aboutsummaryrefslogtreecommitdiffstats
path: root/net
Commit message (Collapse)AuthorAge
* [PATCH] gfp_t: net/*Al Viro2005-10-28
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
* Merge /home/trondmy/scm/kernel/git/torvalds/linux-2.6Trond Myklebust2005-10-27
|\
| * [TCP]: Clear stale pred_flags when snd_wnd changesHerbert Xu2005-10-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This bug is responsible for causing the infamous "Treason uncloaked" messages that's been popping up everywhere since the printk was added. It has usually been blamed on foreign operating systems. However, some of those reports implicate Linux as both systems are running Linux or the TCP connection is going across the loopback interface. In fact, there really is a bug in the Linux TCP header prediction code that's been there since at least 2.1.8. This bug was tracked down with help from Dale Blount. The effect of this bug ranges from harmless "Treason uncloaked" messages to hung/aborted TCP connections. The details of the bug and fix is as follows. When snd_wnd is updated, we only update pred_flags if tcp_fast_path_check succeeds. When it fails (for example, when our rcvbuf is used up), we will leave pred_flags with an out-of-date snd_wnd value. When the out-of-date pred_flags happens to match the next incoming packet we will again hit the fast path and use the current snd_wnd which will be wrong. In the case of the treason messages, it just happens that the snd_wnd cached in pred_flags is zero while tp->snd_wnd is non-zero. Therefore when a zero-window packet comes in we incorrectly conclude that the window is non-zero. In fact if the peer continues to send us zero-window pure ACKs we will continue making the same mistake. It's only when the peer transmits a zero-window packet with data attached that we get a chance to snap out of it. This is what triggers the treason message at the next retransmit timeout. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
* | RPC: Ensure that nobody can queue up new upcalls after rpc_close_pipes()Trond Myklebust2005-10-27
| | | | | | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* | Merge /home/trondmy/scm/kernel/git/torvalds/linux-2.6Trond Myklebust2005-10-27
|\|
| * [PATCH] svcsock timestamp fixAndrew Morton2005-10-26
| | | | | | | | | | | | | | | | | | Convert nanoseconds to microseconds correctly. Spotted by Steve Dickson <SteveD@redhat.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
| * [PATCH] kill massive wireless-related log spamJeff Garzik2005-10-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Although this message is having the intended effect of causing wireless driver maintainers to upgrade their code, I never should have merged this patch in its present form. Leading to tons of bug reports and unhappy users. Some wireless apps poll for statistics regularly, which leads to a printk() every single time they ask for stats. That's a little bit _too_ much of a reminder that the driver is using an old API. Change this to printing out the message once, per kernel boot. Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
| * [TR]: Preserve RIF flag even for 2 byte RIF fields.Jochen Friedrich2005-10-25
| | | | | | | | | | Signed-off-by: Jochen Friedrich <jochen@scram.de> Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
| * [IPV6]: Fix refcnt of struct ip6_flowlabelYan Zheng2005-10-25
| | | | | | | | | | | | Signed-off-by: Yan Zheng <yanzheng@21cn.com> Acked-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
| * [NEIGH] Fix timer leak in neigh_changeaddrHerbert Xu2005-10-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | neigh_changeaddr attempts to delete neighbour timers without setting nud_state. This doesn't work because the timer may have already fired when we acquire the write lock in neigh_changeaddr. The result is that the timer may keep firing for quite a while until the entry reaches NEIGH_FAILED. It should be setting the nud_state straight away so that if the timer has already fired it can simply exit once we relinquish the lock. In fact, this whole function is simply duplicating the logic in neigh_ifdown which in turn is already doing the right thing when it comes to deleting timers and setting nud_state. So all we have to do is take that code out and put it into a common function and make both neigh_changeaddr and neigh_ifdown call it. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * [NEIGH] Fix add_timer race in neigh_add_timerHerbert Xu2005-10-23
| | | | | | | | | | | | | | | | | | | | | | | | neigh_add_timer cannot use add_timer unconditionally. The reason is that by the time it has obtained the write lock someone else (e.g., neigh_update) could have already added a new timer. So it should only use mod_timer and deal with its return value accordingly. This bug would have led to rare neighbour cache entry leaks. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * [NEIGH] Print stack trace in neigh_add_timerHerbert Xu2005-10-23
| | | | | | | | | | | | | | Stack traces are very helpful in determining the exact nature of a bug. So let's print a stack trace when the timer is added twice. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * [SK_BUFF]: ipvs_property field must be copiedJulian Anastasov2005-10-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | IPVS used flag NFC_IPVS_PROPERTY in nfcache but as now nfcache was removed the new flag 'ipvs_property' still needs to be copied. This patch should be included in 2.6.14. Further comments from Harald Welte: Sorry, seems like the bug was introduced by me. Signed-off-by: Julian Anastasov <ja@ssi.bg> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
| * [TCP] Allow len == skb->len in tcp_fragmentHerbert Xu2005-10-20
| | | | | | | | | | | | | | | | | | It is legitimate to call tcp_fragment with len == skb->len since that is done for FIN packets and the FIN flag counts as one byte. So we should only check for the len > skb->len case. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
| * [DCCP]: Clear the IPCB areaHerbert Xu2005-10-20
| | | | | | | | | | | | | | | | | | | | Turns out the problem has nothing to do with use-after-free or double-free. It's just that we're not clearing the CB area and DCCP unlike TCP uses a CB format that's incompatible with IP. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Ian McDonald <imcdnzl@gmail.com> Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
| * [DCCP]: Make dccp_write_xmit always free the packetHerbert Xu2005-10-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | icmp_send doesn't use skb->sk at all so even if skb->sk has already been freed it can't cause crash there (it would've crashed somewhere else first, e.g., ip_queue_xmit). I found a double-free on an skb that could explain this though. dccp_sendmsg and dccp_write_xmit are a little confused as to what should free the packet when something goes wrong. Sometimes they both go for the ball and end up in each other's way. This patch makes dccp_write_xmit always free the packet no matter what. This makes sense since dccp_transmit_skb which in turn comes from the fact that ip_queue_xmit always frees the packet. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
| * [DCCP]: Use skb_set_owner_w in dccp_transmit_skb when skb->sk is NULLHerbert Xu2005-10-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | David S. Miller <davem@davemloft.net> wrote: > One thing you can probably do for this bug is to mark data packets > explicitly somehow, perhaps in the SKB control block DCCP already > uses for other data. Put some boolean in there, set it true for > data packets. Then change the test in dccp_transmit_skb() as > appropriate to test the boolean flag instead of "skb_cloned(skb)". I agree. In fact we already have that flag, it's called skb->sk. So here is patch to test that instead of skb_cloned(). Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Acked-by: Ian McDonald <imcdnzl@gmail.com> Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
* | Revert "RPC: stops the release_pipe() funtion from being called twice"Trond Myklebust2005-10-27
| | | | | | | | This reverts 747c5534c9a6da4aa87e7cdc2209ea98ea27f381 commit.
* | RPCSEC_GSS: krb5 cleanupJ. Bruce Fields2005-10-19
| | | | | | | | | | | | | | Remove some senseless wrappers. Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* | RPCSEC_GSS remove all qop parametersJ. Bruce Fields2005-10-19
| | | | | | | | | | | | | | | | | | Not only are the qop parameters that are passed around throughout the gssapi unused by any currently implemented mechanism, but there appears to be some doubt as to whether they will ever be used. Let's just kill them off for now. Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* | RPCSEC_GSS: Add support for privacy to krb5 rpcsec_gss mechanism.J. Bruce Fields2005-10-19
| | | | | | | | | | | | | | Add support for privacy to the krb5 rpcsec_gss mechanism. Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* | RPCSEC_GSS: krb5 pre-privacy cleanupJ. Bruce Fields2005-10-19
| | | | | | | | | | | | | | | | | | | | | | | | | | The code this was originally derived from processed wrap and mic tokens using the same functions. This required some contortions, and more would be required with the addition of xdr_buf's, so it's better to separate out the two code paths. In preparation for adding privacy support, remove the last vestiges of the old wrap token code. Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* | RPCSEC_GSS: Simplify rpcsec_gss crypto codeJ. Bruce Fields2005-10-19
| | | | | | | | | | | | | | Factor out some code that will be shared by privacy crypto routines Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* | RPCSEC_GSS: client-side privacy supportJ. Bruce Fields2005-10-19
| | | | | | | | | | | | | | | | Add the code to the client side to handle privacy. This is dead code until we actually add privacy support to krb5. Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* | RPCSEC_GSS: cleanup au_rslack calculationJ. Bruce Fields2005-10-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Various xdr encode routines use au_rslack to guess where the reply argument will end up, so we can set up the xdr_buf to recieve data into the right place for zero copy. Currently we calculate the au_rslack estimate when we check the verifier. Normally this only depends on the verifier size. In the integrity case we add a few bytes to allow for a length and sequence number. It's a bit simpler to calculate only the verifier size when we check the verifier, and delay the full calculation till we unwrap. Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* | SUNRPC: Retry wrap in case of memory allocation failure.J. Bruce Fields2005-10-19
| | | | | | | | | | | | | | | | | | For privacy we need to allocate extra pages to hold encrypted page data when wrapping requests. This allocation may fail, and we handle that case by waiting and retrying. Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* | SUNRPC: Provide a callback to allow free pages allocated during xdr encodingJ. Bruce Fields2005-10-19
| | | | | | | | | | | | | | | | | | For privacy, we need to allocate pages to store the encrypted data (passed in pages can't be used without the risk of corrupting data in the page cache). So we need a way to free that memory after the request has been transmitted. Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* | SUNRPC: Add support for privacy to generic gss-api code.J. Bruce Fields2005-10-19
| | | | | | | | | | | | | | | | | | Add support for privacy to generic gss-api code. This is dead code until we have both a mechanism that supports privacy and code in the client or server that uses it. Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* | RPC: stops the release_pipe() funtion from being called twiceSteve Dickson2005-10-19
| | | | | | | | | | | | | | | | | | This patch stops the release_pipe() funtion from being called twice by invalidating the ops pointer in the rpc_inode when rpc_pipe_release() is called. Signed-off-by: Steve Dickson <steved@redhat.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* | RPC: allow call_encode() to delay transmission of an RPC call.Trond Myklebust2005-10-18
| | | | | | | | | | | | | | | | Currently, call_encode will cause the entire RPC call to abort if it returns an error. This is unnecessarily rigid, and gets in the way of attempts to allow the NFSv4 layer to order RPC calls that carry sequence ids. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* | SUNRPC: Retry rpcbind requests if the server's portmapper isn't upChuck Lever2005-10-18
| | | | | | | | | | | | | | | | | | | | | | | | After a server crash/reboot, rebinding should always retry, otherwise requests on "hard" mounts will fail when they shouldn't. Test plan: Run a lock-intensive workload against a server while rebooting the server repeatedly. Signed-off-by: Chuck Lever <cel@netapp.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* | Merge /home/trondmy/scm/kernel/git/torvalds/linux-2.6Trond Myklebust2005-10-18
|\|
| * [NETFILTER]: Fix ip6_table.c build with NETFILTER_DEBUG enabled.Andrew Morton2005-10-15
| | | | | | | | | | Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [TCP]: Ratelimit debugging warning.Herbert Xu2005-10-13
| | | | | | | | | | | | | | Better safe than sorry. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [NET]: Disable NET_SCH_CLK_CPU for SMP x86 hostsAndi Kleen2005-10-13
| | | | | | | | | | | | | | | | | | | | Opterons with frequency scaling have fully unsynchronized TSCs running at different frequencies, so using TSCs there is not a good idea. Also some other x86 boxes have this problem. gettimeofday should be good enough, so just disable it. Signed-off-by: Andi Kleen <ak@suse.de> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [NETFILTER]: Fix OOPSes on machines with discontiguous cpu numbering.David S. Miller2005-10-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Original patch by Harald Welte, with feedback from Herbert Xu and testing by Sébastien Bernard. EBTABLES, ARP tables, and IP/IP6 tables all assume that cpus are numbered linearly. That is not necessarily true. This patch fixes that up by calculating the largest possible cpu number, and allocating enough per-cpu structure space given that. Signed-off-by: David S. Miller <davem@davemloft.net>
| * [TCP]: Add code to help track down "BUG at net/ipv4/tcp_output.c:438!"Herbert Xu2005-10-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | This is the second report of this bug. Unfortunately the first reporter hasn't been able to reproduce it since to provide more debugging info. So let's apply this patch for 2.6.14 to 1) Make this non-fatal. 2) Provide the info we need to track it down. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [BRIDGE]: fix race on bridge del ifStephen Hemminger2005-10-12
| | | | | | | | | | | | | | | | | | | | | | | | | | This fixes the RCU race on bridge delete interface. Basically, the network device has to be detached from the bridge in the first step (pre-RCU), rather than later. At that point, no more bridge traffic will come in, and the other code will not think that network device is part of a bridge. This should also fix the XEN test problems. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [TWSK]: Grab the module refcount for timewait socketsArnaldo Carvalho de Melo2005-10-11
| | | | | | | | | | | | | | | | This is required to avoid unloading a module that has active timewait sockets, such as DCCP. Signed-off-by: Arnaldo Carvalho de Melo <acme@ghostprotocols.net> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [DCCP]: Transition from PARTOPEN to OPEN when receiving DATA packetsArnaldo Carvalho de Melo2005-10-11
| | | | | | | | | | | | | | | | Noticed by Andrea Bittau, that provided a patch that was modified to not transition from RESPOND to OPEN when receiving DATA packets. Signed-off-by: Arnaldo Carvalho de Melo <acme@ghostprotocols.net> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [CCID]: Check if ccid is NULL in the hc_[tr]x_exit functionsArnaldo Carvalho de Melo2005-10-11
| | | | | | | | | | | | | | | | | | For consistency with ccid_exit and to fix a bug when IP_DCCP_UNLOAD_HACK is enabled as the control sock is not associated to any CCID. Signed-off-by: Arnaldo Carvalho de Melo <acme@ghostprotocols.net> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [NETFILTER] ctnetlink: add support to change protocol infoPablo Neira Ayuso2005-10-11
| | | | | | | | | | | | | | | | | | This patch add support to change the state of the private protocol information via conntrack_netlink. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [NETFILTER] ctnetlink: allow userspace to change TCP statePablo Neira Ayuso2005-10-11
| | | | | | | | | | | | | | | | | | | | | | This patch adds the ability of changing the state a TCP connection. I know that this must be used with care but it's required to provide a complete conntrack creation via conntrack_netlink. So I'll document this aspect on the upcoming docs. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [NETFILTER]: Use only 32bit counters for CONNTRACK_ACCTHarald Welte2005-10-11
| | | | | | | | | | | | | | | | | | | | Initially we used 64bit counters for conntrack-based accounting, since we had no event mechanism to tell userspace that our counters are about to overflow. With nfnetlink_conntrack, we now have such a event mechanism and thus can save 16bytes per connection. Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [IPSEC] Fix block size/MTU bugs in ESPHerbert Xu2005-10-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch fixes the following bugs in ESP: * Fix transport mode MTU overestimate. This means that the inner MTU is smaller than it needs be. Worse yet, given an input MTU which is a multiple of 4 it will always produce an estimate which is not a multiple of 4. For example, given a standard ESP/3DES/MD5 transform and an MTU of 1500, the resulting MTU for transport mode is 1462 when it should be 1464. The reason for this is because IP header lengths are always a multiple of 4 for IPv4 and 8 for IPv6. * Ensure that the block size is at least 4. This is required by RFC2406 and corresponds to what the esp_output function does. At the moment this only affects crypto_null as its block size is 1. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [IPSEC]: Use ALIGN macro in ESPHerbert Xu2005-10-11
| | | | | | | | | | | | | | This patch uses the macro ALIGN in all the applicable spots for ESP. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [NETFILTER] ctnetlink: add one nesting level for TCP statePablo Neira Ayuso2005-10-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | To keep consistency, the TCP private protocol information is nested attributes under CTA_PROTOINFO_TCP. This way the sequence of attributes to access the TCP state information looks like here below: CTA_PROTOINFO CTA_PROTOINFO_TCP CTA_PROTOINFO_TCP_STATE instead of: CTA_PROTOINFO CTA_PROTOINFO_TCP_STATE Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [NETFILTER] ctnetlink: ICMP ID is not mandatoryPablo Neira Ayuso2005-10-10
| | | | | | | | | | | | | | | | | | | | | | The ID is only required by ICMP type 8 (echo), so it's not mandatory for all sort of ICMP connections. This patch makes mandatory only the type and the code for ICMP netlink messages. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [NETFILTER] conntrack_netlink: Fix endian issue with status from userspaceHarald Welte2005-10-10
| | | | | | | | | | | | | | | | | | When we send "status" from userspace, we forget to convert the endianness. This patch adds the reqired conversion. Thanks to Pablo Neira for discovering this. Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [NETFILTER] nfnetlink: use highest bit of nfa_type to indicate nested TLVHarald Welte2005-10-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As Henrik Nordstrom pointed out, all our efforts with "split endian" (i.e. host byte order tags, net byte order values) are useless, unless a parser can determine whether an attribute is nested or not. This patch steals the highest bit of nfattr.nfa_type to indicate whether the data payload contains a nested nfattr (1) or not (0). This will break userspace compatibility, but luckily no kernel with nfnetlink was released so far. Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>