| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Signed-off-by: Julien Lefrique <[email protected]>
Signed-off-by: Samuel Ortiz <[email protected]>
|
|
There are several instances where a pskb_copy or __pskb_copy is
immediately followed by an skb_clone.
Add a couple of new functions to allow the copy skb to be allocated
from the fclone cache and thus speed up subsequent skb_clone calls.
Cc: Alexander Smirnov <[email protected]>
Cc: Dmitry Eremin-Solenikov <[email protected]>
Cc: Marek Lindner <[email protected]>
Cc: Simon Wunderlich <[email protected]>
Cc: Antonio Quartulli <[email protected]>
Cc: Marcel Holtmann <[email protected]>
Cc: Gustavo Padovan <[email protected]>
Cc: Johan Hedberg <[email protected]>
Cc: Arvid Brodin <[email protected]>
Cc: Patrick McHardy <[email protected]>
Cc: Pablo Neira Ayuso <[email protected]>
Cc: Jozsef Kadlecsik <[email protected]>
Cc: Lauro Ramos Venancio <[email protected]>
Cc: Aloisio Almeida Jr <[email protected]>
Cc: Samuel Ortiz <[email protected]>
Cc: Jon Maloy <[email protected]>
Cc: Allan Stephens <[email protected]>
Cc: Andrew Hendry <[email protected]>
Cc: Eric Dumazet <[email protected]>
Reviewed-by: Christoph Paasch <[email protected]>
Signed-off-by: Octavian Purdila <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
This allows for a more generic NFC sniffing by using SOCKPROTO_RAW
SOCK_RAW to read RAW NFC frames. This is for sniffing anything but LLCP
(HCI, NCI, etc...).
Signed-off-by: Hiren Tandel <[email protected]>
Signed-off-by: Rahul Tank <[email protected]>
Signed-off-by: Samuel Ortiz <[email protected]>
|
|
Several spots in the kernel perform a sequence like:
skb_queue_tail(&sk->s_receive_queue, skb);
sk->sk_data_ready(sk, skb->len);
But at the moment we place the SKB onto the socket receive queue it
can be consumed and freed up. So this skb->len access is potentially
to freed up memory.
Furthermore, the skb->len can be modified by the consumer so it is
possible that the value isn't accurate.
And finally, no actual implementation of this callback actually uses
the length argument. And since nobody actually cared about it's
value, lots of call sites pass arbitrary values in such as '0' and
even '1'.
So just remove the length argument from the callback, that way there
is no confusion whatsoever and all of these use-after-free cases get
fixed as a side effect.
Based upon a patch by Eric Dumazet and his suggestion to audit this
issue tree-wide.
Signed-off-by: David S. Miller <[email protected]>
|
|
nfc_llcp_find_local() does not modify any list entry while iterating the list.
So use list_for_each_entry instead of list_for_each_entry_safe.
Signed-off-by: Axel Lin <[email protected]>
Signed-off-by: Samuel Ortiz <[email protected]>
|
|
This checking is common for all caller, so move the checking to one place.
Signed-off-by: Axel Lin <[email protected]>
Signed-off-by: Samuel Ortiz <[email protected]>
|
|
Signed-off-by: Axel Lin <[email protected]>
Signed-off-by: Samuel Ortiz <[email protected]>
|
|
If MIUX is not present in CONNECT or CC use default MIU value (128)
instead of one announced durring link setup.
This was affecting Bluetooth handover with Android 4.3+ NCI stack.
Signed-off-by: Szymon Janc <[email protected]>
Signed-off-by: Samuel Ortiz <[email protected]>
|
|
Several files refer to an old address for the Free Software Foundation
in the file header comment. Resolve by replacing the address with
the URL <http://www.gnu.org/licenses/> so that we do not have to keep
updating the header comments anytime the address changes.
CC: [email protected]
CC: Lauro Ramos Venancio <[email protected]>
CC: Aloisio Almeida Jr <[email protected]>
CC: Samuel Ortiz <[email protected]>
Signed-off-by: Jeff Kirsher <[email protected]>
Signed-off-by: John W. Linville <[email protected]>
|
|
The WKS (Well Known Services) bitmask should be transmitted in big endian
order. Picky implementations will refuse to establish an LLCP link when the
WKS bit 0 is not set to 1. The vast majority of implementations out there
are not that picky though...
Signed-off-by: Samuel Ortiz <[email protected]>
|
|
In order to advertise our LLCP support properly and to follow the LLCP
specs requirements, we need to initialize the WKS (Well-Known Services)
bitfield to 1 as SAP 0 is the only mandatory supported service.
Signed-off-by: Samuel Ortiz <[email protected]>
|
|
When we receive a RNR, the remote is busy processing the last received
frame. We set a local flag for that, and we should send a SYMM when it
is set instead of sending any pending frame.
Signed-off-by: Samuel Ortiz <[email protected]>
|
|
In nfc_llcp_tx_work() the sk_buff is not freed when the llcp_sock
is null and the PDU is an I one.
Signed-off-by: Thierry Escande <[email protected]>
Signed-off-by: Samuel Ortiz <[email protected]>
|
|
This patch keeps the socket alive and therefore does not remove
it from the sockets list in the local until the DISC PDU has been
actually sent. Otherwise we would reply with DM PDUs before sending
the DISC one.
Signed-off-by: Thierry Escande <[email protected]>
Signed-off-by: Samuel Ortiz <[email protected]>
|
|
And stop making it optional. LLCP is a fundamental part of the NFC
specifications and making it optional does not make much sense.
Signed-off-by: Samuel Ortiz <[email protected]>
|