From: Stephen Hemminger Date: Thu, 14 Dec 2006 00:56:40 +0000 (-0800) Subject: Change to post 2.6.19 sanitized headers X-Git-Tag: v2.6.19-061214~9 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5a8ba228620604880f47d9087d7c5cdbebb12ffd;p=thirdparty%2Fiproute2.git Change to post 2.6.19 sanitized headers Signed-off-by: Stephen Hemminger --- diff --git a/include/linux/if_addr.h b/include/linux/if_addr.h index dbe8f6120..d557e4ce9 100644 --- a/include/linux/if_addr.h +++ b/include/linux/if_addr.h @@ -52,4 +52,10 @@ struct ifa_cacheinfo __u32 tstamp; /* updated timestamp, hundredths of seconds */ }; +/* backwards compatibility for userspace */ +#ifndef __KERNEL__ +#define IFA_RTA(r) ((struct rtattr*)(((char*)(r)) + NLMSG_ALIGN(sizeof(struct ifaddrmsg)))) +#define IFA_PAYLOAD(n) NLMSG_PAYLOAD(n,sizeof(struct ifaddrmsg)) +#endif + #endif diff --git a/include/linux/if_link.h b/include/linux/if_link.h index e963a077e..35ed3b546 100644 --- a/include/linux/if_link.h +++ b/include/linux/if_link.h @@ -82,6 +82,12 @@ enum #define IFLA_MAX (__IFLA_MAX - 1) +/* backwards compatibility for userspace */ +#ifndef __KERNEL__ +#define IFLA_RTA(r) ((struct rtattr*)(((char*)(r)) + NLMSG_ALIGN(sizeof(struct ifinfomsg)))) +#define IFLA_PAYLOAD(n) NLMSG_PAYLOAD(n,sizeof(struct ifinfomsg)) +#endif + /* ifi_flags. IFF_* flags. diff --git a/include/linux/ip_tables.h b/include/linux/ip_tables.h deleted file mode 100644 index d7d5b0f75..000000000 --- a/include/linux/ip_tables.h +++ /dev/null @@ -1,262 +0,0 @@ -/* - * 25-Jul-1998 Major changes to allow for ip chain table - * - * 3-Jan-2000 Named tables to allow packet selection for different uses. - */ - -/* - * Format of an IP firewall descriptor - * - * src, dst, src_mask, dst_mask are always stored in network byte order. - * flags are stored in host byte order (of course). - * Port numbers are stored in HOST byte order. - */ - -#ifndef _IPTABLES_H -#define _IPTABLES_H - -#include - -#include - -#define IPT_FUNCTION_MAXNAMELEN XT_FUNCTION_MAXNAMELEN -#define IPT_TABLE_MAXNAMELEN XT_FUNCTION_MAXNAMELEN -#define ipt_match xt_match -#define ipt_target xt_target -#define ipt_table xt_table -#define ipt_get_revision xt_get_revision - -/* Yes, Virginia, you have to zero the padding. */ -struct ipt_ip { - /* Source and destination IP addr */ - struct in_addr src, dst; - /* Mask for src and dest IP addr */ - struct in_addr smsk, dmsk; - char iniface[IFNAMSIZ], outiface[IFNAMSIZ]; - unsigned char iniface_mask[IFNAMSIZ], outiface_mask[IFNAMSIZ]; - - /* Protocol, 0 = ANY */ - u_int16_t proto; - - /* Flags word */ - u_int8_t flags; - /* Inverse flags */ - u_int8_t invflags; -}; - -#define ipt_entry_match xt_entry_match -#define ipt_entry_target xt_entry_target -#define ipt_standard_target xt_standard_target - -#define ipt_counters xt_counters - -/* Values for "flag" field in struct ipt_ip (general ip structure). */ -#define IPT_F_FRAG 0x01 /* Set if rule is a fragment rule */ -#define IPT_F_GOTO 0x02 /* Set if jump is a goto */ -#define IPT_F_MASK 0x03 /* All possible flag bits mask. */ - -/* Values for "inv" field in struct ipt_ip. */ -#define IPT_INV_VIA_IN 0x01 /* Invert the sense of IN IFACE. */ -#define IPT_INV_VIA_OUT 0x02 /* Invert the sense of OUT IFACE */ -#define IPT_INV_TOS 0x04 /* Invert the sense of TOS. */ -#define IPT_INV_SRCIP 0x08 /* Invert the sense of SRC IP. */ -#define IPT_INV_DSTIP 0x10 /* Invert the sense of DST OP. */ -#define IPT_INV_FRAG 0x20 /* Invert the sense of FRAG. */ -#define IPT_INV_PROTO XT_INV_PROTO -#define IPT_INV_MASK 0x7F /* All possible flag bits mask. */ - -/* This structure defines each of the firewall rules. Consists of 3 - parts which are 1) general IP header stuff 2) match specific - stuff 3) the target to perform if the rule matches */ -struct ipt_entry -{ - struct ipt_ip ip; - - /* Mark with fields that we care about. */ - unsigned int nfcache; - - /* Size of ipt_entry + matches */ - u_int16_t target_offset; - /* Size of ipt_entry + matches + target */ - u_int16_t next_offset; - - /* Back pointer */ - unsigned int comefrom; - - /* Packet and byte counters. */ - struct xt_counters counters; - - /* The matches (if any), then the target. */ - unsigned char elems[0]; -}; - -/* - * New IP firewall options for [gs]etsockopt at the RAW IP level. - * Unlike BSD Linux inherits IP options so you don't have to use a raw - * socket for this. Instead we check rights in the calls. - * - * ATTENTION: check linux/in.h before adding new number here. - */ -#define IPT_BASE_CTL 64 - -#define IPT_SO_SET_REPLACE (IPT_BASE_CTL) -#define IPT_SO_SET_ADD_COUNTERS (IPT_BASE_CTL + 1) -#define IPT_SO_SET_MAX IPT_SO_SET_ADD_COUNTERS - -#define IPT_SO_GET_INFO (IPT_BASE_CTL) -#define IPT_SO_GET_ENTRIES (IPT_BASE_CTL + 1) -#define IPT_SO_GET_REVISION_MATCH (IPT_BASE_CTL + 2) -#define IPT_SO_GET_REVISION_TARGET (IPT_BASE_CTL + 3) -#define IPT_SO_GET_MAX IPT_SO_GET_REVISION_TARGET - -#define IPT_CONTINUE XT_CONTINUE -#define IPT_RETURN XT_RETURN - -#include -#define ipt_udp xt_udp -#define ipt_tcp xt_tcp - -#define IPT_TCP_INV_SRCPT XT_TCP_INV_SRCPT -#define IPT_TCP_INV_DSTPT XT_TCP_INV_DSTPT -#define IPT_TCP_INV_FLAGS XT_TCP_INV_FLAGS -#define IPT_TCP_INV_OPTION XT_TCP_INV_OPTION -#define IPT_TCP_INV_MASK XT_TCP_INV_MASK - -#define IPT_UDP_INV_SRCPT XT_UDP_INV_SRCPT -#define IPT_UDP_INV_DSTPT XT_UDP_INV_DSTPT -#define IPT_UDP_INV_MASK XT_UDP_INV_MASK - -/* ICMP matching stuff */ -struct ipt_icmp -{ - u_int8_t type; /* type to match */ - u_int8_t code[2]; /* range of code */ - u_int8_t invflags; /* Inverse flags */ -}; - -/* Values for "inv" field for struct ipt_icmp. */ -#define IPT_ICMP_INV 0x01 /* Invert the sense of type/code test */ - -/* The argument to IPT_SO_GET_INFO */ -struct ipt_getinfo -{ - /* Which table: caller fills this in. */ - char name[IPT_TABLE_MAXNAMELEN]; - - /* Kernel fills these in. */ - /* Which hook entry points are valid: bitmask */ - unsigned int valid_hooks; - - /* Hook entry points: one per netfilter hook. */ - unsigned int hook_entry[NF_IP_NUMHOOKS]; - - /* Underflow points. */ - unsigned int underflow[NF_IP_NUMHOOKS]; - - /* Number of entries */ - unsigned int num_entries; - - /* Size of entries. */ - unsigned int size; -}; - -/* The argument to IPT_SO_SET_REPLACE. */ -struct ipt_replace -{ - /* Which table. */ - char name[IPT_TABLE_MAXNAMELEN]; - - /* Which hook entry points are valid: bitmask. You can't - change this. */ - unsigned int valid_hooks; - - /* Number of entries */ - unsigned int num_entries; - - /* Total size of new entries */ - unsigned int size; - - /* Hook entry points. */ - unsigned int hook_entry[NF_IP_NUMHOOKS]; - - /* Underflow points. */ - unsigned int underflow[NF_IP_NUMHOOKS]; - - /* Information about old entries: */ - /* Number of counters (must be equal to current number of entries). */ - unsigned int num_counters; - /* The old entries' counters. */ - struct xt_counters *counters; - - /* The entries (hang off end: not really an array). */ - struct ipt_entry entries[0]; -}; - -/* The argument to IPT_SO_ADD_COUNTERS. */ -#define ipt_counters_info xt_counters_info - -/* The argument to IPT_SO_GET_ENTRIES. */ -struct ipt_get_entries -{ - /* Which table: user fills this in. */ - char name[IPT_TABLE_MAXNAMELEN]; - - /* User fills this in: total entry size. */ - unsigned int size; - - /* The entries. */ - struct ipt_entry entrytable[0]; -}; - -/* Standard return verdict, or do jump. */ -#define IPT_STANDARD_TARGET XT_STANDARD_TARGET -/* Error verdict. */ -#define IPT_ERROR_TARGET XT_ERROR_TARGET - -/* Helper functions */ -static __inline__ struct ipt_entry_target * -ipt_get_target(struct ipt_entry *e) -{ - return (void *)e + e->target_offset; -} - -/* fn returns 0 to continue iteration */ -#define IPT_MATCH_ITERATE(e, fn, args...) \ -({ \ - unsigned int __i; \ - int __ret = 0; \ - struct ipt_entry_match *__match; \ - \ - for (__i = sizeof(struct ipt_entry); \ - __i < (e)->target_offset; \ - __i += __match->u.match_size) { \ - __match = (void *)(e) + __i; \ - \ - __ret = fn(__match , ## args); \ - if (__ret != 0) \ - break; \ - } \ - __ret; \ -}) - -/* fn returns 0 to continue iteration */ -#define IPT_ENTRY_ITERATE(entries, size, fn, args...) \ -({ \ - unsigned int __i; \ - int __ret = 0; \ - struct ipt_entry *__entry; \ - \ - for (__i = 0; __i < (size); __i += __entry->next_offset) { \ - __entry = (void *)(entries) + __i; \ - \ - __ret = fn(__entry , ## args); \ - if (__ret != 0) \ - break; \ - } \ - __ret; \ -}) - -/* - * Main firewall chains definitions and global var's definitions. - */ -#endif /* _IPTABLES_H */ diff --git a/include/linux/netfilter_ipv4/ip_tables.h b/include/linux/netfilter_ipv4/ip_tables.h index 17d8eff72..d7d5b0f75 100644 --- a/include/linux/netfilter_ipv4/ip_tables.h +++ b/include/linux/netfilter_ipv4/ip_tables.h @@ -17,8 +17,14 @@ #include -#define IPT_FUNCTION_MAXNAMELEN 30 -#define IPT_TABLE_MAXNAMELEN 32 +#include + +#define IPT_FUNCTION_MAXNAMELEN XT_FUNCTION_MAXNAMELEN +#define IPT_TABLE_MAXNAMELEN XT_FUNCTION_MAXNAMELEN +#define ipt_match xt_match +#define ipt_target xt_target +#define ipt_table xt_table +#define ipt_get_revision xt_get_revision /* Yes, Virginia, you have to zero the padding. */ struct ipt_ip { @@ -38,70 +44,16 @@ struct ipt_ip { u_int8_t invflags; }; -struct ipt_entry_match -{ - union { - struct { - u_int16_t match_size; - - /* Used by userspace */ - char name[IPT_FUNCTION_MAXNAMELEN-1]; - - u_int8_t revision; - } user; - struct { - u_int16_t match_size; - - /* Used inside the kernel */ - struct ipt_match *match; - } kernel; - - /* Total length */ - u_int16_t match_size; - } u; - - unsigned char data[0]; -}; - -struct ipt_entry_target -{ - union { - struct { - u_int16_t target_size; - - /* Used by userspace */ - char name[IPT_FUNCTION_MAXNAMELEN-1]; - - u_int8_t revision; - } user; - struct { - u_int16_t target_size; - - /* Used inside the kernel */ - struct ipt_target *target; - } kernel; - - /* Total length */ - u_int16_t target_size; - } u; - - unsigned char data[0]; -}; - -struct ipt_standard_target -{ - struct ipt_entry_target target; - int verdict; -}; +#define ipt_entry_match xt_entry_match +#define ipt_entry_target xt_entry_target +#define ipt_standard_target xt_standard_target -struct ipt_counters -{ - u_int64_t pcnt, bcnt; /* Packet and byte counters */ -}; +#define ipt_counters xt_counters /* Values for "flag" field in struct ipt_ip (general ip structure). */ #define IPT_F_FRAG 0x01 /* Set if rule is a fragment rule */ -#define IPT_F_MASK 0x01 /* All possible flag bits mask. */ +#define IPT_F_GOTO 0x02 /* Set if jump is a goto */ +#define IPT_F_MASK 0x03 /* All possible flag bits mask. */ /* Values for "inv" field in struct ipt_ip. */ #define IPT_INV_VIA_IN 0x01 /* Invert the sense of IN IFACE. */ @@ -110,7 +62,7 @@ struct ipt_counters #define IPT_INV_SRCIP 0x08 /* Invert the sense of SRC IP. */ #define IPT_INV_DSTIP 0x10 /* Invert the sense of DST OP. */ #define IPT_INV_FRAG 0x20 /* Invert the sense of FRAG. */ -#define IPT_INV_PROTO 0x40 /* Invert the sense of PROTO. */ +#define IPT_INV_PROTO XT_INV_PROTO #define IPT_INV_MASK 0x7F /* All possible flag bits mask. */ /* This structure defines each of the firewall rules. Consists of 3 @@ -132,7 +84,7 @@ struct ipt_entry unsigned int comefrom; /* Packet and byte counters. */ - struct ipt_counters counters; + struct xt_counters counters; /* The matches (if any), then the target. */ unsigned char elems[0]; @@ -141,8 +93,11 @@ struct ipt_entry /* * New IP firewall options for [gs]etsockopt at the RAW IP level. * Unlike BSD Linux inherits IP options so you don't have to use a raw - * socket for this. Instead we check rights in the calls. */ -#define IPT_BASE_CTL 64 /* base for firewall socket options */ + * socket for this. Instead we check rights in the calls. + * + * ATTENTION: check linux/in.h before adding new number here. + */ +#define IPT_BASE_CTL 64 #define IPT_SO_SET_REPLACE (IPT_BASE_CTL) #define IPT_SO_SET_ADD_COUNTERS (IPT_BASE_CTL + 1) @@ -154,42 +109,22 @@ struct ipt_entry #define IPT_SO_GET_REVISION_TARGET (IPT_BASE_CTL + 3) #define IPT_SO_GET_MAX IPT_SO_GET_REVISION_TARGET -/* CONTINUE verdict for targets */ -#define IPT_CONTINUE 0xFFFFFFFF +#define IPT_CONTINUE XT_CONTINUE +#define IPT_RETURN XT_RETURN -/* For standard target */ -#define IPT_RETURN (-NF_MAX_VERDICT - 1) +#include +#define ipt_udp xt_udp +#define ipt_tcp xt_tcp -/* TCP matching stuff */ -struct ipt_tcp -{ - u_int16_t spts[2]; /* Source port range. */ - u_int16_t dpts[2]; /* Destination port range. */ - u_int8_t option; /* TCP Option iff non-zero*/ - u_int8_t flg_mask; /* TCP flags mask byte */ - u_int8_t flg_cmp; /* TCP flags compare byte */ - u_int8_t invflags; /* Inverse flags */ -}; +#define IPT_TCP_INV_SRCPT XT_TCP_INV_SRCPT +#define IPT_TCP_INV_DSTPT XT_TCP_INV_DSTPT +#define IPT_TCP_INV_FLAGS XT_TCP_INV_FLAGS +#define IPT_TCP_INV_OPTION XT_TCP_INV_OPTION +#define IPT_TCP_INV_MASK XT_TCP_INV_MASK -/* Values for "inv" field in struct ipt_tcp. */ -#define IPT_TCP_INV_SRCPT 0x01 /* Invert the sense of source ports. */ -#define IPT_TCP_INV_DSTPT 0x02 /* Invert the sense of dest ports. */ -#define IPT_TCP_INV_FLAGS 0x04 /* Invert the sense of TCP flags. */ -#define IPT_TCP_INV_OPTION 0x08 /* Invert the sense of option test. */ -#define IPT_TCP_INV_MASK 0x0F /* All possible flags. */ - -/* UDP matching stuff */ -struct ipt_udp -{ - u_int16_t spts[2]; /* Source port range. */ - u_int16_t dpts[2]; /* Destination port range. */ - u_int8_t invflags; /* Inverse flags */ -}; - -/* Values for "invflags" field in struct ipt_udp. */ -#define IPT_UDP_INV_SRCPT 0x01 /* Invert the sense of source ports. */ -#define IPT_UDP_INV_DSTPT 0x02 /* Invert the sense of dest ports. */ -#define IPT_UDP_INV_MASK 0x03 /* All possible flags. */ +#define IPT_UDP_INV_SRCPT XT_UDP_INV_SRCPT +#define IPT_UDP_INV_DSTPT XT_UDP_INV_DSTPT +#define IPT_UDP_INV_MASK XT_UDP_INV_MASK /* ICMP matching stuff */ struct ipt_icmp @@ -250,25 +185,15 @@ struct ipt_replace /* Information about old entries: */ /* Number of counters (must be equal to current number of entries). */ unsigned int num_counters; - /* The old entries' counters. */ - struct ipt_counters *counters; + struct xt_counters *counters; /* The entries (hang off end: not really an array). */ struct ipt_entry entries[0]; }; /* The argument to IPT_SO_ADD_COUNTERS. */ -struct ipt_counters_info -{ - /* Which table. */ - char name[IPT_TABLE_MAXNAMELEN]; - - unsigned int num_counters; - - /* The counters (actually `number' of these). */ - struct ipt_counters counters[0]; -}; +#define ipt_counters_info xt_counters_info /* The argument to IPT_SO_GET_ENTRIES. */ struct ipt_get_entries @@ -283,19 +208,10 @@ struct ipt_get_entries struct ipt_entry entrytable[0]; }; -/* The argument to IPT_SO_GET_REVISION_*. Returns highest revision - * kernel supports, if >= revision. */ -struct ipt_get_revision -{ - char name[IPT_FUNCTION_MAXNAMELEN-1]; - - u_int8_t revision; -}; - /* Standard return verdict, or do jump. */ -#define IPT_STANDARD_TARGET "" +#define IPT_STANDARD_TARGET XT_STANDARD_TARGET /* Error verdict. */ -#define IPT_ERROR_TARGET "ERROR" +#define IPT_ERROR_TARGET XT_ERROR_TARGET /* Helper functions */ static __inline__ struct ipt_entry_target * diff --git a/include/linux/rtnetlink.h b/include/linux/rtnetlink.h index 05899b99b..1ec494ff1 100644 --- a/include/linux/rtnetlink.h +++ b/include/linux/rtnetlink.h @@ -3,6 +3,8 @@ #include #include +#include +#include /**** * Routing/neighbour discovery messages. diff --git a/include/linux/socket.h b/include/linux/socket.h index ee268f53f..1057869e1 100644 --- a/include/linux/socket.h +++ b/include/linux/socket.h @@ -16,273 +16,4 @@ struct __kernel_sockaddr_storage { /* _SS_MAXSIZE value minus size of ss_family */ } __attribute__ ((aligned(_K_SS_ALIGNSIZE))); /* force desired alignment */ -#if defined(__KERNEL__) || !defined(__GLIBC__) || (__GLIBC__ < 2) - -#include /* arch-dependent defines */ -#include /* the SIOCxxx I/O controls */ -#include /* iovec support */ -#include /* pid_t */ -#include /* __user */ - -extern int sysctl_somaxconn; -#ifdef CONFIG_PROC_FS -struct seq_file; -extern void socket_seq_show(struct seq_file *seq); -#endif - -typedef unsigned short sa_family_t; - -/* - * 1003.1g requires sa_family_t and that sa_data is char. - */ - -struct sockaddr { - sa_family_t sa_family; /* address family, AF_xxx */ - char sa_data[14]; /* 14 bytes of protocol address */ -}; - -struct linger { - int l_onoff; /* Linger active */ - int l_linger; /* How long to linger for */ -}; - -#define sockaddr_storage __kernel_sockaddr_storage - -/* - * As we do 4.4BSD message passing we use a 4.4BSD message passing - * system, not 4.3. Thus msg_accrights(len) are now missing. They - * belong in an obscure libc emulation or the bin. - */ - -struct msghdr { - void * msg_name; /* Socket name */ - int msg_namelen; /* Length of name */ - struct iovec * msg_iov; /* Data blocks */ - __kernel_size_t msg_iovlen; /* Number of blocks */ - void * msg_control; /* Per protocol magic (eg BSD file descriptor passing) */ - __kernel_size_t msg_controllen; /* Length of cmsg list */ - unsigned msg_flags; -}; - -/* - * POSIX 1003.1g - ancillary data object information - * Ancillary data consits of a sequence of pairs of - * (cmsghdr, cmsg_data[]) - */ - -struct cmsghdr { - __kernel_size_t cmsg_len; /* data byte count, including hdr */ - int cmsg_level; /* originating protocol */ - int cmsg_type; /* protocol-specific type */ -}; - -/* - * Ancilliary data object information MACROS - * Table 5-14 of POSIX 1003.1g - */ - -#define __CMSG_NXTHDR(ctl, len, cmsg) __cmsg_nxthdr((ctl),(len),(cmsg)) -#define CMSG_NXTHDR(mhdr, cmsg) cmsg_nxthdr((mhdr), (cmsg)) - -#define CMSG_ALIGN(len) ( ((len)+sizeof(long)-1) & ~(sizeof(long)-1) ) - -#define CMSG_DATA(cmsg) ((void *)((char *)(cmsg) + CMSG_ALIGN(sizeof(struct cmsghdr)))) -#define CMSG_SPACE(len) (CMSG_ALIGN(sizeof(struct cmsghdr)) + CMSG_ALIGN(len)) -#define CMSG_LEN(len) (CMSG_ALIGN(sizeof(struct cmsghdr)) + (len)) - -#define __CMSG_FIRSTHDR(ctl,len) ((len) >= sizeof(struct cmsghdr) ? \ - (struct cmsghdr *)(ctl) : \ - (struct cmsghdr *)NULL) -#define CMSG_FIRSTHDR(msg) __CMSG_FIRSTHDR((msg)->msg_control, (msg)->msg_controllen) -#define CMSG_OK(mhdr, cmsg) ((cmsg)->cmsg_len >= sizeof(struct cmsghdr) && \ - (cmsg)->cmsg_len <= (unsigned long) \ - ((mhdr)->msg_controllen - \ - ((char *)(cmsg) - (char *)(mhdr)->msg_control))) - -/* - * This mess will go away with glibc - */ - -#if defined(__GNUC__) -#define __KINLINE static __inline__ -#elif defined(__cplusplus) -#define __KINLINE static inline -#else -#define __KINLINE static -#endif - - -/* - * Get the next cmsg header - * - * PLEASE, do not touch this function. If you think, that it is - * incorrect, grep kernel sources and think about consequences - * before trying to improve it. - * - * Now it always returns valid, not truncated ancillary object - * HEADER. But caller still MUST check, that cmsg->cmsg_len is - * inside range, given by msg->msg_controllen before using - * ancillary object DATA. --ANK (980731) - */ - -__KINLINE struct cmsghdr * __cmsg_nxthdr(void *__ctl, __kernel_size_t __size, - struct cmsghdr *__cmsg) -{ - struct cmsghdr * __ptr; - - __ptr = (struct cmsghdr*)(((unsigned char *) __cmsg) + CMSG_ALIGN(__cmsg->cmsg_len)); - if ((unsigned long)((char*)(__ptr+1) - (char *) __ctl) > __size) - return (struct cmsghdr *)0; - - return __ptr; -} - -__KINLINE struct cmsghdr * cmsg_nxthdr (struct msghdr *__msg, struct cmsghdr *__cmsg) -{ - return __cmsg_nxthdr(__msg->msg_control, __msg->msg_controllen, __cmsg); -} - -/* "Socket"-level control message types: */ - -#define SCM_RIGHTS 0x01 /* rw: access rights (array of int) */ -#define SCM_CREDENTIALS 0x02 /* rw: struct ucred */ -#define SCM_SECURITY 0x03 /* rw: security label */ - -struct ucred { - __u32 pid; - __u32 uid; - __u32 gid; -}; - -/* Supported address families. */ -#define AF_UNSPEC 0 -#define AF_UNIX 1 /* Unix domain sockets */ -#define AF_LOCAL 1 /* POSIX name for AF_UNIX */ -#define AF_INET 2 /* Internet IP Protocol */ -#define AF_AX25 3 /* Amateur Radio AX.25 */ -#define AF_IPX 4 /* Novell IPX */ -#define AF_APPLETALK 5 /* AppleTalk DDP */ -#define AF_NETROM 6 /* Amateur Radio NET/ROM */ -#define AF_BRIDGE 7 /* Multiprotocol bridge */ -#define AF_ATMPVC 8 /* ATM PVCs */ -#define AF_X25 9 /* Reserved for X.25 project */ -#define AF_INET6 10 /* IP version 6 */ -#define AF_ROSE 11 /* Amateur Radio X.25 PLP */ -#define AF_DECnet 12 /* Reserved for DECnet project */ -#define AF_NETBEUI 13 /* Reserved for 802.2LLC project*/ -#define AF_SECURITY 14 /* Security callback pseudo AF */ -#define AF_KEY 15 /* PF_KEY key management API */ -#define AF_NETLINK 16 -#define AF_ROUTE AF_NETLINK /* Alias to emulate 4.4BSD */ -#define AF_PACKET 17 /* Packet family */ -#define AF_ASH 18 /* Ash */ -#define AF_ECONET 19 /* Acorn Econet */ -#define AF_ATMSVC 20 /* ATM SVCs */ -#define AF_SNA 22 /* Linux SNA Project (nutters!) */ -#define AF_IRDA 23 /* IRDA sockets */ -#define AF_PPPOX 24 /* PPPoX sockets */ -#define AF_WANPIPE 25 /* Wanpipe API Sockets */ -#define AF_LLC 26 /* Linux LLC */ -#define AF_TIPC 30 /* TIPC sockets */ -#define AF_BLUETOOTH 31 /* Bluetooth sockets */ -#define AF_MAX 32 /* For now.. */ - -/* Protocol families, same as address families. */ -#define PF_UNSPEC AF_UNSPEC -#define PF_UNIX AF_UNIX -#define PF_LOCAL AF_LOCAL -#define PF_INET AF_INET -#define PF_AX25 AF_AX25 -#define PF_IPX AF_IPX -#define PF_APPLETALK AF_APPLETALK -#define PF_NETROM AF_NETROM -#define PF_BRIDGE AF_BRIDGE -#define PF_ATMPVC AF_ATMPVC -#define PF_X25 AF_X25 -#define PF_INET6 AF_INET6 -#define PF_ROSE AF_ROSE -#define PF_DECnet AF_DECnet -#define PF_NETBEUI AF_NETBEUI -#define PF_SECURITY AF_SECURITY -#define PF_KEY AF_KEY -#define PF_NETLINK AF_NETLINK -#define PF_ROUTE AF_ROUTE -#define PF_PACKET AF_PACKET -#define PF_ASH AF_ASH -#define PF_ECONET AF_ECONET -#define PF_ATMSVC AF_ATMSVC -#define PF_SNA AF_SNA -#define PF_IRDA AF_IRDA -#define PF_PPPOX AF_PPPOX -#define PF_WANPIPE AF_WANPIPE -#define PF_LLC AF_LLC -#define PF_TIPC AF_TIPC -#define PF_BLUETOOTH AF_BLUETOOTH -#define PF_MAX AF_MAX - -/* Maximum queue length specifiable by listen. */ -#define SOMAXCONN 128 - -/* Flags we can use with send/ and recv. - Added those for 1003.1g not all are supported yet - */ - -#define MSG_OOB 1 -#define MSG_PEEK 2 -#define MSG_DONTROUTE 4 -#define MSG_TRYHARD 4 /* Synonym for MSG_DONTROUTE for DECnet */ -#define MSG_CTRUNC 8 -#define MSG_PROBE 0x10 /* Do not send. Only probe path f.e. for MTU */ -#define MSG_TRUNC 0x20 -#define MSG_DONTWAIT 0x40 /* Nonblocking io */ -#define MSG_EOR 0x80 /* End of record */ -#define MSG_WAITALL 0x100 /* Wait for a full request */ -#define MSG_FIN 0x200 -#define MSG_SYN 0x400 -#define MSG_CONFIRM 0x800 /* Confirm path validity */ -#define MSG_RST 0x1000 -#define MSG_ERRQUEUE 0x2000 /* Fetch message from error queue */ -#define MSG_NOSIGNAL 0x4000 /* Do not generate SIGPIPE */ -#define MSG_MORE 0x8000 /* Sender will send more */ - -#define MSG_EOF MSG_FIN - -#if defined(CONFIG_COMPAT) -#define MSG_CMSG_COMPAT 0x80000000 /* This message needs 32 bit fixups */ -#else -#define MSG_CMSG_COMPAT 0 /* We never have 32 bit fixups */ -#endif - - -/* Setsockoptions(2) level. Thanks to BSD these must match IPPROTO_xxx */ -#define SOL_IP 0 -/* #define SOL_ICMP 1 No-no-no! Due to Linux :-) we cannot use SOL_ICMP=1 */ -#define SOL_TCP 6 -#define SOL_UDP 17 -#define SOL_IPV6 41 -#define SOL_ICMPV6 58 -#define SOL_SCTP 132 -#define SOL_UDPLITE 136 /* UDP-Lite (RFC 3828) */ -#define SOL_RAW 255 -#define SOL_IPX 256 -#define SOL_AX25 257 -#define SOL_ATALK 258 -#define SOL_NETROM 259 -#define SOL_ROSE 260 -#define SOL_DECNET 261 -#define SOL_X25 262 -#define SOL_PACKET 263 -#define SOL_ATM 264 /* ATM layer (cell level) */ -#define SOL_AAL 265 /* ATM Adaption Layer (packet level) */ -#define SOL_IRDA 266 -#define SOL_NETBEUI 267 -#define SOL_LLC 268 -#define SOL_DCCP 269 -#define SOL_NETLINK 270 -#define SOL_TIPC 271 - -/* IPX options */ -#define IPX_TYPE 1 - -#endif /* not kernel and not glibc */ #endif /* _LINUX_SOCKET_H */ diff --git a/include/linux/xfrm.h b/include/linux/xfrm.h index 5fb58b759..1f64b680f 100644 --- a/include/linux/xfrm.h +++ b/include/linux/xfrm.h @@ -356,7 +356,7 @@ struct xfrm_user_report { #define XFRMGRP_EXPIRE 2 #define XFRMGRP_SA 4 #define XFRMGRP_POLICY 8 -#define XFRMGRP_REPORT 0x10 +#define XFRMGRP_REPORT 0x20 enum xfrm_nlgroups { XFRMNLGRP_NONE,