summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* [DCCP]: Move dccp_[un]hash from ipv4.c to the coreArnaldo Carvalho de Melo2006-03-214-14/+17
| | | | | | | As this is used by both ipv4 and ipv6 and is not ipv4 specific. Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [DCCP]: Move dccp_v4_{init,destroy}_sock to the coreArnaldo Carvalho de Melo2006-03-214-104/+112
| | | | | | | Removing one more ipv6 uses ipv4 stuff case in dccp land. Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [DCCP]: Generalize dccp_v4_send_resetArnaldo Carvalho de Melo2006-03-215-38/+28
| | | | | | | | | | Renaming it to dccp_send_reset and moving it from the ipv4 specific code to the core dccp code. This fixes some bugs in IPV6 where timers would send v4 resets, etc. Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [DCCP] feat: Introduce sysctls for the default featuresArnaldo Carvalho de Melo2006-03-216-11/+176
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [root@qemu ~]# for a in /proc/sys/net/dccp/default/* ; do echo $a ; cat $a ; done /proc/sys/net/dccp/default/ack_ratio 2 /proc/sys/net/dccp/default/rx_ccid 3 /proc/sys/net/dccp/default/send_ackvec 1 /proc/sys/net/dccp/default/send_ndp 1 /proc/sys/net/dccp/default/seq_window 100 /proc/sys/net/dccp/default/tx_ccid 3 [root@qemu ~]# So if wanting to test ccid3 as the tx CCID one can just do: [root@qemu ~]# echo 3 > /proc/sys/net/dccp/default/tx_ccid [root@qemu ~]# echo 2 > /proc/sys/net/dccp/default/rx_ccid [root@qemu ~]# cat /proc/sys/net/dccp/default/[tr]x_ccid 2 3 [root@qemu ~]# Of course we also need the setsockopt for each app to tell its preferences, but for testing or defining something other than CCID2 as the default for apps that don't explicitely set their preference the sysctl interface is handy. Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [DCCP]: Call dccp_feat_init more early in dccp_v4_init_sockArnaldo Carvalho de Melo2006-03-211-5/+4
| | | | | | | | | | So that dccp_feat_clean doesn't get confused with uninitialized list_heads. Noticed when testing with no ccid kernel modules. Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [DCCP]: Kconfig tidy upArnaldo Carvalho de Melo2006-03-211-2/+4
| | | | | | | | Make CCID2 and CCID3 default to what was selected for DCCP and use the standard short description for the CCIDs (TCP-Like & TCP-Friendly). Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [DCCP]: Make CCID2 be the defaultArnaldo Carvalho de Melo2006-03-211-9/+0
| | | | | | | | | | | | | As per the draft. This fixes the build when netfilter dccp components are built and dccp isn't. Thanks to Reuben Farrelly for reporting this. The following changesets will introduce /proc/sys/net/dccp/defaults/ to give more flexibility to DCCP developers and testers while apps doesn't use setsockopt to specify the desired CCID, etc. Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [DCCP]: sparse endianness annotationsAndrea Bittau2006-03-217-76/+54
| | | | | | | | | | This also fixes the layout of dccp_hdr short sequence numbers, problem was not fatal now as we only support long (48 bits) sequence numbers. Signed-off-by: Andrea Bittau <a.bittau@cs.ucl.ac.uk> Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: Fix skb->nf_bridge lifetime issuesPatrick McHardy2006-03-212-14/+14
| | | | | | | | | | | | | | | | | | | | | | The bridge netfilter code simulates the NF_IP_PRE_ROUTING hook and skips the real hook by registering with high priority and returning NF_STOP if skb->nf_bridge is present and the BRNF_NF_BRIDGE_PREROUTING flag is not set. The flag is only set during the simulated hook. Because skb->nf_bridge is only freed when the packet is destroyed, the packet will not only skip the first invocation of NF_IP_PRE_ROUTING, but in the case of tunnel devices on top of the bridge also all further ones. Forwarded packets from a bridge encapsulated by a tunnel device and sent as locally outgoing packet will also still have the incorrect bridge information from the input path attached. We already have nf_reset calls on all RX/TX paths of tunnel devices, so simply reset the nf_bridge field there too. As an added bonus, the bridge information for locally delivered packets is now also freed when the packet is queued to a socket. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [DCCP] feat: Actually change the CCID upon negotiationAndrea Bittau2006-03-211-1/+42
| | | | | | | | | | Change the CCID upon successful feature negotiation. Commiter note: patch mostly rewritten to use the new ccid API. Signed-off-by: Andrea Bittau <a.bittau@cs.ucl.ac.uk> Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [DCCP] CCID: Improve CCID infrastructureArnaldo Carvalho de Melo2006-03-2110-212/+260
| | | | | | | | | | | | | | | | | | | 1. No need for ->ccid_init nor ->ccid_exit, this is what module_{init,exit} does and anynways neither ccid2 nor ccid3 were using it. 2. Rename struct ccid to struct ccid_operations and introduce struct ccid with a pointer to ccid_operations and rigth after it the rx or tx private state. 3. Remove the pointer to the state of the half connections from struct dccp_sock, now its derived thru ccid_priv() from the ccid pointer. Now we also can implement the setsockopt for changing the CCID easily as no ccid init routines can affect struct dccp_sock in any way that prevents other CCIDs from working if a CCID switch operation is asked by apps. Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [PKT_SCHED]: Convert sch_red to a classful qdiscPatrick McHardy2006-03-211-16/+163
| | | | | | | | | | | | Convert sch_red to a classful qdisc. All qdiscs that maintain accurate backlog counters are eligible as child qdiscs. When a queue limit larger than zero is given, a bfifo qdisc is used for backwards compatibility. Current versions of tc enforce a limit larger than zero, other users can avoid creating the default qdisc by using zero. Signed-off-by: Patrick McHardy <kaber@trash.net> Acked-by: Jamal Hadi Salim <hadi@cyberus.ca> Signed-off-by: David S. Miller <davem@davemloft.net>
* [XFRM]: Add some missing exports.David S. Miller2006-03-212-0/+7
| | | | | | To fix the case of modular xfrm_user. Signed-off-by: David S. Miller <davem@davemloft.net>
* [XFRM]: Move xfrm_nl to xfrm_state.c from xfrm_user.cDavid S. Miller2006-03-212-3/+3
| | | | | | | xfrm_user could be modular, and since generic code uses this symbol now... Signed-off-by: David S. Miller <davem@davemloft.net>
* [XFRM]: Make sure xfrm_replay_timer_handler() is declared early enough.David S. Miller2006-03-211-2/+2
| | | | Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Sync series - update selinuxJamal Hadi Salim2006-03-211-0/+7
| | | | | | | Add new netlink messages to selinux framework Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Sync series - policy expiresJamal Hadi Salim2006-03-214-5/+60
| | | | | | | | This is similar to the SA expire insertion patch - only it inserts expires for SP. Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Sync series - SA expiresJamal Hadi Salim2006-03-213-7/+43
| | | | | | | | | This patch allows a user to insert SA expires. This is useful to do on an HA backup for the case of byte counts but may not be very useful for the case of time based expiry. Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Sync series - acquire insertJamal Hadi Salim2006-03-213-3/+58
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This introduces a feature similar to the one described in RFC 2367: " ... the application needing an SA sends a PF_KEY SADB_ACQUIRE message down to the Key Engine, which then either returns an error or sends a similar SADB_ACQUIRE message up to one or more key management applications capable of creating such SAs. ... ... The third is where an application-layer consumer of security associations (e.g. an OSPFv2 or RIPv2 daemon) needs a security association. Send an SADB_ACQUIRE message from a user process to the kernel. <base, address(SD), (address(P),) (identity(SD),) (sensitivity,) proposal> The kernel returns an SADB_ACQUIRE message to registered sockets. <base, address(SD), (address(P),) (identity(SD),) (sensitivity,) proposal> The user-level consumer waits for an SADB_UPDATE or SADB_ADD message for its particular type, and then can use that association by using SADB_GET messages. " An app such as OSPF could then use ipsec KM to get keys Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Sync series - userJamal Hadi Salim2006-03-212-10/+230
| | | | | | | Add xfrm as the user of the core changes Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Sync series - fast pathJamal Hadi Salim2006-03-214-0/+4
| | | | | | | | Fast path sequence updates that will generate ipsec async events Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Sync series - core changesJamal Hadi Salim2006-03-216-3/+176
| | | | | | | | This patch provides the core functionality needed for sync events for ipsec. Derived work of Krisztian KOVACS <hidden@balabit.hu> Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca> Signed-off-by: David S. Miller <davem@davemloft.net>
* [PKT_SCHED]: Keep backlog counter in sch_sfqPatrick McHardy2006-03-211-0/+5
| | | | | | | | Keep backlog counter in SFQ qdisc to make it usable as child qdisc with RED. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [PKT_SCHED]: Restore TBF change semanticPatrick McHardy2006-03-211-2/+3
| | | | | | | | | | | | | | | When TBF was converted to a classful qdisc, the semantic of the limit parameter was broken. On initilization an inner bfifo qdisc is created for backwards compatibility, when changing parameters however the new limit is ignored and the current child qdisc remains in place. Always replace the child qdisc by the default bfifo when limit is above zero, otherwise don't touch the inner qdisc. Current tc version enforce a limit above zero, other users can avoid creating the inner qdisc by using zero. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [PKT_SCHED]: Dump child qdisc handle in sch_{atm,dsmark}Patrick McHardy2006-03-212-0/+2
| | | | | | | | A qdisc should set tcm_info to the child qdisc handle in its class dump function. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [PKT_SCHED]: Qdisc drop operation is optionalPatrick McHardy2006-03-213-5/+5
| | | | | | | The drop operation is optional and qdiscs must check if childs support it. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IRDA]: pci_register_driver conversionChristophe Lucas2006-03-212-2/+2
| | | | | | | | | | This patch converts 2 IrDA drivers pci_module_init() calls to pci_register_driver(). Signed-off-by: Christophe Lucas <clucas@ifrance.com> Signed-off-by: Domen Puncer <domen@coderock.org> Signed-off-by: Samuel Ortiz <samuel@sortiz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IRDA]: sti/cli removal from EP7211 IrDA driverDavid chosrova2006-03-211-4/+7
| | | | | | | | | This patch replaces the deprecated sti/cli routines with the corresponding spin_lock ones. Signed-off-by: David chosrova <david.chosrova@libertysurf.fr> Signed-off-by: Samuel Ortiz <samuel.ortiz@nokia.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IRDA]: nsc-ircc: support for yet another Thinkpad IrDA chipsetJean Tourrilhes2006-03-211-4/+6
| | | | | | | | | This patch simply adds support for a variation of the nsc-ircc PC8739x chipset, found in some IBM Thinkpad laptops. Signed-off-by: Jean Tourrilhes <jt@hpl.hp.com> Signed-off-by: Samuel Ortiz <samuel.ortiz@nokia.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IRDA]: nsc-ircc: PM updateDmitry Torokhov2006-03-212-35/+98
| | | | | | | | | | This patch brings the nsc-ircc code to a more up to date power management scheme, following the current device model. Signed-off-by: Dmitry Torokhov <dtor@mail.ru> Signed-off-by: Rudolf Marek <r.marek@sh.cvut.cz> Signed-off-by: Samuel Ortiz <samuel.ortiz@nokia.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IRDA]: nsc-ircc: ISAPnP supportJean Tourrilhes2006-03-211-34/+151
| | | | | | | | | | This enables PnP support for the nsc-ircc chipset. Since we can't fetch the chipset cfg_base from the PnP layer, we just use the PnP information as one more hint when probing the chip. Signed-off-by: Jean Tourrilhes <jt@hpl.hp.com> Signed-off-by: Samuel Ortiz <samuel.ortiz@nokia.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETLINK]: Add netlink_has_listeners for avoiding unneccessary event message ↵Patrick McHardy2006-03-212-4/+49
| | | | | | | | | | | | | | | | generation Keep a bitmask of multicast groups with subscribed listeners to let netlink users check for listeners before generating multicast messages. Queries don't perform any locking, which may result in false positives, it is guaranteed however that any new subscriptions are visible before bind() or setsockopt() return. Signed-off-by: Patrick McHardy <kaber@trash.net> ACKed-by: Jamal Hadi Salim<hadi@cyberus.ca> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: ctnetlink: avoid unneccessary event message generationPatrick McHardy2006-03-214-6/+15
| | | | | | | | Avoid unneccessary event message generation by checking for netlink listeners before building a message. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: x_tables: replace IPv4/IPv6 policy match by address family ↵Patrick McHardy2006-03-2113-476/+314
| | | | | | | independant version Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: Move ip6_masked_addrcmp to include/net/ipv6.hPatrick McHardy2006-03-213-19/+18
| | | | | | | | Replace netfilter's ip6_masked_addrcmp by a more efficient version in include/net/ipv6.h to make it usable without module dependencies. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: x_tables: add xt_{match,target} arguments to match/target functionsPatrick McHardy2006-03-2169-29/+160
| | | | | Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: x_tables: pass registered match/target data to match/target ↵Patrick McHardy2006-03-215-19/+30
| | | | | | | | | | functions This allows to make decisions based on the revision (and address family with a follow-up patch) at runtime. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: Convert x_tables matches/targets to centralized error checkingPatrick McHardy2006-03-2123-511/+167
| | | | | Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: Convert ip6_tables matches/targets to centralized error checkingPatrick McHardy2006-03-2116-165/+47
| | | | | Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: Convert arp_tables targets to centralized error checkingPatrick McHardy2006-03-212-6/+8
| | | | | Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: Convert ip_tables matches/targets to centralized error checkingPatrick McHardy2006-03-2128-390/+103
| | | | | Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: Change {ip,ip6,arp}_tables to use centralized error checkingPatrick McHardy2006-03-213-13/+50
| | | | | Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: xt_tables: add centralized error checkingPatrick McHardy2006-03-212-11/+84
| | | | | | | | | Introduce new functions for common match/target checks (private data size, valid hooks, valid tables and valid protocols) to get more consistent error reporting and to avoid each module duplicating them. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: nf_conntrack: use ipv6_addr_equal in nf_ct_reasmYasuyuki Kozakai2006-03-211-4/+4
| | | | | | Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: Fix CID offset bug in PPTP NAT helper debug messageHolger Eitzenberger2006-03-211-3/+5
| | | | | | | | | | | | | | | | The recent (kernel 2.6.15.1) fix for PPTP NAT helper introduced a bug - which only appears if DEBUGP is enabled though. The calculation of the CID offset into a PPTP request struct is not correct, so that at least not the correct CID is displayed if DEBUGP is enabled. This patch corrects CID offset calculation and introduces a #define for that. Signed-off-by: Holger Eitzenberger <heitzenberger@astaro.com> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [DCCP] CCID2: Drop sock reference count on timer expiration and reset.Andrea Bittau2006-03-211-11/+15
| | | | | | | | | | There was a hybrid use of standard timers and sk_timers. This caused the reference count of the sock to be incorrect when resetting the RTO timer. The sock reference count should now be correct, enabling its destruction, and allowing the DCCP module to be unloaded. Signed-off-by: Andrea Bittau <a.bittau@cs.ucl.ac.uk> Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
* [DCCP]: Set the default CCID according to kernel config selectionIan McDonald2006-03-211-1/+10
| | | | | | | | Now CCID2 is the default, as stated in the RFC drafts, but we allow a config where just CCID3 is built, where CCID3 becomes the default. Signed-off-by: Ian McDonald <imcdnzl@gmail.com> Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
* [NETFILTER] nf_conntrack: clean up to reduce size of 'struct nf_conn'Harald Welte2006-03-218-138/+148
| | | | | | | | | | | | | | | | | | | | This patch moves all helper related data fields of 'struct nf_conn' into a separate structure 'struct nf_conn_help'. This new structure is only present in conntrack entries for which we actually have a helper loaded. Also, this patch cleans up the nf_conntrack 'features' mechanism to resemble what the original idea was: Just glue the feature-specific data structures at the end of 'struct nf_conn', and explicitly re-calculate the pointer to it when needed rather than keeping pointers around. Saves 20 bytes per conntrack on my x86_64 box. A non-helped conntrack is 276 bytes. We still need to save another 20 bytes in order to fit into to target of 256bytes. Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [BNX2]: include <linux/vmalloc.h>Michael Chan2006-03-212-2/+3
| | | | | | | | | Include <linux/vmalloc.h> so that it compiles properly on all archs. Update version to 1.4.38. Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [TCP]: MTU probingJohn Heffner2006-03-219-37/+326
| | | | | | | | | Implementation of packetization layer path mtu discovery for TCP, based on the internet-draft currently found at <http://www.ietf.org/internet-drafts/draft-ietf-pmtud-method-05.txt>. Signed-off-by: John Heffner <jheffner@psc.edu> Signed-off-by: David S. Miller <davem@davemloft.net>