GIT d4f3b4336a70c1f629b940bd0317465033501b3b git+ssh://master.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6.git commit Author: Kazunori MIYAZAWA Date: Fri May 25 01:22:25 2007 -0700 [IPSEC]: Fix IPv6 AH calculation in outbound Signed-off-by: Kazunori MIYAZAWA Signed-off-by: David S. Miller commit b3a443f621f9eb141766b311c8f9c55693daf453 Author: David S. Miller Date: Fri May 25 00:42:49 2007 -0700 [XFRM]: xfrm_larval_drop sysctl should be __read_mostly. Signed-off-by: David S. Miller commit d8d8bb7d21ea6df9c452e9731b799cd0313072a8 Author: David S. Miller Date: Fri May 25 00:41:38 2007 -0700 [XFRM]: Allow XFRM_ACQ_EXPIRES to be tunable via sysctl. Signed-off-by: David S. Miller commit a7a9c6bfcc9caa581037e93a2b9e4c7ad499524c Author: David S. Miller Date: Thu May 24 20:59:26 2007 -0700 [CASSINI]: Fix printk message typo. Signed-off-by: David S. Miller drivers/net/cassini.c | 2 +- include/net/xfrm.h | 1 - net/core/sysctl_net_core.c | 9 +++++++++ net/ipv6/ah6.c | 2 +- net/xfrm/xfrm_policy.c | 3 ++- net/xfrm/xfrm_state.c | 15 +++++++++------ 6 files changed, 22 insertions(+), 10 deletions(-) diff --git a/drivers/net/cassini.c b/drivers/net/cassini.c index 9fe3a38..59b9943 100644 --- a/drivers/net/cassini.c +++ b/drivers/net/cassini.c @@ -4920,7 +4920,7 @@ static int __devinit cas_init_one(struct pci_cmd |= PCI_COMMAND_PARITY; pci_write_config_word(pdev, PCI_COMMAND, pci_cmd); if (pci_set_mwi(pdev)) - printk(KERN_WARNING PFX "Could enable MWI for %s\n", + printk(KERN_WARNING PFX "Could not enable MWI for %s\n", pci_name(pdev)); /* diff --git a/include/net/xfrm.h b/include/net/xfrm.h index 39ef925..90185e8 100644 --- a/include/net/xfrm.h +++ b/include/net/xfrm.h @@ -237,7 +237,6 @@ extern int xfrm_policy_register_afinfo(s extern int xfrm_policy_unregister_afinfo(struct xfrm_policy_afinfo *afinfo); extern void km_policy_notify(struct xfrm_policy *xp, int dir, struct km_event *c); extern void km_state_notify(struct xfrm_state *x, struct km_event *c); -#define XFRM_ACQ_EXPIRES 30 struct xfrm_tmpl; extern int km_query(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *pol); diff --git a/net/core/sysctl_net_core.c b/net/core/sysctl_net_core.c index f34aca0..6d5ea97 100644 --- a/net/core/sysctl_net_core.c +++ b/net/core/sysctl_net_core.c @@ -25,6 +25,7 @@ #ifdef CONFIG_XFRM extern u32 sysctl_xfrm_aevent_etime; extern u32 sysctl_xfrm_aevent_rseqth; extern int sysctl_xfrm_larval_drop; +extern u32 sysctl_xfrm_acq_expires; #endif ctl_table core_table[] = { @@ -127,6 +128,14 @@ #ifdef CONFIG_XFRM .mode = 0644, .proc_handler = &proc_dointvec }, + { + .ctl_name = CTL_UNNUMBERED, + .procname = "xfrm_acq_expires", + .data = &sysctl_xfrm_acq_expires, + .maxlen = sizeof(int), + .mode = 0644, + .proc_handler = &proc_dointvec + }, #endif /* CONFIG_XFRM */ #endif /* CONFIG_NET */ { diff --git a/net/ipv6/ah6.c b/net/ipv6/ah6.c index b696c84..128f94c 100644 --- a/net/ipv6/ah6.c +++ b/net/ipv6/ah6.c @@ -247,7 +247,7 @@ #endif memcpy(tmp_base, top_iph, sizeof(tmp_base)); tmp_ext = NULL; - extlen = skb_transport_offset(skb) + sizeof(struct ipv6hdr); + extlen = skb_transport_offset(skb) - sizeof(struct ipv6hdr); if (extlen) { extlen += sizeof(*tmp_ext); tmp_ext = kmalloc(extlen, GFP_ATOMIC); diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c index b8bab89..64a3751 100644 --- a/net/xfrm/xfrm_policy.c +++ b/net/xfrm/xfrm_policy.c @@ -26,10 +26,11 @@ #include #include #include #include +#include #include "xfrm_hash.h" -int sysctl_xfrm_larval_drop; +int sysctl_xfrm_larval_drop __read_mostly; DEFINE_MUTEX(xfrm_cfg_mutex); EXPORT_SYMBOL(xfrm_cfg_mutex); diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c index 9955ff4..372f06e 100644 --- a/net/xfrm/xfrm_state.c +++ b/net/xfrm/xfrm_state.c @@ -21,18 +21,21 @@ #include #include #include #include +#include #include "xfrm_hash.h" struct sock *xfrm_nl; EXPORT_SYMBOL(xfrm_nl); -u32 sysctl_xfrm_aevent_etime = XFRM_AE_ETIME; +u32 sysctl_xfrm_aevent_etime __read_mostly = XFRM_AE_ETIME; EXPORT_SYMBOL(sysctl_xfrm_aevent_etime); -u32 sysctl_xfrm_aevent_rseqth = XFRM_AE_SEQT_SIZE; +u32 sysctl_xfrm_aevent_rseqth __read_mostly = XFRM_AE_SEQT_SIZE; EXPORT_SYMBOL(sysctl_xfrm_aevent_rseqth); +u32 sysctl_xfrm_acq_expires __read_mostly = 30; + /* Each xfrm_state may be linked to two tables: 1. Hash table by (spi,daddr,ah/esp) to find SA by SPI. (input,ctl) @@ -622,8 +625,8 @@ xfrm_state_find(xfrm_address_t *daddr, x h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, family); hlist_add_head(&x->byspi, xfrm_state_byspi+h); } - x->lft.hard_add_expires_seconds = XFRM_ACQ_EXPIRES; - x->timer.expires = jiffies + XFRM_ACQ_EXPIRES*HZ; + x->lft.hard_add_expires_seconds = sysctl_xfrm_acq_expires; + x->timer.expires = jiffies + sysctl_xfrm_acq_expires*HZ; add_timer(&x->timer); xfrm_state_num++; xfrm_hash_grow_check(x->bydst.next != NULL); @@ -772,9 +775,9 @@ static struct xfrm_state *__find_acq_cor x->props.family = family; x->props.mode = mode; x->props.reqid = reqid; - x->lft.hard_add_expires_seconds = XFRM_ACQ_EXPIRES; + x->lft.hard_add_expires_seconds = sysctl_xfrm_acq_expires; xfrm_state_hold(x); - x->timer.expires = jiffies + XFRM_ACQ_EXPIRES*HZ; + x->timer.expires = jiffies + sysctl_xfrm_acq_expires*HZ; add_timer(&x->timer); hlist_add_head(&x->bydst, xfrm_state_bydst+h); h = xfrm_src_hash(daddr, saddr, family);