diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2014-03-24 20:07:24 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2014-03-24 20:07:24 -0400 |
| commit | 8a1094462c7ec47f9d3a31b0a281ce35cb138f50 (patch) | |
| tree | c05accc7db20026a417a6a54a1ca33766e2505af /include | |
| parent | 774868c7094d35b4518be3d0e654de000a5d11fc (diff) | |
| parent | a5d0e7c037119484a7006b883618bfa87996cb41 (diff) | |
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Pull networking fixes from David Miller:
1) OpenVswitch's lookup_datapath() returns error pointers, so don't
check against NULL. From Jiri Pirko.
2) pfkey_compile_policy() code path tries to do a GFP_KERNEL allocation
under RCU locks, fix by using GFP_ATOMIC when necessary. From
Nikolay Aleksandrov.
3) phy_suspend() indirectly passes uninitialized data into the ethtool
get wake-on-land implementations. Fix from Sebastian Hesselbarth.
4) CPSW driver unregisters CPTS twice, fix from Benedikt Spranger.
5) If SKB allocation of reply packet fails, vxlan's arp_reduce() defers
a NULL pointer. Fix from David Stevens.
6) IPV6 neigh handling in vxlan doesn't validate the destination
address properly, and it builds a packet with the src and dst
reversed. Fix also from David Stevens.
7) Fix spinlock recursion during subscription failures in TIPC stack,
from Erik Hugne.
8) Revert buggy conversion of davinci_emac to devm_request_irq, from
Chrstian Riesch.
9) Wrong flags passed into forwarding database netlink notifications,
from Nicolas Dichtel.
10) The netpoll neighbour soliciation handler checks wrong ethertype,
needs to be ETH_P_IPV6 rather than ETH_P_ARP. Fix from Li RongQing.
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (34 commits)
tipc: fix spinlock recursion bug for failed subscriptions
vxlan: fix nonfunctional neigh_reduce()
net: davinci_emac: Fix rollback of emac_dev_open()
net: davinci_emac: Replace devm_request_irq with request_irq
netpoll: fix the skb check in pkt_is_ns
net: micrel : ks8851-ml: add vdd-supply support
ip6mr: fix mfc notification flags
ipmr: fix mfc notification flags
rtnetlink: fix fdb notification flags
tcp: syncookies: do not use getnstimeofday()
netlink: fix setsockopt in mmap examples in documentation
openvswitch: Correctly report flow used times for first 5 minutes after boot.
via-rhine: Disable device in error path
ATHEROS-ATL1E: Convert iounmap to pci_iounmap
vxlan: fix potential NULL dereference in arp_reduce()
cnic: Update version to 2.5.20 and copyright year.
cnic,bnx2i,bnx2fc: Fix inconsistent use of page size
cnic: Use proper ulp_ops for per device operations.
net: cdc_ncm: fix control message ordering
ipv6: ip6_append_data_mtu do not handle the mtu of the second fragment properly
...
Diffstat (limited to 'include')
| -rw-r--r-- | include/linux/security.h | 10 | ||||
| -rw-r--r-- | include/linux/usb/cdc_ncm.h | 1 | ||||
| -rw-r--r-- | include/net/tcp.h | 11 |
3 files changed, 14 insertions, 8 deletions
diff --git a/include/linux/security.h b/include/linux/security.h index 5623a7f965b7..2fc42d191f79 100644 --- a/include/linux/security.h +++ b/include/linux/security.h | |||
| @@ -1040,6 +1040,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) | |||
| 1040 | * Allocate a security structure to the xp->security field; the security | 1040 | * Allocate a security structure to the xp->security field; the security |
| 1041 | * field is initialized to NULL when the xfrm_policy is allocated. | 1041 | * field is initialized to NULL when the xfrm_policy is allocated. |
| 1042 | * Return 0 if operation was successful (memory to allocate, legal context) | 1042 | * Return 0 if operation was successful (memory to allocate, legal context) |
| 1043 | * @gfp is to specify the context for the allocation | ||
| 1043 | * @xfrm_policy_clone_security: | 1044 | * @xfrm_policy_clone_security: |
| 1044 | * @old_ctx contains an existing xfrm_sec_ctx. | 1045 | * @old_ctx contains an existing xfrm_sec_ctx. |
| 1045 | * @new_ctxp contains a new xfrm_sec_ctx being cloned from old. | 1046 | * @new_ctxp contains a new xfrm_sec_ctx being cloned from old. |
| @@ -1683,7 +1684,7 @@ struct security_operations { | |||
| 1683 | 1684 | ||
| 1684 | #ifdef CONFIG_SECURITY_NETWORK_XFRM | 1685 | #ifdef CONFIG_SECURITY_NETWORK_XFRM |
| 1685 | int (*xfrm_policy_alloc_security) (struct xfrm_sec_ctx **ctxp, | 1686 | int (*xfrm_policy_alloc_security) (struct xfrm_sec_ctx **ctxp, |
| 1686 | struct xfrm_user_sec_ctx *sec_ctx); | 1687 | struct xfrm_user_sec_ctx *sec_ctx, gfp_t gfp); |
| 1687 | int (*xfrm_policy_clone_security) (struct xfrm_sec_ctx *old_ctx, struct xfrm_sec_ctx **new_ctx); | 1688 | int (*xfrm_policy_clone_security) (struct xfrm_sec_ctx *old_ctx, struct xfrm_sec_ctx **new_ctx); |
| 1688 | void (*xfrm_policy_free_security) (struct xfrm_sec_ctx *ctx); | 1689 | void (*xfrm_policy_free_security) (struct xfrm_sec_ctx *ctx); |
| 1689 | int (*xfrm_policy_delete_security) (struct xfrm_sec_ctx *ctx); | 1690 | int (*xfrm_policy_delete_security) (struct xfrm_sec_ctx *ctx); |
| @@ -2859,7 +2860,8 @@ static inline void security_skb_owned_by(struct sk_buff *skb, struct sock *sk) | |||
| 2859 | 2860 | ||
| 2860 | #ifdef CONFIG_SECURITY_NETWORK_XFRM | 2861 | #ifdef CONFIG_SECURITY_NETWORK_XFRM |
| 2861 | 2862 | ||
| 2862 | int security_xfrm_policy_alloc(struct xfrm_sec_ctx **ctxp, struct xfrm_user_sec_ctx *sec_ctx); | 2863 | int security_xfrm_policy_alloc(struct xfrm_sec_ctx **ctxp, |
| 2864 | struct xfrm_user_sec_ctx *sec_ctx, gfp_t gfp); | ||
| 2863 | int security_xfrm_policy_clone(struct xfrm_sec_ctx *old_ctx, struct xfrm_sec_ctx **new_ctxp); | 2865 | int security_xfrm_policy_clone(struct xfrm_sec_ctx *old_ctx, struct xfrm_sec_ctx **new_ctxp); |
| 2864 | void security_xfrm_policy_free(struct xfrm_sec_ctx *ctx); | 2866 | void security_xfrm_policy_free(struct xfrm_sec_ctx *ctx); |
| 2865 | int security_xfrm_policy_delete(struct xfrm_sec_ctx *ctx); | 2867 | int security_xfrm_policy_delete(struct xfrm_sec_ctx *ctx); |
| @@ -2877,7 +2879,9 @@ void security_skb_classify_flow(struct sk_buff *skb, struct flowi *fl); | |||
| 2877 | 2879 | ||
| 2878 | #else /* CONFIG_SECURITY_NETWORK_XFRM */ | 2880 | #else /* CONFIG_SECURITY_NETWORK_XFRM */ |
| 2879 | 2881 | ||
| 2880 | static inline int security_xfrm_policy_alloc(struct xfrm_sec_ctx **ctxp, struct xfrm_user_sec_ctx *sec_ctx) | 2882 | static inline int security_xfrm_policy_alloc(struct xfrm_sec_ctx **ctxp, |
| 2883 | struct xfrm_user_sec_ctx *sec_ctx, | ||
| 2884 | gfp_t gfp) | ||
| 2881 | { | 2885 | { |
| 2882 | return 0; | 2886 | return 0; |
| 2883 | } | 2887 | } |
diff --git a/include/linux/usb/cdc_ncm.h b/include/linux/usb/cdc_ncm.h index c3fa80745996..2c14d9cdd57a 100644 --- a/include/linux/usb/cdc_ncm.h +++ b/include/linux/usb/cdc_ncm.h | |||
| @@ -88,6 +88,7 @@ | |||
| 88 | #define cdc_ncm_data_intf_is_mbim(x) ((x)->desc.bInterfaceProtocol == USB_CDC_MBIM_PROTO_NTB) | 88 | #define cdc_ncm_data_intf_is_mbim(x) ((x)->desc.bInterfaceProtocol == USB_CDC_MBIM_PROTO_NTB) |
| 89 | 89 | ||
| 90 | struct cdc_ncm_ctx { | 90 | struct cdc_ncm_ctx { |
| 91 | struct usb_cdc_ncm_ntb_parameters ncm_parm; | ||
| 91 | struct hrtimer tx_timer; | 92 | struct hrtimer tx_timer; |
| 92 | struct tasklet_struct bh; | 93 | struct tasklet_struct bh; |
| 93 | 94 | ||
diff --git a/include/net/tcp.h b/include/net/tcp.h index 8c4dd63134d4..743accec6c76 100644 --- a/include/net/tcp.h +++ b/include/net/tcp.h | |||
| @@ -480,20 +480,21 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb, | |||
| 480 | #ifdef CONFIG_SYN_COOKIES | 480 | #ifdef CONFIG_SYN_COOKIES |
| 481 | #include <linux/ktime.h> | 481 | #include <linux/ktime.h> |
| 482 | 482 | ||
| 483 | /* Syncookies use a monotonic timer which increments every 64 seconds. | 483 | /* Syncookies use a monotonic timer which increments every 60 seconds. |
| 484 | * This counter is used both as a hash input and partially encoded into | 484 | * This counter is used both as a hash input and partially encoded into |
| 485 | * the cookie value. A cookie is only validated further if the delta | 485 | * the cookie value. A cookie is only validated further if the delta |
| 486 | * between the current counter value and the encoded one is less than this, | 486 | * between the current counter value and the encoded one is less than this, |
| 487 | * i.e. a sent cookie is valid only at most for 128 seconds (or less if | 487 | * i.e. a sent cookie is valid only at most for 2*60 seconds (or less if |
| 488 | * the counter advances immediately after a cookie is generated). | 488 | * the counter advances immediately after a cookie is generated). |
| 489 | */ | 489 | */ |
| 490 | #define MAX_SYNCOOKIE_AGE 2 | 490 | #define MAX_SYNCOOKIE_AGE 2 |
| 491 | 491 | ||
| 492 | static inline u32 tcp_cookie_time(void) | 492 | static inline u32 tcp_cookie_time(void) |
| 493 | { | 493 | { |
| 494 | struct timespec now; | 494 | u64 val = get_jiffies_64(); |
| 495 | getnstimeofday(&now); | 495 | |
| 496 | return now.tv_sec >> 6; /* 64 seconds granularity */ | 496 | do_div(val, 60 * HZ); |
| 497 | return val; | ||
| 497 | } | 498 | } |
| 498 | 499 | ||
| 499 | u32 __cookie_v4_init_sequence(const struct iphdr *iph, const struct tcphdr *th, | 500 | u32 __cookie_v4_init_sequence(const struct iphdr *iph, const struct tcphdr *th, |