- 29 May, 2013 2 commits
-
-
Jan Beulich authored
kfree_rcu() requires offsetof(..., rcu_head) < 4096, which can get violated with a sufficiently high CONFIG_IP_VS_SH_TAB_BITS. Signed-off-by: Jan Beulich <jbeulich@suse.com> Signed-off-by: Simon Horman <horms@verge.net.au> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
Michal Kubeček authored
In dump_ipv6_packet(), the "recurse" parameter is zero only if dumping contents of a packet embedded into an ICMPv6 error message. Therefore we want to log packet mark if recurse is non-zero, not when it is zero. Signed-off-by: Michal Kubecek <mkubecek@suse.cz> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
- 27 May, 2013 1 commit
-
-
Grzegorz Lyczba authored
Expire cached connection for new TCP/SCTP connection if real server is down. Otherwise, IPVS uses the dead server for the reused connection, instead of a new working one. Signed-off-by: Grzegorz Lyczba <grzegorz.lyczba@gmail.com> Acked-by: Hans Schillstrom <hans@schillstrom.com> Acked-by: Julian Anastasov <ja@ssi.bg> Signed-off-by: Simon Horman <horms@verge.net.au> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
- 23 May, 2013 9 commits
-
-
Chen Gang authored
If nf_log uses ipt_ULOG as logging output, we can deliver non-null terminated strings to user-space since the maximum length of the prefix that is passed by nf_log is NF_LOG_PREFIXLEN but pm->prefix is 32 bytes long (ULOG_PREFIX_LEN). This is actually happening already from nf_conntrack_tcp if ipt_ULOG is used, since it is passing strings longer than 32 bytes. Signed-off-by: Chen Gang <gang.chen@asianux.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
Florian Westphal authored
Quoting https://bugzilla.netfilter.org/show_bug.cgi?id=812: [ ip6tables -m addrtype ] When I tried to use in the nat/PREROUTING it messes up the routing cache even if the rule didn't matched at all. [..] If I remove the --limit-iface-in from the non-working scenario, so just use the -m addrtype --dst-type LOCAL it works! This happens when LOCAL type matching is requested with --limit-iface-in, and the default ipv6 route is via the interface the packet we test arrived on. Because xt_addrtype uses ip6_route_output, the ipv6 routing implementation creates an unwanted cached entry, and the packet won't make it to the real/expected destination. Silently ignoring --limit-iface-in makes the routing work but it breaks rule matching (--dst-type LOCAL with limit-iface-in is supposed to only match if the dst address is configured on the incoming interface; without --limit-iface-in it will match if the address is reachable via lo). The test should call ipv6_chk_addr() instead. However, this would add a link-time dependency on ipv6. There are two possible solutions: 1) Revert the commit that moved ipt_addrtype to xt_addrtype, and put ipv6 specific code into ip6t_addrtype. 2) add new "nf_ipv6_ops" struct to register pointers to ipv6 functions. While the former might seem preferable, Pablo pointed out that there are more xt modules with link-time dependeny issues regarding ipv6, so lets go for 2). Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
Timo Teräs authored
The error exit path needs err explicitly set. Otherwise it returns success and the only caller, xfrm_output_resume(), would oops in skb_dst(skb)->ops derefence as skb_dst(skb) is NULL. Bug introduced in commit bb65a9cb (xfrm: removes a superfluous check and add a statistic). Signed-off-by: Timo Teräs <timo.teras@iki.fi> Cc: Li RongQing <roy.qing.li@gmail.com> Cc: Steffen Klassert <steffen.klassert@secunet.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jason Wang authored
Commit 55257d72 (virtio-net: fill only rx queues which are being used) only does the napi enabling during open for curr_queue_pairs. This will break multiqueue receiving since napi of new queues were still disabled after changing the number of queues. This patch fixes this by enabling napi for all possible queues during open. Cc: Sasha Levin <sasha.levin@oracle.com> Signed-off-by: Jason Wang <jasowang@redhat.com> Acked-by: Rusty Russell <rusty@rustcorp.com.au> Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Nandita Dukkipati authored
This patch is a fix for a bug triggering newly_acked_sacked < 0 in tcp_ack(.). The bug is triggered by sacked_out decreasing relative to prior_sacked, but packets_out remaining the same as pior_packets. This is because the snapshot of prior_packets is taken after tcp_sacktag_write_queue() while prior_sacked is captured before tcp_sacktag_write_queue(). The problem is: tcp_sacktag_write_queue (tcp_match_skb_to_sack() -> tcp_fragment) adjusts the pcount for packets_out and sacked_out (MSS change or other reason). As a result, this delta in pcount is reflected in (prior_sacked - sacked_out) but not in (prior_packets - packets_out). This patch does the following: 1) initializes prior_packets at the start of tcp_ack() so as to capture the delta in packets_out created by tcp_fragment. 2) introduces a new "previous_packets_out" variable that snapshots packets_out right before tcp_clean_rtx_queue, so pkts_acked can be correctly computed as before. 3) Computes pkts_acked using previous_packets_out, and computes newly_acked_sacked using prior_packets. Signed-off-by: Nandita Dukkipati <nanditad@google.com> Acked-by: Yuchung Cheng <ycheng@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
git://git.open-mesh.org/linux-mergeDavid S. Miller authored
Included change: - fix double free in case of failure during mesh initialisation Signed-off-by: David S. Miller <davem@davemloft.net>
-
Emilio López authored
Commit bfd428da ("net: ethernet: sun: initialize variables directly") dropped the only loop that was using i but did not remove the actual variable, therefore causing a warning when building. This patch drops the now redundant line. Reported-by: Stephen Rothwell <sfr@canb.auug.org.au> Signed-off-by: Emilio López <emilio@elopez.com.ar> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Emilio López authored
Commit e998fd41 ("net: ethernet: korina: initialize variables directly") dropped the only loop that was using i but did not remove the actual variable, therefore causing a warning when building. This patch drops the now redundant line. Signed-off-by: Emilio López <emilio@elopez.com.ar> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Emilio López authored
Commit 3b0aaef8 ("net: ethernet: apple: initialize variables directly") dropped the only loop that was using i but did not remove the actual variable, therefore causing a warning when building. This patch drops the now redundant line. Signed-off-by: Emilio López <emilio@elopez.com.ar> Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 22 May, 2013 13 commits
-
-
Hans-Christoph Schemmel authored
Added support for Cinterion's PLxx WWAN Interface by adding QMI_FIXED_INTF with Cinterion's Vendor ID as well as Product ID and WWAN Interface Number. Signed-off-by: Hans-Christoph Schemmel <hans-christoph.schemmel@gemalto.com> Signed-off-by: Christian Schmiedl <christian.schmiedl@gemalto.com> Acked-by: Bjørn Mork <bjorn@mork.no> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
Ben Hutchings says: ==================== Somewhat surprisingly, the net_dropmonitor reporting script doesn't work at all. This series fixes it and then makes it slightly more efficient. ==================== Signed-off-by: David S. Miller <davem@davemloft.net> Acked-by: Neil Horman <nhorman@tuxdriver.com>
-
Ben Hutchings authored
We can read /proc/kallsyms in a fraction of a second, so why waste a further fraction of a second showing progress? Signed-off-by: Ben Hutchings <ben@decadent.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Ben Hutchings authored
Signed-off-by: Ben Hutchings <ben@decadent.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Ben Hutchings authored
The sort order of dictionaries in Python is undocumented. Use tuples instead, which are documented to be lexically ordered. Signed-off-by: Ben Hutchings <ben@decadent.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Ben Hutchings authored
The comparison between traced and symbol addresses is backwards: if the traced address doesn't exactly match a symbol (which we don't expect it to), we'll show the next symbol and the offset to it, whereas we should show the previous symbol and the offset from it. Cc: stable@vger.kernel.org Signed-off-by: Ben Hutchings <ben@decadent.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Ben Hutchings authored
This works much better if we don't treat protocol numbers as addresses. Cc: stable@vger.kernel.org Signed-off-by: Ben Hutchings <ben@decadent.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Shawn Guo authored
MVF is a family while MVF600 is a particular SoC in the family. We generally prefer to use SoC rather than family name in compatible string to define a particular type of fec device. And this is how fec_dt_ids works for all those IMX fec variants. Let's change mvf to mvf600 to have it work in the same way. Signed-off-by: Shawn Guo <shawn.guo@linaro.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Shahed Shaikh authored
o After change in EPORT features of 82xx adapter, netdev->features needs to be updated to reflect EPORT feature updates but driver was manipulating netdev->features at wrong place. o This patch uses netdev_update_features() and .ndo_fix_features() to update netdev->features properly. Signed-off-by: Shahed Shaikh <shahed.shaikh@qlogic.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Sony Chacko authored
Code is removed because netdev->trans_start updates made by the driver will be ignored by the kernel. Signed-off-by: Sony Chacko <sony.chacko@qlogic.com> Signed-off-by: Shahed Shaikh <shahed.shaikh@qlogic.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Sony Chacko authored
Fix error paths in probe to assign proper error codes to probe return value. Signed-off-by: Sony Chacko <sony.chacko@qlogic.com> Signed-off-by: Shahed Shaikh <shahed.shaikh@qlogic.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Nithin Sujir authored
Signed-off-by: Nithin Nayak Sujir <nsujir@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Nithin Sujir authored
After resetting the device, the driver waits for a signature to be updated to know that firmware has completed initialization. However, the call to tg3_poll_fw() is being done too late and we're writing to the GRC_MODE register before it has completely initialized, causing contention with firmware. This logic has existed since day one but is causing PCIE link to go down randomly at startup on one platform once every few hundred reboots. Move the tg3_poll_fw() up to before we write to the GRC_MODE register after reset. Signed-off-by: Nithin Nayak Sujir <nsujir@broadcom.com> Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 21 May, 2013 1 commit
-
-
Martin Hundebøll authored
On errors in batadv_mesh_init(), bat_counters will be freed in both batadv_mesh_free() and batadv_softif_init_late(). This patch fixes this by returning earlier from batadv_softif_init_late() in case of errors in batadv_mesh_init() and by setting bat_counters to NULL after freeing. Signed-off-by: Martin Hundebøll <martin@hundeboll.net> Signed-off-by: Marek Lindner <lindner_marek@yahoo.de> Signed-off-by: Antonio Quartulli <ordex@autistici.org>
-
- 20 May, 2013 12 commits
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/linville/wirelessDavid S. Miller authored
John W. Linville says: ==================== This pull request is intended for the 3.10 series. It contains a variety of fixes for problems discovered during the merge window and after 3.10-rc1. For the mac80211 bits, Johannes says the following: "This is what I have: * a patch from Felix to fix RCU usage in his rate table code * a patch from Ilan to add the wdev id to some notifications so they can actually be used by userspace * Sasha Levin found an issue in how hwsim handles devices * a fix for a bug in the wiphy_register() error path that's been there forever * three fixes for WoWLAN * AP mode frame matching was erroneously giving frames to all virtual AP interfaces (reported by Jouni) * a fix for HT handling in my CSA changes, found by Sujith * a fix for some locking simplifications gone wrong * Ben Greear found more cfg80211/mac80211 state confusion * and a fix for another bug found by Jouni: local state changes need to be reported by mac80211 to cfg80211 so it disconnects properly." And for the iwlwifi bits, he says: "I have fixes for a firmware crash during resume, multicast RX, aggregation and a workaround for a firmware scanning bug." Along with those... Albert Pool adds a USB ID to the rtl8192cu driver. Arend van Spriel restores a driver option support flag that had been removed from 3.9 due to a bug in that version of the driver. Felix Fietkau fixes a trio of ath9k issues with a series of small patches. Geert Uytterhoeven provides a Kconfig fix for ath9k (which you also merged, so it isn't in the diff here). Larry Finger gives us a fix for a build warning on big-endian systems for rtlwifi. Rafał Miłecki adds some core IDs to the bcma driver. Sujith Manoharan fixes a module unloading crash in ath9k, and corrects some calibration settings for AR9485. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
stephen hemminger authored
This patch cures transmit timeout's with DHCP observed while running under KVM. When the transmit ring is cleaned out, the Byte Queue Limit values need to be reset. Signed-off-by: Stephen Hemminger <stephen@networkplumber.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Petko Manolov authored
This patch fixes a potential race with concurrently running asynchronous write requests. The values for device's RX control register are now stored in dynamically allocated buffers so each URB submission has it's own copy. Doing it the old way is data clobbering prone. This patch is against latest 'net' tree. Signed-off-by: Petko Manolov <petkan@nucleusys.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Dan Carpenter authored
In get_capi_ctr_by_nr() and get_capi_appl_by_nr() the parameter comes from skb->data. The current code can underflow to one space before the start of the array. The sanity check isn't needed in __get_capi_appl_by_nr() but I changed it to match the others. Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
John W. Linville authored
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless into for-davem
-
Yuval Mintz authored
Starting with commit 91226790 `bnx2x: use FW 7.8.17', the bnx2x driver no longer requests the FW to perform IP checksums for IPv4 packets. This behaviour needs to be revised for 57710/57711 chips - when using GSO, if the driver will not set the IP checksum flag then packets will be transmitted by the chip without a valid IP checksum, resulting in a drop of all such packets on the receiver-side. Signed-off-by: Yuval Mintz <yuvalmin@broadcom.com> Signed-off-by: Dmitry Kravkov <dmitry@broadcom.com> Signed-off-by: Eilon Greenstein <eilong@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Eric Dumazet authored
Another fix needed in ipgre_err(), as parse_gre_header() might change skb->head. Bug added in commit c5441932 (GRE: Refactor GRE tunneling code.) Signed-off-by: Eric Dumazet <edumazet@google.com> Cc: Pravin B Shelar <pshelar@nicira.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
françois romieu authored
8168evl offloaded checksums are wrong since commit e5195c1f ("r8169: fix 8168evl frame padding.") pads small packets to 60 bytes (without ethernet checksum). Typical symptoms appear as UDP checksums which are wrong by the count of added bytes. It isn't worth compensating. Let the driver checksum. Due to the skb length changes, TSO code is moved before the Tx descriptor gets written. Signed-off-by: Francois Romieu <romieu@fr.zoreil.com> Tested-by: Holger Hoffstätte <holger.hoffstaette@googlemail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
nikolay@redhat.com authored
When bond_3ad_get_active_agg_info() is used in all show_ad_ functions it is not protected against slave manipulation and since it walks over the slaves and uses them, this can easily result in NULL pointer dereference or use of freed memory. Both the new wrapper and the internal function are exported to the bonding as they're needed in different places. Signed-off-by: Nikolay Aleksandrov <nikolay@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
nikolay@redhat.com authored
When getting arp_ip_targets if we encounter a bad IP, arp_ip_count still gets increased and all the targets after the wrong one will not be probed if arp_interval is enabled after that (unless a new IP target is added through sysfs) because of the zero entry, in this case reading arp_ip_target through sysfs will show valid targets even if there's a zero entry. Example: 1.2.3.4,4.5.6.7,blah,5.6.7.8 When retrieving the list from arp_ip_target the output would be: 1.2.3.4,4.5.6.7,5.6.7.8 but there will be a 0 entry between 4.5.6.7 and 5.6.7.8. If arp_interval is enabled after that 5.6.7.8 will never be checked because of that. Signed-off-by: Nikolay Aleksandrov <nikolay@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
nikolay@redhat.com authored
There're few pr_debug() places that can provide the IPv4 address in dotted decimal format instead which is more helpful. Signed-off-by: Nikolay Aleksandrov <nikolay@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
nikolay@redhat.com authored
Changing the mode without any locking can result in multiple races (e.g. upping a bond, enslaving/releasing). Depending on which race is hit the impact can vary from incosistent bond state to kernel crash. Use RTNL to synchronize the mode setting with the dangerous races. Signed-off-by: Nikolay Aleksandrov <nikolay@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 19 May, 2013 2 commits
-
-
Chen Gang authored
'discovery->data.info' length is 22, NICKNAME_MAX_LEN is 21, so the strncpy() will always left the last byte of 'discovery->data.info' uninitialized. When 'text' length is longer than 21 (NICKNAME_MAX_LEN), if still left the last byte of 'discovery->data.info' uninitialized, the next strlen() will cause issue. Also 'discovery->data' is 'struct irda_device_info' which defined in "include/uapi/...", it may copy to user mode, so need whole initialized. All together, need use kzalloc() instead of kmalloc() to initialize all members firstly. Signed-off-by: Chen Gang <gang.chen@asianux.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Paul Moore authored
The net/netlabel/netlabel_domainhash.c:netlbl_domhsh_add() function does not properly validate new domain hash entries resulting in potential problems when an administrator attempts to add an invalid entry. One such problem, as reported by Vlad Halilov, is a kernel BUG (found in netlabel_domainhash.c:netlbl_domhsh_audit_add()) when adding an IPv6 outbound mapping with a CIPSO configuration. This patch corrects this problem by adding the necessary validation code to netlbl_domhsh_add() via the newly created netlbl_domhsh_validate() function. Ideally this patch should also be pushed to the currently active -stable trees. Reported-by: Vlad Halilov <vlad.halilov@gmail.com> Signed-off-by: Paul Moore <pmoore@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-