summaryrefslogtreecommitdiffstats
path: root/net (follow)
Commit message (Collapse)AuthorAgeFilesLines
* [IPV6]: Fix unnecessary GFP_ATOMIC allocation in fib6 dumpThomas Graf2005-11-121-1/+1
| | | | | Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER] {ip,nf}_conntrack TCP: Accept SYN+PUSH like SYNVlad Drukker2005-11-122-0/+2
| | | | | | | | | | | | | | | Some devices (e.g. Qlogic iSCSI HBA hardware like QLA4010 up to firmware 3.0.0.4) initiates TCP with SYN and PUSH flags set. The Linux TCP/IP stack deals fine with that, but the connection tracking code doesn't. This patch alters TCP connection tracking to accept SYN+PUSH as a valid flag combination. Signed-off-by: Vlad Drukker <vlad@storewiz.com> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPV6]: Fix rtnetlink dump infinite loopHerbert Xu2005-11-121-4/+2
| | | | | | | | | | | | | The recent change to netlink dump "done" callback handling broke IPv6 which played dirty tricks with the "done" callback. This causes an infinite loop during a dump. The following patch fixes it. This bug was reported by Jeff Garzik. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: Include ulpevents in socket receive buffer accounting.Neil Horman2005-11-128-39/+54
| | | | | | | | | | | Also introduces a sysctl option to configure the receive buffer accounting policy to be either at socket or association level. Default is all the associations on the same socket share the receive buffer. Signed-off-by: Neil Horman <nhorman@tuxdriver.com> Signed-off-by: Sridhar Samudrala <sri@us.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: Remove timeouts[] array from sctp_endpoint.Vladislav Yasevich2005-11-124-29/+25
| | | | | | | | | | The socket level timeout values are maintained in sctp_sock and association level timeouts are in sctp_association. So there is no need for ep->timeouts. Signed-off-by: Vladislav Yasevich <vladislav.yasevich@hp.com> Signed-off-by: Sridhar Samudrala <sri@us.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: Fix potential NULL pointer dereference in sctp_v4_get_saddrVladislav Yasevich2005-11-121-0/+3
| | | | | | | | | | | | | | It is possible to get to sctp_v4_get_saddr() without a valid association. This happens when processing OOTB packets and the cached route entry is no longer valid. However, when responding to OOTB packets we already properly set the source address based on the information in the OOTB packet. So, if we we get to sctp_v4_get_saddr() without an association we can simply return. Signed-off-by: Vladislav Yasevich <vladislav.yasevich@hp.com> Signed-off-by: Sridhar Samudrala <sri@us.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPV6]: Fix inet6_init missing unregister.David S. Miller2005-11-121-2/+6
| | | | | | | | | | | Based mostly upon a patch from Olaf Kirch <okir@suse.de> When initialization fails in inet6_init(), we should unregister the PF_INET6 socket ops. Also, check sock_register()'s return value for errors. Signed-off-by: David S. Miller <davem@davemloft.net>
* [DECNET]: fix SIGPIPEPatrick Caulfield2005-11-111-7/+7
| | | | | | | | | | | Currently recvmsg generates SIGPIPE whereas sendmsg does not; for the other stacks it seems to be the other way round! It also fixes the bug where reading from a socket whose peer has shutdown returned -EINVAL rather than 0. Signed-off-by: Patrick Caulfield <patrick@tykepenguin.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [PATCH] TCP: fix vegas buildJeff Garzik2005-11-111-1/+1
| | | | | | | Recent TCP changes broke the build. Signed-off-by: Jeff Garzik <jgarzik@pobox.com> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
* [TCP]: speed up SACK processingStephen Hemminger2005-11-112-26/+172
| | | | | | | | | Use "hints" to speed up the SACK processing. Various forms of this have been used by TCP developers (Web100, STCP, BIC) to avoid the 2x linear search of outstanding segments. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [TCP]: spelling fixesStephen Hemminger2005-11-116-31/+31
| | | | | | | Minor spelling fixes for TCP code. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [TCP]: receive buffer growth limiting with mixed MTUJohn Heffner2005-11-111-27/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a patch for discussion addressing some receive buffer growing issues. This is partially related to the thread "Possible BUG in IPv4 TCP window handling..." last week. Specifically it addresses the problem of an interaction between rcvbuf moderation (receiver autotuning) and rcv_ssthresh. The problem occurs when sending small packets to a receiver with a larger MTU. (A very common case I have is a host with a 1500 byte MTU sending to a host with a 9k MTU.) In such a case, the rcv_ssthresh code is targeting a window size corresponding to filling up the current rcvbuf, not taking into account that the new rcvbuf moderation may increase the rcvbuf size. One hunk makes rcv_ssthresh use tcp_rmem[2] as the size target rather than rcvbuf. The other changes the behavior when it overflows its memory bounds with in-order data so that it tries to grow rcvbuf (the same as with out-of-order data). These changes should help my problem of mixed MTUs, and should also help the case from last week's thread I think. (In both cases though you still need tcp_rmem[2] to be set much larger than the TCP window.) One question is if this is too aggressive at trying to increase rcvbuf if it's under memory stress. Orignally-from: John Heffner <jheffner@psc.edu> Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [TCP]: Appropriate Byte Count supportStephen Hemminger2005-11-115-11/+37
| | | | | | | | | | | | | This is an updated version of the RFC3465 ABC patch originally for Linux 2.6.11-rc4 by Yee-Ting Li. ABC is a way of counting bytes ack'd rather than packets when updating congestion control. The orignal ABC described in the RFC applied to a Reno style algorithm. For advanced congestion control there is little change after leaving slow start. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [TCP]: add tcp_slow_start helperStephen Hemminger2005-11-116-59/+33
| | | | | | | | Move all the code that does linear TCP slowstart to one inline function to ease later patch to add ABC support. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [TCP]: simplify microsecond rtt samplingStephen Hemminger2005-11-111-32/+30
| | | | | | | | | Simplify the code that comuputes microsecond rtt estimate used by TCP Vegas. Move the callback out of the RTT sampler and into the end of the ack cleanup. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [TCP]: fix congestion window update when using TSO deferalStephen Hemminger2005-11-117-9/+11
| | | | | | | | | | | | | | | | | TCP peformance with TSO over networks with delay is awful. On a 100Mbit link with 150ms delay, we get 4Mbits/sec with TSO and 50Mbits/sec without TSO. The problem is with TSO, we intentionally do not keep the maximum number of packets in flight to fill the window, we hold out to until we can send a MSS chunk. But, we also don't update the congestion window unless we have filled, as per RFC2861. This patch replaces the check for the congestion window being full with something smarter that accounts for TSO. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NET]: Detect hardware rx checksum faults correctlyHerbert Xu2005-11-1016-131/+139
| | | | | | | | | | | | | | | | | | | | | | | | | | | Here is the patch that introduces the generic skb_checksum_complete which also checks for hardware RX checksum faults. If that happens, it'll call netdev_rx_csum_fault which currently prints out a stack trace with the device name. In future it can turn off RX checksum. I've converted every spot under net/ that does RX checksum checks to use skb_checksum_complete or __skb_checksum_complete with the exceptions of: * Those places where checksums are done bit by bit. These will call netdev_rx_csum_fault directly. * The following have not been completely checked/converted: ipmr ip_vs netfilter dccp This patch is based on patches and suggestions from Stephen Hemminger and David S. Miller. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6Linus Torvalds2005-11-1041-214/+9306
|\
| * [NETLINK]: Generic netlink familyThomas Graf2005-11-102-1/+580
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The generic netlink family builds on top of netlink and provides simplifies access for the less demanding netlink users. It solves the problem of protocol numbers running out by introducing a so called controller taking care of id management and name resolving. Generic netlink modules register themself after filling out their id card (struct genl_family), after successful registration the modules are able to register callbacks to command numbers by filling out a struct genl_ops and calling genl_register_op(). The registered callbacks are invoked with attributes parsed making life of simple modules a lot easier. Although generic netlink modules can request static identifiers, it is recommended to use GENL_ID_GENERATE and to let the controller assign a unique identifier to the module. Userspace applications will then ask the controller and lookup the idenfier by the module name. Due to the current multicast implementation of netlink, the number of generic netlink modules is restricted to 1024 to avoid wasting memory for the per socket multiacst subscription bitmask. Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [RTNETLINK]: Use generic netlink receive queue processorThomas Graf2005-11-101-70/+5
| | | | | | | | | | Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [XFRM]: Use generic netlink receive queue processorThomas Graf2005-11-101-56/+5
| | | | | | | | | | Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [NETLINK]: Generic netlink receive queue processorThomas Graf2005-11-101-0/+91
| | | | | | | | | | | | | | | | | | | | | | | | | | Introduces netlink_run_queue() to handle the receive queue of a netlink socket in a generic way. Processes as much as there was in the queue upon entry and invokes a callback function for each netlink message found. The callback function may refuse a message by returning a negative error code but setting the error pointer to 0 in which case netlink_run_queue() will return with a qlen != 0. Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [NETLINK]: Make netlink_callback->done() optionalThomas Graf2005-11-105-25/+8
| | | | | | | | | | | | | | | | Most netlink families make no use of the done() callback, making it optional gets rid of all unnecessary dummy implementations. Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [NETLINK]: Type-safe netlink messages/attributes interfaceThomas Graf2005-11-102-1/+329
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Introduces a new type-safe interface for netlink message and attributes handling. The interface is fully binary compatible with the old interface towards userspace. Besides type safety, this interface features attribute validation capabilities, simplified message contstruction, and documentation. The resulting netlink code should be smaller, less error prone and easier to understand. Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [NETFILTER]: Add nf_conntrack subsystem.Yasuyuki Kozakai2005-11-1033-62/+8289
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The existing connection tracking subsystem in netfilter can only handle ipv4. There were basically two choices present to add connection tracking support for ipv6. We could either duplicate all of the ipv4 connection tracking code into an ipv6 counterpart, or (the choice taken by these patches) we could design a generic layer that could handle both ipv4 and ipv6 and thus requiring only one sub-protocol (TCP, UDP, etc.) connection tracking helper module to be written. In fact nf_conntrack is capable of working with any layer 3 protocol. The existing ipv4 specific conntrack code could also not deal with the pecularities of doing connection tracking on ipv6, which is also cured here. For example, these issues include: 1) ICMPv6 handling, which is used for neighbour discovery in ipv6 thus some messages such as these should not participate in connection tracking since effectively they are like ARP messages 2) fragmentation must be handled differently in ipv6, because the simplistic "defrag, connection track and NAT, refrag" (which the existing ipv4 connection tracking does) approach simply isn't feasible in ipv6 3) ipv6 extension header parsing must occur at the correct spots before and after connection tracking decisions, and there were no provisions for this in the existing connection tracking design 4) ipv6 has no need for stateful NAT The ipv4 specific conntrack layer is kept around, until all of the ipv4 specific conntrack helpers are ported over to nf_conntrack and it is feature complete. Once that occurs, the old conntrack stuff will get placed into the feature-removal-schedule and we will fully kill it off 6 months later. Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
* | [PATCH] SUNRPC: don't reencode when looping in call transmit.Trond Myklebust2005-11-101-3/+29
|/ | | | | | | | | | | | | | | If the call to xprt_transmit() fails due to socket buffer space exhaustion, we do not need to re-encode the RPC message when we loop back through call_transmit. Re-encoding can actually end up triggering the WARN_ON() in call_decode() if we re-encode something like a read() request and auth->au_rslack has changed. It can also cause us to increment the RPCSEC_GSS sequence number beyond the limits of the allowed window. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
* [IPV6]: ip6ip6_lock is not unlocked in error path.Ken-ichirou MATSUZAWA2005-11-091-0/+1
| | | | | | From: Ken-ichirou MATSUZAWA <chamas@h4.dion.ne.jp> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPV6]: Fix fallout from CONFIG_IPV6_PRIVACYPeter Chubb2005-11-091-1/+2
| | | | | | | | | | Trying to build today's 2.6.14+git snapshot gives undefined references to use_tempaddr Looks like an ifdef got left out. Signed-off-by: Peter Chubb <peterc@gelato.unsw.edu.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER] ctnetlink: ICMP_ID is u_int16_t not u_int8_t.Krzysztof Piotr Oledzki2005-11-091-1/+1
| | | | | | | Signed-off-by: Krzysztof Piotr Oledzki <ole@ans.pl> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER] ctnetlink: Fix oops when no ICMP ID info in messageKrzysztof Piotr Oledzki2005-11-091-1/+2
| | | | | | | | | | This patch fixes an userspace triggered oops. If there is no ICMP_ID info the reference to attr will be NULL. Signed-off-by: Krzysztof Piotr Oledzki <ole@ans.pl> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER] ctnetlink: Add support to identify expectations by ID'sPablo Neira Ayuso2005-11-091-0/+8
| | | | | | Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER] ctnetlink: propagate error instaed of returning -EPERMPablo Neira Ayuso2005-11-091-1/+1
| | | | | | | | | Propagate the error to userspace instead of returning -EPERM if the get conntrack operation fails. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER] ctnetlink: return -EINVAL if size is wrongPablo Neira Ayuso2005-11-091-1/+1
| | | | | | | | Return -EINVAL if the size isn't OK instead of -EPERM. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: stop tracking ICMP error at early pointYasuyuki Kozakai2005-11-091-5/+5
| | | | | | | | | | | Currently connection tracking handles ICMP error like normal packets if it failed to get related connection. But it fails that after all. This makes connection tracking stop tracking ICMP error at early point. Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER] nfnetlink: only load subsystems if CAP_NET_ADMIN is setHarald Welte2005-11-091-7/+10
| | | | | | | | | | | | Without this patch, any user can cause nfnetlink subsystems to be autoloaded. Those subsystems however could add significant processing overhead to packet processing, and would refuse any configuration messages from non-CAP_NET_ADMIN processes anyway. This patch follows a suggestion from Patrick McHardy. Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER] PPTP helper: fix PNS-PAC expectation call idPhilip Craig2005-11-091-2/+26
| | | | | | | | | | | | | | | | | | | The reply tuple of the PNS->PAC expectation was using the wrong call id. So we had the following situation: - PNS behind NAT firewall - PNS call id requires NATing - PNS->PAC gre packet arrives first then the PNS->PAC expectation is matched, and the other expectation is deleted, but the PAC->PNS gre packets do not match the gre conntrack because the call id is wrong. We also cannot use ip_nat_follow_master(). Signed-off-by: Philip Craig <philipc@snapgear.com> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER] ctnetlink: get_conntrack can use GFP_KERNELPablo Neira Ayuso2005-11-091-1/+1
| | | | | | | | | ctnetlink_get_conntrack is always called from user context, so GFP_KERNEL is enough. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER] ctnetlink: kill unused includesPablo Neira Ayuso2005-11-091-3/+0
| | | | | | | | | Kill some useless headers included in ctnetlink. They aren't used in any way. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER] ctnetlink: add module alias to fix autoloadingPablo Neira Ayuso2005-11-091-0/+2
| | | | | | | | | Add missing module alias. This is a must to load ctnetlink on demand. For example, the conntrack tool will fail if the module isn't loaded. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER] ctnetlink: add marking support from userspacePablo Neira Ayuso2005-11-091-0/+10
| | | | | | | | This patch adds support for conntrack marking from user space. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER] ctnetlink: check if protoinfo is presentPablo Neira Ayuso2005-11-091-0/+5
| | | | | | | | | | This fixes an oops triggered from userspace. If we don't pass information about the private protocol info, the reference to attr will be NULL. This is likely to happen in update messages. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER] nfnetlink: nfattr_parse() can never fail, make it voidHarald Welte2005-11-093-45/+10
| | | | | | | | | | nfattr_parse (and thus nfattr_parse_nested) always returns success. So we can make them 'void' and remove all the checking at the caller side. Based on original patch by Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: refcount leak of proto when ctnetlink dumping tupleYasuyuki Kozakai2005-11-091-3/+6
| | | | | | Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: packet counter of conntrack is 32bitsYasuyuki Kozakai2005-11-091-1/+1
| | | | | | | | | The packet counter variable of conntrack was changed to 32bits from 64bits. This follows that change. Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* Merge branch 'upstream-linus' of ↵Linus Torvalds2005-11-093-116/+52
|\ | | | | | | master.kernel.org:/pub/scm/linux/kernel/git/jgarzik/netdev-2.6
| * ieee80211: cleanup crypto list handling, other minor cleanups.Christoph Hellwig2005-11-091-111/+41
| |
| * Merge rsync://bughost.org/repos/ieee80211-delta/Jeff Garzik2005-11-091-5/+9
| |\
| | * Fix problem with WEP unicast key > index 0Volker Braun2005-11-071-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | The functions ieee80211_wx_{get,set}_encodeext fail if one tries to set unicast (IW_ENCODE_EXT_GROUP_KEY not set) keys at key indices>0. But at least some Cisco APs dish out dynamic WEP unicast keys at index !=0. Signed-off-by: Volker Braun <volker.braun@physik.hu-berlin.de> Signed-off-by: James Ketrenos <jketreno@linux.intel.com>
| | * scripts/Lindent on ieee80211 subsystem.James Ketrenos2005-11-071-3/+5
| | | | | | | | | | | | Signed-off-by: James Ketrenos <jketreno@linux.intel.com>
| * | Merge git://git.tuxdriver.com/git/netdev-jwlJeff Garzik2005-11-081-0/+2
| |\ \