aboutsummaryrefslogtreecommitdiffstats
path: root/include
Commit message (Collapse)AuthorAgeFilesLines
* [CRYPTO] aead: Add authencHerbert Xu2007-10-101-1/+43
| | | | | | | | | | | | | | | | | | | | | | | | | | | This patch adds the authenc algorithm which constructs an AEAD algorithm from an asynchronous block cipher and a hash. The construction is done by concatenating the encrypted result from the cipher with the output from the hash, as is used by the IPsec ESP protocol. The authenc algorithm exists as a template with four parameters: authenc(auth, authsize, enc, enckeylen). The authentication algorithm, the authentication size (i.e., truncating the output of the authentication algorithm), the encryption algorithm, and the encryption key length. Both the size field and the key length field are in bytes. For example, AES-128 with SHA1-HMAC would be represented by authenc(hmac(sha1), 12, cbc(aes), 16) The key for the authenc algorithm is the concatenation of the keys for the authentication algorithm with the encryption algorithm. For the above example, if a key of length 36 bytes is given, then hmac(sha1) would receive the first 20 bytes while the last 16 would be given to cbc(aes). Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [CRYPTO] api: Fixed crypto_*_reqsize return typeHerbert Xu2007-10-101-2/+3
| | | | | | | | This patch changes the return type of crypto_*_reqsize from int to unsigned int which matches what the underlying type is (and should be). Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [CRYPTO] ablkcipher: Remove queue pointer from common alg objectHerbert Xu2007-10-102-10/+7
| | | | | | | | Since not everyone needs a queue pointer and those who need it can always get it from the context anyway the queue pointer in the common alg object is redundant. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [CRYPTO] api: Add support for multiple template parametersHerbert Xu2007-10-101-0/+8
| | | | | | | | | | | | | | This patch adds support for having multiple parameters to a template, separated by a comma. It also adds support for integer parameters in addition to the current algorithm parameter type. This will be used by the authenc template which will have four parameters: the authentication algorithm, the encryption algorithm, the authentication size and the encryption key length. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [CRYPTO] api: Add aead crypto typeHerbert Xu2007-10-102-0/+206
| | | | | | | | | | | | | | | | | This patch adds crypto_aead which is the interface for AEAD (Authenticated Encryption with Associated Data) algorithms. AEAD algorithms perform authentication and encryption in one step. Traditionally users (such as IPsec) would use two different crypto algorithms to perform these. With AEAD this comes down to one algorithm and one operation. Of course if traditional algorithms were used we'd still be doing two operations underneath. However, real AEAD algorithms may allow the underlying operations to be optimised as well. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [CRYPTO] api: Add crypto_ablkcipher_ctx_alignedSebastian Siewior2007-10-101-0/+5
| | | | | | | | | This is function does the same thing for ablkcipher that is done for blkcipher by crypto_blkcipher_ctx_aligned(): it returns an aligned address of the private ctx. Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [FS] seq_file: Introduce the seq_open_private()Pavel Emelyanov2007-10-101-0/+2
| | | | | | | | | | This function allocates the zeroed chunk of memory and call seq_open(). The __seq_open_private() helper returns the allocated memory to make it possible for the caller to initialize it. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* ibm_emac: Convert to use napi_struct independent of struct net_deviceRoland Dreier2007-10-101-0/+10
| | | | | | | | | | | | | | Commit da3dedd9 ("[NET]: Make NAPI polling independent of struct net_device objects.") changed the interface to NAPI polling. Fix up the ibm_emac driver so that it works with this new interface. This is actually a nice cleanup because ibm_emac is one of the drivers that wants to have multiple NAPI structures for a single net_device. Tested with the internal MAC of a PowerPC 440SPe SoC with an AMCC 'Yucca' evaluation board. Signed-off-by: Roland Dreier <rolandd@cisco.com> Signed-off-by: Jeff Garzik <jeff@garzik.org>
* [IPSEC]: Move common code into xfrm_alloc_spiHerbert Xu2007-10-101-1/+1
| | | | | | | | | | | | | | | | | This patch moves some common code that conceptually belongs to the xfrm core from af_key/xfrm_user into xfrm_alloc_spi. In particular, the spin lock on the state is now taken inside xfrm_alloc_spi. Previously it also protected the construction of the response PF_KEY/XFRM messages to user-space. This is inconsistent as other identical constructions are not protected by the state lock. This is bad because they in fact should be protected but only in certain spots (so as not to hold the lock for too long which may cause packet drops). The SPI byte order conversion has also been moved. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETNS]: Move some code into __init section when CONFIG_NET_NS=nPavel Emelyanov2007-10-102-0/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | With the net namespaces many code leaved the __init section, thus making the kernel occupy more memory than it did before. Since we have a config option that prohibits the namespace creation, the functions that initialize/finalize some netns stuff are simply not needed and can be freed after the boot. Currently, this is almost not noticeable, since few calls are no longer in __init, but when the namespaces will be merged it will be possible to free more code. I propose to use the __net_init, __net_exit and __net_initdata "attributes" for functions/variables that are not used if the CONFIG_NET_NS is not set to save more space in memory. The exiting functions cannot just reside in the __exit section, as noticed by David, since the init section will have references on it and the compilation will fail due to modpost checks. These references can exist, since the init namespace never dies and the exit callbacks are never called. So I introduce the __exit_refok attribute just like it is already done with the __init_refok. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [ISDN]: Change I4L to use alloc_netdev().Karsten Keil2007-10-101-1/+1
| | | | | Signed-off-by: Karsten Keil <kkeil@suse.de> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Unexport xfrm_replay_notifyHerbert Xu2007-10-101-6/+0
| | | | | | | | | | | Now that the only callers of xfrm_replay_notify are in xfrm, we can remove the export. This patch also removes xfrm_aevent_doreplay since it's now called in just one spot. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Move output replay code into xfrm_outputHerbert Xu2007-10-101-1/+19
| | | | | | | | | | The replay counter is one of only two remaining things in the output code that requires a lock on the xfrm state (the other being the crypto). This patch moves it into the generic xfrm_output so we can remove the lock from the transforms themselves. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Move xfrm_state_check into xfrm_output.cHerbert Xu2007-10-101-1/+0
| | | | | | | | The functions xfrm_state_check and xfrm_state_check_space are only used by the output code in xfrm_output.c so we can move them over. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Move common output code to xfrm_outputHerbert Xu2007-10-101-0/+1
| | | | | | | | | | | | Most of the code in xfrm4_output_one and xfrm6_output_one are identical so this patch moves them into a common xfrm_output function which will live in net/xfrm. In fact this would seem to fix a bug as on IPv4 we never reset the network header after a transform which may upset netfilter later on. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC] ah: Remove keys from ah_data structureHerbert Xu2007-10-101-2/+0
| | | | | | | | | The keys are only used during initialisation so we don't need to carry them in esp_data. Since we don't have to allocate them again, there is no need to place a limit on the authentication key length anymore. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC] esp: Remove keys from esp_data structureHerbert Xu2007-10-101-7/+0
| | | | | | | | | | | The keys are only used during initialisation so we don't need to carry them in esp_data. Since we don't have to allocate them again, there is no need to place a limit on the authentication key length anymore. This patch also kills the unused auth.icv member. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [AF_IUCV]: postpone receival of iucv-packetsUrsula Braun2007-10-101-0/+7
| | | | | | | | | | | | | | | AF_IUCV socket programs may waste Linux storage, because af_iucv allocates an skb whenever posted by the receive callback routine and receives the message immediately. Message receival is now postponed if data from previous callbacks has not yet been transferred to the receiving socket program. Instead a message handle is saved in a message queue as a reminder. Once messages could be given to the receiving socket program, there is an additional checking for entries in the message queue, followed by skb allocation and message receival if applicable. Signed-off-by: Ursula Braun <braunu@de.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [AF_IUCV]: remove static declarations from header file.Heiko Carstens2007-10-101-20/+0
| | | | | | Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com> Signed-off-by: Ursula Braun <braunu@de.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NET]: sparse warning fixesStephen Hemminger2007-10-102-12/+12
| | | | | | | | | Fix a bunch of sparse warnings. Mostly about 0 used as NULL pointer, and shadowed variable declarations. One notable case was that hash size should have been unsigned. Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [TCP]: Comment fastpath_cnt_hint off-by-one trapIlpo Järvinen2007-10-101-1/+2
| | | | | Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi> Signed-off-by: David S. Miller <davem@davemloft.net>
* [TG3]: Add 5784 and 5764 support.Matt Carlson2007-10-101-0/+2
| | | | | | | | This patch adds the support for 5784 and 5764 devices. Signed-off-by: Matt Carlson <mcarlson@broadcom.com> Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [TG3]: Walk PCI capability lists.Matt Carlson2007-10-101-0/+13
| | | | | | | | | | | Newer tg3 devices shuffle around the registers in PCI configuration space. This patch changes the way the driver accesses the PCI capabilities registers. Hardcoded register locations are replaced with offsets from pci_find_capability() return values. Signed-off-by: Matt Carlson <mcarlson@broadcom.com> Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [DCCP]: Tidy-up -- minisock initialisationGerrit Renker2007-10-101-1/+0
| | | | | | | | | | | | | | | | This * removes a declaration of a non-existent function __dccp_minisock_init; * shifts the initialisation function dccp_minisock_init() from options.c to minisocks.c, where it is more naturally expected to be. Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk> Signed-off-by: Ian McDonald <ian.mcdonald@jandi.co.nz> Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [DCCP]: Add socket option to query the current MPSGerrit Renker2007-10-101-0/+1
| | | | | | | | | | | | | | | | | | | | | | | This enables applications to query the current value of the Maximum Packet Size via a socket option, suggested as a SHOULD in (RFC 4340, p. 102). This socket option is useful to avoid the annoying bail-out via `-EMSGSIZE'. In particular, as fragmentation is not currently supported (and its use is partly discouraged in RFC 4340). With this option, it is possible to size buffers accordingly, e.g. int buflen = dccp_get_cur_mps(sockfd); /* or */ if (msgsize > dccp_get_cur_mps(sockfd)) die("message is too large for this path"); Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk> Signed-off-by: Ian McDonald <ian.mcdonald@jandi.co.nz> Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [MAC80211]: Update beacon_update callback documentationMichael Buesch2007-10-101-1/+8
| | | | | | Signed-off-by: Michael Buesch <mb@bu3sch.de> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [MAC80211]: add sta_notify callbackTomas Winkler2007-10-101-4/+16
| | | | | | | | | | | | | | | | This patch adds sta_notify callback and removes sta_table_notification which was not used by any driver. sta_notify() is essential for drivers that keeps notion of station internally and need to be notified about removal or addition of a station to the (I)BSS or assocation to an AP. This version adds interface id to the parameter list as suggested by Johannes Berg Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Acked-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [MAC80211]: Add association LED triggerMichael Buesch2007-10-101-0/+11
| | | | | | | | | Many devices have LEDs to indicate the link status. Export this functionality to drivers. Signed-off-by: Michael Buesch <mb@bu3sch.de> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [MAC80211]: remove ALG_NONEJohannes Berg2007-10-101-2/+0
| | | | | | | | | | This "algorithm" is used only internally and is not useful. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Cc: Michael Buesch <mb@bu3sch.de> Acked-by: Zhu Yi <yi.zhu@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [MAC80211]: remove management interfaceJohannes Berg2007-10-101-1/+0
| | | | | | | | | | | Removes the management interface since it is only required for hostapd/userspace MLME, will not be in the final tree at least in this form and hostapd/userspace MLME currently do not work against this tree anyway. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [MAC80211]: add "invalid" interface typeJohannes Berg2007-10-101-0/+3
| | | | | | | | | | | Since I cannot convince the lazy driver authors (hello Michael) to stop (ab)using the MGMT interface type internally in their drivers, this patch introduces a new _INVALID type especially for their use and changes all affected drivers to use it. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [RFKILL]: Add support for hardware-only rfkill buttonsMichael Buesch2007-10-101-0/+3
| | | | | | | | | | | | Buttons that work directly on hardware cannot support the "user_claim" functionality. Add a flag to signal this and return -EOPNOTSUPP in this case. b43 is such a device. Signed-off-by: Michael Buesch <mb@bu3sch.de> Acked-by: Ivo van Doorn <IvDoorn@gmail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [RFKILL]: Add support for an rfkill LED.Michael Buesch2007-10-101-0/+21
| | | | | | | | | This adds a LED trigger. Signed-off-by: Michael Buesch <mb@bu3sch.de> Acked-by: Ivo van Doorn <IvDoorn@gmail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* Generic bitbanged MDIO libraryScott Wood2007-10-101-0/+42
| | | | | | | | | | Previously, bitbanged MDIO was only supported in individual hardware-specific drivers. This code factors out the higher level protocol implementation, reducing the hardware-specific portion to functions setting direction, data, and clock. Signed-off-by: Scott Wood <scottwood@freescale.com> Signed-off-by: Jeff Garzik <jeff@garzik.org>
* fs_enet: Be an of_platform device when CONFIG_PPC_CPM_NEW_BINDING is set.Scott Wood2007-10-101-0/+5
| | | | | | | | | | | | | | The existing OF glue code was crufty and broken. Rather than fix it, it will be removed, and the ethernet driver now talks to the device tree directly. The old, non-CONFIG_PPC_CPM_NEW_BINDING code can go away once CPM platforms are dropped from arch/ppc (which will hopefully be soon), and existing arch/powerpc boards that I wasn't able to test on for this patchset get converted (which should be even sooner). Signed-off-by: Scott Wood <scottwood@freescale.com> Signed-off-by: Jeff Garzik <jeff@garzik.org>
* fs_enet: Include linux/string.h from linux/fs_enet_pd.hScott Wood2007-10-101-0/+1
| | | | | | | It is needed for strstr(). Signed-off-by: Scott Wood <scottwood@freescale.com> Signed-off-by: Jeff Garzik <jeff@garzik.org>
* [ZLIB]: Move bnx2 driver gzip unpacker into zlib.Denys Vlasenko2007-10-101-1/+5
| | | | | | Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> Acked-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* ax88796: add 93cx6 eeprom supportMagnus Damm2007-10-102-1/+3
| | | | | | | | | | | | | | | Hook up the 93cx6 eeprom code to the ax88796 driver and modify the ax88796 driver to read out the mac address from the eeprom. We need this for the ax88796 on certain SuperH boards. The pin configuration used to connect the eeprom to the ax88796 on these boards is the same as pointed out by the ax88796 datasheet, so we can probably reuse this code for multiple platforms in the future. Signed-off-by: Magnus Damm <damm@igel.co.jp> Cc: Ben Dooks <ben-linux@fluff.org> Cc: Paul Mundt <lethal@linux-sh.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Jeff Garzik <jeff@garzik.org>
* PHYLIB: IRQ event workqueue handling fixesMaciej W. Rozycki2007-10-101-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Keep track of disable_irq_nosync() invocations and call enable_irq() the right number of times if work has been cancelled that would include them. Now that the call to flush_work_keventd() (problematic because of rtnl_mutex being held) has been replaced by cancel_work_sync() another issue has arisen and been left unresolved. As the MDIO bus cannot be accessed from the interrupt context the PHY interrupt handler uses disable_irq_nosync() to prevent from looping and schedules some work to be done as a softirq, which, apart from handling the state change of the originating PHY, is responsible for reenabling the interrupt. Now if the interrupt line is shared by another device and a call to the softirq handler has been cancelled, that call to enable_irq() never happens and the other device cannot use its interrupt anymore as its stuck disabled. I decided to use a counter rather than a flag because there may be more than one call to phy_change() cancelled in the queue -- a real one and a fake one triggered by free_irq() if DEBUG_SHIRQ is used, if nothing else. Therefore because of its nesting property enable_irq() has to be called the right number of times to match the number disable_irq_nosync() was called and restore the original state. This DEBUG_SHIRQ feature is also the reason why free_irq() has to be called before cancel_work_sync(). While at it I updated the comment about phy_stop_interrupts() being called from `keventd' -- this is no longer relevant as the use of cancel_work_sync() makes such an approach unnecessary. OTOH a similar comment referring to flush_scheduled_work() in phy_stop() still applies as using cancel_work_sync() there would be dangerous. Checked with checkpatch.pl and at the run time (with and without DEBUG_SHIRQ). Signed-off-by: Maciej W. Rozycki <macro@linux-mips.org> Cc: Andy Fleming <afleming@freescale.com> Cc: Jeff Garzik <jgarzik@pobox.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Jeff Garzik <jeff@garzik.org>
* PHY fixed driver: rework release path and update phy_id notationVitaly Bordug2007-10-101-0/+38
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | device_bind_driver() error code returning has been fixed. release() function has been written, so that to free resources in correct way; the release path is now clean. Before the rework, it used to cause Device 'fixed@100:1' does not have a release() function, it is broken and must be fixed. BUG: at drivers/base/core.c:104 device_release() Call Trace: [<ffffffff802ec380>] kobject_cleanup+0x53/0x7e [<ffffffff802ec3ab>] kobject_release+0x0/0x9 [<ffffffff802ecf3f>] kref_put+0x74/0x81 [<ffffffff8035493b>] fixed_mdio_register_device+0x230/0x265 [<ffffffff80564d31>] fixed_init+0x1f/0x35 [<ffffffff802071a4>] init+0x147/0x2fb [<ffffffff80223b6e>] schedule_tail+0x36/0x92 [<ffffffff8020a678>] child_rip+0xa/0x12 [<ffffffff80311714>] acpi_ds_init_one_object+0x0/0x83 [<ffffffff8020705d>] init+0x0/0x2fb [<ffffffff8020a66e>] child_rip+0x0/0x12 Also changed the notation of the fixed phy definition on mdio bus to the form of <speed>+<duplex> to make it able to be used by gianfar and ucc_geth that define phy_id strictly as "%d:%d" and cleaned up the whitespace issues. Signed-off-by: Vitaly Bordug <vitb@kernel.crashing.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Jeff Garzik <jeff@garzik.org>
* [NETFILTER]: x_tables: add xt_time matchJan Engelhardt2007-10-101-0/+25
| | | | | | | | | | | | | This is ipt_time from POM-ng enhanced by the following: * xtables/ipv6 support * second granularity for daytime * day-of-month support (for example "match on the 15th of each month") * match against UTC or local timezone Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: nf_conntrack_netlink: add support to related connectionsPablo Neira Ayuso2007-10-101-0/+1
| | | | | | | | | | This patch adds support to relate a connection to an existing master connection. This patch is used by conntrackd to correctly replicate related connections. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: nf_conntrack_expect: kill unique IDPatrick McHardy2007-10-101-3/+0
| | | | | | | | Similar to the conntrack ID, the per-expectation ID is not needed anymore, kill it. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: nf_conntrack: kill unique IDPatrick McHardy2007-10-101-3/+0
| | | | | | | | | Remove the per-conntrack ID, its not necessary anymore for dumping. For compatiblity reasons we send the address of the conntrack to userspace as ID. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: nfnetlink: kill nlattr_bad_sizePatrick McHardy2007-10-101-13/+0
| | | | | Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: ctnetlink: use netlink policyPatrick McHardy2007-10-102-0/+5
| | | | | Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: nfnetlink: support attribute policiesPatrick McHardy2007-10-101-1/+2
| | | | | | | Add support for automatic checking of per-callback attribute policies. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: nfnetlink: rename functions containing 'nfattr'Patrick McHardy2007-10-105-14/+14
| | | | | | | There is no struct nfattr anymore, rename functions to 'nlattr'. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: nfnetlink: convert to generic netlink attribute functionsPatrick McHardy2007-10-106-82/+77
| | | | | | | | | Get rid of the duplicated rtnetlink macros and use the generic netlink attribute functions. The old duplicated stuff is moved to a new header file that exists just for userspace. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: nfnetlink: make subsystem and callbacks constPatrick McHardy2007-10-101-5/+5
| | | | | Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>