Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6

[linux-2.6-omap-h63xx.git] / net / netfilter / nf_conntrack_proto_sctp.c

diff --git a/net/netfilter/nf_conntrack_proto_sctp.c b/net/netfilter/nf_conntrack_proto_sctp.c
index cf798e61e37967107960656739bd21aa0e09a332..af568777372be3d8c99f67791339665e71694f54 100644 (file)
--- a/net/netfilter/nf_conntrack_proto_sctp.c
+++ b/net/netfilter/nf_conntrack_proto_sctp.c
@@ -28,6 +28,8 @@
 #include <linux/sctp.h>
 #include <linux/string.h>
 #include <linux/seq_file.h>
+#include <linux/spinlock.h>
+#include <linux/interrupt.h>
 
 #include <net/netfilter/nf_conntrack.h>
 #include <net/netfilter/nf_conntrack_protocol.h>
@@ -62,13 +64,13 @@ static const char *sctp_conntrack_names[] = {
 #define HOURS * 60 MINS
 #define DAYS  * 24 HOURS
 
-static unsigned int nf_ct_sctp_timeout_closed            =  10 SECS;
-static unsigned int nf_ct_sctp_timeout_cookie_wait       =   3 SECS;
-static unsigned int nf_ct_sctp_timeout_cookie_echoed     =   3 SECS;
-static unsigned int nf_ct_sctp_timeout_established       =   5 DAYS;
-static unsigned int nf_ct_sctp_timeout_shutdown_sent     = 300 SECS / 1000;
-static unsigned int nf_ct_sctp_timeout_shutdown_recd     = 300 SECS / 1000;
-static unsigned int nf_ct_sctp_timeout_shutdown_ack_sent =   3 SECS;
+static unsigned int nf_ct_sctp_timeout_closed __read_mostly          =  10 SECS;
+static unsigned int nf_ct_sctp_timeout_cookie_wait __read_mostly     =   3 SECS;
+static unsigned int nf_ct_sctp_timeout_cookie_echoed __read_mostly   =   3 SECS;
+static unsigned int nf_ct_sctp_timeout_established __read_mostly     =   5 DAYS;
+static unsigned int nf_ct_sctp_timeout_shutdown_sent __read_mostly   = 300 SECS / 1000;
+static unsigned int nf_ct_sctp_timeout_shutdown_recd __read_mostly   = 300 SECS / 1000;
+static unsigned int nf_ct_sctp_timeout_shutdown_ack_sent __read_mostly = 3 SECS;
 
 static unsigned int * sctp_timeouts[]
 = { NULL,                                  /* SCTP_CONNTRACK_NONE  */
@@ -240,12 +242,15 @@ static int do_basic_checks(struct nf_conn *conntrack,
                        flag = 1;
                }
 
-               /* Cookie Ack/Echo chunks not the first OR 
-                  Init / Init Ack / Shutdown compl chunks not the only chunks */
-               if ((sch->type == SCTP_CID_COOKIE_ACK 
+               /*
+                * Cookie Ack/Echo chunks not the first OR
+                * Init / Init Ack / Shutdown compl chunks not the only chunks
+                * OR zero-length.
+                */
+               if (((sch->type == SCTP_CID_COOKIE_ACK
                        || sch->type == SCTP_CID_COOKIE_ECHO
                        || flag)
-                    && count !=0 ) {
+                     && count !=0) || !sch->length) {
                        DEBUGP("Basic checks failed\n");
                        return 1;
                }
@@ -256,7 +261,7 @@ static int do_basic_checks(struct nf_conn *conntrack,
        }
 
        DEBUGP("Basic checks passed\n");
-       return 0;
+       return count == 0;
 }
 
 static int new_state(enum ip_conntrack_dir dir,
@@ -615,7 +620,7 @@ static ctl_table nf_ct_net_table[] = {
 static struct ctl_table_header *nf_ct_sysctl_header;
 #endif
 
-int __init init(void)
+int __init nf_conntrack_proto_sctp_init(void)
 {
        int ret;
 
@@ -652,7 +657,7 @@ int __init init(void)
        return ret;
 }
 
-void __exit fini(void)
+void __exit nf_conntrack_proto_sctp_fini(void)
 {
        nf_conntrack_protocol_unregister(&nf_conntrack_protocol_sctp6);
        nf_conntrack_protocol_unregister(&nf_conntrack_protocol_sctp4);
@@ -662,8 +667,8 @@ void __exit fini(void)
        DEBUGP("SCTP conntrack module unloaded\n");
 }
 
-module_init(init);
-module_exit(fini);
+module_init(nf_conntrack_proto_sctp_init);
+module_exit(nf_conntrack_proto_sctp_fini);
 
 MODULE_LICENSE("GPL");
 MODULE_AUTHOR("Kiran Kumar Immidi");