summaryrefslogtreecommitdiffstats
path: root/net (follow)
Commit message (Collapse)AuthorAgeFilesLines
* [NETFILTER]: xt_time should not assume CONFIG_KTIME_SCALAREric Dumazet2007-11-131-1/+1
| | | | | | | | It is not correct to assume one can get nsec from a ktime directly by using .tv64 field. Signed-off-by: Eric Dumazet <dada1@cosmosbay.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NET]: Move unneeded data to initdata section.Denis V. Lunev2007-11-133-5/+5
| | | | | | | | | | This patch reverts Eric's commit 2b008b0a8e96b726c603c5e1a5a7a509b5f61e35 It diets .text & .data section of the kernel if CONFIG_NET_NS is not set. This is safe after list operations cleanup. Signed-of-by: Denis V. Lunev <den@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NET]: Cleanup pernet operation without CONFIG_NET_NSDenis V. Lunev2007-11-131-0/+18
| | | | | | | | | | | | | | | If CONFIG_NET_NS is not set, the only namespace is possible. This patch removes list of pernet_operations and cleanups code a bit. This list is not needed if there are no namespaces. We should just call ->init method. Additionally, the ->exit will be called on module unloading only. This case is safe - the code is not discarded. For the in/kernel code, ->exit should never be called. Signed-off-by: Denis V. Lunev <den@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: bridge: fix double POSTROUTING hook invocationPatrick McHardy2007-11-131-0/+3
| | | | | | | | | Packets routed between bridges have the POST_ROUTING hook invoked twice since bridging mistakes them for bridged packets because they have skb->nf_bridge set. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: Consolidate nf_sockopt and compat_nf_sockoptPavel Emelyanov2007-11-131-62/+44
| | | | | | | | | | | Both lookup the nf_sockopt_ops object to call the get/set callbacks from, but they perform it in a completely similar way. Introduce the helper for finding the ops. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: nf_nat: fix memset errorLi Zefan2007-11-131-1/+1
| | | | | | | | The size passing to memset is the size of a pointer. Signed-off-by: Li Zefan <lizf@cn.fujitsu.com> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [INET]: Use list_head-s in inetpeer.cPavel Emelyanov2007-11-131-27/+15
| | | | | | | | The inetpeer.c tracks the LRU list of inet_perr-s, but makes it by hands. Use the list_head-s for this. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPVS]: Remove unused exports.Adrian Bunk2007-11-132-2/+0
| | | | | | | | | This patch removes the following unused EXPORT_SYMBOL's: - ip_vs_try_bind_dest - ip_vs_find_dest Signed-off-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NET]: Unexport sysctl_{r,w}mem_max.Adrian Bunk2007-11-131-4/+0
| | | | | | | sysctl_{r,w}mem_max can now be unexported. Signed-off-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [AF_PACKET]: Fix minor code duplicationUrs Thuermann2007-11-131-11/+5
| | | | | | | | Simplify some code by eliminating duplicate if-else clauses in packet_do_bind(). Signed-off-by: Urs Thuermann <urs@isnogud.escape.de> Signed-off-by: David S. Miller <davem@davemloft.net>
* Merge branch 'pending' of ↵David S. Miller2007-11-1315-181/+202
|\ | | | | | | master.kernel.org:/pub/scm/linux/kernel/git/vxy/lksctp-dev
| * Fix memory leak in discard case of sctp_sf_abort_violation()Jesper Juhl2007-11-121-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In net/sctp/sm_statefuns.c::sctp_sf_abort_violation() we may leak the storage allocated for 'abort' by returning from the function without using or freeing it. This happens in case "sctp_auth_recv_cid(SCTP_CID_ABORT, asoc)" is true and we jump to the 'discard' label. Spotted by the Coverity checker. The simple fix is to simply move the creation of the "abort chunk" to after the possible jump to the 'discard' label. This way we don't even have to allocate the memory at all in the problem case. Signed-off-by: Jesper Juhl <jesper.juhl@gmail.com> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
| * SCTP: Always flush the queue when uncorcking.Vlad Yasevich2007-11-091-3/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When the code calls uncork, trigger a queue flush, even if the queue was not corked. Most callers that explicitely cork the queue will have additinal checks to see if they corked it. Callers who do not cork the queue expect packets to flow when they call uncork. The scneario that showcased this bug happend when we were not able to bundle DATA with outgoing COOKIE-ECHO. As a result the data just sat in the outqueue and did not get transmitted. The application expected a response, but nothing happened. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
| * SCTP: Fix PR-SCTP to deliver all the accumulated ordered chunksVlad Yasevich2007-11-091-1/+1
| | | | | | | | | | | | | | | | | | | | There is a small bug when we process a FWD-TSN. We'll deliver anything upto the current next expected SSN. However, if the next expected is already in the queue, it will take another chunk to trigger its delivery. The fix is to simply check the current queued SSN is the next expected one. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
| * SCTP: Make sctp_verify_param return multiple indications.Vlad Yasevich2007-11-091-74/+75
| | | | | | | | | | | | | | | | | | | | SCTP-AUTH and future ADD-IP updates have a requirement to do additional verification of parameters and an ability to ABORT the association if verification fails. So, introduce additional return code so that we can clear signal a required action. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
| * SCTP: Convert custom hash lists to use hlist.Vlad Yasevich2007-11-095-47/+25
| | | | | | | | | | | | Convert the custom hash list traversals to use hlist functions. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
| * SCTP: Use hashed lookup when looking for an association.Vlad Yasevich2007-11-091-12/+22
| | | | | | | | | | | | | | | | A SCTP endpoint may have a lot of associations on them and walking the list is fairly inefficient. Instead, use a hashed lookup, and filter out the hash list based on the endopoing we already have. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
| * SCTP: Fix a potential race between timers and receive path.Vlad Yasevich2007-11-071-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | There is a possible race condition where the timer code will free the association and the next packet in the queue will also attempt to free the same association. The example is, when we receive an ABORT at about the same time as the retransmission timer fires. If the timer wins the race, it will free the association. Once it releases the lock, the queue processing will recieve the ABORT and will try to free the association again. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
| * SCTP: Allow ADD_IP to work with AUTH for backward compatibility.Vlad Yasevich2007-11-074-3/+19
| | | | | | | | | | | | | | | | | | | | This patch adds a tunable that will allow ADD_IP to work without AUTH for backward compatibility. The default value is off since the default value for ADD_IP is off as well. People who need to use ADD-IP with older implementations take risks of connection hijacking and should consider upgrading or turning this tunable on. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
| * SCTP: Correctly disable ADD-IP when AUTH is not supported.Vlad Yasevich2007-11-072-3/+4
| | | | | | | | Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
| * SCTP: Update RCU handling during the ADD-IP caseVlad Yasevich2007-11-073-12/+9
| | | | | | | | | | | | | | | | | | | | After learning more about rcu, it looks like the ADD-IP hadling doesn't need to call call_rcu_bh. All the rcu critical sections use rcu_read_lock, so using call_rcu_bh is wrong here. Now, restore the local_bh_disable() code blocks and use normal call_rcu() calls. Also restore the missing return statement. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
| * SCTP: Fix difference cases of retransmit.Vlad Yasevich2007-11-074-20/+30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Commit d0ce92910bc04e107b2f3f2048f07e94f570035d broke several retransmit cases including fast retransmit. The reason is that we should only delay by rto while doing retranmists as a result of a timeout. Retransmit as a result of path mtu discover, fast retransmit, or other evernts that should trigger immidiate retransmissions got broken. Also, since rto is doubled prior to marking of packets elegable for retransmission, we never marked correct chunks anyway. The fix is provide a reason for a given retransmission so that we can mark chunks appropriately and to save the old rto value to do comparisons against. All regressions tests passed with this code. Spotted by Wei Yongjun <yjwei@cn.fujitsu.com> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
| * SCTP : Fix to process bundled ASCONF chunk correctlyWei Yongjun2007-11-071-2/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | If ASCONF chunk is bundled with other chunks as the first chunk, when process the ASCONF parameters, full packet data will be process as the parameters of the ASCONF chunk, not only the real parameters. So if you send a ASCONF chunk bundled with other chunks, you will get an unexpect result. This problem also exists when ASCONF-ACK chunk is bundled with other chunks. This patch fix this problem. Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
| * SCTP : Fix bad formatted comment in outqueue.cWei Yongjun2007-11-071-1/+2
| | | | | | | | | | | | | | Just fix the bad format of the comment in outqueue.c. Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
* | [NET]: Add the helper kernel_sock_shutdown()Trond Myklebust2007-11-132-2/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ...and fix a couple of bugs in the NBD, CIFS and OCFS2 socket handlers. Looking at the sock->op->shutdown() handlers, it looks as if all of them take a SHUT_RD/SHUT_WR/SHUT_RDWR argument instead of the RCV_SHUTDOWN/SEND_SHUTDOWN arguments. Add a helper, and then define the SHUT_* enum to ensure that kernel users of shutdown() don't get confused. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com> Acked-by: Mark Fasheh <mark.fasheh@oracle.com> Acked-by: David Howells <dhowells@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [IPV6]: Add ifindex field to ND user option messages.Pierre Ynard2007-11-131-0/+1
| | | | | | | | | | | | | | | | | | Userland neighbor discovery options are typically heavily involved with the interface on which thay are received: add a missing ifindex field to the original struct. Thanks to Rémi Denis-Courmont. Signed-off-by: Pierre Ynard <linkfanel@yahoo.fr> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [INET]: Small possible memory leak in FIB rulesDenis V. Lunev2007-11-114-64/+59
| | | | | | | | | | | | | | | | | | | | | | | | | | This patch fixes a small memory leak. Default fib rules can be deleted by the user if the rule does not carry FIB_RULE_PERMANENT flag, f.e. by ip rule flush Such a rule will not be freed as the ref-counter has 2 on start and becomes clearly unreachable after removal. Signed-off-by: Denis V. Lunev <den@openvz.org> Acked-by: Alexey Kuznetsov <kuznet@ms2.inr.ac.ru> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [NETNS]: init dev_base_lock only onceAlexey Dobriyan2007-11-111-1/+0
| | | | | | | | | | | | | | | | | | * it already statically initialized * reinitializing live global spinlock every time netns is setup is also wrong Signed-off-by: Alexey Dobriyan <adobriyan@sw.ru> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [UNIX]: The unix_nr_socks limit can be exceededPavel Emelyanov2007-11-111-3/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The unix_nr_socks value is limited with the 2 * get_max_files() value, as seen from the unix_create1(). However, the check and the actual increment are separated with the GFP_KERNEL allocation, so this limit can be exceeded under a memory pressure - task may go to sleep freeing the pages and some other task will be allowed to allocate a new sock and so on and so forth. So make the increment before the check (similar thing is done in the sock_kmalloc) and go to kmalloc after this. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [AF_UNIX]: Convert socks to unix_socks in scan_inflight, not in callbacksPavel Emelyanov2007-11-111-11/+9
| | | | | | | | | | | | | | | | | | | | | | | | The scan_inflight() routine scans through the unix sockets and calls some passed callback. The fact is that all these callbacks work with the unix_sock objects, not the sock ones, so make this conversion in the scan_inflight() before calling the callbacks. This removes one unneeded variable from the inc_inflight_move_tail(). Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [AF_UNIX]: Make unix_tot_inflight counter non-atomicPavel Emelyanov2007-11-112-4/+4
| | | | | | | | | | | | | | | | This counter is _always_ modified under the unix_gc_lock spinlock, so its atomicity can be provided w/o additional efforts. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [AF_PACKET]: Allow multicast traffic to be caught by ORIGDEV when bondedPeter P Waskiewicz Jr2007-11-111-2/+2
| | | | | | | | | | | | | | | | | | | | The socket option for packet sockets to return the original ifindex instead of the bonded ifindex will not match multicast traffic. Since this socket option is the most useful for layer 2 traffic and multicast traffic, make the option multicast-aware. Signed-off-by: Peter P Waskiewicz Jr <peter.p.waskiewicz.jr@intel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* | mac80211: fix MAC80211_RCSIMPLE KconfigJohannes Berg2007-11-111-2/+2
| | | | | | | | | | | | | | | | I meant for this to be selectable only with EMBEDDED, not enabled only with EMBEDDED. This does it that way. Sorry. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* | mac80211: make "decrypt failed" messages conditional upon MAC80211_DEBUGJohn W. Linville2007-11-113-6/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Make "decrypt failed" and "have no key" debugging messages compile conditionally upon CONFIG_MAC80211_DEBUG. They have been useful for finding certain problems in the past, but in many cases they just clutter a user's logs. A typical example is an enviornment where multiple SSIDs are using a single BSSID but with different protection schemes or different keys for each SSID. In such an environment these messages are just noise. Let's just leave them for those interested enough to turn-on debugging. Signed-off-by: John W. Linville <linville@tuxdriver.com>
* | mac80211: use IW_AUTH_PRIVACY_INVOKED rather than IW_AUTH_KEY_MGMTJohannes Berg2007-11-113-15/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | In the long bug-hunt for why dynamic WEP networks didn't work it turned out that mac80211 incorrectly uses IW_AUTH_KEY_MGMT while it should use IW_AUTH_PRIVACY_INVOKED to determine whether to associate to protected networks or not. This patch changes the behaviour to be that way and clarifies the existing code. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Cc: Jouni Malinen <j@w1.fi> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* | mac80211: remove unused driver opsJohannes Berg2007-11-111-6/+1
| | | | | | | | | | | | | | | | | | | | | | | | The driver operations set_ieee8021x(), set_port_auth() and set_privacy_invoked() are not used by any drivers, except set_privacy_invoked() they aren't even used by mac80211. Remove them at least until we need to support drivers with mac80211 that require getting this information. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Acked-by: Michael Wu <flamingice@sourmilk.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* | mac80211: remove ieee80211_common.hJohannes Berg2007-11-111-91/+0
| | | | | | | | | | | | | | | | Robert pointed out that I missed this file when removing the management interface. Do it now. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* | rfkill: Fix sparse warningMichael Buesch2007-11-111-0/+4
| | | | | | | | Signed-off-by: John W. Linville <linville@tuxdriver.com>
* | rfkill: Use mutex_lock() at register and add sanity checkMichael Buesch2007-11-111-11/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | Replace mutex_lock_interruptible() by mutex_lock() in rfkill_register(), as interruptible doesn't make sense there. Add a sanity check for rfkill->type, as that's used for an unchecked dereference in an array and might cause hard to debug crashes if the driver sets this to an invalid value. Signed-off-by: Michael Buesch <mb@bu3sch.de> Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* | mac80211: allow driver to ask for a rate control algorithmJohannes Berg2007-11-111-1/+2
| | | | | | | | | | | | | | | | | | This allows a driver to ask for a specific rate control algorithm. The rate control algorithm asked for must be registered and be available as a module or built-in. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* | mac80211: don't allow registering the same rate control twiceJohannes Berg2007-11-111-1/+10
| | | | | | | | | | | | | | | | | | | | Previously, mac80211 would allow registering the same rate control algorithm twice. This is a programming error in the registration and should not happen; additionally the second version could never be selected. Disallow this and warn about it. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* | rfkill: Use subsys_initcallMichael Buesch2007-11-111-1/+1
| | | | | | | | | | | | | | | | | | We must use subsys_initcall, because we must initialize before a driver calls rfkill_register(). Signed-off-by: Michael Buesch <mb@bu3sch.de> Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* | mac80211: make simple rate control algorithm built-inJohannes Berg2007-11-116-27/+42
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Too frequently people do not have module autoloading enabled or fail to install the rate control module correctly, hence their hardware probing fails due to no rate control algorithm being available. This makes the 'simple' algorithm built into the mac80211 module unless EMBEDDED is enabled in which case it can be disabled (eg. if the wanted driver requires another rate control algorithm.) Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Acked-by: Michael Buesch <mb@bu3sch.de> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* | rfkill: Register LED triggers before registering switchMichael Buesch2007-11-111-5/+6
| | | | | | | | | | | | | | | | | | | | | | Registering the switch triggers a LED event, so we must register LED triggers before the switch. This has a potential to fix a crash, depending on how the device driver initializes the rfkill data structure. Signed-off-by: Michael Buesch <mb@bu3sch.de> Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* | softmac: fix wext MLME request reason code endiannessJohannes Berg2007-11-111-1/+1
| | | | | | | | | | | | | | | | | | | | | | The MLME request reason code is host-endian and our passing it to the low level functions is host-endian as well since they do the swapping. I noticed that the reason code 768 was sent (0x300) rather than 3 when wpa_supplicant terminates. This removes the superfluous cpu_to_le16() call. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* | [PKT_SCHED] CLS_U32: Use ffs() instead of C code on hash mask to get first ↵Radu Rendec2007-11-111-11/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | set bit. Computing the rank of the first set bit in the hash mask (for using later in u32_hash_fold()) was done with plain C code. Using ffs() instead makes the code more readable and improves performance (since ffs() is better optimized in assembler). Using the conditional operator on hash mask before applying ntohl() also saves one ntohl() call if mask is 0. Signed-off-by: Radu Rendec <radu.rendec@ines.ro> Signed-off-by: Jarek Poplawski <jarkao2@o2.pl> Acked-by: Jamal Hadi Salim <hadi@cyberus.ca> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [VLAN]: Allow setting mac address while device is upPatrick McHardy2007-11-113-0/+28
| | | | | | | | | | Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [VLAN]: Don't synchronize addresses while the vlan device is downPatrick McHardy2007-11-111-0/+4
| | | | | | | | | | | | | | | | | | | | While the VLAN device is down, the unicast addresses are not configured on the underlying device, so we shouldn't attempt to sync them. Noticed by Dmitry Butskoy <buc@odusz.so-cdu.ru> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [INET]: Cleanup the xfrm4_tunnel_(un)registerPavel Emelyanov2007-11-111-4/+7
| | | | | | | | | | | | | | | | Both check for the family to select an appropriate tunnel list. Consolidate this check and make the for() loop more readable. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | [INET]: Add missed tunnel64_err handlerPavel Emelyanov2007-11-111-1/+12
| | | | | | | | | | | | | | | | | | | | | | | | The tunnel64_protocol uses the tunnel4_protocol's err_handler and thus calls the tunnel4_protocol's handlers. This is not very good, as in case of (icmp) error the wrong error handlers will be called (e.g. ipip ones instead of sit) and this won't be noticed at all, because the error is not reported. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>