[people/pmueller/ipfire-2.x.git] / src / patches / linux-2.6.27-imq.patch

--- a/drivers/net/Kconfig
+++ b/drivers/net/Kconfig
@@ -109,6 +109,129 @@ config EQUALIZER
 	  To compile this driver as a module, choose M here: the module
 	  will be called eql.  If unsure, say N.
 
+config IMQ
+	tristate "IMQ (intermediate queueing device) support"
+	depends on NETDEVICES && NETFILTER
+	---help---
+	  The IMQ device(s) is used as placeholder for QoS queueing
+	  disciplines. Every packet entering/leaving the IP stack can be
+	  directed through the IMQ device where it's enqueued/dequeued to the
+	  attached qdisc. This allows you to treat network devices as classes
+	  and distribute bandwidth among them. Iptables is used to specify
+	  through which IMQ device, if any, packets travel.
+
+	  More information at: http://www.linuximq.net/
+
+	  To compile this driver as a module, choose M here: the module
+	  will be called imq.  If unsure, say N.
+
+choice
+	prompt "IMQ behavior (PRE/POSTROUTING)"
+	depends on IMQ
+	default IMQ_BEHAVIOR_AB
+	help
+
+		This settings defines how IMQ behaves in respect to its
+		hooking in PREROUTING and POSTROUTING.
+
+		IMQ can work in any of the following ways:
+
+		    PREROUTING   |      POSTROUTING
+		-----------------|-------------------
+		#1  After NAT    |      After NAT
+		#2  After NAT    |      Before NAT
+		#3  Before NAT   |      After NAT
+		#4  Before NAT   |      Before NAT
+
+		The default behavior is to hook before NAT on PREROUTING
+		and after NAT on POSTROUTING (#3).
+
+		This settings are specially usefull when trying to use IMQ
+		to shape NATed clients.
+
+		More information can be found at: www.linuximq.net
+
+		If not sure leave the default settings alone.
+
+config IMQ_BEHAVIOR_AA
+	bool "IMQ AA"
+	help
+		This settings defines how IMQ behaves in respect to its
+		hooking in PREROUTING and POSTROUTING.
+
+		Choosing this option will make IMQ hook like this:
+
+		PREROUTING:   After NAT
+		POSTROUTING:  After NAT
+
+		More information can be found at: www.linuximq.net
+
+		If not sure leave the default settings alone.
+
+config IMQ_BEHAVIOR_AB
+	bool "IMQ AB"
+	help
+		This settings defines how IMQ behaves in respect to its
+		hooking in PREROUTING and POSTROUTING.
+
+		Choosing this option will make IMQ hook like this:
+
+		PREROUTING:   After NAT
+		POSTROUTING:  Before NAT
+
+		More information can be found at: www.linuximq.net
+
+		If not sure leave the default settings alone.
+
+config IMQ_BEHAVIOR_BA
+	bool "IMQ BA"
+	help
+		This settings defines how IMQ behaves in respect to its
+		hooking in PREROUTING and POSTROUTING.
+
+		Choosing this option will make IMQ hook like this:
+
+		PREROUTING:   Before NAT
+		POSTROUTING:  After NAT
+
+		More information can be found at: www.linuximq.net
+
+		If not sure leave the default settings alone.
+
+config IMQ_BEHAVIOR_BB
+	bool "IMQ BB"
+	help
+		This settings defines how IMQ behaves in respect to its
+		hooking in PREROUTING and POSTROUTING.
+
+		Choosing this option will make IMQ hook like this:
+
+		PREROUTING:   Before NAT
+		POSTROUTING:  Before NAT
+
+		More information can be found at: www.linuximq.net
+
+		If not sure leave the default settings alone.
+
+endchoice
+
+config IMQ_NUM_DEVS
+
+	int "Number of IMQ devices"
+	range 2 16
+	depends on IMQ
+	default "16"
+	help
+
+		This settings defines how many IMQ devices will be
+		created.
+
+		The default value is 16.
+
+		More information can be found at: www.linuximq.net
+
+		If not sure leave the default settings alone.
+
 config TUN
 	tristate "Universal TUN/TAP device driver support"
 	select CRC32
--- a/drivers/net/Makefile
+++ b/drivers/net/Makefile
@@ -144,6 +144,7 @@ obj-$(CONFIG_SLHC) += slhc.o
 obj-$(CONFIG_XEN_NETDEV_FRONTEND) += xen-netfront.o
 
 obj-$(CONFIG_DUMMY) += dummy.o
+obj-$(CONFIG_IMQ) += imq.o
 obj-$(CONFIG_IFB) += ifb.o
 obj-$(CONFIG_MACVLAN) += macvlan.o
 obj-$(CONFIG_DE600) += de600.o
--- /dev/null
+++ b/drivers/net/imq.c
@@ -0,0 +1,533 @@
+/*
+ *             Pseudo-driver for the intermediate queue device.
+ *
+ *             This program is free software; you can redistribute it and/or
+ *             modify it under the terms of the GNU General Public License
+ *             as published by the Free Software Foundation; either version
+ *             2 of the License, or (at your option) any later version.
+ *
+ * Authors:    Patrick McHardy, <kaber@trash.net>
+ *
+ *            The first version was written by Martin Devera, <devik@cdi.cz>
+ *
+ * Credits:    Jan Rafaj <imq2t@cedric.vabo.cz>
+ *              - Update patch to 2.4.21
+ *             Sebastian Strollo <sstrollo@nortelnetworks.com>
+ *              - Fix "Dead-loop on netdevice imq"-issue
+ *             Marcel Sebek <sebek64@post.cz>
+ *              - Update to 2.6.2-rc1
+ *
+ *	       After some time of inactivity there is a group taking care
+ *	       of IMQ again: http://www.linuximq.net
+ *
+ *
+ *	       2004/06/30 - New version of IMQ patch to kernels <=2.6.7
+ *             including the following changes:
+ *
+ *	       - Correction of ipv6 support "+"s issue (Hasso Tepper)
+ *	       - Correction of imq_init_devs() issue that resulted in
+ *	       kernel OOPS unloading IMQ as module (Norbert Buchmuller)
+ *	       - Addition of functionality to choose number of IMQ devices
+ *	       during kernel config (Andre Correa)
+ *	       - Addition of functionality to choose how IMQ hooks on
+ *	       PRE and POSTROUTING (after or before NAT) (Andre Correa)
+ *	       - Cosmetic corrections (Norbert Buchmuller) (Andre Correa)
+ *
+ *
+ *             2005/12/16 - IMQ versions between 2.6.7 and 2.6.13 were
+ *             released with almost no problems. 2.6.14-x was released
+ *             with some important changes: nfcache was removed; After
+ *             some weeks of trouble we figured out that some IMQ fields
+ *             in skb were missing in skbuff.c - skb_clone and copy_skb_header.
+ *             These functions are correctly patched by this new patch version.
+ *
+ *             Thanks for all who helped to figure out all the problems with
+ *             2.6.14.x: Patrick McHardy, Rune Kock, VeNoMouS, Max CtRiX,
+ *             Kevin Shanahan, Richard Lucassen, Valery Dachev (hopefully
+ *             I didn't forget anybody). I apologize again for my lack of time.
+ *
+ *
+ *             2008/06/17 - 2.6.25 - Changed imq.c to use qdisc_run() instead 
+ *             of qdisc_restart() and moved qdisc_run() to tasklet to avoid
+ *             recursive locking. New initialization routines to fix 'rmmod' not
+ *             working anymore. Used code from ifb.c. (Jussi Kivilinna)
+ *
+ *             2008/08/06 - 2.6.27 - (JK)
+ *              - Replaced tasklet with 'netif_schedule()'.
+ *              - Cleaned up and added comments for imq_nf_queue().
+ *
+ *	       Also, many thanks to pablo Sebastian Greco for making the initial
+ *	       patch and to those who helped the testing.
+ *
+ *             More info at: http://www.linuximq.net/ (Andre Correa)
+ */
+
+#include <linux/module.h>
+#include <linux/kernel.h>
+#include <linux/moduleparam.h>
+#include <linux/skbuff.h>
+#include <linux/netdevice.h>
+#include <linux/etherdevice.h>
+#include <linux/rtnetlink.h>
+#include <linux/if_arp.h>
+#include <linux/netfilter.h>
+#include <linux/netfilter_ipv4.h>
+#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
+	#include <linux/netfilter_ipv6.h>
+#endif
+#include <linux/imq.h>
+#include <net/pkt_sched.h>
+#include <net/netfilter/nf_queue.h>
+
+static nf_hookfn imq_nf_hook;
+
+static struct nf_hook_ops imq_ingress_ipv4 = {
+	.hook		= imq_nf_hook,
+	.owner		= THIS_MODULE,
+	.pf		= PF_INET,
+	.hooknum	= NF_INET_PRE_ROUTING,
+#if defined(CONFIG_IMQ_BEHAVIOR_BA) || defined(CONFIG_IMQ_BEHAVIOR_BB)
+	.priority	= NF_IP_PRI_MANGLE + 1
+#else
+	.priority	= NF_IP_PRI_NAT_DST + 1
+#endif
+};
+
+static struct nf_hook_ops imq_egress_ipv4 = {
+	.hook		= imq_nf_hook,
+	.owner		= THIS_MODULE,
+	.pf		= PF_INET,
+	.hooknum	= NF_INET_POST_ROUTING,
+#if defined(CONFIG_IMQ_BEHAVIOR_AA) || defined(CONFIG_IMQ_BEHAVIOR_BA)
+	.priority	= NF_IP_PRI_LAST
+#else
+	.priority	= NF_IP_PRI_NAT_SRC - 1
+#endif
+};
+
+#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
+static struct nf_hook_ops imq_ingress_ipv6 = {
+	.hook		= imq_nf_hook,
+	.owner		= THIS_MODULE,
+	.pf		= PF_INET6,
+	.hooknum	= NF_INET_PRE_ROUTING,
+#if defined(CONFIG_IMQ_BEHAVIOR_BA) || defined(CONFIG_IMQ_BEHAVIOR_BB)
+	.priority	= NF_IP6_PRI_MANGLE + 1
+#else
+	.priority	= NF_IP6_PRI_NAT_DST + 1
+#endif
+};
+
+static struct nf_hook_ops imq_egress_ipv6 = {
+	.hook		= imq_nf_hook,
+	.owner		= THIS_MODULE,
+	.pf		= PF_INET6,
+	.hooknum	= NF_INET_POST_ROUTING,
+#if defined(CONFIG_IMQ_BEHAVIOR_AA) || defined(CONFIG_IMQ_BEHAVIOR_BA)
+	.priority	= NF_IP6_PRI_LAST
+#else
+	.priority	= NF_IP6_PRI_NAT_SRC - 1
+#endif
+};
+#endif
+
+#if defined(CONFIG_IMQ_NUM_DEVS)
+static unsigned int numdevs = CONFIG_IMQ_NUM_DEVS;
+#else
+static unsigned int numdevs = IMQ_MAX_DEVS;
+#endif
+
+static struct net_device *imq_devs_cache[IMQ_MAX_DEVS];
+
+static struct net_device_stats *imq_get_stats(struct net_device *dev)
+{
+	return &dev->stats;
+}
+
+/* called for packets kfree'd in qdiscs at places other than enqueue */
+static void imq_skb_destructor(struct sk_buff *skb)
+{
+	struct nf_queue_entry *entry = skb->nf_queue_entry;
+
+	if (likely(entry)) {
+		nf_queue_entry_release_refs(entry);
+		kfree(entry);
+	}
+}
+
+static void imq_nf_reinject(struct nf_queue_entry *entry, unsigned int verdict)
+{
+	int status;
+
+	if (!entry->next_outfn) {
+		nf_reinject(entry, verdict);
+		return;
+	}
+
+	status = entry->next_outfn(entry, entry->next_queuenum);
+	if (status < 0) {
+		nf_queue_entry_release_refs(entry);
+		kfree_skb(entry->skb);
+		kfree(entry);
+	}
+}
+
+static int imq_dev_xmit(struct sk_buff *skb, struct net_device *dev)
+{
+	struct nf_queue_entry *entry = skb->nf_queue_entry;
+
+	BUG_ON(entry == NULL);
+
+	dev->stats.tx_bytes += skb->len;
+	dev->stats.tx_packets++;
+
+	skb->imq_flags = 0;
+	skb->destructor = NULL;
+
+	dev->trans_start = jiffies;
+	imq_nf_reinject(entry, NF_ACCEPT);
+	return 0;
+}
+
+static int imq_nf_queue(struct nf_queue_entry *entry, unsigned queue_num)
+{
+	struct net_device *dev;
+	struct sk_buff *skb_orig, *skb, *skb_shared;
+	struct Qdisc *q;
+	spinlock_t *root_lock;
+	struct netdev_queue *txq;
+	int users, index;
+
+	index = entry->skb->imq_flags & IMQ_F_IFMASK;
+	if (unlikely(index > numdevs - 1)) {
+		if (net_ratelimit())
+			printk(KERN_WARNING
+			       "IMQ: invalid device specified, highest is %u\n",
+			       numdevs - 1);
+		return -EINVAL;
+	}
+
+	/* check for imq device by index from cache */
+	dev = imq_devs_cache[index];
+	if (unlikely(!dev)) {
+		char buf[8];
+
+		/* get device by name and cache result */
+		snprintf(buf, sizeof(buf), "imq%d", index);
+		dev = dev_get_by_name(&init_net, buf);
+		if (!dev) {
+			/* not found ?!*/
+			BUG();
+			return -ENODEV;
+		}
+
+		imq_devs_cache[index] = dev;
+	}
+
+	if (unlikely(!(dev->flags & IFF_UP))) {
+		entry->skb->imq_flags = 0;
+		imq_nf_reinject(entry, NF_ACCEPT);
+		return 0;
+	}
+	dev->last_rx = jiffies;
+
+	skb = entry->skb;
+	skb_orig = NULL;
+
+	/* skb has owner? => make clone */
+	if (unlikely(skb->destructor)) {
+		skb_orig = skb;
+		skb = skb_clone(skb, GFP_ATOMIC);
+		if (!skb)
+			return -ENOMEM;
+		entry->skb = skb;
+	}
+
+	skb->nf_queue_entry = entry;
+
+	dev->stats.rx_bytes += skb->len;
+	dev->stats.rx_packets++;
+
+	txq = dev_pick_tx(dev, skb);
+	q = txq->qdisc;
+
+	if (unlikely(!q->enqueue))
+		goto packet_not_eaten_by_imq_dev;
+
+	if (unlikely(!rtnl_trylock()))
+		goto packet_not_eaten_by_imq_dev;
+
+	root_lock = qdisc_root_lock(q);
+	spin_lock(root_lock);
+
+	users = atomic_read(&skb->users);
+
+	skb_shared = skb_get(skb); /* increase reference count by one */
+	qdisc_enqueue_root(skb_shared, q); /* might kfree_skb */
+
+	if (likely(atomic_read(&skb_shared->users) == users + 1)) {
+		kfree_skb(skb_shared); /* decrease reference count by one */
+
+		/* imq_skb_destructor frees the skb and entry */
+		skb->destructor = &imq_skb_destructor;
+
+		/* cloned? */
+		if (skb_orig)
+			kfree_skb(skb_orig); /* free original */
+
+		/* schedule qdisc dequeue */
+		netif_tx_schedule_all(dev);
+
+		spin_unlock(root_lock);
+		__rtnl_unlock();
+		return 0;
+	} else {
+		/* qdisc dropped packet and decreased skb reference count of
+		 * skb, so we don't really want to and try refree as that would
+		 * actually destroy the skb. */
+		spin_unlock(root_lock);
+		__rtnl_unlock();
+		goto packet_not_eaten_by_imq_dev;
+	}
+
+packet_not_eaten_by_imq_dev:
+	/* cloned? restore original */
+	if (skb_orig) {
+		kfree_skb(skb);
+		entry->skb = skb_orig;
+	}
+	return -1;
+}
+
+static struct nf_queue_handler nfqh = {
+	.name  = "imq",
+	.outfn = imq_nf_queue,
+};
+
+static unsigned int imq_nf_hook(unsigned int hook, struct sk_buff *pskb,
+				const struct net_device *indev,
+				const struct net_device *outdev,
+				int (*okfn)(struct sk_buff *))
+{
+	if (pskb->imq_flags & IMQ_F_ENQUEUE)
+		return NF_QUEUE;
+
+	return NF_ACCEPT;
+}
+
+static int imq_close(struct net_device *dev)
+{
+	netif_stop_queue(dev);
+	return 0;
+}
+
+static int imq_open(struct net_device *dev)
+{
+	netif_start_queue(dev);
+	return 0;
+}
+
+static void imq_setup(struct net_device *dev)
+{
+	dev->hard_start_xmit    = imq_dev_xmit;
+	dev->open		= imq_open;
+	dev->get_stats		= imq_get_stats;
+	dev->stop		= imq_close;
+	dev->type               = ARPHRD_VOID;
+	dev->mtu                = 1500;
+	dev->tx_queue_len       = 10000;
+	dev->flags              = IFF_NOARP;
+}
+
+static int imq_validate(struct nlattr *tb[], struct nlattr *data[])
+{
+	int ret = 0;
+
+	if (tb[IFLA_ADDRESS]) {
+		if (nla_len(tb[IFLA_ADDRESS]) != ETH_ALEN) {
+			ret = -EINVAL;
+			goto end;
+		}
+		if (!is_valid_ether_addr(nla_data(tb[IFLA_ADDRESS]))) {
+			ret = -EADDRNOTAVAIL;
+			goto end;
+		}
+	}
+	return 0;
+end:
+	printk(KERN_WARNING "IMQ: imq_validate failed (%d)\n", ret);
+	return ret;
+}
+
+static struct rtnl_link_ops imq_link_ops __read_mostly = {
+	.kind		= "imq",
+	.priv_size	= 0,
+	.setup		= imq_setup,
+	.validate	= imq_validate,
+};
+
+static int __init imq_init_hooks(void)
+{
+	int err;
+
+	nf_register_queue_imq_handler(&nfqh);
+
+	err = nf_register_hook(&imq_ingress_ipv4);
+	if (err)
+		goto err1;
+
+	err = nf_register_hook(&imq_egress_ipv4);
+	if (err)
+		goto err2;
+
+#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
+	err = nf_register_hook(&imq_ingress_ipv6);
+	if (err)
+		goto err3;
+
+	err = nf_register_hook(&imq_egress_ipv6);
+	if (err)
+		goto err4;
+#endif
+
+	return 0;
+
+#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
+err4:
+	nf_unregister_hook(&imq_ingress_ipv6);
+err3:
+	nf_unregister_hook(&imq_egress_ipv4);
+#endif
+err2:
+	nf_unregister_hook(&imq_ingress_ipv4);
+err1:
+	nf_unregister_queue_imq_handler();
+	return err;
+}
+
+static int __init imq_init_one(int index)
+{
+	struct net_device *dev;
+	int ret;
+
+	dev = alloc_netdev(0, "imq%d", imq_setup);
+	if (!dev)
+		return -ENOMEM;
+
+	ret = dev_alloc_name(dev, dev->name);
+	if (ret < 0)
+		goto fail;
+
+	dev->rtnl_link_ops = &imq_link_ops;
+	ret = register_netdevice(dev);
+	if (ret < 0)
+		goto fail;
+
+	return 0;
+fail:
+	free_netdev(dev);
+	return ret;
+}
+
+static int __init imq_init_devs(void)
+{
+	int err, i;
+
+	if (numdevs < 1 || numdevs > IMQ_MAX_DEVS) {
+		printk(KERN_ERR "IMQ: numdevs has to be betweed 1 and %u\n",
+		       IMQ_MAX_DEVS);
+		return -EINVAL;
+	}
+
+	rtnl_lock();
+	err = __rtnl_link_register(&imq_link_ops);
+
+	for (i = 0; i < numdevs && !err; i++)
+		err = imq_init_one(i);
+
+	if (err) {
+		__rtnl_link_unregister(&imq_link_ops);
+		memset(imq_devs_cache, 0, sizeof(imq_devs_cache));
+	}
+	rtnl_unlock();
+
+	return err;
+}
+
+static int __init imq_init_module(void)
+{
+	int err;
+
+#if defined(CONFIG_IMQ_NUM_DEVS)
+	BUILD_BUG_ON(CONFIG_IMQ_NUM_DEVS > 16);
+	BUILD_BUG_ON(CONFIG_IMQ_NUM_DEVS < 2);
+	BUILD_BUG_ON(CONFIG_IMQ_NUM_DEVS - 1 > IMQ_F_IFMASK);
+#endif
+
+	err = imq_init_devs();
+	if (err) {
+		printk(KERN_ERR "IMQ: Error trying imq_init_devs(net)\n");
+		return err;
+	}
+
+	err = imq_init_hooks();
+	if (err) {
+		printk(KERN_ERR "IMQ: Error trying imq_init_hooks()\n");
+		rtnl_link_unregister(&imq_link_ops);
+		memset(imq_devs_cache, 0, sizeof(imq_devs_cache));
+		return err;
+	}
+
+	printk(KERN_INFO "IMQ driver loaded successfully.\n");
+
+#if defined(CONFIG_IMQ_BEHAVIOR_BA) || defined(CONFIG_IMQ_BEHAVIOR_BB)
+	printk(KERN_INFO "\tHooking IMQ before NAT on PREROUTING.\n");
+#else
+	printk(KERN_INFO "\tHooking IMQ after NAT on PREROUTING.\n");
+#endif
+#if defined(CONFIG_IMQ_BEHAVIOR_AB) || defined(CONFIG_IMQ_BEHAVIOR_BB)
+	printk(KERN_INFO "\tHooking IMQ before NAT on POSTROUTING.\n");
+#else
+	printk(KERN_INFO "\tHooking IMQ after NAT on POSTROUTING.\n");
+#endif
+
+	return 0;
+}
+
+static void __exit imq_unhook(void)
+{
+#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
+	nf_unregister_hook(&imq_ingress_ipv6);
+	nf_unregister_hook(&imq_egress_ipv6);
+#endif
+	nf_unregister_hook(&imq_ingress_ipv4);
+	nf_unregister_hook(&imq_egress_ipv4);
+
+	nf_unregister_queue_imq_handler();
+}
+
+static void __exit imq_cleanup_devs(void)
+{
+	rtnl_link_unregister(&imq_link_ops);
+	memset(imq_devs_cache, 0, sizeof(imq_devs_cache));
+}
+
+static void __exit imq_exit_module(void)
+{
+	imq_unhook();
+	imq_cleanup_devs();
+	printk(KERN_INFO "IMQ driver unloaded successfully.\n");
+}
+
+module_init(imq_init_module);
+module_exit(imq_exit_module);
+
+module_param(numdevs, int, 0);
+MODULE_PARM_DESC(numdevs, "number of IMQ devices (how many imq* devices will "
+			"be created)");
+MODULE_AUTHOR("http://www.linuximq.net");
+MODULE_DESCRIPTION("Pseudo-driver for the intermediate queue device. See "
+			"http://www.linuximq.net/ for more information.");
+MODULE_LICENSE("GPL");
+MODULE_ALIAS_RTNL_LINK("imq");
+
--- /dev/null
+++ b/include/linux/imq.h
@@ -0,0 +1,13 @@
+#ifndef _IMQ_H
+#define _IMQ_H
+
+/* IFMASK (16 device indexes, 0 to 15) and flag(s) fit in 5 bits */
+#define IMQ_F_BITS	5
+
+#define IMQ_F_IFMASK	0x0f
+#define IMQ_F_ENQUEUE	0x10
+
+#define IMQ_MAX_DEVS	(IMQ_F_IFMASK + 1)
+
+#endif /* _IMQ_H */
+
--- /dev/null
+++ b/include/linux/netfilter/xt_IMQ.h
@@ -0,0 +1,9 @@
+#ifndef _XT_IMQ_H
+#define _XT_IMQ_H
+
+struct xt_imq_info {
+	unsigned int todev;     /* target imq device */
+};
+
+#endif /* _XT_IMQ_H */
+
--- /dev/null
+++ b/include/linux/netfilter_ipv6/ip6t_IMQ.h
@@ -0,0 +1,10 @@
+#ifndef _IP6T_IMQ_H
+#define _IP6T_IMQ_H
+
+/* Backwards compatibility for old userspace */
+#include <linux/netfilter/xt_IMQ.h>
+
+#define ip6t_imq_info xt_imq_info
+
+#endif /* _IP6T_IMQ_H */
+
--- a/include/linux/skbuff.h
+++ b/include/linux/skbuff.h
@@ -28,6 +28,9 @@
 #include <linux/rcupdate.h>
 #include <linux/dmaengine.h>
 #include <linux/hrtimer.h>
+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
+#include <linux/imq.h>
+#endif
 
 #define HAVE_ALLOC_SKB		/* For the drivers to know */
 #define HAVE_ALIGNABLE_SKB	/* Ditto 8)		   */
@@ -302,6 +305,13 @@ struct sk_buff {
 	struct nf_conntrack	*nfct;
 	struct sk_buff		*nfct_reasm;
 #endif
+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
+	struct nf_queue_entry	*nf_queue_entry;
+/* 2.6.27 started using skb->cb for qdiscs. Problem here is that IMQ run qdisc
+ * on wrong layer and skb->cb is already used by TCP. So we need to make qdisc
+ * not use skb, this adds 4 extra bytes to skbuff. */
+	unsigned int		qdisc_skb_cb_pkt_len;
+#endif
 #ifdef CONFIG_BRIDGE_NETFILTER
 	struct nf_bridge_info	*nf_bridge;
 #endif
@@ -321,6 +331,9 @@ struct sk_buff {
 	__u8			do_not_encrypt:1;
 #endif
 	/* 0/13/14 bit hole */
+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
+	__u8			imq_flags:IMQ_F_BITS;
+#endif
 
 #ifdef CONFIG_NET_DMA
 	dma_cookie_t		dma_cookie;
@@ -1638,6 +1651,10 @@ static inline void __nf_copy(struct sk_buff *dst, const struct sk_buff *src)
 	dst->nfct_reasm = src->nfct_reasm;
 	nf_conntrack_get_reasm(src->nfct_reasm);
 #endif
+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
+	dst->imq_flags = src->imq_flags;
+	dst->nf_queue_entry = src->nf_queue_entry;
+#endif
 #ifdef CONFIG_BRIDGE_NETFILTER
 	dst->nf_bridge  = src->nf_bridge;
 	nf_bridge_get(src->nf_bridge);
--- a/include/net/netfilter/nf_queue.h
+++ b/include/net/netfilter/nf_queue.h
@@ -13,6 +13,13 @@ struct nf_queue_entry {
 	struct net_device	*indev;
 	struct net_device	*outdev;
 	int			(*okfn)(struct sk_buff *);
+
+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
+	/* following allow IMQ work when other nf_queue handlers are set up */
+	int			(*next_outfn)(struct nf_queue_entry *entry,
+					      unsigned int queuenum);
+	unsigned int		next_queuenum;
+#endif
 };
 
 #define nf_queue_entry_reroute(x) ((void *)x + sizeof(struct nf_queue_entry))
@@ -30,5 +37,11 @@ extern int nf_unregister_queue_handler(int pf,
 				       const struct nf_queue_handler *qh);
 extern void nf_unregister_queue_handlers(const struct nf_queue_handler *qh);
 extern void nf_reinject(struct nf_queue_entry *entry, unsigned int verdict);
+extern void nf_queue_entry_release_refs(struct nf_queue_entry *entry);
+
+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
+extern void nf_register_queue_imq_handler(const struct nf_queue_handler *qh);
+extern void nf_unregister_queue_imq_handler(void);
+#endif
 
 #endif /* _NF_QUEUE_H */
--- a/include/net/sch_generic.h
+++ b/include/net/sch_generic.h
@@ -174,7 +174,11 @@ struct tcf_proto
 };
 
 struct qdisc_skb_cb {
+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
+	unsigned int		__imq_do_not_use;
+#else
 	unsigned int		pkt_len;
+#endif
 	char			data[];
 };
 
@@ -275,6 +279,8 @@ extern void qdisc_class_hash_remove(struct Qdisc_class_hash *, struct Qdisc_clas
 extern void qdisc_class_hash_grow(struct Qdisc *, struct Qdisc_class_hash *);
 extern void qdisc_class_hash_destroy(struct Qdisc_class_hash *);
 
+extern struct netdev_queue *dev_pick_tx(struct net_device *dev,
+					struct sk_buff *skb);
 extern void dev_init_scheduler(struct net_device *dev);
 extern void dev_shutdown(struct net_device *dev);
 extern void dev_activate(struct net_device *dev);
@@ -340,7 +346,11 @@ static inline bool qdisc_tx_is_noop(const struct net_device *dev)
 
 static inline unsigned int qdisc_pkt_len(struct sk_buff *skb)
 {
+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
+	return skb->qdisc_skb_cb_pkt_len; /* see skbuff.h why */
+#else
 	return qdisc_skb_cb(skb)->pkt_len;
+#endif
 }
 
 /* additional qdisc xmit flags (NET_XMIT_MASK in linux/netdevice.h) */
@@ -366,7 +376,11 @@ static inline int qdisc_enqueue(struct sk_buff *skb, struct Qdisc *sch)
 
 static inline int qdisc_enqueue_root(struct sk_buff *skb, struct Qdisc *sch)
 {
+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
+	skb->qdisc_skb_cb_pkt_len = skb->len; /* see skbuff.h why */
+#else
 	qdisc_skb_cb(skb)->pkt_len = skb->len;
+#endif
 	return qdisc_enqueue(skb, sch) & NET_XMIT_MASK;
 }
 
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -96,6 +96,9 @@
 #include <net/net_namespace.h>
 #include <net/sock.h>
 #include <linux/rtnetlink.h>
+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
+#include <linux/imq.h>
+#endif
 #include <linux/proc_fs.h>
 #include <linux/seq_file.h>
 #include <linux/stat.h>
@@ -1619,7 +1622,11 @@ int dev_hard_start_xmit(struct sk_buff *skb, struct net_device *dev,
 			struct netdev_queue *txq)
 {
 	if (likely(!skb->next)) {
-		if (!list_empty(&ptype_all))
+		if (!list_empty(&ptype_all)
+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
+		    && !(skb->imq_flags & IMQ_F_ENQUEUE)
+#endif
+		    )
 			dev_queue_xmit_nit(skb, dev);
 
 		if (netif_needs_gso(dev, skb)) {
@@ -1709,8 +1716,7 @@ static u16 simple_tx_hash(struct net_device *dev, struct sk_buff *skb)
 	return (u16) (((u64) hash * dev->real_num_tx_queues) >> 32);
 }
 
-static struct netdev_queue *dev_pick_tx(struct net_device *dev,
-					struct sk_buff *skb)
+struct netdev_queue *dev_pick_tx(struct net_device *dev, struct sk_buff *skb)
 {
 	u16 queue_index = 0;
 
@@ -1722,6 +1728,7 @@ static struct netdev_queue *dev_pick_tx(struct net_device *dev,
 	skb_set_queue_mapping(skb, queue_index);
 	return netdev_get_tx_queue(dev, queue_index);
 }
+EXPORT_SYMBOL(dev_pick_tx);
 
 /**
  *	dev_queue_xmit - transmit a buffer
--- a/net/core/rtnetlink.c
+++ b/net/core/rtnetlink.c
@@ -1406,6 +1406,7 @@ EXPORT_SYMBOL(rtnetlink_put_metrics);
 EXPORT_SYMBOL(rtnl_lock);
 EXPORT_SYMBOL(rtnl_trylock);
 EXPORT_SYMBOL(rtnl_unlock);
+EXPORT_SYMBOL(__rtnl_unlock);
 EXPORT_SYMBOL(rtnl_is_locked);
 EXPORT_SYMBOL(rtnl_unicast);
 EXPORT_SYMBOL(rtnl_notify);
--- a/net/core/skbuff.c
+++ b/net/core/skbufc
@@ -436,6 +436,9 @@ static void __copy_skb_header(struct sk_buff *new, const struct sk_buff *old)
 	new->sp			= secpath_get(old->sp);
 #endif
 	memcpy(new->cb, old->cb, sizeof(old->cb));
+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
+	new->qdisc_skb_cb_pkt_len = old->qdisc_skb_cb_pkt_len;
+#endif
 	new->csum_start		= old->csum_start;
 	new->csum_offset	= old->csum_offset;
 	new->local_df		= old->local_df;
@@ -2258,7 +2258,9 @@
 
 		__copy_skb_header(nskb, skb);
 		nskb->mac_len = skb->mac_len;
-
+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
+		nskb->qdisc_skb_cb_pkt_len = skb->qdisc_skb_cb_pkt_len;
+#endif
 		skb_reserve(nskb, headroom);
 		skb_reset_mac_header(nskb);
 		skb_set_network_header(nskb, skb->mac_len); 
--- a/net/netfilter/Kconfig
+++ b/net/netfilter/Kconfig
@@ -342,6 +342,18 @@ config NETFILTER_XT_TARGET_DSCP
 
 	  To compile it as a module, choose M here.  If unsure, say N.
 
+config NETFILTER_XT_TARGET_IMQ
+        tristate '"IMQ" target support'
+	depends on NETFILTER_XTABLES
+	depends on IP_NF_MANGLE || IP6_NF_MANGLE
+	select IMQ
+	default m if NETFILTER_ADVANCED=n
+        help
+          This option adds a `IMQ' target which is used to specify if and
+          to which imq device packets should get enqueued/dequeued.
+
+          To compile it as a module, choose M here.  If unsure, say N.
+
 config NETFILTER_XT_TARGET_MARK
 	tristate '"MARK" target support'
 	depends on NETFILTER_XTABLES
--- a/net/netfilter/Makefile
+++ b/net/netfilter/Makefile
@@ -42,6 +42,7 @@ obj-$(CONFIG_NETFILTER_XT_TARGET_CLASSIFY) += xt_CLASSIFY.o
 obj-$(CONFIG_NETFILTER_XT_TARGET_CONNMARK) += xt_CONNMARK.o
 obj-$(CONFIG_NETFILTER_XT_TARGET_CONNSECMARK) += xt_CONNSECMARK.o
 obj-$(CONFIG_NETFILTER_XT_TARGET_DSCP) += xt_DSCP.o
+obj-$(CONFIG_NETFILTER_XT_TARGET_IMQ) += xt_IMQ.o
 obj-$(CONFIG_NETFILTER_XT_TARGET_MARK) += xt_MARK.o
 obj-$(CONFIG_NETFILTER_XT_TARGET_NFLOG) += xt_NFLOG.o
 obj-$(CONFIG_NETFILTER_XT_TARGET_NFQUEUE) += xt_NFQUEUE.o
--- a/net/netfilter/nf_queue.c
+++ b/net/netfilter/nf_queue.c
@@ -20,6 +20,26 @@ static const struct nf_queue_handler *queue_handler[NPROTO];
 
 static DEFINE_MUTEX(queue_handler_mutex);
 
+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
+static const struct nf_queue_handler *queue_imq_handler;
+
+void nf_register_queue_imq_handler(const struct nf_queue_handler *qh)
+{
+	mutex_lock(&queue_handler_mutex);
+	rcu_assign_pointer(queue_imq_handler, qh);
+	mutex_unlock(&queue_handler_mutex);
+}
+EXPORT_SYMBOL(nf_register_queue_imq_handler);
+
+void nf_unregister_queue_imq_handler(void)
+{
+	mutex_lock(&queue_handler_mutex);
+	rcu_assign_pointer(queue_imq_handler, NULL);
+	mutex_unlock(&queue_handler_mutex);
+}
+EXPORT_SYMBOL(nf_unregister_queue_imq_handler);
+#endif
+
 /* return EBUSY when somebody else is registered, return EEXIST if the
  * same handler is registered, return 0 in case of success. */
 int nf_register_queue_handler(int pf, const struct nf_queue_handler *qh)
@@ -80,7 +100,7 @@ void nf_unregister_queue_handlers(const struct nf_queue_handler *qh)
 }
 EXPORT_SYMBOL_GPL(nf_unregister_queue_handlers);
 
-static void nf_queue_entry_release_refs(struct nf_queue_entry *entry)
+void nf_queue_entry_release_refs(struct nf_queue_entry *entry)
 {
 	/* Release those devices we held, or Alexey will kill me. */
 	if (entry->indev)
@@ -100,6 +120,7 @@ static void nf_queue_entry_release_refs(struct nf_queue_entry *entry)
 	/* Drop reference to owner of hook which queued us. */
 	module_put(entry->elem->owner);
 }
+EXPORT_SYMBOL_GPL(nf_queue_entry_release_refs);
 
 /*
  * Any packet that leaves via this function must come back
@@ -121,12 +142,26 @@ static int __nf_queue(struct sk_buff *skb,
 #endif
 	const struct nf_afinfo *afinfo;
 	const struct nf_queue_handler *qh;
+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
+	const struct nf_queue_handler *qih = NULL;
+#endif
 
 	/* QUEUE == DROP if noone is waiting, to be safe. */
 	rcu_read_lock();
 
 	qh = rcu_dereference(queue_handler[pf]);
+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
+#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
+	if (pf == PF_INET || pf == PF_INET6)
+#else
+	if (pf == PF_INET)
+#endif
+		qih = rcu_dereference(queue_imq_handler);
+
+	if (!qh && !qih)
+#else /* !IMQ */
 	if (!qh)
+#endif
 		goto err_unlock;
 
 	afinfo = nf_get_afinfo(pf);
@@ -145,6 +180,10 @@ static int __nf_queue(struct sk_buff *skb,
 		.indev	= indev,
 		.outdev	= outdev,
 		.okfn	= okfn,
+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
+		.next_outfn = qh ? qh->outfn : NULL,
+		.next_queuenum = queuenum,
+#endif
 	};
 
 	/* If it's going away, ignore hook. */
@@ -170,8 +209,19 @@ static int __nf_queue(struct sk_buff *skb,
 	}
 #endif
 	afinfo->saveroute(skb, entry);
+
+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
+	if (qih) {
+		status = qih->outfn(entry, queuenum);
+		goto imq_skip_queue;
+	}
+#endif
+
 	status = qh->outfn(entry, queuenum);
 
+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
+imq_skip_queue:
+#endif
 	rcu_read_unlock();
 
 	if (status < 0) {
--- /dev/null
+++ b/net/netfilter/xt_IMQ.c
@@ -0,0 +1,81 @@
+/*
+ * This target marks packets to be enqueued to an imq device
+ */
+#include <linux/module.h>
+#include <linux/skbuff.h>
+#include <linux/netfilter/x_tables.h>
+#include <linux/netfilter/xt_IMQ.h>
+#include <linux/imq.h>
+
+static unsigned int imq_target(struct sk_buff *pskb,
+			       const struct net_device *in,
+			       const struct net_device *out,
+			       unsigned int hooknum,
+			       const struct xt_target *target,
+			       const void *targinfo)
+{
+	const struct xt_imq_info *mr = targinfo;
+
+	pskb->imq_flags = (mr->todev & IMQ_F_IFMASK) | IMQ_F_ENQUEUE;
+
+	return XT_CONTINUE;
+}
+
+static bool imq_checkentry(const char *tablename,
+			  const void *entry,
+			  const struct xt_target *target,
+			  void *targinfo,
+			  unsigned int hook_mask)
+{
+	struct xt_imq_info *mr = targinfo;
+
+	if (mr->todev > IMQ_MAX_DEVS - 1) {
+		printk(KERN_WARNING
+		       "IMQ: invalid device specified, highest is %u\n",
+		       IMQ_MAX_DEVS - 1);
+		return 0;
+	}
+
+	return 1;
+}
+
+static struct xt_target xt_imq_reg[] __read_mostly = {
+	{
+		.name           = "IMQ",
+		.family		= AF_INET,
+		.target         = imq_target,
+		.targetsize	= sizeof(struct xt_imq_info),
+		.table		= "mangle",
+		.checkentry     = imq_checkentry,
+		.me             = THIS_MODULE
+	},
+	{
+		.name           = "IMQ",
+		.family		= AF_INET6,
+		.target         = imq_target,
+		.targetsize	= sizeof(struct xt_imq_info),
+		.table		= "mangle",
+		.checkentry     = imq_checkentry,
+		.me             = THIS_MODULE
+	},
+};
+
+static int __init imq_init(void)
+{
+	return xt_register_targets(xt_imq_reg, ARRAY_SIZE(xt_imq_reg));
+}
+
+static void __exit imq_fini(void)
+{
+	xt_unregister_targets(xt_imq_reg, ARRAY_SIZE(xt_imq_reg));
+}
+
+module_init(imq_init);
+module_exit(imq_fini);
+
+MODULE_AUTHOR("http://www.linuximq.net");
+MODULE_DESCRIPTION("Pseudo-driver for the intermediate queue device. See http://www.linuximq.net/ for more information.");
+MODULE_LICENSE("GPL");
+MODULE_ALIAS("ipt_IMQ");
+MODULE_ALIAS("ip6t_IMQ");
+
--- a/net/sched/sch_api.c
+++ b/net/sched/sch_api.c
@@ -405,7 +405,11 @@ void qdisc_calculate_pkt_len(struct sk_buff *skb, struct qdisc_size_table *stab)
 out:
 	if (unlikely(pkt_len < 1))
 		pkt_len = 1;
+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
+	skb->qdisc_skb_cb_pkt_len = pkt_len; /* see skbuff.h why */
+#else
 	qdisc_skb_cb(skb)->pkt_len = pkt_len;
+#endif
 }
 EXPORT_SYMBOL(qdisc_calculate_pkt_len);