From 78df1548cd0b8a5e4e26717225e4e23c3c9682ff Mon Sep 17 00:00:00 2001 From: Sapan Bhatia Date: Thu, 20 Mar 2008 05:34:13 +0000 Subject: [PATCH] A ton of fixes --- linux-2.6-520-vnet+.patch | 67 +- linux-2.6-595-vserver-new-netns.patch | 14593 ++++++++++++------------ 2 files changed, 7411 insertions(+), 7249 deletions(-) diff --git a/linux-2.6-520-vnet+.patch b/linux-2.6-520-vnet+.patch index f1aaa0b31..e282b277c 100644 --- a/linux-2.6-520-vnet+.patch +++ b/linux-2.6-520-vnet+.patch @@ -1,6 +1,6 @@ diff -Nurb linux-2.6.22-510/include/linux/netfilter/xt_MARK.h linux-2.6.22-520/include/linux/netfilter/xt_MARK.h --- linux-2.6.22-510/include/linux/netfilter/xt_MARK.h 2007-07-08 19:32:17.000000000 -0400 -+++ linux-2.6.22-520/include/linux/netfilter/xt_MARK.h 2008-03-18 15:37:05.000000000 -0400 ++++ linux-2.6.22-520/include/linux/netfilter/xt_MARK.h 2008-03-20 01:27:27.000000000 -0400 @@ -11,6 +11,7 @@ XT_MARK_SET=0, XT_MARK_AND, @@ -11,7 +11,7 @@ diff -Nurb linux-2.6.22-510/include/linux/netfilter/xt_MARK.h linux-2.6.22-520/i struct xt_mark_target_info_v1 { diff -Nurb linux-2.6.22-510/include/linux/netfilter/xt_SETXID.h linux-2.6.22-520/include/linux/netfilter/xt_SETXID.h --- linux-2.6.22-510/include/linux/netfilter/xt_SETXID.h 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22-520/include/linux/netfilter/xt_SETXID.h 2008-03-18 15:37:05.000000000 -0400 ++++ linux-2.6.22-520/include/linux/netfilter/xt_SETXID.h 2008-03-20 01:27:27.000000000 -0400 @@ -0,0 +1,14 @@ +#ifndef _XT_SETXID_H_target +#define _XT_SETXID_H_target @@ -29,7 +29,7 @@ diff -Nurb linux-2.6.22-510/include/linux/netfilter/xt_SETXID.h linux-2.6.22-520 +#endif /*_XT_SETXID_H_target*/ diff -Nurb linux-2.6.22-510/include/linux/netfilter_ipv4/ipt_MARK.h linux-2.6.22-520/include/linux/netfilter_ipv4/ipt_MARK.h --- linux-2.6.22-510/include/linux/netfilter_ipv4/ipt_MARK.h 2007-07-08 19:32:17.000000000 -0400 -+++ linux-2.6.22-520/include/linux/netfilter_ipv4/ipt_MARK.h 2008-03-18 15:37:05.000000000 -0400 ++++ linux-2.6.22-520/include/linux/netfilter_ipv4/ipt_MARK.h 2008-03-20 01:27:27.000000000 -0400 @@ -12,6 +12,7 @@ #define IPT_MARK_SET XT_MARK_SET #define IPT_MARK_AND XT_MARK_AND @@ -40,7 +40,7 @@ diff -Nurb linux-2.6.22-510/include/linux/netfilter_ipv4/ipt_MARK.h linux-2.6.22 diff -Nurb linux-2.6.22-510/include/linux/netfilter_ipv4/ipt_SETXID.h linux-2.6.22-520/include/linux/netfilter_ipv4/ipt_SETXID.h --- linux-2.6.22-510/include/linux/netfilter_ipv4/ipt_SETXID.h 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22-520/include/linux/netfilter_ipv4/ipt_SETXID.h 2008-03-18 15:37:05.000000000 -0400 ++++ linux-2.6.22-520/include/linux/netfilter_ipv4/ipt_SETXID.h 2008-03-20 01:27:27.000000000 -0400 @@ -0,0 +1,13 @@ +#ifndef _IPT_SETXID_H_target +#define _IPT_SETXID_H_target @@ -57,7 +57,7 @@ diff -Nurb linux-2.6.22-510/include/linux/netfilter_ipv4/ipt_SETXID.h linux-2.6. +#endif /*_IPT_SETXID_H_target*/ diff -Nurb linux-2.6.22-510/include/linux/skbuff.h linux-2.6.22-520/include/linux/skbuff.h --- linux-2.6.22-510/include/linux/skbuff.h 2007-07-08 19:32:17.000000000 -0400 -+++ linux-2.6.22-520/include/linux/skbuff.h 2008-03-18 15:37:05.000000000 -0400 ++++ linux-2.6.22-520/include/linux/skbuff.h 2008-03-20 01:27:27.000000000 -0400 @@ -302,6 +302,7 @@ #endif @@ -68,7 +68,7 @@ diff -Nurb linux-2.6.22-510/include/linux/skbuff.h linux-2.6.22-520/include/linu sk_buff_data_t network_header; diff -Nurb linux-2.6.22-510/include/linux/socket.h linux-2.6.22-520/include/linux/socket.h --- linux-2.6.22-510/include/linux/socket.h 2007-07-08 19:32:17.000000000 -0400 -+++ linux-2.6.22-520/include/linux/socket.h 2008-03-18 15:37:05.000000000 -0400 ++++ linux-2.6.22-520/include/linux/socket.h 2008-03-20 01:27:27.000000000 -0400 @@ -288,6 +288,8 @@ #define SOL_TIPC 271 #define SOL_RXRPC 272 @@ -79,8 +79,8 @@ diff -Nurb linux-2.6.22-510/include/linux/socket.h linux-2.6.22-520/include/linu #define IPX_TYPE 1 diff -Nurb linux-2.6.22-510/include/linux/vserver/network.h linux-2.6.22-520/include/linux/vserver/network.h ---- linux-2.6.22-510/include/linux/vserver/network.h 2008-03-18 15:36:03.000000000 -0400 -+++ linux-2.6.22-520/include/linux/vserver/network.h 2008-03-18 15:37:05.000000000 -0400 +--- linux-2.6.22-510/include/linux/vserver/network.h 2008-03-20 01:27:21.000000000 -0400 ++++ linux-2.6.22-520/include/linux/vserver/network.h 2008-03-20 01:27:27.000000000 -0400 @@ -44,6 +44,8 @@ /* network caps */ @@ -92,7 +92,7 @@ diff -Nurb linux-2.6.22-510/include/linux/vserver/network.h linux-2.6.22-520/inc /* address types */ diff -Nurb linux-2.6.22-510/include/linux/vserver/network.h.orig.orig linux-2.6.22-520/include/linux/vserver/network.h.orig.orig --- linux-2.6.22-510/include/linux/vserver/network.h.orig.orig 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22-520/include/linux/vserver/network.h.orig.orig 2008-03-18 15:36:03.000000000 -0400 ++++ linux-2.6.22-520/include/linux/vserver/network.h.orig.orig 2008-03-20 01:27:27.000000000 -0400 @@ -0,0 +1,143 @@ +#ifndef _VX_NETWORK_H +#define _VX_NETWORK_H @@ -239,7 +239,7 @@ diff -Nurb linux-2.6.22-510/include/linux/vserver/network.h.orig.orig linux-2.6. +#endif /* _VX_NETWORK_H */ diff -Nurb linux-2.6.22-510/include/net/netfilter/nf_conntrack.h linux-2.6.22-520/include/net/netfilter/nf_conntrack.h --- linux-2.6.22-510/include/net/netfilter/nf_conntrack.h 2007-07-08 19:32:17.000000000 -0400 -+++ linux-2.6.22-520/include/net/netfilter/nf_conntrack.h 2008-03-18 15:37:13.000000000 -0400 ++++ linux-2.6.22-520/include/net/netfilter/nf_conntrack.h 2008-03-20 01:27:27.000000000 -0400 @@ -131,6 +131,9 @@ /* Storage reserved for other modules: */ union nf_conntrack_proto proto; @@ -252,7 +252,7 @@ diff -Nurb linux-2.6.22-510/include/net/netfilter/nf_conntrack.h linux-2.6.22-52 }; diff -Nurb linux-2.6.22-510/include/net/raw.h linux-2.6.22-520/include/net/raw.h --- linux-2.6.22-510/include/net/raw.h 2007-07-08 19:32:17.000000000 -0400 -+++ linux-2.6.22-520/include/net/raw.h 2008-03-18 15:37:13.000000000 -0400 ++++ linux-2.6.22-520/include/net/raw.h 2008-03-20 01:27:27.000000000 -0400 @@ -36,7 +36,7 @@ extern struct sock *__raw_v4_lookup(struct sock *sk, unsigned short num, @@ -264,7 +264,7 @@ diff -Nurb linux-2.6.22-510/include/net/raw.h linux-2.6.22-520/include/net/raw.h diff -Nurb linux-2.6.22-510/net/core/skbuff.c linux-2.6.22-520/net/core/skbuff.c --- linux-2.6.22-510/net/core/skbuff.c 2007-07-08 19:32:17.000000000 -0400 -+++ linux-2.6.22-520/net/core/skbuff.c 2008-03-18 15:37:13.000000000 -0400 ++++ linux-2.6.22-520/net/core/skbuff.c 2008-03-20 01:27:27.000000000 -0400 @@ -56,6 +56,7 @@ #include #include @@ -299,8 +299,8 @@ diff -Nurb linux-2.6.22-510/net/core/skbuff.c linux-2.6.22-520/net/core/skbuff.c skb_shinfo(new)->gso_size = skb_shinfo(old)->gso_size; skb_shinfo(new)->gso_segs = skb_shinfo(old)->gso_segs; diff -Nurb linux-2.6.22-510/net/core/sock.c linux-2.6.22-520/net/core/sock.c ---- linux-2.6.22-510/net/core/sock.c 2008-03-18 15:36:03.000000000 -0400 -+++ linux-2.6.22-520/net/core/sock.c 2008-03-18 15:37:13.000000000 -0400 +--- linux-2.6.22-510/net/core/sock.c 2008-03-20 01:27:22.000000000 -0400 ++++ linux-2.6.22-520/net/core/sock.c 2008-03-20 01:27:27.000000000 -0400 @@ -444,6 +444,19 @@ } goto set_sndbuf; @@ -331,8 +331,8 @@ diff -Nurb linux-2.6.22-510/net/core/sock.c linux-2.6.22-520/net/core/sock.c break; } diff -Nurb linux-2.6.22-510/net/ipv4/af_inet.c linux-2.6.22-520/net/ipv4/af_inet.c ---- linux-2.6.22-510/net/ipv4/af_inet.c 2008-03-18 15:36:03.000000000 -0400 -+++ linux-2.6.22-520/net/ipv4/af_inet.c 2008-03-18 15:37:13.000000000 -0400 +--- linux-2.6.22-510/net/ipv4/af_inet.c 2008-03-20 01:27:22.000000000 -0400 ++++ linux-2.6.22-520/net/ipv4/af_inet.c 2008-03-20 01:27:27.000000000 -0400 @@ -178,6 +178,8 @@ return -EAGAIN; } @@ -353,8 +353,8 @@ diff -Nurb linux-2.6.22-510/net/ipv4/af_inet.c linux-2.6.22-520/net/ipv4/af_inet goto out_rcu_unlock; override: diff -Nurb linux-2.6.22-510/net/ipv4/icmp.c linux-2.6.22-520/net/ipv4/icmp.c ---- linux-2.6.22-510/net/ipv4/icmp.c 2008-03-18 15:36:09.000000000 -0400 -+++ linux-2.6.22-520/net/ipv4/icmp.c 2008-03-18 15:37:13.000000000 -0400 +--- linux-2.6.22-510/net/ipv4/icmp.c 2008-03-20 01:27:26.000000000 -0400 ++++ linux-2.6.22-520/net/ipv4/icmp.c 2008-03-20 01:27:27.000000000 -0400 @@ -709,7 +709,7 @@ if ((raw_sk = sk_head(&raw_v4_htable[hash])) != NULL) { while ((raw_sk = __raw_v4_lookup(raw_sk, protocol, iph->daddr, @@ -366,7 +366,7 @@ diff -Nurb linux-2.6.22-510/net/ipv4/icmp.c linux-2.6.22-520/net/ipv4/icmp.c iph = (struct iphdr *)skb->data; diff -Nurb linux-2.6.22-510/net/ipv4/ip_options.c linux-2.6.22-520/net/ipv4/ip_options.c --- linux-2.6.22-510/net/ipv4/ip_options.c 2007-07-08 19:32:17.000000000 -0400 -+++ linux-2.6.22-520/net/ipv4/ip_options.c 2008-03-18 15:37:13.000000000 -0400 ++++ linux-2.6.22-520/net/ipv4/ip_options.c 2008-03-20 01:27:27.000000000 -0400 @@ -409,7 +409,7 @@ optptr[2] += 8; break; @@ -395,8 +395,8 @@ diff -Nurb linux-2.6.22-510/net/ipv4/ip_options.c linux-2.6.22-520/net/ipv4/ip_o goto error; } diff -Nurb linux-2.6.22-510/net/ipv4/netfilter/ipt_LOG.c linux-2.6.22-520/net/ipv4/netfilter/ipt_LOG.c ---- linux-2.6.22-510/net/ipv4/netfilter/ipt_LOG.c 2008-03-18 15:35:49.000000000 -0400 -+++ linux-2.6.22-520/net/ipv4/netfilter/ipt_LOG.c 2008-03-18 15:37:13.000000000 -0400 +--- linux-2.6.22-510/net/ipv4/netfilter/ipt_LOG.c 2008-03-20 01:27:10.000000000 -0400 ++++ linux-2.6.22-520/net/ipv4/netfilter/ipt_LOG.c 2008-03-20 01:27:27.000000000 -0400 @@ -49,6 +49,8 @@ else logflags = NF_LOG_MASK; @@ -407,8 +407,8 @@ diff -Nurb linux-2.6.22-510/net/ipv4/netfilter/ipt_LOG.c linux-2.6.22-520/net/ip if (ih == NULL) { printk("TRUNCATED"); diff -Nurb linux-2.6.22-510/net/ipv4/raw.c linux-2.6.22-520/net/ipv4/raw.c ---- linux-2.6.22-510/net/ipv4/raw.c 2008-03-18 15:36:03.000000000 -0400 -+++ linux-2.6.22-520/net/ipv4/raw.c 2008-03-18 15:37:13.000000000 -0400 +--- linux-2.6.22-510/net/ipv4/raw.c 2008-03-20 01:27:22.000000000 -0400 ++++ linux-2.6.22-520/net/ipv4/raw.c 2008-03-20 01:27:27.000000000 -0400 @@ -103,7 +103,7 @@ struct sock *__raw_v4_lookup(struct sock *sk, unsigned short num, @@ -455,7 +455,7 @@ diff -Nurb linux-2.6.22-510/net/ipv4/raw.c linux-2.6.22-520/net/ipv4/raw.c goto error_free; diff -Nurb linux-2.6.22-510/net/netfilter/Kconfig linux-2.6.22-520/net/netfilter/Kconfig --- linux-2.6.22-510/net/netfilter/Kconfig 2007-07-08 19:32:17.000000000 -0400 -+++ linux-2.6.22-520/net/netfilter/Kconfig 2008-03-18 15:37:14.000000000 -0400 ++++ linux-2.6.22-520/net/netfilter/Kconfig 2008-03-20 01:27:27.000000000 -0400 @@ -389,6 +389,13 @@ To compile it as a module, choose M here. If unsure, say N. @@ -472,7 +472,7 @@ diff -Nurb linux-2.6.22-510/net/netfilter/Kconfig linux-2.6.22-520/net/netfilter depends on NETFILTER_XTABLES diff -Nurb linux-2.6.22-510/net/netfilter/Makefile linux-2.6.22-520/net/netfilter/Makefile --- linux-2.6.22-510/net/netfilter/Makefile 2007-07-08 19:32:17.000000000 -0400 -+++ linux-2.6.22-520/net/netfilter/Makefile 2008-03-18 15:37:14.000000000 -0400 ++++ linux-2.6.22-520/net/netfilter/Makefile 2008-03-20 01:27:27.000000000 -0400 @@ -37,6 +37,7 @@ obj-$(CONFIG_NETFILTER_XTABLES) += x_tables.o xt_tcpudp.o @@ -483,7 +483,7 @@ diff -Nurb linux-2.6.22-510/net/netfilter/Makefile linux-2.6.22-520/net/netfilte obj-$(CONFIG_NETFILTER_XT_TARGET_DSCP) += xt_DSCP.o diff -Nurb linux-2.6.22-510/net/netfilter/nf_conntrack_core.c linux-2.6.22-520/net/netfilter/nf_conntrack_core.c --- linux-2.6.22-510/net/netfilter/nf_conntrack_core.c 2007-07-08 19:32:17.000000000 -0400 -+++ linux-2.6.22-520/net/netfilter/nf_conntrack_core.c 2008-03-18 15:37:14.000000000 -0400 ++++ linux-2.6.22-520/net/netfilter/nf_conntrack_core.c 2008-03-20 01:27:27.000000000 -0400 @@ -726,6 +726,8 @@ /* Overload tuple linked list to put us in unconfirmed list. */ @@ -495,7 +495,7 @@ diff -Nurb linux-2.6.22-510/net/netfilter/nf_conntrack_core.c linux-2.6.22-520/n diff -Nurb linux-2.6.22-510/net/netfilter/xt_MARK.c linux-2.6.22-520/net/netfilter/xt_MARK.c --- linux-2.6.22-510/net/netfilter/xt_MARK.c 2007-07-08 19:32:17.000000000 -0400 -+++ linux-2.6.22-520/net/netfilter/xt_MARK.c 2008-03-18 15:38:23.000000000 -0400 ++++ linux-2.6.22-520/net/netfilter/xt_MARK.c 2008-03-20 01:30:14.000000000 -0400 @@ -5,13 +5,18 @@ * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 as @@ -573,7 +573,7 @@ diff -Nurb linux-2.6.22-510/net/netfilter/xt_MARK.c linux-2.6.22-520/net/netfilt switch (markinfo->mode) { case XT_MARK_SET: -@@ -58,8 +105,58 @@ +@@ -58,8 +105,61 @@ case XT_MARK_OR: mark = (*pskb)->mark | markinfo->mark; break; @@ -609,11 +609,14 @@ diff -Nurb linux-2.6.22-510/net/netfilter/xt_MARK.c linux-2.6.22-520/net/netfilt + + } + else if (proto == 6) { ++ /* + if ((*pskb)->sk) + connection_sk = (*pskb)->sk; + else { + connection_sk = inet_lookup(&tcp_hashinfo, src_ip, src_port, ip, port, dif); + } ++ */ ++ conncetion_sk = (*pskb)->sk; + + if (connection_sk) { + connection_sk->sk_peercred.gid = connection_sk->sk_peercred.uid = ct->xid[dir]; @@ -632,7 +635,7 @@ diff -Nurb linux-2.6.22-510/net/netfilter/xt_MARK.c linux-2.6.22-520/net/netfilt (*pskb)->mark = mark; return XT_CONTINUE; } -@@ -92,7 +189,8 @@ +@@ -92,7 +192,8 @@ if (markinfo->mode != XT_MARK_SET && markinfo->mode != XT_MARK_AND @@ -644,7 +647,7 @@ diff -Nurb linux-2.6.22-510/net/netfilter/xt_MARK.c linux-2.6.22-520/net/netfilt return 0; diff -Nurb linux-2.6.22-510/net/netfilter/xt_MARK.c.orig linux-2.6.22-520/net/netfilter/xt_MARK.c.orig --- linux-2.6.22-510/net/netfilter/xt_MARK.c.orig 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22-520/net/netfilter/xt_MARK.c.orig 2008-03-18 15:37:14.000000000 -0400 ++++ linux-2.6.22-520/net/netfilter/xt_MARK.c.orig 2008-03-20 01:27:27.000000000 -0400 @@ -0,0 +1,284 @@ +/* This is a module which is used for setting the NFMARK field of an skb. */ + @@ -932,7 +935,7 @@ diff -Nurb linux-2.6.22-510/net/netfilter/xt_MARK.c.orig linux-2.6.22-520/net/ne +module_exit(xt_mark_fini); diff -Nurb linux-2.6.22-510/net/netfilter/xt_SETXID.c linux-2.6.22-520/net/netfilter/xt_SETXID.c --- linux-2.6.22-510/net/netfilter/xt_SETXID.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22-520/net/netfilter/xt_SETXID.c 2008-03-18 15:37:14.000000000 -0400 ++++ linux-2.6.22-520/net/netfilter/xt_SETXID.c 2008-03-20 01:27:27.000000000 -0400 @@ -0,0 +1,79 @@ +#include +#include @@ -1015,7 +1018,7 @@ diff -Nurb linux-2.6.22-510/net/netfilter/xt_SETXID.c linux-2.6.22-520/net/netfi +module_exit(fini); diff -Nurb linux-2.6.22-510/net/packet/af_packet.c linux-2.6.22-520/net/packet/af_packet.c --- linux-2.6.22-510/net/packet/af_packet.c 2007-07-08 19:32:17.000000000 -0400 -+++ linux-2.6.22-520/net/packet/af_packet.c 2008-03-18 15:37:14.000000000 -0400 ++++ linux-2.6.22-520/net/packet/af_packet.c 2008-03-20 01:27:27.000000000 -0400 @@ -78,6 +78,7 @@ #include #include diff --git a/linux-2.6-595-vserver-new-netns.patch b/linux-2.6-595-vserver-new-netns.patch index c2d92cd65..95ce4ef9a 100644 --- a/linux-2.6-595-vserver-new-netns.patch +++ b/linux-2.6-595-vserver-new-netns.patch @@ -1,5 +1,5 @@ diff -Nurb linux-2.6.22-594/include/linux/vserver/network.h.orig.orig linux-2.6.22-595/include/linux/vserver/network.h.orig.orig ---- linux-2.6.22-594/include/linux/vserver/network.h.orig.orig 2008-03-20 00:04:54.000000000 -0400 +--- linux-2.6.22-594/include/linux/vserver/network.h.orig.orig 2008-03-20 01:27:27.000000000 -0400 +++ linux-2.6.22-595/include/linux/vserver/network.h.orig.orig 1969-12-31 19:00:00.000000000 -0500 @@ -1,143 +0,0 @@ -#ifndef _VX_NETWORK_H @@ -146,7 +146,7 @@ diff -Nurb linux-2.6.22-594/include/linux/vserver/network.h.orig.orig linux-2.6. -#endif /* __KERNEL__ */ -#endif /* _VX_NETWORK_H */ diff -Nurb linux-2.6.22-594/kernel/nsproxy.c.orig linux-2.6.22-595/kernel/nsproxy.c.orig ---- linux-2.6.22-594/kernel/nsproxy.c.orig 2008-03-20 00:05:18.000000000 -0400 +--- linux-2.6.22-594/kernel/nsproxy.c.orig 2008-03-20 01:27:50.000000000 -0400 +++ linux-2.6.22-595/kernel/nsproxy.c.orig 1969-12-31 19:00:00.000000000 -0500 @@ -1,264 +0,0 @@ -/* @@ -414,7 +414,7 @@ diff -Nurb linux-2.6.22-594/kernel/nsproxy.c.orig linux-2.6.22-595/kernel/nsprox - -module_init(nsproxy_cache_init); diff -Nurb linux-2.6.22-594/kernel/user.c.orig linux-2.6.22-595/kernel/user.c.orig ---- linux-2.6.22-594/kernel/user.c.orig 2008-03-20 00:05:18.000000000 -0400 +--- linux-2.6.22-594/kernel/user.c.orig 2008-03-20 01:27:50.000000000 -0400 +++ linux-2.6.22-595/kernel/user.c.orig 1969-12-31 19:00:00.000000000 -0500 @@ -1,227 +0,0 @@ -/* @@ -645,8 +645,8 @@ diff -Nurb linux-2.6.22-594/kernel/user.c.orig linux-2.6.22-595/kernel/user.c.or - -module_init(uid_cache_init); diff -Nurb linux-2.6.22-594/kernel/vserver/context.c linux-2.6.22-595/kernel/vserver/context.c ---- linux-2.6.22-594/kernel/vserver/context.c 2008-03-20 00:04:46.000000000 -0400 -+++ linux-2.6.22-595/kernel/vserver/context.c 2008-03-20 00:13:22.000000000 -0400 +--- linux-2.6.22-594/kernel/vserver/context.c 2008-03-20 01:27:21.000000000 -0400 ++++ linux-2.6.22-595/kernel/vserver/context.c 2008-03-20 01:28:00.000000000 -0400 @@ -589,13 +589,13 @@ struct nsproxy *old_nsp, *new_nsp; @@ -672,7910 +672,8069 @@ diff -Nurb linux-2.6.22-594/kernel/vserver/context.c linux-2.6.22-595/kernel/vse if (ret) goto out; -diff -Nurb linux-2.6.22-594/kernel/vserver/context.c.orig linux-2.6.22-595/kernel/vserver/context.c.orig ---- linux-2.6.22-594/kernel/vserver/context.c.orig 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22-595/kernel/vserver/context.c.orig 2008-03-20 00:04:46.000000000 -0400 -@@ -0,0 +1,966 @@ +diff -Nurb linux-2.6.22-594/kernel/vserver/space.c linux-2.6.22-595/kernel/vserver/space.c +--- linux-2.6.22-594/kernel/vserver/space.c 2008-03-20 01:27:54.000000000 -0400 ++++ linux-2.6.22-595/kernel/vserver/space.c 2008-03-20 01:28:00.000000000 -0400 +@@ -15,6 +15,7 @@ + #include + #include + #include ++#include + #include + + #include +@@ -55,6 +56,7 @@ + struct mnt_namespace *old_ns; + struct uts_namespace *old_uts; + struct ipc_namespace *old_ipc; ++ struct net *old_net; + struct nsproxy *nsproxy; + + nsproxy = copy_nsproxy(old_nsproxy); +@@ -85,12 +87,26 @@ + } else + old_ipc = NULL; + ++ if (mask & CLONE_NEWNET) { ++ old_net = nsproxy->net_ns; ++ nsproxy->net_ns = new_nsproxy->net_ns; ++ if (nsproxy->net_ns) { ++ get_net(nsproxy->net_ns); ++ printk(KERN_ALERT "Cloning network namespace\n"); ++ } ++ } else ++ old_net = NULL; ++ ++ + if (old_ns) + put_mnt_ns(old_ns); + if (old_uts) + put_uts_ns(old_uts); + if (old_ipc) + put_ipc_ns(old_ipc); ++ if (old_net) ++ put_net(old_net); ++ + out: + return nsproxy; + } +@@ -251,6 +267,7 @@ + + int vc_enter_space(struct vx_info *vxi, void __user *data) + { ++ /* Ask dhozac how to pass this flag from user space - Sapan*/ + struct vcmd_space_mask vc_data = { .mask = 0 }; + + if (data && copy_from_user(&vc_data, data, sizeof(vc_data))) +diff -Nurb linux-2.6.22-594/net/core/dev.c linux-2.6.22-595/net/core/dev.c +--- linux-2.6.22-594/net/core/dev.c 2008-03-20 01:27:55.000000000 -0400 ++++ linux-2.6.22-595/net/core/dev.c 2008-03-20 01:32:22.000000000 -0400 +@@ -2207,7 +2207,7 @@ + + total = 0; + for_each_netdev(net, dev) { +- if (!nx_dev_visible(current->nx_info, dev)) ++ if (net==&init_net && !nx_dev_visible(current->nx_info, dev)) + continue; + for (i = 0; i < NPROTO; i++) { + if (gifconf_list[i]) { +@@ -2274,8 +2274,9 @@ + static void dev_seq_printf_stats(struct seq_file *seq, struct net_device *dev) + { + struct net_device_stats *stats = dev->get_stats(dev); ++ struct net *net = seq->private; + +- if (!nx_dev_visible(current->nx_info, dev)) ++ if (net==&init_net && !nx_dev_visible(current->nx_info, dev)) + return; + + seq_printf(seq, "%6s:%8lu %7lu %4lu %4lu %4lu %5lu %10lu %9lu " +diff -Nurb linux-2.6.22-594/net/core/dev.c.orig linux-2.6.22-595/net/core/dev.c.orig +--- linux-2.6.22-594/net/core/dev.c.orig 1969-12-31 19:00:00.000000000 -0500 ++++ linux-2.6.22-595/net/core/dev.c.orig 2008-03-20 01:27:55.000000000 -0400 +@@ -0,0 +1,4141 @@ +/* -+ * linux/kernel/vserver/context.c ++ * NET3 Protocol independent device support routines. + * -+ * Virtual Server: Context Support ++ * This program is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU General Public License ++ * as published by the Free Software Foundation; either version ++ * 2 of the License, or (at your option) any later version. + * -+ * Copyright (C) 2003-2007 Herbert Pƶtzl ++ * Derived from the non IP parts of dev.c 1.0.19 ++ * Authors: Ross Biro ++ * Fred N. van Kempen, ++ * Mark Evans, + * -+ * V0.01 context helper -+ * V0.02 vx_ctx_kill syscall command -+ * V0.03 replaced context_info calls -+ * V0.04 redesign of struct (de)alloc -+ * V0.05 rlimit basic implementation -+ * V0.06 task_xid and info commands -+ * V0.07 context flags and caps -+ * V0.08 switch to RCU based hash -+ * V0.09 revert to non RCU for now -+ * V0.10 and back to working RCU hash -+ * V0.11 and back to locking again -+ * V0.12 referenced context store -+ * V0.13 separate per cpu data -+ * V0.14 changed vcmds to vxi arg -+ * V0.15 added context stat -+ * V0.16 have __create claim() the vxi -+ * V0.17 removed older and legacy stuff ++ * Additional Authors: ++ * Florian la Roche ++ * Alan Cox ++ * David Hinds ++ * Alexey Kuznetsov ++ * Adam Sulmicki ++ * Pekka Riikonen + * ++ * Changes: ++ * D.J. Barrow : Fixed bug where dev->refcnt gets set ++ * to 2 if register_netdev gets called ++ * before net_dev_init & also removed a ++ * few lines of code in the process. ++ * Alan Cox : device private ioctl copies fields back. ++ * Alan Cox : Transmit queue code does relevant ++ * stunts to keep the queue safe. ++ * Alan Cox : Fixed double lock. ++ * Alan Cox : Fixed promisc NULL pointer trap ++ * ???????? : Support the full private ioctl range ++ * Alan Cox : Moved ioctl permission check into ++ * drivers ++ * Tim Kordas : SIOCADDMULTI/SIOCDELMULTI ++ * Alan Cox : 100 backlog just doesn't cut it when ++ * you start doing multicast video 8) ++ * Alan Cox : Rewrote net_bh and list manager. ++ * Alan Cox : Fix ETH_P_ALL echoback lengths. ++ * Alan Cox : Took out transmit every packet pass ++ * Saved a few bytes in the ioctl handler ++ * Alan Cox : Network driver sets packet type before ++ * calling netif_rx. Saves a function ++ * call a packet. ++ * Alan Cox : Hashed net_bh() ++ * Richard Kooijman: Timestamp fixes. ++ * Alan Cox : Wrong field in SIOCGIFDSTADDR ++ * Alan Cox : Device lock protection. ++ * Alan Cox : Fixed nasty side effect of device close ++ * changes. ++ * Rudi Cilibrasi : Pass the right thing to ++ * set_mac_address() ++ * Dave Miller : 32bit quantity for the device lock to ++ * make it work out on a Sparc. ++ * Bjorn Ekwall : Added KERNELD hack. ++ * Alan Cox : Cleaned up the backlog initialise. ++ * Craig Metz : SIOCGIFCONF fix if space for under ++ * 1 device. ++ * Thomas Bogendoerfer : Return ENODEV for dev_open, if there ++ * is no device open function. ++ * Andi Kleen : Fix error reporting for SIOCGIFCONF ++ * Michael Chastain : Fix signed/unsigned for SIOCGIFCONF ++ * Cyrus Durgin : Cleaned for KMOD ++ * Adam Sulmicki : Bug Fix : Network Device Unload ++ * A network device unload needs to purge ++ * the backlog queue. ++ * Paul Rusty Russell : SIOCSIFNAME ++ * Pekka Riikonen : Netdev boot-time settings code ++ * Andrew Morton : Make unregister_netdevice wait ++ * indefinitely on dev->refcnt ++ * J Hadi Salim : - Backlog queue sampling ++ * - netif_rx() feedback + */ + -+#include ++#include ++#include ++#include ++#include ++#include +#include -+#include -+ -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#include -+#include -+#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include + -+#include "cvirt_init.h" -+#include "cacct_init.h" -+#include "limit_init.h" -+#include "sched_init.h" ++/* ++ * The list of packet types we will receive (as opposed to discard) ++ * and the routines to invoke. ++ * ++ * Why 16. Because with 16 the only overlap we get on a hash of the ++ * low nibble of the protocol value is RARP/SNAP/X.25. ++ * ++ * NOTE: That is no longer true with the addition of VLAN tags. Not ++ * sure which should go first, but I bet it won't make much ++ * difference if we are running VLANs. The good news is that ++ * this protocol won't be in the list unless compiled in, so ++ * the average user (w/out VLANs) will not be adversely affected. ++ * --BLG ++ * ++ * 0800 IP ++ * 8100 802.1Q VLAN ++ * 0001 802.3 ++ * 0002 AX.25 ++ * 0004 802.2 ++ * 8035 RARP ++ * 0005 SNAP ++ * 0805 X.25 ++ * 0806 ARP ++ * 8137 IPX ++ * 0009 Localtalk ++ * 86DD IPv6 ++ */ + ++static DEFINE_SPINLOCK(ptype_lock); ++static struct list_head ptype_base[16] __read_mostly; /* 16 way hashed list */ ++static struct list_head ptype_all __read_mostly; /* Taps */ + -+atomic_t vx_global_ctotal = ATOMIC_INIT(0); -+atomic_t vx_global_cactive = ATOMIC_INIT(0); ++#ifdef CONFIG_NET_DMA ++struct net_dma { ++ struct dma_client client; ++ spinlock_t lock; ++ cpumask_t channel_mask; ++ struct dma_chan *channels[NR_CPUS]; ++}; + ++static enum dma_state_client ++netdev_dma_event(struct dma_client *client, struct dma_chan *chan, ++ enum dma_state state); + -+/* now inactive context structures */ ++static struct net_dma net_dma = { ++ .client = { ++ .event_callback = netdev_dma_event, ++ }, ++}; ++#endif + -+static struct hlist_head vx_info_inactive = HLIST_HEAD_INIT; ++/* ++ * The @dev_base_head list is protected by @dev_base_lock and the rtnl ++ * semaphore. ++ * ++ * Pure readers hold dev_base_lock for reading. ++ * ++ * Writers must hold the rtnl semaphore while they loop through the ++ * dev_base_head list, and hold dev_base_lock for writing when they do the ++ * actual updates. This allows pure readers to access the list even ++ * while a writer is preparing to update it. ++ * ++ * To put it another way, dev_base_lock is held for writing only to ++ * protect against pure readers; the rtnl semaphore provides the ++ * protection against other writers. ++ * ++ * See, for example usages, register_netdevice() and ++ * unregister_netdevice(), which must be called with the rtnl ++ * semaphore held. ++ */ ++DEFINE_RWLOCK(dev_base_lock); + -+static spinlock_t vx_info_inactive_lock = SPIN_LOCK_UNLOCKED; ++EXPORT_SYMBOL(dev_base_lock); + ++#define NETDEV_HASHBITS 8 ++#define NETDEV_HASHENTRIES (1 << NETDEV_HASHBITS) + -+/* __alloc_vx_info() ++static inline struct hlist_head *dev_name_hash(struct net *net, const char *name) ++{ ++ unsigned hash = full_name_hash(name, strnlen(name, IFNAMSIZ)); ++ return &net->dev_name_head[hash & ((1 << NETDEV_HASHBITS) - 1)]; ++} + -+ * allocate an initialized vx_info struct -+ * doesn't make it visible (hash) */ ++static inline struct hlist_head *dev_index_hash(struct net *net, int ifindex) ++{ ++ return &net->dev_index_head[ifindex & ((1 << NETDEV_HASHBITS) - 1)]; ++} + -+static struct vx_info *__alloc_vx_info(xid_t xid) ++/* Device list insertion */ ++static int list_netdevice(struct net_device *dev) +{ -+ struct vx_info *new = NULL; -+ int cpu; ++ struct net *net = dev->nd_net; + -+ vxdprintk(VXD_CBIT(xid, 0), "alloc_vx_info(%d)*", xid); ++ ASSERT_RTNL(); + -+ /* would this benefit from a slab cache? */ -+ new = kmalloc(sizeof(struct vx_info), GFP_KERNEL); -+ if (!new) -+ return 0; ++ write_lock_bh(&dev_base_lock); ++ list_add_tail(&dev->dev_list, &net->dev_base_head); ++ hlist_add_head(&dev->name_hlist, dev_name_hash(net, dev->name)); ++ hlist_add_head(&dev->index_hlist, dev_index_hash(net, dev->ifindex)); ++ write_unlock_bh(&dev_base_lock); ++ return 0; ++} + -+ memset(new, 0, sizeof(struct vx_info)); -+#ifdef CONFIG_SMP -+ new->ptr_pc = alloc_percpu(struct _vx_info_pc); -+ if (!new->ptr_pc) -+ goto error; -+#endif -+ new->vx_id = xid; -+ INIT_HLIST_NODE(&new->vx_hlist); -+ atomic_set(&new->vx_usecnt, 0); -+ atomic_set(&new->vx_tasks, 0); -+ new->vx_parent = NULL; -+ new->vx_state = 0; -+ init_waitqueue_head(&new->vx_wait); -+ -+ /* prepare reaper */ -+ get_task_struct(init_pid_ns.child_reaper); -+ new->vx_reaper = init_pid_ns.child_reaper; -+ new->vx_badness_bias = 0; -+ -+ /* rest of init goes here */ -+ vx_info_init_limit(&new->limit); -+ vx_info_init_sched(&new->sched); -+ vx_info_init_cvirt(&new->cvirt); -+ vx_info_init_cacct(&new->cacct); -+ -+ /* per cpu data structures */ -+ for_each_possible_cpu(cpu) { -+ vx_info_init_sched_pc( -+ &vx_per_cpu(new, sched_pc, cpu), cpu); -+ vx_info_init_cvirt_pc( -+ &vx_per_cpu(new, cvirt_pc, cpu), cpu); -+ } ++/* Device list removal */ ++static void unlist_netdevice(struct net_device *dev) ++{ ++ ASSERT_RTNL(); + -+ new->vx_flags = VXF_INIT_SET; -+ new->vx_bcaps = CAP_INIT_EFF_SET; -+ new->vx_ccaps = 0; -+ new->vx_cap_bset = cap_bset; ++ /* Unlink dev from the device chain */ ++ write_lock_bh(&dev_base_lock); ++ list_del(&dev->dev_list); ++ hlist_del(&dev->name_hlist); ++ hlist_del(&dev->index_hlist); ++ write_unlock_bh(&dev_base_lock); ++} + -+ new->reboot_cmd = 0; -+ new->exit_code = 0; ++/* ++ * Our notifier list ++ */ + -+ new->vx_nsproxy = copy_nsproxy(current->nsproxy); ++static RAW_NOTIFIER_HEAD(netdev_chain); + -+ vxdprintk(VXD_CBIT(xid, 0), -+ "alloc_vx_info(%d) = %p", xid, new); -+ vxh_alloc_vx_info(new); -+ atomic_inc(&vx_global_ctotal); -+ return new; -+#ifdef CONFIG_SMP -+error: -+ kfree(new); -+ return 0; ++/* ++ * Device drivers call our routines to queue packets here. We empty the ++ * queue in the local softnet handler. ++ */ ++DEFINE_PER_CPU(struct softnet_data, softnet_data) = { NULL }; ++ ++#ifdef CONFIG_SYSFS ++extern int netdev_sysfs_init(void); ++extern int netdev_register_sysfs(struct net_device *); ++extern void netdev_unregister_sysfs(struct net_device *); ++#else ++#define netdev_sysfs_init() (0) ++#define netdev_register_sysfs(dev) (0) ++#define netdev_unregister_sysfs(dev) do { } while(0) +#endif -+} + -+/* __dealloc_vx_info() ++#ifdef CONFIG_DEBUG_LOCK_ALLOC ++/* ++ * register_netdevice() inits dev->_xmit_lock and sets lockdep class ++ * according to dev->type ++ */ ++static const unsigned short netdev_lock_type[] = ++ {ARPHRD_NETROM, ARPHRD_ETHER, ARPHRD_EETHER, ARPHRD_AX25, ++ ARPHRD_PRONET, ARPHRD_CHAOS, ARPHRD_IEEE802, ARPHRD_ARCNET, ++ ARPHRD_APPLETLK, ARPHRD_DLCI, ARPHRD_ATM, ARPHRD_METRICOM, ++ ARPHRD_IEEE1394, ARPHRD_EUI64, ARPHRD_INFINIBAND, ARPHRD_SLIP, ++ ARPHRD_CSLIP, ARPHRD_SLIP6, ARPHRD_CSLIP6, ARPHRD_RSRVD, ++ ARPHRD_ADAPT, ARPHRD_ROSE, ARPHRD_X25, ARPHRD_HWX25, ++ ARPHRD_PPP, ARPHRD_CISCO, ARPHRD_LAPB, ARPHRD_DDCMP, ++ ARPHRD_RAWHDLC, ARPHRD_TUNNEL, ARPHRD_TUNNEL6, ARPHRD_FRAD, ++ ARPHRD_SKIP, ARPHRD_LOOPBACK, ARPHRD_LOCALTLK, ARPHRD_FDDI, ++ ARPHRD_BIF, ARPHRD_SIT, ARPHRD_IPDDP, ARPHRD_IPGRE, ++ ARPHRD_PIMREG, ARPHRD_HIPPI, ARPHRD_ASH, ARPHRD_ECONET, ++ ARPHRD_IRDA, ARPHRD_FCPP, ARPHRD_FCAL, ARPHRD_FCPL, ++ ARPHRD_FCFABRIC, ARPHRD_IEEE802_TR, ARPHRD_IEEE80211, ++ ARPHRD_IEEE80211_PRISM, ARPHRD_IEEE80211_RADIOTAP, ARPHRD_VOID, ++ ARPHRD_NONE}; ++ ++static const char *netdev_lock_name[] = ++ {"_xmit_NETROM", "_xmit_ETHER", "_xmit_EETHER", "_xmit_AX25", ++ "_xmit_PRONET", "_xmit_CHAOS", "_xmit_IEEE802", "_xmit_ARCNET", ++ "_xmit_APPLETLK", "_xmit_DLCI", "_xmit_ATM", "_xmit_METRICOM", ++ "_xmit_IEEE1394", "_xmit_EUI64", "_xmit_INFINIBAND", "_xmit_SLIP", ++ "_xmit_CSLIP", "_xmit_SLIP6", "_xmit_CSLIP6", "_xmit_RSRVD", ++ "_xmit_ADAPT", "_xmit_ROSE", "_xmit_X25", "_xmit_HWX25", ++ "_xmit_PPP", "_xmit_CISCO", "_xmit_LAPB", "_xmit_DDCMP", ++ "_xmit_RAWHDLC", "_xmit_TUNNEL", "_xmit_TUNNEL6", "_xmit_FRAD", ++ "_xmit_SKIP", "_xmit_LOOPBACK", "_xmit_LOCALTLK", "_xmit_FDDI", ++ "_xmit_BIF", "_xmit_SIT", "_xmit_IPDDP", "_xmit_IPGRE", ++ "_xmit_PIMREG", "_xmit_HIPPI", "_xmit_ASH", "_xmit_ECONET", ++ "_xmit_IRDA", "_xmit_FCPP", "_xmit_FCAL", "_xmit_FCPL", ++ "_xmit_FCFABRIC", "_xmit_IEEE802_TR", "_xmit_IEEE80211", ++ "_xmit_IEEE80211_PRISM", "_xmit_IEEE80211_RADIOTAP", "_xmit_VOID", ++ "_xmit_NONE"}; ++ ++static struct lock_class_key netdev_xmit_lock_key[ARRAY_SIZE(netdev_lock_type)]; ++ ++static inline unsigned short netdev_lock_pos(unsigned short dev_type) ++{ ++ int i; + -+ * final disposal of vx_info */ ++ for (i = 0; i < ARRAY_SIZE(netdev_lock_type); i++) ++ if (netdev_lock_type[i] == dev_type) ++ return i; ++ /* the last key is used by default */ ++ return ARRAY_SIZE(netdev_lock_type) - 1; ++} + -+static void __dealloc_vx_info(struct vx_info *vxi) ++static inline void netdev_set_lockdep_class(spinlock_t *lock, ++ unsigned short dev_type) +{ -+ int cpu; ++ int i; + -+ vxdprintk(VXD_CBIT(xid, 0), -+ "dealloc_vx_info(%p)", vxi); -+ vxh_dealloc_vx_info(vxi); ++ i = netdev_lock_pos(dev_type); ++ lockdep_set_class_and_name(lock, &netdev_xmit_lock_key[i], ++ netdev_lock_name[i]); ++} ++#else ++static inline void netdev_set_lockdep_class(spinlock_t *lock, ++ unsigned short dev_type) ++{ ++} ++#endif + -+ vxi->vx_id = -1; ++/******************************************************************************* + -+ vx_info_exit_limit(&vxi->limit); -+ vx_info_exit_sched(&vxi->sched); -+ vx_info_exit_cvirt(&vxi->cvirt); -+ vx_info_exit_cacct(&vxi->cacct); ++ Protocol management and registration routines + -+ for_each_possible_cpu(cpu) { -+ vx_info_exit_sched_pc( -+ &vx_per_cpu(vxi, sched_pc, cpu), cpu); -+ vx_info_exit_cvirt_pc( -+ &vx_per_cpu(vxi, cvirt_pc, cpu), cpu); -+ } ++*******************************************************************************/ + -+ vxi->vx_state |= VXS_RELEASED; ++/* ++ * Add a protocol ID to the list. Now that the input handler is ++ * smarter we can dispense with all the messy stuff that used to be ++ * here. ++ * ++ * BEWARE!!! Protocol handlers, mangling input packets, ++ * MUST BE last in hash buckets and checking protocol handlers ++ * MUST start from promiscuous ptype_all chain in net_bh. ++ * It is true now, do not change it. ++ * Explanation follows: if protocol handler, mangling packet, will ++ * be the first on list, it is not able to sense, that packet ++ * is cloned and should be copied-on-write, so that it will ++ * change it and subsequent readers will get broken packet. ++ * --ANK (980803) ++ */ + -+#ifdef CONFIG_SMP -+ free_percpu(vxi->ptr_pc); -+#endif -+ kfree(vxi); -+ atomic_dec(&vx_global_ctotal); -+} ++/** ++ * dev_add_pack - add packet handler ++ * @pt: packet type declaration ++ * ++ * Add a protocol handler to the networking stack. The passed &packet_type ++ * is linked into kernel lists and may not be freed until it has been ++ * removed from the kernel lists. ++ * ++ * This call does not sleep therefore it can not ++ * guarantee all CPU's that are in middle of receiving packets ++ * will see the new packet type (until the next received packet). ++ */ + -+static void __shutdown_vx_info(struct vx_info *vxi) ++void dev_add_pack(struct packet_type *pt) +{ -+ struct nsproxy *nsproxy; -+ struct fs_struct *fs; -+ -+ might_sleep(); ++ int hash; + -+ vxi->vx_state |= VXS_SHUTDOWN; -+ vs_state_change(vxi, VSC_SHUTDOWN); -+ -+ nsproxy = xchg(&vxi->vx_nsproxy, NULL); -+ fs = xchg(&vxi->vx_fs, NULL); -+ -+ if (nsproxy) -+ put_nsproxy(nsproxy); -+ if (fs) -+ put_fs_struct(fs); ++ spin_lock_bh(&ptype_lock); ++ if (pt->type == htons(ETH_P_ALL)) ++ list_add_rcu(&pt->list, &ptype_all); ++ else { ++ hash = ntohs(pt->type) & 15; ++ list_add_rcu(&pt->list, &ptype_base[hash]); ++ } ++ spin_unlock_bh(&ptype_lock); +} + -+/* exported stuff */ -+ -+void free_vx_info(struct vx_info *vxi) ++/** ++ * __dev_remove_pack - remove packet handler ++ * @pt: packet type declaration ++ * ++ * Remove a protocol handler that was previously added to the kernel ++ * protocol handlers by dev_add_pack(). The passed &packet_type is removed ++ * from the kernel lists and can be freed or reused once this function ++ * returns. ++ * ++ * The packet type might still be in use by receivers ++ * and must not be freed until after all the CPU's have gone ++ * through a quiescent state. ++ */ ++void __dev_remove_pack(struct packet_type *pt) +{ -+ unsigned long flags; ++ struct list_head *head; ++ struct packet_type *pt1; + -+ /* check for reference counts first */ -+ BUG_ON(atomic_read(&vxi->vx_usecnt)); -+ BUG_ON(atomic_read(&vxi->vx_tasks)); ++ spin_lock_bh(&ptype_lock); + -+ /* context must not be hashed */ -+ BUG_ON(vx_info_state(vxi, VXS_HASHED)); -+ -+ /* context shutdown is mandatory */ -+ BUG_ON(!vx_info_state(vxi, VXS_SHUTDOWN)); ++ if (pt->type == htons(ETH_P_ALL)) ++ head = &ptype_all; ++ else ++ head = &ptype_base[ntohs(pt->type) & 15]; + -+ BUG_ON(vxi->vx_nsproxy); -+ BUG_ON(vxi->vx_fs); ++ list_for_each_entry(pt1, head, list) { ++ if (pt == pt1) { ++ list_del_rcu(&pt->list); ++ goto out; ++ } ++ } + -+ spin_lock_irqsave(&vx_info_inactive_lock, flags); -+ hlist_del(&vxi->vx_hlist); -+ spin_unlock_irqrestore(&vx_info_inactive_lock, flags); ++ printk(KERN_WARNING "dev_remove_pack: %p not found.\n", pt); ++out: ++ spin_unlock_bh(&ptype_lock); ++} ++/** ++ * dev_remove_pack - remove packet handler ++ * @pt: packet type declaration ++ * ++ * Remove a protocol handler that was previously added to the kernel ++ * protocol handlers by dev_add_pack(). The passed &packet_type is removed ++ * from the kernel lists and can be freed or reused once this function ++ * returns. ++ * ++ * This call sleeps to guarantee that no CPU is looking at the packet ++ * type after return. ++ */ ++void dev_remove_pack(struct packet_type *pt) ++{ ++ __dev_remove_pack(pt); + -+ __dealloc_vx_info(vxi); ++ synchronize_net(); +} + ++/****************************************************************************** + -+/* hash table for vx_info hash */ ++ Device Boot-time Settings Routines + -+#define VX_HASH_SIZE 13 ++*******************************************************************************/ + -+static struct hlist_head vx_info_hash[VX_HASH_SIZE] = -+ { [0 ... VX_HASH_SIZE-1] = HLIST_HEAD_INIT }; ++/* Boot time configuration table */ ++static struct netdev_boot_setup dev_boot_setup[NETDEV_BOOT_SETUP_MAX]; + -+static spinlock_t vx_info_hash_lock = SPIN_LOCK_UNLOCKED; ++/** ++ * netdev_boot_setup_add - add new setup entry ++ * @name: name of the device ++ * @map: configured settings for the device ++ * ++ * Adds new setup entry to the dev_boot_setup list. The function ++ * returns 0 on error and 1 on success. This is a generic routine to ++ * all netdevices. ++ */ ++static int netdev_boot_setup_add(char *name, struct ifmap *map) ++{ ++ struct netdev_boot_setup *s; ++ int i; + ++ s = dev_boot_setup; ++ for (i = 0; i < NETDEV_BOOT_SETUP_MAX; i++) { ++ if (s[i].name[0] == '\0' || s[i].name[0] == ' ') { ++ memset(s[i].name, 0, sizeof(s[i].name)); ++ strcpy(s[i].name, name); ++ memcpy(&s[i].map, map, sizeof(s[i].map)); ++ break; ++ } ++ } + -+static inline unsigned int __hashval(xid_t xid) -+{ -+ return (xid % VX_HASH_SIZE); ++ return i >= NETDEV_BOOT_SETUP_MAX ? 0 : 1; +} + ++/** ++ * netdev_boot_setup_check - check boot time settings ++ * @dev: the netdevice ++ * ++ * Check boot time settings for the device. ++ * The found settings are set for the device to be used ++ * later in the device probing. ++ * Returns 0 if no settings found, 1 if they are. ++ */ ++int netdev_boot_setup_check(struct net_device *dev) ++{ ++ struct netdev_boot_setup *s = dev_boot_setup; ++ int i; + ++ for (i = 0; i < NETDEV_BOOT_SETUP_MAX; i++) { ++ if (s[i].name[0] != '\0' && s[i].name[0] != ' ' && ++ !strncmp(dev->name, s[i].name, strlen(s[i].name))) { ++ dev->irq = s[i].map.irq; ++ dev->base_addr = s[i].map.base_addr; ++ dev->mem_start = s[i].map.mem_start; ++ dev->mem_end = s[i].map.mem_end; ++ return 1; ++ } ++ } ++ return 0; ++} + -+/* __hash_vx_info() -+ -+ * add the vxi to the global hash table -+ * requires the hash_lock to be held */ + -+static inline void __hash_vx_info(struct vx_info *vxi) ++/** ++ * netdev_boot_base - get address from boot time settings ++ * @prefix: prefix for network device ++ * @unit: id for network device ++ * ++ * Check boot time settings for the base address of device. ++ * The found settings are set for the device to be used ++ * later in the device probing. ++ * Returns 0 if no settings found. ++ */ ++unsigned long netdev_boot_base(const char *prefix, int unit) +{ -+ struct hlist_head *head; ++ const struct netdev_boot_setup *s = dev_boot_setup; ++ char name[IFNAMSIZ]; ++ int i; + -+ vxd_assert_lock(&vx_info_hash_lock); -+ vxdprintk(VXD_CBIT(xid, 4), -+ "__hash_vx_info: %p[#%d]", vxi, vxi->vx_id); -+ vxh_hash_vx_info(vxi); ++ sprintf(name, "%s%d", prefix, unit); + -+ /* context must not be hashed */ -+ BUG_ON(vx_info_state(vxi, VXS_HASHED)); ++ /* ++ * If device already registered then return base of 1 ++ * to indicate not to probe for this interface ++ */ ++ if (__dev_get_by_name(&init_net, name)) ++ return 1; + -+ vxi->vx_state |= VXS_HASHED; -+ head = &vx_info_hash[__hashval(vxi->vx_id)]; -+ hlist_add_head(&vxi->vx_hlist, head); -+ atomic_inc(&vx_global_cactive); ++ for (i = 0; i < NETDEV_BOOT_SETUP_MAX; i++) ++ if (!strcmp(name, s[i].name)) ++ return s[i].map.base_addr; ++ return 0; +} + -+/* __unhash_vx_info() ++/* ++ * Saves at boot time configured settings for any netdevice. ++ */ ++int __init netdev_boot_setup(char *str) ++{ ++ int ints[5]; ++ struct ifmap map; + -+ * remove the vxi from the global hash table -+ * requires the hash_lock to be held */ ++ str = get_options(str, ARRAY_SIZE(ints), ints); ++ if (!str || !*str) ++ return 0; + -+static inline void __unhash_vx_info(struct vx_info *vxi) -+{ -+ unsigned long flags; ++ /* Save settings */ ++ memset(&map, 0, sizeof(map)); ++ if (ints[0] > 0) ++ map.irq = ints[1]; ++ if (ints[0] > 1) ++ map.base_addr = ints[2]; ++ if (ints[0] > 2) ++ map.mem_start = ints[3]; ++ if (ints[0] > 3) ++ map.mem_end = ints[4]; + -+ vxd_assert_lock(&vx_info_hash_lock); -+ vxdprintk(VXD_CBIT(xid, 4), -+ "__unhash_vx_info: %p[#%d.%d.%d]", vxi, vxi->vx_id, -+ atomic_read(&vxi->vx_usecnt), atomic_read(&vxi->vx_tasks)); -+ vxh_unhash_vx_info(vxi); -+ -+ /* context must be hashed */ -+ BUG_ON(!vx_info_state(vxi, VXS_HASHED)); -+ /* but without tasks */ -+ BUG_ON(atomic_read(&vxi->vx_tasks)); -+ -+ vxi->vx_state &= ~VXS_HASHED; -+ hlist_del_init(&vxi->vx_hlist); -+ spin_lock_irqsave(&vx_info_inactive_lock, flags); -+ hlist_add_head(&vxi->vx_hlist, &vx_info_inactive); -+ spin_unlock_irqrestore(&vx_info_inactive_lock, flags); -+ atomic_dec(&vx_global_cactive); ++ /* Add new entry to the list */ ++ return netdev_boot_setup_add(str, &map); +} + ++__setup("netdev=", netdev_boot_setup); + -+/* __lookup_vx_info() ++/******************************************************************************* + -+ * requires the hash_lock to be held -+ * doesn't increment the vx_refcnt */ ++ Device Interface Subroutines + -+static inline struct vx_info *__lookup_vx_info(xid_t xid) -+{ -+ struct hlist_head *head = &vx_info_hash[__hashval(xid)]; -+ struct hlist_node *pos; -+ struct vx_info *vxi; ++*******************************************************************************/ ++ ++/** ++ * __dev_get_by_name - find a device by its name ++ * @name: name to find ++ * ++ * Find an interface by name. Must be called under RTNL semaphore ++ * or @dev_base_lock. If the name is found a pointer to the device ++ * is returned. If the name is not found then %NULL is returned. The ++ * reference counters are not incremented so the caller must be ++ * careful with locks. ++ */ + -+ vxd_assert_lock(&vx_info_hash_lock); -+ hlist_for_each(pos, head) { -+ vxi = hlist_entry(pos, struct vx_info, vx_hlist); ++struct net_device *__dev_get_by_name(struct net *net, const char *name) ++{ ++ struct hlist_node *p; + -+ if (vxi->vx_id == xid) -+ goto found; ++ hlist_for_each(p, dev_name_hash(net, name)) { ++ struct net_device *dev ++ = hlist_entry(p, struct net_device, name_hlist); ++ if (!strncmp(dev->name, name, IFNAMSIZ)) ++ return dev; + } -+ vxi = NULL; -+found: -+ vxdprintk(VXD_CBIT(xid, 0), -+ "__lookup_vx_info(#%u): %p[#%u]", -+ xid, vxi, vxi ? vxi->vx_id : 0); -+ vxh_lookup_vx_info(vxi, xid); -+ return vxi; ++ return NULL; +} + ++/** ++ * dev_get_by_name - find a device by its name ++ * @name: name to find ++ * ++ * Find an interface by name. This can be called from any ++ * context and does its own locking. The returned handle has ++ * the usage count incremented and the caller must use dev_put() to ++ * release it when it is no longer needed. %NULL is returned if no ++ * matching device is found. ++ */ + -+/* __create_vx_info() -+ -+ * create the requested context -+ * get(), claim() and hash it */ -+ -+static struct vx_info *__create_vx_info(int id) ++struct net_device *dev_get_by_name(struct net *net, const char *name) +{ -+ struct vx_info *new, *vxi = NULL; ++ struct net_device *dev; + -+ vxdprintk(VXD_CBIT(xid, 1), "create_vx_info(%d)*", id); ++ read_lock(&dev_base_lock); ++ dev = __dev_get_by_name(net, name); ++ if (dev) ++ dev_hold(dev); ++ read_unlock(&dev_base_lock); ++ return dev; ++} + -+ if (!(new = __alloc_vx_info(id))) -+ return ERR_PTR(-ENOMEM); ++/** ++ * __dev_get_by_index - find a device by its ifindex ++ * @ifindex: index of device ++ * ++ * Search for an interface by index. Returns %NULL if the device ++ * is not found or a pointer to the device. The device has not ++ * had its reference counter increased so the caller must be careful ++ * about locking. The caller must hold either the RTNL semaphore ++ * or @dev_base_lock. ++ */ + -+ /* required to make dynamic xids unique */ -+ spin_lock(&vx_info_hash_lock); ++struct net_device *__dev_get_by_index(struct net *net, int ifindex) ++{ ++ struct hlist_node *p; + -+ /* static context requested */ -+ if ((vxi = __lookup_vx_info(id))) { -+ vxdprintk(VXD_CBIT(xid, 0), -+ "create_vx_info(%d) = %p (already there)", id, vxi); -+ if (vx_info_flags(vxi, VXF_STATE_SETUP, 0)) -+ vxi = ERR_PTR(-EBUSY); -+ else -+ vxi = ERR_PTR(-EEXIST); -+ goto out_unlock; ++ hlist_for_each(p, dev_index_hash(net, ifindex)) { ++ struct net_device *dev ++ = hlist_entry(p, struct net_device, index_hlist); ++ if (dev->ifindex == ifindex) ++ return dev; + } -+ /* new context */ -+ vxdprintk(VXD_CBIT(xid, 0), -+ "create_vx_info(%d) = %p (new)", id, new); -+ claim_vx_info(new, NULL); -+ __hash_vx_info(get_vx_info(new)); -+ vxi = new, new = NULL; -+ -+out_unlock: -+ spin_unlock(&vx_info_hash_lock); -+ vxh_create_vx_info(IS_ERR(vxi) ? NULL : vxi, id); -+ if (new) -+ __dealloc_vx_info(new); -+ return vxi; ++ return NULL; +} + + -+/* exported stuff */ -+ ++/** ++ * dev_get_by_index - find a device by its ifindex ++ * @ifindex: index of device ++ * ++ * Search for an interface by index. Returns NULL if the device ++ * is not found or a pointer to the device. The device returned has ++ * had a reference added and the pointer is safe until the user calls ++ * dev_put to indicate they have finished with it. ++ */ + -+void unhash_vx_info(struct vx_info *vxi) ++struct net_device *dev_get_by_index(struct net *net, int ifindex) +{ -+ __shutdown_vx_info(vxi); -+ spin_lock(&vx_info_hash_lock); -+ __unhash_vx_info(vxi); -+ spin_unlock(&vx_info_hash_lock); -+ __wakeup_vx_info(vxi); ++ struct net_device *dev; ++ ++ read_lock(&dev_base_lock); ++ dev = __dev_get_by_index(net, ifindex); ++ if (dev) ++ dev_hold(dev); ++ read_unlock(&dev_base_lock); ++ return dev; +} + ++/** ++ * dev_getbyhwaddr - find a device by its hardware address ++ * @type: media type of device ++ * @ha: hardware address ++ * ++ * Search for an interface by MAC address. Returns NULL if the device ++ * is not found or a pointer to the device. The caller must hold the ++ * rtnl semaphore. The returned device has not had its ref count increased ++ * and the caller must therefore be careful about locking ++ * ++ * BUGS: ++ * If the API was consistent this would be __dev_get_by_hwaddr ++ */ + -+/* lookup_vx_info() ++struct net_device *dev_getbyhwaddr(struct net *net, unsigned short type, char *ha) ++{ ++ struct net_device *dev; + -+ * search for a vx_info and get() it -+ * negative id means current */ ++ ASSERT_RTNL(); + -+struct vx_info *lookup_vx_info(int id) -+{ -+ struct vx_info *vxi = NULL; -+ -+ if (id < 0) { -+ vxi = get_vx_info(current->vx_info); -+ } else if (id > 1) { -+ spin_lock(&vx_info_hash_lock); -+ vxi = get_vx_info(__lookup_vx_info(id)); -+ spin_unlock(&vx_info_hash_lock); -+ } -+ return vxi; -+} ++ for_each_netdev(&init_net, dev) ++ if (dev->type == type && ++ !memcmp(dev->dev_addr, ha, dev->addr_len)) ++ return dev; + -+/* xid_is_hashed() ++ return NULL; ++} + -+ * verify that xid is still hashed */ ++EXPORT_SYMBOL(dev_getbyhwaddr); + -+int xid_is_hashed(xid_t xid) ++struct net_device *__dev_getfirstbyhwtype(struct net *net, unsigned short type) +{ -+ int hashed; ++ struct net_device *dev; + -+ spin_lock(&vx_info_hash_lock); -+ hashed = (__lookup_vx_info(xid) != NULL); -+ spin_unlock(&vx_info_hash_lock); -+ return hashed; -+} -+ -+#ifdef CONFIG_PROC_FS ++ ASSERT_RTNL(); ++ for_each_netdev(net, dev) ++ if (dev->type == type) ++ return dev; + -+/* get_xid_list() ++ return NULL; ++} + -+ * get a subset of hashed xids for proc -+ * assumes size is at least one */ ++EXPORT_SYMBOL(__dev_getfirstbyhwtype); + -+int get_xid_list(int index, unsigned int *xids, int size) ++struct net_device *dev_getfirstbyhwtype(struct net *net, unsigned short type) +{ -+ int hindex, nr_xids = 0; ++ struct net_device *dev; + -+ /* only show current and children */ -+ if (!vx_check(0, VS_ADMIN | VS_WATCH)) { -+ if (index > 0) -+ return 0; -+ xids[nr_xids] = vx_current_xid(); -+ return 1; -+ } ++ rtnl_lock(); ++ dev = __dev_getfirstbyhwtype(net, type); ++ if (dev) ++ dev_hold(dev); ++ rtnl_unlock(); ++ return dev; ++} + -+ for (hindex = 0; hindex < VX_HASH_SIZE; hindex++) { -+ struct hlist_head *head = &vx_info_hash[hindex]; -+ struct hlist_node *pos; ++EXPORT_SYMBOL(dev_getfirstbyhwtype); + -+ spin_lock(&vx_info_hash_lock); -+ hlist_for_each(pos, head) { -+ struct vx_info *vxi; ++/** ++ * dev_get_by_flags - find any device with given flags ++ * @if_flags: IFF_* values ++ * @mask: bitmask of bits in if_flags to check ++ * ++ * Search for any interface with the given flags. Returns NULL if a device ++ * is not found or a pointer to the device. The device returned has ++ * had a reference added and the pointer is safe until the user calls ++ * dev_put to indicate they have finished with it. ++ */ + -+ if (--index > 0) -+ continue; ++struct net_device * dev_get_by_flags(struct net *net, unsigned short if_flags, unsigned short mask) ++{ ++ struct net_device *dev, *ret; + -+ vxi = hlist_entry(pos, struct vx_info, vx_hlist); -+ xids[nr_xids] = vxi->vx_id; -+ if (++nr_xids >= size) { -+ spin_unlock(&vx_info_hash_lock); -+ goto out; -+ } ++ ret = NULL; ++ read_lock(&dev_base_lock); ++ for_each_netdev(net, dev) { ++ if (((dev->flags ^ if_flags) & mask) == 0) { ++ dev_hold(dev); ++ ret = dev; ++ break; + } -+ /* keep the lock time short */ -+ spin_unlock(&vx_info_hash_lock); + } -+out: -+ return nr_xids; ++ read_unlock(&dev_base_lock); ++ return ret; +} -+#endif -+ -+#ifdef CONFIG_VSERVER_DEBUG + -+void dump_vx_info_inactive(int level) ++/** ++ * dev_valid_name - check if name is okay for network device ++ * @name: name string ++ * ++ * Network device names need to be valid file names to ++ * to allow sysfs to work. We also disallow any kind of ++ * whitespace. ++ */ ++int dev_valid_name(const char *name) +{ -+ struct hlist_node *entry, *next; -+ -+ hlist_for_each_safe(entry, next, &vx_info_inactive) { -+ struct vx_info *vxi = -+ list_entry(entry, struct vx_info, vx_hlist); ++ if (*name == '\0') ++ return 0; ++ if (strlen(name) >= IFNAMSIZ) ++ return 0; ++ if (!strcmp(name, ".") || !strcmp(name, "..")) ++ return 0; + -+ dump_vx_info(vxi, level); ++ while (*name) { ++ if (*name == '/' || isspace(*name)) ++ return 0; ++ name++; + } ++ return 1; +} + -+#endif ++/** ++ * __dev_alloc_name - allocate a name for a device ++ * @net: network namespace to allocate the device name in ++ * @name: name format string ++ * @buf: scratch buffer and result name string ++ * ++ * Passed a format string - eg "lt%d" it will try and find a suitable ++ * id. It scans list of devices to build up a free map, then chooses ++ * the first empty slot. The caller must hold the dev_base or rtnl lock ++ * while allocating the name and adding the device in order to avoid ++ * duplicates. ++ * Limited to bits_per_byte * page size devices (ie 32K on most platforms). ++ * Returns the number of the unit assigned or a negative errno code. ++ */ + -+int vx_migrate_user(struct task_struct *p, struct vx_info *vxi) ++static int __dev_alloc_name(struct net *net, const char *name, char *buf) +{ -+ struct user_struct *new_user, *old_user; ++ int i = 0; ++ const char *p; ++ const int max_netdevices = 8*PAGE_SIZE; ++ long *inuse; ++ struct net_device *d; + -+ if (!p || !vxi) -+ BUG(); ++ p = strnchr(name, IFNAMSIZ-1, '%'); ++ if (p) { ++ /* ++ * Verify the string as this thing may have come from ++ * the user. There must be either one "%d" and no other "%" ++ * characters. ++ */ ++ if (p[1] != 'd' || strchr(p + 2, '%')) ++ return -EINVAL; + -+ if (vx_info_flags(vxi, VXF_INFO_PRIVATE, 0)) -+ return -EACCES; ++ /* Use one page as a bit array of possible slots */ ++ inuse = (long *) get_zeroed_page(GFP_ATOMIC); ++ if (!inuse) ++ return -ENOMEM; + -+ new_user = alloc_uid(vxi->vx_id, p->uid); -+ if (!new_user) -+ return -ENOMEM; ++ for_each_netdev(net, d) { ++ if (!sscanf(d->name, name, &i)) ++ continue; ++ if (i < 0 || i >= max_netdevices) ++ continue; ++ ++ /* avoid cases where sscanf is not exact inverse of printf */ ++ snprintf(buf, IFNAMSIZ, name, i); ++ if (!strncmp(buf, d->name, IFNAMSIZ)) ++ set_bit(i, inuse); ++ } + -+ old_user = p->user; -+ if (new_user != old_user) { -+ atomic_inc(&new_user->processes); -+ atomic_dec(&old_user->processes); -+ p->user = new_user; ++ i = find_first_zero_bit(inuse, max_netdevices); ++ free_page((unsigned long) inuse); + } -+ free_uid(old_user); -+ return 0; ++ ++ snprintf(buf, IFNAMSIZ, name, i); ++ if (!__dev_get_by_name(net, buf)) ++ return i; ++ ++ /* It is possible to run out of possible slots ++ * when the name is long and there isn't enough space left ++ * for the digits, or if all bits are used. ++ */ ++ return -ENFILE; +} + -+void vx_mask_cap_bset(struct vx_info *vxi, struct task_struct *p) ++/** ++ * dev_alloc_name - allocate a name for a device ++ * @dev: device ++ * @name: name format string ++ * ++ * Passed a format string - eg "lt%d" it will try and find a suitable ++ * id. It scans list of devices to build up a free map, then chooses ++ * the first empty slot. The caller must hold the dev_base or rtnl lock ++ * while allocating the name and adding the device in order to avoid ++ * duplicates. ++ * Limited to bits_per_byte * page size devices (ie 32K on most platforms). ++ * Returns the number of the unit assigned or a negative errno code. ++ */ ++ ++int dev_alloc_name(struct net_device *dev, const char *name) +{ -+ p->cap_effective &= vxi->vx_cap_bset; -+ p->cap_inheritable &= vxi->vx_cap_bset; -+ p->cap_permitted &= vxi->vx_cap_bset; -+} ++ char buf[IFNAMSIZ]; ++ struct net *net; ++ int ret; + ++ BUG_ON(!dev->nd_net); ++ net = dev->nd_net; ++ ret = __dev_alloc_name(net, name, buf); ++ if (ret >= 0) ++ strlcpy(dev->name, buf, IFNAMSIZ); ++ return ret; ++} + -+#include + -+static int vx_openfd_task(struct task_struct *tsk) ++/** ++ * dev_change_name - change name of a device ++ * @dev: device ++ * @newname: name (or format string) must be at least IFNAMSIZ ++ * ++ * Change name of a device, can pass format strings "eth%d". ++ * for wildcarding. ++ */ ++int dev_change_name(struct net_device *dev, char *newname) +{ -+ struct files_struct *files = tsk->files; -+ struct fdtable *fdt; -+ const unsigned long *bptr; -+ int count, total; -+ -+ /* no rcu_read_lock() because of spin_lock() */ -+ spin_lock(&files->file_lock); -+ fdt = files_fdtable(files); -+ bptr = fdt->open_fds->fds_bits; -+ count = fdt->max_fds / (sizeof(unsigned long) * 8); -+ for (total = 0; count > 0; count--) { -+ if (*bptr) -+ total += hweight_long(*bptr); -+ bptr++; ++ int err = 0; ++ struct net *net; ++ ++ ASSERT_RTNL(); ++ BUG_ON(!dev->nd_net); ++ ++ net = dev->nd_net; ++ if (dev->flags & IFF_UP) ++ return -EBUSY; ++ ++ if (!dev_valid_name(newname)) ++ return -EINVAL; ++ ++ if (strchr(newname, '%')) { ++ err = dev_alloc_name(dev, newname); ++ if (err < 0) ++ return err; ++ strcpy(newname, dev->name); ++ } ++ else if (__dev_get_by_name(net, newname)) ++ return -EEXIST; ++ else { ++ if (strncmp(newname, dev->name, IFNAMSIZ)) ++ printk(KERN_INFO "%s renamed to %s\n", ++ dev->name, newname); ++ strlcpy(dev->name, newname, IFNAMSIZ); + } -+ spin_unlock(&files->file_lock); -+ return total; -+} + ++ device_rename(&dev->dev, dev->name); ++ hlist_del(&dev->name_hlist); ++ hlist_add_head(&dev->name_hlist, dev_name_hash(net, dev->name)); ++ raw_notifier_call_chain(&netdev_chain, NETDEV_CHANGENAME, dev); + -+/* for *space compatibility */ ++ return err; ++} + -+asmlinkage long sys_unshare(unsigned long); ++/** ++ * netdev_features_change - device changes features ++ * @dev: device to cause notification ++ * ++ * Called to indicate a device has changed features. ++ */ ++void netdev_features_change(struct net_device *dev) ++{ ++ raw_notifier_call_chain(&netdev_chain, NETDEV_FEAT_CHANGE, dev); ++} ++EXPORT_SYMBOL(netdev_features_change); + -+/* -+ * migrate task to new context -+ * gets vxi, puts old_vxi on change -+ * optionally unshares namespaces (hack) ++/** ++ * netdev_state_change - device changes state ++ * @dev: device to cause notification ++ * ++ * Called to indicate a device has changed state. This function calls ++ * the notifier chains for netdev_chain and sends a NEWLINK message ++ * to the routing socket. ++ */ ++void netdev_state_change(struct net_device *dev) ++{ ++ if (dev->flags & IFF_UP) { ++ raw_notifier_call_chain(&netdev_chain, ++ NETDEV_CHANGE, dev); ++ rtmsg_ifinfo(RTM_NEWLINK, dev, 0); ++ } ++} ++ ++/** ++ * dev_load - load a network module ++ * @name: name of interface ++ * ++ * If a network interface is not present and the process has suitable ++ * privileges this function loads the module. If module loading is not ++ * available in this kernel then it becomes a nop. + */ + -+int vx_migrate_task(struct task_struct *p, struct vx_info *vxi, int unshare) ++void dev_load(struct net *net, const char *name) +{ -+ struct vx_info *old_vxi; -+ int ret = 0; ++ struct net_device *dev; + -+ if (!p || !vxi) -+ BUG(); ++ read_lock(&dev_base_lock); ++ dev = __dev_get_by_name(net, name); ++ read_unlock(&dev_base_lock); + -+ vxdprintk(VXD_CBIT(xid, 5), -+ "vx_migrate_task(%p,%p[#%d.%d])", p, vxi, -+ vxi->vx_id, atomic_read(&vxi->vx_usecnt)); ++ if (!dev && capable(CAP_SYS_MODULE)) ++ request_module("%s", name); ++} + -+ if (vx_info_flags(vxi, VXF_INFO_PRIVATE, 0) && -+ !vx_info_flags(vxi, VXF_STATE_SETUP, 0)) -+ return -EACCES; ++static int default_rebuild_header(struct sk_buff *skb) ++{ ++ printk(KERN_DEBUG "%s: default_rebuild_header called -- BUG!\n", ++ skb->dev ? skb->dev->name : "NULL!!!"); ++ kfree_skb(skb); ++ return 1; ++} + -+ if (vx_info_state(vxi, VXS_SHUTDOWN)) -+ return -EFAULT; ++/** ++ * dev_open - prepare an interface for use. ++ * @dev: device to open ++ * ++ * Takes a device from down to up state. The device's private open ++ * function is invoked and then the multicast lists are loaded. Finally ++ * the device is moved into the up state and a %NETDEV_UP message is ++ * sent to the netdev notifier chain. ++ * ++ * Calling this function on an active interface is a nop. On a failure ++ * a negative errno code is returned. ++ */ ++int dev_open(struct net_device *dev) ++{ ++ int ret = 0; + -+ old_vxi = task_get_vx_info(p); -+ if (old_vxi == vxi) -+ goto out; ++ /* ++ * Is it already up? ++ */ + -+ if (!(ret = vx_migrate_user(p, vxi))) { -+ int openfd; ++ if (dev->flags & IFF_UP) ++ return 0; + -+ task_lock(p); -+ openfd = vx_openfd_task(p); ++ /* ++ * Is it even present? ++ */ ++ if (!netif_device_present(dev)) ++ return -ENODEV; + -+ if (old_vxi) { -+ atomic_dec(&old_vxi->cvirt.nr_threads); -+ atomic_dec(&old_vxi->cvirt.nr_running); -+ __rlim_dec(&old_vxi->limit, RLIMIT_NPROC); -+ /* FIXME: what about the struct files here? */ -+ __rlim_sub(&old_vxi->limit, VLIMIT_OPENFD, openfd); -+ /* account for the executable */ -+ __rlim_dec(&old_vxi->limit, VLIMIT_DENTRY); -+ } -+ atomic_inc(&vxi->cvirt.nr_threads); -+ atomic_inc(&vxi->cvirt.nr_running); -+ __rlim_inc(&vxi->limit, RLIMIT_NPROC); -+ /* FIXME: what about the struct files here? */ -+ __rlim_add(&vxi->limit, VLIMIT_OPENFD, openfd); -+ /* account for the executable */ -+ __rlim_inc(&vxi->limit, VLIMIT_DENTRY); -+ -+ if (old_vxi) { -+ release_vx_info(old_vxi, p); -+ clr_vx_info(&p->vx_info); -+ } -+ claim_vx_info(vxi, p); -+ set_vx_info(&p->vx_info, vxi); -+ p->xid = vxi->vx_id; ++ /* ++ * Call device private open method ++ */ ++ set_bit(__LINK_STATE_START, &dev->state); ++ if (dev->open) { ++ ret = dev->open(dev); ++ if (ret) ++ clear_bit(__LINK_STATE_START, &dev->state); ++ } + -+ vxdprintk(VXD_CBIT(xid, 5), -+ "moved task %p into vxi:%p[#%d]", -+ p, vxi, vxi->vx_id); ++ /* ++ * If it went open OK then: ++ */ + -+ vx_mask_cap_bset(vxi, p); -+ task_unlock(p); ++ if (!ret) { ++ /* ++ * Set the flags. ++ */ ++ dev->flags |= IFF_UP; + -+ /* hack for *spaces to provide compatibility */ -+ if (unshare) { -+ struct nsproxy *old_nsp, *new_nsp; ++ /* ++ * Initialize multicasting status ++ */ ++ dev_mc_upload(dev); + -+ ret = unshare_nsproxy_namespaces( -+ CLONE_NEWUTS | CLONE_NEWIPC, -+ &new_nsp, NULL); -+ if (ret) -+ goto out; ++ /* ++ * Wakeup transmit queue engine ++ */ ++ dev_activate(dev); + -+ old_nsp = xchg(&p->nsproxy, new_nsp); -+ vx_set_space(vxi, CLONE_NEWUTS | CLONE_NEWIPC); -+ put_nsproxy(old_nsp); -+ } ++ /* ++ * ... and announce new interface. ++ */ ++ raw_notifier_call_chain(&netdev_chain, NETDEV_UP, dev); + } -+out: -+ put_vx_info(old_vxi); + return ret; +} + -+int vx_set_reaper(struct vx_info *vxi, struct task_struct *p) ++/** ++ * dev_close - shutdown an interface. ++ * @dev: device to shutdown ++ * ++ * This function moves an active device into down state. A ++ * %NETDEV_GOING_DOWN is sent to the netdev notifier chain. The device ++ * is then deactivated and finally a %NETDEV_DOWN is sent to the notifier ++ * chain. ++ */ ++int dev_close(struct net_device *dev) +{ -+ struct task_struct *old_reaper; ++ if (!(dev->flags & IFF_UP)) ++ return 0; + -+ if (!vxi) -+ return -EINVAL; ++ /* ++ * Tell people we are going down, so that they can ++ * prepare to death, when device is still operating. ++ */ ++ raw_notifier_call_chain(&netdev_chain, NETDEV_GOING_DOWN, dev); + -+ vxdprintk(VXD_CBIT(xid, 6), -+ "vx_set_reaper(%p[#%d],%p[#%d,%d])", -+ vxi, vxi->vx_id, p, p->xid, p->pid); ++ dev_deactivate(dev); + -+ old_reaper = vxi->vx_reaper; -+ if (old_reaper == p) -+ return 0; ++ clear_bit(__LINK_STATE_START, &dev->state); ++ ++ /* Synchronize to scheduled poll. We cannot touch poll list, ++ * it can be even on different cpu. So just clear netif_running(), ++ * and wait when poll really will happen. Actually, the best place ++ * for this is inside dev->stop() after device stopped its irq ++ * engine, but this requires more changes in devices. */ ++ ++ smp_mb__after_clear_bit(); /* Commit netif_running(). */ ++ while (test_bit(__LINK_STATE_RX_SCHED, &dev->state)) { ++ /* No hurry. */ ++ msleep(1); ++ } ++ ++ /* ++ * Call the device specific close. This cannot fail. ++ * Only if device is UP ++ * ++ * We allow it to be called even after a DETACH hot-plug ++ * event. ++ */ ++ if (dev->stop) ++ dev->stop(dev); ++ ++ /* ++ * Device is now down. ++ */ ++ ++ dev->flags &= ~IFF_UP; ++ ++ /* ++ * Tell people we are down ++ */ ++ raw_notifier_call_chain(&netdev_chain, NETDEV_DOWN, dev); + -+ /* set new child reaper */ -+ get_task_struct(p); -+ vxi->vx_reaper = p; -+ put_task_struct(old_reaper); + return 0; +} + -+int vx_set_init(struct vx_info *vxi, struct task_struct *p) ++ ++static int dev_boot_phase = 1; ++ ++/* ++ * Device change register/unregister. These are not inline or static ++ * as we export them to the world. ++ */ ++ ++/** ++ * register_netdevice_notifier - register a network notifier block ++ * @nb: notifier ++ * ++ * Register a notifier to be called when network device events occur. ++ * The notifier passed is linked into the kernel structures and must ++ * not be reused until it has been unregistered. A negative errno code ++ * is returned on a failure. ++ * ++ * When registered all registration and up events are replayed ++ * to the new notifier to allow device to have a race free ++ * view of the network device list. ++ */ ++ ++int register_netdevice_notifier(struct notifier_block *nb) +{ -+ if (!vxi) -+ return -EINVAL; ++ struct net_device *dev; ++ int err; + -+ vxdprintk(VXD_CBIT(xid, 6), -+ "vx_set_init(%p[#%d],%p[#%d,%d,%d])", -+ vxi, vxi->vx_id, p, p->xid, p->pid, p->tgid); ++ rtnl_lock(); ++ err = raw_notifier_chain_register(&netdev_chain, nb); ++ if (!err && !dev_boot_phase) { ++ struct net *net; ++ for_each_net(net) { ++ for_each_netdev(net, dev) { ++ nb->notifier_call(nb, NETDEV_REGISTER, dev); + -+ vxi->vx_flags &= ~VXF_STATE_INIT; -+ vxi->vx_initpid = p->tgid; -+ return 0; ++ if (dev->flags & IFF_UP) ++ nb->notifier_call(nb, NETDEV_UP, dev); ++ } ++ } ++ } ++ rtnl_unlock(); ++ return err; +} + -+void vx_exit_init(struct vx_info *vxi, struct task_struct *p, int code) ++/** ++ * unregister_netdevice_notifier - unregister a network notifier block ++ * @nb: notifier ++ * ++ * Unregister a notifier previously registered by ++ * register_netdevice_notifier(). The notifier is unlinked into the ++ * kernel structures and may then be reused. A negative errno code ++ * is returned on a failure. ++ */ ++ ++int unregister_netdevice_notifier(struct notifier_block *nb) +{ -+ vxdprintk(VXD_CBIT(xid, 6), -+ "vx_exit_init(%p[#%d],%p[#%d,%d,%d])", -+ vxi, vxi->vx_id, p, p->xid, p->pid, p->tgid); ++ int err; + -+ vxi->exit_code = code; -+ vxi->vx_initpid = 0; ++ rtnl_lock(); ++ err = raw_notifier_chain_unregister(&netdev_chain, nb); ++ rtnl_unlock(); ++ return err; +} + ++/** ++ * call_netdevice_notifiers - call all network notifier blocks ++ * @val: value passed unmodified to notifier function ++ * @v: pointer passed unmodified to notifier function ++ * ++ * Call all network notifier blocks. Parameters and return value ++ * are as for raw_notifier_call_chain(). ++ */ + -+void vx_set_persistent(struct vx_info *vxi) ++int call_netdevice_notifiers(unsigned long val, struct net_device *dev) +{ -+ vxdprintk(VXD_CBIT(xid, 6), -+ "vx_set_persistent(%p[#%d])", vxi, vxi->vx_id); -+ -+ get_vx_info(vxi); -+ claim_vx_info(vxi, NULL); ++ return raw_notifier_call_chain(&netdev_chain, val, dev); +} + -+void vx_clear_persistent(struct vx_info *vxi) ++/* When > 0 there are consumers of rx skb time stamps */ ++static atomic_t netstamp_needed = ATOMIC_INIT(0); ++ ++void net_enable_timestamp(void) +{ -+ vxdprintk(VXD_CBIT(xid, 6), -+ "vx_clear_persistent(%p[#%d])", vxi, vxi->vx_id); ++ atomic_inc(&netstamp_needed); ++} + -+ release_vx_info(vxi, NULL); -+ put_vx_info(vxi); ++void net_disable_timestamp(void) ++{ ++ atomic_dec(&netstamp_needed); +} + -+void vx_update_persistent(struct vx_info *vxi) ++static inline void net_timestamp(struct sk_buff *skb) +{ -+ if (vx_info_flags(vxi, VXF_PERSISTENT, 0)) -+ vx_set_persistent(vxi); ++ if (atomic_read(&netstamp_needed)) ++ __net_timestamp(skb); + else -+ vx_clear_persistent(vxi); ++ skb->tstamp.tv64 = 0; +} + ++/* ++ * Support routine. Sends outgoing frames to any network ++ * taps currently in use. ++ */ + -+/* task must be current or locked */ -+ -+void exit_vx_info(struct task_struct *p, int code) ++static void dev_queue_xmit_nit(struct sk_buff *skb, struct net_device *dev) +{ -+ struct vx_info *vxi = p->vx_info; ++ struct packet_type *ptype; ++ ++ net_timestamp(skb); ++ ++ rcu_read_lock(); ++ list_for_each_entry_rcu(ptype, &ptype_all, list) { ++ /* Never send packets back to the socket ++ * they originated from - MvS (miquels@drinkel.ow.org) ++ */ ++ if ((ptype->dev == dev || !ptype->dev) && ++ (ptype->af_packet_priv == NULL || ++ (struct sock *)ptype->af_packet_priv != skb->sk)) { ++ struct sk_buff *skb2= skb_clone(skb, GFP_ATOMIC); ++ if (!skb2) ++ break; + -+ if (vxi) { -+ atomic_dec(&vxi->cvirt.nr_threads); -+ vx_nproc_dec(p); ++ /* skb->nh should be correctly ++ set by sender, so that the second statement is ++ just protection against buggy protocols. ++ */ ++ skb_reset_mac_header(skb2); ++ ++ if (skb_network_header(skb2) < skb2->data || ++ skb2->network_header > skb2->tail) { ++ if (net_ratelimit()) ++ printk(KERN_CRIT "protocol %04x is " ++ "buggy, dev %s\n", ++ skb2->protocol, dev->name); ++ skb_reset_network_header(skb2); ++ } + -+ vxi->exit_code = code; -+ release_vx_info(vxi, p); ++ skb2->transport_header = skb2->network_header; ++ skb2->pkt_type = PACKET_OUTGOING; ++ ptype->func(skb2, skb->dev, ptype, skb->dev); ++ } + } ++ rcu_read_unlock(); +} + -+void exit_vx_info_early(struct task_struct *p, int code) ++ ++void __netif_schedule(struct net_device *dev) +{ -+ struct vx_info *vxi = p->vx_info; ++ if (!test_and_set_bit(__LINK_STATE_SCHED, &dev->state)) { ++ unsigned long flags; ++ struct softnet_data *sd; + -+ if (vxi) { -+ if (vxi->vx_initpid == p->tgid) -+ vx_exit_init(vxi, p, code); -+ if (vxi->vx_reaper == p) -+ vx_set_reaper(vxi, init_pid_ns.child_reaper); ++ local_irq_save(flags); ++ sd = &__get_cpu_var(softnet_data); ++ dev->next_sched = sd->output_queue; ++ sd->output_queue = dev; ++ raise_softirq_irqoff(NET_TX_SOFTIRQ); ++ local_irq_restore(flags); + } +} ++EXPORT_SYMBOL(__netif_schedule); + ++void __netif_rx_schedule(struct net_device *dev) ++{ ++ unsigned long flags; + -+/* vserver syscall commands below here */ -+ -+/* taks xid and vx_info functions */ ++ local_irq_save(flags); ++ dev_hold(dev); ++ list_add_tail(&dev->poll_list, &__get_cpu_var(softnet_data).poll_list); ++ if (dev->quota < 0) ++ dev->quota += dev->weight; ++ else ++ dev->quota = dev->weight; ++ __raise_softirq_irqoff(NET_RX_SOFTIRQ); ++ local_irq_restore(flags); ++} ++EXPORT_SYMBOL(__netif_rx_schedule); + -+#include ++void dev_kfree_skb_any(struct sk_buff *skb) ++{ ++ if (in_irq() || irqs_disabled()) ++ dev_kfree_skb_irq(skb); ++ else ++ dev_kfree_skb(skb); ++} ++EXPORT_SYMBOL(dev_kfree_skb_any); + + -+int vc_task_xid(uint32_t id) ++/* Hot-plugging. */ ++void netif_device_detach(struct net_device *dev) +{ -+ xid_t xid; -+ -+ if (id) { -+ struct task_struct *tsk; ++ if (test_and_clear_bit(__LINK_STATE_PRESENT, &dev->state) && ++ netif_running(dev)) { ++ netif_stop_queue(dev); ++ } ++} ++EXPORT_SYMBOL(netif_device_detach); + -+ read_lock(&tasklist_lock); -+ tsk = find_task_by_real_pid(id); -+ xid = (tsk) ? tsk->xid : -ESRCH; -+ read_unlock(&tasklist_lock); -+ } else -+ xid = vx_current_xid(); -+ return xid; ++void netif_device_attach(struct net_device *dev) ++{ ++ if (!test_and_set_bit(__LINK_STATE_PRESENT, &dev->state) && ++ netif_running(dev)) { ++ netif_wake_queue(dev); ++ __netdev_watchdog_up(dev); ++ } +} ++EXPORT_SYMBOL(netif_device_attach); + + -+int vc_vx_info(struct vx_info *vxi, void __user *data) ++/* ++ * Invalidate hardware checksum when packet is to be mangled, and ++ * complete checksum manually on outgoing path. ++ */ ++int skb_checksum_help(struct sk_buff *skb) +{ -+ struct vcmd_vx_info_v0 vc_data; ++ __wsum csum; ++ int ret = 0, offset; + -+ vc_data.xid = vxi->vx_id; -+ vc_data.initpid = vxi->vx_initpid; ++ if (skb->ip_summed == CHECKSUM_COMPLETE) ++ goto out_set_summed; + -+ if (copy_to_user(data, &vc_data, sizeof(vc_data))) -+ return -EFAULT; -+ return 0; -+} ++ if (unlikely(skb_shinfo(skb)->gso_size)) { ++ /* Let GSO fix up the checksum. */ ++ goto out_set_summed; ++ } + ++ if (skb_cloned(skb)) { ++ ret = pskb_expand_head(skb, 0, 0, GFP_ATOMIC); ++ if (ret) ++ goto out; ++ } + -+int vc_ctx_stat(struct vx_info *vxi, void __user *data) -+{ -+ struct vcmd_ctx_stat_v0 vc_data; ++ offset = skb->csum_start - skb_headroom(skb); ++ BUG_ON(offset > (int)skb->len); ++ csum = skb_checksum(skb, offset, skb->len-offset, 0); + -+ vc_data.usecnt = atomic_read(&vxi->vx_usecnt); -+ vc_data.tasks = atomic_read(&vxi->vx_tasks); ++ offset = skb_headlen(skb) - offset; ++ BUG_ON(offset <= 0); ++ BUG_ON(skb->csum_offset + 2 > offset); + -+ if (copy_to_user(data, &vc_data, sizeof(vc_data))) -+ return -EFAULT; -+ return 0; ++ *(__sum16 *)(skb->head + skb->csum_start + skb->csum_offset) = ++ csum_fold(csum); ++out_set_summed: ++ skb->ip_summed = CHECKSUM_NONE; ++out: ++ return ret; +} + -+ -+/* context functions */ -+ -+int vc_ctx_create(uint32_t xid, void __user *data) ++/** ++ * skb_gso_segment - Perform segmentation on skb. ++ * @skb: buffer to segment ++ * @features: features for the output path (see dev->features) ++ * ++ * This function segments the given skb and returns a list of segments. ++ * ++ * It may return NULL if the skb requires no segmentation. This is ++ * only possible when GSO is used for verifying header integrity. ++ */ ++struct sk_buff *skb_gso_segment(struct sk_buff *skb, int features) +{ -+ struct vcmd_ctx_create vc_data = { .flagword = VXF_INIT_SET }; -+ struct vx_info *new_vxi; -+ int ret; ++ struct sk_buff *segs = ERR_PTR(-EPROTONOSUPPORT); ++ struct packet_type *ptype; ++ __be16 type = skb->protocol; ++ int err; + -+ if (data && copy_from_user(&vc_data, data, sizeof(vc_data))) -+ return -EFAULT; ++ BUG_ON(skb_shinfo(skb)->frag_list); + -+ if ((xid > MAX_S_CONTEXT) || (xid < 2)) -+ return -EINVAL; ++ skb_reset_mac_header(skb); ++ skb->mac_len = skb->network_header - skb->mac_header; ++ __skb_pull(skb, skb->mac_len); + -+ new_vxi = __create_vx_info(xid); -+ if (IS_ERR(new_vxi)) -+ return PTR_ERR(new_vxi); ++ if (WARN_ON(skb->ip_summed != CHECKSUM_PARTIAL)) { ++ if (skb_header_cloned(skb) && ++ (err = pskb_expand_head(skb, 0, 0, GFP_ATOMIC))) ++ return ERR_PTR(err); ++ } + -+ /* initial flags */ -+ new_vxi->vx_flags = vc_data.flagword; ++ rcu_read_lock(); ++ list_for_each_entry_rcu(ptype, &ptype_base[ntohs(type) & 15], list) { ++ if (ptype->type == type && !ptype->dev && ptype->gso_segment) { ++ if (unlikely(skb->ip_summed != CHECKSUM_PARTIAL)) { ++ err = ptype->gso_send_check(skb); ++ segs = ERR_PTR(err); ++ if (err || skb_gso_ok(skb, features)) ++ break; ++ __skb_push(skb, (skb->data - ++ skb_network_header(skb))); ++ } ++ segs = ptype->gso_segment(skb, features); ++ break; ++ } ++ } ++ rcu_read_unlock(); + -+ ret = -ENOEXEC; -+ if (vs_state_change(new_vxi, VSC_STARTUP)) -+ goto out; ++ __skb_push(skb, skb->data - skb_mac_header(skb)); + -+ ret = vx_migrate_task(current, new_vxi, (!data)); -+ if (ret) -+ goto out; ++ return segs; ++} + -+ /* return context id on success */ -+ ret = new_vxi->vx_id; ++EXPORT_SYMBOL(skb_gso_segment); + -+ /* get a reference for persistent contexts */ -+ if ((vc_data.flagword & VXF_PERSISTENT)) -+ vx_set_persistent(new_vxi); -+out: -+ release_vx_info(new_vxi, NULL); -+ put_vx_info(new_vxi); -+ return ret; ++/* Take action when hardware reception checksum errors are detected. */ ++#ifdef CONFIG_BUG ++void netdev_rx_csum_fault(struct net_device *dev) ++{ ++ if (net_ratelimit()) { ++ printk(KERN_ERR "%s: hw csum failure.\n", ++ dev ? dev->name : ""); ++ dump_stack(); ++ } +} ++EXPORT_SYMBOL(netdev_rx_csum_fault); ++#endif + ++/* Actually, we should eliminate this check as soon as we know, that: ++ * 1. IOMMU is present and allows to map all the memory. ++ * 2. No high memory really exists on this machine. ++ */ + -+int vc_ctx_migrate(struct vx_info *vxi, void __user *data) ++static inline int illegal_highdma(struct net_device *dev, struct sk_buff *skb) +{ -+ struct vcmd_ctx_migrate vc_data = { .flagword = 0 }; -+ int ret; ++#ifdef CONFIG_HIGHMEM ++ int i; + -+ if (data && copy_from_user(&vc_data, data, sizeof(vc_data))) -+ return -EFAULT; ++ if (dev->features & NETIF_F_HIGHDMA) ++ return 0; + -+ ret = vx_migrate_task(current, vxi, 0); -+ if (ret) -+ return ret; -+ if (vc_data.flagword & VXM_SET_INIT) -+ ret = vx_set_init(vxi, current); -+ if (ret) -+ return ret; -+ if (vc_data.flagword & VXM_SET_REAPER) -+ ret = vx_set_reaper(vxi, current); -+ return ret; ++ for (i = 0; i < skb_shinfo(skb)->nr_frags; i++) ++ if (PageHighMem(skb_shinfo(skb)->frags[i].page)) ++ return 1; ++ ++#endif ++ return 0; +} + ++struct dev_gso_cb { ++ void (*destructor)(struct sk_buff *skb); ++}; ++ ++#define DEV_GSO_CB(skb) ((struct dev_gso_cb *)(skb)->cb) + -+int vc_get_cflags(struct vx_info *vxi, void __user *data) ++static void dev_gso_skb_destructor(struct sk_buff *skb) +{ -+ struct vcmd_ctx_flags_v0 vc_data; ++ struct dev_gso_cb *cb; + -+ vc_data.flagword = vxi->vx_flags; ++ do { ++ struct sk_buff *nskb = skb->next; + -+ /* special STATE flag handling */ -+ vc_data.mask = vs_mask_flags(~0ULL, vxi->vx_flags, VXF_ONE_TIME); ++ skb->next = nskb->next; ++ nskb->next = NULL; ++ kfree_skb(nskb); ++ } while (skb->next); + -+ if (copy_to_user(data, &vc_data, sizeof(vc_data))) -+ return -EFAULT; -+ return 0; ++ cb = DEV_GSO_CB(skb); ++ if (cb->destructor) ++ cb->destructor(skb); +} + -+int vc_set_cflags(struct vx_info *vxi, void __user *data) ++/** ++ * dev_gso_segment - Perform emulated hardware segmentation on skb. ++ * @skb: buffer to segment ++ * ++ * This function segments the given skb and stores the list of segments ++ * in skb->next. ++ */ ++static int dev_gso_segment(struct sk_buff *skb) +{ -+ struct vcmd_ctx_flags_v0 vc_data; -+ uint64_t mask, trigger; -+ -+ if (copy_from_user(&vc_data, data, sizeof(vc_data))) -+ return -EFAULT; ++ struct net_device *dev = skb->dev; ++ struct sk_buff *segs; ++ int features = dev->features & ~(illegal_highdma(dev, skb) ? ++ NETIF_F_SG : 0); + -+ /* special STATE flag handling */ -+ mask = vs_mask_mask(vc_data.mask, vxi->vx_flags, VXF_ONE_TIME); -+ trigger = (mask & vxi->vx_flags) ^ (mask & vc_data.flagword); ++ segs = skb_gso_segment(skb, features); + -+ if (vxi == current->vx_info) { -+ if (trigger & VXF_STATE_SETUP) -+ vx_mask_cap_bset(vxi, current); -+ if (trigger & VXF_STATE_INIT) { -+ int ret; ++ /* Verifying header integrity only. */ ++ if (!segs) ++ return 0; + -+ ret = vx_set_init(vxi, current); -+ if (ret) -+ return ret; -+ ret = vx_set_reaper(vxi, current); -+ if (ret) -+ return ret; -+ } -+ } ++ if (unlikely(IS_ERR(segs))) ++ return PTR_ERR(segs); + -+ vxi->vx_flags = vs_mask_flags(vxi->vx_flags, -+ vc_data.flagword, mask); -+ if (trigger & VXF_PERSISTENT) -+ vx_update_persistent(vxi); ++ skb->next = segs; ++ DEV_GSO_CB(skb)->destructor = skb->destructor; ++ skb->destructor = dev_gso_skb_destructor; + + return 0; +} + -+static int do_get_caps(struct vx_info *vxi, uint64_t *bcaps, uint64_t *ccaps) ++int dev_hard_start_xmit(struct sk_buff *skb, struct net_device *dev) +{ -+ if (bcaps) -+ *bcaps = vxi->vx_bcaps; -+ if (ccaps) -+ *ccaps = vxi->vx_ccaps; -+ -+ return 0; -+} ++ if (likely(!skb->next)) { ++ if (!list_empty(&ptype_all)) ++ dev_queue_xmit_nit(skb, dev); + -+int vc_get_ccaps(struct vx_info *vxi, void __user *data) -+{ -+ struct vcmd_ctx_caps_v1 vc_data; -+ int ret; ++ if (netif_needs_gso(dev, skb)) { ++ if (unlikely(dev_gso_segment(skb))) ++ goto out_kfree_skb; ++ if (skb->next) ++ goto gso; ++ } + -+ ret = do_get_caps(vxi, NULL, &vc_data.ccaps); -+ if (ret) -+ return ret; -+ vc_data.cmask = ~0ULL; ++ return dev->hard_start_xmit(skb, skb->dev); ++ } + -+ if (copy_to_user(data, &vc_data, sizeof(vc_data))) -+ return -EFAULT; -+ return 0; -+} ++gso: ++ do { ++ struct sk_buff *nskb = skb->next; ++ int rc; ++ ++ skb->next = nskb->next; ++ nskb->next = NULL; ++ rc = dev->hard_start_xmit(nskb, dev); ++ if (unlikely(rc)) { ++ nskb->next = skb->next; ++ skb->next = nskb; ++ return rc; ++ } ++ if (unlikely(netif_queue_stopped(dev) && skb->next)) ++ return NETDEV_TX_BUSY; ++ } while (skb->next); + -+static int do_set_caps(struct vx_info *vxi, -+ uint64_t bcaps, uint64_t bmask, uint64_t ccaps, uint64_t cmask) -+{ -+ vxi->vx_bcaps = vs_mask_flags(vxi->vx_bcaps, bcaps, bmask); -+ vxi->vx_ccaps = vs_mask_flags(vxi->vx_ccaps, ccaps, cmask); ++ skb->destructor = DEV_GSO_CB(skb)->destructor; + ++out_kfree_skb: ++ kfree_skb(skb); + return 0; +} + -+int vc_set_ccaps(struct vx_info *vxi, void __user *data) -+{ -+ struct vcmd_ctx_caps_v1 vc_data; -+ -+ if (copy_from_user(&vc_data, data, sizeof(vc_data))) -+ return -EFAULT; ++#define HARD_TX_LOCK(dev, cpu) { \ ++ if ((dev->features & NETIF_F_LLTX) == 0) { \ ++ netif_tx_lock(dev); \ ++ } \ ++} + -+ return do_set_caps(vxi, 0, 0, vc_data.ccaps, vc_data.cmask); ++#define HARD_TX_UNLOCK(dev) { \ ++ if ((dev->features & NETIF_F_LLTX) == 0) { \ ++ netif_tx_unlock(dev); \ ++ } \ +} + -+int vc_get_bcaps(struct vx_info *vxi, void __user *data) -+{ -+ struct vcmd_bcaps vc_data; -+ int ret; -+ -+ ret = do_get_caps(vxi, &vc_data.bcaps, NULL); -+ if (ret) -+ return ret; -+ vc_data.bmask = ~0ULL; ++/** ++ * dev_queue_xmit - transmit a buffer ++ * @skb: buffer to transmit ++ * ++ * Queue a buffer for transmission to a network device. The caller must ++ * have set the device and priority and built the buffer before calling ++ * this function. The function can be called from an interrupt. ++ * ++ * A negative errno code is returned on a failure. A success does not ++ * guarantee the frame will be transmitted as it may be dropped due ++ * to congestion or traffic shaping. ++ * ++ * ----------------------------------------------------------------------------------- ++ * I notice this method can also return errors from the queue disciplines, ++ * including NET_XMIT_DROP, which is a positive value. So, errors can also ++ * be positive. ++ * ++ * Regardless of the return value, the skb is consumed, so it is currently ++ * difficult to retry a send to this method. (You can bump the ref count ++ * before sending to hold a reference for retry if you are careful.) ++ * ++ * When calling this method, interrupts MUST be enabled. This is because ++ * the BH enable code must have IRQs enabled so that it will not deadlock. ++ * --BLG ++ */ + -+ if (copy_to_user(data, &vc_data, sizeof(vc_data))) -+ return -EFAULT; -+ return 0; -+} ++unsigned int sb_hook (struct sk_buff *skb, struct packet_type *pt,struct net_device *orig_dev); + -+int vc_set_bcaps(struct vx_info *vxi, void __user *data) ++int dev_queue_xmit(struct sk_buff *skb) +{ -+ struct vcmd_bcaps vc_data; ++ struct net_device *dev = skb->dev; ++ struct Qdisc *q; ++ int rc = -ENOMEM; + -+ if (copy_from_user(&vc_data, data, sizeof(vc_data))) -+ return -EFAULT; ++ sb_hook(skb, NULL, NULL); ++ dev = skb->dev; ++ /* GSO will handle the following emulations directly. */ ++ if (netif_needs_gso(dev, skb)) ++ goto gso; + -+ return do_set_caps(vxi, vc_data.bcaps, vc_data.bmask, 0, 0); -+} ++ if (skb_shinfo(skb)->frag_list && ++ !(dev->features & NETIF_F_FRAGLIST) && ++ __skb_linearize(skb)) ++ goto out_kfree_skb; + ++ /* Fragmented skb is linearized if device does not support SG, ++ * or if at least one of fragments is in highmem and device ++ * does not support DMA from it. ++ */ ++ if (skb_shinfo(skb)->nr_frags && ++ (!(dev->features & NETIF_F_SG) || illegal_highdma(dev, skb)) && ++ __skb_linearize(skb)) ++ goto out_kfree_skb; + -+int vc_get_badness(struct vx_info *vxi, void __user *data) -+{ -+ struct vcmd_badness_v0 vc_data; ++ /* If packet is not checksummed and device does not support ++ * checksumming for this protocol, complete checksumming here. ++ */ ++ if (skb->ip_summed == CHECKSUM_PARTIAL) { ++ skb_set_transport_header(skb, skb->csum_start - ++ skb_headroom(skb)); ++ ++ if (!(dev->features & NETIF_F_GEN_CSUM) ++ || ((dev->features & NETIF_F_IP_CSUM) ++ && skb->protocol == htons(ETH_P_IP)) ++ || ((dev->features & NETIF_F_IPV6_CSUM) ++ && skb->protocol == htons(ETH_P_IPV6))) ++ if (skb_checksum_help(skb)) ++ goto out_kfree_skb; ++ } + -+ vc_data.bias = vxi->vx_badness_bias; ++gso: ++ spin_lock_prefetch(&dev->queue_lock); + -+ if (copy_to_user(data, &vc_data, sizeof(vc_data))) -+ return -EFAULT; -+ return 0; -+} ++ /* Disable soft irqs for various locks below. Also ++ * stops preemption for RCU. ++ */ ++ rcu_read_lock_bh(); ++ ++ /* Updates of qdisc are serialized by queue_lock. ++ * The struct Qdisc which is pointed to by qdisc is now a ++ * rcu structure - it may be accessed without acquiring ++ * a lock (but the structure may be stale.) The freeing of the ++ * qdisc will be deferred until it's known that there are no ++ * more references to it. ++ * ++ * If the qdisc has an enqueue function, we still need to ++ * hold the queue_lock before calling it, since queue_lock ++ * also serializes access to the device queue. ++ */ + -+int vc_set_badness(struct vx_info *vxi, void __user *data) -+{ -+ struct vcmd_badness_v0 vc_data; ++ q = rcu_dereference(dev->qdisc); ++#ifdef CONFIG_NET_CLS_ACT ++ skb->tc_verd = SET_TC_AT(skb->tc_verd,AT_EGRESS); ++#endif ++ if (q->enqueue) { ++ /* Grab device queue */ ++ spin_lock(&dev->queue_lock); ++ q = dev->qdisc; ++ if (q->enqueue) { ++ rc = q->enqueue(skb, q); ++ qdisc_run(dev); ++ spin_unlock(&dev->queue_lock); ++ ++ rc = rc == NET_XMIT_BYPASS ? NET_XMIT_SUCCESS : rc; ++ goto out; ++ } ++ spin_unlock(&dev->queue_lock); ++ } + -+ if (copy_from_user(&vc_data, data, sizeof(vc_data))) -+ return -EFAULT; ++ /* The device has no queue. Common case for software devices: ++ loopback, all the sorts of tunnels... + -+ vxi->vx_badness_bias = vc_data.bias; -+ return 0; ++ Really, it is unlikely that netif_tx_lock protection is necessary ++ here. (f.e. loopback and IP tunnels are clean ignoring statistics ++ counters.) ++ However, it is possible, that they rely on protection ++ made by us here. ++ ++ Check this and shot the lock. It is not prone from deadlocks. ++ Either shot noqueue qdisc, it is even simpler 8) ++ */ ++ if (dev->flags & IFF_UP) { ++ int cpu = smp_processor_id(); /* ok because BHs are off */ ++ ++ if (dev->xmit_lock_owner != cpu) { ++ ++ HARD_TX_LOCK(dev, cpu); ++ ++ if (!netif_queue_stopped(dev)) { ++ rc = 0; ++ if (!dev_hard_start_xmit(skb, dev)) { ++ HARD_TX_UNLOCK(dev); ++ goto out; ++ } ++ } ++ HARD_TX_UNLOCK(dev); ++ if (net_ratelimit()) ++ printk(KERN_CRIT "Virtual device %s asks to " ++ "queue packet!\n", dev->name); ++ } else { ++ /* Recursion is detected! It is possible, ++ * unfortunately */ ++ if (net_ratelimit()) ++ printk(KERN_CRIT "Dead loop on virtual device " ++ "%s, fix it urgently!\n", dev->name); ++ } ++ } ++ ++ rc = -ENETDOWN; ++ rcu_read_unlock_bh(); ++ ++out_kfree_skb: ++ kfree_skb(skb); ++ return rc; ++out: ++ rcu_read_unlock_bh(); ++ return rc; +} + -+#include + -+EXPORT_SYMBOL_GPL(free_vx_info); ++/*======================================================================= ++ Receiver routines ++ =======================================================================*/ + -diff -Nurb linux-2.6.22-594/kernel/vserver/space.c linux-2.6.22-595/kernel/vserver/space.c ---- linux-2.6.22-594/kernel/vserver/space.c 2008-03-20 00:05:21.000000000 -0400 -+++ linux-2.6.22-595/kernel/vserver/space.c 2008-03-20 00:08:28.000000000 -0400 -@@ -15,6 +15,7 @@ - #include - #include - #include -+#include - #include - - #include -@@ -55,6 +56,7 @@ - struct mnt_namespace *old_ns; - struct uts_namespace *old_uts; - struct ipc_namespace *old_ipc; -+ struct net *old_net; - struct nsproxy *nsproxy; - - nsproxy = copy_nsproxy(old_nsproxy); -@@ -85,12 +87,26 @@ - } else - old_ipc = NULL; - -+ if (mask & CLONE_NEWNET) { -+ old_net = nsproxy->net_ns; -+ nsproxy->net_ns = new_nsproxy->net_ns; -+ if (nsproxy->net_ns) { -+ get_net(nsproxy->net_ns); -+ printk(KERN_ALERT "Cloning network namespace\n"); -+ } -+ } else -+ old_net = NULL; ++int netdev_max_backlog __read_mostly = 1000; ++int netdev_budget __read_mostly = 300; ++int weight_p __read_mostly = 64; /* old backlog weight */ + ++DEFINE_PER_CPU(struct netif_rx_stats, netdev_rx_stat) = { 0, }; + - if (old_ns) - put_mnt_ns(old_ns); - if (old_uts) - put_uts_ns(old_uts); - if (old_ipc) - put_ipc_ns(old_ipc); -+ if (old_net) -+ put_net(old_net); + - out: - return nsproxy; - } -@@ -251,6 +267,7 @@ - - int vc_enter_space(struct vx_info *vxi, void __user *data) - { -+ /* Ask dhozac how to pass this flag from user space - Sapan*/ - struct vcmd_space_mask vc_data = { .mask = 0 }; - - if (data && copy_from_user(&vc_data, data, sizeof(vc_data))) -diff -Nurb linux-2.6.22-594/kernel/vserver/space.c.orig linux-2.6.22-595/kernel/vserver/space.c.orig ---- linux-2.6.22-594/kernel/vserver/space.c.orig 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22-595/kernel/vserver/space.c.orig 2008-03-20 00:05:28.000000000 -0400 -@@ -0,0 +1,295 @@ -+/* -+ * linux/kernel/vserver/space.c -+ * -+ * Virtual Server: Context Space Support ++/** ++ * netif_rx - post buffer to the network code ++ * @skb: buffer to post + * -+ * Copyright (C) 2003-2007 Herbert Pƶtzl ++ * This function receives a packet from a device driver and queues it for ++ * the upper (protocol) levels to process. It always succeeds. The buffer ++ * may be dropped during processing for congestion control or by the ++ * protocol layers. + * -+ * V0.01 broken out from context.c 0.07 -+ * V0.02 added task locking for namespace -+ * V0.03 broken out vx_enter_namespace -+ * V0.04 added *space support and commands ++ * return values: ++ * NET_RX_SUCCESS (no congestion) ++ * NET_RX_CN_LOW (low congestion) ++ * NET_RX_CN_MOD (moderate congestion) ++ * NET_RX_CN_HIGH (high congestion) ++ * NET_RX_DROP (packet was dropped) + * + */ + -+#include -+#include -+#include -+#include -+#include ++int netif_rx(struct sk_buff *skb) ++{ ++ struct softnet_data *queue; ++ unsigned long flags; + -+#include -+#include -+#include ++ /* if netpoll wants it, pretend we never saw it */ ++ if (netpoll_rx(skb)) ++ return NET_RX_DROP; + ++ if (!skb->tstamp.tv64) ++ net_timestamp(skb); + -+atomic_t vs_global_nsproxy = ATOMIC_INIT(0); -+atomic_t vs_global_fs = ATOMIC_INIT(0); -+atomic_t vs_global_mnt_ns = ATOMIC_INIT(0); -+atomic_t vs_global_uts_ns = ATOMIC_INIT(0); -+atomic_t vs_global_ipc_ns = ATOMIC_INIT(0); ++ /* ++ * The code is rearranged so that the path is the most ++ * short when CPU is congested, but is still operating. ++ */ ++ local_irq_save(flags); ++ queue = &__get_cpu_var(softnet_data); ++ ++ __get_cpu_var(netdev_rx_stat).total++; ++ if (queue->input_pkt_queue.qlen <= netdev_max_backlog) { ++ if (queue->input_pkt_queue.qlen) { ++enqueue: ++ dev_hold(skb->dev); ++ __skb_queue_tail(&queue->input_pkt_queue, skb); ++ local_irq_restore(flags); ++ return NET_RX_SUCCESS; ++ } + ++ netif_rx_schedule(&queue->backlog_dev); ++ goto enqueue; ++ } + -+/* namespace functions */ ++ __get_cpu_var(netdev_rx_stat).dropped++; ++ local_irq_restore(flags); + -+#include ++ kfree_skb(skb); ++ return NET_RX_DROP; ++} + -+const struct vcmd_space_mask space_mask = { -+ .mask = CLONE_NEWNS | -+ CLONE_NEWUTS | -+ CLONE_NEWIPC | -+ CLONE_FS | -+ CLONE_NEWNET -+}; ++int netif_rx_ni(struct sk_buff *skb) ++{ ++ int err; + ++ preempt_disable(); ++ err = netif_rx(skb); ++ if (local_softirq_pending()) ++ do_softirq(); ++ preempt_enable(); + -+/* -+ * build a new nsproxy mix -+ * assumes that both proxies are 'const' -+ * does not touch nsproxy refcounts -+ * will hold a reference on the result. -+ */ ++ return err; ++} + -+struct nsproxy *vs_mix_nsproxy(struct nsproxy *old_nsproxy, -+ struct nsproxy *new_nsproxy, unsigned long mask) ++EXPORT_SYMBOL(netif_rx_ni); ++ ++static inline struct net_device *skb_bond(struct sk_buff *skb) +{ -+ struct mnt_namespace *old_ns; -+ struct uts_namespace *old_uts; -+ struct ipc_namespace *old_ipc; -+ struct net *old_net; -+ struct nsproxy *nsproxy; ++ struct net_device *dev = skb->dev; + -+ nsproxy = copy_nsproxy(old_nsproxy); -+ if (!nsproxy) -+ goto out; ++ if (dev->master) { ++ if (skb_bond_should_drop(skb)) { ++ kfree_skb(skb); ++ return NULL; ++ } ++ skb->dev = dev->master; ++ } + -+ if (mask & CLONE_NEWNS) { -+ old_ns = nsproxy->mnt_ns; -+ nsproxy->mnt_ns = new_nsproxy->mnt_ns; -+ if (nsproxy->mnt_ns) -+ get_mnt_ns(nsproxy->mnt_ns); -+ } else -+ old_ns = NULL; ++ return dev; ++} + -+ if (mask & CLONE_NEWUTS) { -+ old_uts = nsproxy->uts_ns; -+ nsproxy->uts_ns = new_nsproxy->uts_ns; -+ if (nsproxy->uts_ns) -+ get_uts_ns(nsproxy->uts_ns); -+ } else -+ old_uts = NULL; ++static void net_tx_action(struct softirq_action *h) ++{ ++ struct softnet_data *sd = &__get_cpu_var(softnet_data); + -+ if (mask & CLONE_NEWIPC) { -+ old_ipc = nsproxy->ipc_ns; -+ nsproxy->ipc_ns = new_nsproxy->ipc_ns; -+ if (nsproxy->ipc_ns) -+ get_ipc_ns(nsproxy->ipc_ns); -+ } else -+ old_ipc = NULL; -+ -+ if (mask & CLONE_NEWNET) { -+ old_net = nsproxy->net_ns; -+ nsproxy->net_ns = new_nsproxy->net_ns; -+ if (nsproxy->net_ns) { -+ get_net(nsproxy->net_ns); -+ printk(KERN_ALERT "Cloning network namespace\n"); -+ } -+ } else -+ old_net = NULL; ++ if (sd->completion_queue) { ++ struct sk_buff *clist; + ++ local_irq_disable(); ++ clist = sd->completion_queue; ++ sd->completion_queue = NULL; ++ local_irq_enable(); + -+ if (old_ns) -+ put_mnt_ns(old_ns); -+ if (old_uts) -+ put_uts_ns(old_uts); -+ if (old_ipc) -+ put_ipc_ns(old_ipc); -+ if (old_net) -+ put_net(old_net); ++ while (clist) { ++ struct sk_buff *skb = clist; ++ clist = clist->next; + -+out: -+ return nsproxy; -+} ++ BUG_TRAP(!atomic_read(&skb->users)); ++ __kfree_skb(skb); ++ } ++ } + ++ if (sd->output_queue) { ++ struct net_device *head; + -+/* -+ * merge two nsproxy structs into a new one. -+ * will hold a reference on the result. -+ */ ++ local_irq_disable(); ++ head = sd->output_queue; ++ sd->output_queue = NULL; ++ local_irq_enable(); + -+static inline -+struct nsproxy *__vs_merge_nsproxy(struct nsproxy *old, -+ struct nsproxy *proxy, unsigned long mask) -+{ -+ struct nsproxy null_proxy = { .mnt_ns = NULL }; ++ while (head) { ++ struct net_device *dev = head; ++ head = head->next_sched; + -+ if (!proxy) -+ return NULL; ++ smp_mb__before_clear_bit(); ++ clear_bit(__LINK_STATE_SCHED, &dev->state); + -+ if (mask) { -+ /* vs_mix_nsproxy returns with reference */ -+ return vs_mix_nsproxy(old ? old : &null_proxy, -+ proxy, mask); ++ if (spin_trylock(&dev->queue_lock)) { ++ qdisc_run(dev); ++ spin_unlock(&dev->queue_lock); ++ } else { ++ netif_schedule(dev); ++ } ++ } + } -+ get_nsproxy(proxy); -+ return proxy; +} + ++static inline int deliver_skb(struct sk_buff *skb, ++ struct packet_type *pt_prev, ++ struct net_device *orig_dev) ++{ ++ atomic_inc(&skb->users); ++ return pt_prev->func(skb, skb->dev, pt_prev, orig_dev); ++} ++ ++#if defined(CONFIG_BRIDGE) || defined (CONFIG_BRIDGE_MODULE) ++/* These hooks defined here for ATM */ ++struct net_bridge; ++struct net_bridge_fdb_entry *(*br_fdb_get_hook)(struct net_bridge *br, ++ unsigned char *addr); ++void (*br_fdb_put_hook)(struct net_bridge_fdb_entry *ent) __read_mostly; ++ +/* -+ * merge two fs structs into a new one. -+ * will take a reference on the result. ++ * If bridge module is loaded call bridging hook. ++ * returns NULL if packet was consumed. + */ -+ -+static inline -+struct fs_struct *__vs_merge_fs(struct fs_struct *old, -+ struct fs_struct *fs, unsigned long mask) ++struct sk_buff *(*br_handle_frame_hook)(struct net_bridge_port *p, ++ struct sk_buff *skb) __read_mostly; ++static inline struct sk_buff *handle_bridge(struct sk_buff *skb, ++ struct packet_type **pt_prev, int *ret, ++ struct net_device *orig_dev) +{ -+ if (!(mask & CLONE_FS)) { -+ if (old) -+ atomic_inc(&old->count); -+ return old; -+ } ++ struct net_bridge_port *port; + -+ if (!fs) -+ return NULL; ++ if (skb->pkt_type == PACKET_LOOPBACK || ++ (port = rcu_dereference(skb->dev->br_port)) == NULL) ++ return skb; ++ ++ if (*pt_prev) { ++ *ret = deliver_skb(skb, *pt_prev, orig_dev); ++ *pt_prev = NULL; ++ } + -+ return copy_fs_struct(fs); ++ return br_handle_frame_hook(port, skb); +} ++#else ++#define handle_bridge(skb, pt_prev, ret, orig_dev) (skb) ++#endif + ++#ifdef CONFIG_NET_CLS_ACT ++/* TODO: Maybe we should just force sch_ingress to be compiled in ++ * when CONFIG_NET_CLS_ACT is? otherwise some useless instructions ++ * a compare and 2 stores extra right now if we dont have it on ++ * but have CONFIG_NET_CLS_ACT ++ * NOTE: This doesnt stop any functionality; if you dont have ++ * the ingress scheduler, you just cant add policies on ingress. ++ * ++ */ ++static int ing_filter(struct sk_buff *skb) ++{ ++ struct Qdisc *q; ++ struct net_device *dev = skb->dev; ++ int result = TC_ACT_OK; ++ ++ if (dev->qdisc_ingress) { ++ __u32 ttl = (__u32) G_TC_RTTL(skb->tc_verd); ++ if (MAX_RED_LOOP < ttl++) { ++ printk(KERN_WARNING "Redir loop detected Dropping packet (%d->%d)\n", ++ skb->iif, skb->dev->ifindex); ++ return TC_ACT_SHOT; ++ } + -+int vx_enter_space(struct vx_info *vxi, unsigned long mask) -+{ -+ struct nsproxy *proxy, *proxy_cur, *proxy_new; -+ struct fs_struct *fs, *fs_cur, *fs_new; -+ int ret; ++ skb->tc_verd = SET_TC_RTTL(skb->tc_verd,ttl); + -+ if (vx_info_flags(vxi, VXF_INFO_PRIVATE, 0)) -+ return -EACCES; ++ skb->tc_verd = SET_TC_AT(skb->tc_verd,AT_INGRESS); + -+ if (!mask) -+ mask = vxi->vx_nsmask; ++ spin_lock(&dev->ingress_lock); ++ if ((q = dev->qdisc_ingress) != NULL) ++ result = q->enqueue(skb, q); ++ spin_unlock(&dev->ingress_lock); + -+ if ((mask & vxi->vx_nsmask) != mask) -+ return -EINVAL; ++ } + -+ proxy = vxi->vx_nsproxy; -+ fs = vxi->vx_fs; ++ return result; ++} ++#endif + -+ task_lock(current); -+ fs_cur = current->fs; -+ atomic_inc(&fs_cur->count); -+ proxy_cur = current->nsproxy; -+ get_nsproxy(proxy_cur); -+ task_unlock(current); ++int netif_receive_skb(struct sk_buff *skb) ++{ ++ struct packet_type *ptype, *pt_prev; ++ struct net_device *orig_dev; ++ int ret = NET_RX_DROP; ++ __be16 type; + -+ fs_new = __vs_merge_fs(fs_cur, fs, mask); -+ if (IS_ERR(fs_new)) { -+ ret = PTR_ERR(fs_new); -+ goto out_put; -+ } ++ /* if we've gotten here through NAPI, check netpoll */ ++ if (skb->dev->poll && netpoll_rx(skb)) ++ return NET_RX_DROP; + -+ proxy_new = __vs_merge_nsproxy(proxy_cur, proxy, mask); -+ if (IS_ERR(proxy_new)) { -+ ret = PTR_ERR(proxy_new); -+ goto out_put_fs; -+ } ++ if (!skb->tstamp.tv64) ++ net_timestamp(skb); + -+ fs_new = xchg(¤t->fs, fs_new); -+ proxy_new = xchg(¤t->nsproxy, proxy_new); -+ ret = 0; ++ if (!skb->iif) ++ skb->iif = skb->dev->ifindex; + -+ if (proxy_new) -+ put_nsproxy(proxy_new); -+out_put_fs: -+ if (fs_new) -+ put_fs_struct(fs_new); -+out_put: -+ if (proxy_cur) -+ put_nsproxy(proxy_cur); -+ if (fs_cur) -+ put_fs_struct(fs_cur); -+ return ret; -+} ++ orig_dev = skb_bond(skb); + ++ if (!orig_dev) ++ return NET_RX_DROP; + -+int vx_set_space(struct vx_info *vxi, unsigned long mask) -+{ -+ struct nsproxy *proxy_vxi, *proxy_cur, *proxy_new; -+ struct fs_struct *fs_vxi, *fs_cur, *fs_new; -+ int ret; ++ __get_cpu_var(netdev_rx_stat).total++; + -+ if (!mask) -+ mask = space_mask.mask; ++ skb_reset_network_header(skb); ++ skb_reset_transport_header(skb); ++ skb->mac_len = skb->network_header - skb->mac_header; + -+ if ((mask & space_mask.mask) != mask) -+ return -EINVAL; ++ pt_prev = NULL; + -+ proxy_vxi = vxi->vx_nsproxy; -+ fs_vxi = vxi->vx_fs; ++ rcu_read_lock(); + -+ task_lock(current); -+ fs_cur = current->fs; -+ atomic_inc(&fs_cur->count); -+ proxy_cur = current->nsproxy; -+ get_nsproxy(proxy_cur); -+ task_unlock(current); ++ sb_hook(skb,pt_prev,skb->dev); + -+ fs_new = __vs_merge_fs(fs_vxi, fs_cur, mask); -+ if (IS_ERR(fs_new)) { -+ ret = PTR_ERR(fs_new); -+ goto out_put; ++#ifdef CONFIG_NET_CLS_ACT ++ if (skb->tc_verd & TC_NCLS) { ++ skb->tc_verd = CLR_TC_NCLS(skb->tc_verd); ++ goto ncls; + } ++#endif + -+ proxy_new = __vs_merge_nsproxy(proxy_vxi, proxy_cur, mask); -+ if (IS_ERR(proxy_new)) { -+ ret = PTR_ERR(proxy_new); -+ goto out_put_fs; ++ list_for_each_entry_rcu(ptype, &ptype_all, list) { ++ if (!ptype->dev || ptype->dev == skb->dev) { ++ if (pt_prev) ++ ret = deliver_skb(skb, pt_prev, skb->dev); ++ pt_prev = ptype; ++ } + } + -+ fs_new = xchg(&vxi->vx_fs, fs_new); -+ proxy_new = xchg(&vxi->vx_nsproxy, proxy_new); -+ vxi->vx_nsmask |= mask; -+ ret = 0; -+ -+ if (proxy_new) -+ put_nsproxy(proxy_new); -+out_put_fs: -+ if (fs_new) -+ put_fs_struct(fs_new); -+out_put: -+ if (proxy_cur) -+ put_nsproxy(proxy_cur); -+ if (fs_cur) -+ put_fs_struct(fs_cur); -+ return ret; -+} ++#ifdef CONFIG_NET_CLS_ACT ++ if (pt_prev) { ++ ret = deliver_skb(skb, pt_prev, skb->dev); ++ pt_prev = NULL; /* noone else should process this after*/ ++ } else { ++ skb->tc_verd = SET_TC_OK2MUNGE(skb->tc_verd); ++ } + ++ ret = ing_filter(skb); + -+int vc_enter_space(struct vx_info *vxi, void __user *data) -+{ -+ /* Ask dhozac how to pass this flag from user space - Sapan*/ -+ struct vcmd_space_mask vc_data = { .mask = CLONE_NEWNET }; ++ if (ret == TC_ACT_SHOT || (ret == TC_ACT_STOLEN)) { ++ kfree_skb(skb); ++ goto out; ++ } + -+ if (data && copy_from_user(&vc_data, data, sizeof(vc_data))) -+ return -EFAULT; ++ skb->tc_verd = 0; ++ncls: ++#endif + -+ return vx_enter_space(vxi, vc_data.mask); -+} ++ skb = handle_bridge(skb, &pt_prev, &ret, orig_dev); ++ if (!skb) ++ goto out; + -+int vc_set_space(struct vx_info *vxi, void __user *data) -+{ -+ struct vcmd_space_mask vc_data = { .mask = 0 }; ++ type = skb->protocol; ++ list_for_each_entry_rcu(ptype, &ptype_base[ntohs(type)&15], list) { ++ if (ptype->type == type && ++ (!ptype->dev || ptype->dev == skb->dev)) { ++ if (pt_prev) ++ ret = deliver_skb(skb, pt_prev, skb->dev); ++ pt_prev = ptype; ++ } ++ } + -+ if (data && copy_from_user(&vc_data, data, sizeof(vc_data))) -+ return -EFAULT; ++ if (pt_prev) { ++ ret = pt_prev->func(skb, skb->dev, pt_prev, skb->dev); ++ } else { ++ kfree_skb(skb); ++ /* Jamal, now you will not able to escape explaining ++ * me how you were going to use this. :-) ++ */ ++ ret = NET_RX_DROP; ++ } + -+ return vx_set_space(vxi, vc_data.mask); ++out: ++ rcu_read_unlock(); ++ return ret; +} + -+int vc_get_space_mask(struct vx_info *vxi, void __user *data) ++static int process_backlog(struct net_device *backlog_dev, int *budget) +{ -+ if (copy_to_user(data, &space_mask, sizeof(space_mask))) -+ return -EFAULT; -+ return 0; -+} ++ int work = 0; ++ int quota = min(backlog_dev->quota, *budget); ++ struct softnet_data *queue = &__get_cpu_var(softnet_data); ++ unsigned long start_time = jiffies; + -diff -Nurb linux-2.6.22-594/net/core/net_namespace.c linux-2.6.22-595/net/core/net_namespace.c ---- linux-2.6.22-594/net/core/net_namespace.c 2008-03-20 00:05:18.000000000 -0400 -+++ linux-2.6.22-595/net/core/net_namespace.c 2008-03-20 00:14:56.000000000 -0400 -@@ -112,10 +112,12 @@ - ops = list_entry(ptr, struct pernet_operations, list); - if (ops->init) { - error = ops->init(net); -- if (error < 0) -+ if (error < 0) { -+ printk(KERN_ALERT "Error setting up netns: %x\n", ops->init); - goto out_undo; - } - } -+ } - out: - return error; - out_undo: -diff -Nurb linux-2.6.22-594/net/core/net_namespace.c.orig linux-2.6.22-595/net/core/net_namespace.c.orig ---- linux-2.6.22-594/net/core/net_namespace.c.orig 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22-595/net/core/net_namespace.c.orig 2008-03-20 00:05:18.000000000 -0400 -@@ -0,0 +1,332 @@ -+#include -+#include -+#include -+#include -+#include -+#include -+#include ++ backlog_dev->weight = weight_p; ++ for (;;) { ++ struct sk_buff *skb; ++ struct net_device *dev; + -+/* -+ * Our network namespace constructor/destructor lists -+ */ ++ local_irq_disable(); ++ skb = __skb_dequeue(&queue->input_pkt_queue); ++ if (!skb) ++ goto job_done; ++ local_irq_enable(); + -+static LIST_HEAD(pernet_list); -+static struct list_head *first_device = &pernet_list; -+static DEFINE_MUTEX(net_mutex); ++ dev = skb->dev; + -+static DEFINE_MUTEX(net_list_mutex); -+LIST_HEAD(net_namespace_list); ++ netif_receive_skb(skb); + -+static struct kmem_cache *net_cachep; ++ dev_put(dev); + -+struct net init_net; -+EXPORT_SYMBOL_GPL(init_net); ++ work++; + -+void net_lock(void) -+{ -+ mutex_lock(&net_list_mutex); -+} ++ if (work >= quota || jiffies - start_time > 1) ++ break; + -+void net_unlock(void) -+{ -+ mutex_unlock(&net_list_mutex); -+} ++ } + -+static struct net *net_alloc(void) -+{ -+ return kmem_cache_alloc(net_cachep, GFP_KERNEL); -+} ++ backlog_dev->quota -= work; ++ *budget -= work; ++ return -1; + -+static void net_free(struct net *net) -+{ -+ if (!net) -+ return; ++job_done: ++ backlog_dev->quota -= work; ++ *budget -= work; + -+ if (unlikely(atomic_read(&net->use_count) != 0)) { -+ printk(KERN_EMERG "network namespace not free! Usage: %d\n", -+ atomic_read(&net->use_count)); -+ return; -+ } ++ list_del(&backlog_dev->poll_list); ++ smp_mb__before_clear_bit(); ++ netif_poll_enable(backlog_dev); + -+ kmem_cache_free(net_cachep, net); ++ local_irq_enable(); ++ return 0; +} + -+static void cleanup_net(struct work_struct *work) ++static void net_rx_action(struct softirq_action *h) +{ -+ struct pernet_operations *ops; -+ struct list_head *ptr; -+ struct net *net; ++ struct softnet_data *queue = &__get_cpu_var(softnet_data); ++ unsigned long start_time = jiffies; ++ int budget = netdev_budget; ++ void *have; + -+ net = container_of(work, struct net, work); ++ local_irq_disable(); + -+ mutex_lock(&net_mutex); ++ while (!list_empty(&queue->poll_list)) { ++ struct net_device *dev; + -+ /* Don't let anyone else find us. */ -+ net_lock(); -+ list_del(&net->list); -+ net_unlock(); ++ if (budget <= 0 || jiffies - start_time > 1) ++ goto softnet_break; + -+ /* Run all of the network namespace exit methods */ -+ list_for_each_prev(ptr, &pernet_list) { -+ ops = list_entry(ptr, struct pernet_operations, list); -+ if (ops->exit) -+ ops->exit(net); -+ } ++ local_irq_enable(); + -+ mutex_unlock(&net_mutex); ++ dev = list_entry(queue->poll_list.next, ++ struct net_device, poll_list); ++ have = netpoll_poll_lock(dev); + -+ /* Ensure there are no outstanding rcu callbacks using this -+ * network namespace. ++ if (dev->quota <= 0 || dev->poll(dev, &budget)) { ++ netpoll_poll_unlock(have); ++ local_irq_disable(); ++ list_move_tail(&dev->poll_list, &queue->poll_list); ++ if (dev->quota < 0) ++ dev->quota += dev->weight; ++ else ++ dev->quota = dev->weight; ++ } else { ++ netpoll_poll_unlock(have); ++ dev_put(dev); ++ local_irq_disable(); ++ } ++ } ++out: ++ local_irq_enable(); ++#ifdef CONFIG_NET_DMA ++ /* ++ * There may not be any more sk_buffs coming right now, so push ++ * any pending DMA copies to hardware + */ -+ rcu_barrier(); ++ if (!cpus_empty(net_dma.channel_mask)) { ++ int chan_idx; ++ for_each_cpu_mask(chan_idx, net_dma.channel_mask) { ++ struct dma_chan *chan = net_dma.channels[chan_idx]; ++ if (chan) ++ dma_async_memcpy_issue_pending(chan); ++ } ++ } ++#endif ++ return; + -+ /* Finally it is safe to free my network namespace structure */ -+ net_free(net); ++softnet_break: ++ __get_cpu_var(netdev_rx_stat).time_squeeze++; ++ __raise_softirq_irqoff(NET_RX_SOFTIRQ); ++ goto out; +} + ++static gifconf_func_t * gifconf_list [NPROTO]; + -+void __put_net(struct net *net) ++/** ++ * register_gifconf - register a SIOCGIF handler ++ * @family: Address family ++ * @gifconf: Function handler ++ * ++ * Register protocol dependent address dumping routines. The handler ++ * that is passed must not be freed or reused until it has been replaced ++ * by another handler. ++ */ ++int register_gifconf(unsigned int family, gifconf_func_t * gifconf) +{ -+ /* Cleanup the network namespace in process context */ -+ INIT_WORK(&net->work, cleanup_net); -+ schedule_work(&net->work); ++ if (family >= NPROTO) ++ return -EINVAL; ++ gifconf_list[family] = gifconf; ++ return 0; +} -+EXPORT_SYMBOL_GPL(__put_net); ++ + +/* -+ * setup_net runs the initializers for the network namespace object. ++ * Map an interface index to its name (SIOCGIFNAME) + */ -+static int setup_net(struct net *net) ++ ++/* ++ * We need this ioctl for efficient implementation of the ++ * if_indextoname() function required by the IPv6 API. Without ++ * it, we would have to search all the interfaces to find a ++ * match. --pb ++ */ ++ ++static int dev_ifname(struct net *net, struct ifreq __user *arg) +{ -+ /* Must be called with net_mutex held */ -+ struct pernet_operations *ops; -+ struct list_head *ptr; -+ int error; -+ -+ memset(net, 0, sizeof(struct net)); -+ atomic_set(&net->count, 1); -+ atomic_set(&net->use_count, 0); -+ -+ error = 0; -+ list_for_each(ptr, &pernet_list) { -+ ops = list_entry(ptr, struct pernet_operations, list); -+ if (ops->init) { -+ error = ops->init(net); -+ if (error < 0) -+ goto out_undo; -+ } ++ struct net_device *dev; ++ struct ifreq ifr; ++ ++ /* ++ * Fetch the caller's info block. ++ */ ++ ++ if (copy_from_user(&ifr, arg, sizeof(struct ifreq))) ++ return -EFAULT; ++ ++ read_lock(&dev_base_lock); ++ dev = __dev_get_by_index(net, ifr.ifr_ifindex); ++ if (!dev) { ++ read_unlock(&dev_base_lock); ++ return -ENODEV; + } -+out: -+ return error; -+out_undo: -+ /* Walk through the list backwards calling the exit functions -+ * for the pernet modules whose init functions did not fail. ++ ++ strcpy(ifr.ifr_name, dev->name); ++ read_unlock(&dev_base_lock); ++ ++ if (copy_to_user(arg, &ifr, sizeof(struct ifreq))) ++ return -EFAULT; ++ return 0; ++} ++ ++/* ++ * Perform a SIOCGIFCONF call. This structure will change ++ * size eventually, and there is nothing I can do about it. ++ * Thus we will need a 'compatibility mode'. ++ */ ++ ++static int dev_ifconf(struct net *net, char __user *arg) ++{ ++ struct ifconf ifc; ++ struct net_device *dev; ++ char __user *pos; ++ int len; ++ int total; ++ int i; ++ ++ /* ++ * Fetch the caller's info block. ++ */ ++ ++ if (copy_from_user(&ifc, arg, sizeof(struct ifconf))) ++ return -EFAULT; ++ ++ pos = ifc.ifc_buf; ++ len = ifc.ifc_len; ++ ++ /* ++ * Loop over the interfaces, and write an info block for each. + */ -+ for (ptr = ptr->prev; ptr != &pernet_list; ptr = ptr->prev) { -+ ops = list_entry(ptr, struct pernet_operations, list); -+ if (ops->exit) -+ ops->exit(net); ++ ++ total = 0; ++ for_each_netdev(net, dev) { ++ if (!nx_dev_visible(current->nx_info, dev)) ++ continue; ++ for (i = 0; i < NPROTO; i++) { ++ if (gifconf_list[i]) { ++ int done; ++ if (!pos) ++ done = gifconf_list[i](dev, NULL, 0); ++ else ++ done = gifconf_list[i](dev, pos + total, ++ len - total); ++ if (done < 0) ++ return -EFAULT; ++ total += done; ++ } ++ } + } -+ goto out; ++ ++ /* ++ * All done. Write the updated control block back to the caller. ++ */ ++ ifc.ifc_len = total; ++ ++ /* ++ * Both BSD and Solaris return 0 here, so we do too. ++ */ ++ return copy_to_user(arg, &ifc, sizeof(struct ifconf)) ? -EFAULT : 0; +} + -+struct net *copy_net_ns(unsigned long flags, struct net *old_net) ++#ifdef CONFIG_PROC_FS ++/* ++ * This is invoked by the /proc filesystem handler to display a device ++ * in detail. ++ */ ++void *dev_seq_start(struct seq_file *seq, loff_t *pos) +{ -+ struct net *new_net = NULL; -+ int err; ++ struct net *net = seq->private; ++ loff_t off; ++ struct net_device *dev; + -+ get_net(old_net); ++ read_lock(&dev_base_lock); ++ if (!*pos) ++ return SEQ_START_TOKEN; + -+ if (!(flags & CLONE_NEWNET)) -+ return old_net; ++ off = 1; ++ for_each_netdev(net, dev) ++ if (off++ == *pos) ++ return dev; + -+ err = -EPERM; -+ if (!capable(CAP_SYS_ADMIN)) -+ goto out; ++ return NULL; ++} + -+ err = -ENOMEM; -+ new_net = net_alloc(); -+ if (!new_net) -+ goto out; ++void *dev_seq_next(struct seq_file *seq, void *v, loff_t *pos) ++{ ++ struct net *net = seq->private; ++ ++*pos; ++ return v == SEQ_START_TOKEN ? ++ first_net_device(net) : next_net_device((struct net_device *)v); ++} + -+ mutex_lock(&net_mutex); -+ err = setup_net(new_net); -+ if (err) -+ goto out_unlock; ++void dev_seq_stop(struct seq_file *seq, void *v) ++{ ++ read_unlock(&dev_base_lock); ++} ++ ++static void dev_seq_printf_stats(struct seq_file *seq, struct net_device *dev) ++{ ++ struct net_device_stats *stats = dev->get_stats(dev); + -+ net_lock(); -+ list_add_tail(&new_net->list, &net_namespace_list); -+ net_unlock(); ++ if (!nx_dev_visible(current->nx_info, dev)) ++ return; + ++ seq_printf(seq, "%6s:%8lu %7lu %4lu %4lu %4lu %5lu %10lu %9lu " ++ "%8lu %7lu %4lu %4lu %4lu %5lu %7lu %10lu\n", ++ dev->name, stats->rx_bytes, stats->rx_packets, ++ stats->rx_errors, ++ stats->rx_dropped + stats->rx_missed_errors, ++ stats->rx_fifo_errors, ++ stats->rx_length_errors + stats->rx_over_errors + ++ stats->rx_crc_errors + stats->rx_frame_errors, ++ stats->rx_compressed, stats->multicast, ++ stats->tx_bytes, stats->tx_packets, ++ stats->tx_errors, stats->tx_dropped, ++ stats->tx_fifo_errors, stats->collisions, ++ stats->tx_carrier_errors + ++ stats->tx_aborted_errors + ++ stats->tx_window_errors + ++ stats->tx_heartbeat_errors, ++ stats->tx_compressed); ++} + -+out_unlock: -+ mutex_unlock(&net_mutex); -+out: -+ put_net(old_net); -+ if (err) { -+ net_free(new_net); -+ new_net = ERR_PTR(err); -+ } -+ return new_net; ++/* ++ * Called from the PROCfs module. This now uses the new arbitrary sized ++ * /proc/net interface to create /proc/net/dev ++ */ ++static int dev_seq_show(struct seq_file *seq, void *v) ++{ ++ if (v == SEQ_START_TOKEN) ++ seq_puts(seq, "Inter-| Receive " ++ " | Transmit\n" ++ " face |bytes packets errs drop fifo frame " ++ "compressed multicast|bytes packets errs " ++ "drop fifo colls carrier compressed\n"); ++ else ++ dev_seq_printf_stats(seq, v); ++ return 0; +} + -+static int __init net_ns_init(void) ++static struct netif_rx_stats *softnet_get_online(loff_t *pos) +{ -+ int err; ++ struct netif_rx_stats *rc = NULL; ++ ++ while (*pos < NR_CPUS) ++ if (cpu_online(*pos)) { ++ rc = &per_cpu(netdev_rx_stat, *pos); ++ break; ++ } else ++ ++*pos; ++ return rc; ++} + -+ printk(KERN_INFO "net_namespace: %zd bytes\n", sizeof(struct net)); -+ net_cachep = kmem_cache_create("net_namespace", sizeof(struct net), -+ SMP_CACHE_BYTES, -+ SLAB_PANIC, NULL, NULL); -+ mutex_lock(&net_mutex); -+ err = setup_net(&init_net); ++static void *softnet_seq_start(struct seq_file *seq, loff_t *pos) ++{ ++ return softnet_get_online(pos); ++} ++ ++static void *softnet_seq_next(struct seq_file *seq, void *v, loff_t *pos) ++{ ++ ++*pos; ++ return softnet_get_online(pos); ++} + -+ net_lock(); -+ list_add_tail(&init_net.list, &net_namespace_list); -+ net_unlock(); ++static void softnet_seq_stop(struct seq_file *seq, void *v) ++{ ++} + -+ mutex_unlock(&net_mutex); -+ if (err) -+ panic("Could not setup the initial network namespace"); ++static int softnet_seq_show(struct seq_file *seq, void *v) ++{ ++ struct netif_rx_stats *s = v; + ++ seq_printf(seq, "%08x %08x %08x %08x %08x %08x %08x %08x %08x\n", ++ s->total, s->dropped, s->time_squeeze, 0, ++ 0, 0, 0, 0, /* was fastroute */ ++ s->cpu_collision ); + return 0; +} + -+pure_initcall(net_ns_init); ++static const struct seq_operations dev_seq_ops = { ++ .start = dev_seq_start, ++ .next = dev_seq_next, ++ .stop = dev_seq_stop, ++ .show = dev_seq_show, ++}; ++ ++static int dev_seq_open(struct inode *inode, struct file *file) ++{ ++ struct seq_file *seq; ++ int res; ++ res = seq_open(file, &dev_seq_ops); ++ if (!res) { ++ seq = file->private_data; ++ seq->private = get_net(PROC_NET(inode)); ++ } ++ return res; ++} ++ ++static int dev_seq_release(struct inode *inode, struct file *file) ++{ ++ struct seq_file *seq = file->private_data; ++ struct net *net = seq->private; ++ put_net(net); ++ return seq_release(inode, file); ++} ++ ++static const struct file_operations dev_seq_fops = { ++ .owner = THIS_MODULE, ++ .open = dev_seq_open, ++ .read = seq_read, ++ .llseek = seq_lseek, ++ .release = dev_seq_release, ++}; ++ ++static const struct seq_operations softnet_seq_ops = { ++ .start = softnet_seq_start, ++ .next = softnet_seq_next, ++ .stop = softnet_seq_stop, ++ .show = softnet_seq_show, ++}; ++ ++static int softnet_seq_open(struct inode *inode, struct file *file) ++{ ++ return seq_open(file, &softnet_seq_ops); ++} ++ ++static const struct file_operations softnet_seq_fops = { ++ .owner = THIS_MODULE, ++ .open = softnet_seq_open, ++ .read = seq_read, ++ .llseek = seq_lseek, ++ .release = seq_release, ++}; + -+static int register_pernet_operations(struct list_head *list, -+ struct pernet_operations *ops) ++static void *ptype_get_idx(loff_t pos) +{ -+ struct net *net, *undo_net; -+ int error; -+ -+ error = 0; -+ list_add_tail(&ops->list, list); -+ for_each_net(net) { -+ if (ops->init) { -+ error = ops->init(net); -+ if (error) -+ goto out_undo; ++ struct packet_type *pt = NULL; ++ loff_t i = 0; ++ int t; ++ ++ list_for_each_entry_rcu(pt, &ptype_all, list) { ++ if (i == pos) ++ return pt; ++ ++i; ++ } ++ ++ for (t = 0; t < 16; t++) { ++ list_for_each_entry_rcu(pt, &ptype_base[t], list) { ++ if (i == pos) ++ return pt; ++ ++i; + } + } -+out: -+ return error; -+ -+out_undo: -+ /* If I have an error cleanup all namespaces I initialized */ -+ list_del(&ops->list); -+ for_each_net(undo_net) { -+ if (undo_net == net) -+ goto undone; -+ if (ops->exit) -+ ops->exit(undo_net); ++ return NULL; ++} ++ ++static void *ptype_seq_start(struct seq_file *seq, loff_t *pos) ++{ ++ rcu_read_lock(); ++ return *pos ? ptype_get_idx(*pos - 1) : SEQ_START_TOKEN; ++} ++ ++static void *ptype_seq_next(struct seq_file *seq, void *v, loff_t *pos) ++{ ++ struct packet_type *pt; ++ struct list_head *nxt; ++ int hash; ++ ++ ++*pos; ++ if (v == SEQ_START_TOKEN) ++ return ptype_get_idx(0); ++ ++ pt = v; ++ nxt = pt->list.next; ++ if (pt->type == htons(ETH_P_ALL)) { ++ if (nxt != &ptype_all) ++ goto found; ++ hash = 0; ++ nxt = ptype_base[0].next; ++ } else ++ hash = ntohs(pt->type) & 15; ++ ++ while (nxt == &ptype_base[hash]) { ++ if (++hash >= 16) ++ return NULL; ++ nxt = ptype_base[hash].next; ++ } ++found: ++ return list_entry(nxt, struct packet_type, list); ++} ++ ++static void ptype_seq_stop(struct seq_file *seq, void *v) ++{ ++ rcu_read_unlock(); ++} ++ ++static void ptype_seq_decode(struct seq_file *seq, void *sym) ++{ ++#ifdef CONFIG_KALLSYMS ++ unsigned long offset = 0, symsize; ++ const char *symname; ++ char *modname; ++ char namebuf[128]; ++ ++ symname = kallsyms_lookup((unsigned long)sym, &symsize, &offset, ++ &modname, namebuf); ++ ++ if (symname) { ++ char *delim = ":"; ++ ++ if (!modname) ++ modname = delim = ""; ++ seq_printf(seq, "%s%s%s%s+0x%lx", delim, modname, delim, ++ symname, offset); ++ return; ++ } ++#endif ++ ++ seq_printf(seq, "[%p]", sym); ++} ++ ++static int ptype_seq_show(struct seq_file *seq, void *v) ++{ ++ struct packet_type *pt = v; ++ ++ if (v == SEQ_START_TOKEN) ++ seq_puts(seq, "Type Device Function\n"); ++ else { ++ if (pt->type == htons(ETH_P_ALL)) ++ seq_puts(seq, "ALL "); ++ else ++ seq_printf(seq, "%04x", ntohs(pt->type)); ++ ++ seq_printf(seq, " %-8s ", ++ pt->dev ? pt->dev->name : ""); ++ ptype_seq_decode(seq, pt->func); ++ seq_putc(seq, '\n'); + } -+undone: ++ ++ return 0; ++} ++ ++static const struct seq_operations ptype_seq_ops = { ++ .start = ptype_seq_start, ++ .next = ptype_seq_next, ++ .stop = ptype_seq_stop, ++ .show = ptype_seq_show, ++}; ++ ++static int ptype_seq_open(struct inode *inode, struct file *file) ++{ ++ return seq_open(file, &ptype_seq_ops); ++} ++ ++static const struct file_operations ptype_seq_fops = { ++ .owner = THIS_MODULE, ++ .open = ptype_seq_open, ++ .read = seq_read, ++ .llseek = seq_lseek, ++ .release = seq_release, ++}; ++ ++ ++static int dev_proc_net_init(struct net *net) ++{ ++ int rc = -ENOMEM; ++ ++ if (!proc_net_fops_create(net, "dev", S_IRUGO, &dev_seq_fops)) ++ goto out; ++ if (!proc_net_fops_create(net, "softnet_stat", S_IRUGO, &softnet_seq_fops)) ++ goto out_dev; ++ if (!proc_net_fops_create(net, "ptype", S_IRUGO, &ptype_seq_fops)) ++ goto out_softnet; ++ ++ if (wext_proc_init(net)) ++ goto out_ptype; ++ rc = 0; ++out: ++ return rc; ++out_ptype: ++ proc_net_remove(net, "ptype"); ++out_softnet: ++ proc_net_remove(net, "softnet_stat"); ++out_dev: ++ proc_net_remove(net, "dev"); + goto out; +} + -+static void unregister_pernet_operations(struct pernet_operations *ops) ++static void dev_proc_net_exit(struct net *net) +{ -+ struct net *net; ++ wext_proc_exit(net); + -+ list_del(&ops->list); -+ for_each_net(net) -+ if (ops->exit) -+ ops->exit(net); ++ proc_net_remove(net, "ptype"); ++ proc_net_remove(net, "softnet_stat"); ++ proc_net_remove(net, "dev"); +} + -+/** -+ * register_pernet_subsys - register a network namespace subsystem -+ * @ops: pernet operations structure for the subsystem -+ * -+ * Register a subsystem which has init and exit functions -+ * that are called when network namespaces are created and -+ * destroyed respectively. -+ * -+ * When registered all network namespace init functions are -+ * called for every existing network namespace. Allowing kernel -+ * modules to have a race free view of the set of network namespaces. -+ * -+ * When a new network namespace is created all of the init -+ * methods are called in the order in which they were registered. -+ * -+ * When a network namespace is destroyed all of the exit methods -+ * are called in the reverse of the order with which they were -+ * registered. -+ */ -+int register_pernet_subsys(struct pernet_operations *ops) ++static struct pernet_operations dev_proc_ops = { ++ .init = dev_proc_net_init, ++ .exit = dev_proc_net_exit, ++}; ++ ++static int __init dev_proc_init(void) +{ -+ int error; -+ mutex_lock(&net_mutex); -+ error = register_pernet_operations(first_device, ops); -+ mutex_unlock(&net_mutex); -+ return error; ++ return register_pernet_subsys(&dev_proc_ops); +} -+EXPORT_SYMBOL_GPL(register_pernet_subsys); ++#else ++#define dev_proc_init() 0 ++#endif /* CONFIG_PROC_FS */ ++ + +/** -+ * unregister_pernet_subsys - unregister a network namespace subsystem -+ * @ops: pernet operations structure to manipulate ++ * netdev_set_master - set up master/slave pair ++ * @slave: slave device ++ * @master: new master device + * -+ * Remove the pernet operations structure from the list to be -+ * used when network namespaces are created or destoryed. In -+ * addition run the exit method for all existing network -+ * namespaces. ++ * Changes the master device of the slave. Pass %NULL to break the ++ * bonding. The caller must hold the RTNL semaphore. On a failure ++ * a negative errno code is returned. On success the reference counts ++ * are adjusted, %RTM_NEWLINK is sent to the routing socket and the ++ * function returns zero. + */ -+void unregister_pernet_subsys(struct pernet_operations *module) ++int netdev_set_master(struct net_device *slave, struct net_device *master) +{ -+ mutex_lock(&net_mutex); -+ unregister_pernet_operations(module); -+ mutex_unlock(&net_mutex); ++ struct net_device *old = slave->master; ++ ++ ASSERT_RTNL(); ++ ++ if (master) { ++ if (old) ++ return -EBUSY; ++ dev_hold(master); ++ } ++ ++ slave->master = master; ++ ++ synchronize_net(); ++ ++ if (old) ++ dev_put(old); ++ ++ if (master) ++ slave->flags |= IFF_SLAVE; ++ else ++ slave->flags &= ~IFF_SLAVE; ++ ++ rtmsg_ifinfo(RTM_NEWLINK, slave, IFF_SLAVE); ++ return 0; +} -+EXPORT_SYMBOL_GPL(unregister_pernet_subsys); + +/** -+ * register_pernet_device - register a network namespace device -+ * @ops: pernet operations structure for the subsystem -+ * -+ * Register a device which has init and exit functions -+ * that are called when network namespaces are created and -+ * destroyed respectively. ++ * dev_set_promiscuity - update promiscuity count on a device ++ * @dev: device ++ * @inc: modifier + * -+ * When registered all network namespace init functions are -+ * called for every existing network namespace. Allowing kernel -+ * modules to have a race free view of the set of network namespaces. -+ * -+ * When a new network namespace is created all of the init -+ * methods are called in the order in which they were registered. -+ * -+ * When a network namespace is destroyed all of the exit methods -+ * are called in the reverse of the order with which they were -+ * registered. ++ * Add or remove promiscuity from a device. While the count in the device ++ * remains above zero the interface remains promiscuous. Once it hits zero ++ * the device reverts back to normal filtering operation. A negative inc ++ * value is used to drop promiscuity on the device. + */ -+int register_pernet_device(struct pernet_operations *ops) ++void dev_set_promiscuity(struct net_device *dev, int inc) +{ -+ int error; -+ mutex_lock(&net_mutex); -+ error = register_pernet_operations(&pernet_list, ops); -+ if (!error && (first_device == &pernet_list)) -+ first_device = &ops->list; -+ mutex_unlock(&net_mutex); -+ return error; ++ unsigned short old_flags = dev->flags; ++ ++ if ((dev->promiscuity += inc) == 0) ++ dev->flags &= ~IFF_PROMISC; ++ else ++ dev->flags |= IFF_PROMISC; ++ if (dev->flags != old_flags) { ++ dev_mc_upload(dev); ++ printk(KERN_INFO "device %s %s promiscuous mode\n", ++ dev->name, (dev->flags & IFF_PROMISC) ? "entered" : ++ "left"); ++ audit_log(current->audit_context, GFP_ATOMIC, ++ AUDIT_ANOM_PROMISCUOUS, ++ "dev=%s prom=%d old_prom=%d auid=%u", ++ dev->name, (dev->flags & IFF_PROMISC), ++ (old_flags & IFF_PROMISC), ++ audit_get_loginuid(current->audit_context)); ++ } +} -+EXPORT_SYMBOL_GPL(register_pernet_device); + +/** -+ * unregister_pernet_device - unregister a network namespace netdevice -+ * @ops: pernet operations structure to manipulate ++ * dev_set_allmulti - update allmulti count on a device ++ * @dev: device ++ * @inc: modifier + * -+ * Remove the pernet operations structure from the list to be -+ * used when network namespaces are created or destoryed. In -+ * addition run the exit method for all existing network -+ * namespaces. ++ * Add or remove reception of all multicast frames to a device. While the ++ * count in the device remains above zero the interface remains listening ++ * to all interfaces. Once it hits zero the device reverts back to normal ++ * filtering operation. A negative @inc value is used to drop the counter ++ * when releasing a resource needing all multicasts. + */ -+void unregister_pernet_device(struct pernet_operations *ops) ++ ++void dev_set_allmulti(struct net_device *dev, int inc) +{ -+ mutex_lock(&net_mutex); -+ if (&ops->list == first_device) -+ first_device = first_device->next; -+ unregister_pernet_operations(ops); -+ mutex_unlock(&net_mutex); ++ unsigned short old_flags = dev->flags; ++ ++ dev->flags |= IFF_ALLMULTI; ++ if ((dev->allmulti += inc) == 0) ++ dev->flags &= ~IFF_ALLMULTI; ++ if (dev->flags ^ old_flags) ++ dev_mc_upload(dev); +} -+EXPORT_SYMBOL_GPL(unregister_pernet_device); -diff -Nurb linux-2.6.22-594/net/ipv4/af_inet.c.orig linux-2.6.22-595/net/ipv4/af_inet.c.orig ---- linux-2.6.22-594/net/ipv4/af_inet.c.orig 2008-03-20 00:05:18.000000000 -0400 -+++ linux-2.6.22-595/net/ipv4/af_inet.c.orig 1969-12-31 19:00:00.000000000 -0500 -@@ -1,1522 +0,0 @@ --/* -- * INET An implementation of the TCP/IP protocol suite for the LINUX -- * operating system. INET is implemented using the BSD Socket -- * interface as the means of communication with the user level. -- * -- * PF_INET protocol family socket handler. -- * -- * Version: $Id: af_inet.c,v 1.137 2002/02/01 22:01:03 davem Exp $ -- * -- * Authors: Ross Biro -- * Fred N. van Kempen, -- * Florian La Roche, -- * Alan Cox, -- * -- * Changes (see also sock.c) -- * -- * piggy, -- * Karl Knutson : Socket protocol table -- * A.N.Kuznetsov : Socket death error in accept(). -- * John Richardson : Fix non blocking error in connect() -- * so sockets that fail to connect -- * don't return -EINPROGRESS. -- * Alan Cox : Asynchronous I/O support -- * Alan Cox : Keep correct socket pointer on sock -- * structures -- * when accept() ed -- * Alan Cox : Semantics of SO_LINGER aren't state -- * moved to close when you look carefully. -- * With this fixed and the accept bug fixed -- * some RPC stuff seems happier. -- * Niibe Yutaka : 4.4BSD style write async I/O -- * Alan Cox, -- * Tony Gale : Fixed reuse semantics. -- * Alan Cox : bind() shouldn't abort existing but dead -- * sockets. Stops FTP netin:.. I hope. -- * Alan Cox : bind() works correctly for RAW sockets. -- * Note that FreeBSD at least was broken -- * in this respect so be careful with -- * compatibility tests... -- * Alan Cox : routing cache support -- * Alan Cox : memzero the socket structure for -- * compactness. -- * Matt Day : nonblock connect error handler -- * Alan Cox : Allow large numbers of pending sockets -- * (eg for big web sites), but only if -- * specifically application requested. -- * Alan Cox : New buffering throughout IP. Used -- * dumbly. -- * Alan Cox : New buffering now used smartly. -- * Alan Cox : BSD rather than common sense -- * interpretation of listen. -- * Germano Caronni : Assorted small races. -- * Alan Cox : sendmsg/recvmsg basic support. -- * Alan Cox : Only sendmsg/recvmsg now supported. -- * Alan Cox : Locked down bind (see security list). -- * Alan Cox : Loosened bind a little. -- * Mike McLagan : ADD/DEL DLCI Ioctls -- * Willy Konynenberg : Transparent proxying support. -- * David S. Miller : New socket lookup architecture. -- * Some other random speedups. -- * Cyrus Durgin : Cleaned up file for kmod hacks. -- * Andi Kleen : Fix inet_stream_connect TCP race. -- * -- * This program is free software; you can redistribute it and/or -- * modify it under the terms of the GNU General Public License -- * as published by the Free Software Foundation; either version -- * 2 of the License, or (at your option) any later version. -- */ -- --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include -- --#include --#include -- --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#ifdef CONFIG_IP_MROUTE --#include --#endif --#include -- --DEFINE_SNMP_STAT(struct linux_mib, net_statistics) __read_mostly; -- --extern void ip_mc_drop_socket(struct sock *sk); -- --/* The inetsw table contains everything that inet_create needs to -- * build a new socket. -- */ --static struct list_head inetsw[SOCK_MAX]; --static DEFINE_SPINLOCK(inetsw_lock); -- --/* New destruction routine */ -- --void inet_sock_destruct(struct sock *sk) --{ -- struct inet_sock *inet = inet_sk(sk); -- -- __skb_queue_purge(&sk->sk_receive_queue); -- __skb_queue_purge(&sk->sk_error_queue); -- -- if (sk->sk_type == SOCK_STREAM && sk->sk_state != TCP_CLOSE) { -- printk("Attempt to release TCP socket in state %d %p\n", -- sk->sk_state, sk); -- return; -- } -- if (!sock_flag(sk, SOCK_DEAD)) { -- printk("Attempt to release alive inet socket %p\n", sk); -- return; -- } -- -- BUG_TRAP(!atomic_read(&sk->sk_rmem_alloc)); -- BUG_TRAP(!atomic_read(&sk->sk_wmem_alloc)); -- BUG_TRAP(!sk->sk_wmem_queued); -- BUG_TRAP(!sk->sk_forward_alloc); -- -- kfree(inet->opt); -- dst_release(sk->sk_dst_cache); -- sk_refcnt_debug_dec(sk); --} -- --/* -- * The routines beyond this point handle the behaviour of an AF_INET -- * socket object. Mostly it punts to the subprotocols of IP to do -- * the work. -- */ -- --/* -- * Automatically bind an unbound socket. -- */ -- --static int inet_autobind(struct sock *sk) --{ -- struct inet_sock *inet; -- /* We may need to bind the socket. */ -- lock_sock(sk); -- inet = inet_sk(sk); -- if (!inet->num) { -- if (sk->sk_prot->get_port(sk, 0)) { -- release_sock(sk); -- return -EAGAIN; -- } -- inet->sport = htons(inet->num); -- sk->sk_xid = vx_current_xid(); -- sk->sk_nid = nx_current_nid(); -- } -- release_sock(sk); -- return 0; --} -- --/* -- * Move a socket into listening state. -- */ --int inet_listen(struct socket *sock, int backlog) --{ -- struct sock *sk = sock->sk; -- unsigned char old_state; -- int err; -- -- lock_sock(sk); -- -- err = -EINVAL; -- if (sock->state != SS_UNCONNECTED || sock->type != SOCK_STREAM) -- goto out; -- -- old_state = sk->sk_state; -- if (!((1 << old_state) & (TCPF_CLOSE | TCPF_LISTEN))) -- goto out; -- -- /* Really, if the socket is already in listen state -- * we can only allow the backlog to be adjusted. -- */ -- if (old_state != TCP_LISTEN) { -- err = inet_csk_listen_start(sk, backlog); -- if (err) -- goto out; -- } -- sk->sk_max_ack_backlog = backlog; -- err = 0; -- --out: -- release_sock(sk); -- return err; --} -- --u32 inet_ehash_secret __read_mostly; --EXPORT_SYMBOL(inet_ehash_secret); -- --/* -- * inet_ehash_secret must be set exactly once -- * Instead of using a dedicated spinlock, we (ab)use inetsw_lock -- */ --void build_ehash_secret(void) --{ -- u32 rnd; -- do { -- get_random_bytes(&rnd, sizeof(rnd)); -- } while (rnd == 0); -- spin_lock_bh(&inetsw_lock); -- if (!inet_ehash_secret) -- inet_ehash_secret = rnd; -- spin_unlock_bh(&inetsw_lock); --} --EXPORT_SYMBOL(build_ehash_secret); -- --/* -- * Create an inet socket. -- */ -- --static int inet_create(struct socket *sock, int protocol) --{ -- struct sock *sk; -- struct list_head *p; -- struct inet_protosw *answer; -- struct inet_sock *inet; -- struct proto *answer_prot; -- unsigned char answer_flags; -- char answer_no_check; -- int try_loading_module = 0; -- int err; -- -- if (sock->type != SOCK_RAW && -- sock->type != SOCK_DGRAM && -- !inet_ehash_secret) -- build_ehash_secret(); -- -- sock->state = SS_UNCONNECTED; -- -- /* Look for the requested type/protocol pair. */ -- answer = NULL; --lookup_protocol: -- err = -ESOCKTNOSUPPORT; -- rcu_read_lock(); -- list_for_each_rcu(p, &inetsw[sock->type]) { -- answer = list_entry(p, struct inet_protosw, list); -- -- /* Check the non-wild match. */ -- if (protocol == answer->protocol) { -- if (protocol != IPPROTO_IP) -- break; -- } else { -- /* Check for the two wild cases. */ -- if (IPPROTO_IP == protocol) { -- protocol = answer->protocol; -- break; -- } -- if (IPPROTO_IP == answer->protocol) -- break; -- } -- err = -EPROTONOSUPPORT; -- answer = NULL; -- } -- -- if (unlikely(answer == NULL)) { -- if (try_loading_module < 2) { -- rcu_read_unlock(); -- /* -- * Be more specific, e.g. net-pf-2-proto-132-type-1 -- * (net-pf-PF_INET-proto-IPPROTO_SCTP-type-SOCK_STREAM) -- */ -- if (++try_loading_module == 1) -- request_module("net-pf-%d-proto-%d-type-%d", -- PF_INET, protocol, sock->type); -- /* -- * Fall back to generic, e.g. net-pf-2-proto-132 -- * (net-pf-PF_INET-proto-IPPROTO_SCTP) -- */ -- else -- request_module("net-pf-%d-proto-%d", -- PF_INET, protocol); -- goto lookup_protocol; -- } else -- goto out_rcu_unlock; -- } -- -- err = -EPERM; -- if ((protocol == IPPROTO_ICMP) && -- nx_capable(answer->capability, NXC_RAW_ICMP)) -- goto override; -- if (sock->type == SOCK_RAW && -- nx_capable(answer->capability, NXC_RAW_SOCKET)) -- goto override; -- if (answer->capability > 0 && !capable(answer->capability)) -- goto out_rcu_unlock; --override: -- sock->ops = answer->ops; -- answer_prot = answer->prot; -- answer_no_check = answer->no_check; -- answer_flags = answer->flags; -- rcu_read_unlock(); -- -- BUG_TRAP(answer_prot->slab != NULL); -- -- err = -ENOBUFS; -- sk = sk_alloc(PF_INET, GFP_KERNEL, answer_prot, 1); -- if (sk == NULL) -- goto out; -- -- err = 0; -- sk->sk_no_check = answer_no_check; -- if (INET_PROTOSW_REUSE & answer_flags) -- sk->sk_reuse = 1; -- -- inet = inet_sk(sk); -- inet->is_icsk = (INET_PROTOSW_ICSK & answer_flags) != 0; -- -- if (SOCK_RAW == sock->type) { -- inet->num = protocol; -- if (IPPROTO_RAW == protocol) -- inet->hdrincl = 1; -- } -- -- if (ipv4_config.no_pmtu_disc) -- inet->pmtudisc = IP_PMTUDISC_DONT; -- else -- inet->pmtudisc = IP_PMTUDISC_WANT; -- -- inet->id = 0; -- -- sock_init_data(sock, sk); -- -- sk->sk_destruct = inet_sock_destruct; -- sk->sk_family = PF_INET; -- sk->sk_protocol = protocol; -- sk->sk_backlog_rcv = sk->sk_prot->backlog_rcv; -- -- inet->uc_ttl = -1; -- inet->mc_loop = 1; -- inet->mc_ttl = 1; -- inet->mc_index = 0; -- inet->mc_list = NULL; -- -- sk_refcnt_debug_inc(sk); -- -- if (inet->num) { -- /* It assumes that any protocol which allows -- * the user to assign a number at socket -- * creation time automatically -- * shares. -- */ -- inet->sport = htons(inet->num); -- /* Add to protocol hash chains. */ -- sk->sk_prot->hash(sk); -- } -- -- if (sk->sk_prot->init) { -- err = sk->sk_prot->init(sk); -- if (err) -- sk_common_release(sk); -- } --out: -- return err; --out_rcu_unlock: -- rcu_read_unlock(); -- goto out; --} -- -- --/* -- * The peer socket should always be NULL (or else). When we call this -- * function we are destroying the object and from then on nobody -- * should refer to it. -- */ --int inet_release(struct socket *sock) --{ -- struct sock *sk = sock->sk; -- -- if (sk) { -- long timeout; -- -- /* Applications forget to leave groups before exiting */ -- ip_mc_drop_socket(sk); -- -- /* If linger is set, we don't return until the close -- * is complete. Otherwise we return immediately. The -- * actually closing is done the same either way. -- * -- * If the close is due to the process exiting, we never -- * linger.. -- */ -- timeout = 0; -- if (sock_flag(sk, SOCK_LINGER) && -- !(current->flags & PF_EXITING)) -- timeout = sk->sk_lingertime; -- sock->sk = NULL; -- sk->sk_prot->close(sk, timeout); -- } -- return 0; --} -- --/* It is off by default, see below. */ --int sysctl_ip_nonlocal_bind __read_mostly; -- --int inet_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len) --{ -- struct sockaddr_in *addr = (struct sockaddr_in *)uaddr; -- struct sock *sk = sock->sk; -- struct inet_sock *inet = inet_sk(sk); -- struct nx_v4_sock_addr nsa; -- unsigned short snum; -- int chk_addr_ret; -- int err; -- -- /* If the socket has its own bind function then use it. (RAW) */ -- if (sk->sk_prot->bind) { -- err = sk->sk_prot->bind(sk, uaddr, addr_len); -- goto out; -- } -- err = -EINVAL; -- if (addr_len < sizeof(struct sockaddr_in)) -- goto out; -- -- err = v4_map_sock_addr(inet, addr, &nsa); -- if (err) -- goto out; -- -- chk_addr_ret = inet_addr_type(nsa.saddr); -- -- /* Not specified by any standard per-se, however it breaks too -- * many applications when removed. It is unfortunate since -- * allowing applications to make a non-local bind solves -- * several problems with systems using dynamic addressing. -- * (ie. your servers still start up even if your ISDN link -- * is temporarily down) -- */ -- err = -EADDRNOTAVAIL; -- if (!sysctl_ip_nonlocal_bind && -- !inet->freebind && -- nsa.saddr != INADDR_ANY && -- chk_addr_ret != RTN_LOCAL && -- chk_addr_ret != RTN_MULTICAST && -- chk_addr_ret != RTN_BROADCAST) -- goto out; -- -- snum = ntohs(addr->sin_port); -- err = -EACCES; -- if (snum && snum < PROT_SOCK && !capable(CAP_NET_BIND_SERVICE)) -- goto out; -- -- /* We keep a pair of addresses. rcv_saddr is the one -- * used by hash lookups, and saddr is used for transmit. -- * -- * In the BSD API these are the same except where it -- * would be illegal to use them (multicast/broadcast) in -- * which case the sending device address is used. -- */ -- lock_sock(sk); -- -- /* Check these errors (active socket, double bind). */ -- err = -EINVAL; -- if (sk->sk_state != TCP_CLOSE || inet->num) -- goto out_release_sock; -- -- v4_set_sock_addr(inet, &nsa); -- if (chk_addr_ret == RTN_MULTICAST || chk_addr_ret == RTN_BROADCAST) -- inet->saddr = 0; /* Use device */ -- -- /* Make sure we are allowed to bind here. */ -- if (sk->sk_prot->get_port(sk, snum)) { -- inet->saddr = inet->rcv_saddr = 0; -- err = -EADDRINUSE; -- goto out_release_sock; -- } -- -- if (inet->rcv_saddr) -- sk->sk_userlocks |= SOCK_BINDADDR_LOCK; -- if (snum) -- sk->sk_userlocks |= SOCK_BINDPORT_LOCK; -- inet->sport = htons(inet->num); -- inet->daddr = 0; -- inet->dport = 0; -- sk_dst_reset(sk); -- err = 0; --out_release_sock: -- release_sock(sk); --out: -- return err; --} -- --int inet_dgram_connect(struct socket *sock, struct sockaddr * uaddr, -- int addr_len, int flags) --{ -- struct sock *sk = sock->sk; -- -- if (uaddr->sa_family == AF_UNSPEC) -- return sk->sk_prot->disconnect(sk, flags); -- -- if (!inet_sk(sk)->num && inet_autobind(sk)) -- return -EAGAIN; -- return sk->sk_prot->connect(sk, (struct sockaddr *)uaddr, addr_len); --} -- --static long inet_wait_for_connect(struct sock *sk, long timeo) --{ -- DEFINE_WAIT(wait); -- -- prepare_to_wait(sk->sk_sleep, &wait, TASK_INTERRUPTIBLE); -- -- /* Basic assumption: if someone sets sk->sk_err, he _must_ -- * change state of the socket from TCP_SYN_*. -- * Connect() does not allow to get error notifications -- * without closing the socket. -- */ -- while ((1 << sk->sk_state) & (TCPF_SYN_SENT | TCPF_SYN_RECV)) { -- release_sock(sk); -- timeo = schedule_timeout(timeo); -- lock_sock(sk); -- if (signal_pending(current) || !timeo) -- break; -- prepare_to_wait(sk->sk_sleep, &wait, TASK_INTERRUPTIBLE); -- } -- finish_wait(sk->sk_sleep, &wait); -- return timeo; --} -- --/* -- * Connect to a remote host. There is regrettably still a little -- * TCP 'magic' in here. -- */ --int inet_stream_connect(struct socket *sock, struct sockaddr *uaddr, -- int addr_len, int flags) --{ -- struct sock *sk = sock->sk; -- int err; -- long timeo; -- -- lock_sock(sk); -- -- if (uaddr->sa_family == AF_UNSPEC) { -- err = sk->sk_prot->disconnect(sk, flags); -- sock->state = err ? SS_DISCONNECTING : SS_UNCONNECTED; -- goto out; -- } -- -- switch (sock->state) { -- default: -- err = -EINVAL; -- goto out; -- case SS_CONNECTED: -- err = -EISCONN; -- goto out; -- case SS_CONNECTING: -- err = -EALREADY; -- /* Fall out of switch with err, set for this state */ -- break; -- case SS_UNCONNECTED: -- err = -EISCONN; -- if (sk->sk_state != TCP_CLOSE) -- goto out; -- -- err = sk->sk_prot->connect(sk, uaddr, addr_len); -- if (err < 0) -- goto out; -- -- sock->state = SS_CONNECTING; -- -- /* Just entered SS_CONNECTING state; the only -- * difference is that return value in non-blocking -- * case is EINPROGRESS, rather than EALREADY. -- */ -- err = -EINPROGRESS; -- break; -- } -- -- timeo = sock_sndtimeo(sk, flags & O_NONBLOCK); -- -- if ((1 << sk->sk_state) & (TCPF_SYN_SENT | TCPF_SYN_RECV)) { -- /* Error code is set above */ -- if (!timeo || !inet_wait_for_connect(sk, timeo)) -- goto out; -- -- err = sock_intr_errno(timeo); -- if (signal_pending(current)) -- goto out; -- } -- -- /* Connection was closed by RST, timeout, ICMP error -- * or another process disconnected us. -- */ -- if (sk->sk_state == TCP_CLOSE) -- goto sock_error; -- -- /* sk->sk_err may be not zero now, if RECVERR was ordered by user -- * and error was received after socket entered established state. -- * Hence, it is handled normally after connect() return successfully. -- */ -- -- sock->state = SS_CONNECTED; -- err = 0; --out: -- release_sock(sk); -- return err; -- --sock_error: -- err = sock_error(sk) ? : -ECONNABORTED; -- sock->state = SS_UNCONNECTED; -- if (sk->sk_prot->disconnect(sk, flags)) -- sock->state = SS_DISCONNECTING; -- goto out; --} -- --/* -- * Accept a pending connection. The TCP layer now gives BSD semantics. -- */ -- --int inet_accept(struct socket *sock, struct socket *newsock, int flags) --{ -- struct sock *sk1 = sock->sk; -- int err = -EINVAL; -- struct sock *sk2 = sk1->sk_prot->accept(sk1, flags, &err); -- -- if (!sk2) -- goto do_err; -- -- lock_sock(sk2); -- -- BUG_TRAP((1 << sk2->sk_state) & -- (TCPF_ESTABLISHED | TCPF_CLOSE_WAIT | TCPF_CLOSE)); -- -- sock_graft(sk2, newsock); -- -- newsock->state = SS_CONNECTED; -- err = 0; -- release_sock(sk2); --do_err: -- return err; --} -- -- --/* -- * This does both peername and sockname. -- */ --int inet_getname(struct socket *sock, struct sockaddr *uaddr, -- int *uaddr_len, int peer) --{ -- struct sock *sk = sock->sk; -- struct inet_sock *inet = inet_sk(sk); -- struct sockaddr_in *sin = (struct sockaddr_in *)uaddr; -- -- sin->sin_family = AF_INET; -- if (peer) { -- if (!inet->dport || -- (((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_SYN_SENT)) && -- peer == 1)) -- return -ENOTCONN; -- sin->sin_port = inet->dport; -- sin->sin_addr.s_addr = -- nx_map_sock_lback(sk->sk_nx_info, inet->daddr); -- } else { -- __be32 addr = inet->rcv_saddr; -- if (!addr) -- addr = inet->saddr; -- addr = nx_map_sock_lback(sk->sk_nx_info, addr); -- sin->sin_port = inet->sport; -- sin->sin_addr.s_addr = addr; -- } -- memset(sin->sin_zero, 0, sizeof(sin->sin_zero)); -- *uaddr_len = sizeof(*sin); -- return 0; --} -- --int inet_sendmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, -- size_t size) --{ -- struct sock *sk = sock->sk; -- -- /* We may need to bind the socket. */ -- if (!inet_sk(sk)->num && inet_autobind(sk)) -- return -EAGAIN; -- -- return sk->sk_prot->sendmsg(iocb, sk, msg, size); --} -- -- --static ssize_t inet_sendpage(struct socket *sock, struct page *page, int offset, size_t size, int flags) --{ -- struct sock *sk = sock->sk; -- -- /* We may need to bind the socket. */ -- if (!inet_sk(sk)->num && inet_autobind(sk)) -- return -EAGAIN; -- -- if (sk->sk_prot->sendpage) -- return sk->sk_prot->sendpage(sk, page, offset, size, flags); -- return sock_no_sendpage(sock, page, offset, size, flags); --} -- -- --int inet_shutdown(struct socket *sock, int how) --{ -- struct sock *sk = sock->sk; -- int err = 0; -- -- /* This should really check to make sure -- * the socket is a TCP socket. (WHY AC...) -- */ -- how++; /* maps 0->1 has the advantage of making bit 1 rcvs and -- 1->2 bit 2 snds. -- 2->3 */ -- if ((how & ~SHUTDOWN_MASK) || !how) /* MAXINT->0 */ -- return -EINVAL; -- -- lock_sock(sk); -- if (sock->state == SS_CONNECTING) { -- if ((1 << sk->sk_state) & -- (TCPF_SYN_SENT | TCPF_SYN_RECV | TCPF_CLOSE)) -- sock->state = SS_DISCONNECTING; -- else -- sock->state = SS_CONNECTED; -- } -- -- switch (sk->sk_state) { -- case TCP_CLOSE: -- err = -ENOTCONN; -- /* Hack to wake up other listeners, who can poll for -- POLLHUP, even on eg. unconnected UDP sockets -- RR */ -- default: -- sk->sk_shutdown |= how; -- if (sk->sk_prot->shutdown) -- sk->sk_prot->shutdown(sk, how); -- break; -- -- /* Remaining two branches are temporary solution for missing -- * close() in multithreaded environment. It is _not_ a good idea, -- * but we have no choice until close() is repaired at VFS level. -- */ -- case TCP_LISTEN: -- if (!(how & RCV_SHUTDOWN)) -- break; -- /* Fall through */ -- case TCP_SYN_SENT: -- err = sk->sk_prot->disconnect(sk, O_NONBLOCK); -- sock->state = err ? SS_DISCONNECTING : SS_UNCONNECTED; -- break; -- } -- -- /* Wake up anyone sleeping in poll. */ -- sk->sk_state_change(sk); -- release_sock(sk); -- return err; --} -- --/* -- * ioctl() calls you can issue on an INET socket. Most of these are -- * device configuration and stuff and very rarely used. Some ioctls -- * pass on to the socket itself. -- * -- * NOTE: I like the idea of a module for the config stuff. ie ifconfig -- * loads the devconfigure module does its configuring and unloads it. -- * There's a good 20K of config code hanging around the kernel. -- */ -- --int inet_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) --{ -- struct sock *sk = sock->sk; -- int err = 0; -- -- switch (cmd) { -- case SIOCGSTAMP: -- err = sock_get_timestamp(sk, (struct timeval __user *)arg); -- break; -- case SIOCGSTAMPNS: -- err = sock_get_timestampns(sk, (struct timespec __user *)arg); -- break; -- case SIOCADDRT: -- case SIOCDELRT: -- case SIOCRTMSG: -- err = ip_rt_ioctl(cmd, (void __user *)arg); -- break; -- case SIOCDARP: -- case SIOCGARP: -- case SIOCSARP: -- err = arp_ioctl(cmd, (void __user *)arg); -- break; -- case SIOCGIFADDR: -- case SIOCSIFADDR: -- case SIOCGIFBRDADDR: -- case SIOCSIFBRDADDR: -- case SIOCGIFNETMASK: -- case SIOCSIFNETMASK: -- case SIOCGIFDSTADDR: -- case SIOCSIFDSTADDR: -- case SIOCSIFPFLAGS: -- case SIOCGIFPFLAGS: -- case SIOCSIFFLAGS: -- err = devinet_ioctl(cmd, (void __user *)arg); -- break; -- default: -- if (sk->sk_prot->ioctl) -- err = sk->sk_prot->ioctl(sk, cmd, arg); -- else -- err = -ENOIOCTLCMD; -- break; -- } -- return err; --} -- --const struct proto_ops inet_stream_ops = { -- .family = PF_INET, -- .owner = THIS_MODULE, -- .release = inet_release, -- .bind = inet_bind, -- .connect = inet_stream_connect, -- .socketpair = sock_no_socketpair, -- .accept = inet_accept, -- .getname = inet_getname, -- .poll = tcp_poll, -- .ioctl = inet_ioctl, -- .listen = inet_listen, -- .shutdown = inet_shutdown, -- .setsockopt = sock_common_setsockopt, -- .getsockopt = sock_common_getsockopt, -- .sendmsg = tcp_sendmsg, -- .recvmsg = sock_common_recvmsg, -- .mmap = sock_no_mmap, -- .sendpage = tcp_sendpage, --#ifdef CONFIG_COMPAT -- .compat_setsockopt = compat_sock_common_setsockopt, -- .compat_getsockopt = compat_sock_common_getsockopt, --#endif --}; -- --const struct proto_ops inet_dgram_ops = { -- .family = PF_INET, -- .owner = THIS_MODULE, -- .release = inet_release, -- .bind = inet_bind, -- .connect = inet_dgram_connect, -- .socketpair = sock_no_socketpair, -- .accept = sock_no_accept, -- .getname = inet_getname, -- .poll = udp_poll, -- .ioctl = inet_ioctl, -- .listen = sock_no_listen, -- .shutdown = inet_shutdown, -- .setsockopt = sock_common_setsockopt, -- .getsockopt = sock_common_getsockopt, -- .sendmsg = inet_sendmsg, -- .recvmsg = sock_common_recvmsg, -- .mmap = sock_no_mmap, -- .sendpage = inet_sendpage, --#ifdef CONFIG_COMPAT -- .compat_setsockopt = compat_sock_common_setsockopt, -- .compat_getsockopt = compat_sock_common_getsockopt, --#endif --}; -- --/* -- * For SOCK_RAW sockets; should be the same as inet_dgram_ops but without -- * udp_poll -- */ --static const struct proto_ops inet_sockraw_ops = { -- .family = PF_INET, -- .owner = THIS_MODULE, -- .release = inet_release, -- .bind = inet_bind, -- .connect = inet_dgram_connect, -- .socketpair = sock_no_socketpair, -- .accept = sock_no_accept, -- .getname = inet_getname, -- .poll = datagram_poll, -- .ioctl = inet_ioctl, -- .listen = sock_no_listen, -- .shutdown = inet_shutdown, -- .setsockopt = sock_common_setsockopt, -- .getsockopt = sock_common_getsockopt, -- .sendmsg = inet_sendmsg, -- .recvmsg = sock_common_recvmsg, -- .mmap = sock_no_mmap, -- .sendpage = inet_sendpage, --#ifdef CONFIG_COMPAT -- .compat_setsockopt = compat_sock_common_setsockopt, -- .compat_getsockopt = compat_sock_common_getsockopt, --#endif --}; -- --static struct net_proto_family inet_family_ops = { -- .family = PF_INET, -- .create = inet_create, -- .owner = THIS_MODULE, --}; -- --/* Upon startup we insert all the elements in inetsw_array[] into -- * the linked list inetsw. -- */ --static struct inet_protosw inetsw_array[] = --{ -- { -- .type = SOCK_STREAM, -- .protocol = IPPROTO_TCP, -- .prot = &tcp_prot, -- .ops = &inet_stream_ops, -- .capability = -1, -- .no_check = 0, -- .flags = INET_PROTOSW_PERMANENT | -- INET_PROTOSW_ICSK, -- }, -- -- { -- .type = SOCK_DGRAM, -- .protocol = IPPROTO_UDP, -- .prot = &udp_prot, -- .ops = &inet_dgram_ops, -- .capability = -1, -- .no_check = UDP_CSUM_DEFAULT, -- .flags = INET_PROTOSW_PERMANENT, -- }, -- -- -- { -- .type = SOCK_RAW, -- .protocol = IPPROTO_IP, /* wild card */ -- .prot = &raw_prot, -- .ops = &inet_sockraw_ops, -- .capability = CAP_NET_RAW, -- .no_check = UDP_CSUM_DEFAULT, -- .flags = INET_PROTOSW_REUSE, -- } --}; -- --#define INETSW_ARRAY_LEN (sizeof(inetsw_array) / sizeof(struct inet_protosw)) -- --void inet_register_protosw(struct inet_protosw *p) --{ -- struct list_head *lh; -- struct inet_protosw *answer; -- int protocol = p->protocol; -- struct list_head *last_perm; -- -- spin_lock_bh(&inetsw_lock); -- -- if (p->type >= SOCK_MAX) -- goto out_illegal; -- -- /* If we are trying to override a permanent protocol, bail. */ -- answer = NULL; -- last_perm = &inetsw[p->type]; -- list_for_each(lh, &inetsw[p->type]) { -- answer = list_entry(lh, struct inet_protosw, list); -- -- /* Check only the non-wild match. */ -- if (INET_PROTOSW_PERMANENT & answer->flags) { -- if (protocol == answer->protocol) -- break; -- last_perm = lh; -- } -- -- answer = NULL; -- } -- if (answer) -- goto out_permanent; -- -- /* Add the new entry after the last permanent entry if any, so that -- * the new entry does not override a permanent entry when matched with -- * a wild-card protocol. But it is allowed to override any existing -- * non-permanent entry. This means that when we remove this entry, the -- * system automatically returns to the old behavior. -- */ -- list_add_rcu(&p->list, last_perm); --out: -- spin_unlock_bh(&inetsw_lock); -- -- synchronize_net(); -- -- return; -- --out_permanent: -- printk(KERN_ERR "Attempt to override permanent protocol %d.\n", -- protocol); -- goto out; -- --out_illegal: -- printk(KERN_ERR -- "Ignoring attempt to register invalid socket type %d.\n", -- p->type); -- goto out; --} -- --void inet_unregister_protosw(struct inet_protosw *p) --{ -- if (INET_PROTOSW_PERMANENT & p->flags) { -- printk(KERN_ERR -- "Attempt to unregister permanent protocol %d.\n", -- p->protocol); -- } else { -- spin_lock_bh(&inetsw_lock); -- list_del_rcu(&p->list); -- spin_unlock_bh(&inetsw_lock); -- -- synchronize_net(); -- } --} -- --/* -- * Shall we try to damage output packets if routing dev changes? -- */ -- --int sysctl_ip_dynaddr __read_mostly; -- --static int inet_sk_reselect_saddr(struct sock *sk) --{ -- struct inet_sock *inet = inet_sk(sk); -- int err; -- struct rtable *rt; -- __be32 old_saddr = inet->saddr; -- __be32 new_saddr; -- __be32 daddr = inet->daddr; -- -- if (inet->opt && inet->opt->srr) -- daddr = inet->opt->faddr; -- -- /* Query new route. */ -- err = ip_route_connect(&rt, daddr, 0, -- RT_CONN_FLAGS(sk), -- sk->sk_bound_dev_if, -- sk->sk_protocol, -- inet->sport, inet->dport, sk, 0); -- if (err) -- return err; -- -- sk_setup_caps(sk, &rt->u.dst); -- -- new_saddr = rt->rt_src; -- -- if (new_saddr == old_saddr) -- return 0; -- -- if (sysctl_ip_dynaddr > 1) { -- printk(KERN_INFO "%s(): shifting inet->" -- "saddr from %d.%d.%d.%d to %d.%d.%d.%d\n", -- __FUNCTION__, -- NIPQUAD(old_saddr), -- NIPQUAD(new_saddr)); -- } -- -- inet->saddr = inet->rcv_saddr = new_saddr; -- -- /* -- * XXX The only one ugly spot where we need to -- * XXX really change the sockets identity after -- * XXX it has entered the hashes. -DaveM -- * -- * Besides that, it does not check for connection -- * uniqueness. Wait for troubles. -- */ -- __sk_prot_rehash(sk); -- return 0; --} -- --int inet_sk_rebuild_header(struct sock *sk) --{ -- struct inet_sock *inet = inet_sk(sk); -- struct rtable *rt = (struct rtable *)__sk_dst_check(sk, 0); -- __be32 daddr; -- int err; -- -- /* Route is OK, nothing to do. */ -- if (rt) -- return 0; -- -- /* Reroute. */ -- daddr = inet->daddr; -- if (inet->opt && inet->opt->srr) -- daddr = inet->opt->faddr; --{ -- struct flowi fl = { -- .oif = sk->sk_bound_dev_if, -- .nl_u = { -- .ip4_u = { -- .daddr = daddr, -- .saddr = inet->saddr, -- .tos = RT_CONN_FLAGS(sk), -- }, -- }, -- .proto = sk->sk_protocol, -- .uli_u = { -- .ports = { -- .sport = inet->sport, -- .dport = inet->dport, -- }, -- }, -- }; -- -- security_sk_classify_flow(sk, &fl); -- err = ip_route_output_flow(&rt, &fl, sk, 0); --} -- if (!err) -- sk_setup_caps(sk, &rt->u.dst); -- else { -- /* Routing failed... */ -- sk->sk_route_caps = 0; -- /* -- * Other protocols have to map its equivalent state to TCP_SYN_SENT. -- * DCCP maps its DCCP_REQUESTING state to TCP_SYN_SENT. -acme -- */ -- if (!sysctl_ip_dynaddr || -- sk->sk_state != TCP_SYN_SENT || -- (sk->sk_userlocks & SOCK_BINDADDR_LOCK) || -- (err = inet_sk_reselect_saddr(sk)) != 0) -- sk->sk_err_soft = -err; -- } -- -- return err; --} -- --EXPORT_SYMBOL(inet_sk_rebuild_header); -- --static int inet_gso_send_check(struct sk_buff *skb) --{ -- struct iphdr *iph; -- struct net_protocol *ops; -- int proto; -- int ihl; -- int err = -EINVAL; -- -- if (unlikely(!pskb_may_pull(skb, sizeof(*iph)))) -- goto out; -- -- iph = ip_hdr(skb); -- ihl = iph->ihl * 4; -- if (ihl < sizeof(*iph)) -- goto out; -- -- if (unlikely(!pskb_may_pull(skb, ihl))) -- goto out; -- -- __skb_pull(skb, ihl); -- skb_reset_transport_header(skb); -- iph = ip_hdr(skb); -- proto = iph->protocol & (MAX_INET_PROTOS - 1); -- err = -EPROTONOSUPPORT; -- -- rcu_read_lock(); -- ops = rcu_dereference(inet_protos[proto]); -- if (likely(ops && ops->gso_send_check)) -- err = ops->gso_send_check(skb); -- rcu_read_unlock(); -- --out: -- return err; --} -- --static struct sk_buff *inet_gso_segment(struct sk_buff *skb, int features) --{ -- struct sk_buff *segs = ERR_PTR(-EINVAL); -- struct iphdr *iph; -- struct net_protocol *ops; -- int proto; -- int ihl; -- int id; -- -- if (unlikely(skb_shinfo(skb)->gso_type & -- ~(SKB_GSO_TCPV4 | -- SKB_GSO_UDP | -- SKB_GSO_DODGY | -- SKB_GSO_TCP_ECN | -- 0))) -- goto out; -- -- if (unlikely(!pskb_may_pull(skb, sizeof(*iph)))) -- goto out; -- -- iph = ip_hdr(skb); -- ihl = iph->ihl * 4; -- if (ihl < sizeof(*iph)) -- goto out; -- -- if (unlikely(!pskb_may_pull(skb, ihl))) -- goto out; -- -- __skb_pull(skb, ihl); -- skb_reset_transport_header(skb); -- iph = ip_hdr(skb); -- id = ntohs(iph->id); -- proto = iph->protocol & (MAX_INET_PROTOS - 1); -- segs = ERR_PTR(-EPROTONOSUPPORT); -- -- rcu_read_lock(); -- ops = rcu_dereference(inet_protos[proto]); -- if (likely(ops && ops->gso_segment)) -- segs = ops->gso_segment(skb, features); -- rcu_read_unlock(); -- -- if (!segs || unlikely(IS_ERR(segs))) -- goto out; -- -- skb = segs; -- do { -- iph = ip_hdr(skb); -- iph->id = htons(id++); -- iph->tot_len = htons(skb->len - skb->mac_len); -- iph->check = 0; -- iph->check = ip_fast_csum(skb_network_header(skb), iph->ihl); -- } while ((skb = skb->next)); -- --out: -- return segs; --} -- --unsigned long snmp_fold_field(void *mib[], int offt) --{ -- unsigned long res = 0; -- int i; -- -- for_each_possible_cpu(i) { -- res += *(((unsigned long *) per_cpu_ptr(mib[0], i)) + offt); -- res += *(((unsigned long *) per_cpu_ptr(mib[1], i)) + offt); -- } -- return res; --} --EXPORT_SYMBOL_GPL(snmp_fold_field); -- --int snmp_mib_init(void *ptr[2], size_t mibsize, size_t mibalign) --{ -- BUG_ON(ptr == NULL); -- ptr[0] = __alloc_percpu(mibsize); -- if (!ptr[0]) -- goto err0; -- ptr[1] = __alloc_percpu(mibsize); -- if (!ptr[1]) -- goto err1; -- return 0; --err1: -- free_percpu(ptr[0]); -- ptr[0] = NULL; --err0: -- return -ENOMEM; --} --EXPORT_SYMBOL_GPL(snmp_mib_init); -- --void snmp_mib_free(void *ptr[2]) --{ -- BUG_ON(ptr == NULL); -- free_percpu(ptr[0]); -- free_percpu(ptr[1]); -- ptr[0] = ptr[1] = NULL; --} --EXPORT_SYMBOL_GPL(snmp_mib_free); -- --#ifdef CONFIG_IP_MULTICAST --static struct net_protocol igmp_protocol = { -- .handler = igmp_rcv, --}; --#endif -- --static struct net_protocol tcp_protocol = { -- .handler = tcp_v4_rcv, -- .err_handler = tcp_v4_err, -- .gso_send_check = tcp_v4_gso_send_check, -- .gso_segment = tcp_tso_segment, -- .no_policy = 1, --}; -- --static struct net_protocol udp_protocol = { -- .handler = udp_rcv, -- .err_handler = udp_err, -- .no_policy = 1, --}; -- --static struct net_protocol icmp_protocol = { -- .handler = icmp_rcv, --}; -- --static int __init init_ipv4_mibs(void) --{ -- if (snmp_mib_init((void **)net_statistics, -- sizeof(struct linux_mib), -- __alignof__(struct linux_mib)) < 0) -- goto err_net_mib; -- if (snmp_mib_init((void **)ip_statistics, -- sizeof(struct ipstats_mib), -- __alignof__(struct ipstats_mib)) < 0) -- goto err_ip_mib; -- if (snmp_mib_init((void **)icmp_statistics, -- sizeof(struct icmp_mib), -- __alignof__(struct icmp_mib)) < 0) -- goto err_icmp_mib; -- if (snmp_mib_init((void **)tcp_statistics, -- sizeof(struct tcp_mib), -- __alignof__(struct tcp_mib)) < 0) -- goto err_tcp_mib; -- if (snmp_mib_init((void **)udp_statistics, -- sizeof(struct udp_mib), -- __alignof__(struct udp_mib)) < 0) -- goto err_udp_mib; -- if (snmp_mib_init((void **)udplite_statistics, -- sizeof(struct udp_mib), -- __alignof__(struct udp_mib)) < 0) -- goto err_udplite_mib; -- -- tcp_mib_init(); -- -- return 0; -- --err_udplite_mib: -- snmp_mib_free((void **)udp_statistics); --err_udp_mib: -- snmp_mib_free((void **)tcp_statistics); --err_tcp_mib: -- snmp_mib_free((void **)icmp_statistics); --err_icmp_mib: -- snmp_mib_free((void **)ip_statistics); --err_ip_mib: -- snmp_mib_free((void **)net_statistics); --err_net_mib: -- return -ENOMEM; --} -- --static int ipv4_proc_init(void); -- --/* -- * IP protocol layer initialiser -- */ -- --static struct packet_type ip_packet_type = { -- .type = __constant_htons(ETH_P_IP), -- .func = ip_rcv, -- .gso_send_check = inet_gso_send_check, -- .gso_segment = inet_gso_segment, --}; -- --static int __init inet_init(void) --{ -- struct sk_buff *dummy_skb; -- struct inet_protosw *q; -- struct list_head *r; -- int rc = -EINVAL; -- -- BUILD_BUG_ON(sizeof(struct inet_skb_parm) > sizeof(dummy_skb->cb)); -- -- rc = proto_register(&tcp_prot, 1); -- if (rc) -- goto out; -- -- rc = proto_register(&udp_prot, 1); -- if (rc) -- goto out_unregister_tcp_proto; -- -- rc = proto_register(&raw_prot, 1); -- if (rc) -- goto out_unregister_udp_proto; -- -- /* -- * Tell SOCKET that we are alive... -- */ -- -- (void)sock_register(&inet_family_ops); -- -- /* -- * Add all the base protocols. -- */ -- -- if (inet_add_protocol(&icmp_protocol, IPPROTO_ICMP) < 0) -- printk(KERN_CRIT "inet_init: Cannot add ICMP protocol\n"); -- if (inet_add_protocol(&udp_protocol, IPPROTO_UDP) < 0) -- printk(KERN_CRIT "inet_init: Cannot add UDP protocol\n"); -- if (inet_add_protocol(&tcp_protocol, IPPROTO_TCP) < 0) -- printk(KERN_CRIT "inet_init: Cannot add TCP protocol\n"); --#ifdef CONFIG_IP_MULTICAST -- if (inet_add_protocol(&igmp_protocol, IPPROTO_IGMP) < 0) -- printk(KERN_CRIT "inet_init: Cannot add IGMP protocol\n"); --#endif -- -- /* Register the socket-side information for inet_create. */ -- for (r = &inetsw[0]; r < &inetsw[SOCK_MAX]; ++r) -- INIT_LIST_HEAD(r); -- -- for (q = inetsw_array; q < &inetsw_array[INETSW_ARRAY_LEN]; ++q) -- inet_register_protosw(q); -- -- /* -- * Set the ARP module up -- */ -- -- arp_init(); -- -- /* -- * Set the IP module up -- */ -- -- ip_init(); -- -- tcp_v4_init(&inet_family_ops); -- -- /* Setup TCP slab cache for open requests. */ -- tcp_init(); -- -- /* Add UDP-Lite (RFC 3828) */ -- udplite4_register(); -- -- /* -- * Set the ICMP layer up -- */ -- -- icmp_init(&inet_family_ops); -- -- /* -- * Initialise the multicast router -- */ --#if defined(CONFIG_IP_MROUTE) -- ip_mr_init(); --#endif -- /* -- * Initialise per-cpu ipv4 mibs -- */ -- -- if (init_ipv4_mibs()) -- printk(KERN_CRIT "inet_init: Cannot init ipv4 mibs\n"); ; -- -- ipv4_proc_init(); -- -- ipfrag_init(); -- -- dev_add_pack(&ip_packet_type); -- -- rc = 0; --out: -- return rc; --out_unregister_udp_proto: -- proto_unregister(&udp_prot); --out_unregister_tcp_proto: -- proto_unregister(&tcp_prot); -- goto out; --} -- --fs_initcall(inet_init); -- --/* ------------------------------------------------------------------------ */ -- --#ifdef CONFIG_PROC_FS --static int __init ipv4_proc_init(void) --{ -- int rc = 0; -- -- if (raw_proc_init()) -- goto out_raw; -- if (tcp4_proc_init()) -- goto out_tcp; -- if (udp4_proc_init()) -- goto out_udp; -- if (fib_proc_init()) -- goto out_fib; -- if (ip_misc_proc_init()) -- goto out_misc; --out: -- return rc; --out_misc: -- fib_proc_exit(); --out_fib: -- udp4_proc_exit(); --out_udp: -- tcp4_proc_exit(); --out_tcp: -- raw_proc_exit(); --out_raw: -- rc = -ENOMEM; -- goto out; --} -- --#else /* CONFIG_PROC_FS */ --static int __init ipv4_proc_init(void) --{ -- return 0; --} --#endif /* CONFIG_PROC_FS */ -- --MODULE_ALIAS_NETPROTO(PF_INET); -- --EXPORT_SYMBOL(inet_accept); --EXPORT_SYMBOL(inet_bind); --EXPORT_SYMBOL(inet_dgram_connect); --EXPORT_SYMBOL(inet_dgram_ops); --EXPORT_SYMBOL(inet_getname); --EXPORT_SYMBOL(inet_ioctl); --EXPORT_SYMBOL(inet_listen); --EXPORT_SYMBOL(inet_register_protosw); --EXPORT_SYMBOL(inet_release); --EXPORT_SYMBOL(inet_sendmsg); --EXPORT_SYMBOL(inet_shutdown); --EXPORT_SYMBOL(inet_sock_destruct); --EXPORT_SYMBOL(inet_stream_connect); --EXPORT_SYMBOL(inet_stream_ops); --EXPORT_SYMBOL(inet_unregister_protosw); --EXPORT_SYMBOL(net_statistics); --EXPORT_SYMBOL(sysctl_ip_nonlocal_bind); -diff -Nurb linux-2.6.22-594/net/netfilter/xt_MARK.c.orig linux-2.6.22-595/net/netfilter/xt_MARK.c.orig ---- linux-2.6.22-594/net/netfilter/xt_MARK.c.orig 2008-03-20 00:05:19.000000000 -0400 -+++ linux-2.6.22-595/net/netfilter/xt_MARK.c.orig 1969-12-31 19:00:00.000000000 -0500 -@@ -1,283 +0,0 @@ --/* This is a module which is used for setting the NFMARK field of an skb. */ -- --/* (C) 1999-2001 Marc Boucher -- * -- * This program is free software; you can redistribute it and/or modify -- * it under the terms of the GNU General Public License version 2 as -- * published by the Free Software Foundation. -- * -- */ -- --#include --#include --#include --#include --#include --#include --#include -- --#include --#include --#include -- --MODULE_LICENSE("GPL"); --MODULE_AUTHOR("Marc Boucher "); --MODULE_DESCRIPTION("ip[6]tables MARK modification module"); --MODULE_ALIAS("ipt_MARK"); --MODULE_ALIAS("ip6t_MARK"); -- --static inline u_int16_t --get_dst_port(struct nf_conntrack_tuple *tuple) --{ -- switch (tuple->dst.protonum) { -- case IPPROTO_GRE: -- /* XXX Truncate 32-bit GRE key to 16 bits */ --#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,11) -- return tuple->dst.u.gre.key; --#else -- return htons(ntohl(tuple->dst.u.gre.key)); --#endif -- case IPPROTO_ICMP: -- /* Bind on ICMP echo ID */ -- return tuple->src.u.icmp.id; -- case IPPROTO_TCP: -- return tuple->dst.u.tcp.port; -- case IPPROTO_UDP: -- return tuple->dst.u.udp.port; -- default: -- return tuple->dst.u.all; -- } --} -- --static inline u_int16_t --get_src_port(struct nf_conntrack_tuple *tuple) --{ -- switch (tuple->dst.protonum) { -- case IPPROTO_GRE: -- /* XXX Truncate 32-bit GRE key to 16 bits */ -- return htons(ntohl(tuple->src.u.gre.key)); -- case IPPROTO_ICMP: -- /* Bind on ICMP echo ID */ -- return tuple->src.u.icmp.id; -- case IPPROTO_TCP: -- return tuple->src.u.tcp.port; -- case IPPROTO_UDP: -- return tuple->src.u.udp.port; -- default: -- return tuple->src.u.all; -- } --} -- --static unsigned int --target_v0(struct sk_buff **pskb, -- const struct net_device *in, -- const struct net_device *out, -- unsigned int hooknum, -- const struct xt_target *target, -- const void *targinfo) --{ -- const struct xt_mark_target_info *markinfo = targinfo; -- -- (*pskb)->mark = markinfo->mark; -- return XT_CONTINUE; --} -- --static unsigned int --target_v1(struct sk_buff **pskb, -- const struct net_device *in, -- const struct net_device *out, -- unsigned int hooknum, -- const struct xt_target *target, -- const void *targinfo) --{ -- const struct xt_mark_target_info_v1 *markinfo = targinfo; -- int mark = -1; -- -- switch (markinfo->mode) { -- case XT_MARK_SET: -- mark = markinfo->mark; -- break; -- -- case XT_MARK_AND: -- mark = (*pskb)->mark & markinfo->mark; -- break; -- -- case XT_MARK_OR: -- mark = (*pskb)->mark | markinfo->mark; -- break; -- -- case XT_MARK_COPYXID: { -- enum ip_conntrack_info ctinfo; -- struct sock *connection_sk=NULL; -- int dif; -- -- struct nf_conn *ct = nf_ct_get((*pskb), &ctinfo); -- extern struct inet_hashinfo tcp_hashinfo; -- enum ip_conntrack_dir dir; -- if (!ct) -- break; -- -- dir = CTINFO2DIR(ctinfo); -- u_int32_t src_ip = ct->tuplehash[dir].tuple.src.u3.ip; -- u_int16_t src_port = get_src_port(&ct->tuplehash[dir].tuple); -- u_int16_t proto = ct->tuplehash[dir].tuple.dst.protonum; -- -- u_int32_t ip; -- u_int16_t port; -- -- dif = ((struct rtable *)(*pskb)->dst)->rt_iif; -- ip = ct->tuplehash[dir].tuple.dst.u3.ip; -- port = get_dst_port(&ct->tuplehash[dir].tuple); -- -- if (proto == 1 || proto == 17) { -- if (((*pskb)->mark!=-1) && (*pskb)->mark) -- ct->xid[0]=(*pskb)->mark; -- if (ct->xid[0]) -- mark = ct->xid[0]; -- -- } -- else if (proto == 6) { -- if ((*pskb)->sk) -- connection_sk = (*pskb)->sk; -- else { -- connection_sk = inet_lookup(&tcp_hashinfo, src_ip, src_port, ip, port, dif); -- } -- -- if (connection_sk) { -- connection_sk->sk_peercred.gid = connection_sk->sk_peercred.uid = ct->xid[dir]; -- ct->xid[!dir]=connection_sk->sk_xid; -- if (connection_sk->sk_xid != 0) -- mark = connection_sk->sk_xid; -- if (connection_sk != (*pskb)->sk) -- sock_put(connection_sk); -- } -- break; -- } -- } -- } -- -- if (mark != -1) -- (*pskb)->mark = mark; -- return XT_CONTINUE; --} -- -- --static int --checkentry_v0(const char *tablename, -- const void *entry, -- const struct xt_target *target, -- void *targinfo, -- unsigned int hook_mask) --{ -- struct xt_mark_target_info *markinfo = targinfo; -- -- if (markinfo->mark > 0xffffffff) { -- printk(KERN_WARNING "MARK: Only supports 32bit wide mark\n"); -- return 0; -- } -- return 1; --} -- --static int --checkentry_v1(const char *tablename, -- const void *entry, -- const struct xt_target *target, -- void *targinfo, -- unsigned int hook_mask) --{ -- struct xt_mark_target_info_v1 *markinfo = targinfo; -- -- if (markinfo->mode != XT_MARK_SET -- && markinfo->mode != XT_MARK_AND -- && markinfo->mode != XT_MARK_OR -- && markinfo->mode != XT_MARK_COPYXID) { -- printk(KERN_WARNING "MARK: unknown mode %u\n", -- markinfo->mode); -- return 0; -- } -- if (markinfo->mark > 0xffffffff) { -- printk(KERN_WARNING "MARK: Only supports 32bit wide mark\n"); -- return 0; -- } -- return 1; --} -- --#ifdef CONFIG_COMPAT --struct compat_xt_mark_target_info_v1 { -- compat_ulong_t mark; -- u_int8_t mode; -- u_int8_t __pad1; -- u_int16_t __pad2; --}; -- --static void compat_from_user_v1(void *dst, void *src) --{ -- struct compat_xt_mark_target_info_v1 *cm = src; -- struct xt_mark_target_info_v1 m = { -- .mark = cm->mark, -- .mode = cm->mode, -- }; -- memcpy(dst, &m, sizeof(m)); --} -- --static int compat_to_user_v1(void __user *dst, void *src) --{ -- struct xt_mark_target_info_v1 *m = src; -- struct compat_xt_mark_target_info_v1 cm = { -- .mark = m->mark, -- .mode = m->mode, -- }; -- return copy_to_user(dst, &cm, sizeof(cm)) ? -EFAULT : 0; --} --#endif /* CONFIG_COMPAT */ -- --static struct xt_target xt_mark_target[] = { -- { -- .name = "MARK", -- .family = AF_INET, -- .revision = 0, -- .checkentry = checkentry_v0, -- .target = target_v0, -- .targetsize = sizeof(struct xt_mark_target_info), -- .table = "mangle", -- .me = THIS_MODULE, -- }, -- { -- .name = "MARK", -- .family = AF_INET, -- .revision = 1, -- .checkentry = checkentry_v1, -- .target = target_v1, -- .targetsize = sizeof(struct xt_mark_target_info_v1), --#ifdef CONFIG_COMPAT -- .compatsize = sizeof(struct compat_xt_mark_target_info_v1), -- .compat_from_user = compat_from_user_v1, -- .compat_to_user = compat_to_user_v1, --#endif -- .table = "mangle", -- .me = THIS_MODULE, -- }, -- { -- .name = "MARK", -- .family = AF_INET6, -- .revision = 0, -- .checkentry = checkentry_v0, -- .target = target_v0, -- .targetsize = sizeof(struct xt_mark_target_info), -- .table = "mangle", -- .me = THIS_MODULE, -- }, --}; -- --static int __init xt_mark_init(void) --{ -- return xt_register_targets(xt_mark_target, ARRAY_SIZE(xt_mark_target)); --} -- --static void __exit xt_mark_fini(void) --{ -- xt_unregister_targets(xt_mark_target, ARRAY_SIZE(xt_mark_target)); --} -- --module_init(xt_mark_init); --module_exit(xt_mark_fini); -diff -Nurb linux-2.6.22-594/net/packet/af_packet.c.orig linux-2.6.22-595/net/packet/af_packet.c.orig ---- linux-2.6.22-594/net/packet/af_packet.c.orig 2008-03-20 00:05:19.000000000 -0400 -+++ linux-2.6.22-595/net/packet/af_packet.c.orig 1969-12-31 19:00:00.000000000 -0500 -@@ -1,1989 +0,0 @@ --/* -- * INET An implementation of the TCP/IP protocol suite for the LINUX -- * operating system. INET is implemented using the BSD Socket -- * interface as the means of communication with the user level. -- * -- * PACKET - implements raw packet sockets. -- * -- * Version: $Id: af_packet.c,v 1.61 2002/02/08 03:57:19 davem Exp $ -- * -- * Authors: Ross Biro -- * Fred N. van Kempen, -- * Alan Cox, -- * -- * Fixes: -- * Alan Cox : verify_area() now used correctly -- * Alan Cox : new skbuff lists, look ma no backlogs! -- * Alan Cox : tidied skbuff lists. -- * Alan Cox : Now uses generic datagram routines I -- * added. Also fixed the peek/read crash -- * from all old Linux datagram code. -- * Alan Cox : Uses the improved datagram code. -- * Alan Cox : Added NULL's for socket options. -- * Alan Cox : Re-commented the code. -- * Alan Cox : Use new kernel side addressing -- * Rob Janssen : Correct MTU usage. -- * Dave Platt : Counter leaks caused by incorrect -- * interrupt locking and some slightly -- * dubious gcc output. Can you read -- * compiler: it said _VOLATILE_ -- * Richard Kooijman : Timestamp fixes. -- * Alan Cox : New buffers. Use sk->mac.raw. -- * Alan Cox : sendmsg/recvmsg support. -- * Alan Cox : Protocol setting support -- * Alexey Kuznetsov : Untied from IPv4 stack. -- * Cyrus Durgin : Fixed kerneld for kmod. -- * Michal Ostrowski : Module initialization cleanup. -- * Ulises Alonso : Frame number limit removal and -- * packet_set_ring memory leak. -- * Eric Biederman : Allow for > 8 byte hardware addresses. -- * The convention is that longer addresses -- * will simply extend the hardware address -- * byte arrays at the end of sockaddr_ll -- * and packet_mreq. -- * -- * This program is free software; you can redistribute it and/or -- * modify it under the terms of the GNU General Public License -- * as published by the Free Software Foundation; either version -- * 2 of the License, or (at your option) any later version. -- * -- */ -- --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include -- --#ifdef CONFIG_INET --#include --#endif -- --/* -- Assumptions: -- - if device has no dev->hard_header routine, it adds and removes ll header -- inside itself. In this case ll header is invisible outside of device, -- but higher levels still should reserve dev->hard_header_len. -- Some devices are enough clever to reallocate skb, when header -- will not fit to reserved space (tunnel), another ones are silly -- (PPP). -- - packet socket receives packets with pulled ll header, -- so that SOCK_RAW should push it back. -- --On receive: ------------- -- --Incoming, dev->hard_header!=NULL -- mac_header -> ll header -- data -> data -- --Outgoing, dev->hard_header!=NULL -- mac_header -> ll header -- data -> ll header -- --Incoming, dev->hard_header==NULL -- mac_header -> UNKNOWN position. It is very likely, that it points to ll -- header. PPP makes it, that is wrong, because introduce -- assymetry between rx and tx paths. -- data -> data -- --Outgoing, dev->hard_header==NULL -- mac_header -> data. ll header is still not built! -- data -> data -- --Resume -- If dev->hard_header==NULL we are unlikely to restore sensible ll header. -- -- --On transmit: -------------- -- --dev->hard_header != NULL -- mac_header -> ll header -- data -> ll header -- --dev->hard_header == NULL (ll header is added by device, we cannot control it) -- mac_header -> data -- data -> data -- -- We should set nh.raw on output to correct posistion, -- packet classifier depends on it. -- */ -- --/* List of all packet sockets. */ --static HLIST_HEAD(packet_sklist); --static DEFINE_RWLOCK(packet_sklist_lock); -- --static atomic_t packet_socks_nr; -- -- --/* Private packet socket structures. */ -- --struct packet_mclist --{ -- struct packet_mclist *next; -- int ifindex; -- int count; -- unsigned short type; -- unsigned short alen; -- unsigned char addr[MAX_ADDR_LEN]; --}; --/* identical to struct packet_mreq except it has -- * a longer address field. -- */ --struct packet_mreq_max --{ -- int mr_ifindex; -- unsigned short mr_type; -- unsigned short mr_alen; -- unsigned char mr_address[MAX_ADDR_LEN]; --}; -- --#ifdef CONFIG_PACKET_MMAP --static int packet_set_ring(struct sock *sk, struct tpacket_req *req, int closing); --#endif -- --static void packet_flush_mclist(struct sock *sk); -- --struct packet_sock { -- /* struct sock has to be the first member of packet_sock */ -- struct sock sk; -- struct tpacket_stats stats; --#ifdef CONFIG_PACKET_MMAP -- char * *pg_vec; -- unsigned int head; -- unsigned int frames_per_block; -- unsigned int frame_size; -- unsigned int frame_max; -- int copy_thresh; --#endif -- struct packet_type prot_hook; -- spinlock_t bind_lock; -- unsigned int running:1, /* prot_hook is attached*/ -- auxdata:1, -- origdev:1; -- int ifindex; /* bound device */ -- __be16 num; -- struct packet_mclist *mclist; --#ifdef CONFIG_PACKET_MMAP -- atomic_t mapped; -- unsigned int pg_vec_order; -- unsigned int pg_vec_pages; -- unsigned int pg_vec_len; --#endif --}; -- --struct packet_skb_cb { -- unsigned int origlen; -- union { -- struct sockaddr_pkt pkt; -- struct sockaddr_ll ll; -- } sa; --}; -- --#define PACKET_SKB_CB(__skb) ((struct packet_skb_cb *)((__skb)->cb)) -- --#ifdef CONFIG_PACKET_MMAP -- --static inline struct tpacket_hdr *packet_lookup_frame(struct packet_sock *po, unsigned int position) --{ -- unsigned int pg_vec_pos, frame_offset; -- -- pg_vec_pos = position / po->frames_per_block; -- frame_offset = position % po->frames_per_block; -- -- return (struct tpacket_hdr *)(po->pg_vec[pg_vec_pos] + (frame_offset * po->frame_size)); --} --#endif -- --static inline struct packet_sock *pkt_sk(struct sock *sk) --{ -- return (struct packet_sock *)sk; --} -- --static void packet_sock_destruct(struct sock *sk) --{ -- BUG_TRAP(!atomic_read(&sk->sk_rmem_alloc)); -- BUG_TRAP(!atomic_read(&sk->sk_wmem_alloc)); -- -- if (!sock_flag(sk, SOCK_DEAD)) { -- printk("Attempt to release alive packet socket: %p\n", sk); -- return; -- } -- -- atomic_dec(&packet_socks_nr); --#ifdef PACKET_REFCNT_DEBUG -- printk(KERN_DEBUG "PACKET socket %p is free, %d are alive\n", sk, atomic_read(&packet_socks_nr)); --#endif --} -- -- --static const struct proto_ops packet_ops; -- --static const struct proto_ops packet_ops_spkt; -- --static int packet_rcv_spkt(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt, struct net_device *orig_dev) --{ -- struct sock *sk; -- struct sockaddr_pkt *spkt; -- -- /* -- * When we registered the protocol we saved the socket in the data -- * field for just this event. -- */ -- -- sk = pt->af_packet_priv; -- -- /* -- * Yank back the headers [hope the device set this -- * right or kerboom...] -- * -- * Incoming packets have ll header pulled, -- * push it back. -- * -- * For outgoing ones skb->data == skb_mac_header(skb) -- * so that this procedure is noop. -- */ -- -- if (skb->pkt_type == PACKET_LOOPBACK) -- goto out; -- -- if ((skb = skb_share_check(skb, GFP_ATOMIC)) == NULL) -- goto oom; -- -- /* drop any routing info */ -- dst_release(skb->dst); -- skb->dst = NULL; -- -- /* drop conntrack reference */ -- nf_reset(skb); -- -- spkt = &PACKET_SKB_CB(skb)->sa.pkt; -- -- skb_push(skb, skb->data - skb_mac_header(skb)); -- -- /* -- * The SOCK_PACKET socket receives _all_ frames. -- */ -- -- spkt->spkt_family = dev->type; -- strlcpy(spkt->spkt_device, dev->name, sizeof(spkt->spkt_device)); -- spkt->spkt_protocol = skb->protocol; -- -- /* -- * Charge the memory to the socket. This is done specifically -- * to prevent sockets using all the memory up. -- */ -- -- if (sock_queue_rcv_skb(sk,skb) == 0) -- return 0; -- --out: -- kfree_skb(skb); --oom: -- return 0; --} -- -- --/* -- * Output a raw packet to a device layer. This bypasses all the other -- * protocol layers and you must therefore supply it with a complete frame -- */ -- --static int packet_sendmsg_spkt(struct kiocb *iocb, struct socket *sock, -- struct msghdr *msg, size_t len) --{ -- struct sock *sk = sock->sk; -- struct sockaddr_pkt *saddr=(struct sockaddr_pkt *)msg->msg_name; -- struct sk_buff *skb; -- struct net_device *dev; -- __be16 proto=0; -- int err; -- -- if (!nx_capable(CAP_NET_RAW, NXC_RAW_SEND)) -- return -EPERM; -- -- /* -- * Get and verify the address. -- */ -- -- if (saddr) -- { -- if (msg->msg_namelen < sizeof(struct sockaddr)) -- return(-EINVAL); -- if (msg->msg_namelen==sizeof(struct sockaddr_pkt)) -- proto=saddr->spkt_protocol; -- } -- else -- return(-ENOTCONN); /* SOCK_PACKET must be sent giving an address */ -- -- /* -- * Find the device first to size check it -- */ -- -- saddr->spkt_device[13] = 0; -- dev = dev_get_by_name(saddr->spkt_device); -- err = -ENODEV; -- if (dev == NULL) -- goto out_unlock; -- -- err = -ENETDOWN; -- if (!(dev->flags & IFF_UP)) -- goto out_unlock; -- -- /* -- * You may not queue a frame bigger than the mtu. This is the lowest level -- * raw protocol and you must do your own fragmentation at this level. -- */ -- -- err = -EMSGSIZE; -- if (len > dev->mtu + dev->hard_header_len) -- goto out_unlock; -- -- err = -ENOBUFS; -- skb = sock_wmalloc(sk, len + LL_RESERVED_SPACE(dev), 0, GFP_KERNEL); -- -- /* -- * If the write buffer is full, then tough. At this level the user gets to -- * deal with the problem - do your own algorithmic backoffs. That's far -- * more flexible. -- */ -- -- if (skb == NULL) -- goto out_unlock; -- -- /* -- * Fill it in -- */ -- -- /* FIXME: Save some space for broken drivers that write a -- * hard header at transmission time by themselves. PPP is the -- * notable one here. This should really be fixed at the driver level. -- */ -- skb_reserve(skb, LL_RESERVED_SPACE(dev)); -- skb_reset_network_header(skb); -- -- /* Try to align data part correctly */ -- if (dev->hard_header) { -- skb->data -= dev->hard_header_len; -- skb->tail -= dev->hard_header_len; -- if (len < dev->hard_header_len) -- skb_reset_network_header(skb); -- } -- -- /* Returns -EFAULT on error */ -- err = memcpy_fromiovec(skb_put(skb,len), msg->msg_iov, len); -- skb->protocol = proto; -- skb->dev = dev; -- skb->priority = sk->sk_priority; -- if (err) -- goto out_free; -- -- /* -- * Now send it -- */ -- -- dev_queue_xmit(skb); -- dev_put(dev); -- return(len); -- --out_free: -- kfree_skb(skb); --out_unlock: -- if (dev) -- dev_put(dev); -- return err; --} -- --static inline unsigned int run_filter(struct sk_buff *skb, struct sock *sk, -- unsigned int res) --{ -- struct sk_filter *filter; -- int tag = skb->skb_tag; -- -- if (sk->sk_nx_info && !(tag == 1 || sk->sk_nid == tag)) -- return 0; -- -- rcu_read_lock_bh(); -- filter = rcu_dereference(sk->sk_filter); -- if (filter != NULL) -- res = sk_run_filter(skb, filter->insns, filter->len); -- rcu_read_unlock_bh(); -- -- return res; --} -- --/* -- This function makes lazy skb cloning in hope that most of packets -- are discarded by BPF. -- -- Note tricky part: we DO mangle shared skb! skb->data, skb->len -- and skb->cb are mangled. It works because (and until) packets -- falling here are owned by current CPU. Output packets are cloned -- by dev_queue_xmit_nit(), input packets are processed by net_bh -- sequencially, so that if we return skb to original state on exit, -- we will not harm anyone. -- */ -- --static int packet_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt, struct net_device *orig_dev) --{ -- struct sock *sk; -- struct sockaddr_ll *sll; -- struct packet_sock *po; -- u8 * skb_head = skb->data; -- int skb_len = skb->len; -- unsigned int snaplen, res; -- -- if (skb->pkt_type == PACKET_LOOPBACK) -- goto drop; -- -- sk = pt->af_packet_priv; -- po = pkt_sk(sk); -- -- skb->dev = dev; -- -- if (dev->hard_header) { -- /* The device has an explicit notion of ll header, -- exported to higher levels. -- -- Otherwise, the device hides datails of it frame -- structure, so that corresponding packet head -- never delivered to user. -- */ -- if (sk->sk_type != SOCK_DGRAM) -- skb_push(skb, skb->data - skb_mac_header(skb)); -- else if (skb->pkt_type == PACKET_OUTGOING) { -- /* Special case: outgoing packets have ll header at head */ -- skb_pull(skb, skb_network_offset(skb)); -- } -- } -- -- snaplen = skb->len; -- -- res = run_filter(skb, sk, snaplen); -- if (!res) -- goto drop_n_restore; -- if (snaplen > res) -- snaplen = res; -- -- if (atomic_read(&sk->sk_rmem_alloc) + skb->truesize >= -- (unsigned)sk->sk_rcvbuf) -- goto drop_n_acct; -- -- if (skb_shared(skb)) { -- struct sk_buff *nskb = skb_clone(skb, GFP_ATOMIC); -- if (nskb == NULL) -- goto drop_n_acct; -- -- if (skb_head != skb->data) { -- skb->data = skb_head; -- skb->len = skb_len; -- } -- kfree_skb(skb); -- skb = nskb; -- } -- -- BUILD_BUG_ON(sizeof(*PACKET_SKB_CB(skb)) + MAX_ADDR_LEN - 8 > -- sizeof(skb->cb)); -- -- sll = &PACKET_SKB_CB(skb)->sa.ll; -- sll->sll_family = AF_PACKET; -- sll->sll_hatype = dev->type; -- sll->sll_protocol = skb->protocol; -- sll->sll_pkttype = skb->pkt_type; -- if (unlikely(po->origdev) && skb->pkt_type == PACKET_HOST) -- sll->sll_ifindex = orig_dev->ifindex; -- else -- sll->sll_ifindex = dev->ifindex; -- sll->sll_halen = 0; -- -- if (dev->hard_header_parse) -- sll->sll_halen = dev->hard_header_parse(skb, sll->sll_addr); -- -- PACKET_SKB_CB(skb)->origlen = skb->len; -- -- if (pskb_trim(skb, snaplen)) -- goto drop_n_acct; -- -- skb_set_owner_r(skb, sk); -- skb->dev = NULL; -- dst_release(skb->dst); -- skb->dst = NULL; -- -- /* drop conntrack reference */ -- nf_reset(skb); -- -- spin_lock(&sk->sk_receive_queue.lock); -- po->stats.tp_packets++; -- __skb_queue_tail(&sk->sk_receive_queue, skb); -- spin_unlock(&sk->sk_receive_queue.lock); -- sk->sk_data_ready(sk, skb->len); -- return 0; -- --drop_n_acct: -- spin_lock(&sk->sk_receive_queue.lock); -- po->stats.tp_drops++; -- spin_unlock(&sk->sk_receive_queue.lock); -- --drop_n_restore: -- if (skb_head != skb->data && skb_shared(skb)) { -- skb->data = skb_head; -- skb->len = skb_len; -- } --drop: -- kfree_skb(skb); -- return 0; --} -- --#ifdef CONFIG_PACKET_MMAP --static int tpacket_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt, struct net_device *orig_dev) --{ -- struct sock *sk; -- struct packet_sock *po; -- struct sockaddr_ll *sll; -- struct tpacket_hdr *h; -- u8 * skb_head = skb->data; -- int skb_len = skb->len; -- unsigned int snaplen, res; -- unsigned long status = TP_STATUS_LOSING|TP_STATUS_USER; -- unsigned short macoff, netoff; -- struct sk_buff *copy_skb = NULL; -- struct timeval tv; -- -- if (skb->pkt_type == PACKET_LOOPBACK) -- goto drop; -- -- sk = pt->af_packet_priv; -- po = pkt_sk(sk); -- -- if (dev->hard_header) { -- if (sk->sk_type != SOCK_DGRAM) -- skb_push(skb, skb->data - skb_mac_header(skb)); -- else if (skb->pkt_type == PACKET_OUTGOING) { -- /* Special case: outgoing packets have ll header at head */ -- skb_pull(skb, skb_network_offset(skb)); -- } -- } -- -- if (skb->ip_summed == CHECKSUM_PARTIAL) -- status |= TP_STATUS_CSUMNOTREADY; -- -- snaplen = skb->len; -- -- res = run_filter(skb, sk, snaplen); -- if (!res) -- goto drop_n_restore; -- if (snaplen > res) -- snaplen = res; -- -- if (sk->sk_type == SOCK_DGRAM) { -- macoff = netoff = TPACKET_ALIGN(TPACKET_HDRLEN) + 16; -- } else { -- unsigned maclen = skb_network_offset(skb); -- netoff = TPACKET_ALIGN(TPACKET_HDRLEN + (maclen < 16 ? 16 : maclen)); -- macoff = netoff - maclen; -- } -- -- if (macoff + snaplen > po->frame_size) { -- if (po->copy_thresh && -- atomic_read(&sk->sk_rmem_alloc) + skb->truesize < -- (unsigned)sk->sk_rcvbuf) { -- if (skb_shared(skb)) { -- copy_skb = skb_clone(skb, GFP_ATOMIC); -- } else { -- copy_skb = skb_get(skb); -- skb_head = skb->data; -- } -- if (copy_skb) -- skb_set_owner_r(copy_skb, sk); -- } -- snaplen = po->frame_size - macoff; -- if ((int)snaplen < 0) -- snaplen = 0; -- } -- -- spin_lock(&sk->sk_receive_queue.lock); -- h = packet_lookup_frame(po, po->head); -- -- if (h->tp_status) -- goto ring_is_full; -- po->head = po->head != po->frame_max ? po->head+1 : 0; -- po->stats.tp_packets++; -- if (copy_skb) { -- status |= TP_STATUS_COPY; -- __skb_queue_tail(&sk->sk_receive_queue, copy_skb); -- } -- if (!po->stats.tp_drops) -- status &= ~TP_STATUS_LOSING; -- spin_unlock(&sk->sk_receive_queue.lock); -- -- skb_copy_bits(skb, 0, (u8*)h + macoff, snaplen); -- -- h->tp_len = skb->len; -- h->tp_snaplen = snaplen; -- h->tp_mac = macoff; -- h->tp_net = netoff; -- if (skb->tstamp.tv64 == 0) { -- __net_timestamp(skb); -- sock_enable_timestamp(sk); -- } -- tv = ktime_to_timeval(skb->tstamp); -- h->tp_sec = tv.tv_sec; -- h->tp_usec = tv.tv_usec; -- -- sll = (struct sockaddr_ll*)((u8*)h + TPACKET_ALIGN(sizeof(*h))); -- sll->sll_halen = 0; -- if (dev->hard_header_parse) -- sll->sll_halen = dev->hard_header_parse(skb, sll->sll_addr); -- sll->sll_family = AF_PACKET; -- sll->sll_hatype = dev->type; -- sll->sll_protocol = skb->protocol; -- sll->sll_pkttype = skb->pkt_type; -- if (unlikely(po->origdev) && skb->pkt_type == PACKET_HOST) -- sll->sll_ifindex = orig_dev->ifindex; -- else -- sll->sll_ifindex = dev->ifindex; -- -- h->tp_status = status; -- smp_mb(); -- -- { -- struct page *p_start, *p_end; -- u8 *h_end = (u8 *)h + macoff + snaplen - 1; -- -- p_start = virt_to_page(h); -- p_end = virt_to_page(h_end); -- while (p_start <= p_end) { -- flush_dcache_page(p_start); -- p_start++; -- } -- } -- -- sk->sk_data_ready(sk, 0); -- --drop_n_restore: -- if (skb_head != skb->data && skb_shared(skb)) { -- skb->data = skb_head; -- skb->len = skb_len; -- } --drop: -- kfree_skb(skb); -- return 0; -- --ring_is_full: -- po->stats.tp_drops++; -- spin_unlock(&sk->sk_receive_queue.lock); -- -- sk->sk_data_ready(sk, 0); -- if (copy_skb) -- kfree_skb(copy_skb); -- goto drop_n_restore; --} -- --#endif -- -- --static int packet_sendmsg(struct kiocb *iocb, struct socket *sock, -- struct msghdr *msg, size_t len) --{ -- struct sock *sk = sock->sk; -- struct sockaddr_ll *saddr=(struct sockaddr_ll *)msg->msg_name; -- struct sk_buff *skb; -- struct net_device *dev; -- __be16 proto; -- unsigned char *addr; -- int ifindex, err, reserve = 0; -- -- if (!nx_capable(CAP_NET_RAW, NXC_RAW_SEND)) -- return -EPERM; -- -- /* -- * Get and verify the address. -- */ -- -- if (saddr == NULL) { -- struct packet_sock *po = pkt_sk(sk); -- -- ifindex = po->ifindex; -- proto = po->num; -- addr = NULL; -- } else { -- err = -EINVAL; -- if (msg->msg_namelen < sizeof(struct sockaddr_ll)) -- goto out; -- if (msg->msg_namelen < (saddr->sll_halen + offsetof(struct sockaddr_ll, sll_addr))) -- goto out; -- ifindex = saddr->sll_ifindex; -- proto = saddr->sll_protocol; -- addr = saddr->sll_addr; -- } -- -- -- dev = dev_get_by_index(ifindex); -- err = -ENXIO; -- if (dev == NULL) -- goto out_unlock; -- if (sock->type == SOCK_RAW) -- reserve = dev->hard_header_len; -- -- err = -ENETDOWN; -- if (!(dev->flags & IFF_UP)) -- goto out_unlock; -- -- err = -EMSGSIZE; -- if (len > dev->mtu+reserve) -- goto out_unlock; -- -- skb = sock_alloc_send_skb(sk, len + LL_RESERVED_SPACE(dev), -- msg->msg_flags & MSG_DONTWAIT, &err); -- if (skb==NULL) -- goto out_unlock; -- -- skb_reserve(skb, LL_RESERVED_SPACE(dev)); -- skb_reset_network_header(skb); -- -- if (dev->hard_header) { -- int res; -- err = -EINVAL; -- res = dev->hard_header(skb, dev, ntohs(proto), addr, NULL, len); -- if (sock->type != SOCK_DGRAM) { -- skb_reset_tail_pointer(skb); -- skb->len = 0; -- } else if (res < 0) -- goto out_free; -- } -- -- /* Returns -EFAULT on error */ -- err = memcpy_fromiovec(skb_put(skb,len), msg->msg_iov, len); -- if (err) -- goto out_free; -- -- skb->protocol = proto; -- skb->dev = dev; -- skb->priority = sk->sk_priority; -- -- /* -- * Now send it -- */ -- -- err = dev_queue_xmit(skb); -- if (err > 0 && (err = net_xmit_errno(err)) != 0) -- goto out_unlock; -- -- dev_put(dev); -- -- return(len); -- --out_free: -- kfree_skb(skb); --out_unlock: -- if (dev) -- dev_put(dev); --out: -- return err; --} -- --/* -- * Close a PACKET socket. This is fairly simple. We immediately go -- * to 'closed' state and remove our protocol entry in the device list. -- */ -- --static int packet_release(struct socket *sock) --{ -- struct sock *sk = sock->sk; -- struct packet_sock *po; -- -- if (!sk) -- return 0; -- -- po = pkt_sk(sk); -- -- write_lock_bh(&packet_sklist_lock); -- sk_del_node_init(sk); -- write_unlock_bh(&packet_sklist_lock); -- -- /* -- * Unhook packet receive handler. -- */ -- -- if (po->running) { -- /* -- * Remove the protocol hook -- */ -- dev_remove_pack(&po->prot_hook); -- po->running = 0; -- po->num = 0; -- __sock_put(sk); -- } -- -- packet_flush_mclist(sk); -- --#ifdef CONFIG_PACKET_MMAP -- if (po->pg_vec) { -- struct tpacket_req req; -- memset(&req, 0, sizeof(req)); -- packet_set_ring(sk, &req, 1); -- } --#endif -- -- /* -- * Now the socket is dead. No more input will appear. -- */ -- -- sock_orphan(sk); -- sock->sk = NULL; -- -- /* Purge queues */ -- -- skb_queue_purge(&sk->sk_receive_queue); -- -- sock_put(sk); -- return 0; --} -- --/* -- * Attach a packet hook. -- */ -- --static int packet_do_bind(struct sock *sk, struct net_device *dev, __be16 protocol) --{ -- struct packet_sock *po = pkt_sk(sk); -- /* -- * Detach an existing hook if present. -- */ -- -- lock_sock(sk); -- -- spin_lock(&po->bind_lock); -- if (po->running) { -- __sock_put(sk); -- po->running = 0; -- po->num = 0; -- spin_unlock(&po->bind_lock); -- dev_remove_pack(&po->prot_hook); -- spin_lock(&po->bind_lock); -- } -- -- po->num = protocol; -- po->prot_hook.type = protocol; -- po->prot_hook.dev = dev; -- -- po->ifindex = dev ? dev->ifindex : 0; -- -- if (protocol == 0) -- goto out_unlock; -- -- if (dev) { -- if (dev->flags&IFF_UP) { -- dev_add_pack(&po->prot_hook); -- sock_hold(sk); -- po->running = 1; -- } else { -- sk->sk_err = ENETDOWN; -- if (!sock_flag(sk, SOCK_DEAD)) -- sk->sk_error_report(sk); -- } -- } else { -- dev_add_pack(&po->prot_hook); -- sock_hold(sk); -- po->running = 1; -- } -- --out_unlock: -- spin_unlock(&po->bind_lock); -- release_sock(sk); -- return 0; --} -- --/* -- * Bind a packet socket to a device -- */ -- --static int packet_bind_spkt(struct socket *sock, struct sockaddr *uaddr, int addr_len) --{ -- struct sock *sk=sock->sk; -- char name[15]; -- struct net_device *dev; -- int err = -ENODEV; -- -- /* -- * Check legality -- */ -- -- if (addr_len != sizeof(struct sockaddr)) -- return -EINVAL; -- strlcpy(name,uaddr->sa_data,sizeof(name)); -- -- dev = dev_get_by_name(name); -- if (dev) { -- err = packet_do_bind(sk, dev, pkt_sk(sk)->num); -- dev_put(dev); -- } -- return err; --} -- --static int packet_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len) --{ -- struct sockaddr_ll *sll = (struct sockaddr_ll*)uaddr; -- struct sock *sk=sock->sk; -- struct net_device *dev = NULL; -- int err; -- -- -- /* -- * Check legality -- */ -- -- if (addr_len < sizeof(struct sockaddr_ll)) -- return -EINVAL; -- if (sll->sll_family != AF_PACKET) -- return -EINVAL; -- -- if (sll->sll_ifindex) { -- err = -ENODEV; -- dev = dev_get_by_index(sll->sll_ifindex); -- if (dev == NULL) -- goto out; -- } -- err = packet_do_bind(sk, dev, sll->sll_protocol ? : pkt_sk(sk)->num); -- if (dev) -- dev_put(dev); -- --out: -- return err; --} -- --static struct proto packet_proto = { -- .name = "PACKET", -- .owner = THIS_MODULE, -- .obj_size = sizeof(struct packet_sock), --}; -- --/* -- * Create a packet of type SOCK_PACKET. -- */ -- --static int packet_create(struct socket *sock, int protocol) --{ -- struct sock *sk; -- struct packet_sock *po; -- __be16 proto = (__force __be16)protocol; /* weird, but documented */ -- int err; -- -- if (!nx_capable(CAP_NET_RAW, NXC_RAW_SOCKET)) -- return -EPERM; -- if (sock->type != SOCK_DGRAM && sock->type != SOCK_RAW && -- sock->type != SOCK_PACKET) -- return -ESOCKTNOSUPPORT; -- -- sock->state = SS_UNCONNECTED; -- -- err = -ENOBUFS; -- sk = sk_alloc(PF_PACKET, GFP_KERNEL, &packet_proto, 1); -- if (sk == NULL) -- goto out; -- -- sock->ops = &packet_ops; -- if (sock->type == SOCK_PACKET) -- sock->ops = &packet_ops_spkt; -- -- sock_init_data(sock, sk); -- -- po = pkt_sk(sk); -- sk->sk_family = PF_PACKET; -- po->num = proto; -- -- sk->sk_destruct = packet_sock_destruct; -- atomic_inc(&packet_socks_nr); -- -- /* -- * Attach a protocol block -- */ -- -- spin_lock_init(&po->bind_lock); -- po->prot_hook.func = packet_rcv; -- -- if (sock->type == SOCK_PACKET) -- po->prot_hook.func = packet_rcv_spkt; -- -- po->prot_hook.af_packet_priv = sk; -- -- if (proto) { -- po->prot_hook.type = proto; -- dev_add_pack(&po->prot_hook); -- sock_hold(sk); -- po->running = 1; -- } -- -- write_lock_bh(&packet_sklist_lock); -- sk_add_node(sk, &packet_sklist); -- write_unlock_bh(&packet_sklist_lock); -- return(0); --out: -- return err; --} -- --/* -- * Pull a packet from our receive queue and hand it to the user. -- * If necessary we block. -- */ -- --static int packet_recvmsg(struct kiocb *iocb, struct socket *sock, -- struct msghdr *msg, size_t len, int flags) --{ -- struct sock *sk = sock->sk; -- struct sk_buff *skb; -- int copied, err; -- struct sockaddr_ll *sll; -- -- err = -EINVAL; -- if (flags & ~(MSG_PEEK|MSG_DONTWAIT|MSG_TRUNC|MSG_CMSG_COMPAT)) -- goto out; -- --#if 0 -- /* What error should we return now? EUNATTACH? */ -- if (pkt_sk(sk)->ifindex < 0) -- return -ENODEV; --#endif -- -- /* -- * Call the generic datagram receiver. This handles all sorts -- * of horrible races and re-entrancy so we can forget about it -- * in the protocol layers. -- * -- * Now it will return ENETDOWN, if device have just gone down, -- * but then it will block. -- */ -- -- skb=skb_recv_datagram(sk,flags,flags&MSG_DONTWAIT,&err); -- -- /* -- * An error occurred so return it. Because skb_recv_datagram() -- * handles the blocking we don't see and worry about blocking -- * retries. -- */ -- -- if (skb == NULL) -- goto out; -- -- /* -- * If the address length field is there to be filled in, we fill -- * it in now. -- */ -- -- sll = &PACKET_SKB_CB(skb)->sa.ll; -- if (sock->type == SOCK_PACKET) -- msg->msg_namelen = sizeof(struct sockaddr_pkt); -- else -- msg->msg_namelen = sll->sll_halen + offsetof(struct sockaddr_ll, sll_addr); -- -- /* -- * You lose any data beyond the buffer you gave. If it worries a -- * user program they can ask the device for its MTU anyway. -- */ -- -- copied = skb->len; -- if (copied > len) -- { -- copied=len; -- msg->msg_flags|=MSG_TRUNC; -- } -- -- err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied); -- if (err) -- goto out_free; -- -- sock_recv_timestamp(msg, sk, skb); -- -- if (msg->msg_name) -- memcpy(msg->msg_name, &PACKET_SKB_CB(skb)->sa, -- msg->msg_namelen); -- -- if (pkt_sk(sk)->auxdata) { -- struct tpacket_auxdata aux; -- -- aux.tp_status = TP_STATUS_USER; -- if (skb->ip_summed == CHECKSUM_PARTIAL) -- aux.tp_status |= TP_STATUS_CSUMNOTREADY; -- aux.tp_len = PACKET_SKB_CB(skb)->origlen; -- aux.tp_snaplen = skb->len; -- aux.tp_mac = 0; -- aux.tp_net = skb_network_offset(skb); -- -- put_cmsg(msg, SOL_PACKET, PACKET_AUXDATA, sizeof(aux), &aux); -- } -- -- /* -- * Free or return the buffer as appropriate. Again this -- * hides all the races and re-entrancy issues from us. -- */ -- err = (flags&MSG_TRUNC) ? skb->len : copied; -- --out_free: -- skb_free_datagram(sk, skb); --out: -- return err; --} -- --static int packet_getname_spkt(struct socket *sock, struct sockaddr *uaddr, -- int *uaddr_len, int peer) --{ -- struct net_device *dev; -- struct sock *sk = sock->sk; -- -- if (peer) -- return -EOPNOTSUPP; -- -- uaddr->sa_family = AF_PACKET; -- dev = dev_get_by_index(pkt_sk(sk)->ifindex); -- if (dev) { -- strlcpy(uaddr->sa_data, dev->name, 15); -- dev_put(dev); -- } else -- memset(uaddr->sa_data, 0, 14); -- *uaddr_len = sizeof(*uaddr); -- -- return 0; --} -- --static int packet_getname(struct socket *sock, struct sockaddr *uaddr, -- int *uaddr_len, int peer) --{ -- struct net_device *dev; -- struct sock *sk = sock->sk; -- struct packet_sock *po = pkt_sk(sk); -- struct sockaddr_ll *sll = (struct sockaddr_ll*)uaddr; -- -- if (peer) -- return -EOPNOTSUPP; -- -- sll->sll_family = AF_PACKET; -- sll->sll_ifindex = po->ifindex; -- sll->sll_protocol = po->num; -- dev = dev_get_by_index(po->ifindex); -- if (dev) { -- sll->sll_hatype = dev->type; -- sll->sll_halen = dev->addr_len; -- memcpy(sll->sll_addr, dev->dev_addr, dev->addr_len); -- dev_put(dev); -- } else { -- sll->sll_hatype = 0; /* Bad: we have no ARPHRD_UNSPEC */ -- sll->sll_halen = 0; -- } -- *uaddr_len = offsetof(struct sockaddr_ll, sll_addr) + sll->sll_halen; -- -- return 0; --} -- --static void packet_dev_mc(struct net_device *dev, struct packet_mclist *i, int what) --{ -- switch (i->type) { -- case PACKET_MR_MULTICAST: -- if (what > 0) -- dev_mc_add(dev, i->addr, i->alen, 0); -- else -- dev_mc_delete(dev, i->addr, i->alen, 0); -- break; -- case PACKET_MR_PROMISC: -- dev_set_promiscuity(dev, what); -- break; -- case PACKET_MR_ALLMULTI: -- dev_set_allmulti(dev, what); -- break; -- default:; -- } --} -- --static void packet_dev_mclist(struct net_device *dev, struct packet_mclist *i, int what) --{ -- for ( ; i; i=i->next) { -- if (i->ifindex == dev->ifindex) -- packet_dev_mc(dev, i, what); -- } --} -- --static int packet_mc_add(struct sock *sk, struct packet_mreq_max *mreq) --{ -- struct packet_sock *po = pkt_sk(sk); -- struct packet_mclist *ml, *i; -- struct net_device *dev; -- int err; -- -- rtnl_lock(); -- -- err = -ENODEV; -- dev = __dev_get_by_index(mreq->mr_ifindex); -- if (!dev) -- goto done; -- -- err = -EINVAL; -- if (mreq->mr_alen > dev->addr_len) -- goto done; -- -- err = -ENOBUFS; -- i = kmalloc(sizeof(*i), GFP_KERNEL); -- if (i == NULL) -- goto done; -- -- err = 0; -- for (ml = po->mclist; ml; ml = ml->next) { -- if (ml->ifindex == mreq->mr_ifindex && -- ml->type == mreq->mr_type && -- ml->alen == mreq->mr_alen && -- memcmp(ml->addr, mreq->mr_address, ml->alen) == 0) { -- ml->count++; -- /* Free the new element ... */ -- kfree(i); -- goto done; -- } -- } -- -- i->type = mreq->mr_type; -- i->ifindex = mreq->mr_ifindex; -- i->alen = mreq->mr_alen; -- memcpy(i->addr, mreq->mr_address, i->alen); -- i->count = 1; -- i->next = po->mclist; -- po->mclist = i; -- packet_dev_mc(dev, i, +1); -- --done: -- rtnl_unlock(); -- return err; --} -- --static int packet_mc_drop(struct sock *sk, struct packet_mreq_max *mreq) --{ -- struct packet_mclist *ml, **mlp; -- -- rtnl_lock(); -- -- for (mlp = &pkt_sk(sk)->mclist; (ml = *mlp) != NULL; mlp = &ml->next) { -- if (ml->ifindex == mreq->mr_ifindex && -- ml->type == mreq->mr_type && -- ml->alen == mreq->mr_alen && -- memcmp(ml->addr, mreq->mr_address, ml->alen) == 0) { -- if (--ml->count == 0) { -- struct net_device *dev; -- *mlp = ml->next; -- dev = dev_get_by_index(ml->ifindex); -- if (dev) { -- packet_dev_mc(dev, ml, -1); -- dev_put(dev); -- } -- kfree(ml); -- } -- rtnl_unlock(); -- return 0; -- } -- } -- rtnl_unlock(); -- return -EADDRNOTAVAIL; --} -- --static void packet_flush_mclist(struct sock *sk) --{ -- struct packet_sock *po = pkt_sk(sk); -- struct packet_mclist *ml; -- -- if (!po->mclist) -- return; -- -- rtnl_lock(); -- while ((ml = po->mclist) != NULL) { -- struct net_device *dev; -- -- po->mclist = ml->next; -- if ((dev = dev_get_by_index(ml->ifindex)) != NULL) { -- packet_dev_mc(dev, ml, -1); -- dev_put(dev); -- } -- kfree(ml); -- } -- rtnl_unlock(); --} -- --static int --packet_setsockopt(struct socket *sock, int level, int optname, char __user *optval, int optlen) --{ -- struct sock *sk = sock->sk; -- struct packet_sock *po = pkt_sk(sk); -- int ret; -- -- if (level != SOL_PACKET) -- return -ENOPROTOOPT; -- -- switch(optname) { -- case PACKET_ADD_MEMBERSHIP: -- case PACKET_DROP_MEMBERSHIP: -- { -- struct packet_mreq_max mreq; -- int len = optlen; -- memset(&mreq, 0, sizeof(mreq)); -- if (len < sizeof(struct packet_mreq)) -- return -EINVAL; -- if (len > sizeof(mreq)) -- len = sizeof(mreq); -- if (copy_from_user(&mreq,optval,len)) -- return -EFAULT; -- if (len < (mreq.mr_alen + offsetof(struct packet_mreq, mr_address))) -- return -EINVAL; -- if (optname == PACKET_ADD_MEMBERSHIP) -- ret = packet_mc_add(sk, &mreq); -- else -- ret = packet_mc_drop(sk, &mreq); -- return ret; -- } -- --#ifdef CONFIG_PACKET_MMAP -- case PACKET_RX_RING: -- { -- struct tpacket_req req; -- -- if (optlencopy_thresh = val; -- return 0; -- } --#endif -- case PACKET_AUXDATA: -- { -- int val; -- -- if (optlen < sizeof(val)) -- return -EINVAL; -- if (copy_from_user(&val, optval, sizeof(val))) -- return -EFAULT; -- -- po->auxdata = !!val; -- return 0; -- } -- case PACKET_ORIGDEV: -- { -- int val; -- -- if (optlen < sizeof(val)) -- return -EINVAL; -- if (copy_from_user(&val, optval, sizeof(val))) -- return -EFAULT; -- -- po->origdev = !!val; -- return 0; -- } -- default: -- return -ENOPROTOOPT; -- } --} -- --static int packet_getsockopt(struct socket *sock, int level, int optname, -- char __user *optval, int __user *optlen) --{ -- int len; -- int val; -- struct sock *sk = sock->sk; -- struct packet_sock *po = pkt_sk(sk); -- void *data; -- struct tpacket_stats st; -- -- if (level != SOL_PACKET) -- return -ENOPROTOOPT; -- -- if (get_user(len, optlen)) -- return -EFAULT; -- -- if (len < 0) -- return -EINVAL; -- -- switch(optname) { -- case PACKET_STATISTICS: -- if (len > sizeof(struct tpacket_stats)) -- len = sizeof(struct tpacket_stats); -- spin_lock_bh(&sk->sk_receive_queue.lock); -- st = po->stats; -- memset(&po->stats, 0, sizeof(st)); -- spin_unlock_bh(&sk->sk_receive_queue.lock); -- st.tp_packets += st.tp_drops; -- -- data = &st; -- break; -- case PACKET_AUXDATA: -- if (len > sizeof(int)) -- len = sizeof(int); -- val = po->auxdata; -- -- data = &val; -- break; -- case PACKET_ORIGDEV: -- if (len > sizeof(int)) -- len = sizeof(int); -- val = po->origdev; -- -- data = &val; -- break; -- default: -- return -ENOPROTOOPT; -- } -- -- if (put_user(len, optlen)) -- return -EFAULT; -- if (copy_to_user(optval, data, len)) -- return -EFAULT; -- return 0; --} -- -- --static int packet_notifier(struct notifier_block *this, unsigned long msg, void *data) --{ -- struct sock *sk; -- struct hlist_node *node; -- struct net_device *dev = data; -- -- read_lock(&packet_sklist_lock); -- sk_for_each(sk, node, &packet_sklist) { -- struct packet_sock *po = pkt_sk(sk); -- -- switch (msg) { -- case NETDEV_UNREGISTER: -- if (po->mclist) -- packet_dev_mclist(dev, po->mclist, -1); -- /* fallthrough */ -- -- case NETDEV_DOWN: -- if (dev->ifindex == po->ifindex) { -- spin_lock(&po->bind_lock); -- if (po->running) { -- __dev_remove_pack(&po->prot_hook); -- __sock_put(sk); -- po->running = 0; -- sk->sk_err = ENETDOWN; -- if (!sock_flag(sk, SOCK_DEAD)) -- sk->sk_error_report(sk); -- } -- if (msg == NETDEV_UNREGISTER) { -- po->ifindex = -1; -- po->prot_hook.dev = NULL; -- } -- spin_unlock(&po->bind_lock); -- } -- break; -- case NETDEV_UP: -- spin_lock(&po->bind_lock); -- if (dev->ifindex == po->ifindex && po->num && -- !po->running) { -- dev_add_pack(&po->prot_hook); -- sock_hold(sk); -- po->running = 1; -- } -- spin_unlock(&po->bind_lock); -- break; -- } -- } -- read_unlock(&packet_sklist_lock); -- return NOTIFY_DONE; --} -- -- --static int packet_ioctl(struct socket *sock, unsigned int cmd, -- unsigned long arg) --{ -- struct sock *sk = sock->sk; -- -- switch(cmd) { -- case SIOCOUTQ: -- { -- int amount = atomic_read(&sk->sk_wmem_alloc); -- return put_user(amount, (int __user *)arg); -- } -- case SIOCINQ: -- { -- struct sk_buff *skb; -- int amount = 0; -- -- spin_lock_bh(&sk->sk_receive_queue.lock); -- skb = skb_peek(&sk->sk_receive_queue); -- if (skb) -- amount = skb->len; -- spin_unlock_bh(&sk->sk_receive_queue.lock); -- return put_user(amount, (int __user *)arg); -- } -- case SIOCGSTAMP: -- return sock_get_timestamp(sk, (struct timeval __user *)arg); -- case SIOCGSTAMPNS: -- return sock_get_timestampns(sk, (struct timespec __user *)arg); -- --#ifdef CONFIG_INET -- case SIOCADDRT: -- case SIOCDELRT: -- case SIOCDARP: -- case SIOCGARP: -- case SIOCSARP: -- case SIOCGIFADDR: -- case SIOCSIFADDR: -- case SIOCGIFBRDADDR: -- case SIOCSIFBRDADDR: -- case SIOCGIFNETMASK: -- case SIOCSIFNETMASK: -- case SIOCGIFDSTADDR: -- case SIOCSIFDSTADDR: -- case SIOCSIFFLAGS: -- return inet_dgram_ops.ioctl(sock, cmd, arg); --#endif -- -- default: -- return -ENOIOCTLCMD; -- } -- return 0; --} -- --#ifndef CONFIG_PACKET_MMAP --#define packet_mmap sock_no_mmap --#define packet_poll datagram_poll --#else -- --static unsigned int packet_poll(struct file * file, struct socket *sock, -- poll_table *wait) --{ -- struct sock *sk = sock->sk; -- struct packet_sock *po = pkt_sk(sk); -- unsigned int mask = datagram_poll(file, sock, wait); -- -- spin_lock_bh(&sk->sk_receive_queue.lock); -- if (po->pg_vec) { -- unsigned last = po->head ? po->head-1 : po->frame_max; -- struct tpacket_hdr *h; -- -- h = packet_lookup_frame(po, last); -- -- if (h->tp_status) -- mask |= POLLIN | POLLRDNORM; -- } -- spin_unlock_bh(&sk->sk_receive_queue.lock); -- return mask; --} -- -- --/* Dirty? Well, I still did not learn better way to account -- * for user mmaps. -- */ -- --static void packet_mm_open(struct vm_area_struct *vma) --{ -- struct file *file = vma->vm_file; -- struct socket * sock = file->private_data; -- struct sock *sk = sock->sk; -- -- if (sk) -- atomic_inc(&pkt_sk(sk)->mapped); --} -- --static void packet_mm_close(struct vm_area_struct *vma) --{ -- struct file *file = vma->vm_file; -- struct socket * sock = file->private_data; -- struct sock *sk = sock->sk; -- -- if (sk) -- atomic_dec(&pkt_sk(sk)->mapped); --} -- --static struct vm_operations_struct packet_mmap_ops = { -- .open = packet_mm_open, -- .close =packet_mm_close, --}; -- --static inline struct page *pg_vec_endpage(char *one_pg_vec, unsigned int order) --{ -- return virt_to_page(one_pg_vec + (PAGE_SIZE << order) - 1); --} -- --static void free_pg_vec(char **pg_vec, unsigned int order, unsigned int len) --{ -- int i; -- -- for (i = 0; i < len; i++) { -- if (likely(pg_vec[i])) -- free_pages((unsigned long) pg_vec[i], order); -- } -- kfree(pg_vec); --} -- --static inline char *alloc_one_pg_vec_page(unsigned long order) --{ -- return (char *) __get_free_pages(GFP_KERNEL | __GFP_COMP | __GFP_ZERO, -- order); --} -- --static char **alloc_pg_vec(struct tpacket_req *req, int order) --{ -- unsigned int block_nr = req->tp_block_nr; -- char **pg_vec; -- int i; -- -- pg_vec = kzalloc(block_nr * sizeof(char *), GFP_KERNEL); -- if (unlikely(!pg_vec)) -- goto out; -- -- for (i = 0; i < block_nr; i++) { -- pg_vec[i] = alloc_one_pg_vec_page(order); -- if (unlikely(!pg_vec[i])) -- goto out_free_pgvec; -- } -- --out: -- return pg_vec; -- --out_free_pgvec: -- free_pg_vec(pg_vec, order, block_nr); -- pg_vec = NULL; -- goto out; --} -- --static int packet_set_ring(struct sock *sk, struct tpacket_req *req, int closing) --{ -- char **pg_vec = NULL; -- struct packet_sock *po = pkt_sk(sk); -- int was_running, order = 0; -- __be16 num; -- int err = 0; -- -- if (req->tp_block_nr) { -- int i, l; -- -- /* Sanity tests and some calculations */ -- -- if (unlikely(po->pg_vec)) -- return -EBUSY; -- -- if (unlikely((int)req->tp_block_size <= 0)) -- return -EINVAL; -- if (unlikely(req->tp_block_size & (PAGE_SIZE - 1))) -- return -EINVAL; -- if (unlikely(req->tp_frame_size < TPACKET_HDRLEN)) -- return -EINVAL; -- if (unlikely(req->tp_frame_size & (TPACKET_ALIGNMENT - 1))) -- return -EINVAL; -- -- po->frames_per_block = req->tp_block_size/req->tp_frame_size; -- if (unlikely(po->frames_per_block <= 0)) -- return -EINVAL; -- if (unlikely((po->frames_per_block * req->tp_block_nr) != -- req->tp_frame_nr)) -- return -EINVAL; -- -- err = -ENOMEM; -- order = get_order(req->tp_block_size); -- pg_vec = alloc_pg_vec(req, order); -- if (unlikely(!pg_vec)) -- goto out; -- -- l = 0; -- for (i = 0; i < req->tp_block_nr; i++) { -- char *ptr = pg_vec[i]; -- struct tpacket_hdr *header; -- int k; -- -- for (k = 0; k < po->frames_per_block; k++) { -- header = (struct tpacket_hdr *) ptr; -- header->tp_status = TP_STATUS_KERNEL; -- ptr += req->tp_frame_size; -- } -- } -- /* Done */ -- } else { -- if (unlikely(req->tp_frame_nr)) -- return -EINVAL; -- } -- -- lock_sock(sk); -- -- /* Detach socket from network */ -- spin_lock(&po->bind_lock); -- was_running = po->running; -- num = po->num; -- if (was_running) { -- __dev_remove_pack(&po->prot_hook); -- po->num = 0; -- po->running = 0; -- __sock_put(sk); -- } -- spin_unlock(&po->bind_lock); -- -- synchronize_net(); -- -- err = -EBUSY; -- if (closing || atomic_read(&po->mapped) == 0) { -- err = 0; --#define XC(a, b) ({ __typeof__ ((a)) __t; __t = (a); (a) = (b); __t; }) -- -- spin_lock_bh(&sk->sk_receive_queue.lock); -- pg_vec = XC(po->pg_vec, pg_vec); -- po->frame_max = (req->tp_frame_nr - 1); -- po->head = 0; -- po->frame_size = req->tp_frame_size; -- spin_unlock_bh(&sk->sk_receive_queue.lock); -- -- order = XC(po->pg_vec_order, order); -- req->tp_block_nr = XC(po->pg_vec_len, req->tp_block_nr); -- -- po->pg_vec_pages = req->tp_block_size/PAGE_SIZE; -- po->prot_hook.func = po->pg_vec ? tpacket_rcv : packet_rcv; -- skb_queue_purge(&sk->sk_receive_queue); --#undef XC -- if (atomic_read(&po->mapped)) -- printk(KERN_DEBUG "packet_mmap: vma is busy: %d\n", atomic_read(&po->mapped)); -- } -- -- spin_lock(&po->bind_lock); -- if (was_running && !po->running) { -- sock_hold(sk); -- po->running = 1; -- po->num = num; -- dev_add_pack(&po->prot_hook); -- } -- spin_unlock(&po->bind_lock); -- -- release_sock(sk); -- -- if (pg_vec) -- free_pg_vec(pg_vec, order, req->tp_block_nr); --out: -- return err; --} -- --static int packet_mmap(struct file *file, struct socket *sock, struct vm_area_struct *vma) --{ -- struct sock *sk = sock->sk; -- struct packet_sock *po = pkt_sk(sk); -- unsigned long size; -- unsigned long start; -- int err = -EINVAL; -- int i; -- -- if (vma->vm_pgoff) -- return -EINVAL; -- -- size = vma->vm_end - vma->vm_start; -- -- lock_sock(sk); -- if (po->pg_vec == NULL) -- goto out; -- if (size != po->pg_vec_len*po->pg_vec_pages*PAGE_SIZE) -- goto out; -- -- start = vma->vm_start; -- for (i = 0; i < po->pg_vec_len; i++) { -- struct page *page = virt_to_page(po->pg_vec[i]); -- int pg_num; -- -- for (pg_num = 0; pg_num < po->pg_vec_pages; pg_num++, page++) { -- err = vm_insert_page(vma, start, page); -- if (unlikely(err)) -- goto out; -- start += PAGE_SIZE; -- } -- } -- atomic_inc(&po->mapped); -- vma->vm_ops = &packet_mmap_ops; -- err = 0; -- --out: -- release_sock(sk); -- return err; --} --#endif -- -- --static const struct proto_ops packet_ops_spkt = { -- .family = PF_PACKET, -- .owner = THIS_MODULE, -- .release = packet_release, -- .bind = packet_bind_spkt, -- .connect = sock_no_connect, -- .socketpair = sock_no_socketpair, -- .accept = sock_no_accept, -- .getname = packet_getname_spkt, -- .poll = datagram_poll, -- .ioctl = packet_ioctl, -- .listen = sock_no_listen, -- .shutdown = sock_no_shutdown, -- .setsockopt = sock_no_setsockopt, -- .getsockopt = sock_no_getsockopt, -- .sendmsg = packet_sendmsg_spkt, -- .recvmsg = packet_recvmsg, -- .mmap = sock_no_mmap, -- .sendpage = sock_no_sendpage, --}; -- --static const struct proto_ops packet_ops = { -- .family = PF_PACKET, -- .owner = THIS_MODULE, -- .release = packet_release, -- .bind = packet_bind, -- .connect = sock_no_connect, -- .socketpair = sock_no_socketpair, -- .accept = sock_no_accept, -- .getname = packet_getname, -- .poll = packet_poll, -- .ioctl = packet_ioctl, -- .listen = sock_no_listen, -- .shutdown = sock_no_shutdown, -- .setsockopt = packet_setsockopt, -- .getsockopt = packet_getsockopt, -- .sendmsg = packet_sendmsg, -- .recvmsg = packet_recvmsg, -- .mmap = packet_mmap, -- .sendpage = sock_no_sendpage, --}; -- --static struct net_proto_family packet_family_ops = { -- .family = PF_PACKET, -- .create = packet_create, -- .owner = THIS_MODULE, --}; -- --static struct notifier_block packet_netdev_notifier = { -- .notifier_call =packet_notifier, --}; -- --#ifdef CONFIG_PROC_FS --static inline struct sock *packet_seq_idx(loff_t off) --{ -- struct sock *s; -- struct hlist_node *node; -- -- sk_for_each(s, node, &packet_sklist) { -- if (!off--) -- return s; -- } -- return NULL; --} -- --static void *packet_seq_start(struct seq_file *seq, loff_t *pos) --{ -- read_lock(&packet_sklist_lock); -- return *pos ? packet_seq_idx(*pos - 1) : SEQ_START_TOKEN; --} -- --static void *packet_seq_next(struct seq_file *seq, void *v, loff_t *pos) --{ -- ++*pos; -- return (v == SEQ_START_TOKEN) -- ? sk_head(&packet_sklist) -- : sk_next((struct sock*)v) ; --} -- --static void packet_seq_stop(struct seq_file *seq, void *v) --{ -- read_unlock(&packet_sklist_lock); --} -- --static int packet_seq_show(struct seq_file *seq, void *v) --{ -- if (v == SEQ_START_TOKEN) -- seq_puts(seq, "sk RefCnt Type Proto Iface R Rmem User Inode\n"); -- else { -- struct sock *s = v; -- const struct packet_sock *po = pkt_sk(s); -- -- seq_printf(seq, -- "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", -- s, -- atomic_read(&s->sk_refcnt), -- s->sk_type, -- ntohs(po->num), -- po->ifindex, -- po->running, -- atomic_read(&s->sk_rmem_alloc), -- sock_i_uid(s), -- sock_i_ino(s) ); -- } -- -- return 0; --} -- --static struct seq_operations packet_seq_ops = { -- .start = packet_seq_start, -- .next = packet_seq_next, -- .stop = packet_seq_stop, -- .show = packet_seq_show, --}; -- --static int packet_seq_open(struct inode *inode, struct file *file) --{ -- return seq_open(file, &packet_seq_ops); --} -- --static const struct file_operations packet_seq_fops = { -- .owner = THIS_MODULE, -- .open = packet_seq_open, -- .read = seq_read, -- .llseek = seq_lseek, -- .release = seq_release, --}; -- --#endif -- --static void __exit packet_exit(void) --{ -- proc_net_remove("packet"); -- unregister_netdevice_notifier(&packet_netdev_notifier); -- sock_unregister(PF_PACKET); -- proto_unregister(&packet_proto); --} -- --static int __init packet_init(void) --{ -- int rc = proto_register(&packet_proto, 0); -- -- if (rc != 0) -- goto out; -- -- sock_register(&packet_family_ops); -- register_netdevice_notifier(&packet_netdev_notifier); -- proc_net_fops_create("packet", 0, &packet_seq_fops); --out: -- return rc; --} -- --module_init(packet_init); --module_exit(packet_exit); --MODULE_LICENSE("GPL"); --MODULE_ALIAS_NETPROTO(PF_PACKET); -diff -Nurb linux-2.6.22-594/net/socket.c linux-2.6.22-595/net/socket.c ---- linux-2.6.22-594/net/socket.c 2008-03-20 00:05:19.000000000 -0400 -+++ linux-2.6.22-595/net/socket.c 2008-03-20 00:14:03.000000000 -0400 -@@ -1122,12 +1122,17 @@ - if (type < 0 || type >= SOCK_MAX) - return -EINVAL; - -+ /* -+ * Hack no. 2 - Sapan -+ * Clean this up later -+ * - if (!nx_check(0, VS_ADMIN)) { - if (family == PF_INET && !current_nx_info_has_v4()) - return -EAFNOSUPPORT; - if (family == PF_INET6 && !current_nx_info_has_v6()) - return -EAFNOSUPPORT; - } -+ */ - - /* Compatibility. - -diff -Nurb linux-2.6.22-594/net/socket.c.orig linux-2.6.22-595/net/socket.c.orig ---- linux-2.6.22-594/net/socket.c.orig 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22-595/net/socket.c.orig 2008-03-20 00:05:19.000000000 -0400 -@@ -0,0 +1,2400 @@ -+/* -+ * NET An implementation of the SOCKET network access protocol. -+ * -+ * Version: @(#)socket.c 1.1.93 18/02/95 -+ * -+ * Authors: Orest Zborowski, -+ * Ross Biro -+ * Fred N. van Kempen, -+ * -+ * Fixes: -+ * Anonymous : NOTSOCK/BADF cleanup. Error fix in -+ * shutdown() -+ * Alan Cox : verify_area() fixes -+ * Alan Cox : Removed DDI -+ * Jonathan Kamens : SOCK_DGRAM reconnect bug -+ * Alan Cox : Moved a load of checks to the very -+ * top level. -+ * Alan Cox : Move address structures to/from user -+ * mode above the protocol layers. -+ * Rob Janssen : Allow 0 length sends. -+ * Alan Cox : Asynchronous I/O support (cribbed from the -+ * tty drivers). -+ * Niibe Yutaka : Asynchronous I/O for writes (4.4BSD style) -+ * Jeff Uphoff : Made max number of sockets command-line -+ * configurable. -+ * Matti Aarnio : Made the number of sockets dynamic, -+ * to be allocated when needed, and mr. -+ * Uphoff's max is used as max to be -+ * allowed to allocate. -+ * Linus : Argh. removed all the socket allocation -+ * altogether: it's in the inode now. -+ * Alan Cox : Made sock_alloc()/sock_release() public -+ * for NetROM and future kernel nfsd type -+ * stuff. -+ * Alan Cox : sendmsg/recvmsg basics. -+ * Tom Dyas : Export net symbols. -+ * Marcin Dalecki : Fixed problems with CONFIG_NET="n". -+ * Alan Cox : Added thread locking to sys_* calls -+ * for sockets. May have errors at the -+ * moment. -+ * Kevin Buhr : Fixed the dumb errors in the above. -+ * Andi Kleen : Some small cleanups, optimizations, -+ * and fixed a copy_from_user() bug. -+ * Tigran Aivazian : sys_send(args) calls sys_sendto(args, NULL, 0) -+ * Tigran Aivazian : Made listen(2) backlog sanity checks -+ * protocol-independent -+ * -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public License -+ * as published by the Free Software Foundation; either version -+ * 2 of the License, or (at your option) any later version. -+ * -+ * -+ * This module is effectively the top level interface to the BSD socket -+ * paradigm. -+ * -+ * Based upon Swansea University Computer Society NET3.039 -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#include -+#include -+ -+#include -+ -+#include -+#include -+#include -+#include -+#include -+#include -+ -+static int sock_no_open(struct inode *irrelevant, struct file *dontcare); -+static ssize_t sock_aio_read(struct kiocb *iocb, const struct iovec *iov, -+ unsigned long nr_segs, loff_t pos); -+static ssize_t sock_aio_write(struct kiocb *iocb, const struct iovec *iov, -+ unsigned long nr_segs, loff_t pos); -+static int sock_mmap(struct file *file, struct vm_area_struct *vma); -+ -+static int sock_close(struct inode *inode, struct file *file); -+static unsigned int sock_poll(struct file *file, -+ struct poll_table_struct *wait); -+static long sock_ioctl(struct file *file, unsigned int cmd, unsigned long arg); -+#ifdef CONFIG_COMPAT -+static long compat_sock_ioctl(struct file *file, -+ unsigned int cmd, unsigned long arg); -+#endif -+static int sock_fasync(int fd, struct file *filp, int on); -+static ssize_t sock_sendpage(struct file *file, struct page *page, -+ int offset, size_t size, loff_t *ppos, int more); -+ -+/* -+ * Socket files have a set of 'special' operations as well as the generic file ones. These don't appear -+ * in the operation structures but are done directly via the socketcall() multiplexor. -+ */ -+ -+static const struct file_operations socket_file_ops = { -+ .owner = THIS_MODULE, -+ .llseek = no_llseek, -+ .aio_read = sock_aio_read, -+ .aio_write = sock_aio_write, -+ .poll = sock_poll, -+ .unlocked_ioctl = sock_ioctl, -+#ifdef CONFIG_COMPAT -+ .compat_ioctl = compat_sock_ioctl, -+#endif -+ .mmap = sock_mmap, -+ .open = sock_no_open, /* special open code to disallow open via /proc */ -+ .release = sock_close, -+ .fasync = sock_fasync, -+ .sendpage = sock_sendpage, -+ .splice_write = generic_splice_sendpage, -+}; -+ -+/* -+ * The protocol list. Each protocol is registered in here. -+ */ -+ -+static DEFINE_SPINLOCK(net_family_lock); -+static const struct net_proto_family *net_families[NPROTO] __read_mostly; -+ -+/* -+ * Statistics counters of the socket lists -+ */ -+ -+static DEFINE_PER_CPU(int, sockets_in_use) = 0; -+ -+/* -+ * Support routines. -+ * Move socket addresses back and forth across the kernel/user -+ * divide and look after the messy bits. -+ */ -+ -+#define MAX_SOCK_ADDR 128 /* 108 for Unix domain - -+ 16 for IP, 16 for IPX, -+ 24 for IPv6, -+ about 80 for AX.25 -+ must be at least one bigger than -+ the AF_UNIX size (see net/unix/af_unix.c -+ :unix_mkname()). -+ */ -+ -+/** -+ * move_addr_to_kernel - copy a socket address into kernel space -+ * @uaddr: Address in user space -+ * @kaddr: Address in kernel space -+ * @ulen: Length in user space -+ * -+ * The address is copied into kernel space. If the provided address is -+ * too long an error code of -EINVAL is returned. If the copy gives -+ * invalid addresses -EFAULT is returned. On a success 0 is returned. -+ */ -+ -+int move_addr_to_kernel(void __user *uaddr, int ulen, void *kaddr) -+{ -+ if (ulen < 0 || ulen > MAX_SOCK_ADDR) -+ return -EINVAL; -+ if (ulen == 0) -+ return 0; -+ if (copy_from_user(kaddr, uaddr, ulen)) -+ return -EFAULT; -+ return audit_sockaddr(ulen, kaddr); -+} -+ -+/** -+ * move_addr_to_user - copy an address to user space -+ * @kaddr: kernel space address -+ * @klen: length of address in kernel -+ * @uaddr: user space address -+ * @ulen: pointer to user length field -+ * -+ * The value pointed to by ulen on entry is the buffer length available. -+ * This is overwritten with the buffer space used. -EINVAL is returned -+ * if an overlong buffer is specified or a negative buffer size. -EFAULT -+ * is returned if either the buffer or the length field are not -+ * accessible. -+ * After copying the data up to the limit the user specifies, the true -+ * length of the data is written over the length limit the user -+ * specified. Zero is returned for a success. -+ */ -+ -+int move_addr_to_user(void *kaddr, int klen, void __user *uaddr, -+ int __user *ulen) -+{ -+ int err; -+ int len; -+ -+ err = get_user(len, ulen); -+ if (err) -+ return err; -+ if (len > klen) -+ len = klen; -+ if (len < 0 || len > MAX_SOCK_ADDR) -+ return -EINVAL; -+ if (len) { -+ if (audit_sockaddr(klen, kaddr)) -+ return -ENOMEM; -+ if (copy_to_user(uaddr, kaddr, len)) -+ return -EFAULT; -+ } -+ /* -+ * "fromlen shall refer to the value before truncation.." -+ * 1003.1g -+ */ -+ return __put_user(klen, ulen); -+} -+ -+#define SOCKFS_MAGIC 0x534F434B -+ -+static struct kmem_cache *sock_inode_cachep __read_mostly; -+ -+static struct inode *sock_alloc_inode(struct super_block *sb) -+{ -+ struct socket_alloc *ei; -+ -+ ei = kmem_cache_alloc(sock_inode_cachep, GFP_KERNEL); -+ if (!ei) -+ return NULL; -+ init_waitqueue_head(&ei->socket.wait); + -+ ei->socket.fasync_list = NULL; -+ ei->socket.state = SS_UNCONNECTED; -+ ei->socket.flags = 0; -+ ei->socket.ops = NULL; -+ ei->socket.sk = NULL; -+ ei->socket.file = NULL; -+ -+ return &ei->vfs_inode; -+} -+ -+static void sock_destroy_inode(struct inode *inode) ++unsigned dev_get_flags(const struct net_device *dev) +{ -+ kmem_cache_free(sock_inode_cachep, -+ container_of(inode, struct socket_alloc, vfs_inode)); -+} ++ unsigned flags; + -+static void init_once(void *foo, struct kmem_cache *cachep, unsigned long flags) -+{ -+ struct socket_alloc *ei = (struct socket_alloc *)foo; ++ flags = (dev->flags & ~(IFF_PROMISC | ++ IFF_ALLMULTI | ++ IFF_RUNNING | ++ IFF_LOWER_UP | ++ IFF_DORMANT)) | ++ (dev->gflags & (IFF_PROMISC | ++ IFF_ALLMULTI)); + -+ inode_init_once(&ei->vfs_inode); -+} ++ if (netif_running(dev)) { ++ if (netif_oper_up(dev)) ++ flags |= IFF_RUNNING; ++ if (netif_carrier_ok(dev)) ++ flags |= IFF_LOWER_UP; ++ if (netif_dormant(dev)) ++ flags |= IFF_DORMANT; ++ } + -+static int init_inodecache(void) -+{ -+ sock_inode_cachep = kmem_cache_create("sock_inode_cache", -+ sizeof(struct socket_alloc), -+ 0, -+ (SLAB_HWCACHE_ALIGN | -+ SLAB_RECLAIM_ACCOUNT | -+ SLAB_MEM_SPREAD), -+ init_once, -+ NULL); -+ if (sock_inode_cachep == NULL) -+ return -ENOMEM; -+ return 0; ++ return flags; +} + -+static struct super_operations sockfs_ops = { -+ .alloc_inode = sock_alloc_inode, -+ .destroy_inode =sock_destroy_inode, -+ .statfs = simple_statfs, -+}; -+ -+static int sockfs_get_sb(struct file_system_type *fs_type, -+ int flags, const char *dev_name, void *data, -+ struct vfsmount *mnt) ++int dev_change_flags(struct net_device *dev, unsigned flags) +{ -+ return get_sb_pseudo(fs_type, "socket:", &sockfs_ops, SOCKFS_MAGIC, -+ mnt); -+} -+ -+static struct vfsmount *sock_mnt __read_mostly; -+ -+static struct file_system_type sock_fs_type = { -+ .name = "sockfs", -+ .get_sb = sockfs_get_sb, -+ .kill_sb = kill_anon_super, -+}; ++ int ret, changes; ++ int old_flags = dev->flags; + -+static int sockfs_delete_dentry(struct dentry *dentry) -+{ + /* -+ * At creation time, we pretended this dentry was hashed -+ * (by clearing DCACHE_UNHASHED bit in d_flags) -+ * At delete time, we restore the truth : not hashed. -+ * (so that dput() can proceed correctly) ++ * Set the flags on our device. + */ -+ dentry->d_flags |= DCACHE_UNHASHED; -+ return 0; -+} -+ -+/* -+ * sockfs_dname() is called from d_path(). -+ */ -+static char *sockfs_dname(struct dentry *dentry, char *buffer, int buflen) -+{ -+ return dynamic_dname(dentry, buffer, buflen, "socket:[%lu]", -+ dentry->d_inode->i_ino); -+} -+ -+static struct dentry_operations sockfs_dentry_operations = { -+ .d_delete = sockfs_delete_dentry, -+ .d_dname = sockfs_dname, -+}; -+ -+/* -+ * Obtains the first available file descriptor and sets it up for use. -+ * -+ * These functions create file structures and maps them to fd space -+ * of the current process. On success it returns file descriptor -+ * and file struct implicitly stored in sock->file. -+ * Note that another thread may close file descriptor before we return -+ * from this function. We use the fact that now we do not refer -+ * to socket after mapping. If one day we will need it, this -+ * function will increment ref. count on file by 1. -+ * -+ * In any case returned fd MAY BE not valid! -+ * This race condition is unavoidable -+ * with shared fd spaces, we cannot solve it inside kernel, -+ * but we take care of internal coherence yet. -+ */ -+ -+static int sock_alloc_fd(struct file **filep) -+{ -+ int fd; -+ -+ fd = get_unused_fd(); -+ if (likely(fd >= 0)) { -+ struct file *file = get_empty_filp(); -+ -+ *filep = file; -+ if (unlikely(!file)) { -+ put_unused_fd(fd); -+ return -ENFILE; -+ } -+ } else -+ *filep = NULL; -+ return fd; -+} -+ -+static int sock_attach_fd(struct socket *sock, struct file *file) -+{ -+ struct qstr name = { .name = "" }; + -+ file->f_path.dentry = d_alloc(sock_mnt->mnt_sb->s_root, &name); -+ if (unlikely(!file->f_path.dentry)) -+ return -ENOMEM; ++ dev->flags = (flags & (IFF_DEBUG | IFF_NOTRAILERS | IFF_NOARP | ++ IFF_DYNAMIC | IFF_MULTICAST | IFF_PORTSEL | ++ IFF_AUTOMEDIA)) | ++ (dev->flags & (IFF_UP | IFF_VOLATILE | IFF_PROMISC | ++ IFF_ALLMULTI)); + -+ file->f_path.dentry->d_op = &sockfs_dentry_operations; + /* -+ * We dont want to push this dentry into global dentry hash table. -+ * We pretend dentry is already hashed, by unsetting DCACHE_UNHASHED -+ * This permits a working /proc/$pid/fd/XXX on sockets ++ * Load in the correct multicast list now the flags have changed. + */ -+ file->f_path.dentry->d_flags &= ~DCACHE_UNHASHED; -+ d_instantiate(file->f_path.dentry, SOCK_INODE(sock)); -+ file->f_path.mnt = mntget(sock_mnt); -+ file->f_mapping = file->f_path.dentry->d_inode->i_mapping; -+ -+ sock->file = file; -+ file->f_op = SOCK_INODE(sock)->i_fop = &socket_file_ops; -+ file->f_mode = FMODE_READ | FMODE_WRITE; -+ file->f_flags = O_RDWR; -+ file->f_pos = 0; -+ file->private_data = sock; -+ -+ return 0; -+} -+ -+int sock_map_fd(struct socket *sock) -+{ -+ struct file *newfile; -+ int fd = sock_alloc_fd(&newfile); -+ -+ if (likely(fd >= 0)) { -+ int err = sock_attach_fd(sock, newfile); -+ -+ if (unlikely(err < 0)) { -+ put_filp(newfile); -+ put_unused_fd(fd); -+ return err; -+ } -+ fd_install(fd, newfile); -+ } -+ return fd; -+} -+ -+static struct socket *sock_from_file(struct file *file, int *err) -+{ -+ if (file->f_op == &socket_file_ops) -+ return file->private_data; /* set in sock_map_fd */ -+ -+ *err = -ENOTSOCK; -+ return NULL; -+} -+ -+/** -+ * sockfd_lookup - Go from a file number to its socket slot -+ * @fd: file handle -+ * @err: pointer to an error code return -+ * -+ * The file handle passed in is locked and the socket it is bound -+ * too is returned. If an error occurs the err pointer is overwritten -+ * with a negative errno code and NULL is returned. The function checks -+ * for both invalid handles and passing a handle which is not a socket. -+ * -+ * On a success the socket object pointer is returned. -+ */ -+ -+struct socket *sockfd_lookup(int fd, int *err) -+{ -+ struct file *file; -+ struct socket *sock; -+ -+ file = fget(fd); -+ if (!file) { -+ *err = -EBADF; -+ return NULL; -+ } -+ -+ sock = sock_from_file(file, err); -+ if (!sock) -+ fput(file); -+ return sock; -+} -+ -+static struct socket *sockfd_lookup_light(int fd, int *err, int *fput_needed) -+{ -+ struct file *file; -+ struct socket *sock; -+ -+ *err = -EBADF; -+ file = fget_light(fd, fput_needed); -+ if (file) { -+ sock = sock_from_file(file, err); -+ if (sock) -+ return sock; -+ fput_light(file, *fput_needed); -+ } -+ return NULL; -+} -+ -+/** -+ * sock_alloc - allocate a socket -+ * -+ * Allocate a new inode and socket object. The two are bound together -+ * and initialised. The socket is then returned. If we are out of inodes -+ * NULL is returned. -+ */ -+ -+static struct socket *sock_alloc(void) -+{ -+ struct inode *inode; -+ struct socket *sock; + -+ inode = new_inode(sock_mnt->mnt_sb); -+ if (!inode) -+ return NULL; -+ -+ sock = SOCKET_I(inode); -+ -+ inode->i_mode = S_IFSOCK | S_IRWXUGO; -+ inode->i_uid = current->fsuid; -+ inode->i_gid = current->fsgid; -+ -+ get_cpu_var(sockets_in_use)++; -+ put_cpu_var(sockets_in_use); -+ return sock; -+} -+ -+/* -+ * In theory you can't get an open on this inode, but /proc provides -+ * a back door. Remember to keep it shut otherwise you'll let the -+ * creepy crawlies in. -+ */ ++ dev_mc_upload(dev); + -+static int sock_no_open(struct inode *irrelevant, struct file *dontcare) -+{ -+ return -ENXIO; -+} -+ -+const struct file_operations bad_sock_fops = { -+ .owner = THIS_MODULE, -+ .open = sock_no_open, -+}; -+ -+/** -+ * sock_release - close a socket -+ * @sock: socket to close -+ * -+ * The socket is released from the protocol stack if it has a release -+ * callback, and the inode is then released if the socket is bound to -+ * an inode not a file. -+ */ ++ /* ++ * Have we downed the interface. We handle IFF_UP ourselves ++ * according to user attempts to set it, rather than blindly ++ * setting it. ++ */ + -+void sock_release(struct socket *sock) -+{ -+ if (sock->ops) { -+ struct module *owner = sock->ops->owner; ++ ret = 0; ++ if ((old_flags ^ flags) & IFF_UP) { /* Bit is different ? */ ++ ret = ((old_flags & IFF_UP) ? dev_close : dev_open)(dev); + -+ sock->ops->release(sock); -+ sock->ops = NULL; -+ module_put(owner); ++ if (!ret) ++ dev_mc_upload(dev); + } + -+ if (sock->fasync_list) -+ printk(KERN_ERR "sock_release: fasync list not empty!\n"); -+ -+ get_cpu_var(sockets_in_use)--; -+ put_cpu_var(sockets_in_use); -+ if (!sock->file) { -+ iput(SOCK_INODE(sock)); -+ return; -+ } -+ sock->file = NULL; -+} ++ if (dev->flags & IFF_UP && ++ ((old_flags ^ dev->flags) &~ (IFF_UP | IFF_PROMISC | IFF_ALLMULTI | ++ IFF_VOLATILE))) ++ raw_notifier_call_chain(&netdev_chain, ++ NETDEV_CHANGE, dev); + -+static inline int __sock_sendmsg(struct kiocb *iocb, struct socket *sock, -+ struct msghdr *msg, size_t size) -+{ -+ struct sock_iocb *si = kiocb_to_siocb(iocb); -+ int err, len; -+ -+ si->sock = sock; -+ si->scm = NULL; -+ si->msg = msg; -+ si->size = size; -+ -+ err = security_socket_sendmsg(sock, msg, size); -+ if (err) -+ return err; -+ -+ len = sock->ops->sendmsg(iocb, sock, msg, size); -+ if (sock->sk) { -+ if (len == size) -+ vx_sock_send(sock->sk, size); -+ else -+ vx_sock_fail(sock->sk, size); ++ if ((flags ^ dev->gflags) & IFF_PROMISC) { ++ int inc = (flags & IFF_PROMISC) ? +1 : -1; ++ dev->gflags ^= IFF_PROMISC; ++ dev_set_promiscuity(dev, inc); + } -+ vxdprintk(VXD_CBIT(net, 7), -+ "__sock_sendmsg: %p[%p,%p,%p;%d/%d]:%d/%d", -+ sock, sock->sk, -+ (sock->sk)?sock->sk->sk_nx_info:0, -+ (sock->sk)?sock->sk->sk_vx_info:0, -+ (sock->sk)?sock->sk->sk_xid:0, -+ (sock->sk)?sock->sk->sk_nid:0, -+ (unsigned int)size, len); -+ return len; -+} -+ -+int sock_sendmsg(struct socket *sock, struct msghdr *msg, size_t size) -+{ -+ struct kiocb iocb; -+ struct sock_iocb siocb; -+ int ret; -+ -+ init_sync_kiocb(&iocb, NULL); -+ iocb.private = &siocb; -+ ret = __sock_sendmsg(&iocb, sock, msg, size); -+ if (-EIOCBQUEUED == ret) -+ ret = wait_on_sync_kiocb(&iocb); -+ return ret; -+} -+ -+int kernel_sendmsg(struct socket *sock, struct msghdr *msg, -+ struct kvec *vec, size_t num, size_t size) -+{ -+ mm_segment_t oldfs = get_fs(); -+ int result; + -+ set_fs(KERNEL_DS); -+ /* -+ * the following is safe, since for compiler definitions of kvec and -+ * iovec are identical, yielding the same in-core layout and alignment ++ /* NOTE: order of synchronization of IFF_PROMISC and IFF_ALLMULTI ++ is important. Some (broken) drivers set IFF_PROMISC, when ++ IFF_ALLMULTI is requested not asking us and not reporting. + */ -+ msg->msg_iov = (struct iovec *)vec; -+ msg->msg_iovlen = num; -+ result = sock_sendmsg(sock, msg, size); -+ set_fs(oldfs); -+ return result; -+} -+ -+/* -+ * called from sock_recv_timestamp() if sock_flag(sk, SOCK_RCVTSTAMP) -+ */ -+void __sock_recv_timestamp(struct msghdr *msg, struct sock *sk, -+ struct sk_buff *skb) -+{ -+ ktime_t kt = skb->tstamp; -+ -+ if (!sock_flag(sk, SOCK_RCVTSTAMPNS)) { -+ struct timeval tv; -+ /* Race occurred between timestamp enabling and packet -+ receiving. Fill in the current time for now. */ -+ if (kt.tv64 == 0) -+ kt = ktime_get_real(); -+ skb->tstamp = kt; -+ tv = ktime_to_timeval(kt); -+ put_cmsg(msg, SOL_SOCKET, SCM_TIMESTAMP, sizeof(tv), &tv); -+ } else { -+ struct timespec ts; -+ /* Race occurred between timestamp enabling and packet -+ receiving. Fill in the current time for now. */ -+ if (kt.tv64 == 0) -+ kt = ktime_get_real(); -+ skb->tstamp = kt; -+ ts = ktime_to_timespec(kt); -+ put_cmsg(msg, SOL_SOCKET, SCM_TIMESTAMPNS, sizeof(ts), &ts); ++ if ((flags ^ dev->gflags) & IFF_ALLMULTI) { ++ int inc = (flags & IFF_ALLMULTI) ? +1 : -1; ++ dev->gflags ^= IFF_ALLMULTI; ++ dev_set_allmulti(dev, inc); + } -+} -+ -+EXPORT_SYMBOL_GPL(__sock_recv_timestamp); -+ -+static inline int __sock_recvmsg(struct kiocb *iocb, struct socket *sock, -+ struct msghdr *msg, size_t size, int flags) -+{ -+ int err, len; -+ struct sock_iocb *si = kiocb_to_siocb(iocb); -+ -+ si->sock = sock; -+ si->scm = NULL; -+ si->msg = msg; -+ si->size = size; -+ si->flags = flags; -+ -+ err = security_socket_recvmsg(sock, msg, size, flags); -+ if (err) -+ return err; -+ -+ len = sock->ops->recvmsg(iocb, sock, msg, size, flags); -+ if ((len >= 0) && sock->sk) -+ vx_sock_recv(sock->sk, len); -+ vxdprintk(VXD_CBIT(net, 7), -+ "__sock_recvmsg: %p[%p,%p,%p;%d/%d]:%d/%d", -+ sock, sock->sk, -+ (sock->sk)?sock->sk->sk_nx_info:0, -+ (sock->sk)?sock->sk->sk_vx_info:0, -+ (sock->sk)?sock->sk->sk_xid:0, -+ (sock->sk)?sock->sk->sk_nid:0, -+ (unsigned int)size, len); -+ return len; -+} + -+int sock_recvmsg(struct socket *sock, struct msghdr *msg, -+ size_t size, int flags) -+{ -+ struct kiocb iocb; -+ struct sock_iocb siocb; -+ int ret; ++ /* Exclude state transition flags, already notified */ ++ changes = (old_flags ^ dev->flags) & ~(IFF_UP | IFF_RUNNING); ++ if (changes) ++ rtmsg_ifinfo(RTM_NEWLINK, dev, changes); + -+ init_sync_kiocb(&iocb, NULL); -+ iocb.private = &siocb; -+ ret = __sock_recvmsg(&iocb, sock, msg, size, flags); -+ if (-EIOCBQUEUED == ret) -+ ret = wait_on_sync_kiocb(&iocb); + return ret; +} + -+int kernel_recvmsg(struct socket *sock, struct msghdr *msg, -+ struct kvec *vec, size_t num, size_t size, int flags) -+{ -+ mm_segment_t oldfs = get_fs(); -+ int result; -+ -+ set_fs(KERNEL_DS); -+ /* -+ * the following is safe, since for compiler definitions of kvec and -+ * iovec are identical, yielding the same in-core layout and alignment -+ */ -+ msg->msg_iov = (struct iovec *)vec, msg->msg_iovlen = num; -+ result = sock_recvmsg(sock, msg, size, flags); -+ set_fs(oldfs); -+ return result; -+} -+ -+static void sock_aio_dtor(struct kiocb *iocb) -+{ -+ kfree(iocb->private); -+} -+ -+static ssize_t sock_sendpage(struct file *file, struct page *page, -+ int offset, size_t size, loff_t *ppos, int more) -+{ -+ struct socket *sock; -+ int flags; -+ -+ sock = file->private_data; -+ -+ flags = !(file->f_flags & O_NONBLOCK) ? 0 : MSG_DONTWAIT; -+ if (more) -+ flags |= MSG_MORE; -+ -+ return sock->ops->sendpage(sock, page, offset, size, flags); -+} -+ -+static struct sock_iocb *alloc_sock_iocb(struct kiocb *iocb, -+ struct sock_iocb *siocb) -+{ -+ if (!is_sync_kiocb(iocb)) { -+ siocb = kmalloc(sizeof(*siocb), GFP_KERNEL); -+ if (!siocb) -+ return NULL; -+ iocb->ki_dtor = sock_aio_dtor; -+ } -+ -+ siocb->kiocb = iocb; -+ iocb->private = siocb; -+ return siocb; -+} -+ -+static ssize_t do_sock_read(struct msghdr *msg, struct kiocb *iocb, -+ struct file *file, const struct iovec *iov, -+ unsigned long nr_segs) -+{ -+ struct socket *sock = file->private_data; -+ size_t size = 0; -+ int i; -+ -+ for (i = 0; i < nr_segs; i++) -+ size += iov[i].iov_len; -+ -+ msg->msg_name = NULL; -+ msg->msg_namelen = 0; -+ msg->msg_control = NULL; -+ msg->msg_controllen = 0; -+ msg->msg_iov = (struct iovec *)iov; -+ msg->msg_iovlen = nr_segs; -+ msg->msg_flags = (file->f_flags & O_NONBLOCK) ? MSG_DONTWAIT : 0; -+ -+ return __sock_recvmsg(iocb, sock, msg, size, msg->msg_flags); -+} -+ -+static ssize_t sock_aio_read(struct kiocb *iocb, const struct iovec *iov, -+ unsigned long nr_segs, loff_t pos) -+{ -+ struct sock_iocb siocb, *x; -+ -+ if (pos != 0) -+ return -ESPIPE; -+ -+ if (iocb->ki_left == 0) /* Match SYS5 behaviour */ -+ return 0; -+ -+ -+ x = alloc_sock_iocb(iocb, &siocb); -+ if (!x) -+ return -ENOMEM; -+ return do_sock_read(&x->async_msg, iocb, iocb->ki_filp, iov, nr_segs); -+} -+ -+static ssize_t do_sock_write(struct msghdr *msg, struct kiocb *iocb, -+ struct file *file, const struct iovec *iov, -+ unsigned long nr_segs) -+{ -+ struct socket *sock = file->private_data; -+ size_t size = 0; -+ int i; -+ -+ for (i = 0; i < nr_segs; i++) -+ size += iov[i].iov_len; -+ -+ msg->msg_name = NULL; -+ msg->msg_namelen = 0; -+ msg->msg_control = NULL; -+ msg->msg_controllen = 0; -+ msg->msg_iov = (struct iovec *)iov; -+ msg->msg_iovlen = nr_segs; -+ msg->msg_flags = (file->f_flags & O_NONBLOCK) ? MSG_DONTWAIT : 0; -+ if (sock->type == SOCK_SEQPACKET) -+ msg->msg_flags |= MSG_EOR; -+ -+ return __sock_sendmsg(iocb, sock, msg, size); -+} -+ -+static ssize_t sock_aio_write(struct kiocb *iocb, const struct iovec *iov, -+ unsigned long nr_segs, loff_t pos) -+{ -+ struct sock_iocb siocb, *x; -+ -+ if (pos != 0) -+ return -ESPIPE; -+ -+ x = alloc_sock_iocb(iocb, &siocb); -+ if (!x) -+ return -ENOMEM; -+ -+ return do_sock_write(&x->async_msg, iocb, iocb->ki_filp, iov, nr_segs); -+} -+ -+/* -+ * Atomic setting of ioctl hooks to avoid race -+ * with module unload. -+ */ -+ -+static DEFINE_MUTEX(br_ioctl_mutex); -+static int (*br_ioctl_hook) (struct net *, unsigned int cmd, void __user *arg) = NULL; -+ -+void brioctl_set(int (*hook) (struct net *, unsigned int, void __user *)) -+{ -+ mutex_lock(&br_ioctl_mutex); -+ br_ioctl_hook = hook; -+ mutex_unlock(&br_ioctl_mutex); -+} -+ -+EXPORT_SYMBOL(brioctl_set); -+ -+static DEFINE_MUTEX(vlan_ioctl_mutex); -+static int (*vlan_ioctl_hook) (struct net *, void __user *arg); -+ -+void vlan_ioctl_set(int (*hook) (struct net *, void __user *)) -+{ -+ mutex_lock(&vlan_ioctl_mutex); -+ vlan_ioctl_hook = hook; -+ mutex_unlock(&vlan_ioctl_mutex); -+} -+ -+EXPORT_SYMBOL(vlan_ioctl_set); -+ -+static DEFINE_MUTEX(dlci_ioctl_mutex); -+static int (*dlci_ioctl_hook) (unsigned int, void __user *); -+ -+void dlci_ioctl_set(int (*hook) (unsigned int, void __user *)) -+{ -+ mutex_lock(&dlci_ioctl_mutex); -+ dlci_ioctl_hook = hook; -+ mutex_unlock(&dlci_ioctl_mutex); -+} -+ -+EXPORT_SYMBOL(dlci_ioctl_set); -+ -+/* -+ * With an ioctl, arg may well be a user mode pointer, but we don't know -+ * what to do with it - that's up to the protocol still. -+ */ -+ -+static long sock_ioctl(struct file *file, unsigned cmd, unsigned long arg) -+{ -+ struct socket *sock; -+ struct sock *sk; -+ void __user *argp = (void __user *)arg; -+ int pid, err; -+ struct net *net; -+ -+ sock = file->private_data; -+ sk = sock->sk; -+ net = sk->sk_net; -+ if (cmd >= SIOCDEVPRIVATE && cmd <= (SIOCDEVPRIVATE + 15)) { -+ err = dev_ioctl(net, cmd, argp); -+ } else -+#ifdef CONFIG_WIRELESS_EXT -+ if (cmd >= SIOCIWFIRST && cmd <= SIOCIWLAST) { -+ err = dev_ioctl(net, cmd, argp); -+ } else -+#endif /* CONFIG_WIRELESS_EXT */ -+ switch (cmd) { -+ case FIOSETOWN: -+ case SIOCSPGRP: -+ err = -EFAULT; -+ if (get_user(pid, (int __user *)argp)) -+ break; -+ err = f_setown(sock->file, pid, 1); -+ break; -+ case FIOGETOWN: -+ case SIOCGPGRP: -+ err = put_user(f_getown(sock->file), -+ (int __user *)argp); -+ break; -+ case SIOCGIFBR: -+ case SIOCSIFBR: -+ case SIOCBRADDBR: -+ case SIOCBRDELBR: -+ err = -ENOPKG; -+ if (!br_ioctl_hook) -+ request_module("bridge"); -+ -+ mutex_lock(&br_ioctl_mutex); -+ if (br_ioctl_hook) -+ err = br_ioctl_hook(net, cmd, argp); -+ mutex_unlock(&br_ioctl_mutex); -+ break; -+ case SIOCGIFVLAN: -+ case SIOCSIFVLAN: -+ err = -ENOPKG; -+ if (!vlan_ioctl_hook) -+ request_module("8021q"); -+ -+ mutex_lock(&vlan_ioctl_mutex); -+ if (vlan_ioctl_hook) -+ err = vlan_ioctl_hook(net, argp); -+ mutex_unlock(&vlan_ioctl_mutex); -+ break; -+ case SIOCADDDLCI: -+ case SIOCDELDLCI: -+ err = -ENOPKG; -+ if (!dlci_ioctl_hook) -+ request_module("dlci"); -+ -+ if (dlci_ioctl_hook) { -+ mutex_lock(&dlci_ioctl_mutex); -+ err = dlci_ioctl_hook(cmd, argp); -+ mutex_unlock(&dlci_ioctl_mutex); -+ } -+ break; -+ default: -+ err = sock->ops->ioctl(sock, cmd, arg); -+ -+ /* -+ * If this ioctl is unknown try to hand it down -+ * to the NIC driver. -+ */ -+ if (err == -ENOIOCTLCMD) -+ err = dev_ioctl(net, cmd, argp); -+ break; -+ } -+ return err; -+} -+ -+int sock_create_lite(int family, int type, int protocol, struct socket **res) ++int dev_set_mtu(struct net_device *dev, int new_mtu) +{ + int err; -+ struct socket *sock = NULL; -+ -+ err = security_socket_create(family, type, protocol, 1); -+ if (err) -+ goto out; -+ -+ sock = sock_alloc(); -+ if (!sock) { -+ err = -ENOMEM; -+ goto out; -+ } -+ -+ sock->type = type; -+ err = security_socket_post_create(sock, family, type, protocol, 1); -+ if (err) -+ goto out_release; -+ -+out: -+ *res = sock; -+ return err; -+out_release: -+ sock_release(sock); -+ sock = NULL; -+ goto out; -+} -+ -+/* No kernel lock held - perfect */ -+static unsigned int sock_poll(struct file *file, poll_table *wait) -+{ -+ struct socket *sock; + -+ /* -+ * We can't return errors to poll, so it's either yes or no. -+ */ -+ sock = file->private_data; -+ return sock->ops->poll(file, sock, wait); -+} ++ if (new_mtu == dev->mtu) ++ return 0; + -+static int sock_mmap(struct file *file, struct vm_area_struct *vma) -+{ -+ struct socket *sock = file->private_data; ++ /* MTU must be positive. */ ++ if (new_mtu < 0) ++ return -EINVAL; + -+ return sock->ops->mmap(file, sock, vma); ++ if (!netif_device_present(dev)) ++ return -ENODEV; ++ ++ err = 0; ++ if (dev->change_mtu) ++ err = dev->change_mtu(dev, new_mtu); ++ else ++ dev->mtu = new_mtu; ++ if (!err && dev->flags & IFF_UP) ++ raw_notifier_call_chain(&netdev_chain, ++ NETDEV_CHANGEMTU, dev); ++ return err; +} + -+static int sock_close(struct inode *inode, struct file *filp) ++int dev_set_mac_address(struct net_device *dev, struct sockaddr *sa) +{ -+ /* -+ * It was possible the inode is NULL we were -+ * closing an unfinished socket. -+ */ ++ int err; + -+ if (!inode) { -+ printk(KERN_DEBUG "sock_close: NULL inode\n"); -+ return 0; -+ } -+ sock_fasync(-1, filp, 0); -+ sock_release(SOCKET_I(inode)); -+ return 0; ++ if (!dev->set_mac_address) ++ return -EOPNOTSUPP; ++ if (sa->sa_family != dev->type) ++ return -EINVAL; ++ if (!netif_device_present(dev)) ++ return -ENODEV; ++ err = dev->set_mac_address(dev, sa); ++ if (!err) ++ raw_notifier_call_chain(&netdev_chain, ++ NETDEV_CHANGEADDR, dev); ++ return err; +} + +/* -+ * Update the socket async list -+ * -+ * Fasync_list locking strategy. -+ * -+ * 1. fasync_list is modified only under process context socket lock -+ * i.e. under semaphore. -+ * 2. fasync_list is used under read_lock(&sk->sk_callback_lock) -+ * or under socket lock. -+ * 3. fasync_list can be used from softirq context, so that -+ * modification under socket lock have to be enhanced with -+ * write_lock_bh(&sk->sk_callback_lock). -+ * --ANK (990710) ++ * Perform the SIOCxIFxxx calls. + */ -+ -+static int sock_fasync(int fd, struct file *filp, int on) ++static int dev_ifsioc(struct net *net, struct ifreq *ifr, unsigned int cmd) +{ -+ struct fasync_struct *fa, *fna = NULL, **prev; -+ struct socket *sock; -+ struct sock *sk; ++ int err; ++ struct net_device *dev = __dev_get_by_name(net, ifr->ifr_name); + -+ if (on) { -+ fna = kmalloc(sizeof(struct fasync_struct), GFP_KERNEL); -+ if (fna == NULL) -+ return -ENOMEM; -+ } ++ if (!dev) ++ return -ENODEV; + -+ sock = filp->private_data; ++ switch (cmd) { ++ case SIOCGIFFLAGS: /* Get interface flags */ ++ ifr->ifr_flags = dev_get_flags(dev); ++ return 0; + -+ sk = sock->sk; -+ if (sk == NULL) { -+ kfree(fna); -+ return -EINVAL; -+ } ++ case SIOCSIFFLAGS: /* Set interface flags */ ++ return dev_change_flags(dev, ifr->ifr_flags); + -+ lock_sock(sk); ++ case SIOCGIFMETRIC: /* Get the metric on the interface ++ (currently unused) */ ++ ifr->ifr_metric = 0; ++ return 0; + -+ prev = &(sock->fasync_list); ++ case SIOCSIFMETRIC: /* Set the metric on the interface ++ (currently unused) */ ++ return -EOPNOTSUPP; + -+ for (fa = *prev; fa != NULL; prev = &fa->fa_next, fa = *prev) -+ if (fa->fa_file == filp) -+ break; ++ case SIOCGIFMTU: /* Get the MTU of a device */ ++ ifr->ifr_mtu = dev->mtu; ++ return 0; + -+ if (on) { -+ if (fa != NULL) { -+ write_lock_bh(&sk->sk_callback_lock); -+ fa->fa_fd = fd; -+ write_unlock_bh(&sk->sk_callback_lock); ++ case SIOCSIFMTU: /* Set the MTU of a device */ ++ return dev_set_mtu(dev, ifr->ifr_mtu); + -+ kfree(fna); -+ goto out; -+ } -+ fna->fa_file = filp; -+ fna->fa_fd = fd; -+ fna->magic = FASYNC_MAGIC; -+ fna->fa_next = sock->fasync_list; -+ write_lock_bh(&sk->sk_callback_lock); -+ sock->fasync_list = fna; -+ write_unlock_bh(&sk->sk_callback_lock); -+ } else { -+ if (fa != NULL) { -+ write_lock_bh(&sk->sk_callback_lock); -+ *prev = fa->fa_next; -+ write_unlock_bh(&sk->sk_callback_lock); -+ kfree(fa); -+ } -+ } ++ case SIOCGIFHWADDR: ++ if (!dev->addr_len) ++ memset(ifr->ifr_hwaddr.sa_data, 0, sizeof ifr->ifr_hwaddr.sa_data); ++ else ++ memcpy(ifr->ifr_hwaddr.sa_data, dev->dev_addr, ++ min(sizeof ifr->ifr_hwaddr.sa_data, (size_t) dev->addr_len)); ++ ifr->ifr_hwaddr.sa_family = dev->type; ++ return 0; + -+out: -+ release_sock(sock->sk); -+ return 0; -+} ++ case SIOCSIFHWADDR: ++ return dev_set_mac_address(dev, &ifr->ifr_hwaddr); + -+/* This function may be called only under socket lock or callback_lock */ ++ case SIOCSIFHWBROADCAST: ++ if (ifr->ifr_hwaddr.sa_family != dev->type) ++ return -EINVAL; ++ memcpy(dev->broadcast, ifr->ifr_hwaddr.sa_data, ++ min(sizeof ifr->ifr_hwaddr.sa_data, (size_t) dev->addr_len)); ++ raw_notifier_call_chain(&netdev_chain, ++ NETDEV_CHANGEADDR, dev); ++ return 0; + -+int sock_wake_async(struct socket *sock, int how, int band) -+{ -+ if (!sock || !sock->fasync_list) -+ return -1; -+ switch (how) { -+ case 1: ++ case SIOCGIFMAP: ++ ifr->ifr_map.mem_start = dev->mem_start; ++ ifr->ifr_map.mem_end = dev->mem_end; ++ ifr->ifr_map.base_addr = dev->base_addr; ++ ifr->ifr_map.irq = dev->irq; ++ ifr->ifr_map.dma = dev->dma; ++ ifr->ifr_map.port = dev->if_port; ++ return 0; + -+ if (test_bit(SOCK_ASYNC_WAITDATA, &sock->flags)) -+ break; -+ goto call_kill; -+ case 2: -+ if (!test_and_clear_bit(SOCK_ASYNC_NOSPACE, &sock->flags)) -+ break; -+ /* fall through */ -+ case 0: -+call_kill: -+ __kill_fasync(sock->fasync_list, SIGIO, band); -+ break; -+ case 3: -+ __kill_fasync(sock->fasync_list, SIGURG, band); -+ } -+ return 0; -+} ++ case SIOCSIFMAP: ++ if (dev->set_config) { ++ if (!netif_device_present(dev)) ++ return -ENODEV; ++ return dev->set_config(dev, &ifr->ifr_map); ++ } ++ return -EOPNOTSUPP; ++ ++ case SIOCADDMULTI: ++ if (!dev->set_multicast_list || ++ ifr->ifr_hwaddr.sa_family != AF_UNSPEC) ++ return -EINVAL; ++ if (!netif_device_present(dev)) ++ return -ENODEV; ++ return dev_mc_add(dev, ifr->ifr_hwaddr.sa_data, ++ dev->addr_len, 1); ++ ++ case SIOCDELMULTI: ++ if (!dev->set_multicast_list || ++ ifr->ifr_hwaddr.sa_family != AF_UNSPEC) ++ return -EINVAL; ++ if (!netif_device_present(dev)) ++ return -ENODEV; ++ return dev_mc_delete(dev, ifr->ifr_hwaddr.sa_data, ++ dev->addr_len, 1); ++ ++ case SIOCGIFINDEX: ++ ifr->ifr_ifindex = dev->ifindex; ++ return 0; + -+static int __sock_create(struct net *net, int family, int type, int protocol, -+ struct socket **res, int kern) -+{ -+ int err; -+ struct socket *sock; -+ const struct net_proto_family *pf; ++ case SIOCGIFTXQLEN: ++ ifr->ifr_qlen = dev->tx_queue_len; ++ return 0; + -+ /* -+ * Check protocol is in range -+ */ -+ if (family < 0 || family >= NPROTO) -+ return -EAFNOSUPPORT; -+ if (type < 0 || type >= SOCK_MAX) -+ return -EINVAL; ++ case SIOCSIFTXQLEN: ++ if (ifr->ifr_qlen < 0) ++ return -EINVAL; ++ dev->tx_queue_len = ifr->ifr_qlen; ++ return 0; + -+ if (!nx_check(0, VS_ADMIN)) { -+ if (family == PF_INET && !current_nx_info_has_v4()) -+ return -EAFNOSUPPORT; -+ if (family == PF_INET6 && !current_nx_info_has_v6()) -+ return -EAFNOSUPPORT; -+ } ++ case SIOCSIFNAME: ++ ifr->ifr_newname[IFNAMSIZ-1] = '\0'; ++ return dev_change_name(dev, ifr->ifr_newname); ++ ++ /* ++ * Unknown or private ioctl ++ */ + -+ /* Compatibility. ++ default: ++ if ((cmd >= SIOCDEVPRIVATE && ++ cmd <= SIOCDEVPRIVATE + 15) || ++ cmd == SIOCBONDENSLAVE || ++ cmd == SIOCBONDRELEASE || ++ cmd == SIOCBONDSETHWADDR || ++ cmd == SIOCBONDSLAVEINFOQUERY || ++ cmd == SIOCBONDINFOQUERY || ++ cmd == SIOCBONDCHANGEACTIVE || ++ cmd == SIOCGMIIPHY || ++ cmd == SIOCGMIIREG || ++ cmd == SIOCSMIIREG || ++ cmd == SIOCBRADDIF || ++ cmd == SIOCBRDELIF || ++ cmd == SIOCWANDEV) { ++ err = -EOPNOTSUPP; ++ if (dev->do_ioctl) { ++ if (netif_device_present(dev)) ++ err = dev->do_ioctl(dev, ifr, ++ cmd); ++ else ++ err = -ENODEV; ++ } ++ } else ++ err = -EINVAL; + -+ This uglymoron is moved from INET layer to here to avoid -+ deadlock in module load. -+ */ -+ if (family == PF_INET && type == SOCK_PACKET) { -+ static int warned; -+ if (!warned) { -+ warned = 1; -+ printk(KERN_INFO "%s uses obsolete (PF_INET,SOCK_PACKET)\n", -+ current->comm); -+ } -+ family = PF_PACKET; + } ++ return err; ++} + -+ err = security_socket_create(family, type, protocol, kern); -+ if (err) -+ return err; ++/* ++ * This function handles all "interface"-type I/O control requests. The actual ++ * 'doing' part of this is dev_ifsioc above. ++ */ + -+ /* -+ * Allocate the socket and allow the family to set things up. if -+ * the protocol is 0, the family is instructed to select an appropriate -+ * default. -+ */ -+ sock = sock_alloc(); -+ if (!sock) { -+ if (net_ratelimit()) -+ printk(KERN_WARNING "socket: no more sockets\n"); -+ return -ENFILE; /* Not exactly a match, but its the -+ closest posix thing */ -+ } ++/** ++ * dev_ioctl - network device ioctl ++ * @cmd: command to issue ++ * @arg: pointer to a struct ifreq in user space ++ * ++ * Issue ioctl functions to devices. This is normally called by the ++ * user space syscall interfaces but can sometimes be useful for ++ * other purposes. The return value is the return from the syscall if ++ * positive or a negative errno code on error. ++ */ + -+ sock->type = type; ++int dev_ioctl(struct net *net, unsigned int cmd, void __user *arg) ++{ ++ struct ifreq ifr; ++ int ret; ++ char *colon; + -+#if defined(CONFIG_KMOD) -+ /* Attempt to load a protocol module if the find failed. -+ * -+ * 12/09/1996 Marcin: But! this makes REALLY only sense, if the user -+ * requested real, full-featured networking support upon configuration. -+ * Otherwise module support will break! ++ /* One special case: SIOCGIFCONF takes ifconf argument ++ and requires shared lock, because it sleeps writing ++ to user space. + */ -+ if (net_families[family] == NULL) -+ request_module("net-pf-%d", family); -+#endif + -+ rcu_read_lock(); -+ pf = rcu_dereference(net_families[family]); -+ err = -EAFNOSUPPORT; -+ if (!pf) -+ goto out_release; ++ if (cmd == SIOCGIFCONF) { ++ rtnl_lock(); ++ ret = dev_ifconf(net, (char __user *) arg); ++ rtnl_unlock(); ++ return ret; ++ } ++ if (cmd == SIOCGIFNAME) ++ return dev_ifname(net, (struct ifreq __user *)arg); + -+ /* -+ * We will call the ->create function, that possibly is in a loadable -+ * module, so we have to bump that loadable module refcnt first. -+ */ -+ if (!try_module_get(pf->owner)) -+ goto out_release; ++ if (copy_from_user(&ifr, arg, sizeof(struct ifreq))) ++ return -EFAULT; + -+ /* Now protected by module ref count */ -+ rcu_read_unlock(); ++ ifr.ifr_name[IFNAMSIZ-1] = 0; + -+ err = pf->create(net, sock, protocol); -+ if (err < 0) -+ goto out_module_put; ++ colon = strchr(ifr.ifr_name, ':'); ++ if (colon) ++ *colon = 0; + + /* -+ * Now to bump the refcnt of the [loadable] module that owns this -+ * socket at sock_release time we decrement its refcnt. ++ * See which interface the caller is talking about. + */ -+ if (!try_module_get(sock->ops->owner)) -+ goto out_module_busy; + -+ /* -+ * Now that we're done with the ->create function, the [loadable] -+ * module can have its refcnt decremented -+ */ -+ module_put(pf->owner); -+ err = security_socket_post_create(sock, family, type, protocol, kern); -+ if (err) -+ goto out_sock_release; -+ *res = sock; ++ switch (cmd) { ++ /* ++ * These ioctl calls: ++ * - can be done by all. ++ * - atomic and do not require locking. ++ * - return a value ++ */ ++ case SIOCGIFFLAGS: ++ case SIOCGIFMETRIC: ++ case SIOCGIFMTU: ++ case SIOCGIFHWADDR: ++ case SIOCGIFSLAVE: ++ case SIOCGIFMAP: ++ case SIOCGIFINDEX: ++ case SIOCGIFTXQLEN: ++ dev_load(net, ifr.ifr_name); ++ read_lock(&dev_base_lock); ++ ret = dev_ifsioc(net, &ifr, cmd); ++ read_unlock(&dev_base_lock); ++ if (!ret) { ++ if (colon) ++ *colon = ':'; ++ if (copy_to_user(arg, &ifr, ++ sizeof(struct ifreq))) ++ ret = -EFAULT; ++ } ++ return ret; ++ ++ case SIOCETHTOOL: ++ dev_load(net, ifr.ifr_name); ++ rtnl_lock(); ++ ret = dev_ethtool(net, &ifr); ++ rtnl_unlock(); ++ if (!ret) { ++ if (colon) ++ *colon = ':'; ++ if (copy_to_user(arg, &ifr, ++ sizeof(struct ifreq))) ++ ret = -EFAULT; ++ } ++ return ret; + -+ return 0; ++ /* ++ * These ioctl calls: ++ * - require superuser power. ++ * - require strict serialization. ++ * - return a value ++ */ ++ case SIOCGMIIPHY: ++ case SIOCGMIIREG: ++ case SIOCSIFNAME: ++ if (!capable(CAP_NET_ADMIN)) ++ return -EPERM; ++ dev_load(net, ifr.ifr_name); ++ rtnl_lock(); ++ ret = dev_ifsioc(net, &ifr, cmd); ++ rtnl_unlock(); ++ if (!ret) { ++ if (colon) ++ *colon = ':'; ++ if (copy_to_user(arg, &ifr, ++ sizeof(struct ifreq))) ++ ret = -EFAULT; ++ } ++ return ret; + -+out_module_busy: -+ err = -EAFNOSUPPORT; -+out_module_put: -+ sock->ops = NULL; -+ module_put(pf->owner); -+out_sock_release: -+ sock_release(sock); -+ return err; ++ /* ++ * These ioctl calls: ++ * - require superuser power. ++ * - require strict serialization. ++ * - do not return a value ++ */ ++ case SIOCSIFFLAGS: ++ case SIOCSIFMETRIC: ++ case SIOCSIFMTU: ++ case SIOCSIFMAP: ++ case SIOCSIFHWADDR: ++ case SIOCSIFSLAVE: ++ case SIOCADDMULTI: ++ case SIOCDELMULTI: ++ case SIOCSIFHWBROADCAST: ++ case SIOCSIFTXQLEN: ++ case SIOCSMIIREG: ++ case SIOCBONDENSLAVE: ++ case SIOCBONDRELEASE: ++ case SIOCBONDSETHWADDR: ++ case SIOCBONDCHANGEACTIVE: ++ case SIOCBRADDIF: ++ case SIOCBRDELIF: ++ if (!capable(CAP_NET_ADMIN)) ++ return -EPERM; ++ /* fall through */ ++ case SIOCBONDSLAVEINFOQUERY: ++ case SIOCBONDINFOQUERY: ++ dev_load(net, ifr.ifr_name); ++ rtnl_lock(); ++ ret = dev_ifsioc(net, &ifr, cmd); ++ rtnl_unlock(); ++ return ret; ++ ++ case SIOCGIFMEM: ++ /* Get the per device memory space. We can add this but ++ * currently do not support it */ ++ case SIOCSIFMEM: ++ /* Set the per device memory buffer space. ++ * Not applicable in our case */ ++ case SIOCSIFLINK: ++ return -EINVAL; + -+out_release: -+ rcu_read_unlock(); -+ goto out_sock_release; ++ /* ++ * Unknown or private ioctl. ++ */ ++ default: ++ if (cmd == SIOCWANDEV || ++ (cmd >= SIOCDEVPRIVATE && ++ cmd <= SIOCDEVPRIVATE + 15)) { ++ dev_load(net, ifr.ifr_name); ++ rtnl_lock(); ++ ret = dev_ifsioc(net, &ifr, cmd); ++ rtnl_unlock(); ++ if (!ret && copy_to_user(arg, &ifr, ++ sizeof(struct ifreq))) ++ ret = -EFAULT; ++ return ret; ++ } ++ /* Take care of Wireless Extensions */ ++ if (cmd >= SIOCIWFIRST && cmd <= SIOCIWLAST) ++ return wext_handle_ioctl(net, &ifr, cmd, arg); ++ return -EINVAL; ++ } +} + -+int sock_create(int family, int type, int protocol, struct socket **res) -+{ -+ return __sock_create(current->nsproxy->net_ns, family, type, protocol, res, 0); -+} + -+int sock_create_kern(int family, int type, int protocol, struct socket **res) -+{ -+ return __sock_create(&init_net, family, type, protocol, res, 1); ++/** ++ * dev_new_index - allocate an ifindex ++ * ++ * Returns a suitable unique value for a new device interface ++ * number. The caller must hold the rtnl semaphore or the ++ * dev_base_lock to be sure it remains unique. ++ */ ++static int dev_new_index(struct net *net) ++{ ++ static int ifindex; ++ for (;;) { ++ if (++ifindex <= 0) ++ ifindex = 1; ++ if (!__dev_get_by_index(net, ifindex)) ++ return ifindex; ++ } +} + -+asmlinkage long sys_socket(int family, int type, int protocol) -+{ -+ int retval; -+ struct socket *sock; -+ -+ retval = sock_create(family, type, protocol, &sock); -+ if (retval < 0) -+ goto out; -+ -+ set_bit(SOCK_USER_SOCKET, &sock->flags); -+ retval = sock_map_fd(sock); -+ if (retval < 0) -+ goto out_release; ++/* Delayed registration/unregisteration */ ++static DEFINE_SPINLOCK(net_todo_list_lock); ++static struct list_head net_todo_list = LIST_HEAD_INIT(net_todo_list); + -+out: -+ /* It may be already another descriptor 8) Not kernel problem. */ -+ return retval; -+ -+out_release: -+ sock_release(sock); -+ return retval; ++static void net_set_todo(struct net_device *dev) ++{ ++ spin_lock(&net_todo_list_lock); ++ list_add_tail(&dev->todo_list, &net_todo_list); ++ spin_unlock(&net_todo_list_lock); +} + -+/* -+ * Create a pair of connected sockets. ++/** ++ * register_netdevice - register a network device ++ * @dev: device to register ++ * ++ * Take a completed network device structure and add it to the kernel ++ * interfaces. A %NETDEV_REGISTER message is sent to the netdev notifier ++ * chain. 0 is returned on success. A negative errno code is returned ++ * on a failure to set up the device, or if the name is a duplicate. ++ * ++ * Callers must hold the rtnl semaphore. You may want ++ * register_netdev() instead of this. ++ * ++ * BUGS: ++ * The locking appears insufficient to guarantee two parallel registers ++ * will not get the same name. + */ + -+asmlinkage long sys_socketpair(int family, int type, int protocol, -+ int __user *usockvec) ++int register_netdevice(struct net_device *dev) +{ -+ struct socket *sock1, *sock2; -+ int fd1, fd2, err; -+ struct file *newfile1, *newfile2; ++ struct hlist_head *head; ++ struct hlist_node *p; ++ int ret; ++ struct net *net; + -+ /* -+ * Obtain the first socket and check if the underlying protocol -+ * supports the socketpair call. -+ */ ++ BUG_ON(dev_boot_phase); ++ ASSERT_RTNL(); + -+ err = sock_create(family, type, protocol, &sock1); -+ if (err < 0) -+ goto out; -+ set_bit(SOCK_USER_SOCKET, &sock1->flags); ++ might_sleep(); + -+ err = sock_create(family, type, protocol, &sock2); -+ if (err < 0) -+ goto out_release_1; -+ set_bit(SOCK_USER_SOCKET, &sock2->flags); ++ /* When net_device's are persistent, this will be fatal. */ ++ BUG_ON(dev->reg_state != NETREG_UNINITIALIZED); ++ BUG_ON(!dev->nd_net); ++ net = dev->nd_net; ++ ++ spin_lock_init(&dev->queue_lock); ++ spin_lock_init(&dev->_xmit_lock); ++ netdev_set_lockdep_class(&dev->_xmit_lock, dev->type); ++ dev->xmit_lock_owner = -1; ++ spin_lock_init(&dev->ingress_lock); ++ ++ dev->iflink = -1; ++ ++ /* Init, if this function is available */ ++ if (dev->init) { ++ ret = dev->init(dev); ++ if (ret) { ++ if (ret > 0) ++ ret = -EIO; ++ goto out; ++ } ++ } + -+ err = sock1->ops->socketpair(sock1, sock2); -+ if (err < 0) -+ goto out_release_both; ++ if (!dev_valid_name(dev->name)) { ++ ret = -EINVAL; ++ goto out; ++ } + -+ fd1 = sock_alloc_fd(&newfile1); -+ if (unlikely(fd1 < 0)) { -+ err = fd1; -+ goto out_release_both; ++ dev->ifindex = dev_new_index(net); ++ if (dev->iflink == -1) ++ dev->iflink = dev->ifindex; ++ ++ /* Check for existence of name */ ++ head = dev_name_hash(net, dev->name); ++ hlist_for_each(p, head) { ++ struct net_device *d ++ = hlist_entry(p, struct net_device, name_hlist); ++ if (!strncmp(d->name, dev->name, IFNAMSIZ)) { ++ ret = -EEXIST; ++ goto out; ++ } + } + -+ fd2 = sock_alloc_fd(&newfile2); -+ if (unlikely(fd2 < 0)) { -+ err = fd2; -+ put_filp(newfile1); -+ put_unused_fd(fd1); -+ goto out_release_both; ++ /* Fix illegal checksum combinations */ ++ if ((dev->features & NETIF_F_HW_CSUM) && ++ (dev->features & (NETIF_F_IP_CSUM|NETIF_F_IPV6_CSUM))) { ++ printk(KERN_NOTICE "%s: mixed HW and IP checksum settings.\n", ++ dev->name); ++ dev->features &= ~(NETIF_F_IP_CSUM|NETIF_F_IPV6_CSUM); + } + -+ err = sock_attach_fd(sock1, newfile1); -+ if (unlikely(err < 0)) { -+ goto out_fd2; ++ if ((dev->features & NETIF_F_NO_CSUM) && ++ (dev->features & (NETIF_F_HW_CSUM|NETIF_F_IP_CSUM|NETIF_F_IPV6_CSUM))) { ++ printk(KERN_NOTICE "%s: mixed no checksumming and other settings.\n", ++ dev->name); ++ dev->features &= ~(NETIF_F_IP_CSUM|NETIF_F_IPV6_CSUM|NETIF_F_HW_CSUM); + } + -+ err = sock_attach_fd(sock2, newfile2); -+ if (unlikely(err < 0)) { -+ fput(newfile1); -+ goto out_fd1; ++ ++ /* Fix illegal SG+CSUM combinations. */ ++ if ((dev->features & NETIF_F_SG) && ++ !(dev->features & NETIF_F_ALL_CSUM)) { ++ printk(KERN_NOTICE "%s: Dropping NETIF_F_SG since no checksum feature.\n", ++ dev->name); ++ dev->features &= ~NETIF_F_SG; + } + -+ err = audit_fd_pair(fd1, fd2); -+ if (err < 0) { -+ fput(newfile1); -+ fput(newfile2); -+ goto out_fd; ++ /* TSO requires that SG is present as well. */ ++ if ((dev->features & NETIF_F_TSO) && ++ !(dev->features & NETIF_F_SG)) { ++ printk(KERN_NOTICE "%s: Dropping NETIF_F_TSO since no SG feature.\n", ++ dev->name); ++ dev->features &= ~NETIF_F_TSO; ++ } ++ if (dev->features & NETIF_F_UFO) { ++ if (!(dev->features & NETIF_F_HW_CSUM)) { ++ printk(KERN_ERR "%s: Dropping NETIF_F_UFO since no " ++ "NETIF_F_HW_CSUM feature.\n", ++ dev->name); ++ dev->features &= ~NETIF_F_UFO; ++ } ++ if (!(dev->features & NETIF_F_SG)) { ++ printk(KERN_ERR "%s: Dropping NETIF_F_UFO since no " ++ "NETIF_F_SG feature.\n", ++ dev->name); ++ dev->features &= ~NETIF_F_UFO; ++ } + } + -+ fd_install(fd1, newfile1); -+ fd_install(fd2, newfile2); -+ /* fd1 and fd2 may be already another descriptors. -+ * Not kernel problem. ++ /* ++ * nil rebuild_header routine, ++ * that should be never called and used as just bug trap. + */ + -+ err = put_user(fd1, &usockvec[0]); -+ if (!err) -+ err = put_user(fd2, &usockvec[1]); -+ if (!err) -+ return 0; ++ if (!dev->rebuild_header) ++ dev->rebuild_header = default_rebuild_header; + -+ sys_close(fd2); -+ sys_close(fd1); -+ return err; ++ ret = netdev_register_sysfs(dev); ++ if (ret) ++ goto out; ++ dev->reg_state = NETREG_REGISTERED; + -+out_release_both: -+ sock_release(sock2); -+out_release_1: -+ sock_release(sock1); -+out: -+ return err; ++ /* ++ * Default initial state at registry is that the ++ * device is present. ++ */ + -+out_fd2: -+ put_filp(newfile1); -+ sock_release(sock1); -+out_fd1: -+ put_filp(newfile2); -+ sock_release(sock2); -+out_fd: -+ put_unused_fd(fd1); -+ put_unused_fd(fd2); -+ goto out; ++ set_bit(__LINK_STATE_PRESENT, &dev->state); ++ ++ dev_init_scheduler(dev); ++ dev_hold(dev); ++ list_netdevice(dev); ++ ++ /* Notify protocols, that a new device appeared. */ ++ raw_notifier_call_chain(&netdev_chain, NETDEV_REGISTER, dev); ++ ++ ret = 0; ++ ++out: ++ return ret; +} + -+/* -+ * Bind a name to a socket. Nothing much to do here since it's -+ * the protocol's responsibility to handle the local address. ++/** ++ * register_netdev - register a network device ++ * @dev: device to register ++ * ++ * Take a completed network device structure and add it to the kernel ++ * interfaces. A %NETDEV_REGISTER message is sent to the netdev notifier ++ * chain. 0 is returned on success. A negative errno code is returned ++ * on a failure to set up the device, or if the name is a duplicate. + * -+ * We move the socket address to kernel space before we call -+ * the protocol layer (having also checked the address is ok). ++ * This is a wrapper around register_netdevice that takes the rtnl semaphore ++ * and expands the device name if you passed a format string to ++ * alloc_netdev. + */ -+ -+asmlinkage long sys_bind(int fd, struct sockaddr __user *umyaddr, int addrlen) ++int register_netdev(struct net_device *dev) +{ -+ struct socket *sock; -+ char address[MAX_SOCK_ADDR]; -+ int err, fput_needed; -+ -+ sock = sockfd_lookup_light(fd, &err, &fput_needed); -+ if (sock) { -+ err = move_addr_to_kernel(umyaddr, addrlen, address); -+ if (err >= 0) { -+ err = security_socket_bind(sock, -+ (struct sockaddr *)address, -+ addrlen); -+ if (!err) -+ err = sock->ops->bind(sock, -+ (struct sockaddr *) -+ address, addrlen); -+ } -+ fput_light(sock->file, fput_needed); ++ int err; ++ ++ rtnl_lock(); ++ ++ /* ++ * If the name is a format string the caller wants us to do a ++ * name allocation. ++ */ ++ if (strchr(dev->name, '%')) { ++ err = dev_alloc_name(dev, dev->name); ++ if (err < 0) ++ goto out; + } ++ ++ err = register_netdevice(dev); ++out: ++ rtnl_unlock(); + return err; +} ++EXPORT_SYMBOL(register_netdev); + +/* -+ * Perform a listen. Basically, we allow the protocol to do anything -+ * necessary for a listen, and if that works, we mark the socket as -+ * ready for listening. ++ * netdev_wait_allrefs - wait until all references are gone. ++ * ++ * This is called when unregistering network devices. ++ * ++ * Any protocol or device that holds a reference should register ++ * for netdevice notification, and cleanup and put back the ++ * reference if they receive an UNREGISTER event. ++ * We can get stuck here if buggy protocols don't correctly ++ * call dev_put. + */ ++static void netdev_wait_allrefs(struct net_device *dev) ++{ ++ unsigned long rebroadcast_time, warning_time; ++ ++ rebroadcast_time = warning_time = jiffies; ++ while (atomic_read(&dev->refcnt) != 0) { ++ if (time_after(jiffies, rebroadcast_time + 1 * HZ)) { ++ rtnl_lock(); ++ ++ /* Rebroadcast unregister notification */ ++ raw_notifier_call_chain(&netdev_chain, ++ NETDEV_UNREGISTER, dev); ++ ++ if (test_bit(__LINK_STATE_LINKWATCH_PENDING, ++ &dev->state)) { ++ /* We must not have linkwatch events ++ * pending on unregister. If this ++ * happens, we simply run the queue ++ * unscheduled, resulting in a noop ++ * for this device. ++ */ ++ linkwatch_run_queue(); ++ } + -+asmlinkage long sys_listen(int fd, int backlog) -+{ -+ struct socket *sock; -+ int err, fput_needed; ++ __rtnl_unlock(); + -+ sock = sockfd_lookup_light(fd, &err, &fput_needed); -+ if (sock) { -+ struct net *net = sock->sk->sk_net; -+ if ((unsigned)backlog > net->sysctl_somaxconn) -+ backlog = net->sysctl_somaxconn; ++ rebroadcast_time = jiffies; ++ } + -+ err = security_socket_listen(sock, backlog); -+ if (!err) -+ err = sock->ops->listen(sock, backlog); ++ msleep(250); + -+ fput_light(sock->file, fput_needed); ++ if (time_after(jiffies, warning_time + 10 * HZ)) { ++ printk(KERN_EMERG "unregister_netdevice: " ++ "waiting for %s to become free. Usage " ++ "count = %d\n", ++ dev->name, atomic_read(&dev->refcnt)); ++ warning_time = jiffies; ++ } + } -+ return err; +} + -+/* -+ * For accept, we attempt to create a new socket, set up the link -+ * with the client, wake up the client, then return the new -+ * connected fd. We collect the address of the connector in kernel -+ * space and move it to user at the very end. This is unclean because -+ * we open the socket then return an error. ++/* The sequence is: ++ * ++ * rtnl_lock(); ++ * ... ++ * register_netdevice(x1); ++ * register_netdevice(x2); ++ * ... ++ * unregister_netdevice(y1); ++ * unregister_netdevice(y2); ++ * ... ++ * rtnl_unlock(); ++ * free_netdev(y1); ++ * free_netdev(y2); + * -+ * 1003.1g adds the ability to recvmsg() to query connection pending -+ * status to recvmsg. We need to add that support in a way thats -+ * clean when we restucture accept also. ++ * We are invoked by rtnl_unlock() after it drops the semaphore. ++ * This allows us to deal with problems: ++ * 1) We can delete sysfs objects which invoke hotplug ++ * without deadlocking with linkwatch via keventd. ++ * 2) Since we run with the RTNL semaphore not held, we can sleep ++ * safely in order to wait for the netdev refcnt to drop to zero. + */ -+ -+asmlinkage long sys_accept(int fd, struct sockaddr __user *upeer_sockaddr, -+ int __user *upeer_addrlen) ++static DEFINE_MUTEX(net_todo_run_mutex); ++void netdev_run_todo(void) +{ -+ struct socket *sock, *newsock; -+ struct file *newfile; -+ int err, len, newfd, fput_needed; -+ char address[MAX_SOCK_ADDR]; -+ -+ sock = sockfd_lookup_light(fd, &err, &fput_needed); -+ if (!sock) -+ goto out; -+ -+ err = -ENFILE; -+ if (!(newsock = sock_alloc())) -+ goto out_put; ++ struct list_head list; + -+ newsock->type = sock->type; -+ newsock->ops = sock->ops; ++ /* Need to guard against multiple cpu's getting out of order. */ ++ mutex_lock(&net_todo_run_mutex); + -+ /* -+ * We don't need try_module_get here, as the listening socket (sock) -+ * has the protocol module (sock->ops->owner) held. ++ /* Not safe to do outside the semaphore. We must not return ++ * until all unregister events invoked by the local processor ++ * have been completed (either by this todo run, or one on ++ * another cpu). + */ -+ __module_get(newsock->ops->owner); -+ -+ newfd = sock_alloc_fd(&newfile); -+ if (unlikely(newfd < 0)) { -+ err = newfd; -+ sock_release(newsock); -+ goto out_put; -+ } -+ -+ err = sock_attach_fd(newsock, newfile); -+ if (err < 0) -+ goto out_fd_simple; ++ if (list_empty(&net_todo_list)) ++ goto out; + -+ err = security_socket_accept(sock, newsock); -+ if (err) -+ goto out_fd; ++ /* Snapshot list, allow later requests */ ++ spin_lock(&net_todo_list_lock); ++ list_replace_init(&net_todo_list, &list); ++ spin_unlock(&net_todo_list_lock); ++ ++ while (!list_empty(&list)) { ++ struct net_device *dev ++ = list_entry(list.next, struct net_device, todo_list); ++ list_del(&dev->todo_list); ++ ++ if (unlikely(dev->reg_state != NETREG_UNREGISTERING)) { ++ printk(KERN_ERR "network todo '%s' but state %d\n", ++ dev->name, dev->reg_state); ++ dump_stack(); ++ continue; ++ } + -+ err = sock->ops->accept(sock, newsock, sock->file->f_flags); -+ if (err < 0) -+ goto out_fd; ++ dev->reg_state = NETREG_UNREGISTERED; + -+ if (upeer_sockaddr) { -+ if (newsock->ops->getname(newsock, (struct sockaddr *)address, -+ &len, 2) < 0) { -+ err = -ECONNABORTED; -+ goto out_fd; -+ } -+ err = move_addr_to_user(address, len, upeer_sockaddr, -+ upeer_addrlen); -+ if (err < 0) -+ goto out_fd; -+ } ++ netdev_wait_allrefs(dev); + -+ /* File flags are not inherited via accept() unlike another OSes. */ ++ /* paranoia */ ++ BUG_ON(atomic_read(&dev->refcnt)); ++ BUG_TRAP(!dev->ip_ptr); ++ BUG_TRAP(!dev->ip6_ptr); ++ BUG_TRAP(!dev->dn_ptr); + -+ fd_install(newfd, newfile); -+ err = newfd; ++ if (dev->destructor) ++ dev->destructor(dev); + -+ security_socket_post_accept(sock, newsock); ++ /* Free network device */ ++ kobject_put(&dev->dev.kobj); ++ } + -+out_put: -+ fput_light(sock->file, fput_needed); +out: -+ return err; -+out_fd_simple: -+ sock_release(newsock); -+ put_filp(newfile); -+ put_unused_fd(newfd); -+ goto out_put; -+out_fd: -+ fput(newfile); -+ put_unused_fd(newfd); -+ goto out_put; ++ mutex_unlock(&net_todo_run_mutex); +} + -+/* -+ * Attempt to connect to a socket with the server address. The address -+ * is in user space so we verify it is OK and move it to kernel space. -+ * -+ * For 1003.1g we need to add clean support for a bind to AF_UNSPEC to -+ * break bindings -+ * -+ * NOTE: 1003.1g draft 6.3 is broken with respect to AX.25/NetROM and -+ * other SEQPACKET protocols that take time to connect() as it doesn't -+ * include the -EINPROGRESS status for such sockets. -+ */ -+ -+asmlinkage long sys_connect(int fd, struct sockaddr __user *uservaddr, -+ int addrlen) ++static struct net_device_stats *internal_stats(struct net_device *dev) +{ -+ struct socket *sock; -+ char address[MAX_SOCK_ADDR]; -+ int err, fput_needed; -+ -+ sock = sockfd_lookup_light(fd, &err, &fput_needed); -+ if (!sock) -+ goto out; -+ err = move_addr_to_kernel(uservaddr, addrlen, address); -+ if (err < 0) -+ goto out_put; -+ -+ err = -+ security_socket_connect(sock, (struct sockaddr *)address, addrlen); -+ if (err) -+ goto out_put; -+ -+ err = sock->ops->connect(sock, (struct sockaddr *)address, addrlen, -+ sock->file->f_flags); -+out_put: -+ fput_light(sock->file, fput_needed); -+out: -+ return err; ++ return &dev->stats; +} + -+/* -+ * Get the local address ('name') of a socket object. Move the obtained -+ * name to user space. ++/** ++ * alloc_netdev - allocate network device ++ * @sizeof_priv: size of private data to allocate space for ++ * @name: device name format string ++ * @setup: callback to initialize device ++ * ++ * Allocates a struct net_device with private data area for driver use ++ * and performs basic initialization. + */ -+ -+asmlinkage long sys_getsockname(int fd, struct sockaddr __user *usockaddr, -+ int __user *usockaddr_len) ++struct net_device *alloc_netdev(int sizeof_priv, const char *name, ++ void (*setup)(struct net_device *)) +{ -+ struct socket *sock; -+ char address[MAX_SOCK_ADDR]; -+ int len, err, fput_needed; ++ void *p; ++ struct net_device *dev; ++ int alloc_size; + -+ sock = sockfd_lookup_light(fd, &err, &fput_needed); -+ if (!sock) -+ goto out; -+ -+ err = security_socket_getsockname(sock); -+ if (err) -+ goto out_put; ++ BUG_ON(strlen(name) >= sizeof(dev->name)); + -+ err = sock->ops->getname(sock, (struct sockaddr *)address, &len, 0); -+ if (err) -+ goto out_put; -+ err = move_addr_to_user(address, len, usockaddr, usockaddr_len); -+ -+out_put: -+ fput_light(sock->file, fput_needed); -+out: -+ return err; -+} ++ /* ensure 32-byte alignment of both the device and private area */ ++ alloc_size = (sizeof(*dev) + NETDEV_ALIGN_CONST) & ~NETDEV_ALIGN_CONST; ++ alloc_size += sizeof_priv + NETDEV_ALIGN_CONST; + -+/* -+ * Get the remote address ('name') of a socket object. Move the obtained -+ * name to user space. -+ */ ++ p = kzalloc(alloc_size, GFP_KERNEL); ++ if (!p) { ++ printk(KERN_ERR "alloc_netdev: Unable to allocate device.\n"); ++ return NULL; ++ } + -+asmlinkage long sys_getpeername(int fd, struct sockaddr __user *usockaddr, -+ int __user *usockaddr_len) -+{ -+ struct socket *sock; -+ char address[MAX_SOCK_ADDR]; -+ int len, err, fput_needed; ++ dev = (struct net_device *) ++ (((long)p + NETDEV_ALIGN_CONST) & ~NETDEV_ALIGN_CONST); ++ dev->padded = (char *)dev - (char *)p; ++ dev->nd_net = &init_net; + -+ sock = sockfd_lookup_light(fd, &err, &fput_needed); -+ if (sock != NULL) { -+ err = security_socket_getpeername(sock); -+ if (err) { -+ fput_light(sock->file, fput_needed); -+ return err; -+ } ++ if (sizeof_priv) ++ dev->priv = netdev_priv(dev); + -+ err = -+ sock->ops->getname(sock, (struct sockaddr *)address, &len, -+ 1); -+ if (!err) -+ err = move_addr_to_user(address, len, usockaddr, -+ usockaddr_len); -+ fput_light(sock->file, fput_needed); -+ } -+ return err; ++ dev->get_stats = internal_stats; ++ setup(dev); ++ strcpy(dev->name, name); ++ return dev; +} ++EXPORT_SYMBOL(alloc_netdev); + -+/* -+ * Send a datagram to a given address. We move the address into kernel -+ * space and check the user space data area is readable before invoking -+ * the protocol. ++/** ++ * free_netdev - free network device ++ * @dev: device ++ * ++ * This function does the last stage of destroying an allocated device ++ * interface. The reference to the device object is released. ++ * If this is the last reference then it will be freed. + */ -+ -+asmlinkage long sys_sendto(int fd, void __user *buff, size_t len, -+ unsigned flags, struct sockaddr __user *addr, -+ int addr_len) ++void free_netdev(struct net_device *dev) +{ -+ struct socket *sock; -+ char address[MAX_SOCK_ADDR]; -+ int err; -+ struct msghdr msg; -+ struct iovec iov; -+ int fput_needed; -+ struct file *sock_file; -+ -+ sock_file = fget_light(fd, &fput_needed); -+ err = -EBADF; -+ if (!sock_file) -+ goto out; -+ -+ sock = sock_from_file(sock_file, &err); -+ if (!sock) -+ goto out_put; -+ iov.iov_base = buff; -+ iov.iov_len = len; -+ msg.msg_name = NULL; -+ msg.msg_iov = &iov; -+ msg.msg_iovlen = 1; -+ msg.msg_control = NULL; -+ msg.msg_controllen = 0; -+ msg.msg_namelen = 0; -+ if (addr) { -+ err = move_addr_to_kernel(addr, addr_len, address); -+ if (err < 0) -+ goto out_put; -+ msg.msg_name = address; -+ msg.msg_namelen = addr_len; ++#ifdef CONFIG_SYSFS ++ /* Compatibility with error handling in drivers */ ++ if (dev->reg_state == NETREG_UNINITIALIZED) { ++ kfree((char *)dev - dev->padded); ++ return; + } -+ if (sock->file->f_flags & O_NONBLOCK) -+ flags |= MSG_DONTWAIT; -+ msg.msg_flags = flags; -+ err = sock_sendmsg(sock, &msg, len); + -+out_put: -+ fput_light(sock_file, fput_needed); -+out: -+ return err; -+} ++ BUG_ON(dev->reg_state != NETREG_UNREGISTERED); ++ dev->reg_state = NETREG_RELEASED; + -+/* -+ * Send a datagram down a socket. -+ */ ++ /* will free via device release */ ++ put_device(&dev->dev); ++#else ++ kfree((char *)dev - dev->padded); ++#endif ++} + -+asmlinkage long sys_send(int fd, void __user *buff, size_t len, unsigned flags) ++/* Synchronize with packet receive processing. */ ++void synchronize_net(void) +{ -+ return sys_sendto(fd, buff, len, flags, NULL, 0); ++ might_sleep(); ++ synchronize_rcu(); +} + -+/* -+ * Receive a frame from the socket and optionally record the address of the -+ * sender. We verify the buffers are writable and if needed move the -+ * sender address from kernel to user space. ++/** ++ * unregister_netdevice - remove device from the kernel ++ * @dev: device ++ * ++ * This function shuts down a device interface and removes it ++ * from the kernel tables. On success 0 is returned, on a failure ++ * a negative errno code is returned. ++ * ++ * Callers must hold the rtnl semaphore. You may want ++ * unregister_netdev() instead of this. + */ + -+asmlinkage long sys_recvfrom(int fd, void __user *ubuf, size_t size, -+ unsigned flags, struct sockaddr __user *addr, -+ int __user *addr_len) ++void unregister_netdevice(struct net_device *dev) +{ -+ struct socket *sock; -+ struct iovec iov; -+ struct msghdr msg; -+ char address[MAX_SOCK_ADDR]; -+ int err, err2; -+ struct file *sock_file; -+ int fput_needed; -+ -+ sock_file = fget_light(fd, &fput_needed); -+ err = -EBADF; -+ if (!sock_file) -+ goto out; ++ BUG_ON(dev_boot_phase); ++ ASSERT_RTNL(); ++ ++ /* Some devices call without registering for initialization unwind. */ ++ if (dev->reg_state == NETREG_UNINITIALIZED) { ++ printk(KERN_DEBUG "unregister_netdevice: device %s/%p never " ++ "was registered\n", dev->name, dev); + -+ sock = sock_from_file(sock_file, &err); -+ if (!sock) -+ goto out_put; -+ -+ msg.msg_control = NULL; -+ msg.msg_controllen = 0; -+ msg.msg_iovlen = 1; -+ msg.msg_iov = &iov; -+ iov.iov_len = size; -+ iov.iov_base = ubuf; -+ msg.msg_name = address; -+ msg.msg_namelen = MAX_SOCK_ADDR; -+ if (sock->file->f_flags & O_NONBLOCK) -+ flags |= MSG_DONTWAIT; -+ err = sock_recvmsg(sock, &msg, size, flags); -+ -+ if (err >= 0 && addr != NULL) { -+ err2 = move_addr_to_user(address, msg.msg_namelen, addr, addr_len); -+ if (err2 < 0) -+ err = err2; ++ WARN_ON(1); ++ return; + } -+out_put: -+ fput_light(sock_file, fput_needed); -+out: -+ return err; -+} + -+/* -+ * Receive a datagram from a socket. -+ */ ++ BUG_ON(dev->reg_state != NETREG_REGISTERED); ++ ++ /* If device is running, close it first. */ ++ if (dev->flags & IFF_UP) ++ dev_close(dev); ++ ++ /* And unlink it from device chain. */ ++ unlist_netdevice(dev); ++ ++ dev->reg_state = NETREG_UNREGISTERING; ++ ++ synchronize_net(); + -+asmlinkage long sys_recv(int fd, void __user *ubuf, size_t size, -+ unsigned flags) -+{ -+ return sys_recvfrom(fd, ubuf, size, flags, NULL, NULL); -+} ++ /* Shutdown queueing discipline. */ ++ dev_shutdown(dev); + -+/* -+ * Set a socket option. Because we don't know the option lengths we have -+ * to pass the user mode parameter for the protocols to sort out. -+ */ + -+asmlinkage long sys_setsockopt(int fd, int level, int optname, -+ char __user *optval, int optlen) -+{ -+ int err, fput_needed; -+ struct socket *sock; ++ /* Notify protocols, that we are about to destroy ++ this device. They should clean all the things. ++ */ ++ raw_notifier_call_chain(&netdev_chain, NETDEV_UNREGISTER, dev); + -+ if (optlen < 0) -+ return -EINVAL; ++ /* ++ * Flush the multicast chain ++ */ ++ dev_mc_discard(dev); + -+ sock = sockfd_lookup_light(fd, &err, &fput_needed); -+ if (sock != NULL) { -+ err = security_socket_setsockopt(sock, level, optname); -+ if (err) -+ goto out_put; ++ if (dev->uninit) ++ dev->uninit(dev); + -+ if (level == SOL_SOCKET) -+ err = -+ sock_setsockopt(sock, level, optname, optval, -+ optlen); -+ else -+ err = -+ sock->ops->setsockopt(sock, level, optname, optval, -+ optlen); -+out_put: -+ fput_light(sock->file, fput_needed); -+ } -+ return err; -+} ++ /* Notifier chain MUST detach us from master device. */ ++ BUG_TRAP(!dev->master); + -+/* -+ * Get a socket option. Because we don't know the option lengths we have -+ * to pass a user mode parameter for the protocols to sort out. -+ */ ++ /* Remove entries from sysfs */ ++ netdev_unregister_sysfs(dev); + -+asmlinkage long sys_getsockopt(int fd, int level, int optname, -+ char __user *optval, int __user *optlen) -+{ -+ int err, fput_needed; -+ struct socket *sock; -+ -+ sock = sockfd_lookup_light(fd, &err, &fput_needed); -+ if (sock != NULL) { -+ err = security_socket_getsockopt(sock, level, optname); -+ if (err) -+ goto out_put; -+ -+ if (level == SOL_SOCKET) -+ err = -+ sock_getsockopt(sock, level, optname, optval, -+ optlen); -+ else -+ err = -+ sock->ops->getsockopt(sock, level, optname, optval, -+ optlen); -+out_put: -+ fput_light(sock->file, fput_needed); -+ } -+ return err; ++ /* Finish processing unregister after unlock */ ++ net_set_todo(dev); ++ ++ synchronize_net(); ++ ++ dev_put(dev); +} + -+/* -+ * Shutdown a socket. ++/** ++ * unregister_netdev - remove device from the kernel ++ * @dev: device ++ * ++ * This function shuts down a device interface and removes it ++ * from the kernel tables. On success 0 is returned, on a failure ++ * a negative errno code is returned. ++ * ++ * This is just a wrapper for unregister_netdevice that takes ++ * the rtnl semaphore. In general you want to use this and not ++ * unregister_netdevice. + */ -+ -+asmlinkage long sys_shutdown(int fd, int how) ++void unregister_netdev(struct net_device *dev) +{ -+ int err, fput_needed; -+ struct socket *sock; -+ -+ sock = sockfd_lookup_light(fd, &err, &fput_needed); -+ if (sock != NULL) { -+ err = security_socket_shutdown(sock, how); -+ if (!err) -+ err = sock->ops->shutdown(sock, how); -+ fput_light(sock->file, fput_needed); -+ } -+ return err; ++ rtnl_lock(); ++ unregister_netdevice(dev); ++ rtnl_unlock(); +} + -+/* A couple of helpful macros for getting the address of the 32/64 bit -+ * fields which are the same type (int / unsigned) on our platforms. -+ */ -+#define COMPAT_MSG(msg, member) ((MSG_CMSG_COMPAT & flags) ? &msg##_compat->member : &msg->member) -+#define COMPAT_NAMELEN(msg) COMPAT_MSG(msg, msg_namelen) -+#define COMPAT_FLAGS(msg) COMPAT_MSG(msg, msg_flags) ++EXPORT_SYMBOL(unregister_netdev); + -+/* -+ * BSD sendmsg interface ++/** ++ * dev_change_net_namespace - move device to different nethost namespace ++ * @dev: device ++ * @net: network namespace ++ * @pat: If not NULL name pattern to try if the current device name ++ * is already taken in the destination network namespace. ++ * ++ * This function shuts down a device interface and moves it ++ * to a new network namespace. On success 0 is returned, on ++ * a failure a netagive errno code is returned. ++ * ++ * Callers must hold the rtnl semaphore. + */ + -+asmlinkage long sys_sendmsg(int fd, struct msghdr __user *msg, unsigned flags) ++int dev_change_net_namespace(struct net_device *dev, struct net *net, const char *pat) +{ -+ struct compat_msghdr __user *msg_compat = -+ (struct compat_msghdr __user *)msg; -+ struct socket *sock; -+ char address[MAX_SOCK_ADDR]; -+ struct iovec iovstack[UIO_FASTIOV], *iov = iovstack; -+ unsigned char ctl[sizeof(struct cmsghdr) + 20] -+ __attribute__ ((aligned(sizeof(__kernel_size_t)))); -+ /* 20 is size of ipv6_pktinfo */ -+ unsigned char *ctl_buf = ctl; -+ struct msghdr msg_sys; -+ int err, ctl_len, iov_size, total_len; -+ int fput_needed; -+ -+ err = -EFAULT; -+ if (MSG_CMSG_COMPAT & flags) { -+ if (get_compat_msghdr(&msg_sys, msg_compat)) -+ return -EFAULT; -+ } -+ else if (copy_from_user(&msg_sys, msg, sizeof(struct msghdr))) -+ return -EFAULT; ++ char buf[IFNAMSIZ]; ++ const char *destname; ++ int err; + -+ sock = sockfd_lookup_light(fd, &err, &fput_needed); -+ if (!sock) ++ ASSERT_RTNL(); ++ ++ /* Don't allow namespace local devices to be moved. */ ++ err = -EINVAL; ++ if (dev->features & NETIF_F_NETNS_LOCAL) + goto out; + -+ /* do not move before msg_sys is valid */ -+ err = -EMSGSIZE; -+ if (msg_sys.msg_iovlen > UIO_MAXIOV) -+ goto out_put; -+ -+ /* Check whether to allocate the iovec area */ -+ err = -ENOMEM; -+ iov_size = msg_sys.msg_iovlen * sizeof(struct iovec); -+ if (msg_sys.msg_iovlen > UIO_FASTIOV) { -+ iov = sock_kmalloc(sock->sk, iov_size, GFP_KERNEL); -+ if (!iov) -+ goto out_put; -+ } ++ /* Ensure the device has been registrered */ ++ err = -EINVAL; ++ if (dev->reg_state != NETREG_REGISTERED) ++ goto out; ++ ++ /* Get out if there is nothing todo */ ++ err = 0; ++ if (dev->nd_net == net) ++ goto out; + -+ /* This will also move the address data into kernel space */ -+ if (MSG_CMSG_COMPAT & flags) { -+ err = verify_compat_iovec(&msg_sys, iov, address, VERIFY_READ); -+ } else -+ err = verify_iovec(&msg_sys, iov, address, VERIFY_READ); -+ if (err < 0) -+ goto out_freeiov; -+ total_len = err; -+ -+ err = -ENOBUFS; -+ -+ if (msg_sys.msg_controllen > INT_MAX) -+ goto out_freeiov; -+ ctl_len = msg_sys.msg_controllen; -+ if ((MSG_CMSG_COMPAT & flags) && ctl_len) { -+ err = -+ cmsghdr_from_user_compat_to_kern(&msg_sys, sock->sk, ctl, -+ sizeof(ctl)); -+ if (err) -+ goto out_freeiov; -+ ctl_buf = msg_sys.msg_control; -+ ctl_len = msg_sys.msg_controllen; -+ } else if (ctl_len) { -+ if (ctl_len > sizeof(ctl)) { -+ ctl_buf = sock_kmalloc(sock->sk, ctl_len, GFP_KERNEL); -+ if (ctl_buf == NULL) -+ goto out_freeiov; -+ } -+ err = -EFAULT; -+ /* -+ * Careful! Before this, msg_sys.msg_control contains a user pointer. -+ * Afterwards, it will be a kernel pointer. Thus the compiler-assisted -+ * checking falls down on this. -+ */ -+ if (copy_from_user(ctl_buf, (void __user *)msg_sys.msg_control, -+ ctl_len)) -+ goto out_freectl; -+ msg_sys.msg_control = ctl_buf; ++ /* Pick the destination device name, and ensure ++ * we can use it in the destination network namespace. ++ */ ++ err = -EEXIST; ++ destname = dev->name; ++ if (__dev_get_by_name(net, destname)) { ++ /* We get here if we can't use the current device name */ ++ if (!pat) ++ goto out; ++ if (!dev_valid_name(pat)) ++ goto out; ++ if (strchr(pat, '%')) { ++ if (__dev_alloc_name(net, pat, buf) < 0) ++ goto out; ++ destname = buf; ++ } else ++ destname = pat; ++ if (__dev_get_by_name(net, destname)) ++ goto out; + } -+ msg_sys.msg_flags = flags; -+ -+ if (sock->file->f_flags & O_NONBLOCK) -+ msg_sys.msg_flags |= MSG_DONTWAIT; -+ err = sock_sendmsg(sock, &msg_sys, total_len); -+ -+out_freectl: -+ if (ctl_buf != ctl) -+ sock_kfree_s(sock->sk, ctl_buf, ctl_len); -+out_freeiov: -+ if (iov != iovstack) -+ sock_kfree_s(sock->sk, iov, iov_size); -+out_put: -+ fput_light(sock->file, fput_needed); -+out: -+ return err; -+} -+ -+/* -+ * BSD recvmsg interface -+ */ + -+asmlinkage long sys_recvmsg(int fd, struct msghdr __user *msg, -+ unsigned int flags) -+{ -+ struct compat_msghdr __user *msg_compat = -+ (struct compat_msghdr __user *)msg; -+ struct socket *sock; -+ struct iovec iovstack[UIO_FASTIOV]; -+ struct iovec *iov = iovstack; -+ struct msghdr msg_sys; -+ unsigned long cmsg_ptr; -+ int err, iov_size, total_len, len; -+ int fput_needed; -+ -+ /* kernel mode address */ -+ char addr[MAX_SOCK_ADDR]; -+ -+ /* user mode address pointers */ -+ struct sockaddr __user *uaddr; -+ int __user *uaddr_len; -+ -+ if (MSG_CMSG_COMPAT & flags) { -+ if (get_compat_msghdr(&msg_sys, msg_compat)) -+ return -EFAULT; -+ } -+ else if (copy_from_user(&msg_sys, msg, sizeof(struct msghdr))) -+ return -EFAULT; ++ /* ++ * And now a mini version of register_netdevice unregister_netdevice. ++ */ + -+ sock = sockfd_lookup_light(fd, &err, &fput_needed); -+ if (!sock) -+ goto out; ++ /* If device is running close it first. */ ++ if (dev->flags & IFF_UP) ++ dev_close(dev); + -+ err = -EMSGSIZE; -+ if (msg_sys.msg_iovlen > UIO_MAXIOV) -+ goto out_put; -+ -+ /* Check whether to allocate the iovec area */ -+ err = -ENOMEM; -+ iov_size = msg_sys.msg_iovlen * sizeof(struct iovec); -+ if (msg_sys.msg_iovlen > UIO_FASTIOV) { -+ iov = sock_kmalloc(sock->sk, iov_size, GFP_KERNEL); -+ if (!iov) -+ goto out_put; -+ } ++ /* And unlink it from device chain */ ++ err = -ENODEV; ++ unlist_netdevice(dev); ++ ++ synchronize_net(); ++ ++ /* Shutdown queueing discipline. */ ++ dev_shutdown(dev); + ++ /* Notify protocols, that we are about to destroy ++ this device. They should clean all the things. ++ */ ++ call_netdevice_notifiers(NETDEV_UNREGISTER, dev); ++ + /* -+ * Save the user-mode address (verify_iovec will change the -+ * kernel msghdr to use the kernel address space) ++ * Flush the multicast chain + */ ++ dev_mc_discard(dev); + -+ uaddr = (void __user *)msg_sys.msg_name; -+ uaddr_len = COMPAT_NAMELEN(msg); -+ if (MSG_CMSG_COMPAT & flags) { -+ err = verify_compat_iovec(&msg_sys, iov, addr, VERIFY_WRITE); -+ } else -+ err = verify_iovec(&msg_sys, iov, addr, VERIFY_WRITE); -+ if (err < 0) -+ goto out_freeiov; -+ total_len = err; -+ -+ cmsg_ptr = (unsigned long)msg_sys.msg_control; -+ msg_sys.msg_flags = 0; -+ if (MSG_CMSG_COMPAT & flags) -+ msg_sys.msg_flags = MSG_CMSG_COMPAT; -+ -+ if (sock->file->f_flags & O_NONBLOCK) -+ flags |= MSG_DONTWAIT; -+ err = sock_recvmsg(sock, &msg_sys, total_len, flags); -+ if (err < 0) -+ goto out_freeiov; -+ len = err; -+ -+ if (uaddr != NULL) { -+ err = move_addr_to_user(addr, msg_sys.msg_namelen, uaddr, -+ uaddr_len); -+ if (err < 0) -+ goto out_freeiov; ++ /* Actually switch the network namespace */ ++ dev->nd_net = net; ++ ++ /* Assign the new device name */ ++ if (destname != dev->name) ++ strcpy(dev->name, destname); ++ ++ /* If there is an ifindex conflict assign a new one */ ++ if (__dev_get_by_index(net, dev->ifindex)) { ++ int iflink = (dev->iflink == dev->ifindex); ++ dev->ifindex = dev_new_index(net); ++ if (iflink) ++ dev->iflink = dev->ifindex; + } -+ err = __put_user((msg_sys.msg_flags & ~MSG_CMSG_COMPAT), -+ COMPAT_FLAGS(msg)); -+ if (err) -+ goto out_freeiov; -+ if (MSG_CMSG_COMPAT & flags) -+ err = __put_user((unsigned long)msg_sys.msg_control - cmsg_ptr, -+ &msg_compat->msg_controllen); -+ else -+ err = __put_user((unsigned long)msg_sys.msg_control - cmsg_ptr, -+ &msg->msg_controllen); -+ if (err) -+ goto out_freeiov; -+ err = len; -+ -+out_freeiov: -+ if (iov != iovstack) -+ sock_kfree_s(sock->sk, iov, iov_size); -+out_put: -+ fput_light(sock->file, fput_needed); ++ ++ /* Fixup sysfs */ ++ err = device_rename(&dev->dev, dev->name); ++ BUG_ON(err); ++ ++ /* Add the device back in the hashes */ ++ list_netdevice(dev); ++ ++ /* Notify protocols, that a new device appeared. */ ++ call_netdevice_notifiers(NETDEV_REGISTER, dev); ++ ++ synchronize_net(); ++ err = 0; +out: + return err; +} + -+#ifdef __ARCH_WANT_SYS_SOCKETCALL ++static int dev_cpu_callback(struct notifier_block *nfb, ++ unsigned long action, ++ void *ocpu) ++{ ++ struct sk_buff **list_skb; ++ struct net_device **list_net; ++ struct sk_buff *skb; ++ unsigned int cpu, oldcpu = (unsigned long)ocpu; ++ struct softnet_data *sd, *oldsd; + -+/* Argument list sizes for sys_socketcall */ -+#define AL(x) ((x) * sizeof(unsigned long)) -+static const unsigned char nargs[18]={ -+ AL(0),AL(3),AL(3),AL(3),AL(2),AL(3), -+ AL(3),AL(3),AL(4),AL(4),AL(4),AL(6), -+ AL(6),AL(2),AL(5),AL(5),AL(3),AL(3) -+}; ++ if (action != CPU_DEAD && action != CPU_DEAD_FROZEN) ++ return NOTIFY_OK; + -+#undef AL ++ local_irq_disable(); ++ cpu = smp_processor_id(); ++ sd = &per_cpu(softnet_data, cpu); ++ oldsd = &per_cpu(softnet_data, oldcpu); + -+/* -+ * System call vectors. -+ * -+ * Argument checking cleaned up. Saved 20% in size. -+ * This function doesn't need to set the kernel lock because -+ * it is set by the callees. ++ /* Find end of our completion_queue. */ ++ list_skb = &sd->completion_queue; ++ while (*list_skb) ++ list_skb = &(*list_skb)->next; ++ /* Append completion queue from offline CPU. */ ++ *list_skb = oldsd->completion_queue; ++ oldsd->completion_queue = NULL; ++ ++ /* Find end of our output_queue. */ ++ list_net = &sd->output_queue; ++ while (*list_net) ++ list_net = &(*list_net)->next_sched; ++ /* Append output queue from offline CPU. */ ++ *list_net = oldsd->output_queue; ++ oldsd->output_queue = NULL; ++ ++ raise_softirq_irqoff(NET_TX_SOFTIRQ); ++ local_irq_enable(); ++ ++ /* Process offline CPU's input_pkt_queue */ ++ while ((skb = __skb_dequeue(&oldsd->input_pkt_queue))) ++ netif_rx(skb); ++ ++ return NOTIFY_OK; ++} ++ ++#ifdef CONFIG_NET_DMA ++/** ++ * net_dma_rebalance - ++ * This is called when the number of channels allocated to the net_dma_client ++ * changes. The net_dma_client tries to have one DMA channel per CPU. + */ + -+asmlinkage long sys_socketcall(int call, unsigned long __user *args) ++static void net_dma_rebalance(struct net_dma *net_dma) +{ -+ unsigned long a[6]; -+ unsigned long a0, a1; -+ int err; ++ unsigned int cpu, i, n, chan_idx; ++ struct dma_chan *chan; + -+ if (call < 1 || call > SYS_RECVMSG) -+ return -EINVAL; ++ if (cpus_empty(net_dma->channel_mask)) { ++ for_each_online_cpu(cpu) ++ rcu_assign_pointer(per_cpu(softnet_data, cpu).net_dma, NULL); ++ return; ++ } + -+ /* copy_from_user should be SMP safe. */ -+ if (copy_from_user(a, args, nargs[call])) -+ return -EFAULT; ++ i = 0; ++ cpu = first_cpu(cpu_online_map); + -+ err = audit_socketcall(nargs[call] / sizeof(unsigned long), a); -+ if (err) -+ return err; ++ for_each_cpu_mask(chan_idx, net_dma->channel_mask) { ++ chan = net_dma->channels[chan_idx]; + -+ a0 = a[0]; -+ a1 = a[1]; ++ n = ((num_online_cpus() / cpus_weight(net_dma->channel_mask)) ++ + (i < (num_online_cpus() % ++ cpus_weight(net_dma->channel_mask)) ? 1 : 0)); + -+ switch (call) { -+ case SYS_SOCKET: -+ err = sys_socket(a0, a1, a[2]); -+ break; -+ case SYS_BIND: -+ err = sys_bind(a0, (struct sockaddr __user *)a1, a[2]); -+ break; -+ case SYS_CONNECT: -+ err = sys_connect(a0, (struct sockaddr __user *)a1, a[2]); -+ break; -+ case SYS_LISTEN: -+ err = sys_listen(a0, a1); -+ break; -+ case SYS_ACCEPT: -+ err = -+ sys_accept(a0, (struct sockaddr __user *)a1, -+ (int __user *)a[2]); -+ break; -+ case SYS_GETSOCKNAME: -+ err = -+ sys_getsockname(a0, (struct sockaddr __user *)a1, -+ (int __user *)a[2]); -+ break; -+ case SYS_GETPEERNAME: -+ err = -+ sys_getpeername(a0, (struct sockaddr __user *)a1, -+ (int __user *)a[2]); -+ break; -+ case SYS_SOCKETPAIR: -+ err = sys_socketpair(a0, a1, a[2], (int __user *)a[3]); -+ break; -+ case SYS_SEND: -+ err = sys_send(a0, (void __user *)a1, a[2], a[3]); -+ break; -+ case SYS_SENDTO: -+ err = sys_sendto(a0, (void __user *)a1, a[2], a[3], -+ (struct sockaddr __user *)a[4], a[5]); -+ break; -+ case SYS_RECV: -+ err = sys_recv(a0, (void __user *)a1, a[2], a[3]); -+ break; -+ case SYS_RECVFROM: -+ err = sys_recvfrom(a0, (void __user *)a1, a[2], a[3], -+ (struct sockaddr __user *)a[4], -+ (int __user *)a[5]); -+ break; -+ case SYS_SHUTDOWN: -+ err = sys_shutdown(a0, a1); -+ break; -+ case SYS_SETSOCKOPT: -+ err = sys_setsockopt(a0, a1, a[2], (char __user *)a[3], a[4]); -+ break; -+ case SYS_GETSOCKOPT: -+ err = -+ sys_getsockopt(a0, a1, a[2], (char __user *)a[3], -+ (int __user *)a[4]); -+ break; -+ case SYS_SENDMSG: -+ err = sys_sendmsg(a0, (struct msghdr __user *)a1, a[2]); ++ while(n) { ++ per_cpu(softnet_data, cpu).net_dma = chan; ++ cpu = next_cpu(cpu, cpu_online_map); ++ n--; ++ } ++ i++; ++ } ++} ++ ++/** ++ * netdev_dma_event - event callback for the net_dma_client ++ * @client: should always be net_dma_client ++ * @chan: DMA channel for the event ++ * @event: event type ++ */ ++static enum dma_state_client ++netdev_dma_event(struct dma_client *client, struct dma_chan *chan, ++ enum dma_state state) ++{ ++ int i, found = 0, pos = -1; ++ struct net_dma *net_dma = ++ container_of(client, struct net_dma, client); ++ enum dma_state_client ack = DMA_DUP; /* default: take no action */ ++ ++ spin_lock(&net_dma->lock); ++ switch (state) { ++ case DMA_RESOURCE_AVAILABLE: ++ for (i = 0; i < NR_CPUS; i++) ++ if (net_dma->channels[i] == chan) { ++ found = 1; ++ break; ++ } else if (net_dma->channels[i] == NULL && pos < 0) ++ pos = i; ++ ++ if (!found && pos >= 0) { ++ ack = DMA_ACK; ++ net_dma->channels[pos] = chan; ++ cpu_set(pos, net_dma->channel_mask); ++ net_dma_rebalance(net_dma); ++ } + break; -+ case SYS_RECVMSG: -+ err = sys_recvmsg(a0, (struct msghdr __user *)a1, a[2]); ++ case DMA_RESOURCE_REMOVED: ++ for (i = 0; i < NR_CPUS; i++) ++ if (net_dma->channels[i] == chan) { ++ found = 1; ++ pos = i; ++ break; ++ } ++ ++ if (found) { ++ ack = DMA_ACK; ++ cpu_clear(pos, net_dma->channel_mask); ++ net_dma->channels[i] = NULL; ++ net_dma_rebalance(net_dma); ++ } + break; + default: -+ err = -EINVAL; + break; + } -+ return err; ++ spin_unlock(&net_dma->lock); ++ ++ return ack; ++} ++ ++/** ++ * netdev_dma_regiser - register the networking subsystem as a DMA client ++ */ ++static int __init netdev_dma_register(void) ++{ ++ spin_lock_init(&net_dma.lock); ++ dma_cap_set(DMA_MEMCPY, net_dma.client.cap_mask); ++ dma_async_client_register(&net_dma.client); ++ dma_async_client_chan_request(&net_dma.client); ++ return 0; +} + -+#endif /* __ARCH_WANT_SYS_SOCKETCALL */ ++#else ++static int __init netdev_dma_register(void) { return -ENODEV; } ++#endif /* CONFIG_NET_DMA */ + +/** -+ * sock_register - add a socket protocol handler -+ * @ops: description of protocol ++ * netdev_compute_feature - compute conjunction of two feature sets ++ * @all: first feature set ++ * @one: second feature set + * -+ * This function is called by a protocol handler that wants to -+ * advertise its address family, and have it linked into the -+ * socket interface. The value ops->family coresponds to the -+ * socket system call protocol family. ++ * Computes a new feature set after adding a device with feature set ++ * @one to the master device with current feature set @all. Returns ++ * the new feature set. + */ -+int sock_register(const struct net_proto_family *ops) ++int netdev_compute_features(unsigned long all, unsigned long one) +{ -+ int err; ++ /* if device needs checksumming, downgrade to hw checksumming */ ++ if (all & NETIF_F_NO_CSUM && !(one & NETIF_F_NO_CSUM)) ++ all ^= NETIF_F_NO_CSUM | NETIF_F_HW_CSUM; + -+ if (ops->family >= NPROTO) { -+ printk(KERN_CRIT "protocol %d >= NPROTO(%d)\n", ops->family, -+ NPROTO); -+ return -ENOBUFS; -+ } ++ /* if device can't do all checksum, downgrade to ipv4 */ ++ if (all & NETIF_F_HW_CSUM && !(one & NETIF_F_HW_CSUM)) ++ all ^= NETIF_F_HW_CSUM | NETIF_F_IP_CSUM; + -+ spin_lock(&net_family_lock); -+ if (net_families[ops->family]) -+ err = -EEXIST; -+ else { -+ net_families[ops->family] = ops; -+ err = 0; -+ } -+ spin_unlock(&net_family_lock); ++ if (one & NETIF_F_GSO) ++ one |= NETIF_F_GSO_SOFTWARE; ++ one |= NETIF_F_GSO; + -+ printk(KERN_INFO "NET: Registered protocol family %d\n", ops->family); -+ return err; ++ /* If even one device supports robust GSO, enable it for all. */ ++ if (one & NETIF_F_GSO_ROBUST) ++ all |= NETIF_F_GSO_ROBUST; ++ ++ all &= one | NETIF_F_LLTX; ++ ++ if (!(all & NETIF_F_ALL_CSUM)) ++ all &= ~NETIF_F_SG; ++ if (!(all & NETIF_F_SG)) ++ all &= ~NETIF_F_GSO_MASK; ++ ++ return all; +} ++EXPORT_SYMBOL(netdev_compute_features); + -+/** -+ * sock_unregister - remove a protocol handler -+ * @family: protocol family to remove -+ * -+ * This function is called by a protocol handler that wants to -+ * remove its address family, and have it unlinked from the -+ * new socket creation. -+ * -+ * If protocol handler is a module, then it can use module reference -+ * counts to protect against new references. If protocol handler is not -+ * a module then it needs to provide its own protection in -+ * the ops->create routine. -+ */ -+void sock_unregister(int family) ++/* Initialize per network namespace state */ ++static int netdev_init(struct net *net) +{ -+ BUG_ON(family < 0 || family >= NPROTO); ++ int i; ++ INIT_LIST_HEAD(&net->dev_base_head); ++ rwlock_init(&dev_base_lock); + -+ spin_lock(&net_family_lock); -+ net_families[family] = NULL; -+ spin_unlock(&net_family_lock); ++ net->dev_name_head = kmalloc( ++ sizeof(*net->dev_name_head)*NETDEV_HASHENTRIES, GFP_KERNEL); ++ if (!net->dev_name_head) ++ return -ENOMEM; + -+ synchronize_rcu(); ++ net->dev_index_head = kmalloc( ++ sizeof(*net->dev_index_head)*NETDEV_HASHENTRIES, GFP_KERNEL); ++ if (!net->dev_index_head) { ++ kfree(net->dev_name_head); ++ return -ENOMEM; ++ } ++ ++ for (i = 0; i < NETDEV_HASHENTRIES; i++) ++ INIT_HLIST_HEAD(&net->dev_name_head[i]); ++ ++ for (i = 0; i < NETDEV_HASHENTRIES; i++) ++ INIT_HLIST_HEAD(&net->dev_index_head[i]); + -+ printk(KERN_INFO "NET: Unregistered protocol family %d\n", family); ++ return 0; +} + -+static int sock_pernet_init(struct net *net) ++static void netdev_exit(struct net *net) +{ -+ net->sysctl_somaxconn = SOMAXCONN; -+ return 0; ++ kfree(net->dev_name_head); ++ kfree(net->dev_index_head); +} + -+static struct pernet_operations sock_net_ops = { -+ .init = sock_pernet_init, ++static struct pernet_operations netdev_net_ops = { ++ .init = netdev_init, ++ .exit = netdev_exit, +}; + -+static int __init sock_init(void) ++static void default_device_exit(struct net *net) +{ ++ struct net_device *dev, *next; + /* -+ * Initialize sock SLAB cache. ++ * Push all migratable of the network devices back to the ++ * initial network namespace + */ ++ rtnl_lock(); ++ for_each_netdev_safe(net, dev, next) { ++ int err; ++ ++ /* Ignore unmoveable devices (i.e. loopback) */ ++ if (dev->features & NETIF_F_NETNS_LOCAL) ++ continue; ++ ++ /* Push remaing network devices to init_net */ ++ err = dev_change_net_namespace(dev, &init_net, "dev%d"); ++ if (err) { ++ printk(KERN_WARNING "%s: failed to move %s to init_net: %d\n", ++ __func__, dev->name, err); ++ unregister_netdevice(dev); ++ } ++ } ++ rtnl_unlock(); ++} ++ ++static struct pernet_operations default_device_ops = { ++ .exit = default_device_exit, ++}; ++ ++/* ++ * Initialize the DEV module. At boot time this walks the device list and ++ * unhooks any devices that fail to initialise (normally hardware not ++ * present) and leaves us with a valid list of present and active devices. ++ * ++ */ ++ ++/* ++ * This is called single threaded during boot, so no need ++ * to take the rtnl semaphore. ++ */ ++static int __init net_dev_init(void) ++{ ++ int i, rc = -ENOMEM; ++ ++ BUG_ON(!dev_boot_phase); ++ ++ if (dev_proc_init()) ++ goto out; + -+ sk_init(); ++ if (netdev_sysfs_init()) ++ goto out; ++ ++ INIT_LIST_HEAD(&ptype_all); ++ for (i = 0; i < 16; i++) ++ INIT_LIST_HEAD(&ptype_base[i]); ++ ++ if (register_pernet_subsys(&netdev_net_ops)) ++ goto out; ++ ++ if (register_pernet_device(&default_device_ops)) ++ goto out; + + /* -+ * Initialize skbuff SLAB cache ++ * Initialise the packet receive queues. + */ -+ skb_init(); + ++ for_each_possible_cpu(i) { ++ struct softnet_data *queue; ++ ++ queue = &per_cpu(softnet_data, i); ++ skb_queue_head_init(&queue->input_pkt_queue); ++ queue->completion_queue = NULL; ++ INIT_LIST_HEAD(&queue->poll_list); ++ set_bit(__LINK_STATE_START, &queue->backlog_dev.state); ++ queue->backlog_dev.weight = weight_p; ++ queue->backlog_dev.poll = process_backlog; ++ atomic_set(&queue->backlog_dev.refcnt, 1); ++ } ++ ++ netdev_dma_register(); ++ ++ dev_boot_phase = 0; ++ ++ open_softirq(NET_TX_SOFTIRQ, net_tx_action, NULL); ++ open_softirq(NET_RX_SOFTIRQ, net_rx_action, NULL); ++ ++ hotcpu_notifier(dev_cpu_callback, 0); ++ dst_init(); ++ dev_mcast_init(); ++ rc = 0; ++out: ++ return rc; ++} ++ ++subsys_initcall(net_dev_init); ++ ++EXPORT_SYMBOL(__dev_get_by_index); ++EXPORT_SYMBOL(__dev_get_by_name); ++EXPORT_SYMBOL(__dev_remove_pack); ++EXPORT_SYMBOL(dev_valid_name); ++EXPORT_SYMBOL(dev_add_pack); ++EXPORT_SYMBOL(dev_alloc_name); ++EXPORT_SYMBOL(dev_close); ++EXPORT_SYMBOL(dev_get_by_flags); ++EXPORT_SYMBOL(dev_get_by_index); ++EXPORT_SYMBOL(dev_get_by_name); ++EXPORT_SYMBOL(dev_open); ++EXPORT_SYMBOL(dev_queue_xmit); ++EXPORT_SYMBOL(dev_remove_pack); ++EXPORT_SYMBOL(dev_set_allmulti); ++EXPORT_SYMBOL(dev_set_promiscuity); ++EXPORT_SYMBOL(dev_change_flags); ++EXPORT_SYMBOL(dev_set_mtu); ++EXPORT_SYMBOL(dev_set_mac_address); ++EXPORT_SYMBOL(free_netdev); ++EXPORT_SYMBOL(netdev_boot_setup_check); ++EXPORT_SYMBOL(netdev_set_master); ++EXPORT_SYMBOL(netdev_state_change); ++EXPORT_SYMBOL(netif_receive_skb); ++EXPORT_SYMBOL(netif_rx); ++EXPORT_SYMBOL(register_gifconf); ++EXPORT_SYMBOL(register_netdevice); ++EXPORT_SYMBOL(register_netdevice_notifier); ++EXPORT_SYMBOL(skb_checksum_help); ++EXPORT_SYMBOL(synchronize_net); ++EXPORT_SYMBOL(unregister_netdevice); ++EXPORT_SYMBOL(unregister_netdevice_notifier); ++EXPORT_SYMBOL(net_enable_timestamp); ++EXPORT_SYMBOL(net_disable_timestamp); ++EXPORT_SYMBOL(dev_get_flags); ++ ++#if defined(CONFIG_BRIDGE) || defined(CONFIG_BRIDGE_MODULE) ++EXPORT_SYMBOL(br_handle_frame_hook); ++EXPORT_SYMBOL(br_fdb_get_hook); ++EXPORT_SYMBOL(br_fdb_put_hook); ++#endif ++ ++#ifdef CONFIG_KMOD ++EXPORT_SYMBOL(dev_load); ++#endif ++ ++EXPORT_PER_CPU_SYMBOL(softnet_data); +diff -Nurb linux-2.6.22-594/net/core/net_namespace.c linux-2.6.22-595/net/core/net_namespace.c +--- linux-2.6.22-594/net/core/net_namespace.c 2008-03-20 01:27:51.000000000 -0400 ++++ linux-2.6.22-595/net/core/net_namespace.c 2008-03-20 01:28:00.000000000 -0400 +@@ -112,10 +112,12 @@ + ops = list_entry(ptr, struct pernet_operations, list); + if (ops->init) { + error = ops->init(net); +- if (error < 0) ++ if (error < 0) { ++ printk(KERN_ALERT "Error setting up netns: %x\n", ops->init); + goto out_undo; + } + } ++ } + out: + return error; + out_undo: +diff -Nurb linux-2.6.22-594/net/ipv4/af_inet.c.orig linux-2.6.22-595/net/ipv4/af_inet.c.orig +--- linux-2.6.22-594/net/ipv4/af_inet.c.orig 2008-03-20 01:27:51.000000000 -0400 ++++ linux-2.6.22-595/net/ipv4/af_inet.c.orig 1969-12-31 19:00:00.000000000 -0500 +@@ -1,1522 +0,0 @@ +-/* +- * INET An implementation of the TCP/IP protocol suite for the LINUX +- * operating system. INET is implemented using the BSD Socket +- * interface as the means of communication with the user level. +- * +- * PF_INET protocol family socket handler. +- * +- * Version: $Id: af_inet.c,v 1.137 2002/02/01 22:01:03 davem Exp $ +- * +- * Authors: Ross Biro +- * Fred N. van Kempen, +- * Florian La Roche, +- * Alan Cox, +- * +- * Changes (see also sock.c) +- * +- * piggy, +- * Karl Knutson : Socket protocol table +- * A.N.Kuznetsov : Socket death error in accept(). +- * John Richardson : Fix non blocking error in connect() +- * so sockets that fail to connect +- * don't return -EINPROGRESS. +- * Alan Cox : Asynchronous I/O support +- * Alan Cox : Keep correct socket pointer on sock +- * structures +- * when accept() ed +- * Alan Cox : Semantics of SO_LINGER aren't state +- * moved to close when you look carefully. +- * With this fixed and the accept bug fixed +- * some RPC stuff seems happier. +- * Niibe Yutaka : 4.4BSD style write async I/O +- * Alan Cox, +- * Tony Gale : Fixed reuse semantics. +- * Alan Cox : bind() shouldn't abort existing but dead +- * sockets. Stops FTP netin:.. I hope. +- * Alan Cox : bind() works correctly for RAW sockets. +- * Note that FreeBSD at least was broken +- * in this respect so be careful with +- * compatibility tests... +- * Alan Cox : routing cache support +- * Alan Cox : memzero the socket structure for +- * compactness. +- * Matt Day : nonblock connect error handler +- * Alan Cox : Allow large numbers of pending sockets +- * (eg for big web sites), but only if +- * specifically application requested. +- * Alan Cox : New buffering throughout IP. Used +- * dumbly. +- * Alan Cox : New buffering now used smartly. +- * Alan Cox : BSD rather than common sense +- * interpretation of listen. +- * Germano Caronni : Assorted small races. +- * Alan Cox : sendmsg/recvmsg basic support. +- * Alan Cox : Only sendmsg/recvmsg now supported. +- * Alan Cox : Locked down bind (see security list). +- * Alan Cox : Loosened bind a little. +- * Mike McLagan : ADD/DEL DLCI Ioctls +- * Willy Konynenberg : Transparent proxying support. +- * David S. Miller : New socket lookup architecture. +- * Some other random speedups. +- * Cyrus Durgin : Cleaned up file for kmod hacks. +- * Andi Kleen : Fix inet_stream_connect TCP race. +- * +- * This program is free software; you can redistribute it and/or +- * modify it under the terms of the GNU General Public License +- * as published by the Free Software Foundation; either version +- * 2 of the License, or (at your option) any later version. +- */ +- +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +- +-#include +-#include +- +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#ifdef CONFIG_IP_MROUTE +-#include +-#endif +-#include +- +-DEFINE_SNMP_STAT(struct linux_mib, net_statistics) __read_mostly; +- +-extern void ip_mc_drop_socket(struct sock *sk); +- +-/* The inetsw table contains everything that inet_create needs to +- * build a new socket. +- */ +-static struct list_head inetsw[SOCK_MAX]; +-static DEFINE_SPINLOCK(inetsw_lock); +- +-/* New destruction routine */ +- +-void inet_sock_destruct(struct sock *sk) +-{ +- struct inet_sock *inet = inet_sk(sk); +- +- __skb_queue_purge(&sk->sk_receive_queue); +- __skb_queue_purge(&sk->sk_error_queue); +- +- if (sk->sk_type == SOCK_STREAM && sk->sk_state != TCP_CLOSE) { +- printk("Attempt to release TCP socket in state %d %p\n", +- sk->sk_state, sk); +- return; +- } +- if (!sock_flag(sk, SOCK_DEAD)) { +- printk("Attempt to release alive inet socket %p\n", sk); +- return; +- } +- +- BUG_TRAP(!atomic_read(&sk->sk_rmem_alloc)); +- BUG_TRAP(!atomic_read(&sk->sk_wmem_alloc)); +- BUG_TRAP(!sk->sk_wmem_queued); +- BUG_TRAP(!sk->sk_forward_alloc); +- +- kfree(inet->opt); +- dst_release(sk->sk_dst_cache); +- sk_refcnt_debug_dec(sk); +-} +- +-/* +- * The routines beyond this point handle the behaviour of an AF_INET +- * socket object. Mostly it punts to the subprotocols of IP to do +- * the work. +- */ +- +-/* +- * Automatically bind an unbound socket. +- */ +- +-static int inet_autobind(struct sock *sk) +-{ +- struct inet_sock *inet; +- /* We may need to bind the socket. */ +- lock_sock(sk); +- inet = inet_sk(sk); +- if (!inet->num) { +- if (sk->sk_prot->get_port(sk, 0)) { +- release_sock(sk); +- return -EAGAIN; +- } +- inet->sport = htons(inet->num); +- sk->sk_xid = vx_current_xid(); +- sk->sk_nid = nx_current_nid(); +- } +- release_sock(sk); +- return 0; +-} +- +-/* +- * Move a socket into listening state. +- */ +-int inet_listen(struct socket *sock, int backlog) +-{ +- struct sock *sk = sock->sk; +- unsigned char old_state; +- int err; +- +- lock_sock(sk); +- +- err = -EINVAL; +- if (sock->state != SS_UNCONNECTED || sock->type != SOCK_STREAM) +- goto out; +- +- old_state = sk->sk_state; +- if (!((1 << old_state) & (TCPF_CLOSE | TCPF_LISTEN))) +- goto out; +- +- /* Really, if the socket is already in listen state +- * we can only allow the backlog to be adjusted. +- */ +- if (old_state != TCP_LISTEN) { +- err = inet_csk_listen_start(sk, backlog); +- if (err) +- goto out; +- } +- sk->sk_max_ack_backlog = backlog; +- err = 0; +- +-out: +- release_sock(sk); +- return err; +-} +- +-u32 inet_ehash_secret __read_mostly; +-EXPORT_SYMBOL(inet_ehash_secret); +- +-/* +- * inet_ehash_secret must be set exactly once +- * Instead of using a dedicated spinlock, we (ab)use inetsw_lock +- */ +-void build_ehash_secret(void) +-{ +- u32 rnd; +- do { +- get_random_bytes(&rnd, sizeof(rnd)); +- } while (rnd == 0); +- spin_lock_bh(&inetsw_lock); +- if (!inet_ehash_secret) +- inet_ehash_secret = rnd; +- spin_unlock_bh(&inetsw_lock); +-} +-EXPORT_SYMBOL(build_ehash_secret); +- +-/* +- * Create an inet socket. +- */ +- +-static int inet_create(struct socket *sock, int protocol) +-{ +- struct sock *sk; +- struct list_head *p; +- struct inet_protosw *answer; +- struct inet_sock *inet; +- struct proto *answer_prot; +- unsigned char answer_flags; +- char answer_no_check; +- int try_loading_module = 0; +- int err; +- +- if (sock->type != SOCK_RAW && +- sock->type != SOCK_DGRAM && +- !inet_ehash_secret) +- build_ehash_secret(); +- +- sock->state = SS_UNCONNECTED; +- +- /* Look for the requested type/protocol pair. */ +- answer = NULL; +-lookup_protocol: +- err = -ESOCKTNOSUPPORT; +- rcu_read_lock(); +- list_for_each_rcu(p, &inetsw[sock->type]) { +- answer = list_entry(p, struct inet_protosw, list); +- +- /* Check the non-wild match. */ +- if (protocol == answer->protocol) { +- if (protocol != IPPROTO_IP) +- break; +- } else { +- /* Check for the two wild cases. */ +- if (IPPROTO_IP == protocol) { +- protocol = answer->protocol; +- break; +- } +- if (IPPROTO_IP == answer->protocol) +- break; +- } +- err = -EPROTONOSUPPORT; +- answer = NULL; +- } +- +- if (unlikely(answer == NULL)) { +- if (try_loading_module < 2) { +- rcu_read_unlock(); +- /* +- * Be more specific, e.g. net-pf-2-proto-132-type-1 +- * (net-pf-PF_INET-proto-IPPROTO_SCTP-type-SOCK_STREAM) +- */ +- if (++try_loading_module == 1) +- request_module("net-pf-%d-proto-%d-type-%d", +- PF_INET, protocol, sock->type); +- /* +- * Fall back to generic, e.g. net-pf-2-proto-132 +- * (net-pf-PF_INET-proto-IPPROTO_SCTP) +- */ +- else +- request_module("net-pf-%d-proto-%d", +- PF_INET, protocol); +- goto lookup_protocol; +- } else +- goto out_rcu_unlock; +- } +- +- err = -EPERM; +- if ((protocol == IPPROTO_ICMP) && +- nx_capable(answer->capability, NXC_RAW_ICMP)) +- goto override; +- if (sock->type == SOCK_RAW && +- nx_capable(answer->capability, NXC_RAW_SOCKET)) +- goto override; +- if (answer->capability > 0 && !capable(answer->capability)) +- goto out_rcu_unlock; +-override: +- sock->ops = answer->ops; +- answer_prot = answer->prot; +- answer_no_check = answer->no_check; +- answer_flags = answer->flags; +- rcu_read_unlock(); +- +- BUG_TRAP(answer_prot->slab != NULL); +- +- err = -ENOBUFS; +- sk = sk_alloc(PF_INET, GFP_KERNEL, answer_prot, 1); +- if (sk == NULL) +- goto out; +- +- err = 0; +- sk->sk_no_check = answer_no_check; +- if (INET_PROTOSW_REUSE & answer_flags) +- sk->sk_reuse = 1; +- +- inet = inet_sk(sk); +- inet->is_icsk = (INET_PROTOSW_ICSK & answer_flags) != 0; +- +- if (SOCK_RAW == sock->type) { +- inet->num = protocol; +- if (IPPROTO_RAW == protocol) +- inet->hdrincl = 1; +- } +- +- if (ipv4_config.no_pmtu_disc) +- inet->pmtudisc = IP_PMTUDISC_DONT; +- else +- inet->pmtudisc = IP_PMTUDISC_WANT; +- +- inet->id = 0; +- +- sock_init_data(sock, sk); +- +- sk->sk_destruct = inet_sock_destruct; +- sk->sk_family = PF_INET; +- sk->sk_protocol = protocol; +- sk->sk_backlog_rcv = sk->sk_prot->backlog_rcv; +- +- inet->uc_ttl = -1; +- inet->mc_loop = 1; +- inet->mc_ttl = 1; +- inet->mc_index = 0; +- inet->mc_list = NULL; +- +- sk_refcnt_debug_inc(sk); +- +- if (inet->num) { +- /* It assumes that any protocol which allows +- * the user to assign a number at socket +- * creation time automatically +- * shares. +- */ +- inet->sport = htons(inet->num); +- /* Add to protocol hash chains. */ +- sk->sk_prot->hash(sk); +- } +- +- if (sk->sk_prot->init) { +- err = sk->sk_prot->init(sk); +- if (err) +- sk_common_release(sk); +- } +-out: +- return err; +-out_rcu_unlock: +- rcu_read_unlock(); +- goto out; +-} +- +- +-/* +- * The peer socket should always be NULL (or else). When we call this +- * function we are destroying the object and from then on nobody +- * should refer to it. +- */ +-int inet_release(struct socket *sock) +-{ +- struct sock *sk = sock->sk; +- +- if (sk) { +- long timeout; +- +- /* Applications forget to leave groups before exiting */ +- ip_mc_drop_socket(sk); +- +- /* If linger is set, we don't return until the close +- * is complete. Otherwise we return immediately. The +- * actually closing is done the same either way. +- * +- * If the close is due to the process exiting, we never +- * linger.. +- */ +- timeout = 0; +- if (sock_flag(sk, SOCK_LINGER) && +- !(current->flags & PF_EXITING)) +- timeout = sk->sk_lingertime; +- sock->sk = NULL; +- sk->sk_prot->close(sk, timeout); +- } +- return 0; +-} +- +-/* It is off by default, see below. */ +-int sysctl_ip_nonlocal_bind __read_mostly; +- +-int inet_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len) +-{ +- struct sockaddr_in *addr = (struct sockaddr_in *)uaddr; +- struct sock *sk = sock->sk; +- struct inet_sock *inet = inet_sk(sk); +- struct nx_v4_sock_addr nsa; +- unsigned short snum; +- int chk_addr_ret; +- int err; +- +- /* If the socket has its own bind function then use it. (RAW) */ +- if (sk->sk_prot->bind) { +- err = sk->sk_prot->bind(sk, uaddr, addr_len); +- goto out; +- } +- err = -EINVAL; +- if (addr_len < sizeof(struct sockaddr_in)) +- goto out; +- +- err = v4_map_sock_addr(inet, addr, &nsa); +- if (err) +- goto out; +- +- chk_addr_ret = inet_addr_type(nsa.saddr); +- +- /* Not specified by any standard per-se, however it breaks too +- * many applications when removed. It is unfortunate since +- * allowing applications to make a non-local bind solves +- * several problems with systems using dynamic addressing. +- * (ie. your servers still start up even if your ISDN link +- * is temporarily down) +- */ +- err = -EADDRNOTAVAIL; +- if (!sysctl_ip_nonlocal_bind && +- !inet->freebind && +- nsa.saddr != INADDR_ANY && +- chk_addr_ret != RTN_LOCAL && +- chk_addr_ret != RTN_MULTICAST && +- chk_addr_ret != RTN_BROADCAST) +- goto out; +- +- snum = ntohs(addr->sin_port); +- err = -EACCES; +- if (snum && snum < PROT_SOCK && !capable(CAP_NET_BIND_SERVICE)) +- goto out; +- +- /* We keep a pair of addresses. rcv_saddr is the one +- * used by hash lookups, and saddr is used for transmit. +- * +- * In the BSD API these are the same except where it +- * would be illegal to use them (multicast/broadcast) in +- * which case the sending device address is used. +- */ +- lock_sock(sk); +- +- /* Check these errors (active socket, double bind). */ +- err = -EINVAL; +- if (sk->sk_state != TCP_CLOSE || inet->num) +- goto out_release_sock; +- +- v4_set_sock_addr(inet, &nsa); +- if (chk_addr_ret == RTN_MULTICAST || chk_addr_ret == RTN_BROADCAST) +- inet->saddr = 0; /* Use device */ +- +- /* Make sure we are allowed to bind here. */ +- if (sk->sk_prot->get_port(sk, snum)) { +- inet->saddr = inet->rcv_saddr = 0; +- err = -EADDRINUSE; +- goto out_release_sock; +- } +- +- if (inet->rcv_saddr) +- sk->sk_userlocks |= SOCK_BINDADDR_LOCK; +- if (snum) +- sk->sk_userlocks |= SOCK_BINDPORT_LOCK; +- inet->sport = htons(inet->num); +- inet->daddr = 0; +- inet->dport = 0; +- sk_dst_reset(sk); +- err = 0; +-out_release_sock: +- release_sock(sk); +-out: +- return err; +-} +- +-int inet_dgram_connect(struct socket *sock, struct sockaddr * uaddr, +- int addr_len, int flags) +-{ +- struct sock *sk = sock->sk; +- +- if (uaddr->sa_family == AF_UNSPEC) +- return sk->sk_prot->disconnect(sk, flags); +- +- if (!inet_sk(sk)->num && inet_autobind(sk)) +- return -EAGAIN; +- return sk->sk_prot->connect(sk, (struct sockaddr *)uaddr, addr_len); +-} +- +-static long inet_wait_for_connect(struct sock *sk, long timeo) +-{ +- DEFINE_WAIT(wait); +- +- prepare_to_wait(sk->sk_sleep, &wait, TASK_INTERRUPTIBLE); +- +- /* Basic assumption: if someone sets sk->sk_err, he _must_ +- * change state of the socket from TCP_SYN_*. +- * Connect() does not allow to get error notifications +- * without closing the socket. +- */ +- while ((1 << sk->sk_state) & (TCPF_SYN_SENT | TCPF_SYN_RECV)) { +- release_sock(sk); +- timeo = schedule_timeout(timeo); +- lock_sock(sk); +- if (signal_pending(current) || !timeo) +- break; +- prepare_to_wait(sk->sk_sleep, &wait, TASK_INTERRUPTIBLE); +- } +- finish_wait(sk->sk_sleep, &wait); +- return timeo; +-} +- +-/* +- * Connect to a remote host. There is regrettably still a little +- * TCP 'magic' in here. +- */ +-int inet_stream_connect(struct socket *sock, struct sockaddr *uaddr, +- int addr_len, int flags) +-{ +- struct sock *sk = sock->sk; +- int err; +- long timeo; +- +- lock_sock(sk); +- +- if (uaddr->sa_family == AF_UNSPEC) { +- err = sk->sk_prot->disconnect(sk, flags); +- sock->state = err ? SS_DISCONNECTING : SS_UNCONNECTED; +- goto out; +- } +- +- switch (sock->state) { +- default: +- err = -EINVAL; +- goto out; +- case SS_CONNECTED: +- err = -EISCONN; +- goto out; +- case SS_CONNECTING: +- err = -EALREADY; +- /* Fall out of switch with err, set for this state */ +- break; +- case SS_UNCONNECTED: +- err = -EISCONN; +- if (sk->sk_state != TCP_CLOSE) +- goto out; +- +- err = sk->sk_prot->connect(sk, uaddr, addr_len); +- if (err < 0) +- goto out; +- +- sock->state = SS_CONNECTING; +- +- /* Just entered SS_CONNECTING state; the only +- * difference is that return value in non-blocking +- * case is EINPROGRESS, rather than EALREADY. +- */ +- err = -EINPROGRESS; +- break; +- } +- +- timeo = sock_sndtimeo(sk, flags & O_NONBLOCK); +- +- if ((1 << sk->sk_state) & (TCPF_SYN_SENT | TCPF_SYN_RECV)) { +- /* Error code is set above */ +- if (!timeo || !inet_wait_for_connect(sk, timeo)) +- goto out; +- +- err = sock_intr_errno(timeo); +- if (signal_pending(current)) +- goto out; +- } +- +- /* Connection was closed by RST, timeout, ICMP error +- * or another process disconnected us. +- */ +- if (sk->sk_state == TCP_CLOSE) +- goto sock_error; +- +- /* sk->sk_err may be not zero now, if RECVERR was ordered by user +- * and error was received after socket entered established state. +- * Hence, it is handled normally after connect() return successfully. +- */ +- +- sock->state = SS_CONNECTED; +- err = 0; +-out: +- release_sock(sk); +- return err; +- +-sock_error: +- err = sock_error(sk) ? : -ECONNABORTED; +- sock->state = SS_UNCONNECTED; +- if (sk->sk_prot->disconnect(sk, flags)) +- sock->state = SS_DISCONNECTING; +- goto out; +-} +- +-/* +- * Accept a pending connection. The TCP layer now gives BSD semantics. +- */ +- +-int inet_accept(struct socket *sock, struct socket *newsock, int flags) +-{ +- struct sock *sk1 = sock->sk; +- int err = -EINVAL; +- struct sock *sk2 = sk1->sk_prot->accept(sk1, flags, &err); +- +- if (!sk2) +- goto do_err; +- +- lock_sock(sk2); +- +- BUG_TRAP((1 << sk2->sk_state) & +- (TCPF_ESTABLISHED | TCPF_CLOSE_WAIT | TCPF_CLOSE)); +- +- sock_graft(sk2, newsock); +- +- newsock->state = SS_CONNECTED; +- err = 0; +- release_sock(sk2); +-do_err: +- return err; +-} +- +- +-/* +- * This does both peername and sockname. +- */ +-int inet_getname(struct socket *sock, struct sockaddr *uaddr, +- int *uaddr_len, int peer) +-{ +- struct sock *sk = sock->sk; +- struct inet_sock *inet = inet_sk(sk); +- struct sockaddr_in *sin = (struct sockaddr_in *)uaddr; +- +- sin->sin_family = AF_INET; +- if (peer) { +- if (!inet->dport || +- (((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_SYN_SENT)) && +- peer == 1)) +- return -ENOTCONN; +- sin->sin_port = inet->dport; +- sin->sin_addr.s_addr = +- nx_map_sock_lback(sk->sk_nx_info, inet->daddr); +- } else { +- __be32 addr = inet->rcv_saddr; +- if (!addr) +- addr = inet->saddr; +- addr = nx_map_sock_lback(sk->sk_nx_info, addr); +- sin->sin_port = inet->sport; +- sin->sin_addr.s_addr = addr; +- } +- memset(sin->sin_zero, 0, sizeof(sin->sin_zero)); +- *uaddr_len = sizeof(*sin); +- return 0; +-} +- +-int inet_sendmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, +- size_t size) +-{ +- struct sock *sk = sock->sk; +- +- /* We may need to bind the socket. */ +- if (!inet_sk(sk)->num && inet_autobind(sk)) +- return -EAGAIN; +- +- return sk->sk_prot->sendmsg(iocb, sk, msg, size); +-} +- +- +-static ssize_t inet_sendpage(struct socket *sock, struct page *page, int offset, size_t size, int flags) +-{ +- struct sock *sk = sock->sk; +- +- /* We may need to bind the socket. */ +- if (!inet_sk(sk)->num && inet_autobind(sk)) +- return -EAGAIN; +- +- if (sk->sk_prot->sendpage) +- return sk->sk_prot->sendpage(sk, page, offset, size, flags); +- return sock_no_sendpage(sock, page, offset, size, flags); +-} +- +- +-int inet_shutdown(struct socket *sock, int how) +-{ +- struct sock *sk = sock->sk; +- int err = 0; +- +- /* This should really check to make sure +- * the socket is a TCP socket. (WHY AC...) +- */ +- how++; /* maps 0->1 has the advantage of making bit 1 rcvs and +- 1->2 bit 2 snds. +- 2->3 */ +- if ((how & ~SHUTDOWN_MASK) || !how) /* MAXINT->0 */ +- return -EINVAL; +- +- lock_sock(sk); +- if (sock->state == SS_CONNECTING) { +- if ((1 << sk->sk_state) & +- (TCPF_SYN_SENT | TCPF_SYN_RECV | TCPF_CLOSE)) +- sock->state = SS_DISCONNECTING; +- else +- sock->state = SS_CONNECTED; +- } +- +- switch (sk->sk_state) { +- case TCP_CLOSE: +- err = -ENOTCONN; +- /* Hack to wake up other listeners, who can poll for +- POLLHUP, even on eg. unconnected UDP sockets -- RR */ +- default: +- sk->sk_shutdown |= how; +- if (sk->sk_prot->shutdown) +- sk->sk_prot->shutdown(sk, how); +- break; +- +- /* Remaining two branches are temporary solution for missing +- * close() in multithreaded environment. It is _not_ a good idea, +- * but we have no choice until close() is repaired at VFS level. +- */ +- case TCP_LISTEN: +- if (!(how & RCV_SHUTDOWN)) +- break; +- /* Fall through */ +- case TCP_SYN_SENT: +- err = sk->sk_prot->disconnect(sk, O_NONBLOCK); +- sock->state = err ? SS_DISCONNECTING : SS_UNCONNECTED; +- break; +- } +- +- /* Wake up anyone sleeping in poll. */ +- sk->sk_state_change(sk); +- release_sock(sk); +- return err; +-} +- +-/* +- * ioctl() calls you can issue on an INET socket. Most of these are +- * device configuration and stuff and very rarely used. Some ioctls +- * pass on to the socket itself. +- * +- * NOTE: I like the idea of a module for the config stuff. ie ifconfig +- * loads the devconfigure module does its configuring and unloads it. +- * There's a good 20K of config code hanging around the kernel. +- */ +- +-int inet_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) +-{ +- struct sock *sk = sock->sk; +- int err = 0; +- +- switch (cmd) { +- case SIOCGSTAMP: +- err = sock_get_timestamp(sk, (struct timeval __user *)arg); +- break; +- case SIOCGSTAMPNS: +- err = sock_get_timestampns(sk, (struct timespec __user *)arg); +- break; +- case SIOCADDRT: +- case SIOCDELRT: +- case SIOCRTMSG: +- err = ip_rt_ioctl(cmd, (void __user *)arg); +- break; +- case SIOCDARP: +- case SIOCGARP: +- case SIOCSARP: +- err = arp_ioctl(cmd, (void __user *)arg); +- break; +- case SIOCGIFADDR: +- case SIOCSIFADDR: +- case SIOCGIFBRDADDR: +- case SIOCSIFBRDADDR: +- case SIOCGIFNETMASK: +- case SIOCSIFNETMASK: +- case SIOCGIFDSTADDR: +- case SIOCSIFDSTADDR: +- case SIOCSIFPFLAGS: +- case SIOCGIFPFLAGS: +- case SIOCSIFFLAGS: +- err = devinet_ioctl(cmd, (void __user *)arg); +- break; +- default: +- if (sk->sk_prot->ioctl) +- err = sk->sk_prot->ioctl(sk, cmd, arg); +- else +- err = -ENOIOCTLCMD; +- break; +- } +- return err; +-} +- +-const struct proto_ops inet_stream_ops = { +- .family = PF_INET, +- .owner = THIS_MODULE, +- .release = inet_release, +- .bind = inet_bind, +- .connect = inet_stream_connect, +- .socketpair = sock_no_socketpair, +- .accept = inet_accept, +- .getname = inet_getname, +- .poll = tcp_poll, +- .ioctl = inet_ioctl, +- .listen = inet_listen, +- .shutdown = inet_shutdown, +- .setsockopt = sock_common_setsockopt, +- .getsockopt = sock_common_getsockopt, +- .sendmsg = tcp_sendmsg, +- .recvmsg = sock_common_recvmsg, +- .mmap = sock_no_mmap, +- .sendpage = tcp_sendpage, +-#ifdef CONFIG_COMPAT +- .compat_setsockopt = compat_sock_common_setsockopt, +- .compat_getsockopt = compat_sock_common_getsockopt, +-#endif +-}; +- +-const struct proto_ops inet_dgram_ops = { +- .family = PF_INET, +- .owner = THIS_MODULE, +- .release = inet_release, +- .bind = inet_bind, +- .connect = inet_dgram_connect, +- .socketpair = sock_no_socketpair, +- .accept = sock_no_accept, +- .getname = inet_getname, +- .poll = udp_poll, +- .ioctl = inet_ioctl, +- .listen = sock_no_listen, +- .shutdown = inet_shutdown, +- .setsockopt = sock_common_setsockopt, +- .getsockopt = sock_common_getsockopt, +- .sendmsg = inet_sendmsg, +- .recvmsg = sock_common_recvmsg, +- .mmap = sock_no_mmap, +- .sendpage = inet_sendpage, +-#ifdef CONFIG_COMPAT +- .compat_setsockopt = compat_sock_common_setsockopt, +- .compat_getsockopt = compat_sock_common_getsockopt, +-#endif +-}; +- +-/* +- * For SOCK_RAW sockets; should be the same as inet_dgram_ops but without +- * udp_poll +- */ +-static const struct proto_ops inet_sockraw_ops = { +- .family = PF_INET, +- .owner = THIS_MODULE, +- .release = inet_release, +- .bind = inet_bind, +- .connect = inet_dgram_connect, +- .socketpair = sock_no_socketpair, +- .accept = sock_no_accept, +- .getname = inet_getname, +- .poll = datagram_poll, +- .ioctl = inet_ioctl, +- .listen = sock_no_listen, +- .shutdown = inet_shutdown, +- .setsockopt = sock_common_setsockopt, +- .getsockopt = sock_common_getsockopt, +- .sendmsg = inet_sendmsg, +- .recvmsg = sock_common_recvmsg, +- .mmap = sock_no_mmap, +- .sendpage = inet_sendpage, +-#ifdef CONFIG_COMPAT +- .compat_setsockopt = compat_sock_common_setsockopt, +- .compat_getsockopt = compat_sock_common_getsockopt, +-#endif +-}; +- +-static struct net_proto_family inet_family_ops = { +- .family = PF_INET, +- .create = inet_create, +- .owner = THIS_MODULE, +-}; +- +-/* Upon startup we insert all the elements in inetsw_array[] into +- * the linked list inetsw. +- */ +-static struct inet_protosw inetsw_array[] = +-{ +- { +- .type = SOCK_STREAM, +- .protocol = IPPROTO_TCP, +- .prot = &tcp_prot, +- .ops = &inet_stream_ops, +- .capability = -1, +- .no_check = 0, +- .flags = INET_PROTOSW_PERMANENT | +- INET_PROTOSW_ICSK, +- }, +- +- { +- .type = SOCK_DGRAM, +- .protocol = IPPROTO_UDP, +- .prot = &udp_prot, +- .ops = &inet_dgram_ops, +- .capability = -1, +- .no_check = UDP_CSUM_DEFAULT, +- .flags = INET_PROTOSW_PERMANENT, +- }, +- +- +- { +- .type = SOCK_RAW, +- .protocol = IPPROTO_IP, /* wild card */ +- .prot = &raw_prot, +- .ops = &inet_sockraw_ops, +- .capability = CAP_NET_RAW, +- .no_check = UDP_CSUM_DEFAULT, +- .flags = INET_PROTOSW_REUSE, +- } +-}; +- +-#define INETSW_ARRAY_LEN (sizeof(inetsw_array) / sizeof(struct inet_protosw)) +- +-void inet_register_protosw(struct inet_protosw *p) +-{ +- struct list_head *lh; +- struct inet_protosw *answer; +- int protocol = p->protocol; +- struct list_head *last_perm; +- +- spin_lock_bh(&inetsw_lock); +- +- if (p->type >= SOCK_MAX) +- goto out_illegal; +- +- /* If we are trying to override a permanent protocol, bail. */ +- answer = NULL; +- last_perm = &inetsw[p->type]; +- list_for_each(lh, &inetsw[p->type]) { +- answer = list_entry(lh, struct inet_protosw, list); +- +- /* Check only the non-wild match. */ +- if (INET_PROTOSW_PERMANENT & answer->flags) { +- if (protocol == answer->protocol) +- break; +- last_perm = lh; +- } +- +- answer = NULL; +- } +- if (answer) +- goto out_permanent; +- +- /* Add the new entry after the last permanent entry if any, so that +- * the new entry does not override a permanent entry when matched with +- * a wild-card protocol. But it is allowed to override any existing +- * non-permanent entry. This means that when we remove this entry, the +- * system automatically returns to the old behavior. +- */ +- list_add_rcu(&p->list, last_perm); +-out: +- spin_unlock_bh(&inetsw_lock); +- +- synchronize_net(); +- +- return; +- +-out_permanent: +- printk(KERN_ERR "Attempt to override permanent protocol %d.\n", +- protocol); +- goto out; +- +-out_illegal: +- printk(KERN_ERR +- "Ignoring attempt to register invalid socket type %d.\n", +- p->type); +- goto out; +-} +- +-void inet_unregister_protosw(struct inet_protosw *p) +-{ +- if (INET_PROTOSW_PERMANENT & p->flags) { +- printk(KERN_ERR +- "Attempt to unregister permanent protocol %d.\n", +- p->protocol); +- } else { +- spin_lock_bh(&inetsw_lock); +- list_del_rcu(&p->list); +- spin_unlock_bh(&inetsw_lock); +- +- synchronize_net(); +- } +-} +- +-/* +- * Shall we try to damage output packets if routing dev changes? +- */ +- +-int sysctl_ip_dynaddr __read_mostly; +- +-static int inet_sk_reselect_saddr(struct sock *sk) +-{ +- struct inet_sock *inet = inet_sk(sk); +- int err; +- struct rtable *rt; +- __be32 old_saddr = inet->saddr; +- __be32 new_saddr; +- __be32 daddr = inet->daddr; +- +- if (inet->opt && inet->opt->srr) +- daddr = inet->opt->faddr; +- +- /* Query new route. */ +- err = ip_route_connect(&rt, daddr, 0, +- RT_CONN_FLAGS(sk), +- sk->sk_bound_dev_if, +- sk->sk_protocol, +- inet->sport, inet->dport, sk, 0); +- if (err) +- return err; +- +- sk_setup_caps(sk, &rt->u.dst); +- +- new_saddr = rt->rt_src; +- +- if (new_saddr == old_saddr) +- return 0; +- +- if (sysctl_ip_dynaddr > 1) { +- printk(KERN_INFO "%s(): shifting inet->" +- "saddr from %d.%d.%d.%d to %d.%d.%d.%d\n", +- __FUNCTION__, +- NIPQUAD(old_saddr), +- NIPQUAD(new_saddr)); +- } +- +- inet->saddr = inet->rcv_saddr = new_saddr; +- +- /* +- * XXX The only one ugly spot where we need to +- * XXX really change the sockets identity after +- * XXX it has entered the hashes. -DaveM +- * +- * Besides that, it does not check for connection +- * uniqueness. Wait for troubles. +- */ +- __sk_prot_rehash(sk); +- return 0; +-} +- +-int inet_sk_rebuild_header(struct sock *sk) +-{ +- struct inet_sock *inet = inet_sk(sk); +- struct rtable *rt = (struct rtable *)__sk_dst_check(sk, 0); +- __be32 daddr; +- int err; +- +- /* Route is OK, nothing to do. */ +- if (rt) +- return 0; +- +- /* Reroute. */ +- daddr = inet->daddr; +- if (inet->opt && inet->opt->srr) +- daddr = inet->opt->faddr; +-{ +- struct flowi fl = { +- .oif = sk->sk_bound_dev_if, +- .nl_u = { +- .ip4_u = { +- .daddr = daddr, +- .saddr = inet->saddr, +- .tos = RT_CONN_FLAGS(sk), +- }, +- }, +- .proto = sk->sk_protocol, +- .uli_u = { +- .ports = { +- .sport = inet->sport, +- .dport = inet->dport, +- }, +- }, +- }; +- +- security_sk_classify_flow(sk, &fl); +- err = ip_route_output_flow(&rt, &fl, sk, 0); +-} +- if (!err) +- sk_setup_caps(sk, &rt->u.dst); +- else { +- /* Routing failed... */ +- sk->sk_route_caps = 0; +- /* +- * Other protocols have to map its equivalent state to TCP_SYN_SENT. +- * DCCP maps its DCCP_REQUESTING state to TCP_SYN_SENT. -acme +- */ +- if (!sysctl_ip_dynaddr || +- sk->sk_state != TCP_SYN_SENT || +- (sk->sk_userlocks & SOCK_BINDADDR_LOCK) || +- (err = inet_sk_reselect_saddr(sk)) != 0) +- sk->sk_err_soft = -err; +- } +- +- return err; +-} +- +-EXPORT_SYMBOL(inet_sk_rebuild_header); +- +-static int inet_gso_send_check(struct sk_buff *skb) +-{ +- struct iphdr *iph; +- struct net_protocol *ops; +- int proto; +- int ihl; +- int err = -EINVAL; +- +- if (unlikely(!pskb_may_pull(skb, sizeof(*iph)))) +- goto out; +- +- iph = ip_hdr(skb); +- ihl = iph->ihl * 4; +- if (ihl < sizeof(*iph)) +- goto out; +- +- if (unlikely(!pskb_may_pull(skb, ihl))) +- goto out; +- +- __skb_pull(skb, ihl); +- skb_reset_transport_header(skb); +- iph = ip_hdr(skb); +- proto = iph->protocol & (MAX_INET_PROTOS - 1); +- err = -EPROTONOSUPPORT; +- +- rcu_read_lock(); +- ops = rcu_dereference(inet_protos[proto]); +- if (likely(ops && ops->gso_send_check)) +- err = ops->gso_send_check(skb); +- rcu_read_unlock(); +- +-out: +- return err; +-} +- +-static struct sk_buff *inet_gso_segment(struct sk_buff *skb, int features) +-{ +- struct sk_buff *segs = ERR_PTR(-EINVAL); +- struct iphdr *iph; +- struct net_protocol *ops; +- int proto; +- int ihl; +- int id; +- +- if (unlikely(skb_shinfo(skb)->gso_type & +- ~(SKB_GSO_TCPV4 | +- SKB_GSO_UDP | +- SKB_GSO_DODGY | +- SKB_GSO_TCP_ECN | +- 0))) +- goto out; +- +- if (unlikely(!pskb_may_pull(skb, sizeof(*iph)))) +- goto out; +- +- iph = ip_hdr(skb); +- ihl = iph->ihl * 4; +- if (ihl < sizeof(*iph)) +- goto out; +- +- if (unlikely(!pskb_may_pull(skb, ihl))) +- goto out; +- +- __skb_pull(skb, ihl); +- skb_reset_transport_header(skb); +- iph = ip_hdr(skb); +- id = ntohs(iph->id); +- proto = iph->protocol & (MAX_INET_PROTOS - 1); +- segs = ERR_PTR(-EPROTONOSUPPORT); +- +- rcu_read_lock(); +- ops = rcu_dereference(inet_protos[proto]); +- if (likely(ops && ops->gso_segment)) +- segs = ops->gso_segment(skb, features); +- rcu_read_unlock(); +- +- if (!segs || unlikely(IS_ERR(segs))) +- goto out; +- +- skb = segs; +- do { +- iph = ip_hdr(skb); +- iph->id = htons(id++); +- iph->tot_len = htons(skb->len - skb->mac_len); +- iph->check = 0; +- iph->check = ip_fast_csum(skb_network_header(skb), iph->ihl); +- } while ((skb = skb->next)); +- +-out: +- return segs; +-} +- +-unsigned long snmp_fold_field(void *mib[], int offt) +-{ +- unsigned long res = 0; +- int i; +- +- for_each_possible_cpu(i) { +- res += *(((unsigned long *) per_cpu_ptr(mib[0], i)) + offt); +- res += *(((unsigned long *) per_cpu_ptr(mib[1], i)) + offt); +- } +- return res; +-} +-EXPORT_SYMBOL_GPL(snmp_fold_field); +- +-int snmp_mib_init(void *ptr[2], size_t mibsize, size_t mibalign) +-{ +- BUG_ON(ptr == NULL); +- ptr[0] = __alloc_percpu(mibsize); +- if (!ptr[0]) +- goto err0; +- ptr[1] = __alloc_percpu(mibsize); +- if (!ptr[1]) +- goto err1; +- return 0; +-err1: +- free_percpu(ptr[0]); +- ptr[0] = NULL; +-err0: +- return -ENOMEM; +-} +-EXPORT_SYMBOL_GPL(snmp_mib_init); +- +-void snmp_mib_free(void *ptr[2]) +-{ +- BUG_ON(ptr == NULL); +- free_percpu(ptr[0]); +- free_percpu(ptr[1]); +- ptr[0] = ptr[1] = NULL; +-} +-EXPORT_SYMBOL_GPL(snmp_mib_free); +- +-#ifdef CONFIG_IP_MULTICAST +-static struct net_protocol igmp_protocol = { +- .handler = igmp_rcv, +-}; +-#endif +- +-static struct net_protocol tcp_protocol = { +- .handler = tcp_v4_rcv, +- .err_handler = tcp_v4_err, +- .gso_send_check = tcp_v4_gso_send_check, +- .gso_segment = tcp_tso_segment, +- .no_policy = 1, +-}; +- +-static struct net_protocol udp_protocol = { +- .handler = udp_rcv, +- .err_handler = udp_err, +- .no_policy = 1, +-}; +- +-static struct net_protocol icmp_protocol = { +- .handler = icmp_rcv, +-}; +- +-static int __init init_ipv4_mibs(void) +-{ +- if (snmp_mib_init((void **)net_statistics, +- sizeof(struct linux_mib), +- __alignof__(struct linux_mib)) < 0) +- goto err_net_mib; +- if (snmp_mib_init((void **)ip_statistics, +- sizeof(struct ipstats_mib), +- __alignof__(struct ipstats_mib)) < 0) +- goto err_ip_mib; +- if (snmp_mib_init((void **)icmp_statistics, +- sizeof(struct icmp_mib), +- __alignof__(struct icmp_mib)) < 0) +- goto err_icmp_mib; +- if (snmp_mib_init((void **)tcp_statistics, +- sizeof(struct tcp_mib), +- __alignof__(struct tcp_mib)) < 0) +- goto err_tcp_mib; +- if (snmp_mib_init((void **)udp_statistics, +- sizeof(struct udp_mib), +- __alignof__(struct udp_mib)) < 0) +- goto err_udp_mib; +- if (snmp_mib_init((void **)udplite_statistics, +- sizeof(struct udp_mib), +- __alignof__(struct udp_mib)) < 0) +- goto err_udplite_mib; +- +- tcp_mib_init(); +- +- return 0; +- +-err_udplite_mib: +- snmp_mib_free((void **)udp_statistics); +-err_udp_mib: +- snmp_mib_free((void **)tcp_statistics); +-err_tcp_mib: +- snmp_mib_free((void **)icmp_statistics); +-err_icmp_mib: +- snmp_mib_free((void **)ip_statistics); +-err_ip_mib: +- snmp_mib_free((void **)net_statistics); +-err_net_mib: +- return -ENOMEM; +-} +- +-static int ipv4_proc_init(void); +- +-/* +- * IP protocol layer initialiser +- */ +- +-static struct packet_type ip_packet_type = { +- .type = __constant_htons(ETH_P_IP), +- .func = ip_rcv, +- .gso_send_check = inet_gso_send_check, +- .gso_segment = inet_gso_segment, +-}; +- +-static int __init inet_init(void) +-{ +- struct sk_buff *dummy_skb; +- struct inet_protosw *q; +- struct list_head *r; +- int rc = -EINVAL; +- +- BUILD_BUG_ON(sizeof(struct inet_skb_parm) > sizeof(dummy_skb->cb)); +- +- rc = proto_register(&tcp_prot, 1); +- if (rc) +- goto out; +- +- rc = proto_register(&udp_prot, 1); +- if (rc) +- goto out_unregister_tcp_proto; +- +- rc = proto_register(&raw_prot, 1); +- if (rc) +- goto out_unregister_udp_proto; +- +- /* +- * Tell SOCKET that we are alive... +- */ +- +- (void)sock_register(&inet_family_ops); +- +- /* +- * Add all the base protocols. +- */ +- +- if (inet_add_protocol(&icmp_protocol, IPPROTO_ICMP) < 0) +- printk(KERN_CRIT "inet_init: Cannot add ICMP protocol\n"); +- if (inet_add_protocol(&udp_protocol, IPPROTO_UDP) < 0) +- printk(KERN_CRIT "inet_init: Cannot add UDP protocol\n"); +- if (inet_add_protocol(&tcp_protocol, IPPROTO_TCP) < 0) +- printk(KERN_CRIT "inet_init: Cannot add TCP protocol\n"); +-#ifdef CONFIG_IP_MULTICAST +- if (inet_add_protocol(&igmp_protocol, IPPROTO_IGMP) < 0) +- printk(KERN_CRIT "inet_init: Cannot add IGMP protocol\n"); +-#endif +- +- /* Register the socket-side information for inet_create. */ +- for (r = &inetsw[0]; r < &inetsw[SOCK_MAX]; ++r) +- INIT_LIST_HEAD(r); +- +- for (q = inetsw_array; q < &inetsw_array[INETSW_ARRAY_LEN]; ++q) +- inet_register_protosw(q); +- +- /* +- * Set the ARP module up +- */ +- +- arp_init(); +- +- /* +- * Set the IP module up +- */ +- +- ip_init(); +- +- tcp_v4_init(&inet_family_ops); +- +- /* Setup TCP slab cache for open requests. */ +- tcp_init(); +- +- /* Add UDP-Lite (RFC 3828) */ +- udplite4_register(); +- +- /* +- * Set the ICMP layer up +- */ +- +- icmp_init(&inet_family_ops); +- +- /* +- * Initialise the multicast router +- */ +-#if defined(CONFIG_IP_MROUTE) +- ip_mr_init(); +-#endif +- /* +- * Initialise per-cpu ipv4 mibs +- */ +- +- if (init_ipv4_mibs()) +- printk(KERN_CRIT "inet_init: Cannot init ipv4 mibs\n"); ; +- +- ipv4_proc_init(); +- +- ipfrag_init(); +- +- dev_add_pack(&ip_packet_type); +- +- rc = 0; +-out: +- return rc; +-out_unregister_udp_proto: +- proto_unregister(&udp_prot); +-out_unregister_tcp_proto: +- proto_unregister(&tcp_prot); +- goto out; +-} +- +-fs_initcall(inet_init); +- +-/* ------------------------------------------------------------------------ */ +- +-#ifdef CONFIG_PROC_FS +-static int __init ipv4_proc_init(void) +-{ +- int rc = 0; +- +- if (raw_proc_init()) +- goto out_raw; +- if (tcp4_proc_init()) +- goto out_tcp; +- if (udp4_proc_init()) +- goto out_udp; +- if (fib_proc_init()) +- goto out_fib; +- if (ip_misc_proc_init()) +- goto out_misc; +-out: +- return rc; +-out_misc: +- fib_proc_exit(); +-out_fib: +- udp4_proc_exit(); +-out_udp: +- tcp4_proc_exit(); +-out_tcp: +- raw_proc_exit(); +-out_raw: +- rc = -ENOMEM; +- goto out; +-} +- +-#else /* CONFIG_PROC_FS */ +-static int __init ipv4_proc_init(void) +-{ +- return 0; +-} +-#endif /* CONFIG_PROC_FS */ +- +-MODULE_ALIAS_NETPROTO(PF_INET); +- +-EXPORT_SYMBOL(inet_accept); +-EXPORT_SYMBOL(inet_bind); +-EXPORT_SYMBOL(inet_dgram_connect); +-EXPORT_SYMBOL(inet_dgram_ops); +-EXPORT_SYMBOL(inet_getname); +-EXPORT_SYMBOL(inet_ioctl); +-EXPORT_SYMBOL(inet_listen); +-EXPORT_SYMBOL(inet_register_protosw); +-EXPORT_SYMBOL(inet_release); +-EXPORT_SYMBOL(inet_sendmsg); +-EXPORT_SYMBOL(inet_shutdown); +-EXPORT_SYMBOL(inet_sock_destruct); +-EXPORT_SYMBOL(inet_stream_connect); +-EXPORT_SYMBOL(inet_stream_ops); +-EXPORT_SYMBOL(inet_unregister_protosw); +-EXPORT_SYMBOL(net_statistics); +-EXPORT_SYMBOL(sysctl_ip_nonlocal_bind); +diff -Nurb linux-2.6.22-594/net/netfilter/xt_MARK.c.orig linux-2.6.22-595/net/netfilter/xt_MARK.c.orig +--- linux-2.6.22-594/net/netfilter/xt_MARK.c.orig 2008-03-20 01:27:52.000000000 -0400 ++++ linux-2.6.22-595/net/netfilter/xt_MARK.c.orig 1969-12-31 19:00:00.000000000 -0500 +@@ -1,283 +0,0 @@ +-/* This is a module which is used for setting the NFMARK field of an skb. */ +- +-/* (C) 1999-2001 Marc Boucher +- * +- * This program is free software; you can redistribute it and/or modify +- * it under the terms of the GNU General Public License version 2 as +- * published by the Free Software Foundation. +- * +- */ +- +-#include +-#include +-#include +-#include +-#include +-#include +-#include +- +-#include +-#include +-#include +- +-MODULE_LICENSE("GPL"); +-MODULE_AUTHOR("Marc Boucher "); +-MODULE_DESCRIPTION("ip[6]tables MARK modification module"); +-MODULE_ALIAS("ipt_MARK"); +-MODULE_ALIAS("ip6t_MARK"); +- +-static inline u_int16_t +-get_dst_port(struct nf_conntrack_tuple *tuple) +-{ +- switch (tuple->dst.protonum) { +- case IPPROTO_GRE: +- /* XXX Truncate 32-bit GRE key to 16 bits */ +-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,11) +- return tuple->dst.u.gre.key; +-#else +- return htons(ntohl(tuple->dst.u.gre.key)); +-#endif +- case IPPROTO_ICMP: +- /* Bind on ICMP echo ID */ +- return tuple->src.u.icmp.id; +- case IPPROTO_TCP: +- return tuple->dst.u.tcp.port; +- case IPPROTO_UDP: +- return tuple->dst.u.udp.port; +- default: +- return tuple->dst.u.all; +- } +-} +- +-static inline u_int16_t +-get_src_port(struct nf_conntrack_tuple *tuple) +-{ +- switch (tuple->dst.protonum) { +- case IPPROTO_GRE: +- /* XXX Truncate 32-bit GRE key to 16 bits */ +- return htons(ntohl(tuple->src.u.gre.key)); +- case IPPROTO_ICMP: +- /* Bind on ICMP echo ID */ +- return tuple->src.u.icmp.id; +- case IPPROTO_TCP: +- return tuple->src.u.tcp.port; +- case IPPROTO_UDP: +- return tuple->src.u.udp.port; +- default: +- return tuple->src.u.all; +- } +-} +- +-static unsigned int +-target_v0(struct sk_buff **pskb, +- const struct net_device *in, +- const struct net_device *out, +- unsigned int hooknum, +- const struct xt_target *target, +- const void *targinfo) +-{ +- const struct xt_mark_target_info *markinfo = targinfo; +- +- (*pskb)->mark = markinfo->mark; +- return XT_CONTINUE; +-} +- +-static unsigned int +-target_v1(struct sk_buff **pskb, +- const struct net_device *in, +- const struct net_device *out, +- unsigned int hooknum, +- const struct xt_target *target, +- const void *targinfo) +-{ +- const struct xt_mark_target_info_v1 *markinfo = targinfo; +- int mark = -1; +- +- switch (markinfo->mode) { +- case XT_MARK_SET: +- mark = markinfo->mark; +- break; +- +- case XT_MARK_AND: +- mark = (*pskb)->mark & markinfo->mark; +- break; +- +- case XT_MARK_OR: +- mark = (*pskb)->mark | markinfo->mark; +- break; +- +- case XT_MARK_COPYXID: { +- enum ip_conntrack_info ctinfo; +- struct sock *connection_sk=NULL; +- int dif; +- +- struct nf_conn *ct = nf_ct_get((*pskb), &ctinfo); +- extern struct inet_hashinfo tcp_hashinfo; +- enum ip_conntrack_dir dir; +- if (!ct) +- break; +- +- dir = CTINFO2DIR(ctinfo); +- u_int32_t src_ip = ct->tuplehash[dir].tuple.src.u3.ip; +- u_int16_t src_port = get_src_port(&ct->tuplehash[dir].tuple); +- u_int16_t proto = ct->tuplehash[dir].tuple.dst.protonum; +- +- u_int32_t ip; +- u_int16_t port; +- +- dif = ((struct rtable *)(*pskb)->dst)->rt_iif; +- ip = ct->tuplehash[dir].tuple.dst.u3.ip; +- port = get_dst_port(&ct->tuplehash[dir].tuple); +- +- if (proto == 1 || proto == 17) { +- if (((*pskb)->mark!=-1) && (*pskb)->mark) +- ct->xid[0]=(*pskb)->mark; +- if (ct->xid[0]) +- mark = ct->xid[0]; +- +- } +- else if (proto == 6) { +- if ((*pskb)->sk) +- connection_sk = (*pskb)->sk; +- else { +- connection_sk = inet_lookup(&tcp_hashinfo, src_ip, src_port, ip, port, dif); +- } +- +- if (connection_sk) { +- connection_sk->sk_peercred.gid = connection_sk->sk_peercred.uid = ct->xid[dir]; +- ct->xid[!dir]=connection_sk->sk_xid; +- if (connection_sk->sk_xid != 0) +- mark = connection_sk->sk_xid; +- if (connection_sk != (*pskb)->sk) +- sock_put(connection_sk); +- } +- break; +- } +- } +- } +- +- if (mark != -1) +- (*pskb)->mark = mark; +- return XT_CONTINUE; +-} +- +- +-static int +-checkentry_v0(const char *tablename, +- const void *entry, +- const struct xt_target *target, +- void *targinfo, +- unsigned int hook_mask) +-{ +- struct xt_mark_target_info *markinfo = targinfo; +- +- if (markinfo->mark > 0xffffffff) { +- printk(KERN_WARNING "MARK: Only supports 32bit wide mark\n"); +- return 0; +- } +- return 1; +-} +- +-static int +-checkentry_v1(const char *tablename, +- const void *entry, +- const struct xt_target *target, +- void *targinfo, +- unsigned int hook_mask) +-{ +- struct xt_mark_target_info_v1 *markinfo = targinfo; +- +- if (markinfo->mode != XT_MARK_SET +- && markinfo->mode != XT_MARK_AND +- && markinfo->mode != XT_MARK_OR +- && markinfo->mode != XT_MARK_COPYXID) { +- printk(KERN_WARNING "MARK: unknown mode %u\n", +- markinfo->mode); +- return 0; +- } +- if (markinfo->mark > 0xffffffff) { +- printk(KERN_WARNING "MARK: Only supports 32bit wide mark\n"); +- return 0; +- } +- return 1; +-} +- +-#ifdef CONFIG_COMPAT +-struct compat_xt_mark_target_info_v1 { +- compat_ulong_t mark; +- u_int8_t mode; +- u_int8_t __pad1; +- u_int16_t __pad2; +-}; +- +-static void compat_from_user_v1(void *dst, void *src) +-{ +- struct compat_xt_mark_target_info_v1 *cm = src; +- struct xt_mark_target_info_v1 m = { +- .mark = cm->mark, +- .mode = cm->mode, +- }; +- memcpy(dst, &m, sizeof(m)); +-} +- +-static int compat_to_user_v1(void __user *dst, void *src) +-{ +- struct xt_mark_target_info_v1 *m = src; +- struct compat_xt_mark_target_info_v1 cm = { +- .mark = m->mark, +- .mode = m->mode, +- }; +- return copy_to_user(dst, &cm, sizeof(cm)) ? -EFAULT : 0; +-} +-#endif /* CONFIG_COMPAT */ +- +-static struct xt_target xt_mark_target[] = { +- { +- .name = "MARK", +- .family = AF_INET, +- .revision = 0, +- .checkentry = checkentry_v0, +- .target = target_v0, +- .targetsize = sizeof(struct xt_mark_target_info), +- .table = "mangle", +- .me = THIS_MODULE, +- }, +- { +- .name = "MARK", +- .family = AF_INET, +- .revision = 1, +- .checkentry = checkentry_v1, +- .target = target_v1, +- .targetsize = sizeof(struct xt_mark_target_info_v1), +-#ifdef CONFIG_COMPAT +- .compatsize = sizeof(struct compat_xt_mark_target_info_v1), +- .compat_from_user = compat_from_user_v1, +- .compat_to_user = compat_to_user_v1, +-#endif +- .table = "mangle", +- .me = THIS_MODULE, +- }, +- { +- .name = "MARK", +- .family = AF_INET6, +- .revision = 0, +- .checkentry = checkentry_v0, +- .target = target_v0, +- .targetsize = sizeof(struct xt_mark_target_info), +- .table = "mangle", +- .me = THIS_MODULE, +- }, +-}; +- +-static int __init xt_mark_init(void) +-{ +- return xt_register_targets(xt_mark_target, ARRAY_SIZE(xt_mark_target)); +-} +- +-static void __exit xt_mark_fini(void) +-{ +- xt_unregister_targets(xt_mark_target, ARRAY_SIZE(xt_mark_target)); +-} +- +-module_init(xt_mark_init); +-module_exit(xt_mark_fini); +diff -Nurb linux-2.6.22-594/net/packet/af_packet.c.orig linux-2.6.22-595/net/packet/af_packet.c.orig +--- linux-2.6.22-594/net/packet/af_packet.c.orig 2008-03-20 01:27:52.000000000 -0400 ++++ linux-2.6.22-595/net/packet/af_packet.c.orig 1969-12-31 19:00:00.000000000 -0500 +@@ -1,1989 +0,0 @@ +-/* +- * INET An implementation of the TCP/IP protocol suite for the LINUX +- * operating system. INET is implemented using the BSD Socket +- * interface as the means of communication with the user level. +- * +- * PACKET - implements raw packet sockets. +- * +- * Version: $Id: af_packet.c,v 1.61 2002/02/08 03:57:19 davem Exp $ +- * +- * Authors: Ross Biro +- * Fred N. van Kempen, +- * Alan Cox, +- * +- * Fixes: +- * Alan Cox : verify_area() now used correctly +- * Alan Cox : new skbuff lists, look ma no backlogs! +- * Alan Cox : tidied skbuff lists. +- * Alan Cox : Now uses generic datagram routines I +- * added. Also fixed the peek/read crash +- * from all old Linux datagram code. +- * Alan Cox : Uses the improved datagram code. +- * Alan Cox : Added NULL's for socket options. +- * Alan Cox : Re-commented the code. +- * Alan Cox : Use new kernel side addressing +- * Rob Janssen : Correct MTU usage. +- * Dave Platt : Counter leaks caused by incorrect +- * interrupt locking and some slightly +- * dubious gcc output. Can you read +- * compiler: it said _VOLATILE_ +- * Richard Kooijman : Timestamp fixes. +- * Alan Cox : New buffers. Use sk->mac.raw. +- * Alan Cox : sendmsg/recvmsg support. +- * Alan Cox : Protocol setting support +- * Alexey Kuznetsov : Untied from IPv4 stack. +- * Cyrus Durgin : Fixed kerneld for kmod. +- * Michal Ostrowski : Module initialization cleanup. +- * Ulises Alonso : Frame number limit removal and +- * packet_set_ring memory leak. +- * Eric Biederman : Allow for > 8 byte hardware addresses. +- * The convention is that longer addresses +- * will simply extend the hardware address +- * byte arrays at the end of sockaddr_ll +- * and packet_mreq. +- * +- * This program is free software; you can redistribute it and/or +- * modify it under the terms of the GNU General Public License +- * as published by the Free Software Foundation; either version +- * 2 of the License, or (at your option) any later version. +- * +- */ +- +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +- +-#ifdef CONFIG_INET +-#include +-#endif +- +-/* +- Assumptions: +- - if device has no dev->hard_header routine, it adds and removes ll header +- inside itself. In this case ll header is invisible outside of device, +- but higher levels still should reserve dev->hard_header_len. +- Some devices are enough clever to reallocate skb, when header +- will not fit to reserved space (tunnel), another ones are silly +- (PPP). +- - packet socket receives packets with pulled ll header, +- so that SOCK_RAW should push it back. +- +-On receive: +------------ +- +-Incoming, dev->hard_header!=NULL +- mac_header -> ll header +- data -> data +- +-Outgoing, dev->hard_header!=NULL +- mac_header -> ll header +- data -> ll header +- +-Incoming, dev->hard_header==NULL +- mac_header -> UNKNOWN position. It is very likely, that it points to ll +- header. PPP makes it, that is wrong, because introduce +- assymetry between rx and tx paths. +- data -> data +- +-Outgoing, dev->hard_header==NULL +- mac_header -> data. ll header is still not built! +- data -> data +- +-Resume +- If dev->hard_header==NULL we are unlikely to restore sensible ll header. +- +- +-On transmit: +------------- +- +-dev->hard_header != NULL +- mac_header -> ll header +- data -> ll header +- +-dev->hard_header == NULL (ll header is added by device, we cannot control it) +- mac_header -> data +- data -> data +- +- We should set nh.raw on output to correct posistion, +- packet classifier depends on it. +- */ +- +-/* List of all packet sockets. */ +-static HLIST_HEAD(packet_sklist); +-static DEFINE_RWLOCK(packet_sklist_lock); +- +-static atomic_t packet_socks_nr; +- +- +-/* Private packet socket structures. */ +- +-struct packet_mclist +-{ +- struct packet_mclist *next; +- int ifindex; +- int count; +- unsigned short type; +- unsigned short alen; +- unsigned char addr[MAX_ADDR_LEN]; +-}; +-/* identical to struct packet_mreq except it has +- * a longer address field. +- */ +-struct packet_mreq_max +-{ +- int mr_ifindex; +- unsigned short mr_type; +- unsigned short mr_alen; +- unsigned char mr_address[MAX_ADDR_LEN]; +-}; +- +-#ifdef CONFIG_PACKET_MMAP +-static int packet_set_ring(struct sock *sk, struct tpacket_req *req, int closing); +-#endif +- +-static void packet_flush_mclist(struct sock *sk); +- +-struct packet_sock { +- /* struct sock has to be the first member of packet_sock */ +- struct sock sk; +- struct tpacket_stats stats; +-#ifdef CONFIG_PACKET_MMAP +- char * *pg_vec; +- unsigned int head; +- unsigned int frames_per_block; +- unsigned int frame_size; +- unsigned int frame_max; +- int copy_thresh; +-#endif +- struct packet_type prot_hook; +- spinlock_t bind_lock; +- unsigned int running:1, /* prot_hook is attached*/ +- auxdata:1, +- origdev:1; +- int ifindex; /* bound device */ +- __be16 num; +- struct packet_mclist *mclist; +-#ifdef CONFIG_PACKET_MMAP +- atomic_t mapped; +- unsigned int pg_vec_order; +- unsigned int pg_vec_pages; +- unsigned int pg_vec_len; +-#endif +-}; +- +-struct packet_skb_cb { +- unsigned int origlen; +- union { +- struct sockaddr_pkt pkt; +- struct sockaddr_ll ll; +- } sa; +-}; +- +-#define PACKET_SKB_CB(__skb) ((struct packet_skb_cb *)((__skb)->cb)) +- +-#ifdef CONFIG_PACKET_MMAP +- +-static inline struct tpacket_hdr *packet_lookup_frame(struct packet_sock *po, unsigned int position) +-{ +- unsigned int pg_vec_pos, frame_offset; +- +- pg_vec_pos = position / po->frames_per_block; +- frame_offset = position % po->frames_per_block; +- +- return (struct tpacket_hdr *)(po->pg_vec[pg_vec_pos] + (frame_offset * po->frame_size)); +-} +-#endif +- +-static inline struct packet_sock *pkt_sk(struct sock *sk) +-{ +- return (struct packet_sock *)sk; +-} +- +-static void packet_sock_destruct(struct sock *sk) +-{ +- BUG_TRAP(!atomic_read(&sk->sk_rmem_alloc)); +- BUG_TRAP(!atomic_read(&sk->sk_wmem_alloc)); +- +- if (!sock_flag(sk, SOCK_DEAD)) { +- printk("Attempt to release alive packet socket: %p\n", sk); +- return; +- } +- +- atomic_dec(&packet_socks_nr); +-#ifdef PACKET_REFCNT_DEBUG +- printk(KERN_DEBUG "PACKET socket %p is free, %d are alive\n", sk, atomic_read(&packet_socks_nr)); +-#endif +-} +- +- +-static const struct proto_ops packet_ops; +- +-static const struct proto_ops packet_ops_spkt; +- +-static int packet_rcv_spkt(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt, struct net_device *orig_dev) +-{ +- struct sock *sk; +- struct sockaddr_pkt *spkt; +- +- /* +- * When we registered the protocol we saved the socket in the data +- * field for just this event. +- */ +- +- sk = pt->af_packet_priv; +- +- /* +- * Yank back the headers [hope the device set this +- * right or kerboom...] +- * +- * Incoming packets have ll header pulled, +- * push it back. +- * +- * For outgoing ones skb->data == skb_mac_header(skb) +- * so that this procedure is noop. +- */ +- +- if (skb->pkt_type == PACKET_LOOPBACK) +- goto out; +- +- if ((skb = skb_share_check(skb, GFP_ATOMIC)) == NULL) +- goto oom; +- +- /* drop any routing info */ +- dst_release(skb->dst); +- skb->dst = NULL; +- +- /* drop conntrack reference */ +- nf_reset(skb); +- +- spkt = &PACKET_SKB_CB(skb)->sa.pkt; +- +- skb_push(skb, skb->data - skb_mac_header(skb)); +- +- /* +- * The SOCK_PACKET socket receives _all_ frames. +- */ +- +- spkt->spkt_family = dev->type; +- strlcpy(spkt->spkt_device, dev->name, sizeof(spkt->spkt_device)); +- spkt->spkt_protocol = skb->protocol; +- +- /* +- * Charge the memory to the socket. This is done specifically +- * to prevent sockets using all the memory up. +- */ +- +- if (sock_queue_rcv_skb(sk,skb) == 0) +- return 0; +- +-out: +- kfree_skb(skb); +-oom: +- return 0; +-} +- +- +-/* +- * Output a raw packet to a device layer. This bypasses all the other +- * protocol layers and you must therefore supply it with a complete frame +- */ +- +-static int packet_sendmsg_spkt(struct kiocb *iocb, struct socket *sock, +- struct msghdr *msg, size_t len) +-{ +- struct sock *sk = sock->sk; +- struct sockaddr_pkt *saddr=(struct sockaddr_pkt *)msg->msg_name; +- struct sk_buff *skb; +- struct net_device *dev; +- __be16 proto=0; +- int err; +- +- if (!nx_capable(CAP_NET_RAW, NXC_RAW_SEND)) +- return -EPERM; +- +- /* +- * Get and verify the address. +- */ +- +- if (saddr) +- { +- if (msg->msg_namelen < sizeof(struct sockaddr)) +- return(-EINVAL); +- if (msg->msg_namelen==sizeof(struct sockaddr_pkt)) +- proto=saddr->spkt_protocol; +- } +- else +- return(-ENOTCONN); /* SOCK_PACKET must be sent giving an address */ +- +- /* +- * Find the device first to size check it +- */ +- +- saddr->spkt_device[13] = 0; +- dev = dev_get_by_name(saddr->spkt_device); +- err = -ENODEV; +- if (dev == NULL) +- goto out_unlock; +- +- err = -ENETDOWN; +- if (!(dev->flags & IFF_UP)) +- goto out_unlock; +- +- /* +- * You may not queue a frame bigger than the mtu. This is the lowest level +- * raw protocol and you must do your own fragmentation at this level. +- */ +- +- err = -EMSGSIZE; +- if (len > dev->mtu + dev->hard_header_len) +- goto out_unlock; +- +- err = -ENOBUFS; +- skb = sock_wmalloc(sk, len + LL_RESERVED_SPACE(dev), 0, GFP_KERNEL); +- +- /* +- * If the write buffer is full, then tough. At this level the user gets to +- * deal with the problem - do your own algorithmic backoffs. That's far +- * more flexible. +- */ +- +- if (skb == NULL) +- goto out_unlock; +- +- /* +- * Fill it in +- */ +- +- /* FIXME: Save some space for broken drivers that write a +- * hard header at transmission time by themselves. PPP is the +- * notable one here. This should really be fixed at the driver level. +- */ +- skb_reserve(skb, LL_RESERVED_SPACE(dev)); +- skb_reset_network_header(skb); +- +- /* Try to align data part correctly */ +- if (dev->hard_header) { +- skb->data -= dev->hard_header_len; +- skb->tail -= dev->hard_header_len; +- if (len < dev->hard_header_len) +- skb_reset_network_header(skb); +- } +- +- /* Returns -EFAULT on error */ +- err = memcpy_fromiovec(skb_put(skb,len), msg->msg_iov, len); +- skb->protocol = proto; +- skb->dev = dev; +- skb->priority = sk->sk_priority; +- if (err) +- goto out_free; +- +- /* +- * Now send it +- */ +- +- dev_queue_xmit(skb); +- dev_put(dev); +- return(len); +- +-out_free: +- kfree_skb(skb); +-out_unlock: +- if (dev) +- dev_put(dev); +- return err; +-} +- +-static inline unsigned int run_filter(struct sk_buff *skb, struct sock *sk, +- unsigned int res) +-{ +- struct sk_filter *filter; +- int tag = skb->skb_tag; +- +- if (sk->sk_nx_info && !(tag == 1 || sk->sk_nid == tag)) +- return 0; +- +- rcu_read_lock_bh(); +- filter = rcu_dereference(sk->sk_filter); +- if (filter != NULL) +- res = sk_run_filter(skb, filter->insns, filter->len); +- rcu_read_unlock_bh(); +- +- return res; +-} +- +-/* +- This function makes lazy skb cloning in hope that most of packets +- are discarded by BPF. +- +- Note tricky part: we DO mangle shared skb! skb->data, skb->len +- and skb->cb are mangled. It works because (and until) packets +- falling here are owned by current CPU. Output packets are cloned +- by dev_queue_xmit_nit(), input packets are processed by net_bh +- sequencially, so that if we return skb to original state on exit, +- we will not harm anyone. +- */ +- +-static int packet_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt, struct net_device *orig_dev) +-{ +- struct sock *sk; +- struct sockaddr_ll *sll; +- struct packet_sock *po; +- u8 * skb_head = skb->data; +- int skb_len = skb->len; +- unsigned int snaplen, res; +- +- if (skb->pkt_type == PACKET_LOOPBACK) +- goto drop; +- +- sk = pt->af_packet_priv; +- po = pkt_sk(sk); +- +- skb->dev = dev; +- +- if (dev->hard_header) { +- /* The device has an explicit notion of ll header, +- exported to higher levels. +- +- Otherwise, the device hides datails of it frame +- structure, so that corresponding packet head +- never delivered to user. +- */ +- if (sk->sk_type != SOCK_DGRAM) +- skb_push(skb, skb->data - skb_mac_header(skb)); +- else if (skb->pkt_type == PACKET_OUTGOING) { +- /* Special case: outgoing packets have ll header at head */ +- skb_pull(skb, skb_network_offset(skb)); +- } +- } +- +- snaplen = skb->len; +- +- res = run_filter(skb, sk, snaplen); +- if (!res) +- goto drop_n_restore; +- if (snaplen > res) +- snaplen = res; +- +- if (atomic_read(&sk->sk_rmem_alloc) + skb->truesize >= +- (unsigned)sk->sk_rcvbuf) +- goto drop_n_acct; +- +- if (skb_shared(skb)) { +- struct sk_buff *nskb = skb_clone(skb, GFP_ATOMIC); +- if (nskb == NULL) +- goto drop_n_acct; +- +- if (skb_head != skb->data) { +- skb->data = skb_head; +- skb->len = skb_len; +- } +- kfree_skb(skb); +- skb = nskb; +- } +- +- BUILD_BUG_ON(sizeof(*PACKET_SKB_CB(skb)) + MAX_ADDR_LEN - 8 > +- sizeof(skb->cb)); +- +- sll = &PACKET_SKB_CB(skb)->sa.ll; +- sll->sll_family = AF_PACKET; +- sll->sll_hatype = dev->type; +- sll->sll_protocol = skb->protocol; +- sll->sll_pkttype = skb->pkt_type; +- if (unlikely(po->origdev) && skb->pkt_type == PACKET_HOST) +- sll->sll_ifindex = orig_dev->ifindex; +- else +- sll->sll_ifindex = dev->ifindex; +- sll->sll_halen = 0; +- +- if (dev->hard_header_parse) +- sll->sll_halen = dev->hard_header_parse(skb, sll->sll_addr); +- +- PACKET_SKB_CB(skb)->origlen = skb->len; +- +- if (pskb_trim(skb, snaplen)) +- goto drop_n_acct; +- +- skb_set_owner_r(skb, sk); +- skb->dev = NULL; +- dst_release(skb->dst); +- skb->dst = NULL; +- +- /* drop conntrack reference */ +- nf_reset(skb); +- +- spin_lock(&sk->sk_receive_queue.lock); +- po->stats.tp_packets++; +- __skb_queue_tail(&sk->sk_receive_queue, skb); +- spin_unlock(&sk->sk_receive_queue.lock); +- sk->sk_data_ready(sk, skb->len); +- return 0; +- +-drop_n_acct: +- spin_lock(&sk->sk_receive_queue.lock); +- po->stats.tp_drops++; +- spin_unlock(&sk->sk_receive_queue.lock); +- +-drop_n_restore: +- if (skb_head != skb->data && skb_shared(skb)) { +- skb->data = skb_head; +- skb->len = skb_len; +- } +-drop: +- kfree_skb(skb); +- return 0; +-} +- +-#ifdef CONFIG_PACKET_MMAP +-static int tpacket_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt, struct net_device *orig_dev) +-{ +- struct sock *sk; +- struct packet_sock *po; +- struct sockaddr_ll *sll; +- struct tpacket_hdr *h; +- u8 * skb_head = skb->data; +- int skb_len = skb->len; +- unsigned int snaplen, res; +- unsigned long status = TP_STATUS_LOSING|TP_STATUS_USER; +- unsigned short macoff, netoff; +- struct sk_buff *copy_skb = NULL; +- struct timeval tv; +- +- if (skb->pkt_type == PACKET_LOOPBACK) +- goto drop; +- +- sk = pt->af_packet_priv; +- po = pkt_sk(sk); +- +- if (dev->hard_header) { +- if (sk->sk_type != SOCK_DGRAM) +- skb_push(skb, skb->data - skb_mac_header(skb)); +- else if (skb->pkt_type == PACKET_OUTGOING) { +- /* Special case: outgoing packets have ll header at head */ +- skb_pull(skb, skb_network_offset(skb)); +- } +- } +- +- if (skb->ip_summed == CHECKSUM_PARTIAL) +- status |= TP_STATUS_CSUMNOTREADY; +- +- snaplen = skb->len; +- +- res = run_filter(skb, sk, snaplen); +- if (!res) +- goto drop_n_restore; +- if (snaplen > res) +- snaplen = res; +- +- if (sk->sk_type == SOCK_DGRAM) { +- macoff = netoff = TPACKET_ALIGN(TPACKET_HDRLEN) + 16; +- } else { +- unsigned maclen = skb_network_offset(skb); +- netoff = TPACKET_ALIGN(TPACKET_HDRLEN + (maclen < 16 ? 16 : maclen)); +- macoff = netoff - maclen; +- } +- +- if (macoff + snaplen > po->frame_size) { +- if (po->copy_thresh && +- atomic_read(&sk->sk_rmem_alloc) + skb->truesize < +- (unsigned)sk->sk_rcvbuf) { +- if (skb_shared(skb)) { +- copy_skb = skb_clone(skb, GFP_ATOMIC); +- } else { +- copy_skb = skb_get(skb); +- skb_head = skb->data; +- } +- if (copy_skb) +- skb_set_owner_r(copy_skb, sk); +- } +- snaplen = po->frame_size - macoff; +- if ((int)snaplen < 0) +- snaplen = 0; +- } +- +- spin_lock(&sk->sk_receive_queue.lock); +- h = packet_lookup_frame(po, po->head); +- +- if (h->tp_status) +- goto ring_is_full; +- po->head = po->head != po->frame_max ? po->head+1 : 0; +- po->stats.tp_packets++; +- if (copy_skb) { +- status |= TP_STATUS_COPY; +- __skb_queue_tail(&sk->sk_receive_queue, copy_skb); +- } +- if (!po->stats.tp_drops) +- status &= ~TP_STATUS_LOSING; +- spin_unlock(&sk->sk_receive_queue.lock); +- +- skb_copy_bits(skb, 0, (u8*)h + macoff, snaplen); +- +- h->tp_len = skb->len; +- h->tp_snaplen = snaplen; +- h->tp_mac = macoff; +- h->tp_net = netoff; +- if (skb->tstamp.tv64 == 0) { +- __net_timestamp(skb); +- sock_enable_timestamp(sk); +- } +- tv = ktime_to_timeval(skb->tstamp); +- h->tp_sec = tv.tv_sec; +- h->tp_usec = tv.tv_usec; +- +- sll = (struct sockaddr_ll*)((u8*)h + TPACKET_ALIGN(sizeof(*h))); +- sll->sll_halen = 0; +- if (dev->hard_header_parse) +- sll->sll_halen = dev->hard_header_parse(skb, sll->sll_addr); +- sll->sll_family = AF_PACKET; +- sll->sll_hatype = dev->type; +- sll->sll_protocol = skb->protocol; +- sll->sll_pkttype = skb->pkt_type; +- if (unlikely(po->origdev) && skb->pkt_type == PACKET_HOST) +- sll->sll_ifindex = orig_dev->ifindex; +- else +- sll->sll_ifindex = dev->ifindex; +- +- h->tp_status = status; +- smp_mb(); +- +- { +- struct page *p_start, *p_end; +- u8 *h_end = (u8 *)h + macoff + snaplen - 1; +- +- p_start = virt_to_page(h); +- p_end = virt_to_page(h_end); +- while (p_start <= p_end) { +- flush_dcache_page(p_start); +- p_start++; +- } +- } +- +- sk->sk_data_ready(sk, 0); +- +-drop_n_restore: +- if (skb_head != skb->data && skb_shared(skb)) { +- skb->data = skb_head; +- skb->len = skb_len; +- } +-drop: +- kfree_skb(skb); +- return 0; +- +-ring_is_full: +- po->stats.tp_drops++; +- spin_unlock(&sk->sk_receive_queue.lock); +- +- sk->sk_data_ready(sk, 0); +- if (copy_skb) +- kfree_skb(copy_skb); +- goto drop_n_restore; +-} +- +-#endif +- +- +-static int packet_sendmsg(struct kiocb *iocb, struct socket *sock, +- struct msghdr *msg, size_t len) +-{ +- struct sock *sk = sock->sk; +- struct sockaddr_ll *saddr=(struct sockaddr_ll *)msg->msg_name; +- struct sk_buff *skb; +- struct net_device *dev; +- __be16 proto; +- unsigned char *addr; +- int ifindex, err, reserve = 0; +- +- if (!nx_capable(CAP_NET_RAW, NXC_RAW_SEND)) +- return -EPERM; +- +- /* +- * Get and verify the address. +- */ +- +- if (saddr == NULL) { +- struct packet_sock *po = pkt_sk(sk); +- +- ifindex = po->ifindex; +- proto = po->num; +- addr = NULL; +- } else { +- err = -EINVAL; +- if (msg->msg_namelen < sizeof(struct sockaddr_ll)) +- goto out; +- if (msg->msg_namelen < (saddr->sll_halen + offsetof(struct sockaddr_ll, sll_addr))) +- goto out; +- ifindex = saddr->sll_ifindex; +- proto = saddr->sll_protocol; +- addr = saddr->sll_addr; +- } +- +- +- dev = dev_get_by_index(ifindex); +- err = -ENXIO; +- if (dev == NULL) +- goto out_unlock; +- if (sock->type == SOCK_RAW) +- reserve = dev->hard_header_len; +- +- err = -ENETDOWN; +- if (!(dev->flags & IFF_UP)) +- goto out_unlock; +- +- err = -EMSGSIZE; +- if (len > dev->mtu+reserve) +- goto out_unlock; +- +- skb = sock_alloc_send_skb(sk, len + LL_RESERVED_SPACE(dev), +- msg->msg_flags & MSG_DONTWAIT, &err); +- if (skb==NULL) +- goto out_unlock; +- +- skb_reserve(skb, LL_RESERVED_SPACE(dev)); +- skb_reset_network_header(skb); +- +- if (dev->hard_header) { +- int res; +- err = -EINVAL; +- res = dev->hard_header(skb, dev, ntohs(proto), addr, NULL, len); +- if (sock->type != SOCK_DGRAM) { +- skb_reset_tail_pointer(skb); +- skb->len = 0; +- } else if (res < 0) +- goto out_free; +- } +- +- /* Returns -EFAULT on error */ +- err = memcpy_fromiovec(skb_put(skb,len), msg->msg_iov, len); +- if (err) +- goto out_free; +- +- skb->protocol = proto; +- skb->dev = dev; +- skb->priority = sk->sk_priority; +- +- /* +- * Now send it +- */ +- +- err = dev_queue_xmit(skb); +- if (err > 0 && (err = net_xmit_errno(err)) != 0) +- goto out_unlock; +- +- dev_put(dev); +- +- return(len); +- +-out_free: +- kfree_skb(skb); +-out_unlock: +- if (dev) +- dev_put(dev); +-out: +- return err; +-} +- +-/* +- * Close a PACKET socket. This is fairly simple. We immediately go +- * to 'closed' state and remove our protocol entry in the device list. +- */ +- +-static int packet_release(struct socket *sock) +-{ +- struct sock *sk = sock->sk; +- struct packet_sock *po; +- +- if (!sk) +- return 0; +- +- po = pkt_sk(sk); +- +- write_lock_bh(&packet_sklist_lock); +- sk_del_node_init(sk); +- write_unlock_bh(&packet_sklist_lock); +- +- /* +- * Unhook packet receive handler. +- */ +- +- if (po->running) { +- /* +- * Remove the protocol hook +- */ +- dev_remove_pack(&po->prot_hook); +- po->running = 0; +- po->num = 0; +- __sock_put(sk); +- } +- +- packet_flush_mclist(sk); +- +-#ifdef CONFIG_PACKET_MMAP +- if (po->pg_vec) { +- struct tpacket_req req; +- memset(&req, 0, sizeof(req)); +- packet_set_ring(sk, &req, 1); +- } +-#endif +- +- /* +- * Now the socket is dead. No more input will appear. +- */ +- +- sock_orphan(sk); +- sock->sk = NULL; +- +- /* Purge queues */ +- +- skb_queue_purge(&sk->sk_receive_queue); +- +- sock_put(sk); +- return 0; +-} +- +-/* +- * Attach a packet hook. +- */ +- +-static int packet_do_bind(struct sock *sk, struct net_device *dev, __be16 protocol) +-{ +- struct packet_sock *po = pkt_sk(sk); +- /* +- * Detach an existing hook if present. +- */ +- +- lock_sock(sk); +- +- spin_lock(&po->bind_lock); +- if (po->running) { +- __sock_put(sk); +- po->running = 0; +- po->num = 0; +- spin_unlock(&po->bind_lock); +- dev_remove_pack(&po->prot_hook); +- spin_lock(&po->bind_lock); +- } +- +- po->num = protocol; +- po->prot_hook.type = protocol; +- po->prot_hook.dev = dev; +- +- po->ifindex = dev ? dev->ifindex : 0; +- +- if (protocol == 0) +- goto out_unlock; +- +- if (dev) { +- if (dev->flags&IFF_UP) { +- dev_add_pack(&po->prot_hook); +- sock_hold(sk); +- po->running = 1; +- } else { +- sk->sk_err = ENETDOWN; +- if (!sock_flag(sk, SOCK_DEAD)) +- sk->sk_error_report(sk); +- } +- } else { +- dev_add_pack(&po->prot_hook); +- sock_hold(sk); +- po->running = 1; +- } +- +-out_unlock: +- spin_unlock(&po->bind_lock); +- release_sock(sk); +- return 0; +-} +- +-/* +- * Bind a packet socket to a device +- */ +- +-static int packet_bind_spkt(struct socket *sock, struct sockaddr *uaddr, int addr_len) +-{ +- struct sock *sk=sock->sk; +- char name[15]; +- struct net_device *dev; +- int err = -ENODEV; +- +- /* +- * Check legality +- */ +- +- if (addr_len != sizeof(struct sockaddr)) +- return -EINVAL; +- strlcpy(name,uaddr->sa_data,sizeof(name)); +- +- dev = dev_get_by_name(name); +- if (dev) { +- err = packet_do_bind(sk, dev, pkt_sk(sk)->num); +- dev_put(dev); +- } +- return err; +-} +- +-static int packet_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len) +-{ +- struct sockaddr_ll *sll = (struct sockaddr_ll*)uaddr; +- struct sock *sk=sock->sk; +- struct net_device *dev = NULL; +- int err; +- +- +- /* +- * Check legality +- */ +- +- if (addr_len < sizeof(struct sockaddr_ll)) +- return -EINVAL; +- if (sll->sll_family != AF_PACKET) +- return -EINVAL; +- +- if (sll->sll_ifindex) { +- err = -ENODEV; +- dev = dev_get_by_index(sll->sll_ifindex); +- if (dev == NULL) +- goto out; +- } +- err = packet_do_bind(sk, dev, sll->sll_protocol ? : pkt_sk(sk)->num); +- if (dev) +- dev_put(dev); +- +-out: +- return err; +-} +- +-static struct proto packet_proto = { +- .name = "PACKET", +- .owner = THIS_MODULE, +- .obj_size = sizeof(struct packet_sock), +-}; +- +-/* +- * Create a packet of type SOCK_PACKET. +- */ +- +-static int packet_create(struct socket *sock, int protocol) +-{ +- struct sock *sk; +- struct packet_sock *po; +- __be16 proto = (__force __be16)protocol; /* weird, but documented */ +- int err; +- +- if (!nx_capable(CAP_NET_RAW, NXC_RAW_SOCKET)) +- return -EPERM; +- if (sock->type != SOCK_DGRAM && sock->type != SOCK_RAW && +- sock->type != SOCK_PACKET) +- return -ESOCKTNOSUPPORT; +- +- sock->state = SS_UNCONNECTED; +- +- err = -ENOBUFS; +- sk = sk_alloc(PF_PACKET, GFP_KERNEL, &packet_proto, 1); +- if (sk == NULL) +- goto out; +- +- sock->ops = &packet_ops; +- if (sock->type == SOCK_PACKET) +- sock->ops = &packet_ops_spkt; +- +- sock_init_data(sock, sk); +- +- po = pkt_sk(sk); +- sk->sk_family = PF_PACKET; +- po->num = proto; +- +- sk->sk_destruct = packet_sock_destruct; +- atomic_inc(&packet_socks_nr); +- +- /* +- * Attach a protocol block +- */ +- +- spin_lock_init(&po->bind_lock); +- po->prot_hook.func = packet_rcv; +- +- if (sock->type == SOCK_PACKET) +- po->prot_hook.func = packet_rcv_spkt; +- +- po->prot_hook.af_packet_priv = sk; +- +- if (proto) { +- po->prot_hook.type = proto; +- dev_add_pack(&po->prot_hook); +- sock_hold(sk); +- po->running = 1; +- } +- +- write_lock_bh(&packet_sklist_lock); +- sk_add_node(sk, &packet_sklist); +- write_unlock_bh(&packet_sklist_lock); +- return(0); +-out: +- return err; +-} +- +-/* +- * Pull a packet from our receive queue and hand it to the user. +- * If necessary we block. +- */ +- +-static int packet_recvmsg(struct kiocb *iocb, struct socket *sock, +- struct msghdr *msg, size_t len, int flags) +-{ +- struct sock *sk = sock->sk; +- struct sk_buff *skb; +- int copied, err; +- struct sockaddr_ll *sll; +- +- err = -EINVAL; +- if (flags & ~(MSG_PEEK|MSG_DONTWAIT|MSG_TRUNC|MSG_CMSG_COMPAT)) +- goto out; +- +-#if 0 +- /* What error should we return now? EUNATTACH? */ +- if (pkt_sk(sk)->ifindex < 0) +- return -ENODEV; +-#endif +- +- /* +- * Call the generic datagram receiver. This handles all sorts +- * of horrible races and re-entrancy so we can forget about it +- * in the protocol layers. +- * +- * Now it will return ENETDOWN, if device have just gone down, +- * but then it will block. +- */ +- +- skb=skb_recv_datagram(sk,flags,flags&MSG_DONTWAIT,&err); +- +- /* +- * An error occurred so return it. Because skb_recv_datagram() +- * handles the blocking we don't see and worry about blocking +- * retries. +- */ +- +- if (skb == NULL) +- goto out; +- +- /* +- * If the address length field is there to be filled in, we fill +- * it in now. +- */ +- +- sll = &PACKET_SKB_CB(skb)->sa.ll; +- if (sock->type == SOCK_PACKET) +- msg->msg_namelen = sizeof(struct sockaddr_pkt); +- else +- msg->msg_namelen = sll->sll_halen + offsetof(struct sockaddr_ll, sll_addr); +- +- /* +- * You lose any data beyond the buffer you gave. If it worries a +- * user program they can ask the device for its MTU anyway. +- */ +- +- copied = skb->len; +- if (copied > len) +- { +- copied=len; +- msg->msg_flags|=MSG_TRUNC; +- } +- +- err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied); +- if (err) +- goto out_free; +- +- sock_recv_timestamp(msg, sk, skb); +- +- if (msg->msg_name) +- memcpy(msg->msg_name, &PACKET_SKB_CB(skb)->sa, +- msg->msg_namelen); +- +- if (pkt_sk(sk)->auxdata) { +- struct tpacket_auxdata aux; +- +- aux.tp_status = TP_STATUS_USER; +- if (skb->ip_summed == CHECKSUM_PARTIAL) +- aux.tp_status |= TP_STATUS_CSUMNOTREADY; +- aux.tp_len = PACKET_SKB_CB(skb)->origlen; +- aux.tp_snaplen = skb->len; +- aux.tp_mac = 0; +- aux.tp_net = skb_network_offset(skb); +- +- put_cmsg(msg, SOL_PACKET, PACKET_AUXDATA, sizeof(aux), &aux); +- } +- +- /* +- * Free or return the buffer as appropriate. Again this +- * hides all the races and re-entrancy issues from us. +- */ +- err = (flags&MSG_TRUNC) ? skb->len : copied; +- +-out_free: +- skb_free_datagram(sk, skb); +-out: +- return err; +-} +- +-static int packet_getname_spkt(struct socket *sock, struct sockaddr *uaddr, +- int *uaddr_len, int peer) +-{ +- struct net_device *dev; +- struct sock *sk = sock->sk; +- +- if (peer) +- return -EOPNOTSUPP; +- +- uaddr->sa_family = AF_PACKET; +- dev = dev_get_by_index(pkt_sk(sk)->ifindex); +- if (dev) { +- strlcpy(uaddr->sa_data, dev->name, 15); +- dev_put(dev); +- } else +- memset(uaddr->sa_data, 0, 14); +- *uaddr_len = sizeof(*uaddr); +- +- return 0; +-} +- +-static int packet_getname(struct socket *sock, struct sockaddr *uaddr, +- int *uaddr_len, int peer) +-{ +- struct net_device *dev; +- struct sock *sk = sock->sk; +- struct packet_sock *po = pkt_sk(sk); +- struct sockaddr_ll *sll = (struct sockaddr_ll*)uaddr; +- +- if (peer) +- return -EOPNOTSUPP; +- +- sll->sll_family = AF_PACKET; +- sll->sll_ifindex = po->ifindex; +- sll->sll_protocol = po->num; +- dev = dev_get_by_index(po->ifindex); +- if (dev) { +- sll->sll_hatype = dev->type; +- sll->sll_halen = dev->addr_len; +- memcpy(sll->sll_addr, dev->dev_addr, dev->addr_len); +- dev_put(dev); +- } else { +- sll->sll_hatype = 0; /* Bad: we have no ARPHRD_UNSPEC */ +- sll->sll_halen = 0; +- } +- *uaddr_len = offsetof(struct sockaddr_ll, sll_addr) + sll->sll_halen; +- +- return 0; +-} +- +-static void packet_dev_mc(struct net_device *dev, struct packet_mclist *i, int what) +-{ +- switch (i->type) { +- case PACKET_MR_MULTICAST: +- if (what > 0) +- dev_mc_add(dev, i->addr, i->alen, 0); +- else +- dev_mc_delete(dev, i->addr, i->alen, 0); +- break; +- case PACKET_MR_PROMISC: +- dev_set_promiscuity(dev, what); +- break; +- case PACKET_MR_ALLMULTI: +- dev_set_allmulti(dev, what); +- break; +- default:; +- } +-} +- +-static void packet_dev_mclist(struct net_device *dev, struct packet_mclist *i, int what) +-{ +- for ( ; i; i=i->next) { +- if (i->ifindex == dev->ifindex) +- packet_dev_mc(dev, i, what); +- } +-} +- +-static int packet_mc_add(struct sock *sk, struct packet_mreq_max *mreq) +-{ +- struct packet_sock *po = pkt_sk(sk); +- struct packet_mclist *ml, *i; +- struct net_device *dev; +- int err; +- +- rtnl_lock(); +- +- err = -ENODEV; +- dev = __dev_get_by_index(mreq->mr_ifindex); +- if (!dev) +- goto done; +- +- err = -EINVAL; +- if (mreq->mr_alen > dev->addr_len) +- goto done; +- +- err = -ENOBUFS; +- i = kmalloc(sizeof(*i), GFP_KERNEL); +- if (i == NULL) +- goto done; +- +- err = 0; +- for (ml = po->mclist; ml; ml = ml->next) { +- if (ml->ifindex == mreq->mr_ifindex && +- ml->type == mreq->mr_type && +- ml->alen == mreq->mr_alen && +- memcmp(ml->addr, mreq->mr_address, ml->alen) == 0) { +- ml->count++; +- /* Free the new element ... */ +- kfree(i); +- goto done; +- } +- } +- +- i->type = mreq->mr_type; +- i->ifindex = mreq->mr_ifindex; +- i->alen = mreq->mr_alen; +- memcpy(i->addr, mreq->mr_address, i->alen); +- i->count = 1; +- i->next = po->mclist; +- po->mclist = i; +- packet_dev_mc(dev, i, +1); +- +-done: +- rtnl_unlock(); +- return err; +-} +- +-static int packet_mc_drop(struct sock *sk, struct packet_mreq_max *mreq) +-{ +- struct packet_mclist *ml, **mlp; +- +- rtnl_lock(); +- +- for (mlp = &pkt_sk(sk)->mclist; (ml = *mlp) != NULL; mlp = &ml->next) { +- if (ml->ifindex == mreq->mr_ifindex && +- ml->type == mreq->mr_type && +- ml->alen == mreq->mr_alen && +- memcmp(ml->addr, mreq->mr_address, ml->alen) == 0) { +- if (--ml->count == 0) { +- struct net_device *dev; +- *mlp = ml->next; +- dev = dev_get_by_index(ml->ifindex); +- if (dev) { +- packet_dev_mc(dev, ml, -1); +- dev_put(dev); +- } +- kfree(ml); +- } +- rtnl_unlock(); +- return 0; +- } +- } +- rtnl_unlock(); +- return -EADDRNOTAVAIL; +-} +- +-static void packet_flush_mclist(struct sock *sk) +-{ +- struct packet_sock *po = pkt_sk(sk); +- struct packet_mclist *ml; +- +- if (!po->mclist) +- return; +- +- rtnl_lock(); +- while ((ml = po->mclist) != NULL) { +- struct net_device *dev; +- +- po->mclist = ml->next; +- if ((dev = dev_get_by_index(ml->ifindex)) != NULL) { +- packet_dev_mc(dev, ml, -1); +- dev_put(dev); +- } +- kfree(ml); +- } +- rtnl_unlock(); +-} +- +-static int +-packet_setsockopt(struct socket *sock, int level, int optname, char __user *optval, int optlen) +-{ +- struct sock *sk = sock->sk; +- struct packet_sock *po = pkt_sk(sk); +- int ret; +- +- if (level != SOL_PACKET) +- return -ENOPROTOOPT; +- +- switch(optname) { +- case PACKET_ADD_MEMBERSHIP: +- case PACKET_DROP_MEMBERSHIP: +- { +- struct packet_mreq_max mreq; +- int len = optlen; +- memset(&mreq, 0, sizeof(mreq)); +- if (len < sizeof(struct packet_mreq)) +- return -EINVAL; +- if (len > sizeof(mreq)) +- len = sizeof(mreq); +- if (copy_from_user(&mreq,optval,len)) +- return -EFAULT; +- if (len < (mreq.mr_alen + offsetof(struct packet_mreq, mr_address))) +- return -EINVAL; +- if (optname == PACKET_ADD_MEMBERSHIP) +- ret = packet_mc_add(sk, &mreq); +- else +- ret = packet_mc_drop(sk, &mreq); +- return ret; +- } +- +-#ifdef CONFIG_PACKET_MMAP +- case PACKET_RX_RING: +- { +- struct tpacket_req req; +- +- if (optlencopy_thresh = val; +- return 0; +- } +-#endif +- case PACKET_AUXDATA: +- { +- int val; +- +- if (optlen < sizeof(val)) +- return -EINVAL; +- if (copy_from_user(&val, optval, sizeof(val))) +- return -EFAULT; +- +- po->auxdata = !!val; +- return 0; +- } +- case PACKET_ORIGDEV: +- { +- int val; +- +- if (optlen < sizeof(val)) +- return -EINVAL; +- if (copy_from_user(&val, optval, sizeof(val))) +- return -EFAULT; +- +- po->origdev = !!val; +- return 0; +- } +- default: +- return -ENOPROTOOPT; +- } +-} +- +-static int packet_getsockopt(struct socket *sock, int level, int optname, +- char __user *optval, int __user *optlen) +-{ +- int len; +- int val; +- struct sock *sk = sock->sk; +- struct packet_sock *po = pkt_sk(sk); +- void *data; +- struct tpacket_stats st; +- +- if (level != SOL_PACKET) +- return -ENOPROTOOPT; +- +- if (get_user(len, optlen)) +- return -EFAULT; +- +- if (len < 0) +- return -EINVAL; +- +- switch(optname) { +- case PACKET_STATISTICS: +- if (len > sizeof(struct tpacket_stats)) +- len = sizeof(struct tpacket_stats); +- spin_lock_bh(&sk->sk_receive_queue.lock); +- st = po->stats; +- memset(&po->stats, 0, sizeof(st)); +- spin_unlock_bh(&sk->sk_receive_queue.lock); +- st.tp_packets += st.tp_drops; +- +- data = &st; +- break; +- case PACKET_AUXDATA: +- if (len > sizeof(int)) +- len = sizeof(int); +- val = po->auxdata; +- +- data = &val; +- break; +- case PACKET_ORIGDEV: +- if (len > sizeof(int)) +- len = sizeof(int); +- val = po->origdev; +- +- data = &val; +- break; +- default: +- return -ENOPROTOOPT; +- } +- +- if (put_user(len, optlen)) +- return -EFAULT; +- if (copy_to_user(optval, data, len)) +- return -EFAULT; +- return 0; +-} +- +- +-static int packet_notifier(struct notifier_block *this, unsigned long msg, void *data) +-{ +- struct sock *sk; +- struct hlist_node *node; +- struct net_device *dev = data; +- +- read_lock(&packet_sklist_lock); +- sk_for_each(sk, node, &packet_sklist) { +- struct packet_sock *po = pkt_sk(sk); +- +- switch (msg) { +- case NETDEV_UNREGISTER: +- if (po->mclist) +- packet_dev_mclist(dev, po->mclist, -1); +- /* fallthrough */ +- +- case NETDEV_DOWN: +- if (dev->ifindex == po->ifindex) { +- spin_lock(&po->bind_lock); +- if (po->running) { +- __dev_remove_pack(&po->prot_hook); +- __sock_put(sk); +- po->running = 0; +- sk->sk_err = ENETDOWN; +- if (!sock_flag(sk, SOCK_DEAD)) +- sk->sk_error_report(sk); +- } +- if (msg == NETDEV_UNREGISTER) { +- po->ifindex = -1; +- po->prot_hook.dev = NULL; +- } +- spin_unlock(&po->bind_lock); +- } +- break; +- case NETDEV_UP: +- spin_lock(&po->bind_lock); +- if (dev->ifindex == po->ifindex && po->num && +- !po->running) { +- dev_add_pack(&po->prot_hook); +- sock_hold(sk); +- po->running = 1; +- } +- spin_unlock(&po->bind_lock); +- break; +- } +- } +- read_unlock(&packet_sklist_lock); +- return NOTIFY_DONE; +-} +- +- +-static int packet_ioctl(struct socket *sock, unsigned int cmd, +- unsigned long arg) +-{ +- struct sock *sk = sock->sk; +- +- switch(cmd) { +- case SIOCOUTQ: +- { +- int amount = atomic_read(&sk->sk_wmem_alloc); +- return put_user(amount, (int __user *)arg); +- } +- case SIOCINQ: +- { +- struct sk_buff *skb; +- int amount = 0; +- +- spin_lock_bh(&sk->sk_receive_queue.lock); +- skb = skb_peek(&sk->sk_receive_queue); +- if (skb) +- amount = skb->len; +- spin_unlock_bh(&sk->sk_receive_queue.lock); +- return put_user(amount, (int __user *)arg); +- } +- case SIOCGSTAMP: +- return sock_get_timestamp(sk, (struct timeval __user *)arg); +- case SIOCGSTAMPNS: +- return sock_get_timestampns(sk, (struct timespec __user *)arg); +- +-#ifdef CONFIG_INET +- case SIOCADDRT: +- case SIOCDELRT: +- case SIOCDARP: +- case SIOCGARP: +- case SIOCSARP: +- case SIOCGIFADDR: +- case SIOCSIFADDR: +- case SIOCGIFBRDADDR: +- case SIOCSIFBRDADDR: +- case SIOCGIFNETMASK: +- case SIOCSIFNETMASK: +- case SIOCGIFDSTADDR: +- case SIOCSIFDSTADDR: +- case SIOCSIFFLAGS: +- return inet_dgram_ops.ioctl(sock, cmd, arg); +-#endif +- +- default: +- return -ENOIOCTLCMD; +- } +- return 0; +-} +- +-#ifndef CONFIG_PACKET_MMAP +-#define packet_mmap sock_no_mmap +-#define packet_poll datagram_poll +-#else +- +-static unsigned int packet_poll(struct file * file, struct socket *sock, +- poll_table *wait) +-{ +- struct sock *sk = sock->sk; +- struct packet_sock *po = pkt_sk(sk); +- unsigned int mask = datagram_poll(file, sock, wait); +- +- spin_lock_bh(&sk->sk_receive_queue.lock); +- if (po->pg_vec) { +- unsigned last = po->head ? po->head-1 : po->frame_max; +- struct tpacket_hdr *h; +- +- h = packet_lookup_frame(po, last); +- +- if (h->tp_status) +- mask |= POLLIN | POLLRDNORM; +- } +- spin_unlock_bh(&sk->sk_receive_queue.lock); +- return mask; +-} +- +- +-/* Dirty? Well, I still did not learn better way to account +- * for user mmaps. +- */ +- +-static void packet_mm_open(struct vm_area_struct *vma) +-{ +- struct file *file = vma->vm_file; +- struct socket * sock = file->private_data; +- struct sock *sk = sock->sk; +- +- if (sk) +- atomic_inc(&pkt_sk(sk)->mapped); +-} +- +-static void packet_mm_close(struct vm_area_struct *vma) +-{ +- struct file *file = vma->vm_file; +- struct socket * sock = file->private_data; +- struct sock *sk = sock->sk; +- +- if (sk) +- atomic_dec(&pkt_sk(sk)->mapped); +-} +- +-static struct vm_operations_struct packet_mmap_ops = { +- .open = packet_mm_open, +- .close =packet_mm_close, +-}; +- +-static inline struct page *pg_vec_endpage(char *one_pg_vec, unsigned int order) +-{ +- return virt_to_page(one_pg_vec + (PAGE_SIZE << order) - 1); +-} +- +-static void free_pg_vec(char **pg_vec, unsigned int order, unsigned int len) +-{ +- int i; +- +- for (i = 0; i < len; i++) { +- if (likely(pg_vec[i])) +- free_pages((unsigned long) pg_vec[i], order); +- } +- kfree(pg_vec); +-} +- +-static inline char *alloc_one_pg_vec_page(unsigned long order) +-{ +- return (char *) __get_free_pages(GFP_KERNEL | __GFP_COMP | __GFP_ZERO, +- order); +-} +- +-static char **alloc_pg_vec(struct tpacket_req *req, int order) +-{ +- unsigned int block_nr = req->tp_block_nr; +- char **pg_vec; +- int i; +- +- pg_vec = kzalloc(block_nr * sizeof(char *), GFP_KERNEL); +- if (unlikely(!pg_vec)) +- goto out; +- +- for (i = 0; i < block_nr; i++) { +- pg_vec[i] = alloc_one_pg_vec_page(order); +- if (unlikely(!pg_vec[i])) +- goto out_free_pgvec; +- } +- +-out: +- return pg_vec; +- +-out_free_pgvec: +- free_pg_vec(pg_vec, order, block_nr); +- pg_vec = NULL; +- goto out; +-} +- +-static int packet_set_ring(struct sock *sk, struct tpacket_req *req, int closing) +-{ +- char **pg_vec = NULL; +- struct packet_sock *po = pkt_sk(sk); +- int was_running, order = 0; +- __be16 num; +- int err = 0; +- +- if (req->tp_block_nr) { +- int i, l; +- +- /* Sanity tests and some calculations */ +- +- if (unlikely(po->pg_vec)) +- return -EBUSY; +- +- if (unlikely((int)req->tp_block_size <= 0)) +- return -EINVAL; +- if (unlikely(req->tp_block_size & (PAGE_SIZE - 1))) +- return -EINVAL; +- if (unlikely(req->tp_frame_size < TPACKET_HDRLEN)) +- return -EINVAL; +- if (unlikely(req->tp_frame_size & (TPACKET_ALIGNMENT - 1))) +- return -EINVAL; +- +- po->frames_per_block = req->tp_block_size/req->tp_frame_size; +- if (unlikely(po->frames_per_block <= 0)) +- return -EINVAL; +- if (unlikely((po->frames_per_block * req->tp_block_nr) != +- req->tp_frame_nr)) +- return -EINVAL; +- +- err = -ENOMEM; +- order = get_order(req->tp_block_size); +- pg_vec = alloc_pg_vec(req, order); +- if (unlikely(!pg_vec)) +- goto out; +- +- l = 0; +- for (i = 0; i < req->tp_block_nr; i++) { +- char *ptr = pg_vec[i]; +- struct tpacket_hdr *header; +- int k; +- +- for (k = 0; k < po->frames_per_block; k++) { +- header = (struct tpacket_hdr *) ptr; +- header->tp_status = TP_STATUS_KERNEL; +- ptr += req->tp_frame_size; +- } +- } +- /* Done */ +- } else { +- if (unlikely(req->tp_frame_nr)) +- return -EINVAL; +- } +- +- lock_sock(sk); +- +- /* Detach socket from network */ +- spin_lock(&po->bind_lock); +- was_running = po->running; +- num = po->num; +- if (was_running) { +- __dev_remove_pack(&po->prot_hook); +- po->num = 0; +- po->running = 0; +- __sock_put(sk); +- } +- spin_unlock(&po->bind_lock); +- +- synchronize_net(); +- +- err = -EBUSY; +- if (closing || atomic_read(&po->mapped) == 0) { +- err = 0; +-#define XC(a, b) ({ __typeof__ ((a)) __t; __t = (a); (a) = (b); __t; }) +- +- spin_lock_bh(&sk->sk_receive_queue.lock); +- pg_vec = XC(po->pg_vec, pg_vec); +- po->frame_max = (req->tp_frame_nr - 1); +- po->head = 0; +- po->frame_size = req->tp_frame_size; +- spin_unlock_bh(&sk->sk_receive_queue.lock); +- +- order = XC(po->pg_vec_order, order); +- req->tp_block_nr = XC(po->pg_vec_len, req->tp_block_nr); +- +- po->pg_vec_pages = req->tp_block_size/PAGE_SIZE; +- po->prot_hook.func = po->pg_vec ? tpacket_rcv : packet_rcv; +- skb_queue_purge(&sk->sk_receive_queue); +-#undef XC +- if (atomic_read(&po->mapped)) +- printk(KERN_DEBUG "packet_mmap: vma is busy: %d\n", atomic_read(&po->mapped)); +- } +- +- spin_lock(&po->bind_lock); +- if (was_running && !po->running) { +- sock_hold(sk); +- po->running = 1; +- po->num = num; +- dev_add_pack(&po->prot_hook); +- } +- spin_unlock(&po->bind_lock); +- +- release_sock(sk); +- +- if (pg_vec) +- free_pg_vec(pg_vec, order, req->tp_block_nr); +-out: +- return err; +-} +- +-static int packet_mmap(struct file *file, struct socket *sock, struct vm_area_struct *vma) +-{ +- struct sock *sk = sock->sk; +- struct packet_sock *po = pkt_sk(sk); +- unsigned long size; +- unsigned long start; +- int err = -EINVAL; +- int i; +- +- if (vma->vm_pgoff) +- return -EINVAL; +- +- size = vma->vm_end - vma->vm_start; +- +- lock_sock(sk); +- if (po->pg_vec == NULL) +- goto out; +- if (size != po->pg_vec_len*po->pg_vec_pages*PAGE_SIZE) +- goto out; +- +- start = vma->vm_start; +- for (i = 0; i < po->pg_vec_len; i++) { +- struct page *page = virt_to_page(po->pg_vec[i]); +- int pg_num; +- +- for (pg_num = 0; pg_num < po->pg_vec_pages; pg_num++, page++) { +- err = vm_insert_page(vma, start, page); +- if (unlikely(err)) +- goto out; +- start += PAGE_SIZE; +- } +- } +- atomic_inc(&po->mapped); +- vma->vm_ops = &packet_mmap_ops; +- err = 0; +- +-out: +- release_sock(sk); +- return err; +-} +-#endif +- +- +-static const struct proto_ops packet_ops_spkt = { +- .family = PF_PACKET, +- .owner = THIS_MODULE, +- .release = packet_release, +- .bind = packet_bind_spkt, +- .connect = sock_no_connect, +- .socketpair = sock_no_socketpair, +- .accept = sock_no_accept, +- .getname = packet_getname_spkt, +- .poll = datagram_poll, +- .ioctl = packet_ioctl, +- .listen = sock_no_listen, +- .shutdown = sock_no_shutdown, +- .setsockopt = sock_no_setsockopt, +- .getsockopt = sock_no_getsockopt, +- .sendmsg = packet_sendmsg_spkt, +- .recvmsg = packet_recvmsg, +- .mmap = sock_no_mmap, +- .sendpage = sock_no_sendpage, +-}; +- +-static const struct proto_ops packet_ops = { +- .family = PF_PACKET, +- .owner = THIS_MODULE, +- .release = packet_release, +- .bind = packet_bind, +- .connect = sock_no_connect, +- .socketpair = sock_no_socketpair, +- .accept = sock_no_accept, +- .getname = packet_getname, +- .poll = packet_poll, +- .ioctl = packet_ioctl, +- .listen = sock_no_listen, +- .shutdown = sock_no_shutdown, +- .setsockopt = packet_setsockopt, +- .getsockopt = packet_getsockopt, +- .sendmsg = packet_sendmsg, +- .recvmsg = packet_recvmsg, +- .mmap = packet_mmap, +- .sendpage = sock_no_sendpage, +-}; +- +-static struct net_proto_family packet_family_ops = { +- .family = PF_PACKET, +- .create = packet_create, +- .owner = THIS_MODULE, +-}; +- +-static struct notifier_block packet_netdev_notifier = { +- .notifier_call =packet_notifier, +-}; +- +-#ifdef CONFIG_PROC_FS +-static inline struct sock *packet_seq_idx(loff_t off) +-{ +- struct sock *s; +- struct hlist_node *node; +- +- sk_for_each(s, node, &packet_sklist) { +- if (!off--) +- return s; +- } +- return NULL; +-} +- +-static void *packet_seq_start(struct seq_file *seq, loff_t *pos) +-{ +- read_lock(&packet_sklist_lock); +- return *pos ? packet_seq_idx(*pos - 1) : SEQ_START_TOKEN; +-} +- +-static void *packet_seq_next(struct seq_file *seq, void *v, loff_t *pos) +-{ +- ++*pos; +- return (v == SEQ_START_TOKEN) +- ? sk_head(&packet_sklist) +- : sk_next((struct sock*)v) ; +-} +- +-static void packet_seq_stop(struct seq_file *seq, void *v) +-{ +- read_unlock(&packet_sklist_lock); +-} +- +-static int packet_seq_show(struct seq_file *seq, void *v) +-{ +- if (v == SEQ_START_TOKEN) +- seq_puts(seq, "sk RefCnt Type Proto Iface R Rmem User Inode\n"); +- else { +- struct sock *s = v; +- const struct packet_sock *po = pkt_sk(s); +- +- seq_printf(seq, +- "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", +- s, +- atomic_read(&s->sk_refcnt), +- s->sk_type, +- ntohs(po->num), +- po->ifindex, +- po->running, +- atomic_read(&s->sk_rmem_alloc), +- sock_i_uid(s), +- sock_i_ino(s) ); +- } +- +- return 0; +-} +- +-static struct seq_operations packet_seq_ops = { +- .start = packet_seq_start, +- .next = packet_seq_next, +- .stop = packet_seq_stop, +- .show = packet_seq_show, +-}; +- +-static int packet_seq_open(struct inode *inode, struct file *file) +-{ +- return seq_open(file, &packet_seq_ops); +-} +- +-static const struct file_operations packet_seq_fops = { +- .owner = THIS_MODULE, +- .open = packet_seq_open, +- .read = seq_read, +- .llseek = seq_lseek, +- .release = seq_release, +-}; +- +-#endif +- +-static void __exit packet_exit(void) +-{ +- proc_net_remove("packet"); +- unregister_netdevice_notifier(&packet_netdev_notifier); +- sock_unregister(PF_PACKET); +- proto_unregister(&packet_proto); +-} +- +-static int __init packet_init(void) +-{ +- int rc = proto_register(&packet_proto, 0); +- +- if (rc != 0) +- goto out; +- +- sock_register(&packet_family_ops); +- register_netdevice_notifier(&packet_netdev_notifier); +- proc_net_fops_create("packet", 0, &packet_seq_fops); +-out: +- return rc; +-} +- +-module_init(packet_init); +-module_exit(packet_exit); +-MODULE_LICENSE("GPL"); +-MODULE_ALIAS_NETPROTO(PF_PACKET); +diff -Nurb linux-2.6.22-594/net/socket.c linux-2.6.22-595/net/socket.c +--- linux-2.6.22-594/net/socket.c 2008-03-20 01:27:52.000000000 -0400 ++++ linux-2.6.22-595/net/socket.c 2008-03-20 01:28:00.000000000 -0400 +@@ -1122,12 +1122,17 @@ + if (type < 0 || type >= SOCK_MAX) + return -EINVAL; + + /* -+ * Initialize the protocols module. -+ */ -+ -+ init_inodecache(); -+ register_filesystem(&sock_fs_type); -+ sock_mnt = kern_mount(&sock_fs_type); -+ -+ /* The real protocol initialization is performed in later initcalls. -+ */ -+ -+#ifdef CONFIG_NETFILTER -+ netfilter_init(); -+#endif -+ -+ register_pernet_subsys(&sock_net_ops); -+ -+ return 0; -+} -+ -+core_initcall(sock_init); /* early initcall */ -+ -+#ifdef CONFIG_PROC_FS -+void socket_seq_show(struct seq_file *seq) -+{ -+ int cpu; -+ int counter = 0; -+ -+ for_each_possible_cpu(cpu) -+ counter += per_cpu(sockets_in_use, cpu); -+ -+ /* It can be negative, by the way. 8) */ -+ if (counter < 0) -+ counter = 0; -+ -+ seq_printf(seq, "sockets: used %d\n", counter); -+} -+#endif /* CONFIG_PROC_FS */ -+ -+#ifdef CONFIG_COMPAT -+static long compat_sock_ioctl(struct file *file, unsigned cmd, -+ unsigned long arg) -+{ -+ struct socket *sock = file->private_data; -+ int ret = -ENOIOCTLCMD; -+ -+ if (sock->ops->compat_ioctl) -+ ret = sock->ops->compat_ioctl(sock, cmd, arg); -+ -+ return ret; -+} -+#endif -+ -+int kernel_bind(struct socket *sock, struct sockaddr *addr, int addrlen) -+{ -+ return sock->ops->bind(sock, addr, addrlen); -+} -+ -+int kernel_listen(struct socket *sock, int backlog) -+{ -+ return sock->ops->listen(sock, backlog); -+} -+ -+int kernel_accept(struct socket *sock, struct socket **newsock, int flags) -+{ -+ struct sock *sk = sock->sk; -+ int err; -+ -+ err = sock_create_lite(sk->sk_family, sk->sk_type, sk->sk_protocol, -+ newsock); -+ if (err < 0) -+ goto done; -+ -+ err = sock->ops->accept(sock, *newsock, flags); -+ if (err < 0) { -+ sock_release(*newsock); -+ goto done; -+ } -+ -+ (*newsock)->ops = sock->ops; -+ -+done: -+ return err; -+} -+ -+int kernel_connect(struct socket *sock, struct sockaddr *addr, int addrlen, -+ int flags) -+{ -+ return sock->ops->connect(sock, addr, addrlen, flags); -+} -+ -+int kernel_getsockname(struct socket *sock, struct sockaddr *addr, -+ int *addrlen) -+{ -+ return sock->ops->getname(sock, addr, addrlen, 0); -+} -+ -+int kernel_getpeername(struct socket *sock, struct sockaddr *addr, -+ int *addrlen) -+{ -+ return sock->ops->getname(sock, addr, addrlen, 1); -+} -+ -+int kernel_getsockopt(struct socket *sock, int level, int optname, -+ char *optval, int *optlen) -+{ -+ mm_segment_t oldfs = get_fs(); -+ int err; -+ -+ set_fs(KERNEL_DS); -+ if (level == SOL_SOCKET) -+ err = sock_getsockopt(sock, level, optname, optval, optlen); -+ else -+ err = sock->ops->getsockopt(sock, level, optname, optval, -+ optlen); -+ set_fs(oldfs); -+ return err; -+} -+ -+int kernel_setsockopt(struct socket *sock, int level, int optname, -+ char *optval, int optlen) -+{ -+ mm_segment_t oldfs = get_fs(); -+ int err; -+ -+ set_fs(KERNEL_DS); -+ if (level == SOL_SOCKET) -+ err = sock_setsockopt(sock, level, optname, optval, optlen); -+ else -+ err = sock->ops->setsockopt(sock, level, optname, optval, -+ optlen); -+ set_fs(oldfs); -+ return err; -+} -+ -+int kernel_sendpage(struct socket *sock, struct page *page, int offset, -+ size_t size, int flags) -+{ -+ if (sock->ops->sendpage) -+ return sock->ops->sendpage(sock, page, offset, size, flags); -+ -+ return sock_no_sendpage(sock, page, offset, size, flags); -+} -+ -+int kernel_sock_ioctl(struct socket *sock, int cmd, unsigned long arg) -+{ -+ mm_segment_t oldfs = get_fs(); -+ int err; -+ -+ set_fs(KERNEL_DS); -+ err = sock->ops->ioctl(sock, cmd, arg); -+ set_fs(oldfs); -+ -+ return err; -+} -+ -+/* ABI emulation layers need these two */ -+EXPORT_SYMBOL(move_addr_to_kernel); -+EXPORT_SYMBOL(move_addr_to_user); -+EXPORT_SYMBOL(sock_create); -+EXPORT_SYMBOL(sock_create_kern); -+EXPORT_SYMBOL(sock_create_lite); -+EXPORT_SYMBOL(sock_map_fd); -+EXPORT_SYMBOL(sock_recvmsg); -+EXPORT_SYMBOL(sock_register); -+EXPORT_SYMBOL(sock_release); -+EXPORT_SYMBOL(sock_sendmsg); -+EXPORT_SYMBOL(sock_unregister); -+EXPORT_SYMBOL(sock_wake_async); -+EXPORT_SYMBOL(sockfd_lookup); -+EXPORT_SYMBOL(kernel_sendmsg); -+EXPORT_SYMBOL(kernel_recvmsg); -+EXPORT_SYMBOL(kernel_bind); -+EXPORT_SYMBOL(kernel_listen); -+EXPORT_SYMBOL(kernel_accept); -+EXPORT_SYMBOL(kernel_connect); -+EXPORT_SYMBOL(kernel_getsockname); -+EXPORT_SYMBOL(kernel_getpeername); -+EXPORT_SYMBOL(kernel_getsockopt); -+EXPORT_SYMBOL(kernel_setsockopt); -+EXPORT_SYMBOL(kernel_sendpage); -+EXPORT_SYMBOL(kernel_sock_ioctl); ++ * Hack no. 2 - Sapan ++ * Clean this up later ++ * + if (!nx_check(0, VS_ADMIN)) { + if (family == PF_INET && !current_nx_info_has_v4()) + return -EAFNOSUPPORT; + if (family == PF_INET6 && !current_nx_info_has_v6()) + return -EAFNOSUPPORT; + } ++ */ + + /* Compatibility. + -- 2.47.0