diff --git a/[refs] b/[refs] index 88e7bb66d040..f37c738d2ab4 100644 --- a/[refs] +++ b/[refs] @@ -1,2 +1,2 @@ --- -refs/heads/master: 244e6c2d0724bc4908a1995804704bdee3b31528 +refs/heads/master: 9764f3f9c3700620f9f8a1f9af57f58758e835da diff --git a/trunk/drivers/net/3c503.c b/trunk/drivers/net/3c503.c index c092c3929224..95bd95f1f99e 100644 --- a/trunk/drivers/net/3c503.c +++ b/trunk/drivers/net/3c503.c @@ -168,21 +168,6 @@ struct net_device * __init el2_probe(int unit) } #endif -static const struct net_device_ops el2_netdev_ops = { - .ndo_open = el2_open, - .ndo_stop = el2_close, - - .ndo_start_xmit = eip_start_xmit, - .ndo_tx_timeout = eip_tx_timeout, - .ndo_get_stats = eip_get_stats, - .ndo_set_multicast_list = eip_set_multicast_list, - .ndo_validate_addr = eth_validate_addr, - .ndo_change_mtu = eth_change_mtu, -#ifdef CONFIG_NET_POLL_CONTROLLER - .ndo_poll_controller = eip_poll, -#endif -}; - /* Probe for the Etherlink II card at I/O port base IOADDR, returning non-zero on success. If found, set the station address and memory parameters in DEVICE. */ @@ -350,7 +335,8 @@ el2_probe1(struct net_device *dev, int ioaddr) ei_status.saved_irq = dev->irq; - dev->netdev_ops = &el2_netdev_ops; + dev->open = &el2_open; + dev->stop = &el2_close; dev->ethtool_ops = &netdev_ethtool_ops; #ifdef CONFIG_NET_POLL_CONTROLLER dev->poll_controller = eip_poll; diff --git a/trunk/drivers/net/3c523.c b/trunk/drivers/net/3c523.c index d9c9481a59a5..59ea2910bcac 100644 --- a/trunk/drivers/net/3c523.c +++ b/trunk/drivers/net/3c523.c @@ -576,14 +576,14 @@ static int __init do_elmc_probe(struct net_device *dev) return retval; } -#ifdef MODULE static void cleanup_card(struct net_device *dev) { mca_set_adapter_procfn(((struct priv *)netdev_priv(dev))->slot, NULL, NULL); release_region(dev->base_addr, ELMC_IO_EXTENT); } -#else + +#ifndef MODULE struct net_device * __init elmc_probe(int unit) { struct net_device *dev = alloc_etherdev(sizeof(struct priv)); diff --git a/trunk/drivers/net/8390.c b/trunk/drivers/net/8390.c index 029ad08f0330..f72a2e87d569 100644 --- a/trunk/drivers/net/8390.c +++ b/trunk/drivers/net/8390.c @@ -17,30 +17,6 @@ int ei_close(struct net_device *dev) } EXPORT_SYMBOL(ei_close); -int ei_start_xmit(struct sk_buff *skb, struct net_device *dev) -{ - return __ei_start_xmit(skb, dev); -} -EXPORT_SYMBOL(ei_start_xmit); - -struct net_device_stats *ei_get_stats(struct net_device *dev) -{ - return __ei_get_stats(dev); -} -EXPORT_SYMBOL(ei_get_stats); - -void ei_set_multicast_list(struct net_device *dev) -{ - __ei_set_multicast_list(dev); -} -EXPORT_SYMBOL(ei_set_multicast_list); - -void ei_tx_timeout(struct net_device *dev) -{ - __ei_tx_timeout(dev); -} -EXPORT_SYMBOL(ei_tx_timeout); - irqreturn_t ei_interrupt(int irq, void *dev_id) { return __ei_interrupt(irq, dev_id); @@ -55,21 +31,6 @@ void ei_poll(struct net_device *dev) EXPORT_SYMBOL(ei_poll); #endif -const struct net_device_ops ei_netdev_ops = { - .ndo_open = ei_open, - .ndo_stop = ei_close, - .ndo_start_xmit = ei_start_xmit, - .ndo_tx_timeout = ei_tx_timeout, - .ndo_get_stats = ei_get_stats, - .ndo_set_multicast_list = ei_set_multicast_list, - .ndo_validate_addr = eth_validate_addr, - .ndo_change_mtu = eth_change_mtu, -#ifdef CONFIG_NET_POLL_CONTROLLER - .ndo_poll_controller = ei_poll, -#endif -}; -EXPORT_SYMBOL(ei_netdev_ops); - struct net_device *__alloc_ei_netdev(int size) { return ____alloc_ei_netdev(size); diff --git a/trunk/drivers/net/8390.h b/trunk/drivers/net/8390.h index 3c61d6d2748a..9470998bf634 100644 --- a/trunk/drivers/net/8390.h +++ b/trunk/drivers/net/8390.h @@ -33,19 +33,16 @@ extern void ei_poll(struct net_device *dev); extern void eip_poll(struct net_device *dev); #endif +extern void ei_tx_timeout(struct net_device *dev); +extern int ei_start_xmit(struct sk_buff *skb, struct net_device *dev); +extern void ei_set_multicast_list(struct net_device *dev); +extern struct net_device_stats *ei_get_stats(struct net_device *dev); /* Without I/O delay - non ISA or later chips */ extern void NS8390_init(struct net_device *dev, int startp); extern int ei_open(struct net_device *dev); extern int ei_close(struct net_device *dev); extern irqreturn_t ei_interrupt(int irq, void *dev_id); -extern void ei_tx_timeout(struct net_device *dev); -extern int ei_start_xmit(struct sk_buff *skb, struct net_device *dev); -extern void ei_set_multicast_list(struct net_device *dev); -extern struct net_device_stats *ei_get_stats(struct net_device *dev); - -extern const struct net_device_ops ei_netdev_ops; - extern struct net_device *__alloc_ei_netdev(int size); static inline struct net_device *alloc_ei_netdev(void) { @@ -57,13 +54,6 @@ extern void NS8390p_init(struct net_device *dev, int startp); extern int eip_open(struct net_device *dev); extern int eip_close(struct net_device *dev); extern irqreturn_t eip_interrupt(int irq, void *dev_id); -extern void eip_tx_timeout(struct net_device *dev); -extern int eip_start_xmit(struct sk_buff *skb, struct net_device *dev); -extern void eip_set_multicast_list(struct net_device *dev); -extern struct net_device_stats *eip_get_stats(struct net_device *dev); - -extern const struct net_device_ops eip_netdev_ops; - extern struct net_device *__alloc_eip_netdev(int size); static inline struct net_device *alloc_eip_netdev(void) { diff --git a/trunk/drivers/net/8390p.c b/trunk/drivers/net/8390p.c index 9c916d4d206e..4c6eea4611a2 100644 --- a/trunk/drivers/net/8390p.c +++ b/trunk/drivers/net/8390p.c @@ -22,30 +22,6 @@ int eip_close(struct net_device *dev) } EXPORT_SYMBOL(eip_close); -int eip_start_xmit(struct sk_buff *skb, struct net_device *dev) -{ - return __ei_start_xmit(skb, dev); -} -EXPORT_SYMBOL(eip_start_xmit); - -struct net_device_stats *eip_get_stats(struct net_device *dev) -{ - return __ei_get_stats(dev); -} -EXPORT_SYMBOL(eip_get_stats); - -void eip_set_multicast_list(struct net_device *dev) -{ - __ei_set_multicast_list(dev); -} -EXPORT_SYMBOL(eip_set_multicast_list); - -void eip_tx_timeout(struct net_device *dev) -{ - __ei_tx_timeout(dev); -} -EXPORT_SYMBOL(eip_tx_timeout); - irqreturn_t eip_interrupt(int irq, void *dev_id) { return __ei_interrupt(irq, dev_id); @@ -60,21 +36,6 @@ void eip_poll(struct net_device *dev) EXPORT_SYMBOL(eip_poll); #endif -const struct net_device_ops eip_netdev_ops = { - .ndo_open = eip_open, - .ndo_stop = eip_close, - .ndo_start_xmit = eip_start_xmit, - .ndo_tx_timeout = eip_tx_timeout, - .ndo_get_stats = eip_get_stats, - .ndo_set_multicast_list = eip_set_multicast_list, - .ndo_validate_addr = eth_validate_addr, - .ndo_change_mtu = eth_change_mtu, -#ifdef CONFIG_NET_POLL_CONTROLLER - .ndo_poll_controller = eip_poll, -#endif -}; -EXPORT_SYMBOL(eip_netdev_ops); - struct net_device *__alloc_eip_netdev(int size) { return ____alloc_ei_netdev(size); diff --git a/trunk/drivers/net/apne.c b/trunk/drivers/net/apne.c index 1437f5d12121..7426f6940630 100644 --- a/trunk/drivers/net/apne.c +++ b/trunk/drivers/net/apne.c @@ -78,6 +78,9 @@ struct net_device * __init apne_probe(int unit); static int apne_probe1(struct net_device *dev, int ioaddr); +static int apne_open(struct net_device *dev); +static int apne_close(struct net_device *dev); + static void apne_reset_8390(struct net_device *dev); static void apne_get_8390_hdr(struct net_device *dev, struct e8390_pkt_hdr *hdr, int ring_page); @@ -311,7 +314,6 @@ static int __init apne_probe1(struct net_device *dev, int ioaddr) dev->base_addr = ioaddr; dev->irq = IRQ_AMIGA_PORTS; - dev->netdev_ops = &ei_netdev_ops; /* Install the Interrupt handler */ i = request_irq(dev->irq, apne_interrupt, IRQF_SHARED, DRV_NAME, dev); @@ -335,7 +337,11 @@ static int __init apne_probe1(struct net_device *dev, int ioaddr) ei_status.block_input = &apne_block_input; ei_status.block_output = &apne_block_output; ei_status.get_8390_hdr = &apne_get_8390_hdr; - + dev->open = &apne_open; + dev->stop = &apne_close; +#ifdef CONFIG_NET_POLL_CONTROLLER + dev->poll_controller = ei_poll; +#endif NS8390_init(dev, 0); pcmcia_ack_int(pcmcia_get_intreq()); /* ack PCMCIA int req */ @@ -346,6 +352,22 @@ static int __init apne_probe1(struct net_device *dev, int ioaddr) return 0; } +static int +apne_open(struct net_device *dev) +{ + ei_open(dev); + return 0; +} + +static int +apne_close(struct net_device *dev) +{ + if (ei_debug > 1) + printk("%s: Shutting down ethercard.\n", dev->name); + ei_close(dev); + return 0; +} + /* Hard reset the card. This used to pause for the same period that a 8390 reset command required, but that shouldn't be necessary. */ static void diff --git a/trunk/drivers/net/atlx/atl2.c b/trunk/drivers/net/atlx/atl2.c index bc394491b63b..0326a84503e3 100644 --- a/trunk/drivers/net/atlx/atl2.c +++ b/trunk/drivers/net/atlx/atl2.c @@ -644,6 +644,7 @@ static int atl2_request_irq(struct atl2_adapter *adapter) int flags, err = 0; flags = IRQF_SHARED; +#ifdef CONFIG_PCI_MSI adapter->have_msi = true; err = pci_enable_msi(adapter->pdev); if (err) @@ -651,6 +652,7 @@ static int atl2_request_irq(struct atl2_adapter *adapter) if (adapter->have_msi) flags &= ~IRQF_SHARED; +#endif return request_irq(adapter->pdev->irq, &atl2_intr, flags, netdev->name, netdev); diff --git a/trunk/drivers/net/cassini.c b/trunk/drivers/net/cassini.c index 023d205e9054..bc84c4ca898e 100644 --- a/trunk/drivers/net/cassini.c +++ b/trunk/drivers/net/cassini.c @@ -2347,7 +2347,7 @@ static int cas_rx_ringN(struct cas *cp, int ring, int budget) drops = 0; while (1) { struct cas_rx_comp *rxc = rxcs + entry; - struct sk_buff *uninitialized_var(skb); + struct sk_buff *skb; int type, len; u64 words[4]; int i, dring; diff --git a/trunk/drivers/net/depca.c b/trunk/drivers/net/depca.c index e4cef491dc73..ec34f03cb982 100644 --- a/trunk/drivers/net/depca.c +++ b/trunk/drivers/net/depca.c @@ -1556,7 +1556,6 @@ static int __init depca_isa_probe (struct platform_device *device) #ifdef CONFIG_EISA static int __init depca_eisa_probe (struct device *device) { - enum depca_type adapter = unknown; struct eisa_device *edev; struct net_device *dev; struct depca_private *lp; @@ -1575,11 +1574,7 @@ static int __init depca_eisa_probe (struct device *device) * the EISA configuration structures (yet... :-), just rely on * the ISA probing to sort it out... */ - adapter = depca_shmem_probe (&mem_start); - if (adapter == unknown) { - status = -ENODEV; - goto out_free; - } + depca_shmem_probe (&mem_start); dev->base_addr = ioaddr; dev->irq = irq; diff --git a/trunk/drivers/net/e2100.c b/trunk/drivers/net/e2100.c index 20eb05cddb83..6390f51ea6fb 100644 --- a/trunk/drivers/net/e2100.c +++ b/trunk/drivers/net/e2100.c @@ -107,7 +107,7 @@ static void e21_block_output(struct net_device *dev, int count, const unsigned char *buf, int start_page); static void e21_get_8390_hdr(struct net_device *dev, struct e8390_pkt_hdr *hdr, int ring_page); -static int e21_open(struct net_device *dev); + static int e21_close(struct net_device *dev); @@ -160,21 +160,6 @@ struct net_device * __init e2100_probe(int unit) } #endif -static const struct net_device_ops e21_netdev_ops = { - .ndo_open = e21_open, - .ndo_stop = e21_close, - - .ndo_start_xmit = ei_start_xmit, - .ndo_tx_timeout = ei_tx_timeout, - .ndo_get_stats = ei_get_stats, - .ndo_set_multicast_list = ei_set_multicast_list, - .ndo_validate_addr = eth_validate_addr, - .ndo_change_mtu = eth_change_mtu, -#ifdef CONFIG_NET_POLL_CONTROLLER - .ndo_poll_controller = ei_poll, -#endif -}; - static int __init e21_probe1(struct net_device *dev, int ioaddr) { int i, status, retval; @@ -280,8 +265,11 @@ static int __init e21_probe1(struct net_device *dev, int ioaddr) ei_status.block_input = &e21_block_input; ei_status.block_output = &e21_block_output; ei_status.get_8390_hdr = &e21_get_8390_hdr; - - dev->netdev_ops = &e21_netdev_ops; + dev->open = &e21_open; + dev->stop = &e21_close; +#ifdef CONFIG_NET_POLL_CONTROLLER + dev->poll_controller = ei_poll; +#endif NS8390_init(dev, 0); retval = register_netdev(dev); diff --git a/trunk/drivers/net/es3210.c b/trunk/drivers/net/es3210.c index 5569f2ffb62c..e7df9f4a183d 100644 --- a/trunk/drivers/net/es3210.c +++ b/trunk/drivers/net/es3210.c @@ -64,6 +64,9 @@ static const char version[] = static int es_probe1(struct net_device *dev, int ioaddr); +static int es_open(struct net_device *dev); +static int es_close(struct net_device *dev); + static void es_reset_8390(struct net_device *dev); static void es_get_8390_hdr(struct net_device *dev, struct e8390_pkt_hdr *hdr, int ring_page); @@ -286,7 +289,11 @@ static int __init es_probe1(struct net_device *dev, int ioaddr) ei_status.block_output = &es_block_output; ei_status.get_8390_hdr = &es_get_8390_hdr; - dev->netdev_ops = &ei_netdev_ops; + dev->open = &es_open; + dev->stop = &es_close; +#ifdef CONFIG_NET_POLL_CONTROLLER + dev->poll_controller = ei_poll; +#endif NS8390_init(dev, 0); retval = register_netdev(dev); @@ -378,6 +385,22 @@ static void es_block_output(struct net_device *dev, int count, memcpy_toio(shmem, buf, count); } +static int es_open(struct net_device *dev) +{ + ei_open(dev); + return 0; +} + +static int es_close(struct net_device *dev) +{ + + if (ei_debug > 1) + printk("%s: Shutting down ethercard.\n", dev->name); + + ei_close(dev); + return 0; +} + #ifdef MODULE #define MAX_ES_CARDS 4 /* Max number of ES3210 cards per module */ #define NAMELEN 8 /* # of chars for storing dev->name */ diff --git a/trunk/drivers/net/hp-plus.c b/trunk/drivers/net/hp-plus.c index c34411cba6b4..9026fd6ea0ff 100644 --- a/trunk/drivers/net/hp-plus.c +++ b/trunk/drivers/net/hp-plus.c @@ -158,21 +158,6 @@ struct net_device * __init hp_plus_probe(int unit) } #endif -static const struct net_device_ops hpp_netdev_ops = { - .ndo_open = hpp_open, - .ndo_stop = hpp_close, - .ndo_start_xmit = ei_start_xmit, - .ndo_tx_timeout = ei_tx_timeout, - .ndo_get_stats = ei_get_stats, - .ndo_set_multicast_list = ei_set_multicast_list, - .ndo_validate_addr = eth_validate_addr, - .ndo_change_mtu = eth_change_mtu, -#ifdef CONFIG_NET_POLL_CONTROLLER - .ndo_poll_controller = ei_poll, -#endif -}; - - /* Do the interesting part of the probe at a single address. */ static int __init hpp_probe1(struct net_device *dev, int ioaddr) { @@ -241,7 +226,11 @@ static int __init hpp_probe1(struct net_device *dev, int ioaddr) /* Set the base address to point to the NIC, not the "real" base! */ dev->base_addr = ioaddr + NIC_OFFSET; - dev->netdev_ops = &hpp_netdev_ops; + dev->open = &hpp_open; + dev->stop = &hpp_close; +#ifdef CONFIG_NET_POLL_CONTROLLER + dev->poll_controller = ei_poll; +#endif ei_status.name = name; ei_status.word16 = 0; /* Agggghhhhh! Debug time: 2 days! */ @@ -312,7 +301,8 @@ hpp_open(struct net_device *dev) /* Select the operational page. */ outw(Perf_Page, ioaddr + HP_PAGING); - return eip_open(dev); + eip_open(dev); + return 0; } static int diff --git a/trunk/drivers/net/hp.c b/trunk/drivers/net/hp.c index 5c4d78c1ff42..3669194f1063 100644 --- a/trunk/drivers/net/hp.c +++ b/trunk/drivers/net/hp.c @@ -59,6 +59,8 @@ static unsigned int hppclan_portlist[] __initdata = static int hp_probe1(struct net_device *dev, int ioaddr); +static int hp_open(struct net_device *dev); +static int hp_close(struct net_device *dev); static void hp_reset_8390(struct net_device *dev); static void hp_get_8390_hdr(struct net_device *dev, struct e8390_pkt_hdr *hdr, int ring_page); @@ -196,7 +198,11 @@ static int __init hp_probe1(struct net_device *dev, int ioaddr) /* Set the base address to point to the NIC, not the "real" base! */ dev->base_addr = ioaddr + NIC_OFFSET; - dev->netdev_ops = &eip_netdev_ops; + dev->open = &hp_open; + dev->stop = &hp_close; +#ifdef CONFIG_NET_POLL_CONTROLLER + dev->poll_controller = eip_poll; +#endif ei_status.name = name; ei_status.word16 = wordmode; @@ -221,6 +227,20 @@ static int __init hp_probe1(struct net_device *dev, int ioaddr) return retval; } +static int +hp_open(struct net_device *dev) +{ + eip_open(dev); + return 0; +} + +static int +hp_close(struct net_device *dev) +{ + eip_close(dev); + return 0; +} + static void hp_reset_8390(struct net_device *dev) { diff --git a/trunk/drivers/net/ixgbe/ixgbe_main.c b/trunk/drivers/net/ixgbe/ixgbe_main.c index 15d511cc2989..667a6463193d 100644 --- a/trunk/drivers/net/ixgbe/ixgbe_main.c +++ b/trunk/drivers/net/ixgbe/ixgbe_main.c @@ -1207,7 +1207,6 @@ static int ixgbe_request_msix_irqs(struct ixgbe_adapter *adapter) struct net_device *netdev = adapter->netdev; irqreturn_t (*handler)(int, void *); int i, vector, q_vectors, err; - int ri=0, ti=0; /* Decrement for Other and TCP Timer vectors */ q_vectors = adapter->num_msix_vectors - NON_Q_VECTORS; @@ -1222,19 +1221,10 @@ static int ixgbe_request_msix_irqs(struct ixgbe_adapter *adapter) &ixgbe_msix_clean_many) for (vector = 0; vector < q_vectors; vector++) { handler = SET_HANDLER(&adapter->q_vector[vector]); - - if(handler == &ixgbe_msix_clean_rx) { - sprintf(adapter->name[vector], "%s-%s-%d", - netdev->name, "rx", ri++); - } - else if(handler == &ixgbe_msix_clean_tx) { - sprintf(adapter->name[vector], "%s-%s-%d", - netdev->name, "tx", ti++); - } - else - sprintf(adapter->name[vector], "%s-%s-%d", - netdev->name, "TxRx", vector); - + sprintf(adapter->name[vector], "%s:v%d-%s", + netdev->name, vector, + (handler == &ixgbe_msix_clean_rx) ? "Rx" : + ((handler == &ixgbe_msix_clean_tx) ? "Tx" : "TxRx")); err = request_irq(adapter->msix_entries[vector].vector, handler, 0, adapter->name[vector], &(adapter->q_vector[vector])); diff --git a/trunk/drivers/net/lib8390.c b/trunk/drivers/net/lib8390.c index 1d36ca4dc6b9..46335af12393 100644 --- a/trunk/drivers/net/lib8390.c +++ b/trunk/drivers/net/lib8390.c @@ -205,6 +205,12 @@ static int __ei_open(struct net_device *dev) unsigned long flags; struct ei_device *ei_local = (struct ei_device *) netdev_priv(dev); + /* The card I/O part of the driver (e.g. 3c503) can hook a Tx timeout + wrapper that does e.g. media check & then calls ei_tx_timeout. */ +#ifdef CONFIG_COMPAT_NET_DEV_OPS + if (dev->tx_timeout == NULL) + dev->tx_timeout = ei_tx_timeout; +#endif if (dev->watchdog_timeo <= 0) dev->watchdog_timeo = TX_TIMEOUT; @@ -253,7 +259,7 @@ static int __ei_close(struct net_device *dev) * completed (or failed) - i.e. never posted a Tx related interrupt. */ -static void __ei_tx_timeout(struct net_device *dev) +void ei_tx_timeout(struct net_device *dev) { unsigned long e8390_base = dev->base_addr; struct ei_device *ei_local = (struct ei_device *) netdev_priv(dev); @@ -290,6 +296,7 @@ static void __ei_tx_timeout(struct net_device *dev) enable_irq_lockdep(dev->irq); netif_wake_queue(dev); } +EXPORT_SYMBOL_GPL(ei_tx_timeout); /** * ei_start_xmit - begin packet transmission @@ -299,7 +306,7 @@ static void __ei_tx_timeout(struct net_device *dev) * Sends a packet to an 8390 network device. */ -static int __ei_start_xmit(struct sk_buff *skb, struct net_device *dev) +int ei_start_xmit(struct sk_buff *skb, struct net_device *dev) { unsigned long e8390_base = dev->base_addr; struct ei_device *ei_local = (struct ei_device *) netdev_priv(dev); @@ -416,6 +423,7 @@ static int __ei_start_xmit(struct sk_buff *skb, struct net_device *dev) return 0; } +EXPORT_SYMBOL_GPL(ei_start_xmit); /** * ei_interrupt - handle the interrupts from an 8390 @@ -877,7 +885,7 @@ static void ei_rx_overrun(struct net_device *dev) * Collect the stats. This is called unlocked and from several contexts. */ -static struct net_device_stats *__ei_get_stats(struct net_device *dev) +struct net_device_stats *ei_get_stats(struct net_device *dev) { unsigned long ioaddr = dev->base_addr; struct ei_device *ei_local = (struct ei_device *) netdev_priv(dev); @@ -896,6 +904,7 @@ static struct net_device_stats *__ei_get_stats(struct net_device *dev) return &dev->stats; } +EXPORT_SYMBOL_GPL(ei_get_stats); /* * Form the 64 bit 8390 multicast table from the linked list of addresses @@ -986,7 +995,7 @@ static void do_set_multicast_list(struct net_device *dev) * not called too often. Must protect against both bh and irq users */ -static void __ei_set_multicast_list(struct net_device *dev) +void ei_set_multicast_list(struct net_device *dev) { unsigned long flags; struct ei_device *ei_local = (struct ei_device*)netdev_priv(dev); @@ -995,6 +1004,7 @@ static void __ei_set_multicast_list(struct net_device *dev) do_set_multicast_list(dev); spin_unlock_irqrestore(&ei_local->page_lock, flags); } +EXPORT_SYMBOL_GPL(ei_set_multicast_list); /** * ethdev_setup - init rest of 8390 device struct @@ -1014,7 +1024,6 @@ static void ethdev_setup(struct net_device *dev) dev->hard_start_xmit = ei_start_xmit; dev->get_stats = ei_get_stats; dev->set_multicast_list = ei_set_multicast_list; - dev->tx_timeout = __ei_tx_timeout; #endif ether_setup(dev); diff --git a/trunk/drivers/net/lne390.c b/trunk/drivers/net/lne390.c index 41cbaaef0654..bc70d5e79ab1 100644 --- a/trunk/drivers/net/lne390.c +++ b/trunk/drivers/net/lne390.c @@ -53,6 +53,9 @@ static const char *version = static int lne390_probe1(struct net_device *dev, int ioaddr); +static int lne390_open(struct net_device *dev); +static int lne390_close(struct net_device *dev); + static void lne390_reset_8390(struct net_device *dev); static void lne390_get_8390_hdr(struct net_device *dev, struct e8390_pkt_hdr *hdr, int ring_page); @@ -275,7 +278,11 @@ static int __init lne390_probe1(struct net_device *dev, int ioaddr) ei_status.block_output = &lne390_block_output; ei_status.get_8390_hdr = &lne390_get_8390_hdr; - dev->netdev_ops = &ei_netdev_ops; + dev->open = &lne390_open; + dev->stop = &lne390_close; +#ifdef CONFIG_NET_POLL_CONTROLLER + dev->poll_controller = ei_poll; +#endif NS8390_init(dev, 0); ret = register_netdev(dev); @@ -367,6 +374,21 @@ static void lne390_block_output(struct net_device *dev, int count, memcpy_toio(shmem, buf, count); } +static int lne390_open(struct net_device *dev) +{ + ei_open(dev); + return 0; +} + +static int lne390_close(struct net_device *dev) +{ + + if (ei_debug > 1) + printk("%s: Shutting down ethercard.\n", dev->name); + + ei_close(dev); + return 0; +} #ifdef MODULE #define MAX_LNE_CARDS 4 /* Max number of LNE390 cards per module */ diff --git a/trunk/drivers/net/mlx4/en_rx.c b/trunk/drivers/net/mlx4/en_rx.c index ffe28089b687..944ad47c9519 100644 --- a/trunk/drivers/net/mlx4/en_rx.c +++ b/trunk/drivers/net/mlx4/en_rx.c @@ -443,8 +443,7 @@ int mlx4_en_activate_rx_rings(struct mlx4_en_priv *priv) /* Fill Rx buffers */ ring->full = 0; } - err = mlx4_en_fill_rx_buffers(priv); - if (err) + if (mlx4_en_fill_rx_buffers(priv)) goto err_buffers; for (ring_ind = 0; ring_ind < priv->rx_ring_num; ring_ind++) { diff --git a/trunk/drivers/net/mlx4/mcg.c b/trunk/drivers/net/mlx4/mcg.c index 6053c357a470..b1622062b12d 100644 --- a/trunk/drivers/net/mlx4/mcg.c +++ b/trunk/drivers/net/mlx4/mcg.c @@ -205,7 +205,7 @@ int mlx4_multicast_attach(struct mlx4_dev *dev, struct mlx4_qp *qp, u8 gid[16], if (block_mcast_loopback) mgm->qp[members_count++] = cpu_to_be32((qp->qpn & MGM_QPN_MASK) | - (1U << MGM_BLCK_LB_BIT)); + (1 << MGM_BLCK_LB_BIT)); else mgm->qp[members_count++] = cpu_to_be32(qp->qpn & MGM_QPN_MASK); diff --git a/trunk/drivers/net/ne.c b/trunk/drivers/net/ne.c index cb02698d1286..f708712a374a 100644 --- a/trunk/drivers/net/ne.c +++ b/trunk/drivers/net/ne.c @@ -174,6 +174,9 @@ bad_clone_list[] __initdata = { static int ne_probe1(struct net_device *dev, unsigned long ioaddr); static int ne_probe_isapnp(struct net_device *dev); +static int ne_open(struct net_device *dev); +static int ne_close(struct net_device *dev); + static void ne_reset_8390(struct net_device *dev); static void ne_get_8390_hdr(struct net_device *dev, struct e8390_pkt_hdr *hdr, int ring_page); @@ -533,8 +536,11 @@ static int __init ne_probe1(struct net_device *dev, unsigned long ioaddr) ei_status.block_output = &ne_block_output; ei_status.get_8390_hdr = &ne_get_8390_hdr; ei_status.priv = 0; - - dev->netdev_ops = &eip_netdev_ops; + dev->open = &ne_open; + dev->stop = &ne_close; +#ifdef CONFIG_NET_POLL_CONTROLLER + dev->poll_controller = eip_poll; +#endif NS8390p_init(dev, 0); ret = register_netdev(dev); @@ -551,6 +557,20 @@ static int __init ne_probe1(struct net_device *dev, unsigned long ioaddr) return ret; } +static int ne_open(struct net_device *dev) +{ + eip_open(dev); + return 0; +} + +static int ne_close(struct net_device *dev) +{ + if (ei_debug > 1) + printk(KERN_DEBUG "%s: Shutting down ethercard.\n", dev->name); + eip_close(dev); + return 0; +} + /* Hard reset the card. This used to pause for the same period that a 8390 reset command required, but that shouldn't be necessary. */ diff --git a/trunk/drivers/net/ne2.c b/trunk/drivers/net/ne2.c index 8d61807dc181..6f8f32603466 100644 --- a/trunk/drivers/net/ne2.c +++ b/trunk/drivers/net/ne2.c @@ -492,7 +492,11 @@ static int __init ne2_probe1(struct net_device *dev, int slot) ei_status.priv = slot; - dev->netdev_ops = &eip_netdev_ops; + dev->open = &ne_open; + dev->stop = &ne_close; +#ifdef CONFIG_NET_POLL_CONTROLLER + dev->poll_controller = eip_poll; +#endif NS8390p_init(dev, 0); retval = register_netdev(dev); @@ -507,6 +511,20 @@ static int __init ne2_probe1(struct net_device *dev, int slot) return retval; } +static int ne_open(struct net_device *dev) +{ + eip_open(dev); + return 0; +} + +static int ne_close(struct net_device *dev) +{ + if (ei_debug > 1) + printk("%s: Shutting down ethercard.\n", dev->name); + eip_close(dev); + return 0; +} + /* Hard reset the card. This used to pause for the same period that a 8390 reset command required, but that shouldn't be necessary. */ static void ne_reset_8390(struct net_device *dev) diff --git a/trunk/drivers/net/ne3210.c b/trunk/drivers/net/ne3210.c index fac43fd6fc87..6681ca748c74 100644 --- a/trunk/drivers/net/ne3210.c +++ b/trunk/drivers/net/ne3210.c @@ -45,6 +45,9 @@ #define DRV_NAME "ne3210" +static int ne3210_open(struct net_device *dev); +static int ne3210_close(struct net_device *dev); + static void ne3210_reset_8390(struct net_device *dev); static void ne3210_get_8390_hdr(struct net_device *dev, struct e8390_pkt_hdr *hdr, int ring_page); @@ -196,8 +199,11 @@ static int __init ne3210_eisa_probe (struct device *device) ei_status.block_output = &ne3210_block_output; ei_status.get_8390_hdr = &ne3210_get_8390_hdr; - dev->netdev_ops = &ei_netdev_ops; - + dev->open = &ne3210_open; + dev->stop = &ne3210_close; +#ifdef CONFIG_NET_POLL_CONTROLLER + dev->poll_controller = ei_poll; +#endif dev->if_port = ifmap_val[port_index]; if ((retval = register_netdev (dev))) @@ -314,6 +320,22 @@ static void ne3210_block_output(struct net_device *dev, int count, memcpy_toio(shmem, buf, count); } +static int ne3210_open(struct net_device *dev) +{ + ei_open(dev); + return 0; +} + +static int ne3210_close(struct net_device *dev) +{ + + if (ei_debug > 1) + printk("%s: Shutting down ethercard.\n", dev->name); + + ei_close(dev); + return 0; +} + static struct eisa_device_id ne3210_ids[] = { { "EGL0101" }, { "NVL1801" }, diff --git a/trunk/drivers/net/niu.c b/trunk/drivers/net/niu.c index 2f98f7a4117a..a8d10630f804 100644 --- a/trunk/drivers/net/niu.c +++ b/trunk/drivers/net/niu.c @@ -448,7 +448,7 @@ static int serdes_init_niu_1g_serdes(struct niu *np) struct niu_link_config *lp = &np->link_config; u16 pll_cfg, pll_sts; int max_retry = 100; - u64 uninitialized_var(sig), mask, val; + u64 sig, mask, val; u32 tx_cfg, rx_cfg; unsigned long i; int err; @@ -547,7 +547,7 @@ static int serdes_init_niu_10g_serdes(struct niu *np) struct niu_link_config *lp = &np->link_config; u32 tx_cfg, rx_cfg, pll_cfg, pll_sts; int max_retry = 100; - u64 uninitialized_var(sig), mask, val; + u64 sig, mask, val; unsigned long i; int err; @@ -738,7 +738,7 @@ static int esr_write_glue0(struct niu *np, unsigned long chan, u32 val) static int esr_reset(struct niu *np) { - u32 uninitialized_var(reset); + u32 reset; int err; err = mdio_write(np, np->port, NIU_ESR_DEV_ADDR, @@ -5847,42 +5847,17 @@ static void niu_stop_hw(struct niu *np) niu_reset_rx_channels(np); } -static void niu_set_irq_name(struct niu *np) -{ - int port = np->port; - int i, j = 1; - - sprintf(np->irq_name[0], "%s:MAC", np->dev->name); - - if (port == 0) { - sprintf(np->irq_name[1], "%s:MIF", np->dev->name); - sprintf(np->irq_name[2], "%s:SYSERR", np->dev->name); - j = 3; - } - - for (i = 0; i < np->num_ldg - j; i++) { - if (i < np->num_rx_rings) - sprintf(np->irq_name[i+j], "%s-rx-%d", - np->dev->name, i); - else if (i < np->num_tx_rings + np->num_rx_rings) - sprintf(np->irq_name[i+j], "%s-tx-%d", np->dev->name, - i - np->num_rx_rings); - } -} - static int niu_request_irq(struct niu *np) { int i, j, err; - niu_set_irq_name(np); - err = 0; for (i = 0; i < np->num_ldg; i++) { struct niu_ldg *lp = &np->ldg[i]; err = request_irq(lp->irq, niu_interrupt, IRQF_SHARED | IRQF_SAMPLE_RANDOM, - np->irq_name[i], lp); + np->dev->name, lp); if (err) goto out_free_irqs; diff --git a/trunk/drivers/net/niu.h b/trunk/drivers/net/niu.h index cf449aad7f15..180ca8ae93de 100644 --- a/trunk/drivers/net/niu.h +++ b/trunk/drivers/net/niu.h @@ -3243,7 +3243,6 @@ struct niu { #define NIU_FLAGS_XMAC 0x00010000 /* 0=BMAC 1=XMAC */ u32 msg_enable; - char irq_name[NIU_NUM_RXCHAN+NIU_NUM_TXCHAN+3][IFNAMSIZ + 6]; /* Protects hw programming, and ring state. */ spinlock_t lock; diff --git a/trunk/drivers/net/qla3xxx.c b/trunk/drivers/net/qla3xxx.c index 6b7ed1a5b3b7..7671f943974c 100644 --- a/trunk/drivers/net/qla3xxx.c +++ b/trunk/drivers/net/qla3xxx.c @@ -3917,7 +3917,7 @@ static int __devinit ql3xxx_probe(struct pci_dev *pdev, struct net_device *ndev = NULL; struct ql3_adapter *qdev = NULL; static int cards_found = 0; - int uninitialized_var(pci_using_dac), err; + int pci_using_dac, err; err = pci_enable_device(pdev); if (err) { diff --git a/trunk/drivers/net/s2io.c b/trunk/drivers/net/s2io.c index 1b489df80fa6..a4642054a0d0 100644 --- a/trunk/drivers/net/s2io.c +++ b/trunk/drivers/net/s2io.c @@ -7367,7 +7367,7 @@ static int rx_osm_handler(struct ring_info *ring_data, struct RxD_t * rxdp) int ring_no = ring_data->ring_no; u16 l3_csum, l4_csum; unsigned long long err = rxdp->Control_1 & RXD_T_CODE; - struct lro *uninitialized_var(lro); + struct lro *lro; u8 err_mask; skb->dev = dev; diff --git a/trunk/drivers/net/sis900.c b/trunk/drivers/net/sis900.c index eb715f1bcd48..de740ebfafb6 100644 --- a/trunk/drivers/net/sis900.c +++ b/trunk/drivers/net/sis900.c @@ -1281,7 +1281,7 @@ static void sis900_timer(unsigned long data) u16 status; if (!sis_priv->autong_complete){ - int uninitialized_var(speed), duplex = 0; + int speed, duplex = 0; sis900_read_mode(net_dev, &speed, &duplex); if (duplex){ diff --git a/trunk/drivers/net/smc-mca.c b/trunk/drivers/net/smc-mca.c index 404b80e5ba11..58a0e0a4a325 100644 --- a/trunk/drivers/net/smc-mca.c +++ b/trunk/drivers/net/smc-mca.c @@ -182,22 +182,6 @@ static char *smc_mca_adapter_names[] __initdata = { static int ultra_found = 0; - -static const struct net_device_ops ultramca_netdev_ops = { - .ndo_open = ultramca_open, - .ndo_stop = ultramca_close_card, - - .ndo_start_xmit = ei_start_xmit, - .ndo_tx_timeout = ei_tx_timeout, - .ndo_get_stats = ei_get_stats, - .ndo_set_multicast_list = ei_set_multicast_list, - .ndo_validate_addr = eth_validate_addr, - .ndo_change_mtu = eth_change_mtu, -#ifdef CONFIG_NET_POLL_CONTROLLER - .ndo_poll_controller = ei_poll, -#endif -}; - static int __init ultramca_probe(struct device *gen_dev) { unsigned short ioaddr; @@ -400,7 +384,11 @@ static int __init ultramca_probe(struct device *gen_dev) ei_status.priv = slot; - dev->netdev_ops = &ultramca_netdev_ops; + dev->open = &ultramca_open; + dev->stop = &ultramca_close_card; +#ifdef CONFIG_NET_POLL_CONTROLLER + dev->poll_controller = ei_poll; +#endif NS8390_init(dev, 0); diff --git a/trunk/drivers/net/smc-ultra.c b/trunk/drivers/net/smc-ultra.c index b3866089a206..0fe0251767bb 100644 --- a/trunk/drivers/net/smc-ultra.c +++ b/trunk/drivers/net/smc-ultra.c @@ -187,21 +187,6 @@ struct net_device * __init ultra_probe(int unit) } #endif -static const struct net_device_ops ultra_netdev_ops = { - .ndo_open = ultra_open, - .ndo_stop = ultra_close_card, - - .ndo_start_xmit = ei_start_xmit, - .ndo_tx_timeout = ei_tx_timeout, - .ndo_get_stats = ei_get_stats, - .ndo_set_multicast_list = ei_set_multicast_list, - .ndo_validate_addr = eth_validate_addr, - .ndo_change_mtu = eth_change_mtu, -#ifdef CONFIG_NET_POLL_CONTROLLER - .ndo_poll_controller = ei_poll, -#endif -}; - static int __init ultra_probe1(struct net_device *dev, int ioaddr) { int i, retval; @@ -315,8 +300,11 @@ static int __init ultra_probe1(struct net_device *dev, int ioaddr) ei_status.get_8390_hdr = &ultra_get_8390_hdr; } ei_status.reset_8390 = &ultra_reset_8390; - - dev->netdev_ops = &ultra_netdev_ops; + dev->open = &ultra_open; + dev->stop = &ultra_close_card; +#ifdef CONFIG_NET_POLL_CONTROLLER + dev->poll_controller = ei_poll; +#endif NS8390_init(dev, 0); retval = register_netdev(dev); diff --git a/trunk/drivers/net/stnic.c b/trunk/drivers/net/stnic.c index 87a6b8eabc67..2ed0bd596815 100644 --- a/trunk/drivers/net/stnic.c +++ b/trunk/drivers/net/stnic.c @@ -60,6 +60,8 @@ static byte stnic_eadr[6] = static struct net_device *stnic_dev; +static int stnic_open (struct net_device *dev); +static int stnic_close (struct net_device *dev); static void stnic_reset (struct net_device *dev); static void stnic_get_hdr (struct net_device *dev, struct e8390_pkt_hdr *hdr, int ring_page); @@ -120,7 +122,11 @@ static int __init stnic_probe(void) /* Set the base address to point to the NIC, not the "real" base! */ dev->base_addr = 0x1000; dev->irq = IRQ_STNIC; - dev->netdev_ops = &ei_netdev_ops; + dev->open = &stnic_open; + dev->stop = &stnic_close; +#ifdef CONFIG_NET_POLL_CONTROLLER + dev->poll_controller = ei_poll; +#endif /* Snarf the interrupt now. There's no point in waiting since we cannot share and the board will usually be enabled. */ @@ -162,6 +168,23 @@ static int __init stnic_probe(void) return 0; } +static int +stnic_open (struct net_device *dev) +{ +#if 0 + printk (KERN_DEBUG "stnic open\n"); +#endif + ei_open (dev); + return 0; +} + +static int +stnic_close (struct net_device *dev) +{ + ei_close (dev); + return 0; +} + static void stnic_reset (struct net_device *dev) { diff --git a/trunk/drivers/net/wan/z85230.c b/trunk/drivers/net/wan/z85230.c index d7bf53a56e17..5bf7e01ef0e9 100644 --- a/trunk/drivers/net/wan/z85230.c +++ b/trunk/drivers/net/wan/z85230.c @@ -710,7 +710,7 @@ EXPORT_SYMBOL(z8530_nop); irqreturn_t z8530_interrupt(int irq, void *dev_id) { struct z8530_dev *dev=dev_id; - u8 uninitialized_var(intr); + u8 intr; static volatile int locker=0; int work=0; struct z8530_irqhandler *irqs; diff --git a/trunk/drivers/net/wd.c b/trunk/drivers/net/wd.c index 3c1edda08d3d..6d96ed472119 100644 --- a/trunk/drivers/net/wd.c +++ b/trunk/drivers/net/wd.c @@ -147,20 +147,6 @@ struct net_device * __init wd_probe(int unit) } #endif -static const struct net_device_ops wd_netdev_ops = { - .ndo_open = wd_open, - .ndo_stop = wd_close, - .ndo_start_xmit = ei_start_xmit, - .ndo_tx_timeout = ei_tx_timeout, - .ndo_get_stats = ei_get_stats, - .ndo_set_multicast_list = ei_set_multicast_list, - .ndo_validate_addr = eth_validate_addr, - .ndo_change_mtu = eth_change_mtu, -#ifdef CONFIG_NET_POLL_CONTROLLER - .ndo_poll_controller = ei_poll, -#endif -}; - static int __init wd_probe1(struct net_device *dev, int ioaddr) { int i; @@ -345,8 +331,11 @@ static int __init wd_probe1(struct net_device *dev, int ioaddr) ei_status.block_input = &wd_block_input; ei_status.block_output = &wd_block_output; ei_status.get_8390_hdr = &wd_get_8390_hdr; - - dev->netdev_ops = &wd_netdev_ops; + dev->open = &wd_open; + dev->stop = &wd_close; +#ifdef CONFIG_NET_POLL_CONTROLLER + dev->poll_controller = ei_poll; +#endif NS8390_init(dev, 0); #if 1 @@ -376,7 +365,8 @@ wd_open(struct net_device *dev) outb(ei_status.reg5, ioaddr+WD_CMDREG5); outb(ei_status.reg0, ioaddr); /* WD_CMDREG */ - return ei_open(dev); + ei_open(dev); + return 0; } static void diff --git a/trunk/drivers/net/wireless/ath5k/base.c b/trunk/drivers/net/wireless/ath5k/base.c index 34cd1a4a297f..7fdb59c813ca 100644 --- a/trunk/drivers/net/wireless/ath5k/base.c +++ b/trunk/drivers/net/wireless/ath5k/base.c @@ -200,7 +200,7 @@ static int ath5k_pci_resume(struct pci_dev *pdev); #endif /* CONFIG_PM */ static struct pci_driver ath5k_pci_driver = { - .name = "ath5k_pci", + .name = KBUILD_MODNAME, .id_table = ath5k_pci_id_table, .probe = ath5k_pci_probe, .remove = __devexit_p(ath5k_pci_remove), diff --git a/trunk/fs/dlm/netlink.c b/trunk/fs/dlm/netlink.c index aa2a5775a027..18bda83cc892 100644 --- a/trunk/fs/dlm/netlink.c +++ b/trunk/fs/dlm/netlink.c @@ -127,8 +127,8 @@ static void fill_data(struct dlm_lock_data *data, struct dlm_lkb *lkb) void dlm_timeout_warn(struct dlm_lkb *lkb) { - struct sk_buff *uninitialized_var(send_skb); struct dlm_lock_data *data; + struct sk_buff *send_skb; size_t size; int rv; diff --git a/trunk/include/net/dst.h b/trunk/include/net/dst.h index 6be3b082a070..6c778799bf10 100644 --- a/trunk/include/net/dst.h +++ b/trunk/include/net/dst.h @@ -291,21 +291,21 @@ enum { struct flowi; #ifndef CONFIG_XFRM -static inline int xfrm_lookup(struct net *net, struct dst_entry **dst_p, - struct flowi *fl, struct sock *sk, int flags) +static inline int xfrm_lookup(struct dst_entry **dst_p, struct flowi *fl, + struct sock *sk, int flags) { return 0; } -static inline int __xfrm_lookup(struct net *net, struct dst_entry **dst_p, - struct flowi *fl, struct sock *sk, int flags) +static inline int __xfrm_lookup(struct dst_entry **dst_p, struct flowi *fl, + struct sock *sk, int flags) { return 0; } #else -extern int xfrm_lookup(struct net *net, struct dst_entry **dst_p, - struct flowi *fl, struct sock *sk, int flags); -extern int __xfrm_lookup(struct net *net, struct dst_entry **dst_p, - struct flowi *fl, struct sock *sk, int flags); +extern int xfrm_lookup(struct dst_entry **dst_p, struct flowi *fl, + struct sock *sk, int flags); +extern int __xfrm_lookup(struct dst_entry **dst_p, struct flowi *fl, + struct sock *sk, int flags); #endif #endif diff --git a/trunk/include/net/flow.h b/trunk/include/net/flow.h index 809970b7dfee..b45a5e4fcadd 100644 --- a/trunk/include/net/flow.h +++ b/trunk/include/net/flow.h @@ -84,13 +84,12 @@ struct flowi { #define FLOW_DIR_OUT 1 #define FLOW_DIR_FWD 2 -struct net; struct sock; -typedef int (*flow_resolve_t)(struct net *net, struct flowi *key, u16 family, - u8 dir, void **objp, atomic_t **obj_refp); +typedef int (*flow_resolve_t)(struct flowi *key, u16 family, u8 dir, + void **objp, atomic_t **obj_refp); -extern void *flow_cache_lookup(struct net *net, struct flowi *key, u16 family, - u8 dir, flow_resolve_t resolver); +extern void *flow_cache_lookup(struct flowi *key, u16 family, u8 dir, + flow_resolve_t resolver); extern void flow_cache_flush(void); extern atomic_t flow_cache_genid; diff --git a/trunk/include/net/gen_stats.h b/trunk/include/net/gen_stats.h index d136b5240ef2..8cd8185fa2ed 100644 --- a/trunk/include/net/gen_stats.h +++ b/trunk/include/net/gen_stats.h @@ -45,6 +45,5 @@ extern void gen_kill_estimator(struct gnet_stats_basic *bstats, extern int gen_replace_estimator(struct gnet_stats_basic *bstats, struct gnet_stats_rate_est *rate_est, spinlock_t *stats_lock, struct nlattr *opt); -extern bool gen_estimator_active(const struct gnet_stats_basic *bstats, - const struct gnet_stats_rate_est *rate_est); + #endif diff --git a/trunk/include/net/ip.h b/trunk/include/net/ip.h index 10868139e656..ddef10c22e3a 100644 --- a/trunk/include/net/ip.h +++ b/trunk/include/net/ip.h @@ -187,7 +187,6 @@ extern void inet_get_local_port_range(int *low, int *high); extern int sysctl_ip_default_ttl; extern int sysctl_ip_nonlocal_bind; -extern struct ctl_path net_core_path[]; extern struct ctl_path net_ipv4_ctl_path[]; /* From inetpeer.c */ diff --git a/trunk/include/net/net_namespace.h b/trunk/include/net/net_namespace.h index 6fc13d905c5f..319557789a40 100644 --- a/trunk/include/net/net_namespace.h +++ b/trunk/include/net/net_namespace.h @@ -19,7 +19,6 @@ #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) #include #endif -#include struct proc_dir_entry; struct net_device; @@ -74,9 +73,6 @@ struct net { #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) struct netns_ct ct; #endif -#endif -#ifdef CONFIG_XFRM - struct netns_xfrm xfrm; #endif struct net_generic *gen; }; diff --git a/trunk/include/net/netns/mib.h b/trunk/include/net/netns/mib.h index 0b44112e2366..10cb7c336de5 100644 --- a/trunk/include/net/netns/mib.h +++ b/trunk/include/net/netns/mib.h @@ -20,9 +20,6 @@ struct netns_mib { DEFINE_SNMP_STAT(struct icmpv6_mib, icmpv6_statistics); DEFINE_SNMP_STAT(struct icmpv6msg_mib, icmpv6msg_statistics); #endif -#ifdef CONFIG_XFRM_STATISTICS - DEFINE_SNMP_STAT(struct linux_xfrm_mib, xfrm_statistics); -#endif }; #endif diff --git a/trunk/include/net/netns/xfrm.h b/trunk/include/net/netns/xfrm.h deleted file mode 100644 index 1ba912749caa..000000000000 --- a/trunk/include/net/netns/xfrm.h +++ /dev/null @@ -1,56 +0,0 @@ -#ifndef __NETNS_XFRM_H -#define __NETNS_XFRM_H - -#include -#include -#include -#include - -struct ctl_table_header; - -struct xfrm_policy_hash { - struct hlist_head *table; - unsigned int hmask; -}; - -struct netns_xfrm { - struct list_head state_all; - /* - * Hash table to find appropriate SA towards given target (endpoint of - * tunnel or destination of transport mode) allowed by selector. - * - * Main use is finding SA after policy selected tunnel or transport - * mode. Also, it can be used by ah/esp icmp error handler to find - * offending SA. - */ - struct hlist_head *state_bydst; - struct hlist_head *state_bysrc; - struct hlist_head *state_byspi; - unsigned int state_hmask; - unsigned int state_num; - struct work_struct state_hash_work; - struct hlist_head state_gc_list; - struct work_struct state_gc_work; - - wait_queue_head_t km_waitq; - - struct list_head policy_all; - struct hlist_head *policy_byidx; - unsigned int policy_idx_hmask; - struct hlist_head policy_inexact[XFRM_POLICY_MAX * 2]; - struct xfrm_policy_hash policy_bydst[XFRM_POLICY_MAX * 2]; - unsigned int policy_count[XFRM_POLICY_MAX * 2]; - struct work_struct policy_hash_work; - - struct sock *nlsk; - - u32 sysctl_aevent_etime; - u32 sysctl_aevent_rseqth; - int sysctl_larval_drop; - u32 sysctl_acq_expires; -#ifdef CONFIG_SYSCTL - struct ctl_table_header *sysctl_hdr; -#endif -}; - -#endif diff --git a/trunk/include/net/sctp/sctp.h b/trunk/include/net/sctp/sctp.h index bbb7742195b0..23797506f593 100644 --- a/trunk/include/net/sctp/sctp.h +++ b/trunk/include/net/sctp/sctp.h @@ -138,7 +138,6 @@ void sctp_write_space(struct sock *sk); unsigned int sctp_poll(struct file *file, struct socket *sock, poll_table *wait); void sctp_sock_rfree(struct sk_buff *skb); -extern struct percpu_counter sctp_sockets_allocated; /* * sctp/primitive.c diff --git a/trunk/include/net/sock.h b/trunk/include/net/sock.h index 5a3a151bd730..00cd486d362f 100644 --- a/trunk/include/net/sock.h +++ b/trunk/include/net/sock.h @@ -649,7 +649,7 @@ struct proto { /* Memory pressure */ void (*enter_memory_pressure)(struct sock *sk); atomic_t *memory_allocated; /* Current allocated memory. */ - struct percpu_counter *sockets_allocated; /* Current number of sockets. */ + atomic_t *sockets_allocated; /* Current number of sockets. */ /* * Pressure flag: try to collapse. * Technical note: it is used by multiple contexts non atomically. @@ -666,7 +666,7 @@ struct proto { unsigned int obj_size; int slab_flags; - struct percpu_counter *orphan_count; + atomic_t *orphan_count; struct request_sock_ops *rsk_prot; struct timewait_sock_ops *twsk_prot; diff --git a/trunk/include/net/tcp.h b/trunk/include/net/tcp.h index de1e91d959b8..265392470b26 100644 --- a/trunk/include/net/tcp.h +++ b/trunk/include/net/tcp.h @@ -46,7 +46,7 @@ extern struct inet_hashinfo tcp_hashinfo; -extern struct percpu_counter tcp_orphan_count; +extern atomic_t tcp_orphan_count; extern void tcp_time_wait(struct sock *sk, int state, int timeo); #define MAX_TCP_HEADER (128 + MAX_HEADER) @@ -238,7 +238,7 @@ extern int sysctl_tcp_slow_start_after_idle; extern int sysctl_tcp_max_ssthresh; extern atomic_t tcp_memory_allocated; -extern struct percpu_counter tcp_sockets_allocated; +extern atomic_t tcp_sockets_allocated; extern int tcp_memory_pressure; /* @@ -761,6 +761,8 @@ static inline unsigned int tcp_packets_in_flight(const struct tcp_sock *tp) return tp->packets_out - tcp_left_out(tp) + tp->retrans_out; } +extern int tcp_limit_reno_sacked(struct tcp_sock *tp); + /* If cwnd > ssthresh, we may raise ssthresh to be half-way to cwnd. * The exception is rate halving phase, when cwnd is decreasing towards * ssthresh. diff --git a/trunk/include/net/xfrm.h b/trunk/include/net/xfrm.h index 2e9f5c0018ae..45e11b3631e4 100644 --- a/trunk/include/net/xfrm.h +++ b/trunk/include/net/xfrm.h @@ -38,15 +38,22 @@ MODULE_ALIAS("xfrm-type-" __stringify(family) "-" __stringify(proto)) #ifdef CONFIG_XFRM_STATISTICS -#define XFRM_INC_STATS(net, field) SNMP_INC_STATS((net)->mib.xfrm_statistics, field) -#define XFRM_INC_STATS_BH(net, field) SNMP_INC_STATS_BH((net)->mib.xfrm_statistics, field) -#define XFRM_INC_STATS_USER(net, field) SNMP_INC_STATS_USER((net)-mib.xfrm_statistics, field) +DECLARE_SNMP_STAT(struct linux_xfrm_mib, xfrm_statistics); +#define XFRM_INC_STATS(field) SNMP_INC_STATS(xfrm_statistics, field) +#define XFRM_INC_STATS_BH(field) SNMP_INC_STATS_BH(xfrm_statistics, field) +#define XFRM_INC_STATS_USER(field) SNMP_INC_STATS_USER(xfrm_statistics, field) #else -#define XFRM_INC_STATS(net, field) ((void)(net)) -#define XFRM_INC_STATS_BH(net, field) ((void)(net)) -#define XFRM_INC_STATS_USER(net, field) ((void)(net)) +#define XFRM_INC_STATS(field) +#define XFRM_INC_STATS_BH(field) +#define XFRM_INC_STATS_USER(field) #endif +extern struct sock *xfrm_nl; +extern u32 sysctl_xfrm_aevent_etime; +extern u32 sysctl_xfrm_aevent_rseqth; +extern int sysctl_xfrm_larval_drop; +extern u32 sysctl_xfrm_acq_expires; + extern struct mutex xfrm_cfg_mutex; /* Organization of SPD aka "XFRM rules" @@ -123,9 +130,6 @@ struct xfrm_state_walk { /* Full description of state of transformer. */ struct xfrm_state { -#ifdef CONFIG_NET_NS - struct net *xs_net; -#endif union { struct hlist_node gclist; struct hlist_node bydst; @@ -219,11 +223,6 @@ struct xfrm_state void *data; }; -static inline struct net *xs_net(struct xfrm_state *x) -{ - return read_pnet(&x->xs_net); -} - /* xflags - make enum if more show up */ #define XFRM_TIME_DEFER 1 @@ -250,7 +249,6 @@ struct km_event u32 seq; u32 pid; u32 event; - struct net *net; }; struct net_device; @@ -259,11 +257,10 @@ struct xfrm_dst; struct xfrm_policy_afinfo { unsigned short family; struct dst_ops *dst_ops; - void (*garbage_collect)(struct net *net); - struct dst_entry *(*dst_lookup)(struct net *net, int tos, - xfrm_address_t *saddr, + void (*garbage_collect)(void); + struct dst_entry *(*dst_lookup)(int tos, xfrm_address_t *saddr, xfrm_address_t *daddr); - int (*get_saddr)(struct net *net, xfrm_address_t *saddr, xfrm_address_t *daddr); + int (*get_saddr)(xfrm_address_t *saddr, xfrm_address_t *daddr); struct dst_entry *(*find_bundle)(struct flowi *fl, struct xfrm_policy *policy); void (*decode_session)(struct sk_buff *skb, struct flowi *fl, @@ -470,9 +467,6 @@ struct xfrm_policy_walk { struct xfrm_policy { -#ifdef CONFIG_NET_NS - struct net *xp_net; -#endif struct hlist_node bydst; struct hlist_node byidx; @@ -497,11 +491,6 @@ struct xfrm_policy struct xfrm_tmpl xfrm_vec[XFRM_MAX_DEPTH]; }; -static inline struct net *xp_net(struct xfrm_policy *xp) -{ - return read_pnet(&xp->xp_net); -} - struct xfrm_kmaddress { xfrm_address_t local; xfrm_address_t remote; @@ -547,13 +536,15 @@ struct xfrm_mgr struct xfrm_policy *(*compile_policy)(struct sock *sk, int opt, u8 *data, int len, int *dir); int (*new_mapping)(struct xfrm_state *x, xfrm_address_t *ipaddr, __be16 sport); int (*notify_policy)(struct xfrm_policy *x, int dir, struct km_event *c); - int (*report)(struct net *net, u8 proto, struct xfrm_selector *sel, xfrm_address_t *addr); + int (*report)(u8 proto, struct xfrm_selector *sel, xfrm_address_t *addr); int (*migrate)(struct xfrm_selector *sel, u8 dir, u8 type, struct xfrm_migrate *m, int num_bundles, struct xfrm_kmaddress *k); }; extern int xfrm_register_km(struct xfrm_mgr *km); extern int xfrm_unregister_km(struct xfrm_mgr *km); +extern unsigned int xfrm_policy_count[XFRM_POLICY_MAX*2]; + /* * This structure is used for the duration where packets are being * transformed by IPsec. As soon as the packet leaves IPsec the @@ -987,13 +978,12 @@ static inline int __xfrm_policy_check2(struct sock *sk, int dir, struct sk_buff *skb, unsigned int family, int reverse) { - struct net *net = dev_net(skb->dev); int ndir = dir | (reverse ? XFRM_POLICY_MASK + 1 : 0); if (sk && sk->sk_policy[XFRM_POLICY_IN]) return __xfrm_policy_check(sk, ndir, skb, family); - return (!net->xfrm.policy_count[dir] && !skb->sp) || + return (!xfrm_policy_count[dir] && !skb->sp) || (skb->dst->flags & DST_NOPOLICY) || __xfrm_policy_check(sk, ndir, skb, family); } @@ -1045,9 +1035,7 @@ extern int __xfrm_route_forward(struct sk_buff *skb, unsigned short family); static inline int xfrm_route_forward(struct sk_buff *skb, unsigned short family) { - struct net *net = dev_net(skb->dev); - - return !net->xfrm.policy_count[XFRM_POLICY_OUT] || + return !xfrm_policy_count[XFRM_POLICY_OUT] || (skb->dst->flags & DST_NOXFRM) || __xfrm_route_forward(skb, family); } @@ -1281,8 +1269,7 @@ struct xfrm6_tunnel { extern void xfrm_init(void); extern void xfrm4_init(void); -extern int xfrm_state_init(struct net *net); -extern void xfrm_state_fini(struct net *net); +extern void xfrm_state_init(void); extern void xfrm4_state_init(void); #ifdef CONFIG_XFRM extern int xfrm6_init(void); @@ -1301,30 +1288,19 @@ static inline void xfrm6_fini(void) #endif #ifdef CONFIG_XFRM_STATISTICS -extern int xfrm_proc_init(struct net *net); -extern void xfrm_proc_fini(struct net *net); -#endif - -extern int xfrm_sysctl_init(struct net *net); -#ifdef CONFIG_SYSCTL -extern void xfrm_sysctl_fini(struct net *net); -#else -static inline void xfrm_sysctl_fini(struct net *net) -{ -} +extern int xfrm_proc_init(void); #endif extern void xfrm_state_walk_init(struct xfrm_state_walk *walk, u8 proto); -extern int xfrm_state_walk(struct net *net, struct xfrm_state_walk *walk, +extern int xfrm_state_walk(struct xfrm_state_walk *walk, int (*func)(struct xfrm_state *, int, void*), void *); extern void xfrm_state_walk_done(struct xfrm_state_walk *walk); -extern struct xfrm_state *xfrm_state_alloc(struct net *net); +extern struct xfrm_state *xfrm_state_alloc(void); extern struct xfrm_state *xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr, struct flowi *fl, struct xfrm_tmpl *tmpl, struct xfrm_policy *pol, int *err, unsigned short family); -extern struct xfrm_state * xfrm_stateonly_find(struct net *net, - xfrm_address_t *daddr, +extern struct xfrm_state * xfrm_stateonly_find(xfrm_address_t *daddr, xfrm_address_t *saddr, unsigned short family, u8 mode, u8 proto, u32 reqid); @@ -1332,8 +1308,8 @@ extern int xfrm_state_check_expire(struct xfrm_state *x); extern void xfrm_state_insert(struct xfrm_state *x); extern int xfrm_state_add(struct xfrm_state *x); extern int xfrm_state_update(struct xfrm_state *x); -extern struct xfrm_state *xfrm_state_lookup(struct net *net, xfrm_address_t *daddr, __be32 spi, u8 proto, unsigned short family); -extern struct xfrm_state *xfrm_state_lookup_byaddr(struct net *net, xfrm_address_t *daddr, xfrm_address_t *saddr, u8 proto, unsigned short family); +extern struct xfrm_state *xfrm_state_lookup(xfrm_address_t *daddr, __be32 spi, u8 proto, unsigned short family); +extern struct xfrm_state *xfrm_state_lookup_byaddr(xfrm_address_t *daddr, xfrm_address_t *saddr, u8 proto, unsigned short family); #ifdef CONFIG_XFRM_SUB_POLICY extern int xfrm_tmpl_sort(struct xfrm_tmpl **dst, struct xfrm_tmpl **src, int n, unsigned short family); @@ -1370,9 +1346,9 @@ struct xfrmk_spdinfo { u32 spdhmcnt; }; -extern struct xfrm_state *xfrm_find_acq_byseq(struct net *net, u32 seq); +extern struct xfrm_state *xfrm_find_acq_byseq(u32 seq); extern int xfrm_state_delete(struct xfrm_state *x); -extern int xfrm_state_flush(struct net *net, u8 proto, struct xfrm_audit *audit_info); +extern int xfrm_state_flush(u8 proto, struct xfrm_audit *audit_info); extern void xfrm_sad_getinfo(struct xfrmk_sadinfo *si); extern void xfrm_spd_getinfo(struct xfrmk_spdinfo *si); extern int xfrm_replay_check(struct xfrm_state *x, @@ -1440,22 +1416,22 @@ static inline int xfrm4_udp_encap_rcv(struct sock *sk, struct sk_buff *skb) } #endif -struct xfrm_policy *xfrm_policy_alloc(struct net *net, gfp_t gfp); +struct xfrm_policy *xfrm_policy_alloc(gfp_t gfp); extern void xfrm_policy_walk_init(struct xfrm_policy_walk *walk, u8 type); -extern int xfrm_policy_walk(struct net *net, struct xfrm_policy_walk *walk, +extern int xfrm_policy_walk(struct xfrm_policy_walk *walk, int (*func)(struct xfrm_policy *, int, int, void*), void *); extern void xfrm_policy_walk_done(struct xfrm_policy_walk *walk); int xfrm_policy_insert(int dir, struct xfrm_policy *policy, int excl); -struct xfrm_policy *xfrm_policy_bysel_ctx(struct net *net, u8 type, int dir, +struct xfrm_policy *xfrm_policy_bysel_ctx(u8 type, int dir, struct xfrm_selector *sel, struct xfrm_sec_ctx *ctx, int delete, int *err); -struct xfrm_policy *xfrm_policy_byid(struct net *net, u8, int dir, u32 id, int delete, int *err); -int xfrm_policy_flush(struct net *net, u8 type, struct xfrm_audit *audit_info); +struct xfrm_policy *xfrm_policy_byid(u8, int dir, u32 id, int delete, int *err); +int xfrm_policy_flush(u8 type, struct xfrm_audit *audit_info); u32 xfrm_get_acqseq(void); extern int xfrm_alloc_spi(struct xfrm_state *x, u32 minspi, u32 maxspi); -struct xfrm_state * xfrm_find_acq(struct net *net, u8 mode, u32 reqid, u8 proto, +struct xfrm_state * xfrm_find_acq(u8 mode, u32 reqid, u8 proto, xfrm_address_t *daddr, xfrm_address_t *saddr, int create, unsigned short family); extern int xfrm_sk_policy_insert(struct sock *sk, int dir, struct xfrm_policy *pol); @@ -1474,9 +1450,10 @@ extern int xfrm_migrate(struct xfrm_selector *sel, u8 dir, u8 type, struct xfrm_kmaddress *k); #endif +extern wait_queue_head_t km_waitq; extern int km_new_mapping(struct xfrm_state *x, xfrm_address_t *ipaddr, __be16 sport); extern void km_policy_expired(struct xfrm_policy *pol, int dir, int hard, u32 pid); -extern int km_report(struct net *net, u8 proto, struct xfrm_selector *sel, xfrm_address_t *addr); +extern int km_report(u8 proto, struct xfrm_selector *sel, xfrm_address_t *addr); extern void xfrm_input_init(void); extern int xfrm_parse_spi(struct sk_buff *skb, u8 nexthdr, __be32 *spi, __be32 *seq); @@ -1521,20 +1498,18 @@ static inline int xfrm_policy_id2dir(u32 index) return index & 7; } -#ifdef CONFIG_XFRM -static inline int xfrm_aevent_is_on(struct net *net) +static inline int xfrm_aevent_is_on(void) { struct sock *nlsk; int ret = 0; rcu_read_lock(); - nlsk = rcu_dereference(net->xfrm.nlsk); + nlsk = rcu_dereference(xfrm_nl); if (nlsk) ret = netlink_has_listeners(nlsk, XFRMNLGRP_AEVENTS); rcu_read_unlock(); return ret; } -#endif static inline int xfrm_alg_len(struct xfrm_algo *alg) { diff --git a/trunk/net/ax25/sysctl_net_ax25.c b/trunk/net/ax25/sysctl_net_ax25.c index 62ee3fb34732..c1d877bb5dff 100644 --- a/trunk/net/ax25/sysctl_net_ax25.c +++ b/trunk/net/ax25/sysctl_net_ax25.c @@ -24,9 +24,7 @@ static int min_idle[1], max_idle[] = {65535000}; static int min_n2[] = {1}, max_n2[] = {31}; static int min_paclen[] = {1}, max_paclen[] = {512}; static int min_proto[1], max_proto[] = { AX25_PROTO_MAX }; -#ifdef CONFIG_AX25_DAMA_SLAVE static int min_ds_timeout[1], max_ds_timeout[] = {65535000}; -#endif static struct ctl_table_header *ax25_table_header; diff --git a/trunk/net/bluetooth/rfcomm/sock.c b/trunk/net/bluetooth/rfcomm/sock.c index bc0d4a7ce6ae..8a972b6ba85f 100644 --- a/trunk/net/bluetooth/rfcomm/sock.c +++ b/trunk/net/bluetooth/rfcomm/sock.c @@ -792,9 +792,7 @@ static int rfcomm_sock_getsockopt(struct socket *sock, int level, int optname, c static int rfcomm_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) { -#if defined(CONFIG_BT_RFCOMM_TTY) || defined(CONFIG_BT_RFCOMM_DEBUG) struct sock *sk = sock->sk; -#endif int err; BT_DBG("sk %p cmd %x arg %lx", sk, cmd, arg); diff --git a/trunk/net/core/flow.c b/trunk/net/core/flow.c index 96015871ecea..d323388dd1ba 100644 --- a/trunk/net/core/flow.c +++ b/trunk/net/core/flow.c @@ -165,7 +165,7 @@ static int flow_key_compare(struct flowi *key1, struct flowi *key2) return 0; } -void *flow_cache_lookup(struct net *net, struct flowi *key, u16 family, u8 dir, +void *flow_cache_lookup(struct flowi *key, u16 family, u8 dir, flow_resolve_t resolver) { struct flow_cache_entry *fle, **head; @@ -225,7 +225,7 @@ void *flow_cache_lookup(struct net *net, struct flowi *key, u16 family, u8 dir, void *obj; atomic_t *obj_ref; - err = resolver(net, key, family, dir, &obj, &obj_ref); + err = resolver(key, family, dir, &obj, &obj_ref); if (fle && !err) { fle->genid = atomic_read(&flow_cache_genid); diff --git a/trunk/net/core/gen_estimator.c b/trunk/net/core/gen_estimator.c index 9cc9f95b109e..80aa160877e9 100644 --- a/trunk/net/core/gen_estimator.c +++ b/trunk/net/core/gen_estimator.c @@ -163,9 +163,8 @@ static void gen_add_node(struct gen_estimator *est) rb_insert_color(&est->node, &est_root); } -static -struct gen_estimator *gen_find_node(const struct gnet_stats_basic *bstats, - const struct gnet_stats_rate_est *rate_est) +static struct gen_estimator *gen_find_node(struct gnet_stats_basic *bstats, + struct gnet_stats_rate_est *rate_est) { struct rb_node *p = est_root.rb_node; @@ -243,7 +242,6 @@ int gen_new_estimator(struct gnet_stats_basic *bstats, return 0; } -EXPORT_SYMBOL(gen_new_estimator); static void __gen_kill_estimator(struct rcu_head *head) { @@ -277,7 +275,6 @@ void gen_kill_estimator(struct gnet_stats_basic *bstats, call_rcu(&e->e_rcu, __gen_kill_estimator); } } -EXPORT_SYMBOL(gen_kill_estimator); /** * gen_replace_estimator - replace rate estimator configuration @@ -298,20 +295,8 @@ int gen_replace_estimator(struct gnet_stats_basic *bstats, gen_kill_estimator(bstats, rate_est); return gen_new_estimator(bstats, rate_est, stats_lock, opt); } -EXPORT_SYMBOL(gen_replace_estimator); -/** - * gen_estimator_active - test if estimator is currently in use - * @bstats: basic statistics - * @rate_est: rate estimator statistics - * - * Returns true if estimator is active, and false if not. - */ -bool gen_estimator_active(const struct gnet_stats_basic *bstats, - const struct gnet_stats_rate_est *rate_est) -{ - ASSERT_RTNL(); - return gen_find_node(bstats, rate_est) != NULL; -} -EXPORT_SYMBOL(gen_estimator_active); +EXPORT_SYMBOL(gen_kill_estimator); +EXPORT_SYMBOL(gen_new_estimator); +EXPORT_SYMBOL(gen_replace_estimator); diff --git a/trunk/net/core/net-sysfs.c b/trunk/net/core/net-sysfs.c index 6ac29a46e23e..afd42d717320 100644 --- a/trunk/net/core/net-sysfs.c +++ b/trunk/net/core/net-sysfs.c @@ -427,9 +427,6 @@ static int netdev_uevent(struct device *d, struct kobj_uevent_env *env) struct net_device *dev = to_net_dev(d); int retval; - if (!net_eq(dev_net(dev), &init_net)) - return 0; - /* pass interface to uevent. */ retval = add_uevent_var(env, "INTERFACE=%s", dev->name); if (retval) diff --git a/trunk/net/core/pktgen.c b/trunk/net/core/pktgen.c index 65498483325a..15e0c2c7aacf 100644 --- a/trunk/net/core/pktgen.c +++ b/trunk/net/core/pktgen.c @@ -2165,8 +2165,7 @@ static void get_ipsec_sa(struct pktgen_dev *pkt_dev, int flow) struct xfrm_state *x = pkt_dev->flows[flow].x; if (!x) { /*slow path: we dont already have xfrm_state*/ - x = xfrm_stateonly_find(&init_net, - (xfrm_address_t *)&pkt_dev->cur_daddr, + x = xfrm_stateonly_find((xfrm_address_t *)&pkt_dev->cur_daddr, (xfrm_address_t *)&pkt_dev->cur_saddr, AF_INET, pkt_dev->ipsmode, diff --git a/trunk/net/core/skbuff.c b/trunk/net/core/skbuff.c index e03d77d4c1c9..57555a4525da 100644 --- a/trunk/net/core/skbuff.c +++ b/trunk/net/core/skbuff.c @@ -2018,10 +2018,7 @@ void skb_split(struct sk_buff *skb, struct sk_buff *skb1, const u32 len) skb_split_no_header(skb, skb1, len, pos); } -/* Shifting from/to a cloned skb is a no-go. - * - * Caller cannot keep skb_shinfo related pointers past calling here! - */ +/* Shifting from/to a cloned skb is a no-go. */ static int skb_prepare_for_shift(struct sk_buff *skb) { return skb_cloned(skb) && pskb_expand_head(skb, 0, 0, GFP_ATOMIC); @@ -2073,8 +2070,6 @@ int skb_shift(struct sk_buff *tgt, struct sk_buff *skb, int shiftlen) skb_prepare_for_shift(tgt)) return 0; - /* All previous frag pointers might be stale! */ - fragfrom = &skb_shinfo(skb)->frags[from]; fragto = &skb_shinfo(tgt)->frags[merge]; fragto->size += shiftlen; diff --git a/trunk/net/core/sock.c b/trunk/net/core/sock.c index b28764558a7d..a4e840e5a053 100644 --- a/trunk/net/core/sock.c +++ b/trunk/net/core/sock.c @@ -289,11 +289,7 @@ int sock_queue_rcv_skb(struct sock *sk, struct sk_buff *skb) skb->dev = NULL; skb_set_owner_r(skb, sk); - /* - * release dst right now while its hot - */ - dst_release(skb->dst); - skb->dst = NULL; + /* Cache the SKB length before we tack it onto the receive * queue. Once it is added it no longer belongs to us and * may be freed by other threads of control pulling packets @@ -1075,7 +1071,7 @@ struct sock *sk_clone(const struct sock *sk, const gfp_t priority) newsk->sk_sleep = NULL; if (newsk->sk_prot->sockets_allocated) - percpu_counter_inc(newsk->sk_prot->sockets_allocated); + atomic_inc(newsk->sk_prot->sockets_allocated); } out: return newsk; @@ -1467,12 +1463,8 @@ int __sk_mem_schedule(struct sock *sk, int size, int kind) } if (prot->memory_pressure) { - int alloc; - - if (!*prot->memory_pressure) - return 1; - alloc = percpu_counter_read_positive(prot->sockets_allocated); - if (prot->sysctl_mem[2] > alloc * + if (!*prot->memory_pressure || + prot->sysctl_mem[2] > atomic_read(prot->sockets_allocated) * sk_mem_pages(sk->sk_wmem_queued + atomic_read(&sk->sk_rmem_alloc) + sk->sk_forward_alloc)) diff --git a/trunk/net/core/sysctl_net_core.c b/trunk/net/core/sysctl_net_core.c index 83d3398559ea..2bc0384b0448 100644 --- a/trunk/net/core/sysctl_net_core.c +++ b/trunk/net/core/sysctl_net_core.c @@ -12,6 +12,7 @@ #include #include #include +#include static struct ctl_table net_core_table[] = { #ifdef CONFIG_NET @@ -88,6 +89,40 @@ static struct ctl_table net_core_table[] = { .mode = 0644, .proc_handler = proc_dointvec }, +#ifdef CONFIG_XFRM + { + .ctl_name = NET_CORE_AEVENT_ETIME, + .procname = "xfrm_aevent_etime", + .data = &sysctl_xfrm_aevent_etime, + .maxlen = sizeof(u32), + .mode = 0644, + .proc_handler = proc_dointvec + }, + { + .ctl_name = NET_CORE_AEVENT_RSEQTH, + .procname = "xfrm_aevent_rseqth", + .data = &sysctl_xfrm_aevent_rseqth, + .maxlen = sizeof(u32), + .mode = 0644, + .proc_handler = proc_dointvec + }, + { + .ctl_name = CTL_UNNUMBERED, + .procname = "xfrm_larval_drop", + .data = &sysctl_xfrm_larval_drop, + .maxlen = sizeof(int), + .mode = 0644, + .proc_handler = proc_dointvec + }, + { + .ctl_name = CTL_UNNUMBERED, + .procname = "xfrm_acq_expires", + .data = &sysctl_xfrm_acq_expires, + .maxlen = sizeof(int), + .mode = 0644, + .proc_handler = proc_dointvec + }, +#endif /* CONFIG_XFRM */ #endif /* CONFIG_NET */ { .ctl_name = NET_CORE_BUDGET, @@ -120,7 +155,7 @@ static struct ctl_table netns_core_table[] = { { .ctl_name = 0 } }; -__net_initdata struct ctl_path net_core_path[] = { +static __net_initdata struct ctl_path net_core_path[] = { { .procname = "net", .ctl_name = CTL_NET, }, { .procname = "core", .ctl_name = NET_CORE, }, { }, @@ -172,11 +207,8 @@ static __net_initdata struct pernet_operations sysctl_core_ops = { static __init int sysctl_core_init(void) { - static struct ctl_table empty[1]; - - register_sysctl_paths(net_core_path, empty); register_net_sysctl_rotable(net_core_path, net_core_table); return register_pernet_subsys(&sysctl_core_ops); } -fs_initcall(sysctl_core_init); +__initcall(sysctl_core_init); diff --git a/trunk/net/dccp/dccp.h b/trunk/net/dccp/dccp.h index 33a1127270c1..031ce350d3c1 100644 --- a/trunk/net/dccp/dccp.h +++ b/trunk/net/dccp/dccp.h @@ -49,7 +49,7 @@ extern int dccp_debug; extern struct inet_hashinfo dccp_hashinfo; -extern struct percpu_counter dccp_orphan_count; +extern atomic_t dccp_orphan_count; extern void dccp_time_wait(struct sock *sk, int state, int timeo); diff --git a/trunk/net/dccp/ipv6.c b/trunk/net/dccp/ipv6.c index b963f35c65f6..f033e845bb07 100644 --- a/trunk/net/dccp/ipv6.c +++ b/trunk/net/dccp/ipv6.c @@ -168,7 +168,7 @@ static void dccp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, goto out; } - err = xfrm_lookup(net, &dst, &fl, sk, 0); + err = xfrm_lookup(&dst, &fl, sk, 0); if (err < 0) { sk->sk_err_soft = -err; goto out; @@ -279,7 +279,7 @@ static int dccp_v6_send_response(struct sock *sk, struct request_sock *req) if (final_p) ipv6_addr_copy(&fl.fl6_dst, final_p); - err = xfrm_lookup(sock_net(sk), &dst, &fl, sk, 0); + err = xfrm_lookup(&dst, &fl, sk, 0); if (err < 0) goto done; @@ -343,7 +343,7 @@ static void dccp_v6_ctl_send_reset(struct sock *sk, struct sk_buff *rxskb) /* sk = NULL, but it is safe for now. RST socket required. */ if (!ip6_dst_lookup(ctl_sk, &skb->dst, &fl)) { - if (xfrm_lookup(net, &skb->dst, &fl, NULL, 0) >= 0) { + if (xfrm_lookup(&skb->dst, &fl, NULL, 0) >= 0) { ip6_xmit(ctl_sk, skb, &fl, NULL, 0); DCCP_INC_STATS_BH(DCCP_MIB_OUTSEGS); DCCP_INC_STATS_BH(DCCP_MIB_OUTRSTS); @@ -569,7 +569,7 @@ static struct sock *dccp_v6_request_recv_sock(struct sock *sk, if (final_p) ipv6_addr_copy(&fl.fl6_dst, final_p); - if ((xfrm_lookup(sock_net(sk), &dst, &fl, sk, 0)) < 0) + if ((xfrm_lookup(&dst, &fl, sk, 0)) < 0) goto out; } @@ -1004,7 +1004,7 @@ static int dccp_v6_connect(struct sock *sk, struct sockaddr *uaddr, if (final_p) ipv6_addr_copy(&fl.fl6_dst, final_p); - err = __xfrm_lookup(sock_net(sk), &dst, &fl, sk, XFRM_LOOKUP_WAIT); + err = __xfrm_lookup(&dst, &fl, sk, XFRM_LOOKUP_WAIT); if (err < 0) { if (err == -EREMOTE) err = ip6_dst_blackhole(sk, &dst, &fl); diff --git a/trunk/net/dccp/options.c b/trunk/net/dccp/options.c index 20d5c72d1fdb..bfa1cb8f3ef1 100644 --- a/trunk/net/dccp/options.c +++ b/trunk/net/dccp/options.c @@ -67,7 +67,7 @@ int dccp_parse_options(struct sock *sk, struct dccp_request_sock *dreq, (dh->dccph_doff * 4); struct dccp_options_received *opt_recv = &dp->dccps_options_received; unsigned char opt, len; - unsigned char *uninitialized_var(value); + unsigned char *value; u32 elapsed_time; __be32 opt_val; int rc; diff --git a/trunk/net/dccp/proto.c b/trunk/net/dccp/proto.c index db225f93cd5a..ea85c423cdbd 100644 --- a/trunk/net/dccp/proto.c +++ b/trunk/net/dccp/proto.c @@ -40,7 +40,8 @@ DEFINE_SNMP_STAT(struct dccp_mib, dccp_statistics) __read_mostly; EXPORT_SYMBOL_GPL(dccp_statistics); -struct percpu_counter dccp_orphan_count; +atomic_t dccp_orphan_count = ATOMIC_INIT(0); + EXPORT_SYMBOL_GPL(dccp_orphan_count); struct inet_hashinfo dccp_hashinfo; @@ -999,7 +1000,7 @@ void dccp_close(struct sock *sk, long timeout) state = sk->sk_state; sock_hold(sk); sock_orphan(sk); - percpu_counter_inc(sk->sk_prot->orphan_count); + atomic_inc(sk->sk_prot->orphan_count); /* * It is the last release_sock in its life. It will remove backlog. @@ -1063,21 +1064,18 @@ static int __init dccp_init(void) { unsigned long goal; int ehash_order, bhash_order, i; - int rc; + int rc = -ENOBUFS; BUILD_BUG_ON(sizeof(struct dccp_skb_cb) > FIELD_SIZEOF(struct sk_buff, cb)); - rc = percpu_counter_init(&dccp_orphan_count, 0); - if (rc) - goto out; - rc = -ENOBUFS; + inet_hashinfo_init(&dccp_hashinfo); dccp_hashinfo.bind_bucket_cachep = kmem_cache_create("dccp_bind_bucket", sizeof(struct inet_bind_bucket), 0, SLAB_HWCACHE_ALIGN, NULL); if (!dccp_hashinfo.bind_bucket_cachep) - goto out_free_percpu; + goto out; /* * Size and allocate the main established and bind bucket @@ -1170,8 +1168,6 @@ static int __init dccp_init(void) out_free_bind_bucket_cachep: kmem_cache_destroy(dccp_hashinfo.bind_bucket_cachep); dccp_hashinfo.bind_bucket_cachep = NULL; -out_free_percpu: - percpu_counter_destroy(&dccp_orphan_count); goto out; } diff --git a/trunk/net/decnet/dn_route.c b/trunk/net/decnet/dn_route.c index eeaa3d819f9c..768df000523b 100644 --- a/trunk/net/decnet/dn_route.c +++ b/trunk/net/decnet/dn_route.c @@ -1184,7 +1184,7 @@ static int dn_route_output_key(struct dst_entry **pprt, struct flowi *flp, int f err = __dn_route_output_key(pprt, flp, flags); if (err == 0 && flp->proto) { - err = xfrm_lookup(&init_net, pprt, flp, NULL, 0); + err = xfrm_lookup(pprt, flp, NULL, 0); } return err; } @@ -1195,8 +1195,8 @@ int dn_route_output_sock(struct dst_entry **pprt, struct flowi *fl, struct sock err = __dn_route_output_key(pprt, fl, flags & MSG_TRYHARD); if (err == 0 && fl->proto) { - err = xfrm_lookup(&init_net, pprt, fl, sk, - (flags & MSG_DONTWAIT) ? 0 : XFRM_LOOKUP_WAIT); + err = xfrm_lookup(pprt, fl, sk, (flags & MSG_DONTWAIT) ? + 0 : XFRM_LOOKUP_WAIT); } return err; } diff --git a/trunk/net/dsa/mv88e6060.c b/trunk/net/dsa/mv88e6060.c index bfb4a643c860..54068ef251e8 100644 --- a/trunk/net/dsa/mv88e6060.c +++ b/trunk/net/dsa/mv88e6060.c @@ -222,7 +222,7 @@ static void mv88e6060_poll_link(struct dsa_switch *ds) for (i = 0; i < DSA_MAX_PORTS; i++) { struct net_device *dev; - int uninitialized_var(port_status); + int port_status; int link; int speed; int duplex; diff --git a/trunk/net/dsa/mv88e6xxx.c b/trunk/net/dsa/mv88e6xxx.c index 4e4d8b5ad03d..aa6c609c59f2 100644 --- a/trunk/net/dsa/mv88e6xxx.c +++ b/trunk/net/dsa/mv88e6xxx.c @@ -358,7 +358,7 @@ void mv88e6xxx_poll_link(struct dsa_switch *ds) for (i = 0; i < DSA_MAX_PORTS; i++) { struct net_device *dev; - int uninitialized_var(port_status); + int port_status; int link; int speed; int duplex; diff --git a/trunk/net/ipv4/ah4.c b/trunk/net/ipv4/ah4.c index e878e494296e..992ecd8662e2 100644 --- a/trunk/net/ipv4/ah4.c +++ b/trunk/net/ipv4/ah4.c @@ -201,7 +201,6 @@ static int ah_input(struct xfrm_state *x, struct sk_buff *skb) static void ah4_err(struct sk_buff *skb, u32 info) { - struct net *net = dev_net(skb->dev); struct iphdr *iph = (struct iphdr *)skb->data; struct ip_auth_hdr *ah = (struct ip_auth_hdr *)(skb->data+(iph->ihl<<2)); struct xfrm_state *x; @@ -210,7 +209,7 @@ static void ah4_err(struct sk_buff *skb, u32 info) icmp_hdr(skb)->code != ICMP_FRAG_NEEDED) return; - x = xfrm_state_lookup(net, (xfrm_address_t *)&iph->daddr, ah->spi, IPPROTO_AH, AF_INET); + x = xfrm_state_lookup((xfrm_address_t *)&iph->daddr, ah->spi, IPPROTO_AH, AF_INET); if (!x) return; printk(KERN_DEBUG "pmtu discovery on SA AH/%08x/%08x\n", @@ -315,7 +314,6 @@ static struct net_protocol ah4_protocol = { .handler = xfrm4_rcv, .err_handler = ah4_err, .no_policy = 1, - .netns_ok = 1, }; static int __init ah4_init(void) diff --git a/trunk/net/ipv4/esp4.c b/trunk/net/ipv4/esp4.c index 18bb383ea393..95a9c65003f8 100644 --- a/trunk/net/ipv4/esp4.c +++ b/trunk/net/ipv4/esp4.c @@ -413,7 +413,6 @@ static u32 esp4_get_mtu(struct xfrm_state *x, int mtu) static void esp4_err(struct sk_buff *skb, u32 info) { - struct net *net = dev_net(skb->dev); struct iphdr *iph = (struct iphdr *)skb->data; struct ip_esp_hdr *esph = (struct ip_esp_hdr *)(skb->data+(iph->ihl<<2)); struct xfrm_state *x; @@ -422,7 +421,7 @@ static void esp4_err(struct sk_buff *skb, u32 info) icmp_hdr(skb)->code != ICMP_FRAG_NEEDED) return; - x = xfrm_state_lookup(net, (xfrm_address_t *)&iph->daddr, esph->spi, IPPROTO_ESP, AF_INET); + x = xfrm_state_lookup((xfrm_address_t *)&iph->daddr, esph->spi, IPPROTO_ESP, AF_INET); if (!x) return; NETDEBUG(KERN_DEBUG "pmtu discovery on SA ESP/%08x/%08x\n", @@ -619,7 +618,6 @@ static struct net_protocol esp4_protocol = { .handler = xfrm4_rcv, .err_handler = esp4_err, .no_policy = 1, - .netns_ok = 1, }; static int __init esp4_init(void) diff --git a/trunk/net/ipv4/icmp.c b/trunk/net/ipv4/icmp.c index 705b33b184a3..7b88be9803b1 100644 --- a/trunk/net/ipv4/icmp.c +++ b/trunk/net/ipv4/icmp.c @@ -562,7 +562,7 @@ void icmp_send(struct sk_buff *skb_in, int type, int code, __be32 info) /* No need to clone since we're just using its address. */ rt2 = rt; - err = xfrm_lookup(net, (struct dst_entry **)&rt, &fl, NULL, 0); + err = xfrm_lookup((struct dst_entry **)&rt, &fl, NULL, 0); switch (err) { case 0: if (rt != rt2) @@ -601,7 +601,7 @@ void icmp_send(struct sk_buff *skb_in, int type, int code, __be32 info) if (err) goto relookup_failed; - err = xfrm_lookup(net, (struct dst_entry **)&rt2, &fl, NULL, + err = xfrm_lookup((struct dst_entry **)&rt2, &fl, NULL, XFRM_LOOKUP_ICMP); switch (err) { case 0: diff --git a/trunk/net/ipv4/inet_connection_sock.c b/trunk/net/ipv4/inet_connection_sock.c index 1ccdbba528be..05af807ca9b9 100644 --- a/trunk/net/ipv4/inet_connection_sock.c +++ b/trunk/net/ipv4/inet_connection_sock.c @@ -561,7 +561,7 @@ void inet_csk_destroy_sock(struct sock *sk) sk_refcnt_debug_release(sk); - percpu_counter_dec(sk->sk_prot->orphan_count); + atomic_dec(sk->sk_prot->orphan_count); sock_put(sk); } @@ -641,7 +641,7 @@ void inet_csk_listen_stop(struct sock *sk) sock_orphan(child); - percpu_counter_inc(sk->sk_prot->orphan_count); + atomic_inc(sk->sk_prot->orphan_count); inet_csk_destroy_sock(child); diff --git a/trunk/net/ipv4/ipcomp.c b/trunk/net/ipv4/ipcomp.c index 3262ce06294c..ec8264ae45c2 100644 --- a/trunk/net/ipv4/ipcomp.c +++ b/trunk/net/ipv4/ipcomp.c @@ -35,7 +35,7 @@ static void ipcomp4_err(struct sk_buff *skb, u32 info) return; spi = htonl(ntohs(ipch->cpi)); - x = xfrm_state_lookup(&init_net, (xfrm_address_t *)&iph->daddr, + x = xfrm_state_lookup((xfrm_address_t *)&iph->daddr, spi, IPPROTO_COMP, AF_INET); if (!x) return; @@ -49,7 +49,7 @@ static struct xfrm_state *ipcomp_tunnel_create(struct xfrm_state *x) { struct xfrm_state *t; - t = xfrm_state_alloc(&init_net); + t = xfrm_state_alloc(); if (t == NULL) goto out; @@ -85,7 +85,7 @@ static int ipcomp_tunnel_attach(struct xfrm_state *x) int err = 0; struct xfrm_state *t; - t = xfrm_state_lookup(&init_net, (xfrm_address_t *)&x->id.daddr.a4, + t = xfrm_state_lookup((xfrm_address_t *)&x->id.daddr.a4, x->props.saddr.a4, IPPROTO_IPIP, AF_INET); if (!t) { t = ipcomp_tunnel_create(x); diff --git a/trunk/net/ipv4/netfilter.c b/trunk/net/ipv4/netfilter.c index c99eecf89da5..6efdb70b3eb2 100644 --- a/trunk/net/ipv4/netfilter.c +++ b/trunk/net/ipv4/netfilter.c @@ -66,7 +66,7 @@ int ip_route_me_harder(struct sk_buff *skb, unsigned addr_type) #ifdef CONFIG_XFRM if (!(IPCB(skb)->flags & IPSKB_XFRM_TRANSFORMED) && xfrm_decode_session(skb, &fl, AF_INET) == 0) - if (xfrm_lookup(net, &skb->dst, &fl, skb->sk, 0)) + if (xfrm_lookup(&skb->dst, &fl, skb->sk, 0)) return -1; #endif @@ -97,7 +97,7 @@ int ip_xfrm_me_harder(struct sk_buff *skb) dst = ((struct xfrm_dst *)dst)->route; dst_hold(dst); - if (xfrm_lookup(dev_net(dst->dev), &dst, &fl, skb->sk, 0) < 0) + if (xfrm_lookup(&dst, &fl, skb->sk, 0) < 0) return -1; dst_release(skb->dst); diff --git a/trunk/net/ipv4/proc.c b/trunk/net/ipv4/proc.c index 614958b7c276..731789bb499f 100644 --- a/trunk/net/ipv4/proc.c +++ b/trunk/net/ipv4/proc.c @@ -54,9 +54,8 @@ static int sockstat_seq_show(struct seq_file *seq, void *v) socket_seq_show(seq); seq_printf(seq, "TCP: inuse %d orphan %d tw %d alloc %d mem %d\n", sock_prot_inuse_get(net, &tcp_prot), - (int)percpu_counter_sum_positive(&tcp_orphan_count), - tcp_death_row.tw_count, - (int)percpu_counter_sum_positive(&tcp_sockets_allocated), + atomic_read(&tcp_orphan_count), + tcp_death_row.tw_count, atomic_read(&tcp_sockets_allocated), atomic_read(&tcp_memory_allocated)); seq_printf(seq, "UDP: inuse %d mem %d\n", sock_prot_inuse_get(net, &udp_prot), diff --git a/trunk/net/ipv4/route.c b/trunk/net/ipv4/route.c index 77bfba975959..4e6959c29819 100644 --- a/trunk/net/ipv4/route.c +++ b/trunk/net/ipv4/route.c @@ -2761,7 +2761,7 @@ int ip_route_output_flow(struct net *net, struct rtable **rp, struct flowi *flp, flp->fl4_src = (*rp)->rt_src; if (!flp->fl4_dst) flp->fl4_dst = (*rp)->rt_dst; - err = __xfrm_lookup(net, (struct dst_entry **)rp, flp, sk, + err = __xfrm_lookup((struct dst_entry **)rp, flp, sk, flags ? XFRM_LOOKUP_WAIT : 0); if (err == -EREMOTE) err = ipv4_dst_blackhole(net, rp, flp); diff --git a/trunk/net/ipv4/tcp.c b/trunk/net/ipv4/tcp.c index 019243408623..044224a341eb 100644 --- a/trunk/net/ipv4/tcp.c +++ b/trunk/net/ipv4/tcp.c @@ -277,7 +277,8 @@ int sysctl_tcp_fin_timeout __read_mostly = TCP_FIN_TIMEOUT; -struct percpu_counter tcp_orphan_count; +atomic_t tcp_orphan_count = ATOMIC_INIT(0); + EXPORT_SYMBOL_GPL(tcp_orphan_count); int sysctl_tcp_mem[3] __read_mostly; @@ -289,12 +290,9 @@ EXPORT_SYMBOL(sysctl_tcp_rmem); EXPORT_SYMBOL(sysctl_tcp_wmem); atomic_t tcp_memory_allocated; /* Current allocated memory. */ -EXPORT_SYMBOL(tcp_memory_allocated); +atomic_t tcp_sockets_allocated; /* Current number of TCP sockets. */ -/* - * Current number of TCP sockets. - */ -struct percpu_counter tcp_sockets_allocated; +EXPORT_SYMBOL(tcp_memory_allocated); EXPORT_SYMBOL(tcp_sockets_allocated); /* @@ -1836,7 +1834,7 @@ void tcp_close(struct sock *sk, long timeout) state = sk->sk_state; sock_hold(sk); sock_orphan(sk); - percpu_counter_inc(sk->sk_prot->orphan_count); + atomic_inc(sk->sk_prot->orphan_count); /* It is the last release_sock in its life. It will remove backlog. */ release_sock(sk); @@ -1887,11 +1885,9 @@ void tcp_close(struct sock *sk, long timeout) } } if (sk->sk_state != TCP_CLOSE) { - int orphan_count = percpu_counter_read_positive( - sk->sk_prot->orphan_count); - sk_mem_reclaim(sk); - if (tcp_too_many_orphans(sk, orphan_count)) { + if (tcp_too_many_orphans(sk, + atomic_read(sk->sk_prot->orphan_count))) { if (net_ratelimit()) printk(KERN_INFO "TCP: too many of orphaned " "sockets\n"); @@ -2689,8 +2685,6 @@ void __init tcp_init(void) BUILD_BUG_ON(sizeof(struct tcp_skb_cb) > sizeof(skb->cb)); - percpu_counter_init(&tcp_sockets_allocated, 0); - percpu_counter_init(&tcp_orphan_count, 0); tcp_hashinfo.bind_bucket_cachep = kmem_cache_create("tcp_bind_bucket", sizeof(struct inet_bind_bucket), 0, diff --git a/trunk/net/ipv4/tcp_input.c b/trunk/net/ipv4/tcp_input.c index d67b6e9cc540..9f8a80ba17bd 100644 --- a/trunk/net/ipv4/tcp_input.c +++ b/trunk/net/ipv4/tcp_input.c @@ -1940,7 +1940,7 @@ tcp_sacktag_write_queue(struct sock *sk, struct sk_buff *ack_skb, /* Limits sacked_out so that sum with lost_out isn't ever larger than * packets_out. Returns zero if sacked_out adjustement wasn't necessary. */ -static int tcp_limit_reno_sacked(struct tcp_sock *tp) +int tcp_limit_reno_sacked(struct tcp_sock *tp) { u32 holes; diff --git a/trunk/net/ipv4/tcp_ipv4.c b/trunk/net/ipv4/tcp_ipv4.c index 26b9030747cc..cab2458f86fd 100644 --- a/trunk/net/ipv4/tcp_ipv4.c +++ b/trunk/net/ipv4/tcp_ipv4.c @@ -1797,7 +1797,7 @@ static int tcp_v4_init_sock(struct sock *sk) sk->sk_sndbuf = sysctl_tcp_wmem[1]; sk->sk_rcvbuf = sysctl_tcp_rmem[1]; - percpu_counter_inc(&tcp_sockets_allocated); + atomic_inc(&tcp_sockets_allocated); return 0; } @@ -1845,7 +1845,7 @@ void tcp_v4_destroy_sock(struct sock *sk) sk->sk_sndmsg_page = NULL; } - percpu_counter_dec(&tcp_sockets_allocated); + atomic_dec(&tcp_sockets_allocated); } EXPORT_SYMBOL(tcp_v4_destroy_sock); diff --git a/trunk/net/ipv4/tcp_timer.c b/trunk/net/ipv4/tcp_timer.c index cc4e6d27dedc..3df339e3e363 100644 --- a/trunk/net/ipv4/tcp_timer.c +++ b/trunk/net/ipv4/tcp_timer.c @@ -65,7 +65,7 @@ static void tcp_write_err(struct sock *sk) static int tcp_out_of_resources(struct sock *sk, int do_reset) { struct tcp_sock *tp = tcp_sk(sk); - int orphans = percpu_counter_read_positive(&tcp_orphan_count); + int orphans = atomic_read(&tcp_orphan_count); /* If peer does not open window for long time, or did not transmit * anything for long time, penalize it. */ diff --git a/trunk/net/ipv4/udp.c b/trunk/net/ipv4/udp.c index cf5ab0581eba..549114472db3 100644 --- a/trunk/net/ipv4/udp.c +++ b/trunk/net/ipv4/udp.c @@ -970,18 +970,16 @@ int udp_disconnect(struct sock *sk, int flags) void udp_lib_unhash(struct sock *sk) { - if (sk_hashed(sk)) { - struct udp_table *udptable = sk->sk_prot->h.udp_table; - unsigned int hash = udp_hashfn(sock_net(sk), sk->sk_hash); - struct udp_hslot *hslot = &udptable->hash[hash]; + struct udp_table *udptable = sk->sk_prot->h.udp_table; + unsigned int hash = udp_hashfn(sock_net(sk), sk->sk_hash); + struct udp_hslot *hslot = &udptable->hash[hash]; - spin_lock_bh(&hslot->lock); - if (sk_nulls_del_node_init_rcu(sk)) { - inet_sk(sk)->num = 0; - sock_prot_inuse_add(sock_net(sk), sk->sk_prot, -1); - } - spin_unlock_bh(&hslot->lock); + spin_lock_bh(&hslot->lock); + if (sk_nulls_del_node_init_rcu(sk)) { + inet_sk(sk)->num = 0; + sock_prot_inuse_add(sock_net(sk), sk->sk_prot, -1); } + spin_unlock_bh(&hslot->lock); } EXPORT_SYMBOL(udp_lib_unhash); diff --git a/trunk/net/ipv4/xfrm4_policy.c b/trunk/net/ipv4/xfrm4_policy.c index 2ad24ba31f9d..84dbb5a03cc2 100644 --- a/trunk/net/ipv4/xfrm4_policy.c +++ b/trunk/net/ipv4/xfrm4_policy.c @@ -18,8 +18,7 @@ static struct dst_ops xfrm4_dst_ops; static struct xfrm_policy_afinfo xfrm4_policy_afinfo; -static struct dst_entry *xfrm4_dst_lookup(struct net *net, int tos, - xfrm_address_t *saddr, +static struct dst_entry *xfrm4_dst_lookup(int tos, xfrm_address_t *saddr, xfrm_address_t *daddr) { struct flowi fl = { @@ -37,20 +36,19 @@ static struct dst_entry *xfrm4_dst_lookup(struct net *net, int tos, if (saddr) fl.fl4_src = saddr->a4; - err = __ip_route_output_key(net, &rt, &fl); + err = __ip_route_output_key(&init_net, &rt, &fl); dst = &rt->u.dst; if (err) dst = ERR_PTR(err); return dst; } -static int xfrm4_get_saddr(struct net *net, - xfrm_address_t *saddr, xfrm_address_t *daddr) +static int xfrm4_get_saddr(xfrm_address_t *saddr, xfrm_address_t *daddr) { struct dst_entry *dst; struct rtable *rt; - dst = xfrm4_dst_lookup(net, 0, NULL, daddr); + dst = xfrm4_dst_lookup(0, NULL, daddr); if (IS_ERR(dst)) return -EHOSTUNREACH; @@ -189,7 +187,7 @@ _decode_session4(struct sk_buff *skb, struct flowi *fl, int reverse) static inline int xfrm4_garbage_collect(struct dst_ops *ops) { - xfrm4_policy_afinfo.garbage_collect(&init_net); + xfrm4_policy_afinfo.garbage_collect(); return (atomic_read(&xfrm4_dst_ops.entries) > xfrm4_dst_ops.gc_thresh*2); } diff --git a/trunk/net/ipv6/af_inet6.c b/trunk/net/ipv6/af_inet6.c index 437b750b98fd..01edac888510 100644 --- a/trunk/net/ipv6/af_inet6.c +++ b/trunk/net/ipv6/af_inet6.c @@ -637,7 +637,7 @@ int inet6_sk_rebuild_header(struct sock *sk) if (final_p) ipv6_addr_copy(&fl.fl6_dst, final_p); - if ((err = xfrm_lookup(sock_net(sk), &dst, &fl, sk, 0)) < 0) { + if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) { sk->sk_err_soft = -err; return err; } diff --git a/trunk/net/ipv6/ah6.c b/trunk/net/ipv6/ah6.c index 52449f7a1b71..13e330d89178 100644 --- a/trunk/net/ipv6/ah6.c +++ b/trunk/net/ipv6/ah6.c @@ -407,7 +407,6 @@ static int ah6_input(struct xfrm_state *x, struct sk_buff *skb) static void ah6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, int type, int code, int offset, __be32 info) { - struct net *net = dev_net(skb->dev); struct ipv6hdr *iph = (struct ipv6hdr*)skb->data; struct ip_auth_hdr *ah = (struct ip_auth_hdr*)(skb->data+offset); struct xfrm_state *x; @@ -416,7 +415,7 @@ static void ah6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, type != ICMPV6_PKT_TOOBIG) return; - x = xfrm_state_lookup(net, (xfrm_address_t *)&iph->daddr, ah->spi, IPPROTO_AH, AF_INET6); + x = xfrm_state_lookup((xfrm_address_t *)&iph->daddr, ah->spi, IPPROTO_AH, AF_INET6); if (!x) return; diff --git a/trunk/net/ipv6/datagram.c b/trunk/net/ipv6/datagram.c index e2bdc6d83a43..e44deb8d4df2 100644 --- a/trunk/net/ipv6/datagram.c +++ b/trunk/net/ipv6/datagram.c @@ -175,8 +175,7 @@ int ip6_datagram_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len) if (final_p) ipv6_addr_copy(&fl.fl6_dst, final_p); - err = __xfrm_lookup(sock_net(sk), &dst, &fl, sk, XFRM_LOOKUP_WAIT); - if (err < 0) { + if ((err = __xfrm_lookup(&dst, &fl, sk, XFRM_LOOKUP_WAIT)) < 0) { if (err == -EREMOTE) err = ip6_dst_blackhole(sk, &dst, &fl); if (err < 0) diff --git a/trunk/net/ipv6/esp6.c b/trunk/net/ipv6/esp6.c index c2f250150db1..c02a6308defe 100644 --- a/trunk/net/ipv6/esp6.c +++ b/trunk/net/ipv6/esp6.c @@ -356,7 +356,6 @@ static u32 esp6_get_mtu(struct xfrm_state *x, int mtu) static void esp6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, int type, int code, int offset, __be32 info) { - struct net *net = dev_net(skb->dev); struct ipv6hdr *iph = (struct ipv6hdr*)skb->data; struct ip_esp_hdr *esph = (struct ip_esp_hdr *)(skb->data + offset); struct xfrm_state *x; @@ -365,7 +364,7 @@ static void esp6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, type != ICMPV6_PKT_TOOBIG) return; - x = xfrm_state_lookup(net, (xfrm_address_t *)&iph->daddr, esph->spi, IPPROTO_ESP, AF_INET6); + x = xfrm_state_lookup((xfrm_address_t *)&iph->daddr, esph->spi, IPPROTO_ESP, AF_INET6); if (!x) return; printk(KERN_DEBUG "pmtu discovery on SA ESP/%08x/%pI6\n", diff --git a/trunk/net/ipv6/icmp.c b/trunk/net/ipv6/icmp.c index 4f433847d95f..a77b8d103804 100644 --- a/trunk/net/ipv6/icmp.c +++ b/trunk/net/ipv6/icmp.c @@ -427,7 +427,7 @@ void icmpv6_send(struct sk_buff *skb, int type, int code, __u32 info, /* No need to clone since we're just using its address. */ dst2 = dst; - err = xfrm_lookup(net, &dst, &fl, sk, 0); + err = xfrm_lookup(&dst, &fl, sk, 0); switch (err) { case 0: if (dst != dst2) @@ -446,7 +446,7 @@ void icmpv6_send(struct sk_buff *skb, int type, int code, __u32 info, if (ip6_dst_lookup(sk, &dst2, &fl)) goto relookup_failed; - err = xfrm_lookup(net, &dst2, &fl, sk, XFRM_LOOKUP_ICMP); + err = xfrm_lookup(&dst2, &fl, sk, XFRM_LOOKUP_ICMP); switch (err) { case 0: dst_release(dst); @@ -552,7 +552,7 @@ static void icmpv6_echo_reply(struct sk_buff *skb) err = ip6_dst_lookup(sk, &dst, &fl); if (err) goto out; - if ((err = xfrm_lookup(net, &dst, &fl, sk, 0)) < 0) + if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) goto out; if (ipv6_addr_is_multicast(&fl.fl6_dst)) diff --git a/trunk/net/ipv6/inet6_connection_sock.c b/trunk/net/ipv6/inet6_connection_sock.c index 3c3732d50c1a..16d43f20b32f 100644 --- a/trunk/net/ipv6/inet6_connection_sock.c +++ b/trunk/net/ipv6/inet6_connection_sock.c @@ -219,7 +219,7 @@ int inet6_csk_xmit(struct sk_buff *skb, int ipfragok) if (final_p) ipv6_addr_copy(&fl.fl6_dst, final_p); - if ((err = xfrm_lookup(sock_net(sk), &dst, &fl, sk, 0)) < 0) { + if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) { sk->sk_route_caps = 0; kfree_skb(skb); return err; diff --git a/trunk/net/ipv6/ip6_flowlabel.c b/trunk/net/ipv6/ip6_flowlabel.c index 5656e8aa47d8..7927a8498d17 100644 --- a/trunk/net/ipv6/ip6_flowlabel.c +++ b/trunk/net/ipv6/ip6_flowlabel.c @@ -464,7 +464,7 @@ static inline void fl_link(struct ipv6_pinfo *np, struct ipv6_fl_socklist *sfl, int ipv6_flowlabel_opt(struct sock *sk, char __user *optval, int optlen) { - int uninitialized_var(err); + int err; struct net *net = sock_net(sk); struct ipv6_pinfo *np = inet6_sk(sk); struct in6_flowlabel_req freq; diff --git a/trunk/net/ipv6/ip6_tunnel.c b/trunk/net/ipv6/ip6_tunnel.c index 58e2b0d93758..ef249ab5c93c 100644 --- a/trunk/net/ipv6/ip6_tunnel.c +++ b/trunk/net/ipv6/ip6_tunnel.c @@ -846,7 +846,6 @@ static int ip6_tnl_xmit2(struct sk_buff *skb, int encap_limit, __u32 *pmtu) { - struct net *net = dev_net(dev); struct ip6_tnl *t = netdev_priv(dev); struct net_device_stats *stats = &t->dev->stats; struct ipv6hdr *ipv6h = ipv6_hdr(skb); @@ -862,9 +861,9 @@ static int ip6_tnl_xmit2(struct sk_buff *skb, if ((dst = ip6_tnl_dst_check(t)) != NULL) dst_hold(dst); else { - dst = ip6_route_output(net, NULL, fl); + dst = ip6_route_output(dev_net(dev), NULL, fl); - if (dst->error || xfrm_lookup(net, &dst, fl, NULL, 0) < 0) + if (dst->error || xfrm_lookup(&dst, fl, NULL, 0) < 0) goto tx_err_link_failure; } diff --git a/trunk/net/ipv6/ipcomp6.c b/trunk/net/ipv6/ipcomp6.c index 3a0b3be7ece5..d4576a9c154f 100644 --- a/trunk/net/ipv6/ipcomp6.c +++ b/trunk/net/ipv6/ipcomp6.c @@ -63,7 +63,7 @@ static void ipcomp6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, return; spi = htonl(ntohs(ipcomph->cpi)); - x = xfrm_state_lookup(&init_net, (xfrm_address_t *)&iph->daddr, spi, IPPROTO_COMP, AF_INET6); + x = xfrm_state_lookup((xfrm_address_t *)&iph->daddr, spi, IPPROTO_COMP, AF_INET6); if (!x) return; @@ -76,7 +76,7 @@ static struct xfrm_state *ipcomp6_tunnel_create(struct xfrm_state *x) { struct xfrm_state *t = NULL; - t = xfrm_state_alloc(&init_net); + t = xfrm_state_alloc(); if (!t) goto out; @@ -114,7 +114,7 @@ static int ipcomp6_tunnel_attach(struct xfrm_state *x) spi = xfrm6_tunnel_spi_lookup((xfrm_address_t *)&x->props.saddr); if (spi) - t = xfrm_state_lookup(&init_net, (xfrm_address_t *)&x->id.daddr, + t = xfrm_state_lookup((xfrm_address_t *)&x->id.daddr, spi, IPPROTO_IPV6, AF_INET6); if (!t) { t = ipcomp6_tunnel_create(x); diff --git a/trunk/net/ipv6/mcast.c b/trunk/net/ipv6/mcast.c index 0f3896032830..870a1d64605a 100644 --- a/trunk/net/ipv6/mcast.c +++ b/trunk/net/ipv6/mcast.c @@ -1466,7 +1466,7 @@ static void mld_sendpack(struct sk_buff *skb) &ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr, skb->dev->ifindex); - err = xfrm_lookup(net, &skb->dst, &fl, NULL, 0); + err = xfrm_lookup(&skb->dst, &fl, NULL, 0); if (err) goto err_out; @@ -1831,7 +1831,7 @@ static void igmp6_send(struct in6_addr *addr, struct net_device *dev, int type) &ipv6_hdr(skb)->saddr, &ipv6_hdr(skb)->daddr, skb->dev->ifindex); - err = xfrm_lookup(net, &skb->dst, &fl, NULL, 0); + err = xfrm_lookup(&skb->dst, &fl, NULL, 0); if (err) goto err_out; diff --git a/trunk/net/ipv6/mip6.c b/trunk/net/ipv6/mip6.c index f995e19c87a9..31295c8f6196 100644 --- a/trunk/net/ipv6/mip6.c +++ b/trunk/net/ipv6/mip6.c @@ -205,7 +205,6 @@ static inline int mip6_report_rl_allow(struct timeval *stamp, static int mip6_destopt_reject(struct xfrm_state *x, struct sk_buff *skb, struct flowi *fl) { - struct net *net = xs_net(x); struct inet6_skb_parm *opt = (struct inet6_skb_parm *)skb->cb; struct ipv6_destopt_hao *hao = NULL; struct xfrm_selector sel; @@ -248,7 +247,7 @@ static int mip6_destopt_reject(struct xfrm_state *x, struct sk_buff *skb, struct sel.sport_mask = htons(~0); sel.ifindex = fl->oif; - err = km_report(net, IPPROTO_DSTOPTS, &sel, + err = km_report(IPPROTO_DSTOPTS, &sel, (hao ? (xfrm_address_t *)&hao->addr : NULL)); out: diff --git a/trunk/net/ipv6/ndisc.c b/trunk/net/ipv6/ndisc.c index e4acc212345e..af6705f03b5c 100644 --- a/trunk/net/ipv6/ndisc.c +++ b/trunk/net/ipv6/ndisc.c @@ -524,7 +524,7 @@ void ndisc_send_skb(struct sk_buff *skb, return; } - err = xfrm_lookup(net, &dst, &fl, NULL, 0); + err = xfrm_lookup(&dst, &fl, NULL, 0); if (err < 0) { kfree_skb(skb); return; @@ -1524,7 +1524,7 @@ void ndisc_send_redirect(struct sk_buff *skb, struct neighbour *neigh, if (dst == NULL) return; - err = xfrm_lookup(net, &dst, &fl, NULL, 0); + err = xfrm_lookup(&dst, &fl, NULL, 0); if (err) return; diff --git a/trunk/net/ipv6/netfilter.c b/trunk/net/ipv6/netfilter.c index 627e21db65df..fd5b3a4e3329 100644 --- a/trunk/net/ipv6/netfilter.c +++ b/trunk/net/ipv6/netfilter.c @@ -29,7 +29,7 @@ int ip6_route_me_harder(struct sk_buff *skb) #ifdef CONFIG_XFRM if (!(IP6CB(skb)->flags & IP6SKB_XFRM_TRANSFORMED) && xfrm_decode_session(skb, &fl, AF_INET6) == 0) - if (xfrm_lookup(net, &skb->dst, &fl, skb->sk, 0)) + if (xfrm_lookup(&skb->dst, &fl, skb->sk, 0)) return -1; #endif diff --git a/trunk/net/ipv6/netfilter/ip6t_REJECT.c b/trunk/net/ipv6/netfilter/ip6t_REJECT.c index 5a2d0a41694a..0981b4ccb8b1 100644 --- a/trunk/net/ipv6/netfilter/ip6t_REJECT.c +++ b/trunk/net/ipv6/netfilter/ip6t_REJECT.c @@ -97,7 +97,7 @@ static void send_reset(struct net *net, struct sk_buff *oldskb) dst = ip6_route_output(net, NULL, &fl); if (dst == NULL) return; - if (dst->error || xfrm_lookup(net, &dst, &fl, NULL, 0)) + if (dst->error || xfrm_lookup(&dst, &fl, NULL, 0)) return; hh_len = (dst->dev->hard_header_len + 15)&~15; diff --git a/trunk/net/ipv6/raw.c b/trunk/net/ipv6/raw.c index 61f6827e5906..2ba04d41dc25 100644 --- a/trunk/net/ipv6/raw.c +++ b/trunk/net/ipv6/raw.c @@ -860,8 +860,7 @@ static int rawv6_sendmsg(struct kiocb *iocb, struct sock *sk, if (final_p) ipv6_addr_copy(&fl.fl6_dst, final_p); - err = __xfrm_lookup(sock_net(sk), &dst, &fl, sk, XFRM_LOOKUP_WAIT); - if (err < 0) { + if ((err = __xfrm_lookup(&dst, &fl, sk, XFRM_LOOKUP_WAIT)) < 0) { if (err == -EREMOTE) err = ip6_dst_blackhole(sk, &dst, &fl); if (err < 0) diff --git a/trunk/net/ipv6/syncookies.c b/trunk/net/ipv6/syncookies.c index 711175e0571f..676c80b5b14b 100644 --- a/trunk/net/ipv6/syncookies.c +++ b/trunk/net/ipv6/syncookies.c @@ -259,7 +259,7 @@ struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb) if (final_p) ipv6_addr_copy(&fl.fl6_dst, final_p); - if ((xfrm_lookup(sock_net(sk), &dst, &fl, sk, 0)) < 0) + if ((xfrm_lookup(&dst, &fl, sk, 0)) < 0) goto out_free; } diff --git a/trunk/net/ipv6/tcp_ipv6.c b/trunk/net/ipv6/tcp_ipv6.c index 8702b06cb60a..a5d750acd793 100644 --- a/trunk/net/ipv6/tcp_ipv6.c +++ b/trunk/net/ipv6/tcp_ipv6.c @@ -260,8 +260,7 @@ static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr, if (final_p) ipv6_addr_copy(&fl.fl6_dst, final_p); - err = __xfrm_lookup(sock_net(sk), &dst, &fl, sk, XFRM_LOOKUP_WAIT); - if (err < 0) { + if ((err = __xfrm_lookup(&dst, &fl, sk, XFRM_LOOKUP_WAIT)) < 0) { if (err == -EREMOTE) err = ip6_dst_blackhole(sk, &dst, &fl); if (err < 0) @@ -391,7 +390,7 @@ static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, goto out; } - if ((err = xfrm_lookup(net, &dst, &fl, sk, 0)) < 0) { + if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) { sk->sk_err_soft = -err; goto out; } @@ -493,7 +492,7 @@ static int tcp_v6_send_synack(struct sock *sk, struct request_sock *req) goto done; if (final_p) ipv6_addr_copy(&fl.fl6_dst, final_p); - if ((err = xfrm_lookup(sock_net(sk), &dst, &fl, sk, 0)) < 0) + if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) goto done; skb = tcp_make_synack(sk, dst, req); @@ -1019,7 +1018,7 @@ static void tcp_v6_send_response(struct sk_buff *skb, u32 seq, u32 ack, u32 win, * namespace */ if (!ip6_dst_lookup(ctl_sk, &buff->dst, &fl)) { - if (xfrm_lookup(net, &buff->dst, &fl, NULL, 0) >= 0) { + if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) { ip6_xmit(ctl_sk, buff, &fl, NULL, 0); TCP_INC_STATS_BH(net, TCP_MIB_OUTSEGS); if (rst) @@ -1317,7 +1316,7 @@ static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb, if (final_p) ipv6_addr_copy(&fl.fl6_dst, final_p); - if ((xfrm_lookup(sock_net(sk), &dst, &fl, sk, 0)) < 0) + if ((xfrm_lookup(&dst, &fl, sk, 0)) < 0) goto out; } @@ -1830,7 +1829,7 @@ static int tcp_v6_init_sock(struct sock *sk) sk->sk_sndbuf = sysctl_tcp_wmem[1]; sk->sk_rcvbuf = sysctl_tcp_rmem[1]; - percpu_counter_inc(&tcp_sockets_allocated); + atomic_inc(&tcp_sockets_allocated); return 0; } diff --git a/trunk/net/ipv6/udp.c b/trunk/net/ipv6/udp.c index 38390dd19636..fd2d9ad4a8a3 100644 --- a/trunk/net/ipv6/udp.c +++ b/trunk/net/ipv6/udp.c @@ -849,8 +849,7 @@ int udpv6_sendmsg(struct kiocb *iocb, struct sock *sk, if (final_p) ipv6_addr_copy(&fl.fl6_dst, final_p); - err = __xfrm_lookup(sock_net(sk), &dst, &fl, sk, XFRM_LOOKUP_WAIT); - if (err < 0) { + if ((err = __xfrm_lookup(&dst, &fl, sk, XFRM_LOOKUP_WAIT)) < 0) { if (err == -EREMOTE) err = ip6_dst_blackhole(sk, &dst, &fl); if (err < 0) diff --git a/trunk/net/ipv6/xfrm6_input.c b/trunk/net/ipv6/xfrm6_input.c index 9084582d236b..a71c7ddcb41e 100644 --- a/trunk/net/ipv6/xfrm6_input.c +++ b/trunk/net/ipv6/xfrm6_input.c @@ -58,7 +58,6 @@ EXPORT_SYMBOL(xfrm6_rcv); int xfrm6_input_addr(struct sk_buff *skb, xfrm_address_t *daddr, xfrm_address_t *saddr, u8 proto) { - struct net *net = dev_net(skb->dev); struct xfrm_state *x = NULL; int i = 0; @@ -68,7 +67,7 @@ int xfrm6_input_addr(struct sk_buff *skb, xfrm_address_t *daddr, sp = secpath_dup(skb->sp); if (!sp) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMINERROR); + XFRM_INC_STATS(LINUX_MIB_XFRMINERROR); goto drop; } if (skb->sp) @@ -77,7 +76,7 @@ int xfrm6_input_addr(struct sk_buff *skb, xfrm_address_t *daddr, } if (1 + skb->sp->len == XFRM_MAX_DEPTH) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMINBUFFERERROR); + XFRM_INC_STATS(LINUX_MIB_XFRMINBUFFERERROR); goto drop; } @@ -101,7 +100,7 @@ int xfrm6_input_addr(struct sk_buff *skb, xfrm_address_t *daddr, break; } - x = xfrm_state_lookup_byaddr(net, dst, src, proto, AF_INET6); + x = xfrm_state_lookup_byaddr(dst, src, proto, AF_INET6); if (!x) continue; @@ -123,7 +122,7 @@ int xfrm6_input_addr(struct sk_buff *skb, xfrm_address_t *daddr, } if (!x) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMINNOSTATES); + XFRM_INC_STATS(LINUX_MIB_XFRMINNOSTATES); xfrm_audit_state_notfound_simple(skb, AF_INET6); goto drop; } diff --git a/trunk/net/ipv6/xfrm6_policy.c b/trunk/net/ipv6/xfrm6_policy.c index 97ab068e8ccc..3b67ce7786ec 100644 --- a/trunk/net/ipv6/xfrm6_policy.c +++ b/trunk/net/ipv6/xfrm6_policy.c @@ -27,8 +27,7 @@ static struct dst_ops xfrm6_dst_ops; static struct xfrm_policy_afinfo xfrm6_policy_afinfo; -static struct dst_entry *xfrm6_dst_lookup(struct net *net, int tos, - xfrm_address_t *saddr, +static struct dst_entry *xfrm6_dst_lookup(int tos, xfrm_address_t *saddr, xfrm_address_t *daddr) { struct flowi fl = {}; @@ -39,7 +38,7 @@ static struct dst_entry *xfrm6_dst_lookup(struct net *net, int tos, if (saddr) memcpy(&fl.fl6_src, saddr, sizeof(fl.fl6_src)); - dst = ip6_route_output(net, NULL, &fl); + dst = ip6_route_output(&init_net, NULL, &fl); err = dst->error; if (dst->error) { @@ -50,13 +49,12 @@ static struct dst_entry *xfrm6_dst_lookup(struct net *net, int tos, return dst; } -static int xfrm6_get_saddr(struct net *net, - xfrm_address_t *saddr, xfrm_address_t *daddr) +static int xfrm6_get_saddr(xfrm_address_t *saddr, xfrm_address_t *daddr) { struct dst_entry *dst; struct net_device *dev; - dst = xfrm6_dst_lookup(net, 0, NULL, daddr); + dst = xfrm6_dst_lookup(0, NULL, daddr); if (IS_ERR(dst)) return -EHOSTUNREACH; @@ -222,7 +220,7 @@ _decode_session6(struct sk_buff *skb, struct flowi *fl, int reverse) static inline int xfrm6_garbage_collect(struct dst_ops *ops) { - xfrm6_policy_afinfo.garbage_collect(&init_net); + xfrm6_policy_afinfo.garbage_collect(); return (atomic_read(&xfrm6_dst_ops.entries) > xfrm6_dst_ops.gc_thresh*2); } diff --git a/trunk/net/key/af_key.c b/trunk/net/key/af_key.c index f8bd8df5e257..5b22e011653b 100644 --- a/trunk/net/key/af_key.c +++ b/trunk/net/key/af_key.c @@ -27,7 +27,6 @@ #include #include #include -#include #include #include @@ -35,16 +34,15 @@ #define _X2KEY(x) ((x) == XFRM_INF ? 0 : (x)) #define _KEY2X(x) ((x) == 0 ? XFRM_INF : (x)) -static int pfkey_net_id; -struct netns_pfkey { - /* List of all pfkey sockets. */ - struct hlist_head table; - atomic_t socks_nr; -}; + +/* List of all pfkey sockets. */ +static HLIST_HEAD(pfkey_table); static DECLARE_WAIT_QUEUE_HEAD(pfkey_table_wait); static DEFINE_RWLOCK(pfkey_table_lock); static atomic_t pfkey_table_users = ATOMIC_INIT(0); +static atomic_t pfkey_socks_nr = ATOMIC_INIT(0); + struct pfkey_sock { /* struct sock must be the first member of struct pfkey_sock */ struct sock sk; @@ -91,9 +89,6 @@ static void pfkey_terminate_dump(struct pfkey_sock *pfk) static void pfkey_sock_destruct(struct sock *sk) { - struct net *net = sock_net(sk); - struct netns_pfkey *net_pfkey = net_generic(net, pfkey_net_id); - pfkey_terminate_dump(pfkey_sk(sk)); skb_queue_purge(&sk->sk_receive_queue); @@ -105,7 +100,7 @@ static void pfkey_sock_destruct(struct sock *sk) WARN_ON(atomic_read(&sk->sk_rmem_alloc)); WARN_ON(atomic_read(&sk->sk_wmem_alloc)); - atomic_dec(&net_pfkey->socks_nr); + atomic_dec(&pfkey_socks_nr); } static void pfkey_table_grab(void) @@ -156,11 +151,8 @@ static const struct proto_ops pfkey_ops; static void pfkey_insert(struct sock *sk) { - struct net *net = sock_net(sk); - struct netns_pfkey *net_pfkey = net_generic(net, pfkey_net_id); - pfkey_table_grab(); - sk_add_node(sk, &net_pfkey->table); + sk_add_node(sk, &pfkey_table); pfkey_table_ungrab(); } @@ -179,10 +171,12 @@ static struct proto key_proto = { static int pfkey_create(struct net *net, struct socket *sock, int protocol) { - struct netns_pfkey *net_pfkey = net_generic(net, pfkey_net_id); struct sock *sk; int err; + if (net != &init_net) + return -EAFNOSUPPORT; + if (!capable(CAP_NET_ADMIN)) return -EPERM; if (sock->type != SOCK_RAW) @@ -201,7 +195,7 @@ static int pfkey_create(struct net *net, struct socket *sock, int protocol) sk->sk_family = PF_KEY; sk->sk_destruct = pfkey_sock_destruct; - atomic_inc(&net_pfkey->socks_nr); + atomic_inc(&pfkey_socks_nr); pfkey_insert(sk); @@ -261,10 +255,8 @@ static int pfkey_broadcast_one(struct sk_buff *skb, struct sk_buff **skb2, #define BROADCAST_REGISTERED 2 #define BROADCAST_PROMISC_ONLY 4 static int pfkey_broadcast(struct sk_buff *skb, gfp_t allocation, - int broadcast_flags, struct sock *one_sk, - struct net *net) + int broadcast_flags, struct sock *one_sk) { - struct netns_pfkey *net_pfkey = net_generic(net, pfkey_net_id); struct sock *sk; struct hlist_node *node; struct sk_buff *skb2 = NULL; @@ -277,7 +269,7 @@ static int pfkey_broadcast(struct sk_buff *skb, gfp_t allocation, return -ENOMEM; pfkey_lock_table(); - sk_for_each(sk, node, &net_pfkey->table) { + sk_for_each(sk, node, &pfkey_table) { struct pfkey_sock *pfk = pfkey_sk(sk); int err2; @@ -336,7 +328,7 @@ static int pfkey_do_dump(struct pfkey_sock *pfk) hdr->sadb_msg_seq = 0; hdr->sadb_msg_errno = rc; pfkey_broadcast(pfk->dump.skb, GFP_ATOMIC, BROADCAST_ONE, - &pfk->sk, sock_net(&pfk->sk)); + &pfk->sk); pfk->dump.skb = NULL; } @@ -375,7 +367,7 @@ static int pfkey_error(struct sadb_msg *orig, int err, struct sock *sk) hdr->sadb_msg_len = (sizeof(struct sadb_msg) / sizeof(uint64_t)); - pfkey_broadcast(skb, GFP_KERNEL, BROADCAST_ONE, sk, sock_net(sk)); + pfkey_broadcast(skb, GFP_KERNEL, BROADCAST_ONE, sk); return 0; } @@ -653,7 +645,7 @@ int pfkey_sadb_addr2xfrm_addr(struct sadb_address *addr, xfrm_address_t *xaddr) xaddr); } -static struct xfrm_state *pfkey_xfrm_state_lookup(struct net *net, struct sadb_msg *hdr, void **ext_hdrs) +static struct xfrm_state *pfkey_xfrm_state_lookup(struct sadb_msg *hdr, void **ext_hdrs) { struct sadb_sa *sa; struct sadb_address *addr; @@ -691,7 +683,7 @@ static struct xfrm_state *pfkey_xfrm_state_lookup(struct net *net, struct sadb_ if (!xaddr) return NULL; - return xfrm_state_lookup(net, xaddr, sa->sadb_sa_spi, proto, family); + return xfrm_state_lookup(xaddr, sa->sadb_sa_spi, proto, family); } #define PFKEY_ALIGN8(a) (1 + (((a) - 1) | (8 - 1))) @@ -1066,8 +1058,7 @@ static inline struct sk_buff *pfkey_xfrm_state2msg_expire(struct xfrm_state *x, return __pfkey_xfrm_state2msg(x, 0, hsc); } -static struct xfrm_state * pfkey_msg2xfrm_state(struct net *net, - struct sadb_msg *hdr, +static struct xfrm_state * pfkey_msg2xfrm_state(struct sadb_msg *hdr, void **ext_hdrs) { struct xfrm_state *x; @@ -1131,7 +1122,7 @@ static struct xfrm_state * pfkey_msg2xfrm_state(struct net *net, (key->sadb_key_bits+7) / 8 > key->sadb_key_len * sizeof(uint64_t))) return ERR_PTR(-EINVAL); - x = xfrm_state_alloc(net); + x = xfrm_state_alloc(); if (x == NULL) return ERR_PTR(-ENOBUFS); @@ -1307,7 +1298,6 @@ static int pfkey_reserved(struct sock *sk, struct sk_buff *skb, struct sadb_msg static int pfkey_getspi(struct sock *sk, struct sk_buff *skb, struct sadb_msg *hdr, void **ext_hdrs) { - struct net *net = sock_net(sk); struct sk_buff *resp_skb; struct sadb_x_sa2 *sa2; struct sadb_address *saddr, *daddr; @@ -1358,7 +1348,7 @@ static int pfkey_getspi(struct sock *sk, struct sk_buff *skb, struct sadb_msg *h } if (hdr->sadb_msg_seq) { - x = xfrm_find_acq_byseq(net, hdr->sadb_msg_seq); + x = xfrm_find_acq_byseq(hdr->sadb_msg_seq); if (x && xfrm_addr_cmp(&x->id.daddr, xdaddr, family)) { xfrm_state_put(x); x = NULL; @@ -1366,7 +1356,7 @@ static int pfkey_getspi(struct sock *sk, struct sk_buff *skb, struct sadb_msg *h } if (!x) - x = xfrm_find_acq(net, mode, reqid, proto, xdaddr, xsaddr, 1, family); + x = xfrm_find_acq(mode, reqid, proto, xdaddr, xsaddr, 1, family); if (x == NULL) return -ENOENT; @@ -1399,14 +1389,13 @@ static int pfkey_getspi(struct sock *sk, struct sk_buff *skb, struct sadb_msg *h xfrm_state_put(x); - pfkey_broadcast(resp_skb, GFP_KERNEL, BROADCAST_ONE, sk, net); + pfkey_broadcast(resp_skb, GFP_KERNEL, BROADCAST_ONE, sk); return 0; } static int pfkey_acquire(struct sock *sk, struct sk_buff *skb, struct sadb_msg *hdr, void **ext_hdrs) { - struct net *net = sock_net(sk); struct xfrm_state *x; if (hdr->sadb_msg_len != sizeof(struct sadb_msg)/8) @@ -1415,14 +1404,14 @@ static int pfkey_acquire(struct sock *sk, struct sk_buff *skb, struct sadb_msg * if (hdr->sadb_msg_seq == 0 || hdr->sadb_msg_errno == 0) return 0; - x = xfrm_find_acq_byseq(net, hdr->sadb_msg_seq); + x = xfrm_find_acq_byseq(hdr->sadb_msg_seq); if (x == NULL) return 0; spin_lock_bh(&x->lock); if (x->km.state == XFRM_STATE_ACQ) { x->km.state = XFRM_STATE_ERROR; - wake_up(&net->xfrm.km_waitq); + wake_up(&km_waitq); } spin_unlock_bh(&x->lock); xfrm_state_put(x); @@ -1487,19 +1476,18 @@ static int key_notify_sa(struct xfrm_state *x, struct km_event *c) hdr->sadb_msg_seq = c->seq; hdr->sadb_msg_pid = c->pid; - pfkey_broadcast(skb, GFP_ATOMIC, BROADCAST_ALL, NULL, xs_net(x)); + pfkey_broadcast(skb, GFP_ATOMIC, BROADCAST_ALL, NULL); return 0; } static int pfkey_add(struct sock *sk, struct sk_buff *skb, struct sadb_msg *hdr, void **ext_hdrs) { - struct net *net = sock_net(sk); struct xfrm_state *x; int err; struct km_event c; - x = pfkey_msg2xfrm_state(net, hdr, ext_hdrs); + x = pfkey_msg2xfrm_state(hdr, ext_hdrs); if (IS_ERR(x)) return PTR_ERR(x); @@ -1533,7 +1521,6 @@ static int pfkey_add(struct sock *sk, struct sk_buff *skb, struct sadb_msg *hdr, static int pfkey_delete(struct sock *sk, struct sk_buff *skb, struct sadb_msg *hdr, void **ext_hdrs) { - struct net *net = sock_net(sk); struct xfrm_state *x; struct km_event c; int err; @@ -1543,7 +1530,7 @@ static int pfkey_delete(struct sock *sk, struct sk_buff *skb, struct sadb_msg *h ext_hdrs[SADB_EXT_ADDRESS_DST-1])) return -EINVAL; - x = pfkey_xfrm_state_lookup(net, hdr, ext_hdrs); + x = pfkey_xfrm_state_lookup(hdr, ext_hdrs); if (x == NULL) return -ESRCH; @@ -1575,7 +1562,6 @@ static int pfkey_delete(struct sock *sk, struct sk_buff *skb, struct sadb_msg *h static int pfkey_get(struct sock *sk, struct sk_buff *skb, struct sadb_msg *hdr, void **ext_hdrs) { - struct net *net = sock_net(sk); __u8 proto; struct sk_buff *out_skb; struct sadb_msg *out_hdr; @@ -1586,7 +1572,7 @@ static int pfkey_get(struct sock *sk, struct sk_buff *skb, struct sadb_msg *hdr, ext_hdrs[SADB_EXT_ADDRESS_DST-1])) return -EINVAL; - x = pfkey_xfrm_state_lookup(net, hdr, ext_hdrs); + x = pfkey_xfrm_state_lookup(hdr, ext_hdrs); if (x == NULL) return -ESRCH; @@ -1604,7 +1590,7 @@ static int pfkey_get(struct sock *sk, struct sk_buff *skb, struct sadb_msg *hdr, out_hdr->sadb_msg_reserved = 0; out_hdr->sadb_msg_seq = hdr->sadb_msg_seq; out_hdr->sadb_msg_pid = hdr->sadb_msg_pid; - pfkey_broadcast(out_skb, GFP_ATOMIC, BROADCAST_ONE, sk, sock_net(sk)); + pfkey_broadcast(out_skb, GFP_ATOMIC, BROADCAST_ONE, sk); return 0; } @@ -1705,7 +1691,7 @@ static int pfkey_register(struct sock *sk, struct sk_buff *skb, struct sadb_msg return -ENOBUFS; } - pfkey_broadcast(supp_skb, GFP_KERNEL, BROADCAST_REGISTERED, sk, sock_net(sk)); + pfkey_broadcast(supp_skb, GFP_KERNEL, BROADCAST_REGISTERED, sk); return 0; } @@ -1727,14 +1713,13 @@ static int key_notify_sa_flush(struct km_event *c) hdr->sadb_msg_errno = (uint8_t) 0; hdr->sadb_msg_len = (sizeof(struct sadb_msg) / sizeof(uint64_t)); - pfkey_broadcast(skb, GFP_ATOMIC, BROADCAST_ALL, NULL, c->net); + pfkey_broadcast(skb, GFP_ATOMIC, BROADCAST_ALL, NULL); return 0; } static int pfkey_flush(struct sock *sk, struct sk_buff *skb, struct sadb_msg *hdr, void **ext_hdrs) { - struct net *net = sock_net(sk); unsigned proto; struct km_event c; struct xfrm_audit audit_info; @@ -1747,14 +1732,13 @@ static int pfkey_flush(struct sock *sk, struct sk_buff *skb, struct sadb_msg *hd audit_info.loginuid = audit_get_loginuid(current); audit_info.sessionid = audit_get_sessionid(current); audit_info.secid = 0; - err = xfrm_state_flush(net, proto, &audit_info); + err = xfrm_state_flush(proto, &audit_info); if (err) return err; c.data.proto = proto; c.seq = hdr->sadb_msg_seq; c.pid = hdr->sadb_msg_pid; c.event = XFRM_MSG_FLUSHSA; - c.net = net; km_state_notify(NULL, &c); return 0; @@ -1784,7 +1768,7 @@ static int dump_sa(struct xfrm_state *x, int count, void *ptr) if (pfk->dump.skb) pfkey_broadcast(pfk->dump.skb, GFP_ATOMIC, BROADCAST_ONE, - &pfk->sk, sock_net(&pfk->sk)); + &pfk->sk); pfk->dump.skb = out_skb; return 0; @@ -1792,8 +1776,7 @@ static int dump_sa(struct xfrm_state *x, int count, void *ptr) static int pfkey_dump_sa(struct pfkey_sock *pfk) { - struct net *net = sock_net(&pfk->sk); - return xfrm_state_walk(net, &pfk->dump.u.state, dump_sa, (void *) pfk); + return xfrm_state_walk(&pfk->dump.u.state, dump_sa, (void *) pfk); } static void pfkey_dump_sa_done(struct pfkey_sock *pfk) @@ -1834,7 +1817,7 @@ static int pfkey_promisc(struct sock *sk, struct sk_buff *skb, struct sadb_msg * return -EINVAL; pfk->promisc = satype; } - pfkey_broadcast(skb_clone(skb, GFP_KERNEL), GFP_KERNEL, BROADCAST_ALL, NULL, sock_net(sk)); + pfkey_broadcast(skb_clone(skb, GFP_KERNEL), GFP_KERNEL, BROADCAST_ALL, NULL); return 0; } @@ -1850,7 +1833,7 @@ static int check_reqid(struct xfrm_policy *xp, int dir, int count, void *ptr) return 0; } -static u32 gen_reqid(struct net *net) +static u32 gen_reqid(void) { struct xfrm_policy_walk walk; u32 start; @@ -1863,7 +1846,7 @@ static u32 gen_reqid(struct net *net) if (reqid == 0) reqid = IPSEC_MANUAL_REQID_MAX+1; xfrm_policy_walk_init(&walk, XFRM_POLICY_TYPE_MAIN); - rc = xfrm_policy_walk(net, &walk, check_reqid, (void*)&reqid); + rc = xfrm_policy_walk(&walk, check_reqid, (void*)&reqid); xfrm_policy_walk_done(&walk); if (rc != -EEXIST) return reqid; @@ -1874,7 +1857,6 @@ static u32 gen_reqid(struct net *net) static int parse_ipsecrequest(struct xfrm_policy *xp, struct sadb_x_ipsecrequest *rq) { - struct net *net = xp_net(xp); struct xfrm_tmpl *t = xp->xfrm_vec + xp->xfrm_nr; int mode; @@ -1894,7 +1876,7 @@ parse_ipsecrequest(struct xfrm_policy *xp, struct sadb_x_ipsecrequest *rq) t->reqid = rq->sadb_x_ipsecrequest_reqid; if (t->reqid > IPSEC_MANUAL_REQID_MAX) t->reqid = 0; - if (!t->reqid && !(t->reqid = gen_reqid(net))) + if (!t->reqid && !(t->reqid = gen_reqid())) return -ENOBUFS; } @@ -2165,7 +2147,7 @@ static int key_notify_policy(struct xfrm_policy *xp, int dir, struct km_event *c out_hdr->sadb_msg_errno = 0; out_hdr->sadb_msg_seq = c->seq; out_hdr->sadb_msg_pid = c->pid; - pfkey_broadcast(out_skb, GFP_ATOMIC, BROADCAST_ALL, NULL, xp_net(xp)); + pfkey_broadcast(out_skb, GFP_ATOMIC, BROADCAST_ALL, NULL); out: return 0; @@ -2173,7 +2155,6 @@ static int key_notify_policy(struct xfrm_policy *xp, int dir, struct km_event *c static int pfkey_spdadd(struct sock *sk, struct sk_buff *skb, struct sadb_msg *hdr, void **ext_hdrs) { - struct net *net = sock_net(sk); int err = 0; struct sadb_lifetime *lifetime; struct sadb_address *sa; @@ -2193,7 +2174,7 @@ static int pfkey_spdadd(struct sock *sk, struct sk_buff *skb, struct sadb_msg *h if (!pol->sadb_x_policy_dir || pol->sadb_x_policy_dir >= IPSEC_DIR_MAX) return -EINVAL; - xp = xfrm_policy_alloc(net, GFP_KERNEL); + xp = xfrm_policy_alloc(GFP_KERNEL); if (xp == NULL) return -ENOBUFS; @@ -2294,7 +2275,6 @@ static int pfkey_spdadd(struct sock *sk, struct sk_buff *skb, struct sadb_msg *h static int pfkey_spddelete(struct sock *sk, struct sk_buff *skb, struct sadb_msg *hdr, void **ext_hdrs) { - struct net *net = sock_net(sk); int err; struct sadb_address *sa; struct sadb_x_policy *pol; @@ -2344,7 +2324,7 @@ static int pfkey_spddelete(struct sock *sk, struct sk_buff *skb, struct sadb_msg return err; } - xp = xfrm_policy_bysel_ctx(net, XFRM_POLICY_TYPE_MAIN, + xp = xfrm_policy_bysel_ctx(XFRM_POLICY_TYPE_MAIN, pol->sadb_x_policy_dir - 1, &sel, pol_ctx, 1, &err); security_xfrm_policy_free(pol_ctx); @@ -2392,7 +2372,7 @@ static int key_pol_get_resp(struct sock *sk, struct xfrm_policy *xp, struct sadb out_hdr->sadb_msg_errno = 0; out_hdr->sadb_msg_seq = hdr->sadb_msg_seq; out_hdr->sadb_msg_pid = hdr->sadb_msg_pid; - pfkey_broadcast(out_skb, GFP_ATOMIC, BROADCAST_ONE, sk, xp_net(xp)); + pfkey_broadcast(out_skb, GFP_ATOMIC, BROADCAST_ONE, sk); err = 0; out: @@ -2577,7 +2557,6 @@ static int pfkey_migrate(struct sock *sk, struct sk_buff *skb, static int pfkey_spdget(struct sock *sk, struct sk_buff *skb, struct sadb_msg *hdr, void **ext_hdrs) { - struct net *net = sock_net(sk); unsigned int dir; int err = 0, delete; struct sadb_x_policy *pol; @@ -2592,8 +2571,8 @@ static int pfkey_spdget(struct sock *sk, struct sk_buff *skb, struct sadb_msg *h return -EINVAL; delete = (hdr->sadb_msg_type == SADB_X_SPDDELETE2); - xp = xfrm_policy_byid(net, XFRM_POLICY_TYPE_MAIN, dir, - pol->sadb_x_policy_id, delete, &err); + xp = xfrm_policy_byid(XFRM_POLICY_TYPE_MAIN, dir, pol->sadb_x_policy_id, + delete, &err); if (xp == NULL) return -ENOENT; @@ -2646,7 +2625,7 @@ static int dump_sp(struct xfrm_policy *xp, int dir, int count, void *ptr) if (pfk->dump.skb) pfkey_broadcast(pfk->dump.skb, GFP_ATOMIC, BROADCAST_ONE, - &pfk->sk, sock_net(&pfk->sk)); + &pfk->sk); pfk->dump.skb = out_skb; return 0; @@ -2654,8 +2633,7 @@ static int dump_sp(struct xfrm_policy *xp, int dir, int count, void *ptr) static int pfkey_dump_sp(struct pfkey_sock *pfk) { - struct net *net = sock_net(&pfk->sk); - return xfrm_policy_walk(net, &pfk->dump.u.policy, dump_sp, (void *) pfk); + return xfrm_policy_walk(&pfk->dump.u.policy, dump_sp, (void *) pfk); } static void pfkey_dump_sp_done(struct pfkey_sock *pfk) @@ -2694,14 +2672,13 @@ static int key_notify_policy_flush(struct km_event *c) hdr->sadb_msg_version = PF_KEY_V2; hdr->sadb_msg_errno = (uint8_t) 0; hdr->sadb_msg_len = (sizeof(struct sadb_msg) / sizeof(uint64_t)); - pfkey_broadcast(skb_out, GFP_ATOMIC, BROADCAST_ALL, NULL, c->net); + pfkey_broadcast(skb_out, GFP_ATOMIC, BROADCAST_ALL, NULL); return 0; } static int pfkey_spdflush(struct sock *sk, struct sk_buff *skb, struct sadb_msg *hdr, void **ext_hdrs) { - struct net *net = sock_net(sk); struct km_event c; struct xfrm_audit audit_info; int err; @@ -2709,14 +2686,13 @@ static int pfkey_spdflush(struct sock *sk, struct sk_buff *skb, struct sadb_msg audit_info.loginuid = audit_get_loginuid(current); audit_info.sessionid = audit_get_sessionid(current); audit_info.secid = 0; - err = xfrm_policy_flush(net, XFRM_POLICY_TYPE_MAIN, &audit_info); + err = xfrm_policy_flush(XFRM_POLICY_TYPE_MAIN, &audit_info); if (err) return err; c.data.type = XFRM_POLICY_TYPE_MAIN; c.event = XFRM_MSG_FLUSHPOLICY; c.pid = hdr->sadb_msg_pid; c.seq = hdr->sadb_msg_seq; - c.net = net; km_policy_notify(NULL, 0, &c); return 0; @@ -2756,7 +2732,7 @@ static int pfkey_process(struct sock *sk, struct sk_buff *skb, struct sadb_msg * int err; pfkey_broadcast(skb_clone(skb, GFP_KERNEL), GFP_KERNEL, - BROADCAST_PROMISC_ONLY, NULL, sock_net(sk)); + BROADCAST_PROMISC_ONLY, NULL); memset(ext_hdrs, 0, sizeof(ext_hdrs)); err = parse_exthdrs(skb, hdr, ext_hdrs); @@ -2959,16 +2935,13 @@ static int key_notify_sa_expire(struct xfrm_state *x, struct km_event *c) out_hdr->sadb_msg_seq = 0; out_hdr->sadb_msg_pid = 0; - pfkey_broadcast(out_skb, GFP_ATOMIC, BROADCAST_REGISTERED, NULL, xs_net(x)); + pfkey_broadcast(out_skb, GFP_ATOMIC, BROADCAST_REGISTERED, NULL); return 0; } static int pfkey_send_notify(struct xfrm_state *x, struct km_event *c) { - struct net *net = x ? xs_net(x) : c->net; - struct netns_pfkey *net_pfkey = net_generic(net, pfkey_net_id); - - if (atomic_read(&net_pfkey->socks_nr) == 0) + if (atomic_read(&pfkey_socks_nr) == 0) return 0; switch (c->event) { @@ -3130,13 +3103,12 @@ static int pfkey_send_acquire(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_ctx->ctx_len); } - return pfkey_broadcast(skb, GFP_ATOMIC, BROADCAST_REGISTERED, NULL, xs_net(x)); + return pfkey_broadcast(skb, GFP_ATOMIC, BROADCAST_REGISTERED, NULL); } static struct xfrm_policy *pfkey_compile_policy(struct sock *sk, int opt, u8 *data, int len, int *dir) { - struct net *net = sock_net(sk); struct xfrm_policy *xp; struct sadb_x_policy *pol = (struct sadb_x_policy*)data; struct sadb_x_sec_ctx *sec_ctx; @@ -3169,7 +3141,7 @@ static struct xfrm_policy *pfkey_compile_policy(struct sock *sk, int opt, (!pol->sadb_x_policy_dir || pol->sadb_x_policy_dir > IPSEC_DIR_OUTBOUND)) return NULL; - xp = xfrm_policy_alloc(net, GFP_ATOMIC); + xp = xfrm_policy_alloc(GFP_ATOMIC); if (xp == NULL) { *dir = -ENOBUFS; return NULL; @@ -3328,7 +3300,7 @@ static int pfkey_send_new_mapping(struct xfrm_state *x, xfrm_address_t *ipaddr, n_port->sadb_x_nat_t_port_port = sport; n_port->sadb_x_nat_t_port_reserved = 0; - return pfkey_broadcast(skb, GFP_ATOMIC, BROADCAST_REGISTERED, NULL, xs_net(x)); + return pfkey_broadcast(skb, GFP_ATOMIC, BROADCAST_REGISTERED, NULL); } #ifdef CONFIG_NET_KEY_MIGRATE @@ -3519,7 +3491,7 @@ static int pfkey_send_migrate(struct xfrm_selector *sel, u8 dir, u8 type, } /* broadcast migrate message to sockets */ - pfkey_broadcast(skb, GFP_ATOMIC, BROADCAST_ALL, NULL, &init_net); + pfkey_broadcast(skb, GFP_ATOMIC, BROADCAST_ALL, NULL); return 0; @@ -3673,8 +3645,6 @@ static int pfkey_seq_show(struct seq_file *f, void *v) static void *pfkey_seq_start(struct seq_file *f, loff_t *ppos) { - struct net *net = seq_file_net(f); - struct netns_pfkey *net_pfkey = net_generic(net, pfkey_net_id); struct sock *s; struct hlist_node *node; loff_t pos = *ppos; @@ -3683,7 +3653,7 @@ static void *pfkey_seq_start(struct seq_file *f, loff_t *ppos) if (pos == 0) return SEQ_START_TOKEN; - sk_for_each(s, node, &net_pfkey->table) + sk_for_each(s, node, &pfkey_table) if (pos-- == 1) return s; @@ -3692,12 +3662,9 @@ static void *pfkey_seq_start(struct seq_file *f, loff_t *ppos) static void *pfkey_seq_next(struct seq_file *f, void *v, loff_t *ppos) { - struct net *net = seq_file_net(f); - struct netns_pfkey *net_pfkey = net_generic(net, pfkey_net_id); - ++*ppos; return (v == SEQ_START_TOKEN) ? - sk_head(&net_pfkey->table) : + sk_head(&pfkey_table) : sk_next((struct sock *)v); } @@ -3715,39 +3682,38 @@ static struct seq_operations pfkey_seq_ops = { static int pfkey_seq_open(struct inode *inode, struct file *file) { - return seq_open_net(inode, file, &pfkey_seq_ops, - sizeof(struct seq_net_private)); + return seq_open(file, &pfkey_seq_ops); } static struct file_operations pfkey_proc_ops = { .open = pfkey_seq_open, .read = seq_read, .llseek = seq_lseek, - .release = seq_release_net, + .release = seq_release, }; -static int __net_init pfkey_init_proc(struct net *net) +static int pfkey_init_proc(void) { struct proc_dir_entry *e; - e = proc_net_fops_create(net, "pfkey", 0, &pfkey_proc_ops); + e = proc_net_fops_create(&init_net, "pfkey", 0, &pfkey_proc_ops); if (e == NULL) return -ENOMEM; return 0; } -static void pfkey_exit_proc(struct net *net) +static void pfkey_exit_proc(void) { - proc_net_remove(net, "pfkey"); + proc_net_remove(&init_net, "pfkey"); } #else -static int __net_init pfkey_init_proc(struct net *net) +static inline int pfkey_init_proc(void) { return 0; } -static void pfkey_exit_proc(struct net *net) +static inline void pfkey_exit_proc(void) { } #endif @@ -3763,51 +3729,10 @@ static struct xfrm_mgr pfkeyv2_mgr = .migrate = pfkey_send_migrate, }; -static int __net_init pfkey_net_init(struct net *net) -{ - struct netns_pfkey *net_pfkey; - int rv; - - net_pfkey = kmalloc(sizeof(struct netns_pfkey), GFP_KERNEL); - if (!net_pfkey) { - rv = -ENOMEM; - goto out_kmalloc; - } - INIT_HLIST_HEAD(&net_pfkey->table); - atomic_set(&net_pfkey->socks_nr, 0); - rv = net_assign_generic(net, pfkey_net_id, net_pfkey); - if (rv < 0) - goto out_assign; - rv = pfkey_init_proc(net); - if (rv < 0) - goto out_proc; - return 0; - -out_proc: -out_assign: - kfree(net_pfkey); -out_kmalloc: - return rv; -} - -static void __net_exit pfkey_net_exit(struct net *net) -{ - struct netns_pfkey *net_pfkey = net_generic(net, pfkey_net_id); - - pfkey_exit_proc(net); - BUG_ON(!hlist_empty(&net_pfkey->table)); - kfree(net_pfkey); -} - -static struct pernet_operations pfkey_net_ops = { - .init = pfkey_net_init, - .exit = pfkey_net_exit, -}; - static void __exit ipsec_pfkey_exit(void) { - unregister_pernet_gen_subsys(pfkey_net_id, &pfkey_net_ops); xfrm_unregister_km(&pfkeyv2_mgr); + pfkey_exit_proc(); sock_unregister(PF_KEY); proto_unregister(&key_proto); } @@ -3822,16 +3747,16 @@ static int __init ipsec_pfkey_init(void) err = sock_register(&pfkey_family_ops); if (err != 0) goto out_unregister_key_proto; - err = xfrm_register_km(&pfkeyv2_mgr); + err = pfkey_init_proc(); if (err != 0) goto out_sock_unregister; - err = register_pernet_gen_subsys(&pfkey_net_id, &pfkey_net_ops); + err = xfrm_register_km(&pfkeyv2_mgr); if (err != 0) - goto out_xfrm_unregister_km; + goto out_remove_proc_entry; out: return err; -out_xfrm_unregister_km: - xfrm_unregister_km(&pfkeyv2_mgr); +out_remove_proc_entry: + pfkey_exit_proc(); out_sock_unregister: sock_unregister(PF_KEY); out_unregister_key_proto: diff --git a/trunk/net/sched/act_api.c b/trunk/net/sched/act_api.c index 9d03cc33b6cc..8f457f1e0acf 100644 --- a/trunk/net/sched/act_api.c +++ b/trunk/net/sched/act_api.c @@ -214,14 +214,12 @@ struct tcf_common *tcf_hash_check(u32 index, struct tc_action *a, int bind, } EXPORT_SYMBOL(tcf_hash_check); -struct tcf_common *tcf_hash_create(u32 index, struct nlattr *est, - struct tc_action *a, int size, int bind, - u32 *idx_gen, struct tcf_hashinfo *hinfo) +struct tcf_common *tcf_hash_create(u32 index, struct nlattr *est, struct tc_action *a, int size, int bind, u32 *idx_gen, struct tcf_hashinfo *hinfo) { struct tcf_common *p = kzalloc(size, GFP_KERNEL); if (unlikely(!p)) - return ERR_PTR(-ENOMEM); + return p; p->tcfc_refcnt = 1; if (bind) p->tcfc_bindcnt = 1; @@ -230,15 +228,9 @@ struct tcf_common *tcf_hash_create(u32 index, struct nlattr *est, p->tcfc_index = index ? index : tcf_hash_new_index(idx_gen, hinfo); p->tcfc_tm.install = jiffies; p->tcfc_tm.lastuse = jiffies; - if (est) { - int err = gen_new_estimator(&p->tcfc_bstats, &p->tcfc_rate_est, - &p->tcfc_lock, est); - if (err) { - kfree(p); - return ERR_PTR(err); - } - } - + if (est) + gen_new_estimator(&p->tcfc_bstats, &p->tcfc_rate_est, + &p->tcfc_lock, est); a->priv = (void *) p; return p; } diff --git a/trunk/net/sched/act_gact.c b/trunk/net/sched/act_gact.c index e7f796aec657..ac04289da5d7 100644 --- a/trunk/net/sched/act_gact.c +++ b/trunk/net/sched/act_gact.c @@ -88,8 +88,8 @@ static int tcf_gact_init(struct nlattr *nla, struct nlattr *est, if (!pc) { pc = tcf_hash_create(parm->index, est, a, sizeof(*gact), bind, &gact_idx_gen, &gact_hash_info); - if (IS_ERR(pc)) - return PTR_ERR(pc); + if (unlikely(!pc)) + return -ENOMEM; ret = ACT_P_CREATED; } else { if (!ovr) { diff --git a/trunk/net/sched/act_ipt.c b/trunk/net/sched/act_ipt.c index 082c520b0def..0453d79ebf57 100644 --- a/trunk/net/sched/act_ipt.c +++ b/trunk/net/sched/act_ipt.c @@ -136,8 +136,8 @@ static int tcf_ipt_init(struct nlattr *nla, struct nlattr *est, if (!pc) { pc = tcf_hash_create(index, est, a, sizeof(*ipt), bind, &ipt_idx_gen, &ipt_hash_info); - if (IS_ERR(pc)) - return PTR_ERR(pc); + if (unlikely(!pc)) + return -ENOMEM; ret = ACT_P_CREATED; } else { if (!ovr) { diff --git a/trunk/net/sched/act_mirred.c b/trunk/net/sched/act_mirred.c index b9aaab4e0354..70341c020b6d 100644 --- a/trunk/net/sched/act_mirred.c +++ b/trunk/net/sched/act_mirred.c @@ -105,8 +105,8 @@ static int tcf_mirred_init(struct nlattr *nla, struct nlattr *est, return -EINVAL; pc = tcf_hash_create(parm->index, est, a, sizeof(*m), bind, &mirred_idx_gen, &mirred_hash_info); - if (IS_ERR(pc)) - return PTR_ERR(pc); + if (unlikely(!pc)) + return -ENOMEM; ret = ACT_P_CREATED; } else { if (!ovr) { diff --git a/trunk/net/sched/act_nat.c b/trunk/net/sched/act_nat.c index d885ba311564..7b39ed485bca 100644 --- a/trunk/net/sched/act_nat.c +++ b/trunk/net/sched/act_nat.c @@ -68,8 +68,8 @@ static int tcf_nat_init(struct nlattr *nla, struct nlattr *est, if (!pc) { pc = tcf_hash_create(parm->index, est, a, sizeof(*p), bind, &nat_idx_gen, &nat_hash_info); - if (IS_ERR(pc)) - return PTR_ERR(pc); + if (unlikely(!pc)) + return -ENOMEM; p = to_tcf_nat(pc); ret = ACT_P_CREATED; } else { diff --git a/trunk/net/sched/act_pedit.c b/trunk/net/sched/act_pedit.c index 96c0ed115e2a..d5f4e3404864 100644 --- a/trunk/net/sched/act_pedit.c +++ b/trunk/net/sched/act_pedit.c @@ -68,8 +68,8 @@ static int tcf_pedit_init(struct nlattr *nla, struct nlattr *est, return -EINVAL; pc = tcf_hash_create(parm->index, est, a, sizeof(*p), bind, &pedit_idx_gen, &pedit_hash_info); - if (IS_ERR(pc)) - return PTR_ERR(pc); + if (unlikely(!pc)) + return -ENOMEM; p = to_pedit(pc); keys = kmalloc(ksize, GFP_KERNEL); if (keys == NULL) { diff --git a/trunk/net/sched/act_police.c b/trunk/net/sched/act_police.c index 5c72a116b1a4..38015b493947 100644 --- a/trunk/net/sched/act_police.c +++ b/trunk/net/sched/act_police.c @@ -182,32 +182,17 @@ static int tcf_act_police_locate(struct nlattr *nla, struct nlattr *est, R_tab = qdisc_get_rtab(&parm->rate, tb[TCA_POLICE_RATE]); if (R_tab == NULL) goto failure; - - if (!est && (ret == ACT_P_CREATED || - !gen_estimator_active(&police->tcf_bstats, - &police->tcf_rate_est))) { - err = -EINVAL; - goto failure; - } - if (parm->peakrate.rate) { P_tab = qdisc_get_rtab(&parm->peakrate, tb[TCA_POLICE_PEAKRATE]); - if (P_tab == NULL) + if (P_tab == NULL) { + qdisc_put_rtab(R_tab); goto failure; + } } } - - spin_lock_bh(&police->tcf_lock); - if (est) { - err = gen_replace_estimator(&police->tcf_bstats, - &police->tcf_rate_est, - &police->tcf_lock, est); - if (err) - goto failure_unlock; - } - /* No failure allowed after this point */ + spin_lock_bh(&police->tcf_lock); if (R_tab != NULL) { qdisc_put_rtab(police->tcfp_R_tab); police->tcfp_R_tab = R_tab; @@ -232,6 +217,10 @@ static int tcf_act_police_locate(struct nlattr *nla, struct nlattr *est, if (tb[TCA_POLICE_AVRATE]) police->tcfp_ewma_rate = nla_get_u32(tb[TCA_POLICE_AVRATE]); + if (est) + gen_replace_estimator(&police->tcf_bstats, + &police->tcf_rate_est, + &police->tcf_lock, est); spin_unlock_bh(&police->tcf_lock); if (ret != ACT_P_CREATED) @@ -249,13 +238,7 @@ static int tcf_act_police_locate(struct nlattr *nla, struct nlattr *est, a->priv = police; return ret; -failure_unlock: - spin_unlock_bh(&police->tcf_lock); failure: - if (P_tab) - qdisc_put_rtab(P_tab); - if (R_tab) - qdisc_put_rtab(R_tab); if (ret == ACT_P_CREATED) kfree(police); return err; diff --git a/trunk/net/sched/act_simple.c b/trunk/net/sched/act_simple.c index 8daa1ebc7413..e7851ce92cfe 100644 --- a/trunk/net/sched/act_simple.c +++ b/trunk/net/sched/act_simple.c @@ -124,8 +124,8 @@ static int tcf_simp_init(struct nlattr *nla, struct nlattr *est, if (!pc) { pc = tcf_hash_create(parm->index, est, a, sizeof(*d), bind, &simp_idx_gen, &simp_hash_info); - if (IS_ERR(pc)) - return PTR_ERR(pc); + if (unlikely(!pc)) + return -ENOMEM; d = to_defact(pc); ret = alloc_defdata(d, defdata); diff --git a/trunk/net/sched/act_skbedit.c b/trunk/net/sched/act_skbedit.c index 4ab916b8074b..fe9777e77f35 100644 --- a/trunk/net/sched/act_skbedit.c +++ b/trunk/net/sched/act_skbedit.c @@ -104,8 +104,8 @@ static int tcf_skbedit_init(struct nlattr *nla, struct nlattr *est, if (!pc) { pc = tcf_hash_create(parm->index, est, a, sizeof(*d), bind, &skbedit_idx_gen, &skbedit_hash_info); - if (IS_ERR(pc)) - return PTR_ERR(pc); + if (unlikely(!pc)) + return -ENOMEM; d = to_skbedit(pc); ret = ACT_P_CREATED; diff --git a/trunk/net/sched/sch_api.c b/trunk/net/sched/sch_api.c index f859dd5fabf4..1ef25e6ee1f9 100644 --- a/trunk/net/sched/sch_api.c +++ b/trunk/net/sched/sch_api.c @@ -204,16 +204,28 @@ struct Qdisc *qdisc_match_from_root(struct Qdisc *root, u32 handle) return NULL; } +/* + * This lock is needed until some qdiscs stop calling qdisc_tree_decrease_qlen() + * without rtnl_lock(); currently hfsc_dequeue(), netem_dequeue(), tbf_dequeue() + */ +static DEFINE_SPINLOCK(qdisc_list_lock); + static void qdisc_list_add(struct Qdisc *q) { - if ((q->parent != TC_H_ROOT) && !(q->flags & TCQ_F_INGRESS)) + if ((q->parent != TC_H_ROOT) && !(q->flags & TCQ_F_INGRESS)) { + spin_lock_bh(&qdisc_list_lock); list_add_tail(&q->list, &qdisc_root_sleeping(q)->list); + spin_unlock_bh(&qdisc_list_lock); + } } void qdisc_list_del(struct Qdisc *q) { - if ((q->parent != TC_H_ROOT) && !(q->flags & TCQ_F_INGRESS)) + if ((q->parent != TC_H_ROOT) && !(q->flags & TCQ_F_INGRESS)) { + spin_lock_bh(&qdisc_list_lock); list_del(&q->list); + spin_unlock_bh(&qdisc_list_lock); + } } EXPORT_SYMBOL(qdisc_list_del); @@ -222,17 +234,22 @@ struct Qdisc *qdisc_lookup(struct net_device *dev, u32 handle) unsigned int i; struct Qdisc *q; + spin_lock_bh(&qdisc_list_lock); + for (i = 0; i < dev->num_tx_queues; i++) { struct netdev_queue *txq = netdev_get_tx_queue(dev, i); struct Qdisc *txq_root = txq->qdisc_sleeping; q = qdisc_match_from_root(txq_root, handle); if (q) - goto out; + goto unlock; } q = qdisc_match_from_root(dev->rx_queue.qdisc_sleeping, handle); -out: + +unlock: + spin_unlock_bh(&qdisc_list_lock); + return q; } @@ -880,12 +897,9 @@ static int qdisc_change(struct Qdisc *sch, struct nlattr **tca) sch->stab = stab; if (tca[TCA_RATE]) - /* NB: ignores errors from replace_estimator - because change can't be undone. */ gen_replace_estimator(&sch->bstats, &sch->rate_est, - qdisc_root_sleeping_lock(sch), - tca[TCA_RATE]); - + qdisc_root_sleeping_lock(sch), + tca[TCA_RATE]); return 0; } diff --git a/trunk/net/sched/sch_cbq.c b/trunk/net/sched/sch_cbq.c index 9e43ed949167..3a9569a3396c 100644 --- a/trunk/net/sched/sch_cbq.c +++ b/trunk/net/sched/sch_cbq.c @@ -1765,23 +1765,11 @@ cbq_change_class(struct Qdisc *sch, u32 classid, u32 parentid, struct nlattr **t } if (tb[TCA_CBQ_RATE]) { - rtab = qdisc_get_rtab(nla_data(tb[TCA_CBQ_RATE]), - tb[TCA_CBQ_RTAB]); + rtab = qdisc_get_rtab(nla_data(tb[TCA_CBQ_RATE]), tb[TCA_CBQ_RTAB]); if (rtab == NULL) return -EINVAL; } - if (tca[TCA_RATE]) { - err = gen_replace_estimator(&cl->bstats, &cl->rate_est, - qdisc_root_sleeping_lock(sch), - tca[TCA_RATE]); - if (err) { - if (rtab) - qdisc_put_rtab(rtab); - return err; - } - } - /* Change class parameters */ sch_tree_lock(sch); @@ -1817,6 +1805,10 @@ cbq_change_class(struct Qdisc *sch, u32 classid, u32 parentid, struct nlattr **t sch_tree_unlock(sch); + if (tca[TCA_RATE]) + gen_replace_estimator(&cl->bstats, &cl->rate_est, + qdisc_root_sleeping_lock(sch), + tca[TCA_RATE]); return 0; } @@ -1863,17 +1855,6 @@ cbq_change_class(struct Qdisc *sch, u32 classid, u32 parentid, struct nlattr **t cl = kzalloc(sizeof(*cl), GFP_KERNEL); if (cl == NULL) goto failure; - - if (tca[TCA_RATE]) { - err = gen_new_estimator(&cl->bstats, &cl->rate_est, - qdisc_root_sleeping_lock(sch), - tca[TCA_RATE]); - if (err) { - kfree(cl); - goto failure; - } - } - cl->R_tab = rtab; rtab = NULL; cl->refcnt = 1; @@ -1915,6 +1896,10 @@ cbq_change_class(struct Qdisc *sch, u32 classid, u32 parentid, struct nlattr **t qdisc_class_hash_grow(sch, &q->clhash); + if (tca[TCA_RATE]) + gen_new_estimator(&cl->bstats, &cl->rate_est, + qdisc_root_sleeping_lock(sch), tca[TCA_RATE]); + *arg = (unsigned long)cl; return 0; diff --git a/trunk/net/sched/sch_drr.c b/trunk/net/sched/sch_drr.c index f6b4fa97df70..e7a7e87b141a 100644 --- a/trunk/net/sched/sch_drr.c +++ b/trunk/net/sched/sch_drr.c @@ -82,19 +82,15 @@ static int drr_change_class(struct Qdisc *sch, u32 classid, u32 parentid, quantum = psched_mtu(qdisc_dev(sch)); if (cl != NULL) { - if (tca[TCA_RATE]) { - err = gen_replace_estimator(&cl->bstats, &cl->rate_est, - qdisc_root_sleeping_lock(sch), - tca[TCA_RATE]); - if (err) - return err; - } - sch_tree_lock(sch); if (tb[TCA_DRR_QUANTUM]) cl->quantum = quantum; sch_tree_unlock(sch); + if (tca[TCA_RATE]) + gen_replace_estimator(&cl->bstats, &cl->rate_est, + qdisc_root_sleeping_lock(sch), + tca[TCA_RATE]); return 0; } @@ -110,16 +106,10 @@ static int drr_change_class(struct Qdisc *sch, u32 classid, u32 parentid, if (cl->qdisc == NULL) cl->qdisc = &noop_qdisc; - if (tca[TCA_RATE]) { - err = gen_replace_estimator(&cl->bstats, &cl->rate_est, - qdisc_root_sleeping_lock(sch), - tca[TCA_RATE]); - if (err) { - qdisc_destroy(cl->qdisc); - kfree(cl); - return err; - } - } + if (tca[TCA_RATE]) + gen_replace_estimator(&cl->bstats, &cl->rate_est, + qdisc_root_sleeping_lock(sch), + tca[TCA_RATE]); sch_tree_lock(sch); qdisc_class_hash_insert(&q->clhash, &cl->common); diff --git a/trunk/net/sched/sch_hfsc.c b/trunk/net/sched/sch_hfsc.c index 45c31b1a4e1d..51dd3f401623 100644 --- a/trunk/net/sched/sch_hfsc.c +++ b/trunk/net/sched/sch_hfsc.c @@ -1018,14 +1018,6 @@ hfsc_change_class(struct Qdisc *sch, u32 classid, u32 parentid, } cur_time = psched_get_time(); - if (tca[TCA_RATE]) { - err = gen_replace_estimator(&cl->bstats, &cl->rate_est, - qdisc_root_sleeping_lock(sch), - tca[TCA_RATE]); - if (err) - return err; - } - sch_tree_lock(sch); if (rsc != NULL) hfsc_change_rsc(cl, rsc, cur_time); @@ -1042,6 +1034,10 @@ hfsc_change_class(struct Qdisc *sch, u32 classid, u32 parentid, } sch_tree_unlock(sch); + if (tca[TCA_RATE]) + gen_replace_estimator(&cl->bstats, &cl->rate_est, + qdisc_root_sleeping_lock(sch), + tca[TCA_RATE]); return 0; } @@ -1067,16 +1063,6 @@ hfsc_change_class(struct Qdisc *sch, u32 classid, u32 parentid, if (cl == NULL) return -ENOBUFS; - if (tca[TCA_RATE]) { - err = gen_new_estimator(&cl->bstats, &cl->rate_est, - qdisc_root_sleeping_lock(sch), - tca[TCA_RATE]); - if (err) { - kfree(cl); - return err; - } - } - if (rsc != NULL) hfsc_change_rsc(cl, rsc, 0); if (fsc != NULL) @@ -1107,6 +1093,9 @@ hfsc_change_class(struct Qdisc *sch, u32 classid, u32 parentid, qdisc_class_hash_grow(sch, &q->clhash); + if (tca[TCA_RATE]) + gen_new_estimator(&cl->bstats, &cl->rate_est, + qdisc_root_sleeping_lock(sch), tca[TCA_RATE]); *arg = (unsigned long)cl; return 0; } @@ -1574,7 +1563,7 @@ static int hfsc_enqueue(struct sk_buff *skb, struct Qdisc *sch) { struct hfsc_class *cl; - int uninitialized_var(err); + int err; cl = hfsc_classify(skb, sch, &err); if (cl == NULL) { diff --git a/trunk/net/sched/sch_htb.c b/trunk/net/sched/sch_htb.c index 8a4519989732..3a119f576bb3 100644 --- a/trunk/net/sched/sch_htb.c +++ b/trunk/net/sched/sch_htb.c @@ -1332,14 +1332,9 @@ static int htb_change_class(struct Qdisc *sch, u32 classid, if ((cl = kzalloc(sizeof(*cl), GFP_KERNEL)) == NULL) goto failure; - err = gen_new_estimator(&cl->bstats, &cl->rate_est, - qdisc_root_sleeping_lock(sch), - tca[TCA_RATE] ? : &est.nla); - if (err) { - kfree(cl); - goto failure; - } - + gen_new_estimator(&cl->bstats, &cl->rate_est, + qdisc_root_sleeping_lock(sch), + tca[TCA_RATE] ? : &est.nla); cl->refcnt = 1; cl->children = 0; INIT_LIST_HEAD(&cl->un.leaf.drop_list); @@ -1391,13 +1386,10 @@ static int htb_change_class(struct Qdisc *sch, u32 classid, if (parent) parent->children++; } else { - if (tca[TCA_RATE]) { - err = gen_replace_estimator(&cl->bstats, &cl->rate_est, - qdisc_root_sleeping_lock(sch), - tca[TCA_RATE]); - if (err) - return err; - } + if (tca[TCA_RATE]) + gen_replace_estimator(&cl->bstats, &cl->rate_est, + qdisc_root_sleeping_lock(sch), + tca[TCA_RATE]); sch_tree_lock(sch); } diff --git a/trunk/net/sctp/protocol.c b/trunk/net/sctp/protocol.c index d5ea232c9126..a8ca743241ee 100644 --- a/trunk/net/sctp/protocol.c +++ b/trunk/net/sctp/protocol.c @@ -102,8 +102,6 @@ struct sock *sctp_get_ctl_sock(void) /* Set up the proc fs entry for the SCTP protocol. */ static __init int sctp_proc_init(void) { - if (percpu_counter_init(&sctp_sockets_allocated, 0)) - goto out_nomem; #ifdef CONFIG_PROC_FS if (!proc_net_sctp) { struct proc_dir_entry *ent; @@ -112,7 +110,7 @@ static __init int sctp_proc_init(void) ent->owner = THIS_MODULE; proc_net_sctp = ent; } else - goto out_free_percpu; + goto out_nomem; } if (sctp_snmp_proc_init()) @@ -137,8 +135,6 @@ static __init int sctp_proc_init(void) proc_net_sctp = NULL; remove_proc_entry("sctp", init_net.proc_net); } -out_free_percpu: - percpu_counter_destroy(&sctp_sockets_allocated); out_nomem: return -ENOMEM; #else diff --git a/trunk/net/sctp/socket.c b/trunk/net/sctp/socket.c index a2de585888d0..f03af84edf63 100644 --- a/trunk/net/sctp/socket.c +++ b/trunk/net/sctp/socket.c @@ -114,7 +114,7 @@ extern int sysctl_sctp_wmem[3]; static int sctp_memory_pressure; static atomic_t sctp_memory_allocated; -struct percpu_counter sctp_sockets_allocated; +static atomic_t sctp_sockets_allocated; static void sctp_enter_memory_pressure(struct sock *sk) { @@ -3613,7 +3613,7 @@ SCTP_STATIC int sctp_init_sock(struct sock *sk) sp->hmac = NULL; SCTP_DBG_OBJCNT_INC(sock); - percpu_counter_inc(&sctp_sockets_allocated); + atomic_inc(&sctp_sockets_allocated); local_bh_disable(); sock_prot_inuse_add(sock_net(sk), sk->sk_prot, 1); @@ -3632,10 +3632,8 @@ SCTP_STATIC void sctp_destroy_sock(struct sock *sk) /* Release our hold on the endpoint. */ ep = sctp_sk(sk)->ep; sctp_endpoint_free(ep); - percpu_counter_dec(&sctp_sockets_allocated); - local_bh_disable(); + atomic_dec(&sctp_sockets_allocated); sock_prot_inuse_add(sock_net(sk), sk->sk_prot, -1); - local_bh_enable(); } /* API 4.1.7 shutdown() - TCP Style Syntax diff --git a/trunk/net/sunrpc/xprtrdma/svc_rdma_transport.c b/trunk/net/sunrpc/xprtrdma/svc_rdma_transport.c index 8872914aa4cf..f8500f018f8a 100644 --- a/trunk/net/sunrpc/xprtrdma/svc_rdma_transport.c +++ b/trunk/net/sunrpc/xprtrdma/svc_rdma_transport.c @@ -827,7 +827,7 @@ static struct svc_xprt *svc_rdma_accept(struct svc_xprt *xprt) struct rdma_conn_param conn_param; struct ib_qp_init_attr qp_attr; struct ib_device_attr devattr; - int uninitialized_var(dma_mr_acc); + int dma_mr_acc; int need_dma_mr; int ret; int i; diff --git a/trunk/net/sunrpc/xprtrdma/verbs.c b/trunk/net/sunrpc/xprtrdma/verbs.c index 3b21e0cc5e69..78f7f728ef10 100644 --- a/trunk/net/sunrpc/xprtrdma/verbs.c +++ b/trunk/net/sunrpc/xprtrdma/verbs.c @@ -276,9 +276,7 @@ rpcrdma_conn_upcall(struct rdma_cm_id *id, struct rdma_cm_event *event) struct rpcrdma_xprt *xprt = id->context; struct rpcrdma_ia *ia = &xprt->rx_ia; struct rpcrdma_ep *ep = &xprt->rx_ep; -#ifdef RPC_DEBUG struct sockaddr_in *addr = (struct sockaddr_in *) &ep->rep_remote_addr; -#endif struct ib_qp_attr attr; struct ib_qp_init_attr iattr; int connstate = 0; diff --git a/trunk/net/unix/af_unix.c b/trunk/net/unix/af_unix.c index 5aaf23e43f1d..3a35a6e8bf91 100644 --- a/trunk/net/unix/af_unix.c +++ b/trunk/net/unix/af_unix.c @@ -571,6 +571,7 @@ static const struct proto_ops unix_seqpacket_ops = { static struct proto unix_proto = { .name = "UNIX", .owner = THIS_MODULE, + .sockets_allocated = &unix_nr_socks, .obj_size = sizeof(struct unix_sock), }; diff --git a/trunk/net/xfrm/Makefile b/trunk/net/xfrm/Makefile index c631047e1b27..0f439a72ccab 100644 --- a/trunk/net/xfrm/Makefile +++ b/trunk/net/xfrm/Makefile @@ -3,8 +3,8 @@ # obj-$(CONFIG_XFRM) := xfrm_policy.o xfrm_state.o xfrm_hash.o \ - xfrm_input.o xfrm_output.o xfrm_algo.o \ - xfrm_sysctl.o + xfrm_input.o xfrm_output.o xfrm_algo.o obj-$(CONFIG_XFRM_STATISTICS) += xfrm_proc.o obj-$(CONFIG_XFRM_USER) += xfrm_user.o obj-$(CONFIG_XFRM_IPCOMP) += xfrm_ipcomp.o + diff --git a/trunk/net/xfrm/xfrm_input.c b/trunk/net/xfrm/xfrm_input.c index b4a13178fb40..75279402ccf4 100644 --- a/trunk/net/xfrm/xfrm_input.c +++ b/trunk/net/xfrm/xfrm_input.c @@ -104,7 +104,6 @@ EXPORT_SYMBOL(xfrm_prepare_input); int xfrm_input(struct sk_buff *skb, int nexthdr, __be32 spi, int encap_type) { - struct net *net = dev_net(skb->dev); int err; __be32 seq; struct xfrm_state *x; @@ -128,7 +127,7 @@ int xfrm_input(struct sk_buff *skb, int nexthdr, __be32 spi, int encap_type) sp = secpath_dup(skb->sp); if (!sp) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMINERROR); + XFRM_INC_STATS(LINUX_MIB_XFRMINERROR); goto drop; } if (skb->sp) @@ -142,19 +141,19 @@ int xfrm_input(struct sk_buff *skb, int nexthdr, __be32 spi, int encap_type) seq = 0; if (!spi && (err = xfrm_parse_spi(skb, nexthdr, &spi, &seq)) != 0) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMINHDRERROR); + XFRM_INC_STATS(LINUX_MIB_XFRMINHDRERROR); goto drop; } do { if (skb->sp->len == XFRM_MAX_DEPTH) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMINBUFFERERROR); + XFRM_INC_STATS(LINUX_MIB_XFRMINBUFFERERROR); goto drop; } - x = xfrm_state_lookup(net, daddr, spi, nexthdr, family); + x = xfrm_state_lookup(daddr, spi, nexthdr, family); if (x == NULL) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMINNOSTATES); + XFRM_INC_STATS(LINUX_MIB_XFRMINNOSTATES); xfrm_audit_state_notfound(skb, family, spi, seq); goto drop; } @@ -163,22 +162,22 @@ int xfrm_input(struct sk_buff *skb, int nexthdr, __be32 spi, int encap_type) spin_lock(&x->lock); if (unlikely(x->km.state != XFRM_STATE_VALID)) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMINSTATEINVALID); + XFRM_INC_STATS(LINUX_MIB_XFRMINSTATEINVALID); goto drop_unlock; } if ((x->encap ? x->encap->encap_type : 0) != encap_type) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMINSTATEMISMATCH); + XFRM_INC_STATS(LINUX_MIB_XFRMINSTATEMISMATCH); goto drop_unlock; } if (x->props.replay_window && xfrm_replay_check(x, skb, seq)) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMINSTATESEQERROR); + XFRM_INC_STATS(LINUX_MIB_XFRMINSTATESEQERROR); goto drop_unlock; } if (xfrm_state_check_expire(x)) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMINSTATEEXPIRED); + XFRM_INC_STATS(LINUX_MIB_XFRMINSTATEEXPIRED); goto drop_unlock; } @@ -199,7 +198,7 @@ int xfrm_input(struct sk_buff *skb, int nexthdr, __be32 spi, int encap_type) x->type->proto); x->stats.integrity_failed++; } - XFRM_INC_STATS(net, LINUX_MIB_XFRMINSTATEPROTOERROR); + XFRM_INC_STATS(LINUX_MIB_XFRMINSTATEPROTOERROR); goto drop_unlock; } @@ -225,7 +224,7 @@ int xfrm_input(struct sk_buff *skb, int nexthdr, __be32 spi, int encap_type) } if (inner_mode->input(x, skb)) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMINSTATEMODEERROR); + XFRM_INC_STATS(LINUX_MIB_XFRMINSTATEMODEERROR); goto drop; } @@ -243,7 +242,7 @@ int xfrm_input(struct sk_buff *skb, int nexthdr, __be32 spi, int encap_type) err = xfrm_parse_spi(skb, nexthdr, &spi, &seq); if (err < 0) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMINHDRERROR); + XFRM_INC_STATS(LINUX_MIB_XFRMINHDRERROR); goto drop; } } while (!err); diff --git a/trunk/net/xfrm/xfrm_output.c b/trunk/net/xfrm/xfrm_output.c index c235597ba8dd..dc50f1e71f76 100644 --- a/trunk/net/xfrm/xfrm_output.c +++ b/trunk/net/xfrm/xfrm_output.c @@ -41,7 +41,6 @@ static int xfrm_output_one(struct sk_buff *skb, int err) { struct dst_entry *dst = skb->dst; struct xfrm_state *x = dst->xfrm; - struct net *net = xs_net(x); if (err <= 0) goto resume; @@ -49,33 +48,33 @@ static int xfrm_output_one(struct sk_buff *skb, int err) do { err = xfrm_state_check_space(x, skb); if (err) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTERROR); + XFRM_INC_STATS(LINUX_MIB_XFRMOUTERROR); goto error_nolock; } err = x->outer_mode->output(x, skb); if (err) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTSTATEMODEERROR); + XFRM_INC_STATS(LINUX_MIB_XFRMOUTSTATEMODEERROR); goto error_nolock; } spin_lock_bh(&x->lock); err = xfrm_state_check_expire(x); if (err) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTSTATEEXPIRED); + XFRM_INC_STATS(LINUX_MIB_XFRMOUTSTATEEXPIRED); goto error; } if (x->type->flags & XFRM_TYPE_REPLAY_PROT) { XFRM_SKB_CB(skb)->seq.output = ++x->replay.oseq; if (unlikely(x->replay.oseq == 0)) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTSTATESEQERROR); + XFRM_INC_STATS(LINUX_MIB_XFRMOUTSTATESEQERROR); x->replay.oseq--; xfrm_audit_state_replay_overflow(x, skb); err = -EOVERFLOW; goto error; } - if (xfrm_aevent_is_on(net)) + if (xfrm_aevent_is_on()) xfrm_replay_notify(x, XFRM_REPLAY_UPDATE); } @@ -90,12 +89,12 @@ static int xfrm_output_one(struct sk_buff *skb, int err) resume: if (err) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTSTATEPROTOERROR); + XFRM_INC_STATS(LINUX_MIB_XFRMOUTSTATEPROTOERROR); goto error_nolock; } if (!(skb->dst = dst_pop(dst))) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTERROR); + XFRM_INC_STATS(LINUX_MIB_XFRMOUTERROR); err = -EHOSTUNREACH; goto error_nolock; } @@ -179,7 +178,6 @@ static int xfrm_output_gso(struct sk_buff *skb) int xfrm_output(struct sk_buff *skb) { - struct net *net = dev_net(skb->dst->dev); int err; if (skb_is_gso(skb)) @@ -188,7 +186,7 @@ int xfrm_output(struct sk_buff *skb) if (skb->ip_summed == CHECKSUM_PARTIAL) { err = skb_checksum_help(skb); if (err) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTERROR); + XFRM_INC_STATS(LINUX_MIB_XFRMOUTERROR); kfree_skb(skb); return err; } diff --git a/trunk/net/xfrm/xfrm_policy.c b/trunk/net/xfrm/xfrm_policy.c index 393cc65dbfa4..17854884f6ff 100644 --- a/trunk/net/xfrm/xfrm_policy.c +++ b/trunk/net/xfrm/xfrm_policy.c @@ -34,16 +34,28 @@ #include "xfrm_hash.h" +int sysctl_xfrm_larval_drop __read_mostly = 1; + +#ifdef CONFIG_XFRM_STATISTICS +DEFINE_SNMP_STAT(struct linux_xfrm_mib, xfrm_statistics) __read_mostly; +EXPORT_SYMBOL(xfrm_statistics); +#endif + DEFINE_MUTEX(xfrm_cfg_mutex); EXPORT_SYMBOL(xfrm_cfg_mutex); static DEFINE_RWLOCK(xfrm_policy_lock); +static struct list_head xfrm_policy_all; +unsigned int xfrm_policy_count[XFRM_POLICY_MAX*2]; +EXPORT_SYMBOL(xfrm_policy_count); + static DEFINE_RWLOCK(xfrm_policy_afinfo_lock); static struct xfrm_policy_afinfo *xfrm_policy_afinfo[NPROTO]; static struct kmem_cache *xfrm_dst_cache __read_mostly; +static struct work_struct xfrm_policy_gc_work; static HLIST_HEAD(xfrm_policy_gc_list); static DEFINE_SPINLOCK(xfrm_policy_gc_lock); @@ -85,7 +97,7 @@ int xfrm_selector_match(struct xfrm_selector *sel, struct flowi *fl, return 0; } -static inline struct dst_entry *__xfrm_dst_lookup(struct net *net, int tos, +static inline struct dst_entry *__xfrm_dst_lookup(int tos, xfrm_address_t *saddr, xfrm_address_t *daddr, int family) @@ -97,7 +109,7 @@ static inline struct dst_entry *__xfrm_dst_lookup(struct net *net, int tos, if (unlikely(afinfo == NULL)) return ERR_PTR(-EAFNOSUPPORT); - dst = afinfo->dst_lookup(net, tos, saddr, daddr); + dst = afinfo->dst_lookup(tos, saddr, daddr); xfrm_policy_put_afinfo(afinfo); @@ -109,7 +121,6 @@ static inline struct dst_entry *xfrm_dst_lookup(struct xfrm_state *x, int tos, xfrm_address_t *prev_daddr, int family) { - struct net *net = xs_net(x); xfrm_address_t *saddr = &x->props.saddr; xfrm_address_t *daddr = &x->id.daddr; struct dst_entry *dst; @@ -123,7 +134,7 @@ static inline struct dst_entry *xfrm_dst_lookup(struct xfrm_state *x, int tos, daddr = x->coaddr; } - dst = __xfrm_dst_lookup(net, tos, saddr, daddr, family); + dst = __xfrm_dst_lookup(tos, saddr, daddr, family); if (!IS_ERR(dst)) { if (prev_saddr != saddr) @@ -218,14 +229,13 @@ static void xfrm_policy_timer(unsigned long data) * SPD calls. */ -struct xfrm_policy *xfrm_policy_alloc(struct net *net, gfp_t gfp) +struct xfrm_policy *xfrm_policy_alloc(gfp_t gfp) { struct xfrm_policy *policy; policy = kzalloc(sizeof(struct xfrm_policy), gfp); if (policy) { - write_pnet(&policy->xp_net, net); INIT_LIST_HEAD(&policy->walk.all); INIT_HLIST_NODE(&policy->bydst); INIT_HLIST_NODE(&policy->byidx); @@ -286,7 +296,6 @@ static void xfrm_policy_gc_task(struct work_struct *work) hlist_for_each_entry_safe(policy, entry, tmp, &gc_list, bydst) xfrm_policy_gc_kill(policy); } -static DECLARE_WORK(xfrm_policy_gc_work, xfrm_policy_gc_task); /* Rule must be locked. Release descentant resources, announce * entry dead. The rule must be unlinked from lists to the moment. @@ -313,29 +322,38 @@ static void xfrm_policy_kill(struct xfrm_policy *policy) schedule_work(&xfrm_policy_gc_work); } +struct xfrm_policy_hash { + struct hlist_head *table; + unsigned int hmask; +}; + +static struct hlist_head xfrm_policy_inexact[XFRM_POLICY_MAX*2]; +static struct xfrm_policy_hash xfrm_policy_bydst[XFRM_POLICY_MAX*2] __read_mostly; +static struct hlist_head *xfrm_policy_byidx __read_mostly; +static unsigned int xfrm_idx_hmask __read_mostly; static unsigned int xfrm_policy_hashmax __read_mostly = 1 * 1024 * 1024; -static inline unsigned int idx_hash(struct net *net, u32 index) +static inline unsigned int idx_hash(u32 index) { - return __idx_hash(index, net->xfrm.policy_idx_hmask); + return __idx_hash(index, xfrm_idx_hmask); } -static struct hlist_head *policy_hash_bysel(struct net *net, struct xfrm_selector *sel, unsigned short family, int dir) +static struct hlist_head *policy_hash_bysel(struct xfrm_selector *sel, unsigned short family, int dir) { - unsigned int hmask = net->xfrm.policy_bydst[dir].hmask; + unsigned int hmask = xfrm_policy_bydst[dir].hmask; unsigned int hash = __sel_hash(sel, family, hmask); return (hash == hmask + 1 ? - &net->xfrm.policy_inexact[dir] : - net->xfrm.policy_bydst[dir].table + hash); + &xfrm_policy_inexact[dir] : + xfrm_policy_bydst[dir].table + hash); } -static struct hlist_head *policy_hash_direct(struct net *net, xfrm_address_t *daddr, xfrm_address_t *saddr, unsigned short family, int dir) +static struct hlist_head *policy_hash_direct(xfrm_address_t *daddr, xfrm_address_t *saddr, unsigned short family, int dir) { - unsigned int hmask = net->xfrm.policy_bydst[dir].hmask; + unsigned int hmask = xfrm_policy_bydst[dir].hmask; unsigned int hash = __addr_hash(daddr, saddr, family, hmask); - return net->xfrm.policy_bydst[dir].table + hash; + return xfrm_policy_bydst[dir].table + hash; } static void xfrm_dst_hash_transfer(struct hlist_head *list, @@ -390,12 +408,12 @@ static unsigned long xfrm_new_hash_mask(unsigned int old_hmask) return ((old_hmask + 1) << 1) - 1; } -static void xfrm_bydst_resize(struct net *net, int dir) +static void xfrm_bydst_resize(int dir) { - unsigned int hmask = net->xfrm.policy_bydst[dir].hmask; + unsigned int hmask = xfrm_policy_bydst[dir].hmask; unsigned int nhashmask = xfrm_new_hash_mask(hmask); unsigned int nsize = (nhashmask + 1) * sizeof(struct hlist_head); - struct hlist_head *odst = net->xfrm.policy_bydst[dir].table; + struct hlist_head *odst = xfrm_policy_bydst[dir].table; struct hlist_head *ndst = xfrm_hash_alloc(nsize); int i; @@ -407,20 +425,20 @@ static void xfrm_bydst_resize(struct net *net, int dir) for (i = hmask; i >= 0; i--) xfrm_dst_hash_transfer(odst + i, ndst, nhashmask); - net->xfrm.policy_bydst[dir].table = ndst; - net->xfrm.policy_bydst[dir].hmask = nhashmask; + xfrm_policy_bydst[dir].table = ndst; + xfrm_policy_bydst[dir].hmask = nhashmask; write_unlock_bh(&xfrm_policy_lock); xfrm_hash_free(odst, (hmask + 1) * sizeof(struct hlist_head)); } -static void xfrm_byidx_resize(struct net *net, int total) +static void xfrm_byidx_resize(int total) { - unsigned int hmask = net->xfrm.policy_idx_hmask; + unsigned int hmask = xfrm_idx_hmask; unsigned int nhashmask = xfrm_new_hash_mask(hmask); unsigned int nsize = (nhashmask + 1) * sizeof(struct hlist_head); - struct hlist_head *oidx = net->xfrm.policy_byidx; + struct hlist_head *oidx = xfrm_policy_byidx; struct hlist_head *nidx = xfrm_hash_alloc(nsize); int i; @@ -432,18 +450,18 @@ static void xfrm_byidx_resize(struct net *net, int total) for (i = hmask; i >= 0; i--) xfrm_idx_hash_transfer(oidx + i, nidx, nhashmask); - net->xfrm.policy_byidx = nidx; - net->xfrm.policy_idx_hmask = nhashmask; + xfrm_policy_byidx = nidx; + xfrm_idx_hmask = nhashmask; write_unlock_bh(&xfrm_policy_lock); xfrm_hash_free(oidx, (hmask + 1) * sizeof(struct hlist_head)); } -static inline int xfrm_bydst_should_resize(struct net *net, int dir, int *total) +static inline int xfrm_bydst_should_resize(int dir, int *total) { - unsigned int cnt = net->xfrm.policy_count[dir]; - unsigned int hmask = net->xfrm.policy_bydst[dir].hmask; + unsigned int cnt = xfrm_policy_count[dir]; + unsigned int hmask = xfrm_policy_bydst[dir].hmask; if (total) *total += cnt; @@ -455,9 +473,9 @@ static inline int xfrm_bydst_should_resize(struct net *net, int dir, int *total) return 0; } -static inline int xfrm_byidx_should_resize(struct net *net, int total) +static inline int xfrm_byidx_should_resize(int total) { - unsigned int hmask = net->xfrm.policy_idx_hmask; + unsigned int hmask = xfrm_idx_hmask; if ((hmask + 1) < xfrm_policy_hashmax && total > hmask) @@ -469,40 +487,41 @@ static inline int xfrm_byidx_should_resize(struct net *net, int total) void xfrm_spd_getinfo(struct xfrmk_spdinfo *si) { read_lock_bh(&xfrm_policy_lock); - si->incnt = init_net.xfrm.policy_count[XFRM_POLICY_IN]; - si->outcnt = init_net.xfrm.policy_count[XFRM_POLICY_OUT]; - si->fwdcnt = init_net.xfrm.policy_count[XFRM_POLICY_FWD]; - si->inscnt = init_net.xfrm.policy_count[XFRM_POLICY_IN+XFRM_POLICY_MAX]; - si->outscnt = init_net.xfrm.policy_count[XFRM_POLICY_OUT+XFRM_POLICY_MAX]; - si->fwdscnt = init_net.xfrm.policy_count[XFRM_POLICY_FWD+XFRM_POLICY_MAX]; - si->spdhcnt = init_net.xfrm.policy_idx_hmask; + si->incnt = xfrm_policy_count[XFRM_POLICY_IN]; + si->outcnt = xfrm_policy_count[XFRM_POLICY_OUT]; + si->fwdcnt = xfrm_policy_count[XFRM_POLICY_FWD]; + si->inscnt = xfrm_policy_count[XFRM_POLICY_IN+XFRM_POLICY_MAX]; + si->outscnt = xfrm_policy_count[XFRM_POLICY_OUT+XFRM_POLICY_MAX]; + si->fwdscnt = xfrm_policy_count[XFRM_POLICY_FWD+XFRM_POLICY_MAX]; + si->spdhcnt = xfrm_idx_hmask; si->spdhmcnt = xfrm_policy_hashmax; read_unlock_bh(&xfrm_policy_lock); } EXPORT_SYMBOL(xfrm_spd_getinfo); static DEFINE_MUTEX(hash_resize_mutex); -static void xfrm_hash_resize(struct work_struct *work) +static void xfrm_hash_resize(struct work_struct *__unused) { - struct net *net = container_of(work, struct net, xfrm.policy_hash_work); int dir, total; mutex_lock(&hash_resize_mutex); total = 0; for (dir = 0; dir < XFRM_POLICY_MAX * 2; dir++) { - if (xfrm_bydst_should_resize(net, dir, &total)) - xfrm_bydst_resize(net, dir); + if (xfrm_bydst_should_resize(dir, &total)) + xfrm_bydst_resize(dir); } - if (xfrm_byidx_should_resize(net, total)) - xfrm_byidx_resize(net, total); + if (xfrm_byidx_should_resize(total)) + xfrm_byidx_resize(total); mutex_unlock(&hash_resize_mutex); } +static DECLARE_WORK(xfrm_hash_work, xfrm_hash_resize); + /* Generate new index... KAME seems to generate them ordered by cost * of an absolute inpredictability of ordering of rules. This will not pass. */ -static u32 xfrm_gen_index(struct net *net, int dir) +static u32 xfrm_gen_index(int dir) { static u32 idx_generator; @@ -517,7 +536,7 @@ static u32 xfrm_gen_index(struct net *net, int dir) idx_generator += 8; if (idx == 0) idx = 8; - list = net->xfrm.policy_byidx + idx_hash(net, idx); + list = xfrm_policy_byidx + idx_hash(idx); found = 0; hlist_for_each_entry(p, entry, list, byidx) { if (p->index == idx) { @@ -547,7 +566,6 @@ static inline int selector_cmp(struct xfrm_selector *s1, struct xfrm_selector *s int xfrm_policy_insert(int dir, struct xfrm_policy *policy, int excl) { - struct net *net = xp_net(policy); struct xfrm_policy *pol; struct xfrm_policy *delpol; struct hlist_head *chain; @@ -555,7 +573,7 @@ int xfrm_policy_insert(int dir, struct xfrm_policy *policy, int excl) struct dst_entry *gc_list; write_lock_bh(&xfrm_policy_lock); - chain = policy_hash_bysel(net, &policy->selector, policy->family, dir); + chain = policy_hash_bysel(&policy->selector, policy->family, dir); delpol = NULL; newpos = NULL; hlist_for_each_entry(pol, entry, chain, bydst) { @@ -582,27 +600,27 @@ int xfrm_policy_insert(int dir, struct xfrm_policy *policy, int excl) else hlist_add_head(&policy->bydst, chain); xfrm_pol_hold(policy); - net->xfrm.policy_count[dir]++; + xfrm_policy_count[dir]++; atomic_inc(&flow_cache_genid); if (delpol) { hlist_del(&delpol->bydst); hlist_del(&delpol->byidx); list_del(&delpol->walk.all); - net->xfrm.policy_count[dir]--; + xfrm_policy_count[dir]--; } - policy->index = delpol ? delpol->index : xfrm_gen_index(net, dir); - hlist_add_head(&policy->byidx, net->xfrm.policy_byidx+idx_hash(net, policy->index)); + policy->index = delpol ? delpol->index : xfrm_gen_index(dir); + hlist_add_head(&policy->byidx, xfrm_policy_byidx+idx_hash(policy->index)); policy->curlft.add_time = get_seconds(); policy->curlft.use_time = 0; if (!mod_timer(&policy->timer, jiffies + HZ)) xfrm_pol_hold(policy); - list_add(&policy->walk.all, &net->xfrm.policy_all); + list_add(&policy->walk.all, &xfrm_policy_all); write_unlock_bh(&xfrm_policy_lock); if (delpol) xfrm_policy_kill(delpol); - else if (xfrm_bydst_should_resize(net, dir, NULL)) - schedule_work(&net->xfrm.policy_hash_work); + else if (xfrm_bydst_should_resize(dir, NULL)) + schedule_work(&xfrm_hash_work); read_lock_bh(&xfrm_policy_lock); gc_list = NULL; @@ -636,7 +654,7 @@ int xfrm_policy_insert(int dir, struct xfrm_policy *policy, int excl) } EXPORT_SYMBOL(xfrm_policy_insert); -struct xfrm_policy *xfrm_policy_bysel_ctx(struct net *net, u8 type, int dir, +struct xfrm_policy *xfrm_policy_bysel_ctx(u8 type, int dir, struct xfrm_selector *sel, struct xfrm_sec_ctx *ctx, int delete, int *err) @@ -647,7 +665,7 @@ struct xfrm_policy *xfrm_policy_bysel_ctx(struct net *net, u8 type, int dir, *err = 0; write_lock_bh(&xfrm_policy_lock); - chain = policy_hash_bysel(net, sel, sel->family, dir); + chain = policy_hash_bysel(sel, sel->family, dir); ret = NULL; hlist_for_each_entry(pol, entry, chain, bydst) { if (pol->type == type && @@ -664,7 +682,7 @@ struct xfrm_policy *xfrm_policy_bysel_ctx(struct net *net, u8 type, int dir, hlist_del(&pol->bydst); hlist_del(&pol->byidx); list_del(&pol->walk.all); - net->xfrm.policy_count[dir]--; + xfrm_policy_count[dir]--; } ret = pol; break; @@ -680,8 +698,8 @@ struct xfrm_policy *xfrm_policy_bysel_ctx(struct net *net, u8 type, int dir, } EXPORT_SYMBOL(xfrm_policy_bysel_ctx); -struct xfrm_policy *xfrm_policy_byid(struct net *net, u8 type, int dir, u32 id, - int delete, int *err) +struct xfrm_policy *xfrm_policy_byid(u8 type, int dir, u32 id, int delete, + int *err) { struct xfrm_policy *pol, *ret; struct hlist_head *chain; @@ -693,7 +711,7 @@ struct xfrm_policy *xfrm_policy_byid(struct net *net, u8 type, int dir, u32 id, *err = 0; write_lock_bh(&xfrm_policy_lock); - chain = net->xfrm.policy_byidx + idx_hash(net, id); + chain = xfrm_policy_byidx + idx_hash(id); ret = NULL; hlist_for_each_entry(pol, entry, chain, byidx) { if (pol->type == type && pol->index == id) { @@ -708,7 +726,7 @@ struct xfrm_policy *xfrm_policy_byid(struct net *net, u8 type, int dir, u32 id, hlist_del(&pol->bydst); hlist_del(&pol->byidx); list_del(&pol->walk.all); - net->xfrm.policy_count[dir]--; + xfrm_policy_count[dir]--; } ret = pol; break; @@ -726,7 +744,7 @@ EXPORT_SYMBOL(xfrm_policy_byid); #ifdef CONFIG_SECURITY_NETWORK_XFRM static inline int -xfrm_policy_flush_secctx_check(struct net *net, u8 type, struct xfrm_audit *audit_info) +xfrm_policy_flush_secctx_check(u8 type, struct xfrm_audit *audit_info) { int dir, err = 0; @@ -736,7 +754,7 @@ xfrm_policy_flush_secctx_check(struct net *net, u8 type, struct xfrm_audit *audi int i; hlist_for_each_entry(pol, entry, - &net->xfrm.policy_inexact[dir], bydst) { + &xfrm_policy_inexact[dir], bydst) { if (pol->type != type) continue; err = security_xfrm_policy_delete(pol->security); @@ -748,9 +766,9 @@ xfrm_policy_flush_secctx_check(struct net *net, u8 type, struct xfrm_audit *audi return err; } } - for (i = net->xfrm.policy_bydst[dir].hmask; i >= 0; i--) { + for (i = xfrm_policy_bydst[dir].hmask; i >= 0; i--) { hlist_for_each_entry(pol, entry, - net->xfrm.policy_bydst[dir].table + i, + xfrm_policy_bydst[dir].table + i, bydst) { if (pol->type != type) continue; @@ -770,19 +788,19 @@ xfrm_policy_flush_secctx_check(struct net *net, u8 type, struct xfrm_audit *audi } #else static inline int -xfrm_policy_flush_secctx_check(struct net *net, u8 type, struct xfrm_audit *audit_info) +xfrm_policy_flush_secctx_check(u8 type, struct xfrm_audit *audit_info) { return 0; } #endif -int xfrm_policy_flush(struct net *net, u8 type, struct xfrm_audit *audit_info) +int xfrm_policy_flush(u8 type, struct xfrm_audit *audit_info) { int dir, err = 0; write_lock_bh(&xfrm_policy_lock); - err = xfrm_policy_flush_secctx_check(net, type, audit_info); + err = xfrm_policy_flush_secctx_check(type, audit_info); if (err) goto out; @@ -794,7 +812,7 @@ int xfrm_policy_flush(struct net *net, u8 type, struct xfrm_audit *audit_info) killed = 0; again1: hlist_for_each_entry(pol, entry, - &net->xfrm.policy_inexact[dir], bydst) { + &xfrm_policy_inexact[dir], bydst) { if (pol->type != type) continue; hlist_del(&pol->bydst); @@ -812,10 +830,10 @@ int xfrm_policy_flush(struct net *net, u8 type, struct xfrm_audit *audit_info) goto again1; } - for (i = net->xfrm.policy_bydst[dir].hmask; i >= 0; i--) { + for (i = xfrm_policy_bydst[dir].hmask; i >= 0; i--) { again2: hlist_for_each_entry(pol, entry, - net->xfrm.policy_bydst[dir].table + i, + xfrm_policy_bydst[dir].table + i, bydst) { if (pol->type != type) continue; @@ -836,7 +854,7 @@ int xfrm_policy_flush(struct net *net, u8 type, struct xfrm_audit *audit_info) } } - net->xfrm.policy_count[dir] -= killed; + xfrm_policy_count[dir] -= killed; } atomic_inc(&flow_cache_genid); out: @@ -845,7 +863,7 @@ int xfrm_policy_flush(struct net *net, u8 type, struct xfrm_audit *audit_info) } EXPORT_SYMBOL(xfrm_policy_flush); -int xfrm_policy_walk(struct net *net, struct xfrm_policy_walk *walk, +int xfrm_policy_walk(struct xfrm_policy_walk *walk, int (*func)(struct xfrm_policy *, int, int, void*), void *data) { @@ -862,10 +880,10 @@ int xfrm_policy_walk(struct net *net, struct xfrm_policy_walk *walk, write_lock_bh(&xfrm_policy_lock); if (list_empty(&walk->walk.all)) - x = list_first_entry(&net->xfrm.policy_all, struct xfrm_policy_walk_entry, all); + x = list_first_entry(&xfrm_policy_all, struct xfrm_policy_walk_entry, all); else x = list_entry(&walk->walk.all, struct xfrm_policy_walk_entry, all); - list_for_each_entry_from(x, &net->xfrm.policy_all, all) { + list_for_each_entry_from(x, &xfrm_policy_all, all) { if (x->dead) continue; pol = container_of(x, struct xfrm_policy, walk); @@ -934,8 +952,7 @@ static int xfrm_policy_match(struct xfrm_policy *pol, struct flowi *fl, return ret; } -static struct xfrm_policy *xfrm_policy_lookup_bytype(struct net *net, u8 type, - struct flowi *fl, +static struct xfrm_policy *xfrm_policy_lookup_bytype(u8 type, struct flowi *fl, u16 family, u8 dir) { int err; @@ -951,7 +968,7 @@ static struct xfrm_policy *xfrm_policy_lookup_bytype(struct net *net, u8 type, return NULL; read_lock_bh(&xfrm_policy_lock); - chain = policy_hash_direct(net, daddr, saddr, family, dir); + chain = policy_hash_direct(daddr, saddr, family, dir); ret = NULL; hlist_for_each_entry(pol, entry, chain, bydst) { err = xfrm_policy_match(pol, fl, type, family, dir); @@ -968,7 +985,7 @@ static struct xfrm_policy *xfrm_policy_lookup_bytype(struct net *net, u8 type, break; } } - chain = &net->xfrm.policy_inexact[dir]; + chain = &xfrm_policy_inexact[dir]; hlist_for_each_entry(pol, entry, chain, bydst) { err = xfrm_policy_match(pol, fl, type, family, dir); if (err) { @@ -991,14 +1008,14 @@ static struct xfrm_policy *xfrm_policy_lookup_bytype(struct net *net, u8 type, return ret; } -static int xfrm_policy_lookup(struct net *net, struct flowi *fl, u16 family, - u8 dir, void **objp, atomic_t **obj_refp) +static int xfrm_policy_lookup(struct flowi *fl, u16 family, u8 dir, + void **objp, atomic_t **obj_refp) { struct xfrm_policy *pol; int err = 0; #ifdef CONFIG_XFRM_SUB_POLICY - pol = xfrm_policy_lookup_bytype(net, XFRM_POLICY_TYPE_SUB, fl, family, dir); + pol = xfrm_policy_lookup_bytype(XFRM_POLICY_TYPE_SUB, fl, family, dir); if (IS_ERR(pol)) { err = PTR_ERR(pol); pol = NULL; @@ -1006,7 +1023,7 @@ static int xfrm_policy_lookup(struct net *net, struct flowi *fl, u16 family, if (pol || err) goto end; #endif - pol = xfrm_policy_lookup_bytype(net, XFRM_POLICY_TYPE_MAIN, fl, family, dir); + pol = xfrm_policy_lookup_bytype(XFRM_POLICY_TYPE_MAIN, fl, family, dir); if (IS_ERR(pol)) { err = PTR_ERR(pol); pol = NULL; @@ -1065,32 +1082,29 @@ static struct xfrm_policy *xfrm_sk_policy_lookup(struct sock *sk, int dir, struc static void __xfrm_policy_link(struct xfrm_policy *pol, int dir) { - struct net *net = xp_net(pol); - struct hlist_head *chain = policy_hash_bysel(net, &pol->selector, + struct hlist_head *chain = policy_hash_bysel(&pol->selector, pol->family, dir); - list_add(&pol->walk.all, &net->xfrm.policy_all); + list_add(&pol->walk.all, &xfrm_policy_all); hlist_add_head(&pol->bydst, chain); - hlist_add_head(&pol->byidx, net->xfrm.policy_byidx+idx_hash(net, pol->index)); - net->xfrm.policy_count[dir]++; + hlist_add_head(&pol->byidx, xfrm_policy_byidx+idx_hash(pol->index)); + xfrm_policy_count[dir]++; xfrm_pol_hold(pol); - if (xfrm_bydst_should_resize(net, dir, NULL)) - schedule_work(&net->xfrm.policy_hash_work); + if (xfrm_bydst_should_resize(dir, NULL)) + schedule_work(&xfrm_hash_work); } static struct xfrm_policy *__xfrm_policy_unlink(struct xfrm_policy *pol, int dir) { - struct net *net = xp_net(pol); - if (hlist_unhashed(&pol->bydst)) return NULL; hlist_del(&pol->bydst); hlist_del(&pol->byidx); list_del(&pol->walk.all); - net->xfrm.policy_count[dir]--; + xfrm_policy_count[dir]--; return pol; } @@ -1112,7 +1126,6 @@ EXPORT_SYMBOL(xfrm_policy_delete); int xfrm_sk_policy_insert(struct sock *sk, int dir, struct xfrm_policy *pol) { - struct net *net = xp_net(pol); struct xfrm_policy *old_pol; #ifdef CONFIG_XFRM_SUB_POLICY @@ -1125,7 +1138,7 @@ int xfrm_sk_policy_insert(struct sock *sk, int dir, struct xfrm_policy *pol) sk->sk_policy[dir] = pol; if (pol) { pol->curlft.add_time = get_seconds(); - pol->index = xfrm_gen_index(net, XFRM_POLICY_MAX+dir); + pol->index = xfrm_gen_index(XFRM_POLICY_MAX+dir); __xfrm_policy_link(pol, XFRM_POLICY_MAX+dir); } if (old_pol) @@ -1140,7 +1153,7 @@ int xfrm_sk_policy_insert(struct sock *sk, int dir, struct xfrm_policy *pol) static struct xfrm_policy *clone_policy(struct xfrm_policy *old, int dir) { - struct xfrm_policy *newp = xfrm_policy_alloc(xp_net(old), GFP_ATOMIC); + struct xfrm_policy *newp = xfrm_policy_alloc(GFP_ATOMIC); if (newp) { newp->selector = old->selector; @@ -1180,7 +1193,7 @@ int __xfrm_sk_clone_policy(struct sock *sk) } static int -xfrm_get_saddr(struct net *net, xfrm_address_t *local, xfrm_address_t *remote, +xfrm_get_saddr(xfrm_address_t *local, xfrm_address_t *remote, unsigned short family) { int err; @@ -1188,7 +1201,7 @@ xfrm_get_saddr(struct net *net, xfrm_address_t *local, xfrm_address_t *remote, if (unlikely(afinfo == NULL)) return -EINVAL; - err = afinfo->get_saddr(net, local, remote); + err = afinfo->get_saddr(local, remote); xfrm_policy_put_afinfo(afinfo); return err; } @@ -1200,7 +1213,6 @@ xfrm_tmpl_resolve_one(struct xfrm_policy *policy, struct flowi *fl, struct xfrm_state **xfrm, unsigned short family) { - struct net *net = xp_net(policy); int nx; int i, error; xfrm_address_t *daddr = xfrm_flowi_daddr(fl, family); @@ -1219,7 +1231,7 @@ xfrm_tmpl_resolve_one(struct xfrm_policy *policy, struct flowi *fl, local = &tmpl->saddr; family = tmpl->encap_family; if (xfrm_addr_any(local, family)) { - error = xfrm_get_saddr(net, &tmp, remote, family); + error = xfrm_get_saddr(&tmp, remote, family); if (error) goto fail; local = &tmp; @@ -1533,7 +1545,7 @@ static int stale_bundle(struct dst_entry *dst); * At the moment we eat a raw IP route. Mostly to speed up lookups * on interfaces with disabled IPsec. */ -int __xfrm_lookup(struct net *net, struct dst_entry **dst_p, struct flowi *fl, +int __xfrm_lookup(struct dst_entry **dst_p, struct flowi *fl, struct sock *sk, int flags) { struct xfrm_policy *policy; @@ -1563,7 +1575,7 @@ int __xfrm_lookup(struct net *net, struct dst_entry **dst_p, struct flowi *fl, policy = xfrm_sk_policy_lookup(sk, XFRM_POLICY_OUT, fl); err = PTR_ERR(policy); if (IS_ERR(policy)) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTPOLERROR); + XFRM_INC_STATS(LINUX_MIB_XFRMOUTPOLERROR); goto dropdst; } } @@ -1571,14 +1583,14 @@ int __xfrm_lookup(struct net *net, struct dst_entry **dst_p, struct flowi *fl, if (!policy) { /* To accelerate a bit... */ if ((dst_orig->flags & DST_NOXFRM) || - !net->xfrm.policy_count[XFRM_POLICY_OUT]) + !xfrm_policy_count[XFRM_POLICY_OUT]) goto nopol; - policy = flow_cache_lookup(net, fl, dst_orig->ops->family, + policy = flow_cache_lookup(fl, dst_orig->ops->family, dir, xfrm_policy_lookup); err = PTR_ERR(policy); if (IS_ERR(policy)) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTPOLERROR); + XFRM_INC_STATS(LINUX_MIB_XFRMOUTPOLERROR); goto dropdst; } } @@ -1601,7 +1613,7 @@ int __xfrm_lookup(struct net *net, struct dst_entry **dst_p, struct flowi *fl, default: case XFRM_POLICY_BLOCK: /* Prohibit the flow */ - XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTPOLBLOCK); + XFRM_INC_STATS(LINUX_MIB_XFRMOUTPOLBLOCK); err = -EPERM; goto error; @@ -1621,7 +1633,7 @@ int __xfrm_lookup(struct net *net, struct dst_entry **dst_p, struct flowi *fl, */ dst = xfrm_find_bundle(fl, policy, family); if (IS_ERR(dst)) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTBUNDLECHECKERROR); + XFRM_INC_STATS(LINUX_MIB_XFRMOUTBUNDLECHECKERROR); err = PTR_ERR(dst); goto error; } @@ -1631,18 +1643,17 @@ int __xfrm_lookup(struct net *net, struct dst_entry **dst_p, struct flowi *fl, #ifdef CONFIG_XFRM_SUB_POLICY if (pols[0]->type != XFRM_POLICY_TYPE_MAIN) { - pols[1] = xfrm_policy_lookup_bytype(net, - XFRM_POLICY_TYPE_MAIN, + pols[1] = xfrm_policy_lookup_bytype(XFRM_POLICY_TYPE_MAIN, fl, family, XFRM_POLICY_OUT); if (pols[1]) { if (IS_ERR(pols[1])) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTPOLERROR); + XFRM_INC_STATS(LINUX_MIB_XFRMOUTPOLERROR); err = PTR_ERR(pols[1]); goto error; } if (pols[1]->action == XFRM_POLICY_BLOCK) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTPOLBLOCK); + XFRM_INC_STATS(LINUX_MIB_XFRMOUTPOLBLOCK); err = -EPERM; goto error; } @@ -1669,27 +1680,27 @@ int __xfrm_lookup(struct net *net, struct dst_entry **dst_p, struct flowi *fl, if (unlikely(nx<0)) { err = nx; - if (err == -EAGAIN && net->xfrm.sysctl_larval_drop) { + if (err == -EAGAIN && sysctl_xfrm_larval_drop) { /* EREMOTE tells the caller to generate * a one-shot blackhole route. */ - XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTNOSTATES); + XFRM_INC_STATS(LINUX_MIB_XFRMOUTNOSTATES); xfrm_pol_put(policy); return -EREMOTE; } if (err == -EAGAIN && (flags & XFRM_LOOKUP_WAIT)) { DECLARE_WAITQUEUE(wait, current); - add_wait_queue(&net->xfrm.km_waitq, &wait); + add_wait_queue(&km_waitq, &wait); set_current_state(TASK_INTERRUPTIBLE); schedule(); set_current_state(TASK_RUNNING); - remove_wait_queue(&net->xfrm.km_waitq, &wait); + remove_wait_queue(&km_waitq, &wait); nx = xfrm_tmpl_resolve(pols, npols, fl, xfrm, family); if (nx == -EAGAIN && signal_pending(current)) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTNOSTATES); + XFRM_INC_STATS(LINUX_MIB_XFRMOUTNOSTATES); err = -ERESTART; goto error; } @@ -1701,7 +1712,7 @@ int __xfrm_lookup(struct net *net, struct dst_entry **dst_p, struct flowi *fl, err = nx; } if (err < 0) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTNOSTATES); + XFRM_INC_STATS(LINUX_MIB_XFRMOUTNOSTATES); goto error; } } @@ -1714,7 +1725,7 @@ int __xfrm_lookup(struct net *net, struct dst_entry **dst_p, struct flowi *fl, dst = xfrm_bundle_create(policy, xfrm, nx, fl, dst_orig); err = PTR_ERR(dst); if (IS_ERR(dst)) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTBUNDLEGENERROR); + XFRM_INC_STATS(LINUX_MIB_XFRMOUTBUNDLEGENERROR); goto error; } @@ -1735,9 +1746,9 @@ int __xfrm_lookup(struct net *net, struct dst_entry **dst_p, struct flowi *fl, dst_free(dst); if (pol_dead) - XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTPOLDEAD); + XFRM_INC_STATS(LINUX_MIB_XFRMOUTPOLDEAD); else - XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTBUNDLECHECKERROR); + XFRM_INC_STATS(LINUX_MIB_XFRMOUTBUNDLECHECKERROR); err = -EHOSTUNREACH; goto error; } @@ -1749,7 +1760,7 @@ int __xfrm_lookup(struct net *net, struct dst_entry **dst_p, struct flowi *fl, if (unlikely(err)) { write_unlock_bh(&policy->lock); dst_free(dst); - XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTBUNDLECHECKERROR); + XFRM_INC_STATS(LINUX_MIB_XFRMOUTBUNDLECHECKERROR); goto error; } @@ -1778,10 +1789,10 @@ int __xfrm_lookup(struct net *net, struct dst_entry **dst_p, struct flowi *fl, } EXPORT_SYMBOL(__xfrm_lookup); -int xfrm_lookup(struct net *net, struct dst_entry **dst_p, struct flowi *fl, +int xfrm_lookup(struct dst_entry **dst_p, struct flowi *fl, struct sock *sk, int flags) { - int err = __xfrm_lookup(net, dst_p, fl, sk, flags); + int err = __xfrm_lookup(dst_p, fl, sk, flags); if (err == -EREMOTE) { dst_release(*dst_p); @@ -1889,7 +1900,6 @@ static inline int secpath_has_nontransport(struct sec_path *sp, int k, int *idxp int __xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *skb, unsigned short family) { - struct net *net = dev_net(skb->dev); struct xfrm_policy *pol; struct xfrm_policy *pols[XFRM_POLICY_TYPE_MAX]; int npols = 0; @@ -1905,7 +1915,7 @@ int __xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *skb, fl_dir = policy_to_flow_dir(dir); if (__xfrm_decode_session(skb, &fl, family, reverse) < 0) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMINHDRERROR); + XFRM_INC_STATS(LINUX_MIB_XFRMINHDRERROR); return 0; } @@ -1918,7 +1928,7 @@ int __xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *skb, for (i=skb->sp->len-1; i>=0; i--) { struct xfrm_state *x = skb->sp->xvec[i]; if (!xfrm_selector_match(&x->sel, &fl, family)) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMINSTATEMISMATCH); + XFRM_INC_STATS(LINUX_MIB_XFRMINSTATEMISMATCH); return 0; } } @@ -1928,24 +1938,24 @@ int __xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *skb, if (sk && sk->sk_policy[dir]) { pol = xfrm_sk_policy_lookup(sk, dir, &fl); if (IS_ERR(pol)) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMINPOLERROR); + XFRM_INC_STATS(LINUX_MIB_XFRMINPOLERROR); return 0; } } if (!pol) - pol = flow_cache_lookup(net, &fl, family, fl_dir, + pol = flow_cache_lookup(&fl, family, fl_dir, xfrm_policy_lookup); if (IS_ERR(pol)) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMINPOLERROR); + XFRM_INC_STATS(LINUX_MIB_XFRMINPOLERROR); return 0; } if (!pol) { if (skb->sp && secpath_has_nontransport(skb->sp, 0, &xerr_idx)) { xfrm_secpath_reject(xerr_idx, skb, &fl); - XFRM_INC_STATS(net, LINUX_MIB_XFRMINNOPOLS); + XFRM_INC_STATS(LINUX_MIB_XFRMINNOPOLS); return 0; } return 1; @@ -1957,12 +1967,12 @@ int __xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *skb, npols ++; #ifdef CONFIG_XFRM_SUB_POLICY if (pols[0]->type != XFRM_POLICY_TYPE_MAIN) { - pols[1] = xfrm_policy_lookup_bytype(net, XFRM_POLICY_TYPE_MAIN, + pols[1] = xfrm_policy_lookup_bytype(XFRM_POLICY_TYPE_MAIN, &fl, family, XFRM_POLICY_IN); if (pols[1]) { if (IS_ERR(pols[1])) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMINPOLERROR); + XFRM_INC_STATS(LINUX_MIB_XFRMINPOLERROR); return 0; } pols[1]->curlft.use_time = get_seconds(); @@ -1986,11 +1996,11 @@ int __xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *skb, for (pi = 0; pi < npols; pi++) { if (pols[pi] != pol && pols[pi]->action != XFRM_POLICY_ALLOW) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMINPOLBLOCK); + XFRM_INC_STATS(LINUX_MIB_XFRMINPOLBLOCK); goto reject; } if (ti + pols[pi]->xfrm_nr >= XFRM_MAX_DEPTH) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMINBUFFERERROR); + XFRM_INC_STATS(LINUX_MIB_XFRMINBUFFERERROR); goto reject_error; } for (i = 0; i < pols[pi]->xfrm_nr; i++) @@ -2014,20 +2024,20 @@ int __xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *skb, if (k < -1) /* "-2 - errored_index" returned */ xerr_idx = -(2+k); - XFRM_INC_STATS(net, LINUX_MIB_XFRMINTMPLMISMATCH); + XFRM_INC_STATS(LINUX_MIB_XFRMINTMPLMISMATCH); goto reject; } } if (secpath_has_nontransport(sp, k, &xerr_idx)) { - XFRM_INC_STATS(net, LINUX_MIB_XFRMINTMPLMISMATCH); + XFRM_INC_STATS(LINUX_MIB_XFRMINTMPLMISMATCH); goto reject; } xfrm_pols_put(pols, npols); return 1; } - XFRM_INC_STATS(net, LINUX_MIB_XFRMINPOLBLOCK); + XFRM_INC_STATS(LINUX_MIB_XFRMINPOLBLOCK); reject: xfrm_secpath_reject(xerr_idx, skb, &fl); @@ -2039,16 +2049,15 @@ EXPORT_SYMBOL(__xfrm_policy_check); int __xfrm_route_forward(struct sk_buff *skb, unsigned short family) { - struct net *net = dev_net(skb->dev); struct flowi fl; if (xfrm_decode_session(skb, &fl, family) < 0) { /* XXX: we should have something like FWDHDRERROR here. */ - XFRM_INC_STATS(net, LINUX_MIB_XFRMINHDRERROR); + XFRM_INC_STATS(LINUX_MIB_XFRMINHDRERROR); return 0; } - return xfrm_lookup(net, &skb->dst, &fl, NULL, 0) == 0; + return xfrm_lookup(&skb->dst, &fl, NULL, 0) == 0; } EXPORT_SYMBOL(__xfrm_route_forward); @@ -2132,7 +2141,7 @@ static void prune_one_bundle(struct xfrm_policy *pol, int (*func)(struct dst_ent write_unlock(&pol->lock); } -static void xfrm_prune_bundles(struct net *net, int (*func)(struct dst_entry *)) +static void xfrm_prune_bundles(int (*func)(struct dst_entry *)) { struct dst_entry *gc_list = NULL; int dir; @@ -2145,11 +2154,11 @@ static void xfrm_prune_bundles(struct net *net, int (*func)(struct dst_entry *)) int i; hlist_for_each_entry(pol, entry, - &net->xfrm.policy_inexact[dir], bydst) + &xfrm_policy_inexact[dir], bydst) prune_one_bundle(pol, func, &gc_list); - table = net->xfrm.policy_bydst[dir].table; - for (i = net->xfrm.policy_bydst[dir].hmask; i >= 0; i--) { + table = xfrm_policy_bydst[dir].table; + for (i = xfrm_policy_bydst[dir].hmask; i >= 0; i--) { hlist_for_each_entry(pol, entry, table + i, bydst) prune_one_bundle(pol, func, &gc_list); } @@ -2168,14 +2177,14 @@ static int unused_bundle(struct dst_entry *dst) return !atomic_read(&dst->__refcnt); } -static void __xfrm_garbage_collect(struct net *net) +static void __xfrm_garbage_collect(void) { - xfrm_prune_bundles(net, unused_bundle); + xfrm_prune_bundles(unused_bundle); } -static int xfrm_flush_bundles(struct net *net) +static int xfrm_flush_bundles(void) { - xfrm_prune_bundles(net, stale_bundle); + xfrm_prune_bundles(stale_bundle); return 0; } @@ -2361,9 +2370,12 @@ static int xfrm_dev_event(struct notifier_block *this, unsigned long event, void { struct net_device *dev = ptr; + if (!net_eq(dev_net(dev), &init_net)) + return NOTIFY_DONE; + switch (event) { case NETDEV_DOWN: - xfrm_flush_bundles(dev_net(dev)); + xfrm_flush_bundles(); } return NOTIFY_DONE; } @@ -2373,42 +2385,21 @@ static struct notifier_block xfrm_dev_notifier = { }; #ifdef CONFIG_XFRM_STATISTICS -static int __net_init xfrm_statistics_init(struct net *net) +static int __init xfrm_statistics_init(void) { - int rv; - - if (snmp_mib_init((void **)net->mib.xfrm_statistics, + if (snmp_mib_init((void **)xfrm_statistics, sizeof(struct linux_xfrm_mib)) < 0) return -ENOMEM; - rv = xfrm_proc_init(net); - if (rv < 0) - snmp_mib_free((void **)net->mib.xfrm_statistics); - return rv; -} - -static void xfrm_statistics_fini(struct net *net) -{ - xfrm_proc_fini(net); - snmp_mib_free((void **)net->mib.xfrm_statistics); -} -#else -static int __net_init xfrm_statistics_init(struct net *net) -{ return 0; } - -static void xfrm_statistics_fini(struct net *net) -{ -} #endif -static int __net_init xfrm_policy_init(struct net *net) +static void __init xfrm_policy_init(void) { unsigned int hmask, sz; int dir; - if (net_eq(net, &init_net)) - xfrm_dst_cache = kmem_cache_create("xfrm_dst_cache", + xfrm_dst_cache = kmem_cache_create("xfrm_dst_cache", sizeof(struct xfrm_dst), 0, SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL); @@ -2416,124 +2407,39 @@ static int __net_init xfrm_policy_init(struct net *net) hmask = 8 - 1; sz = (hmask+1) * sizeof(struct hlist_head); - net->xfrm.policy_byidx = xfrm_hash_alloc(sz); - if (!net->xfrm.policy_byidx) - goto out_byidx; - net->xfrm.policy_idx_hmask = hmask; + xfrm_policy_byidx = xfrm_hash_alloc(sz); + xfrm_idx_hmask = hmask; + if (!xfrm_policy_byidx) + panic("XFRM: failed to allocate byidx hash\n"); for (dir = 0; dir < XFRM_POLICY_MAX * 2; dir++) { struct xfrm_policy_hash *htab; - net->xfrm.policy_count[dir] = 0; - INIT_HLIST_HEAD(&net->xfrm.policy_inexact[dir]); + INIT_HLIST_HEAD(&xfrm_policy_inexact[dir]); - htab = &net->xfrm.policy_bydst[dir]; + htab = &xfrm_policy_bydst[dir]; htab->table = xfrm_hash_alloc(sz); - if (!htab->table) - goto out_bydst; htab->hmask = hmask; + if (!htab->table) + panic("XFRM: failed to allocate bydst hash\n"); } - INIT_LIST_HEAD(&net->xfrm.policy_all); - INIT_WORK(&net->xfrm.policy_hash_work, xfrm_hash_resize); - if (net_eq(net, &init_net)) - register_netdevice_notifier(&xfrm_dev_notifier); - return 0; - -out_bydst: - for (dir--; dir >= 0; dir--) { - struct xfrm_policy_hash *htab; - - htab = &net->xfrm.policy_bydst[dir]; - xfrm_hash_free(htab->table, sz); - } - xfrm_hash_free(net->xfrm.policy_byidx, sz); -out_byidx: - return -ENOMEM; -} - -static void xfrm_policy_fini(struct net *net) -{ - struct xfrm_audit audit_info; - unsigned int sz; - int dir; - - flush_work(&net->xfrm.policy_hash_work); -#ifdef CONFIG_XFRM_SUB_POLICY - audit_info.loginuid = -1; - audit_info.sessionid = -1; - audit_info.secid = 0; - xfrm_policy_flush(net, XFRM_POLICY_TYPE_SUB, &audit_info); -#endif - audit_info.loginuid = -1; - audit_info.sessionid = -1; - audit_info.secid = 0; - xfrm_policy_flush(net, XFRM_POLICY_TYPE_MAIN, &audit_info); - flush_work(&xfrm_policy_gc_work); - - WARN_ON(!list_empty(&net->xfrm.policy_all)); - - for (dir = 0; dir < XFRM_POLICY_MAX * 2; dir++) { - struct xfrm_policy_hash *htab; - - WARN_ON(!hlist_empty(&net->xfrm.policy_inexact[dir])); - - htab = &net->xfrm.policy_bydst[dir]; - sz = (htab->hmask + 1); - WARN_ON(!hlist_empty(htab->table)); - xfrm_hash_free(htab->table, sz); - } - - sz = (net->xfrm.policy_idx_hmask + 1) * sizeof(struct hlist_head); - WARN_ON(!hlist_empty(net->xfrm.policy_byidx)); - xfrm_hash_free(net->xfrm.policy_byidx, sz); -} - -static int __net_init xfrm_net_init(struct net *net) -{ - int rv; - - rv = xfrm_statistics_init(net); - if (rv < 0) - goto out_statistics; - rv = xfrm_state_init(net); - if (rv < 0) - goto out_state; - rv = xfrm_policy_init(net); - if (rv < 0) - goto out_policy; - rv = xfrm_sysctl_init(net); - if (rv < 0) - goto out_sysctl; - return 0; - -out_sysctl: - xfrm_policy_fini(net); -out_policy: - xfrm_state_fini(net); -out_state: - xfrm_statistics_fini(net); -out_statistics: - return rv; -} - -static void __net_exit xfrm_net_exit(struct net *net) -{ - xfrm_sysctl_fini(net); - xfrm_policy_fini(net); - xfrm_state_fini(net); - xfrm_statistics_fini(net); + INIT_LIST_HEAD(&xfrm_policy_all); + INIT_WORK(&xfrm_policy_gc_work, xfrm_policy_gc_task); + register_netdevice_notifier(&xfrm_dev_notifier); } -static struct pernet_operations __net_initdata xfrm_net_ops = { - .init = xfrm_net_init, - .exit = xfrm_net_exit, -}; - void __init xfrm_init(void) { - register_pernet_subsys(&xfrm_net_ops); +#ifdef CONFIG_XFRM_STATISTICS + xfrm_statistics_init(); +#endif + xfrm_state_init(); + xfrm_policy_init(); xfrm_input_init(); +#ifdef CONFIG_XFRM_STATISTICS + xfrm_proc_init(); +#endif } #ifdef CONFIG_AUDITSYSCALL @@ -2633,7 +2539,7 @@ static struct xfrm_policy * xfrm_migrate_policy_find(struct xfrm_selector *sel, u32 priority = ~0U; read_lock_bh(&xfrm_policy_lock); - chain = policy_hash_direct(&init_net, &sel->daddr, &sel->saddr, sel->family, dir); + chain = policy_hash_direct(&sel->daddr, &sel->saddr, sel->family, dir); hlist_for_each_entry(pol, entry, chain, bydst) { if (xfrm_migrate_selector_match(sel, &pol->selector) && pol->type == type) { @@ -2642,7 +2548,7 @@ static struct xfrm_policy * xfrm_migrate_policy_find(struct xfrm_selector *sel, break; } } - chain = &init_net.xfrm.policy_inexact[dir]; + chain = &xfrm_policy_inexact[dir]; hlist_for_each_entry(pol, entry, chain, bydst) { if (xfrm_migrate_selector_match(sel, &pol->selector) && pol->type == type && diff --git a/trunk/net/xfrm/xfrm_proc.c b/trunk/net/xfrm/xfrm_proc.c index 284eaef1dbf2..2b0db13f0cda 100644 --- a/trunk/net/xfrm/xfrm_proc.c +++ b/trunk/net/xfrm/xfrm_proc.c @@ -59,18 +59,17 @@ fold_field(void *mib[], int offt) static int xfrm_statistics_seq_show(struct seq_file *seq, void *v) { - struct net *net = seq->private; int i; for (i=0; xfrm_mib_list[i].name; i++) seq_printf(seq, "%-24s\t%lu\n", xfrm_mib_list[i].name, - fold_field((void **)net->mib.xfrm_statistics, + fold_field((void **)xfrm_statistics, xfrm_mib_list[i].entry)); return 0; } static int xfrm_statistics_seq_open(struct inode *inode, struct file *file) { - return single_open_net(inode, file, xfrm_statistics_seq_show); + return single_open(file, xfrm_statistics_seq_show, NULL); } static struct file_operations xfrm_statistics_seq_fops = { @@ -78,18 +77,21 @@ static struct file_operations xfrm_statistics_seq_fops = { .open = xfrm_statistics_seq_open, .read = seq_read, .llseek = seq_lseek, - .release = single_release_net, + .release = single_release, }; -int __net_init xfrm_proc_init(struct net *net) +int __init xfrm_proc_init(void) { - if (!proc_net_fops_create(net, "xfrm_stat", S_IRUGO, + int rc = 0; + + if (!proc_net_fops_create(&init_net, "xfrm_stat", S_IRUGO, &xfrm_statistics_seq_fops)) - return -ENOMEM; - return 0; -} + goto stat_fail; -void xfrm_proc_fini(struct net *net) -{ - proc_net_remove(net, "xfrm_stat"); + out: + return rc; + + stat_fail: + rc = -ENOMEM; + goto out; } diff --git a/trunk/net/xfrm/xfrm_state.c b/trunk/net/xfrm/xfrm_state.c index 2fd57f8f77c1..cd9d9171ded7 100644 --- a/trunk/net/xfrm/xfrm_state.c +++ b/trunk/net/xfrm/xfrm_state.c @@ -24,6 +24,17 @@ #include "xfrm_hash.h" +struct sock *xfrm_nl; +EXPORT_SYMBOL(xfrm_nl); + +u32 sysctl_xfrm_aevent_etime __read_mostly = XFRM_AE_ETIME; +EXPORT_SYMBOL(sysctl_xfrm_aevent_etime); + +u32 sysctl_xfrm_aevent_rseqth __read_mostly = XFRM_AE_SEQT_SIZE; +EXPORT_SYMBOL(sysctl_xfrm_aevent_rseqth); + +u32 sysctl_xfrm_acq_expires __read_mostly = 30; + /* Each xfrm_state may be linked to two tables: 1. Hash table by (spi,daddr,ah/esp) to find SA by SPI. (input,ctl) @@ -33,7 +44,19 @@ static DEFINE_SPINLOCK(xfrm_state_lock); +/* Hash table to find appropriate SA towards given target (endpoint + * of tunnel or destination of transport mode) allowed by selector. + * + * Main use is finding SA after policy selected tunnel or transport mode. + * Also, it can be used by ah/esp icmp error handler to find offending SA. + */ +static LIST_HEAD(xfrm_state_all); +static struct hlist_head *xfrm_state_bydst __read_mostly; +static struct hlist_head *xfrm_state_bysrc __read_mostly; +static struct hlist_head *xfrm_state_byspi __read_mostly; +static unsigned int xfrm_state_hmask __read_mostly; static unsigned int xfrm_state_hashmax __read_mostly = 1 * 1024 * 1024; +static unsigned int xfrm_state_num; static unsigned int xfrm_state_genid; static struct xfrm_state_afinfo *xfrm_state_get_afinfo(unsigned int family); @@ -46,27 +69,25 @@ static void xfrm_audit_state_replay(struct xfrm_state *x, #define xfrm_audit_state_replay(x, s, sq) do { ; } while (0) #endif /* CONFIG_AUDITSYSCALL */ -static inline unsigned int xfrm_dst_hash(struct net *net, - xfrm_address_t *daddr, +static inline unsigned int xfrm_dst_hash(xfrm_address_t *daddr, xfrm_address_t *saddr, u32 reqid, unsigned short family) { - return __xfrm_dst_hash(daddr, saddr, reqid, family, net->xfrm.state_hmask); + return __xfrm_dst_hash(daddr, saddr, reqid, family, xfrm_state_hmask); } -static inline unsigned int xfrm_src_hash(struct net *net, - xfrm_address_t *daddr, +static inline unsigned int xfrm_src_hash(xfrm_address_t *daddr, xfrm_address_t *saddr, unsigned short family) { - return __xfrm_src_hash(daddr, saddr, family, net->xfrm.state_hmask); + return __xfrm_src_hash(daddr, saddr, family, xfrm_state_hmask); } static inline unsigned int -xfrm_spi_hash(struct net *net, xfrm_address_t *daddr, __be32 spi, u8 proto, unsigned short family) +xfrm_spi_hash(xfrm_address_t *daddr, __be32 spi, u8 proto, unsigned short family) { - return __xfrm_spi_hash(daddr, spi, proto, family, net->xfrm.state_hmask); + return __xfrm_spi_hash(daddr, spi, proto, family, xfrm_state_hmask); } static void xfrm_hash_transfer(struct hlist_head *list, @@ -100,16 +121,16 @@ static void xfrm_hash_transfer(struct hlist_head *list, } } -static unsigned long xfrm_hash_new_size(unsigned int state_hmask) +static unsigned long xfrm_hash_new_size(void) { - return ((state_hmask + 1) << 1) * sizeof(struct hlist_head); + return ((xfrm_state_hmask + 1) << 1) * + sizeof(struct hlist_head); } static DEFINE_MUTEX(hash_resize_mutex); -static void xfrm_hash_resize(struct work_struct *work) +static void xfrm_hash_resize(struct work_struct *__unused) { - struct net *net = container_of(work, struct net, xfrm.state_hash_work); struct hlist_head *ndst, *nsrc, *nspi, *odst, *osrc, *ospi; unsigned long nsize, osize; unsigned int nhashmask, ohashmask; @@ -117,7 +138,7 @@ static void xfrm_hash_resize(struct work_struct *work) mutex_lock(&hash_resize_mutex); - nsize = xfrm_hash_new_size(net->xfrm.state_hmask); + nsize = xfrm_hash_new_size(); ndst = xfrm_hash_alloc(nsize); if (!ndst) goto out_unlock; @@ -136,19 +157,19 @@ static void xfrm_hash_resize(struct work_struct *work) spin_lock_bh(&xfrm_state_lock); nhashmask = (nsize / sizeof(struct hlist_head)) - 1U; - for (i = net->xfrm.state_hmask; i >= 0; i--) - xfrm_hash_transfer(net->xfrm.state_bydst+i, ndst, nsrc, nspi, + for (i = xfrm_state_hmask; i >= 0; i--) + xfrm_hash_transfer(xfrm_state_bydst+i, ndst, nsrc, nspi, nhashmask); - odst = net->xfrm.state_bydst; - osrc = net->xfrm.state_bysrc; - ospi = net->xfrm.state_byspi; - ohashmask = net->xfrm.state_hmask; + odst = xfrm_state_bydst; + osrc = xfrm_state_bysrc; + ospi = xfrm_state_byspi; + ohashmask = xfrm_state_hmask; - net->xfrm.state_bydst = ndst; - net->xfrm.state_bysrc = nsrc; - net->xfrm.state_byspi = nspi; - net->xfrm.state_hmask = nhashmask; + xfrm_state_bydst = ndst; + xfrm_state_bysrc = nsrc; + xfrm_state_byspi = nspi; + xfrm_state_hmask = nhashmask; spin_unlock_bh(&xfrm_state_lock); @@ -161,9 +182,16 @@ static void xfrm_hash_resize(struct work_struct *work) mutex_unlock(&hash_resize_mutex); } +static DECLARE_WORK(xfrm_hash_work, xfrm_hash_resize); + +DECLARE_WAIT_QUEUE_HEAD(km_waitq); +EXPORT_SYMBOL(km_waitq); + static DEFINE_RWLOCK(xfrm_state_afinfo_lock); static struct xfrm_state_afinfo *xfrm_state_afinfo[NPROTO]; +static struct work_struct xfrm_state_gc_work; +static HLIST_HEAD(xfrm_state_gc_list); static DEFINE_SPINLOCK(xfrm_state_gc_lock); int __xfrm_state_delete(struct xfrm_state *x); @@ -373,21 +401,20 @@ static void xfrm_state_gc_destroy(struct xfrm_state *x) kfree(x); } -static void xfrm_state_gc_task(struct work_struct *work) +static void xfrm_state_gc_task(struct work_struct *data) { - struct net *net = container_of(work, struct net, xfrm.state_gc_work); struct xfrm_state *x; struct hlist_node *entry, *tmp; struct hlist_head gc_list; spin_lock_bh(&xfrm_state_gc_lock); - hlist_move_list(&net->xfrm.state_gc_list, &gc_list); + hlist_move_list(&xfrm_state_gc_list, &gc_list); spin_unlock_bh(&xfrm_state_gc_lock); hlist_for_each_entry_safe(x, entry, tmp, &gc_list, gclist) xfrm_state_gc_destroy(x); - wake_up(&net->xfrm.km_waitq); + wake_up(&km_waitq); } static inline unsigned long make_jiffies(long secs) @@ -401,7 +428,6 @@ static inline unsigned long make_jiffies(long secs) static void xfrm_timer_handler(unsigned long data) { struct xfrm_state *x = (struct xfrm_state*)data; - struct net *net = xs_net(x); unsigned long now = get_seconds(); long next = LONG_MAX; int warn = 0; @@ -459,7 +485,7 @@ static void xfrm_timer_handler(unsigned long data) expired: if (x->km.state == XFRM_STATE_ACQ && x->id.spi == 0) { x->km.state = XFRM_STATE_EXPIRED; - wake_up(&net->xfrm.km_waitq); + wake_up(&km_waitq); next = 2; goto resched; } @@ -478,14 +504,13 @@ static void xfrm_timer_handler(unsigned long data) static void xfrm_replay_timer_handler(unsigned long data); -struct xfrm_state *xfrm_state_alloc(struct net *net) +struct xfrm_state *xfrm_state_alloc(void) { struct xfrm_state *x; x = kzalloc(sizeof(struct xfrm_state), GFP_ATOMIC); if (x) { - write_pnet(&x->xs_net, net); atomic_set(&x->refcnt, 1); atomic_set(&x->tunnel_users, 0); INIT_LIST_HEAD(&x->km.all); @@ -512,20 +537,17 @@ EXPORT_SYMBOL(xfrm_state_alloc); void __xfrm_state_destroy(struct xfrm_state *x) { - struct net *net = xs_net(x); - WARN_ON(x->km.state != XFRM_STATE_DEAD); spin_lock_bh(&xfrm_state_gc_lock); - hlist_add_head(&x->gclist, &net->xfrm.state_gc_list); + hlist_add_head(&x->gclist, &xfrm_state_gc_list); spin_unlock_bh(&xfrm_state_gc_lock); - schedule_work(&net->xfrm.state_gc_work); + schedule_work(&xfrm_state_gc_work); } EXPORT_SYMBOL(__xfrm_state_destroy); int __xfrm_state_delete(struct xfrm_state *x) { - struct net *net = xs_net(x); int err = -ESRCH; if (x->km.state != XFRM_STATE_DEAD) { @@ -536,7 +558,7 @@ int __xfrm_state_delete(struct xfrm_state *x) hlist_del(&x->bysrc); if (x->id.spi) hlist_del(&x->byspi); - net->xfrm.state_num--; + xfrm_state_num--; spin_unlock(&xfrm_state_lock); /* All xfrm_state objects are created by xfrm_state_alloc. @@ -565,15 +587,15 @@ EXPORT_SYMBOL(xfrm_state_delete); #ifdef CONFIG_SECURITY_NETWORK_XFRM static inline int -xfrm_state_flush_secctx_check(struct net *net, u8 proto, struct xfrm_audit *audit_info) +xfrm_state_flush_secctx_check(u8 proto, struct xfrm_audit *audit_info) { int i, err = 0; - for (i = 0; i <= net->xfrm.state_hmask; i++) { + for (i = 0; i <= xfrm_state_hmask; i++) { struct hlist_node *entry; struct xfrm_state *x; - hlist_for_each_entry(x, entry, net->xfrm.state_bydst+i, bydst) { + hlist_for_each_entry(x, entry, xfrm_state_bydst+i, bydst) { if (xfrm_id_proto_match(x->id.proto, proto) && (err = security_xfrm_state_delete(x)) != 0) { xfrm_audit_state_delete(x, 0, @@ -589,26 +611,26 @@ xfrm_state_flush_secctx_check(struct net *net, u8 proto, struct xfrm_audit *audi } #else static inline int -xfrm_state_flush_secctx_check(struct net *net, u8 proto, struct xfrm_audit *audit_info) +xfrm_state_flush_secctx_check(u8 proto, struct xfrm_audit *audit_info) { return 0; } #endif -int xfrm_state_flush(struct net *net, u8 proto, struct xfrm_audit *audit_info) +int xfrm_state_flush(u8 proto, struct xfrm_audit *audit_info) { int i, err = 0; spin_lock_bh(&xfrm_state_lock); - err = xfrm_state_flush_secctx_check(net, proto, audit_info); + err = xfrm_state_flush_secctx_check(proto, audit_info); if (err) goto out; - for (i = 0; i <= net->xfrm.state_hmask; i++) { + for (i = 0; i <= xfrm_state_hmask; i++) { struct hlist_node *entry; struct xfrm_state *x; restart: - hlist_for_each_entry(x, entry, net->xfrm.state_bydst+i, bydst) { + hlist_for_each_entry(x, entry, xfrm_state_bydst+i, bydst) { if (!xfrm_state_kern(x) && xfrm_id_proto_match(x->id.proto, proto)) { xfrm_state_hold(x); @@ -630,7 +652,7 @@ int xfrm_state_flush(struct net *net, u8 proto, struct xfrm_audit *audit_info) out: spin_unlock_bh(&xfrm_state_lock); - wake_up(&net->xfrm.km_waitq); + wake_up(&km_waitq); return err; } EXPORT_SYMBOL(xfrm_state_flush); @@ -638,8 +660,8 @@ EXPORT_SYMBOL(xfrm_state_flush); void xfrm_sad_getinfo(struct xfrmk_sadinfo *si) { spin_lock_bh(&xfrm_state_lock); - si->sadcnt = init_net.xfrm.state_num; - si->sadhcnt = init_net.xfrm.state_hmask; + si->sadcnt = xfrm_state_num; + si->sadhcnt = xfrm_state_hmask; si->sadhmcnt = xfrm_state_hashmax; spin_unlock_bh(&xfrm_state_lock); } @@ -659,13 +681,13 @@ xfrm_init_tempsel(struct xfrm_state *x, struct flowi *fl, return 0; } -static struct xfrm_state *__xfrm_state_lookup(struct net *net, xfrm_address_t *daddr, __be32 spi, u8 proto, unsigned short family) +static struct xfrm_state *__xfrm_state_lookup(xfrm_address_t *daddr, __be32 spi, u8 proto, unsigned short family) { - unsigned int h = xfrm_spi_hash(net, daddr, spi, proto, family); + unsigned int h = xfrm_spi_hash(daddr, spi, proto, family); struct xfrm_state *x; struct hlist_node *entry; - hlist_for_each_entry(x, entry, net->xfrm.state_byspi+h, byspi) { + hlist_for_each_entry(x, entry, xfrm_state_byspi+h, byspi) { if (x->props.family != family || x->id.spi != spi || x->id.proto != proto) @@ -691,13 +713,13 @@ static struct xfrm_state *__xfrm_state_lookup(struct net *net, xfrm_address_t *d return NULL; } -static struct xfrm_state *__xfrm_state_lookup_byaddr(struct net *net, xfrm_address_t *daddr, xfrm_address_t *saddr, u8 proto, unsigned short family) +static struct xfrm_state *__xfrm_state_lookup_byaddr(xfrm_address_t *daddr, xfrm_address_t *saddr, u8 proto, unsigned short family) { - unsigned int h = xfrm_src_hash(net, daddr, saddr, family); + unsigned int h = xfrm_src_hash(daddr, saddr, family); struct xfrm_state *x; struct hlist_node *entry; - hlist_for_each_entry(x, entry, net->xfrm.state_bysrc+h, bysrc) { + hlist_for_each_entry(x, entry, xfrm_state_bysrc+h, bysrc) { if (x->props.family != family || x->id.proto != proto) continue; @@ -729,23 +751,21 @@ static struct xfrm_state *__xfrm_state_lookup_byaddr(struct net *net, xfrm_addre static inline struct xfrm_state * __xfrm_state_locate(struct xfrm_state *x, int use_spi, int family) { - struct net *net = xs_net(x); - if (use_spi) - return __xfrm_state_lookup(net, &x->id.daddr, x->id.spi, + return __xfrm_state_lookup(&x->id.daddr, x->id.spi, x->id.proto, family); else - return __xfrm_state_lookup_byaddr(net, &x->id.daddr, + return __xfrm_state_lookup_byaddr(&x->id.daddr, &x->props.saddr, x->id.proto, family); } -static void xfrm_hash_grow_check(struct net *net, int have_hash_collision) +static void xfrm_hash_grow_check(int have_hash_collision) { if (have_hash_collision && - (net->xfrm.state_hmask + 1) < xfrm_state_hashmax && - net->xfrm.state_num > net->xfrm.state_hmask) - schedule_work(&net->xfrm.state_hash_work); + (xfrm_state_hmask + 1) < xfrm_state_hashmax && + xfrm_state_num > xfrm_state_hmask) + schedule_work(&xfrm_hash_work); } struct xfrm_state * @@ -754,7 +774,6 @@ xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr, struct xfrm_policy *pol, int *err, unsigned short family) { - struct net *net = xp_net(pol); unsigned int h; struct hlist_node *entry; struct xfrm_state *x, *x0, *to_put; @@ -765,8 +784,8 @@ xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr, to_put = NULL; spin_lock_bh(&xfrm_state_lock); - h = xfrm_dst_hash(net, daddr, saddr, tmpl->reqid, family); - hlist_for_each_entry(x, entry, net->xfrm.state_bydst+h, bydst) { + h = xfrm_dst_hash(daddr, saddr, tmpl->reqid, family); + hlist_for_each_entry(x, entry, xfrm_state_bydst+h, bydst) { if (x->props.family == family && x->props.reqid == tmpl->reqid && !(x->props.flags & XFRM_STATE_WILDRECV) && @@ -810,13 +829,13 @@ xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr, x = best; if (!x && !error && !acquire_in_progress) { if (tmpl->id.spi && - (x0 = __xfrm_state_lookup(net, daddr, tmpl->id.spi, + (x0 = __xfrm_state_lookup(daddr, tmpl->id.spi, tmpl->id.proto, family)) != NULL) { to_put = x0; error = -EEXIST; goto out; } - x = xfrm_state_alloc(net); + x = xfrm_state_alloc(); if (x == NULL) { error = -ENOMEM; goto out; @@ -835,19 +854,19 @@ xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr, if (km_query(x, tmpl, pol) == 0) { x->km.state = XFRM_STATE_ACQ; - list_add(&x->km.all, &net->xfrm.state_all); - hlist_add_head(&x->bydst, net->xfrm.state_bydst+h); - h = xfrm_src_hash(net, daddr, saddr, family); - hlist_add_head(&x->bysrc, net->xfrm.state_bysrc+h); + list_add(&x->km.all, &xfrm_state_all); + hlist_add_head(&x->bydst, xfrm_state_bydst+h); + h = xfrm_src_hash(daddr, saddr, family); + hlist_add_head(&x->bysrc, xfrm_state_bysrc+h); if (x->id.spi) { - h = xfrm_spi_hash(net, &x->id.daddr, x->id.spi, x->id.proto, family); - hlist_add_head(&x->byspi, net->xfrm.state_byspi+h); + h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, family); + hlist_add_head(&x->byspi, xfrm_state_byspi+h); } - x->lft.hard_add_expires_seconds = net->xfrm.sysctl_acq_expires; - x->timer.expires = jiffies + net->xfrm.sysctl_acq_expires*HZ; + x->lft.hard_add_expires_seconds = sysctl_xfrm_acq_expires; + x->timer.expires = jiffies + sysctl_xfrm_acq_expires*HZ; add_timer(&x->timer); - net->xfrm.state_num++; - xfrm_hash_grow_check(net, x->bydst.next != NULL); + xfrm_state_num++; + xfrm_hash_grow_check(x->bydst.next != NULL); } else { x->km.state = XFRM_STATE_DEAD; to_put = x; @@ -867,8 +886,7 @@ xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr, } struct xfrm_state * -xfrm_stateonly_find(struct net *net, - xfrm_address_t *daddr, xfrm_address_t *saddr, +xfrm_stateonly_find(xfrm_address_t *daddr, xfrm_address_t *saddr, unsigned short family, u8 mode, u8 proto, u32 reqid) { unsigned int h; @@ -876,8 +894,8 @@ xfrm_stateonly_find(struct net *net, struct hlist_node *entry; spin_lock(&xfrm_state_lock); - h = xfrm_dst_hash(net, daddr, saddr, reqid, family); - hlist_for_each_entry(x, entry, net->xfrm.state_bydst+h, bydst) { + h = xfrm_dst_hash(daddr, saddr, reqid, family); + hlist_for_each_entry(x, entry, xfrm_state_bydst+h, bydst) { if (x->props.family == family && x->props.reqid == reqid && !(x->props.flags & XFRM_STATE_WILDRECV) && @@ -901,50 +919,48 @@ EXPORT_SYMBOL(xfrm_stateonly_find); static void __xfrm_state_insert(struct xfrm_state *x) { - struct net *net = xs_net(x); unsigned int h; x->genid = ++xfrm_state_genid; - list_add(&x->km.all, &net->xfrm.state_all); + list_add(&x->km.all, &xfrm_state_all); - h = xfrm_dst_hash(net, &x->id.daddr, &x->props.saddr, + h = xfrm_dst_hash(&x->id.daddr, &x->props.saddr, x->props.reqid, x->props.family); - hlist_add_head(&x->bydst, net->xfrm.state_bydst+h); + hlist_add_head(&x->bydst, xfrm_state_bydst+h); - h = xfrm_src_hash(net, &x->id.daddr, &x->props.saddr, x->props.family); - hlist_add_head(&x->bysrc, net->xfrm.state_bysrc+h); + h = xfrm_src_hash(&x->id.daddr, &x->props.saddr, x->props.family); + hlist_add_head(&x->bysrc, xfrm_state_bysrc+h); if (x->id.spi) { - h = xfrm_spi_hash(net, &x->id.daddr, x->id.spi, x->id.proto, + h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, x->props.family); - hlist_add_head(&x->byspi, net->xfrm.state_byspi+h); + hlist_add_head(&x->byspi, xfrm_state_byspi+h); } mod_timer(&x->timer, jiffies + HZ); if (x->replay_maxage) mod_timer(&x->rtimer, jiffies + x->replay_maxage); - wake_up(&net->xfrm.km_waitq); + wake_up(&km_waitq); - net->xfrm.state_num++; + xfrm_state_num++; - xfrm_hash_grow_check(net, x->bydst.next != NULL); + xfrm_hash_grow_check(x->bydst.next != NULL); } /* xfrm_state_lock is held */ static void __xfrm_state_bump_genids(struct xfrm_state *xnew) { - struct net *net = xs_net(xnew); unsigned short family = xnew->props.family; u32 reqid = xnew->props.reqid; struct xfrm_state *x; struct hlist_node *entry; unsigned int h; - h = xfrm_dst_hash(net, &xnew->id.daddr, &xnew->props.saddr, reqid, family); - hlist_for_each_entry(x, entry, net->xfrm.state_bydst+h, bydst) { + h = xfrm_dst_hash(&xnew->id.daddr, &xnew->props.saddr, reqid, family); + hlist_for_each_entry(x, entry, xfrm_state_bydst+h, bydst) { if (x->props.family == family && x->props.reqid == reqid && !xfrm_addr_cmp(&x->id.daddr, &xnew->id.daddr, family) && @@ -963,13 +979,13 @@ void xfrm_state_insert(struct xfrm_state *x) EXPORT_SYMBOL(xfrm_state_insert); /* xfrm_state_lock is held */ -static struct xfrm_state *__find_acq_core(struct net *net, unsigned short family, u8 mode, u32 reqid, u8 proto, xfrm_address_t *daddr, xfrm_address_t *saddr, int create) +static struct xfrm_state *__find_acq_core(unsigned short family, u8 mode, u32 reqid, u8 proto, xfrm_address_t *daddr, xfrm_address_t *saddr, int create) { - unsigned int h = xfrm_dst_hash(net, daddr, saddr, reqid, family); + unsigned int h = xfrm_dst_hash(daddr, saddr, reqid, family); struct hlist_node *entry; struct xfrm_state *x; - hlist_for_each_entry(x, entry, net->xfrm.state_bydst+h, bydst) { + hlist_for_each_entry(x, entry, xfrm_state_bydst+h, bydst) { if (x->props.reqid != reqid || x->props.mode != mode || x->props.family != family || @@ -1001,7 +1017,7 @@ static struct xfrm_state *__find_acq_core(struct net *net, unsigned short family if (!create) return NULL; - x = xfrm_state_alloc(net); + x = xfrm_state_alloc(); if (likely(x)) { switch (family) { case AF_INET: @@ -1032,28 +1048,27 @@ static struct xfrm_state *__find_acq_core(struct net *net, unsigned short family x->props.family = family; x->props.mode = mode; x->props.reqid = reqid; - x->lft.hard_add_expires_seconds = net->xfrm.sysctl_acq_expires; + x->lft.hard_add_expires_seconds = sysctl_xfrm_acq_expires; xfrm_state_hold(x); - x->timer.expires = jiffies + net->xfrm.sysctl_acq_expires*HZ; + x->timer.expires = jiffies + sysctl_xfrm_acq_expires*HZ; add_timer(&x->timer); - list_add(&x->km.all, &net->xfrm.state_all); - hlist_add_head(&x->bydst, net->xfrm.state_bydst+h); - h = xfrm_src_hash(net, daddr, saddr, family); - hlist_add_head(&x->bysrc, net->xfrm.state_bysrc+h); + list_add(&x->km.all, &xfrm_state_all); + hlist_add_head(&x->bydst, xfrm_state_bydst+h); + h = xfrm_src_hash(daddr, saddr, family); + hlist_add_head(&x->bysrc, xfrm_state_bysrc+h); - net->xfrm.state_num++; + xfrm_state_num++; - xfrm_hash_grow_check(net, x->bydst.next != NULL); + xfrm_hash_grow_check(x->bydst.next != NULL); } return x; } -static struct xfrm_state *__xfrm_find_acq_byseq(struct net *net, u32 seq); +static struct xfrm_state *__xfrm_find_acq_byseq(u32 seq); int xfrm_state_add(struct xfrm_state *x) { - struct net *net = xs_net(x); struct xfrm_state *x1, *to_put; int family; int err; @@ -1074,7 +1089,7 @@ int xfrm_state_add(struct xfrm_state *x) } if (use_spi && x->km.seq) { - x1 = __xfrm_find_acq_byseq(net, x->km.seq); + x1 = __xfrm_find_acq_byseq(x->km.seq); if (x1 && ((x1->id.proto != x->id.proto) || xfrm_addr_cmp(&x1->id.daddr, &x->id.daddr, family))) { to_put = x1; @@ -1083,7 +1098,7 @@ int xfrm_state_add(struct xfrm_state *x) } if (use_spi && !x1) - x1 = __find_acq_core(net, family, x->props.mode, x->props.reqid, + x1 = __find_acq_core(family, x->props.mode, x->props.reqid, x->id.proto, &x->id.daddr, &x->props.saddr, 0); @@ -1109,9 +1124,8 @@ EXPORT_SYMBOL(xfrm_state_add); #ifdef CONFIG_XFRM_MIGRATE static struct xfrm_state *xfrm_state_clone(struct xfrm_state *orig, int *errp) { - struct net *net = xs_net(orig); int err = -ENOMEM; - struct xfrm_state *x = xfrm_state_alloc(net); + struct xfrm_state *x = xfrm_state_alloc(); if (!x) goto error; @@ -1192,9 +1206,9 @@ struct xfrm_state * xfrm_migrate_state_find(struct xfrm_migrate *m) struct hlist_node *entry; if (m->reqid) { - h = xfrm_dst_hash(&init_net, &m->old_daddr, &m->old_saddr, + h = xfrm_dst_hash(&m->old_daddr, &m->old_saddr, m->reqid, m->old_family); - hlist_for_each_entry(x, entry, init_net.xfrm.state_bydst+h, bydst) { + hlist_for_each_entry(x, entry, xfrm_state_bydst+h, bydst) { if (x->props.mode != m->mode || x->id.proto != m->proto) continue; @@ -1209,9 +1223,9 @@ struct xfrm_state * xfrm_migrate_state_find(struct xfrm_migrate *m) return x; } } else { - h = xfrm_src_hash(&init_net, &m->old_daddr, &m->old_saddr, + h = xfrm_src_hash(&m->old_daddr, &m->old_saddr, m->old_family); - hlist_for_each_entry(x, entry, init_net.xfrm.state_bysrc+h, bysrc) { + hlist_for_each_entry(x, entry, xfrm_state_bysrc+h, bysrc) { if (x->props.mode != m->mode || x->id.proto != m->proto) continue; @@ -1355,41 +1369,40 @@ int xfrm_state_check_expire(struct xfrm_state *x) EXPORT_SYMBOL(xfrm_state_check_expire); struct xfrm_state * -xfrm_state_lookup(struct net *net, xfrm_address_t *daddr, __be32 spi, u8 proto, +xfrm_state_lookup(xfrm_address_t *daddr, __be32 spi, u8 proto, unsigned short family) { struct xfrm_state *x; spin_lock_bh(&xfrm_state_lock); - x = __xfrm_state_lookup(net, daddr, spi, proto, family); + x = __xfrm_state_lookup(daddr, spi, proto, family); spin_unlock_bh(&xfrm_state_lock); return x; } EXPORT_SYMBOL(xfrm_state_lookup); struct xfrm_state * -xfrm_state_lookup_byaddr(struct net *net, - xfrm_address_t *daddr, xfrm_address_t *saddr, +xfrm_state_lookup_byaddr(xfrm_address_t *daddr, xfrm_address_t *saddr, u8 proto, unsigned short family) { struct xfrm_state *x; spin_lock_bh(&xfrm_state_lock); - x = __xfrm_state_lookup_byaddr(net, daddr, saddr, proto, family); + x = __xfrm_state_lookup_byaddr(daddr, saddr, proto, family); spin_unlock_bh(&xfrm_state_lock); return x; } EXPORT_SYMBOL(xfrm_state_lookup_byaddr); struct xfrm_state * -xfrm_find_acq(struct net *net, u8 mode, u32 reqid, u8 proto, +xfrm_find_acq(u8 mode, u32 reqid, u8 proto, xfrm_address_t *daddr, xfrm_address_t *saddr, int create, unsigned short family) { struct xfrm_state *x; spin_lock_bh(&xfrm_state_lock); - x = __find_acq_core(net, family, mode, reqid, proto, daddr, saddr, create); + x = __find_acq_core(family, mode, reqid, proto, daddr, saddr, create); spin_unlock_bh(&xfrm_state_lock); return x; @@ -1436,15 +1449,15 @@ EXPORT_SYMBOL(xfrm_state_sort); /* Silly enough, but I'm lazy to build resolution list */ -static struct xfrm_state *__xfrm_find_acq_byseq(struct net *net, u32 seq) +static struct xfrm_state *__xfrm_find_acq_byseq(u32 seq) { int i; - for (i = 0; i <= net->xfrm.state_hmask; i++) { + for (i = 0; i <= xfrm_state_hmask; i++) { struct hlist_node *entry; struct xfrm_state *x; - hlist_for_each_entry(x, entry, net->xfrm.state_bydst+i, bydst) { + hlist_for_each_entry(x, entry, xfrm_state_bydst+i, bydst) { if (x->km.seq == seq && x->km.state == XFRM_STATE_ACQ) { xfrm_state_hold(x); @@ -1455,12 +1468,12 @@ static struct xfrm_state *__xfrm_find_acq_byseq(struct net *net, u32 seq) return NULL; } -struct xfrm_state *xfrm_find_acq_byseq(struct net *net, u32 seq) +struct xfrm_state *xfrm_find_acq_byseq(u32 seq) { struct xfrm_state *x; spin_lock_bh(&xfrm_state_lock); - x = __xfrm_find_acq_byseq(net, seq); + x = __xfrm_find_acq_byseq(seq); spin_unlock_bh(&xfrm_state_lock); return x; } @@ -1481,7 +1494,6 @@ EXPORT_SYMBOL(xfrm_get_acqseq); int xfrm_alloc_spi(struct xfrm_state *x, u32 low, u32 high) { - struct net *net = xs_net(x); unsigned int h; struct xfrm_state *x0; int err = -ENOENT; @@ -1499,7 +1511,7 @@ int xfrm_alloc_spi(struct xfrm_state *x, u32 low, u32 high) err = -ENOENT; if (minspi == maxspi) { - x0 = xfrm_state_lookup(net, &x->id.daddr, minspi, x->id.proto, x->props.family); + x0 = xfrm_state_lookup(&x->id.daddr, minspi, x->id.proto, x->props.family); if (x0) { xfrm_state_put(x0); goto unlock; @@ -1509,7 +1521,7 @@ int xfrm_alloc_spi(struct xfrm_state *x, u32 low, u32 high) u32 spi = 0; for (h=0; hid.daddr, htonl(spi), x->id.proto, x->props.family); + x0 = xfrm_state_lookup(&x->id.daddr, htonl(spi), x->id.proto, x->props.family); if (x0 == NULL) { x->id.spi = htonl(spi); break; @@ -1519,8 +1531,8 @@ int xfrm_alloc_spi(struct xfrm_state *x, u32 low, u32 high) } if (x->id.spi) { spin_lock_bh(&xfrm_state_lock); - h = xfrm_spi_hash(net, &x->id.daddr, x->id.spi, x->id.proto, x->props.family); - hlist_add_head(&x->byspi, net->xfrm.state_byspi+h); + h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, x->props.family); + hlist_add_head(&x->byspi, xfrm_state_byspi+h); spin_unlock_bh(&xfrm_state_lock); err = 0; @@ -1533,7 +1545,7 @@ int xfrm_alloc_spi(struct xfrm_state *x, u32 low, u32 high) } EXPORT_SYMBOL(xfrm_alloc_spi); -int xfrm_state_walk(struct net *net, struct xfrm_state_walk *walk, +int xfrm_state_walk(struct xfrm_state_walk *walk, int (*func)(struct xfrm_state *, int, void*), void *data) { @@ -1546,10 +1558,10 @@ int xfrm_state_walk(struct net *net, struct xfrm_state_walk *walk, spin_lock_bh(&xfrm_state_lock); if (list_empty(&walk->all)) - x = list_first_entry(&net->xfrm.state_all, struct xfrm_state_walk, all); + x = list_first_entry(&xfrm_state_all, struct xfrm_state_walk, all); else x = list_entry(&walk->all, struct xfrm_state_walk, all); - list_for_each_entry_from(x, &net->xfrm.state_all, all) { + list_for_each_entry_from(x, &xfrm_state_all, all) { if (x->state == XFRM_STATE_DEAD) continue; state = container_of(x, struct xfrm_state, km); @@ -1648,7 +1660,7 @@ static void xfrm_replay_timer_handler(unsigned long data) spin_lock(&x->lock); if (x->km.state == XFRM_STATE_VALID) { - if (xfrm_aevent_is_on(xs_net(x))) + if (xfrm_aevent_is_on()) xfrm_replay_notify(x, XFRM_REPLAY_TIMEOUT); else x->xflags |= XFRM_TIME_DEFER; @@ -1704,7 +1716,7 @@ void xfrm_replay_advance(struct xfrm_state *x, __be32 net_seq) x->replay.bitmap |= (1U << diff); } - if (xfrm_aevent_is_on(xs_net(x))) + if (xfrm_aevent_is_on()) xfrm_replay_notify(x, XFRM_REPLAY_UPDATE); } @@ -1737,7 +1749,6 @@ EXPORT_SYMBOL(km_state_notify); void km_state_expired(struct xfrm_state *x, int hard, u32 pid) { - struct net *net = xs_net(x); struct km_event c; c.data.hard = hard; @@ -1746,7 +1757,7 @@ void km_state_expired(struct xfrm_state *x, int hard, u32 pid) km_state_notify(x, &c); if (hard) - wake_up(&net->xfrm.km_waitq); + wake_up(&km_waitq); } EXPORT_SYMBOL(km_state_expired); @@ -1789,7 +1800,6 @@ EXPORT_SYMBOL(km_new_mapping); void km_policy_expired(struct xfrm_policy *pol, int dir, int hard, u32 pid) { - struct net *net = xp_net(pol); struct km_event c; c.data.hard = hard; @@ -1798,7 +1808,7 @@ void km_policy_expired(struct xfrm_policy *pol, int dir, int hard, u32 pid) km_policy_notify(pol, dir, &c); if (hard) - wake_up(&net->xfrm.km_waitq); + wake_up(&km_waitq); } EXPORT_SYMBOL(km_policy_expired); @@ -1825,7 +1835,7 @@ int km_migrate(struct xfrm_selector *sel, u8 dir, u8 type, EXPORT_SYMBOL(km_migrate); #endif -int km_report(struct net *net, u8 proto, struct xfrm_selector *sel, xfrm_address_t *addr) +int km_report(u8 proto, struct xfrm_selector *sel, xfrm_address_t *addr) { int err = -EINVAL; int ret; @@ -1834,7 +1844,7 @@ int km_report(struct net *net, u8 proto, struct xfrm_selector *sel, xfrm_address read_lock(&xfrm_km_lock); list_for_each_entry(km, &xfrm_km_list, list) { if (km->report) { - ret = km->report(net, proto, sel, addr); + ret = km->report(proto, sel, addr); if (!ret) err = ret; } @@ -2070,61 +2080,20 @@ int xfrm_init_state(struct xfrm_state *x) EXPORT_SYMBOL(xfrm_init_state); -int __net_init xfrm_state_init(struct net *net) +void __init xfrm_state_init(void) { unsigned int sz; - INIT_LIST_HEAD(&net->xfrm.state_all); - sz = sizeof(struct hlist_head) * 8; - net->xfrm.state_bydst = xfrm_hash_alloc(sz); - if (!net->xfrm.state_bydst) - goto out_bydst; - net->xfrm.state_bysrc = xfrm_hash_alloc(sz); - if (!net->xfrm.state_bysrc) - goto out_bysrc; - net->xfrm.state_byspi = xfrm_hash_alloc(sz); - if (!net->xfrm.state_byspi) - goto out_byspi; - net->xfrm.state_hmask = ((sz / sizeof(struct hlist_head)) - 1); - - net->xfrm.state_num = 0; - INIT_WORK(&net->xfrm.state_hash_work, xfrm_hash_resize); - INIT_HLIST_HEAD(&net->xfrm.state_gc_list); - INIT_WORK(&net->xfrm.state_gc_work, xfrm_state_gc_task); - init_waitqueue_head(&net->xfrm.km_waitq); - return 0; - -out_byspi: - xfrm_hash_free(net->xfrm.state_bysrc, sz); -out_bysrc: - xfrm_hash_free(net->xfrm.state_bydst, sz); -out_bydst: - return -ENOMEM; -} - -void xfrm_state_fini(struct net *net) -{ - struct xfrm_audit audit_info; - unsigned int sz; + xfrm_state_bydst = xfrm_hash_alloc(sz); + xfrm_state_bysrc = xfrm_hash_alloc(sz); + xfrm_state_byspi = xfrm_hash_alloc(sz); + if (!xfrm_state_bydst || !xfrm_state_bysrc || !xfrm_state_byspi) + panic("XFRM: Cannot allocate bydst/bysrc/byspi hashes."); + xfrm_state_hmask = ((sz / sizeof(struct hlist_head)) - 1); - flush_work(&net->xfrm.state_hash_work); - audit_info.loginuid = -1; - audit_info.sessionid = -1; - audit_info.secid = 0; - xfrm_state_flush(net, IPSEC_PROTO_ANY, &audit_info); - flush_work(&net->xfrm.state_gc_work); - - WARN_ON(!list_empty(&net->xfrm.state_all)); - - sz = (net->xfrm.state_hmask + 1) * sizeof(struct hlist_head); - WARN_ON(!hlist_empty(net->xfrm.state_byspi)); - xfrm_hash_free(net->xfrm.state_byspi, sz); - WARN_ON(!hlist_empty(net->xfrm.state_bysrc)); - xfrm_hash_free(net->xfrm.state_bysrc, sz); - WARN_ON(!hlist_empty(net->xfrm.state_bydst)); - xfrm_hash_free(net->xfrm.state_bydst, sz); + INIT_WORK(&xfrm_state_gc_work, xfrm_state_gc_task); } #ifdef CONFIG_AUDITSYSCALL diff --git a/trunk/net/xfrm/xfrm_sysctl.c b/trunk/net/xfrm/xfrm_sysctl.c deleted file mode 100644 index 2e6ffb66f06f..000000000000 --- a/trunk/net/xfrm/xfrm_sysctl.c +++ /dev/null @@ -1,85 +0,0 @@ -#include -#include -#include - -static void __xfrm_sysctl_init(struct net *net) -{ - net->xfrm.sysctl_aevent_etime = XFRM_AE_ETIME; - net->xfrm.sysctl_aevent_rseqth = XFRM_AE_SEQT_SIZE; - net->xfrm.sysctl_larval_drop = 1; - net->xfrm.sysctl_acq_expires = 30; -} - -#ifdef CONFIG_SYSCTL -static struct ctl_table xfrm_table[] = { - { - .ctl_name = NET_CORE_AEVENT_ETIME, - .procname = "xfrm_aevent_etime", - .maxlen = sizeof(u32), - .mode = 0644, - .proc_handler = proc_dointvec - }, - { - .ctl_name = NET_CORE_AEVENT_RSEQTH, - .procname = "xfrm_aevent_rseqth", - .maxlen = sizeof(u32), - .mode = 0644, - .proc_handler = proc_dointvec - }, - { - .ctl_name = CTL_UNNUMBERED, - .procname = "xfrm_larval_drop", - .maxlen = sizeof(int), - .mode = 0644, - .proc_handler = proc_dointvec - }, - { - .ctl_name = CTL_UNNUMBERED, - .procname = "xfrm_acq_expires", - .maxlen = sizeof(int), - .mode = 0644, - .proc_handler = proc_dointvec - }, - {} -}; - -int __net_init xfrm_sysctl_init(struct net *net) -{ - struct ctl_table *table; - - __xfrm_sysctl_init(net); - - table = kmemdup(xfrm_table, sizeof(xfrm_table), GFP_KERNEL); - if (!table) - goto out_kmemdup; - table[0].data = &net->xfrm.sysctl_aevent_etime; - table[1].data = &net->xfrm.sysctl_aevent_rseqth; - table[2].data = &net->xfrm.sysctl_larval_drop; - table[3].data = &net->xfrm.sysctl_acq_expires; - - net->xfrm.sysctl_hdr = register_net_sysctl_table(net, net_core_path, table); - if (!net->xfrm.sysctl_hdr) - goto out_register; - return 0; - -out_register: - kfree(table); -out_kmemdup: - return -ENOMEM; -} - -void xfrm_sysctl_fini(struct net *net) -{ - struct ctl_table *table; - - table = net->xfrm.sysctl_hdr->ctl_table_arg; - unregister_net_sysctl_table(net->xfrm.sysctl_hdr); - kfree(table); -} -#else -int __net_init xfrm_sysctl_init(struct net *net) -{ - __xfrm_sysctl_init(net); - return 0; -} -#endif diff --git a/trunk/net/xfrm/xfrm_user.c b/trunk/net/xfrm/xfrm_user.c index 38ffaf33312e..ee15d5dd6544 100644 --- a/trunk/net/xfrm/xfrm_user.c +++ b/trunk/net/xfrm/xfrm_user.c @@ -316,12 +316,11 @@ static void xfrm_update_ae_params(struct xfrm_state *x, struct nlattr **attrs) x->replay_maxdiff = nla_get_u32(rt); } -static struct xfrm_state *xfrm_state_construct(struct net *net, - struct xfrm_usersa_info *p, +static struct xfrm_state *xfrm_state_construct(struct xfrm_usersa_info *p, struct nlattr **attrs, int *errp) { - struct xfrm_state *x = xfrm_state_alloc(net); + struct xfrm_state *x = xfrm_state_alloc(); int err = -ENOMEM; if (!x) @@ -368,9 +367,9 @@ static struct xfrm_state *xfrm_state_construct(struct net *net, goto error; x->km.seq = p->seq; - x->replay_maxdiff = net->xfrm.sysctl_aevent_rseqth; + x->replay_maxdiff = sysctl_xfrm_aevent_rseqth; /* sysctl_xfrm_aevent_etime is in 100ms units */ - x->replay_maxage = (net->xfrm.sysctl_aevent_etime*HZ)/XFRM_AE_ETH_M; + x->replay_maxage = (sysctl_xfrm_aevent_etime*HZ)/XFRM_AE_ETH_M; x->preplay.bitmap = 0; x->preplay.seq = x->replay.seq+x->replay_maxdiff; x->preplay.oseq = x->replay.oseq +x->replay_maxdiff; @@ -392,7 +391,6 @@ static struct xfrm_state *xfrm_state_construct(struct net *net, static int xfrm_add_sa(struct sk_buff *skb, struct nlmsghdr *nlh, struct nlattr **attrs) { - struct net *net = sock_net(skb->sk); struct xfrm_usersa_info *p = nlmsg_data(nlh); struct xfrm_state *x; int err; @@ -405,7 +403,7 @@ static int xfrm_add_sa(struct sk_buff *skb, struct nlmsghdr *nlh, if (err) return err; - x = xfrm_state_construct(net, p, attrs, &err); + x = xfrm_state_construct(p, attrs, &err); if (!x) return err; @@ -433,8 +431,7 @@ static int xfrm_add_sa(struct sk_buff *skb, struct nlmsghdr *nlh, return err; } -static struct xfrm_state *xfrm_user_state_lookup(struct net *net, - struct xfrm_usersa_id *p, +static struct xfrm_state *xfrm_user_state_lookup(struct xfrm_usersa_id *p, struct nlattr **attrs, int *errp) { @@ -443,7 +440,7 @@ static struct xfrm_state *xfrm_user_state_lookup(struct net *net, if (xfrm_id_proto_match(p->proto, IPSEC_PROTO_ANY)) { err = -ESRCH; - x = xfrm_state_lookup(net, &p->daddr, p->spi, p->proto, p->family); + x = xfrm_state_lookup(&p->daddr, p->spi, p->proto, p->family); } else { xfrm_address_t *saddr = NULL; @@ -454,8 +451,8 @@ static struct xfrm_state *xfrm_user_state_lookup(struct net *net, } err = -ESRCH; - x = xfrm_state_lookup_byaddr(net, &p->daddr, saddr, - p->proto, p->family); + x = xfrm_state_lookup_byaddr(&p->daddr, saddr, p->proto, + p->family); } out: @@ -467,7 +464,6 @@ static struct xfrm_state *xfrm_user_state_lookup(struct net *net, static int xfrm_del_sa(struct sk_buff *skb, struct nlmsghdr *nlh, struct nlattr **attrs) { - struct net *net = sock_net(skb->sk); struct xfrm_state *x; int err = -ESRCH; struct km_event c; @@ -476,7 +472,7 @@ static int xfrm_del_sa(struct sk_buff *skb, struct nlmsghdr *nlh, u32 sessionid = NETLINK_CB(skb).sessionid; u32 sid = NETLINK_CB(skb).sid; - x = xfrm_user_state_lookup(net, p, attrs, &err); + x = xfrm_user_state_lookup(p, attrs, &err); if (x == NULL) return err; @@ -619,7 +615,6 @@ static int xfrm_dump_sa_done(struct netlink_callback *cb) static int xfrm_dump_sa(struct sk_buff *skb, struct netlink_callback *cb) { - struct net *net = sock_net(skb->sk); struct xfrm_state_walk *walk = (struct xfrm_state_walk *) &cb->args[1]; struct xfrm_dump_info info; @@ -636,7 +631,7 @@ static int xfrm_dump_sa(struct sk_buff *skb, struct netlink_callback *cb) xfrm_state_walk_init(walk, 0); } - (void) xfrm_state_walk(net, walk, dump_one_state, &info); + (void) xfrm_state_walk(walk, dump_one_state, &info); return skb->len; } @@ -708,7 +703,6 @@ static int build_spdinfo(struct sk_buff *skb, u32 pid, u32 seq, u32 flags) static int xfrm_get_spdinfo(struct sk_buff *skb, struct nlmsghdr *nlh, struct nlattr **attrs) { - struct net *net = sock_net(skb->sk); struct sk_buff *r_skb; u32 *flags = nlmsg_data(nlh); u32 spid = NETLINK_CB(skb).pid; @@ -721,7 +715,7 @@ static int xfrm_get_spdinfo(struct sk_buff *skb, struct nlmsghdr *nlh, if (build_spdinfo(r_skb, spid, seq, *flags) < 0) BUG(); - return nlmsg_unicast(net->xfrm.nlsk, r_skb, spid); + return nlmsg_unicast(xfrm_nl, r_skb, spid); } static inline size_t xfrm_sadinfo_msgsize(void) @@ -762,7 +756,6 @@ static int build_sadinfo(struct sk_buff *skb, u32 pid, u32 seq, u32 flags) static int xfrm_get_sadinfo(struct sk_buff *skb, struct nlmsghdr *nlh, struct nlattr **attrs) { - struct net *net = sock_net(skb->sk); struct sk_buff *r_skb; u32 *flags = nlmsg_data(nlh); u32 spid = NETLINK_CB(skb).pid; @@ -775,19 +768,18 @@ static int xfrm_get_sadinfo(struct sk_buff *skb, struct nlmsghdr *nlh, if (build_sadinfo(r_skb, spid, seq, *flags) < 0) BUG(); - return nlmsg_unicast(net->xfrm.nlsk, r_skb, spid); + return nlmsg_unicast(xfrm_nl, r_skb, spid); } static int xfrm_get_sa(struct sk_buff *skb, struct nlmsghdr *nlh, struct nlattr **attrs) { - struct net *net = sock_net(skb->sk); struct xfrm_usersa_id *p = nlmsg_data(nlh); struct xfrm_state *x; struct sk_buff *resp_skb; int err = -ESRCH; - x = xfrm_user_state_lookup(net, p, attrs, &err); + x = xfrm_user_state_lookup(p, attrs, &err); if (x == NULL) goto out_noput; @@ -795,7 +787,7 @@ static int xfrm_get_sa(struct sk_buff *skb, struct nlmsghdr *nlh, if (IS_ERR(resp_skb)) { err = PTR_ERR(resp_skb); } else { - err = nlmsg_unicast(net->xfrm.nlsk, resp_skb, NETLINK_CB(skb).pid); + err = nlmsg_unicast(xfrm_nl, resp_skb, NETLINK_CB(skb).pid); } xfrm_state_put(x); out_noput: @@ -828,7 +820,6 @@ static int verify_userspi_info(struct xfrm_userspi_info *p) static int xfrm_alloc_userspi(struct sk_buff *skb, struct nlmsghdr *nlh, struct nlattr **attrs) { - struct net *net = sock_net(skb->sk); struct xfrm_state *x; struct xfrm_userspi_info *p; struct sk_buff *resp_skb; @@ -846,7 +837,7 @@ static int xfrm_alloc_userspi(struct sk_buff *skb, struct nlmsghdr *nlh, x = NULL; if (p->info.seq) { - x = xfrm_find_acq_byseq(net, p->info.seq); + x = xfrm_find_acq_byseq(p->info.seq); if (x && xfrm_addr_cmp(&x->id.daddr, daddr, family)) { xfrm_state_put(x); x = NULL; @@ -854,7 +845,7 @@ static int xfrm_alloc_userspi(struct sk_buff *skb, struct nlmsghdr *nlh, } if (!x) - x = xfrm_find_acq(net, p->info.mode, p->info.reqid, + x = xfrm_find_acq(p->info.mode, p->info.reqid, p->info.id.proto, daddr, &p->info.saddr, 1, family); @@ -872,7 +863,7 @@ static int xfrm_alloc_userspi(struct sk_buff *skb, struct nlmsghdr *nlh, goto out; } - err = nlmsg_unicast(net->xfrm.nlsk, resp_skb, NETLINK_CB(skb).pid); + err = nlmsg_unicast(xfrm_nl, resp_skb, NETLINK_CB(skb).pid); out: xfrm_state_put(x); @@ -1087,9 +1078,9 @@ static void copy_to_user_policy(struct xfrm_policy *xp, struct xfrm_userpolicy_i p->share = XFRM_SHARE_ANY; /* XXX xp->share */ } -static struct xfrm_policy *xfrm_policy_construct(struct net *net, struct xfrm_userpolicy_info *p, struct nlattr **attrs, int *errp) +static struct xfrm_policy *xfrm_policy_construct(struct xfrm_userpolicy_info *p, struct nlattr **attrs, int *errp) { - struct xfrm_policy *xp = xfrm_policy_alloc(net, GFP_KERNEL); + struct xfrm_policy *xp = xfrm_policy_alloc(GFP_KERNEL); int err; if (!xp) { @@ -1119,7 +1110,6 @@ static struct xfrm_policy *xfrm_policy_construct(struct net *net, struct xfrm_us static int xfrm_add_policy(struct sk_buff *skb, struct nlmsghdr *nlh, struct nlattr **attrs) { - struct net *net = sock_net(skb->sk); struct xfrm_userpolicy_info *p = nlmsg_data(nlh); struct xfrm_policy *xp; struct km_event c; @@ -1136,7 +1126,7 @@ static int xfrm_add_policy(struct sk_buff *skb, struct nlmsghdr *nlh, if (err) return err; - xp = xfrm_policy_construct(net, p, attrs, &err); + xp = xfrm_policy_construct(p, attrs, &err); if (!xp) return err; @@ -1273,7 +1263,6 @@ static int xfrm_dump_policy_done(struct netlink_callback *cb) static int xfrm_dump_policy(struct sk_buff *skb, struct netlink_callback *cb) { - struct net *net = sock_net(skb->sk); struct xfrm_policy_walk *walk = (struct xfrm_policy_walk *) &cb->args[1]; struct xfrm_dump_info info; @@ -1290,7 +1279,7 @@ static int xfrm_dump_policy(struct sk_buff *skb, struct netlink_callback *cb) xfrm_policy_walk_init(walk, XFRM_POLICY_TYPE_ANY); } - (void) xfrm_policy_walk(net, walk, dump_one_policy, &info); + (void) xfrm_policy_walk(walk, dump_one_policy, &info); return skb->len; } @@ -1322,7 +1311,6 @@ static struct sk_buff *xfrm_policy_netlink(struct sk_buff *in_skb, static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh, struct nlattr **attrs) { - struct net *net = sock_net(skb->sk); struct xfrm_policy *xp; struct xfrm_userpolicy_id *p; u8 type = XFRM_POLICY_TYPE_MAIN; @@ -1342,7 +1330,7 @@ static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh, return err; if (p->index) - xp = xfrm_policy_byid(net, type, p->dir, p->index, delete, &err); + xp = xfrm_policy_byid(type, p->dir, p->index, delete, &err); else { struct nlattr *rt = attrs[XFRMA_SEC_CTX]; struct xfrm_sec_ctx *ctx; @@ -1359,7 +1347,7 @@ static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh, if (err) return err; } - xp = xfrm_policy_bysel_ctx(net, type, p->dir, &p->sel, ctx, + xp = xfrm_policy_bysel_ctx(type, p->dir, &p->sel, ctx, delete, &err); security_xfrm_policy_free(ctx); } @@ -1373,7 +1361,7 @@ static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh, if (IS_ERR(resp_skb)) { err = PTR_ERR(resp_skb); } else { - err = nlmsg_unicast(net->xfrm.nlsk, resp_skb, + err = nlmsg_unicast(xfrm_nl, resp_skb, NETLINK_CB(skb).pid); } } else { @@ -1402,7 +1390,6 @@ static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh, static int xfrm_flush_sa(struct sk_buff *skb, struct nlmsghdr *nlh, struct nlattr **attrs) { - struct net *net = sock_net(skb->sk); struct km_event c; struct xfrm_usersa_flush *p = nlmsg_data(nlh); struct xfrm_audit audit_info; @@ -1411,14 +1398,13 @@ static int xfrm_flush_sa(struct sk_buff *skb, struct nlmsghdr *nlh, audit_info.loginuid = NETLINK_CB(skb).loginuid; audit_info.sessionid = NETLINK_CB(skb).sessionid; audit_info.secid = NETLINK_CB(skb).sid; - err = xfrm_state_flush(net, p->proto, &audit_info); + err = xfrm_state_flush(p->proto, &audit_info); if (err) return err; c.data.proto = p->proto; c.event = nlh->nlmsg_type; c.seq = nlh->nlmsg_seq; c.pid = nlh->nlmsg_pid; - c.net = net; km_state_notify(NULL, &c); return 0; @@ -1471,7 +1457,6 @@ static int build_aevent(struct sk_buff *skb, struct xfrm_state *x, struct km_eve static int xfrm_get_ae(struct sk_buff *skb, struct nlmsghdr *nlh, struct nlattr **attrs) { - struct net *net = sock_net(skb->sk); struct xfrm_state *x; struct sk_buff *r_skb; int err; @@ -1483,7 +1468,7 @@ static int xfrm_get_ae(struct sk_buff *skb, struct nlmsghdr *nlh, if (r_skb == NULL) return -ENOMEM; - x = xfrm_state_lookup(net, &id->daddr, id->spi, id->proto, id->family); + x = xfrm_state_lookup(&id->daddr, id->spi, id->proto, id->family); if (x == NULL) { kfree_skb(r_skb); return -ESRCH; @@ -1501,7 +1486,7 @@ static int xfrm_get_ae(struct sk_buff *skb, struct nlmsghdr *nlh, if (build_aevent(r_skb, x, &c) < 0) BUG(); - err = nlmsg_unicast(net->xfrm.nlsk, r_skb, NETLINK_CB(skb).pid); + err = nlmsg_unicast(xfrm_nl, r_skb, NETLINK_CB(skb).pid); spin_unlock_bh(&x->lock); xfrm_state_put(x); return err; @@ -1510,7 +1495,6 @@ static int xfrm_get_ae(struct sk_buff *skb, struct nlmsghdr *nlh, static int xfrm_new_ae(struct sk_buff *skb, struct nlmsghdr *nlh, struct nlattr **attrs) { - struct net *net = sock_net(skb->sk); struct xfrm_state *x; struct km_event c; int err = - EINVAL; @@ -1525,7 +1509,7 @@ static int xfrm_new_ae(struct sk_buff *skb, struct nlmsghdr *nlh, if (!(nlh->nlmsg_flags&NLM_F_REPLACE)) return err; - x = xfrm_state_lookup(net, &p->sa_id.daddr, p->sa_id.spi, p->sa_id.proto, p->sa_id.family); + x = xfrm_state_lookup(&p->sa_id.daddr, p->sa_id.spi, p->sa_id.proto, p->sa_id.family); if (x == NULL) return -ESRCH; @@ -1550,7 +1534,6 @@ static int xfrm_new_ae(struct sk_buff *skb, struct nlmsghdr *nlh, static int xfrm_flush_policy(struct sk_buff *skb, struct nlmsghdr *nlh, struct nlattr **attrs) { - struct net *net = sock_net(skb->sk); struct km_event c; u8 type = XFRM_POLICY_TYPE_MAIN; int err; @@ -1563,14 +1546,13 @@ static int xfrm_flush_policy(struct sk_buff *skb, struct nlmsghdr *nlh, audit_info.loginuid = NETLINK_CB(skb).loginuid; audit_info.sessionid = NETLINK_CB(skb).sessionid; audit_info.secid = NETLINK_CB(skb).sid; - err = xfrm_policy_flush(net, type, &audit_info); + err = xfrm_policy_flush(type, &audit_info); if (err) return err; c.data.type = type; c.event = nlh->nlmsg_type; c.seq = nlh->nlmsg_seq; c.pid = nlh->nlmsg_pid; - c.net = net; km_policy_notify(NULL, 0, &c); return 0; } @@ -1578,7 +1560,6 @@ static int xfrm_flush_policy(struct sk_buff *skb, struct nlmsghdr *nlh, static int xfrm_add_pol_expire(struct sk_buff *skb, struct nlmsghdr *nlh, struct nlattr **attrs) { - struct net *net = sock_net(skb->sk); struct xfrm_policy *xp; struct xfrm_user_polexpire *up = nlmsg_data(nlh); struct xfrm_userpolicy_info *p = &up->pol; @@ -1590,7 +1571,7 @@ static int xfrm_add_pol_expire(struct sk_buff *skb, struct nlmsghdr *nlh, return err; if (p->index) - xp = xfrm_policy_byid(net, type, p->dir, p->index, 0, &err); + xp = xfrm_policy_byid(type, p->dir, p->index, 0, &err); else { struct nlattr *rt = attrs[XFRMA_SEC_CTX]; struct xfrm_sec_ctx *ctx; @@ -1607,7 +1588,7 @@ static int xfrm_add_pol_expire(struct sk_buff *skb, struct nlmsghdr *nlh, if (err) return err; } - xp = xfrm_policy_bysel_ctx(net, type, p->dir, &p->sel, ctx, 0, &err); + xp = xfrm_policy_bysel_ctx(type, p->dir, &p->sel, ctx, 0, &err); security_xfrm_policy_free(ctx); } if (xp == NULL) @@ -1642,13 +1623,12 @@ static int xfrm_add_pol_expire(struct sk_buff *skb, struct nlmsghdr *nlh, static int xfrm_add_sa_expire(struct sk_buff *skb, struct nlmsghdr *nlh, struct nlattr **attrs) { - struct net *net = sock_net(skb->sk); struct xfrm_state *x; int err; struct xfrm_user_expire *ue = nlmsg_data(nlh); struct xfrm_usersa_info *p = &ue->state; - x = xfrm_state_lookup(net, &p->id.daddr, p->id.spi, p->id.proto, p->family); + x = xfrm_state_lookup(&p->id.daddr, p->id.spi, p->id.proto, p->family); err = -ENOENT; if (x == NULL) @@ -1677,14 +1657,13 @@ static int xfrm_add_sa_expire(struct sk_buff *skb, struct nlmsghdr *nlh, static int xfrm_add_acquire(struct sk_buff *skb, struct nlmsghdr *nlh, struct nlattr **attrs) { - struct net *net = sock_net(skb->sk); struct xfrm_policy *xp; struct xfrm_user_tmpl *ut; int i; struct nlattr *rt = attrs[XFRMA_TMPL]; struct xfrm_user_acquire *ua = nlmsg_data(nlh); - struct xfrm_state *x = xfrm_state_alloc(net); + struct xfrm_state *x = xfrm_state_alloc(); int err = -ENOMEM; if (!x) @@ -1698,7 +1677,7 @@ static int xfrm_add_acquire(struct sk_buff *skb, struct nlmsghdr *nlh, } /* build an XP */ - xp = xfrm_policy_construct(net, &ua->policy, attrs, &err); + xp = xfrm_policy_construct(&ua->policy, attrs, &err); if (!xp) { kfree(x); return err; @@ -1890,7 +1869,6 @@ static int xfrm_send_migrate(struct xfrm_selector *sel, u8 dir, u8 type, struct xfrm_migrate *m, int num_migrate, struct xfrm_kmaddress *k) { - struct net *net = &init_net; struct sk_buff *skb; skb = nlmsg_new(xfrm_migrate_msgsize(num_migrate, !!k), GFP_ATOMIC); @@ -1901,7 +1879,7 @@ static int xfrm_send_migrate(struct xfrm_selector *sel, u8 dir, u8 type, if (build_migrate(skb, m, num_migrate, k, sel, dir, type) < 0) BUG(); - return nlmsg_multicast(net->xfrm.nlsk, skb, 0, XFRMNLGRP_MIGRATE, GFP_ATOMIC); + return nlmsg_multicast(xfrm_nl, skb, 0, XFRMNLGRP_MIGRATE, GFP_ATOMIC); } #else static int xfrm_send_migrate(struct xfrm_selector *sel, u8 dir, u8 type, @@ -1990,7 +1968,6 @@ static struct xfrm_link { static int xfrm_user_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh) { - struct net *net = sock_net(skb->sk); struct nlattr *attrs[XFRMA_MAX+1]; struct xfrm_link *link; int type, err; @@ -2012,7 +1989,7 @@ static int xfrm_user_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh) if (link->dump == NULL) return -EINVAL; - return netlink_dump_start(net->xfrm.nlsk, skb, nlh, link->dump, link->done); + return netlink_dump_start(xfrm_nl, skb, nlh, link->dump, link->done); } err = nlmsg_parse(nlh, xfrm_msg_min[type], attrs, XFRMA_MAX, @@ -2056,7 +2033,6 @@ static int build_expire(struct sk_buff *skb, struct xfrm_state *x, struct km_eve static int xfrm_exp_state_notify(struct xfrm_state *x, struct km_event *c) { - struct net *net = xs_net(x); struct sk_buff *skb; skb = nlmsg_new(xfrm_expire_msgsize(), GFP_ATOMIC); @@ -2066,12 +2042,11 @@ static int xfrm_exp_state_notify(struct xfrm_state *x, struct km_event *c) if (build_expire(skb, x, c) < 0) BUG(); - return nlmsg_multicast(net->xfrm.nlsk, skb, 0, XFRMNLGRP_EXPIRE, GFP_ATOMIC); + return nlmsg_multicast(xfrm_nl, skb, 0, XFRMNLGRP_EXPIRE, GFP_ATOMIC); } static int xfrm_aevent_state_notify(struct xfrm_state *x, struct km_event *c) { - struct net *net = xs_net(x); struct sk_buff *skb; skb = nlmsg_new(xfrm_aevent_msgsize(), GFP_ATOMIC); @@ -2081,12 +2056,11 @@ static int xfrm_aevent_state_notify(struct xfrm_state *x, struct km_event *c) if (build_aevent(skb, x, c) < 0) BUG(); - return nlmsg_multicast(net->xfrm.nlsk, skb, 0, XFRMNLGRP_AEVENTS, GFP_ATOMIC); + return nlmsg_multicast(xfrm_nl, skb, 0, XFRMNLGRP_AEVENTS, GFP_ATOMIC); } static int xfrm_notify_sa_flush(struct km_event *c) { - struct net *net = c->net; struct xfrm_usersa_flush *p; struct nlmsghdr *nlh; struct sk_buff *skb; @@ -2107,7 +2081,7 @@ static int xfrm_notify_sa_flush(struct km_event *c) nlmsg_end(skb, nlh); - return nlmsg_multicast(net->xfrm.nlsk, skb, 0, XFRMNLGRP_SA, GFP_ATOMIC); + return nlmsg_multicast(xfrm_nl, skb, 0, XFRMNLGRP_SA, GFP_ATOMIC); } static inline size_t xfrm_sa_len(struct xfrm_state *x) @@ -2137,7 +2111,6 @@ static inline size_t xfrm_sa_len(struct xfrm_state *x) static int xfrm_notify_sa(struct xfrm_state *x, struct km_event *c) { - struct net *net = xs_net(x); struct xfrm_usersa_info *p; struct xfrm_usersa_id *id; struct nlmsghdr *nlh; @@ -2182,7 +2155,7 @@ static int xfrm_notify_sa(struct xfrm_state *x, struct km_event *c) nlmsg_end(skb, nlh); - return nlmsg_multicast(net->xfrm.nlsk, skb, 0, XFRMNLGRP_SA, GFP_ATOMIC); + return nlmsg_multicast(xfrm_nl, skb, 0, XFRMNLGRP_SA, GFP_ATOMIC); nla_put_failure: /* Somebody screwed up with xfrm_sa_len! */ @@ -2262,7 +2235,6 @@ static int build_acquire(struct sk_buff *skb, struct xfrm_state *x, static int xfrm_send_acquire(struct xfrm_state *x, struct xfrm_tmpl *xt, struct xfrm_policy *xp, int dir) { - struct net *net = xs_net(x); struct sk_buff *skb; skb = nlmsg_new(xfrm_acquire_msgsize(x, xp), GFP_ATOMIC); @@ -2272,7 +2244,7 @@ static int xfrm_send_acquire(struct xfrm_state *x, struct xfrm_tmpl *xt, if (build_acquire(skb, x, xt, xp, dir) < 0) BUG(); - return nlmsg_multicast(net->xfrm.nlsk, skb, 0, XFRMNLGRP_ACQUIRE, GFP_ATOMIC); + return nlmsg_multicast(xfrm_nl, skb, 0, XFRMNLGRP_ACQUIRE, GFP_ATOMIC); } /* User gives us xfrm_user_policy_info followed by an array of 0 @@ -2281,7 +2253,6 @@ static int xfrm_send_acquire(struct xfrm_state *x, struct xfrm_tmpl *xt, static struct xfrm_policy *xfrm_compile_policy(struct sock *sk, int opt, u8 *data, int len, int *dir) { - struct net *net = sock_net(sk); struct xfrm_userpolicy_info *p = (struct xfrm_userpolicy_info *)data; struct xfrm_user_tmpl *ut = (struct xfrm_user_tmpl *) (p + 1); struct xfrm_policy *xp; @@ -2320,7 +2291,7 @@ static struct xfrm_policy *xfrm_compile_policy(struct sock *sk, int opt, if (p->dir > XFRM_POLICY_OUT) return NULL; - xp = xfrm_policy_alloc(net, GFP_KERNEL); + xp = xfrm_policy_alloc(GFP_KERNEL); if (xp == NULL) { *dir = -ENOBUFS; return NULL; @@ -2373,7 +2344,6 @@ static int build_polexpire(struct sk_buff *skb, struct xfrm_policy *xp, static int xfrm_exp_policy_notify(struct xfrm_policy *xp, int dir, struct km_event *c) { - struct net *net = xp_net(xp); struct sk_buff *skb; skb = nlmsg_new(xfrm_polexpire_msgsize(xp), GFP_ATOMIC); @@ -2383,12 +2353,11 @@ static int xfrm_exp_policy_notify(struct xfrm_policy *xp, int dir, struct km_eve if (build_polexpire(skb, xp, dir, c) < 0) BUG(); - return nlmsg_multicast(net->xfrm.nlsk, skb, 0, XFRMNLGRP_EXPIRE, GFP_ATOMIC); + return nlmsg_multicast(xfrm_nl, skb, 0, XFRMNLGRP_EXPIRE, GFP_ATOMIC); } static int xfrm_notify_policy(struct xfrm_policy *xp, int dir, struct km_event *c) { - struct net *net = xp_net(xp); struct xfrm_userpolicy_info *p; struct xfrm_userpolicy_id *id; struct nlmsghdr *nlh; @@ -2439,7 +2408,7 @@ static int xfrm_notify_policy(struct xfrm_policy *xp, int dir, struct km_event * nlmsg_end(skb, nlh); - return nlmsg_multicast(net->xfrm.nlsk, skb, 0, XFRMNLGRP_POLICY, GFP_ATOMIC); + return nlmsg_multicast(xfrm_nl, skb, 0, XFRMNLGRP_POLICY, GFP_ATOMIC); nlmsg_failure: kfree_skb(skb); @@ -2448,7 +2417,6 @@ static int xfrm_notify_policy(struct xfrm_policy *xp, int dir, struct km_event * static int xfrm_notify_policy_flush(struct km_event *c) { - struct net *net = c->net; struct nlmsghdr *nlh; struct sk_buff *skb; @@ -2464,7 +2432,7 @@ static int xfrm_notify_policy_flush(struct km_event *c) nlmsg_end(skb, nlh); - return nlmsg_multicast(net->xfrm.nlsk, skb, 0, XFRMNLGRP_POLICY, GFP_ATOMIC); + return nlmsg_multicast(xfrm_nl, skb, 0, XFRMNLGRP_POLICY, GFP_ATOMIC); nlmsg_failure: kfree_skb(skb); @@ -2520,8 +2488,8 @@ static int build_report(struct sk_buff *skb, u8 proto, return -EMSGSIZE; } -static int xfrm_send_report(struct net *net, u8 proto, - struct xfrm_selector *sel, xfrm_address_t *addr) +static int xfrm_send_report(u8 proto, struct xfrm_selector *sel, + xfrm_address_t *addr) { struct sk_buff *skb; @@ -2532,7 +2500,7 @@ static int xfrm_send_report(struct net *net, u8 proto, if (build_report(skb, proto, sel, addr) < 0) BUG(); - return nlmsg_multicast(net->xfrm.nlsk, skb, 0, XFRMNLGRP_REPORT, GFP_ATOMIC); + return nlmsg_multicast(xfrm_nl, skb, 0, XFRMNLGRP_REPORT, GFP_ATOMIC); } static inline size_t xfrm_mapping_msgsize(void) @@ -2568,7 +2536,6 @@ static int build_mapping(struct sk_buff *skb, struct xfrm_state *x, static int xfrm_send_mapping(struct xfrm_state *x, xfrm_address_t *ipaddr, __be16 sport) { - struct net *net = xs_net(x); struct sk_buff *skb; if (x->id.proto != IPPROTO_ESP) @@ -2584,7 +2551,7 @@ static int xfrm_send_mapping(struct xfrm_state *x, xfrm_address_t *ipaddr, if (build_mapping(skb, x, ipaddr, sport) < 0) BUG(); - return nlmsg_multicast(net->xfrm.nlsk, skb, 0, XFRMNLGRP_MAPPING, GFP_ATOMIC); + return nlmsg_multicast(xfrm_nl, skb, 0, XFRMNLGRP_MAPPING, GFP_ATOMIC); } static struct xfrm_mgr netlink_mgr = { @@ -2598,51 +2565,31 @@ static struct xfrm_mgr netlink_mgr = { .new_mapping = xfrm_send_mapping, }; -static int __net_init xfrm_user_net_init(struct net *net) +static int __init xfrm_user_init(void) { struct sock *nlsk; - nlsk = netlink_kernel_create(net, NETLINK_XFRM, XFRMNLGRP_MAX, + printk(KERN_INFO "Initializing XFRM netlink socket\n"); + + nlsk = netlink_kernel_create(&init_net, NETLINK_XFRM, XFRMNLGRP_MAX, xfrm_netlink_rcv, NULL, THIS_MODULE); if (nlsk == NULL) return -ENOMEM; - rcu_assign_pointer(net->xfrm.nlsk, nlsk); - return 0; -} + rcu_assign_pointer(xfrm_nl, nlsk); -static void __net_exit xfrm_user_net_exit(struct net *net) -{ - struct sock *nlsk = net->xfrm.nlsk; + xfrm_register_km(&netlink_mgr); - rcu_assign_pointer(net->xfrm.nlsk, NULL); - synchronize_rcu(); - netlink_kernel_release(nlsk); -} - -static struct pernet_operations xfrm_user_net_ops = { - .init = xfrm_user_net_init, - .exit = xfrm_user_net_exit, -}; - -static int __init xfrm_user_init(void) -{ - int rv; - - printk(KERN_INFO "Initializing XFRM netlink socket\n"); - - rv = register_pernet_subsys(&xfrm_user_net_ops); - if (rv < 0) - return rv; - rv = xfrm_register_km(&netlink_mgr); - if (rv < 0) - unregister_pernet_subsys(&xfrm_user_net_ops); - return rv; + return 0; } static void __exit xfrm_user_exit(void) { + struct sock *nlsk = xfrm_nl; + xfrm_unregister_km(&netlink_mgr); - unregister_pernet_subsys(&xfrm_user_net_ops); + rcu_assign_pointer(xfrm_nl, NULL); + synchronize_rcu(); + netlink_kernel_release(nlsk); } module_init(xfrm_user_init);