summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* SELinux: Fix SA selection semanticsVenkat Yekkirala2006-12-026-93/+70
| | | | | | | | | | | | | | | | | | | | | Fix the selection of an SA for an outgoing packet to be at the same context as the originating socket/flow. This eliminates the SELinux policy's ability to use/sendto SAs with contexts other than the socket's. With this patch applied, the SELinux policy will require one or more of the following for a socket to be able to communicate with/without SAs: 1. To enable a socket to communicate without using labeled-IPSec SAs: allow socket_t unlabeled_t:association { sendto recvfrom } 2. To enable a socket to communicate with labeled-IPSec SAs: allow socket_t self:association { sendto }; allow socket_t peer_sa_t:association { recvfrom }; Signed-off-by: Venkat Yekkirala <vyekkirala@TrustedCS.com> Signed-off-by: James Morris <jmorris@namei.org>
* SELinux: Return correct context for SO_PEERSECVenkat Yekkirala2006-12-027-48/+50
| | | | | | | | | Fix SO_PEERSEC for tcp sockets to return the security context of the peer (as represented by the SA from the peer) as opposed to the SA used by the local/source socket. Signed-off-by: Venkat Yekkirala <vyekkirala@TrustedCS.com> Signed-off-by: James Morris <jmorris@namei.org>
* SELinux: Various xfrm labeling fixesVenkat Yekkirala2006-12-024-41/+23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since the upstreaming of the mlsxfrm modification a few months back, testing has resulted in the identification of the following issues/bugs that are resolved in this patch set. 1. Fix the security context used in the IKE negotiation to be the context of the socket as opposed to the context of the SPD rule. 2. Fix SO_PEERSEC for tcp sockets to return the security context of the peer as opposed to the source. 3. Fix the selection of an SA for an outgoing packet to be at the same context as the originating socket/flow. The following would be the result of applying this patchset: - SO_PEERSEC will now correctly return the peer's context. - IKE deamons will receive the context of the source socket/flow as opposed to the SPD rule's context so that the negotiated SA will be at the same context as the source socket/flow. - The SELinux policy will require one or more of the following for a socket to be able to communicate with/without SAs: 1. To enable a socket to communicate without using labeled-IPSec SAs: allow socket_t unlabeled_t:association { sendto recvfrom } 2. To enable a socket to communicate with labeled-IPSec SAs: allow socket_t self:association { sendto }; allow socket_t peer_sa_t:association { recvfrom }; This Patch: Pass correct security context to IKE for use in negotiation Fix the security context passed to IKE for use in negotiation to be the context of the socket as opposed to the context of the SPD rule so that the SA carries the label of the originating socket/flow. Signed-off-by: Venkat Yekkirala <vyekkirala@TrustedCS.com> Signed-off-by: James Morris <jmorris@namei.org>
* [BLUETOOTH] rfcomm endianness bug: param_mask is little-endian on the wireAl Viro2006-12-021-8/+8
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [BLUETOOTH]: rfcomm endianness annotationsAl Viro2006-12-022-3/+3
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [BLUETOOTH]: bnep endianness annotationsAl Viro2006-12-022-8/+8
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [BLUETOOTH] bnep endianness bug: filtering by packet typeAl Viro2006-12-022-13/+14
| | | | | | | <= and => don't work well on net-endian... Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPV6]: ip6_output annotationsAl Viro2006-12-022-3/+3
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: trivial annotationsAl Viro2006-12-029-37/+36
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [AF_PACKET]: annotateAl Viro2006-12-022-10/+14
| | | | | | | | Weirdness: the third argument of socket() is net-endian here. Oh, well - it's documented in packet(7). Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [LLC]: anotationsAl Viro2006-12-023-8/+8
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPV6]: annotate inet6_csk_search_req()Al Viro2006-12-022-4/+4
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPV6]: flowlabels are net-endianAl Viro2006-12-0211-23/+23
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [INET]: annotate inet_ecn.hAl Viro2006-12-021-2/+2
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NET]: annotate dsfield.hAl Viro2006-12-021-3/+3
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [XFRM]: annotate ->new_mapping()Al Viro2006-12-023-4/+4
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [AF_KEY]: annotateAl Viro2006-12-021-2/+2
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPV4]: encapsulation annotationsAl Viro2006-12-026-44/+44
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SUNRPC]: annotate hash_ip()Al Viro2006-12-021-4/+4
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPV6]: annotate ipv6 mcastAl Viro2006-12-021-6/+6
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPV6]: annotate struct frag_hdrAl Viro2006-12-021-4/+4
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPV6]: annotate icmpv6 headersAl Viro2006-12-021-6/+6
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPV6]: 'info' argument of ipv6 ->err_handler() is net-endianAl Viro2006-12-0214-15/+14
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [XFRM]: misc annotationsAl Viro2006-12-024-10/+10
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPV6]: annotate inet6_hashtablesAl Viro2006-12-022-11/+11
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NET]: ipconfig and nfsroot annotationsAl Viro2006-12-024-64/+64
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [TIPC]: endianness annotationsAl Viro2006-12-027-52/+38
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPV6] NDISC: Calculate packet length correctly for allocation.David S. Miller2006-12-021-4/+12
| | | | | | | | | MAX_HEADER does not include the ipv6 header length in it, so we need to add it in explicitly. With help from YOSHIFUJI Hideaki. Signed-off-by: David S. Miller <davem@davemloft.net>
* Merge branch 'upstream-linus' of ↵Linus Torvalds2006-12-02137-3156/+24511
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | master.kernel.org:/pub/scm/linux/kernel/git/jgarzik/netdev-2.6 * 'upstream-linus' of master.kernel.org:/pub/scm/linux/kernel/git/jgarzik/netdev-2.6: (118 commits) [netdrvr] skge: build fix [PATCH] NetXen: driver cleanup, removed unnecessary __iomem type casts [PATCH] PHY: Add support for configuring the PHY connection interface [PATCH] chelesio: transmit locking (plus bug fix). [PATCH] chelsio: statistics improvement [PATCH] chelsio: add MSI support [PATCH] chelsio: use standard CRC routines [PATCH] chelsio: cleanup pm3393 code [PATCH] chelsio: add 1G swcixw aupport [PATCH] chelsio: add support for other 10G boards [PATCH] chelsio: remove unused mutex [PATCH] chelsio: use kzalloc [PATCH] chelsio: whitespace fixes [PATCH] amd8111e use standard CRC lib [PATCH] sky2: msi enhancements. [PATCH] sky2: kfree_skb_any needed [PATCH] sky2: fixes for Yukon EC_U chip revisions [PATCH] sky2: add Dlink 560SX id [PATCH] sky2: receive error handling fix [PATCH] skge: don't clear MC state on link down ...
| * [netdrvr] skge: build fixJeff Garzik2006-12-021-0/+1
| | | | | | | | Signed-off-by: Jeff Garzik <jeff@garzik.org>
| * [PATCH] NetXen: driver cleanup, removed unnecessary __iomem type castsAmit S. Kale2006-12-024-45/+18
| | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Amit S. Kale <amitkale@netxen.com> netxen_nic.h | 38 ++++++++------------------------------ netxen_nic_ethtool.c | 5 ++--- netxen_nic_hw.c | 12 +++++------- netxen_nic_main.c | 8 +++----- 4 files changed, 18 insertions(+), 45 deletions(-) Signed-off-by: Jeff Garzik <jeff@garzik.org>
| * [PATCH] PHY: Add support for configuring the PHY connection interfaceAndy Fleming2006-12-027-23/+93
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Most PHYs connect to an ethernet controller over a GMII or MII interface. However, a growing number are connected over different interfaces, such as RGMII or SGMII. The ethernet driver will tell the PHY what type of connection it is by setting it manually, or passing it in through phy_connect (or phy_attach). Changes include: * Updates to documentation * Updates to PHY Lib consumers * Changes to PHY Lib to add interface support * Some minor changes to whitespace in phy.h * gianfar driver now detects interface and passes appropriate value to PHY Lib Signed-off-by: Andrew Fleming <afleming@freescale.com> Signed-off-by: Jeff Garzik <jeff@garzik.org>
| * [PATCH] chelesio: transmit locking (plus bug fix).Stephen Hemminger2006-12-021-4/+15
| | | | | | | | | | | | | | | | | | | | | | | | If transmit lock is contended on, then push return code back and retry at higher level. Bugfix: If buffer is reallocated because of lack of headroom and the send is blocked, then drop packet. This is necessary because caller would end up requeuing a freed skb. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: Jeff Garzik <jeff@garzik.org>
| * [PATCH] chelsio: statistics improvementStephen Hemminger2006-12-023-68/+100
| | | | | | | | | | | | | | | | | | Cleanup statistics management: * Get rid of duplicate or unused statistics * Convert high volume stats to per-cpu and 64 bit Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: Jeff Garzik <jeff@garzik.org>
| * [PATCH] chelsio: add MSI supportStephen Hemminger2006-12-022-3/+18
| | | | | | | | | | | | | | | | Using MSI can avoid sharing IRQ and associated overhead. Tested on PCI-X. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: Jeff Garzik <jeff@garzik.org>
| * [PATCH] chelsio: use standard CRC routinesStephen Hemminger2006-12-022-28/+4
| | | | | | | | | | | | | | Replace driver crc calculation with existing library. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: Jeff Garzik <jeff@garzik.org>
| * [PATCH] chelsio: cleanup pm3393 codeStephen Hemminger2006-12-021-40/+29
| | | | | | | | | | | | | | | | | | | | | | Replace macro with function for updating RMON values Cleanups: * remove unused enum's * Fix comment format Signed-off-by: Stephen HEmminger <shemminger@osdl.org> Signed-off-by: Jeff Garzik <jeff@garzik.org>
| * [PATCH] chelsio: add 1G swcixw aupportStephen Hemminger2006-12-0212-0/+2780
| | | | | | | | | | | | | | Add support for 1G versions of Chelsio devices. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: Jeff Garzik <jeff@garzik.org>
| * [PATCH] chelsio: add support for other 10G boardsStephen Hemminger2006-12-0223-371/+6041
| | | | | | | | | | | | | | | | | | Add support for other versions of the 10G Chelsio boards. This is basically a port of the vendor driver with the TOE features removed. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: Jeff Garzik <jeff@garzik.org>
| * [PATCH] chelsio: remove unused mutexStephen Hemminger2006-12-022-2/+0
| | | | | | | | | | | | | | This mutex is unused in current (non TOE) code. Signed-off-by: Stephen Hemminger<shemminger@osdl.org> Signed-off-by: Jeff Garzik <jeff@garzik.org>
| * [PATCH] chelsio: use kzallocStephen Hemminger2006-12-022-4/+3
| | | | | | | | | | | | | | Use kzalloc in several places. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: Jeff Garzik <jeff@garzik.org>
| * [PATCH] chelsio: whitespace fixesStephen Hemminger2006-12-024-16/+16
| | | | | | | | | | | | | | Fix indentation and blank/tab issues. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: Jeff Garzik <jeff@garzik.org>
| * [PATCH] amd8111e use standard CRC libStephen Hemminger2006-12-022-30/+1
| | | | | | | | | | | | | | | | | | I noticed this driver (and several others) reinvent their own copy of the existing CRC library. Don't have the hardware, but tested by extracting code and comparing result. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: Jeff Garzik <jeff@garzik.org>
| * [PATCH] sky2: msi enhancements.Stephen Hemminger2006-12-022-8/+11
| | | | | | | | | | | | | | | | If using Message Signaled Interrupts (MSI) then the IRQ will never be shared. Don't call pci_disable_msi() unless using MSI. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: Jeff Garzik <jeff@garzik.org>
| * [PATCH] sky2: kfree_skb_any neededStephen Hemminger2006-12-021-1/+1
| | | | | | | | | | | | | | | | | | | | It is possible for the sky2 driver NAPI poll routine to be called with IRQ's disabled if netpoll is trying to make space in the tx queue. This is an obscure path, but if it happens, the kfree_skb needs to happen via softirq. Calling kfree_skb with IRQ's disabled is a not allowed. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: Jeff Garzik <jeff@garzik.org>
| * [PATCH] sky2: fixes for Yukon EC_U chip revisionsStephen Hemminger2006-12-022-9/+13
| | | | | | | | | | | | | | | | | | Update workarounds for 88E803X based on the latest SysKonnect vendor driver version (8.41). Tested on EC_U rev A1, only. These up the receive performance. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: Jeff Garzik <jeff@garzik.org>
| * [PATCH] sky2: add Dlink 560SX idStephen Hemminger2006-12-021-0/+1
| | | | | | | | | | | | | | | | Add new PCI ID for DLink 560SX. This from the latest SysKonnect vendor driver (version 8.41). Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: Jeff Garzik <jeff@garzik.org>
| * [PATCH] sky2: receive error handling fixStephen Hemminger2006-12-021-3/+3
| | | | | | | | | | | | | | | | | | If sky2 detects out of memory, or gets a bad frame, it reuses the same receive buffer, but forgets to poke the hardware. This could lead to the receiver getting stuck if there were lots of errors. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: Jeff Garzik <jeff@garzik.org>
| * [PATCH] skge: don't clear MC state on link downStephen Hemminger2006-12-021-3/+2
| | | | | | | | | | | | | | | | | | | | I would rather fix Andy's problem by not clearing multicast information on link down. Also, add code to restore multicast state after ethtool phy reset. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: Jeff Garzik <jeff@garzik.org>
| * [PATCH] mv643xx_eth: fix unbalanced parentheses in macrosMariusz Kozlowski2006-12-021-2/+2
| | | | | | | | | | | | Signed-off-by: Mariusz Kozlowski <m.kozlowski@tuxland.pl> Signed-off-by: Dale Farnsworth <dale@farnsworth.org> Signed-off-by: Jeff Garzik <jeff@garzik.org>
OpenPOWER on IntegriCloud