Merge "msm: net: Add support to packet threshold events."

extern unsigned int nf_conntrack_htable_size;

extern seqcount_t nf_conntrack_generation;

extern unsigned int nf_conntrack_max;

#ifdef CONFIG_ENABLE_SFE

extern unsigned int nf_conntrack_pkt_threshold;

#endif

/* must be called with rcu read lock held */

static inline void

	IPCT_LABEL,		/* new connlabel has been set */

	IPCT_SYNPROXY,		/* synproxy has been set */

#ifdef __KERNEL__

	IPCT_COUNTER,		/* Packet counters have matched. */

	__IPCT_MAX

#endif

};

#define IPCT_COUNTER IPCT_COUNTER

enum ip_conntrack_expect_events {

	IPEXP_NEW,		/* new expectation */

	IPEXP_DESTROY,		/* destroyed expectation */

unsigned int nf_conntrack_max __read_mostly;

EXPORT_SYMBOL_GPL(nf_conntrack_max);

seqcount_t nf_conntrack_generation __read_mostly;

#ifdef CONFIG_ENABLE_SFE

unsigned int nf_conntrack_pkt_threshold __read_mostly;

EXPORT_SYMBOL(nf_conntrack_pkt_threshold);

#endif

static unsigned int nf_conntrack_hash_rnd __read_mostly;

static u32 hash_conntrack_raw(const struct nf_conntrack_tuple *tuple,

			  u32 extra_jiffies,

			  bool do_acct)

{

#if defined(CONFIG_IP_NF_TARGET_NATTYPE_MODULE)

	bool (*nattype_ref_timer)

		(unsigned long nattype,

		unsigned long timeout_value);

#endif

#ifdef CONFIG_ENABLE_SFE

	struct nf_conn_acct *acct;

	u64 pkts;

#endif

	/* Only update if this is not a fixed timeout */

	if (test_bit(IPS_FIXED_TIMEOUT_BIT, &ct->status))

		goto acct;

#endif

acct:

#ifdef CONFIG_ENABLE_SFE

	if (do_acct) {

		acct = nf_conn_acct_find(ct);

		if (acct) {

			struct nf_conn_counter *counter = acct->counter;

			atomic64_inc(&counter[CTINFO2DIR(ctinfo)].packets);

			atomic64_add(skb->len, &counter

					[CTINFO2DIR(ctinfo)].bytes);

			pkts =

			atomic64_read(&counter[CTINFO2DIR(ctinfo)].packets) +

			atomic64_read(&counter[!CTINFO2DIR(ctinfo)].packets);

			/* Report if the packet threshold is reached. */

			if (nf_conntrack_pkt_threshold > 0 &&

			    pkts == nf_conntrack_pkt_threshold) {

				nf_conntrack_event_cache(IPCT_COUNTER, ct);

				nf_conntrack_event_cache(IPCT_PROTOINFO, ct);

				nf_ct_deliver_cached_events(ct);

			}

		}

	}

#else

	if (do_acct)

		nf_ct_acct_update(ct, ctinfo, skb->len);

#endif

}

EXPORT_SYMBOL_GPL(__nf_ct_refresh_acct);

		if (events & (1 << IPCT_SYNPROXY) &&

		    ctnetlink_dump_ct_synproxy(skb, ct) < 0)

#ifdef CONFIG_ENABLE_SFE

		if (events & (1 << IPCT_COUNTER) &&

		    ctnetlink_dump_acct(skb, ct, 0) < 0)

#endif

			goto nla_put_failure;

	}

	NF_SYSCTL_CT_EXPECT_MAX,

	NF_SYSCTL_CT_ACCT,

	NF_SYSCTL_CT_HELPER,

#ifdef CONFIG_ENABLE_SFE

	NF_SYSCTL_CT_PKT_THRESHOLD,

#endif

#ifdef CONFIG_NF_CONNTRACK_EVENTS

	NF_SYSCTL_CT_EVENTS,

#endif

		.extra1 	= SYSCTL_ZERO,

		.extra2 	= SYSCTL_ONE,

	},

#ifdef CONFIG_ENABLE_SFE

	[NF_SYSCTL_CT_PKT_THRESHOLD] = {

		.procname	= "nf_conntrack_pkt_threshold",

		.data		= &nf_conntrack_pkt_threshold,

		.maxlen		= sizeof(int),

		.mode		= 0644,

		.proc_handler	= proc_dointvec,

	},

#endif

#ifdef CONFIG_NF_CONNTRACK_EVENTS

	[NF_SYSCTL_CT_EVENTS] = {

		.procname	= "nf_conntrack_events",