summaryrefslogtreecommitdiffstats
path: root/net
Commit message (Collapse)AuthorAgeFilesLines
* [NETFILTER]: annotate xtables targets with const and remove castsJan Engelhardt2008-04-1421-38/+55
| | | | | Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
* [NETFILTER]: Use non-deprecated __RW_LOCK_UNLOCKED macroRobert P. J. Day2008-04-148-8/+8
| | | | | Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca> Signed-off-by: Patrick McHardy <kaber@trash.net>
* [NETFILTER]: bridge netfilter: use non-deprecated __RW_LOCK_UNLOCKED macro.Robert P. J. Day2008-04-143-3/+3
| | | | | Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca> Signed-off-by: Patrick McHardy <kaber@trash.net>
* [NETFILTER]: ip_tables: per-netns FILTER/MANGLE/RAW tables for realAlexey Dobriyan2008-04-143-12/+62
| | | | | | | | | | | | | | | | | | | | | Commit 9335f047fe61587ec82ff12fbb1220bcfdd32006 aka "[NETFILTER]: ip_tables: per-netns FILTER, MANGLE, RAW" added per-netns _view_ of iptables rules. They were shown to user, but ignored by filtering code. Now that it's possible to at least ping loopback, per-netns tables can affect filtering decisions. netns is taken in case of PRE_ROUTING, LOCAL_IN -- from in device, POST_ROUTING, LOCAL_OUT -- from out device, FORWARD -- from in device which should be equal to out device's netns. This code is relatively new, so BUG_ON was plugged. Wrappers were added to a) keep code the same from CONFIG_NET_NS=n users (overwhelming majority), b) consolidate code in one place -- similar changes will be done in ipv6 and arp netfilter code. Signed-off-by: Alexey Dobriyan <adobriyan@sw.ru> Signed-off-by: Patrick McHardy <kaber@trash.net>
* [NETFILTER]: {ip,ip6}t_LOG: print MARK value in log outputPatrick McHardy2008-04-142-2/+10
| | | | | | | | Dump the mark value in log messages similar to nfnetlink_log. This is useful for debugging complex setups where marks are used for routing or traffic classification. Signed-off-by: Patrick McHardy <kaber@trash.net>
* [NETFILTER]: nf_conntrack: less hairy ifdefs around proc and sysctlAlexey Dobriyan2008-04-141-40/+76
| | | | | | | | | | Patch splits creation of /proc/net/nf_conntrack, /proc/net/stat/nf_conntrack and net.netfilter hierarchy into their own functions with dummy ones if PROC_FS or SYSCTL is not set. Also, remove dead "ret = 0" write while I'm at it. Signed-off-by: Alexey Dobriyan <adobriyan@sw.ru> Signed-off-by: Patrick McHardy <kaber@trash.net>
* [SKB]: __skb_append = __skb_queue_after Gerrit Renker2008-04-142-2/+2
| | | | | | | | | This expresses __skb_append in terms of __skb_queue_after, exploiting that __skb_append(old, new, list) = __skb_queue_after(list, old, new). Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPV6] MROUTE: Add stats in multicast routing module method ip6_mr_forward().Rami Rosen2008-04-131-1/+1
| | | | | | | | | | This patches adds a call to increment IPSTATS_MIB_OUTFORWDATAGRAMS when forwarding the packet in ip6_mr_forward() in the IPv6 multicast routing module (net/ipv6/ip6mr.c). Signed-off-by: Rami Rosen <ramirose@gmail.com> Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NET]: Sink IPv6 menuoptions into its own submenuJan Engelhardt2008-04-131-15/+8
| | | | | Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPV6]: Share common code-paths for sticky socket options.YOSHIFUJI Hideaki2008-04-131-39/+25
| | | | | Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPV6] MROUTE: Do not call ipv6_find_idev() directly.YOSHIFUJI Hideaki2008-04-132-6/+1
| | | | | | | | Since NETDEV_REGISTER notifier chain is responsible for creating inet6_dev{}, we do not need to call ipv6_find_idev() directly here. Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETNS][DCCPV6]: Make per-net socket lookup.Pavel Emelyanov2008-04-131-4/+5
| | | | | | | | | | | The inet6_lookup family of functions requires a net to lookup a socket in, so give a proper one to them. No more things to do for dccpv6, since routing is OK and the ipv4-like transport layer filtering is not done for ipv6. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETNS][DCCPV6]: Actually create ctl socket on each net and use it.Pavel Emelyanov2008-04-131-10/+8
| | | | | | | | | | Move the call to inet_ctl_sock_create to init callback (and inet_ctl_sock_destroy to exit one) and use proper ctl sock in dccp_v6_ctl_send_reset. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Acked-by: Arnaldo Carvalho de Melo <acme@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETNS][DCCPV6]: Move the dccp_v6_ctl_sk on the struct net.Pavel Emelyanov2008-04-131-8/+8
| | | | | | | | And replace all its usage with init_net's socket. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Acked-by: Arnaldo Carvalho de Melo <acme@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETNS][DCCPV6]: Add dummy per-net operations.Pavel Emelyanov2008-04-131-0/+22
| | | | | | | | | They will be responsible for ctl socket initialization, but currently they are void. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Acked-by: Arnaldo Carvalho de Melo <acme@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETNS][DCCPV6]: Don't pass NULL to ip6_dst_lookup.Pavel Emelyanov2008-04-131-1/+1
| | | | | | | | | | | | | | This call uses the sock to get the net to lookup the routing in. With CONFIG_NET_NS this code will OOPS, since the sk ptr is NULL. After looking inside the ip6_dst_lookup and drawing the analogy with respective ipv6 code, it seems, that the dccp ctl socket is a good candidate for the first argument. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Acked-by: Arnaldo Carvalho de Melo <acme@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETNS][DCCPV4]: Enable DCCPv4 in net namespaces.Pavel Emelyanov2008-04-131-0/+1
| | | | | | | | | This enables sockets creation with IPPROTO_DCCP and enables the ip level to pass DCCP packets to the DCCP level. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Acked-by: Arnaldo Carvalho de Melo <acme@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETNS][DCCPV4]: Make per-net socket lookup.Pavel Emelyanov2008-04-131-4/+5
| | | | | | | | | The inet_lookup family of functions requires a net to lookup a socket in, so give a proper one to them. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Acked-by: Arnaldo Carvalho de Melo <acme@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETNS][DCCPV4]: Use proper net to route the reset packet.Pavel Emelyanov2008-04-131-3/+3
| | | | | | | | | The dccp_v4_route_skb used in dccp_v4_ctl_send_reset, currently works with init_net's routing tables - fix it. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Acked-by: Arnaldo Carvalho de Melo <acme@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETNS][DCCPV4]: Actually create ctl socket on each net and use it.Pavel Emelyanov2008-04-131-10/+8
| | | | | | | | | | Move the call to inet_ctl_sock_create to init callback (and inet_ctl_sock_destroy to exit one) and use proper ctl sock in dccp_v4_ctl_send_reset. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Acked-by: Arnaldo Carvalho de Melo <acme@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETNS][DCCPV4]: Move the dccp_v4_ctl_sk on the struct net.Pavel Emelyanov2008-04-131-10/+10
| | | | | | | | And replace all its usage with init_net's socket. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Acked-by: Arnaldo Carvalho de Melo <acme@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETNS][DCCPV4]: Add dummy per-net operations.Pavel Emelyanov2008-04-131-0/+21
| | | | | | | | | They will be responsible for ctl socket initialization, but currently they are void. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Acked-by: Arnaldo Carvalho de Melo <acme@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [TCP]: Remove owner from tcp_seq_afinfo.Denis V. Lunev2008-04-132-3/+6
| | | | | | | Move it to tcp_seq_afinfo->seq_fops as should be. Signed-off-by: Denis V. Lunev <den@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [TCP]: Place file operations directly into tcp_seq_afinfo.Denis V. Lunev2008-04-132-11/+6
| | | | | | | No need to have separate never-used variable. Signed-off-by: Denis V. Lunev <den@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [TCP]: Cleanup /proc/tcp[6] creation/removal.Denis V. Lunev2008-04-131-34/+7
| | | | | | | | Replace seq_open with seq_open_net and remove tcp_seq_release completely. seq_release_net will do this job just fine. Signed-off-by: Denis V. Lunev <den@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [TCP]: Move seq_ops from tcp_iter_state to tcp_seq_afinfo.Denis V. Lunev2008-04-132-7/+11
| | | | | | | No need to create seq_operations for each instance of 'netstat'. Signed-off-by: Denis V. Lunev <den@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [TCP]: No need to check afinfo != NULL in tcp_proc_(un)register.Denis V. Lunev2008-04-131-4/+0
| | | | | | | tcp_proc_register/tcp_proc_unregister are called with a static pointer only. Signed-off-by: Denis V. Lunev <den@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [TCP]: Replace struct net on tcp_iter_state with seq_net_private.Denis V. Lunev2008-04-131-6/+5
| | | | | Signed-off-by: Denis V. Lunev <den@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [INET]: sk_reuse is valboolGerrit Renker2008-04-131-2/+0
| | | | | | | | | sk_reuse is declared as "unsigned char", but is set as type valbool in net/core/sock.c. There is no other place in net/ where sk->sk_reuse is set to a value > 1, so the test "sk_reuse > 1" can not be true. Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [TIPC]: Improve socket time conversionsAllan Stephens2008-04-131-4/+5
| | | | | | | | | | | | This patch modifies TIPC's socket code to use standard kernel routines to handle time conversions between jiffies and ms. This ensures proper operation even when HZ isn't 1000. Acknowledgements to Eric Sesterhenn <snakebyte@gmx.de> for identifying this issue and proposing a solution. Signed-off-by: Allan Stephens <allan.stephens@windriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [TIPC]: Remove redundant socket wait queue initializationAllan Stephens2008-04-131-1/+0
| | | | | | | | This patch eliminates re-initialization of the standard socket wait queue used for sleeping in TIPC's socket creation code. Signed-off-by: Allan Stephens <allan.stephens@windriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* Merge branch 'net-2.6.26-misc-20080412b' of ↵David S. Miller2008-04-1214-146/+212
|\ | | | | | | git://git.linux-ipv6.org/gitroot/yoshfuji/linux-2.6-dev
| * [IPV6]: Fix IPV6_RECVERR for connected raw sockets.YOSHIFUJI Hideaki2008-04-121-2/+4
| | | | | | | | | | | | | | Based on patch from Dmitry Butskoy <buc@odusz.so-cdu.ru>. Closes: 10437 Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
| * [IPv6]: Change IPv6 unspecified destination address to ::1 for raw and ↵Brian Haley2008-04-122-11/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | un-connected sockets This patch fixes a difference between IPv4 and IPv6 when sending packets to the unspecified address (either 0.0.0.0 or ::) when using raw or un-connected UDP sockets. There are two cases where IPv6 either fails to send anything, or sends with the destination address set to ::. For example: --> ping -c1 0.0.0.0 PING 0.0.0.0 (127.0.0.1) 56(84) bytes of data. 64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.032 ms --> ping6 -c1 :: PING ::(::) 56 data bytes ping: sendmsg: Invalid argument Doing a sendto("0.0.0.0") reveals: 10:55:01.495090 IP localhost.32780 > localhost.7639: UDP, length 100 Doing a sendto("::") reveals: 10:56:13.262478 IP6 fe80::217:8ff:fe7d:4718.32779 > ::.7639: UDP, length 100 If you issue a connect() first in the UDP case, it will be sent to ::1, similar to what happens with TCP. This restores the BSD-ism. Signed-off-by: Brian Haley <brian.haley@hp.com> Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
| * [IPV6] MROUTE: Adjust IPV6 multicast routing module to use mroute6 header ↵Rami Rosen2008-04-121-22/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | declarations. - This patch adjusts IPv6 multicast routing module, net/ipv6/ip6mr.c, to use mroute6 header definitions instead of mroute. (MFC6_LINES instead of MFC_LINES, MAXMIFS instead of MAXVIFS, mifi_t instead of vifi_t.) - In addition, inclusion of some headers was removed as it is not needed. Signed-off-by: Rami Rosen <ramirose@gmail.com> Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
| * [IPV6]: Check length of int/boolean optval provided by user in setsockopt().YOSHIFUJI Hideaki2008-04-121-7/+61
| | | | | | | | Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
| * [IPV6]: Check length of optval provided by user in setsockopt().Wang Chen2008-04-121-2/+8
| | | | | | | | | | | | | | | | | | Check length of setsockopt's optval, which provided by user, before copy it from user space. For POSIX compliant, return -EINVAL for setsockopt of short lengths. Signed-off-by: Wang Chen <wangchen@cn.fujitsu.com> Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
| * [IPV6] MIP6: Use our standard definitions for paddings.YOSHIFUJI Hideaki2008-04-121-2/+2
| | | | | | | | | | | | | | MIP6_OPT_PAD_X are actually for paddings in destination option header. Replace them with our standard IPV6_TLV_PADX. Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
| * [IPV6]: Use in6addr_any where appropriate.YOSHIFUJI Hideaki2008-04-122-11/+12
| | | | | | | | Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
| * [IPV6]: Define constants for link-local multicast addresses.YOSHIFUJI Hideaki2008-04-123-37/+16
| | | | | | | | | | | | | | - Define link-local all-node / all-router multicast addresses. - Remove ipv6_addr_all_nodes() and ipv6_addr_all_routers(). Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
| * [IPV6]: Make address arguments const.YOSHIFUJI Hideaki2008-04-125-28/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - net/ipv6/addrconf.c: ipv6_get_ifaddr(), ipv6_dev_get_saddr() - net/ipv6/mcast.c: ipv6_sock_mc_join(), ipv6_sock_mc_drop(), inet6_mc_check(), ipv6_dev_mc_inc(), __ipv6_dev_mc_dec(), ipv6_dev_mc_dec(), ipv6_chk_mcast_addr() - net/ipv6/route.c: rt6_lookup(), icmp6_dst_alloc() - net/ipv6/ip6_output.c: ip6_nd_hdr() - net/ipv6/ndisc.c: ndisc_send_ns(), ndisc_send_rs(), ndisc_send_redirect(), ndisc_get_neigh(), __ndisc_send() Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
| * [IPV6] ADDRCONF: Uninline ipv6_isatap_eui64().YOSHIFUJI Hideaki2008-04-121-2/+24
| | | | | | | | Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
| * [IPV6] ADDRCONF: Uninline ipv6_addr_hash().YOSHIFUJI Hideaki2008-04-121-0/+19
| | | | | | | | | | | | The function is only used in net/ipv6/addrconf.c. Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
| * [IPV6]: Use ipv6_addr_equal() instead of !ipv6_addr_cmp().YOSHIFUJI Hideaki2008-04-112-3/+3
| | | | | | | | Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
| * [IPV6] FIB_RULE: Sparse: fib6_rules_cleanup() is of void.YOSHIFUJI Hideaki2008-04-111-1/+1
| | | | | | | | | | | | | net/ipv6/fib6_rules.c:319:2: warning: returning void-valued expression Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
| * [IPV6]: Sparse: Reuse previous delaration where appropriate.YOSHIFUJI Hideaki2008-04-112-4/+1
| | | | | | | | | | | | | | | | | | | | | | | net/ipv6/ipv6_sockglue.c:162:16: warning: symbol 'net' shadows an earlier one | net/ipv6/ipv6_sockglue.c:111:13: originally declared here | net/ipv6/ipv6_sockglue.c:175:16: warning: symbol 'net' shadows an earlier one | net/ipv6/ipv6_sockglue.c:111:13: originally declared here | net/ipv6/ip6mr.c:1241:10: warning: symbol 'ret' shadows an earlier one | net/ipv6/ip6mr.c:1163:6: originally declared here Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
| * [IPV6] SIT: Sparse: Use NULL pointer instead of 0.YOSHIFUJI Hideaki2008-04-111-1/+1
| | | | | | | | | | | | | net/ipv6/sit.c:382:42: warning: Using plain integer as NULL pointer Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
| * [IPV6]: Kill several warnings without CONFIG_IPV6_MROUTE.YOSHIFUJI Hideaki2008-04-111-14/+12
| | | | | | | | | | | | Pointed out by Andrew Morton <akpm@linux-foundation.org>. Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
* | LSM: Make the Labeled IPsec hooks more stack friendlyPaul Moore2008-04-123-37/+43
| | | | | | | | | | | | | | | | | | | | | | | | The xfrm_get_policy() and xfrm_add_pol_expire() put some rather large structs on the stack to work around the LSM API. This patch attempts to fix that problem by changing the LSM API to require only the relevant "security" pointers instead of the entire SPD entry; we do this for all of the security_xfrm_policy*() functions to keep things consistent. Signed-off-by: Paul Moore <paul.moore@hp.com> Acked-by: James Morris <jmorris@namei.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [AF_UNIX]: Use SEQ_START_TOKENJoe Perches2008-04-121-3/+3
| | | | | | | | | | Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: David S. Miller <davem@davemloft.net>
OpenPOWER on IntegriCloud