Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net

Pull more networking fixes from David Miller: 1) Fix mlx4_en_netpoll implementation, it needs to schedule a NAPI context, not synchronize it. From Chris Mason. 2) Ipv4 flow input interface should never be zero, it should be LOOPBACK_IFINDEX instead. From Cong Wang and Julian Anastasov. 3) Properly configure MAC to PHY connection in mvneta devices, from Thomas Petazzoni. 4) sys_recv should use SYSCALL_DEFINE. From Jan Glauber. 5) Tunnel driver ioctls do not use the correct namespace, fix from Nicolas Dichtel. 6) Fix memory leak on seccomp filter attach, from Kees Cook. 7) Fix lockdep warning for nested vlans, from Ding Tianhong. 8) Crashes can happen in SCTP due to how the auth_enable value is managed, fix from Vlad Yasevich. 9) Wireless fixes from John W Linville and co. * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (45 commits) net: sctp: cache auth_enable per endpoint tg3: update rx_jumbo_pending ring param only when jumbo frames are enabled vlan: Fix lockdep warning when vlan dev handle notification seccomp: fix memory leak on filter attach isdn: icn: buffer overflow in icn_command() ip6_tunnel: use the right netns in ioctl handler sit: use the right netns in ioctl handler ip_tunnel: use the right netns in ioctl handler net: use SYSCALL_DEFINEx for sys_recv net: mdio-gpio: Add support for separate MDI and MDO gpio pins net: mdio-gpio: Add support for active low gpio pins net: mdio-gpio: Use devm_ functions where possible ipv4, route: pass 0 instead of LOOPBACK_IFINDEX to fib_validate_source() ipv4, fib: pass LOOPBACK_IFINDEX instead of 0 to flowi4_iif mlx4_en: don't use napi_synchronize inside mlx4_en_netpoll net: mvneta: properly configure the MAC <-> PHY connection in all situations net: phy: add minimal support for QSGMII PHY sfc:On MCDI timeout, issue an FLR (and mark MCDI to fail-fast) mwifiex: fix hung task on command timeout mwifiex: process event before command response ...
author: Linus Torvalds <torvalds@linux-foundation.org> 2014-04-18 20:53:46 -0400
committer: Linus Torvalds <torvalds@linux-foundation.org> 2014-04-18 20:53:46 -0400
commit: ebfc45ee7004088d610cd399d2dee6d95f87199b (patch)
tree: 7e3edfaeb7660d20eb187e9d2b1d6c9a9b3ceece /net
parent: 6e66d5dab5d530a368314eb631201a02aabb075d (diff)
parent: b14878ccb7fac0242db82720b784ab62c467c0dc (diff)
22 files changed, 168 insertions, 103 deletions
diff --git a/net/8021q/vlan_dev.c b/net/8021q/vlan_dev.c
index 6f142f03716d..733ec283ed1b 100644
--- a/net/8021q/vlan_dev.c
+++ b/net/8021q/vlan_dev.c
@@ -493,10 +493,48 @@ static void vlan_dev_change_rx_flags(struct net_device *dev, int change)
        }
 }
+static int vlan_calculate_locking_subclass(struct net_device *real_dev)
+{
+        int subclass = 0;
+        while (is_vlan_dev(real_dev)) {
+                subclass++;
+                real_dev = vlan_dev_priv(real_dev)->real_dev;
+        }
+        return subclass;
+}
+static void vlan_dev_mc_sync(struct net_device *to, struct net_device *from)
+{
+        int err = 0, subclass;
+        subclass = vlan_calculate_locking_subclass(to);
+        spin_lock_nested(&to->addr_list_lock, subclass);
+        err = __hw_addr_sync(&to->mc, &from->mc, to->addr_len);
+        if (!err)
+                __dev_set_rx_mode(to);
+        spin_unlock(&to->addr_list_lock);
+}
+static void vlan_dev_uc_sync(struct net_device *to, struct net_device *from)
+{
+        int err = 0, subclass;
+        subclass = vlan_calculate_locking_subclass(to);
+        spin_lock_nested(&to->addr_list_lock, subclass);
+        err = __hw_addr_sync(&to->uc, &from->uc, to->addr_len);
+        if (!err)
+                __dev_set_rx_mode(to);
+        spin_unlock(&to->addr_list_lock);
+}
 static void vlan_dev_set_rx_mode(struct net_device *vlan_dev)
 {
-        dev_mc_sync(vlan_dev_priv(vlan_dev)->real_dev, vlan_dev);
+        vlan_dev_mc_sync(vlan_dev_priv(vlan_dev)->real_dev, vlan_dev);
-        dev_uc_sync(vlan_dev_priv(vlan_dev)->real_dev, vlan_dev);
+        vlan_dev_uc_sync(vlan_dev_priv(vlan_dev)->real_dev, vlan_dev);
 }
 /*
@@ -608,9 +646,7 @@ static int vlan_dev_init(struct net_device *dev)
        SET_NETDEV_DEVTYPE(dev, &vlan_type);
-        if (is_vlan_dev(real_dev))
+        subclass = vlan_calculate_locking_subclass(dev);
-                subclass = 1;
        vlan_dev_set_lockdep_class(dev, subclass);
        vlan_dev_priv(dev)->vlan_pcpu_stats = netdev_alloc_pcpu_stats(struct vlan_pcpu_stats);
diff --git a/net/core/dev.c b/net/core/dev.c
index 5b3042e69f85..d2c8a06b3a98 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -5238,6 +5238,7 @@ void __dev_set_rx_mode(struct net_device *dev)
        if (ops->ndo_set_rx_mode)
                ops->ndo_set_rx_mode(dev);
 }
+EXPORT_SYMBOL(__dev_set_rx_mode);
 void dev_set_rx_mode(struct net_device *dev)
 {
diff --git a/net/ipv4/fib_frontend.c b/net/ipv4/fib_frontend.c
index 1a629f870274..255aa9946fe7 100644
--- a/net/ipv4/fib_frontend.c
+++ b/net/ipv4/fib_frontend.c
@@ -250,7 +250,7 @@ static int __fib_validate_source(struct sk_buff *skb, __be32 src, __be32 dst,
        bool dev_match;
        fl4.flowi4_oif = 0;
-        fl4.flowi4_iif = oif;
+        fl4.flowi4_iif = oif ? : LOOPBACK_IFINDEX;
        fl4.daddr = src;
        fl4.saddr = dst;
        fl4.flowi4_tos = tos;
diff --git a/net/ipv4/fib_semantics.c b/net/ipv4/fib_semantics.c
index b53f0bf84dca..8a043f03c88e 100644
--- a/net/ipv4/fib_semantics.c
+++ b/net/ipv4/fib_semantics.c
@@ -631,6 +631,7 @@ static int fib_check_nh(struct fib_config *cfg, struct fib_info *fi,
                                .daddr = nh->nh_gw,
                                .flowi4_scope = cfg->fc_scope + 1,
                                .flowi4_oif = nh->nh_oif,
+                                .flowi4_iif = LOOPBACK_IFINDEX,
                        };
                        /* It is not necessary, but requires a bit of thinking */
diff --git a/net/ipv4/ip_tunnel.c b/net/ipv4/ip_tunnel.c
index 484d0ce27ef7..fa5b7519765f 100644
--- a/net/ipv4/ip_tunnel.c
+++ b/net/ipv4/ip_tunnel.c
@@ -722,19 +722,18 @@ static void ip_tunnel_update(struct ip_tunnel_net *itn,
 int ip_tunnel_ioctl(struct net_device *dev, struct ip_tunnel_parm *p, int cmd)
 {
        int err = 0;
-        struct ip_tunnel *t;
+        struct ip_tunnel *t = netdev_priv(dev);
-        struct net *net = dev_net(dev);
+        struct net *net = t->net;
-        struct ip_tunnel *tunnel = netdev_priv(dev);
+        struct ip_tunnel_net *itn = net_generic(net, t->ip_tnl_net_id);
-        struct ip_tunnel_net *itn = net_generic(net, tunnel->ip_tnl_net_id);
        BUG_ON(!itn->fb_tunnel_dev);
        switch (cmd) {
        case SIOCGETTUNNEL:
-                t = NULL;
+                if (dev == itn->fb_tunnel_dev) {
-                if (dev == itn->fb_tunnel_dev)
                        t = ip_tunnel_find(itn, p, itn->fb_tunnel_dev->type);
-                if (t == NULL)
+                        if (t == NULL)
-                        t = netdev_priv(dev);
+                                t = netdev_priv(dev);
+                }
                memcpy(p, &t->parms, sizeof(*p));
                break;
diff --git a/net/ipv4/ipmr.c b/net/ipv4/ipmr.c
index 28863570dd60..d84dc8d4c916 100644
--- a/net/ipv4/ipmr.c
+++ b/net/ipv4/ipmr.c
@@ -455,7 +455,7 @@ static netdev_tx_t reg_vif_xmit(struct sk_buff *skb, struct net_device *dev)
        struct mr_table *mrt;
        struct flowi4 fl4 = {
                .flowi4_oif     = dev->ifindex,
-                .flowi4_iif     = skb->skb_iif,
+                .flowi4_iif     = skb->skb_iif ? : LOOPBACK_IFINDEX,
                .flowi4_mark    = skb->mark,
        };
        int err;
diff --git a/net/ipv4/netfilter/ipt_rpfilter.c b/net/ipv4/netfilter/ipt_rpfilter.c
index c49dcd0284a0..4bfaedf9b34e 100644
--- a/net/ipv4/netfilter/ipt_rpfilter.c
+++ b/net/ipv4/netfilter/ipt_rpfilter.c
@@ -89,11 +89,8 @@ static bool rpfilter_mt(const struct sk_buff *skb, struct xt_action_param *par)
        if (ipv4_is_multicast(iph->daddr)) {
                if (ipv4_is_zeronet(iph->saddr))
                        return ipv4_is_local_multicast(iph->daddr) ^ invert;
-                flow.flowi4_iif = 0;
-        } else {
-                flow.flowi4_iif = LOOPBACK_IFINDEX;
        }
+        flow.flowi4_iif = LOOPBACK_IFINDEX;
        flow.daddr = iph->saddr;
        flow.saddr = rpfilter_get_saddr(iph->daddr);
        flow.flowi4_oif = 0;
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index 1485aafcad59..db1e0da871f4 100644
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -1700,8 +1700,7 @@ static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr,
        if (res.type == RTN_LOCAL) {
                err = fib_validate_source(skb, saddr, daddr, tos,
-                                          LOOPBACK_IFINDEX,
+                                          0, dev, in_dev, &itag);
-                                          dev, in_dev, &itag);
                if (err < 0)
                        goto martian_source_keep_err;
                goto local_input;
diff --git a/net/ipv6/ip6_tunnel.c b/net/ipv6/ip6_tunnel.c
index e1df691d78be..b05b609f69d1 100644
--- a/net/ipv6/ip6_tunnel.c
+++ b/net/ipv6/ip6_tunnel.c
@@ -1340,8 +1340,8 @@ ip6_tnl_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
        int err = 0;
        struct ip6_tnl_parm p;
        struct __ip6_tnl_parm p1;
-        struct ip6_tnl *t = NULL;
+        struct ip6_tnl *t = netdev_priv(dev);
-        struct net *net = dev_net(dev);
+        struct net *net = t->net;
        struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id);
        switch (cmd) {
@@ -1353,11 +1353,11 @@ ip6_tnl_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
                        }
                        ip6_tnl_parm_from_user(&p1, &p);
                        t = ip6_tnl_locate(net, &p1, 0);
+                        if (t == NULL)
+                                t = netdev_priv(dev);
                } else {
                        memset(&p, 0, sizeof(p));
                }
-                if (t == NULL)
-                        t = netdev_priv(dev);
                ip6_tnl_parm_to_user(&p, &t->parms);
                if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof (p))) {
                        err = -EFAULT;
diff --git a/net/ipv6/ip6mr.c b/net/ipv6/ip6mr.c
index 8737400af0a0..8659067da28e 100644
--- a/net/ipv6/ip6mr.c
+++ b/net/ipv6/ip6mr.c
@@ -700,7 +700,7 @@ static netdev_tx_t reg_vif_xmit(struct sk_buff *skb,
        struct mr6_table *mrt;
        struct flowi6 fl6 = {
                .flowi6_oif     = dev->ifindex,
-                .flowi6_iif     = skb->skb_iif,
+                .flowi6_iif     = skb->skb_iif ? : LOOPBACK_IFINDEX,
                .flowi6_mark    = skb->mark,
        };
        int err;
diff --git a/net/ipv6/sit.c b/net/ipv6/sit.c
index 8da8268d65f8..e5a453ca302e 100644
--- a/net/ipv6/sit.c
+++ b/net/ipv6/sit.c
@@ -1127,8 +1127,8 @@ ipip6_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd)
        int err = 0;
        struct ip_tunnel_parm p;
        struct ip_tunnel_prl prl;
-        struct ip_tunnel *t;
+        struct ip_tunnel *t = netdev_priv(dev);
-        struct net *net = dev_net(dev);
+        struct net *net = t->net;
        struct sit_net *sitn = net_generic(net, sit_net_id);
 #ifdef CONFIG_IPV6_SIT_6RD
        struct ip_tunnel_6rd ip6rd;
@@ -1139,16 +1139,15 @@ ipip6_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd)
 #ifdef CONFIG_IPV6_SIT_6RD
        case SIOCGET6RD:
 #endif
-                t = NULL;
                if (dev == sitn->fb_tunnel_dev) {
                        if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) {
                                err = -EFAULT;
                                break;
                        }
                        t = ipip6_tunnel_locate(net, &p, 0);
+                        if (t == NULL)
+                                t = netdev_priv(dev);
                }
-                if (t == NULL)
-                        t = netdev_priv(dev);
                err = -EFAULT;
                if (cmd == SIOCGETTUNNEL) {
@@ -1244,9 +1243,6 @@ ipip6_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd)
                err = -EINVAL;
                if (dev == sitn->fb_tunnel_dev)
                        goto done;
-                err = -ENOENT;
-                if (!(t = netdev_priv(dev)))
-                        goto done;
                err = ipip6_tunnel_get_prl(t, ifr->ifr_ifru.ifru_data);
                break;
@@ -1262,9 +1258,6 @@ ipip6_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd)
                err = -EFAULT;
                if (copy_from_user(&prl, ifr->ifr_ifru.ifru_data, sizeof(prl)))
                        goto done;
-                err = -ENOENT;
-                if (!(t = netdev_priv(dev)))
-                        goto done;
                switch (cmd) {
                case SIOCDELPRL:
@@ -1292,8 +1285,6 @@ ipip6_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd)
                                   sizeof(ip6rd)))
                        goto done;
-                t = netdev_priv(dev);
                if (cmd != SIOCDEL6RD) {
                        err = ipip6_tunnel_update_6rd(t, &ip6rd);
                        if (err < 0)
diff --git a/net/mac80211/chan.c b/net/mac80211/chan.c
index bd1fd8ea5105..75b5dd2c9267 100644
--- a/net/mac80211/chan.c
+++ b/net/mac80211/chan.c
@@ -249,7 +249,7 @@ ieee80211_new_chanctx(struct ieee80211_local *local,
        if (!local->use_chanctx) {
                local->_oper_chandef = *chandef;
-                ieee80211_hw_config(local, 0);
+                ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL);
        } else {
                err = drv_add_chanctx(local, ctx);
                if (err) {
@@ -286,7 +286,7 @@ static void ieee80211_free_chanctx(struct ieee80211_local *local,
                        check_single_channel = true;
                local->hw.conf.radar_enabled = false;
-                ieee80211_hw_config(local, 0);
+                ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL);
        } else {
                drv_remove_chanctx(local, ctx);
        }
@@ -492,6 +492,13 @@ void ieee80211_recalc_smps_chanctx(struct ieee80211_local *local,
                rx_chains_static = max(rx_chains_static, needed_static);
                rx_chains_dynamic = max(rx_chains_dynamic, needed_dynamic);
        }
+        /* Disable SMPS for the monitor interface */
+        sdata = rcu_dereference(local->monitor_sdata);
+        if (sdata &&
+            rcu_access_pointer(sdata->vif.chanctx_conf) == &chanctx->conf)
+                rx_chains_dynamic = rx_chains_static = local->rx_chains;
        rcu_read_unlock();
        if (!local->use_chanctx) {
diff --git a/net/mac80211/main.c b/net/mac80211/main.c
index b055f6a55c68..4c1bf61bc778 100644
--- a/net/mac80211/main.c
+++ b/net/mac80211/main.c
@@ -148,6 +148,8 @@ static u32 ieee80211_hw_conf_chan(struct ieee80211_local *local)
        list_for_each_entry_rcu(sdata, &local->interfaces, list) {
                if (!rcu_access_pointer(sdata->vif.chanctx_conf))
                        continue;
+                if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
+                        continue;
                power = min(power, sdata->vif.bss_conf.txpower);
        }
        rcu_read_unlock();
@@ -199,7 +201,7 @@ void ieee80211_bss_info_change_notify(struct ieee80211_sub_if_data *sdata,
 {
        struct ieee80211_local *local = sdata->local;
-        if (!changed)
+        if (!changed || sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
                return;
        drv_bss_info_changed(local, sdata, &sdata->vif.bss_conf, changed);
diff --git a/net/mac80211/offchannel.c b/net/mac80211/offchannel.c
index 0c2a29484c07..6fb38558a5e6 100644
--- a/net/mac80211/offchannel.c
+++ b/net/mac80211/offchannel.c
@@ -355,6 +355,7 @@ void ieee80211_sw_roc_work(struct work_struct *work)
                struct ieee80211_roc_work *dep;
                /* start this ROC */
+                ieee80211_offchannel_stop_vifs(local);
                /* switch channel etc */
                ieee80211_recalc_idle(local);
diff --git a/net/mac80211/status.c b/net/mac80211/status.c
index e6e574a307c8..00ba90b02ab2 100644
--- a/net/mac80211/status.c
+++ b/net/mac80211/status.c
@@ -618,6 +618,7 @@ void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb)
                                        sta, true, acked);
                if ((local->hw.flags & IEEE80211_HW_HAS_RATE_CONTROL) &&
+                    (ieee80211_is_data(hdr->frame_control)) &&
                    (rates_idx != -1))
                        sta->last_tx_rate = info->status.rates[rates_idx];
diff --git a/net/sctp/auth.c b/net/sctp/auth.c
index 683c7d1b1306..0e8529113dc5 100644
--- a/net/sctp/auth.c
+++ b/net/sctp/auth.c
@@ -386,14 +386,13 @@ nomem:
 */
 int sctp_auth_asoc_init_active_key(struct sctp_association *asoc, gfp_t gfp)
 {
-        struct net *net = sock_net(asoc->base.sk);
        struct sctp_auth_bytes  *secret;
        struct sctp_shared_key *ep_key;
        /* If we don't support AUTH, or peer is not capable
         * we don't need to do anything.
         */
-        if (!net->sctp.auth_enable || !asoc->peer.auth_capable)
+        if (!asoc->ep->auth_enable || !asoc->peer.auth_capable)
                return 0;
        /* If the key_id is non-zero and we couldn't find an
@@ -440,16 +439,16 @@ struct sctp_shared_key *sctp_auth_get_shkey(
 */
 int sctp_auth_init_hmacs(struct sctp_endpoint *ep, gfp_t gfp)
 {
-        struct net *net = sock_net(ep->base.sk);
        struct crypto_hash *tfm = NULL;
        __u16   id;
-        /* if the transforms are already allocted, we are done */
+        /* If AUTH extension is disabled, we are done */
-        if (!net->sctp.auth_enable) {
+        if (!ep->auth_enable) {
                ep->auth_hmacs = NULL;
                return 0;
        }
+        /* If the transforms are already allocated, we are done */
        if (ep->auth_hmacs)
                return 0;
@@ -665,12 +664,10 @@ static int __sctp_auth_cid(sctp_cid_t chunk, struct sctp_chunks_param *param)
 /* Check if peer requested that this chunk is authenticated */
 int sctp_auth_send_cid(sctp_cid_t chunk, const struct sctp_association *asoc)
 {
-        struct net  *net;
        if (!asoc)
                return 0;
-        net = sock_net(asoc->base.sk);
+        if (!asoc->ep->auth_enable || !asoc->peer.auth_capable)
-        if (!net->sctp.auth_enable || !asoc->peer.auth_capable)
                return 0;
        return __sctp_auth_cid(chunk, asoc->peer.peer_chunks);
@@ -679,12 +676,10 @@ int sctp_auth_send_cid(sctp_cid_t chunk, const struct sctp_association *asoc)
 /* Check if we requested that peer authenticate this chunk. */
 int sctp_auth_recv_cid(sctp_cid_t chunk, const struct sctp_association *asoc)
 {
-        struct net *net;
        if (!asoc)
                return 0;
-        net = sock_net(asoc->base.sk);
+        if (!asoc->ep->auth_enable)
-        if (!net->sctp.auth_enable)
                return 0;
        return __sctp_auth_cid(chunk,
diff --git a/net/sctp/endpointola.c b/net/sctp/endpointola.c
index 8e5fdea05216..3d9f429858dc 100644
--- a/net/sctp/endpointola.c
+++ b/net/sctp/endpointola.c
@@ -68,7 +68,8 @@ static struct sctp_endpoint *sctp_endpoint_init(struct sctp_endpoint *ep,
        if (!ep->digest)
                return NULL;
-        if (net->sctp.auth_enable) {
+        ep->auth_enable = net->sctp.auth_enable;
+        if (ep->auth_enable) {
                /* Allocate space for HMACS and CHUNKS authentication
                 * variables.  There are arrays that we encode directly
                 * into parameters to make the rest of the operations easier.
diff --git a/net/sctp/sm_make_chunk.c b/net/sctp/sm_make_chunk.c
index 3a1767ef3201..fee5552ddf92 100644
--- a/net/sctp/sm_make_chunk.c
+++ b/net/sctp/sm_make_chunk.c
@@ -219,6 +219,7 @@ struct sctp_chunk *sctp_make_init(const struct sctp_association *asoc,
                             gfp_t gfp, int vparam_len)
 {
        struct net *net = sock_net(asoc->base.sk);
+        struct sctp_endpoint *ep = asoc->ep;
        sctp_inithdr_t init;
        union sctp_params addrs;
        size_t chunksize;
@@ -278,7 +279,7 @@ struct sctp_chunk *sctp_make_init(const struct sctp_association *asoc,
        chunksize += vparam_len;
        /* Account for AUTH related parameters */
-        if (net->sctp.auth_enable) {
+        if (ep->auth_enable) {
                /* Add random parameter length*/
                chunksize += sizeof(asoc->c.auth_random);
@@ -363,7 +364,7 @@ struct sctp_chunk *sctp_make_init(const struct sctp_association *asoc,
        }
        /* Add SCTP-AUTH chunks to the parameter list */
-        if (net->sctp.auth_enable) {
+        if (ep->auth_enable) {
                sctp_addto_chunk(retval, sizeof(asoc->c.auth_random),
                                 asoc->c.auth_random);
                if (auth_hmacs)
@@ -2010,7 +2011,7 @@ static void sctp_process_ext_param(struct sctp_association *asoc,
                        /* if the peer reports AUTH, assume that he
                         * supports AUTH.
                         */
-                        if (net->sctp.auth_enable)
+                        if (asoc->ep->auth_enable)
                                asoc->peer.auth_capable = 1;
                        break;
                case SCTP_CID_ASCONF:
@@ -2102,6 +2103,7 @@ static sctp_ierror_t sctp_process_unk_param(const struct sctp_association *asoc,
 *      SCTP_IERROR_NO_ERROR - continue with the chunk
 */
 static sctp_ierror_t sctp_verify_param(struct net *net,
+                                        const struct sctp_endpoint *ep,
                                        const struct sctp_association *asoc,
                                        union sctp_params param,
                                        sctp_cid_t cid,
@@ -2152,7 +2154,7 @@ static sctp_ierror_t sctp_verify_param(struct net *net,
                goto fallthrough;
        case SCTP_PARAM_RANDOM:
-                if (!net->sctp.auth_enable)
+                if (!ep->auth_enable)
                        goto fallthrough;
                /* SCTP-AUTH: Secion 6.1
@@ -2169,7 +2171,7 @@ static sctp_ierror_t sctp_verify_param(struct net *net,
                break;
        case SCTP_PARAM_CHUNKS:
-                if (!net->sctp.auth_enable)
+                if (!ep->auth_enable)
                        goto fallthrough;
                /* SCTP-AUTH: Section 3.2
@@ -2185,7 +2187,7 @@ static sctp_ierror_t sctp_verify_param(struct net *net,
                break;
        case SCTP_PARAM_HMAC_ALGO:
-                if (!net->sctp.auth_enable)
+                if (!ep->auth_enable)
                        goto fallthrough;
                hmacs = (struct sctp_hmac_algo_param *)param.p;
@@ -2220,10 +2222,9 @@ fallthrough:
 }
 /* Verify the INIT packet before we process it.  */
-int sctp_verify_init(struct net *net, const struct sctp_association *asoc,
+int sctp_verify_init(struct net *net, const struct sctp_endpoint *ep,
-                     sctp_cid_t cid,
+                     const struct sctp_association *asoc, sctp_cid_t cid,
-                     sctp_init_chunk_t *peer_init,
+                     sctp_init_chunk_t *peer_init, struct sctp_chunk *chunk,
-                     struct sctp_chunk *chunk,
                     struct sctp_chunk **errp)
 {
        union sctp_params param;
@@ -2264,8 +2265,8 @@ int sctp_verify_init(struct net *net, const struct sctp_association *asoc,
        /* Verify all the variable length parameters */
        sctp_walk_params(param, peer_init, init_hdr.params) {
+                result = sctp_verify_param(net, ep, asoc, param, cid,
-                result = sctp_verify_param(net, asoc, param, cid, chunk, errp);
+                                           chunk, errp);
                switch (result) {
                case SCTP_IERROR_ABORT:
                case SCTP_IERROR_NOMEM:
@@ -2497,6 +2498,7 @@ static int sctp_process_param(struct sctp_association *asoc,
        struct sctp_af *af;
        union sctp_addr_param *addr_param;
        struct sctp_transport *t;
+        struct sctp_endpoint *ep = asoc->ep;
        /* We maintain all INIT parameters in network byte order all the
         * time.  This allows us to not worry about whether the parameters
@@ -2636,7 +2638,7 @@ do_addr_param:
                goto fall_through;
        case SCTP_PARAM_RANDOM:
-                if (!net->sctp.auth_enable)
+                if (!ep->auth_enable)
                        goto fall_through;
                /* Save peer's random parameter */
@@ -2649,7 +2651,7 @@ do_addr_param:
                break;
        case SCTP_PARAM_HMAC_ALGO:
-                if (!net->sctp.auth_enable)
+                if (!ep->auth_enable)
                        goto fall_through;
                /* Save peer's HMAC list */
@@ -2665,7 +2667,7 @@ do_addr_param:
                break;
        case SCTP_PARAM_CHUNKS:
-                if (!net->sctp.auth_enable)
+                if (!ep->auth_enable)
                        goto fall_through;
                asoc->peer.peer_chunks = kmemdup(param.p,
diff --git a/net/sctp/sm_statefuns.c b/net/sctp/sm_statefuns.c
index ae9fbeba40b0..5170a1ff95a1 100644
--- a/net/sctp/sm_statefuns.c
+++ b/net/sctp/sm_statefuns.c
@@ -357,7 +357,7 @@ sctp_disposition_t sctp_sf_do_5_1B_init(struct net *net,
        /* Verify the INIT chunk before processing it. */
        err_chunk = NULL;
-        if (!sctp_verify_init(net, asoc, chunk->chunk_hdr->type,
+        if (!sctp_verify_init(net, ep, asoc, chunk->chunk_hdr->type,
                              (sctp_init_chunk_t *)chunk->chunk_hdr, chunk,
                              &err_chunk)) {
                /* This chunk contains fatal error. It is to be discarded.
@@ -524,7 +524,7 @@ sctp_disposition_t sctp_sf_do_5_1C_ack(struct net *net,
        /* Verify the INIT chunk before processing it. */
        err_chunk = NULL;
-        if (!sctp_verify_init(net, asoc, chunk->chunk_hdr->type,
+        if (!sctp_verify_init(net, ep, asoc, chunk->chunk_hdr->type,
                              (sctp_init_chunk_t *)chunk->chunk_hdr, chunk,
                              &err_chunk)) {
@@ -1430,7 +1430,7 @@ static sctp_disposition_t sctp_sf_do_unexpected_init(
        /* Verify the INIT chunk before processing it. */
        err_chunk = NULL;
-        if (!sctp_verify_init(net, asoc, chunk->chunk_hdr->type,
+        if (!sctp_verify_init(net, ep, asoc, chunk->chunk_hdr->type,
                              (sctp_init_chunk_t *)chunk->chunk_hdr, chunk,
                              &err_chunk)) {
                /* This chunk contains fatal error. It is to be discarded.
diff --git a/net/sctp/socket.c b/net/sctp/socket.c
index ff20e2dbbbc7..fee06b99a4da 100644
--- a/net/sctp/socket.c
+++ b/net/sctp/socket.c
@@ -3321,10 +3321,10 @@ static int sctp_setsockopt_auth_chunk(struct sock *sk,
                                      char __user *optval,
                                      unsigned int optlen)
 {
-        struct net *net = sock_net(sk);
+        struct sctp_endpoint *ep = sctp_sk(sk)->ep;
        struct sctp_authchunk val;
-        if (!net->sctp.auth_enable)
+        if (!ep->auth_enable)
                return -EACCES;
        if (optlen != sizeof(struct sctp_authchunk))
@@ -3341,7 +3341,7 @@ static int sctp_setsockopt_auth_chunk(struct sock *sk,
        }
        /* add this chunk id to the endpoint */
-        return sctp_auth_ep_add_chunkid(sctp_sk(sk)->ep, val.sauth_chunk);
+        return sctp_auth_ep_add_chunkid(ep, val.sauth_chunk);
 }
 /*
@@ -3354,12 +3354,12 @@ static int sctp_setsockopt_hmac_ident(struct sock *sk,
                                      char __user *optval,
                                      unsigned int optlen)
 {
-        struct net *net = sock_net(sk);
+        struct sctp_endpoint *ep = sctp_sk(sk)->ep;
        struct sctp_hmacalgo *hmacs;
        u32 idents;
        int err;
-        if (!net->sctp.auth_enable)
+        if (!ep->auth_enable)
                return -EACCES;
        if (optlen < sizeof(struct sctp_hmacalgo))
@@ -3376,7 +3376,7 @@ static int sctp_setsockopt_hmac_ident(struct sock *sk,
                goto out;
        }
-        err = sctp_auth_ep_set_hmacs(sctp_sk(sk)->ep, hmacs);
+        err = sctp_auth_ep_set_hmacs(ep, hmacs);
 out:
        kfree(hmacs);
        return err;
@@ -3392,12 +3392,12 @@ static int sctp_setsockopt_auth_key(struct sock *sk,
                                    char __user *optval,
                                    unsigned int optlen)
 {
-        struct net *net = sock_net(sk);
+        struct sctp_endpoint *ep = sctp_sk(sk)->ep;
        struct sctp_authkey *authkey;
        struct sctp_association *asoc;
        int ret;
-        if (!net->sctp.auth_enable)
+        if (!ep->auth_enable)
                return -EACCES;
        if (optlen <= sizeof(struct sctp_authkey))
@@ -3418,7 +3418,7 @@ static int sctp_setsockopt_auth_key(struct sock *sk,
                goto out;
        }
-        ret = sctp_auth_set_key(sctp_sk(sk)->ep, asoc, authkey);
+        ret = sctp_auth_set_key(ep, asoc, authkey);
 out:
        kzfree(authkey);
        return ret;
@@ -3434,11 +3434,11 @@ static int sctp_setsockopt_active_key(struct sock *sk,
                                      char __user *optval,
                                      unsigned int optlen)
 {
-        struct net *net = sock_net(sk);
+        struct sctp_endpoint *ep = sctp_sk(sk)->ep;
        struct sctp_authkeyid val;
        struct sctp_association *asoc;
-        if (!net->sctp.auth_enable)
+        if (!ep->auth_enable)
                return -EACCES;
        if (optlen != sizeof(struct sctp_authkeyid))
@@ -3450,8 +3450,7 @@ static int sctp_setsockopt_active_key(struct sock *sk,
        if (!asoc && val.scact_assoc_id && sctp_style(sk, UDP))
                return -EINVAL;
-        return sctp_auth_set_active_key(sctp_sk(sk)->ep, asoc,
+        return sctp_auth_set_active_key(ep, asoc, val.scact_keynumber);
-                                        val.scact_keynumber);
 }
 /*
@@ -3463,11 +3462,11 @@ static int sctp_setsockopt_del_key(struct sock *sk,
                                   char __user *optval,
                                   unsigned int optlen)
 {
-        struct net *net = sock_net(sk);
+        struct sctp_endpoint *ep = sctp_sk(sk)->ep;
        struct sctp_authkeyid val;
        struct sctp_association *asoc;
-        if (!net->sctp.auth_enable)
+        if (!ep->auth_enable)
                return -EACCES;
        if (optlen != sizeof(struct sctp_authkeyid))
@@ -3479,8 +3478,7 @@ static int sctp_setsockopt_del_key(struct sock *sk,
        if (!asoc && val.scact_assoc_id && sctp_style(sk, UDP))
                return -EINVAL;
-        return sctp_auth_del_key_id(sctp_sk(sk)->ep, asoc,
+        return sctp_auth_del_key_id(ep, asoc, val.scact_keynumber);
-                                    val.scact_keynumber);
 }
@@ -5387,16 +5385,16 @@ static int sctp_getsockopt_maxburst(struct sock *sk, int len,
 static int sctp_getsockopt_hmac_ident(struct sock *sk, int len,
                                    char __user *optval, int __user *optlen)
 {
-        struct net *net = sock_net(sk);
+        struct sctp_endpoint *ep = sctp_sk(sk)->ep;
        struct sctp_hmacalgo  __user *p = (void __user *)optval;
        struct sctp_hmac_algo_param *hmacs;
        __u16 data_len = 0;
        u32 num_idents;
-        if (!net->sctp.auth_enable)
+        if (!ep->auth_enable)
                return -EACCES;
-        hmacs = sctp_sk(sk)->ep->auth_hmacs_list;
+        hmacs = ep->auth_hmacs_list;
        data_len = ntohs(hmacs->param_hdr.length) - sizeof(sctp_paramhdr_t);
        if (len < sizeof(struct sctp_hmacalgo) + data_len)
@@ -5417,11 +5415,11 @@ static int sctp_getsockopt_hmac_ident(struct sock *sk, int len,
 static int sctp_getsockopt_active_key(struct sock *sk, int len,
                                    char __user *optval, int __user *optlen)
 {
-        struct net *net = sock_net(sk);
+        struct sctp_endpoint *ep = sctp_sk(sk)->ep;
        struct sctp_authkeyid val;
        struct sctp_association *asoc;
-        if (!net->sctp.auth_enable)
+        if (!ep->auth_enable)
                return -EACCES;
        if (len < sizeof(struct sctp_authkeyid))
@@ -5436,7 +5434,7 @@ static int sctp_getsockopt_active_key(struct sock *sk, int len,
        if (asoc)
                val.scact_keynumber = asoc->active_key_id;
        else
-                val.scact_keynumber = sctp_sk(sk)->ep->active_key_id;
+                val.scact_keynumber = ep->active_key_id;
        len = sizeof(struct sctp_authkeyid);
        if (put_user(len, optlen))
@@ -5450,7 +5448,7 @@ static int sctp_getsockopt_active_key(struct sock *sk, int len,
 static int sctp_getsockopt_peer_auth_chunks(struct sock *sk, int len,
                                    char __user *optval, int __user *optlen)
 {
-        struct net *net = sock_net(sk);
+        struct sctp_endpoint *ep = sctp_sk(sk)->ep;
        struct sctp_authchunks __user *p = (void __user *)optval;
        struct sctp_authchunks val;
        struct sctp_association *asoc;
@@ -5458,7 +5456,7 @@ static int sctp_getsockopt_peer_auth_chunks(struct sock *sk, int len,
        u32    num_chunks = 0;
        char __user *to;
-        if (!net->sctp.auth_enable)
+        if (!ep->auth_enable)
                return -EACCES;
        if (len < sizeof(struct sctp_authchunks))
@@ -5495,7 +5493,7 @@ num:
 static int sctp_getsockopt_local_auth_chunks(struct sock *sk, int len,
                                    char __user *optval, int __user *optlen)
 {
-        struct net *net = sock_net(sk);
+        struct sctp_endpoint *ep = sctp_sk(sk)->ep;
        struct sctp_authchunks __user *p = (void __user *)optval;
        struct sctp_authchunks val;
        struct sctp_association *asoc;
@@ -5503,7 +5501,7 @@ static int sctp_getsockopt_local_auth_chunks(struct sock *sk, int len,
        u32    num_chunks = 0;
        char __user *to;
-        if (!net->sctp.auth_enable)
+        if (!ep->auth_enable)
                return -EACCES;
        if (len < sizeof(struct sctp_authchunks))
@@ -5520,7 +5518,7 @@ static int sctp_getsockopt_local_auth_chunks(struct sock *sk, int len,
        if (asoc)
                ch = (struct sctp_chunks_param *)asoc->c.auth_chunks;
        else
-                ch = sctp_sk(sk)->ep->auth_chunk_list;
+                ch = ep->auth_chunk_list;
        if (!ch)
                goto num;
diff --git a/net/sctp/sysctl.c b/net/sctp/sysctl.c
index 35c8923b5554..c82fdc1eab7c 100644
--- a/net/sctp/sysctl.c
+++ b/net/sctp/sysctl.c
@@ -64,6 +64,9 @@ static int proc_sctp_do_rto_min(struct ctl_table *ctl, int write,
 static int proc_sctp_do_rto_max(struct ctl_table *ctl, int write,
                                void __user *buffer, size_t *lenp,
                                loff_t *ppos);
+static int proc_sctp_do_auth(struct ctl_table *ctl, int write,
+                             void __user *buffer, size_t *lenp,
+                             loff_t *ppos);
 static struct ctl_table sctp_table[] = {
        {
@@ -266,7 +269,7 @@ static struct ctl_table sctp_net_table[] = {
                .data           = &init_net.sctp.auth_enable,
                .maxlen         = sizeof(int),
                .mode           = 0644,
-                .proc_handler   = proc_dointvec,
+                .proc_handler   = proc_sctp_do_auth,
        },
        {
                .procname       = "addr_scope_policy",
@@ -400,6 +403,37 @@ static int proc_sctp_do_rto_max(struct ctl_table *ctl, int write,
        return ret;
 }
+static int proc_sctp_do_auth(struct ctl_table *ctl, int write,
+                             void __user *buffer, size_t *lenp,
+                             loff_t *ppos)
+{
+        struct net *net = current->nsproxy->net_ns;
+        struct ctl_table tbl;
+        int new_value, ret;
+        memset(&tbl, 0, sizeof(struct ctl_table));
+        tbl.maxlen = sizeof(unsigned int);
+        if (write)
+                tbl.data = &new_value;
+        else
+                tbl.data = &net->sctp.auth_enable;
+        ret = proc_dointvec(&tbl, write, buffer, lenp, ppos);
+        if (write) {
+                struct sock *sk = net->sctp.ctl_sock;
+                net->sctp.auth_enable = new_value;
+                /* Update the value in the control socket */
+                lock_sock(sk);
+                sctp_sk(sk)->ep->auth_enable = new_value;
+                release_sock(sk);
+        }
+        return ret;
+}
 int sctp_sysctl_net_register(struct net *net)
 {
        struct ctl_table *table = sctp_net_table;
diff --git a/net/socket.c b/net/socket.c
index 1b1e7e6a960f..abf56b2a14f9 100644
--- a/net/socket.c
+++ b/net/socket.c
@@ -1880,8 +1880,8 @@ out:
 *      Receive a datagram from a socket.
 */
-asmlinkage long sys_recv(int fd, void __user *ubuf, size_t size,
+SYSCALL_DEFINE4(recv, int, fd, void __user *, ubuf, size_t, size,
-                         unsigned int flags)
+                unsigned int, flags)
 {
        return sys_recvfrom(fd, ubuf, size, flags, NULL, NULL);
 }
author	Linus Torvalds <torvalds@linux-foundation.org>	2014-04-18 20:53:46 -0400
committer	Linus Torvalds <torvalds@linux-foundation.org>	2014-04-18 20:53:46 -0400
commit	ebfc45ee7004088d610cd399d2dee6d95f87199b (patch)
tree	7e3edfaeb7660d20eb187e9d2b1d6c9a9b3ceece /net
parent	6e66d5dab5d530a368314eb631201a02aabb075d (diff)
parent	b14878ccb7fac0242db82720b784ab62c467c0dc (diff)