Eric Lee / smarc-fsl-linux-kernel

04 Feb, 2010

2 commits

  • 9c119ba54   Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 Browse Code »
    David S. Miller
     
  • 180211b84   af_key: fix netns ops ordering on module load/unload ... Browse Code »

    1. After sock_register() returns, it's possible to create sockets,
    even if module still not initialized fully (blame generic module code
    for that!)
    2. Consequently, pfkey_create() can be called with pfkey_net_id still not
    initialized which will BUG_ON in net_generic():
    kernel BUG at include/net/netns/generic.h:43!
    3. During netns shutdown, netns ops should be unregistered after
    key manager unregistered because key manager calls can be triggered
    from xfrm_user module:

    general protection fault: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
    pfkey_broadcast+0x111/0x210 [af_key]
    pfkey_send_notify+0x16a/0x300 [af_key]
    km_state_notify+0x41/0x70
    xfrm_flush_sa+0x75/0x90 [xfrm_user]
    4. Unregister netns ops after socket ops just in case and for symmetry.

    Reported by Luca Tettamanti.

    Signed-off-by: Alexey Dobriyan
    Tested-by: Luca Tettamanti
    Signed-off-by: Eric Dumazet
    Signed-off-by: David S. Miller

    Alexey Dobriyan
     

03 Feb, 2010

1 commit

18 Jan, 2010

1 commit

12 Dec, 2009

1 commit

  • c20a66f47   xfrm: Fix truncation length of authentication algorithms installed via PF_KEY ... Browse Code »

    Commit 4447bb33f09444920a8f1d89e1540137429351b6 ("xfrm: Store aalg in
    xfrm_state with a user specified truncation length") breaks
    installation of authentication algorithms via PF_KEY, as the state
    specific truncation length is not installed with the algorithms
    default truncation length. This patch initializes state properly to
    the default if installed via PF_KEY.

    Signed-off-by: Martin Willi
    Acked-by: Herbert Xu
    Signed-off-by: David S. Miller

    Martin Willi
     

02 Dec, 2009

1 commit

18 Nov, 2009

1 commit

06 Nov, 2009

1 commit

  • 3f378b684   net: pass kern to net_proto_family create function ... Browse Code »

    The generic __sock_create function has a kern argument which allows the
    security system to make decisions based on if a socket is being created by
    the kernel or by userspace. This patch passes that flag to the
    net_proto_family specific create function, so it can do the same thing.

    Signed-off-by: Eric Paris
    Acked-by: Arnaldo Carvalho de Melo
    Signed-off-by: David S. Miller

    Eric Paris
     

13 Oct, 2009

1 commit

  • 3b885787e   net: Generalize socket rx gap / receive queue overflow cmsg ... Browse Code »

    Create a new socket level option to report number of queue overflows

    Recently I augmented the AF_PACKET protocol to report the number of frames lost
    on the socket receive queue between any two enqueued frames. This value was
    exported via a SOL_PACKET level cmsg. AFter I completed that work it was
    requested that this feature be generalized so that any datagram oriented socket
    could make use of this option. As such I've created this patch, It creates a
    new SOL_SOCKET level option called SO_RXQ_OVFL, which when enabled exports a
    SOL_SOCKET level cmsg that reports the nubmer of times the sk_receive_queue
    overflowed between any two given frames. It also augments the AF_PACKET
    protocol to take advantage of this new feature (as it previously did not touch
    sk->sk_drops, which this patch uses to record the overflow count). Tested
    successfully by me.

    Notes:

    1) Unlike my previous patch, this patch simply records the sk_drops value, which
    is not a number of drops between packets, but rather a total number of drops.
    Deltas must be computed in user space.

    2) While this patch currently works with datagram oriented protocols, it will
    also be accepted by non-datagram oriented protocols. I'm not sure if thats
    agreeable to everyone, but my argument in favor of doing so is that, for those
    protocols which aren't applicable to this option, sk_drops will always be zero,
    and reporting no drops on a receive queue that isn't used for those
    non-participating protocols seems reasonable to me. This also saves us having
    to code in a per-protocol opt in mechanism.

    3) This applies cleanly to net-next assuming that commit
    977750076d98c7ff6cbda51858bb5a5894a9d9ab (my af packet cmsg patch) is reverted

    Signed-off-by: Neil Horman
    Signed-off-by: Eric Dumazet
    Signed-off-by: David S. Miller

    Neil Horman
     

07 Oct, 2009

1 commit

02 Sep, 2009

2 commits

18 Jun, 2009

1 commit

  • 31e6d363a   net: correct off-by-one write allocations reports ... Browse Code »

    commit 2b85a34e911bf483c27cfdd124aeb1605145dc80
    (net: No more expensive sock_hold()/sock_put() on each tx)
    changed initial sk_wmem_alloc value.

    We need to take into account this offset when reporting
    sk_wmem_alloc to user, in PROC_FS files or various
    ioctls (SIOCOUTQ/TIOCOUTQ)

    Signed-off-by: Eric Dumazet
    Signed-off-by: David S. Miller

    Eric Dumazet
     

27 Feb, 2009

1 commit

26 Jan, 2009

1 commit

  • a8d694c65   af_key: initialize xfrm encap_oa ... Browse Code »

    Currently encap_oa is left uninitialized, so it contains garbage data which
    is visible to userland via Netlink. Initialize it by zeroing it out.

    Signed-off-by: Timo Teras
    Acked-by: Herbert Xu
    Signed-off-by: David S. Miller

    Timo Teras
     

26 Nov, 2008

14 commits

07 Nov, 2008

1 commit

01 Nov, 2008

1 commit

  • 920da6923   key: fix setkey(8) policy set breakage ... Browse Code »

    Steps to reproduce:

    #/usr/sbin/setkey -f
    flush;
    spdflush;

    add 192.168.0.42 192.168.0.1 ah 24500 -A hmac-md5 "1234567890123456";
    add 192.168.0.42 192.168.0.1 esp 24501 -E 3des-cbc "123456789012123456789012";

    spdadd 192.168.0.42 192.168.0.1 any -P out ipsec
    esp/transport//require
    ah/transport//require;

    setkey: invalid keymsg length

    Policy dump will bail out with the same message after that.

    -recv(4, "\2\16\0\0\32\0\3\0\0\0\0\0\37\r\0\0\3\0\5\0\377 \0\0\2\0\0\0\300\250\0*\0"..., 32768, 0) = 208
    +recv(4, "\2\16\0\0\36\0\3\0\0\0\0\0H\t\0\0\3\0\5\0\377 \0\0\2\0\0\0\300\250\0*\0"..., 32768, 0) = 208

    Signed-off-by: Alexey Dobriyan
    Signed-off-by: David S. Miller

    Alexey Dobriyan
     

11 Oct, 2008

1 commit

  • 1839faab9   af_key: fix SADB_X_SPDDELETE response ... Browse Code »

    When deleting an SPD entry using SADB_X_SPDDELETE, c.data.byid is not
    initialized to zero in pfkey_spddelete(). Thus, key_notify_policy()
    responds with a PF_KEY message of type SADB_X_SPDDELETE2 instead of
    SADB_X_SPDDELETE.

    Signed-off-by: Tobias Brunner
    Signed-off-by: David S. Miller

    Tobias Brunner
     

06 Oct, 2008

1 commit

01 Oct, 2008

2 commits

  • 12a169e7d   ipsec: Put dumpers on the dump list ... Browse Code »

    Herbert Xu came up with the idea and the original patch to make
    xfrm_state dump list contain also dumpers:

    As it is we go to extraordinary lengths to ensure that states
    don't go away while dumpers go to sleep. It's much easier if
    we just put the dumpers themselves on the list since they can't
    go away while they're going.

    I've also changed the order of addition on new states to prevent
    a never-ending dump.

    Timo Teräs improved the patch to apply cleanly to latest tree,
    modified iteration code to be more readable by using a common
    struct for entries in the list, implemented the same idea for
    xfrm_policy dumping and moved the af_key specific "last" entry
    caching to af_key.

    Signed-off-by: Herbert Xu
    Signed-off-by: Timo Teras
    Signed-off-by: David S. Miller

    Herbert Xu
     
  • 052382048   af_key: Free dumping state on socket close ... Browse Code »

    Fix a xfrm_{state,policy}_walk leak if pfkey socket is closed while
    dumping is on-going.

    Signed-off-by: Timo Teras
    Signed-off-by: David S. Miller

    Timo Teras
     

26 Jul, 2008

1 commit

  • 547b792ca   net: convert BUG_TRAP to generic WARN_ON ... Browse Code »

    Removes legacy reinvent-the-wheel type thing. The generic
    machinery integrates much better to automated debugging aids
    such as kerneloops.org (and others), and is unambiguous due to
    better naming. Non-intuively BUG_TRAP() is actually equal to
    WARN_ON() rather than BUG_ON() though some might actually be
    promoted to BUG_ON() but I left that to future.

    I could make at least one BUILD_BUG_ON conversion.

    Signed-off-by: Ilpo Järvinen
    Signed-off-by: David S. Miller

    Ilpo Järvinen
     

14 Jun, 2008

1 commit

12 Jun, 2008

3 commits