nr_destroy_socket takes the socket lock itself so it should better be
called with the socket unlocked.
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
When establishing a new circuit in nr_rx_frame the locks are taken in
a different order than in the rest of the stack. This should be
harmless but triggers lockdep. Either way, reordering the code a
little solves the issue.
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Delivery of AX.25 frame to the layer 3 protocols happens in softirq
context so locking needs to be bh-proof.
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
If IPv6 addresses are ordered by scope, then ipv6_dev_get_saddr() can
break-out of the device addr_list for() loop when the candidate source
address scope is less than the destination address scope.
Signed-off-by: Brian Haley <brian.haley@hp.com>
Acked-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
No actual bugs that I can see just a couple of unmarked casts
getting annoying in my debug log files.
Signed-off-by: Alan Cox <alan@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This reverts: f890f92104
The inclusion of TCP Compound needs to be reverted at this time
because it is not 100% certain that this code conforms to the
requirements of Developer's Certificate of Origin 1.1 paragraph (b).
Signed-off-by: David S. Miller <davem@davemloft.net>
The variable peer_total is protected by a lock. The volatile marker
makes no sense. This shaves off 20 bytes on i386.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
This volatile makes no sense - not even wearing pink shades ...
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
This patch fixes the following compile error with CONFIG_PROC_FS=n by
reverting commit dcdb02752f:
<-- snip -->
...
CC net/atm/clip.o
net/atm/clip.c: In function ‘atm_clip_init’:
net/atm/clip.c:975: error: ‘atm_proc_root’ undeclared (first use in this function)
net/atm/clip.c:975: error: (Each undeclared identifier is reported only once
net/atm/clip.c:975: error: for each function it appears in.)
net/atm/clip.c:977: error: ‘arp_seq_fops’ undeclared (first use in this function)
make[2]: *** [net/atm/clip.o] Error 1
<-- snip -->
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
Module reference needs to be given back if message header
construction fails.
Signed-off-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
When more rules are present than fit in a single skb, the remaining
rules are incorrectly skipped.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Certain subsystems in the stack (e.g., netfilter) can break the partial
checksum on GSO packets. Until they're fixed, this patch allows this to
work by recomputing the partial checksums through the GSO mechanism.
Once they've all been converted to update the partial checksum instead of
clearing it, this workaround can be removed.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
This patch adds the wrapper function skb_is_gso which can be used instead
of directly testing skb_shinfo(skb)->gso_size. This makes things a little
nicer and allows us to change the primary key for indicating whether an skb
is GSO (if we ever want to do that).
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
ok this is a real potential deadlock in a way, it takes two locks of 2
skbuffs without doing any kind of lock ordering; I think the following
patch should fix it. Just sort the lock taking order by address of the
skb.. it's not pretty but it's the best this can do in a minimally
invasive way.
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Chas Williams <chas@cmf.nrl.navy.mil>
Signed-off-by: David S. Miller <davem@davemloft.net>
The printk's in the network device interface code should all be tagged
with severity.
Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
"return -err" and blindly inheriting the error code in the netlink
failure exception handler causes errors codes to be returned as
positive value therefore making them being ignored by the caller.
May lead to sending out incomplete netlink messages.
Signed-off-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
The TCA_ACT_KIND attribute is used without checking its
availability when dumping actions therefore leading to a
value of 0x4 being dereferenced.
The use of strcmp() in tc_lookup_action_n() isn't safe
when fed with string from an attribute without enforcing
proper NUL termination.
Both bugs can be triggered with malformed netlink message
and don't require any privileges.
Signed-off-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
* git://git.linux-nfs.org/pub/linux/nfs-2.6:
NLM,NFSv4: Wait on local locks before we put RPC calls on the wire
VFS: Add support for the FL_ACCESS flag to flock_lock_file()
NFSv4: Ensure nfs4_lock_expired() caches delegated locks
NLM,NFSv4: Don't put UNLOCK requests on the wire unless we hold a lock
VFS: Allow caller to determine if BSD or posix locks were actually freed
NFS: Optimise away an excessive GETATTR call when a file is symlinked
This fixes a panic doing the first READDIR or READDIRPLUS call when:
NFS: Fix NFS page_state usage
Revert "Merge branch 'odirect'"
WARNING: /lib/modules/2.6.17-mm2/kernel/net/ieee80211/ieee80211.ko
needs unknown symbol wireless_spy_update
Someone removed the `#ifdef CONFIG_WIRELESS_EXT' from around the callsite
in net/ieee80211/ieee80211_rx.c and didn't update Kconfig appropriately.
The offending patchset seems to be 35c14b855f
which is tittled
[PATCH] ieee80211: remove unnecessary CONFIG_WIRELESS_EXT checking
After a quick look it seems that wireless_spy_update() lives in
net/core/wirless.c, and that file is only compiled if
CONFIG_WIRELESS_EXT is set. Perhaps this is Kconig work, but
in the mean time here is a reversal of the recent change.
Signed-Off-By: Horms <horms@verge.net.au>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
The ieee80211softmac_call_events function, when called with event type
IEEE80211SOFTMAC_EVENT_ASSOCIATE_TIMEOUT should pass the network as the
third parameter. This patch does that.
Signed-off-by: Joseph Jezak <josejx@gentoo.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
This patch addresses the "No queue exists" messages commonly seen during
authentication and associating. These appear due to scheduling multiple
authentication attempts on the same network. To prevent this, I added a
flag to stop multiple authentication attempts by the association layer.
I also added a check to the wx handler to see if we're connecting to a
different network than the one already in progress. This scenario was
causing multiple requests on the same network because the network BSSID
was not being updated despite the fact that the ESSID changed.
Signed-off-by: Joseph Jezak <josejx@gentoo.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
In commit ba9b28d19a, routine
ieee80211softmac_capabilities was added to ieee80211softmac_io.c. As
denoted by its name, it completes the capabilities IE that is
needed in the associate and reassociate requests sent to the
AP. For at least one AP, the Linksys WRT54G V5, the capabilities
field must set the 'short preamble' bit or the AP refuses to
associate. In the commit noted above, there is a call to the
new routine from ieee80211softmac_reassoc_req, but not from
ieee80211softmac_assoc_req. This patch fixes that oversight.
As noted in the subject, v2.6.17 is affected. My bcm43xx card had been
unable to associate since I was forced to buy a new AP. I finally was
able to get a packet dump and traced the problem to the capabilities
info. Although I had heard that a patch was "floating around", I had
not seen it before 2.6.17 was released. As this bug does not affect
security and I seem to have the only AP affected by it, there should
be no problem in leaving it for 2.6.18.
Signed-Off-By: Larry Finger <Larry.Finger@lwfinger.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
this patch fixes coverity id #913. ieee80211_monitor_rx() passes the skb
to netif_rx() and we should not reference it any longer.
Signed-off-by: Eric Sesterhenn <snakebyte@gmx.de>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
We should preallocate IV+ICV space when encrypting the frame.
Currently no problem shows up just because dev_alloc_skb aligns the
data len to SMP_CACHE_BYTES which can be used for ICV.
Signed-off-by: Hong Liu <hong.liu@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
* the client is ia64 or any platform that actually implements
flush_dcache_page(), and
* the server returns fsinfo.dtpref >= client's PAGE_SIZE, and
* the server does *not* return post-op attributes for the directory
in the READDIR reply.
Problem diagnosed by Greg Banks <gnb@melbourne.sgi.com>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
This patch adds the module parameter disable_cfc which can be used to
disable the credit based flow control. The credit based flow control
was introduced with the Bluetooth 1.1 specification and devices can
negotiate its support, but for testing purpose it is helpful to allow
disabling of it.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
This patch is a small cleanup of the L2CAP source code. It makes some
coding style changes and moves some functions around to avoid forward
declarations.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
This patch converts the Bluetooth class devices into real devices. The
Bluetooth class is kept and the driver core provides the appropriate
symlinks for backward compatibility.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
This patch adds a generic Bluetooth platform device that can be used
as parent device by virtual and serial devices.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
This patch introduces the automatic sniff mode feature. This allows
the host to switch idle connections into sniff mode to safe power.
Signed-off-by: Ulisses Furquim <ulissesf@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
This patch introduces a quirk that allows the drivers to tell the host
to correct the SCO buffer size values.
Signed-off-by: Olivier Galibert <galibert@pobox.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Fix for inability of br_dump_ifinfo to handle non-zero start index:
loop index never increases when entered with non-zero start.
Spotted by Kirill Korotaev.
Signed-off-by: Andrey Savochkin <saw@swsoft.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Fix ipv6 GSO payload length calculation.
The ipv6 payload length excludes the ipv6 base header length and so
must be subtracted.
Signed-off-by: Michael Chan <mchan@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
The recent change to direct inspection of bundle buffer tailroom did not
account for the possiblity of unrequested tailroom added by skb_alloc(),
thereby allowing a bundle to be created that exceeds the current link MTU.
An additional check now ensures that bundling works correctly no matter
if the bundle buffer is smaller, larger, or equal to the link MTU.
Signed-off-by: Allan Stephens <allan.stephens@windriver.com>
Signed-off-by: Per Liden <per.liden@ericsson.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
We don't want nasty Xen guests to pass a TCPv6 packet in with gso_type set
to TCPv4 or even UDP (or a packet that's both TCP and UDP).
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
From Jean-Paul F6FBB
ROSE will only try to establish a route using the first route in its
routing table. Fix to iterate through all additional routes if a
connection attempt has failed.
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
In the past routes could be freed even though the were possibly in use ...
Signed-off-by: Ralf Baechle DL5RB <ralf@linux-mips.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
If rose_route_frame return success we'll dereference a stale pointer.
Likely this is only going to result in bad statistics for the ROSE
interface.
This fixes coverity 946.
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
The unix_get_peersec_dgram() stub should have been inlined so that it
disappears.
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Teach sk_lock semantics to the lock validator. In the softirq path the
slock has mutex_trylock()+mutex_unlock() semantics, in the process context
sock_lock() case it has mutex_lock()/mutex_unlock() semantics.
Thus we treat sock_owned_by_user() flagged areas as an exclusion area too,
not just those areas covered by a held sk_lock.slock.
Effect on non-lockdep kernels: minimal, sk_lock_sock_init() has been turned
into an inline function.
Signed-off-by: Ingo Molnar <mingo@elte.hu>
Cc: Arjan van de Ven <arjan@linux.intel.com>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
vlan network devices have devices nesting below it, and are a special
"super class" of normal network devices; split their locks off into a
separate class since they always nest.
[deweerdt@free.fr: fix possible null-pointer deref]
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Frederik Deweerdt <frederik.deweerdt@gmail.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Add i_mutex ordering annotations to the sunrpc rpc_pipe code. This code has 3
levels of i_mutex hierarchy in some cases: parent dir, client dir and file
inside client dir; the i_mutex ordering is I_MUTEX_PARENT -> I_MUTEX_CHILD ->
I_MUTEX_NORMAL
This patch applies this ordering annotation to the various functions. This is
in line with the VFS expected ordering where it is always OK to lock a child
after locking a parent; the sunrpc code is very diligent in doing this
correctly.
Has no effect on non-lockdep kernels.
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
Cc: Trond Myklebust <trond.myklebust@fys.uio.no>
Cc: Neil Brown <neilb@suse.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>