1. 15 May, 2011 27 commits
  2. 14 May, 2011 2 commits
  3. 13 May, 2011 11 commits
    • David S. Miller's avatar
      ipv4: Remove rt->rt_dst reference from ip_forward_options(). · 7be799a7
      David S. Miller authored
      At this point iph->daddr equals what rt->rt_dst would hold.
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      7be799a7
    • David S. Miller's avatar
      ipv4: Remove route key identity dependencies in ip_rt_get_source(). · 8e36360a
      David S. Miller authored
      Pass in the sk_buff so that we can fetch the necessary keys from
      the packet header when working with input routes.
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      8e36360a
    • David S. Miller's avatar
      ipv4: Always call ip_options_build() after rest of IP header is filled in. · 22f728f8
      David S. Miller authored
      This will allow ip_options_build() to reliably look at the values of
      iph->{daddr,saddr}
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      22f728f8
    • David S. Miller's avatar
      ipv4: Kill spurious write to iph->daddr in ip_forward_options(). · 0374d9ce
      David S. Miller authored
      This code block executes when opt->srr_is_hit is set.  It will be
      set only by ip_options_rcv_srr().
      
      ip_options_rcv_srr() walks until it hits a matching nexthop in the SRR
      option addresses, and when it matches one 1) looks up the route for
      that nexthop and 2) on route lookup success it writes that nexthop
      value into iph->daddr.
      
      ip_forward_options() runs later, and again walks the SRR option
      addresses looking for the option matching the destination of the route
      stored in skb_rtable().  This route will be the same exact one looked
      up for the nexthop by ip_options_rcv_srr().
      
      Therefore "rt->rt_dst == iph->daddr" must be true.
      
      All it really needs to do is record the route's source address in the
      matching SRR option adddress.  It need not write iph->daddr again,
      since that has already been done by ip_options_rcv_srr() as detailed
      above.
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      0374d9ce
    • Alexey Dobriyan's avatar
      olympic: convert to seq_file · 48e20467
      Alexey Dobriyan authored
      ->read_proc interface is going away, switch to seq_file.
      Signed-off-by: default avatarAlexey Dobriyan <adobriyan@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      48e20467
    • Peter Pan(潘卫平)'s avatar
      net:set valid name before calling ndo_init() · 0696c3a8
      Peter Pan(潘卫平) authored
      In commit 1c5cae81 (net: call dev_alloc_name from register_netdevice),
      a bug of bonding was involved, see example 1 and 2.
      
      In register_netdevice(), the name of net_device is not valid until
      dev_get_valid_name() is called. But dev->netdev_ops->ndo_init(that is
      bond_init) is called before dev_get_valid_name(),
      and it uses the invalid name of net_device.
      
      I think register_netdevice() should make sure that the name of net_device is
      valid before calling ndo_init().
      
      example 1:
      modprobe bonding
      ls  /proc/net/bonding/bond%d
      
      ps -eLf
      root      3398     2  3398  0    1 21:34 ?        00:00:00 [bond%d]
      
      example 2:
      modprobe bonding max_bonds=3
      
      [  170.100292] bonding: Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
      [  170.101090] bonding: Warning: either miimon or arp_interval and arp_ip_target module parameters must be specified, otherwise bonding will not detect link failures! see bonding.txt for details.
      [  170.102469] ------------[ cut here ]------------
      [  170.103150] WARNING: at /home/pwp/net-next-2.6/fs/proc/generic.c:586 proc_register+0x126/0x157()
      [  170.104075] Hardware name: VirtualBox
      [  170.105065] proc_dir_entry 'bonding/bond%d' already registered
      [  170.105613] Modules linked in: bonding(+) sunrpc ipv6 uinput microcode ppdev parport_pc parport joydev e1000 pcspkr i2c_piix4 i2c_core [last unloaded: bonding]
      [  170.108397] Pid: 3457, comm: modprobe Not tainted 2.6.39-rc2+ #14
      [  170.108935] Call Trace:
      [  170.109382]  [<c0438f3b>] warn_slowpath_common+0x6a/0x7f
      [  170.109911]  [<c051a42a>] ? proc_register+0x126/0x157
      [  170.110329]  [<c0438fc3>] warn_slowpath_fmt+0x2b/0x2f
      [  170.110846]  [<c051a42a>] proc_register+0x126/0x157
      [  170.111870]  [<c051a4dd>] proc_create_data+0x82/0x98
      [  170.112335]  [<f94e6af6>] bond_create_proc_entry+0x3f/0x73 [bonding]
      [  170.112905]  [<f94dd806>] bond_init+0x77/0xa5 [bonding]
      [  170.113319]  [<c0721ac6>] register_netdevice+0x8c/0x1d3
      [  170.113848]  [<f94e0e30>] bond_create+0x6c/0x90 [bonding]
      [  170.114322]  [<f94f4763>] bonding_init+0x763/0x7b1 [bonding]
      [  170.114879]  [<c0401240>] do_one_initcall+0x76/0x122
      [  170.115317]  [<f94f4000>] ? 0xf94f3fff
      [  170.115799]  [<c0463f1e>] sys_init_module+0x1286/0x140d
      [  170.116879]  [<c07c6d9f>] sysenter_do_call+0x12/0x28
      [  170.117404] ---[ end trace 64e4fac3ae5fff1a ]---
      [  170.117924] bond%d: Warning: failed to register to debugfs
      [  170.128728] ------------[ cut here ]------------
      [  170.129360] WARNING: at /home/pwp/net-next-2.6/fs/proc/generic.c:586 proc_register+0x126/0x157()
      [  170.130323] Hardware name: VirtualBox
      [  170.130797] proc_dir_entry 'bonding/bond%d' already registered
      [  170.131315] Modules linked in: bonding(+) sunrpc ipv6 uinput microcode ppdev parport_pc parport joydev e1000 pcspkr i2c_piix4 i2c_core [last unloaded: bonding]
      [  170.133731] Pid: 3457, comm: modprobe Tainted: G        W   2.6.39-rc2+ #14
      [  170.134308] Call Trace:
      [  170.134743]  [<c0438f3b>] warn_slowpath_common+0x6a/0x7f
      [  170.135305]  [<c051a42a>] ? proc_register+0x126/0x157
      [  170.135820]  [<c0438fc3>] warn_slowpath_fmt+0x2b/0x2f
      [  170.137168]  [<c051a42a>] proc_register+0x126/0x157
      [  170.137700]  [<c051a4dd>] proc_create_data+0x82/0x98
      [  170.138174]  [<f94e6af6>] bond_create_proc_entry+0x3f/0x73 [bonding]
      [  170.138745]  [<f94dd806>] bond_init+0x77/0xa5 [bonding]
      [  170.139278]  [<c0721ac6>] register_netdevice+0x8c/0x1d3
      [  170.139828]  [<f94e0e30>] bond_create+0x6c/0x90 [bonding]
      [  170.140361]  [<f94f4763>] bonding_init+0x763/0x7b1 [bonding]
      [  170.140927]  [<c0401240>] do_one_initcall+0x76/0x122
      [  170.141494]  [<f94f4000>] ? 0xf94f3fff
      [  170.141975]  [<c0463f1e>] sys_init_module+0x1286/0x140d
      [  170.142463]  [<c07c6d9f>] sysenter_do_call+0x12/0x28
      [  170.142974] ---[ end trace 64e4fac3ae5fff1b ]---
      [  170.144949] bond%d: Warning: failed to register to debugfs
      Signed-off-by: default avatarWeiping Pan <panweiping3@gmail.com>
      Reviewed-by: default avatarJiri Pirko <jpirko@redhat.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      0696c3a8
    • Giuseppe CAVALLARO's avatar
      stmmac: fix autoneg in set_pauseparam · 64c7f304
      Giuseppe CAVALLARO authored
      This patch fixes a bug in the set_pauseparam
      function that didn't well manage the ANE
      field and returned broken values when use
      ethtool -A|-a.
      Signed-off-by: default avatarGiuseppe Cavallaro <peppe.cavallaro@st.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      64c7f304
    • David Decotigny's avatar
      stmmac: don't go through ethtool to start auto-negotiation · 1334cb60
      David Decotigny authored
      The driver used to call phy's ethtool configuration routine to start
      auto-negotiation. This change has it call directly phy's routine to
      start auto-negotiation.
      
      The initial version was hiding phy_start_aneg() return value,
      this patch returns it (<0 upon error).
      
      Tested: module compiles, tested on STM HDK7108 STB.
      Signed-off-by: default avatarDavid Decotigny <decot@google.com>
      Signed-off-by: default avatarGiuseppe Cavallaro <peppe.cavallaro@st.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      1334cb60
    • Julia Lawall's avatar
      drivers/isdn/hisax: Drop unused list · 5310cbce
      Julia Lawall authored
      The file st5481_init.c locally defines and initializes the adapter_list
      variable, but does not use it for anything.  Removing the list makes it
      possible to remove the list field from the st5481_adapter data structure.
      In the function probe_st5481, it also makes it possible to free the locally
      allocated adapter value on an error exit.
      Signed-off-by: default avatarJulia Lawall <julia@diku.dk>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      5310cbce
    • Vasiliy Kulikov's avatar
      net: ipv4: add IPPROTO_ICMP socket kind · c319b4d7
      Vasiliy Kulikov authored
      This patch adds IPPROTO_ICMP socket kind.  It makes it possible to send
      ICMP_ECHO messages and receive the corresponding ICMP_ECHOREPLY messages
      without any special privileges.  In other words, the patch makes it
      possible to implement setuid-less and CAP_NET_RAW-less /bin/ping.  In
      order not to increase the kernel's attack surface, the new functionality
      is disabled by default, but is enabled at bootup by supporting Linux
      distributions, optionally with restriction to a group or a group range
      (see below).
      
      Similar functionality is implemented in Mac OS X:
      http://www.manpagez.com/man/4/icmp/
      
      A new ping socket is created with
      
          socket(PF_INET, SOCK_DGRAM, PROT_ICMP)
      
      Message identifiers (octets 4-5 of ICMP header) are interpreted as local
      ports. Addresses are stored in struct sockaddr_in. No port numbers are
      reserved for privileged processes, port 0 is reserved for API ("let the
      kernel pick a free number"). There is no notion of remote ports, remote
      port numbers provided by the user (e.g. in connect()) are ignored.
      
      Data sent and received include ICMP headers. This is deliberate to:
      1) Avoid the need to transport headers values like sequence numbers by
      other means.
      2) Make it easier to port existing programs using raw sockets.
      
      ICMP headers given to send() are checked and sanitized. The type must be
      ICMP_ECHO and the code must be zero (future extensions might relax this,
      see below). The id is set to the number (local port) of the socket, the
      checksum is always recomputed.
      
      ICMP reply packets received from the network are demultiplexed according
      to their id's, and are returned by recv() without any modifications.
      IP header information and ICMP errors of those packets may be obtained
      via ancillary data (IP_RECVTTL, IP_RETOPTS, and IP_RECVERR). ICMP source
      quenches and redirects are reported as fake errors via the error queue
      (IP_RECVERR); the next hop address for redirects is saved to ee_info (in
      network order).
      
      socket(2) is restricted to the group range specified in
      "/proc/sys/net/ipv4/ping_group_range".  It is "1 0" by default, meaning
      that nobody (not even root) may create ping sockets.  Setting it to "100
      100" would grant permissions to the single group (to either make
      /sbin/ping g+s and owned by this group or to grant permissions to the
      "netadmins" group), "0 4294967295" would enable it for the world, "100
      4294967295" would enable it for the users, but not daemons.
      
      The existing code might be (in the unlikely case anyone needs it)
      extended rather easily to handle other similar pairs of ICMP messages
      (Timestamp/Reply, Information Request/Reply, Address Mask Request/Reply
      etc.).
      
      Userspace ping util & patch for it:
      http://openwall.info/wiki/people/segoon/ping
      
      For Openwall GNU/*/Linux it was the last step on the road to the
      setuid-less distro.  A revision of this patch (for RHEL5/OpenVZ kernels)
      is in use in Owl-current, such as in the 2011/03/12 LiveCD ISOs:
      http://mirrors.kernel.org/openwall/Owl/current/iso/
      
      Initially this functionality was written by Pavel Kankovsky for
      Linux 2.4.32, but unfortunately it was never made public.
      
      All ping options (-b, -p, -Q, -R, -s, -t, -T, -M, -I), are tested with
      the patch.
      
      PATCH v3:
          - switched to flowi4.
          - minor changes to be consistent with raw sockets code.
      
      PATCH v2:
          - changed ping_debug() to pr_debug().
          - removed CONFIG_IP_PING.
          - removed ping_seq_fops.owner field (unused for procfs).
          - switched to proc_net_fops_create().
          - switched to %pK in seq_printf().
      
      PATCH v1:
          - fixed checksumming bug.
          - CAP_NET_RAW may not create icmp sockets anymore.
      
      RFC v2:
          - minor cleanups.
          - introduced sysctl'able group range to restrict socket(2).
      Signed-off-by: default avatarVasiliy Kulikov <segoon@openwall.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      c319b4d7
    • KOSAKI Motohiro's avatar
      f2019030