summaryrefslogtreecommitdiffstats
path: root/net
AgeCommit message (Collapse)Author
2007-08-02Net/Security: fix memory leaks from security_secid_to_secctx()Paul Moore
The security_secid_to_secctx() function returns memory that must be freed by a call to security_release_secctx() which was not always happening. This patch fixes two of these problems (all that I could find in the kernel source at present). Signed-off-by: Paul Moore <paul.moore@hp.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
2007-07-31Merge branch 'master' of ↵Linus Torvalds
master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 * 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6: (41 commits) [RTNETLINK]: Fix warning for !CONFIG_KMOD [IPV4] ip_options.c: kmalloc + memset conversion to kzalloc [DECNET]: kmalloc + memset conversion to kzalloc [NET]: ethtool_perm_addr only has one implementation [NET]: ethtool ops are the only way [PPPOE]: Improve hashing function in hash_item(). [XFRM]: State selection update to use inner addresses. [IPSEC]: Ensure that state inner family is set [TCP]: Bidir flow must not disregard SACK blocks for lost marking [TCP]: Fix ratehalving with bidirectional flows [PPPOL2TP]: Add CONFIG_INET Kconfig dependency. [NET]: Page offsets and lengths need to be __u32. [AF_UNIX]: Make code static. [NETFILTER]: Make nf_ct_ipv6_skip_exthdr() static. [PKTGEN]: make get_ipsec_sa() static and non-inline [PPPoE]: move lock_sock() in pppoe_sendmsg() to the right location [PPPoX/E]: return ENOTTY on unknown ioctl requests [IPV6]: ipv6_addr_type() doesn't know about RFC4193 addresses. [NET]: Fix prio_tune() handling of root qdisc. [NET]: Fix sch_api to properly set sch->parent on the root. ...
2007-07-31fs: 9p/conv.c error path fixMariusz Kozlowski
When buf_check_overflow() returns != 0 we will hit kfree(ERR_PTR(err)) and it will not be happy about it. Signed-off-by: Mariusz Kozlowski <m.kozlowski@tuxland.pl> Cc: Latchesar Ionkov <lucho@ionkov.net> Cc: Eric Van Hensbergen <ericvh@ericvh.myip.org> Cc: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-07-31[RTNETLINK]: Fix warning for !CONFIG_KMODThomas Graf
replay label is unused otherwise. Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[IPV4] ip_options.c: kmalloc + memset conversion to kzallocMariusz Kozlowski
Signed-off-by: Mariusz Kozlowski <m.kozlowski@tuxland.pl> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[DECNET]: kmalloc + memset conversion to kzallocMariusz Kozlowski
Signed-off-by: Mariusz Kozlowski <m.kozlowski@tuxland.pl> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[NET]: ethtool_perm_addr only has one implementationMatthew Wilcox
All drivers implement ethtool get_perm_addr the same way -- by calling the generic function. So we can inline the generic function into the caller and avoid going through the drivers. Signed-off-by: Matthew Wilcox <matthew@wil.cx> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[NET]: ethtool ops are the only wayMatthew Wilcox
During the transition to the ethtool_ops way of doing things, we supported calling the device's ->do_ioctl method to allow unconverted drivers to continue working. Those days are long behind us, all in-tree drivers use the ethtool_ops way, and so we no longer need to support this. The bonding driver is the biggest beneficiary of this; it no longer needs to call ioctl() as a fallback if ethtool_ops aren't supported. Also put a proper copyright statement on ethtool.c. Signed-off-by: Matthew Wilcox <matthew@wil.cx> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[XFRM]: State selection update to use inner addresses.Joakim Koskela
This patch modifies the xfrm state selection logic to use the inner addresses where the outer have been (incorrectly) used. This is required for beet mode in general and interfamily setups in both tunnel and beet mode. Signed-off-by: Joakim Koskela <jookos@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Diego Beltrami <diego.beltrami@gmail.com> Signed-off-by: Miika Komu <miika@iki.fi> Acked-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[IPSEC]: Ensure that state inner family is setHerbert Xu
Similar to the issue we had with template families which specified the inner families of policies, we need to set the inner families of states as the main xfrm user Openswan leaves it as zero. af_key is unaffected because the inner family is set by it and not the KM. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[TCP]: Bidir flow must not disregard SACK blocks for lost markingIlpo Järvinen
It's possible that new SACK blocks that should trigger new LOST markings arrive with new data (which previously made is_dupack false). In addition, I think this fixes a case where we get a cumulative ACK with enough SACK blocks to trigger the fast recovery (is_dupack would be false there too). I'm not completely pleased with this solution because readability of the code is somewhat questionable as 'is_dupack' in SACK case is no longer about dupacks only but would mean something like 'lost_marker_work_todo' too... But because of Eifel stuff done in CA_Recovery, the FLAG_DATA_SACKED check cannot be placed to the if statement which seems attractive solution. Nevertheless, I didn't like adding another variable just for that either... :-) Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[TCP]: Fix ratehalving with bidirectional flowsIlpo Järvinen
Actually, the ratehalving seems to work too well, as cwnd is reduced on every second ACK even though the packets in flight remains unchanged. Recoveries in a bidirectional flows suffer quite badly because of this, both NewReno and SACK are affected. After this patch, rate halving is performed for ACK only if packets in flight was supposedly changed too. Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[AF_UNIX]: Make code static.Adrian Bunk
The following code can now become static: - struct unix_socket_table - unix_table_lock Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[NETFILTER]: Make nf_ct_ipv6_skip_exthdr() static.Adrian Bunk
nf_ct_ipv6_skip_exthdr() can now become static. Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[PKTGEN]: make get_ipsec_sa() static and non-inlineAdrian Bunk
Non-static inline code usually doesn't makes sense. In this case making is static and non-inline is the correct solution. Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[IPV6]: ipv6_addr_type() doesn't know about RFC4193 addresses.Dave Johnson
ipv6_addr_type() doesn't check for 'Unique Local IPv6 Unicast Addresses' (RFC4193) and returns IPV6_ADDR_RESERVED for that range. SCTP uses this function and will fail bind() and connect() calls that use RFC4193 addresses, SCTP will also ignore inbound connections from RFC4193 addresses if listening on IPV6_ADDR_ANY. There may be other users of ipv6_addr_type() that could also have problems. Signed-off-by: Dave Johnson <djohnson@sw.starentnetworks.com> Acked-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[NET]: Fix prio_tune() handling of root qdisc.Peter P Waskiewicz Jr
Fix the check in prio_tune() to see if sch->parent is TC_H_ROOT instead of sch->handle to load or reject the qdisc for multiqueue devices. Signed-off-by: Peter P Waskiewicz Jr <peter.p.waskiewicz.jr@intel.com> Acked-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[NET]: Fix sch_api to properly set sch->parent on the root.Patrick McHardy
Fix sch_api to correctly set sch->parent for both ingress and egress qdiscs in qdisc_create(). Signed-off-by: Patrick McHardy <trash@kaber.net> Signed-off-by: Peter P Waskiewicz Jr <peter.p.waskiewicz.jr@intel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[NET_SCHED]: Fix prio/ingress classification logic errorPatrick McHardy
Fix handling of empty or completely non-matching filter chains. In that case -1 is returned and tcf_result is uninitialized, the qdisc should fall back to default classification in that case. Noticed by PJ Waskiewicz <peter.p.waskiewicz.jr@intel.com>. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[IPV4/IPV6]: Fail registration if inet device construction failsHerbert Xu
Now that netdev notifications can fail, we can use this to signal errors during registration for IPv4/IPv6. In particular, if we fail to allocate memory for the inet device, we can fail the netdev registration. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[NET]: Allow netdev REGISTER/CHANGENAME events to failHerbert Xu
This patch adds code to allow errors to be passed up from event handlers of NETDEV_REGISTER and NETDEV_CHANGENAME. It also adds the notifier_from_errno/notifier_to_errnor helpers to pass the errno value up to the notifier caller. If an error is detected when a device is registered, it causes that operation to fail. A NETDEV_UNREGISTER will be sent to all event handlers. Similarly if NETDEV_CHANGENAME fails the original name is restored and a new NETDEV_CHANGENAME event is sent. As such all event handlers must be idempotent with respect to these events. When an event handler is registered NETDEV_REGISTER events are sent for all devices currently registered. Should any of them fail, we will send NETDEV_GOING_DOWN/NETDEV_DOWN/NETDEV_UNREGISTER events to that handler for the devices which have already been registered with it. The handler registration itself will fail. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[NET]: Take dev_base_lock when moving device name hash list entryHerbert Xu
When we added name-based hashing the dev_base_lock was designated as the lock to take when changing the name hash list. Unfortunately, because it was a preexisting lock that just happened to be taken in the right spots we neglected to take it in dev_change_name. The race can affect calles of __dev_get_by_name that do so without taking the RTNL. They may end up walking down the wrong hash chain and end up missing the device that they're looking for. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[NET]: Call uninit if necessary in register_netdeviceHerbert Xu
This patch makes register_netdevice call dev->uninit if the regsitration fails after dev->init has completed successfully. Very few drivers use the init/uninit calls but at least one (drivers/net/wan/sealevel.c) may leak without this change. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[IPVS]: Use skb_forward_csumHerbert Xu
As a path that forwards packets, IPVS should be using skb_forward_csum instead of directly setting ip_summed to CHECKSUM_NONE. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[PKTGEN]: Add missing KERN_* tags to printk()s.David S. Miller
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[BLUETOOTH] l2cap: don't mangle cmd.lenAl Viro
Since nobody uses it after we convert it to host-endian, no need to do that at all. At that point l2cap is endian-clean. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[BLUETOOTH]: pass (host-endian) cmd length as explicit argument to ↵Al Viro
l2cap_conf_req() Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[BLUETOOTH] l2cap: endianness annotationsAl Viro
no code changes, just documenting existing types Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[BLUETOOTH]: Fix endianness bug in l2cap_sock_listen()Al Viro
We loop through psm values, calling __l2cap_get_sock_by_addr(psm, ...) until we get NULL; then we set ->psm of our socket to htobs(psm). IOW, we find unused psm value and put it into our socket. So far, so good, but... __l2cap_get_sock_by_addr() compares its argument with ->psm of sockets. IOW, the entire thing works correctly only on little-endian. On big-endian we'll get "no socket with such psm" on the first iteration, since we won't find a socket with ->psm == 0x1001. We will happily conclude that 0x1001 is unused and slap htobs(0x1001) (i.e. 0x110) into ->psm of our socket. Of course, the next time around the same thing will repeat and we'll just get a fsckload of sockets with the same ->psm assigned. Fix: pass htobs(psm) to __l2cap_get_sock_by_addr() there. All other callers are already passing little-endian values and all places that store something in ->psm are storing little-endian. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[IRDA]: Fix rfcomm use-after-freeMarcel Holtmann
Adrian Bunk wrote: > Commit 8de0a15483b357d0f0b821330ec84d1660cadc4e added the following > use-after-free in net/bluetooth/rfcomm/tty.c: > > <-- snip --> > > ... > static int rfcomm_dev_add(struct rfcomm_dev_req *req, struct rfcomm_dlc *dlc) > { > ... > if (IS_ERR(dev->tty_dev)) { > list_del(&dev->list); > kfree(dev); > return PTR_ERR(dev->tty_dev); > } > ... > > <-- snip --> > > Spotted by the Coverity checker. really good catch. I fully overlooked that one. The attached patch should fix it. Signed-off-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[IPV6]: Don't update ADVMSS on routes where the MTU is not also updatedSimon Arlott
The ADVMSS value was incorrectly updated for ALL routes when the MTU is updated because it's outside the effect of the if statement's condition. Signed-off-by: Simon Arlott <simon@fire.lp0.eu> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[TIPC]: fix tipc_link_create error handlingFlorian Westphal
if printbuf allocation or tipc_node_attach_link() fails, invalid references to the link are left in the associated node and bearer structures. Fix by allocating printbuf early and moving timer initialization and the addition of the new link to the b_ptr->links list after tipc_node_attach_link() succeeded. Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[NET]: kernel-doc fixesRandy Dunlap
Fix kernel-doc omissions in net/: Warning(linux-2.6.23-rc1//net/core/dev.c:2728): No description found for parameter 'addr' Warning(linux-2.6.23-rc1//net/core/dev.c:2752): No description found for parameter 'addr' Warning(linux-2.6.23-rc1//net/core/dev.c:3839): No description found for parameter 'net_dma' Warning(linux-2.6.23-rc1//net/core/dev.c:3877): No description found for parameter 'state' Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[TCP]: htcp - use measured rttStephen Hemminger
Change HTCP to use measured RTT rather than smooth RTT. Srtt is computed using the TCP receive timestamp options, so it is vulnerable to hostile receivers. To avoid any problems this might cause use the measured RTT instead. Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[TCP]: cubic - eliminate use of receive time stampStephen Hemminger
Remove use of received timestamp option value from RTT calculation in Cubic. A hostile receiver may be returning a larger timestamp option than the original value. This would cause the sender to believe the malevolent receiver had a larger RTT and because Cubic tries to provide some RTT friendliness, the sender would then favor the liar. Instead, use the jiffie resolutionRTT value already computed and passed back after ack. Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-31[TCP]: congestion control API pass RTT in microsecondsStephen Hemminger
This patch changes the API for the callback that is done after an ACK is received. It solves a couple of issues: * Some congestion controls want higher resolution value of RTT (controlled by TCP_CONG_RTT_SAMPLE flag). These don't really want a ktime, but all compute a RTT in microseconds. * Other congestion control could use RTT at jiffies resolution. To keep API consistent the units should be the same for both cases, just the resolution should change. Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-27[S390] Convert to smp_call_function_single.Heiko Carstens
smp_call_function_single now has the same semantics as s390's smp_call_function_on. Therefore convert to the *single variant and get rid of some architecture specific code. Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com> Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2007-07-26net/* misc endianness annotationsAl Viro
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-07-26ip6_tunnel - endianness annotationsAl Viro
Convert rel_info to host-endian before calling ip6_tnl_err(). The things become much more straightforward that way. The key observation (and the reason why that code actually worked) is that after ip6_tnl_err() we either immediately bailed out or had rel_info set to 0 or had it set to host-endian and guaranteed to hit (rel_type == ICMP_DEST_UNREACH && rel_code == ICMP_FRAG_NEEDED) case. So inconsistent endianness didn't really lead to bugs, but it had been subtle and prone to breakage. New variant is saner and obviously safe. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-07-26netfilter endian regressionsAl Viro
no real bugs, just misannotations cropping up Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-07-25Cleanup non-arch xtime uses, use get_seconds() or current_kernel_time().john stultz
This avoids use of the kernel-internal "xtime" variable directly outside of the actual time-related functions. Instead, use the helper functions that we already have available to us. This doesn't actually change any behaviour, but this will allow us to fix the fact that "xtime" isn't updated very often with CONFIG_NO_HZ (because much of the realtime information is maintained as separate offsets to 'xtime'), which has caused interfaces that use xtime directly to get a time that is out of sync with the real-time clock by up to a third of a second or so. Signed-off-by: John Stultz <johnstul@us.ibm.com> Cc: Ingo Molnar <mingo@elte.hu> Cc: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-07-24[8021Q]: vlan_ioctl_handler: fix return valueAndrew Morton
net/8021q/vlan.c: In function 'vlan_ioctl_handler': net/8021q/vlan.c:700: warning: 'err' may be used uninitialized in this function The warning is incorrect, but from my reading this ioctl will return -EINVAL on success. Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-24[GENETLINK]: Correctly report errors while registering a multicast groupThomas Graf
Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-24[GENETLINK]: Fix adjustment of number of multicast groupsThomas Graf
The current calculation of the maximum number of genetlink multicast groups seems odd, fix it. Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-24[GENETLINK]: Fix race in genl_unregister_mc_groups()Thomas Graf
family->mcast_groups is protected by genl_lock so it must be held while accessing the list in genl_unregister_mc_groups(). Requires adding a non-locking variant of genl_unregister_mc_group(). Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-24[NETFILTER]: Clean up duplicate includes in net/netfilter/Jesper Juhl
This patch cleans up duplicate includes in net/netfilter/ Signed-off-by: Jesper Juhl <jesper.juhl@gmail.com> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-24[NETFILTER]: Clean up duplicate includes in net/bridge/Jesper Juhl
This patch cleans up duplicate includes in net/bridge/ Signed-off-by: Jesper Juhl <jesper.juhl@gmail.com> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-24[NETFILTER]: Fix logging regressionPatrick McHardy
Loading one of the LOG target fails if a different target has already registered itself as backend for the same family. This can affect the ipt_LOG and ipt_ULOG modules when both are loaded. Reported and tested by: <t.artem@mailcity.com> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-24[TCPv6] MD5SIG: Ensure to reset allocation count to avoid panic.YOSHIFUJI Hideaki
After clearing all passwords for IPv6 peers, we need to set allocation count to zero as well as we free the storage. Otherwise, we panic when a user trys to (re)add a password. Discovered and fixed by MIYAJIMA Mitsuharu <miyajima.mitsuharu@anchor.jp>. Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-24nfsd: fix possible oops on re-insertion of rpcsec_gss modulesJ. Bruce Fields
The handling of the re-registration case is wrong here; the "test" that was returned from auth_domain_lookup will not be used again, so that reference should be put. And auth_domain_lookup never did anything with "new" in this case, so we should just clean it up ourself. Thanks to Akinobu Mita for bug report, analysis, and testing. Cc: Akinobu Mita <akinobu.mita@gmail.com> Signed-off-by: "J. Bruce Fields" <bfields@citi.umich.edu> Cc: Neil Brown <neilb@suse.de> Cc: Trond Myklebust <trond.myklebust@fys.uio.no> Cc: <stable@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>