aboutsummaryrefslogtreecommitdiffstats
path: root/net
Commit message (Collapse)AuthorAge
* [IPV6] mcast: Fix multiple issues in MLDv2 reports.David L Stevens2005-12-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The below "jumbo" patch fixes the following problems in MLDv2. 1) Add necessary "ntohs" to recent "pskb_may_pull" check [breaks all nonzero source queries on little-endian (!)] 2) Add locking to source filter list [resend of prior patch] 3) fix "mld_marksources()" to a) send nothing when all queried sources are excluded b) send full exclude report when source queried sources are not excluded c) don't schedule a timer when there's nothing to report NOTE: RFC 3810 specifies the source list should be saved and each source reported individually as an IS_IN. This is an obvious DOS path, requiring the host to store and then multicast as many sources as are queried (e.g., millions...). This alternative sends a full, relevant report that's limited to number of sources present on the machine. 4) fix "add_grec()" to send empty-source records when it should The original check doesn't account for a non-empty source list with all sources inactive; the new code keeps that short-circuit case, and also generates the group header with an empty list if needed. 5) fix mca_crcount decrement to be after add_grec(), which needs its original value These issues (other than item #1 ;-) ) were all found by Yan Zheng, much thanks! Signed-off-by: David L Stevens <dlstevens@us.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NET]: Validate socket filters against BPF_MAXINSNS in one spot.David S. Miller2005-12-27
| | | | | | | | | Currently the checks are scattered all over and this leads to inconsistencies and even cases where the check is not made. Based upon a patch from Kris Katterjohn. Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPV6]: Fix addrconf dead lock.YOSHIFUJI Hideaki2005-12-27
| | | | | | | | | | We need to release idev->lcok before we call addrconf_dad_stop(). It calls ipv6_addr_del(), which will hold idev->lock. Bug spotted by Yasuyuki KOZAKAI <yasuyuki.kozakai@toshiba.co.jp>. Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [BR_NETFILTER]: Fix leak if skb traverses > 1 bridgeDavid Kimdon2005-12-26
| | | | | | | | | | Call nf_bridge_put() before allocating a new nf_bridge structure and potentially overwriting the pointer to a previously allocated one. This fixes a memory leak which can occur when the bridge topology allows for an skb to traverse more than one bridge. Signed-off-by: David Kimdon <david.kimdon@devicescape.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPV6]: Increase default MLD_MAX_MSF to 64.David L Stevens2005-12-26
| | | | | | | The existing default of 10 is just way too low. Signed-off-by: David L Stevens <dlstevens@us.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPV6]: Fix Temporary Address GenerationHiroyuki YAMAMORI2005-12-23
| | | | | | | | | | | From: Hiroyuki YAMAMORI <h-yamamo@db3.so-net.ne.jp> Since regen_count is stored in the public address, we need to reset it when we start renewing temporary address. Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPV6]: Fix dead lock.YOSHIFUJI Hideaki2005-12-23
| | | | | | | | We need to relesae ifp->lock before we call addrconf_dad_stop(), which will hold ifp->lock. Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* Merge git://git.skbuff.net/gitroot/yoshfuji/linux-2.6.14+git+ipv6-fix-20051221aDavid S. Miller2005-12-22
|\
| * [IPV6]: Don't select a tentative address as a source address.YOSHIFUJI Hideaki2005-12-21
| | | | | | | | | | | | | | | | A tentative address is not considered "assigned to an interface" in the traditional sense (RFC2462 Section 4). Don't try to select such an address for the source address. Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
| * [IPV6]: Run DAD when the link becomes ready.YOSHIFUJI Hideaki2005-12-21
| | | | | | | | | | | | | | If the link was not available when the interface was created, run DAD for pending tentative addresses when the link becomes ready. Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
| * [IPV6]: Defer IPv6 device initialization until the link becomes ready.YOSHIFUJI Hideaki2005-12-21
| | | | | | | | | | | | | | | | NETDEV_UP might be sent even if the link attached to the interface was not ready. DAD does not make sense in such case, so we won't do so. After interface Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
| * [IPV6]: Try not to send icmp to anycast address.YOSHIFUJI Hideaki2005-12-21
| | | | | | | | Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
| * [IPV6]: Flag RTF_ANYCAST for anycast routes.YOSHIFUJI Hideaki2005-12-21
| | | | | | | | Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
* | [IPSEC]: Fix policy updates missed by socketsDavid S. Miller2005-12-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The problem is that when new policies are inserted, sockets do not see the update (but all new route lookups do). This bug is related to the SA insertion stale route issue solved recently, and this policy visibility problem can be fixed in a similar way. The fix is to flush out the bundles of all policies deeper than the policy being inserted. Consider beginning state of "outgoing" direction policy list: policy A --> policy B --> policy C --> policy D First, realize that inserting a policy into a list only potentially changes IPSEC routes for that direction. Therefore we need not bother considering the policies for other directions. We need only consider the existing policies in the list we are doing the inserting. Consider new policy "B'", inserted after B. policy A --> policy B --> policy B' --> policy C --> policy D Two rules: 1) If policy A or policy B matched before the insertion, they appear before B' and thus would still match after inserting B' 2) Policy C and D, now "shadowed" and after policy B', potentially contain stale routes because policy B' might be selected instead of them. Therefore we only need flush routes assosciated with policies appearing after a newly inserted policy, if any. Signed-off-by: David S. Miller <davem@davemloft.net>
* | [DCCP]: Comment typoIan McDonald2005-12-21
| | | | | | | | | | | | | | | | I hope to actually change this behaviour shortly but this will help anybody grepping code at present. Signed-off-by: Ian McDonald <imcdnzl@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [IPV6]: Fix address deletionKristian Slavov2005-12-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If you add more than one IPv6 address belonging to the same prefix and delete the address that was last added, routing table entry for that prefix is also deleted. Tested on 2.6.14.4 To reproduce: ip addr add 3ffe::1/64 dev eth0 ip addr add 3ffe::2/64 dev eth0 /* wait DAD */ sleep 1 ip addr del 3ffe::2/64 dev eth0 ip -6 route (route to 3ffe::/64 should be gone) In ipv6_del_addr(), if ifa == ifp, we set ifa->if_next to NULL, and later assign ifap = &ifa->if_next, effectively terminating the for-loop. This prevents us from checking if there are other addresses using the same prefix that are valid, and thus resulting in deletion of the prefix. This applies only if the first entry in idev->addr_list is the address to be deleted. Signed-off-by: Kristian Slavov <kristian.slavov@nomadiclab.com> Acked-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [VLAN]: Add two missing checks to vlan_ioctl_handler()Mika Kukkonen2005-12-21
| | | | | | | | | | | | | | | | In vlan_ioctl_handler() the code misses couple checks for error return values. Signed-off-by: Mika Kukkonen <mikukkon@iki.fi> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [NETROM]: Fix three if-statements in nr_state1_machine()Mika Kukkonen2005-12-21
|/ | | | | | | | | I found these while compiling with extra gcc warnings; considering the indenting surely they are not intentional? Signed-off-by: Mika Kukkonen <mikukkon@iki.fi> Signed-off-by: Ralf Baechle <ralf@linux-mips.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* SUNRPC: Fix "EPIPE" error on mount of rpcsec_gss-protected partitionsTrond Myklebust2005-12-19
| | | | | | | | gss_create_upcall() should not error just because rpc.gssd closed the pipe on its end. Instead, it should requeue the pending requests and then retry. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* RPC: Do not block on skb allocationTrond Myklebust2005-12-19
| | | | | | | | | | | | | | | | | | | | | | | | If we get something like the following, [ 125.300636] [<c04086e1>] schedule_timeout+0x54/0xa5 [ 125.305931] [<c040866e>] io_schedule_timeout+0x29/0x33 [ 125.311495] [<c02880c4>] blk_congestion_wait+0x70/0x85 [ 125.317058] [<c014136b>] throttle_vm_writeout+0x69/0x7d [ 125.322720] [<c014714d>] shrink_zone+0xe0/0xfa [ 125.327560] [<c01471d4>] shrink_caches+0x6d/0x6f [ 125.332581] [<c01472a6>] try_to_free_pages+0xd0/0x1b5 [ 125.338056] [<c013fa4b>] __alloc_pages+0x135/0x2e8 [ 125.343258] [<c03b74ad>] tcp_sendmsg+0xaa0/0xb78 [ 125.348281] [<c03d4666>] inet_sendmsg+0x48/0x53 [ 125.353212] [<c0388716>] sock_sendmsg+0xb8/0xd3 [ 125.358147] [<c0388773>] kernel_sendmsg+0x42/0x4f [ 125.363259] [<c038bc00>] sock_no_sendpage+0x5e/0x77 [ 125.368556] [<c03ee7af>] xs_tcp_send_request+0x2af/0x375 then the socket is blocked until memory is reclaimed, and no progress can ever be made. Try to access the emergency pools by using GFP_ATOMIC. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* [SCTP]: Fix sctp to not return erroneous POLLOUT events.Neil Horman2005-12-19
| | | | | | | | | | Make sctp_writeable() use sk_wmem_alloc rather than sk_wmem_queued to determine the sndbuf space available. It also removes all the modifications to sk_wmem_queued as it is not currently used in SCTP. Signed-off-by: Neil Horman <nhorman@tuxdriver.com> Signed-off-by: Sridhar Samudrala <sri@us.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Perform SA switchover immediately.David S. Miller2005-12-19
| | | | | | | | | When we insert a new xfrm_state which potentially subsumes an existing one, make sure all cached bundles are flushed so that the new SA is used immediately. Signed-off-by: David S. Miller <davem@davemloft.net>
* [XFRM]: Handle DCCP in xfrm{4,6}_decode_sessionPatrick McHardy2005-12-19
| | | | | Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPV6]: Fix route lifetime.YOSHIFUJI Hideaki2005-12-19
| | | | | | | | | | | | | | The route expiration time is stored in rt6i_expires in jiffies. The argument of rt6_route_add() for adding a route is not the expiration time in jiffies nor in clock_t, but the lifetime (or time left before expiration) in clock_t. Because of the confusion, we sometimes saw several strange errors (FAILs) in TAHI IPv6 Ready Logo Phase-2 Self Test. The symptoms were analyzed by Mitsuru Chinen <CHINEN@jp.ibm.com>. Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [BRIDGE-NF]: Fix bridge-nf ipv6 length checkBart De Schuymer2005-12-19
| | | | | | | | | | | A typo caused some bridged IPv6 packets to get dropped randomly, as reported by Sebastien Chaumontet. The patch below fixes this (using skb->nh.raw instead of raw) and also makes the jumbo packet length checking up-to-date with the code in net/ipv6/exthdrs.c::ipv6_hop_jumbo. Signed-off-by: Bart De Schuymer <bdschuym@pandora.be> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: Fix incorrect dependency for IP6_NF_TARGET_NFQUEUEPatrick McHardy2005-12-19
| | | | | | | IP6_NF_TARGET_NFQUEUE depends on IP6_NF_IPTABLES, not IP_NF_IPTABLES. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: Fix NAT init orderPatrick McHardy2005-12-19
| | | | | | | | | | As noticed by Phil Oester, the GRE NAT protocol helper is initialized before the NAT core, which makes registration fail. Change the linking order to make NAT be initialized first. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [PATCH] Address of void __user * is void __user * *, not void * __user *Al Viro2005-12-15
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
* [VLAN]: Fix hardware rx csum errorsStephen Hemminger2005-12-14
| | | | | | | | | Receiving VLAN packets over a device (without VLAN assist) that is doing hardware checksumming (CHECKSUM_HW), causes errors because the VLAN code forgets to adjust the hardware checksum. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [GRE]: Fix hardware checksum modificationHerbert Xu2005-12-14
| | | | | | | | | The skb_postpull_rcsum introduced a bug to the checksum modification. Although the length pulled is offset bytes, the origin of the pulling is the GRE header, not the IP header. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [PKT_SCHED]: Disable debug tracing logs by default in packet action API.David S. Miller2005-12-14
| | | | | | Noticed by Andi Kleen. Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPV6] addrconf: Do not print device pointer in privacy log message.David S. Miller2005-12-14
| | | | | | | Noticed by Andi Kleen, it is pointless to emit the device structure pointer in the kernel logs like this. Signed-off-by: David S. Miller <davem@davemloft.net>
* [PATCH] ieee80211_crypt_tkip depends on NET_RADIOOlaf Hering2005-12-12
| | | | | | | | | | *** Warning: ".wireless_send_event" [net/ieee80211/ieee80211_crypt_tkip.ko] undefined! Signed-off-by: Olaf Hering <olh@suse.de> net/ieee80211/Kconfig | 2 +- 1 files changed, 1 insertion(+), 1 deletion(-) Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
* Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/nf-2.6Linus Torvalds2005-12-12
|\
| * [NETFILTER]: ip_nat_tftp: Fix expectation NATMarcus Sundberg2005-12-12
| | | | | | | | | | | | | | | | | | When a TFTP client is SNATed so that the port is also changed, the port is never changed back for the expected connection. Signed-off-by: Marcus Sundberg <marcus@ingate.com> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [TCPv6]: Fix skb leakArnaldo Carvalho de Melo2005-12-12
|/ | | | | | | Spotted by Francois Romieu, thanks! Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPv6] IPsec: fix pmtu calculation of espKazunori MIYAZAWA2005-12-09
| | | | | | | | | | | It is a simple bug which uses the wrong member. This bug does not seriously affect ordinary use of IPsec. But it is important to pass IPv6 ready logo phase-2 conformance test of IPsec SGW. Signed-off-by: Kazunori MIYAZAWA <miyazawa@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NET]: Fix NULL pointer deref in checksum debugging.Stephen Hemminger2005-12-08
| | | | | | | | | | | | | | The problem I was seeing turned out to be that skb->dev is NULL when the checksum is being completed in user context. This happens because the reference to the device is dropped (to allow it to be released when packets are in the queue). Because skb->dev was NULL, the netdev_rx_csum_fault was panicing on deref of dev->name. How about this? Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [AF_PACKET]: Convert PACKET_MMAP over to vm_insert_page().David S. Miller2005-12-06
| | | | | | | | | So we can properly use __GFP_COMP and avoid the use of PG_reserved pages. With extremely helpful review from Hugh Dickins. Signed-off-by: David S. Miller <davem@davemloft.net>
* [TCP] Vegas: timestamp before cloneDavid S. Miller2005-12-06
| | | | | | | | | | | | | We have to store the congestion control timestamp on the SKB before we clone it, not after. Else we get no timestamping information at all. tcp_transmit_skb() has been reworked so that we can do the timestamp still in one spot, instead of at all the call sites. Problem discovered, and initial fix, from Tom Young <tyo@ee.unimelb.edu.au>. Signed-off-by: David S. Miller <davem@davemloft.net>
* [TCP] Vegas: Remove extra call to tcp_vegas_rtt_calcThomas Young2005-12-06
| | | | | | | | | Remove unneeded call to tcp_vegas_rtt_calc. The more accurate microsecond value has already been registered prior to calling tcp_vegas_cong_avoid. Signed-off-by: Thomas Young <tyo@ee.mu.oz.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [TCP] Vegas: stop resetting rtt every ackThomas Young2005-12-06
| | | | | | | | Move the resetting of rtt measurements to inside the once per RTT block of code. Signed-off-by: Thomas Young <tyo@ee.mu.oz.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [DECNET]: add memory buffer settings Steven Whitehouse2005-12-05
| | | | | | | | The patch (originally from Steve) simply adds memory buffer settings to DECnet similar to those in TCP. Signed-off-by: Patrick Caulfield <patrick@tykepenguin.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NET]: make function pointer argument parseable by kernel-docMartin Waitz2005-12-05
| | | | | | | | | | When a function takes a function pointer as argument it should use the 'return (*pointer)(params...)' syntax used everywhere else in the kernel as this is recognized by kernel-doc. Signed-off-by: Martin Waitz <tali@admingilde.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: Don't use conntrack entry after dropping the referencePatrick McHardy2005-12-05
| | | | | Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: Fix unbalanced read_unlock_bh in ctnetlinkPatrick McHardy2005-12-05
| | | | | | | | | NFA_NEST calls NFA_PUT which jumps to nfattr_failure if the skb has no room left. We call read_unlock_bh at nfattr_failure for the NFA_PUT inside the locked section, so move NFA_NEST inside the locked section too. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: Wait for untracked references in nf_conntrack module unloadPatrick McHardy2005-12-05
| | | | | | | Noticed by Pablo Neira <pablo@eurodev.net>. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: Mark ctnetlink as EXPERIMENTALPatrick McHardy2005-12-05
| | | | | | | | Should have been marked EXPERIMENTAL from the beginning, as the current bunch of fixes show. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: Fix CTA_PROTO_NUM attribute size in ctnetlinkPatrick McHardy2005-12-05
| | | | | | | CTA_PROTO_NUM is a u_int8_t. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: Fix ip_conntrack_flush abuse in ctnetlinkPatrick McHardy2005-12-05
| | | | | | | | | | | ip_conntrack_flush() used to be part of ip_conntrack_cleanup(), which needs to drop _all_ references on module unload. Table flushed using ctnetlink just needs to clean the table and doesn't need to flush the event cache or wait for any references attached to skbs. Move everything but pure table flushing back to ip_conntrack_cleanup(). Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>