[PATCH next 07/84] ipvs: Store ipvs not net in struct ip_vs_service

ng by net filter by ipvs instead. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 2 +- net/netfilter/ipvs/ip_vs_core.c | 10 +++ net/netfilter/ipvs/ip_vs_ctl.c | 64 ++-- net/netfilter/ipvs/i

[PATCH next 05/84] ipvs: Store ipvs not net in struct ip_vs_conn_param

mparisons of cp->net with comparisons of cp->ipvs which is possible now that ipvs is present in ip_vs_conn_param. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 4 ++-- net/netfilter/ipvs/ip_vs_conn.c | 14 +++--- 2 fi

[PATCH next 25/84] ipvs: Pass ipvs not net to ip_vs_set_timeout

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index b9426a5fb667..81eb3ed4ce90 100644 ---

[PATCH next 50/84] ipvs: Pass ipvs not net to estimation_timer

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_est.c | 6 ++ 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_est.c b/net/netfilter/ipvs/ip_vs_est.c index 638a301f7ee4..c86dc456c8f4 100644 --- a/ne

[PATCH next 21/84] ipvs: Pass ipvs not net to ip_vs_service_net_cleanup

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 2 +- net/netfilter/ipvs/ip_vs_core.c | 6 -- net/netfilter/ipvs/ip_vs_ctl.c | 3 +-- 3 files changed, 6 insertions(+), 5 deletions(-) diff --git a/include/net/ip_vs.h b/inc

[PATCH next 65/84] ipvs: Pass ipvs not net into ip_vs_conn_net_init and ip_vs_conn_net_cleanup

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 4 ++-- net/netfilter/ipvs/ip_vs_conn.c | 8 net/netfilter/ipvs/ip_vs_core.c | 6 +++--- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/include/net/ip_vs

[PATCH next 23/84] ipvs: Cache ipvs in ip_vs_in_icmp and ip_vs_in_icmp_v6

Storte the value of net_ipvs in a variable named ipvs so that when there are more users struct netns_ipvs in ip_vs_in_cmp and ip_vs_in_icmp_v6 they won't need to compute the value again. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/

[PATCH next 08/84] ipvs: Pass ipvs not net to ip_vs_svc_fwm_hashkey

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index 2277da6b8e9f..4eb3c4aca86b 100644 ---

[PATCH next 10/84] ipvs: Pass ipvs not net to ip_vs_svc_hashkey

Use the address of ipvs not the address of net when computing the hash value. This removes an unncessary dependency on struct net. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 8 1 file changed, 4 insertions(+), 4 de

[PATCH next 03/84] ipvs: Use state->net in the ipvs forward functions

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_core.c | 8 ++-- 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/ipvs/ip_vs_core.c index 1fa12edccbcc..3f33a076aaec 100644 ---

[PATCH next 04/84] ipvs: Store ipvs not net in struct ip_vs_conn

In practice struct netns_ipvs is as meaningful as struct net and more useful as it holds the ipvs specific data. So store a pointer to struct netns_ipvs. Update the accesses of conn->net to access conn->ipvs->net instead. Signed-off-by: "Eric W. Biederman" <ebied...@xmis

[PATCH next 00/84] ipvs: Stop guessing the network namespace

scm/linux/kernel/git/ebiederm/net-next.git for-testing Eric Eric W. Biederman (84): ipvs: Hoist computation of ipvs earlier in sctp_conn_schedule ipvs: Don't use current in proc_do_defense_mode ipvs: Use state->net in the ipvs forward functions ipvs: Store ipvs not net in

[PATCH next 41/84] ipvs: Pass ipvs not net to ip_vs_proc_conn

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_sync.c | 12 ++-- 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_sync.c b/net/netfilter/ipvs/ip_vs_sync.c index a0808f230cd6..98180904ccd2

[PATCH next 52/84] ipvs: Pass ipvs not net into register_app and unregister_app

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 4 ++-- net/netfilter/ipvs/ip_vs_app.c| 6 -- net/netfilter/ipvs/ip_vs_proto_sctp.c | 7 +++ net/netfilter/ipvs/ip_vs_proto_tcp.c | 7 +++ ne

[PATCH next 11/84] ipvs: Pass ipvs not net to __ip_vs_service_find

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 17 - 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index 3911cf03fef9..9a56256502b6

[PATCH next 75/84] ipvs: Pass ipvs into ip_vs_out

Derive ipvs from state->net in the callers of ip_vs_out and pass it into ip_vs_out. Removing the need to use the hack skb_net. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_core.c | 15 ++- 1 file changed, 6 inserti

[PATCH next 26/84] ipvs: Pass ipvs not net to __ip_vs_get_servie_entries

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index 81eb3ed4ce90..9c307a822962 100644 --- a/ne

[PATCH next 68/84] ipvs: Pass ipvs into __ip_vs_get_out_rt

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_xmit.c | 15 --- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_xmit.c b/net/netfilter/ipvs/ip_vs_xmit.c index ec10ebf246fd..5cfd914d9a39

[PATCH next 45/84] ipvs: Pass ipvs not net to ip_vs_genl_set_config

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index 85a2f2699a18..851bd121ed94 100644 --- a/ne

[PATCH next 14/84] ipvs: Pass ipvs not net to ip_vs_find_dest

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 2 +- net/netfilter/ipvs/ip_vs_conn.c | 2 +- net/netfilter/ipvs/ip_vs_ctl.c | 4 ++-- net/netfilter/ipvs/ip_vs_sync.c | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff

[PATCH next 24/84] ipvs: Pass ipvs not net to ip_vs_proto_data_get

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 2 +- net/netfilter/ipvs/ip_vs_conn.c | 4 ++-- net/netfilter/ipvs/ip_vs_core.c | 8 net/netfilter/ipvs/ip_vs_ctl.c| 12 +++- ne

[PATCH next 53/84] ipvs: Pass ipvs not net into ip_vs_app_inc_new

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_app.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_app.c b/net/netfilter/ipvs/ip_vs_app.c index f20f72c4ac80..951516b7783b 100644 --- a/ne

[PATCH next 55/84] ipvs: Pass ipvs not net to register_ip_vs_app and unregister_ip_vs_app

Also move the tests for net_ipvs being NULL into __ip_vs_ftp_init and __ip_vs_ftp_exit. The only places where they possibly make sense. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h| 4 ++-- net/netfilter/ipvs/

[PATCH next 16/84] ipvs: Pass ipvs not net to __ip_vs_del_dest

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 10 -- 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index ee2ec40d0f12..4f08611347a2 100644 ---

[PATCH next 37/84] ipvs: Store ipvs not net in struct ip_vs_sync_thread_data

In practice struct netns_ipvs is as meaningful as struct net and more useful as it holds the ipvs specific data. So store a pointer to struct netns_ipvs. Update the accesses of tinfo->net to access tinfo->ipvs->net instead. Signed-off-by: "Eric W. Biederman" <ebied...@

[PATCH next 54/84] ipvs: Pass ipvs not net to register_ip_vs_app_inc

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h| 2 +- net/netfilter/ipvs/ip_vs_app.c | 3 +-- net/netfilter/ipvs/ip_vs_ftp.c | 2 +- 3 files changed, 3 insertions(+), 4 deletions(-) diff --git a/include/net/ip_vs.h b/include/n

[PATCH next 71/84] ipvs: Better derivation of ipvs in ip_vs_in_stats and ip_vs_out_stats

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_core.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/ipvs/ip_vs_core.c index 514596b7a324..1c9c52349b7c 100644 --- a/ne

[PATCH next 79/84] ipvs: Pass ipvs through ip_vs_route_me_harder into sysctl_snat_reroute

This removes the need to use the hack skb_net. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_core.c | 15 +++ 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/i

[PATCH next 70/84] ipvs: Pass ipvs into ensure_mtu_is adequate

This allows two different ways for computing/guessing net to be removed from ensure_mtu_is_adequate. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_xmit.c | 11 +-- 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/ne

[PATCH next 22/84] ipvs: Pass ipvs not net to ip_vs_zero_all

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 7 +++ 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index d3407ad866bb..591f528e4ed6 100644 --- a/ne

[PATCH next 66/84] ipvs: Pass ipvs into .conn_schedule and ip_vs_try_to_schedule

This moves the hack "net_ipvs(skb_net(skb))" up one level where it will be easier to remove. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 3 ++- net/netfilter/ipvs/ip_vs_core.c | 11 +

[PATCH next 51/84] ipvs: Pass ipvs not net to ip_vs_estimator_net_init and ip_vs_estimator_cleanup

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 4 ++-- net/netfilter/ipvs/ip_vs_core.c | 6 +++--- net/netfilter/ipvs/ip_vs_est.c | 8 +++- 3 files changed, 8 insertions(+), 10 deletions(-) diff --git a/include/net/ip_vs

[PATCH next 83/84] ipvs: Remove skb_sknet

This function adds no real value and it obscures what the code is doing. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h| 22 -- net/netfilter/ipvs/ip_vs_ctl.c | 25 ++--- 2 files changed, 10 i

[PATCH next 56/84] ipvs: Pass ipvs not net into ip_vs_app_inc_release

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_app.c | 6 ++ 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_app.c b/net/netfilter/ipvs/ip_vs_app.c index 4a2daa3976c6..cb1246912f0f 100644 --- a/ne

[PATCH next 80/84] ipvs: Remove net argument from ip_vs_tcp_conn_listen

The argument is unnecessary and in practice confusing, and has caused the callers to do all manner of silly things. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 2 +- net/netfilter/ipvs/ip_vs_ftp.c | 8 ++-- ne

[PATCH next 81/84] ipvs: Pass ipvs not net to ip_vs_protocol_net_(init|cleanup)

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 4 ++-- net/netfilter/ipvs/ip_vs_core.c | 6 +++--- net/netfilter/ipvs/ip_vs_proto.c | 8 +++- 3 files changed, 8 insertions(+), 10 deletions(-) diff --git a/include/net/ip_vs

[PATCH next 36/84] ipvs: Pass ipvs not net to make_receive_sock

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_sync.c | 7 +++ 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_sync.c b/net/netfilter/ipvs/ip_vs_sync.c index dc987762ca2c..304eade977d2 100644 ---

[PATCH next 42/84] ipvs: Pass ipvs not net to ip_vs_proc_sync_conn

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_sync.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_sync.c b/net/netfilter/ipvs/ip_vs_sync.c index 98180904ccd2..e3f72cbc1204 100644 ---

[PATCH next 59/84] ipvs: Pass ipvs not net into init_netns and exit_netns

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 4 ++-- net/netfilter/ipvs/ip_vs_proto.c | 4 ++-- net/netfilter/ipvs/ip_vs_proto_sctp.c | 6 ++ net/netfilter/ipvs/ip_vs_proto_tcp.c | 6 ++ net/netfilter/ipvs/i

[PATCH next 64/84] ipvs: Pass ipvs not net into ip_vs_conn_net_flush

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_conn.c | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_conn.c b/net/netfilter/ipvs/ip_vs_conn.c index 76cdb6c06a52..43b7a7d2ba4d 100644 ---

[PATCH next 82/84] ipvs: Remove skb_net

This hack has no more users so remove it. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 31 --- 1 file changed, 31 deletions(-) diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index 00318d63a565..d62

[PATCH next 62/84] ipvs: Pass ipvs into conn_out_get

Move the hack of relying on "net_ipvs(skb_net(skb))" to dreive the ipvs up a layer. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 6 -- net/netfilter/ipvs/ip_vs_conn.c | 4 ++-- net/netfilter/ipv

[PATCH next 33/84] ipvs: Pass ipvs not net to start_sync_thread

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 2 +- net/netfilter/ipvs/ip_vs_ctl.c | 4 ++-- net/netfilter/ipvs/ip_vs_sync.c | 11 +-- 3 files changed, 8 insertions(+), 9 deletions(-) diff --git a/include/net/ip_vs

[PATCH next 67/84] ipvs: Better derivation of ipvs in ip_vs_tunnel_xmit

Don't use "net_ipvs(skb_net(skb))" as skb_net is a bad hack. Instead use cp->ipvs and ipvs->net for the net. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_xmit.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)

[PATCH next 58/84] ipvs: Pass ipvs not net into [un]register_ip_vs_proto_netns

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_proto.c | 15 +++ 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_proto.c b/net/netfilter/ipvs/ip_vs_proto.c index 82ccfd2f235c..fb581babe5e2

[PATCH next 76/84] ipvs: Pass ipvs into ip_vs_in

Derive ipvs from state->net in the callers of ip_vs_in and pass it into ip_vs_out. Removing the need to use the hack skb_net. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_core.c | 14 +- 1 file changed, 5 insertions(+), 9

[PATCH next 72/84] ipvs: Wrap sysctl_cache_bypass and remove ifdefs in ip_vs_leave

With sysctl_cache_bypass now a compile time constant the compiler can figue out that it can elimiate all of the code that depends on sysctl_cache_bypass being true. Also remove the duplicate computation of net previously necessitated by #ifdef CONFIG_SYSCTL Signed-off-by: "Eric W. Bied

[PATCH next 20/84] ipvs: Pass ipvs not net to ip_vs_flush

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 10 +- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index 7f0635242c7f..51dab90bf184 100644 ---

[PATCH next 31/84] ipvs: Pass ipvs not net to ip_vs_genl_new_daemon

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 7 +++ 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index 9dab372ceedb..30ed3a93bf22 100644 --- a/ne

[PATCH next 78/84] ipvs: Pass ipvs into ip_vs_out_icmp and ip_vs_out_icmp_v6

This removes the need to compute ipvs with the hack "net_ipvs(skb_net(skb))" Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_core.c | 15 +++ 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/net/netfilt

[PATCH next 84/84] ipvs: Pass ipvs into ip_vs_gather_frags

This will be needed later when the network namespace guessing is removed from ip_defrag Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_core.c | 9 + 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/net/netfilter/ipv

[PATCH next 74/84] ipvs: Pass ipvs not net into sysctl_nat_icmp_send

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_core.c | 7 +++ 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/ipvs/ip_vs_core.c index 15661691bf7d..b25fb3309472 100644 ---

[PATCH next 13/84] ipvs: Pass ipvs not net to ip_vs_has_real_service

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 2 +- net/netfilter/ipvs/ip_vs_core.c | 6 -- net/netfilter/ipvs/ip_vs_ctl.c | 3 +-- 3 files changed, 6 insertions(+), 5 deletions(-) diff --git a/include/net/ip_vs.h b/inc

[PATCH next 29/84] ipvs: Pass ipvs not net to ip_vs_genl_parse_service

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index 4ca8d64ab6f1..1e3fc8962627 100644 ---

[PATCH next 46/84] ipvs: Pass ipvs not net to ip_vs_start_estimator aned ip_vs_stop_estimator

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h| 4 ++-- net/netfilter/ipvs/ip_vs_ctl.c | 12 ++-- net/netfilter/ipvs/ip_vs_est.c | 6 ++ 3 files changed, 10 insertions(+), 12 deletions(-) diff --git a/include/net/ip_vs

[PATCH next 17/84] ipvs: Pass ipvs not net to ip_vs_dest_trash_expire

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index 4f08611347a2..9169a27be6e7 100644 --- a/ne

[PATCH next 32/84] ipvs: Pass ipvs not net to ip_vs_genl_del_daemon

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 7 +++ 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index 30ed3a93bf22..6a8238adda02 100644 --- a/ne

[PATCH next 69/84] ipvs: Pass ipvs into __ip_vs_get_out_rt_v6

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_xmit.c | 21 + 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_xmit.c b/net/netfilter/ipvs/ip_vs_xmit.c index 5cfd914d9a39..13a

[PATCH next 34/84] ipvs: Pass ipvs not net to stop_sync_thread

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 2 +- net/netfilter/ipvs/ip_vs_ctl.c | 4 ++-- net/netfilter/ipvs/ip_vs_sync.c | 7 +++ 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/include/net/ip_vs.h b/inc

[PATCH next 30/84] ipvs: Pass ipvs not net to ip_vs_genl_find_service

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index 1e3fc8962627..9dab372ceedb 100644 ---

[PATCH next 63/84] ipvs: Pass ipvs not net to ip_vs_conn_hashkey

Use the address of struct netns_ipvs in the hash not the address of struct net. Both addresses are equally valid candidates and by using the address of struct netns_ipvs there becomes no need deal with struct net in this part of the code. Signed-off-by: "Eric W. Biederman" <ebied...

[PATCH next 73/84] ipvs: Simplify ipvs and net access in ip_vs_leave

Stop using the hack skb_net(skb) to compute the network namespace. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_core.c | 8 ++-- 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_core.c b/ne

[PATCH next 47/84] ipvs: Pass ipvs not net to ip_vs_random_drop_entry

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 2 +- net/netfilter/ipvs/ip_vs_conn.c | 4 ++-- net/netfilter/ipvs/ip_vs_ctl.c | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/include/net/ip_vs.h b/include/n

[PATCH next 15/84] ipvs: Pass ipvs not net to ip_vs_trash_cleanup

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index 186e49c111f3..ee2ec40d0f12 100644 --- a/ne

[PATCH next 35/84] ipvs: Pass ipvs not net to make_send_sock

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_sync.c | 7 +++ 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_sync.c b/net/netfilter/ipvs/ip_vs_sync.c index 0b2e01aa764a..dc987762ca2c 100644 ---

[PATCH next 77/84] ipvs: Pass ipvs into ip_vs_in_icmp and ip_vs_in_icmp_v6

With ipvs passed into ip_vs_in_icmp and ip_vs_in_icmp_v6 they no longer need to call the hack that is skb_net. Additionally ipvs_in_icmp no longer needs to call dev_net(skb->dev) and can use the ipvs->net instead. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> -

[PATCH next 12/84] ipvs: Pass ipvs not net to ipvs_service_find

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 2 +- net/netfilter/ipvs/ip_vs_ctl.c| 5 ++--- net/netfilter/ipvs/ip_vs_proto_sctp.c | 4 ++-- net/netfilter/ipvs/ip_vs_proto_tcp.c | 4 ++-- net/netfilter/ipvs/ip_vs_

[PATCH next 44/84] ipvs: Pass ipvs not net to ip_vs_sync_net_cleanup

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 2 +- net/netfilter/ipvs/ip_vs_core.c | 5 +++-- net/netfilter/ipvs/ip_vs_sync.c | 3 +-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/include/net/ip_vs.h b/include/n

[PATCH next 57/84] ipvs: Pass ipvs not net into ip_vs_app_net_init and ip_vs_app_net_cleanup

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 4 ++-- net/netfilter/ipvs/ip_vs_app.c | 9 + net/netfilter/ipvs/ip_vs_core.c | 6 +++--- 3 files changed, 10 insertions(+), 9 deletions(-) diff --git a/include/net/ip_vs

[PATCH next 39/84] ipvs: Pass ipvs not net to ip_vs_sync_conn_v0

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_sync.c | 7 +++ 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_sync.c b/net/netfilter/ipvs/ip_vs_sync.c index 280e1c03e598..58ec7850ab06 100644 ---

[PATCH next 19/84] ipvs: Pass ipvs not net to ip_vs_add_service

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 9 - 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index b192bb45f697..7f0635242c7f 100644 ---

[PATCH next 27/84] ipvs: Pass ipvs not net to __ip_vs_get_dest_entries

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index 9c307a822962..176068c3a7fe 100644 --- a/ne

[PATCH next 28/84] ipvs: Pass ipvs not net to __ip_vs_get_timeouts

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 11 ++- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index 176068c3a7fe..4ca8d64ab6f1 100644 ---

[PATCH next 43/84] ipvs: Pass ipvs not net to ip_vs_sync_net_init

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 2 +- net/netfilter/ipvs/ip_vs_core.c | 2 +- net/netfilter/ipvs/ip_vs_sync.c | 4 +--- 3 files changed, 3 insertions(+), 5 deletions(-) diff --git a/include/net/ip_vs.h b/include/n

[PATCH next 40/84] ipvs: Pass ipvs not net to ip_vs_sync_conn

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 2 +- net/netfilter/ipvs/ip_vs_conn.c | 3 +-- net/netfilter/ipvs/ip_vs_core.c | 2 +- net/netfilter/ipvs/ip_vs_sync.c | 5 ++--- 4 files changed, 5 insertions(+), 7 deletions(-) diff

[PATCH next 61/84] ipvs: Pass ipvs into .conn_in_get and ip_vs_conn_in_get_proto

Stop relying on "net_ipvs(skb_net(skb))" to dreive the ipvs as skb_net is a hack. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 6 -- net/netfilter/ipvs/ip_vs_conn.c | 4 ++-- net/netfilter/ipv

[PATCH next 38/84] ipvs: Pass ipvs not net to ip_vs_process_message

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_sync.c | 7 +++ 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_sync.c b/net/netfilter/ipvs/ip_vs_sync.c index cd32e3ab0c4d..280e1c03e598 100644 ---

[PATCH next 48/84] ipvs: Pass ipvs not net to ip_vs_control_net_(init|cleanup)_sysctl

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 16 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index 67278c6e41a3..1665db8e9f2a

[PATCH next 18/84] ipvs: Cache ipvs in ip_vs_genl_set_cmd

Compute ipvs early in ip_vs_genl_set_cmd and use the cached value to access ipvs->sync_state. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/net/netfilter/ipv

[PATCH next 60/84] ipvs: Pass ipvs into ip_vs_conn_fill_param_proto

Move the ugly hack net_ipvs(skb_net(skb)) up a layer in the call stack so it is easier to remove. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_conn.c | 10 ++ 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/ne

[PATCH next 49/84] ipvs: Pass ipvs not net into ip_vs_control_net_(init|cleanup)

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 4 ++-- net/netfilter/ipvs/ip_vs_core.c | 6 +++--- net/netfilter/ipvs/ip_vs_ctl.c | 8 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/include/net/ip_vs

[PATCH next 13/15] netfilter: Pass priv instead of nf_hook_ops to netfilter hooks

Only pass the void *priv parameter out of the nf_hook_ops. That is all any of the functions are interested now, and by limiting what is passed it becomes simpler to change implementation details. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/l

[PATCH next 14/15] netfilter: Pass net into nf_xfrm_me_harder

Instead of calling dev_net on a likley looking network device pass state->net into nf_xfrm_me_harder. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/netfilter/nf_nat_core.h | 2 +- net/ipv4/netfilter/nf_nat_l3proto_ipv4.c | 4 ++--

[PATCH next 12/15] ipvs: Read hooknum from state rather than ops->hooknum

This should be more cache efficient as state is more likely to be in core, and the netfilter core will stop passing in ops soon. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_core.c | 16 1 file changed, 8 insertions

[PATCH next 15/15] netfilter: Use nf_ct_net instead of dev_net(out) in nf_nat_masquerade_ipv6

Use nf_ct_net(ct) instead of guessing that the netdevice out can reliably report the network namespace the conntrack operation is happening in. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/ipv6/netfilter/nf_nat_masquerade_ipv6.c | 2 +- 1 file changed, 1

[PATCH next 11/15] nf_conntrack: Add a struct net parameter to l4_pkt_to_tuple

As gre does not have the srckey in the packet gre_pkt_to_tuple needs to perform a lookup in it's per network namespace tables. Pass in the proper network namespace to all pkt_to_tuple implementations to ensure gre (and any similar protocols) can get this right. Signed-off-by: "Eric W. Bied

[PATCH next 0/15] netfilter: Stop guessing net (take 2)

ead is at: git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/net-next.git for-testing Eric Eric W. Biederman (15): ebtables: Simplify the arguments to ebt_do_table inet netfilter: Remove hook from ip6t_do_table, arp_do_table, ipt_do_table inet netfilter: Prefer state->hook

Re: [PATCH next 0/14] netfilter: Stop guessing net

Nicolas Dichtel <nicolas.dich...@6wind.com> writes: > Le 18/09/2015 17:06, Eric W. Biederman a écrit : >> >> This is the next installment of my work to pass struct net through the >> output path so the code does not need to guess how to figure out

Re: [PATCH next 00/84] ipvs: Stop guessing the network namespace

Julian Anastasov writes: > Hello, > > > I reviewed the patchset. Nice work, thanks! Welcome. > Here are some comments: > > 01/84 ipvs: Hoist computation of ipvs earlier in sctp_conn_schedule > > Simon had a fix for this problem, not sure what happened, > may be

Re: [PATCH net 0/2] lwtunnel: make it really work, for IPv4

Thomas Graf <tg...@suug.ch> writes: > On 09/22/15 at 11:39pm, Eric W. Biederman wrote: >> What distinguishes a skb received from a tunnel as opposed to a skb >> received on from a network device is that a skb recevied on a tunnel >> has a socket. >> >&

Re: [PATCH net 0/2] lwtunnel: make it really work, for IPv4

Thomas Graf <tg...@suug.ch> writes: > On 09/23/15 at 04:09pm, Eric W. Biederman wrote: > > [...] > >> *Blink* You were targeting net.git with a feature enhancement >> I will just ignore that. > > The point of this series is to not expose the src and d

Re: [PATCH net 0/2] lwtunnel: make it really work, for IPv4

Jiri Benc <jb...@redhat.com> writes: > On Wed, 23 Sep 2015 07:17:53 -0500, Eric W. Biederman wrote: >> Assuming the transport is UDP then it would be a UDP socket. That >> socket will have all of the information needed to construct the outer >> header as the receive

Re: [PATCH net-next 3/9] net: Remove e_nobufs label from ip_route_input_slow

David Ahern writes: > e_nobufs has 1 user. Move setting err to -ENOBUFS for the 1 user and > use the goto out label instead of e_nobufs. Stepping stone patch; next > one moves rth code into a helper function. Ick you are pessimizing the code. You will almost certainly

Re: [PATCH next 02/84] ipvs: Don't use current in proc_do_defense_mode

Simon Horman <ho...@verge.net.au> writes: > On Mon, Sep 21, 2015 at 01:01:39PM -0500, Eric W. Biederman wrote: >> Instead store ipvs in extra2 so that proc_do_defense_mode can easily >> find the ipvs that it's value is associated with. >> >> Signed-o

Re: [PATCH net 0/2] lwtunnel: make it really work, for IPv4

Jiri Benc writes: > One of the selling points of lwtunnel was the ability to specify the tunnel > destination using routes. However, this doesn't really work currently, as > ARP and ndisc replies are not handled correctly. ARP and ndisc replies won't > have tunnel metadata

[PATCH next 2/5] netfilter: Push struct net down into nf_afinfo.reroute

The network namespace is needed when routing a packet. Stop making nf_afinfo.reroute guess which network namespace is the proper namespace to route the packet in. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/linux/netfilter.h | 2 +- net/ipv4/netf

[PATCH next 3/5] netfilter: ipt_SYNPROXY: Pass snet into synproxy_send_tcp

that is not passed snet already. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/ipv4/netfilter/ipt_SYNPROXY.c | 16 +--- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/net/ipv4/netfilter/ipt_SYNPROXY.c b/net/ipv4/netfilter/ipt_

[PATCH next 1/5] ipv4: Push struct net down into nf_send_reset

This is needed so struct net can be pushed down into ip_route_me_harder. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/netfilter/ipv4/nf_reject.h | 2 +- net/ipv4/netfilter/ipt_REJECT.c| 2 +- net/ipv4/netfilter/nf_reject_ipv4.c| 2 +- ne

[PATCH next 5/5] ipv6: Pass struct net into ip6_route_me_harder

Don't make ip6_route_me_harder guess which network namespace it is routing in, pass the network namespace in. Signed-off-by: Eric W. Biederman <ebied...@xmission.com> --- include/linux/netfilter_ipv6.h| 2 +- net/ipv6/netfilter.c | 5 ++--- net/ipv6/net

[PATCH next 4/5] ipv4: Pass struct net into ip_route_me_harder

Don't make ip_route_me_harder guess which network namespace it is routing in, pass the network namespace in. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/linux/netfilter_ipv4.h| 2 +- net/ipv4/netfilter.c | 5 ++--- ne

<    3   4   5   6   7   8   9   10   11   12   >