- 10 Apr, 2006 40 commits
-
-
David Howells authored
This fixes the problem of an oops occuring when a user attempts to add a key to a non-keyring key [CVE-2006-1522]. The problem is that __keyring_search_one() doesn't check that the keyring it's been given is actually a keyring. I've fixed this problem by: (1) declaring that caller of __keyring_search_one() must guarantee that the keyring is a keyring; and (2) making key_create_or_update() check that the keyring is a keyring, and return -ENOTDIR if it isn't. This can be tested by: keyctl add user b b `keyctl add user a a @s` Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-
Linus Torvalds authored
* master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6: (35 commits) [IPV6]: Deinline few large functions in inet6 code [IPV4] ip_fragment: Always compute hash with ipfrag_lock held. [NETFILTER]: Fix DNAT in LOCAL_OUT [X25]: Restore skb->dev setting in x25_type_trans(). [NET]: Fix hotplug race during device registration. [IPV6]: Unexport secure_ipv6_port_ephemeral [NETFILTER]: Fix build with CONFIG_NETFILTER=y/m on IA64 [NET]: More kzalloc conversions. [NET] kzalloc: use in alloc_netdev [PKT_SCHED] act_police: Rename methods. [TG3]: Speed up SRAM access (2nd version) [TG3]: Kill some less useful flags [NETFILTER]: H.323 helper: remove changelog [NETFILTER]: Convert conntrack/ipt_REJECT to new checksumming functions [NETFILTER]: Add address family specific checksum helpers [NETFILTER]: Introduce infrastructure for address family specific operations [NETFILTER]: Fix IP_NF_CONNTRACK_NETLINK dependency [NETFILTER]: H.323 helper: add parameter 'default_rrq_ttl' [NETFILTER]: H.323 helper: make get_h245_addr() static [NETFILTER]: H.323 helper: change EXPORT_SYMBOL to EXPORT_SYMBOL_GPL ...
-
David S. Miller authored
Otherwise the build breaks with EXPERIMENTAL disabled because SPARSEMEM will not get selected properly. See mm/Kconfig for how that works. Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
1) Take doc-book function comment from i386 implementation. 2) cacheline align call_lock, taken from powerpc 3) Need memory barrier after setting call_data 4) Remove timeout Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
This makes debugging things a little bit easier. Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
GDB uses a PTRACE_PEEKUSR call with offset 0 to see if a thread is alive, so provide a success return for this particular special case. Signed-off-by: David S. Miller <davem@davemloft.net>
-
Denis Vlasenko authored
Deinline a few functions which produce 200+ bytes of code. Size Uses Wasted Name and definition ===== ==== ====== ================================================ 429 3 818 __inet6_lookup include/net/inet6_hashtables.h 404 2 384 __inet6_lookup_established include/net/inet6_hashtables.h 206 3 372 __inet6_hash include/net/inet6_hashtables.h Signed-off-by: Denis Vlasenko <vda@ilport.com.ua> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
Otherwise we could compute an inaccurate hash due to the random seed changing. Noticed by Zach Brown and patch is based upon some feedback from Herbert Xu. Signed-off-by: David S. Miller <davem@davemloft.net>
-
Patrick McHardy authored
Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
Noticed by Pascal Schlafer. Signed-off-by: David S. Miller <davem@davemloft.net>
-
Sergey Vlasov authored
From: Thomas de Grenier de Latour <degrenier@easyconnect.fr> On Sun, 9 Apr 2006 21:56:59 +0400, Sergey Vlasov <vsu@altlinux.ru> wrote: > However, show_address() does not output anything unless > dev->reg_state == NETREG_REGISTERED - and this state is set by > netdev_run_todo() only after netdev_register_sysfs() returns, so in > the meantime (while netdev_register_sysfs() is busy adding the > "statistics" attribute group) some process may see an empty "address" > attribute. I've tried the attached patch, suggested by Sergey Vlasov on hotplug-devel@, and as far as i can test it works just fine. Signed-off-by: David S. Miller <davem@davemloft.net>
-
Adrian Bunk authored
This patch removes the unused EXPORT_SYMBOL(secure_ipv6_port_ephemeral). Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Brian Haley authored
Can't build with CONFIG_NETFILTER=y/m on IA64, there's a missing #include in net/ipv6/netfilter.c net/ipv6/netfilter.c: In function `nf_ip6_checksum': net/ipv6/netfilter.c:92: warning: implicit declaration of function `csum_ipv6_magic' Signed-off-by: Brian Haley <brian.haley@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Andrew Morton authored
Signed-off-by: David S. Miller <davem@davemloft.net>
-
Paolo 'Blaisorblade' Giarrusso authored
Noticed this use, fixed it. Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jamal Hadi Salim authored
Rename policer specific _generic_ methods to be specific to _act_police_ Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Michael Chan authored
Speed up SRAM read and write functions if possible by using MMIO instead of config. cycles. With this change, the post reset signature done at the end of D3 power change must now be moved before the D3 power change. IBM reported a problem on powerpc blades during ethtool self test that was caused by the memory test taking excessively long. Config. cycles are very slow on powerpc and the memory test can take more than 10 seconds to complete using config. cycles. David Miller informed me that an earlier version of the patch caused problems on sparc64 systems with built-in tg3 chips. This version fixes the problem by excluding all SUN built-in tg3 chips from doing MMIO SRAM access. TG3_FLAG_EEPROM_WRITE_PROT is also set unconditionally when TG3_FLG2_SUN_570X is set. This should be sane as all SUN chips are built-in and do not require Vaux switching. Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Michael Chan authored
Kill the TG3_FLAG_NO_{TX|RX}_PSEUDO_CSUM flags because they are not very useful. This will free up some bits for new flags. Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Patrick McHardy authored
Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Patrick McHardy authored
Besides removing lots of duplicate code, all converted users benefit from improved HW checksum error handling. Tested with and without HW checksums in almost all combinations. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Patrick McHardy authored
Add checksum operation which takes care of verifying the checksum and dealing with HW checksum errors and avoids multiple checksum operations by setting ip_summed to CHECKSUM_UNNECESSARY after successful verification. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Patrick McHardy authored
Change the queue rerouter intrastructure to a generic usable infrastructure for address family specific operations as a base for some cleanups. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Patrick McHardy authored
When NAT is built as a module, ip_conntrack_netlink can not be linked statically. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jing Min Zhao authored
default_rrq_ttl is used when no TTL is included in the RRQ. Signed-off-by: Jing Min Zhao <zhaojingmin@users.sourceforge.net> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jing Min Zhao authored
Signed-off-by: Jing Min Zhao <zhaojingmin@users.sourceforge.net> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jing Min Zhao authored
Signed-off-by: Jing Min Zhao <zhaojingmin@users.sourceforge.net> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jing Min Zhao authored
Move prototypes of NAT callbacks to ip_conntrack_h323.h. Because the use of typedefs as arguments, some header files need to be moved as well. Signed-off-by: Jing Min Zhao <zhaojingmin@users.sourceforge.net> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Patrick McHardy authored
Fix section mismatch warnings caused by netfilter's init_or_cleanup functions used in many places by splitting the init from the cleanup parts. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Patrick McHardy authored
Clean up hook registration by makeing use of the new mass registration and unregistration helpers. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Patrick McHardy authored
Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Samuel Ortiz authored
This patch enables support for the Sigmatel's STIR421x IrDA chip. Once patched with Sigmatel's firmware, this chip "almost" follows the USB-IrDA spec. Thus this patch is against irda-usb.[ch]. The code has been tested by Nick Fedchik on an STIR4210 chipset based dongle. Signed-off-by: Samuel Ortiz <samuel.ortiz@nokia.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Linus Walleij authored
This patch integrates the smcinit code into the smsc-ircc driver. Some laptops have their smsc-ircc chip not properly configured by the BIOS and needs some preconfiguration. Currently, this can be done from userspace with smcinit, a utility that comes with the irda-utils package. It messes with ioports and PCI settings, from userspace. Now with this patch, if we happen to be on one of the known to be faulty laptops, we preconfigure the chip from the driver. Patch from Linus Walleij <triad@df.lth.se> Signed-off-by: Samuel Ortiz <samuel.ortiz@nokia.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Herbert Xu authored
This patch changes GRE and SIT to generate port unreachable instead of protocol unreachable errors when we can't find a matching tunnel for a packet. This removes the ambiguity as to whether the error is caused by no tunnel being found or by the lack of support for the given tunnel type. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Eric Sesterhenn authored
this fixes coverity bug id #1068. hci_send_sco() frees skb if (skb->len > hdev->sco_mtu). Since it returns a negative error value only in this case, we can directly return here. Signed-off-by: Eric Sesterhenn <snakebyte@gmx.de> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Adrian Bunk authored
This patch fixes a memory leak (buf wasn't freed) spotted by the Coverity checker. Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Adrian Bunk authored
This patch fixes an off-by-21-or-49 error ;-) spotted by the Coverity checker. Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Randy Dunlap authored
Set .name in netconsole's struct console to identify the struct's owner. Signed-off-by: Randy Dunlap <rdunlap@xenotime.net> Acked-by: Matt Mackall <mpm@selenic.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Herbert Xu authored
This patch moves the sending of ICMP messages when there are no IPv4/IPv6 tunnels present to tunnel4/tunnel6 respectively. Please note that for now if xfrm4_tunnel/xfrm6_tunnel is loaded then no ICMP messages will ever be sent. This is similar to how we handle AH/ESP/IPCOMP. This move fixes the bug where we always send an ICMP message when there is no ip6_tunnel device present for a given packet even if it is later handled by IPsec. It also causes ICMP messages to be sent when no IPIP tunnel is present. I've decided to use the "port unreachable" ICMP message over the current value of "address unreachable" (and "protocol unreachable" by GRE) because it is not ambiguous unlike the other ones which can be triggered by other conditions. There seems to be no standard specifying what value must be used so this change should be OK. In fact we should change GRE to use this value as well. Incidentally, this patch also fixes a fairly serious bug in xfrm6_tunnel where we don't check whether the embedded IPv6 header is present before dereferencing it for the inside source address. This patch is inspired by a previous patch by Hugo Santos <hsantos@av.it.pt>. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
-