17 Oct, 2006
1 commit
-
Make net_random() more widely available by calling it random32
akpm: hopefully this will permit the removal of carta_random32. That needs
confirmation from Stephane - this code looks somewhat more computationally
expensive, and has a different (ie: callee-stateful) interface.[akpm@osdl.org: lots of build fixes, cleanups]
Signed-off-by: Stephen Hemminger
Signed-off-by: David S. Miller
Cc: Stephane Eranian
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
16 Oct, 2006
22 commits
-
The bt_proto array needs to be protected by some kind of locking to
prevent a race condition between bt_sock_create and bt_sock_register.And in addition all calls to sk_alloc need to be made GFP_ATOMIC now.
Signed-off-by: Masatake YAMATO
Signed-off-by: Frederik Deweerdt
Signed-off-by: Marcel Holtmann -
If the DLC device is no longer attached to the TTY device, then it
makes no sense to go through with changing the termios settings.Signed-off-by: Marcel Holtmann
-
When the connection lookup for the device structure fails, the reference
count for the HCI device needs to be decremented.Signed-off-by: Marcel Holtmann
-
The Bluetooth HID specification demands that the interrupt channel
shall be disconnected first. This is needed to pass the qualification
tests.Signed-off-by: Marcel Holtmann
-
Most Bluetooth chips don't support concurrent connect requests, because
this would involve a multiple baseband page with only one radio. In the
case an upper layer like L2CAP requests a concurrent connect these chips
return the error "Command Disallowed" for the second request. If this
happens it the responsibility of the Bluetooth core to queue the request
and try again after the previous connect attempt has been completed.Signed-off-by: Marcel Holtmann
-
The Bluetooth subsystem currently uses a platform device for devices
with no parent. It is a better idea to use the new virtual devices
tree for these.Signed-off-by: Marcel Holtmann
-
Some return values of the driver core register and create functions
are not handled and so might cause unexpected problems.Signed-off-by: Marcel Holtmann
-
There exists no attempt do deal with the fact that a structure with
a uint32_t followed by a pointer is going to be different for 32-bit
and 64-bit userspace. Any 32-bit process trying to use it will be
failing with -EFAULT if it's lucky; suffering from having data dumped
at a random address if it's not.Signed-off-by: David Woodhouse
Signed-off-by: Marcel Holtmann -
This is missing the MODULE_LICENSE statements and taints the kernel
upon loading. License is obvious from the beginning of the file.Signed-off-by: Jan Dittmer
Signed-off-by: Joerg Roedel
Signed-off-by: David S. Miller -
Signed-off-by: YOSHIFUJI Hideaki
Signed-off-by: David S. Miller -
Fixes rt6_lookup() to provide the source address in the flow
and sets RT6_LOOKUP_F_HAS_SADDR whenever it is present in
the flow.Avoids unnecessary prefix comparisons by checking for a prefix
length first.Fixes the rule logic to not match packets if a source selector
has been specified but no source address is available.Thanks to Kim Nordlund for working
on this patch with me.Signed-off-by: Thomas Graf
Acked-by: Ville Nuorvala
Signed-off-by: David S. Miller -
Missing counter bump when hashing in a new ACQ
xfrm_state.Now that we have two spots to do the hash grow
check, break it out into a helper function.Signed-off-by: David S. Miller
-
1) shrink struct inet_peer on 64 bits platforms.
-
The CIPSO passthrough mapping had a problem when sending categories which
would cause no or incorrect categories to be sent on the wire with a packet.
This patch fixes the problem which was a simple off-by-one bug.Signed-off-by: Paul Moore
Signed-off-by: James Morris -
Fix several places in the CIPSO code where it was dereferencing fields which
did not have valid pointers by moving those pointer dereferences into code
blocks where the pointers are valid.Signed-off-by: Paul Moore
Signed-off-by: James Morris -
Flush the forwarding table when carrier is lost. This helps for
availability because we don't want to forward to a downed device and
new packets may come in on other links.Signed-off-by: Stephen Hemminger
Signed-off-by: David S. Miller -
Remove (compilation-breaking) debugging messages introduced at early
development stage.Signed-off-by: Pablo Neira Ayuso
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
CONNSECMARK needs conntrack, add missing dependency to fix linking error
with CONNSECMARK=y and CONNTRACK=m.Reported by Toralf Förster .
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
Even though the tos field is only a single byte large, the values need to
be converted to net-endian for the checkum update so they are in the
corrent byte position. Also fix incorrect endian annotations.Reported by Stephane Chazelas
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
12 Oct, 2006
16 commits
-
Use rb_first() to get first entry in rb tree.
Signed-off-by: Akinbou Mita
Signed-off-by: David S. Miller -
skb is the netlink query, nskb is the reply message.
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
Dave Jones wrote:
> sfuzz D 724EF62A 2828 28717 28691 (NOTLB)
> cd69fe98 00000082 0000012d 724ef62a 0001971a 00000010 00000007 df6d22b0
> dfd81080 725bbc5e 0001971a 000cc634 00000001 df6d23bc c140e260 00000202
> de1d5ba0 cd69fea0 de1d5ba0 00000000 00000000 de1d5b60 de1d5b8c de1d5ba0
> Call Trace:
> [] lock_sock+0x75/0xa6
> [] dn_getname+0x18/0x5f [decnet]
> [] sys_getsockname+0x5c/0xb0
> [] sys_socketcall+0xef/0x261
> [] syscall_call+0x7/0xb
> DWARF2 unwinder stuck at syscall_call+0x7/0xb
>
> I wonder if the plethora of lockdep related changes inadvertantly broke something?Looks like unbalanced locking.
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
They are not necessarily initialized to zero by the compiler,
for example when using run-time initializers of automatic
on-stack variables.Noticed by Eric Dumazet and Patrick McHardy.
Signed-off-by: David S. Miller
-
Signed-off-by: YOSHIFUJI Hideaki
Signed-off-by: David S. Miller -
Signed-off-by: YOSHIFUJI Hideaki
Signed-off-by: David S. Miller -
Signed-off-by: YOSHIFUJI Hideaki
Signed-off-by: David S. Miller -
This patch contains the changes to net/ipv6/addrconf.c to remove sit
specific code if the sit driver is not selected.Signed-off-by: Joerg Roedel
Signed-off-by: YOSHIFUJI Hideaki
Signed-off-by: David S. Miller -
This patch removes the driver of the IPv6-in-IPv4 tunnel driver (sit)
from the IPv6 module. It adds an option to Kconfig which makes it
possible to compile it as a seperate module.Signed-off-by: Joerg Roedel
Signed-off-by: David S. Miller -
If more than one file descriptor was sent with an SCM_RIGHTS message,
and on the receiving end, after installing a nonzero (but not all)
file descritpors the process runs out of fds, then the already
installed fds will be lost (userspace will have no way of knowing
about them).The following patch makes sure, that at least the already installed
fds are sent to userspace. It doesn't solve the issue of losing file
descriptors in case of an EFAULT on the userspace buffer.Signed-off-by: Miklos Szeredi
Signed-off-by: David S. Miller -
Show the true receive buffer usage.
Signed-off-by: Vlad Yasevich
Signed-off-by: Sridhar Samudrala
Signed-off-by: David S. Miller -
When doing receiver buffer accounting, we always used skb->truesize.
This is problematic when processing bundled DATA chunks because for
every DATA chunk that could be small part of one large skb, we would
charge the size of the entire skb. The new approach is to store the
size of the DATA chunk we are accounting for in the sctp_ulpevent
structure and use that stored value for accounting.Signed-off-by: Vlad Yasevich
Signed-off-by: Sridhar Samudrala
Signed-off-by: David S. Miller -
This treats the security errors encountered in the case of
socket policy matching, the same as how these are treated in
the case of main/sub policies, which is to return a full lookup
failure.Signed-off-by: Venkat Yekkirala
Signed-off-by: James Morris -
Currently when an IPSec policy rule doesn't specify a security
context, it is assumed to be "unlabeled" by SELinux, and so
the IPSec policy rule fails to match to a flow that it would
otherwise match to, unless one has explicitly added an SELinux
policy rule allowing the flow to "polmatch" to the "unlabeled"
IPSec policy rules. In the absence of such an explicitly added
SELinux policy rule, the IPSec policy rule fails to match and
so the packet(s) flow in clear text without the otherwise applicable
xfrm(s) applied.The above SELinux behavior violates the SELinux security notion of
"deny by default" which should actually translate to "encrypt by
default" in the above case.This was first reported by Evgeniy Polyakov and the way James Morris
was seeing the problem was when connecting via IPsec to a
confined service on an SELinux box (vsftpd), which did not have the
appropriate SELinux policy permissions to send packets via IPsec.With this patch applied, SELinux "polmatching" of flows Vs. IPSec
policy rules will only come into play when there's a explicit context
specified for the IPSec policy rule (which also means there's corresponding
SELinux policy allowing appropriate domains/flows to polmatch to this context).Secondly, when a security module is loaded (in this case, SELinux), the
security_xfrm_policy_lookup() hook can return errors other than access denied,
such as -EINVAL. We were not handling that correctly, and in fact
inverting the return logic and propagating a false "ok" back up to
xfrm_lookup(), which then allowed packets to pass as if they were not
associated with an xfrm policy.The solution for this is to first ensure that errno values are
correctly propagated all the way back up through the various call chains
from security_xfrm_policy_lookup(), and handled correctly.Then, flow_cache_lookup() is modified, so that if the policy resolver
fails (typically a permission denied via the security module), the flow
cache entry is killed rather than having a null policy assigned (which
indicates that the packet can pass freely). This also forces any future
lookups for the same flow to consult the security module (e.g. SELinux)
for current security policy (rather than, say, caching the error on the
flow cache entry).This patch: Fix the selinux side of things.
This makes sure SELinux polmatching of flow contexts to IPSec policy
rules comes into play only when an explicit context is associated
with the IPSec policy rule.Also, this no longer defaults the context of a socket policy to
the context of the socket since the "no explicit context" case
is now handled properly.Signed-off-by: Venkat Yekkirala
Signed-off-by: James Morris -
When a security module is loaded (in this case, SELinux), the
security_xfrm_policy_lookup() hook can return an access denied permission
(or other error). We were not handling that correctly, and in fact
inverting the return logic and propagating a false "ok" back up to
xfrm_lookup(), which then allowed packets to pass as if they were not
associated with an xfrm policy.The way I was seeing the problem was when connecting via IPsec to a
confined service on an SELinux box (vsftpd), which did not have the
appropriate SELinux policy permissions to send packets via IPsec.The first SYNACK would be blocked, because of an uncached lookup via
flow_cache_lookup(), which would fail to resolve an xfrm policy because
the SELinux policy is checked at that point via the resolver.However, retransmitted SYNACKs would then find a cached flow entry when
calling into flow_cache_lookup() with a null xfrm policy, which is
interpreted by xfrm_lookup() as the packet not having any associated
policy and similarly to the first case, allowing it to pass without
transformation.The solution presented here is to first ensure that errno values are
correctly propagated all the way back up through the various call chains
from security_xfrm_policy_lookup(), and handled correctly.Then, flow_cache_lookup() is modified, so that if the policy resolver
fails (typically a permission denied via the security module), the flow
cache entry is killed rather than having a null policy assigned (which
indicates that the packet can pass freely). This also forces any future
lookups for the same flow to consult the security module (e.g. SELinux)
for current security policy (rather than, say, caching the error on the
flow cache entry).Signed-off-by: James Morris
-
Testing revealed a problem with the NetLabel cache where a cached entry could
be freed while in use by the LSM layer causing an oops and other problems.
This patch fixes that problem by introducing a reference counter to the cache
entry so that it is only freed when it is no longer in use.Signed-off-by: Paul Moore
Signed-off-by: James Morris
11 Oct, 2006
1 commit
-
Signed-off-by: Alexey Dobriyan
Signed-off-by: Al Viro
Acked-by: David S. Miller
Signed-off-by: Linus Torvalds
