20 Jun, 2006
6 commits
-
NIPQUAD expects an l-value of type __be32, _NOT_ a pointer to __be32.
Signed-off-by: Al Viro
Signed-off-by: Andrew Morton
Signed-off-by: David S. Miller -
sizeof(pointer) != sizeof(array)...
Signed-off-by: Al Viro
Signed-off-by: Andrew Morton
Signed-off-by: David S. Miller -
Having two or more qdisc_run's contend against each other is bad because
it can induce packet reordering if the packets have to be requeued. It
appears that this is an unintended consequence of relinquinshing the queue
lock while transmitting. That in turn is needed for devices that spend a
lot of time in their transmit routine.There are no advantages to be had as devices with queues are inherently
single-threaded (the loopback device is not but then it doesn't have a
queue).Even if you were to add a queue to a parallel virtual device (e.g., bolt
a tbf filter in front of an ipip tunnel device), you would still want to
process the queue in sequence to ensure that the packets are ordered
correctly.The solution here is to steal a bit from net_device to prevent this.
BTW, as qdisc_restart is no longer used by anyone as a module inside the
kernel (IIRC it used to with netif_wake_queue), I have not exported the
new __qdisc_run function.Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller -
Fix endless loop in the SCTP match similar to those already fixed in
the SCTP conntrack helper (was CVE-2006-1527).Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/roland/infiniband: (46 commits)
IB/uverbs: Don't serialize with ib_uverbs_idr_mutex
IB/mthca: Make all device methods truly reentrant
IB/mthca: Fix memory leak on modify_qp error paths
IB/uverbs: Factor out common idr code
IB/uverbs: Don't decrement usecnt on error paths
IB/uverbs: Release lock on error path
IB/cm: Use address handle helpers
IB/sa: Add ib_init_ah_from_path()
IB: Add ib_init_ah_from_wc()
IB/ucm: Get rid of duplicate P_Key parameter
IB/srp: Factor out common request reset code
IB/srp: Support SRP rev. 10 targets
[SCSI] srp.h: Add I/O Class values
IB/fmr: Use device's max_map_map_per_fmr attribute in FMR pool.
IB/mthca: Fill in max_map_per_fmr device attribute
IB/ipath: Add client reregister event generation
IB/mthca: Add client reregister event generation
IB: Move struct port_info from ipath to
IPoIB: Handle client reregister events
IB: Add client reregister event type
... -
* master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6: (109 commits)
[ETHTOOL]: Fix UFO typo
[SCTP]: Fix persistent slowdown in sctp when a gap ack consumes rx buffer.
[SCTP]: Send only 1 window update SACK per message.
[SCTP]: Don't do CRC32C checksum over loopback.
[SCTP] Reset rtt_in_progress for the chunk when processing its sack.
[SCTP]: Reject sctp packets with broadcast addresses.
[SCTP]: Limit association max_retrans setting in setsockopt.
[PFKEYV2]: Fix inconsistent typing in struct sadb_x_kmprivate.
[IPV6]: Sum real space for RTAs.
[IRDA]: Use put_unaligned() in irlmp_do_discovery().
[BRIDGE]: Add support for NETIF_F_HW_CSUM devices
[NET]: Add NETIF_F_GEN_CSUM and NETIF_F_ALL_CSUM
[TG3]: Convert to non-LLTX
[TG3]: Remove unnecessary tx_lock
[TCP]: Add tcp_slow_start_after_idle sysctl.
[BNX2]: Update version and reldate
[BNX2]: Use CPU native page size
[BNX2]: Use compressed firmware
[BNX2]: Add firmware decompression
[BNX2]: Allow WoL settings on new 5708 chips
...Manual fixup for conflict in drivers/net/tulip/winbond-840.c
18 Jun, 2006
34 commits
-
The function ethtool_get_ufo was referring to ETHTOOL_GTSO instead of
ETHTOOL_GUFO.Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller -
In the event that our entire receive buffer is full with a series of
chunks that represent a single gap-ack, and then we accept a chunk
(or chunks) that fill in the gap between the ctsn and the first gap,
we renege chunks from the end of the buffer, which effectively does
nothing but move our gap to the end of our received tsn stream. This
does little but move our missing tsns down stream a little, and, if the
sender is sending sufficiently large retransmit frames, the result is a
perpetual slowdown which can never be recovered from, since the only
chunk that can be accepted to allow progress in the tsn stream necessitates
that a new gap be created to make room for it. This leads to a constant
need for retransmits, and subsequent receiver stalls. The fix I've come up
with is to deliver the frame without reneging if we have a full receive
buffer and the receiving sockets sk_receive_queue is empty(indicating that
the receive buffer is being blocked by a missing tsn).Signed-off-by: Neil Horman
Signed-off-by: Sridhar Samudrala
Signed-off-by: David S. Miller -
Right now, every time we increase our rwnd by more then MTU bytes, we
trigger a SACK. When processing large messages, this will generate a
SACK for almost every other SCTP fragment. However since we are freeing
the entire message at the same time, we might as well collapse the SACK
generation to 1.Signed-off-by: Tsutomu Fujii
Signed-off-by: Vlad Yasevich
Signed-off-by: Sridhar Samudrala
Signed-off-by: David S. Miller -
Signed-off-by: Sridhar Samudrala
Signed-off-by: David S. Miller -
Signed-off-by: Vlad Yasevich
Signed-off-by: Sridhar Samudrala
Signed-off-by: David S. Miller -
Signed-off-by: Vlad Yasevich
Signed-off-by: Sridhar Samudrala
Signed-off-by: David S. Miller -
When using ASSOCINFO socket option, we need to limit the number of
maximum association retransmissions to be no greater than the sum
of all the path retransmissions. This is specified in Section 7.1.2
of the SCTP socket API draft.
However, we only do this if the association has multiple paths. If
there is only one path, the protocol stack will use the
assoc_max_retrans setting when trying to retransmit packets.Signed-off-by: Vlad Yasevich
Signed-off-by: Sridhar Samudrala
Signed-off-by: David S. Miller -
This patch fixes RTNLGRP_IPV6_IFINFO netlink notifications. Issue
pointed out by Patrick McHardy .Signed-off-by: YOSHIFUJI Hideaki
Acked-by: Patrick McHardy
Signed-off-by: David S. Miller -
irda_device_info->hints[] is byte aligned but is being
accessed as a u16Based upon a patch by Luke Yang .
Signed-off-by: David S. Miller
-
As it is the bridge will only ever declare NETIF_F_IP_CSUM even if all
its constituent devices support NETIF_F_HW_CSUM. This patch fixes
this by supporting the first one out of NETIF_F_NO_CSUM,
NETIF_F_HW_CSUM, and NETIF_F_IP_CSUM that is supported by all
constituent devices.Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller -
The current stack treats NETIF_F_HW_CSUM and NETIF_F_NO_CSUM
identically so we test for them in quite a few places. For the sake
of brevity, I'm adding the macro NETIF_F_GEN_CSUM for these two. We
also test the disjunct of NETIF_F_IP_CSUM and the other two in various
places, for that purpose I've added NETIF_F_ALL_CSUM.Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller -
A lot of people have asked for a way to disable tcp_cwnd_restart(),
and it seems reasonable to add a sysctl to do that.Signed-off-by: David S. Miller
-
RTT_min is updated each time a timeout event occurs
in order to cope with hard handovers in wireless scenarios such as UMTS.Signed-off-by: Luca De Cicco
Signed-off-by: Stephen Hemminger
Signed-off-by: David S. Miller -
The bandwidth estimate filter is now initialized with the first
sample in order to have better performances in the case of small
file transfers.Signed-off-by: Luca De Cicco
Signed-off-by: Stephen Hemminger
Signed-off-by: David S. Miller -
Cleanup some comments and add more references
Signed-off-by: Luca De Cicco
Signed-off-by: Stephen Hemminger
Signed-off-by: David S. Miller -
Need to update send sequence number tracking after first ack.
Rework of patch from Luca De Cicco.Signed-off-by: Stephen Hemminger
Signed-off-by: David S. Miller -
The sysctl net.ipv4.ip_autoconfig is a legacy value that is not used.
Signed-off-by: Stephen Hemminger
Signed-off-by: David S. Miller -
Signed-off-by: Alexey Dobriyan
Signed-off-by: David S. Miller -
It's better to warn and fail rather than rarely triggering BUG on paths
that incorrectly call skb_trim/__skb_trim on a non-linear skb.Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller -
I found a few more spots where pskb_trim_rcsum could be used but were not.
This patch changes them to use it.Also, sk_filter can get paged skb data. Therefore we must use pskb_trim
instead of skb_trim.Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller -
The linearisation operation doesn't need to be super-optimised. So we can
replace __skb_linearize with __pskb_pull_tail which does the same thing but
is more general.Also, most users of skb_linearize end up testing whether the skb is linear
or not so it helps to make skb_linearize do just that.Some callers of skb_linearize also use it to copy cloned data, so it's
useful to have a new function skb_linearize_cow to copy the data if it's
either non-linear or cloned.Last but not least, I've removed the gfp argument since nobody uses it
anymore. If it's ever needed we can easily add it back.Misc bugs fixed by this patch:
* via-velocity error handling (also, no SG => no frags)
Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller -
Various drivers use xmit_lock internally to synchronise with their
transmission routines. They do so without setting xmit_lock_owner.
This is fine as long as netpoll is not in use.With netpoll it is possible for deadlocks to occur if xmit_lock_owner
isn't set. This is because if a printk occurs while xmit_lock is held
and xmit_lock_owner is not set can cause netpoll to attempt to take
xmit_lock recursively.While it is possible to resolve this by getting netpoll to use
trylock, it is suboptimal because netpoll's sole objective is to
maximise the chance of getting the printk out on the wire. So
delaying or dropping the message is to be avoided as much as possible.So the only alternative is to always set xmit_lock_owner. The
following patch does this by introducing the netif_tx_lock family of
functions that take care of setting/unsetting xmit_lock_owner.I renamed xmit_lock to _xmit_lock to indicate that it should not be
used directly. I didn't provide irq versions of the netif_tx_lock
functions since xmit_lock is meant to be a BH-disabling lock.This is pretty much a straight text substitution except for a small
bug fix in winbond. It currently uses
netif_stop_queue/spin_unlock_wait to stop transmission. This is
unsafe as an IRQ can potentially wake up the queue. So it is safer to
use netif_tx_disable.The hamradio bits used spin_lock_irq but it is unnecessary as
xmit_lock must never be taken in an IRQ handler.Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller -
hashlimit does:
if (!ht->rnd)
get_random_bytes(&ht->rnd, 4);ignoring that 0 is also a valid random number.
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
create_proc_entry must not be called with locks held. Use a mutex
instead to protect data only changed in user context.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
Add a new xtables target, CONNSECMARK, which is used to specify rules
for copying security marks from packets to connections, and for
copyying security marks back from connections to packets. This is
similar to the CONNMARK target, but is more limited in scope in that
it only allows copying of security marks to and from packets, as this
is all it needs to do.A typical scenario would be to apply a security mark to a 'new' packet
with SECMARK, then copy that to its conntrack via CONNMARK, and then
restore the security mark from the connection to established and
related packets on that connection.Signed-off-by: James Morris
Signed-off-by: Andrew Morton
Signed-off-by: David S. Miller -
Add a secmark field to IP and NF conntracks, so that security markings
on packets can be copied to their associated connections, and also
copied back to packets as required. This is similar to the network
mark field currently used with conntrack, although it is intended for
enforcement of security policy rather than network policy.Signed-off-by: James Morris
Signed-off-by: Andrew Morton
Signed-off-by: David S. Miller -
Add a SECMARK target to xtables, allowing the admin to apply security
marks to packets via both iptables and ip6tables.The target currently handles SELinux security marking, but can be
extended for other purposes as needed.Signed-off-by: James Morris
Signed-off-by: Andrew Morton
Signed-off-by: David S. Miller -
Add a secmark field to the skbuff structure, to allow security subsystems to
place security markings on network packets. This is similar to the nfmark
field, except is intended for implementing security policy, rather than than
networking policy.This patch was already acked in principle by Dave Miller.
Signed-off-by: James Morris
Signed-off-by: Andrew Morton
Signed-off-by: David S. Miller -
Assignment used as truth value in xfrm_del_sa()
and xfrm_get_policy().Wrong argument type declared for security_xfrm_state_delete()
when SELINUX is disabled.Signed-off-by: David S. Miller
-
Just spotted this typo in a new option.
Signed-off-by: Dave Jones
Signed-off-by: Andrew Morton
Signed-off-by: David S. Miller -
This patch contains a fix for the previous patch that adds security
contexts to IPsec policies and security associations. In the previous
patch, no authorization (besides the check for write permissions to
SAD and SPD) is required to delete IPsec policies and security
assocations with security contexts. Thus a user authorized to change
SAD and SPD can bypass the IPsec policy authorization by simply
deleteing policies with security contexts. To fix this security hole,
an additional authorization check is added for removing security
policies and security associations with security contexts.Note that if no security context is supplied on add or present on
policy to be deleted, the SELinux module allows the change
unconditionally. The hook is called on deletion when no context is
present, which we may want to change. At present, I left it up to the
module.LSM changes:
The patch adds two new LSM hooks: xfrm_policy_delete and
xfrm_state_delete. The new hooks are necessary to authorize deletion
of IPsec policies that have security contexts. The existing hooks
xfrm_policy_free and xfrm_state_free lack the context to do the
authorization, so I decided to split authorization of deletion and
memory management of security data, as is typical in the LSM
interface.Use:
The new delete hooks are checked when xfrm_policy or xfrm_state are
deleted by either the xfrm_user interface (xfrm_get_policy,
xfrm_del_sa) or the pfkey interface (pfkey_spddelete, pfkey_delete).SELinux changes:
The new policy_delete and state_delete functions are added.
Signed-off-by: Catherine Zhang
Signed-off-by: Trent Jaeger
Acked-by: James Morris
Signed-off-by: David S. Miller -
It is typed wrong, and it's only assigned and used once.
So just pass in iph->daddr directly which fixes both problems.Based upon a patch by Alexey Dobriyan.
Signed-off-by: David S. Miller
-
All users pass 32-bit values as addresses and internally they're
compared with 32-bit entities. So, change "laddr" and "raddr" types to
__be32.Signed-off-by: Alexey Dobriyan
Signed-off-by: David S. Miller
