Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/kaber/nf-next-2.6 (31111c26) · Commits · e / devices / android_kernel_oneplus_sm7250

Documentation/feature-removal-schedule.txt

+9 −0

Original line number	Diff line number	Diff line
		@@ -637,3 +637,12 @@ Why: The original implementation of memsw feature enabled by
		Who: Michal Hocko <mhocko@suse.cz>

		----------------------------

		What: ipt_addrtype match include file
		When: 2012
		Why: superseded by xt_addrtype
		Who: Florian Westphal <fw@strlen.de>
		Files: include/linux/netfilter_ipv4/ipt_addrtype.h
		>>>>>>> 2f5dc63123905a89d4260ab8ee08d19ec104db04

		----------------------------

include/linux/netfilter/Kbuild

+1 −0

Original line number	Diff line number	Diff line
		@@ -29,6 +29,7 @@ header-y += xt_TCPMSS.h
		header-y += xt_TCPOPTSTRIP.h
		header-y += xt_TEE.h
		header-y += xt_TPROXY.h
		header-y += xt_addrtype.h
		header-y += xt_cluster.h
		header-y += xt_comment.h
		header-y += xt_connbytes.h

include/linux/netfilter/xt_addrtype.h

0 → 100644

+44 −0

Original line number	Diff line number	Diff line
		#ifndef _XT_ADDRTYPE_H
		#define _XT_ADDRTYPE_H

		#include <linux/types.h>

		enum {
		XT_ADDRTYPE_INVERT_SOURCE = 0x0001,
		XT_ADDRTYPE_INVERT_DEST = 0x0002,
		XT_ADDRTYPE_LIMIT_IFACE_IN = 0x0004,
		XT_ADDRTYPE_LIMIT_IFACE_OUT = 0x0008,
		};


		/* rtn_type enum values from rtnetlink.h, but shifted */
		enum {
		XT_ADDRTYPE_UNSPEC = 1 << 0,
		XT_ADDRTYPE_UNICAST = 1 << 1, /* 1 << RTN_UNICAST */
		XT_ADDRTYPE_LOCAL = 1 << 2, /* 1 << RTN_LOCAL, etc */
		XT_ADDRTYPE_BROADCAST = 1 << 3,
		XT_ADDRTYPE_ANYCAST = 1 << 4,
		XT_ADDRTYPE_MULTICAST = 1 << 5,
		XT_ADDRTYPE_BLACKHOLE = 1 << 6,
		XT_ADDRTYPE_UNREACHABLE = 1 << 7,
		XT_ADDRTYPE_PROHIBIT = 1 << 8,
		XT_ADDRTYPE_THROW = 1 << 9,
		XT_ADDRTYPE_NAT = 1 << 10,
		XT_ADDRTYPE_XRESOLVE = 1 << 11,
		};

		struct xt_addrtype_info_v1 {
		__u16 source; /* source-type mask */
		__u16 dest; /* dest-type mask */
		__u32 flags;
		};

		/* revision 0 */
		struct xt_addrtype_info {
		__u16 source; /* source-type mask */
		__u16 dest; /* dest-type mask */
		__u32 invert_source;
		__u32 invert_dest;
		};

		#endif

include/net/ip_vs.h

+179 −19

Original line number	Diff line number	Diff line
		@@ -374,24 +374,9 @@ struct ip_vs_stats {
		struct ip_vs_estimator est; /* estimator */
		struct ip_vs_cpu_stats cpustats; / per cpu counters */
		spinlock_t lock; /* spin lock */
		struct ip_vs_stats_user ustats0; /* reset values */
		};

		/*
		* Helper Macros for per cpu
		* ipvs->tot_stats->ustats.count
		*/
		#define IPVS_STAT_INC(ipvs, count) \
		__this_cpu_inc((ipvs)->ustats->count)

		#define IPVS_STAT_ADD(ipvs, count, value) \
		do {\
		write_seqcount_begin(per_cpu_ptr((ipvs)->ustats_seq, \
		raw_smp_processor_id())); \
		__this_cpu_add((ipvs)->ustats->count, value); \
		write_seqcount_end(per_cpu_ptr((ipvs)->ustats_seq, \
		raw_smp_processor_id())); \
		} while (0)

		struct dst_entry;
		struct iphdr;
		struct ip_vs_conn;
		@@ -803,6 +788,171 @@ struct ip_vs_app {
		void (timeout_change)(struct ip_vs_app app, int flags);
		};

		/* IPVS in network namespace */
		struct netns_ipvs {
		int gen; /* Generation */
		/*
		* Hash table: for real service lookups
		*/
		#define IP_VS_RTAB_BITS 4
		#define IP_VS_RTAB_SIZE (1 << IP_VS_RTAB_BITS)
		#define IP_VS_RTAB_MASK (IP_VS_RTAB_SIZE - 1)

		struct list_head rs_table[IP_VS_RTAB_SIZE];
		/* ip_vs_app */
		struct list_head app_list;
		struct mutex app_mutex;
		struct lock_class_key app_key; /* mutex debuging */

		/* ip_vs_proto */
		#define IP_VS_PROTO_TAB_SIZE 32 /* must be power of 2 */
		struct ip_vs_proto_data *proto_data_table[IP_VS_PROTO_TAB_SIZE];
		/* ip_vs_proto_tcp */
		#ifdef CONFIG_IP_VS_PROTO_TCP
		#define TCP_APP_TAB_BITS 4
		#define TCP_APP_TAB_SIZE (1 << TCP_APP_TAB_BITS)
		#define TCP_APP_TAB_MASK (TCP_APP_TAB_SIZE - 1)
		struct list_head tcp_apps[TCP_APP_TAB_SIZE];
		spinlock_t tcp_app_lock;
		#endif
		/* ip_vs_proto_udp */
		#ifdef CONFIG_IP_VS_PROTO_UDP
		#define UDP_APP_TAB_BITS 4
		#define UDP_APP_TAB_SIZE (1 << UDP_APP_TAB_BITS)
		#define UDP_APP_TAB_MASK (UDP_APP_TAB_SIZE - 1)
		struct list_head udp_apps[UDP_APP_TAB_SIZE];
		spinlock_t udp_app_lock;
		#endif
		/* ip_vs_proto_sctp */
		#ifdef CONFIG_IP_VS_PROTO_SCTP
		#define SCTP_APP_TAB_BITS 4
		#define SCTP_APP_TAB_SIZE (1 << SCTP_APP_TAB_BITS)
		#define SCTP_APP_TAB_MASK (SCTP_APP_TAB_SIZE - 1)
		/* Hash table for SCTP application incarnations */
		struct list_head sctp_apps[SCTP_APP_TAB_SIZE];
		spinlock_t sctp_app_lock;
		#endif
		/* ip_vs_conn */
		atomic_t conn_count; /* connection counter */

		/* ip_vs_ctl */
		struct ip_vs_stats tot_stats; /* Statistics & est. */

		int num_services; /* no of virtual services */

		rwlock_t rs_lock; /* real services table */
		/* semaphore for IPVS sockopts. And, [gs]etsockopt may sleep. */
		struct lock_class_key ctl_key; /* ctl_mutex debuging */
		/* Trash for destinations */
		struct list_head dest_trash;
		/* Service counters */
		atomic_t ftpsvc_counter;
		atomic_t nullsvc_counter;

		#ifdef CONFIG_SYSCTL
		/* 1/rate drop and drop-entry variables */
		struct delayed_work defense_work; /* Work handler */
		int drop_rate;
		int drop_counter;
		atomic_t dropentry;
		/* locks in ctl.c */
		spinlock_t dropentry_lock; /* drop entry handling */
		spinlock_t droppacket_lock; /* drop packet handling */
		spinlock_t securetcp_lock; /* state and timeout tables */

		/* sys-ctl struct */
		struct ctl_table_header *sysctl_hdr;
		struct ctl_table *sysctl_tbl;
		#endif

		/* sysctl variables */
		int sysctl_amemthresh;
		int sysctl_am_droprate;
		int sysctl_drop_entry;
		int sysctl_drop_packet;
		int sysctl_secure_tcp;
		#ifdef CONFIG_IP_VS_NFCT
		int sysctl_conntrack;
		#endif
		int sysctl_snat_reroute;
		int sysctl_sync_ver;
		int sysctl_cache_bypass;
		int sysctl_expire_nodest_conn;
		int sysctl_expire_quiescent_template;
		int sysctl_sync_threshold[2];
		int sysctl_nat_icmp_send;

		/* ip_vs_lblc */
		int sysctl_lblc_expiration;
		struct ctl_table_header *lblc_ctl_header;
		struct ctl_table *lblc_ctl_table;
		/* ip_vs_lblcr */
		int sysctl_lblcr_expiration;
		struct ctl_table_header *lblcr_ctl_header;
		struct ctl_table *lblcr_ctl_table;
		/* ip_vs_est */
		struct list_head est_list; /* estimator list */
		spinlock_t est_lock;
		struct timer_list est_timer; /* Estimation timer */
		/* ip_vs_sync */
		struct list_head sync_queue;
		spinlock_t sync_lock;
		struct ip_vs_sync_buff *sync_buff;
		spinlock_t sync_buff_lock;
		struct sockaddr_in sync_mcast_addr;
		struct task_struct *master_thread;
		struct task_struct *backup_thread;
		int send_mesg_maxlen;
		int recv_mesg_maxlen;
		volatile int sync_state;
		volatile int master_syncid;
		volatile int backup_syncid;
		/* multicast interface name */
		char master_mcast_ifn[IP_VS_IFNAME_MAXLEN];
		char backup_mcast_ifn[IP_VS_IFNAME_MAXLEN];
		/* net name space ptr */
		struct net net; / Needed by timer routines */
		};

		#define DEFAULT_SYNC_THRESHOLD 3
		#define DEFAULT_SYNC_PERIOD 50
		#define DEFAULT_SYNC_VER 1

		#ifdef CONFIG_SYSCTL

		static inline int sysctl_sync_threshold(struct netns_ipvs *ipvs)
		{
		return ipvs->sysctl_sync_threshold[0];
		}

		static inline int sysctl_sync_period(struct netns_ipvs *ipvs)
		{
		return ipvs->sysctl_sync_threshold[1];
		}

		static inline int sysctl_sync_ver(struct netns_ipvs *ipvs)
		{
		return ipvs->sysctl_sync_ver;
		}

		#else

		static inline int sysctl_sync_threshold(struct netns_ipvs *ipvs)
		{
		return DEFAULT_SYNC_THRESHOLD;
		}

		static inline int sysctl_sync_period(struct netns_ipvs *ipvs)
		{
		return DEFAULT_SYNC_PERIOD;
		}

		static inline int sysctl_sync_ver(struct netns_ipvs *ipvs)
		{
		return DEFAULT_SYNC_VER;
		}

		#endif

		/*
		* IPVS core functions
		@@ -1071,9 +1221,11 @@ extern void ip_vs_sync_cleanup(void);
		*/
		extern int ip_vs_estimator_init(void);
		extern void ip_vs_estimator_cleanup(void);
		extern void ip_vs_new_estimator(struct net net, struct ip_vs_stats stats);
		extern void ip_vs_kill_estimator(struct net net, struct ip_vs_stats stats);
		extern void ip_vs_start_estimator(struct net net, struct ip_vs_stats stats);
		extern void ip_vs_stop_estimator(struct net net, struct ip_vs_stats stats);
		extern void ip_vs_zero_estimator(struct ip_vs_stats *stats);
		extern void ip_vs_read_estimator(struct ip_vs_stats_user *dst,
		struct ip_vs_stats *stats);

		/*
		* Various IPVS packet transmitters (from ip_vs_xmit.c)
		@@ -1106,6 +1258,7 @@ extern int ip_vs_icmp_xmit_v6
		int offset);
		#endif

		#ifdef CONFIG_SYSCTL
		/*
		* This is a simple mechanism to ignore packets when
		* we are loaded. Just set ip_vs_drop_rate to 'n' and
		@@ -1121,6 +1274,9 @@ static inline int ip_vs_todrop(struct netns_ipvs *ipvs)
		ipvs->drop_counter = ipvs->drop_rate;
		return 1;
		}
		#else
		static inline int ip_vs_todrop(struct netns_ipvs *ipvs) { return 0; }
		#endif

		/*
		* ip_vs_fwd_tag returns the forwarding tag of the connection
		@@ -1190,7 +1346,7 @@ static inline void ip_vs_notrack(struct sk_buff *skb)
		{
		#if defined(CONFIG_NF_CONNTRACK) \|\| defined(CONFIG_NF_CONNTRACK_MODULE)
		enum ip_conntrack_info ctinfo;
		struct nf_conn *ct = ct = nf_ct_get(skb, &ctinfo);
		struct nf_conn *ct = nf_ct_get(skb, &ctinfo);

		if (!ct \|\| !nf_ct_is_untracked(ct)) {
		nf_reset(skb);
		@@ -1208,7 +1364,11 @@ static inline void ip_vs_notrack(struct sk_buff *skb)
		*/
		static inline int ip_vs_conntrack_enabled(struct netns_ipvs *ipvs)
		{
		#ifdef CONFIG_SYSCTL
		return ipvs->sysctl_conntrack;
		#else
		return 0;
		#endif
		}

		extern void ip_vs_update_conntrack(struct sk_buff skb, struct ip_vs_conn cp,

include/net/net_namespace.h

+1 −1

Original line number	Diff line number	Diff line
		@@ -20,7 +20,6 @@
		#include <net/netns/conntrack.h>
		#endif
		#include <net/netns/xfrm.h>
		#include <net/netns/ip_vs.h>

		struct proc_dir_entry;
		struct net_device;
		@@ -28,6 +27,7 @@ struct sock;
		struct ctl_table_header;
		struct net_generic;
		struct sock;
		struct netns_ipvs;


		#define NETDEV_HASHBITS 8