aboutsummaryrefslogtreecommitdiffstats
path: root/net
Commit message (Collapse)AuthorAge
* [IPSEC] Turn km_event.data into a unionHerbert Xu2005-06-19
| | | | | | | This patch turns km_event.data into a union. This makes code that uses it clearer. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [IPSEC] Fix xfrm to pfkey SA state conversionHerbert Xu2005-06-19
| | | | | | | | | | | | | This patch adjusts the SA state conversion in af_key such that XFRM_STATE_ERROR/XFRM_STATE_DEAD will be converted to SADB_STATE_DEAD instead of SADB_STATE_DYING. According to RFC 2367, SADB_STATE_DYING SAs can be turned into mature ones through updating their lifetime settings. Since SAs which are in the states XFRM_STATE_ERROR/XFRM_STATE_DEAD cannot be resurrected, this value is unsuitable. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [IPSEC] Kill spurious hard expire messagesHerbert Xu2005-06-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch ensures that the hard state/policy expire notifications are only sent when the state/policy is successfully removed from their respective tables. As it is, it's possible for a state/policy to both expire through reaching a hard limit, as well as being deleted by the user. Note that this behaviour isn't actually forbidden by RFC 2367. However, it is a quality of implementation issue. As an added bonus, the restructuring in this patch will help eventually in moving the expire notifications from softirq context into process context, thus improving their reliability. One important side-effect from this change is that SAs reaching their hard byte/packet limits are now deleted immediately, just like SAs that have reached their hard time limits. Previously they were announced immediately but only deleted after 30 seconds. This is bad because it prevents the system from issuing an ACQUIRE command until the existing state was deleted by the user or expires after the time is up. In the scenario where the expire notification was lost this introduces a 30 second delay into the system for no good reason. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [IPSEC] Add complete xfrm event notificationJamal Hadi Salim2005-06-19
| | | | | | | | | | | | | Heres the final patch. What this patch provides - netlink xfrm events - ability to have events generated by netlink propagated to pfkey and vice versa. - fixes the acquire lets-be-happy-with-one-success issue Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* Merge master.kernel.org:/pub/scm/linux/kernel/git/dwmw2/audit-2.6Linus Torvalds2005-06-18
|\
| * Merge with master.kernel.org:/pub/scm/linux/kernel/git/torvalds/linux-2.6.gitDavid Woodhouse2005-06-18
| |\
| * \ Merge with master.kernel.org:/pub/scm/linux/kernel/git/torvalds/linux-2.6.gitDavid Woodhouse2005-06-02
| |\ \
| * | | AUDIT: Fix user pointer deref thinko in sys_socketcall().David Woodhouse2005-06-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I cunningly put the audit call immediately after the copy_from_user().... but used the _userspace_ copy of the args still. Let's not do that. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
| * | | AUDIT: Capture sys_socketcall arguments and sockaddrs David Woodhouse2005-05-17
| | | | | | | | | | | | | | | | Signed-off-by: David Woodhouse <dwmw2@infradead.org>
* | | | Manual merge of ↵Linus Torvalds2005-06-18
|\ \ \ \ | |_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | rsync://rsync.kernel.org/pub/scm/linux/kernel/git/jgarzik/netdev-2.6.git This is a fixed-up version of the broken "upstream-2.6.13" branch, where I re-did the manual merge of drivers/net/r8169.c by hand, and made sure the history is all good.
| * | | Automatic merge of /spare/repo/netdev-2.6 branch we182005-06-04
| |\ \ \
| | * \ \ Automatic merge of /spare/repo/netdev-2.6 branch master2005-05-27
| | |\ \ \
| | * | | | [PATCH] Wireless Extensions 18 (aka WPA)2005-05-12
| | | |/ / | | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is version 18 of the Wireless Extensions. The main change is that it adds all the necessary APIs for WPA and WPA2 support. This work was entirely done by Jouni Malinen, so let's thank him for both his hard work and deep expertise on the subject ;-) This APIs obviously doesn't do much by itself and works in concert with driver support (Jouni already sent you the HostAP changes) and userspace (Jouni is updating wpa_supplicant). This is also orthogonal with the ongoing work on in-kernel IEEE support (but potentially useful). The patch is attached, tested with 2.6.11. Normally, I would ask you to push that directly in the kernel (99% of the patch has been on my web page for ages and it does not affect non-WPA stuff), but Jouni convinced me that it should bake a few weeks in wireless-2.6 first, so that other driver maintainers can get up to speed with it. Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
* | | | | [NETFILTER]: ipt_recent: last_pkts is an array of "unsigned long" not ↵David S. Miller2005-06-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | "u_int32_t" This fixes various crashes on 64-bit when using this module. Based upon a patch by Juergen Kreileder <jk@blackdown.de>. Signed-off-by: David S. Miller <davem@davemloft.net> ACKed-by: Patrick McHardy <kaber@trash.net>
* | | | | [NETFILTER]: Advance seq-file position in exp_next_seq()Patrick McHardy2005-06-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* | | | | [IPV4]: Sysctl configurable icmp error source address.J. Simonetti2005-06-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch alows you to change the source address of icmp error messages. It applies cleanly to 2.6.11.11 and retains the default behaviour. In the old (default) behaviour icmp error messages are sent with the ip of the exiting interface. The new behaviour (when the sysctl variable is toggled on), it will send the message with the ip of the interface that received the packet that caused the icmp error. This is the behaviour network administrators will expect from a router. It makes debugging complicated network layouts much easier. Also, all 'vendor routers' I know of have the later behaviour. Signed-off-by: David S. Miller <davem@davemloft.net>
* | | | | [SCTP] Fix incorrect setting of sk_bound_dev_if when binding/sending to a ipv6Sridhar Samudrala2005-06-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | link local address. Signed-off-by: Sridhar Samudrala <sri@us.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* | | | | [SCTP] Add support for ip_nonlocal_bind sysctl & IP_FREEBIND socket optionNeil Horman2005-06-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Neil Horman <nhorman@redhat.com> Signed-off-by: Sridhar Samudrala <sri@us.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* | | | | [SCTP] Extend the info exported via /proc/net/sctp to support netstat for SCTP.Vladislav Yasevich2005-06-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Vladislav Yasevich <vladislav.yasevich@hp.com> Signed-off-by: Sridhar Samudrala <sri@us.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* | | | | [SCTP] Support SO_BINDTODEVICE socket option on incoming packets.Neil Horman2005-06-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Neil Horman <nhorman@redhat.com> Signed-off-by: Sridhar Samudrala <sri@us.ibm.com Signed-off-by: David S. Miller <davem@davemloft.net>
* | | | | [SCTP]: Fix bug in restart of peeled-off associations.Vladislav Yasevich2005-06-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Vladislav Yasevich <vladislav.yasevich@hp.com> Signed-off-by: Sridhar Samudrala <sri@us.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* | | | | [IPv6] Don't generate temporary for TUN devicesRémi Denis-Courmont2005-06-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Userland layer-2 tunneling devices allocated through the TUNTAP driver (drivers/net/tun.c) have a type of ARPHRD_NONE, and have no link-layer address. The kernel complains at regular interval when IPv6 Privacy extension are enabled because it can't find an hardware address : Dec 29 11:02:04 auguste kernel: __ipv6_regen_rndid(idev=cb3e0c00): cannot get EUI64 identifier; use random bytes. IPv6 Privacy extensions should probably be disabled on that sort of device. They won't work anyway. If userland wants a more usual Ethernet-ish interface with usual IPv6 autoconfiguration, it will use a TAP device with an emulated link-layer and a random hardware address rather than a TUN device. As far as I could fine, TUN virtual device from TUNTAP is the very only sort of device using ARPHRD_NONE as kernel device type. Signed-off-by: Rémi Denis-Courmont <rdenis@simphalempin.com> Acked-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | | | | [IPV6]: Ensure to use icmpv6_socket in non-preemptive context.YOSHIFUJI Hideaki2005-06-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We saw following trace several times: |BUG: using smp_processor_id() in preemptible [00000001] code: httpd/30137 |caller is icmpv6_send+0x23/0x540 | [<c01ad63b>] smp_processor_id+0x9b/0xb8 | [<c02993e7>] icmpv6_send+0x23/0x540 This is because of icmpv6_socket, which is the only one user of smp_processor_id() in icmpv6_send(), AFAIK. Since it should be used in non-preemptive context, let's defer the dereference after disabling preemption (by icmpv6_xmit_lock()). Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | | | | [NET]: Move the netdev list to vger.kernel.org.Ralf Baechle2005-06-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | From: Ralf Baechle <ralf@linux-mips.org> There are archives of the old list at http://oss.sgi.com/archives/netdev Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | | | | [IPV4]: Multipath modules need a license to prevent kernel tainting.Randy Dunlap2005-06-13
| | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Randy Dunlap <rdunlap@xenotime.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* | | | | [TCP]: Adjust TCP mem order check to new alloc_large_system_hashAndi Kleen2005-06-13
| | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Andi Kleen <ak@suse.de> Signed-off-by: David S. Miller <davem@davemloft.net>
* | | | | [PKT_SCHED]: Fix numeric comparison in meta ematchThomas Graf2005-06-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch is brought to you by the department of applied stupidity. Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
* | | | | [PKT_SCHED]: Dump classification result for basic classifierThomas Graf2005-06-08
| | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
* | | | | [PKT_SCHED]: Allow socket attributes to be matched on via meta ematchThomas Graf2005-06-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Adds meta collectors for all socket attributes that make sense to be filtered upon. Some of them are only useful for debugging but having them doesn't hurt. Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
* | | | | [PKT_SCHED]: Fix typo in NET_EMATCH_STACK help textThomas Graf2005-06-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Spotted by Geert Uytterhoeven <geert@linux-m68k.org>. Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
* | | | | [NET]: Fix sysctl net.core.dev_weightStephen Hemminger2005-06-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changing the sysctl net.core.dev_weight has no effect because the weight of the backlog devices is set during initialization and never changed. This patch propagates any changes to the global value affected by sysctl to the per-cpu devices. It is done every time the packet handler function is run. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | | | | [NET]: Allow controlling NAPI device weight with sysfsStephen Hemminger2005-06-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Simple interface to allow changing network device scheduling weight with sysfs. Please consider this for 2.6.12, since risk/impact is small. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | | | | [IPV6]: Update parm.link in ip6ip6_tnl_change()Gabor Fekete2005-06-08
| | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Gabor Fekete <gfekete@cc.jyu.fi> Signed-off-by: David S. Miller <davem@davemloft.net>
* | | | | [ETHTOOL]: Check correct pointer in ethtool_set_coalesce().David S. Miller2005-06-06
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | It was checking the "GET" function pointer instead of the "SET" one. Looks like a cut&paste error :-) Signed-off-by: David S. Miller <davem@davemloft.net>
* | | | [IPV6]: Kill export of fl6_sock_lookup.Adrian Bunk2005-06-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There is no usage of this EXPORT_SYMBOL in the kernel. Signed-off-by: Adrian Bunk <bunk@stusta.de> Acked-by: Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | | | [IPVS]: remove net/ipv4/ipvs/ip_vs_proto_icmp.cAdrian Bunk2005-06-02
| |_|/ |/| | | | | | | | | | | | | | | | | ip_vs_proto_icmp.c was never finished. Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: David S. Miller <davem@davemloft.net>
* | | [IPSEC]: Fix esp_decap_data size verification in esp4.Edgar E Iglesias2005-05-31
| | | | | | | | | | | | | | | Signed-off-by: Edgar E Iglesias <edgar@axis.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* | | [PKT_SCHED]: Disable dsmark debugging messages by defaultThomas Graf2005-05-31
| | | | | | | | | | | | | | | Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
* | | [PKT_SCHED]: make dsmark try using pfifo instead of noop while graftingThomas Graf2005-05-31
| | | | | | | | | | | | | | | Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
* | | [PKT_SCHED]: Fix dsmark to count ignored indices while walkingThomas Graf2005-05-31
| | | | | | | | | | | | | | | | | | | | | | | | Unused indices which are ignored while walking must still be counted to avoid dumping the same index twice. Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
* | | [IPV4]: Fix BUG() in 2.6.x, udp_poll(), fragments + CONFIG_HIGHMEMHerbert Xu2005-05-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Steven Hand <Steven.Hand@cl.cam.ac.uk> wrote: > > Reconstructed forward trace: > > net/ipv4/udp.c:1334 spin_lock_irq() > net/ipv4/udp.c:1336 udp_checksum_complete() > net/core/skbuff.c:1069 skb_shinfo(skb)->nr_frags > 1 > net/core/skbuff.c:1086 kunmap_skb_frag() > net/core/skbuff.h:1087 local_bh_enable() > kernel/softirq.c:0140 WARN_ON(irqs_disabled()); The receive queue lock is never taken in IRQs (and should never be) so we can simply substitute bh for irq. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* | | [NETFILTER]: Fix deadlock with ip_queue and tcp local input path.Harald Welte2005-05-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we have ip_queue being used from LOCAL_IN, then we end up with a situation where the verdicts coming back from userspace traverse the TCP input path from syscall context. While this seems to work most of the time, there's an ugly deadlock: syscall context is interrupted by the timer interrupt. When the timer interrupt leaves, the timer softirq get's scheduled and calls tcp_delack_timer() and alike. They themselves do bh_lock_sock(sk), which is already held from somewhere else -> boom. I've now tested the suggested solution by Patrick McHardy and Herbert Xu to simply use local_bh_{en,dis}able(). Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | | [NET]: Use %lx for netdev->features sysfs formatting.David S. Miller2005-05-29
| | | | | | | | | | | | Signed-off-by: David S. Miller <davem@davemloft.net>
* | | [IPV6]: Clear up user copy warning in flowlabel code.David S. Miller2005-05-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | We are intentionally ignoring the copy_to_user() value, make it clear to the compiler too. Noted by Jeff Garzik. Signed-off-by: David S. Miller <davem@davemloft.net>
* | | [NET]: Add ethtool support for NETIF_F_HW_CSUM.Jon Mason2005-05-29
| | | | | | | | | | | | | | | Signed-off-by: Jon Mason <jdmason@us.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* | | [IPV4]: Kill MULTIPATHHOLDROUTE flag.Pravin B. Shelar2005-05-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It cannot work properly, so just ignore it in drr and rr multipath algorithms just like the random multipath algorithm does. Suggested by Herbert Xu. Signed-off by: Pravin B. Shelar <pravins@calsoftinc.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* | | [IPV4]: Primary and secondary addressesHarald Welte2005-05-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | Add an option to make secondary IP addresses get promoted when primary IP addresses are removed from the device. It defaults to off to preserve existing behavior. Signed-off-by: Harald Welte <laforge@gnumonks.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | | [BRIDGE]: receive path optimizationStephen Hemminger2005-05-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This improves the bridge local receive path by avoiding going through another softirq. The bridge receive path is already being called from a netif_receive_skb() there is no point in going through another receiveq round trip. Recursion is limited because bridge can never be a port of a bridge so handle_bridge() always returns. Signed-off-by: David S. Miller <davem@davemloft.net>
* | | [BRIDGE]: prevent bad forwarding table updatesStephen Hemminger2005-05-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Avoid poisoning of the bridge forwarding table by frames that have been dropped by filtering. This prevents spoofed source addresses on hostile side of bridge from causing packet leakage, a small but possible security risk. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | | [BRIDGE]: set features based on enslaved devicesStephen Hemminger2005-05-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | Make features of the bridge pseudo-device be a subset of the underlying devices. Motivated by Xen and others who use bridging to do failover. Signed-off-by: Catalin BOIE <catab at umrella.ro> Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: David S. Miller <davem@davemloft.net>