aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2007-07-10[NETFILTER]: {ip, nf}_conntrack_sctp: fix remotely triggerable NULL ptr ↵Patrick McHardy
dereference (CVE-2007-2876) When creating a new connection by sending an unknown chunk type, we don't transition to a valid state, causing a NULL pointer dereference in sctp_packet when accessing sctp_timeouts[SCTP_CONNTRACK_NONE]. Fix by don't creating new conntrack entry if initial state is invalid. Noticed by Vilmos Nebehaj <vilmos.nebehaj@ramsys.hu> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> Signed-off-by: Chris Wright <chrisw@sous-sol.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[NET]: Make all initialized struct seq_operations const.Philippe De Muyter
Make all initialized struct seq_operations in net/ const Signed-off-by: Philippe De Muyter <phdm@macqel.be> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[UDP]: Fix length check.Patrick McHardy
Rémi Denis-Courmont wrote: > Right. By the way, shouldn't "len" rather be signed in there? > > unsigned int len; > > /* if we're overly short, let UDP handle it */ > len = skb->len - sizeof(struct udphdr); > if (len <= 0) > goto udp; It should, but the < 0 case can't happen since __udp4_lib_rcv already makes sure that we have at least a complete UDP header. Anyways, this patch fixes it. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[IPV6]: Remove unneeded pointer idev from addrconf_cleanup().Micah Gruber
This trivial patch removes the unneeded pointer idev returned from __in6_dev_get(), which is never used. The check for NULL can be simply done by if (__in6_dev_get(dev) == NULL). Signed-off-by: Micah Gruber <micah.gruber@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[DECNET]: Another unnecessary net/tcp.h inclusion in net/dn.hIlpo Järvinen
No longer needed. Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[IPV6]: Make IPV6_{RECV,2292}RTHDR boolean options.YOSHIFUJI Hideaki
Because reversing RH0 is no longer supported by deprecation of RH0, let's make IPV6_{RECV,2292}RTHDR boolean options. Boolean are more appropriate from standard POV. Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[IPV6]: Do not send RH0 anymore.YOSHIFUJI Hideaki
Based on <draft-ietf-ipv6-deprecate-rh0-00.txt>. Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[IPV6]: Restore semantics of Routing Header processing.YOSHIFUJI Hideaki
The "fix" for emerging security threat was overkill and it broke basic semantic of IPv6 routing header processing. We should assume RT0 (or even RT2, depends on configuration) as "unknown" RH type so that we - silently ignore the routing header if segleft == 0 - send ICMPv6 Parameter Problem message back to the sender, otherwise. Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[NET_SCHED]: Make HTB scheduler work with TSO.Ranjit Manomohan
Currently the HTB scheduler does not correctly account for TSO packets which causes large inaccuracies in the bandwidth control when using TSO. This patch allows the HTB scheduler to work with TSO enabled devices. Signed-off-by: Ranjit Manomohan <ranjitm@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[NET]: Update comments for skb checksumsHerbert Xu
Rusty (whose comments we should all study and emulate :) pointed out that our comments for skb checksums are no longer up-to-date. So here is a patch to 1) add the case of partial checksums on input; 2) update partial checksum case to mention csum_start/csum_offset; 3) mention the new IPv6 feature bit. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[NET]: Avoid copying writable clones in tunnel driversPatrick McHardy
Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[IPV4]: Make ip_tos2prio const.Philippe De Muyter
Signed-off-by: Philippe De Muyter <phdm@macqel.be> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[NET]: Fix gen_estimator timer removal racePatrick McHardy
As noticed by Jarek Poplawski <jarkao2@o2.pl>, the timer removal in gen_kill_estimator races with the timer function rearming the timer. Check whether the timer list is empty before rearming the timer in the timer function to fix this. Signed-off-by: Patrick McHardy <kaber@trash.net> Acked-by: Jarek Poplawski <jarkao2@o2.pl> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[NETPOLL]: Fix a leak-n-bug in netpoll_cleanup()Satyam Sharma
93ec2c723e3f8a216dde2899aeb85c648672bc6b applied excessive duct tape to the netpoll beast's netpoll_cleanup(), thus substituting one leak with another, and opening up a little buglet :-) net_device->npinfo (netpoll_info) is a shared and refcounted object and cannot simply be set NULL the first time netpoll_cleanup() is called. Otherwise, further netpoll_cleanup()'s see np->dev->npinfo == NULL and become no-ops, thus leaking. And it's a bug too: the first call to netpoll_cleanup() would thus (annoyingly) "disable" other (still alive) netpolls too. Maybe nobody noticed this because netconsole (only user of netpoll) never supported multiple netpoll objects earlier. This is a trivial and obvious one-line fixlet. Signed-off-by: Satyam Sharma <ssatyam@cse.iitk.ac.in> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[RXRPC]: Remove Makefile reference to obsolete RXRPC config variableRobert P. J. Day
Since there is no Kconfig variable RXRPC anywhere in the tree, and the variable AF_RXRPC performs exactly the same function, remove the reference to CONFIG_RXRPC from net/Makefile. Signed-off-by: Robert P. J. Day <rpjday@mindspring.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[NETFILTER] net/ipv4/netfilter/ip_tables.c: lower printk severityDan Aloni
Signed-off-by: Dan Aloni <da-x@monatomic.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[DCCP]: Make struct dccp_li_cachep static.Adrian Bunk
Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[IRDA]: use mutex instead of semaphore in VLSI 82C147 IrDA controller driverMatthias Kaehlcke
The VLSI 82C147 IrDA controller driver uses a semaphore as mutex. Use the mutex API instead of the (binary) semaphore. Signed-off-by: Matthias Kaehlcke <matthias.kaehlcke@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[NET]: "wrong timeout value in sk_wait_data()": cleanupsAndrew Morton
- save 4 bytes - it's read-mostly. Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Acked-by: Vasily Averin <vvs@sw.ru> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[NET]: Make some network-related proc files use seq_list_xxx helpersPavel Emelianov
This includes /proc/net/protocols, /proc/net/rxrpc_calls and /proc/net/rxrpc_connections files. All three need seq_list_start_head to show some header. Signed-off-by: Pavel Emelianov <xemul@openvz.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[ATM] br2684: Use seq_list_xxx helpersPavel Emelianov
The .show callback receives the list_head pointer now, not the struct br2684_dev one. Signed-off-by: Pavel Emelianov <xemul@openvz.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[NET]: netdevice mtu assumptions documentationStephen Hemminger
Document the expectations about device MTU handling. The documentation about oversize packet handling is probably too loose. IMHO devices should drop oversize packets for robustness, but many devices allow it now. For example, if you set mtu to 1200 bytes, most ether devices will allow a 1500 byte frame in. Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[NET]: netdevice locking assumptions documentationStephen Hemminger
Update the documentation about locking assumptions. Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[BNX2]: Seems to not need net/tcp.hIlpo Järvinen
Got bored to always recompile it for no reason. Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[BNX2]: Update version to 1.6.2.Michael Chan
Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[BNX2]: Print management firmware version.Michael Chan
Add management firmware version for ethtool -i. Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[BNX2]: Enhance the heartbeat.Michael Chan
In addition to the periodic heartbeat, we're adding a heartbeat request interrupt when the heartbeat is late. This is needed during netpoll where the timer is not available. -rt kernels will also benefit since the timer is not as accurate. [ We discussed this patch last time and we decided that the -rt kernel problem alone did not justify this patch. I think the netpoll problem makes this patch necessary. ] Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[BNX2]: Reduce spurious INTA interrupts.Michael Chan
Spurious interrupts are often encountered especially on systems using the 8259 PIC mode. This is because the I/O write to deassert the interrupt is posted and won't get to the chip immediately. As a result, the IRQ may remain asserted after the IRQ handler exits, causing spurious interrupts. Add read back to flush the I/O write to deassert the IRQ immediately. We also store the last_status_idx immediately in the IRQ handler to help detect whether the interrupt is ours or not when the IRQ is entered again before ->poll gets called. Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[BNX2]: Modify link up message.Michael Chan
Modify the link up dmesg to report remote copper or Serdes link. Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[BNX2]: Add ethtool support for remote PHY.Michael Chan
Modify the driver's ethtool_ops->get_settings and set_settings functions to support remote PHY. Users control the remote copper PHY settings by specifying link settings for the tp (twisted pair) port. The nway_reset function is also modified to support remote PHY. mii-tool operations are not supported on remote PHY and we will return -EOPNOTSUPP. Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[BNX2]: Add support for remote PHY.Michael Chan
In blade servers, the Serdes PHY in 5708S can control the remote copper PHY through autonegotiation on the backplane. This patch adds the logic to interface with the firmware to control the remote PHY autonegotiation and to handle remote PHY link events. When remote PHY is present, the 5708S Serdes device practically becomes a copper device with full control over the 1000Base-T link settings. Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[BNX2]: Add remote PHY bit definitions.Michael Chan
Add new fields in struct bnx2 and other bit definitions in shared memory to support remote PHY. Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[BNX2]: Add bnx2_set_default_link().Michael Chan
Put existing code to setup the default link settings in this new function. This makes it easier to support the remote PHY feature in the next few patches. Also change ETHTOOL_ALL_FIBRE_SPEED to include 2500Mbps if supported. Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[NETFILTER]: x_tables: add more detail to error message about match/target ↵Balazs Scheidler
mask mismatch Signed-off-by: Balazs Scheidler <bazsi@balabit.hu> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[NETFILTER]: nf_queue: Use RCU and mutex for queue handlersYasuyuki Kozakai
Queue handlers are registered/unregistered in only process context. Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[NETFILTER]: nfnetlink_queue: don't unregister handler of other subsystemYasuyuki Kozakai
The queue handlers registered by ip[6]_queue.ko at initialization should not be unregistered according to requests from userland program using nfnetlink_queue. If we allow that, there is no way to register the handlers of built-in ip[6]_queue again. Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[NETFILTER]: Convert DEBUGP to pr_debugPatrick McHardy
Convert DEBUGP to pr_debug and fix lots of non-compiling debug statements. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[NETFILTER]: xt_helper: use RCUPatrick McHardy
The ->helper pointer is protected by RCU, no need to take nf_conntrack_lock. Also remove excessive debugging. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[NETFILTER]: nf_conntrack_h323: turn some printks into DEBUGPsPatrick McHardy
Don't spam the ringbuffer with decoding errors. The only printks remaining are for dropped packets when we're certain they are H.323. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[NETFILTER]: ipt_CLUSTERIP: add compat codePatrick McHardy
Adjust structure size and don't expect pointers passed in from userspace to be valid. Also replace an enum in an ABI structure by a fixed size type. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[NETFILTER]: ipt_SAME: add to feature-removal-schedulePatrick McHardy
Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[NETFILTER]: nf_conntrack: early_drop improvementPatrick McHardy
When the maximum number of conntrack entries is reached and a new one needs to be allocated, conntrack tries to drop an unassured connection from the same hash bucket the new conntrack would hash to. Since with a properly sized hash the average number of entries per bucket is 1, the chances of actually finding one are not very good. This patch makes it walk the hash until a minimum number of 8 entries are checked. Based on patch by Vasily Averin <vvs@sw.ru>. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[NETFILTER]: nf_conntrack: mark helpers __read_mostlyPatrick McHardy
Most are __read_mostly already, this changes the remaining ones. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[NETFILTER]: nf_conntrack_helper: use hashtable for conntrack helpersPatrick McHardy
Eliminate the last global list searched for every new connection. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[NETFILTER]: nf_conntrack_expect: introduce nf_conntrack_expect_max sysctPatrick McHardy
As a last step of preventing DoS by creating lots of expectations, this patch introduces a global maximum and a sysctl to control it. The default is initialized to 4 * the expectation hash table size, which results in 1/64 of the default maxmimum of conntracks. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[NETFILTER]: nf_conntrack_expect: maintain per conntrack expectation listPatrick McHardy
This patch brings back the per-conntrack expectation list that was removed around 2.6.10 to avoid walking all expectations on expectation eviction and conntrack destruction. As these were the last users of the global expectation list, this patch also kills that. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[NETFILTER]: nf_conntrack_helper/nf_conntrack_netlink: convert to ↵Patrick McHardy
expectation hash Convert from the global expectation list to the hash table. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[NETFILTER]: nf_conntrack_expect: convert proc functions to hashPatrick McHardy
Convert from the global expectation list to the hash table. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[NETFILTER]: nf_conntrack: use hashtable for expectationsPatrick McHardy
Currently all expectations are kept on a global list that - needs to be searched for every new conncetion - needs to be walked for evicting expectations when a master connection has reached its limit - needs to be walked on connection destruction for connections that have open expectations This is obviously not good, especially when considering helpers like H.323 that register *lots* of expectations and can set up permanent expectations, but it also allows for an easy DoS against firewalls using connection tracking helpers. Use a hashtable for expectations to avoid incurring the search overhead for every new connection. The default hash size is 1/256 of the conntrack hash table size, this can be overriden using a module parameter. This patch only introduces the hash table for expectation lookups and keeps other users to reduce the noise, the following patches will get rid of it completely. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-10[NETFILTER]: nf_conntrack: move expectaton related init code to ↵Patrick McHardy
nf_conntrack_expect.c Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>