[PATCH next 0/5] netfilter: Pass net into ip_route_me_harder

://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/net-next.git master My entire pending set of changes for those who want to look ahead is at: git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/net-next.git for-testing Eric Eric W. Biederman (5): ipv4: Push struct net down

[PATCH nf-next] bridge: Pass net into br_validate_ipv4 and br_validate_ipv6

The network namespace is easiliy available in state->net so use it. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- This patch plus the 5 ip_route_me_harder patches I sent out today are the last of my pure netfilter patches in my queue for pushing do

Re: [GIT-PULL nf-next 00/15] IPVS Updates for v4.4

Simon Horman writes: > Hi Pablo, > > please consider these IPVS Updates for v4.4. Just a quick heads up. In my work to pass struct net down into the netfilter functions so they don't have to guess, I wound up performing some significant surgery on ipvs. In particular so

[PATCH next 03/15] inet netfilter: Prefer state->hook to ops->hooknum

;Eric W. Biederman" <ebied...@xmission.com> --- net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c | 4 ++-- net/ipv4/netfilter/nf_defrag_ipv4.c| 2 +- net/ipv4/netfilter/nf_nat_l3proto_ipv4.c | 14 +++--- net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c |

[PATCH next 01/15] ebtables: Simplify the arguments to ebt_do_table

(the only caller without a nf_hook_state already available). This new nf_hook_state adds no new computations to ebt_broute, but does use a few more bytes of stack. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/linux/netfilter_bridge/ebtables.h | 6 ++

[PATCH next 04/15] nftables: kill nft_pktinfo.ops

ed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/netfilter/nf_tables.h | 9 - include/net/netfilter/nf_tables_ipv4.h| 3 +-- include/net/netfilter/nf_tables_ipv6.h| 3 +-- net/bridge/netfilter/nf_tables_bridge.c | 16 ++

[PATCH next 02/15] inet netfilter: Remove hook from ip6t_do_table, arp_do_table, ipt_do_table

e the number of cachelines the callers touch. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/linux/netfilter_arp/arp_tables.h | 1 - include/linux/netfilter_ipv4/ip_tables.h | 1 - include/linux/netfilter_ipv6/ip6_tables.h | 1 - net/ipv4/netfilter/arp_tables.c

[PATCH next 10/15] act_connmark: Remember the struct net instead of guessing it.

Stop guessing the struct net instead of remember it. Guessing is just silly and will be problematic in the future when I implement routes between network namespaces. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/tc_act/tc_connmark.h | 1 + net/sche

[PATCH next 09/15] net: Pass net to nf_dup_ipv4 and nf_dup_ipv6

This allows them to stop guessing the network namespace with pick_net. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/netfilter/ipv4/nf_dup_ipv4.h | 2 +- include/net/netfilter/ipv6/nf_dup_ipv6.h | 2 +- net/ipv4/netfilter/nf_dup_ipv

[PATCH next 07/15] nftables: Pass struct net in nft_pktinfo

nft_pktinfo is passed on the stack so this does not bloat any in core data structures. By centrally computing this information this makes maintence of the code simpler, and understading of the code easier. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- inclu

[PATCH next 08/15] nftables: Use pkt->net instead of computing net from the passed net_devices

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/bridge/netfilter/nft_reject_bridge.c | 13 ++--- net/ipv6/netfilter/nft_reject_ipv6.c | 6 +++--- net/netfilter/nf_tables_core.c | 6 ++ net/netfilter/nft_log.c | 3 +-

[PATCH next 05/15] x_tables: Pass struct net in xt_action_param

As xt_action_param lives on the stack this does not bloat any persistent data structures. This is a first step in making netfilter code that needs to know which network namespace it is executing in simpler. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include

[PATCH next 06/15] x_tables: Use par->net instead of computing from the passed net devices

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/bridge/netfilter/ebt_log.c | 2 +- net/bridge/netfilter/ebt_nflog.c | 2 +- net/ipv4/netfilter/ipt_SYNPROXY.c | 2 +- net/ipv4/netfilter/ipt_rpfilter.c | 5 ++--- net/ipv6/netfilter/ip6t_REJECT.c |

[PATCH next 14/14] netfilter: Use nf_ct_net instead of dev_net(out) in nf_nat_masquerade_ipv6

Use nf_ct_net(ct) instead of guessing that the netdevice out can reliably report the network namespace the conntrack operation is happening in. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/ipv6/netfilter/nf_nat_masquerade_ipv6.c | 2 +- 1 file changed, 1

[PATCH next 13/14] netfilter: Pass net into nf_xfrm_me_harder

Instead of calling dev_net on a likley looking network device pass state->net into nf_xfrm_me_harder. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/netfilter/nf_nat_core.h | 2 +- net/ipv4/netfilter/nf_nat_l3proto_ipv4.c | 4 ++--

Re: [PATCH next 0/14] netfilter: Stop guessing net

Nicolas Dichtel <nicolas.dich...@6wind.com> writes: > Le 18/09/2015 17:06, Eric W. Biederman a écrit : >> >> This is the next installment of my work to pass struct net through the >> output path so the code does not need to guess how to figure out

[PATCH next 0/14] netfilter: Stop guessing net

git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/net-next.git master My entire pending set of changes for those who want to look ahead is at: git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/net-next.git for-testing Eric Eric W. Biederman (14): ebtables: Simplify the argume

[PATCH next 82/84] ipvs: Remove skb_net

This hack has no more users so remove it. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 31 --- 1 file changed, 31 deletions(-) diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index 00318d63a565..d62

[PATCH next 21/84] ipvs: Pass ipvs not net to ip_vs_service_net_cleanup

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 2 +- net/netfilter/ipvs/ip_vs_core.c | 6 -- net/netfilter/ipvs/ip_vs_ctl.c | 3 +-- 3 files changed, 6 insertions(+), 5 deletions(-) diff --git a/include/net/ip_vs.h b/inc

[PATCH next 39/84] ipvs: Pass ipvs not net to ip_vs_sync_conn_v0

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_sync.c | 7 +++ 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_sync.c b/net/netfilter/ipvs/ip_vs_sync.c index 280e1c03e598..58ec7850ab06 100644 ---

[PATCH next 32/84] ipvs: Pass ipvs not net to ip_vs_genl_del_daemon

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 7 +++ 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index 847ea2fd44db..08d772c289d7 100644 --- a/ne

[PATCH next 51/84] ipvs: Pass ipvs not net to ip_vs_estimator_net_init and ip_vs_estimator_cleanup

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 4 ++-- net/netfilter/ipvs/ip_vs_core.c | 6 +++--- net/netfilter/ipvs/ip_vs_est.c | 8 +++- 3 files changed, 8 insertions(+), 10 deletions(-) diff --git a/include/net/ip_vs

[PATCH next 84/84] ipvs: Pass ipvs into ip_vs_gather_frags

This will be needed later when the network namespace guessing is removed from ip_defrag. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_core.c | 9 + 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/net/netfilter/ipv

[PATCH next 42/84] ipvs: Pass ipvs not net to ip_vs_proc_sync_conn

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_sync.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_sync.c b/net/netfilter/ipvs/ip_vs_sync.c index 98180904ccd2..e3f72cbc1204 100644 ---

[PATCH next 00/84] ipvs: Stop guessing the network namespace (take 2)

ter My entire pending set of changes for those who want to look ahead is at: git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/net-next.git for-testing Eric Eric W. Biederman (84): ipvs: Hoist computation of ipvs earlier in sctp_conn_schedule ipvs: Don't use curr

[PATCH next 03/84] ipvs: Use state->net in the ipvs forward functions

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_core.c | 8 ++-- 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/ipvs/ip_vs_core.c index 1fa12edccbcc..3f33a076aaec 100644 ---

[PATCH next 10/84] ipvs: Pass ipvs not net to ip_vs_svc_hashkey

Use the address of ipvs not the address of net when computing the hash value. This removes an unncessary dependency on struct net. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 8 1 file changed, 4 insertions(+), 4 de

[PATCH next 07/84] ipvs: Store ipvs not net in struct ip_vs_service

ng by net filter by ipvs instead. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 2 +- net/netfilter/ipvs/ip_vs_core.c | 10 +++ net/netfilter/ipvs/ip_vs_ctl.c | 64 ++-- net/netfilter/ipvs/i

[PATCH next 08/84] ipvs: Pass ipvs not net to ip_vs_svc_fwm_hashkey

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index 7132e83617b6..5e5f40f85a31 100644 ---

[PATCH next 04/84] ipvs: Store ipvs not net in struct ip_vs_conn

In practice struct netns_ipvs is as meaningful as struct net and more useful as it holds the ipvs specific data. So store a pointer to struct netns_ipvs. Update the accesses of conn->net to access conn->ipvs->net instead. Signed-off-by: "Eric W. Biederman" <ebied...@xmis

[PATCH next 06/84] ipvs: Pass ipvs not net to ip_vs_fill_conn

ipvs is what is actually desired so change the parameter and the modify the callers to pass struct netns_ipvs. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 4 ++-- net/netfilter/ipvs/ip_vs_conn.c | 8 ---

[PATCH next 05/84] ipvs: Store ipvs not net in struct ip_vs_conn_param

mparisons of cp->net with comparisons of cp->ipvs which is possible now that ipvs is present in ip_vs_conn_param. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 4 ++-- net/netfilter/ipvs/ip_vs_conn.c | 14 +++--- 2 fi

[PATCH next 09/84] ipvs: Pass ipvs not net to __ip_vs_svc_fwm_find

ipvs is what the code actually wants to use. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 15 --- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/i

[PATCH next 01/84] ipvs: Hoist computation of ipvs earlier in sctp_conn_schedule

The addition of sysctl_sloppy_sctp in sctp_conn_schedule resulted in a use of ipvs before it was computed. Hoist the computation of ipvs earlier to avoid this problem. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_proto_sctp.c | 5 +++--

[PATCH next 02/84] ipvs: Don't use current in proc_do_defense_mode

Instead store ipvs in extra2 so that proc_do_defense_mode can easily find the ipvs that it's value is associated with. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-)

[PATCH next 19/84] ipvs: Pass ipvs not net to ip_vs_add_service

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 9 - 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index 7aae2dc0f766..ff7f9d19f2c3 100644 ---

[PATCH next 18/84] ipvs: Cache ipvs in ip_vs_genl_set_cmd

Compute ipvs early in ip_vs_genl_set_cmd and use the cached value to access ipvs->sync_state. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/net/netfilter/ipv

[PATCH next 72/84] ipvs: Wrap sysctl_cache_bypass and remove ifdefs in ip_vs_leave

With sysctl_cache_bypass now a compile time constant the compiler can figue out that it can elimiate all of the code that depends on sysctl_cache_bypass being true. Also remove the duplicate computation of net previously necessitated by #ifdef CONFIG_SYSCTL Signed-off-by: "Eric W. Bied

[PATCH next 70/84] ipvs: Pass ipvs into ensure_mtu_is adequate

This allows two different ways for computing/guessing net to be removed from ensure_mtu_is_adequate. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_xmit.c | 11 +-- 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/ne

[PATCH next 30/84] ipvs: Pass ipvs not net to ip_vs_genl_find_service

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index ea650ed62a50..01c3a1a75d16 100644 ---

[PATCH next 45/84] ipvs: Pass ipvs not net to ip_vs_genl_set_config

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index dba75ec2ed53..4042a6f449cb 100644 --- a/ne

[PATCH next 53/84] ipvs: Pass ipvs not net into ip_vs_app_inc_new

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_app.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_app.c b/net/netfilter/ipvs/ip_vs_app.c index f20f72c4ac80..951516b7783b 100644 --- a/ne

[PATCH next 15/84] ipvs: Pass ipvs not net to ip_vs_trash_cleanup

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index 24dceaccb0a1..b66ab765f36d 100644 --- a/ne

[PATCH next 12/84] ipvs: Pass ipvs not net to ip_vs_service_find

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 2 +- net/netfilter/ipvs/ip_vs_ctl.c| 5 ++--- net/netfilter/ipvs/ip_vs_proto_sctp.c | 4 ++-- net/netfilter/ipvs/ip_vs_proto_tcp.c | 4 ++-- net/netfilter/ipvs/ip_vs_

[PATCH next 60/84] ipvs: Pass ipvs into ip_vs_conn_fill_param_proto

Move the ugly hack net_ipvs(skb_net(skb)) up a layer in the call stack so it is easier to remove. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_conn.c | 10 ++ 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/ne

[PATCH next 23/84] ipvs: Cache ipvs in ip_vs_in_icmp and ip_vs_in_icmp_v6

Storte the value of net_ipvs in a variable named ipvs so that when there are more users struct netns_ipvs in ip_vs_in_cmp and ip_vs_in_icmp_v6 they won't need to compute the value again. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/

[PATCH next 35/84] ipvs: Pass ipvs not net to make_send_sock

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_sync.c | 7 +++ 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_sync.c b/net/netfilter/ipvs/ip_vs_sync.c index 0b2e01aa764a..dc987762ca2c 100644 ---

[PATCH next 55/84] ipvs: Pass ipvs not net to register_ip_vs_app and unregister_ip_vs_app

Also move the tests for net_ipvs being NULL into __ip_vs_ftp_init and __ip_vs_ftp_exit. The only places where they possibly make sense. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h| 4 ++-- net/netfilter/ipvs/

[PATCH next 68/84] ipvs: Pass ipvs into __ip_vs_get_out_rt

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_xmit.c | 15 --- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_xmit.c b/net/netfilter/ipvs/ip_vs_xmit.c index ec10ebf246fd..5cfd914d9a39

[PATCH next 64/84] ipvs: Pass ipvs not net into ip_vs_conn_net_flush

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_conn.c | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_conn.c b/net/netfilter/ipvs/ip_vs_conn.c index a99bbf6c8202..4bb1b7d1286d 100644 ---

[PATCH next 67/84] ipvs: Better derivation of ipvs in ip_vs_tunnel_xmit

Don't use "net_ipvs(skb_net(skb))" as skb_net is a bad hack. Instead use cp->ipvs and ipvs->net for the net. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_xmit.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)

[PATCH next 66/84] ipvs: Pass ipvs into .conn_schedule and ip_vs_try_to_schedule

This moves the hack "net_ipvs(skb_net(skb))" up one level where it will be easier to remove. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 3 ++- net/netfilter/ipvs/ip_vs_core.c | 11 +

[PATCH next 69/84] ipvs: Pass ipvs into __ip_vs_get_out_rt_v6

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_xmit.c | 21 + 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_xmit.c b/net/netfilter/ipvs/ip_vs_xmit.c index 5cfd914d9a39..13a

[PATCH next 25/84] ipvs: Pass ipvs not net to ip_vs_set_timeout

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index eb3911c69037..7aba55c875cb 100644 ---

[PATCH next 24/84] ipvs: Pass ipvs not net to ip_vs_proto_data_get

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 2 +- net/netfilter/ipvs/ip_vs_conn.c | 4 ++-- net/netfilter/ipvs/ip_vs_core.c | 8 net/netfilter/ipvs/ip_vs_ctl.c| 12 +++- ne

[PATCH next 33/84] ipvs: Pass ipvs not net to start_sync_thread

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 2 +- net/netfilter/ipvs/ip_vs_ctl.c | 4 ++-- net/netfilter/ipvs/ip_vs_sync.c | 11 +-- 3 files changed, 8 insertions(+), 9 deletions(-) diff --git a/include/net/ip_vs

[PATCH next 36/84] ipvs: Pass ipvs not net to make_receive_sock

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_sync.c | 7 +++ 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_sync.c b/net/netfilter/ipvs/ip_vs_sync.c index dc987762ca2c..304eade977d2 100644 ---

[PATCH next 78/84] ipvs: Pass ipvs into ip_vs_out_icmp and ip_vs_out_icmp_v6

This removes the need to compute ipvs with the hack "net_ipvs(skb_net(skb))" Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_core.c | 15 +++ 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/net/netfilt

[PATCH next 48/84] ipvs: Pass ipvs not net to ip_vs_control_net_(init|cleanup)_sysctl

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 16 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index 93b7bd39bcb9..f0d72d6375e7

[PATCH next 20/84] ipvs: Pass ipvs not net to ip_vs_flush

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 10 +- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index ff7f9d19f2c3..d9ff59a4bc6e 100644 ---

[PATCH next 77/84] ipvs: Pass ipvs into ip_vs_in_icmp and ip_vs_in_icmp_v6

With ipvs passed into ip_vs_in_icmp and ip_vs_in_icmp_v6 they no longer need to call the hack that is skb_net. Additionally ipvs_in_icmp no longer needs to call dev_net(skb->dev) and can use the ipvs->net instead. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> -

[PATCH next 76/84] ipvs: Pass ipvs into ip_vs_in

Derive ipvs from state->net in the callers of ip_vs_in and pass it into ip_vs_out. Removing the need to use the hack skb_net. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_core.c | 14 +- 1 file changed, 5 insertions(+), 9

[PATCH next 79/84] ipvs: Pass ipvs through ip_vs_route_me_harder into sysctl_snat_reroute

This removes the need to use the hack skb_net. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_core.c | 15 +++ 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/i

[PATCH next 73/84] ipvs: Simplify ipvs and net access in ip_vs_leave

Stop using the hack skb_net(skb) to compute the network namespace. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_core.c | 8 ++-- 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_core.c b/ne

[PATCH next 65/84] ipvs: Pass ipvs not net into ip_vs_conn_net_init and ip_vs_conn_net_cleanup

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 4 ++-- net/netfilter/ipvs/ip_vs_conn.c | 8 net/netfilter/ipvs/ip_vs_core.c | 6 +++--- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/include/net/ip_vs

[PATCH next 22/84] ipvs: Pass ipvs not net to ip_vs_zero_all

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 7 +++ 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index a281961a1840..0b7749ae1e8d 100644 --- a/ne

[PATCH next 37/84] ipvs: Store ipvs not net in struct ip_vs_sync_thread_data

In practice struct netns_ipvs is as meaningful as struct net and more useful as it holds the ipvs specific data. So store a pointer to struct netns_ipvs. Update the accesses of tinfo->net to access tinfo->ipvs->net instead. Signed-off-by: "Eric W. Biederman" <ebied...@

[PATCH next 58/84] ipvs: Pass ipvs not net into [un]register_ip_vs_proto_netns

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_proto.c | 15 +++ 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_proto.c b/net/netfilter/ipvs/ip_vs_proto.c index 82ccfd2f235c..fb581babe5e2

[PATCH next 34/84] ipvs: Pass ipvs not net to stop_sync_thread

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 2 +- net/netfilter/ipvs/ip_vs_ctl.c | 4 ++-- net/netfilter/ipvs/ip_vs_sync.c | 7 +++ 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/include/net/ip_vs.h b/inc

[PATCH next 50/84] ipvs: Pass ipvs not net to estimation_timer

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_est.c | 6 ++ 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_est.c b/net/netfilter/ipvs/ip_vs_est.c index 638a301f7ee4..c86dc456c8f4 100644 --- a/ne

[PATCH next 56/84] ipvs: Pass ipvs not net into ip_vs_app_inc_release

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_app.c | 6 ++ 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_app.c b/net/netfilter/ipvs/ip_vs_app.c index a0cc08337a2c..42220a0efda2 100644 --- a/ne

[PATCH next 38/84] ipvs: Pass ipvs not net to ip_vs_process_message

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_sync.c | 7 +++ 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_sync.c b/net/netfilter/ipvs/ip_vs_sync.c index cd32e3ab0c4d..280e1c03e598 100644 ---

[PATCH next 11/84] ipvs: Pass ipvs not net to __ip_vs_service_find

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 17 - 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index dcb3c10a4ef2..fd8de5ceffca

[PATCH next 16/84] ipvs: Pass ipvs not net to __ip_vs_del_dest

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 10 -- 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index b66ab765f36d..b295e2bb706f 100644 ---

[PATCH next 81/84] ipvs: Pass ipvs not net to ip_vs_protocol_net_(init|cleanup)

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 4 ++-- net/netfilter/ipvs/ip_vs_core.c | 6 +++--- net/netfilter/ipvs/ip_vs_proto.c | 8 +++- 3 files changed, 8 insertions(+), 10 deletions(-) diff --git a/include/net/ip_vs

[PATCH next 31/84] ipvs: Pass ipvs not net to ip_vs_genl_new_daemon

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 7 +++ 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index 01c3a1a75d16..847ea2fd44db 100644 --- a/ne

[PATCH next 83/84] ipvs: Remove skb_sknet

This function adds no real value and it obscures what the code is doing. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h| 22 -- net/netfilter/ipvs/ip_vs_ctl.c | 25 ++--- 2 files changed, 10 i

[PATCH next 54/84] ipvs: Pass ipvs not net to register_ip_vs_app_inc

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h| 2 +- net/netfilter/ipvs/ip_vs_app.c | 3 +-- net/netfilter/ipvs/ip_vs_ftp.c | 2 +- 3 files changed, 3 insertions(+), 4 deletions(-) diff --git a/include/net/ip_vs.h b/include/n

[PATCH next 63/84] ipvs: Pass ipvs not net to ip_vs_conn_hashkey

Use the address of struct netns_ipvs in the hash not the address of struct net. Both addresses are equally valid candidates and by using the address of struct netns_ipvs there becomes no need deal with struct net in this part of the code. Signed-off-by: "Eric W. Biederman" <ebied...

[PATCH next 74/84] ipvs: Pass ipvs not net into sysctl_nat_icmp_send

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_core.c | 7 +++ 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/ipvs/ip_vs_core.c index 15661691bf7d..b25fb3309472 100644 ---

[PATCH next 80/84] ipvs: Remove net argument from ip_vs_tcp_conn_listen

The argument is unnecessary and in practice confusing, and has caused the callers to do all manner of silly things. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 2 +- net/netfilter/ipvs/ip_vs_ftp.c | 8 ++-- ne

[PATCH next 28/84] ipvs: Pass ipvs not net to __ip_vs_get_timeouts

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 11 ++- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index 6c06e9a8414d..e509c27f7292 100644 ---

[PATCH next 43/84] ipvs: Pass ipvs not net to ip_vs_sync_net_init

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 2 +- net/netfilter/ipvs/ip_vs_core.c | 2 +- net/netfilter/ipvs/ip_vs_sync.c | 4 +--- 3 files changed, 3 insertions(+), 5 deletions(-) diff --git a/include/net/ip_vs.h b/include/n

[PATCH next 29/84] ipvs: Pass ipvs not net to ip_vs_genl_parse_service

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index e509c27f7292..ea650ed62a50 100644 ---

[PATCH next 26/84] ipvs: Pass ipvs not net to __ip_vs_get_service_entries

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index 7aba55c875cb..05f7e1d14738 100644 --- a/ne

[PATCH next 57/84] ipvs: Pass ipvs not net into ip_vs_app_net_init and ip_vs_app_net_cleanup

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 4 ++-- net/netfilter/ipvs/ip_vs_app.c | 8 net/netfilter/ipvs/ip_vs_core.c | 6 +++--- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/include/net/ip_vs

[PATCH next 75/84] ipvs: Pass ipvs into ip_vs_out

Derive ipvs from state->net in the callers of ip_vs_out and pass it into ip_vs_out. Removing the need to use the hack skb_net. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_core.c | 15 ++- 1 file changed, 6 inserti

[PATCH next 41/84] ipvs: Pass ipvs not net to ip_vs_proc_conn

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_sync.c | 12 ++-- 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_sync.c b/net/netfilter/ipvs/ip_vs_sync.c index a0808f230cd6..98180904ccd2

[PATCH next 27/84] ipvs: Pass ipvs not net to __ip_vs_get_dest_entries

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index 05f7e1d14738..6c06e9a8414d 100644 --- a/ne

[PATCH next 44/84] ipvs: Pass ipvs not net to ip_vs_sync_net_cleanup

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 2 +- net/netfilter/ipvs/ip_vs_core.c | 5 +++-- net/netfilter/ipvs/ip_vs_sync.c | 3 +-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/include/net/ip_vs.h b/include/n

[PATCH next 52/84] ipvs: Pass ipvs not net into register_app and unregister_app

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 4 ++-- net/netfilter/ipvs/ip_vs_app.c| 6 -- net/netfilter/ipvs/ip_vs_proto_sctp.c | 7 +++ net/netfilter/ipvs/ip_vs_proto_tcp.c | 7 +++ ne

[PATCH next 40/84] ipvs: Pass ipvs not net to ip_vs_sync_conn

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 2 +- net/netfilter/ipvs/ip_vs_conn.c | 3 +-- net/netfilter/ipvs/ip_vs_core.c | 2 +- net/netfilter/ipvs/ip_vs_sync.c | 5 ++--- 4 files changed, 5 insertions(+), 7 deletions(-) diff

[PATCH next 61/84] ipvs: Pass ipvs into .conn_in_get and ip_vs_conn_in_get_proto

Stop relying on "net_ipvs(skb_net(skb))" to derive the ipvs as skb_net is a hack. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 6 -- net/netfilter/ipvs/ip_vs_conn.c | 4 ++-- net/netfilter/ipv

[PATCH next 13/84] ipvs: Pass ipvs not net to ip_vs_has_real_service

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 2 +- net/netfilter/ipvs/ip_vs_core.c | 6 -- net/netfilter/ipvs/ip_vs_ctl.c | 3 +-- 3 files changed, 6 insertions(+), 5 deletions(-) diff --git a/include/net/ip_vs.h b/inc

[PATCH next 46/84] ipvs: Pass ipvs not net to ip_vs_start_estimator aned ip_vs_stop_estimator

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h| 4 ++-- net/netfilter/ipvs/ip_vs_ctl.c | 12 ++-- net/netfilter/ipvs/ip_vs_est.c | 6 ++ 3 files changed, 10 insertions(+), 12 deletions(-) diff --git a/include/net/ip_vs

[PATCH next 17/84] ipvs: Pass ipvs not net to ip_vs_dest_trash_expire

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index b295e2bb706f..20aeb993618f 100644 --- a/ne

[PATCH next 14/84] ipvs: Pass ipvs not net to ip_vs_find_dest

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 2 +- net/netfilter/ipvs/ip_vs_conn.c | 2 +- net/netfilter/ipvs/ip_vs_ctl.c | 4 ++-- net/netfilter/ipvs/ip_vs_sync.c | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff

[PATCH next 62/84] ipvs: Pass ipvs into conn_out_get

Move the hack of relying on "net_ipvs(skb_net(skb))" to derive the ipvs up a layer. Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 6 -- net/netfilter/ipvs/ip_vs_conn.c | 4 ++-- net/netfilter/ipv

[PATCH next 59/84] ipvs: Pass ipvs not net into init_netns and exit_netns

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- include/net/ip_vs.h | 4 ++-- net/netfilter/ipvs/ip_vs_proto.c | 4 ++-- net/netfilter/ipvs/ip_vs_proto_sctp.c | 6 ++ net/netfilter/ipvs/ip_vs_proto_tcp.c | 6 ++ net/netfilter/ipvs/i

[PATCH next 71/84] ipvs: Better derivation of ipvs in ip_vs_in_stats and ip_vs_out_stats

Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com> --- net/netfilter/ipvs/ip_vs_core.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/ipvs/ip_vs_core.c index 514596b7a324..1c9c52349b7c 100644 --- a/ne

<    4   5   6   7   8   9   10   11   12   >