aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2012-07-03 21:01:54 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2012-07-03 21:01:54 -0400
commit5672874889a8e9f3049eefb57e0eb41dd6fa83a7 (patch)
treeb27216f1f584e12bf053340ed2cefb98a8f3c515 /net
parentdab058fd5ff834cb3b9de1d930ce731a605eb0c6 (diff)
parent2e1706f234f86ff71056ef69683d734fbf7e9e40 (diff)
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Pull networking update from David Miller: 1) Fix RX sequence number handling in mwifiex, from Stone Piao. 2) Netfilter ipset mis-compares device names, fix from Florian Westphal. 3) Fix route leak in ipv6 IPVS, from Eric Dumazet. 4) NFS fixes. Several buffer overflows in NCI layer from Dan Rosenberg, and release sock OOPS'er fix from Eric Dumazet. 5) Fix WEP handling ath9k, we started using a bit the chip provides to indicate undecrypted packets but that bit turns out to be unreliable in certain configurations. Fix from Felix Fietkau. 6) Fix Kconfig dependency bug in wlcore, from Randy Dunlap. 7) New USB IDs for rtlwifi driver from Larry Finger. 8) Fix crashes in qmi_wwan usbnet driver when disconnecting, from Bjørn Mork. 9) Gianfar driver programs coalescing settings properly in single queue mode, but does not do so in multi-queue mode. Fix from Claudiu Manoil. 10) Missing module.h include in davinci_cpdma.c, from Daniel Mack. 11) Need dummy handler for IPSET_CMD_NONE otherwise we crash in ipset if we get this via nfnetlink, fix from Tomasz Bursztyka. 12) Missing RCU unlock in nfnetlink error path, also from Tomasz. 13) Fix divide by zero in igbvf when the user tries to set an RX coalescing value of 0 usecs, from Mitch A Williams. 14) We can process SCTP sacks for the wrong transport, oops. Fix from Neil Horman. 15) Remove hw IP payload checksumming from e1000e driver. This has zery value in our stack, and turning it on creates a very unintuitive restriction for users when using jumbo MTUs. Specifically, when IP payload checksums are on you cannot use both receive hashing offload and jumbo MTU. Fix from Bruce Allan. * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (27 commits) e1000e: remove use of IP payload checksum sctp: be more restrictive in transport selection on bundled sacks igbvf: fix divide by zero netfilter: nfnetlink: fix missing rcu_read_unlock in nfnetlink_rcv_msg netfilter: ipset: fix crash if IPSET_CMD_NONE command is sent davinci_cpdma: include linux/module.h gianfar: Fix RXICr/TXICr programming for multi-queue mode net: Downgrade CAP_SYS_MODULE deprecated message from error to warning. net: qmi_wwan: fix Oops while disconnecting mwifiex: fix memory leak associated with IE manamgement ath9k: fix panic caused by returning a descriptor we have queued for reuse mac80211: correct behaviour on unrecognised action frames ath9k: enable serialize_regmode for non-PCIE AR9287 rtlwifi: rtl8192cu: New USB IDs NFC: Return from rawsock_release when sk is NULL iwlwifi: fix activating inactive stations wlcore: drop INET dependency ath9k: fix dynamic WEP related regression NFC: Prevent multiple buffer overflows in NCI netfilter: update location of my trees ...
Diffstat (limited to 'net')
-rw-r--r--net/core/dev.c4
-rw-r--r--net/mac80211/mlme.c13
-rw-r--r--net/mac80211/rx.c5
-rw-r--r--net/netfilter/ipset/ip_set_core.c12
-rw-r--r--net/netfilter/ipset/ip_set_hash_netiface.c32
-rw-r--r--net/netfilter/ipvs/ip_vs_ctl.c14
-rw-r--r--net/netfilter/nfnetlink.c4
-rw-r--r--net/nfc/nci/ntf.c10
-rw-r--r--net/nfc/rawsock.c5
-rw-r--r--net/sctp/associola.c1
-rw-r--r--net/sctp/output.c5
-rw-r--r--net/sctp/sm_make_chunk.c16
-rw-r--r--net/sctp/sm_sideeffect.c2
-rw-r--r--net/sctp/transport.c2
-rw-r--r--net/sctp/tsnmap.c6
-rw-r--r--net/sctp/ulpevent.c3
-rw-r--r--net/sctp/ulpqueue.c2
17 files changed, 80 insertions, 56 deletions
diff --git a/net/core/dev.c b/net/core/dev.c
index 6df214041a5e..84f01ba81a34 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -1136,8 +1136,8 @@ void dev_load(struct net *net, const char *name)
1136 no_module = request_module("netdev-%s", name); 1136 no_module = request_module("netdev-%s", name);
1137 if (no_module && capable(CAP_SYS_MODULE)) { 1137 if (no_module && capable(CAP_SYS_MODULE)) {
1138 if (!request_module("%s", name)) 1138 if (!request_module("%s", name))
1139 pr_err("Loading kernel module for a network device with CAP_SYS_MODULE (deprecated). Use CAP_NET_ADMIN and alias netdev-%s instead.\n", 1139 pr_warn("Loading kernel module for a network device with CAP_SYS_MODULE (deprecated). Use CAP_NET_ADMIN and alias netdev-%s instead.\n",
1140 name); 1140 name);
1141 } 1141 }
1142} 1142}
1143EXPORT_SYMBOL(dev_load); 1143EXPORT_SYMBOL(dev_load);
diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
index 66e4fcdd1c6b..a4bb856de08f 100644
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -1342,7 +1342,6 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
1342 struct ieee80211_local *local = sdata->local; 1342 struct ieee80211_local *local = sdata->local;
1343 struct sta_info *sta; 1343 struct sta_info *sta;
1344 u32 changed = 0; 1344 u32 changed = 0;
1345 u8 bssid[ETH_ALEN];
1346 1345
1347 ASSERT_MGD_MTX(ifmgd); 1346 ASSERT_MGD_MTX(ifmgd);
1348 1347
@@ -1354,10 +1353,7 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
1354 1353
1355 ieee80211_stop_poll(sdata); 1354 ieee80211_stop_poll(sdata);
1356 1355
1357 memcpy(bssid, ifmgd->associated->bssid, ETH_ALEN);
1358
1359 ifmgd->associated = NULL; 1356 ifmgd->associated = NULL;
1360 memset(ifmgd->bssid, 0, ETH_ALEN);
1361 1357
1362 /* 1358 /*
1363 * we need to commit the associated = NULL change because the 1359 * we need to commit the associated = NULL change because the
@@ -1377,7 +1373,7 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
1377 netif_carrier_off(sdata->dev); 1373 netif_carrier_off(sdata->dev);
1378 1374
1379 mutex_lock(&local->sta_mtx); 1375 mutex_lock(&local->sta_mtx);
1380 sta = sta_info_get(sdata, bssid); 1376 sta = sta_info_get(sdata, ifmgd->bssid);
1381 if (sta) { 1377 if (sta) {
1382 set_sta_flag(sta, WLAN_STA_BLOCK_BA); 1378 set_sta_flag(sta, WLAN_STA_BLOCK_BA);
1383 ieee80211_sta_tear_down_BA_sessions(sta, tx); 1379 ieee80211_sta_tear_down_BA_sessions(sta, tx);
@@ -1386,13 +1382,16 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
1386 1382
1387 /* deauthenticate/disassociate now */ 1383 /* deauthenticate/disassociate now */
1388 if (tx || frame_buf) 1384 if (tx || frame_buf)
1389 ieee80211_send_deauth_disassoc(sdata, bssid, stype, reason, 1385 ieee80211_send_deauth_disassoc(sdata, ifmgd->bssid, stype,
1390 tx, frame_buf); 1386 reason, tx, frame_buf);
1391 1387
1392 /* flush out frame */ 1388 /* flush out frame */
1393 if (tx) 1389 if (tx)
1394 drv_flush(local, false); 1390 drv_flush(local, false);
1395 1391
1392 /* clear bssid only after building the needed mgmt frames */
1393 memset(ifmgd->bssid, 0, ETH_ALEN);
1394
1396 /* remove AP and TDLS peers */ 1395 /* remove AP and TDLS peers */
1397 sta_info_flush(local, sdata); 1396 sta_info_flush(local, sdata);
1398 1397
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index 7bcecf73aafb..965e6ec0adb6 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -2455,7 +2455,7 @@ ieee80211_rx_h_action_return(struct ieee80211_rx_data *rx)
2455 * frames that we didn't handle, including returning unknown 2455 * frames that we didn't handle, including returning unknown
2456 * ones. For all other modes we will return them to the sender, 2456 * ones. For all other modes we will return them to the sender,
2457 * setting the 0x80 bit in the action category, as required by 2457 * setting the 0x80 bit in the action category, as required by
2458 * 802.11-2007 7.3.1.11. 2458 * 802.11-2012 9.24.4.
2459 * Newer versions of hostapd shall also use the management frame 2459 * Newer versions of hostapd shall also use the management frame
2460 * registration mechanisms, but older ones still use cooked 2460 * registration mechanisms, but older ones still use cooked
2461 * monitor interfaces so push all frames there. 2461 * monitor interfaces so push all frames there.
@@ -2465,6 +2465,9 @@ ieee80211_rx_h_action_return(struct ieee80211_rx_data *rx)
2465 sdata->vif.type == NL80211_IFTYPE_AP_VLAN)) 2465 sdata->vif.type == NL80211_IFTYPE_AP_VLAN))
2466 return RX_DROP_MONITOR; 2466 return RX_DROP_MONITOR;
2467 2467
2468 if (is_multicast_ether_addr(mgmt->da))
2469 return RX_DROP_MONITOR;
2470
2468 /* do not return rejected action frames */ 2471 /* do not return rejected action frames */
2469 if (mgmt->u.action.category & 0x80) 2472 if (mgmt->u.action.category & 0x80)
2470 return RX_DROP_UNUSABLE; 2473 return RX_DROP_UNUSABLE;
diff --git a/net/netfilter/ipset/ip_set_core.c b/net/netfilter/ipset/ip_set_core.c
index 819c342f5b30..9730882697aa 100644
--- a/net/netfilter/ipset/ip_set_core.c
+++ b/net/netfilter/ipset/ip_set_core.c
@@ -640,6 +640,14 @@ find_free_id(const char *name, ip_set_id_t *index, struct ip_set **set)
640} 640}
641 641
642static int 642static int
643ip_set_none(struct sock *ctnl, struct sk_buff *skb,
644 const struct nlmsghdr *nlh,
645 const struct nlattr * const attr[])
646{
647 return -EOPNOTSUPP;
648}
649
650static int
643ip_set_create(struct sock *ctnl, struct sk_buff *skb, 651ip_set_create(struct sock *ctnl, struct sk_buff *skb,
644 const struct nlmsghdr *nlh, 652 const struct nlmsghdr *nlh,
645 const struct nlattr * const attr[]) 653 const struct nlattr * const attr[])
@@ -1539,6 +1547,10 @@ nlmsg_failure:
1539} 1547}
1540 1548
1541static const struct nfnl_callback ip_set_netlink_subsys_cb[IPSET_MSG_MAX] = { 1549static const struct nfnl_callback ip_set_netlink_subsys_cb[IPSET_MSG_MAX] = {
1550 [IPSET_CMD_NONE] = {
1551 .call = ip_set_none,
1552 .attr_count = IPSET_ATTR_CMD_MAX,
1553 },
1542 [IPSET_CMD_CREATE] = { 1554 [IPSET_CMD_CREATE] = {
1543 .call = ip_set_create, 1555 .call = ip_set_create,
1544 .attr_count = IPSET_ATTR_CMD_MAX, 1556 .attr_count = IPSET_ATTR_CMD_MAX,
diff --git a/net/netfilter/ipset/ip_set_hash_netiface.c b/net/netfilter/ipset/ip_set_hash_netiface.c
index ee863943c826..d5d3607ae7bc 100644
--- a/net/netfilter/ipset/ip_set_hash_netiface.c
+++ b/net/netfilter/ipset/ip_set_hash_netiface.c
@@ -38,30 +38,6 @@ struct iface_node {
38 38
39#define iface_data(n) (rb_entry(n, struct iface_node, node)->iface) 39#define iface_data(n) (rb_entry(n, struct iface_node, node)->iface)
40 40
41static inline long
42ifname_compare(const char *_a, const char *_b)
43{
44 const long *a = (const long *)_a;
45 const long *b = (const long *)_b;
46
47 BUILD_BUG_ON(IFNAMSIZ > 4 * sizeof(unsigned long));
48 if (a[0] != b[0])
49 return a[0] - b[0];
50 if (IFNAMSIZ > sizeof(long)) {
51 if (a[1] != b[1])
52 return a[1] - b[1];
53 }
54 if (IFNAMSIZ > 2 * sizeof(long)) {
55 if (a[2] != b[2])
56 return a[2] - b[2];
57 }
58 if (IFNAMSIZ > 3 * sizeof(long)) {
59 if (a[3] != b[3])
60 return a[3] - b[3];
61 }
62 return 0;
63}
64
65static void 41static void
66rbtree_destroy(struct rb_root *root) 42rbtree_destroy(struct rb_root *root)
67{ 43{
@@ -99,7 +75,7 @@ iface_test(struct rb_root *root, const char **iface)
99 75
100 while (n) { 76 while (n) {
101 const char *d = iface_data(n); 77 const char *d = iface_data(n);
102 long res = ifname_compare(*iface, d); 78 int res = strcmp(*iface, d);
103 79
104 if (res < 0) 80 if (res < 0)
105 n = n->rb_left; 81 n = n->rb_left;
@@ -121,7 +97,7 @@ iface_add(struct rb_root *root, const char **iface)
121 97
122 while (*n) { 98 while (*n) {
123 char *ifname = iface_data(*n); 99 char *ifname = iface_data(*n);
124 long res = ifname_compare(*iface, ifname); 100 int res = strcmp(*iface, ifname);
125 101
126 p = *n; 102 p = *n;
127 if (res < 0) 103 if (res < 0)
@@ -366,7 +342,7 @@ hash_netiface4_uadt(struct ip_set *set, struct nlattr *tb[],
366 struct hash_netiface4_elem data = { .cidr = HOST_MASK }; 342 struct hash_netiface4_elem data = { .cidr = HOST_MASK };
367 u32 ip = 0, ip_to, last; 343 u32 ip = 0, ip_to, last;
368 u32 timeout = h->timeout; 344 u32 timeout = h->timeout;
369 char iface[IFNAMSIZ] = {}; 345 char iface[IFNAMSIZ];
370 int ret; 346 int ret;
371 347
372 if (unlikely(!tb[IPSET_ATTR_IP] || 348 if (unlikely(!tb[IPSET_ATTR_IP] ||
@@ -663,7 +639,7 @@ hash_netiface6_uadt(struct ip_set *set, struct nlattr *tb[],
663 ipset_adtfn adtfn = set->variant->adt[adt]; 639 ipset_adtfn adtfn = set->variant->adt[adt];
664 struct hash_netiface6_elem data = { .cidr = HOST_MASK }; 640 struct hash_netiface6_elem data = { .cidr = HOST_MASK };
665 u32 timeout = h->timeout; 641 u32 timeout = h->timeout;
666 char iface[IFNAMSIZ] = {}; 642 char iface[IFNAMSIZ];
667 int ret; 643 int ret;
668 644
669 if (unlikely(!tb[IPSET_ATTR_IP] || 645 if (unlikely(!tb[IPSET_ATTR_IP] ||
diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c
index dd811b8dd97c..d43e3c122f7b 100644
--- a/net/netfilter/ipvs/ip_vs_ctl.c
+++ b/net/netfilter/ipvs/ip_vs_ctl.c
@@ -76,19 +76,19 @@ static void __ip_vs_del_service(struct ip_vs_service *svc);
76 76
77#ifdef CONFIG_IP_VS_IPV6 77#ifdef CONFIG_IP_VS_IPV6
78/* Taken from rt6_fill_node() in net/ipv6/route.c, is there a better way? */ 78/* Taken from rt6_fill_node() in net/ipv6/route.c, is there a better way? */
79static int __ip_vs_addr_is_local_v6(struct net *net, 79static bool __ip_vs_addr_is_local_v6(struct net *net,
80 const struct in6_addr *addr) 80 const struct in6_addr *addr)
81{ 81{
82 struct rt6_info *rt;
83 struct flowi6 fl6 = { 82 struct flowi6 fl6 = {
84 .daddr = *addr, 83 .daddr = *addr,
85 }; 84 };
85 struct dst_entry *dst = ip6_route_output(net, NULL, &fl6);
86 bool is_local;
86 87
87 rt = (struct rt6_info *)ip6_route_output(net, NULL, &fl6); 88 is_local = !dst->error && dst->dev && (dst->dev->flags & IFF_LOOPBACK);
88 if (rt && rt->dst.dev && (rt->dst.dev->flags & IFF_LOOPBACK))
89 return 1;
90 89
91 return 0; 90 dst_release(dst);
91 return is_local;
92} 92}
93#endif 93#endif
94 94
diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c
index 3e797d1fcb94..791d56bbd74a 100644
--- a/net/netfilter/nfnetlink.c
+++ b/net/netfilter/nfnetlink.c
@@ -169,8 +169,10 @@ replay:
169 169
170 err = nla_parse(cda, ss->cb[cb_id].attr_count, 170 err = nla_parse(cda, ss->cb[cb_id].attr_count,
171 attr, attrlen, ss->cb[cb_id].policy); 171 attr, attrlen, ss->cb[cb_id].policy);
172 if (err < 0) 172 if (err < 0) {
173 rcu_read_unlock();
173 return err; 174 return err;
175 }
174 176
175 if (nc->call_rcu) { 177 if (nc->call_rcu) {
176 err = nc->call_rcu(net->nfnl, skb, nlh, 178 err = nc->call_rcu(net->nfnl, skb, nlh,
diff --git a/net/nfc/nci/ntf.c b/net/nfc/nci/ntf.c
index cb2646179e5f..2ab196a9f228 100644
--- a/net/nfc/nci/ntf.c
+++ b/net/nfc/nci/ntf.c
@@ -106,7 +106,7 @@ static __u8 *nci_extract_rf_params_nfca_passive_poll(struct nci_dev *ndev,
106 nfca_poll->sens_res = __le16_to_cpu(*((__u16 *)data)); 106 nfca_poll->sens_res = __le16_to_cpu(*((__u16 *)data));
107 data += 2; 107 data += 2;
108 108
109 nfca_poll->nfcid1_len = *data++; 109 nfca_poll->nfcid1_len = min_t(__u8, *data++, NFC_NFCID1_MAXSIZE);
110 110
111 pr_debug("sens_res 0x%x, nfcid1_len %d\n", 111 pr_debug("sens_res 0x%x, nfcid1_len %d\n",
112 nfca_poll->sens_res, nfca_poll->nfcid1_len); 112 nfca_poll->sens_res, nfca_poll->nfcid1_len);
@@ -130,7 +130,7 @@ static __u8 *nci_extract_rf_params_nfcb_passive_poll(struct nci_dev *ndev,
130 struct rf_tech_specific_params_nfcb_poll *nfcb_poll, 130 struct rf_tech_specific_params_nfcb_poll *nfcb_poll,
131 __u8 *data) 131 __u8 *data)
132{ 132{
133 nfcb_poll->sensb_res_len = *data++; 133 nfcb_poll->sensb_res_len = min_t(__u8, *data++, NFC_SENSB_RES_MAXSIZE);
134 134
135 pr_debug("sensb_res_len %d\n", nfcb_poll->sensb_res_len); 135 pr_debug("sensb_res_len %d\n", nfcb_poll->sensb_res_len);
136 136
@@ -145,7 +145,7 @@ static __u8 *nci_extract_rf_params_nfcf_passive_poll(struct nci_dev *ndev,
145 __u8 *data) 145 __u8 *data)
146{ 146{
147 nfcf_poll->bit_rate = *data++; 147 nfcf_poll->bit_rate = *data++;
148 nfcf_poll->sensf_res_len = *data++; 148 nfcf_poll->sensf_res_len = min_t(__u8, *data++, NFC_SENSF_RES_MAXSIZE);
149 149
150 pr_debug("bit_rate %d, sensf_res_len %d\n", 150 pr_debug("bit_rate %d, sensf_res_len %d\n",
151 nfcf_poll->bit_rate, nfcf_poll->sensf_res_len); 151 nfcf_poll->bit_rate, nfcf_poll->sensf_res_len);
@@ -331,7 +331,7 @@ static int nci_extract_activation_params_iso_dep(struct nci_dev *ndev,
331 switch (ntf->activation_rf_tech_and_mode) { 331 switch (ntf->activation_rf_tech_and_mode) {
332 case NCI_NFC_A_PASSIVE_POLL_MODE: 332 case NCI_NFC_A_PASSIVE_POLL_MODE:
333 nfca_poll = &ntf->activation_params.nfca_poll_iso_dep; 333 nfca_poll = &ntf->activation_params.nfca_poll_iso_dep;
334 nfca_poll->rats_res_len = *data++; 334 nfca_poll->rats_res_len = min_t(__u8, *data++, 20);
335 pr_debug("rats_res_len %d\n", nfca_poll->rats_res_len); 335 pr_debug("rats_res_len %d\n", nfca_poll->rats_res_len);
336 if (nfca_poll->rats_res_len > 0) { 336 if (nfca_poll->rats_res_len > 0) {
337 memcpy(nfca_poll->rats_res, 337 memcpy(nfca_poll->rats_res,
@@ -341,7 +341,7 @@ static int nci_extract_activation_params_iso_dep(struct nci_dev *ndev,
341 341
342 case NCI_NFC_B_PASSIVE_POLL_MODE: 342 case NCI_NFC_B_PASSIVE_POLL_MODE:
343 nfcb_poll = &ntf->activation_params.nfcb_poll_iso_dep; 343 nfcb_poll = &ntf->activation_params.nfcb_poll_iso_dep;
344 nfcb_poll->attrib_res_len = *data++; 344 nfcb_poll->attrib_res_len = min_t(__u8, *data++, 50);
345 pr_debug("attrib_res_len %d\n", nfcb_poll->attrib_res_len); 345 pr_debug("attrib_res_len %d\n", nfcb_poll->attrib_res_len);
346 if (nfcb_poll->attrib_res_len > 0) { 346 if (nfcb_poll->attrib_res_len > 0) {
347 memcpy(nfcb_poll->attrib_res, 347 memcpy(nfcb_poll->attrib_res,
diff --git a/net/nfc/rawsock.c b/net/nfc/rawsock.c
index ec1134c9e07f..8b8a6a2b2bad 100644
--- a/net/nfc/rawsock.c
+++ b/net/nfc/rawsock.c
@@ -54,7 +54,10 @@ static int rawsock_release(struct socket *sock)
54{ 54{
55 struct sock *sk = sock->sk; 55 struct sock *sk = sock->sk;
56 56
57 pr_debug("sock=%p\n", sock); 57 pr_debug("sock=%p sk=%p\n", sock, sk);
58
59 if (!sk)
60 return 0;
58 61
59 sock_orphan(sk); 62 sock_orphan(sk);
60 sock_put(sk); 63 sock_put(sk);
diff --git a/net/sctp/associola.c b/net/sctp/associola.c
index 5bc9ab161b37..b16517ee1aaf 100644
--- a/net/sctp/associola.c
+++ b/net/sctp/associola.c
@@ -271,6 +271,7 @@ static struct sctp_association *sctp_association_init(struct sctp_association *a
271 */ 271 */
272 asoc->peer.sack_needed = 1; 272 asoc->peer.sack_needed = 1;
273 asoc->peer.sack_cnt = 0; 273 asoc->peer.sack_cnt = 0;
274 asoc->peer.sack_generation = 1;
274 275
275 /* Assume that the peer will tell us if he recognizes ASCONF 276 /* Assume that the peer will tell us if he recognizes ASCONF
276 * as part of INIT exchange. 277 * as part of INIT exchange.
diff --git a/net/sctp/output.c b/net/sctp/output.c
index f1b7d4bb591e..6ae47acaaec6 100644
--- a/net/sctp/output.c
+++ b/net/sctp/output.c
@@ -248,6 +248,11 @@ static sctp_xmit_t sctp_packet_bundle_sack(struct sctp_packet *pkt,
248 /* If the SACK timer is running, we have a pending SACK */ 248 /* If the SACK timer is running, we have a pending SACK */
249 if (timer_pending(timer)) { 249 if (timer_pending(timer)) {
250 struct sctp_chunk *sack; 250 struct sctp_chunk *sack;
251
252 if (pkt->transport->sack_generation !=
253 pkt->transport->asoc->peer.sack_generation)
254 return retval;
255
251 asoc->a_rwnd = asoc->rwnd; 256 asoc->a_rwnd = asoc->rwnd;
252 sack = sctp_make_sack(asoc); 257 sack = sctp_make_sack(asoc);
253 if (sack) { 258 if (sack) {
diff --git a/net/sctp/sm_make_chunk.c b/net/sctp/sm_make_chunk.c
index a85eeeb55dd0..b6de71efb140 100644
--- a/net/sctp/sm_make_chunk.c
+++ b/net/sctp/sm_make_chunk.c
@@ -734,8 +734,10 @@ struct sctp_chunk *sctp_make_sack(const struct sctp_association *asoc)
734 int len; 734 int len;
735 __u32 ctsn; 735 __u32 ctsn;
736 __u16 num_gabs, num_dup_tsns; 736 __u16 num_gabs, num_dup_tsns;
737 struct sctp_association *aptr = (struct sctp_association *)asoc;
737 struct sctp_tsnmap *map = (struct sctp_tsnmap *)&asoc->peer.tsn_map; 738 struct sctp_tsnmap *map = (struct sctp_tsnmap *)&asoc->peer.tsn_map;
738 struct sctp_gap_ack_block gabs[SCTP_MAX_GABS]; 739 struct sctp_gap_ack_block gabs[SCTP_MAX_GABS];
740 struct sctp_transport *trans;
739 741
740 memset(gabs, 0, sizeof(gabs)); 742 memset(gabs, 0, sizeof(gabs));
741 ctsn = sctp_tsnmap_get_ctsn(map); 743 ctsn = sctp_tsnmap_get_ctsn(map);
@@ -805,6 +807,20 @@ struct sctp_chunk *sctp_make_sack(const struct sctp_association *asoc)
805 sctp_addto_chunk(retval, sizeof(__u32) * num_dup_tsns, 807 sctp_addto_chunk(retval, sizeof(__u32) * num_dup_tsns,
806 sctp_tsnmap_get_dups(map)); 808 sctp_tsnmap_get_dups(map));
807 809
810 /* Once we have a sack generated, check to see what our sack
811 * generation is, if its 0, reset the transports to 0, and reset
812 * the association generation to 1
813 *
814 * The idea is that zero is never used as a valid generation for the
815 * association so no transport will match after a wrap event like this,
816 * Until the next sack
817 */
818 if (++aptr->peer.sack_generation == 0) {
819 list_for_each_entry(trans, &asoc->peer.transport_addr_list,
820 transports)
821 trans->sack_generation = 0;
822 aptr->peer.sack_generation = 1;
823 }
808nodata: 824nodata:
809 return retval; 825 return retval;
810} 826}
diff --git a/net/sctp/sm_sideeffect.c b/net/sctp/sm_sideeffect.c
index c96d1a81cf42..8716da1a8592 100644
--- a/net/sctp/sm_sideeffect.c
+++ b/net/sctp/sm_sideeffect.c
@@ -1268,7 +1268,7 @@ static int sctp_cmd_interpreter(sctp_event_t event_type,
1268 case SCTP_CMD_REPORT_TSN: 1268 case SCTP_CMD_REPORT_TSN:
1269 /* Record the arrival of a TSN. */ 1269 /* Record the arrival of a TSN. */
1270 error = sctp_tsnmap_mark(&asoc->peer.tsn_map, 1270 error = sctp_tsnmap_mark(&asoc->peer.tsn_map,
1271 cmd->obj.u32); 1271 cmd->obj.u32, NULL);
1272 break; 1272 break;
1273 1273
1274 case SCTP_CMD_REPORT_FWDTSN: 1274 case SCTP_CMD_REPORT_FWDTSN:
diff --git a/net/sctp/transport.c b/net/sctp/transport.c
index b026ba0c6992..1dcceb6e0ce6 100644
--- a/net/sctp/transport.c
+++ b/net/sctp/transport.c
@@ -68,6 +68,8 @@ static struct sctp_transport *sctp_transport_init(struct sctp_transport *peer,
68 peer->af_specific = sctp_get_af_specific(addr->sa.sa_family); 68 peer->af_specific = sctp_get_af_specific(addr->sa.sa_family);
69 memset(&peer->saddr, 0, sizeof(union sctp_addr)); 69 memset(&peer->saddr, 0, sizeof(union sctp_addr));
70 70
71 peer->sack_generation = 0;
72
71 /* From 6.3.1 RTO Calculation: 73 /* From 6.3.1 RTO Calculation:
72 * 74 *
73 * C1) Until an RTT measurement has been made for a packet sent to the 75 * C1) Until an RTT measurement has been made for a packet sent to the
diff --git a/net/sctp/tsnmap.c b/net/sctp/tsnmap.c
index f1e40cebc981..b5fb7c409023 100644
--- a/net/sctp/tsnmap.c
+++ b/net/sctp/tsnmap.c
@@ -114,7 +114,8 @@ int sctp_tsnmap_check(const struct sctp_tsnmap *map, __u32 tsn)
114 114
115 115
116/* Mark this TSN as seen. */ 116/* Mark this TSN as seen. */
117int sctp_tsnmap_mark(struct sctp_tsnmap *map, __u32 tsn) 117int sctp_tsnmap_mark(struct sctp_tsnmap *map, __u32 tsn,
118 struct sctp_transport *trans)
118{ 119{
119 u16 gap; 120 u16 gap;
120 121
@@ -133,6 +134,9 @@ int sctp_tsnmap_mark(struct sctp_tsnmap *map, __u32 tsn)
133 */ 134 */
134 map->max_tsn_seen++; 135 map->max_tsn_seen++;
135 map->cumulative_tsn_ack_point++; 136 map->cumulative_tsn_ack_point++;
137 if (trans)
138 trans->sack_generation =
139 trans->asoc->peer.sack_generation;
136 map->base_tsn++; 140 map->base_tsn++;
137 } else { 141 } else {
138 /* Either we already have a gap, or about to record a gap, so 142 /* Either we already have a gap, or about to record a gap, so
diff --git a/net/sctp/ulpevent.c b/net/sctp/ulpevent.c
index 8a84017834c2..33d894776192 100644
--- a/net/sctp/ulpevent.c
+++ b/net/sctp/ulpevent.c
@@ -715,7 +715,8 @@ struct sctp_ulpevent *sctp_ulpevent_make_rcvmsg(struct sctp_association *asoc,
715 * can mark it as received so the tsn_map is updated correctly. 715 * can mark it as received so the tsn_map is updated correctly.
716 */ 716 */
717 if (sctp_tsnmap_mark(&asoc->peer.tsn_map, 717 if (sctp_tsnmap_mark(&asoc->peer.tsn_map,
718 ntohl(chunk->subh.data_hdr->tsn))) 718 ntohl(chunk->subh.data_hdr->tsn),
719 chunk->transport))
719 goto fail_mark; 720 goto fail_mark;
720 721
721 /* First calculate the padding, so we don't inadvertently 722 /* First calculate the padding, so we don't inadvertently
diff --git a/net/sctp/ulpqueue.c b/net/sctp/ulpqueue.c
index f2d1de7f2ffb..f5a6a4f4faf7 100644
--- a/net/sctp/ulpqueue.c
+++ b/net/sctp/ulpqueue.c
@@ -1051,7 +1051,7 @@ void sctp_ulpq_renege(struct sctp_ulpq *ulpq, struct sctp_chunk *chunk,
1051 if (chunk && (freed >= needed)) { 1051 if (chunk && (freed >= needed)) {
1052 __u32 tsn; 1052 __u32 tsn;
1053 tsn = ntohl(chunk->subh.data_hdr->tsn); 1053 tsn = ntohl(chunk->subh.data_hdr->tsn);
1054 sctp_tsnmap_mark(&asoc->peer.tsn_map, tsn); 1054 sctp_tsnmap_mark(&asoc->peer.tsn_map, tsn, chunk->transport);
1055 sctp_ulpq_tail_data(ulpq, chunk, gfp); 1055 sctp_ulpq_tail_data(ulpq, chunk, gfp);
1056 1056
1057 sctp_ulpq_partial_delivery(ulpq, chunk, gfp); 1057 sctp_ulpq_partial_delivery(ulpq, chunk, gfp);
generated by cgit v1.2.2 (git 2.25.0) at 2024-12-28 12:05:52 -0500