summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* drivers/net/wan: introduce missing kfreeJulia Lawall2009-09-111-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Error handling code following a kmalloc should free the allocated data. The semantic match that finds the problem is as follows: (http://www.emn.fr/x-info/coccinelle/) // <smpl> @r exists@ local idexpression x; statement S; expression E; identifier f,f1,l; position p1,p2; expression *ptr != NULL; @@ x@p1 = \(kmalloc\|kzalloc\|kcalloc\)(...); ... if (x == NULL) S <... when != x when != if (...) { <+...x...+> } ( x->f1 = E | (x->f1 == NULL || ...) | f(...,x->f1,...) ) ...> ( return \(0\|<+...x...+>\|ptr\); | return@p2 ...; ) @script:python@ p1 << r.p1; p2 << r.p2; @@ print "* file: %s kmalloc %s return %s" % (p1[0].file,p1[0].line,p2[0].line) // </smpl> Signed-off-by: Julia Lawall <julia@diku.dk> Signed-off-by: David S. Miller <davem@davemloft.net>
* net: force bridge module(s) to be GPLStephen Hemminger2009-09-111-2/+2
| | | | | | | | | | The only valid usage for the bridge frame hooks are by a GPL components (such as the bridge module). The kernel should not leave a crack in the door for proprietary networking stacks to slip in. Signed-off-by: Stephen Hemminger <shemminger@vyatta.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* Subject: [PATCH] appletalk: Fix skb leak when ipddp interface is not loadedArnaldo Carvalho de Melo2009-09-113-30/+36
| | | | | | | | | | | | And also do a better job of returning proper NET_{RX,XMIT}_ values. Based on a patch and suggestions by Mark Smith. This fixes CVE-2009-2903 Reported-by: Mark Smith <lk-netdev@lk-netdev.nosense.org> Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* net: unix: fix sending fds in multiple buffersMiklos Szeredi2009-09-111-1/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Kalle Olavi Niemitalo reported that: "..., when one process calls sendmsg once to send 43804 bytes of data and one file descriptor, and another process then calls recvmsg three times to receive the 16032+16032+11740 bytes, each of those recvmsg calls returns the file descriptor in the ancillary data. I confirmed this with strace. The behaviour differs from Linux 2.6.26, where reportedly only one of those recvmsg calls (I think the first one) returned the file descriptor." This bug was introduced by a patch from me titled "net: unix: fix inflight counting bug in garbage collector", commit 6209344f5. And the reason is, quoting Kalle: "Before your patch, unix_attach_fds() would set scm->fp = NULL, so that if the loop in unix_stream_sendmsg() ran multiple iterations, it could not call unix_attach_fds() again. But now, unix_attach_fds() leaves scm->fp unchanged, and I think this causes it to be called multiple times and duplicate the same file descriptors to each struct sk_buff." Fix this by introducing a flag that is cleared at the start and set when the fds attached to the first buffer. The resulting code should work equivalently to the one on 2.6.26. Reported-by: Kalle Olavi Niemitalo <kon@iki.fi> Signed-off-by: Miklos Szeredi <mszeredi@suse.cz> Signed-off-by: David S. Miller <davem@davemloft.net>
* Merge branch 'master' of ↵David S. Miller2009-09-10107-1856/+373
|\ | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/kaber/nf-next-2.6
| * netfilter: ebt_ulog: fix checkentry return valuePatrick McHardy2009-09-011-1/+1
| | | | | | | | | | | | | | | | Commit 19eda87 (netfilter: change return types of check functions for Ebtables extensions) broke the ebtables ulog module by missing a return value conversion. Signed-off-by: Patrick McHardy <kaber@trash.net>
| * IPVS: Add handling of incoming ICMPV6 messagesJulius Volz2009-08-311-6/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add handling of incoming ICMPv6 messages. This follows the handling of IPv4 ICMP messages. Amongst ther things this problem allows IPVS to behave sensibly when an ICMPV6_PKT_TOOBIG message is received: This message is received when a realserver sends a packet >PMTU to the client. The hop on this path with insufficient MTU will generate an ICMPv6 Packet Too Big message back to the VIP. The LVS server receives this message, but the call to the function handling this has been missing. Thus, IPVS fails to forward the message to the real server, which then does not adjust the path MTU. This patch adds the missing call to ip_vs_in_icmp_v6() in ip_vs_in() to handle this situation. Thanks to Rob Gallagher from HEAnet for reporting this issue and for testing this patch in production (with direct routing mode). [horms@verge.net.au: tweaked changelog] Signed-off-by: Julius Volz <julius.volz@gmail.com> Tested-by: Rob Gallagher <robert.gallagher@heanet.ie> Signed-off-by: Simon Horman <horms@verge.net.au> Signed-off-by: Patrick McHardy <kaber@trash.net>
| * netfilter: ip6t_eui: fix read outside array boundsPatrick McHardy2009-08-311-7/+2
| | | | | | | | | | | | | | | | | | Use memcmp() instead of open coded comparison that reads one byte past the intended end. Based on patch from Roel Kluin <roel.kluin@gmail.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
| * netfilter: nf_conntrack: netns fix re reliable conntrack event deliveryAlexey Dobriyan2009-08-311-3/+3
| | | | | | | | | | | | | | | | Conntracks in netns other than init_net dying list were never killed. Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Acked-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Patrick McHardy <kaber@trash.net>
| * ipvs: Use atomic operations atomiclySimon Horman2009-08-312-6/+7
| | | | | | | | | | | | | | | | | | | | A pointed out by Shin Hong, IPVS doesn't always use atomic operations in an atomic manner. While this seems unlikely to be manifest in strange behaviour, it seems appropriate to clean this up. Cc: shin hong <hongshin@gmail.com> Signed-off-by: Simon Horman <horms@verge.net.au> Signed-off-by: Patrick McHardy <kaber@trash.net>
| * netfilter: nfnetlink: constify message attributes and headersPatrick McHardy2009-08-259-35/+55
| | | | | | | | Signed-off-by: Patrick McHardy <kaber@trash.net>
| * netlink: constify nlmsghdr argumentsPatrick McHardy2009-08-255-12/+13
| | | | | | | | | | | | | | | | Consitfy nlmsghdr arguments to a couple of functions as preparation for the next patch, which will constify the netlink message data in all nfnetlink users. Signed-off-by: Patrick McHardy <kaber@trash.net>
| * netfilter: nf_conntrack: log packets dropped by helpersPatrick McHardy2009-08-252-2/+10
| | | | | | | | | | | | | | | | Log packets dropped by helpers using the netfilter logging API. This is useful in combination with nfnetlink_log to analyze those packets in userspace for debugging. Signed-off-by: Patrick McHardy <kaber@trash.net>
| * netfilter: bridge: refcount fixEric Dumazet2009-08-241-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | commit f216f082b2b37c4943f1e7c393e2786648d48f6f ([NETFILTER]: bridge netfilter: deal with martians correctly) added a refcount leak on in_dev. Instead of using in_dev_get(), we can use __in_dev_get_rcu(), as netfilter hooks are running under rcu_read_lock(), as pointed by Patrick. Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
| * netfilter: nf_nat: fix inverted logic for persistent NAT mappingsMaximilian Engelhardt2009-08-241-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Kernel 2.6.30 introduced a patch [1] for the persistent option in the netfilter SNAT target. This is exactly what we need here so I had a quick look at the code and noticed that the patch is wrong. The logic is simply inverted. The patch below fixes this. Also note that because of this the default behavior of the SNAT target has changed since kernel 2.6.30 as it now ignores the destination IP in choosing the source IP for nating (which should only be the case if the persistent option is set). [1] http://git.eu.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=98d500d66cb7940747b424b245fc6a51ecfbf005 Signed-off-by: Maximilian Engelhardt <maxi@daemonizer.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
| * netfilter: xtables: mark initial tables constantJan Engelhardt2009-08-2422-37/+42
| | | | | | | | | | | | | | The inputted table is never modified, so should be considered const. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
| * Merge branch 'master' of git://dev.medozas.de/linuxPatrick McHardy2009-08-1079-1719/+210
| |\
| | * netfilter: xtables: check for standard verdicts in policiesJan Engelhardt2009-08-103-6/+57
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds the second check that Rusty wanted to have a long time ago. :-) Base chain policies must have absolute verdicts that cease processing in the table, otherwise rule execution may continue in an unexpected spurious fashion (e.g. next chain that follows in memory). Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
| | * netfilter: xtables: check for unconditionality of policiesJan Engelhardt2009-08-103-14/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds a check that iptables's original author Rusty set forth in a FIXME comment. Underflows in iptables are better known as chain policies, and are required to be unconditional or there would be a stochastical chance for the policy rule to be skipped if it does not match. If that were to happen, rule execution would continue in an unexpected spurious fashion. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
| | * netfilter: xtables: ignore unassigned hooks in check_entry_size_and_hooksJan Engelhardt2009-08-103-3/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The "hook_entry" and "underflow" array contains values even for hooks not provided, such as PREROUTING in conjunction with the "filter" table. Usually, the values point to whatever the next rule is. For the upcoming unconditionality and underflow checking patches however, we must not inspect that arbitrary rule. Skipping unassigned hooks seems like a good idea, also because newinfo->hook_entry and newinfo->underflow will then continue to have the poison value for detecting abnormalities. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
| | * netfilter: xtables: use memcmp in unconditional checkJan Engelhardt2009-08-103-23/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | Instead of inspecting each u32/char open-coded, clean up and make use of memcmp. On some arches, memcmp is implemented as assembly or GCC's __builtin_memcmp which can possibly take advantages of known alignment. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
| | * netfilter: iptables: remove unused datalen variableJan Engelhardt2009-08-101-4/+0
| | | | | | | | | | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
| | * netfilter: xtables: realign struct xt_target_paramJan Engelhardt2009-08-101-1/+1
| | | | | | | | | | | | | | | | | | | | | This commit gets rid of a padding hole as reported by pahole(1). Saves 8 bytes on x86_64. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
| | * netfilter: xtables: switch table AFs to nfprotoJan Engelhardt2009-08-109-9/+9
| | | | | | | | | | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
| | * netfilter: xtables: switch hook PFs to nfprotoJan Engelhardt2009-08-1011-36/+36
| | | | | | | | | | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
| | * netfilter: conntrack: switch hook PFs to nfprotoJan Engelhardt2009-08-102-10/+10
| | | | | | | | | | | | | | | | | | | | | Simple substitution to indicate that the fields indeed use the NFPROTO_ space. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
| | * netfilter: xtables: remove redirecting header filesJan Engelhardt2009-08-1042-618/+5
| | | | | | | | | | | | | | | | | | | | | | | | When IPv4 and IPv6 matches were unified approx. 3.5 years ago, they received new header filenames (e.g. xt_CLASSIFY.h). Let's remove the old ones now. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
| | * netfilter: xtables: remove xt_owner v0Jan Engelhardt2009-08-105-158/+12
| | | | | | | | | | | | | | | | | | Superseded by xt_owner v1 (v2.6.24-2388-g0265ab4). Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
| | * netfilter: xtables: remove xt_mark v0Jan Engelhardt2009-08-103-84/+10
| | | | | | | | | | | | | | | | | | Superseded by xt_mark v1 (v2.6.24-2922-g17b0d7e). Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
| | * netfilter: xtables: remove xt_iprange v0Jan Engelhardt2009-08-104-69/+2
| | | | | | | | | | | | | | | | | | Superseded by xt_iprange v1 (v2.6.24-2928-g1a50c5a1). Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
| | * netfilter: xtables: remove xt_conntrack v0Jan Engelhardt2009-08-103-193/+1
| | | | | | | | | | | | | | | | | | Superseded by xt_conntrack v1 (v2.6.24-2921-g64eb12f). Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
| | * netfilter: xtables: remove xt_connmark v0Jan Engelhardt2009-08-103-98/+11
| | | | | | | | | | | | | | | | | | Superseded by xt_connmark v1 (v2.6.24-2919-g96e3227). Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
| | * netfilter: xtables: remove xt_MARK v0, v1Jan Engelhardt2009-08-103-174/+9
| | | | | | | | | | | | | | | | | | Superseded by xt_MARK v2 (v2.6.24-2918-ge0a812a). Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
| | * netfilter: xtables: remove xt_CONNMARK v0Jan Engelhardt2009-08-103-132/+11
| | | | | | | | | | | | | | | | | | Superseded by xt_CONNMARK v1 (v2.6.24-2917-g0dc8c76). Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
| | * netfilter: xtables: remove xt_TOS v0Jan Engelhardt2009-08-106-93/+0
| | | | | | | | | | | | | | | | | | Superseded by xt_TOS v1 (v2.6.24-2396-g5c350e5). Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
| * | netfilter: ebtables: Use %pM conversion specifierTobias Klauser2009-08-101-22/+7
| | | | | | | | | | | | | | | | | | | | | | | | ebt_log uses its own implementation of print_mac to print MAC addresses. This patch converts it to use the %pM conversion specifier for printk. Signed-off-by: Tobias Klauser <klto@zhaw.ch> Signed-off-by: Patrick McHardy <kaber@trash.net>
| * | netfilter: nf_conntrack: add SCTP support for SO_ORIGINAL_DSTRafael Laufer2009-08-101-4/+4
| |/ | | | | | | Signed-off-by: Patrick McHardy <kaber@trash.net>
* | dm9000: Use resource_size instead of private macroTobias Klauser2009-09-091-4/+2
| | | | | | | | | | | | | | | | The macro res_size in drivers/net/dm9000.c is a copy of resource_size in linux/ioport.h. Remove the function and use resource_size instead. Signed-off-by: Tobias Klauser <tklauser@distanz.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
* | dm9000: Remove unnecessary memset of netdev private dataTobias Klauser2009-09-091-1/+0
| | | | | | | | | | | | | | | | | | The memory for the private data is allocated using kzalloc in alloc_etherdev (or alloc_netdev_mq respectively) so there is no need to set it to 0 again. Signed-off-by: Tobias Klauser <tklauser@distanz.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
* | netxen: fix tx descriptor structureAmit Kumar Salecha2009-09-091-2/+2
| | | | | | | | | | | | | | | | Fix the offset of vlan_TCI field in cmd_desc_type0. Signed-off-by: Amit Kumar Salecha <amit@qlogic.com> Signed-off-by: Dhananjay Phadke <dhananjay@netxen.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* | netxen: fix check for ip addr hashing supportAmit Kumar Salecha2009-09-091-1/+1
| | | | | | | | | | | | | | | | | | Fix typo in checking dest ip has support before programming destip addresses. Signed-off-by: Amit Kumar Salecha <amit@netxen.com> Signed-off-by: Dhananjay Phadke <dhananjay@netxen.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* | net_sched: fix estimator lock selection for mq child qdiscsPatrick McHardy2009-09-093-16/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When new child qdiscs are attached to the mq qdisc, they are actually attached as root qdiscs to the device queues. The lock selection for new estimators incorrectly picks the root lock of the existing and to be replaced qdisc, which results in a use-after-free once the old qdisc has been destroyed. Mark mq qdisc instances with a new flag and treat qdiscs attached to mq as children similar to regular root qdiscs. Additionally prevent estimators from being attached to the mq qdisc itself since it only updates its byte and packet counters during dumps. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* | Merge branch 'master' of ↵David S. Miller2009-09-0952-539/+1673
|\ \ | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6
| * | cfg80211: allow scanning on specified frequencies when using wext-compatibilityHolger Schurig2009-09-091-7/+34
| | | | | | | | | | | | | | | | | | | | | | | | Handles the case when SIOCSIWSCAN specified iw_scan_req.num_channels and iw_scan_req.channels[]. Signed-off-by: Holger Schurig <hs4233@mail.mn-solutions.de> Signed-off-by: John W. Linville <linville@tuxdriver.com>
| * | ath9k: Initialize the priority gpio for BT coex 3-wireVasanthakumar Thiagarajan2009-09-092-2/+5
| | | | | | | | | | | | | | | | | | | | | | | | Oops, a stupid mistake in the original patch which adds coex 3-wire support. Bluetooth priority gpio needs to be gpio 7. Signed-off-by: Vasanthakumar Thiagarajan <vasanth@atheros.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
| * | ath9k: Get rid of the modparam btcoex_enableVasanthakumar Thiagarajan2009-09-091-4/+0
| | | | | | | | | | | | | | | Signed-off-by: Vasanthakumar Thiagarajan <vasanth@atheros.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
| * | ath9k: Enable btcoex based on the subsystem id of the deviceVasanthakumar Thiagarajan2009-09-094-1/+30
| | | | | | | | | | | | | | | Signed-off-by: Vasanthakumar Thiagarajan <vasanth@atheros.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
| * | ath9k: Store subsystem id in struct hw_versionVasanthakumar Thiagarajan2009-09-095-6/+10
| | | | | | | | | | | | | | | | | | | | | | | | This subsystem id will be used later to turn on the btcoex support. Signed-off-by: Vasanthakumar Thiagarajan <vasanth@atheros.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
| * | wireless: mark prism54 as deprecated and mark for removalLuis R. Rodriguez2009-09-092-41/+45
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The preferred module is p54pci which also supports FullMAC PCI / Cardbus devices. We schedule removal for 2.6.34. Reason to remove this is no one really is testing prism54 anymore, and while it works p54pci provides support for the same hardware. It should be noted I have been told some FullMAC devices may not have worked with the SoftMAC driver but to date we have yet to recieve a single bug report regarding this. If there are users out there please let us know! Cc: aquilaver@yahoo.com Cc: linux-kernel@vger.kernel.org Cc: Dan Williams <dcbw@redhat.com> Cc: Kai Engert <kengert@redhat.com> Cc: Jean Tourrilhes <jt@hpl.hp.com> Cc: Tim de Waal<tim.dewaal@yahoo.com> Cc: Roy Marples <uberlord@gentoo.org> Cc: Alan Cox <alan@lxorguk.ukuu.org.uk> Cc: Christian Lamparter <chunkeey@web.de> Cc: Björn Steinbrink <B.Steinbrink@gmx.de> Cc: Tim Gardner <tim.gardner@canonical.com> Cc: Larry Finger <Larry.Finger@lwfinger.net> Cc: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: Luis R. Rodriguez <lrodriguez@atheros.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
| * | b44/b43/b43legacy: Fix switch warnings introduced by SSB-SDIOMichael Buesch2009-09-093-6/+20
| | | | | | | | | | | | | | | | | | | | | This fixes some gcc warnings for switch statements. Signed-off-by: Michael Buesch <mb@bu3sch.de> Signed-off-by: John W. Linville <linville@tuxdriver.com>
OpenPOWER on IntegriCloud