aboutsummaryrefslogtreecommitdiffstats
path: root/net/ipv4
Commit message (Collapse)AuthorAgeFilesLines
* IPV4: fib_trie use vmalloc for large tnodesStephen Hemminger2008-04-101-10/+15
| | | | | | | | | | | | | | | Use vmalloc rather than alloc_pages to avoid wasting memory. The problem is that tnode structure has a power of 2 sized array, plus a header. So the current code wastes almost half the memory allocated because it always needs the next bigger size to hold that small header. This is similar to an earlier patch by Eric, but instead of a list and lock, I used a workqueue to handle the fact that vfree can't be done in interrupt context. Signed-off-by: Stephen Hemminger <shemminger@vyatta.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* IPV4: route rekey timer can be deferrableStephen Hemminger2008-04-101-1/+3
| | | | | | | No urgency on the rehash interval timer, so mark it as deferrable. Signed-off-by: Stephen Hemminger <shemminger@vyatta.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* IPV4: route use jhash3Stephen Hemminger2008-04-101-6/+4
| | | | | | | | Since route hash is a triple, use jhash_3words rather doing the mixing directly. This should be as fast and give better distribution. Signed-off-by: Stephen Hemminger <shemminger@vyatta.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* IPV4: route inline changesStephen Hemminger2008-04-101-27/+27
| | | | | | | | Don't mark functions that are large as inline, let compiler decide. Also, use inline rather than __inline__. Signed-off-by: Stephen Hemminger <shemminger@vyatta.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETNS]: Use TCP control socket from a correct namespace.Denis V. Lunev2008-04-031-6/+4
| | | | | Signed-off-by: Denis V.Lunev <den@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETNS]: Create tcp control socket in the each namespace.Denis V. Lunev2008-04-031-2/+19
| | | | | Signed-off-by: Denis V. Lunev <den@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [INET]: uc_ttl assignment in inet_ctl_sock_create is redundant.Denis V. Lunev2008-04-031-1/+0
| | | | | | | | uc_ttl is initialized in inet(6)_create and never changed except setsockopt ioctl. Remove this assignment. Signed-off-by: Denis V. Lunev <den@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [ICMP]: Simplify ICMP control socket creation.Denis V. Lunev2008-04-031-18/+7
| | | | | | | | Replace sock_create_kern with inet_ctl_sock_create. Signed-off-by: Denis V. Lunev <den@openvz.org> Acked-by: Arnaldo Carvalho de Melo <acme@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETNS]: Inet control socket should not hold a namespace.Denis V. Lunev2008-04-032-2/+5
| | | | | | | | | | This is a generic requirement, so make inet_ctl_sock_create namespace aware and create a inet_ctl_sock_destroy wrapper around sk_release_kernel. Signed-off-by: Denis V. Lunev <den@openvz.org> Acked-by: Arnaldo Carvalho de Melo <acme@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [INET]: Let inet_ctl_sock_create return sock rather than socket.Denis V. Lunev2008-04-032-8/+8
| | | | | | | | All upper protocol layers are already use sock internally. Signed-off-by: Denis V. Lunev <den@openvz.org> Acked-by: Arnaldo Carvalho de Melo <acme@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [INET]: Rename inet_csk_ctl_sock_create to inet_ctl_sock_create.Denis V. Lunev2008-04-033-21/+21
| | | | | | | | | | | This call is nothing common with INET connection sockets code. It simply creates an unhashes kernel sockets for protocol messages. Move the new call into af_inet.c after the rename. Signed-off-by: Denis V. Lunev <den@openvz.org> Acked-by: Arnaldo Carvalho de Melo <acme@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [TCP]: Replace socket with sock for reset sending.Denis V. Lunev2008-04-031-4/+6
| | | | | | | | | | Replace tcp_socket with tcp_sock. This is more effective (less derefferences on fast paths). Additionally, the approach is unified to one used in ICMP. Signed-off-by: Denis V. Lunev <den@openvz.org> Acked-by: Arnaldo Carvalho de Melo <acme@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* Merge branch 'master' of ↵David S. Miller2008-04-023-3/+6
|\ | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 Conflicts: drivers/net/s2io.c
| * [IP] UDP: Use SEQ_START_TOKEN.YOSHIFUJI Hideaki2008-03-311-2/+2
| | | | | | | | | | Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [INET]: inet_frag_evictor() must run with BH disabledDavid S. Miller2008-03-281-0/+3
| | | | | | | | | | | | Based upon a lockdep trace from Dave Jones. Signed-off-by: David S. Miller <davem@davemloft.net>
| * [NET]: Don't send ICMP_FRAG_NEEDED for GSO packetsRusty Russell2008-03-281-1/+1
| | | | | | | | | | | | | | | | | | | | | | Commit 9af3912ec9e30509b76cb376abb65a4d8af27df3 ("[NET] Move DF check to ip_forward") added a new check to send ICMP fragmentation needed for large packets. Unlike the check in ip_finish_output(), it doesn't check for GSO. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [IPV4][NETNS]: Display per-net info in sockstat file.Pavel Emelyanov2008-03-311-7/+34
| | | | | | | | | | | | | | | | Besides, now we can see per-net fragments statistics in the same file, since this stats is already per-net. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [SOCK][NETNS]: Register sockstat(6) files in each net.Pavel Emelyanov2008-03-311-5/+22
| | | | | | | | | | | | | | | | Currently they live in init_net only, but now almost all the info they can provide is available per-net. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [SOCK][NETNS]: Add a struct net argument to sock_prot_inuse_add and _get.Pavel Emelyanov2008-03-315-12/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | This counter is about to become per-proto-and-per-net, so we'll need two arguments to determine which cell in this "table" to work with. All the places, but proc already pass proper net to it - proc will be tuned a bit later. Some indentation with spaces in proc files is done to keep the file coding style consistent. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [UDP]: Remove owner from udp_seq_afinfo.Denis V. Lunev2008-03-282-3/+6
| | | | | | | | | | | | | | Move it to udp_seq_afinfo->seq_fops as should be. Signed-off-by: Denis V. Lunev <den@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [UDP]: Place file operations directly into udp_seq_afinfo.Denis V. Lunev2008-03-282-11/+6
| | | | | | | | | | | | | | No need to have separate never-used variable. Signed-off-by: Denis V. Lunev <den@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [UDP]: Cleanup /proc/udp[6] creation/removal.Denis V. Lunev2008-03-281-37/+9
| | | | | | | | | | | | | | | | Replace seq_open with seq_open_net and remove udp_seq_release completely. seq_release_net will do this job just fine. Signed-off-by: Denis V. Lunev <den@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [UDP]: Move seq_ops from udp_iter_state to udp_seq_afinfo.Denis V. Lunev2008-03-282-7/+11
| | | | | | | | | | | | | | No need to create seq_operations for each instance of 'netstat'. Signed-off-by: Denis V. Lunev <den@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [UDP]: No need to check afinfo != NULL in udp_proc_(un)register.Denis V. Lunev2008-03-281-4/+0
| | | | | | | | | | | | | | udp_proc_register/udp_proc_unregister are called with a static pointer only. Signed-off-by: Denis V. Lunev <den@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [UDP]: Replace struct net on udp_iter_state with seq_net_private.Denis V. Lunev2008-03-281-4/+4
| | | | | | | | | | Signed-off-by: Denis V. Lunev <den@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [SOCK]: Drop inuse pcounter from struct proto (v2).Pavel Emelyanov2008-03-284-12/+0
| | | | | | | | | | | | | | | | An uppercut - do not use the pcounter on struct proto. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Acked-by: Eric Dumazet <dada1@cosmosbay.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [NET]: Rename inet_frag.h identifiers COMPLETE, FIRST_IN, LAST_IN to INET_FRAG_*Joe Perches2008-03-282-13/+14
| | | | | | | | | | | | | | | | | | | | On Fri, 2008-03-28 at 03:24 -0700, Andrew Morton wrote: > they should all be renamed. Done for include/net and net Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* | Merge branch 'master' of ↵David S. Miller2008-03-2710-27/+21
|\ \ | |/ | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 Conflicts: drivers/net/usb/rndis_host.c drivers/net/wireless/b43/dma.c net/ipv6/ndisc.c
| * [NETFILTER]: Replate direct proc_fops assignment with proc_create call.Denis V. Lunev2008-03-274-15/+8
| | | | | | | | | | | | | | | | This elliminates infamous race during module loading when one could lookup proc entry without proc_fops assigned. Signed-off-by: Denis V. Lunev <den@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [ESP]: Ensure IV is in linear part of the skb to avoid BUG() due to OOB accessThomas Graf2008-03-271-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | ESP does not account for the IV size when calling pskb_may_pull() to ensure everything it accesses directly is within the linear part of a potential fragment. This results in a BUG() being triggered when the both the IPv4 and IPv6 ESP stack is fed with an skb where the first fragment ends between the end of the esp header and the end of the IV. This bug was found by Dirk Nehring <dnehring@gmx.net> . Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [IPSEC]: Fix BEET outputHerbert Xu2008-03-262-6/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The IPv6 BEET output function is incorrectly including the inner header in the payload to be protected. This causes a crash as the packet doesn't actually have that many bytes for a second header. The IPv4 BEET output on the other hand is broken when it comes to handling an inner IPv6 header since it always assumes an inner IPv4 header. This patch fixes both by making sure that neither BEET output function touches the inner header at all. All access is now done through the protocol-independent cb structure. Two new attributes are added to make this work, the IP header length and the IPv4 option length. They're filled in by the inner mode's output function. Thanks to Joakim Koskela for finding this problem. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [ICMP]: Dst entry leak in icmp_send host re-lookup code (v2).Pavel Emelyanov2008-03-261-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Commit 8b7817f3a959ed99d7443afc12f78a7e1fcc2063 ([IPSEC]: Add ICMP host relookup support) introduced some dst leaks on error paths: the rt pointer can be forgotten to be put. Fix it bu going to a proper label. Found after net namespace's lo refused to unregister :) Many thanks to Den for valuable help during debugging. Herbert pointed out, that xfrm_lookup() will put the rtable in case of error itself, so the first goto fix is redundant. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: Denis V. Lunev <den@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [IPSEC]: Fix inter address family IPsec tunnel handling.Kazunori MIYAZAWA2008-03-242-2/+2
| | | | | | | | | | Signed-off-by: Kazunori MIYAZAWA <kazunori@miyazawa.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [NETNS][ICMP]: Build fix for NET_NS=n case (dev->nd_net is omitted).Pavel Emelyanov2008-03-261-2/+2
| | | | | | | | | | Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [NETNS][ICMP]: Use per-net sysctls in ipv4/icmp.c.Pavel Emelyanov2008-03-261-9/+16
| | | | | | | | | | | | | | | | | | This mostly re-uses the net, used in icmp netnsization patches from Denis. After this ICMP sysctls are completely virtualized. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [NETNS][ICMP]: Make ctl tables for ICMP sysctls per-net.Pavel Emelyanov2008-03-261-48/+90
| | | | | | | | | | | | | | | | | | | | | | | | Add some flesh to ipv4_sysctl_init_net and ipv4_sysctl_exit_net, i.e. copy the table, alter .data pointers and register it per-net. Other ipv4_table's sysctls are now global, but this is going to change once sysctl permissions patches migrate from -mm tree to mainline in 2.6.26 merge window :) Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [NETNS][ICMP]: Move ICMP sysctls on struct net.Pavel Emelyanov2008-03-262-35/+37
| | | | | | | | | | | | | | | | Initialization is moved to icmp_sk_init, all the places, that refer to them use init_net for now. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [NETNS][ICMP]: Register pernet subsys to make ICMP sysctls per-net.Pavel Emelyanov2008-03-261-1/+23
| | | | | | | | | | | | | | | | | | This includes adding pernet_operations, empty init and exit hooks and a bit of changes in sysctl_ipv4_init just not to have this part in next patches. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [NETFILTER]: nf_conntrack_sip: update copyrightPatrick McHardy2008-03-251-0/+2
| | | | | | | | | | Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [NETFILTER]: nf_conntrack_sip: RTP routing optimizationPatrick McHardy2008-03-251-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Optimize call routing between NATed endpoints: when an external registrar sends a media description that contains an existing RTP expectation from a different SNATed connection, the gatekeeper is trying to route the call directly between the two endpoints. We assume both endpoints can reach each other directly and "un-NAT" the addresses, which makes the media stream go between the two endpoints directly. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [NETFILTER]: nf_nat_sip: split up SDP manglingPatrick McHardy2008-03-251-37/+84
| | | | | | | | | | | | | | | | | | | | | | | | | | The SDP connection addresses may be contained in the payload multiple times (in the session description and/or once per media description), currently only the session description is properly updated. Split up SDP mangling so the function setting up expectations only updates the media port, update connection addresses from media descriptions while parsing them and at the end update the session description when the final addresses are known. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [NETFILTER]: nf_conntrack_sip: create RTCP expectationsPatrick McHardy2008-03-251-16/+26
| | | | | | | | | | | | | | Create expectations for the RTCP connections in addition to RTP connections. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [NETFILTER]: nf_conntrack_sip: create signalling expectationsPatrick McHardy2008-03-251-22/+89
| | | | | | | | | | | | | | | | | | | | Create expectations for incoming signalling connections when seeing a REGISTER request. This is needed when the registrar uses a different source port number for signalling messages and for receiving incoming calls from other endpoints than the registrar. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [NETFILTER]: nf_nat_sip: translate all Contact headersPatrick McHardy2008-03-251-4/+15
| | | | | | | | | | | | | | | | The SIP message may contain multiple Contact: addresses referring to the NATed endpoint, translate all of them. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [NETFILTER]: nf_nat_sip: translate all Via headersPatrick McHardy2008-03-251-1/+73
| | | | | | | | | | | | | | | | Update maddr=, received= and rport= Via-header parameters refering to the signalling connection. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [NETFILTER]: nf_conntrack_sip: perform NAT after parsingPatrick McHardy2008-03-251-3/+0
| | | | | | | | | | | | | | | | | | Perform NAT last after parsing the packet. This makes no difference currently, but is needed when dealing with registrations to make sure we seen the unNATed addresses. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [NETFILTER]: nf_nat_sip: get rid of text based header translationPatrick McHardy2008-03-251-62/+38
| | | | | | | | | | | | | | | | Use the URI parsing helper to get the numerical addresses and get rid of the text based header translation. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [NETFILTER]: nf_conntrack_sip: parse SIP headers properlyPatrick McHardy2008-03-251-9/+9
| | | | | | | | | | | | | | | | Introduce new function for SIP header parsing that properly deals with continuation lines and whitespace in headers and use it. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [NETFILTER]: nf_conntrack_sip: kill request URI "header" definitionsPatrick McHardy2008-03-251-22/+24
| | | | | | | | | | | | | | | | | | The request URI is not a header and needs to be treated differently than real SIP headers. Add a seperate function for parsing it and get rid of the POS_REQ_URI/POS_REG_REQ_URI definitions. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [NETFILTER]: nf_conntrack_sip: add seperate SDP header parsing functionPatrick McHardy2008-03-251-37/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | | SDP and SIP headers are quite different, SIP can have continuation lines, leading and trailing whitespace after the colon and is mostly case-insensitive while SDP headers always begin on a new line and are followed by an equal sign and the value, without any whitespace. Introduce new SDP header parsing function and convert all users that used the SIP header parsing function. This will allow to properly deal with the special SIP cases in the SIP header parsing function later. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>