aboutsummaryrefslogtreecommitdiffstats
path: root/net/ipv4
diff options
context:
space:
mode:
Diffstat (limited to 'net/ipv4')
-rw-r--r--net/ipv4/af_inet.c2
-rw-r--r--net/ipv4/ip_input.c2
-rw-r--r--net/ipv4/ip_options.c2
-rw-r--r--net/ipv4/netfilter/ip_conntrack_helper_h323.c2
-rw-r--r--net/ipv4/netfilter/ip_conntrack_helper_h323_asn1.c10
-rw-r--r--net/ipv4/netfilter/ip_conntrack_proto_sctp.c11
-rw-r--r--net/ipv4/netfilter/ip_nat_standalone.c2
-rw-r--r--net/ipv4/netfilter/ip_tables.c39
-rw-r--r--net/ipv4/tcp.c13
-rw-r--r--net/ipv4/tcp_highspeed.c2
-rw-r--r--net/ipv4/tcp_output.c2
-rw-r--r--net/ipv4/xfrm4_output.c2
12 files changed, 48 insertions, 41 deletions
diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c
index dc206f1f914f..0a277453526b 100644
--- a/net/ipv4/af_inet.c
+++ b/net/ipv4/af_inet.c
@@ -1257,7 +1257,7 @@ out_unregister_udp_proto:
1257 goto out; 1257 goto out;
1258} 1258}
1259 1259
1260module_init(inet_init); 1260fs_initcall(inet_init);
1261 1261
1262/* ------------------------------------------------------------------------ */ 1262/* ------------------------------------------------------------------------ */
1263 1263
diff --git a/net/ipv4/ip_input.c b/net/ipv4/ip_input.c
index 18d7fad474d7..c9026dbf4c93 100644
--- a/net/ipv4/ip_input.c
+++ b/net/ipv4/ip_input.c
@@ -337,7 +337,7 @@ static inline int ip_rcv_finish(struct sk_buff *skb)
337 * Initialise the virtual path cache for the packet. It describes 337 * Initialise the virtual path cache for the packet. It describes
338 * how the packet travels inside Linux networking. 338 * how the packet travels inside Linux networking.
339 */ 339 */
340 if (likely(skb->dst == NULL)) { 340 if (skb->dst == NULL) {
341 int err = ip_route_input(skb, iph->daddr, iph->saddr, iph->tos, 341 int err = ip_route_input(skb, iph->daddr, iph->saddr, iph->tos,
342 skb->dev); 342 skb->dev);
343 if (unlikely(err)) { 343 if (unlikely(err)) {
diff --git a/net/ipv4/ip_options.c b/net/ipv4/ip_options.c
index 9bebad07bf2e..cbcae6544622 100644
--- a/net/ipv4/ip_options.c
+++ b/net/ipv4/ip_options.c
@@ -209,7 +209,7 @@ int ip_options_echo(struct ip_options * dopt, struct sk_buff * skb)
209 209
210void ip_options_fragment(struct sk_buff * skb) 210void ip_options_fragment(struct sk_buff * skb)
211{ 211{
212 unsigned char * optptr = skb->nh.raw; 212 unsigned char * optptr = skb->nh.raw + sizeof(struct iphdr);
213 struct ip_options * opt = &(IPCB(skb)->opt); 213 struct ip_options * opt = &(IPCB(skb)->opt);
214 int l = opt->optlen; 214 int l = opt->optlen;
215 int optlen; 215 int optlen;
diff --git a/net/ipv4/netfilter/ip_conntrack_helper_h323.c b/net/ipv4/netfilter/ip_conntrack_helper_h323.c
index 2c2fb700d835..518f581d39ec 100644
--- a/net/ipv4/netfilter/ip_conntrack_helper_h323.c
+++ b/net/ipv4/netfilter/ip_conntrack_helper_h323.c
@@ -162,6 +162,8 @@ static int get_tpkt_data(struct sk_buff **pskb, struct ip_conntrack *ct,
162 162
163 /* Validate TPKT length */ 163 /* Validate TPKT length */
164 tpktlen = tpkt[2] * 256 + tpkt[3]; 164 tpktlen = tpkt[2] * 256 + tpkt[3];
165 if (tpktlen < 4)
166 goto clear_out;
165 if (tpktlen > tcpdatalen) { 167 if (tpktlen > tcpdatalen) {
166 if (tcpdatalen == 4) { /* Separate TPKT header */ 168 if (tcpdatalen == 4) { /* Separate TPKT header */
167 /* Netmeeting sends TPKT header and data separately */ 169 /* Netmeeting sends TPKT header and data separately */
diff --git a/net/ipv4/netfilter/ip_conntrack_helper_h323_asn1.c b/net/ipv4/netfilter/ip_conntrack_helper_h323_asn1.c
index 48078002e450..355a53a5b6cd 100644
--- a/net/ipv4/netfilter/ip_conntrack_helper_h323_asn1.c
+++ b/net/ipv4/netfilter/ip_conntrack_helper_h323_asn1.c
@@ -2,7 +2,7 @@
2 * ip_conntrack_helper_h323_asn1.c - BER and PER decoding library for H.323 2 * ip_conntrack_helper_h323_asn1.c - BER and PER decoding library for H.323
3 * conntrack/NAT module. 3 * conntrack/NAT module.
4 * 4 *
5 * Copyright (c) 2006 by Jing Min Zhao <zhaojingmin@hotmail.com> 5 * Copyright (c) 2006 by Jing Min Zhao <zhaojingmin@users.sourceforge.net>
6 * 6 *
7 * This source code is licensed under General Public License version 2. 7 * This source code is licensed under General Public License version 2.
8 * 8 *
@@ -703,6 +703,10 @@ int decode_choice(bitstr_t * bs, field_t * f, char *base, int level)
703 type = get_bits(bs, f->sz); 703 type = get_bits(bs, f->sz);
704 } 704 }
705 705
706 /* Write Type */
707 if (base)
708 *(unsigned *) base = type;
709
706 /* Check Range */ 710 /* Check Range */
707 if (type >= f->ub) { /* Newer version? */ 711 if (type >= f->ub) { /* Newer version? */
708 BYTE_ALIGN(bs); 712 BYTE_ALIGN(bs);
@@ -712,10 +716,6 @@ int decode_choice(bitstr_t * bs, field_t * f, char *base, int level)
712 return H323_ERROR_NONE; 716 return H323_ERROR_NONE;
713 } 717 }
714 718
715 /* Write Type */
716 if (base)
717 *(unsigned *) base = type;
718
719 /* Transfer to son level */ 719 /* Transfer to son level */
720 son = &f->fields[type]; 720 son = &f->fields[type];
721 if (son->attr & STOP) { 721 if (son->attr & STOP) {
diff --git a/net/ipv4/netfilter/ip_conntrack_proto_sctp.c b/net/ipv4/netfilter/ip_conntrack_proto_sctp.c
index 5259abd0fb42..0416073c5600 100644
--- a/net/ipv4/netfilter/ip_conntrack_proto_sctp.c
+++ b/net/ipv4/netfilter/ip_conntrack_proto_sctp.c
@@ -235,12 +235,15 @@ static int do_basic_checks(struct ip_conntrack *conntrack,
235 flag = 1; 235 flag = 1;
236 } 236 }
237 237
238 /* Cookie Ack/Echo chunks not the first OR 238 /*
239 Init / Init Ack / Shutdown compl chunks not the only chunks */ 239 * Cookie Ack/Echo chunks not the first OR
240 if ((sch->type == SCTP_CID_COOKIE_ACK 240 * Init / Init Ack / Shutdown compl chunks not the only chunks
241 * OR zero-length.
242 */
243 if (((sch->type == SCTP_CID_COOKIE_ACK
241 || sch->type == SCTP_CID_COOKIE_ECHO 244 || sch->type == SCTP_CID_COOKIE_ECHO
242 || flag) 245 || flag)
243 && count !=0 ) { 246 && count !=0) || !sch->length) {
244 DEBUGP("Basic checks failed\n"); 247 DEBUGP("Basic checks failed\n");
245 return 1; 248 return 1;
246 } 249 }
diff --git a/net/ipv4/netfilter/ip_nat_standalone.c b/net/ipv4/netfilter/ip_nat_standalone.c
index 8f760b28617e..67e676783da9 100644
--- a/net/ipv4/netfilter/ip_nat_standalone.c
+++ b/net/ipv4/netfilter/ip_nat_standalone.c
@@ -219,8 +219,10 @@ ip_nat_out(unsigned int hooknum,
219 const struct net_device *out, 219 const struct net_device *out,
220 int (*okfn)(struct sk_buff *)) 220 int (*okfn)(struct sk_buff *))
221{ 221{
222#ifdef CONFIG_XFRM
222 struct ip_conntrack *ct; 223 struct ip_conntrack *ct;
223 enum ip_conntrack_info ctinfo; 224 enum ip_conntrack_info ctinfo;
225#endif
224 unsigned int ret; 226 unsigned int ret;
225 227
226 /* root is playing with raw sockets. */ 228 /* root is playing with raw sockets. */
diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c
index d25ac8ba6eba..cee3397ec277 100644
--- a/net/ipv4/netfilter/ip_tables.c
+++ b/net/ipv4/netfilter/ip_tables.c
@@ -956,15 +956,16 @@ struct compat_ipt_standard_target
956 compat_int_t verdict; 956 compat_int_t verdict;
957}; 957};
958 958
959#define IPT_ST_OFFSET (sizeof(struct ipt_standard_target) - \
960 sizeof(struct compat_ipt_standard_target))
961
962struct compat_ipt_standard 959struct compat_ipt_standard
963{ 960{
964 struct compat_ipt_entry entry; 961 struct compat_ipt_entry entry;
965 struct compat_ipt_standard_target target; 962 struct compat_ipt_standard_target target;
966}; 963};
967 964
965#define IPT_ST_LEN XT_ALIGN(sizeof(struct ipt_standard_target))
966#define IPT_ST_COMPAT_LEN COMPAT_XT_ALIGN(sizeof(struct compat_ipt_standard_target))
967#define IPT_ST_OFFSET (IPT_ST_LEN - IPT_ST_COMPAT_LEN)
968
968static int compat_ipt_standard_fn(void *target, 969static int compat_ipt_standard_fn(void *target,
969 void **dstptr, int *size, int convert) 970 void **dstptr, int *size, int convert)
970{ 971{
@@ -975,35 +976,29 @@ static int compat_ipt_standard_fn(void *target,
975 ret = 0; 976 ret = 0;
976 switch (convert) { 977 switch (convert) {
977 case COMPAT_TO_USER: 978 case COMPAT_TO_USER:
978 pst = (struct ipt_standard_target *)target; 979 pst = target;
979 memcpy(&compat_st.target, &pst->target, 980 memcpy(&compat_st.target, &pst->target,
980 sizeof(struct ipt_entry_target)); 981 sizeof(compat_st.target));
981 compat_st.verdict = pst->verdict; 982 compat_st.verdict = pst->verdict;
982 if (compat_st.verdict > 0) 983 if (compat_st.verdict > 0)
983 compat_st.verdict -= 984 compat_st.verdict -=
984 compat_calc_jump(compat_st.verdict); 985 compat_calc_jump(compat_st.verdict);
985 compat_st.target.u.user.target_size = 986 compat_st.target.u.user.target_size = IPT_ST_COMPAT_LEN;
986 sizeof(struct compat_ipt_standard_target); 987 if (copy_to_user(*dstptr, &compat_st, IPT_ST_COMPAT_LEN))
987 if (__copy_to_user(*dstptr, &compat_st,
988 sizeof(struct compat_ipt_standard_target)))
989 ret = -EFAULT; 988 ret = -EFAULT;
990 *size -= IPT_ST_OFFSET; 989 *size -= IPT_ST_OFFSET;
991 *dstptr += sizeof(struct compat_ipt_standard_target); 990 *dstptr += IPT_ST_COMPAT_LEN;
992 break; 991 break;
993 case COMPAT_FROM_USER: 992 case COMPAT_FROM_USER:
994 pcompat_st = 993 pcompat_st = target;
995 (struct compat_ipt_standard_target *)target; 994 memcpy(&st.target, &pcompat_st->target, IPT_ST_COMPAT_LEN);
996 memcpy(&st.target, &pcompat_st->target,
997 sizeof(struct ipt_entry_target));
998 st.verdict = pcompat_st->verdict; 995 st.verdict = pcompat_st->verdict;
999 if (st.verdict > 0) 996 if (st.verdict > 0)
1000 st.verdict += compat_calc_jump(st.verdict); 997 st.verdict += compat_calc_jump(st.verdict);
1001 st.target.u.user.target_size = 998 st.target.u.user.target_size = IPT_ST_LEN;
1002 sizeof(struct ipt_standard_target); 999 memcpy(*dstptr, &st, IPT_ST_LEN);
1003 memcpy(*dstptr, &st,
1004 sizeof(struct ipt_standard_target));
1005 *size += IPT_ST_OFFSET; 1000 *size += IPT_ST_OFFSET;
1006 *dstptr += sizeof(struct ipt_standard_target); 1001 *dstptr += IPT_ST_LEN;
1007 break; 1002 break;
1008 case COMPAT_CALC_SIZE: 1003 case COMPAT_CALC_SIZE:
1009 *size += IPT_ST_OFFSET; 1004 *size += IPT_ST_OFFSET;
@@ -1446,7 +1441,7 @@ static int compat_copy_entry_to_user(struct ipt_entry *e,
1446 ret = -EFAULT; 1441 ret = -EFAULT;
1447 origsize = *size; 1442 origsize = *size;
1448 ce = (struct compat_ipt_entry __user *)*dstptr; 1443 ce = (struct compat_ipt_entry __user *)*dstptr;
1449 if (__copy_to_user(ce, e, sizeof(struct ipt_entry))) 1444 if (copy_to_user(ce, e, sizeof(struct ipt_entry)))
1450 goto out; 1445 goto out;
1451 1446
1452 *dstptr += sizeof(struct compat_ipt_entry); 1447 *dstptr += sizeof(struct compat_ipt_entry);
@@ -1464,9 +1459,9 @@ static int compat_copy_entry_to_user(struct ipt_entry *e,
1464 goto out; 1459 goto out;
1465 ret = -EFAULT; 1460 ret = -EFAULT;
1466 next_offset = e->next_offset - (origsize - *size); 1461 next_offset = e->next_offset - (origsize - *size);
1467 if (__put_user(target_offset, &ce->target_offset)) 1462 if (put_user(target_offset, &ce->target_offset))
1468 goto out; 1463 goto out;
1469 if (__put_user(next_offset, &ce->next_offset)) 1464 if (put_user(next_offset, &ce->next_offset))
1470 goto out; 1465 goto out;
1471 return 0; 1466 return 0;
1472out: 1467out:
diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
index 87f68e787d0c..e2b7b8055037 100644
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -1468,6 +1468,7 @@ void tcp_close(struct sock *sk, long timeout)
1468{ 1468{
1469 struct sk_buff *skb; 1469 struct sk_buff *skb;
1470 int data_was_unread = 0; 1470 int data_was_unread = 0;
1471 int state;
1471 1472
1472 lock_sock(sk); 1473 lock_sock(sk);
1473 sk->sk_shutdown = SHUTDOWN_MASK; 1474 sk->sk_shutdown = SHUTDOWN_MASK;
@@ -1544,6 +1545,11 @@ void tcp_close(struct sock *sk, long timeout)
1544 sk_stream_wait_close(sk, timeout); 1545 sk_stream_wait_close(sk, timeout);
1545 1546
1546adjudge_to_death: 1547adjudge_to_death:
1548 state = sk->sk_state;
1549 sock_hold(sk);
1550 sock_orphan(sk);
1551 atomic_inc(sk->sk_prot->orphan_count);
1552
1547 /* It is the last release_sock in its life. It will remove backlog. */ 1553 /* It is the last release_sock in its life. It will remove backlog. */
1548 release_sock(sk); 1554 release_sock(sk);
1549 1555
@@ -1555,8 +1561,9 @@ adjudge_to_death:
1555 bh_lock_sock(sk); 1561 bh_lock_sock(sk);
1556 BUG_TRAP(!sock_owned_by_user(sk)); 1562 BUG_TRAP(!sock_owned_by_user(sk));
1557 1563
1558 sock_hold(sk); 1564 /* Have we already been destroyed by a softirq or backlog? */
1559 sock_orphan(sk); 1565 if (state != TCP_CLOSE && sk->sk_state == TCP_CLOSE)
1566 goto out;
1560 1567
1561 /* This is a (useful) BSD violating of the RFC. There is a 1568 /* This is a (useful) BSD violating of the RFC. There is a
1562 * problem with TCP as specified in that the other end could 1569 * problem with TCP as specified in that the other end could
@@ -1584,7 +1591,6 @@ adjudge_to_death:
1584 if (tmo > TCP_TIMEWAIT_LEN) { 1591 if (tmo > TCP_TIMEWAIT_LEN) {
1585 inet_csk_reset_keepalive_timer(sk, tcp_fin_time(sk)); 1592 inet_csk_reset_keepalive_timer(sk, tcp_fin_time(sk));
1586 } else { 1593 } else {
1587 atomic_inc(sk->sk_prot->orphan_count);
1588 tcp_time_wait(sk, TCP_FIN_WAIT2, tmo); 1594 tcp_time_wait(sk, TCP_FIN_WAIT2, tmo);
1589 goto out; 1595 goto out;
1590 } 1596 }
@@ -1603,7 +1609,6 @@ adjudge_to_death:
1603 NET_INC_STATS_BH(LINUX_MIB_TCPABORTONMEMORY); 1609 NET_INC_STATS_BH(LINUX_MIB_TCPABORTONMEMORY);
1604 } 1610 }
1605 } 1611 }
1606 atomic_inc(sk->sk_prot->orphan_count);
1607 1612
1608 if (sk->sk_state == TCP_CLOSE) 1613 if (sk->sk_state == TCP_CLOSE)
1609 inet_csk_destroy_sock(sk); 1614 inet_csk_destroy_sock(sk);
diff --git a/net/ipv4/tcp_highspeed.c b/net/ipv4/tcp_highspeed.c
index e0e9d1383c7c..b72fa55dfb84 100644
--- a/net/ipv4/tcp_highspeed.c
+++ b/net/ipv4/tcp_highspeed.c
@@ -137,8 +137,8 @@ static void hstcp_cong_avoid(struct sock *sk, u32 adk, u32 rtt,
137 if (tp->snd_cwnd < tp->snd_cwnd_clamp) { 137 if (tp->snd_cwnd < tp->snd_cwnd_clamp) {
138 tp->snd_cwnd_cnt += ca->ai; 138 tp->snd_cwnd_cnt += ca->ai;
139 if (tp->snd_cwnd_cnt >= tp->snd_cwnd) { 139 if (tp->snd_cwnd_cnt >= tp->snd_cwnd) {
140 tp->snd_cwnd++;
141 tp->snd_cwnd_cnt -= tp->snd_cwnd; 140 tp->snd_cwnd_cnt -= tp->snd_cwnd;
141 tp->snd_cwnd++;
142 } 142 }
143 } 143 }
144 } 144 }
diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c
index a28ae593b976..743016baa048 100644
--- a/net/ipv4/tcp_output.c
+++ b/net/ipv4/tcp_output.c
@@ -465,7 +465,7 @@ static int tcp_transmit_skb(struct sock *sk, struct sk_buff *skb, int clone_it,
465 TCP_INC_STATS(TCP_MIB_OUTSEGS); 465 TCP_INC_STATS(TCP_MIB_OUTSEGS);
466 466
467 err = icsk->icsk_af_ops->queue_xmit(skb, 0); 467 err = icsk->icsk_af_ops->queue_xmit(skb, 0);
468 if (unlikely(err <= 0)) 468 if (likely(err <= 0))
469 return err; 469 return err;
470 470
471 tcp_enter_cwr(sk); 471 tcp_enter_cwr(sk);
diff --git a/net/ipv4/xfrm4_output.c b/net/ipv4/xfrm4_output.c
index 32ad229b4fed..4ef8efaf6a67 100644
--- a/net/ipv4/xfrm4_output.c
+++ b/net/ipv4/xfrm4_output.c
@@ -62,7 +62,7 @@ static void xfrm4_encap(struct sk_buff *skb)
62 top_iph->frag_off = (flags & XFRM_STATE_NOPMTUDISC) ? 62 top_iph->frag_off = (flags & XFRM_STATE_NOPMTUDISC) ?
63 0 : (iph->frag_off & htons(IP_DF)); 63 0 : (iph->frag_off & htons(IP_DF));
64 if (!top_iph->frag_off) 64 if (!top_iph->frag_off)
65 __ip_select_ident(top_iph, dst, 0); 65 __ip_select_ident(top_iph, dst->child, 0);
66 66
67 top_iph->ttl = dst_metric(dst->child, RTAX_HOPLIMIT); 67 top_iph->ttl = dst_metric(dst->child, RTAX_HOPLIMIT);
68 68
generated by cgit v1.2.2 (git 2.25.0) at 2024-12-01 00:17:24 -0500