Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
L
linux
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kirill Smelkov
linux
Commits
dfb1d7a5
Commit
dfb1d7a5
authored
Apr 09, 2003
by
David S. Miller
Browse files
Options
Browse Files
Download
Plain Diff
Merge nuts.ninka.net:/home/davem/src/BK/network-2.5
into nuts.ninka.net:/home/davem/src/BK/net-2.5
parents
898df34c
9fac4b2d
Changes
22
Show whitespace changes
Inline
Side-by-side
Showing
22 changed files
with
127 additions
and
48 deletions
+127
-48
net/8021q/vlan.c
net/8021q/vlan.c
+14
-11
net/bridge/br_forward.c
net/bridge/br_forward.c
+1
-0
net/bridge/br_netfilter.c
net/bridge/br_netfilter.c
+1
-0
net/bridge/netfilter/ebtables.c
net/bridge/netfilter/ebtables.c
+4
-0
net/core/netfilter.c
net/core/netfilter.c
+0
-5
net/ipv4/ip_gre.c
net/ipv4/ip_gre.c
+16
-12
net/ipv4/ipip.c
net/ipv4/ipip.c
+11
-8
net/ipv4/netfilter/arp_tables.c
net/ipv4/netfilter/arp_tables.c
+4
-0
net/ipv4/netfilter/ip_conntrack_core.c
net/ipv4/netfilter/ip_conntrack_core.c
+4
-0
net/ipv4/netfilter/ip_conntrack_standalone.c
net/ipv4/netfilter/ip_conntrack_standalone.c
+8
-0
net/ipv4/netfilter/ip_fw_compat.c
net/ipv4/netfilter/ip_fw_compat.c
+8
-0
net/ipv4/netfilter/ip_nat_standalone.c
net/ipv4/netfilter/ip_nat_standalone.c
+12
-0
net/ipv4/netfilter/ip_tables.c
net/ipv4/netfilter/ip_tables.c
+4
-0
net/ipv4/netfilter/iptable_filter.c
net/ipv4/netfilter/iptable_filter.c
+4
-0
net/ipv4/netfilter/iptable_mangle.c
net/ipv4/netfilter/iptable_mangle.c
+4
-0
net/ipv6/af_inet6.c
net/ipv6/af_inet6.c
+6
-3
net/ipv6/ipv6_sockglue.c
net/ipv6/ipv6_sockglue.c
+1
-1
net/ipv6/netfilter/ip6_tables.c
net/ipv6/netfilter/ip6_tables.c
+4
-0
net/ipv6/netfilter/ip6table_mangle.c
net/ipv6/netfilter/ip6table_mangle.c
+4
-0
net/ipv6/sit.c
net/ipv6/sit.c
+11
-8
net/sched/sch_dsmark.c
net/sched/sch_dsmark.c
+1
-0
net/sched/sch_ingress.c
net/sched/sch_ingress.c
+5
-0
No files found.
net/8021q/vlan.c
View file @
dfb1d7a5
...
@@ -501,6 +501,15 @@ static struct net_device *register_vlan_device(const char *eth_IF_name,
...
@@ -501,6 +501,15 @@ static struct net_device *register_vlan_device(const char *eth_IF_name,
real_dev
->
ifindex
);
real_dev
->
ifindex
);
#endif
#endif
if
(
register_netdevice
(
new_dev
))
goto
out_free_newdev_priv
;
/* NOTE: We have a reference to the real device,
* so hold on to the reference. May fail if we are being removed
*/
if
(
!
try_module_get
(
THIS_MODULE
))
goto
out_free_unregister
;
/* So, got the sucker initialized, now lets place
/* So, got the sucker initialized, now lets place
* it into our local structure.
* it into our local structure.
*/
*/
...
@@ -514,7 +523,7 @@ static struct net_device *register_vlan_device(const char *eth_IF_name,
...
@@ -514,7 +523,7 @@ static struct net_device *register_vlan_device(const char *eth_IF_name,
if
(
!
grp
)
{
/* need to add a new group */
if
(
!
grp
)
{
/* need to add a new group */
grp
=
kmalloc
(
sizeof
(
struct
vlan_group
),
GFP_KERNEL
);
grp
=
kmalloc
(
sizeof
(
struct
vlan_group
),
GFP_KERNEL
);
if
(
!
grp
)
if
(
!
grp
)
goto
out_free_
newdev_priv
;
goto
out_free_
put
;
/* printk(KERN_ALERT "VLAN REGISTER: Allocated new group.\n"); */
/* printk(KERN_ALERT "VLAN REGISTER: Allocated new group.\n"); */
memset
(
grp
,
0
,
sizeof
(
struct
vlan_group
));
memset
(
grp
,
0
,
sizeof
(
struct
vlan_group
));
...
@@ -535,24 +544,18 @@ static struct net_device *register_vlan_device(const char *eth_IF_name,
...
@@ -535,24 +544,18 @@ static struct net_device *register_vlan_device(const char *eth_IF_name,
if
(
real_dev
->
features
&
NETIF_F_HW_VLAN_FILTER
)
if
(
real_dev
->
features
&
NETIF_F_HW_VLAN_FILTER
)
real_dev
->
vlan_rx_add_vid
(
real_dev
,
VLAN_ID
);
real_dev
->
vlan_rx_add_vid
(
real_dev
,
VLAN_ID
);
register_netdevice
(
new_dev
);
rtnl_unlock
();
rtnl_unlock
();
/* NOTE: We have a reference to the real device,
* so hold on to the reference.
*/
if
(
!
try_module_get
(
THIS_MODULE
))
goto
out_module_dying
;
#ifdef VLAN_DEBUG
#ifdef VLAN_DEBUG
printk
(
VLAN_DBG
"Allocated new device successfully, returning.
\n
"
);
printk
(
VLAN_DBG
"Allocated new device successfully, returning.
\n
"
);
#endif
#endif
return
new_dev
;
return
new_dev
;
out_free_put:
module_put
(
THIS_MODULE
);
out_module_dying:
out_free_unregister:
rtnl_lock
();
unregister_netdev
(
new_dev
);
unregister_netdevice
(
new_dev
);
out_free_newdev_priv:
out_free_newdev_priv:
kfree
(
new_dev
->
priv
);
kfree
(
new_dev
->
priv
);
...
...
net/bridge/br_forward.c
View file @
dfb1d7a5
...
@@ -33,6 +33,7 @@ static inline int should_deliver(struct net_bridge_port *p, struct sk_buff *skb)
...
@@ -33,6 +33,7 @@ static inline int should_deliver(struct net_bridge_port *p, struct sk_buff *skb)
int
br_dev_queue_push_xmit
(
struct
sk_buff
*
skb
)
int
br_dev_queue_push_xmit
(
struct
sk_buff
*
skb
)
{
{
#ifdef CONFIG_NETFILTER
#ifdef CONFIG_NETFILTER
/* FIXME: skb bas not been linearized: is this valid?? --RR */
if
(
skb
->
nf_bridge
)
if
(
skb
->
nf_bridge
)
memcpy
(
skb
->
data
-
16
,
skb
->
nf_bridge
->
hh
,
16
);
memcpy
(
skb
->
data
-
16
,
skb
->
nf_bridge
->
hh
,
16
);
#endif
#endif
...
...
net/bridge/br_netfilter.c
View file @
dfb1d7a5
...
@@ -467,6 +467,7 @@ static unsigned int br_nf_post_routing(unsigned int hook, struct sk_buff **pskb,
...
@@ -467,6 +467,7 @@ static unsigned int br_nf_post_routing(unsigned int hook, struct sk_buff **pskb,
struct
sk_buff
*
skb
=
*
pskb
;
struct
sk_buff
*
skb
=
*
pskb
;
struct
nf_bridge_info
*
nf_bridge
=
(
*
pskb
)
->
nf_bridge
;
struct
nf_bridge_info
*
nf_bridge
=
(
*
pskb
)
->
nf_bridge
;
/* FIXME: skb as not been linearized. Is this still true? --RR */
/* Be very paranoid. */
/* Be very paranoid. */
if
(
skb
->
mac
.
raw
<
skb
->
head
||
skb
->
mac
.
raw
+
ETH_HLEN
>
skb
->
data
)
{
if
(
skb
->
mac
.
raw
<
skb
->
head
||
skb
->
mac
.
raw
+
ETH_HLEN
>
skb
->
data
)
{
printk
(
KERN_CRIT
"br_netfilter: Argh!! br_nf_post_routing: "
printk
(
KERN_CRIT
"br_netfilter: Argh!! br_nf_post_routing: "
...
...
net/bridge/netfilter/ebtables.c
View file @
dfb1d7a5
...
@@ -175,6 +175,10 @@ unsigned int ebt_do_table (unsigned int hook, struct sk_buff **pskb,
...
@@ -175,6 +175,10 @@ unsigned int ebt_do_table (unsigned int hook, struct sk_buff **pskb,
char
*
base
;
char
*
base
;
struct
ebt_table_info
*
private
=
table
->
private
;
struct
ebt_table_info
*
private
=
table
->
private
;
/* FIXME: Push down to extensions --RR */
if
(
skb_is_nonlinear
(
*
pskb
)
&&
skb_linearize
(
*
pskb
,
GFP_ATOMIC
)
!=
0
)
return
NF_DROP
;
read_lock_bh
(
&
table
->
lock
);
read_lock_bh
(
&
table
->
lock
);
cb_base
=
COUNTER_BASE
(
private
->
counters
,
private
->
nentries
,
cb_base
=
COUNTER_BASE
(
private
->
counters
,
private
->
nentries
,
smp_processor_id
());
smp_processor_id
());
...
...
net/core/netfilter.c
View file @
dfb1d7a5
...
@@ -477,11 +477,6 @@ int nf_hook_slow(int pf, unsigned int hook, struct sk_buff *skb,
...
@@ -477,11 +477,6 @@ int nf_hook_slow(int pf, unsigned int hook, struct sk_buff *skb,
unsigned
int
verdict
;
unsigned
int
verdict
;
int
ret
=
0
;
int
ret
=
0
;
/* This stopgap cannot be removed until all the hooks are audited. */
if
(
skb_is_nonlinear
(
skb
)
&&
skb_linearize
(
skb
,
GFP_ATOMIC
)
!=
0
)
{
kfree_skb
(
skb
);
return
-
ENOMEM
;
}
if
(
skb
->
ip_summed
==
CHECKSUM_HW
)
{
if
(
skb
->
ip_summed
==
CHECKSUM_HW
)
{
if
(
outdev
==
NULL
)
{
if
(
outdev
==
NULL
)
{
skb
->
ip_summed
=
CHECKSUM_NONE
;
skb
->
ip_summed
=
CHECKSUM_NONE
;
...
...
net/ipv4/ip_gre.c
View file @
dfb1d7a5
...
@@ -262,10 +262,11 @@ static struct ip_tunnel * ipgre_tunnel_locate(struct ip_tunnel_parm *parms, int
...
@@ -262,10 +262,11 @@ static struct ip_tunnel * ipgre_tunnel_locate(struct ip_tunnel_parm *parms, int
if
(
!
create
)
if
(
!
create
)
return
NULL
;
return
NULL
;
MOD_INC_USE_COUNT
;
if
(
!
try_module_get
(
THIS_MODULE
))
return
NULL
;
dev
=
kmalloc
(
sizeof
(
*
dev
)
+
sizeof
(
*
t
),
GFP_KERNEL
);
dev
=
kmalloc
(
sizeof
(
*
dev
)
+
sizeof
(
*
t
),
GFP_KERNEL
);
if
(
dev
==
NULL
)
{
if
(
dev
==
NULL
)
{
MOD_DEC_USE_COUNT
;
module_put
(
THIS_MODULE
)
;
return
NULL
;
return
NULL
;
}
}
memset
(
dev
,
0
,
sizeof
(
*
dev
)
+
sizeof
(
*
t
));
memset
(
dev
,
0
,
sizeof
(
*
dev
)
+
sizeof
(
*
t
));
...
@@ -297,7 +298,7 @@ static struct ip_tunnel * ipgre_tunnel_locate(struct ip_tunnel_parm *parms, int
...
@@ -297,7 +298,7 @@ static struct ip_tunnel * ipgre_tunnel_locate(struct ip_tunnel_parm *parms, int
failed:
failed:
kfree
(
dev
);
kfree
(
dev
);
MOD_DEC_USE_COUNT
;
module_put
(
THIS_MODULE
)
;
return
NULL
;
return
NULL
;
}
}
...
@@ -305,7 +306,7 @@ static void ipgre_tunnel_destructor(struct net_device *dev)
...
@@ -305,7 +306,7 @@ static void ipgre_tunnel_destructor(struct net_device *dev)
{
{
if
(
dev
!=
&
ipgre_fb_tunnel_dev
)
{
if
(
dev
!=
&
ipgre_fb_tunnel_dev
)
{
kfree
(
dev
);
kfree
(
dev
);
MOD_DEC_USE_COUNT
;
module_put
(
THIS_MODULE
)
;
}
}
}
}
...
@@ -920,7 +921,8 @@ ipgre_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd)
...
@@ -920,7 +921,8 @@ ipgre_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd)
struct
ip_tunnel_parm
p
;
struct
ip_tunnel_parm
p
;
struct
ip_tunnel
*
t
;
struct
ip_tunnel
*
t
;
MOD_INC_USE_COUNT
;
if
(
!
try_module_get
(
THIS_MODULE
))
return
-
EBUSY
;
switch
(
cmd
)
{
switch
(
cmd
)
{
case
SIOCGETTUNNEL
:
case
SIOCGETTUNNEL
:
...
@@ -1035,7 +1037,7 @@ ipgre_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd)
...
@@ -1035,7 +1037,7 @@ ipgre_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd)
}
}
done:
done:
MOD_DEC_USE_COUNT
;
module_put
(
THIS_MODULE
)
;
return
err
;
return
err
;
}
}
...
@@ -1115,7 +1117,8 @@ static int ipgre_open(struct net_device *dev)
...
@@ -1115,7 +1117,8 @@ static int ipgre_open(struct net_device *dev)
{
{
struct
ip_tunnel
*
t
=
(
struct
ip_tunnel
*
)
dev
->
priv
;
struct
ip_tunnel
*
t
=
(
struct
ip_tunnel
*
)
dev
->
priv
;
MOD_INC_USE_COUNT
;
if
(
!
try_module_get
(
THIS_MODULE
))
return
-
EBUSY
;
if
(
MULTICAST
(
t
->
parms
.
iph
.
daddr
))
{
if
(
MULTICAST
(
t
->
parms
.
iph
.
daddr
))
{
struct
flowi
fl
=
{
.
oif
=
t
->
parms
.
link
,
struct
flowi
fl
=
{
.
oif
=
t
->
parms
.
link
,
.
nl_u
=
{
.
ip4_u
=
.
nl_u
=
{
.
ip4_u
=
...
@@ -1125,13 +1128,13 @@ static int ipgre_open(struct net_device *dev)
...
@@ -1125,13 +1128,13 @@ static int ipgre_open(struct net_device *dev)
.
proto
=
IPPROTO_GRE
};
.
proto
=
IPPROTO_GRE
};
struct
rtable
*
rt
;
struct
rtable
*
rt
;
if
(
ip_route_output_key
(
&
rt
,
&
fl
))
{
if
(
ip_route_output_key
(
&
rt
,
&
fl
))
{
MOD_DEC_USE_COUNT
;
module_put
(
THIS_MODULE
)
;
return
-
EADDRNOTAVAIL
;
return
-
EADDRNOTAVAIL
;
}
}
dev
=
rt
->
u
.
dst
.
dev
;
dev
=
rt
->
u
.
dst
.
dev
;
ip_rt_put
(
rt
);
ip_rt_put
(
rt
);
if
(
__in_dev_get
(
dev
)
==
NULL
)
{
if
(
__in_dev_get
(
dev
)
==
NULL
)
{
MOD_DEC_USE_COUNT
;
module_put
(
THIS_MODULE
)
;
return
-
EADDRNOTAVAIL
;
return
-
EADDRNOTAVAIL
;
}
}
t
->
mlink
=
dev
->
ifindex
;
t
->
mlink
=
dev
->
ifindex
;
...
@@ -1150,7 +1153,7 @@ static int ipgre_close(struct net_device *dev)
...
@@ -1150,7 +1153,7 @@ static int ipgre_close(struct net_device *dev)
in_dev_put
(
in_dev
);
in_dev_put
(
in_dev
);
}
}
}
}
MOD_DEC_USE_COUNT
;
module_put
(
THIS_MODULE
)
;
return
0
;
return
0
;
}
}
...
@@ -1247,13 +1250,14 @@ static int ipgre_tunnel_init(struct net_device *dev)
...
@@ -1247,13 +1250,14 @@ static int ipgre_tunnel_init(struct net_device *dev)
#ifdef MODULE
#ifdef MODULE
static
int
ipgre_fb_tunnel_open
(
struct
net_device
*
dev
)
static
int
ipgre_fb_tunnel_open
(
struct
net_device
*
dev
)
{
{
MOD_INC_USE_COUNT
;
if
(
!
try_module_get
(
THIS_MODULE
))
return
-
EBUSY
;
return
0
;
return
0
;
}
}
static
int
ipgre_fb_tunnel_close
(
struct
net_device
*
dev
)
static
int
ipgre_fb_tunnel_close
(
struct
net_device
*
dev
)
{
{
MOD_DEC_USE_COUNT
;
module_put
(
THIS_MODULE
)
;
return
0
;
return
0
;
}
}
#endif
#endif
...
...
net/ipv4/ipip.c
View file @
dfb1d7a5
...
@@ -231,10 +231,11 @@ struct ip_tunnel * ipip_tunnel_locate(struct ip_tunnel_parm *parms, int create)
...
@@ -231,10 +231,11 @@ struct ip_tunnel * ipip_tunnel_locate(struct ip_tunnel_parm *parms, int create)
if
(
!
create
)
if
(
!
create
)
return
NULL
;
return
NULL
;
MOD_INC_USE_COUNT
;
if
(
!
try_module_get
(
THIS_MODULE
))
return
NULL
;
dev
=
kmalloc
(
sizeof
(
*
dev
)
+
sizeof
(
*
t
),
GFP_KERNEL
);
dev
=
kmalloc
(
sizeof
(
*
dev
)
+
sizeof
(
*
t
),
GFP_KERNEL
);
if
(
dev
==
NULL
)
{
if
(
dev
==
NULL
)
{
MOD_DEC_USE_COUNT
;
module_put
(
THIS_MODULE
)
;
return
NULL
;
return
NULL
;
}
}
memset
(
dev
,
0
,
sizeof
(
*
dev
)
+
sizeof
(
*
t
));
memset
(
dev
,
0
,
sizeof
(
*
dev
)
+
sizeof
(
*
t
));
...
@@ -266,7 +267,7 @@ struct ip_tunnel * ipip_tunnel_locate(struct ip_tunnel_parm *parms, int create)
...
@@ -266,7 +267,7 @@ struct ip_tunnel * ipip_tunnel_locate(struct ip_tunnel_parm *parms, int create)
failed:
failed:
kfree
(
dev
);
kfree
(
dev
);
MOD_DEC_USE_COUNT
;
module_put
(
THIS_MODULE
)
;
return
NULL
;
return
NULL
;
}
}
...
@@ -274,7 +275,7 @@ static void ipip_tunnel_destructor(struct net_device *dev)
...
@@ -274,7 +275,7 @@ static void ipip_tunnel_destructor(struct net_device *dev)
{
{
if
(
dev
!=
&
ipip_fb_tunnel_dev
)
{
if
(
dev
!=
&
ipip_fb_tunnel_dev
)
{
kfree
(
dev
);
kfree
(
dev
);
MOD_DEC_USE_COUNT
;
module_put
(
THIS_MODULE
)
;
}
}
}
}
...
@@ -682,7 +683,8 @@ ipip_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd)
...
@@ -682,7 +683,8 @@ ipip_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd)
struct
ip_tunnel_parm
p
;
struct
ip_tunnel_parm
p
;
struct
ip_tunnel
*
t
;
struct
ip_tunnel
*
t
;
MOD_INC_USE_COUNT
;
if
(
!
try_module_get
(
THIS_MODULE
))
return
-
EBUSY
;
switch
(
cmd
)
{
switch
(
cmd
)
{
case
SIOCGETTUNNEL
:
case
SIOCGETTUNNEL
:
...
@@ -782,7 +784,7 @@ ipip_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd)
...
@@ -782,7 +784,7 @@ ipip_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd)
}
}
done:
done:
MOD_DEC_USE_COUNT
;
module_put
(
THIS_MODULE
)
;
return
err
;
return
err
;
}
}
...
@@ -861,13 +863,14 @@ static int ipip_tunnel_init(struct net_device *dev)
...
@@ -861,13 +863,14 @@ static int ipip_tunnel_init(struct net_device *dev)
#ifdef MODULE
#ifdef MODULE
static
int
ipip_fb_tunnel_open
(
struct
net_device
*
dev
)
static
int
ipip_fb_tunnel_open
(
struct
net_device
*
dev
)
{
{
MOD_INC_USE_COUNT
;
if
(
!
try_module_get
(
THIS_MODULE
))
return
-
EBUSY
;
return
0
;
return
0
;
}
}
static
int
ipip_fb_tunnel_close
(
struct
net_device
*
dev
)
static
int
ipip_fb_tunnel_close
(
struct
net_device
*
dev
)
{
{
MOD_DEC_USE_COUNT
;
module_put
(
THIS_MODULE
)
;
return
0
;
return
0
;
}
}
#endif
#endif
...
...
net/ipv4/netfilter/arp_tables.c
View file @
dfb1d7a5
...
@@ -253,6 +253,10 @@ unsigned int arpt_do_table(struct sk_buff **pskb,
...
@@ -253,6 +253,10 @@ unsigned int arpt_do_table(struct sk_buff **pskb,
const
char
*
indev
,
*
outdev
;
const
char
*
indev
,
*
outdev
;
void
*
table_base
;
void
*
table_base
;
/* FIXME: Push down to extensions --RR */
if
(
skb_is_nonlinear
(
*
pskb
)
&&
skb_linearize
(
*
pskb
,
GFP_ATOMIC
)
!=
0
)
return
NF_DROP
;
indev
=
in
?
in
->
name
:
nulldevname
;
indev
=
in
?
in
->
name
:
nulldevname
;
outdev
=
out
?
out
->
name
:
nulldevname
;
outdev
=
out
?
out
->
name
:
nulldevname
;
...
...
net/ipv4/netfilter/ip_conntrack_core.c
View file @
dfb1d7a5
...
@@ -818,6 +818,10 @@ unsigned int ip_conntrack_in(unsigned int hooknum,
...
@@ -818,6 +818,10 @@ unsigned int ip_conntrack_in(unsigned int hooknum,
if
((
*
pskb
)
->
nfct
)
if
((
*
pskb
)
->
nfct
)
return
NF_ACCEPT
;
return
NF_ACCEPT
;
/* FIXME: Push down to extensions --RR */
if
(
skb_is_nonlinear
(
*
pskb
)
&&
skb_linearize
(
*
pskb
,
GFP_ATOMIC
)
!=
0
)
return
NF_DROP
;
/* Gather fragments. */
/* Gather fragments. */
if
((
*
pskb
)
->
nh
.
iph
->
frag_off
&
htons
(
IP_MF
|
IP_OFFSET
))
{
if
((
*
pskb
)
->
nh
.
iph
->
frag_off
&
htons
(
IP_MF
|
IP_OFFSET
))
{
*
pskb
=
ip_ct_gather_frags
(
*
pskb
);
*
pskb
=
ip_ct_gather_frags
(
*
pskb
);
...
...
net/ipv4/netfilter/ip_conntrack_standalone.c
View file @
dfb1d7a5
...
@@ -192,6 +192,10 @@ static unsigned int ip_refrag(unsigned int hooknum,
...
@@ -192,6 +192,10 @@ static unsigned int ip_refrag(unsigned int hooknum,
{
{
struct
rtable
*
rt
=
(
struct
rtable
*
)(
*
pskb
)
->
dst
;
struct
rtable
*
rt
=
(
struct
rtable
*
)(
*
pskb
)
->
dst
;
/* FIXME: Push down to extensions --RR */
if
(
skb_is_nonlinear
(
*
pskb
)
&&
skb_linearize
(
*
pskb
,
GFP_ATOMIC
)
!=
0
)
return
NF_DROP
;
/* We've seen it coming out the other side: confirm */
/* We've seen it coming out the other side: confirm */
if
(
ip_confirm
(
hooknum
,
pskb
,
in
,
out
,
okfn
)
!=
NF_ACCEPT
)
if
(
ip_confirm
(
hooknum
,
pskb
,
in
,
out
,
okfn
)
!=
NF_ACCEPT
)
return
NF_DROP
;
return
NF_DROP
;
...
@@ -213,6 +217,10 @@ static unsigned int ip_conntrack_local(unsigned int hooknum,
...
@@ -213,6 +217,10 @@ static unsigned int ip_conntrack_local(unsigned int hooknum,
const
struct
net_device
*
out
,
const
struct
net_device
*
out
,
int
(
*
okfn
)(
struct
sk_buff
*
))
int
(
*
okfn
)(
struct
sk_buff
*
))
{
{
/* FIXME: Push down to extensions --RR */
if
(
skb_is_nonlinear
(
*
pskb
)
&&
skb_linearize
(
*
pskb
,
GFP_ATOMIC
)
!=
0
)
return
NF_DROP
;
/* root is playing with raw sockets. */
/* root is playing with raw sockets. */
if
((
*
pskb
)
->
len
<
sizeof
(
struct
iphdr
)
if
((
*
pskb
)
->
len
<
sizeof
(
struct
iphdr
)
||
(
*
pskb
)
->
nh
.
iph
->
ihl
*
4
<
sizeof
(
struct
iphdr
))
{
||
(
*
pskb
)
->
nh
.
iph
->
ihl
*
4
<
sizeof
(
struct
iphdr
))
{
...
...
net/ipv4/netfilter/ip_fw_compat.c
View file @
dfb1d7a5
...
@@ -75,6 +75,10 @@ fw_in(unsigned int hooknum,
...
@@ -75,6 +75,10 @@ fw_in(unsigned int hooknum,
int
ret
=
FW_BLOCK
;
int
ret
=
FW_BLOCK
;
u_int16_t
redirpt
;
u_int16_t
redirpt
;
/* FIXME: Push down to extensions --RR */
if
(
skb_is_nonlinear
(
*
pskb
)
&&
skb_linearize
(
*
pskb
,
GFP_ATOMIC
)
!=
0
)
return
NF_DROP
;
/* Assume worse case: any hook could change packet */
/* Assume worse case: any hook could change packet */
(
*
pskb
)
->
nfcache
|=
NFC_UNKNOWN
|
NFC_ALTERED
;
(
*
pskb
)
->
nfcache
|=
NFC_UNKNOWN
|
NFC_ALTERED
;
if
((
*
pskb
)
->
ip_summed
==
CHECKSUM_HW
)
if
((
*
pskb
)
->
ip_summed
==
CHECKSUM_HW
)
...
@@ -189,6 +193,10 @@ static unsigned int fw_confirm(unsigned int hooknum,
...
@@ -189,6 +193,10 @@ static unsigned int fw_confirm(unsigned int hooknum,
const
struct
net_device
*
out
,
const
struct
net_device
*
out
,
int
(
*
okfn
)(
struct
sk_buff
*
))
int
(
*
okfn
)(
struct
sk_buff
*
))
{
{
/* FIXME: Push down to extensions --RR */
if
(
skb_is_nonlinear
(
*
pskb
)
&&
skb_linearize
(
*
pskb
,
GFP_ATOMIC
)
!=
0
)
return
NF_DROP
;
return
ip_conntrack_confirm
(
*
pskb
);
return
ip_conntrack_confirm
(
*
pskb
);
}
}
...
...
net/ipv4/netfilter/ip_nat_standalone.c
View file @
dfb1d7a5
...
@@ -71,6 +71,10 @@ ip_nat_fn(unsigned int hooknum,
...
@@ -71,6 +71,10 @@ ip_nat_fn(unsigned int hooknum,
/* maniptype == SRC for postrouting. */
/* maniptype == SRC for postrouting. */
enum
ip_nat_manip_type
maniptype
=
HOOK2MANIP
(
hooknum
);
enum
ip_nat_manip_type
maniptype
=
HOOK2MANIP
(
hooknum
);
/* FIXME: Push down to extensions --RR */
if
(
skb_is_nonlinear
(
*
pskb
)
&&
skb_linearize
(
*
pskb
,
GFP_ATOMIC
)
!=
0
)
return
NF_DROP
;
/* We never see fragments: conntrack defrags on pre-routing
/* We never see fragments: conntrack defrags on pre-routing
and local-out, and ip_nat_out protects post-routing. */
and local-out, and ip_nat_out protects post-routing. */
IP_NF_ASSERT
(
!
((
*
pskb
)
->
nh
.
iph
->
frag_off
IP_NF_ASSERT
(
!
((
*
pskb
)
->
nh
.
iph
->
frag_off
...
@@ -170,6 +174,10 @@ ip_nat_out(unsigned int hooknum,
...
@@ -170,6 +174,10 @@ ip_nat_out(unsigned int hooknum,
const
struct
net_device
*
out
,
const
struct
net_device
*
out
,
int
(
*
okfn
)(
struct
sk_buff
*
))
int
(
*
okfn
)(
struct
sk_buff
*
))
{
{
/* FIXME: Push down to extensions --RR */
if
(
skb_is_nonlinear
(
*
pskb
)
&&
skb_linearize
(
*
pskb
,
GFP_ATOMIC
)
!=
0
)
return
NF_DROP
;
/* root is playing with raw sockets. */
/* root is playing with raw sockets. */
if
((
*
pskb
)
->
len
<
sizeof
(
struct
iphdr
)
if
((
*
pskb
)
->
len
<
sizeof
(
struct
iphdr
)
||
(
*
pskb
)
->
nh
.
iph
->
ihl
*
4
<
sizeof
(
struct
iphdr
))
||
(
*
pskb
)
->
nh
.
iph
->
ihl
*
4
<
sizeof
(
struct
iphdr
))
...
@@ -205,6 +213,10 @@ ip_nat_local_fn(unsigned int hooknum,
...
@@ -205,6 +213,10 @@ ip_nat_local_fn(unsigned int hooknum,
u_int32_t
saddr
,
daddr
;
u_int32_t
saddr
,
daddr
;
unsigned
int
ret
;
unsigned
int
ret
;
/* FIXME: Push down to extensions --RR */
if
(
skb_is_nonlinear
(
*
pskb
)
&&
skb_linearize
(
*
pskb
,
GFP_ATOMIC
)
!=
0
)
return
NF_DROP
;
/* root is playing with raw sockets. */
/* root is playing with raw sockets. */
if
((
*
pskb
)
->
len
<
sizeof
(
struct
iphdr
)
if
((
*
pskb
)
->
len
<
sizeof
(
struct
iphdr
)
||
(
*
pskb
)
->
nh
.
iph
->
ihl
*
4
<
sizeof
(
struct
iphdr
))
||
(
*
pskb
)
->
nh
.
iph
->
ihl
*
4
<
sizeof
(
struct
iphdr
))
...
...
net/ipv4/netfilter/ip_tables.c
View file @
dfb1d7a5
...
@@ -271,6 +271,10 @@ ipt_do_table(struct sk_buff **pskb,
...
@@ -271,6 +271,10 @@ ipt_do_table(struct sk_buff **pskb,
void
*
table_base
;
void
*
table_base
;
struct
ipt_entry
*
e
,
*
back
;
struct
ipt_entry
*
e
,
*
back
;
/* FIXME: Push down to extensions --RR */
if
(
skb_is_nonlinear
(
*
pskb
)
&&
skb_linearize
(
*
pskb
,
GFP_ATOMIC
)
!=
0
)
return
NF_DROP
;
/* Initialization */
/* Initialization */
ip
=
(
*
pskb
)
->
nh
.
iph
;
ip
=
(
*
pskb
)
->
nh
.
iph
;
protohdr
=
(
u_int32_t
*
)
ip
+
ip
->
ihl
;
protohdr
=
(
u_int32_t
*
)
ip
+
ip
->
ihl
;
...
...
net/ipv4/netfilter/iptable_filter.c
View file @
dfb1d7a5
...
@@ -107,6 +107,10 @@ ipt_local_out_hook(unsigned int hook,
...
@@ -107,6 +107,10 @@ ipt_local_out_hook(unsigned int hook,
const
struct
net_device
*
out
,
const
struct
net_device
*
out
,
int
(
*
okfn
)(
struct
sk_buff
*
))
int
(
*
okfn
)(
struct
sk_buff
*
))
{
{
/* FIXME: Push down to extensions --RR */
if
(
skb_is_nonlinear
(
*
pskb
)
&&
skb_linearize
(
*
pskb
,
GFP_ATOMIC
)
!=
0
)
return
NF_DROP
;
/* root is playing with raw sockets. */
/* root is playing with raw sockets. */
if
((
*
pskb
)
->
len
<
sizeof
(
struct
iphdr
)
if
((
*
pskb
)
->
len
<
sizeof
(
struct
iphdr
)
||
(
*
pskb
)
->
nh
.
iph
->
ihl
*
4
<
sizeof
(
struct
iphdr
))
{
||
(
*
pskb
)
->
nh
.
iph
->
ihl
*
4
<
sizeof
(
struct
iphdr
))
{
...
...
net/ipv4/netfilter/iptable_mangle.c
View file @
dfb1d7a5
...
@@ -145,6 +145,10 @@ ipt_local_hook(unsigned int hook,
...
@@ -145,6 +145,10 @@ ipt_local_hook(unsigned int hook,
u_int32_t
saddr
,
daddr
;
u_int32_t
saddr
,
daddr
;
unsigned
long
nfmark
;
unsigned
long
nfmark
;
/* FIXME: Push down to extensions --RR */
if
(
skb_is_nonlinear
(
*
pskb
)
&&
skb_linearize
(
*
pskb
,
GFP_ATOMIC
)
!=
0
)
return
NF_DROP
;
/* root is playing with raw sockets. */
/* root is playing with raw sockets. */
if
((
*
pskb
)
->
len
<
sizeof
(
struct
iphdr
)
if
((
*
pskb
)
->
len
<
sizeof
(
struct
iphdr
)
||
(
*
pskb
)
->
nh
.
iph
->
ihl
*
4
<
sizeof
(
struct
iphdr
))
{
||
(
*
pskb
)
->
nh
.
iph
->
ihl
*
4
<
sizeof
(
struct
iphdr
))
{
...
...
net/ipv6/af_inet6.c
View file @
dfb1d7a5
...
@@ -111,7 +111,7 @@ static void inet6_sock_destruct(struct sock *sk)
...
@@ -111,7 +111,7 @@ static void inet6_sock_destruct(struct sock *sk)
#ifdef INET_REFCNT_DEBUG
#ifdef INET_REFCNT_DEBUG
atomic_dec
(
&
inet6_sock_nr
);
atomic_dec
(
&
inet6_sock_nr
);
#endif
#endif
MOD_DEC_USE_COUNT
;
module_put
(
THIS_MODULE
)
;
}
}
static
__inline__
kmem_cache_t
*
inet6_sk_slab
(
int
protocol
)
static
__inline__
kmem_cache_t
*
inet6_sk_slab
(
int
protocol
)
...
@@ -242,7 +242,10 @@ static int inet6_create(struct socket *sock, int protocol)
...
@@ -242,7 +242,10 @@ static int inet6_create(struct socket *sock, int protocol)
atomic_inc
(
&
inet6_sock_nr
);
atomic_inc
(
&
inet6_sock_nr
);
atomic_inc
(
&
inet_sock_nr
);
atomic_inc
(
&
inet_sock_nr
);
#endif
#endif
MOD_INC_USE_COUNT
;
if
(
!
try_get_module
(
THIS_MODULE
))
{
inet_sock_release
(
sk
);
return
-
EBUSY
;
}
if
(
inet
->
num
)
{
if
(
inet
->
num
)
{
/* It assumes that any protocol which allows
/* It assumes that any protocol which allows
...
@@ -255,7 +258,7 @@ static int inet6_create(struct socket *sock, int protocol)
...
@@ -255,7 +258,7 @@ static int inet6_create(struct socket *sock, int protocol)
if
(
sk
->
prot
->
init
)
{
if
(
sk
->
prot
->
init
)
{
int
err
=
sk
->
prot
->
init
(
sk
);
int
err
=
sk
->
prot
->
init
(
sk
);
if
(
err
!=
0
)
{
if
(
err
!=
0
)
{
MOD_DEC_USE_COUNT
;
module_put
(
THIS_MODULE
)
;
inet_sock_release
(
sk
);
inet_sock_release
(
sk
);
return
err
;
return
err
;
}
}
...
...
net/ipv6/ipv6_sockglue.c
View file @
dfb1d7a5
...
@@ -196,7 +196,7 @@ int ipv6_setsockopt(struct sock *sk, int level, int optname, char *optval,
...
@@ -196,7 +196,7 @@ int ipv6_setsockopt(struct sock *sk, int level, int optname, char *optval,
#ifdef INET_REFCNT_DEBUG
#ifdef INET_REFCNT_DEBUG
atomic_dec
(
&
inet6_sock_nr
);
atomic_dec
(
&
inet6_sock_nr
);
#endif
#endif
MOD_DEC_USE_COUNT
;
module_put
(
THIS_MODULE
)
;
retv
=
0
;
retv
=
0
;
break
;
break
;
}
}
...
...
net/ipv6/netfilter/ip6_tables.c
View file @
dfb1d7a5
...
@@ -343,6 +343,10 @@ ip6t_do_table(struct sk_buff **pskb,
...
@@ -343,6 +343,10 @@ ip6t_do_table(struct sk_buff **pskb,
void
*
table_base
;
void
*
table_base
;
struct
ip6t_entry
*
e
,
*
back
;
struct
ip6t_entry
*
e
,
*
back
;
/* FIXME: Push down to extensions --RR */
if
(
skb_is_nonlinear
(
*
pskb
)
&&
skb_linearize
(
*
pskb
,
GFP_ATOMIC
)
!=
0
)
return
NF_DROP
;
/* Initialization */
/* Initialization */
ipv6
=
(
*
pskb
)
->
nh
.
ipv6h
;
ipv6
=
(
*
pskb
)
->
nh
.
ipv6h
;
protohdr
=
(
u_int32_t
*
)((
char
*
)
ipv6
+
IPV6_HDR_LEN
);
protohdr
=
(
u_int32_t
*
)((
char
*
)
ipv6
+
IPV6_HDR_LEN
);
...
...
net/ipv6/netfilter/ip6table_mangle.c
View file @
dfb1d7a5
...
@@ -154,6 +154,10 @@ ip6t_local_hook(unsigned int hook,
...
@@ -154,6 +154,10 @@ ip6t_local_hook(unsigned int hook,
}
}
#endif
#endif
/* FIXME: Push down to extensions --RR */
if
(
skb_is_nonlinear
(
*
pskb
)
&&
skb_linearize
(
*
pskb
,
GFP_ATOMIC
)
!=
0
)
return
NF_DROP
;
/* save source/dest address, nfmark, hoplimit, flowlabel, priority, */
/* save source/dest address, nfmark, hoplimit, flowlabel, priority, */
memcpy
(
&
saddr
,
&
(
*
pskb
)
->
nh
.
ipv6h
->
saddr
,
sizeof
(
saddr
));
memcpy
(
&
saddr
,
&
(
*
pskb
)
->
nh
.
ipv6h
->
saddr
,
sizeof
(
saddr
));
memcpy
(
&
daddr
,
&
(
*
pskb
)
->
nh
.
ipv6h
->
daddr
,
sizeof
(
daddr
));
memcpy
(
&
daddr
,
&
(
*
pskb
)
->
nh
.
ipv6h
->
daddr
,
sizeof
(
daddr
));
...
...
net/ipv6/sit.c
View file @
dfb1d7a5
...
@@ -170,10 +170,11 @@ static struct ip_tunnel * ipip6_tunnel_locate(struct ip_tunnel_parm *parms, int
...
@@ -170,10 +170,11 @@ static struct ip_tunnel * ipip6_tunnel_locate(struct ip_tunnel_parm *parms, int
if
(
!
create
)
if
(
!
create
)
return
NULL
;
return
NULL
;
MOD_INC_USE_COUNT
;
if
(
!
try_module_get
(
THIS_MODULE
))
return
NULL
;
dev
=
kmalloc
(
sizeof
(
*
dev
)
+
sizeof
(
*
t
),
GFP_KERNEL
);
dev
=
kmalloc
(
sizeof
(
*
dev
)
+
sizeof
(
*
t
),
GFP_KERNEL
);
if
(
dev
==
NULL
)
{
if
(
dev
==
NULL
)
{
MOD_DEC_USE_COUNT
;
module_put
(
THIS_MODULE
)
;
return
NULL
;
return
NULL
;
}
}
memset
(
dev
,
0
,
sizeof
(
*
dev
)
+
sizeof
(
*
t
));
memset
(
dev
,
0
,
sizeof
(
*
dev
)
+
sizeof
(
*
t
));
...
@@ -205,7 +206,7 @@ static struct ip_tunnel * ipip6_tunnel_locate(struct ip_tunnel_parm *parms, int
...
@@ -205,7 +206,7 @@ static struct ip_tunnel * ipip6_tunnel_locate(struct ip_tunnel_parm *parms, int
failed:
failed:
kfree
(
dev
);
kfree
(
dev
);
MOD_DEC_USE_COUNT
;
module_put
(
THIS_MODULE
)
;
return
NULL
;
return
NULL
;
}
}
...
@@ -213,7 +214,7 @@ static void ipip6_tunnel_destructor(struct net_device *dev)
...
@@ -213,7 +214,7 @@ static void ipip6_tunnel_destructor(struct net_device *dev)
{
{
if
(
dev
!=
&
ipip6_fb_tunnel_dev
)
{
if
(
dev
!=
&
ipip6_fb_tunnel_dev
)
{
kfree
(
dev
);
kfree
(
dev
);
MOD_DEC_USE_COUNT
;
module_put
(
THIS_MODULE
)
;
}
}
}
}
...
@@ -622,7 +623,8 @@ ipip6_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd)
...
@@ -622,7 +623,8 @@ ipip6_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd)
struct
ip_tunnel_parm
p
;
struct
ip_tunnel_parm
p
;
struct
ip_tunnel
*
t
;
struct
ip_tunnel
*
t
;
MOD_INC_USE_COUNT
;
if
(
!
try_module_get
(
THIS_MODULE
))
return
-
EBUSY
;
switch
(
cmd
)
{
switch
(
cmd
)
{
case
SIOCGETTUNNEL
:
case
SIOCGETTUNNEL
:
...
@@ -721,7 +723,7 @@ ipip6_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd)
...
@@ -721,7 +723,7 @@ ipip6_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd)
}
}
done:
done:
MOD_DEC_USE_COUNT
;
module_put
(
THIS_MODULE
)
;
return
err
;
return
err
;
}
}
...
@@ -801,13 +803,14 @@ static int ipip6_tunnel_init(struct net_device *dev)
...
@@ -801,13 +803,14 @@ static int ipip6_tunnel_init(struct net_device *dev)
#ifdef MODULE
#ifdef MODULE
static
int
ipip6_fb_tunnel_open
(
struct
net_device
*
dev
)
static
int
ipip6_fb_tunnel_open
(
struct
net_device
*
dev
)
{
{
MOD_INC_USE_COUNT
;
if
(
!
try_module_get
(
THIS_MODULE
))
return
-
EBUSY
;
return
0
;
return
0
;
}
}
static
int
ipip6_fb_tunnel_close
(
struct
net_device
*
dev
)
static
int
ipip6_fb_tunnel_close
(
struct
net_device
*
dev
)
{
{
MOD_DEC_USE_COUNT
;
module_put
(
THIS_MODULE
)
;
return
0
;
return
0
;
}
}
#endif
#endif
...
...
net/sched/sch_dsmark.c
View file @
dfb1d7a5
...
@@ -193,6 +193,7 @@ static int dsmark_enqueue(struct sk_buff *skb,struct Qdisc *sch)
...
@@ -193,6 +193,7 @@ static int dsmark_enqueue(struct sk_buff *skb,struct Qdisc *sch)
D2PRINTK
(
"dsmark_enqueue(skb %p,sch %p,[qdisc %p])
\n
"
,
skb
,
sch
,
p
);
D2PRINTK
(
"dsmark_enqueue(skb %p,sch %p,[qdisc %p])
\n
"
,
skb
,
sch
,
p
);
if
(
p
->
set_tc_index
)
{
if
(
p
->
set_tc_index
)
{
/* FIXME: Safe with non-linear skbs? --RR */
switch
(
skb
->
protocol
)
{
switch
(
skb
->
protocol
)
{
case
__constant_htons
(
ETH_P_IP
):
case
__constant_htons
(
ETH_P_IP
):
skb
->
tc_index
=
ipv4_get_dsfield
(
skb
->
nh
.
iph
);
skb
->
tc_index
=
ipv4_get_dsfield
(
skb
->
nh
.
iph
);
...
...
net/sched/sch_ingress.c
View file @
dfb1d7a5
...
@@ -222,6 +222,11 @@ used on the egress (might slow things for an iota)
...
@@ -222,6 +222,11 @@ used on the egress (might slow things for an iota)
*/
*/
if
(
dev
->
qdisc_ingress
)
{
if
(
dev
->
qdisc_ingress
)
{
/* FIXME: Push down to ->enqueue functions --RR */
if
(
skb_is_nonlinear
(
*
pskb
)
&&
skb_linearize
(
*
pskb
,
GFP_ATOMIC
)
!=
0
)
return
NF_DROP
;
spin_lock
(
&
dev
->
queue_lock
);
spin_lock
(
&
dev
->
queue_lock
);
if
((
q
=
dev
->
qdisc_ingress
)
!=
NULL
)
if
((
q
=
dev
->
qdisc_ingress
)
!=
NULL
)
fwres
=
q
->
enqueue
(
skb
,
q
);
fwres
=
q
->
enqueue
(
skb
,
q
);
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment