aboutsummaryrefslogtreecommitdiff
path: root/net
AgeCommit message (Collapse)AuthorFilesLines
2010-07-28cfg80211: Update of regulatory request initiator handlingYuri Ershov1-1/+2
In some cases there could be possible dereferencing freed pointer. The update is intended to avoid this issue. Signed-off-by: Yuri Ershov <[email protected]> Signed-off-by: John W. Linville <[email protected]>
2010-07-28nl80211: Fix memory leaksYuri Ershov1-0/+2
In case of errors during message composing msg should be freed after canceling. Signed-off-by: Yuri Kululin <[email protected]> Signed-off-by: Yuri Ershov <[email protected]> Signed-off-by: John W. Linville <[email protected]>
2010-07-28mac80211: Put some code under MESH macroYuri Ershov1-0/+2
In the function ieee80211_subif_start_xmit the logic related with meshdrlen is under CONFIG_MAC80211_MESH macro, but in one place it isn't. This is some update for this Signed-off-by: Yuri Ershov <[email protected]> Signed-off-by: John W. Linville <[email protected]>
2010-07-28Merge branch 'master' of ↵John W. Linville5-27/+50
git://git.kernel.org/pub/scm/linux/kernel/git/holtmann/bluetooth-next-2.6
2010-07-28bridge: add rcu_read_lock on transmitstephen hemminger4-6/+8
Long ago, when bridge was converted to RCU, rcu lock was equivalent to having preempt disabled. RCU has changed a lot since then and bridge code was still assuming the since transmit was called with bottom half disabled, it was RCU safe. Signed-off-by: Stephen Hemminger <[email protected]> Tested-by: Johannes Berg <[email protected]> Signed-off-by: David S. Miller <[email protected]>
2010-07-27Merge branch 'master' of ↵David S. Miller5-11/+56
master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 Conflicts: drivers/net/bnx2x_main.c Merge bnx2x bug fixes in by hand... :-/ Signed-off-by: David S. Miller <[email protected]>
2010-07-27Bluetooth: Add __init and __exit marks to RFCOMMGustavo F. Padovan2-3/+3
Those annotation save memory and space on the binary. __init code is discarded just after execute and __exit code is discarded if the module is built into the kernel image or unload of modules is not allowed. Signed-off-by: Gustavo F. Padovan <[email protected]> Signed-off-by: Marcel Holtmann <[email protected]>
2010-07-27Bluetooth: Test 'count' value before enter the loopGustavo F. Padovan1-4/+4
Testing first we avoid enter the loop when count = 0. Signed-off-by: Gustavo F. Padovan <[email protected]> Signed-off-by: Marcel Holtmann <[email protected]>
2010-07-27Bluetooth: Defer SCO setup if mode change is pendingMarcel Holtmann2-20/+43
Certain headsets such as the Motorola H350 will reject SCO and eSCO connection requests while the ACL is transitioning from sniff mode to active mode. Add synchronization so that SCO and eSCO connection requests will wait until the ACL has fully transitioned to active mode. < HCI Command: Exit Sniff Mode (0x02|0x0004) plen 2 handle 12 > HCI Event: Command Status (0x0f) plen 4 Exit Sniff Mode (0x02|0x0004) status 0x00 ncmd 1 < HCI Command: Setup Synchronous Connection (0x01|0x0028) plen 17 handle 12 voice setting 0x0040 > HCI Event: Command Status (0x0f) plen 4 Setup Synchronous Connection (0x01|0x0028) status 0x00 ncmd 1 > HCI Event: Number of Completed Packets (0x13) plen 5 handle 12 packets 1 > HCI Event: Mode Change (0x14) plen 6 status 0x00 handle 12 mode 0x00 interval 0 Mode: Active > HCI Event: Synchronous Connect Complete (0x2c) plen 17 status 0x10 handle 14 bdaddr 00:1A:0E:50:28:A4 type SCO Error: Connection Accept Timeout Exceeded Signed-off-by: Ron Shaffer <[email protected]> Signed-off-by: Marcel Holtmann <[email protected]>
2010-07-27wireless: Convert wiphy_debug macro to functionJoe Perches1-0/+49
Save a few bytes of text (allyesconfig) $ size drivers/net/wireless/built-in.o* text data bss dec hex filename 3924568 100548 871056 4896172 4ab5ac drivers/net/wireless/built-in.o.new 3926520 100548 871464 4898532 4abee4 drivers/net/wireless/built-in.o.old $ size net/wireless/core.o* text data bss dec hex filename 12843 216 3768 16827 41bb net/wireless/core.o.new 12328 216 3656 16200 3f48 net/wireless/core.o Signed-off-by: Joe Perches <[email protected]> Signed-off-by: John W. Linville <[email protected]>
2010-07-27mac80211: Fix key freeing to handle unlinked keysJouni Malinen4-12/+12
Key locking simplification removed key->sdata != NULL verification from ieee80211_key_free(). While that is fine for most use cases, there is one path where this function can be called with an unlinked key (i.e., key->sdata == NULL && key->local == NULL). This results in a NULL pointer dereference with the current implementation. This is known to happen at least with FT protocol when wpa_supplicant tries to configure the key before association. Avoid the issue by passing in the local pointer to ieee80211_key_free(). In addition, do not clear the key from hw_accel or debugfs if it has not yet been added. At least the hw_accel one could trigger another NULL pointer dereference. Signed-off-by: Jouni Malinen <[email protected]> Reviewed-by: Johannes Berg <[email protected]> Signed-off-by: John W. Linville <[email protected]>
2010-07-27Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6Linus Torvalds5-11/+56
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: s2io: fixing DBG_PRINT() macro ath9k: fix dma direction for map/unmap in ath_rx_tasklet net: dev_forward_skb should call nf_reset net sched: fix race in mirred device removal tun: avoid BUG, dump packet on GSO errors bonding: set device in RLB ARP packet handler wimax/i2400m: Add PID & VID for Intel WiMAX 6250 ipv6: Don't add routes to ipv6 disabled interfaces. net: Fix skb_copy_expand() handling of ->csum_start net: Fix corruption of skb csum field in pskb_expand_head() of net/core/skbuff.c macvtap: Limit packet queue length ixgbe/igb: catch invalid VF settings bnx2x: Advance a module version bnx2x: Protect statistics ramrod and sequence number bnx2x: Protect a SM state change wireless: use netif_rx_ni in ieee80211_send_layer2_update
2010-07-27Merge branch 'master' of ↵John W. Linville254-3822/+6238
git://git.kernel.org/pub/scm/linux/kernel/git/holtmann/bluetooth-next-2.6 Conflicts: drivers/net/wireless/iwlwifi/iwl-commands.h
2010-07-26genetlink: use genl_register_family_with_ops()Changli Gao1-5/+1
Signed-off-by: Changli Gao <[email protected]> Signed-off-by: David S. Miller <[email protected]>
2010-07-26drop_monitor: use genl_register_family_with_ops()Changli Gao1-16/+7
[ Fix unused local variable build warnings. -DaveM ] Signed-off-by: Changli Gao <[email protected]> Acked-by: Neil Horman <[email protected]> Signed-off-by: David S. Miller <[email protected]>
2010-07-26genetlink: cleanup code according to CodingStyleChangli Gao1-5/+4
If the function is exported, the EXPORT* macro for it should follow immediately after the closing function brace line. Signed-off-by: Changli Gao <[email protected]> ---- net/netlink/genetlink.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) Signed-off-by: David S. Miller <[email protected]>
2010-07-26Merge branch 'master' of ↵David S. Miller1-1/+1
git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-2.6
2010-07-26wireless: Make COMPAT_NETLINK_MESSAGES depend upon WEXT_COREDavid S. Miller1-1/+1
WIRELESS_EXT is not the correct dependency. Signed-off-by: David S. Miller <[email protected]>
2010-07-26netlink: netlink_recvmsg() fixEric Dumazet1-6/+16
commit 1dacc76d0014 (net/compat/wext: send different messages to compat tasks) introduced a race condition on netlink, in case MSG_PEEK is used. An skb given by skb_recv_datagram() might be shared, we must copy it before any modification, or risk fatal corruption. Signed-off-by: Eric Dumazet <[email protected]> Signed-off-by: David S. Miller <[email protected]>
2010-07-26mac80211: Don't set per-BSS QoS for monitor interfacesSujith1-2/+6
In AP mode, there is no need to notify the driver about QoS changes for the monitor interface that is created. The warning in ieee80211_bss_info_change_notify() would be hit otherwise. Signed-off-by: Sujith <[email protected]> Acked-by: Johannes Berg <[email protected]> Signed-off-by: John W. Linville <[email protected]>
2010-07-26mac80211: fix sta assignmentJohannes Berg1-12/+5
I just had the following: WARNING: at drivers/net/wireless/iwlwifi/iwl-agn-tx.c:574 iwlagn_tx_skb+0x1576/0x15f0 [iwlagn]() Call Trace: <IRQ> [<ffffffff8105c5df>] warn_slowpath_common+0x7f/0xc0 [<ffffffff8105c63a>] warn_slowpath_null+0x1a/0x20 [<ffffffffa0290b46>] iwlagn_tx_skb+0x1576/0x15f0 [iwlagn] [<ffffffffa027076c>] iwl_mac_tx+0x5c/0x260 [iwlagn] [<ffffffffa01bdf5b>] __ieee80211_tx+0x10b/0x1a0 [mac80211] [<ffffffffa01bfb86>] ieee80211_tx_pending+0x186/0x2d0 [mac80211] [<ffffffff81062ea5>] tasklet_action+0x125/0x130 [<ffffffff810634a6>] __do_softirq+0x106/0x270 [<ffffffff8100c09c>] call_softirq+0x1c/0x30 iwlagn 0000:02:00.0: Attempting to modify non-existing station 107 Note that 107 == 0x6b which is slab poison. The reason is that mac80211 passed a freed station pointer to mac80211, because as it happened iwlwifi reset itself while mac80211 was disconnecting from the network. It turns out that we do take care to look up the station pointer in ieee80211_tx_pending_skb, but then don't use it, which obviously is a bug. Fix this by removing the ieee80211_tx_h_sta handler and assigning the station pointer directly. Signed-off-by: Johannes Berg <[email protected]> Signed-off-by: John W. Linville <[email protected]>
2010-07-26cfg80211: fix IBSS default management keyJohannes Berg1-1/+3
When wireless extensions are used to control an encrypted IBSS, we erroneously can try to set the default management key. Fix this. Signed-off-by: Johannes Berg <[email protected]> Signed-off-by: John W. Linville <[email protected]>
2010-07-26mac80211: remove bogus rcu_read_lock()Johannes Berg1-6/+1
Another remnant of the previous key locking scheme needs to be removed -- this causes a warning otherwise as ieee80211_set_default_mgmt_key will acquire a mutex. Signed-off-by: Johannes Berg <[email protected]> Signed-off-by: John W. Linville <[email protected]>
2010-07-26wireless: remove unneeded variable from regulatory_hint_11d()Dan Carpenter1-4/+1
The "rd" variable isn't needed any more since 4f366c5dabcb "wireless: only use alpha2 regulatory information from country IE" Signed-off-by: Dan Carpenter <[email protected]> Signed-off-by: John W. Linville <[email protected]>
2010-07-26mac80211: freeing the wrong variableDan Carpenter1-1/+1
The intent was to free "msp->ratelist" here. "msp->sample_table" is always NULL at this point. Signed-off-by: Dan Carpenter <[email protected]> Signed-off-by: John W. Linville <[email protected]>
2010-07-26lib80211: remove unused host_build_iv optionJohn W. Linville3-3/+0
Signed-off-by: John W. Linville <[email protected]>
2010-07-26minstrel: don't complain about feedback for unrequested ratesJohn W. Linville1-1/+0
"It's not problematic if minstrel gets feedback for rates that it doesn't have in its list, it should just ignore it. - Felix" Signed-off-by: John W. Linville <[email protected]> Cc: Felix Fietkau <[email protected]>
2010-07-26minstrel_ht: remove unnecessary NULL check in minstrel_ht_update_capsJohn W. Linville1-1/+1
If sta is NULL, we will have problems long before we get here... Reported-by: Dan Carpenter <[email protected]> Signed-off-by: John W. Linville <[email protected]> Cc: Felix Fietkau <[email protected]>
2010-07-25net: dev_forward_skb should call nf_resetBen Greear1-0/+1
With conn-track zones and probably with different network namespaces, the netfilter logic needs to be re-calculated on packet receive. If the netfilter logic is not reset, it will not be recalculated properly. This patch adds the nf_reset logic to dev_forward_skb. Signed-off-by: Ben Greear <[email protected]> Signed-off-by: David S. Miller <[email protected]>
2010-07-24net: pskb_expand_head() optimizationEric Dumazet1-1/+1
Move frags[] at the end of struct skb_shared_info, and make pskb_expand_head() copy only the used part of it instead of whole array. This should avoid kmemcheck warnings and speedup pskb_expand_head() as well, avoiding a lot of cache misses. Signed-off-by: Eric Dumazet <[email protected]> Signed-off-by: David S. Miller <[email protected]>
2010-07-24net sched: fix race in mirred device removalstephen hemminger1-3/+40
This fixes hang when target device of mirred packet classifier action is removed. If a mirror or redirection action is configured to cause packets to go to another device, the classifier holds a ref count, but was assuming the adminstrator cleaned up all redirections before removing. The fix is to add a notifier and cleanup during unregister. The new list is implicitly protected by RTNL mutex because it is held during filter add/delete as well as notifier. Signed-off-by: Stephen Hemminger <[email protected]> Acked-by: Jamal Hadi Salim <[email protected]> Signed-off-by: David S. Miller <[email protected]>
2010-07-24sysfs: add attribute to indicate hw address assignment typeStefan Assmann1-0/+2
Add addr_assign_type to struct net_device and expose it via sysfs. This new attribute has the purpose of giving user-space the ability to distinguish between different assignment types of MAC addresses. For example user-space can treat NICs with randomly generated MAC addresses differently than NICs that have permanent (locally assigned) MAC addresses. For the former udev could write a persistent net rule by matching the device path instead of the MAC address. There's also the case of devices that 'steal' MAC addresses from slave devices. In which it is also be beneficial for user-space to be aware of the fact. This patch also introduces a helper function to assist adoption of drivers that generate MAC addresses randomly. Signed-off-by: Stefan Assmann <[email protected]> Signed-off-by: David S. Miller <[email protected]>
2010-07-23Merge branch 'master' of ↵David S. Miller15-717/+98
git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6 Conflicts: drivers/net/wireless/iwlwifi/iwl-commands.h
2010-07-23net: core: don't use own hex_to_bin() methodAndy Shevchenko1-24/+12
Signed-off-by: Andy Shevchenko <[email protected]> Signed-off-by: David S. Miller <[email protected]>
2010-07-23netfilter: iptables: use skb->len for accountingChangli Gao1-1/+1
Use skb->len for accounting as xt_quota does. Signed-off-by: Changli Gao <[email protected]> Signed-off-by: Patrick McHardy <[email protected]>
2010-07-23netfilter: ip6tables: use skb->len for accountingChangli Gao1-3/+1
ipv6_hdr(skb)->payload_len is ZERO and can't be used for accounting, if the payload is a Jumbo Payload specified in RFC2675. Signed-off-by: Changli Gao <[email protected]> Signed-off-by: Patrick McHardy <[email protected]>
2010-07-23xt_quota: report initial quota value instead of current value to userspaceChangli Gao1-2/+0
We should copy the initial value to userspace for iptables-save and to allow removal of specific quota rules. Signed-off-by: Changli Gao <[email protected]> Signed-off-by: Patrick McHardy <[email protected]>
2010-07-23netfilter: xt_quota: use per-rule spin lockChangli Gao1-5/+5
Use per-rule spin lock to improve the scalability. Signed-off-by: Changli Gao <[email protected]> Signed-off-by: Patrick McHardy <[email protected]>
2010-07-23netfilter: arptables: use arp_hdr_len()Changli Gao1-4/+1
use arp_hdr_len(). Signed-off-by: Changli Gao <[email protected]> Signed-off-by: Patrick McHardy <[email protected]>
2010-07-23netfilter: nf_nat_core: merge the same linesChangli Gao1-7/+2
proto->unique_tuple() will be called finally, if the previous calls fail. This patch checks the false condition of (range->flags &IP_NAT_RANGE_PROTO_RANDOM) instead to avoid duplicate line of code: proto->unique_tuple(). Signed-off-by: Changli Gao <[email protected]> Signed-off-by: Patrick McHardy <[email protected]>
2010-07-23netfilter: add xt_cpu matchEric Dumazet3-0/+73
In some situations a CPU match permits a better spreading of connections, or select targets only for a given cpu. With Remote Packet Steering or multiqueue NIC and appropriate IRQ affinities, we can distribute trafic on available cpus, per session. (all RX packets for a given flow is handled by a given cpu) Some legacy applications being not SMP friendly, one way to scale a server is to run multiple copies of them. Instead of randomly choosing an instance, we can use the cpu number as a key so that softirq handler for a whole instance is running on a single cpu, maximizing cache effects in TCP/UDP stacks. Using NAT for example, a four ways machine might run four copies of server application, using a separate listening port for each instance, but still presenting an unique external port : iptables -t nat -A PREROUTING -p tcp --dport 80 -m cpu --cpu 0 \ -j REDIRECT --to-port 8080 iptables -t nat -A PREROUTING -p tcp --dport 80 -m cpu --cpu 1 \ -j REDIRECT --to-port 8081 iptables -t nat -A PREROUTING -p tcp --dport 80 -m cpu --cpu 2 \ -j REDIRECT --to-port 8082 iptables -t nat -A PREROUTING -p tcp --dport 80 -m cpu --cpu 3 \ -j REDIRECT --to-port 8083 Signed-off-by: Eric Dumazet <[email protected]> Signed-off-by: Patrick McHardy <[email protected]>
2010-07-23IPVS: make FTP work with full NAT supportHannes Eder4-57/+165
Use nf_conntrack/nf_nat code to do the packet mangling and the TCP sequence adjusting. The function 'ip_vs_skb_replace' is now dead code, so it is removed. To SNAT FTP, use something like: % iptables -t nat -A POSTROUTING -m ipvs --vaddr 192.168.100.30/32 \ --vport 21 -j SNAT --to-source 192.168.10.10 and for the data connections in passive mode: % iptables -t nat -A POSTROUTING -m ipvs --vaddr 192.168.100.30/32 \ --vportctl 21 -j SNAT --to-source 192.168.10.10 using '-m state --state RELATED' would also works. Make sure the kernel modules ip_vs_ftp, nf_conntrack_ftp, and nf_nat_ftp are loaded. [ up-port and minor fixes by Simon Horman <[email protected]> ] Signed-off-by: Hannes Eder <[email protected]> Signed-off-by: Simon Horman <[email protected]> Signed-off-by: Patrick McHardy <[email protected]>
2010-07-23IPVS: make friends with nf_conntrackHannes Eder3-37/+30
Update the nf_conntrack tuple in reply direction, as we will see traffic from the real server (RIP) to the client (CIP). Once this is done we can use netfilters SNAT in POSTROUTING, especially with xt_ipvs, to do source NAT, e.g.: % iptables -t nat -A POSTROUTING -m ipvs --vaddr 192.168.100.30/32 --vport 80 \ -j SNAT --to-source 192.168.10.10 [ minor fixes by Simon Horman <[email protected]> ] Signed-off-by: Hannes Eder <[email protected]> Signed-off-by: Simon Horman <[email protected]> Signed-off-by: Patrick McHardy <[email protected]>
2010-07-23netfilter: xt_ipvs (netfilter matcher for IPVS)Hannes Eder4-0/+201
This implements the kernel-space side of the netfilter matcher xt_ipvs. [ minor fixes by Simon Horman <[email protected]> ] Signed-off-by: Hannes Eder <[email protected]> Signed-off-by: Simon Horman <[email protected]> [ Patrick: added xt_ipvs.h to Kbuild ] Signed-off-by: Patrick McHardy <[email protected]>
2010-07-22caif: precedence bugDan Carpenter1-1/+1
Negate has precedence over comparison so the original assert only checked that "rfml->fragment_size" was larger than 1 or 0. Signed-off-by: Dan Carpenter <[email protected]> Signed-off-by: David S. Miller <[email protected]>
2010-07-22net: RTA_MARK additionEric Dumazet1-0/+7
Add a new rt attribute, RTA_MARK, and use it in rt_fill_info()/inet_rtm_getroute() to support following commands : ip route get 192.168.20.110 mark NUMBER ip route get 192.168.20.108 from 192.168.20.110 iif eth1 mark NUMBER ip route list cache [192.168.20.110] mark NUMBER Signed-off-by: Eric Dumazet <[email protected]> Signed-off-by: David S. Miller <[email protected]>
2010-07-22ipv6: Don't add routes to ipv6 disabled interfaces.Brian Haley1-5/+9
If the interface has IPv6 disabled, don't add a multicast or link-local route since we won't be adding a link-local address. Reported-by: Mahesh Kelkar <[email protected]> Signed-off-by: Brian Haley <[email protected]> Signed-off-by: David S. Miller <[email protected]>
2010-07-22net: Fix skb_copy_expand() handling of ->csum_startDavid S. Miller1-1/+2
It should only be adjusted if ip_summed == CHECKSUM_PARTIAL. Signed-off-by: David S. Miller <[email protected]>
2010-07-22net: Fix corruption of skb csum field in pskb_expand_head() of net/core/skbuff.cAndrea Shepard1-1/+3
Make pskb_expand_head() check ip_summed to make sure csum_start is really csum_start and not csum before adjusting it. This fixes a bug I encountered using a Sun Quad-Fast Ethernet card and VLANs. On my configuration, the sunhme driver produces skbs with differing amounts of headroom on receive depending on the packet size. See line 2030 of drivers/net/sunhme.c; packets smaller than RX_COPY_THRESHOLD have 52 bytes of headroom but packets larger than that cutoff have only 20 bytes. When these packets reach the VLAN driver, vlan_check_reorder_header() calls skb_cow(), which, if the packet has less than NET_SKB_PAD (== 32) bytes of headroom, uses pskb_expand_head() to make more. Then, pskb_expand_head() needs to adjust a lot of offsets into the skb, including csum_start. Since csum_start is a union with csum, if the packet has a valid csum value this will corrupt it, which was the effect I observed. The sunhme hardware computes receive checksums, so the skbs would be created by the driver with ip_summed == CHECKSUM_COMPLETE and a valid csum field, and then pskb_expand_head() would corrupt the csum field, leading to an "hw csum error" message later on, for example in icmp_rcv() for pings larger than the sunhme RX_COPY_THRESHOLD. On the basis of the comment at the beginning of include/linux/skbuff.h, I believe that the csum_start skb field is only meaningful if ip_csummed is CSUM_PARTIAL, so this patch makes pskb_expand_head() adjust it only in that case to avoid corrupting a valid csum value. Please see my more in-depth disucssion of tracking down this bug for more details if you like: http://puellavulnerata.livejournal.com/112186.html http://puellavulnerata.livejournal.com/112567.html http://puellavulnerata.livejournal.com/112891.html http://puellavulnerata.livejournal.com/113096.html http://puellavulnerata.livejournal.com/113591.html I am not subscribed to this list, so please CC me on replies. Signed-off-by: Andrea Shepard <[email protected]> Signed-off-by: David S. Miller <[email protected]>
2010-07-21net: remove last uses of __attribute__((packed))Gustavo F. Padovan1-1/+1
Network code uses the __packed macro instead of __attribute__((packed)). Signed-off-by: Gustavo F. Padovan <[email protected]> Signed-off-by: David S. Miller <[email protected]>