Doug / smarc-fsl-linux-kernel

20 Nov, 2008

1 commit

  • 21d1a161f   net: ip_sockglue.c add static, annotate ports' endianness ... Browse Code »

    Fixes sparse warnings:
    net/ipv4/ip_sockglue.c:146:15: warning: incorrect type in assignment (different base types)
    net/ipv4/ip_sockglue.c:146:15: expected restricted __be16 [assigned] [usertype] sin_port
    net/ipv4/ip_sockglue.c:146:15: got unsigned short [unsigned] [short] [usertype]
    net/ipv4/ip_sockglue.c:130:6: warning: symbol 'ip_cmsg_recv_dstaddr' was not declared. Should it be static?

    Signed-off-by: Harvey Harrison
    Signed-off-by: David S. Miller

    Harvey Harrison
     

17 Nov, 2008

1 commit

  • e8b2dfe9b   TPROXY: implemented IP_RECVORIGDSTADDR socket option ... Browse Code »

    In case UDP traffic is redirected to a local UDP socket,
    the originally addressed destination address/port
    cannot be recovered with the in-kernel tproxy.

    This patch adds an IP_RECVORIGDSTADDR sockopt that enables
    a IP_ORIGDSTADDR ancillary message in recvmsg(). This
    ancillary message contains the original destination address/port
    of the packet being received.

    Signed-off-by: Balazs Scheidler
    Signed-off-by: David S. Miller

    Balazs Scheidler
     

03 Nov, 2008

1 commit

01 Oct, 2008

1 commit

12 Jun, 2008

1 commit

29 Apr, 2008

1 commit

28 Apr, 2008

1 commit

14 Apr, 2008

1 commit

10 Apr, 2008

1 commit

  • 951e07c93   [IPV4]: Fix byte value boundary check in do_ip_getsockopt(). ... Browse Code »

    This fixes kernel bugzilla 10371.

    As reported by M.Piechaczek@osmosys.tv, if we try to grab a
    char sized socket option value, as in:

    unsigned char ttl = 255;
    socklen_t len = sizeof(ttl);
    setsockopt(socket, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, &len);

    getsockopt(socket, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, &len);

    The ttl returned will be wrong on big-endian, and on both little-
    endian and big-endian the next three bytes in userspace are written
    with garbage.

    It's because of this test in do_ip_getsockopt():

    if (len < sizeof(int) && len > 0 && val>=0 && val

    David S. Miller
     

26 Mar, 2008

1 commit

25 Mar, 2008

3 commits

18 Mar, 2008

2 commits

06 Mar, 2008

1 commit

13 Feb, 2008

1 commit

  • e4f8b5d4e   [IPV4]: Remove IP_TOS setting privilege checks. ... Browse Code »

    Various RFCs have all sorts of things to say about the CS field of the
    DSCP value. In particular they try to make the distinction between
    values that should be used by "user applications" and things like
    routing daemons.

    This seems to have influenced the CAP_NET_ADMIN check which exists for
    IP_TOS socket option settings, but in fact it has an off-by-one error
    so it wasn't allowing CS5 which is meant for "user applications" as
    well.

    Further adding to the inconsistency and brokenness here, IPV6 does not
    validate the DSCP values specified for the IPV6_TCLASS socket option.

    The real actual uses of these TOS values are system specific in the
    final analysis, and these RFC recommendations are just that, "a
    recommendation". In fact the standards very purposefully use
    "SHOULD" and "SHOULD NOT" when describing how these values can be
    used.

    In the final analysis the only clean way to provide consistency here
    is to remove the CAP_NET_ADMIN check. The alternatives just don't
    work out:

    1) If we add the CAP_NET_ADMIN check to ipv6, this can break existing
    setups.

    2) If we just fix the off-by-one error in the class comparison in
    IPV4, certain DSCP values can be used in IPV6 but not IPV4 by
    default. So people will just ask for a sysctl asking to
    override that.

    I checked several other freely available kernel trees and they
    do not make any privilege checks in this area like we do. For
    the BSD stacks, this goes back all the way to Stevens Volume 2
    and beyond.

    Signed-off-by: David S. Miller

    David S. Miller
     

29 Jan, 2008

1 commit

07 Nov, 2007

1 commit

  • 6a9fb9479   [IPV4]: Clean the ip_sockglue.c from some ugly ifdefs ... Browse Code »

    The #idfed CONFIG_IP_MROUTE is sometimes places inside the if-s,
    which looks completely bad. Similar ifdefs inside the functions
    looks a bit better, but they are also not recommended to be used.

    Provide an ifdef-ed ip_mroute_opt() helper to cleanup the code.

    Signed-off-by: Pavel Emelyanov
    Signed-off-by: David S. Miller

    Pavel Emelyanov
     

11 Oct, 2007

2 commits

  • cfcabdcc2   [NET]: sparse warning fixes ... Browse Code »

    Fix a bunch of sparse warnings. Mostly about 0 used as
    NULL pointer, and shadowed variable declarations.
    One notable case was that hash size should have been unsigned.

    Signed-off-by: Stephen Hemminger
    Signed-off-by: David S. Miller

    Stephen Hemminger
     
  • 881d966b4   [NET]: Make the device list and device lookups per namespace. ... Browse Code »

    This patch makes most of the generic device layer network
    namespace safe. This patch makes dev_base_head a
    network namespace variable, and then it picks up
    a few associated variables. The functions:
    dev_getbyhwaddr
    dev_getfirsthwbytype
    dev_get_by_flags
    dev_get_by_name
    __dev_get_by_name
    dev_get_by_index
    __dev_get_by_index
    dev_ioctl
    dev_ethtool
    dev_load
    wireless_process_ioctl

    were modified to take a network namespace argument, and
    deal with it.

    vlan_ioctl_set and brioctl_set were modified so their
    hooks will receive a network namespace argument.

    So basically anthing in the core of the network stack that was
    affected to by the change of dev_base was modified to handle
    multiple network namespaces. The rest of the network stack was
    simply modified to explicitly use &init_net the initial network
    namespace. This can be fixed when those components of the network
    stack are modified to handle multiple network namespaces.

    For now the ifindex generator is left global.

    Fundametally ifindex numbers are per namespace, or else
    we will have corner case problems with migration when
    we get that far.

    At the same time there are assumptions in the network stack
    that the ifindex of a network device won't change. Making
    the ifindex number global seems a good compromise until
    the network stack can cope with ifindex changes when
    you change namespaces, and the like.

    Signed-off-by: Eric W. Biederman
    Signed-off-by: David S. Miller

    Eric W. Biederman
     

27 Aug, 2007

1 commit

26 Apr, 2007

8 commits

15 Feb, 2007

1 commit

  • cd354f1ae   [PATCH] remove many unneeded #includes of sched.h ... Browse Code »

    After Al Viro (finally) succeeded in removing the sched.h #include in module.h
    recently, it makes sense again to remove other superfluous sched.h includes.
    There are quite a lot of files which include it but don't actually need
    anything defined in there. Presumably these includes were once needed for
    macros that used to live in sched.h, but moved to other header files in the
    course of cleaning it up.

    To ease the pain, this time I did not fiddle with any header files and only
    removed #includes from .c-files, which tend to cause less trouble.

    Compile tested against 2.6.20-rc2 and 2.6.20-rc2-mm2 (with offsets) on alpha,
    arm, i386, ia64, mips, powerpc, and x86_64 with allnoconfig, defconfig,
    allmodconfig, and allyesconfig as well as a few randconfigs on x86_64 and all
    configs in arch/arm/configs on arm. I also checked that no new warnings were
    introduced by the patch (actually, some warnings are removed that were emitted
    by unnecessarily included header files).

    Signed-off-by: Tim Schmielau
    Acked-by: Russell King
    Signed-off-by: Andrew Morton
    Signed-off-by: Linus Torvalds

    Tim Schmielau
     

11 Feb, 2007

1 commit

03 Dec, 2006

1 commit

29 Sep, 2006

3 commits

03 Aug, 2006

1 commit

  • dc49c1f94   [AF_UNIX]: Kernel memory leak fix for af_unix datagram getpeersec patch ... Browse Code »

    From: Catherine Zhang

    This patch implements a cleaner fix for the memory leak problem of the
    original unix datagram getpeersec patch. Instead of creating a
    security context each time a unix datagram is sent, we only create the
    security context when the receiver requests it.

    This new design requires modification of the current
    unix_getsecpeer_dgram LSM hook and addition of two new hooks, namely,
    secid_to_secctx and release_secctx. The former retrieves the security
    context and the latter releases it. A hook is required for releasing
    the security context because it is up to the security module to decide
    how that's done. In the case of Selinux, it's a simple kfree
    operation.

    Acked-by: Stephen Smalley
    Signed-off-by: David S. Miller

    Catherine Zhang
     

01 Jul, 2006

1 commit

21 Mar, 2006

2 commits