X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=include%2Fnet%2Froute.h;h=90cc272b7bd1822bcaa553fe2e306371e6f282dd;hb=1be35e94e1da3669db492995cd2c8b1a37016b11;hp=20bfb3824192de75e6cdeb9b1e2639046ef0cb4c;hpb=a91482bdcc2e0f6035702e46f1b99043a0893346;p=linux-2.6.git

diff --git a/include/net/route.h b/include/net/route.h
index 20bfb3824..90cc272b7 100644
--- a/include/net/route.h
+++ b/include/net/route.h
@@ -37,6 +37,7 @@
 #include <linux/vs_context.h>
 #include <linux/vs_network.h>
 
+
 #ifndef __KERNEL__
 #warning This file is not supposed to be used outside of kernel.
 #endif
@@ -132,7 +133,7 @@ extern void		ip_rt_send_redirect(struct sk_buff *skb);
 
 extern unsigned		inet_addr_type(u32 addr);
 extern void		ip_rt_multicast_event(struct in_device *);
-extern int		ip_rt_ioctl(unsigned int cmd, void __user *arg);
+extern int		ip_rt_ioctl(unsigned int cmd, void *arg);
 extern void		ip_rt_get_source(u8 *src, struct rtable *rt);
 extern int		ip_rt_dump(struct sk_buff *skb,  struct netlink_callback *cb);
 
@@ -151,6 +152,59 @@ static inline char rt_tos2priority(u8 tos)
 	return ip_tos2prio[IPTOS_TOS(tos)>>1];
 }
 
+#define IPI_LOOPBACK	0x0100007f
+
+static inline int ip_find_src(struct nx_info *nxi, struct rtable **rp, struct flowi *fl)
+{
+	int err;
+	int i, n = nxi->nbipv4;
+	u32 ipv4root = nxi->ipv4[0];
+
+	if (ipv4root == 0)
+		return 0;
+
+	if (fl->fl4_src == 0) {
+		if (n > 1) {
+			u32 foundsrc;
+
+			err = __ip_route_output_key(rp, fl);
+			if (err) {
+				fl->fl4_src = ipv4root;
+				err = __ip_route_output_key(rp, fl);
+			}
+			if (err)
+				return err;
+
+			foundsrc = (*rp)->rt_src;
+			ip_rt_put(*rp);
+
+			for (i=0; i<n; i++){
+				u32 mask = nxi->mask[i];
+				u32 ipv4 = nxi->ipv4[i];
+				u32 net4 = ipv4 & mask;
+
+				if (foundsrc == ipv4) {
+					fl->fl4_src = ipv4;
+					break;
+				}
+				if (!fl->fl4_src && (foundsrc & mask) == net4)
+					fl->fl4_src = ipv4;
+			}
+		}
+		if (fl->fl4_src == 0)
+			fl->fl4_src = (fl->fl4_dst == IPI_LOOPBACK)
+				? IPI_LOOPBACK : ipv4root;
+	} else {
+		for (i=0; i<n; i++) {
+			if (nxi->ipv4[i] == fl->fl4_src)
+				break;
+		}
+		if (i == n)
+			return -EPERM;
+	}
+	return 0;
+}
+
 static inline int ip_route_connect(struct rtable **rp, u32 dst,
 				   u32 src, u32 tos, int oif, u8 protocol,
 				   u16 sport, u16 dport, struct sock *sk)
@@ -165,7 +219,22 @@ static inline int ip_route_connect(struct rtable **rp, u32 dst,
 					 .dport = dport } } };
 
 	int err;
-	if (!dst || !src) {
+	struct nx_info *nx_info = current->nx_info;
+
+	if (sk)
+		nx_info = sk->sk_nx_info;
+	vxdprintk("ip_route_connect(%p) %p,%p;%lx\n",
+		sk, nx_info, sk->sk_socket,
+		(sk->sk_socket?sk->sk_socket->flags:0));
+
+	if (nx_info) {
+		err = ip_find_src(nx_info, rp, &fl);
+		if (err)
+			return err;
+		if (fl.fl4_dst == IPI_LOOPBACK && !vx_check(0, VX_ADMIN))
+			fl.fl4_dst = nx_info->ipv4[0];
+	}	
+	if (!fl.fl4_dst || !fl.fl4_src) {
 		err = __ip_route_output_key(rp, &fl);
 		if (err)
 			return err;