[NETNS]: Add namespace parameter to ip_route_output_key.
[linux-2.6.git] / net / ipv4 / ip_output.c
index c934f53..1725e06 100644 (file)
@@ -22,7 +22,7 @@
  *     Fixes:
  *             Alan Cox        :       Missing nonblock feature in ip_build_xmit.
  *             Mike Kilburn    :       htons() missing in ip_build_xmit.
- *             Bradford Johnson:       Fix faulty handling of some frames when 
+ *             Bradford Johnson:       Fix faulty handling of some frames when
  *                                     no route is found.
  *             Alexander Demenshin:    Missing sk/skb free in ip_queue_xmit
  *                                     (in case if packet not accepted by
@@ -33,9 +33,9 @@
  *                                     some redundant tests.
  *     Vitaly E. Lavrov        :       Transparent proxy revived after year coma.
  *             Andi Kleen      :       Replace ip_reply with ip_send_reply.
- *             Andi Kleen      :       Split fast and slow ip_build_xmit path 
- *                                     for decreased register pressure on x86 
- *                                     and more readibility. 
+ *             Andi Kleen      :       Split fast and slow ip_build_xmit path
+ *                                     for decreased register pressure on x86
+ *                                     and more readibility.
  *             Marc Boucher    :       When call_out_firewall returns FW_QUEUE,
  *                                     silently drop skb instead of failing with -EPERM.
  *             Detlev Wengorz  :       Copy protocol for fragments.
 #include <linux/module.h>
 #include <linux/types.h>
 #include <linux/kernel.h>
-#include <linux/sched.h>
 #include <linux/mm.h>
 #include <linux/string.h>
 #include <linux/errno.h>
-#include <linux/config.h>
+#include <linux/highmem.h>
 
 #include <linux/socket.h>
 #include <linux/sockios.h>
 #include <net/ip.h>
 #include <net/protocol.h>
 #include <net/route.h>
-#include <net/tcp.h>
-#include <net/udp.h>
+#include <net/xfrm.h>
 #include <linux/skbuff.h>
 #include <net/sock.h>
 #include <net/arp.h>
 #include <net/icmp.h>
-#include <net/raw.h>
 #include <net/checksum.h>
 #include <net/inetpeer.h>
-#include <net/checksum.h>
 #include <linux/igmp.h>
 #include <linux/netfilter_ipv4.h>
 #include <linux/netfilter_bridge.h>
 #include <linux/mroute.h>
 #include <linux/netlink.h>
+#include <linux/tcp.h>
 
-/*
- *      Shall we try to damage output packets if routing dev changes?
- */
-
-int sysctl_ip_dynaddr;
-int sysctl_ip_default_ttl = IPDEFTTL;
+int sysctl_ip_default_ttl __read_mostly = IPDEFTTL;
 
 /* Generate a checksum for an outgoing IP datagram. */
 __inline__ void ip_send_check(struct iphdr *iph)
@@ -99,11 +91,33 @@ __inline__ void ip_send_check(struct iphdr *iph)
        iph->check = ip_fast_csum((unsigned char *)iph, iph->ihl);
 }
 
+int __ip_local_out(struct sk_buff *skb)
+{
+       struct iphdr *iph = ip_hdr(skb);
+
+       iph->tot_len = htons(skb->len);
+       ip_send_check(iph);
+       return nf_hook(PF_INET, NF_INET_LOCAL_OUT, skb, NULL, skb->dst->dev,
+                      dst_output);
+}
+
+int ip_local_out(struct sk_buff *skb)
+{
+       int err;
+
+       err = __ip_local_out(skb);
+       if (likely(err == 1))
+               err = dst_output(skb);
+
+       return err;
+}
+EXPORT_SYMBOL_GPL(ip_local_out);
+
 /* dev_loopback_xmit for use with netfilter. */
 static int ip_dev_loopback_xmit(struct sk_buff *newskb)
 {
-       newskb->mac.raw = newskb->data;
-       __skb_pull(newskb, newskb->nh.raw - newskb->data);
+       skb_reset_mac_header(newskb);
+       __skb_pull(newskb, skb_network_offset(newskb));
        newskb->pkt_type = PACKET_LOOPBACK;
        newskb->ip_summed = CHECKSUM_UNNECESSARY;
        BUG_TRAP(newskb->dst);
@@ -120,23 +134,21 @@ static inline int ip_select_ttl(struct inet_sock *inet, struct dst_entry *dst)
        return ttl;
 }
 
-/* 
+/*
  *             Add an ip header to a skbuff and send it out.
  *
  */
 int ip_build_and_send_pkt(struct sk_buff *skb, struct sock *sk,
-                         u32 saddr, u32 daddr, struct ip_options *opt)
+                         __be32 saddr, __be32 daddr, struct ip_options *opt)
 {
        struct inet_sock *inet = inet_sk(sk);
        struct rtable *rt = (struct rtable *)skb->dst;
        struct iphdr *iph;
 
        /* Build the IP header. */
-       if (opt)
-               iph=(struct iphdr *)skb_push(skb,sizeof(struct iphdr) + opt->optlen);
-       else
-               iph=(struct iphdr *)skb_push(skb,sizeof(struct iphdr));
-
+       skb_push(skb, sizeof(struct iphdr) + (opt ? opt->optlen : 0));
+       skb_reset_network_header(skb);
+       iph = ip_hdr(skb);
        iph->version  = 4;
        iph->ihl      = 5;
        iph->tos      = inet->tos;
@@ -148,32 +160,35 @@ int ip_build_and_send_pkt(struct sk_buff *skb, struct sock *sk,
        iph->daddr    = rt->rt_dst;
        iph->saddr    = rt->rt_src;
        iph->protocol = sk->sk_protocol;
-       iph->tot_len  = htons(skb->len);
        ip_select_ident(iph, &rt->u.dst, sk);
-       skb->nh.iph   = iph;
 
        if (opt && opt->optlen) {
                iph->ihl += opt->optlen>>2;
                ip_options_build(skb, opt, daddr, rt, 0);
        }
-       ip_send_check(iph);
 
        skb->priority = sk->sk_priority;
 
        /* Send it out. */
-       return NF_HOOK(PF_INET, NF_IP_LOCAL_OUT, skb, NULL, rt->u.dst.dev,
-                      dst_output);
+       return ip_local_out(skb);
 }
 
+EXPORT_SYMBOL_GPL(ip_build_and_send_pkt);
+
 static inline int ip_finish_output2(struct sk_buff *skb)
 {
        struct dst_entry *dst = skb->dst;
-       struct hh_cache *hh = dst->hh;
+       struct rtable *rt = (struct rtable *)dst;
        struct net_device *dev = dst->dev;
-       int hh_len = LL_RESERVED_SPACE(dev);
+       unsigned int hh_len = LL_RESERVED_SPACE(dev);
+
+       if (rt->rt_type == RTN_MULTICAST)
+               IP_INC_STATS(IPSTATS_MIB_OUTMCASTPKTS);
+       else if (rt->rt_type == RTN_BROADCAST)
+               IP_INC_STATS(IPSTATS_MIB_OUTBCASTPKTS);
 
        /* Be paranoid, rather than too clever. */
-       if (unlikely(skb_headroom(skb) < hh_len && dev->hard_header)) {
+       if (unlikely(skb_headroom(skb) < hh_len && dev->header_ops)) {
                struct sk_buff *skb2;
 
                skb2 = skb_realloc_headroom(skb, LL_RESERVED_SPACE(dev));
@@ -187,16 +202,9 @@ static inline int ip_finish_output2(struct sk_buff *skb)
                skb = skb2;
        }
 
-       if (hh) {
-               int hh_alen;
-
-               read_lock_bh(&hh->hh_lock);
-               hh_alen = HH_DATA_ALIGN(hh->hh_len);
-               memcpy(skb->data - hh_alen, hh->hh_data, hh_alen);
-               read_unlock_bh(&hh->hh_lock);
-               skb_push(skb, hh->hh_len);
-               return hh->hh_output(skb);
-       } else if (dst->neighbour)
+       if (dst->hh)
+               return neigh_hh_output(dst->hh, skb);
+       else if (dst->neighbour)
                return dst->neighbour->output(skb);
 
        if (net_ratelimit())
@@ -205,15 +213,27 @@ static inline int ip_finish_output2(struct sk_buff *skb)
        return -EINVAL;
 }
 
-static int ip_finish_output(struct sk_buff *skb)
+static inline int ip_skb_dst_mtu(struct sk_buff *skb)
 {
-       struct net_device *dev = skb->dst->dev;
+       struct inet_sock *inet = skb->sk ? inet_sk(skb->sk) : NULL;
 
-       skb->dev = dev;
-       skb->protocol = htons(ETH_P_IP);
+       return (inet && inet->pmtudisc == IP_PMTUDISC_PROBE) ?
+              skb->dst->dev->mtu : dst_mtu(skb->dst);
+}
 
-       return NF_HOOK(PF_INET, NF_IP_POST_ROUTING, skb, NULL, dev,
-                      ip_finish_output2);
+static int ip_finish_output(struct sk_buff *skb)
+{
+#if defined(CONFIG_NETFILTER) && defined(CONFIG_XFRM)
+       /* Policy lookup after SNAT yielded a new policy */
+       if (skb->dst->xfrm != NULL) {
+               IPCB(skb)->flags |= IPSKB_REROUTED;
+               return dst_output(skb);
+       }
+#endif
+       if (skb->len > ip_skb_dst_mtu(skb) && !skb_is_gso(skb))
+               return ip_fragment(skb, ip_finish_output2);
+       else
+               return ip_finish_output2(skb);
 }
 
 int ip_mc_output(struct sk_buff *skb)
@@ -250,14 +270,14 @@ int ip_mc_output(struct sk_buff *skb)
                ) {
                        struct sk_buff *newskb = skb_clone(skb, GFP_ATOMIC);
                        if (newskb)
-                               NF_HOOK(PF_INET, NF_IP_POST_ROUTING, newskb, NULL,
-                                       newskb->dev, 
+                               NF_HOOK(PF_INET, NF_INET_POST_ROUTING, newskb,
+                                       NULL, newskb->dev,
                                        ip_dev_loopback_xmit);
                }
 
                /* Multicasts with ttl 0 must not go beyond the host */
 
-               if (skb->nh.iph->ttl == 0) {
+               if (ip_hdr(skb)->ttl == 0) {
                        kfree_skb(skb);
                        return 0;
                }
@@ -266,24 +286,27 @@ int ip_mc_output(struct sk_buff *skb)
        if (rt->rt_flags&RTCF_BROADCAST) {
                struct sk_buff *newskb = skb_clone(skb, GFP_ATOMIC);
                if (newskb)
-                       NF_HOOK(PF_INET, NF_IP_POST_ROUTING, newskb, NULL,
+                       NF_HOOK(PF_INET, NF_INET_POST_ROUTING, newskb, NULL,
                                newskb->dev, ip_dev_loopback_xmit);
        }
 
-       if (skb->len > dst_mtu(&rt->u.dst))
-               return ip_fragment(skb, ip_finish_output);
-       else
-               return ip_finish_output(skb);
+       return NF_HOOK_COND(PF_INET, NF_INET_POST_ROUTING, skb, NULL, skb->dev,
+                           ip_finish_output,
+                           !(IPCB(skb)->flags & IPSKB_REROUTED));
 }
 
 int ip_output(struct sk_buff *skb)
 {
+       struct net_device *dev = skb->dst->dev;
+
        IP_INC_STATS(IPSTATS_MIB_OUTREQUESTS);
 
-       if (skb->len > dst_mtu(skb->dst) && !skb_shinfo(skb)->tso_size)
-               return ip_fragment(skb, ip_finish_output);
-       else
-               return ip_finish_output(skb);
+       skb->dev = dev;
+       skb->protocol = htons(ETH_P_IP);
+
+       return NF_HOOK_COND(PF_INET, NF_INET_POST_ROUTING, skb, NULL, dev,
+                           ip_finish_output,
+                           !(IPCB(skb)->flags & IPSKB_REROUTED));
 }
 
 int ip_queue_xmit(struct sk_buff *skb, int ipfragok)
@@ -304,7 +327,7 @@ int ip_queue_xmit(struct sk_buff *skb, int ipfragok)
        /* Make sure we can route this packet. */
        rt = (struct rtable *)__sk_dst_check(sk, 0);
        if (rt == NULL) {
-               u32 daddr;
+               __be32 daddr;
 
                /* Use correct destination address if we have options. */
                daddr = inet->daddr;
@@ -326,11 +349,11 @@ int ip_queue_xmit(struct sk_buff *skb, int ipfragok)
                         * keep trying until route appears or the connection times
                         * itself out.
                         */
-                       if (ip_route_output_flow(&rt, &fl, sk, 0))
+                       security_sk_classify_flow(sk, &fl);
+                       if (ip_route_output_flow(&init_net, &rt, &fl, sk, 0))
                                goto no_route;
                }
-               __sk_dst_set(sk, &rt->u.dst);
-               tcp_v4_setup_caps(sk, &rt->u.dst);
+               sk_setup_caps(sk, &rt->u.dst);
        }
        skb->dst = dst_clone(&rt->u.dst);
 
@@ -339,9 +362,10 @@ packet_routed:
                goto no_route;
 
        /* OK, we know where to send it, allocate and build IP header. */
-       iph = (struct iphdr *) skb_push(skb, sizeof(struct iphdr) + (opt ? opt->optlen : 0));
-       *((__u16 *)iph) = htons((4 << 12) | (5 << 8) | (inet->tos & 0xff));
-       iph->tot_len = htons(skb->len);
+       skb_push(skb, sizeof(struct iphdr) + (opt ? opt->optlen : 0));
+       skb_reset_network_header(skb);
+       iph = ip_hdr(skb);
+       *((__be16 *)iph) = htons((4 << 12) | (5 << 8) | (inet->tos & 0xff));
        if (ip_dont_fragment(sk, &rt->u.dst) && !ipfragok)
                iph->frag_off = htons(IP_DF);
        else
@@ -350,7 +374,6 @@ packet_routed:
        iph->protocol = sk->sk_protocol;
        iph->saddr    = rt->rt_src;
        iph->daddr    = rt->rt_dst;
-       skb->nh.iph   = iph;
        /* Transport layer set skb->h.foo itself. */
 
        if (opt && opt->optlen) {
@@ -358,15 +381,12 @@ packet_routed:
                ip_options_build(skb, opt, inet->daddr, rt, 0);
        }
 
-       ip_select_ident_more(iph, &rt->u.dst, sk, skb_shinfo(skb)->tso_segs);
-
-       /* Add an IP checksum. */
-       ip_send_check(iph);
+       ip_select_ident_more(iph, &rt->u.dst, sk,
+                            (skb_shinfo(skb)->gso_segs ?: 1) - 1);
 
        skb->priority = sk->sk_priority;
 
-       return NF_HOOK(PF_INET, NF_IP_LOCAL_OUT, skb, NULL, rt->u.dst.dev,
-                      dst_output);
+       return ip_local_out(skb);
 
 no_route:
        IP_INC_STATS(IPSTATS_MIB_OUTNOROUTES);
@@ -383,6 +403,7 @@ static void ip_copy_metadata(struct sk_buff *to, struct sk_buff *from)
        dst_release(to->dst);
        to->dst = dst_clone(from->dst);
        to->dev = from->dev;
+       to->mark = from->mark;
 
        /* Copy the flags to each fragment. */
        IPCB(to)->flags = IPCB(from)->flags;
@@ -390,19 +411,15 @@ static void ip_copy_metadata(struct sk_buff *to, struct sk_buff *from)
 #ifdef CONFIG_NET_SCHED
        to->tc_index = from->tc_index;
 #endif
-#ifdef CONFIG_NETFILTER
-       to->nfmark = from->nfmark;
-       /* Connection association is same as pre-frag packet */
-       nf_conntrack_put(to->nfct);
-       to->nfct = from->nfct;
-       nf_conntrack_get(to->nfct);
-       to->nfctinfo = from->nfctinfo;
-#ifdef CONFIG_BRIDGE_NETFILTER
-       nf_bridge_put(to->nf_bridge);
-       to->nf_bridge = from->nf_bridge;
-       nf_bridge_get(to->nf_bridge);
+       nf_copy(to, from);
+#if defined(CONFIG_NETFILTER_XT_TARGET_TRACE) || \
+    defined(CONFIG_NETFILTER_XT_TARGET_TRACE_MODULE)
+       to->nf_trace = from->nf_trace;
 #endif
+#if defined(CONFIG_IP_VS) || defined(CONFIG_IP_VS_MODULE)
+       to->ipvs_property = from->ipvs_property;
 #endif
+       skb_copy_secmark(to, from);
 }
 
 /*
@@ -419,9 +436,9 @@ int ip_fragment(struct sk_buff *skb, int (*output)(struct sk_buff*))
        int ptr;
        struct net_device *dev;
        struct sk_buff *skb2;
-       unsigned int mtu, hlen, left, len, ll_rs;
+       unsigned int mtu, hlen, left, len, ll_rs, pad;
        int offset;
-       int not_last_frag;
+       __be16 not_last_frag;
        struct rtable *rt = (struct rtable*)skb->dst;
        int err = 0;
 
@@ -431,11 +448,12 @@ int ip_fragment(struct sk_buff *skb, int (*output)(struct sk_buff*))
         *      Point into the IP datagram header.
         */
 
-       iph = skb->nh.iph;
+       iph = ip_hdr(skb);
 
        if (unlikely((iph->frag_off & htons(IP_DF)) && !skb->local_df)) {
+               IP_INC_STATS(IPSTATS_MIB_FRAGFAILS);
                icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED,
-                         htonl(dst_mtu(&rt->u.dst)));
+                         htonl(ip_skb_dst_mtu(skb)));
                kfree_skb(skb);
                return -EMSGSIZE;
        }
@@ -446,6 +464,7 @@ int ip_fragment(struct sk_buff *skb, int (*output)(struct sk_buff*))
 
        hlen = iph->ihl * 4;
        mtu = dst_mtu(&rt->u.dst) - hlen;       /* Size of data space */
+       IPCB(skb)->flags |= IPSKB_FRAG_COMPLETE;
 
        /* When frag_list is given, use it. First, check its validity:
         * some transformers could create wrong frag_list or break existing
@@ -501,10 +520,11 @@ int ip_fragment(struct sk_buff *skb, int (*output)(struct sk_buff*))
                         * before previous one went down. */
                        if (frag) {
                                frag->ip_summed = CHECKSUM_NONE;
-                               frag->h.raw = frag->data;
-                               frag->nh.raw = __skb_push(frag, hlen);
-                               memcpy(frag->nh.raw, iph, hlen);
-                               iph = frag->nh.iph;
+                               skb_reset_transport_header(frag);
+                               __skb_push(frag, hlen);
+                               skb_reset_network_header(frag);
+                               memcpy(skb_network_header(frag), iph, hlen);
+                               iph = ip_hdr(frag);
                                iph->tot_len = htons(frag->len);
                                ip_copy_metadata(frag, skb);
                                if (offset == 0)
@@ -519,6 +539,8 @@ int ip_fragment(struct sk_buff *skb, int (*output)(struct sk_buff*))
 
                        err = output(skb);
 
+                       if (!err)
+                               IP_INC_STATS(IPSTATS_MIB_FRAGCREATES);
                        if (err || !frag)
                                break;
 
@@ -545,14 +567,13 @@ slow_path:
        left = skb->len - hlen;         /* Space per frame */
        ptr = raw + hlen;               /* Where to start from */
 
-#ifdef CONFIG_BRIDGE_NETFILTER
        /* for bridged IP traffic encapsulated inside f.e. a vlan header,
-        * we need to make room for the encapsulating header */
-       ll_rs = LL_RESERVED_SPACE_EXTRA(rt->u.dst.dev, nf_bridge_pad(skb));
-       mtu -= nf_bridge_pad(skb);
-#else
-       ll_rs = LL_RESERVED_SPACE(rt->u.dst.dev);
-#endif
+        * we need to make room for the encapsulating header
+        */
+       pad = nf_bridge_pad(skb);
+       ll_rs = LL_RESERVED_SPACE_EXTRA(rt->u.dst.dev, pad);
+       mtu -= pad;
+
        /*
         *      Fragment the datagram.
         */
@@ -564,7 +585,7 @@ slow_path:
         *      Keep copying data until we run out.
         */
 
-       while(left > 0) {
+       while (left > 0) {
                len = left;
                /* IF: it doesn't fit, use 'mtu' - the data space left */
                if (len > mtu)
@@ -579,7 +600,7 @@ slow_path:
                 */
 
                if ((skb2 = alloc_skb(len+hlen+ll_rs, GFP_ATOMIC)) == NULL) {
-                       NETDEBUG(printk(KERN_INFO "IP: frag: no memory for new fragment!\n"));
+                       NETDEBUG(KERN_INFO "IP: frag: no memory for new fragment!\n");
                        err = -ENOMEM;
                        goto fail;
                }
@@ -591,8 +612,8 @@ slow_path:
                ip_copy_metadata(skb2, skb);
                skb_reserve(skb2, ll_rs);
                skb_put(skb2, len + hlen);
-               skb2->nh.raw = skb2->data;
-               skb2->h.raw = skb2->data + hlen;
+               skb_reset_network_header(skb2);
+               skb2->transport_header = skb2->network_header + hlen;
 
                /*
                 *      Charge the memory for the fragment to any owner
@@ -606,19 +627,19 @@ slow_path:
                 *      Copy the packet header into the new buffer.
                 */
 
-               memcpy(skb2->nh.raw, skb->data, hlen);
+               skb_copy_from_linear_data(skb, skb_network_header(skb2), hlen);
 
                /*
                 *      Copy a block of the IP datagram.
                 */
-               if (skb_copy_bits(skb, ptr, skb2->h.raw, len))
+               if (skb_copy_bits(skb, ptr, skb_transport_header(skb2), len))
                        BUG();
                left -= len;
 
                /*
                 *      Fill in the new header fields.
                 */
-               iph = skb2->nh.iph;
+               iph = ip_hdr(skb2);
                iph->frag_off = htons((offset >> 3));
 
                /* ANK: dirty, but effective trick. Upgrade options only if
@@ -642,9 +663,6 @@ slow_path:
                /*
                 *      Put this fragment into the sending queue.
                 */
-
-               IP_INC_STATS(IPSTATS_MIB_FRAGCREATES);
-
                iph->tot_len = htons(len + hlen);
 
                ip_send_check(iph);
@@ -652,27 +670,31 @@ slow_path:
                err = output(skb2);
                if (err)
                        goto fail;
+
+               IP_INC_STATS(IPSTATS_MIB_FRAGCREATES);
        }
        kfree_skb(skb);
        IP_INC_STATS(IPSTATS_MIB_FRAGOKS);
        return err;
 
 fail:
-       kfree_skb(skb); 
+       kfree_skb(skb);
        IP_INC_STATS(IPSTATS_MIB_FRAGFAILS);
        return err;
 }
 
+EXPORT_SYMBOL(ip_fragment);
+
 int
 ip_generic_getfrag(void *from, char *to, int offset, int len, int odd, struct sk_buff *skb)
 {
        struct iovec *iov = from;
 
-       if (skb->ip_summed == CHECKSUM_HW) {
+       if (skb->ip_summed == CHECKSUM_PARTIAL) {
                if (memcpy_fromiovecend(to, iov, offset, len) < 0)
                        return -EFAULT;
        } else {
-               unsigned int csum = 0;
+               __wsum csum = 0;
                if (csum_partial_copy_fromiovecend(to, iov, offset, len, &csum) < 0)
                        return -EFAULT;
                skb->csum = csum_block_add(skb->csum, csum, odd);
@@ -680,23 +702,78 @@ ip_generic_getfrag(void *from, char *to, int offset, int len, int odd, struct sk
        return 0;
 }
 
-static inline unsigned int
+static inline __wsum
 csum_page(struct page *page, int offset, int copy)
 {
        char *kaddr;
-       unsigned int csum;
+       __wsum csum;
        kaddr = kmap(page);
        csum = csum_partial(kaddr + offset, copy, 0);
        kunmap(page);
        return csum;
 }
 
+static inline int ip_ufo_append_data(struct sock *sk,
+                       int getfrag(void *from, char *to, int offset, int len,
+                              int odd, struct sk_buff *skb),
+                       void *from, int length, int hh_len, int fragheaderlen,
+                       int transhdrlen, int mtu,unsigned int flags)
+{
+       struct sk_buff *skb;
+       int err;
+
+       /* There is support for UDP fragmentation offload by network
+        * device, so create one single skb packet containing complete
+        * udp datagram
+        */
+       if ((skb = skb_peek_tail(&sk->sk_write_queue)) == NULL) {
+               skb = sock_alloc_send_skb(sk,
+                       hh_len + fragheaderlen + transhdrlen + 20,
+                       (flags & MSG_DONTWAIT), &err);
+
+               if (skb == NULL)
+                       return err;
+
+               /* reserve space for Hardware header */
+               skb_reserve(skb, hh_len);
+
+               /* create space for UDP/IP header */
+               skb_put(skb,fragheaderlen + transhdrlen);
+
+               /* initialize network header pointer */
+               skb_reset_network_header(skb);
+
+               /* initialize protocol header pointer */
+               skb->transport_header = skb->network_header + fragheaderlen;
+
+               skb->ip_summed = CHECKSUM_PARTIAL;
+               skb->csum = 0;
+               sk->sk_sndmsg_off = 0;
+       }
+
+       err = skb_append_datato_frags(sk,skb, getfrag, from,
+                              (length - transhdrlen));
+       if (!err) {
+               /* specify the length of each IP datagram fragment*/
+               skb_shinfo(skb)->gso_size = mtu - fragheaderlen;
+               skb_shinfo(skb)->gso_type = SKB_GSO_UDP;
+               __skb_queue_tail(&sk->sk_write_queue, skb);
+
+               return 0;
+       }
+       /* There is not enough support do UFO ,
+        * so follow normal path
+        */
+       kfree_skb(skb);
+       return err;
+}
+
 /*
  *     ip_append_data() and ip_append_page() can make one large IP datagram
  *     from many pieces of data. Each pieces will be holded on the socket
  *     until ip_push_pending_frames() is called. Each piece can be a page
  *     or non-page data.
- *     
+ *
  *     Not only UDP, other transport protocols - e.g. raw sockets - can use
  *     this interface potentially.
  *
@@ -741,7 +818,9 @@ int ip_append_data(struct sock *sk,
                        inet->cork.addr = ipc->addr;
                }
                dst_hold(&rt->u.dst);
-               inet->cork.fragsize = mtu = dst_mtu(rt->u.dst.path);
+               inet->cork.fragsize = mtu = inet->pmtudisc == IP_PMTUDISC_PROBE ?
+                                           rt->u.dst.dev->mtu :
+                                           dst_mtu(rt->u.dst.path);
                inet->cork.rt = rt;
                inet->cork.length = 0;
                sk->sk_sndmsg_page = NULL;
@@ -775,11 +854,21 @@ int ip_append_data(struct sock *sk,
         */
        if (transhdrlen &&
            length + fragheaderlen <= mtu &&
-           rt->u.dst.dev->features&(NETIF_F_IP_CSUM|NETIF_F_NO_CSUM|NETIF_F_HW_CSUM) &&
+           rt->u.dst.dev->features & NETIF_F_V4_CSUM &&
            !exthdrlen)
-               csummode = CHECKSUM_HW;
+               csummode = CHECKSUM_PARTIAL;
 
        inet->cork.length += length;
+       if (((length > mtu) && (sk->sk_protocol == IPPROTO_UDP)) &&
+                       (rt->u.dst.dev->features & NETIF_F_UFO)) {
+
+               err = ip_ufo_append_data(sk, getfrag, from, length, hh_len,
+                                        fragheaderlen, transhdrlen, mtu,
+                                        flags);
+               if (err)
+                       goto error;
+               return 0;
+       }
 
        /* So, what's going on in the loop below?
         *
@@ -819,7 +908,7 @@ alloc_new_skb:
                                datalen = maxfraglen - fragheaderlen;
                        fraglen = datalen + fragheaderlen;
 
-                       if ((flags & MSG_MORE) && 
+                       if ((flags & MSG_MORE) &&
                            !(rt->u.dst.dev->features&NETIF_F_SG))
                                alloclen = mtu;
                        else
@@ -830,18 +919,18 @@ alloc_new_skb:
                         * because we have no idea what fragment will be
                         * the last.
                         */
-                       if (datalen == length)
+                       if (datalen == length + fraggap)
                                alloclen += rt->u.dst.trailer_len;
 
                        if (transhdrlen) {
-                               skb = sock_alloc_send_skb(sk, 
+                               skb = sock_alloc_send_skb(sk,
                                                alloclen + hh_len + 15,
                                                (flags & MSG_DONTWAIT), &err);
                        } else {
                                skb = NULL;
                                if (atomic_read(&sk->sk_wmem_alloc) <=
                                    2 * sk->sk_sndbuf)
-                                       skb = sock_wmalloc(sk, 
+                                       skb = sock_wmalloc(sk,
                                                           alloclen + hh_len + 15, 1,
                                                           sk->sk_allocation);
                                if (unlikely(skb == NULL))
@@ -861,9 +950,10 @@ alloc_new_skb:
                         *      Find where to start putting bytes.
                         */
                        data = skb_put(skb, fraglen);
-                       skb->nh.raw = data + exthdrlen;
+                       skb_set_network_header(skb, exthdrlen);
+                       skb->transport_header = (skb->network_header +
+                                                fragheaderlen);
                        data += fragheaderlen;
-                       skb->h.raw = data + exthdrlen;
 
                        if (fraggap) {
                                skb->csum = skb_copy_and_csum_bits(
@@ -872,7 +962,7 @@ alloc_new_skb:
                                skb_prev->csum = csum_sub(skb_prev->csum,
                                                          skb->csum);
                                data += fraggap;
-                               skb_trim(skb_prev, maxfraglen);
+                               pskb_trim_unique(skb_prev, maxfraglen);
                        }
 
                        copy = datalen - transhdrlen - fraggap;
@@ -902,7 +992,7 @@ alloc_new_skb:
                        unsigned int off;
 
                        off = skb->len;
-                       if (getfrag(from, skb_put(skb, copy), 
+                       if (getfrag(from, skb_put(skb, copy),
                                        offset, copy, off, skb) < 0) {
                                __skb_trim(skb, off);
                                err = -EFAULT;
@@ -924,7 +1014,7 @@ alloc_new_skb:
                                                goto error;
                                        }
                                        get_page(page);
-                                       skb_fill_page_desc(skb, i, page, sk->sk_sndmsg_off, 0);
+                                       skb_fill_page_desc(skb, i, page, sk->sk_sndmsg_off, 0);
                                        frag = &skb_shinfo(skb)->frags[i];
                                }
                        } else if (i < MAX_SKB_FRAGS) {
@@ -940,8 +1030,6 @@ alloc_new_skb:
 
                                skb_fill_page_desc(skb, i, page, 0, 0);
                                frag = &skb_shinfo(skb)->frags[i];
-                               skb->truesize += PAGE_SIZE;
-                               atomic_add(PAGE_SIZE, &sk->sk_wmem_alloc);
                        } else {
                                err = -EMSGSIZE;
                                goto error;
@@ -954,6 +1042,8 @@ alloc_new_skb:
                        frag->size += copy;
                        skb->len += copy;
                        skb->data_len += copy;
+                       skb->truesize += copy;
+                       atomic_add(copy, &sk->sk_wmem_alloc);
                }
                offset += copy;
                length -= copy;
@@ -964,7 +1054,7 @@ alloc_new_skb:
 error:
        inet->cork.length -= length;
        IP_INC_STATS(IPSTATS_MIB_OUTDISCARDS);
-       return err; 
+       return err;
 }
 
 ssize_t        ip_append_page(struct sock *sk, struct page *page,
@@ -1011,25 +1101,31 @@ ssize_t ip_append_page(struct sock *sk, struct page *page,
                return -EINVAL;
 
        inet->cork.length += size;
+       if ((sk->sk_protocol == IPPROTO_UDP) &&
+           (rt->u.dst.dev->features & NETIF_F_UFO)) {
+               skb_shinfo(skb)->gso_size = mtu - fragheaderlen;
+               skb_shinfo(skb)->gso_type = SKB_GSO_UDP;
+       }
+
 
        while (size > 0) {
                int i;
 
-               /* Check if the remaining data fits into current packet. */
-               len = mtu - skb->len;
-               if (len < size)
-                       len = maxfraglen - skb->len;
+               if (skb_is_gso(skb))
+                       len = size;
+               else {
+
+                       /* Check if the remaining data fits into current packet. */
+                       len = mtu - skb->len;
+                       if (len < size)
+                               len = maxfraglen - skb->len;
+               }
                if (len <= 0) {
                        struct sk_buff *skb_prev;
-                       char *data;
-                       struct iphdr *iph;
                        int alloclen;
 
                        skb_prev = skb;
-                       if (skb_prev)
-                               fraggap = skb_prev->len - maxfraglen;
-                       else
-                               fraggap = 0;
+                       fraggap = skb_prev->len - maxfraglen;
 
                        alloclen = fragheaderlen + hh_len + fraggap + 15;
                        skb = sock_wmalloc(sk, alloclen, 1, sk->sk_allocation);
@@ -1048,18 +1144,18 @@ ssize_t ip_append_page(struct sock *sk, struct page *page,
                        /*
                         *      Find where to start putting bytes.
                         */
-                       data = skb_put(skb, fragheaderlen + fraggap);
-                       skb->nh.iph = iph = (struct iphdr *)data;
-                       data += fragheaderlen;
-                       skb->h.raw = data;
-
+                       skb_put(skb, fragheaderlen + fraggap);
+                       skb_reset_network_header(skb);
+                       skb->transport_header = (skb->network_header +
+                                                fragheaderlen);
                        if (fraggap) {
-                               skb->csum = skb_copy_and_csum_bits(
-                                       skb_prev, maxfraglen,
-                                       data, fraggap, 0);
+                               skb->csum = skb_copy_and_csum_bits(skb_prev,
+                                                                  maxfraglen,
+                                                   skb_transport_header(skb),
+                                                                  fraggap, 0);
                                skb_prev->csum = csum_sub(skb_prev->csum,
                                                          skb->csum);
-                               skb_trim(skb_prev, maxfraglen);
+                               pskb_trim_unique(skb_prev, maxfraglen);
                        }
 
                        /*
@@ -1083,13 +1179,15 @@ ssize_t ip_append_page(struct sock *sk, struct page *page,
                }
 
                if (skb->ip_summed == CHECKSUM_NONE) {
-                       unsigned int csum;
+                       __wsum csum;
                        csum = csum_page(page, offset, len);
                        skb->csum = csum_block_add(skb->csum, csum, skb->len);
                }
 
                skb->len += len;
                skb->data_len += len;
+               skb->truesize += len;
+               atomic_add(len, &sk->sk_wmem_alloc);
                offset += len;
                size -= len;
        }
@@ -1101,6 +1199,17 @@ error:
        return err;
 }
 
+static void ip_cork_release(struct inet_sock *inet)
+{
+       inet->cork.flags &= ~IPCORK_OPT;
+       kfree(inet->cork.opt);
+       inet->cork.opt = NULL;
+       if (inet->cork.rt) {
+               ip_rt_put(inet->cork.rt);
+               inet->cork.rt = NULL;
+       }
+}
+
 /*
  *     Combined all pending IP fragments on the socket as one IP datagram
  *     and push them out.
@@ -1113,7 +1222,7 @@ int ip_push_pending_frames(struct sock *sk)
        struct ip_options *opt = NULL;
        struct rtable *rt = inet->cork.rt;
        struct iphdr *iph;
-       int df = 0;
+       __be16 df = 0;
        __u8 ttl;
        int err = 0;
 
@@ -1122,10 +1231,10 @@ int ip_push_pending_frames(struct sock *sk)
        tail_skb = &(skb_shinfo(skb)->frag_list);
 
        /* move skb->data to ip header from ext header */
-       if (skb->data < skb->nh.raw)
-               __skb_pull(skb, skb->nh.raw - skb->data);
+       if (skb->data < skb_network_header(skb))
+               __skb_pull(skb, skb_network_offset(skb));
        while ((tmp_skb = __skb_dequeue(&sk->sk_write_queue)) != NULL) {
-               __skb_pull(tmp_skb, skb->h.raw - skb->nh.raw);
+               __skb_pull(tmp_skb, skb_network_header_len(skb));
                *tail_skb = tmp_skb;
                tail_skb = &(tmp_skb->next);
                skb->len += tmp_skb->len;
@@ -1140,13 +1249,13 @@ int ip_push_pending_frames(struct sock *sk)
         * to fragment the frame generated here. No matter, what transforms
         * how transforms change size of the packet, it will come out.
         */
-       if (inet->pmtudisc != IP_PMTUDISC_DO)
+       if (inet->pmtudisc < IP_PMTUDISC_DO)
                skb->local_df = 1;
 
        /* DF bit is set when we want to see DF on outgoing frames.
         * If local_df is set too, we still allow to fragment this frame
         * locally. */
-       if (inet->pmtudisc == IP_PMTUDISC_DO ||
+       if (inet->pmtudisc >= IP_PMTUDISC_DO ||
            (skb->len <= dst_mtu(&rt->u.dst) &&
             ip_dont_fragment(sk, &rt->u.dst)))
                df = htons(IP_DF);
@@ -1167,25 +1276,22 @@ int ip_push_pending_frames(struct sock *sk)
                ip_options_build(skb, opt, inet->cork.addr, rt, 0);
        }
        iph->tos = inet->tos;
-       iph->tot_len = htons(skb->len);
        iph->frag_off = df;
-       if (!df) {
-               __ip_select_ident(iph, &rt->u.dst, 0);
-       } else {
-               iph->id = htons(inet->id++);
-       }
+       ip_select_ident(iph, &rt->u.dst, sk);
        iph->ttl = ttl;
        iph->protocol = sk->sk_protocol;
        iph->saddr = rt->rt_src;
        iph->daddr = rt->rt_dst;
-       ip_send_check(iph);
 
        skb->priority = sk->sk_priority;
        skb->dst = dst_clone(&rt->u.dst);
 
+       if (iph->protocol == IPPROTO_ICMP)
+               icmp_out_count(((struct icmphdr *)
+                       skb_transport_header(skb))->type);
+
        /* Netfilter gets whole the not fragmented skb. */
-       err = NF_HOOK(PF_INET, NF_IP_LOCAL_OUT, skb, NULL, 
-                     skb->dst->dev, dst_output);
+       err = ip_local_out(skb);
        if (err) {
                if (err > 0)
                        err = inet->recverr ? net_xmit_errno(err) : 0;
@@ -1194,15 +1300,7 @@ int ip_push_pending_frames(struct sock *sk)
        }
 
 out:
-       inet->cork.flags &= ~IPCORK_OPT;
-       if (inet->cork.opt) {
-               kfree(inet->cork.opt);
-               inet->cork.opt = NULL;
-       }
-       if (inet->cork.rt) {
-               ip_rt_put(inet->cork.rt);
-               inet->cork.rt = NULL;
-       }
+       ip_cork_release(inet);
        return err;
 
 error:
@@ -1215,45 +1313,34 @@ error:
  */
 void ip_flush_pending_frames(struct sock *sk)
 {
-       struct inet_sock *inet = inet_sk(sk);
        struct sk_buff *skb;
 
        while ((skb = __skb_dequeue_tail(&sk->sk_write_queue)) != NULL)
                kfree_skb(skb);
 
-       inet->cork.flags &= ~IPCORK_OPT;
-       if (inet->cork.opt) {
-               kfree(inet->cork.opt);
-               inet->cork.opt = NULL;
-       }
-       if (inet->cork.rt) {
-               ip_rt_put(inet->cork.rt);
-               inet->cork.rt = NULL;
-       }
+       ip_cork_release(inet_sk(sk));
 }
 
 
 /*
  *     Fetch data from kernel space and fill in checksum if needed.
  */
-static int ip_reply_glue_bits(void *dptr, char *to, int offset, 
+static int ip_reply_glue_bits(void *dptr, char *to, int offset,
                              int len, int odd, struct sk_buff *skb)
 {
-       unsigned int csum;
+       __wsum csum;
 
        csum = csum_partial_copy_nocheck(dptr+offset, to, len, 0);
        skb->csum = csum_block_add(skb->csum, csum, odd);
-       return 0;  
+       return 0;
 }
 
-/* 
+/*
  *     Generic function to send a packet as reply to another packet.
  *     Used to send TCP resets so far. ICMP should use this function too.
  *
- *     Should run single threaded per socket because it uses the sock 
+ *     Should run single threaded per socket because it uses the sock
  *             structure to pass arguments.
- *
- *     LATER: switch from ip_build_xmit to ip_append_*
  */
 void ip_send_reply(struct sock *sk, struct sk_buff *skb, struct ip_reply_arg *arg,
                   unsigned int len)
@@ -1264,7 +1351,7 @@ void ip_send_reply(struct sock *sk, struct sk_buff *skb, struct ip_reply_arg *ar
                char                    data[40];
        } replyopts;
        struct ipcm_cookie ipc;
-       u32 daddr;
+       __be32 daddr;
        struct rtable *rt = (struct rtable*)skb->dst;
 
        if (ip_options_echo(&replyopts.opt, skb))
@@ -1281,16 +1368,18 @@ void ip_send_reply(struct sock *sk, struct sk_buff *skb, struct ip_reply_arg *ar
        }
 
        {
-               struct flowi fl = { .nl_u = { .ip4_u =
+               struct flowi fl = { .oif = arg->bound_dev_if,
+                                   .nl_u = { .ip4_u =
                                              { .daddr = daddr,
                                                .saddr = rt->rt_spec_dst,
-                                               .tos = RT_TOS(skb->nh.iph->tos) } },
+                                               .tos = RT_TOS(ip_hdr(skb)->tos) } },
                                    /* Not quite clean, but right. */
                                    .uli_u = { .ports =
-                                              { .sport = skb->h.th->dest,
-                                                .dport = skb->h.th->source } },
+                                              { .sport = tcp_hdr(skb)->dest,
+                                                .dport = tcp_hdr(skb)->source } },
                                    .proto = sk->sk_protocol };
-               if (ip_route_output_key(&rt, &fl))
+               security_skb_classify_flow(skb, &fl);
+               if (ip_route_output_key(&init_net, &rt, &fl))
                        return;
        }
 
@@ -1301,14 +1390,17 @@ void ip_send_reply(struct sock *sk, struct sk_buff *skb, struct ip_reply_arg *ar
           with locally disabled BH and that sk cannot be already spinlocked.
         */
        bh_lock_sock(sk);
-       inet->tos = skb->nh.iph->tos;
+       inet->tos = ip_hdr(skb)->tos;
        sk->sk_priority = skb->priority;
-       sk->sk_protocol = skb->nh.iph->protocol;
+       sk->sk_protocol = ip_hdr(skb)->protocol;
+       sk->sk_bound_dev_if = arg->bound_dev_if;
        ip_append_data(sk, ip_reply_glue_bits, arg->iov->iov_base, len, 0,
                       &ipc, rt, MSG_DONTWAIT);
        if ((skb = skb_peek(&sk->sk_write_queue)) != NULL) {
                if (arg->csumoffset >= 0)
-                       *((u16 *)skb->h.raw + arg->csumoffset) = csum_fold(csum_add(skb->csum, arg->csum));
+                       *((__sum16 *)skb_transport_header(skb) +
+                         arg->csumoffset) = csum_fold(csum_add(skb->csum,
+                                                               arg->csum));
                skb->ip_summed = CHECKSUM_NONE;
                ip_push_pending_frames(sk);
        }
@@ -1328,7 +1420,6 @@ void __init ip_init(void)
 #endif
 }
 
-EXPORT_SYMBOL(ip_fragment);
 EXPORT_SYMBOL(ip_generic_getfrag);
 EXPORT_SYMBOL(ip_queue_xmit);
 EXPORT_SYMBOL(ip_send_check);