08 Feb, 2007
2 commits
-
* master.kernel.org:/pub/scm/linux/kernel/git/gregkh/driver-2.6: (28 commits)
sysfs: Shadow directory support
Driver Core: Increase the default timeout value of the firmware subsystem
Driver core: allow to delay the uevent at device creation time
Driver core: add device_type to struct device
Driver core: add uevent vars for devices of a class
SYSFS: Fix missing include of list.h in sysfs.h
HOWTO: Add a reference to Harbison and Steele
sysfs: error handling in sysfs, fill_read_buffer()
kobject: kobject_put cleanup
sysfs: kobject_put cleanup
sysfs: suppress lockdep warnings
Driver core: fix race in sysfs between sysfs_remove_file() and read()/write()
driver core: Change function call order in device_bind_driver().
driver core: Don't stop probing on ->probe errors.
driver core fixes: device_register() retval check in platform.c
driver core fixes: make_class_name() retval checks
/sys/modules/*/holders
USB: add the sysfs driver name to all modules
SERIO: add the sysfs driver name to all modules
PCI: add the sysfs driver name to all modules
... -
This lets the network core have the ability to handle suspend/resume
issues, if it wants to.Thanks to Frederik Deweerdt for the arm
driver fixes.Signed-off-by: Greg Kroah-Hartman
06 Feb, 2007
1 commit
-
Unconfigured bcm43xx device can hit an assert() during wx_get_rate
queries. This is because bcm43xx calls ieee80211softmac_start late
(i.e. during open instead of probe).bcm43xx_net_open ->
bcm43xx_init_board ->
bcm43xx_select_wireless_core ->
ieee80211softmac_startFix is to check that device is running before completing
ieee80211softmac_wx_get_rate.Signed-off-by: John W. Linville
03 Feb, 2007
2 commits
-
Fix this by letting NF_CONNTRACK_H323 depend on (IPV6 || IPV6=n).
Signed-off-by: Adrian Bunk
Signed-off-by: David S. Miller -
CC net/netfilter/nf_conntrack_netlink.o
net/netfilter/nf_conntrack_netlink.c: In function 'ctnetlink_conntrack_event':
net/netfilter/nf_conntrack_netlink.c:392: error: 'struct nf_conn' has no member named 'mark'
make[3]: *** [net/netfilter/nf_conntrack_netlink.o] Error 1Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
02 Feb, 2007
1 commit
-
The x_tables patch broke target module autoloading in the ipt action
by replacing the ipt_find_target call (which does autoloading) by
xt_find_target (which doesn't do autoloading). Additionally xt_find_target
may return ERR_PTR values in case of an error, which are not handled.Use xt_request_find_target, which does both autoloading and ERR_PTR
handling properly. Also don't forget to drop the target module reference
again when xt_check_target fails.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
31 Jan, 2007
8 commits
-
IP6_NF_IPTABLES=m, CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=y results in a
linker error since ipv6_find_hdr is defined in ip6_tables.c. Fix similar
to Adrian Bunk's H.323 conntrack patch: selecting ip6_tables to be build
as module requires hashlimit to be built as module as well.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
When processing a HEARTBEAT-ACK it's possible that the transport rto
timers will not be updated because a prior T3-RTX processing would
have cleared the rto_pending flag on the transport. However, if
we received a valid HEARTBEAT-ACK, we want to force update the
rto variables, so re-set the rto_pending flag before calling
sctp_transport_update_rto().Signed-off-by: Vlad Yasevich
Signed-off-by: Sridhar Samudrala
Signed-off-by: David S. Miller -
When I tested IPv6 redirect function about kernel 2.6.19.1, and found
that the kernel can send redirect packets whose target address is global
address, and the target is not the actual endpoint of communication.But the criteria conform to RFC2461, the target address defines as
following:Target Address An IP address that is a better first hop to use for
he ICMP Destination Address. When the target is
the actual endpoint of communication, i.e., the
destination is a neighbor, the Target Address field
MUST contain the same value as the ICMP Destination
Address field. Otherwise the target is a better
first-hop router and the Target Address MUST be the
router's link-local address so that hosts can
uniquely identify routers.According to this definition, when a router redirect to a host, the
target address either the better first-hop router's link-local address
or the same as the ICMP destination address field. But the function of
ndisc_send_redirect() in net/ipv6/ndisc.c, does not check the target
address correctly.There is another definition about receive Redirect message in RFC2461:
8.1. Validation of Redirect Messages
A host MUST silently discard any received Redirect message that does
not satisfy all of the following validity checks:
......
- The ICMP Target Address is either a link-local address (when
redirected to a router) or the same as the ICMP Destination
Address (when redirected to the on-link destination).
......And the receive redirect function of ndisc_redirect_rcv() implemented
this definition, checks the target address correctly.
if (ipv6_addr_equal(dest, target)) {
on_link = 1;
} else if (!(ipv6_addr_type(target) & IPV6_ADDR_LINKLOCAL)) {
ND_PRINTK2(KERN_WARNING
"ICMPv6 Redirect: target address is not link-local.\n");
return;
}So, I think the send redirect function must check the target address
also.Signed-off-by: Li Yewang
Acked-by: YOSHIFUJI Hideaki
Signed-off-by: David S. Miller -
Signed-off-by: Neil Horman
Signed-off-by: David S. Miller -
When checking for an @-sign in skp_epaddr_len, make sure not to
run over the packet boundaries.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
When trying to skip over the username in the Contact header, stop at the
end of the line if no @ is found to avoid mangling following headers.
We don't need to worry about continuation lines because we search inside
a SIP URI.Fixes Netfilter Bugzilla #532.
Signed-off-by: Lars Immisch
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
When the packet counter of a connection is zero a division by zero
occurs in div64_64(). Fix that by using zero as average value, which
is correct as long as the packet counter didn't overflow, at which
point we have lost anyway.Additionally we're probably going to go back to 64 bit counters
in 2.6.21.Based on patch from Jonas Berlin ,
with suggestions from KOVACS Krisztian .Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
Also remove {NFSD,RPC}_PARANOIA as having the defines doesn't really add
anything.The printks covered by RPC_PARANOIA were triggered by badly formatted
packets and so should be ratelimited.Signed-off-by: Neil Brown
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
27 Jan, 2007
4 commits
-
When main table is just a single leaf this gets printed as belonging to the
local table in /proc/net/fib_trie. A fix is below.Signed-off-by: Robert Olsson
Acked-by: Eric W. Biederman
Signed-off-by: David S. Miller -
* master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6:
[NETFILTER]: nf_conntrack_pptp: fix NAT setup of expected GRE connections
[NETFILTER]: nf_nat_pptp: fix expectation removal
[NETFILTER]: nf_nat: fix ICMP translation with statically linked conntrack
[TCP]: Restore SKB socket owner setting in tcp_transmit_skb().
[AF_PACKET]: Check device down state before hard header callbacks.
[DECNET]: Handle a failure in neigh_parms_alloc (take 2)
[BNX2]: Fix 2nd port's MAC address.
[TCP]: Fix sorting of SACK blocks.
[AF_PACKET]: Fix BPF handling.
[IPV4]: Fix the fib trie iterator to work with a single entry routing tables -
NFSd assumes that largest number of pages that will be needed for a
request+response is 2+N where N pages is the size of the largest permitted
read/write request. The '2' are 1 for the non-data part of the request, and 1
for the non-data part of the reply.However, when a read request is not page-aligned, and we choose to use
->sendfile to send it directly from the page cache, we may need N+1 pages to
hold the whole reply. This can overflow and array and cause an Oops.This patch increases size of the array for holding pages by one and makes sure
that entry is NULL when it is not in use.Signed-off-by: Neil Brown
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Due to silly typos, if the nfs versions are explicitly set, no NFSACL versions
get enabled.Also improve an error message that would have made this bug a little easier to
find.Signed-off-by: Neil Brown
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
26 Jan, 2007
7 commits
-
When an expected connection arrives, the NAT helper should be called to
set up NAT similar to the master connection. The PPTP conntrack helper
incorrectly checks whether the _expected_ connection has NAT setup before
calling the NAT helper (which is never the case), instead of checkeing
whether the _master_ connection is NATed.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
When removing the expectation for the opposite direction, the PPTP NAT
helper initializes the tuple for lookup with the addresses of the
opposite direction, which makes the lookup fail.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
When nf_nat/nf_conntrack_ipv4 are linked statically, nf_nat is initialized
before nf_conntrack_ipv4, which makes the nf_ct_l3proto_find_get(AF_INET)
call during nf_nat initialization return the generic l3proto instead of
the AF_INET specific one. This breaks ICMP error translation since the
generic protocol always initializes the IPs in the tuple to 0.Change the linking order and put nf_conntrack_ipv4 first.
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
Revert 931731123a103cfb3f70ac4b7abfc71d94ba1f03
We can't elide the skb_set_owner_w() here because things like certain
netfilter targets (such as owner MATCH) need a socket to be set on the
SKB for correct operation.Thanks to Jan Engelhardt and other netfilter list members for
pointing this out.Signed-off-by: David S. Miller
-
If the device is down, invoking the device hard header callbacks
is not legal, so check it early.Based upon a shaper OOPS report from Frederik Deweerdt.
Signed-off-by: David S. Miller
-
While enhancing the neighbour code to handle multiple network
namespaces I noticed that decnet is assuming neigh_parms_alloc
will allways succeed, which is clearly wrong. So handle the
failure.Signed-off-by: Eric W. Biederman
Acked-by: Steven Whitehouse
Signed-off-by: David S. Miller -
The sorting of SACK blocks actually munges them rather than sort,
causing the TCP stack to ignore some SACK information and breaking the
assumption of ordered SACK blocks after sorting.The sort takes the data from a second buffer which isn't moved causing
subsequent data moves to occur from the wrong location. The fix is to
use a temporary buffer as a normal sort does.Signed-off-By: Baruch Even
Signed-off-by: David S. Miller
25 Jan, 2007
3 commits
-
This fixes a bug introduced by:
commit fda9ef5d679b07c9d9097aaf6ef7f069d794a8f9
Author: Dmitry Mishin
Date: Thu Aug 31 15:28:39 2006 -0700[NET]: Fix sk->sk_filter field access
sk_run_filter() returns either 0 or an unsigned 32-bit
length which says how much of the packet to retain.
If that 32-bit unsigned integer is larger than the packet,
this is fine we just leave the packet unchanged.The above commit caused all filter return values which
were negative when interpreted as a signed integer to
indicate a packet drop, which is wrong.Based upon a report and initial patch by Raivis Bucis.
Signed-off-by: David S. Miller
-
In a kernel with trie routing enabled I had a simple routing setup
with only a single route to the outside world and no default
route. "ip route table list main" showed my the route just fine but
/proc/net/route was an empty file. What was going on?Thinking it was a bug in something I did and I looked deeper. Eventually
I setup a second route and everything looked correct, huh? Finally I
realized that the it was just the iterator pair in fib_trie_get_first,
fib_trie_get_next just could not handle a routing table with a single entry.So to save myself and others further confusion, here is a simple fix for
the fib proc iterator so it works even when there is only a single route
in a routing table.Signed-off-by: Eric W. Biederman
Signed-off-by: Robert Olsson
Signed-off-by: David S. Miller -
Fix the Oops in http://bugzilla.linux-nfs.org/show_bug.cgi?id=138
We shouldn't be calling rpc_release_task() for tasks that are not active.Signed-off-by: Trond Myklebust
Signed-off-by: Linus Torvalds
24 Jan, 2007
12 commits
-
> --- a/net/sctp/sm_statefuns.c
> +++ b/net/sctp/sm_statefuns.c
> @@ -462,24 +461,6 @@ sctp_disposition_t sctp_sf_do_5_1C_ack(const struct sctp_endpoint *ep,> - if (!init_tag) {
> - struct sctp_chunk *reply = sctp_make_abort(asoc, chunk, 0);
> - if (!reply)
> - goto nomem;This introduced a compiler warning, easily fixed.
Signed-off-by: Brian Haley
Signed-off-by: David S. Miller -
I think the return value of rt6_nlmsg_size() should includes the
amount of RTA_METRICS.Signed-off-by: Noriaki TAKAMIYA
Acked-by: Thomas Graf
Signed-off-by: David S. Miller -
The patch "Replace CHECKSUM_HW by CHECKSUM_PARTIAL/CHECKSUM_COMPLETE"
changed to unconditional copying of ip_summed field from collapsed
skb. This patch reverts this change.The majority of substantial work including heavy testing
and diagnosing by: Michael Tokarev
Possible reasons pointed by: Herbert Xu and Patrick McHardy.Signed-off-by: Jarek Poplawski
Acked-by: Herbert Xu
Signed-off-by: David S. Miller -
I encountered a kernel panic with my test program, which is a very
simple IPv6 client-server program.The server side sets IPV6_RECVPKTINFO on a listening socket, and the
client side just sends a message to the server. Then the kernel panic
occurs on the server. (If you need the test program, please let me
know. I can provide it.)This problem happens because a skb is forcibly freed in
tcp_rcv_state_process().When a socket in listening state(TCP_LISTEN) receives a syn packet,
then tcp_v6_conn_request() will be called from
tcp_rcv_state_process(). If the tcp_v6_conn_request() successfully
returns, the skb would be discarded by __kfree_skb().However, in case of a listening socket which was already set
IPV6_RECVPKTINFO, an address of the skb will be stored in
treq->pktopts and a ref count of the skb will be incremented in
tcp_v6_conn_request(). But, even if the skb is still in use, the skb
will be freed. Then someone still using the freed skb will cause the
kernel panic.I suggest to use kfree_skb() instead of __kfree_skb().
Signed-off-by: Masayuki Nakagawa
Signed-off-by: David S. Miller -
The recent hashing introduced an off-by-one bug in policy list insertion.
Instead of adding after the last entry with a lesser or equal priority,
we're adding after the successor of that entry.This patch fixes this and also adds a warning if we detect a duplicate
entry in the policy list. This should never happen due to this if clause.Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller -
__x25_find_socket does a sock_hold.
This adds a missing sock_put in x25_receive_data.Signed-off-by: Andrew Hendry
Signed-off-by: David S. Miller -
Currently, when association enters SHUTDOWN state,the
implementation will SACK any DATA first and then transmit
the SHUTDOWN chunk. This is against the order required by
2960bis spec. SHUTDOWN must always be first, followed by
SACK. This change forces this order and also enables bundling.Signed-off-by: Vlad Yasevich
Signed-off-by: Sridhar Samudrala
Signed-off-by: David S. Miller -
Consider the chunk as Out-of-the-Blue if we don't have
an endpoint. Otherwise discard it as before.Signed-off-by: Vlad Yasevich
Signed-off-by: Sridhar Samudrala
Signed-off-by: David S. Miller -
Verify init_tag and a_rwnd mandatory parameters in INIT and
INIT-ACK chunks.Signed-off-by: Vlad Yasevich
Signed-off-by: Sridhar Samudrala
Signed-off-by: David S. Miller -
sctp_process_missing_param() needs to use the SCTP_ERROR_MISS_PARAM
error cause value.Signed-off-by: Vlad Yasevich
Signed-off-by: Sridhar Samudrala
Signed-off-by: David S. Miller -
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
