aboutsummaryrefslogtreecommitdiffstats
path: root/net
Commit message (Collapse)AuthorAge
* SUNRPC: Add the helper function 'rpc_call_null()'Trond Myklebust2007-07-10
| | | | | | | Does a NULL RPC call and returns a pointer to the resulting rpc_task. The call may be either synchronous or asynchronous. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Make rpc_ping() staticTrond Myklebust2007-07-10
| | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Fix races in rpcauth_createTrond Myklebust2007-07-10
| | | | | | See the FIXME: auth_flavors[] really needs a lock and module refcounting. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Fix a memory leak in gss_create()Trond Myklebust2007-07-10
| | | | | | | Fix a memory leak in gss_create() whereby the rpc credcache was not being freed if the rpc_mkpipe() call failed. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Fix a typo in unx_create()Trond Myklebust2007-07-10
| | | | | | | We want to set the unix_cred_cache.nextgc on the first call to unx_create(), which should be when unix_auth.au_count === 1 Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Fix a memory leak in the auth credcache codeTrond Myklebust2007-07-10
| | | | | | | | | | | | | | The leak only affects the RPCSEC_GSS caches, since they are the only ones that are dynamically allocated... Rename the existing rpcauth_free_credcache() to rpcauth_clear_credcache() in order to better describe its role, then add a new function rpcauth_destroy_credcache() that actually frees the cache in addition to clearing it out. Also move the call to destroy the credcache in gss_destroy() to come before the rpc upcall pipe is unlinked. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Add a field to track the number of kernel users of an rpc_pipeTrond Myklebust2007-07-10
| | | | | | This allows us to correctly deduce when we need to remove the pipe. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Clean up rpc_pipefs.Trond Myklebust2007-07-10
| | | | | | | | | | Add a dentry_ops with a d_delete() method in order to ensure that dentries are removed as soon as the last reference is gone. Clean up rpc_depopulate() so that it only removes files that were created via rpc_populate(). Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Enable non-exclusive create in rpc_mkpipe()Trond Myklebust2007-07-10
| | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Add a downcall queue to struct rpc_inodeTrond Myklebust2007-07-10
| | | | | | | | Currently, the downcall queue is tied to the struct gss_auth, which means that different RPCSEC_GSS pseudoflavours must use different upcall pipes. Add a list to struct rpc_inode that can be used instead. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Always match an upcall message in gss_pipe_downcall()Trond Myklebust2007-07-10
| | | | | | | | | | | | It used to be possible for an rpc.gssd daemon to stuff the RPC credential cache for any rpc client simply by creating RPCSEC_GSS contexts and then doing downcalls. In practice, no daemons ever made use of this feature. Remove this feature now, since it will be impossible to figure out which mechanism a given context actually matches if we enable more than one gss mechanism to use the same upcall pipe. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Remove the gss_auth spinlockTrond Myklebust2007-07-10
| | | | | | We're just as well off using the inode spinlock instead. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Add a backpointer from the struct rpc_cred to the rpc_authTrond Myklebust2007-07-10
| | | | | | | | Cleans up an issue whereby rpcsec_gss uses the rpc_clnt->cl_auth. If we want to be able to add several rpc_auths to a single rpc_clnt, then this abuse must go. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: fix hang due to eventd deadlock...Trond Myklebust2007-07-10
| | | | | | | | | | | | | | | | | | | | | | | | Brian Behlendorf writes: The root cause of the NFS hang we were observing appears to be a rare deadlock between the kernel provided usermodehelper API and the linux NFS client. The deadlock can arise because both of these services use the generic linux work queues. The usermodehelper API run the specified user application in the context of the work queue. And NFS submits both cleanup and reconnect work to the generic work queue for handling. Normally this is fine but a deadlock can result in the following situation. - NFS client is in a disconnected state - [events/0] runs a usermodehelper app with an NFS dependent operation, this triggers an NFS reconnect. - NFS reconnect happens to be submitted to [events/0] work queue. - Deadlock, the [events/0] work queue will never process the reconnect because it is blocked on the previous NFS dependent operation which will not complete.` The solution is simply to run reconnect requests on rpciod. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: clean up rpc_call_async/rpc_call_sync/rpc_run_taskTrond Myklebust2007-07-10
| | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Move rpc_register_client and friends into net/sunrpc/clnt.cTrond Myklebust2007-07-10
| | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Remove redundant calls to rpciod_up()/rpciod_down()Trond Myklebust2007-07-10
| | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Make create_client() take a reference to the rpciod workqueueTrond Myklebust2007-07-10
| | | | | | | Ensures that an rpc_client always has the possibility to send asynchronous RPC calls. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Optimise rpciod_up()Trond Myklebust2007-07-10
| | | | | | | | Instead of taking the mutex every time we just need to increment/decrement rpciod_users, we can optmise by using atomic_inc_not_zero and atomic_dec_and_test. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Don't create an rpc_pipefs directory before rpc_clone is initialisedTrond Myklebust2007-07-10
| | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Remove rpc_clnt->cl_countTrond Myklebust2007-07-10
| | | | | | | | | | | | The kref now does most of what cl_count + cl_user used to do. The only remaining role for cl_count is to tell us if we are in a 'shutdown' phase. We can provide that information using a single bit field instead of a full atomic counter. Also rename rpc_destroy_client() to rpc_close_client(), which reflects better what its role is these days. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Make rpc_clone take a reference instead of using cl_countTrond Myklebust2007-07-10
| | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Kill rpc_clnt->cl_oneshotTrond Myklebust2007-07-10
| | | | | | | Replace it with explicit calls to rpc_shutdown_client() or rpc_destroy_client() (for the case of asynchronous calls). Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Kill rpc_clnt->cl_deadTrond Myklebust2007-07-10
| | | | | | | Its use is at best racy, and there is only one user (lockd), which has additional locking that makes the whole thing redundant. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Convert rpc_clnt->cl_users to a krefTrond Myklebust2007-07-10
| | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Clean up tk_pid allocation and make it locklessTrond Myklebust2007-07-10
| | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Add a per-rpc_clnt spinlockTrond Myklebust2007-07-10
| | | | | | | Use that to protect the rpc_clnt->cl_tasks list instead of using a global lock. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Move rpc_task->tk_task list into struct rpc_clntTrond Myklebust2007-07-10
| | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* NFSv4: Clean up nfs4_call_async()Trond Myklebust2007-07-10
| | | | | | Use rpc_run_task() instead of doing it ourselves. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* Merge branch 'upstream-linus' of ↵Linus Torvalds2007-07-10
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | master.kernel.org:/pub/scm/linux/kernel/git/jgarzik/netdev-2.6 * 'upstream-linus' of master.kernel.org:/pub/scm/linux/kernel/git/jgarzik/netdev-2.6: (40 commits) bonding/bond_main.c: make 2 functions static ps3: gigabit ethernet driver for PS3, take3 [netdrvr] Fix dependencies for ax88796 ne2k clone driver eHEA: Capability flag for DLPAR support Remove sk98lin ethernet driver. sunhme.c:quattro_pci_find() must be __devinit bonding / ipv6: no addrconf for slaves separately from master atl1: remove write-only var in tx handler macmace: use "unsigned long flags;" Cleanup usbnet_probe() return value handling netxen: deinline and sparse fix eeprom_93cx6: shorten pulse timing to match spec (bis) phylib: Add Marvell 88E1112 phy id phylib: cleanup marvell.c a bit AX88796 network driver IOC3: Switch to pci refcounting safe APIs e100: Fix Tyan motherboard e100 not receiving IPMI commands QE Ethernet driver writes to wrong register to mask interrupts rrunner.c:rr_init() must be __devinit tokenring/3c359.c:xl_init() must be __devinit ...
| * bonding / ipv6: no addrconf for slaves separately from masterJay Vosburgh2007-07-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | At present, when a device is enslaved to bonding, if ipv6 is active then addrconf will be initated on the slave (because it is closed then opened during the enslavement processing). This causes DAD and RS packets to be sent from the slave. These packets in turn can confuse switches that perform ipv6 snooping, causing them to incorrectly update their forwarding tables (if, e.g., the slave being added is an inactve backup that won't be used right away) and direct traffic away from the active slave to a backup slave (where the incoming packets will be dropped). This patch alters the behavior so that addrconf will only run on the master device itself. I believe this is logically correct, as it prevents slaves from having an IPv6 identity independent from the master. This is consistent with the IPv4 behavior for bonding. This is accomplished by (a) having bonding set IFF_SLAVE sooner in the enslavement processing than currently occurs (before open, not after), and (b) having ipv6 addrconf ignore UP and CHANGE events on slave devices. The eql driver also uses the IFF_SLAVE flag. I inspected eql, and I believe this change is reasonable for its usage of IFF_SLAVE, but I did not test it. Signed-off-by: Jay Vosburgh <fubar@us.ibm.com> Signed-off-by: Jeff Garzik <jeff@garzik.org>
* | sendfile: convert nfsd to splice_direct_to_actor()Jens Axboe2007-07-10
|/ | | | Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
* [PATCH] softmac: use list_for_each_entryAkinobu Mita2007-07-08
| | | | | | | | | | Cleanup using list_for_each_entry. Cc: Johannes Berg <johannes@sipsolutions.net> Cc: Joe Jezak <josejx@gentoo.org> Cc: Daniel Drake <dsd@gentoo.org> Signed-off-by: Akinobu Mita <akinobu.mita@gmail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* Fix use-after-free oops in Bluetooth HID.David Woodhouse2007-07-07
| | | | | | | | | | | | | | | | When cleaning up HIDP sessions, we currently close the ACL connection before deregistering the input device. Closing the ACL connection schedules a workqueue to remove the associated objects from sysfs, but the input device still refers to them -- and if the workqueue happens to run before the input device removal, the kernel will oops when trying to look up PHYSDEVPATH for the removed input device. Fix this by deregistering the input device before closing the connections. Signed-off-by: David Woodhouse <dwmw2@infradead.org> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* [NETPOLL]: Fixups for 'fix soft lockup when removing module'Jarek Poplawski2007-07-05
| | | | | | | | | | | | | | | | | | | | | | | >From my recent patch: > > #1 > > Until kernel ver. 2.6.21 (including) cancel_rearming_delayed_work() > > required a work function should always (unconditionally) rearm with > > delay > 0 - otherwise it would endlessly loop. This patch replaces > > this function with cancel_delayed_work(). Later kernel versions don't > > require this, so here it's only for uniformity. But Oleg Nesterov <oleg@tv-sign.ru> found: > But 2.6.22 doesn't need this change, why it was merged? > > In fact, I suspect this change adds a race, ... His description was right (thanks), so this patch reverts #1. Signed-off-by: Jarek Poplawski <jarkao2@o2.pl> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NET]: net/core/netevent.c should #include <net/netevent.h>Adrian Bunk2007-07-05
| | | | | | | | Every file should include the headers containing the prototypes for its global functions. Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: nf_conntrack_h323: add checking of out-of-range on choices' ↵Jing Min Zhao2007-07-05
| | | | | | | | | | | | | | index values Choices' index values may be out of range while still encoded in the fixed length bit-field. This bug may cause access to undefined types (NULL pointers) and thus crashes (Reported by Zhongling Wen). This patch also adds checking of decode flag when decoding SEQUENCEs. Signed-off-by: Jing Min Zhao <zhaojingmin@vivecode.com> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NET] skbuff: remove export of static symbolJohannes Berg2007-07-05
| | | | | | | skb_clone_fraglist is static so it shouldn't be exported. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* SCTP: Add scope_id validation for link-local bindsVlad Yasevich2007-07-05
| | | | | | | | | | SCTP currently permits users to bind to link-local addresses, but doesn't verify that the scope id specified at bind matches the interface that the address is configured on. It was report that this can hang a system. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* SCTP: Check to make sure file is valid before setting timeoutVlad Yasevich2007-07-05
| | | | | | | | | | In-kernel sockets created with sock_create_kern don't usually have a file and file descriptor allocated to them. As a result, when SCTP tries to check the non-blocking flag, we Oops when dereferencing a NULL file pointer. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* SCTP: Fix thinko in sctp_copy_laddrs()Vlad Yasevich2007-07-05
| | | | | | | | Correctly dereference bytes_copied in sctp_copy_laddrs(). I totally must have spaced when doing this. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETPOLL] netconsole: fix soft lockup when removing moduleJarek Poplawski2007-06-29
| | | | | | | | | | | | | | | | | | | | #1 Until kernel ver. 2.6.21 (including) cancel_rearming_delayed_work() required a work function should always (unconditionally) rearm with delay > 0 - otherwise it would endlessly loop. This patch replaces this function with cancel_delayed_work(). Later kernel versions don't require this, so here it's only for uniformity. #2 After deleting a timer in cancel_[rearming_]delayed_work() there could stay a last skb queued in npinfo->txq causing a memory leak after kfree(npinfo). Initial patch & testing by: Jason Wessel <jason.wessel@windriver.com> Signed-off-by: Jarek Poplawski <jarkao2@o2.pl> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* Merge master.kernel.org:/pub/scm/linux/kernel/git/vxy/lksctp-devDavid S. Miller2007-06-29
|\
| * SCTP: lock_sock_nested in sctp_sock_migrateZach Brown2007-06-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | sctp_sock_migrate() grabs the socket lock on a newly allocated socket while holding the socket lock on an old socket. lockdep worries that this might be a recursive lock attempt. task/3026 is trying to acquire lock: (sk_lock-AF_INET){--..}, at: [<ffffffff88105b8c>] sctp_sock_migrate+0x2e3/0x327 [sctp] but task is already holding lock: (sk_lock-AF_INET){--..}, at: [<ffffffff8810891f>] sctp_accept+0xdf/0x1e3 [sctp] This patch tells lockdep that this locking is safe by using lock_sock_nested(). Signed-off-by: Zach Brown <zach.brown@oracle.com> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
| * SCTP: Fix sctp_getsockopt_get_peer_addrsNeil Horman2007-06-19
| | | | | | | | | | | | | | | | | | | | | | | | | | This is the split out of the patch that we agreed I should split out from my last patch. It changes space_left to be computed in the same way the to variable is. I know we talked about changing space_left to an int, but I think size_t is more appropriate, since we should never have negative space in our buffer, and computing using offsetof means space_left should now never drop below zero. Signed-off-by: Neil Horman <nhorman@tuxdriver.com> Acked-by: Sridhar Samudrala <sri@us.ibm.com> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
| * SCTP: update sctp_getsockopt helpers to allow oversized buffersNeil Horman2007-06-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I noted the other day while looking at a bug that was ostensibly in some perl networking library, that we strictly avoid allowing getsockopt operations to complete if we pass in oversized buffers. This seems to make libraries like Perl::NET malfunction since it seems to allocate oversized buffers for use in several operations. It also seems to be out of line with the way udp, tcp and ip getsockopt routines handle buffer input (since the *optlen pointer in both an input and an output and gets set to the length of the data that we copy into the buffer). This patch brings our getsockopt helpers into line with other protocols, and allows us to accept oversized buffers for our getsockopt operations. Tested by me with good results. Signed-off-by: Neil Horman <nhorman@tuxdriver.com> Acked-by: Sridhar Samudrala <sri@us.ibm.com> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
* | [NETPOLL]: tx lock deadlock fixStephen Hemminger2007-06-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | If sky2 device poll routine is called from netpoll_send_skb, it would deadlock. The netpoll_send_skb held the netif_tx_lock, and the poll routine could acquire it to clean up skb's. Other drivers might use same locking model. The driver is correct, netpoll should not introduce more locking problems than it causes already. So change the code to drop lock before calling poll handler. Signed-off-by: Stephen Hemminger <shemminger@linux.foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [NET]: Make skb_seq_read unmap the last fragmentOlaf Kirch2007-06-24
| | | | | | | | | | | | | | | | | | | | | | | | | | Having walked through the entire skbuff, skb_seq_read would leave the last fragment mapped. As a consequence, the unwary caller would leak kmaps, and proceed with preempt_count off by one. The only (kind of non-intuitive) workaround is to use skb_seq_read_abort. This patch makes sure skb_seq_read always unmaps frag_data after having cycled through the skb's paged part. Signed-off-by: Olaf Kirch <olaf.kirch@oracle.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [NET]: Re-enable irqs before pushing pending DMA requestsShannon Nelson2007-06-24
| | | | | | | | | | | | | | | | | | | | This moves the local_irq_enable() call in net_rx_action() to before calling the CONFIG_NET_DMA's dma_async_memcpy_issue_pending() rather than after. This shortens the irq disabled window and allows for DMA drivers that need to do their own irq hold. Signed-off-by: Shannon Nelson <shannon.nelson@intel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [TCP] tcp_read_sock: Allow recv_actor() return return negative error value.Jens Axboe2007-06-24
| | | | | | | | | | | | | | | | | | | | tcp_read_sock() currently assumes that the recv_actor() only returns number of bytes copied. For network splice receive, we may have to return an error in some cases. So allow the actor to return a negative error value. Signed-off-by: Jens Axboe <jens.axboe@oracle.com> Signed-off-by: David S. Miller <davem@davemloft.net>