Commit Graph

35589 Commits

Author SHA1 Message Date
Patrick McHardy
37ee3d5b3e netfilter: nf_defrag_ipv4: fix compilation error with NF_CONNTRACK=n
As reported by Randy Dunlap <randy.dunlap@oracle.com>, compilation
of nf_defrag_ipv4 fails with:

include/net/netfilter/nf_conntrack.h:94: error: field 'ct_general' has incomplete type
include/net/netfilter/nf_conntrack.h:178: error: 'const struct sk_buff' has no member named 'nfct'
include/net/netfilter/nf_conntrack.h:185: error: implicit declaration of function 'nf_conntrack_put'
include/net/netfilter/nf_conntrack.h:294: error: 'const struct sk_buff' has no member named 'nfct'
net/ipv4/netfilter/nf_defrag_ipv4.c:45: error: 'struct sk_buff' has no member named 'nfct'
net/ipv4/netfilter/nf_defrag_ipv4.c:46: error: 'struct sk_buff' has no member named 'nfct'

net/nf_conntrack.h must not be included with NF_CONNTRACK=n, add a
few #ifdefs. Long term the header file should be fixed to be usable
even with NF_CONNTRACK=n.

Tested-by: Randy Dunlap <randy.dunlap@oracle.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
2010-02-18 19:04:44 +01:00
Venkata Mohan Reddy
2906f66a56 ipvs: SCTP Trasport Loadbalancing Support
Enhance IPVS to load balance SCTP transport protocol packets. This is done
based on the SCTP rfc 4960. All possible control chunks have been taken
care. The state machine used in this code looks some what lengthy. I tried
to make the state machine easy to understand.

Signed-off-by: Venkata Mohan Reddy Koppula <mohanreddykv@gmail.com>
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Patrick McHardy <kaber@trash.net>
2010-02-18 12:31:05 +01:00
Stephen Hemminger
6457d26bd4 IPv6: convert mc_lock to spinlock
Only used for writing, so convert to spinlock

Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-17 18:48:44 -08:00
Matt Carlson
6a443a0f72 tg3: Push phylib definitions to phylib
This patch pushes phylib definitions out to phylib headers.  For phy
IDs, this removes some code duplication.

Signed-off-by: Matt Carlson <mcarlson@broadcom.com>
Reviewed-by: Michael Chan <mchan@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-17 17:27:40 -08:00
Michael S. Tsirkin
9940516259 tun: socket filter support
This patch adds Linux Socket Filter support to
tun driver.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-17 16:35:17 -08:00
Joe Perches
60b8675592 usbnet: Convert dev(dbg|err|warn|info) macros to netdev_<level>
These macros are too similar to the dev_<level> equivalents
but take a usbnet * argument.  Convert them to the recently
introduced netdev_<level> macros and remove the old macros.

The old macros had "\n" appended to the format string.
Add the "\n" to the converted uses.

Some existing uses of the dev<foo> macros in cdc_eem.c
probably mistakenly had trailing "\n".  No "\n" added there.

Fix net1080 this/other log message inversion.

Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-17 13:35:40 -08:00
Joe Perches
9874c41cd5 ipv6.h: reassembly: replace calculated magic number with multiplication
On Tue, 2010-02-16 at 16:47 +0100, Patrick McHardy wrote:
> Joe Perches wrote:
> >> @@ -246,6 +246,8 @@ extern int ipv6_opt_accepted(struct sock *sk, struct sk_buff *skb);
> >>  int ip6_frag_nqueues(struct net *net);
> >>  int ip6_frag_mem(struct net *net);
> >>
> >> +#define IPV6_FRAG_HIGH_THRESH	262144		/* == 256*1024 */
> >> +#define IPV6_FRAG_LOW_THRESH	196608		/* == 192*1024 */
> >>  #define IPV6_FRAG_TIMEOUT	(60*HZ)		/* 60 seconds */
> >
> > 196608 isn't a number I want to remember.
> > Is this better as:
> >
> > #define IPV6_FRAG_HIGH_THRESH	(256 * 1024)	/* 262144 */
> > #define IPV6_FRAG_LOW_THRESH	(192 * 1024)	/* 196608 */
>
> Please send a patch, I'll apply it once these patches are in Dave's
> tree.

Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-17 00:03:28 -08:00
Tejun Heo
47d742752d percpu: add __percpu sparse annotations to net drivers
Add __percpu sparse annotations to net drivers.

These annotations are to make sparse consider percpu variables to be
in a different address space and warn if accessed without going
through percpu accessors.  This patch doesn't affect normal builds.

Signed-off-by: Tejun Heo <tj@kernel.org>
Acked-by: David S. Miller <davem@davemloft.net>
Cc: Eric Dumazet <eric.dumazet@gmail.com>
Cc: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 23:05:38 -08:00
Tejun Heo
7d720c3e4f percpu: add __percpu sparse annotations to net
Add __percpu sparse annotations to net.

These annotations are to make sparse consider percpu variables to be
in a different address space and warn if accessed without going
through percpu accessors.  This patch doesn't affect normal builds.

The macro and type tricks around snmp stats make things a bit
interesting.  DEFINE/DECLARE_SNMP_STAT() macros mark the target field
as __percpu and SNMP_UPD_PO_STATS() macro is updated accordingly.  All
snmp_mib_*() users which used to cast the argument to (void **) are
updated to cast it to (void __percpu **).

Signed-off-by: Tejun Heo <tj@kernel.org>
Acked-by: David S. Miller <davem@davemloft.net>
Cc: Patrick McHardy <kaber@trash.net>
Cc: Arnaldo Carvalho de Melo <acme@ghostprotocols.net>
Cc: Vlad Yasevich <vladislav.yasevich@hp.com>
Cc: netdev@vger.kernel.org
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 23:05:38 -08:00
David S. Miller
2bb4646fce Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-02-16 22:09:29 -08:00
Jan Kiszka
0ca3a017a7 CAPI: Rework locking of controller data structures
This patch applies the mutex so far only protecting the controller list
to (almost) all accesses of controller data structures. It also reworks
waiting on state changes in old_capi_manufacturer so that it no longer
poll and holds a module reference to the controller owner while waiting
(the latter was partly done already). Modification and checking of the
blocked state remains racy by design, the caller is responsible for
dealing with this.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:22 -08:00
Jan Kiszka
ef69bb2ec6 CAPI: Rework controller state notifier
Another step towards proper locking: Rework the callback provided to
capidrv for controller state changes. This is so far attached to an
application, which would require us to hold the corresponding lock
across notification calls.

But there is no direct relation between a controller up/down event and
an application, so let's decouple them and provide a notifier call chain
for those events instead. This notifier chain is first of all used
internally. Here we request the highest priority to unsure that
housekeeping work is done before any other notifications. The chain is
exported via [un]register_capictr_notifier to our only user, capidrv, to
replace the racy and unfixable capi20_set_callback.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:21 -08:00
Jan Kiszka
522530311b CAPI: Call a controller 'controller', not 'card'
At least for our internal use, fix the misnomers that refer to a CAPI
controller as 'card'. No functional changes.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 16:01:20 -08:00
Eric W. Biederman
54716e3beb net neigh: Decouple per interface neighbour table controls from binary sysctls
Stop computing the number of neighbour table settings we have by
counting the number of binary sysctls.  This behaviour was silly
and meant that we could not add another neighbour table setting
without also adding another binary sysctl.

Don't pass the binary sysctl path for neighour table entries
into neigh_sysctl_register.  These parameters are no longer
used and so are just dead code.

Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 15:55:18 -08:00
Eric W. Biederman
02291680ff net ipv4: Decouple ipv4 interface parameters from binary sysctl numbers
Stop using the binary sysctl enumeartion in sysctl.h as an index into
a per interface array.  This leads to unnecessary binary sysctl number
allocation, and a fragility in data structure and implementation
because of unnecessary coupling.

Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-16 15:55:17 -08:00
Anton Vorontsov
5a5e0f4c70 kfifo: Don't use integer as NULL pointer
This patch fixes following sparse warnings:

include/linux/kfifo.h:127:25: warning: Using plain integer as NULL pointer
kernel/kfifo.c:83:21: warning: Using plain integer as NULL pointer

Signed-off-by: Anton Vorontsov <avorontsov@ru.mvista.com>
Acked-by: Stefani Seibold <stefani@seibold.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2010-02-16 15:11:08 -08:00
David S. Miller
749f621e20 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/kaber/nf-next-2.6 2010-02-16 11:15:13 -08:00
Linus Torvalds
3d8b4bdef7 Merge branch 'perf-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip
* 'perf-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:
  perf top: Fix help text alignment
  perf: Fix hypervisor sample reporting
  perf: Make bp_len type to u64 generic across the arch
2010-02-15 19:47:48 -08:00
Florian Westphal
3e5e524ffb netfilter: CONFIG_COMPAT: allow delta to exceed 32767
with 32 bit userland and 64 bit kernels, it is unlikely but possible
that insertion of new rules fails even tough there are only about 2000
iptables rules.

This happens because the compat delta is using a short int.
Easily reproducible via "iptables -m limit" ; after about 2050
rules inserting new ones fails with -ELOOP.

Note that compat_delta included 2 bytes of padding on x86_64, so
structure size remains the same.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
2010-02-15 18:17:10 +01:00
Patrick McHardy
ef00f89f1e netfilter: ctnetlink: add zone support
Parse and dump the conntrack zone in ctnetlink.

Signed-off-by: Patrick McHardy <kaber@trash.net>
2010-02-15 18:14:57 +01:00
Patrick McHardy
5d0aa2ccd4 netfilter: nf_conntrack: add support for "conntrack zones"
Normally, each connection needs a unique identity. Conntrack zones allow
to specify a numerical zone using the CT target, connections in different
zones can use the same identity.

Example:

iptables -t raw -A PREROUTING -i veth0 -j CT --zone 1
iptables -t raw -A OUTPUT -o veth1 -j CT --zone 1

Signed-off-by: Patrick McHardy <kaber@trash.net>
2010-02-15 18:13:33 +01:00
Patrick McHardy
8fea97ec17 netfilter: nf_conntrack: pass template to l4proto ->error() handler
The error handlers might need the template to get the conntrack zone
introduced in the next patches to perform a conntrack lookup.

Signed-off-by: Patrick McHardy <kaber@trash.net>
2010-02-15 17:45:08 +01:00
Jan Engelhardt
739674fb7f netfilter: xtables: constify args in compat copying functions
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
2010-02-15 16:59:28 +01:00
Jan Engelhardt
2249065f4b netfilter: get rid of the grossness in netfilter.h
GCC is now smart enough to follow the inline trail correctly.
vmlinux size remain the same.

Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
2010-02-15 16:56:51 +01:00
Jan Engelhardt
23f3733d44 netfilter: reduce NF_HOOK by one argument
No changes in vmlinux filesize.

Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
2010-02-15 16:56:51 +01:00
David S. Miller
a1467085dc ethtool: Fix includes build break
Based upon a patch by Oliver Hartkopp <oliver@hartkopp.net>.

Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-14 22:38:54 -08:00
Ben Hutchings
1a5778aa00 net: Fix first line of kernel-doc for a few functions
The function name must be followed by a space, hypen, space, and a
short description.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-14 22:35:47 -08:00
David S. Miller
f6f223039c Merge branch 'master' of ssh://master.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6 2010-02-14 17:45:59 -08:00
Williams, Mitch A
95c26df829 net: Add netdev ops for SR-IOV configuration
Add netdev ops for configuring SR-IOV VF devices through the PF driver.

Signed-off-by: Mitch Williams <mitch.a.williams@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-12 16:56:08 -08:00
Williams, Mitch A
b280da8d54 if_link: Add SR-IOV configuration methods
Add SR-IOV VF management methods to IFLA_LINKINFO. This allows userspace to
use rtnetlink to configure VF network devices.

Signed-off-by: Mitch Williams <mitch.a.williams@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-12 16:56:07 -08:00
Williams, Mitch A
fb8a0d9d1b pci: Add SR-IOV convenience functions and macros
Add and export pci_num_vf to allow other subsystems to determine how many
virtual function devices are associated with an SR-IOV physical function
device.
Add macros dev_is_pci, dev_is_ps, and dev_num_vf to make it easier for
non-PCI specific code to determine SR-IOV capabilities.

Signed-off-by: Mitch Williams <mitch.a.williams@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-12 16:56:07 -08:00
jamal
a63374631e xfrm: use proper kernel types
kernel side should use uxx instead of __uxx types

Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-12 13:27:48 -08:00
Joe Perches
b3d95c5c93 include/linux/netdevice.h: Add netif_printk helpers
Add macros to test a private structure for msg_enable bits
and the netif_msg_##bit to test and call netdev_printk if set

Simplifies logic in callers and adds message logging consistency

Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-12 13:27:45 -08:00
Joe Perches
571ba42303 netdevice.h: Add netdev_printk helpers like dev_printk
These netdev_printk routines take a struct net_device * and emit
dev_printk logging messages adding "%s: " ... netdev->dev.parent
to the dev_printk format and arguments.

This can create some uniformity in the output message log.

These helpers should not be used until a successful alloc_netdev.

Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-12 13:27:44 -08:00
Patrick McHardy
2bec5a369e ipv6: fib: fix crash when changing large fib while dumping it
When the fib size exceeds what can be dumped in a single skb, the
dump is suspended and resumed once the last skb has been received
by userspace. When the fib is changed while the dump is suspended,
the walker might contain stale pointers, causing a crash when the
dump is resumed.

BUG: unable to handle kernel NULL pointer dereference at 0000000000000018
IP: [<ffffffffa01bce04>] fib6_walk_continue+0xbb/0x124 [ipv6]
PGD 5347a067 PUD 65c7067 PMD 0
Oops: 0000 [#1] PREEMPT SMP
...
RIP: 0010:[<ffffffffa01bce04>]
[<ffffffffa01bce04>] fib6_walk_continue+0xbb/0x124 [ipv6]
...
Call Trace:
 [<ffffffff8104aca3>] ? mutex_spin_on_owner+0x59/0x71
 [<ffffffffa01bd105>] inet6_dump_fib+0x11b/0x1b9 [ipv6]
 [<ffffffff81371af4>] netlink_dump+0x5b/0x19e
 [<ffffffff8134f288>] ? consume_skb+0x28/0x2a
 [<ffffffff81373b69>] netlink_recvmsg+0x1ab/0x2c6
 [<ffffffff81372781>] ? netlink_unicast+0xfa/0x151
 [<ffffffff813483e0>] __sock_recvmsg+0x6d/0x79
 [<ffffffff81348a53>] sock_recvmsg+0xca/0xe3
 [<ffffffff81066d4b>] ? autoremove_wake_function+0x0/0x38
 [<ffffffff811ed1f8>] ? radix_tree_lookup_slot+0xe/0x10
 [<ffffffff810b3ed7>] ? find_get_page+0x90/0xa5
 [<ffffffff810b5dc5>] ? filemap_fault+0x201/0x34f
 [<ffffffff810ef152>] ? fget_light+0x2f/0xac
 [<ffffffff813519e7>] ? verify_iovec+0x4f/0x94
 [<ffffffff81349a65>] sys_recvmsg+0x14d/0x223

Store the serial number when beginning to walk the fib and reload
pointers when continuing to walk after a change occured. Similar
to other dumping functions, this might cause unrelated entries to
be missed when entries are deleted.

Tested-by: Ben Greear <greearb@candelatech.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-12 12:06:35 -08:00
Alexey Dobriyan
857b409a48 netfilter: nf_conntrack: elegantly simplify nf_ct_exp_net()
Remove #ifdef at nf_ct_exp_net() by using nf_ct_net().

Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
2010-02-12 06:24:46 +01:00
Patrick McHardy
9d288dffe3 netfilter: nf_conntrack_sip: add T.38 FAX support
Signed-off-by: Patrick McHardy <kaber@trash.net>
2010-02-11 12:30:21 +01:00
Patrick McHardy
48f8ac2653 netfilter: nf_nat_sip: add TCP support
Add support for mangling TCP SIP packets.

Signed-off-by: Patrick McHardy <kaber@trash.net>
2010-02-11 12:29:38 +01:00
Patrick McHardy
010c0b9f34 netfilter: nf_nat: support mangling a single TCP packet multiple times
nf_nat_mangle_tcp_packet() can currently only handle a single mangling
per window because it only maintains two sequence adjustment positions:
the one before the last adjustment and the one after.

This patch makes sequence number adjustment tracking in
nf_nat_mangle_tcp_packet() optional and allows a helper to manually
update the offsets after the packet has been fully handled.

Signed-off-by: Patrick McHardy <kaber@trash.net>
2010-02-11 12:27:09 +01:00
Patrick McHardy
f5b321bd37 netfilter: nf_conntrack_sip: add TCP support
Add TCP support, which is mandated by RFC3261 for all SIP elements.

SIP over TCP is similar to UDP, except that messages are delimited
by Content-Length: headers and multiple messages may appear in one
packet.

Signed-off-by: Patrick McHardy <kaber@trash.net>
2010-02-11 12:26:19 +01:00
Patrick McHardy
3b6b9fab42 netfilter: nf_conntrack_sip: pass data offset to NAT functions
When using TCP multiple SIP messages might be present in a single packet.
A following patch will parse them by setting the dptr to the beginning of
each message. The NAT helper needs to reload the dptr value after mangling
the packet however, so it needs to know the offset of the message to the
beginning of the packet.

Signed-off-by: Patrick McHardy <kaber@trash.net>
2010-02-11 12:23:53 +01:00
Patrick McHardy
b87921bdf2 netfilter: nf_conntrack: show helper and class in /proc/net/nf_conntrack_expect
Make the output a bit more informative by showing the helper an expectation
belongs to and the expectation class.

Signed-off-by: Patrick McHardy <kaber@trash.net>
2010-02-11 12:22:48 +01:00
Peter P Waskiewicz Jr
15682bc488 ethtool: Introduce n-tuple filter programming support
This patchset enables the ethtool layer to program n-tuple
filters to an underlying device.  The idea is to allow capable
hardware to have static rules applied that can assist steering
flows into appropriate queues.

Hardware that is known to support these types of filters today
are ixgbe and niu.

Signed-off-by: Peter P Waskiewicz Jr <peter.p.waskiewicz.jr@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-10 20:03:05 -08:00
Dave Airlie
e8a47c10b2 Merge remote branch 'nouveau/for-airlied' of nouveau-2.6
* 'nouveau/for-airlied' of /home/airlied/kernel/drm-next:
  nouveau: fix state detection with switchable graphics
  drm/nouveau: move dereferences after null checks
  drm/nv50: make the pgraph irq handler loop like the pre-nv50 version
  drm/nv50: delete ramfc object after disabling fifo, not before
  drm/nv50: avoid unloading pgraph context when ctxprog is running
  drm/nv50: align size of buffer object to the right boundaries.
  drm/nv50: disregard dac outputs in nv50_sor_dpms()
  drm/nv50: prevent multiple init tables being parsed at the same time
  drm/nouveau: make dp auxch xfer len check for reads only
  drm/nv40: make INIT_COMPUTE_MEM a NOP, just like nv50
  drm/nouveau: Add proper vgaarb support.
  drm/nouveau: Fix fbcon on mixed pre-NV50 + NV50 multicard.
  drivers/gpu/drm/nouveau/nouveau_grctx.c: correct NULL test
  drm/nouveau: call ttm_bo_wait with the bo lock held to prevent hang
  drm/nouveau: Fixup semaphores on pre-nv50 cards.
  drm/nouveau: Add getparam to get available PGRAPH units.
  drm/nouveau: Add module options to disable acceleration.
  drm/nouveau: fix non-vram notifier blocks
2010-02-11 12:10:52 +10:00
Jakob Bornecrantz
a87897edba drm/vmwgfx: Drop scanout flag compat and add execbuf ioctl parameter members. Bumps major.
Even if this bumps the version to 1 it does not mean the driver is
out of staging. From what we know this is the last backwards
incompatible change to the driver.

Signed-off-by: Jakob Bornecrantz <jakob@vmware.com>
Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2010-02-11 12:03:26 +10:00
Thomas Hellstrom
f77cef3db3 drm/vmwgfx: Update the user-space interface.
When time-based throttling is implemented, we need to bump minor.
When the old way of detecting scanout is removed, we need to bump major.
In the meantime, this change should not break existing user-space.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Signed-off-by: Jakob Bornecrantz <jakob@vmware.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2010-02-11 11:58:09 +10:00
Li Zefan
c4146644a5 net: add a wrapper sk_entry()
Signed-off-by: Li Zefan <lizf@cn.fujitsu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-10 11:12:07 -08:00
Li Zefan
66655de6d1 seq_file: Add helpers for iteration over a hlist
Some places in kernel need to iterate over a hlist in seq_file,
so provide some common helpers.

Signed-off-by: Li Zefan <lizf@cn.fujitsu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-10 11:12:06 -08:00
Patrick McHardy
a8c28d0515 Merge branch 'master' of git://dev.medozas.de/linux 2010-02-10 17:56:46 +01:00
Jan Engelhardt
e3eaa9910b netfilter: xtables: generate initial table on-demand
The static initial tables are pretty large, and after the net
namespace has been instantiated, they just hang around for nothing.
This commit removes them and creates tables on-demand at runtime when
needed.

Size shrinks by 7735 bytes (x86_64).

Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
2010-02-10 17:50:47 +01:00