summaryrefslogtreecommitdiffstats
path: root/net
Commit message (Collapse)AuthorAgeFilesLines
* Bluetooth: Ignore key unauthenticated for high securityWaldemar Rymarkiewicz2011-04-281-4/+16
| | | | | | | | | | | | High security level for pre v2.1 devices requires combination link key authenticated by at least 16 digit PIN code. It's also necessary to update key_type and pin_length when the key exists and is sufficently secured for the connection as there will be no link key notify event in that case. Signed-off-by: Waldemar Rymarkiewicz <waldemar.rymarkiewicz@tieto.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Map sec_level to link key requirementsWaldemar Rymarkiewicz2011-04-282-10/+55
| | | | | | | | | Keep the link key type together with connection and use it to map security level to link key requirements. Authenticate and/or encrypt connection if the link is insufficiently secure. Signed-off-by: Waldemar Rymarkiewicz <waldemar.rymarkiewicz@tieto.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Don't modify sec_level if auth failedWaldemar Rymarkiewicz2011-04-281-1/+0
| | | | | | | | | | | If authentication fails the security level should stay as it was set before the process has started. Setting BT_SECURITY_LOW can hide real security level on a link eg. having BT_SECURITY_MEDIUM on the link, re-authenticate with failure to get BT_SECURITY_HIGH, as a result we get BT_SECURITY_LOW on the link while the real security is still medium. Signed-off-by: Waldemar Rymarkiewicz <waldemar.rymarkiewicz@tieto.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Add definitions for link key typesWaldemar Rymarkiewicz2011-04-282-4/+5
| | | | | | | Introduce the link key types defs and use them instead of magic numbers. Signed-off-by: Waldemar Rymarkiewicz <waldemar.rymarkiewicz@tieto.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Add discovering event to the Management interfaceJohan Hedberg2011-04-282-6/+40
| | | | | | | | | | This patch adds a new event to the Management interface to track when local adapters are discovering remote devices. For now this only tracks BR/EDR discovery procedures. Signed-off-by: Johan Hedberg <johan.hedberg@nokia.com> Signed-off-by: Anderson Briglia <anderson.briglia@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Add basic discovery commands to the management interfaceJohan Hedberg2011-04-281-1/+75
| | | | | | | | | | | | | | This patch adds start_discovery and stop_discovery commands to the management interface. Right now their implementation is fairly simplistic and the parameters are fixed to what user space has defaulted to so far. This is the very initial phase for discovery implementation into the kernel. Next steps include name resolution, LE scanning and bdaddr type handling. Signed-off-by: Johan Hedberg <johan.hedberg@nokia.com> Signed-off-by: Anderson Briglia <anderson.briglia@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Don't export l2cap_sock_opsGustavo F. Padovan2011-04-281-1/+3
| | | | | | l2cap_sk_ops can be static, it's not used outside l2cap_sock.c Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Fix memory leak with L2CAP channelsGustavo F. Padovan2011-04-282-4/+8
| | | | | | A new l2cap_chan_free() is added to free the channels. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Move conn to struct l2cap_chanGustavo F. Padovan2011-04-284-62/+55
| | | | | | | There is no need to the socket deal directly with the channel, most of the time it cares about the channel only. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Move more vars to struct l2cap_chanGustavo F. Padovan2011-04-282-70/+72
| | | | | | In this commit, psm, scid and dcid. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Move more channel info to struct l2cap_chanGustavo F. Padovan2011-04-285-103/+114
| | | | | | | In this commit, omtu, imtu, flush_to, mode and sport. It also remove the pi var from l2cap_sock_sendmsg(). Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Move more vars to struct l2cap_chanGustavo F. Padovan2011-04-273-67/+68
| | | | | | In this commit all ERTM and Streaming Mode specific vars. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Move some more elements to struct l2cap_chanGustavo F. Padovan2011-04-272-60/+70
| | | | | | In this commit sec_level, force_reliable, role_switch and flushable. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Rename l2cap_do_connect() to l2cap_chan_connect()Gustavo F. Padovan2011-04-272-2/+2
| | | | | | | | l2cap_chan_connect() is a much better name and reflects what this functions is doing (or will do once socket dependence is removed from the core). Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Move conf_state to struct l2cap_chanGustavo F. Padovan2011-04-272-46/+52
| | | | | | First move of elements depending on user data. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Refactor L2CAP channel allocationGustavo F. Padovan2011-04-272-17/+17
| | | | | | | | If the allocation happens at l2cap_sock_create() will be able to use the struct l2cap_chan to store channel info that comes from the user via setsockopt. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Merge master.kernel.org:/pub/scm/linux/kernel/git/padovan/bluetooth-2.6Gustavo F. Padovan2011-04-2021-40/+105
|\ | | | | | | | | | | | | Conflicts: net/bluetooth/l2cap_core.c net/bluetooth/l2cap_sock.c net/bluetooth/mgmt.c
| * mac80211: fix SMPS debugfs lockingJohannes Berg2011-04-202-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The locking with SMPS requests means that the debugs file should lock the mgd mutex, not the iflist mutex. Calls to __ieee80211_request_smps() need to hold that mutex, so add an assertion. This has always been wrong, but for some reason never been noticed, probably because the locking error only happens while unassociated. Cc: stable@kernel.org [2.6.34+] Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
| * Bluetooth: Only keeping SAR bits when retransmitting one frame.Ruiyi Zhang2011-04-181-0/+1
| | | | | | | | | | | | | | | | When retrasmitting one frame, only SAR bits in control field should be kept. Signed-off-by: Ruiyi Zhang <Ruiyi.zhang@atheros.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
| * Bluetooth: fix shutdown on SCO socketsLuiz Augusto von Dentz2011-04-181-0/+9
| | | | | | | | | | | | | | | | | | | | shutdown should wait for SCO link to be properly disconnected before detroying the socket, otherwise an application using the socket may assume link is properly disconnected before it really happens which can be a problem when e.g synchronizing profile switch. Signed-off-by: Luiz Augusto von Dentz <luiz.dentz-von@nokia.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
| * Bluetooth: Fix keeping the command timer runningVinicius Costa Gomes2011-04-181-3/+2
| | | | | | | | | | | | | | | | | | | | | | | | In the teardown path the reset command is sent to the controller, this event causes the command timer to be reactivated. So the timer is removed in two situations, when the adapter isn't marked as UP and when we know that some command has been sent. Reported-by: Keith Packard <keithp@keithp.com> Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
| * Bluetooth: Fix refcount balance for hci connectionVille Tervo2011-04-181-2/+0
| | | | | | | | | | | | | | | | | | hci_io_capa_reply_evt() holds reference for hciconnection. It's useless since hci_io_capa_request_evt()/hci_simple_pair_complete_evt() already protects the connection. In addition it leaves connection open after failed SSP pairing. Signed-off-by: Ville Tervo <ville.tervo@nokia.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
| * mac80211: Fix duplicate frames on cooked monitorHelmut Schaa2011-04-041-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | Cleaning the ieee80211_rx_data.flags field here is wrong, instead the flags should be valid accross processing the frame on different interfaces. Fix this by removing the incorrect flags=0 assignment. Introduced in commit 554891e63a29af35cc6bb403ef34e319518114d0 (mac80211: move packet flags into packet). Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
| * tcp: len check is unnecessarily devastating, change to WARN_ONIlpo Järvinen2011-04-011-1/+2
| | | | | | | | | | | | | | | | | | | | | | All callers are prepared for alloc failures anyway, so this error can safely be boomeranged to the callers domain without super bad consequences. ...At worst the connection might go into a state where each RTO tries to (unsuccessfully) re-fragment with such a mis-sized value and eventually dies. Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi> Signed-off-by: David S. Miller <davem@davemloft.net>
| * sctp: malloc enough room for asconf-ack chunkWei Yongjun2011-04-011-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Sometime the ASCONF_ACK parameters can equal to the fourfold of ASCONF parameters, this only happend in some special case: ASCONF parameter is : Unrecognized Parameter (4 bytes) ASCONF_ACK parameter should be: Error Cause Indication parameter (8 bytes header) + Error Cause (4 bytes header) + Unrecognized Parameter (4bytes) Four 4bytes Unrecognized Parameters in ASCONF chunk will cause panic. Pid: 0, comm: swapper Not tainted 2.6.38-next+ #22 Bochs Bochs EIP: 0060:[<c0717eae>] EFLAGS: 00010246 CPU: 0 EIP is at skb_put+0x60/0x70 EAX: 00000077 EBX: c09060e2 ECX: dec1dc30 EDX: c09469c0 ESI: 00000000 EDI: de3c8d40 EBP: dec1dc58 ESP: dec1dc2c DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 Process swapper (pid: 0, ti=dec1c000 task=c09aef20 task.ti=c0980000) Stack: c09469c0 e1894fa4 00000044 00000004 de3c8d00 de3c8d00 de3c8d44 de3c8d40 c09060e2 de25dd80 de3c8d40 dec1dc7c e1894fa4 dec1dcb0 00000040 00000004 00000000 00000800 00000004 00000004 dec1dce0 e1895a2b dec1dcb4 de25d960 Call Trace: [<e1894fa4>] ? sctp_addto_chunk+0x4e/0x89 [sctp] [<e1894fa4>] sctp_addto_chunk+0x4e/0x89 [sctp] [<e1895a2b>] sctp_process_asconf+0x32f/0x3d1 [sctp] [<e188d554>] sctp_sf_do_asconf+0xf8/0x173 [sctp] [<e1890b02>] sctp_do_sm+0xb8/0x159 [sctp] [<e18a2248>] ? sctp_cname+0x0/0x52 [sctp] [<e189392d>] sctp_assoc_bh_rcv+0xac/0xe3 [sctp] [<e1897d76>] sctp_inq_push+0x2d/0x30 [sctp] [<e18a21b2>] sctp_rcv+0x7a7/0x83d [sctp] [<c077a95c>] ? ipv4_confirm+0x118/0x125 [<c073a970>] ? nf_iterate+0x34/0x62 [<c074789d>] ? ip_local_deliver_finish+0x0/0x194 [<c074789d>] ? ip_local_deliver_finish+0x0/0x194 [<c0747992>] ip_local_deliver_finish+0xf5/0x194 [<c074789d>] ? ip_local_deliver_finish+0x0/0x194 [<c0747a6e>] NF_HOOK.clone.1+0x3d/0x44 [<c0747ab3>] ip_local_deliver+0x3e/0x44 [<c074789d>] ? ip_local_deliver_finish+0x0/0x194 [<c074775c>] ip_rcv_finish+0x29f/0x2c7 [<c07474bd>] ? ip_rcv_finish+0x0/0x2c7 [<c0747a6e>] NF_HOOK.clone.1+0x3d/0x44 [<c0747cae>] ip_rcv+0x1f5/0x233 [<c07474bd>] ? ip_rcv_finish+0x0/0x2c7 [<c071dce3>] __netif_receive_skb+0x310/0x336 [<c07221f3>] netif_receive_skb+0x4b/0x51 [<e0a4ed3d>] cp_rx_poll+0x1e7/0x29c [8139cp] [<c072275e>] net_rx_action+0x65/0x13a [<c0445a54>] __do_softirq+0xa1/0x149 [<c04459b3>] ? __do_softirq+0x0/0x149 <IRQ> [<c0445891>] ? irq_exit+0x37/0x72 [<c040a7e9>] ? do_IRQ+0x81/0x95 [<c07b3670>] ? common_interrupt+0x30/0x38 [<c0428058>] ? native_safe_halt+0xa/0xc [<c040f5d7>] ? default_idle+0x58/0x92 [<c0408fb0>] ? cpu_idle+0x96/0xb2 [<c0797989>] ? rest_init+0x5d/0x5f [<c09fd90c>] ? start_kernel+0x34b/0x350 [<c09fd0cb>] ? i386_start_kernel+0xba/0xc1 Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * Merge branch 'master' of ↵David S. Miller2011-04-019-27/+64
| |\ | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-2.6
| | * mac80211: fix aggregation frame release during timeoutDaniel Halperin2011-03-281-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Suppose the aggregation reorder buffer looks like this: x-T-R1-y-R2, where x and y are frames that have not been received, T is a received frame that has timed out, and R1,R2 are received frames that have not yet timed out. The proper behavior in this scenario is to move the window past x (skipping it), release T and R1, and leave the window at y until y is received or R2 times out. As written, this code will instead leave the window at R1, because it has not yet timed out. Fix this by exiting the reorder loop only when the frame that has not timed out AND there are skipped frames earlier in the current valid window. Signed-off-by: Daniel Halperin <dhalperi@cs.washington.edu> Signed-off-by: John W. Linville <linville@tuxdriver.com>
| | * cfg80211: fix BSS double-unlinking (continued)Juuso Oikarinen2011-03-281-7/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch adds to the fix "fix BSS double-unlinking" (commit 3207390a8b58bfc1335750f91cf6783c48ca19ca) by Johannes Berg. It turns out, that the double-unlinking scenario can also occur if expired BSS elements are removed whilst an interface is performing association. To work around that, replace list_del with list_del_init also in the "cfg80211_bss_expire" function, so that the check for whether the BSS still is in the list works correctly in cfg80211_unlink_bss. Signed-off-by: Juuso Oikarinen <juuso.oikarinen@nokia.com> Reviewed-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
| | * cfg80211:: fix possible NULL pointer dereferenceMariusz Kozlowski2011-03-281-3/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | In cfg80211_inform_bss_frame() wiphy is first dereferenced on privsz initialisation and then it is checked for NULL. This patch fixes that. Signed-off-by: Mariusz Kozlowski <mk@lab.zgora.pl> Acked-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
| | * mac80211: fix possible NULL pointer dereferenceMariusz Kozlowski2011-03-281-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | This patch moves 'key' dereference after BUG_ON(!key) so that when key is NULL we will see proper trace instead of oops. Signed-off-by: Mariusz Kozlowski <mk@lab.zgora.pl> Acked-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
| | * mac80211: fix NULL pointer dereference in ieee80211_key_alloc()Petr Štetiar2011-03-281-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The ieee80211_key struct can be kfree()d several times in the function, for example if some of the key setup functions fails beforehand, but there's no check if the struct is still valid before we call memcpy() and INIT_LIST_HEAD() on it. In some cases (like it was in my case), if there's missing aes-generic module it could lead to the following kernel OOPS: Unable to handle kernel NULL pointer dereference at virtual address 0000018c .... PC is at memcpy+0x80/0x29c ... Backtrace: [<bf11c5e4>] (ieee80211_key_alloc+0x0/0x234 [mac80211]) from [<bf1148b4>] (ieee80211_add_key+0x70/0x12c [mac80211]) [<bf114844>] (ieee80211_add_key+0x0/0x12c [mac80211]) from [<bf070cc0>] (__cfg80211_set_encryption+0x2a8/0x464 [cfg80211]) Signed-off-by: Petr Štetiar <ynezz@true.cz> Reviewed-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
| | * mac80211: fix a crash in minstrel_ht in HT mode with no supported MCS ratesFelix Fietkau2011-03-281-7/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When a client connects in HT mode but does not provide any valid MCS rates, the function that finds the next sample rate gets stuck in an infinite loop. Fix this by falling back to legacy rates if no usable MCS rates are found. Signed-off-by: Felix Fietkau <nbd@openwrt.org> Cc: stable@kernel.org Signed-off-by: John W. Linville <linville@tuxdriver.com>
| | * Bluetooth: Fix warning with hci_cmd_timerThomas Gleixner2011-03-241-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | After we made debugobjects working again, we got the following: WARNING: at lib/debugobjects.c:262 debug_print_object+0x8e/0xb0() Hardware name: System Product Name ODEBUG: free active (active state 0) object type: timer_list hint: hci_cmd_timer+0x0/0x60 Pid: 2125, comm: dmsetup Tainted: G W 2.6.38-06707-gc62b389 #110375 Call Trace: [<ffffffff8104700a>] warn_slowpath_common+0x7a/0xb0 [<ffffffff810470b6>] warn_slowpath_fmt+0x46/0x50 [<ffffffff812d3a5e>] debug_print_object+0x8e/0xb0 [<ffffffff81bd8810>] ? hci_cmd_timer+0x0/0x60 [<ffffffff812d4685>] debug_check_no_obj_freed+0x125/0x230 [<ffffffff810f1063>] ? check_object+0xb3/0x2b0 [<ffffffff810f3630>] kfree+0x150/0x190 [<ffffffff81be4d06>] ? bt_host_release+0x16/0x20 [<ffffffff81be4d06>] bt_host_release+0x16/0x20 [<ffffffff813a1907>] device_release+0x27/0xa0 [<ffffffff812c519c>] kobject_release+0x4c/0xa0 [<ffffffff812c5150>] ? kobject_release+0x0/0xa0 [<ffffffff812c61f6>] kref_put+0x36/0x70 [<ffffffff812c4d37>] kobject_put+0x27/0x60 [<ffffffff813a21f7>] put_device+0x17/0x20 [<ffffffff81bda4f9>] hci_free_dev+0x29/0x30 [<ffffffff81928be6>] vhci_release+0x36/0x70 [<ffffffff810fb366>] fput+0xd6/0x1f0 [<ffffffff810f8fe6>] filp_close+0x66/0x90 [<ffffffff810f90a9>] sys_close+0x99/0xf0 [<ffffffff81d4c96b>] system_call_fastpath+0x16/0x1b That timer was introduced with commit 6bd32326cda(Bluetooth: Use proper timer for hci command timout) Timer seems to be running when the thing is closed. Removing the timer unconditionally fixes the problem. And yes, it needs to be fixed before the HCI_UP check. Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Tested-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
| | * Bluetooth: delete hanging L2CAP channelAndrei Emeltchenko2011-03-241-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | Sometimes L2CAP connection remains hanging. Make sure that L2CAP channel is deleted. Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@nokia.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
| | * Bluetooth: Fix missing hci_dev_lock_bh in user_confirm_replyJohan Hedberg2011-03-241-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | The code was correctly calling _unlock at the end of the function but there was no actual _lock call anywhere. Signed-off-by: Johan Hedberg <johan.hedberg@nokia.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
| | * Bluetooth: Fix HCI_RESET command synchronizationGustavo F. Padovan2011-03-242-2/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We can't send new commands before a cmd_complete for the HCI_RESET command shows up. Reported-by: Mikko Vinni <mmvinni@yahoo.com> Reported-by: Justin P. Mattock <justinmattock@gmail.com> Reported-by: Ed Tomlinson <edt@aei.ca> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi> Tested-by: Justin P. Mattock <justinmattock@gmail.com> Tested-by: Mikko Vinni <mmvinni@yahoo.com> Tested-by: Ed Tomlinson <edt@aei.ca>
| | * Bluetooth: Increment unacked_frames count only the first transmitSuraj Sumangala2011-03-241-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch lets 'l2cap_pinfo.unacked_frames' be incremented only the first time a frame is transmitted. Previously it was being incremented for retransmitted packets too resulting the value to cross the transmit window size. Signed-off-by: Suraj Sumangala <suraj@atheros.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
| * | appletalk: Fix OOPS in atalk_release().David S. Miller2011-03-311-5/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Commit 60d9f461a20ba59219fdcdc30cbf8e3a4ad3f625 ("appletalk: remove the BKL") added a dereference of "sk" before checking for NULL in atalk_release(). Guard the code block completely, rather than partially, with the NULL check. Reported-by: Dave Jones <davej@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * | sctp: Pass __GFP_NOWARN to hash table allocation attempts.David S. Miller2011-03-301-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Like DCCP and other similar pieces of code, there are mechanisms here to try allocating smaller hash tables if the allocation fails. So pass in __GFP_NOWARN like the others do instead of emitting a scary message. Reported-by: Dave Jones <davej@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * | fib: add rtnl locking in ip_fib_net_exitEric Dumazet2011-03-301-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | Daniel J Blueman reported a lockdep splat in trie_firstleaf(), caused by RTNL being not locked before a call to fib_table_flush() Reported-by: Daniel J Blueman <daniel.blueman@gmail.com> Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * | atm/solos-pci: Don't flap VCs when carrier state changesPhilip A. Prindeville2011-03-301-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Don't flap VCs when carrier state changes; higher-level protocols can detect loss of connectivity and act accordingly. This is more consistent with how other network interfaces work. We no longer use release_vccs() so we can delete it. release_vccs() was duplicated from net/atm/common.c; make the corresponding function exported, since other code duplicates it and could leverage it if it were public. Signed-off-by: Philip A. Prindeville <philipp@redfish-solutions.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * | netdev: fix mtu check when TSO is enabledDaniel Lezcano2011-03-301-2/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In case the device where is coming from the packet has TSO enabled, we should not check the mtu size value as this one could be bigger than the expected value. This is the case for the macvlan driver when the lower device has TSO enabled. The macvlan inherit this feature and forward the packets without fragmenting them. Then the packets go through dev_forward_skb and are dropped. This patch fix this by checking TSO is not enabled when we want to check the mtu size. Signed-off-by: Daniel Lezcano <daniel.lezcano@free.fr> Acked-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * | bridge: mcast snooping, fix length check of snooped MLDv1/2Linus Lüssing2011-03-301-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | "len = ntohs(ip6h->payload_len)" does not include the length of the ipv6 header itself, which the rest of this function assumes, though. This leads to a length check less restrictive as it should be in the following line for one thing. For another, it very likely leads to an integer underrun when substracting the offset and therefore to a very high new value of 'len' due to its unsignedness. This will ultimately lead to the pskb_trim_rcsum() practically never being called, even in the cases where it should. Signed-off-by: Linus Lüssing <linus.luessing@web.de> Signed-off-by: David S. Miller <davem@davemloft.net>
| * | net: gre: provide multicast mappings for ipv4 and ipv6Timo Teräs2011-03-302-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | My commit 6d55cb91a0020ac0 (gre: fix hard header destination address checking) broke multicast. The reason is that ip_gre used to get ipgre_header() calls with zero destination if we have NOARP or multicast destination. Instead the actual target was decided at ipgre_tunnel_xmit() time based on per-protocol dissection. Instead of allowing the "abuse" of ->header() calls with invalid destination, this creates multicast mappings for ip_gre. This also fixes "ip neigh show nud noarp" to display the proper multicast mappings used by the gre device. Reported-by: Doug Kehn <rdkehn@yahoo.com> Signed-off-by: Timo Teräs <timo.teras@iki.fi> Acked-by: Doug Kehn <rdkehn@yahoo.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * | bridge: Fix compilation warning in function br_stp_recalculate_bridge_id()Balaji G2011-03-291-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | net/bridge/br_stp_if.c: In function ‘br_stp_recalculate_bridge_id’: net/bridge/br_stp_if.c:216:3: warning: ‘return’ with no value, in function returning non-void Signed-off-by: G.Balaji <balajig81@gmail.com> Acked-by: Stephen Hemminger <shemminger@vyatta.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* | | Bluetooth: Fix lockdep warning in L2CAPGustavo F. Padovan2011-04-141-2/+0
| | | | | | | | | | | | | | | | | | | | | | | | Fix a regression from the L2CAP "rewrite" patches. Purge the tx_q already happens on l2cap_chan_del() so we don't need it at l2cap_disconnect_req(). Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* | | Bluetooth: Fix another locking unbalanceGustavo F. Padovan2011-04-141-0/+2
| | | | | | | | | | | | | | | | | | | | | l2cap_get_sock_by_scid was changed to not lock the socket anymore, but I forgot to change all the users of this function. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* | | Bluetooth: Don't lock sock inside l2cap_get_sock_by_scid()Gustavo F. Padovan2011-04-131-5/+3
| | | | | | | | | | | | | | | | | | | | | | | | Fix an locking issue with the new l2cap_att_channel(). l2cap_att_channel() was trying to lock a locked socket. Reported-by: Anderson Lizardo <anderson.lizardo@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* | | Bluetooth: Fix Out Of Band pairing when mgmt interface is disabledSzymon Janc2011-04-131-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | Use kernel stored remote Out Of Band data only if management interface is enabled. Otherwise HCI_OP_REMOTE_OOB_DATA_NEG_REPLY was sent to controller even if remote Out Of Band data was present in bluetoothd. Signed-off-by: Szymon Janc <szymon.janc@tieto.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* | | Bluetooth: Add proper handling of received LE dataGustavo F. Padovan2011-04-131-0/+34
| | | | | | | | | | | | | | | | | | | | | Despite it works, handling through l2cap_data_channel() is wrongs. That function should handle only connection oriented data. Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
OpenPOWER on IntegriCloud