| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
This allows for a more generic NFC sniffing by using SOCKPROTO_RAW
SOCK_RAW to read RAW NFC frames. This is for sniffing anything but LLCP
(HCI, NCI, etc...).
Signed-off-by: Hiren Tandel <[email protected]>
Signed-off-by: Rahul Tank <[email protected]>
Signed-off-by: Samuel Ortiz <[email protected]>
|
|
ATR_RES response received within Activation Parameters is already
in correct order. Reversing it fails LLCP magic number check and
so P2P functionality fails.
Signed-off-by: Hiren Tandel <[email protected]>
Signed-off-by: Rahul Tank <[email protected]>
Signed-off-by: Samuel Ortiz <[email protected]>
|
|
According to section 5.15.1.3 of the NFC Activity
Specification, multiple SENSF_REQ commands can be
received by a target before it receives an ATR_REQ
command. To handle this, add a routine that checks
whether a SENSF_REQ or ATR_REQ has been recieved.
If its a SENSF_REQ, respond appropriately and
continue waiting for a ATR_REQ. If its an ATR_REQ,
handle it as before.
CC: Thierry Escande <[email protected]>
Signed-off-by: Mark A. Greer <[email protected]>
Signed-off-by: Samuel Ortiz <[email protected]>
|
|
The check in digital_tg_send_sensf_res() that excludes
the 'RD' field from the SENSF_RES is inverted. The 'RD'
field should be excluded when the SENSF_REQ 'RC' field
is equal to DIGITAL_SENSF_REQ_RC_NONE instead of when
its not equal. This is described in section 6.6.2.11
of the NFC Digital Specification.
CC: Thierry Escande <[email protected]>
Signed-off-by: Mark A. Greer <[email protected]>
Signed-off-by: Samuel Ortiz <[email protected]>
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth
|
|
This requires changing the nl80211 parsing code a bit to use
intermediate pointers for the allocation, but clarifies the
API towards the drivers.
Signed-off-by: Johannes Berg <[email protected]>
|
|
This also propagates through the drivers.
The orinoco driver uses the cfg80211 API structs for internal
bookkeeping, and so needs a (void *) cast that removes the
const - but that's OK because it allocates those pointers.
Signed-off-by: Johannes Berg <[email protected]>
|
|
This propagates through all the drivers and mac80211.
Signed-off-by: Johannes Berg <[email protected]>
|
|
Antonio and I were looking over this code and some things
didn't immediately make sense, so we came up with two small
clarifications.
Signed-off-by: Johannes Berg <[email protected]>
|
|
Now that all objects are released in the reverse order via the
transaction infrastructure, we can enqueue the release via
call_rcu to save one synchronize_rcu. For small rule-sets loaded
via nft -f, it now takes around 50ms less here.
Signed-off-by: Pablo Neira Ayuso <[email protected]>
|
|
Instead of caching the original skbuff that contains the netlink
messages, this stores the netlink message sequence number, the
netlink portID and the report flag. This helps to prepare the
introduction of the object release via call_rcu.
Signed-off-by: Pablo Neira Ayuso <[email protected]>
|
|
Now that all these function are called from the commit path, we can
pass the context structure to reduce the amount of parameters in all
of the nf_tables_*_notify functions. This patch also removes unneeded
branches to check for skb, nlh and net that should be always set in
the context structure.
Signed-off-by: Pablo Neira Ayuso <[email protected]>
|
|
Leave the set content in consistent state if we fail to load the
batch. Use the new generic transaction infrastructure to achieve
this.
Signed-off-by: Pablo Neira Ayuso <[email protected]>
|
|
This patch speeds up rule-set updates and it also provides a way
to revert updates and leave things in consistent state in case that
the batch needs to be aborted.
Signed-off-by: Pablo Neira Ayuso <[email protected]>
|
|
So nf_tables_uptable() only takes one single parameter.
Signed-off-by: Pablo Neira Ayuso <[email protected]>
|
|
nf_tables_table_disable() always succeeds, make this function void.
Signed-off-by: Pablo Neira Ayuso <[email protected]>
|
|
This patch speeds up rule-set updates and it also introduces a way to
revert chain updates if the batch is aborted. The idea is to store the
changes in the transaction to apply that in the commit step.
Signed-off-by: Pablo Neira Ayuso <[email protected]>
|
|
Add new routines to encapsulate chain statistics allocation and
replacement.
Signed-off-by: Pablo Neira Ayuso <[email protected]>
|
|
This patch reworks the nf_tables API so set updates are included in
the same batch that contains rule updates. This speeds up rule-set
updates since we skip a dialog of four messages between kernel and
user-space (two on each direction), from:
1) create the set and send netlink message to the kernel
2) process the response from the kernel that contains the allocated name.
3) add the set elements and send netlink message to the kernel.
4) process the response from the kernel (to check for errors).
To:
1) add the set to the batch.
2) add the set elements to the batch.
3) add the rule that points to the set.
4) send batch to the kernel.
This also introduces an internal set ID (NFTA_SET_ID) that is unique
in the batch so set elements and rules can refer to new sets.
Backward compatibility has been only retained in userspace, this
means that new nft versions can talk to the kernel both in the new
and the old fashion.
Signed-off-by: Pablo Neira Ayuso <[email protected]>
|
|
The patch adds message type to the transaction to simplify the
commit the and abort routines. Yet another step forward in the
generalisation of the transaction infrastructure.
Signed-off-by: Pablo Neira Ayuso <[email protected]>
|
|
Move the commit and abort routines to the bottom of the source code
file. This change is required by the follow up patches that add the
set, chain and table transaction support.
This patch is just a cleanup to access several functions without
having to declare their prototypes.
Signed-off-by: Pablo Neira Ayuso <[email protected]>
|
|
This patch generalises the existing rule transaction infrastructure
so it can be used to handle set, table and chain object transactions
as well. The transaction provides a data area that stores private
information depending on the transaction type.
Signed-off-by: Pablo Neira Ayuso <[email protected]>
|
|
The new transaction infrastructure updates the family, table and chain
objects in the context structure, so let's deconstify them. While at it,
move the context structure initialization routine to the top of the
source file as it will be also used from the table and chain routines.
Signed-off-by: Pablo Neira Ayuso <[email protected]>
|
|
In contrast to the direct access to the single SFF frame filters (which are
indexed by the SFF CAN ID itself) the single EFF frame filters are arranged
in a single linked hlist. To reduce the hlist traversal in the case of many
filter subscriptions a hash based access is introduced for single EFF filters.
Signed-off-by: Oliver Hartkopp <[email protected]>
Signed-off-by: Marc Kleine-Budde <[email protected]>
|
|
The can_rcvlist_sff_proc_show_one() function which prints the array of filters
for the single SFF CAN identifiers is prepared to be used by a second caller.
Therefore it is also renamed to properly describe its future functionality.
Signed-off-by: Oliver Hartkopp <[email protected]>
Signed-off-by: Marc Kleine-Budde <[email protected]>
|
|
Included changes:
- fix codestyle to respect new checkpatch warnings
- increase internal version number
|
|
To be future-proof and for better readability the time comparisons are modified
to use time_after() instead of raw math.
Signed-off-by: Manuel Schölling <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
Signed-off-by: Stephen Hemminger <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
Signed-off-by: Stephen Hemminger <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
This would be a no-op, so there is no reason to request it.
This also allows conversion of the current implementations of
ethtool_ops::{get,set}_rxfh_indir to ethtool_ops::{get,set}_rxfh
with no change other than their parameters.
Signed-off-by: Ben Hutchings <[email protected]>
|
|
We usually allocate special values of u32 fields starting from the top
down, so also change the value to 0xffffffff. As these operations
haven't been included in a stable release yet, it's not too late to
change.
Signed-off-by: Ben Hutchings <[email protected]>
|
|
We must return -EFAULT immediately rather than continuing into
the loop.
Similarly, we may as well return -EINVAL directly.
Signed-off-by: Ben Hutchings <[email protected]>
|
|
fix build when BRIDGE_VLAN_FILTERING is not set
Fixes: 2796d0c648c94 ("bridge: Automatically manage port promiscuous mode")
Signed-off-by: Alexei Starovoitov <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
We're not taking a reference in the case where _gss_mech_get_by_pseudoflavor
loops without finding the correct rpcsec_gss flavour, so why are we
releasing it?
Signed-off-by: Trond Myklebust <[email protected]>
|
|
Signed-off-by: Simon Wunderlich <[email protected]>
Signed-off-by: Antonio Quartulli <[email protected]>
|
|
Reported by checkpatch with the following warning:
"WARNING: macros should not use a trailing semicolon"
Signed-off-by: Antonio Quartulli <[email protected]>
Signed-off-by: Marek Lindner <[email protected]>
|
|
Reported by checkpatch with the following message:
"WARNING: Missing a blank line after declarations"
Signed-off-by: Antonio Quartulli <[email protected]>
Signed-off-by: Marek Lindner <[email protected]>
|
|
Prior to commit fbd929f2dce460456807a51e18d623db3db9f077
bonding: support QinQ for bond arp interval
the arp monitoring code allowed for proper detection of devices
stacked on top of vlans. Since the above commit, the
code can still detect a device stacked on top of single
vlan, but not a device stacked on top of Q-in-Q configuration.
The search will only set the inner vlan tag if the route
device is the vlan device. However, this is not always the
case, as it is possible to extend the stacked configuration.
With this patch it is possible to provision devices on
top Q-in-Q vlan configuration that should be used as
a source of ARP monitoring information.
For example:
ip link add link bond0 vlan10 type vlan proto 802.1q id 10
ip link add link vlan10 vlan100 type vlan proto 802.1q id 100
ip link add link vlan100 type macvlan
Note: This patch limites the number of stacked VLANs to 2,
just like before. The original, however had another issue
in that if we had more then 2 levels of VLANs, we would end
up generating incorrectly tagged traffic. This is no longer
possible.
Fixes: fbd929f2dce460456807a51e18d623db3db9f077 (bonding: support QinQ for bond arp interval)
CC: Jay Vosburgh <[email protected]>
CC: Veaceslav Falico <[email protected]>
CC: Andy Gospodarek <[email protected]>
CC: Ding Tianhong <[email protected]>
CC: Patric McHardy <[email protected]>
Signed-off-by: Vlad Yasevich <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
This reverts commit dc8eaaa006350d24030502a4521542e74b5cb39f.
vlan: Fix lockdep warning when vlan dev handle notification
Instead we use the new new API to find the lock subclass of
our vlan device. This way we can support configurations where
vlans are interspersed with other devices:
bond -> vlan -> macvlan -> vlan
Signed-off-by: Vlad Yasevich <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
Multiple devices in the kernel can be stacked/nested and they
need to know their nesting level for the purposes of lockdep.
This patch provides a generic function that determines a nesting
level of a particular device by its type (ex: vlan, macvlan, etc).
We only care about nesting of the same type of devices.
For example:
eth0 <- vlan0.10 <- macvlan0 <- vlan1.20
The nesting level of vlan1.20 would be 1, since there is another vlan
in the stack under it.
Signed-off-by: Vlad Yasevich <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
Signed-off-by: Thomas Graf <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
Starting from linux-3.13, GRO attempts to build full size skbs.
Problem is the commit assumed one particular field in skb->cb[]
was clean, but it is not the case on some stacked devices.
Timo reported a crash in case traffic is decrypted before
reaching a GRE device.
Fix this by initializing NAPI_GRO_CB(skb)->last at the right place,
this also removes one conditional.
Thanks a lot to Timo for providing full reports and bisecting this.
Fixes: 8a29111c7ca6 ("net: gro: allow to build full sized skb")
Bisected-by: Timo Teras <[email protected]>
Signed-off-by: Eric Dumazet <[email protected]>
Tested-by: Timo Teräs <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
The 802.15.4-2011 standard states that for each key, a list of devices
that use this key shall be kept. Previous patches have only considered
two options:
* a device "uses" (or may use) all keys, rendering the list useless
* a device is restricted to a certain set of keys
Another option would be that a device *may* use all keys, but need not
do so, and we are interested in the actual set of keys the device uses.
Recording keys used by any given device may have a noticable performance
impact and might not be needed as often. The common case, in which a
device will not switch keys too often, should still perform well.
Signed-off-by: Phoebe Buckheister <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
This patch adds user-visible interfaces for the llsec infrastructure.
For the added methods, the only major difference between all add/remove
implementation lies in how the specific object is parsed, and for dump
requests, how objects are written into netlink messages.
To save on boilerplate code, table dumps are routed through a helper
function that handles netlink dump state, leaving the actual dumping
code to care only about iterating over the table to be dumped and
filling netlink messages. For add/remove methods, the boilerplate
required to work is not quite as large, but still enough to also move
into a local helper.
Signed-off-by: Phoebe Buckheister <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
Signed-off-by: Phoebe Buckheister <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
Signed-off-by: Phoebe Buckheister <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
Allow datagram sockets to override the security settings of the device
they send from on a per-socket basis. Requires CAP_NET_ADMIN or
CAP_NET_RAW, since raw sockets can send arbitrary packets anyway.
Signed-off-by: Phoebe Buckheister <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
Signed-off-by: Phoebe Buckheister <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
Signed-off-by: Phoebe Buckheister <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
Signed-off-by: Phoebe Buckheister <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|