Eric Lee / smarc-fsl-linux-kernel

08 Apr, 2013

1 commit

  • 4a184233f   rose: fix info leak via msg_name in rose_recvmsg() ... Browse Code »

    The code in rose_recvmsg() does not initialize all of the members of
    struct sockaddr_rose/full_sockaddr_rose when filling the sockaddr info.
    Nor does it initialize the padding bytes of the structure inserted by
    the compiler for alignment. This will lead to leaking uninitialized
    kernel stack bytes in net/socket.c.

    Fix the issue by initializing the memory used for sockaddr info with
    memset(0).

    Cc: Ralf Baechle
    Signed-off-by: Mathias Krause
    Signed-off-by: David S. Miller

    Mathias Krause
     

28 Feb, 2013

1 commit

  • b67bfe0d4   hlist: drop the node parameter from iterators ... Browse Code »

    I'm not sure why, but the hlist for each entry iterators were conceived

    list_for_each_entry(pos, head, member)

    The hlist ones were greedy and wanted an extra parameter:

    hlist_for_each_entry(tpos, pos, head, member)

    Why did they need an extra pos parameter? I'm not quite sure. Not only
    they don't really need it, it also prevents the iterator from looking
    exactly like the list iterator, which is unfortunate.

    Besides the semantic patch, there was some manual work required:

    - Fix up the actual hlist iterators in linux/list.h
    - Fix up the declaration of other iterators based on the hlist ones.
    - A very small amount of places were using the 'node' parameter, this
    was modified to use 'obj->member' instead.
    - Coccinelle didn't handle the hlist_for_each_entry_safe iterator
    properly, so those had to be fixed up manually.

    The semantic patch which is mostly the work of Peter Senna Tschudin is here:

    @@
    iterator name hlist_for_each_entry, hlist_for_each_entry_continue, hlist_for_each_entry_from, hlist_for_each_entry_rcu, hlist_for_each_entry_rcu_bh, hlist_for_each_entry_continue_rcu_bh, for_each_busy_worker, ax25_uid_for_each, ax25_for_each, inet_bind_bucket_for_each, sctp_for_each_hentry, sk_for_each, sk_for_each_rcu, sk_for_each_from, sk_for_each_safe, sk_for_each_bound, hlist_for_each_entry_safe, hlist_for_each_entry_continue_rcu, nr_neigh_for_each, nr_neigh_for_each_safe, nr_node_for_each, nr_node_for_each_safe, for_each_gfn_indirect_valid_sp, for_each_gfn_sp, for_each_host;

    type T;
    expression a,c,d,e;
    identifier b;
    statement S;
    @@

    -T b;

    [akpm@linux-foundation.org: drop bogus change from net/ipv4/raw.c]
    [akpm@linux-foundation.org: drop bogus hunk from net/ipv6/raw.c]
    [akpm@linux-foundation.org: checkpatch fixes]
    [akpm@linux-foundation.org: fix warnings]
    [akpm@linux-foudnation.org: redo intrusive kvm changes]
    Tested-by: Peter Senna Tschudin
    Acked-by: Paul E. McKenney
    Signed-off-by: Sasha Levin
    Cc: Wu Fengguang
    Cc: Marcelo Tosatti
    Cc: Gleb Natapov
    Signed-off-by: Andrew Morton
    Signed-off-by: Linus Torvalds

    Sasha Levin
     

19 Feb, 2013

2 commits

  • ece31ffd5   net: proc: change proc_net_remove to remove_proc_entry ... Browse Code »

    proc_net_remove is only used to remove proc entries
    that under /proc/net,it's not a general function for
    removing proc entries of netns. if we want to remove
    some proc entries which under /proc/net/stat/, we still
    need to call remove_proc_entry.

    this patch use remove_proc_entry to replace proc_net_remove.
    we can remove proc_net_remove after this patch.

    Signed-off-by: Gao feng
    Signed-off-by: David S. Miller

    Gao feng
     
  • d4beaa66a   net: proc: change proc_net_fops_create to proc_create ... Browse Code »

    Right now, some modules such as bonding use proc_create
    to create proc entries under /proc/net/, and other modules
    such as ipv4 use proc_net_fops_create.

    It looks a little chaos.this patch changes all of
    proc_net_fops_create to proc_create. we can remove
    proc_net_fops_create after this patch.

    Signed-off-by: Gao feng
    Signed-off-by: David S. Miller

    Gao feng
     

21 Apr, 2012

2 commits

  • ec8f23ce0   net: Convert all sysctl registrations to register_net_sysctl ... Browse Code »

    This results in code with less boiler plate that is a bit easier
    to read.

    Additionally stops us from using compatibility code in the sysctl
    core, hastening the day when the compatibility code can be removed.

    Signed-off-by: Eric W. Biederman
    Acked-by: Pavel Emelyanov
    Signed-off-by: David S. Miller

    Eric W. Biederman
     
  • 5dd3df105   net: Move all of the network sysctls without a namespace into init_net. ... Browse Code »

    This makes it clearer which sysctls are relative to your current network
    namespace.

    This makes it a little less error prone by not exposing sysctls for the
    initial network namespace in other namespaces.

    This is the same way we handle all of our other network interfaces to
    userspace and I can't honestly remember why we didn't do this for
    sysctls right from the start.

    Signed-off-by: Eric W. Biederman
    Acked-by: Pavel Emelyanov
    Signed-off-by: David S. Miller

    Eric W. Biederman
     

16 Apr, 2012

1 commit

03 Apr, 2012

1 commit

  • ed359a3b7   Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net ... Browse Code »

    Pull networking fixes from David Miller:

    1) Provide device string properly for USB i2400m wimax devices, also
    don't OOPS when providing firmware string. From Phil Sutter.

    2) Add support for sh_eth SH7734 chips, from Nobuhiro Iwamatsu.

    3) Add another device ID to USB zaurus driver, from Guan Xin.

    4) Loop index start in pool vector iterator is wrong causing MAC to not
    get configured in bnx2x driver, fix from Dmitry Kravkov.

    5) EQL driver assumes HZ=100, fix from Eric Dumazet.

    6) Now that skb_add_rx_frag() can specify the truesize increment
    separately, do so in f_phonet and cdc_phonet, also from Eric
    Dumazet.

    7) virtio_net accidently uses net_ratelimit() not only on the kernel
    warning but also the statistic bump, fix from Rick Jones.

    8) ip_route_input_mc() uses fixed init_net namespace, oops, use
    dev_net(dev) instead. Fix from Benjamin LaHaise.

    9) dev_forward_skb() needs to clear the incoming interface index of the
    SKB so that it looks like a new incoming packet, also from Benjamin
    LaHaise.

    10) iwlwifi mistakenly initializes a channel entry as 2GHZ instead of
    5GHZ, fix from Stanislav Yakovlev.

    11) Missing kmalloc() return value checks in orinoco, from Santosh
    Nayak.

    12) ath9k doesn't check for HT capabilities in the right way, it is
    checking ht_supported instead of the ATH9K_HW_CAP_HT flag. Fix from
    Sujith Manoharan.

    13) Fix x86 BPF JIT emission of 16-bit immediate field of AND
    instructions, from Feiran Zhuang.

    14) Avoid infinite loop in GARP code when registering sysfs entries.
    From David Ward.

    15) rose protocol uses memcpy instead of memcmp in a device address
    comparison, oops. Fix from Daniel Borkmann.

    16) Fix build of lpc_eth due to dev_hw_addr_rancom() interface being
    renamed to eth_hw_addr_random(). From Roland Stigge.

    17) Make ipv6 RTM_GETROUTE interpret RTA_IIF attribute the same way
    that ipv4 does. Fix from Shmulik Ladkani.

    18) via-rhine has an inverted bit test, causing suspend/resume
    regressions. Fix from Andreas Mohr.

    19) RIONET assumes 4K page size, fix from Akinobu Mita.

    20) Initialization of imask register in sky2 is buggy, because bits are
    "or'd" into an uninitialized local variable. Fix from Lino
    Sanfilippo.

    21) Fix FCOE checksum offload handling, from Yi Zou.

    22) Fix VLAN processing regression in e1000, from Jiri Pirko.

    * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (52 commits)
    sky2: dont overwrite settings for PHY Quick link
    tg3: Fix 5717 serdes powerdown problem
    net: usb: cdc_eem: fix mtu
    net: sh_eth: fix endian check for architecture independent
    usb/rtl8150 : Remove duplicated definitions
    rionet: fix page allocation order of rionet_active
    via-rhine: fix wait-bit inversion.
    ipv6: Fix RTM_GETROUTE's interpretation of RTA_IIF to be consistent with ipv4
    net: lpc_eth: Fix rename of dev_hw_addr_random
    net/netfilter/nfnetlink_acct.c: use linux/atomic.h
    rose_dev: fix memcpy-bug in rose_set_mac_address
    Fix non TBI PHY access; a bad merge undid bug fix in a previous commit.
    net/garp: avoid infinite loop if attribute already exists
    x86 bpf_jit: fix a bug in emitting the 16-bit immediate operand of AND
    bonding: emit event when bonding changes MAC
    mac80211: fix oper channel timestamp updation
    ath9k: Use HW HT capabilites properly
    MAINTAINERS: adding maintainer for ipw2x00
    net: orinoco: add error handling for failed kmalloc().
    net/wireless: ipw2x00: fix a typo in wiphy struct initilization
    ...

    Linus Torvalds
     

02 Apr, 2012

1 commit

  • 81213b5e8   rose_dev: fix memcpy-bug in rose_set_mac_address ... Browse Code »
    1

    If both addresses equal, nothing needs to be done. If the device is down,
    then we simply copy the new address to dev->dev_addr. If the device is up,
    then we add another loopback device with the new address, and if that does
    not fail, we remove the loopback device with the old address. And only
    then, we update the dev->dev_addr.

    Signed-off-by: Daniel Borkmann
    Signed-off-by: David S. Miller

    danborkmann@iogearbox.net
     

29 Mar, 2012

1 commit

01 Nov, 2011

1 commit

07 Jul, 2011

1 commit

14 Apr, 2011

1 commit

31 Mar, 2011

1 commit

28 Mar, 2011

2 commits

  • e0bccd315   rose: Add length checks to CALL_REQUEST parsing ... Browse Code »

    Define some constant offsets for CALL_REQUEST based on the description
    at and the
    definition of ROSE as using 10-digit (5-byte) addresses. Use them
    consistently. Validate all implicit and explicit facilities lengths.
    Validate the address length byte rather than either trusting or
    assuming its value.

    Signed-off-by: Ben Hutchings
    Signed-off-by: David S. Miller

    Ben Hutchings
     
  • be20250c1   ROSE: prevent heap corruption with bad facilities ... Browse Code »

    When parsing the FAC_NATIONAL_DIGIS facilities field, it's possible for
    a remote host to provide more digipeaters than expected, resulting in
    heap corruption. Check against ROSE_MAX_DIGIS to prevent overflows, and
    abort facilities parsing on failure.

    Additionally, when parsing the FAC_CCITT_DEST_NSAP and
    FAC_CCITT_SRC_NSAP facilities fields, a remote host can provide a length
    of less than 10, resulting in an underflow in a memcpy size, causing a
    kernel panic due to massive heap corruption. A length of greater than
    20 results in a stack overflow of the callsign array. Abort facilities
    parsing on these invalid length values.

    Signed-off-by: Dan Rosenberg
    Cc: stable@kernel.org
    Signed-off-by: David S. Miller

    Dan Rosenberg
     

15 Feb, 2011

2 commits

  • 68aa3fd55   ROSE: AX25: finding routes simplification ... Browse Code »

    With previous patch, rose_get_neigh() routine
    investigates the full list of neighbor nodes
    until it finds or not an already connected node whether
    it is called locally or through a level 3 transit frame.
    If no routes are opened through an adjacent connected node
    then a classical connect request is attempted.

    Then there is no more reason for an extra loop such
    as the one removed by this patch.

    Signed-off-by: Bernard Pidoux
    Signed-off-by: David S. Miller

    Bernard Pidoux
     
  • c5d8b24ad   ROSE: rose AX25 packet routing improvement ... Browse Code »

    FPAC AX25 packet application is using Linux kernel ROSE
    routing skills in order to connect or send packets to remote stations
    knowing their ROSE address via a network of interconnected nodes.

    Each FPAC node has a ROSE routing table that Linux ROSE module is
    looking at each time a ROSE frame is relayed by the node or when
    a connect request to a neighbor node is received.

    A previous patch improved the system time response by looking at
    already established routes each time the system was looking for a
    route to relay a frame. If a neighbor node routing the destination
    address was already connected, then the frame would be sent
    through him. If not, a connection request would be issued.

    The present patch extends the same routing capability to a connect
    request asked by a user locally connected into an FPAC node.
    Without this patch, a connect request was not well handled unless it
    was directed to an immediate connected neighbor of the local node.

    Implemented at a number of ROSE FPAC node stations, the present patch
    improved dramatically FPAC ROSE routing time response and efficiency.

    Signed-off-by: Bernard Pidoux
    Signed-off-by: David S. Miller

    Bernard Pidoux
     

27 Sep, 2010

1 commit

24 Sep, 2010

1 commit

21 Sep, 2010

1 commit

01 Aug, 2010

1 commit

  • e2e0c7c9d   net/rose: Use GFP_ATOMIC ... Browse Code »

    The other calls to kmalloc in the same function use GFP_ATOMIC, and indeed
    two locks are held within the body of the function.

    The semantic match that finds this problem is as follows:
    (http://coccinelle.lip6.fr/)

    //
    @@ identifier f; @@

    *f(...,GFP_ATOMIC,...)
    ... when != spin_unlock(...)
    when != read_unlock(...)
    when != write_unlock(...)
    when != read_unlock_irq(...)
    when != write_unlock_irq(...)
    when != read_unlock_irqrestore(...)
    when != write_unlock_irqrestore(...)
    when != spin_unlock_irq(...)
    when != spin_unlock_irqrestore(...)
    *f(...,GFP_KERNEL,...)
    //

    Signed-off-by: Julia Lawall
    Signed-off-by: David S. Miller

    Julia Lawall
     

21 Apr, 2010

1 commit

  • aa3951451   net: sk_sleep() helper ... Browse Code »

    Define a new function to return the waitqueue of a "struct sock".

    static inline wait_queue_head_t *sk_sleep(struct sock *sk)
    {
    return sk->sk_sleep;
    }

    Change all read occurrences of sk_sleep by a call to this function.

    Needed for a future RCU conversion. sk_sleep wont be a field directly
    available.

    Signed-off-by: Eric Dumazet
    Signed-off-by: David S. Miller

    Eric Dumazet
     

30 Mar, 2010

1 commit

  • 5a0e3ad6a   include cleanup: Update gfp.h and slab.h includes to prepare for breaking implic… ... Browse Code »

    …it slab.h inclusion from percpu.h

    percpu.h is included by sched.h and module.h and thus ends up being
    included when building most .c files. percpu.h includes slab.h which
    in turn includes gfp.h making everything defined by the two files
    universally available and complicating inclusion dependencies.

    percpu.h -> slab.h dependency is about to be removed. Prepare for
    this change by updating users of gfp and slab facilities include those
    headers directly instead of assuming availability. As this conversion
    needs to touch large number of source files, the following script is
    used as the basis of conversion.

    http://userweb.kernel.org/~tj/misc/slabh-sweep.py

    The script does the followings.

    * Scan files for gfp and slab usages and update includes such that
    only the necessary includes are there. ie. if only gfp is used,
    gfp.h, if slab is used, slab.h.

    * When the script inserts a new include, it looks at the include
    blocks and try to put the new include such that its order conforms
    to its surrounding. It's put in the include block which contains
    core kernel includes, in the same order that the rest are ordered -
    alphabetical, Christmas tree, rev-Xmas-tree or at the end if there
    doesn't seem to be any matching order.

    * If the script can't find a place to put a new include (mostly
    because the file doesn't have fitting include block), it prints out
    an error message indicating which .h file needs to be added to the
    file.

    The conversion was done in the following steps.

    1. The initial automatic conversion of all .c files updated slightly
    over 4000 files, deleting around 700 includes and adding ~480 gfp.h
    and ~3000 slab.h inclusions. The script emitted errors for ~400
    files.

    2. Each error was manually checked. Some didn't need the inclusion,
    some needed manual addition while adding it to implementation .h or
    embedding .c file was more appropriate for others. This step added
    inclusions to around 150 files.

    3. The script was run again and the output was compared to the edits
    from #2 to make sure no file was left behind.

    4. Several build tests were done and a couple of problems were fixed.
    e.g. lib/decompress_*.c used malloc/free() wrappers around slab
    APIs requiring slab.h to be added manually.

    5. The script was run on all .h files but without automatically
    editing them as sprinkling gfp.h and slab.h inclusions around .h
    files could easily lead to inclusion dependency hell. Most gfp.h
    inclusion directives were ignored as stuff from gfp.h was usually
    wildly available and often used in preprocessor macros. Each
    slab.h inclusion directive was examined and added manually as
    necessary.

    6. percpu.h was updated not to include slab.h.

    7. Build test were done on the following configurations and failures
    were fixed. CONFIG_GCOV_KERNEL was turned off for all tests (as my
    distributed build env didn't work with gcov compiles) and a few
    more options had to be turned off depending on archs to make things
    build (like ipr on powerpc/64 which failed due to missing writeq).

    * x86 and x86_64 UP and SMP allmodconfig and a custom test config.
    * powerpc and powerpc64 SMP allmodconfig
    * sparc and sparc64 SMP allmodconfig
    * ia64 SMP allmodconfig
    * s390 SMP allmodconfig
    * alpha SMP allmodconfig
    * um on x86_64 SMP allmodconfig

    8. percpu.h modifications were reverted so that it could be applied as
    a separate patch and serve as bisection point.

    Given the fact that I had only a couple of failures from tests on step
    6, I'm fairly confident about the coverage of this conversion patch.
    If there is a breakage, it's likely to be something in one of the arch
    headers which should be easily discoverable easily on most builds of
    the specific arch.

    Signed-off-by: Tejun Heo <tj@kernel.org>
    Guess-its-ok-by: Christoph Lameter <cl@linux-foundation.org>
    Cc: Ingo Molnar <mingo@redhat.com>
    Cc: Lee Schermerhorn <Lee.Schermerhorn@hp.com>

    Tejun Heo
     

11 Feb, 2010

1 commit

16 Jan, 2010

1 commit

  • d00c362f1   ax25: netrom: rose: Fix timer oopses ... Browse Code »

    Wrong ax25_cb refcounting in ax25_send_frame() and by its callers can
    cause timer oopses (first reported with 2.6.29.6 kernel).

    Fixes: http://bugzilla.kernel.org/show_bug.cgi?id=14905

    Reported-by: Bernard Pidoux
    Tested-by: Bernard Pidoux
    Signed-off-by: Jarek Poplawski
    Signed-off-by: David S. Miller

    Jarek Poplawski
     

04 Jan, 2010

1 commit

  • 1f731b637   rose_loopback_timer sets VC number <= ROSE_DEFAULT_MAXVC ... Browse Code »

    cat /proc/net/rose displayed a rose sockets abnormal lci value, i.e.
    greater than maximum number of VCs per neighbour allowed.
    This number prevents further test of lci value during rose operations.

    Example (lines shortened) :
    [bernard]# cat /proc/net/rose
    dest_addr dest_call src_addr src_call dev lci neigh st vs vr va
    * * 2080175520 F6BVP-1 rose0 000 00000 0 0 0 0
    2080175520 FPAD-0 2080175520 WP-0 rose0 FFE 00001 3 0 0 0

    Here are the default parameters :

    linux/include/net/rose.h:#define ROSE_DEFAULT_MAXVC 50 /* Maximum number of VCs per neighbour */
    linux/net/rose/af_rose.c:int sysctl_rose_maximum_vcs = ROSE_DEFAULT_MAXVC;

    With the following patch, rose_loopback_timer() attributes a VC number
    within limits.

    Signed-off-by: Bernard Pidoux
    Signed-off-by: David S. Miller

    Bernard Pidoux F6BVP
     

08 Dec, 2009

1 commit

  • d7fc02c7b   Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 ... Browse Code »

    * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6: (1815 commits)
    mac80211: fix reorder buffer release
    iwmc3200wifi: Enable wimax core through module parameter
    iwmc3200wifi: Add wifi-wimax coexistence mode as a module parameter
    iwmc3200wifi: Coex table command does not expect a response
    iwmc3200wifi: Update wiwi priority table
    iwlwifi: driver version track kernel version
    iwlwifi: indicate uCode type when fail dump error/event log
    iwl3945: remove duplicated event logging code
    b43: fix two warnings
    ipw2100: fix rebooting hang with driver loaded
    cfg80211: indent regulatory messages with spaces
    iwmc3200wifi: fix NULL pointer dereference in pmkid update
    mac80211: Fix TX status reporting for injected data frames
    ath9k: enable 2GHz band only if the device supports it
    airo: Fix integer overflow warning
    rt2x00: Fix padding bug on L2PAD devices.
    WE: Fix set events not propagated
    b43legacy: avoid PPC fault during resume
    b43: avoid PPC fault during resume
    tcp: fix a timewait refcnt race
    ...

    Fix up conflicts due to sysctl cleanups (dead sysctl_check code and
    CTL_UNNUMBERED removed) in
    kernel/sysctl_check.c
    net/ipv4/sysctl_net_ipv4.c
    net/ipv6/addrconf.c
    net/sctp/sysctl.c

    Linus Torvalds
     

30 Nov, 2009

1 commit

26 Nov, 2009

1 commit

  • 09ad9bc75   net: use net_eq to compare nets ... Browse Code »

    Generated with the following semantic patch

    @@
    struct net *n1;
    struct net *n2;
    @@
    - n1 == n2
    + net_eq(n1, n2)

    @@
    struct net *n1;
    struct net *n2;
    @@
    - n1 != n2
    + !net_eq(n1, n2)

    applied over {include,net,drivers/net}.

    Signed-off-by: Octavian Purdila
    Signed-off-by: David S. Miller

    Octavian Purdila
     

17 Nov, 2009

1 commit

12 Nov, 2009

1 commit

  • f8572d8f2   sysctl net: Remove unused binary sysctl code ... Browse Code »

    Now that sys_sysctl is a compatiblity wrapper around /proc/sys
    all sysctl strategy routines, and all ctl_name and strategy
    entries in the sysctl tables are unused, and can be
    revmoed.

    In addition neigh_sysctl_register has been modified to no longer
    take a strategy argument and it's callers have been modified not
    to pass one.

    Cc: "David Miller"
    Cc: Hideaki YOSHIFUJI
    Cc: netdev@vger.kernel.org
    Signed-off-by: Eric W. Biederman

    Eric W. Biederman
     

06 Nov, 2009

3 commits

04 Nov, 2009

1 commit

  • c6d14c845   net: Introduce for_each_netdev_rcu() iterator ... Browse Code »

    Adds RCU management to the list of netdevices.

    Convert some for_each_netdev() users to RCU version, if
    it can avoid read_lock-ing dev_base_lock

    Ie:
    read_lock(&dev_base_loack);
    for_each_netdev(net, dev)
    some_action();
    read_unlock(&dev_base_lock);

    becomes :

    rcu_read_lock();
    for_each_netdev_rcu(net, dev)
    some_action();
    rcu_read_unlock();

    Signed-off-by: Eric Dumazet
    Signed-off-by: David S. Miller

    Eric Dumazet
     

07 Oct, 2009

1 commit

01 Oct, 2009

1 commit

  • b7058842c   net: Make setsockopt() optlen be unsigned. ... Browse Code »

    This provides safety against negative optlen at the type
    level instead of depending upon (sometimes non-trivial)
    checks against this sprinkled all over the the place, in
    each and every implementation.

    Based upon work done by Arjan van de Ven and feedback
    from Linus Torvalds.

    Signed-off-by: David S. Miller

    David S. Miller
     

15 Sep, 2009

1 commit

01 Sep, 2009

1 commit