Eric Lee / smarc-fsl-linux-kernel

29 Dec, 2011

1 commit

  • ba1cffe02   ax25: avoid overflows in ax25_setsockopt() ... Browse Code »

    Commit be639ac6 ("NET: AX.25: Check ioctl arguments to avoid overflows
    further down the road") rejects very large arguments, but doesn't
    completely fix overflows on 64-bit systems. Consider the AX25_T2 case.

    int opt;
    ...
    if (opt < 1 || opt > ULONG_MAX / HZ) {
    res = -EINVAL;
    break;
    }
    ax25->t2 = opt * HZ;

    The 32-bit multiplication opt * HZ would overflow before being assigned
    to 64-bit ax25->t2. This patch changes "opt" to unsigned long.

    Signed-off-by: Xi Wang
    Cc: Ralf Baechle
    Signed-off-by: David S. Miller

    Xi Wang
     

29 Nov, 2011

1 commit

  • be639ac69   NET: AX.25: Check ioctl arguments to avoid overflows further down the road. ... Browse Code »

    Very large, nonsenical arguments or use in very extreme conditions could
    result in integer overflows. Check ioctls arguments to avoid such
    overflows and return -EINVAL for too large arguments.

    To allow the use of AX.25 for even the most extreme setup (think packet
    radio to the Phase 5E mars probe) we make no further attempt to clamp the
    argument range.

    Originally reported by Fan Long and a first patch
    was sent by Xi Wang .

    Signed-off-by: Ralf Baechle
    Cc: Xi Wang
    Cc: Joerg Reuter
    Cc: Alan Cox
    Cc: Thomas Osterried
    Signed-off-by: David S. Miller

    Ralf Baechle
     

01 Nov, 2011

1 commit

17 Apr, 2011

1 commit

14 Apr, 2011

1 commit

12 Jan, 2011

1 commit

11 Nov, 2010

1 commit

  • fe10ae533   net: ax25: fix information leak to userland ... Browse Code »

    Sometimes ax25_getname() doesn't initialize all members of fsa_digipeater
    field of fsa struct, also the struct has padding bytes between
    sax25_call and sax25_ndigis fields. This structure is then copied to
    userland. It leads to leaking of contents of kernel stack memory.

    Signed-off-by: Vasiliy Kulikov
    Signed-off-by: David S. Miller

    Vasiliy Kulikov
     

25 Oct, 2010

1 commit

  • 229aebb87   Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial ... Browse Code »

    * 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial: (39 commits)
    Update broken web addresses in arch directory.
    Update broken web addresses in the kernel.
    Revert "drivers/usb: Remove unnecessary return's from void functions" for musb gadget
    Revert "Fix typo: configuation => configuration" partially
    ida: document IDA_BITMAP_LONGS calculation
    ext2: fix a typo on comment in ext2/inode.c
    drivers/scsi: Remove unnecessary casts of private_data
    drivers/s390: Remove unnecessary casts of private_data
    net/sunrpc/rpc_pipe.c: Remove unnecessary casts of private_data
    drivers/infiniband: Remove unnecessary casts of private_data
    drivers/gpu/drm: Remove unnecessary casts of private_data
    kernel/pm_qos_params.c: Remove unnecessary casts of private_data
    fs/ecryptfs: Remove unnecessary casts of private_data
    fs/seq_file.c: Remove unnecessary casts of private_data
    arm: uengine.c: remove C99 comments
    arm: scoop.c: remove C99 comments
    Fix typo configue => configure in comments
    Fix typo: configuation => configuration
    Fix typo interrest[ing|ed] => interest[ing|ed]
    Fix various typos of valid in comments
    ...

    Fix up trivial conflicts in:
    drivers/char/ipmi/ipmi_si_intf.c
    drivers/usb/gadget/rndis.c
    net/irda/irnet/irnet_ppp.c

    Linus Torvalds
     

18 Oct, 2010

1 commit

  • 631dd1a88   Update broken web addresses in the kernel. ... Browse Code »

    The patch below updates broken web addresses in the kernel

    Signed-off-by: Justin P. Mattock
    Cc: Maciej W. Rozycki
    Cc: Geert Uytterhoeven
    Cc: Finn Thain
    Cc: Randy Dunlap
    Cc: Matt Turner
    Cc: Dimitry Torokhov
    Cc: Mike Frysinger
    Acked-by: Ben Pfaff
    Acked-by: Hans J. Koch
    Reviewed-by: Finn Thain
    Signed-off-by: Jiri Kosina

    Justin P. Mattock
     

10 Sep, 2010

1 commit

27 Aug, 2010

1 commit

19 Aug, 2010

2 commits

  • 49339ccae   net/ax25: Use available error codes ... Browse Code »

    Error codes are stored in err, but the return value is always 0. Return
    err instead.

    The semantic match that finds this problem is as follows:
    (http://coccinelle.lip6.fr/)

    //
    @r@
    local idexpression x;
    constant C;
    @@

    if (...) { ...
    x = -C
    ... when != x
    (
    return ;
    |
    return NULL;
    |
    return;
    |
    * return ...;
    )
    }
    //

    Signed-off-by: Julia Lawall
    Acked-by: Ralf Baechle
    Signed-off-by: David S. Miller

    Julia Lawall
     
  • b3d18f150   net/ax25: Use available error codes ... Browse Code »

    Error codes are stored in err, but the return value is always 0. Return
    err instead.

    The semantic match that finds this problem is as follows:
    (http://coccinelle.lip6.fr/)

    //
    @r@
    local idexpression x;
    constant C;
    @@

    if (...) { ...
    x = -C
    ... when != x
    (
    return ;
    |
    return NULL;
    |
    return;
    |
    * return ...;
    )
    }
    //

    Signed-off-by: Julia Lawall
    Acked-by: Ralf Baechle
    Signed-off-by: David S. Miller

    Julia Lawall
     

21 Apr, 2010

1 commit

  • aa3951451   net: sk_sleep() helper ... Browse Code »

    Define a new function to return the waitqueue of a "struct sock".

    static inline wait_queue_head_t *sk_sleep(struct sock *sk)
    {
    return sk->sk_sleep;
    }

    Change all read occurrences of sk_sleep by a call to this function.

    Needed for a future RCU conversion. sk_sleep wont be a field directly
    available.

    Signed-off-by: Eric Dumazet
    Signed-off-by: David S. Miller

    Eric Dumazet
     

30 Mar, 2010

1 commit

  • 5a0e3ad6a   include cleanup: Update gfp.h and slab.h includes to prepare for breaking implic… ... Browse Code »

    …it slab.h inclusion from percpu.h

    percpu.h is included by sched.h and module.h and thus ends up being
    included when building most .c files. percpu.h includes slab.h which
    in turn includes gfp.h making everything defined by the two files
    universally available and complicating inclusion dependencies.

    percpu.h -> slab.h dependency is about to be removed. Prepare for
    this change by updating users of gfp and slab facilities include those
    headers directly instead of assuming availability. As this conversion
    needs to touch large number of source files, the following script is
    used as the basis of conversion.

    http://userweb.kernel.org/~tj/misc/slabh-sweep.py

    The script does the followings.

    * Scan files for gfp and slab usages and update includes such that
    only the necessary includes are there. ie. if only gfp is used,
    gfp.h, if slab is used, slab.h.

    * When the script inserts a new include, it looks at the include
    blocks and try to put the new include such that its order conforms
    to its surrounding. It's put in the include block which contains
    core kernel includes, in the same order that the rest are ordered -
    alphabetical, Christmas tree, rev-Xmas-tree or at the end if there
    doesn't seem to be any matching order.

    * If the script can't find a place to put a new include (mostly
    because the file doesn't have fitting include block), it prints out
    an error message indicating which .h file needs to be added to the
    file.

    The conversion was done in the following steps.

    1. The initial automatic conversion of all .c files updated slightly
    over 4000 files, deleting around 700 includes and adding ~480 gfp.h
    and ~3000 slab.h inclusions. The script emitted errors for ~400
    files.

    2. Each error was manually checked. Some didn't need the inclusion,
    some needed manual addition while adding it to implementation .h or
    embedding .c file was more appropriate for others. This step added
    inclusions to around 150 files.

    3. The script was run again and the output was compared to the edits
    from #2 to make sure no file was left behind.

    4. Several build tests were done and a couple of problems were fixed.
    e.g. lib/decompress_*.c used malloc/free() wrappers around slab
    APIs requiring slab.h to be added manually.

    5. The script was run on all .h files but without automatically
    editing them as sprinkling gfp.h and slab.h inclusions around .h
    files could easily lead to inclusion dependency hell. Most gfp.h
    inclusion directives were ignored as stuff from gfp.h was usually
    wildly available and often used in preprocessor macros. Each
    slab.h inclusion directive was examined and added manually as
    necessary.

    6. percpu.h was updated not to include slab.h.

    7. Build test were done on the following configurations and failures
    were fixed. CONFIG_GCOV_KERNEL was turned off for all tests (as my
    distributed build env didn't work with gcov compiles) and a few
    more options had to be turned off depending on archs to make things
    build (like ipr on powerpc/64 which failed due to missing writeq).

    * x86 and x86_64 UP and SMP allmodconfig and a custom test config.
    * powerpc and powerpc64 SMP allmodconfig
    * sparc and sparc64 SMP allmodconfig
    * ia64 SMP allmodconfig
    * s390 SMP allmodconfig
    * alpha SMP allmodconfig
    * um on x86_64 SMP allmodconfig

    8. percpu.h modifications were reverted so that it could be applied as
    a separate patch and serve as bisection point.

    Given the fact that I had only a couple of failures from tests on step
    6, I'm fairly confident about the coverage of this conversion patch.
    If there is a breakage, it's likely to be something in one of the arch
    headers which should be easily discoverable easily on most builds of
    the specific arch.

    Signed-off-by: Tejun Heo <tj@kernel.org>
    Guess-its-ok-by: Christoph Lameter <cl@linux-foundation.org>
    Cc: Ingo Molnar <mingo@redhat.com>
    Cc: Lee Schermerhorn <Lee.Schermerhorn@hp.com>

    Tejun Heo
     

11 Feb, 2010

1 commit

16 Jan, 2010

1 commit

  • d00c362f1   ax25: netrom: rose: Fix timer oopses ... Browse Code »

    Wrong ax25_cb refcounting in ax25_send_frame() and by its callers can
    cause timer oopses (first reported with 2.6.29.6 kernel).

    Fixes: http://bugzilla.kernel.org/show_bug.cgi?id=14905

    Reported-by: Bernard Pidoux
    Tested-by: Bernard Pidoux
    Signed-off-by: Jarek Poplawski
    Signed-off-by: David S. Miller

    Jarek Poplawski
     

08 Dec, 2009

1 commit

  • d7fc02c7b   Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 ... Browse Code »

    * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6: (1815 commits)
    mac80211: fix reorder buffer release
    iwmc3200wifi: Enable wimax core through module parameter
    iwmc3200wifi: Add wifi-wimax coexistence mode as a module parameter
    iwmc3200wifi: Coex table command does not expect a response
    iwmc3200wifi: Update wiwi priority table
    iwlwifi: driver version track kernel version
    iwlwifi: indicate uCode type when fail dump error/event log
    iwl3945: remove duplicated event logging code
    b43: fix two warnings
    ipw2100: fix rebooting hang with driver loaded
    cfg80211: indent regulatory messages with spaces
    iwmc3200wifi: fix NULL pointer dereference in pmkid update
    mac80211: Fix TX status reporting for injected data frames
    ath9k: enable 2GHz band only if the device supports it
    airo: Fix integer overflow warning
    rt2x00: Fix padding bug on L2PAD devices.
    WE: Fix set events not propagated
    b43legacy: avoid PPC fault during resume
    b43: avoid PPC fault during resume
    tcp: fix a timewait refcnt race
    ...

    Fix up conflicts due to sysctl cleanups (dead sysctl_check code and
    CTL_UNNUMBERED removed) in
    kernel/sysctl_check.c
    net/ipv4/sysctl_net_ipv4.c
    net/ipv6/addrconf.c
    net/sctp/sysctl.c

    Linus Torvalds
     

26 Nov, 2009

1 commit

  • 09ad9bc75   net: use net_eq to compare nets ... Browse Code »

    Generated with the following semantic patch

    @@
    struct net *n1;
    struct net *n2;
    @@
    - n1 == n2
    + net_eq(n1, n2)

    @@
    struct net *n1;
    struct net *n2;
    @@
    - n1 != n2
    + !net_eq(n1, n2)

    applied over {include,net,drivers/net}.

    Signed-off-by: Octavian Purdila
    Signed-off-by: David S. Miller

    Octavian Purdila
     

12 Nov, 2009

1 commit

  • f8572d8f2   sysctl net: Remove unused binary sysctl code ... Browse Code »

    Now that sys_sysctl is a compatiblity wrapper around /proc/sys
    all sysctl strategy routines, and all ctl_name and strategy
    entries in the sysctl tables are unused, and can be
    revmoed.

    In addition neigh_sysctl_register has been modified to no longer
    take a strategy argument and it's callers have been modified not
    to pass one.

    Cc: "David Miller"
    Cc: Hideaki YOSHIFUJI
    Cc: netdev@vger.kernel.org
    Signed-off-by: Eric W. Biederman

    Eric W. Biederman
     

06 Nov, 2009

1 commit

  • 3f378b684   net: pass kern to net_proto_family create function ... Browse Code »

    The generic __sock_create function has a kern argument which allows the
    security system to make decisions based on if a socket is being created by
    the kernel or by userspace. This patch passes that flag to the
    net_proto_family specific create function, so it can do the same thing.

    Signed-off-by: Eric Paris
    Acked-by: Arnaldo Carvalho de Melo
    Signed-off-by: David S. Miller

    Eric Paris
     

30 Oct, 2009

1 commit

07 Oct, 2009

1 commit

01 Oct, 2009

2 commits

  • 8c185ab61   ax25: Fix possible oops in ax25_make_new ... Browse Code »

    In ax25_make_new, if kmemdup of digipeat returns an error, there would
    be an oops in sk_free while calling sk_destruct, because sk_protinfo
    is NULL at the moment; move sk->sk_destruct initialization after this.

    BTW of reported-by: Bernard Pidoux F6BVP

    Signed-off-by: Jarek Poplawski
    Signed-off-by: David S. Miller

    Jarek Poplawski
     
  • b7058842c   net: Make setsockopt() optlen be unsigned. ... Browse Code »

    This provides safety against negative optlen at the type
    level instead of depending upon (sometimes non-trivial)
    checks against this sprinkled all over the the place, in
    each and every implementation.

    Based upon work done by Arjan van de Ven and feedback
    from Linus Torvalds.

    Signed-off-by: David S. Miller

    David S. Miller
     

29 Sep, 2009

1 commit

  • 2f72291d3   ax25: Add missing dev_put in ax25_setsockopt ... Browse Code »

    ax25_setsockopt SO_BINDTODEVICE is missing a dev_put call in case of
    success. Re-order code to fix this bug. While at it also reformat two
    lines of code to comply with the Linux coding style.

    Initial patch by Jarek Poplawski .

    Reported-by: Bernard Pidoux F6BVP
    Signed-off-by: Ralf Baechle
    Signed-off-by: David S. Miller

    Ralf Baechle
     

26 Sep, 2009

1 commit

23 Sep, 2009

1 commit

  • 407fc5cf0   ax25: Fix SIOCAX25GETINFO ioctl ... Browse Code »

    rcv_q & snd_q initializations were reversed in commit
    31e6d363abcd0d05766c82f1a9c905a4c974a199
    (net: correct off-by-one write allocations reports)

    Signed-off-by: Jan Rafaj
    Signed-off-by: Eric Dumazet
    Signed-off-by: David S. Miller

    Eric Dumazet
     

24 Jun, 2009

1 commit

  • d55d87fdf   net: Move rx skb_orphan call to where needed ... Browse Code »

    In order to get the tun driver to account packets, we need to be
    able to receive packets with destructors set. To be on the safe
    side, I added an skb_orphan call for all protocols by default since
    some of them (IP in particular) cannot handle receiving packets
    destructors properly.

    Now it seems that at least one protocol (CAN) expects to be able
    to pass skb->sk through the rx path without getting clobbered.

    So this patch attempts to fix this properly by moving the skb_orphan
    call to where it's actually needed. In particular, I've added it
    to skb_set_owner_[rw] which is what most users of skb->destructor
    call.

    This is actually an improvement for tun too since it means that
    we only give back the amount charged to the socket when the skb
    is passed to another socket that will also be charged accordingly.

    Signed-off-by: Herbert Xu
    Tested-by: Oliver Hartkopp
    Signed-off-by: David S. Miller

    Herbert Xu
     

18 Jun, 2009

1 commit

  • 31e6d363a   net: correct off-by-one write allocations reports ... Browse Code »

    commit 2b85a34e911bf483c27cfdd124aeb1605145dc80
    (net: No more expensive sock_hold()/sock_put() on each tx)
    changed initial sk_wmem_alloc value.

    We need to take into account this offset when reporting
    sk_wmem_alloc to user, in PROC_FS files or various
    ioctls (SIOCOUTQ/TIOCOUTQ)

    Signed-off-by: Eric Dumazet
    Signed-off-by: David S. Miller

    Eric Dumazet
     

17 Jun, 2009

1 commit

  • c564039fd   net: sk_wmem_alloc has initial value of one, not zero ... Browse Code »

    commit 2b85a34e911bf483c27cfdd124aeb1605145dc80
    (net: No more expensive sock_hold()/sock_put() on each tx)
    changed initial sk_wmem_alloc value.

    Some protocols check sk_wmem_alloc value to determine if a timer
    must delay socket deallocation. We must take care of the sk_wmem_alloc
    value being one instead of zero when no write allocations are pending.

    Reported by Ingo Molnar, and full diagnostic from David Miller.

    This patch introduces three helpers to get read/write allocations
    and a followup patch will use these helpers to report correct
    write allocations to user.

    Reported-by: Ingo Molnar
    Signed-off-by: Eric Dumazet
    Signed-off-by: David S. Miller

    Eric Dumazet
     

20 Apr, 2009

1 commit

  • c7c1a0f60   ax25: proc uid file misses header ... Browse Code »

    This has been broken for a while. I happened to catch it testing because one
    app "knew" that the top line of the calls data was the policy line and got
    confused.

    Put the header back.

    Signed-off-by: Alan Cox
    Signed-off-by: David S. Miller

    Alan Cox
     

28 Mar, 2009

1 commit

22 Mar, 2009

2 commits

10 Mar, 2009

1 commit

07 Feb, 2009

1 commit

01 Feb, 2009

1 commit

29 Dec, 2008

1 commit

  • 0191b625c   Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 ... Browse Code »

    * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6: (1429 commits)
    net: Allow dependancies of FDDI & Tokenring to be modular.
    igb: Fix build warning when DCA is disabled.
    net: Fix warning fallout from recent NAPI interface changes.
    gro: Fix potential use after free
    sfc: If AN is enabled, always read speed/duplex from the AN advertising bits
    sfc: When disabling the NIC, close the device rather than unregistering it
    sfc: SFT9001: Add cable diagnostics
    sfc: Add support for multiple PHY self-tests
    sfc: Merge top-level functions for self-tests
    sfc: Clean up PHY mode management in loopback self-test
    sfc: Fix unreliable link detection in some loopback modes
    sfc: Generate unique names for per-NIC workqueues
    802.3ad: use standard ethhdr instead of ad_header
    802.3ad: generalize out mac address initializer
    802.3ad: initialize ports LACPDU from const initializer
    802.3ad: remove typedef around ad_system
    802.3ad: turn ports is_individual into a bool
    802.3ad: turn ports is_enabled into a bool
    802.3ad: make ntt bool
    ixgbe: Fix set_ringparam in ixgbe to use the same memory pools.
    ...

    Fixed trivial IPv4/6 address printing conflicts in fs/cifs/connect.c due
    to the conversion to %pI (in this networking merge) and the addition of
    doing IPv6 addresses (from the earlier merge of CIFS).

    Linus Torvalds
     

15 Dec, 2008

1 commit