aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Documentation/networking/xfrm_sysctl.txt4
-rw-r--r--drivers/net/cassini.c2
-rw-r--r--include/linux/ipv6.h3
-rw-r--r--include/linux/netdevice.h27
-rw-r--r--include/net/sock.h2
-rw-r--r--include/net/tcp.h6
-rw-r--r--include/net/xfrm.h1
-rw-r--r--net/bridge/br_fdb.c14
-rw-r--r--net/bridge/br_stp.c3
-rw-r--r--net/bridge/br_stp_timer.c2
-rw-r--r--net/core/sysctl_net_core.c9
-rw-r--r--net/core/utils.c6
-rw-r--r--net/ipv4/fib_frontend.c11
-rw-r--r--net/ipv4/tcp.c5
-rw-r--r--net/ipv4/tcp_probe.c5
-rw-r--r--net/ipv4/tcp_timer.c4
-rw-r--r--net/ipv4/xfrm4_input.c6
-rw-r--r--net/ipv4/xfrm4_mode_tunnel.c2
-rw-r--r--net/ipv6/ah6.c2
-rw-r--r--net/ipv6/ip6_fib.c9
-rw-r--r--net/ipv6/xfrm6_input.c6
-rw-r--r--net/ipv6/xfrm6_mode_tunnel.c1
-rw-r--r--net/mac80211/ieee80211.c6
-rw-r--r--net/mac80211/ieee80211_sta.c4
-rw-r--r--net/packet/af_packet.c56
-rw-r--r--net/xfrm/xfrm_policy.c3
-rw-r--r--net/xfrm/xfrm_state.c15
27 files changed, 93 insertions, 121 deletions
diff --git a/Documentation/networking/xfrm_sysctl.txt b/Documentation/networking/xfrm_sysctl.txt
new file mode 100644
index 00000000000..5bbd16792fe
--- /dev/null
+++ b/Documentation/networking/xfrm_sysctl.txt
@@ -0,0 +1,4 @@
+/proc/sys/net/core/xfrm_* Variables:
+
+xfrm_acq_expires - INTEGER
+ default 30 - hard timeout in seconds for acquire requests
diff --git a/drivers/net/cassini.c b/drivers/net/cassini.c
index 9fe3a38883e..59b9943b077 100644
--- a/drivers/net/cassini.c
+++ b/drivers/net/cassini.c
@@ -4920,7 +4920,7 @@ static int __devinit cas_init_one(struct pci_dev *pdev,
pci_cmd |= PCI_COMMAND_PARITY;
pci_write_config_word(pdev, PCI_COMMAND, pci_cmd);
if (pci_set_mwi(pdev))
- printk(KERN_WARNING PFX "Could enable MWI for %s\n",
+ printk(KERN_WARNING PFX "Could not enable MWI for %s\n",
pci_name(pdev));
/*
diff --git a/include/linux/ipv6.h b/include/linux/ipv6.h
index 09ea01a8a99..648bd1f0912 100644
--- a/include/linux/ipv6.h
+++ b/include/linux/ipv6.h
@@ -209,9 +209,8 @@ enum {
DEVCONF_RTR_PROBE_INTERVAL,
DEVCONF_ACCEPT_RA_RT_INFO_MAX_PLEN,
DEVCONF_PROXY_NDP,
- __DEVCONF_OPTIMISTIC_DAD,
- DEVCONF_ACCEPT_SOURCE_ROUTE,
DEVCONF_OPTIMISTIC_DAD,
+ DEVCONF_ACCEPT_SOURCE_ROUTE,
DEVCONF_MAX
};
diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h
index f671cd2f133..3a70f553b28 100644
--- a/include/linux/netdevice.h
+++ b/include/linux/netdevice.h
@@ -910,6 +910,17 @@ static inline int netif_rx_reschedule(struct net_device *dev, int undo)
return 0;
}
+/* same as netif_rx_complete, except that local_irq_save(flags)
+ * has already been issued
+ */
+static inline void __netif_rx_complete(struct net_device *dev)
+{
+ BUG_ON(!test_bit(__LINK_STATE_RX_SCHED, &dev->state));
+ list_del(&dev->poll_list);
+ smp_mb__before_clear_bit();
+ clear_bit(__LINK_STATE_RX_SCHED, &dev->state);
+}
+
/* Remove interface from poll list: it must be in the poll list
* on current cpu. This primitive is called by dev->poll(), when
* it completes the work. The device cannot be out of poll list at this
@@ -920,10 +931,7 @@ static inline void netif_rx_complete(struct net_device *dev)
unsigned long flags;
local_irq_save(flags);
- BUG_ON(!test_bit(__LINK_STATE_RX_SCHED, &dev->state));
- list_del(&dev->poll_list);
- smp_mb__before_clear_bit();
- clear_bit(__LINK_STATE_RX_SCHED, &dev->state);
+ __netif_rx_complete(dev);
local_irq_restore(flags);
}
@@ -940,17 +948,6 @@ static inline void netif_poll_enable(struct net_device *dev)
clear_bit(__LINK_STATE_RX_SCHED, &dev->state);
}
-/* same as netif_rx_complete, except that local_irq_save(flags)
- * has already been issued
- */
-static inline void __netif_rx_complete(struct net_device *dev)
-{
- BUG_ON(!test_bit(__LINK_STATE_RX_SCHED, &dev->state));
- list_del(&dev->poll_list);
- smp_mb__before_clear_bit();
- clear_bit(__LINK_STATE_RX_SCHED, &dev->state);
-}
-
static inline void netif_tx_lock(struct net_device *dev)
{
spin_lock(&dev->_xmit_lock);
diff --git a/include/net/sock.h b/include/net/sock.h
index 689b886038d..dfeb8b13024 100644
--- a/include/net/sock.h
+++ b/include/net/sock.h
@@ -218,13 +218,13 @@ struct sock {
atomic_t sk_rmem_alloc;
atomic_t sk_wmem_alloc;
atomic_t sk_omem_alloc;
+ int sk_sndbuf;
struct sk_buff_head sk_receive_queue;
struct sk_buff_head sk_write_queue;
struct sk_buff_head sk_async_wait_queue;
int sk_wmem_queued;
int sk_forward_alloc;
gfp_t sk_allocation;
- int sk_sndbuf;
int sk_route_caps;
int sk_gso_type;
int sk_rcvlowat;
diff --git a/include/net/tcp.h b/include/net/tcp.h
index e22b4f0305a..a8af9ae0017 100644
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -254,6 +254,12 @@ static inline int between(__u32 seq1, __u32 seq2, __u32 seq3)
return seq3 - seq2 >= seq1 - seq2;
}
+static inline int tcp_too_many_orphans(struct sock *sk, int num)
+{
+ return (num > sysctl_tcp_max_orphans) ||
+ (sk->sk_wmem_queued > SOCK_MIN_SNDBUF &&
+ atomic_read(&tcp_memory_allocated) > sysctl_tcp_mem[2]);
+}
extern struct proto tcp_prot;
diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index 39ef925d39d..90185e8b335 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -237,7 +237,6 @@ extern int xfrm_policy_register_afinfo(struct xfrm_policy_afinfo *afinfo);
extern int xfrm_policy_unregister_afinfo(struct xfrm_policy_afinfo *afinfo);
extern void km_policy_notify(struct xfrm_policy *xp, int dir, struct km_event *c);
extern void km_state_notify(struct xfrm_state *x, struct km_event *c);
-#define XFRM_ACQ_EXPIRES 30
struct xfrm_tmpl;
extern int km_query(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *pol);
diff --git a/net/bridge/br_fdb.c b/net/bridge/br_fdb.c
index 91b017016d5..3fc69729381 100644
--- a/net/bridge/br_fdb.c
+++ b/net/bridge/br_fdb.c
@@ -121,6 +121,7 @@ void br_fdb_cleanup(unsigned long _data)
{
struct net_bridge *br = (struct net_bridge *)_data;
unsigned long delay = hold_time(br);
+ unsigned long next_timer = jiffies + br->forward_delay;
int i;
spin_lock_bh(&br->hash_lock);
@@ -129,14 +130,21 @@ void br_fdb_cleanup(unsigned long _data)
struct hlist_node *h, *n;
hlist_for_each_entry_safe(f, h, n, &br->hash[i], hlist) {
- if (!f->is_static &&
- time_before_eq(f->ageing_timer + delay, jiffies))
+ unsigned long this_timer;
+ if (f->is_static)
+ continue;
+ this_timer = f->ageing_timer + delay;
+ if (time_before_eq(this_timer, jiffies))
fdb_delete(f);
+ else if (this_timer < next_timer)
+ next_timer = this_timer;
}
}
spin_unlock_bh(&br->hash_lock);
- mod_timer(&br->gc_timer, jiffies + HZ/10);
+ /* Add HZ/4 to ensure we round the jiffies upwards to be after the next
+ * timer, otherwise we might round down and will have no-op run. */
+ mod_timer(&br->gc_timer, round_jiffies(next_timer + HZ/4));
}
/* Completely flush all dynamic entries in forwarding database.*/
diff --git a/net/bridge/br_stp.c b/net/bridge/br_stp.c
index 0e035d6162c..e38034aa56f 100644
--- a/net/bridge/br_stp.c
+++ b/net/bridge/br_stp.c
@@ -178,7 +178,8 @@ void br_transmit_config(struct net_bridge_port *p)
br_send_config_bpdu(p, &bpdu);
p->topology_change_ack = 0;
p->config_pending = 0;
- mod_timer(&p->hold_timer, jiffies + BR_HOLD_TIME);
+ mod_timer(&p->hold_timer,
+ round_jiffies(jiffies + BR_HOLD_TIME));
}
}
diff --git a/net/bridge/br_stp_timer.c b/net/bridge/br_stp_timer.c
index 24e0ca4a313..77f5255e691 100644
--- a/net/bridge/br_stp_timer.c
+++ b/net/bridge/br_stp_timer.c
@@ -42,7 +42,7 @@ static void br_hello_timer_expired(unsigned long arg)
if (br->dev->flags & IFF_UP) {
br_config_bpdu_generation(br);
- mod_timer(&br->hello_timer, jiffies + br->hello_time);
+ mod_timer(&br->hello_timer, round_jiffies(jiffies + br->hello_time));
}
spin_unlock(&br->lock);
}
diff --git a/net/core/sysctl_net_core.c b/net/core/sysctl_net_core.c
index f34aca041a2..6d5ea976204 100644
--- a/net/core/sysctl_net_core.c
+++ b/net/core/sysctl_net_core.c
@@ -25,6 +25,7 @@ extern int sysctl_core_destroy_delay;
extern u32 sysctl_xfrm_aevent_etime;
extern u32 sysctl_xfrm_aevent_rseqth;
extern int sysctl_xfrm_larval_drop;
+extern u32 sysctl_xfrm_acq_expires;
#endif
ctl_table core_table[] = {
@@ -127,6 +128,14 @@ ctl_table core_table[] = {
.mode = 0644,
.proc_handler = &proc_dointvec
},
+ {
+ .ctl_name = CTL_UNNUMBERED,
+ .procname = "xfrm_acq_expires",
+ .data = &sysctl_xfrm_acq_expires,
+ .maxlen = sizeof(int),
+ .mode = 0644,
+ .proc_handler = &proc_dointvec
+ },
#endif /* CONFIG_XFRM */
#endif /* CONFIG_NET */
{
diff --git a/net/core/utils.c b/net/core/utils.c
index adecfd281ae..2030bb8c2d3 100644
--- a/net/core/utils.c
+++ b/net/core/utils.c
@@ -139,16 +139,16 @@ int in4_pton(const char *src, int srclen,
while(1) {
int c;
c = xdigit2bin(srclen > 0 ? *s : '\0', delim);
- if (!(c & (IN6PTON_DIGIT | IN6PTON_DOT | IN6PTON_DELIM))) {
+ if (!(c & (IN6PTON_DIGIT | IN6PTON_DOT | IN6PTON_DELIM | IN6PTON_COLON_MASK))) {
goto out;
}
- if (c & (IN6PTON_DOT | IN6PTON_DELIM)) {
+ if (c & (IN6PTON_DOT | IN6PTON_DELIM | IN6PTON_COLON_MASK)) {
if (w == 0)
goto out;
*d++ = w & 0xff;
w = 0;
i++;
- if (c & IN6PTON_DELIM) {
+ if (c & (IN6PTON_DELIM | IN6PTON_COLON_MASK)) {
if (i != 4)
goto out;
break;
diff --git a/net/ipv4/fib_frontend.c b/net/ipv4/fib_frontend.c
index 837f2957fa8..9ad1f6252a9 100644
--- a/net/ipv4/fib_frontend.c
+++ b/net/ipv4/fib_frontend.c
@@ -250,8 +250,6 @@ e_inval:
return -EINVAL;
}
-#ifndef CONFIG_IP_NOSIOCRT
-
static inline __be32 sk_extract_addr(struct sockaddr *addr)
{
return ((struct sockaddr_in *) addr)->sin_addr.s_addr;
@@ -443,15 +441,6 @@ int ip_rt_ioctl(unsigned int cmd, void __user *arg)
return -EINVAL;
}
-#else
-
-int ip_rt_ioctl(unsigned int cmd, void *arg)
-{
- return -EINVAL;
-}
-
-#endif
-
struct nla_policy rtm_ipv4_policy[RTA_MAX+1] __read_mostly = {
[RTA_DST] = { .type = NLA_U32 },
[RTA_SRC] = { .type = NLA_U32 },
diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
index bd4c295f5d7..766314505c0 100644
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -1674,9 +1674,8 @@ adjudge_to_death:
}
if (sk->sk_state != TCP_CLOSE) {
sk_stream_mem_reclaim(sk);
- if (atomic_read(sk->sk_prot->orphan_count) > sysctl_tcp_max_orphans ||
- (sk->sk_wmem_queued > SOCK_MIN_SNDBUF &&
- atomic_read(&tcp_memory_allocated) > sysctl_tcp_mem[2])) {
+ if (tcp_too_many_orphans(sk,
+ atomic_read(sk->sk_prot->orphan_count))) {
if (net_ratelimit())
printk(KERN_INFO "TCP: too many of orphaned "
"sockets\n");
diff --git a/net/ipv4/tcp_probe.c b/net/ipv4/tcp_probe.c
index 3938d5dbdf2..760165a0800 100644
--- a/net/ipv4/tcp_probe.c
+++ b/net/ipv4/tcp_probe.c
@@ -80,7 +80,8 @@ static void printl(const char *fmt, ...)
kfifo_put(tcpw.fifo, tbuf, len);
wake_up(&tcpw.wait);
-}
+} __attribute__ ((format (printf, 1, 2)));
+
/*
* Hook inserted to be called before each receive packet.
@@ -95,7 +96,7 @@ static int jtcp_rcv_established(struct sock *sk, struct sk_buff *skb,
/* Only update if port matches */
if ((port == 0 || ntohs(inet->dport) == port || ntohs(inet->sport) == port)
&& (full || tp->snd_cwnd != tcpw.lastcwnd)) {
- printl("%d.%d.%d.%d:%u %d.%d.%d.%d:%u %d %#x %#x %u %u %u\n",
+ printl("%d.%d.%d.%d:%u %d.%d.%d.%d:%u %d %#x %#x %u %u %u %u\n",
NIPQUAD(inet->saddr), ntohs(inet->sport),
NIPQUAD(inet->daddr), ntohs(inet->dport),
skb->len, tp->snd_nxt, tp->snd_una,
diff --git a/net/ipv4/tcp_timer.c b/net/ipv4/tcp_timer.c
index 2ca97b20929..e61340150ba 100644
--- a/net/ipv4/tcp_timer.c
+++ b/net/ipv4/tcp_timer.c
@@ -78,9 +78,7 @@ static int tcp_out_of_resources(struct sock *sk, int do_reset)
if (sk->sk_err_soft)
orphans <<= 1;
- if (orphans >= sysctl_tcp_max_orphans ||
- (sk->sk_wmem_queued > SOCK_MIN_SNDBUF &&
- atomic_read(&tcp_memory_allocated) > sysctl_tcp_mem[2])) {
+ if (tcp_too_many_orphans(sk, orphans)) {
if (net_ratelimit())
printk(KERN_INFO "Out of socket memory\n");
diff --git a/net/ipv4/xfrm4_input.c b/net/ipv4/xfrm4_input.c
index 5ceca951d73..fa1902dc81b 100644
--- a/net/ipv4/xfrm4_input.c
+++ b/net/ipv4/xfrm4_input.c
@@ -139,10 +139,8 @@ int xfrm4_rcv_encap(struct sk_buff *skb, __u16 encap_type)
nf_reset(skb);
if (decaps) {
- if (!(skb->dev->flags&IFF_LOOPBACK)) {
- dst_release(skb->dst);
- skb->dst = NULL;
- }
+ dst_release(skb->dst);
+ skb->dst = NULL;
netif_rx(skb);
return 0;
} else {
diff --git a/net/ipv4/xfrm4_mode_tunnel.c b/net/ipv4/xfrm4_mode_tunnel.c
index a2f2e6a5ec5..9963700e74c 100644
--- a/net/ipv4/xfrm4_mode_tunnel.c
+++ b/net/ipv4/xfrm4_mode_tunnel.c
@@ -85,6 +85,8 @@ static int xfrm4_tunnel_output(struct xfrm_state *x, struct sk_buff *skb)
top_iph->saddr = x->props.saddr.a4;
top_iph->daddr = x->id.daddr.a4;
+ skb->protocol = htons(ETH_P_IP);
+
memset(&(IPCB(skb)->opt), 0, sizeof(struct ip_options));
return 0;
}
diff --git a/net/ipv6/ah6.c b/net/ipv6/ah6.c
index b696c840120..128f94c79c6 100644
--- a/net/ipv6/ah6.c
+++ b/net/ipv6/ah6.c
@@ -247,7 +247,7 @@ static int ah6_output(struct xfrm_state *x, struct sk_buff *skb)
memcpy(tmp_base, top_iph, sizeof(tmp_base));
tmp_ext = NULL;
- extlen = skb_transport_offset(skb) + sizeof(struct ipv6hdr);
+ extlen = skb_transport_offset(skb) - sizeof(struct ipv6hdr);
if (extlen) {
extlen += sizeof(*tmp_ext);
tmp_ext = kmalloc(extlen, GFP_ATOMIC);
diff --git a/net/ipv6/ip6_fib.c b/net/ipv6/ip6_fib.c
index ca08ee88d07..662a7d9681f 100644
--- a/net/ipv6/ip6_fib.c
+++ b/net/ipv6/ip6_fib.c
@@ -619,14 +619,6 @@ static int fib6_add_rt2node(struct fib6_node *fn, struct rt6_info *rt,
ins = &fn->leaf;
- if (fn->fn_flags&RTN_TL_ROOT &&
- fn->leaf == &ip6_null_entry &&
- !(rt->rt6i_flags & (RTF_DEFAULT | RTF_ADDRCONF)) ){
- fn->leaf = rt;
- rt->u.dst.rt6_next = NULL;
- goto out;
- }
-
for (iter = fn->leaf; iter; iter=iter->u.dst.rt6_next) {
/*
* Search for duplicates
@@ -666,7 +658,6 @@ static int fib6_add_rt2node(struct fib6_node *fn, struct rt6_info *rt,
* insert node
*/
-out:
rt->u.dst.rt6_next = iter;
*ins = rt;
rt->rt6i_node = fn;
diff --git a/net/ipv6/xfrm6_input.c b/net/ipv6/xfrm6_input.c
index d7ed8aa56ec..c858537cec4 100644
--- a/net/ipv6/xfrm6_input.c
+++ b/net/ipv6/xfrm6_input.c
@@ -104,10 +104,8 @@ int xfrm6_rcv_spi(struct sk_buff *skb, __be32 spi)
nf_reset(skb);
if (decaps) {
- if (!(skb->dev->flags&IFF_LOOPBACK)) {
- dst_release(skb->dst);
- skb->dst = NULL;
- }
+ dst_release(skb->dst);
+ skb->dst = NULL;
netif_rx(skb);
return -1;
} else {
diff --git a/net/ipv6/xfrm6_mode_tunnel.c b/net/ipv6/xfrm6_mode_tunnel.c
index a6c0cdf46ad..9fc95bc6509 100644
--- a/net/ipv6/xfrm6_mode_tunnel.c
+++ b/net/ipv6/xfrm6_mode_tunnel.c
@@ -80,6 +80,7 @@ static int xfrm6_tunnel_output(struct xfrm_state *x, struct sk_buff *skb)
top_iph->hop_limit = dst_metric(dst->child, RTAX_HOPLIMIT);
ipv6_addr_copy(&top_iph->saddr, (struct in6_addr *)&x->props.saddr);
ipv6_addr_copy(&top_iph->daddr, (struct in6_addr *)&x->id.daddr);
+ skb->protocol = htons(ETH_P_IPV6);
return 0;
}
diff --git a/net/mac80211/ieee80211.c b/net/mac80211/ieee80211.c
index 6e36df67f8d..4e84f24fd43 100644
--- a/net/mac80211/ieee80211.c
+++ b/net/mac80211/ieee80211.c
@@ -2474,6 +2474,8 @@ static int ieee80211_open(struct net_device *dev)
if (sdata->type == IEEE80211_IF_TYPE_STA &&
!local->user_space_mlme)
netif_carrier_off(dev);
+ else
+ netif_carrier_on(dev);
netif_start_queue(dev);
return 0;
@@ -3278,8 +3280,10 @@ ieee80211_rx_h_defragment(struct ieee80211_txrx_data *rx)
return TXRX_DROP;
}
}
- while ((skb = __skb_dequeue(&entry->skb_list)))
+ while ((skb = __skb_dequeue(&entry->skb_list))) {
memcpy(skb_put(rx->skb, skb->len), skb->data, skb->len);
+ dev_kfree_skb(skb);
+ }
/* Complete frame has been reassembled - process it now */
rx->fragmented = 1;
diff --git a/net/mac80211/ieee80211_sta.c b/net/mac80211/ieee80211_sta.c
index 3e07e9d6fa4..9f30ae4c2ab 100644
--- a/net/mac80211/ieee80211_sta.c
+++ b/net/mac80211/ieee80211_sta.c
@@ -1155,6 +1155,8 @@ static void ieee80211_rx_mgmt_assoc_resp(struct net_device *dev,
if (status_code != WLAN_STATUS_SUCCESS) {
printk(KERN_DEBUG "%s: AP denied association (code=%d)\n",
dev->name, status_code);
+ if (status_code == WLAN_STATUS_REASSOC_NO_ASSOC)
+ ifsta->prev_bssid_set = 0;
return;
}
@@ -2995,7 +2997,7 @@ struct sta_info * ieee80211_ibss_add_sta(struct net_device *dev,
{
struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
struct sta_info *sta;
- struct ieee80211_sub_if_data *sdata = NULL;
+ struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
/* TODO: Could consider removing the least recently used entry and
* allow new one to be added. */
diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c
index 02e401cd683..f8b83014ccc 100644
--- a/net/packet/af_packet.c
+++ b/net/packet/af_packet.c
@@ -83,22 +83,6 @@
#include <net/inet_common.h>
#endif
-#define CONFIG_SOCK_PACKET 1
-
-/*
- Proposed replacement for SIOC{ADD,DEL}MULTI and
- IFF_PROMISC, IFF_ALLMULTI flags.
-
- It is more expensive, but I believe,
- it is really correct solution: reentereble, safe and fault tolerant.
-
- IFF_PROMISC/IFF_ALLMULTI/SIOC{ADD/DEL}MULTI are faked by keeping
- reference count and global flag, so that real status is
- (gflag|(count != 0)), so that we can use obsolete faulty interface
- not harming clever users.
- */
-#define CONFIG_PACKET_MULTICAST 1
-
/*
Assumptions:
- if device has no dev->hard_header routine, it adds and removes ll header
@@ -159,7 +143,6 @@ static atomic_t packet_socks_nr;
/* Private packet socket structures. */
-#ifdef CONFIG_PACKET_MULTICAST
struct packet_mclist
{
struct packet_mclist *next;
@@ -179,7 +162,7 @@ struct packet_mreq_max
unsigned short mr_alen;
unsigned char mr_address[MAX_ADDR_LEN];
};
-#endif
+
#ifdef CONFIG_PACKET_MMAP
static int packet_set_ring(struct sock *sk, struct tpacket_req *req, int closing);
#endif
@@ -205,9 +188,7 @@ struct packet_sock {
origdev:1;
int ifindex; /* bound device */
__be16 num;
-#ifdef CONFIG_PACKET_MULTICAST
struct packet_mclist *mclist;
-#endif
#ifdef CONFIG_PACKET_MMAP
atomic_t mapped;
unsigned int pg_vec_order;
@@ -263,7 +244,6 @@ static void packet_sock_destruct(struct sock *sk)
static const struct proto_ops packet_ops;
-#ifdef CONFIG_SOCK_PACKET
static const struct proto_ops packet_ops_spkt;
static int packet_rcv_spkt(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt, struct net_device *orig_dev)
@@ -435,7 +415,6 @@ out_unlock:
dev_put(dev);
return err;
}
-#endif
static inline unsigned int run_filter(struct sk_buff *skb, struct sock *sk,
unsigned int res)
@@ -851,9 +830,7 @@ static int packet_release(struct socket *sock)
__sock_put(sk);
}
-#ifdef CONFIG_PACKET_MULTICAST
packet_flush_mclist(sk);
-#endif
#ifdef CONFIG_PACKET_MMAP
if (po->pg_vec) {
@@ -936,8 +913,6 @@ out_unlock:
* Bind a packet socket to a device
*/
-#ifdef CONFIG_SOCK_PACKET
-
static int packet_bind_spkt(struct socket *sock, struct sockaddr *uaddr, int addr_len)
{
struct sock *sk=sock->sk;
@@ -960,7 +935,6 @@ static int packet_bind_spkt(struct socket *sock, struct sockaddr *uaddr, int add
}
return err;
}
-#endif
static int packet_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
{
@@ -1012,11 +986,8 @@ static int packet_create(struct socket *sock, int protocol)
if (!capable(CAP_NET_RAW))
return -EPERM;
- if (sock->type != SOCK_DGRAM && sock->type != SOCK_RAW
-#ifdef CONFIG_SOCK_PACKET
- && sock->type != SOCK_PACKET
-#endif
- )
+ if (sock->type != SOCK_DGRAM && sock->type != SOCK_RAW &&
+ sock->type != SOCK_PACKET)
return -ESOCKTNOSUPPORT;
sock->state = SS_UNCONNECTED;
@@ -1027,10 +998,9 @@ static int packet_create(struct socket *sock, int protocol)
goto out;
sock->ops = &packet_ops;
-#ifdef CONFIG_SOCK_PACKET
if (sock->type == SOCK_PACKET)
sock->ops = &packet_ops_spkt;
-#endif
+
sock_init_data(sock, sk);
po = pkt_sk(sk);
@@ -1046,10 +1016,10 @@ static int packet_create(struct socket *sock, int protocol)
spin_lock_init(&po->bind_lock);
po->prot_hook.func = packet_rcv;
-#ifdef CONFIG_SOCK_PACKET
+
if (sock->type == SOCK_PACKET)
po->prot_hook.func = packet_rcv_spkt;
-#endif
+
po->prot_hook.af_packet_priv = sk;
if (proto) {
@@ -1169,7 +1139,6 @@ out:
return err;
}
-#ifdef CONFIG_SOCK_PACKET
static int packet_getname_spkt(struct socket *sock, struct sockaddr *uaddr,
int *uaddr_len, int peer)
{
@@ -1190,7 +1159,6 @@ static int packet_getname_spkt(struct socket *sock, struct sockaddr *uaddr,
return 0;
}
-#endif
static int packet_getname(struct socket *sock, struct sockaddr *uaddr,
int *uaddr_len, int peer)
@@ -1221,7 +1189,6 @@ static int packet_getname(struct socket *sock, struct sockaddr *uaddr,
return 0;
}
-#ifdef CONFIG_PACKET_MULTICAST
static void packet_dev_mc(struct net_device *dev, struct packet_mclist *i, int what)
{
switch (i->type) {
@@ -1349,7 +1316,6 @@ static void packet_flush_mclist(struct sock *sk)
}
rtnl_unlock();
}
-#endif
static int
packet_setsockopt(struct socket *sock, int level, int optname, char __user *optval, int optlen)
@@ -1362,7 +1328,6 @@ packet_setsockopt(struct socket *sock, int level, int optname, char __user *optv
return -ENOPROTOOPT;
switch(optname) {
-#ifdef CONFIG_PACKET_MULTICAST
case PACKET_ADD_MEMBERSHIP:
case PACKET_DROP_MEMBERSHIP:
{
@@ -1383,7 +1348,7 @@ packet_setsockopt(struct socket *sock, int level, int optname, char __user *optv
ret = packet_mc_drop(sk, &mreq);
return ret;
}
-#endif
+
#ifdef CONFIG_PACKET_MMAP
case PACKET_RX_RING:
{
@@ -1506,11 +1471,10 @@ static int packet_notifier(struct notifier_block *this, unsigned long msg, void
switch (msg) {
case NETDEV_UNREGISTER:
-#ifdef CONFIG_PACKET_MULTICAST
if (po->mclist)
packet_dev_mclist(dev, po->mclist, -1);
- // fallthrough
-#endif
+ /* fallthrough */
+
case NETDEV_DOWN:
if (dev->ifindex == po->ifindex) {
spin_lock(&po->bind_lock);
@@ -1856,7 +1820,6 @@ out:
#endif
-#ifdef CONFIG_SOCK_PACKET
static const struct proto_ops packet_ops_spkt = {
.family = PF_PACKET,
.owner = THIS_MODULE,
@@ -1877,7 +1840,6 @@ static const struct proto_ops packet_ops_spkt = {
.mmap = sock_no_mmap,
.sendpage = sock_no_sendpage,
};
-#endif
static const struct proto_ops packet_ops = {
.family = PF_PACKET,
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index b8bab89616a..64a375178c5 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -26,10 +26,11 @@
#include <net/xfrm.h>
#include <net/ip.h>
#include <linux/audit.h>
+#include <linux/cache.h>
#include "xfrm_hash.h"
-int sysctl_xfrm_larval_drop;
+int sysctl_xfrm_larval_drop __read_mostly;
DEFINE_MUTEX(xfrm_cfg_mutex);
EXPORT_SYMBOL(xfrm_cfg_mutex);
diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
index 9955ff4da0a..372f06eb8bb 100644
--- a/net/xfrm/xfrm_state.c
+++ b/net/xfrm/xfrm_state.c
@@ -21,18 +21,21 @@
#include <linux/cache.h>
#include <asm/uaccess.h>
#include <linux/audit.h>
+#include <linux/cache.h>
#include "xfrm_hash.h"
struct sock *xfrm_nl;
EXPORT_SYMBOL(xfrm_nl);
-u32 sysctl_xfrm_aevent_etime = XFRM_AE_ETIME;
+u32 sysctl_xfrm_aevent_etime __read_mostly = XFRM_AE_ETIME;
EXPORT_SYMBOL(sysctl_xfrm_aevent_etime);
-u32 sysctl_xfrm_aevent_rseqth = XFRM_AE_SEQT_SIZE;
+u32 sysctl_xfrm_aevent_rseqth __read_mostly = XFRM_AE_SEQT_SIZE;
EXPORT_SYMBOL(sysctl_xfrm_aevent_rseqth);
+u32 sysctl_xfrm_acq_expires __read_mostly = 30;
+
/* Each xfrm_state may be linked to two tables:
1. Hash table by (spi,daddr,ah/esp) to find SA by SPI. (input,ctl)
@@ -622,8 +625,8 @@ xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr,
h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, family);
hlist_add_head(&x->byspi, xfrm_state_byspi+h);
}
- x->lft.hard_add_expires_seconds = XFRM_ACQ_EXPIRES;
- x->timer.expires = jiffies + XFRM_ACQ_EXPIRES*HZ;
+ x->lft.hard_add_expires_seconds = sysctl_xfrm_acq_expires;
+ x->timer.expires = jiffies + sysctl_xfrm_acq_expires*HZ;
add_timer(&x->timer);
xfrm_state_num++;
xfrm_hash_grow_check(x->bydst.next != NULL);
@@ -772,9 +775,9 @@ static struct xfrm_state *__find_acq_core(unsigned short family, u8 mode, u32 re
x->props.family = family;
x->props.mode = mode;
x->props.reqid = reqid;
- x->lft.hard_add_expires_seconds = XFRM_ACQ_EXPIRES;
+ x->lft.hard_add_expires_seconds = sysctl_xfrm_acq_expires;
xfrm_state_hold(x);
- x->timer.expires = jiffies + XFRM_ACQ_EXPIRES*HZ;
+ x->timer.expires = jiffies + sysctl_xfrm_acq_expires*HZ;
add_timer(&x->timer);
hlist_add_head(&x->bydst, xfrm_state_bydst+h);
h = xfrm_src_hash(daddr, saddr, family);