1 diff -Nurb linux-2.6.22-510/net/core/dev.c linux-2.6.22-520/net/core/dev.c
2 --- linux-2.6.22-510/net/core/dev.c 2008-06-06 17:07:48.000000000 -0400
3 +++ linux-2.6.22-520/net/core/dev.c 2008-06-06 17:07:56.000000000 -0400
5 * the ingress scheduler, you just cant add policies on ingress.
9 static int ing_filter(struct sk_buff *skb)
12 @@ -1832,13 +1833,20 @@
16 +/* The code already makes the assumption that packet handlers run
17 + * sequentially on the same CPU. -Sapan */
18 +DEFINE_PER_CPU(int, sknid_elevator);
20 int netif_receive_skb(struct sk_buff *skb)
22 struct packet_type *ptype, *pt_prev;
23 struct net_device *orig_dev;
24 int ret = NET_RX_DROP;
25 + int *cur_elevator=&__get_cpu_var(sknid_elevator);
30 /* if we've gotten here through NAPI, check netpoll */
31 if (skb->dev->poll && netpoll_rx(skb))
35 list_for_each_entry_rcu(ptype, &ptype_all, list) {
36 if (!ptype->dev || ptype->dev == skb->dev) {
39 ret = deliver_skb(skb, pt_prev, orig_dev);
44 @@ -1912,8 +1921,22 @@
48 + /* We don't want the packet handlers to throw the packet away
49 + * if we want the taps to treat it again - Sapan */
50 + if (*cur_elevator) {
51 + atomic_inc(&skb->users);
55 ret = pt_prev->func(skb, skb->dev, pt_prev, orig_dev);
56 + if (*cur_elevator > 0) {
57 + skb->skb_tag = *cur_elevator;
58 + list_for_each_entry_rcu(ptype, &ptype_all, list) {
59 + if (!ptype->dev || ptype->dev == skb->dev) {
60 + ret = deliver_skb(skb, ptype, orig_dev);
66 /* Jamal, now you will not able to escape explaining
67 @@ -1922,6 +1945,13 @@
71 + if (*cur_elevator) {
72 + /* We have a packet */
82 EXPORT_SYMBOL(net_enable_timestamp);
83 EXPORT_SYMBOL(net_disable_timestamp);
84 EXPORT_SYMBOL(dev_get_flags);
85 +EXPORT_PER_CPU_SYMBOL(sknid_elevator);
87 #if defined(CONFIG_BRIDGE) || defined(CONFIG_BRIDGE_MODULE)
88 EXPORT_SYMBOL(br_handle_frame_hook);
89 diff -Nurb linux-2.6.22-510/net/packet/af_packet.c linux-2.6.22-520/net/packet/af_packet.c
90 --- linux-2.6.22-510/net/packet/af_packet.c 2007-07-08 19:32:17.000000000 -0400
91 +++ linux-2.6.22-520/net/packet/af_packet.c 2008-06-07 18:30:41.000000000 -0400
93 #include <linux/poll.h>
94 #include <linux/module.h>
95 #include <linux/init.h>
96 +#include <linux/vs_network.h>
99 #include <net/inet_common.h>
100 @@ -246,10 +247,13 @@
102 static const struct proto_ops packet_ops_spkt;
104 +extern DEFINE_PER_CPU(int, sknid_elevator);
105 static int packet_rcv_spkt(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt, struct net_device *orig_dev)
108 struct sockaddr_pkt *spkt;
109 + int tag = skb->skb_tag;
110 + int *elevator=&__get_cpu_var(sknid_elevator);
113 * When we registered the protocol we saved the socket in the data
115 * so that this procedure is noop.
119 + * (18:05:41) daniel_hozac: where?
120 + * (18:05:58) daniel_hozac: we already have filters on PF_PACKET, don't we?
121 + * (18:05:58) er: in packet_rcv_skpt
122 + * (18:07:33) daniel_hozac: oh, that's evil.
125 + if (sk->sk_nx_info && !(tag == 1 || sk->sk_nid == tag)) {
129 + else if (!sk->sk_nx_info && *elevator) {
130 + /* Root has already seen this packet */
134 if (skb->pkt_type == PACKET_LOOPBACK)
141 + if (!nx_capable(CAP_NET_RAW, NXC_RAW_SEND))
145 * Get and verify the address.
150 struct sk_filter *filter;
151 + int tag = skb->skb_tag;
152 + int *elevator=&__get_cpu_var(sknid_elevator);
154 + if (sk->sk_nx_info && !(tag == 1 || sk->sk_nid == tag)) {
158 + else if (!sk->sk_nx_info && *elevator) {
159 + /* Root has already seen this packet */
164 filter = rcu_dereference(sk->sk_filter);
167 int ifindex, err, reserve = 0;
169 + if (!nx_capable(CAP_NET_RAW, NXC_RAW_SEND))
173 * Get and verify the address.
176 __be16 proto = (__force __be16)protocol; /* weird, but documented */
179 - if (!capable(CAP_NET_RAW))
180 + if (!nx_capable(CAP_NET_RAW, NXC_RAW_SOCKET))
183 if (sock->type != SOCK_DGRAM && sock->type != SOCK_RAW &&
184 sock->type != SOCK_PACKET)
185 return -ESOCKTNOSUPPORT;