mm: bdi: export bdi_writeout_inc()

[safe/jmp/linux-2.6] / net / xfrm / xfrm_output.c

diff --git a/net/xfrm/xfrm_output.c b/net/xfrm/xfrm_output.c
index bcb3701..09cd9c0 100644 (file)
--- a/net/xfrm/xfrm_output.c
+++ b/net/xfrm/xfrm_output.c
@@ -18,6 +18,8 @@
 #include <net/dst.h>
 #include <net/xfrm.h>
 
+static int xfrm_output2(struct sk_buff *skb);
+
 static int xfrm_state_check_space(struct xfrm_state *x, struct sk_buff *skb)
 {
        struct dst_entry *dst = skb->dst;
@@ -31,40 +33,43 @@ static int xfrm_state_check_space(struct xfrm_state *x, struct sk_buff *skb)
        return 0;
 }
 
-static int xfrm_state_check(struct xfrm_state *x, struct sk_buff *skb)
-{
-       int err = xfrm_state_check_expire(x);
-       if (err < 0)
-               goto err;
-       err = xfrm_state_check_space(x, skb);
-err:
-       return err;
-}
-
-static int xfrm_output_one(struct sk_buff *skb)
+static int xfrm_output_one(struct sk_buff *skb, int err)
 {
        struct dst_entry *dst = skb->dst;
        struct xfrm_state *x = dst->xfrm;
-       int err;
 
-       if (skb->ip_summed == CHECKSUM_PARTIAL) {
-               err = skb_checksum_help(skb);
-               if (err)
-                       goto error_nolock;
-       }
+       if (err <= 0)
+               goto resume;
 
        do {
+               err = xfrm_state_check_space(x, skb);
+               if (err) {
+                       XFRM_INC_STATS(LINUX_MIB_XFRMOUTERROR);
+                       goto error_nolock;
+               }
+
                err = x->outer_mode->output(x, skb);
-               if (err)
-                       goto error;
+               if (err) {
+                       XFRM_INC_STATS(LINUX_MIB_XFRMOUTSTATEMODEERROR);
+                       goto error_nolock;
+               }
 
                spin_lock_bh(&x->lock);
-               err = xfrm_state_check(x, skb);
-               if (err)
+               err = xfrm_state_check_expire(x);
+               if (err) {
+                       XFRM_INC_STATS(LINUX_MIB_XFRMOUTSTATEEXPIRED);
                        goto error;
+               }
 
                if (x->type->flags & XFRM_TYPE_REPLAY_PROT) {
-                       XFRM_SKB_CB(skb)->seq = ++x->replay.oseq;
+                       XFRM_SKB_CB(skb)->seq.output = ++x->replay.oseq;
+                       if (unlikely(x->replay.oseq == 0)) {
+                               XFRM_INC_STATS(LINUX_MIB_XFRMOUTSTATESEQERROR);
+                               x->replay.oseq--;
+                               xfrm_audit_state_replay_overflow(x, skb);
+                               err = -EOVERFLOW;
+                               goto error;
+                       }
                        if (xfrm_aevent_is_on())
                                xfrm_replay_notify(x, XFRM_REPLAY_UPDATE);
                }
@@ -75,10 +80,17 @@ static int xfrm_output_one(struct sk_buff *skb)
                spin_unlock_bh(&x->lock);
 
                err = x->type->output(x, skb);
-               if (err)
+               if (err == -EINPROGRESS)
+                       goto out_exit;
+
+resume:
+               if (err) {
+                       XFRM_INC_STATS(LINUX_MIB_XFRMOUTSTATEPROTOERROR);
                        goto error_nolock;
+               }
 
                if (!(skb->dst = dst_pop(dst))) {
+                       XFRM_INC_STATS(LINUX_MIB_XFRMOUTERROR);
                        err = -EHOSTUNREACH;
                        goto error_nolock;
                }
@@ -97,43 +109,48 @@ error_nolock:
        goto out_exit;
 }
 
-static int xfrm_output2(struct sk_buff *skb)
+int xfrm_output_resume(struct sk_buff *skb, int err)
 {
-       int err;
-
-       while (likely((err = xfrm_output_one(skb)) == 0)) {
+       while (likely((err = xfrm_output_one(skb, err)) == 0)) {
                struct xfrm_state *x;
 
                nf_reset(skb);
 
                err = skb->dst->ops->local_out(skb);
                if (unlikely(err != 1))
-                       break;
+                       goto out;
 
                x = skb->dst->xfrm;
                if (!x)
                        return dst_output(skb);
 
-               err = nf_hook(x->inner_mode->afinfo->family,
-                             x->inner_mode->afinfo->nf_post_routing, skb,
+               err = nf_hook(skb->dst->ops->family,
+                             NF_INET_POST_ROUTING, skb,
                              NULL, skb->dst->dev, xfrm_output2);
                if (unlikely(err != 1))
-                       break;
+                       goto out;
        }
 
+       if (err == -EINPROGRESS)
+               err = 0;
+
+out:
        return err;
 }
+EXPORT_SYMBOL_GPL(xfrm_output_resume);
 
-int xfrm_output(struct sk_buff *skb)
+static int xfrm_output2(struct sk_buff *skb)
 {
-       struct sk_buff *segs;
+       return xfrm_output_resume(skb, 1);
+}
 
-       if (!skb_is_gso(skb))
-               return xfrm_output2(skb);
+static int xfrm_output_gso(struct sk_buff *skb)
+{
+       struct sk_buff *segs;
 
        segs = skb_gso_segment(skb, 0);
        kfree_skb(skb);
-       if (unlikely(IS_ERR(segs)))
+       if (IS_ERR(segs))
                return PTR_ERR(segs);
 
        do {
@@ -157,4 +174,39 @@ int xfrm_output(struct sk_buff *skb)
 
        return 0;
 }
+
+int xfrm_output(struct sk_buff *skb)
+{
+       int err;
+
+       if (skb_is_gso(skb))
+               return xfrm_output_gso(skb);
+
+       if (skb->ip_summed == CHECKSUM_PARTIAL) {
+               err = skb_checksum_help(skb);
+               if (err) {
+                       XFRM_INC_STATS(LINUX_MIB_XFRMOUTERROR);
+                       kfree_skb(skb);
+                       return err;
+               }
+       }
+
+       return xfrm_output2(skb);
+}
+
+int xfrm_inner_extract_output(struct xfrm_state *x, struct sk_buff *skb)
+{
+       struct xfrm_mode *inner_mode;
+       if (x->sel.family == AF_UNSPEC)
+               inner_mode = xfrm_ip2inner_mode(x,
+                               xfrm_af2proto(skb->dst->ops->family));
+       else
+               inner_mode = x->inner_mode;
+
+       if (inner_mode == NULL)
+               return -EAFNOSUPPORT;
+       return inner_mode->afinfo->extract_output(x, skb);
+}
+
 EXPORT_SYMBOL_GPL(xfrm_output);
+EXPORT_SYMBOL_GPL(xfrm_inner_extract_output);