git://ftp.safe.ca / safe / jmp / linux-2.6 / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge branch 'master' of /home/davem/src/GIT/linux-2.6/
[safe/jmp/linux-2.6] / net / ipv4 / route.c
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index 65b3a8b..b2ba558 100644 (file)
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -287,12 +287,12 @@ static struct rtable *rt_cache_get_first(struct seq_file *seq)
                if (!rt_hash_table[st->bucket].chain)
                        continue;
                rcu_read_lock_bh();
-               r = rcu_dereference(rt_hash_table[st->bucket].chain);
+               r = rcu_dereference_bh(rt_hash_table[st->bucket].chain);
                while (r) {
                        if (dev_net(r->u.dst.dev) == seq_file_net(seq) &&
                            r->rt_genid == st->genid)
                                return r;
-                       r = rcu_dereference(r->u.dst.rt_next);
+                       r = rcu_dereference_bh(r->u.dst.rt_next);
                }
                rcu_read_unlock_bh();
        }
@@ -314,7 +314,7 @@ static struct rtable *__rt_cache_get_next(struct seq_file *seq,
                rcu_read_lock_bh();
                r = rt_hash_table[st->bucket].chain;
        }
-       return rcu_dereference(r);
+       return rcu_dereference_bh(r);
 }
 
 static struct rtable *rt_cache_get_next(struct seq_file *seq,
@@ -513,43 +513,42 @@ static const struct file_operations rt_cpu_seq_fops = {
 };
 
 #ifdef CONFIG_NET_CLS_ROUTE
-static int ip_rt_acct_read(char *buffer, char **start, off_t offset,
-                          int length, int *eof, void *data)
-{
-       unsigned int i;
-
-       if ((offset & 3) || (length & 3))
-               return -EIO;
-
-       if (offset >= sizeof(struct ip_rt_acct) * 256) {
-               *eof = 1;
-               return 0;
-       }
-
-       if (offset + length >= sizeof(struct ip_rt_acct) * 256) {
-               length = sizeof(struct ip_rt_acct) * 256 - offset;
-               *eof = 1;
+static int rt_acct_proc_show(struct seq_file *m, void *v)
+{
+       struct ip_rt_acct *dst, *src;
+       unsigned int i, j;
+
+       dst = kcalloc(256, sizeof(struct ip_rt_acct), GFP_KERNEL);
+       if (!dst)
+               return -ENOMEM;
+
+       for_each_possible_cpu(i) {
+               src = (struct ip_rt_acct *)per_cpu_ptr(ip_rt_acct, i);
+               for (j = 0; j < 256; j++) {
+                       dst[j].o_bytes   += src[j].o_bytes;
+                       dst[j].o_packets += src[j].o_packets;
+                       dst[j].i_bytes   += src[j].i_bytes;
+                       dst[j].i_packets += src[j].i_packets;
+               }
        }
 
-       offset /= sizeof(u32);
-
-       if (length > 0) {
-               u32 *dst = (u32 *) buffer;
-
-               *start = buffer;
-               memset(dst, 0, length);
-
-               for_each_possible_cpu(i) {
-                       unsigned int j;
-                       u32 *src;
+       seq_write(m, dst, 256 * sizeof(struct ip_rt_acct));
+       kfree(dst);
+       return 0;
+}
 
-                       src = ((u32 *) per_cpu_ptr(ip_rt_acct, i)) + offset;
-                       for (j = 0; j < length/4; j++)
-                               dst[j] += src[j];
-               }
-       }
-       return length;
+static int rt_acct_proc_open(struct inode *inode, struct file *file)
+{
+       return single_open(file, rt_acct_proc_show, NULL);
 }
+
+static const struct file_operations rt_acct_proc_fops = {
+       .owner          = THIS_MODULE,
+       .open           = rt_acct_proc_open,
+       .read           = seq_read,
+       .llseek         = seq_lseek,
+       .release        = single_release,
+};
 #endif
 
 static int __net_init ip_rt_do_proc_init(struct net *net)
@@ -567,8 +566,7 @@ static int __net_init ip_rt_do_proc_init(struct net *net)
                goto err2;
 
 #ifdef CONFIG_NET_CLS_ROUTE
-       pde = create_proc_read_entry("rt_acct", 0, net->proc_net,
-                       ip_rt_acct_read, NULL);
+       pde = proc_create("rt_acct", 0, net->proc_net, &rt_acct_proc_fops);
        if (!pde)
                goto err3;
 #endif
@@ -588,7 +586,9 @@ static void __net_exit ip_rt_do_proc_exit(struct net *net)
 {
        remove_proc_entry("rt_cache", net->proc_net_stat);
        remove_proc_entry("rt_cache", net->proc_net);
+#ifdef CONFIG_NET_CLS_ROUTE
        remove_proc_entry("rt_acct", net->proc_net);
+#endif
 }
 
 static struct pernet_operations ip_rt_proc_ops __net_initdata =  {
@@ -703,7 +703,7 @@ static inline int compare_keys(struct flowi *fl1, struct flowi *fl2)
 
 static inline int compare_netns(struct rtable *rt1, struct rtable *rt2)
 {
-       return dev_net(rt1->u.dst.dev) == dev_net(rt2->u.dst.dev);
+       return net_eq(dev_net(rt1->u.dst.dev), dev_net(rt2->u.dst.dev));
 }
 
 static inline int rt_is_expired(struct rtable *rth)
@@ -902,6 +902,12 @@ void rt_cache_flush(struct net *net, int delay)
                rt_do_flush(!in_softirq());
 }
 
+/* Flush previous cache invalidated entries from the cache */
+void rt_cache_flush_batch(void)
+{
+       rt_do_flush(!in_softirq());
+}
+
 /*
  * We change rt_genid and let gc do the cleanup
  */
@@ -1093,8 +1099,27 @@ restart:
                 * If we drop it here, the callers have no way to resolve routes
                 * when we're not caching.  Instead, just point *rp at rt, so
                 * the caller gets a single use out of the route
+                * Note that we do rt_free on this new route entry, so that
+                * once its refcount hits zero, we are still able to reap it
+                * (Thanks Alexey)
+                * Note also the rt_free uses call_rcu.  We don't actually
+                * need rcu protection here, this is just our path to get
+                * on the route gc list.
                 */
-               goto report_and_exit;
+
+               if (rt->rt_type == RTN_UNICAST || rt->fl.iif == 0) {
+                       int err = arp_bind_neighbour(&rt->u.dst);
+                       if (err) {
+                               if (net_ratelimit())
+                                       printk(KERN_WARNING
+                                           "Neighbour table failure & not caching routes.\n");
+                               rt_drop(rt);
+                               return err;
+                       }
+               }
+
+               rt_free(rt);
+               goto skip_hashing;
        }
 
        rthp = &rt_hash_table[hash].chain;
@@ -1211,7 +1236,8 @@ restart:
 #if RT_CACHE_DEBUG >= 2
        if (rt->u.dst.rt_next) {
                struct rtable *trt;
-               printk(KERN_DEBUG "rt_cache @%02x: %pI4", hash, &rt->rt_dst);
+               printk(KERN_DEBUG "rt_cache @%02x: %pI4",
+                      hash, &rt->rt_dst);
                for (trt = rt->u.dst.rt_next; trt; trt = trt->u.dst.rt_next)
                        printk(" . %pI4", &trt->rt_dst);
                printk("\n");
@@ -1226,7 +1252,7 @@ restart:
 
        spin_unlock_bh(rt_hash_lock_addr(hash));
 
-report_and_exit:
+skip_hashing:
        if (rp)
                *rp = rt;
        else
@@ -1326,9 +1352,9 @@ void ip_rt_redirect(__be32 old_gw, __be32 daddr, __be32 new_gw,
                return;
 
        net = dev_net(dev);
-       if (new_gw == old_gw || !IN_DEV_RX_REDIRECTS(in_dev)
-           || ipv4_is_multicast(new_gw) || ipv4_is_lbcast(new_gw)
-           || ipv4_is_zeronet(new_gw))
+       if (new_gw == old_gw || !IN_DEV_RX_REDIRECTS(in_dev) ||
+           ipv4_is_multicast(new_gw) || ipv4_is_lbcast(new_gw) ||
+           ipv4_is_zeronet(new_gw))
                goto reject_redirect;
 
        if (!rt_caching(net))
@@ -1494,13 +1520,17 @@ static struct dst_entry *ipv4_negative_advice(struct dst_entry *dst)
 void ip_rt_send_redirect(struct sk_buff *skb)
 {
        struct rtable *rt = skb_rtable(skb);
-       struct in_device *in_dev = in_dev_get(rt->u.dst.dev);
+       struct in_device *in_dev;
+       int log_martians;
 
-       if (!in_dev)
+       rcu_read_lock();
+       in_dev = __in_dev_get_rcu(rt->u.dst.dev);
+       if (!in_dev || !IN_DEV_TX_REDIRECTS(in_dev)) {
+               rcu_read_unlock();
                return;
-
-       if (!IN_DEV_TX_REDIRECTS(in_dev))
-               goto out;
+       }
+       log_martians = IN_DEV_LOG_MARTIANS(in_dev);
+       rcu_read_unlock();
 
        /* No redirected packets during ip_rt_redirect_silence;
         * reset the algorithm.
@@ -1513,7 +1543,7 @@ void ip_rt_send_redirect(struct sk_buff *skb)
         */
        if (rt->u.dst.rate_tokens >= ip_rt_redirect_number) {
                rt->u.dst.rate_last = jiffies;
-               goto out;
+               return;
        }
 
        /* Check for load limit; set rate_last to the latest sent
@@ -1527,7 +1557,7 @@ void ip_rt_send_redirect(struct sk_buff *skb)
                rt->u.dst.rate_last = jiffies;
                ++rt->u.dst.rate_tokens;
 #ifdef CONFIG_IP_ROUTE_VERBOSE
-               if (IN_DEV_LOG_MARTIANS(in_dev) &&
+               if (log_martians &&
                    rt->u.dst.rate_tokens == ip_rt_redirect_number &&
                    net_ratelimit())
                        printk(KERN_WARNING "host %pI4/if%d ignores redirects for %pI4 to %pI4.\n",
@@ -1535,8 +1565,6 @@ void ip_rt_send_redirect(struct sk_buff *skb)
                                &rt->rt_dst, &rt->rt_gateway);
 #endif
        }
-out:
-       in_dev_put(in_dev);
 }
 
 static int ip_error(struct sk_buff *skb)
@@ -1606,9 +1634,6 @@ unsigned short ip_rt_frag_needed(struct net *net, struct iphdr *iph,
        __be32  daddr = iph->daddr;
        unsigned short est_mtu = 0;
 
-       if (ipv4_config.no_pmtu_disc)
-               return 0;
-
        for (k = 0; k < 2; k++) {
                for (i = 0; i < 2; i++) {
                        unsigned hash = rt_hash(daddr, skeys[i], ikeys[k],
@@ -1832,7 +1857,7 @@ static int ip_route_input_mc(struct sk_buff *skb, __be32 daddr, __be32 saddr,
                        goto e_inval;
                spec_dst = inet_select_addr(dev, 0, RT_SCOPE_LINK);
        } else if (fib_validate_source(saddr, 0, tos, 0,
-                                       dev, &spec_dst, &itag) < 0)
+                                       dev, &spec_dst, &itag, 0) < 0)
                goto e_inval;
 
        rth = dst_alloc(&ipv4_dst_ops);
@@ -1945,7 +1970,7 @@ static int __mkroute_input(struct sk_buff *skb,
 
 
        err = fib_validate_source(saddr, daddr, tos, FIB_RES_OIF(*res),
-                                 in_dev->dev, &spec_dst, &itag);
+                                 in_dev->dev, &spec_dst, &itag, skb->mark);
        if (err < 0) {
                ip_handle_martian_source(in_dev->dev, in_dev, skb, daddr,
                                         saddr);
@@ -1965,8 +1990,13 @@ static int __mkroute_input(struct sk_buff *skb,
        if (skb->protocol != htons(ETH_P_IP)) {
                /* Not IP (i.e. ARP). Do not create route, if it is
                 * invalid for proxy arp. DNAT routes are always valid.
+                *
+                * Proxy arp feature have been extended to allow, ARP
+                * replies back to the same interface, to support
+                * Private VLAN switch technologies. See arp.c.
                 */
-               if (out_dev == in_dev) {
+               if (out_dev == in_dev &&
+                   IN_DEV_PROXY_ARP_PVLAN(in_dev) == 0) {
                        err = -EINVAL;
                        goto cleanup;
                }
@@ -2119,7 +2149,7 @@ static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr,
                int result;
                result = fib_validate_source(saddr, daddr, tos,
                                             net->loopback_dev->ifindex,
-                                            dev, &spec_dst, &itag);
+                                            dev, &spec_dst, &itag, skb->mark);
                if (result < 0)
                        goto martian_source;
                if (result)
@@ -2148,7 +2178,7 @@ brd_input:
                spec_dst = inet_select_addr(dev, 0, RT_SCOPE_LINK);
        else {
                err = fib_validate_source(saddr, 0, tos, 0, dev, &spec_dst,
-                                         &itag);
+                                         &itag, skb->mark);
                if (err < 0)
                        goto martian_source;
                if (err)
@@ -2292,10 +2322,11 @@ skip_cache:
                                ip_hdr(skb)->protocol);
                        if (our
 #ifdef CONFIG_IP_MROUTE
-                           || (!ipv4_is_local_multicast(daddr) &&
-                               IN_DEV_MFORWARD(in_dev))
+                               ||
+                           (!ipv4_is_local_multicast(daddr) &&
+                            IN_DEV_MFORWARD(in_dev))
 #endif
-                           ) {
+                          ) {
                                rcu_read_unlock();
                                return ip_route_input_mc(skb, daddr, saddr,
                                                         tos, dev, our);
@@ -2492,9 +2523,9 @@ static int ip_route_output_slow(struct net *net, struct rtable **rp,
                      of another iface. --ANK
                 */
 
-               if (oldflp->oif == 0
-                   && (ipv4_is_multicast(oldflp->fl4_dst) ||
-                       oldflp->fl4_dst == htonl(0xFFFFFFFF))) {
+               if (oldflp->oif == 0 &&
+                   (ipv4_is_multicast(oldflp->fl4_dst) ||
+                    oldflp->fl4_dst == htonl(0xFFFFFFFF))) {
                        /* It is equivalent to inet_addr_type(saddr) == RTN_LOCAL */
                        dev_out = ip_dev_find(net, oldflp->fl4_src);
                        if (dev_out == NULL)
@@ -2663,8 +2694,8 @@ int __ip_route_output_key(struct net *net, struct rtable **rp,
        hash = rt_hash(flp->fl4_dst, flp->fl4_src, flp->oif, rt_genid(net));
 
        rcu_read_lock_bh();
-       for (rth = rcu_dereference(rt_hash_table[hash].chain); rth;
-               rth = rcu_dereference(rth->u.dst.rt_next)) {
+       for (rth = rcu_dereference_bh(rt_hash_table[hash].chain); rth;
+               rth = rcu_dereference_bh(rth->u.dst.rt_next)) {
                if (rth->fl.fl4_dst == flp->fl4_dst &&
                    rth->fl.fl4_src == flp->fl4_src &&
                    rth->fl.iif == 0 &&
@@ -2833,7 +2864,7 @@ static int rt_fill_info(struct net *net,
        error = rt->u.dst.error;
        expires = rt->u.dst.expires ? rt->u.dst.expires - jiffies : 0;
        if (rt->peer) {
-               id = rt->peer->ip_id_count;
+               id = atomic_read(&rt->peer->ip_id_count) & 0xffff;
                if (rt->peer->tcp_ts_stamp) {
                        ts = rt->peer->tcp_ts;
                        tsage = get_seconds() - rt->peer->tcp_ts_stamp;
@@ -2982,8 +3013,8 @@ int ip_rt_dump(struct sk_buff *skb,  struct netlink_callback *cb)
                if (!rt_hash_table[h].chain)
                        continue;
                rcu_read_lock_bh();
-               for (rt = rcu_dereference(rt_hash_table[h].chain), idx = 0; rt;
-                    rt = rcu_dereference(rt->u.dst.rt_next), idx++) {
+               for (rt = rcu_dereference_bh(rt_hash_table[h].chain), idx = 0; rt;
+                    rt = rcu_dereference_bh(rt->u.dst.rt_next), idx++) {
                        if (!net_eq(dev_net(rt->u.dst.dev), net) || idx < s_idx)
                                continue;
                        if (rt_is_expired(rt))
@@ -3014,7 +3045,7 @@ void ip_rt_multicast_event(struct in_device *in_dev)
 
 #ifdef CONFIG_SYSCTL
 static int ipv4_sysctl_rtcache_flush(ctl_table *__ctl, int write,
-                                       struct file *filp, void __user *buffer,
+                                       void __user *buffer,
                                        size_t *lenp, loff_t *ppos)
 {
        if (write) {
@@ -3024,7 +3055,7 @@ static int ipv4_sysctl_rtcache_flush(ctl_table *__ctl, int write,
 
                memcpy(&ctl, __ctl, sizeof(ctl));
                ctl.data = &flush_delay;
-               proc_dointvec(&ctl, write, filp, buffer, lenp, ppos);
+               proc_dointvec(&ctl, write, buffer, lenp, ppos);
 
                net = (struct net *)__ctl->extra1;
                rt_cache_flush(net, flush_delay);
@@ -3034,23 +3065,6 @@ static int ipv4_sysctl_rtcache_flush(ctl_table *__ctl, int write,
        return -EINVAL;
 }
 
-static int ipv4_sysctl_rtcache_flush_strategy(ctl_table *table,
-                                               void __user *oldval,
-                                               size_t __user *oldlenp,
-                                               void __user *newval,
-                                               size_t newlen)
-{
-       int delay;
-       struct net *net;
-       if (newlen != sizeof(int))
-               return -EINVAL;
-       if (get_user(delay, (int __user *)newval))
-               return -EFAULT;
-       net = (struct net *)table->extra1;
-       rt_cache_flush(net, delay);
-       return 0;
-}
-
 static void rt_secret_reschedule(int old)
 {
        struct net *net;
@@ -3084,26 +3098,11 @@ static void rt_secret_reschedule(int old)
 }
 
 static int ipv4_sysctl_rt_secret_interval(ctl_table *ctl, int write,
-                                         struct file *filp,
                                          void __user *buffer, size_t *lenp,
                                          loff_t *ppos)
 {
        int old = ip_rt_secret_interval;
-       int ret = proc_dointvec_jiffies(ctl, write, filp, buffer, lenp, ppos);
-
-       rt_secret_reschedule(old);
-
-       return ret;
-}
-
-static int ipv4_sysctl_rt_secret_interval_strategy(ctl_table *table,
-                                                  void __user *oldval,
-                                                  size_t __user *oldlenp,
-                                                  void __user *newval,
-                                                  size_t newlen)
-{
-       int old = ip_rt_secret_interval;
-       int ret = sysctl_jiffies(table, oldval, oldlenp, newval, newlen);
+       int ret = proc_dointvec_jiffies(ctl, write, buffer, lenp, ppos);
 
        rt_secret_reschedule(old);
 
@@ -3112,7 +3111,6 @@ static int ipv4_sysctl_rt_secret_interval_strategy(ctl_table *table,
 
 static ctl_table ipv4_route_table[] = {
        {
-               .ctl_name       = NET_IPV4_ROUTE_GC_THRESH,
                .procname       = "gc_thresh",
                .data           = &ipv4_dst_ops.gc_thresh,
                .maxlen         = sizeof(int),
@@ -3120,7 +3118,6 @@ static ctl_table ipv4_route_table[] = {
                .proc_handler   = proc_dointvec,
        },
        {
-               .ctl_name       = NET_IPV4_ROUTE_MAX_SIZE,
                .procname       = "max_size",
                .data           = &ip_rt_max_size,
                .maxlen         = sizeof(int),
@@ -3130,43 +3127,34 @@ static ctl_table ipv4_route_table[] = {
        {
                /*  Deprecated. Use gc_min_interval_ms */
 
-               .ctl_name       = NET_IPV4_ROUTE_GC_MIN_INTERVAL,
                .procname       = "gc_min_interval",
                .data           = &ip_rt_gc_min_interval,
                .maxlen         = sizeof(int),
                .mode           = 0644,
                .proc_handler   = proc_dointvec_jiffies,
-               .strategy       = sysctl_jiffies,
        },
        {
-               .ctl_name       = NET_IPV4_ROUTE_GC_MIN_INTERVAL_MS,
                .procname       = "gc_min_interval_ms",
                .data           = &ip_rt_gc_min_interval,
                .maxlen         = sizeof(int),
                .mode           = 0644,
                .proc_handler   = proc_dointvec_ms_jiffies,
-               .strategy       = sysctl_ms_jiffies,
        },
        {
-               .ctl_name       = NET_IPV4_ROUTE_GC_TIMEOUT,
                .procname       = "gc_timeout",
                .data           = &ip_rt_gc_timeout,
                .maxlen         = sizeof(int),
                .mode           = 0644,
                .proc_handler   = proc_dointvec_jiffies,
-               .strategy       = sysctl_jiffies,
        },
        {
-               .ctl_name       = NET_IPV4_ROUTE_GC_INTERVAL,
                .procname       = "gc_interval",
                .data           = &ip_rt_gc_interval,
                .maxlen         = sizeof(int),
                .mode           = 0644,
                .proc_handler   = proc_dointvec_jiffies,
-               .strategy       = sysctl_jiffies,
        },
        {
-               .ctl_name       = NET_IPV4_ROUTE_REDIRECT_LOAD,
                .procname       = "redirect_load",
                .data           = &ip_rt_redirect_load,
                .maxlen         = sizeof(int),
@@ -3174,7 +3162,6 @@ static ctl_table ipv4_route_table[] = {
                .proc_handler   = proc_dointvec,
        },
        {
-               .ctl_name       = NET_IPV4_ROUTE_REDIRECT_NUMBER,
                .procname       = "redirect_number",
                .data           = &ip_rt_redirect_number,
                .maxlen         = sizeof(int),
@@ -3182,7 +3169,6 @@ static ctl_table ipv4_route_table[] = {
                .proc_handler   = proc_dointvec,
        },
        {
-               .ctl_name       = NET_IPV4_ROUTE_REDIRECT_SILENCE,
                .procname       = "redirect_silence",
                .data           = &ip_rt_redirect_silence,
                .maxlen         = sizeof(int),
@@ -3190,7 +3176,6 @@ static ctl_table ipv4_route_table[] = {
                .proc_handler   = proc_dointvec,
        },
        {
-               .ctl_name       = NET_IPV4_ROUTE_ERROR_COST,
                .procname       = "error_cost",
                .data           = &ip_rt_error_cost,
                .maxlen         = sizeof(int),
@@ -3198,7 +3183,6 @@ static ctl_table ipv4_route_table[] = {
                .proc_handler   = proc_dointvec,
        },
        {
-               .ctl_name       = NET_IPV4_ROUTE_ERROR_BURST,
                .procname       = "error_burst",
                .data           = &ip_rt_error_burst,
                .maxlen         = sizeof(int),
@@ -3206,7 +3190,6 @@ static ctl_table ipv4_route_table[] = {
                .proc_handler   = proc_dointvec,
        },
        {
-               .ctl_name       = NET_IPV4_ROUTE_GC_ELASTICITY,
                .procname       = "gc_elasticity",
                .data           = &ip_rt_gc_elasticity,
                .maxlen         = sizeof(int),
@@ -3214,16 +3197,13 @@ static ctl_table ipv4_route_table[] = {
                .proc_handler   = proc_dointvec,
        },
        {
-               .ctl_name       = NET_IPV4_ROUTE_MTU_EXPIRES,
                .procname       = "mtu_expires",
                .data           = &ip_rt_mtu_expires,
                .maxlen         = sizeof(int),
                .mode           = 0644,
                .proc_handler   = proc_dointvec_jiffies,
-               .strategy       = sysctl_jiffies,
        },
        {
-               .ctl_name       = NET_IPV4_ROUTE_MIN_PMTU,
                .procname       = "min_pmtu",
                .data           = &ip_rt_min_pmtu,
                .maxlen         = sizeof(int),
@@ -3231,7 +3211,6 @@ static ctl_table ipv4_route_table[] = {
                .proc_handler   = proc_dointvec,
        },
        {
-               .ctl_name       = NET_IPV4_ROUTE_MIN_ADVMSS,
                .procname       = "min_adv_mss",
                .data           = &ip_rt_min_advmss,
                .maxlen         = sizeof(int),
@@ -3239,50 +3218,46 @@ static ctl_table ipv4_route_table[] = {
                .proc_handler   = proc_dointvec,
        },
        {
-               .ctl_name       = NET_IPV4_ROUTE_SECRET_INTERVAL,
                .procname       = "secret_interval",
                .data           = &ip_rt_secret_interval,
                .maxlen         = sizeof(int),
                .mode           = 0644,
                .proc_handler   = ipv4_sysctl_rt_secret_interval,
-               .strategy       = ipv4_sysctl_rt_secret_interval_strategy,
        },
-       { .ctl_name = 0 }
+       { }
 };
 
 static struct ctl_table empty[1];
 
 static struct ctl_table ipv4_skeleton[] =
 {
-       { .procname = "route", .ctl_name = NET_IPV4_ROUTE,
+       { .procname = "route", 
          .mode = 0555, .child = ipv4_route_table},
-       { .procname = "neigh", .ctl_name = NET_IPV4_NEIGH,
+       { .procname = "neigh", 
          .mode = 0555, .child = empty},
        { }
 };
 
 static __net_initdata struct ctl_path ipv4_path[] = {
-       { .procname = "net", .ctl_name = CTL_NET, },
-       { .procname = "ipv4", .ctl_name = NET_IPV4, },
+       { .procname = "net", },
+       { .procname = "ipv4", },
        { },
 };
 
 static struct ctl_table ipv4_route_flush_table[] = {
        {
-               .ctl_name       = NET_IPV4_ROUTE_FLUSH,
                .procname       = "flush",
                .maxlen         = sizeof(int),
                .mode           = 0200,
                .proc_handler   = ipv4_sysctl_rtcache_flush,
-               .strategy       = ipv4_sysctl_rtcache_flush_strategy,
        },
-       { .ctl_name = 0 },
+       { },
 };
 
 static __net_initdata struct ctl_path ipv4_route_path[] = {
-       { .procname = "net", .ctl_name = CTL_NET, },
-       { .procname = "ipv4", .ctl_name = NET_IPV4, },
-       { .procname = "route", .ctl_name = NET_IPV4_ROUTE, },
+       { .procname = "net", },
+       { .procname = "ipv4", },
+       { .procname = "route", },
        { },
 };
 
@@ -3291,7 +3266,7 @@ static __net_init int sysctl_route_net_init(struct net *net)
        struct ctl_table *tbl;
 
        tbl = ipv4_route_flush_table;
-       if (net != &init_net) {
+       if (!net_eq(net, &init_net)) {
                tbl = kmemdup(tbl, sizeof(ipv4_route_flush_table), GFP_KERNEL);
                if (tbl == NULL)
                        goto err_dup;
@@ -3359,7 +3334,7 @@ static __net_initdata struct pernet_operations rt_secret_timer_ops = {
 
 
 #ifdef CONFIG_NET_CLS_ROUTE
-struct ip_rt_acct *ip_rt_acct __read_mostly;
+struct ip_rt_acct __percpu *ip_rt_acct __read_mostly;
 #endif /* CONFIG_NET_CLS_ROUTE */
 
 static __initdata unsigned long rhash_entries;
@@ -3392,7 +3367,7 @@ int __init ip_rt_init(void)
                alloc_large_system_hash("IP route cache",
                                        sizeof(struct rt_hash_bucket),
                                        rhash_entries,
-                                       (num_physpages >= 128 * 1024) ?
+                                       (totalram_pages >= 128 * 1024) ?
                                        15 : 17,
                                        0,
                                        &rt_hash_log,
@@ -3422,7 +3397,7 @@ int __init ip_rt_init(void)
                printk(KERN_ERR "Unable to create route proc files\n");
 #ifdef CONFIG_XFRM
        xfrm_init();
-       xfrm4_init();
+       xfrm4_init(ip_rt_max_size);
 #endif
        rtnl_register(PF_INET, RTM_GETROUTE, inet_rtm_getroute, NULL);
 
Full containers within linux kernel