summaryrefslogtreecommitdiffstats
path: root/net
Commit message (Collapse)AuthorAgeFilesLines
* Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6Linus Torvalds2008-02-0817-99/+119
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: (21 commits) [IPSEC] flow: reorder "struct flow_cache_entry" and remove SLAB_HWCACHE_ALIGN [DECNET] ROUTE: remove unecessary alignment [IPSEC]: Add support for aes-ctr. [ISDN]: fix section mismatch warning in enpci_card_msg [TIPC]: declare proto_ops structures as 'const'. [TIPC]: Kill unused static inline (x5) [TC]: oops in em_meta [IPV6] Minor cleanup: remove unused definitions in net/ip6_fib.h [IPV6] Minor clenup: remove two unused definitions in net/ip6_route.h [AF_IUCV]: defensive programming of iucv_callback_txdone [AF_IUCV]: broken send_skb_q results in endless loop [IUCV]: wrong irq-disabling locking at module load time [CAN]: Minor clean-ups [CAN]: Move proto_{,un}register() out of spin-locked region [CAN]: Clean up module auto loading [IPSEC] flow: Remove an unnecessary ____cacheline_aligned [IPV4]: route: fix crash ip_route_input [NETFILTER]: xt_iprange: add missing #include [NETFILTER]: xt_iprange: fix typo in address family [NETFILTER]: nf_conntrack: fix ct_extend ->move operation ...
| * [IPSEC] flow: reorder "struct flow_cache_entry" and remove SLAB_HWCACHE_ALIGNEric Dumazet2008-02-071-2/+2
| | | | | | | | | | | | | | | | | | | | 1) We can shrink sizeof(struct flow_cache_entry) by 8 bytes on 64bit arches. 2) No need to align these structures to hardware cache lines, this only waste ram for very litle gain. Signed-off-by: Eric Dumazet <dada1@cosmosbay.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [DECNET] ROUTE: remove unecessary alignmentEric Dumazet2008-02-071-1/+1
| | | | | | | | | | | | | | | | | | | | Same alignment requirement was removed on IP route cache in the past. This alignment actually has bad effect on 32 bit arches, uniprocessor, since sizeof(dn_rt_hash_bucket) is forced to 8 bytes instead of 4. Signed-off-by: Eric Dumazet <dada1@cosmosbay.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [IPSEC]: Add support for aes-ctr.Joy Latten2008-02-071-0/+17
| | | | | | | | | | | | | | | | | | The below patch allows IPsec to use CTR mode with AES encryption algorithm. Tested this using setkey in ipsec-tools. Signed-off-by: Joy Latten <latten@austin.ibm.com> Acked-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [TIPC]: declare proto_ops structures as 'const'.Florian Westphal2008-02-071-7/+7
| | | | | | | | | | Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [TIPC]: Kill unused static inline (x5)Ilpo Järvinen2008-02-073-23/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | All these static inlines are unused: in_own_zone 1 (net/tipc/addr.h) msg_dataoctet 1 (net/tipc/msg.h) msg_direct 1 (include/net/tipc/tipc_msg.h) msg_options 1 (include/net/tipc/tipc_msg.h) tipc_nmap_get 1 (net/tipc/bcast.h) Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [TC]: oops in em_metaStephen Hemminger2008-02-071-4/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | If userspace passes a unknown match index into em_meta, then em_meta_change will return an error and the data for the match will not be set. This then causes an null pointer dereference when the cleanup is done in the error path via tcf_em_tree_destroy. Since the tree structure comes kzalloc, it is initialized to NULL. Discovered when testing a new version of tc command against an accidental older kernel. Signed-off-by: Stephen Hemminger <shemminger@vyatta.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [AF_IUCV]: defensive programming of iucv_callback_txdoneUrsula Braun2008-02-071-7/+14
| | | | | | | | | | | | | | | | | | | | | | The loop in iucv_callback_txdone presumes existence of an entry with msg->tag in the send_skb_q list. In error cases this assumption might be wrong and might cause an endless loop. Loop is rewritten to guarantee loop end in case of missing msg->tag entry in send_skb_q. Signed-off-by: Ursula Braun <braunu@de.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [AF_IUCV]: broken send_skb_q results in endless loopUrsula Braun2008-02-071-1/+7
| | | | | | | | | | | | | | | | | | | | A race has been detected in iucv_callback_txdone(). skb_unlink has to be done inside the locked area. In addition checkings for successful allocations are inserted. Signed-off-by: Ursula Braun <braunu@de.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [IUCV]: wrong irq-disabling locking at module load timeUrsula Braun2008-02-071-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | Linux may hang when running af_iucv socket programs concurrently with a load of module netiucv. iucv_register() tries to take the iucv_table_lock with spin_lock_irq. This conflicts with iucv_connect() which has a need for an smp_call_function while holding the iucv_table_lock. Solution: use bh-disabling locking in iucv_register() Signed-off-by: Ursula Braun <braunu@de.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [CAN]: Minor clean-upsUrs Thuermann2008-02-071-15/+9
| | | | | | | | | | | | | | | | | | | | Remove unneeded variable. Rename local variable error to err like in all other places. Some white-space changes. Signed-off-by: Urs Thuermann <urs.thuermann@volkswagen.de> Signed-off-by: Oliver Hartkopp <oliver.hartkopp@volkswagen.de> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [CAN]: Move proto_{,un}register() out of spin-locked regionUrs Thuermann2008-02-071-13/+14
| | | | | | | | | | | | | | | | | | | | The implementation of proto_register() has changed so that it can now sleep. The call to proto_register() must be moved out of the spin-locked region. Signed-off-by: Urs Thuermann <urs.thuermann@volkswagen.de> Signed-off-by: Oliver Hartkopp <oliver.hartkopp@volkswagen.de> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [CAN]: Clean up module auto loadingUrs Thuermann2008-02-071-12/+6
| | | | | | | | | | | | | | | | | | Remove local char array to construct module name. Don't call request_module() when CONFIG_KMOD is not set. Signed-off-by: Urs Thuermann <urs.thuermann@volkswagen.de> Signed-off-by: Oliver Hartkopp <oliver.hartkopp@volkswagen.de> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [IPSEC] flow: Remove an unnecessary ____cacheline_alignedEric Dumazet2008-02-071-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We use a percpu variable named flow_hash_info, which holds 12 bytes. It is currently marked as ____cacheline_aligned, which makes linker skip space to properly align this variable. Before : c065cc90 D per_cpu__softnet_data c065cd00 d per_cpu__flow_tables <Here, hole of 124 bytes> c065cd80 d per_cpu__flow_hash_info <Here, hole of 116 bytes> c065ce00 d per_cpu__flow_flush_tasklets c065ce14 d per_cpu__rt_cache_stat This alignement is quite unproductive, and removing it reduces the size of percpu data (by 240 bytes on my x86 machine), and improves performance (flow_tables & flow_hash_info can share a single cache line) After patch : c065cc04 D per_cpu__softnet_data c065cc4c d per_cpu__flow_tables c065cc50 d per_cpu__flow_hash_info c065cc5c d per_cpu__flow_flush_tasklets c065cc70 d per_cpu__rt_cache_stat Signed-off-by: Eric Dumazet <dada1@cosmosbay.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [IPV4]: route: fix crash ip_route_inputPatrick McHardy2008-02-071-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | ip_route_me_harder() may call ip_route_input() with skbs that don't have skb->dev set for skbs rerouted in LOCAL_OUT and TCP resets generated by the REJECT target, resulting in a crash when dereferencing skb->dev->nd_net. Since ip_route_input() has an input device argument, it seems correct to use that one anyway. Bug introduced in b5921910a1 (Routing cache virtualization). Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [NETFILTER]: xt_iprange: add missing #includeJan Engelhardt2008-02-071-0/+1
| | | | | | | | | | | | Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [NETFILTER]: xt_iprange: fix typo in address familyPatrick McHardy2008-02-071-1/+1
| | | | | | | | | | | | | | | | The family for iprange_mt4 should be AF_INET, not AF_INET6. Noticed by Jiri Moravec <jim.lkml@gmail.com>. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [NETFILTER]: nf_conntrack: fix ct_extend ->move operationPatrick McHardy2008-02-072-4/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The ->move operation has two bugs: - It is called with the same extension as source and destination, so it doesn't update the new extension. - The address of the old extension is calculated incorrectly, instead of (void *)ct->ext + ct->ext->offset[i] it uses ct->ext + ct->ext->offset[i]. Fixes a crash on x86_64 reported by Chuck Ebbert <cebbert@redhat.com> and Thomas Woerner <twoerner@redhat.com>. Tested-by: Thomas Woerner <twoerner@redhat.com> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [NETFILTER]: nf_conntrack: TCP conntrack reopening fixJozsef Kadlecsik2008-02-071-6/+26
| | | | | | | | | | | | | | | | | | | | | | | | TCP connection tracking in netfilter did not handle TCP reopening properly: active close was taken into account for one side only and not for any side, which is fixed now. The patch includes more comments to explain the logic how the different cases are handled. The bug was discovered by Jeff Chua. Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* | namespaces: mark NET_NS with "depends on NAMESPACES"Pavel Emelyanov2008-02-081-1/+1
|/ | | | | | | | | | | | | | | | There's already an option controlling the net namespaces cloning code, so make it work the same way as all the other namespaces' options. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Cc: "David S. Miller" <davem@davemloft.net> Acked-by: Serge Hallyn <serue@us.ibm.com> Cc: Cedric Le Goater <clg@fr.ibm.com> Cc: "Eric W. Biederman" <ebiederm@xmission.com> Cc: Herbert Poetzl <herbert@13thfloor.at> Cc: Kirill Korotaev <dev@sw.ru> Cc: Sukadev Bhattiprolu <sukadev@us.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* Convert ERR_PTR(PTR_ERR(p)) instances to ERR_CAST(p)David Howells2008-02-071-3/+3
| | | | | | | | | | Convert instances of ERR_PTR(PTR_ERR(p)) to ERR_CAST(p) using: perl -spi -e 's/ERR_PTR[(]PTR_ERR[(](.*)[)][)]/ERR_CAST(\1)/' `grep -rl 'ERR_PTR[(]*PTR_ERR' fs crypto net security` Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* 9p: fix p9_printfcall exportAndrew Morton2008-02-061-2/+2
| | | | | | | | ERROR: "p9_printfcall" [net/9p/9pnet_virtio.ko] undefined! Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Acked-by: Eric Van Hensbergen <ericvh@gmail.com>
* 9p: transport API reorganizationEric Van Hensbergen2008-02-066-1145/+1187
| | | | | | | | | | This merges the mux.c (including the connection interface) with trans_fd in preparation for transport API changes. Ultimately, trans_fd will need to be rewritten to clean it up and simplify the implementation, but this reorganization is viewed as the first step. Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
* 9p: add remove function to trans_virtioEric Van Hensbergen2008-02-061-0/+19
| | | | | | | | | | | Request from rusty: Just cleaning up patches for 2.6.25 merge, and noticed that net/9p/trans_virtio.c doesn't have a remove function. This will crash when removing the module (console doesn't have one because it can't really be removed). Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
* 9p: Convert semaphore to spinlock for p9_idpoolAnthony Liguori2008-02-061-12/+8
| | | | | | | | | | | | When booting from v9fs, down_interruptible in p9_idpool_get() triggered a BUG as it was being called with IRQs disabled. A spinlock seems like the right thing to be using since the idr functions go out of their way not to sleep. This patch eliminates the BUG by converting the semaphore to a spinlock. Signed-off-by: Anthony Liguori <aliguori@us.ibm.com> Acked-by: Eric Van Hensbergen <ericvh@gmail.com>
* 9p: Fix soft lockup in virtio transportEric Van Hensbergen2008-02-061-1/+1
| | | | | | | | This fixes a poorly placed spinlock which could result in a soft lockup condition. Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
* 9p: block-based virtio clientEric Van Hensbergen2008-02-062-151/+227
| | | | | | | | This replaces the console-based virto client with a block-based client using a single request queue. Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
* 9p: create transport rpc cut-thruEric Van Hensbergen2008-02-061-16/+33
| | | | | | | | | Add a new transport function which allows a cut-thru directly to the transport instead of processing request through the mux if the cut-thru exists. Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
* 9p: fix bug in p9_clone_statMartin Stava2008-02-061-0/+5
| | | | | | | | | This patch fixes a bug in the copying of 9P stat information where string references weren't being updated properly. Signed-off-by: Martin Sava <martin.stava@gmail.com> Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
* ipvs: Make wrr "no available servers" error message rate-limitedSven Wegener2008-02-051-1/+2
| | | | | | | | | | No available servers is more an error message than something informational. It should also be rate-limited, else we're going to flood our logs on a busy director, if all real servers are out of order with a weight of zero. Signed-off-by: Sven Wegener <sven.wegener@stealer.net> Acked-by: Simon Horman <horms@verge.net.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* Merge branch 'fixes' of ↵David S. Miller2008-02-051-1/+0
|\ | | | | | | master.kernel.org:/pub/scm/linux/kernel/git/linville/wireless-2.6
| * mac80211: Is not EXPERIMENTAL anymoreMichael Buesch2008-02-051-1/+0
| | | | | | | | | | | | | | | | Remove the EXPERIMENTAL dependency, as the existing mac80211 features are stable. Signed-off-by: Michael Buesch <mb@bu3sch.de> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* | [NET_SCHED]: cls_flow: support classification based on VLAN tagPatrick McHardy2008-02-051-0/+12
| | | | | | | | | | Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [NET_SCHED]: cls_flow: fix key mask validity checkPatrick McHardy2008-02-051-2/+3
| | | | | | | | | | | | | | | | Since we're using fls(), we need to check whether the value is non-zero first. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [NET_SCHED]: em_meta: fix compile warningPatrick McHardy2008-02-051-1/+1
| | | | | | | | | | | | | | | | net/sched/em_meta.c: In function 'meta_int_vlan_tag': net/sched/em_meta.c:179: warning: 'tag' may be used uninitialized in this function Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* | Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6Linus Torvalds2008-02-0513-88/+58
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: (21 commits) [PKT_SCHED]: vlan tag match [NET]: Add if_addrlabel.h to sanitized headers. [NET] rtnetlink.c: remove no longer used functions [ICMP]: Restore pskb_pull calls in receive function [INET]: Fix accidentally broken inet(6)_hash_connect's port offset calculations. [NET]: Remove further references to net-modules.txt bluetooth rfcomm tty: destroy before tty_close() bluetooth: blacklist another Broadcom BCM2035 device drivers/bluetooth/btsdio.c: fix double-free drivers/bluetooth/bpa10x.c: fix memleak bluetooth: uninlining bluetooth: hidp_process_hid_control remove unnecessary parameter dealing tun: impossible to deassert IFF_ONE_QUEUE or IFF_NO_PI hamradio: fix dmascc section mismatch [SCTP]: Fix kernel panic while received AUTH chunk with BAD shared key identifier [SCTP]: Fix kernel panic while received AUTH chunk while enabled auth [IPV4]: Formatting fix for /proc/net/fib_trie. [IPV6]: Fix sysctl compilation error. [NET_SCHED]: Add #ifdef CONFIG_NET_EMATCH in net/sched/cls_flow.c (latest git broken build) [IPV4]: Fix compile error building without CONFIG_FS_PROC ...
| * | [PKT_SCHED]: vlan tag matchStephen Hemminger2008-02-051-0/+17
| | | | | | | | | | | | | | | | | | | | | | | | Provide a way to use tc filters on vlan tag even if tag is buried in skb due to hardware acceleration. Signed-off-by: Stephen Hemminger <shemminger@vyatta.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * | [NET] rtnetlink.c: remove no longer used functionsAdrian Bunk2008-02-051-44/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch removes the following no longer used functions: - rtattr_parse() - rtattr_strlcpy() - __rtattr_parse_nested_compat() Signed-off-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| * | [ICMP]: Restore pskb_pull calls in receive functionHerbert Xu2008-02-052-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | Somewhere along the development of my ICMP relookup patch the header length check went AWOL on the non-IPsec path. This patch restores the check. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
| * | [INET]: Fix accidentally broken inet(6)_hash_connect's port offset calculations.Pavel Emelyanov2008-02-052-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The port offset calculations depend on the protocol family, but, as Adrian noticed, I broke this logic with the commit 5ee31fc1ecdcbc234c8c56dcacef87c8e09909d8 [INET]: Consolidate inet(6)_hash_connect. Return this logic back, by passing the port offset directly into the consolidated function. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Noticed-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| * | bluetooth rfcomm tty: destroy before tty_close()Dave Young2008-02-051-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | rfcomm dev could be deleted in tty_hangup, so we must not call rfcomm_dev_del again to prevent from destroying rfcomm dev before tty close. Signed-off-by: Dave Young <hidave.darkstar@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| * | bluetooth: uninliningAndrew Morton2008-02-051-11/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove all those inlines which were either a) unneeded or b) increased code size. text data bss dec hex filename before: 6997 74 8 7079 1ba7 net/bluetooth/hidp/core.o after: 6492 74 8 6574 19ae net/bluetooth/hidp/core.o Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| * | bluetooth: hidp_process_hid_control remove unnecessary parameter dealingDave Young2008-02-051-18/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | According to the bluetooth HID spec v1.0 chapter 7.4.2 "This code requests a major state change in a BT-HID device. A HID_CONTROL request does not generate a HANDSHAKE response." "A HID_CONTROL packet with a parameter of VIRTUAL_CABLE_UNPLUG is the only HID_CONTROL packet a device can send to a host. A host will ignore all other packets." So in the hidp_precess_hid_control function, we just need to deal with the UNLUG packet. Signed-off-by: Dave Young <hidave.darkstar@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| * | [SCTP]: Fix kernel panic while received AUTH chunk with BAD shared key ↵Wei Yongjun2008-02-051-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | identifier If SCTP-AUTH is enabled, received AUTH chunk with BAD shared key identifier will cause kernel panic. Test as following: step1: enabled /proc/sys/net/sctp/auth_enable step 2: connect to SCTP server with auth capable. Association is established between endpoints. Then send a AUTH chunk with a bad shareid, SCTP server will kernel panic after received that AUTH chunk. SCTP client SCTP server INIT ----------> (with auth capable) <---------- INIT-ACK (with auth capable) COOKIE-ECHO ----------> <---------- COOKIE-ACK AUTH ----------> AUTH chunk is like this: AUTH chunk Chunk type: AUTH (15) Chunk flags: 0x00 Chunk length: 28 Shared key identifier: 10 HMAC identifier: SHA-1 (1) HMAC: 0000000000000000000000000000000000000000 The assignment of NULL to key can safely be removed, since key_for_each (which is just list_for_each_entry under the covers does an initial assignment to key anyway). If the endpoint_shared_keys list is empty, or if the key_id being requested does not exist, the function as it currently stands returns the actuall list_head (in this case endpoint_shared_keys. Since that list_head isn't surrounded by an actuall data structure, the last iteration through list_for_each_entry will do a container_of on key, and we wind up returning a bogus pointer, instead of NULL, as we should. > Neil Horman wrote: >> On Tue, Jan 22, 2008 at 05:29:20PM +0900, Wei Yongjun wrote: >> >> FWIW, Ack from me. The assignment of NULL to key can safely be >> removed, since >> key_for_each (which is just list_for_each_entry under the covers does >> an initial >> assignment to key anyway). >> If the endpoint_shared_keys list is empty, or if the key_id being >> requested does >> not exist, the function as it currently stands returns the actuall >> list_head (in >> this case endpoint_shared_keys. Since that list_head isn't >> surrounded by an >> actuall data structure, the last iteration through >> list_for_each_entry will do a >> container_of on key, and we wind up returning a bogus pointer, >> instead of NULL, >> as we should. Wei's patch corrects that. >> >> Regards >> Neil >> >> Acked-by: Neil Horman <nhorman@tuxdriver.com> >> > > Yep, the patch is correct. > > Acked-by: Vlad Yasevich <vladislav.yasevich@hp.com> > > -vlad > Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com> Acked-by: Neil Horman <nhorman@tuxdriver.com> Acked-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * | [SCTP]: Fix kernel panic while received AUTH chunk while enabled authWei Yongjun2008-02-051-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If STCP is started while /proc/sys/net/sctp/auth_enable is set 0 and association is established between endpoints. Then if /proc/sys/net/sctp/auth_enable is set 1, a received AUTH chunk will cause kernel panic. Test as following: step 1: echo 0> /proc/sys/net/sctp/auth_enable step 2: SCTP client SCTP server INIT ---------> <--------- INIT-ACK COOKIE-ECHO ---------> <--------- COOKIE-ACK step 3: echo 1> /proc/sys/net/sctp/auth_enable step 4: SCTP client SCTP server AUTH -----------> Kernel Panic This patch fix this probleam to treat AUTH chunk as unknow chunk if peer has initialized with no auth capable. > Sorry for the delay. Was on vacation without net access. > > Wei Yongjun wrote: >> >> >> This patch fix this probleam to treat AUTH chunk as unknow chunk if >> peer has initialized with no auth capable. >> >> Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com> > > Acked-by: Vlad Yasevich <vladislav.yasevich@hp.com> > >> Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com> Acked-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * | [IPV4]: Formatting fix for /proc/net/fib_trie.Denis V. Lunev2008-02-051-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The line in the /proc/net/fib_trie for route with TOS specified - has extra \n at the end - does not have a space after route scope like below. |-- 1.1.1.1 /32 universe UNICASTtos =1 Signed-off-by: Denis V. Lunev <den@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| * | [NET_SCHED]: Add #ifdef CONFIG_NET_EMATCH in net/sched/cls_flow.c (latest ↵Rami Rosen2008-02-051-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git broken build) The 2.6 latest git build was broken when using the following configuration options: CONFIG_NET_EMATCH=n CONFIG_NET_CLS_FLOW=y with the following error: net/sched/cls_flow.c: In function 'flow_dump': net/sched/cls_flow.c:598: error: 'struct tcf_ematch_tree' has no member named 'hdr' make[2]: *** [net/sched/cls_flow.o] Error 1 make[1]: *** [net/sched] Error 2 make: *** [net] Error 2 see the recent post by Li Zefan: http://www.spinics.net/lists/netdev/msg54434.html The reason for this crash is that struct tcf_ematch_tree (net/pkt_cls.h) is empty when CONFIG_NET_EMATCH is not defined. When CONFIG_NET_EMATCH is defined, the tcf_ematch_tree structure indeed holds a struct tcf_ematch_tree_hdr (hdr) as flow_dump() expects. This patch adds #ifdef CONFIG_NET_EMATCH in flow_dump to avoid this. Signed-off-by: Rami Rosen <ramirose@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * | [IPSEC] xfrm4_beet_input(): fix an if()Adrian Bunk2008-02-051-1/+1
| |/ | | | | | | | | | | | | | | A bug every C programmer makes at some point in time... Signed-off-by: Adrian Bunk <bunk@kernel.org> Acked-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* | NetLabel: introduce a new kernel configuration API for NetLabelPaul Moore2008-02-055-3/+184
|/ | | | | | | | | | | | | | | Add a new set of configuration functions to the NetLabel/LSM API so that LSMs can perform their own configuration of the NetLabel subsystem without relying on assistance from userspace. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Reviewed-by: James Morris <jmorris@namei.org> Cc: Chris Wright <chrisw@sous-sol.org> Cc: Stephen Smalley <sds@tycho.nsa.gov> Cc: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* Merge git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux-2.6-for-linusLinus Torvalds2008-02-042-5/+32
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux-2.6-for-linus: (25 commits) virtio: balloon driver virtio: Use PCI revision field to indicate virtio PCI ABI version virtio: PCI device virtio_blk: implement naming for vda-vdz,vdaa-vdzz,vdaaa-vdzzz virtio_blk: Dont waste major numbers virtio_blk: provide getgeo virtio_net: parametrize the napi_weight for virtio receive queue. virtio: free transmit skbs when notified, not on next xmit. virtio: flush buffers on open virtnet: remove double ether_setup virtio: Allow virtio to be modular and used by modules virtio: Use the sg_phys convenience function. virtio: Put the virtio under the virtualization menu virtio: handle interrupts after callbacks turned off virtio: reset function virtio: populate network rings in the probe routine, not open virtio: Tweak virtio_net defines virtio: Net header needs hdr_len virtio: remove unused id field from struct virtio_blk_outhdr virtio: clarify NO_NOTIFY flag usage ...
OpenPOWER on IntegriCloud