[deliverable/linux.git] / net / core / skbuff.c

/*
 *	Routines having to do with the 'struct sk_buff' memory handlers.
 *
 *	Authors:	Alan Cox <iiitac@pyr.swan.ac.uk>
 *			Florian La Roche <rzsfl@rz.uni-sb.de>
 *
 *	Version:	$Id: skbuff.c,v 1.90 2001/11/07 05:56:19 davem Exp $
 *
 *	Fixes:
 *		Alan Cox	:	Fixed the worst of the load
 *					balancer bugs.
 *		Dave Platt	:	Interrupt stacking fix.
 *	Richard Kooijman	:	Timestamp fixes.
 *		Alan Cox	:	Changed buffer format.
 *		Alan Cox	:	destructor hook for AF_UNIX etc.
 *		Linus Torvalds	:	Better skb_clone.
 *		Alan Cox	:	Added skb_copy.
 *		Alan Cox	:	Added all the changed routines Linus
 *					only put in the headers
 *		Ray VanTassle	:	Fixed --skb->lock in free
 *		Alan Cox	:	skb_copy copy arp field
 *		Andi Kleen	:	slabified it.
 *		Robert Olsson	:	Removed skb_head_pool
 *
 *	NOTE:
 *		The __skb_ routines should be called with interrupts
 *	disabled, or you better be *real* sure that the operation is atomic
 *	with respect to whatever list is being frobbed (e.g. via lock_sock()
 *	or via disabling bottom half handlers, etc).
 *
 *	This program is free software; you can redistribute it and/or
 *	modify it under the terms of the GNU General Public License
 *	as published by the Free Software Foundation; either version
 *	2 of the License, or (at your option) any later version.
 */

/*
 *	The functions in this file will not compile correctly with gcc 2.4.x
 */

#include <linux/config.h>
#include <linux/module.h>
#include <linux/types.h>
#include <linux/kernel.h>
#include <linux/sched.h>
#include <linux/mm.h>
#include <linux/interrupt.h>
#include <linux/in.h>
#include <linux/inet.h>
#include <linux/slab.h>
#include <linux/netdevice.h>
#ifdef CONFIG_NET_CLS_ACT
#include <net/pkt_sched.h>
#endif
#include <linux/string.h>
#include <linux/skbuff.h>
#include <linux/cache.h>
#include <linux/rtnetlink.h>
#include <linux/init.h>
#include <linux/highmem.h>

#include <net/protocol.h>
#include <net/dst.h>
#include <net/sock.h>
#include <net/checksum.h>
#include <net/xfrm.h>

#include <asm/uaccess.h>
#include <asm/system.h>

static kmem_cache_t *skbuff_head_cache __read_mostly;
static kmem_cache_t *skbuff_fclone_cache __read_mostly;

/*
 *	Keep out-of-line to prevent kernel bloat.
 *	__builtin_return_address is not used because it is not always
 *	reliable.
 */

/**
 *	skb_over_panic	- 	private function
 *	@skb: buffer
 *	@sz: size
 *	@here: address
 *
 *	Out of line support code for skb_put(). Not user callable.
 */
void skb_over_panic(struct sk_buff *skb, int sz, void *here)
{
	printk(KERN_EMERG "skb_over_panic: text:%p len:%d put:%d head:%p "
	                  "data:%p tail:%p end:%p dev:%s\n",
	       here, skb->len, sz, skb->head, skb->data, skb->tail, skb->end,
	       skb->dev ? skb->dev->name : "<NULL>");
	BUG();
}

/**
 *	skb_under_panic	- 	private function
 *	@skb: buffer
 *	@sz: size
 *	@here: address
 *
 *	Out of line support code for skb_push(). Not user callable.
 */

void skb_under_panic(struct sk_buff *skb, int sz, void *here)
{
	printk(KERN_EMERG "skb_under_panic: text:%p len:%d put:%d head:%p "
	                  "data:%p tail:%p end:%p dev:%s\n",
	       here, skb->len, sz, skb->head, skb->data, skb->tail, skb->end,
	       skb->dev ? skb->dev->name : "<NULL>");
	BUG();
}

void skb_truesize_bug(struct sk_buff *skb)
{
	printk(KERN_ERR "SKB BUG: Invalid truesize (%u) "
	       "len=%u, sizeof(sk_buff)=%Zd\n",
	       skb->truesize, skb->len, sizeof(struct sk_buff));
}
EXPORT_SYMBOL(skb_truesize_bug);

/* 	Allocate a new skbuff. We do this ourselves so we can fill in a few
 *	'private' fields and also do memory statistics to find all the
 *	[BEEP] leaks.
 *
 */

/**
 *	__alloc_skb	-	allocate a network buffer
 *	@size: size to allocate
 *	@gfp_mask: allocation mask
 *	@fclone: allocate from fclone cache instead of head cache
 *		and allocate a cloned (child) skb
 *
 *	Allocate a new &sk_buff. The returned buffer has no headroom and a
 *	tail room of size bytes. The object has a reference count of one.
 *	The return is the buffer. On a failure the return is %NULL.
 *
 *	Buffers may only be allocated from interrupts using a @gfp_mask of
 *	%GFP_ATOMIC.
 */
struct sk_buff *__alloc_skb(unsigned int size, gfp_t gfp_mask,
			    int fclone)
{
	kmem_cache_t *cache;
	struct skb_shared_info *shinfo;
	struct sk_buff *skb;
	u8 *data;

	cache = fclone ? skbuff_fclone_cache : skbuff_head_cache;

	/* Get the HEAD */
	skb = kmem_cache_alloc(cache, gfp_mask & ~__GFP_DMA);
	if (!skb)
		goto out;

	/* Get the DATA. Size must match skb_add_mtu(). */
	size = SKB_DATA_ALIGN(size);
	data = ____kmalloc(size + sizeof(struct skb_shared_info), gfp_mask);
	if (!data)
		goto nodata;

	memset(skb, 0, offsetof(struct sk_buff, truesize));
	skb->truesize = size + sizeof(struct sk_buff);
	atomic_set(&skb->users, 1);
	skb->head = data;
	skb->data = data;
	skb->tail = data;
	skb->end  = data + size;
	/* make sure we initialize shinfo sequentially */
	shinfo = skb_shinfo(skb);
	atomic_set(&shinfo->dataref, 1);
	shinfo->nr_frags  = 0;
	shinfo->tso_size = 0;
	shinfo->tso_segs = 0;
	shinfo->ufo_size = 0;
	shinfo->ip6_frag_id = 0;
	shinfo->frag_list = NULL;

	if (fclone) {
		struct sk_buff *child = skb + 1;
		atomic_t *fclone_ref = (atomic_t *) (child + 1);

		skb->fclone = SKB_FCLONE_ORIG;
		atomic_set(fclone_ref, 1);

		child->fclone = SKB_FCLONE_UNAVAILABLE;
	}
out:
	return skb;
nodata:
	kmem_cache_free(cache, skb);
	skb = NULL;
	goto out;
}

/**
 *	alloc_skb_from_cache	-	allocate a network buffer
 *	@cp: kmem_cache from which to allocate the data area
 *           (object size must be big enough for @size bytes + skb overheads)
 *	@size: size to allocate
 *	@gfp_mask: allocation mask
 *
 *	Allocate a new &sk_buff. The returned buffer has no headroom and
 *	tail room of size bytes. The object has a reference count of one.
 *	The return is the buffer. On a failure the return is %NULL.
 *
 *	Buffers may only be allocated from interrupts using a @gfp_mask of
 *	%GFP_ATOMIC.
 */
struct sk_buff *alloc_skb_from_cache(kmem_cache_t *cp,
				     unsigned int size,
				     gfp_t gfp_mask)
{
	struct sk_buff *skb;
	u8 *data;

	/* Get the HEAD */
	skb = kmem_cache_alloc(skbuff_head_cache,
			       gfp_mask & ~__GFP_DMA);
	if (!skb)
		goto out;

	/* Get the DATA. */
	size = SKB_DATA_ALIGN(size);
	data = kmem_cache_alloc(cp, gfp_mask);
	if (!data)
		goto nodata;

	memset(skb, 0, offsetof(struct sk_buff, truesize));
	skb->truesize = size + sizeof(struct sk_buff);
	atomic_set(&skb->users, 1);
	skb->head = data;
	skb->data = data;
	skb->tail = data;
	skb->end  = data + size;

	atomic_set(&(skb_shinfo(skb)->dataref), 1);
	skb_shinfo(skb)->nr_frags  = 0;
	skb_shinfo(skb)->tso_size = 0;
	skb_shinfo(skb)->tso_segs = 0;
	skb_shinfo(skb)->frag_list = NULL;
out:
	return skb;
nodata:
	kmem_cache_free(skbuff_head_cache, skb);
	skb = NULL;
	goto out;
}


static void skb_drop_fraglist(struct sk_buff *skb)
{
	struct sk_buff *list = skb_shinfo(skb)->frag_list;

	skb_shinfo(skb)->frag_list = NULL;

	do {
		struct sk_buff *this = list;
		list = list->next;
		kfree_skb(this);
	} while (list);
}

static void skb_clone_fraglist(struct sk_buff *skb)
{
	struct sk_buff *list;

	for (list = skb_shinfo(skb)->frag_list; list; list = list->next)
		skb_get(list);
}

void skb_release_data(struct sk_buff *skb)
{
	if (!skb->cloned ||
	    !atomic_sub_return(skb->nohdr ? (1 << SKB_DATAREF_SHIFT) + 1 : 1,
			       &skb_shinfo(skb)->dataref)) {
		if (skb_shinfo(skb)->nr_frags) {
			int i;
			for (i = 0; i < skb_shinfo(skb)->nr_frags; i++)
				put_page(skb_shinfo(skb)->frags[i].page);
		}

		if (skb_shinfo(skb)->frag_list)
			skb_drop_fraglist(skb);

		kfree(skb->head);
	}
}

/*
 *	Free an skbuff by memory without cleaning the state.
 */
void kfree_skbmem(struct sk_buff *skb)
{
	struct sk_buff *other;
	atomic_t *fclone_ref;

	skb_release_data(skb);
	switch (skb->fclone) {
	case SKB_FCLONE_UNAVAILABLE:
		kmem_cache_free(skbuff_head_cache, skb);
		break;

	case SKB_FCLONE_ORIG:
		fclone_ref = (atomic_t *) (skb + 2);
		if (atomic_dec_and_test(fclone_ref))
			kmem_cache_free(skbuff_fclone_cache, skb);
		break;

	case SKB_FCLONE_CLONE:
		fclone_ref = (atomic_t *) (skb + 1);
		other = skb - 1;

		/* The clone portion is available for
		 * fast-cloning again.
		 */
		skb->fclone = SKB_FCLONE_UNAVAILABLE;

		if (atomic_dec_and_test(fclone_ref))
			kmem_cache_free(skbuff_fclone_cache, other);
		break;
	};
}

/**
 *	__kfree_skb - private function
 *	@skb: buffer
 *
 *	Free an sk_buff. Release anything attached to the buffer.
 *	Clean the state. This is an internal helper function. Users should
 *	always call kfree_skb
 */

void __kfree_skb(struct sk_buff *skb)
{
	dst_release(skb->dst);
#ifdef CONFIG_XFRM
	secpath_put(skb->sp);
#endif
	if (skb->destructor) {
		WARN_ON(in_irq());
		skb->destructor(skb);
	}
#ifdef CONFIG_NETFILTER
	nf_conntrack_put(skb->nfct);
#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
	nf_conntrack_put_reasm(skb->nfct_reasm);
#endif
#ifdef CONFIG_BRIDGE_NETFILTER
	nf_bridge_put(skb->nf_bridge);
#endif
#endif
/* XXX: IS this still necessary? - JHS */
#ifdef CONFIG_NET_SCHED
	skb->tc_index = 0;
#ifdef CONFIG_NET_CLS_ACT
	skb->tc_verd = 0;
#endif
#endif

	kfree_skbmem(skb);
}
Commit	Line	Data
1da177e4 LT	1	/*
	2	* Routines having to do with the 'struct sk_buff' memory handlers.
	3	*
	4	* Authors: Alan Cox <iiitac@pyr.swan.ac.uk>
	5	* Florian La Roche <rzsfl@rz.uni-sb.de>
	6	*
	7	* Version: $Id: skbuff.c,v 1.90 2001/11/07 05:56:19 davem Exp $
	8	*
	9	* Fixes:
	10	* Alan Cox : Fixed the worst of the load
	11	* balancer bugs.
	12	* Dave Platt : Interrupt stacking fix.
	13	* Richard Kooijman : Timestamp fixes.
	14	* Alan Cox : Changed buffer format.
	15	* Alan Cox : destructor hook for AF_UNIX etc.
	16	* Linus Torvalds : Better skb_clone.
	17	* Alan Cox : Added skb_copy.
	18	* Alan Cox : Added all the changed routines Linus
	19	* only put in the headers
	20	* Ray VanTassle : Fixed --skb->lock in free
	21	* Alan Cox : skb_copy copy arp field
	22	* Andi Kleen : slabified it.
	23	* Robert Olsson : Removed skb_head_pool
	24	*
	25	* NOTE:
	26	* The __skb_ routines should be called with interrupts
	27	* disabled, or you better be real sure that the operation is atomic
	28	* with respect to whatever list is being frobbed (e.g. via lock_sock()
	29	* or via disabling bottom half handlers, etc).
	30	*
	31	* This program is free software; you can redistribute it and/or
	32	* modify it under the terms of the GNU General Public License
	33	* as published by the Free Software Foundation; either version
	34	* 2 of the License, or (at your option) any later version.
	35	*/
	36
	37	/*
	38	* The functions in this file will not compile correctly with gcc 2.4.x
	39	*/
	40
	41	#include <linux/config.h>
	42	#include <linux/module.h>
	43	#include <linux/types.h>
	44	#include <linux/kernel.h>
	45	#include <linux/sched.h>
	46	#include <linux/mm.h>
	47	#include <linux/interrupt.h>
	48	#include <linux/in.h>
	49	#include <linux/inet.h>
	50	#include <linux/slab.h>
	51	#include <linux/netdevice.h>
	52	#ifdef CONFIG_NET_CLS_ACT
	53	#include <net/pkt_sched.h>
	54	#endif
	55	#include <linux/string.h>
	56	#include <linux/skbuff.h>
	57	#include <linux/cache.h>
	58	#include <linux/rtnetlink.h>
	59	#include <linux/init.h>
	60	#include <linux/highmem.h>
	61
	62	#include <net/protocol.h>
	63	#include <net/dst.h>
	64	#include <net/sock.h>
65	#include <net/checksum.h>
66	#include <net/xfrm.h>
67
68	#include <asm/uaccess.h>
69	#include <asm/system.h>
70
ba89966c ED	71	static kmem_cache_t *skbuff_head_cache __read_mostly;
ba89966c ED	72	static kmem_cache_t *skbuff_fclone_cache __read_mostly;
1da177e4 LT	73
	74	/*
	75	* Keep out-of-line to prevent kernel bloat.
	76	* __builtin_return_address is not used because it is not always
	77	* reliable.
	78	*/
	79
	80	/**
	81	* skb_over_panic - private function
	82	* @skb: buffer
	83	* @sz: size
	84	* @here: address
	85	*
	86	* Out of line support code for skb_put(). Not user callable.
	87	*/
	88	void skb_over_panic(struct sk_buff skb, int sz, void here)
	89	{
26095455 PM	90	printk(KERN_EMERG "skb_over_panic: text:%p len:%d put:%d head:%p "
	91	"data:%p tail:%p end:%p dev:%s\n",
	92	here, skb->len, sz, skb->head, skb->data, skb->tail, skb->end,
	93	skb->dev ? skb->dev->name : "<NULL>");
1da177e4 LT	94	BUG();
	95	}
	96
	97	/**
	98	* skb_under_panic - private function
	99	* @skb: buffer
	100	* @sz: size
	101	* @here: address
	102	*
	103	* Out of line support code for skb_push(). Not user callable.
	104	*/
	105
	106	void skb_under_panic(struct sk_buff skb, int sz, void here)
	107	{
26095455 PM	108	printk(KERN_EMERG "skb_under_panic: text:%p len:%d put:%d head:%p "
	109	"data:%p tail:%p end:%p dev:%s\n",
	110	here, skb->len, sz, skb->head, skb->data, skb->tail, skb->end,
	111	skb->dev ? skb->dev->name : "<NULL>");
1da177e4 LT	112	BUG();
	113	}
	114
dc6de336 DM	115	void skb_truesize_bug(struct sk_buff *skb)
	116	{
	117	printk(KERN_ERR "SKB BUG: Invalid truesize (%u) "
	118	"len=%u, sizeof(sk_buff)=%Zd\n",
	119	skb->truesize, skb->len, sizeof(struct sk_buff));
	120	}
	121	EXPORT_SYMBOL(skb_truesize_bug);
	122
1da177e4 LT	123	/* Allocate a new skbuff. We do this ourselves so we can fill in a few
	124	* 'private' fields and also do memory statistics to find all the
	125	* [BEEP] leaks.
	126	*
	127	*/
	128
	129	/**
d179cd12	130	* __alloc_skb - allocate a network buffer
1da177e4 LT	131	* @size: size to allocate
1da177e4 LT	132	* @gfp_mask: allocation mask
c83c2486 RD	133	* @fclone: allocate from fclone cache instead of head cache
c83c2486 RD	134	* and allocate a cloned (child) skb
1da177e4 LT	135	*
	136	* Allocate a new &sk_buff. The returned buffer has no headroom and a
	137	* tail room of size bytes. The object has a reference count of one.
	138	* The return is the buffer. On a failure the return is %NULL.
	139	*
	140	* Buffers may only be allocated from interrupts using a @gfp_mask of
	141	* %GFP_ATOMIC.
	142	*/
dd0fc66f	143	struct sk_buff *__alloc_skb(unsigned int size, gfp_t gfp_mask,
d179cd12	144	int fclone)
1da177e4	145	{
8798b3fb	146	kmem_cache_t *cache;
4947d3ef	147	struct skb_shared_info *shinfo;
1da177e4 LT	148	struct sk_buff *skb;
	149	u8 *data;
	150
8798b3fb HX	151	cache = fclone ? skbuff_fclone_cache : skbuff_head_cache;
8798b3fb HX	152
1da177e4	153	/* Get the HEAD */
8798b3fb	154	skb = kmem_cache_alloc(cache, gfp_mask & ~__GFP_DMA);
1da177e4 LT	155	if (!skb)
	156	goto out;
	157
	158	/* Get the DATA. Size must match skb_add_mtu(). */
	159	size = SKB_DATA_ALIGN(size);
871751e2	160	data = ____kmalloc(size + sizeof(struct skb_shared_info), gfp_mask);
1da177e4 LT	161	if (!data)
	162	goto nodata;
	163
	164	memset(skb, 0, offsetof(struct sk_buff, truesize));
	165	skb->truesize = size + sizeof(struct sk_buff);
	166	atomic_set(&skb->users, 1);
	167	skb->head = data;
	168	skb->data = data;
	169	skb->tail = data;
	170	skb->end = data + size;
4947d3ef BL	171	/* make sure we initialize shinfo sequentially */
	172	shinfo = skb_shinfo(skb);
	173	atomic_set(&shinfo->dataref, 1);
	174	shinfo->nr_frags = 0;
	175	shinfo->tso_size = 0;
	176	shinfo->tso_segs = 0;
	177	shinfo->ufo_size = 0;
	178	shinfo->ip6_frag_id = 0;
	179	shinfo->frag_list = NULL;
	180
d179cd12 DM	181	if (fclone) {
	182	struct sk_buff *child = skb + 1;
	183	atomic_t fclone_ref = (atomic_t ) (child + 1);
1da177e4	184
d179cd12 DM	185	skb->fclone = SKB_FCLONE_ORIG;
	186	atomic_set(fclone_ref, 1);
	187
	188	child->fclone = SKB_FCLONE_UNAVAILABLE;
	189	}
1da177e4 LT	190	out:
	191	return skb;
	192	nodata:
8798b3fb	193	kmem_cache_free(cache, skb);
1da177e4 LT	194	skb = NULL;
	195	goto out;
	196	}
	197
	198	/**
	199	* alloc_skb_from_cache - allocate a network buffer
	200	* @cp: kmem_cache from which to allocate the data area
	201	* (object size must be big enough for @size bytes + skb overheads)
	202	* @size: size to allocate
	203	* @gfp_mask: allocation mask
	204	*
	205	* Allocate a new &sk_buff. The returned buffer has no headroom and
	206	* tail room of size bytes. The object has a reference count of one.
	207	* The return is the buffer. On a failure the return is %NULL.
	208	*
	209	* Buffers may only be allocated from interrupts using a @gfp_mask of
	210	* %GFP_ATOMIC.
	211	*/
	212	struct sk_buff alloc_skb_from_cache(kmem_cache_t cp,
86a76caf	213	unsigned int size,
dd0fc66f	214	gfp_t gfp_mask)
1da177e4 LT	215	{
	216	struct sk_buff *skb;
	217	u8 *data;
	218
	219	/* Get the HEAD */
	220	skb = kmem_cache_alloc(skbuff_head_cache,
	221	gfp_mask & ~__GFP_DMA);
	222	if (!skb)
	223	goto out;
	224
	225	/* Get the DATA. */
	226	size = SKB_DATA_ALIGN(size);
	227	data = kmem_cache_alloc(cp, gfp_mask);
	228	if (!data)
	229	goto nodata;
	230
	231	memset(skb, 0, offsetof(struct sk_buff, truesize));
	232	skb->truesize = size + sizeof(struct sk_buff);
	233	atomic_set(&skb->users, 1);
	234	skb->head = data;
	235	skb->data = data;
	236	skb->tail = data;
	237	skb->end = data + size;
	238
	239	atomic_set(&(skb_shinfo(skb)->dataref), 1);
	240	skb_shinfo(skb)->nr_frags = 0;
	241	skb_shinfo(skb)->tso_size = 0;
	242	skb_shinfo(skb)->tso_segs = 0;
	243	skb_shinfo(skb)->frag_list = NULL;
	244	out:
	245	return skb;
	246	nodata:
	247	kmem_cache_free(skbuff_head_cache, skb);
	248	skb = NULL;
	249	goto out;
	250	}
	251
	252
	253	static void skb_drop_fraglist(struct sk_buff *skb)
	254	{
	255	struct sk_buff *list = skb_shinfo(skb)->frag_list;
	256
	257	skb_shinfo(skb)->frag_list = NULL;
	258
	259	do {
	260	struct sk_buff *this = list;
	261	list = list->next;
	262	kfree_skb(this);
	263	} while (list);
	264	}
	265
	266	static void skb_clone_fraglist(struct sk_buff *skb)
	267	{
	268	struct sk_buff *list;
	269
	270	for (list = skb_shinfo(skb)->frag_list; list; list = list->next)
	271	skb_get(list);
	272	}
	273
	274	void skb_release_data(struct sk_buff *skb)
	275	{
	276	if (!skb->cloned \|\|
	277	!atomic_sub_return(skb->nohdr ? (1 << SKB_DATAREF_SHIFT) + 1 : 1,
	278	&skb_shinfo(skb)->dataref)) {
279	if (skb_shinfo(skb)->nr_frags) {
280	int i;
281	for (i = 0; i < skb_shinfo(skb)->nr_frags; i++)
282	put_page(skb_shinfo(skb)->frags[i].page);
283	}
284
285	if (skb_shinfo(skb)->frag_list)
286	skb_drop_fraglist(skb);
287
288	kfree(skb->head);
289	}
290	}
291
292	/*
293	* Free an skbuff by memory without cleaning the state.
294	*/
295	void kfree_skbmem(struct sk_buff *skb)
296	{
d179cd12 DM	297	struct sk_buff *other;
	298	atomic_t *fclone_ref;
	299
1da177e4	300	skb_release_data(skb);
d179cd12 DM	301	switch (skb->fclone) {
	302	case SKB_FCLONE_UNAVAILABLE:
	303	kmem_cache_free(skbuff_head_cache, skb);
	304	break;
	305
	306	case SKB_FCLONE_ORIG:
	307	fclone_ref = (atomic_t *) (skb + 2);
	308	if (atomic_dec_and_test(fclone_ref))
	309	kmem_cache_free(skbuff_fclone_cache, skb);
	310	break;
	311
	312	case SKB_FCLONE_CLONE:
	313	fclone_ref = (atomic_t *) (skb + 1);
	314	other = skb - 1;
	315
	316	/* The clone portion is available for
	317	* fast-cloning again.
	318	*/
	319	skb->fclone = SKB_FCLONE_UNAVAILABLE;
	320
	321	if (atomic_dec_and_test(fclone_ref))
	322	kmem_cache_free(skbuff_fclone_cache, other);
	323	break;
	324	};
1da177e4 LT	325	}
	326
	327	/**
	328	* __kfree_skb - private function
	329	* @skb: buffer
	330	*
	331	* Free an sk_buff. Release anything attached to the buffer.
	332	* Clean the state. This is an internal helper function. Users should
	333	* always call kfree_skb
	334	*/
	335
	336	void __kfree_skb(struct sk_buff *skb)
	337	{
1da177e4 LT	338	dst_release(skb->dst);
	339	#ifdef CONFIG_XFRM
	340	secpath_put(skb->sp);
	341	#endif
9c2b3328 SH	342	if (skb->destructor) {
9c2b3328 SH	343	WARN_ON(in_irq());
1da177e4 LT	344	skb->destructor(skb);
	345	}
	346	#ifdef CONFIG_NETFILTER
	347	nf_conntrack_put(skb->nfct);
9fb9cbb1 YK	348	#if defined(CONFIG_NF_CONNTRACK) \|\| defined(CONFIG_NF_CONNTRACK_MODULE)
	349	nf_conntrack_put_reasm(skb->nfct_reasm);
	350	#endif
1da177e4 LT	351	#ifdef CONFIG_BRIDGE_NETFILTER
	352	nf_bridge_put(skb->nf_bridge);
	353	#endif
	354	#endif
	355	/* XXX: IS this still necessary? - JHS */
	356	#ifdef CONFIG_NET_SCHED
	357	skb->tc_index = 0;
	358	#ifdef CONFIG_NET_CLS_ACT
	359	skb->tc_verd = 0;
1da177e4 LT	360	#endif
	361	#endif
	362
	363	kfree_skbmem(skb);
	364	}
	365