From 3a7da39d165e0c363c294feec119db1427032afd Mon Sep 17 00:00:00 2001 From: Ben Hutchings Date: Thu, 17 Mar 2011 07:34:32 +0000 Subject: ethtool: Compat handling for struct ethtool_rxnfc This structure was accidentally defined such that its layout can differ between 32-bit and 64-bit processes. Add compat structure definitions and an ioctl wrapper function. Signed-off-by: Ben Hutchings Acked-by: Alexander Duyck Cc: stable@kernel.org [2.6.30+] Signed-off-by: David S. Miller --- include/linux/ethtool.h | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) (limited to 'include') diff --git a/include/linux/ethtool.h b/include/linux/ethtool.h index aac3e2eeb4fd..b297f288f6eb 100644 --- a/include/linux/ethtool.h +++ b/include/linux/ethtool.h @@ -13,6 +13,9 @@ #ifndef _LINUX_ETHTOOL_H #define _LINUX_ETHTOOL_H +#ifdef __KERNEL__ +#include +#endif #include #include @@ -450,6 +453,37 @@ struct ethtool_rxnfc { __u32 rule_locs[0]; }; +#ifdef __KERNEL__ +#ifdef CONFIG_COMPAT + +struct compat_ethtool_rx_flow_spec { + u32 flow_type; + union { + struct ethtool_tcpip4_spec tcp_ip4_spec; + struct ethtool_tcpip4_spec udp_ip4_spec; + struct ethtool_tcpip4_spec sctp_ip4_spec; + struct ethtool_ah_espip4_spec ah_ip4_spec; + struct ethtool_ah_espip4_spec esp_ip4_spec; + struct ethtool_usrip4_spec usr_ip4_spec; + struct ethhdr ether_spec; + u8 hdata[72]; + } h_u, m_u; + compat_u64 ring_cookie; + u32 location; +}; + +struct compat_ethtool_rxnfc { + u32 cmd; + u32 flow_type; + compat_u64 data; + struct compat_ethtool_rx_flow_spec fs; + u32 rule_cnt; + u32 rule_locs[0]; +}; + +#endif /* CONFIG_COMPAT */ +#endif /* __KERNEL__ */ + /** * struct ethtool_rxfh_indir - command to get or set RX flow hash indirection * @cmd: Specific command number - %ETHTOOL_GRXFHINDIR or %ETHTOOL_SRXFHINDIR -- cgit v1.2.3 From b51bdad63046d1d5a4807630cc8c02845cf67893 Mon Sep 17 00:00:00 2001 From: Mike Frysinger Date: Fri, 18 Mar 2011 08:50:37 +0000 Subject: headers: use __aligned_xx types for userspace Now that we finally have __aligned_xx exported to userspace, convert the headers that get exported over to the proper type. Signed-off-by: Mike Frysinger Signed-off-by: David S. Miller --- include/linux/if_ppp.h | 16 ++++++++-------- include/linux/netfilter/nfnetlink_log.h | 4 ++-- include/linux/netfilter/nfnetlink_queue.h | 4 ++-- include/linux/netfilter/xt_connbytes.h | 4 ++-- include/linux/netfilter/xt_quota.h | 2 +- 5 files changed, 15 insertions(+), 15 deletions(-) (limited to 'include') diff --git a/include/linux/if_ppp.h b/include/linux/if_ppp.h index fcef103aa3f6..c9ad38322576 100644 --- a/include/linux/if_ppp.h +++ b/include/linux/if_ppp.h @@ -114,14 +114,14 @@ struct pppol2tp_ioc_stats { __u16 tunnel_id; /* redundant */ __u16 session_id; /* if zero, get tunnel stats */ __u32 using_ipsec:1; /* valid only for session_id == 0 */ - aligned_u64 tx_packets; - aligned_u64 tx_bytes; - aligned_u64 tx_errors; - aligned_u64 rx_packets; - aligned_u64 rx_bytes; - aligned_u64 rx_seq_discards; - aligned_u64 rx_oos_packets; - aligned_u64 rx_errors; + __aligned_u64 tx_packets; + __aligned_u64 tx_bytes; + __aligned_u64 tx_errors; + __aligned_u64 rx_packets; + __aligned_u64 rx_bytes; + __aligned_u64 rx_seq_discards; + __aligned_u64 rx_oos_packets; + __aligned_u64 rx_errors; }; #define ifr__name b.ifr_ifrn.ifrn_name diff --git a/include/linux/netfilter/nfnetlink_log.h b/include/linux/netfilter/nfnetlink_log.h index ea9b8d380527..90c2c9575bac 100644 --- a/include/linux/netfilter/nfnetlink_log.h +++ b/include/linux/netfilter/nfnetlink_log.h @@ -28,8 +28,8 @@ struct nfulnl_msg_packet_hw { }; struct nfulnl_msg_packet_timestamp { - aligned_be64 sec; - aligned_be64 usec; + __aligned_be64 sec; + __aligned_be64 usec; }; enum nfulnl_attr_type { diff --git a/include/linux/netfilter/nfnetlink_queue.h b/include/linux/netfilter/nfnetlink_queue.h index 2455fe5f4e01..af94e0014ebd 100644 --- a/include/linux/netfilter/nfnetlink_queue.h +++ b/include/linux/netfilter/nfnetlink_queue.h @@ -25,8 +25,8 @@ struct nfqnl_msg_packet_hw { }; struct nfqnl_msg_packet_timestamp { - aligned_be64 sec; - aligned_be64 usec; + __aligned_be64 sec; + __aligned_be64 usec; }; enum nfqnl_attr_type { diff --git a/include/linux/netfilter/xt_connbytes.h b/include/linux/netfilter/xt_connbytes.h index 92fcbb0d193e..f1d6c15bd9e3 100644 --- a/include/linux/netfilter/xt_connbytes.h +++ b/include/linux/netfilter/xt_connbytes.h @@ -17,8 +17,8 @@ enum xt_connbytes_direction { struct xt_connbytes_info { struct { - aligned_u64 from; /* count to be matched */ - aligned_u64 to; /* count to be matched */ + __aligned_u64 from; /* count to be matched */ + __aligned_u64 to; /* count to be matched */ } count; __u8 what; /* ipt_connbytes_what */ __u8 direction; /* ipt_connbytes_direction */ diff --git a/include/linux/netfilter/xt_quota.h b/include/linux/netfilter/xt_quota.h index ca6e03e47a17..9314723f39ca 100644 --- a/include/linux/netfilter/xt_quota.h +++ b/include/linux/netfilter/xt_quota.h @@ -13,7 +13,7 @@ struct xt_quota_priv; struct xt_quota_info { __u32 flags; __u32 pad; - aligned_u64 quota; + __aligned_u64 quota; /* Used internally by the kernel */ struct xt_quota_priv *master; -- cgit v1.2.3 From 5e0c1eb7e6b61998c7ecd39b7f69a15773d894d4 Mon Sep 17 00:00:00 2001 From: Jozsef Kadlecsik Date: Sun, 20 Mar 2011 15:33:26 +0100 Subject: netfilter: ipset: fix address ranges at hash:*port* types The hash:*port* types with IPv4 silently ignored when address ranges with non TCP/UDP were added/deleted from the set and used the first address from the range only. Signed-off-by: Jozsef Kadlecsik Signed-off-by: Patrick McHardy --- include/linux/netfilter/ipset/ip_set_getport.h | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'include') diff --git a/include/linux/netfilter/ipset/ip_set_getport.h b/include/linux/netfilter/ipset/ip_set_getport.h index 3882a81a3b3c..5aebd170f899 100644 --- a/include/linux/netfilter/ipset/ip_set_getport.h +++ b/include/linux/netfilter/ipset/ip_set_getport.h @@ -18,4 +18,14 @@ static inline bool ip_set_get_ip6_port(const struct sk_buff *skb, bool src, extern bool ip_set_get_ip_port(const struct sk_buff *skb, u8 pf, bool src, __be16 *port); +static inline bool ip_set_proto_with_ports(u8 proto) +{ + switch (proto) { + case IPPROTO_TCP: + case IPPROTO_UDP: + return true; + } + return false; +} + #endif /*_IP_SET_GETPORT_H*/ -- cgit v1.2.3 From a454f0ccefbfdbfc0e1aa8a5f8010af5e48b8845 Mon Sep 17 00:00:00 2001 From: Wei Yongjun Date: Mon, 21 Mar 2011 18:08:28 -0700 Subject: xfrm: Fix initialize repl field of struct xfrm_state Commit 'xfrm: Move IPsec replay detection functions to a separate file' (9fdc4883d92d20842c5acea77a4a21bb1574b495) introduce repl field to struct xfrm_state, and only initialize it under SA's netlink create path, the other path, such as pf_key, ipcomp/ipcomp6 etc, the repl field remaining uninitialize. So if the SA is created by pf_key, any input packet with SA's encryption algorithm will cause panic. int xfrm_input() { ... x->repl->advance(x, seq); ... } This patch fixed it by introduce new function __xfrm_init_state(). Pid: 0, comm: swapper Not tainted 2.6.38-next+ #14 Bochs Bochs EIP: 0060:[] EFLAGS: 00010206 CPU: 0 EIP is at xfrm_input+0x31c/0x4cc EAX: dd839c00 EBX: 00000084 ECX: 00000000 EDX: 01000000 ESI: dd839c00 EDI: de3a0780 EBP: dec1de88 ESP: dec1de64 DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 Process swapper (pid: 0, ti=dec1c000 task=c09c0f20 task.ti=c0992000) Stack: 00000000 00000000 00000002 c0ba27c0 00100000 01000000 de3a0798 c0ba27c0 00000033 dec1de98 c0786848 00000000 de3a0780 dec1dea4 c0786868 00000000 dec1debc c074ee56 e1da6b8c de3a0780 c074ed44 de3a07a8 dec1decc c074ef32 Call Trace: [] xfrm4_rcv_encap+0x22/0x27 [] xfrm4_rcv+0x1b/0x1d [] ip_local_deliver_finish+0x112/0x1b1 [] ? ip_local_deliver_finish+0x0/0x1b1 [] NF_HOOK.clone.1+0x3d/0x44 [] ip_local_deliver+0x3e/0x44 [] ? ip_local_deliver_finish+0x0/0x1b1 [] ip_rcv_finish+0x30a/0x332 [] ? ip_rcv_finish+0x0/0x332 [] NF_HOOK.clone.1+0x3d/0x44 [] ip_rcv+0x20b/0x247 [] ? ip_rcv_finish+0x0/0x332 [] __netif_receive_skb+0x373/0x399 [] netif_receive_skb+0x4b/0x51 [] cp_rx_poll+0x210/0x2c4 [8139cp] [] net_rx_action+0x9a/0x17d [] __do_softirq+0xa1/0x149 [] ? __do_softirq+0x0/0x149 Signed-off-by: Wei Yongjun Signed-off-by: David S. Miller --- include/net/xfrm.h | 1 + 1 file changed, 1 insertion(+) (limited to 'include') diff --git a/include/net/xfrm.h b/include/net/xfrm.h index 42a8c32a10e2..cffa5dc66449 100644 --- a/include/net/xfrm.h +++ b/include/net/xfrm.h @@ -1430,6 +1430,7 @@ extern void xfrm_spd_getinfo(struct net *net, struct xfrmk_spdinfo *si); extern u32 xfrm_replay_seqhi(struct xfrm_state *x, __be32 net_seq); extern int xfrm_init_replay(struct xfrm_state *x); extern int xfrm_state_mtu(struct xfrm_state *x, int mtu); +extern int __xfrm_init_state(struct xfrm_state *x, bool init_replay); extern int xfrm_init_state(struct xfrm_state *x); extern int xfrm_prepare_input(struct xfrm_state *x, struct sk_buff *skb); extern int xfrm_input(struct sk_buff *skb, int nexthdr, __be32 spi, -- cgit v1.2.3 From 20246a800389fe5442675c59863fec5a4f520c7c Mon Sep 17 00:00:00 2001 From: Eric Dumazet Date: Mon, 21 Mar 2011 18:12:54 -0700 Subject: snmp: SNMP_UPD_PO_STATS_BH() always called from softirq We dont need to test if we run from softirq context, we definitely are. This saves few instructions in ip_rcv() & ip_rcv_finish() Signed-off-by: Eric Dumazet Signed-off-by: David S. Miller --- include/net/snmp.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/net/snmp.h b/include/net/snmp.h index 762e2abce889..27461d6dd46f 100644 --- a/include/net/snmp.h +++ b/include/net/snmp.h @@ -150,7 +150,7 @@ struct linux_xfrm_mib { #define SNMP_UPD_PO_STATS_BH(mib, basefield, addend) \ do { \ __typeof__(*mib[0]) *ptr = \ - __this_cpu_ptr((mib)[!in_softirq()]); \ + __this_cpu_ptr((mib)[0]); \ ptr->mibs[basefield##PKTS]++; \ ptr->mibs[basefield##OCTETS] += addend;\ } while (0) @@ -202,7 +202,7 @@ struct linux_xfrm_mib { #define SNMP_UPD_PO_STATS64_BH(mib, basefield, addend) \ do { \ __typeof__(*mib[0]) *ptr; \ - ptr = __this_cpu_ptr((mib)[!in_softirq()]); \ + ptr = __this_cpu_ptr((mib)[0]); \ u64_stats_update_begin(&ptr->syncp); \ ptr->mibs[basefield##PKTS]++; \ ptr->mibs[basefield##OCTETS] += addend; \ -- cgit v1.2.3 From 736561a01f11114146b1b7f82d486fa9c95828ef Mon Sep 17 00:00:00 2001 From: Simon Horman Date: Mon, 21 Mar 2011 15:18:01 +0000 Subject: IPVS: Use global mutex in ip_vs_app.c As part of the work to make IPVS network namespace aware __ip_vs_app_mutex was replaced by a per-namespace lock, ipvs->app_mutex. ipvs->app_key is also supplied for debugging purposes. Unfortunately this implementation results in ipvs->app_key residing in non-static storage which at the very least causes a lockdep warning. This patch takes the rather heavy-handed approach of reinstating __ip_vs_app_mutex which will cover access to the ipvs->list_head of all network namespaces. [ 12.610000] IPVS: Creating netns size=2456 id=0 [ 12.630000] IPVS: Registered protocols (TCP, UDP, SCTP, AH, ESP) [ 12.640000] BUG: key ffff880003bbf1a0 not in .data! [ 12.640000] ------------[ cut here ]------------ [ 12.640000] WARNING: at kernel/lockdep.c:2701 lockdep_init_map+0x37b/0x570() [ 12.640000] Hardware name: Bochs [ 12.640000] Pid: 1, comm: swapper Tainted: G W 2.6.38-kexec-06330-g69b7efe-dirty #122 [ 12.650000] Call Trace: [ 12.650000] [] warn_slowpath_common+0x75/0xb0 [ 12.650000] [] warn_slowpath_null+0x15/0x20 [ 12.650000] [] lockdep_init_map+0x37b/0x570 [ 12.650000] [] ? trace_hardirqs_on+0xd/0x10 [ 12.650000] [] debug_mutex_init+0x38/0x50 [ 12.650000] [] __mutex_init+0x5c/0x70 [ 12.650000] [] __ip_vs_app_init+0x64/0x86 [ 12.660000] [] ? ip_vs_init+0x0/0xff [ 12.660000] [] T.620+0x43/0x170 [ 12.660000] [] ? register_pernet_subsys+0x1a/0x40 [ 12.660000] [] ? ip_vs_init+0x0/0xff [ 12.660000] [] ? ip_vs_init+0x0/0xff [ 12.660000] [] register_pernet_operations+0x57/0xb0 [ 12.660000] [] ? ip_vs_init+0x0/0xff [ 12.670000] [] register_pernet_subsys+0x29/0x40 [ 12.670000] [] ip_vs_app_init+0x10/0x12 [ 12.670000] [] ip_vs_init+0x4c/0xff [ 12.670000] [] do_one_initcall+0x7a/0x12e [ 12.670000] [] kernel_init+0x13e/0x1c2 [ 12.670000] [] kernel_thread_helper+0x4/0x10 [ 12.670000] [] ? restore_args+0x0/0x30 [ 12.680000] [] ? kernel_init+0x0/0x1c2 [ 12.680000] [] ? kernel_thread_helper+0x0/0x1global0 Signed-off-by: Simon Horman Cc: Ingo Molnar Cc: Eric Dumazet Cc: Julian Anastasov Cc: Hans Schillstrom Signed-off-by: David S. Miller --- include/net/ip_vs.h | 2 -- 1 file changed, 2 deletions(-) (limited to 'include') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index 272f59336b73..30b49ed72f0d 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -801,8 +801,6 @@ struct netns_ipvs { struct list_head rs_table[IP_VS_RTAB_SIZE]; /* ip_vs_app */ struct list_head app_list; - struct mutex app_mutex; - struct lock_class_key app_key; /* mutex debuging */ /* ip_vs_proto */ #define IP_VS_PROTO_TAB_SIZE 32 /* must be power of 2 */ -- cgit v1.2.3