aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
Diffstat (limited to 'net')
-rw-r--r--net/ax25/af_ax25.c7
-rw-r--r--net/ax25/ax25_addr.c3
-rw-r--r--net/ax25/ax25_route.c7
-rw-r--r--net/ax25/ax25_uid.c4
-rw-r--r--net/compat.c44
-rw-r--r--net/core/sock.c9
-rw-r--r--net/core/wireless.c58
-rw-r--r--net/ieee80211/ieee80211_crypt.c27
-rw-r--r--net/ieee80211/ieee80211_crypt_ccmp.c47
-rw-r--r--net/ieee80211/ieee80211_crypt_tkip.c133
-rw-r--r--net/ieee80211/ieee80211_crypt_wep.c30
-rw-r--r--net/ieee80211/ieee80211_module.c40
-rw-r--r--net/ieee80211/ieee80211_rx.c310
-rw-r--r--net/ieee80211/ieee80211_tx.c66
-rw-r--r--net/ieee80211/ieee80211_wx.c73
-rw-r--r--net/ipv4/ip_fragment.c2
-rw-r--r--net/ipv4/netfilter/Kconfig20
-rw-r--r--net/ipv4/netfilter/Makefile1
-rw-r--r--net/ipv4/netfilter/ip_conntrack_amanda.c1
-rw-r--r--net/ipv4/netfilter/ip_conntrack_core.c38
-rw-r--r--net/ipv4/netfilter/ip_conntrack_ftp.c1
-rw-r--r--net/ipv4/netfilter/ip_conntrack_irc.c1
-rw-r--r--net/ipv4/netfilter/ip_conntrack_netbios_ns.c131
-rw-r--r--net/ipv4/netfilter/ip_conntrack_netlink.c13
-rw-r--r--net/ipv4/netfilter/ip_conntrack_proto_tcp.c1
-rw-r--r--net/ipv4/netfilter/ip_conntrack_standalone.c2
-rw-r--r--net/ipv4/netfilter/ip_conntrack_tftp.c1
-rw-r--r--net/ipv4/netfilter/ip_nat_rule.c21
-rw-r--r--net/ipv4/netfilter/ip_nat_standalone.c8
-rw-r--r--net/ipv4/udp.c2
-rw-r--r--net/ipv6/exthdrs.c9
-rw-r--r--net/ipv6/reassembly.c9
-rw-r--r--net/ipv6/udp.c2
-rw-r--r--net/netfilter/nfnetlink_queue.c8
-rw-r--r--net/netlink/af_netlink.c59
-rw-r--r--net/netrom/af_netrom.c7
-rw-r--r--net/netrom/nr_route.c8
-rw-r--r--net/packet/af_packet.c6
-rw-r--r--net/rose/af_rose.c6
-rw-r--r--net/rose/rose_route.c14
-rw-r--r--net/rose/rose_subr.c5
-rw-r--r--net/socket.c25
-rw-r--r--net/sunrpc/auth_gss/svcauth_gss.c8
-rw-r--r--net/sunrpc/cache.c8
-rw-r--r--net/sunrpc/stats.c16
-rw-r--r--net/sunrpc/sunrpc_syms.c6
-rw-r--r--net/sunrpc/svcauth.c1
-rw-r--r--net/sunrpc/svcauth_unix.c1
48 files changed, 741 insertions, 558 deletions
diff --git a/net/ax25/af_ax25.c b/net/ax25/af_ax25.c
index ea43dfb774e2..ed705ddad56b 100644
--- a/net/ax25/af_ax25.c
+++ b/net/ax25/af_ax25.c
@@ -1874,6 +1874,7 @@ static void ax25_info_stop(struct seq_file *seq, void *v)
1874static int ax25_info_show(struct seq_file *seq, void *v) 1874static int ax25_info_show(struct seq_file *seq, void *v)
1875{ 1875{
1876 ax25_cb *ax25 = v; 1876 ax25_cb *ax25 = v;
1877 char buf[11];
1877 int k; 1878 int k;
1878 1879
1879 1880
@@ -1885,13 +1886,13 @@ static int ax25_info_show(struct seq_file *seq, void *v)
1885 seq_printf(seq, "%8.8lx %s %s%s ", 1886 seq_printf(seq, "%8.8lx %s %s%s ",
1886 (long) ax25, 1887 (long) ax25,
1887 ax25->ax25_dev == NULL? "???" : ax25->ax25_dev->dev->name, 1888 ax25->ax25_dev == NULL? "???" : ax25->ax25_dev->dev->name,
1888 ax2asc(&ax25->source_addr), 1889 ax2asc(buf, &ax25->source_addr),
1889 ax25->iamdigi? "*":""); 1890 ax25->iamdigi? "*":"");
1890 seq_printf(seq, "%s", ax2asc(&ax25->dest_addr)); 1891 seq_printf(seq, "%s", ax2asc(buf, &ax25->dest_addr));
1891 1892
1892 for (k=0; (ax25->digipeat != NULL) && (k < ax25->digipeat->ndigi); k++) { 1893 for (k=0; (ax25->digipeat != NULL) && (k < ax25->digipeat->ndigi); k++) {
1893 seq_printf(seq, ",%s%s", 1894 seq_printf(seq, ",%s%s",
1894 ax2asc(&ax25->digipeat->calls[k]), 1895 ax2asc(buf, &ax25->digipeat->calls[k]),
1895 ax25->digipeat->repeated[k]? "*":""); 1896 ax25->digipeat->repeated[k]? "*":"");
1896 } 1897 }
1897 1898
diff --git a/net/ax25/ax25_addr.c b/net/ax25/ax25_addr.c
index f4fa6dfb846e..dca179daf415 100644
--- a/net/ax25/ax25_addr.c
+++ b/net/ax25/ax25_addr.c
@@ -36,9 +36,8 @@ ax25_address null_ax25_address = {{0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x00}};
36/* 36/*
37 * ax25 -> ascii conversion 37 * ax25 -> ascii conversion
38 */ 38 */
39char *ax2asc(ax25_address *a) 39char *ax2asc(char *buf, ax25_address *a)
40{ 40{
41 static char buf[11];
42 char c, *s; 41 char c, *s;
43 int n; 42 int n;
44 43
diff --git a/net/ax25/ax25_route.c b/net/ax25/ax25_route.c
index c288526da4ce..26b77d972220 100644
--- a/net/ax25/ax25_route.c
+++ b/net/ax25/ax25_route.c
@@ -298,6 +298,8 @@ static void ax25_rt_seq_stop(struct seq_file *seq, void *v)
298 298
299static int ax25_rt_seq_show(struct seq_file *seq, void *v) 299static int ax25_rt_seq_show(struct seq_file *seq, void *v)
300{ 300{
301 char buf[11];
302
301 if (v == SEQ_START_TOKEN) 303 if (v == SEQ_START_TOKEN)
302 seq_puts(seq, "callsign dev mode digipeaters\n"); 304 seq_puts(seq, "callsign dev mode digipeaters\n");
303 else { 305 else {
@@ -308,7 +310,7 @@ static int ax25_rt_seq_show(struct seq_file *seq, void *v)
308 if (ax25cmp(&ax25_rt->callsign, &null_ax25_address) == 0) 310 if (ax25cmp(&ax25_rt->callsign, &null_ax25_address) == 0)
309 callsign = "default"; 311 callsign = "default";
310 else 312 else
311 callsign = ax2asc(&ax25_rt->callsign); 313 callsign = ax2asc(buf, &ax25_rt->callsign);
312 314
313 seq_printf(seq, "%-9s %-4s", 315 seq_printf(seq, "%-9s %-4s",
314 callsign, 316 callsign,
@@ -328,7 +330,8 @@ static int ax25_rt_seq_show(struct seq_file *seq, void *v)
328 330
329 if (ax25_rt->digipeat != NULL) 331 if (ax25_rt->digipeat != NULL)
330 for (i = 0; i < ax25_rt->digipeat->ndigi; i++) 332 for (i = 0; i < ax25_rt->digipeat->ndigi; i++)
331 seq_printf(seq, " %s", ax2asc(&ax25_rt->digipeat->calls[i])); 333 seq_printf(seq, " %s",
334 ax2asc(buf, &ax25_rt->digipeat->calls[i]));
332 335
333 seq_puts(seq, "\n"); 336 seq_puts(seq, "\n");
334 } 337 }
diff --git a/net/ax25/ax25_uid.c b/net/ax25/ax25_uid.c
index a8b3822f3ee4..d53cc8615865 100644
--- a/net/ax25/ax25_uid.c
+++ b/net/ax25/ax25_uid.c
@@ -168,12 +168,14 @@ static void ax25_uid_seq_stop(struct seq_file *seq, void *v)
168 168
169static int ax25_uid_seq_show(struct seq_file *seq, void *v) 169static int ax25_uid_seq_show(struct seq_file *seq, void *v)
170{ 170{
171 char buf[11];
172
171 if (v == SEQ_START_TOKEN) 173 if (v == SEQ_START_TOKEN)
172 seq_printf(seq, "Policy: %d\n", ax25_uid_policy); 174 seq_printf(seq, "Policy: %d\n", ax25_uid_policy);
173 else { 175 else {
174 struct ax25_uid_assoc *pt = v; 176 struct ax25_uid_assoc *pt = v;
175 177
176 seq_printf(seq, "%6d %s\n", pt->uid, ax2asc(&pt->call)); 178 seq_printf(seq, "%6d %s\n", pt->uid, ax2asc(buf, &pt->call));
177 } 179 }
178 return 0; 180 return 0;
179} 181}
diff --git a/net/compat.c b/net/compat.c
index d99ab9695893..e593dace2fdb 100644
--- a/net/compat.c
+++ b/net/compat.c
@@ -135,13 +135,14 @@ static inline struct compat_cmsghdr __user *cmsg_compat_nxthdr(struct msghdr *ms
135 * thus placement) of cmsg headers and length are different for 135 * thus placement) of cmsg headers and length are different for
136 * 32-bit apps. -DaveM 136 * 32-bit apps. -DaveM
137 */ 137 */
138int cmsghdr_from_user_compat_to_kern(struct msghdr *kmsg, 138int cmsghdr_from_user_compat_to_kern(struct msghdr *kmsg, struct sock *sk,
139 unsigned char *stackbuf, int stackbuf_size) 139 unsigned char *stackbuf, int stackbuf_size)
140{ 140{
141 struct compat_cmsghdr __user *ucmsg; 141 struct compat_cmsghdr __user *ucmsg;
142 struct cmsghdr *kcmsg, *kcmsg_base; 142 struct cmsghdr *kcmsg, *kcmsg_base;
143 compat_size_t ucmlen; 143 compat_size_t ucmlen;
144 __kernel_size_t kcmlen, tmp; 144 __kernel_size_t kcmlen, tmp;
145 int err = -EFAULT;
145 146
146 kcmlen = 0; 147 kcmlen = 0;
147 kcmsg_base = kcmsg = (struct cmsghdr *)stackbuf; 148 kcmsg_base = kcmsg = (struct cmsghdr *)stackbuf;
@@ -156,6 +157,7 @@ int cmsghdr_from_user_compat_to_kern(struct msghdr *kmsg,
156 157
157 tmp = ((ucmlen - CMSG_COMPAT_ALIGN(sizeof(*ucmsg))) + 158 tmp = ((ucmlen - CMSG_COMPAT_ALIGN(sizeof(*ucmsg))) +
158 CMSG_ALIGN(sizeof(struct cmsghdr))); 159 CMSG_ALIGN(sizeof(struct cmsghdr)));
160 tmp = CMSG_ALIGN(tmp);
159 kcmlen += tmp; 161 kcmlen += tmp;
160 ucmsg = cmsg_compat_nxthdr(kmsg, ucmsg, ucmlen); 162 ucmsg = cmsg_compat_nxthdr(kmsg, ucmsg, ucmlen);
161 } 163 }
@@ -167,30 +169,34 @@ int cmsghdr_from_user_compat_to_kern(struct msghdr *kmsg,
167 * until we have successfully copied over all of the data 169 * until we have successfully copied over all of the data
168 * from the user. 170 * from the user.
169 */ 171 */
170 if(kcmlen > stackbuf_size) 172 if (kcmlen > stackbuf_size)
171 kcmsg_base = kcmsg = kmalloc(kcmlen, GFP_KERNEL); 173 kcmsg_base = kcmsg = sock_kmalloc(sk, kcmlen, GFP_KERNEL);
172 if(kcmsg == NULL) 174 if (kcmsg == NULL)
173 return -ENOBUFS; 175 return -ENOBUFS;
174 176
175 /* Now copy them over neatly. */ 177 /* Now copy them over neatly. */
176 memset(kcmsg, 0, kcmlen); 178 memset(kcmsg, 0, kcmlen);
177 ucmsg = CMSG_COMPAT_FIRSTHDR(kmsg); 179 ucmsg = CMSG_COMPAT_FIRSTHDR(kmsg);
178 while(ucmsg != NULL) { 180 while(ucmsg != NULL) {
179 __get_user(ucmlen, &ucmsg->cmsg_len); 181 if (__get_user(ucmlen, &ucmsg->cmsg_len))
182 goto Efault;
183 if (!CMSG_COMPAT_OK(ucmlen, ucmsg, kmsg))
184 goto Einval;
180 tmp = ((ucmlen - CMSG_COMPAT_ALIGN(sizeof(*ucmsg))) + 185 tmp = ((ucmlen - CMSG_COMPAT_ALIGN(sizeof(*ucmsg))) +
181 CMSG_ALIGN(sizeof(struct cmsghdr))); 186 CMSG_ALIGN(sizeof(struct cmsghdr)));
187 if ((char *)kcmsg_base + kcmlen - (char *)kcmsg < CMSG_ALIGN(tmp))
188 goto Einval;
182 kcmsg->cmsg_len = tmp; 189 kcmsg->cmsg_len = tmp;
183 __get_user(kcmsg->cmsg_level, &ucmsg->cmsg_level); 190 tmp = CMSG_ALIGN(tmp);
184 __get_user(kcmsg->cmsg_type, &ucmsg->cmsg_type); 191 if (__get_user(kcmsg->cmsg_level, &ucmsg->cmsg_level) ||
185 192 __get_user(kcmsg->cmsg_type, &ucmsg->cmsg_type) ||
186 /* Copy over the data. */ 193 copy_from_user(CMSG_DATA(kcmsg),
187 if(copy_from_user(CMSG_DATA(kcmsg), 194 CMSG_COMPAT_DATA(ucmsg),
188 CMSG_COMPAT_DATA(ucmsg), 195 (ucmlen - CMSG_COMPAT_ALIGN(sizeof(*ucmsg)))))
189 (ucmlen - CMSG_COMPAT_ALIGN(sizeof(*ucmsg))))) 196 goto Efault;
190 goto out_free_efault;
191 197
192 /* Advance. */ 198 /* Advance. */
193 kcmsg = (struct cmsghdr *)((char *)kcmsg + CMSG_ALIGN(tmp)); 199 kcmsg = (struct cmsghdr *)((char *)kcmsg + tmp);
194 ucmsg = cmsg_compat_nxthdr(kmsg, ucmsg, ucmlen); 200 ucmsg = cmsg_compat_nxthdr(kmsg, ucmsg, ucmlen);
195 } 201 }
196 202
@@ -199,10 +205,12 @@ int cmsghdr_from_user_compat_to_kern(struct msghdr *kmsg,
199 kmsg->msg_controllen = kcmlen; 205 kmsg->msg_controllen = kcmlen;
200 return 0; 206 return 0;
201 207
202out_free_efault: 208Einval:
203 if(kcmsg_base != (struct cmsghdr *)stackbuf) 209 err = -EINVAL;
204 kfree(kcmsg_base); 210Efault:
205 return -EFAULT; 211 if (kcmsg_base != (struct cmsghdr *)stackbuf)
212 sock_kfree_s(sk, kcmsg_base, kcmlen);
213 return err;
206} 214}
207 215
208int put_cmsg_compat(struct msghdr *kmsg, int level, int type, int len, void *data) 216int put_cmsg_compat(struct msghdr *kmsg, int level, int type, int len, void *data)
diff --git a/net/core/sock.c b/net/core/sock.c
index c13594579bfb..ac63b56e23b2 100644
--- a/net/core/sock.c
+++ b/net/core/sock.c
@@ -341,11 +341,11 @@ set_rcvbuf:
341 sock_reset_flag(sk, SOCK_LINGER); 341 sock_reset_flag(sk, SOCK_LINGER);
342 else { 342 else {
343#if (BITS_PER_LONG == 32) 343#if (BITS_PER_LONG == 32)
344 if (ling.l_linger >= MAX_SCHEDULE_TIMEOUT/HZ) 344 if ((unsigned int)ling.l_linger >= MAX_SCHEDULE_TIMEOUT/HZ)
345 sk->sk_lingertime = MAX_SCHEDULE_TIMEOUT; 345 sk->sk_lingertime = MAX_SCHEDULE_TIMEOUT;
346 else 346 else
347#endif 347#endif
348 sk->sk_lingertime = ling.l_linger * HZ; 348 sk->sk_lingertime = (unsigned int)ling.l_linger * HZ;
349 sock_set_flag(sk, SOCK_LINGER); 349 sock_set_flag(sk, SOCK_LINGER);
350 } 350 }
351 break; 351 break;
@@ -1529,6 +1529,8 @@ EXPORT_SYMBOL(proto_register);
1529void proto_unregister(struct proto *prot) 1529void proto_unregister(struct proto *prot)
1530{ 1530{
1531 write_lock(&proto_list_lock); 1531 write_lock(&proto_list_lock);
1532 list_del(&prot->node);
1533 write_unlock(&proto_list_lock);
1532 1534
1533 if (prot->slab != NULL) { 1535 if (prot->slab != NULL) {
1534 kmem_cache_destroy(prot->slab); 1536 kmem_cache_destroy(prot->slab);
@@ -1550,9 +1552,6 @@ void proto_unregister(struct proto *prot)
1550 kfree(name); 1552 kfree(name);
1551 prot->twsk_slab = NULL; 1553 prot->twsk_slab = NULL;
1552 } 1554 }
1553
1554 list_del(&prot->node);
1555 write_unlock(&proto_list_lock);
1556} 1555}
1557 1556
1558EXPORT_SYMBOL(proto_unregister); 1557EXPORT_SYMBOL(proto_unregister);
diff --git a/net/core/wireless.c b/net/core/wireless.c
index 5caae2399f3a..d17f1583ea3e 100644
--- a/net/core/wireless.c
+++ b/net/core/wireless.c
@@ -58,6 +58,13 @@
58 * o Add wmb() in iw_handler_set_spy() for non-coherent archs/cpus 58 * o Add wmb() in iw_handler_set_spy() for non-coherent archs/cpus
59 * Based on patch from Pavel Roskin <proski@gnu.org> : 59 * Based on patch from Pavel Roskin <proski@gnu.org> :
60 * o Fix kernel data leak to user space in private handler handling 60 * o Fix kernel data leak to user space in private handler handling
61 *
62 * v7 - 18.3.05 - Jean II
63 * o Remove (struct iw_point *)->pointer from events and streams
64 * o Remove spy_offset from struct iw_handler_def
65 * o Start deprecating dev->get_wireless_stats, output a warning
66 * o If IW_QUAL_DBM is set, show dBm values in /proc/net/wireless
67 * o Don't loose INVALID/DBM flags when clearing UPDATED flags (iwstats)
61 */ 68 */
62 69
63/***************************** INCLUDES *****************************/ 70/***************************** INCLUDES *****************************/
@@ -446,10 +453,14 @@ static inline struct iw_statistics *get_wireless_stats(struct net_device *dev)
446 (dev->wireless_handlers->get_wireless_stats != NULL)) 453 (dev->wireless_handlers->get_wireless_stats != NULL))
447 return dev->wireless_handlers->get_wireless_stats(dev); 454 return dev->wireless_handlers->get_wireless_stats(dev);
448 455
449 /* Old location, will be phased out in next WE */ 456 /* Old location, field to be removed in next WE */
450 return (dev->get_wireless_stats ? 457 if(dev->get_wireless_stats) {
451 dev->get_wireless_stats(dev) : 458 printk(KERN_DEBUG "%s (WE) : Driver using old /proc/net/wireless support, please fix driver !\n",
452 (struct iw_statistics *) NULL); 459 dev->name);
460 return dev->get_wireless_stats(dev);
461 }
462 /* Not found */
463 return (struct iw_statistics *) NULL;
453} 464}
454 465
455/* ---------------------------------------------------------------- */ 466/* ---------------------------------------------------------------- */
@@ -541,16 +552,18 @@ static __inline__ void wireless_seq_printf_stats(struct seq_file *seq,
541 dev->name, stats->status, stats->qual.qual, 552 dev->name, stats->status, stats->qual.qual,
542 stats->qual.updated & IW_QUAL_QUAL_UPDATED 553 stats->qual.updated & IW_QUAL_QUAL_UPDATED
543 ? '.' : ' ', 554 ? '.' : ' ',
544 ((__u8) stats->qual.level), 555 ((__s32) stats->qual.level) -
556 ((stats->qual.updated & IW_QUAL_DBM) ? 0x100 : 0),
545 stats->qual.updated & IW_QUAL_LEVEL_UPDATED 557 stats->qual.updated & IW_QUAL_LEVEL_UPDATED
546 ? '.' : ' ', 558 ? '.' : ' ',
547 ((__u8) stats->qual.noise), 559 ((__s32) stats->qual.noise) -
560 ((stats->qual.updated & IW_QUAL_DBM) ? 0x100 : 0),
548 stats->qual.updated & IW_QUAL_NOISE_UPDATED 561 stats->qual.updated & IW_QUAL_NOISE_UPDATED
549 ? '.' : ' ', 562 ? '.' : ' ',
550 stats->discard.nwid, stats->discard.code, 563 stats->discard.nwid, stats->discard.code,
551 stats->discard.fragment, stats->discard.retries, 564 stats->discard.fragment, stats->discard.retries,
552 stats->discard.misc, stats->miss.beacon); 565 stats->discard.misc, stats->miss.beacon);
553 stats->qual.updated = 0; 566 stats->qual.updated &= ~IW_QUAL_ALL_UPDATED;
554 } 567 }
555} 568}
556 569
@@ -593,6 +606,7 @@ static struct file_operations wireless_seq_fops = {
593 606
594int __init wireless_proc_init(void) 607int __init wireless_proc_init(void)
595{ 608{
609 /* Create /proc/net/wireless entry */
596 if (!proc_net_fops_create("wireless", S_IRUGO, &wireless_seq_fops)) 610 if (!proc_net_fops_create("wireless", S_IRUGO, &wireless_seq_fops))
597 return -ENOMEM; 611 return -ENOMEM;
598 612
@@ -627,9 +641,9 @@ static inline int dev_iwstats(struct net_device *dev, struct ifreq *ifr)
627 sizeof(struct iw_statistics))) 641 sizeof(struct iw_statistics)))
628 return -EFAULT; 642 return -EFAULT;
629 643
630 /* Check if we need to clear the update flag */ 644 /* Check if we need to clear the updated flag */
631 if(wrq->u.data.flags != 0) 645 if(wrq->u.data.flags != 0)
632 stats->qual.updated = 0; 646 stats->qual.updated &= ~IW_QUAL_ALL_UPDATED;
633 return 0; 647 return 0;
634 } else 648 } else
635 return -EOPNOTSUPP; 649 return -EOPNOTSUPP;
@@ -1161,10 +1175,11 @@ void wireless_send_event(struct net_device * dev,
1161 struct iw_event *event; /* Mallocated whole event */ 1175 struct iw_event *event; /* Mallocated whole event */
1162 int event_len; /* Its size */ 1176 int event_len; /* Its size */
1163 int hdr_len; /* Size of the event header */ 1177 int hdr_len; /* Size of the event header */
1178 int wrqu_off = 0; /* Offset in wrqu */
1164 /* Don't "optimise" the following variable, it will crash */ 1179 /* Don't "optimise" the following variable, it will crash */
1165 unsigned cmd_index; /* *MUST* be unsigned */ 1180 unsigned cmd_index; /* *MUST* be unsigned */
1166 1181
1167 /* Get the description of the IOCTL */ 1182 /* Get the description of the Event */
1168 if(cmd <= SIOCIWLAST) { 1183 if(cmd <= SIOCIWLAST) {
1169 cmd_index = cmd - SIOCIWFIRST; 1184 cmd_index = cmd - SIOCIWFIRST;
1170 if(cmd_index < standard_ioctl_num) 1185 if(cmd_index < standard_ioctl_num)
@@ -1207,6 +1222,8 @@ void wireless_send_event(struct net_device * dev,
1207 /* Calculate extra_len - extra is NULL for restricted events */ 1222 /* Calculate extra_len - extra is NULL for restricted events */
1208 if(extra != NULL) 1223 if(extra != NULL)
1209 extra_len = wrqu->data.length * descr->token_size; 1224 extra_len = wrqu->data.length * descr->token_size;
1225 /* Always at an offset in wrqu */
1226 wrqu_off = IW_EV_POINT_OFF;
1210#ifdef WE_EVENT_DEBUG 1227#ifdef WE_EVENT_DEBUG
1211 printk(KERN_DEBUG "%s (WE) : Event 0x%04X, tokens %d, extra_len %d\n", dev->name, cmd, wrqu->data.length, extra_len); 1228 printk(KERN_DEBUG "%s (WE) : Event 0x%04X, tokens %d, extra_len %d\n", dev->name, cmd, wrqu->data.length, extra_len);
1212#endif /* WE_EVENT_DEBUG */ 1229#endif /* WE_EVENT_DEBUG */
@@ -1217,7 +1234,7 @@ void wireless_send_event(struct net_device * dev,
1217 event_len = hdr_len + extra_len; 1234 event_len = hdr_len + extra_len;
1218 1235
1219#ifdef WE_EVENT_DEBUG 1236#ifdef WE_EVENT_DEBUG
1220 printk(KERN_DEBUG "%s (WE) : Event 0x%04X, hdr_len %d, event_len %d\n", dev->name, cmd, hdr_len, event_len); 1237 printk(KERN_DEBUG "%s (WE) : Event 0x%04X, hdr_len %d, wrqu_off %d, event_len %d\n", dev->name, cmd, hdr_len, wrqu_off, event_len);
1221#endif /* WE_EVENT_DEBUG */ 1238#endif /* WE_EVENT_DEBUG */
1222 1239
1223 /* Create temporary buffer to hold the event */ 1240 /* Create temporary buffer to hold the event */
@@ -1228,7 +1245,7 @@ void wireless_send_event(struct net_device * dev,
1228 /* Fill event */ 1245 /* Fill event */
1229 event->len = event_len; 1246 event->len = event_len;
1230 event->cmd = cmd; 1247 event->cmd = cmd;
1231 memcpy(&event->u, wrqu, hdr_len - IW_EV_LCP_LEN); 1248 memcpy(&event->u, ((char *) wrqu) + wrqu_off, hdr_len - IW_EV_LCP_LEN);
1232 if(extra != NULL) 1249 if(extra != NULL)
1233 memcpy(((char *) event) + hdr_len, extra, extra_len); 1250 memcpy(((char *) event) + hdr_len, extra, extra_len);
1234 1251
@@ -1249,7 +1266,7 @@ void wireless_send_event(struct net_device * dev,
1249 * Now, the driver can delegate this task to Wireless Extensions. 1266 * Now, the driver can delegate this task to Wireless Extensions.
1250 * It needs to use those standard spy iw_handler in struct iw_handler_def, 1267 * It needs to use those standard spy iw_handler in struct iw_handler_def,
1251 * push data to us via wireless_spy_update() and include struct iw_spy_data 1268 * push data to us via wireless_spy_update() and include struct iw_spy_data
1252 * in its private part (and advertise it in iw_handler_def->spy_offset). 1269 * in its private part (and export it in net_device->wireless_data->spy_data).
1253 * One of the main advantage of centralising spy support here is that 1270 * One of the main advantage of centralising spy support here is that
1254 * it becomes much easier to improve and extend it without having to touch 1271 * it becomes much easier to improve and extend it without having to touch
1255 * the drivers. One example is the addition of the Spy-Threshold events. 1272 * the drivers. One example is the addition of the Spy-Threshold events.
@@ -1266,10 +1283,7 @@ static inline struct iw_spy_data * get_spydata(struct net_device *dev)
1266 /* This is the new way */ 1283 /* This is the new way */
1267 if(dev->wireless_data) 1284 if(dev->wireless_data)
1268 return(dev->wireless_data->spy_data); 1285 return(dev->wireless_data->spy_data);
1269 1286 return NULL;
1270 /* This is the old way. Doesn't work for multi-headed drivers.
1271 * It will be removed in the next version of WE. */
1272 return (dev->priv + dev->wireless_handlers->spy_offset);
1273} 1287}
1274 1288
1275/*------------------------------------------------------------------*/ 1289/*------------------------------------------------------------------*/
@@ -1284,10 +1298,6 @@ int iw_handler_set_spy(struct net_device * dev,
1284 struct iw_spy_data * spydata = get_spydata(dev); 1298 struct iw_spy_data * spydata = get_spydata(dev);
1285 struct sockaddr * address = (struct sockaddr *) extra; 1299 struct sockaddr * address = (struct sockaddr *) extra;
1286 1300
1287 if(!dev->wireless_data)
1288 /* Help user know that driver needs updating */
1289 printk(KERN_DEBUG "%s (WE) : Driver using old/buggy spy support, please fix driver !\n",
1290 dev->name);
1291 /* Make sure driver is not buggy or using the old API */ 1301 /* Make sure driver is not buggy or using the old API */
1292 if(!spydata) 1302 if(!spydata)
1293 return -EOPNOTSUPP; 1303 return -EOPNOTSUPP;
@@ -1318,7 +1328,7 @@ int iw_handler_set_spy(struct net_device * dev,
1318 sizeof(struct iw_quality) * IW_MAX_SPY); 1328 sizeof(struct iw_quality) * IW_MAX_SPY);
1319 1329
1320#ifdef WE_SPY_DEBUG 1330#ifdef WE_SPY_DEBUG
1321 printk(KERN_DEBUG "iw_handler_set_spy() : offset %ld, spydata %p, num %d\n", dev->wireless_handlers->spy_offset, spydata, wrqu->data.length); 1331 printk(KERN_DEBUG "iw_handler_set_spy() : wireless_data %p, spydata %p, num %d\n", dev->wireless_data, spydata, wrqu->data.length);
1322 for (i = 0; i < wrqu->data.length; i++) 1332 for (i = 0; i < wrqu->data.length; i++)
1323 printk(KERN_DEBUG 1333 printk(KERN_DEBUG
1324 "%02X:%02X:%02X:%02X:%02X:%02X \n", 1334 "%02X:%02X:%02X:%02X:%02X:%02X \n",
@@ -1371,7 +1381,7 @@ int iw_handler_get_spy(struct net_device * dev,
1371 sizeof(struct iw_quality) * spydata->spy_number); 1381 sizeof(struct iw_quality) * spydata->spy_number);
1372 /* Reset updated flags. */ 1382 /* Reset updated flags. */
1373 for(i = 0; i < spydata->spy_number; i++) 1383 for(i = 0; i < spydata->spy_number; i++)
1374 spydata->spy_stat[i].updated = 0; 1384 spydata->spy_stat[i].updated &= ~IW_QUAL_ALL_UPDATED;
1375 return 0; 1385 return 0;
1376} 1386}
1377 1387
@@ -1486,7 +1496,7 @@ void wireless_spy_update(struct net_device * dev,
1486 return; 1496 return;
1487 1497
1488#ifdef WE_SPY_DEBUG 1498#ifdef WE_SPY_DEBUG
1489 printk(KERN_DEBUG "wireless_spy_update() : offset %ld, spydata %p, address %02X:%02X:%02X:%02X:%02X:%02X\n", dev->wireless_handlers->spy_offset, spydata, address[0], address[1], address[2], address[3], address[4], address[5]); 1499 printk(KERN_DEBUG "wireless_spy_update() : wireless_data %p, spydata %p, address %02X:%02X:%02X:%02X:%02X:%02X\n", dev->wireless_data, spydata, address[0], address[1], address[2], address[3], address[4], address[5]);
1490#endif /* WE_SPY_DEBUG */ 1500#endif /* WE_SPY_DEBUG */
1491 1501
1492 /* Update all records that match */ 1502 /* Update all records that match */
diff --git a/net/ieee80211/ieee80211_crypt.c b/net/ieee80211/ieee80211_crypt.c
index 05a6f2f298db..61a9d92e455b 100644
--- a/net/ieee80211/ieee80211_crypt.c
+++ b/net/ieee80211/ieee80211_crypt.c
@@ -30,7 +30,6 @@ struct ieee80211_crypto_alg {
30 struct ieee80211_crypto_ops *ops; 30 struct ieee80211_crypto_ops *ops;
31}; 31};
32 32
33
34struct ieee80211_crypto { 33struct ieee80211_crypto {
35 struct list_head algs; 34 struct list_head algs;
36 spinlock_t lock; 35 spinlock_t lock;
@@ -38,8 +37,7 @@ struct ieee80211_crypto {
38 37
39static struct ieee80211_crypto *hcrypt; 38static struct ieee80211_crypto *hcrypt;
40 39
41void ieee80211_crypt_deinit_entries(struct ieee80211_device *ieee, 40void ieee80211_crypt_deinit_entries(struct ieee80211_device *ieee, int force)
42 int force)
43{ 41{
44 struct list_head *ptr, *n; 42 struct list_head *ptr, *n;
45 struct ieee80211_crypt_data *entry; 43 struct ieee80211_crypt_data *entry;
@@ -140,7 +138,7 @@ int ieee80211_unregister_crypto_ops(struct ieee80211_crypto_ops *ops)
140 spin_lock_irqsave(&hcrypt->lock, flags); 138 spin_lock_irqsave(&hcrypt->lock, flags);
141 for (ptr = hcrypt->algs.next; ptr != &hcrypt->algs; ptr = ptr->next) { 139 for (ptr = hcrypt->algs.next; ptr != &hcrypt->algs; ptr = ptr->next) {
142 struct ieee80211_crypto_alg *alg = 140 struct ieee80211_crypto_alg *alg =
143 (struct ieee80211_crypto_alg *) ptr; 141 (struct ieee80211_crypto_alg *)ptr;
144 if (alg->ops == ops) { 142 if (alg->ops == ops) {
145 list_del(&alg->list); 143 list_del(&alg->list);
146 del_alg = alg; 144 del_alg = alg;
@@ -158,8 +156,7 @@ int ieee80211_unregister_crypto_ops(struct ieee80211_crypto_ops *ops)
158 return del_alg ? 0 : -1; 156 return del_alg ? 0 : -1;
159} 157}
160 158
161 159struct ieee80211_crypto_ops *ieee80211_get_crypto_ops(const char *name)
162struct ieee80211_crypto_ops * ieee80211_get_crypto_ops(const char *name)
163{ 160{
164 unsigned long flags; 161 unsigned long flags;
165 struct list_head *ptr; 162 struct list_head *ptr;
@@ -171,7 +168,7 @@ struct ieee80211_crypto_ops * ieee80211_get_crypto_ops(const char *name)
171 spin_lock_irqsave(&hcrypt->lock, flags); 168 spin_lock_irqsave(&hcrypt->lock, flags);
172 for (ptr = hcrypt->algs.next; ptr != &hcrypt->algs; ptr = ptr->next) { 169 for (ptr = hcrypt->algs.next; ptr != &hcrypt->algs; ptr = ptr->next) {
173 struct ieee80211_crypto_alg *alg = 170 struct ieee80211_crypto_alg *alg =
174 (struct ieee80211_crypto_alg *) ptr; 171 (struct ieee80211_crypto_alg *)ptr;
175 if (strcmp(alg->ops->name, name) == 0) { 172 if (strcmp(alg->ops->name, name) == 0) {
176 found_alg = alg; 173 found_alg = alg;
177 break; 174 break;
@@ -185,9 +182,13 @@ struct ieee80211_crypto_ops * ieee80211_get_crypto_ops(const char *name)
185 return NULL; 182 return NULL;
186} 183}
187 184
188 185static void *ieee80211_crypt_null_init(int keyidx)
189static void * ieee80211_crypt_null_init(int keyidx) { return (void *) 1; } 186{
190static void ieee80211_crypt_null_deinit(void *priv) {} 187 return (void *)1;
188}
189static void ieee80211_crypt_null_deinit(void *priv)
190{
191}
191 192
192static struct ieee80211_crypto_ops ieee80211_crypt_null = { 193static struct ieee80211_crypto_ops ieee80211_crypt_null = {
193 .name = "NULL", 194 .name = "NULL",
@@ -204,7 +205,6 @@ static struct ieee80211_crypto_ops ieee80211_crypt_null = {
204 .owner = THIS_MODULE, 205 .owner = THIS_MODULE,
205}; 206};
206 207
207
208static int __init ieee80211_crypto_init(void) 208static int __init ieee80211_crypto_init(void)
209{ 209{
210 int ret = -ENOMEM; 210 int ret = -ENOMEM;
@@ -222,11 +222,10 @@ static int __init ieee80211_crypto_init(void)
222 kfree(hcrypt); 222 kfree(hcrypt);
223 hcrypt = NULL; 223 hcrypt = NULL;
224 } 224 }
225out: 225 out:
226 return ret; 226 return ret;
227} 227}
228 228
229
230static void __exit ieee80211_crypto_deinit(void) 229static void __exit ieee80211_crypto_deinit(void)
231{ 230{
232 struct list_head *ptr, *n; 231 struct list_head *ptr, *n;
@@ -237,7 +236,7 @@ static void __exit ieee80211_crypto_deinit(void)
237 for (ptr = hcrypt->algs.next, n = ptr->next; ptr != &hcrypt->algs; 236 for (ptr = hcrypt->algs.next, n = ptr->next; ptr != &hcrypt->algs;
238 ptr = n, n = ptr->next) { 237 ptr = n, n = ptr->next) {
239 struct ieee80211_crypto_alg *alg = 238 struct ieee80211_crypto_alg *alg =
240 (struct ieee80211_crypto_alg *) ptr; 239 (struct ieee80211_crypto_alg *)ptr;
241 list_del(ptr); 240 list_del(ptr);
242 printk(KERN_DEBUG "ieee80211_crypt: unregistered algorithm " 241 printk(KERN_DEBUG "ieee80211_crypt: unregistered algorithm "
243 "'%s' (deinit)\n", alg->ops->name); 242 "'%s' (deinit)\n", alg->ops->name);
diff --git a/net/ieee80211/ieee80211_crypt_ccmp.c b/net/ieee80211/ieee80211_crypt_ccmp.c
index 11d15573b26a..8fc13f45971e 100644
--- a/net/ieee80211/ieee80211_crypt_ccmp.c
+++ b/net/ieee80211/ieee80211_crypt_ccmp.c
@@ -24,7 +24,6 @@
24 24
25#include <net/ieee80211.h> 25#include <net/ieee80211.h>
26 26
27
28#include <linux/crypto.h> 27#include <linux/crypto.h>
29#include <asm/scatterlist.h> 28#include <asm/scatterlist.h>
30 29
@@ -55,7 +54,7 @@ struct ieee80211_ccmp_data {
55 54
56 /* scratch buffers for virt_to_page() (crypto API) */ 55 /* scratch buffers for virt_to_page() (crypto API) */
57 u8 tx_b0[AES_BLOCK_LEN], tx_b[AES_BLOCK_LEN], 56 u8 tx_b0[AES_BLOCK_LEN], tx_b[AES_BLOCK_LEN],
58 tx_e[AES_BLOCK_LEN], tx_s0[AES_BLOCK_LEN]; 57 tx_e[AES_BLOCK_LEN], tx_s0[AES_BLOCK_LEN];
59 u8 rx_b0[AES_BLOCK_LEN], rx_b[AES_BLOCK_LEN], rx_a[AES_BLOCK_LEN]; 58 u8 rx_b0[AES_BLOCK_LEN], rx_b[AES_BLOCK_LEN], rx_a[AES_BLOCK_LEN];
60}; 59};
61 60
@@ -75,7 +74,7 @@ static void ieee80211_ccmp_aes_encrypt(struct crypto_tfm *tfm,
75 crypto_cipher_encrypt(tfm, &dst, &src, AES_BLOCK_LEN); 74 crypto_cipher_encrypt(tfm, &dst, &src, AES_BLOCK_LEN);
76} 75}
77 76
78static void * ieee80211_ccmp_init(int key_idx) 77static void *ieee80211_ccmp_init(int key_idx)
79{ 78{
80 struct ieee80211_ccmp_data *priv; 79 struct ieee80211_ccmp_data *priv;
81 80
@@ -94,7 +93,7 @@ static void * ieee80211_ccmp_init(int key_idx)
94 93
95 return priv; 94 return priv;
96 95
97fail: 96 fail:
98 if (priv) { 97 if (priv) {
99 if (priv->tfm) 98 if (priv->tfm)
100 crypto_free_tfm(priv->tfm); 99 crypto_free_tfm(priv->tfm);
@@ -104,7 +103,6 @@ fail:
104 return NULL; 103 return NULL;
105} 104}
106 105
107
108static void ieee80211_ccmp_deinit(void *priv) 106static void ieee80211_ccmp_deinit(void *priv)
109{ 107{
110 struct ieee80211_ccmp_data *_priv = priv; 108 struct ieee80211_ccmp_data *_priv = priv;
@@ -113,19 +111,16 @@ static void ieee80211_ccmp_deinit(void *priv)
113 kfree(priv); 111 kfree(priv);
114} 112}
115 113
116 114static inline void xor_block(u8 * b, u8 * a, size_t len)
117static inline void xor_block(u8 *b, u8 *a, size_t len)
118{ 115{
119 int i; 116 int i;
120 for (i = 0; i < len; i++) 117 for (i = 0; i < len; i++)
121 b[i] ^= a[i]; 118 b[i] ^= a[i];
122} 119}
123 120
124
125static void ccmp_init_blocks(struct crypto_tfm *tfm, 121static void ccmp_init_blocks(struct crypto_tfm *tfm,
126 struct ieee80211_hdr *hdr, 122 struct ieee80211_hdr *hdr,
127 u8 *pn, size_t dlen, u8 *b0, u8 *auth, 123 u8 * pn, size_t dlen, u8 * b0, u8 * auth, u8 * s0)
128 u8 *s0)
129{ 124{
130 u8 *pos, qc = 0; 125 u8 *pos, qc = 0;
131 size_t aad_len; 126 size_t aad_len;
@@ -142,7 +137,7 @@ static void ccmp_init_blocks(struct crypto_tfm *tfm,
142 if (a4_included) 137 if (a4_included)
143 aad_len += 6; 138 aad_len += 6;
144 if (qc_included) { 139 if (qc_included) {
145 pos = (u8 *) &hdr->addr4; 140 pos = (u8 *) & hdr->addr4;
146 if (a4_included) 141 if (a4_included)
147 pos += 6; 142 pos += 6;
148 qc = *pos & 0x0f; 143 qc = *pos & 0x0f;
@@ -169,14 +164,14 @@ static void ccmp_init_blocks(struct crypto_tfm *tfm,
169 * QC (if present) 164 * QC (if present)
170 */ 165 */
171 pos = (u8 *) hdr; 166 pos = (u8 *) hdr;
172 aad[0] = 0; /* aad_len >> 8 */ 167 aad[0] = 0; /* aad_len >> 8 */
173 aad[1] = aad_len & 0xff; 168 aad[1] = aad_len & 0xff;
174 aad[2] = pos[0] & 0x8f; 169 aad[2] = pos[0] & 0x8f;
175 aad[3] = pos[1] & 0xc7; 170 aad[3] = pos[1] & 0xc7;
176 memcpy(aad + 4, hdr->addr1, 3 * ETH_ALEN); 171 memcpy(aad + 4, hdr->addr1, 3 * ETH_ALEN);
177 pos = (u8 *) &hdr->seq_ctl; 172 pos = (u8 *) & hdr->seq_ctl;
178 aad[22] = pos[0] & 0x0f; 173 aad[22] = pos[0] & 0x0f;
179 aad[23] = 0; /* all bits masked */ 174 aad[23] = 0; /* all bits masked */
180 memset(aad + 24, 0, 8); 175 memset(aad + 24, 0, 8);
181 if (a4_included) 176 if (a4_included)
182 memcpy(aad + 24, hdr->addr4, ETH_ALEN); 177 memcpy(aad + 24, hdr->addr4, ETH_ALEN);
@@ -196,7 +191,6 @@ static void ccmp_init_blocks(struct crypto_tfm *tfm,
196 ieee80211_ccmp_aes_encrypt(tfm, b0, s0); 191 ieee80211_ccmp_aes_encrypt(tfm, b0, s0);
197} 192}
198 193
199
200static int ieee80211_ccmp_encrypt(struct sk_buff *skb, int hdr_len, void *priv) 194static int ieee80211_ccmp_encrypt(struct sk_buff *skb, int hdr_len, void *priv)
201{ 195{
202 struct ieee80211_ccmp_data *key = priv; 196 struct ieee80211_ccmp_data *key = priv;
@@ -209,8 +203,7 @@ static int ieee80211_ccmp_encrypt(struct sk_buff *skb, int hdr_len, void *priv)
209 u8 *s0 = key->tx_s0; 203 u8 *s0 = key->tx_s0;
210 204
211 if (skb_headroom(skb) < CCMP_HDR_LEN || 205 if (skb_headroom(skb) < CCMP_HDR_LEN ||
212 skb_tailroom(skb) < CCMP_MIC_LEN || 206 skb_tailroom(skb) < CCMP_MIC_LEN || skb->len < hdr_len)
213 skb->len < hdr_len)
214 return -1; 207 return -1;
215 208
216 data_len = skb->len - hdr_len; 209 data_len = skb->len - hdr_len;
@@ -230,13 +223,13 @@ static int ieee80211_ccmp_encrypt(struct sk_buff *skb, int hdr_len, void *priv)
230 *pos++ = key->tx_pn[5]; 223 *pos++ = key->tx_pn[5];
231 *pos++ = key->tx_pn[4]; 224 *pos++ = key->tx_pn[4];
232 *pos++ = 0; 225 *pos++ = 0;
233 *pos++ = (key->key_idx << 6) | (1 << 5) /* Ext IV included */; 226 *pos++ = (key->key_idx << 6) | (1 << 5) /* Ext IV included */ ;
234 *pos++ = key->tx_pn[3]; 227 *pos++ = key->tx_pn[3];
235 *pos++ = key->tx_pn[2]; 228 *pos++ = key->tx_pn[2];
236 *pos++ = key->tx_pn[1]; 229 *pos++ = key->tx_pn[1];
237 *pos++ = key->tx_pn[0]; 230 *pos++ = key->tx_pn[0];
238 231
239 hdr = (struct ieee80211_hdr *) skb->data; 232 hdr = (struct ieee80211_hdr *)skb->data;
240 ccmp_init_blocks(key->tfm, hdr, key->tx_pn, data_len, b0, b, s0); 233 ccmp_init_blocks(key->tfm, hdr, key->tx_pn, data_len, b0, b, s0);
241 234
242 blocks = (data_len + AES_BLOCK_LEN - 1) / AES_BLOCK_LEN; 235 blocks = (data_len + AES_BLOCK_LEN - 1) / AES_BLOCK_LEN;
@@ -261,7 +254,6 @@ static int ieee80211_ccmp_encrypt(struct sk_buff *skb, int hdr_len, void *priv)
261 return 0; 254 return 0;
262} 255}
263 256
264
265static int ieee80211_ccmp_decrypt(struct sk_buff *skb, int hdr_len, void *priv) 257static int ieee80211_ccmp_decrypt(struct sk_buff *skb, int hdr_len, void *priv)
266{ 258{
267 struct ieee80211_ccmp_data *key = priv; 259 struct ieee80211_ccmp_data *key = priv;
@@ -280,7 +272,7 @@ static int ieee80211_ccmp_decrypt(struct sk_buff *skb, int hdr_len, void *priv)
280 return -1; 272 return -1;
281 } 273 }
282 274
283 hdr = (struct ieee80211_hdr *) skb->data; 275 hdr = (struct ieee80211_hdr *)skb->data;
284 pos = skb->data + hdr_len; 276 pos = skb->data + hdr_len;
285 keyidx = pos[3]; 277 keyidx = pos[3];
286 if (!(keyidx & (1 << 5))) { 278 if (!(keyidx & (1 << 5))) {
@@ -364,8 +356,7 @@ static int ieee80211_ccmp_decrypt(struct sk_buff *skb, int hdr_len, void *priv)
364 return keyidx; 356 return keyidx;
365} 357}
366 358
367 359static int ieee80211_ccmp_set_key(void *key, int len, u8 * seq, void *priv)
368static int ieee80211_ccmp_set_key(void *key, int len, u8 *seq, void *priv)
369{ 360{
370 struct ieee80211_ccmp_data *data = priv; 361 struct ieee80211_ccmp_data *data = priv;
371 int keyidx; 362 int keyidx;
@@ -395,8 +386,7 @@ static int ieee80211_ccmp_set_key(void *key, int len, u8 *seq, void *priv)
395 return 0; 386 return 0;
396} 387}
397 388
398 389static int ieee80211_ccmp_get_key(void *key, int len, u8 * seq, void *priv)
399static int ieee80211_ccmp_get_key(void *key, int len, u8 *seq, void *priv)
400{ 390{
401 struct ieee80211_ccmp_data *data = priv; 391 struct ieee80211_ccmp_data *data = priv;
402 392
@@ -419,8 +409,7 @@ static int ieee80211_ccmp_get_key(void *key, int len, u8 *seq, void *priv)
419 return CCMP_TK_LEN; 409 return CCMP_TK_LEN;
420} 410}
421 411
422 412static char *ieee80211_ccmp_print_stats(char *p, void *priv)
423static char * ieee80211_ccmp_print_stats(char *p, void *priv)
424{ 413{
425 struct ieee80211_ccmp_data *ccmp = priv; 414 struct ieee80211_ccmp_data *ccmp = priv;
426 p += sprintf(p, "key[%d] alg=CCMP key_set=%d " 415 p += sprintf(p, "key[%d] alg=CCMP key_set=%d "
@@ -436,7 +425,6 @@ static char * ieee80211_ccmp_print_stats(char *p, void *priv)
436 return p; 425 return p;
437} 426}
438 427
439
440static struct ieee80211_crypto_ops ieee80211_crypt_ccmp = { 428static struct ieee80211_crypto_ops ieee80211_crypt_ccmp = {
441 .name = "CCMP", 429 .name = "CCMP",
442 .init = ieee80211_ccmp_init, 430 .init = ieee80211_ccmp_init,
@@ -453,18 +441,15 @@ static struct ieee80211_crypto_ops ieee80211_crypt_ccmp = {
453 .owner = THIS_MODULE, 441 .owner = THIS_MODULE,
454}; 442};
455 443
456
457static int __init ieee80211_crypto_ccmp_init(void) 444static int __init ieee80211_crypto_ccmp_init(void)
458{ 445{
459 return ieee80211_register_crypto_ops(&ieee80211_crypt_ccmp); 446 return ieee80211_register_crypto_ops(&ieee80211_crypt_ccmp);
460} 447}
461 448
462
463static void __exit ieee80211_crypto_ccmp_exit(void) 449static void __exit ieee80211_crypto_ccmp_exit(void)
464{ 450{
465 ieee80211_unregister_crypto_ops(&ieee80211_crypt_ccmp); 451 ieee80211_unregister_crypto_ops(&ieee80211_crypt_ccmp);
466} 452}
467 453
468
469module_init(ieee80211_crypto_ccmp_init); 454module_init(ieee80211_crypto_ccmp_init);
470module_exit(ieee80211_crypto_ccmp_exit); 455module_exit(ieee80211_crypto_ccmp_exit);
diff --git a/net/ieee80211/ieee80211_crypt_tkip.c b/net/ieee80211/ieee80211_crypt_tkip.c
index f91d92c6df25..d4f9164be1a1 100644
--- a/net/ieee80211/ieee80211_crypt_tkip.c
+++ b/net/ieee80211/ieee80211_crypt_tkip.c
@@ -23,7 +23,6 @@
23 23
24#include <net/ieee80211.h> 24#include <net/ieee80211.h>
25 25
26
27#include <linux/crypto.h> 26#include <linux/crypto.h>
28#include <asm/scatterlist.h> 27#include <asm/scatterlist.h>
29#include <linux/crc32.h> 28#include <linux/crc32.h>
@@ -62,7 +61,7 @@ struct ieee80211_tkip_data {
62 u8 rx_hdr[16], tx_hdr[16]; 61 u8 rx_hdr[16], tx_hdr[16];
63}; 62};
64 63
65static void * ieee80211_tkip_init(int key_idx) 64static void *ieee80211_tkip_init(int key_idx)
66{ 65{
67 struct ieee80211_tkip_data *priv; 66 struct ieee80211_tkip_data *priv;
68 67
@@ -88,7 +87,7 @@ static void * ieee80211_tkip_init(int key_idx)
88 87
89 return priv; 88 return priv;
90 89
91fail: 90 fail:
92 if (priv) { 91 if (priv) {
93 if (priv->tfm_michael) 92 if (priv->tfm_michael)
94 crypto_free_tfm(priv->tfm_michael); 93 crypto_free_tfm(priv->tfm_michael);
@@ -100,7 +99,6 @@ fail:
100 return NULL; 99 return NULL;
101} 100}
102 101
103
104static void ieee80211_tkip_deinit(void *priv) 102static void ieee80211_tkip_deinit(void *priv)
105{ 103{
106 struct ieee80211_tkip_data *_priv = priv; 104 struct ieee80211_tkip_data *_priv = priv;
@@ -111,51 +109,42 @@ static void ieee80211_tkip_deinit(void *priv)
111 kfree(priv); 109 kfree(priv);
112} 110}
113 111
114
115static inline u16 RotR1(u16 val) 112static inline u16 RotR1(u16 val)
116{ 113{
117 return (val >> 1) | (val << 15); 114 return (val >> 1) | (val << 15);
118} 115}
119 116
120
121static inline u8 Lo8(u16 val) 117static inline u8 Lo8(u16 val)
122{ 118{
123 return val & 0xff; 119 return val & 0xff;
124} 120}
125 121
126
127static inline u8 Hi8(u16 val) 122static inline u8 Hi8(u16 val)
128{ 123{
129 return val >> 8; 124 return val >> 8;
130} 125}
131 126
132
133static inline u16 Lo16(u32 val) 127static inline u16 Lo16(u32 val)
134{ 128{
135 return val & 0xffff; 129 return val & 0xffff;
136} 130}
137 131
138
139static inline u16 Hi16(u32 val) 132static inline u16 Hi16(u32 val)
140{ 133{
141 return val >> 16; 134 return val >> 16;
142} 135}
143 136
144
145static inline u16 Mk16(u8 hi, u8 lo) 137static inline u16 Mk16(u8 hi, u8 lo)
146{ 138{
147 return lo | (((u16) hi) << 8); 139 return lo | (((u16) hi) << 8);
148} 140}
149 141
150 142static inline u16 Mk16_le(u16 * v)
151static inline u16 Mk16_le(u16 *v)
152{ 143{
153 return le16_to_cpu(*v); 144 return le16_to_cpu(*v);
154} 145}
155 146
156 147static const u16 Sbox[256] = {
157static const u16 Sbox[256] =
158{
159 0xC6A5, 0xF884, 0xEE99, 0xF68D, 0xFF0D, 0xD6BD, 0xDEB1, 0x9154, 148 0xC6A5, 0xF884, 0xEE99, 0xF68D, 0xFF0D, 0xD6BD, 0xDEB1, 0x9154,
160 0x6050, 0x0203, 0xCEA9, 0x567D, 0xE719, 0xB562, 0x4DE6, 0xEC9A, 149 0x6050, 0x0203, 0xCEA9, 0x567D, 0xE719, 0xB562, 0x4DE6, 0xEC9A,
161 0x8F45, 0x1F9D, 0x8940, 0xFA87, 0xEF15, 0xB2EB, 0x8EC9, 0xFB0B, 150 0x8F45, 0x1F9D, 0x8940, 0xFA87, 0xEF15, 0xB2EB, 0x8EC9, 0xFB0B,
@@ -190,17 +179,16 @@ static const u16 Sbox[256] =
190 0x82C3, 0x29B0, 0x5A77, 0x1E11, 0x7BCB, 0xA8FC, 0x6DD6, 0x2C3A, 179 0x82C3, 0x29B0, 0x5A77, 0x1E11, 0x7BCB, 0xA8FC, 0x6DD6, 0x2C3A,
191}; 180};
192 181
193
194static inline u16 _S_(u16 v) 182static inline u16 _S_(u16 v)
195{ 183{
196 u16 t = Sbox[Hi8(v)]; 184 u16 t = Sbox[Hi8(v)];
197 return Sbox[Lo8(v)] ^ ((t << 8) | (t >> 8)); 185 return Sbox[Lo8(v)] ^ ((t << 8) | (t >> 8));
198} 186}
199 187
200
201#define PHASE1_LOOP_COUNT 8 188#define PHASE1_LOOP_COUNT 8
202 189
203static void tkip_mixing_phase1(u16 *TTAK, const u8 *TK, const u8 *TA, u32 IV32) 190static void tkip_mixing_phase1(u16 * TTAK, const u8 * TK, const u8 * TA,
191 u32 IV32)
204{ 192{
205 int i, j; 193 int i, j;
206 194
@@ -221,13 +209,12 @@ static void tkip_mixing_phase1(u16 *TTAK, const u8 *TK, const u8 *TA, u32 IV32)
221 } 209 }
222} 210}
223 211
224 212static void tkip_mixing_phase2(u8 * WEPSeed, const u8 * TK, const u16 * TTAK,
225static void tkip_mixing_phase2(u8 *WEPSeed, const u8 *TK, const u16 *TTAK,
226 u16 IV16) 213 u16 IV16)
227{ 214{
228 /* Make temporary area overlap WEP seed so that the final copy can be 215 /* Make temporary area overlap WEP seed so that the final copy can be
229 * avoided on little endian hosts. */ 216 * avoided on little endian hosts. */
230 u16 *PPK = (u16 *) &WEPSeed[4]; 217 u16 *PPK = (u16 *) & WEPSeed[4];
231 218
232 /* Step 1 - make copy of TTAK and bring in TSC */ 219 /* Step 1 - make copy of TTAK and bring in TSC */
233 PPK[0] = TTAK[0]; 220 PPK[0] = TTAK[0];
@@ -238,15 +225,15 @@ static void tkip_mixing_phase2(u8 *WEPSeed, const u8 *TK, const u16 *TTAK,
238 PPK[5] = TTAK[4] + IV16; 225 PPK[5] = TTAK[4] + IV16;
239 226
240 /* Step 2 - 96-bit bijective mixing using S-box */ 227 /* Step 2 - 96-bit bijective mixing using S-box */
241 PPK[0] += _S_(PPK[5] ^ Mk16_le((u16 *) &TK[0])); 228 PPK[0] += _S_(PPK[5] ^ Mk16_le((u16 *) & TK[0]));
242 PPK[1] += _S_(PPK[0] ^ Mk16_le((u16 *) &TK[2])); 229 PPK[1] += _S_(PPK[0] ^ Mk16_le((u16 *) & TK[2]));
243 PPK[2] += _S_(PPK[1] ^ Mk16_le((u16 *) &TK[4])); 230 PPK[2] += _S_(PPK[1] ^ Mk16_le((u16 *) & TK[4]));
244 PPK[3] += _S_(PPK[2] ^ Mk16_le((u16 *) &TK[6])); 231 PPK[3] += _S_(PPK[2] ^ Mk16_le((u16 *) & TK[6]));
245 PPK[4] += _S_(PPK[3] ^ Mk16_le((u16 *) &TK[8])); 232 PPK[4] += _S_(PPK[3] ^ Mk16_le((u16 *) & TK[8]));
246 PPK[5] += _S_(PPK[4] ^ Mk16_le((u16 *) &TK[10])); 233 PPK[5] += _S_(PPK[4] ^ Mk16_le((u16 *) & TK[10]));
247 234
248 PPK[0] += RotR1(PPK[5] ^ Mk16_le((u16 *) &TK[12])); 235 PPK[0] += RotR1(PPK[5] ^ Mk16_le((u16 *) & TK[12]));
249 PPK[1] += RotR1(PPK[0] ^ Mk16_le((u16 *) &TK[14])); 236 PPK[1] += RotR1(PPK[0] ^ Mk16_le((u16 *) & TK[14]));
250 PPK[2] += RotR1(PPK[1]); 237 PPK[2] += RotR1(PPK[1]);
251 PPK[3] += RotR1(PPK[2]); 238 PPK[3] += RotR1(PPK[2]);
252 PPK[4] += RotR1(PPK[3]); 239 PPK[4] += RotR1(PPK[3]);
@@ -257,7 +244,7 @@ static void tkip_mixing_phase2(u8 *WEPSeed, const u8 *TK, const u16 *TTAK,
257 WEPSeed[0] = Hi8(IV16); 244 WEPSeed[0] = Hi8(IV16);
258 WEPSeed[1] = (Hi8(IV16) | 0x20) & 0x7F; 245 WEPSeed[1] = (Hi8(IV16) | 0x20) & 0x7F;
259 WEPSeed[2] = Lo8(IV16); 246 WEPSeed[2] = Lo8(IV16);
260 WEPSeed[3] = Lo8((PPK[5] ^ Mk16_le((u16 *) &TK[0])) >> 1); 247 WEPSeed[3] = Lo8((PPK[5] ^ Mk16_le((u16 *) & TK[0])) >> 1);
261 248
262#ifdef __BIG_ENDIAN 249#ifdef __BIG_ENDIAN
263 { 250 {
@@ -281,7 +268,7 @@ static int ieee80211_tkip_encrypt(struct sk_buff *skb, int hdr_len, void *priv)
281 skb->len < hdr_len) 268 skb->len < hdr_len)
282 return -1; 269 return -1;
283 270
284 hdr = (struct ieee80211_hdr *) skb->data; 271 hdr = (struct ieee80211_hdr *)skb->data;
285 if (!tkey->tx_phase1_done) { 272 if (!tkey->tx_phase1_done) {
286 tkip_mixing_phase1(tkey->tx_ttak, tkey->key, hdr->addr2, 273 tkip_mixing_phase1(tkey->tx_ttak, tkey->key, hdr->addr2,
287 tkey->tx_iv32); 274 tkey->tx_iv32);
@@ -298,7 +285,7 @@ static int ieee80211_tkip_encrypt(struct sk_buff *skb, int hdr_len, void *priv)
298 *pos++ = rc4key[0]; 285 *pos++ = rc4key[0];
299 *pos++ = rc4key[1]; 286 *pos++ = rc4key[1];
300 *pos++ = rc4key[2]; 287 *pos++ = rc4key[2];
301 *pos++ = (tkey->key_idx << 6) | (1 << 5) /* Ext IV included */; 288 *pos++ = (tkey->key_idx << 6) | (1 << 5) /* Ext IV included */ ;
302 *pos++ = tkey->tx_iv32 & 0xff; 289 *pos++ = tkey->tx_iv32 & 0xff;
303 *pos++ = (tkey->tx_iv32 >> 8) & 0xff; 290 *pos++ = (tkey->tx_iv32 >> 8) & 0xff;
304 *pos++ = (tkey->tx_iv32 >> 16) & 0xff; 291 *pos++ = (tkey->tx_iv32 >> 16) & 0xff;
@@ -341,7 +328,7 @@ static int ieee80211_tkip_decrypt(struct sk_buff *skb, int hdr_len, void *priv)
341 if (skb->len < hdr_len + 8 + 4) 328 if (skb->len < hdr_len + 8 + 4)
342 return -1; 329 return -1;
343 330
344 hdr = (struct ieee80211_hdr *) skb->data; 331 hdr = (struct ieee80211_hdr *)skb->data;
345 pos = skb->data + hdr_len; 332 pos = skb->data + hdr_len;
346 keyidx = pos[3]; 333 keyidx = pos[3];
347 if (!(keyidx & (1 << 5))) { 334 if (!(keyidx & (1 << 5))) {
@@ -427,9 +414,8 @@ static int ieee80211_tkip_decrypt(struct sk_buff *skb, int hdr_len, void *priv)
427 return keyidx; 414 return keyidx;
428} 415}
429 416
430 417static int michael_mic(struct ieee80211_tkip_data *tkey, u8 * key, u8 * hdr,
431static int michael_mic(struct ieee80211_tkip_data *tkey, u8 *key, u8 *hdr, 418 u8 * data, size_t data_len, u8 * mic)
432 u8 *data, size_t data_len, u8 *mic)
433{ 419{
434 struct scatterlist sg[2]; 420 struct scatterlist sg[2];
435 421
@@ -453,37 +439,37 @@ static int michael_mic(struct ieee80211_tkip_data *tkey, u8 *key, u8 *hdr,
453 return 0; 439 return 0;
454} 440}
455 441
456static void michael_mic_hdr(struct sk_buff *skb, u8 *hdr) 442static void michael_mic_hdr(struct sk_buff *skb, u8 * hdr)
457{ 443{
458 struct ieee80211_hdr *hdr11; 444 struct ieee80211_hdr *hdr11;
459 445
460 hdr11 = (struct ieee80211_hdr *) skb->data; 446 hdr11 = (struct ieee80211_hdr *)skb->data;
461 switch (le16_to_cpu(hdr11->frame_ctl) & 447 switch (le16_to_cpu(hdr11->frame_ctl) &
462 (IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS)) { 448 (IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS)) {
463 case IEEE80211_FCTL_TODS: 449 case IEEE80211_FCTL_TODS:
464 memcpy(hdr, hdr11->addr3, ETH_ALEN); /* DA */ 450 memcpy(hdr, hdr11->addr3, ETH_ALEN); /* DA */
465 memcpy(hdr + ETH_ALEN, hdr11->addr2, ETH_ALEN); /* SA */ 451 memcpy(hdr + ETH_ALEN, hdr11->addr2, ETH_ALEN); /* SA */
466 break; 452 break;
467 case IEEE80211_FCTL_FROMDS: 453 case IEEE80211_FCTL_FROMDS:
468 memcpy(hdr, hdr11->addr1, ETH_ALEN); /* DA */ 454 memcpy(hdr, hdr11->addr1, ETH_ALEN); /* DA */
469 memcpy(hdr + ETH_ALEN, hdr11->addr3, ETH_ALEN); /* SA */ 455 memcpy(hdr + ETH_ALEN, hdr11->addr3, ETH_ALEN); /* SA */
470 break; 456 break;
471 case IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS: 457 case IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS:
472 memcpy(hdr, hdr11->addr3, ETH_ALEN); /* DA */ 458 memcpy(hdr, hdr11->addr3, ETH_ALEN); /* DA */
473 memcpy(hdr + ETH_ALEN, hdr11->addr4, ETH_ALEN); /* SA */ 459 memcpy(hdr + ETH_ALEN, hdr11->addr4, ETH_ALEN); /* SA */
474 break; 460 break;
475 case 0: 461 case 0:
476 memcpy(hdr, hdr11->addr1, ETH_ALEN); /* DA */ 462 memcpy(hdr, hdr11->addr1, ETH_ALEN); /* DA */
477 memcpy(hdr + ETH_ALEN, hdr11->addr2, ETH_ALEN); /* SA */ 463 memcpy(hdr + ETH_ALEN, hdr11->addr2, ETH_ALEN); /* SA */
478 break; 464 break;
479 } 465 }
480 466
481 hdr[12] = 0; /* priority */ 467 hdr[12] = 0; /* priority */
482 hdr[13] = hdr[14] = hdr[15] = 0; /* reserved */ 468 hdr[13] = hdr[14] = hdr[15] = 0; /* reserved */
483} 469}
484 470
485 471static int ieee80211_michael_mic_add(struct sk_buff *skb, int hdr_len,
486static int ieee80211_michael_mic_add(struct sk_buff *skb, int hdr_len, void *priv) 472 void *priv)
487{ 473{
488 struct ieee80211_tkip_data *tkey = priv; 474 struct ieee80211_tkip_data *tkey = priv;
489 u8 *pos; 475 u8 *pos;
@@ -504,11 +490,9 @@ static int ieee80211_michael_mic_add(struct sk_buff *skb, int hdr_len, void *pri
504 return 0; 490 return 0;
505} 491}
506 492
507
508#if WIRELESS_EXT >= 18 493#if WIRELESS_EXT >= 18
509static void ieee80211_michael_mic_failure(struct net_device *dev, 494static void ieee80211_michael_mic_failure(struct net_device *dev,
510 struct ieee80211_hdr *hdr, 495 struct ieee80211_hdr *hdr, int keyidx)
511 int keyidx)
512{ 496{
513 union iwreq_data wrqu; 497 union iwreq_data wrqu;
514 struct iw_michaelmicfailure ev; 498 struct iw_michaelmicfailure ev;
@@ -524,12 +508,11 @@ static void ieee80211_michael_mic_failure(struct net_device *dev,
524 memcpy(ev.src_addr.sa_data, hdr->addr2, ETH_ALEN); 508 memcpy(ev.src_addr.sa_data, hdr->addr2, ETH_ALEN);
525 memset(&wrqu, 0, sizeof(wrqu)); 509 memset(&wrqu, 0, sizeof(wrqu));
526 wrqu.data.length = sizeof(ev); 510 wrqu.data.length = sizeof(ev);
527 wireless_send_event(dev, IWEVMICHAELMICFAILURE, &wrqu, (char *) &ev); 511 wireless_send_event(dev, IWEVMICHAELMICFAILURE, &wrqu, (char *)&ev);
528} 512}
529#elif WIRELESS_EXT >= 15 513#elif WIRELESS_EXT >= 15
530static void ieee80211_michael_mic_failure(struct net_device *dev, 514static void ieee80211_michael_mic_failure(struct net_device *dev,
531 struct ieee80211_hdr *hdr, 515 struct ieee80211_hdr *hdr, int keyidx)
532 int keyidx)
533{ 516{
534 union iwreq_data wrqu; 517 union iwreq_data wrqu;
535 char buf[128]; 518 char buf[128];
@@ -542,17 +525,16 @@ static void ieee80211_michael_mic_failure(struct net_device *dev,
542 wrqu.data.length = strlen(buf); 525 wrqu.data.length = strlen(buf);
543 wireless_send_event(dev, IWEVCUSTOM, &wrqu, buf); 526 wireless_send_event(dev, IWEVCUSTOM, &wrqu, buf);
544} 527}
545#else /* WIRELESS_EXT >= 15 */ 528#else /* WIRELESS_EXT >= 15 */
546static inline void ieee80211_michael_mic_failure(struct net_device *dev, 529static inline void ieee80211_michael_mic_failure(struct net_device *dev,
547 struct ieee80211_hdr *hdr, 530 struct ieee80211_hdr *hdr,
548 int keyidx) 531 int keyidx)
549{ 532{
550} 533}
551#endif /* WIRELESS_EXT >= 15 */ 534#endif /* WIRELESS_EXT >= 15 */
552
553 535
554static int ieee80211_michael_mic_verify(struct sk_buff *skb, int keyidx, 536static int ieee80211_michael_mic_verify(struct sk_buff *skb, int keyidx,
555 int hdr_len, void *priv) 537 int hdr_len, void *priv)
556{ 538{
557 struct ieee80211_tkip_data *tkey = priv; 539 struct ieee80211_tkip_data *tkey = priv;
558 u8 mic[8]; 540 u8 mic[8];
@@ -566,7 +548,7 @@ static int ieee80211_michael_mic_verify(struct sk_buff *skb, int keyidx,
566 return -1; 548 return -1;
567 if (memcmp(mic, skb->data + skb->len - 8, 8) != 0) { 549 if (memcmp(mic, skb->data + skb->len - 8, 8) != 0) {
568 struct ieee80211_hdr *hdr; 550 struct ieee80211_hdr *hdr;
569 hdr = (struct ieee80211_hdr *) skb->data; 551 hdr = (struct ieee80211_hdr *)skb->data;
570 printk(KERN_DEBUG "%s: Michael MIC verification failed for " 552 printk(KERN_DEBUG "%s: Michael MIC verification failed for "
571 "MSDU from " MAC_FMT " keyidx=%d\n", 553 "MSDU from " MAC_FMT " keyidx=%d\n",
572 skb->dev ? skb->dev->name : "N/A", MAC_ARG(hdr->addr2), 554 skb->dev ? skb->dev->name : "N/A", MAC_ARG(hdr->addr2),
@@ -587,8 +569,7 @@ static int ieee80211_michael_mic_verify(struct sk_buff *skb, int keyidx,
587 return 0; 569 return 0;
588} 570}
589 571
590 572static int ieee80211_tkip_set_key(void *key, int len, u8 * seq, void *priv)
591static int ieee80211_tkip_set_key(void *key, int len, u8 *seq, void *priv)
592{ 573{
593 struct ieee80211_tkip_data *tkey = priv; 574 struct ieee80211_tkip_data *tkey = priv;
594 int keyidx; 575 int keyidx;
@@ -603,10 +584,10 @@ static int ieee80211_tkip_set_key(void *key, int len, u8 *seq, void *priv)
603 if (len == TKIP_KEY_LEN) { 584 if (len == TKIP_KEY_LEN) {
604 memcpy(tkey->key, key, TKIP_KEY_LEN); 585 memcpy(tkey->key, key, TKIP_KEY_LEN);
605 tkey->key_set = 1; 586 tkey->key_set = 1;
606 tkey->tx_iv16 = 1; /* TSC is initialized to 1 */ 587 tkey->tx_iv16 = 1; /* TSC is initialized to 1 */
607 if (seq) { 588 if (seq) {
608 tkey->rx_iv32 = (seq[5] << 24) | (seq[4] << 16) | 589 tkey->rx_iv32 = (seq[5] << 24) | (seq[4] << 16) |
609 (seq[3] << 8) | seq[2]; 590 (seq[3] << 8) | seq[2];
610 tkey->rx_iv16 = (seq[1] << 8) | seq[0]; 591 tkey->rx_iv16 = (seq[1] << 8) | seq[0];
611 } 592 }
612 } else if (len == 0) 593 } else if (len == 0)
@@ -617,8 +598,7 @@ static int ieee80211_tkip_set_key(void *key, int len, u8 *seq, void *priv)
617 return 0; 598 return 0;
618} 599}
619 600
620 601static int ieee80211_tkip_get_key(void *key, int len, u8 * seq, void *priv)
621static int ieee80211_tkip_get_key(void *key, int len, u8 *seq, void *priv)
622{ 602{
623 struct ieee80211_tkip_data *tkey = priv; 603 struct ieee80211_tkip_data *tkey = priv;
624 604
@@ -647,8 +627,7 @@ static int ieee80211_tkip_get_key(void *key, int len, u8 *seq, void *priv)
647 return TKIP_KEY_LEN; 627 return TKIP_KEY_LEN;
648} 628}
649 629
650 630static char *ieee80211_tkip_print_stats(char *p, void *priv)
651static char * ieee80211_tkip_print_stats(char *p, void *priv)
652{ 631{
653 struct ieee80211_tkip_data *tkip = priv; 632 struct ieee80211_tkip_data *tkip = priv;
654 p += sprintf(p, "key[%d] alg=TKIP key_set=%d " 633 p += sprintf(p, "key[%d] alg=TKIP key_set=%d "
@@ -674,7 +653,6 @@ static char * ieee80211_tkip_print_stats(char *p, void *priv)
674 return p; 653 return p;
675} 654}
676 655
677
678static struct ieee80211_crypto_ops ieee80211_crypt_tkip = { 656static struct ieee80211_crypto_ops ieee80211_crypt_tkip = {
679 .name = "TKIP", 657 .name = "TKIP",
680 .init = ieee80211_tkip_init, 658 .init = ieee80211_tkip_init,
@@ -686,23 +664,20 @@ static struct ieee80211_crypto_ops ieee80211_crypt_tkip = {
686 .set_key = ieee80211_tkip_set_key, 664 .set_key = ieee80211_tkip_set_key,
687 .get_key = ieee80211_tkip_get_key, 665 .get_key = ieee80211_tkip_get_key,
688 .print_stats = ieee80211_tkip_print_stats, 666 .print_stats = ieee80211_tkip_print_stats,
689 .extra_prefix_len = 4 + 4, /* IV + ExtIV */ 667 .extra_prefix_len = 4 + 4, /* IV + ExtIV */
690 .extra_postfix_len = 8 + 4, /* MIC + ICV */ 668 .extra_postfix_len = 8 + 4, /* MIC + ICV */
691 .owner = THIS_MODULE, 669 .owner = THIS_MODULE,
692}; 670};
693 671
694
695static int __init ieee80211_crypto_tkip_init(void) 672static int __init ieee80211_crypto_tkip_init(void)
696{ 673{
697 return ieee80211_register_crypto_ops(&ieee80211_crypt_tkip); 674 return ieee80211_register_crypto_ops(&ieee80211_crypt_tkip);
698} 675}
699 676
700
701static void __exit ieee80211_crypto_tkip_exit(void) 677static void __exit ieee80211_crypto_tkip_exit(void)
702{ 678{
703 ieee80211_unregister_crypto_ops(&ieee80211_crypt_tkip); 679 ieee80211_unregister_crypto_ops(&ieee80211_crypt_tkip);
704} 680}
705 681
706
707module_init(ieee80211_crypto_tkip_init); 682module_init(ieee80211_crypto_tkip_init);
708module_exit(ieee80211_crypto_tkip_exit); 683module_exit(ieee80211_crypto_tkip_exit);
diff --git a/net/ieee80211/ieee80211_crypt_wep.c b/net/ieee80211/ieee80211_crypt_wep.c
index bec1d3470d39..b4d2514a0902 100644
--- a/net/ieee80211/ieee80211_crypt_wep.c
+++ b/net/ieee80211/ieee80211_crypt_wep.c
@@ -20,7 +20,6 @@
20 20
21#include <net/ieee80211.h> 21#include <net/ieee80211.h>
22 22
23
24#include <linux/crypto.h> 23#include <linux/crypto.h>
25#include <asm/scatterlist.h> 24#include <asm/scatterlist.h>
26#include <linux/crc32.h> 25#include <linux/crc32.h>
@@ -29,7 +28,6 @@ MODULE_AUTHOR("Jouni Malinen");
29MODULE_DESCRIPTION("Host AP crypt: WEP"); 28MODULE_DESCRIPTION("Host AP crypt: WEP");
30MODULE_LICENSE("GPL"); 29MODULE_LICENSE("GPL");
31 30
32
33struct prism2_wep_data { 31struct prism2_wep_data {
34 u32 iv; 32 u32 iv;
35#define WEP_KEY_LEN 13 33#define WEP_KEY_LEN 13
@@ -39,8 +37,7 @@ struct prism2_wep_data {
39 struct crypto_tfm *tfm; 37 struct crypto_tfm *tfm;
40}; 38};
41 39
42 40static void *prism2_wep_init(int keyidx)
43static void * prism2_wep_init(int keyidx)
44{ 41{
45 struct prism2_wep_data *priv; 42 struct prism2_wep_data *priv;
46 43
@@ -62,7 +59,7 @@ static void * prism2_wep_init(int keyidx)
62 59
63 return priv; 60 return priv;
64 61
65fail: 62 fail:
66 if (priv) { 63 if (priv) {
67 if (priv->tfm) 64 if (priv->tfm)
68 crypto_free_tfm(priv->tfm); 65 crypto_free_tfm(priv->tfm);
@@ -71,7 +68,6 @@ fail:
71 return NULL; 68 return NULL;
72} 69}
73 70
74
75static void prism2_wep_deinit(void *priv) 71static void prism2_wep_deinit(void *priv)
76{ 72{
77 struct prism2_wep_data *_priv = priv; 73 struct prism2_wep_data *_priv = priv;
@@ -80,7 +76,6 @@ static void prism2_wep_deinit(void *priv)
80 kfree(priv); 76 kfree(priv);
81} 77}
82 78
83
84/* Perform WEP encryption on given skb that has at least 4 bytes of headroom 79/* Perform WEP encryption on given skb that has at least 4 bytes of headroom
85 * for IV and 4 bytes of tailroom for ICV. Both IV and ICV will be transmitted, 80 * for IV and 4 bytes of tailroom for ICV. Both IV and ICV will be transmitted,
86 * so the payload length increases with 8 bytes. 81 * so the payload length increases with 8 bytes.
@@ -143,7 +138,6 @@ static int prism2_wep_encrypt(struct sk_buff *skb, int hdr_len, void *priv)
143 return 0; 138 return 0;
144} 139}
145 140
146
147/* Perform WEP decryption on given buffer. Buffer includes whole WEP part of 141/* Perform WEP decryption on given buffer. Buffer includes whole WEP part of
148 * the frame: IV (4 bytes), encrypted payload (including SNAP header), 142 * the frame: IV (4 bytes), encrypted payload (including SNAP header),
149 * ICV (4 bytes). len includes both IV and ICV. 143 * ICV (4 bytes). len includes both IV and ICV.
@@ -202,8 +196,7 @@ static int prism2_wep_decrypt(struct sk_buff *skb, int hdr_len, void *priv)
202 return 0; 196 return 0;
203} 197}
204 198
205 199static int prism2_wep_set_key(void *key, int len, u8 * seq, void *priv)
206static int prism2_wep_set_key(void *key, int len, u8 *seq, void *priv)
207{ 200{
208 struct prism2_wep_data *wep = priv; 201 struct prism2_wep_data *wep = priv;
209 202
@@ -216,8 +209,7 @@ static int prism2_wep_set_key(void *key, int len, u8 *seq, void *priv)
216 return 0; 209 return 0;
217} 210}
218 211
219 212static int prism2_wep_get_key(void *key, int len, u8 * seq, void *priv)
220static int prism2_wep_get_key(void *key, int len, u8 *seq, void *priv)
221{ 213{
222 struct prism2_wep_data *wep = priv; 214 struct prism2_wep_data *wep = priv;
223 215
@@ -229,16 +221,13 @@ static int prism2_wep_get_key(void *key, int len, u8 *seq, void *priv)
229 return wep->key_len; 221 return wep->key_len;
230} 222}
231 223
232 224static char *prism2_wep_print_stats(char *p, void *priv)
233static char * prism2_wep_print_stats(char *p, void *priv)
234{ 225{
235 struct prism2_wep_data *wep = priv; 226 struct prism2_wep_data *wep = priv;
236 p += sprintf(p, "key[%d] alg=WEP len=%d\n", 227 p += sprintf(p, "key[%d] alg=WEP len=%d\n", wep->key_idx, wep->key_len);
237 wep->key_idx, wep->key_len);
238 return p; 228 return p;
239} 229}
240 230
241
242static struct ieee80211_crypto_ops ieee80211_crypt_wep = { 231static struct ieee80211_crypto_ops ieee80211_crypt_wep = {
243 .name = "WEP", 232 .name = "WEP",
244 .init = prism2_wep_init, 233 .init = prism2_wep_init,
@@ -250,23 +239,20 @@ static struct ieee80211_crypto_ops ieee80211_crypt_wep = {
250 .set_key = prism2_wep_set_key, 239 .set_key = prism2_wep_set_key,
251 .get_key = prism2_wep_get_key, 240 .get_key = prism2_wep_get_key,
252 .print_stats = prism2_wep_print_stats, 241 .print_stats = prism2_wep_print_stats,
253 .extra_prefix_len = 4, /* IV */ 242 .extra_prefix_len = 4, /* IV */
254 .extra_postfix_len = 4, /* ICV */ 243 .extra_postfix_len = 4, /* ICV */
255 .owner = THIS_MODULE, 244 .owner = THIS_MODULE,
256}; 245};
257 246
258
259static int __init ieee80211_crypto_wep_init(void) 247static int __init ieee80211_crypto_wep_init(void)
260{ 248{
261 return ieee80211_register_crypto_ops(&ieee80211_crypt_wep); 249 return ieee80211_register_crypto_ops(&ieee80211_crypt_wep);
262} 250}
263 251
264
265static void __exit ieee80211_crypto_wep_exit(void) 252static void __exit ieee80211_crypto_wep_exit(void)
266{ 253{
267 ieee80211_unregister_crypto_ops(&ieee80211_crypt_wep); 254 ieee80211_unregister_crypto_ops(&ieee80211_crypt_wep);
268} 255}
269 256
270
271module_init(ieee80211_crypto_wep_init); 257module_init(ieee80211_crypto_wep_init);
272module_exit(ieee80211_crypto_wep_exit); 258module_exit(ieee80211_crypto_wep_exit);
diff --git a/net/ieee80211/ieee80211_module.c b/net/ieee80211/ieee80211_module.c
index 553acb2e93d5..03a47343ddc7 100644
--- a/net/ieee80211/ieee80211_module.c
+++ b/net/ieee80211/ieee80211_module.c
@@ -54,7 +54,8 @@
54#include <net/ieee80211.h> 54#include <net/ieee80211.h>
55 55
56MODULE_DESCRIPTION("802.11 data/management/control stack"); 56MODULE_DESCRIPTION("802.11 data/management/control stack");
57MODULE_AUTHOR("Copyright (C) 2004 Intel Corporation <jketreno@linux.intel.com>"); 57MODULE_AUTHOR
58 ("Copyright (C) 2004 Intel Corporation <jketreno@linux.intel.com>");
58MODULE_LICENSE("GPL"); 59MODULE_LICENSE("GPL");
59 60
60#define DRV_NAME "ieee80211" 61#define DRV_NAME "ieee80211"
@@ -64,9 +65,9 @@ static inline int ieee80211_networks_allocate(struct ieee80211_device *ieee)
64 if (ieee->networks) 65 if (ieee->networks)
65 return 0; 66 return 0;
66 67
67 ieee->networks = kmalloc( 68 ieee->networks =
68 MAX_NETWORK_COUNT * sizeof(struct ieee80211_network), 69 kmalloc(MAX_NETWORK_COUNT * sizeof(struct ieee80211_network),
69 GFP_KERNEL); 70 GFP_KERNEL);
70 if (!ieee->networks) { 71 if (!ieee->networks) {
71 printk(KERN_WARNING "%s: Out of memory allocating beacons\n", 72 printk(KERN_WARNING "%s: Out of memory allocating beacons\n",
72 ieee->dev->name); 73 ieee->dev->name);
@@ -94,10 +95,10 @@ static inline void ieee80211_networks_initialize(struct ieee80211_device *ieee)
94 INIT_LIST_HEAD(&ieee->network_free_list); 95 INIT_LIST_HEAD(&ieee->network_free_list);
95 INIT_LIST_HEAD(&ieee->network_list); 96 INIT_LIST_HEAD(&ieee->network_list);
96 for (i = 0; i < MAX_NETWORK_COUNT; i++) 97 for (i = 0; i < MAX_NETWORK_COUNT; i++)
97 list_add_tail(&ieee->networks[i].list, &ieee->network_free_list); 98 list_add_tail(&ieee->networks[i].list,
99 &ieee->network_free_list);
98} 100}
99 101
100
101struct net_device *alloc_ieee80211(int sizeof_priv) 102struct net_device *alloc_ieee80211(int sizeof_priv)
102{ 103{
103 struct ieee80211_device *ieee; 104 struct ieee80211_device *ieee;
@@ -118,8 +119,7 @@ struct net_device *alloc_ieee80211(int sizeof_priv)
118 119
119 err = ieee80211_networks_allocate(ieee); 120 err = ieee80211_networks_allocate(ieee);
120 if (err) { 121 if (err) {
121 IEEE80211_ERROR("Unable to allocate beacon storage: %d\n", 122 IEEE80211_ERROR("Unable to allocate beacon storage: %d\n", err);
122 err);
123 goto failed; 123 goto failed;
124 } 124 }
125 ieee80211_networks_initialize(ieee); 125 ieee80211_networks_initialize(ieee);
@@ -132,7 +132,7 @@ struct net_device *alloc_ieee80211(int sizeof_priv)
132 /* Default to enabling full open WEP with host based encrypt/decrypt */ 132 /* Default to enabling full open WEP with host based encrypt/decrypt */
133 ieee->host_encrypt = 1; 133 ieee->host_encrypt = 1;
134 ieee->host_decrypt = 1; 134 ieee->host_decrypt = 1;
135 ieee->ieee802_1x = 1; /* Default to supporting 802.1x */ 135 ieee->ieee802_1x = 1; /* Default to supporting 802.1x */
136 136
137 INIT_LIST_HEAD(&ieee->crypt_deinit_list); 137 INIT_LIST_HEAD(&ieee->crypt_deinit_list);
138 init_timer(&ieee->crypt_deinit_timer); 138 init_timer(&ieee->crypt_deinit_timer);
@@ -141,21 +141,20 @@ struct net_device *alloc_ieee80211(int sizeof_priv)
141 141
142 spin_lock_init(&ieee->lock); 142 spin_lock_init(&ieee->lock);
143 143
144 ieee->wpa_enabled = 0; 144 ieee->wpa_enabled = 0;
145 ieee->tkip_countermeasures = 0; 145 ieee->tkip_countermeasures = 0;
146 ieee->drop_unencrypted = 0; 146 ieee->drop_unencrypted = 0;
147 ieee->privacy_invoked = 0; 147 ieee->privacy_invoked = 0;
148 ieee->ieee802_1x = 1; 148 ieee->ieee802_1x = 1;
149 149
150 return dev; 150 return dev;
151 151
152 failed: 152 failed:
153 if (dev) 153 if (dev)
154 free_netdev(dev); 154 free_netdev(dev);
155 return NULL; 155 return NULL;
156} 156}
157 157
158
159void free_ieee80211(struct net_device *dev) 158void free_ieee80211(struct net_device *dev)
160{ 159{
161 struct ieee80211_device *ieee = netdev_priv(dev); 160 struct ieee80211_device *ieee = netdev_priv(dev);
@@ -193,7 +192,7 @@ static int show_debug_level(char *page, char **start, off_t offset,
193 return snprintf(page, count, "0x%08X\n", ieee80211_debug_level); 192 return snprintf(page, count, "0x%08X\n", ieee80211_debug_level);
194} 193}
195 194
196static int store_debug_level(struct file *file, const char __user *buffer, 195static int store_debug_level(struct file *file, const char __user * buffer,
197 unsigned long count, void *data) 196 unsigned long count, void *data)
198{ 197{
199 char buf[] = "0x00000000"; 198 char buf[] = "0x00000000";
@@ -264,13 +263,12 @@ static void __exit ieee80211_exit(void)
264module_param(debug, int, 0444); 263module_param(debug, int, 0444);
265MODULE_PARM_DESC(debug, "debug output mask"); 264MODULE_PARM_DESC(debug, "debug output mask");
266 265
267
268module_exit(ieee80211_exit); 266module_exit(ieee80211_exit);
269module_init(ieee80211_init); 267module_init(ieee80211_init);
270#endif 268#endif
271 269
272 270const char *escape_essid(const char *essid, u8 essid_len)
273const char *escape_essid(const char *essid, u8 essid_len) { 271{
274 static char escaped[IW_ESSID_MAX_SIZE * 2 + 1]; 272 static char escaped[IW_ESSID_MAX_SIZE * 2 + 1];
275 const char *s = essid; 273 const char *s = essid;
276 char *d = escaped; 274 char *d = escaped;
@@ -280,7 +278,7 @@ const char *escape_essid(const char *essid, u8 essid_len) {
280 return escaped; 278 return escaped;
281 } 279 }
282 280
283 essid_len = min(essid_len, (u8)IW_ESSID_MAX_SIZE); 281 essid_len = min(essid_len, (u8) IW_ESSID_MAX_SIZE);
284 while (essid_len--) { 282 while (essid_len--) {
285 if (*s == '\0') { 283 if (*s == '\0') {
286 *d++ = '\\'; 284 *d++ = '\\';
diff --git a/net/ieee80211/ieee80211_rx.c b/net/ieee80211/ieee80211_rx.c
index a5905f53aed7..f7dcd854139e 100644
--- a/net/ieee80211/ieee80211_rx.c
+++ b/net/ieee80211/ieee80211_rx.c
@@ -52,11 +52,14 @@ static inline void ieee80211_monitor_rx(struct ieee80211_device *ieee,
52 netif_rx(skb); 52 netif_rx(skb);
53} 53}
54 54
55
56/* Called only as a tasklet (software IRQ) */ 55/* Called only as a tasklet (software IRQ) */
57static struct ieee80211_frag_entry * 56static struct ieee80211_frag_entry *ieee80211_frag_cache_find(struct
58ieee80211_frag_cache_find(struct ieee80211_device *ieee, unsigned int seq, 57 ieee80211_device
59 unsigned int frag, u8 *src, u8 *dst) 58 *ieee,
59 unsigned int seq,
60 unsigned int frag,
61 u8 * src,
62 u8 * dst)
60{ 63{
61 struct ieee80211_frag_entry *entry; 64 struct ieee80211_frag_entry *entry;
62 int i; 65 int i;
@@ -65,10 +68,9 @@ ieee80211_frag_cache_find(struct ieee80211_device *ieee, unsigned int seq,
65 entry = &ieee->frag_cache[i]; 68 entry = &ieee->frag_cache[i];
66 if (entry->skb != NULL && 69 if (entry->skb != NULL &&
67 time_after(jiffies, entry->first_frag_time + 2 * HZ)) { 70 time_after(jiffies, entry->first_frag_time + 2 * HZ)) {
68 IEEE80211_DEBUG_FRAG( 71 IEEE80211_DEBUG_FRAG("expiring fragment cache entry "
69 "expiring fragment cache entry " 72 "seq=%u last_frag=%u\n",
70 "seq=%u last_frag=%u\n", 73 entry->seq, entry->last_frag);
71 entry->seq, entry->last_frag);
72 dev_kfree_skb_any(entry->skb); 74 dev_kfree_skb_any(entry->skb);
73 entry->skb = NULL; 75 entry->skb = NULL;
74 } 76 }
@@ -84,9 +86,8 @@ ieee80211_frag_cache_find(struct ieee80211_device *ieee, unsigned int seq,
84} 86}
85 87
86/* Called only as a tasklet (software IRQ) */ 88/* Called only as a tasklet (software IRQ) */
87static struct sk_buff * 89static struct sk_buff *ieee80211_frag_cache_get(struct ieee80211_device *ieee,
88ieee80211_frag_cache_get(struct ieee80211_device *ieee, 90 struct ieee80211_hdr *hdr)
89 struct ieee80211_hdr *hdr)
90{ 91{
91 struct sk_buff *skb = NULL; 92 struct sk_buff *skb = NULL;
92 u16 sc; 93 u16 sc;
@@ -101,9 +102,9 @@ ieee80211_frag_cache_get(struct ieee80211_device *ieee,
101 /* Reserve enough space to fit maximum frame length */ 102 /* Reserve enough space to fit maximum frame length */
102 skb = dev_alloc_skb(ieee->dev->mtu + 103 skb = dev_alloc_skb(ieee->dev->mtu +
103 sizeof(struct ieee80211_hdr) + 104 sizeof(struct ieee80211_hdr) +
104 8 /* LLC */ + 105 8 /* LLC */ +
105 2 /* alignment */ + 106 2 /* alignment */ +
106 8 /* WEP */ + ETH_ALEN /* WDS */); 107 8 /* WEP */ + ETH_ALEN /* WDS */ );
107 if (skb == NULL) 108 if (skb == NULL)
108 return NULL; 109 return NULL;
109 110
@@ -135,7 +136,6 @@ ieee80211_frag_cache_get(struct ieee80211_device *ieee,
135 return skb; 136 return skb;
136} 137}
137 138
138
139/* Called only as a tasklet (software IRQ) */ 139/* Called only as a tasklet (software IRQ) */
140static int ieee80211_frag_cache_invalidate(struct ieee80211_device *ieee, 140static int ieee80211_frag_cache_invalidate(struct ieee80211_device *ieee,
141 struct ieee80211_hdr *hdr) 141 struct ieee80211_hdr *hdr)
@@ -151,9 +151,8 @@ static int ieee80211_frag_cache_invalidate(struct ieee80211_device *ieee,
151 hdr->addr1); 151 hdr->addr1);
152 152
153 if (entry == NULL) { 153 if (entry == NULL) {
154 IEEE80211_DEBUG_FRAG( 154 IEEE80211_DEBUG_FRAG("could not invalidate fragment cache "
155 "could not invalidate fragment cache " 155 "entry (seq=%u)\n", seq);
156 "entry (seq=%u)\n", seq);
157 return -1; 156 return -1;
158 } 157 }
159 158
@@ -161,7 +160,6 @@ static int ieee80211_frag_cache_invalidate(struct ieee80211_device *ieee,
161 return 0; 160 return 0;
162} 161}
163 162
164
165#ifdef NOT_YET 163#ifdef NOT_YET
166/* ieee80211_rx_frame_mgtmt 164/* ieee80211_rx_frame_mgtmt
167 * 165 *
@@ -201,7 +199,7 @@ ieee80211_rx_frame_mgmt(struct ieee80211_device *ieee, struct sk_buff *skb,
201 return 0; 199 return 0;
202 } 200 }
203 201
204 if (ieee->iw_mode == IW_MODE_MASTER) { 202 if (ieee->iw_mode == IW_MODE_MASTER) {
205 if (type != WLAN_FC_TYPE_MGMT && type != WLAN_FC_TYPE_CTRL) { 203 if (type != WLAN_FC_TYPE_MGMT && type != WLAN_FC_TYPE_CTRL) {
206 printk(KERN_DEBUG "%s: unknown management frame " 204 printk(KERN_DEBUG "%s: unknown management frame "
207 "(type=0x%02x, stype=0x%02x) dropped\n", 205 "(type=0x%02x, stype=0x%02x) dropped\n",
@@ -219,14 +217,13 @@ ieee80211_rx_frame_mgmt(struct ieee80211_device *ieee, struct sk_buff *skb,
219} 217}
220#endif 218#endif
221 219
222
223/* See IEEE 802.1H for LLC/SNAP encapsulation/decapsulation */ 220/* See IEEE 802.1H for LLC/SNAP encapsulation/decapsulation */
224/* Ethernet-II snap header (RFC1042 for most EtherTypes) */ 221/* Ethernet-II snap header (RFC1042 for most EtherTypes) */
225static unsigned char rfc1042_header[] = 222static unsigned char rfc1042_header[] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 };
226{ 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 }; 223
227/* Bridge-Tunnel header (for EtherTypes ETH_P_AARP and ETH_P_IPX) */ 224/* Bridge-Tunnel header (for EtherTypes ETH_P_AARP and ETH_P_IPX) */
228static unsigned char bridge_tunnel_header[] = 225static unsigned char bridge_tunnel_header[] =
229{ 0xaa, 0xaa, 0x03, 0x00, 0x00, 0xf8 }; 226 { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0xf8 };
230/* No encapsulation header if EtherType < 0x600 (=length) */ 227/* No encapsulation header if EtherType < 0x600 (=length) */
231 228
232/* Called by ieee80211_rx_frame_decrypt */ 229/* Called by ieee80211_rx_frame_decrypt */
@@ -241,7 +238,7 @@ static int ieee80211_is_eapol_frame(struct ieee80211_device *ieee,
241 if (skb->len < 24) 238 if (skb->len < 24)
242 return 0; 239 return 0;
243 240
244 hdr = (struct ieee80211_hdr *) skb->data; 241 hdr = (struct ieee80211_hdr *)skb->data;
245 fc = le16_to_cpu(hdr->frame_ctl); 242 fc = le16_to_cpu(hdr->frame_ctl);
246 243
247 /* check that the frame is unicast frame to us */ 244 /* check that the frame is unicast frame to us */
@@ -271,7 +268,7 @@ static int ieee80211_is_eapol_frame(struct ieee80211_device *ieee,
271 268
272/* Called only as a tasklet (software IRQ), by ieee80211_rx */ 269/* Called only as a tasklet (software IRQ), by ieee80211_rx */
273static inline int 270static inline int
274ieee80211_rx_frame_decrypt(struct ieee80211_device* ieee, struct sk_buff *skb, 271ieee80211_rx_frame_decrypt(struct ieee80211_device *ieee, struct sk_buff *skb,
275 struct ieee80211_crypt_data *crypt) 272 struct ieee80211_crypt_data *crypt)
276{ 273{
277 struct ieee80211_hdr *hdr; 274 struct ieee80211_hdr *hdr;
@@ -280,12 +277,11 @@ ieee80211_rx_frame_decrypt(struct ieee80211_device* ieee, struct sk_buff *skb,
280 if (crypt == NULL || crypt->ops->decrypt_mpdu == NULL) 277 if (crypt == NULL || crypt->ops->decrypt_mpdu == NULL)
281 return 0; 278 return 0;
282 279
283 hdr = (struct ieee80211_hdr *) skb->data; 280 hdr = (struct ieee80211_hdr *)skb->data;
284 hdrlen = ieee80211_get_hdrlen(le16_to_cpu(hdr->frame_ctl)); 281 hdrlen = ieee80211_get_hdrlen(le16_to_cpu(hdr->frame_ctl));
285 282
286#ifdef CONFIG_IEEE80211_CRYPT_TKIP 283#ifdef CONFIG_IEEE80211_CRYPT_TKIP
287 if (ieee->tkip_countermeasures && 284 if (ieee->tkip_countermeasures && strcmp(crypt->ops->name, "TKIP") == 0) {
288 strcmp(crypt->ops->name, "TKIP") == 0) {
289 if (net_ratelimit()) { 285 if (net_ratelimit()) {
290 printk(KERN_DEBUG "%s: TKIP countermeasures: dropped " 286 printk(KERN_DEBUG "%s: TKIP countermeasures: dropped "
291 "received packet from " MAC_FMT "\n", 287 "received packet from " MAC_FMT "\n",
@@ -299,9 +295,8 @@ ieee80211_rx_frame_decrypt(struct ieee80211_device* ieee, struct sk_buff *skb,
299 res = crypt->ops->decrypt_mpdu(skb, hdrlen, crypt->priv); 295 res = crypt->ops->decrypt_mpdu(skb, hdrlen, crypt->priv);
300 atomic_dec(&crypt->refcnt); 296 atomic_dec(&crypt->refcnt);
301 if (res < 0) { 297 if (res < 0) {
302 IEEE80211_DEBUG_DROP( 298 IEEE80211_DEBUG_DROP("decryption failed (SA=" MAC_FMT
303 "decryption failed (SA=" MAC_FMT 299 ") res=%d\n", MAC_ARG(hdr->addr2), res);
304 ") res=%d\n", MAC_ARG(hdr->addr2), res);
305 if (res == -2) 300 if (res == -2)
306 IEEE80211_DEBUG_DROP("Decryption failed ICV " 301 IEEE80211_DEBUG_DROP("Decryption failed ICV "
307 "mismatch (key %d)\n", 302 "mismatch (key %d)\n",
@@ -313,11 +308,11 @@ ieee80211_rx_frame_decrypt(struct ieee80211_device* ieee, struct sk_buff *skb,
313 return res; 308 return res;
314} 309}
315 310
316
317/* Called only as a tasklet (software IRQ), by ieee80211_rx */ 311/* Called only as a tasklet (software IRQ), by ieee80211_rx */
318static inline int 312static inline int
319ieee80211_rx_frame_decrypt_msdu(struct ieee80211_device* ieee, struct sk_buff *skb, 313ieee80211_rx_frame_decrypt_msdu(struct ieee80211_device *ieee,
320 int keyidx, struct ieee80211_crypt_data *crypt) 314 struct sk_buff *skb, int keyidx,
315 struct ieee80211_crypt_data *crypt)
321{ 316{
322 struct ieee80211_hdr *hdr; 317 struct ieee80211_hdr *hdr;
323 int res, hdrlen; 318 int res, hdrlen;
@@ -325,7 +320,7 @@ ieee80211_rx_frame_decrypt_msdu(struct ieee80211_device* ieee, struct sk_buff *s
325 if (crypt == NULL || crypt->ops->decrypt_msdu == NULL) 320 if (crypt == NULL || crypt->ops->decrypt_msdu == NULL)
326 return 0; 321 return 0;
327 322
328 hdr = (struct ieee80211_hdr *) skb->data; 323 hdr = (struct ieee80211_hdr *)skb->data;
329 hdrlen = ieee80211_get_hdrlen(le16_to_cpu(hdr->frame_ctl)); 324 hdrlen = ieee80211_get_hdrlen(le16_to_cpu(hdr->frame_ctl));
330 325
331 atomic_inc(&crypt->refcnt); 326 atomic_inc(&crypt->refcnt);
@@ -341,7 +336,6 @@ ieee80211_rx_frame_decrypt_msdu(struct ieee80211_device* ieee, struct sk_buff *s
341 return 0; 336 return 0;
342} 337}
343 338
344
345/* All received frames are sent to this function. @skb contains the frame in 339/* All received frames are sent to this function. @skb contains the frame in
346 * IEEE 802.11 format, i.e., in the format it was sent over air. 340 * IEEE 802.11 format, i.e., in the format it was sent over air.
347 * This function is called only as a tasklet (software IRQ). */ 341 * This function is called only as a tasklet (software IRQ). */
@@ -373,8 +367,7 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb,
373 stats = &ieee->stats; 367 stats = &ieee->stats;
374 368
375 if (skb->len < 10) { 369 if (skb->len < 10) {
376 printk(KERN_INFO "%s: SKB length < 10\n", 370 printk(KERN_INFO "%s: SKB length < 10\n", dev->name);
377 dev->name);
378 goto rx_dropped; 371 goto rx_dropped;
379 } 372 }
380 373
@@ -399,8 +392,8 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb,
399 /* Update spy records */ 392 /* Update spy records */
400 wireless_spy_update(dev, hdr->addr2, &wstats); 393 wireless_spy_update(dev, hdr->addr2, &wstats);
401 } 394 }
402#endif /* IW_WIRELESS_SPY */ 395#endif /* IW_WIRELESS_SPY */
403#endif /* WIRELESS_EXT > 15 */ 396#endif /* WIRELESS_EXT > 15 */
404 hostap_update_rx_stats(local->ap, hdr, rx_stats); 397 hostap_update_rx_stats(local->ap, hdr, rx_stats);
405#endif 398#endif
406 399
@@ -429,8 +422,8 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb,
429 * stations that do not support WEP key mapping). */ 422 * stations that do not support WEP key mapping). */
430 423
431 if (!(hdr->addr1[0] & 0x01) || local->bcrx_sta_key) 424 if (!(hdr->addr1[0] & 0x01) || local->bcrx_sta_key)
432 (void) hostap_handle_sta_crypto(local, hdr, &crypt, 425 (void)hostap_handle_sta_crypto(local, hdr, &crypt,
433 &sta); 426 &sta);
434#endif 427#endif
435 428
436 /* allow NULL decrypt to indicate an station specific override 429 /* allow NULL decrypt to indicate an station specific override
@@ -451,13 +444,11 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb,
451 goto rx_dropped; 444 goto rx_dropped;
452 } 445 }
453 } 446 }
454
455#ifdef NOT_YET 447#ifdef NOT_YET
456 if (type != WLAN_FC_TYPE_DATA) { 448 if (type != WLAN_FC_TYPE_DATA) {
457 if (type == WLAN_FC_TYPE_MGMT && stype == WLAN_FC_STYPE_AUTH && 449 if (type == WLAN_FC_TYPE_MGMT && stype == WLAN_FC_STYPE_AUTH &&
458 fc & IEEE80211_FCTL_PROTECTED && ieee->host_decrypt && 450 fc & IEEE80211_FCTL_PROTECTED && ieee->host_decrypt &&
459 (keyidx = hostap_rx_frame_decrypt(ieee, skb, crypt)) < 0) 451 (keyidx = hostap_rx_frame_decrypt(ieee, skb, crypt)) < 0) {
460 {
461 printk(KERN_DEBUG "%s: failed to decrypt mgmt::auth " 452 printk(KERN_DEBUG "%s: failed to decrypt mgmt::auth "
462 "from " MAC_FMT "\n", dev->name, 453 "from " MAC_FMT "\n", dev->name,
463 MAC_ARG(hdr->addr2)); 454 MAC_ARG(hdr->addr2));
@@ -507,9 +498,9 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb,
507 } 498 }
508 499
509 if (ieee->iw_mode == IW_MODE_MASTER && !wds && 500 if (ieee->iw_mode == IW_MODE_MASTER && !wds &&
510 (fc & (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) == IEEE80211_FCTL_FROMDS && 501 (fc & (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) ==
511 ieee->stadev && 502 IEEE80211_FCTL_FROMDS && ieee->stadev
512 memcmp(hdr->addr2, ieee->assoc_ap_addr, ETH_ALEN) == 0) { 503 && memcmp(hdr->addr2, ieee->assoc_ap_addr, ETH_ALEN) == 0) {
513 /* Frame from BSSID of the AP for which we are a client */ 504 /* Frame from BSSID of the AP for which we are a client */
514 skb->dev = dev = ieee->stadev; 505 skb->dev = dev = ieee->stadev;
515 stats = hostap_get_stats(dev); 506 stats = hostap_get_stats(dev);
@@ -521,8 +512,7 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb,
521 512
522#ifdef NOT_YET 513#ifdef NOT_YET
523 if ((ieee->iw_mode == IW_MODE_MASTER || 514 if ((ieee->iw_mode == IW_MODE_MASTER ||
524 ieee->iw_mode == IW_MODE_REPEAT) && 515 ieee->iw_mode == IW_MODE_REPEAT) && !from_assoc_ap) {
525 !from_assoc_ap) {
526 switch (hostap_handle_sta_rx(ieee, dev, skb, rx_stats, 516 switch (hostap_handle_sta_rx(ieee, dev, skb, rx_stats,
527 wds != NULL)) { 517 wds != NULL)) {
528 case AP_RX_CONTINUE_NOT_AUTHORIZED: 518 case AP_RX_CONTINUE_NOT_AUTHORIZED:
@@ -546,11 +536,10 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb,
546 stype != IEEE80211_STYPE_DATA_CFPOLL && 536 stype != IEEE80211_STYPE_DATA_CFPOLL &&
547 stype != IEEE80211_STYPE_DATA_CFACKPOLL) { 537 stype != IEEE80211_STYPE_DATA_CFACKPOLL) {
548 if (stype != IEEE80211_STYPE_NULLFUNC) 538 if (stype != IEEE80211_STYPE_NULLFUNC)
549 IEEE80211_DEBUG_DROP( 539 IEEE80211_DEBUG_DROP("RX: dropped data frame "
550 "RX: dropped data frame " 540 "with no data (type=0x%02x, "
551 "with no data (type=0x%02x, " 541 "subtype=0x%02x, len=%d)\n",
552 "subtype=0x%02x, len=%d)\n", 542 type, stype, skb->len);
553 type, stype, skb->len);
554 goto rx_dropped; 543 goto rx_dropped;
555 } 544 }
556 545
@@ -560,7 +549,7 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb,
560 (keyidx = ieee80211_rx_frame_decrypt(ieee, skb, crypt)) < 0) 549 (keyidx = ieee80211_rx_frame_decrypt(ieee, skb, crypt)) < 0)
561 goto rx_dropped; 550 goto rx_dropped;
562 551
563 hdr = (struct ieee80211_hdr *) skb->data; 552 hdr = (struct ieee80211_hdr *)skb->data;
564 553
565 /* skb: hdr + (possibly fragmented) plaintext payload */ 554 /* skb: hdr + (possibly fragmented) plaintext payload */
566 // PR: FIXME: hostap has additional conditions in the "if" below: 555 // PR: FIXME: hostap has additional conditions in the "if" below:
@@ -614,7 +603,7 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb,
614 /* this was the last fragment and the frame will be 603 /* this was the last fragment and the frame will be
615 * delivered, so remove skb from fragment cache */ 604 * delivered, so remove skb from fragment cache */
616 skb = frag_skb; 605 skb = frag_skb;
617 hdr = (struct ieee80211_hdr *) skb->data; 606 hdr = (struct ieee80211_hdr *)skb->data;
618 ieee80211_frag_cache_invalidate(ieee, hdr); 607 ieee80211_frag_cache_invalidate(ieee, hdr);
619 } 608 }
620 609
@@ -624,28 +613,26 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb,
624 ieee80211_rx_frame_decrypt_msdu(ieee, skb, keyidx, crypt)) 613 ieee80211_rx_frame_decrypt_msdu(ieee, skb, keyidx, crypt))
625 goto rx_dropped; 614 goto rx_dropped;
626 615
627 hdr = (struct ieee80211_hdr *) skb->data; 616 hdr = (struct ieee80211_hdr *)skb->data;
628 if (crypt && !(fc & IEEE80211_FCTL_PROTECTED) && !ieee->open_wep) { 617 if (crypt && !(fc & IEEE80211_FCTL_PROTECTED) && !ieee->open_wep) {
629 if (/*ieee->ieee802_1x &&*/ 618 if ( /*ieee->ieee802_1x && */
630 ieee80211_is_eapol_frame(ieee, skb)) { 619 ieee80211_is_eapol_frame(ieee, skb)) {
631 /* pass unencrypted EAPOL frames even if encryption is 620 /* pass unencrypted EAPOL frames even if encryption is
632 * configured */ 621 * configured */
633 } else { 622 } else {
634 IEEE80211_DEBUG_DROP( 623 IEEE80211_DEBUG_DROP("encryption configured, but RX "
635 "encryption configured, but RX " 624 "frame not encrypted (SA=" MAC_FMT
636 "frame not encrypted (SA=" MAC_FMT ")\n", 625 ")\n", MAC_ARG(hdr->addr2));
637 MAC_ARG(hdr->addr2));
638 goto rx_dropped; 626 goto rx_dropped;
639 } 627 }
640 } 628 }
641 629
642 if (crypt && !(fc & IEEE80211_FCTL_PROTECTED) && !ieee->open_wep && 630 if (crypt && !(fc & IEEE80211_FCTL_PROTECTED) && !ieee->open_wep &&
643 !ieee80211_is_eapol_frame(ieee, skb)) { 631 !ieee80211_is_eapol_frame(ieee, skb)) {
644 IEEE80211_DEBUG_DROP( 632 IEEE80211_DEBUG_DROP("dropped unencrypted RX data "
645 "dropped unencrypted RX data " 633 "frame from " MAC_FMT
646 "frame from " MAC_FMT 634 " (drop_unencrypted=1)\n",
647 " (drop_unencrypted=1)\n", 635 MAC_ARG(hdr->addr2));
648 MAC_ARG(hdr->addr2));
649 goto rx_dropped; 636 goto rx_dropped;
650 } 637 }
651 638
@@ -673,8 +660,7 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb,
673 } else if (!frame_authorized) { 660 } else if (!frame_authorized) {
674 printk(KERN_DEBUG "%s: dropped frame from " 661 printk(KERN_DEBUG "%s: dropped frame from "
675 "unauthorized port (IEEE 802.1X): " 662 "unauthorized port (IEEE 802.1X): "
676 "ethertype=0x%04x\n", 663 "ethertype=0x%04x\n", dev->name, ethertype);
677 dev->name, ethertype);
678 goto rx_dropped; 664 goto rx_dropped;
679 } 665 }
680 } 666 }
@@ -702,8 +688,7 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb,
702 688
703#ifdef NOT_YET 689#ifdef NOT_YET
704 if (wds && ((fc & (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) == 690 if (wds && ((fc & (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) ==
705 IEEE80211_FCTL_TODS) && 691 IEEE80211_FCTL_TODS) && skb->len >= ETH_HLEN + ETH_ALEN) {
706 skb->len >= ETH_HLEN + ETH_ALEN) {
707 /* Non-standard frame: get addr4 from its bogus location after 692 /* Non-standard frame: get addr4 from its bogus location after
708 * the payload */ 693 * the payload */
709 memcpy(skb->data + ETH_ALEN, 694 memcpy(skb->data + ETH_ALEN,
@@ -716,8 +701,7 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb,
716 stats->rx_bytes += skb->len; 701 stats->rx_bytes += skb->len;
717 702
718#ifdef NOT_YET 703#ifdef NOT_YET
719 if (ieee->iw_mode == IW_MODE_MASTER && !wds && 704 if (ieee->iw_mode == IW_MODE_MASTER && !wds && ieee->ap->bridge_packets) {
720 ieee->ap->bridge_packets) {
721 if (dst[0] & 0x01) { 705 if (dst[0] & 0x01) {
722 /* copy multicast frame both to the higher layers and 706 /* copy multicast frame both to the higher layers and
723 * to the wireless media */ 707 * to the wireless media */
@@ -743,25 +727,24 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb,
743 skb2->dev = dev; 727 skb2->dev = dev;
744 dev_queue_xmit(skb2); 728 dev_queue_xmit(skb2);
745 } 729 }
746
747#endif 730#endif
748 731
749 if (skb) { 732 if (skb) {
750 skb->protocol = eth_type_trans(skb, dev); 733 skb->protocol = eth_type_trans(skb, dev);
751 memset(skb->cb, 0, sizeof(skb->cb)); 734 memset(skb->cb, 0, sizeof(skb->cb));
752 skb->dev = dev; 735 skb->dev = dev;
753 skb->ip_summed = CHECKSUM_NONE; /* 802.11 crc not sufficient */ 736 skb->ip_summed = CHECKSUM_NONE; /* 802.11 crc not sufficient */
754 netif_rx(skb); 737 netif_rx(skb);
755 } 738 }
756 739
757 rx_exit: 740 rx_exit:
758#ifdef NOT_YET 741#ifdef NOT_YET
759 if (sta) 742 if (sta)
760 hostap_handle_sta_release(sta); 743 hostap_handle_sta_release(sta);
761#endif 744#endif
762 return 1; 745 return 1;
763 746
764 rx_dropped: 747 rx_dropped:
765 stats->rx_dropped++; 748 stats->rx_dropped++;
766 749
767 /* Returning 0 indicates to caller that we have not handled the SKB-- 750 /* Returning 0 indicates to caller that we have not handled the SKB--
@@ -785,22 +768,21 @@ static inline int ieee80211_is_ofdm_rate(u8 rate)
785 case IEEE80211_OFDM_RATE_54MB: 768 case IEEE80211_OFDM_RATE_54MB:
786 return 1; 769 return 1;
787 } 770 }
788 return 0; 771 return 0;
789} 772}
790 773
791 774static inline int ieee80211_network_init(struct ieee80211_device *ieee,
792static inline int ieee80211_network_init( 775 struct ieee80211_probe_response
793 struct ieee80211_device *ieee, 776 *beacon,
794 struct ieee80211_probe_response *beacon, 777 struct ieee80211_network *network,
795 struct ieee80211_network *network, 778 struct ieee80211_rx_stats *stats)
796 struct ieee80211_rx_stats *stats)
797{ 779{
798#ifdef CONFIG_IEEE80211_DEBUG 780#ifdef CONFIG_IEEE80211_DEBUG
799 char rates_str[64]; 781 char rates_str[64];
800 char *p; 782 char *p;
801#endif 783#endif
802 struct ieee80211_info_element *info_element; 784 struct ieee80211_info_element *info_element;
803 u16 left; 785 u16 left;
804 u8 i; 786 u8 i;
805 787
806 /* Pull out fixed field data */ 788 /* Pull out fixed field data */
@@ -810,7 +792,7 @@ static inline int ieee80211_network_init(
810 network->time_stamp[0] = beacon->time_stamp[0]; 792 network->time_stamp[0] = beacon->time_stamp[0];
811 network->time_stamp[1] = beacon->time_stamp[1]; 793 network->time_stamp[1] = beacon->time_stamp[1];
812 network->beacon_interval = beacon->beacon_interval; 794 network->beacon_interval = beacon->beacon_interval;
813 /* Where to pull this? beacon->listen_interval;*/ 795 /* Where to pull this? beacon->listen_interval; */
814 network->listen_interval = 0x0A; 796 network->listen_interval = 0x0A;
815 network->rates_len = network->rates_ex_len = 0; 797 network->rates_len = network->rates_ex_len = 0;
816 network->last_associate = 0; 798 network->last_associate = 0;
@@ -824,18 +806,20 @@ static inline int ieee80211_network_init(
824 } else 806 } else
825 network->flags |= NETWORK_HAS_CCK; 807 network->flags |= NETWORK_HAS_CCK;
826 808
827 network->wpa_ie_len = 0; 809 network->wpa_ie_len = 0;
828 network->rsn_ie_len = 0; 810 network->rsn_ie_len = 0;
829 811
830 info_element = &beacon->info_element; 812 info_element = &beacon->info_element;
831 left = stats->len - ((void *)info_element - (void *)beacon); 813 left = stats->len - ((void *)info_element - (void *)beacon);
832 while (left >= sizeof(struct ieee80211_info_element_hdr)) { 814 while (left >= sizeof(struct ieee80211_info_element_hdr)) {
833 if (sizeof(struct ieee80211_info_element_hdr) + info_element->len > left) { 815 if (sizeof(struct ieee80211_info_element_hdr) +
834 IEEE80211_DEBUG_SCAN("SCAN: parse failed: info_element->len + 2 > left : info_element->len+2=%Zd left=%d.\n", 816 info_element->len > left) {
835 info_element->len + sizeof(struct ieee80211_info_element), 817 IEEE80211_DEBUG_SCAN
836 left); 818 ("SCAN: parse failed: info_element->len + 2 > left : info_element->len+2=%Zd left=%d.\n",
819 info_element->len +
820 sizeof(struct ieee80211_info_element), left);
837 return 1; 821 return 1;
838 } 822 }
839 823
840 switch (info_element->id) { 824 switch (info_element->id) {
841 case MFIE_TYPE_SSID: 825 case MFIE_TYPE_SSID:
@@ -846,10 +830,11 @@ static inline int ieee80211_network_init(
846 } 830 }
847 831
848 network->ssid_len = min(info_element->len, 832 network->ssid_len = min(info_element->len,
849 (u8)IW_ESSID_MAX_SIZE); 833 (u8) IW_ESSID_MAX_SIZE);
850 memcpy(network->ssid, info_element->data, network->ssid_len); 834 memcpy(network->ssid, info_element->data,
851 if (network->ssid_len < IW_ESSID_MAX_SIZE) 835 network->ssid_len);
852 memset(network->ssid + network->ssid_len, 0, 836 if (network->ssid_len < IW_ESSID_MAX_SIZE)
837 memset(network->ssid + network->ssid_len, 0,
853 IW_ESSID_MAX_SIZE - network->ssid_len); 838 IW_ESSID_MAX_SIZE - network->ssid_len);
854 839
855 IEEE80211_DEBUG_SCAN("MFIE_TYPE_SSID: '%s' len=%d.\n", 840 IEEE80211_DEBUG_SCAN("MFIE_TYPE_SSID: '%s' len=%d.\n",
@@ -860,18 +845,23 @@ static inline int ieee80211_network_init(
860#ifdef CONFIG_IEEE80211_DEBUG 845#ifdef CONFIG_IEEE80211_DEBUG
861 p = rates_str; 846 p = rates_str;
862#endif 847#endif
863 network->rates_len = min(info_element->len, MAX_RATES_LENGTH); 848 network->rates_len =
849 min(info_element->len, MAX_RATES_LENGTH);
864 for (i = 0; i < network->rates_len; i++) { 850 for (i = 0; i < network->rates_len; i++) {
865 network->rates[i] = info_element->data[i]; 851 network->rates[i] = info_element->data[i];
866#ifdef CONFIG_IEEE80211_DEBUG 852#ifdef CONFIG_IEEE80211_DEBUG
867 p += snprintf(p, sizeof(rates_str) - (p - rates_str), "%02X ", network->rates[i]); 853 p += snprintf(p,
854 sizeof(rates_str) - (p -
855 rates_str),
856 "%02X ", network->rates[i]);
868#endif 857#endif
869 if (ieee80211_is_ofdm_rate(info_element->data[i])) { 858 if (ieee80211_is_ofdm_rate
859 (info_element->data[i])) {
870 network->flags |= NETWORK_HAS_OFDM; 860 network->flags |= NETWORK_HAS_OFDM;
871 if (info_element->data[i] & 861 if (info_element->data[i] &
872 IEEE80211_BASIC_RATE_MASK) 862 IEEE80211_BASIC_RATE_MASK)
873 network->flags &= 863 network->flags &=
874 ~NETWORK_HAS_CCK; 864 ~NETWORK_HAS_CCK;
875 } 865 }
876 } 866 }
877 867
@@ -883,18 +873,23 @@ static inline int ieee80211_network_init(
883#ifdef CONFIG_IEEE80211_DEBUG 873#ifdef CONFIG_IEEE80211_DEBUG
884 p = rates_str; 874 p = rates_str;
885#endif 875#endif
886 network->rates_ex_len = min(info_element->len, MAX_RATES_EX_LENGTH); 876 network->rates_ex_len =
877 min(info_element->len, MAX_RATES_EX_LENGTH);
887 for (i = 0; i < network->rates_ex_len; i++) { 878 for (i = 0; i < network->rates_ex_len; i++) {
888 network->rates_ex[i] = info_element->data[i]; 879 network->rates_ex[i] = info_element->data[i];
889#ifdef CONFIG_IEEE80211_DEBUG 880#ifdef CONFIG_IEEE80211_DEBUG
890 p += snprintf(p, sizeof(rates_str) - (p - rates_str), "%02X ", network->rates[i]); 881 p += snprintf(p,
882 sizeof(rates_str) - (p -
883 rates_str),
884 "%02X ", network->rates[i]);
891#endif 885#endif
892 if (ieee80211_is_ofdm_rate(info_element->data[i])) { 886 if (ieee80211_is_ofdm_rate
887 (info_element->data[i])) {
893 network->flags |= NETWORK_HAS_OFDM; 888 network->flags |= NETWORK_HAS_OFDM;
894 if (info_element->data[i] & 889 if (info_element->data[i] &
895 IEEE80211_BASIC_RATE_MASK) 890 IEEE80211_BASIC_RATE_MASK)
896 network->flags &= 891 network->flags &=
897 ~NETWORK_HAS_CCK; 892 ~NETWORK_HAS_CCK;
898 } 893 }
899 } 894 }
900 895
@@ -903,14 +898,14 @@ static inline int ieee80211_network_init(
903 break; 898 break;
904 899
905 case MFIE_TYPE_DS_SET: 900 case MFIE_TYPE_DS_SET:
906 IEEE80211_DEBUG_SCAN("MFIE_TYPE_DS_SET: %d\n", 901 IEEE80211_DEBUG_SCAN("MFIE_TYPE_DS_SET: %d\n",
907 info_element->data[0]); 902 info_element->data[0]);
908 if (stats->freq == IEEE80211_24GHZ_BAND) 903 if (stats->freq == IEEE80211_24GHZ_BAND)
909 network->channel = info_element->data[0]; 904 network->channel = info_element->data[0];
910 break; 905 break;
911 906
912 case MFIE_TYPE_FH_SET: 907 case MFIE_TYPE_FH_SET:
913 IEEE80211_DEBUG_SCAN("MFIE_TYPE_FH_SET: ignored\n"); 908 IEEE80211_DEBUG_SCAN("MFIE_TYPE_FH_SET: ignored\n");
914 break; 909 break;
915 910
916 case MFIE_TYPE_CF_SET: 911 case MFIE_TYPE_CF_SET:
@@ -932,13 +927,13 @@ static inline int ieee80211_network_init(
932 case MFIE_TYPE_GENERIC: 927 case MFIE_TYPE_GENERIC:
933 IEEE80211_DEBUG_SCAN("MFIE_TYPE_GENERIC: %d bytes\n", 928 IEEE80211_DEBUG_SCAN("MFIE_TYPE_GENERIC: %d bytes\n",
934 info_element->len); 929 info_element->len);
935 if (info_element->len >= 4 && 930 if (info_element->len >= 4 &&
936 info_element->data[0] == 0x00 && 931 info_element->data[0] == 0x00 &&
937 info_element->data[1] == 0x50 && 932 info_element->data[1] == 0x50 &&
938 info_element->data[2] == 0xf2 && 933 info_element->data[2] == 0xf2 &&
939 info_element->data[3] == 0x01) { 934 info_element->data[3] == 0x01) {
940 network->wpa_ie_len = min(info_element->len + 2, 935 network->wpa_ie_len = min(info_element->len + 2,
941 MAX_WPA_IE_LEN); 936 MAX_WPA_IE_LEN);
942 memcpy(network->wpa_ie, info_element, 937 memcpy(network->wpa_ie, info_element,
943 network->wpa_ie_len); 938 network->wpa_ie_len);
944 } 939 }
@@ -948,7 +943,7 @@ static inline int ieee80211_network_init(
948 IEEE80211_DEBUG_SCAN("MFIE_TYPE_RSN: %d bytes\n", 943 IEEE80211_DEBUG_SCAN("MFIE_TYPE_RSN: %d bytes\n",
949 info_element->len); 944 info_element->len);
950 network->rsn_ie_len = min(info_element->len + 2, 945 network->rsn_ie_len = min(info_element->len + 2,
951 MAX_WPA_IE_LEN); 946 MAX_WPA_IE_LEN);
952 memcpy(network->rsn_ie, info_element, 947 memcpy(network->rsn_ie, info_element,
953 network->rsn_ie_len); 948 network->rsn_ie_len);
954 break; 949 break;
@@ -956,14 +951,14 @@ static inline int ieee80211_network_init(
956 default: 951 default:
957 IEEE80211_DEBUG_SCAN("unsupported IE %d\n", 952 IEEE80211_DEBUG_SCAN("unsupported IE %d\n",
958 info_element->id); 953 info_element->id);
959 break; 954 break;
960 } 955 }
961 956
962 left -= sizeof(struct ieee80211_info_element_hdr) + 957 left -= sizeof(struct ieee80211_info_element_hdr) +
963 info_element->len; 958 info_element->len;
964 info_element = (struct ieee80211_info_element *) 959 info_element = (struct ieee80211_info_element *)
965 &info_element->data[info_element->len]; 960 &info_element->data[info_element->len];
966 } 961 }
967 962
968 network->mode = 0; 963 network->mode = 0;
969 if (stats->freq == IEEE80211_52GHZ_BAND) 964 if (stats->freq == IEEE80211_52GHZ_BAND)
@@ -1032,10 +1027,13 @@ static inline void update_network(struct ieee80211_network *dst,
1032 /* dst->last_associate is not overwritten */ 1027 /* dst->last_associate is not overwritten */
1033} 1028}
1034 1029
1035static inline void ieee80211_process_probe_response( 1030static inline void ieee80211_process_probe_response(struct ieee80211_device
1036 struct ieee80211_device *ieee, 1031 *ieee,
1037 struct ieee80211_probe_response *beacon, 1032 struct
1038 struct ieee80211_rx_stats *stats) 1033 ieee80211_probe_response
1034 *beacon,
1035 struct ieee80211_rx_stats
1036 *stats)
1039{ 1037{
1040 struct ieee80211_network network; 1038 struct ieee80211_network network;
1041 struct ieee80211_network *target; 1039 struct ieee80211_network *target;
@@ -1045,33 +1043,35 @@ static inline void ieee80211_process_probe_response(
1045#endif 1043#endif
1046 unsigned long flags; 1044 unsigned long flags;
1047 1045
1048 IEEE80211_DEBUG_SCAN( 1046 IEEE80211_DEBUG_SCAN("'%s' (" MAC_FMT
1049 "'%s' (" MAC_FMT "): %c%c%c%c %c%c%c%c-%c%c%c%c %c%c%c%c\n", 1047 "): %c%c%c%c %c%c%c%c-%c%c%c%c %c%c%c%c\n",
1050 escape_essid(info_element->data, info_element->len), 1048 escape_essid(info_element->data,
1051 MAC_ARG(beacon->header.addr3), 1049 info_element->len),
1052 (beacon->capability & (1<<0xf)) ? '1' : '0', 1050 MAC_ARG(beacon->header.addr3),
1053 (beacon->capability & (1<<0xe)) ? '1' : '0', 1051 (beacon->capability & (1 << 0xf)) ? '1' : '0',
1054 (beacon->capability & (1<<0xd)) ? '1' : '0', 1052 (beacon->capability & (1 << 0xe)) ? '1' : '0',
1055 (beacon->capability & (1<<0xc)) ? '1' : '0', 1053 (beacon->capability & (1 << 0xd)) ? '1' : '0',
1056 (beacon->capability & (1<<0xb)) ? '1' : '0', 1054 (beacon->capability & (1 << 0xc)) ? '1' : '0',
1057 (beacon->capability & (1<<0xa)) ? '1' : '0', 1055 (beacon->capability & (1 << 0xb)) ? '1' : '0',
1058 (beacon->capability & (1<<0x9)) ? '1' : '0', 1056 (beacon->capability & (1 << 0xa)) ? '1' : '0',
1059 (beacon->capability & (1<<0x8)) ? '1' : '0', 1057 (beacon->capability & (1 << 0x9)) ? '1' : '0',
1060 (beacon->capability & (1<<0x7)) ? '1' : '0', 1058 (beacon->capability & (1 << 0x8)) ? '1' : '0',
1061 (beacon->capability & (1<<0x6)) ? '1' : '0', 1059 (beacon->capability & (1 << 0x7)) ? '1' : '0',
1062 (beacon->capability & (1<<0x5)) ? '1' : '0', 1060 (beacon->capability & (1 << 0x6)) ? '1' : '0',
1063 (beacon->capability & (1<<0x4)) ? '1' : '0', 1061 (beacon->capability & (1 << 0x5)) ? '1' : '0',
1064 (beacon->capability & (1<<0x3)) ? '1' : '0', 1062 (beacon->capability & (1 << 0x4)) ? '1' : '0',
1065 (beacon->capability & (1<<0x2)) ? '1' : '0', 1063 (beacon->capability & (1 << 0x3)) ? '1' : '0',
1066 (beacon->capability & (1<<0x1)) ? '1' : '0', 1064 (beacon->capability & (1 << 0x2)) ? '1' : '0',
1067 (beacon->capability & (1<<0x0)) ? '1' : '0'); 1065 (beacon->capability & (1 << 0x1)) ? '1' : '0',
1066 (beacon->capability & (1 << 0x0)) ? '1' : '0');
1068 1067
1069 if (ieee80211_network_init(ieee, beacon, &network, stats)) { 1068 if (ieee80211_network_init(ieee, beacon, &network, stats)) {
1070 IEEE80211_DEBUG_SCAN("Dropped '%s' (" MAC_FMT ") via %s.\n", 1069 IEEE80211_DEBUG_SCAN("Dropped '%s' (" MAC_FMT ") via %s.\n",
1071 escape_essid(info_element->data, 1070 escape_essid(info_element->data,
1072 info_element->len), 1071 info_element->len),
1073 MAC_ARG(beacon->header.addr3), 1072 MAC_ARG(beacon->header.addr3),
1074 WLAN_FC_GET_STYPE(beacon->header.frame_ctl) == 1073 WLAN_FC_GET_STYPE(beacon->header.
1074 frame_ctl) ==
1075 IEEE80211_STYPE_PROBE_RESP ? 1075 IEEE80211_STYPE_PROBE_RESP ?
1076 "PROBE RESPONSE" : "BEACON"); 1076 "PROBE RESPONSE" : "BEACON");
1077 return; 1077 return;
@@ -1117,13 +1117,13 @@ static inline void ieee80211_process_probe_response(
1117 list_del(ieee->network_free_list.next); 1117 list_del(ieee->network_free_list.next);
1118 } 1118 }
1119 1119
1120
1121#ifdef CONFIG_IEEE80211_DEBUG 1120#ifdef CONFIG_IEEE80211_DEBUG
1122 IEEE80211_DEBUG_SCAN("Adding '%s' (" MAC_FMT ") via %s.\n", 1121 IEEE80211_DEBUG_SCAN("Adding '%s' (" MAC_FMT ") via %s.\n",
1123 escape_essid(network.ssid, 1122 escape_essid(network.ssid,
1124 network.ssid_len), 1123 network.ssid_len),
1125 MAC_ARG(network.bssid), 1124 MAC_ARG(network.bssid),
1126 WLAN_FC_GET_STYPE(beacon->header.frame_ctl) == 1125 WLAN_FC_GET_STYPE(beacon->header.
1126 frame_ctl) ==
1127 IEEE80211_STYPE_PROBE_RESP ? 1127 IEEE80211_STYPE_PROBE_RESP ?
1128 "PROBE RESPONSE" : "BEACON"); 1128 "PROBE RESPONSE" : "BEACON");
1129#endif 1129#endif
@@ -1134,7 +1134,8 @@ static inline void ieee80211_process_probe_response(
1134 escape_essid(target->ssid, 1134 escape_essid(target->ssid,
1135 target->ssid_len), 1135 target->ssid_len),
1136 MAC_ARG(target->bssid), 1136 MAC_ARG(target->bssid),
1137 WLAN_FC_GET_STYPE(beacon->header.frame_ctl) == 1137 WLAN_FC_GET_STYPE(beacon->header.
1138 frame_ctl) ==
1138 IEEE80211_STYPE_PROBE_RESP ? 1139 IEEE80211_STYPE_PROBE_RESP ?
1139 "PROBE RESPONSE" : "BEACON"); 1140 "PROBE RESPONSE" : "BEACON");
1140 update_network(target, &network); 1141 update_network(target, &network);
@@ -1162,16 +1163,20 @@ void ieee80211_rx_mgt(struct ieee80211_device *ieee,
1162 IEEE80211_DEBUG_MGMT("received PROBE RESPONSE (%d)\n", 1163 IEEE80211_DEBUG_MGMT("received PROBE RESPONSE (%d)\n",
1163 WLAN_FC_GET_STYPE(header->frame_ctl)); 1164 WLAN_FC_GET_STYPE(header->frame_ctl));
1164 IEEE80211_DEBUG_SCAN("Probe response\n"); 1165 IEEE80211_DEBUG_SCAN("Probe response\n");
1165 ieee80211_process_probe_response( 1166 ieee80211_process_probe_response(ieee,
1166 ieee, (struct ieee80211_probe_response *)header, stats); 1167 (struct
1168 ieee80211_probe_response *)
1169 header, stats);
1167 break; 1170 break;
1168 1171
1169 case IEEE80211_STYPE_BEACON: 1172 case IEEE80211_STYPE_BEACON:
1170 IEEE80211_DEBUG_MGMT("received BEACON (%d)\n", 1173 IEEE80211_DEBUG_MGMT("received BEACON (%d)\n",
1171 WLAN_FC_GET_STYPE(header->frame_ctl)); 1174 WLAN_FC_GET_STYPE(header->frame_ctl));
1172 IEEE80211_DEBUG_SCAN("Beacon\n"); 1175 IEEE80211_DEBUG_SCAN("Beacon\n");
1173 ieee80211_process_probe_response( 1176 ieee80211_process_probe_response(ieee,
1174 ieee, (struct ieee80211_probe_response *)header, stats); 1177 (struct
1178 ieee80211_probe_response *)
1179 header, stats);
1175 break; 1180 break;
1176 1181
1177 default: 1182 default:
@@ -1184,6 +1189,5 @@ void ieee80211_rx_mgt(struct ieee80211_device *ieee,
1184 } 1189 }
1185} 1190}
1186 1191
1187
1188EXPORT_SYMBOL(ieee80211_rx_mgt); 1192EXPORT_SYMBOL(ieee80211_rx_mgt);
1189EXPORT_SYMBOL(ieee80211_rx); 1193EXPORT_SYMBOL(ieee80211_rx);
diff --git a/net/ieee80211/ieee80211_tx.c b/net/ieee80211/ieee80211_tx.c
index b7ea3e25e25d..c9aaff3fea1e 100644
--- a/net/ieee80211/ieee80211_tx.c
+++ b/net/ieee80211/ieee80211_tx.c
@@ -45,10 +45,8 @@
45 45
46#include <net/ieee80211.h> 46#include <net/ieee80211.h>
47 47
48
49/* 48/*
50 49
51
52802.11 Data Frame 50802.11 Data Frame
53 51
54 ,-------------------------------------------------------------------. 52 ,-------------------------------------------------------------------.
@@ -82,7 +80,6 @@ Desc. | IV | Encrypted | ICV |
82 `-----------------------' 80 `-----------------------'
83Total: 8 non-data bytes 81Total: 8 non-data bytes
84 82
85
86802.3 Ethernet Data Frame 83802.3 Ethernet Data Frame
87 84
88 ,-----------------------------------------. 85 ,-----------------------------------------.
@@ -131,7 +128,7 @@ payload of each frame is reduced to 492 bytes.
131static u8 P802_1H_OUI[P80211_OUI_LEN] = { 0x00, 0x00, 0xf8 }; 128static u8 P802_1H_OUI[P80211_OUI_LEN] = { 0x00, 0x00, 0xf8 };
132static u8 RFC1042_OUI[P80211_OUI_LEN] = { 0x00, 0x00, 0x00 }; 129static u8 RFC1042_OUI[P80211_OUI_LEN] = { 0x00, 0x00, 0x00 };
133 130
134static inline int ieee80211_put_snap(u8 *data, u16 h_proto) 131static inline int ieee80211_put_snap(u8 * data, u16 h_proto)
135{ 132{
136 struct ieee80211_snap_hdr *snap; 133 struct ieee80211_snap_hdr *snap;
137 u8 *oui; 134 u8 *oui;
@@ -149,17 +146,15 @@ static inline int ieee80211_put_snap(u8 *data, u16 h_proto)
149 snap->oui[1] = oui[1]; 146 snap->oui[1] = oui[1];
150 snap->oui[2] = oui[2]; 147 snap->oui[2] = oui[2];
151 148
152 *(u16 *)(data + SNAP_SIZE) = htons(h_proto); 149 *(u16 *) (data + SNAP_SIZE) = htons(h_proto);
153 150
154 return SNAP_SIZE + sizeof(u16); 151 return SNAP_SIZE + sizeof(u16);
155} 152}
156 153
157static inline int ieee80211_encrypt_fragment( 154static inline int ieee80211_encrypt_fragment(struct ieee80211_device *ieee,
158 struct ieee80211_device *ieee, 155 struct sk_buff *frag, int hdr_len)
159 struct sk_buff *frag,
160 int hdr_len)
161{ 156{
162 struct ieee80211_crypt_data* crypt = ieee->crypt[ieee->tx_keyidx]; 157 struct ieee80211_crypt_data *crypt = ieee->crypt[ieee->tx_keyidx];
163 int res; 158 int res;
164 159
165#ifdef CONFIG_IEEE80211_CRYPT_TKIP 160#ifdef CONFIG_IEEE80211_CRYPT_TKIP
@@ -167,7 +162,7 @@ static inline int ieee80211_encrypt_fragment(
167 162
168 if (ieee->tkip_countermeasures && 163 if (ieee->tkip_countermeasures &&
169 crypt && crypt->ops && strcmp(crypt->ops->name, "TKIP") == 0) { 164 crypt && crypt->ops && strcmp(crypt->ops->name, "TKIP") == 0) {
170 header = (struct ieee80211_hdr *) frag->data; 165 header = (struct ieee80211_hdr *)frag->data;
171 if (net_ratelimit()) { 166 if (net_ratelimit()) {
172 printk(KERN_DEBUG "%s: TKIP countermeasures: dropped " 167 printk(KERN_DEBUG "%s: TKIP countermeasures: dropped "
173 "TX packet to " MAC_FMT "\n", 168 "TX packet to " MAC_FMT "\n",
@@ -200,8 +195,8 @@ static inline int ieee80211_encrypt_fragment(
200 return 0; 195 return 0;
201} 196}
202 197
203 198void ieee80211_txb_free(struct ieee80211_txb *txb)
204void ieee80211_txb_free(struct ieee80211_txb *txb) { 199{
205 int i; 200 int i;
206 if (unlikely(!txb)) 201 if (unlikely(!txb))
207 return; 202 return;
@@ -216,9 +211,8 @@ static struct ieee80211_txb *ieee80211_alloc_txb(int nr_frags, int txb_size,
216{ 211{
217 struct ieee80211_txb *txb; 212 struct ieee80211_txb *txb;
218 int i; 213 int i;
219 txb = kmalloc( 214 txb = kmalloc(sizeof(struct ieee80211_txb) + (sizeof(u8 *) * nr_frags),
220 sizeof(struct ieee80211_txb) + (sizeof(u8*) * nr_frags), 215 gfp_mask);
221 gfp_mask);
222 if (!txb) 216 if (!txb)
223 return NULL; 217 return NULL;
224 218
@@ -243,8 +237,7 @@ static struct ieee80211_txb *ieee80211_alloc_txb(int nr_frags, int txb_size,
243} 237}
244 238
245/* SKBs are added to the ieee->tx_queue. */ 239/* SKBs are added to the ieee->tx_queue. */
246int ieee80211_xmit(struct sk_buff *skb, 240int ieee80211_xmit(struct sk_buff *skb, struct net_device *dev)
247 struct net_device *dev)
248{ 241{
249 struct ieee80211_device *ieee = netdev_priv(dev); 242 struct ieee80211_device *ieee = netdev_priv(dev);
250 struct ieee80211_txb *txb = NULL; 243 struct ieee80211_txb *txb = NULL;
@@ -255,21 +248,20 @@ int ieee80211_xmit(struct sk_buff *skb,
255 int ether_type, encrypt; 248 int ether_type, encrypt;
256 int bytes, fc, hdr_len; 249 int bytes, fc, hdr_len;
257 struct sk_buff *skb_frag; 250 struct sk_buff *skb_frag;
258 struct ieee80211_hdr header = { /* Ensure zero initialized */ 251 struct ieee80211_hdr header = { /* Ensure zero initialized */
259 .duration_id = 0, 252 .duration_id = 0,
260 .seq_ctl = 0 253 .seq_ctl = 0
261 }; 254 };
262 u8 dest[ETH_ALEN], src[ETH_ALEN]; 255 u8 dest[ETH_ALEN], src[ETH_ALEN];
263 256
264 struct ieee80211_crypt_data* crypt; 257 struct ieee80211_crypt_data *crypt;
265 258
266 spin_lock_irqsave(&ieee->lock, flags); 259 spin_lock_irqsave(&ieee->lock, flags);
267 260
268 /* If there is no driver handler to take the TXB, dont' bother 261 /* If there is no driver handler to take the TXB, dont' bother
269 * creating it... */ 262 * creating it... */
270 if (!ieee->hard_start_xmit) { 263 if (!ieee->hard_start_xmit) {
271 printk(KERN_WARNING "%s: No xmit handler.\n", 264 printk(KERN_WARNING "%s: No xmit handler.\n", ieee->dev->name);
272 ieee->dev->name);
273 goto success; 265 goto success;
274 } 266 }
275 267
@@ -284,7 +276,7 @@ int ieee80211_xmit(struct sk_buff *skb,
284 crypt = ieee->crypt[ieee->tx_keyidx]; 276 crypt = ieee->crypt[ieee->tx_keyidx];
285 277
286 encrypt = !(ether_type == ETH_P_PAE && ieee->ieee802_1x) && 278 encrypt = !(ether_type == ETH_P_PAE && ieee->ieee802_1x) &&
287 ieee->host_encrypt && crypt && crypt->ops; 279 ieee->host_encrypt && crypt && crypt->ops;
288 280
289 if (!encrypt && ieee->ieee802_1x && 281 if (!encrypt && ieee->ieee802_1x &&
290 ieee->drop_unencrypted && ether_type != ETH_P_PAE) { 282 ieee->drop_unencrypted && ether_type != ETH_P_PAE) {
@@ -294,7 +286,7 @@ int ieee80211_xmit(struct sk_buff *skb,
294 286
295 /* Save source and destination addresses */ 287 /* Save source and destination addresses */
296 memcpy(&dest, skb->data, ETH_ALEN); 288 memcpy(&dest, skb->data, ETH_ALEN);
297 memcpy(&src, skb->data+ETH_ALEN, ETH_ALEN); 289 memcpy(&src, skb->data + ETH_ALEN, ETH_ALEN);
298 290
299 /* Advance the SKB to the start of the payload */ 291 /* Advance the SKB to the start of the payload */
300 skb_pull(skb, sizeof(struct ethhdr)); 292 skb_pull(skb, sizeof(struct ethhdr));
@@ -304,7 +296,7 @@ int ieee80211_xmit(struct sk_buff *skb,
304 296
305 if (encrypt) 297 if (encrypt)
306 fc = IEEE80211_FTYPE_DATA | IEEE80211_STYPE_DATA | 298 fc = IEEE80211_FTYPE_DATA | IEEE80211_STYPE_DATA |
307 IEEE80211_FCTL_PROTECTED; 299 IEEE80211_FCTL_PROTECTED;
308 else 300 else
309 fc = IEEE80211_FTYPE_DATA | IEEE80211_STYPE_DATA; 301 fc = IEEE80211_FTYPE_DATA | IEEE80211_STYPE_DATA;
310 302
@@ -327,8 +319,7 @@ int ieee80211_xmit(struct sk_buff *skb,
327 319
328 /* Determine fragmentation size based on destination (multicast 320 /* Determine fragmentation size based on destination (multicast
329 * and broadcast are not fragmented) */ 321 * and broadcast are not fragmented) */
330 if (is_multicast_ether_addr(dest) || 322 if (is_multicast_ether_addr(dest) || is_broadcast_ether_addr(dest))
331 is_broadcast_ether_addr(dest))
332 frag_size = MAX_FRAG_THRESHOLD; 323 frag_size = MAX_FRAG_THRESHOLD;
333 else 324 else
334 frag_size = ieee->fts; 325 frag_size = ieee->fts;
@@ -345,7 +336,7 @@ int ieee80211_xmit(struct sk_buff *skb,
345 /* Each fragment may need to have room for encryptiong pre/postfix */ 336 /* Each fragment may need to have room for encryptiong pre/postfix */
346 if (encrypt) 337 if (encrypt)
347 bytes_per_frag -= crypt->ops->extra_prefix_len + 338 bytes_per_frag -= crypt->ops->extra_prefix_len +
348 crypt->ops->extra_postfix_len; 339 crypt->ops->extra_postfix_len;
349 340
350 /* Number of fragments is the total bytes_per_frag / 341 /* Number of fragments is the total bytes_per_frag /
351 * payload_per_fragment */ 342 * payload_per_fragment */
@@ -380,19 +371,19 @@ int ieee80211_xmit(struct sk_buff *skb,
380 /* If this is not the last fragment, then add the MOREFRAGS 371 /* If this is not the last fragment, then add the MOREFRAGS
381 * bit to the frame control */ 372 * bit to the frame control */
382 if (i != nr_frags - 1) { 373 if (i != nr_frags - 1) {
383 frag_hdr->frame_ctl = cpu_to_le16( 374 frag_hdr->frame_ctl =
384 fc | IEEE80211_FCTL_MOREFRAGS); 375 cpu_to_le16(fc | IEEE80211_FCTL_MOREFRAGS);
385 bytes = bytes_per_frag; 376 bytes = bytes_per_frag;
386 } else { 377 } else {
387 /* The last fragment takes the remaining length */ 378 /* The last fragment takes the remaining length */
388 bytes = bytes_last_frag; 379 bytes = bytes_last_frag;
389 } 380 }
390 381
391 /* Put a SNAP header on the first fragment */ 382 /* Put a SNAP header on the first fragment */
392 if (i == 0) { 383 if (i == 0) {
393 ieee80211_put_snap( 384 ieee80211_put_snap(skb_put
394 skb_put(skb_frag, SNAP_SIZE + sizeof(u16)), 385 (skb_frag, SNAP_SIZE + sizeof(u16)),
395 ether_type); 386 ether_type);
396 bytes -= SNAP_SIZE + sizeof(u16); 387 bytes -= SNAP_SIZE + sizeof(u16);
397 } 388 }
398 389
@@ -410,14 +401,13 @@ int ieee80211_xmit(struct sk_buff *skb,
410 skb_put(skb_frag, 4); 401 skb_put(skb_frag, 4);
411 } 402 }
412 403
413 404 success:
414 success:
415 spin_unlock_irqrestore(&ieee->lock, flags); 405 spin_unlock_irqrestore(&ieee->lock, flags);
416 406
417 dev_kfree_skb_any(skb); 407 dev_kfree_skb_any(skb);
418 408
419 if (txb) { 409 if (txb) {
420 if ((*ieee->hard_start_xmit)(txb, dev) == 0) { 410 if ((*ieee->hard_start_xmit) (txb, dev) == 0) {
421 stats->tx_packets++; 411 stats->tx_packets++;
422 stats->tx_bytes += txb->payload_size; 412 stats->tx_bytes += txb->payload_size;
423 return 0; 413 return 0;
@@ -427,7 +417,7 @@ int ieee80211_xmit(struct sk_buff *skb,
427 417
428 return 0; 418 return 0;
429 419
430 failed: 420 failed:
431 spin_unlock_irqrestore(&ieee->lock, flags); 421 spin_unlock_irqrestore(&ieee->lock, flags);
432 netif_stop_queue(dev); 422 netif_stop_queue(dev);
433 stats->tx_errors++; 423 stats->tx_errors++;
diff --git a/net/ieee80211/ieee80211_wx.c b/net/ieee80211/ieee80211_wx.c
index 2cd571c525a9..94882f39b072 100644
--- a/net/ieee80211/ieee80211_wx.c
+++ b/net/ieee80211/ieee80211_wx.c
@@ -29,19 +29,20 @@
29 Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497 29 Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497
30 30
31******************************************************************************/ 31******************************************************************************/
32#include <linux/wireless.h> 32
33#include <linux/version.h>
34#include <linux/kmod.h> 33#include <linux/kmod.h>
35#include <linux/module.h> 34#include <linux/module.h>
36 35
37#include <net/ieee80211.h> 36#include <net/ieee80211.h>
37#include <linux/wireless.h>
38
38static const char *ieee80211_modes[] = { 39static const char *ieee80211_modes[] = {
39 "?", "a", "b", "ab", "g", "ag", "bg", "abg" 40 "?", "a", "b", "ab", "g", "ag", "bg", "abg"
40}; 41};
41 42
42#define MAX_CUSTOM_LEN 64 43#define MAX_CUSTOM_LEN 64
43static inline char *ipw2100_translate_scan(struct ieee80211_device *ieee, 44static inline char *ipw2100_translate_scan(struct ieee80211_device *ieee,
44 char *start, char *stop, 45 char *start, char *stop,
45 struct ieee80211_network *network) 46 struct ieee80211_network *network)
46{ 47{
47 char custom[MAX_CUSTOM_LEN]; 48 char custom[MAX_CUSTOM_LEN];
@@ -65,29 +66,28 @@ static inline char *ipw2100_translate_scan(struct ieee80211_device *ieee,
65 iwe.u.data.length = sizeof("<hidden>"); 66 iwe.u.data.length = sizeof("<hidden>");
66 start = iwe_stream_add_point(start, stop, &iwe, "<hidden>"); 67 start = iwe_stream_add_point(start, stop, &iwe, "<hidden>");
67 } else { 68 } else {
68 iwe.u.data.length = min(network->ssid_len, (u8)32); 69 iwe.u.data.length = min(network->ssid_len, (u8) 32);
69 start = iwe_stream_add_point(start, stop, &iwe, network->ssid); 70 start = iwe_stream_add_point(start, stop, &iwe, network->ssid);
70 } 71 }
71 72
72 /* Add the protocol name */ 73 /* Add the protocol name */
73 iwe.cmd = SIOCGIWNAME; 74 iwe.cmd = SIOCGIWNAME;
74 snprintf(iwe.u.name, IFNAMSIZ, "IEEE 802.11%s", ieee80211_modes[network->mode]); 75 snprintf(iwe.u.name, IFNAMSIZ, "IEEE 802.11%s",
76 ieee80211_modes[network->mode]);
75 start = iwe_stream_add_event(start, stop, &iwe, IW_EV_CHAR_LEN); 77 start = iwe_stream_add_event(start, stop, &iwe, IW_EV_CHAR_LEN);
76 78
77 /* Add mode */ 79 /* Add mode */
78 iwe.cmd = SIOCGIWMODE; 80 iwe.cmd = SIOCGIWMODE;
79 if (network->capability & 81 if (network->capability & (WLAN_CAPABILITY_ESS | WLAN_CAPABILITY_IBSS)) {
80 (WLAN_CAPABILITY_ESS | WLAN_CAPABILITY_IBSS)) {
81 if (network->capability & WLAN_CAPABILITY_ESS) 82 if (network->capability & WLAN_CAPABILITY_ESS)
82 iwe.u.mode = IW_MODE_MASTER; 83 iwe.u.mode = IW_MODE_MASTER;
83 else 84 else
84 iwe.u.mode = IW_MODE_ADHOC; 85 iwe.u.mode = IW_MODE_ADHOC;
85 86
86 start = iwe_stream_add_event(start, stop, &iwe, 87 start = iwe_stream_add_event(start, stop, &iwe, IW_EV_UINT_LEN);
87 IW_EV_UINT_LEN);
88 } 88 }
89 89
90 /* Add frequency/channel */ 90 /* Add frequency/channel */
91 iwe.cmd = SIOCGIWFREQ; 91 iwe.cmd = SIOCGIWFREQ;
92/* iwe.u.freq.m = ieee80211_frequency(network->channel, network->mode); 92/* iwe.u.freq.m = ieee80211_frequency(network->channel, network->mode);
93 iwe.u.freq.e = 3; */ 93 iwe.u.freq.e = 3; */
@@ -109,7 +109,7 @@ static inline char *ipw2100_translate_scan(struct ieee80211_device *ieee,
109 max_rate = 0; 109 max_rate = 0;
110 p = custom; 110 p = custom;
111 p += snprintf(p, MAX_CUSTOM_LEN - (p - custom), " Rates (Mb/s): "); 111 p += snprintf(p, MAX_CUSTOM_LEN - (p - custom), " Rates (Mb/s): ");
112 for (i = 0, j = 0; i < network->rates_len; ) { 112 for (i = 0, j = 0; i < network->rates_len;) {
113 if (j < network->rates_ex_len && 113 if (j < network->rates_ex_len &&
114 ((network->rates_ex[j] & 0x7F) < 114 ((network->rates_ex[j] & 0x7F) <
115 (network->rates[i] & 0x7F))) 115 (network->rates[i] & 0x7F)))
@@ -132,8 +132,7 @@ static inline char *ipw2100_translate_scan(struct ieee80211_device *ieee,
132 iwe.cmd = SIOCGIWRATE; 132 iwe.cmd = SIOCGIWRATE;
133 iwe.u.bitrate.fixed = iwe.u.bitrate.disabled = 0; 133 iwe.u.bitrate.fixed = iwe.u.bitrate.disabled = 0;
134 iwe.u.bitrate.value = max_rate * 500000; 134 iwe.u.bitrate.value = max_rate * 500000;
135 start = iwe_stream_add_event(start, stop, &iwe, 135 start = iwe_stream_add_event(start, stop, &iwe, IW_EV_PARAM_LEN);
136 IW_EV_PARAM_LEN);
137 136
138 iwe.cmd = IWEVCUSTOM; 137 iwe.cmd = IWEVCUSTOM;
139 iwe.u.data.length = p - custom; 138 iwe.u.data.length = p - custom;
@@ -163,7 +162,7 @@ static inline char *ipw2100_translate_scan(struct ieee80211_device *ieee,
163 if (iwe.u.data.length) 162 if (iwe.u.data.length)
164 start = iwe_stream_add_point(start, stop, &iwe, custom); 163 start = iwe_stream_add_point(start, stop, &iwe, custom);
165 164
166 if (ieee->wpa_enabled && network->wpa_ie_len){ 165 if (ieee->wpa_enabled && network->wpa_ie_len) {
167 char buf[MAX_WPA_IE_LEN * 2 + 30]; 166 char buf[MAX_WPA_IE_LEN * 2 + 30];
168 167
169 u8 *p = buf; 168 u8 *p = buf;
@@ -178,7 +177,7 @@ static inline char *ipw2100_translate_scan(struct ieee80211_device *ieee,
178 start = iwe_stream_add_point(start, stop, &iwe, buf); 177 start = iwe_stream_add_point(start, stop, &iwe, buf);
179 } 178 }
180 179
181 if (ieee->wpa_enabled && network->rsn_ie_len){ 180 if (ieee->wpa_enabled && network->rsn_ie_len) {
182 char buf[MAX_WPA_IE_LEN * 2 + 30]; 181 char buf[MAX_WPA_IE_LEN * 2 + 30];
183 182
184 u8 *p = buf; 183 u8 *p = buf;
@@ -198,12 +197,12 @@ static inline char *ipw2100_translate_scan(struct ieee80211_device *ieee,
198 iwe.cmd = IWEVCUSTOM; 197 iwe.cmd = IWEVCUSTOM;
199 p = custom; 198 p = custom;
200 p += snprintf(p, MAX_CUSTOM_LEN - (p - custom), 199 p += snprintf(p, MAX_CUSTOM_LEN - (p - custom),
201 " Last beacon: %lums ago", (jiffies - network->last_scanned) / (HZ / 100)); 200 " Last beacon: %lums ago",
201 (jiffies - network->last_scanned) / (HZ / 100));
202 iwe.u.data.length = p - custom; 202 iwe.u.data.length = p - custom;
203 if (iwe.u.data.length) 203 if (iwe.u.data.length)
204 start = iwe_stream_add_point(start, stop, &iwe, custom); 204 start = iwe_stream_add_point(start, stop, &iwe, custom);
205 205
206
207 return start; 206 return start;
208} 207}
209 208
@@ -228,18 +227,19 @@ int ieee80211_wx_get_scan(struct ieee80211_device *ieee,
228 time_after(network->last_scanned + ieee->scan_age, jiffies)) 227 time_after(network->last_scanned + ieee->scan_age, jiffies))
229 ev = ipw2100_translate_scan(ieee, ev, stop, network); 228 ev = ipw2100_translate_scan(ieee, ev, stop, network);
230 else 229 else
231 IEEE80211_DEBUG_SCAN( 230 IEEE80211_DEBUG_SCAN("Not showing network '%s ("
232 "Not showing network '%s (" 231 MAC_FMT ")' due to age (%lums).\n",
233 MAC_FMT ")' due to age (%lums).\n", 232 escape_essid(network->ssid,
234 escape_essid(network->ssid, 233 network->ssid_len),
235 network->ssid_len), 234 MAC_ARG(network->bssid),
236 MAC_ARG(network->bssid), 235 (jiffies -
237 (jiffies - network->last_scanned) / (HZ / 100)); 236 network->last_scanned) / (HZ /
237 100));
238 } 238 }
239 239
240 spin_unlock_irqrestore(&ieee->lock, flags); 240 spin_unlock_irqrestore(&ieee->lock, flags);
241 241
242 wrqu->data.length = ev - extra; 242 wrqu->data.length = ev - extra;
243 wrqu->data.flags = 0; 243 wrqu->data.flags = 0;
244 244
245 IEEE80211_DEBUG_WX("exit: %d networks returned.\n", i); 245 IEEE80211_DEBUG_WX("exit: %d networks returned.\n", i);
@@ -291,8 +291,8 @@ int ieee80211_wx_set_encode(struct ieee80211_device *ieee,
291 if (ieee->crypt[i] != NULL) { 291 if (ieee->crypt[i] != NULL) {
292 if (key_provided) 292 if (key_provided)
293 break; 293 break;
294 ieee80211_crypt_delayed_deinit( 294 ieee80211_crypt_delayed_deinit(ieee,
295 ieee, &ieee->crypt[i]); 295 &ieee->crypt[i]);
296 } 296 }
297 } 297 }
298 298
@@ -305,8 +305,6 @@ int ieee80211_wx_set_encode(struct ieee80211_device *ieee,
305 goto done; 305 goto done;
306 } 306 }
307 307
308
309
310 sec.enabled = 1; 308 sec.enabled = 1;
311 sec.flags |= SEC_ENABLED; 309 sec.flags |= SEC_ENABLED;
312 310
@@ -340,8 +338,7 @@ int ieee80211_wx_set_encode(struct ieee80211_device *ieee,
340 new_crypt = NULL; 338 new_crypt = NULL;
341 339
342 printk(KERN_WARNING "%s: could not initialize WEP: " 340 printk(KERN_WARNING "%s: could not initialize WEP: "
343 "load module ieee80211_crypt_wep\n", 341 "load module ieee80211_crypt_wep\n", dev->name);
344 dev->name);
345 return -EOPNOTSUPP; 342 return -EOPNOTSUPP;
346 } 343 }
347 *crypt = new_crypt; 344 *crypt = new_crypt;
@@ -358,7 +355,7 @@ int ieee80211_wx_set_encode(struct ieee80211_device *ieee,
358 key, escape_essid(sec.keys[key], len), 355 key, escape_essid(sec.keys[key], len),
359 erq->length, len); 356 erq->length, len);
360 sec.key_sizes[key] = len; 357 sec.key_sizes[key] = len;
361 (*crypt)->ops->set_key(sec.keys[key], len, NULL, 358 (*crypt)->ops->set_key(sec.keys[key], len, NULL,
362 (*crypt)->priv); 359 (*crypt)->priv);
363 sec.flags |= (1 << key); 360 sec.flags |= (1 << key);
364 /* This ensures a key will be activated if no key is 361 /* This ensures a key will be activated if no key is
@@ -381,15 +378,15 @@ int ieee80211_wx_set_encode(struct ieee80211_device *ieee,
381 378
382 /* No key data - just set the default TX key index */ 379 /* No key data - just set the default TX key index */
383 if (key_provided) { 380 if (key_provided) {
384 IEEE80211_DEBUG_WX( 381 IEEE80211_DEBUG_WX
385 "Setting key %d to default Tx key.\n", key); 382 ("Setting key %d to default Tx key.\n", key);
386 ieee->tx_keyidx = key; 383 ieee->tx_keyidx = key;
387 sec.active_key = key; 384 sec.active_key = key;
388 sec.flags |= SEC_ACTIVE_KEY; 385 sec.flags |= SEC_ACTIVE_KEY;
389 } 386 }
390 } 387 }
391 388
392 done: 389 done:
393 ieee->open_wep = !(erq->flags & IW_ENCODE_RESTRICTED); 390 ieee->open_wep = !(erq->flags & IW_ENCODE_RESTRICTED);
394 sec.auth_mode = ieee->open_wep ? WLAN_AUTH_OPEN : WLAN_AUTH_SHARED_KEY; 391 sec.auth_mode = ieee->open_wep ? WLAN_AUTH_OPEN : WLAN_AUTH_SHARED_KEY;
395 sec.flags |= SEC_AUTH_MODE; 392 sec.flags |= SEC_AUTH_MODE;
@@ -399,7 +396,7 @@ int ieee80211_wx_set_encode(struct ieee80211_device *ieee,
399 /* For now we just support WEP, so only set that security level... 396 /* For now we just support WEP, so only set that security level...
400 * TODO: When WPA is added this is one place that needs to change */ 397 * TODO: When WPA is added this is one place that needs to change */
401 sec.flags |= SEC_LEVEL; 398 sec.flags |= SEC_LEVEL;
402 sec.level = SEC_LEVEL_1; /* 40 and 104 bit WEP */ 399 sec.level = SEC_LEVEL_1; /* 40 and 104 bit WEP */
403 400
404 if (ieee->set_security) 401 if (ieee->set_security)
405 ieee->set_security(dev, &sec); 402 ieee->set_security(dev, &sec);
diff --git a/net/ipv4/ip_fragment.c b/net/ipv4/ip_fragment.c
index 9e6e683cc34d..e7d26d9943c2 100644
--- a/net/ipv4/ip_fragment.c
+++ b/net/ipv4/ip_fragment.c
@@ -457,7 +457,7 @@ static void ip_frag_queue(struct ipq *qp, struct sk_buff *skb)
457 457
458 if (pskb_pull(skb, ihl) == NULL) 458 if (pskb_pull(skb, ihl) == NULL)
459 goto err; 459 goto err;
460 if (pskb_trim(skb, end-offset)) 460 if (pskb_trim_rcsum(skb, end-offset))
461 goto err; 461 goto err;
462 462
463 /* Find out which fragments are in front and at the back of us 463 /* Find out which fragments are in front and at the back of us
diff --git a/net/ipv4/netfilter/Kconfig b/net/ipv4/netfilter/Kconfig
index e046f5521814..30aa8e2ee214 100644
--- a/net/ipv4/netfilter/Kconfig
+++ b/net/ipv4/netfilter/Kconfig
@@ -34,6 +34,7 @@ config IP_NF_CT_ACCT
34 34
35config IP_NF_CONNTRACK_MARK 35config IP_NF_CONNTRACK_MARK
36 bool 'Connection mark tracking support' 36 bool 'Connection mark tracking support'
37 depends on IP_NF_CONNTRACK
37 help 38 help
38 This option enables support for connection marks, used by the 39 This option enables support for connection marks, used by the
39 `CONNMARK' target and `connmark' match. Similar to the mark value 40 `CONNMARK' target and `connmark' match. Similar to the mark value
@@ -85,6 +86,25 @@ config IP_NF_IRC
85 86
86 To compile it as a module, choose M here. If unsure, say Y. 87 To compile it as a module, choose M here. If unsure, say Y.
87 88
89config IP_NF_NETBIOS_NS
90 tristate "NetBIOS name service protocol support (EXPERIMENTAL)"
91 depends on IP_NF_CONNTRACK && EXPERIMENTAL
92 help
93 NetBIOS name service requests are sent as broadcast messages from an
94 unprivileged port and responded to with unicast messages to the
95 same port. This make them hard to firewall properly because connection
96 tracking doesn't deal with broadcasts. This helper tracks locally
97 originating NetBIOS name service requests and the corresponding
98 responses. It relies on correct IP address configuration, specifically
99 netmask and broadcast address. When properly configured, the output
100 of "ip address show" should look similar to this:
101
102 $ ip -4 address show eth0
103 4: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
104 inet 172.16.2.252/24 brd 172.16.2.255 scope global eth0
105
106 To compile it as a module, choose M here. If unsure, say N.
107
88config IP_NF_TFTP 108config IP_NF_TFTP
89 tristate "TFTP protocol support" 109 tristate "TFTP protocol support"
90 depends on IP_NF_CONNTRACK 110 depends on IP_NF_CONNTRACK
diff --git a/net/ipv4/netfilter/Makefile b/net/ipv4/netfilter/Makefile
index a7bd38f50522..1ba0db746817 100644
--- a/net/ipv4/netfilter/Makefile
+++ b/net/ipv4/netfilter/Makefile
@@ -21,6 +21,7 @@ obj-$(CONFIG_IP_NF_AMANDA) += ip_conntrack_amanda.o
21obj-$(CONFIG_IP_NF_TFTP) += ip_conntrack_tftp.o 21obj-$(CONFIG_IP_NF_TFTP) += ip_conntrack_tftp.o
22obj-$(CONFIG_IP_NF_FTP) += ip_conntrack_ftp.o 22obj-$(CONFIG_IP_NF_FTP) += ip_conntrack_ftp.o
23obj-$(CONFIG_IP_NF_IRC) += ip_conntrack_irc.o 23obj-$(CONFIG_IP_NF_IRC) += ip_conntrack_irc.o
24obj-$(CONFIG_IP_NF_NETBIOS_NS) += ip_conntrack_netbios_ns.o
24 25
25# NAT helpers 26# NAT helpers
26obj-$(CONFIG_IP_NF_NAT_AMANDA) += ip_nat_amanda.o 27obj-$(CONFIG_IP_NF_NAT_AMANDA) += ip_nat_amanda.o
diff --git a/net/ipv4/netfilter/ip_conntrack_amanda.c b/net/ipv4/netfilter/ip_conntrack_amanda.c
index be4c9eb3243f..dc20881004bc 100644
--- a/net/ipv4/netfilter/ip_conntrack_amanda.c
+++ b/net/ipv4/netfilter/ip_conntrack_amanda.c
@@ -108,6 +108,7 @@ static int help(struct sk_buff **pskb,
108 } 108 }
109 109
110 exp->expectfn = NULL; 110 exp->expectfn = NULL;
111 exp->flags = 0;
111 112
112 exp->tuple.src.ip = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.ip; 113 exp->tuple.src.ip = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.ip;
113 exp->tuple.src.u.tcp.port = 0; 114 exp->tuple.src.u.tcp.port = 0;
diff --git a/net/ipv4/netfilter/ip_conntrack_core.c b/net/ipv4/netfilter/ip_conntrack_core.c
index a0648600190e..19cba16e6e1e 100644
--- a/net/ipv4/netfilter/ip_conntrack_core.c
+++ b/net/ipv4/netfilter/ip_conntrack_core.c
@@ -197,7 +197,7 @@ ip_ct_invert_tuple(struct ip_conntrack_tuple *inverse,
197 197
198 198
199/* ip_conntrack_expect helper functions */ 199/* ip_conntrack_expect helper functions */
200static void unlink_expect(struct ip_conntrack_expect *exp) 200void ip_ct_unlink_expect(struct ip_conntrack_expect *exp)
201{ 201{
202 ASSERT_WRITE_LOCK(&ip_conntrack_lock); 202 ASSERT_WRITE_LOCK(&ip_conntrack_lock);
203 IP_NF_ASSERT(!timer_pending(&exp->timeout)); 203 IP_NF_ASSERT(!timer_pending(&exp->timeout));
@@ -207,18 +207,12 @@ static void unlink_expect(struct ip_conntrack_expect *exp)
207 ip_conntrack_expect_put(exp); 207 ip_conntrack_expect_put(exp);
208} 208}
209 209
210void __ip_ct_expect_unlink_destroy(struct ip_conntrack_expect *exp)
211{
212 unlink_expect(exp);
213 ip_conntrack_expect_put(exp);
214}
215
216static void expectation_timed_out(unsigned long ul_expect) 210static void expectation_timed_out(unsigned long ul_expect)
217{ 211{
218 struct ip_conntrack_expect *exp = (void *)ul_expect; 212 struct ip_conntrack_expect *exp = (void *)ul_expect;
219 213
220 write_lock_bh(&ip_conntrack_lock); 214 write_lock_bh(&ip_conntrack_lock);
221 unlink_expect(exp); 215 ip_ct_unlink_expect(exp);
222 write_unlock_bh(&ip_conntrack_lock); 216 write_unlock_bh(&ip_conntrack_lock);
223 ip_conntrack_expect_put(exp); 217 ip_conntrack_expect_put(exp);
224} 218}
@@ -264,10 +258,14 @@ find_expectation(const struct ip_conntrack_tuple *tuple)
264 master ct never got confirmed, we'd hold a reference to it 258 master ct never got confirmed, we'd hold a reference to it
265 and weird things would happen to future packets). */ 259 and weird things would happen to future packets). */
266 if (ip_ct_tuple_mask_cmp(tuple, &i->tuple, &i->mask) 260 if (ip_ct_tuple_mask_cmp(tuple, &i->tuple, &i->mask)
267 && is_confirmed(i->master) 261 && is_confirmed(i->master)) {
268 && del_timer(&i->timeout)) { 262 if (i->flags & IP_CT_EXPECT_PERMANENT) {
269 unlink_expect(i); 263 atomic_inc(&i->use);
270 return i; 264 return i;
265 } else if (del_timer(&i->timeout)) {
266 ip_ct_unlink_expect(i);
267 return i;
268 }
271 } 269 }
272 } 270 }
273 return NULL; 271 return NULL;
@@ -284,7 +282,7 @@ void ip_ct_remove_expectations(struct ip_conntrack *ct)
284 282
285 list_for_each_entry_safe(i, tmp, &ip_conntrack_expect_list, list) { 283 list_for_each_entry_safe(i, tmp, &ip_conntrack_expect_list, list) {
286 if (i->master == ct && del_timer(&i->timeout)) { 284 if (i->master == ct && del_timer(&i->timeout)) {
287 unlink_expect(i); 285 ip_ct_unlink_expect(i);
288 ip_conntrack_expect_put(i); 286 ip_conntrack_expect_put(i);
289 } 287 }
290 } 288 }
@@ -925,7 +923,7 @@ void ip_conntrack_unexpect_related(struct ip_conntrack_expect *exp)
925 /* choose the the oldest expectation to evict */ 923 /* choose the the oldest expectation to evict */
926 list_for_each_entry_reverse(i, &ip_conntrack_expect_list, list) { 924 list_for_each_entry_reverse(i, &ip_conntrack_expect_list, list) {
927 if (expect_matches(i, exp) && del_timer(&i->timeout)) { 925 if (expect_matches(i, exp) && del_timer(&i->timeout)) {
928 unlink_expect(i); 926 ip_ct_unlink_expect(i);
929 write_unlock_bh(&ip_conntrack_lock); 927 write_unlock_bh(&ip_conntrack_lock);
930 ip_conntrack_expect_put(i); 928 ip_conntrack_expect_put(i);
931 return; 929 return;
@@ -934,6 +932,9 @@ void ip_conntrack_unexpect_related(struct ip_conntrack_expect *exp)
934 write_unlock_bh(&ip_conntrack_lock); 932 write_unlock_bh(&ip_conntrack_lock);
935} 933}
936 934
935/* We don't increase the master conntrack refcount for non-fulfilled
936 * conntracks. During the conntrack destruction, the expectations are
937 * always killed before the conntrack itself */
937struct ip_conntrack_expect *ip_conntrack_expect_alloc(struct ip_conntrack *me) 938struct ip_conntrack_expect *ip_conntrack_expect_alloc(struct ip_conntrack *me)
938{ 939{
939 struct ip_conntrack_expect *new; 940 struct ip_conntrack_expect *new;
@@ -944,17 +945,14 @@ struct ip_conntrack_expect *ip_conntrack_expect_alloc(struct ip_conntrack *me)
944 return NULL; 945 return NULL;
945 } 946 }
946 new->master = me; 947 new->master = me;
947 atomic_inc(&new->master->ct_general.use);
948 atomic_set(&new->use, 1); 948 atomic_set(&new->use, 1);
949 return new; 949 return new;
950} 950}
951 951
952void ip_conntrack_expect_put(struct ip_conntrack_expect *exp) 952void ip_conntrack_expect_put(struct ip_conntrack_expect *exp)
953{ 953{
954 if (atomic_dec_and_test(&exp->use)) { 954 if (atomic_dec_and_test(&exp->use))
955 ip_conntrack_put(exp->master);
956 kmem_cache_free(ip_conntrack_expect_cachep, exp); 955 kmem_cache_free(ip_conntrack_expect_cachep, exp);
957 }
958} 956}
959 957
960static void ip_conntrack_expect_insert(struct ip_conntrack_expect *exp) 958static void ip_conntrack_expect_insert(struct ip_conntrack_expect *exp)
@@ -982,7 +980,7 @@ static void evict_oldest_expect(struct ip_conntrack *master)
982 list_for_each_entry_reverse(i, &ip_conntrack_expect_list, list) { 980 list_for_each_entry_reverse(i, &ip_conntrack_expect_list, list) {
983 if (i->master == master) { 981 if (i->master == master) {
984 if (del_timer(&i->timeout)) { 982 if (del_timer(&i->timeout)) {
985 unlink_expect(i); 983 ip_ct_unlink_expect(i);
986 ip_conntrack_expect_put(i); 984 ip_conntrack_expect_put(i);
987 } 985 }
988 break; 986 break;
@@ -1099,7 +1097,7 @@ void ip_conntrack_helper_unregister(struct ip_conntrack_helper *me)
1099 /* Get rid of expectations */ 1097 /* Get rid of expectations */
1100 list_for_each_entry_safe(exp, tmp, &ip_conntrack_expect_list, list) { 1098 list_for_each_entry_safe(exp, tmp, &ip_conntrack_expect_list, list) {
1101 if (exp->master->helper == me && del_timer(&exp->timeout)) { 1099 if (exp->master->helper == me && del_timer(&exp->timeout)) {
1102 unlink_expect(exp); 1100 ip_ct_unlink_expect(exp);
1103 ip_conntrack_expect_put(exp); 1101 ip_conntrack_expect_put(exp);
1104 } 1102 }
1105 } 1103 }
diff --git a/net/ipv4/netfilter/ip_conntrack_ftp.c b/net/ipv4/netfilter/ip_conntrack_ftp.c
index 3a2627db1729..1b79ec36085f 100644
--- a/net/ipv4/netfilter/ip_conntrack_ftp.c
+++ b/net/ipv4/netfilter/ip_conntrack_ftp.c
@@ -421,6 +421,7 @@ static int help(struct sk_buff **pskb,
421 { 0xFFFFFFFF, { .tcp = { 0xFFFF } }, 0xFF }}); 421 { 0xFFFFFFFF, { .tcp = { 0xFFFF } }, 0xFF }});
422 422
423 exp->expectfn = NULL; 423 exp->expectfn = NULL;
424 exp->flags = 0;
424 425
425 /* Now, NAT might want to mangle the packet, and register the 426 /* Now, NAT might want to mangle the packet, and register the
426 * (possibly changed) expectation itself. */ 427 * (possibly changed) expectation itself. */
diff --git a/net/ipv4/netfilter/ip_conntrack_irc.c b/net/ipv4/netfilter/ip_conntrack_irc.c
index 25438eec21a1..d7a8a98c05e1 100644
--- a/net/ipv4/netfilter/ip_conntrack_irc.c
+++ b/net/ipv4/netfilter/ip_conntrack_irc.c
@@ -221,6 +221,7 @@ static int help(struct sk_buff **pskb,
221 { { 0, { 0 } }, 221 { { 0, { 0 } },
222 { 0xFFFFFFFF, { .tcp = { 0xFFFF } }, 0xFF }}); 222 { 0xFFFFFFFF, { .tcp = { 0xFFFF } }, 0xFF }});
223 exp->expectfn = NULL; 223 exp->expectfn = NULL;
224 exp->flags = 0;
224 if (ip_nat_irc_hook) 225 if (ip_nat_irc_hook)
225 ret = ip_nat_irc_hook(pskb, ctinfo, 226 ret = ip_nat_irc_hook(pskb, ctinfo,
226 addr_beg_p - ib_ptr, 227 addr_beg_p - ib_ptr,
diff --git a/net/ipv4/netfilter/ip_conntrack_netbios_ns.c b/net/ipv4/netfilter/ip_conntrack_netbios_ns.c
new file mode 100644
index 000000000000..2b5cf9c51309
--- /dev/null
+++ b/net/ipv4/netfilter/ip_conntrack_netbios_ns.c
@@ -0,0 +1,131 @@
1/*
2 * NetBIOS name service broadcast connection tracking helper
3 *
4 * (c) 2005 Patrick McHardy <kaber@trash.net>
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 */
11/*
12 * This helper tracks locally originating NetBIOS name service
13 * requests by issuing permanent expectations (valid until
14 * timing out) matching all reply connections from the
15 * destination network. The only NetBIOS specific thing is
16 * actually the port number.
17 */
18#include <linux/kernel.h>
19#include <linux/module.h>
20#include <linux/init.h>
21#include <linux/skbuff.h>
22#include <linux/netdevice.h>
23#include <linux/inetdevice.h>
24#include <linux/in.h>
25#include <linux/ip.h>
26#include <linux/udp.h>
27#include <net/route.h>
28
29#include <linux/netfilter.h>
30#include <linux/netfilter_ipv4.h>
31#include <linux/netfilter_ipv4/ip_conntrack.h>
32#include <linux/netfilter_ipv4/ip_conntrack_helper.h>
33
34MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");
35MODULE_DESCRIPTION("NetBIOS name service broadcast connection tracking helper");
36MODULE_LICENSE("GPL");
37
38static unsigned int timeout = 3;
39module_param(timeout, int, 0600);
40MODULE_PARM_DESC(timeout, "timeout for master connection/replies in seconds");
41
42static int help(struct sk_buff **pskb,
43 struct ip_conntrack *ct, enum ip_conntrack_info ctinfo)
44{
45 struct ip_conntrack_expect *exp;
46 struct iphdr *iph = (*pskb)->nh.iph;
47 struct udphdr _uh, *uh;
48 struct rtable *rt = (struct rtable *)(*pskb)->dst;
49 struct in_device *in_dev;
50 u_int32_t mask = 0;
51
52 /* we're only interested in locally generated packets */
53 if ((*pskb)->sk == NULL)
54 goto out;
55 if (rt == NULL || !(rt->rt_flags & RTCF_BROADCAST))
56 goto out;
57 if (CTINFO2DIR(ctinfo) != IP_CT_DIR_ORIGINAL)
58 goto out;
59
60 rcu_read_lock();
61 in_dev = __in_dev_get(rt->u.dst.dev);
62 if (in_dev != NULL) {
63 for_primary_ifa(in_dev) {
64 if (ifa->ifa_broadcast == iph->daddr) {
65 mask = ifa->ifa_mask;
66 break;
67 }
68 } endfor_ifa(in_dev);
69 }
70 rcu_read_unlock();
71
72 if (mask == 0)
73 goto out;
74
75 uh = skb_header_pointer(*pskb, iph->ihl * 4, sizeof(_uh), &_uh);
76 BUG_ON(uh == NULL);
77
78 exp = ip_conntrack_expect_alloc(ct);
79 if (exp == NULL)
80 goto out;
81 memset(&exp->tuple, 0, sizeof(exp->tuple));
82 exp->tuple.src.ip = iph->daddr & mask;
83 exp->tuple.dst.ip = iph->saddr;
84 exp->tuple.dst.u.udp.port = uh->source;
85 exp->tuple.dst.protonum = IPPROTO_UDP;
86
87 memset(&exp->mask, 0, sizeof(exp->mask));
88 exp->mask.src.ip = mask;
89 exp->mask.dst.ip = 0xFFFFFFFF;
90 exp->mask.dst.u.udp.port = 0xFFFF;
91 exp->mask.dst.protonum = 0xFF;
92
93 exp->expectfn = NULL;
94 exp->flags = IP_CT_EXPECT_PERMANENT;
95
96 ip_conntrack_expect_related(exp);
97 ip_conntrack_expect_put(exp);
98
99 ip_ct_refresh_acct(ct, ctinfo, NULL, timeout * HZ);
100out:
101 return NF_ACCEPT;
102}
103
104static struct ip_conntrack_helper helper = {
105 .name = "netbios-ns",
106 .tuple = {
107 .src.u.udp.port = __constant_htons(137),
108 .dst.protonum = IPPROTO_UDP,
109 },
110 .mask = {
111 .src.u.udp.port = 0xFFFF,
112 .dst.protonum = 0xFF,
113 },
114 .max_expected = 1,
115 .me = THIS_MODULE,
116 .help = help,
117};
118
119static int __init init(void)
120{
121 helper.timeout = timeout;
122 return ip_conntrack_helper_register(&helper);
123}
124
125static void __exit fini(void)
126{
127 ip_conntrack_helper_unregister(&helper);
128}
129
130module_init(init);
131module_exit(fini);
diff --git a/net/ipv4/netfilter/ip_conntrack_netlink.c b/net/ipv4/netfilter/ip_conntrack_netlink.c
index a4e9278db4ed..15aef3564742 100644
--- a/net/ipv4/netfilter/ip_conntrack_netlink.c
+++ b/net/ipv4/netfilter/ip_conntrack_netlink.c
@@ -1349,8 +1349,10 @@ ctnetlink_del_expect(struct sock *ctnl, struct sk_buff *skb,
1349 list_for_each_entry_safe(exp, tmp, &ip_conntrack_expect_list, 1349 list_for_each_entry_safe(exp, tmp, &ip_conntrack_expect_list,
1350 list) { 1350 list) {
1351 if (exp->master->helper == h 1351 if (exp->master->helper == h
1352 && del_timer(&exp->timeout)) 1352 && del_timer(&exp->timeout)) {
1353 __ip_ct_expect_unlink_destroy(exp); 1353 ip_ct_unlink_expect(exp);
1354 ip_conntrack_expect_put(exp);
1355 }
1354 } 1356 }
1355 write_unlock(&ip_conntrack_lock); 1357 write_unlock(&ip_conntrack_lock);
1356 } else { 1358 } else {
@@ -1358,8 +1360,10 @@ ctnetlink_del_expect(struct sock *ctnl, struct sk_buff *skb,
1358 write_lock_bh(&ip_conntrack_lock); 1360 write_lock_bh(&ip_conntrack_lock);
1359 list_for_each_entry_safe(exp, tmp, &ip_conntrack_expect_list, 1361 list_for_each_entry_safe(exp, tmp, &ip_conntrack_expect_list,
1360 list) { 1362 list) {
1361 if (del_timer(&exp->timeout)) 1363 if (del_timer(&exp->timeout)) {
1362 __ip_ct_expect_unlink_destroy(exp); 1364 ip_ct_unlink_expect(exp);
1365 ip_conntrack_expect_put(exp);
1366 }
1363 } 1367 }
1364 write_unlock_bh(&ip_conntrack_lock); 1368 write_unlock_bh(&ip_conntrack_lock);
1365 } 1369 }
@@ -1413,6 +1417,7 @@ ctnetlink_create_expect(struct nfattr *cda[])
1413 } 1417 }
1414 1418
1415 exp->expectfn = NULL; 1419 exp->expectfn = NULL;
1420 exp->flags = 0;
1416 exp->master = ct; 1421 exp->master = ct;
1417 memcpy(&exp->tuple, &tuple, sizeof(struct ip_conntrack_tuple)); 1422 memcpy(&exp->tuple, &tuple, sizeof(struct ip_conntrack_tuple));
1418 memcpy(&exp->mask, &mask, sizeof(struct ip_conntrack_tuple)); 1423 memcpy(&exp->mask, &mask, sizeof(struct ip_conntrack_tuple));
diff --git a/net/ipv4/netfilter/ip_conntrack_proto_tcp.c b/net/ipv4/netfilter/ip_conntrack_proto_tcp.c
index f23ef1f88c46..1985abc59d24 100644
--- a/net/ipv4/netfilter/ip_conntrack_proto_tcp.c
+++ b/net/ipv4/netfilter/ip_conntrack_proto_tcp.c
@@ -349,6 +349,7 @@ static int tcp_to_nfattr(struct sk_buff *skb, struct nfattr *nfa,
349 return 0; 349 return 0;
350 350
351nfattr_failure: 351nfattr_failure:
352 read_unlock_bh(&tcp_lock);
352 return -1; 353 return -1;
353} 354}
354#endif 355#endif
diff --git a/net/ipv4/netfilter/ip_conntrack_standalone.c b/net/ipv4/netfilter/ip_conntrack_standalone.c
index ee5895afd0c3..ae3e3e655db5 100644
--- a/net/ipv4/netfilter/ip_conntrack_standalone.c
+++ b/net/ipv4/netfilter/ip_conntrack_standalone.c
@@ -998,7 +998,7 @@ EXPORT_SYMBOL(ip_conntrack_expect_related);
998EXPORT_SYMBOL(ip_conntrack_unexpect_related); 998EXPORT_SYMBOL(ip_conntrack_unexpect_related);
999EXPORT_SYMBOL_GPL(ip_conntrack_expect_list); 999EXPORT_SYMBOL_GPL(ip_conntrack_expect_list);
1000EXPORT_SYMBOL_GPL(__ip_conntrack_expect_find); 1000EXPORT_SYMBOL_GPL(__ip_conntrack_expect_find);
1001EXPORT_SYMBOL_GPL(__ip_ct_expect_unlink_destroy); 1001EXPORT_SYMBOL_GPL(ip_ct_unlink_expect);
1002 1002
1003EXPORT_SYMBOL(ip_conntrack_tuple_taken); 1003EXPORT_SYMBOL(ip_conntrack_tuple_taken);
1004EXPORT_SYMBOL(ip_ct_gather_frags); 1004EXPORT_SYMBOL(ip_ct_gather_frags);
diff --git a/net/ipv4/netfilter/ip_conntrack_tftp.c b/net/ipv4/netfilter/ip_conntrack_tftp.c
index f8ff170f390a..d2b590533452 100644
--- a/net/ipv4/netfilter/ip_conntrack_tftp.c
+++ b/net/ipv4/netfilter/ip_conntrack_tftp.c
@@ -75,6 +75,7 @@ static int tftp_help(struct sk_buff **pskb,
75 exp->mask.dst.u.udp.port = 0xffff; 75 exp->mask.dst.u.udp.port = 0xffff;
76 exp->mask.dst.protonum = 0xff; 76 exp->mask.dst.protonum = 0xff;
77 exp->expectfn = NULL; 77 exp->expectfn = NULL;
78 exp->flags = 0;
78 79
79 DEBUGP("expect: "); 80 DEBUGP("expect: ");
80 DUMP_TUPLE(&exp->tuple); 81 DUMP_TUPLE(&exp->tuple);
diff --git a/net/ipv4/netfilter/ip_nat_rule.c b/net/ipv4/netfilter/ip_nat_rule.c
index 60d70fa41a15..cb66b8bddeb3 100644
--- a/net/ipv4/netfilter/ip_nat_rule.c
+++ b/net/ipv4/netfilter/ip_nat_rule.c
@@ -255,6 +255,27 @@ alloc_null_binding(struct ip_conntrack *conntrack,
255 return ip_nat_setup_info(conntrack, &range, hooknum); 255 return ip_nat_setup_info(conntrack, &range, hooknum);
256} 256}
257 257
258unsigned int
259alloc_null_binding_confirmed(struct ip_conntrack *conntrack,
260 struct ip_nat_info *info,
261 unsigned int hooknum)
262{
263 u_int32_t ip
264 = (HOOK2MANIP(hooknum) == IP_NAT_MANIP_SRC
265 ? conntrack->tuplehash[IP_CT_DIR_REPLY].tuple.dst.ip
266 : conntrack->tuplehash[IP_CT_DIR_REPLY].tuple.src.ip);
267 u_int16_t all
268 = (HOOK2MANIP(hooknum) == IP_NAT_MANIP_SRC
269 ? conntrack->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u.all
270 : conntrack->tuplehash[IP_CT_DIR_REPLY].tuple.src.u.all);
271 struct ip_nat_range range
272 = { IP_NAT_RANGE_MAP_IPS, ip, ip, { all }, { all } };
273
274 DEBUGP("Allocating NULL binding for confirmed %p (%u.%u.%u.%u)\n",
275 conntrack, NIPQUAD(ip));
276 return ip_nat_setup_info(conntrack, &range, hooknum);
277}
278
258int ip_nat_rule_find(struct sk_buff **pskb, 279int ip_nat_rule_find(struct sk_buff **pskb,
259 unsigned int hooknum, 280 unsigned int hooknum,
260 const struct net_device *in, 281 const struct net_device *in,
diff --git a/net/ipv4/netfilter/ip_nat_standalone.c b/net/ipv4/netfilter/ip_nat_standalone.c
index 89db052add81..0ff368b131f6 100644
--- a/net/ipv4/netfilter/ip_nat_standalone.c
+++ b/net/ipv4/netfilter/ip_nat_standalone.c
@@ -123,8 +123,12 @@ ip_nat_fn(unsigned int hooknum,
123 if (!ip_nat_initialized(ct, maniptype)) { 123 if (!ip_nat_initialized(ct, maniptype)) {
124 unsigned int ret; 124 unsigned int ret;
125 125
126 /* LOCAL_IN hook doesn't have a chain! */ 126 if (unlikely(is_confirmed(ct)))
127 if (hooknum == NF_IP_LOCAL_IN) 127 /* NAT module was loaded late */
128 ret = alloc_null_binding_confirmed(ct, info,
129 hooknum);
130 else if (hooknum == NF_IP_LOCAL_IN)
131 /* LOCAL_IN hook doesn't have a chain! */
128 ret = alloc_null_binding(ct, info, hooknum); 132 ret = alloc_null_binding(ct, info, hooknum);
129 else 133 else
130 ret = ip_nat_rule_find(pskb, hooknum, 134 ret = ip_nat_rule_find(pskb, hooknum,
diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c
index e5beca7de86c..e0bd1013cb0d 100644
--- a/net/ipv4/udp.c
+++ b/net/ipv4/udp.c
@@ -1141,7 +1141,7 @@ int udp_rcv(struct sk_buff *skb)
1141 if (ulen > len || ulen < sizeof(*uh)) 1141 if (ulen > len || ulen < sizeof(*uh))
1142 goto short_packet; 1142 goto short_packet;
1143 1143
1144 if (pskb_trim(skb, ulen)) 1144 if (pskb_trim_rcsum(skb, ulen))
1145 goto short_packet; 1145 goto short_packet;
1146 1146
1147 if (udp_checksum_init(skb, uh, ulen, saddr, daddr) < 0) 1147 if (udp_checksum_init(skb, uh, ulen, saddr, daddr) < 0)
diff --git a/net/ipv6/exthdrs.c b/net/ipv6/exthdrs.c
index ffcda45e2c1e..47122728212a 100644
--- a/net/ipv6/exthdrs.c
+++ b/net/ipv6/exthdrs.c
@@ -461,11 +461,10 @@ static int ipv6_hop_jumbo(struct sk_buff *skb, int optoff)
461 IP6_INC_STATS_BH(IPSTATS_MIB_INTRUNCATEDPKTS); 461 IP6_INC_STATS_BH(IPSTATS_MIB_INTRUNCATEDPKTS);
462 goto drop; 462 goto drop;
463 } 463 }
464 if (pkt_len + sizeof(struct ipv6hdr) < skb->len) { 464
465 __pskb_trim(skb, pkt_len + sizeof(struct ipv6hdr)); 465 if (pskb_trim_rcsum(skb, pkt_len + sizeof(struct ipv6hdr)))
466 if (skb->ip_summed == CHECKSUM_HW) 466 goto drop;
467 skb->ip_summed = CHECKSUM_NONE; 467
468 }
469 return 1; 468 return 1;
470 469
471drop: 470drop:
diff --git a/net/ipv6/reassembly.c b/net/ipv6/reassembly.c
index 9d9e04344c77..e4fe9ee484dd 100644
--- a/net/ipv6/reassembly.c
+++ b/net/ipv6/reassembly.c
@@ -479,12 +479,9 @@ static void ip6_frag_queue(struct frag_queue *fq, struct sk_buff *skb,
479 /* Point into the IP datagram 'data' part. */ 479 /* Point into the IP datagram 'data' part. */
480 if (!pskb_pull(skb, (u8 *) (fhdr + 1) - skb->data)) 480 if (!pskb_pull(skb, (u8 *) (fhdr + 1) - skb->data))
481 goto err; 481 goto err;
482 if (end-offset < skb->len) { 482
483 if (pskb_trim(skb, end - offset)) 483 if (pskb_trim_rcsum(skb, end - offset))
484 goto err; 484 goto err;
485 if (skb->ip_summed != CHECKSUM_UNNECESSARY)
486 skb->ip_summed = CHECKSUM_NONE;
487 }
488 485
489 /* Find out which fragments are in front and at the back of us 486 /* Find out which fragments are in front and at the back of us
490 * in the chain of fragments so far. We must know where to put 487 * in the chain of fragments so far. We must know where to put
diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c
index dbd18a9d1669..f5ae14810a70 100644
--- a/net/ipv6/udp.c
+++ b/net/ipv6/udp.c
@@ -483,7 +483,7 @@ static int udpv6_rcv(struct sk_buff **pskb, unsigned int *nhoffp)
483 } 483 }
484 484
485 if (ulen < skb->len) { 485 if (ulen < skb->len) {
486 if (__pskb_trim(skb, ulen)) 486 if (pskb_trim_rcsum(skb, ulen))
487 goto discard; 487 goto discard;
488 saddr = &skb->nh.ipv6h->saddr; 488 saddr = &skb->nh.ipv6h->saddr;
489 daddr = &skb->nh.ipv6h->daddr; 489 daddr = &skb->nh.ipv6h->daddr;
diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c
index 249bddb28acd..f81fe8c52e99 100644
--- a/net/netfilter/nfnetlink_queue.c
+++ b/net/netfilter/nfnetlink_queue.c
@@ -371,6 +371,12 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
371 break; 371 break;
372 372
373 case NFQNL_COPY_PACKET: 373 case NFQNL_COPY_PACKET:
374 if (entry->skb->ip_summed == CHECKSUM_HW &&
375 (*errp = skb_checksum_help(entry->skb,
376 entry->info->outdev == NULL))) {
377 spin_unlock_bh(&queue->lock);
378 return NULL;
379 }
374 if (queue->copy_range == 0 380 if (queue->copy_range == 0
375 || queue->copy_range > entry->skb->len) 381 || queue->copy_range > entry->skb->len)
376 data_len = entry->skb->len; 382 data_len = entry->skb->len;
@@ -636,7 +642,7 @@ nfqnl_mangle(void *data, int data_len, struct nfqnl_queue_entry *e)
636 if (!skb_make_writable(&e->skb, data_len)) 642 if (!skb_make_writable(&e->skb, data_len))
637 return -ENOMEM; 643 return -ENOMEM;
638 memcpy(e->skb->data, data, data_len); 644 memcpy(e->skb->data, data, data_len);
639 645 e->skb->ip_summed = CHECKSUM_NONE;
640 return 0; 646 return 0;
641} 647}
642 648
diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
index 62435ffc6184..a64e1d5ce3ca 100644
--- a/net/netlink/af_netlink.c
+++ b/net/netlink/af_netlink.c
@@ -398,24 +398,13 @@ static int netlink_create(struct socket *sock, int protocol)
398 if (nl_table[protocol].registered && 398 if (nl_table[protocol].registered &&
399 try_module_get(nl_table[protocol].module)) 399 try_module_get(nl_table[protocol].module))
400 module = nl_table[protocol].module; 400 module = nl_table[protocol].module;
401 else
402 err = -EPROTONOSUPPORT;
403 groups = nl_table[protocol].groups; 401 groups = nl_table[protocol].groups;
404 netlink_unlock_table(); 402 netlink_unlock_table();
405 403
406 if (err || (err = __netlink_create(sock, protocol) < 0)) 404 if ((err = __netlink_create(sock, protocol) < 0))
407 goto out_module; 405 goto out_module;
408 406
409 nlk = nlk_sk(sock->sk); 407 nlk = nlk_sk(sock->sk);
410
411 nlk->groups = kmalloc(NLGRPSZ(groups), GFP_KERNEL);
412 if (nlk->groups == NULL) {
413 err = -ENOMEM;
414 goto out_module;
415 }
416 memset(nlk->groups, 0, NLGRPSZ(groups));
417 nlk->ngroups = groups;
418
419 nlk->module = module; 408 nlk->module = module;
420out: 409out:
421 return err; 410 return err;
@@ -534,6 +523,29 @@ netlink_update_subscriptions(struct sock *sk, unsigned int subscriptions)
534 nlk->subscriptions = subscriptions; 523 nlk->subscriptions = subscriptions;
535} 524}
536 525
526static int netlink_alloc_groups(struct sock *sk)
527{
528 struct netlink_sock *nlk = nlk_sk(sk);
529 unsigned int groups;
530 int err = 0;
531
532 netlink_lock_table();
533 groups = nl_table[sk->sk_protocol].groups;
534 if (!nl_table[sk->sk_protocol].registered)
535 err = -ENOENT;
536 netlink_unlock_table();
537
538 if (err)
539 return err;
540
541 nlk->groups = kmalloc(NLGRPSZ(groups), GFP_KERNEL);
542 if (nlk->groups == NULL)
543 return -ENOMEM;
544 memset(nlk->groups, 0, NLGRPSZ(groups));
545 nlk->ngroups = groups;
546 return 0;
547}
548
537static int netlink_bind(struct socket *sock, struct sockaddr *addr, int addr_len) 549static int netlink_bind(struct socket *sock, struct sockaddr *addr, int addr_len)
538{ 550{
539 struct sock *sk = sock->sk; 551 struct sock *sk = sock->sk;
@@ -545,8 +557,15 @@ static int netlink_bind(struct socket *sock, struct sockaddr *addr, int addr_len
545 return -EINVAL; 557 return -EINVAL;
546 558
547 /* Only superuser is allowed to listen multicasts */ 559 /* Only superuser is allowed to listen multicasts */
548 if (nladdr->nl_groups && !netlink_capable(sock, NL_NONROOT_RECV)) 560 if (nladdr->nl_groups) {
549 return -EPERM; 561 if (!netlink_capable(sock, NL_NONROOT_RECV))
562 return -EPERM;
563 if (nlk->groups == NULL) {
564 err = netlink_alloc_groups(sk);
565 if (err)
566 return err;
567 }
568 }
550 569
551 if (nlk->pid) { 570 if (nlk->pid) {
552 if (nladdr->nl_pid != nlk->pid) 571 if (nladdr->nl_pid != nlk->pid)
@@ -559,7 +578,7 @@ static int netlink_bind(struct socket *sock, struct sockaddr *addr, int addr_len
559 return err; 578 return err;
560 } 579 }
561 580
562 if (!nladdr->nl_groups && !(u32)nlk->groups[0]) 581 if (!nladdr->nl_groups && (nlk->groups == NULL || !(u32)nlk->groups[0]))
563 return 0; 582 return 0;
564 583
565 netlink_table_grab(); 584 netlink_table_grab();
@@ -620,7 +639,7 @@ static int netlink_getname(struct socket *sock, struct sockaddr *addr, int *addr
620 nladdr->nl_groups = netlink_group_mask(nlk->dst_group); 639 nladdr->nl_groups = netlink_group_mask(nlk->dst_group);
621 } else { 640 } else {
622 nladdr->nl_pid = nlk->pid; 641 nladdr->nl_pid = nlk->pid;
623 nladdr->nl_groups = nlk->groups[0]; 642 nladdr->nl_groups = nlk->groups ? nlk->groups[0] : 0;
624 } 643 }
625 return 0; 644 return 0;
626} 645}
@@ -976,6 +995,11 @@ static int netlink_setsockopt(struct socket *sock, int level, int optname,
976 995
977 if (!netlink_capable(sock, NL_NONROOT_RECV)) 996 if (!netlink_capable(sock, NL_NONROOT_RECV))
978 return -EPERM; 997 return -EPERM;
998 if (nlk->groups == NULL) {
999 err = netlink_alloc_groups(sk);
1000 if (err)
1001 return err;
1002 }
979 if (!val || val - 1 >= nlk->ngroups) 1003 if (!val || val - 1 >= nlk->ngroups)
980 return -EINVAL; 1004 return -EINVAL;
981 netlink_table_grab(); 1005 netlink_table_grab();
@@ -1483,8 +1507,7 @@ static int netlink_seq_show(struct seq_file *seq, void *v)
1483 s, 1507 s,
1484 s->sk_protocol, 1508 s->sk_protocol,
1485 nlk->pid, 1509 nlk->pid,
1486 nlk->flags & NETLINK_KERNEL_SOCKET ? 1510 nlk->groups ? (u32)nlk->groups[0] : 0,
1487 0 : (unsigned int)nlk->groups[0],
1488 atomic_read(&s->sk_rmem_alloc), 1511 atomic_read(&s->sk_rmem_alloc),
1489 atomic_read(&s->sk_wmem_alloc), 1512 atomic_read(&s->sk_wmem_alloc),
1490 nlk->cb, 1513 nlk->cb,
diff --git a/net/netrom/af_netrom.c b/net/netrom/af_netrom.c
index 4b53de982114..f4578c759ffc 100644
--- a/net/netrom/af_netrom.c
+++ b/net/netrom/af_netrom.c
@@ -1261,6 +1261,7 @@ static int nr_info_show(struct seq_file *seq, void *v)
1261 struct net_device *dev; 1261 struct net_device *dev;
1262 struct nr_sock *nr; 1262 struct nr_sock *nr;
1263 const char *devname; 1263 const char *devname;
1264 char buf[11];
1264 1265
1265 if (v == SEQ_START_TOKEN) 1266 if (v == SEQ_START_TOKEN)
1266 seq_puts(seq, 1267 seq_puts(seq,
@@ -1276,11 +1277,11 @@ static int nr_info_show(struct seq_file *seq, void *v)
1276 else 1277 else
1277 devname = dev->name; 1278 devname = dev->name;
1278 1279
1279 seq_printf(seq, "%-9s ", ax2asc(&nr->user_addr)); 1280 seq_printf(seq, "%-9s ", ax2asc(buf, &nr->user_addr));
1280 seq_printf(seq, "%-9s ", ax2asc(&nr->dest_addr)); 1281 seq_printf(seq, "%-9s ", ax2asc(buf, &nr->dest_addr));
1281 seq_printf(seq, 1282 seq_printf(seq,
1282"%-9s %-3s %02X/%02X %02X/%02X %2d %3d %3d %3d %3lu/%03lu %2lu/%02lu %3lu/%03lu %3lu/%03lu %2d/%02d %3d %5d %5d %ld\n", 1283"%-9s %-3s %02X/%02X %02X/%02X %2d %3d %3d %3d %3lu/%03lu %2lu/%02lu %3lu/%03lu %3lu/%03lu %2d/%02d %3d %5d %5d %ld\n",
1283 ax2asc(&nr->source_addr), 1284 ax2asc(buf, &nr->source_addr),
1284 devname, 1285 devname,
1285 nr->my_index, 1286 nr->my_index,
1286 nr->my_id, 1287 nr->my_id,
diff --git a/net/netrom/nr_route.c b/net/netrom/nr_route.c
index 7a86b36cba50..b3b9097c87c7 100644
--- a/net/netrom/nr_route.c
+++ b/net/netrom/nr_route.c
@@ -881,6 +881,7 @@ static void nr_node_stop(struct seq_file *seq, void *v)
881 881
882static int nr_node_show(struct seq_file *seq, void *v) 882static int nr_node_show(struct seq_file *seq, void *v)
883{ 883{
884 char buf[11];
884 int i; 885 int i;
885 886
886 if (v == SEQ_START_TOKEN) 887 if (v == SEQ_START_TOKEN)
@@ -890,7 +891,7 @@ static int nr_node_show(struct seq_file *seq, void *v)
890 struct nr_node *nr_node = v; 891 struct nr_node *nr_node = v;
891 nr_node_lock(nr_node); 892 nr_node_lock(nr_node);
892 seq_printf(seq, "%-9s %-7s %d %d", 893 seq_printf(seq, "%-9s %-7s %d %d",
893 ax2asc(&nr_node->callsign), 894 ax2asc(buf, &nr_node->callsign),
894 (nr_node->mnemonic[0] == '\0') ? "*" : nr_node->mnemonic, 895 (nr_node->mnemonic[0] == '\0') ? "*" : nr_node->mnemonic,
895 nr_node->which + 1, 896 nr_node->which + 1,
896 nr_node->count); 897 nr_node->count);
@@ -964,6 +965,7 @@ static void nr_neigh_stop(struct seq_file *seq, void *v)
964 965
965static int nr_neigh_show(struct seq_file *seq, void *v) 966static int nr_neigh_show(struct seq_file *seq, void *v)
966{ 967{
968 char buf[11];
967 int i; 969 int i;
968 970
969 if (v == SEQ_START_TOKEN) 971 if (v == SEQ_START_TOKEN)
@@ -973,7 +975,7 @@ static int nr_neigh_show(struct seq_file *seq, void *v)
973 975
974 seq_printf(seq, "%05d %-9s %-4s %3d %d %3d %3d", 976 seq_printf(seq, "%05d %-9s %-4s %3d %d %3d %3d",
975 nr_neigh->number, 977 nr_neigh->number,
976 ax2asc(&nr_neigh->callsign), 978 ax2asc(buf, &nr_neigh->callsign),
977 nr_neigh->dev ? nr_neigh->dev->name : "???", 979 nr_neigh->dev ? nr_neigh->dev->name : "???",
978 nr_neigh->quality, 980 nr_neigh->quality,
979 nr_neigh->locked, 981 nr_neigh->locked,
@@ -983,7 +985,7 @@ static int nr_neigh_show(struct seq_file *seq, void *v)
983 if (nr_neigh->digipeat != NULL) { 985 if (nr_neigh->digipeat != NULL) {
984 for (i = 0; i < nr_neigh->digipeat->ndigi; i++) 986 for (i = 0; i < nr_neigh->digipeat->ndigi; i++)
985 seq_printf(seq, " %s", 987 seq_printf(seq, " %s",
986 ax2asc(&nr_neigh->digipeat->calls[i])); 988 ax2asc(buf, &nr_neigh->digipeat->calls[i]));
987 } 989 }
988 990
989 seq_puts(seq, "\n"); 991 seq_puts(seq, "\n");
diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c
index ba997095f08f..8690f171c1ef 100644
--- a/net/packet/af_packet.c
+++ b/net/packet/af_packet.c
@@ -1535,8 +1535,7 @@ static unsigned int packet_poll(struct file * file, struct socket *sock,
1535static void packet_mm_open(struct vm_area_struct *vma) 1535static void packet_mm_open(struct vm_area_struct *vma)
1536{ 1536{
1537 struct file *file = vma->vm_file; 1537 struct file *file = vma->vm_file;
1538 struct inode *inode = file->f_dentry->d_inode; 1538 struct socket * sock = file->private_data;
1539 struct socket * sock = SOCKET_I(inode);
1540 struct sock *sk = sock->sk; 1539 struct sock *sk = sock->sk;
1541 1540
1542 if (sk) 1541 if (sk)
@@ -1546,8 +1545,7 @@ static void packet_mm_open(struct vm_area_struct *vma)
1546static void packet_mm_close(struct vm_area_struct *vma) 1545static void packet_mm_close(struct vm_area_struct *vma)
1547{ 1546{
1548 struct file *file = vma->vm_file; 1547 struct file *file = vma->vm_file;
1549 struct inode *inode = file->f_dentry->d_inode; 1548 struct socket * sock = file->private_data;
1550 struct socket * sock = SOCKET_I(inode);
1551 struct sock *sk = sock->sk; 1549 struct sock *sk = sock->sk;
1552 1550
1553 if (sk) 1551 if (sk)
diff --git a/net/rose/af_rose.c b/net/rose/af_rose.c
index c6e59f84c3ae..3077878ed4f0 100644
--- a/net/rose/af_rose.c
+++ b/net/rose/af_rose.c
@@ -1363,6 +1363,8 @@ static void rose_info_stop(struct seq_file *seq, void *v)
1363 1363
1364static int rose_info_show(struct seq_file *seq, void *v) 1364static int rose_info_show(struct seq_file *seq, void *v)
1365{ 1365{
1366 char buf[11];
1367
1366 if (v == SEQ_START_TOKEN) 1368 if (v == SEQ_START_TOKEN)
1367 seq_puts(seq, 1369 seq_puts(seq,
1368 "dest_addr dest_call src_addr src_call dev lci neigh st vs vr va t t1 t2 t3 hb idle Snd-Q Rcv-Q inode\n"); 1370 "dest_addr dest_call src_addr src_call dev lci neigh st vs vr va t t1 t2 t3 hb idle Snd-Q Rcv-Q inode\n");
@@ -1380,12 +1382,12 @@ static int rose_info_show(struct seq_file *seq, void *v)
1380 1382
1381 seq_printf(seq, "%-10s %-9s ", 1383 seq_printf(seq, "%-10s %-9s ",
1382 rose2asc(&rose->dest_addr), 1384 rose2asc(&rose->dest_addr),
1383 ax2asc(&rose->dest_call)); 1385 ax2asc(buf, &rose->dest_call));
1384 1386
1385 if (ax25cmp(&rose->source_call, &null_ax25_address) == 0) 1387 if (ax25cmp(&rose->source_call, &null_ax25_address) == 0)
1386 callsign = "??????-?"; 1388 callsign = "??????-?";
1387 else 1389 else
1388 callsign = ax2asc(&rose->source_call); 1390 callsign = ax2asc(buf, &rose->source_call);
1389 1391
1390 seq_printf(seq, 1392 seq_printf(seq,
1391 "%-10s %-9s %-5s %3.3X %05d %d %d %d %d %3lu %3lu %3lu %3lu %3lu %3lu/%03lu %5d %5d %ld\n", 1393 "%-10s %-9s %-5s %3.3X %05d %d %d %d %d %3lu %3lu %3lu %3lu %3lu %3lu/%03lu %5d %5d %ld\n",
diff --git a/net/rose/rose_route.c b/net/rose/rose_route.c
index 4510cd7613ec..e556d92c0bc4 100644
--- a/net/rose/rose_route.c
+++ b/net/rose/rose_route.c
@@ -851,6 +851,7 @@ int rose_route_frame(struct sk_buff *skb, ax25_cb *ax25)
851 unsigned char cause, diagnostic; 851 unsigned char cause, diagnostic;
852 struct net_device *dev; 852 struct net_device *dev;
853 int len, res = 0; 853 int len, res = 0;
854 char buf[11];
854 855
855#if 0 856#if 0
856 if (call_in_firewall(PF_ROSE, skb->dev, skb->data, NULL, &skb) != FW_ACCEPT) 857 if (call_in_firewall(PF_ROSE, skb->dev, skb->data, NULL, &skb) != FW_ACCEPT)
@@ -876,7 +877,7 @@ int rose_route_frame(struct sk_buff *skb, ax25_cb *ax25)
876 877
877 if (rose_neigh == NULL) { 878 if (rose_neigh == NULL) {
878 printk("rose_route : unknown neighbour or device %s\n", 879 printk("rose_route : unknown neighbour or device %s\n",
879 ax2asc(&ax25->dest_addr)); 880 ax2asc(buf, &ax25->dest_addr));
880 goto out; 881 goto out;
881 } 882 }
882 883
@@ -1178,6 +1179,7 @@ static void rose_neigh_stop(struct seq_file *seq, void *v)
1178 1179
1179static int rose_neigh_show(struct seq_file *seq, void *v) 1180static int rose_neigh_show(struct seq_file *seq, void *v)
1180{ 1181{
1182 char buf[11];
1181 int i; 1183 int i;
1182 1184
1183 if (v == SEQ_START_TOKEN) 1185 if (v == SEQ_START_TOKEN)
@@ -1189,7 +1191,7 @@ static int rose_neigh_show(struct seq_file *seq, void *v)
1189 /* if (!rose_neigh->loopback) { */ 1191 /* if (!rose_neigh->loopback) { */
1190 seq_printf(seq, "%05d %-9s %-4s %3d %3d %3s %3s %3lu %3lu", 1192 seq_printf(seq, "%05d %-9s %-4s %3d %3d %3s %3s %3lu %3lu",
1191 rose_neigh->number, 1193 rose_neigh->number,
1192 (rose_neigh->loopback) ? "RSLOOP-0" : ax2asc(&rose_neigh->callsign), 1194 (rose_neigh->loopback) ? "RSLOOP-0" : ax2asc(buf, &rose_neigh->callsign),
1193 rose_neigh->dev ? rose_neigh->dev->name : "???", 1195 rose_neigh->dev ? rose_neigh->dev->name : "???",
1194 rose_neigh->count, 1196 rose_neigh->count,
1195 rose_neigh->use, 1197 rose_neigh->use,
@@ -1200,7 +1202,7 @@ static int rose_neigh_show(struct seq_file *seq, void *v)
1200 1202
1201 if (rose_neigh->digipeat != NULL) { 1203 if (rose_neigh->digipeat != NULL) {
1202 for (i = 0; i < rose_neigh->digipeat->ndigi; i++) 1204 for (i = 0; i < rose_neigh->digipeat->ndigi; i++)
1203 seq_printf(seq, " %s", ax2asc(&rose_neigh->digipeat->calls[i])); 1205 seq_printf(seq, " %s", ax2asc(buf, &rose_neigh->digipeat->calls[i]));
1204 } 1206 }
1205 1207
1206 seq_puts(seq, "\n"); 1208 seq_puts(seq, "\n");
@@ -1260,6 +1262,8 @@ static void rose_route_stop(struct seq_file *seq, void *v)
1260 1262
1261static int rose_route_show(struct seq_file *seq, void *v) 1263static int rose_route_show(struct seq_file *seq, void *v)
1262{ 1264{
1265 char buf[11];
1266
1263 if (v == SEQ_START_TOKEN) 1267 if (v == SEQ_START_TOKEN)
1264 seq_puts(seq, 1268 seq_puts(seq,
1265 "lci address callsign neigh <-> lci address callsign neigh\n"); 1269 "lci address callsign neigh <-> lci address callsign neigh\n");
@@ -1271,7 +1275,7 @@ static int rose_route_show(struct seq_file *seq, void *v)
1271 "%3.3X %-10s %-9s %05d ", 1275 "%3.3X %-10s %-9s %05d ",
1272 rose_route->lci1, 1276 rose_route->lci1,
1273 rose2asc(&rose_route->src_addr), 1277 rose2asc(&rose_route->src_addr),
1274 ax2asc(&rose_route->src_call), 1278 ax2asc(buf, &rose_route->src_call),
1275 rose_route->neigh1->number); 1279 rose_route->neigh1->number);
1276 else 1280 else
1277 seq_puts(seq, 1281 seq_puts(seq,
@@ -1282,7 +1286,7 @@ static int rose_route_show(struct seq_file *seq, void *v)
1282 "%3.3X %-10s %-9s %05d\n", 1286 "%3.3X %-10s %-9s %05d\n",
1283 rose_route->lci2, 1287 rose_route->lci2,
1284 rose2asc(&rose_route->dest_addr), 1288 rose2asc(&rose_route->dest_addr),
1285 ax2asc(&rose_route->dest_call), 1289 ax2asc(buf, &rose_route->dest_call),
1286 rose_route->neigh2->number); 1290 rose_route->neigh2->number);
1287 else 1291 else
1288 seq_puts(seq, 1292 seq_puts(seq,
diff --git a/net/rose/rose_subr.c b/net/rose/rose_subr.c
index a29a3a960fd6..02891ce2db37 100644
--- a/net/rose/rose_subr.c
+++ b/net/rose/rose_subr.c
@@ -400,6 +400,7 @@ static int rose_create_facilities(unsigned char *buffer, struct rose_sock *rose)
400{ 400{
401 unsigned char *p = buffer + 1; 401 unsigned char *p = buffer + 1;
402 char *callsign; 402 char *callsign;
403 char buf[11];
403 int len, nb; 404 int len, nb;
404 405
405 /* National Facilities */ 406 /* National Facilities */
@@ -456,7 +457,7 @@ static int rose_create_facilities(unsigned char *buffer, struct rose_sock *rose)
456 457
457 *p++ = FAC_CCITT_DEST_NSAP; 458 *p++ = FAC_CCITT_DEST_NSAP;
458 459
459 callsign = ax2asc(&rose->dest_call); 460 callsign = ax2asc(buf, &rose->dest_call);
460 461
461 *p++ = strlen(callsign) + 10; 462 *p++ = strlen(callsign) + 10;
462 *p++ = (strlen(callsign) + 9) * 2; /* ??? */ 463 *p++ = (strlen(callsign) + 9) * 2; /* ??? */
@@ -471,7 +472,7 @@ static int rose_create_facilities(unsigned char *buffer, struct rose_sock *rose)
471 472
472 *p++ = FAC_CCITT_SRC_NSAP; 473 *p++ = FAC_CCITT_SRC_NSAP;
473 474
474 callsign = ax2asc(&rose->source_call); 475 callsign = ax2asc(buf, &rose->source_call);
475 476
476 *p++ = strlen(callsign) + 10; 477 *p++ = strlen(callsign) + 10;
477 *p++ = (strlen(callsign) + 9) * 2; /* ??? */ 478 *p++ = (strlen(callsign) + 9) * 2; /* ??? */
diff --git a/net/socket.c b/net/socket.c
index 94fe638b4d72..c699e93c33d7 100644
--- a/net/socket.c
+++ b/net/socket.c
@@ -667,7 +667,7 @@ static ssize_t sock_aio_read(struct kiocb *iocb, char __user *ubuf,
667 } 667 }
668 iocb->private = x; 668 iocb->private = x;
669 x->kiocb = iocb; 669 x->kiocb = iocb;
670 sock = SOCKET_I(iocb->ki_filp->f_dentry->d_inode); 670 sock = iocb->ki_filp->private_data;
671 671
672 x->async_msg.msg_name = NULL; 672 x->async_msg.msg_name = NULL;
673 x->async_msg.msg_namelen = 0; 673 x->async_msg.msg_namelen = 0;
@@ -709,7 +709,7 @@ static ssize_t sock_aio_write(struct kiocb *iocb, const char __user *ubuf,
709 } 709 }
710 iocb->private = x; 710 iocb->private = x;
711 x->kiocb = iocb; 711 x->kiocb = iocb;
712 sock = SOCKET_I(iocb->ki_filp->f_dentry->d_inode); 712 sock = iocb->ki_filp->private_data;
713 713
714 x->async_msg.msg_name = NULL; 714 x->async_msg.msg_name = NULL;
715 x->async_msg.msg_namelen = 0; 715 x->async_msg.msg_namelen = 0;
@@ -732,7 +732,7 @@ static ssize_t sock_sendpage(struct file *file, struct page *page,
732 struct socket *sock; 732 struct socket *sock;
733 int flags; 733 int flags;
734 734
735 sock = SOCKET_I(file->f_dentry->d_inode); 735 sock = file->private_data;
736 736
737 flags = !(file->f_flags & O_NONBLOCK) ? 0 : MSG_DONTWAIT; 737 flags = !(file->f_flags & O_NONBLOCK) ? 0 : MSG_DONTWAIT;
738 if (more) 738 if (more)
@@ -741,14 +741,14 @@ static ssize_t sock_sendpage(struct file *file, struct page *page,
741 return sock->ops->sendpage(sock, page, offset, size, flags); 741 return sock->ops->sendpage(sock, page, offset, size, flags);
742} 742}
743 743
744static int sock_readv_writev(int type, struct inode * inode, 744static int sock_readv_writev(int type,
745 struct file * file, const struct iovec * iov, 745 struct file * file, const struct iovec * iov,
746 long count, size_t size) 746 long count, size_t size)
747{ 747{
748 struct msghdr msg; 748 struct msghdr msg;
749 struct socket *sock; 749 struct socket *sock;
750 750
751 sock = SOCKET_I(inode); 751 sock = file->private_data;
752 752
753 msg.msg_name = NULL; 753 msg.msg_name = NULL;
754 msg.msg_namelen = 0; 754 msg.msg_namelen = 0;
@@ -775,7 +775,7 @@ static ssize_t sock_readv(struct file *file, const struct iovec *vector,
775 int i; 775 int i;
776 for (i = 0 ; i < count ; i++) 776 for (i = 0 ; i < count ; i++)
777 tot_len += vector[i].iov_len; 777 tot_len += vector[i].iov_len;
778 return sock_readv_writev(VERIFY_WRITE, file->f_dentry->d_inode, 778 return sock_readv_writev(VERIFY_WRITE,
779 file, vector, count, tot_len); 779 file, vector, count, tot_len);
780} 780}
781 781
@@ -786,7 +786,7 @@ static ssize_t sock_writev(struct file *file, const struct iovec *vector,
786 int i; 786 int i;
787 for (i = 0 ; i < count ; i++) 787 for (i = 0 ; i < count ; i++)
788 tot_len += vector[i].iov_len; 788 tot_len += vector[i].iov_len;
789 return sock_readv_writev(VERIFY_READ, file->f_dentry->d_inode, 789 return sock_readv_writev(VERIFY_READ,
790 file, vector, count, tot_len); 790 file, vector, count, tot_len);
791} 791}
792 792
@@ -840,7 +840,7 @@ static long sock_ioctl(struct file *file, unsigned cmd, unsigned long arg)
840 void __user *argp = (void __user *)arg; 840 void __user *argp = (void __user *)arg;
841 int pid, err; 841 int pid, err;
842 842
843 sock = SOCKET_I(file->f_dentry->d_inode); 843 sock = file->private_data;
844 if (cmd >= SIOCDEVPRIVATE && cmd <= (SIOCDEVPRIVATE + 15)) { 844 if (cmd >= SIOCDEVPRIVATE && cmd <= (SIOCDEVPRIVATE + 15)) {
845 err = dev_ioctl(cmd, argp); 845 err = dev_ioctl(cmd, argp);
846 } else 846 } else
@@ -939,13 +939,13 @@ static unsigned int sock_poll(struct file *file, poll_table * wait)
939 /* 939 /*
940 * We can't return errors to poll, so it's either yes or no. 940 * We can't return errors to poll, so it's either yes or no.
941 */ 941 */
942 sock = SOCKET_I(file->f_dentry->d_inode); 942 sock = file->private_data;
943 return sock->ops->poll(file, sock, wait); 943 return sock->ops->poll(file, sock, wait);
944} 944}
945 945
946static int sock_mmap(struct file * file, struct vm_area_struct * vma) 946static int sock_mmap(struct file * file, struct vm_area_struct * vma)
947{ 947{
948 struct socket *sock = SOCKET_I(file->f_dentry->d_inode); 948 struct socket *sock = file->private_data;
949 949
950 return sock->ops->mmap(file, sock, vma); 950 return sock->ops->mmap(file, sock, vma);
951} 951}
@@ -995,7 +995,7 @@ static int sock_fasync(int fd, struct file *filp, int on)
995 return -ENOMEM; 995 return -ENOMEM;
996 } 996 }
997 997
998 sock = SOCKET_I(filp->f_dentry->d_inode); 998 sock = filp->private_data;
999 999
1000 if ((sk=sock->sk) == NULL) { 1000 if ((sk=sock->sk) == NULL) {
1001 kfree(fna); 1001 kfree(fna);
@@ -1745,10 +1745,11 @@ asmlinkage long sys_sendmsg(int fd, struct msghdr __user *msg, unsigned flags)
1745 goto out_freeiov; 1745 goto out_freeiov;
1746 ctl_len = msg_sys.msg_controllen; 1746 ctl_len = msg_sys.msg_controllen;
1747 if ((MSG_CMSG_COMPAT & flags) && ctl_len) { 1747 if ((MSG_CMSG_COMPAT & flags) && ctl_len) {
1748 err = cmsghdr_from_user_compat_to_kern(&msg_sys, ctl, sizeof(ctl)); 1748 err = cmsghdr_from_user_compat_to_kern(&msg_sys, sock->sk, ctl, sizeof(ctl));
1749 if (err) 1749 if (err)
1750 goto out_freeiov; 1750 goto out_freeiov;
1751 ctl_buf = msg_sys.msg_control; 1751 ctl_buf = msg_sys.msg_control;
1752 ctl_len = msg_sys.msg_controllen;
1752 } else if (ctl_len) { 1753 } else if (ctl_len) {
1753 if (ctl_len > sizeof(ctl)) 1754 if (ctl_len > sizeof(ctl))
1754 { 1755 {
diff --git a/net/sunrpc/auth_gss/svcauth_gss.c b/net/sunrpc/auth_gss/svcauth_gss.c
index 5c8fe3bfc494..e3308195374e 100644
--- a/net/sunrpc/auth_gss/svcauth_gss.c
+++ b/net/sunrpc/auth_gss/svcauth_gss.c
@@ -250,6 +250,7 @@ out:
250} 250}
251 251
252static struct cache_detail rsi_cache = { 252static struct cache_detail rsi_cache = {
253 .owner = THIS_MODULE,
253 .hash_size = RSI_HASHMAX, 254 .hash_size = RSI_HASHMAX,
254 .hash_table = rsi_table, 255 .hash_table = rsi_table,
255 .name = "auth.rpcsec.init", 256 .name = "auth.rpcsec.init",
@@ -436,6 +437,7 @@ out:
436} 437}
437 438
438static struct cache_detail rsc_cache = { 439static struct cache_detail rsc_cache = {
440 .owner = THIS_MODULE,
439 .hash_size = RSC_HASHMAX, 441 .hash_size = RSC_HASHMAX,
440 .hash_table = rsc_table, 442 .hash_table = rsc_table,
441 .name = "auth.rpcsec.context", 443 .name = "auth.rpcsec.context",
@@ -1074,7 +1076,9 @@ gss_svc_init(void)
1074void 1076void
1075gss_svc_shutdown(void) 1077gss_svc_shutdown(void)
1076{ 1078{
1077 cache_unregister(&rsc_cache); 1079 if (cache_unregister(&rsc_cache))
1078 cache_unregister(&rsi_cache); 1080 printk(KERN_ERR "auth_rpcgss: failed to unregister rsc cache\n");
1081 if (cache_unregister(&rsi_cache))
1082 printk(KERN_ERR "auth_rpcgss: failed to unregister rsi cache\n");
1079 svc_auth_unregister(RPC_AUTH_GSS); 1083 svc_auth_unregister(RPC_AUTH_GSS);
1080} 1084}
diff --git a/net/sunrpc/cache.c b/net/sunrpc/cache.c
index 900f5bc7e336..f509e9992767 100644
--- a/net/sunrpc/cache.c
+++ b/net/sunrpc/cache.c
@@ -177,7 +177,7 @@ void cache_register(struct cache_detail *cd)
177 cd->proc_ent = proc_mkdir(cd->name, proc_net_rpc); 177 cd->proc_ent = proc_mkdir(cd->name, proc_net_rpc);
178 if (cd->proc_ent) { 178 if (cd->proc_ent) {
179 struct proc_dir_entry *p; 179 struct proc_dir_entry *p;
180 cd->proc_ent->owner = THIS_MODULE; 180 cd->proc_ent->owner = cd->owner;
181 cd->channel_ent = cd->content_ent = NULL; 181 cd->channel_ent = cd->content_ent = NULL;
182 182
183 p = create_proc_entry("flush", S_IFREG|S_IRUSR|S_IWUSR, 183 p = create_proc_entry("flush", S_IFREG|S_IRUSR|S_IWUSR,
@@ -185,7 +185,7 @@ void cache_register(struct cache_detail *cd)
185 cd->flush_ent = p; 185 cd->flush_ent = p;
186 if (p) { 186 if (p) {
187 p->proc_fops = &cache_flush_operations; 187 p->proc_fops = &cache_flush_operations;
188 p->owner = THIS_MODULE; 188 p->owner = cd->owner;
189 p->data = cd; 189 p->data = cd;
190 } 190 }
191 191
@@ -195,7 +195,7 @@ void cache_register(struct cache_detail *cd)
195 cd->channel_ent = p; 195 cd->channel_ent = p;
196 if (p) { 196 if (p) {
197 p->proc_fops = &cache_file_operations; 197 p->proc_fops = &cache_file_operations;
198 p->owner = THIS_MODULE; 198 p->owner = cd->owner;
199 p->data = cd; 199 p->data = cd;
200 } 200 }
201 } 201 }
@@ -205,7 +205,7 @@ void cache_register(struct cache_detail *cd)
205 cd->content_ent = p; 205 cd->content_ent = p;
206 if (p) { 206 if (p) {
207 p->proc_fops = &content_file_operations; 207 p->proc_fops = &content_file_operations;
208 p->owner = THIS_MODULE; 208 p->owner = cd->owner;
209 p->data = cd; 209 p->data = cd;
210 } 210 }
211 } 211 }
diff --git a/net/sunrpc/stats.c b/net/sunrpc/stats.c
index 9b67dc19944c..4979f226e285 100644
--- a/net/sunrpc/stats.c
+++ b/net/sunrpc/stats.c
@@ -35,13 +35,13 @@ static int rpc_proc_show(struct seq_file *seq, void *v) {
35 int i, j; 35 int i, j;
36 36
37 seq_printf(seq, 37 seq_printf(seq,
38 "net %d %d %d %d\n", 38 "net %u %u %u %u\n",
39 statp->netcnt, 39 statp->netcnt,
40 statp->netudpcnt, 40 statp->netudpcnt,
41 statp->nettcpcnt, 41 statp->nettcpcnt,
42 statp->nettcpconn); 42 statp->nettcpconn);
43 seq_printf(seq, 43 seq_printf(seq,
44 "rpc %d %d %d\n", 44 "rpc %u %u %u\n",
45 statp->rpccnt, 45 statp->rpccnt,
46 statp->rpcretrans, 46 statp->rpcretrans,
47 statp->rpcauthrefresh); 47 statp->rpcauthrefresh);
@@ -50,10 +50,10 @@ static int rpc_proc_show(struct seq_file *seq, void *v) {
50 const struct rpc_version *vers = prog->version[i]; 50 const struct rpc_version *vers = prog->version[i];
51 if (!vers) 51 if (!vers)
52 continue; 52 continue;
53 seq_printf(seq, "proc%d %d", 53 seq_printf(seq, "proc%u %u",
54 vers->number, vers->nrprocs); 54 vers->number, vers->nrprocs);
55 for (j = 0; j < vers->nrprocs; j++) 55 for (j = 0; j < vers->nrprocs; j++)
56 seq_printf(seq, " %d", 56 seq_printf(seq, " %u",
57 vers->procs[j].p_count); 57 vers->procs[j].p_count);
58 seq_putc(seq, '\n'); 58 seq_putc(seq, '\n');
59 } 59 }
@@ -83,13 +83,13 @@ void svc_seq_show(struct seq_file *seq, const struct svc_stat *statp) {
83 int i, j; 83 int i, j;
84 84
85 seq_printf(seq, 85 seq_printf(seq,
86 "net %d %d %d %d\n", 86 "net %u %u %u %u\n",
87 statp->netcnt, 87 statp->netcnt,
88 statp->netudpcnt, 88 statp->netudpcnt,
89 statp->nettcpcnt, 89 statp->nettcpcnt,
90 statp->nettcpconn); 90 statp->nettcpconn);
91 seq_printf(seq, 91 seq_printf(seq,
92 "rpc %d %d %d %d %d\n", 92 "rpc %u %u %u %u %u\n",
93 statp->rpccnt, 93 statp->rpccnt,
94 statp->rpcbadfmt+statp->rpcbadauth+statp->rpcbadclnt, 94 statp->rpcbadfmt+statp->rpcbadauth+statp->rpcbadclnt,
95 statp->rpcbadfmt, 95 statp->rpcbadfmt,
@@ -99,9 +99,9 @@ void svc_seq_show(struct seq_file *seq, const struct svc_stat *statp) {
99 for (i = 0; i < prog->pg_nvers; i++) { 99 for (i = 0; i < prog->pg_nvers; i++) {
100 if (!(vers = prog->pg_vers[i]) || !(proc = vers->vs_proc)) 100 if (!(vers = prog->pg_vers[i]) || !(proc = vers->vs_proc))
101 continue; 101 continue;
102 seq_printf(seq, "proc%d %d", i, vers->vs_nproc); 102 seq_printf(seq, "proc%d %u", i, vers->vs_nproc);
103 for (j = 0; j < vers->vs_nproc; j++, proc++) 103 for (j = 0; j < vers->vs_nproc; j++, proc++)
104 seq_printf(seq, " %d", proc->pc_count); 104 seq_printf(seq, " %u", proc->pc_count);
105 seq_putc(seq, '\n'); 105 seq_putc(seq, '\n');
106 } 106 }
107} 107}
diff --git a/net/sunrpc/sunrpc_syms.c b/net/sunrpc/sunrpc_syms.c
index 62a073495276..ed48ff022d35 100644
--- a/net/sunrpc/sunrpc_syms.c
+++ b/net/sunrpc/sunrpc_syms.c
@@ -176,8 +176,10 @@ cleanup_sunrpc(void)
176{ 176{
177 unregister_rpc_pipefs(); 177 unregister_rpc_pipefs();
178 rpc_destroy_mempool(); 178 rpc_destroy_mempool();
179 cache_unregister(&auth_domain_cache); 179 if (cache_unregister(&auth_domain_cache))
180 cache_unregister(&ip_map_cache); 180 printk(KERN_ERR "sunrpc: failed to unregister auth_domain cache\n");
181 if (cache_unregister(&ip_map_cache))
182 printk(KERN_ERR "sunrpc: failed to unregister ip_map cache\n");
181#ifdef RPC_DEBUG 183#ifdef RPC_DEBUG
182 rpc_unregister_sysctl(); 184 rpc_unregister_sysctl();
183#endif 185#endif
diff --git a/net/sunrpc/svcauth.c b/net/sunrpc/svcauth.c
index bde8147ef2db..dda4f0c63511 100644
--- a/net/sunrpc/svcauth.c
+++ b/net/sunrpc/svcauth.c
@@ -143,6 +143,7 @@ static void auth_domain_drop(struct cache_head *item, struct cache_detail *cd)
143 143
144 144
145struct cache_detail auth_domain_cache = { 145struct cache_detail auth_domain_cache = {
146 .owner = THIS_MODULE,
146 .hash_size = DN_HASHMAX, 147 .hash_size = DN_HASHMAX,
147 .hash_table = auth_domain_table, 148 .hash_table = auth_domain_table,
148 .name = "auth.domain", 149 .name = "auth.domain",
diff --git a/net/sunrpc/svcauth_unix.c b/net/sunrpc/svcauth_unix.c
index d6baf6fdf8a9..cac2e774dd81 100644
--- a/net/sunrpc/svcauth_unix.c
+++ b/net/sunrpc/svcauth_unix.c
@@ -242,6 +242,7 @@ static int ip_map_show(struct seq_file *m,
242 242
243 243
244struct cache_detail ip_map_cache = { 244struct cache_detail ip_map_cache = {
245 .owner = THIS_MODULE,
245 .hash_size = IP_HASHMAX, 246 .hash_size = IP_HASHMAX,
246 .hash_table = ip_table, 247 .hash_table = ip_table,
247 .name = "auth.unix.ip", 248 .name = "auth.unix.ip",
generated by cgit v1.2.2 (git 2.25.0) at 2025-01-29 09:30:35 -0500