kernel-fxtec-pro1x/include/net
Pablo Neira Ayuso 3d058d7bc2 netfilter: rework user-space expectation helper support
This partially reworks bc01befdcf
which added userspace expectation support.

This patch removes the nf_ct_userspace_expect_list since now we
force to use the new iptables CT target feature to add the helper
extension for conntracks that have attached expectations from
userspace.

A new version of the proof-of-concept code to implement userspace
helpers from userspace is available at:

http://people.netfilter.org/pablo/userspace-conntrack-helpers/nf-ftp-helper-POC.tar.bz2

This patch also modifies the CT target to allow to set the
conntrack's userspace helper status flags. This flag is used
to tell the conntrack system to explicitly allocate the helper
extension.

This helper extension is useful to link the userspace expectations
with the master conntrack that is being tracked from one userspace
helper.

This feature fixes a problem in the current approach of the
userspace helper support. Basically, if the master conntrack that
has got a userspace expectation vanishes, the expectations point to
one invalid memory address. Thus, triggering an oops in the
expectation deletion event path.

I decided not to add a new revision of the CT target because
I only needed to add a new flag for it. I'll document in this
issue in the iptables manpage. I have also changed the return
value from EINVAL to EOPNOTSUPP if one flag not supported is
specified. Thus, in the future adding new features that only
require a new flag can be added without a new revision.

There is no official code using this in userspace (apart from
the proof-of-concept) that uses this infrastructure but there
will be some by beginning 2012.

Reported-by: Sam Roberts <vieuxtech@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2011-12-23 14:36:39 +01:00
..
9p net/9p: Convert net/9p protocol dumps to tracepoints 2011-10-24 11:13:12 -05:00
bluetooth Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux 2011-11-22 14:05:46 -05:00
caif caif: Remove unused attributes from struct cflayer 2011-11-30 23:30:48 -05:00
irda Fix common misspellings 2011-03-31 11:26:23 -03:00
iucv af_iucv: add HiperSockets transport 2011-08-13 01:10:16 -07:00
netfilter netfilter: rework user-space expectation helper support 2011-12-23 14:36:39 +01:00
netns Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2011-12-02 13:49:21 -05:00
nfc NFC: Fix indentation in nci.h file 2011-11-17 15:43:55 -05:00
phonet net: dont hold rtnl mutex during netlink dump callbacks 2011-05-02 15:26:28 -07:00
sctp sctp: fasthandoff with ASCONF at mobile-node 2011-11-08 15:11:29 -05:00
tc_act net/sched: add ACT_CSUM action to update packets checksums 2010-08-20 01:42:59 -07:00
act_api.h net: sched: constify tcf_proto and tc_action 2011-07-06 02:52:16 -07:00
addrconf.h ipv6: updates to privacy addresses per RFC 4941. 2011-08-01 18:05:00 -07:00
af_ieee802154.h
af_rxrpc.h net: Remove __KERNEL__ cpp checks from include/net 2011-04-24 10:54:56 -07:00
af_unix.h net: Remove __KERNEL__ cpp checks from include/net 2011-04-24 10:54:56 -07:00
ah.h ipsec: update MAX_AH_AUTH_LEN to support sha512 2011-01-13 21:48:25 -08:00
arp.h net: Add ->neigh_lookup() operation to dst_ops 2011-07-18 00:40:17 -07:00
atmclip.h atm: clip: Use device neigh support on top of "arp_tbl". 2011-11-30 18:51:03 -05:00
ax25.h atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
ax88796.h
cfg80211-wext.h cfg80211: remove unused wext handler exports 2011-08-08 14:26:29 -04:00
cfg80211.h wireless: Support ht-capabilities over-rides. 2011-11-21 16:22:06 -05:00
checksum.h
cipso_ipv4.h doc: Update the email address for Paul Moore in various source files 2011-08-01 17:58:33 -07:00
cls_cgroup.h Merge commit 'v2.6.36-rc7' into core/rcu 2010-10-07 09:43:45 +02:00
compat.h net: Add sendmmsg socket system call 2011-05-05 11:10:14 -07:00
datalink.h
dcbevent.h dcb: Add stub routines for !CONFIG_DCB 2011-10-06 15:49:51 -04:00
dcbnl.h dcb: add DCBX mode to event notifier attributes 2011-10-06 15:49:51 -04:00
dn.h decnet: Convert to use flowidn where applicable. 2011-03-12 15:08:55 -08:00
dn_dev.h decnet: RCU conversion and get rid of dev_base_lock 2010-11-08 13:50:08 -08:00
dn_fib.h decnet: Convert to use flowidn where applicable. 2011-03-12 15:08:55 -08:00
dn_neigh.h
dn_nsp.h net: use __packed annotation 2010-06-03 03:21:52 -07:00
dn_route.h decnet: Convert to use flowidn where applicable. 2011-03-12 15:08:55 -08:00
dsa.h dsa: Include linux/if_ether.h to fix build error 2011-12-01 11:41:06 -05:00
dsfield.h
dst.h net: Move mtu handling down to the protocol depended handlers 2011-11-26 14:29:51 -05:00
dst_ops.h net: Rename the dst_opt default_mtu method to mtu 2011-11-26 14:29:50 -05:00
esp.h
ethoc.h
fib_rules.h fib_rules: __rcu annotates ctarget 2010-10-27 11:37:32 -07:00
flow.h ipv4: use a 64bit load/store in output path 2011-12-01 13:28:54 -05:00
flow_keys.h flow_dissector: use a 64bit load/store 2011-11-29 13:17:03 -05:00
garp.h garp: remove last synchronize_rcu() call 2011-05-12 17:46:56 -04:00
gen_stats.h Fix common misspellings 2011-03-31 11:26:23 -03:00
genetlink.h genetlink: Add genl_notify() 2011-12-03 09:35:05 -08:00
gre.h PPTP: PPP over IPv4 (Point-to-Point Tunneling Protocol) 2010-08-21 23:05:39 -07:00
icmp.h ipv4: reduce percpu needs for icmpmsg mibs 2011-11-09 16:04:20 -05:00
ieee80211_radiotap.h wireless: move ieee80211chan2mhz macro 2011-11-11 12:32:50 -05:00
ieee802154.h 6LoWPAN: add fragmentation support 2011-11-14 00:19:42 -05:00
ieee802154_netdev.h
if_inet6.h ipv6: updates to privacy addresses per RFC 4941. 2011-08-01 18:05:00 -07:00
inet6_connection_sock.h inet: Pass flowi to ->queue_xmit(). 2011-05-08 15:28:28 -07:00
inet6_hashtables.h
inet_common.h inet, inet6: make tcp_sendmsg() and tcp_sendpage() through inet_sendmsg() and inet_sendpage() 2010-07-12 20:21:46 -07:00
inet_connection_sock.h net: rename sk_clone to sk_clone_lock 2011-11-08 17:07:07 -05:00
inet_ecn.h inet: add rfc 3168 extract in front of INET_ECN_encapsulate() 2011-10-22 01:25:23 -04:00
inet_frag.h fragment: add fast path for in-order fragments 2010-06-30 13:44:29 -07:00
inet_hashtables.h atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
inet_sock.h ipv4: Save nexthop address of LSRR/SSRR option to IPCB. 2011-11-23 19:19:32 -05:00
inet_timewait_sock.h Merge branch 'modsplit-Oct31_2011' of git://git.kernel.org/pub/scm/linux/kernel/git/paulg/linux 2011-11-06 19:44:47 -08:00
inetpeer.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2011-12-02 13:49:21 -05:00
ip.h ipv4: PKTINFO doesnt need dst reference 2011-11-09 16:36:27 -05:00
ip6_checksum.h
ip6_fib.h ipv6: Get rid of rt6i_nexthop macro. 2011-07-17 23:11:35 -07:00
ip6_route.h ipv6: add ip6_route_lookup 2011-12-04 22:44:07 +01:00
ip6_tunnel.h tunnels: add _rcu annotations 2010-10-25 13:09:45 -07:00
ip_fib.h ipv4: Call fib_select_default() only when actually necessary. 2011-04-14 15:05:22 -07:00
ip_vs.h net: remove ipv6_addr_copy() 2011-11-22 16:43:32 -05:00
ipcomp.h percpu: add __percpu sparse annotations to net 2010-02-16 23:05:38 -08:00
ipconfig.h
ipip.h tunnels: add __rcu annotations 2010-10-27 11:37:32 -07:00
ipv6.h ipv6: Add fragment reporting to ipv6_skip_exthdr(). 2011-12-03 09:35:10 -08:00
ipx.h net: Remove __KERNEL__ cpp checks from include/net 2011-04-24 10:54:56 -07:00
iw_handler.h Fix common misspellings 2011-03-31 11:26:23 -03:00
lapb.h wan: make LAPB callbacks const 2011-09-16 19:20:20 -04:00
lib80211.h include: replace linux/module.h with "struct module" wherever possible 2011-10-31 19:32:32 -04:00
llc.h atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
llc_c_ac.h
llc_c_ev.h
llc_c_st.h
llc_conn.h
llc_if.h
llc_pdu.h bonding,llc: Fix structure sizeof incompatibility for some PDUs 2011-05-13 15:13:24 -04:00
llc_s_ac.h
llc_s_ev.h
llc_s_st.h
llc_sap.h
mac80211.h mac80211: transmit fragment list to drivers 2011-11-21 16:20:43 -05:00
mip6.h net: use __packed annotation 2010-06-03 03:21:52 -07:00
mld.h ipv6 mcast: Introduce include/net/mld.h for MLD definitions. 2010-04-23 13:35:55 +09:00
ndisc.h ipv6: Kill ndisc_get_neigh() inline helper. 2011-12-03 18:29:30 -05:00
neighbour.h neigh: Get rid of neigh_table->kmem_cachep 2011-11-30 18:46:43 -05:00
net_namespace.h atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
net_ratelimit.h net: Kill ratelimit.h dependency in linux/net.h 2011-05-27 13:41:33 -04:00
netdma.h
netevent.h net: Remove __KERNEL__ cpp checks from include/net 2011-04-24 10:54:56 -07:00
netlabel.h doc: Update the email address for Paul Moore in various source files 2011-08-01 17:58:33 -07:00
netlink.h netlink: clarify attribute length check documentation 2011-11-04 17:48:23 -04:00
netprio_cgroup.h netprio_cgroup: Fix build break 2011-11-23 15:52:58 -05:00
netrom.h include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
nexthop.h
nl802154.h
p8022.h
ping.h net: ping: fix build failure 2011-05-17 14:16:58 -04:00
pkt_cls.h net: Fix range checks in tcf_valid_offset(). 2010-12-21 12:43:16 -08:00
pkt_sched.h net: sched: constify tcf_proto and tc_action 2011-07-06 02:52:16 -07:00
protocol.h net: introduce and use netdev_features_t for device features sets 2011-11-16 17:43:10 -05:00
psnap.h
raw.h include/net/raw.h: Convert raw_seq_private macro to inline 2010-09-08 13:42:22 -07:00
rawv6.h net: Remove __KERNEL__ cpp checks from include/net 2011-04-24 10:54:56 -07:00
red.h sch_red: fix red_calc_qavg_from_idle_time 2011-11-30 23:27:22 -05:00
regulatory.h cfg80211: pass DFS region to drivers through reg_notifier() 2011-11-21 16:20:41 -05:00
request_sock.h tcp: Change possible SYN flooding messages 2011-09-15 14:49:43 -04:00
rose.h rose: Add length checks to CALL_REQUEST parsing 2011-03-27 17:59:04 -07:00
route.h route: struct rtable can be const in rt_is_input_route and rt_is_output_route 2011-11-26 14:29:51 -05:00
rtnetlink.h rtnetlink: Compute and store minimum ifinfo dump size 2011-06-09 20:38:07 -07:00
sch_generic.h net: sch_generic remove redundant use of <linux/module.h> 2011-10-31 19:32:25 -04:00
scm.h af_unix: dont send SCM_CREDENTIALS by default 2011-09-28 13:29:50 -04:00
secure_seq.h tcp: add const qualifiers where possible 2011-10-21 05:22:42 -04:00
slhc_vj.h
snmp.h ipv6: reduce percpu needs for icmpv6msg mibs 2011-11-14 00:12:26 -05:00
sock.h net: add network priority cgroup infrastructure (v4) 2011-11-22 15:22:23 -05:00
stp.h
tcp.h tcp: do not scale TSO segment size with reordering degree 2011-11-29 00:29:41 -05:00
tcp_states.h
timewait_sock.h timewait_sock: Create and use getpeer op. 2010-12-01 18:09:13 -08:00
transp_v6.h net: relax PKTINFO non local ipv6 udp xmit check 2011-08-30 17:39:01 -04:00
udp.h net: introduce and use netdev_features_t for device features sets 2011-11-16 17:43:10 -05:00
udplite.h udplite: fast-path computation of checksum coverage 2011-10-17 19:07:30 -04:00
wext.h
wimax.h net: wimax: Remove of unused 'rfkill_input' pointer 2011-06-24 17:50:44 -07:00
wpan-phy.h Fix common misspellings 2011-03-31 11:26:23 -03:00
x25.h X25 remove bkl in subscription ioctls 2010-11-28 11:12:20 -08:00
x25device.h X25: Add if_x25.h and x25 to device identifiers 2010-04-22 16:12:36 -07:00
xfrm.h net: remove ipv6_addr_copy() 2011-11-22 16:43:32 -05:00