14 Jun, 2011
1 commit
-
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/sage/ceph-client:
ceph: unwind canceled flock state
ceph: fix ENOENT logic in striped_read
ceph: fix short sync reads from the OSD
ceph: fix sync vs canceled write
ceph: use ihold when we already have an inode ref
12 Jun, 2011
2 commits
-
There is a dev_put(ndev) missing on an error path. This was
introduced in 0c1ad04aecb "netpoll: prevent netpoll setup on slave
devices".Signed-off-by: Dan Carpenter
Signed-off-by: David S. Miller -
Testing of VLAN_FLAG_REORDER_HDR does not belong in vlan_untag
but rather in vlan_do_receive. Otherwise the vlan header
will not be properly put on the packet in the case of
vlan header accelleration.As we remove the check from vlan_check_reorder_header
rename it vlan_reorder_header to keep the naming clean.Fix up the skb->pkt_type early so we don't look at the packet
after adding the vlan tag, which guarantees we don't goof
and look at the wrong field.Use a simple if statement instead of a complicated switch
statement to decided that we need to increment rx_stats
for a multicast packet.Hopefully at somepoint we will just declare the case where
VLAN_FLAG_REORDER_HDR is cleared as unsupported and remove
the code. Until then this keeps it working correctly.Signed-off-by: Eric W. Biederman
Signed-off-by: Jiri Pirko
Acked-by: Changli Gao
Signed-off-by: David S. Miller
10 Jun, 2011
2 commits
-
We assume that transhdrlen is positive on the first fragment
which is wrong for raw packets. So we don't add exthdrlen to the
packet size for raw packets. This leads to a reallocation on IPsec
because we have not enough headroom on the skb to place the IPsec
headers. This patch fixes this by adding exthdrlen to the packet
size whenever the send queue of the socket is empty. This issue was
introduced with git commit 1470ddf7 (inet: Remove explicit write
references to sk/inet in ip_append_data)Signed-off-by: Steffen Klassert
Signed-off-by: David S. Miller -
…wireless-2.6 into for-davem
09 Jun, 2011
3 commits
-
In commit 8d8fc29d02a33e4bd5f4fa47823c1fd386346093
(netpoll: disable netpoll when enslave a device), we automatically
disable netpoll when the underlying device is being enslaved,
we also need to prevent people from setuping netpoll on
devices that are already enslaved.Signed-off-by: WANG Cong
Signed-off-by: David S. Miller -
commit 2c8cec5c10bc (ipv4: Cache learned PMTU information in inetpeer)
added some racy peer->pmtu_expires accesses.As its value can be changed by another cpu/thread, we should be more
careful, reading its value once.Add peer_pmtu_expired() and peer_pmtu_cleaned() helpers
Signed-off-by: Eric Dumazet
Signed-off-by: David S. Miller -
Ignacy reports that sometimes after leaving an IBSS
joining a new one didn't work because there still
were stations on the list. He fixed it by flushing
stations when attempting to join a new IBSS, but
this shouldn't be happening in the first case. When
I looked into it I saw a race condition in teardown
that could cause stations to be added after flush,
and thus cause this situation. Ignacy confirms that
after applying my patch he hasn't seen this happen
again.Reported-by: Ignacy Gawedzki
Debugged-by: Ignacy Gawedzki
Tested-by: Ignacy Gawedzki
Cc: stable@kernel.org
Signed-off-by: Johannes Berg
Signed-off-by: John W. Linville
08 Jun, 2011
4 commits
-
If we cancel a write, trigger the safe completions to prevent a sync from
blocking indefinitely in ceph_osdc_sync().Signed-off-by: Sage Weil
-
We may write 4 byte too much when we reinitialize the anti replay
window in the replay advance functions. This patch fixes this by
adjusting the last index of the initialization loop.Signed-off-by: Steffen Klassert
Signed-off-by: David S. Miller -
When one of the SSID's length passed in a scan or sched_scan request
is larger than 255, there will be an overflow in the u8 that is used
to store the length before checking. This causes the check to fail
and we overrun the buffer when copying the SSID.Fix this by checking the nl80211 attribute length before copying it to
the struct.This is a follow up for the previous commit
208c72f4fe44fe09577e7975ba0e7fa0278f3d03, which didn't fix the problem
entirely.Reported-by: Ido Yariv
Signed-off-by: Luciano Coelho
Signed-off-by: John W. Linville -
This reverts commit 1d38c16ce4156f63b45abbd09dd28ca2ef5172b4.
The mac80211 maintainer raised complaints about abuse of the CSA stop
reason, and about whether this patch actually serves its intended
purpose at all.Signed-off-by: John W. Linville
07 Jun, 2011
9 commits
-
Frank Blaschka reported :
During heavy network load we turn off/on cpus.
Sometimes this causes a stall on the network device.
Digging into the dump I found out following:napi is scheduled but does not run. From the I/O buffers
and the napi state I see napi/rx_softirq processing has stopped
because the budget was reached. napi stays in the
softnet_data poll_list and the rx_softirq was raised again.I assume at this time the cpu offline comes in,
the rx softirq is raised/moved to another cpu but napi stays in the
poll_list of the softnet_data of the now offline cpu.Reviewing dev_cpu_callback (net/core/dev.c) I did not find the
poll_list is transfered to the new cpu.This patch is a straightforward implementation of Frank suggestion :
Transfert poll_list and trigger NET_RX_SOFTIRQ on new cpu.
Reported-by: Frank Blaschka
Signed-off-by: Heiko Carstens
Signed-off-by: Eric Dumazet
Tested-by: Eric Dumazet
Signed-off-by: David S. Miller -
Like in commit 0972ddb237 (provide cow_metrics() methods to blackhole
dst_ops), we must provide a cow_metrics for bridges fake_dst_ops as
well.This fixes a regression coming from commits 62fa8a846d7d (net: Implement
read-only protection and COW'ing of metrics.) and 33eb9873a28 (bridge:
initialize fake_rtable metrics)ip link set mybridge mtu 1234
-->
[ 136.546243] Pid: 8415, comm: ip Tainted: P
2.6.39.1-00006-g40545b7 #103 ASUSTeK Computer Inc. V1Sn
/V1Sn
[ 136.546256] EIP: 0060:[] EFLAGS: 00010202 CPU: 0
[ 136.546268] EIP is at 0x0
[ 136.546273] EAX: f14a389c EBX: 000005d4 ECX: f80d32c0 EDX: f80d1da1
[ 136.546279] ESI: f14a3000 EDI: f255bf10 EBP: f15c3b54 ESP: f15c3b48
[ 136.546285] DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068
[ 136.546293] Process ip (pid: 8415, ti=f15c2000 task=f4741f80
task.ti=f15c2000)
[ 136.546297] Stack:
[ 136.546301] f80c658f f14a3000 ffffffed f15c3b64 c12cb9c8 f80d1b80
ffffffa1 f15c3bbc
[ 136.546315] c12da347 c12d9c7d 00000000 f7670b00 00000000 f80d1b80
ffffffa6 f15c3be4
[ 136.546329] 00000004 f14a3000 f255bf20 00000008 f15c3bbc c11d6cae
00000000 00000000
[ 136.546343] Call Trace:
[ 136.546359] [] ? br_change_mtu+0x5f/0x80 [bridge]
[ 136.546372] [] dev_set_mtu+0x38/0x80
[ 136.546381] [] do_setlink+0x1a7/0x860
[ 136.546390] [] ? rtnl_fill_ifinfo+0x9bd/0xc70
[ 136.546400] [] ? nla_parse+0x6e/0xb0
[ 136.546409] [] rtnl_newlink+0x361/0x510
[ 136.546420] [] ? vmalloc_sync_all+0x100/0x100
[ 136.546429] [] ? error_code+0x5a/0x60
[ 136.546438] [] ? rtnl_configure_link+0x80/0x80
[ 136.546446] [] rtnetlink_rcv_msg+0xfa/0x210
[ 136.546454] [] ? __rtnl_unlock+0x20/0x20
[ 136.546463] [] netlink_rcv_skb+0x8e/0xb0
[ 136.546471] [] rtnetlink_rcv+0x1c/0x30
[ 136.546479] [] netlink_unicast+0x23a/0x280
[ 136.546487] [] netlink_sendmsg+0x26b/0x2f0
[ 136.546497] [] sock_sendmsg+0xc8/0x100
[ 136.546508] [] ? __alloc_pages_nodemask+0xe1/0x750
[ 136.546517] [] ? _copy_from_user+0x42/0x60
[ 136.546525] [] ? verify_iovec+0x4c/0xc0
[ 136.546534] [] sys_sendmsg+0x1c5/0x200
[ 136.546542] [] ? __do_fault+0x310/0x410
[ 136.546549] [] ? do_wp_page+0x1d6/0x6b0
[ 136.546557] [] ? handle_pte_fault+0xe1/0x720
[ 136.546565] [] ? sys_getsockname+0x7f/0x90
[ 136.546574] [] ? handle_mm_fault+0xb1/0x180
[ 136.546582] [] ? vmalloc_sync_all+0x100/0x100
[ 136.546589] [] ? do_page_fault+0x173/0x3d0
[ 136.546596] [] ? sys_recvmsg+0x3b/0x60
[ 136.546605] [] sys_socketcall+0x293/0x2d0
[ 136.546614] [] sysenter_do_call+0x12/0x26
[ 136.546619] Code: Bad EIP value.
[ 136.546627] EIP: [] 0x0 SS:ESP 0068:f15c3b48
[ 136.546645] CR2: 0000000000000000
[ 136.546652] ---[ end trace 6909b560e78934fa ]---Signed-off-by: Alexander Holler
Signed-off-by: Eric Dumazet
Signed-off-by: David S. Miller -
In 2.6.27, commit 393e52e33c6c2 (packet: deliver VLAN TCI to userspace)
added a small information leak.Add padding field and make sure its zeroed before copy to user.
Signed-off-by: Eric Dumazet
CC: Patrick McHardy
Signed-off-by: David S. Miller -
The SEQ output functions grab the obj->attrib->hb_spinlock lock of
sub-objects found in the hash traversal. These locks are in a different
realm than the one used for the irias_objects hash table itself.So put the latter into it's own lockdep class.
Reported-by: Dave Jones
Signed-off-by: David S. Miller -
This interface uses a temporary buffer, but for no real reason.
And now can generate warnings like:net/sched/sch_generic.c: In function dev_watchdog
net/sched/sch_generic.c:254:10: warning: unused variable drivernameJust return driver->name directly or "".
Reported-by: Connor Hansen
Signed-off-by: David S. Miller -
Same check as for IPv4, also do for IPv6.
(If you passed in a IPv4 sockaddr_in here, the sizeof check
in the line before would have triggered already though.)Signed-off-by: Marcus Meissner
Cc: Reinhard Max
Signed-off-by: David S. Miller -
This reverts commit aac6af5534fade2b18682a0b9efad1a6c04c34c6.
Conflicts:
net/mac80211/key.c
That commit has a race that causes a warning, as documented in the thread
here:http://marc.info/?l=linux-wireless&m=130717684914101&w=2
Signed-off-by: John W. Linville
-
…wireless-2.6 into for-davem
06 Jun, 2011
9 commits
-
Netlink message lengths can't be negative, so use unsigned variables.
Signed-off-by: Dave Jones
Signed-off-by: Pablo Neira Ayuso -
This patch fixes a refcount leak of ct objects that may occur if
l4proto->error() assigns one conntrack object to one skbuff. In
that case, we have to skip further processing in nf_conntrack_in().With this patch, we can also fix wrong return values (-NF_ACCEPT)
for special cases in ICMP[v6] that should not bump the invalid/error
statistic counters.Reported-by: Zoltan Menyhart
Signed-off-by: Pablo Neira Ayuso -
Fix crash in nf_nat_csum when mangling packets
in OUTPUT hook where skb->dev is not defined, it is set
later before POSTROUTING. Problem happens for CHECKSUM_NONE.
We can check device from rt but using CHECKSUM_PARTIAL
should be safe (skb_checksum_help).Signed-off-by: Julian Anastasov
Signed-off-by: Pablo Neira Ayuso -
The stored cidr values are tried one after anoter. The boolean
condition evaluated to '1' instead of the first stored cidr or
the default host cidr.Signed-off-by: Jozsef Kadlecsik
Signed-off-by: Pablo Neira Ayuso -
Signed-off-by: Jozsef Kadlecsik
Signed-off-by: Pablo Neira Ayuso -
Fix the IPVS priority in LOCAL_IN hook,
so that SNAT target in POSTROUTING is supported for IPVS
traffic as in 2.6.36 where it worked depending on
module load order.Before 2.6.37 we used priority 100 in LOCAL_IN to
process remote requests. We used the same priority as
iptables SNAT and if IPVS handlers are installed before
SNAT handlers we supported SNAT in POSTROUTING for the IPVS
traffic. If SNAT is installed before IPVS, the netfilter
handlers are before IPVS and netfilter checks the NAT
table twice for the IPVS requests: once in LOCAL_IN where
IPS_SRC_NAT_DONE is set and second time in POSTROUTING
where the SNAT rules are ignored because IPS_SRC_NAT_DONE
was already set in LOCAL_IN.But in 2.6.37 we changed the IPVS priority for
LOCAL_IN with the goal to be unique (101) forgetting the
fact that for IPVS traffic we should not walk both
LOCAL_IN and POSTROUTING nat tables.So, change the priority for processing remote
IPVS requests from 101 to 99, i.e. before NAT_SRC (100)
because we prefer to support SNAT in POSTROUTING
instead of LOCAL_IN. It also moves the priority for
IPVS replies from 99 to 98. Use constants instead of
magic numbers at these places.Signed-off-by: Julian Anastasov
Signed-off-by: Simon Horman
Signed-off-by: Pablo Neira Ayuso -
Following error is raised (and other similar ones) :
net/ipv4/netfilter/nf_nat_standalone.c: In function ‘nf_nat_fn’:
net/ipv4/netfilter/nf_nat_standalone.c:119:2: warning: case value ‘4’
not in enumerated type ‘enum ip_conntrack_info’gcc barfs on adding two enum values and getting a not enumerated
result :case IP_CT_RELATED+IP_CT_IS_REPLY:
Add missing enum values
Signed-off-by: Eric Dumazet
CC: David Miller
Signed-off-by: Pablo Neira Ayuso -
More fallout from struct net lifetime rules review: PTR_ERR() is *already*
negative and failing ->open() should return negatives on failure.Signed-off-by: Al Viro
Signed-off-by: James Chapman
Signed-off-by: David S. Miller -
BTW, looking through the code related to struct net lifetime rules has
caught something else:struct net *get_net_ns_by_fd(int fd)
{
...
file = proc_ns_fget(fd);
if (!file)
goto out;ei = PROC_I(file->f_dentry->d_inode);
while in proc_ns_fget() we have two return ERR_PTR(...) and not a single
path that would return NULL. The other caller of proc_ns_fget() treats
ERR_PTR() correctly...Signed-off-by: Al Viro
Signed-off-by: David S. Miller
04 Jun, 2011
3 commits
-
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: (40 commits)
tg3: Fix tg3_skb_error_unmap()
net: tracepoint of net_dev_xmit sees freed skb and causes panic
drivers/net/can/flexcan.c: add missing clk_put
net: dm9000: Get the chip in a known good state before enabling interrupts
drivers/net/davinci_emac.c: add missing clk_put
af-packet: Add flag to distinguish VID 0 from no-vlan.
caif: Fix race when conditionally taking rtnl lock
usbnet/cdc_ncm: add missing .reset_resume hook
vlan: fix typo in vlan_dev_hard_start_xmit()
net/ipv4: Check for mistakenly passed in non-IPv4 address
iwl4965: correctly validate temperature value
bluetooth l2cap: fix locking in l2cap_global_chan_by_psm
ath9k: fix two more bugs in tx power
cfg80211: don't drop p2p probe responses
Revert "net: fix section mismatches"
drivers/net/usb/catc.c: Fix potential deadlock in catc_ctrl_run()
sctp: stop pending timers and purge queues when peer restart asoc
drivers/net: ks8842 Fix crash on received packet when in PIO mode.
ip_options_compile: properly handle unaligned pointer
iwlagn: fix incorrect PCI subsystem id for 6150 devices
... -
…wireless-2.6 into for-davem
-
This partially reverts 1c5cae815d19ffe02bdfda1260949ef2b1806171, because
the netdev name is copied into sdata->name, which is used for debugging
messages, for example. Otherwise, we get messages like this:wlan%d: authenticated
Signed-off-by: Thadeu Lima de Souza Cascardo
Cc: Jiri Pirko
Cc: David S. Miller
Cc: Johannes Berg
Cc: "John W. Linville"
Signed-off-by: John W. Linville
03 Jun, 2011
1 commit
-
Because there is a possibility that skb is kfree_skb()ed and zero cleared
after ndo_start_xmit, we should not see the contents of skb like skb->len and
skb->dev->name after ndo_start_xmit. But trace_net_dev_xmit does that
and causes panic by NULL pointer dereference.
This patch fixes trace_net_dev_xmit not to see the contents of skb directly.If you want to reproduce this panic,
1. Get tracepoint of net_dev_xmit on
2. Create 2 guests on KVM
2. Make 2 guests use virtio_net
4. Execute netperf from one to another for a long time as a network burden
5. host will panic(It takes about 30 minutes)Signed-off-by: Koki Sanagi
Signed-off-by: David S. Miller
02 Jun, 2011
6 commits
-
Currently, user-space cannot determine if a 0 tcp_vlan_tci
means there is no VLAN tag or the VLAN ID was zero.Add flag to make this explicit. User-space can check for
TP_STATUS_VLAN_VALID || tp_vlan_tci > 0, which will be backwards
compatible. Older could would have just checked for tp_vlan_tci,
so it will work no worse than before.Signed-off-by: Ben Greear
Acked-by: Eric Dumazet
Signed-off-by: David S. Miller -
Take the RTNL lock unconditionally when calling dev_close.
Taking the lock conditionally may cause race conditions.Signed-off-by: Sjur Brændeland
Signed-off-by: David S. Miller -
commit 4af429d29b341bb1735f04c2fb960178ed5d52e7 (vlan: lockless
transmit path) have a typo in vlan_dev_hard_start_xmit(), using
u64_stats_update_begin() to end the stat update, it should be
u64_stats_update_end().Signed-off-by: Wei Yongjun
Reviewed-by: WANG Cong
Acked-by: Eric Dumazet
Signed-off-by: David S. Miller -
Check against mistakenly passing in IPv6 addresses (which would result
in an INADDR_ANY bind) or similar incompatible sockaddrs.Signed-off-by: Marcus Meissner
Cc: Reinhard Max
Signed-off-by: David S. Miller -
read_lock() ... read_unlock_bh() is clearly bogus.
This was broken bycommit 23691d75cdc69c3b285211b4d77746aa20a17d18
Author: Gustavo F. Padovan
Date: Wed Apr 27 18:26:32 2011 -0300Bluetooth: Remove l2cap_sk_list
Signed-off-by: Johannes Berg
Signed-off-by: John W. Linville -
Commit 0a35d36 ("cfg80211: Use capability info to detect mesh beacons")
assumed that probe response with both ESS and IBSS bits cleared
means that the frame was sent by a mesh sta.However, these capabilities are also being used in the p2p_find phase,
and the mesh-validation broke it.Rename the WLAN_CAPABILITY_IS_MBSS macro, and verify that mesh ies
exist before assuming this frame was sent by a mesh sta.Signed-off-by: Eliad Peller
Signed-off-by: John W. Linville
