diff options
-rw-r--r-- | include/net/netfilter/ipv4/nf_conntrack_ipv4.h | 2 | ||||
-rw-r--r-- | net/core/utils.c | 1 | ||||
-rw-r--r-- | net/ipv4/netfilter/ipt_recent.c | 7 | ||||
-rw-r--r-- | net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c | 6 | ||||
-rw-r--r-- | net/ipv4/netfilter/nf_nat_standalone.c | 2 | ||||
-rw-r--r-- | net/ipv4/tcp_htcp.c | 4 | ||||
-rw-r--r-- | net/mac80211/debugfs_netdev.c | 8 | ||||
-rw-r--r-- | net/mac80211/debugfs_sta.c | 2 | ||||
-rw-r--r-- | net/mac80211/ieee80211.c | 1 | ||||
-rw-r--r-- | net/mac80211/ieee80211_ioctl.c | 19 | ||||
-rw-r--r-- | net/netfilter/nf_conntrack_netlink.c | 17 | ||||
-rw-r--r-- | net/netlabel/netlabel_domainhash.c | 10 |
12 files changed, 52 insertions, 27 deletions
diff --git a/include/net/netfilter/ipv4/nf_conntrack_ipv4.h b/include/net/netfilter/ipv4/nf_conntrack_ipv4.h index 7a671603fca6..9bf059817aec 100644 --- a/include/net/netfilter/ipv4/nf_conntrack_ipv4.h +++ b/include/net/netfilter/ipv4/nf_conntrack_ipv4.h | |||
@@ -21,4 +21,6 @@ extern struct nf_conntrack_l4proto nf_conntrack_l4proto_icmp; | |||
21 | extern int nf_conntrack_ipv4_compat_init(void); | 21 | extern int nf_conntrack_ipv4_compat_init(void); |
22 | extern void nf_conntrack_ipv4_compat_fini(void); | 22 | extern void nf_conntrack_ipv4_compat_fini(void); |
23 | 23 | ||
24 | extern void need_ipv4_conntrack(void); | ||
25 | |||
24 | #endif /*_NF_CONNTRACK_IPV4_H*/ | 26 | #endif /*_NF_CONNTRACK_IPV4_H*/ |
diff --git a/net/core/utils.c b/net/core/utils.c index 2030bb8c2d30..0bf17da40d52 100644 --- a/net/core/utils.c +++ b/net/core/utils.c | |||
@@ -25,6 +25,7 @@ | |||
25 | #include <linux/random.h> | 25 | #include <linux/random.h> |
26 | #include <linux/percpu.h> | 26 | #include <linux/percpu.h> |
27 | #include <linux/init.h> | 27 | #include <linux/init.h> |
28 | #include <net/sock.h> | ||
28 | 29 | ||
29 | #include <asm/byteorder.h> | 30 | #include <asm/byteorder.h> |
30 | #include <asm/system.h> | 31 | #include <asm/system.h> |
diff --git a/net/ipv4/netfilter/ipt_recent.c b/net/ipv4/netfilter/ipt_recent.c index 321804315659..6d0c0f7364ad 100644 --- a/net/ipv4/netfilter/ipt_recent.c +++ b/net/ipv4/netfilter/ipt_recent.c | |||
@@ -387,12 +387,17 @@ static int recent_seq_open(struct inode *inode, struct file *file) | |||
387 | st = kzalloc(sizeof(*st), GFP_KERNEL); | 387 | st = kzalloc(sizeof(*st), GFP_KERNEL); |
388 | if (st == NULL) | 388 | if (st == NULL) |
389 | return -ENOMEM; | 389 | return -ENOMEM; |
390 | |||
390 | ret = seq_open(file, &recent_seq_ops); | 391 | ret = seq_open(file, &recent_seq_ops); |
391 | if (ret) | 392 | if (ret) { |
392 | kfree(st); | 393 | kfree(st); |
394 | goto out; | ||
395 | } | ||
396 | |||
393 | st->table = pde->data; | 397 | st->table = pde->data; |
394 | seq = file->private_data; | 398 | seq = file->private_data; |
395 | seq->private = st; | 399 | seq->private = st; |
400 | out: | ||
396 | return ret; | 401 | return ret; |
397 | } | 402 | } |
398 | 403 | ||
diff --git a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c index 64552afd01cb..d9b5177989c6 100644 --- a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c +++ b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c | |||
@@ -509,3 +509,9 @@ static void __exit nf_conntrack_l3proto_ipv4_fini(void) | |||
509 | 509 | ||
510 | module_init(nf_conntrack_l3proto_ipv4_init); | 510 | module_init(nf_conntrack_l3proto_ipv4_init); |
511 | module_exit(nf_conntrack_l3proto_ipv4_fini); | 511 | module_exit(nf_conntrack_l3proto_ipv4_fini); |
512 | |||
513 | void need_ipv4_conntrack(void) | ||
514 | { | ||
515 | return; | ||
516 | } | ||
517 | EXPORT_SYMBOL_GPL(need_ipv4_conntrack); | ||
diff --git a/net/ipv4/netfilter/nf_nat_standalone.c b/net/ipv4/netfilter/nf_nat_standalone.c index 332814dac503..46cc99def165 100644 --- a/net/ipv4/netfilter/nf_nat_standalone.c +++ b/net/ipv4/netfilter/nf_nat_standalone.c | |||
@@ -328,7 +328,7 @@ static int __init nf_nat_standalone_init(void) | |||
328 | { | 328 | { |
329 | int ret = 0; | 329 | int ret = 0; |
330 | 330 | ||
331 | need_conntrack(); | 331 | need_ipv4_conntrack(); |
332 | 332 | ||
333 | #ifdef CONFIG_XFRM | 333 | #ifdef CONFIG_XFRM |
334 | BUG_ON(ip_nat_decode_session != NULL); | 334 | BUG_ON(ip_nat_decode_session != NULL); |
diff --git a/net/ipv4/tcp_htcp.c b/net/ipv4/tcp_htcp.c index b66556c0a5bd..5215691f2760 100644 --- a/net/ipv4/tcp_htcp.c +++ b/net/ipv4/tcp_htcp.c | |||
@@ -79,7 +79,6 @@ static u32 htcp_cwnd_undo(struct sock *sk) | |||
79 | static inline void measure_rtt(struct sock *sk, u32 srtt) | 79 | static inline void measure_rtt(struct sock *sk, u32 srtt) |
80 | { | 80 | { |
81 | const struct inet_connection_sock *icsk = inet_csk(sk); | 81 | const struct inet_connection_sock *icsk = inet_csk(sk); |
82 | const struct tcp_sock *tp = tcp_sk(sk); | ||
83 | struct htcp *ca = inet_csk_ca(sk); | 82 | struct htcp *ca = inet_csk_ca(sk); |
84 | 83 | ||
85 | /* keep track of minimum RTT seen so far, minRTT is zero at first */ | 84 | /* keep track of minimum RTT seen so far, minRTT is zero at first */ |
@@ -87,8 +86,7 @@ static inline void measure_rtt(struct sock *sk, u32 srtt) | |||
87 | ca->minRTT = srtt; | 86 | ca->minRTT = srtt; |
88 | 87 | ||
89 | /* max RTT */ | 88 | /* max RTT */ |
90 | if (icsk->icsk_ca_state == TCP_CA_Open | 89 | if (icsk->icsk_ca_state == TCP_CA_Open) { |
91 | && tp->snd_ssthresh < 0xFFFF && htcp_ccount(ca) > 3) { | ||
92 | if (ca->maxRTT < ca->minRTT) | 90 | if (ca->maxRTT < ca->minRTT) |
93 | ca->maxRTT = ca->minRTT; | 91 | ca->maxRTT = ca->minRTT; |
94 | if (ca->maxRTT < srtt | 92 | if (ca->maxRTT < srtt |
diff --git a/net/mac80211/debugfs_netdev.c b/net/mac80211/debugfs_netdev.c index 799a9208c4b4..095be91829ca 100644 --- a/net/mac80211/debugfs_netdev.c +++ b/net/mac80211/debugfs_netdev.c | |||
@@ -271,9 +271,11 @@ static void add_files(struct ieee80211_sub_if_data *sdata) | |||
271 | } | 271 | } |
272 | } | 272 | } |
273 | 273 | ||
274 | #define DEBUGFS_DEL(name, type)\ | 274 | #define DEBUGFS_DEL(name, type) \ |
275 | debugfs_remove(sdata->debugfs.type.name);\ | 275 | do { \ |
276 | sdata->debugfs.type.name = NULL; | 276 | debugfs_remove(sdata->debugfs.type.name); \ |
277 | sdata->debugfs.type.name = NULL; \ | ||
278 | } while (0) | ||
277 | 279 | ||
278 | static void del_sta_files(struct ieee80211_sub_if_data *sdata) | 280 | static void del_sta_files(struct ieee80211_sub_if_data *sdata) |
279 | { | 281 | { |
diff --git a/net/mac80211/debugfs_sta.c b/net/mac80211/debugfs_sta.c index d41e696f3980..da34ea70276f 100644 --- a/net/mac80211/debugfs_sta.c +++ b/net/mac80211/debugfs_sta.c | |||
@@ -157,7 +157,7 @@ static ssize_t sta_last_seq_ctrl_read(struct file *file, char __user *userbuf, | |||
157 | struct sta_info *sta = file->private_data; | 157 | struct sta_info *sta = file->private_data; |
158 | for (i = 0; i < NUM_RX_DATA_QUEUES; i++) | 158 | for (i = 0; i < NUM_RX_DATA_QUEUES; i++) |
159 | p += scnprintf(p, sizeof(buf)+buf-p, "%x ", | 159 | p += scnprintf(p, sizeof(buf)+buf-p, "%x ", |
160 | sta->last_seq_ctrl[i]); | 160 | le16_to_cpu(sta->last_seq_ctrl[i])); |
161 | p += scnprintf(p, sizeof(buf)+buf-p, "\n"); | 161 | p += scnprintf(p, sizeof(buf)+buf-p, "\n"); |
162 | return simple_read_from_buffer(userbuf, count, ppos, buf, p - buf); | 162 | return simple_read_from_buffer(userbuf, count, ppos, buf, p - buf); |
163 | } | 163 | } |
diff --git a/net/mac80211/ieee80211.c b/net/mac80211/ieee80211.c index c944b17d0fc0..8ec5ed192b5d 100644 --- a/net/mac80211/ieee80211.c +++ b/net/mac80211/ieee80211.c | |||
@@ -1650,6 +1650,7 @@ static int ieee80211_master_start_xmit(struct sk_buff *skb, | |||
1650 | if (skb_headroom(skb) < headroom) { | 1650 | if (skb_headroom(skb) < headroom) { |
1651 | if (pskb_expand_head(skb, headroom, 0, GFP_ATOMIC)) { | 1651 | if (pskb_expand_head(skb, headroom, 0, GFP_ATOMIC)) { |
1652 | dev_kfree_skb(skb); | 1652 | dev_kfree_skb(skb); |
1653 | dev_put(odev); | ||
1653 | return 0; | 1654 | return 0; |
1654 | } | 1655 | } |
1655 | } | 1656 | } |
diff --git a/net/mac80211/ieee80211_ioctl.c b/net/mac80211/ieee80211_ioctl.c index d0e1ab5589db..e7904db55325 100644 --- a/net/mac80211/ieee80211_ioctl.c +++ b/net/mac80211/ieee80211_ioctl.c | |||
@@ -697,17 +697,24 @@ static int ieee80211_ioctl_siwscan(struct net_device *dev, | |||
697 | if (!netif_running(dev)) | 697 | if (!netif_running(dev)) |
698 | return -ENETDOWN; | 698 | return -ENETDOWN; |
699 | 699 | ||
700 | if (local->scan_flags & IEEE80211_SCAN_MATCH_SSID) { | 700 | switch (sdata->type) { |
701 | if (sdata->type == IEEE80211_IF_TYPE_STA || | 701 | case IEEE80211_IF_TYPE_STA: |
702 | sdata->type == IEEE80211_IF_TYPE_IBSS) { | 702 | case IEEE80211_IF_TYPE_IBSS: |
703 | if (local->scan_flags & IEEE80211_SCAN_MATCH_SSID) { | ||
703 | ssid = sdata->u.sta.ssid; | 704 | ssid = sdata->u.sta.ssid; |
704 | ssid_len = sdata->u.sta.ssid_len; | 705 | ssid_len = sdata->u.sta.ssid_len; |
705 | } else if (sdata->type == IEEE80211_IF_TYPE_AP) { | 706 | } |
707 | break; | ||
708 | case IEEE80211_IF_TYPE_AP: | ||
709 | if (local->scan_flags & IEEE80211_SCAN_MATCH_SSID) { | ||
706 | ssid = sdata->u.ap.ssid; | 710 | ssid = sdata->u.ap.ssid; |
707 | ssid_len = sdata->u.ap.ssid_len; | 711 | ssid_len = sdata->u.ap.ssid_len; |
708 | } else | 712 | } |
709 | return -EINVAL; | 713 | break; |
714 | default: | ||
715 | return -EOPNOTSUPP; | ||
710 | } | 716 | } |
717 | |||
711 | return ieee80211_sta_req_scan(dev, ssid, ssid_len); | 718 | return ieee80211_sta_req_scan(dev, ssid, ssid_len); |
712 | } | 719 | } |
713 | 720 | ||
diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c index 6f89b105a205..2863e72b4091 100644 --- a/net/netfilter/nf_conntrack_netlink.c +++ b/net/netfilter/nf_conntrack_netlink.c | |||
@@ -1052,17 +1052,18 @@ ctnetlink_new_conntrack(struct sock *ctnl, struct sk_buff *skb, | |||
1052 | } | 1052 | } |
1053 | /* implicit 'else' */ | 1053 | /* implicit 'else' */ |
1054 | 1054 | ||
1055 | /* we only allow nat config for new conntracks */ | ||
1056 | if (cda[CTA_NAT_SRC-1] || cda[CTA_NAT_DST-1]) { | ||
1057 | err = -EINVAL; | ||
1058 | goto out_unlock; | ||
1059 | } | ||
1060 | |||
1061 | /* We manipulate the conntrack inside the global conntrack table lock, | 1055 | /* We manipulate the conntrack inside the global conntrack table lock, |
1062 | * so there's no need to increase the refcount */ | 1056 | * so there's no need to increase the refcount */ |
1063 | err = -EEXIST; | 1057 | err = -EEXIST; |
1064 | if (!(nlh->nlmsg_flags & NLM_F_EXCL)) | 1058 | if (!(nlh->nlmsg_flags & NLM_F_EXCL)) { |
1065 | err = ctnetlink_change_conntrack(nf_ct_tuplehash_to_ctrack(h), cda); | 1059 | /* we only allow nat config for new conntracks */ |
1060 | if (cda[CTA_NAT_SRC-1] || cda[CTA_NAT_DST-1]) { | ||
1061 | err = -EINVAL; | ||
1062 | goto out_unlock; | ||
1063 | } | ||
1064 | err = ctnetlink_change_conntrack(nf_ct_tuplehash_to_ctrack(h), | ||
1065 | cda); | ||
1066 | } | ||
1066 | 1067 | ||
1067 | out_unlock: | 1068 | out_unlock: |
1068 | write_unlock_bh(&nf_conntrack_lock); | 1069 | write_unlock_bh(&nf_conntrack_lock); |
diff --git a/net/netlabel/netlabel_domainhash.c b/net/netlabel/netlabel_domainhash.c index f46a0aeec44f..b6c844b7e1c1 100644 --- a/net/netlabel/netlabel_domainhash.c +++ b/net/netlabel/netlabel_domainhash.c | |||
@@ -126,7 +126,9 @@ static struct netlbl_dom_map *netlbl_domhsh_search(const char *domain, u32 def) | |||
126 | 126 | ||
127 | if (domain != NULL) { | 127 | if (domain != NULL) { |
128 | bkt = netlbl_domhsh_hash(domain); | 128 | bkt = netlbl_domhsh_hash(domain); |
129 | list_for_each_entry_rcu(iter, &netlbl_domhsh->tbl[bkt], list) | 129 | list_for_each_entry_rcu(iter, |
130 | &rcu_dereference(netlbl_domhsh)->tbl[bkt], | ||
131 | list) | ||
130 | if (iter->valid && strcmp(iter->domain, domain) == 0) | 132 | if (iter->valid && strcmp(iter->domain, domain) == 0) |
131 | return iter; | 133 | return iter; |
132 | } | 134 | } |
@@ -227,7 +229,7 @@ int netlbl_domhsh_add(struct netlbl_dom_map *entry, | |||
227 | spin_lock(&netlbl_domhsh_lock); | 229 | spin_lock(&netlbl_domhsh_lock); |
228 | if (netlbl_domhsh_search(entry->domain, 0) == NULL) | 230 | if (netlbl_domhsh_search(entry->domain, 0) == NULL) |
229 | list_add_tail_rcu(&entry->list, | 231 | list_add_tail_rcu(&entry->list, |
230 | &netlbl_domhsh->tbl[bkt]); | 232 | &rcu_dereference(netlbl_domhsh)->tbl[bkt]); |
231 | else | 233 | else |
232 | ret_val = -EEXIST; | 234 | ret_val = -EEXIST; |
233 | spin_unlock(&netlbl_domhsh_lock); | 235 | spin_unlock(&netlbl_domhsh_lock); |
@@ -423,8 +425,8 @@ int netlbl_domhsh_walk(u32 *skip_bkt, | |||
423 | iter_bkt < rcu_dereference(netlbl_domhsh)->size; | 425 | iter_bkt < rcu_dereference(netlbl_domhsh)->size; |
424 | iter_bkt++, chain_cnt = 0) { | 426 | iter_bkt++, chain_cnt = 0) { |
425 | list_for_each_entry_rcu(iter_entry, | 427 | list_for_each_entry_rcu(iter_entry, |
426 | &netlbl_domhsh->tbl[iter_bkt], | 428 | &rcu_dereference(netlbl_domhsh)->tbl[iter_bkt], |
427 | list) | 429 | list) |
428 | if (iter_entry->valid) { | 430 | if (iter_entry->valid) { |
429 | if (chain_cnt++ < *skip_chain) | 431 | if (chain_cnt++ < *skip_chain) |
430 | continue; | 432 | continue; |