summaryrefslogtreecommitdiff
path: root/net
AgeCommit message (Collapse)Author
2007-08-07[NETFILTER]: ctnetlink: return EEXIST instead of EINVAL for existing nat'ed ↵Pablo Neira Ayuso
conntracks ctnetlink must return EEXIST for existing nat'ed conntracks instead of EINVAL. Only return EINVAL if we try to update a conntrack with NAT handlings (that is not allowed). Decadence:libnetfilter_conntrack/utils# ./conntrack_create_nat TEST: create conntrack (0)(Success) Decadence:libnetfilter_conntrack/utils# ./conntrack_create_nat TEST: create conntrack (-1)(Invalid argument) Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-08-07[NETFILTER]: ipt_recent: avoid a possible NULL pointer deref in ↵Jesper Juhl
recent_seq_open() If the call to seq_open() returns != 0 then the code calls kfree(st) but then on the very next line proceeds to dereference the pointer - not good. Problem spotted by the Coverity checker. Signed-off-by: Jesper Juhl <jesper.juhl@gmail.com> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-08-07Merge branch 'fixes-davem' of ↵David S. Miller
master.kernel.org:/pub/scm/linux/kernel/git/linville/wireless-2.6
2007-08-07[NET] net/core/utils: fix sparse warningJohannes Berg
net_msg_warn is not defined because it is in net/sock.h which isn't included. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-08-07[NetLabel]: add missing rcu_dereference() calls in the LSM domain mapping ↵Paul Moore
hash table The LSM domain mapping head table pointer was not being referenced via the RCU safe dereferencing function, rcu_dereference(). This patch adds those missing calls to the NetLabel code. This has been tested using recent linux-2.6 git kernels with no visible regressions. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-08-06[PATCH] mac80211: don't allow scanning in monitor modeDaniel Drake
zd1211rw gets confused when the user asks for a scan when the device is in monitor mode. This patch tightens up the SIWSCAN handler to deny the scan under these conditions. Signed-off-by: Daniel Drake <dsd@gentoo.org> Signed-off-by: Jiri Benc <jbenc@suse.cz> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2007-08-06[PATCH] mac80211: Fix sparse error for sta_last_seq_ctrl_readZhu Yi
Fix sparse error for sta_last_seq_ctrl_read. Signed-off-by: Zhu Yi <yi.zhu@intel.com> Signed-off-by: Jiri Benc <jbenc@suse.cz> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2007-08-06[PATCH] mac80211: use do { } while (0) for multi-line macrosZhu Yi
Use do { } while (0) for multi-line macros Signed-off-by: Zhu Yi <yi.zhu@intel.com> Signed-off-by: Jiri Benc <jbenc@suse.cz> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2007-08-06[PATCH] mac80211: missing dev_put in ieee80211_master_start_xmitDaniel Drake
Fixes an unlikely reference leak condition. Signed-off-by: Daniel Drake <dsd@gentoo.org> Signed-off-by: Jiri Benc <jbenc@suse.cz> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2007-08-02[TCP]: DSACK signals data receival, be conservativeIlpo Järvinen
In case a DSACK is received, it's better to lower cwnd as it's a sign of data receival. Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-08-02[TCP]: Also handle snd_una changes in tcp_cwnd_downIlpo Järvinen
tcp_cwnd_down must check for it too as it should be conservative in case of collapse stuff and also when receiver is trying to lie (though that wouldn't be very successful/useful anyway). Note: - Separated also is_dupack and do_lost in fast_retransalert * Much cleaner look-and-feel now * This time it really fixes cumulative ACK with many new SACK blocks recovery entry (I claimed this fixes with last patch but it wasn't). TCP will now call tcp_update_scoreboard regardless of is_dupack when in recovery as long as there is enough fackets_out. - Introduce FLAG_SND_UNA_ADVANCED * Some prior_snd_una arguments are unnecessary after it - Added helper FLAG_ANY_PROGRESS to avoid long FLAG...|FLAG... constructs Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-08-02Merge davem@master.kernel.org:/pub/scm/linux/kernel/git/vxy/lksctp-devDavid S. Miller
2007-08-02[TIPC]: Fix two minor sparse warnings.Florian Westphal
fix two warnings generated by sparse: link.c:2386 symbol 'msgcount' shadows an earlier one node.c:244 symbol 'addr_string' shadows an earlier one Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-08-02[TIPC]: Make function tipc_nameseq_subscribe static.Florian Westphal
make needlessly global function tipc_nameseq_subscribe static. Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-08-02[PF_KEY]: Fix ipsec not working in 2.6.23-rc1-git10Joy Latten
Although an ipsec SA was established, kernel couldn't seem to find it. I think since we are now using "x->sel.family" instead of "family" in the xfrm_selector_match() called in xfrm_state_find(), af_key needs to set this field too, just as xfrm_user. In af_key.c, x->sel.family only gets set when there's an ext_hdrs[SADB_EXT_ADDRESS_PROXY-1] which I think is for tunnel. I think pfkey needs to also set the x->sel.family field when it is 0. Tested with below patch, and ipsec worked when using pfkey. Signed-off-by: David S. Miller <davem@davemloft.net>
2007-08-02[TCP]: Invoke tcp_sendmsg() directly, do not use inet_sendmsg().David S. Miller
As discovered by Evegniy Polyakov, if we try to sendmsg after a connection reset, we can do incredibly stupid things. The core issue is that inet_sendmsg() tries to autobind the socket, but we should never do that for TCP. Instead we should just go straight into TCP's sendmsg() code which will do all of the necessary state and pending socket error checks. TCP's sendpage already directly vectors to tcp_sendpage(), so this merely brings sendmsg() in line with that. Signed-off-by: David S. Miller <davem@davemloft.net>
2007-08-02[IPV4] route.c: mostly kmalloc + memset conversion to k[cz]allocMariusz Kozlowski
Signed-off-by: Mariusz Kozlowski <m.kozlowski@tuxland.pl> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-08-02[IPV4] raw.c: kmalloc + memset conversion to kzallocMariusz Kozlowski
Signed-off-by: Mariusz Kozlowski <m.kozlowski@tuxland.pl> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-08-02[NETFILTER] nf_conntrack_l3proto_ipv4_compat.c: kmalloc + memset conversion ↵Mariusz Kozlowski
to kzalloc Signed-off-by: Mariusz Kozlowski <m.kozlowski@tuxland.pl> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-08-02[NETFILTER] nf_conntrack_expect.c: kmalloc + memset conversion to kzallocMariusz Kozlowski
Signed-off-by: Mariusz Kozlowski <m.kozlowski@tuxland.pl> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-08-02[NET]: Removal of duplicated include net/wanrouter/wanmain.cMichal Piotrowski
Signed-off-by: Michal Piotrowski <michal.k.k.piotrowski@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-08-02Net/Security: fix memory leaks from security_secid_to_secctx()Paul Moore
The security_secid_to_secctx() function returns memory that must be freed by a call to security_release_secctx() which was not always happening. This patch fixes two of these problems (all that I could find in the kernel source at present). Signed-off-by: Paul Moore <paul.moore@hp.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
2007-08-02SCTP: remove useless code in function sctp_init_causeWei Yongjun
Some code in function sctp_init_cause() seem useless, this patch remove them. Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
2007-08-02SCTP: drop SACK if ctsn is not less than the next tsn of assocWei Yongjun
We need to drop the SACK if the peer is attempting to acknowledge unset data, i.e. the CTSN in the SACK is greater or equal to the next TSN we will send. Example: Endpoint A Endpoint B <--------------- DATA (TSN=1) SACK(TSN=1) ---------------> <--------------- DATA (TSN=2) <--------------- DATA (TSN=3) <--------------- DATA (TSN=4) <--------------- DATA (TSN=5) SACK(TSN=1000) ---------------> <--------------- DATA (TSN=6) <--------------- DATA (TSN=7) Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
2007-08-01SCTP: IPv4 mapped addr not returned in SCTPv6 accept()Vlad Yasevich
When issuing a connect call on an AF_INET6 sctp socket with a IPv4-mapped destination, the peer address that is returned by getpeeraddr() should be v4-mapped as well. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
2007-08-01SCTP: IPv4 mapped addr not returned in SCTPv6 accept()Dave Johnson
An accept() call on a SCTPv6 socket that returns due to connection of a IPv4 mapped peer will fill out the 'struct sockaddr' with a zero IPv6 address instead of the IPv4 mapped address of the peer. This is due to the v4mapped flag not getting copied into the new socket on accept() as well as a missing check for INET6 socket type in sctp_v4_to_sk_*addr(). Signed-off-by: Dave Johnson <djohnson@sw.starentnetworks.com> Cc: Srinivas Akkipeddi <sakkiped@starentnetworks.com> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
2007-08-01sctp: fix shadow symbol in net/sctp/tsnmap.cSebastian Siewior
net/sctp/tsnmap.c:164:16: warning: symbol '_end' shadows an earlier one include/asm-generic/sections.h:13:13: originally declared here Renamed renamed _end to end_ and _start (for consistence). Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
2007-08-01sctp: try to fix readlockSebastian Siewior
unlock the reader lock in error case. Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
2007-08-01sctp: remove shadowed symbolssebastian@breakpoint.cc
Fixes the following sparse warnings: net/sctp/sm_make_chunk.c:1457:9: warning: symbol 'len' shadows an earlier one net/sctp/sm_make_chunk.c:1356:23: originally declared here net/sctp/socket.c:1534:22: warning: symbol 'chunk' shadows an earlier one net/sctp/socket.c:1387:20: originally declared here Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
2007-08-01sctp: move global declaration to header file.sebastian@breakpoint.cc
sctp_chunk_cachep & sctp_bucket_cachep is used module global, so move it to a header file. Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
2007-08-01sctp: make locally used function staticsebastian@breakpoint.cc
Forward declarion is static, the function itself is not. Make it consistent. Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
2007-07-31Merge branch 'master' of ↵Linus Torvalds
master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 * 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6: (41 commits) [RTNETLINK]: Fix warning for !CONFIG_KMOD [IPV4] ip_options.c: kmalloc + memset conversion to kzalloc [DECNET]: kmalloc + memset conversion to kzalloc [NET]: ethtool_perm_addr only has one implementation [NET]: ethtool ops are the only way [PPPOE]: Improve hashing function in hash_item(). [XFRM]: State selection update to use inner addresses. [IPSEC]: Ensure that state inner family is set [TCP]: Bidir flow must not disregard SACK blocks for lost marking [TCP]: Fix ratehalving with bidirectional flows [PPPOL2TP]: Add CONFIG_INET Kconfig dependency. [NET]: Page offsets and lengths need to be __u32. [AF_UNIX]: Make code static. [NETFILTER]: Make nf_ct_ipv6_skip_exthdr() static. [PKTGEN]: make get_ipsec_sa() static and non-inline [PPPoE]: move lock_sock() in pppoe_sendmsg() to the right location [PPPoX/E]: return ENOTTY on unknown ioctl requests [IPV6]: ipv6_addr_type() doesn't know about RFC4193 addresses. [NET]: Fix prio_tune() handling of root qdisc. [NET]: Fix sch_api to properly set sch->parent on the root. ...
2007-07-31fs: 9p/conv.c error path fixMariusz Kozlowski
When buf_check_overflow() returns != 0 we will hit kfree(ERR_PTR(err)) and it will not be happy about it. Signed-off-by: Mariusz Kozlowski <m.kozlowski@tuxland.pl> Cc: Latchesar Ionkov <lucho@ionkov.net> Cc: Eric Van Hensbergen <ericvh@ericvh.myip.org> Cc: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-07-31[RTNETLINK]: Fix warning for !CONFIG_KMODThomas Graf
replay label is unused otherwise. Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[IPV4] ip_options.c: kmalloc + memset conversion to kzallocMariusz Kozlowski
Signed-off-by: Mariusz Kozlowski <m.kozlowski@tuxland.pl> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[DECNET]: kmalloc + memset conversion to kzallocMariusz Kozlowski
Signed-off-by: Mariusz Kozlowski <m.kozlowski@tuxland.pl> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[NET]: ethtool_perm_addr only has one implementationMatthew Wilcox
All drivers implement ethtool get_perm_addr the same way -- by calling the generic function. So we can inline the generic function into the caller and avoid going through the drivers. Signed-off-by: Matthew Wilcox <matthew@wil.cx> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[NET]: ethtool ops are the only wayMatthew Wilcox
During the transition to the ethtool_ops way of doing things, we supported calling the device's ->do_ioctl method to allow unconverted drivers to continue working. Those days are long behind us, all in-tree drivers use the ethtool_ops way, and so we no longer need to support this. The bonding driver is the biggest beneficiary of this; it no longer needs to call ioctl() as a fallback if ethtool_ops aren't supported. Also put a proper copyright statement on ethtool.c. Signed-off-by: Matthew Wilcox <matthew@wil.cx> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[XFRM]: State selection update to use inner addresses.Joakim Koskela
This patch modifies the xfrm state selection logic to use the inner addresses where the outer have been (incorrectly) used. This is required for beet mode in general and interfamily setups in both tunnel and beet mode. Signed-off-by: Joakim Koskela <jookos@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Diego Beltrami <diego.beltrami@gmail.com> Signed-off-by: Miika Komu <miika@iki.fi> Acked-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[IPSEC]: Ensure that state inner family is setHerbert Xu
Similar to the issue we had with template families which specified the inner families of policies, we need to set the inner families of states as the main xfrm user Openswan leaves it as zero. af_key is unaffected because the inner family is set by it and not the KM. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[TCP]: Bidir flow must not disregard SACK blocks for lost markingIlpo Järvinen
It's possible that new SACK blocks that should trigger new LOST markings arrive with new data (which previously made is_dupack false). In addition, I think this fixes a case where we get a cumulative ACK with enough SACK blocks to trigger the fast recovery (is_dupack would be false there too). I'm not completely pleased with this solution because readability of the code is somewhat questionable as 'is_dupack' in SACK case is no longer about dupacks only but would mean something like 'lost_marker_work_todo' too... But because of Eifel stuff done in CA_Recovery, the FLAG_DATA_SACKED check cannot be placed to the if statement which seems attractive solution. Nevertheless, I didn't like adding another variable just for that either... :-) Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[TCP]: Fix ratehalving with bidirectional flowsIlpo Järvinen
Actually, the ratehalving seems to work too well, as cwnd is reduced on every second ACK even though the packets in flight remains unchanged. Recoveries in a bidirectional flows suffer quite badly because of this, both NewReno and SACK are affected. After this patch, rate halving is performed for ACK only if packets in flight was supposedly changed too. Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[AF_UNIX]: Make code static.Adrian Bunk
The following code can now become static: - struct unix_socket_table - unix_table_lock Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[NETFILTER]: Make nf_ct_ipv6_skip_exthdr() static.Adrian Bunk
nf_ct_ipv6_skip_exthdr() can now become static. Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[PKTGEN]: make get_ipsec_sa() static and non-inlineAdrian Bunk
Non-static inline code usually doesn't makes sense. In this case making is static and non-inline is the correct solution. Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[IPV6]: ipv6_addr_type() doesn't know about RFC4193 addresses.Dave Johnson
ipv6_addr_type() doesn't check for 'Unique Local IPv6 Unicast Addresses' (RFC4193) and returns IPV6_ADDR_RESERVED for that range. SCTP uses this function and will fail bind() and connect() calls that use RFC4193 addresses, SCTP will also ignore inbound connections from RFC4193 addresses if listening on IPV6_ADDR_ANY. There may be other users of ipv6_addr_type() that could also have problems. Signed-off-by: Dave Johnson <djohnson@sw.starentnetworks.com> Acked-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[NET]: Fix prio_tune() handling of root qdisc.Peter P Waskiewicz Jr
Fix the check in prio_tune() to see if sch->parent is TC_H_ROOT instead of sch->handle to load or reject the qdisc for multiqueue devices. Signed-off-by: Peter P Waskiewicz Jr <peter.p.waskiewicz.jr@intel.com> Acked-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[NET]: Fix sch_api to properly set sch->parent on the root.Patrick McHardy
Fix sch_api to correctly set sch->parent for both ingress and egress qdiscs in qdisc_create(). Signed-off-by: Patrick McHardy <trash@kaber.net> Signed-off-by: Peter P Waskiewicz Jr <peter.p.waskiewicz.jr@intel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[NET_SCHED]: Fix prio/ingress classification logic errorPatrick McHardy
Fix handling of empty or completely non-matching filter chains. In that case -1 is returned and tcf_result is uninitialized, the qdisc should fall back to default classification in that case. Noticed by PJ Waskiewicz <peter.p.waskiewicz.jr@intel.com>. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[IPV4/IPV6]: Fail registration if inet device construction failsHerbert Xu
Now that netdev notifications can fail, we can use this to signal errors during registration for IPv4/IPv6. In particular, if we fail to allocate memory for the inet device, we can fail the netdev registration. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>