- 30 Aug, 2011 5 commits
-
-
Patrick McHardy authored
Netfilter git trees are moving to a directory shared by Pablo and myself, update git URLs. Signed-off-by: Patrick McHardy <kaber@trash.net>
-
Jozsef Kadlecsik authored
The wrong multiplication of TCPOLEN_TSTAMP_ALIGNED by 4 skips the fast path for the timestamp-only option. Bug reported by Michael M. Builov (netfilter bugzilla #738). Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> Signed-off-by: Patrick McHardy <kaber@trash.net>
-
Jozsef Kadlecsik authored
Michael M. Builov reported that in the tcp_options and tcp_sack functions of netfilter TCP conntrack the incorrect handling of invalid TCP option with too big opsize may lead to read access beyond tcp-packet or buffer allocated on stack (netfilter bugzilla #738). The fix is to stop parsing the options at detecting the broken option. Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> Signed-off-by: Patrick McHardy <kaber@trash.net>
-
Sanket Shah authored
When both the server and the client are NATed, the set-link-info control packet containing the peer's call-id field is not properly translated. I have verified that it was working in 2.6.16.13 kernel previously but due to rewrite, this scenario stopped working (Not knowing exact version when it stopped working). Signed-off-by: Sanket Shah <sanket.shah@elitecore.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
-
Florian Westphal authored
A userspace listener may send (bogus) NF_STOLEN verdict, which causes skb leak. This problem was previously fixed via 64507fdb (netfilter: nf_queue: fix NF_STOLEN skb leak) but this had to be reverted because NF_STOLEN can also be returned by a netfilter hook when iterating the rules in nf_reinject. Reject userspace NF_STOLEN verdict, as suggested by Michal Miroslaw. This is complementary to commit fad54440 (netfilter: avoid double free in nf_reinject). Cc: Julian Anastasov <ja@ssi.bg> Cc: Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
-
- 29 Jul, 2011 3 commits
-
-
Bart De Schuymer authored
The configuration of ebtables shouldn't depend on CONFIG_BRIDGE_NETFILTER, only on CONFIG_NETFILTER. Reported-by: Sbastien Laveze <slaveze@gmail.com> Signed-off-by: Bart De Schuymer <bdschuym@pandora.be> Signed-off-by: Patrick McHardy <kaber@trash.net>
-
Jesper Juhl authored
ipq_build_packet_message() in net/ipv4/netfilter/ip_queue.c and net/ipv6/netfilter/ip6_queue.c contain a small potential mem leak as far as I can tell. We allocate memory for 'skb' with alloc_skb() annd then call nlh = NLMSG_PUT(skb, 0, 0, IPQM_PACKET, size - sizeof(*nlh)); NLMSG_PUT is a macro NLMSG_PUT(skb, pid, seq, type, len) \ NLMSG_NEW(skb, pid, seq, type, len, 0) that expands to NLMSG_NEW, which is also a macro which expands to: NLMSG_NEW(skb, pid, seq, type, len, flags) \ ({ if (unlikely(skb_tailroom(skb) < (int)NLMSG_SPACE(len))) \ goto nlmsg_failure; \ __nlmsg_put(skb, pid, seq, type, len, flags); }) If we take the true branch of the 'if' statement and 'goto nlmsg_failure', then we'll, at that point, return from ipq_build_packet_message() without having assigned 'skb' to anything and we'll leak the memory we allocated for it when it goes out of scope. Fix this by placing a 'kfree(skb)' at 'nlmsg_failure'. I admit that I do not know how likely this to actually happen or even if there's something that guarantees that it will never happen - I'm not that familiar with this code, but if that is so, I've not been able to spot it. Signed-off-by: Jesper Juhl <jj@chaosbits.net> Signed-off-by: Patrick McHardy <kaber@trash.net>
-
Eric Dumazet authored
commit 4a5a5c73 (slightly better error reporting) added some useless code in xt_rateest_mt_checkentry(). Fix this so that different error codes can really be returned. Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> CC: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
-
- 28 Jul, 2011 32 commits
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparcLinus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc: n2_crypto: Attach on Niagara-T3. n2rng: Attach on Niagara-T3. sparc: Detect and handle UltraSPARC-T3 cpu types. sparc: Don't do expensive hypervisor PCR write unless necessary. sparc: Add T3 sun4v cpu type and hypervisor group defines. sparc: Don't leave sparc_pmu_type NULL on sun4v.
-
git://git.kernel.org/pub/scm/linux/kernel/git/davem/netLinus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (32 commits) tg3: Remove 5719 jumbo frames and TSO blocks tg3: Break larger frags into 4k chunks for 5719 tg3: Add tx BD budgeting code tg3: Consolidate code that calls tg3_tx_set_bd() tg3: Add partial fragment unmapping code tg3: Generalize tg3_skb_error_unmap() tg3: Remove short DMA check for 1st fragment tg3: Simplify tx bd assignments tg3: Reintroduce tg3_tx_ring_info ASIX: Use only 11 bits of header for data size ASIX: Simplify condition in rx_fixup() Fix cdc-phonet build bonding: reduce noise during init bonding: fix string comparison errors net: Audit drivers to identify those needing IFF_TX_SKB_SHARING cleared net: add IFF_SKB_TX_SHARED flag to priv_flags net: sock_sendmsg_nosec() is static forcedeth: fix vlans gianfar: fix bug caused by 87c288c6 gro: Only reset frag0 when skb can be pulled ...
-
git://neil.brown.name/mdLinus Torvalds authored
* 'for-linus' of git://neil.brown.name/md: (75 commits) md/raid10: handle further errors during fix_read_error better. md/raid10: Handle read errors during recovery better. md/raid10: simplify read error handling during recovery. md/raid10: record bad blocks due to write errors during resync/recovery. md/raid10: attempt to fix read errors during resync/check md/raid10: Handle write errors by updating badblock log. md/raid10: clear bad-block record when write succeeds. md/raid10: avoid writing to known bad blocks on known bad drives. md/raid10 record bad blocks as needed during recovery. md/raid10: avoid reading known bad blocks during resync/recovery. md/raid10 - avoid reading from known bad blocks - part 3 md/raid10: avoid reading from known bad blocks - part 2 md/raid10: avoid reading from known bad blocks - part 1 md/raid10: Split handle_read_error out from raid10d. md/raid10: simplify/reindent some loops. md/raid5: Clear bad blocks on successful write. md/raid5. Don't write to known bad block on doubtful devices. md/raid5: write errors should be recorded as bad blocks if possible. md/raid5: use bad-block log to improve handling of uncorrectable read errors. md/raid5: avoid reading from known bad blocks. ...
-
git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound-2.6Linus Torvalds authored
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound-2.6: sound: oss: rename local change_bits to avoid powerpc bitsops.h definition ALSA: hda - Fix duplicated DAC assignments for Realtek ALSA: asihpi - off by one in asihpi_hpi_ioctl() ALSA: hda - Fix Oops with Realtek quirks with NULL adc_nids ALSA: asihpi - bug fix pa use before init. ALSA: hda - Add support for vref-out based mute LED control on IDT codecs
-
David S. Miller authored
A small modification was necessary since in the machine description for 'n2cp' and 'ncp' nodes, there no longer is an 'intr' property. That's OK because this property was always nothing more than an array of integers '1' ... 'nr_inos + 1' so we can just compute it in-place. Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
And stop referring to Victoria Falls, as the attribute we're talking about is whether the rng is multi-unit capable which applies to several chip variants now. Signed-off-by: David S. Miller <davem@davemloft.net>
-
Matt Carlson authored
The A0 revision of this chip is the only device that requires these features to be disabled. Signed-off-by: Matt Carlson <mcarlson@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Matt Carlson authored
The 5719 has bug where RDMAs larger than 4k can cause problems. This patch works around the problem by dividing larger DMA requests into something the hardware can handle. Signed-off-by: Matt Carlson <mcarlson@broadcom.com> Reviewed-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Matt Carlson authored
As the driver breaks large skb fragments into smaller submissions to the hardware, there is a new danger that BDs might get exhausted before all fragments have been mapped. This patch adds code to make sure tx BDs aren't oversubscribed and flag the condition if it happens. Signed-off-by: Matt Carlson <mcarlson@broadcom.com> Reviewed-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Matt Carlson authored
This patch consolidates all code that populates tx BDs into a single routine. Setting tx BDs needs to be more carefully controlled to see if workarounds need to be applied. Signed-off-by: Matt Carlson <mcarlson@broadcom.com> Reviewed-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Matt Carlson authored
The following patches are going to break skb fragments into smaller sizes. This patch attempts to make the change easier to digest by only addressing the skb teardown portion. The patch modifies the driver to skip over any BDs that have a flag set that indicates the BD isn't the beginning of an skb fragment. Such BDs were a result of segmentation and do not need a pci_unmap_page() call. Signed-off-by: Matt Carlson <mcarlson@broadcom.com> Reviewed-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Matt Carlson authored
In the following patches, unmapping skb fragments will get just as complicated as mapping them. This patch generalizes tg3_skb_error_unmap() and makes it the one-stop-shop for skb unmapping. Signed-off-by: Matt Carlson <mcarlson@broadcom.com> Reviewed-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Matt Carlson authored
The first fragment of an skb should always be greater than 8 bytes. Signed-off-by: Matt Carlson <mcarlson@broadcom.com> Reviewed-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Matt Carlson authored
In the following patches, the process the driver will use to assign skb fragments to transmit BDs will get more complicated. To prepare for that new code, this patch seeks to simplify how transmit BDs are populated. It does this by separating the code that assigns the BD members from the logic that controls how the fields are set. Signed-off-by: Matt Carlson <mcarlson@broadcom.com> Reviewed-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Matt Carlson authored
The following patches will require the use of an additional flag in the ring_info structure. The use of this flag is tx path specific, so this patch defines a specialized ring_info structure. Signed-off-by: Matt Carlson <mcarlson@broadcom.com> Reviewed-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Marek Vasut authored
The AX88772B uses only 11 bits of the header for the actual size. The other bits are used for something else. This causes dmesg full of messages: asix_rx_fixup() Bad Header Length This patch trims the check to only 11 bits. I believe on older chips, the remaining 5 top bits are unused. Signed-off-by: Marek Vasut <marek.vasut@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Marek Vasut authored
Signed-off-by: Marek Vasut <marek.vasut@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Chris Clayton authored
Try to send to correct address this time! ---------- Forwarded Message ---------- Subject: [PATCH] Fix cdc-phonet build Date: Saturday 23 Jul 2011 From: Chris Clayton <chris2553@googlemail.com> To: linux-net@vger.kernel.org cdc-phonet does not presently build on linux-3.0 because there is no entry for it in drivers/net/Makefile. This patch adds that entry. Signed-off-by: Chris Clayton <chris2553@googlemail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Andy Gospodarek authored
On Tue, Jul 26, 2011 at 05:40:27PM -0700, Joe Perches wrote: > On Tue, 2011-07-26 at 17:37 -0700, Jay Vosburgh wrote: > > Joe Perches <joe@perches.com> wrote: > > >I'd prefer you don't separate the format string > > >into multiple pieces. > > Why not? To me, it looks easier to read split into sections > > that don't wrap lines. > > Harder to grep for a dmesg and the > defect rate of these split formats is > typically higher than single strings > because of bad spacing between string > segments. > I noticed that you took some time back in late 2009 to 'consolidate' the split format-strings present in the bonding driver at the time and I've decided I'm fine to leave them the way they are. The main point of my patch was to change the output and I would like to get that included. Here is my updated patch... Subject: [PATCH net-next-2.6 v2] bonding: reduce noise during init Many are using sysfs to configure bonding rather than module options, so there is no need for bonding to throw this warning in normal cases. Keep the message around when debugging is enabled as it might be useful for someone desperate enough to enable debugging, but eliminate it otherwise. Signed-off-by: Andy Gospodarek <andy@greyhouse.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Andy Gospodarek authored
When a bond contains a device where one name is the subset of another (eth1 and eth10, for example), one cannot properly set the primary device or the currently active device. This was reported and based on work by Takuma Umeya. I also verified the problem and tested that this fix resolves it. V2: A few did not like the the current code or my changes, so I refactored bonding_store_primary and bonding_store_active_slave to be a bit cleaner, dropped the use of strnicmp since we did not really need the comparison to be case insensitive, and formatted the input string from sysfs so a comparison to IFNAMSIZ could be used. I also discovered an error in bonding_store_active_slave that would modify bond->primary_slave rather than bond->curr_active_slave before forcing the bonding driver to choose a new active slave. V3: Actually sending the proper patch.... Signed-off-by: Andy Gospodarek <andy@greyhouse.net> Reported-by: Takuma Umeya <tumeya@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Neil Horman authored
After the last patch, We are left in a state in which only drivers calling ether_setup have IFF_TX_SKB_SHARING set (we assume that drivers touching real hardware call ether_setup for their net_devices and don't hold any state in their skbs. There are a handful of drivers that violate this assumption of course, and need to be fixed up. This patch identifies those drivers, and marks them as not being able to support the safe transmission of skbs by clearning the IFF_TX_SKB_SHARING flag in priv_flags Signed-off-by: Neil Horman <nhorman@tuxdriver.com> CC: Karsten Keil <isdn@linux-pingi.de> CC: "David S. Miller" <davem@davemloft.net> CC: Jay Vosburgh <fubar@us.ibm.com> CC: Andy Gospodarek <andy@greyhouse.net> CC: Patrick McHardy <kaber@trash.net> CC: Krzysztof Halasa <khc@pm.waw.pl> CC: "John W. Linville" <linville@tuxdriver.com> CC: Greg Kroah-Hartman <gregkh@suse.de> CC: Marcel Holtmann <marcel@holtmann.org> CC: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Neil Horman authored
Pktgen attempts to transmit shared skbs to net devices, which can't be used by some drivers as they keep state information in skbs. This patch adds a flag marking drivers as being able to handle shared skbs in their tx path. Drivers are defaulted to being unable to do so, but calling ether_setup enables this flag, as 90% of the drivers calling ether_setup touch real hardware and can handle shared skbs. A subsequent patch will audit drivers to ensure that the flag is set properly Signed-off-by: Neil Horman <nhorman@tuxdriver.com> Reported-by: Jiri Pirko <jpirko@redhat.com> CC: Robert Olsson <robert.olsson@its.uu.se> CC: Eric Dumazet <eric.dumazet@gmail.com> CC: Alexey Dobriyan <adobriyan@gmail.com> CC: David S. Miller <davem@davemloft.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Eric Dumazet authored
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> CC: Anton Blanchard <anton@samba.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jiri Pirko authored
For some reason, when rxaccel is disabled, NV_RX3_VLAN_TAG_PRESENT is still set and some pseudorandom vids appear. So check for NETIF_F_HW_VLAN_RX as well. Also set correctly hw_features and set vlan mode on probe. Signed-off-by: Jiri Pirko <jpirko@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Sebastian Pöhn authored
commit 87c288c6 "gianfar: do vlan cleanup" has two issues: # permutation of rx and tx flags # enabling vlan tag insertion by default (this leads to unusable connections on some configurations) If VLAN insertion is requested (via ethtool) it will be set at an other point ... Signed-off-by: Sebastian Poehn <sebastian.poehn@belden.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
Merge branch 'for-davem' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6
-
David S. Miller authored
The cpu compatible string we look for is "SPARC-T3". As far as memset/memcpy optimizations go, we treat this chip the same as Niagara-T2/T2+. Use cache initializing stores for memset, and use perfetch, FPU block loads, cache initializing stores, and block stores for copies. We use the Niagara-T2 perf support, since T3 is a close relative in this regard. Later we'll add support for the new events T3 can report, plus enable T3's new "sample" mode. For now I haven't added any new ELF hwcap flags. We probably need to add a couple, for example: T2 and T3 both support the population count instruction in hardware. T3 supports VIS3 instructions, including support (finally) for partitioned shift. One can also now move directly between float and integer registers. T3 supports instructions meant to help with Galois Field and other HPC calculations, such as XOR multiply. Also there are "OP and negate" instructions, for example "fnmul" which is multiply-and-negate. T3 recognizes the transactional memory opcodes, however since transactional memory isn't supported: 1) 'commit' behaves as a NOP and 2) 'chkpt' always branches 3) 'rdcps' returns all zeros and 4) 'wrcps' behaves as a NOP. So we'll need about 3 new elf capability flags in the end to represent all of these things. Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
The hypervisor call is only necessary if hypervisor events are being requested. So if we're not tracking hypervisor events, simply do a direct register write. Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
Otherwise we'll crash in the sparc perf init code. Signed-off-by: David S. Miller <davem@davemloft.net>
-
Linus Torvalds authored
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6 * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: (54 commits) tpm_nsc: Fix bug when loading multiple TPM drivers tpm: Move tpm_tis_reenable_interrupts out of CONFIG_PNP block tpm: Fix compilation warning when CONFIG_PNP is not defined TOMOYO: Update kernel-doc. tpm: Fix a typo tpm_tis: Probing function for Intel iTPM bug tpm_tis: Fix the probing for interrupts tpm_tis: Delay ACPI S3 suspend while the TPM is busy tpm_tis: Re-enable interrupts upon (S3) resume tpm: Fix display of data in pubek sysfs entry tpm_tis: Add timeouts sysfs entry tpm: Adjust interface timeouts if they are too small tpm: Use interface timeouts returned from the TPM tpm_tis: Introduce durations sysfs entry tpm: Adjust the durations if they are too small tpm: Use durations returned from TPM TOMOYO: Enable conditional ACL. TOMOYO: Allow using argv[]/envp[] of execve() as conditions. TOMOYO: Allow using executable's realpath and symlink's target as conditions. TOMOYO: Allow using owner/group etc. of file objects as conditions. ... Fix up trivial conflict in security/tomoyo/realpath.c
-
NeilBrown authored
If we find more read/write errors we should record a bad block before failing the device. Signed-off-by: NeilBrown <neilb@suse.de>
-