diff options
Diffstat (limited to 'include/net')
61 files changed, 1858 insertions, 912 deletions
diff --git a/include/net/9p/9p.h b/include/net/9p/9p.h index 88884d39f28f..7726ff41c3e6 100644 --- a/include/net/9p/9p.h +++ b/include/net/9p/9p.h @@ -412,6 +412,18 @@ int p9_idpool_check(int id, struct p9_idpool *p); int p9_error_init(void); int p9_errstr2errno(char *, int); + +#ifdef CONFIG_SYSCTL int __init p9_sysctl_register(void); void __exit p9_sysctl_unregister(void); +#else +static inline int p9_sysctl_register(void) +{ + return 0; +} +static inline void p9_sysctl_unregister(void) +{ +} +#endif + #endif /* NET_9P_H */ diff --git a/include/net/af_unix.h b/include/net/af_unix.h index 6de1e9e35c73..0864a775de24 100644 --- a/include/net/af_unix.h +++ b/include/net/af_unix.h @@ -12,37 +12,8 @@ extern void unix_gc(void); #define UNIX_HASH_SIZE 256 -extern struct hlist_head unix_socket_table[UNIX_HASH_SIZE + 1]; -extern spinlock_t unix_table_lock; - extern atomic_t unix_tot_inflight; -static inline struct sock *first_unix_socket(int *i) -{ - for (*i = 0; *i <= UNIX_HASH_SIZE; (*i)++) { - if (!hlist_empty(&unix_socket_table[*i])) - return __sk_head(&unix_socket_table[*i]); - } - return NULL; -} - -static inline struct sock *next_unix_socket(int *i, struct sock *s) -{ - struct sock *next = sk_next(s); - /* More in this chain? */ - if (next) - return next; - /* Look for next non-empty chain. */ - for ((*i)++; *i <= UNIX_HASH_SIZE; (*i)++) { - if (!hlist_empty(&unix_socket_table[*i])) - return __sk_head(&unix_socket_table[*i]); - } - return NULL; -} - -#define forall_unix_sockets(i, s) \ - for (s = first_unix_socket(&(i)); s; s = next_unix_socket(&(i),(s))) - struct unix_address { atomic_t refcnt; int len; diff --git a/include/net/ah.h b/include/net/ah.h index 8f257c159902..ae1c322f4242 100644 --- a/include/net/ah.h +++ b/include/net/ah.h @@ -9,8 +9,6 @@ struct ah_data { - u8 *key; - int key_len; u8 *work_icv; int icv_full_len; int icv_trunc_len; @@ -40,4 +38,11 @@ out: return err; } +struct ip_auth_hdr; + +static inline struct ip_auth_hdr *ip_auth_hdr(const struct sk_buff *skb) +{ + return (struct ip_auth_hdr *)skb_transport_header(skb); +} + #endif diff --git a/include/net/ax25.h b/include/net/ax25.h index 99a4e364c74a..4e3cd93f81fc 100644 --- a/include/net/ax25.h +++ b/include/net/ax25.h @@ -363,8 +363,11 @@ extern int ax25_rx_iframe(ax25_cb *, struct sk_buff *); extern int ax25_kiss_rcv(struct sk_buff *, struct net_device *, struct packet_type *, struct net_device *); /* ax25_ip.c */ -extern int ax25_hard_header(struct sk_buff *, struct net_device *, unsigned short, void *, void *, unsigned int); +extern int ax25_hard_header(struct sk_buff *, struct net_device *, + unsigned short, const void *, + const void *, unsigned int); extern int ax25_rebuild_header(struct sk_buff *); +extern const struct header_ops ax25_header_ops; /* ax25_out.c */ extern ax25_cb *ax25_send_frame(struct sk_buff *, int, ax25_address *, ax25_address *, ax25_digi *, struct net_device *); diff --git a/include/net/ax88796.h b/include/net/ax88796.h index ee786a043b3d..51329dae44e6 100644 --- a/include/net/ax88796.h +++ b/include/net/ax88796.h @@ -14,6 +14,7 @@ #define AXFLG_HAS_EEPROM (1<<0) #define AXFLG_MAC_FROMDEV (1<<1) /* device already has MAC */ +#define AXFLG_HAS_93CX6 (1<<2) /* use eeprom_93cx6 driver */ struct ax_plat_data { unsigned int flags; diff --git a/include/net/bluetooth/l2cap.h b/include/net/bluetooth/l2cap.h index 87df4e87622d..70e70f5d3dd6 100644 --- a/include/net/bluetooth/l2cap.h +++ b/include/net/bluetooth/l2cap.h @@ -34,7 +34,7 @@ /* L2CAP socket address */ struct sockaddr_l2 { sa_family_t l2_family; - unsigned short l2_psm; + __le16 l2_psm; bdaddr_t l2_bdaddr; }; @@ -76,32 +76,32 @@ struct l2cap_conninfo { /* L2CAP structures */ struct l2cap_hdr { - __u16 len; - __u16 cid; + __le16 len; + __le16 cid; } __attribute__ ((packed)); #define L2CAP_HDR_SIZE 4 struct l2cap_cmd_hdr { __u8 code; __u8 ident; - __u16 len; + __le16 len; } __attribute__ ((packed)); #define L2CAP_CMD_HDR_SIZE 4 struct l2cap_cmd_rej { - __u16 reason; + __le16 reason; } __attribute__ ((packed)); struct l2cap_conn_req { - __u16 psm; - __u16 scid; + __le16 psm; + __le16 scid; } __attribute__ ((packed)); struct l2cap_conn_rsp { - __u16 dcid; - __u16 scid; - __u16 result; - __u16 status; + __le16 dcid; + __le16 scid; + __le16 result; + __le16 status; } __attribute__ ((packed)); /* connect result */ @@ -117,15 +117,15 @@ struct l2cap_conn_rsp { #define L2CAP_CS_AUTHOR_PEND 0x0002 struct l2cap_conf_req { - __u16 dcid; - __u16 flags; + __le16 dcid; + __le16 flags; __u8 data[0]; } __attribute__ ((packed)); struct l2cap_conf_rsp { - __u16 scid; - __u16 flags; - __u16 result; + __le16 scid; + __le16 flags; + __le16 result; __u8 data[0]; } __attribute__ ((packed)); @@ -149,23 +149,23 @@ struct l2cap_conf_opt { #define L2CAP_CONF_MAX_SIZE 22 struct l2cap_disconn_req { - __u16 dcid; - __u16 scid; + __le16 dcid; + __le16 scid; } __attribute__ ((packed)); struct l2cap_disconn_rsp { - __u16 dcid; - __u16 scid; + __le16 dcid; + __le16 scid; } __attribute__ ((packed)); struct l2cap_info_req { - __u16 type; + __le16 type; __u8 data[0]; } __attribute__ ((packed)); struct l2cap_info_rsp { - __u16 type; - __u16 result; + __le16 type; + __le16 result; __u8 data[0]; } __attribute__ ((packed)); @@ -207,7 +207,7 @@ struct l2cap_conn { struct l2cap_pinfo { struct bt_sock bt; - __u16 psm; + __le16 psm; __u16 dcid; __u16 scid; @@ -225,7 +225,7 @@ struct l2cap_pinfo { __u8 ident; - __u16 sport; + __le16 sport; struct l2cap_conn *conn; struct sock *next_c; diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h index 7edaef6b29d6..d30960e1755c 100644 --- a/include/net/cfg80211.h +++ b/include/net/cfg80211.h @@ -3,15 +3,15 @@ #include <linux/netlink.h> #include <linux/skbuff.h> +#include <linux/nl80211.h> #include <net/genetlink.h> /* * 802.11 configuration in-kernel interface * - * Copyright 2006 Johannes Berg <johannes@sipsolutions.net> + * Copyright 2006, 2007 Johannes Berg <johannes@sipsolutions.net> */ - /* Radiotap header iteration * implemented in net/wireless/radiotap.c * docs in Documentation/networking/radiotap-headers.txt @@ -68,11 +68,16 @@ struct wiphy; * @add_virtual_intf: create a new virtual interface with the given name * * @del_virtual_intf: remove the virtual interface determined by ifindex. + * + * @change_virtual_intf: change type of virtual interface + * */ struct cfg80211_ops { int (*add_virtual_intf)(struct wiphy *wiphy, char *name, - unsigned int type); + enum nl80211_iftype type); int (*del_virtual_intf)(struct wiphy *wiphy, int ifindex); + int (*change_virtual_intf)(struct wiphy *wiphy, int ifindex, + enum nl80211_iftype type); }; #endif /* __NET_CFG80211_H */ diff --git a/include/net/dn_route.h b/include/net/dn_route.h index c10e8e7e59a7..60c9f22d8694 100644 --- a/include/net/dn_route.h +++ b/include/net/dn_route.h @@ -100,8 +100,7 @@ static inline void dn_rt_finish_output(struct sk_buff *skb, char *dst, char *src if ((dev->type != ARPHRD_ETHER) && (dev->type != ARPHRD_LOOPBACK)) dst = NULL; - if (!dev->hard_header || (dev->hard_header(skb, dev, ETH_P_DNA_RT, - dst, src, skb->len) >= 0)) + if (dev_hard_header(skb, dev, ETH_P_DNA_RT, dst, src, skb->len) >= 0) dn_rt_send(skb); else kfree_skb(skb); diff --git a/include/net/esp.h b/include/net/esp.h index d05d8d2c78f4..c1bc529809da 100644 --- a/include/net/esp.h +++ b/include/net/esp.h @@ -13,8 +13,6 @@ struct esp_data /* Confidentiality */ struct { - u8 *key; /* Key */ - int key_len; /* Key length */ int padlen; /* 0..255 */ /* ivlen is offset from enc_data, where encrypted data start. * It is logically different of crypto_tfm_alg_ivsize(tfm). @@ -28,14 +26,9 @@ struct esp_data /* Integrity. It is active when icv_full_len != 0 */ struct { - u8 *key; /* Key */ - int key_len; /* Length of the key */ u8 *work_icv; int icv_full_len; int icv_trunc_len; - void (*icv)(struct esp_data*, - struct sk_buff *skb, - int offset, int len, u8 *icv); struct crypto_hash *tfm; } auth; }; @@ -60,4 +53,11 @@ static inline int esp_mac_digest(struct esp_data *esp, struct sk_buff *skb, return crypto_hash_final(&desc, esp->auth.work_icv); } +struct ip_esp_hdr; + +static inline struct ip_esp_hdr *ip_esp_hdr(const struct sk_buff *skb) +{ + return (struct ip_esp_hdr *)skb_transport_header(skb); +} + #endif diff --git a/include/net/fib_rules.h b/include/net/fib_rules.h index 83e41dd15ccd..017aebd90683 100644 --- a/include/net/fib_rules.h +++ b/include/net/fib_rules.h @@ -65,7 +65,7 @@ struct fib_rules_ops int nlgroup; const struct nla_policy *policy; - struct list_head *rules_list; + struct list_head rules_list; struct module *owner; }; diff --git a/include/net/genetlink.h b/include/net/genetlink.h index b6eaca122db8..decdda546829 100644 --- a/include/net/genetlink.h +++ b/include/net/genetlink.h @@ -5,6 +5,22 @@ #include <net/netlink.h> /** + * struct genl_multicast_group - generic netlink multicast group + * @name: name of the multicast group, names are per-family + * @id: multicast group ID, assigned by the core, to use with + * genlmsg_multicast(). + * @list: list entry for linking + * @family: pointer to family, need not be set before registering + */ +struct genl_multicast_group +{ + struct genl_family *family; /* private */ + struct list_head list; /* private */ + char name[GENL_NAMSIZ]; + u32 id; +}; + +/** * struct genl_family - generic netlink family * @id: protocol family idenfitier * @hdrsize: length of user specific header in bytes @@ -14,6 +30,7 @@ * @attrbuf: buffer to store parsed attributes * @ops_list: list of all assigned operations * @family_list: family list + * @mcast_groups: multicast groups list */ struct genl_family { @@ -25,6 +42,7 @@ struct genl_family struct nlattr ** attrbuf; /* private */ struct list_head ops_list; /* private */ struct list_head family_list; /* private */ + struct list_head mcast_groups; /* private */ }; /** @@ -73,6 +91,10 @@ extern int genl_register_family(struct genl_family *family); extern int genl_unregister_family(struct genl_family *family); extern int genl_register_ops(struct genl_family *, struct genl_ops *ops); extern int genl_unregister_ops(struct genl_family *, struct genl_ops *ops); +extern int genl_register_mc_group(struct genl_family *family, + struct genl_multicast_group *grp); +extern void genl_unregister_mc_group(struct genl_family *family, + struct genl_multicast_group *grp); extern struct sock *genl_sock; diff --git a/include/net/icmp.h b/include/net/icmp.h index dc09474efcf3..9f7ef3c8baef 100644 --- a/include/net/icmp.h +++ b/include/net/icmp.h @@ -30,9 +30,16 @@ struct icmp_err { extern struct icmp_err icmp_err_convert[]; DECLARE_SNMP_STAT(struct icmp_mib, icmp_statistics); +DECLARE_SNMP_STAT(struct icmpmsg_mib, icmpmsg_statistics); #define ICMP_INC_STATS(field) SNMP_INC_STATS(icmp_statistics, field) #define ICMP_INC_STATS_BH(field) SNMP_INC_STATS_BH(icmp_statistics, field) #define ICMP_INC_STATS_USER(field) SNMP_INC_STATS_USER(icmp_statistics, field) +#define ICMPMSGOUT_INC_STATS(field) SNMP_INC_STATS(icmpmsg_statistics, field+256) +#define ICMPMSGOUT_INC_STATS_BH(field) SNMP_INC_STATS_BH(icmpmsg_statistics, field+256) +#define ICMPMSGOUT_INC_STATS_USER(field) SNMP_INC_STATS_USER(icmpmsg_statistics, field+256) +#define ICMPMSGIN_INC_STATS(field) SNMP_INC_STATS(icmpmsg_statistics, field) +#define ICMPMSGIN_INC_STATS_BH(field) SNMP_INC_STATS_BH(icmpmsg_statistics, field) +#define ICMPMSGIN_INC_STATS_USER(field) SNMP_INC_STATS_USER(icmpmsg_statistics, field) struct dst_entry; struct net_proto_family; @@ -42,6 +49,7 @@ extern void icmp_send(struct sk_buff *skb_in, int type, int code, __be32 info); extern int icmp_rcv(struct sk_buff *skb); extern int icmp_ioctl(struct sock *sk, int cmd, unsigned long arg); extern void icmp_init(struct net_proto_family *ops); +extern void icmp_out_count(unsigned char type); /* Move into dst.h ? */ extern int xrlim_allow(struct dst_entry *dst, int timeout); diff --git a/include/net/ieee80211.h b/include/net/ieee80211.h index bbd85cd61ed5..164d13211165 100644 --- a/include/net/ieee80211.h +++ b/include/net/ieee80211.h @@ -119,11 +119,6 @@ do { if (ieee80211_debug_level & (level)) \ #define IEEE80211_DEBUG(level, fmt, args...) do {} while (0) #endif /* CONFIG_IEEE80211_DEBUG */ -/* debug macros not dependent on CONFIG_IEEE80211_DEBUG */ - -#define MAC_FMT "%02x:%02x:%02x:%02x:%02x:%02x" -#define MAC_ARG(x) ((u8*)(x))[0],((u8*)(x))[1],((u8*)(x))[2],((u8*)(x))[3],((u8*)(x))[4],((u8*)(x))[5] - /* escape_essid() is intended to be used in debug (and possibly error) * messages. It should never be used for passing essid to user space. */ const char *escape_essid(const char *essid, u8 essid_len); diff --git a/include/net/ieee80211_radiotap.h b/include/net/ieee80211_radiotap.h index a0c2b41a24d7..dfd8bf66ce27 100644 --- a/include/net/ieee80211_radiotap.h +++ b/include/net/ieee80211_radiotap.h @@ -40,6 +40,7 @@ #include <linux/if_ether.h> #include <linux/kernel.h> +#include <asm/unaligned.h> /* Radiotap header version (from official NetBSD feed) */ #define IEEE80211RADIOTAP_VERSION "1.5" @@ -255,4 +256,13 @@ enum ieee80211_radiotap_type { (((x) == 14) ? 2484 : ((x) * 5) + 2407) : \ ((x) + 1000) * 5) +/* helpers */ +static inline int ieee80211_get_radiotap_len(unsigned char *data) +{ + struct ieee80211_radiotap_header *hdr = + (struct ieee80211_radiotap_header *)data; + + return le16_to_cpu(get_unaligned(&hdr->it_len)); +} + #endif /* IEEE80211_RADIOTAP_H */ diff --git a/include/net/ieee80211softmac.h b/include/net/ieee80211softmac.h index 89119277553d..1ef6282fdded 100644 --- a/include/net/ieee80211softmac.h +++ b/include/net/ieee80211softmac.h @@ -229,6 +229,8 @@ struct ieee80211softmac_device { /* this lock protects this structure */ spinlock_t lock; + struct workqueue_struct *wq; + u8 running; /* SoftMAC started? */ u8 scanning; diff --git a/include/net/if_inet6.h b/include/net/if_inet6.h index 3ec7d07346d6..448eccb20638 100644 --- a/include/net/if_inet6.h +++ b/include/net/if_inet6.h @@ -154,6 +154,7 @@ struct ipv6_devstat { struct proc_dir_entry *proc_dir_entry; DEFINE_SNMP_STAT(struct ipstats_mib, ipv6); DEFINE_SNMP_STAT(struct icmpv6_mib, icmpv6); + DEFINE_SNMP_STAT(struct icmpv6msg_mib, icmpv6msg); }; struct inet6_dev diff --git a/include/net/inet_hashtables.h b/include/net/inet_hashtables.h index d27ee8c0da3f..8228b57eb18f 100644 --- a/include/net/inet_hashtables.h +++ b/include/net/inet_hashtables.h @@ -107,7 +107,7 @@ struct inet_hashinfo { */ struct inet_bind_hashbucket *bhash; - int bhash_size; + unsigned int bhash_size; unsigned int ehash_size; /* All sockets in TCP_LISTEN state will be in here. This is the only diff --git a/include/net/inet_timewait_sock.h b/include/net/inet_timewait_sock.h index 47d52b2414db..abaff0597270 100644 --- a/include/net/inet_timewait_sock.h +++ b/include/net/inet_timewait_sock.h @@ -115,6 +115,7 @@ struct inet_timewait_sock { #define tw_refcnt __tw_common.skc_refcnt #define tw_hash __tw_common.skc_hash #define tw_prot __tw_common.skc_prot +#define tw_net __tw_common.skc_net volatile unsigned char tw_substate; /* 3 bits hole, try to pack */ unsigned char tw_rcv_wscale; diff --git a/include/net/ip.h b/include/net/ip.h index abf2820a1125..3af3ed9d320b 100644 --- a/include/net/ip.h +++ b/include/net/ip.h @@ -171,7 +171,8 @@ extern unsigned long snmp_fold_field(void *mib[], int offt); extern int snmp_mib_init(void *ptr[2], size_t mibsize, size_t mibalign); extern void snmp_mib_free(void *ptr[2]); -extern int sysctl_local_port_range[2]; +extern void inet_get_local_port_range(int *low, int *high); + extern int sysctl_ip_default_ttl; extern int sysctl_ip_nonlocal_bind; diff --git a/include/net/ip6_fib.h b/include/net/ip6_fib.h index c48ea873f1e0..857821360bb6 100644 --- a/include/net/ip6_fib.h +++ b/include/net/ip6_fib.h @@ -105,6 +105,10 @@ struct rt6_info struct rt6key rt6i_src; u8 rt6i_protocol; + +#ifdef CONFIG_XFRM + u32 rt6i_flow_cache_genid; +#endif }; static inline struct inet6_dev *ip6_dst_idev(struct dst_entry *dst) diff --git a/include/net/ipcomp.h b/include/net/ipcomp.h index 87c1af3e5e82..330b74e813a9 100644 --- a/include/net/ipcomp.h +++ b/include/net/ipcomp.h @@ -1,14 +1,23 @@ #ifndef _NET_IPCOMP_H #define _NET_IPCOMP_H -#include <linux/crypto.h> #include <linux/types.h> #define IPCOMP_SCRATCH_SIZE 65400 +struct crypto_comp; + struct ipcomp_data { u16 threshold; struct crypto_comp **tfms; }; +struct ip_comp_hdr; +struct sk_buff; + +static inline struct ip_comp_hdr *ip_comp_hdr(const struct sk_buff *skb) +{ + return (struct ip_comp_hdr *)skb_transport_header(skb); +} + #endif diff --git a/include/net/ipv6.h b/include/net/ipv6.h index 46b9dce82f6e..31b3f1b45a2b 100644 --- a/include/net/ipv6.h +++ b/include/net/ipv6.h @@ -17,6 +17,7 @@ #include <linux/ipv6.h> #include <linux/hardirq.h> +#include <net/if_inet6.h> #include <net/ndisc.h> #include <net/flow.h> #include <net/snmp.h> @@ -111,45 +112,28 @@ struct frag_hdr { extern int sysctl_ipv6_bindv6only; extern int sysctl_mld_max_msf; -/* MIBs */ -DECLARE_SNMP_STAT(struct ipstats_mib, ipv6_statistics); -#define IP6_INC_STATS(idev,field) ({ \ - struct inet6_dev *_idev = (idev); \ - if (likely(_idev != NULL)) \ - SNMP_INC_STATS(_idev->stats.ipv6, field); \ - SNMP_INC_STATS(ipv6_statistics, field); \ -}) -#define IP6_INC_STATS_BH(idev,field) ({ \ - struct inet6_dev *_idev = (idev); \ - if (likely(_idev != NULL)) \ - SNMP_INC_STATS_BH(_idev->stats.ipv6, field); \ - SNMP_INC_STATS_BH(ipv6_statistics, field); \ -}) -#define IP6_INC_STATS_USER(idev,field) ({ \ +#define _DEVINC(statname, modifier, idev, field) \ +({ \ struct inet6_dev *_idev = (idev); \ if (likely(_idev != NULL)) \ - SNMP_INC_STATS_USER(_idev->stats.ipv6, field); \ - SNMP_INC_STATS_USER(ipv6_statistics, field); \ + SNMP_INC_STATS##modifier((_idev)->stats.statname, (field)); \ + SNMP_INC_STATS##modifier(statname##_statistics, (field)); \ }) + +/* MIBs */ +DECLARE_SNMP_STAT(struct ipstats_mib, ipv6_statistics); + +#define IP6_INC_STATS(idev,field) _DEVINC(ipv6, , idev, field) +#define IP6_INC_STATS_BH(idev,field) _DEVINC(ipv6, _BH, idev, field) +#define IP6_INC_STATS_USER(idev,field) _DEVINC(ipv6, _USER, idev, field) + DECLARE_SNMP_STAT(struct icmpv6_mib, icmpv6_statistics); -#define ICMP6_INC_STATS(idev, field) ({ \ - struct inet6_dev *_idev = (idev); \ - if (likely(_idev != NULL)) \ - SNMP_INC_STATS(idev->stats.icmpv6, field); \ - SNMP_INC_STATS(icmpv6_statistics, field); \ -}) -#define ICMP6_INC_STATS_BH(idev, field) ({ \ - struct inet6_dev *_idev = (idev); \ - if (likely(_idev != NULL)) \ - SNMP_INC_STATS_BH((_idev)->stats.icmpv6, field); \ - SNMP_INC_STATS_BH(icmpv6_statistics, field); \ -}) -#define ICMP6_INC_STATS_USER(idev, field) ({ \ - struct inet6_dev *_idev = (idev); \ - if (likely(_idev != NULL)) \ - SNMP_INC_STATS_USER(_idev->stats.icmpv6, field); \ - SNMP_INC_STATS_USER(icmpv6_statistics, field); \ -}) +DECLARE_SNMP_STAT(struct icmpv6msg_mib, icmpv6msg_statistics); + +#define ICMP6_INC_STATS(idev, field) _DEVINC(icmpv6, , idev, field) +#define ICMP6_INC_STATS_BH(idev, field) _DEVINC(icmpv6, _BH, idev, field) +#define ICMP6_INC_STATS_USER(idev, field) _DEVINC(icmpv6, _USER, idev, field) + #define ICMP6_INC_STATS_OFFSET_BH(idev, field, offset) ({ \ struct inet6_dev *_idev = idev; \ __typeof__(offset) _offset = (offset); \ @@ -157,6 +141,20 @@ DECLARE_SNMP_STAT(struct icmpv6_mib, icmpv6_statistics); SNMP_INC_STATS_OFFSET_BH(_idev->stats.icmpv6, field, _offset); \ SNMP_INC_STATS_OFFSET_BH(icmpv6_statistics, field, _offset); \ }) + +#define ICMP6MSGOUT_INC_STATS(idev, field) \ + _DEVINC(icmpv6msg, , idev, field +256) +#define ICMP6MSGOUT_INC_STATS_BH(idev, field) \ + _DEVINC(icmpv6msg, _BH, idev, field +256) +#define ICMP6MSGOUT_INC_STATS_USER(idev, field) \ + _DEVINC(icmpv6msg, _USER, idev, field +256) +#define ICMP6MSGIN_INC_STATS(idev, field) \ + _DEVINC(icmpv6msg, , idev, field) +#define ICMP6MSGIN_INC_STATS_BH(idev, field) \ + _DEVINC(icmpv6msg, _BH, idev, field) +#define ICMP6MSGIN_INC_STATS_USER(idev, field) \ + _DEVINC(icmpv6msg, _USER, idev, field) + DECLARE_SNMP_STAT(struct udp_mib, udp_stats_in6); DECLARE_SNMP_STAT(struct udp_mib, udplite_stats_in6); #define UDP6_INC_STATS_BH(field, is_udplite) do { \ @@ -376,6 +374,12 @@ static inline int ipv6_addr_any(const struct in6_addr *a) a->s6_addr32[2] | a->s6_addr32[3] ) == 0); } +static inline int ipv6_addr_v4mapped(const struct in6_addr *a) +{ + return ((a->s6_addr32[0] | a->s6_addr32[1]) == 0 && + a->s6_addr32[2] == htonl(0x0000ffff)); +} + /* * find the first different bit between two addresses * length of address must be a multiple of 32bits diff --git a/include/net/iucv/af_iucv.h b/include/net/iucv/af_iucv.h index b6c468cd7f5b..85f80eadfa35 100644 --- a/include/net/iucv/af_iucv.h +++ b/include/net/iucv/af_iucv.h @@ -50,6 +50,12 @@ struct sockaddr_iucv { /* Common socket structures and functions */ +struct sock_msg_q { + struct iucv_path *path; + struct iucv_message msg; + struct list_head list; + spinlock_t lock; +}; #define iucv_sk(__sk) ((struct iucv_sock *) __sk) @@ -65,6 +71,7 @@ struct iucv_sock { struct iucv_path *path; struct sk_buff_head send_skb_q; struct sk_buff_head backlog_skb_q; + struct sock_msg_q message_q; unsigned int send_tag; }; @@ -74,29 +81,8 @@ struct iucv_sock_list { atomic_t autobind_name; }; -static void iucv_sock_destruct(struct sock *sk); -static void iucv_sock_cleanup_listen(struct sock *parent); -static void iucv_sock_kill(struct sock *sk); -static void iucv_sock_close(struct sock *sk); -static int iucv_sock_create(struct socket *sock, int proto); -static int iucv_sock_bind(struct socket *sock, struct sockaddr *addr, - int addr_len); -static int iucv_sock_connect(struct socket *sock, struct sockaddr *addr, - int alen, int flags); -static int iucv_sock_listen(struct socket *sock, int backlog); -static int iucv_sock_accept(struct socket *sock, struct socket *newsock, - int flags); -static int iucv_sock_getname(struct socket *sock, struct sockaddr *addr, - int *len, int peer); -static int iucv_sock_sendmsg(struct kiocb *iocb, struct socket *sock, - struct msghdr *msg, size_t len); -static int iucv_sock_recvmsg(struct kiocb *iocb, struct socket *sock, - struct msghdr *msg, size_t len, int flags); unsigned int iucv_sock_poll(struct file *file, struct socket *sock, poll_table *wait); -static int iucv_sock_release(struct socket *sock); -static int iucv_sock_shutdown(struct socket *sock, int how); - void iucv_sock_link(struct iucv_sock_list *l, struct sock *s); void iucv_sock_unlink(struct iucv_sock_list *l, struct sock *s); int iucv_sock_wait_state(struct sock *sk, int state, int state2, diff --git a/include/net/iw_handler.h b/include/net/iw_handler.h index f23d07ca7c59..369d50e08b99 100644 --- a/include/net/iw_handler.h +++ b/include/net/iw_handler.h @@ -431,7 +431,13 @@ struct iw_public_data { * Those may be called only within the kernel. */ -/* functions that may be called by driver modules */ +/* First : function strictly used inside the kernel */ + +/* Handle /proc/net/wireless, called in net/code/dev.c */ +extern int dev_get_wireless_info(char * buffer, char **start, off_t offset, + int length); + +/* Second : functions that may be called by driver modules */ /* Send a single event to user space */ extern void wireless_send_event(struct net_device * dev, diff --git a/include/net/llc_conn.h b/include/net/llc_conn.h index 00730d21b522..e2374e34989f 100644 --- a/include/net/llc_conn.h +++ b/include/net/llc_conn.h @@ -93,7 +93,7 @@ static __inline__ char llc_backlog_type(struct sk_buff *skb) return skb->cb[sizeof(skb->cb) - 1]; } -extern struct sock *llc_sk_alloc(int family, gfp_t priority, +extern struct sock *llc_sk_alloc(struct net *net, int family, gfp_t priority, struct proto *prot); extern void llc_sk_free(struct sock *sk); diff --git a/include/net/mac80211.h b/include/net/mac80211.h index c34fd9a6160a..5fcc4c104340 100644 --- a/include/net/mac80211.h +++ b/include/net/mac80211.h @@ -1,7 +1,9 @@ /* - * Low-level hardware driver -- IEEE 802.11 driver (80211.o) interface + * mac80211 <-> driver interface + * * Copyright 2002-2005, Devicescape Software, Inc. * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> + * Copyright 2007 Johannes Berg <johannes@sipsolutions.net> * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 as @@ -20,29 +22,51 @@ #include <net/wireless.h> #include <net/cfg80211.h> -/* Note! Only ieee80211_tx_status_irqsafe() and ieee80211_rx_irqsafe() can be +/** + * DOC: Introduction + * + * mac80211 is the Linux stack for 802.11 hardware that implements + * only partial functionality in hard- or firmware. This document + * defines the interface between mac80211 and low-level hardware + * drivers. + */ + +/** + * DOC: Calling mac80211 from interrupts + * + * Only ieee80211_tx_status_irqsafe() and ieee80211_rx_irqsafe() can be * called in hardware interrupt context. The low-level driver must not call any * other functions in hardware interrupt context. If there is a need for such * call, the low-level driver should first ACK the interrupt and perform the - * IEEE 802.11 code call after this, e.g., from a scheduled tasklet (in - * software interrupt context). + * IEEE 802.11 code call after this, e.g. from a scheduled workqueue function. */ -/* - * Frame format used when passing frame between low-level hardware drivers - * and IEEE 802.11 driver the same as used in the wireless media, i.e., - * buffers start with IEEE 802.11 header and include the same octets that - * are sent over air. - * - * If hardware uses IEEE 802.3 headers (and perform 802.3 <-> 802.11 - * conversion in firmware), upper layer 802.11 code needs to be changed to - * support this. - * - * If the receive frame format is not the same as the real frame sent - * on the wireless media (e.g., due to padding etc.), upper layer 802.11 code - * could be updated to provide support for such format assuming this would - * optimize the performance, e.g., by removing need to re-allocation and - * copying of the data. +/** + * DOC: Warning + * + * If you're reading this document and not the header file itself, it will + * be incomplete because not all documentation has been converted yet. + */ + +/** + * DOC: Frame format + * + * As a general rule, when frames are passed between mac80211 and the driver, + * they start with the IEEE 802.11 header and include the same octets that are + * sent over the air except for the FCS which should be calculated by the + * hardware. + * + * There are, however, various exceptions to this rule for advanced features: + * + * The first exception is for hardware encryption and decryption offload + * where the IV/ICV may or may not be generated in hardware. + * + * Secondly, when the hardware handles fragmentation, the frame handed to + * the driver from mac80211 is the MSDU, not the MPDU. + * + * Finally, for received frames, the driver is able to indicate that it has + * filled a radiotap header and put that in front of the frame; if it does + * not do so then mac80211 may add this under certain circumstances. */ #define IEEE80211_CHAN_W_SCAN 0x00000001 @@ -71,14 +95,13 @@ struct ieee80211_channel { #define IEEE80211_RATE_SUPPORTED 0x00000010 #define IEEE80211_RATE_OFDM 0x00000020 #define IEEE80211_RATE_CCK 0x00000040 -#define IEEE80211_RATE_TURBO 0x00000080 #define IEEE80211_RATE_MANDATORY 0x00000100 #define IEEE80211_RATE_CCK_2 (IEEE80211_RATE_CCK | IEEE80211_RATE_PREAMBLE2) #define IEEE80211_RATE_MODULATION(f) \ (f & (IEEE80211_RATE_CCK | IEEE80211_RATE_OFDM)) -/* Low-level driver should set PREAMBLE2, OFDM, CCK, and TURBO flags. +/* Low-level driver should set PREAMBLE2, OFDM and CCK flags. * BASIC, SUPPORTED, ERP, and MANDATORY flags are set in 80211.o based on the * configuration. */ struct ieee80211_rate { @@ -97,44 +120,96 @@ struct ieee80211_rate { * optimizing channel utilization estimates */ }; -/* 802.11g is backwards-compatible with 802.11b, so a wlan card can - * actually be both in 11b and 11g modes at the same time. */ -enum { - MODE_IEEE80211A, /* IEEE 802.11a */ - MODE_IEEE80211B, /* IEEE 802.11b only */ - MODE_ATHEROS_TURBO, /* Atheros Turbo mode (2x.11a at 5 GHz) */ - MODE_IEEE80211G, /* IEEE 802.11g (and 802.11b compatibility) */ - MODE_ATHEROS_TURBOG, /* Atheros Turbo mode (2x.11g at 2.4 GHz) */ +/** + * enum ieee80211_phymode - PHY modes + * + * @MODE_IEEE80211A: 5GHz as defined by 802.11a/802.11h + * @MODE_IEEE80211B: 2.4 GHz as defined by 802.11b + * @MODE_IEEE80211G: 2.4 GHz as defined by 802.11g (with OFDM), + * backwards compatible with 11b mode + * @NUM_IEEE80211_MODES: internal + */ +enum ieee80211_phymode { + MODE_IEEE80211A, + MODE_IEEE80211B, + MODE_IEEE80211G, /* keep last */ NUM_IEEE80211_MODES }; +/** + * struct ieee80211_hw_mode - PHY mode definition + * + * This structure describes the capabilities supported by the device + * in a single PHY mode. + * + * @mode: the PHY mode for this definition + * @num_channels: number of supported channels + * @channels: pointer to array of supported channels + * @num_rates: number of supported bitrates + * @rates: pointer to array of supported bitrates + * @list: internal + */ struct ieee80211_hw_mode { - int mode; /* MODE_IEEE80211... */ - int num_channels; /* Number of channels (below) */ - struct ieee80211_channel *channels; /* Array of supported channels */ - int num_rates; /* Number of rates (below) */ - struct ieee80211_rate *rates; /* Array of supported rates */ - - struct list_head list; /* Internal, don't touch */ + struct list_head list; + struct ieee80211_channel *channels; + struct ieee80211_rate *rates; + enum ieee80211_phymode mode; + int num_channels; + int num_rates; }; +/** + * struct ieee80211_tx_queue_params - transmit queue configuration + * + * The information provided in this structure is required for QoS + * transmit queue configuration. + * + * @aifs: arbitration interface space [0..255, -1: use default] + * @cw_min: minimum contention window [will be a value of the form + * 2^n-1 in the range 1..1023; 0: use default] + * @cw_max: maximum contention window [like @cw_min] + * @burst_time: maximum burst time in units of 0.1ms, 0 meaning disabled + */ struct ieee80211_tx_queue_params { - int aifs; /* 0 .. 255; -1 = use default */ - int cw_min; /* 2^n-1: 1, 3, 7, .. , 1023; 0 = use default */ - int cw_max; /* 2^n-1: 1, 3, 7, .. , 1023; 0 = use default */ - int burst_time; /* maximum burst time in 0.1 ms (i.e., 10 = 1 ms); - * 0 = disabled */ + int aifs; + int cw_min; + int cw_max; + int burst_time; }; +/** + * struct ieee80211_tx_queue_stats_data - transmit queue statistics + * + * @len: number of packets in queue + * @limit: queue length limit + * @count: number of frames sent + */ struct ieee80211_tx_queue_stats_data { - unsigned int len; /* num packets in queue */ - unsigned int limit; /* queue len (soft) limit */ - unsigned int count; /* total num frames sent */ + unsigned int len; + unsigned int limit; + unsigned int count; }; -enum { +/** + * enum ieee80211_tx_queue - transmit queue number + * + * These constants are used with some callbacks that take a + * queue number to set parameters for a queue. + * + * @IEEE80211_TX_QUEUE_DATA0: data queue 0 + * @IEEE80211_TX_QUEUE_DATA1: data queue 1 + * @IEEE80211_TX_QUEUE_DATA2: data queue 2 + * @IEEE80211_TX_QUEUE_DATA3: data queue 3 + * @IEEE80211_TX_QUEUE_DATA4: data queue 4 + * @IEEE80211_TX_QUEUE_SVP: ?? + * @NUM_TX_DATA_QUEUES: number of data queues + * @IEEE80211_TX_QUEUE_AFTER_BEACON: transmit queue for frames to be + * sent after a beacon + * @IEEE80211_TX_QUEUE_BEACON: transmit queue for beacon frames + */ +enum ieee80211_tx_queue { IEEE80211_TX_QUEUE_DATA0, IEEE80211_TX_QUEUE_DATA1, IEEE80211_TX_QUEUE_DATA2, @@ -165,7 +240,6 @@ struct ieee80211_low_level_stats { /* Transmit control fields. This data structure is passed to low-level driver * with each TX frame. The low-level driver is responsible for configuring * the hardware to use given values (depending on what is supported). */ -#define HW_KEY_IDX_INVALID -1 struct ieee80211_tx_control { int tx_rate; /* Transmit rate, given as the hw specific value for the @@ -191,22 +265,23 @@ struct ieee80211_tx_control { #define IEEE80211_TXCTL_REQUEUE (1<<7) #define IEEE80211_TXCTL_FIRST_FRAGMENT (1<<8) /* this is a first fragment of * the frame */ -#define IEEE80211_TXCTL_TKIP_NEW_PHASE1_KEY (1<<9) +#define IEEE80211_TXCTL_LONG_RETRY_LIMIT (1<<10) /* this frame should be send + * using the through + * set_retry_limit configured + * long retry value */ u32 flags; /* tx control flags defined * above */ - u8 retry_limit; /* 1 = only first attempt, 2 = one retry, .. */ + u8 key_idx; /* keyidx from hw->set_key(), undefined if + * IEEE80211_TXCTL_DO_NOT_ENCRYPT is set */ + u8 retry_limit; /* 1 = only first attempt, 2 = one retry, .. + * This could be used when set_retry_limit + * is not implemented by the driver */ u8 power_level; /* per-packet transmit power level, in dBm */ u8 antenna_sel_tx; /* 0 = default/diversity, 1 = Ant0, 2 = Ant1 */ - s8 key_idx; /* -1 = do not encrypt, >= 0 keyidx from - * hw->set_key() */ u8 icv_len; /* length of the ICV/MIC field in octets */ u8 iv_len; /* length of the IV field in octets */ - u8 tkip_key[16]; /* generated phase2/phase1 key for hw TKIP */ u8 queue; /* hardware queue to use for this frame; * 0 = highest, hw->queues-1 = lowest */ - u8 sw_retry_attempt; /* number of times hw has tried to - * transmit frame (not incl. hw retries) */ - struct ieee80211_rate *rate; /* internal 80211.o rate */ struct ieee80211_rate *rts_rate; /* internal 80211.o rate * for RTS/CTS */ @@ -219,44 +294,124 @@ struct ieee80211_tx_control { int ifindex; /* internal */ }; -/* Receive status. The low-level driver should provide this information - * (the subset supported by hardware) to the 802.11 code with each received - * frame. */ + +/** + * enum mac80211_rx_flags - receive flags + * + * These flags are used with the @flag member of &struct ieee80211_rx_status. + * @RX_FLAG_MMIC_ERROR: Michael MIC error was reported on this frame. + * Use together with %RX_FLAG_MMIC_STRIPPED. + * @RX_FLAG_DECRYPTED: This frame was decrypted in hardware. + * @RX_FLAG_RADIOTAP: This frame starts with a radiotap header. + * @RX_FLAG_MMIC_STRIPPED: the Michael MIC is stripped off this frame, + * verification has been done by the hardware. + * @RX_FLAG_IV_STRIPPED: The IV/ICV are stripped from this frame. + * If this flag is set, the stack cannot do any replay detection + * hence the driver or hardware will have to do that. + * @RX_FLAG_FAILED_FCS_CRC: Set this flag if the FCS check failed on + * the frame. + * @RX_FLAG_FAILED_PLCP_CRC: Set this flag if the PCLP check failed on + * the frame. + */ +enum mac80211_rx_flags { + RX_FLAG_MMIC_ERROR = 1<<0, + RX_FLAG_DECRYPTED = 1<<1, + RX_FLAG_RADIOTAP = 1<<2, + RX_FLAG_MMIC_STRIPPED = 1<<3, + RX_FLAG_IV_STRIPPED = 1<<4, + RX_FLAG_FAILED_FCS_CRC = 1<<5, + RX_FLAG_FAILED_PLCP_CRC = 1<<6, +}; + +/** + * struct ieee80211_rx_status - receive status + * + * The low-level driver should provide this information (the subset + * supported by hardware) to the 802.11 code with each received + * frame. + * @mactime: MAC timestamp as defined by 802.11 + * @freq: frequency the radio was tuned to when receiving this frame, in MHz + * @channel: channel the radio was tuned to + * @phymode: active PHY mode + * @ssi: signal strength when receiving this frame + * @signal: used as 'qual' in statistics reporting + * @noise: PHY noise when receiving this frame + * @antenna: antenna used + * @rate: data rate + * @flag: %RX_FLAG_* + */ struct ieee80211_rx_status { u64 mactime; - int freq; /* receive frequency in Mhz */ + int freq; int channel; - int phymode; + enum ieee80211_phymode phymode; int ssi; - int signal; /* used as qual in statistics reporting */ + int signal; int noise; int antenna; int rate; -#define RX_FLAG_MMIC_ERROR (1<<0) -#define RX_FLAG_DECRYPTED (1<<1) -#define RX_FLAG_RADIOTAP (1<<2) int flag; }; -/* Transmit status. The low-level driver should provide this information - * (the subset supported by hardware) to the 802.11 code for each transmit - * frame. */ +/** + * enum ieee80211_tx_status_flags - transmit status flags + * + * Status flags to indicate various transmit conditions. + * + * @IEEE80211_TX_STATUS_TX_FILTERED: The frame was not transmitted + * because the destination STA was in powersave mode. + * + * @IEEE80211_TX_STATUS_ACK: Frame was acknowledged + */ +enum ieee80211_tx_status_flags { + IEEE80211_TX_STATUS_TX_FILTERED = 1<<0, + IEEE80211_TX_STATUS_ACK = 1<<1, +}; + +/** + * struct ieee80211_tx_status - transmit status + * + * As much information as possible should be provided for each transmitted + * frame with ieee80211_tx_status(). + * + * @control: a copy of the &struct ieee80211_tx_control passed to the driver + * in the tx() callback. + * + * @flags: transmit status flags, defined above + * + * @ack_signal: signal strength of the ACK frame + * + * @excessive_retries: set to 1 if the frame was retried many times + * but not acknowledged + * + * @retry_count: number of retries + * + * @queue_length: ?? REMOVE + * @queue_number: ?? REMOVE + */ struct ieee80211_tx_status { - /* copied ieee80211_tx_control structure */ struct ieee80211_tx_control control; - -#define IEEE80211_TX_STATUS_TX_FILTERED (1<<0) -#define IEEE80211_TX_STATUS_ACK (1<<1) /* whether the TX frame was ACKed */ - u32 flags; /* tx staus flags defined above */ - - int ack_signal; /* measured signal strength of the ACK frame */ - int excessive_retries; - int retry_count; - - int queue_length; /* information about TX queue */ + u8 flags; + bool excessive_retries; + u8 retry_count; + int ack_signal; + int queue_length; int queue_number; }; +/** + * enum ieee80211_conf_flags - configuration flags + * + * Flags to define PHY configuration options + * + * @IEEE80211_CONF_SHORT_SLOT_TIME: use 802.11g short slot time + * @IEEE80211_CONF_RADIOTAP: add radiotap header at receive time (if supported) + * + */ +enum ieee80211_conf_flags { + IEEE80211_CONF_SHORT_SLOT_TIME = 1<<0, + IEEE80211_CONF_RADIOTAP = 1<<1, +}; /** * struct ieee80211_conf - configuration of the device @@ -264,57 +419,46 @@ struct ieee80211_tx_status { * This struct indicates how the driver shall configure the hardware. * * @radio_enabled: when zero, driver is required to switch off the radio. + * TODO make a flag + * @channel: IEEE 802.11 channel number + * @freq: frequency in MHz + * @channel_val: hardware specific channel value for the channel + * @phymode: PHY mode to activate (REMOVE) + * @chan: channel to switch to, pointer to the channel information + * @mode: pointer to mode definition + * @regulatory_domain: ?? + * @beacon_int: beacon interval (TODO make interface config) + * @flags: configuration flags defined above + * @power_level: transmit power limit for current regulatory domain in dBm + * @antenna_max: maximum antenna gain + * @antenna_sel_tx: transmit antenna selection, 0: default/diversity, + * 1/2: antenna 0/1 + * @antenna_sel_rx: receive antenna selection, like @antenna_sel_tx */ struct ieee80211_conf { int channel; /* IEEE 802.11 channel number */ int freq; /* MHz */ int channel_val; /* hw specific value for the channel */ - int phymode; /* MODE_IEEE80211A, .. */ + enum ieee80211_phymode phymode; struct ieee80211_channel *chan; struct ieee80211_hw_mode *mode; unsigned int regulatory_domain; int radio_enabled; int beacon_int; - -#define IEEE80211_CONF_SHORT_SLOT_TIME (1<<0) /* use IEEE 802.11g Short Slot - * Time */ -#define IEEE80211_CONF_SSID_HIDDEN (1<<1) /* do not broadcast the ssid */ -#define IEEE80211_CONF_RADIOTAP (1<<2) /* use radiotap if supported - check this bit at RX time */ - u32 flags; /* configuration flags defined above */ - - u8 power_level; /* transmit power limit for current - * regulatory domain; in dBm */ - u8 antenna_max; /* maximum antenna gain */ - short tx_power_reduction; /* in 0.1 dBm */ - - /* 0 = default/diversity, 1 = Ant0, 2 = Ant1 */ + u32 flags; + u8 power_level; + u8 antenna_max; u8 antenna_sel_tx; u8 antenna_sel_rx; - - int antenna_def; - int antenna_mode; - - /* Following five fields are used for IEEE 802.11H */ - unsigned int radar_detect; - unsigned int spect_mgmt; - /* All following fields are currently unused. */ - unsigned int quiet_duration; /* duration of quiet period */ - unsigned int quiet_offset; /* how far into the beacon is the quiet - * period */ - unsigned int quiet_period; - u8 radar_firpwr_threshold; - u8 radar_rssi_threshold; - u8 pulse_height_threshold; - u8 pulse_rssi_threshold; - u8 pulse_inband_threshold; }; /** * enum ieee80211_if_types - types of 802.11 network interfaces * + * @IEEE80211_IF_TYPE_INVALID: invalid interface type, not used + * by mac80211 itself * @IEEE80211_IF_TYPE_AP: interface in AP mode. * @IEEE80211_IF_TYPE_MGMT: special interface for communication with hostap * daemon. Drivers should never see this type. @@ -322,16 +466,17 @@ struct ieee80211_conf { * @IEEE80211_IF_TYPE_IBSS: interface in IBSS (ad-hoc) mode. * @IEEE80211_IF_TYPE_MNTR: interface in monitor (rfmon) mode. * @IEEE80211_IF_TYPE_WDS: interface in WDS mode. - * @IEEE80211_IF_TYPE_VLAN: not used. + * @IEEE80211_IF_TYPE_VLAN: VLAN interface bound to an AP, drivers + * will never see this type. */ enum ieee80211_if_types { - IEEE80211_IF_TYPE_AP = 0x00000000, - IEEE80211_IF_TYPE_MGMT = 0x00000001, - IEEE80211_IF_TYPE_STA = 0x00000002, - IEEE80211_IF_TYPE_IBSS = 0x00000003, - IEEE80211_IF_TYPE_MNTR = 0x00000004, - IEEE80211_IF_TYPE_WDS = 0x5A580211, - IEEE80211_IF_TYPE_VLAN = 0x00080211, + IEEE80211_IF_TYPE_INVALID, + IEEE80211_IF_TYPE_AP, + IEEE80211_IF_TYPE_STA, + IEEE80211_IF_TYPE_IBSS, + IEEE80211_IF_TYPE_MNTR, + IEEE80211_IF_TYPE_WDS, + IEEE80211_IF_TYPE_VLAN, }; /** @@ -347,7 +492,6 @@ enum ieee80211_if_types { * @mac_addr: pointer to MAC address of the interface. This pointer is valid * until the interface is removed (i.e. it cannot be used after * remove_interface() callback was called for this interface). - * This pointer will be %NULL for monitor interfaces, be careful. * * This structure is used in add_interface() and remove_interface() * callbacks of &struct ieee80211_hw. @@ -360,7 +504,7 @@ enum ieee80211_if_types { */ struct ieee80211_if_init_conf { int if_id; - int type; + enum ieee80211_if_types type; void *mac_addr; }; @@ -377,11 +521,6 @@ struct ieee80211_if_init_conf { * config_interface() call, so copy the value somewhere if you need * it. * @ssid_len: length of the @ssid field. - * @generic_elem: used (together with @generic_elem_len) by drivers for - * hardware that generate beacons independently. The pointer is valid - * only during the config_interface() call, so copy the value somewhere - * if you need it. - * @generic_elem_len: length of the generic element. * @beacon: beacon template. Valid only if @host_gen_beacon_template in * &struct ieee80211_hw is set. The driver is responsible of freeing * the sk_buff. @@ -396,368 +535,571 @@ struct ieee80211_if_conf { u8 *bssid; u8 *ssid; size_t ssid_len; - u8 *generic_elem; - size_t generic_elem_len; struct sk_buff *beacon; struct ieee80211_tx_control *beacon_control; }; -typedef enum { ALG_NONE, ALG_WEP, ALG_TKIP, ALG_CCMP, ALG_NULL } -ieee80211_key_alg; +/** + * enum ieee80211_key_alg - key algorithm + * @ALG_WEP: WEP40 or WEP104 + * @ALG_TKIP: TKIP + * @ALG_CCMP: CCMP (AES) + */ +enum ieee80211_key_alg { + ALG_WEP, + ALG_TKIP, + ALG_CCMP, +}; -struct ieee80211_key_conf { +/** + * enum ieee80211_key_flags - key flags + * + * These flags are used for communication about keys between the driver + * and mac80211, with the @flags parameter of &struct ieee80211_key_conf. + * + * @IEEE80211_KEY_FLAG_WMM_STA: Set by mac80211, this flag indicates + * that the STA this key will be used with could be using QoS. + * @IEEE80211_KEY_FLAG_GENERATE_IV: This flag should be set by the + * driver to indicate that it requires IV generation for this + * particular key. + * @IEEE80211_KEY_FLAG_GENERATE_MMIC: This flag should be set by + * the driver for a TKIP key if it requires Michael MIC + * generation in software. + */ +enum ieee80211_key_flags { + IEEE80211_KEY_FLAG_WMM_STA = 1<<0, + IEEE80211_KEY_FLAG_GENERATE_IV = 1<<1, + IEEE80211_KEY_FLAG_GENERATE_MMIC= 1<<2, +}; - int hw_key_idx; /* filled + used by low-level driver */ - ieee80211_key_alg alg; - int keylen; - -#define IEEE80211_KEY_FORCE_SW_ENCRYPT (1<<0) /* to be cleared by low-level - driver */ -#define IEEE80211_KEY_DEFAULT_TX_KEY (1<<1) /* This key is the new default TX - key (used only for broadcast - keys). */ -#define IEEE80211_KEY_DEFAULT_WEP_ONLY (1<<2) /* static WEP is the only - configured security policy; - this allows some low-level - drivers to determine when - hwaccel can be used */ - u32 flags; /* key configuration flags defined above */ - - s8 keyidx; /* WEP key index */ +/** + * struct ieee80211_key_conf - key information + * + * This key information is given by mac80211 to the driver by + * the set_key() callback in &struct ieee80211_ops. + * + * @hw_key_idx: To be set by the driver, this is the key index the driver + * wants to be given when a frame is transmitted and needs to be + * encrypted in hardware. + * @alg: The key algorithm. + * @flags: key flags, see &enum ieee80211_key_flags. + * @keyidx: the key index (0-3) + * @keylen: key material length + * @key: key material + */ +struct ieee80211_key_conf { + enum ieee80211_key_alg alg; + u8 hw_key_idx; + u8 flags; + s8 keyidx; + u8 keylen; u8 key[0]; }; #define IEEE80211_SEQ_COUNTER_RX 0 #define IEEE80211_SEQ_COUNTER_TX 1 -typedef enum { - SET_KEY, DISABLE_KEY, REMOVE_ALL_KEYS, -} set_key_cmd; +/** + * enum set_key_cmd - key command + * + * Used with the set_key() callback in &struct ieee80211_ops, this + * indicates whether a key is being removed or added. + * + * @SET_KEY: a key is set + * @DISABLE_KEY: a key must be disabled + */ +enum set_key_cmd { + SET_KEY, DISABLE_KEY, +}; -/* This is driver-visible part of the per-hw state the stack keeps. */ -struct ieee80211_hw { - /* points to the cfg80211 wiphy for this piece. Note - * that you must fill in the perm_addr and dev fields - * of this structure, use the macros provided below. */ - struct wiphy *wiphy; +/** + * enum sta_notify_cmd - sta notify command + * + * Used with the sta_notify() callback in &struct ieee80211_ops, this + * indicates addition and removal of a station to station table + * + * @STA_NOTIFY_ADD: a station was added to the station table + * @STA_NOTIFY_REMOVE: a station being removed from the station table + */ +enum sta_notify_cmd { + STA_NOTIFY_ADD, STA_NOTIFY_REMOVE +}; - /* assigned by mac80211, don't write */ - struct ieee80211_conf conf; +/** + * enum ieee80211_hw_flags - hardware flags + * + * These flags are used to indicate hardware capabilities to + * the stack. Generally, flags here should have their meaning + * done in a way that the simplest hardware doesn't need setting + * any particular flags. There are some exceptions to this rule, + * however, so you are advised to review these flags carefully. + * + * @IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE: + * The device only needs to be supplied with a beacon template. + * If you need the host to generate each beacon then don't use + * this flag and call ieee80211_beacon_get() when you need the + * next beacon frame. Note that if you set this flag, you must + * implement the set_tim() callback for powersave mode to work + * properly. + * This flag is only relevant for access-point mode. + * + * @IEEE80211_HW_RX_INCLUDES_FCS: + * Indicates that received frames passed to the stack include + * the FCS at the end. + * + * @IEEE80211_HW_HOST_BROADCAST_PS_BUFFERING: + * Some wireless LAN chipsets buffer broadcast/multicast frames + * for power saving stations in the hardware/firmware and others + * rely on the host system for such buffering. This option is used + * to configure the IEEE 802.11 upper layer to buffer broadcast and + * multicast frames when there are power saving stations so that + * the driver can fetch them with ieee80211_get_buffered_bc(). Note + * that not setting this flag works properly only when the + * %IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE is also not set because + * otherwise the stack will not know when the DTIM beacon was sent. + * + * @IEEE80211_HW_DEFAULT_REG_DOMAIN_CONFIGURED: + * Channels are already configured to the default regulatory domain + * specified in the device's EEPROM + */ +enum ieee80211_hw_flags { + IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE = 1<<0, + IEEE80211_HW_RX_INCLUDES_FCS = 1<<1, + IEEE80211_HW_HOST_BROADCAST_PS_BUFFERING = 1<<2, + IEEE80211_HW_DEFAULT_REG_DOMAIN_CONFIGURED = 1<<3, +}; - /* Single thread workqueue available for driver use - * Allocated by mac80211 on registration */ +/** + * struct ieee80211_hw - hardware information and state + * + * This structure contains the configuration and hardware + * information for an 802.11 PHY. + * + * @wiphy: This points to the &struct wiphy allocated for this + * 802.11 PHY. You must fill in the @perm_addr and @dev + * members of this structure using SET_IEEE80211_DEV() + * and SET_IEEE80211_PERM_ADDR(). + * + * @conf: &struct ieee80211_conf, device configuration, don't use. + * + * @workqueue: single threaded workqueue available for driver use, + * allocated by mac80211 on registration and flushed on + * unregistration. + * + * @priv: pointer to private area that was allocated for driver use + * along with this structure. + * + * @flags: hardware flags, see &enum ieee80211_hw_flags. + * + * @extra_tx_headroom: headroom to reserve in each transmit skb + * for use by the driver (e.g. for transmit headers.) + * + * @channel_change_time: time (in microseconds) it takes to change channels. + * + * @max_rssi: Maximum value for ssi in RX information, use + * negative numbers for dBm and 0 to indicate no support. + * + * @max_signal: like @max_rssi, but for the signal value. + * + * @max_noise: like @max_rssi, but for the noise value. + * + * @queues: number of available hardware transmit queues for + * data packets. WMM/QoS requires at least four. + */ +struct ieee80211_hw { + struct ieee80211_conf conf; + struct wiphy *wiphy; struct workqueue_struct *workqueue; - - /* Pointer to the private area that was - * allocated with this struct for you. */ void *priv; - - /* The rest is information about your hardware */ - - /* TODO: frame_type 802.11/802.3, sw_encryption requirements */ - - /* Some wireless LAN chipsets generate beacons in the hardware/firmware - * and others rely on host generated beacons. This option is used to - * configure the upper layer IEEE 802.11 module to generate beacons. - * The low-level driver can use ieee80211_beacon_get() to fetch the - * next beacon frame. */ -#define IEEE80211_HW_HOST_GEN_BEACON (1<<0) - - /* The device needs to be supplied with a beacon template only. */ -#define IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE (1<<1) - - /* Some devices handle decryption internally and do not - * indicate whether the frame was encrypted (unencrypted frames - * will be dropped by the hardware, unless specifically allowed - * through) */ -#define IEEE80211_HW_DEVICE_HIDES_WEP (1<<2) - - /* Whether RX frames passed to ieee80211_rx() include FCS in the end */ -#define IEEE80211_HW_RX_INCLUDES_FCS (1<<3) - - /* Some wireless LAN chipsets buffer broadcast/multicast frames for - * power saving stations in the hardware/firmware and others rely on - * the host system for such buffering. This option is used to - * configure the IEEE 802.11 upper layer to buffer broadcast/multicast - * frames when there are power saving stations so that low-level driver - * can fetch them with ieee80211_get_buffered_bc(). */ -#define IEEE80211_HW_HOST_BROADCAST_PS_BUFFERING (1<<4) - -#define IEEE80211_HW_WEP_INCLUDE_IV (1<<5) - - /* will data nullfunc frames get proper TX status callback */ -#define IEEE80211_HW_DATA_NULLFUNC_ACK (1<<6) - - /* Force software encryption for TKIP packets if WMM is enabled. */ -#define IEEE80211_HW_NO_TKIP_WMM_HWACCEL (1<<7) - - /* Some devices handle Michael MIC internally and do not include MIC in - * the received packets passed up. device_strips_mic must be set - * for such devices. The 'encryption' frame control bit is expected to - * be still set in the IEEE 802.11 header with this option unlike with - * the device_hides_wep configuration option. - */ -#define IEEE80211_HW_DEVICE_STRIPS_MIC (1<<8) - - /* Device is capable of performing full monitor mode even during - * normal operation. */ -#define IEEE80211_HW_MONITOR_DURING_OPER (1<<9) - - /* Device does not need BSSID filter set to broadcast in order to - * receive all probe responses while scanning */ -#define IEEE80211_HW_NO_PROBE_FILTERING (1<<10) - - /* Channels are already configured to the default regulatory domain - * specified in the device's EEPROM */ -#define IEEE80211_HW_DEFAULT_REG_DOMAIN_CONFIGURED (1<<11) - - /* calculate Michael MIC for an MSDU when doing hwcrypto */ -#define IEEE80211_HW_TKIP_INCLUDE_MMIC (1<<12) - /* Do TKIP phase1 key mixing in stack to support cards only do - * phase2 key mixing when doing hwcrypto */ -#define IEEE80211_HW_TKIP_REQ_PHASE1_KEY (1<<13) - /* Do TKIP phase1 and phase2 key mixing in stack and send the generated - * per-packet RC4 key with each TX frame when doing hwcrypto */ -#define IEEE80211_HW_TKIP_REQ_PHASE2_KEY (1<<14) - - u32 flags; /* hardware flags defined above */ - - /* Set to the size of a needed device specific skb headroom for TX skbs. */ + u32 flags; unsigned int extra_tx_headroom; - - /* This is the time in us to change channels - */ int channel_change_time; - /* Maximum values for various statistics. - * Leave at 0 to indicate no support. Use negative numbers for dBm. */ + u8 queues; s8 max_rssi; s8 max_signal; s8 max_noise; - - /* Number of available hardware TX queues for data packets. - * WMM requires at least four queues. */ - int queues; }; +/** + * SET_IEEE80211_DEV - set device for 802.11 hardware + * + * @hw: the &struct ieee80211_hw to set the device for + * @dev: the &struct device of this 802.11 device + */ static inline void SET_IEEE80211_DEV(struct ieee80211_hw *hw, struct device *dev) { set_wiphy_dev(hw->wiphy, dev); } +/** + * SET_IEEE80211_PERM_ADDR - set the permanenet MAC address for 802.11 hardware + * + * @hw: the &struct ieee80211_hw to set the MAC address for + * @addr: the address to set + */ static inline void SET_IEEE80211_PERM_ADDR(struct ieee80211_hw *hw, u8 *addr) { memcpy(hw->wiphy->perm_addr, addr, ETH_ALEN); } -/* Configuration block used by the low-level driver to tell the 802.11 code - * about supported hardware features and to pass function pointers to callback - * functions. */ +/** + * DOC: Hardware crypto acceleration + * + * mac80211 is capable of taking advantage of many hardware + * acceleration designs for encryption and decryption operations. + * + * The set_key() callback in the &struct ieee80211_ops for a given + * device is called to enable hardware acceleration of encryption and + * decryption. The callback takes an @address parameter that will be + * the broadcast address for default keys, the other station's hardware + * address for individual keys or the zero address for keys that will + * be used only for transmission. + * Multiple transmission keys with the same key index may be used when + * VLANs are configured for an access point. + * + * The @local_address parameter will always be set to our own address, + * this is only relevant if you support multiple local addresses. + * + * When transmitting, the TX control data will use the @hw_key_idx + * selected by the driver by modifying the &struct ieee80211_key_conf + * pointed to by the @key parameter to the set_key() function. + * + * The set_key() call for the %SET_KEY command should return 0 if + * the key is now in use, -%EOPNOTSUPP or -%ENOSPC if it couldn't be + * added; if you return 0 then hw_key_idx must be assigned to the + * hardware key index, you are free to use the full u8 range. + * + * When the cmd is %DISABLE_KEY then it must succeed. + * + * Note that it is permissible to not decrypt a frame even if a key + * for it has been uploaded to hardware, the stack will not make any + * decision based on whether a key has been uploaded or not but rather + * based on the receive flags. + * + * The &struct ieee80211_key_conf structure pointed to by the @key + * parameter is guaranteed to be valid until another call to set_key() + * removes it, but it can only be used as a cookie to differentiate + * keys. + */ + +/** + * DOC: Frame filtering + * + * mac80211 requires to see many management frames for proper + * operation, and users may want to see many more frames when + * in monitor mode. However, for best CPU usage and power consumption, + * having as few frames as possible percolate through the stack is + * desirable. Hence, the hardware should filter as much as possible. + * + * To achieve this, mac80211 uses filter flags (see below) to tell + * the driver's configure_filter() function which frames should be + * passed to mac80211 and which should be filtered out. + * + * The configure_filter() callback is invoked with the parameters + * @mc_count and @mc_list for the combined multicast address list + * of all virtual interfaces, @changed_flags telling which flags + * were changed and @total_flags with the new flag states. + * + * If your device has no multicast address filters your driver will + * need to check both the %FIF_ALLMULTI flag and the @mc_count + * parameter to see whether multicast frames should be accepted + * or dropped. + * + * All unsupported flags in @total_flags must be cleared, i.e. you + * should clear all bits except those you honoured. + */ + +/** + * enum ieee80211_filter_flags - hardware filter flags + * + * These flags determine what the filter in hardware should be + * programmed to let through and what should not be passed to the + * stack. It is always safe to pass more frames than requested, + * but this has negative impact on power consumption. + * + * @FIF_PROMISC_IN_BSS: promiscuous mode within your BSS, + * think of the BSS as your network segment and then this corresponds + * to the regular ethernet device promiscuous mode. + * + * @FIF_ALLMULTI: pass all multicast frames, this is used if requested + * by the user or if the hardware is not capable of filtering by + * multicast address. + * + * @FIF_FCSFAIL: pass frames with failed FCS (but you need to set the + * %RX_FLAG_FAILED_FCS_CRC for them) + * + * @FIF_PLCPFAIL: pass frames with failed PLCP CRC (but you need to set + * the %RX_FLAG_FAILED_PLCP_CRC for them + * + * @FIF_BCN_PRBRESP_PROMISC: This flag is set during scanning to indicate + * to the hardware that it should not filter beacons or probe responses + * by BSSID. Filtering them can greatly reduce the amount of processing + * mac80211 needs to do and the amount of CPU wakeups, so you should + * honour this flag if possible. + * + * @FIF_CONTROL: pass control frames, if PROMISC_IN_BSS is not set then + * only those addressed to this station + * + * @FIF_OTHER_BSS: pass frames destined to other BSSes + */ +enum ieee80211_filter_flags { + FIF_PROMISC_IN_BSS = 1<<0, + FIF_ALLMULTI = 1<<1, + FIF_FCSFAIL = 1<<2, + FIF_PLCPFAIL = 1<<3, + FIF_BCN_PRBRESP_PROMISC = 1<<4, + FIF_CONTROL = 1<<5, + FIF_OTHER_BSS = 1<<6, +}; + +/** + * enum ieee80211_erp_change_flags - erp change flags + * + * These flags are used with the erp_ie_changed() callback in + * &struct ieee80211_ops to indicate which parameter(s) changed. + * @IEEE80211_ERP_CHANGE_PROTECTION: protection changed + * @IEEE80211_ERP_CHANGE_PREAMBLE: barker preamble mode changed + */ +enum ieee80211_erp_change_flags { + IEEE80211_ERP_CHANGE_PROTECTION = 1<<0, + IEEE80211_ERP_CHANGE_PREAMBLE = 1<<1, +}; + + +/** + * struct ieee80211_ops - callbacks from mac80211 to the driver + * + * This structure contains various callbacks that the driver may + * handle or, in some cases, must handle, for example to configure + * the hardware to a new channel or to transmit a frame. + * + * @tx: Handler that 802.11 module calls for each transmitted frame. + * skb contains the buffer starting from the IEEE 802.11 header. + * The low-level driver should send the frame out based on + * configuration in the TX control data. Must be implemented and + * atomic. + * + * @start: Called before the first netdevice attached to the hardware + * is enabled. This should turn on the hardware and must turn on + * frame reception (for possibly enabled monitor interfaces.) + * Returns negative error codes, these may be seen in userspace, + * or zero. + * When the device is started it should not have a MAC address + * to avoid acknowledging frames before a non-monitor device + * is added. + * Must be implemented. + * + * @stop: Called after last netdevice attached to the hardware + * is disabled. This should turn off the hardware (at least + * it must turn off frame reception.) + * May be called right after add_interface if that rejects + * an interface. + * Must be implemented. + * + * @add_interface: Called when a netdevice attached to the hardware is + * enabled. Because it is not called for monitor mode devices, @open + * and @stop must be implemented. + * The driver should perform any initialization it needs before + * the device can be enabled. The initial configuration for the + * interface is given in the conf parameter. + * The callback may refuse to add an interface by returning a + * negative error code (which will be seen in userspace.) + * Must be implemented. + * + * @remove_interface: Notifies a driver that an interface is going down. + * The @stop callback is called after this if it is the last interface + * and no monitor interfaces are present. + * When all interfaces are removed, the MAC address in the hardware + * must be cleared so the device no longer acknowledges packets, + * the mac_addr member of the conf structure is, however, set to the + * MAC address of the device going away. + * Hence, this callback must be implemented. + * + * @config: Handler for configuration requests. IEEE 802.11 code calls this + * function to change hardware configuration, e.g., channel. + * + * @config_interface: Handler for configuration requests related to interfaces + * (e.g. BSSID changes.) + * + * @configure_filter: Configure the device's RX filter. + * See the section "Frame filtering" for more information. + * This callback must be implemented and atomic. + * + * @set_tim: Set TIM bit. If the hardware/firmware takes care of beacon + * generation (that is, %IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE is set) + * mac80211 calls this function when a TIM bit must be set or cleared + * for a given AID. Must be atomic. + * + * @set_key: See the section "Hardware crypto acceleration" + * This callback can sleep, and is only called between add_interface + * and remove_interface calls, i.e. while the interface with the + * given local_address is enabled. + * + * @set_ieee8021x: Enable/disable IEEE 802.1X. This item requests wlan card + * to pass unencrypted EAPOL-Key frames even when encryption is + * configured. If the wlan card does not require such a configuration, + * this function pointer can be set to NULL. + * + * @set_port_auth: Set port authorization state (IEEE 802.1X PAE) to be + * authorized (@authorized=1) or unauthorized (=0). This function can be + * used if the wlan hardware or low-level driver implements PAE. + * mac80211 will filter frames based on authorization state in any case, + * so this function pointer can be NULL if low-level driver does not + * require event notification about port state changes. + * + * @hw_scan: Ask the hardware to service the scan request, no need to start + * the scan state machine in stack. + * + * @get_stats: return low-level statistics + * + * @set_privacy_invoked: For devices that generate their own beacons and probe + * response or association responses this updates the state of privacy_invoked + * returns 0 for success or an error number. + * + * @get_sequence_counter: For devices that have internal sequence counters this + * callback allows mac80211 to access the current value of a counter. + * This callback seems not well-defined, tell us if you need it. + * + * @set_rts_threshold: Configuration of RTS threshold (if device needs it) + * + * @set_frag_threshold: Configuration of fragmentation threshold. Assign this if + * the device does fragmentation by itself; if this method is assigned then + * the stack will not do fragmentation. + * + * @set_retry_limit: Configuration of retry limits (if device needs it) + * + * @sta_notify: Notifies low level driver about addition or removal + * of assocaited station or AP. + * + * @erp_ie_changed: Handle ERP IE change notifications. Must be atomic. + * + * @conf_tx: Configure TX queue parameters (EDCF (aifs, cw_min, cw_max), + * bursting) for a hardware TX queue. The @queue parameter uses the + * %IEEE80211_TX_QUEUE_* constants. Must be atomic. + * + * @get_tx_stats: Get statistics of the current TX queue status. This is used + * to get number of currently queued packets (queue length), maximum queue + * size (limit), and total number of packets sent using each TX queue + * (count). This information is used for WMM to find out which TX + * queues have room for more packets and by hostapd to provide + * statistics about the current queueing state to external programs. + * + * @get_tsf: Get the current TSF timer value from firmware/hardware. Currently, + * this is only used for IBSS mode debugging and, as such, is not a + * required function. Must be atomic. + * + * @reset_tsf: Reset the TSF timer and allow firmware/hardware to synchronize + * with other STAs in the IBSS. This is only used in IBSS mode. This + * function is optional if the firmware/hardware takes full care of + * TSF synchronization. + * + * @beacon_update: Setup beacon data for IBSS beacons. Unlike access point, + * IBSS uses a fixed beacon frame which is configured using this + * function. + * If the driver returns success (0) from this callback, it owns + * the skb. That means the driver is responsible to kfree_skb() it. + * The control structure is not dynamically allocated. That means the + * driver does not own the pointer and if it needs it somewhere + * outside of the context of this function, it must copy it + * somewhere else. + * This handler is required only for IBSS mode. + * + * @tx_last_beacon: Determine whether the last IBSS beacon was sent by us. + * This is needed only for IBSS mode and the result of this function is + * used to determine whether to reply to Probe Requests. + */ struct ieee80211_ops { - /* Handler that 802.11 module calls for each transmitted frame. - * skb contains the buffer starting from the IEEE 802.11 header. - * The low-level driver should send the frame out based on - * configuration in the TX control data. - * Must be atomic. */ int (*tx)(struct ieee80211_hw *hw, struct sk_buff *skb, struct ieee80211_tx_control *control); - - /* Handler for performing hardware reset. */ - int (*reset)(struct ieee80211_hw *hw); - - /* Handler that is called when any netdevice attached to the hardware - * device is set UP for the first time. This can be used, e.g., to - * enable interrupts and beacon sending. */ - int (*open)(struct ieee80211_hw *hw); - - /* Handler that is called when the last netdevice attached to the - * hardware device is set DOWN. This can be used, e.g., to disable - * interrupts and beacon sending. */ - int (*stop)(struct ieee80211_hw *hw); - - /* Handler for asking a driver if a new interface can be added (or, - * more exactly, set UP). If the handler returns zero, the interface - * is added. Driver should perform any initialization it needs prior - * to returning zero. By returning non-zero addition of the interface - * is inhibited. Unless monitor_during_oper is set, it is guaranteed - * that monitor interfaces and normal interfaces are mutually - * exclusive. If assigned, the open() handler is called after - * add_interface() if this is the first device added. The - * add_interface() callback has to be assigned because it is the only - * way to obtain the requested MAC address for any interface. - */ + int (*start)(struct ieee80211_hw *hw); + void (*stop)(struct ieee80211_hw *hw); int (*add_interface)(struct ieee80211_hw *hw, struct ieee80211_if_init_conf *conf); - - /* Notify a driver that an interface is going down. The stop() handler - * is called prior to this if this is a last interface. */ void (*remove_interface)(struct ieee80211_hw *hw, struct ieee80211_if_init_conf *conf); - - /* Handler for configuration requests. IEEE 802.11 code calls this - * function to change hardware configuration, e.g., channel. */ int (*config)(struct ieee80211_hw *hw, struct ieee80211_conf *conf); - - /* Handler for configuration requests related to interfaces (e.g. - * BSSID). */ int (*config_interface)(struct ieee80211_hw *hw, int if_id, struct ieee80211_if_conf *conf); - - /* ieee80211 drivers do not have access to the &struct net_device - * that is (are) connected with their device. Hence (and because - * we need to combine the multicast lists and flags for multiple - * virtual interfaces), they cannot assign set_multicast_list. - * The parameters here replace dev->flags and dev->mc_count, - * dev->mc_list is replaced by calling ieee80211_get_mc_list_item. - * Must be atomic. */ - void (*set_multicast_list)(struct ieee80211_hw *hw, - unsigned short flags, int mc_count); - - /* Set TIM bit handler. If the hardware/firmware takes care of beacon - * generation, IEEE 802.11 code uses this function to tell the - * low-level to set (or clear if set==0) TIM bit for the given aid. If - * host system is used to generate beacons, this handler is not used - * and low-level driver should set it to NULL. - * Must be atomic. */ + void (*configure_filter)(struct ieee80211_hw *hw, + unsigned int changed_flags, + unsigned int *total_flags, + int mc_count, struct dev_addr_list *mc_list); int (*set_tim)(struct ieee80211_hw *hw, int aid, int set); - - /* Set encryption key. IEEE 802.11 module calls this function to set - * encryption keys. addr is ff:ff:ff:ff:ff:ff for default keys and - * station hwaddr for individual keys. aid of the station is given - * to help low-level driver in selecting which key->hw_key_idx to use - * for this key. TX control data will use the hw_key_idx selected by - * the low-level driver. - * Must be atomic. */ - int (*set_key)(struct ieee80211_hw *hw, set_key_cmd cmd, - u8 *addr, struct ieee80211_key_conf *key, int aid); - - /* Set TX key index for default/broadcast keys. This is needed in cases - * where wlan card is doing full WEP/TKIP encapsulation (wep_include_iv - * is not set), in other cases, this function pointer can be set to - * NULL since the IEEE 802. 11 module takes care of selecting the key - * index for each TX frame. */ - int (*set_key_idx)(struct ieee80211_hw *hw, int idx); - - /* Enable/disable IEEE 802.1X. This item requests wlan card to pass - * unencrypted EAPOL-Key frames even when encryption is configured. - * If the wlan card does not require such a configuration, this - * function pointer can be set to NULL. */ + int (*set_key)(struct ieee80211_hw *hw, enum set_key_cmd cmd, + const u8 *local_address, const u8 *address, + struct ieee80211_key_conf *key); int (*set_ieee8021x)(struct ieee80211_hw *hw, int use_ieee8021x); - - /* Set port authorization state (IEEE 802.1X PAE) to be authorized - * (authorized=1) or unauthorized (authorized=0). This function can be - * used if the wlan hardware or low-level driver implements PAE. - * 80211.o module will anyway filter frames based on authorization - * state, so this function pointer can be NULL if low-level driver does - * not require event notification about port state changes. - * Currently unused. */ int (*set_port_auth)(struct ieee80211_hw *hw, u8 *addr, int authorized); - - /* Ask the hardware to service the scan request, no need to start - * the scan state machine in stack. */ int (*hw_scan)(struct ieee80211_hw *hw, u8 *ssid, size_t len); - - /* return low-level statistics */ int (*get_stats)(struct ieee80211_hw *hw, struct ieee80211_low_level_stats *stats); - - /* For devices that generate their own beacons and probe response - * or association responses this updates the state of privacy_invoked - * returns 0 for success or an error number */ int (*set_privacy_invoked)(struct ieee80211_hw *hw, int privacy_invoked); - - /* For devices that have internal sequence counters, allow 802.11 - * code to access the current value of a counter */ int (*get_sequence_counter)(struct ieee80211_hw *hw, u8* addr, u8 keyidx, u8 txrx, u32* iv32, u16* iv16); - - /* Configuration of RTS threshold (if device needs it) */ int (*set_rts_threshold)(struct ieee80211_hw *hw, u32 value); - - /* Configuration of fragmentation threshold. - * Assign this if the device does fragmentation by itself, - * if this method is assigned then the stack will not do - * fragmentation. */ int (*set_frag_threshold)(struct ieee80211_hw *hw, u32 value); - - /* Configuration of retry limits (if device needs it) */ int (*set_retry_limit)(struct ieee80211_hw *hw, u32 short_retry, u32 long_retr); - - /* Number of STAs in STA table notification (NULL = disabled). - * Must be atomic. */ - void (*sta_table_notification)(struct ieee80211_hw *hw, - int num_sta); - - /* Configure TX queue parameters (EDCF (aifs, cw_min, cw_max), - * bursting) for a hardware TX queue. - * queue = IEEE80211_TX_QUEUE_*. - * Must be atomic. */ + void (*sta_notify)(struct ieee80211_hw *hw, int if_id, + enum sta_notify_cmd, const u8 *addr); + void (*erp_ie_changed)(struct ieee80211_hw *hw, u8 changes, + int cts_protection, int preamble); int (*conf_tx)(struct ieee80211_hw *hw, int queue, const struct ieee80211_tx_queue_params *params); - - /* Get statistics of the current TX queue status. This is used to get - * number of currently queued packets (queue length), maximum queue - * size (limit), and total number of packets sent using each TX queue - * (count). - * Currently unused. */ int (*get_tx_stats)(struct ieee80211_hw *hw, struct ieee80211_tx_queue_stats *stats); - - /* Get the current TSF timer value from firmware/hardware. Currently, - * this is only used for IBSS mode debugging and, as such, is not a - * required function. - * Must be atomic. */ u64 (*get_tsf)(struct ieee80211_hw *hw); - - /* Reset the TSF timer and allow firmware/hardware to synchronize with - * other STAs in the IBSS. This is only used in IBSS mode. This - * function is optional if the firmware/hardware takes full care of - * TSF synchronization. */ void (*reset_tsf)(struct ieee80211_hw *hw); - - /* Setup beacon data for IBSS beacons. Unlike access point (Master), - * IBSS uses a fixed beacon frame which is configured using this - * function. This handler is required only for IBSS mode. */ int (*beacon_update)(struct ieee80211_hw *hw, struct sk_buff *skb, struct ieee80211_tx_control *control); - - /* Determine whether the last IBSS beacon was sent by us. This is - * needed only for IBSS mode and the result of this function is used to - * determine whether to reply to Probe Requests. */ int (*tx_last_beacon)(struct ieee80211_hw *hw); }; -/* Allocate a new hardware device. This must be called once for each - * hardware device. The returned pointer must be used to refer to this - * device when calling other functions. 802.11 code allocates a private data - * area for the low-level driver. The size of this area is given as - * priv_data_len. +/** + * ieee80211_alloc_hw - Allocate a new hardware device + * + * This must be called once for each hardware device. The returned pointer + * must be used to refer to this device when calling other functions. + * mac80211 allocates a private data area for the driver pointed to by + * @priv in &struct ieee80211_hw, the size of this area is given as + * @priv_data_len. + * + * @priv_data_len: length of private data + * @ops: callbacks for this device */ struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len, const struct ieee80211_ops *ops); -/* Register hardware device to the IEEE 802.11 code and kernel. Low-level - * drivers must call this function before using any other IEEE 802.11 - * function except ieee80211_register_hwmode. */ +/** + * ieee80211_register_hw - Register hardware device + * + * You must call this function before any other functions + * except ieee80211_register_hwmode. + * + * @hw: the device to register as returned by ieee80211_alloc_hw() + */ int ieee80211_register_hw(struct ieee80211_hw *hw); -/* driver can use this and ieee80211_get_rx_led_name to get the - * name of the registered LEDs after ieee80211_register_hw - * was called. - * This is useful to set the default trigger on the LED class - * device that your driver should export for each LED the device - * has, that way the default behaviour will be as expected but - * the user can still change it/turn off the LED etc. - */ #ifdef CONFIG_MAC80211_LEDS extern char *__ieee80211_get_tx_led_name(struct ieee80211_hw *hw); extern char *__ieee80211_get_rx_led_name(struct ieee80211_hw *hw); +extern char *__ieee80211_get_assoc_led_name(struct ieee80211_hw *hw); #endif +/** + * ieee80211_get_tx_led_name - get name of TX LED + * + * mac80211 creates a transmit LED trigger for each wireless hardware + * that can be used to drive LEDs if your driver registers a LED device. + * This function returns the name (or %NULL if not configured for LEDs) + * of the trigger so you can automatically link the LED device. + * + * @hw: the hardware to get the LED trigger name for + */ static inline char *ieee80211_get_tx_led_name(struct ieee80211_hw *hw) { #ifdef CONFIG_MAC80211_LEDS @@ -767,6 +1109,16 @@ static inline char *ieee80211_get_tx_led_name(struct ieee80211_hw *hw) #endif } +/** + * ieee80211_get_rx_led_name - get name of RX LED + * + * mac80211 creates a receive LED trigger for each wireless hardware + * that can be used to drive LEDs if your driver registers a LED device. + * This function returns the name (or %NULL if not configured for LEDs) + * of the trigger so you can automatically link the LED device. + * + * @hw: the hardware to get the LED trigger name for + */ static inline char *ieee80211_get_rx_led_name(struct ieee80211_hw *hw) { #ifdef CONFIG_MAC80211_LEDS @@ -776,33 +1128,94 @@ static inline char *ieee80211_get_rx_led_name(struct ieee80211_hw *hw) #endif } +static inline char *ieee80211_get_assoc_led_name(struct ieee80211_hw *hw) +{ +#ifdef CONFIG_MAC80211_LEDS + return __ieee80211_get_assoc_led_name(hw); +#else + return NULL; +#endif +} + + /* Register a new hardware PHYMODE capability to the stack. */ int ieee80211_register_hwmode(struct ieee80211_hw *hw, struct ieee80211_hw_mode *mode); -/* Unregister a hardware device. This function instructs 802.11 code to free - * allocated resources and unregister netdevices from the kernel. */ +/** + * ieee80211_unregister_hw - Unregister a hardware device + * + * This function instructs mac80211 to free allocated resources + * and unregister netdevices from the networking subsystem. + * + * @hw: the hardware to unregister + */ void ieee80211_unregister_hw(struct ieee80211_hw *hw); -/* Free everything that was allocated including private data of a driver. */ +/** + * ieee80211_free_hw - free hardware descriptor + * + * This function frees everything that was allocated, including the + * private data for the driver. You must call ieee80211_unregister_hw() + * before calling this function + * + * @hw: the hardware to free + */ void ieee80211_free_hw(struct ieee80211_hw *hw); -/* Receive frame callback function. The low-level driver uses this function to - * send received frames to the IEEE 802.11 code. Receive buffer (skb) must - * start with IEEE 802.11 header. */ +/* trick to avoid symbol clashes with the ieee80211 subsystem */ void __ieee80211_rx(struct ieee80211_hw *hw, struct sk_buff *skb, struct ieee80211_rx_status *status); + +/** + * ieee80211_rx - receive frame + * + * Use this function to hand received frames to mac80211. The receive + * buffer in @skb must start with an IEEE 802.11 header or a radiotap + * header if %RX_FLAG_RADIOTAP is set in the @status flags. + * + * This function may not be called in IRQ context. + * + * @hw: the hardware this frame came in on + * @skb: the buffer to receive, owned by mac80211 after this call + * @status: status of this frame; the status pointer need not be valid + * after this function returns + */ +static inline void ieee80211_rx(struct ieee80211_hw *hw, struct sk_buff *skb, + struct ieee80211_rx_status *status) +{ + __ieee80211_rx(hw, skb, status); +} + +/** + * ieee80211_rx_irqsafe - receive frame + * + * Like ieee80211_rx() but can be called in IRQ context + * (internally defers to a workqueue.) + * + * @hw: the hardware this frame came in on + * @skb: the buffer to receive, owned by mac80211 after this call + * @status: status of this frame; the status pointer need not be valid + * after this function returns and is not freed by mac80211, + * it is recommended that it points to a stack area + */ void ieee80211_rx_irqsafe(struct ieee80211_hw *hw, struct sk_buff *skb, struct ieee80211_rx_status *status); -/* Transmit status callback function. The low-level driver must call this - * function to report transmit status for all the TX frames that had - * req_tx_status set in the transmit control fields. In addition, this should - * be called at least for all unicast frames to provide information for TX rate - * control algorithm. In order to maintain all statistics, this function is - * recommended to be called after each frame, including multicast/broadcast, is - * sent. */ +/** + * ieee80211_tx_status - transmit status callback + * + * Call this function for all transmitted frames after they have been + * transmitted. It is permissible to not call this function for + * multicast frames but this can affect statistics. + * + * @hw: the hardware the frame was transmitted by + * @skb: the frame that was transmitted, owned by mac80211 after this call + * @status: status information for this frame; the status pointer need not + * be valid after this function returns and is not freed by mac80211, + * it is recommended that it points to a stack area + */ void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb, struct ieee80211_tx_status *status); @@ -830,6 +1243,7 @@ struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw, /** * ieee80211_rts_get - RTS frame generation function * @hw: pointer obtained from ieee80211_alloc_hw(). + * @if_id: interface ID from &struct ieee80211_if_init_conf. * @frame: pointer to the frame that is going to be protected by the RTS. * @frame_len: the frame length (in octets). * @frame_txctl: &struct ieee80211_tx_control of the frame. @@ -840,7 +1254,7 @@ struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw, * the next RTS frame from the 802.11 code. The low-level is responsible * for calling this function before and RTS frame is needed. */ -void ieee80211_rts_get(struct ieee80211_hw *hw, +void ieee80211_rts_get(struct ieee80211_hw *hw, int if_id, const void *frame, size_t frame_len, const struct ieee80211_tx_control *frame_txctl, struct ieee80211_rts *rts); @@ -848,6 +1262,7 @@ void ieee80211_rts_get(struct ieee80211_hw *hw, /** * ieee80211_rts_duration - Get the duration field for an RTS frame * @hw: pointer obtained from ieee80211_alloc_hw(). + * @if_id: interface ID from &struct ieee80211_if_init_conf. * @frame_len: the length of the frame that is going to be protected by the RTS. * @frame_txctl: &struct ieee80211_tx_control of the frame. * @@ -855,13 +1270,14 @@ void ieee80211_rts_get(struct ieee80211_hw *hw, * the duration field, the low-level driver uses this function to receive * the duration field value in little-endian byteorder. */ -__le16 ieee80211_rts_duration(struct ieee80211_hw *hw, +__le16 ieee80211_rts_duration(struct ieee80211_hw *hw, int if_id, size_t frame_len, const struct ieee80211_tx_control *frame_txctl); /** * ieee80211_ctstoself_get - CTS-to-self frame generation function * @hw: pointer obtained from ieee80211_alloc_hw(). + * @if_id: interface ID from &struct ieee80211_if_init_conf. * @frame: pointer to the frame that is going to be protected by the CTS-to-self. * @frame_len: the frame length (in octets). * @frame_txctl: &struct ieee80211_tx_control of the frame. @@ -872,7 +1288,7 @@ __le16 ieee80211_rts_duration(struct ieee80211_hw *hw, * the next CTS-to-self frame from the 802.11 code. The low-level is responsible * for calling this function before and CTS-to-self frame is needed. */ -void ieee80211_ctstoself_get(struct ieee80211_hw *hw, +void ieee80211_ctstoself_get(struct ieee80211_hw *hw, int if_id, const void *frame, size_t frame_len, const struct ieee80211_tx_control *frame_txctl, struct ieee80211_cts *cts); @@ -880,6 +1296,7 @@ void ieee80211_ctstoself_get(struct ieee80211_hw *hw, /** * ieee80211_ctstoself_duration - Get the duration field for a CTS-to-self frame * @hw: pointer obtained from ieee80211_alloc_hw(). + * @if_id: interface ID from &struct ieee80211_if_init_conf. * @frame_len: the length of the frame that is going to be protected by the CTS-to-self. * @frame_txctl: &struct ieee80211_tx_control of the frame. * @@ -887,20 +1304,21 @@ void ieee80211_ctstoself_get(struct ieee80211_hw *hw, * the duration field, the low-level driver uses this function to receive * the duration field value in little-endian byteorder. */ -__le16 ieee80211_ctstoself_duration(struct ieee80211_hw *hw, +__le16 ieee80211_ctstoself_duration(struct ieee80211_hw *hw, int if_id, size_t frame_len, const struct ieee80211_tx_control *frame_txctl); /** * ieee80211_generic_frame_duration - Calculate the duration field for a frame * @hw: pointer obtained from ieee80211_alloc_hw(). + * @if_id: interface ID from &struct ieee80211_if_init_conf. * @frame_len: the length of the frame. * @rate: the rate (in 100kbps) at which the frame is going to be transmitted. * * Calculate the duration field of some generic frame, given its * length and transmission rate (in 100kbps). */ -__le16 ieee80211_generic_frame_duration(struct ieee80211_hw *hw, +__le16 ieee80211_generic_frame_duration(struct ieee80211_hw *hw, int if_id, size_t frame_len, int rate); @@ -929,14 +1347,26 @@ struct sk_buff * ieee80211_get_buffered_bc(struct ieee80211_hw *hw, int if_id, struct ieee80211_tx_control *control); -/* Given an sk_buff with a raw 802.11 header at the data pointer this function +/** + * ieee80211_get_hdrlen_from_skb - get header length from data + * + * Given an skb with a raw 802.11 header at the data pointer this function * returns the 802.11 header length in bytes (not including encryption * headers). If the data in the sk_buff is too short to contain a valid 802.11 * header the function returns 0. + * + * @skb: the frame */ int ieee80211_get_hdrlen_from_skb(const struct sk_buff *skb); -/* Like ieee80211_get_hdrlen_from_skb() but takes a FC in CPU order. */ +/** + * ieee80211_get_hdrlen - get header length from frame control + * + * This function returns the 802.11 header length in bytes (not including + * encryption headers.) + * + * @fc: the frame control field (in CPU endianness) + */ int ieee80211_get_hdrlen(u16 fc); /** @@ -982,66 +1412,14 @@ void ieee80211_stop_queues(struct ieee80211_hw *hw); void ieee80211_wake_queues(struct ieee80211_hw *hw); /** - * ieee80211_get_mc_list_item - iteration over items in multicast list - * @hw: pointer as obtained from ieee80211_alloc_hw(). - * @prev: value returned by previous call to ieee80211_get_mc_list_item() or - * NULL to start a new iteration. - * @ptr: pointer to buffer of void * type for internal usage of - * ieee80211_get_mc_list_item(). - * - * Iterates over items in multicast list of given device. To get the first - * item, pass NULL in @prev and in *@ptr. In subsequent calls, pass the - * value returned by previous call in @prev. Don't alter *@ptr during - * iteration. When there are no more items, NULL is returned. + * ieee80211_scan_completed - completed hardware scan + * + * When hardware scan offload is used (i.e. the hw_scan() callback is + * assigned) this function needs to be called by the driver to notify + * mac80211 that the scan finished. + * + * @hw: the hardware that finished the scan */ -struct dev_mc_list * -ieee80211_get_mc_list_item(struct ieee80211_hw *hw, - struct dev_mc_list *prev, - void **ptr); - -/* called by driver to notify scan status completed */ void ieee80211_scan_completed(struct ieee80211_hw *hw); -/* Function to indicate Radar Detection. The low level driver must call this - * function to indicate the presence of radar in the current channel. - * Additionally the radar type also could be sent */ -int ieee80211_radar_status(struct ieee80211_hw *hw, int channel, - int radar, int radar_type); - -/* return a pointer to the source address (SA) */ -static inline u8 *ieee80211_get_SA(struct ieee80211_hdr *hdr) -{ - u8 *raw = (u8 *) hdr; - u8 tofrom = (*(raw+1)) & 3; /* get the TODS and FROMDS bits */ - - switch (tofrom) { - case 2: - return hdr->addr3; - case 3: - return hdr->addr4; - } - return hdr->addr2; -} - -/* return a pointer to the destination address (DA) */ -static inline u8 *ieee80211_get_DA(struct ieee80211_hdr *hdr) -{ - u8 *raw = (u8 *) hdr; - u8 to_ds = (*(raw+1)) & 1; /* get the TODS bit */ - - if (to_ds) - return hdr->addr3; - return hdr->addr1; -} - -static inline int ieee80211_get_morefrag(struct ieee80211_hdr *hdr) -{ - return (le16_to_cpu(hdr->frame_control) & - IEEE80211_FCTL_MOREFRAGS) != 0; -} - -#define MAC_FMT "%02x:%02x:%02x:%02x:%02x:%02x" -#define MAC_ARG(x) ((u8*)(x))[0], ((u8*)(x))[1], ((u8*)(x))[2], \ - ((u8*)(x))[3], ((u8*)(x))[4], ((u8*)(x))[5] - #endif /* MAC80211_H */ diff --git a/include/net/ndisc.h b/include/net/ndisc.h index 475b10c575b3..6684f7efbeeb 100644 --- a/include/net/ndisc.h +++ b/include/net/ndisc.h @@ -24,6 +24,7 @@ enum { ND_OPT_MTU = 5, /* RFC2461 */ __ND_OPT_ARRAY_MAX, ND_OPT_ROUTE_INFO = 24, /* RFC4191 */ + ND_OPT_RDNSS = 25, /* RFC5006 */ __ND_OPT_MAX }; diff --git a/include/net/net_namespace.h b/include/net/net_namespace.h new file mode 100644 index 000000000000..93aa87d32804 --- /dev/null +++ b/include/net/net_namespace.h @@ -0,0 +1,123 @@ +/* + * Operations on the network namespace + */ +#ifndef __NET_NET_NAMESPACE_H +#define __NET_NET_NAMESPACE_H + +#include <asm/atomic.h> +#include <linux/workqueue.h> +#include <linux/list.h> + +struct proc_dir_entry; +struct net_device; +struct net { + atomic_t count; /* To decided when the network + * namespace should be freed. + */ + atomic_t use_count; /* To track references we + * destroy on demand + */ + struct list_head list; /* list of network namespaces */ + struct work_struct work; /* work struct for freeing */ + + struct proc_dir_entry *proc_net; + struct proc_dir_entry *proc_net_stat; + struct proc_dir_entry *proc_net_root; + + struct net_device *loopback_dev; /* The loopback */ + + struct list_head dev_base_head; + struct hlist_head *dev_name_head; + struct hlist_head *dev_index_head; +}; + +#ifdef CONFIG_NET +/* Init's network namespace */ +extern struct net init_net; +#define INIT_NET_NS(net_ns) .net_ns = &init_net, +#else +#define INIT_NET_NS(net_ns) +#endif + +extern struct list_head net_namespace_list; + +#ifdef CONFIG_NET +extern struct net *copy_net_ns(unsigned long flags, struct net *net_ns); +#else +static inline struct net *copy_net_ns(unsigned long flags, struct net *net_ns) +{ + /* There is nothing to copy so this is a noop */ + return net_ns; +} +#endif + +extern void __put_net(struct net *net); + +static inline struct net *get_net(struct net *net) +{ +#ifdef CONFIG_NET + atomic_inc(&net->count); +#endif + return net; +} + +static inline struct net *maybe_get_net(struct net *net) +{ + /* Used when we know struct net exists but we + * aren't guaranteed a previous reference count + * exists. If the reference count is zero this + * function fails and returns NULL. + */ + if (!atomic_inc_not_zero(&net->count)) + net = NULL; + return net; +} + +static inline void put_net(struct net *net) +{ +#ifdef CONFIG_NET + if (atomic_dec_and_test(&net->count)) + __put_net(net); +#endif +} + +static inline struct net *hold_net(struct net *net) +{ +#ifdef CONFIG_NET + atomic_inc(&net->use_count); +#endif + return net; +} + +static inline void release_net(struct net *net) +{ +#ifdef CONFIG_NET + atomic_dec(&net->use_count); +#endif +} + +#define for_each_net(VAR) \ + list_for_each_entry(VAR, &net_namespace_list, list) + +#ifdef CONFIG_NET_NS +#define __net_init +#define __net_exit +#define __net_initdata +#else +#define __net_init __init +#define __net_exit __exit_refok +#define __net_initdata __initdata +#endif + +struct pernet_operations { + struct list_head list; + int (*init)(struct net *net); + void (*exit)(struct net *net); +}; + +extern int register_pernet_subsys(struct pernet_operations *); +extern void unregister_pernet_subsys(struct pernet_operations *); +extern int register_pernet_device(struct pernet_operations *); +extern void unregister_pernet_device(struct pernet_operations *); + +#endif /* __NET_NET_NAMESPACE_H */ diff --git a/include/net/netfilter/ipv4/nf_conntrack_ipv4.h b/include/net/netfilter/ipv4/nf_conntrack_ipv4.h index 7a671603fca6..9bf059817aec 100644 --- a/include/net/netfilter/ipv4/nf_conntrack_ipv4.h +++ b/include/net/netfilter/ipv4/nf_conntrack_ipv4.h @@ -21,4 +21,6 @@ extern struct nf_conntrack_l4proto nf_conntrack_l4proto_icmp; extern int nf_conntrack_ipv4_compat_init(void); extern void nf_conntrack_ipv4_compat_fini(void); +extern void need_ipv4_conntrack(void); + #endif /*_NF_CONNTRACK_IPV4_H*/ diff --git a/include/net/netfilter/ipv6/nf_conntrack_ipv6.h b/include/net/netfilter/ipv6/nf_conntrack_ipv6.h index 5a8965904377..070d12cb4634 100644 --- a/include/net/netfilter/ipv6/nf_conntrack_ipv6.h +++ b/include/net/netfilter/ipv6/nf_conntrack_ipv6.h @@ -7,9 +7,6 @@ extern struct nf_conntrack_l4proto nf_conntrack_l4proto_tcp6; extern struct nf_conntrack_l4proto nf_conntrack_l4proto_udp6; extern struct nf_conntrack_l4proto nf_conntrack_l4proto_icmpv6; -extern int nf_ct_ipv6_skip_exthdr(const struct sk_buff *skb, int start, - u8 *nexthdrp, int len); - extern int nf_ct_frag6_init(void); extern void nf_ct_frag6_cleanup(void); extern struct sk_buff *nf_ct_frag6_gather(struct sk_buff *skb); diff --git a/include/net/netfilter/nf_conntrack.h b/include/net/netfilter/nf_conntrack.h index 810020ec345d..90fb66d99d0c 100644 --- a/include/net/netfilter/nf_conntrack.h +++ b/include/net/netfilter/nf_conntrack.h @@ -116,9 +116,6 @@ struct nf_conn struct ip_conntrack_counter counters[IP_CT_DIR_MAX]; #endif - /* Unique ID that identifies this conntrack*/ - unsigned int id; - #if defined(CONFIG_NF_CONNTRACK_MARK) u_int32_t mark; #endif diff --git a/include/net/netfilter/nf_conntrack_expect.h b/include/net/netfilter/nf_conntrack_expect.h index cae1a0dce365..b47c04f12dbe 100644 --- a/include/net/netfilter/nf_conntrack_expect.h +++ b/include/net/netfilter/nf_conntrack_expect.h @@ -38,9 +38,6 @@ struct nf_conntrack_expect /* Usage count. */ atomic_t use; - /* Unique ID */ - unsigned int id; - /* Flags */ unsigned int flags; diff --git a/include/net/netfilter/nf_conntrack_helper.h b/include/net/netfilter/nf_conntrack_helper.h index d04f99964d94..0dcc4c828ce9 100644 --- a/include/net/netfilter/nf_conntrack_helper.h +++ b/include/net/netfilter/nf_conntrack_helper.h @@ -36,7 +36,7 @@ struct nf_conntrack_helper void (*destroy)(struct nf_conn *ct); - int (*to_nfattr)(struct sk_buff *skb, const struct nf_conn *ct); + int (*to_nlattr)(struct sk_buff *skb, const struct nf_conn *ct); }; extern struct nf_conntrack_helper * diff --git a/include/net/netfilter/nf_conntrack_l3proto.h b/include/net/netfilter/nf_conntrack_l3proto.h index 3c58a2c4df28..15888fc7b72d 100644 --- a/include/net/netfilter/nf_conntrack_l3proto.h +++ b/include/net/netfilter/nf_conntrack_l3proto.h @@ -11,11 +11,11 @@ #ifndef _NF_CONNTRACK_L3PROTO_H #define _NF_CONNTRACK_L3PROTO_H +#include <linux/netlink.h> +#include <net/netlink.h> #include <linux/seq_file.h> #include <net/netfilter/nf_conntrack.h> -struct nfattr; - struct nf_conntrack_l3proto { /* L3 Protocol Family number. ex) PF_INET */ @@ -64,11 +64,12 @@ struct nf_conntrack_l3proto int (*get_l4proto)(const struct sk_buff *skb, unsigned int nhoff, unsigned int *dataoff, u_int8_t *protonum); - int (*tuple_to_nfattr)(struct sk_buff *skb, + int (*tuple_to_nlattr)(struct sk_buff *skb, const struct nf_conntrack_tuple *t); - int (*nfattr_to_tuple)(struct nfattr *tb[], + int (*nlattr_to_tuple)(struct nlattr *tb[], struct nf_conntrack_tuple *t); + const struct nla_policy *nla_policy; #ifdef CONFIG_SYSCTL struct ctl_table_header *ctl_table_header; diff --git a/include/net/netfilter/nf_conntrack_l4proto.h b/include/net/netfilter/nf_conntrack_l4proto.h index f46cb930414c..fb50c217ba0a 100644 --- a/include/net/netfilter/nf_conntrack_l4proto.h +++ b/include/net/netfilter/nf_conntrack_l4proto.h @@ -9,10 +9,11 @@ #ifndef _NF_CONNTRACK_L4PROTO_H #define _NF_CONNTRACK_L4PROTO_H +#include <linux/netlink.h> +#include <net/netlink.h> #include <net/netfilter/nf_conntrack.h> struct seq_file; -struct nfattr; struct nf_conntrack_l4proto { @@ -65,16 +66,17 @@ struct nf_conntrack_l4proto int pf, unsigned int hooknum); /* convert protoinfo to nfnetink attributes */ - int (*to_nfattr)(struct sk_buff *skb, struct nfattr *nfa, + int (*to_nlattr)(struct sk_buff *skb, struct nlattr *nla, const struct nf_conn *ct); /* convert nfnetlink attributes to protoinfo */ - int (*from_nfattr)(struct nfattr *tb[], struct nf_conn *ct); + int (*from_nlattr)(struct nlattr *tb[], struct nf_conn *ct); - int (*tuple_to_nfattr)(struct sk_buff *skb, + int (*tuple_to_nlattr)(struct sk_buff *skb, const struct nf_conntrack_tuple *t); - int (*nfattr_to_tuple)(struct nfattr *tb[], + int (*nlattr_to_tuple)(struct nlattr *tb[], struct nf_conntrack_tuple *t); + const struct nla_policy *nla_policy; #ifdef CONFIG_SYSCTL struct ctl_table_header **ctl_table_header; @@ -111,10 +113,11 @@ extern int nf_conntrack_l4proto_register(struct nf_conntrack_l4proto *proto); extern void nf_conntrack_l4proto_unregister(struct nf_conntrack_l4proto *proto); /* Generic netlink helpers */ -extern int nf_ct_port_tuple_to_nfattr(struct sk_buff *skb, +extern int nf_ct_port_tuple_to_nlattr(struct sk_buff *skb, const struct nf_conntrack_tuple *tuple); -extern int nf_ct_port_nfattr_to_tuple(struct nfattr *tb[], +extern int nf_ct_port_nlattr_to_tuple(struct nlattr *tb[], struct nf_conntrack_tuple *t); +extern const struct nla_policy nf_ct_port_nla_policy[]; /* Log invalid packets */ extern unsigned int nf_ct_log_invalid; diff --git a/include/net/netfilter/nf_conntrack_tuple.h b/include/net/netfilter/nf_conntrack_tuple.h index 040dae5f0c9e..c48e390f4b0f 100644 --- a/include/net/netfilter/nf_conntrack_tuple.h +++ b/include/net/netfilter/nf_conntrack_tuple.h @@ -35,7 +35,7 @@ union nf_conntrack_address { union nf_conntrack_man_proto { /* Add other protocols here. */ - u_int16_t all; + __be16 all; struct { __be16 port; @@ -73,7 +73,7 @@ struct nf_conntrack_tuple union nf_conntrack_address u3; union { /* Add other protocols here. */ - u_int16_t all; + __be16 all; struct { __be16 port; diff --git a/include/net/netfilter/nf_nat_protocol.h b/include/net/netfilter/nf_nat_protocol.h index a9ec5ef61468..14c7b2d7263c 100644 --- a/include/net/netfilter/nf_nat_protocol.h +++ b/include/net/netfilter/nf_nat_protocol.h @@ -38,10 +38,10 @@ struct nf_nat_protocol enum nf_nat_manip_type maniptype, const struct nf_conn *ct); - int (*range_to_nfattr)(struct sk_buff *skb, + int (*range_to_nlattr)(struct sk_buff *skb, const struct nf_nat_range *range); - int (*nfattr_to_range)(struct nfattr *tb[], + int (*nlattr_to_range)(struct nlattr *tb[], struct nf_nat_range *range); }; @@ -62,9 +62,9 @@ extern int init_protocols(void) __init; extern void cleanup_protocols(void); extern struct nf_nat_protocol *find_nat_proto(u_int16_t protonum); -extern int nf_nat_port_range_to_nfattr(struct sk_buff *skb, +extern int nf_nat_port_range_to_nlattr(struct sk_buff *skb, const struct nf_nat_range *range); -extern int nf_nat_port_nfattr_to_range(struct nfattr *tb[], +extern int nf_nat_port_nlattr_to_range(struct nlattr *tb[], struct nf_nat_range *range); #endif /*_NF_NAT_PROTO_H*/ diff --git a/include/net/netlabel.h b/include/net/netlabel.h index 9b7d6f2ac9a3..2e5b2f6f9fa0 100644 --- a/include/net/netlabel.h +++ b/include/net/netlabel.h @@ -132,6 +132,8 @@ struct netlbl_lsm_secattr_catmap { #define NETLBL_SECATTR_CACHE 0x00000002 #define NETLBL_SECATTR_MLS_LVL 0x00000004 #define NETLBL_SECATTR_MLS_CAT 0x00000008 +#define NETLBL_SECATTR_CACHEABLE (NETLBL_SECATTR_MLS_LVL | \ + NETLBL_SECATTR_MLS_CAT) struct netlbl_lsm_secattr { u32 flags; @@ -144,10 +146,9 @@ struct netlbl_lsm_secattr { }; /* - * LSM security attribute operations + * LSM security attribute operations (inline) */ - /** * netlbl_secattr_cache_alloc - Allocate and initialize a secattr cache * @flags: the memory allocation flags @@ -283,6 +284,9 @@ static inline void netlbl_secattr_free(struct netlbl_lsm_secattr *secattr) } #ifdef CONFIG_NETLABEL +/* + * LSM security attribute operations + */ int netlbl_secattr_catmap_walk(struct netlbl_lsm_secattr_catmap *catmap, u32 offset); int netlbl_secattr_catmap_walk_rng(struct netlbl_lsm_secattr_catmap *catmap, @@ -294,6 +298,25 @@ int netlbl_secattr_catmap_setrng(struct netlbl_lsm_secattr_catmap *catmap, u32 start, u32 end, gfp_t flags); + +/* + * LSM protocol operations + */ +int netlbl_enabled(void); +int netlbl_sock_setattr(struct sock *sk, + const struct netlbl_lsm_secattr *secattr); +int netlbl_sock_getattr(struct sock *sk, + struct netlbl_lsm_secattr *secattr); +int netlbl_skbuff_getattr(const struct sk_buff *skb, + struct netlbl_lsm_secattr *secattr); +void netlbl_skbuff_err(struct sk_buff *skb, int error); + +/* + * LSM label mapping cache operations + */ +void netlbl_cache_invalidate(void); +int netlbl_cache_add(const struct sk_buff *skb, + const struct netlbl_lsm_secattr *secattr); #else static inline int netlbl_secattr_catmap_walk( struct netlbl_lsm_secattr_catmap *catmap, @@ -301,14 +324,12 @@ static inline int netlbl_secattr_catmap_walk( { return -ENOENT; } - static inline int netlbl_secattr_catmap_walk_rng( struct netlbl_lsm_secattr_catmap *catmap, u32 offset) { return -ENOENT; } - static inline int netlbl_secattr_catmap_setbit( struct netlbl_lsm_secattr_catmap *catmap, u32 bit, @@ -316,7 +337,6 @@ static inline int netlbl_secattr_catmap_setbit( { return 0; } - static inline int netlbl_secattr_catmap_setrng( struct netlbl_lsm_secattr_catmap *catmap, u32 start, @@ -325,59 +345,33 @@ static inline int netlbl_secattr_catmap_setrng( { return 0; } -#endif - -/* - * LSM protocol operations - */ - -#ifdef CONFIG_NETLABEL -int netlbl_sock_setattr(struct sock *sk, - const struct netlbl_lsm_secattr *secattr); -int netlbl_sock_getattr(struct sock *sk, - struct netlbl_lsm_secattr *secattr); -int netlbl_skbuff_getattr(const struct sk_buff *skb, - struct netlbl_lsm_secattr *secattr); -void netlbl_skbuff_err(struct sk_buff *skb, int error); -#else +static inline int netlbl_enabled(void) +{ + return 0; +} static inline int netlbl_sock_setattr(struct sock *sk, const struct netlbl_lsm_secattr *secattr) { return -ENOSYS; } - static inline int netlbl_sock_getattr(struct sock *sk, struct netlbl_lsm_secattr *secattr) { return -ENOSYS; } - static inline int netlbl_skbuff_getattr(const struct sk_buff *skb, struct netlbl_lsm_secattr *secattr) { return -ENOSYS; } - static inline void netlbl_skbuff_err(struct sk_buff *skb, int error) { return; } -#endif /* CONFIG_NETLABEL */ - -/* - * LSM label mapping cache operations - */ - -#ifdef CONFIG_NETLABEL -void netlbl_cache_invalidate(void); -int netlbl_cache_add(const struct sk_buff *skb, - const struct netlbl_lsm_secattr *secattr); -#else static inline void netlbl_cache_invalidate(void) { return; } - static inline int netlbl_cache_add(const struct sk_buff *skb, const struct netlbl_lsm_secattr *secattr) { diff --git a/include/net/netlink.h b/include/net/netlink.h index d7b824be5422..9298218c07f9 100644 --- a/include/net/netlink.h +++ b/include/net/netlink.h @@ -84,7 +84,7 @@ * nla_next(nla)-----------------------------' * * Data Structures: - * struct nlattr netlink attribtue header + * struct nlattr netlink attribute header * * Attribute Construction: * nla_reserve(skb, type, len) reserve room for an attribute @@ -220,9 +220,9 @@ struct nl_info { u32 pid; }; -extern void netlink_run_queue(struct sock *sk, unsigned int *qlen, - int (*cb)(struct sk_buff *, - struct nlmsghdr *)); +extern int netlink_rcv_skb(struct sk_buff *skb, + int (*cb)(struct sk_buff *, + struct nlmsghdr *)); extern int nlmsg_notify(struct sock *sk, struct sk_buff *skb, u32 pid, unsigned int group, int report, gfp_t flags); @@ -667,6 +667,15 @@ static inline int nla_padlen(int payload) } /** + * nla_type - attribute type + * @nla: netlink attribute + */ +static inline int nla_type(const struct nlattr *nla) +{ + return nla->nla_type & NLA_TYPE_MASK; +} + +/** * nla_data - head of payload * @nla: netlink attribute */ @@ -697,7 +706,7 @@ static inline int nla_ok(const struct nlattr *nla, int remaining) } /** - * nla_next - next netlink attribte in attribute stream + * nla_next - next netlink attribute in attribute stream * @nla: netlink attribute * @remaining: number of bytes remaining in attribute stream * @@ -773,7 +782,7 @@ static inline int __nla_parse_nested_compat(struct nlattr *tb[], int maxtype, ({ data = nla_len(nla) >= len ? nla_data(nla) : NULL; \ __nla_parse_nested_compat(tb, maxtype, nla, policy, len); }) /** - * nla_put_u8 - Add a u16 netlink attribute to a socket buffer + * nla_put_u8 - Add a u8 netlink attribute to a socket buffer * @skb: socket buffer to add attribute to * @attrtype: attribute type * @value: numeric value @@ -989,7 +998,7 @@ static inline struct nlattr *nla_nest_start(struct sk_buff *skb, int attrtype) /** * nla_nest_end - Finalize nesting of attributes - * @skb: socket buffer the attribtues are stored in + * @skb: socket buffer the attributes are stored in * @start: container attribute * * Corrects the container attribute header to include the all @@ -1032,7 +1041,7 @@ static inline struct nlattr *nla_nest_compat_start(struct sk_buff *skb, /** * nla_nest_compat_end - Finalize nesting of compat attributes - * @skb: socket buffer the attribtues are stored in + * @skb: socket buffer the attributes are stored in * @start: container attribute * * Corrects the container attribute header to include the all diff --git a/include/net/pkt_cls.h b/include/net/pkt_cls.h index 7968b1d66369..f285de69c615 100644 --- a/include/net/pkt_cls.h +++ b/include/net/pkt_cls.h @@ -2,6 +2,7 @@ #define __NET_PKT_CLS_H #include <linux/pkt_cls.h> +#include <net/net_namespace.h> #include <net/sch_generic.h> #include <net/act_api.h> @@ -351,7 +352,7 @@ tcf_match_indev(struct sk_buff *skb, char *indev) if (indev[0]) { if (!skb->iif) return 0; - dev = __dev_get_by_index(skb->iif); + dev = __dev_get_by_index(&init_net, skb->iif); if (!dev || strcmp(indev, dev->name)) return 0; } diff --git a/include/net/pkt_sched.h b/include/net/pkt_sched.h index 9e22526e80e7..ab61809a9616 100644 --- a/include/net/pkt_sched.h +++ b/include/net/pkt_sched.h @@ -97,10 +97,9 @@ extern int tc_classify(struct sk_buff *skb, struct tcf_proto *tp, /* Calculate maximal size of packet seen by hard_start_xmit routine of this device. */ -static inline unsigned psched_mtu(struct net_device *dev) +static inline unsigned psched_mtu(const struct net_device *dev) { - unsigned mtu = dev->mtu; - return dev->hard_header ? mtu + dev->hard_header_len : mtu; + return dev->mtu + dev->hard_header_len; } #endif diff --git a/include/net/rose.h b/include/net/rose.h index a4047d3cf5dd..e5bb084d8754 100644 --- a/include/net/rose.h +++ b/include/net/rose.h @@ -188,7 +188,7 @@ extern void rose_kick(struct sock *); extern void rose_enquiry_response(struct sock *); /* rose_route.c */ -extern struct rose_neigh rose_loopback_neigh; +extern struct rose_neigh *rose_loopback_neigh; extern const struct file_operations rose_neigh_fops; extern const struct file_operations rose_nodes_fops; extern const struct file_operations rose_routes_fops; diff --git a/include/net/rtnetlink.h b/include/net/rtnetlink.h index 3861c05cdf0f..793863e09c69 100644 --- a/include/net/rtnetlink.h +++ b/include/net/rtnetlink.h @@ -78,6 +78,10 @@ extern void __rtnl_link_unregister(struct rtnl_link_ops *ops); extern int rtnl_link_register(struct rtnl_link_ops *ops); extern void rtnl_link_unregister(struct rtnl_link_ops *ops); +extern struct net_device *rtnl_create_link(struct net *net, char *ifname, + const struct rtnl_link_ops *ops, struct nlattr *tb[]); +extern const struct nla_policy ifla_policy[IFLA_MAX+1]; + #define MODULE_ALIAS_RTNL_LINK(kind) MODULE_ALIAS("rtnl-link-" kind) #endif diff --git a/include/net/sch_generic.h b/include/net/sch_generic.h index 8a67f24cbe02..a02ec9e5fea5 100644 --- a/include/net/sch_generic.h +++ b/include/net/sch_generic.h @@ -302,4 +302,18 @@ drop: return NET_XMIT_DROP; } +/* Length to Time (L2T) lookup in a qdisc_rate_table, to determine how + long it will take to send a packet given its size. + */ +static inline u32 qdisc_l2t(struct qdisc_rate_table* rtab, unsigned int pktlen) +{ + int slot = pktlen + rtab->rate.cell_align + rtab->rate.overhead; + if (slot < 0) + slot = 0; + slot >>= rtab->rate.cell_log; + if (slot > 255) + return (rtab->data[255]*(slot >> 8) + rtab->data[slot & 0xFF]); + return rtab->data[slot]; +} + #endif diff --git a/include/net/sctp/auth.h b/include/net/sctp/auth.h new file mode 100644 index 000000000000..4945954a16af --- /dev/null +++ b/include/net/sctp/auth.h @@ -0,0 +1,128 @@ +/* SCTP kernel reference Implementation + * (C) Copyright 2007 Hewlett-Packard Development Company, L.P. + * + * This file is part of the SCTP kernel reference Implementation + * + * The SCTP reference implementation is free software; + * you can redistribute it and/or modify it under the terms of + * the GNU General Public License as published by + * the Free Software Foundation; either version 2, or (at your option) + * any later version. + * + * The SCTP reference implementation is distributed in the hope that it + * will be useful, but WITHOUT ANY WARRANTY; without even the implied + * ************************ + * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * See the GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with GNU CC; see the file COPYING. If not, write to + * the Free Software Foundation, 59 Temple Place - Suite 330, + * Boston, MA 02111-1307, USA. + * + * Please send any bug reports or fixes you make to the + * email address(es): + * lksctp developers <lksctp-developers@lists.sourceforge.net> + * + * Or submit a bug report through the following website: + * http://www.sf.net/projects/lksctp + * + * Written or modified by: + * Vlad Yasevich <vladislav.yasevich@hp.com> + * + * Any bugs reported given to us we will try to fix... any fixes shared will + * be incorporated into the next SCTP release. + */ + +#ifndef __sctp_auth_h__ +#define __sctp_auth_h__ + +#include <linux/list.h> +#include <linux/crypto.h> + +struct sctp_endpoint; +struct sctp_association; +struct sctp_authkey; +struct sctp_hmacalgo; + +/* + * Define a generic struct that will hold all the info + * necessary for an HMAC transform + */ +struct sctp_hmac { + __u16 hmac_id; /* one of the above ids */ + char *hmac_name; /* name for loading */ + __u16 hmac_len; /* length of the signature */ +}; + +/* This is generic structure that containst authentication bytes used + * as keying material. It's a what is referred to as byte-vector all + * over SCTP-AUTH + */ +struct sctp_auth_bytes { + atomic_t refcnt; + __u32 len; + __u8 data[]; +}; + +/* Definition for a shared key, weather endpoint or association */ +struct sctp_shared_key { + struct list_head key_list; + __u16 key_id; + struct sctp_auth_bytes *key; +}; + +#define key_for_each(__key, __list_head) \ + list_for_each_entry(__key, __list_head, key_list) + +#define key_for_each_safe(__key, __tmp, __list_head) \ + list_for_each_entry_safe(__key, __tmp, __list_head, key_list) + +static inline void sctp_auth_key_hold(struct sctp_auth_bytes *key) +{ + if (!key) + return; + + atomic_inc(&key->refcnt); +} + +void sctp_auth_key_put(struct sctp_auth_bytes *key); +struct sctp_shared_key *sctp_auth_shkey_create(__u16 key_id, gfp_t gfp); +void sctp_auth_shkey_free(struct sctp_shared_key *sh_key); +void sctp_auth_destroy_keys(struct list_head *keys); +int sctp_auth_asoc_init_active_key(struct sctp_association *asoc, gfp_t gfp); +struct sctp_shared_key *sctp_auth_get_shkey( + const struct sctp_association *asoc, + __u16 key_id); +int sctp_auth_asoc_copy_shkeys(const struct sctp_endpoint *ep, + struct sctp_association *asoc, + gfp_t gfp); +int sctp_auth_init_hmacs(struct sctp_endpoint *ep, gfp_t gfp); +void sctp_auth_destroy_hmacs(struct crypto_hash *auth_hmacs[]); +struct sctp_hmac *sctp_auth_get_hmac(__u16 hmac_id); +struct sctp_hmac *sctp_auth_asoc_get_hmac(const struct sctp_association *asoc); +void sctp_auth_asoc_set_default_hmac(struct sctp_association *asoc, + struct sctp_hmac_algo_param *hmacs); +int sctp_auth_asoc_verify_hmac_id(const struct sctp_association *asoc, + __u16 hmac_id); +int sctp_auth_send_cid(sctp_cid_t chunk, const struct sctp_association *asoc); +int sctp_auth_recv_cid(sctp_cid_t chunk, const struct sctp_association *asoc); +void sctp_auth_calculate_hmac(const struct sctp_association *asoc, + struct sk_buff *skb, + struct sctp_auth_chunk *auth, gfp_t gfp); + +/* API Helpers */ +int sctp_auth_ep_add_chunkid(struct sctp_endpoint *ep, __u8 chunk_id); +int sctp_auth_ep_set_hmacs(struct sctp_endpoint *ep, + struct sctp_hmacalgo *hmacs); +int sctp_auth_set_key(struct sctp_endpoint *ep, + struct sctp_association *asoc, + struct sctp_authkey *auth_key); +int sctp_auth_set_active_key(struct sctp_endpoint *ep, + struct sctp_association *asoc, + __u16 key_id); +int sctp_auth_del_key_id(struct sctp_endpoint *ep, + struct sctp_association *asoc, + __u16 key_id); + +#endif diff --git a/include/net/sctp/command.h b/include/net/sctp/command.h index f56c8d695a82..b8733364557f 100644 --- a/include/net/sctp/command.h +++ b/include/net/sctp/command.h @@ -102,6 +102,7 @@ typedef enum { SCTP_CMD_SET_SK_ERR, /* Set sk_err */ SCTP_CMD_ASSOC_CHANGE, /* generate and send assoc_change event */ SCTP_CMD_ADAPTATION_IND, /* generate and send adaptation event */ + SCTP_CMD_ASSOC_SHKEY, /* generate the association shared keys */ SCTP_CMD_LAST } sctp_verb_t; diff --git a/include/net/sctp/constants.h b/include/net/sctp/constants.h index bb37724495a5..da8354e8e33c 100644 --- a/include/net/sctp/constants.h +++ b/include/net/sctp/constants.h @@ -64,12 +64,18 @@ enum { SCTP_DEFAULT_INSTREAMS = SCTP_MAX_STREAM }; #define SCTP_CID_MAX SCTP_CID_ASCONF_ACK #define SCTP_NUM_BASE_CHUNK_TYPES (SCTP_CID_BASE_MAX + 1) -#define SCTP_NUM_CHUNK_TYPES (SCTP_NUM_BASE_CHUNKTYPES + 2) #define SCTP_NUM_ADDIP_CHUNK_TYPES 2 #define SCTP_NUM_PRSCTP_CHUNK_TYPES 1 +#define SCTP_NUM_AUTH_CHUNK_TYPES 1 + +#define SCTP_NUM_CHUNK_TYPES (SCTP_NUM_BASE_CHUNK_TYPES + \ + SCTP_NUM_ADDIP_CHUNK_TYPES +\ + SCTP_NUM_PRSCTP_CHUNK_TYPES +\ + SCTP_NUM_AUTH_CHUNK_TYPES) + /* These are the different flavours of event. */ typedef enum { @@ -177,7 +183,9 @@ typedef enum { SCTP_IERROR_NO_DATA, SCTP_IERROR_BAD_STREAM, SCTP_IERROR_BAD_PORTS, - + SCTP_IERROR_AUTH_BAD_HMAC, + SCTP_IERROR_AUTH_BAD_KEYID, + SCTP_IERROR_PROTO_VIOLATION, } sctp_ierror_t; @@ -409,4 +417,45 @@ typedef enum { SCTP_LOWER_CWND_INACTIVE, } sctp_lower_cwnd_t; + +/* SCTP-AUTH Necessary constants */ + +/* SCTP-AUTH, Section 3.3 + * + * The following Table 2 shows the currently defined values for HMAC + * identifiers. + * + * +-----------------+--------------------------+ + * | HMAC Identifier | Message Digest Algorithm | + * +-----------------+--------------------------+ + * | 0 | Reserved | + * | 1 | SHA-1 defined in [8] | + * | 2 | Reserved | + * | 3 | SHA-256 defined in [8] | + * +-----------------+--------------------------+ + */ +enum { + SCTP_AUTH_HMAC_ID_RESERVED_0, + SCTP_AUTH_HMAC_ID_SHA1, + SCTP_AUTH_HMAC_ID_RESERVED_2, + SCTP_AUTH_HMAC_ID_SHA256 +}; + +#define SCTP_AUTH_HMAC_ID_MAX SCTP_AUTH_HMAC_ID_SHA256 +#define SCTP_AUTH_NUM_HMACS (SCTP_AUTH_HMAC_ID_SHA256 + 1) +#define SCTP_SHA1_SIG_SIZE 20 +#define SCTP_SHA256_SIG_SIZE 32 + +/* SCTP-AUTH, Section 3.2 + * The chunk types for INIT, INIT-ACK, SHUTDOWN-COMPLETE and AUTH chunks + * MUST NOT be listed in the CHUNKS parameter + */ +#define SCTP_NUM_NOAUTH_CHUNKS 4 +#define SCTP_AUTH_MAX_CHUNKS (SCTP_NUM_CHUNK_TYPES - SCTP_NUM_NOAUTH_CHUNKS) + +/* SCTP-AUTH Section 6.1 + * The RANDOM parameter MUST contain a 32 byte random number. + */ +#define SCTP_AUTH_RANDOM_LENGTH 32 + #endif /* __sctp_constants_h__ */ diff --git a/include/net/sctp/sctp.h b/include/net/sctp/sctp.h index 16baef4dab7e..119f5a1ed499 100644 --- a/include/net/sctp/sctp.h +++ b/include/net/sctp/sctp.h @@ -123,6 +123,7 @@ * sctp/protocol.c */ extern struct sock *sctp_get_ctl_sock(void); +extern void sctp_local_addr_free(struct rcu_head *head); extern int sctp_copy_local_addr_list(struct sctp_bind_addr *, sctp_scope_t, gfp_t gfp, int flags); @@ -190,6 +191,16 @@ void sctp_assocs_proc_exit(void); /* + * Module global variables + */ + + /* + * sctp/protocol.c + */ +extern struct kmem_cache *sctp_chunk_cachep __read_mostly; +extern struct kmem_cache *sctp_bucket_cachep __read_mostly; + +/* * Section: Macros, externs, and inlines */ @@ -330,6 +341,7 @@ extern atomic_t sctp_dbg_objcnt_bind_bucket; extern atomic_t sctp_dbg_objcnt_addr; extern atomic_t sctp_dbg_objcnt_ssnmap; extern atomic_t sctp_dbg_objcnt_datamsg; +extern atomic_t sctp_dbg_objcnt_keys; /* Macros to atomically increment/decrement objcnt counters. */ #define SCTP_DBG_OBJCNT_INC(name) \ @@ -458,6 +470,11 @@ static inline void sctp_skb_set_owner_r(struct sk_buff *skb, struct sock *sk) skb->sk = sk; skb->destructor = sctp_sock_rfree; atomic_add(event->rmem_len, &sk->sk_rmem_alloc); + /* + * This mimics the behavior of + * sk_stream_set_owner_r + */ + sk->sk_forward_alloc -= event->rmem_len; } /* Tests if the list has one and only one entry. */ diff --git a/include/net/sctp/sm.h b/include/net/sctp/sm.h index 73cb9943c8a8..bf2f5ed69c15 100644 --- a/include/net/sctp/sm.h +++ b/include/net/sctp/sm.h @@ -114,7 +114,6 @@ sctp_state_fn_t sctp_sf_do_4_C; sctp_state_fn_t sctp_sf_eat_data_6_2; sctp_state_fn_t sctp_sf_eat_data_fast_4_4; sctp_state_fn_t sctp_sf_eat_sack_6_2; -sctp_state_fn_t sctp_sf_tabort_8_4_8; sctp_state_fn_t sctp_sf_operr_notify; sctp_state_fn_t sctp_sf_t1_init_timer_expire; sctp_state_fn_t sctp_sf_t1_cookie_timer_expire; @@ -144,6 +143,7 @@ sctp_state_fn_t sctp_sf_do_asconf_ack; sctp_state_fn_t sctp_sf_do_9_2_reshutack; sctp_state_fn_t sctp_sf_eat_fwd_tsn; sctp_state_fn_t sctp_sf_eat_fwd_tsn_fast; +sctp_state_fn_t sctp_sf_eat_auth; /* Prototypes for primitive event state functions. */ sctp_state_fn_t sctp_sf_do_prm_asoc; @@ -214,7 +214,7 @@ struct sctp_chunk *sctp_make_shutdown_ack(const struct sctp_association *asoc, const struct sctp_chunk *); struct sctp_chunk *sctp_make_shutdown_complete(const struct sctp_association *, const struct sctp_chunk *); -void sctp_init_cause(struct sctp_chunk *, __be16 cause, const void *, size_t); +void sctp_init_cause(struct sctp_chunk *, __be16 cause, size_t); struct sctp_chunk *sctp_make_abort(const struct sctp_association *, const struct sctp_chunk *, const size_t hint); @@ -247,6 +247,9 @@ struct sctp_chunk *sctp_make_asconf_update_ip(struct sctp_association *, int, __be16); struct sctp_chunk *sctp_make_asconf_set_prim(struct sctp_association *asoc, union sctp_addr *addr); +int sctp_verify_asconf(const struct sctp_association *asoc, + struct sctp_paramhdr *param_hdr, void *chunk_end, + struct sctp_paramhdr **errp); struct sctp_chunk *sctp_process_asconf(struct sctp_association *asoc, struct sctp_chunk *asconf); int sctp_process_asconf_ack(struct sctp_association *asoc, @@ -254,6 +257,7 @@ int sctp_process_asconf_ack(struct sctp_association *asoc, struct sctp_chunk *sctp_make_fwdtsn(const struct sctp_association *asoc, __u32 new_cum_tsn, size_t nstreams, struct sctp_fwdtsn_skip *skiplist); +struct sctp_chunk *sctp_make_auth(const struct sctp_association *asoc); void sctp_chunk_assign_tsn(struct sctp_chunk *); void sctp_chunk_assign_ssn(struct sctp_chunk *); diff --git a/include/net/sctp/structs.h b/include/net/sctp/structs.h index ee4559b11302..ef892e00c833 100644 --- a/include/net/sctp/structs.h +++ b/include/net/sctp/structs.h @@ -64,6 +64,7 @@ #include <linux/skbuff.h> /* We need sk_buff_head. */ #include <linux/workqueue.h> /* We need tq_struct. */ #include <linux/sctp.h> /* We need sctp* header structs. */ +#include <net/sctp/auth.h> /* We need auth specific structs */ /* A convenience structure for handling sockaddr structures. * We should wean ourselves off this. @@ -196,8 +197,6 @@ extern struct sctp_globals { /* This is the sctp port control hash. */ int port_hashsize; - int port_rover; - spinlock_t port_alloc_lock; /* Protects port_rover. */ struct sctp_bind_hashbucket *port_hashtable; /* This is the global local address list. @@ -207,12 +206,18 @@ extern struct sctp_globals { * It is a list of sctp_sockaddr_entry. */ struct list_head local_addr_list; + + /* Lock that protects the local_addr_list writers */ + spinlock_t addr_list_lock; /* Flag to indicate if addip is enabled. */ int addip_enable; /* Flag to indicate if PR-SCTP is enabled. */ int prsctp_enable; + + /* Flag to idicate if SCTP-AUTH is enabled */ + int auth_enable; } sctp_globals; #define sctp_rto_initial (sctp_globals.rto_initial) @@ -242,8 +247,10 @@ extern struct sctp_globals { #define sctp_port_alloc_lock (sctp_globals.port_alloc_lock) #define sctp_port_hashtable (sctp_globals.port_hashtable) #define sctp_local_addr_list (sctp_globals.local_addr_list) +#define sctp_local_addr_lock (sctp_globals.addr_list_lock) #define sctp_addip_enable (sctp_globals.addip_enable) #define sctp_prsctp_enable (sctp_globals.prsctp_enable) +#define sctp_auth_enable (sctp_globals.auth_enable) /* SCTP Socket type: UDP or TCP style. */ typedef enum { @@ -393,6 +400,9 @@ struct sctp_cookie { __u32 adaptation_ind; + __u8 auth_random[sizeof(sctp_paramhdr_t) + SCTP_AUTH_RANDOM_LENGTH]; + __u8 auth_hmacs[SCTP_AUTH_NUM_HMACS + 2]; + __u8 auth_chunks[sizeof(sctp_paramhdr_t) + SCTP_AUTH_MAX_CHUNKS]; /* This is a shim for my peer's INIT packet, followed by * a copy of the raw address list of the association. @@ -417,6 +427,7 @@ struct sctp_signed_cookie { * internally. */ union sctp_addr_param { + struct sctp_paramhdr p; struct sctp_ipv4addr_param v4; struct sctp_ipv6addr_param v6; }; @@ -435,6 +446,10 @@ union sctp_params { struct sctp_ipv6addr_param *v6; union sctp_addr_param *addr; struct sctp_adaptation_ind_param *aind; + struct sctp_supported_ext_param *ext; + struct sctp_random_param *random; + struct sctp_chunks_param *chunks; + struct sctp_hmac_algo_param *hmac_algo; }; /* RFC 2960. Section 3.3.5 Heartbeat. @@ -673,6 +688,7 @@ struct sctp_chunk { struct sctp_errhdr *err_hdr; struct sctp_addiphdr *addip_hdr; struct sctp_fwdtsn_hdr *fwdtsn_hdr; + struct sctp_authhdr *auth_hdr; } subh; __u8 *chunk_end; @@ -706,6 +722,13 @@ struct sctp_chunk { */ struct sctp_transport *transport; + /* SCTP-AUTH: For the special case inbound processing of COOKIE-ECHO + * we need save a pointer to the AUTH chunk, since the SCTP-AUTH + * spec violates the principle premis that all chunks are processed + * in order. + */ + struct sk_buff *auth_chunk; + __u8 rtt_in_progress; /* Is this chunk used for RTT calculation? */ __u8 resent; /* Has this chunk ever been retransmitted. */ __u8 has_tsn; /* Does this chunk have a TSN yet? */ @@ -718,6 +741,7 @@ struct sctp_chunk { __s8 fast_retransmit; /* Is this chunk fast retransmitted? */ __u8 tsn_missing_report; /* Data chunk missing counter. */ __u8 data_accepted; /* At least 1 chunk in this packet accepted */ + __u8 auth; /* IN: was auth'ed | OUT: needs auth */ }; void sctp_chunk_hold(struct sctp_chunk *); @@ -736,8 +760,10 @@ const union sctp_addr *sctp_source(const struct sctp_chunk *chunk); /* This is a structure for holding either an IPv6 or an IPv4 address. */ struct sctp_sockaddr_entry { struct list_head list; + struct rcu_head rcu; union sctp_addr a; __u8 use_as_src; + __u8 valid; }; typedef struct sctp_chunk *(sctp_packet_phandler_t)(struct sctp_association *); @@ -765,16 +791,25 @@ struct sctp_packet { */ struct sctp_transport *transport; + /* pointer to the auth chunk for this packet */ + struct sctp_chunk *auth; + /* This packet contains a COOKIE-ECHO chunk. */ - char has_cookie_echo; + __u8 has_cookie_echo; + + /* This packet contains a SACK chunk. */ + __u8 has_sack; - /* This packet containsa SACK chunk. */ - char has_sack; + /* This packet contains an AUTH chunk */ + __u8 has_auth; + + /* This packet contains at least 1 DATA chunk */ + __u8 has_data; /* SCTP cannot fragment this packet. So let ip fragment it. */ - char ipfragok; + __u8 ipfragok; - int malloced; + __u8 malloced; }; struct sctp_packet *sctp_packet_init(struct sctp_packet *, @@ -1037,6 +1072,7 @@ void sctp_inq_init(struct sctp_inq *); void sctp_inq_free(struct sctp_inq *); void sctp_inq_push(struct sctp_inq *, struct sctp_chunk *packet); struct sctp_chunk *sctp_inq_pop(struct sctp_inq *); +struct sctp_chunkhdr *sctp_inq_peek(struct sctp_inq *); void sctp_inq_set_th_handler(struct sctp_inq *, work_func_t); /* This is the structure we use to hold outbound chunks. You push @@ -1148,7 +1184,9 @@ int sctp_bind_addr_copy(struct sctp_bind_addr *dest, int flags); int sctp_add_bind_addr(struct sctp_bind_addr *, union sctp_addr *, __u8 use_as_src, gfp_t gfp); -int sctp_del_bind_addr(struct sctp_bind_addr *, union sctp_addr *); +int sctp_del_bind_addr(struct sctp_bind_addr *, union sctp_addr *, + void fastcall (*rcu_call)(struct rcu_head *, + void (*func)(struct rcu_head *))); int sctp_bind_addr_match(struct sctp_bind_addr *, const union sctp_addr *, struct sctp_sock *); union sctp_addr *sctp_find_unmatch_addr(struct sctp_bind_addr *bp, @@ -1219,9 +1257,6 @@ struct sctp_ep_common { * bind_addr.address_list is our set of local IP addresses. */ struct sctp_bind_addr bind_addr; - - /* Protection during address list comparisons. */ - rwlock_t addr_lock; }; @@ -1284,6 +1319,21 @@ struct sctp_endpoint { /* rcvbuf acct. policy. */ __u32 rcvbuf_policy; + + /* SCTP AUTH: array of the HMACs that will be allocated + * we need this per association so that we don't serialize + */ + struct crypto_hash **auth_hmacs; + + /* SCTP-AUTH: hmacs for the endpoint encoded into parameter */ + struct sctp_hmac_algo_param *auth_hmacs_list; + + /* SCTP-AUTH: chunks to authenticate encoded into parameter */ + struct sctp_chunks_param *auth_chunk_list; + + /* SCTP-AUTH: endpoint shared keys */ + struct list_head endpoint_shared_keys; + __u16 active_key_id; }; /* Recover the outter endpoint structure. */ @@ -1490,6 +1540,8 @@ struct sctp_association { __u8 hostname_address;/* Peer understands DNS addresses? */ __u8 asconf_capable; /* Does peer support ADDIP? */ __u8 prsctp_capable; /* Can peer do PR-SCTP? */ + __u8 auth_capable; /* Is peer doing SCTP-AUTH? */ + __u8 addip_capable; /* Can peer do ADD-IP */ __u32 adaptation_ind; /* Adaptation Code point. */ @@ -1507,6 +1559,14 @@ struct sctp_association { * Initial TSN Value minus 1 */ __u32 addip_serial; + + /* SCTP-AUTH: We need to know pears random number, hmac list + * and authenticated chunk list. All that is part of the + * cookie and these are just pointers to those locations + */ + sctp_random_param_t *peer_random; + sctp_chunks_param_t *peer_chunks; + sctp_hmac_algo_param_t *peer_hmacs; } peer; /* State : A state variable indicating what state the @@ -1790,6 +1850,24 @@ struct sctp_association { */ __u32 addip_serial; + /* SCTP AUTH: list of the endpoint shared keys. These + * keys are provided out of band by the user applicaton + * and can't change during the lifetime of the association + */ + struct list_head endpoint_shared_keys; + + /* SCTP AUTH: + * The current generated assocaition shared key (secret) + */ + struct sctp_auth_bytes *asoc_shared_key; + + /* SCTP AUTH: hmac id of the first peer requested algorithm + * that we support. + */ + __u16 default_hmac_id; + + __u16 active_key_id; + /* Need to send an ECNE Chunk? */ char need_ecne; diff --git a/include/net/sctp/ulpevent.h b/include/net/sctp/ulpevent.h index de88ed5b0ba6..922a151eb93c 100644 --- a/include/net/sctp/ulpevent.h +++ b/include/net/sctp/ulpevent.h @@ -128,6 +128,10 @@ struct sctp_ulpevent *sctp_ulpevent_make_rcvmsg(struct sctp_association *asoc, struct sctp_chunk *chunk, gfp_t gfp); +struct sctp_ulpevent *sctp_ulpevent_make_authkey( + const struct sctp_association *asoc, __u16 key_id, + __u32 indication, gfp_t gfp); + void sctp_ulpevent_read_sndrcvinfo(const struct sctp_ulpevent *event, struct msghdr *); __u16 sctp_ulpevent_get_notification_type(const struct sctp_ulpevent *event); diff --git a/include/net/sctp/ulpqueue.h b/include/net/sctp/ulpqueue.h index 39ea3f442b47..cd33270e86dd 100644 --- a/include/net/sctp/ulpqueue.h +++ b/include/net/sctp/ulpqueue.h @@ -83,6 +83,7 @@ int sctp_clear_pd(struct sock *sk, struct sctp_association *asoc); /* Skip over an SSN. */ void sctp_ulpq_skip(struct sctp_ulpq *ulpq, __u16 sid, __u16 ssn); +void sctp_ulpq_reasm_flushtsn(struct sctp_ulpq *, __u32); #endif /* __sctp_ulpqueue_h__ */ diff --git a/include/net/sctp/user.h b/include/net/sctp/user.h index 6d2b57758cca..00848b641f59 100644 --- a/include/net/sctp/user.h +++ b/include/net/sctp/user.h @@ -103,6 +103,21 @@ enum sctp_optname { #define SCTP_PARTIAL_DELIVERY_POINT SCTP_PARTIAL_DELIVERY_POINT SCTP_MAX_BURST, /* Set/Get max burst */ #define SCTP_MAX_BURST SCTP_MAX_BURST + SCTP_AUTH_CHUNK, /* Set only: add a chunk type to authenticat */ +#define SCTP_AUTH_CHUNK SCTP_AUTH_CHUNK + SCTP_HMAC_IDENT, +#define SCTP_HMAC_IDENT SCTP_HMAC_IDENT + SCTP_AUTH_KEY, +#define SCTP_AUTH_KEY SCTP_AUTH_KEY + SCTP_AUTH_ACTIVE_KEY, +#define SCTP_AUTH_ACTIVE_KEY SCTP_AUTH_ACTIVE_KEY + SCTP_AUTH_DELETE_KEY, +#define SCTP_AUTH_DELETE_KEY SCTP_AUTH_DELETE_KEY + SCTP_PEER_AUTH_CHUNKS, /* Read only */ +#define SCTP_PEER_AUTH_CHUNKS SCTP_PEER_AUTH_CHUNKS + SCTP_LOCAL_AUTH_CHUNKS, /* Read only */ +#define SCTP_LOCAL_AUTH_CHUNKS SCTP_LOCAL_AUTH_CHUNKS + /* Internal Socket Options. Some of the sctp library functions are * implemented using these socket options. @@ -370,6 +385,19 @@ struct sctp_pdapi_event { enum { SCTP_PARTIAL_DELIVERY_ABORTED=0, }; +struct sctp_authkey_event { + __u16 auth_type; + __u16 auth_flags; + __u32 auth_length; + __u16 auth_keynumber; + __u16 auth_altkeynumber; + __u32 auth_indication; + sctp_assoc_t auth_assoc_id; +}; + +enum { SCTP_AUTH_NEWKEY = 0, }; + + /* * Described in Section 7.3 * Ancillary Data and Notification Interest Options @@ -405,6 +433,7 @@ union sctp_notification { struct sctp_shutdown_event sn_shutdown_event; struct sctp_adaptation_event sn_adaptation_event; struct sctp_pdapi_event sn_pdapi_event; + struct sctp_authkey_event sn_authkey_event; }; /* Section 5.3.1 @@ -421,6 +450,7 @@ enum sctp_sn_type { SCTP_SHUTDOWN_EVENT, SCTP_PARTIAL_DELIVERY_EVENT, SCTP_ADAPTATION_INDICATION, + SCTP_AUTHENTICATION_EVENT, }; /* Notification error codes used to fill up the error fields in some @@ -539,6 +569,54 @@ struct sctp_paddrparams { __u32 spp_flags; } __attribute__((packed, aligned(4))); +/* + * 7.1.18. Add a chunk that must be authenticated (SCTP_AUTH_CHUNK) + * + * This set option adds a chunk type that the user is requesting to be + * received only in an authenticated way. Changes to the list of chunks + * will only effect future associations on the socket. + */ +struct sctp_authchunk { + __u8 sauth_chunk; +}; + +/* + * 7.1.19. Get or set the list of supported HMAC Identifiers (SCTP_HMAC_IDENT) + * + * This option gets or sets the list of HMAC algorithms that the local + * endpoint requires the peer to use. +*/ +struct sctp_hmacalgo { + __u16 shmac_num_idents; + __u16 shmac_idents[]; +}; + +/* + * 7.1.20. Set a shared key (SCTP_AUTH_KEY) + * + * This option will set a shared secret key which is used to build an + * association shared key. + */ +struct sctp_authkey { + sctp_assoc_t sca_assoc_id; + __u16 sca_keynumber; + __u16 sca_keylen; + __u8 sca_key[]; +}; + +/* + * 7.1.21. Get or set the active shared key (SCTP_AUTH_ACTIVE_KEY) + * + * This option will get or set the active shared key to be used to build + * the association shared key. + */ + +struct sctp_authkeyid { + sctp_assoc_t scact_assoc_id; + __u16 scact_keynumber; +}; + + /* 7.1.23. Delayed Ack Timer (SCTP_DELAYED_ACK_TIME) * * This options will get or set the delayed ack timer. The time is set @@ -608,6 +686,18 @@ struct sctp_status { }; /* + * 7.2.3. Get the list of chunks the peer requires to be authenticated + * (SCTP_PEER_AUTH_CHUNKS) + * + * This option gets a list of chunks for a specified association that + * the peer requires to be received authenticated only. + */ +struct sctp_authchunks { + sctp_assoc_t gauth_assoc_id; + uint8_t gauth_chunks[]; +}; + +/* * 8.3, 8.5 get all peer/local addresses in an association. * This parameter struct is used by SCTP_GET_PEER_ADDRS and * SCTP_GET_LOCAL_ADDRS socket options used internally to implement diff --git a/include/net/snmp.h b/include/net/snmp.h index 464970e39ec0..ea206bff0dc4 100644 --- a/include/net/snmp.h +++ b/include/net/snmp.h @@ -82,12 +82,23 @@ struct icmp_mib { unsigned long mibs[ICMP_MIB_MAX]; } __SNMP_MIB_ALIGN__; +#define ICMPMSG_MIB_MAX __ICMPMSG_MIB_MAX +struct icmpmsg_mib { + unsigned long mibs[ICMPMSG_MIB_MAX]; +} __SNMP_MIB_ALIGN__; + /* ICMP6 (IPv6-ICMP) */ #define ICMP6_MIB_MAX __ICMP6_MIB_MAX struct icmpv6_mib { unsigned long mibs[ICMP6_MIB_MAX]; } __SNMP_MIB_ALIGN__; +#define ICMP6MSG_MIB_MAX __ICMP6MSG_MIB_MAX +struct icmpv6msg_mib { + unsigned long mibs[ICMP6MSG_MIB_MAX]; +} __SNMP_MIB_ALIGN__; + + /* TCP */ #define TCP_MIB_MAX __TCP_MIB_MAX struct tcp_mib { diff --git a/include/net/sock.h b/include/net/sock.h index dfeb8b13024f..453c79d0915b 100644 --- a/include/net/sock.h +++ b/include/net/sock.h @@ -40,6 +40,7 @@ #ifndef _SOCK_H #define _SOCK_H +#include <linux/kernel.h> #include <linux/list.h> #include <linux/timer.h> #include <linux/cache.h> @@ -55,6 +56,7 @@ #include <asm/atomic.h> #include <net/dst.h> #include <net/checksum.h> +#include <net/net_namespace.h> /* * This structure really needs to be cleaned up. @@ -75,10 +77,9 @@ * between user contexts and software interrupt processing, whereas the * mini-semaphore synchronizes multiple users amongst themselves. */ -struct sock_iocb; typedef struct { spinlock_t slock; - struct sock_iocb *owner; + int owned; wait_queue_head_t wq; /* * We express the mutex-alike socket_lock semantics @@ -105,6 +106,7 @@ struct proto; * @skc_refcnt: reference count * @skc_hash: hash value used with various protocol lookup tables * @skc_prot: protocol handlers inside a network family + * @skc_net: reference to the network namespace of this socket * * This is the minimal network layer representation of sockets, the header * for struct sock and struct inet_timewait_sock. @@ -119,6 +121,7 @@ struct sock_common { atomic_t skc_refcnt; unsigned int skc_hash; struct proto *skc_prot; + struct net *skc_net; }; /** @@ -195,6 +198,7 @@ struct sock { #define sk_refcnt __sk_common.skc_refcnt #define sk_hash __sk_common.skc_hash #define sk_prot __sk_common.skc_prot +#define sk_net __sk_common.skc_net unsigned char sk_shutdown : 2, sk_no_check : 2, sk_userlocks : 4; @@ -481,17 +485,17 @@ static inline void sk_add_backlog(struct sock *sk, struct sk_buff *skb) skb->next = NULL; } -#define sk_wait_event(__sk, __timeo, __condition) \ -({ int rc; \ - release_sock(__sk); \ - rc = __condition; \ - if (!rc) { \ - *(__timeo) = schedule_timeout(*(__timeo)); \ - } \ - lock_sock(__sk); \ - rc = __condition; \ - rc; \ -}) +#define sk_wait_event(__sk, __timeo, __condition) \ + ({ int __rc; \ + release_sock(__sk); \ + __rc = __condition; \ + if (!__rc) { \ + *(__timeo) = schedule_timeout(*(__timeo)); \ + } \ + lock_sock(__sk); \ + __rc = __condition; \ + __rc; \ + }) extern int sk_stream_wait_connect(struct sock *sk, long *timeo_p); extern int sk_stream_wait_memory(struct sock *sk, long *timeo_p); @@ -702,7 +706,7 @@ extern int sk_stream_mem_schedule(struct sock *sk, int size, int kind); static inline int sk_stream_pages(int amt) { - return (amt + SK_STREAM_MEM_QUANTUM - 1) / SK_STREAM_MEM_QUANTUM; + return DIV_ROUND_UP(amt, SK_STREAM_MEM_QUANTUM); } static inline void sk_stream_mem_reclaim(struct sock *sk) @@ -736,7 +740,7 @@ static inline int sk_stream_wmem_schedule(struct sock *sk, int size) * Since ~2.3.5 it is also exclusive sleep lock serializing * accesses from user process context. */ -#define sock_owned_by_user(sk) ((sk)->sk_lock.owner) +#define sock_owned_by_user(sk) ((sk)->sk_lock.owned) /* * Macro so as to not evaluate some arguments when @@ -747,7 +751,7 @@ static inline int sk_stream_wmem_schedule(struct sock *sk, int size) */ #define sock_lock_init_class_and_name(sk, sname, skey, name, key) \ do { \ - sk->sk_lock.owner = NULL; \ + sk->sk_lock.owned = 0; \ init_waitqueue_head(&sk->sk_lock.wq); \ spin_lock_init(&(sk)->sk_lock.slock); \ debug_check_no_locks_freed((void *)&(sk)->sk_lock, \ @@ -773,7 +777,7 @@ extern void FASTCALL(release_sock(struct sock *sk)); SINGLE_DEPTH_NESTING) #define bh_unlock_sock(__sk) spin_unlock(&((__sk)->sk_lock.slock)) -extern struct sock *sk_alloc(int family, +extern struct sock *sk_alloc(struct net *net, int family, gfp_t priority, struct proto *prot, int zero_it); extern void sk_free(struct sock *sk); @@ -1002,6 +1006,7 @@ static inline void sock_copy(struct sock *nsk, const struct sock *osk) #endif memcpy(nsk, osk, osk->sk_prot->obj_size); + get_net(nsk->sk_net); #ifdef CONFIG_SECURITY_NETWORK nsk->sk_security = sptr; security_sk_clone(osk, nsk); diff --git a/include/net/tc_act/tc_nat.h b/include/net/tc_act/tc_nat.h new file mode 100644 index 000000000000..4a691f34d703 --- /dev/null +++ b/include/net/tc_act/tc_nat.h @@ -0,0 +1,21 @@ +#ifndef __NET_TC_NAT_H +#define __NET_TC_NAT_H + +#include <linux/types.h> +#include <net/act_api.h> + +struct tcf_nat { + struct tcf_common common; + + __be32 old_addr; + __be32 new_addr; + __be32 mask; + u32 flags; +}; + +static inline struct tcf_nat *to_tcf_nat(struct tcf_common *pc) +{ + return container_of(pc, struct tcf_nat, common); +} + +#endif /* __NET_TC_NAT_H */ diff --git a/include/net/tcp.h b/include/net/tcp.h index a8af9ae00177..92049e681258 100644 --- a/include/net/tcp.h +++ b/include/net/tcp.h @@ -39,6 +39,7 @@ #include <net/snmp.h> #include <net/ip.h> #include <net/tcp_states.h> +#include <net/inet_ecn.h> #include <linux/seq_file.h> @@ -281,7 +282,7 @@ extern int tcp_v4_remember_stamp(struct sock *sk); extern int tcp_v4_tw_remember_stamp(struct inet_timewait_sock *tw); -extern int tcp_sendmsg(struct kiocb *iocb, struct sock *sk, +extern int tcp_sendmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t size); extern ssize_t tcp_sendpage(struct socket *sock, struct page *page, int offset, size_t size, int flags); @@ -330,6 +331,17 @@ static inline void tcp_clear_options(struct tcp_options_received *rx_opt) rx_opt->tstamp_ok = rx_opt->sack_ok = rx_opt->wscale_ok = rx_opt->snd_wscale = 0; } +#define TCP_ECN_OK 1 +#define TCP_ECN_QUEUE_CWR 2 +#define TCP_ECN_DEMAND_CWR 4 + +static __inline__ void +TCP_ECN_create_request(struct request_sock *req, struct tcphdr *th) +{ + if (sysctl_tcp_ecn && th->ece && th->cwr) + inet_rsk(req)->ecn_ok = 1; +} + enum tcp_tw_status { TCP_TW_SUCCESS = 0, @@ -573,8 +585,6 @@ struct tcp_skb_cb { #define TCP_SKB_CB(__skb) ((struct tcp_skb_cb *)&((__skb)->cb[0])) -#include <net/tcp_ecn.h> - /* Due to TSO, an SKB can be composed of multiple actual * packets. To keep these tracked properly, we use this. */ @@ -589,32 +599,19 @@ static inline int tcp_skb_mss(const struct sk_buff *skb) return skb_shinfo(skb)->gso_size; } -static inline void tcp_dec_pcount_approx(__u32 *count, - const struct sk_buff *skb) +static inline void tcp_dec_pcount_approx_int(__u32 *count, const int decr) { if (*count) { - *count -= tcp_skb_pcount(skb); + *count -= decr; if ((int)*count < 0) *count = 0; } } -static inline void tcp_packets_out_inc(struct sock *sk, - const struct sk_buff *skb) -{ - struct tcp_sock *tp = tcp_sk(sk); - int orig = tp->packets_out; - - tp->packets_out += tcp_skb_pcount(skb); - if (!orig) - inet_csk_reset_xmit_timer(sk, ICSK_TIME_RETRANS, - inet_csk(sk)->icsk_rto, TCP_RTO_MAX); -} - -static inline void tcp_packets_out_dec(struct tcp_sock *tp, - const struct sk_buff *skb) +static inline void tcp_dec_pcount_approx(__u32 *count, + const struct sk_buff *skb) { - tp->packets_out -= tcp_skb_pcount(skb); + tcp_dec_pcount_approx_int(count, tcp_skb_pcount(skb)); } /* Events passed to congestion control interface */ @@ -652,8 +649,7 @@ struct tcp_congestion_ops { /* lower bound for congestion window (optional) */ u32 (*min_cwnd)(const struct sock *sk); /* do new cwnd calculation (required) */ - void (*cong_avoid)(struct sock *sk, u32 ack, - u32 rtt, u32 in_flight, int good_ack); + void (*cong_avoid)(struct sock *sk, u32 ack, u32 in_flight, int good_ack); /* call before changing ca_state (optional) */ void (*set_state)(struct sock *sk, u8 new_state); /* call when cwnd event occurs (optional) */ @@ -661,7 +657,7 @@ struct tcp_congestion_ops { /* new value of cwnd after loss (optional) */ u32 (*undo_cwnd)(struct sock *sk); /* hook for packet ack accounting (optional) */ - void (*pkts_acked)(struct sock *sk, u32 num_acked, ktime_t last); + void (*pkts_acked)(struct sock *sk, u32 num_acked, s32 rtt_us); /* get info for inet_diag (optional) */ void (*get_info)(struct sock *sk, u32 ext, struct sk_buff *skb); @@ -684,8 +680,7 @@ extern void tcp_slow_start(struct tcp_sock *tp); extern struct tcp_congestion_ops tcp_init_congestion_ops; extern u32 tcp_reno_ssthresh(struct sock *sk); -extern void tcp_reno_cong_avoid(struct sock *sk, u32 ack, - u32 rtt, u32 in_flight, int flag); +extern void tcp_reno_cong_avoid(struct sock *sk, u32 ack, u32 in_flight, int flag); extern u32 tcp_reno_min_cwnd(const struct sock *sk); extern struct tcp_congestion_ops tcp_reno; @@ -706,6 +701,39 @@ static inline void tcp_ca_event(struct sock *sk, const enum tcp_ca_event event) icsk->icsk_ca_ops->cwnd_event(sk, event); } +/* These functions determine how the current flow behaves in respect of SACK + * handling. SACK is negotiated with the peer, and therefore it can vary + * between different flows. + * + * tcp_is_sack - SACK enabled + * tcp_is_reno - No SACK + * tcp_is_fack - FACK enabled, implies SACK enabled + */ +static inline int tcp_is_sack(const struct tcp_sock *tp) +{ + return tp->rx_opt.sack_ok; +} + +static inline int tcp_is_reno(const struct tcp_sock *tp) +{ + return !tcp_is_sack(tp); +} + +static inline int tcp_is_fack(const struct tcp_sock *tp) +{ + return tp->rx_opt.sack_ok & 2; +} + +static inline void tcp_enable_fack(struct tcp_sock *tp) +{ + tp->rx_opt.sack_ok |= 2; +} + +static inline unsigned int tcp_left_out(const struct tcp_sock *tp) +{ + return tp->sacked_out + tp->lost_out; +} + /* This determines how many packets are "in the network" to the best * of our knowledge. In many cases it is conservative, but where * detailed information is available from the receiver (via SACK @@ -722,7 +750,7 @@ static inline void tcp_ca_event(struct sock *sk, const enum tcp_ca_event event) */ static inline unsigned int tcp_packets_in_flight(const struct tcp_sock *tp) { - return (tp->packets_out - tp->left_out + tp->retrans_out); + return tp->packets_out - tcp_left_out(tp) + tp->retrans_out; } /* If cwnd > ssthresh, we may raise ssthresh to be half-way to cwnd. @@ -740,12 +768,8 @@ static inline __u32 tcp_current_ssthresh(const struct sock *sk) (tp->snd_cwnd >> 2))); } -static inline void tcp_sync_left_out(struct tcp_sock *tp) -{ - BUG_ON(tp->rx_opt.sack_ok && - (tp->sacked_out + tp->lost_out > tp->packets_out)); - tp->left_out = tp->sacked_out + tp->lost_out; -} +/* Use define here intentionally to get WARN_ON location shown at the caller */ +#define tcp_verify_left_out(tp) WARN_ON(tcp_left_out(tp) > tp->packets_out) extern void tcp_enter_cwr(struct sock *sk, const int set_ssthresh); extern __u32 tcp_init_cwnd(struct tcp_sock *tp, struct dst_entry *dst); @@ -1042,12 +1066,18 @@ static inline void tcp_mib_init(void) TCP_ADD_STATS_USER(TCP_MIB_MAXCONN, -1); } -/*from STCP */ -static inline void clear_all_retrans_hints(struct tcp_sock *tp){ +/* from STCP */ +static inline void tcp_clear_retrans_hints_partial(struct tcp_sock *tp) +{ tp->lost_skb_hint = NULL; tp->scoreboard_skb_hint = NULL; tp->retransmit_skb_hint = NULL; tp->forward_skb_hint = NULL; +} + +static inline void tcp_clear_all_retrans_hints(struct tcp_sock *tp) +{ + tcp_clear_retrans_hints_partial(tp); tp->fastpath_skb_hint = NULL; } @@ -1061,14 +1091,12 @@ struct tcp_md5sig_key { }; struct tcp4_md5sig_key { - u8 *key; - u16 keylen; + struct tcp_md5sig_key base; __be32 addr; }; struct tcp6_md5sig_key { - u8 *key; - u16 keylen; + struct tcp_md5sig_key base; #if 0 u32 scope_id; /* XXX */ #endif diff --git a/include/net/tcp_ecn.h b/include/net/tcp_ecn.h deleted file mode 100644 index 89eb3e05116d..000000000000 --- a/include/net/tcp_ecn.h +++ /dev/null @@ -1,130 +0,0 @@ -#ifndef _NET_TCP_ECN_H_ -#define _NET_TCP_ECN_H_ 1 - -#include <net/inet_ecn.h> -#include <net/request_sock.h> - -#define TCP_HP_BITS (~(TCP_RESERVED_BITS|TCP_FLAG_PSH)) - -#define TCP_ECN_OK 1 -#define TCP_ECN_QUEUE_CWR 2 -#define TCP_ECN_DEMAND_CWR 4 - -static inline void TCP_ECN_queue_cwr(struct tcp_sock *tp) -{ - if (tp->ecn_flags&TCP_ECN_OK) - tp->ecn_flags |= TCP_ECN_QUEUE_CWR; -} - - -/* Output functions */ - -static inline void TCP_ECN_send_synack(struct tcp_sock *tp, - struct sk_buff *skb) -{ - TCP_SKB_CB(skb)->flags &= ~TCPCB_FLAG_CWR; - if (!(tp->ecn_flags&TCP_ECN_OK)) - TCP_SKB_CB(skb)->flags &= ~TCPCB_FLAG_ECE; -} - -static inline void TCP_ECN_send_syn(struct sock *sk, struct sk_buff *skb) -{ - struct tcp_sock *tp = tcp_sk(sk); - - tp->ecn_flags = 0; - if (sysctl_tcp_ecn) { - TCP_SKB_CB(skb)->flags |= TCPCB_FLAG_ECE|TCPCB_FLAG_CWR; - tp->ecn_flags = TCP_ECN_OK; - } -} - -static __inline__ void -TCP_ECN_make_synack(struct request_sock *req, struct tcphdr *th) -{ - if (inet_rsk(req)->ecn_ok) - th->ece = 1; -} - -static inline void TCP_ECN_send(struct sock *sk, struct sk_buff *skb, - int tcp_header_len) -{ - struct tcp_sock *tp = tcp_sk(sk); - - if (tp->ecn_flags & TCP_ECN_OK) { - /* Not-retransmitted data segment: set ECT and inject CWR. */ - if (skb->len != tcp_header_len && - !before(TCP_SKB_CB(skb)->seq, tp->snd_nxt)) { - INET_ECN_xmit(sk); - if (tp->ecn_flags&TCP_ECN_QUEUE_CWR) { - tp->ecn_flags &= ~TCP_ECN_QUEUE_CWR; - tcp_hdr(skb)->cwr = 1; - skb_shinfo(skb)->gso_type |= SKB_GSO_TCP_ECN; - } - } else { - /* ACK or retransmitted segment: clear ECT|CE */ - INET_ECN_dontxmit(sk); - } - if (tp->ecn_flags & TCP_ECN_DEMAND_CWR) - tcp_hdr(skb)->ece = 1; - } -} - -/* Input functions */ - -static inline void TCP_ECN_accept_cwr(struct tcp_sock *tp, struct sk_buff *skb) -{ - if (tcp_hdr(skb)->cwr) - tp->ecn_flags &= ~TCP_ECN_DEMAND_CWR; -} - -static inline void TCP_ECN_withdraw_cwr(struct tcp_sock *tp) -{ - tp->ecn_flags &= ~TCP_ECN_DEMAND_CWR; -} - -static inline void TCP_ECN_check_ce(struct tcp_sock *tp, struct sk_buff *skb) -{ - if (tp->ecn_flags&TCP_ECN_OK) { - if (INET_ECN_is_ce(TCP_SKB_CB(skb)->flags)) - tp->ecn_flags |= TCP_ECN_DEMAND_CWR; - /* Funny extension: if ECT is not set on a segment, - * it is surely retransmit. It is not in ECN RFC, - * but Linux follows this rule. */ - else if (INET_ECN_is_not_ect((TCP_SKB_CB(skb)->flags))) - tcp_enter_quickack_mode((struct sock *)tp); - } -} - -static inline void TCP_ECN_rcv_synack(struct tcp_sock *tp, struct tcphdr *th) -{ - if ((tp->ecn_flags&TCP_ECN_OK) && (!th->ece || th->cwr)) - tp->ecn_flags &= ~TCP_ECN_OK; -} - -static inline void TCP_ECN_rcv_syn(struct tcp_sock *tp, struct tcphdr *th) -{ - if ((tp->ecn_flags&TCP_ECN_OK) && (!th->ece || !th->cwr)) - tp->ecn_flags &= ~TCP_ECN_OK; -} - -static inline int TCP_ECN_rcv_ecn_echo(struct tcp_sock *tp, struct tcphdr *th) -{ - if (th->ece && !th->syn && (tp->ecn_flags&TCP_ECN_OK)) - return 1; - return 0; -} - -static inline void TCP_ECN_openreq_child(struct tcp_sock *tp, - struct request_sock *req) -{ - tp->ecn_flags = inet_rsk(req)->ecn_ok ? TCP_ECN_OK : 0; -} - -static __inline__ void -TCP_ECN_create_request(struct request_sock *req, struct tcphdr *th) -{ - if (sysctl_tcp_ecn && th->ece && th->cwr) - inet_rsk(req)->ecn_ok = 1; -} - -#endif diff --git a/include/net/veth.h b/include/net/veth.h new file mode 100644 index 000000000000..3354c1eb424e --- /dev/null +++ b/include/net/veth.h @@ -0,0 +1,12 @@ +#ifndef __NET_VETH_H_ +#define __NET_VETH_H_ + +enum { + VETH_INFO_UNSPEC, + VETH_INFO_PEER, + + __VETH_INFO_MAX +#define VETH_INFO_MAX (__VETH_INFO_MAX - 1) +}; + +#endif diff --git a/include/net/wext.h b/include/net/wext.h index c02b8decf3af..80b31d826b7a 100644 --- a/include/net/wext.h +++ b/include/net/wext.h @@ -5,16 +5,23 @@ * wireless extensions interface to the core code */ +struct net; + #ifdef CONFIG_WIRELESS_EXT -extern int wext_proc_init(void); -extern int wext_handle_ioctl(struct ifreq *ifr, unsigned int cmd, +extern int wext_proc_init(struct net *net); +extern void wext_proc_exit(struct net *net); +extern int wext_handle_ioctl(struct net *net, struct ifreq *ifr, unsigned int cmd, void __user *arg); #else -static inline int wext_proc_init(void) +static inline int wext_proc_init(struct net *net) { return 0; } -static inline int wext_handle_ioctl(struct ifreq *ifr, unsigned int cmd, +static inline void wext_proc_exit(struct net *net) +{ + return; +} +static inline int wext_handle_ioctl(struct net *net, struct ifreq *ifr, unsigned int cmd, void __user *arg) { return -EINVAL; diff --git a/include/net/xfrm.h b/include/net/xfrm.h index ae959e950174..77be396ca633 100644 --- a/include/net/xfrm.h +++ b/include/net/xfrm.h @@ -2,7 +2,6 @@ #define _NET_XFRM_H #include <linux/compiler.h> -#include <linux/in.h> #include <linux/xfrm.h> #include <linux/spinlock.h> #include <linux/list.h> @@ -12,9 +11,11 @@ #include <linux/ipsec.h> #include <linux/in6.h> #include <linux/mutex.h> +#include <linux/audit.h> #include <net/sock.h> #include <net/dst.h> +#include <net/ip.h> #include <net/route.h> #include <net/ipv6.h> #include <net/ip6_fib.h> @@ -278,6 +279,7 @@ struct xfrm_type __u8 proto; __u8 flags; #define XFRM_TYPE_NON_FRAGMENT 1 +#define XFRM_TYPE_REPLAY_PROT 2 int (*init_state)(struct xfrm_state *x); void (*destructor)(struct xfrm_state *); @@ -298,6 +300,18 @@ extern void xfrm_put_type(struct xfrm_type *type); struct xfrm_mode { int (*input)(struct xfrm_state *x, struct sk_buff *skb); + + /* + * Add encapsulation header. + * + * On exit, the transport header will be set to the start of the + * encapsulation header to be filled in by x->type->output and + * the mac header will be set to the nextheader (protocol for + * IPv4) field of the extension header directly preceding the + * encapsulation header, or in its absence, that of the top IP + * header. The value of the network header will always point + * to the top IP header while skb->data will point to the payload. + */ int (*output)(struct xfrm_state *x,struct sk_buff *skb); struct module *owner; @@ -418,18 +432,66 @@ extern int xfrm_unregister_km(struct xfrm_mgr *km); extern unsigned int xfrm_policy_count[XFRM_POLICY_MAX*2]; +/* + * This structure is used for the duration where packets are being + * transformed by IPsec. As soon as the packet leaves IPsec the + * area beyond the generic IP part may be overwritten. + */ +struct xfrm_skb_cb { + union { + struct inet_skb_parm h4; + struct inet6_skb_parm h6; + } header; + + /* Sequence number for replay protection. */ + u64 seq; +}; + +#define XFRM_SKB_CB(__skb) ((struct xfrm_skb_cb *)&((__skb)->cb[0])) + /* Audit Information */ struct xfrm_audit { - uid_t loginuid; + u32 loginuid; u32 secid; }; #ifdef CONFIG_AUDITSYSCALL -extern void xfrm_audit_log(uid_t auid, u32 secid, int type, int result, - struct xfrm_policy *xp, struct xfrm_state *x); +static inline struct audit_buffer *xfrm_audit_start(u32 auid, u32 sid) +{ + struct audit_buffer *audit_buf = NULL; + char *secctx; + u32 secctx_len; + + audit_buf = audit_log_start(current->audit_context, GFP_ATOMIC, + AUDIT_MAC_IPSEC_EVENT); + if (audit_buf == NULL) + return NULL; + + audit_log_format(audit_buf, "auid=%u", auid); + + if (sid != 0 && + security_secid_to_secctx(sid, &secctx, &secctx_len) == 0) { + audit_log_format(audit_buf, " subj=%s", secctx); + security_release_secctx(secctx, secctx_len); + } else + audit_log_task_context(audit_buf); + return audit_buf; +} + +extern void xfrm_audit_policy_add(struct xfrm_policy *xp, int result, + u32 auid, u32 sid); +extern void xfrm_audit_policy_delete(struct xfrm_policy *xp, int result, + u32 auid, u32 sid); +extern void xfrm_audit_state_add(struct xfrm_state *x, int result, + u32 auid, u32 sid); +extern void xfrm_audit_state_delete(struct xfrm_state *x, int result, + u32 auid, u32 sid); #else -#define xfrm_audit_log(a,s,t,r,p,x) do { ; } while (0) +#define xfrm_audit_policy_add(x, r, a, s) do { ; } while (0) +#define xfrm_audit_policy_delete(x, r, a, s) do { ; } while (0) +#define xfrm_audit_state_add(x, r, a, s) do { ; } while (0) +#define xfrm_audit_state_delete(x, r, a, s) do { ; } while (0) #endif /* CONFIG_AUDITSYSCALL */ static inline void xfrm_pol_hold(struct xfrm_policy *policy) @@ -585,7 +647,6 @@ static inline int xfrm_sec_ctx_match(struct xfrm_sec_ctx *s1, struct xfrm_sec_ct struct xfrm_dst { union { - struct xfrm_dst *next; struct dst_entry dst; struct rtable rt; struct rt6_info rt6; @@ -982,9 +1043,9 @@ extern void xfrm_spd_getinfo(struct xfrmk_spdinfo *si); extern int xfrm_replay_check(struct xfrm_state *x, __be32 seq); extern void xfrm_replay_advance(struct xfrm_state *x, __be32 seq); extern void xfrm_replay_notify(struct xfrm_state *x, int event); -extern int xfrm_state_check(struct xfrm_state *x, struct sk_buff *skb); extern int xfrm_state_mtu(struct xfrm_state *x, int mtu); extern int xfrm_init_state(struct xfrm_state *x); +extern int xfrm_output(struct sk_buff *skb); extern int xfrm4_rcv(struct sk_buff *skb); extern int xfrm4_output(struct sk_buff *skb); extern int xfrm4_tunnel_register(struct xfrm_tunnel *handler, unsigned short family); @@ -1035,7 +1096,7 @@ struct xfrm_policy *xfrm_policy_bysel_ctx(u8 type, int dir, struct xfrm_policy *xfrm_policy_byid(u8, int dir, u32 id, int delete, int *err); int xfrm_policy_flush(u8 type, struct xfrm_audit *audit_info); u32 xfrm_get_acqseq(void); -void xfrm_alloc_spi(struct xfrm_state *x, __be32 minspi, __be32 maxspi); +extern int xfrm_alloc_spi(struct xfrm_state *x, u32 minspi, u32 maxspi); struct xfrm_state * xfrm_find_acq(u8 mode, u32 reqid, u8 proto, xfrm_address_t *daddr, xfrm_address_t *saddr, int create, unsigned short family); @@ -1114,12 +1175,6 @@ static inline int xfrm_aevent_is_on(void) return ret; } -static inline void xfrm_aevent_doreplay(struct xfrm_state *x) -{ - if (xfrm_aevent_is_on()) - xfrm_replay_notify(x, XFRM_REPLAY_UPDATE); -} - #ifdef CONFIG_XFRM_MIGRATE static inline struct xfrm_algo *xfrm_algo_clone(struct xfrm_algo *orig) { |