iptable_raw_init(void) { int ret; @@ -144,7 +144,7 @@ static int __init init(void) return ret; } -static void __exit fini(void) +static void __exit iptable_raw_fini(void) { unsigned int i; @@ -154,6 +154,6 @@ static void __exit fini(void) ipt_unregister_table(&packet_raw); } -module_init(init); -module_exit(fini); +module_init(iptable_raw_init); +module_exit(iptable_raw_fini); MODULE_LICENSE("GPL"); diff --git a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c index 6c8624a..4afbc69 100644 --- a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c +++ b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c @@ -141,19 +141,21 @@ static unsigned int ipv4_conntrack_help(unsigned int hooknum, { struct nf_conn *ct; enum ip_conntrack_info ctinfo; + struct nf_conn_help *help; /* This is where we call the helper: as the packet goes out. */ ct = nf_ct_get(*pskb, &ctinfo); - if (ct && ct->helper) { - unsigned int ret; - ret = ct->helper->help(pskb, - (*pskb)->nh.raw - (*pskb)->data - + (*pskb)->nh.iph->ihl*4, - ct, ctinfo); - if (ret != NF_ACCEPT) - return ret; - } - return NF_ACCEPT; + if (!ct) + return NF_ACCEPT; + + help = nfct_help(ct); + if (!help || !help->helper) + return NF_ACCEPT; + + return help->helper->help(pskb, + (*pskb)->nh.raw - (*pskb)->data + + (*pskb)->nh.iph->ihl*4, + ct, ctinfo); } static unsigned int ipv4_conntrack_defrag(unsigned int hooknum, @@ -566,20 +568,21 @@ static int init_or_cleanup(int init) return ret; } +MODULE_ALIAS("nf_conntrack-" __stringify(AF_INET)); MODULE_LICENSE("GPL"); -static int __init init(void) +static int __init nf_conntrack_l3proto_ipv4_init(void) { need_conntrack(); return init_or_cleanup(1); } -static void __exit fini(void) +static void __exit nf_conntrack_l3proto_ipv4_fini(void) { init_or_cleanup(0); } -module_init(init); -module_exit(fini); +module_init(nf_conntrack_l3proto_ipv4_init); +module_exit(nf_conntrack_l3proto_ipv4_fini); EXPORT_SYMBOL(nf_ct_ipv4_gather_frags); diff --git a/net/ipv4/raw.c b/net/ipv4/raw.c index f29a12d..fc25624 100644 --- a/net/ipv4/raw.c +++ b/net/ipv4/raw.c @@ -660,12 +660,9 @@ static int raw_geticmpfilter(struct sock *sk, char __user *optval, int __user *o out: return ret; } -static int raw_setsockopt(struct sock *sk, int level, int optname, +static int do_raw_setsockopt(struct sock *sk, int level, int optname, char __user *optval, int optlen) { - if (level != SOL_RAW) - return ip_setsockopt(sk, level, optname, optval, optlen); - if (optname == ICMP_FILTER) { if (inet_sk(sk)->num != IPPROTO_ICMP) return -EOPNOTSUPP; @@ -675,12 +672,27 @@ static int raw_setsockopt(struct sock *sk, int level, int optname, return -ENOPROTOOPT; } -static int raw_getsockopt(struct sock *sk, int level, int optname, - char __user *optval, int __user *optlen) +static int raw_setsockopt(struct sock *sk, int level, int optname, + char __user *optval, int optlen) { if (level != SOL_RAW) - return ip_getsockopt(sk, level, optname, optval, optlen); + return ip_setsockopt(sk, level, optname, optval, optlen); + return do_raw_setsockopt(sk, level, optname, optval, optlen); +} +#ifdef CONFIG_COMPAT +static int compat_raw_setsockopt(struct sock *sk, int level, int optname, + char __user *optval, int optlen) +{ + if (level != SOL_RAW) + return compat_ip_setsockopt(sk, level, optname, optval, optlen); + return do_raw_setsockopt(sk, level, optname, optval, optlen); +} +#endif + +static int do_raw_getsockopt(struct sock *sk, int level, int optname, + char __user *optval, int __user *optlen) +{ if (optname == ICMP_FILTER) { if (inet_sk(sk)->num != IPPROTO_ICMP) return -EOPNOTSUPP; @@ -690,6 +702,24 @@ static int raw_getsockopt(struct sock *sk, int level, int optname, return -ENOPROTOOPT; } +static int raw_getsockopt(struct sock *sk, int level, int optname, + char __user *optval, int __user *optlen) +{ + if (level != SOL_RAW) + return ip_getsockopt(sk, level, optname, optval, optlen); + return do_raw_getsockopt(sk, level, optname, optval, optlen); +} + +#ifdef CONFIG_COMPAT +static int compat_raw_getsockopt(struct sock *sk, int level, int optname, + char __user *optval, int __user *optlen) +{ + if (level != SOL_RAW) + return compat_ip_getsockopt(sk, level, optname, optval, optlen); + return do_raw_getsockopt(sk, level, optname, optval, optlen); +} +#endif + static int raw_ioctl(struct sock *sk, int cmd, unsigned long arg) { switch (cmd) { @@ -719,22 +749,26 @@ static int raw_ioctl(struct sock *sk, int cmd, unsigned long arg) } struct proto raw_prot = { - .name = "RAW", - .owner = THIS_MODULE, - .close = raw_close, - .connect = ip4_datagram_connect, - .disconnect = udp_disconnect, - .ioctl = raw_ioctl, - .init = raw_init, - .setsockopt = raw_setsockopt, - .getsockopt = raw_getsockopt, - .sendmsg = raw_sendmsg, - .recvmsg = raw_recvmsg, - .bind = raw_bind, - .backlog_rcv = raw_rcv_skb, - .hash = raw_v4_hash, - .unhash = raw_v4_unhash, - .obj_size = sizeof(struct raw_sock), + .name = "RAW", + .owner = THIS_MODULE, + .close = raw_close, + .connect = ip4_datagram_connect, + .disconnect = udp_disconnect, + .ioctl = raw_ioctl, + .init = raw_init, + .setsockopt = raw_setsockopt, + .getsockopt = raw_getsockopt, + .sendmsg = raw_sendmsg, + .recvmsg = raw_recvmsg, + .bind = raw_bind, + .backlog_rcv = raw_rcv_skb, + .hash = raw_v4_hash, + .unhash = raw_v4_unhash, + .obj_size = sizeof(struct raw_sock), +#ifdef CONFIG_COMPAT + .compat_setsockopt = compat_raw_setsockopt, + .compat_getsockopt = compat_raw_getsockopt, +#endif }; #ifdef CONFIG_PROC_FS diff --git a/net/ipv4/route.c b/net/ipv4/route.c index fca5fe0..94fcbc5 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c @@ -55,6 +55,8 @@ * Robert Olsson : Added rt_cache statistics * Arnaldo C. Melo : Convert proc stuff to seq_file * Eric Dumazet : hashed spinlocks and rt_check_expire() fixes. + * Ilia Sotnikov : Ignore TOS on PMTUD and Redirect + * Ilia Sotnikov : Removed TOS from hash calculations * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -247,9 +249,9 @@ static DEFINE_PER_CPU(struct rt_cache_stat, rt_cache_stat); static int rt_intern_hash(unsigned hash, struct rtable *rth, struct rtable **res); -static unsigned int rt_hash_code(u32 daddr, u32 saddr, u8 tos) +static unsigned int rt_hash_code(u32 daddr, u32 saddr) { - return (jhash_3words(daddr, saddr, (u32) tos, rt_hash_rnd) + return (jhash_2words(daddr, saddr, rt_hash_rnd) & rt_hash_mask); } @@ -1111,7 +1113,7 @@ static void rt_del(unsigned hash, struct rtable *rt) } void ip_rt_redirect(u32 old_gw, u32 daddr, u32 new_gw, - u32 saddr, u8 tos, struct net_device *dev) + u32 saddr, struct net_device *dev) { int i, k; struct in_device *in_dev = in_dev_get(dev); @@ -1119,8 +1121,6 @@ void ip_rt_redirect(u32 old_gw, u32 daddr, u32 new_gw, u32 skeys[2] = { saddr, 0 }; int ikeys[2] = { dev->ifindex, 0 }; - tos &= IPTOS_RT_MASK; - if (!in_dev) return; @@ -1141,8 +1141,7 @@ void ip_rt_redirect(u32 old_gw, u32 daddr, u32 new_gw, for (i = 0; i < 2; i++) { for (k = 0; k < 2; k++) { unsigned hash = rt_hash_code(daddr, - skeys[i] ^ (ikeys[k] << 5), - tos); + skeys[i] ^ (ikeys[k] << 5)); rthp=&rt_hash_table[hash].chain; @@ -1152,7 +1151,6 @@ void ip_rt_redirect(u32 old_gw, u32 daddr, u32 new_gw, if (rth->fl.fl4_dst != daddr || rth->fl.fl4_src != skeys[i] || - rth->fl.fl4_tos != tos || rth->fl.oif != ikeys[k] || rth->fl.iif != 0) { rthp = &rth->u.rt_next; @@ -1232,10 +1230,9 @@ reject_redirect: if (IN_DEV_LOG_MARTIANS(in_dev) && net_ratelimit()) printk(KERN_INFO "Redirect from %u.%u.%u.%u on %s about " "%u.%u.%u.%u ignored.\n" - " Advised path = %u.%u.%u.%u -> %u.%u.%u.%u, " - "tos %02x\n", + " Advised path = %u.%u.%u.%u -> %u.%u.%u.%u\n", NIPQUAD(old_gw), dev->name, NIPQUAD(new_gw), - NIPQUAD(saddr), NIPQUAD(daddr), tos); + NIPQUAD(saddr), NIPQUAD(daddr)); #endif in_dev_put(in_dev); } @@ -1253,8 +1250,7 @@ static struct dst_entry *ipv4_negative_advice(struct dst_entry *dst) rt->u.dst.expires) { unsigned hash = rt_hash_code(rt->fl.fl4_dst, rt->fl.fl4_src ^ - (rt->fl.oif << 5), - rt->fl.fl4_tos); + (rt->fl.oif << 5)); #if RT_CACHE_DEBUG >= 1 printk(KERN_DEBUG "ip_rt_advice: redirect to " "%u.%u.%u.%u/%02x dropped\n", @@ -1391,14 +1387,13 @@ unsigned short ip_rt_frag_needed(struct iphdr *iph, unsigned short new_mtu) struct rtable *rth; u32 skeys[2] = { iph->saddr, 0, }; u32 daddr = iph->daddr; - u8 tos = iph->tos & IPTOS_RT_MASK; unsigned short est_mtu = 0; if (ipv4_config.no_pmtu_disc) return 0; for (i = 0; i < 2; i++) { - unsigned hash = rt_hash_code(daddr, skeys[i], tos); + unsigned hash = rt_hash_code(daddr, skeys[i]); rcu_read_lock(); for (rth = rcu_dereference(rt_hash_table[hash].chain); rth; @@ -1407,7 +1402,6 @@ unsigned short ip_rt_frag_needed(struct iphdr *iph, unsigned short new_mtu) rth->fl.fl4_src == skeys[i] && rth->rt_dst == daddr && rth->rt_src == iph->saddr && - rth->fl.fl4_tos == tos && rth->fl.iif == 0 && !(dst_metric_locked(&rth->u.dst, RTAX_MTU))) { unsigned short mtu = new_mtu; @@ -1658,7 +1652,7 @@ static int ip_route_input_mc(struct sk_buff *skb, u32 daddr, u32 saddr, RT_CACHE_STAT_INC(in_slow_mc); in_dev_put(in_dev); - hash = rt_hash_code(daddr, saddr ^ (dev->ifindex << 5), tos); + hash = rt_hash_code(daddr, saddr ^ (dev->ifindex << 5)); return rt_intern_hash(hash, rth, (struct rtable**) &skb->dst); e_nobufs: @@ -1823,7 +1817,7 @@ static inline int ip_mkroute_input_def(struct sk_buff *skb, return err; /* put it into the cache */ - hash = rt_hash_code(daddr, saddr ^ (fl->iif << 5), tos); + hash = rt_hash_code(daddr, saddr ^ (fl->iif << 5)); return rt_intern_hash(hash, rth, (struct rtable**)&skb->dst); } @@ -1864,7 +1858,7 @@ static inline int ip_mkroute_input(struct sk_buff *skb, return err; /* put it into the cache */ - hash = rt_hash_code(daddr, saddr ^ (fl->iif << 5), tos); + hash = rt_hash_code(daddr, saddr ^ (fl->iif << 5)); err = rt_intern_hash(hash, rth, &rtres); if (err) return err; @@ -2041,7 +2035,7 @@ local_input: rth->rt_flags &= ~RTCF_LOCAL; } rth->rt_type = res.type; - hash = rt_hash_code(daddr, saddr ^ (fl.iif << 5), tos); + hash = rt_hash_code(daddr, saddr ^ (fl.iif << 5)); err = rt_intern_hash(hash, rth, (struct rtable**)&skb->dst); goto done; @@ -2088,7 +2082,7 @@ int ip_route_input(struct sk_buff *skb, u32 daddr, u32 saddr, int iif = dev->ifindex; tos &= IPTOS_RT_MASK; - hash = rt_hash_code(daddr, saddr ^ (iif << 5), tos); + hash = rt_hash_code(daddr, saddr ^ (iif << 5)); rcu_read_lock(); for (rth = rcu_dereference(rt_hash_table[hash].chain); rth; @@ -2286,10 +2280,8 @@ static inline int ip_mkroute_output_def(struct rtable **rp, int err = __mkroute_output(&rth, res, fl, oldflp, dev_out, flags); unsigned hash; if (err == 0) { - u32 tos = RT_FL_TOS(oldflp); - hash = rt_hash_code(oldflp->fl4_dst, - oldflp->fl4_src ^ (oldflp->oif << 5), tos); + oldflp->fl4_src ^ (oldflp->oif << 5)); err = rt_intern_hash(hash, rth, rp); } @@ -2304,7 +2296,6 @@ static inline int ip_mkroute_output(struct rtable** rp, unsigned flags) { #ifdef CONFIG_IP_ROUTE_MULTIPATH_CACHED - u32 tos = RT_FL_TOS(oldflp); unsigned char hop; unsigned hash; int err = -EINVAL; @@ -2334,7 +2325,7 @@ static inline int ip_mkroute_output(struct rtable** rp, hash = rt_hash_code(oldflp->fl4_dst, oldflp->fl4_src ^ - (oldflp->oif << 5), tos); + (oldflp->oif << 5)); err = rt_intern_hash(hash, rth, rp); /* forward hop information to multipath impl. */ @@ -2563,7 +2554,7 @@ int __ip_route_output_key(struct rtable **rp, const struct flowi *flp) unsigned hash; struct rtable *rth; - hash = rt_hash_code(flp->fl4_dst, flp->fl4_src ^ (flp->oif << 5), flp->fl4_tos); + hash = rt_hash_code(flp->fl4_dst, flp->fl4_src ^ (flp->oif << 5)); rcu_read_lock_bh(); for (rth = rcu_dereference(rt_hash_table[hash].chain); rth; diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c index 16984d4..6b6c3ad 100644 --- a/net/ipv4/sysctl_net_ipv4.c +++ b/net/ipv4/sysctl_net_ipv4.c @@ -664,7 +664,30 @@ ctl_table ipv4_table[] = { .mode = 0644, .proc_handler = &proc_dointvec, }, - + { + .ctl_name = NET_TCP_MTU_PROBING, + .procname = "tcp_mtu_probing", + .data = &sysctl_tcp_mtu_probing, + .maxlen = sizeof(int), + .mode = 0644, + .proc_handler = &proc_dointvec, + }, + { + .ctl_name = NET_TCP_BASE_MSS, + .procname = "tcp_base_mss", + .data = &sysctl_tcp_base_mss, + .maxlen = sizeof(int), + .mode = 0644, + .proc_handler = &proc_dointvec, + }, + { + .ctl_name = NET_IPV4_TCP_WORKAROUND_SIGNED_WINDOWS, + .procname = "tcp_workaround_signed_windows", + .data = &sysctl_tcp_workaround_signed_windows, + .maxlen = sizeof(int), + .mode = 0644, + .proc_handler = &proc_dointvec + }, { .ctl_name = 0 } }; diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c index 00aa80e..87f68e7 100644 --- a/net/ipv4/tcp.c +++ b/net/ipv4/tcp.c @@ -257,6 +257,7 @@ #include <linux/fs.h> #include <linux/random.h> #include <linux/bootmem.h> +#include <linux/cache.h> #include <net/icmp.h> #include <net/tcp.h> @@ -275,9 +276,9 @@ atomic_t tcp_orphan_count = ATOMIC_INIT(0); EXPORT_SYMBOL_GPL(tcp_orphan_count); -int sysctl_tcp_mem[3]; -int sysctl_tcp_wmem[3] = { 4 * 1024, 16 * 1024, 128 * 1024 }; -int sysctl_tcp_rmem[3] = { 4 * 1024, 87380, 87380 * 2 }; +int sysctl_tcp_mem[3] __read_mostly; +int sysctl_tcp_wmem[3] __read_mostly; +int sysctl_tcp_rmem[3] __read_mostly; EXPORT_SYMBOL(sysctl_tcp_mem); EXPORT_SYMBOL(sysctl_tcp_rmem); @@ -365,7 +366,7 @@ unsigned int tcp_poll(struct file *file, struct socket *sock, poll_table *wait) if (sk->sk_shutdown == SHUTDOWN_MASK || sk->sk_state == TCP_CLOSE) mask |= POLLHUP; if (sk->sk_shutdown & RCV_SHUTDOWN) - mask |= POLLIN | POLLRDNORM; + mask |= POLLIN | POLLRDNORM | POLLRDHUP; /* Connected? */ if ((1 << sk->sk_state) & ~(TCPF_SYN_SENT | TCPF_SYN_RECV)) { @@ -1687,18 +1688,14 @@ int tcp_disconnect(struct sock *sk, int flags) /* * Socket option code for TCP. */ -int tcp_setsockopt(struct sock *sk, int level, int optname, char __user *optval, - int optlen) +static int do_tcp_setsockopt(struct sock *sk, int level, + int optname, char __user *optval, int optlen) { struct tcp_sock *tp = tcp_sk(sk); struct inet_connection_sock *icsk = inet_csk(sk); int val; int err = 0; - if (level != SOL_TCP) - return icsk->icsk_af_ops->setsockopt(sk, level, optname, - optval, optlen); - /* This is a string value all the others are int's */ if (optname == TCP_CONGESTION) { char name[TCP_CA_NAME_MAX]; @@ -1871,6 +1868,30 @@ int tcp_setsockopt(struct sock *sk, int level, int optname, char __user *optval, return err; } +int tcp_setsockopt(struct sock *sk, int level, int optname, char __user *optval, + int optlen) +{ + struct inet_connection_sock *icsk = inet_csk(sk); + + if (level != SOL_TCP) + return icsk->icsk_af_ops->setsockopt(sk, level, optname, + optval, optlen); + return do_tcp_setsockopt(sk, level, optname, optval, optlen); +} + +#ifdef CONFIG_COMPAT +int compat_tcp_setsockopt(struct sock *sk, int level, int optname, + char __user *optval, int optlen) +{ + if (level != SOL_TCP) + return inet_csk_compat_setsockopt(sk, level, optname, + optval, optlen); + return do_tcp_setsockopt(sk, level, optname, optval, optlen); +} + +EXPORT_SYMBOL(compat_tcp_setsockopt); +#endif + /* Return information about state of tcp endpoint in API format. */ void tcp_get_info(struct sock *sk, struct tcp_info *info) { @@ -1931,17 +1952,13 @@ void tcp_get_info(struct sock *sk, struct tcp_info *info) EXPORT_SYMBOL_GPL(tcp_get_info); -int tcp_getsockopt(struct sock *sk, int level, int optname, char __user *optval, - int __user *optlen) +static int do_tcp_getsockopt(struct sock *sk, int level, + int optname, char __user *optval, int __user *optlen) { struct inet_connection_sock *icsk = inet_csk(sk); struct tcp_sock *tp = tcp_sk(sk); int val, len; - if (level != SOL_TCP) - return icsk->icsk_af_ops->getsockopt(sk, level, optname, - optval, optlen); - if (get_user(len, optlen)) return -EFAULT; @@ -2025,6 +2042,29 @@ int tcp_getsockopt(struct sock *sk, int level, int optname, char __user *optval, return 0; } +int tcp_getsockopt(struct sock *sk, int level, int optname, char __user *optval, + int __user *optlen) +{ + struct inet_connection_sock *icsk = inet_csk(sk); + + if (level != SOL_TCP) + return icsk->icsk_af_ops->getsockopt(sk, level, optname, + optval, optlen); + return do_tcp_getsockopt(sk, level, optname, optval, optlen); +} + +#ifdef CONFIG_COMPAT +int compat_tcp_getsockopt(struct sock *sk, int level, int optname, + char __user *optval, int __user *optlen) +{ + if (level != SOL_TCP) + return inet_csk_compat_getsockopt(sk, level, optname, + optval, optlen); + return do_tcp_getsockopt(sk, level, optname, optval, optlen); +} + +EXPORT_SYMBOL(compat_tcp_getsockopt); +#endif extern void __skb_cb_too_small_for_tcp(int, int); extern struct tcp_congestion_ops tcp_reno; @@ -2042,7 +2082,8 @@ __setup("thash_entries=", set_thash_entries); void __init tcp_init(void) { struct sk_buff *skb = NULL; - int order, i; + unsigned long limit; + int order, i, max_share; if (sizeof(struct tcp_skb_cb) > sizeof(skb->cb)) __skb_cb_too_small_for_tcp(sizeof(struct tcp_skb_cb), @@ -2116,12 +2157,16 @@ void __init tcp_init(void) sysctl_tcp_mem[1] = 1024 << order; sysctl_tcp_mem[2] = 1536 << order; - if (order < 3) { - sysctl_tcp_wmem[2] = 64 * 1024; - sysctl_tcp_rmem[0] = PAGE_SIZE; - sysctl_tcp_rmem[1] = 43689; - sysctl_tcp_rmem[2] = 2 * 43689; - } + limit = ((unsigned long)sysctl_tcp_mem[1]) << (PAGE_SHIFT - 7); + max_share = min(4UL*1024*1024, limit); + + sysctl_tcp_wmem[0] = SK_STREAM_MEM_QUANTUM; + sysctl_tcp_wmem[1] = 16*1024; + sysctl_tcp_wmem[2] = max(64*1024, max_share); + + sysctl_tcp_rmem[0] = SK_STREAM_MEM_QUANTUM; + sysctl_tcp_rmem[1] = 87380; + sysctl_tcp_rmem[2] = max(87380, max_share); printk(KERN_INFO "TCP: Hash tables configured " "(established %d bind %d)\n", diff --git a/net/ipv4/tcp_cong.c b/net/ipv4/tcp_cong.c index e688c68..91c2f41 100644 --- a/net/ipv4/tcp_cong.c +++ b/net/ipv4/tcp_cong.c @@ -223,7 +223,7 @@ void tcp_reno_cong_avoid(struct sock *sk, u32 ack, u32 rtt, u32 in_flight, /* In dangerous area, increase slowly. */ else if (sysctl_tcp_abc) { - /* RFC3465: Apppriate Byte Count + /* RFC3465: Appropriate Byte Count * increase once for each full cwnd acked */ if (tp->bytes_acked >= tp->snd_cwnd*tp->mss_cache) { diff --git a/net/ipv4/tcp_htcp.c b/net/ipv4/tcp_htcp.c index 128de4d..1b2ff53 100644 --- a/net/ipv4/tcp_htcp.c +++ b/net/ipv4/tcp_htcp.c @@ -27,12 +27,12 @@ struct htcp { u16 alpha; /* Fixed point arith, << 7 */ u8 beta; /* Fixed point arith, << 7 */ u8 modeswitch; /* Delay modeswitch until we had at least one congestion event */ - u8 ccount; /* Number of RTTs since last congestion event */ - u8 undo_ccount; - u16 packetcount; + u32 last_cong; /* Time since last congestion event end */ + u32 undo_last_cong; + u16 pkts_acked; + u32 packetcount; u32 minRTT; u32 maxRTT; - u32 snd_cwnd_cnt2; u32 undo_maxRTT; u32 undo_old_maxB; @@ -45,21 +45,30 @@ struct htcp { u32 lasttime; }; +static inline u32 htcp_cong_time(struct htcp *ca) +{ + return jiffies - ca->last_cong; +} + +static inline u32 htcp_ccount(struct htcp *ca) +{ + return htcp_cong_time(ca)/ca->minRTT; +} + static inline void htcp_reset(struct htcp *ca) { - ca->undo_ccount = ca->ccount; + ca->undo_last_cong = ca->last_cong; ca->undo_maxRTT = ca->maxRTT; ca->undo_old_maxB = ca->old_maxB; - ca->ccount = 0; - ca->snd_cwnd_cnt2 = 0; + ca->last_cong = jiffies; } static u32 htcp_cwnd_undo(struct sock *sk) { const struct tcp_sock *tp = tcp_sk(sk); struct htcp *ca = inet_csk_ca(sk); - ca->ccount = ca->undo_ccount; + ca->last_cong = ca->undo_last_cong; ca->maxRTT = ca->undo_maxRTT; ca->old_maxB = ca->undo_old_maxB; return max(tp->snd_cwnd, (tp->snd_ssthresh<<7)/ca->beta); @@ -77,10 +86,10 @@ static inline void measure_rtt(struct sock *sk) ca->minRTT = srtt; /* max RTT */ - if (icsk->icsk_ca_state == TCP_CA_Open && tp->snd_ssthresh < 0xFFFF && ca->ccount > 3) { + if (icsk->icsk_ca_state == TCP_CA_Open && tp->snd_ssthresh < 0xFFFF && htcp_ccount(ca) > 3) { if (ca->maxRTT < ca->minRTT) ca->maxRTT = ca->minRTT; - if (ca->maxRTT < srtt && srtt <= ca->maxRTT+HZ/50) + if (ca->maxRTT < srtt && srtt <= ca->maxRTT+msecs_to_jiffies(20)) ca->maxRTT = srtt; } } @@ -92,6 +101,12 @@ static void measure_achieved_throughput(struct sock *sk, u32 pkts_acked) struct htcp *ca = inet_csk_ca(sk); u32 now = tcp_time_stamp; + if (icsk->icsk_ca_state == TCP_CA_Open) + ca->pkts_acked = pkts_acked; + + if (!use_bandwidth_switch) + return; + /* achieved throughput calculations */ if (icsk->icsk_ca_state != TCP_CA_Open && icsk->icsk_ca_state != TCP_CA_Disorder) { @@ -106,7 +121,7 @@ static void measure_achieved_throughput(struct sock *sk, u32 pkts_acked) && now - ca->lasttime >= ca->minRTT && ca->minRTT > 0) { __u32 cur_Bi = ca->packetcount*HZ/(now - ca->lasttime); - if (ca->ccount <= 3) { + if (htcp_ccount(ca) <= 3) { /* just after backoff */ ca->minB = ca->maxB = ca->Bi = cur_Bi; } else { @@ -135,7 +150,7 @@ static inline void htcp_beta_update(struct htcp *ca, u32 minRTT, u32 maxRTT) } } - if (ca->modeswitch && minRTT > max(HZ/100, 1) && maxRTT) { + if (ca->modeswitch && minRTT > msecs_to_jiffies(10) && maxRTT) { ca->beta = (minRTT<<7)/maxRTT; if (ca->beta < BETA_MIN) ca->beta = BETA_MIN; @@ -151,7 +166,7 @@ static inline void htcp_alpha_update(struct htcp *ca) { u32 minRTT = ca->minRTT; u32 factor = 1; - u32 diff = ca->ccount * minRTT; /* time since last backoff */ + u32 diff = htcp_cong_time(ca); if (diff > HZ) { diff -= HZ; @@ -216,21 +231,18 @@ static void htcp_cong_avoid(struct sock *sk, u32 ack, u32 rtt, measure_rtt(sk); - /* keep track of number of round-trip times since last backoff event */ - if (ca->snd_cwnd_cnt2++ > tp->snd_cwnd) { - ca->ccount++; - ca->snd_cwnd_cnt2 = 0; - htcp_alpha_update(ca); - } - /* In dangerous area, increase slowly. * In theory this is tp->snd_cwnd += alpha / tp->snd_cwnd */ - if ((tp->snd_cwnd_cnt++ * ca->alpha)>>7 >= tp->snd_cwnd) { + if ((tp->snd_cwnd_cnt * ca->alpha)>>7 >= tp->snd_cwnd) { if (tp->snd_cwnd < tp->snd_cwnd_clamp) tp->snd_cwnd++; tp->snd_cwnd_cnt = 0; - } + htcp_alpha_update(ca); + } else + tp->snd_cwnd_cnt += ca->pkts_acked; + + ca->pkts_acked = 1; } } @@ -249,11 +261,19 @@ static void htcp_init(struct sock *sk) memset(ca, 0, sizeof(struct htcp)); ca->alpha = ALPHA_BASE; ca->beta = BETA_MIN; + ca->pkts_acked = 1; + ca->last_cong = jiffies; } static void htcp_state(struct sock *sk, u8 new_state) { switch (new_state) { + case TCP_CA_Open: + { + struct htcp *ca = inet_csk_ca(sk); + ca->last_cong = jiffies; + } + break; case TCP_CA_CWR: case TCP_CA_Recovery: case TCP_CA_Loss: @@ -278,8 +298,6 @@ static int __init htcp_register(void) { BUG_ON(sizeof(struct htcp) > ICSK_CA_PRIV_SIZE); BUILD_BUG_ON(BETA_MIN >= BETA_MAX); - if (!use_bandwidth_switch) - htcp.pkts_acked = NULL; return tcp_register_congestion_control(&htcp); } diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c index e9a54ae..195d835 100644 --- a/net/ipv4/tcp_input.c +++ b/net/ipv4/tcp_input.c @@ -1891,6 +1891,34 @@ static void tcp_try_to_open(struct sock *sk, struct tcp_sock *tp, int flag) } } +static void tcp_mtup_probe_failed(struct sock *sk) +{ + struct inet_connection_sock *icsk = inet_csk(sk); + + icsk->icsk_mtup.search_high = icsk->icsk_mtup.probe_size - 1; + icsk->icsk_mtup.probe_size = 0; +} + +static void tcp_mtup_probe_success(struct sock *sk, struct sk_buff *skb) +{ + struct tcp_sock *tp = tcp_sk(sk); + struct inet_connection_sock *icsk = inet_csk(sk); + + /* FIXME: breaks with very large cwnd */ + tp->prior_ssthresh = tcp_current_ssthresh(sk); + tp->snd_cwnd = tp->snd_cwnd * + tcp_mss_to_mtu(sk, tp->mss_cache) / + icsk->icsk_mtup.probe_size; + tp->snd_cwnd_cnt = 0; + tp->snd_cwnd_stamp = tcp_time_stamp; + tp->rcv_ssthresh = tcp_current_ssthresh(sk); + + icsk->icsk_mtup.search_low = icsk->icsk_mtup.probe_size; + icsk->icsk_mtup.probe_size = 0; + tcp_sync_mss(sk, icsk->icsk_pmtu_cookie); +} + + /* Process an event, which can update packets-in-flight not trivially. * Main goal of this function is to calculate new estimate for left_out, * taking into account both packets sitting in receiver's buffer and @@ -2023,6 +2051,17 @@ tcp_fastretrans_alert(struct sock *sk, u32 prior_snd_una, return; } + /* MTU probe failure: don't reduce cwnd */ + if (icsk->icsk_ca_state < TCP_CA_CWR && + icsk->icsk_mtup.probe_size && + tp->snd_una == tp->mtu_probe.probe_seq_start) { + tcp_mtup_probe_failed(sk); + /* Restores the reduction we did in tcp_mtup_probe() */ + tp->snd_cwnd++; + tcp_simple_retransmit(sk); + return; + } + /* Otherwise enter Recovery state */ if (IsReno(tp)) @@ -2243,6 +2282,13 @@ static int tcp_clean_rtx_queue(struct sock *sk, __s32 *seq_rtt_p) tp->retrans_stamp = 0; } + /* MTU probing checks */ + if (icsk->icsk_mtup.probe_size) { + if (!after(tp->mtu_probe.probe_seq_end, TCP_SKB_CB(skb)->end_seq)) { + tcp_mtup_probe_success(sk, skb); + } + } + if (sacked) { if (sacked & TCPCB_RETRANS) { if(sacked & TCPCB_SACKED_RETRANS) @@ -4101,6 +4147,7 @@ static int tcp_rcv_synsent_state_process(struct sock *sk, struct sk_buff *skb, if (tp->rx_opt.sack_ok && sysctl_tcp_fack) tp->rx_opt.sack_ok |= 2; + tcp_mtup_init(sk); tcp_sync_mss(sk, icsk->icsk_pmtu_cookie); tcp_initialize_rcv_mss(sk); @@ -4211,6 +4258,7 @@ discard: if (tp->ecn_flags&TCP_ECN_OK) sock_set_flag(sk, SOCK_NO_LARGESEND); + tcp_mtup_init(sk); tcp_sync_mss(sk, icsk->icsk_pmtu_cookie); tcp_initialize_rcv_mss(sk); @@ -4399,6 +4447,7 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb, */ tp->lsndtime = tcp_time_stamp; + tcp_mtup_init(sk); tcp_initialize_rcv_mss(sk); tcp_init_buffer_space(sk); tcp_fast_path_on(tp); diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index 233bdf2..9e85c04 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c @@ -900,6 +900,7 @@ struct sock *tcp_v4_syn_recv_sock(struct sock *sk, struct sk_buff *skb, inet_csk(newsk)->icsk_ext_hdr_len = newinet->opt->optlen; newinet->id = newtp->write_seq ^ jiffies; + tcp_mtup_init(newsk); tcp_sync_mss(newsk, dst_mtu(dst)); newtp->advmss = dst_metric(dst, RTAX_ADVMSS); tcp_initialize_rcv_mss(newsk); @@ -1216,17 +1217,21 @@ int tcp_v4_tw_remember_stamp(struct inet_timewait_sock *tw) } struct inet_connection_sock_af_ops ipv4_specific = { - .queue_xmit = ip_queue_xmit, - .send_check = tcp_v4_send_check, - .rebuild_header = inet_sk_rebuild_header, - .conn_request = tcp_v4_conn_request, - .syn_recv_sock = tcp_v4_syn_recv_sock, - .remember_stamp = tcp_v4_remember_stamp, - .net_header_len = sizeof(struct iphdr), - .setsockopt = ip_setsockopt, - .getsockopt = ip_getsockopt, - .addr2sockaddr = inet_csk_addr2sockaddr, - .sockaddr_len = sizeof(struct sockaddr_in), + .queue_xmit = ip_queue_xmit, + .send_check = tcp_v4_send_check, + .rebuild_header = inet_sk_rebuild_header, + .conn_request = tcp_v4_conn_request, + .syn_recv_sock = tcp_v4_syn_recv_sock, + .remember_stamp = tcp_v4_remember_stamp, + .net_header_len = sizeof(struct iphdr), + .setsockopt = ip_setsockopt, + .getsockopt = ip_getsockopt, + .addr2sockaddr = inet_csk_addr2sockaddr, + .sockaddr_len = sizeof(struct sockaddr_in), +#ifdef CONFIG_COMPAT + .compat_setsockopt = compat_ip_setsockopt, + .compat_getsockopt = compat_ip_getsockopt, +#endif }; /* NOTE: A lot of things set to zero explicitly by call to @@ -1825,23 +1830,16 @@ struct proto tcp_prot = { .obj_size = sizeof(struct tcp_sock), .twsk_prot = &tcp_timewait_sock_ops, .rsk_prot = &tcp_request_sock_ops, +#ifdef CONFIG_COMPAT + .compat_setsockopt = compat_tcp_setsockopt, + .compat_getsockopt = compat_tcp_getsockopt, +#endif }; - - void __init tcp_v4_init(struct net_proto_family *ops) { - int err = sock_create_kern(PF_INET, SOCK_RAW, IPPROTO_TCP, &tcp_socket); - if (err < 0) + if (inet_csk_ctl_sock_create(&tcp_socket, PF_INET, SOCK_RAW, IPPROTO_TCP) < 0) panic("Failed to create the TCP control socket.\n"); - tcp_socket->sk->sk_allocation = GFP_ATOMIC; - inet_sk(tcp_socket->sk)->uc_ttl = -1; - - /* Unhash it so that IP input processing does not even - * see it, we do not wish this socket to see incoming - * packets. - */ - tcp_socket->sk->sk_prot->unhash(tcp_socket->sk); } EXPORT_SYMBOL(ipv4_specific); diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c index 9f498a6..9d79546 100644 --- a/net/ipv4/tcp_output.c +++ b/net/ipv4/tcp_output.c @@ -45,12 +45,23 @@ /* People can turn this off for buggy TCP's found in printers etc. */ int sysctl_tcp_retrans_collapse = 1; +/* People can turn this on to work with those rare, broken TCPs that + * interpret the window field as a signed quantity. + */ +int sysctl_tcp_workaround_signed_windows = 0; + /* This limits the percentage of the congestion window which we * will allow a single TSO frame to consume. Building TSO frames * which are too large can cause TCP streams to be bursty. */ int sysctl_tcp_tso_win_divisor = 3; +int sysctl_tcp_mtu_probing = 0; +int sysctl_tcp_base_mss = 512; + +EXPORT_SYMBOL(sysctl_tcp_mtu_probing); +EXPORT_SYMBOL(sysctl_tcp_base_mss); + static void update_send_head(struct sock *sk, struct tcp_sock *tp, struct sk_buff *skb) { @@ -171,12 +182,18 @@ void tcp_select_initial_window(int __space, __u32 mss, space = (space / mss) * mss; /* NOTE: offering an initial window larger than 32767 - * will break some buggy TCP stacks. We try to be nice. - * If we are not window scaling, then this truncates - * our initial window offering to 32k. There should also - * be a sysctl option to stop being nice. + * will break some buggy TCP stacks. If the admin tells us + * it is likely we could be speaking with such a buggy stack + * we will truncate our initial window offering to 32K-1 + * unless the remote has sent us a window scaling option, + * which we interpret as a sign the remote TCP is not + * misinterpreting the window field as a signed quantity. */ - (*rcv_wnd) = min(space, MAX_TCP_WINDOW); + if (sysctl_tcp_workaround_signed_windows) + (*rcv_wnd) = min(space, MAX_TCP_WINDOW); + else + (*rcv_wnd) = space; + (*rcv_wscale) = 0; if (wscale_ok) { /* Set window scaling on max possible window @@ -235,7 +252,7 @@ static u16 tcp_select_window(struct sock *sk) /* Make sure we do not exceed the maximum possible * scaled window. */ - if (!tp->rx_opt.rcv_wscale) + if (!tp->rx_opt.rcv_wscale && sysctl_tcp_workaround_signed_windows) new_win = min(new_win, MAX_TCP_WINDOW); else new_win = min(new_win, (65535U << tp->rx_opt.rcv_wscale)); @@ -681,6 +698,62 @@ int tcp_trim_head(struct sock *sk, struct sk_buff *skb, u32 len) return 0; } +/* Not accounting for SACKs here. */ +int tcp_mtu_to_mss(struct sock *sk, int pmtu) +{ + struct tcp_sock *tp = tcp_sk(sk); + struct inet_connection_sock *icsk = inet_csk(sk); + int mss_now; + + /* Calculate base mss without TCP options: + It is MMS_S - sizeof(tcphdr) of rfc1122 + */ + mss_now = pmtu - icsk->icsk_af_ops->net_header_len - sizeof(struct tcphdr); + + /* Clamp it (mss_clamp does not include tcp options) */ + if (mss_now > tp->rx_opt.mss_clamp) + mss_now = tp->rx_opt.mss_clamp; + + /* Now subtract optional transport overhead */ + mss_now -= icsk->icsk_ext_hdr_len; + + /* Then reserve room for full set of TCP options and 8 bytes of data */ + if (mss_now < 48) + mss_now = 48; + + /* Now subtract TCP options size, not including SACKs */ + mss_now -= tp->tcp_header_len - sizeof(struct tcphdr); + + return mss_now; +} + +/* Inverse of above */ +int tcp_mss_to_mtu(struct sock *sk, int mss) +{ + struct tcp_sock *tp = tcp_sk(sk); + struct inet_connection_sock *icsk = inet_csk(sk); + int mtu; + + mtu = mss + + tp->tcp_header_len + + icsk->icsk_ext_hdr_len + + icsk->icsk_af_ops->net_header_len; + + return mtu; +} + +void tcp_mtup_init(struct sock *sk) +{ + struct tcp_sock *tp = tcp_sk(sk); + struct inet_connection_sock *icsk = inet_csk(sk); + + icsk->icsk_mtup.enabled = sysctl_tcp_mtu_probing > 1; + icsk->icsk_mtup.search_high = tp->rx_opt.mss_clamp + sizeof(struct tcphdr) + + icsk->icsk_af_ops->net_header_len; + icsk->icsk_mtup.search_low = tcp_mss_to_mtu(sk, sysctl_tcp_base_mss); + icsk->icsk_mtup.probe_size = 0; +} + /* This function synchronize snd mss to current pmtu/exthdr set. tp->rx_opt.user_mss is mss set by user by TCP_MAXSEG. It does NOT counts @@ -708,25 +781,12 @@ unsigned int tcp_sync_mss(struct sock *sk, u32 pmtu) { struct tcp_sock *tp = tcp_sk(sk); struct inet_connection_sock *icsk = inet_csk(sk); - /* Calculate base mss without TCP options: - It is MMS_S - sizeof(tcphdr) of rfc1122 - */ - int mss_now = (pmtu - icsk->icsk_af_ops->net_header_len - - sizeof(struct tcphdr)); - - /* Clamp it (mss_clamp does not include tcp options) */ - if (mss_now > tp->rx_opt.mss_clamp) - mss_now = tp->rx_opt.mss_clamp; - - /* Now subtract optional transport overhead */ - mss_now -= icsk->icsk_ext_hdr_len; + int mss_now; - /* Then reserve room for full set of TCP options and 8 bytes of data */ - if (mss_now < 48) - mss_now = 48; + if (icsk->icsk_mtup.search_high > pmtu) + icsk->icsk_mtup.search_high = pmtu; - /* Now subtract TCP options size, not including SACKs */ - mss_now -= tp->tcp_header_len - sizeof(struct tcphdr); + mss_now = tcp_mtu_to_mss(sk, pmtu); /* Bound mss with half of window */ if (tp->max_window && mss_now > (tp->max_window>>1)) @@ -734,6 +794,8 @@ unsigned int tcp_sync_mss(struct sock *sk, u32 pmtu) /* And store cached results */ icsk->icsk_pmtu_cookie = pmtu; + if (icsk->icsk_mtup.enabled) + mss_now = min(mss_now, tcp_mtu_to_mss(sk, icsk->icsk_mtup.search_low)); tp->mss_cache = mss_now; return mss_now; @@ -1063,6 +1125,140 @@ static int tcp_tso_should_defer(struct sock *sk, struct tcp_sock *tp, struct sk_ return 1; } +/* Create a new MTU probe if we are ready. + * Returns 0 if we should wait to probe (no cwnd available), + * 1 if a probe was sent, + * -1 otherwise */ +static int tcp_mtu_probe(struct sock *sk) +{ + struct tcp_sock *tp = tcp_sk(sk); + struct inet_connection_sock *icsk = inet_csk(sk); + struct sk_buff *skb, *nskb, *next; + int len; + int probe_size; + unsigned int pif; + int copy; + int mss_now; + + /* Not currently probing/verifying, + * not in recovery, + * have enough cwnd, and + * not SACKing (the variable headers throw things off) */ + if (!icsk->icsk_mtup.enabled || + icsk->icsk_mtup.probe_size || + inet_csk(sk)->icsk_ca_state != TCP_CA_Open || + tp->snd_cwnd < 11 || + tp->rx_opt.eff_sacks) + return -1; + + /* Very simple search strategy: just double the MSS. */ + mss_now = tcp_current_mss(sk, 0); + probe_size = 2*tp->mss_cache; + if (probe_size > tcp_mtu_to_mss(sk, icsk->icsk_mtup.search_high)) { + /* TODO: set timer for probe_converge_event */ + return -1; + } + + /* Have enough data in the send queue to probe? */ + len = 0; + if ((skb = sk->sk_send_head) == NULL) + return -1; + while ((len += skb->len) < probe_size && !tcp_skb_is_last(sk, skb)) + skb = skb->next; + if (len < probe_size) + return -1; + + /* Receive window check. */ + if (after(TCP_SKB_CB(skb)->seq + probe_size, tp->snd_una + tp->snd_wnd)) { + if (tp->snd_wnd < probe_size) + return -1; + else + return 0; + } + + /* Do we need to wait to drain cwnd? */ + pif = tcp_packets_in_flight(tp); + if (pif + 2 > tp->snd_cwnd) { + /* With no packets in flight, don't stall. */ + if (pif == 0) + return -1; + else + return 0; + } + + /* We're allowed to probe. Build it now. */ + if ((nskb = sk_stream_alloc_skb(sk, probe_size, GFP_ATOMIC)) == NULL) + return -1; + sk_charge_skb(sk, nskb); + + skb = sk->sk_send_head; + __skb_insert(nskb, skb->prev, skb, &sk->sk_write_queue); + sk->sk_send_head = nskb; + + TCP_SKB_CB(nskb)->seq = TCP_SKB_CB(skb)->seq; + TCP_SKB_CB(nskb)->end_seq = TCP_SKB_CB(skb)->seq + probe_size; + TCP_SKB_CB(nskb)->flags = TCPCB_FLAG_ACK; + TCP_SKB_CB(nskb)->sacked = 0; + nskb->csum = 0; + if (skb->ip_summed == CHECKSUM_HW) + nskb->ip_summed = CHECKSUM_HW; + + len = 0; + while (len < probe_size) { + next = skb->next; + + copy = min_t(int, skb->len, probe_size - len); + if (nskb->ip_summed) + skb_copy_bits(skb, 0, skb_put(nskb, copy), copy); + else + nskb->csum = skb_copy_and_csum_bits(skb, 0, + skb_put(nskb, copy), copy, nskb->csum); + + if (skb->len <= copy) { + /* We've eaten all the data from this skb. + * Throw it away. */ + TCP_SKB_CB(nskb)->flags |= TCP_SKB_CB(skb)->flags; + __skb_unlink(skb, &sk->sk_write_queue); + sk_stream_free_skb(sk, skb); + } else { + TCP_SKB_CB(nskb)->flags |= TCP_SKB_CB(skb)->flags & + ~(TCPCB_FLAG_FIN|TCPCB_FLAG_PSH); + if (!skb_shinfo(skb)->nr_frags) { + skb_pull(skb, copy); + if (skb->ip_summed != CHECKSUM_HW) + skb->csum = csum_partial(skb->data, skb->len, 0); + } else { + __pskb_trim_head(skb, copy); + tcp_set_skb_tso_segs(sk, skb, mss_now); + } + TCP_SKB_CB(skb)->seq += copy; + } + + len += copy; + skb = next; + } + tcp_init_tso_segs(sk, nskb, nskb->len); + + /* We're ready to send. If this fails, the probe will + * be resegmented into mss-sized pieces by tcp_write_xmit(). */ + TCP_SKB_CB(nskb)->when = tcp_time_stamp; + if (!tcp_transmit_skb(sk, nskb, 1, GFP_ATOMIC)) { + /* Decrement cwnd here because we are sending + * effectively two packets. */ + tp->snd_cwnd--; + update_send_head(sk, tp, nskb); + + icsk->icsk_mtup.probe_size = tcp_mss_to_mtu(sk, nskb->len); + tp->mtu_probe.probe_seq_start = TCP_SKB_CB(nskb)->seq; + tp->mtu_probe.probe_seq_end = TCP_SKB_CB(nskb)->end_seq; + + return 1; + } + + return -1; +} + + /* This routine writes packets to the network. It advances the * send_head. This happens as incoming acks open up the remote * window for us. @@ -1076,6 +1272,7 @@ static int tcp_write_xmit(struct sock *sk, unsigned int mss_now, int nonagle) struct sk_buff *skb; unsigned int tso_segs, sent_pkts; int cwnd_quota; + int result; /* If we are closed, the bytes will have to remain here. * In time closedown will finish, we empty the write queue and all @@ -1085,6 +1282,14 @@ static int tcp_write_xmit(struct sock *sk, unsigned int mss_now, int nonagle) return 0; sent_pkts = 0; + + /* Do MTU probing. */ + if ((result = tcp_mtu_probe(sk)) == 0) { + return 0; + } else if (result > 0) { + sent_pkts = 1; + } + while ((skb = sk->sk_send_head)) { unsigned int limit; @@ -1455,9 +1660,15 @@ void tcp_simple_retransmit(struct sock *sk) int tcp_retransmit_skb(struct sock *sk, struct sk_buff *skb) { struct tcp_sock *tp = tcp_sk(sk); + struct inet_connection_sock *icsk = inet_csk(sk); unsigned int cur_mss = tcp_current_mss(sk, 0); int err; + /* Inconslusive MTU probe */ + if (icsk->icsk_mtup.probe_size) { + icsk->icsk_mtup.probe_size = 0; + } + /* Do not sent more than we queued. 1/4 is reserved for possible * copying overhead: fragmentation, tunneling, mangling etc. */ @@ -1883,6 +2094,7 @@ static void tcp_connect_init(struct sock *sk) if (tp->rx_opt.user_mss) tp->rx_opt.mss_clamp = tp->rx_opt.user_mss; tp->max_window = 0; + tcp_mtup_init(sk); tcp_sync_mss(sk, dst_mtu(dst)); if (!tp->window_clamp) @@ -2180,3 +2392,4 @@ EXPORT_SYMBOL(tcp_make_synack); EXPORT_SYMBOL(tcp_simple_retransmit); EXPORT_SYMBOL(tcp_sync_mss); EXPORT_SYMBOL(sysctl_tcp_tso_win_divisor); +EXPORT_SYMBOL(tcp_mtup_init); diff --git a/net/ipv4/tcp_timer.c b/net/ipv4/tcp_timer.c index e188095..7c1bde3 100644 --- a/net/ipv4/tcp_timer.c +++ b/net/ipv4/tcp_timer.c @@ -119,8 +119,10 @@ static int tcp_orphan_retries(struct sock *sk, int alive) /* A write timeout has occurred. Process the after effects. */ static int tcp_write_timeout(struct sock *sk) { - const struct inet_connection_sock *icsk = inet_csk(sk); + struct inet_connection_sock *icsk = inet_csk(sk); + struct tcp_sock *tp = tcp_sk(sk); int retry_until; + int mss; if ((1 << sk->sk_state) & (TCPF_SYN_SENT | TCPF_SYN_RECV)) { if (icsk->icsk_retransmits) @@ -128,25 +130,19 @@ static int tcp_write_timeout(struct sock *sk) retry_until = icsk->icsk_syn_retries ? : sysctl_tcp_syn_retries; } else { if (icsk->icsk_retransmits >= sysctl_tcp_retries1) { - /* NOTE. draft-ietf-tcpimpl-pmtud-01.txt requires pmtu black - hole detection. :-( - - It is place to make it. It is not made. I do not want - to make it. It is disgusting. It does not work in any - case. Let me to cite the same draft, which requires for - us to implement this: - - "The one security concern raised by this memo is that ICMP black holes - are often caused by over-zealous security administrators who block - all ICMP messages. It is vitally important that those who design and - deploy security systems understand the impact of strict filtering on - upper-layer protocols. The safest web site in the world is worthless - if most TCP implementations cannot transfer data from it. It would - be far nicer to have all of the black holes fixed rather than fixing - all of the TCP implementations." - - Golden words :-). - */ + /* Black hole detection */ + if (sysctl_tcp_mtu_probing) { + if (!icsk->icsk_mtup.enabled) { + icsk->icsk_mtup.enabled = 1; + tcp_sync_mss(sk, icsk->icsk_pmtu_cookie); + } else { + mss = min(sysctl_tcp_base_mss, + tcp_mtu_to_mss(sk, icsk->icsk_mtup.search_low)/2); + mss = max(mss, 68 - tp->tcp_header_len); + icsk->icsk_mtup.search_low = tcp_mss_to_mtu(sk, mss); + tcp_sync_mss(sk, icsk->icsk_pmtu_cookie); + } + } dst_negative_advice(&sk->sk_dst_cache); } diff --git a/net/ipv4/tunnel4.c b/net/ipv4/tunnel4.c new file mode 100644 index 0000000..0d7d386 --- /dev/null +++ b/net/ipv4/tunnel4.c @@ -0,0 +1,113 @@ +/* tunnel4.c: Generic IP tunnel transformer. + * + * Copyright (C) 2003 David S. Miller (davem@redhat.com) + */ + +#include <linux/init.h> +#include <linux/module.h> +#include <linux/mutex.h> +#include <linux/netdevice.h> +#include <linux/skbuff.h> +#include <net/protocol.h> +#include <net/xfrm.h> + +static struct xfrm_tunnel *tunnel4_handlers; +static DEFINE_MUTEX(tunnel4_mutex); + +int xfrm4_tunnel_register(struct xfrm_tunnel *handler) +{ + struct xfrm_tunnel **pprev; + int ret = -EEXIST; + int priority = handler->priority; + + mutex_lock(&tunnel4_mutex); + + for (pprev = &tunnel4_handlers; *pprev; pprev = &(*pprev)->next) { + if ((*pprev)->priority > priority) + break; + if ((*pprev)->priority == priority) + goto err; + } + + handler->next = *pprev; + *pprev = handler; + + ret = 0; + +err: + mutex_unlock(&tunnel4_mutex); + + return ret; +} + +EXPORT_SYMBOL(xfrm4_tunnel_register); + +int xfrm4_tunnel_deregister(struct xfrm_tunnel *handler) +{ + struct xfrm_tunnel **pprev; + int ret = -ENOENT; + + mutex_lock(&tunnel4_mutex); + + for (pprev = &tunnel4_handlers; *pprev; pprev = &(*pprev)->next) { + if (*pprev == handler) { + *pprev = handler->next; + ret = 0; + break; + } + } + + mutex_unlock(&tunnel4_mutex); + + synchronize_net(); + + return ret; +} + +EXPORT_SYMBOL(xfrm4_tunnel_deregister); + +static int tunnel4_rcv(struct sk_buff *skb) +{ + struct xfrm_tunnel *handler; + + for (handler = tunnel4_handlers; handler; handler = handler->next) + if (!handler->handler(skb)) + return 0; + + kfree_skb(skb); + return 0; +} + +static void tunnel4_err(struct sk_buff *skb, u32 info) +{ + struct xfrm_tunnel *handler; + + for (handler = tunnel4_handlers; handler; handler = handler->next) + if (!handler->err_handler(skb, info)) + break; +} + +static struct net_protocol tunnel4_protocol = { + .handler = tunnel4_rcv, + .err_handler = tunnel4_err, + .no_policy = 1, +}; + +static int __init tunnel4_init(void) +{ + if (inet_add_protocol(&tunnel4_protocol, IPPROTO_IPIP)) { + printk(KERN_ERR "tunnel4 init: can't add protocol\n"); + return -EAGAIN; + } + return 0; +} + +static void __exit tunnel4_fini(void) +{ + if (inet_del_protocol(&tunnel4_protocol, IPPROTO_IPIP)) + printk(KERN_ERR "tunnel4 close: can't remove protocol\n"); +} + +module_init(tunnel4_init); +module_exit(tunnel4_fini); +MODULE_LICENSE("GPL"); diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c index 0084047..3f93292 100644 --- a/net/ipv4/udp.c +++ b/net/ipv4/udp.c @@ -1207,16 +1207,13 @@ static int udp_destroy_sock(struct sock *sk) /* * Socket option code for UDP */ -static int udp_setsockopt(struct sock *sk, int level, int optname, +static int do_udp_setsockopt(struct sock *sk, int level, int optname, char __user *optval, int optlen) { struct udp_sock *up = udp_sk(sk); int val; int err = 0; - if (level != SOL_UDP) - return ip_setsockopt(sk, level, optname, optval, optlen); - if(optlen<sizeof(int)) return -EINVAL; @@ -1256,15 +1253,30 @@ static int udp_setsockopt(struct sock *sk, int level, int optname, return err; } -static int udp_getsockopt(struct sock *sk, int level, int optname, +static int udp_setsockopt(struct sock *sk, int level, int optname, + char __user *optval, int optlen) +{ + if (level != SOL_UDP) + return ip_setsockopt(sk, level, optname, optval, optlen); + return do_udp_setsockopt(sk, level, optname, optval, optlen); +} + +#ifdef CONFIG_COMPAT +static int compat_udp_setsockopt(struct sock *sk, int level, int optname, + char __user *optval, int optlen) +{ + if (level != SOL_UDP) + return compat_ip_setsockopt(sk, level, optname, optval, optlen); + return do_udp_setsockopt(sk, level, optname, optval, optlen); +} +#endif + +static int do_udp_getsockopt(struct sock *sk, int level, int optname, char __user *optval, int __user *optlen) { struct udp_sock *up = udp_sk(sk); int val, len; - if (level != SOL_UDP) - return ip_getsockopt(sk, level, optname, optval, optlen); - if(get_user(len,optlen)) return -EFAULT; @@ -1293,6 +1305,23 @@ static int udp_getsockopt(struct sock *sk, int level, int optname, return 0; } +static int udp_getsockopt(struct sock *sk, int level, int optname, + char __user *optval, int __user *optlen) +{ + if (level != SOL_UDP) + return ip_getsockopt(sk, level, optname, optval, optlen); + return do_udp_getsockopt(sk, level, optname, optval, optlen); +} + +#ifdef CONFIG_COMPAT +static int compat_udp_getsockopt(struct sock *sk, int level, int optname, + char __user *optval, int __user *optlen) +{ + if (level != SOL_UDP) + return compat_ip_getsockopt(sk, level, optname, optval, optlen); + return do_udp_getsockopt(sk, level, optname, optval, optlen); +} +#endif /** * udp_poll - wait for a UDP event. * @file - file struct @@ -1341,23 +1370,27 @@ unsigned int udp_poll(struct file *file, struct socket *sock, poll_table *wait) } struct proto udp_prot = { - .name = "UDP", - .owner = THIS_MODULE, - .close = udp_close, - .connect = ip4_datagram_connect, - .disconnect = udp_disconnect, - .ioctl = udp_ioctl, - .destroy = udp_destroy_sock, - .setsockopt = udp_setsockopt, - .getsockopt = udp_getsockopt, - .sendmsg = udp_sendmsg, - .recvmsg = udp_recvmsg, - .sendpage = udp_sendpage, - .backlog_rcv = udp_queue_rcv_skb, - .hash = udp_v4_hash, - .unhash = udp_v4_unhash, - .get_port = udp_v4_get_port, - .obj_size = sizeof(struct udp_sock), + .name = "UDP", + .owner = THIS_MODULE, + .close = udp_close, + .connect = ip4_datagram_connect, + .disconnect = udp_disconnect, + .ioctl = udp_ioctl, + .destroy = udp_destroy_sock, + .setsockopt = udp_setsockopt, + .getsockopt = udp_getsockopt, + .sendmsg = udp_sendmsg, + .recvmsg = udp_recvmsg, + .sendpage = udp_sendpage, + .backlog_rcv = udp_queue_rcv_skb, + .hash = udp_v4_hash, + .unhash = udp_v4_unhash, + .get_port = udp_v4_get_port, + .obj_size = sizeof(struct udp_sock), +#ifdef CONFIG_COMPAT + .compat_setsockopt = compat_udp_setsockopt, + .compat_getsockopt = compat_udp_getsockopt, +#endif }; /* ------------------------------------------------------------------------ */ diff --git a/net/ipv4/xfrm4_tunnel.c b/net/ipv4/xfrm4_tunnel.c index afbb0d4..2d67093 100644 --- a/net/ipv4/xfrm4_tunnel.c +++ b/net/ipv4/xfrm4_tunnel.c @@ -5,6 +5,7 @@ #include <linux/skbuff.h> #include <linux/module.h> +#include <linux/mutex.h> #include <net/xfrm.h> #include <net/ip.h> #include <net/protocol.h> @@ -25,64 +26,6 @@ static int ipip_xfrm_rcv(struct xfrm_state *x, struct xfrm_decap_state *decap, s return 0; } -static struct xfrm_tunnel *ipip_handler; -static DECLARE_MUTEX(xfrm4_tunnel_sem); - -int xfrm4_tunnel_register(struct xfrm_tunnel *handler) -{ - int ret; - - down(&xfrm4_tunnel_sem); - ret = 0; - if (ipip_handler != NULL) - ret = -EINVAL; - if (!ret) - ipip_handler = handler; - up(&xfrm4_tunnel_sem); - - return ret; -} - -EXPORT_SYMBOL(xfrm4_tunnel_register); - -int xfrm4_tunnel_deregister(struct xfrm_tunnel *handler) -{ - int ret; - - down(&xfrm4_tunnel_sem); - ret = 0; - if (ipip_handler != handler) - ret = -EINVAL; - if (!ret) - ipip_handler = NULL; - up(&xfrm4_tunnel_sem); - - synchronize_net(); - - return ret; -} - -EXPORT_SYMBOL(xfrm4_tunnel_deregister); - -static int ipip_rcv(struct sk_buff *skb) -{ - struct xfrm_tunnel *handler = ipip_handler; - - /* Tunnel devices take precedence. */ - if (handler && handler->handler(skb) == 0) - return 0; - - return xfrm4_rcv(skb); -} - -static void ipip_err(struct sk_buff *skb, u32 info) -{ - struct xfrm_tunnel *handler = ipip_handler; - - if (handler) - handler->err_handler(skb, info); -} - static int ipip_init_state(struct xfrm_state *x) { if (!x->props.mode) @@ -110,10 +53,15 @@ static struct xfrm_type ipip_type = { .output = ipip_output }; -static struct net_protocol ipip_protocol = { - .handler = ipip_rcv, - .err_handler = ipip_err, - .no_policy = 1, +static int xfrm_tunnel_err(struct sk_buff *skb, u32 info) +{ + return -ENOENT; +} + +static struct xfrm_tunnel xfrm_tunnel_handler = { + .handler = xfrm4_rcv, + .err_handler = xfrm_tunnel_err, + .priority = 2, }; static int __init ipip_init(void) @@ -122,8 +70,8 @@ static int __init ipip_init(void) printk(KERN_INFO "ipip init: can't add xfrm type\n"); return -EAGAIN; } - if (inet_add_protocol(&ipip_protocol, IPPROTO_IPIP) < 0) { - printk(KERN_INFO "ipip init: can't add protocol\n"); + if (xfrm4_tunnel_register(&xfrm_tunnel_handler)) { + printk(KERN_INFO "ipip init: can't add xfrm handler\n"); xfrm_unregister_type(&ipip_type, AF_INET); return -EAGAIN; } @@ -132,8 +80,8 @@ static int __init ipip_init(void) static void __exit ipip_fini(void) { - if (inet_del_protocol(&ipip_protocol, IPPROTO_IPIP) < 0) - printk(KERN_INFO "ipip close: can't remove protocol\n"); + if (xfrm4_tunnel_deregister(&xfrm_tunnel_handler)) + printk(KERN_INFO "ipip close: can't remove xfrm handler\n"); if (xfrm_unregister_type(&ipip_type, AF_INET) < 0) printk(KERN_INFO "ipip close: can't remove xfrm type\n"); } diff --git a/net/ipv6/Kconfig b/net/ipv6/Kconfig index ab7a912..f8a107a 100644 --- a/net/ipv6/Kconfig +++ b/net/ipv6/Kconfig @@ -6,8 +6,6 @@ config IPV6 tristate "The IPv6 protocol" default m - select CRYPTO if IPV6_PRIVACY - select CRYPTO_MD5 if IPV6_PRIVACY ---help--- This is complemental support for the IP version 6. You will still be able to do traditional IPv4 networking as well. @@ -22,7 +20,7 @@ config IPV6 module will be called ipv6. config IPV6_PRIVACY - bool "IPv6: Privacy Extensions (RFC 3041) support" + bool "IPv6: Privacy Extensions support" depends on IPV6 ---help--- Privacy Extensions for Stateless Address Autoconfiguration in IPv6 @@ -30,6 +28,9 @@ config IPV6_PRIVACY pseudo-random global-scope unicast address(es) will assigned to your interface(s). + We use our standard pseudo random algorithm to generate randomized + interface identifier, instead of one described in RFC 3041. + By default, kernel do not generate temporary addresses. To use temporary addresses, do @@ -37,6 +38,25 @@ config IPV6_PRIVACY See <file:Documentation/networking/ip-sysctl.txt> for details. +config IPV6_ROUTER_PREF + bool "IPv6: Router Preference (RFC 4191) support" + depends on IPV6 + ---help--- + Router Preference is an optional extension to the Router + Advertisement message to improve the ability of hosts + to pick more appropriate router, especially when the hosts + is placed in a multi-homed network. + + If unsure, say N. + +config IPV6_ROUTE_INFO + bool "IPv6: Route Information (RFC 4191) support (EXPERIMENTAL)" + depends on IPV6_ROUTER_PREF && EXPERIMENTAL + ---help--- + This is experimental support of Route Information. + + If unsure, say N. + config INET6_AH tristate "IPv6: AH transformation" depends on IPV6 @@ -68,7 +88,7 @@ config INET6_IPCOMP tristate "IPv6: IPComp transformation" depends on IPV6 select XFRM - select INET6_TUNNEL + select INET6_XFRM_TUNNEL select CRYPTO select CRYPTO_DEFLATE ---help--- @@ -77,19 +97,18 @@ config INET6_IPCOMP If unsure, say Y. +config INET6_XFRM_TUNNEL + tristate + select INET6_TUNNEL + default n + config INET6_TUNNEL - tristate "IPv6: tunnel transformation" - depends on IPV6 - select XFRM - ---help--- - Support for generic IPv6-in-IPv6 tunnel transformation, which is - required by the IPv6-in-IPv6 tunneling module as well as tunnel mode - IPComp. - - If unsure, say Y. + tristate + default n config IPV6_TUNNEL tristate "IPv6: IPv6-in-IPv6 tunnel" + select INET6_TUNNEL depends on IPV6 ---help--- Support for IPv6-in-IPv6 tunnels described in RFC 2473. diff --git a/net/ipv6/Makefile b/net/ipv6/Makefile index 41877ab..a760b09 100644 --- a/net/ipv6/Makefile +++ b/net/ipv6/Makefile @@ -18,7 +18,8 @@ ipv6-objs += $(ipv6-y) obj-$(CONFIG_INET6_AH) += ah6.o obj-$(CONFIG_INET6_ESP) += esp6.o obj-$(CONFIG_INET6_IPCOMP) += ipcomp6.o -obj-$(CONFIG_INET6_TUNNEL) += xfrm6_tunnel.o +obj-$(CONFIG_INET6_XFRM_TUNNEL) += xfrm6_tunnel.o +obj-$(CONFIG_INET6_TUNNEL) += tunnel6.o obj-$(CONFIG_NETFILTER) += netfilter/ obj-$(CONFIG_IPV6_TUNNEL) += ip6_tunnel.o diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c index 19727d9..445006e 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c @@ -78,8 +78,6 @@ #ifdef CONFIG_IPV6_PRIVACY #include <linux/random.h> -#include <linux/crypto.h> -#include <linux/scatterlist.h> #endif #include <asm/uaccess.h> @@ -110,8 +108,6 @@ static int __ipv6_try_regen_rndid(struct inet6_dev *idev, struct in6_addr *tmpad static void ipv6_regen_rndid(unsigned long data); static int desync_factor = MAX_DESYNC_FACTOR * HZ; -static struct crypto_tfm *md5_tfm; -static DEFINE_SPINLOCK(md5_tfm_lock); #endif static int ipv6_count_addresses(struct inet6_dev *idev); @@ -147,7 +143,7 @@ static void inet6_prefix_notify(int event, struct inet6_dev *idev, struct prefix_info *pinfo); static int ipv6_chk_same_addr(const struct in6_addr *addr, struct net_device *dev); -static struct notifier_block *inet6addr_chain; +static ATOMIC_NOTIFIER_HEAD(inet6addr_chain); struct ipv6_devconf ipv6_devconf = { .forwarding = 0, @@ -169,6 +165,15 @@ struct ipv6_devconf ipv6_devconf = { .max_desync_factor = MAX_DESYNC_FACTOR, #endif .max_addresses = IPV6_MAX_ADDRESSES, + .accept_ra_defrtr = 1, + .accept_ra_pinfo = 1, +#ifdef CONFIG_IPV6_ROUTER_PREF + .accept_ra_rtr_pref = 1, + .rtr_probe_interval = 60 * HZ, +#ifdef CONFIG_IPV6_ROUTE_INFO + .accept_ra_rt_info_max_plen = 0, +#endif +#endif }; static struct ipv6_devconf ipv6_devconf_dflt = { @@ -190,6 +195,15 @@ static struct ipv6_devconf ipv6_devconf_dflt = { .max_desync_factor = MAX_DESYNC_FACTOR, #endif .max_addresses = IPV6_MAX_ADDRESSES, + .accept_ra_defrtr = 1, + .accept_ra_pinfo = 1, +#ifdef CONFIG_IPV6_ROUTER_PREF + .accept_ra_rtr_pref = 1, + .rtr_probe_interval = 60 * HZ, +#ifdef CONFIG_IPV6_ROUTE_INFO + .accept_ra_rt_info_max_plen = 0, +#endif +#endif }; /* IPv6 Wildcard Address and Loopback Address defined by RFC2553 */ @@ -327,86 +341,83 @@ static struct inet6_dev * ipv6_add_dev(struct net_device *dev) if (dev->mtu < IPV6_MIN_MTU) return NULL; - ndev = kmalloc(sizeof(struct inet6_dev), GFP_KERNEL); + ndev = kzalloc(sizeof(struct inet6_dev), GFP_KERNEL); - if (ndev) { - memset(ndev, 0, sizeof(struct inet6_dev)); + if (ndev == NULL) + return NULL; - rwlock_init(&ndev->lock); - ndev->dev = dev; - memcpy(&ndev->cnf, &ipv6_devconf_dflt, sizeof(ndev->cnf)); - ndev->cnf.mtu6 = dev->mtu; - ndev->cnf.sysctl = NULL; - ndev->nd_parms = neigh_parms_alloc(dev, &nd_tbl); - if (ndev->nd_parms == NULL) { - kfree(ndev); - return NULL; - } - /* We refer to the device */ - dev_hold(dev); - - if (snmp6_alloc_dev(ndev) < 0) { - ADBG((KERN_WARNING - "%s(): cannot allocate memory for statistics; dev=%s.\n", - __FUNCTION__, dev->name)); - neigh_parms_release(&nd_tbl, ndev->nd_parms); - ndev->dead = 1; - in6_dev_finish_destroy(ndev); - return NULL; - } + rwlock_init(&ndev->lock); + ndev->dev = dev; + memcpy(&ndev->cnf, &ipv6_devconf_dflt, sizeof(ndev->cnf)); + ndev->cnf.mtu6 = dev->mtu; + ndev->cnf.sysctl = NULL; + ndev->nd_parms = neigh_parms_alloc(dev, &nd_tbl); + if (ndev->nd_parms == NULL) { + kfree(ndev); + return NULL; + } + /* We refer to the device */ + dev_hold(dev); - if (snmp6_register_dev(ndev) < 0) { - ADBG((KERN_WARNING - "%s(): cannot create /proc/net/dev_snmp6/%s\n", - __FUNCTION__, dev->name)); - neigh_parms_release(&nd_tbl, ndev->nd_parms); - ndev->dead = 1; - in6_dev_finish_destroy(ndev); - return NULL; - } + if (snmp6_alloc_dev(ndev) < 0) { + ADBG((KERN_WARNING + "%s(): cannot allocate memory for statistics; dev=%s.\n", + __FUNCTION__, dev->name)); + neigh_parms_release(&nd_tbl, ndev->nd_parms); + ndev->dead = 1; + in6_dev_finish_destroy(ndev); + return NULL; + } - /* One reference from device. We must do this before - * we invoke __ipv6_regen_rndid(). - */ - in6_dev_hold(ndev); + if (snmp6_register_dev(ndev) < 0) { + ADBG((KERN_WARNING + "%s(): cannot create /proc/net/dev_snmp6/%s\n", + __FUNCTION__, dev->name)); + neigh_parms_release(&nd_tbl, ndev->nd_parms); + ndev->dead = 1; + in6_dev_finish_destroy(ndev); + return NULL; + } + + /* One reference from device. We must do this before + * we invoke __ipv6_regen_rndid(). + */ + in6_dev_hold(ndev); #ifdef CONFIG_IPV6_PRIVACY - get_random_bytes(ndev->rndid, sizeof(ndev->rndid)); - get_random_bytes(ndev->entropy, sizeof(ndev->entropy)); - init_timer(&ndev->regen_timer); - ndev->regen_timer.function = ipv6_regen_rndid; - ndev->regen_timer.data = (unsigned long) ndev; - if ((dev->flags&IFF_LOOPBACK) || - dev->type == ARPHRD_TUNNEL || - dev->type == ARPHRD_NONE || - dev->type == ARPHRD_SIT) { - printk(KERN_INFO - "%s: Disabled Privacy Extensions\n", - dev->name); - ndev->cnf.use_tempaddr = -1; - } else { - in6_dev_hold(ndev); - ipv6_regen_rndid((unsigned long) ndev); - } + init_timer(&ndev->regen_timer); + ndev->regen_timer.function = ipv6_regen_rndid; + ndev->regen_timer.data = (unsigned long) ndev; + if ((dev->flags&IFF_LOOPBACK) || + dev->type == ARPHRD_TUNNEL || + dev->type == ARPHRD_NONE || + dev->type == ARPHRD_SIT) { + printk(KERN_INFO + "%s: Disabled Privacy Extensions\n", + dev->name); + ndev->cnf.use_tempaddr = -1; + } else { + in6_dev_hold(ndev); + ipv6_regen_rndid((unsigned long) ndev); + } #endif - if (netif_carrier_ok(dev)) - ndev->if_flags |= IF_READY; + if (netif_carrier_ok(dev)) + ndev->if_flags |= IF_READY; - write_lock_bh(&addrconf_lock); - dev->ip6_ptr = ndev; - write_unlock_bh(&addrconf_lock); + write_lock_bh(&addrconf_lock); + dev->ip6_ptr = ndev; + write_unlock_bh(&addrconf_lock); - ipv6_mc_init_dev(ndev); - ndev->tstamp = jiffies; + ipv6_mc_init_dev(ndev); + ndev->tstamp = jiffies; #ifdef CONFIG_SYSCTL - neigh_sysctl_register(dev, ndev->nd_parms, NET_IPV6, - NET_IPV6_NEIGH, "ipv6", - &ndisc_ifinfo_sysctl_change, - NULL); - addrconf_sysctl_register(ndev, &ndev->cnf); + neigh_sysctl_register(dev, ndev->nd_parms, NET_IPV6, + NET_IPV6_NEIGH, "ipv6", + &ndisc_ifinfo_sysctl_change, + NULL); + addrconf_sysctl_register(ndev, &ndev->cnf); #endif - } return ndev; } @@ -524,7 +535,7 @@ ipv6_add_addr(struct inet6_dev *idev, const struct in6_addr *addr, int pfxlen, goto out; } - ifa = kmalloc(sizeof(struct inet6_ifaddr), GFP_ATOMIC); + ifa = kzalloc(sizeof(struct inet6_ifaddr), GFP_ATOMIC); if (ifa == NULL) { ADBG(("ipv6_add_addr: malloc failed\n")); @@ -538,7 +549,6 @@ ipv6_add_addr(struct inet6_dev *idev, const struct in6_addr *addr, int pfxlen, goto out; } - memset(ifa, 0, sizeof(struct inet6_ifaddr)); ipv6_addr_copy(&ifa->addr, addr); spin_lock_init(&ifa->lock); @@ -583,7 +593,7 @@ out2: read_unlock_bh(&addrconf_lock); if (likely(err == 0)) - notifier_call_chain(&inet6addr_chain, NETDEV_UP, ifa); + atomic_notifier_call_chain(&inet6addr_chain, NETDEV_UP, ifa); else { kfree(ifa); ifa = ERR_PTR(err); @@ -678,7 +688,7 @@ static void ipv6_del_addr(struct inet6_ifaddr *ifp) ipv6_ifa_notify(RTM_DELADDR, ifp); - notifier_call_chain(&inet6addr_chain,NETDEV_DOWN,ifp); + atomic_notifier_call_chain(&inet6addr_chain, NETDEV_DOWN, ifp); addrconf_del_timer(ifp); @@ -1305,52 +1315,67 @@ static void addrconf_leave_anycast(struct inet6_ifaddr *ifp) __ipv6_dev_ac_dec(ifp->idev, &addr); } +static int addrconf_ifid_eui48(u8 *eui, struct net_device *dev) +{ + if (dev->addr_len != ETH_ALEN) + return -1; + memcpy(eui, dev->dev_addr, 3); + memcpy(eui + 5, dev->dev_addr + 3, 3); + + /* + * The zSeries OSA network cards can be shared among various + * OS instances, but the OSA cards have only one MAC address. + * This leads to duplicate address conflicts in conjunction + * with IPv6 if more than one instance uses the same card. + * + * The driver for these cards can deliver a unique 16-bit + * identifier for each instance sharing the same card. It is + * placed instead of 0xFFFE in the interface identifier. The + * "u" bit of the interface identifier is not inverted in this + * case. Hence the resulting interface identifier has local + * scope according to RFC2373. + */ + if (dev->dev_id) { + eui[3] = (dev->dev_id >> 8) & 0xFF; + eui[4] = dev->dev_id & 0xFF; + } else { + eui[3] = 0xFF; + eui[4] = 0xFE; + eui[0] ^= 2; + } + return 0; +} + +static int addrconf_ifid_arcnet(u8 *eui, struct net_device *dev) +{ + /* XXX: inherit EUI-64 from other interface -- yoshfuji */ + if (dev->addr_len != ARCNET_ALEN) + return -1; + memset(eui, 0, 7); + eui[7] = *(u8*)dev->dev_addr; + return 0; +} + +static int addrconf_ifid_infiniband(u8 *eui, struct net_device *dev) +{ + if (dev->addr_len != INFINIBAND_ALEN) + return -1; + memcpy(eui, dev->dev_addr + 12, 8); + eui[0] |= 2; + return 0; +} + static int ipv6_generate_eui64(u8 *eui, struct net_device *dev) { switch (dev->type) { case ARPHRD_ETHER: case ARPHRD_FDDI: case ARPHRD_IEEE802_TR: - if (dev->addr_len != ETH_ALEN) - return -1; - memcpy(eui, dev->dev_addr, 3); - memcpy(eui + 5, dev->dev_addr + 3, 3); - - /* - * The zSeries OSA network cards can be shared among various - * OS instances, but the OSA cards have only one MAC address. - * This leads to duplicate address conflicts in conjunction - * with IPv6 if more than one instance uses the same card. - * - * The driver for these cards can deliver a unique 16-bit - * identifier for each instance sharing the same card. It is - * placed instead of 0xFFFE in the interface identifier. The - * "u" bit of the interface identifier is not inverted in this - * case. Hence the resulting interface identifier has local - * scope according to RFC2373. - */ - if (dev->dev_id) { - eui[3] = (dev->dev_id >> 8) & 0xFF; - eui[4] = dev->dev_id & 0xFF; - } else { - eui[3] = 0xFF; - eui[4] = 0xFE; - eui[0] ^= 2; - } - return 0; + return addrconf_ifid_eui48(eui, dev); case ARPHRD_ARCNET: - /* XXX: inherit EUI-64 from other interface -- yoshfuji */ - if (dev->addr_len != ARCNET_ALEN) - return -1; - memset(eui, 0, 7); - eui[7] = *(u8*)dev->dev_addr; - return 0; + return addrconf_ifid_arcnet(eui, dev); case ARPHRD_INFINIBAND: - if (dev->addr_len != INFINIBAND_ALEN) - return -1; - memcpy(eui, dev->dev_addr + 12, 8); - eui[0] |= 2; - return 0; + return addrconf_ifid_infiniband(eui, dev); } return -1; } @@ -1376,34 +1401,9 @@ static int ipv6_inherit_eui64(u8 *eui, struct inet6_dev *idev) /* (re)generation of randomized interface identifier (RFC 3041 3.2, 3.5) */ static int __ipv6_regen_rndid(struct inet6_dev *idev) { - struct net_device *dev; - struct scatterlist sg[2]; - - sg_set_buf(&sg[0], idev->entropy, 8); - sg_set_buf(&sg[1], idev->work_eui64, 8); - - dev = idev->dev; - - if (ipv6_generate_eui64(idev->work_eui64, dev)) { - printk(KERN_INFO - "__ipv6_regen_rndid(idev=%p): cannot get EUI64 identifier; use random bytes.\n", - idev); - get_random_bytes(idev->work_eui64, sizeof(idev->work_eui64)); - } regen: - spin_lock(&md5_tfm_lock); - if (unlikely(md5_tfm == NULL)) { - spin_unlock(&md5_tfm_lock); - return -1; - } - crypto_digest_init(md5_tfm); - crypto_digest_update(md5_tfm, sg, 2); - crypto_digest_final(md5_tfm, idev->work_digest); - spin_unlock(&md5_tfm_lock); - - memcpy(idev->rndid, &idev->work_digest[0], 8); + get_random_bytes(idev->rndid, sizeof(idev->rndid)); idev->rndid[0] &= ~0x02; - memcpy(idev->entropy, &idev->work_digest[8], 8); /* * <draft-ietf-ipngwg-temp-addresses-v2-00.txt>: @@ -2143,7 +2143,6 @@ static void addrconf_ip6_tnl_config(struct net_device *dev) return; } ip6_tnl_add_linklocal(idev); - addrconf_add_mroute(dev); } static int addrconf_notify(struct notifier_block *this, unsigned long event, @@ -2668,11 +2667,10 @@ static int if6_seq_open(struct inode *inode, struct file *file) { struct seq_file *seq; int rc = -ENOMEM; - struct if6_iter_state *s = kmalloc(sizeof(*s), GFP_KERNEL); + struct if6_iter_state *s = kzalloc(sizeof(*s), GFP_KERNEL); if (!s) goto out; - memset(s, 0, sizeof(*s)); rc = seq_open(file, &if6_seq_ops); if (rc) @@ -3133,6 +3131,15 @@ static void inline ipv6_store_devconf(struct ipv6_devconf *cnf, array[DEVCONF_MAX_DESYNC_FACTOR] = cnf->max_desync_factor; #endif array[DEVCONF_MAX_ADDRESSES] = cnf->max_addresses; + array[DEVCONF_ACCEPT_RA_DEFRTR] = cnf->accept_ra_defrtr; + array[DEVCONF_ACCEPT_RA_PINFO] = cnf->accept_ra_pinfo; +#ifdef CONFIG_IPV6_ROUTER_PREF + array[DEVCONF_ACCEPT_RA_RTR_PREF] = cnf->accept_ra_rtr_pref; + array[DEVCONF_RTR_PROBE_INTERVAL] = cnf->rtr_probe_interval; +#ifdef CONFIV_IPV6_ROUTE_INFO + array[DEVCONF_ACCEPT_RA_RT_INFO_MAX_PLEN] = cnf->accept_ra_rt_info_max_plen; +#endif +#endif } static int inet6_fill_ifinfo(struct sk_buff *skb, struct inet6_dev *idev, @@ -3586,6 +3593,51 @@ static struct addrconf_sysctl_table .proc_handler = &proc_dointvec, }, { + .ctl_name = NET_IPV6_ACCEPT_RA_DEFRTR, + .procname = "accept_ra_defrtr", + .data = &ipv6_devconf.accept_ra_defrtr, + .maxlen = sizeof(int), + .mode = 0644, + .proc_handler = &proc_dointvec, + }, + { + .ctl_name = NET_IPV6_ACCEPT_RA_PINFO, + .procname = "accept_ra_pinfo", + .data = &ipv6_devconf.accept_ra_pinfo, + .maxlen = sizeof(int), + .mode = 0644, + .proc_handler = &proc_dointvec, + }, +#ifdef CONFIG_IPV6_ROUTER_PREF + { + .ctl_name = NET_IPV6_ACCEPT_RA_RTR_PREF, + .procname = "accept_ra_rtr_pref", + .data = &ipv6_devconf.accept_ra_rtr_pref, + .maxlen = sizeof(int), + .mode = 0644, + .proc_handler = &proc_dointvec, + }, + { + .ctl_name = NET_IPV6_RTR_PROBE_INTERVAL, + .procname = "router_probe_interval", + .data = &ipv6_devconf.rtr_probe_interval, + .maxlen = sizeof(int), + .mode = 0644, + .proc_handler = &proc_dointvec_jiffies, + .strategy = &sysctl_jiffies, + }, +#ifdef CONFIV_IPV6_ROUTE_INFO + { + .ctl_name = NET_IPV6_ACCEPT_RA_RT_INFO_MAX_PLEN, + .procname = "accept_ra_rt_info_max_plen", + .data = &ipv6_devconf.accept_ra_rt_info_max_plen, + .maxlen = sizeof(int), + .mode = 0644, + .proc_handler = &proc_dointvec, + }, +#endif +#endif + { .ctl_name = 0, /* sentinel */ } }, @@ -3715,12 +3767,12 @@ static void addrconf_sysctl_unregister(struct ipv6_devconf *p) int register_inet6addr_notifier(struct notifier_block *nb) { - return notifier_chain_register(&inet6addr_chain, nb); + return atomic_notifier_chain_register(&inet6addr_chain, nb); } int unregister_inet6addr_notifier(struct notifier_block *nb) { - return notifier_chain_unregister(&inet6addr_chain,nb); + return atomic_notifier_chain_unregister(&inet6addr_chain,nb); } /* @@ -3760,13 +3812,6 @@ int __init addrconf_init(void) register_netdevice_notifier(&ipv6_dev_notf); -#ifdef CONFIG_IPV6_PRIVACY - md5_tfm = crypto_alloc_tfm("md5", 0); - if (unlikely(md5_tfm == NULL)) - printk(KERN_WARNING - "failed to load transform for md5\n"); -#endif - addrconf_verify(0); rtnetlink_links[PF_INET6] = inet6_rtnetlink_table; #ifdef CONFIG_SYSCTL @@ -3829,11 +3874,6 @@ void __exit addrconf_cleanup(void) rtnl_unlock(); -#ifdef CONFIG_IPV6_PRIVACY - crypto_free_tfm(md5_tfm); - md5_tfm = NULL; -#endif - #ifdef CONFIG_PROC_FS proc_net_remove("if_inet6"); #endif diff --git a/net/ipv6/af_inet6.c b/net/ipv6/af_inet6.c index 6c9711a..e19457f 100644 --- a/net/ipv6/af_inet6.c +++ b/net/ipv6/af_inet6.c @@ -456,45 +456,53 @@ int inet6_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) } const struct proto_ops inet6_stream_ops = { - .family = PF_INET6, - .owner = THIS_MODULE, - .release = inet6_release, - .bind = inet6_bind, - .connect = inet_stream_connect, /* ok */ - .socketpair = sock_no_socketpair, /* a do nothing */ - .accept = inet_accept, /* ok */ - .getname = inet6_getname, - .poll = tcp_poll, /* ok */ - .ioctl = inet6_ioctl, /* must change */ - .listen = inet_listen, /* ok */ - .shutdown = inet_shutdown, /* ok */ - .setsockopt = sock_common_setsockopt, /* ok */ - .getsockopt = sock_common_getsockopt, /* ok */ - .sendmsg = inet_sendmsg, /* ok */ - .recvmsg = sock_common_recvmsg, /* ok */ - .mmap = sock_no_mmap, - .sendpage = tcp_sendpage + .family = PF_INET6, + .owner = THIS_MODULE, + .release = inet6_release, + .bind = inet6_bind, + .connect = inet_stream_connect, /* ok */ + .socketpair = sock_no_socketpair, /* a do nothing */ + .accept = inet_accept, /* ok */ + .getname = inet6_getname, + .poll = tcp_poll, /* ok */ + .ioctl = inet6_ioctl, /* must change */ + .listen = inet_listen, /* ok */ + .shutdown = inet_shutdown, /* ok */ + .setsockopt = sock_common_setsockopt, /* ok */ + .getsockopt = sock_common_getsockopt, /* ok */ + .sendmsg = inet_sendmsg, /* ok */ + .recvmsg = sock_common_recvmsg, /* ok */ + .mmap = sock_no_mmap, + .sendpage = tcp_sendpage, +#ifdef CONFIG_COMPAT + .compat_setsockopt = compat_sock_common_setsockopt, + .compat_getsockopt = compat_sock_common_getsockopt, +#endif }; const struct proto_ops inet6_dgram_ops = { - .family = PF_INET6, - .owner = THIS_MODULE, - .release = inet6_release, - .bind = inet6_bind, - .connect = inet_dgram_connect, /* ok */ - .socketpair = sock_no_socketpair, /* a do nothing */ - .accept = sock_no_accept, /* a do nothing */ - .getname = inet6_getname, - .poll = udp_poll, /* ok */ - .ioctl = inet6_ioctl, /* must change */ - .listen = sock_no_listen, /* ok */ - .shutdown = inet_shutdown, /* ok */ - .setsockopt = sock_common_setsockopt, /* ok */ - .getsockopt = sock_common_getsockopt, /* ok */ - .sendmsg = inet_sendmsg, /* ok */ - .recvmsg = sock_common_recvmsg, /* ok */ - .mmap = sock_no_mmap, - .sendpage = sock_no_sendpage, + .family = PF_INET6, + .owner = THIS_MODULE, + .release = inet6_release, + .bind = inet6_bind, + .connect = inet_dgram_connect, /* ok */ + .socketpair = sock_no_socketpair, /* a do nothing */ + .accept = sock_no_accept, /* a do nothing */ + .getname = inet6_getname, + .poll = udp_poll, /* ok */ + .ioctl = inet6_ioctl, /* must change */ + .listen = sock_no_listen, /* ok */ + .shutdown = inet_shutdown, /* ok */ + .setsockopt = sock_common_setsockopt, /* ok */ + .getsockopt = sock_common_getsockopt, /* ok */ + .sendmsg = inet_sendmsg, /* ok */ + .recvmsg = sock_common_recvmsg, /* ok */ + .mmap = sock_no_mmap, + .sendpage = sock_no_sendpage, +#ifdef CONFIG_COMPAT + .compat_setsockopt = compat_sock_common_setsockopt, + .compat_getsockopt = compat_sock_common_getsockopt, +#endif }; static struct net_proto_family inet6_family_ops = { @@ -505,24 +513,28 @@ static struct net_proto_family inet6_family_ops = { /* Same as inet6_dgram_ops, sans udp_poll. */ static const struct proto_ops inet6_sockraw_ops = { - .family = PF_INET6, - .owner = THIS_MODULE, - .release = inet6_release, - .bind = inet6_bind, - .connect = inet_dgram_connect, /* ok */ - .socketpair = sock_no_socketpair, /* a do nothing */ - .accept = sock_no_accept, /* a do nothing */ - .getname = inet6_getname, - .poll = datagram_poll, /* ok */ - .ioctl = inet6_ioctl, /* must change */ - .listen = sock_no_listen, /* ok */ - .shutdown = inet_shutdown, /* ok */ - .setsockopt = sock_common_setsockopt, /* ok */ - .getsockopt = sock_common_getsockopt, /* ok */ - .sendmsg = inet_sendmsg, /* ok */ - .recvmsg = sock_common_recvmsg, /* ok */ - .mmap = sock_no_mmap, - .sendpage = sock_no_sendpage, + .family = PF_INET6, + .owner = THIS_MODULE, + .release = inet6_release, + .bind = inet6_bind, + .connect = inet_dgram_connect, /* ok */ + .socketpair = sock_no_socketpair, /* a do nothing */ + .accept = sock_no_accept, /* a do nothing */ + .getname = inet6_getname, + .poll = datagram_poll, /* ok */ + .ioctl = inet6_ioctl, /* must change */ + .listen = sock_no_listen, /* ok */ + .shutdown = inet_shutdown, /* ok */ + .setsockopt = sock_common_setsockopt, /* ok */ + .getsockopt = sock_common_getsockopt, /* ok */ + .sendmsg = inet_sendmsg, /* ok */ + .recvmsg = sock_common_recvmsg, /* ok */ + .mmap = sock_no_mmap, + .sendpage = sock_no_sendpage, +#ifdef CONFIG_COMPAT + .compat_setsockopt = compat_sock_common_setsockopt, + .compat_getsockopt = compat_sock_common_getsockopt, +#endif }; static struct inet_protosw rawv6_protosw = { diff --git a/net/ipv6/ah6.c b/net/ipv6/ah6.c index 8496374..cf58251 100644 --- a/net/ipv6/ah6.c +++ b/net/ipv6/ah6.c @@ -213,6 +213,7 @@ static int ah6_output(struct xfrm_state *x, struct sk_buff *skb) ah->reserved = 0; ah->spi = x->id.spi; ah->seq_no = htonl(++x->replay.oseq); + xfrm_aevent_doreplay(x); ahp->icv(ahp, skb, ah->auth_data); err = 0; @@ -353,12 +354,10 @@ static int ah6_init_state(struct xfrm_state *x) if (x->encap) goto error; - ahp = kmalloc(sizeof(*ahp), GFP_KERNEL); + ahp = kzalloc(sizeof(*ahp), GFP_KERNEL); if (ahp == NULL) return -ENOMEM; - memset(ahp, 0, sizeof(*ahp)); - ahp->key = x->aalg->alg_key; ahp->key_len = (x->aalg->alg_key_len+7)/8; ahp->tfm = crypto_alloc_tfm(x->aalg->alg_name, 0); diff --git a/net/ipv6/anycast.c b/net/ipv6/anycast.c index 840a33d..39ec528 100644 --- a/net/ipv6/anycast.c +++ b/net/ipv6/anycast.c @@ -308,7 +308,7 @@ int ipv6_dev_ac_inc(struct net_device *dev, struct in6_addr *addr) * not found: create a new one. */ - aca = kmalloc(sizeof(struct ifacaddr6), GFP_ATOMIC); + aca = kzalloc(sizeof(struct ifacaddr6), GFP_ATOMIC); if (aca == NULL) { err = -ENOMEM; @@ -322,8 +322,6 @@ int ipv6_dev_ac_inc(struct net_device *dev, struct in6_addr *addr) goto out; } - memset(aca, 0, sizeof(struct ifacaddr6)); - ipv6_addr_copy(&aca->aca_addr, addr); aca->aca_idev = idev; aca->aca_rt = rt; @@ -550,7 +548,7 @@ static int ac6_seq_open(struct inode *inode, struct file *file) { struct seq_file *seq; int rc = -ENOMEM; - struct ac6_iter_state *s = kmalloc(sizeof(*s), GFP_KERNEL); + struct ac6_iter_state *s = kzalloc(sizeof(*s), GFP_KERNEL); if (!s) goto out; @@ -561,7 +559,6 @@ static int ac6_seq_open(struct inode *inode, struct file *file) seq = file->private_data; seq->private = s; - memset(s, 0, sizeof(*s)); out: return rc; out_kfree: diff --git a/net/ipv6/esp6.c b/net/ipv6/esp6.c index 7b5b94f..3dcaac7 100644 --- a/net/ipv6/esp6.c +++ b/net/ipv6/esp6.c @@ -94,6 +94,7 @@ static int esp6_output(struct xfrm_state *x, struct sk_buff *skb) esph->spi = x->id.spi; esph->seq_no = htonl(++x->replay.oseq); + xfrm_aevent_doreplay(x); if (esp->conf.ivlen) crypto_cipher_set_iv(tfm, esp->conf.ivec, crypto_tfm_alg_ivsize(tfm)); @@ -304,12 +305,10 @@ static int esp6_init_state(struct xfrm_state *x) if (x->encap) goto error; - esp = kmalloc(sizeof(*esp), GFP_KERNEL); + esp = kzalloc(sizeof(*esp), GFP_KERNEL); if (esp == NULL) return -ENOMEM; - memset(esp, 0, sizeof(*esp)); - if (x->aalg) { struct xfrm_algo_desc *aalg_desc; diff --git a/net/ipv6/ip6_fib.c b/net/ipv6/ip6_fib.c index 1bf6d9a..2cb6149 100644 --- a/net/ipv6/ip6_fib.c +++ b/net/ipv6/ip6_fib.c @@ -1105,7 +1105,6 @@ static int fib6_age(struct rt6_info *rt, void *arg) if (rt->rt6i_flags&RTF_EXPIRES && rt->rt6i_expires) { if (time_after(now, rt->rt6i_expires)) { RT6_TRACE("expiring %p\n", rt); - rt6_reset_dflt_pointer(rt); return -1; } gc_args.more++; diff --git a/net/ipv6/ip6_flowlabel.c b/net/ipv6/ip6_flowlabel.c index 69cbe8a..f9ca639 100644 --- a/net/ipv6/ip6_flowlabel.c +++ b/net/ipv6/ip6_flowlabel.c @@ -287,10 +287,9 @@ fl_create(struct in6_flowlabel_req *freq, char __user *optval, int optlen, int * int err; err = -ENOMEM; - fl = kmalloc(sizeof(*fl), GFP_KERNEL); + fl = kzalloc(sizeof(*fl), GFP_KERNEL); if (fl == NULL) goto done; - memset(fl, 0, sizeof(*fl)); olen = optlen - CMSG_ALIGN(sizeof(*freq)); if (olen > 0) { @@ -663,7 +662,7 @@ static int ip6fl_seq_open(struct inode *inode, struct file *file) { struct seq_file *seq; int rc = -ENOMEM; - struct ip6fl_iter_state *s = kmalloc(sizeof(*s), GFP_KERNEL); + struct ip6fl_iter_state *s = kzalloc(sizeof(*s), GFP_KERNEL); if (!s) goto out; @@ -674,7 +673,6 @@ static int ip6fl_seq_open(struct inode *inode, struct file *file) seq = file->private_data; seq->private = s; - memset(s, 0, sizeof(*s)); out: return rc; out_kfree: diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c index 5bf70b1..e460489 100644 --- a/net/ipv6/ip6_output.c +++ b/net/ipv6/ip6_output.c @@ -161,7 +161,7 @@ int ip6_output(struct sk_buff *skb) int ip6_xmit(struct sock *sk, struct sk_buff *skb, struct flowi *fl, struct ipv6_txoptions *opt, int ipfragok) { - struct ipv6_pinfo *np = sk ? inet6_sk(sk) : NULL; + struct ipv6_pinfo *np = inet6_sk(sk); struct in6_addr *first_hop = &fl->fl6_dst; struct dst_entry *dst = skb->dst; struct ipv6hdr *hdr; @@ -733,28 +733,29 @@ int ip6_dst_lookup(struct sock *sk, struct dst_entry **dst, struct flowi *fl) if (*dst) { struct rt6_info *rt = (struct rt6_info*)*dst; - /* Yes, checking route validity in not connected - case is not very simple. Take into account, - that we do not support routing by source, TOS, - and MSG_DONTROUTE --ANK (980726) - - 1. If route was host route, check that - cached destination is current. - If it is network route, we still may - check its validity using saved pointer - to the last used address: daddr_cache. - We do not want to save whole address now, - (because main consumer of this service - is tcp, which has not this problem), - so that the last trick works only on connected - sockets. - 2. oif also should be the same. - */ - + /* Yes, checking route validity in not connected + * case is not very simple. Take into account, + * that we do not support routing by source, TOS, + * and MSG_DONTROUTE --ANK (980726) + * + * 1. If route was host route, check that + * cached destination is current. + * If it is network route, we still may + * check its validity using saved pointer + * to the last used address: daddr_cache. + * We do not want to save whole address now, + * (because main consumer of this service + * is tcp, which has not this problem), + * so that the last trick works only on connected + * sockets. + * 2. oif also should be the same. + */ if (((rt->rt6i_dst.plen != 128 || - !ipv6_addr_equal(&fl->fl6_dst, &rt->rt6i_dst.addr)) + !ipv6_addr_equal(&fl->fl6_dst, + &rt->rt6i_dst.addr)) && (np->daddr_cache == NULL || - !ipv6_addr_equal(&fl->fl6_dst, np->daddr_cache))) + !ipv6_addr_equal(&fl->fl6_dst, + np->daddr_cache))) || (fl->oif && fl->oif != (*dst)->dev->ifindex)) { dst_release(*dst); *dst = NULL; @@ -889,7 +890,7 @@ int ip6_append_data(struct sock *sk, int getfrag(void *from, char *to, np->cork.hop_limit = hlimit; np->cork.tclass = tclass; mtu = dst_mtu(rt->u.dst.path); - if (np && np->frag_size < mtu) { + if (np->frag_size < mtu) { if (np->frag_size) mtu = np->frag_size; } diff --git a/net/ipv6/ip6_tunnel.c b/net/ipv6/ip6_tunnel.c index 4859753..ff9040c 100644 --- a/net/ipv6/ip6_tunnel.c +++ b/net/ipv6/ip6_tunnel.c @@ -44,7 +44,6 @@ #include <net/ip.h> #include <net/ipv6.h> -#include <net/protocol.h> #include <net/ip6_route.h> #include <net/addrconf.h> #include <net/ip6_tunnel.h> @@ -391,7 +390,7 @@ parse_tlv_tnl_enc_lim(struct sk_buff *skb, __u8 * raw) * to the specifications in RFC 2473. **/ -static void +static int ip6ip6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, int type, int code, int offset, __u32 info) { @@ -402,6 +401,7 @@ ip6ip6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, int rel_code = ICMPV6_ADDR_UNREACH; __u32 rel_info = 0; __u16 len; + int err = -ENOENT; /* If the packet doesn't contain the original IPv6 header we are in trouble since we might need the source address for further @@ -411,6 +411,8 @@ ip6ip6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, if ((t = ip6ip6_tnl_lookup(&ipv6h->daddr, &ipv6h->saddr)) == NULL) goto out; + err = 0; + switch (type) { __u32 teli; struct ipv6_tlv_tnl_enc_lim *tel; @@ -492,6 +494,7 @@ ip6ip6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, } out: read_unlock(&ip6ip6_lock); + return err; } static inline void ip6ip6_ecn_decapsulate(struct ipv6hdr *outer_iph, @@ -511,9 +514,8 @@ static inline void ip6ip6_ecn_decapsulate(struct ipv6hdr *outer_iph, **/ static int -ip6ip6_rcv(struct sk_buff **pskb) +ip6ip6_rcv(struct sk_buff *skb) { - struct sk_buff *skb = *pskb; struct ipv6hdr *ipv6h; struct ip6_tnl *t; @@ -1112,39 +1114,12 @@ ip6ip6_fb_tnl_dev_init(struct net_device *dev) return 0; } -#ifdef CONFIG_INET6_TUNNEL static struct xfrm6_tunnel ip6ip6_handler = { .handler = ip6ip6_rcv, .err_handler = ip6ip6_err, + .priority = 1, }; -static inline int ip6ip6_register(void) -{ - return xfrm6_tunnel_register(&ip6ip6_handler); -} - -static inline int ip6ip6_unregister(void) -{ - return xfrm6_tunnel_deregister(&ip6ip6_handler); -} -#else -static struct inet6_protocol xfrm6_tunnel_protocol = { - .handler = ip6ip6_rcv, - .err_handler = ip6ip6_err, - .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL, -}; - -static inline int ip6ip6_register(void) -{ - return inet6_add_protocol(&xfrm6_tunnel_protocol, IPPROTO_IPV6); -} - -static inline int ip6ip6_unregister(void) -{ - return inet6_del_protocol(&xfrm6_tunnel_protocol, IPPROTO_IPV6); -} -#endif - /** * ip6_tunnel_init - register protocol and reserve needed resources * @@ -1155,7 +1130,7 @@ static int __init ip6_tunnel_init(void) { int err; - if (ip6ip6_register() < 0) { + if (xfrm6_tunnel_register(&ip6ip6_handler)) { printk(KERN_ERR "ip6ip6 init: can't register tunnel\n"); return -EAGAIN; } @@ -1174,7 +1149,7 @@ static int __init ip6_tunnel_init(void) } return 0; fail: - ip6ip6_unregister(); + xfrm6_tunnel_deregister(&ip6ip6_handler); return err; } @@ -1184,7 +1159,7 @@ fail: static void __exit ip6_tunnel_cleanup(void) { - if (ip6ip6_unregister() < 0) + if (xfrm6_tunnel_deregister(&ip6ip6_handler)) printk(KERN_INFO "ip6ip6 close: can't deregister tunnel\n"); unregister_netdev(ip6ip6_fb_tnl_dev); diff --git a/net/ipv6/ipcomp6.c b/net/ipv6/ipcomp6.c index d511a88..d4cfec3 100644 --- a/net/ipv6/ipcomp6.c +++ b/net/ipv6/ipcomp6.c @@ -50,6 +50,7 @@ #include <net/protocol.h> #include <linux/ipv6.h> #include <linux/icmpv6.h> +#include <linux/mutex.h> struct ipcomp6_tfms { struct list_head list; @@ -57,7 +58,7 @@ struct ipcomp6_tfms { int users; }; -static DECLARE_MUTEX(ipcomp6_resource_sem); +static DEFINE_MUTEX(ipcomp6_resource_mutex); static void **ipcomp6_scratches; static int ipcomp6_scratch_users; static LIST_HEAD(ipcomp6_tfms_list); @@ -227,6 +228,9 @@ static struct xfrm_state *ipcomp6_tunnel_create(struct xfrm_state *x) t->id.proto = IPPROTO_IPV6; t->id.spi = xfrm6_tunnel_alloc_spi((xfrm_address_t *)&x->props.saddr); + if (!t->id.spi) + goto error; + memcpy(t->id.daddr.a6, x->id.daddr.a6, sizeof(struct in6_addr)); memcpy(&t->sel, &x->sel, sizeof(t->sel)); t->props.family = AF_INET6; @@ -242,7 +246,9 @@ out: return t; error: + t->km.state = XFRM_STATE_DEAD; xfrm_state_put(t); + t = NULL; goto out; } @@ -286,8 +292,8 @@ static void ipcomp6_free_scratches(void) for_each_cpu(i) { void *scratch = *per_cpu_ptr(scratches, i); - if (scratch) - vfree(scratch); + + vfree(scratch); } free_percpu(scratches); @@ -405,9 +411,9 @@ static void ipcomp6_destroy(struct xfrm_state *x) if (!ipcd) return; xfrm_state_delete_tunnel(x); - down(&ipcomp6_resource_sem); + mutex_lock(&ipcomp6_resource_mutex); ipcomp6_free_data(ipcd); - up(&ipcomp6_resource_sem); + mutex_unlock(&ipcomp6_resource_mutex); kfree(ipcd); xfrm6_tunnel_free_spi((xfrm_address_t *)&x->props.saddr); @@ -427,23 +433,22 @@ static int ipcomp6_init_state(struct xfrm_state *x) goto out; err = -ENOMEM; - ipcd = kmalloc(sizeof(*ipcd), GFP_KERNEL); + ipcd = kzalloc(sizeof(*ipcd), GFP_KERNEL); if (!ipcd) goto out; - memset(ipcd, 0, sizeof(*ipcd)); x->props.header_len = 0; if (x->props.mode) x->props.header_len += sizeof(struct ipv6hdr); - down(&ipcomp6_resource_sem); + mutex_lock(&ipcomp6_resource_mutex); if (!ipcomp6_alloc_scratches()) goto error; ipcd->tfms = ipcomp6_alloc_tfms(x->calg->alg_name); if (!ipcd->tfms) goto error; - up(&ipcomp6_resource_sem); + mutex_unlock(&ipcomp6_resource_mutex); if (x->props.mode) { err = ipcomp6_tunnel_attach(x); @@ -459,10 +464,10 @@ static int ipcomp6_init_state(struct xfrm_state *x) out: return err; error_tunnel: - down(&ipcomp6_resource_sem); + mutex_lock(&ipcomp6_resource_mutex); error: ipcomp6_free_data(ipcd); - up(&ipcomp6_resource_sem); + mutex_unlock(&ipcomp6_resource_mutex); kfree(ipcd); goto out; diff --git a/net/ipv6/ipv6_sockglue.c b/net/ipv6/ipv6_sockglue.c index f7142ba..4c20eeb 100644 --- a/net/ipv6/ipv6_sockglue.c +++ b/net/ipv6/ipv6_sockglue.c @@ -109,19 +109,13 @@ int ip6_ra_control(struct sock *sk, int sel, void (*destructor)(struct sock *)) return 0; } -int ipv6_setsockopt(struct sock *sk, int level, int optname, +static int do_ipv6_setsockopt(struct sock *sk, int level, int optname, char __user *optval, int optlen) { struct ipv6_pinfo *np = inet6_sk(sk); int val, valbool; int retv = -ENOPROTOOPT; - if (level == SOL_IP && sk->sk_type != SOCK_RAW) - return udp_prot.setsockopt(sk, level, optname, optval, optlen); - - if(level!=SOL_IPV6) - goto out; - if (optval == NULL) val=0; else if (get_user(val, (int __user *) optval)) @@ -613,17 +607,9 @@ done: retv = xfrm_user_policy(sk, optname, optval, optlen); break; -#ifdef CONFIG_NETFILTER - default: - retv = nf_setsockopt(sk, PF_INET6, optname, optval, - optlen); - break; -#endif - } release_sock(sk); -out: return retv; e_inval: @@ -631,6 +617,65 @@ e_inval: return -EINVAL; } +int ipv6_setsockopt(struct sock *sk, int level, int optname, + char __user *optval, int optlen) +{ + int err; + + if (level == SOL_IP && sk->sk_type != SOCK_RAW) + return udp_prot.setsockopt(sk, level, optname, optval, optlen); + + if (level != SOL_IPV6) + return -ENOPROTOOPT; + + err = do_ipv6_setsockopt(sk, level, optname, optval, optlen); +#ifdef CONFIG_NETFILTER + /* we need to exclude all possible ENOPROTOOPTs except default case */ + if (err == -ENOPROTOOPT && optname != IPV6_IPSEC_POLICY && + optname != IPV6_XFRM_POLICY) { + lock_sock(sk); + err = nf_setsockopt(sk, PF_INET6, optname, optval, + optlen); + release_sock(sk); + } +#endif + return err; +} + + +#ifdef CONFIG_COMPAT +int compat_ipv6_setsockopt(struct sock *sk, int level, int optname, + char __user *optval, int optlen) +{ + int err; + + if (level == SOL_IP && sk->sk_type != SOCK_RAW) { + if (udp_prot.compat_setsockopt != NULL) + return udp_prot.compat_setsockopt(sk, level, optname, + optval, optlen); + return udp_prot.setsockopt(sk, level, optname, optval, optlen); + } + + if (level != SOL_IPV6) + return -ENOPROTOOPT; + + err = do_ipv6_setsockopt(sk, level, optname, optval, optlen); +#ifdef CONFIG_NETFILTER + /* we need to exclude all possible ENOPROTOOPTs except default case */ + if (err == -ENOPROTOOPT && optname != IPV6_IPSEC_POLICY && + optname != IPV6_XFRM_POLICY) { + lock_sock(sk); + err = compat_nf_setsockopt(sk, PF_INET6, optname, + optval, optlen); + release_sock(sk); + } +#endif + return err; +} + +EXPORT_SYMBOL(compat_ipv6_setsockopt); +#endif + static int ipv6_getsockopt_sticky(struct sock *sk, struct ipv6_opt_hdr *hdr, char __user *optval, int len) { @@ -642,17 +687,13 @@ static int ipv6_getsockopt_sticky(struct sock *sk, struct ipv6_opt_hdr *hdr, return len; } -int ipv6_getsockopt(struct sock *sk, int level, int optname, +static int do_ipv6_getsockopt(struct sock *sk, int level, int optname, char __user *optval, int __user *optlen) { struct ipv6_pinfo *np = inet6_sk(sk); int len; int val; - if (level == SOL_IP && sk->sk_type != SOCK_RAW) - return udp_prot.getsockopt(sk, level, optname, optval, optlen); - if(level!=SOL_IPV6) - return -ENOPROTOOPT; if (get_user(len, optlen)) return -EFAULT; switch (optname) { @@ -842,17 +883,7 @@ int ipv6_getsockopt(struct sock *sk, int level, int optname, break; default: -#ifdef CONFIG_NETFILTER - lock_sock(sk); - val = nf_getsockopt(sk, PF_INET6, optname, optval, - &len); - release_sock(sk); - if (val >= 0) - val = put_user(len, optlen); - return val; -#else return -EINVAL; -#endif } len = min_t(unsigned int, sizeof(int), len); if(put_user(len, optlen)) @@ -862,6 +893,78 @@ int ipv6_getsockopt(struct sock *sk, int level, int optname, return 0; } +int ipv6_getsockopt(struct sock *sk, int level, int optname, + char __user *optval, int __user *optlen) +{ + int err; + + if (level == SOL_IP && sk->sk_type != SOCK_RAW) + return udp_prot.getsockopt(sk, level, optname, optval, optlen); + + if(level != SOL_IPV6) + return -ENOPROTOOPT; + + err = do_ipv6_getsockopt(sk, level, optname, optval, optlen); +#ifdef CONFIG_NETFILTER + /* we need to exclude all possible EINVALs except default case */ + if (err == -EINVAL && optname != IPV6_ADDRFORM && + optname != MCAST_MSFILTER) { + int len; + + if (get_user(len, optlen)) + return -EFAULT; + + lock_sock(sk); + err = nf_getsockopt(sk, PF_INET6, optname, optval, + &len); + release_sock(sk); + if (err >= 0) + err = put_user(len, optlen); + } +#endif + return err; +} + +#ifdef CONFIG_COMPAT +int compat_ipv6_getsockopt(struct sock *sk, int level, int optname, + char __user *optval, int __user *optlen) +{ + int err; + + if (level == SOL_IP && sk->sk_type != SOCK_RAW) { + if (udp_prot.compat_getsockopt != NULL) + return udp_prot.compat_getsockopt(sk, level, optname, + optval, optlen); + return udp_prot.getsockopt(sk, level, optname, optval, optlen); + } + + if (level != SOL_IPV6) + return -ENOPROTOOPT; + + err = do_ipv6_getsockopt(sk, level, optname, optval, optlen); +#ifdef CONFIG_NETFILTER + /* we need to exclude all possible EINVALs except default case */ + if (err == -EINVAL && optname != IPV6_ADDRFORM && + optname != MCAST_MSFILTER) { + int len; + + if (get_user(len, optlen)) + return -EFAULT; + + lock_sock(sk); + err = compat_nf_getsockopt(sk, PF_INET6, + optname, optval, &len); + release_sock(sk); + if (err >= 0) + err = put_user(len, optlen); + } +#endif + return err; +} + +EXPORT_SYMBOL(compat_ipv6_getsockopt); +#endif + void __init ipv6_packet_init(void) { dev_add_pack(&ipv6_packet_type); diff --git a/net/ipv6/mcast.c b/net/ipv6/mcast.c index 807c021..6e871af 100644 --- a/net/ipv6/mcast.c +++ b/net/ipv6/mcast.c @@ -767,10 +767,10 @@ static void mld_add_delrec(struct inet6_dev *idev, struct ifmcaddr6 *im) * for deleted items allows change reports to use common code with * non-deleted or query-response MCA's. */ - pmc = kmalloc(sizeof(*pmc), GFP_ATOMIC); + pmc = kzalloc(sizeof(*pmc), GFP_ATOMIC); if (!pmc) return; - memset(pmc, 0, sizeof(*pmc)); + spin_lock_bh(&im->mca_lock); spin_lock_init(&pmc->mca_lock); pmc->idev = im->idev; @@ -893,7 +893,7 @@ int ipv6_dev_mc_inc(struct net_device *dev, struct in6_addr *addr) * not found: create a new one. */ - mc = kmalloc(sizeof(struct ifmcaddr6), GFP_ATOMIC); + mc = kzalloc(sizeof(struct ifmcaddr6), GFP_ATOMIC); if (mc == NULL) { write_unlock_bh(&idev->lock); @@ -901,7 +901,6 @@ int ipv6_dev_mc_inc(struct net_device *dev, struct in6_addr *addr) return -ENOMEM; } - memset(mc, 0, sizeof(struct ifmcaddr6)); init_timer(&mc->mca_timer); mc->mca_timer.function = igmp6_timer_handler; mc->mca_timer.data = (unsigned long) mc; @@ -1934,10 +1933,10 @@ static int ip6_mc_add1_src(struct ifmcaddr6 *pmc, int sfmode, psf_prev = psf; } if (!psf) { - psf = kmalloc(sizeof(*psf), GFP_ATOMIC); + psf = kzalloc(sizeof(*psf), GFP_ATOMIC); if (!psf) return -ENOBUFS; - memset(psf, 0, sizeof(*psf)); + psf->sf_addr = *psfsrc; if (psf_prev) { psf_prev->sf_next = psf; @@ -2431,7 +2430,7 @@ static int igmp6_mc_seq_open(struct inode *inode, struct file *file) { struct seq_file *seq; int rc = -ENOMEM; - struct igmp6_mc_iter_state *s = kmalloc(sizeof(*s), GFP_KERNEL); + struct igmp6_mc_iter_state *s = kzalloc(sizeof(*s), GFP_KERNEL); if (!s) goto out; @@ -2442,7 +2441,6 @@ static int igmp6_mc_seq_open(struct inode *inode, struct file *file) seq = file->private_data; seq->private = s; - memset(s, 0, sizeof(*s)); out: return rc; out_kfree: @@ -2606,7 +2604,7 @@ static int igmp6_mcf_seq_open(struct inode *inode, struct file *file) { struct seq_file *seq; int rc = -ENOMEM; - struct igmp6_mcf_iter_state *s = kmalloc(sizeof(*s), GFP_KERNEL); + struct igmp6_mcf_iter_state *s = kzalloc(sizeof(*s), GFP_KERNEL); if (!s) goto out; @@ -2617,7 +2615,6 @@ static int igmp6_mcf_seq_open(struct inode *inode, struct file *file) seq = file->private_data; seq->private = s; - memset(s, 0, sizeof(*s)); out: return rc; out_kfree: diff --git a/net/ipv6/ndisc.c b/net/ipv6/ndisc.c index cb8856b..dfa20d3 100644 --- a/net/ipv6/ndisc.c +++ b/net/ipv6/ndisc.c @@ -156,7 +156,11 @@ struct neigh_table nd_tbl = { /* ND options */ struct ndisc_options { - struct nd_opt_hdr *nd_opt_array[__ND_OPT_MAX]; + struct nd_opt_hdr *nd_opt_array[__ND_OPT_ARRAY_MAX]; +#ifdef CONFIG_IPV6_ROUTE_INFO + struct nd_opt_hdr *nd_opts_ri; + struct nd_opt_hdr *nd_opts_ri_end; +#endif }; #define nd_opts_src_lladdr nd_opt_array[ND_OPT_SOURCE_LL_ADDR] @@ -255,6 +259,13 @@ static struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len, if (ndopts->nd_opt_array[nd_opt->nd_opt_type] == 0) ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt; break; +#ifdef CONFIG_IPV6_ROUTE_INFO + case ND_OPT_ROUTE_INFO: + ndopts->nd_opts_ri_end = nd_opt; + if (!ndopts->nd_opts_ri) + ndopts->nd_opts_ri = nd_opt; + break; +#endif default: /* * Unknown options must be silently ignored, @@ -1019,10 +1030,11 @@ static void ndisc_router_discovery(struct sk_buff *skb) struct ra_msg *ra_msg = (struct ra_msg *) skb->h.raw; struct neighbour *neigh = NULL; struct inet6_dev *in6_dev; - struct rt6_info *rt; + struct rt6_info *rt = NULL; int lifetime; struct ndisc_options ndopts; int optlen; + unsigned int pref = 0; __u8 * opt = (__u8 *)(ra_msg + 1); @@ -1081,8 +1093,19 @@ static void ndisc_router_discovery(struct sk_buff *skb) (ra_msg->icmph.icmp6_addrconf_other ? IF_RA_OTHERCONF : 0); + if (!in6_dev->cnf.accept_ra_defrtr) + goto skip_defrtr; + lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime); +#ifdef CONFIG_IPV6_ROUTER_PREF + pref = ra_msg->icmph.icmp6_router_pref; + /* 10b is handled as if it were 00b (medium) */ + if (pref == ICMPV6_ROUTER_PREF_INVALID || + in6_dev->cnf.accept_ra_rtr_pref) + pref = ICMPV6_ROUTER_PREF_MEDIUM; +#endif + rt = rt6_get_dflt_router(&skb->nh.ipv6h->saddr, skb->dev); if (rt) @@ -1098,7 +1121,7 @@ static void ndisc_router_discovery(struct sk_buff *skb) ND_PRINTK3(KERN_DEBUG "ICMPv6 RA: adding default router.\n"); - rt = rt6_add_dflt_router(&skb->nh.ipv6h->saddr, skb->dev); + rt = rt6_add_dflt_router(&skb->nh.ipv6h->saddr, skb->dev, pref); if (rt == NULL) { ND_PRINTK0(KERN_ERR "ICMPv6 RA: %s() failed to add default route.\n", @@ -1117,6 +1140,8 @@ static void ndisc_router_discovery(struct sk_buff *skb) return; } neigh->flags |= NTF_ROUTER; + } else if (rt) { + rt->rt6i_flags |= (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref); } if (rt) @@ -1128,6 +1153,8 @@ static void ndisc_router_discovery(struct sk_buff *skb) rt->u.dst.metrics[RTAX_HOPLIMIT-1] = ra_msg->icmph.icmp6_hop_limit; } +skip_defrtr: + /* * Update Reachable Time and Retrans Timer */ @@ -1186,7 +1213,21 @@ static void ndisc_router_discovery(struct sk_buff *skb) NEIGH_UPDATE_F_ISROUTER); } - if (ndopts.nd_opts_pi) { +#ifdef CONFIG_IPV6_ROUTE_INFO + if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) { + struct nd_opt_hdr *p; + for (p = ndopts.nd_opts_ri; + p; + p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) { + if (((struct route_info *)p)->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen) + continue; + rt6_route_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3, + &skb->nh.ipv6h->saddr); + } + } +#endif + + if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) { struct nd_opt_hdr *p; for (p = ndopts.nd_opts_pi; p; diff --git a/net/ipv6/netfilter/Kconfig b/net/ipv6/netfilter/Kconfig index 2d6f8ec..98f7875 100644 --- a/net/ipv6/netfilter/Kconfig +++ b/net/ipv6/netfilter/Kconfig @@ -133,16 +133,6 @@ config IP6_NF_MATCH_EUI64 To compile it as a module, choose M here. If unsure, say N. -config IP6_NF_MATCH_POLICY - tristate "IPsec policy match support" - depends on IP6_NF_IPTABLES && XFRM - help - Policy matching allows you to match packets based on the - IPsec policy that was used during decapsulation/will - be used during encapsulation. - - To compile it as a module, choose M here. If unsure, say N. - # The targets config IP6_NF_FILTER tristate "Packet filtering" diff --git a/net/ipv6/netfilter/Makefile b/net/ipv6/netfilter/Makefile index db6073c..8436a1a 100644 --- a/net/ipv6/netfilter/Makefile +++ b/net/ipv6/netfilter/Makefile @@ -9,7 +9,6 @@ obj-$(CONFIG_IP6_NF_MATCH_OPTS) += ip6t_hbh.o ip6t_dst.o obj-$(CONFIG_IP6_NF_MATCH_IPV6HEADER) += ip6t_ipv6header.o obj-$(CONFIG_IP6_NF_MATCH_FRAG) += ip6t_frag.o obj-$(CONFIG_IP6_NF_MATCH_AHESP) += ip6t_esp.o ip6t_ah.o -obj-$(CONFIG_IP6_NF_MATCH_POLICY) += ip6t_policy.o obj-$(CONFIG_IP6_NF_MATCH_EUI64) += ip6t_eui64.o obj-$(CONFIG_IP6_NF_MATCH_MULTIPORT) += ip6t_multiport.o obj-$(CONFIG_IP6_NF_MATCH_OWNER) += ip6t_owner.o diff --git a/net/ipv6/netfilter/ip6_queue.c b/net/ipv6/netfilter/ip6_queue.c index af06350..e81c6a9 100644 --- a/net/ipv6/netfilter/ip6_queue.c +++ b/net/ipv6/netfilter/ip6_queue.c @@ -35,6 +35,7 @@ #include <linux/spinlock.h> #include <linux/sysctl.h> #include <linux/proc_fs.h> +#include <linux/mutex.h> #include <net/sock.h> #include <net/ipv6.h> #include <net/ip6_route.h> @@ -65,7 +66,7 @@ static unsigned int queue_dropped = 0; static unsigned int queue_user_dropped = 0; static struct sock *ipqnl; static LIST_HEAD(queue_list); -static DECLARE_MUTEX(ipqnl_sem); +static DEFINE_MUTEX(ipqnl_mutex); static void ipq_issue_verdict(struct ipq_queue_entry *entry, int verdict) @@ -537,7 +538,7 @@ ipq_rcv_sk(struct sock *sk, int len) struct sk_buff *skb; unsigned int qlen; - down(&ipqnl_sem); + mutex_lock(&ipqnl_mutex); for (qlen = skb_queue_len(&sk->sk_receive_queue); qlen; qlen--) { skb = skb_dequeue(&sk->sk_receive_queue); @@ -545,7 +546,7 @@ ipq_rcv_sk(struct sock *sk, int len) kfree_skb(skb); } - up(&ipqnl_sem); + mutex_unlock(&ipqnl_mutex); } static int @@ -704,21 +705,21 @@ cleanup_sysctl: cleanup_ipqnl: sock_release(ipqnl->sk_socket); - down(&ipqnl_sem); - up(&ipqnl_sem); + mutex_lock(&ipqnl_mutex); + mutex_unlock(&ipqnl_mutex); cleanup_netlink_notifier: netlink_unregister_notifier(&ipq_nl_notifier); return status; } -static int __init init(void) +static int __init ip6_queue_init(void) { return init_or_cleanup(1); } -static void __exit fini(void) +static void __exit ip6_queue_fini(void) { init_or_cleanup(0); } @@ -726,5 +727,5 @@ static void __exit fini(void) MODULE_DESCRIPTION("IPv6 packet queue handler"); MODULE_LICENSE("GPL"); -module_init(init); -module_exit(fini); +module_init(ip6_queue_init); +module_exit(ip6_queue_fini); diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c index 74ff56c..3ecf2db 100644 --- a/net/ipv6/netfilter/ip6_tables.c +++ b/net/ipv6/netfilter/ip6_tables.c @@ -29,7 +29,7 @@ #include <linux/icmpv6.h> #include <net/ipv6.h> #include <asm/uaccess.h> -#include <asm/semaphore.h> +#include <linux/mutex.h> #include <linux/proc_fs.h> #include <linux/cpumask.h> @@ -94,19 +94,6 @@ do { \ #define up(x) do { printk("UP:%u:" #x "\n", __LINE__); up(x); } while(0) #endif -int -ip6_masked_addrcmp(const struct in6_addr *addr1, const struct in6_addr *mask, - const struct in6_addr *addr2) -{ - int i; - for( i = 0; i < 16; i++){ - if((addr1->s6_addr[i] & mask->s6_addr[i]) != - (addr2->s6_addr[i] & mask->s6_addr[i])) - return 1; - } - return 0; -} - /* Check for an extension */ int ip6t_ext_hdr(u8 nexthdr) @@ -135,10 +122,10 @@ ip6_packet_match(const struct sk_buff *skb, #define FWINV(bool,invflg) ((bool) ^ !!(ip6info->invflags & invflg)) - if (FWINV(ip6_masked_addrcmp(&ipv6->saddr, &ip6info->smsk, - &ip6info->src), IP6T_INV_SRCIP) - || FWINV(ip6_masked_addrcmp(&ipv6->daddr, &ip6info->dmsk, - &ip6info->dst), IP6T_INV_DSTIP)) { + if (FWINV(ipv6_masked_addr_cmp(&ipv6->saddr, &ip6info->smsk, + &ip6info->src), IP6T_INV_SRCIP) + || FWINV(ipv6_masked_addr_cmp(&ipv6->daddr, &ip6info->dmsk, + &ip6info->dst), IP6T_INV_DSTIP)) { dprintf("Source or dest mismatch.\n"); /* dprintf("SRC: %u. Mask: %u. Target: %u.%s\n", ip->saddr, @@ -232,6 +219,7 @@ ip6t_error(struct sk_buff **pskb, const struct net_device *in, const struct net_device *out, unsigned int hooknum, + const struct xt_target *target, const void *targinfo, void *userinfo) { @@ -251,7 +239,7 @@ int do_match(struct ip6t_entry_match *m, int *hotdrop) { /* Stop iteration if it doesn't match */ - if (!m->u.kernel.match->match(skb, in, out, m->data, + if (!m->u.kernel.match->match(skb, in, out, m->u.kernel.match, m->data, offset, protoff, hotdrop)) return 1; else @@ -373,6 +361,7 @@ ip6t_do_table(struct sk_buff **pskb, verdict = t->u.kernel.target->target(pskb, in, out, hook, + t->u.kernel.target, t->data, userdata); @@ -531,7 +520,7 @@ cleanup_match(struct ip6t_entry_match *m, unsigned int *i) return 1; if (m->u.kernel.match->destroy) - m->u.kernel.match->destroy(m->data, + m->u.kernel.match->destroy(m->u.kernel.match, m->data, m->u.match_size - sizeof(*m)); module_put(m->u.kernel.match->me); return 0; @@ -544,21 +533,12 @@ standard_check(const struct ip6t_entry_target *t, struct ip6t_standard_target *targ = (void *)t; /* Check standard info. */ - if (t->u.target_size - != IP6T_ALIGN(sizeof(struct ip6t_standard_target))) { - duprintf("standard_check: target size %u != %u\n", - t->u.target_size, - IP6T_ALIGN(sizeof(struct ip6t_standard_target))); - return 0; - } - if (targ->verdict >= 0 && targ->verdict > max_offset - sizeof(struct ip6t_entry)) { duprintf("ip6t_standard_check: bad verdict (%i)\n", targ->verdict); return 0; } - if (targ->verdict < -NF_MAX_VERDICT - 1) { duprintf("ip6t_standard_check: bad negative verdict (%i)\n", targ->verdict); @@ -575,6 +555,7 @@ check_match(struct ip6t_entry_match *m, unsigned int *i) { struct ip6t_match *match; + int ret; match = try_then_request_module(xt_find_match(AF_INET6, m->u.user.name, m->u.user.revision), @@ -585,18 +566,27 @@ check_match(struct ip6t_entry_match *m, } m->u.kernel.match = match; + ret = xt_check_match(match, AF_INET6, m->u.match_size - sizeof(*m), + name, hookmask, ipv6->proto, + ipv6->invflags & IP6T_INV_PROTO); + if (ret) + goto err; + if (m->u.kernel.match->checkentry - && !m->u.kernel.match->checkentry(name, ipv6, m->data, + && !m->u.kernel.match->checkentry(name, ipv6, match, m->data, m->u.match_size - sizeof(*m), hookmask)) { - module_put(m->u.kernel.match->me); duprintf("ip_tables: check failed for `%s'.\n", m->u.kernel.match->name); - return -EINVAL; + ret = -EINVAL; + goto err; } (*i)++; return 0; +err: + module_put(m->u.kernel.match->me); + return ret; } static struct ip6t_target ip6t_standard_target; @@ -632,26 +622,32 @@ check_entry(struct ip6t_entry *e, const char *name, unsigned int size, } t->u.kernel.target = target; + ret = xt_check_target(target, AF_INET6, t->u.target_size - sizeof(*t), + name, e->comefrom, e->ipv6.proto, + e->ipv6.invflags & IP6T_INV_PROTO); + if (ret) + goto err; + if (t->u.kernel.target == &ip6t_standard_target) { if (!standard_check(t, size)) { ret = -EINVAL; goto cleanup_matches; } } else if (t->u.kernel.target->checkentry - && !t->u.kernel.target->checkentry(name, e, t->data, + && !t->u.kernel.target->checkentry(name, e, target, t->data, t->u.target_size - sizeof(*t), e->comefrom)) { - module_put(t->u.kernel.target->me); duprintf("ip_tables: check failed for `%s'.\n", t->u.kernel.target->name); ret = -EINVAL; - goto cleanup_matches; + goto err; } (*i)++; return 0; - + err: + module_put(t->u.kernel.target->me); cleanup_matches: IP6T_MATCH_ITERATE(e, cleanup_match, &j); return ret; @@ -712,7 +708,7 @@ cleanup_entry(struct ip6t_entry *e, unsigned int *i) IP6T_MATCH_ITERATE(e, cleanup_match, NULL); t = ip6t_get_target(e); if (t->u.kernel.target->destroy) - t->u.kernel.target->destroy(t->data, + t->u.kernel.target->destroy(t->u.kernel.target, t->data, t->u.target_size - sizeof(*t)); module_put(t->u.kernel.target->me); return 0; @@ -1333,6 +1329,7 @@ static int icmp6_match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -1365,28 +1362,29 @@ icmp6_match(const struct sk_buff *skb, static int icmp6_checkentry(const char *tablename, const void *entry, + const struct xt_match *match, void *matchinfo, unsigned int matchsize, unsigned int hook_mask) { - const struct ip6t_ip6 *ipv6 = entry; const struct ip6t_icmp *icmpinfo = matchinfo; - /* Must specify proto == ICMP, and no unknown invflags */ - return ipv6->proto == IPPROTO_ICMPV6 - && !(ipv6->invflags & IP6T_INV_PROTO) - && matchsize == IP6T_ALIGN(sizeof(struct ip6t_icmp)) - && !(icmpinfo->invflags & ~IP6T_ICMP_INV); + /* Must specify no unknown invflags */ + return !(icmpinfo->invflags & ~IP6T_ICMP_INV); } /* The built-in targets: standard (NULL) and error. */ static struct ip6t_target ip6t_standard_target = { .name = IP6T_STANDARD_TARGET, + .targetsize = sizeof(int), + .family = AF_INET6, }; static struct ip6t_target ip6t_error_target = { .name = IP6T_ERROR_TARGET, .target = ip6t_error, + .targetsize = IP6T_FUNCTION_MAXNAMELEN, + .family = AF_INET6, }; static struct nf_sockopt_ops ip6t_sockopts = { @@ -1402,19 +1400,22 @@ static struct nf_sockopt_ops ip6t_sockopts = { static struct ip6t_match icmp6_matchstruct = { .name = "icmp6", .match = &icmp6_match, - .checkentry = &icmp6_checkentry, + .matchsize = sizeof(struct ip6t_icmp), + .checkentry = icmp6_checkentry, + .proto = IPPROTO_ICMPV6, + .family = AF_INET6, }; -static int __init init(void) +static int __init ip6_tables_init(void) { int ret; xt_proto_init(AF_INET6); /* Noone else will be downing sem now, so we won't sleep */ - xt_register_target(AF_INET6, &ip6t_standard_target); - xt_register_target(AF_INET6, &ip6t_error_target); - xt_register_match(AF_INET6, &icmp6_matchstruct); + xt_register_target(&ip6t_standard_target); + xt_register_target(&ip6t_error_target); + xt_register_match(&icmp6_matchstruct); /* Register setsockopt */ ret = nf_register_sockopt(&ip6t_sockopts); @@ -1428,12 +1429,12 @@ static int __init init(void) return 0; } -static void __exit fini(void) +static void __exit ip6_tables_fini(void) { nf_unregister_sockopt(&ip6t_sockopts); - xt_unregister_match(AF_INET6, &icmp6_matchstruct); - xt_unregister_target(AF_INET6, &ip6t_error_target); - xt_unregister_target(AF_INET6, &ip6t_standard_target); + xt_unregister_match(&icmp6_matchstruct); + xt_unregister_target(&ip6t_error_target); + xt_unregister_target(&ip6t_standard_target); xt_proto_fini(AF_INET6); } @@ -1515,7 +1516,6 @@ EXPORT_SYMBOL(ip6t_unregister_table); EXPORT_SYMBOL(ip6t_do_table); EXPORT_SYMBOL(ip6t_ext_hdr); EXPORT_SYMBOL(ipv6_find_hdr); -EXPORT_SYMBOL(ip6_masked_addrcmp); -module_init(init); -module_exit(fini); +module_init(ip6_tables_init); +module_exit(ip6_tables_fini); diff --git a/net/ipv6/netfilter/ip6t_HL.c b/net/ipv6/netfilter/ip6t_HL.c index 306200c..b8eff8e 100644 --- a/net/ipv6/netfilter/ip6t_HL.c +++ b/net/ipv6/netfilter/ip6t_HL.c @@ -21,6 +21,7 @@ static unsigned int ip6t_hl_target(struct sk_buff **pskb, const struct net_device *in, const struct net_device *out, unsigned int hooknum, + const struct xt_target *target, const void *targinfo, void *userinfo) { struct ipv6hdr *ip6h; @@ -63,56 +64,44 @@ static unsigned int ip6t_hl_target(struct sk_buff **pskb, static int ip6t_hl_checkentry(const char *tablename, const void *entry, + const struct xt_target *target, void *targinfo, unsigned int targinfosize, unsigned int hook_mask) { struct ip6t_HL_info *info = targinfo; - if (targinfosize != IP6T_ALIGN(sizeof(struct ip6t_HL_info))) { - printk(KERN_WARNING "ip6t_HL: targinfosize %u != %Zu\n", - targinfosize, - IP6T_ALIGN(sizeof(struct ip6t_HL_info))); - return 0; - } - - if (strcmp(tablename, "mangle")) { - printk(KERN_WARNING "ip6t_HL: can only be called from " - "\"mangle\" table, not \"%s\"\n", tablename); - return 0; - } - if (info->mode > IP6T_HL_MAXMODE) { printk(KERN_WARNING "ip6t_HL: invalid or unknown Mode %u\n", info->mode); return 0; } - if ((info->mode != IP6T_HL_SET) && (info->hop_limit == 0)) { printk(KERN_WARNING "ip6t_HL: increment/decrement doesn't " "make sense with value 0\n"); return 0; } - return 1; } static struct ip6t_target ip6t_HL = { .name = "HL", .target = ip6t_hl_target, + .targetsize = sizeof(struct ip6t_HL_info), + .table = "mangle", .checkentry = ip6t_hl_checkentry, .me = THIS_MODULE }; -static int __init init(void) +static int __init ip6t_hl_init(void) { return ip6t_register_target(&ip6t_HL); } -static void __exit fini(void) +static void __exit ip6t_hl_fini(void) { ip6t_unregister_target(&ip6t_HL); } -module_init(init); -module_exit(fini); +module_init(ip6t_hl_init); +module_exit(ip6t_hl_fini); diff --git a/net/ipv6/netfilter/ip6t_LOG.c b/net/ipv6/netfilter/ip6t_LOG.c index 6b930ef..a96c0de 100644 --- a/net/ipv6/netfilter/ip6t_LOG.c +++ b/net/ipv6/netfilter/ip6t_LOG.c @@ -426,6 +426,7 @@ ip6t_log_target(struct sk_buff **pskb, const struct net_device *in, const struct net_device *out, unsigned int hooknum, + const struct xt_target *target, const void *targinfo, void *userinfo) { @@ -449,35 +450,29 @@ ip6t_log_target(struct sk_buff **pskb, static int ip6t_log_checkentry(const char *tablename, const void *entry, + const struct xt_target *target, void *targinfo, unsigned int targinfosize, unsigned int hook_mask) { const struct ip6t_log_info *loginfo = targinfo; - if (targinfosize != IP6T_ALIGN(sizeof(struct ip6t_log_info))) { - DEBUGP("LOG: targinfosize %u != %u\n", - targinfosize, IP6T_ALIGN(sizeof(struct ip6t_log_info))); - return 0; - } - if (loginfo->level >= 8) { DEBUGP("LOG: level %u >= 8\n", loginfo->level); return 0; } - if (loginfo->prefix[sizeof(loginfo->prefix)-1] != '\0') { DEBUGP("LOG: prefix term %i\n", loginfo->prefix[sizeof(loginfo->prefix)-1]); return 0; } - return 1; } static struct ip6t_target ip6t_log_reg = { .name = "LOG", .target = ip6t_log_target, + .targetsize = sizeof(struct ip6t_log_info), .checkentry = ip6t_log_checkentry, .me = THIS_MODULE, }; @@ -488,7 +483,7 @@ static struct nf_logger ip6t_logger = { .me = THIS_MODULE, }; -static int __init init(void) +static int __init ip6t_log_init(void) { if (ip6t_register_target(&ip6t_log_reg)) return -EINVAL; @@ -502,11 +497,11 @@ static int __init init(void) return 0; } -static void __exit fini(void) +static void __exit ip6t_log_fini(void) { nf_log_unregister_logger(&ip6t_logger); ip6t_unregister_target(&ip6t_log_reg); } -module_init(init); -module_exit(fini); +module_init(ip6t_log_init); +module_exit(ip6t_log_fini); diff --git a/net/ipv6/netfilter/ip6t_REJECT.c b/net/ipv6/netfilter/ip6t_REJECT.c index 0e6d1d4..de1175c 100644 --- a/net/ipv6/netfilter/ip6t_REJECT.c +++ b/net/ipv6/netfilter/ip6t_REJECT.c @@ -179,6 +179,7 @@ static unsigned int reject6_target(struct sk_buff **pskb, const struct net_device *in, const struct net_device *out, unsigned int hooknum, + const struct xt_target *target, const void *targinfo, void *userinfo) { @@ -221,6 +222,7 @@ static unsigned int reject6_target(struct sk_buff **pskb, static int check(const char *tablename, const void *entry, + const struct xt_target *target, void *targinfo, unsigned int targinfosize, unsigned int hook_mask) @@ -228,24 +230,6 @@ static int check(const char *tablename, const struct ip6t_reject_info *rejinfo = targinfo; const struct ip6t_entry *e = entry; - if (targinfosize != IP6T_ALIGN(sizeof(struct ip6t_reject_info))) { - DEBUGP("ip6t_REJECT: targinfosize %u != 0\n", targinfosize); - return 0; - } - - /* Only allow these for packet filtering. */ - if (strcmp(tablename, "filter") != 0) { - DEBUGP("ip6t_REJECT: bad table `%s'.\n", tablename); - return 0; - } - - if ((hook_mask & ~((1 << NF_IP6_LOCAL_IN) - | (1 << NF_IP6_FORWARD) - | (1 << NF_IP6_LOCAL_OUT))) != 0) { - DEBUGP("ip6t_REJECT: bad hook mask %X\n", hook_mask); - return 0; - } - if (rejinfo->with == IP6T_ICMP6_ECHOREPLY) { printk("ip6t_REJECT: ECHOREPLY is not supported.\n"); return 0; @@ -257,28 +241,31 @@ static int check(const char *tablename, return 0; } } - return 1; } static struct ip6t_target ip6t_reject_reg = { .name = "REJECT", .target = reject6_target, + .targetsize = sizeof(struct ip6t_reject_info), + .table = "filter", + .hooks = (1 << NF_IP6_LOCAL_IN) | (1 << NF_IP6_FORWARD) | + (1 << NF_IP6_LOCAL_OUT), .checkentry = check, .me = THIS_MODULE }; -static int __init init(void) +static int __init ip6t_reject_init(void) { if (ip6t_register_target(&ip6t_reject_reg)) return -EINVAL; return 0; } -static void __exit fini(void) +static void __exit ip6t_reject_fini(void) { ip6t_unregister_target(&ip6t_reject_reg); } -module_init(init); -module_exit(fini); +module_init(ip6t_reject_init); +module_exit(ip6t_reject_fini); diff --git a/net/ipv6/netfilter/ip6t_ah.c b/net/ipv6/netfilter/ip6t_ah.c index 219a303..2f7bb20 100644 --- a/net/ipv6/netfilter/ip6t_ah.c +++ b/net/ipv6/netfilter/ip6t_ah.c @@ -44,6 +44,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -99,17 +100,13 @@ match(const struct sk_buff *skb, static int checkentry(const char *tablename, const void *entry, + const struct xt_match *match, void *matchinfo, unsigned int matchinfosize, unsigned int hook_mask) { const struct ip6t_ah *ahinfo = matchinfo; - if (matchinfosize != IP6T_ALIGN(sizeof(struct ip6t_ah))) { - DEBUGP("ip6t_ah: matchsize %u != %u\n", - matchinfosize, IP6T_ALIGN(sizeof(struct ip6t_ah))); - return 0; - } if (ahinfo->invflags & ~IP6T_AH_INV_MASK) { DEBUGP("ip6t_ah: unknown flags %X\n", ahinfo->invflags); return 0; @@ -119,20 +116,21 @@ checkentry(const char *tablename, static struct ip6t_match ah_match = { .name = "ah", - .match = &match, - .checkentry = &checkentry, + .match = match, + .matchsize = sizeof(struct ip6t_ah), + .checkentry = checkentry, .me = THIS_MODULE, }; -static int __init init(void) +static int __init ip6t_ah_init(void) { return ip6t_register_match(&ah_match); } -static void __exit cleanup(void) +static void __exit ip6t_ah_fini(void) { ip6t_unregister_match(&ah_match); } -module_init(init); -module_exit(cleanup); +module_init(ip6t_ah_init); +module_exit(ip6t_ah_fini); diff --git a/net/ipv6/netfilter/ip6t_dst.c b/net/ipv6/netfilter/ip6t_dst.c index b4c153a..9422413 100644 --- a/net/ipv6/netfilter/ip6t_dst.c +++ b/net/ipv6/netfilter/ip6t_dst.c @@ -55,6 +55,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -179,22 +180,17 @@ match(const struct sk_buff *skb, static int checkentry(const char *tablename, const void *info, + const struct xt_match *match, void *matchinfo, unsigned int matchinfosize, unsigned int hook_mask) { const struct ip6t_opts *optsinfo = matchinfo; - if (matchinfosize != IP6T_ALIGN(sizeof(struct ip6t_opts))) { - DEBUGP("ip6t_opts: matchsize %u != %u\n", - matchinfosize, IP6T_ALIGN(sizeof(struct ip6t_opts))); - return 0; - } if (optsinfo->invflags & ~IP6T_OPTS_INV_MASK) { DEBUGP("ip6t_opts: unknown flags %X\n", optsinfo->invflags); return 0; } - return 1; } @@ -204,20 +200,21 @@ static struct ip6t_match opts_match = { #else .name = "dst", #endif - .match = &match, - .checkentry = &checkentry, + .match = match, + .matchsize = sizeof(struct ip6t_opts), + .checkentry = checkentry, .me = THIS_MODULE, }; -static int __init init(void) +static int __init ip6t_dst_init(void) { return ip6t_register_match(&opts_match); } -static void __exit cleanup(void) +static void __exit ip6t_dst_fini(void) { ip6t_unregister_match(&opts_match); } -module_init(init); -module_exit(cleanup); +module_init(ip6t_dst_init); +module_exit(ip6t_dst_fini); diff --git a/net/ipv6/netfilter/ip6t_esp.c b/net/ipv6/netfilter/ip6t_esp.c index 724285d..36bedad 100644 --- a/net/ipv6/netfilter/ip6t_esp.c +++ b/net/ipv6/netfilter/ip6t_esp.c @@ -44,6 +44,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -77,17 +78,13 @@ match(const struct sk_buff *skb, static int checkentry(const char *tablename, const void *ip, + const struct xt_match *match, void *matchinfo, unsigned int matchinfosize, unsigned int hook_mask) { const struct ip6t_esp *espinfo = matchinfo; - if (matchinfosize != IP6T_ALIGN(sizeof(struct ip6t_esp))) { - DEBUGP("ip6t_esp: matchsize %u != %u\n", - matchinfosize, IP6T_ALIGN(sizeof(struct ip6t_esp))); - return 0; - } if (espinfo->invflags & ~IP6T_ESP_INV_MASK) { DEBUGP("ip6t_esp: unknown flags %X\n", espinfo->invflags); @@ -98,20 +95,21 @@ checkentry(const char *tablename, static struct ip6t_match esp_match = { .name = "esp", - .match = &match, - .checkentry = &checkentry, + .match = match, + .matchsize = sizeof(struct ip6t_esp), + .checkentry = checkentry, .me = THIS_MODULE, }; -static int __init init(void) +static int __init ip6t_esp_init(void) { return ip6t_register_match(&esp_match); } -static void __exit cleanup(void) +static void __exit ip6t_esp_fini(void) { ip6t_unregister_match(&esp_match); } -module_init(init); -module_exit(cleanup); +module_init(ip6t_esp_init); +module_exit(ip6t_esp_fini); diff --git a/net/ipv6/netfilter/ip6t_eui64.c b/net/ipv6/netfilter/ip6t_eui64.c index 27396ac..94dbdb8 100644 --- a/net/ipv6/netfilter/ip6t_eui64.c +++ b/net/ipv6/netfilter/ip6t_eui64.c @@ -22,6 +22,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -60,42 +61,24 @@ match(const struct sk_buff *skb, return 0; } -static int -ip6t_eui64_checkentry(const char *tablename, - const void *ip, - void *matchinfo, - unsigned int matchsize, - unsigned int hook_mask) -{ - if (hook_mask - & ~((1 << NF_IP6_PRE_ROUTING) | (1 << NF_IP6_LOCAL_IN) | - (1 << NF_IP6_FORWARD))) { - printk("ip6t_eui64: only valid for PRE_ROUTING, LOCAL_IN or FORWARD.\n"); - return 0; - } - - if (matchsize != IP6T_ALIGN(sizeof(int))) - return 0; - - return 1; -} - static struct ip6t_match eui64_match = { .name = "eui64", - .match = &match, - .checkentry = &ip6t_eui64_checkentry, + .match = match, + .matchsize = sizeof(int), + .hooks = (1 << NF_IP6_PRE_ROUTING) | (1 << NF_IP6_LOCAL_IN) | + (1 << NF_IP6_FORWARD), .me = THIS_MODULE, }; -static int __init init(void) +static int __init ip6t_eui64_init(void) { return ip6t_register_match(&eui64_match); } -static void __exit fini(void) +static void __exit ip6t_eui64_fini(void) { ip6t_unregister_match(&eui64_match); } -module_init(init); -module_exit(fini); +module_init(ip6t_eui64_init); +module_exit(ip6t_eui64_fini); diff --git a/net/ipv6/netfilter/ip6t_frag.c b/net/ipv6/netfilter/ip6t_frag.c index 4c14125..06768c8 100644 --- a/net/ipv6/netfilter/ip6t_frag.c +++ b/net/ipv6/netfilter/ip6t_frag.c @@ -43,6 +43,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -116,41 +117,37 @@ match(const struct sk_buff *skb, static int checkentry(const char *tablename, const void *ip, + const struct xt_match *match, void *matchinfo, unsigned int matchinfosize, unsigned int hook_mask) { const struct ip6t_frag *fraginfo = matchinfo; - if (matchinfosize != IP6T_ALIGN(sizeof(struct ip6t_frag))) { - DEBUGP("ip6t_frag: matchsize %u != %u\n", - matchinfosize, IP6T_ALIGN(sizeof(struct ip6t_frag))); - return 0; - } if (fraginfo->invflags & ~IP6T_FRAG_INV_MASK) { DEBUGP("ip6t_frag: unknown flags %X\n", fraginfo->invflags); return 0; } - return 1; } static struct ip6t_match frag_match = { .name = "frag", - .match = &match, - .checkentry = &checkentry, + .match = match, + .matchsize = sizeof(struct ip6t_frag), + .checkentry = checkentry, .me = THIS_MODULE, }; -static int __init init(void) +static int __init ip6t_frag_init(void) { return ip6t_register_match(&frag_match); } -static void __exit cleanup(void) +static void __exit ip6t_frag_fini(void) { ip6t_unregister_match(&frag_match); } -module_init(init); -module_exit(cleanup); +module_init(ip6t_frag_init); +module_exit(ip6t_frag_fini); diff --git a/net/ipv6/netfilter/ip6t_hbh.c b/net/ipv6/netfilter/ip6t_hbh.c index 37a8474..374f1be 100644 --- a/net/ipv6/netfilter/ip6t_hbh.c +++ b/net/ipv6/netfilter/ip6t_hbh.c @@ -55,6 +55,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -179,22 +180,17 @@ match(const struct sk_buff *skb, static int checkentry(const char *tablename, const void *entry, + const struct xt_match *match, void *matchinfo, unsigned int matchinfosize, unsigned int hook_mask) { const struct ip6t_opts *optsinfo = matchinfo; - if (matchinfosize != IP6T_ALIGN(sizeof(struct ip6t_opts))) { - DEBUGP("ip6t_opts: matchsize %u != %u\n", - matchinfosize, IP6T_ALIGN(sizeof(struct ip6t_opts))); - return 0; - } if (optsinfo->invflags & ~IP6T_OPTS_INV_MASK) { DEBUGP("ip6t_opts: unknown flags %X\n", optsinfo->invflags); return 0; } - return 1; } @@ -204,20 +200,21 @@ static struct ip6t_match opts_match = { #else .name = "dst", #endif - .match = &match, - .checkentry = &checkentry, + .match = match, + .matchsize = sizeof(struct ip6t_opts), + .checkentry = checkentry, .me = THIS_MODULE, }; -static int __init init(void) +static int __init ip6t_hbh_init(void) { return ip6t_register_match(&opts_match); } -static void __exit cleanup(void) +static void __exit ip6t_hbh_fini(void) { ip6t_unregister_match(&opts_match); } -module_init(init); -module_exit(cleanup); +module_init(ip6t_hbh_init); +module_exit(ip6t_hbh_fini); diff --git a/net/ipv6/netfilter/ip6t_hl.c b/net/ipv6/netfilter/ip6t_hl.c index c5d9079..44a729e 100644 --- a/net/ipv6/netfilter/ip6t_hl.c +++ b/net/ipv6/netfilter/ip6t_hl.c @@ -18,10 +18,10 @@ MODULE_AUTHOR("Maciej Soltysiak <solt@dns.toxicfilms.tv>"); MODULE_DESCRIPTION("IP tables Hop Limit matching module"); MODULE_LICENSE("GPL"); -static int match(const struct sk_buff *skb, const struct net_device *in, - const struct net_device *out, const void *matchinfo, - int offset, unsigned int protoff, - int *hotdrop) +static int match(const struct sk_buff *skb, + const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, + int offset, unsigned int protoff, int *hotdrop) { const struct ip6t_hl_info *info = matchinfo; const struct ipv6hdr *ip6h = skb->nh.ipv6h; @@ -48,33 +48,23 @@ static int match(const struct sk_buff *skb, const struct net_device *in, return 0; } -static int checkentry(const char *tablename, const void *entry, - void *matchinfo, unsigned int matchsize, - unsigned int hook_mask) -{ - if (matchsize != IP6T_ALIGN(sizeof(struct ip6t_hl_info))) - return 0; - - return 1; -} - static struct ip6t_match hl_match = { .name = "hl", - .match = &match, - .checkentry = &checkentry, + .match = match, + .matchsize = sizeof(struct ip6t_hl_info), .me = THIS_MODULE, }; -static int __init init(void) +static int __init ip6t_hl_init(void) { return ip6t_register_match(&hl_match); } -static void __exit fini(void) +static void __exit ip6t_hl_fini(void) { ip6t_unregister_match(&hl_match); } -module_init(init); -module_exit(fini); +module_init(ip6t_hl_init); +module_exit(ip6t_hl_fini); diff --git a/net/ipv6/netfilter/ip6t_ipv6header.c b/net/ipv6/netfilter/ip6t_ipv6header.c index 83ad6b2..9375eeb 100644 --- a/net/ipv6/netfilter/ip6t_ipv6header.c +++ b/net/ipv6/netfilter/ip6t_ipv6header.c @@ -29,6 +29,7 @@ static int ipv6header_match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -125,17 +126,13 @@ ipv6header_match(const struct sk_buff *skb, static int ipv6header_checkentry(const char *tablename, const void *ip, + const struct xt_match *match, void *matchinfo, unsigned int matchsize, unsigned int hook_mask) { const struct ip6t_ipv6header_info *info = matchinfo; - /* Check for obvious errors */ - /* This match is valid in all hooks! */ - if (matchsize != IP6T_ALIGN(sizeof(struct ip6t_ipv6header_info))) - return 0; - /* invflags is 0 or 0xff in hard mode */ if ((!info->modeflag) && info->invflags != 0x00 && info->invflags != 0xFF) @@ -147,6 +144,7 @@ ipv6header_checkentry(const char *tablename, static struct ip6t_match ip6t_ipv6header_match = { .name = "ipv6header", .match = &ipv6header_match, + .matchsize = sizeof(struct ip6t_ipv6header_info), .checkentry = &ipv6header_checkentry, .destroy = NULL, .me = THIS_MODULE, diff --git a/net/ipv6/netfilter/ip6t_multiport.c b/net/ipv6/netfilter/ip6t_multiport.c index 49f7829..10c48ba 100644 --- a/net/ipv6/netfilter/ip6t_multiport.c +++ b/net/ipv6/netfilter/ip6t_multiport.c @@ -51,6 +51,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -85,6 +86,7 @@ match(const struct sk_buff *skb, static int checkentry(const char *tablename, const void *info, + const struct xt_match *match, void *matchinfo, unsigned int matchsize, unsigned int hook_mask) @@ -92,13 +94,9 @@ checkentry(const char *tablename, const struct ip6t_ip6 *ip = info; const struct ip6t_multiport *multiinfo = matchinfo; - if (matchsize != IP6T_ALIGN(sizeof(struct ip6t_multiport))) - return 0; - /* Must specify proto == TCP/UDP, no unknown flags or bad count */ return (ip->proto == IPPROTO_TCP || ip->proto == IPPROTO_UDP) && !(ip->invflags & IP6T_INV_PROTO) - && matchsize == IP6T_ALIGN(sizeof(struct ip6t_multiport)) && (multiinfo->flags == IP6T_MULTIPORT_SOURCE || multiinfo->flags == IP6T_MULTIPORT_DESTINATION || multiinfo->flags == IP6T_MULTIPORT_EITHER) @@ -107,20 +105,21 @@ checkentry(const char *tablename, static struct ip6t_match multiport_match = { .name = "multiport", - .match = &match, - .checkentry = &checkentry, + .match = match, + .matchsize = sizeof(struct ip6t_multiport), + .checkentry = checkentry, .me = THIS_MODULE, }; -static int __init init(void) +static int __init ip6t_multiport_init(void) { return ip6t_register_match(&multiport_match); } -static void __exit fini(void) +static void __exit ip6t_multiport_fini(void) { ip6t_unregister_match(&multiport_match); } -module_init(init); -module_exit(fini); +module_init(ip6t_multiport_init); +module_exit(ip6t_multiport_fini); diff --git a/net/ipv6/netfilter/ip6t_owner.c b/net/ipv6/netfilter/ip6t_owner.c index 8c8a4c7..5d04799 100644 --- a/net/ipv6/netfilter/ip6t_owner.c +++ b/net/ipv6/netfilter/ip6t_owner.c @@ -26,6 +26,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -54,46 +55,39 @@ match(const struct sk_buff *skb, static int checkentry(const char *tablename, const void *ip, + const struct xt_match *match, void *matchinfo, unsigned int matchsize, unsigned int hook_mask) { const struct ip6t_owner_info *info = matchinfo; - if (hook_mask - & ~((1 << NF_IP6_LOCAL_OUT) | (1 << NF_IP6_POST_ROUTING))) { - printk("ip6t_owner: only valid for LOCAL_OUT or POST_ROUTING.\n"); - return 0; - } - - if (matchsize != IP6T_ALIGN(sizeof(struct ip6t_owner_info))) - return 0; - if (info->match & (IP6T_OWNER_PID | IP6T_OWNER_SID)) { printk("ipt_owner: pid and sid matching " "not supported anymore\n"); return 0; } - return 1; } static struct ip6t_match owner_match = { .name = "owner", - .match = &match, - .checkentry = &checkentry, + .match = match, + .matchsize = sizeof(struct ip6t_owner_info), + .hooks = (1 << NF_IP6_LOCAL_OUT) | (1 << NF_IP6_POST_ROUTING), + .checkentry = checkentry, .me = THIS_MODULE, }; -static int __init init(void) +static int __init ip6t_owner_init(void) { return ip6t_register_match(&owner_match); } -static void __exit fini(void) +static void __exit ip6t_owner_fini(void) { ip6t_unregister_match(&owner_match); } -module_init(init); -module_exit(fini); +module_init(ip6t_owner_init); +module_exit(ip6t_owner_fini); diff --git a/net/ipv6/netfilter/ip6t_policy.c b/net/ipv6/netfilter/ip6t_policy.c deleted file mode 100644 index 3d39ec9..0000000 --- a/net/ipv6/netfilter/ip6t_policy.c +++ /dev/null @@ -1,176 +0,0 @@ -/* IP tables module for matching IPsec policy - * - * Copyright (c) 2004,2005 Patrick McHardy, <kaber@trash.net> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License version 2 as - * published by the Free Software Foundation. - */ - -#include <linux/kernel.h> -#include <linux/config.h> -#include <linux/module.h> -#include <linux/skbuff.h> -#include <linux/init.h> -#include <net/xfrm.h> - -#include <linux/netfilter_ipv6.h> -#include <linux/netfilter_ipv6/ip6_tables.h> -#include <linux/netfilter_ipv6/ip6t_policy.h> - -MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>"); -MODULE_DESCRIPTION("IPtables IPsec policy matching module"); -MODULE_LICENSE("GPL"); - - -static inline int -match_xfrm_state(struct xfrm_state *x, const struct ip6t_policy_elem *e) -{ -#define MATCH_ADDR(x,y,z) (!e->match.x || \ - ((!ip6_masked_addrcmp(&e->x.a6, &e->y.a6, z)) \ - ^ e->invert.x)) -#define MATCH(x,y) (!e->match.x || ((e->x == (y)) ^ e->invert.x)) - - return MATCH_ADDR(saddr, smask, (struct in6_addr *)&x->props.saddr.a6) && - MATCH_ADDR(daddr, dmask, (struct in6_addr *)&x->id.daddr.a6) && - MATCH(proto, x->id.proto) && - MATCH(mode, x->props.mode) && - MATCH(spi, x->id.spi) && - MATCH(reqid, x->props.reqid); -} - -static int -match_policy_in(const struct sk_buff *skb, const struct ip6t_policy_info *info) -{ - const struct ip6t_policy_elem *e; - struct sec_path *sp = skb->sp; - int strict = info->flags & IP6T_POLICY_MATCH_STRICT; - int i, pos; - - if (sp == NULL) - return -1; - if (strict && info->len != sp->len) - return 0; - - for (i = sp->len - 1; i >= 0; i--) { - pos = strict ? i - sp->len + 1 : 0; - if (pos >= info->len) - return 0; - e = &info->pol[pos]; - - if (match_xfrm_state(sp->x[i].xvec, e)) { - if (!strict) - return 1; - } else if (strict) - return 0; - } - - return strict ? 1 : 0; -} - -static int -match_policy_out(const struct sk_buff *skb, const struct ip6t_policy_info *info) -{ - const struct ip6t_policy_elem *e; - struct dst_entry *dst = skb->dst; - int strict = info->flags & IP6T_POLICY_MATCH_STRICT; - int i, pos; - - if (dst->xfrm == NULL) - return -1; - - for (i = 0; dst && dst->xfrm; dst = dst->child, i++) { - pos = strict ? i : 0; - if (pos >= info->len) - return 0; - e = &info->pol[pos]; - - if (match_xfrm_state(dst->xfrm, e)) { - if (!strict) - return 1; - } else if (strict) - return 0; - } - - return strict ? i == info->len : 0; -} - -static int match(const struct sk_buff *skb, - const struct net_device *in, - const struct net_device *out, - const void *matchinfo, - int offset, - unsigned int protoff, - int *hotdrop) -{ - const struct ip6t_policy_info *info = matchinfo; - int ret; - - if (info->flags & IP6T_POLICY_MATCH_IN) - ret = match_policy_in(skb, info); - else - ret = match_policy_out(skb, info); - - if (ret < 0) - ret = info->flags & IP6T_POLICY_MATCH_NONE ? 1 : 0; - else if (info->flags & IP6T_POLICY_MATCH_NONE) - ret = 0; - - return ret; -} - -static int checkentry(const char *tablename, const void *ip_void, - void *matchinfo, unsigned int matchsize, - unsigned int hook_mask) -{ - struct ip6t_policy_info *info = matchinfo; - - if (matchsize != IP6T_ALIGN(sizeof(*info))) { - printk(KERN_ERR "ip6t_policy: matchsize %u != %zu\n", - matchsize, IP6T_ALIGN(sizeof(*info))); - return 0; - } - if (!(info->flags & (IP6T_POLICY_MATCH_IN|IP6T_POLICY_MATCH_OUT))) { - printk(KERN_ERR "ip6t_policy: neither incoming nor " - "outgoing policy selected\n"); - return 0; - } - if (hook_mask & (1 << NF_IP6_PRE_ROUTING | 1 << NF_IP6_LOCAL_IN) - && info->flags & IP6T_POLICY_MATCH_OUT) { - printk(KERN_ERR "ip6t_policy: output policy not valid in " - "PRE_ROUTING and INPUT\n"); - return 0; - } - if (hook_mask & (1 << NF_IP6_POST_ROUTING | 1 << NF_IP6_LOCAL_OUT) - && info->flags & IP6T_POLICY_MATCH_IN) { - printk(KERN_ERR "ip6t_policy: input policy not valid in " - "POST_ROUTING and OUTPUT\n"); - return 0; - } - if (info->len > IP6T_POLICY_MAX_ELEM) { - printk(KERN_ERR "ip6t_policy: too many policy elements\n"); - return 0; - } - - return 1; -} - -static struct ip6t_match policy_match = { - .name = "policy", - .match = match, - .checkentry = checkentry, - .me = THIS_MODULE, -}; - -static int __init init(void) -{ - return ip6t_register_match(&policy_match); -} - -static void __exit fini(void) -{ - ip6t_unregister_match(&policy_match); -} - -module_init(init); -module_exit(fini); diff --git a/net/ipv6/netfilter/ip6t_rt.c b/net/ipv6/netfilter/ip6t_rt.c index 8f82476..fbb0184 100644 --- a/net/ipv6/netfilter/ip6t_rt.c +++ b/net/ipv6/netfilter/ip6t_rt.c @@ -45,6 +45,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -194,17 +195,13 @@ match(const struct sk_buff *skb, static int checkentry(const char *tablename, const void *entry, + const struct xt_match *match, void *matchinfo, unsigned int matchinfosize, unsigned int hook_mask) { const struct ip6t_rt *rtinfo = matchinfo; - if (matchinfosize != IP6T_ALIGN(sizeof(struct ip6t_rt))) { - DEBUGP("ip6t_rt: matchsize %u != %u\n", - matchinfosize, IP6T_ALIGN(sizeof(struct ip6t_rt))); - return 0; - } if (rtinfo->invflags & ~IP6T_RT_INV_MASK) { DEBUGP("ip6t_rt: unknown flags %X\n", rtinfo->invflags); return 0; @@ -222,20 +219,21 @@ checkentry(const char *tablename, static struct ip6t_match rt_match = { .name = "rt", - .match = &match, - .checkentry = &checkentry, + .match = match, + .matchsize = sizeof(struct ip6t_rt), + .checkentry = checkentry, .me = THIS_MODULE, }; -static int __init init(void) +static int __init ip6t_rt_init(void) { return ip6t_register_match(&rt_match); } -static void __exit cleanup(void) +static void __exit ip6t_rt_fini(void) { ip6t_unregister_match(&rt_match); } -module_init(init); -module_exit(cleanup); +module_init(ip6t_rt_init); +module_exit(ip6t_rt_fini); diff --git a/net/ipv6/netfilter/ip6table_filter.c b/net/ipv6/netfilter/ip6table_filter.c index ce4a968..e5e724d 100644 --- a/net/ipv6/netfilter/ip6table_filter.c +++ b/net/ipv6/netfilter/ip6table_filter.c @@ -159,7 +159,7 @@ static struct nf_hook_ops ip6t_ops[] = { static int forward = NF_ACCEPT; module_param(forward, bool, 0000); -static int __init init(void) +static int __init ip6table_filter_init(void) { int ret; @@ -201,7 +201,7 @@ static int __init init(void) return ret; } -static void __exit fini(void) +static void __exit ip6table_filter_fini(void) { unsigned int i; @@ -211,5 +211,5 @@ static void __exit fini(void) ip6t_unregister_table(&packet_filter); } -module_init(init); -module_exit(fini); +module_init(ip6table_filter_init); +module_exit(ip6table_filter_fini); diff --git a/net/ipv6/netfilter/ip6table_mangle.c b/net/ipv6/netfilter/ip6table_mangle.c index 30a4627..e1f0f6a 100644 --- a/net/ipv6/netfilter/ip6table_mangle.c +++ b/net/ipv6/netfilter/ip6table_mangle.c @@ -228,7 +228,7 @@ static struct nf_hook_ops ip6t_ops[] = { }, }; -static int __init init(void) +static int __init ip6table_mangle_init(void) { int ret; @@ -274,7 +274,7 @@ static int __init init(void) return ret; } -static void __exit fini(void) +static void __exit ip6table_mangle_fini(void) { unsigned int i; @@ -284,5 +284,5 @@ static void __exit fini(void) ip6t_unregister_table(&packet_mangler); } -module_init(init); -module_exit(fini); +module_init(ip6table_mangle_init); +module_exit(ip6table_mangle_fini); diff --git a/net/ipv6/netfilter/ip6table_raw.c b/net/ipv6/netfilter/ip6table_raw.c index db28ba3..54d1fff 100644 --- a/net/ipv6/netfilter/ip6table_raw.c +++ b/net/ipv6/netfilter/ip6table_raw.c @@ -142,7 +142,7 @@ static struct nf_hook_ops ip6t_ops[] = { }, }; -static int __init init(void) +static int __init ip6table_raw_init(void) { int ret; @@ -170,7 +170,7 @@ static int __init init(void) return ret; } -static void __exit fini(void) +static void __exit ip6table_raw_fini(void) { unsigned int i; @@ -180,6 +180,6 @@ static void __exit fini(void) ip6t_unregister_table(&packet_raw); } -module_init(init); -module_exit(fini); +module_init(ip6table_raw_init); +module_exit(ip6table_raw_fini); MODULE_LICENSE("GPL"); diff --git a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c index ac702a2..c8b5a96 100644 --- a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c +++ b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c @@ -179,31 +179,36 @@ static unsigned int ipv6_confirm(unsigned int hooknum, int (*okfn)(struct sk_buff *)) { struct nf_conn *ct; + struct nf_conn_help *help; enum ip_conntrack_info ctinfo; + unsigned int ret, protoff; + unsigned int extoff = (u8*)((*pskb)->nh.ipv6h + 1) + - (*pskb)->data; + unsigned char pnum = (*pskb)->nh.ipv6h->nexthdr; + /* This is where we call the helper: as the packet goes out. */ ct = nf_ct_get(*pskb, &ctinfo); - if (ct && ct->helper) { - unsigned int ret, protoff; - unsigned int extoff = (u8*)((*pskb)->nh.ipv6h + 1) - - (*pskb)->data; - unsigned char pnum = (*pskb)->nh.ipv6h->nexthdr; - - protoff = nf_ct_ipv6_skip_exthdr(*pskb, extoff, &pnum, - (*pskb)->len - extoff); - if (protoff < 0 || protoff > (*pskb)->len || - pnum == NEXTHDR_FRAGMENT) { - DEBUGP("proto header not found\n"); - return NF_ACCEPT; - } + if (!ct) + goto out; - ret = ct->helper->help(pskb, protoff, ct, ctinfo); - if (ret != NF_ACCEPT) - return ret; + help = nfct_help(ct); + if (!help || !help->helper) + goto out; + + protoff = nf_ct_ipv6_skip_exthdr(*pskb, extoff, &pnum, + (*pskb)->len - extoff); + if (protoff < 0 || protoff > (*pskb)->len || + pnum == NEXTHDR_FRAGMENT) { + DEBUGP("proto header not found\n"); + return NF_ACCEPT; } + ret = help->helper->help(pskb, protoff, ct, ctinfo); + if (ret != NF_ACCEPT) + return ret; +out: /* We've seen it coming out the other side: confirm it */ - return nf_conntrack_confirm(pskb); } @@ -579,19 +584,20 @@ static int init_or_cleanup(int init) return ret; } +MODULE_ALIAS("nf_conntrack-" __stringify(AF_INET6)); MODULE_LICENSE("GPL"); MODULE_AUTHOR("Yasuyuki KOZAKAI @USAGI <yasuyuki.kozakai@toshiba.co.jp>"); -static int __init init(void) +static int __init nf_conntrack_l3proto_ipv6_init(void) { need_conntrack(); return init_or_cleanup(1); } -static void __exit fini(void) +static void __exit nf_conntrack_l3proto_ipv6_fini(void) { init_or_cleanup(0); } -module_init(init); -module_exit(fini); +module_init(nf_conntrack_l3proto_ipv6_init); +module_exit(nf_conntrack_l3proto_ipv6_fini); diff --git a/net/ipv6/netfilter/nf_conntrack_reasm.c b/net/ipv6/netfilter/nf_conntrack_reasm.c index 84ef9a1..3e31903 100644 --- a/net/ipv6/netfilter/nf_conntrack_reasm.c +++ b/net/ipv6/netfilter/nf_conntrack_reasm.c @@ -313,8 +313,8 @@ static struct nf_ct_frag6_queue *nf_ct_frag6_intern(unsigned int hash, #ifdef CONFIG_SMP hlist_for_each_entry(fq, n, &nf_ct_frag6_hash[hash], list) { if (fq->id == fq_in->id && - !ipv6_addr_cmp(&fq_in->saddr, &fq->saddr) && - !ipv6_addr_cmp(&fq_in->daddr, &fq->daddr)) { + ipv6_addr_equal(&fq_in->saddr, &fq->saddr) && + ipv6_addr_equal(&fq_in->daddr, &fq->daddr)) { atomic_inc(&fq->refcnt); write_unlock(&nf_ct_frag6_lock); fq_in->last_in |= COMPLETE; @@ -376,8 +376,8 @@ fq_find(u32 id, struct in6_addr *src, struct in6_addr *dst) read_lock(&nf_ct_frag6_lock); hlist_for_each_entry(fq, n, &nf_ct_frag6_hash[hash], list) { if (fq->id == id && - !ipv6_addr_cmp(src, &fq->saddr) && - !ipv6_addr_cmp(dst, &fq->daddr)) { + ipv6_addr_equal(src, &fq->saddr) && + ipv6_addr_equal(dst, &fq->daddr)) { atomic_inc(&fq->refcnt); read_unlock(&nf_ct_frag6_lock); return fq; diff --git a/net/ipv6/raw.c b/net/ipv6/raw.c index ae20a0e..fa1ce0a 100644 --- a/net/ipv6/raw.c +++ b/net/ipv6/raw.c @@ -859,29 +859,12 @@ static int rawv6_geticmpfilter(struct sock *sk, int level, int optname, } -static int rawv6_setsockopt(struct sock *sk, int level, int optname, +static int do_rawv6_setsockopt(struct sock *sk, int level, int optname, char __user *optval, int optlen) { struct raw6_sock *rp = raw6_sk(sk); int val; - switch(level) { - case SOL_RAW: - break; - - case SOL_ICMPV6: - if (inet_sk(sk)->num != IPPROTO_ICMPV6) - return -EOPNOTSUPP; - return rawv6_seticmpfilter(sk, level, optname, optval, - optlen); - case SOL_IPV6: - if (optname == IPV6_CHECKSUM) - break; - default: - return ipv6_setsockopt(sk, level, optname, optval, - optlen); - }; - if (get_user(val, (int __user *)optval)) return -EFAULT; @@ -906,12 +889,9 @@ static int rawv6_setsockopt(struct sock *sk, int level, int optname, } } -static int rawv6_getsockopt(struct sock *sk, int level, int optname, - char __user *optval, int __user *optlen) +static int rawv6_setsockopt(struct sock *sk, int level, int optname, + char __user *optval, int optlen) { - struct raw6_sock *rp = raw6_sk(sk); - int val, len; - switch(level) { case SOL_RAW: break; @@ -919,15 +899,45 @@ static int rawv6_getsockopt(struct sock *sk, int level, int optname, case SOL_ICMPV6: if (inet_sk(sk)->num != IPPROTO_ICMPV6) return -EOPNOTSUPP; - return rawv6_geticmpfilter(sk, level, optname, optval, + return rawv6_seticmpfilter(sk, level, optname, optval, optlen); case SOL_IPV6: if (optname == IPV6_CHECKSUM) break; default: - return ipv6_getsockopt(sk, level, optname, optval, + return ipv6_setsockopt(sk, level, optname, optval, optlen); }; + return do_rawv6_setsockopt(sk, level, optname, optval, optlen); +} + +#ifdef CONFIG_COMPAT +static int compat_rawv6_setsockopt(struct sock *sk, int level, int optname, + char __user *optval, int optlen) +{ + switch (level) { + case SOL_RAW: + break; + case SOL_ICMPV6: + if (inet_sk(sk)->num != IPPROTO_ICMPV6) + return -EOPNOTSUPP; + return rawv6_seticmpfilter(sk, level, optname, optval, optlen); + case SOL_IPV6: + if (optname == IPV6_CHECKSUM) + break; + default: + return compat_ipv6_setsockopt(sk, level, optname, + optval, optlen); + }; + return do_rawv6_setsockopt(sk, level, optname, optval, optlen); +} +#endif + +static int do_rawv6_getsockopt(struct sock *sk, int level, int optname, + char __user *optval, int __user *optlen) +{ + struct raw6_sock *rp = raw6_sk(sk); + int val, len; if (get_user(len,optlen)) return -EFAULT; @@ -953,6 +963,50 @@ static int rawv6_getsockopt(struct sock *sk, int level, int optname, return 0; } +static int rawv6_getsockopt(struct sock *sk, int level, int optname, + char __user *optval, int __user *optlen) +{ + switch(level) { + case SOL_RAW: + break; + + case SOL_ICMPV6: + if (inet_sk(sk)->num != IPPROTO_ICMPV6) + return -EOPNOTSUPP; + return rawv6_geticmpfilter(sk, level, optname, optval, + optlen); + case SOL_IPV6: + if (optname == IPV6_CHECKSUM) + break; + default: + return ipv6_getsockopt(sk, level, optname, optval, + optlen); + }; + return do_rawv6_getsockopt(sk, level, optname, optval, optlen); +} + +#ifdef CONFIG_COMPAT +static int compat_rawv6_getsockopt(struct sock *sk, int level, int optname, + char __user *optval, int __user *optlen) +{ + switch (level) { + case SOL_RAW: + break; + case SOL_ICMPV6: + if (inet_sk(sk)->num != IPPROTO_ICMPV6) + return -EOPNOTSUPP; + return rawv6_geticmpfilter(sk, level, optname, optval, optlen); + case SOL_IPV6: + if (optname == IPV6_CHECKSUM) + break; + default: + return compat_ipv6_getsockopt(sk, level, optname, + optval, optlen); + }; + return do_rawv6_getsockopt(sk, level, optname, optval, optlen); +} +#endif + static int rawv6_ioctl(struct sock *sk, int cmd, unsigned long arg) { switch(cmd) { @@ -998,23 +1052,27 @@ static int rawv6_init_sk(struct sock *sk) } struct proto rawv6_prot = { - .name = "RAWv6", - .owner = THIS_MODULE, - .close = rawv6_close, - .connect = ip6_datagram_connect, - .disconnect = udp_disconnect, - .ioctl = rawv6_ioctl, - .init = rawv6_init_sk, - .destroy = inet6_destroy_sock, - .setsockopt = rawv6_setsockopt, - .getsockopt = rawv6_getsockopt, - .sendmsg = rawv6_sendmsg, - .recvmsg = rawv6_recvmsg, - .bind = rawv6_bind, - .backlog_rcv = rawv6_rcv_skb, - .hash = raw_v6_hash, - .unhash = raw_v6_unhash, - .obj_size = sizeof(struct raw6_sock), + .name = "RAWv6", + .owner = THIS_MODULE, + .close = rawv6_close, + .connect = ip6_datagram_connect, + .disconnect = udp_disconnect, + .ioctl = rawv6_ioctl, + .init = rawv6_init_sk, + .destroy = inet6_destroy_sock, + .setsockopt = rawv6_setsockopt, + .getsockopt = rawv6_getsockopt, + .sendmsg = rawv6_sendmsg, + .recvmsg = rawv6_recvmsg, + .bind = rawv6_bind, + .backlog_rcv = rawv6_rcv_skb, + .hash = raw_v6_hash, + .unhash = raw_v6_unhash, + .obj_size = sizeof(struct raw6_sock), +#ifdef CONFIG_COMPAT + .compat_setsockopt = compat_rawv6_setsockopt, + .compat_getsockopt = compat_rawv6_getsockopt, +#endif }; #ifdef CONFIG_PROC_FS @@ -1140,7 +1198,7 @@ static int raw6_seq_open(struct inode *inode, struct file *file) { struct seq_file *seq; int rc = -ENOMEM; - struct raw6_iter_state *s = kmalloc(sizeof(*s), GFP_KERNEL); + struct raw6_iter_state *s = kzalloc(sizeof(*s), GFP_KERNEL); if (!s) goto out; rc = seq_open(file, &raw6_seq_ops); @@ -1148,7 +1206,6 @@ static int raw6_seq_open(struct inode *inode, struct file *file) goto out_kfree; seq = file->private_data; seq->private = s; - memset(s, 0, sizeof(*s)); out: return rc; out_kfree: diff --git a/net/ipv6/reassembly.c b/net/ipv6/reassembly.c index 15e1456..b67a45f 100644 --- a/net/ipv6/reassembly.c +++ b/net/ipv6/reassembly.c @@ -203,7 +203,7 @@ static inline void frag_free_queue(struct frag_queue *fq, int *work) static inline struct frag_queue *frag_alloc_queue(void) { - struct frag_queue *fq = kmalloc(sizeof(struct frag_queue), GFP_ATOMIC); + struct frag_queue *fq = kzalloc(sizeof(struct frag_queue), GFP_ATOMIC); if(!fq) return NULL; @@ -288,6 +288,7 @@ static void ip6_evictor(void) static void ip6_frag_expire(unsigned long data) { struct frag_queue *fq = (struct frag_queue *) data; + struct net_device *dev; spin_lock(&fq->lock); @@ -299,22 +300,22 @@ static void ip6_frag_expire(unsigned long data) IP6_INC_STATS_BH(IPSTATS_MIB_REASMTIMEOUT); IP6_INC_STATS_BH(IPSTATS_MIB_REASMFAILS); - /* Send error only if the first segment arrived. */ - if (fq->last_in&FIRST_IN && fq->fragments) { - struct net_device *dev = dev_get_by_index(fq->iif); + /* Don't send error if the first segment did not arrive. */ + if (!(fq->last_in&FIRST_IN) || !fq->fragments) + goto out; - /* - But use as source device on which LAST ARRIVED - segment was received. And do not use fq->dev - pointer directly, device might already disappeared. - */ - if (dev) { - fq->fragments->dev = dev; - icmpv6_send(fq->fragments, ICMPV6_TIME_EXCEED, ICMPV6_EXC_FRAGTIME, 0, - dev); - dev_put(dev); - } - } + dev = dev_get_by_index(fq->iif); + if (!dev) + goto out; + + /* + But use as source device on which LAST ARRIVED + segment was received. And do not use fq->dev + pointer directly, device might already disappeared. + */ + fq->fragments->dev = dev; + icmpv6_send(fq->fragments, ICMPV6_TIME_EXCEED, ICMPV6_EXC_FRAGTIME, 0, dev); + dev_put(dev); out: spin_unlock(&fq->lock); fq_put(fq, NULL); @@ -368,8 +369,6 @@ ip6_frag_create(unsigned int hash, u32 id, struct in6_addr *src, struct in6_addr if ((fq = frag_alloc_queue()) == NULL) goto oom; - memset(fq, 0, sizeof(struct frag_queue)); - fq->id = id; ipv6_addr_copy(&fq->saddr, src); ipv6_addr_copy(&fq->daddr, dst); diff --git a/net/ipv6/route.c b/net/ipv6/route.c index e0d3ad0..7907874 100644 --- a/net/ipv6/route.c +++ b/net/ipv6/route.c @@ -72,6 +72,10 @@ #define RT6_TRACE(x...) do { ; } while (0) #endif +#define CLONE_OFFLINK_ROUTE 0 + +#define RT6_SELECT_F_IFACE 0x1 +#define RT6_SELECT_F_REACHABLE 0x2 static int ip6_rt_max_size = 4096; static int ip6_rt_gc_min_interval = HZ / 2; @@ -94,6 +98,14 @@ static int ip6_pkt_discard_out(struct sk_buff *skb); static void ip6_link_failure(struct sk_buff *skb); static void ip6_rt_update_pmtu(struct dst_entry *dst, u32 mtu); +#ifdef CONFIG_IPV6_ROUTE_INFO +static struct rt6_info *rt6_add_route_info(struct in6_addr *prefix, int prefixlen, + struct in6_addr *gwaddr, int ifindex, + unsigned pref); +static struct rt6_info *rt6_get_route_info(struct in6_addr *prefix, int prefixlen, + struct in6_addr *gwaddr, int ifindex); +#endif + static struct dst_ops ip6_dst_ops = { .family = AF_INET6, .protocol = __constant_htons(ETH_P_IPV6), @@ -214,150 +226,211 @@ static __inline__ struct rt6_info *rt6_device_match(struct rt6_info *rt, return rt; } +#ifdef CONFIG_IPV6_ROUTER_PREF +static void rt6_probe(struct rt6_info *rt) +{ + struct neighbour *neigh = rt ? rt->rt6i_nexthop : NULL; + /* + * Okay, this does not seem to be appropriate + * for now, however, we need to check if it + * is really so; aka Router Reachability Probing. + * + * Router Reachability Probe MUST be rate-limited + * to no more than one per minute. + */ + if (!neigh || (neigh->nud_state & NUD_VALID)) + return; + read_lock_bh(&neigh->lock); + if (!(neigh->nud_state & NUD_VALID) && + time_after(jiffies, neigh->updated + rt->rt6i_idev->cnf.rtr_probe_interval)) { + struct in6_addr mcaddr; + struct in6_addr *target; + + neigh->updated = jiffies; + read_unlock_bh(&neigh->lock); + + target = (struct in6_addr *)&neigh->primary_key; + addrconf_addr_solict_mult(target, &mcaddr); + ndisc_send_ns(rt->rt6i_dev, NULL, target, &mcaddr, NULL); + } else + read_unlock_bh(&neigh->lock); +} +#else +static inline void rt6_probe(struct rt6_info *rt) +{ + return; +} +#endif + /* - * pointer to the last default router chosen. BH is disabled locally. + * Default Router Selection (RFC 2461 6.3.6) */ -static struct rt6_info *rt6_dflt_pointer; -static DEFINE_SPINLOCK(rt6_dflt_lock); +static int inline rt6_check_dev(struct rt6_info *rt, int oif) +{ + struct net_device *dev = rt->rt6i_dev; + if (!oif || dev->ifindex == oif) + return 2; + if ((dev->flags & IFF_LOOPBACK) && + rt->rt6i_idev && rt->rt6i_idev->dev->ifindex == oif) + return 1; + return 0; +} -void rt6_reset_dflt_pointer(struct rt6_info *rt) +static int inline rt6_check_neigh(struct rt6_info *rt) { - spin_lock_bh(&rt6_dflt_lock); - if (rt == NULL || rt == rt6_dflt_pointer) { - RT6_TRACE("reset default router: %p->NULL\n", rt6_dflt_pointer); - rt6_dflt_pointer = NULL; + struct neighbour *neigh = rt->rt6i_nexthop; + int m = 0; + if (neigh) { + read_lock_bh(&neigh->lock); + if (neigh->nud_state & NUD_VALID) + m = 1; + read_unlock_bh(&neigh->lock); } - spin_unlock_bh(&rt6_dflt_lock); + return m; } -/* Default Router Selection (RFC 2461 6.3.6) */ -static struct rt6_info *rt6_best_dflt(struct rt6_info *rt, int oif) +static int rt6_score_route(struct rt6_info *rt, int oif, + int strict) { - struct rt6_info *match = NULL; - struct rt6_info *sprt; - int mpri = 0; - - for (sprt = rt; sprt; sprt = sprt->u.next) { - struct neighbour *neigh; - int m = 0; - - if (!oif || - (sprt->rt6i_dev && - sprt->rt6i_dev->ifindex == oif)) - m += 8; + int m = rt6_check_dev(rt, oif); + if (!m && (strict & RT6_SELECT_F_IFACE)) + return -1; +#ifdef CONFIG_IPV6_ROUTER_PREF + m |= IPV6_DECODE_PREF(IPV6_EXTRACT_PREF(rt->rt6i_flags)) << 2; +#endif + if (rt6_check_neigh(rt)) + m |= 16; + else if (strict & RT6_SELECT_F_REACHABLE) + return -1; + return m; +} - if (rt6_check_expired(sprt)) - continue; +static struct rt6_info *rt6_select(struct rt6_info **head, int oif, + int strict) +{ + struct rt6_info *match = NULL, *last = NULL; + struct rt6_info *rt, *rt0 = *head; + u32 metric; + int mpri = -1; - if (sprt == rt6_dflt_pointer) - m += 4; + RT6_TRACE("%s(head=%p(*head=%p), oif=%d)\n", + __FUNCTION__, head, head ? *head : NULL, oif); - if ((neigh = sprt->rt6i_nexthop) != NULL) { - read_lock_bh(&neigh->lock); - switch (neigh->nud_state) { - case NUD_REACHABLE: - m += 3; - break; + for (rt = rt0, metric = rt0->rt6i_metric; + rt && rt->rt6i_metric == metric; + rt = rt->u.next) { + int m; - case NUD_STALE: - case NUD_DELAY: - case NUD_PROBE: - m += 2; - break; + if (rt6_check_expired(rt)) + continue; - case NUD_NOARP: - case NUD_PERMANENT: - m += 1; - break; + last = rt; - case NUD_INCOMPLETE: - default: - read_unlock_bh(&neigh->lock); - continue; - } - read_unlock_bh(&neigh->lock); - } else { + m = rt6_score_route(rt, oif, strict); + if (m < 0) continue; - } - if (m > mpri || m >= 12) { - match = sprt; + if (m > mpri) { + rt6_probe(match); + match = rt; mpri = m; - if (m >= 12) { - /* we choose the last default router if it - * is in (probably) reachable state. - * If route changed, we should do pmtu - * discovery. --yoshfuji - */ - break; - } + } else { + rt6_probe(rt); } } - spin_lock(&rt6_dflt_lock); - if (!match) { - /* - * No default routers are known to be reachable. - * SHOULD round robin - */ - if (rt6_dflt_pointer) { - for (sprt = rt6_dflt_pointer->u.next; - sprt; sprt = sprt->u.next) { - if (sprt->u.dst.obsolete <= 0 && - sprt->u.dst.error == 0 && - !rt6_check_expired(sprt)) { - match = sprt; - break; - } - } - for (sprt = rt; - !match && sprt; - sprt = sprt->u.next) { - if (sprt->u.dst.obsolete <= 0 && - sprt->u.dst.error == 0 && - !rt6_check_expired(sprt)) { - match = sprt; - break; - } - if (sprt == rt6_dflt_pointer) - break; - } - } + if (!match && + (strict & RT6_SELECT_F_REACHABLE) && + last && last != rt0) { + /* no entries matched; do round-robin */ + *head = rt0->u.next; + rt0->u.next = last->u.next; + last->u.next = rt0; } - if (match) { - if (rt6_dflt_pointer != match) - RT6_TRACE("changed default router: %p->%p\n", - rt6_dflt_pointer, match); - rt6_dflt_pointer = match; + RT6_TRACE("%s() => %p, score=%d\n", + __FUNCTION__, match, mpri); + + return (match ? match : &ip6_null_entry); +} + +#ifdef CONFIG_IPV6_ROUTE_INFO +int rt6_route_rcv(struct net_device *dev, u8 *opt, int len, + struct in6_addr *gwaddr) +{ + struct route_info *rinfo = (struct route_info *) opt; + struct in6_addr prefix_buf, *prefix; + unsigned int pref; + u32 lifetime; + struct rt6_info *rt; + + if (len < sizeof(struct route_info)) { + return -EINVAL; } - spin_unlock(&rt6_dflt_lock); - if (!match) { - /* - * Last Resort: if no default routers found, - * use addrconf default route. - * We don't record this route. - */ - for (sprt = ip6_routing_table.leaf; - sprt; sprt = sprt->u.next) { - if (!rt6_check_expired(sprt) && - (sprt->rt6i_flags & RTF_DEFAULT) && - (!oif || - (sprt->rt6i_dev && - sprt->rt6i_dev->ifindex == oif))) { - match = sprt; - break; - } + /* Sanity check for prefix_len and length */ + if (rinfo->length > 3) { + return -EINVAL; + } else if (rinfo->prefix_len > 128) { + return -EINVAL; + } else if (rinfo->prefix_len > 64) { + if (rinfo->length < 2) { + return -EINVAL; } - if (!match) { - /* no default route. give up. */ - match = &ip6_null_entry; + } else if (rinfo->prefix_len > 0) { + if (rinfo->length < 1) { + return -EINVAL; } } - return match; + pref = rinfo->route_pref; + if (pref == ICMPV6_ROUTER_PREF_INVALID) + pref = ICMPV6_ROUTER_PREF_MEDIUM; + + lifetime = htonl(rinfo->lifetime); + if (lifetime == 0xffffffff) { + /* infinity */ + } else if (lifetime > 0x7fffffff/HZ) { + /* Avoid arithmetic overflow */ + lifetime = 0x7fffffff/HZ - 1; + } + + if (rinfo->length == 3) + prefix = (struct in6_addr *)rinfo->prefix; + else { + /* this function is safe */ + ipv6_addr_prefix(&prefix_buf, + (struct in6_addr *)rinfo->prefix, + rinfo->prefix_len); + prefix = &prefix_buf; + } + + rt = rt6_get_route_info(prefix, rinfo->prefix_len, gwaddr, dev->ifindex); + + if (rt && !lifetime) { + ip6_del_rt(rt, NULL, NULL, NULL); + rt = NULL; + } + + if (!rt && lifetime) + rt = rt6_add_route_info(prefix, rinfo->prefix_len, gwaddr, dev->ifindex, + pref); + else if (rt) + rt->rt6i_flags = RTF_ROUTEINFO | + (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref); + + if (rt) { + if (lifetime == 0xffffffff) { + rt->rt6i_flags &= ~RTF_EXPIRES; + } else { + rt->rt6i_expires = jiffies + HZ * lifetime; + rt->rt6i_flags |= RTF_EXPIRES; + } + dst_release(&rt->u.dst); + } + return 0; } +#endif struct rt6_info *rt6_lookup(struct in6_addr *daddr, struct in6_addr *saddr, int oif, int strict) @@ -397,14 +470,9 @@ int ip6_ins_rt(struct rt6_info *rt, struct nlmsghdr *nlh, return err; } -/* No rt6_lock! If COW failed, the function returns dead route entry - with dst->error set to errno value. - */ - -static struct rt6_info *rt6_cow(struct rt6_info *ort, struct in6_addr *daddr, - struct in6_addr *saddr, struct netlink_skb_parms *req) +static struct rt6_info *rt6_alloc_cow(struct rt6_info *ort, struct in6_addr *daddr, + struct in6_addr *saddr) { - int err; struct rt6_info *rt; /* @@ -435,25 +503,30 @@ static struct rt6_info *rt6_cow(struct rt6_info *ort, struct in6_addr *daddr, rt->rt6i_nexthop = ndisc_get_neigh(rt->rt6i_dev, &rt->rt6i_gateway); - dst_hold(&rt->u.dst); - - err = ip6_ins_rt(rt, NULL, NULL, req); - if (err == 0) - return rt; + } - rt->u.dst.error = err; + return rt; +} - return rt; +static struct rt6_info *rt6_alloc_clone(struct rt6_info *ort, struct in6_addr *daddr) +{ + struct rt6_info *rt = ip6_rt_copy(ort); + if (rt) { + ipv6_addr_copy(&rt->rt6i_dst.addr, daddr); + rt->rt6i_dst.plen = 128; + rt->rt6i_flags |= RTF_CACHE; + if (rt->rt6i_flags & RTF_REJECT) + rt->u.dst.error = ort->u.dst.error; + rt->u.dst.flags |= DST_HOST; + rt->rt6i_nexthop = neigh_clone(ort->rt6i_nexthop); } - dst_hold(&ip6_null_entry.u.dst); - return &ip6_null_entry; + return rt; } #define BACKTRACK() \ -if (rt == &ip6_null_entry && strict) { \ +if (rt == &ip6_null_entry) { \ while ((fn = fn->parent) != NULL) { \ if (fn->fn_flags & RTN_ROOT) { \ - dst_hold(&rt->u.dst); \ goto out; \ } \ if (fn->fn_flags & RTN_RTINFO) \ @@ -465,115 +538,138 @@ if (rt == &ip6_null_entry && strict) { \ void ip6_route_input(struct sk_buff *skb) { struct fib6_node *fn; - struct rt6_info *rt; + struct rt6_info *rt, *nrt; int strict; int attempts = 3; + int err; + int reachable = RT6_SELECT_F_REACHABLE; - strict = ipv6_addr_type(&skb->nh.ipv6h->daddr) & (IPV6_ADDR_MULTICAST|IPV6_ADDR_LINKLOCAL); + strict = ipv6_addr_type(&skb->nh.ipv6h->daddr) & (IPV6_ADDR_MULTICAST|IPV6_ADDR_LINKLOCAL) ? RT6_SELECT_F_IFACE : 0; relookup: read_lock_bh(&rt6_lock); +restart_2: fn = fib6_lookup(&ip6_routing_table, &skb->nh.ipv6h->daddr, &skb->nh.ipv6h->saddr); restart: - rt = fn->leaf; - - if ((rt->rt6i_flags & RTF_CACHE)) { - rt = rt6_device_match(rt, skb->dev->ifindex, strict); - BACKTRACK(); - dst_hold(&rt->u.dst); - goto out; - } - - rt = rt6_device_match(rt, skb->dev->ifindex, strict); + rt = rt6_select(&fn->leaf, skb->dev->ifindex, strict | reachable); BACKTRACK(); + if (rt == &ip6_null_entry || + rt->rt6i_flags & RTF_CACHE) + goto out; - if (!rt->rt6i_nexthop && !(rt->rt6i_flags & RTF_NONEXTHOP)) { - struct rt6_info *nrt; - dst_hold(&rt->u.dst); - read_unlock_bh(&rt6_lock); + dst_hold(&rt->u.dst); + read_unlock_bh(&rt6_lock); - nrt = rt6_cow(rt, &skb->nh.ipv6h->daddr, - &skb->nh.ipv6h->saddr, - &NETLINK_CB(skb)); + if (!rt->rt6i_nexthop && !(rt->rt6i_flags & RTF_NONEXTHOP)) + nrt = rt6_alloc_cow(rt, &skb->nh.ipv6h->daddr, &skb->nh.ipv6h->saddr); + else { +#if CLONE_OFFLINK_ROUTE + nrt = rt6_alloc_clone(rt, &skb->nh.ipv6h->daddr); +#else + goto out2; +#endif + } - dst_release(&rt->u.dst); - rt = nrt; + dst_release(&rt->u.dst); + rt = nrt ? : &ip6_null_entry; - if (rt->u.dst.error != -EEXIST || --attempts <= 0) + dst_hold(&rt->u.dst); + if (nrt) { + err = ip6_ins_rt(nrt, NULL, NULL, &NETLINK_CB(skb)); + if (!err) goto out2; - - /* Race condition! In the gap, when rt6_lock was - released someone could insert this route. Relookup. - */ - dst_release(&rt->u.dst); - goto relookup; } - dst_hold(&rt->u.dst); + + if (--attempts <= 0) + goto out2; + + /* + * Race condition! In the gap, when rt6_lock was + * released someone could insert this route. Relookup. + */ + dst_release(&rt->u.dst); + goto relookup; out: + if (reachable) { + reachable = 0; + goto restart_2; + } + dst_hold(&rt->u.dst); read_unlock_bh(&rt6_lock); out2: rt->u.dst.lastuse = jiffies; rt->u.dst.__use++; skb->dst = (struct dst_entry *) rt; + return; } struct dst_entry * ip6_route_output(struct sock *sk, struct flowi *fl) { struct fib6_node *fn; - struct rt6_info *rt; + struct rt6_info *rt, *nrt; int strict; int attempts = 3; + int err; + int reachable = RT6_SELECT_F_REACHABLE; - strict = ipv6_addr_type(&fl->fl6_dst) & (IPV6_ADDR_MULTICAST|IPV6_ADDR_LINKLOCAL); + strict = ipv6_addr_type(&fl->fl6_dst) & (IPV6_ADDR_MULTICAST|IPV6_ADDR_LINKLOCAL) ? RT6_SELECT_F_IFACE : 0; relookup: read_lock_bh(&rt6_lock); +restart_2: fn = fib6_lookup(&ip6_routing_table, &fl->fl6_dst, &fl->fl6_src); restart: - rt = fn->leaf; - - if ((rt->rt6i_flags & RTF_CACHE)) { - rt = rt6_device_match(rt, fl->oif, strict); - BACKTRACK(); - dst_hold(&rt->u.dst); + rt = rt6_select(&fn->leaf, fl->oif, strict | reachable); + BACKTRACK(); + if (rt == &ip6_null_entry || + rt->rt6i_flags & RTF_CACHE) goto out; - } - if (rt->rt6i_flags & RTF_DEFAULT) { - if (rt->rt6i_metric >= IP6_RT_PRIO_ADDRCONF) - rt = rt6_best_dflt(rt, fl->oif); - } else { - rt = rt6_device_match(rt, fl->oif, strict); - BACKTRACK(); - } - if (!rt->rt6i_nexthop && !(rt->rt6i_flags & RTF_NONEXTHOP)) { - struct rt6_info *nrt; - dst_hold(&rt->u.dst); - read_unlock_bh(&rt6_lock); + dst_hold(&rt->u.dst); + read_unlock_bh(&rt6_lock); - nrt = rt6_cow(rt, &fl->fl6_dst, &fl->fl6_src, NULL); + if (!rt->rt6i_nexthop && !(rt->rt6i_flags & RTF_NONEXTHOP)) + nrt = rt6_alloc_cow(rt, &fl->fl6_dst, &fl->fl6_src); + else { +#if CLONE_OFFLINK_ROUTE + nrt = rt6_alloc_clone(rt, &fl->fl6_dst); +#else + goto out2; +#endif + } - dst_release(&rt->u.dst); - rt = nrt; + dst_release(&rt->u.dst); + rt = nrt ? : &ip6_null_entry; - if (rt->u.dst.error != -EEXIST || --attempts <= 0) + dst_hold(&rt->u.dst); + if (nrt) { + err = ip6_ins_rt(nrt, NULL, NULL, NULL); + if (!err) goto out2; - - /* Race condition! In the gap, when rt6_lock was - released someone could insert this route. Relookup. - */ - dst_release(&rt->u.dst); - goto relookup; } - dst_hold(&rt->u.dst); + + if (--attempts <= 0) + goto out2; + + /* + * Race condition! In the gap, when rt6_lock was + * released someone could insert this route. Relookup. + */ + dst_release(&rt->u.dst); + goto relookup; out: + if (reachable) { + reachable = 0; + goto restart_2; + } + dst_hold(&rt->u.dst); read_unlock_bh(&rt6_lock); out2: rt->u.dst.lastuse = jiffies; @@ -999,8 +1095,6 @@ int ip6_del_rt(struct rt6_info *rt, struct nlmsghdr *nlh, void *_rtattr, struct write_lock_bh(&rt6_lock); - rt6_reset_dflt_pointer(NULL); - err = fib6_del(rt, nlh, _rtattr, req); dst_release(&rt->u.dst); @@ -1050,59 +1144,63 @@ static int ip6_route_del(struct in6_rtmsg *rtmsg, struct nlmsghdr *nlh, void *_r void rt6_redirect(struct in6_addr *dest, struct in6_addr *saddr, struct neighbour *neigh, u8 *lladdr, int on_link) { - struct rt6_info *rt, *nrt; - - /* Locate old route to this destination. */ - rt = rt6_lookup(dest, NULL, neigh->dev->ifindex, 1); - - if (rt == NULL) - return; - - if (neigh->dev != rt->rt6i_dev) - goto out; + struct rt6_info *rt, *nrt = NULL; + int strict; + struct fib6_node *fn; /* - * Current route is on-link; redirect is always invalid. - * - * Seems, previous statement is not true. It could - * be node, which looks for us as on-link (f.e. proxy ndisc) - * But then router serving it might decide, that we should - * know truth 8)8) --ANK (980726). + * Get the "current" route for this destination and + * check if the redirect has come from approriate router. + * + * RFC 2461 specifies that redirects should only be + * accepted if they come from the nexthop to the target. + * Due to the way the routes are chosen, this notion + * is a bit fuzzy and one might need to check all possible + * routes. */ - if (!(rt->rt6i_flags&RTF_GATEWAY)) - goto out; + strict = ipv6_addr_type(dest) & (IPV6_ADDR_MULTICAST | IPV6_ADDR_LINKLOCAL); - /* - * RFC 2461 specifies that redirects should only be - * accepted if they come from the nexthop to the target. - * Due to the way default routers are chosen, this notion - * is a bit fuzzy and one might need to check all default - * routers. - */ - if (!ipv6_addr_equal(saddr, &rt->rt6i_gateway)) { - if (rt->rt6i_flags & RTF_DEFAULT) { - struct rt6_info *rt1; - - read_lock(&rt6_lock); - for (rt1 = ip6_routing_table.leaf; rt1; rt1 = rt1->u.next) { - if (ipv6_addr_equal(saddr, &rt1->rt6i_gateway)) { - dst_hold(&rt1->u.dst); - dst_release(&rt->u.dst); - read_unlock(&rt6_lock); - rt = rt1; - goto source_ok; - } - } - read_unlock(&rt6_lock); + read_lock_bh(&rt6_lock); + fn = fib6_lookup(&ip6_routing_table, dest, NULL); +restart: + for (rt = fn->leaf; rt; rt = rt->u.next) { + /* + * Current route is on-link; redirect is always invalid. + * + * Seems, previous statement is not true. It could + * be node, which looks for us as on-link (f.e. proxy ndisc) + * But then router serving it might decide, that we should + * know truth 8)8) --ANK (980726). + */ + if (rt6_check_expired(rt)) + continue; + if (!(rt->rt6i_flags & RTF_GATEWAY)) + continue; + if (neigh->dev != rt->rt6i_dev) + continue; + if (!ipv6_addr_equal(saddr, &rt->rt6i_gateway)) + continue; + break; + } + if (rt) + dst_hold(&rt->u.dst); + else if (strict) { + while ((fn = fn->parent) != NULL) { + if (fn->fn_flags & RTN_ROOT) + break; + if (fn->fn_flags & RTN_RTINFO) + goto restart; } + } + read_unlock_bh(&rt6_lock); + + if (!rt) { if (net_ratelimit()) printk(KERN_DEBUG "rt6_redirect: source isn't a valid nexthop " "for redirect target\n"); - goto out; + return; } -source_ok: - /* * We have finally decided to accept it. */ @@ -1210,38 +1308,27 @@ void rt6_pmtu_discovery(struct in6_addr *daddr, struct in6_addr *saddr, 1. It is connected route. Action: COW 2. It is gatewayed route or NONEXTHOP route. Action: clone it. */ - if (!rt->rt6i_nexthop && !(rt->rt6i_flags & RTF_NONEXTHOP)) { - nrt = rt6_cow(rt, daddr, saddr, NULL); - if (!nrt->u.dst.error) { - nrt->u.dst.metrics[RTAX_MTU-1] = pmtu; - if (allfrag) - nrt->u.dst.metrics[RTAX_FEATURES-1] |= RTAX_FEATURE_ALLFRAG; - /* According to RFC 1981, detecting PMTU increase shouldn't be - happened within 5 mins, the recommended timer is 10 mins. - Here this route expiration time is set to ip6_rt_mtu_expires - which is 10 mins. After 10 mins the decreased pmtu is expired - and detecting PMTU increase will be automatically happened. - */ - dst_set_expires(&nrt->u.dst, ip6_rt_mtu_expires); - nrt->rt6i_flags |= RTF_DYNAMIC|RTF_EXPIRES; - } - dst_release(&nrt->u.dst); - } else { - nrt = ip6_rt_copy(rt); - if (nrt == NULL) - goto out; - ipv6_addr_copy(&nrt->rt6i_dst.addr, daddr); - nrt->rt6i_dst.plen = 128; - nrt->u.dst.flags |= DST_HOST; - nrt->rt6i_nexthop = neigh_clone(rt->rt6i_nexthop); - dst_set_expires(&nrt->u.dst, ip6_rt_mtu_expires); - nrt->rt6i_flags |= RTF_DYNAMIC|RTF_CACHE|RTF_EXPIRES; + if (!rt->rt6i_nexthop && !(rt->rt6i_flags & RTF_NONEXTHOP)) + nrt = rt6_alloc_cow(rt, daddr, saddr); + else + nrt = rt6_alloc_clone(rt, daddr); + + if (nrt) { nrt->u.dst.metrics[RTAX_MTU-1] = pmtu; if (allfrag) nrt->u.dst.metrics[RTAX_FEATURES-1] |= RTAX_FEATURE_ALLFRAG; + + /* According to RFC 1981, detecting PMTU increase shouldn't be + * happened within 5 mins, the recommended timer is 10 mins. + * Here this route expiration time is set to ip6_rt_mtu_expires + * which is 10 mins. After 10 mins the decreased pmtu is expired + * and detecting PMTU increase will be automatically happened. + */ + dst_set_expires(&nrt->u.dst, ip6_rt_mtu_expires); + nrt->rt6i_flags |= RTF_DYNAMIC|RTF_EXPIRES; + ip6_ins_rt(nrt, NULL, NULL, NULL); } - out: dst_release(&rt->u.dst); } @@ -1280,6 +1367,57 @@ static struct rt6_info * ip6_rt_copy(struct rt6_info *ort) return rt; } +#ifdef CONFIG_IPV6_ROUTE_INFO +static struct rt6_info *rt6_get_route_info(struct in6_addr *prefix, int prefixlen, + struct in6_addr *gwaddr, int ifindex) +{ + struct fib6_node *fn; + struct rt6_info *rt = NULL; + + write_lock_bh(&rt6_lock); + fn = fib6_locate(&ip6_routing_table, prefix ,prefixlen, NULL, 0); + if (!fn) + goto out; + + for (rt = fn->leaf; rt; rt = rt->u.next) { + if (rt->rt6i_dev->ifindex != ifindex) + continue; + if ((rt->rt6i_flags & (RTF_ROUTEINFO|RTF_GATEWAY)) != (RTF_ROUTEINFO|RTF_GATEWAY)) + continue; + if (!ipv6_addr_equal(&rt->rt6i_gateway, gwaddr)) + continue; + dst_hold(&rt->u.dst); + break; + } +out: + write_unlock_bh(&rt6_lock); + return rt; +} + +static struct rt6_info *rt6_add_route_info(struct in6_addr *prefix, int prefixlen, + struct in6_addr *gwaddr, int ifindex, + unsigned pref) +{ + struct in6_rtmsg rtmsg; + + memset(&rtmsg, 0, sizeof(rtmsg)); + rtmsg.rtmsg_type = RTMSG_NEWROUTE; + ipv6_addr_copy(&rtmsg.rtmsg_dst, prefix); + rtmsg.rtmsg_dst_len = prefixlen; + ipv6_addr_copy(&rtmsg.rtmsg_gateway, gwaddr); + rtmsg.rtmsg_metric = 1024; + rtmsg.rtmsg_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_ROUTEINFO | RTF_UP | RTF_PREF(pref); + /* We should treat it as a default route if prefix length is 0. */ + if (!prefixlen) + rtmsg.rtmsg_flags |= RTF_DEFAULT; + rtmsg.rtmsg_ifindex = ifindex; + + ip6_route_add(&rtmsg, NULL, NULL, NULL); + + return rt6_get_route_info(prefix, prefixlen, gwaddr, ifindex); +} +#endif + struct rt6_info *rt6_get_dflt_router(struct in6_addr *addr, struct net_device *dev) { struct rt6_info *rt; @@ -1290,6 +1428,7 @@ struct rt6_info *rt6_get_dflt_router(struct in6_addr *addr, struct net_device *d write_lock_bh(&rt6_lock); for (rt = fn->leaf; rt; rt=rt->u.next) { if (dev == rt->rt6i_dev && + ((rt->rt6i_flags & (RTF_ADDRCONF | RTF_DEFAULT)) == (RTF_ADDRCONF | RTF_DEFAULT)) && ipv6_addr_equal(&rt->rt6i_gateway, addr)) break; } @@ -1300,7 +1439,8 @@ struct rt6_info *rt6_get_dflt_router(struct in6_addr *addr, struct net_device *d } struct rt6_info *rt6_add_dflt_router(struct in6_addr *gwaddr, - struct net_device *dev) + struct net_device *dev, + unsigned int pref) { struct in6_rtmsg rtmsg; @@ -1308,7 +1448,8 @@ struct rt6_info *rt6_add_dflt_router(struct in6_addr *gwaddr, rtmsg.rtmsg_type = RTMSG_NEWROUTE; ipv6_addr_copy(&rtmsg.rtmsg_gateway, gwaddr); rtmsg.rtmsg_metric = 1024; - rtmsg.rtmsg_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_DEFAULT | RTF_UP | RTF_EXPIRES; + rtmsg.rtmsg_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_DEFAULT | RTF_UP | RTF_EXPIRES | + RTF_PREF(pref); rtmsg.rtmsg_ifindex = dev->ifindex; @@ -1326,8 +1467,6 @@ restart: if (rt->rt6i_flags & (RTF_DEFAULT | RTF_ADDRCONF)) { dst_hold(&rt->u.dst); - rt6_reset_dflt_pointer(NULL); - read_unlock_bh(&rt6_lock); ip6_del_rt(rt, NULL, NULL, NULL); @@ -1738,11 +1877,10 @@ int inet6_dump_fib(struct sk_buff *skb, struct netlink_callback *cb) /* * 2. allocate and initialize walker. */ - w = kmalloc(sizeof(*w), GFP_ATOMIC); + w = kzalloc(sizeof(*w), GFP_ATOMIC); if (w == NULL) return -ENOMEM; RT6_TRACE("dump<%p", w); - memset(w, 0, sizeof(*w)); w->root = &ip6_routing_table; w->func = fib6_dump_node; w->args = &arg; diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c index ca9cf685..301eee7 100644 --- a/net/ipv6/tcp_ipv6.c +++ b/net/ipv6/tcp_ipv6.c @@ -987,6 +987,7 @@ static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb, inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen + newnp->opt->opt_flen); + tcp_mtup_init(newsk); tcp_sync_mss(newsk, dst_mtu(dst)); newtp->advmss = dst_metric(dst, RTAX_ADVMSS); tcp_initialize_rcv_mss(newsk); @@ -1297,18 +1298,21 @@ static int tcp_v6_remember_stamp(struct sock *sk) } static struct inet_connection_sock_af_ops ipv6_specific = { - .queue_xmit = inet6_csk_xmit, - .send_check = tcp_v6_send_check, - .rebuild_header = inet6_sk_rebuild_header, - .conn_request = tcp_v6_conn_request, - .syn_recv_sock = tcp_v6_syn_recv_sock, - .remember_stamp = tcp_v6_remember_stamp, - .net_header_len = sizeof(struct ipv6hdr), - - .setsockopt = ipv6_setsockopt, - .getsockopt = ipv6_getsockopt, - .addr2sockaddr = inet6_csk_addr2sockaddr, - .sockaddr_len = sizeof(struct sockaddr_in6) + .queue_xmit = inet6_csk_xmit, + .send_check = tcp_v6_send_check, + .rebuild_header = inet6_sk_rebuild_header, + .conn_request = tcp_v6_conn_request, + .syn_recv_sock = tcp_v6_syn_recv_sock, + .remember_stamp = tcp_v6_remember_stamp, + .net_header_len = sizeof(struct ipv6hdr), + .setsockopt = ipv6_setsockopt, + .getsockopt = ipv6_getsockopt, + .addr2sockaddr = inet6_csk_addr2sockaddr, + .sockaddr_len = sizeof(struct sockaddr_in6), +#ifdef CONFIG_COMPAT + .compat_setsockopt = compat_ipv6_setsockopt, + .compat_getsockopt = compat_ipv6_getsockopt, +#endif }; /* @@ -1316,22 +1320,23 @@ static struct inet_connection_sock_af_ops ipv6_specific = { */ static struct inet_connection_sock_af_ops ipv6_mapped = { - .queue_xmit = ip_queue_xmit, - .send_check = tcp_v4_send_check, - .rebuild_header = inet_sk_rebuild_header, - .conn_request = tcp_v6_conn_request, - .syn_recv_sock = tcp_v6_syn_recv_sock, - .remember_stamp = tcp_v4_remember_stamp, - .net_header_len = sizeof(struct iphdr), - - .setsockopt = ipv6_setsockopt, - .getsockopt = ipv6_getsockopt, - .addr2sockaddr = inet6_csk_addr2sockaddr, - .sockaddr_len = sizeof(struct sockaddr_in6) + .queue_xmit = ip_queue_xmit, + .send_check = tcp_v4_send_check, + .rebuild_header = inet_sk_rebuild_header, + .conn_request = tcp_v6_conn_request, + .syn_recv_sock = tcp_v6_syn_recv_sock, + .remember_stamp = tcp_v4_remember_stamp, + .net_header_len = sizeof(struct iphdr), + .setsockopt = ipv6_setsockopt, + .getsockopt = ipv6_getsockopt, + .addr2sockaddr = inet6_csk_addr2sockaddr, + .sockaddr_len = sizeof(struct sockaddr_in6), +#ifdef CONFIG_COMPAT + .compat_setsockopt = compat_ipv6_setsockopt, + .compat_getsockopt = compat_ipv6_getsockopt, +#endif }; - - /* NOTE: A lot of things set to zero explicitly by call to * sk_alloc() so need not be done here. */ @@ -1583,6 +1588,10 @@ struct proto tcpv6_prot = { .obj_size = sizeof(struct tcp6_sock), .twsk_prot = &tcp6_timewait_sock_ops, .rsk_prot = &tcp6_request_sock_ops, +#ifdef CONFIG_COMPAT + .compat_setsockopt = compat_tcp_setsockopt, + .compat_getsockopt = compat_tcp_getsockopt, +#endif }; static struct inet6_protocol tcpv6_protocol = { @@ -1604,21 +1613,12 @@ static struct inet_protosw tcpv6_protosw = { void __init tcpv6_init(void) { - int err; - /* register inet6 protocol */ if (inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP) < 0) printk(KERN_ERR "tcpv6_init: Could not register protocol\n"); inet6_register_protosw(&tcpv6_protosw); - err = sock_create_kern(PF_INET6, SOCK_RAW, IPPROTO_TCP, &tcp6_socket); - if (err < 0) + if (inet_csk_ctl_sock_create(&tcp6_socket, PF_INET6, SOCK_RAW, + IPPROTO_TCP) < 0) panic("Failed to create the TCPv6 control socket.\n"); - tcp6_socket->sk->sk_allocation = GFP_ATOMIC; - - /* Unhash it so that IP input processing does not even - * see it, we do not wish this socket to see incoming - * packets. - */ - tcp6_socket->sk->sk_prot->unhash(tcp6_socket->sk); } diff --git a/net/ipv6/tunnel6.c b/net/ipv6/tunnel6.c new file mode 100644 index 0000000..5659b52 --- /dev/null +++ b/net/ipv6/tunnel6.c @@ -0,0 +1,131 @@ +/* + * Copyright (C)2003,2004 USAGI/WIDE Project + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + * Authors Mitsuru KANDA <mk@linux-ipv6.org> + * YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> + */ + +#include <linux/init.h> +#include <linux/module.h> +#include <linux/mutex.h> +#include <linux/netdevice.h> +#include <linux/skbuff.h> +#include <net/protocol.h> +#include <net/xfrm.h> + +static struct xfrm6_tunnel *tunnel6_handlers; +static DEFINE_MUTEX(tunnel6_mutex); + +int xfrm6_tunnel_register(struct xfrm6_tunnel *handler) +{ + struct xfrm6_tunnel **pprev; + int ret = -EEXIST; + int priority = handler->priority; + + mutex_lock(&tunnel6_mutex); + + for (pprev = &tunnel6_handlers; *pprev; pprev = &(*pprev)->next) { + if ((*pprev)->priority > priority) + break; + if ((*pprev)->priority == priority) + goto err; + } + + handler->next = *pprev; + *pprev = handler; + + ret = 0; + +err: + mutex_unlock(&tunnel6_mutex); + + return ret; +} + +EXPORT_SYMBOL(xfrm6_tunnel_register); + +int xfrm6_tunnel_deregister(struct xfrm6_tunnel *handler) +{ + struct xfrm6_tunnel **pprev; + int ret = -ENOENT; + + mutex_lock(&tunnel6_mutex); + + for (pprev = &tunnel6_handlers; *pprev; pprev = &(*pprev)->next) { + if (*pprev == handler) { + *pprev = handler->next; + ret = 0; + break; + } + } + + mutex_unlock(&tunnel6_mutex); + + synchronize_net(); + + return ret; +} + +EXPORT_SYMBOL(xfrm6_tunnel_deregister); + +static int tunnel6_rcv(struct sk_buff **pskb) +{ + struct sk_buff *skb = *pskb; + struct xfrm6_tunnel *handler; + + for (handler = tunnel6_handlers; handler; handler = handler->next) + if (!handler->handler(skb)) + return 0; + + kfree_skb(skb); + return 0; +} + +static void tunnel6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, + int type, int code, int offset, __u32 info) +{ + struct xfrm6_tunnel *handler; + + for (handler = tunnel6_handlers; handler; handler = handler->next) + if (!handler->err_handler(skb, opt, type, code, offset, info)) + break; +} + +static struct inet6_protocol tunnel6_protocol = { + .handler = tunnel6_rcv, + .err_handler = tunnel6_err, + .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL, +}; + +static int __init tunnel6_init(void) +{ + if (inet6_add_protocol(&tunnel6_protocol, IPPROTO_IPV6)) { + printk(KERN_ERR "tunnel6 init(): can't add protocol\n"); + return -EAGAIN; + } + return 0; +} + +static void __exit tunnel6_fini(void) +{ + if (inet6_del_protocol(&tunnel6_protocol, IPPROTO_IPV6)) + printk(KERN_ERR "tunnel6 close: can't remove protocol\n"); +} + +module_init(tunnel6_init); +module_exit(tunnel6_fini); +MODULE_LICENSE("GPL"); diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c index c476488..8d3432a 100644 --- a/net/ipv6/udp.c +++ b/net/ipv6/udp.c @@ -880,16 +880,13 @@ static int udpv6_destroy_sock(struct sock *sk) /* * Socket option code for UDP */ -static int udpv6_setsockopt(struct sock *sk, int level, int optname, +static int do_udpv6_setsockopt(struct sock *sk, int level, int optname, char __user *optval, int optlen) { struct udp_sock *up = udp_sk(sk); int val; int err = 0; - if (level != SOL_UDP) - return ipv6_setsockopt(sk, level, optname, optval, optlen); - if(optlen<sizeof(int)) return -EINVAL; @@ -927,15 +924,31 @@ static int udpv6_setsockopt(struct sock *sk, int level, int optname, return err; } -static int udpv6_getsockopt(struct sock *sk, int level, int optname, +static int udpv6_setsockopt(struct sock *sk, int level, int optname, + char __user *optval, int optlen) +{ + if (level != SOL_UDP) + return ipv6_setsockopt(sk, level, optname, optval, optlen); + return do_udpv6_setsockopt(sk, level, optname, optval, optlen); +} + +#ifdef CONFIG_COMPAT +static int compat_udpv6_setsockopt(struct sock *sk, int level, int optname, + char __user *optval, int optlen) +{ + if (level != SOL_UDP) + return compat_ipv6_setsockopt(sk, level, optname, + optval, optlen); + return do_udpv6_setsockopt(sk, level, optname, optval, optlen); +} +#endif + +static int do_udpv6_getsockopt(struct sock *sk, int level, int optname, char __user *optval, int __user *optlen) { struct udp_sock *up = udp_sk(sk); int val, len; - if (level != SOL_UDP) - return ipv6_getsockopt(sk, level, optname, optval, optlen); - if(get_user(len,optlen)) return -EFAULT; @@ -964,6 +977,25 @@ static int udpv6_getsockopt(struct sock *sk, int level, int optname, return 0; } +static int udpv6_getsockopt(struct sock *sk, int level, int optname, + char __user *optval, int __user *optlen) +{ + if (level != SOL_UDP) + return ipv6_getsockopt(sk, level, optname, optval, optlen); + return do_udpv6_getsockopt(sk, level, optname, optval, optlen); +} + +#ifdef CONFIG_COMPAT +static int compat_udpv6_getsockopt(struct sock *sk, int level, int optname, + char __user *optval, int __user *optlen) +{ + if (level != SOL_UDP) + return compat_ipv6_getsockopt(sk, level, optname, + optval, optlen); + return do_udpv6_getsockopt(sk, level, optname, optval, optlen); +} +#endif + static struct inet6_protocol udpv6_protocol = { .handler = udpv6_rcv, .err_handler = udpv6_err, @@ -1037,22 +1069,26 @@ void udp6_proc_exit(void) { /* ------------------------------------------------------------------------ */ struct proto udpv6_prot = { - .name = "UDPv6", - .owner = THIS_MODULE, - .close = udpv6_close, - .connect = ip6_datagram_connect, - .disconnect = udp_disconnect, - .ioctl = udp_ioctl, - .destroy = udpv6_destroy_sock, - .setsockopt = udpv6_setsockopt, - .getsockopt = udpv6_getsockopt, - .sendmsg = udpv6_sendmsg, - .recvmsg = udpv6_recvmsg, - .backlog_rcv = udpv6_queue_rcv_skb, - .hash = udp_v6_hash, - .unhash = udp_v6_unhash, - .get_port = udp_v6_get_port, - .obj_size = sizeof(struct udp6_sock), + .name = "UDPv6", + .owner = THIS_MODULE, + .close = udpv6_close, + .connect = ip6_datagram_connect, + .disconnect = udp_disconnect, + .ioctl = udp_ioctl, + .destroy = udpv6_destroy_sock, + .setsockopt = udpv6_setsockopt, + .getsockopt = udpv6_getsockopt, + .sendmsg = udpv6_sendmsg, + .recvmsg = udpv6_recvmsg, + .backlog_rcv = udpv6_queue_rcv_skb, + .hash = udp_v6_hash, + .unhash = udp_v6_unhash, + .get_port = udp_v6_get_port, + .obj_size = sizeof(struct udp6_sock), +#ifdef CONFIG_COMPAT + .compat_setsockopt = compat_udpv6_setsockopt, + .compat_getsockopt = compat_udpv6_getsockopt, +#endif }; static struct inet_protosw udpv6_protosw = { diff --git a/net/ipv6/xfrm6_input.c b/net/ipv6/xfrm6_input.c index 1ca2da6..cccf8b7 100644 --- a/net/ipv6/xfrm6_input.c +++ b/net/ipv6/xfrm6_input.c @@ -28,9 +28,8 @@ static inline void ipip6_ecn_decapsulate(struct sk_buff *skb) IP6_ECN_set_ce(inner_iph); } -int xfrm6_rcv_spi(struct sk_buff **pskb, u32 spi) +int xfrm6_rcv_spi(struct sk_buff *skb, u32 spi) { - struct sk_buff *skb = *pskb; int err; u32 seq; struct sec_decap_state xfrm_vec[XFRM_MAX_DEPTH]; @@ -159,5 +158,5 @@ EXPORT_SYMBOL(xfrm6_rcv_spi); int xfrm6_rcv(struct sk_buff **pskb) { - return xfrm6_rcv_spi(pskb, 0); + return xfrm6_rcv_spi(*pskb, 0); } diff --git a/net/ipv6/xfrm6_tunnel.c b/net/ipv6/xfrm6_tunnel.c index 8cfc58b..a8f6776 100644 --- a/net/ipv6/xfrm6_tunnel.c +++ b/net/ipv6/xfrm6_tunnel.c @@ -28,9 +28,9 @@ #include <net/ip.h> #include <net/xfrm.h> #include <net/ipv6.h> -#include <net/protocol.h> #include <linux/ipv6.h> #include <linux/icmpv6.h> +#include <linux/mutex.h> #ifdef CONFIG_IPV6_XFRM6_TUNNEL_DEBUG # define X6TDEBUG 3 @@ -356,71 +356,18 @@ static int xfrm6_tunnel_input(struct xfrm_state *x, struct xfrm_decap_state *dec return 0; } -static struct xfrm6_tunnel *xfrm6_tunnel_handler; -static DECLARE_MUTEX(xfrm6_tunnel_sem); - -int xfrm6_tunnel_register(struct xfrm6_tunnel *handler) +static int xfrm6_tunnel_rcv(struct sk_buff *skb) { - int ret; - - down(&xfrm6_tunnel_sem); - ret = 0; - if (xfrm6_tunnel_handler != NULL) - ret = -EINVAL; - if (!ret) - xfrm6_tunnel_handler = handler; - up(&xfrm6_tunnel_sem); - - return ret; -} - -EXPORT_SYMBOL(xfrm6_tunnel_register); - -int xfrm6_tunnel_deregister(struct xfrm6_tunnel *handler) -{ - int ret; - - down(&xfrm6_tunnel_sem); - ret = 0; - if (xfrm6_tunnel_handler != handler) - ret = -EINVAL; - if (!ret) - xfrm6_tunnel_handler = NULL; - up(&xfrm6_tunnel_sem); - - synchronize_net(); - - return ret; -} - -EXPORT_SYMBOL(xfrm6_tunnel_deregister); - -static int xfrm6_tunnel_rcv(struct sk_buff **pskb) -{ - struct sk_buff *skb = *pskb; - struct xfrm6_tunnel *handler = xfrm6_tunnel_handler; struct ipv6hdr *iph = skb->nh.ipv6h; u32 spi; - /* device-like_ip6ip6_handler() */ - if (handler && handler->handler(pskb) == 0) - return 0; - spi = xfrm6_tunnel_spi_lookup((xfrm_address_t *)&iph->saddr); - return xfrm6_rcv_spi(pskb, spi); + return xfrm6_rcv_spi(skb, spi); } -static void xfrm6_tunnel_err(struct sk_buff *skb, struct inet6_skb_parm *opt, - int type, int code, int offset, __u32 info) +static int xfrm6_tunnel_err(struct sk_buff *skb, struct inet6_skb_parm *opt, + int type, int code, int offset, __u32 info) { - struct xfrm6_tunnel *handler = xfrm6_tunnel_handler; - - /* call here first for device-like ip6ip6 err handling */ - if (handler) { - handler->err_handler(skb, opt, type, code, offset, info); - return; - } - /* xfrm6_tunnel native err handling */ switch (type) { case ICMPV6_DEST_UNREACH: @@ -461,7 +408,8 @@ static void xfrm6_tunnel_err(struct sk_buff *skb, struct inet6_skb_parm *opt, default: break; } - return; + + return 0; } static int xfrm6_tunnel_init_state(struct xfrm_state *x) @@ -492,10 +440,10 @@ static struct xfrm_type xfrm6_tunnel_type = { .output = xfrm6_tunnel_output, }; -static struct inet6_protocol xfrm6_tunnel_protocol = { +static struct xfrm6_tunnel xfrm6_tunnel_handler = { .handler = xfrm6_tunnel_rcv, - .err_handler = xfrm6_tunnel_err, - .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL, + .err_handler = xfrm6_tunnel_err, + .priority = 2, }; static int __init xfrm6_tunnel_init(void) @@ -507,16 +455,16 @@ static int __init xfrm6_tunnel_init(void) "xfrm6_tunnel init: can't add xfrm type\n"); return -EAGAIN; } - if (inet6_add_protocol(&xfrm6_tunnel_protocol, IPPROTO_IPV6) < 0) { + if (xfrm6_tunnel_register(&xfrm6_tunnel_handler)) { X6TPRINTK1(KERN_ERR - "xfrm6_tunnel init(): can't add protocol\n"); + "xfrm6_tunnel init(): can't add handler\n"); xfrm_unregister_type(&xfrm6_tunnel_type, AF_INET6); return -EAGAIN; } if (xfrm6_tunnel_spi_init() < 0) { X6TPRINTK1(KERN_ERR "xfrm6_tunnel init: failed to initialize spi\n"); - inet6_del_protocol(&xfrm6_tunnel_protocol, IPPROTO_IPV6); + xfrm6_tunnel_deregister(&xfrm6_tunnel_handler); xfrm_unregister_type(&xfrm6_tunnel_type, AF_INET6); return -EAGAIN; } @@ -528,9 +476,9 @@ static void __exit xfrm6_tunnel_fini(void) X6TPRINTK3(KERN_DEBUG "%s()\n", __FUNCTION__); xfrm6_tunnel_spi_fini(); - if (inet6_del_protocol(&xfrm6_tunnel_protocol, IPPROTO_IPV6) < 0) + if (xfrm6_tunnel_deregister(&xfrm6_tunnel_handler)) X6TPRINTK1(KERN_ERR - "xfrm6_tunnel close: can't remove protocol\n"); + "xfrm6_tunnel close: can't remove handler\n"); if (xfrm_unregister_type(&xfrm6_tunnel_type, AF_INET6) < 0) X6TPRINTK1(KERN_ERR "xfrm6_tunnel close: can't remove xfrm type\n"); diff --git a/net/ipx/af_ipx.c b/net/ipx/af_ipx.c index 0fb513a..2dbf134 100644 --- a/net/ipx/af_ipx.c +++ b/net/ipx/af_ipx.c @@ -1892,6 +1892,29 @@ static int ipx_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) return rc; } + +#ifdef CONFIG_COMPAT +static int ipx_compat_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) +{ + /* + * These 4 commands use same structure on 32bit and 64bit. Rest of IPX + * commands is handled by generic ioctl code. As these commands are + * SIOCPROTOPRIVATE..SIOCPROTOPRIVATE+3, they cannot be handled by generic + * code. + */ + switch (cmd) { + case SIOCAIPXITFCRT: + case SIOCAIPXPRISLT: + case SIOCIPXCFGDATA: + case SIOCIPXNCPCONN: + return ipx_ioctl(sock, cmd, arg); + default: + return -ENOIOCTLCMD; + } +} +#endif + + /* * Socket family declarations */ @@ -1913,6 +1936,9 @@ static const struct proto_ops SOCKOPS_WRAPPED(ipx_dgram_ops) = { .getname = ipx_getname, .poll = datagram_poll, .ioctl = ipx_ioctl, +#ifdef CONFIG_COMPAT + .compat_ioctl = ipx_compat_ioctl, +#endif .listen = sock_no_listen, .shutdown = sock_no_shutdown, /* FIXME: support shutdown */ .setsockopt = ipx_setsockopt, diff --git a/net/irda/af_irda.c b/net/irda/af_irda.c index 7594456..2f37c9f 100644 --- a/net/irda/af_irda.c +++ b/net/irda/af_irda.c @@ -1302,7 +1302,7 @@ static int irda_sendmsg(struct kiocb *iocb, struct socket *sock, if (sk->sk_state != TCP_ESTABLISHED) return -ENOTCONN; - /* Check that we don't send out to big frames */ + /* Check that we don't send out too big frames */ if (len > self->max_data_size) { IRDA_DEBUG(2, "%s(), Chopping frame from %zd to %d bytes!\n", __FUNCTION__, len, self->max_data_size); @@ -1546,7 +1546,7 @@ static int irda_sendmsg_dgram(struct kiocb *iocb, struct socket *sock, IRDA_ASSERT(self != NULL, return -1;); /* - * Check that we don't send out to big frames. This is an unreliable + * Check that we don't send out too big frames. This is an unreliable * service, so we have no fragmentation and no coalescence */ if (len > self->max_data_size) { @@ -1642,7 +1642,7 @@ static int irda_sendmsg_ultra(struct kiocb *iocb, struct socket *sock, } /* - * Check that we don't send out to big frames. This is an unreliable + * Check that we don't send out too big frames. This is an unreliable * service, so we have no fragmentation and no coalescence */ if (len > self->max_data_size) { @@ -1830,6 +1830,19 @@ static int irda_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) return 0; } +#ifdef CONFIG_COMPAT +/* + * Function irda_ioctl (sock, cmd, arg) + */ +static int irda_compat_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) +{ + /* + * All IRDA's ioctl are standard ones. + */ + return -ENOIOCTLCMD; +} +#endif + /* * Function irda_setsockopt (sock, level, optname, optval, optlen) * @@ -2476,6 +2489,9 @@ static const struct proto_ops SOCKOPS_WRAPPED(irda_stream_ops) = { .getname = irda_getname, .poll = irda_poll, .ioctl = irda_ioctl, +#ifdef CONFIG_COMPAT + .compat_ioctl = irda_compat_ioctl, +#endif .listen = irda_listen, .shutdown = irda_shutdown, .setsockopt = irda_setsockopt, @@ -2497,6 +2513,9 @@ static const struct proto_ops SOCKOPS_WRAPPED(irda_seqpacket_ops) = { .getname = irda_getname, .poll = datagram_poll, .ioctl = irda_ioctl, +#ifdef CONFIG_COMPAT + .compat_ioctl = irda_compat_ioctl, +#endif .listen = irda_listen, .shutdown = irda_shutdown, .setsockopt = irda_setsockopt, @@ -2518,6 +2537,9 @@ static const struct proto_ops SOCKOPS_WRAPPED(irda_dgram_ops) = { .getname = irda_getname, .poll = datagram_poll, .ioctl = irda_ioctl, +#ifdef CONFIG_COMPAT + .compat_ioctl = irda_compat_ioctl, +#endif .listen = irda_listen, .shutdown = irda_shutdown, .setsockopt = irda_setsockopt, @@ -2540,6 +2562,9 @@ static const struct proto_ops SOCKOPS_WRAPPED(irda_ultra_ops) = { .getname = irda_getname, .poll = datagram_poll, .ioctl = irda_ioctl, +#ifdef CONFIG_COMPAT + .compat_ioctl = irda_compat_ioctl, +#endif .listen = sock_no_listen, .shutdown = irda_shutdown, .setsockopt = irda_setsockopt, diff --git a/net/key/af_key.c b/net/key/af_key.c index b2d4d1d..8595822 100644 --- a/net/key/af_key.c +++ b/net/key/af_key.c @@ -2651,6 +2651,8 @@ static int pfkey_send_notify(struct xfrm_state *x, struct km_event *c) return key_notify_sa(x, c); case XFRM_MSG_FLUSHSA: return key_notify_sa_flush(c); + case XFRM_MSG_NEWAE: /* not yet supported */ + break; default: printk("pfkey: Unknown SA event %d\n", c->event); break; @@ -3078,9 +3080,9 @@ static int pfkey_sendmsg(struct kiocb *kiocb, if (!hdr) goto out; - down(&xfrm_cfg_sem); + mutex_lock(&xfrm_cfg_mutex); err = pfkey_process(sk, skb, hdr); - up(&xfrm_cfg_sem); + mutex_unlock(&xfrm_cfg_mutex); out: if (err && hdr && pfkey_error(hdr, err, sk) == 0) diff --git a/net/llc/af_llc.c b/net/llc/af_llc.c index 8171c53..5a04db7 100644 --- a/net/llc/af_llc.c +++ b/net/llc/af_llc.c @@ -54,7 +54,7 @@ static int llc_ui_wait_for_busy_core(struct sock *sk, long timeout); * * Return the next unused link number for a given sap. */ -static __inline__ u16 llc_ui_next_link_no(int sap) +static inline u16 llc_ui_next_link_no(int sap) { return llc_ui_sap_link_no_max[sap]++; } @@ -65,7 +65,7 @@ static __inline__ u16 llc_ui_next_link_no(int sap) * * Given an ARP header type return the corresponding ethernet protocol. */ -static __inline__ u16 llc_proto_type(u16 arphrd) +static inline u16 llc_proto_type(u16 arphrd) { return arphrd == ARPHRD_IEEE802_TR ? htons(ETH_P_TR_802_2) : htons(ETH_P_802_2); @@ -75,7 +75,7 @@ static __inline__ u16 llc_proto_type(u16 arphrd) * llc_ui_addr_null - determines if a address structure is null * @addr: Address to test if null. */ -static __inline__ u8 llc_ui_addr_null(struct sockaddr_llc *addr) +static inline u8 llc_ui_addr_null(struct sockaddr_llc *addr) { return !memcmp(addr, &llc_ui_addrnull, sizeof(*addr)); } @@ -89,8 +89,7 @@ static __inline__ u8 llc_ui_addr_null(struct sockaddr_llc *addr) * operation the user would like to perform and the type of socket. * Returns the correct llc header length. */ -static __inline__ u8 llc_ui_header_len(struct sock *sk, - struct sockaddr_llc *addr) +static inline u8 llc_ui_header_len(struct sock *sk, struct sockaddr_llc *addr) { u8 rc = LLC_PDU_LEN_U; @@ -138,7 +137,7 @@ static void llc_ui_sk_init(struct socket *sock, struct sock *sk) } static struct proto llc_proto = { - .name = "DDP", + .name = "LLC", .owner = THIS_MODULE, .obj_size = sizeof(struct llc_sock), }; @@ -188,8 +187,10 @@ static int llc_ui_release(struct socket *sock) llc->laddr.lsap, llc->daddr.lsap); if (!llc_send_disc(sk)) llc_ui_wait_for_disc(sk, sk->sk_rcvtimeo); - if (!sock_flag(sk, SOCK_ZAPPED)) + if (!sock_flag(sk, SOCK_ZAPPED)) { + llc_sap_put(llc->sap); llc_sap_remove_socket(llc->sap, sk); + } release_sock(sk); if (llc->dev) dev_put(llc->dev); diff --git a/net/llc/llc_c_ac.c b/net/llc/llc_c_ac.c index 8169f24..860140c 100644 --- a/net/llc/llc_c_ac.c +++ b/net/llc/llc_c_ac.c @@ -27,7 +27,6 @@ #include <net/llc_pdu.h> #include <net/llc.h> -#include "llc_output.h" static int llc_conn_ac_inc_vs_by_1(struct sock *sk, struct sk_buff *skb); static void llc_process_tmr_ev(struct sock *sk, struct sk_buff *skb); diff --git a/net/llc/llc_core.c b/net/llc/llc_core.c index ab0fcd3..bd242a4 100644 --- a/net/llc/llc_core.c +++ b/net/llc/llc_core.c @@ -127,7 +127,6 @@ struct llc_sap *llc_sap_open(unsigned char lsap, goto out; sap->laddr.lsap = lsap; sap->rcv_func = func; - llc_sap_hold(sap); llc_add_sap(sap); out: write_unlock_bh(&llc_sap_list_lock); diff --git a/net/llc/llc_output.c b/net/llc/llc_output.c index b4d55b6..b4e668e 100644 --- a/net/llc/llc_output.c +++ b/net/llc/llc_output.c @@ -30,7 +30,8 @@ * Fills MAC header fields, depending on MAC type. Returns 0, If MAC type * is a valid type and initialization completes correctly 1, otherwise. */ -int llc_mac_hdr_init(struct sk_buff *skb, unsigned char *sa, unsigned char *da) +int llc_mac_hdr_init(struct sk_buff *skb, + const unsigned char *sa, const unsigned char *da) { int rc = 0; diff --git a/net/llc/llc_output.h b/net/llc/llc_output.h deleted file mode 100644 index 179edf7..0000000 --- a/net/llc/llc_output.h +++ /dev/null @@ -1,20 +0,0 @@ -#ifndef LLC_OUTPUT_H -#define LLC_OUTPUT_H -/* - * Copyright (c) 1997 by Procom Technology, Inc. - * 2001-2003 by Arnaldo Carvalho de Melo <acme@conectiva.com.br> - * - * This program can be redistributed or modified under the terms of the - * GNU General Public License version 2 as published by the Free Software - * Foundation. - * This program is distributed without any warranty or implied warranty - * of merchantability or fitness for a particular purpose. - * - * See the GNU General Public License version 2 for more details. - */ - -struct sk_buff; - -int llc_mac_hdr_init(struct sk_buff *skb, unsigned char *sa, unsigned char *da); - -#endif /* LLC_OUTPUT_H */ diff --git a/net/llc/llc_s_ac.c b/net/llc/llc_s_ac.c index bb3580f..ac3d93b 100644 --- a/net/llc/llc_s_ac.c +++ b/net/llc/llc_s_ac.c @@ -24,7 +24,7 @@ #include <net/llc_s_ac.h> #include <net/llc_s_ev.h> #include <net/llc_sap.h> -#include "llc_output.h" + /** * llc_sap_action_unit_data_ind - forward UI PDU to network layer diff --git a/net/netfilter/Kconfig b/net/netfilter/Kconfig index a8e5544..332acb3 100644 --- a/net/netfilter/Kconfig +++ b/net/netfilter/Kconfig @@ -11,7 +11,7 @@ config NETFILTER_NETLINK_QUEUE tristate "Netfilter NFQUEUE over NFNETLINK interface" depends on NETFILTER_NETLINK help - If this option isenabled, the kernel will include support + If this option is enabled, the kernel will include support for queueing packets via NFNETLINK. config NETFILTER_NETLINK_LOG @@ -66,7 +66,7 @@ config NF_CONNTRACK_EVENTS help If this option is enabled, the connection tracking code will provide a notifier chain that can be used by other kernel code - to get notified aboutchanges in the connection tracking state. + to get notified about changes in the connection tracking state. If unsure, say `N'. @@ -153,7 +153,7 @@ config NETFILTER_XT_TARGET_NFQUEUE tristate '"NFQUEUE" target Support' depends on NETFILTER_XTABLES help - This Target replaced the old obsolete QUEUE target. + This target replaced the old obsolete QUEUE target. As opposed to QUEUE, it supports 65535 different queues, not just one. @@ -279,6 +279,16 @@ config NETFILTER_XT_MATCH_MARK To compile it as a module, choose M here. If unsure, say N. +config NETFILTER_XT_MATCH_POLICY + tristate 'IPsec "policy" match support' + depends on NETFILTER_XTABLES && XFRM + help + Policy matching allows you to match packets based on the + IPsec policy that was used during decapsulation/will + be used during encapsulation. + + To compile it as a module, choose M here. If unsure, say N. + config NETFILTER_XT_MATCH_PHYSDEV tristate '"physdev" match support' depends on NETFILTER_XTABLES && BRIDGE_NETFILTER diff --git a/net/netfilter/Makefile b/net/netfilter/Makefile index 746172e..9558727 100644 --- a/net/netfilter/Makefile +++ b/net/netfilter/Makefile @@ -40,6 +40,7 @@ obj-$(CONFIG_NETFILTER_XT_MATCH_LENGTH) += xt_length.o obj-$(CONFIG_NETFILTER_XT_MATCH_LIMIT) += xt_limit.o obj-$(CONFIG_NETFILTER_XT_MATCH_MAC) += xt_mac.o obj-$(CONFIG_NETFILTER_XT_MATCH_MARK) += xt_mark.o +obj-$(CONFIG_NETFILTER_XT_MATCH_POLICY) += xt_policy.o obj-$(CONFIG_NETFILTER_XT_MATCH_PKTTYPE) += xt_pkttype.o obj-$(CONFIG_NETFILTER_XT_MATCH_REALM) += xt_realm.o obj-$(CONFIG_NETFILTER_XT_MATCH_SCTP) += xt_sctp.o diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c index d622ddf..56389c8 100644 --- a/net/netfilter/nf_conntrack_core.c +++ b/net/netfilter/nf_conntrack_core.c @@ -3,7 +3,7 @@ extension. */ /* (C) 1999-2001 Paul `Rusty' Russell - * (C) 2002-2005 Netfilter Core Team <coreteam@netfilter.org> + * (C) 2002-2006 Netfilter Core Team <coreteam@netfilter.org> * (C) 2003,2004 USAGI/WIDE Project <http://www.linux-ipv6.org> * * This program is free software; you can redistribute it and/or modify @@ -20,6 +20,11 @@ * - generalize L3 protocol denendent part. * 23 Mar 2004: Yasuyuki Kozakai @USAGI <yasuyuki.kozakai@toshiba.co.jp> * - add support various size of conntrack structures. + * 26 Jan 2006: Harald Welte <laforge@netfilter.org> + * - restructure nf_conn (introduce nf_conn_help) + * - redesign 'features' how they were originally intended + * 26 Feb 2006: Pablo Neira Ayuso <pablo@eurodev.net> + * - add support for L3 protocol module load on demand. * * Derived from net/ipv4/netfilter/ip_conntrack_core.c */ @@ -55,7 +60,7 @@ #include <net/netfilter/nf_conntrack_core.h> #include <linux/netfilter_ipv4/listhelp.h> -#define NF_CONNTRACK_VERSION "0.4.1" +#define NF_CONNTRACK_VERSION "0.5.0" #if 0 #define DEBUGP printk @@ -82,11 +87,11 @@ unsigned int nf_ct_log_invalid; static LIST_HEAD(unconfirmed); static int nf_conntrack_vmalloc; -static unsigned int nf_conntrack_next_id = 1; -static unsigned int nf_conntrack_expect_next_id = 1; +static unsigned int nf_conntrack_next_id; +static unsigned int nf_conntrack_expect_next_id; #ifdef CONFIG_NF_CONNTRACK_EVENTS -struct notifier_block *nf_conntrack_chain; -struct notifier_block *nf_conntrack_expect_chain; +ATOMIC_NOTIFIER_HEAD(nf_conntrack_chain); +ATOMIC_NOTIFIER_HEAD(nf_conntrack_expect_chain); DEFINE_PER_CPU(struct nf_conntrack_ecache, nf_conntrack_ecache); @@ -98,7 +103,7 @@ __nf_ct_deliver_cached_events(struct nf_conntrack_ecache *ecache) DEBUGP("ecache: delivering events for %p\n", ecache->ct); if (nf_ct_is_confirmed(ecache->ct) && !nf_ct_is_dying(ecache->ct) && ecache->events) - notifier_call_chain(&nf_conntrack_chain, ecache->events, + atomic_notifier_call_chain(&nf_conntrack_chain, ecache->events, ecache->ct); ecache->events = 0; @@ -182,7 +187,7 @@ static struct { DEFINE_RWLOCK(nf_ct_cache_lock); /* This avoids calling kmem_cache_create() with same name simultaneously */ -DECLARE_MUTEX(nf_ct_cache_mutex); +static DEFINE_MUTEX(nf_ct_cache_mutex); extern struct nf_conntrack_protocol nf_conntrack_generic_protocol; struct nf_conntrack_protocol * @@ -238,6 +243,35 @@ void nf_ct_l3proto_put(struct nf_conntrack_l3proto *p) module_put(p->me); } +int +nf_ct_l3proto_try_module_get(unsigned short l3proto) +{ + int ret; + struct nf_conntrack_l3proto *p; + +retry: p = nf_ct_l3proto_find_get(l3proto); + if (p == &nf_conntrack_generic_l3proto) { + ret = request_module("nf_conntrack-%d", l3proto); + if (!ret) + goto retry; + + return -EPROTOTYPE; + } + + return 0; +} + +void nf_ct_l3proto_module_put(unsigned short l3proto) +{ + struct nf_conntrack_l3proto *p; + + preempt_disable(); + p = __nf_ct_l3proto_find(l3proto); + preempt_enable(); + + module_put(p->me); +} + static int nf_conntrack_hash_rnd_initted; static unsigned int nf_conntrack_hash_rnd; @@ -259,21 +293,8 @@ static inline u_int32_t hash_conntrack(const struct nf_conntrack_tuple *tuple) nf_conntrack_hash_rnd); } -/* Initialize "struct nf_conn" which has spaces for helper */ -static int -init_conntrack_for_helper(struct nf_conn *conntrack, u_int32_t features) -{ - - conntrack->help = (union nf_conntrack_help *) - (((unsigned long)conntrack->data - + (__alignof__(union nf_conntrack_help) - 1)) - & (~((unsigned long)(__alignof__(union nf_conntrack_help) -1)))); - return 0; -} - int nf_conntrack_register_cache(u_int32_t features, const char *name, - size_t size, - int (*init)(struct nf_conn *, u_int32_t)) + size_t size) { int ret = 0; char *cache_name; @@ -288,7 +309,7 @@ int nf_conntrack_register_cache(u_int32_t features, const char *name, return -EINVAL; } - down(&nf_ct_cache_mutex); + mutex_lock(&nf_ct_cache_mutex); write_lock_bh(&nf_ct_cache_lock); /* e.g: multiple helpers are loaded */ @@ -296,8 +317,7 @@ int nf_conntrack_register_cache(u_int32_t features, const char *name, DEBUGP("nf_conntrack_register_cache: already resisterd.\n"); if ((!strncmp(nf_ct_cache[features].name, name, NF_CT_FEATURES_NAMELEN)) - && nf_ct_cache[features].size == size - && nf_ct_cache[features].init_conntrack == init) { + && nf_ct_cache[features].size == size) { DEBUGP("nf_conntrack_register_cache: reusing.\n"); nf_ct_cache[features].use++; ret = 0; @@ -305,7 +325,7 @@ int nf_conntrack_register_cache(u_int32_t features, const char *name, ret = -EBUSY; write_unlock_bh(&nf_ct_cache_lock); - up(&nf_ct_cache_mutex); + mutex_unlock(&nf_ct_cache_mutex); return ret; } write_unlock_bh(&nf_ct_cache_lock); @@ -340,7 +360,6 @@ int nf_conntrack_register_cache(u_int32_t features, const char *name, write_lock_bh(&nf_ct_cache_lock); nf_ct_cache[features].use = 1; nf_ct_cache[features].size = size; - nf_ct_cache[features].init_conntrack = init; nf_ct_cache[features].cachep = cachep; nf_ct_cache[features].name = cache_name; write_unlock_bh(&nf_ct_cache_lock); @@ -350,7 +369,7 @@ int nf_conntrack_register_cache(u_int32_t features, const char *name, out_free_name: kfree(cache_name); out_up_mutex: - up(&nf_ct_cache_mutex); + mutex_unlock(&nf_ct_cache_mutex); return ret; } @@ -365,19 +384,18 @@ void nf_conntrack_unregister_cache(u_int32_t features) * slab cache. */ DEBUGP("nf_conntrack_unregister_cache: 0x%04x\n", features); - down(&nf_ct_cache_mutex); + mutex_lock(&nf_ct_cache_mutex); write_lock_bh(&nf_ct_cache_lock); if (--nf_ct_cache[features].use > 0) { write_unlock_bh(&nf_ct_cache_lock); - up(&nf_ct_cache_mutex); + mutex_unlock(&nf_ct_cache_mutex); return; } cachep = nf_ct_cache[features].cachep; name = nf_ct_cache[features].name; nf_ct_cache[features].cachep = NULL; nf_ct_cache[features].name = NULL; - nf_ct_cache[features].init_conntrack = NULL; nf_ct_cache[features].size = 0; write_unlock_bh(&nf_ct_cache_lock); @@ -386,7 +404,7 @@ void nf_conntrack_unregister_cache(u_int32_t features) kmem_cache_destroy(cachep); kfree(name); - up(&nf_ct_cache_mutex); + mutex_unlock(&nf_ct_cache_mutex); } int @@ -432,11 +450,15 @@ nf_ct_invert_tuple(struct nf_conntrack_tuple *inverse, /* nf_conntrack_expect helper functions */ void nf_ct_unlink_expect(struct nf_conntrack_expect *exp) { + struct nf_conn_help *master_help = nfct_help(exp->master); + + NF_CT_ASSERT(master_help); ASSERT_WRITE_LOCK(&nf_conntrack_lock); NF_CT_ASSERT(!timer_pending(&exp->timeout)); + list_del(&exp->list); NF_CT_STAT_INC(expect_delete); - exp->master->expecting--; + master_help->expecting--; nf_conntrack_expect_put(exp); } @@ -508,9 +530,10 @@ find_expectation(const struct nf_conntrack_tuple *tuple) void nf_ct_remove_expectations(struct nf_conn *ct) { struct nf_conntrack_expect *i, *tmp; + struct nf_conn_help *help = nfct_help(ct); /* Optimization: most connection never expect any others. */ - if (ct->expecting == 0) + if (!help || help->expecting == 0) return; list_for_each_entry_safe(i, tmp, &nf_conntrack_expect_list, list) { @@ -713,6 +736,7 @@ __nf_conntrack_confirm(struct sk_buff **pskb) conntrack_tuple_cmp, struct nf_conntrack_tuple_hash *, &ct->tuplehash[IP_CT_DIR_REPLY].tuple, NULL)) { + struct nf_conn_help *help; /* Remove from unconfirmed list */ list_del(&ct->tuplehash[IP_CT_DIR_ORIGINAL].list); @@ -726,7 +750,8 @@ __nf_conntrack_confirm(struct sk_buff **pskb) set_bit(IPS_CONFIRMED_BIT, &ct->status); NF_CT_STAT_INC(insert); write_unlock_bh(&nf_conntrack_lock); - if (ct->helper) + help = nfct_help(ct); + if (help && help->helper) nf_conntrack_event_cache(IPCT_HELPER, *pskb); #ifdef CONFIG_NF_NAT_NEEDED if (test_bit(IPS_SRC_NAT_DONE_BIT, &ct->status) || @@ -842,8 +867,9 @@ __nf_conntrack_alloc(const struct nf_conntrack_tuple *orig, { struct nf_conn *conntrack = NULL; u_int32_t features = 0; + struct nf_conntrack_helper *helper; - if (!nf_conntrack_hash_rnd_initted) { + if (unlikely(!nf_conntrack_hash_rnd_initted)) { get_random_bytes(&nf_conntrack_hash_rnd, 4); nf_conntrack_hash_rnd_initted = 1; } @@ -863,8 +889,11 @@ __nf_conntrack_alloc(const struct nf_conntrack_tuple *orig, /* find features needed by this conntrack. */ features = l3proto->get_features(orig); + + /* FIXME: protect helper list per RCU */ read_lock_bh(&nf_conntrack_lock); - if (__nf_ct_helper_find(repl) != NULL) + helper = __nf_ct_helper_find(repl); + if (helper) features |= NF_CT_F_HELP; read_unlock_bh(&nf_conntrack_lock); @@ -872,7 +901,7 @@ __nf_conntrack_alloc(const struct nf_conntrack_tuple *orig, read_lock_bh(&nf_ct_cache_lock); - if (!nf_ct_cache[features].use) { + if (unlikely(!nf_ct_cache[features].use)) { DEBUGP("nf_conntrack_alloc: not supported features = 0x%x\n", features); goto out; @@ -886,12 +915,10 @@ __nf_conntrack_alloc(const struct nf_conntrack_tuple *orig, memset(conntrack, 0, nf_ct_cache[features].size); conntrack->features = features; - if (nf_ct_cache[features].init_conntrack && - nf_ct_cache[features].init_conntrack(conntrack, features) < 0) { - DEBUGP("nf_conntrack_alloc: failed to init\n"); - kmem_cache_free(nf_ct_cache[features].cachep, conntrack); - conntrack = NULL; - goto out; + if (helper) { + struct nf_conn_help *help = nfct_help(conntrack); + NF_CT_ASSERT(help); + help->helper = helper; } atomic_set(&conntrack->ct_general.use, 1); @@ -972,11 +999,8 @@ init_conntrack(const struct nf_conntrack_tuple *tuple, #endif nf_conntrack_get(&conntrack->master->ct_general); NF_CT_STAT_INC(expect_new); - } else { - conntrack->helper = __nf_ct_helper_find(&repl_tuple); - + } else NF_CT_STAT_INC(new); - } /* Overload tuple linked list to put us in unconfirmed list. */ list_add(&conntrack->tuplehash[IP_CT_DIR_ORIGINAL].list, &unconfirmed); @@ -1206,14 +1230,16 @@ void nf_conntrack_expect_put(struct nf_conntrack_expect *exp) static void nf_conntrack_expect_insert(struct nf_conntrack_expect *exp) { + struct nf_conn_help *master_help = nfct_help(exp->master); + atomic_inc(&exp->use); - exp->master->expecting++; + master_help->expecting++; list_add(&exp->list, &nf_conntrack_expect_list); init_timer(&exp->timeout); exp->timeout.data = (unsigned long)exp; exp->timeout.function = expectation_timed_out; - exp->timeout.expires = jiffies + exp->master->helper->timeout * HZ; + exp->timeout.expires = jiffies + master_help->helper->timeout * HZ; add_timer(&exp->timeout); exp->id = ++nf_conntrack_expect_next_id; @@ -1239,10 +1265,12 @@ static void evict_oldest_expect(struct nf_conn *master) static inline int refresh_timer(struct nf_conntrack_expect *i) { + struct nf_conn_help *master_help = nfct_help(i->master); + if (!del_timer(&i->timeout)) return 0; - i->timeout.expires = jiffies + i->master->helper->timeout*HZ; + i->timeout.expires = jiffies + master_help->helper->timeout*HZ; add_timer(&i->timeout); return 1; } @@ -1251,8 +1279,11 @@ int nf_conntrack_expect_related(struct nf_conntrack_expect *expect) { struct nf_conntrack_expect *i; struct nf_conn *master = expect->master; + struct nf_conn_help *master_help = nfct_help(master); int ret; + NF_CT_ASSERT(master_help); + DEBUGP("nf_conntrack_expect_related %p\n", related_to); DEBUGP("tuple: "); NF_CT_DUMP_TUPLE(&expect->tuple); DEBUGP("mask: "); NF_CT_DUMP_TUPLE(&expect->mask); @@ -1271,8 +1302,8 @@ int nf_conntrack_expect_related(struct nf_conntrack_expect *expect) } } /* Will be over limit? */ - if (master->helper->max_expected && - master->expecting >= master->helper->max_expected) + if (master_help->helper->max_expected && + master_help->expecting >= master_help->helper->max_expected) evict_oldest_expect(master); nf_conntrack_expect_insert(expect); @@ -1283,24 +1314,6 @@ out: return ret; } -/* Alter reply tuple (maybe alter helper). This is for NAT, and is - implicitly racy: see __nf_conntrack_confirm */ -void nf_conntrack_alter_reply(struct nf_conn *conntrack, - const struct nf_conntrack_tuple *newreply) -{ - write_lock_bh(&nf_conntrack_lock); - /* Should be unconfirmed, so not in hash table yet */ - NF_CT_ASSERT(!nf_ct_is_confirmed(conntrack)); - - DEBUGP("Altering reply tuple of %p to ", conntrack); - NF_CT_DUMP_TUPLE(newreply); - - conntrack->tuplehash[IP_CT_DIR_REPLY].tuple = *newreply; - if (!conntrack->master && conntrack->expecting == 0) - conntrack->helper = __nf_ct_helper_find(newreply); - write_unlock_bh(&nf_conntrack_lock); -} - int nf_conntrack_helper_register(struct nf_conntrack_helper *me) { int ret; @@ -1308,9 +1321,8 @@ int nf_conntrack_helper_register(struct nf_conntrack_helper *me) ret = nf_conntrack_register_cache(NF_CT_F_HELP, "nf_conntrack:help", sizeof(struct nf_conn) - + sizeof(union nf_conntrack_help) - + __alignof__(union nf_conntrack_help), - init_conntrack_for_helper); + + sizeof(struct nf_conn_help) + + __alignof__(struct nf_conn_help)); if (ret < 0) { printk(KERN_ERR "nf_conntrack_helper_reigster: Unable to create slab cache for conntracks\n"); return ret; @@ -1338,9 +1350,12 @@ __nf_conntrack_helper_find_byname(const char *name) static inline int unhelp(struct nf_conntrack_tuple_hash *i, const struct nf_conntrack_helper *me) { - if (nf_ct_tuplehash_to_ctrack(i)->helper == me) { - nf_conntrack_event(IPCT_HELPER, nf_ct_tuplehash_to_ctrack(i)); - nf_ct_tuplehash_to_ctrack(i)->helper = NULL; + struct nf_conn *ct = nf_ct_tuplehash_to_ctrack(i); + struct nf_conn_help *help = nfct_help(ct); + + if (help && help->helper == me) { + nf_conntrack_event(IPCT_HELPER, ct); + help->helper = NULL; } return 0; } @@ -1356,7 +1371,8 @@ void nf_conntrack_helper_unregister(struct nf_conntrack_helper *me) /* Get rid of expectations */ list_for_each_entry_safe(exp, tmp, &nf_conntrack_expect_list, list) { - if (exp->master->helper == me && del_timer(&exp->timeout)) { + struct nf_conn_help *help = nfct_help(exp->master); + if (help->helper == me && del_timer(&exp->timeout)) { nf_ct_unlink_expect(exp); nf_conntrack_expect_put(exp); } @@ -1423,6 +1439,8 @@ void __nf_ct_refresh_acct(struct nf_conn *ct, #include <linux/netfilter/nfnetlink.h> #include <linux/netfilter/nfnetlink_conntrack.h> +#include <linux/mutex.h> + /* Generic function for tcp/udp/sctp/dccp and alike. This needs to be * in ip_conntrack_core, since we don't want the protocols to autoload @@ -1697,7 +1715,7 @@ int __init nf_conntrack_init(void) } ret = nf_conntrack_register_cache(NF_CT_F_BASIC, "nf_conntrack:basic", - sizeof(struct nf_conn), NULL); + sizeof(struct nf_conn)); if (ret < 0) { printk(KERN_ERR "Unable to create nf_conn slab cache\n"); goto err_free_hash; diff --git a/net/netfilter/nf_conntrack_ftp.c b/net/netfilter/nf_conntrack_ftp.c index 6f210f3..e38a4b5 100644 --- a/net/netfilter/nf_conntrack_ftp.c +++ b/net/netfilter/nf_conntrack_ftp.c @@ -440,7 +440,7 @@ static int help(struct sk_buff **pskb, u32 seq; int dir = CTINFO2DIR(ctinfo); unsigned int matchlen, matchoff; - struct ip_ct_ftp_master *ct_ftp_info = &ct->help->ct_ftp_info; + struct ip_ct_ftp_master *ct_ftp_info = &nfct_help(ct)->help.ct_ftp_info; struct nf_conntrack_expect *exp; struct nf_conntrack_man cmd = {}; @@ -624,7 +624,7 @@ static struct nf_conntrack_helper ftp[MAX_PORTS][2]; static char ftp_names[MAX_PORTS][2][sizeof("ftp-65535")]; /* don't make this __exit, since it's called from __init ! */ -static void fini(void) +static void nf_conntrack_ftp_fini(void) { int i, j; for (i = 0; i < ports_c; i++) { @@ -642,7 +642,7 @@ static void fini(void) kfree(ftp_buffer); } -static int __init init(void) +static int __init nf_conntrack_ftp_init(void) { int i, j = -1, ret = 0; char *tmpname; @@ -683,7 +683,7 @@ static int __init init(void) printk("nf_ct_ftp: failed to register helper " " for pf: %d port: %d\n", ftp[i][j].tuple.src.l3num, ports[i]); - fini(); + nf_conntrack_ftp_fini(); return ret; } } @@ -692,5 +692,5 @@ static int __init init(void) return 0; } -module_init(init); -module_exit(fini); +module_init(nf_conntrack_ftp_init); +module_exit(nf_conntrack_ftp_fini); diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c index 9ff34630..0e0e9d7 100644 --- a/net/netfilter/nf_conntrack_netlink.c +++ b/net/netfilter/nf_conntrack_netlink.c @@ -2,9 +2,9 @@ * protocol helpers and general trouble making from userspace. * * (C) 2001 by Jay Schulist <jschlst@samba.org> - * (C) 2002-2005 by Harald Welte <laforge@gnumonks.org> + * (C) 2002-2006 by Harald Welte <laforge@gnumonks.org> * (C) 2003 by Patrick Mchardy <kaber@trash.net> - * (C) 2005 by Pablo Neira Ayuso <pablo@eurodev.net> + * (C) 2005-2006 by Pablo Neira Ayuso <pablo@eurodev.net> * * I've reworked this stuff to use attributes instead of conntrack * structures. 5.44 am. I need more tea. --pablo 05/07/11. @@ -44,7 +44,7 @@ MODULE_LICENSE("GPL"); -static char __initdata version[] = "0.92"; +static char __initdata version[] = "0.93"; #if 0 #define DEBUGP printk @@ -55,20 +55,18 @@ static char __initdata version[] = "0.92"; static inline int ctnetlink_dump_tuples_proto(struct sk_buff *skb, - const struct nf_conntrack_tuple *tuple) + const struct nf_conntrack_tuple *tuple, + struct nf_conntrack_protocol *proto) { - struct nf_conntrack_protocol *proto; int ret = 0; + struct nfattr *nest_parms = NFA_NEST(skb, CTA_TUPLE_PROTO); NFA_PUT(skb, CTA_PROTO_NUM, sizeof(u_int8_t), &tuple->dst.protonum); - /* If no protocol helper is found, this function will return the - * generic protocol helper, so proto won't *ever* be NULL */ - proto = nf_ct_proto_find_get(tuple->src.l3num, tuple->dst.protonum); if (likely(proto->tuple_to_nfattr)) ret = proto->tuple_to_nfattr(skb, tuple); - nf_ct_proto_put(proto); + NFA_NEST_END(skb, nest_parms); return ret; @@ -77,33 +75,44 @@ nfattr_failure: } static inline int -ctnetlink_dump_tuples(struct sk_buff *skb, - const struct nf_conntrack_tuple *tuple) +ctnetlink_dump_tuples_ip(struct sk_buff *skb, + const struct nf_conntrack_tuple *tuple, + struct nf_conntrack_l3proto *l3proto) { - struct nfattr *nest_parms; - struct nf_conntrack_l3proto *l3proto; int ret = 0; - - l3proto = nf_ct_l3proto_find_get(tuple->src.l3num); - - nest_parms = NFA_NEST(skb, CTA_TUPLE_IP); + struct nfattr *nest_parms = NFA_NEST(skb, CTA_TUPLE_IP); + if (likely(l3proto->tuple_to_nfattr)) ret = l3proto->tuple_to_nfattr(skb, tuple); + NFA_NEST_END(skb, nest_parms); + return ret; + +nfattr_failure: + return -1; +} + +static inline int +ctnetlink_dump_tuples(struct sk_buff *skb, + const struct nf_conntrack_tuple *tuple) +{ + int ret; + struct nf_conntrack_l3proto *l3proto; + struct nf_conntrack_protocol *proto; + + l3proto = nf_ct_l3proto_find_get(tuple->src.l3num); + ret = ctnetlink_dump_tuples_ip(skb, tuple, l3proto); nf_ct_l3proto_put(l3proto); if (unlikely(ret < 0)) return ret; - nest_parms = NFA_NEST(skb, CTA_TUPLE_PROTO); - ret = ctnetlink_dump_tuples_proto(skb, tuple); - NFA_NEST_END(skb, nest_parms); + proto = nf_ct_proto_find_get(tuple->src.l3num, tuple->dst.protonum); + ret = ctnetlink_dump_tuples_proto(skb, tuple, proto); + nf_ct_proto_put(proto); return ret; - -nfattr_failure: - return -1; } static inline int @@ -165,15 +174,16 @@ static inline int ctnetlink_dump_helpinfo(struct sk_buff *skb, const struct nf_conn *ct) { struct nfattr *nest_helper; + const struct nf_conn_help *help = nfct_help(ct); - if (!ct->helper) + if (!help || !help->helper) return 0; nest_helper = NFA_NEST(skb, CTA_HELP); - NFA_PUT(skb, CTA_HELP_NAME, strlen(ct->helper->name), ct->helper->name); + NFA_PUT(skb, CTA_HELP_NAME, strlen(help->helper->name), help->helper->name); - if (ct->helper->to_nfattr) - ct->helper->to_nfattr(skb, ct); + if (help->helper->to_nfattr) + help->helper->to_nfattr(skb, ct); NFA_NEST_END(skb, nest_helper); @@ -337,9 +347,10 @@ static int ctnetlink_conntrack_event(struct notifier_block *this, group = NFNLGRP_CONNTRACK_UPDATE; } else return NOTIFY_DONE; - - /* FIXME: Check if there are any listeners before, don't hurt performance */ - + + if (!nfnetlink_has_listeners(group)) + return NOTIFY_DONE; + skb = alloc_skb(NLMSG_GOODSIZE, GFP_ATOMIC); if (!skb) return NOTIFY_DONE; @@ -903,11 +914,17 @@ static inline int ctnetlink_change_helper(struct nf_conn *ct, struct nfattr *cda[]) { struct nf_conntrack_helper *helper; + struct nf_conn_help *help = nfct_help(ct); char *helpname; int err; DEBUGP("entered %s\n", __FUNCTION__); + if (!help) { + /* FIXME: we need to reallocate and rehash */ + return -EBUSY; + } + /* don't change helper of sibling connections */ if (ct->master) return -EINVAL; @@ -924,18 +941,18 @@ ctnetlink_change_helper(struct nf_conn *ct, struct nfattr *cda[]) return -EINVAL; } - if (ct->helper) { + if (help->helper) { if (!helper) { /* we had a helper before ... */ nf_ct_remove_expectations(ct); - ct->helper = NULL; + help->helper = NULL; } else { /* need to zero data of old helper */ - memset(&ct->help, 0, sizeof(ct->help)); + memset(&help->help, 0, sizeof(help->help)); } } - ct->helper = helper; + help->helper = helper; return 0; } @@ -1050,14 +1067,9 @@ ctnetlink_create_conntrack(struct nfattr *cda[], ct->mark = ntohl(*(u_int32_t *)NFA_DATA(cda[CTA_MARK-1])); #endif - ct->helper = nf_ct_helper_find_get(rtuple); - add_timer(&ct->timeout); nf_conntrack_hash_insert(ct); - if (ct->helper) - nf_ct_helper_put(ct->helper); - DEBUGP("conntrack with id %u inserted\n", ct->id); return 0; @@ -1150,6 +1162,37 @@ nfattr_failure: } static inline int +ctnetlink_exp_dump_mask(struct sk_buff *skb, + const struct nf_conntrack_tuple *tuple, + const struct nf_conntrack_tuple *mask) +{ + int ret; + struct nf_conntrack_l3proto *l3proto; + struct nf_conntrack_protocol *proto; + struct nfattr *nest_parms = NFA_NEST(skb, CTA_EXPECT_MASK); + + l3proto = nf_ct_l3proto_find_get(tuple->src.l3num); + ret = ctnetlink_dump_tuples_ip(skb, mask, l3proto); + nf_ct_l3proto_put(l3proto); + + if (unlikely(ret < 0)) + goto nfattr_failure; + + proto = nf_ct_proto_find_get(tuple->src.l3num, tuple->dst.protonum); + ret = ctnetlink_dump_tuples_proto(skb, mask, proto); + nf_ct_proto_put(proto); + if (unlikely(ret < 0)) + goto nfattr_failure; + + NFA_NEST_END(skb, nest_parms); + + return 0; + +nfattr_failure: + return -1; +} + +static inline int ctnetlink_exp_dump_expect(struct sk_buff *skb, const struct nf_conntrack_expect *exp) { @@ -1159,7 +1202,7 @@ ctnetlink_exp_dump_expect(struct sk_buff *skb, if (ctnetlink_exp_dump_tuple(skb, &exp->tuple, CTA_EXPECT_TUPLE) < 0) goto nfattr_failure; - if (ctnetlink_exp_dump_tuple(skb, &exp->mask, CTA_EXPECT_MASK) < 0) + if (ctnetlink_exp_dump_mask(skb, &exp->tuple, &exp->mask) < 0) goto nfattr_failure; if (ctnetlink_exp_dump_tuple(skb, &master->tuplehash[IP_CT_DIR_ORIGINAL].tuple, @@ -1417,7 +1460,8 @@ ctnetlink_del_expect(struct sock *ctnl, struct sk_buff *skb, } list_for_each_entry_safe(exp, tmp, &nf_conntrack_expect_list, list) { - if (exp->master->helper == h + struct nf_conn_help *m_help = nfct_help(exp->master); + if (m_help->helper == h && del_timer(&exp->timeout)) { nf_ct_unlink_expect(exp); nf_conntrack_expect_put(exp); @@ -1452,6 +1496,7 @@ ctnetlink_create_expect(struct nfattr *cda[], u_int8_t u3) struct nf_conntrack_tuple_hash *h = NULL; struct nf_conntrack_expect *exp; struct nf_conn *ct; + struct nf_conn_help *help; int err = 0; DEBUGP("entered %s\n", __FUNCTION__); @@ -1472,8 +1517,9 @@ ctnetlink_create_expect(struct nfattr *cda[], u_int8_t u3) if (!h) return -ENOENT; ct = nf_ct_tuplehash_to_ctrack(h); + help = nfct_help(ct); - if (!ct->helper) { + if (!help || !help->helper) { /* such conntrack hasn't got any helper, abort */ err = -EINVAL; goto out; diff --git a/net/netfilter/nf_conntrack_proto_sctp.c b/net/netfilter/nf_conntrack_proto_sctp.c index cf798e6..9cccc32 100644 --- a/net/netfilter/nf_conntrack_proto_sctp.c +++ b/net/netfilter/nf_conntrack_proto_sctp.c @@ -615,7 +615,7 @@ static ctl_table nf_ct_net_table[] = { static struct ctl_table_header *nf_ct_sysctl_header; #endif -int __init init(void) +int __init nf_conntrack_proto_sctp_init(void) { int ret; @@ -652,7 +652,7 @@ int __init init(void) return ret; } -void __exit fini(void) +void __exit nf_conntrack_proto_sctp_fini(void) { nf_conntrack_protocol_unregister(&nf_conntrack_protocol_sctp6); nf_conntrack_protocol_unregister(&nf_conntrack_protocol_sctp4); @@ -662,8 +662,8 @@ void __exit fini(void) DEBUGP("SCTP conntrack module unloaded\n"); } -module_init(init); -module_exit(fini); +module_init(nf_conntrack_proto_sctp_init); +module_exit(nf_conntrack_proto_sctp_fini); MODULE_LICENSE("GPL"); MODULE_AUTHOR("Kiran Kumar Immidi"); diff --git a/net/netfilter/nf_conntrack_standalone.c b/net/netfilter/nf_conntrack_standalone.c index 617599a..c72aa3c 100644 --- a/net/netfilter/nf_conntrack_standalone.c +++ b/net/netfilter/nf_conntrack_standalone.c @@ -806,18 +806,18 @@ void nf_conntrack_protocol_unregister(struct nf_conntrack_protocol *proto) nf_ct_iterate_cleanup(kill_proto, proto); } -static int __init init(void) +static int __init nf_conntrack_standalone_init(void) { return init_or_cleanup(1); } -static void __exit fini(void) +static void __exit nf_conntrack_standalone_fini(void) { init_or_cleanup(0); } -module_init(init); -module_exit(fini); +module_init(nf_conntrack_standalone_init); +module_exit(nf_conntrack_standalone_fini); /* Some modules need us, but don't depend directly on any symbol. They should call this. */ @@ -834,12 +834,13 @@ EXPORT_SYMBOL_GPL(__nf_ct_event_cache_init); EXPORT_PER_CPU_SYMBOL_GPL(nf_conntrack_ecache); EXPORT_SYMBOL_GPL(nf_ct_deliver_cached_events); #endif +EXPORT_SYMBOL(nf_ct_l3proto_try_module_get); +EXPORT_SYMBOL(nf_ct_l3proto_module_put); EXPORT_SYMBOL(nf_conntrack_l3proto_register); EXPORT_SYMBOL(nf_conntrack_l3proto_unregister); EXPORT_SYMBOL(nf_conntrack_protocol_register); EXPORT_SYMBOL(nf_conntrack_protocol_unregister); EXPORT_SYMBOL(nf_ct_invert_tuplepr); -EXPORT_SYMBOL(nf_conntrack_alter_reply); EXPORT_SYMBOL(nf_conntrack_destroyed); EXPORT_SYMBOL(need_conntrack); EXPORT_SYMBOL(nf_conntrack_helper_register); diff --git a/net/netfilter/nf_sockopt.c b/net/netfilter/nf_sockopt.c index 61a833a..0a63d7d 100644 --- a/net/netfilter/nf_sockopt.c +++ b/net/netfilter/nf_sockopt.c @@ -4,6 +4,7 @@ #include <linux/module.h> #include <linux/skbuff.h> #include <linux/netfilter.h> +#include <linux/mutex.h> #include <net/sock.h> #include "nf_internals.h" @@ -11,7 +12,7 @@ /* Sockopts only registered and called from user context, so net locking would be overkill. Also, [gs]etsockopt calls may sleep. */ -static DECLARE_MUTEX(nf_sockopt_mutex); +static DEFINE_MUTEX(nf_sockopt_mutex); static LIST_HEAD(nf_sockopts); /* Do exclusive ranges overlap? */ @@ -26,7 +27,7 @@ int nf_register_sockopt(struct nf_sockopt_ops *reg) struct list_head *i; int ret = 0; - if (down_interruptible(&nf_sockopt_mutex) != 0) + if (mutex_lock_interruptible(&nf_sockopt_mutex) != 0) return -EINTR; list_for_each(i, &nf_sockopts) { @@ -48,7 +49,7 @@ int nf_register_sockopt(struct nf_sockopt_ops *reg) list_add(®->list, &nf_sockopts); out: - up(&nf_sockopt_mutex); + mutex_unlock(&nf_sockopt_mutex); return ret; } EXPORT_SYMBOL(nf_register_sockopt); @@ -57,18 +58,18 @@ void nf_unregister_sockopt(struct nf_sockopt_ops *reg) { /* No point being interruptible: we're probably in cleanup_module() */ restart: - down(&nf_sockopt_mutex); + mutex_lock(&nf_sockopt_mutex); if (reg->use != 0) { /* To be woken by nf_sockopt call... */ /* FIXME: Stuart Young's name appears gratuitously. */ set_current_state(TASK_UNINTERRUPTIBLE); reg->cleanup_task = current; - up(&nf_sockopt_mutex); + mutex_unlock(&nf_sockopt_mutex); schedule(); goto restart; } list_del(®->list); - up(&nf_sockopt_mutex); + mutex_unlock(&nf_sockopt_mutex); } EXPORT_SYMBOL(nf_unregister_sockopt); @@ -80,7 +81,7 @@ static int nf_sockopt(struct sock *sk, int pf, int val, struct nf_sockopt_ops *ops; int ret; - if (down_interruptible(&nf_sockopt_mutex) != 0) + if (mutex_lock_interruptible(&nf_sockopt_mutex) != 0) return -EINTR; list_for_each(i, &nf_sockopts) { @@ -90,7 +91,7 @@ static int nf_sockopt(struct sock *sk, int pf, int val, if (val >= ops->get_optmin && val < ops->get_optmax) { ops->use++; - up(&nf_sockopt_mutex); + mutex_unlock(&nf_sockopt_mutex); ret = ops->get(sk, val, opt, len); goto out; } @@ -98,22 +99,22 @@ static int nf_sockopt(struct sock *sk, int pf, int val, if (val >= ops->set_optmin && val < ops->set_optmax) { ops->use++; - up(&nf_sockopt_mutex); + mutex_unlock(&nf_sockopt_mutex); ret = ops->set(sk, val, opt, *len); goto out; } } } } - up(&nf_sockopt_mutex); + mutex_unlock(&nf_sockopt_mutex); return -ENOPROTOOPT; out: - down(&nf_sockopt_mutex); + mutex_lock(&nf_sockopt_mutex); ops->use--; if (ops->cleanup_task) wake_up_process(ops->cleanup_task); - up(&nf_sockopt_mutex); + mutex_unlock(&nf_sockopt_mutex); return ret; } @@ -130,3 +131,72 @@ int nf_getsockopt(struct sock *sk, int pf, int val, char __user *opt, int *len) } EXPORT_SYMBOL(nf_getsockopt); +#ifdef CONFIG_COMPAT +static int compat_nf_sockopt(struct sock *sk, int pf, int val, + char __user *opt, int *len, int get) +{ + struct list_head *i; + struct nf_sockopt_ops *ops; + int ret; + + if (mutex_lock_interruptible(&nf_sockopt_mutex) != 0) + return -EINTR; + + list_for_each(i, &nf_sockopts) { + ops = (struct nf_sockopt_ops *)i; + if (ops->pf == pf) { + if (get) { + if (val >= ops->get_optmin + && val < ops->get_optmax) { + ops->use++; + mutex_unlock(&nf_sockopt_mutex); + if (ops->compat_get) + ret = ops->compat_get(sk, + val, opt, len); + else + ret = ops->get(sk, + val, opt, len); + goto out; + } + } else { + if (val >= ops->set_optmin + && val < ops->set_optmax) { + ops->use++; + mutex_unlock(&nf_sockopt_mutex); + if (ops->compat_set) + ret = ops->compat_set(sk, + val, opt, *len); + else + ret = ops->set(sk, + val, opt, *len); + goto out; + } + } + } + } + mutex_unlock(&nf_sockopt_mutex); + return -ENOPROTOOPT; + + out: + mutex_lock(&nf_sockopt_mutex); + ops->use--; + if (ops->cleanup_task) + wake_up_process(ops->cleanup_task); + mutex_unlock(&nf_sockopt_mutex); + return ret; +} + +int compat_nf_setsockopt(struct sock *sk, int pf, + int val, char __user *opt, int len) +{ + return compat_nf_sockopt(sk, pf, val, opt, &len, 0); +} +EXPORT_SYMBOL(compat_nf_setsockopt); + +int compat_nf_getsockopt(struct sock *sk, int pf, + int val, char __user *opt, int *len) +{ + return compat_nf_sockopt(sk, pf, val, opt, len, 1); +} +EXPORT_SYMBOL(compat_nf_getsockopt); +#endif diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c index f6063e8..b88e82a 100644 --- a/net/netfilter/nfnetlink.c +++ b/net/netfilter/nfnetlink.c @@ -191,6 +191,12 @@ nfnetlink_check_attributes(struct nfnetlink_subsystem *subsys, return 0; } +int nfnetlink_has_listeners(unsigned int group) +{ + return netlink_has_listeners(nfnl, group); +} +EXPORT_SYMBOL_GPL(nfnetlink_has_listeners); + int nfnetlink_send(struct sk_buff *skb, u32 pid, unsigned group, int echo) { gfp_t allocation = in_interrupt() ? GFP_ATOMIC : GFP_KERNEL; diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c index 3b3c781..3e3f544 100644 --- a/net/netfilter/nfnetlink_log.c +++ b/net/netfilter/nfnetlink_log.c @@ -11,6 +11,10 @@ * it under the terms of the GNU General Public License version 2 as * published by the Free Software Foundation. * + * 2006-01-26 Harald Welte <laforge@netfilter.org> + * - Add optional local and global sequence number to detect lost + * events from userspace + * */ #include <linux/module.h> #include <linux/skbuff.h> @@ -68,11 +72,14 @@ struct nfulnl_instance { unsigned int nlbufsiz; /* netlink buffer allocation size */ unsigned int qthreshold; /* threshold of the queue */ u_int32_t copy_range; + u_int32_t seq; /* instance-local sequential counter */ u_int16_t group_num; /* number of this queue */ + u_int16_t flags; u_int8_t copy_mode; }; static DEFINE_RWLOCK(instances_lock); +static atomic_t global_seq; #define INSTANCE_BUCKETS 16 static struct hlist_head instance_table[INSTANCE_BUCKETS]; @@ -310,6 +317,16 @@ nfulnl_set_qthresh(struct nfulnl_instance *inst, u_int32_t qthresh) return 0; } +static int +nfulnl_set_flags(struct nfulnl_instance *inst, u_int16_t flags) +{ + spin_lock_bh(&inst->lock); + inst->flags = ntohs(flags); + spin_unlock_bh(&inst->lock); + + return 0; +} + static struct sk_buff *nfulnl_alloc_skb(unsigned int inst_size, unsigned int pkt_size) { @@ -377,6 +394,8 @@ static void nfulnl_timer(unsigned long data) spin_unlock_bh(&inst->lock); } +/* This is an inline function, we don't really care about a long + * list of arguments */ static inline int __build_packet_message(struct nfulnl_instance *inst, const struct sk_buff *skb, @@ -515,6 +534,17 @@ __build_packet_message(struct nfulnl_instance *inst, read_unlock_bh(&skb->sk->sk_callback_lock); } + /* local sequence number */ + if (inst->flags & NFULNL_CFG_F_SEQ) { + tmp_uint = htonl(inst->seq++); + NFA_PUT(inst->skb, NFULA_SEQ, sizeof(tmp_uint), &tmp_uint); + } + /* global sequence number */ + if (inst->flags & NFULNL_CFG_F_SEQ_GLOBAL) { + tmp_uint = atomic_inc_return(&global_seq); + NFA_PUT(inst->skb, NFULA_SEQ_GLOBAL, sizeof(tmp_uint), &tmp_uint); + } + if (data_len) { struct nfattr *nfa; int size = NFA_LENGTH(data_len); @@ -607,6 +637,11 @@ nfulnl_log_packet(unsigned int pf, spin_lock_bh(&inst->lock); + if (inst->flags & NFULNL_CFG_F_SEQ) + size += NFA_SPACE(sizeof(u_int32_t)); + if (inst->flags & NFULNL_CFG_F_SEQ_GLOBAL) + size += NFA_SPACE(sizeof(u_int32_t)); + qthreshold = inst->qthreshold; /* per-rule qthreshold overrides per-instance */ if (qthreshold > li->u.ulog.qthreshold) @@ -736,10 +771,14 @@ static const int nfula_min[NFULA_MAX] = { [NFULA_TIMESTAMP-1] = sizeof(struct nfulnl_msg_packet_timestamp), [NFULA_IFINDEX_INDEV-1] = sizeof(u_int32_t), [NFULA_IFINDEX_OUTDEV-1]= sizeof(u_int32_t), + [NFULA_IFINDEX_PHYSINDEV-1] = sizeof(u_int32_t), + [NFULA_IFINDEX_PHYSOUTDEV-1] = sizeof(u_int32_t), [NFULA_HWADDR-1] = sizeof(struct nfulnl_msg_packet_hw), [NFULA_PAYLOAD-1] = 0, [NFULA_PREFIX-1] = 0, [NFULA_UID-1] = sizeof(u_int32_t), + [NFULA_SEQ-1] = sizeof(u_int32_t), + [NFULA_SEQ_GLOBAL-1] = sizeof(u_int32_t), }; static const int nfula_cfg_min[NFULA_CFG_MAX] = { @@ -748,6 +787,7 @@ static const int nfula_cfg_min[NFULA_CFG_MAX] = { [NFULA_CFG_TIMEOUT-1] = sizeof(u_int32_t), [NFULA_CFG_QTHRESH-1] = sizeof(u_int32_t), [NFULA_CFG_NLBUFSIZ-1] = sizeof(u_int32_t), + [NFULA_CFG_FLAGS-1] = sizeof(u_int16_t), }; static int @@ -859,6 +899,12 @@ nfulnl_recv_config(struct sock *ctnl, struct sk_buff *skb, nfulnl_set_qthresh(inst, ntohl(qthresh)); } + if (nfula[NFULA_CFG_FLAGS-1]) { + u_int16_t flags = + *(u_int16_t *)NFA_DATA(nfula[NFULA_CFG_FLAGS-1]); + nfulnl_set_flags(inst, ntohl(flags)); + } + out_put: instance_put(inst); return ret; @@ -1035,13 +1081,13 @@ cleanup_netlink_notifier: return status; } -static int __init init(void) +static int __init nfnetlink_log_init(void) { return init_or_cleanup(1); } -static void __exit fini(void) +static void __exit nfnetlink_log_fini(void) { init_or_cleanup(0); } @@ -1051,5 +1097,5 @@ MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>"); MODULE_LICENSE("GPL"); MODULE_ALIAS_NFNL_SUBSYS(NFNL_SUBSYS_ULOG); -module_init(init); -module_exit(fini); +module_init(nfnetlink_log_init); +module_exit(nfnetlink_log_fini); diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c index 2cf5fb8..d0e62f6 100644 --- a/net/netfilter/nfnetlink_queue.c +++ b/net/netfilter/nfnetlink_queue.c @@ -354,16 +354,17 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue, QDEBUG("entered\n"); /* all macros expand to constant values at compile time */ - size = NLMSG_SPACE(sizeof(struct nfqnl_msg_packet_hdr)) - + NLMSG_SPACE(sizeof(u_int32_t)) /* ifindex */ - + NLMSG_SPACE(sizeof(u_int32_t)) /* ifindex */ + size = NLMSG_SPACE(sizeof(struct nfgenmsg)) + + + NFA_SPACE(sizeof(struct nfqnl_msg_packet_hdr)) + + NFA_SPACE(sizeof(u_int32_t)) /* ifindex */ + + NFA_SPACE(sizeof(u_int32_t)) /* ifindex */ #ifdef CONFIG_BRIDGE_NETFILTER - + NLMSG_SPACE(sizeof(u_int32_t)) /* ifindex */ - + NLMSG_SPACE(sizeof(u_int32_t)) /* ifindex */ + + NFA_SPACE(sizeof(u_int32_t)) /* ifindex */ + + NFA_SPACE(sizeof(u_int32_t)) /* ifindex */ #endif - + NLMSG_SPACE(sizeof(u_int32_t)) /* mark */ - + NLMSG_SPACE(sizeof(struct nfqnl_msg_packet_hw)) - + NLMSG_SPACE(sizeof(struct nfqnl_msg_packet_timestamp)); + + NFA_SPACE(sizeof(u_int32_t)) /* mark */ + + NFA_SPACE(sizeof(struct nfqnl_msg_packet_hw)) + + NFA_SPACE(sizeof(struct nfqnl_msg_packet_timestamp)); outdev = entinf->outdev; @@ -388,7 +389,7 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue, else data_len = queue->copy_range; - size += NLMSG_SPACE(data_len); + size += NFA_SPACE(data_len); break; default: @@ -1116,13 +1117,13 @@ cleanup_netlink_notifier: return status; } -static int __init init(void) +static int __init nfnetlink_queue_init(void) { return init_or_cleanup(1); } -static void __exit fini(void) +static void __exit nfnetlink_queue_fini(void) { init_or_cleanup(0); } @@ -1132,5 +1133,5 @@ MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>"); MODULE_LICENSE("GPL"); MODULE_ALIAS_NFNL_SUBSYS(NFNL_SUBSYS_QUEUE); -module_init(init); -module_exit(fini); +module_init(nfnetlink_queue_init); +module_exit(nfnetlink_queue_fini); diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c index d7817af..a657ab5 100644 --- a/net/netfilter/x_tables.c +++ b/net/netfilter/x_tables.c @@ -21,10 +21,12 @@ #include <linux/seq_file.h> #include <linux/string.h> #include <linux/vmalloc.h> +#include <linux/mutex.h> #include <linux/netfilter/x_tables.h> #include <linux/netfilter_arp.h> + MODULE_LICENSE("GPL"); MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>"); MODULE_DESCRIPTION("[ip,ip6,arp]_tables backend module"); @@ -32,7 +34,7 @@ MODULE_DESCRIPTION("[ip,ip6,arp]_tables backend module"); #define SMP_ALIGN(x) (((x) + SMP_CACHE_BYTES-1) & ~(SMP_CACHE_BYTES-1)) struct xt_af { - struct semaphore mutex; + struct mutex mutex; struct list_head match; struct list_head target; struct list_head tables; @@ -52,52 +54,62 @@ enum { MATCH, }; +static const char *xt_prefix[NPROTO] = { + [AF_INET] = "ip", + [AF_INET6] = "ip6", + [NF_ARP] = "arp", +}; + /* Registration hooks for targets. */ int -xt_register_target(int af, struct xt_target *target) +xt_register_target(struct xt_target *target) { - int ret; + int ret, af = target->family; - ret = down_interruptible(&xt[af].mutex); + ret = mutex_lock_interruptible(&xt[af].mutex); if (ret != 0) return ret; list_add(&target->list, &xt[af].target); - up(&xt[af].mutex); + mutex_unlock(&xt[af].mutex); return ret; } EXPORT_SYMBOL(xt_register_target); void -xt_unregister_target(int af, struct xt_target *target) +xt_unregister_target(struct xt_target *target) { - down(&xt[af].mutex); + int af = target->family; + + mutex_lock(&xt[af].mutex); LIST_DELETE(&xt[af].target, target); - up(&xt[af].mutex); + mutex_unlock(&xt[af].mutex); } EXPORT_SYMBOL(xt_unregister_target); int -xt_register_match(int af, struct xt_match *match) +xt_register_match(struct xt_match *match) { - int ret; + int ret, af = match->family; - ret = down_interruptible(&xt[af].mutex); + ret = mutex_lock_interruptible(&xt[af].mutex); if (ret != 0) return ret; list_add(&match->list, &xt[af].match); - up(&xt[af].mutex); + mutex_unlock(&xt[af].mutex); return ret; } EXPORT_SYMBOL(xt_register_match); void -xt_unregister_match(int af, struct xt_match *match) +xt_unregister_match(struct xt_match *match) { - down(&xt[af].mutex); + int af = match->family; + + mutex_lock(&xt[af].mutex); LIST_DELETE(&xt[af].match, match); - up(&xt[af].mutex); + mutex_unlock(&xt[af].mutex); } EXPORT_SYMBOL(xt_unregister_match); @@ -114,21 +126,21 @@ struct xt_match *xt_find_match(int af, const char *name, u8 revision) struct xt_match *m; int err = 0; - if (down_interruptible(&xt[af].mutex) != 0) + if (mutex_lock_interruptible(&xt[af].mutex) != 0) return ERR_PTR(-EINTR); list_for_each_entry(m, &xt[af].match, list) { if (strcmp(m->name, name) == 0) { if (m->revision == revision) { if (try_module_get(m->me)) { - up(&xt[af].mutex); + mutex_unlock(&xt[af].mutex); return m; } } else err = -EPROTOTYPE; /* Found something. */ } } - up(&xt[af].mutex); + mutex_unlock(&xt[af].mutex); return ERR_PTR(err); } EXPORT_SYMBOL(xt_find_match); @@ -139,37 +151,31 @@ struct xt_target *xt_find_target(int af, const char *name, u8 revision) struct xt_target *t; int err = 0; - if (down_interruptible(&xt[af].mutex) != 0) + if (mutex_lock_interruptible(&xt[af].mutex) != 0) return ERR_PTR(-EINTR); list_for_each_entry(t, &xt[af].target, list) { if (strcmp(t->name, name) == 0) { if (t->revision == revision) { if (try_module_get(t->me)) { - up(&xt[af].mutex); + mutex_unlock(&xt[af].mutex); return t; } } else err = -EPROTOTYPE; /* Found something. */ } } - up(&xt[af].mutex); + mutex_unlock(&xt[af].mutex); return ERR_PTR(err); } EXPORT_SYMBOL(xt_find_target); -static const char *xt_prefix[NPROTO] = { - [AF_INET] = "ipt_%s", - [AF_INET6] = "ip6t_%s", - [NF_ARP] = "arpt_%s", -}; - struct xt_target *xt_request_find_target(int af, const char *name, u8 revision) { struct xt_target *target; target = try_then_request_module(xt_find_target(af, name, revision), - xt_prefix[af], name); + "%st_%s", xt_prefix[af], name); if (IS_ERR(target) || !target) return NULL; return target; @@ -214,7 +220,7 @@ int xt_find_revision(int af, const char *name, u8 revision, int target, { int have_rev, best = -1; - if (down_interruptible(&xt[af].mutex) != 0) { + if (mutex_lock_interruptible(&xt[af].mutex) != 0) { *err = -EINTR; return 1; } @@ -222,7 +228,7 @@ int xt_find_revision(int af, const char *name, u8 revision, int target, have_rev = target_revfn(af, name, revision, &best); else have_rev = match_revfn(af, name, revision, &best); - up(&xt[af].mutex); + mutex_unlock(&xt[af].mutex); /* Nothing at all? Return 0 to try loading module. */ if (best == -1) { @@ -237,6 +243,64 @@ int xt_find_revision(int af, const char *name, u8 revision, int target, } EXPORT_SYMBOL_GPL(xt_find_revision); +int xt_check_match(const struct xt_match *match, unsigned short family, + unsigned int size, const char *table, unsigned int hook_mask, + unsigned short proto, int inv_proto) +{ + if (XT_ALIGN(match->matchsize) != size) { + printk("%s_tables: %s match: invalid size %Zu != %u\n", + xt_prefix[family], match->name, + XT_ALIGN(match->matchsize), size); + return -EINVAL; + } + if (match->table && strcmp(match->table, table)) { + printk("%s_tables: %s match: only valid in %s table, not %s\n", + xt_prefix[family], match->name, match->table, table); + return -EINVAL; + } + if (match->hooks && (hook_mask & ~match->hooks) != 0) { + printk("%s_tables: %s match: bad hook_mask %u\n", + xt_prefix[family], match->name, hook_mask); + return -EINVAL; + } + if (match->proto && (match->proto != proto || inv_proto)) { + printk("%s_tables: %s match: only valid for protocol %u\n", + xt_prefix[family], match->name, match->proto); + return -EINVAL; + } + return 0; +} +EXPORT_SYMBOL_GPL(xt_check_match); + +int xt_check_target(const struct xt_target *target, unsigned short family, + unsigned int size, const char *table, unsigned int hook_mask, + unsigned short proto, int inv_proto) +{ + if (XT_ALIGN(target->targetsize) != size) { + printk("%s_tables: %s target: invalid size %Zu != %u\n", + xt_prefix[family], target->name, + XT_ALIGN(target->targetsize), size); + return -EINVAL; + } + if (target->table && strcmp(target->table, table)) { + printk("%s_tables: %s target: only valid in %s table, not %s\n", + xt_prefix[family], target->name, target->table, table); + return -EINVAL; + } + if (target->hooks && (hook_mask & ~target->hooks) != 0) { + printk("%s_tables: %s target: bad hook_mask %u\n", + xt_prefix[family], target->name, hook_mask); + return -EINVAL; + } + if (target->proto && (target->proto != proto || inv_proto)) { + printk("%s_tables: %s target: only valid for protocol %u\n", + xt_prefix[family], target->name, target->proto); + return -EINVAL; + } + return 0; +} +EXPORT_SYMBOL_GPL(xt_check_target); + struct xt_table_info *xt_alloc_table_info(unsigned int size) { struct xt_table_info *newinfo; @@ -290,20 +354,20 @@ struct xt_table *xt_find_table_lock(int af, const char *name) { struct xt_table *t; - if (down_interruptible(&xt[af].mutex) != 0) + if (mutex_lock_interruptible(&xt[af].mutex) != 0) return ERR_PTR(-EINTR); list_for_each_entry(t, &xt[af].tables, list) if (strcmp(t->name, name) == 0 && try_module_get(t->me)) return t; - up(&xt[af].mutex); + mutex_unlock(&xt[af].mutex); return NULL; } EXPORT_SYMBOL_GPL(xt_find_table_lock); void xt_table_unlock(struct xt_table *table) { - up(&xt[table->af].mutex); + mutex_unlock(&xt[table->af].mutex); } EXPORT_SYMBOL_GPL(xt_table_unlock); @@ -343,7 +407,7 @@ int xt_register_table(struct xt_table *table, int ret; struct xt_table_info *private; - ret = down_interruptible(&xt[table->af].mutex); + ret = mutex_lock_interruptible(&xt[table->af].mutex); if (ret != 0) return ret; @@ -369,7 +433,7 @@ int xt_register_table(struct xt_table *table, ret = 0; unlock: - up(&xt[table->af].mutex); + mutex_unlock(&xt[table->af].mutex); return ret; } EXPORT_SYMBOL_GPL(xt_register_table); @@ -378,10 +442,10 @@ void *xt_unregister_table(struct xt_table *table) { struct xt_table_info *private; - down(&xt[table->af].mutex); + mutex_lock(&xt[table->af].mutex); private = table->private; LIST_DELETE(&xt[table->af].tables, table); - up(&xt[table->af].mutex); + mutex_unlock(&xt[table->af].mutex); return private; } @@ -445,7 +509,7 @@ static void *xt_tgt_seq_start(struct seq_file *seq, loff_t *pos) if (!list) return NULL; - if (down_interruptible(&xt[af].mutex) != 0) + if (mutex_lock_interruptible(&xt[af].mutex) != 0) return NULL; return xt_get_idx(list, seq, *pos); @@ -474,7 +538,7 @@ static void xt_tgt_seq_stop(struct seq_file *seq, void *v) struct proc_dir_entry *pde = seq->private; u_int16_t af = (unsigned long)pde->data & 0xffff; - up(&xt[af].mutex); + mutex_unlock(&xt[af].mutex); } static int xt_name_seq_show(struct seq_file *seq, void *v) @@ -606,7 +670,7 @@ static int __init xt_init(void) return -ENOMEM; for (i = 0; i < NPROTO; i++) { - init_MUTEX(&xt[i].mutex); + mutex_init(&xt[i].mutex); INIT_LIST_HEAD(&xt[i].target); INIT_LIST_HEAD(&xt[i].match); INIT_LIST_HEAD(&xt[i].tables); diff --git a/net/netfilter/xt_CLASSIFY.c b/net/netfilter/xt_CLASSIFY.c index 78ee266..e54e577 100644 --- a/net/netfilter/xt_CLASSIFY.c +++ b/net/netfilter/xt_CLASSIFY.c @@ -28,6 +28,7 @@ target(struct sk_buff **pskb, const struct net_device *in, const struct net_device *out, unsigned int hooknum, + const struct xt_target *target, const void *targinfo, void *userinfo) { @@ -39,71 +40,48 @@ target(struct sk_buff **pskb, return XT_CONTINUE; } -static int -checkentry(const char *tablename, - const void *e, - void *targinfo, - unsigned int targinfosize, - unsigned int hook_mask) -{ - if (targinfosize != XT_ALIGN(sizeof(struct xt_classify_target_info))){ - printk(KERN_ERR "CLASSIFY: invalid size (%u != %Zu).\n", - targinfosize, - XT_ALIGN(sizeof(struct xt_classify_target_info))); - return 0; - } - - if (hook_mask & ~((1 << NF_IP_LOCAL_OUT) | (1 << NF_IP_FORWARD) | - (1 << NF_IP_POST_ROUTING))) { - printk(KERN_ERR "CLASSIFY: only valid in LOCAL_OUT, FORWARD " - "and POST_ROUTING.\n"); - return 0; - } - - if (strcmp(tablename, "mangle") != 0) { - printk(KERN_ERR "CLASSIFY: can only be called from " - "\"mangle\" table, not \"%s\".\n", - tablename); - return 0; - } - - return 1; -} - static struct xt_target classify_reg = { .name = "CLASSIFY", .target = target, - .checkentry = checkentry, + .targetsize = sizeof(struct xt_classify_target_info), + .table = "mangle", + .hooks = (1 << NF_IP_LOCAL_OUT) | (1 << NF_IP_FORWARD) | + (1 << NF_IP_POST_ROUTING), + .family = AF_INET, .me = THIS_MODULE, }; static struct xt_target classify6_reg = { .name = "CLASSIFY", .target = target, - .checkentry = checkentry, + .targetsize = sizeof(struct xt_classify_target_info), + .table = "mangle", + .hooks = (1 << NF_IP_LOCAL_OUT) | (1 << NF_IP_FORWARD) | + (1 << NF_IP_POST_ROUTING), + .family = AF_INET6, .me = THIS_MODULE, }; -static int __init init(void) +static int __init xt_classify_init(void) { int ret; - ret = xt_register_target(AF_INET, &classify_reg); + ret = xt_register_target(&classify_reg); if (ret) return ret; - ret = xt_register_target(AF_INET6, &classify6_reg); + ret = xt_register_target(&classify6_reg); if (ret) - xt_unregister_target(AF_INET, &classify_reg); + xt_unregister_target(&classify_reg); return ret; } -static void __exit fini(void) +static void __exit xt_classify_fini(void) { - xt_unregister_target(AF_INET, &classify_reg); - xt_unregister_target(AF_INET6, &classify6_reg); + xt_unregister_target(&classify_reg); + xt_unregister_target(&classify6_reg); } -module_init(init); -module_exit(fini); +module_init(xt_classify_init); +module_exit(xt_classify_fini); diff --git a/net/netfilter/xt_CONNMARK.c b/net/netfilter/xt_CONNMARK.c index 22506e3..60c375d 100644 --- a/net/netfilter/xt_CONNMARK.c +++ b/net/netfilter/xt_CONNMARK.c @@ -37,6 +37,7 @@ target(struct sk_buff **pskb, const struct net_device *in, const struct net_device *out, unsigned int hooknum, + const struct xt_target *target, const void *targinfo, void *userinfo) { @@ -74,17 +75,12 @@ target(struct sk_buff **pskb, static int checkentry(const char *tablename, const void *entry, + const struct xt_target *target, void *targinfo, unsigned int targinfosize, unsigned int hook_mask) { struct xt_connmark_target_info *matchinfo = targinfo; - if (targinfosize != XT_ALIGN(sizeof(struct xt_connmark_target_info))) { - printk(KERN_WARNING "CONNMARK: targinfosize %u != %Zu\n", - targinfosize, - XT_ALIGN(sizeof(struct xt_connmark_target_info))); - return 0; - } if (matchinfo->mode == XT_CONNMARK_RESTORE) { if (strcmp(tablename, "mangle") != 0) { @@ -102,40 +98,45 @@ checkentry(const char *tablename, } static struct xt_target connmark_reg = { - .name = "CONNMARK", - .target = &target, - .checkentry = &checkentry, - .me = THIS_MODULE + .name = "CONNMARK", + .target = target, + .targetsize = sizeof(struct xt_connmark_target_info), + .checkentry = checkentry, + .family = AF_INET, + .me = THIS_MODULE }; + static struct xt_target connmark6_reg = { - .name = "CONNMARK", - .target = &target, - .checkentry = &checkentry, - .me = THIS_MODULE + .name = "CONNMARK", + .target = target, + .targetsize = sizeof(struct xt_connmark_target_info), + .checkentry = checkentry, + .family = AF_INET6, + .me = THIS_MODULE }; -static int __init init(void) +static int __init xt_connmark_init(void) { int ret; need_conntrack(); - ret = xt_register_target(AF_INET, &connmark_reg); + ret = xt_register_target(&connmark_reg); if (ret) return ret; - ret = xt_register_target(AF_INET6, &connmark6_reg); + ret = xt_register_target(&connmark6_reg); if (ret) - xt_unregister_target(AF_INET, &connmark_reg); + xt_unregister_target(&connmark_reg); return ret; } -static void __exit fini(void) +static void __exit xt_connmark_fini(void) { - xt_unregister_target(AF_INET, &connmark_reg); - xt_unregister_target(AF_INET6, &connmark6_reg); + xt_unregister_target(&connmark_reg); + xt_unregister_target(&connmark6_reg); } -module_init(init); -module_exit(fini); +module_init(xt_connmark_init); +module_exit(xt_connmark_fini); diff --git a/net/netfilter/xt_MARK.c b/net/netfilter/xt_MARK.c index 0c11ee9..ee9c34e 100644 --- a/net/netfilter/xt_MARK.c +++ b/net/netfilter/xt_MARK.c @@ -26,6 +26,7 @@ target_v0(struct sk_buff **pskb, const struct net_device *in, const struct net_device *out, unsigned int hooknum, + const struct xt_target *target, const void *targinfo, void *userinfo) { @@ -42,6 +43,7 @@ target_v1(struct sk_buff **pskb, const struct net_device *in, const struct net_device *out, unsigned int hooknum, + const struct xt_target *target, const void *targinfo, void *userinfo) { @@ -72,53 +74,30 @@ target_v1(struct sk_buff **pskb, static int checkentry_v0(const char *tablename, const void *entry, + const struct xt_target *target, void *targinfo, unsigned int targinfosize, unsigned int hook_mask) { struct xt_mark_target_info *markinfo = targinfo; - if (targinfosize != XT_ALIGN(sizeof(struct xt_mark_target_info))) { - printk(KERN_WARNING "MARK: targinfosize %u != %Zu\n", - targinfosize, - XT_ALIGN(sizeof(struct xt_mark_target_info))); - return 0; - } - - if (strcmp(tablename, "mangle") != 0) { - printk(KERN_WARNING "MARK: can only be called from \"mangle\" table, not \"%s\"\n", tablename); - return 0; - } - if (markinfo->mark > 0xffffffff) { printk(KERN_WARNING "MARK: Only supports 32bit wide mark\n"); return 0; } - return 1; } static int checkentry_v1(const char *tablename, const void *entry, + const struct xt_target *target, void *targinfo, unsigned int targinfosize, unsigned int hook_mask) { struct xt_mark_target_info_v1 *markinfo = targinfo; - if (targinfosize != XT_ALIGN(sizeof(struct xt_mark_target_info_v1))){ - printk(KERN_WARNING "MARK: targinfosize %u != %Zu\n", - targinfosize, - XT_ALIGN(sizeof(struct xt_mark_target_info_v1))); - return 0; - } - - if (strcmp(tablename, "mangle") != 0) { - printk(KERN_WARNING "MARK: can only be called from \"mangle\" table, not \"%s\"\n", tablename); - return 0; - } - if (markinfo->mode != XT_MARK_SET && markinfo->mode != XT_MARK_AND && markinfo->mode != XT_MARK_OR) { @@ -126,66 +105,73 @@ checkentry_v1(const char *tablename, markinfo->mode); return 0; } - if (markinfo->mark > 0xffffffff) { printk(KERN_WARNING "MARK: Only supports 32bit wide mark\n"); return 0; } - return 1; } static struct xt_target ipt_mark_reg_v0 = { .name = "MARK", .target = target_v0, + .targetsize = sizeof(struct xt_mark_target_info), + .table = "mangle", .checkentry = checkentry_v0, .me = THIS_MODULE, + .family = AF_INET, .revision = 0, }; static struct xt_target ipt_mark_reg_v1 = { .name = "MARK", .target = target_v1, + .targetsize = sizeof(struct xt_mark_target_info_v1), + .table = "mangle", .checkentry = checkentry_v1, .me = THIS_MODULE, + .family = AF_INET, .revision = 1, }; static struct xt_target ip6t_mark_reg_v0 = { .name = "MARK", .target = target_v0, + .targetsize = sizeof(struct xt_mark_target_info), + .table = "mangle", .checkentry = checkentry_v0, .me = THIS_MODULE, + .family = AF_INET6, .revision = 0, }; -static int __init init(void) +static int __init xt_mark_init(void) { int err; - err = xt_register_target(AF_INET, &ipt_mark_reg_v0); + err = xt_register_target(&ipt_mark_reg_v0); if (err) return err; - err = xt_register_target(AF_INET, &ipt_mark_reg_v1); + err = xt_register_target(&ipt_mark_reg_v1); if (err) - xt_unregister_target(AF_INET, &ipt_mark_reg_v0); + xt_unregister_target(&ipt_mark_reg_v0); - err = xt_register_target(AF_INET6, &ip6t_mark_reg_v0); + err = xt_register_target(&ip6t_mark_reg_v0); if (err) { - xt_unregister_target(AF_INET, &ipt_mark_reg_v0); - xt_unregister_target(AF_INET, &ipt_mark_reg_v1); + xt_unregister_target(&ipt_mark_reg_v0); + xt_unregister_target(&ipt_mark_reg_v1); } return err; } -static void __exit fini(void) +static void __exit xt_mark_fini(void) { - xt_unregister_target(AF_INET, &ipt_mark_reg_v0); - xt_unregister_target(AF_INET, &ipt_mark_reg_v1); - xt_unregister_target(AF_INET6, &ip6t_mark_reg_v0); + xt_unregister_target(&ipt_mark_reg_v0); + xt_unregister_target(&ipt_mark_reg_v1); + xt_unregister_target(&ip6t_mark_reg_v0); } -module_init(init); -module_exit(fini); +module_init(xt_mark_init); +module_exit(xt_mark_fini); diff --git a/net/netfilter/xt_NFQUEUE.c b/net/netfilter/xt_NFQUEUE.c index 8b76b6f..86ccceb 100644 --- a/net/netfilter/xt_NFQUEUE.c +++ b/net/netfilter/xt_NFQUEUE.c @@ -28,6 +28,7 @@ target(struct sk_buff **pskb, const struct net_device *in, const struct net_device *out, unsigned int hooknum, + const struct xt_target *target, const void *targinfo, void *userinfo) { @@ -36,72 +37,58 @@ target(struct sk_buff **pskb, return NF_QUEUE_NR(tinfo->queuenum); } -static int -checkentry(const char *tablename, - const void *entry, - void *targinfo, - unsigned int targinfosize, - unsigned int hook_mask) -{ - if (targinfosize != XT_ALIGN(sizeof(struct xt_NFQ_info))) { - printk(KERN_WARNING "NFQUEUE: targinfosize %u != %Zu\n", - targinfosize, - XT_ALIGN(sizeof(struct xt_NFQ_info))); - return 0; - } - - return 1; -} - static struct xt_target ipt_NFQ_reg = { .name = "NFQUEUE", .target = target, - .checkentry = checkentry, + .targetsize = sizeof(struct xt_NFQ_info), + .family = AF_INET, .me = THIS_MODULE, }; static struct xt_target ip6t_NFQ_reg = { .name = "NFQUEUE", .target = target, - .checkentry = checkentry, + .targetsize = sizeof(struct xt_NFQ_info), + .family = AF_INET6, .me = THIS_MODULE, }; static struct xt_target arpt_NFQ_reg = { .name = "NFQUEUE", .target = target, - .checkentry = checkentry, + .targetsize = sizeof(struct xt_NFQ_info), + .family = NF_ARP, .me = THIS_MODULE, }; -static int __init init(void) +static int __init xt_nfqueue_init(void) { int ret; - ret = xt_register_target(AF_INET, &ipt_NFQ_reg); + ret = xt_register_target(&ipt_NFQ_reg); if (ret) return ret; - ret = xt_register_target(AF_INET6, &ip6t_NFQ_reg); + ret = xt_register_target(&ip6t_NFQ_reg); if (ret) goto out_ip; - ret = xt_register_target(NF_ARP, &arpt_NFQ_reg); + ret = xt_register_target(&arpt_NFQ_reg); if (ret) goto out_ip6; return ret; out_ip6: - xt_unregister_target(AF_INET6, &ip6t_NFQ_reg); + xt_unregister_target(&ip6t_NFQ_reg); out_ip: - xt_unregister_target(AF_INET, &ipt_NFQ_reg); + xt_unregister_target(&ipt_NFQ_reg); return ret; } -static void __exit fini(void) +static void __exit xt_nfqueue_fini(void) { - xt_unregister_target(NF_ARP, &arpt_NFQ_reg); - xt_unregister_target(AF_INET6, &ip6t_NFQ_reg); - xt_unregister_target(AF_INET, &ipt_NFQ_reg); + xt_unregister_target(&arpt_NFQ_reg); + xt_unregister_target(&ip6t_NFQ_reg); + xt_unregister_target(&ipt_NFQ_reg); } -module_init(init); -module_exit(fini); +module_init(xt_nfqueue_init); +module_exit(xt_nfqueue_fini); diff --git a/net/netfilter/xt_NOTRACK.c b/net/netfilter/xt_NOTRACK.c index 24d477a..98f4b53 100644 --- a/net/netfilter/xt_NOTRACK.c +++ b/net/netfilter/xt_NOTRACK.c @@ -15,6 +15,7 @@ target(struct sk_buff **pskb, const struct net_device *in, const struct net_device *out, unsigned int hooknum, + const struct xt_target *target, const void *targinfo, void *userinfo) { @@ -33,60 +34,44 @@ target(struct sk_buff **pskb, return XT_CONTINUE; } -static int -checkentry(const char *tablename, - const void *entry, - void *targinfo, - unsigned int targinfosize, - unsigned int hook_mask) -{ - if (targinfosize != 0) { - printk(KERN_WARNING "NOTRACK: targinfosize %u != 0\n", - targinfosize); - return 0; - } - - if (strcmp(tablename, "raw") != 0) { - printk(KERN_WARNING "NOTRACK: can only be called from \"raw\" table, not \"%s\"\n", tablename); - return 0; - } - - return 1; -} - -static struct xt_target notrack_reg = { - .name = "NOTRACK", - .target = target, - .checkentry = checkentry, - .me = THIS_MODULE, +static struct xt_target notrack_reg = { + .name = "NOTRACK", + .target = target, + .targetsize = 0, + .table = "raw", + .family = AF_INET, + .me = THIS_MODULE, }; -static struct xt_target notrack6_reg = { - .name = "NOTRACK", - .target = target, - .checkentry = checkentry, - .me = THIS_MODULE, + +static struct xt_target notrack6_reg = { + .name = "NOTRACK", + .target = target, + .targetsize = 0, + .table = "raw", + .family = AF_INET6, + .me = THIS_MODULE, }; -static int __init init(void) +static int __init xt_notrack_init(void) { int ret; - ret = xt_register_target(AF_INET, ¬rack_reg); + ret = xt_register_target(¬rack_reg); if (ret) return ret; - ret = xt_register_target(AF_INET6, ¬rack6_reg); + ret = xt_register_target(¬rack6_reg); if (ret) - xt_unregister_target(AF_INET, ¬rack_reg); + xt_unregister_target(¬rack_reg); return ret; } -static void __exit fini(void) +static void __exit xt_notrack_fini(void) { - xt_unregister_target(AF_INET6, ¬rack6_reg); - xt_unregister_target(AF_INET, ¬rack_reg); + xt_unregister_target(¬rack6_reg); + xt_unregister_target(¬rack_reg); } -module_init(init); -module_exit(fini); +module_init(xt_notrack_init); +module_exit(xt_notrack_fini); diff --git a/net/netfilter/xt_comment.c b/net/netfilter/xt_comment.c index 4ba6fd6..197609c 100644 --- a/net/netfilter/xt_comment.c +++ b/net/netfilter/xt_comment.c @@ -19,6 +19,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protooff, @@ -28,53 +29,42 @@ match(const struct sk_buff *skb, return 1; } -static int -checkentry(const char *tablename, - const void *ip, - void *matchinfo, - unsigned int matchsize, - unsigned int hook_mask) -{ - /* Check the size */ - if (matchsize != XT_ALIGN(sizeof(struct xt_comment_info))) - return 0; - return 1; -} - static struct xt_match comment_match = { .name = "comment", .match = match, - .checkentry = checkentry, + .matchsize = sizeof(struct xt_comment_info), + .family = AF_INET, .me = THIS_MODULE }; static struct xt_match comment6_match = { .name = "comment", .match = match, - .checkentry = checkentry, + .matchsize = sizeof(struct xt_comment_info), + .family = AF_INET6, .me = THIS_MODULE }; -static int __init init(void) +static int __init xt_comment_init(void) { int ret; - ret = xt_register_match(AF_INET, &comment_match); + ret = xt_register_match(&comment_match); if (ret) return ret; - ret = xt_register_match(AF_INET6, &comment6_match); + ret = xt_register_match(&comment6_match); if (ret) - xt_unregister_match(AF_INET, &comment_match); + xt_unregister_match(&comment_match); return ret; } -static void __exit fini(void) +static void __exit xt_comment_fini(void) { - xt_unregister_match(AF_INET, &comment_match); - xt_unregister_match(AF_INET6, &comment6_match); + xt_unregister_match(&comment_match); + xt_unregister_match(&comment6_match); } -module_init(init); -module_exit(fini); +module_init(xt_comment_init); +module_exit(xt_comment_fini); diff --git a/net/netfilter/xt_connbytes.c b/net/netfilter/xt_connbytes.c index 150d2a4..1396fe2 100644 --- a/net/netfilter/xt_connbytes.c +++ b/net/netfilter/xt_connbytes.c @@ -44,6 +44,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -122,15 +123,13 @@ match(const struct sk_buff *skb, static int check(const char *tablename, const void *ip, + const struct xt_match *match, void *matchinfo, unsigned int matchsize, unsigned int hook_mask) { const struct xt_connbytes_info *sinfo = matchinfo; - if (matchsize != XT_ALIGN(sizeof(struct xt_connbytes_info))) - return 0; - if (sinfo->what != XT_CONNBYTES_PKTS && sinfo->what != XT_CONNBYTES_BYTES && sinfo->what != XT_CONNBYTES_AVGPKT) @@ -146,35 +145,39 @@ static int check(const char *tablename, static struct xt_match connbytes_match = { .name = "connbytes", - .match = &match, - .checkentry = &check, + .match = match, + .checkentry = check, + .matchsize = sizeof(struct xt_connbytes_info), + .family = AF_INET, .me = THIS_MODULE }; static struct xt_match connbytes6_match = { .name = "connbytes", - .match = &match, - .checkentry = &check, + .match = match, + .checkentry = check, + .matchsize = sizeof(struct xt_connbytes_info), + .family = AF_INET6, .me = THIS_MODULE }; -static int __init init(void) +static int __init xt_connbytes_init(void) { int ret; - ret = xt_register_match(AF_INET, &connbytes_match); + ret = xt_register_match(&connbytes_match); if (ret) return ret; - ret = xt_register_match(AF_INET6, &connbytes6_match); + ret = xt_register_match(&connbytes6_match); if (ret) - xt_unregister_match(AF_INET, &connbytes_match); + xt_unregister_match(&connbytes_match); return ret; } -static void __exit fini(void) +static void __exit xt_connbytes_fini(void) { - xt_unregister_match(AF_INET, &connbytes_match); - xt_unregister_match(AF_INET6, &connbytes6_match); + xt_unregister_match(&connbytes_match); + xt_unregister_match(&connbytes6_match); } -module_init(init); -module_exit(fini); +module_init(xt_connbytes_init); +module_exit(xt_connbytes_fini); diff --git a/net/netfilter/xt_connmark.c b/net/netfilter/xt_connmark.c index d06e925..dc26a27 100644 --- a/net/netfilter/xt_connmark.c +++ b/net/netfilter/xt_connmark.c @@ -35,6 +35,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -52,58 +53,76 @@ match(const struct sk_buff *skb, static int checkentry(const char *tablename, const void *ip, + const struct xt_match *match, void *matchinfo, unsigned int matchsize, unsigned int hook_mask) { - struct xt_connmark_info *cm = - (struct xt_connmark_info *)matchinfo; - if (matchsize != XT_ALIGN(sizeof(struct xt_connmark_info))) - return 0; + struct xt_connmark_info *cm = (struct xt_connmark_info *)matchinfo; if (cm->mark > 0xffffffff || cm->mask > 0xffffffff) { printk(KERN_WARNING "connmark: only support 32bit mark\n"); return 0; } - +#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) + if (nf_ct_l3proto_try_module_get(match->family) < 0) { + printk(KERN_WARNING "can't load nf_conntrack support for " + "proto=%d\n", match->family); + return 0; + } +#endif return 1; } +static void +destroy(const struct xt_match *match, void *matchinfo, unsigned int matchsize) +{ +#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) + nf_ct_l3proto_module_put(match->family); +#endif +} + static struct xt_match connmark_match = { - .name = "connmark", - .match = &match, - .checkentry = &checkentry, - .me = THIS_MODULE + .name = "connmark", + .match = match, + .matchsize = sizeof(struct xt_connmark_info), + .checkentry = checkentry, + .destroy = destroy, + .family = AF_INET, + .me = THIS_MODULE }; + static struct xt_match connmark6_match = { - .name = "connmark", - .match = &match, - .checkentry = &checkentry, - .me = THIS_MODULE + .name = "connmark", + .match = match, + .matchsize = sizeof(struct xt_connmark_info), + .checkentry = checkentry, + .destroy = destroy, + .family = AF_INET6, + .me = THIS_MODULE }; - -static int __init init(void) +static int __init xt_connmark_init(void) { int ret; need_conntrack(); - ret = xt_register_match(AF_INET, &connmark_match); + ret = xt_register_match(&connmark_match); if (ret) return ret; - ret = xt_register_match(AF_INET6, &connmark6_match); + ret = xt_register_match(&connmark6_match); if (ret) - xt_unregister_match(AF_INET, &connmark_match); + xt_unregister_match(&connmark_match); return ret; } -static void __exit fini(void) +static void __exit xt_connmark_fini(void) { - xt_unregister_match(AF_INET6, &connmark6_match); - xt_unregister_match(AF_INET, &connmark_match); + xt_unregister_match(&connmark6_match); + xt_unregister_match(&connmark_match); } -module_init(init); -module_exit(fini); +module_init(xt_connmark_init); +module_exit(xt_connmark_fini); diff --git a/net/netfilter/xt_conntrack.c b/net/netfilter/xt_conntrack.c index ffdebc9..145489a 100644 --- a/net/netfilter/xt_conntrack.c +++ b/net/netfilter/xt_conntrack.c @@ -32,6 +32,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -118,6 +119,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -201,38 +203,55 @@ match(const struct sk_buff *skb, #endif /* CONFIG_NF_IP_CONNTRACK */ -static int check(const char *tablename, - const void *ip, - void *matchinfo, - unsigned int matchsize, - unsigned int hook_mask) +static int +checkentry(const char *tablename, + const void *ip, + const struct xt_match *match, + void *matchinfo, + unsigned int matchsize, + unsigned int hook_mask) { - if (matchsize != XT_ALIGN(sizeof(struct xt_conntrack_info))) +#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) + if (nf_ct_l3proto_try_module_get(match->family) < 0) { + printk(KERN_WARNING "can't load nf_conntrack support for " + "proto=%d\n", match->family); return 0; - + } +#endif return 1; } +static void +destroy(const struct xt_match *match, void *matchinfo, unsigned int matchsize) +{ +#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) + nf_ct_l3proto_module_put(match->family); +#endif +} + static struct xt_match conntrack_match = { .name = "conntrack", - .match = &match, - .checkentry = &check, + .match = match, + .checkentry = checkentry, + .destroy = destroy, + .matchsize = sizeof(struct xt_conntrack_info), + .family = AF_INET, .me = THIS_MODULE, }; -static int __init init(void) +static int __init xt_conntrack_init(void) { int ret; need_conntrack(); - ret = xt_register_match(AF_INET, &conntrack_match); + ret = xt_register_match(&conntrack_match); return ret; } -static void __exit fini(void) +static void __exit xt_conntrack_fini(void) { - xt_unregister_match(AF_INET, &conntrack_match); + xt_unregister_match(&conntrack_match); } -module_init(init); -module_exit(fini); +module_init(xt_conntrack_init); +module_exit(xt_conntrack_fini); diff --git a/net/netfilter/xt_dccp.c b/net/netfilter/xt_dccp.c index 779f42f..dfb10b6 100644 --- a/net/netfilter/xt_dccp.c +++ b/net/netfilter/xt_dccp.c @@ -95,6 +95,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -129,61 +130,41 @@ match(const struct sk_buff *skb, static int checkentry(const char *tablename, const void *inf, + const struct xt_match *match, void *matchinfo, unsigned int matchsize, unsigned int hook_mask) { - const struct ipt_ip *ip = inf; - const struct xt_dccp_info *info; + const struct xt_dccp_info *info = matchinfo; - info = (const struct xt_dccp_info *)matchinfo; - - return ip->proto == IPPROTO_DCCP - && !(ip->invflags & XT_INV_PROTO) - && matchsize == XT_ALIGN(sizeof(struct xt_dccp_info)) - && !(info->flags & ~XT_DCCP_VALID_FLAGS) - && !(info->invflags & ~XT_DCCP_VALID_FLAGS) - && !(info->invflags & ~info->flags); -} - -static int -checkentry6(const char *tablename, - const void *inf, - void *matchinfo, - unsigned int matchsize, - unsigned int hook_mask) -{ - const struct ip6t_ip6 *ip = inf; - const struct xt_dccp_info *info; - - info = (const struct xt_dccp_info *)matchinfo; - - return ip->proto == IPPROTO_DCCP - && !(ip->invflags & XT_INV_PROTO) - && matchsize == XT_ALIGN(sizeof(struct xt_dccp_info)) - && !(info->flags & ~XT_DCCP_VALID_FLAGS) + return !(info->flags & ~XT_DCCP_VALID_FLAGS) && !(info->invflags & ~XT_DCCP_VALID_FLAGS) && !(info->invflags & ~info->flags); } - static struct xt_match dccp_match = { .name = "dccp", - .match = &match, - .checkentry = &checkentry, + .match = match, + .matchsize = sizeof(struct xt_dccp_info), + .proto = IPPROTO_DCCP, + .checkentry = checkentry, + .family = AF_INET, .me = THIS_MODULE, }; static struct xt_match dccp6_match = { .name = "dccp", - .match = &match, - .checkentry = &checkentry6, + .match = match, + .matchsize = sizeof(struct xt_dccp_info), + .proto = IPPROTO_DCCP, + .checkentry = checkentry, + .family = AF_INET6, .me = THIS_MODULE, }; -static int __init init(void) +static int __init xt_dccp_init(void) { int ret; @@ -193,29 +174,29 @@ static int __init init(void) dccp_optbuf = kmalloc(256 * 4, GFP_KERNEL); if (!dccp_optbuf) return -ENOMEM; - ret = xt_register_match(AF_INET, &dccp_match); + ret = xt_register_match(&dccp_match); if (ret) goto out_kfree; - ret = xt_register_match(AF_INET6, &dccp6_match); + ret = xt_register_match(&dccp6_match); if (ret) goto out_unreg; return ret; out_unreg: - xt_unregister_match(AF_INET, &dccp_match); + xt_unregister_match(&dccp_match); out_kfree: kfree(dccp_optbuf); return ret; } -static void __exit fini(void) +static void __exit xt_dccp_fini(void) { - xt_unregister_match(AF_INET6, &dccp6_match); - xt_unregister_match(AF_INET, &dccp_match); + xt_unregister_match(&dccp6_match); + xt_unregister_match(&dccp_match); kfree(dccp_optbuf); } -module_init(init); -module_exit(fini); +module_init(xt_dccp_init); +module_exit(xt_dccp_fini); diff --git a/net/netfilter/xt_helper.c b/net/netfilter/xt_helper.c index 38b6715..799c2a4 100644 --- a/net/netfilter/xt_helper.c +++ b/net/netfilter/xt_helper.c @@ -42,6 +42,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -89,6 +90,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -96,6 +98,7 @@ match(const struct sk_buff *skb, { const struct xt_helper_info *info = matchinfo; struct nf_conn *ct; + struct nf_conn_help *master_help; enum ip_conntrack_info ctinfo; int ret = info->invert; @@ -111,7 +114,8 @@ match(const struct sk_buff *skb, } read_lock_bh(&nf_conntrack_lock); - if (!ct->master->helper) { + master_help = nfct_help(ct->master); + if (!master_help || !master_help->helper) { DEBUGP("xt_helper: master ct %p has no helper\n", exp->expectant); goto out_unlock; @@ -123,8 +127,8 @@ match(const struct sk_buff *skb, if (info->name[0] == '\0') ret ^= 1; else - ret ^= !strncmp(ct->master->helper->name, info->name, - strlen(ct->master->helper->name)); + ret ^= !strncmp(master_help->helper->name, info->name, + strlen(master_help->helper->name)); out_unlock: read_unlock_bh(&nf_conntrack_lock); return ret; @@ -133,56 +137,73 @@ out_unlock: static int check(const char *tablename, const void *inf, + const struct xt_match *match, void *matchinfo, unsigned int matchsize, unsigned int hook_mask) { struct xt_helper_info *info = matchinfo; - info->name[29] = '\0'; - - /* verify size */ - if (matchsize != XT_ALIGN(sizeof(struct xt_helper_info))) +#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) + if (nf_ct_l3proto_try_module_get(match->family) < 0) { + printk(KERN_WARNING "can't load nf_conntrack support for " + "proto=%d\n", match->family); return 0; - + } +#endif + info->name[29] = '\0'; return 1; } +static void +destroy(const struct xt_match *match, void *matchinfo, unsigned int matchsize) +{ +#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) + nf_ct_l3proto_module_put(match->family); +#endif +} + static struct xt_match helper_match = { .name = "helper", - .match = &match, - .checkentry = &check, + .match = match, + .matchsize = sizeof(struct xt_helper_info), + .checkentry = check, + .destroy = destroy, + .family = AF_INET, .me = THIS_MODULE, }; static struct xt_match helper6_match = { .name = "helper", - .match = &match, - .checkentry = &check, + .match = match, + .matchsize = sizeof(struct xt_helper_info), + .checkentry = check, + .destroy = destroy, + .family = AF_INET6, .me = THIS_MODULE, }; -static int __init init(void) +static int __init xt_helper_init(void) { int ret; need_conntrack(); - ret = xt_register_match(AF_INET, &helper_match); + ret = xt_register_match(&helper_match); if (ret < 0) return ret; - ret = xt_register_match(AF_INET6, &helper6_match); + ret = xt_register_match(&helper6_match); if (ret < 0) - xt_unregister_match(AF_INET, &helper_match); + xt_unregister_match(&helper_match); return ret; } -static void __exit fini(void) +static void __exit xt_helper_fini(void) { - xt_unregister_match(AF_INET, &helper_match); - xt_unregister_match(AF_INET6, &helper6_match); + xt_unregister_match(&helper_match); + xt_unregister_match(&helper6_match); } -module_init(init); -module_exit(fini); +module_init(xt_helper_init); +module_exit(xt_helper_fini); diff --git a/net/netfilter/xt_length.c b/net/netfilter/xt_length.c index 39c8fae..109132c 100644 --- a/net/netfilter/xt_length.c +++ b/net/netfilter/xt_length.c @@ -24,6 +24,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -39,6 +40,7 @@ static int match6(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -50,50 +52,40 @@ match6(const struct sk_buff *skb, return (pktlen >= info->min && pktlen <= info->max) ^ info->invert; } -static int -checkentry(const char *tablename, - const void *ip, - void *matchinfo, - unsigned int matchsize, - unsigned int hook_mask) -{ - if (matchsize != XT_ALIGN(sizeof(struct xt_length_info))) - return 0; - - return 1; -} - static struct xt_match length_match = { .name = "length", - .match = &match, - .checkentry = &checkentry, + .match = match, + .matchsize = sizeof(struct xt_length_info), + .family = AF_INET, .me = THIS_MODULE, }; + static struct xt_match length6_match = { .name = "length", - .match = &match6, - .checkentry = &checkentry, + .match = match6, + .matchsize = sizeof(struct xt_length_info), + .family = AF_INET6, .me = THIS_MODULE, }; -static int __init init(void) +static int __init xt_length_init(void) { int ret; - ret = xt_register_match(AF_INET, &length_match); + ret = xt_register_match(&length_match); if (ret) return ret; - ret = xt_register_match(AF_INET6, &length6_match); + ret = xt_register_match(&length6_match); if (ret) - xt_unregister_match(AF_INET, &length_match); + xt_unregister_match(&length_match); return ret; } -static void __exit fini(void) +static void __exit xt_length_fini(void) { - xt_unregister_match(AF_INET, &length_match); - xt_unregister_match(AF_INET6, &length6_match); + xt_unregister_match(&length_match); + xt_unregister_match(&length6_match); } -module_init(init); -module_exit(fini); +module_init(xt_length_init); +module_exit(xt_length_fini); diff --git a/net/netfilter/xt_limit.c b/net/netfilter/xt_limit.c index 15e4050..ce7fdb7 100644 --- a/net/netfilter/xt_limit.c +++ b/net/netfilter/xt_limit.c @@ -68,6 +68,7 @@ static int ipt_limit_match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -107,15 +108,13 @@ user2credits(u_int32_t user) static int ipt_limit_checkentry(const char *tablename, const void *inf, + const struct xt_match *match, void *matchinfo, unsigned int matchsize, unsigned int hook_mask) { struct xt_rateinfo *r = matchinfo; - if (matchsize != XT_ALIGN(sizeof(struct xt_rateinfo))) - return 0; - /* Check for overflow. */ if (r->burst == 0 || user2credits(r->avg * r->burst) < user2credits(r->avg)) { @@ -140,36 +139,40 @@ ipt_limit_checkentry(const char *tablename, static struct xt_match ipt_limit_reg = { .name = "limit", .match = ipt_limit_match, + .matchsize = sizeof(struct xt_rateinfo), .checkentry = ipt_limit_checkentry, + .family = AF_INET, .me = THIS_MODULE, }; static struct xt_match limit6_reg = { .name = "limit", .match = ipt_limit_match, + .matchsize = sizeof(struct xt_rateinfo), .checkentry = ipt_limit_checkentry, + .family = AF_INET6, .me = THIS_MODULE, }; -static int __init init(void) +static int __init xt_limit_init(void) { int ret; - ret = xt_register_match(AF_INET, &ipt_limit_reg); + ret = xt_register_match(&ipt_limit_reg); if (ret) return ret; - ret = xt_register_match(AF_INET6, &limit6_reg); + ret = xt_register_match(&limit6_reg); if (ret) - xt_unregister_match(AF_INET, &ipt_limit_reg); + xt_unregister_match(&ipt_limit_reg); return ret; } -static void __exit fini(void) +static void __exit xt_limit_fini(void) { - xt_unregister_match(AF_INET, &ipt_limit_reg); - xt_unregister_match(AF_INET6, &limit6_reg); + xt_unregister_match(&ipt_limit_reg); + xt_unregister_match(&limit6_reg); } -module_init(init); -module_exit(fini); +module_init(xt_limit_init); +module_exit(xt_limit_fini); diff --git a/net/netfilter/xt_mac.c b/net/netfilter/xt_mac.c index 0461dcb..356290f 100644 --- a/net/netfilter/xt_mac.c +++ b/net/netfilter/xt_mac.c @@ -27,6 +27,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -42,59 +43,44 @@ match(const struct sk_buff *skb, ^ info->invert)); } -static int -ipt_mac_checkentry(const char *tablename, - const void *inf, - void *matchinfo, - unsigned int matchsize, - unsigned int hook_mask) -{ - /* FORWARD isn't always valid, but it's nice to be able to do --RR */ - if (hook_mask - & ~((1 << NF_IP_PRE_ROUTING) | (1 << NF_IP_LOCAL_IN) - | (1 << NF_IP_FORWARD))) { - printk("xt_mac: only valid for PRE_ROUTING, LOCAL_IN or FORWARD.\n"); - return 0; - } - - if (matchsize != XT_ALIGN(sizeof(struct xt_mac_info))) - return 0; - - return 1; -} - static struct xt_match mac_match = { .name = "mac", - .match = &match, - .checkentry = &ipt_mac_checkentry, + .match = match, + .matchsize = sizeof(struct xt_mac_info), + .hooks = (1 << NF_IP_PRE_ROUTING) | (1 << NF_IP_LOCAL_IN) | + (1 << NF_IP_FORWARD), + .family = AF_INET, .me = THIS_MODULE, }; static struct xt_match mac6_match = { .name = "mac", - .match = &match, - .checkentry = &ipt_mac_checkentry, + .match = match, + .matchsize = sizeof(struct xt_mac_info), + .hooks = (1 << NF_IP_PRE_ROUTING) | (1 << NF_IP_LOCAL_IN) | + (1 << NF_IP_FORWARD), + .family = AF_INET6, .me = THIS_MODULE, }; -static int __init init(void) +static int __init xt_mac_init(void) { int ret; - ret = xt_register_match(AF_INET, &mac_match); + ret = xt_register_match(&mac_match); if (ret) return ret; - ret = xt_register_match(AF_INET6, &mac6_match); + ret = xt_register_match(&mac6_match); if (ret) - xt_unregister_match(AF_INET, &mac_match); + xt_unregister_match(&mac_match); return ret; } -static void __exit fini(void) +static void __exit xt_mac_fini(void) { - xt_unregister_match(AF_INET, &mac_match); - xt_unregister_match(AF_INET6, &mac6_match); + xt_unregister_match(&mac_match); + xt_unregister_match(&mac6_match); } -module_init(init); -module_exit(fini); +module_init(xt_mac_init); +module_exit(xt_mac_fini); diff --git a/net/netfilter/xt_mark.c b/net/netfilter/xt_mark.c index 2a0ac62..8b385a3 100644 --- a/net/netfilter/xt_mark.c +++ b/net/netfilter/xt_mark.c @@ -23,6 +23,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -36,56 +37,57 @@ match(const struct sk_buff *skb, static int checkentry(const char *tablename, const void *entry, + const struct xt_match *match, void *matchinfo, unsigned int matchsize, unsigned int hook_mask) { struct xt_mark_info *minfo = (struct xt_mark_info *) matchinfo; - if (matchsize != XT_ALIGN(sizeof(struct xt_mark_info))) - return 0; - if (minfo->mark > 0xffffffff || minfo->mask > 0xffffffff) { printk(KERN_WARNING "mark: only supports 32bit mark\n"); return 0; } - return 1; } static struct xt_match mark_match = { .name = "mark", - .match = &match, - .checkentry = &checkentry, + .match = match, + .matchsize = sizeof(struct xt_mark_info), + .checkentry = checkentry, + .family = AF_INET, .me = THIS_MODULE, }; static struct xt_match mark6_match = { .name = "mark", - .match = &match, - .checkentry = &checkentry, + .match = match, + .matchsize = sizeof(struct xt_mark_info), + .checkentry = checkentry, + .family = AF_INET6, .me = THIS_MODULE, }; -static int __init init(void) +static int __init xt_mark_init(void) { int ret; - ret = xt_register_match(AF_INET, &mark_match); + ret = xt_register_match(&mark_match); if (ret) return ret; - ret = xt_register_match(AF_INET6, &mark6_match); + ret = xt_register_match(&mark6_match); if (ret) - xt_unregister_match(AF_INET, &mark_match); + xt_unregister_match(&mark_match); return ret; } -static void __exit fini(void) +static void __exit xt_mark_fini(void) { - xt_unregister_match(AF_INET, &mark_match); - xt_unregister_match(AF_INET6, &mark6_match); + xt_unregister_match(&mark_match); + xt_unregister_match(&mark6_match); } -module_init(init); -module_exit(fini); +module_init(xt_mark_init); +module_exit(xt_mark_fini); diff --git a/net/netfilter/xt_physdev.c b/net/netfilter/xt_physdev.c index 19bb57c..5fe4c9d 100644 --- a/net/netfilter/xt_physdev.c +++ b/net/netfilter/xt_physdev.c @@ -26,6 +26,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -102,14 +103,13 @@ match_outdev: static int checkentry(const char *tablename, const void *ip, + const struct xt_match *match, void *matchinfo, unsigned int matchsize, unsigned int hook_mask) { const struct xt_physdev_info *info = matchinfo; - if (matchsize != XT_ALIGN(sizeof(struct xt_physdev_info))) - return 0; if (!(info->bitmask & XT_PHYSDEV_OP_MASK) || info->bitmask & ~XT_PHYSDEV_OP_MASK) return 0; @@ -118,38 +118,42 @@ checkentry(const char *tablename, static struct xt_match physdev_match = { .name = "physdev", - .match = &match, - .checkentry = &checkentry, + .match = match, + .matchsize = sizeof(struct xt_physdev_info), + .checkentry = checkentry, + .family = AF_INET, .me = THIS_MODULE, }; static struct xt_match physdev6_match = { .name = "physdev", - .match = &match, - .checkentry = &checkentry, + .match = match, + .matchsize = sizeof(struct xt_physdev_info), + .checkentry = checkentry, + .family = AF_INET6, .me = THIS_MODULE, }; -static int __init init(void) +static int __init xt_physdev_init(void) { int ret; - ret = xt_register_match(AF_INET, &physdev_match); + ret = xt_register_match(&physdev_match); if (ret < 0) return ret; - ret = xt_register_match(AF_INET6, &physdev6_match); + ret = xt_register_match(&physdev6_match); if (ret < 0) - xt_unregister_match(AF_INET, &physdev_match); + xt_unregister_match(&physdev_match); return ret; } -static void __exit fini(void) +static void __exit xt_physdev_fini(void) { - xt_unregister_match(AF_INET, &physdev_match); - xt_unregister_match(AF_INET6, &physdev6_match); + xt_unregister_match(&physdev_match); + xt_unregister_match(&physdev6_match); } -module_init(init); -module_exit(fini); +module_init(xt_physdev_init); +module_exit(xt_physdev_fini); diff --git a/net/netfilter/xt_pkttype.c b/net/netfilter/xt_pkttype.c index ab1b263..3ac703b 100644 --- a/net/netfilter/xt_pkttype.c +++ b/net/netfilter/xt_pkttype.c @@ -22,6 +22,7 @@ MODULE_ALIAS("ip6t_pkttype"); static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -32,51 +33,41 @@ static int match(const struct sk_buff *skb, return (skb->pkt_type == info->pkttype) ^ info->invert; } -static int checkentry(const char *tablename, - const void *ip, - void *matchinfo, - unsigned int matchsize, - unsigned int hook_mask) -{ - if (matchsize != XT_ALIGN(sizeof(struct xt_pkttype_info))) - return 0; - - return 1; -} - static struct xt_match pkttype_match = { .name = "pkttype", - .match = &match, - .checkentry = &checkentry, + .match = match, + .matchsize = sizeof(struct xt_pkttype_info), + .family = AF_INET, .me = THIS_MODULE, }; + static struct xt_match pkttype6_match = { .name = "pkttype", - .match = &match, - .checkentry = &checkentry, + .match = match, + .matchsize = sizeof(struct xt_pkttype_info), + .family = AF_INET6, .me = THIS_MODULE, }; - -static int __init init(void) +static int __init xt_pkttype_init(void) { int ret; - ret = xt_register_match(AF_INET, &pkttype_match); + ret = xt_register_match(&pkttype_match); if (ret) return ret; - ret = xt_register_match(AF_INET6, &pkttype6_match); + ret = xt_register_match(&pkttype6_match); if (ret) - xt_unregister_match(AF_INET, &pkttype_match); + xt_unregister_match(&pkttype_match); return ret; } -static void __exit fini(void) +static void __exit xt_pkttype_fini(void) { - xt_unregister_match(AF_INET, &pkttype_match); - xt_unregister_match(AF_INET6, &pkttype6_match); + xt_unregister_match(&pkttype_match); + xt_unregister_match(&pkttype6_match); } -module_init(init); -module_exit(fini); +module_init(xt_pkttype_init); +module_exit(xt_pkttype_fini); diff --git a/net/netfilter/xt_policy.c b/net/netfilter/xt_policy.c new file mode 100644 index 0000000..1099cb0 --- /dev/null +++ b/net/netfilter/xt_policy.c @@ -0,0 +1,211 @@ +/* IP tables module for matching IPsec policy + * + * Copyright (c) 2004,2005 Patrick McHardy, <kaber@trash.net> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + */ + +#include <linux/kernel.h> +#include <linux/config.h> +#include <linux/module.h> +#include <linux/skbuff.h> +#include <linux/init.h> +#include <net/xfrm.h> + +#include <linux/netfilter/xt_policy.h> +#include <linux/netfilter/x_tables.h> + +MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>"); +MODULE_DESCRIPTION("Xtables IPsec policy matching module"); +MODULE_LICENSE("GPL"); + +static inline int +xt_addr_cmp(const union xt_policy_addr *a1, const union xt_policy_addr *m, + const union xt_policy_addr *a2, unsigned short family) +{ + switch (family) { + case AF_INET: + return !((a1->a4.s_addr ^ a2->a4.s_addr) & m->a4.s_addr); + case AF_INET6: + return !ipv6_masked_addr_cmp(&a1->a6, &m->a6, &a2->a6); + } + return 0; +} + +static inline int +match_xfrm_state(struct xfrm_state *x, const struct xt_policy_elem *e, + unsigned short family) +{ +#define MATCH_ADDR(x,y,z) (!e->match.x || \ + (xt_addr_cmp(&e->x, &e->y, z, family) \ + ^ e->invert.x)) +#define MATCH(x,y) (!e->match.x || ((e->x == (y)) ^ e->invert.x)) + + return MATCH_ADDR(saddr, smask, (union xt_policy_addr *)&x->props.saddr) && + MATCH_ADDR(daddr, dmask, (union xt_policy_addr *)&x->id.daddr) && + MATCH(proto, x->id.proto) && + MATCH(mode, x->props.mode) && + MATCH(spi, x->id.spi) && + MATCH(reqid, x->props.reqid); +} + +static int +match_policy_in(const struct sk_buff *skb, const struct xt_policy_info *info, + unsigned short family) +{ + const struct xt_policy_elem *e; + struct sec_path *sp = skb->sp; + int strict = info->flags & XT_POLICY_MATCH_STRICT; + int i, pos; + + if (sp == NULL) + return -1; + if (strict && info->len != sp->len) + return 0; + + for (i = sp->len - 1; i >= 0; i--) { + pos = strict ? i - sp->len + 1 : 0; + if (pos >= info->len) + return 0; + e = &info->pol[pos]; + + if (match_xfrm_state(sp->x[i].xvec, e, family)) { + if (!strict) + return 1; + } else if (strict) + return 0; + } + + return strict ? 1 : 0; +} + +static int +match_policy_out(const struct sk_buff *skb, const struct xt_policy_info *info, + unsigned short family) +{ + const struct xt_policy_elem *e; + struct dst_entry *dst = skb->dst; + int strict = info->flags & XT_POLICY_MATCH_STRICT; + int i, pos; + + if (dst->xfrm == NULL) + return -1; + + for (i = 0; dst && dst->xfrm; dst = dst->child, i++) { + pos = strict ? i : 0; + if (pos >= info->len) + return 0; + e = &info->pol[pos]; + + if (match_xfrm_state(dst->xfrm, e, family)) { + if (!strict) + return 1; + } else if (strict) + return 0; + } + + return strict ? i == info->len : 0; +} + +static int match(const struct sk_buff *skb, + const struct net_device *in, + const struct net_device *out, + const struct xt_match *match, + const void *matchinfo, + int offset, + unsigned int protoff, + int *hotdrop) +{ + const struct xt_policy_info *info = matchinfo; + int ret; + + if (info->flags & XT_POLICY_MATCH_IN) + ret = match_policy_in(skb, info, match->family); + else + ret = match_policy_out(skb, info, match->family); + + if (ret < 0) + ret = info->flags & XT_POLICY_MATCH_NONE ? 1 : 0; + else if (info->flags & XT_POLICY_MATCH_NONE) + ret = 0; + + return ret; +} + +static int checkentry(const char *tablename, const void *ip_void, + const struct xt_match *match, + void *matchinfo, unsigned int matchsize, + unsigned int hook_mask) +{ + struct xt_policy_info *info = matchinfo; + + if (!(info->flags & (XT_POLICY_MATCH_IN|XT_POLICY_MATCH_OUT))) { + printk(KERN_ERR "xt_policy: neither incoming nor " + "outgoing policy selected\n"); + return 0; + } + /* hook values are equal for IPv4 and IPv6 */ + if (hook_mask & (1 << NF_IP_PRE_ROUTING | 1 << NF_IP_LOCAL_IN) + && info->flags & XT_POLICY_MATCH_OUT) { + printk(KERN_ERR "xt_policy: output policy not valid in " + "PRE_ROUTING and INPUT\n"); + return 0; + } + if (hook_mask & (1 << NF_IP_POST_ROUTING | 1 << NF_IP_LOCAL_OUT) + && info->flags & XT_POLICY_MATCH_IN) { + printk(KERN_ERR "xt_policy: input policy not valid in " + "POST_ROUTING and OUTPUT\n"); + return 0; + } + if (info->len > XT_POLICY_MAX_ELEM) { + printk(KERN_ERR "xt_policy: too many policy elements\n"); + return 0; + } + return 1; +} + +static struct xt_match policy_match = { + .name = "policy", + .family = AF_INET, + .match = match, + .matchsize = sizeof(struct xt_policy_info), + .checkentry = checkentry, + .family = AF_INET, + .me = THIS_MODULE, +}; + +static struct xt_match policy6_match = { + .name = "policy", + .family = AF_INET6, + .match = match, + .matchsize = sizeof(struct xt_policy_info), + .checkentry = checkentry, + .family = AF_INET6, + .me = THIS_MODULE, +}; + +static int __init init(void) +{ + int ret; + + ret = xt_register_match(&policy_match); + if (ret) + return ret; + ret = xt_register_match(&policy6_match); + if (ret) + xt_unregister_match(&policy_match); + return ret; +} + +static void __exit fini(void) +{ + xt_unregister_match(&policy6_match); + xt_unregister_match(&policy_match); +} + +module_init(init); +module_exit(fini); +MODULE_ALIAS("ipt_policy"); +MODULE_ALIAS("ip6t_policy"); diff --git a/net/netfilter/xt_realm.c b/net/netfilter/xt_realm.c index 2b7e178..a80b7d13 100644 --- a/net/netfilter/xt_realm.c +++ b/net/netfilter/xt_realm.c @@ -27,6 +27,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -38,42 +39,25 @@ match(const struct sk_buff *skb, return (info->id == (dst->tclassid & info->mask)) ^ info->invert; } -static int check(const char *tablename, - const void *ip, - void *matchinfo, - unsigned int matchsize, - unsigned int hook_mask) -{ - if (hook_mask - & ~((1 << NF_IP_POST_ROUTING) | (1 << NF_IP_FORWARD) | - (1 << NF_IP_LOCAL_OUT) | (1 << NF_IP_LOCAL_IN))) { - printk("xt_realm: only valid for POST_ROUTING, LOCAL_OUT, " - "LOCAL_IN or FORWARD.\n"); - return 0; - } - if (matchsize != XT_ALIGN(sizeof(struct xt_realm_info))) { - printk("xt_realm: invalid matchsize.\n"); - return 0; - } - return 1; -} - static struct xt_match realm_match = { .name = "realm", - .match = match, - .checkentry = check, + .match = match, + .matchsize = sizeof(struct xt_realm_info), + .hooks = (1 << NF_IP_POST_ROUTING) | (1 << NF_IP_FORWARD) | + (1 << NF_IP_LOCAL_OUT) | (1 << NF_IP_LOCAL_IN), + .family = AF_INET, .me = THIS_MODULE }; -static int __init init(void) +static int __init xt_realm_init(void) { - return xt_register_match(AF_INET, &realm_match); + return xt_register_match(&realm_match); } -static void __exit fini(void) +static void __exit xt_realm_fini(void) { - xt_unregister_match(AF_INET, &realm_match); + xt_unregister_match(&realm_match); } -module_init(init); -module_exit(fini); +module_init(xt_realm_init); +module_exit(xt_realm_fini); diff --git a/net/netfilter/xt_sctp.c b/net/netfilter/xt_sctp.c index 10fbfc5..34bd872 100644 --- a/net/netfilter/xt_sctp.c +++ b/net/netfilter/xt_sctp.c @@ -123,6 +123,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -162,19 +163,14 @@ match(const struct sk_buff *skb, static int checkentry(const char *tablename, const void *inf, + const struct xt_match *match, void *matchinfo, unsigned int matchsize, unsigned int hook_mask) { - const struct xt_sctp_info *info; - const struct ipt_ip *ip = inf; - - info = (const struct xt_sctp_info *)matchinfo; + const struct xt_sctp_info *info = matchinfo; - return ip->proto == IPPROTO_SCTP - && !(ip->invflags & XT_INV_PROTO) - && matchsize == XT_ALIGN(sizeof(struct xt_sctp_info)) - && !(info->flags & ~XT_SCTP_VALID_FLAGS) + return !(info->flags & ~XT_SCTP_VALID_FLAGS) && !(info->invflags & ~XT_SCTP_VALID_FLAGS) && !(info->invflags & ~info->flags) && ((!(info->flags & XT_SCTP_CHUNK_TYPES)) || @@ -184,67 +180,45 @@ checkentry(const char *tablename, | SCTP_CHUNK_MATCH_ONLY))); } -static int -checkentry6(const char *tablename, - const void *inf, - void *matchinfo, - unsigned int matchsize, - unsigned int hook_mask) -{ - const struct xt_sctp_info *info; - const struct ip6t_ip6 *ip = inf; - - info = (const struct xt_sctp_info *)matchinfo; - - return ip->proto == IPPROTO_SCTP - && !(ip->invflags & XT_INV_PROTO) - && matchsize == XT_ALIGN(sizeof(struct xt_sctp_info)) - && !(info->flags & ~XT_SCTP_VALID_FLAGS) - && !(info->invflags & ~XT_SCTP_VALID_FLAGS) - && !(info->invflags & ~info->flags) - && ((!(info->flags & XT_SCTP_CHUNK_TYPES)) || - (info->chunk_match_type & - (SCTP_CHUNK_MATCH_ALL - | SCTP_CHUNK_MATCH_ANY - | SCTP_CHUNK_MATCH_ONLY))); -} - - -static struct xt_match sctp_match = -{ - .name = "sctp", - .match = &match, - .checkentry = &checkentry, - .me = THIS_MODULE -}; -static struct xt_match sctp6_match = -{ - .name = "sctp", - .match = &match, - .checkentry = &checkentry6, - .me = THIS_MODULE +static struct xt_match sctp_match = { + .name = "sctp", + .match = match, + .matchsize = sizeof(struct xt_sctp_info), + .proto = IPPROTO_SCTP, + .checkentry = checkentry, + .family = AF_INET, + .me = THIS_MODULE }; +static struct xt_match sctp6_match = { + .name = "sctp", + .match = match, + .matchsize = sizeof(struct xt_sctp_info), + .proto = IPPROTO_SCTP, + .checkentry = checkentry, + .family = AF_INET6, + .me = THIS_MODULE +}; -static int __init init(void) +static int __init xt_sctp_init(void) { int ret; - ret = xt_register_match(AF_INET, &sctp_match); + ret = xt_register_match(&sctp_match); if (ret) return ret; - ret = xt_register_match(AF_INET6, &sctp6_match); + ret = xt_register_match(&sctp6_match); if (ret) - xt_unregister_match(AF_INET, &sctp_match); + xt_unregister_match(&sctp_match); return ret; } -static void __exit fini(void) +static void __exit xt_sctp_fini(void) { - xt_unregister_match(AF_INET6, &sctp6_match); - xt_unregister_match(AF_INET, &sctp_match); + xt_unregister_match(&sctp6_match); + xt_unregister_match(&sctp_match); } -module_init(init); -module_exit(fini); +module_init(xt_sctp_init); +module_exit(xt_sctp_fini); diff --git a/net/netfilter/xt_state.c b/net/netfilter/xt_state.c index 39ce808..f9e304d 100644 --- a/net/netfilter/xt_state.c +++ b/net/netfilter/xt_state.c @@ -24,6 +24,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -44,53 +45,72 @@ match(const struct sk_buff *skb, } static int check(const char *tablename, - const void *ip, + const void *inf, + const struct xt_match *match, void *matchinfo, unsigned int matchsize, unsigned int hook_mask) { - if (matchsize != XT_ALIGN(sizeof(struct xt_state_info))) +#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) + if (nf_ct_l3proto_try_module_get(match->family) < 0) { + printk(KERN_WARNING "can't load nf_conntrack support for " + "proto=%d\n", match->family); return 0; - + } +#endif return 1; } +static void +destroy(const struct xt_match *match, void *matchinfo, unsigned int matchsize) +{ +#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) + nf_ct_l3proto_module_put(match->family); +#endif +} + static struct xt_match state_match = { .name = "state", - .match = &match, - .checkentry = &check, + .match = match, + .checkentry = check, + .destroy = destroy, + .matchsize = sizeof(struct xt_state_info), + .family = AF_INET, .me = THIS_MODULE, }; static struct xt_match state6_match = { .name = "state", - .match = &match, - .checkentry = &check, + .match = match, + .checkentry = check, + .destroy = destroy, + .matchsize = sizeof(struct xt_state_info), + .family = AF_INET6, .me = THIS_MODULE, }; -static int __init init(void) +static int __init xt_state_init(void) { int ret; need_conntrack(); - ret = xt_register_match(AF_INET, &state_match); + ret = xt_register_match(&state_match); if (ret < 0) return ret; - ret = xt_register_match(AF_INET6, &state6_match); + ret = xt_register_match(&state6_match); if (ret < 0) - xt_unregister_match(AF_INET,&state_match); + xt_unregister_match(&state_match); return ret; } -static void __exit fini(void) +static void __exit xt_state_fini(void) { - xt_unregister_match(AF_INET, &state_match); - xt_unregister_match(AF_INET6, &state6_match); + xt_unregister_match(&state_match); + xt_unregister_match(&state6_match); } -module_init(init); -module_exit(fini); +module_init(xt_state_init); +module_exit(xt_state_fini); diff --git a/net/netfilter/xt_string.c b/net/netfilter/xt_string.c index 7c7d5c8..79d9ea6 100644 --- a/net/netfilter/xt_string.c +++ b/net/netfilter/xt_string.c @@ -24,6 +24,7 @@ MODULE_ALIAS("ip6t_string"); static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -43,6 +44,7 @@ static int match(const struct sk_buff *skb, static int checkentry(const char *tablename, const void *ip, + const struct xt_match *match, void *matchinfo, unsigned int matchsize, unsigned int hook_mask) @@ -50,9 +52,6 @@ static int checkentry(const char *tablename, struct xt_string_info *conf = matchinfo; struct ts_config *ts_conf; - if (matchsize != XT_ALIGN(sizeof(struct xt_string_info))) - return 0; - /* Damn, can't handle this case properly with iptables... */ if (conf->from_offset > conf->to_offset) return 0; @@ -67,7 +66,8 @@ static int checkentry(const char *tablename, return 1; } -static void destroy(void *matchinfo, unsigned int matchsize) +static void destroy(const struct xt_match *match, void *matchinfo, + unsigned int matchsize) { textsearch_destroy(STRING_TEXT_PRIV(matchinfo)->config); } @@ -75,37 +75,41 @@ static void destroy(void *matchinfo, unsigned int matchsize) static struct xt_match string_match = { .name = "string", .match = match, + .matchsize = sizeof(struct xt_string_info), .checkentry = checkentry, .destroy = destroy, + .family = AF_INET, .me = THIS_MODULE }; static struct xt_match string6_match = { .name = "string", .match = match, + .matchsize = sizeof(struct xt_string_info), .checkentry = checkentry, .destroy = destroy, + .family = AF_INET6, .me = THIS_MODULE }; -static int __init init(void) +static int __init xt_string_init(void) { int ret; - ret = xt_register_match(AF_INET, &string_match); + ret = xt_register_match(&string_match); if (ret) return ret; - ret = xt_register_match(AF_INET6, &string6_match); + ret = xt_register_match(&string6_match); if (ret) - xt_unregister_match(AF_INET, &string_match); + xt_unregister_match(&string_match); return ret; } -static void __exit fini(void) +static void __exit xt_string_fini(void) { - xt_unregister_match(AF_INET, &string_match); - xt_unregister_match(AF_INET6, &string6_match); + xt_unregister_match(&string_match); + xt_unregister_match(&string6_match); } -module_init(init); -module_exit(fini); +module_init(xt_string_init); +module_exit(xt_string_fini); diff --git a/net/netfilter/xt_tcpmss.c b/net/netfilter/xt_tcpmss.c index acf7f53..cf7d335c 100644 --- a/net/netfilter/xt_tcpmss.c +++ b/net/netfilter/xt_tcpmss.c @@ -81,6 +81,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -92,81 +93,44 @@ match(const struct sk_buff *skb, info->invert, hotdrop); } -static int -checkentry(const char *tablename, - const void *ipinfo, - void *matchinfo, - unsigned int matchsize, - unsigned int hook_mask) -{ - const struct ipt_ip *ip = ipinfo; - if (matchsize != XT_ALIGN(sizeof(struct xt_tcpmss_match_info))) - return 0; - - /* Must specify -p tcp */ - if (ip->proto != IPPROTO_TCP || (ip->invflags & IPT_INV_PROTO)) { - printk("tcpmss: Only works on TCP packets\n"); - return 0; - } - - return 1; -} - -static int -checkentry6(const char *tablename, - const void *ipinfo, - void *matchinfo, - unsigned int matchsize, - unsigned int hook_mask) -{ - const struct ip6t_ip6 *ip = ipinfo; - - if (matchsize != XT_ALIGN(sizeof(struct xt_tcpmss_match_info))) - return 0; - - /* Must specify -p tcp */ - if (ip->proto != IPPROTO_TCP || (ip->invflags & XT_INV_PROTO)) { - printk("tcpmss: Only works on TCP packets\n"); - return 0; - } - - return 1; -} - static struct xt_match tcpmss_match = { .name = "tcpmss", - .match = &match, - .checkentry = &checkentry, + .match = match, + .matchsize = sizeof(struct xt_tcpmss_match_info), + .proto = IPPROTO_TCP, + .family = AF_INET, .me = THIS_MODULE, }; static struct xt_match tcpmss6_match = { .name = "tcpmss", - .match = &match, - .checkentry = &checkentry6, + .match = match, + .matchsize = sizeof(struct xt_tcpmss_match_info), + .proto = IPPROTO_TCP, + .family = AF_INET6, .me = THIS_MODULE, }; -static int __init init(void) +static int __init xt_tcpmss_init(void) { int ret; - ret = xt_register_match(AF_INET, &tcpmss_match); + ret = xt_register_match(&tcpmss_match); if (ret) return ret; - ret = xt_register_match(AF_INET6, &tcpmss6_match); + ret = xt_register_match(&tcpmss6_match); if (ret) - xt_unregister_match(AF_INET, &tcpmss_match); + xt_unregister_match(&tcpmss_match); return ret; } -static void __exit fini(void) +static void __exit xt_tcpmss_fini(void) { - xt_unregister_match(AF_INET6, &tcpmss6_match); - xt_unregister_match(AF_INET, &tcpmss_match); + xt_unregister_match(&tcpmss6_match); + xt_unregister_match(&tcpmss_match); } -module_init(init); -module_exit(fini); +module_init(xt_tcpmss_init); +module_exit(xt_tcpmss_fini); diff --git a/net/netfilter/xt_tcpudp.c b/net/netfilter/xt_tcpudp.c index 669c811..1b61dac 100644 --- a/net/netfilter/xt_tcpudp.c +++ b/net/netfilter/xt_tcpudp.c @@ -74,6 +74,7 @@ static int tcp_match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -138,43 +139,22 @@ tcp_match(const struct sk_buff *skb, static int tcp_checkentry(const char *tablename, const void *info, + const struct xt_match *match, void *matchinfo, unsigned int matchsize, unsigned int hook_mask) { - const struct ipt_ip *ip = info; const struct xt_tcp *tcpinfo = matchinfo; - /* Must specify proto == TCP, and no unknown invflags */ - return ip->proto == IPPROTO_TCP - && !(ip->invflags & XT_INV_PROTO) - && matchsize == XT_ALIGN(sizeof(struct xt_tcp)) - && !(tcpinfo->invflags & ~XT_TCP_INV_MASK); + /* Must specify no unknown invflags */ + return !(tcpinfo->invflags & ~XT_TCP_INV_MASK); } -/* Called when user tries to insert an entry of this type. */ -static int -tcp6_checkentry(const char *tablename, - const void *entry, - void *matchinfo, - unsigned int matchsize, - unsigned int hook_mask) -{ - const struct ip6t_ip6 *ipv6 = entry; - const struct xt_tcp *tcpinfo = matchinfo; - - /* Must specify proto == TCP, and no unknown invflags */ - return ipv6->proto == IPPROTO_TCP - && !(ipv6->invflags & XT_INV_PROTO) - && matchsize == XT_ALIGN(sizeof(struct xt_tcp)) - && !(tcpinfo->invflags & ~XT_TCP_INV_MASK); -} - - static int udp_match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const struct xt_match *match, const void *matchinfo, int offset, unsigned int protoff, @@ -208,127 +188,93 @@ udp_match(const struct sk_buff *skb, static int udp_checkentry(const char *tablename, const void *info, + const struct xt_match *match, void *matchinfo, - unsigned int matchinfosize, - unsigned int hook_mask) -{ - const struct ipt_ip *ip = info; - const struct xt_udp *udpinfo = matchinfo; - - /* Must specify proto == UDP, and no unknown invflags */ - if (ip->proto != IPPROTO_UDP || (ip->invflags & XT_INV_PROTO)) { - duprintf("ipt_udp: Protocol %u != %u\n", ip->proto, - IPPROTO_UDP); - return 0; - } - if (matchinfosize != XT_ALIGN(sizeof(struct xt_udp))) { - duprintf("ipt_udp: matchsize %u != %u\n", - matchinfosize, XT_ALIGN(sizeof(struct xt_udp))); - return 0; - } - if (udpinfo->invflags & ~XT_UDP_INV_MASK) { - duprintf("ipt_udp: unknown flags %X\n", - udpinfo->invflags); - return 0; - } - - return 1; -} - -/* Called when user tries to insert an entry of this type. */ -static int -udp6_checkentry(const char *tablename, - const void *entry, - void *matchinfo, - unsigned int matchinfosize, + unsigned int matchsize, unsigned int hook_mask) { - const struct ip6t_ip6 *ipv6 = entry; - const struct xt_udp *udpinfo = matchinfo; + const struct xt_tcp *udpinfo = matchinfo; - /* Must specify proto == UDP, and no unknown invflags */ - if (ipv6->proto != IPPROTO_UDP || (ipv6->invflags & XT_INV_PROTO)) { - duprintf("ip6t_udp: Protocol %u != %u\n", ipv6->proto, - IPPROTO_UDP); - return 0; - } - if (matchinfosize != XT_ALIGN(sizeof(struct xt_udp))) { - duprintf("ip6t_udp: matchsize %u != %u\n", - matchinfosize, XT_ALIGN(sizeof(struct xt_udp))); - return 0; - } - if (udpinfo->invflags & ~XT_UDP_INV_MASK) { - duprintf("ip6t_udp: unknown flags %X\n", - udpinfo->invflags); - return 0; - } - - return 1; + /* Must specify no unknown invflags */ + return !(udpinfo->invflags & ~XT_UDP_INV_MASK); } static struct xt_match tcp_matchstruct = { .name = "tcp", - .match = &tcp_match, - .checkentry = &tcp_checkentry, + .match = tcp_match, + .matchsize = sizeof(struct xt_tcp), + .proto = IPPROTO_TCP, + .family = AF_INET, + .checkentry = tcp_checkentry, .me = THIS_MODULE, }; + static struct xt_match tcp6_matchstruct = { .name = "tcp", - .match = &tcp_match, - .checkentry = &tcp6_checkentry, + .match = tcp_match, + .matchsize = sizeof(struct xt_tcp), + .proto = IPPROTO_TCP, + .family = AF_INET6, + .checkentry = tcp_checkentry, .me = THIS_MODULE, }; static struct xt_match udp_matchstruct = { .name = "udp", - .match = &udp_match, - .checkentry = &udp_checkentry, + .match = udp_match, + .matchsize = sizeof(struct xt_udp), + .proto = IPPROTO_UDP, + .family = AF_INET, + .checkentry = udp_checkentry, .me = THIS_MODULE, }; static struct xt_match udp6_matchstruct = { .name = "udp", - .match = &udp_match, - .checkentry = &udp6_checkentry, + .match = udp_match, + .matchsize = sizeof(struct xt_udp), + .proto = IPPROTO_UDP, + .family = AF_INET6, + .checkentry = udp_checkentry, .me = THIS_MODULE, }; -static int __init init(void) +static int __init xt_tcpudp_init(void) { int ret; - ret = xt_register_match(AF_INET, &tcp_matchstruct); + ret = xt_register_match(&tcp_matchstruct); if (ret) return ret; - ret = xt_register_match(AF_INET6, &tcp6_matchstruct); + ret = xt_register_match(&tcp6_matchstruct); if (ret) goto out_unreg_tcp; - ret = xt_register_match(AF_INET, &udp_matchstruct); + ret = xt_register_match(&udp_matchstruct); if (ret) goto out_unreg_tcp6; - ret = xt_register_match(AF_INET6, &udp6_matchstruct); + ret = xt_register_match(&udp6_matchstruct); if (ret) goto out_unreg_udp; return ret; out_unreg_udp: - xt_unregister_match(AF_INET, &tcp_matchstruct); + xt_unregister_match(&tcp_matchstruct); out_unreg_tcp6: - xt_unregister_match(AF_INET6, &tcp6_matchstruct); + xt_unregister_match(&tcp6_matchstruct); out_unreg_tcp: - xt_unregister_match(AF_INET, &tcp_matchstruct); + xt_unregister_match(&tcp_matchstruct); return ret; } -static void __exit fini(void) +static void __exit xt_tcpudp_fini(void) { - xt_unregister_match(AF_INET6, &udp6_matchstruct); - xt_unregister_match(AF_INET, &udp_matchstruct); - xt_unregister_match(AF_INET6, &tcp6_matchstruct); - xt_unregister_match(AF_INET, &tcp_matchstruct); + xt_unregister_match(&udp6_matchstruct); + xt_unregister_match(&udp_matchstruct); + xt_unregister_match(&tcp6_matchstruct); + xt_unregister_match(&tcp_matchstruct); } -module_init(init); -module_exit(fini); +module_init(xt_tcpudp_init); +module_exit(xt_tcpudp_fini); diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c index 59dc7d1..2a233ff 100644 --- a/net/netlink/af_netlink.c +++ b/net/netlink/af_netlink.c @@ -106,6 +106,7 @@ struct nl_pid_hash { struct netlink_table { struct nl_pid_hash hash; struct hlist_head mc_list; + unsigned long *listeners; unsigned int nl_nonroot; unsigned int groups; struct module *module; @@ -122,7 +123,7 @@ static void netlink_destroy_callback(struct netlink_callback *cb); static DEFINE_RWLOCK(nl_table_lock); static atomic_t nl_table_users = ATOMIC_INIT(0); -static struct notifier_block *netlink_chain; +static ATOMIC_NOTIFIER_HEAD(netlink_chain); static u32 netlink_group_mask(u32 group) { @@ -296,6 +297,24 @@ static inline int nl_pid_hash_dilute(struct nl_pid_hash *hash, int len) static const struct proto_ops netlink_ops; +static void +netlink_update_listeners(struct sock *sk) +{ + struct netlink_table *tbl = &nl_table[sk->sk_protocol]; + struct hlist_node *node; + unsigned long mask; + unsigned int i; + + for (i = 0; i < NLGRPSZ(tbl->groups)/sizeof(unsigned long); i++) { + mask = 0; + sk_for_each_bound(sk, node, &tbl->mc_list) + mask |= nlk_sk(sk)->groups[i]; + tbl->listeners[i] = mask; + } + /* this function is only called with the netlink table "grabbed", which + * makes sure updates are visible before bind or setsockopt return. */ +} + static int netlink_insert(struct sock *sk, u32 pid) { struct nl_pid_hash *hash = &nl_table[sk->sk_protocol].hash; @@ -450,18 +469,21 @@ static int netlink_release(struct socket *sock) .protocol = sk->sk_protocol, .pid = nlk->pid, }; - notifier_call_chain(&netlink_chain, NETLINK_URELEASE, &n); + atomic_notifier_call_chain(&netlink_chain, + NETLINK_URELEASE, &n); } if (nlk->module) module_put(nlk->module); + netlink_table_grab(); if (nlk->flags & NETLINK_KERNEL_SOCKET) { - netlink_table_grab(); + kfree(nl_table[sk->sk_protocol].listeners); nl_table[sk->sk_protocol].module = NULL; nl_table[sk->sk_protocol].registered = 0; - netlink_table_ungrab(); - } + } else if (nlk->subscriptions) + netlink_update_listeners(sk); + netlink_table_ungrab(); kfree(nlk->groups); nlk->groups = NULL; @@ -589,6 +611,7 @@ static int netlink_bind(struct socket *sock, struct sockaddr *addr, int addr_len hweight32(nladdr->nl_groups) - hweight32(nlk->groups[0])); nlk->groups[0] = (nlk->groups[0] & ~0xffffffffUL) | nladdr->nl_groups; + netlink_update_listeners(sk); netlink_table_ungrab(); return 0; @@ -807,6 +830,17 @@ retry: return netlink_sendskb(sk, skb, ssk->sk_protocol); } +int netlink_has_listeners(struct sock *sk, unsigned int group) +{ + int res = 0; + + BUG_ON(!(nlk_sk(sk)->flags & NETLINK_KERNEL_SOCKET)); + if (group - 1 < nl_table[sk->sk_protocol].groups) + res = test_bit(group - 1, nl_table[sk->sk_protocol].listeners); + return res; +} +EXPORT_SYMBOL_GPL(netlink_has_listeners); + static __inline__ int netlink_broadcast_deliver(struct sock *sk, struct sk_buff *skb) { struct netlink_sock *nlk = nlk_sk(sk); @@ -1011,6 +1045,7 @@ static int netlink_setsockopt(struct socket *sock, int level, int optname, else __clear_bit(val - 1, nlk->groups); netlink_update_subscriptions(sk, subscriptions); + netlink_update_listeners(sk); netlink_table_ungrab(); err = 0; break; @@ -1237,6 +1272,7 @@ netlink_kernel_create(int unit, unsigned int groups, struct socket *sock; struct sock *sk; struct netlink_sock *nlk; + unsigned long *listeners = NULL; if (!nl_table) return NULL; @@ -1250,6 +1286,13 @@ netlink_kernel_create(int unit, unsigned int groups, if (__netlink_create(sock, unit) < 0) goto out_sock_release; + if (groups < 32) + groups = 32; + + listeners = kzalloc(NLGRPSZ(groups), GFP_KERNEL); + if (!listeners) + goto out_sock_release; + sk = sock->sk; sk->sk_data_ready = netlink_data_ready; if (input) @@ -1262,7 +1305,8 @@ netlink_kernel_create(int unit, unsigned int groups, nlk->flags |= NETLINK_KERNEL_SOCKET; netlink_table_grab(); - nl_table[unit].groups = groups < 32 ? 32 : groups; + nl_table[unit].groups = groups; + nl_table[unit].listeners = listeners; nl_table[unit].module = module; nl_table[unit].registered = 1; netlink_table_ungrab(); @@ -1270,6 +1314,7 @@ netlink_kernel_create(int unit, unsigned int groups, return sk; out_sock_release: + kfree(listeners); sock_release(sock); return NULL; } @@ -1651,12 +1696,12 @@ static struct file_operations netlink_seq_fops = { int netlink_register_notifier(struct notifier_block *nb) { - return notifier_chain_register(&netlink_chain, nb); + return atomic_notifier_chain_register(&netlink_chain, nb); } int netlink_unregister_notifier(struct notifier_block *nb) { - return notifier_chain_unregister(&netlink_chain, nb); + return atomic_notifier_chain_unregister(&netlink_chain, nb); } static const struct proto_ops netlink_ops = { diff --git a/net/netlink/genetlink.c b/net/netlink/genetlink.c index 43e7241..f329b72 100644 --- a/net/netlink/genetlink.c +++ b/net/netlink/genetlink.c @@ -13,26 +13,27 @@ #include <linux/socket.h> #include <linux/string.h> #include <linux/skbuff.h> +#include <linux/mutex.h> #include <net/sock.h> #include <net/genetlink.h> struct sock *genl_sock = NULL; -static DECLARE_MUTEX(genl_sem); /* serialization of message processing */ +static DEFINE_MUTEX(genl_mutex); /* serialization of message processing */ static void genl_lock(void) { - down(&genl_sem); + mutex_lock(&genl_mutex); } static int genl_trylock(void) { - return down_trylock(&genl_sem); + return !mutex_trylock(&genl_mutex); } static void genl_unlock(void) { - up(&genl_sem); + mutex_unlock(&genl_mutex); if (genl_sock && genl_sock->sk_receive_queue.qlen) genl_sock->sk_data_ready(genl_sock, 0); diff --git a/net/nonet.c b/net/nonet.c index 1230f0a..92e7664 100644 --- a/net/nonet.c +++ b/net/nonet.c @@ -19,7 +19,7 @@ static int sock_no_open(struct inode *irrelevant, struct file *dontcare) return -ENXIO; } -struct file_operations bad_sock_fops = { +const struct file_operations bad_sock_fops = { .owner = THIS_MODULE, .open = sock_no_open, }; diff --git a/net/rxrpc/main.c b/net/rxrpc/main.c index 36fdcbc..48cbd06 100644 --- a/net/rxrpc/main.c +++ b/net/rxrpc/main.c @@ -79,8 +79,8 @@ static int __init rxrpc_initialise(void) error_sysctl: #ifdef CONFIG_SYSCTL rxrpc_sysctl_cleanup(); -#endif error_proc: +#endif #ifdef CONFIG_PROC_FS rxrpc_proc_cleanup(); #endif diff --git a/net/sched/Kconfig b/net/sched/Kconfig index 778b1e5..13eeee5 100644 --- a/net/sched/Kconfig +++ b/net/sched/Kconfig @@ -434,7 +434,6 @@ config NET_EMATCH_TEXT config NET_CLS_ACT bool "Actions" - depends on EXPERIMENTAL select NET_ESTIMATOR ---help--- Say Y here if you want to use traffic control actions. Actions diff --git a/net/sched/act_ipt.c b/net/sched/act_ipt.c index 39a22a3..6056d20 100644 --- a/net/sched/act_ipt.c +++ b/net/sched/act_ipt.c @@ -70,7 +70,8 @@ ipt_init_target(struct ipt_entry_target *t, char *table, unsigned int hook) t->u.kernel.target = target; if (t->u.kernel.target->checkentry - && !t->u.kernel.target->checkentry(table, NULL, t->data, + && !t->u.kernel.target->checkentry(table, NULL, + t->u.kernel.target, t->data, t->u.target_size - sizeof(*t), hook)) { DPRINTK("ipt_init_target: check failed for `%s'.\n", @@ -86,7 +87,7 @@ static void ipt_destroy_target(struct ipt_entry_target *t) { if (t->u.kernel.target->destroy) - t->u.kernel.target->destroy(t->data, + t->u.kernel.target->destroy(t->u.kernel.target, t->data, t->u.target_size - sizeof(*t)); module_put(t->u.kernel.target->me); } @@ -224,8 +225,9 @@ tcf_ipt(struct sk_buff *skb, struct tc_action *a, struct tcf_result *res) /* iptables targets take a double skb pointer in case the skb * needs to be replaced. We don't own the skb, so this must not * happen. The pskb_expand_head above should make sure of this */ - ret = p->t->u.kernel.target->target(&skb, skb->dev, NULL, - p->hook, p->t->data, NULL); + ret = p->t->u.kernel.target->target(&skb, skb->dev, NULL, p->hook, + p->t->u.kernel.target, p->t->data, + NULL); switch (ret) { case NF_ACCEPT: result = TC_ACT_OK; diff --git a/net/sched/cls_u32.c b/net/sched/cls_u32.c index 2b67047..78e0525 100644 --- a/net/sched/cls_u32.c +++ b/net/sched/cls_u32.c @@ -347,8 +347,7 @@ static int u32_destroy_key(struct tcf_proto *tp, struct tc_u_knode *n) if (n->ht_down) n->ht_down->refcnt--; #ifdef CONFIG_CLS_U32_PERF - if (n) - kfree(n->pf); + kfree(n->pf); #endif kfree(n); return 0; @@ -680,8 +679,7 @@ static int u32_change(struct tcf_proto *tp, unsigned long base, u32 handle, return 0; } #ifdef CONFIG_CLS_U32_PERF - if (n) - kfree(n->pf); + kfree(n->pf); #endif kfree(n); return err; diff --git a/net/sched/sch_atm.c b/net/sched/sch_atm.c index 93ebce4..ac7cb60 100644 --- a/net/sched/sch_atm.c +++ b/net/sched/sch_atm.c @@ -638,6 +638,7 @@ static int atm_tc_dump_class(struct Qdisc *sch, unsigned long cl, sch,p,flow,skb,tcm); if (!find_flow(p,flow)) return -EINVAL; tcm->tcm_handle = flow->classid; + tcm->tcm_info = flow->q->handle; rta = (struct rtattr *) b; RTA_PUT(skb,TCA_OPTIONS,0,NULL); RTA_PUT(skb,TCA_ATM_HDR,flow->hdr_len,flow->hdr); diff --git a/net/sched/sch_dsmark.c b/net/sched/sch_dsmark.c index 13e0e7b..f6320ca 100644 --- a/net/sched/sch_dsmark.c +++ b/net/sched/sch_dsmark.c @@ -438,6 +438,7 @@ static int dsmark_dump_class(struct Qdisc *sch, unsigned long cl, return -EINVAL; tcm->tcm_handle = TC_H_MAKE(TC_H_MAJ(sch->handle), cl-1); + tcm->tcm_info = p->q->handle; opts = RTA_NEST(skb, TCA_OPTIONS); RTA_PUT_U8(skb,TCA_DSMARK_MASK, p->mask[cl-1]); diff --git a/net/sched/sch_generic.c b/net/sched/sch_generic.c index 99ceb91..31eb837 100644 --- a/net/sched/sch_generic.c +++ b/net/sched/sch_generic.c @@ -234,7 +234,7 @@ static void dev_watchdog_down(struct net_device *dev) { spin_lock_bh(&dev->xmit_lock); if (del_timer(&dev->watchdog_timer)) - __dev_put(dev); + dev_put(dev); spin_unlock_bh(&dev->xmit_lock); } diff --git a/net/sched/sch_netem.c b/net/sched/sch_netem.c index ba52832..7228d30 100644 --- a/net/sched/sch_netem.c +++ b/net/sched/sch_netem.c @@ -252,9 +252,9 @@ static int netem_requeue(struct sk_buff *skb, struct Qdisc *sch) static unsigned int netem_drop(struct Qdisc* sch) { struct netem_sched_data *q = qdisc_priv(sch); - unsigned int len; + unsigned int len = 0; - if ((len = q->qdisc->ops->drop(q->qdisc)) != 0) { + if (q->qdisc->ops->drop && (len = q->qdisc->ops->drop(q->qdisc)) != 0) { sch->q.qlen--; sch->qstats.drops++; } diff --git a/net/sched/sch_prio.c b/net/sched/sch_prio.c index 1641db3..3395ca7 100644 --- a/net/sched/sch_prio.c +++ b/net/sched/sch_prio.c @@ -165,7 +165,7 @@ static unsigned int prio_drop(struct Qdisc* sch) for (prio = q->bands-1; prio >= 0; prio--) { qdisc = q->queues[prio]; - if ((len = qdisc->ops->drop(qdisc)) != 0) { + if (qdisc->ops->drop && (len = qdisc->ops->drop(qdisc)) != 0) { sch->q.qlen--; return len; } diff --git a/net/sched/sch_red.c b/net/sched/sch_red.c index dccfa44..2be563c 100644 --- a/net/sched/sch_red.c +++ b/net/sched/sch_red.c @@ -44,6 +44,7 @@ struct red_sched_data unsigned char flags; struct red_parms parms; struct red_stats stats; + struct Qdisc *qdisc; }; static inline int red_use_ecn(struct red_sched_data *q) @@ -59,8 +60,10 @@ static inline int red_use_harddrop(struct red_sched_data *q) static int red_enqueue(struct sk_buff *skb, struct Qdisc* sch) { struct red_sched_data *q = qdisc_priv(sch); + struct Qdisc *child = q->qdisc; + int ret; - q->parms.qavg = red_calc_qavg(&q->parms, sch->qstats.backlog); + q->parms.qavg = red_calc_qavg(&q->parms, child->qstats.backlog); if (red_is_idling(&q->parms)) red_end_of_idle_period(&q->parms); @@ -91,11 +94,16 @@ static int red_enqueue(struct sk_buff *skb, struct Qdisc* sch) break; } - if (sch->qstats.backlog + skb->len <= q->limit) - return qdisc_enqueue_tail(skb, sch); - - q->stats.pdrop++; - return qdisc_drop(skb, sch); + ret = child->enqueue(skb, child); + if (likely(ret == NET_XMIT_SUCCESS)) { + sch->bstats.bytes += skb->len; + sch->bstats.packets++; + sch->q.qlen++; + } else { + q->stats.pdrop++; + sch->qstats.drops++; + } + return ret; congestion_drop: qdisc_drop(skb, sch); @@ -105,21 +113,30 @@ congestion_drop: static int red_requeue(struct sk_buff *skb, struct Qdisc* sch) { struct red_sched_data *q = qdisc_priv(sch); + struct Qdisc *child = q->qdisc; + int ret; if (red_is_idling(&q->parms)) red_end_of_idle_period(&q->parms); - return qdisc_requeue(skb, sch); + ret = child->ops->requeue(skb, child); + if (likely(ret == NET_XMIT_SUCCESS)) { + sch->qstats.requeues++; + sch->q.qlen++; + } + return ret; } static struct sk_buff * red_dequeue(struct Qdisc* sch) { struct sk_buff *skb; struct red_sched_data *q = qdisc_priv(sch); + struct Qdisc *child = q->qdisc; - skb = qdisc_dequeue_head(sch); - - if (skb == NULL && !red_is_idling(&q->parms)) + skb = child->dequeue(child); + if (skb) + sch->q.qlen--; + else if (!red_is_idling(&q->parms)) red_start_of_idle_period(&q->parms); return skb; @@ -127,14 +144,14 @@ static struct sk_buff * red_dequeue(struct Qdisc* sch) static unsigned int red_drop(struct Qdisc* sch) { - struct sk_buff *skb; struct red_sched_data *q = qdisc_priv(sch); + struct Qdisc *child = q->qdisc; + unsigned int len; - skb = qdisc_dequeue_tail(sch); - if (skb) { - unsigned int len = skb->len; + if (child->ops->drop && (len = child->ops->drop(child)) > 0) { q->stats.other++; - qdisc_drop(skb, sch); + sch->qstats.drops++; + sch->q.qlen--; return len; } @@ -148,15 +165,48 @@ static void red_reset(struct Qdisc* sch) { struct red_sched_data *q = qdisc_priv(sch); - qdisc_reset_queue(sch); + qdisc_reset(q->qdisc); + sch->q.qlen = 0; red_restart(&q->parms); } +static void red_destroy(struct Qdisc *sch) +{ + struct red_sched_data *q = qdisc_priv(sch); + qdisc_destroy(q->qdisc); +} + +static struct Qdisc *red_create_dflt(struct net_device *dev, u32 limit) +{ + struct Qdisc *q = qdisc_create_dflt(dev, &bfifo_qdisc_ops); + struct rtattr *rta; + int ret; + + if (q) { + rta = kmalloc(RTA_LENGTH(sizeof(struct tc_fifo_qopt)), + GFP_KERNEL); + if (rta) { + rta->rta_type = RTM_NEWQDISC; + rta->rta_len = RTA_LENGTH(sizeof(struct tc_fifo_qopt)); + ((struct tc_fifo_qopt *)RTA_DATA(rta))->limit = limit; + + ret = q->ops->change(q, rta); + kfree(rta); + + if (ret == 0) + return q; + } + qdisc_destroy(q); + } + return NULL; +} + static int red_change(struct Qdisc *sch, struct rtattr *opt) { struct red_sched_data *q = qdisc_priv(sch); struct rtattr *tb[TCA_RED_MAX]; struct tc_red_qopt *ctl; + struct Qdisc *child = NULL; if (opt == NULL || rtattr_parse_nested(tb, TCA_RED_MAX, opt)) return -EINVAL; @@ -169,9 +219,17 @@ static int red_change(struct Qdisc *sch, struct rtattr *opt) ctl = RTA_DATA(tb[TCA_RED_PARMS-1]); + if (ctl->limit > 0) { + child = red_create_dflt(sch->dev, ctl->limit); + if (child == NULL) + return -ENOMEM; + } + sch_tree_lock(sch); q->flags = ctl->flags; q->limit = ctl->limit; + if (child) + qdisc_destroy(xchg(&q->qdisc, child)); red_set_parms(&q->parms, ctl->qth_min, ctl->qth_max, ctl->Wlog, ctl->Plog, ctl->Scell_log, @@ -186,6 +244,9 @@ static int red_change(struct Qdisc *sch, struct rtattr *opt) static int red_init(struct Qdisc* sch, struct rtattr *opt) { + struct red_sched_data *q = qdisc_priv(sch); + + q->qdisc = &noop_qdisc; return red_change(sch, opt); } @@ -224,15 +285,101 @@ static int red_dump_stats(struct Qdisc *sch, struct gnet_dump *d) return gnet_stats_copy_app(d, &st, sizeof(st)); } +static int red_dump_class(struct Qdisc *sch, unsigned long cl, + struct sk_buff *skb, struct tcmsg *tcm) +{ + struct red_sched_data *q = qdisc_priv(sch); + + if (cl != 1) + return -ENOENT; + tcm->tcm_handle |= TC_H_MIN(1); + tcm->tcm_info = q->qdisc->handle; + return 0; +} + +static int red_graft(struct Qdisc *sch, unsigned long arg, struct Qdisc *new, + struct Qdisc **old) +{ + struct red_sched_data *q = qdisc_priv(sch); + + if (new == NULL) + new = &noop_qdisc; + + sch_tree_lock(sch); + *old = xchg(&q->qdisc, new); + qdisc_reset(*old); + sch->q.qlen = 0; + sch_tree_unlock(sch); + return 0; +} + +static struct Qdisc *red_leaf(struct Qdisc *sch, unsigned long arg) +{ + struct red_sched_data *q = qdisc_priv(sch); + return q->qdisc; +} + +static unsigned long red_get(struct Qdisc *sch, u32 classid) +{ + return 1; +} + +static void red_put(struct Qdisc *sch, unsigned long arg) +{ + return; +} + +static int red_change_class(struct Qdisc *sch, u32 classid, u32 parentid, + struct rtattr **tca, unsigned long *arg) +{ + return -ENOSYS; +} + +static int red_delete(struct Qdisc *sch, unsigned long cl) +{ + return -ENOSYS; +} + +static void red_walk(struct Qdisc *sch, struct qdisc_walker *walker) +{ + if (!walker->stop) { + if (walker->count >= walker->skip) + if (walker->fn(sch, 1, walker) < 0) { + walker->stop = 1; + return; + } + walker->count++; + } +} + +static struct tcf_proto **red_find_tcf(struct Qdisc *sch, unsigned long cl) +{ + return NULL; +} + +static struct Qdisc_class_ops red_class_ops = { + .graft = red_graft, + .leaf = red_leaf, + .get = red_get, + .put = red_put, + .change = red_change_class, + .delete = red_delete, + .walk = red_walk, + .tcf_chain = red_find_tcf, + .dump = red_dump_class, +}; + static struct Qdisc_ops red_qdisc_ops = { .id = "red", .priv_size = sizeof(struct red_sched_data), + .cl_ops = &red_class_ops, .enqueue = red_enqueue, .dequeue = red_dequeue, .requeue = red_requeue, .drop = red_drop, .init = red_init, .reset = red_reset, + .destroy = red_destroy, .change = red_change, .dump = red_dump, .dump_stats = red_dump_stats, diff --git a/net/sched/sch_sfq.c b/net/sched/sch_sfq.c index 86d8da0..e057768 100644 --- a/net/sched/sch_sfq.c +++ b/net/sched/sch_sfq.c @@ -232,6 +232,7 @@ static unsigned int sfq_drop(struct Qdisc *sch) sfq_dec(q, x); sch->q.qlen--; sch->qstats.drops++; + sch->qstats.backlog -= len; return len; } @@ -248,6 +249,7 @@ static unsigned int sfq_drop(struct Qdisc *sch) sch->q.qlen--; q->ht[q->hash[d]] = SFQ_DEPTH; sch->qstats.drops++; + sch->qstats.backlog -= len; return len; } @@ -266,6 +268,7 @@ sfq_enqueue(struct sk_buff *skb, struct Qdisc* sch) q->ht[hash] = x = q->dep[SFQ_DEPTH].next; q->hash[x] = hash; } + sch->qstats.backlog += skb->len; __skb_queue_tail(&q->qs[x], skb); sfq_inc(q, x); if (q->qs[x].qlen == 1) { /* The flow is new */ @@ -301,6 +304,7 @@ sfq_requeue(struct sk_buff *skb, struct Qdisc* sch) q->ht[hash] = x = q->dep[SFQ_DEPTH].next; q->hash[x] = hash; } + sch->qstats.backlog += skb->len; __skb_queue_head(&q->qs[x], skb); sfq_inc(q, x); if (q->qs[x].qlen == 1) { /* The flow is new */ @@ -344,6 +348,7 @@ sfq_dequeue(struct Qdisc* sch) skb = __skb_dequeue(&q->qs[a]); sfq_dec(q, a); sch->q.qlen--; + sch->qstats.backlog -= skb->len; /* Is the slot empty? */ if (q->qs[a].qlen == 0) { diff --git a/net/sched/sch_tbf.c b/net/sched/sch_tbf.c index cb9711e..d8e03c7 100644 --- a/net/sched/sch_tbf.c +++ b/net/sched/sch_tbf.c @@ -177,9 +177,9 @@ static int tbf_requeue(struct sk_buff *skb, struct Qdisc* sch) static unsigned int tbf_drop(struct Qdisc* sch) { struct tbf_sched_data *q = qdisc_priv(sch); - unsigned int len; + unsigned int len = 0; - if ((len = q->qdisc->ops->drop(q->qdisc)) != 0) { + if (q->qdisc->ops->drop && (len = q->qdisc->ops->drop(q->qdisc)) != 0) { sch->q.qlen--; sch->qstats.drops++; } @@ -341,13 +341,14 @@ static int tbf_change(struct Qdisc* sch, struct rtattr *opt) if (max_size < 0) goto done; - if (q->qdisc == &noop_qdisc) { + if (qopt->limit > 0) { if ((child = tbf_create_dflt_qdisc(sch->dev, qopt->limit)) == NULL) goto done; } sch_tree_lock(sch); - if (child) q->qdisc = child; + if (child) + qdisc_destroy(xchg(&q->qdisc, child)); q->limit = qopt->limit; q->mtu = qopt->mtu; q->max_size = max_size; diff --git a/net/sctp/input.c b/net/sctp/input.c index cb78b50..d117ebc 100644 --- a/net/sctp/input.c +++ b/net/sctp/input.c @@ -127,7 +127,6 @@ int sctp_rcv(struct sk_buff *skb) union sctp_addr dest; int family; struct sctp_af *af; - int ret = 0; if (skb->pkt_type!=PACKET_HOST) goto discard_it; @@ -227,16 +226,13 @@ int sctp_rcv(struct sk_buff *skb) goto discard_release; nf_reset(skb); - ret = sk_filter(sk, skb, 1); - if (ret) + if (sk_filter(sk, skb, 1)) goto discard_release; /* Create an SCTP packet structure. */ chunk = sctp_chunkify(skb, asoc, sk); - if (!chunk) { - ret = -ENOMEM; + if (!chunk) goto discard_release; - } SCTP_INPUT_CB(skb)->chunk = chunk; /* Remember what endpoint is to handle this packet. */ @@ -277,11 +273,11 @@ int sctp_rcv(struct sk_buff *skb) sctp_bh_unlock_sock(sk); sock_put(sk); - return ret; + return 0; discard_it: kfree_skb(skb); - return ret; + return 0; discard_release: /* Release any structures we may be holding. */ diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c index 2e26612..c20d282 100644 --- a/net/sctp/ipv6.c +++ b/net/sctp/ipv6.c @@ -861,23 +861,27 @@ static int sctp_inet6_supported_addrs(const struct sctp_sock *opt, } static const struct proto_ops inet6_seqpacket_ops = { - .family = PF_INET6, - .owner = THIS_MODULE, - .release = inet6_release, - .bind = inet6_bind, - .connect = inet_dgram_connect, - .socketpair = sock_no_socketpair, - .accept = inet_accept, - .getname = inet6_getname, - .poll = sctp_poll, - .ioctl = inet6_ioctl, - .listen = sctp_inet_listen, - .shutdown = inet_shutdown, - .setsockopt = sock_common_setsockopt, - .getsockopt = sock_common_getsockopt, - .sendmsg = inet_sendmsg, - .recvmsg = sock_common_recvmsg, - .mmap = sock_no_mmap, + .family = PF_INET6, + .owner = THIS_MODULE, + .release = inet6_release, + .bind = inet6_bind, + .connect = inet_dgram_connect, + .socketpair = sock_no_socketpair, + .accept = inet_accept, + .getname = inet6_getname, + .poll = sctp_poll, + .ioctl = inet6_ioctl, + .listen = sctp_inet_listen, + .shutdown = inet_shutdown, + .setsockopt = sock_common_setsockopt, + .getsockopt = sock_common_getsockopt, + .sendmsg = inet_sendmsg, + .recvmsg = sock_common_recvmsg, + .mmap = sock_no_mmap, +#ifdef CONFIG_COMPAT + .compat_setsockopt = compat_sock_common_setsockopt, + .compat_getsockopt = compat_sock_common_getsockopt, +#endif }; static struct inet_protosw sctpv6_seqpacket_protosw = { @@ -911,31 +915,35 @@ static struct inet6_protocol sctpv6_protocol = { }; static struct sctp_af sctp_ipv6_specific = { - .sctp_xmit = sctp_v6_xmit, - .setsockopt = ipv6_setsockopt, - .getsockopt = ipv6_getsockopt, - .get_dst = sctp_v6_get_dst, - .get_saddr = sctp_v6_get_saddr, - .copy_addrlist = sctp_v6_copy_addrlist, - .from_skb = sctp_v6_from_skb, - .from_sk = sctp_v6_from_sk, - .to_sk_saddr = sctp_v6_to_sk_saddr, - .to_sk_daddr = sctp_v6_to_sk_daddr, - .from_addr_param = sctp_v6_from_addr_param, - .to_addr_param = sctp_v6_to_addr_param, - .dst_saddr = sctp_v6_dst_saddr, - .cmp_addr = sctp_v6_cmp_addr, - .scope = sctp_v6_scope, - .addr_valid = sctp_v6_addr_valid, - .inaddr_any = sctp_v6_inaddr_any, - .is_any = sctp_v6_is_any, - .available = sctp_v6_available, - .skb_iif = sctp_v6_skb_iif, - .is_ce = sctp_v6_is_ce, - .seq_dump_addr = sctp_v6_seq_dump_addr, - .net_header_len = sizeof(struct ipv6hdr), - .sockaddr_len = sizeof(struct sockaddr_in6), - .sa_family = AF_INET6, + .sa_family = AF_INET6, + .sctp_xmit = sctp_v6_xmit, + .setsockopt = ipv6_setsockopt, + .getsockopt = ipv6_getsockopt, + .get_dst = sctp_v6_get_dst, + .get_saddr = sctp_v6_get_saddr, + .copy_addrlist = sctp_v6_copy_addrlist, + .from_skb = sctp_v6_from_skb, + .from_sk = sctp_v6_from_sk, + .to_sk_saddr = sctp_v6_to_sk_saddr, + .to_sk_daddr = sctp_v6_to_sk_daddr, + .from_addr_param = sctp_v6_from_addr_param, + .to_addr_param = sctp_v6_to_addr_param, + .dst_saddr = sctp_v6_dst_saddr, + .cmp_addr = sctp_v6_cmp_addr, + .scope = sctp_v6_scope, + .addr_valid = sctp_v6_addr_valid, + .inaddr_any = sctp_v6_inaddr_any, + .is_any = sctp_v6_is_any, + .available = sctp_v6_available, + .skb_iif = sctp_v6_skb_iif, + .is_ce = sctp_v6_is_ce, + .seq_dump_addr = sctp_v6_seq_dump_addr, + .net_header_len = sizeof(struct ipv6hdr), + .sockaddr_len = sizeof(struct sockaddr_in6), +#ifdef CONFIG_COMPAT + .compat_setsockopt = compat_ipv6_setsockopt, + .compat_getsockopt = compat_ipv6_getsockopt, +#endif }; static struct sctp_pf sctp_pf_inet6_specific = { diff --git a/net/sctp/protocol.c b/net/sctp/protocol.c index de693b4..2088aa9 100644 --- a/net/sctp/protocol.c +++ b/net/sctp/protocol.c @@ -831,24 +831,28 @@ static struct notifier_block sctp_inetaddr_notifier = { /* Socket operations. */ static const struct proto_ops inet_seqpacket_ops = { - .family = PF_INET, - .owner = THIS_MODULE, - .release = inet_release, /* Needs to be wrapped... */ - .bind = inet_bind, - .connect = inet_dgram_connect, - .socketpair = sock_no_socketpair, - .accept = inet_accept, - .getname = inet_getname, /* Semantics are different. */ - .poll = sctp_poll, - .ioctl = inet_ioctl, - .listen = sctp_inet_listen, - .shutdown = inet_shutdown, /* Looks harmless. */ - .setsockopt = sock_common_setsockopt, /* IP_SOL IP_OPTION is a problem. */ - .getsockopt = sock_common_getsockopt, - .sendmsg = inet_sendmsg, - .recvmsg = sock_common_recvmsg, - .mmap = sock_no_mmap, - .sendpage = sock_no_sendpage, + .family = PF_INET, + .owner = THIS_MODULE, + .release = inet_release, /* Needs to be wrapped... */ + .bind = inet_bind, + .connect = inet_dgram_connect, + .socketpair = sock_no_socketpair, + .accept = inet_accept, + .getname = inet_getname, /* Semantics are different. */ + .poll = sctp_poll, + .ioctl = inet_ioctl, + .listen = sctp_inet_listen, + .shutdown = inet_shutdown, /* Looks harmless. */ + .setsockopt = sock_common_setsockopt, /* IP_SOL IP_OPTION is a problem */ + .getsockopt = sock_common_getsockopt, + .sendmsg = inet_sendmsg, + .recvmsg = sock_common_recvmsg, + .mmap = sock_no_mmap, + .sendpage = sock_no_sendpage, +#ifdef CONFIG_COMPAT + .compat_setsockopt = compat_sock_common_setsockopt, + .compat_getsockopt = compat_sock_common_getsockopt, +#endif }; /* Registration with AF_INET family. */ @@ -880,31 +884,35 @@ static struct net_protocol sctp_protocol = { /* IPv4 address related functions. */ static struct sctp_af sctp_ipv4_specific = { - .sctp_xmit = sctp_v4_xmit, - .setsockopt = ip_setsockopt, - .getsockopt = ip_getsockopt, - .get_dst = sctp_v4_get_dst, - .get_saddr = sctp_v4_get_saddr, - .copy_addrlist = sctp_v4_copy_addrlist, - .from_skb = sctp_v4_from_skb, - .from_sk = sctp_v4_from_sk, - .to_sk_saddr = sctp_v4_to_sk_saddr, - .to_sk_daddr = sctp_v4_to_sk_daddr, - .from_addr_param= sctp_v4_from_addr_param, - .to_addr_param = sctp_v4_to_addr_param, - .dst_saddr = sctp_v4_dst_saddr, - .cmp_addr = sctp_v4_cmp_addr, - .addr_valid = sctp_v4_addr_valid, - .inaddr_any = sctp_v4_inaddr_any, - .is_any = sctp_v4_is_any, - .available = sctp_v4_available, - .scope = sctp_v4_scope, - .skb_iif = sctp_v4_skb_iif, - .is_ce = sctp_v4_is_ce, - .seq_dump_addr = sctp_v4_seq_dump_addr, - .net_header_len = sizeof(struct iphdr), - .sockaddr_len = sizeof(struct sockaddr_in), - .sa_family = AF_INET, + .sa_family = AF_INET, + .sctp_xmit = sctp_v4_xmit, + .setsockopt = ip_setsockopt, + .getsockopt = ip_getsockopt, + .get_dst = sctp_v4_get_dst, + .get_saddr = sctp_v4_get_saddr, + .copy_addrlist = sctp_v4_copy_addrlist, + .from_skb = sctp_v4_from_skb, + .from_sk = sctp_v4_from_sk, + .to_sk_saddr = sctp_v4_to_sk_saddr, + .to_sk_daddr = sctp_v4_to_sk_daddr, + .from_addr_param = sctp_v4_from_addr_param, + .to_addr_param = sctp_v4_to_addr_param, + .dst_saddr = sctp_v4_dst_saddr, + .cmp_addr = sctp_v4_cmp_addr, + .addr_valid = sctp_v4_addr_valid, + .inaddr_any = sctp_v4_inaddr_any, + .is_any = sctp_v4_is_any, + .available = sctp_v4_available, + .scope = sctp_v4_scope, + .skb_iif = sctp_v4_skb_iif, + .is_ce = sctp_v4_is_ce, + .seq_dump_addr = sctp_v4_seq_dump_addr, + .net_header_len = sizeof(struct iphdr), + .sockaddr_len = sizeof(struct sockaddr_in), +#ifdef CONFIG_COMPAT + .compat_setsockopt = compat_ip_setsockopt, + .compat_getsockopt = compat_ip_getsockopt, +#endif }; struct sctp_pf *sctp_get_pf_specific(sa_family_t family) { diff --git a/net/sctp/socket.c b/net/sctp/socket.c index 0ea947e..b6e4b89 100644 --- a/net/sctp/socket.c +++ b/net/sctp/socket.c @@ -4894,6 +4894,8 @@ unsigned int sctp_poll(struct file *file, struct socket *sock, poll_table *wait) /* Is there any exceptional events? */ if (sk->sk_err || !skb_queue_empty(&sk->sk_error_queue)) mask |= POLLERR; + if (sk->sk_shutdown & RCV_SHUTDOWN) + mask |= POLLRDHUP; if (sk->sk_shutdown == SHUTDOWN_MASK) mask |= POLLHUP; diff --git a/net/socket.c b/net/socket.c index a00851f..b13042f 100644 --- a/net/socket.c +++ b/net/socket.c @@ -68,6 +68,7 @@ #include <linux/netdevice.h> #include <linux/proc_fs.h> #include <linux/seq_file.h> +#include <linux/mutex.h> #include <linux/wanrouter.h> #include <linux/if_bridge.h> #include <linux/if_frad.h> @@ -84,10 +85,7 @@ #include <linux/compat.h> #include <linux/kmod.h> #include <linux/audit.h> - -#ifdef CONFIG_NET_RADIO -#include <linux/wireless.h> /* Note : will define WIRELESS_EXT */ -#endif /* CONFIG_NET_RADIO */ +#include <linux/wireless.h> #include <asm/uaccess.h> #include <asm/unistd.h> @@ -109,6 +107,10 @@ static unsigned int sock_poll(struct file *file, struct poll_table_struct *wait); static long sock_ioctl(struct file *file, unsigned int cmd, unsigned long arg); +#ifdef CONFIG_COMPAT +static long compat_sock_ioctl(struct file *file, + unsigned int cmd, unsigned long arg); +#endif static int sock_fasync(int fd, struct file *filp, int on); static ssize_t sock_readv(struct file *file, const struct iovec *vector, unsigned long count, loff_t *ppos); @@ -117,6 +119,9 @@ static ssize_t sock_writev(struct file *file, const struct iovec *vector, static ssize_t sock_sendpage(struct file *file, struct page *page, int offset, size_t size, loff_t *ppos, int more); +extern ssize_t generic_splice_sendpage(struct inode *inode, struct file *out, + size_t len, unsigned int flags); + /* * Socket files have a set of 'special' operations as well as the generic file ones. These don't appear @@ -130,13 +135,17 @@ static struct file_operations socket_file_ops = { .aio_write = sock_aio_write, .poll = sock_poll, .unlocked_ioctl = sock_ioctl, +#ifdef CONFIG_COMPAT + .compat_ioctl = compat_sock_ioctl, +#endif .mmap = sock_mmap, .open = sock_no_open, /* special open code to disallow open via /proc */ .release = sock_close, .fasync = sock_fasync, .readv = sock_readv, .writev = sock_writev, - .sendpage = sock_sendpage + .sendpage = sock_sendpage, + .splice_write = generic_splice_sendpage, }; /* @@ -314,7 +323,8 @@ static int init_inodecache(void) { sock_inode_cachep = kmem_cache_create("sock_inode_cache", sizeof(struct socket_alloc), - 0, SLAB_HWCACHE_ALIGN|SLAB_RECLAIM_ACCOUNT, + 0, (SLAB_HWCACHE_ALIGN|SLAB_RECLAIM_ACCOUNT| + SLAB_MEM_SPREAD), init_once, NULL); if (sock_inode_cachep == NULL) return -ENOMEM; @@ -351,8 +361,8 @@ static struct dentry_operations sockfs_dentry_operations = { /* * Obtains the first available file descriptor and sets it up for use. * - * This function creates file structure and maps it to fd space - * of current process. On success it returns file descriptor + * These functions create file structures and maps them to fd space + * of the current process. On success it returns file descriptor * and file struct implicitly stored in sock->file. * Note that another thread may close file descriptor before we return * from this function. We use the fact that now we do not refer @@ -365,53 +375,90 @@ static struct dentry_operations sockfs_dentry_operations = { * but we take care of internal coherence yet. */ -int sock_map_fd(struct socket *sock) +static int sock_alloc_fd(struct file **filep) { int fd; - struct qstr this; - char name[32]; - - /* - * Find a file descriptor suitable for return to the user. - */ fd = get_unused_fd(); - if (fd >= 0) { + if (likely(fd >= 0)) { struct file *file = get_empty_filp(); - if (!file) { + *filep = file; + if (unlikely(!file)) { put_unused_fd(fd); - fd = -ENFILE; - goto out; + return -ENFILE; } + } else + *filep = NULL; + return fd; +} - this.len = sprintf(name, "[%lu]", SOCK_INODE(sock)->i_ino); - this.name = name; - this.hash = SOCK_INODE(sock)->i_ino; +static int sock_attach_fd(struct socket *sock, struct file *file) +{ + struct qstr this; + char name[32]; + + this.len = sprintf(name, "[%lu]", SOCK_INODE(sock)->i_ino); + this.name = name; + this.hash = SOCK_INODE(sock)->i_ino; + + file->f_dentry = d_alloc(sock_mnt->mnt_sb->s_root, &this); + if (unlikely(!file->f_dentry)) + return -ENOMEM; + + file->f_dentry->d_op = &sockfs_dentry_operations; + d_add(file->f_dentry, SOCK_INODE(sock)); + file->f_vfsmnt = mntget(sock_mnt); + file->f_mapping = file->f_dentry->d_inode->i_mapping; + + sock->file = file; + file->f_op = SOCK_INODE(sock)->i_fop = &socket_file_ops; + file->f_mode = FMODE_READ | FMODE_WRITE; + file->f_flags = O_RDWR; + file->f_pos = 0; + file->private_data = sock; + + return 0; +} + +int sock_map_fd(struct socket *sock) +{ + struct file *newfile; + int fd = sock_alloc_fd(&newfile); - file->f_dentry = d_alloc(sock_mnt->mnt_sb->s_root, &this); - if (!file->f_dentry) { - put_filp(file); + if (likely(fd >= 0)) { + int err = sock_attach_fd(sock, newfile); + + if (unlikely(err < 0)) { + put_filp(newfile); put_unused_fd(fd); - fd = -ENOMEM; - goto out; + return err; } - file->f_dentry->d_op = &sockfs_dentry_operations; - d_add(file->f_dentry, SOCK_INODE(sock)); - file->f_vfsmnt = mntget(sock_mnt); - file->f_mapping = file->f_dentry->d_inode->i_mapping; + fd_install(fd, newfile); + } + return fd; +} - sock->file = file; - file->f_op = SOCK_INODE(sock)->i_fop = &socket_file_ops; - file->f_mode = FMODE_READ | FMODE_WRITE; - file->f_flags = O_RDWR; - file->f_pos = 0; - file->private_data = sock; - fd_install(fd, file); +static struct socket *sock_from_file(struct file *file, int *err) +{ + struct inode *inode; + struct socket *sock; + + if (file->f_op == &socket_file_ops) + return file->private_data; /* set in sock_map_fd */ + + inode = file->f_dentry->d_inode; + if (!S_ISSOCK(inode->i_mode)) { + *err = -ENOTSOCK; + return NULL; } -out: - return fd; + sock = SOCKET_I(inode); + if (sock->file != file) { + printk(KERN_ERR "socki_lookup: socket file changed!\n"); + sock->file = file; + } + return sock; } /** @@ -430,31 +477,31 @@ out: struct socket *sockfd_lookup(int fd, int *err) { struct file *file; - struct inode *inode; struct socket *sock; - if (!(file = fget(fd))) - { + if (!(file = fget(fd))) { *err = -EBADF; return NULL; } - - if (file->f_op == &socket_file_ops) - return file->private_data; /* set in sock_map_fd */ - - inode = file->f_dentry->d_inode; - if (!S_ISSOCK(inode->i_mode)) { - *err = -ENOTSOCK; + sock = sock_from_file(file, err); + if (!sock) fput(file); - return NULL; - } + return sock; +} - sock = SOCKET_I(inode); - if (sock->file != file) { - printk(KERN_ERR "socki_lookup: socket file changed!\n"); - sock->file = file; +static struct socket *sockfd_lookup_light(int fd, int *err, int *fput_needed) +{ + struct file *file; + struct socket *sock; + + file = fget_light(fd, fput_needed); + if (file) { + sock = sock_from_file(file, err); + if (sock) + return sock; + fput_light(file, *fput_needed); } - return sock; + return NULL; } /** @@ -496,7 +543,7 @@ static int sock_no_open(struct inode *irrelevant, struct file *dontcare) return -ENXIO; } -struct file_operations bad_sock_fops = { +const struct file_operations bad_sock_fops = { .owner = THIS_MODULE, .open = sock_no_open, }; @@ -792,36 +839,36 @@ static ssize_t sock_aio_write(struct kiocb *iocb, const char __user *ubuf, * with module unload. */ -static DECLARE_MUTEX(br_ioctl_mutex); +static DEFINE_MUTEX(br_ioctl_mutex); static int (*br_ioctl_hook)(unsigned int cmd, void __user *arg) = NULL; void brioctl_set(int (*hook)(unsigned int, void __user *)) { - down(&br_ioctl_mutex); + mutex_lock(&br_ioctl_mutex); br_ioctl_hook = hook; - up(&br_ioctl_mutex); + mutex_unlock(&br_ioctl_mutex); } EXPORT_SYMBOL(brioctl_set); -static DECLARE_MUTEX(vlan_ioctl_mutex); +static DEFINE_MUTEX(vlan_ioctl_mutex); static int (*vlan_ioctl_hook)(void __user *arg); void vlan_ioctl_set(int (*hook)(void __user *)) { - down(&vlan_ioctl_mutex); + mutex_lock(&vlan_ioctl_mutex); vlan_ioctl_hook = hook; - up(&vlan_ioctl_mutex); + mutex_unlock(&vlan_ioctl_mutex); } EXPORT_SYMBOL(vlan_ioctl_set); -static DECLARE_MUTEX(dlci_ioctl_mutex); +static DEFINE_MUTEX(dlci_ioctl_mutex); static int (*dlci_ioctl_hook)(unsigned int, void __user *); void dlci_ioctl_set(int (*hook)(unsigned int, void __user *)) { - down(&dlci_ioctl_mutex); + mutex_lock(&dlci_ioctl_mutex); dlci_ioctl_hook = hook; - up(&dlci_ioctl_mutex); + mutex_unlock(&dlci_ioctl_mutex); } EXPORT_SYMBOL(dlci_ioctl_set); @@ -840,11 +887,11 @@ static long sock_ioctl(struct file *file, unsigned cmd, unsigned long arg) if (cmd >= SIOCDEVPRIVATE && cmd <= (SIOCDEVPRIVATE + 15)) { err = dev_ioctl(cmd, argp); } else -#ifdef WIRELESS_EXT +#ifdef CONFIG_WIRELESS_EXT if (cmd >= SIOCIWFIRST && cmd <= SIOCIWLAST) { err = dev_ioctl(cmd, argp); } else -#endif /* WIRELESS_EXT */ +#endif /* CONFIG_WIRELESS_EXT */ switch (cmd) { case FIOSETOWN: case SIOCSPGRP: @@ -865,10 +912,10 @@ static long sock_ioctl(struct file *file, unsigned cmd, unsigned long arg) if (!br_ioctl_hook) request_module("bridge"); - down(&br_ioctl_mutex); + mutex_lock(&br_ioctl_mutex); if (br_ioctl_hook) err = br_ioctl_hook(cmd, argp); - up(&br_ioctl_mutex); + mutex_unlock(&br_ioctl_mutex); break; case SIOCGIFVLAN: case SIOCSIFVLAN: @@ -876,10 +923,10 @@ static long sock_ioctl(struct file *file, unsigned cmd, unsigned long arg) if (!vlan_ioctl_hook) request_module("8021q"); - down(&vlan_ioctl_mutex); + mutex_lock(&vlan_ioctl_mutex); if (vlan_ioctl_hook) err = vlan_ioctl_hook(argp); - up(&vlan_ioctl_mutex); + mutex_unlock(&vlan_ioctl_mutex); break; case SIOCGIFDIVERT: case SIOCSIFDIVERT: @@ -893,9 +940,9 @@ static long sock_ioctl(struct file *file, unsigned cmd, unsigned long arg) request_module("dlci"); if (dlci_ioctl_hook) { - down(&dlci_ioctl_mutex); + mutex_lock(&dlci_ioctl_mutex); err = dlci_ioctl_hook(cmd, argp); - up(&dlci_ioctl_mutex); + mutex_unlock(&dlci_ioctl_mutex); } break; default: @@ -1289,19 +1336,17 @@ asmlinkage long sys_bind(int fd, struct sockaddr __user *umyaddr, int addrlen) { struct socket *sock; char address[MAX_SOCK_ADDR]; - int err; + int err, fput_needed; - if((sock = sockfd_lookup(fd,&err))!=NULL) + if((sock = sockfd_lookup_light(fd, &err, &fput_needed))!=NULL) { if((err=move_addr_to_kernel(umyaddr,addrlen,address))>=0) { err = security_socket_bind(sock, (struct sockaddr *)address, addrlen); - if (err) { - sockfd_put(sock); - return err; - } - err = sock->ops->bind(sock, (struct sockaddr *)address, addrlen); + if (!err) + err = sock->ops->bind(sock, + (struct sockaddr *)address, addrlen); } - sockfd_put(sock); + fput_light(sock->file, fput_needed); } return err; } @@ -1318,20 +1363,17 @@ int sysctl_somaxconn = SOMAXCONN; asmlinkage long sys_listen(int fd, int backlog) { struct socket *sock; - int err; + int err, fput_needed; - if ((sock = sockfd_lookup(fd, &err)) != NULL) { + if ((sock = sockfd_lookup_light(fd, &err, &fput_needed)) != NULL) { if ((unsigned) backlog > sysctl_somaxconn) backlog = sysctl_somaxconn; err = security_socket_listen(sock, backlog); - if (err) { - sockfd_put(sock); - return err; - } + if (!err) + err = sock->ops->listen(sock, backlog); - err=sock->ops->listen(sock, backlog); - sockfd_put(sock); + fput_light(sock->file, fput_needed); } return err; } @@ -1352,10 +1394,11 @@ asmlinkage long sys_listen(int fd, int backlog) asmlinkage long sys_accept(int fd, struct sockaddr __user *upeer_sockaddr, int __user *upeer_addrlen) { struct socket *sock, *newsock; - int err, len; + struct file *newfile; + int err, len, newfd, fput_needed; char address[MAX_SOCK_ADDR]; - sock = sockfd_lookup(fd, &err); + sock = sockfd_lookup_light(fd, &err, &fput_needed); if (!sock) goto out; @@ -1372,35 +1415,48 @@ asmlinkage long sys_accept(int fd, struct sockaddr __user *upeer_sockaddr, int _ */ __module_get(newsock->ops->owner); + newfd = sock_alloc_fd(&newfile); + if (unlikely(newfd < 0)) { + err = newfd; + goto out_release; + } + + err = sock_attach_fd(newsock, newfile); + if (err < 0) + goto out_fd; + err = security_socket_accept(sock, newsock); if (err) - goto out_release; + goto out_fd; err = sock->ops->accept(sock, newsock, sock->file->f_flags); if (err < 0) - goto out_release; + goto out_fd; if (upeer_sockaddr) { if(newsock->ops->getname(newsock, (struct sockaddr *)address, &len, 2)<0) { err = -ECONNABORTED; - goto out_release; + goto out_fd; } err = move_addr_to_user(address, len, upeer_sockaddr, upeer_addrlen); if (err < 0) - goto out_release; + goto out_fd; } /* File flags are not inherited via accept() unlike another OSes. */ - if ((err = sock_map_fd(newsock)) < 0) - goto out_release; + fd_install(newfd, newfile); + err = newfd; security_socket_post_accept(sock, newsock); out_put: - sockfd_put(sock); + fput_light(sock->file, fput_needed); out: return err; +out_fd: + put_filp(newfile); + put_unused_fd(newfd); out_release: sock_release(newsock); goto out_put; @@ -1423,9 +1479,9 @@ asmlinkage long sys_connect(int fd, struct sockaddr __user *uservaddr, int addrl { struct socket *sock; char address[MAX_SOCK_ADDR]; - int err; + int err, fput_needed; - sock = sockfd_lookup(fd, &err); + sock = sockfd_lookup_light(fd, &err, &fput_needed); if (!sock) goto out; err = move_addr_to_kernel(uservaddr, addrlen, address); @@ -1439,7 +1495,7 @@ asmlinkage long sys_connect(int fd, struct sockaddr __user *uservaddr, int addrl err = sock->ops->connect(sock, (struct sockaddr *) address, addrlen, sock->file->f_flags); out_put: - sockfd_put(sock); + fput_light(sock->file, fput_needed); out: return err; } @@ -1453,9 +1509,9 @@ asmlinkage long sys_getsockname(int fd, struct sockaddr __user *usockaddr, int _ { struct socket *sock; char address[MAX_SOCK_ADDR]; - int len, err; + int len, err, fput_needed; - sock = sockfd_lookup(fd, &err); + sock = sockfd_lookup_light(fd, &err, &fput_needed); if (!sock) goto out; @@ -1469,7 +1525,7 @@ asmlinkage long sys_getsockname(int fd, struct sockaddr __user *usockaddr, int _ err = move_addr_to_user(address, len, usockaddr, usockaddr_len); out_put: - sockfd_put(sock); + fput_light(sock->file, fput_needed); out: return err; } @@ -1483,20 +1539,19 @@ asmlinkage long sys_getpeername(int fd, struct sockaddr __user *usockaddr, int _ { struct socket *sock; char address[MAX_SOCK_ADDR]; - int len, err; + int len, err, fput_needed; - if ((sock = sockfd_lookup(fd, &err))!=NULL) - { + if ((sock = sockfd_lookup_light(fd, &err, &fput_needed)) != NULL) { err = security_socket_getpeername(sock); if (err) { - sockfd_put(sock); + fput_light(sock->file, fput_needed); return err; } err = sock->ops->getname(sock, (struct sockaddr *)address, &len, 1); if (!err) err=move_addr_to_user(address,len, usockaddr, usockaddr_len); - sockfd_put(sock); + fput_light(sock->file, fput_needed); } return err; } @@ -1515,10 +1570,16 @@ asmlinkage long sys_sendto(int fd, void __user * buff, size_t len, unsigned flag int err; struct msghdr msg; struct iovec iov; - - sock = sockfd_lookup(fd, &err); + int fput_needed; + struct file *sock_file; + + sock_file = fget_light(fd, &fput_needed); + if (!sock_file) + return -EBADF; + + sock = sock_from_file(sock_file, &err); if (!sock) - goto out; + goto out_put; iov.iov_base=buff; iov.iov_len=len; msg.msg_name=NULL; @@ -1527,8 +1588,7 @@ asmlinkage long sys_sendto(int fd, void __user * buff, size_t len, unsigned flag msg.msg_control=NULL; msg.msg_controllen=0; msg.msg_namelen=0; - if(addr) - { + if (addr) { err = move_addr_to_kernel(addr, addr_len, address); if (err < 0) goto out_put; @@ -1541,8 +1601,7 @@ asmlinkage long sys_sendto(int fd, void __user * buff, size_t len, unsigned flag err = sock_sendmsg(sock, &msg, len); out_put: - sockfd_put(sock); -out: + fput_light(sock_file, fput_needed); return err; } @@ -1569,8 +1628,14 @@ asmlinkage long sys_recvfrom(int fd, void __user * ubuf, size_t size, unsigned f struct msghdr msg; char address[MAX_SOCK_ADDR]; int err,err2; + struct file *sock_file; + int fput_needed; + + sock_file = fget_light(fd, &fput_needed); + if (!sock_file) + return -EBADF; - sock = sockfd_lookup(fd, &err); + sock = sock_from_file(sock_file, &err); if (!sock) goto out; @@ -1592,8 +1657,8 @@ asmlinkage long sys_recvfrom(int fd, void __user * ubuf, size_t size, unsigned f if(err2<0) err=err2; } - sockfd_put(sock); out: + fput_light(sock_file, fput_needed); return err; } @@ -1613,25 +1678,24 @@ asmlinkage long sys_recv(int fd, void __user * ubuf, size_t size, unsigned flags asmlinkage long sys_setsockopt(int fd, int level, int optname, char __user *optval, int optlen) { - int err; + int err, fput_needed; struct socket *sock; if (optlen < 0) return -EINVAL; - if ((sock = sockfd_lookup(fd, &err))!=NULL) + if ((sock = sockfd_lookup_light(fd, &err, &fput_needed)) != NULL) { err = security_socket_setsockopt(sock,level,optname); - if (err) { - sockfd_put(sock); - return err; - } + if (err) + goto out_put; if (level == SOL_SOCKET) err=sock_setsockopt(sock,level,optname,optval,optlen); else err=sock->ops->setsockopt(sock, level, optname, optval, optlen); - sockfd_put(sock); +out_put: + fput_light(sock->file, fput_needed); } return err; } @@ -1643,23 +1707,20 @@ asmlinkage long sys_setsockopt(int fd, int level, int optname, char __user *optv asmlinkage long sys_getsockopt(int fd, int level, int optname, char __user *optval, int __user *optlen) { - int err; + int err, fput_needed; struct socket *sock; - if ((sock = sockfd_lookup(fd, &err))!=NULL) - { - err = security_socket_getsockopt(sock, level, - optname); - if (err) { - sockfd_put(sock); - return err; - } + if ((sock = sockfd_lookup_light(fd, &err, &fput_needed)) != NULL) { + err = security_socket_getsockopt(sock, level, optname); + if (err) + goto out_put; if (level == SOL_SOCKET) err=sock_getsockopt(sock,level,optname,optval,optlen); else err=sock->ops->getsockopt(sock, level, optname, optval, optlen); - sockfd_put(sock); +out_put: + fput_light(sock->file, fput_needed); } return err; } @@ -1671,19 +1732,15 @@ asmlinkage long sys_getsockopt(int fd, int level, int optname, char __user *optv asmlinkage long sys_shutdown(int fd, int how) { - int err; + int err, fput_needed; struct socket *sock; - if ((sock = sockfd_lookup(fd, &err))!=NULL) + if ((sock = sockfd_lookup_light(fd, &err, &fput_needed))!=NULL) { err = security_socket_shutdown(sock, how); - if (err) { - sockfd_put(sock); - return err; - } - - err=sock->ops->shutdown(sock, how); - sockfd_put(sock); + if (!err) + err = sock->ops->shutdown(sock, how); + fput_light(sock->file, fput_needed); } return err; } @@ -1712,6 +1769,7 @@ asmlinkage long sys_sendmsg(int fd, struct msghdr __user *msg, unsigned flags) unsigned char *ctl_buf = ctl; struct msghdr msg_sys; int err, ctl_len, iov_size, total_len; + int fput_needed; err = -EFAULT; if (MSG_CMSG_COMPAT & flags) { @@ -1720,7 +1778,7 @@ asmlinkage long sys_sendmsg(int fd, struct msghdr __user *msg, unsigned flags) } else if (copy_from_user(&msg_sys, msg, sizeof(struct msghdr))) return -EFAULT; - sock = sockfd_lookup(fd, &err); + sock = sockfd_lookup_light(fd, &err, &fput_needed); if (!sock) goto out; @@ -1788,7 +1846,7 @@ out_freeiov: if (iov != iovstack) sock_kfree_s(sock->sk, iov, iov_size); out_put: - sockfd_put(sock); + fput_light(sock->file, fput_needed); out: return err; } @@ -1806,6 +1864,7 @@ asmlinkage long sys_recvmsg(int fd, struct msghdr __user *msg, unsigned int flag struct msghdr msg_sys; unsigned long cmsg_ptr; int err, iov_size, total_len, len; + int fput_needed; /* kernel mode address */ char addr[MAX_SOCK_ADDR]; @@ -1821,7 +1880,7 @@ asmlinkage long sys_recvmsg(int fd, struct msghdr __user *msg, unsigned int flag if (copy_from_user(&msg_sys,msg,sizeof(struct msghdr))) return -EFAULT; - sock = sockfd_lookup(fd, &err); + sock = sockfd_lookup_light(fd, &err, &fput_needed); if (!sock) goto out; @@ -1888,7 +1947,7 @@ out_freeiov: if (iov != iovstack) sock_kfree_s(sock->sk, iov, iov_size); out_put: - sockfd_put(sock); + fput_light(sock->file, fput_needed); out: return err; } @@ -2089,6 +2148,20 @@ void socket_seq_show(struct seq_file *seq) } #endif /* CONFIG_PROC_FS */ +#ifdef CONFIG_COMPAT +static long compat_sock_ioctl(struct file *file, unsigned cmd, + unsigned long arg) +{ + struct socket *sock = file->private_data; + int ret = -ENOIOCTLCMD; + + if (sock->ops->compat_ioctl) + ret = sock->ops->compat_ioctl(sock, cmd, arg); + + return ret; +} +#endif + /* ABI emulation layers need these two */ EXPORT_SYMBOL(move_addr_to_kernel); EXPORT_SYMBOL(move_addr_to_user); diff --git a/net/sunrpc/auth.c b/net/sunrpc/auth.c index 8d6f1a1..55163af 100644 --- a/net/sunrpc/auth.c +++ b/net/sunrpc/auth.c @@ -64,14 +64,26 @@ rpcauth_create(rpc_authflavor_t pseudoflavor, struct rpc_clnt *clnt) struct rpc_authops *ops; u32 flavor = pseudoflavor_to_flavor(pseudoflavor); - if (flavor >= RPC_AUTH_MAXFLAVOR || !(ops = auth_flavors[flavor])) - return ERR_PTR(-EINVAL); + auth = ERR_PTR(-EINVAL); + if (flavor >= RPC_AUTH_MAXFLAVOR) + goto out; + + /* FIXME - auth_flavors[] really needs an rw lock, + * and module refcounting. */ +#ifdef CONFIG_KMOD + if ((ops = auth_flavors[flavor]) == NULL) + request_module("rpc-auth-%u", flavor); +#endif + if ((ops = auth_flavors[flavor]) == NULL) + goto out; auth = ops->create(clnt, pseudoflavor); if (IS_ERR(auth)) return auth; if (clnt->cl_auth) rpcauth_destroy(clnt->cl_auth); clnt->cl_auth = auth; + +out: return auth; } diff --git a/net/sunrpc/auth_gss/auth_gss.c b/net/sunrpc/auth_gss/auth_gss.c index bb46efd..900ef31 100644 --- a/net/sunrpc/auth_gss/auth_gss.c +++ b/net/sunrpc/auth_gss/auth_gss.c @@ -721,6 +721,8 @@ gss_destroy(struct rpc_auth *auth) gss_auth = container_of(auth, struct gss_auth, rpc_auth); rpc_unlink(gss_auth->path); + dput(gss_auth->dentry); + gss_auth->dentry = NULL; gss_mech_put(gss_auth->mech); rpcauth_free_credcache(auth); diff --git a/net/sunrpc/auth_gss/gss_krb5_seal.c b/net/sunrpc/auth_gss/gss_krb5_seal.c index d0dfdfd..f433112 100644 --- a/net/sunrpc/auth_gss/gss_krb5_seal.c +++ b/net/sunrpc/auth_gss/gss_krb5_seal.c @@ -70,15 +70,19 @@ # define RPCDBG_FACILITY RPCDBG_AUTH #endif +spinlock_t krb5_seq_lock = SPIN_LOCK_UNLOCKED; + u32 gss_get_mic_kerberos(struct gss_ctx *gss_ctx, struct xdr_buf *text, struct xdr_netobj *token) { struct krb5_ctx *ctx = gss_ctx->internal_ctx_id; s32 checksum_type; - struct xdr_netobj md5cksum = {.len = 0, .data = NULL}; + char cksumdata[16]; + struct xdr_netobj md5cksum = {.len = 0, .data = cksumdata}; unsigned char *ptr, *krb5_hdr, *msg_start; s32 now; + u32 seq_send; dprintk("RPC: gss_krb5_seal\n"); @@ -133,16 +137,15 @@ gss_get_mic_kerberos(struct gss_ctx *gss_ctx, struct xdr_buf *text, BUG(); } - kfree(md5cksum.data); + spin_lock(&krb5_seq_lock); + seq_send = ctx->seq_send++; + spin_unlock(&krb5_seq_lock); if ((krb5_make_seq_num(ctx->seq, ctx->initiate ? 0 : 0xff, - ctx->seq_send, krb5_hdr + 16, krb5_hdr + 8))) + seq_send, krb5_hdr + 16, krb5_hdr + 8))) goto out_err; - ctx->seq_send++; - return ((ctx->endtime < now) ? GSS_S_CONTEXT_EXPIRED : GSS_S_COMPLETE); out_err: - kfree(md5cksum.data); return GSS_S_FAILURE; } diff --git a/net/sunrpc/auth_gss/gss_krb5_unseal.c b/net/sunrpc/auth_gss/gss_krb5_unseal.c index db055fd..0828cf6 100644 --- a/net/sunrpc/auth_gss/gss_krb5_unseal.c +++ b/net/sunrpc/auth_gss/gss_krb5_unseal.c @@ -79,7 +79,8 @@ gss_verify_mic_kerberos(struct gss_ctx *gss_ctx, int signalg; int sealalg; s32 checksum_type; - struct xdr_netobj md5cksum = {.len = 0, .data = NULL}; + char cksumdata[16]; + struct xdr_netobj md5cksum = {.len = 0, .data = cksumdata}; s32 now; int direction; s32 seqnum; @@ -176,6 +177,5 @@ gss_verify_mic_kerberos(struct gss_ctx *gss_ctx, ret = GSS_S_COMPLETE; out: - kfree(md5cksum.data); return ret; } diff --git a/net/sunrpc/auth_gss/gss_krb5_wrap.c b/net/sunrpc/auth_gss/gss_krb5_wrap.c index af777cf..89d1f3e 100644 --- a/net/sunrpc/auth_gss/gss_krb5_wrap.c +++ b/net/sunrpc/auth_gss/gss_krb5_wrap.c @@ -121,12 +121,14 @@ gss_wrap_kerberos(struct gss_ctx *ctx, int offset, { struct krb5_ctx *kctx = ctx->internal_ctx_id; s32 checksum_type; - struct xdr_netobj md5cksum = {.len = 0, .data = NULL}; + char cksumdata[16]; + struct xdr_netobj md5cksum = {.len = 0, .data = cksumdata}; int blocksize = 0, plainlen; unsigned char *ptr, *krb5_hdr, *msg_start; s32 now; int headlen; struct page **tmp_pages; + u32 seq_send; dprintk("RPC: gss_wrap_kerberos\n"); @@ -205,23 +207,22 @@ gss_wrap_kerberos(struct gss_ctx *ctx, int offset, BUG(); } - kfree(md5cksum.data); + spin_lock(&krb5_seq_lock); + seq_send = kctx->seq_send++; + spin_unlock(&krb5_seq_lock); /* XXX would probably be more efficient to compute checksum * and encrypt at the same time: */ if ((krb5_make_seq_num(kctx->seq, kctx->initiate ? 0 : 0xff, - kctx->seq_send, krb5_hdr + 16, krb5_hdr + 8))) + seq_send, krb5_hdr + 16, krb5_hdr + 8))) goto out_err; if (gss_encrypt_xdr_buf(kctx->enc, buf, offset + headlen - blocksize, pages)) goto out_err; - kctx->seq_send++; - return ((kctx->endtime < now) ? GSS_S_CONTEXT_EXPIRED : GSS_S_COMPLETE); out_err: - if (md5cksum.data) kfree(md5cksum.data); return GSS_S_FAILURE; } @@ -232,7 +233,8 @@ gss_unwrap_kerberos(struct gss_ctx *ctx, int offset, struct xdr_buf *buf) int signalg; int sealalg; s32 checksum_type; - struct xdr_netobj md5cksum = {.len = 0, .data = NULL}; + char cksumdata[16]; + struct xdr_netobj md5cksum = {.len = 0, .data = cksumdata}; s32 now; int direction; s32 seqnum; @@ -358,6 +360,5 @@ gss_unwrap_kerberos(struct gss_ctx *ctx, int offset, struct xdr_buf *buf) ret = GSS_S_COMPLETE; out: - if (md5cksum.data) kfree(md5cksum.data); return ret; } diff --git a/net/sunrpc/auth_gss/gss_spkm3_mech.c b/net/sunrpc/auth_gss/gss_spkm3_mech.c index 5840080..5bf11cc 100644 --- a/net/sunrpc/auth_gss/gss_spkm3_mech.c +++ b/net/sunrpc/auth_gss/gss_spkm3_mech.c @@ -102,6 +102,12 @@ get_key(const void *p, const void *end, struct crypto_tfm **res, int *resalg) alg_mode = CRYPTO_TFM_MODE_CBC; setkey = 1; break; + case NID_cast5_cbc: + /* XXXX here in name only, not used */ + alg_name = "cast5"; + alg_mode = CRYPTO_TFM_MODE_CBC; + setkey = 0; /* XXX will need to set to 1 */ + break; case NID_md5: if (key.len == 0) { dprintk("RPC: SPKM3 get_key: NID_md5 zero Key length\n"); diff --git a/net/sunrpc/auth_gss/gss_spkm3_seal.c b/net/sunrpc/auth_gss/gss_spkm3_seal.c index 86fbf7c..18c7862 100644 --- a/net/sunrpc/auth_gss/gss_spkm3_seal.c +++ b/net/sunrpc/auth_gss/gss_spkm3_seal.c @@ -57,7 +57,8 @@ spkm3_make_token(struct spkm3_ctx *ctx, { s32 checksum_type; char tokhdrbuf[25]; - struct xdr_netobj md5cksum = {.len = 0, .data = NULL}; + char cksumdata[16]; + struct xdr_netobj md5cksum = {.len = 0, .data = cksumdata}; struct xdr_netobj mic_hdr = {.len = 0, .data = tokhdrbuf}; int tokenlen = 0; unsigned char *ptr; @@ -115,13 +116,11 @@ spkm3_make_token(struct spkm3_ctx *ctx, dprintk("RPC: gss_spkm3_seal: SPKM_WRAP_TOK not supported\n"); goto out_err; } - kfree(md5cksum.data); /* XXX need to implement sequence numbers, and ctx->expired */ return GSS_S_COMPLETE; out_err: - kfree(md5cksum.data); token->data = NULL; token->len = 0; return GSS_S_FAILURE; diff --git a/net/sunrpc/auth_gss/gss_spkm3_unseal.c b/net/sunrpc/auth_gss/gss_spkm3_unseal.c index 96851b0..8537f58 100644 --- a/net/sunrpc/auth_gss/gss_spkm3_unseal.c +++ b/net/sunrpc/auth_gss/gss_spkm3_unseal.c @@ -56,7 +56,8 @@ spkm3_read_token(struct spkm3_ctx *ctx, { s32 code; struct xdr_netobj wire_cksum = {.len =0, .data = NULL}; - struct xdr_netobj md5cksum = {.len = 0, .data = NULL}; + char cksumdata[16]; + struct xdr_netobj md5cksum = {.len = 0, .data = cksumdata}; unsigned char *ptr = (unsigned char *)read_token->data; unsigned char *cksum; int bodysize, md5elen; @@ -120,7 +121,6 @@ spkm3_read_token(struct spkm3_ctx *ctx, /* XXX: need to add expiration and sequencing */ ret = GSS_S_COMPLETE; out: - kfree(md5cksum.data); kfree(wire_cksum.data); return ret; } diff --git a/net/sunrpc/auth_gss/svcauth_gss.c b/net/sunrpc/auth_gss/svcauth_gss.c index 23632d8..4d7eb9e 100644 --- a/net/sunrpc/auth_gss/svcauth_gss.c +++ b/net/sunrpc/auth_gss/svcauth_gss.c @@ -78,7 +78,8 @@ struct rsi { static struct cache_head *rsi_table[RSI_HASHMAX]; static struct cache_detail rsi_cache; -static struct rsi *rsi_lookup(struct rsi *item, int set); +static struct rsi *rsi_update(struct rsi *new, struct rsi *old); +static struct rsi *rsi_lookup(struct rsi *item); static void rsi_free(struct rsi *rsii) { @@ -88,13 +89,11 @@ static void rsi_free(struct rsi *rsii) kfree(rsii->out_token.data); } -static void rsi_put(struct cache_head *item, struct cache_detail *cd) +static void rsi_put(struct kref *ref) { - struct rsi *rsii = container_of(item, struct rsi, h); - if (cache_put(item, cd)) { - rsi_free(rsii); - kfree(rsii); - } + struct rsi *rsii = container_of(ref, struct rsi, h.ref); + rsi_free(rsii); + kfree(rsii); } static inline int rsi_hash(struct rsi *item) @@ -103,8 +102,10 @@ static inline int rsi_hash(struct rsi *item) ^ hash_mem(item->in_token.data, item->in_token.len, RSI_HASHBITS); } -static inline int rsi_match(struct rsi *item, struct rsi *tmp) +static int rsi_match(struct cache_head *a, struct cache_head *b) { + struct rsi *item = container_of(a, struct rsi, h); + struct rsi *tmp = container_of(b, struct rsi, h); return netobj_equal(&item->in_handle, &tmp->in_handle) && netobj_equal(&item->in_token, &tmp->in_token); } @@ -125,8 +126,11 @@ static inline int dup_netobj(struct xdr_netobj *dst, struct xdr_netobj *src) return dup_to_netobj(dst, src->data, src->len); } -static inline void rsi_init(struct rsi *new, struct rsi *item) +static void rsi_init(struct cache_head *cnew, struct cache_head *citem) { + struct rsi *new = container_of(cnew, struct rsi, h); + struct rsi *item = container_of(citem, struct rsi, h); + new->out_handle.data = NULL; new->out_handle.len = 0; new->out_token.data = NULL; @@ -141,8 +145,11 @@ static inline void rsi_init(struct rsi *new, struct rsi *item) item->in_token.data = NULL; } -static inline void rsi_update(struct rsi *new, struct rsi *item) +static void update_rsi(struct cache_head *cnew, struct cache_head *citem) { + struct rsi *new = container_of(cnew, struct rsi, h); + struct rsi *item = container_of(citem, struct rsi, h); + BUG_ON(new->out_handle.data || new->out_token.data); new->out_handle.len = item->out_handle.len; item->out_handle.len = 0; @@ -157,6 +164,15 @@ static inline void rsi_update(struct rsi *new, struct rsi *item) new->minor_status = item->minor_status; } +static struct cache_head *rsi_alloc(void) +{ + struct rsi *rsii = kmalloc(sizeof(*rsii), GFP_KERNEL); + if (rsii) + return &rsii->h; + else + return NULL; +} + static void rsi_request(struct cache_detail *cd, struct cache_head *h, char **bpp, int *blen) @@ -198,6 +214,10 @@ static int rsi_parse(struct cache_detail *cd, if (dup_to_netobj(&rsii.in_token, buf, len)) goto out; + rsip = rsi_lookup(&rsii); + if (!rsip) + goto out; + rsii.h.flags = 0; /* expiry */ expiry = get_expiry(&mesg); @@ -240,12 +260,14 @@ static int rsi_parse(struct cache_detail *cd, goto out; } rsii.h.expiry_time = expiry; - rsip = rsi_lookup(&rsii, 1); + rsip = rsi_update(&rsii, rsip); status = 0; out: rsi_free(&rsii); if (rsip) - rsi_put(&rsip->h, &rsi_cache); + cache_put(&rsip->h, &rsi_cache); + else + status = -ENOMEM; return status; } @@ -257,9 +279,37 @@ static struct cache_detail rsi_cache = { .cache_put = rsi_put, .cache_request = rsi_request, .cache_parse = rsi_parse, + .match = rsi_match, + .init = rsi_init, + .update = update_rsi, + .alloc = rsi_alloc, }; -static DefineSimpleCacheLookup(rsi, 0) +static struct rsi *rsi_lookup(struct rsi *item) +{ + struct cache_head *ch; + int hash = rsi_hash(item); + + ch = sunrpc_cache_lookup(&rsi_cache, &item->h, hash); + if (ch) + return container_of(ch, struct rsi, h); + else + return NULL; +} + +static struct rsi *rsi_update(struct rsi *new, struct rsi *old) +{ + struct cache_head *ch; + int hash = rsi_hash(new); + + ch = sunrpc_cache_update(&rsi_cache, &new->h, + &old->h, hash); + if (ch) + return container_of(ch, struct rsi, h); + else + return NULL; +} + /* * The rpcsec_context cache is used to store a context that is @@ -293,7 +343,8 @@ struct rsc { static struct cache_head *rsc_table[RSC_HASHMAX]; static struct cache_detail rsc_cache; -static struct rsc *rsc_lookup(struct rsc *item, int set); +static struct rsc *rsc_update(struct rsc *new, struct rsc *old); +static struct rsc *rsc_lookup(struct rsc *item); static void rsc_free(struct rsc *rsci) { @@ -304,14 +355,12 @@ static void rsc_free(struct rsc *rsci) put_group_info(rsci->cred.cr_group_info); } -static void rsc_put(struct cache_head *item, struct cache_detail *cd) +static void rsc_put(struct kref *ref) { - struct rsc *rsci = container_of(item, struct rsc, h); + struct rsc *rsci = container_of(ref, struct rsc, h.ref); - if (cache_put(item, cd)) { - rsc_free(rsci); - kfree(rsci); - } + rsc_free(rsci); + kfree(rsci); } static inline int @@ -320,15 +369,21 @@ rsc_hash(struct rsc *rsci) return hash_mem(rsci->handle.data, rsci->handle.len, RSC_HASHBITS); } -static inline int -rsc_match(struct rsc *new, struct rsc *tmp) +static int +rsc_match(struct cache_head *a, struct cache_head *b) { + struct rsc *new = container_of(a, struct rsc, h); + struct rsc *tmp = container_of(b, struct rsc, h); + return netobj_equal(&new->handle, &tmp->handle); } -static inline void -rsc_init(struct rsc *new, struct rsc *tmp) +static void +rsc_init(struct cache_head *cnew, struct cache_head *ctmp) { + struct rsc *new = container_of(cnew, struct rsc, h); + struct rsc *tmp = container_of(ctmp, struct rsc, h); + new->handle.len = tmp->handle.len; tmp->handle.len = 0; new->handle.data = tmp->handle.data; @@ -337,9 +392,12 @@ rsc_init(struct rsc *new, struct rsc *tmp) new->cred.cr_group_info = NULL; } -static inline void -rsc_update(struct rsc *new, struct rsc *tmp) +static void +update_rsc(struct cache_head *cnew, struct cache_head *ctmp) { + struct rsc *new = container_of(cnew, struct rsc, h); + struct rsc *tmp = container_of(ctmp, struct rsc, h); + new->mechctx = tmp->mechctx; tmp->mechctx = NULL; memset(&new->seqdata, 0, sizeof(new->seqdata)); @@ -348,6 +406,16 @@ rsc_update(struct rsc *new, struct rsc *tmp) tmp->cred.cr_group_info = NULL; } +static struct cache_head * +rsc_alloc(void) +{ + struct rsc *rsci = kmalloc(sizeof(*rsci), GFP_KERNEL); + if (rsci) + return &rsci->h; + else + return NULL; +} + static int rsc_parse(struct cache_detail *cd, char *mesg, int mlen) { @@ -373,6 +441,10 @@ static int rsc_parse(struct cache_detail *cd, if (expiry == 0) goto out; + rscp = rsc_lookup(&rsci); + if (!rscp) + goto out; + /* uid, or NEGATIVE */ rv = get_int(&mesg, &rsci.cred.cr_uid); if (rv == -EINVAL) @@ -428,12 +500,14 @@ static int rsc_parse(struct cache_detail *cd, gss_mech_put(gm); } rsci.h.expiry_time = expiry; - rscp = rsc_lookup(&rsci, 1); + rscp = rsc_update(&rsci, rscp); status = 0; out: rsc_free(&rsci); if (rscp) - rsc_put(&rscp->h, &rsc_cache); + cache_put(&rscp->h, &rsc_cache); + else + status = -ENOMEM; return status; } @@ -444,9 +518,37 @@ static struct cache_detail rsc_cache = { .name = "auth.rpcsec.context", .cache_put = rsc_put, .cache_parse = rsc_parse, + .match = rsc_match, + .init = rsc_init, + .update = update_rsc, + .alloc = rsc_alloc, }; -static DefineSimpleCacheLookup(rsc, 0); +static struct rsc *rsc_lookup(struct rsc *item) +{ + struct cache_head *ch; + int hash = rsc_hash(item); + + ch = sunrpc_cache_lookup(&rsc_cache, &item->h, hash); + if (ch) + return container_of(ch, struct rsc, h); + else + return NULL; +} + +static struct rsc *rsc_update(struct rsc *new, struct rsc *old) +{ + struct cache_head *ch; + int hash = rsc_hash(new); + + ch = sunrpc_cache_update(&rsc_cache, &new->h, + &old->h, hash); + if (ch) + return container_of(ch, struct rsc, h); + else + return NULL; +} + static struct rsc * gss_svc_searchbyctx(struct xdr_netobj *handle) @@ -457,7 +559,7 @@ gss_svc_searchbyctx(struct xdr_netobj *handle) memset(&rsci, 0, sizeof(rsci)); if (dup_to_netobj(&rsci.handle, handle->data, handle->len)) return NULL; - found = rsc_lookup(&rsci, 0); + found = rsc_lookup(&rsci); rsc_free(&rsci); if (!found) return NULL; @@ -645,6 +747,8 @@ find_gss_auth_domain(struct gss_ctx *ctx, u32 svc) return auth_domain_find(name); } +static struct auth_ops svcauthops_gss; + int svcauth_gss_register_pseudoflavor(u32 pseudoflavor, char * name) { @@ -655,20 +759,18 @@ svcauth_gss_register_pseudoflavor(u32 pseudoflavor, char * name) new = kmalloc(sizeof(*new), GFP_KERNEL); if (!new) goto out; - cache_init(&new->h.h); + kref_init(&new->h.ref); new->h.name = kmalloc(strlen(name) + 1, GFP_KERNEL); if (!new->h.name) goto out_free_dom; strcpy(new->h.name, name); - new->h.flavour = RPC_AUTH_GSS; + new->h.flavour = &svcauthops_gss; new->pseudoflavor = pseudoflavor; - new->h.h.expiry_time = NEVER; - test = auth_domain_lookup(&new->h, 1); - if (test == &new->h) { - BUG_ON(atomic_dec_and_test(&new->h.h.refcnt)); - } else { /* XXX Duplicate registration? */ + test = auth_domain_lookup(name, &new->h); + if (test != &new->h) { /* XXX Duplicate registration? */ auth_domain_put(&new->h); + /* dangling ref-count... */ goto out; } return 0; @@ -895,7 +997,7 @@ svcauth_gss_accept(struct svc_rqst *rqstp, u32 *authp) goto drop; } - rsip = rsi_lookup(&rsikey, 0); + rsip = rsi_lookup(&rsikey); rsi_free(&rsikey); if (!rsip) { goto drop; @@ -970,7 +1072,7 @@ drop: ret = SVC_DROP; out: if (rsci) - rsc_put(&rsci->h, &rsc_cache); + cache_put(&rsci->h, &rsc_cache); return ret; } @@ -1062,7 +1164,7 @@ out_err: put_group_info(rqstp->rq_cred.cr_group_info); rqstp->rq_cred.cr_group_info = NULL; if (gsd->rsci) - rsc_put(&gsd->rsci->h, &rsc_cache); + cache_put(&gsd->rsci->h, &rsc_cache); gsd->rsci = NULL; return stat; diff --git a/net/sunrpc/cache.c b/net/sunrpc/cache.c index dcaa0c4..3ac4193 100644 --- a/net/sunrpc/cache.c +++ b/net/sunrpc/cache.c @@ -26,6 +26,7 @@ #include <linux/proc_fs.h> #include <linux/net.h> #include <linux/workqueue.h> +#include <linux/mutex.h> #include <asm/ioctls.h> #include <linux/sunrpc/types.h> #include <linux/sunrpc/cache.h> @@ -36,16 +37,138 @@ static void cache_defer_req(struct cache_req *req, struct cache_head *item); static void cache_revisit_request(struct cache_head *item); -void cache_init(struct cache_head *h) +static void cache_init(struct cache_head *h) { time_t now = get_seconds(); h->next = NULL; h->flags = 0; - atomic_set(&h->refcnt, 1); + kref_init(&h->ref); h->expiry_time = now + CACHE_NEW_EXPIRY; h->last_refresh = now; } +struct cache_head *sunrpc_cache_lookup(struct cache_detail *detail, + struct cache_head *key, int hash) +{ + struct cache_head **head, **hp; + struct cache_head *new = NULL; + + head = &detail->hash_table[hash]; + + read_lock(&detail->hash_lock); + + for (hp=head; *hp != NULL ; hp = &(*hp)->next) { + struct cache_head *tmp = *hp; + if (detail->match(tmp, key)) { + cache_get(tmp); + read_unlock(&detail->hash_lock); + return tmp; + } + } + read_unlock(&detail->hash_lock); + /* Didn't find anything, insert an empty entry */ + + new = detail->alloc(); + if (!new) + return NULL; + cache_init(new); + + write_lock(&detail->hash_lock); + + /* check if entry appeared while we slept */ + for (hp=head; *hp != NULL ; hp = &(*hp)->next) { + struct cache_head *tmp = *hp; + if (detail->match(tmp, key)) { + cache_get(tmp); + write_unlock(&detail->hash_lock); + cache_put(new, detail); + return tmp; + } + } + detail->init(new, key); + new->next = *head; + *head = new; + detail->entries++; + cache_get(new); + write_unlock(&detail->hash_lock); + + return new; +} +EXPORT_SYMBOL(sunrpc_cache_lookup); + + +static void queue_loose(struct cache_detail *detail, struct cache_head *ch); + +static int cache_fresh_locked(struct cache_head *head, time_t expiry) +{ + head->expiry_time = expiry; + head->last_refresh = get_seconds(); + return !test_and_set_bit(CACHE_VALID, &head->flags); +} + +static void cache_fresh_unlocked(struct cache_head *head, + struct cache_detail *detail, int new) +{ + if (new) + cache_revisit_request(head); + if (test_and_clear_bit(CACHE_PENDING, &head->flags)) { + cache_revisit_request(head); + queue_loose(detail, head); + } +} + +struct cache_head *sunrpc_cache_update(struct cache_detail *detail, + struct cache_head *new, struct cache_head *old, int hash) +{ + /* The 'old' entry is to be replaced by 'new'. + * If 'old' is not VALID, we update it directly, + * otherwise we need to replace it + */ + struct cache_head **head; + struct cache_head *tmp; + int is_new; + + if (!test_bit(CACHE_VALID, &old->flags)) { + write_lock(&detail->hash_lock); + if (!test_bit(CACHE_VALID, &old->flags)) { + if (test_bit(CACHE_NEGATIVE, &new->flags)) + set_bit(CACHE_NEGATIVE, &old->flags); + else + detail->update(old, new); + is_new = cache_fresh_locked(old, new->expiry_time); + write_unlock(&detail->hash_lock); + cache_fresh_unlocked(old, detail, is_new); + return old; + } + write_unlock(&detail->hash_lock); + } + /* We need to insert a new entry */ + tmp = detail->alloc(); + if (!tmp) { + cache_put(old, detail); + return NULL; + } + cache_init(tmp); + detail->init(tmp, old); + head = &detail->hash_table[hash]; + + write_lock(&detail->hash_lock); + if (test_bit(CACHE_NEGATIVE, &new->flags)) + set_bit(CACHE_NEGATIVE, &tmp->flags); + else + detail->update(tmp, new); + tmp->next = *head; + *head = tmp; + cache_get(tmp); + is_new = cache_fresh_locked(tmp, new->expiry_time); + cache_fresh_locked(old, 0); + write_unlock(&detail->hash_lock); + cache_fresh_unlocked(tmp, detail, is_new); + cache_fresh_unlocked(old, detail, 0); + cache_put(old, detail); + return tmp; +} +EXPORT_SYMBOL(sunrpc_cache_update); static int cache_make_upcall(struct cache_detail *detail, struct cache_head *h); /* @@ -93,7 +216,8 @@ int cache_check(struct cache_detail *detail, clear_bit(CACHE_PENDING, &h->flags); if (rv == -EAGAIN) { set_bit(CACHE_NEGATIVE, &h->flags); - cache_fresh(detail, h, get_seconds()+CACHE_NEW_EXPIRY); + cache_fresh_unlocked(h, detail, + cache_fresh_locked(h, get_seconds()+CACHE_NEW_EXPIRY)); rv = -ENOENT; } break; @@ -109,25 +233,11 @@ int cache_check(struct cache_detail *detail, if (rv == -EAGAIN) cache_defer_req(rqstp, h); - if (rv && h) - detail->cache_put(h, detail); + if (rv) + cache_put(h, detail); return rv; } -static void queue_loose(struct cache_detail *detail, struct cache_head *ch); - -void cache_fresh(struct cache_detail *detail, - struct cache_head *head, time_t expiry) -{ - - head->expiry_time = expiry; - head->last_refresh = get_seconds(); - if (!test_and_set_bit(CACHE_VALID, &head->flags)) - cache_revisit_request(head); - if (test_and_clear_bit(CACHE_PENDING, &head->flags)) - queue_loose(detail, head); -} - /* * caches need to be periodically cleaned. * For this we maintain a list of cache_detail and @@ -321,7 +431,7 @@ static int cache_clean(void) if (test_and_clear_bit(CACHE_PENDING, &ch->flags)) queue_loose(current_detail, ch); - if (atomic_read(&ch->refcnt) == 1) + if (atomic_read(&ch->ref.refcount) == 1) break; } if (ch) { @@ -336,7 +446,7 @@ static int cache_clean(void) current_index ++; spin_unlock(&cache_list_lock); if (ch) - d->cache_put(ch, d); + cache_put(ch, d); } else spin_unlock(&cache_list_lock); @@ -452,7 +562,7 @@ static void cache_defer_req(struct cache_req *req, struct cache_head *item) /* there was one too many */ dreq->revisit(dreq, 1); } - if (test_bit(CACHE_VALID, &item->flags)) { + if (!test_bit(CACHE_PENDING, &item->flags)) { /* must have just been validated... */ cache_revisit_request(item); } @@ -532,7 +642,7 @@ void cache_clean_deferred(void *owner) */ static DEFINE_SPINLOCK(queue_lock); -static DECLARE_MUTEX(queue_io_sem); +static DEFINE_MUTEX(queue_io_mutex); struct cache_queue { struct list_head list; @@ -561,7 +671,7 @@ cache_read(struct file *filp, char __user *buf, size_t count, loff_t *ppos) if (count == 0) return 0; - down(&queue_io_sem); /* protect against multiple concurrent + mutex_lock(&queue_io_mutex); /* protect against multiple concurrent * readers on this file */ again: spin_lock(&queue_lock); @@ -574,7 +684,7 @@ cache_read(struct file *filp, char __user *buf, size_t count, loff_t *ppos) } if (rp->q.list.next == &cd->queue) { spin_unlock(&queue_lock); - up(&queue_io_sem); + mutex_unlock(&queue_io_mutex); BUG_ON(rp->offset); return 0; } @@ -613,7 +723,7 @@ cache_read(struct file *filp, char __user *buf, size_t count, loff_t *ppos) !test_bit(CACHE_PENDING, &rq->item->flags)) { list_del(&rq->q.list); spin_unlock(&queue_lock); - cd->cache_put(rq->item, cd); + cache_put(rq->item, cd); kfree(rq->buf); kfree(rq); } else @@ -621,11 +731,11 @@ cache_read(struct file *filp, char __user *buf, size_t count, loff_t *ppos) } if (err == -EAGAIN) goto again; - up(&queue_io_sem); + mutex_unlock(&queue_io_mutex); return err ? err : count; } -static char write_buf[8192]; /* protected by queue_io_sem */ +static char write_buf[8192]; /* protected by queue_io_mutex */ static ssize_t cache_write(struct file *filp, const char __user *buf, size_t count, @@ -639,10 +749,10 @@ cache_write(struct file *filp, const char __user *buf, size_t count, if (count >= sizeof(write_buf)) return -EINVAL; - down(&queue_io_sem); + mutex_lock(&queue_io_mutex); if (copy_from_user(write_buf, buf, count)) { - up(&queue_io_sem); + mutex_unlock(&queue_io_mutex); return -EFAULT; } write_buf[count] = '\0'; @@ -651,7 +761,7 @@ cache_write(struct file *filp, const char __user *buf, size_t count, else err = -EINVAL; - up(&queue_io_sem); + mutex_unlock(&queue_io_mutex); return err ? err : count; } @@ -793,10 +903,10 @@ static void queue_loose(struct cache_detail *detail, struct cache_head *ch) if (cr->item != ch) continue; if (cr->readers != 0) - break; + continue; list_del(&cr->q.list); spin_unlock(&queue_lock); - detail->cache_put(cr->item, detail); + cache_put(cr->item, detail); kfree(cr->buf); kfree(cr); return; @@ -1081,8 +1191,8 @@ static int c_show(struct seq_file *m, void *p) return cd->cache_show(m, cd, NULL); ifdebug(CACHE) - seq_printf(m, "# expiry=%ld refcnt=%d\n", - cp->expiry_time, atomic_read(&cp->refcnt)); + seq_printf(m, "# expiry=%ld refcnt=%d flags=%lx\n", + cp->expiry_time, atomic_read(&cp->ref.refcount), cp->flags); cache_get(cp); if (cache_check(cd, cp, NULL)) /* cache_check does a cache_put on failure */ diff --git a/net/sunrpc/clnt.c b/net/sunrpc/clnt.c index d784797..aa8965e 100644 --- a/net/sunrpc/clnt.c +++ b/net/sunrpc/clnt.c @@ -28,12 +28,11 @@ #include <linux/mm.h> #include <linux/slab.h> #include <linux/utsname.h> +#include <linux/workqueue.h> #include <linux/sunrpc/clnt.h> -#include <linux/workqueue.h> #include <linux/sunrpc/rpc_pipe_fs.h> - -#include <linux/nfs.h> +#include <linux/sunrpc/metrics.h> #define RPC_SLACK_SPACE (1024) /* total overkill */ @@ -71,8 +70,15 @@ rpc_setup_pipedir(struct rpc_clnt *clnt, char *dir_name) static uint32_t clntid; int error; + clnt->cl_vfsmnt = ERR_PTR(-ENOENT); + clnt->cl_dentry = ERR_PTR(-ENOENT); if (dir_name == NULL) return 0; + + clnt->cl_vfsmnt = rpc_get_mount(); + if (IS_ERR(clnt->cl_vfsmnt)) + return PTR_ERR(clnt->cl_vfsmnt); + for (;;) { snprintf(clnt->cl_pathname, sizeof(clnt->cl_pathname), "%s/clnt%x", dir_name, @@ -85,6 +91,7 @@ rpc_setup_pipedir(struct rpc_clnt *clnt, char *dir_name) if (error != -EEXIST) { printk(KERN_INFO "RPC: Couldn't create pipefs entry %s, error %d\n", clnt->cl_pathname, error); + rpc_put_mount(); return error; } } @@ -147,6 +154,7 @@ rpc_new_client(struct rpc_xprt *xprt, char *servname, clnt->cl_vers = version->number; clnt->cl_prot = xprt->prot; clnt->cl_stats = program->stats; + clnt->cl_metrics = rpc_alloc_iostats(clnt); rpc_init_wait_queue(&clnt->cl_pmap_default.pm_bindwait, "bindwait"); if (!clnt->cl_port) @@ -175,7 +183,11 @@ rpc_new_client(struct rpc_xprt *xprt, char *servname, return clnt; out_no_auth: - rpc_rmdir(clnt->cl_pathname); + if (!IS_ERR(clnt->cl_dentry)) { + rpc_rmdir(clnt->cl_pathname); + dput(clnt->cl_dentry); + rpc_put_mount(); + } out_no_path: if (clnt->cl_server != clnt->cl_inline_name) kfree(clnt->cl_server); @@ -240,11 +252,15 @@ rpc_clone_client(struct rpc_clnt *clnt) new->cl_autobind = 0; new->cl_oneshot = 0; new->cl_dead = 0; + if (!IS_ERR(new->cl_dentry)) { + dget(new->cl_dentry); + rpc_get_mount(); + } rpc_init_rtt(&new->cl_rtt_default, clnt->cl_xprt->timeout.to_initval); if (new->cl_auth) atomic_inc(&new->cl_auth->au_count); new->cl_pmap = &new->cl_pmap_default; - rpc_init_wait_queue(&new->cl_pmap_default.pm_bindwait, "bindwait"); + new->cl_metrics = rpc_alloc_iostats(clnt); return new; out_no_clnt: printk(KERN_INFO "RPC: out of memory in %s\n", __FUNCTION__); @@ -314,6 +330,12 @@ rpc_destroy_client(struct rpc_clnt *clnt) if (clnt->cl_server != clnt->cl_inline_name) kfree(clnt->cl_server); out_free: + rpc_free_iostats(clnt->cl_metrics); + clnt->cl_metrics = NULL; + if (!IS_ERR(clnt->cl_dentry)) { + dput(clnt->cl_dentry); + rpc_put_mount(); + } kfree(clnt); return 0; } @@ -473,15 +495,16 @@ rpc_call_async(struct rpc_clnt *clnt, struct rpc_message *msg, int flags, int status; /* If this client is slain all further I/O fails */ + status = -EIO; if (clnt->cl_dead) - return -EIO; + goto out_release; flags |= RPC_TASK_ASYNC; /* Create/initialize a new RPC task */ status = -ENOMEM; if (!(task = rpc_new_task(clnt, flags, tk_ops, data))) - goto out; + goto out_release; /* Mask signals on GSS_AUTH upcalls */ rpc_task_sigmask(task, &oldset); @@ -496,7 +519,10 @@ rpc_call_async(struct rpc_clnt *clnt, struct rpc_message *msg, int flags, rpc_release_task(task); rpc_restore_sigmask(&oldset); -out: + return status; +out_release: + if (tk_ops->rpc_release != NULL) + tk_ops->rpc_release(data); return status; } @@ -993,6 +1019,8 @@ call_timeout(struct rpc_task *task) } dprintk("RPC: %4d call_timeout (major)\n", task->tk_pid); + task->tk_timeouts++; + if (RPC_IS_SOFT(task)) { printk(KERN_NOTICE "%s: server %s not responding, timed out\n", clnt->cl_protname, clnt->cl_server); @@ -1045,6 +1073,11 @@ call_decode(struct rpc_task *task) return; } + /* + * Ensure that we see all writes made by xprt_complete_rqst() + * before it changed req->rq_received. + */ + smp_rmb(); req->rq_rcv_buf.len = req->rq_private_buf.len; /* Check that the softirq receive buffer is valid */ @@ -1194,8 +1227,8 @@ call_verify(struct rpc_task *task) task->tk_action = call_bind; goto out_retry; case RPC_AUTH_TOOWEAK: - printk(KERN_NOTICE "call_verify: server requires stronger " - "authentication.\n"); + printk(KERN_NOTICE "call_verify: server %s requires stronger " + "authentication.\n", task->tk_client->cl_server); break; default: printk(KERN_WARNING "call_verify: unknown auth error: %x\n", n); diff --git a/net/sunrpc/pmap_clnt.c b/net/sunrpc/pmap_clnt.c index 8139ce6..d25b054 100644 --- a/net/sunrpc/pmap_clnt.c +++ b/net/sunrpc/pmap_clnt.c @@ -82,6 +82,7 @@ rpc_getport(struct rpc_task *task, struct rpc_clnt *clnt) rpc_call_setup(child, &msg, 0); /* ... and run the child task */ + task->tk_xprt->stat.bind_count++; rpc_run_child(task, child, pmap_getport_done); return; @@ -103,6 +104,11 @@ rpc_getport_external(struct sockaddr_in *sin, __u32 prog, __u32 vers, int prot) .pm_prot = prot, .pm_port = 0 }; + struct rpc_message msg = { + .rpc_proc = &pmap_procedures[PMAP_GETPORT], + .rpc_argp = &map, + .rpc_resp = &map.pm_port, + }; struct rpc_clnt *pmap_clnt; char hostname[32]; int status; @@ -116,7 +122,7 @@ rpc_getport_external(struct sockaddr_in *sin, __u32 prog, __u32 vers, int prot) return PTR_ERR(pmap_clnt); /* Setup the call info struct */ - status = rpc_call(pmap_clnt, PMAP_GETPORT, &map, &map.pm_port, 0); + status = rpc_call_sync(pmap_clnt, &msg, 0); if (status >= 0) { if (map.pm_port != 0) @@ -161,16 +167,27 @@ pmap_getport_done(struct rpc_task *task) int rpc_register(u32 prog, u32 vers, int prot, unsigned short port, int *okay) { - struct sockaddr_in sin; - struct rpc_portmap map; + struct sockaddr_in sin = { + .sin_family = AF_INET, + .sin_addr.s_addr = htonl(INADDR_LOOPBACK), + }; + struct rpc_portmap map = { + .pm_prog = prog, + .pm_vers = vers, + .pm_prot = prot, + .pm_port = port, + }; + struct rpc_message msg = { + .rpc_proc = &pmap_procedures[port ? PMAP_SET : PMAP_UNSET], + .rpc_argp = &map, + .rpc_resp = okay, + }; struct rpc_clnt *pmap_clnt; int error = 0; dprintk("RPC: registering (%d, %d, %d, %d) with portmapper.\n", prog, vers, prot, port); - sin.sin_family = AF_INET; - sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK); pmap_clnt = pmap_create("localhost", &sin, IPPROTO_UDP, 1); if (IS_ERR(pmap_clnt)) { error = PTR_ERR(pmap_clnt); @@ -178,13 +195,7 @@ rpc_register(u32 prog, u32 vers, int prot, unsigned short port, int *okay) return error; } - map.pm_prog = prog; - map.pm_vers = vers; - map.pm_prot = prot; - map.pm_port = port; - - error = rpc_call(pmap_clnt, port? PMAP_SET : PMAP_UNSET, - &map, okay, 0); + error = rpc_call_sync(pmap_clnt, &msg, 0); if (error < 0) { printk(KERN_WARNING @@ -260,6 +271,8 @@ static struct rpc_procinfo pmap_procedures[] = { .p_decode = (kxdrproc_t) xdr_decode_bool, .p_bufsiz = 4, .p_count = 1, + .p_statidx = PMAP_SET, + .p_name = "SET", }, [PMAP_UNSET] = { .p_proc = PMAP_UNSET, @@ -267,6 +280,8 @@ static struct rpc_procinfo pmap_procedures[] = { .p_decode = (kxdrproc_t) xdr_decode_bool, .p_bufsiz = 4, .p_count = 1, + .p_statidx = PMAP_UNSET, + .p_name = "UNSET", }, [PMAP_GETPORT] = { .p_proc = PMAP_GETPORT, @@ -274,6 +289,8 @@ static struct rpc_procinfo pmap_procedures[] = { .p_decode = (kxdrproc_t) xdr_decode_port, .p_bufsiz = 4, .p_count = 1, + .p_statidx = PMAP_GETPORT, + .p_name = "GETPORT", }, }; diff --git a/net/sunrpc/rpc_pipe.c b/net/sunrpc/rpc_pipe.c index a5c0c7b..cc673dd 100644 --- a/net/sunrpc/rpc_pipe.c +++ b/net/sunrpc/rpc_pipe.c @@ -91,7 +91,8 @@ rpc_queue_upcall(struct inode *inode, struct rpc_pipe_msg *msg) res = 0; } else if (rpci->flags & RPC_PIPE_WAIT_FOR_OPEN) { if (list_empty(&rpci->pipe)) - schedule_delayed_work(&rpci->queue_timeout, + queue_delayed_work(rpciod_workqueue, + &rpci->queue_timeout, RPC_UPCALL_TIMEOUT); list_add_tail(&msg->list, &rpci->pipe); rpci->pipelen += msg->len; @@ -132,7 +133,7 @@ rpc_close_pipes(struct inode *inode) if (ops->release_pipe) ops->release_pipe(inode); cancel_delayed_work(&rpci->queue_timeout); - flush_scheduled_work(); + flush_workqueue(rpciod_workqueue); } rpc_inode_setowner(inode, NULL); mutex_unlock(&inode->i_mutex); @@ -394,7 +395,7 @@ enum { */ struct rpc_filelist { char *name; - struct file_operations *i_fop; + const struct file_operations *i_fop; int mode; }; @@ -434,14 +435,17 @@ static struct rpc_filelist authfiles[] = { }, }; -static int -rpc_get_mount(void) +struct vfsmount *rpc_get_mount(void) { - return simple_pin_fs("rpc_pipefs", &rpc_mount, &rpc_mount_count); + int err; + + err = simple_pin_fs("rpc_pipefs", &rpc_mount, &rpc_mount_count); + if (err != 0) + return ERR_PTR(err); + return rpc_mount; } -static void -rpc_put_mount(void) +void rpc_put_mount(void) { simple_release_fs(&rpc_mount, &rpc_mount_count); } @@ -451,12 +455,13 @@ rpc_lookup_parent(char *path, struct nameidata *nd) { if (path[0] == '\0') return -ENOENT; - if (rpc_get_mount()) { + nd->mnt = rpc_get_mount(); + if (IS_ERR(nd->mnt)) { printk(KERN_WARNING "%s: %s failed to mount " "pseudofilesystem \n", __FILE__, __FUNCTION__); - return -ENODEV; + return PTR_ERR(nd->mnt); } - nd->mnt = mntget(rpc_mount); + mntget(nd->mnt); nd->dentry = dget(rpc_mount->mnt_root); nd->last_type = LAST_ROOT; nd->flags = LOOKUP_PARENT; @@ -593,7 +598,6 @@ __rpc_mkdir(struct inode *dir, struct dentry *dentry) d_instantiate(dentry, inode); dir->i_nlink++; inode_dir_notify(dir, DN_CREATE); - rpc_get_mount(); return 0; out_err: printk(KERN_WARNING "%s: %s failed to allocate inode for dentry %s\n", @@ -614,7 +618,6 @@ __rpc_rmdir(struct inode *dir, struct dentry *dentry) if (!error) { inode_dir_notify(dir, DN_DELETE); d_drop(dentry); - rpc_put_mount(); } return 0; } @@ -668,7 +671,7 @@ rpc_mkdir(char *path, struct rpc_clnt *rpc_client) out: mutex_unlock(&dir->i_mutex); rpc_release_path(&nd); - return dentry; + return dget(dentry); err_depopulate: rpc_depopulate(dentry); __rpc_rmdir(dir, dentry); @@ -732,7 +735,7 @@ rpc_mkpipe(char *path, void *private, struct rpc_pipe_ops *ops, int flags) out: mutex_unlock(&dir->i_mutex); rpc_release_path(&nd); - return dentry; + return dget(dentry); err_dput: dput(dentry); dentry = ERR_PTR(-ENOMEM); @@ -849,9 +852,10 @@ init_once(void * foo, kmem_cache_t * cachep, unsigned long flags) int register_rpc_pipefs(void) { rpc_inode_cachep = kmem_cache_create("rpc_inode_cache", - sizeof(struct rpc_inode), - 0, SLAB_HWCACHE_ALIGN|SLAB_RECLAIM_ACCOUNT, - init_once, NULL); + sizeof(struct rpc_inode), + 0, (SLAB_HWCACHE_ALIGN|SLAB_RECLAIM_ACCOUNT| + SLAB_MEM_SPREAD), + init_once, NULL); if (!rpc_inode_cachep) return -ENOMEM; register_filesystem(&rpc_pipe_fs_type); diff --git a/net/sunrpc/sched.c b/net/sunrpc/sched.c index e838d04..5c3eee76 100644 --- a/net/sunrpc/sched.c +++ b/net/sunrpc/sched.c @@ -18,6 +18,7 @@ #include <linux/smp.h> #include <linux/smp_lock.h> #include <linux/spinlock.h> +#include <linux/mutex.h> #include <linux/sunrpc/clnt.h> #include <linux/sunrpc/xprt.h> @@ -62,9 +63,9 @@ static LIST_HEAD(all_tasks); /* * rpciod-related stuff */ -static DECLARE_MUTEX(rpciod_sema); +static DEFINE_MUTEX(rpciod_mutex); static unsigned int rpciod_users; -static struct workqueue_struct *rpciod_workqueue; +struct workqueue_struct *rpciod_workqueue; /* * Spinlock for other critical sections of code. @@ -181,6 +182,7 @@ static void __rpc_add_wait_queue(struct rpc_wait_queue *queue, struct rpc_task * else list_add_tail(&task->u.tk_wait.list, &queue->tasks[0]); task->u.tk_wait.rpc_waitq = queue; + queue->qlen++; rpc_set_queued(task); dprintk("RPC: %4d added to queue %p \"%s\"\n", @@ -215,6 +217,7 @@ static void __rpc_remove_wait_queue(struct rpc_task *task) __rpc_remove_wait_queue_priority(task); else list_del(&task->u.tk_wait.list); + queue->qlen--; dprintk("RPC: %4d removed from queue %p \"%s\"\n", task->tk_pid, queue, rpc_qname(queue)); } @@ -815,6 +818,9 @@ void rpc_init_task(struct rpc_task *task, struct rpc_clnt *clnt, int flags, cons BUG_ON(task->tk_ops == NULL); + /* starting timestamp */ + task->tk_start = jiffies; + dprintk("RPC: %4d new task procpid %d\n", task->tk_pid, current->pid); } @@ -916,8 +922,11 @@ struct rpc_task *rpc_run_task(struct rpc_clnt *clnt, int flags, { struct rpc_task *task; task = rpc_new_task(clnt, flags, ops, data); - if (task == NULL) + if (task == NULL) { + if (ops->rpc_release != NULL) + ops->rpc_release(data); return ERR_PTR(-ENOMEM); + } atomic_inc(&task->tk_count); rpc_execute(task); return task; @@ -1047,7 +1056,7 @@ rpciod_up(void) struct workqueue_struct *wq; int error = 0; - down(&rpciod_sema); + mutex_lock(&rpciod_mutex); dprintk("rpciod_up: users %d\n", rpciod_users); rpciod_users++; if (rpciod_workqueue) @@ -1070,14 +1079,14 @@ rpciod_up(void) rpciod_workqueue = wq; error = 0; out: - up(&rpciod_sema); + mutex_unlock(&rpciod_mutex); return error; } void rpciod_down(void) { - down(&rpciod_sema); + mutex_lock(&rpciod_mutex); dprintk("rpciod_down sema %d\n", rpciod_users); if (rpciod_users) { if (--rpciod_users) @@ -1094,7 +1103,7 @@ rpciod_down(void) destroy_workqueue(rpciod_workqueue); rpciod_workqueue = NULL; out: - up(&rpciod_sema); + mutex_unlock(&rpciod_mutex); } #ifdef RPC_DEBUG @@ -1158,16 +1167,12 @@ rpc_init_mempool(void) NULL, NULL); if (!rpc_buffer_slabp) goto err_nomem; - rpc_task_mempool = mempool_create(RPC_TASK_POOLSIZE, - mempool_alloc_slab, - mempool_free_slab, - rpc_task_slabp); + rpc_task_mempool = mempool_create_slab_pool(RPC_TASK_POOLSIZE, + rpc_task_slabp); if (!rpc_task_mempool) goto err_nomem; - rpc_buffer_mempool = mempool_create(RPC_BUFFER_POOLSIZE, - mempool_alloc_slab, - mempool_free_slab, - rpc_buffer_slabp); + rpc_buffer_mempool = mempool_create_slab_pool(RPC_BUFFER_POOLSIZE, + rpc_buffer_slabp); if (!rpc_buffer_mempool) goto err_nomem; return 0; diff --git a/net/sunrpc/stats.c b/net/sunrpc/stats.c index 4979f22..dea5296 100644 --- a/net/sunrpc/stats.c +++ b/net/sunrpc/stats.c @@ -21,6 +21,7 @@ #include <linux/seq_file.h> #include <linux/sunrpc/clnt.h> #include <linux/sunrpc/svcsock.h> +#include <linux/sunrpc/metrics.h> #define RPCDBG_FACILITY RPCDBG_MISC @@ -106,11 +107,125 @@ void svc_seq_show(struct seq_file *seq, const struct svc_stat *statp) { } } +/** + * rpc_alloc_iostats - allocate an rpc_iostats structure + * @clnt: RPC program, version, and xprt + * + */ +struct rpc_iostats *rpc_alloc_iostats(struct rpc_clnt *clnt) +{ + unsigned int ops = clnt->cl_maxproc; + size_t size = ops * sizeof(struct rpc_iostats); + struct rpc_iostats *new; + + new = kmalloc(size, GFP_KERNEL); + if (new) + memset(new, 0 , size); + return new; +} +EXPORT_SYMBOL(rpc_alloc_iostats); + +/** + * rpc_free_iostats - release an rpc_iostats structure + * @stats: doomed rpc_iostats structure + * + */ +void rpc_free_iostats(struct rpc_iostats *stats) +{ + kfree(stats); +} +EXPORT_SYMBOL(rpc_free_iostats); + +/** + * rpc_count_iostats - tally up per-task stats + * @task: completed rpc_task + * + * Relies on the caller for serialization. + */ +void rpc_count_iostats(struct rpc_task *task) +{ + struct rpc_rqst *req = task->tk_rqstp; + struct rpc_iostats *stats = task->tk_client->cl_metrics; + struct rpc_iostats *op_metrics; + long rtt, execute, queue; + + if (!stats || !req) + return; + op_metrics = &stats[task->tk_msg.rpc_proc->p_statidx]; + + op_metrics->om_ops++; + op_metrics->om_ntrans += req->rq_ntrans; + op_metrics->om_timeouts += task->tk_timeouts; + + op_metrics->om_bytes_sent += task->tk_bytes_sent; + op_metrics->om_bytes_recv += req->rq_received; + + queue = (long)req->rq_xtime - task->tk_start; + if (queue < 0) + queue = -queue; + op_metrics->om_queue += queue; + + rtt = task->tk_rtt; + if (rtt < 0) + rtt = -rtt; + op_metrics->om_rtt += rtt; + + execute = (long)jiffies - task->tk_start; + if (execute < 0) + execute = -execute; + op_metrics->om_execute += execute; +} + +void _print_name(struct seq_file *seq, unsigned int op, struct rpc_procinfo *procs) +{ + if (procs[op].p_name) + seq_printf(seq, "\t%12s: ", procs[op].p_name); + else if (op == 0) + seq_printf(seq, "\t NULL: "); + else + seq_printf(seq, "\t%12u: ", op); +} + +#define MILLISECS_PER_JIFFY (1000 / HZ) + +void rpc_print_iostats(struct seq_file *seq, struct rpc_clnt *clnt) +{ + struct rpc_iostats *stats = clnt->cl_metrics; + struct rpc_xprt *xprt = clnt->cl_xprt; + unsigned int op, maxproc = clnt->cl_maxproc; + + if (!stats) + return; + + seq_printf(seq, "\tRPC iostats version: %s ", RPC_IOSTATS_VERS); + seq_printf(seq, "p/v: %u/%u (%s)\n", + clnt->cl_prog, clnt->cl_vers, clnt->cl_protname); + + if (xprt) + xprt->ops->print_stats(xprt, seq); + + seq_printf(seq, "\tper-op statistics\n"); + for (op = 0; op < maxproc; op++) { + struct rpc_iostats *metrics = &stats[op]; + _print_name(seq, op, clnt->cl_procinfo); + seq_printf(seq, "%lu %lu %lu %Lu %Lu %Lu %Lu %Lu\n", + metrics->om_ops, + metrics->om_ntrans, + metrics->om_timeouts, + metrics->om_bytes_sent, + metrics->om_bytes_recv, + metrics->om_queue * MILLISECS_PER_JIFFY, + metrics->om_rtt * MILLISECS_PER_JIFFY, + metrics->om_execute * MILLISECS_PER_JIFFY); + } +} +EXPORT_SYMBOL(rpc_print_iostats); + /* * Register/unregister RPC proc files */ static inline struct proc_dir_entry * -do_register(const char *name, void *data, struct file_operations *fops) +do_register(const char *name, void *data, const struct file_operations *fops) { struct proc_dir_entry *ent; @@ -138,7 +253,7 @@ rpc_proc_unregister(const char *name) } struct proc_dir_entry * -svc_proc_register(struct svc_stat *statp, struct file_operations *fops) +svc_proc_register(struct svc_stat *statp, const struct file_operations *fops) { return do_register(statp->program->pg_name, statp, fops); } diff --git a/net/sunrpc/sunrpc_syms.c b/net/sunrpc/sunrpc_syms.c index 9f73732..769114f 100644 --- a/net/sunrpc/sunrpc_syms.c +++ b/net/sunrpc/sunrpc_syms.c @@ -105,8 +105,6 @@ EXPORT_SYMBOL(auth_unix_lookup); EXPORT_SYMBOL(cache_check); EXPORT_SYMBOL(cache_flush); EXPORT_SYMBOL(cache_purge); -EXPORT_SYMBOL(cache_fresh); -EXPORT_SYMBOL(cache_init); EXPORT_SYMBOL(cache_register); EXPORT_SYMBOL(cache_unregister); EXPORT_SYMBOL(qword_add); @@ -142,6 +140,7 @@ EXPORT_SYMBOL(nlm_debug); extern int register_rpc_pipefs(void); extern void unregister_rpc_pipefs(void); +extern struct cache_detail ip_map_cache; static int __init init_sunrpc(void) @@ -158,7 +157,6 @@ init_sunrpc(void) #ifdef CONFIG_PROC_FS rpc_proc_init(); #endif - cache_register(&auth_domain_cache); cache_register(&ip_map_cache); out: return err; @@ -169,8 +167,6 @@ cleanup_sunrpc(void) { unregister_rpc_pipefs(); rpc_destroy_mempool(); - if (cache_unregister(&auth_domain_cache)) - printk(KERN_ERR "sunrpc: failed to unregister auth_domain cache\n"); if (cache_unregister(&ip_map_cache)) printk(KERN_ERR "sunrpc: failed to unregister ip_map cache\n"); #ifdef RPC_DEBUG diff --git a/net/sunrpc/svcauth.c b/net/sunrpc/svcauth.c index dda4f0c..5b28c61 100644 --- a/net/sunrpc/svcauth.c +++ b/net/sunrpc/svcauth.c @@ -106,112 +106,56 @@ svc_auth_unregister(rpc_authflavor_t flavor) EXPORT_SYMBOL(svc_auth_unregister); /************************************************** - * cache for domain name to auth_domain - * Entries are only added by flavours which will normally - * have a structure that 'inherits' from auth_domain. - * e.g. when an IP -> domainname is given to auth_unix, - * and the domain name doesn't exist, it will create a - * auth_unix_domain and add it to this hash table. - * If it finds the name does exist, but isn't AUTH_UNIX, - * it will complain. + * 'auth_domains' are stored in a hash table indexed by name. + * When the last reference to an 'auth_domain' is dropped, + * the object is unhashed and freed. + * If auth_domain_lookup fails to find an entry, it will return + * it's second argument 'new'. If this is non-null, it will + * have been atomically linked into the table. */ -/* - * Auth auth_domain cache is somewhat different to other caches, - * largely because the entries are possibly of different types: - * each auth flavour has it's own type. - * One consequence of this that DefineCacheLookup cannot - * allocate a new structure as it cannot know the size. - * Notice that the "INIT" code fragment is quite different - * from other caches. When auth_domain_lookup might be - * creating a new domain, the new domain is passed in - * complete and it is used as-is rather than being copied into - * another structure. - */ #define DN_HASHBITS 6 #define DN_HASHMAX (1<<DN_HASHBITS) #define DN_HASHMASK (DN_HASHMAX-1) -static struct cache_head *auth_domain_table[DN_HASHMAX]; - -static void auth_domain_drop(struct cache_head *item, struct cache_detail *cd) -{ - struct auth_domain *dom = container_of(item, struct auth_domain, h); - if (cache_put(item,cd)) - authtab[dom->flavour]->domain_release(dom); -} - - -struct cache_detail auth_domain_cache = { - .owner = THIS_MODULE, - .hash_size = DN_HASHMAX, - .hash_table = auth_domain_table, - .name = "auth.domain", - .cache_put = auth_domain_drop, -}; +static struct hlist_head auth_domain_table[DN_HASHMAX]; +static spinlock_t auth_domain_lock = SPIN_LOCK_UNLOCKED; void auth_domain_put(struct auth_domain *dom) { - auth_domain_drop(&dom->h, &auth_domain_cache); -} - -static inline int auth_domain_hash(struct auth_domain *item) -{ - return hash_str(item->name, DN_HASHBITS); -} -static inline int auth_domain_match(struct auth_domain *tmp, struct auth_domain *item) -{ - return strcmp(tmp->name, item->name) == 0; + if (atomic_dec_and_lock(&dom->ref.refcount, &auth_domain_lock)) { + hlist_del(&dom->hash); + dom->flavour->domain_release(dom); + } } struct auth_domain * -auth_domain_lookup(struct auth_domain *item, int set) +auth_domain_lookup(char *name, struct auth_domain *new) { - struct auth_domain *tmp = NULL; - struct cache_head **hp, **head; - head = &auth_domain_cache.hash_table[auth_domain_hash(item)]; - - if (set) - write_lock(&auth_domain_cache.hash_lock); - else - read_lock(&auth_domain_cache.hash_lock); - for (hp=head; *hp != NULL; hp = &tmp->h.next) { - tmp = container_of(*hp, struct auth_domain, h); - if (!auth_domain_match(tmp, item)) - continue; - if (!set) { - cache_get(&tmp->h); - goto out_noset; + struct auth_domain *hp; + struct hlist_head *head; + struct hlist_node *np; + + head = &auth_domain_table[hash_str(name, DN_HASHBITS)]; + + spin_lock(&auth_domain_lock); + + hlist_for_each_entry(hp, np, head, hash) { + if (strcmp(hp->name, name)==0) { + kref_get(&hp->ref); + spin_unlock(&auth_domain_lock); + return hp; } - *hp = tmp->h.next; - tmp->h.next = NULL; - auth_domain_drop(&tmp->h, &auth_domain_cache); - goto out_set; } - /* Didn't find anything */ - if (!set) - goto out_nada; - auth_domain_cache.entries++; -out_set: - item->h.next = *head; - *head = &item->h; - cache_get(&item->h); - write_unlock(&auth_domain_cache.hash_lock); - cache_fresh(&auth_domain_cache, &item->h, item->h.expiry_time); - cache_get(&item->h); - return item; -out_nada: - tmp = NULL; -out_noset: - read_unlock(&auth_domain_cache.hash_lock); - return tmp; + if (new) { + hlist_add_head(&new->hash, head); + kref_get(&new->ref); + } + spin_unlock(&auth_domain_lock); + return new; } struct auth_domain *auth_domain_find(char *name) { - struct auth_domain *rv, ad; - - ad.name = name; - rv = auth_domain_lookup(&ad, 0); - return rv; + return auth_domain_lookup(name, NULL); } diff --git a/net/sunrpc/svcauth_unix.c b/net/sunrpc/svcauth_unix.c index 3e6c694..7e5707e 100644 --- a/net/sunrpc/svcauth_unix.c +++ b/net/sunrpc/svcauth_unix.c @@ -27,41 +27,35 @@ struct unix_domain { /* other stuff later */ }; +extern struct auth_ops svcauth_unix; + struct auth_domain *unix_domain_find(char *name) { - struct auth_domain *rv, ud; - struct unix_domain *new; - - ud.name = name; - - rv = auth_domain_lookup(&ud, 0); - - foundit: - if (rv && rv->flavour != RPC_AUTH_UNIX) { - auth_domain_put(rv); - return NULL; - } - if (rv) - return rv; - - new = kmalloc(sizeof(*new), GFP_KERNEL); - if (new == NULL) - return NULL; - cache_init(&new->h.h); - new->h.name = kstrdup(name, GFP_KERNEL); - new->h.flavour = RPC_AUTH_UNIX; - new->addr_changes = 0; - new->h.h.expiry_time = NEVER; - - rv = auth_domain_lookup(&new->h, 2); - if (rv == &new->h) { - if (atomic_dec_and_test(&new->h.h.refcnt)) BUG(); - } else { - auth_domain_put(&new->h); - goto foundit; + struct auth_domain *rv; + struct unix_domain *new = NULL; + + rv = auth_domain_lookup(name, NULL); + while(1) { + if (rv) { + if (new && rv != &new->h) + auth_domain_put(&new->h); + + if (rv->flavour != &svcauth_unix) { + auth_domain_put(rv); + return NULL; + } + return rv; + } + + new = kmalloc(sizeof(*new), GFP_KERNEL); + if (new == NULL) + return NULL; + kref_init(&new->h.ref); + new->h.name = kstrdup(name, GFP_KERNEL); + new->h.flavour = &svcauth_unix; + new->addr_changes = 0; + rv = auth_domain_lookup(name, &new->h); } - - return rv; } static void svcauth_unix_domain_release(struct auth_domain *dom) @@ -90,15 +84,15 @@ struct ip_map { }; static struct cache_head *ip_table[IP_HASHMAX]; -static void ip_map_put(struct cache_head *item, struct cache_detail *cd) +static void ip_map_put(struct kref *kref) { + struct cache_head *item = container_of(kref, struct cache_head, ref); struct ip_map *im = container_of(item, struct ip_map,h); - if (cache_put(item, cd)) { - if (test_bit(CACHE_VALID, &item->flags) && - !test_bit(CACHE_NEGATIVE, &item->flags)) - auth_domain_put(&im->m_client->h); - kfree(im); - } + + if (test_bit(CACHE_VALID, &item->flags) && + !test_bit(CACHE_NEGATIVE, &item->flags)) + auth_domain_put(&im->m_client->h); + kfree(im); } #if IP_HASHBITS == 8 @@ -112,28 +106,38 @@ static inline int hash_ip(unsigned long ip) return (hash ^ (hash>>8)) & 0xff; } #endif - -static inline int ip_map_hash(struct ip_map *item) -{ - return hash_str(item->m_class, IP_HASHBITS) ^ - hash_ip((unsigned long)item->m_addr.s_addr); -} -static inline int ip_map_match(struct ip_map *item, struct ip_map *tmp) +static int ip_map_match(struct cache_head *corig, struct cache_head *cnew) { - return strcmp(tmp->m_class, item->m_class) == 0 - && tmp->m_addr.s_addr == item->m_addr.s_addr; + struct ip_map *orig = container_of(corig, struct ip_map, h); + struct ip_map *new = container_of(cnew, struct ip_map, h); + return strcmp(orig->m_class, new->m_class) == 0 + && orig->m_addr.s_addr == new->m_addr.s_addr; } -static inline void ip_map_init(struct ip_map *new, struct ip_map *item) +static void ip_map_init(struct cache_head *cnew, struct cache_head *citem) { + struct ip_map *new = container_of(cnew, struct ip_map, h); + struct ip_map *item = container_of(citem, struct ip_map, h); + strcpy(new->m_class, item->m_class); new->m_addr.s_addr = item->m_addr.s_addr; } -static inline void ip_map_update(struct ip_map *new, struct ip_map *item) +static void update(struct cache_head *cnew, struct cache_head *citem) { - cache_get(&item->m_client->h.h); + struct ip_map *new = container_of(cnew, struct ip_map, h); + struct ip_map *item = container_of(citem, struct ip_map, h); + + kref_get(&item->m_client->h.ref); new->m_client = item->m_client; new->m_add_change = item->m_add_change; } +static struct cache_head *ip_map_alloc(void) +{ + struct ip_map *i = kmalloc(sizeof(*i), GFP_KERNEL); + if (i) + return &i->h; + else + return NULL; +} static void ip_map_request(struct cache_detail *cd, struct cache_head *h, @@ -154,7 +158,8 @@ static void ip_map_request(struct cache_detail *cd, (*bpp)[-1] = '\n'; } -static struct ip_map *ip_map_lookup(struct ip_map *, int); +static struct ip_map *ip_map_lookup(char *class, struct in_addr addr); +static int ip_map_update(struct ip_map *ipm, struct unix_domain *udom, time_t expiry); static int ip_map_parse(struct cache_detail *cd, char *mesg, int mlen) @@ -166,7 +171,11 @@ static int ip_map_parse(struct cache_detail *cd, int len; int b1,b2,b3,b4; char c; - struct ip_map ipm, *ipmp; + char class[8]; + struct in_addr addr; + int err; + + struct ip_map *ipmp; struct auth_domain *dom; time_t expiry; @@ -175,7 +184,7 @@ static int ip_map_parse(struct cache_detail *cd, mesg[mlen-1] = 0; /* class */ - len = qword_get(&mesg, ipm.m_class, sizeof(ipm.m_class)); + len = qword_get(&mesg, class, sizeof(class)); if (len <= 0) return -EINVAL; /* ip address */ @@ -200,25 +209,22 @@ static int ip_map_parse(struct cache_detail *cd, } else dom = NULL; - ipm.m_addr.s_addr = + addr.s_addr = htonl((((((b1<<8)|b2)<<8)|b3)<<8)|b4); - ipm.h.flags = 0; - if (dom) { - ipm.m_client = container_of(dom, struct unix_domain, h); - ipm.m_add_change = ipm.m_client->addr_changes; + + ipmp = ip_map_lookup(class,addr); + if (ipmp) { + err = ip_map_update(ipmp, + container_of(dom, struct unix_domain, h), + expiry); } else - set_bit(CACHE_NEGATIVE, &ipm.h.flags); - ipm.h.expiry_time = expiry; + err = -ENOMEM; - ipmp = ip_map_lookup(&ipm, 1); - if (ipmp) - ip_map_put(&ipmp->h, &ip_map_cache); if (dom) auth_domain_put(dom); - if (!ipmp) - return -ENOMEM; + cache_flush(); - return 0; + return err; } static int ip_map_show(struct seq_file *m, @@ -262,32 +268,70 @@ struct cache_detail ip_map_cache = { .cache_request = ip_map_request, .cache_parse = ip_map_parse, .cache_show = ip_map_show, + .match = ip_map_match, + .init = ip_map_init, + .update = update, + .alloc = ip_map_alloc, }; -static DefineSimpleCacheLookup(ip_map, 0) +static struct ip_map *ip_map_lookup(char *class, struct in_addr addr) +{ + struct ip_map ip; + struct cache_head *ch; + + strcpy(ip.m_class, class); + ip.m_addr = addr; + ch = sunrpc_cache_lookup(&ip_map_cache, &ip.h, + hash_str(class, IP_HASHBITS) ^ + hash_ip((unsigned long)addr.s_addr)); + + if (ch) + return container_of(ch, struct ip_map, h); + else + return NULL; +} +static int ip_map_update(struct ip_map *ipm, struct unix_domain *udom, time_t expiry) +{ + struct ip_map ip; + struct cache_head *ch; + + ip.m_client = udom; + ip.h.flags = 0; + if (!udom) + set_bit(CACHE_NEGATIVE, &ip.h.flags); + else { + ip.m_add_change = udom->addr_changes; + /* if this is from the legacy set_client system call, + * we need m_add_change to be one higher + */ + if (expiry == NEVER) + ip.m_add_change++; + } + ip.h.expiry_time = expiry; + ch = sunrpc_cache_update(&ip_map_cache, + &ip.h, &ipm->h, + hash_str(ipm->m_class, IP_HASHBITS) ^ + hash_ip((unsigned long)ipm->m_addr.s_addr)); + if (!ch) + return -ENOMEM; + cache_put(ch, &ip_map_cache); + return 0; +} int auth_unix_add_addr(struct in_addr addr, struct auth_domain *dom) { struct unix_domain *udom; - struct ip_map ip, *ipmp; + struct ip_map *ipmp; - if (dom->flavour != RPC_AUTH_UNIX) + if (dom->flavour != &svcauth_unix) return -EINVAL; udom = container_of(dom, struct unix_domain, h); - strcpy(ip.m_class, "nfsd"); - ip.m_addr = addr; - ip.m_client = udom; - ip.m_add_change = udom->addr_changes+1; - ip.h.flags = 0; - ip.h.expiry_time = NEVER; - - ipmp = ip_map_lookup(&ip, 1); + ipmp = ip_map_lookup("nfsd", addr); - if (ipmp) { - ip_map_put(&ipmp->h, &ip_map_cache); - return 0; - } else + if (ipmp) + return ip_map_update(ipmp, udom, NEVER); + else return -ENOMEM; } @@ -295,7 +339,7 @@ int auth_unix_forget_old(struct auth_domain *dom) { struct unix_domain *udom; - if (dom->flavour != RPC_AUTH_UNIX) + if (dom->flavour != &svcauth_unix) return -EINVAL; udom = container_of(dom, struct unix_domain, h); udom->addr_changes++; @@ -310,7 +354,7 @@ struct auth_domain *auth_unix_lookup(struct in_addr addr) strcpy(key.m_class, "nfsd"); key.m_addr = addr; - ipm = ip_map_lookup(&key, 0); + ipm = ip_map_lookup("nfsd", addr); if (!ipm) return NULL; @@ -323,31 +367,28 @@ struct auth_domain *auth_unix_lookup(struct in_addr addr) rv = NULL; } else { rv = &ipm->m_client->h; - cache_get(&rv->h); + kref_get(&rv->ref); } - ip_map_put(&ipm->h, &ip_map_cache); + cache_put(&ipm->h, &ip_map_cache); return rv; } void svcauth_unix_purge(void) { cache_purge(&ip_map_cache); - cache_purge(&auth_domain_cache); } static int svcauth_unix_set_client(struct svc_rqst *rqstp) { - struct ip_map key, *ipm; + struct ip_map *ipm; rqstp->rq_client = NULL; if (rqstp->rq_proc == 0) return SVC_OK; - strcpy(key.m_class, rqstp->rq_server->sv_program->pg_class); - key.m_addr = rqstp->rq_addr.sin_addr; - - ipm = ip_map_lookup(&key, 0); + ipm = ip_map_lookup(rqstp->rq_server->sv_program->pg_class, + rqstp->rq_addr.sin_addr); if (ipm == NULL) return SVC_DENIED; @@ -361,8 +402,8 @@ svcauth_unix_set_client(struct svc_rqst *rqstp) return SVC_DENIED; case 0: rqstp->rq_client = &ipm->m_client->h; - cache_get(&rqstp->rq_client->h); - ip_map_put(&ipm->h, &ip_map_cache); + kref_get(&rqstp->rq_client->ref); + cache_put(&ipm->h, &ip_map_cache); break; } return SVC_OK; diff --git a/net/sunrpc/svcsock.c b/net/sunrpc/svcsock.c index 5058062..a27905a 100644 --- a/net/sunrpc/svcsock.c +++ b/net/sunrpc/svcsock.c @@ -1296,13 +1296,13 @@ svc_send(struct svc_rqst *rqstp) xb->page_len + xb->tail[0].iov_len; - /* Grab svsk->sk_sem to serialize outgoing data. */ - down(&svsk->sk_sem); + /* Grab svsk->sk_mutex to serialize outgoing data. */ + mutex_lock(&svsk->sk_mutex); if (test_bit(SK_DEAD, &svsk->sk_flags)) len = -ENOTCONN; else len = svsk->sk_sendto(rqstp); - up(&svsk->sk_sem); + mutex_unlock(&svsk->sk_mutex); svc_sock_release(rqstp); if (len == -ECONNREFUSED || len == -ENOTCONN || len == -EAGAIN) @@ -1351,7 +1351,7 @@ svc_setup_socket(struct svc_serv *serv, struct socket *sock, svsk->sk_lastrecv = get_seconds(); INIT_LIST_HEAD(&svsk->sk_deferred); INIT_LIST_HEAD(&svsk->sk_ready); - sema_init(&svsk->sk_sem, 1); + mutex_init(&svsk->sk_mutex); /* Initialize the socket */ if (sock->type == SOCK_DGRAM) diff --git a/net/sunrpc/xprt.c b/net/sunrpc/xprt.c index 8ff2c8a..4dd5b3c 100644 --- a/net/sunrpc/xprt.c +++ b/net/sunrpc/xprt.c @@ -44,13 +44,13 @@ #include <linux/random.h> #include <linux/sunrpc/clnt.h> +#include <linux/sunrpc/metrics.h> /* * Local variables */ #ifdef RPC_DEBUG -# undef RPC_DEBUG_DATA # define RPCDBG_FACILITY RPCDBG_XPRT #endif @@ -548,6 +548,7 @@ void xprt_connect(struct rpc_task *task) task->tk_timeout = xprt->connect_timeout; rpc_sleep_on(&xprt->pending, task, xprt_connect_status, NULL); + xprt->stat.connect_start = jiffies; xprt->ops->connect(task); } return; @@ -558,6 +559,8 @@ static void xprt_connect_status(struct rpc_task *task) struct rpc_xprt *xprt = task->tk_xprt; if (task->tk_status >= 0) { + xprt->stat.connect_count++; + xprt->stat.connect_time += (long)jiffies - xprt->stat.connect_start; dprintk("RPC: %4d xprt_connect_status: connection established\n", task->tk_pid); return; @@ -601,16 +604,14 @@ static void xprt_connect_status(struct rpc_task *task) struct rpc_rqst *xprt_lookup_rqst(struct rpc_xprt *xprt, u32 xid) { struct list_head *pos; - struct rpc_rqst *req = NULL; list_for_each(pos, &xprt->recv) { struct rpc_rqst *entry = list_entry(pos, struct rpc_rqst, rq_list); - if (entry->rq_xid == xid) { - req = entry; - break; - } + if (entry->rq_xid == xid) + return entry; } - return req; + xprt->stat.bad_xids++; + return NULL; } /** @@ -646,7 +647,12 @@ void xprt_complete_rqst(struct rpc_task *task, int copied) dprintk("RPC: %5u xid %08x complete (%d bytes received)\n", task->tk_pid, ntohl(req->rq_xid), copied); + task->tk_xprt->stat.recvs++; + task->tk_rtt = (long)jiffies - req->rq_xtime; + list_del_init(&req->rq_list); + /* Ensure all writes are done before we update req->rq_received */ + smp_wmb(); req->rq_received = req->rq_private_buf.len = copied; rpc_wake_up_task(task); } @@ -723,7 +729,6 @@ void xprt_transmit(struct rpc_task *task) dprintk("RPC: %4d xprt_transmit(%u)\n", task->tk_pid, req->rq_slen); - smp_rmb(); if (!req->rq_received) { if (list_empty(&req->rq_list)) { spin_lock_bh(&xprt->transport_lock); @@ -744,12 +749,19 @@ void xprt_transmit(struct rpc_task *task) if (status == 0) { dprintk("RPC: %4d xmit complete\n", task->tk_pid); spin_lock_bh(&xprt->transport_lock); + xprt->ops->set_retrans_timeout(task); + + xprt->stat.sends++; + xprt->stat.req_u += xprt->stat.sends - xprt->stat.recvs; + xprt->stat.bklog_u += xprt->backlog.qlen; + /* Don't race with disconnect */ if (!xprt_connected(xprt)) task->tk_status = -ENOTCONN; else if (!req->rq_received) rpc_sleep_on(&xprt->pending, task, NULL, xprt_timer); + xprt->ops->release_xprt(xprt, task); spin_unlock_bh(&xprt->transport_lock); return; @@ -848,6 +860,7 @@ void xprt_release(struct rpc_task *task) if (!(req = task->tk_rqstp)) return; + rpc_count_iostats(task); spin_lock_bh(&xprt->transport_lock); xprt->ops->release_xprt(xprt, task); if (xprt->ops->release_request) diff --git a/net/sunrpc/xprtsock.c b/net/sunrpc/xprtsock.c index c458f8d..4b4e7df 100644 --- a/net/sunrpc/xprtsock.c +++ b/net/sunrpc/xprtsock.c @@ -382,6 +382,7 @@ static int xs_tcp_send_request(struct rpc_task *task) /* If we've sent the entire packet, immediately * reset the count of bytes sent. */ req->rq_bytes_sent += status; + task->tk_bytes_sent += status; if (likely(req->rq_bytes_sent >= req->rq_slen)) { req->rq_bytes_sent = 0; return 0; @@ -1114,6 +1115,8 @@ static void xs_tcp_connect_worker(void *args) } /* Tell the socket layer to start connecting... */ + xprt->stat.connect_count++; + xprt->stat.connect_start = jiffies; status = sock->ops->connect(sock, (struct sockaddr *) &xprt->addr, sizeof(xprt->addr), O_NONBLOCK); dprintk("RPC: %p connect status %d connected %d sock state %d\n", @@ -1177,6 +1180,50 @@ static void xs_connect(struct rpc_task *task) } } +/** + * xs_udp_print_stats - display UDP socket-specifc stats + * @xprt: rpc_xprt struct containing statistics + * @seq: output file + * + */ +static void xs_udp_print_stats(struct rpc_xprt *xprt, struct seq_file *seq) +{ + seq_printf(seq, "\txprt:\tudp %u %lu %lu %lu %lu %Lu %Lu\n", + xprt->port, + xprt->stat.bind_count, + xprt->stat.sends, + xprt->stat.recvs, + xprt->stat.bad_xids, + xprt->stat.req_u, + xprt->stat.bklog_u); +} + +/** + * xs_tcp_print_stats - display TCP socket-specifc stats + * @xprt: rpc_xprt struct containing statistics + * @seq: output file + * + */ +static void xs_tcp_print_stats(struct rpc_xprt *xprt, struct seq_file *seq) +{ + long idle_time = 0; + + if (xprt_connected(xprt)) + idle_time = (long)(jiffies - xprt->last_used) / HZ; + + seq_printf(seq, "\txprt:\ttcp %u %lu %lu %lu %ld %lu %lu %lu %Lu %Lu\n", + xprt->port, + xprt->stat.bind_count, + xprt->stat.connect_count, + xprt->stat.connect_time, + idle_time, + xprt->stat.sends, + xprt->stat.recvs, + xprt->stat.bad_xids, + xprt->stat.req_u, + xprt->stat.bklog_u); +} + static struct rpc_xprt_ops xs_udp_ops = { .set_buffer_size = xs_udp_set_buffer_size, .reserve_xprt = xprt_reserve_xprt_cong, @@ -1191,6 +1238,7 @@ static struct rpc_xprt_ops xs_udp_ops = { .release_request = xprt_release_rqst_cong, .close = xs_close, .destroy = xs_destroy, + .print_stats = xs_udp_print_stats, }; static struct rpc_xprt_ops xs_tcp_ops = { @@ -1204,6 +1252,7 @@ static struct rpc_xprt_ops xs_tcp_ops = { .set_retrans_timeout = xprt_set_retrans_timeout_def, .close = xs_close, .destroy = xs_destroy, + .print_stats = xs_tcp_print_stats, }; /** diff --git a/net/tipc/bcast.c b/net/tipc/bcast.c index a7b04f3..2c4ecbe 100644 --- a/net/tipc/bcast.c +++ b/net/tipc/bcast.c @@ -107,22 +107,22 @@ static spinlock_t bc_lock = SPIN_LOCK_UNLOCKED; char tipc_bclink_name[] = "multicast-link"; -static inline u32 buf_seqno(struct sk_buff *buf) +static u32 buf_seqno(struct sk_buff *buf) { return msg_seqno(buf_msg(buf)); } -static inline u32 bcbuf_acks(struct sk_buff *buf) +static u32 bcbuf_acks(struct sk_buff *buf) { return (u32)(unsigned long)TIPC_SKB_CB(buf)->handle; } -static inline void bcbuf_set_acks(struct sk_buff *buf, u32 acks) +static void bcbuf_set_acks(struct sk_buff *buf, u32 acks) { TIPC_SKB_CB(buf)->handle = (void *)(unsigned long)acks; } -static inline void bcbuf_decr_acks(struct sk_buff *buf) +static void bcbuf_decr_acks(struct sk_buff *buf) { bcbuf_set_acks(buf, bcbuf_acks(buf) - 1); } @@ -134,7 +134,7 @@ static inline void bcbuf_decr_acks(struct sk_buff *buf) * Called with 'node' locked, bc_lock unlocked */ -static inline void bclink_set_gap(struct node *n_ptr) +static void bclink_set_gap(struct node *n_ptr) { struct sk_buff *buf = n_ptr->bclink.deferred_head; @@ -154,7 +154,7 @@ static inline void bclink_set_gap(struct node *n_ptr) * distribute NACKs, but tries to use the same spacing (divide by 16). */ -static inline int bclink_ack_allowed(u32 n) +static int bclink_ack_allowed(u32 n) { return((n % TIPC_MIN_LINK_WIN) == tipc_own_tag); } @@ -271,7 +271,7 @@ static void bclink_send_nack(struct node *n_ptr) msg_set_bcgap_to(msg, n_ptr->bclink.gap_to); msg_set_bcast_tag(msg, tipc_own_tag); - if (tipc_bearer_send(&bcbearer->bearer, buf, 0)) { + if (tipc_bearer_send(&bcbearer->bearer, buf, NULL)) { bcl->stats.sent_nacks++; buf_discard(buf); } else { @@ -314,7 +314,7 @@ void tipc_bclink_check_gap(struct node *n_ptr, u32 last_sent) * Only tipc_net_lock set. */ -void tipc_bclink_peek_nack(u32 dest, u32 sender_tag, u32 gap_after, u32 gap_to) +static void tipc_bclink_peek_nack(u32 dest, u32 sender_tag, u32 gap_after, u32 gap_to) { struct node *n_ptr = tipc_node_find(dest); u32 my_after, my_to; @@ -425,9 +425,9 @@ void tipc_bclink_recv_pkt(struct sk_buff *buf) msg_bcgap_to(msg)); } else { tipc_bclink_peek_nack(msg_destnode(msg), - msg_bcast_tag(msg), - msg_bcgap_after(msg), - msg_bcgap_to(msg)); + msg_bcast_tag(msg), + msg_bcgap_after(msg), + msg_bcgap_to(msg)); } buf_discard(buf); return; @@ -525,16 +525,18 @@ u32 tipc_bclink_acks_missing(struct node *n_ptr) * Returns 0 if packet sent successfully, non-zero if not */ -int tipc_bcbearer_send(struct sk_buff *buf, - struct tipc_bearer *unused1, - struct tipc_media_addr *unused2) +static int tipc_bcbearer_send(struct sk_buff *buf, + struct tipc_bearer *unused1, + struct tipc_media_addr *unused2) { static int send_count = 0; - struct node_map remains; - struct node_map remains_new; + struct node_map *remains; + struct node_map *remains_new; + struct node_map *remains_tmp; int bp_index; int swap_time; + int err; /* Prepare buffer for broadcasting (if first time trying to send it) */ @@ -555,7 +557,9 @@ int tipc_bcbearer_send(struct sk_buff *buf, /* Send buffer over bearers until all targets reached */ - remains = tipc_cltr_bcast_nodes; + remains = kmalloc(sizeof(struct node_map), GFP_ATOMIC); + remains_new = kmalloc(sizeof(struct node_map), GFP_ATOMIC); + *remains = tipc_cltr_bcast_nodes; for (bp_index = 0; bp_index < MAX_BEARERS; bp_index++) { struct bearer *p = bcbearer->bpairs[bp_index].primary; @@ -564,8 +568,8 @@ int tipc_bcbearer_send(struct sk_buff *buf, if (!p) break; /* no more bearers to try */ - tipc_nmap_diff(&remains, &p->nodes, &remains_new); - if (remains_new.count == remains.count) + tipc_nmap_diff(remains, &p->nodes, remains_new); + if (remains_new->count == remains->count) continue; /* bearer pair doesn't add anything */ if (!p->publ.blocked && @@ -583,17 +587,27 @@ swap: bcbearer->bpairs[bp_index].primary = s; bcbearer->bpairs[bp_index].secondary = p; update: - if (remains_new.count == 0) - return TIPC_OK; + if (remains_new->count == 0) { + err = TIPC_OK; + goto out; + } + /* swap map */ + remains_tmp = remains; remains = remains_new; + remains_new = remains_tmp; } /* Unable to reach all targets */ bcbearer->bearer.publ.blocked = 1; bcl->stats.bearer_congs++; - return ~TIPC_OK; + err = ~TIPC_OK; + + out: + kfree(remains_new); + kfree(remains); + return err; } /** diff --git a/net/tipc/bearer.c b/net/tipc/bearer.c index 64dcb0f..e213a8e 100644 --- a/net/tipc/bearer.c +++ b/net/tipc/bearer.c @@ -45,10 +45,10 @@ #define MAX_ADDR_STR 32 -static struct media *media_list = 0; +static struct media *media_list = NULL; static u32 media_count = 0; -struct bearer *tipc_bearers = 0; +struct bearer *tipc_bearers = NULL; /** * media_name_valid - validate media name @@ -79,7 +79,7 @@ static struct media *media_find(const char *name) if (!strcmp(m_ptr->name, name)) return m_ptr; } - return 0; + return NULL; } /** @@ -287,7 +287,7 @@ static struct bearer *bearer_find(const char *name) if (b_ptr->active && (!strcmp(b_ptr->publ.name, name))) return b_ptr; } - return 0; + return NULL; } /** @@ -307,7 +307,7 @@ struct bearer *tipc_bearer_find_interface(const char *if_name) if (!strcmp(b_if_name, if_name)) return b_ptr; } - return 0; + return NULL; } /** @@ -569,7 +569,7 @@ failed: int tipc_block_bearer(const char *name) { - struct bearer *b_ptr = 0; + struct bearer *b_ptr = NULL; struct link *l_ptr; struct link *temp_l_ptr; @@ -666,8 +666,8 @@ int tipc_bearer_init(void) } else { kfree(tipc_bearers); kfree(media_list); - tipc_bearers = 0; - media_list = 0; + tipc_bearers = NULL; + media_list = NULL; res = -ENOMEM; } write_unlock_bh(&tipc_net_lock); @@ -691,8 +691,8 @@ void tipc_bearer_stop(void) } kfree(tipc_bearers); kfree(media_list); - tipc_bearers = 0; - media_list = 0; + tipc_bearers = NULL; + media_list = NULL; media_count = 0; } diff --git a/net/tipc/cluster.c b/net/tipc/cluster.c index ab974ca..1aed815 100644 --- a/net/tipc/cluster.c +++ b/net/tipc/cluster.c @@ -44,11 +44,11 @@ #include "msg.h" #include "bearer.h" -void tipc_cltr_multicast(struct cluster *c_ptr, struct sk_buff *buf, - u32 lower, u32 upper); -struct sk_buff *tipc_cltr_prepare_routing_msg(u32 data_size, u32 dest); +static void tipc_cltr_multicast(struct cluster *c_ptr, struct sk_buff *buf, + u32 lower, u32 upper); +static struct sk_buff *tipc_cltr_prepare_routing_msg(u32 data_size, u32 dest); -struct node **tipc_local_nodes = 0; +struct node **tipc_local_nodes = NULL; struct node_map tipc_cltr_bcast_nodes = {0,{0,}}; u32 tipc_highest_allowed_slave = 0; @@ -61,7 +61,7 @@ struct cluster *tipc_cltr_create(u32 addr) c_ptr = (struct cluster *)kmalloc(sizeof(*c_ptr), GFP_ATOMIC); if (c_ptr == NULL) - return 0; + return NULL; memset(c_ptr, 0, sizeof(*c_ptr)); c_ptr->addr = tipc_addr(tipc_zone(addr), tipc_cluster(addr), 0); @@ -73,7 +73,7 @@ struct cluster *tipc_cltr_create(u32 addr) c_ptr->nodes = (struct node **)kmalloc(alloc, GFP_ATOMIC); if (c_ptr->nodes == NULL) { kfree(c_ptr); - return 0; + return NULL; } memset(c_ptr->nodes, 0, alloc); if (in_own_cluster(addr)) @@ -91,7 +91,7 @@ struct cluster *tipc_cltr_create(u32 addr) } else { kfree(c_ptr); - c_ptr = 0; + c_ptr = NULL; } return c_ptr; @@ -204,7 +204,7 @@ struct node *tipc_cltr_select_node(struct cluster *c_ptr, u32 selector) assert(!in_own_cluster(c_ptr->addr)); if (!c_ptr->highest_node) - return 0; + return NULL; /* Start entry must be random */ while (mask > c_ptr->highest_node) { @@ -222,14 +222,14 @@ struct node *tipc_cltr_select_node(struct cluster *c_ptr, u32 selector) if (tipc_node_has_active_links(c_ptr->nodes[n_num])) return c_ptr->nodes[n_num]; } - return 0; + return NULL; } /* * Routing table management: See description in node.c */ -struct sk_buff *tipc_cltr_prepare_routing_msg(u32 data_size, u32 dest) +static struct sk_buff *tipc_cltr_prepare_routing_msg(u32 data_size, u32 dest) { u32 size = INT_H_SIZE + data_size; struct sk_buff *buf = buf_acquire(size); @@ -495,7 +495,7 @@ void tipc_cltr_remove_as_router(struct cluster *c_ptr, u32 router) * tipc_cltr_multicast - multicast message to local nodes */ -void tipc_cltr_multicast(struct cluster *c_ptr, struct sk_buff *buf, +static void tipc_cltr_multicast(struct cluster *c_ptr, struct sk_buff *buf, u32 lower, u32 upper) { struct sk_buff *buf_copy; diff --git a/net/tipc/cluster.h b/net/tipc/cluster.h index 9963642..1b4cd30 100644 --- a/net/tipc/cluster.h +++ b/net/tipc/cluster.h @@ -86,7 +86,7 @@ static inline struct cluster *tipc_cltr_find(u32 addr) if (z_ptr) return z_ptr->clusters[1]; - return 0; + return NULL; } #endif diff --git a/net/tipc/config.c b/net/tipc/config.c index 3c8e674..48b5de2 100644 --- a/net/tipc/config.c +++ b/net/tipc/config.c @@ -683,11 +683,11 @@ int tipc_cfg_init(void) memset(&mng, 0, sizeof(mng)); INIT_LIST_HEAD(&mng.link_subscribers); - res = tipc_attach(&mng.user_ref, 0, 0); + res = tipc_attach(&mng.user_ref, NULL, NULL); if (res) goto failed; - res = tipc_createport(mng.user_ref, 0, TIPC_CRITICAL_IMPORTANCE, + res = tipc_createport(mng.user_ref, NULL, TIPC_CRITICAL_IMPORTANCE, NULL, NULL, NULL, NULL, cfg_named_msg_event, NULL, NULL, &mng.port_ref); diff --git a/net/tipc/dbg.c b/net/tipc/dbg.c index 4f4beef..26ef95d 100644 --- a/net/tipc/dbg.c +++ b/net/tipc/dbg.c @@ -81,7 +81,7 @@ void tipc_printbuf_init(struct print_buf *pb, char *raw, u32 sz) pb->crs = pb->buf = raw; pb->size = sz; - pb->next = 0; + pb->next = NULL; pb->buf[0] = 0; pb->buf[sz-1] = ~0; } @@ -216,7 +216,7 @@ void tipc_printf(struct print_buf *pb, const char *fmt, ...) } } pb_next = pb->next; - pb->next = 0; + pb->next = NULL; pb = pb_next; } spin_unlock_bh(&print_lock); diff --git a/net/tipc/discover.c b/net/tipc/discover.c index 53ba463..9260138 100644 --- a/net/tipc/discover.c +++ b/net/tipc/discover.c @@ -110,10 +110,10 @@ void tipc_disc_link_event(u32 addr, char *name, int up) * @b_ptr: ptr to bearer issuing message */ -struct sk_buff *tipc_disc_init_msg(u32 type, - u32 req_links, - u32 dest_domain, - struct bearer *b_ptr) +static struct sk_buff *tipc_disc_init_msg(u32 type, + u32 req_links, + u32 dest_domain, + struct bearer *b_ptr) { struct sk_buff *buf = buf_acquire(DSC_H_SIZE); struct tipc_msg *msg; diff --git a/net/tipc/eth_media.c b/net/tipc/eth_media.c index 1f8d83b..7a25278 100644 --- a/net/tipc/eth_media.c +++ b/net/tipc/eth_media.c @@ -169,7 +169,7 @@ static int enable_bearer(struct tipc_bearer *tb_ptr) static void disable_bearer(struct tipc_bearer *tb_ptr) { - ((struct eth_bearer *)tb_ptr->usr_handle)->bearer = 0; + ((struct eth_bearer *)tb_ptr->usr_handle)->bearer = NULL; } /** @@ -285,7 +285,7 @@ void tipc_eth_media_stop(void) for (i = 0; i < MAX_ETH_BEARERS ; i++) { if (eth_bearers[i].bearer) { eth_bearers[i].bearer->blocked = 1; - eth_bearers[i].bearer = 0; + eth_bearers[i].bearer = NULL; } if (eth_bearers[i].dev) { dev_remove_pack(ð_bearers[i].tipc_packet_type); diff --git a/net/tipc/link.c b/net/tipc/link.c index 511872a..784b24b6 100644 --- a/net/tipc/link.c +++ b/net/tipc/link.c @@ -157,13 +157,13 @@ static void link_print(struct link *l_ptr, struct print_buf *buf, } \ } while (0) -static inline void dbg_print_link(struct link *l_ptr, const char *str) +static void dbg_print_link(struct link *l_ptr, const char *str) { if (DBG_OUTPUT) link_print(l_ptr, DBG_OUTPUT, str); } -static inline void dbg_print_buf_chain(struct sk_buff *root_buf) +static void dbg_print_buf_chain(struct sk_buff *root_buf) { if (DBG_OUTPUT) { struct sk_buff *buf = root_buf; @@ -176,50 +176,50 @@ static inline void dbg_print_buf_chain(struct sk_buff *root_buf) } /* - * Simple inlined link routines + * Simple link routines */ -static inline unsigned int align(unsigned int i) +static unsigned int align(unsigned int i) { return (i + 3) & ~3u; } -static inline int link_working_working(struct link *l_ptr) +static int link_working_working(struct link *l_ptr) { return (l_ptr->state == WORKING_WORKING); } -static inline int link_working_unknown(struct link *l_ptr) +static int link_working_unknown(struct link *l_ptr) { return (l_ptr->state == WORKING_UNKNOWN); } -static inline int link_reset_unknown(struct link *l_ptr) +static int link_reset_unknown(struct link *l_ptr) { return (l_ptr->state == RESET_UNKNOWN); } -static inline int link_reset_reset(struct link *l_ptr) +static int link_reset_reset(struct link *l_ptr) { return (l_ptr->state == RESET_RESET); } -static inline int link_blocked(struct link *l_ptr) +static int link_blocked(struct link *l_ptr) { return (l_ptr->exp_msg_count || l_ptr->blocked); } -static inline int link_congested(struct link *l_ptr) +static int link_congested(struct link *l_ptr) { return (l_ptr->out_queue_size >= l_ptr->queue_limit[0]); } -static inline u32 link_max_pkt(struct link *l_ptr) +static u32 link_max_pkt(struct link *l_ptr) { return l_ptr->max_pkt; } -static inline void link_init_max_pkt(struct link *l_ptr) +static void link_init_max_pkt(struct link *l_ptr) { u32 max_pkt; @@ -236,20 +236,20 @@ static inline void link_init_max_pkt(struct link *l_ptr) l_ptr->max_pkt_probes = 0; } -static inline u32 link_next_sent(struct link *l_ptr) +static u32 link_next_sent(struct link *l_ptr) { if (l_ptr->next_out) return msg_seqno(buf_msg(l_ptr->next_out)); return mod(l_ptr->next_out_no); } -static inline u32 link_last_sent(struct link *l_ptr) +static u32 link_last_sent(struct link *l_ptr) { return mod(link_next_sent(l_ptr) - 1); } /* - * Simple non-inlined link routines (i.e. referenced outside this file) + * Simple non-static link routines (i.e. referenced outside this file) */ int tipc_link_is_up(struct link *l_ptr) @@ -396,7 +396,7 @@ static void link_timeout(struct link *l_ptr) tipc_node_unlock(l_ptr->owner); } -static inline void link_set_timer(struct link *l_ptr, u32 time) +static void link_set_timer(struct link *l_ptr, u32 time) { k_start_timer(&l_ptr->timer, time); } @@ -573,7 +573,7 @@ void tipc_link_wakeup_ports(struct link *l_ptr, int all) if (win <= 0) break; list_del_init(&p_ptr->wait_list); - p_ptr->congested_link = 0; + p_ptr->congested_link = NULL; assert(p_ptr->wakeup); spin_lock_bh(p_ptr->publ.lock); p_ptr->publ.congested = 0; @@ -1004,9 +1004,9 @@ static int link_bundle_buf(struct link *l_ptr, return 1; } -static inline void link_add_to_outqueue(struct link *l_ptr, - struct sk_buff *buf, - struct tipc_msg *msg) +static void link_add_to_outqueue(struct link *l_ptr, + struct sk_buff *buf, + struct tipc_msg *msg) { u32 ack = mod(l_ptr->next_in_no - 1); u32 seqno = mod(l_ptr->next_out_no++); @@ -1156,8 +1156,8 @@ int tipc_link_send(struct sk_buff *buf, u32 dest, u32 selector) * Link is locked. Returns user data length. */ -static inline int link_send_buf_fast(struct link *l_ptr, struct sk_buff *buf, - u32 *used_max_pkt) +static int link_send_buf_fast(struct link *l_ptr, struct sk_buff *buf, + u32 *used_max_pkt) { struct tipc_msg *msg = buf_msg(buf); int res = msg_data_sz(msg); @@ -1355,7 +1355,7 @@ again: fragm_crs = 0; fragm_rest = 0; sect_rest = 0; - sect_crs = 0; + sect_crs = NULL; curr_sect = -1; /* Prepare reusable fragment header: */ @@ -1549,7 +1549,7 @@ u32 tipc_link_push_packet(struct link *l_ptr) msg_dbg(buf_msg(buf), ">DEF-PROT>"); l_ptr->unacked_window = 0; buf_discard(buf); - l_ptr->proto_msg_queue = 0; + l_ptr->proto_msg_queue = NULL; return TIPC_OK; } else { msg_dbg(buf_msg(buf), "|>DEF-PROT>"); @@ -1629,7 +1629,7 @@ void tipc_link_retransmit(struct link *l_ptr, struct sk_buff *buf, tipc_msg_print(TIPC_CONS, buf_msg(buf), ">RETR>"); info("...Retransmitted %u times\n", l_ptr->stale_count); - link_print(l_ptr, TIPC_CONS, "Resetting Link\n");; + link_print(l_ptr, TIPC_CONS, "Resetting Link\n"); tipc_link_reset(l_ptr); break; } @@ -1860,7 +1860,7 @@ u32 tipc_link_defer_pkt(struct sk_buff **head, struct sk_buff **tail, struct sk_buff *buf) { - struct sk_buff *prev = 0; + struct sk_buff *prev = NULL; struct sk_buff *crs = *head; u32 seq_no = msg_seqno(buf_msg(buf)); @@ -1953,7 +1953,7 @@ static void link_handle_out_of_seq_msg(struct link *l_ptr, void tipc_link_send_proto_msg(struct link *l_ptr, u32 msg_typ, int probe_msg, u32 gap, u32 tolerance, u32 priority, u32 ack_mtu) { - struct sk_buff *buf = 0; + struct sk_buff *buf = NULL; struct tipc_msg *msg = l_ptr->pmsg; u32 msg_size = sizeof(l_ptr->proto_msg); @@ -2426,7 +2426,7 @@ static int link_recv_changeover_msg(struct link **l_ptr, } } exit: - *buf = 0; + *buf = NULL; buf_discard(tunnel_buf); return 0; } @@ -2539,42 +2539,37 @@ exit: * pending message. This makes dynamic memory allocation unecessary. */ -static inline u32 get_long_msg_seqno(struct sk_buff *buf) -{ - return msg_seqno(buf_msg(buf)); -} - -static inline void set_long_msg_seqno(struct sk_buff *buf, u32 seqno) +static void set_long_msg_seqno(struct sk_buff *buf, u32 seqno) { msg_set_seqno(buf_msg(buf), seqno); } -static inline u32 get_fragm_size(struct sk_buff *buf) +static u32 get_fragm_size(struct sk_buff *buf) { return msg_ack(buf_msg(buf)); } -static inline void set_fragm_size(struct sk_buff *buf, u32 sz) +static void set_fragm_size(struct sk_buff *buf, u32 sz) { msg_set_ack(buf_msg(buf), sz); } -static inline u32 get_expected_frags(struct sk_buff *buf) +static u32 get_expected_frags(struct sk_buff *buf) { return msg_bcast_ack(buf_msg(buf)); } -static inline void set_expected_frags(struct sk_buff *buf, u32 exp) +static void set_expected_frags(struct sk_buff *buf, u32 exp) { msg_set_bcast_ack(buf_msg(buf), exp); } -static inline u32 get_timer_cnt(struct sk_buff *buf) +static u32 get_timer_cnt(struct sk_buff *buf) { return msg_reroute_cnt(buf_msg(buf)); } -static inline void incr_timer_cnt(struct sk_buff *buf) +static void incr_timer_cnt(struct sk_buff *buf) { msg_incr_reroute_cnt(buf_msg(buf)); } @@ -2586,13 +2581,13 @@ static inline void incr_timer_cnt(struct sk_buff *buf) int tipc_link_recv_fragment(struct sk_buff **pending, struct sk_buff **fb, struct tipc_msg **m) { - struct sk_buff *prev = 0; + struct sk_buff *prev = NULL; struct sk_buff *fbuf = *fb; struct tipc_msg *fragm = buf_msg(fbuf); struct sk_buff *pbuf = *pending; u32 long_msg_seq_no = msg_long_msgno(fragm); - *fb = 0; + *fb = NULL; msg_dbg(fragm,"FRG<REC<"); /* Is there an incomplete message waiting for this fragment? */ @@ -2670,8 +2665,8 @@ int tipc_link_recv_fragment(struct sk_buff **pending, struct sk_buff **fb, static void link_check_defragm_bufs(struct link *l_ptr) { - struct sk_buff *prev = 0; - struct sk_buff *next = 0; + struct sk_buff *prev = NULL; + struct sk_buff *next = NULL; struct sk_buff *buf = l_ptr->defragm_buf; if (!buf) @@ -2750,19 +2745,19 @@ static struct link *link_find_link(const char *name, struct node **node) struct link *l_ptr; if (!link_name_validate(name, &link_name_parts)) - return 0; + return NULL; b_ptr = tipc_bearer_find_interface(link_name_parts.if_local); if (!b_ptr) - return 0; + return NULL; *node = tipc_node_find(link_name_parts.addr_peer); if (!*node) - return 0; + return NULL; l_ptr = (*node)->links[b_ptr->identity]; if (!l_ptr || strcmp(l_ptr->name, name)) - return 0; + return NULL; return l_ptr; } diff --git a/net/tipc/name_distr.c b/net/tipc/name_distr.c index 830f909..953307a 100644 --- a/net/tipc/name_distr.c +++ b/net/tipc/name_distr.c @@ -168,8 +168,8 @@ void tipc_named_withdraw(struct publication *publ) void tipc_named_node_up(unsigned long node) { struct publication *publ; - struct distr_item *item = 0; - struct sk_buff *buf = 0; + struct distr_item *item = NULL; + struct sk_buff *buf = NULL; u32 left = 0; u32 rest; u32 max_item_buf; @@ -200,7 +200,7 @@ void tipc_named_node_up(unsigned long node) "<%u.%u.%u>\n", tipc_zone(node), tipc_cluster(node), tipc_node(node)); tipc_link_send(buf, node, node); - buf = 0; + buf = NULL; } } exit: diff --git a/net/tipc/name_table.c b/net/tipc/name_table.c index 3f4b23b..d129422 100644 --- a/net/tipc/name_table.c +++ b/net/tipc/name_table.c @@ -46,7 +46,7 @@ #include "cluster.h" #include "bcast.h" -int tipc_nametbl_size = 1024; /* must be a power of 2 */ +static int tipc_nametbl_size = 1024; /* must be a power of 2 */ /** * struct sub_seq - container for all published instances of a name sequence @@ -104,7 +104,7 @@ static atomic_t rsv_publ_ok = ATOMIC_INIT(0); rwlock_t tipc_nametbl_lock = RW_LOCK_UNLOCKED; -static inline int hash(int x) +static int hash(int x) { return(x & (tipc_nametbl_size - 1)); } @@ -121,7 +121,7 @@ static struct publication *publ_create(u32 type, u32 lower, u32 upper, (struct publication *)kmalloc(sizeof(*publ), GFP_ATOMIC); if (publ == NULL) { warn("Memory squeeze; failed to create publication\n"); - return 0; + return NULL; } memset(publ, 0, sizeof(*publ)); @@ -142,7 +142,7 @@ static struct publication *publ_create(u32 type, u32 lower, u32 upper, * tipc_subseq_alloc - allocate a specified number of sub-sequence structures */ -struct sub_seq *tipc_subseq_alloc(u32 cnt) +static struct sub_seq *tipc_subseq_alloc(u32 cnt) { u32 sz = cnt * sizeof(struct sub_seq); struct sub_seq *sseq = (struct sub_seq *)kmalloc(sz, GFP_ATOMIC); @@ -158,7 +158,7 @@ struct sub_seq *tipc_subseq_alloc(u32 cnt) * Allocates a single sub-sequence structure and sets it to all 0's. */ -struct name_seq *tipc_nameseq_create(u32 type, struct hlist_head *seq_head) +static struct name_seq *tipc_nameseq_create(u32 type, struct hlist_head *seq_head) { struct name_seq *nseq = (struct name_seq *)kmalloc(sizeof(*nseq), GFP_ATOMIC); @@ -168,7 +168,7 @@ struct name_seq *tipc_nameseq_create(u32 type, struct hlist_head *seq_head) warn("Memory squeeze; failed to create name sequence\n"); kfree(nseq); kfree(sseq); - return 0; + return NULL; } memset(nseq, 0, sizeof(*nseq)); @@ -190,8 +190,8 @@ struct name_seq *tipc_nameseq_create(u32 type, struct hlist_head *seq_head) * Very time-critical, so binary searches through sub-sequence array. */ -static inline struct sub_seq *nameseq_find_subseq(struct name_seq *nseq, - u32 instance) +static struct sub_seq *nameseq_find_subseq(struct name_seq *nseq, + u32 instance) { struct sub_seq *sseqs = nseq->sseqs; int low = 0; @@ -207,7 +207,7 @@ static inline struct sub_seq *nameseq_find_subseq(struct name_seq *nseq, else return &sseqs[mid]; } - return 0; + return NULL; } /** @@ -243,9 +243,9 @@ static u32 nameseq_locate_subseq(struct name_seq *nseq, u32 instance) * tipc_nameseq_insert_publ - */ -struct publication *tipc_nameseq_insert_publ(struct name_seq *nseq, - u32 type, u32 lower, u32 upper, - u32 scope, u32 node, u32 port, u32 key) +static struct publication *tipc_nameseq_insert_publ(struct name_seq *nseq, + u32 type, u32 lower, u32 upper, + u32 scope, u32 node, u32 port, u32 key) { struct subscription *s; struct subscription *st; @@ -263,7 +263,7 @@ struct publication *tipc_nameseq_insert_publ(struct name_seq *nseq, if ((sseq->lower != lower) || (sseq->upper != upper)) { warn("Overlapping publ <%u,%u,%u>\n", type, lower, upper); - return 0; + return NULL; } } else { u32 inspos; @@ -278,7 +278,7 @@ struct publication *tipc_nameseq_insert_publ(struct name_seq *nseq, if ((inspos < nseq->first_free) && (upper >= nseq->sseqs[inspos].lower)) { warn("Overlapping publ <%u,%u,%u>\n", type, lower, upper); - return 0; + return NULL; } /* Ensure there is space for new sub-sequence */ @@ -294,7 +294,7 @@ struct publication *tipc_nameseq_insert_publ(struct name_seq *nseq, nseq->alloc *= 2; } else { warn("Memory squeeze; failed to create sub-sequence\n"); - return 0; + return NULL; } } dbg("Have %u sseqs for type %u\n", nseq->alloc, type); @@ -319,7 +319,7 @@ struct publication *tipc_nameseq_insert_publ(struct name_seq *nseq, publ = publ_create(type, lower, upper, scope, node, port, key); if (!publ) - return 0; + return NULL; dbg("inserting publ %x, node=%x publ->node=%x, subscr->node=%x\n", publ, node, publ->node, publ->subscr.node); @@ -369,8 +369,8 @@ struct publication *tipc_nameseq_insert_publ(struct name_seq *nseq, * tipc_nameseq_remove_publ - */ -struct publication *tipc_nameseq_remove_publ(struct name_seq *nseq, u32 inst, - u32 node, u32 ref, u32 key) +static struct publication *tipc_nameseq_remove_publ(struct name_seq *nseq, u32 inst, + u32 node, u32 ref, u32 key) { struct publication *publ; struct publication *prev; @@ -394,7 +394,7 @@ struct publication *tipc_nameseq_remove_publ(struct name_seq *nseq, u32 inst, i, &nseq->sseqs[i], nseq->sseqs[i].lower, nseq->sseqs[i].upper); } - return 0; + return NULL; } dbg("nameseq_remove: seq: %x, sseq %x, <%u,%u> key %u\n", nseq, sseq, nseq->type, inst, key); @@ -413,7 +413,7 @@ struct publication *tipc_nameseq_remove_publ(struct name_seq *nseq, u32 inst, prev->zone_list_next = publ->zone_list_next; sseq->zone_list = publ->zone_list_next; } else { - sseq->zone_list = 0; + sseq->zone_list = NULL; } if (in_own_cluster(node)) { @@ -431,7 +431,7 @@ struct publication *tipc_nameseq_remove_publ(struct name_seq *nseq, u32 inst, prev->cluster_list_next = publ->cluster_list_next; sseq->cluster_list = publ->cluster_list_next; } else { - sseq->cluster_list = 0; + sseq->cluster_list = NULL; } } @@ -450,7 +450,7 @@ struct publication *tipc_nameseq_remove_publ(struct name_seq *nseq, u32 inst, prev->node_list_next = publ->node_list_next; sseq->node_list = publ->node_list_next; } else { - sseq->node_list = 0; + sseq->node_list = NULL; } } assert(!publ->node || (publ->node == node)); @@ -535,7 +535,7 @@ static struct name_seq *nametbl_find_seq(u32 type) } } - return 0; + return NULL; }; struct publication *tipc_nametbl_insert_publ(u32 type, u32 lower, u32 upper, @@ -547,7 +547,7 @@ struct publication *tipc_nametbl_insert_publ(u32 type, u32 lower, u32 upper, if (lower > upper) { warn("Failed to publish illegal <%u,%u,%u>\n", type, lower, upper); - return 0; + return NULL; } dbg("Publishing <%u,%u,%u> from %x\n", type, lower, upper, node); @@ -556,7 +556,7 @@ struct publication *tipc_nametbl_insert_publ(u32 type, u32 lower, u32 upper, dbg("tipc_nametbl_insert_publ: created %x\n", seq); } if (!seq) - return 0; + return NULL; assert(seq->type == type); return tipc_nameseq_insert_publ(seq, type, lower, upper, @@ -570,7 +570,7 @@ struct publication *tipc_nametbl_remove_publ(u32 type, u32 lower, struct name_seq *seq = nametbl_find_seq(type); if (!seq) - return 0; + return NULL; dbg("Withdrawing <%u,%u> from %x\n", type, lower, node); publ = tipc_nameseq_remove_publ(seq, lower, node, ref, key); @@ -594,7 +594,7 @@ struct publication *tipc_nametbl_remove_publ(u32 type, u32 lower, u32 tipc_nametbl_translate(u32 type, u32 instance, u32 *destnode) { struct sub_seq *sseq; - struct publication *publ = 0; + struct publication *publ = NULL; struct name_seq *seq; u32 ref; @@ -740,12 +740,12 @@ struct publication *tipc_nametbl_publish(u32 type, u32 lower, u32 upper, if (table.local_publ_count >= tipc_max_publications) { warn("Failed publish: max %u local publication\n", tipc_max_publications); - return 0; + return NULL; } if ((type < TIPC_RESERVED_TYPES) && !atomic_read(&rsv_publ_ok)) { warn("Failed to publish reserved name <%u,%u,%u>\n", type, lower, upper); - return 0; + return NULL; } write_lock_bh(&tipc_nametbl_lock); @@ -983,6 +983,7 @@ static void nametbl_list(struct print_buf *buf, u32 depth_info, } } +#if 0 void tipc_nametbl_print(struct print_buf *buf, const char *str) { tipc_printf(buf, str); @@ -990,6 +991,7 @@ void tipc_nametbl_print(struct print_buf *buf, const char *str) nametbl_list(buf, 0, 0, 0, 0); read_unlock_bh(&tipc_nametbl_lock); } +#endif #define MAX_NAME_TBL_QUERY 32768 @@ -1023,10 +1025,12 @@ struct sk_buff *tipc_nametbl_get(const void *req_tlv_area, int req_tlv_space) return buf; } +#if 0 void tipc_nametbl_dump(void) { nametbl_list(TIPC_CONS, 0, 0, 0, 0); } +#endif int tipc_nametbl_init(void) { diff --git a/net/tipc/net.c b/net/tipc/net.c index 074891a..f7c8223 100644 --- a/net/tipc/net.c +++ b/net/tipc/net.c @@ -116,7 +116,7 @@ */ rwlock_t tipc_net_lock = RW_LOCK_UNLOCKED; -struct network tipc_net = { 0 }; +struct network tipc_net = { NULL }; struct node *tipc_net_select_remote_node(u32 addr, u32 ref) { @@ -128,13 +128,14 @@ u32 tipc_net_select_router(u32 addr, u32 ref) return tipc_zone_select_router(tipc_net.zones[tipc_zone(addr)], addr, ref); } - +#if 0 u32 tipc_net_next_node(u32 a) { if (tipc_net.zones[tipc_zone(a)]) return tipc_zone_next_node(a); return 0; } +#endif void tipc_net_remove_as_router(u32 router) { @@ -181,7 +182,7 @@ static void net_stop(void) tipc_zone_delete(tipc_net.zones[z_num]); } kfree(tipc_net.zones); - tipc_net.zones = 0; + tipc_net.zones = NULL; } static void net_route_named_msg(struct sk_buff *buf) diff --git a/net/tipc/node.c b/net/tipc/node.c index 6d65010..0d5db06 100644 --- a/net/tipc/node.c +++ b/net/tipc/node.c @@ -155,7 +155,7 @@ static void node_select_active_links(struct node *n_ptr) u32 i; u32 highest_prio = 0; - active[0] = active[1] = 0; + active[0] = active[1] = NULL; for (i = 0; i < MAX_BEARERS; i++) { struct link *l_ptr = n_ptr->links[i]; @@ -214,7 +214,7 @@ int tipc_node_has_redundant_links(struct node *n_ptr) (n_ptr->active_links[0] != n_ptr->active_links[1])); } -int tipc_node_has_active_routes(struct node *n_ptr) +static int tipc_node_has_active_routes(struct node *n_ptr) { return (n_ptr && (n_ptr->last_router >= 0)); } @@ -240,7 +240,7 @@ struct node *tipc_node_attach_link(struct link *l_ptr) err("Attempt to create third link to %s\n", addr_string_fill(addr_string, n_ptr->addr)); - return 0; + return NULL; } if (!n_ptr->links[bearer_id]) { @@ -253,12 +253,12 @@ struct node *tipc_node_attach_link(struct link *l_ptr) l_ptr->b_ptr->publ.name, addr_string_fill(addr_string, l_ptr->addr)); } - return 0; + return NULL; } void tipc_node_detach_link(struct node *n_ptr, struct link *l_ptr) { - n_ptr->links[l_ptr->b_ptr->identity] = 0; + n_ptr->links[l_ptr->b_ptr->identity] = NULL; tipc_net.zones[tipc_zone(l_ptr->addr)]->links--; n_ptr->link_cnt--; } @@ -424,7 +424,7 @@ static void node_lost_contact(struct node *n_ptr) /* Notify subscribers */ list_for_each_entry_safe(ns, tns, &n_ptr->nsub, nodesub_list) { - ns->node = 0; + ns->node = NULL; list_del_init(&ns->nodesub_list); tipc_k_signal((Handler)ns->handle_node_down, (unsigned long)ns->usr_handle); @@ -443,7 +443,7 @@ struct node *tipc_node_select_next_hop(u32 addr, u32 selector) u32 router_addr; if (!tipc_addr_domain_valid(addr)) - return 0; + return NULL; /* Look for direct link to destination processsor */ n_ptr = tipc_node_find(addr); @@ -452,7 +452,7 @@ struct node *tipc_node_select_next_hop(u32 addr, u32 selector) /* Cluster local system nodes *must* have direct links */ if (!is_slave(addr) && in_own_cluster(addr)) - return 0; + return NULL; /* Look for cluster local router with direct link to node */ router_addr = tipc_node_select_router(n_ptr, selector); @@ -462,7 +462,7 @@ struct node *tipc_node_select_next_hop(u32 addr, u32 selector) /* Slave nodes can only be accessed within own cluster via a known router with direct link -- if no router was found,give up */ if (is_slave(addr)) - return 0; + return NULL; /* Inter zone/cluster -- find any direct link to remote cluster */ addr = tipc_addr(tipc_zone(addr), tipc_cluster(addr), 0); @@ -475,7 +475,7 @@ struct node *tipc_node_select_next_hop(u32 addr, u32 selector) if (router_addr) return tipc_node_select(router_addr, selector); - return 0; + return NULL; } /** diff --git a/net/tipc/node.h b/net/tipc/node.h index 29f7ae6..781126e 100644 --- a/net/tipc/node.h +++ b/net/tipc/node.h @@ -121,7 +121,7 @@ static inline struct node *tipc_node_find(u32 addr) if (c_ptr) return c_ptr->nodes[tipc_node(addr)]; } - return 0; + return NULL; } static inline struct node *tipc_node_select(u32 addr, u32 selector) diff --git a/net/tipc/node_subscr.c b/net/tipc/node_subscr.c index afeea12..cff4068 100644 --- a/net/tipc/node_subscr.c +++ b/net/tipc/node_subscr.c @@ -47,7 +47,7 @@ void tipc_nodesub_subscribe(struct node_subscr *node_sub, u32 addr, void *usr_handle, net_ev_handler handle_down) { - node_sub->node = 0; + node_sub->node = NULL; if (addr == tipc_own_addr) return; if (!tipc_addr_node_valid(addr)) { diff --git a/net/tipc/port.c b/net/tipc/port.c index 72aae52..67e96cb 100644 --- a/net/tipc/port.c +++ b/net/tipc/port.c @@ -54,8 +54,8 @@ #define MAX_REJECT_SIZE 1024 -static struct sk_buff *msg_queue_head = 0; -static struct sk_buff *msg_queue_tail = 0; +static struct sk_buff *msg_queue_head = NULL; +static struct sk_buff *msg_queue_tail = NULL; spinlock_t tipc_port_list_lock = SPIN_LOCK_UNLOCKED; static spinlock_t queue_lock = SPIN_LOCK_UNLOCKED; @@ -67,27 +67,22 @@ static struct sk_buff* port_build_peer_abort_msg(struct port *,u32 err); static void port_timeout(unsigned long ref); -static inline u32 port_peernode(struct port *p_ptr) +static u32 port_peernode(struct port *p_ptr) { return msg_destnode(&p_ptr->publ.phdr); } -static inline u32 port_peerport(struct port *p_ptr) +static u32 port_peerport(struct port *p_ptr) { return msg_destport(&p_ptr->publ.phdr); } -static inline u32 port_out_seqno(struct port *p_ptr) +static u32 port_out_seqno(struct port *p_ptr) { return msg_transp_seqno(&p_ptr->publ.phdr); } -static inline void port_set_out_seqno(struct port *p_ptr, u32 seqno) -{ - msg_set_transp_seqno(&p_ptr->publ.phdr,seqno); -} - -static inline void port_incr_out_seqno(struct port *p_ptr) +static void port_incr_out_seqno(struct port *p_ptr) { struct tipc_msg *m = &p_ptr->publ.phdr; @@ -258,11 +253,11 @@ u32 tipc_createport_raw(void *usr_handle, p_ptr->publ.usr_handle = usr_handle; INIT_LIST_HEAD(&p_ptr->wait_list); INIT_LIST_HEAD(&p_ptr->subscription.nodesub_list); - p_ptr->congested_link = 0; + p_ptr->congested_link = NULL; p_ptr->max_pkt = MAX_PKT_DEFAULT; p_ptr->dispatcher = dispatcher; p_ptr->wakeup = wakeup; - p_ptr->user_port = 0; + p_ptr->user_port = NULL; k_init_timer(&p_ptr->timer, (Handler)port_timeout, ref); spin_lock_bh(&tipc_port_list_lock); INIT_LIST_HEAD(&p_ptr->publications); @@ -276,9 +271,9 @@ u32 tipc_createport_raw(void *usr_handle, int tipc_deleteport(u32 ref) { struct port *p_ptr; - struct sk_buff *buf = 0; + struct sk_buff *buf = NULL; - tipc_withdraw(ref, 0, 0); + tipc_withdraw(ref, 0, NULL); p_ptr = tipc_port_lock(ref); if (!p_ptr) return -EINVAL; @@ -329,13 +324,13 @@ void *tipc_get_handle(const u32 ref) p_ptr = tipc_port_lock(ref); if (!p_ptr) - return 0; + return NULL; handle = p_ptr->publ.usr_handle; tipc_port_unlock(p_ptr); return handle; } -static inline int port_unreliable(struct port *p_ptr) +static int port_unreliable(struct port *p_ptr) { return msg_src_droppable(&p_ptr->publ.phdr); } @@ -364,7 +359,7 @@ int tipc_set_portunreliable(u32 ref, unsigned int isunreliable) return TIPC_OK; } -static inline int port_unreturnable(struct port *p_ptr) +static int port_unreturnable(struct port *p_ptr) { return msg_dest_droppable(&p_ptr->publ.phdr); } @@ -475,7 +470,7 @@ int tipc_reject_msg(struct sk_buff *buf, u32 err) /* send self-abort message when rejecting on a connected port */ if (msg_connected(msg)) { - struct sk_buff *abuf = 0; + struct sk_buff *abuf = NULL; struct port *p_ptr = tipc_port_lock(msg_destport(msg)); if (p_ptr) { @@ -510,7 +505,7 @@ int tipc_port_reject_sections(struct port *p_ptr, struct tipc_msg *hdr, static void port_timeout(unsigned long ref) { struct port *p_ptr = tipc_port_lock(ref); - struct sk_buff *buf = 0; + struct sk_buff *buf = NULL; if (!p_ptr || !p_ptr->publ.connected) return; @@ -540,7 +535,7 @@ static void port_timeout(unsigned long ref) static void port_handle_node_down(unsigned long ref) { struct port *p_ptr = tipc_port_lock(ref); - struct sk_buff* buf = 0; + struct sk_buff* buf = NULL; if (!p_ptr) return; @@ -555,7 +550,7 @@ static struct sk_buff *port_build_self_abort_msg(struct port *p_ptr, u32 err) u32 imp = msg_importance(&p_ptr->publ.phdr); if (!p_ptr->publ.connected) - return 0; + return NULL; if (imp < TIPC_CRITICAL_IMPORTANCE) imp++; return port_build_proto_msg(p_ptr->publ.ref, @@ -575,7 +570,7 @@ static struct sk_buff *port_build_peer_abort_msg(struct port *p_ptr, u32 err) u32 imp = msg_importance(&p_ptr->publ.phdr); if (!p_ptr->publ.connected) - return 0; + return NULL; if (imp < TIPC_CRITICAL_IMPORTANCE) imp++; return port_build_proto_msg(port_peerport(p_ptr), @@ -594,8 +589,8 @@ void tipc_port_recv_proto_msg(struct sk_buff *buf) struct tipc_msg *msg = buf_msg(buf); struct port *p_ptr = tipc_port_lock(msg_destport(msg)); u32 err = TIPC_OK; - struct sk_buff *r_buf = 0; - struct sk_buff *abort_buf = 0; + struct sk_buff *r_buf = NULL; + struct sk_buff *abort_buf = NULL; msg_dbg(msg, "PORT<RECV<:"); @@ -804,7 +799,7 @@ static void port_dispatcher_sigh(void *dummy) spin_lock_bh(&queue_lock); buf = msg_queue_head; - msg_queue_head = 0; + msg_queue_head = NULL; spin_unlock_bh(&queue_lock); while (buf) { @@ -991,8 +986,8 @@ static void port_wakeup_sh(unsigned long ref) { struct port *p_ptr; struct user_port *up_ptr; - tipc_continue_event cb = 0; - void *uh = 0; + tipc_continue_event cb = NULL; + void *uh = NULL; p_ptr = tipc_port_lock(ref); if (p_ptr) { @@ -1016,7 +1011,7 @@ static void port_wakeup(struct tipc_port *p_ptr) void tipc_acknowledge(u32 ref, u32 ack) { struct port *p_ptr; - struct sk_buff *buf = 0; + struct sk_buff *buf = NULL; p_ptr = tipc_port_lock(ref); if (!p_ptr) @@ -1062,7 +1057,7 @@ int tipc_createport(u32 user_ref, if (up_ptr == NULL) { return -ENOMEM; } - ref = tipc_createport_raw(0, port_dispatcher, port_wakeup, importance); + ref = tipc_createport_raw(NULL, port_dispatcher, port_wakeup, importance); p_ptr = tipc_port_lock(ref); if (!p_ptr) { kfree(up_ptr); @@ -1273,7 +1268,7 @@ int tipc_disconnect(u32 ref) int tipc_shutdown(u32 ref) { struct port *p_ptr; - struct sk_buff *buf = 0; + struct sk_buff *buf = NULL; p_ptr = tipc_port_lock(ref); if (!p_ptr) diff --git a/net/tipc/ref.c b/net/tipc/ref.c index 5a13c2d..33bbf50 100644 --- a/net/tipc/ref.c +++ b/net/tipc/ref.c @@ -61,7 +61,7 @@ * because entry 0's reference field has the form XXXX|1--1. */ -struct ref_table tipc_ref_table = { 0 }; +struct ref_table tipc_ref_table = { NULL }; static rwlock_t ref_table_lock = RW_LOCK_UNLOCKED; @@ -86,7 +86,7 @@ int tipc_ref_table_init(u32 requested_size, u32 start) write_lock_bh(&ref_table_lock); index_mask = sz - 1; for (i = sz - 1; i >= 0; i--) { - table[i].object = 0; + table[i].object = NULL; table[i].lock = SPIN_LOCK_UNLOCKED; table[i].data.next_plus_upper = (start & ~index_mask) + i - 1; } @@ -108,7 +108,7 @@ void tipc_ref_table_stop(void) return; vfree(tipc_ref_table.entries); - tipc_ref_table.entries = 0; + tipc_ref_table.entries = NULL; } /** @@ -173,7 +173,7 @@ void tipc_ref_discard(u32 ref) assert(entry->data.reference == ref); /* mark entry as unused */ - entry->object = 0; + entry->object = NULL; if (tipc_ref_table.first_free == 0) tipc_ref_table.first_free = index; else diff --git a/net/tipc/ref.h b/net/tipc/ref.h index 4f8f9f40..6d20006 100644 --- a/net/tipc/ref.h +++ b/net/tipc/ref.h @@ -92,7 +92,7 @@ static inline void *tipc_ref_lock(u32 ref) return r->object; spin_unlock_bh(&r->lock); } - return 0; + return NULL; } /** @@ -125,7 +125,7 @@ static inline void *tipc_ref_deref(u32 ref) if (likely(r->data.reference == ref)) return r->object; } - return 0; + return NULL; } #endif diff --git a/net/tipc/socket.c b/net/tipc/socket.c index 67253bf..648a734 100644 --- a/net/tipc/socket.c +++ b/net/tipc/socket.c @@ -88,7 +88,7 @@ static atomic_t tipc_queue_size = ATOMIC_INIT(0); * with non-socket interfaces. * See net.c for description of locking policy. */ -static inline void sock_lock(struct tipc_sock* tsock) +static void sock_lock(struct tipc_sock* tsock) { spin_lock_bh(tsock->p->lock); } @@ -96,7 +96,7 @@ static inline void sock_lock(struct tipc_sock* tsock) /* * sock_unlock(): Unlock a port/socket pair */ -static inline void sock_unlock(struct tipc_sock* tsock) +static void sock_unlock(struct tipc_sock* tsock) { spin_unlock_bh(tsock->p->lock); } @@ -119,7 +119,7 @@ static inline void sock_unlock(struct tipc_sock* tsock) * Returns pollmask value */ -static inline u32 pollmask(struct socket *sock) +static u32 pollmask(struct socket *sock) { u32 mask; @@ -144,7 +144,7 @@ static inline u32 pollmask(struct socket *sock) * @tsock: TIPC socket */ -static inline void advance_queue(struct tipc_sock *tsock) +static void advance_queue(struct tipc_sock *tsock) { sock_lock(tsock); buf_discard(skb_dequeue(&tsock->sk.sk_receive_queue)); @@ -178,7 +178,7 @@ static int tipc_create(struct socket *sock, int protocol) if (unlikely(protocol != 0)) return -EPROTONOSUPPORT; - ref = tipc_createport_raw(0, &dispatch, &wakeupdispatch, TIPC_LOW_IMPORTANCE); + ref = tipc_createport_raw(NULL, &dispatch, &wakeupdispatch, TIPC_LOW_IMPORTANCE); if (unlikely(!ref)) return -ENOMEM; @@ -265,7 +265,7 @@ static int release(struct socket *sock) sock_lock(tsock); buf = skb_dequeue(&sk->sk_receive_queue); if (!buf) - tsock->p->usr_handle = 0; + tsock->p->usr_handle = NULL; sock_unlock(tsock); if (!buf) break; @@ -319,7 +319,7 @@ static int bind(struct socket *sock, struct sockaddr *uaddr, int uaddr_len) return -ERESTARTSYS; if (unlikely(!uaddr_len)) { - res = tipc_withdraw(tsock->p->ref, 0, 0); + res = tipc_withdraw(tsock->p->ref, 0, NULL); goto exit; } @@ -412,7 +412,7 @@ static unsigned int poll(struct file *file, struct socket *sock, * Returns 0 if permission is granted, otherwise errno */ -static inline int dest_name_check(struct sockaddr_tipc *dest, struct msghdr *m) +static int dest_name_check(struct sockaddr_tipc *dest, struct msghdr *m) { struct tipc_cfg_msg_hdr hdr; @@ -695,7 +695,7 @@ static int auto_connect(struct socket *sock, struct tipc_sock *tsock, * Note: Address is not captured if not requested by receiver. */ -static inline void set_orig_addr(struct msghdr *m, struct tipc_msg *msg) +static void set_orig_addr(struct msghdr *m, struct tipc_msg *msg) { struct sockaddr_tipc *addr = (struct sockaddr_tipc *)m->msg_name; @@ -721,7 +721,7 @@ static inline void set_orig_addr(struct msghdr *m, struct tipc_msg *msg) * Returns 0 if successful, otherwise errno */ -static inline int anc_data_recv(struct msghdr *m, struct tipc_msg *msg, +static int anc_data_recv(struct msghdr *m, struct tipc_msg *msg, struct tipc_port *tport) { u32 anc_data[3]; @@ -1226,7 +1226,7 @@ static int connect(struct socket *sock, struct sockaddr *dest, int destlen, { struct tipc_sock *tsock = tipc_sk(sock->sk); struct sockaddr_tipc *dst = (struct sockaddr_tipc *)dest; - struct msghdr m = {0,}; + struct msghdr m = {NULL,}; struct sk_buff *buf; struct tipc_msg *msg; int res; @@ -1251,7 +1251,7 @@ static int connect(struct socket *sock, struct sockaddr *dest, int destlen, /* Send a 'SYN-' to destination */ m.msg_name = dest; - if ((res = send_msg(0, sock, &m, 0)) < 0) { + if ((res = send_msg(NULL, sock, &m, 0)) < 0) { sock->state = SS_DISCONNECTING; return res; } @@ -1367,9 +1367,9 @@ static int accept(struct socket *sock, struct socket *newsock, int flags) msg_dbg(msg,"<ACC<: "); if (!msg_data_sz(msg)) { - struct msghdr m = {0,}; + struct msghdr m = {NULL,}; - send_packet(0, newsock, &m, 0); + send_packet(NULL, newsock, &m, 0); advance_queue(tsock); } else { sock_lock(tsock); diff --git a/net/tipc/subscr.c b/net/tipc/subscr.c index 5ff38b9..c5f026c 100644 --- a/net/tipc/subscr.c +++ b/net/tipc/subscr.c @@ -86,7 +86,7 @@ static struct top_srv topsrv = { 0 }; * Returns converted value */ -static inline u32 htohl(u32 in, int swap) +static u32 htohl(u32 in, int swap) { char *c = (char *)∈ @@ -381,7 +381,7 @@ static void subscr_named_msg_event(void *usr_handle, struct tipc_name_seq const *dest) { struct subscriber *subscriber; - struct iovec msg_sect = {0, 0}; + struct iovec msg_sect = {NULL, 0}; spinlock_t *subscriber_lock; dbg("subscr_named_msg_event: orig = %x own = %x,\n", @@ -413,13 +413,13 @@ static void subscr_named_msg_event(void *usr_handle, tipc_createport(topsrv.user_ref, (void *)(unsigned long)subscriber->ref, importance, - 0, - 0, + NULL, + NULL, subscr_conn_shutdown_event, - 0, - 0, + NULL, + NULL, subscr_conn_msg_event, - 0, + NULL, &subscriber->port_ref); if (subscriber->port_ref == 0) { warn("Memory squeeze; failed to create subscription port\n"); @@ -461,22 +461,22 @@ int tipc_subscr_start(void) INIT_LIST_HEAD(&topsrv.subscriber_list); spin_lock_bh(&topsrv.lock); - res = tipc_attach(&topsrv.user_ref, 0, 0); + res = tipc_attach(&topsrv.user_ref, NULL, NULL); if (res) { spin_unlock_bh(&topsrv.lock); return res; } res = tipc_createport(topsrv.user_ref, - 0, + NULL, TIPC_CRITICAL_IMPORTANCE, - 0, - 0, - 0, - 0, + NULL, + NULL, + NULL, + NULL, subscr_named_msg_event, - 0, - 0, + NULL, + NULL, &topsrv.setup_port); if (res) goto failed; diff --git a/net/tipc/user_reg.c b/net/tipc/user_reg.c index 106200d..3f3f933 100644 --- a/net/tipc/user_reg.c +++ b/net/tipc/user_reg.c @@ -65,7 +65,7 @@ struct tipc_user { #define MAX_USERID 64 #define USER_LIST_SIZE ((MAX_USERID + 1) * sizeof(struct tipc_user)) -static struct tipc_user *users = 0; +static struct tipc_user *users = NULL; static u32 next_free_user = MAX_USERID + 1; static spinlock_t reg_lock = SPIN_LOCK_UNLOCKED; @@ -149,7 +149,7 @@ void tipc_reg_stop(void) reg_callback(&users[id]); } kfree(users); - users = 0; + users = NULL; } /** diff --git a/net/tipc/zone.c b/net/tipc/zone.c index 7c11f7f..2803e1b 100644 --- a/net/tipc/zone.c +++ b/net/tipc/zone.c @@ -44,11 +44,11 @@ struct _zone *tipc_zone_create(u32 addr) { - struct _zone *z_ptr = 0; + struct _zone *z_ptr = NULL; u32 z_num; if (!tipc_addr_domain_valid(addr)) - return 0; + return NULL; z_ptr = (struct _zone *)kmalloc(sizeof(*z_ptr), GFP_ATOMIC); if (z_ptr != NULL) { @@ -114,10 +114,10 @@ struct node *tipc_zone_select_remote_node(struct _zone *z_ptr, u32 addr, u32 ref u32 c_num; if (!z_ptr) - return 0; + return NULL; c_ptr = z_ptr->clusters[tipc_cluster(addr)]; if (!c_ptr) - return 0; + return NULL; n_ptr = tipc_cltr_select_node(c_ptr, ref); if (n_ptr) return n_ptr; @@ -126,12 +126,12 @@ struct node *tipc_zone_select_remote_node(struct _zone *z_ptr, u32 addr, u32 ref for (c_num = 1; c_num <= tipc_max_clusters; c_num++) { c_ptr = z_ptr->clusters[c_num]; if (!c_ptr) - return 0; + return NULL; n_ptr = tipc_cltr_select_node(c_ptr, ref); if (n_ptr) return n_ptr; } - return 0; + return NULL; } u32 tipc_zone_select_router(struct _zone *z_ptr, u32 addr, u32 ref) diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c index c323cc6..d901465 100644 --- a/net/unix/af_unix.c +++ b/net/unix/af_unix.c @@ -566,7 +566,7 @@ static struct sock * unix_create1(struct socket *sock) u->mnt = NULL; spin_lock_init(&u->lock); atomic_set(&u->inflight, sock ? 0 : -1); - init_MUTEX(&u->readsem); /* single task reading lock */ + mutex_init(&u->readlock); /* single task reading lock */ init_waitqueue_head(&u->peer_wait); unix_insert_socket(unix_sockets_unbound, sk); out: @@ -623,7 +623,7 @@ static int unix_autobind(struct socket *sock) struct unix_address * addr; int err; - down(&u->readsem); + mutex_lock(&u->readlock); err = 0; if (u->addr) @@ -661,7 +661,7 @@ retry: spin_unlock(&unix_table_lock); err = 0; -out: up(&u->readsem); +out: mutex_unlock(&u->readlock); return err; } @@ -744,7 +744,7 @@ static int unix_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len) goto out; addr_len = err; - down(&u->readsem); + mutex_lock(&u->readlock); err = -EINVAL; if (u->addr) @@ -816,7 +816,7 @@ static int unix_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len) out_unlock: spin_unlock(&unix_table_lock); out_up: - up(&u->readsem); + mutex_unlock(&u->readlock); out: return err; @@ -1427,15 +1427,15 @@ static int unix_stream_sendmsg(struct kiocb *kiocb, struct socket *sock, while(sent < len) { /* - * Optimisation for the fact that under 0.01% of X messages typically - * need breaking up. + * Optimisation for the fact that under 0.01% of X + * messages typically need breaking up. */ - size=len-sent; + size = len-sent; /* Keep two messages in the pipe so it schedules better */ - if (size > sk->sk_sndbuf / 2 - 64) - size = sk->sk_sndbuf / 2 - 64; + if (size > ((sk->sk_sndbuf >> 1) - 64)) + size = (sk->sk_sndbuf >> 1) - 64; if (size > SKB_MAX_ALLOC) size = SKB_MAX_ALLOC; @@ -1545,7 +1545,7 @@ static int unix_dgram_recvmsg(struct kiocb *iocb, struct socket *sock, msg->msg_namelen = 0; - down(&u->readsem); + mutex_lock(&u->readlock); skb = skb_recv_datagram(sk, flags, noblock, &err); if (!skb) @@ -1600,7 +1600,7 @@ static int unix_dgram_recvmsg(struct kiocb *iocb, struct socket *sock, out_free: skb_free_datagram(sk,skb); out_unlock: - up(&u->readsem); + mutex_unlock(&u->readlock); out: return err; } @@ -1676,7 +1676,7 @@ static int unix_stream_recvmsg(struct kiocb *iocb, struct socket *sock, memset(&tmp_scm, 0, sizeof(tmp_scm)); } - down(&u->readsem); + mutex_lock(&u->readlock); do { @@ -1700,7 +1700,7 @@ static int unix_stream_recvmsg(struct kiocb *iocb, struct socket *sock, err = -EAGAIN; if (!timeo) break; - up(&u->readsem); + mutex_unlock(&u->readlock); timeo = unix_stream_data_wait(sk, timeo); @@ -1708,7 +1708,7 @@ static int unix_stream_recvmsg(struct kiocb *iocb, struct socket *sock, err = sock_intr_errno(timeo); goto out; } - down(&u->readsem); + mutex_lock(&u->readlock); continue; } @@ -1774,7 +1774,7 @@ static int unix_stream_recvmsg(struct kiocb *iocb, struct socket *sock, } } while (size); - up(&u->readsem); + mutex_unlock(&u->readlock); scm_recv(sock, msg, siocb->scm, flags); out: return copied ? : err; @@ -1878,6 +1878,8 @@ static unsigned int unix_poll(struct file * file, struct socket *sock, poll_tabl mask |= POLLERR; if (sk->sk_shutdown == SHUTDOWN_MASK) mask |= POLLHUP; + if (sk->sk_shutdown & RCV_SHUTDOWN) + mask |= POLLRDHUP; /* readable? */ if (!skb_queue_empty(&sk->sk_receive_queue) || diff --git a/net/unix/garbage.c b/net/unix/garbage.c index 411802b..746c2f4 100644 --- a/net/unix/garbage.c +++ b/net/unix/garbage.c @@ -76,6 +76,7 @@ #include <linux/netdevice.h> #include <linux/file.h> #include <linux/proc_fs.h> +#include <linux/mutex.h> #include <net/sock.h> #include <net/af_unix.h> @@ -169,7 +170,7 @@ static void maybe_unmark_and_push(struct sock *x) void unix_gc(void) { - static DECLARE_MUTEX(unix_gc_sem); + static DEFINE_MUTEX(unix_gc_sem); int i; struct sock *s; struct sk_buff_head hitlist; @@ -179,7 +180,7 @@ void unix_gc(void) * Avoid a recursive GC. */ - if (down_trylock(&unix_gc_sem)) + if (!mutex_trylock(&unix_gc_sem)) return; spin_lock(&unix_table_lock); @@ -308,5 +309,5 @@ void unix_gc(void) */ __skb_queue_purge(&hitlist); - up(&unix_gc_sem); + mutex_unlock(&unix_gc_sem); } diff --git a/net/x25/af_x25.c b/net/x25/af_x25.c index 72b6ff3..282ce4e 100644 --- a/net/x25/af_x25.c +++ b/net/x25/af_x25.c @@ -54,7 +54,10 @@ #include <linux/termios.h> /* For TIOCINQ/OUTQ */ #include <linux/notifier.h> #include <linux/init.h> +#include <linux/compat.h> + #include <net/x25.h> +#include <net/compat.h> int sysctl_x25_restart_request_timeout = X25_DEFAULT_T20; int sysctl_x25_call_request_timeout = X25_DEFAULT_T21; @@ -69,6 +72,14 @@ static const struct proto_ops x25_proto_ops; static struct x25_address null_x25_address = {" "}; +#ifdef CONFIG_COMPAT +struct compat_x25_subscrip_struct { + char device[200-sizeof(compat_ulong_t)]; + compat_ulong_t global_facil_mask; + compat_uint_t extended; +}; +#endif + int x25_addr_ntoa(unsigned char *p, struct x25_address *called_addr, struct x25_address *calling_addr) { @@ -514,6 +525,13 @@ static int x25_create(struct socket *sock, int protocol) x25->facilities.pacsize_out = X25_DEFAULT_PACKET_SIZE; x25->facilities.throughput = X25_DEFAULT_THROUGHPUT; x25->facilities.reverse = X25_DEFAULT_REVERSE; + x25->dte_facilities.calling_len = 0; + x25->dte_facilities.called_len = 0; + memset(x25->dte_facilities.called_ae, '\0', + sizeof(x25->dte_facilities.called_ae)); + memset(x25->dte_facilities.calling_ae, '\0', + sizeof(x25->dte_facilities.calling_ae)); + rc = 0; out: return rc; @@ -550,6 +568,7 @@ static struct sock *x25_make_new(struct sock *osk) x25->t2 = ox25->t2; x25->facilities = ox25->facilities; x25->qbitincl = ox25->qbitincl; + x25->dte_facilities = ox25->dte_facilities; x25->cudmatchlength = ox25->cudmatchlength; x25->accptapprv = ox25->accptapprv; @@ -733,7 +752,7 @@ out: return rc; } -static int x25_wait_for_data(struct sock *sk, int timeout) +static int x25_wait_for_data(struct sock *sk, long timeout) { DECLARE_WAITQUEUE(wait, current); int rc = 0; @@ -829,6 +848,7 @@ int x25_rx_call_request(struct sk_buff *skb, struct x25_neigh *nb, struct x25_sock *makex25; struct x25_address source_addr, dest_addr; struct x25_facilities facilities; + struct x25_dte_facilities dte_facilities; int len, rc; /* @@ -865,7 +885,8 @@ int x25_rx_call_request(struct sk_buff *skb, struct x25_neigh *nb, /* * Try to reach a compromise on the requested facilities. */ - if ((len = x25_negotiate_facilities(skb, sk, &facilities)) == -1) + len = x25_negotiate_facilities(skb, sk, &facilities, &dte_facilities); + if (len == -1) goto out_sock_put; /* @@ -896,9 +917,12 @@ int x25_rx_call_request(struct sk_buff *skb, struct x25_neigh *nb, makex25->source_addr = source_addr; makex25->neighbour = nb; makex25->facilities = facilities; + makex25->dte_facilities= dte_facilities; makex25->vc_facil_mask = x25_sk(sk)->vc_facil_mask; /* ensure no reverse facil on accept */ makex25->vc_facil_mask &= ~X25_MASK_REVERSE; + /* ensure no calling address extension on accept */ + makex25->vc_facil_mask &= ~X25_MASK_CALLING_AE; makex25->cudmatchlength = x25_sk(sk)->cudmatchlength; /* Normally all calls are accepted immediatly */ @@ -1305,6 +1329,36 @@ static int x25_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) break; } + case SIOCX25GDTEFACILITIES: { + rc = copy_to_user(argp, &x25->dte_facilities, + sizeof(x25->dte_facilities)); + if (rc) + rc = -EFAULT; + break; + } + + case SIOCX25SDTEFACILITIES: { + struct x25_dte_facilities dtefacs; + rc = -EFAULT; + if (copy_from_user(&dtefacs, argp, sizeof(dtefacs))) + break; + rc = -EINVAL; + if (sk->sk_state != TCP_LISTEN && + sk->sk_state != TCP_CLOSE) + break; + if (dtefacs.calling_len > X25_MAX_AE_LEN) + break; + if (dtefacs.calling_ae == NULL) + break; + if (dtefacs.called_len > X25_MAX_AE_LEN) + break; + if (dtefacs.called_ae == NULL) + break; + x25->dte_facilities = dtefacs; + rc = 0; + break; + } + case SIOCX25GCALLUSERDATA: { struct x25_calluserdata cud = x25->calluserdata; rc = copy_to_user(argp, &cud, @@ -1387,6 +1441,118 @@ static struct net_proto_family x25_family_ops = { .owner = THIS_MODULE, }; +#ifdef CONFIG_COMPAT +static int compat_x25_subscr_ioctl(unsigned int cmd, + struct compat_x25_subscrip_struct __user *x25_subscr32) +{ + struct compat_x25_subscrip_struct x25_subscr; + struct x25_neigh *nb; + struct net_device *dev; + int rc = -EINVAL; + + rc = -EFAULT; + if (copy_from_user(&x25_subscr, x25_subscr32, sizeof(*x25_subscr32))) + goto out; + + rc = -EINVAL; + dev = x25_dev_get(x25_subscr.device); + if (dev == NULL) + goto out; + + nb = x25_get_neigh(dev); + if (nb == NULL) + goto out_dev_put; + + dev_put(dev); + + if (cmd == SIOCX25GSUBSCRIP) { + x25_subscr.extended = nb->extended; + x25_subscr.global_facil_mask = nb->global_facil_mask; + rc = copy_to_user(x25_subscr32, &x25_subscr, + sizeof(*x25_subscr32)) ? -EFAULT : 0; + } else { + rc = -EINVAL; + if (x25_subscr.extended == 0 || x25_subscr.extended == 1) { + rc = 0; + nb->extended = x25_subscr.extended; + nb->global_facil_mask = x25_subscr.global_facil_mask; + } + } + x25_neigh_put(nb); +out: + return rc; +out_dev_put: + dev_put(dev); + goto out; +} + +static int compat_x25_ioctl(struct socket *sock, unsigned int cmd, + unsigned long arg) +{ + void __user *argp = compat_ptr(arg); + struct sock *sk = sock->sk; + + int rc = -ENOIOCTLCMD; + + switch(cmd) { + case TIOCOUTQ: + case TIOCINQ: + rc = x25_ioctl(sock, cmd, (unsigned long)argp); + break; + case SIOCGSTAMP: + rc = -EINVAL; + if (sk) + rc = compat_sock_get_timestamp(sk, + (struct timeval __user*)argp); + break; + case SIOCGIFADDR: + case SIOCSIFADDR: + case SIOCGIFDSTADDR: + case SIOCSIFDSTADDR: + case SIOCGIFBRDADDR: + case SIOCSIFBRDADDR: + case SIOCGIFNETMASK: + case SIOCSIFNETMASK: + case SIOCGIFMETRIC: + case SIOCSIFMETRIC: + rc = -EINVAL; + break; + case SIOCADDRT: + case SIOCDELRT: + rc = -EPERM; + if (!capable(CAP_NET_ADMIN)) + break; + rc = x25_route_ioctl(cmd, argp); + break; + case SIOCX25GSUBSCRIP: + rc = compat_x25_subscr_ioctl(cmd, argp); + break; + case SIOCX25SSUBSCRIP: + rc = -EPERM; + if (!capable(CAP_NET_ADMIN)) + break; + rc = compat_x25_subscr_ioctl(cmd, argp); + break; + case SIOCX25GFACILITIES: + case SIOCX25SFACILITIES: + case SIOCX25GDTEFACILITIES: + case SIOCX25SDTEFACILITIES: + case SIOCX25GCALLUSERDATA: + case SIOCX25SCALLUSERDATA: + case SIOCX25GCAUSEDIAG: + case SIOCX25SCUDMATCHLEN: + case SIOCX25CALLACCPTAPPRV: + case SIOCX25SENDCALLACCPT: + rc = x25_ioctl(sock, cmd, (unsigned long)argp); + break; + default: + rc = -ENOIOCTLCMD; + break; + } + return rc; +} +#endif + static const struct proto_ops SOCKOPS_WRAPPED(x25_proto_ops) = { .family = AF_X25, .owner = THIS_MODULE, @@ -1398,6 +1564,9 @@ static const struct proto_ops SOCKOPS_WRAPPED(x25_proto_ops) = { .getname = x25_getname, .poll = datagram_poll, .ioctl = x25_ioctl, +#ifdef CONFIG_COMPAT + .compat_ioctl = compat_x25_ioctl, +#endif .listen = x25_listen, .shutdown = sock_no_shutdown, .setsockopt = x25_setsockopt, diff --git a/net/x25/x25_facilities.c b/net/x25/x25_facilities.c index 54278b9..9f42b9c9 100644 --- a/net/x25/x25_facilities.c +++ b/net/x25/x25_facilities.c @@ -28,18 +28,28 @@ #include <net/x25.h> /* - * Parse a set of facilities into the facilities structure. Unrecognised + * Parse a set of facilities into the facilities structures. Unrecognised * facilities are written to the debug log file. */ -int x25_parse_facilities(struct sk_buff *skb, - struct x25_facilities *facilities, - unsigned long *vc_fac_mask) +int x25_parse_facilities(struct sk_buff *skb, struct x25_facilities *facilities, + struct x25_dte_facilities *dte_facs, unsigned long *vc_fac_mask) { unsigned char *p = skb->data; unsigned int len = *p++; *vc_fac_mask = 0; + /* + * The kernel knows which facilities were set on an incoming call but + * currently this information is not available to userspace. Here we + * give userspace who read incoming call facilities 0 length to indicate + * it wasn't set. + */ + dte_facs->calling_len = 0; + dte_facs->called_len = 0; + memset(dte_facs->called_ae, '\0', sizeof(dte_facs->called_ae)); + memset(dte_facs->calling_ae, '\0', sizeof(dte_facs->calling_ae)); + while (len > 0) { switch (*p & X25_FAC_CLASS_MASK) { case X25_FAC_CLASS_A: @@ -74,6 +84,8 @@ int x25_parse_facilities(struct sk_buff *skb, facilities->throughput = p[1]; *vc_fac_mask |= X25_MASK_THROUGHPUT; break; + case X25_MARKER: + break; default: printk(KERN_DEBUG "X.25: unknown facility " "%02X, value %02X\n", @@ -112,11 +124,30 @@ int x25_parse_facilities(struct sk_buff *skb, len -= 4; break; case X25_FAC_CLASS_D: - printk(KERN_DEBUG "X.25: unknown facility %02X, " - "length %d, values %02X, %02X, %02X, %02X\n", - p[0], p[1], p[2], p[3], p[4], p[5]); + switch (*p) { + case X25_FAC_CALLING_AE: + if (p[1] > X25_MAX_DTE_FACIL_LEN) + break; + dte_facs->calling_len = p[2]; + memcpy(dte_facs->calling_ae, &p[3], p[1] - 1); + *vc_fac_mask |= X25_MASK_CALLING_AE; + break; + case X25_FAC_CALLED_AE: + if (p[1] > X25_MAX_DTE_FACIL_LEN) + break; + dte_facs->called_len = p[2]; + memcpy(dte_facs->called_ae, &p[3], p[1] - 1); + *vc_fac_mask |= X25_MASK_CALLED_AE; + break; + default: + printk(KERN_DEBUG "X.25: unknown facility %02X," + "length %d, values %02X, %02X, " + "%02X, %02X\n", + p[0], p[1], p[2], p[3], p[4], p[5]); + break; + } len -= p[1] + 2; - p += p[1] + 2; + p += p[1] + 2; break; } } @@ -128,8 +159,8 @@ int x25_parse_facilities(struct sk_buff *skb, * Create a set of facilities. */ int x25_create_facilities(unsigned char *buffer, - struct x25_facilities *facilities, - unsigned long facil_mask) + struct x25_facilities *facilities, + struct x25_dte_facilities *dte_facs, unsigned long facil_mask) { unsigned char *p = buffer + 1; int len; @@ -168,6 +199,33 @@ int x25_create_facilities(unsigned char *buffer, *p++ = facilities->winsize_out ? : facilities->winsize_in; } + if (facil_mask & (X25_MASK_CALLING_AE|X25_MASK_CALLED_AE)) { + *p++ = X25_MARKER; + *p++ = X25_DTE_SERVICES; + } + + if (dte_facs->calling_len && (facil_mask & X25_MASK_CALLING_AE)) { + unsigned bytecount = (dte_facs->calling_len % 2) ? + dte_facs->calling_len / 2 + 1 : + dte_facs->calling_len / 2; + *p++ = X25_FAC_CALLING_AE; + *p++ = 1 + bytecount; + *p++ = dte_facs->calling_len; + memcpy(p, dte_facs->calling_ae, bytecount); + p += bytecount; + } + + if (dte_facs->called_len && (facil_mask & X25_MASK_CALLED_AE)) { + unsigned bytecount = (dte_facs->called_len % 2) ? + dte_facs->called_len / 2 + 1 : + dte_facs->called_len / 2; + *p++ = X25_FAC_CALLED_AE; + *p++ = 1 + bytecount; + *p++ = dte_facs->called_len; + memcpy(p, dte_facs->called_ae, bytecount); + p+=bytecount; + } + len = p - buffer; buffer[0] = len - 1; @@ -180,7 +238,7 @@ int x25_create_facilities(unsigned char *buffer, * The only real problem is with reverse charging. */ int x25_negotiate_facilities(struct sk_buff *skb, struct sock *sk, - struct x25_facilities *new) + struct x25_facilities *new, struct x25_dte_facilities *dte) { struct x25_sock *x25 = x25_sk(sk); struct x25_facilities *ours = &x25->facilities; @@ -190,7 +248,7 @@ int x25_negotiate_facilities(struct sk_buff *skb, struct sock *sk, memset(&theirs, 0, sizeof(theirs)); memcpy(new, ours, sizeof(*new)); - len = x25_parse_facilities(skb, &theirs, &x25->vc_facil_mask); + len = x25_parse_facilities(skb, &theirs, dte, &x25->vc_facil_mask); /* * They want reverse charging, we won't accept it. diff --git a/net/x25/x25_in.c b/net/x25/x25_in.c index 2614687..eed50e1 100644 --- a/net/x25/x25_in.c +++ b/net/x25/x25_in.c @@ -106,7 +106,8 @@ static int x25_state1_machine(struct sock *sk, struct sk_buff *skb, int frametyp skb_pull(skb, x25_addr_ntoa(skb->data, &source_addr, &dest_addr)); skb_pull(skb, x25_parse_facilities(skb, &x25->facilities, - &x25->vc_facil_mask)); + &x25->dte_facilities, + &x25->vc_facil_mask)); /* * Copy any Call User Data. */ diff --git a/net/x25/x25_subr.c b/net/x25/x25_subr.c index 8be9b8f..8d6220a 100644 --- a/net/x25/x25_subr.c +++ b/net/x25/x25_subr.c @@ -190,8 +190,9 @@ void x25_write_internal(struct sock *sk, int frametype) dptr = skb_put(skb, len); memcpy(dptr, addresses, len); len = x25_create_facilities(facilities, - &x25->facilities, - x25->neighbour->global_facil_mask); + &x25->facilities, + &x25->dte_facilities, + x25->neighbour->global_facil_mask); dptr = skb_put(skb, len); memcpy(dptr, facilities, len); dptr = skb_put(skb, x25->calluserdata.cudlength); @@ -206,6 +207,7 @@ void x25_write_internal(struct sock *sk, int frametype) *dptr++ = 0x00; /* Address lengths */ len = x25_create_facilities(facilities, &x25->facilities, + &x25->dte_facilities, x25->vc_facil_mask); dptr = skb_put(skb, len); memcpy(dptr, facilities, len); diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c index ae62054..f5eae9f 100644 --- a/net/xfrm/xfrm_policy.c +++ b/net/xfrm/xfrm_policy.c @@ -26,8 +26,8 @@ #include <net/xfrm.h> #include <net/ip.h> -DECLARE_MUTEX(xfrm_cfg_sem); -EXPORT_SYMBOL(xfrm_cfg_sem); +DEFINE_MUTEX(xfrm_cfg_mutex); +EXPORT_SYMBOL(xfrm_cfg_mutex); static DEFINE_RWLOCK(xfrm_policy_lock); @@ -203,7 +203,7 @@ static void xfrm_policy_timer(unsigned long data) } if (warn) - km_policy_expired(xp, dir, 0); + km_policy_expired(xp, dir, 0, 0); if (next != LONG_MAX && !mod_timer(&xp->timer, jiffies + make_jiffies(next))) xfrm_pol_hold(xp); @@ -216,7 +216,7 @@ out: expired: read_unlock(&xp->lock); if (!xfrm_policy_delete(xp, dir)) - km_policy_expired(xp, dir, 1); + km_policy_expired(xp, dir, 1, 0); xfrm_pol_put(xp); } @@ -621,6 +621,7 @@ int xfrm_policy_delete(struct xfrm_policy *pol, int dir) } return -ENOENT; } +EXPORT_SYMBOL(xfrm_policy_delete); int xfrm_sk_policy_insert(struct sock *sk, int dir, struct xfrm_policy *pol) { diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c index c656cba..a8e14dc 100644 --- a/net/xfrm/xfrm_state.c +++ b/net/xfrm/xfrm_state.c @@ -20,6 +20,15 @@ #include <linux/module.h> #include <asm/uaccess.h> +struct sock *xfrm_nl; +EXPORT_SYMBOL(xfrm_nl); + +u32 sysctl_xfrm_aevent_etime = XFRM_AE_ETIME; +EXPORT_SYMBOL(sysctl_xfrm_aevent_etime); + +u32 sysctl_xfrm_aevent_rseqth = XFRM_AE_SEQT_SIZE; +EXPORT_SYMBOL(sysctl_xfrm_aevent_rseqth); + /* Each xfrm_state may be linked to two tables: 1. Hash table by (spi,daddr,ah/esp) to find SA by SPI. (input,ctl) @@ -50,18 +59,20 @@ static DEFINE_SPINLOCK(xfrm_state_gc_lock); static int xfrm_state_gc_flush_bundles; -static int __xfrm_state_delete(struct xfrm_state *x); +int __xfrm_state_delete(struct xfrm_state *x); static struct xfrm_state_afinfo *xfrm_state_get_afinfo(unsigned short family); static void xfrm_state_put_afinfo(struct xfrm_state_afinfo *afinfo); -static int km_query(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *pol); -static void km_state_expired(struct xfrm_state *x, int hard); +int km_query(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *pol); +void km_state_expired(struct xfrm_state *x, int hard, u32 pid); static void xfrm_state_gc_destroy(struct xfrm_state *x) { if (del_timer(&x->timer)) BUG(); + if (del_timer(&x->rtimer)) + BUG(); kfree(x->aalg); kfree(x->ealg); kfree(x->calg); @@ -153,7 +164,7 @@ static void xfrm_timer_handler(unsigned long data) x->km.dying = warn; if (warn) - km_state_expired(x, 0); + km_state_expired(x, 0, 0); resched: if (next != LONG_MAX && !mod_timer(&x->timer, jiffies + make_jiffies(next))) @@ -168,13 +179,15 @@ expired: goto resched; } if (!__xfrm_state_delete(x) && x->id.spi) - km_state_expired(x, 1); + km_state_expired(x, 1, 0); out: spin_unlock(&x->lock); xfrm_state_put(x); } +static void xfrm_replay_timer_handler(unsigned long data); + struct xfrm_state *xfrm_state_alloc(void) { struct xfrm_state *x; @@ -190,11 +203,16 @@ struct xfrm_state *xfrm_state_alloc(void) init_timer(&x->timer); x->timer.function = xfrm_timer_handler; x->timer.data = (unsigned long)x; + init_timer(&x->rtimer); + x->rtimer.function = xfrm_replay_timer_handler; + x->rtimer.data = (unsigned long)x; x->curlft.add_time = (unsigned long)xtime.tv_sec; x->lft.soft_byte_limit = XFRM_INF; x->lft.soft_packet_limit = XFRM_INF; x->lft.hard_byte_limit = XFRM_INF; x->lft.hard_packet_limit = XFRM_INF; + x->replay_maxage = 0; + x->replay_maxdiff = 0; spin_lock_init(&x->lock); } return x; @@ -212,7 +230,7 @@ void __xfrm_state_destroy(struct xfrm_state *x) } EXPORT_SYMBOL(__xfrm_state_destroy); -static int __xfrm_state_delete(struct xfrm_state *x) +int __xfrm_state_delete(struct xfrm_state *x) { int err = -ESRCH; @@ -228,6 +246,8 @@ static int __xfrm_state_delete(struct xfrm_state *x) spin_unlock(&xfrm_state_lock); if (del_timer(&x->timer)) __xfrm_state_put(x); + if (del_timer(&x->rtimer)) + __xfrm_state_put(x); /* The number two in this test is the reference * mentioned in the comment below plus the reference @@ -249,6 +269,7 @@ static int __xfrm_state_delete(struct xfrm_state *x) return err; } +EXPORT_SYMBOL(__xfrm_state_delete); int xfrm_state_delete(struct xfrm_state *x) { @@ -426,6 +447,10 @@ static void __xfrm_state_insert(struct xfrm_state *x) if (!mod_timer(&x->timer, jiffies + HZ)) xfrm_state_hold(x); + if (x->replay_maxage && + !mod_timer(&x->rtimer, jiffies + x->replay_maxage)) + xfrm_state_hold(x); + wake_up(&km_waitq); } @@ -580,7 +605,7 @@ int xfrm_state_check_expire(struct xfrm_state *x) (x->curlft.bytes >= x->lft.soft_byte_limit || x->curlft.packets >= x->lft.soft_packet_limit)) { x->km.dying = 1; - km_state_expired(x, 0); + km_state_expired(x, 0, 0); } return 0; } @@ -762,6 +787,61 @@ out: } EXPORT_SYMBOL(xfrm_state_walk); + +void xfrm_replay_notify(struct xfrm_state *x, int event) +{ + struct km_event c; + /* we send notify messages in case + * 1. we updated on of the sequence numbers, and the seqno difference + * is at least x->replay_maxdiff, in this case we also update the + * timeout of our timer function + * 2. if x->replay_maxage has elapsed since last update, + * and there were changes + * + * The state structure must be locked! + */ + + switch (event) { + case XFRM_REPLAY_UPDATE: + if (x->replay_maxdiff && + (x->replay.seq - x->preplay.seq < x->replay_maxdiff) && + (x->replay.oseq - x->preplay.oseq < x->replay_maxdiff)) + return; + + break; + + case XFRM_REPLAY_TIMEOUT: + if ((x->replay.seq == x->preplay.seq) && + (x->replay.bitmap == x->preplay.bitmap) && + (x->replay.oseq == x->preplay.oseq)) + return; + + break; + } + + memcpy(&x->preplay, &x->replay, sizeof(struct xfrm_replay_state)); + c.event = XFRM_MSG_NEWAE; + c.data.aevent = event; + km_state_notify(x, &c); + + if (x->replay_maxage && + !mod_timer(&x->rtimer, jiffies + x->replay_maxage)) + xfrm_state_hold(x); +} +EXPORT_SYMBOL(xfrm_replay_notify); + +static void xfrm_replay_timer_handler(unsigned long data) +{ + struct xfrm_state *x = (struct xfrm_state*)data; + + spin_lock(&x->lock); + + if (xfrm_aevent_is_on() && x->km.state == XFRM_STATE_VALID) + xfrm_replay_notify(x, XFRM_REPLAY_TIMEOUT); + + spin_unlock(&x->lock); +} + int xfrm_replay_check(struct xfrm_state *x, u32 seq) { u32 diff; @@ -805,6 +885,9 @@ void xfrm_replay_advance(struct xfrm_state *x, u32 seq) diff = x->replay.seq - seq; x->replay.bitmap |= (1U << diff); } + + if (xfrm_aevent_is_on()) + xfrm_replay_notify(x, XFRM_REPLAY_UPDATE); } EXPORT_SYMBOL(xfrm_replay_advance); @@ -835,11 +918,12 @@ void km_state_notify(struct xfrm_state *x, struct km_event *c) EXPORT_SYMBOL(km_policy_notify); EXPORT_SYMBOL(km_state_notify); -static void km_state_expired(struct xfrm_state *x, int hard) +void km_state_expired(struct xfrm_state *x, int hard, u32 pid) { struct km_event c; c.data.hard = hard; + c.pid = pid; c.event = XFRM_MSG_EXPIRE; km_state_notify(x, &c); @@ -847,11 +931,12 @@ static void km_state_expired(struct xfrm_state *x, int hard) wake_up(&km_waitq); } +EXPORT_SYMBOL(km_state_expired); /* * We send to all registered managers regardless of failure * We are happy with one success */ -static int km_query(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *pol) +int km_query(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *pol) { int err = -EINVAL, acqret; struct xfrm_mgr *km; @@ -865,6 +950,7 @@ static int km_query(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_polic read_unlock(&xfrm_km_lock); return err; } +EXPORT_SYMBOL(km_query); int km_new_mapping(struct xfrm_state *x, xfrm_address_t *ipaddr, u16 sport) { @@ -883,17 +969,19 @@ int km_new_mapping(struct xfrm_state *x, xfrm_address_t *ipaddr, u16 sport) } EXPORT_SYMBOL(km_new_mapping); -void km_policy_expired(struct xfrm_policy *pol, int dir, int hard) +void km_policy_expired(struct xfrm_policy *pol, int dir, int hard, u32 pid) { struct km_event c; c.data.hard = hard; + c.pid = pid; c.event = XFRM_MSG_POLEXPIRE; km_policy_notify(pol, dir, &c); if (hard) wake_up(&km_waitq); } +EXPORT_SYMBOL(km_policy_expired); int xfrm_user_policy(struct sock *sk, int optname, u8 __user *optval, int optlen) { diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c index 7de1755..81d1005 100644 --- a/net/xfrm/xfrm_user.c +++ b/net/xfrm/xfrm_user.c @@ -28,8 +28,6 @@ #include <net/netlink.h> #include <asm/uaccess.h> -static struct sock *xfrm_nl; - static int verify_one_alg(struct rtattr **xfrma, enum xfrm_attr_type_t type) { struct rtattr *rt = xfrma[type - 1]; @@ -103,9 +101,6 @@ static inline int verify_sec_ctx_len(struct rtattr **xfrma) uctx = RTA_DATA(rt); - if (uctx->ctx_len > PAGE_SIZE) - return -EINVAL; - len += sizeof(struct xfrm_user_sec_ctx); len += uctx->ctx_len; @@ -276,6 +271,56 @@ static void copy_from_user_state(struct xfrm_state *x, struct xfrm_usersa_info * x->props.flags = p->flags; } +/* + * someday when pfkey also has support, we could have the code + * somehow made shareable and move it to xfrm_state.c - JHS + * +*/ +static int xfrm_update_ae_params(struct xfrm_state *x, struct rtattr **xfrma) +{ + int err = - EINVAL; + struct rtattr *rp = xfrma[XFRMA_REPLAY_VAL-1]; + struct rtattr *lt = xfrma[XFRMA_LTIME_VAL-1]; + struct rtattr *et = xfrma[XFRMA_ETIMER_THRESH-1]; + struct rtattr *rt = xfrma[XFRMA_REPLAY_THRESH-1]; + + if (rp) { + struct xfrm_replay_state *replay; + if (RTA_PAYLOAD(rp) < sizeof(*replay)) + goto error; + replay = RTA_DATA(rp); + memcpy(&x->replay, replay, sizeof(*replay)); + memcpy(&x->preplay, replay, sizeof(*replay)); + } + + if (lt) { + struct xfrm_lifetime_cur *ltime; + if (RTA_PAYLOAD(lt) < sizeof(*ltime)) + goto error; + ltime = RTA_DATA(lt); + x->curlft.bytes = ltime->bytes; + x->curlft.packets = ltime->packets; + x->curlft.add_time = ltime->add_time; + x->curlft.use_time = ltime->use_time; + } + + if (et) { + if (RTA_PAYLOAD(et) < sizeof(u32)) + goto error; + x->replay_maxage = *(u32*)RTA_DATA(et); + } + + if (rt) { + if (RTA_PAYLOAD(rt) < sizeof(u32)) + goto error; + x->replay_maxdiff = *(u32*)RTA_DATA(rt); + } + + return 0; +error: + return err; +} + static struct xfrm_state *xfrm_state_construct(struct xfrm_usersa_info *p, struct rtattr **xfrma, int *errp) @@ -311,6 +356,18 @@ static struct xfrm_state *xfrm_state_construct(struct xfrm_usersa_info *p, goto error; x->km.seq = p->seq; + x->replay_maxdiff = sysctl_xfrm_aevent_rseqth; + /* sysctl_xfrm_aevent_etime is in 100ms units */ + x->replay_maxage = (sysctl_xfrm_aevent_etime*HZ)/XFRM_AE_ETH_M; + x->preplay.bitmap = 0; + x->preplay.seq = x->replay.seq+x->replay_maxdiff; + x->preplay.oseq = x->replay.oseq +x->replay_maxdiff; + + /* override default values from above */ + + err = xfrm_update_ae_params(x, (struct rtattr **)xfrma); + if (err < 0) + goto error; return x; @@ -1025,9 +1082,142 @@ static int xfrm_flush_sa(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma return 0; } -static int xfrm_flush_policy(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) + +static int build_aevent(struct sk_buff *skb, struct xfrm_state *x, struct km_event *c) +{ + struct xfrm_aevent_id *id; + struct nlmsghdr *nlh; + struct xfrm_lifetime_cur ltime; + unsigned char *b = skb->tail; + + nlh = NLMSG_PUT(skb, c->pid, c->seq, XFRM_MSG_NEWAE, sizeof(*id)); + id = NLMSG_DATA(nlh); + nlh->nlmsg_flags = 0; + + id->sa_id.daddr = x->id.daddr; + id->sa_id.spi = x->id.spi; + id->sa_id.family = x->props.family; + id->sa_id.proto = x->id.proto; + id->flags = c->data.aevent; + + RTA_PUT(skb, XFRMA_REPLAY_VAL, sizeof(x->replay), &x->replay); + + ltime.bytes = x->curlft.bytes; + ltime.packets = x->curlft.packets; + ltime.add_time = x->curlft.add_time; + ltime.use_time = x->curlft.use_time; + + RTA_PUT(skb, XFRMA_LTIME_VAL, sizeof(struct xfrm_lifetime_cur), <ime); + + if (id->flags&XFRM_AE_RTHR) { + RTA_PUT(skb,XFRMA_REPLAY_THRESH,sizeof(u32),&x->replay_maxdiff); + } + + if (id->flags&XFRM_AE_ETHR) { + u32 etimer = x->replay_maxage*10/HZ; + RTA_PUT(skb,XFRMA_ETIMER_THRESH,sizeof(u32),&etimer); + } + + nlh->nlmsg_len = skb->tail - b; + return skb->len; + +rtattr_failure: +nlmsg_failure: + skb_trim(skb, b - skb->data); + return -1; +} + +static int xfrm_get_ae(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) +{ + struct xfrm_state *x; + struct sk_buff *r_skb; + int err; + struct km_event c; + struct xfrm_aevent_id *p = NLMSG_DATA(nlh); + int len = NLMSG_LENGTH(sizeof(struct xfrm_aevent_id)); + struct xfrm_usersa_id *id = &p->sa_id; + + len += RTA_SPACE(sizeof(struct xfrm_replay_state)); + len += RTA_SPACE(sizeof(struct xfrm_lifetime_cur)); + + if (p->flags&XFRM_AE_RTHR) + len+=RTA_SPACE(sizeof(u32)); + + if (p->flags&XFRM_AE_ETHR) + len+=RTA_SPACE(sizeof(u32)); + + r_skb = alloc_skb(len, GFP_ATOMIC); + if (r_skb == NULL) + return -ENOMEM; + + x = xfrm_state_lookup(&id->daddr, id->spi, id->proto, id->family); + if (x == NULL) { + kfree(r_skb); + return -ESRCH; + } + + /* + * XXX: is this lock really needed - none of the other + * gets lock (the concern is things getting updated + * while we are still reading) - jhs + */ + spin_lock_bh(&x->lock); + c.data.aevent = p->flags; + c.seq = nlh->nlmsg_seq; + c.pid = nlh->nlmsg_pid; + + if (build_aevent(r_skb, x, &c) < 0) + BUG(); + err = netlink_unicast(xfrm_nl, r_skb, + NETLINK_CB(skb).pid, MSG_DONTWAIT); + spin_unlock_bh(&x->lock); + xfrm_state_put(x); + return err; +} + +static int xfrm_new_ae(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) { + struct xfrm_state *x; struct km_event c; + int err = - EINVAL; + struct xfrm_aevent_id *p = NLMSG_DATA(nlh); + struct rtattr *rp = xfrma[XFRMA_REPLAY_VAL-1]; + struct rtattr *lt = xfrma[XFRMA_LTIME_VAL-1]; + + if (!lt && !rp) + return err; + + /* pedantic mode - thou shalt sayeth replaceth */ + if (!(nlh->nlmsg_flags&NLM_F_REPLACE)) + return err; + + x = xfrm_state_lookup(&p->sa_id.daddr, p->sa_id.spi, p->sa_id.proto, p->sa_id.family); + if (x == NULL) + return -ESRCH; + + if (x->km.state != XFRM_STATE_VALID) + goto out; + + spin_lock_bh(&x->lock); + err = xfrm_update_ae_params(x,(struct rtattr **)xfrma); + spin_unlock_bh(&x->lock); + if (err < 0) + goto out; + + c.event = nlh->nlmsg_type; + c.seq = nlh->nlmsg_seq; + c.pid = nlh->nlmsg_pid; + c.data.aevent = XFRM_AE_CU; + km_state_notify(x, &c); + err = 0; +out: + xfrm_state_put(x); + return err; +} + +static int xfrm_flush_policy(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) +{ +struct km_event c; xfrm_policy_flush(); c.event = nlh->nlmsg_type; @@ -1037,6 +1227,139 @@ static int xfrm_flush_policy(struct sk_buff *skb, struct nlmsghdr *nlh, void **x return 0; } +static int xfrm_add_pol_expire(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) +{ + struct xfrm_policy *xp; + struct xfrm_user_polexpire *up = NLMSG_DATA(nlh); + struct xfrm_userpolicy_info *p = &up->pol; + int err = -ENOENT; + + if (p->index) + xp = xfrm_policy_byid(p->dir, p->index, 0); + else { + struct rtattr **rtattrs = (struct rtattr **)xfrma; + struct rtattr *rt = rtattrs[XFRMA_SEC_CTX-1]; + struct xfrm_policy tmp; + + err = verify_sec_ctx_len(rtattrs); + if (err) + return err; + + memset(&tmp, 0, sizeof(struct xfrm_policy)); + if (rt) { + struct xfrm_user_sec_ctx *uctx = RTA_DATA(rt); + + if ((err = security_xfrm_policy_alloc(&tmp, uctx))) + return err; + } + xp = xfrm_policy_bysel_ctx(p->dir, &p->sel, tmp.security, 0); + security_xfrm_policy_free(&tmp); + } + + if (xp == NULL) + return err; + read_lock(&xp->lock); + if (xp->dead) { + read_unlock(&xp->lock); + goto out; + } + + read_unlock(&xp->lock); + err = 0; + if (up->hard) { + xfrm_policy_delete(xp, p->dir); + } else { + // reset the timers here? + printk("Dont know what to do with soft policy expire\n"); + } + km_policy_expired(xp, p->dir, up->hard, current->pid); + +out: + xfrm_pol_put(xp); + return err; +} + +static int xfrm_add_sa_expire(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) +{ + struct xfrm_state *x; + int err; + struct xfrm_user_expire *ue = NLMSG_DATA(nlh); + struct xfrm_usersa_info *p = &ue->state; + + x = xfrm_state_lookup(&p->id.daddr, p->id.spi, p->id.proto, p->family); + err = -ENOENT; + + if (x == NULL) + return err; + + err = -EINVAL; + + spin_lock_bh(&x->lock); + if (x->km.state != XFRM_STATE_VALID) + goto out; + km_state_expired(x, ue->hard, current->pid); + + if (ue->hard) + __xfrm_state_delete(x); +out: + spin_unlock_bh(&x->lock); + xfrm_state_put(x); + return err; +} + +static int xfrm_add_acquire(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) +{ + struct xfrm_policy *xp; + struct xfrm_user_tmpl *ut; + int i; + struct rtattr *rt = xfrma[XFRMA_TMPL-1]; + + struct xfrm_user_acquire *ua = NLMSG_DATA(nlh); + struct xfrm_state *x = xfrm_state_alloc(); + int err = -ENOMEM; + + if (!x) + return err; + + err = verify_newpolicy_info(&ua->policy); + if (err) { + printk("BAD policy passed\n"); + kfree(x); + return err; + } + + /* build an XP */ + xp = xfrm_policy_construct(&ua->policy, (struct rtattr **) xfrma, &err); if (!xp) { + kfree(x); + return err; + } + + memcpy(&x->id, &ua->id, sizeof(ua->id)); + memcpy(&x->props.saddr, &ua->saddr, sizeof(ua->saddr)); + memcpy(&x->sel, &ua->sel, sizeof(ua->sel)); + + ut = RTA_DATA(rt); + /* extract the templates and for each call km_key */ + for (i = 0; i < xp->xfrm_nr; i++, ut++) { + struct xfrm_tmpl *t = &xp->xfrm_vec[i]; + memcpy(&x->id, &t->id, sizeof(x->id)); + x->props.mode = t->mode; + x->props.reqid = t->reqid; + x->props.family = ut->family; + t->aalgos = ua->aalgos; + t->ealgos = ua->ealgos; + t->calgos = ua->calgos; + err = km_query(x, t, xp); + + } + + kfree(x); + kfree(xp); + + return 0; +} + + #define XMSGSIZE(type) NLMSG_LENGTH(sizeof(struct type)) static const int xfrm_msg_min[XFRM_NR_MSGTYPES] = { @@ -1054,6 +1377,8 @@ static const int xfrm_msg_min[XFRM_NR_MSGTYPES] = { [XFRM_MSG_POLEXPIRE - XFRM_MSG_BASE] = XMSGSIZE(xfrm_user_polexpire), [XFRM_MSG_FLUSHSA - XFRM_MSG_BASE] = XMSGSIZE(xfrm_usersa_flush), [XFRM_MSG_FLUSHPOLICY - XFRM_MSG_BASE] = NLMSG_LENGTH(0), + [XFRM_MSG_NEWAE - XFRM_MSG_BASE] = XMSGSIZE(xfrm_aevent_id), + [XFRM_MSG_GETAE - XFRM_MSG_BASE] = XMSGSIZE(xfrm_aevent_id), }; #undef XMSGSIZE @@ -1071,10 +1396,15 @@ static struct xfrm_link { [XFRM_MSG_GETPOLICY - XFRM_MSG_BASE] = { .doit = xfrm_get_policy, .dump = xfrm_dump_policy }, [XFRM_MSG_ALLOCSPI - XFRM_MSG_BASE] = { .doit = xfrm_alloc_userspi }, + [XFRM_MSG_ACQUIRE - XFRM_MSG_BASE] = { .doit = xfrm_add_acquire }, + [XFRM_MSG_EXPIRE - XFRM_MSG_BASE] = { .doit = xfrm_add_sa_expire }, [XFRM_MSG_UPDPOLICY - XFRM_MSG_BASE] = { .doit = xfrm_add_policy }, [XFRM_MSG_UPDSA - XFRM_MSG_BASE] = { .doit = xfrm_add_sa }, + [XFRM_MSG_POLEXPIRE - XFRM_MSG_BASE] = { .doit = xfrm_add_pol_expire}, [XFRM_MSG_FLUSHSA - XFRM_MSG_BASE] = { .doit = xfrm_flush_sa }, [XFRM_MSG_FLUSHPOLICY - XFRM_MSG_BASE] = { .doit = xfrm_flush_policy }, + [XFRM_MSG_NEWAE - XFRM_MSG_BASE] = { .doit = xfrm_new_ae }, + [XFRM_MSG_GETAE - XFRM_MSG_BASE] = { .doit = xfrm_get_ae }, }; static int xfrm_user_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh, int *errp) @@ -1156,26 +1486,26 @@ static void xfrm_netlink_rcv(struct sock *sk, int len) unsigned int qlen = 0; do { - down(&xfrm_cfg_sem); + mutex_lock(&xfrm_cfg_mutex); netlink_run_queue(sk, &qlen, &xfrm_user_rcv_msg); - up(&xfrm_cfg_sem); + mutex_unlock(&xfrm_cfg_mutex); } while (qlen); } -static int build_expire(struct sk_buff *skb, struct xfrm_state *x, int hard) +static int build_expire(struct sk_buff *skb, struct xfrm_state *x, struct km_event *c) { struct xfrm_user_expire *ue; struct nlmsghdr *nlh; unsigned char *b = skb->tail; - nlh = NLMSG_PUT(skb, 0, 0, XFRM_MSG_EXPIRE, + nlh = NLMSG_PUT(skb, c->pid, 0, XFRM_MSG_EXPIRE, sizeof(*ue)); ue = NLMSG_DATA(nlh); nlh->nlmsg_flags = 0; copy_to_user_state(x, &ue->state); - ue->hard = (hard != 0) ? 1 : 0; + ue->hard = (c->data.hard != 0) ? 1 : 0; nlh->nlmsg_len = skb->tail - b; return skb->len; @@ -1194,13 +1524,31 @@ static int xfrm_exp_state_notify(struct xfrm_state *x, struct km_event *c) if (skb == NULL) return -ENOMEM; - if (build_expire(skb, x, c->data.hard) < 0) + if (build_expire(skb, x, c) < 0) BUG(); NETLINK_CB(skb).dst_group = XFRMNLGRP_EXPIRE; return netlink_broadcast(xfrm_nl, skb, 0, XFRMNLGRP_EXPIRE, GFP_ATOMIC); } +static int xfrm_aevent_state_notify(struct xfrm_state *x, struct km_event *c) +{ + struct sk_buff *skb; + int len = NLMSG_LENGTH(sizeof(struct xfrm_aevent_id)); + + len += RTA_SPACE(sizeof(struct xfrm_replay_state)); + len += RTA_SPACE(sizeof(struct xfrm_lifetime_cur)); + skb = alloc_skb(len, GFP_ATOMIC); + if (skb == NULL) + return -ENOMEM; + + if (build_aevent(skb, x, c) < 0) + BUG(); + + NETLINK_CB(skb).dst_group = XFRMNLGRP_AEVENTS; + return netlink_broadcast(xfrm_nl, skb, 0, XFRMNLGRP_AEVENTS, GFP_ATOMIC); +} + static int xfrm_notify_sa_flush(struct km_event *c) { struct xfrm_usersa_flush *p; @@ -1313,6 +1661,8 @@ static int xfrm_send_state_notify(struct xfrm_state *x, struct km_event *c) switch (c->event) { case XFRM_MSG_EXPIRE: return xfrm_exp_state_notify(x, c); + case XFRM_MSG_NEWAE: + return xfrm_aevent_state_notify(x, c); case XFRM_MSG_DELSA: case XFRM_MSG_UPDSA: case XFRM_MSG_NEWSA: @@ -1443,13 +1793,14 @@ static struct xfrm_policy *xfrm_compile_policy(u16 family, int opt, } static int build_polexpire(struct sk_buff *skb, struct xfrm_policy *xp, - int dir, int hard) + int dir, struct km_event *c) { struct xfrm_user_polexpire *upe; struct nlmsghdr *nlh; + int hard = c->data.hard; unsigned char *b = skb->tail; - nlh = NLMSG_PUT(skb, 0, 0, XFRM_MSG_POLEXPIRE, sizeof(*upe)); + nlh = NLMSG_PUT(skb, c->pid, 0, XFRM_MSG_POLEXPIRE, sizeof(*upe)); upe = NLMSG_DATA(nlh); nlh->nlmsg_flags = 0; @@ -1480,7 +1831,7 @@ static int xfrm_exp_policy_notify(struct xfrm_policy *xp, int dir, struct km_eve if (skb == NULL) return -ENOMEM; - if (build_polexpire(skb, xp, dir, c->data.hard) < 0) + if (build_polexpire(skb, xp, dir, c) < 0) BUG(); NETLINK_CB(skb).dst_group = XFRMNLGRP_EXPIRE; @@ -1596,12 +1947,15 @@ static struct xfrm_mgr netlink_mgr = { static int __init xfrm_user_init(void) { + struct sock *nlsk; + printk(KERN_INFO "Initializing IPsec netlink socket\n"); - xfrm_nl = netlink_kernel_create(NETLINK_XFRM, XFRMNLGRP_MAX, - xfrm_netlink_rcv, THIS_MODULE); - if (xfrm_nl == NULL) + nlsk = netlink_kernel_create(NETLINK_XFRM, XFRMNLGRP_MAX, + xfrm_netlink_rcv, THIS_MODULE); + if (nlsk == NULL) return -ENOMEM; + rcu_assign_pointer(xfrm_nl, nlsk); xfrm_register_km(&netlink_mgr); @@ -1610,11 +1964,16 @@ static int __init xfrm_user_init(void) static void __exit xfrm_user_exit(void) { + struct sock *nlsk = xfrm_nl; + xfrm_unregister_km(&netlink_mgr); - sock_release(xfrm_nl->sk_socket); + rcu_assign_pointer(xfrm_nl, NULL); + synchronize_rcu(); + sock_release(nlsk->sk_socket); } module_init(xfrm_user_init); module_exit(xfrm_user_exit); MODULE_LICENSE("GPL"); MODULE_ALIAS_NET_PF_PROTO(PF_NETLINK, NETLINK_XFRM); + |