aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
Diffstat (limited to 'net')
-rw-r--r--net/appletalk/ddp.c2
-rw-r--r--net/batman-adv/routing.c11
-rw-r--r--net/core/datagram.c22
-rw-r--r--net/ipv4/tcp_ipv4.c1
-rw-r--r--net/mac802154/mac802154.h2
-rw-r--r--net/netfilter/ipvs/ip_vs_pe_sip.c6
-rw-r--r--net/netrom/af_netrom.c2
-rw-r--r--net/nfc/llcp_sock.c5
-rw-r--r--net/unix/af_unix.c25
-rw-r--r--net/vmw_vsock/af_vsock.c4
10 files changed, 42 insertions, 38 deletions
diff --git a/net/appletalk/ddp.c b/net/appletalk/ddp.c
index 4a141e3cf076..ef12839a7cfe 100644
--- a/net/appletalk/ddp.c
+++ b/net/appletalk/ddp.c
@@ -1253,7 +1253,7 @@ static int atalk_getname(struct socket *sock, struct sockaddr *uaddr,
1253 goto out; 1253 goto out;
1254 1254
1255 *uaddr_len = sizeof(struct sockaddr_at); 1255 *uaddr_len = sizeof(struct sockaddr_at);
1256 memset(&sat.sat_zero, 0, sizeof(sat.sat_zero)); 1256 memset(&sat, 0, sizeof(sat));
1257 1257
1258 if (peer) { 1258 if (peer) {
1259 err = -ENOTCONN; 1259 err = -ENOTCONN;
diff --git a/net/batman-adv/routing.c b/net/batman-adv/routing.c
index 2f1f88923df8..b27a4d792d15 100644
--- a/net/batman-adv/routing.c
+++ b/net/batman-adv/routing.c
@@ -939,7 +939,7 @@ out:
939} 939}
940 940
941static int batadv_check_unicast_ttvn(struct batadv_priv *bat_priv, 941static int batadv_check_unicast_ttvn(struct batadv_priv *bat_priv,
942 struct sk_buff *skb) { 942 struct sk_buff *skb, int hdr_len) {
943 uint8_t curr_ttvn, old_ttvn; 943 uint8_t curr_ttvn, old_ttvn;
944 struct batadv_orig_node *orig_node; 944 struct batadv_orig_node *orig_node;
945 struct ethhdr *ethhdr; 945 struct ethhdr *ethhdr;
@@ -948,7 +948,7 @@ static int batadv_check_unicast_ttvn(struct batadv_priv *bat_priv,
948 int is_old_ttvn; 948 int is_old_ttvn;
949 949
950 /* check if there is enough data before accessing it */ 950 /* check if there is enough data before accessing it */
951 if (pskb_may_pull(skb, sizeof(*unicast_packet) + ETH_HLEN) < 0) 951 if (pskb_may_pull(skb, hdr_len + ETH_HLEN) < 0)
952 return 0; 952 return 0;
953 953
954 /* create a copy of the skb (in case of for re-routing) to modify it. */ 954 /* create a copy of the skb (in case of for re-routing) to modify it. */
@@ -956,7 +956,7 @@ static int batadv_check_unicast_ttvn(struct batadv_priv *bat_priv,
956 return 0; 956 return 0;
957 957
958 unicast_packet = (struct batadv_unicast_packet *)skb->data; 958 unicast_packet = (struct batadv_unicast_packet *)skb->data;
959 ethhdr = (struct ethhdr *)(skb->data + sizeof(*unicast_packet)); 959 ethhdr = (struct ethhdr *)(skb->data + hdr_len);
960 960
961 /* check if the destination client was served by this node and it is now 961 /* check if the destination client was served by this node and it is now
962 * roaming. In this case, it means that the node has got a ROAM_ADV 962 * roaming. In this case, it means that the node has got a ROAM_ADV
@@ -1072,8 +1072,7 @@ int batadv_recv_unicast_packet(struct sk_buff *skb,
1072 1072
1073 if (check < 0) 1073 if (check < 0)
1074 return NET_RX_DROP; 1074 return NET_RX_DROP;
1075 1075 if (!batadv_check_unicast_ttvn(bat_priv, skb, hdr_size))
1076 if (!batadv_check_unicast_ttvn(bat_priv, skb))
1077 return NET_RX_DROP; 1076 return NET_RX_DROP;
1078 1077
1079 /* packet for me */ 1078 /* packet for me */
@@ -1117,7 +1116,7 @@ int batadv_recv_ucast_frag_packet(struct sk_buff *skb,
1117 if (batadv_check_unicast_packet(bat_priv, skb, hdr_size) < 0) 1116 if (batadv_check_unicast_packet(bat_priv, skb, hdr_size) < 0)
1118 return NET_RX_DROP; 1117 return NET_RX_DROP;
1119 1118
1120 if (!batadv_check_unicast_ttvn(bat_priv, skb)) 1119 if (!batadv_check_unicast_ttvn(bat_priv, skb, hdr_size))
1121 return NET_RX_DROP; 1120 return NET_RX_DROP;
1122 1121
1123 unicast_packet = (struct batadv_unicast_frag_packet *)skb->data; 1122 unicast_packet = (struct batadv_unicast_frag_packet *)skb->data;
diff --git a/net/core/datagram.c b/net/core/datagram.c
index ebba65d7e0da..b71423db7785 100644
--- a/net/core/datagram.c
+++ b/net/core/datagram.c
@@ -78,9 +78,10 @@ static int receiver_wake_function(wait_queue_t *wait, unsigned int mode, int syn
78 return autoremove_wake_function(wait, mode, sync, key); 78 return autoremove_wake_function(wait, mode, sync, key);
79} 79}
80/* 80/*
81 * Wait for a packet.. 81 * Wait for the last received packet to be different from skb
82 */ 82 */
83static int wait_for_packet(struct sock *sk, int *err, long *timeo_p) 83static int wait_for_more_packets(struct sock *sk, int *err, long *timeo_p,
84 const struct sk_buff *skb)
84{ 85{
85 int error; 86 int error;
86 DEFINE_WAIT_FUNC(wait, receiver_wake_function); 87 DEFINE_WAIT_FUNC(wait, receiver_wake_function);
@@ -92,7 +93,7 @@ static int wait_for_packet(struct sock *sk, int *err, long *timeo_p)
92 if (error) 93 if (error)
93 goto out_err; 94 goto out_err;
94 95
95 if (!skb_queue_empty(&sk->sk_receive_queue)) 96 if (sk->sk_receive_queue.prev != skb)
96 goto out; 97 goto out;
97 98
98 /* Socket shut down? */ 99 /* Socket shut down? */
@@ -131,9 +132,9 @@ out_noerr:
131 * __skb_recv_datagram - Receive a datagram skbuff 132 * __skb_recv_datagram - Receive a datagram skbuff
132 * @sk: socket 133 * @sk: socket
133 * @flags: MSG_ flags 134 * @flags: MSG_ flags
135 * @peeked: returns non-zero if this packet has been seen before
134 * @off: an offset in bytes to peek skb from. Returns an offset 136 * @off: an offset in bytes to peek skb from. Returns an offset
135 * within an skb where data actually starts 137 * within an skb where data actually starts
136 * @peeked: returns non-zero if this packet has been seen before
137 * @err: error code returned 138 * @err: error code returned
138 * 139 *
139 * Get a datagram skbuff, understands the peeking, nonblocking wakeups 140 * Get a datagram skbuff, understands the peeking, nonblocking wakeups
@@ -161,7 +162,7 @@ out_noerr:
161struct sk_buff *__skb_recv_datagram(struct sock *sk, unsigned int flags, 162struct sk_buff *__skb_recv_datagram(struct sock *sk, unsigned int flags,
162 int *peeked, int *off, int *err) 163 int *peeked, int *off, int *err)
163{ 164{
164 struct sk_buff *skb; 165 struct sk_buff *skb, *last;
165 long timeo; 166 long timeo;
166 /* 167 /*
167 * Caller is allowed not to check sk->sk_err before skb_recv_datagram() 168 * Caller is allowed not to check sk->sk_err before skb_recv_datagram()
@@ -182,13 +183,17 @@ struct sk_buff *__skb_recv_datagram(struct sock *sk, unsigned int flags,
182 */ 183 */
183 unsigned long cpu_flags; 184 unsigned long cpu_flags;
184 struct sk_buff_head *queue = &sk->sk_receive_queue; 185 struct sk_buff_head *queue = &sk->sk_receive_queue;
186 int _off = *off;
185 187
188 last = (struct sk_buff *)queue;
186 spin_lock_irqsave(&queue->lock, cpu_flags); 189 spin_lock_irqsave(&queue->lock, cpu_flags);
187 skb_queue_walk(queue, skb) { 190 skb_queue_walk(queue, skb) {
191 last = skb;
188 *peeked = skb->peeked; 192 *peeked = skb->peeked;
189 if (flags & MSG_PEEK) { 193 if (flags & MSG_PEEK) {
190 if (*off >= skb->len && skb->len) { 194 if (_off >= skb->len && (skb->len || _off ||
191 *off -= skb->len; 195 skb->peeked)) {
196 _off -= skb->len;
192 continue; 197 continue;
193 } 198 }
194 skb->peeked = 1; 199 skb->peeked = 1;
@@ -197,6 +202,7 @@ struct sk_buff *__skb_recv_datagram(struct sock *sk, unsigned int flags,
197 __skb_unlink(skb, queue); 202 __skb_unlink(skb, queue);
198 203
199 spin_unlock_irqrestore(&queue->lock, cpu_flags); 204 spin_unlock_irqrestore(&queue->lock, cpu_flags);
205 *off = _off;
200 return skb; 206 return skb;
201 } 207 }
202 spin_unlock_irqrestore(&queue->lock, cpu_flags); 208 spin_unlock_irqrestore(&queue->lock, cpu_flags);
@@ -206,7 +212,7 @@ struct sk_buff *__skb_recv_datagram(struct sock *sk, unsigned int flags,
206 if (!timeo) 212 if (!timeo)
207 goto no_packet; 213 goto no_packet;
208 214
209 } while (!wait_for_packet(sk, err, &timeo)); 215 } while (!wait_for_more_packets(sk, err, &timeo, last));
210 216
211 return NULL; 217 return NULL;
212 218
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
index 8ea975164596..d979657b8a12 100644
--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c
@@ -1927,6 +1927,7 @@ bool tcp_prequeue(struct sock *sk, struct sk_buff *skb)
1927 skb_queue_len(&tp->ucopy.prequeue) == 0) 1927 skb_queue_len(&tp->ucopy.prequeue) == 0)
1928 return false; 1928 return false;
1929 1929
1930 skb_dst_force(skb);
1930 __skb_queue_tail(&tp->ucopy.prequeue, skb); 1931 __skb_queue_tail(&tp->ucopy.prequeue, skb);
1931 tp->ucopy.memory += skb->truesize; 1932 tp->ucopy.memory += skb->truesize;
1932 if (tp->ucopy.memory > sk->sk_rcvbuf) { 1933 if (tp->ucopy.memory > sk->sk_rcvbuf) {
diff --git a/net/mac802154/mac802154.h b/net/mac802154/mac802154.h
index 5c9e021994ba..d48422e27110 100644
--- a/net/mac802154/mac802154.h
+++ b/net/mac802154/mac802154.h
@@ -88,7 +88,7 @@ struct mac802154_sub_if_data {
88 88
89#define mac802154_to_priv(_hw) container_of(_hw, struct mac802154_priv, hw) 89#define mac802154_to_priv(_hw) container_of(_hw, struct mac802154_priv, hw)
90 90
91#define MAC802154_CHAN_NONE (~(u8)0) /* No channel is assigned */ 91#define MAC802154_CHAN_NONE 0xff /* No channel is assigned */
92 92
93extern struct ieee802154_reduced_mlme_ops mac802154_mlme_reduced; 93extern struct ieee802154_reduced_mlme_ops mac802154_mlme_reduced;
94extern struct ieee802154_mlme_ops mac802154_mlme_wpan; 94extern struct ieee802154_mlme_ops mac802154_mlme_wpan;
diff --git a/net/netfilter/ipvs/ip_vs_pe_sip.c b/net/netfilter/ipvs/ip_vs_pe_sip.c
index 9a8f4213e8a6..9ef22bdce9f1 100644
--- a/net/netfilter/ipvs/ip_vs_pe_sip.c
+++ b/net/netfilter/ipvs/ip_vs_pe_sip.c
@@ -38,14 +38,10 @@ static int get_callid(const char *dptr, unsigned int dataoff,
38 if (ret > 0) 38 if (ret > 0)
39 break; 39 break;
40 if (!ret) 40 if (!ret)
41 return 0; 41 return -EINVAL;
42 dataoff += *matchoff; 42 dataoff += *matchoff;
43 } 43 }
44 44
45 /* Empty callid is useless */
46 if (!*matchlen)
47 return -EINVAL;
48
49 /* Too large is useless */ 45 /* Too large is useless */
50 if (*matchlen > IP_VS_PEDATA_MAXLEN) 46 if (*matchlen > IP_VS_PEDATA_MAXLEN)
51 return -EINVAL; 47 return -EINVAL;
diff --git a/net/netrom/af_netrom.c b/net/netrom/af_netrom.c
index 103bd704b5fc..ec0c80fde69f 100644
--- a/net/netrom/af_netrom.c
+++ b/net/netrom/af_netrom.c
@@ -834,6 +834,8 @@ static int nr_getname(struct socket *sock, struct sockaddr *uaddr,
834 struct sock *sk = sock->sk; 834 struct sock *sk = sock->sk;
835 struct nr_sock *nr = nr_sk(sk); 835 struct nr_sock *nr = nr_sk(sk);
836 836
837 memset(&sax->fsa_ax25, 0, sizeof(struct sockaddr_ax25));
838
837 lock_sock(sk); 839 lock_sock(sk);
838 if (peer != 0) { 840 if (peer != 0) {
839 if (sk->sk_state != TCP_ESTABLISHED) { 841 if (sk->sk_state != TCP_ESTABLISHED) {
diff --git a/net/nfc/llcp_sock.c b/net/nfc/llcp_sock.c
index 38f08c31cdd8..380253eccb74 100644
--- a/net/nfc/llcp_sock.c
+++ b/net/nfc/llcp_sock.c
@@ -508,12 +508,13 @@ static int llcp_sock_getname(struct socket *sock, struct sockaddr *uaddr,
508 pr_debug("%p %d %d %d\n", sk, llcp_sock->target_idx, 508 pr_debug("%p %d %d %d\n", sk, llcp_sock->target_idx,
509 llcp_sock->dsap, llcp_sock->ssap); 509 llcp_sock->dsap, llcp_sock->ssap);
510 510
511 uaddr->sa_family = AF_NFC; 511 memset(llcp_addr, 0, sizeof(*llcp_addr));
512
513 *len = sizeof(struct sockaddr_nfc_llcp); 512 *len = sizeof(struct sockaddr_nfc_llcp);
514 513
514 llcp_addr->sa_family = AF_NFC;
515 llcp_addr->dev_idx = llcp_sock->dev->idx; 515 llcp_addr->dev_idx = llcp_sock->dev->idx;
516 llcp_addr->target_idx = llcp_sock->target_idx; 516 llcp_addr->target_idx = llcp_sock->target_idx;
517 llcp_addr->nfc_protocol = llcp_sock->nfc_protocol;
517 llcp_addr->dsap = llcp_sock->dsap; 518 llcp_addr->dsap = llcp_sock->dsap;
518 llcp_addr->ssap = llcp_sock->ssap; 519 llcp_addr->ssap = llcp_sock->ssap;
519 llcp_addr->service_name_len = llcp_sock->service_name_len; 520 llcp_addr->service_name_len = llcp_sock->service_name_len;
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
index 9efe01113c5c..826e09938bff 100644
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -1858,10 +1858,10 @@ out:
1858} 1858}
1859 1859
1860/* 1860/*
1861 * Sleep until data has arrive. But check for races.. 1861 * Sleep until more data has arrived. But check for races..
1862 */ 1862 */
1863 1863static long unix_stream_data_wait(struct sock *sk, long timeo,
1864static long unix_stream_data_wait(struct sock *sk, long timeo) 1864 struct sk_buff *last)
1865{ 1865{
1866 DEFINE_WAIT(wait); 1866 DEFINE_WAIT(wait);
1867 1867
@@ -1870,7 +1870,7 @@ static long unix_stream_data_wait(struct sock *sk, long timeo)
1870 for (;;) { 1870 for (;;) {
1871 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE); 1871 prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
1872 1872
1873 if (!skb_queue_empty(&sk->sk_receive_queue) || 1873 if (skb_peek_tail(&sk->sk_receive_queue) != last ||
1874 sk->sk_err || 1874 sk->sk_err ||
1875 (sk->sk_shutdown & RCV_SHUTDOWN) || 1875 (sk->sk_shutdown & RCV_SHUTDOWN) ||
1876 signal_pending(current) || 1876 signal_pending(current) ||
@@ -1889,8 +1889,6 @@ static long unix_stream_data_wait(struct sock *sk, long timeo)
1889 return timeo; 1889 return timeo;
1890} 1890}
1891 1891
1892
1893
1894static int unix_stream_recvmsg(struct kiocb *iocb, struct socket *sock, 1892static int unix_stream_recvmsg(struct kiocb *iocb, struct socket *sock,
1895 struct msghdr *msg, size_t size, 1893 struct msghdr *msg, size_t size,
1896 int flags) 1894 int flags)
@@ -1935,14 +1933,12 @@ static int unix_stream_recvmsg(struct kiocb *iocb, struct socket *sock,
1935 goto out; 1933 goto out;
1936 } 1934 }
1937 1935
1938 skip = sk_peek_offset(sk, flags);
1939
1940 do { 1936 do {
1941 int chunk; 1937 int chunk;
1942 struct sk_buff *skb; 1938 struct sk_buff *skb, *last;
1943 1939
1944 unix_state_lock(sk); 1940 unix_state_lock(sk);
1945 skb = skb_peek(&sk->sk_receive_queue); 1941 last = skb = skb_peek(&sk->sk_receive_queue);
1946again: 1942again:
1947 if (skb == NULL) { 1943 if (skb == NULL) {
1948 unix_sk(sk)->recursion_level = 0; 1944 unix_sk(sk)->recursion_level = 0;
@@ -1965,7 +1961,7 @@ again:
1965 break; 1961 break;
1966 mutex_unlock(&u->readlock); 1962 mutex_unlock(&u->readlock);
1967 1963
1968 timeo = unix_stream_data_wait(sk, timeo); 1964 timeo = unix_stream_data_wait(sk, timeo, last);
1969 1965
1970 if (signal_pending(current) 1966 if (signal_pending(current)
1971 || mutex_lock_interruptible(&u->readlock)) { 1967 || mutex_lock_interruptible(&u->readlock)) {
@@ -1979,10 +1975,13 @@ again:
1979 break; 1975 break;
1980 } 1976 }
1981 1977
1982 if (skip >= skb->len) { 1978 skip = sk_peek_offset(sk, flags);
1979 while (skip >= skb->len) {
1983 skip -= skb->len; 1980 skip -= skb->len;
1981 last = skb;
1984 skb = skb_peek_next(skb, &sk->sk_receive_queue); 1982 skb = skb_peek_next(skb, &sk->sk_receive_queue);
1985 goto again; 1983 if (!skb)
1984 goto again;
1986 } 1985 }
1987 1986
1988 unix_state_unlock(sk); 1987 unix_state_unlock(sk);
diff --git a/net/vmw_vsock/af_vsock.c b/net/vmw_vsock/af_vsock.c
index 7f93e2a42d7a..3f77f42a3b58 100644
--- a/net/vmw_vsock/af_vsock.c
+++ b/net/vmw_vsock/af_vsock.c
@@ -165,7 +165,7 @@ static struct list_head vsock_bind_table[VSOCK_HASH_SIZE + 1];
165static struct list_head vsock_connected_table[VSOCK_HASH_SIZE]; 165static struct list_head vsock_connected_table[VSOCK_HASH_SIZE];
166static DEFINE_SPINLOCK(vsock_table_lock); 166static DEFINE_SPINLOCK(vsock_table_lock);
167 167
168static __init void vsock_init_tables(void) 168static void vsock_init_tables(void)
169{ 169{
170 int i; 170 int i;
171 171
@@ -1932,7 +1932,6 @@ static const struct file_operations vsock_device_ops = {
1932 1932
1933static struct miscdevice vsock_device = { 1933static struct miscdevice vsock_device = {
1934 .name = "vsock", 1934 .name = "vsock",
1935 .minor = MISC_DYNAMIC_MINOR,
1936 .fops = &vsock_device_ops, 1935 .fops = &vsock_device_ops,
1937}; 1936};
1938 1937
@@ -1942,6 +1941,7 @@ static int __vsock_core_init(void)
1942 1941
1943 vsock_init_tables(); 1942 vsock_init_tables();
1944 1943
1944 vsock_device.minor = MISC_DYNAMIC_MINOR;
1945 err = misc_register(&vsock_device); 1945 err = misc_register(&vsock_device);
1946 if (err) { 1946 if (err) {
1947 pr_err("Failed to register misc device\n"); 1947 pr_err("Failed to register misc device\n");