- 07 Dec, 2006 40 commits
-
-
Michael Chan authored
Add Tg3_FLG2_IS_NIC flag to unambiguously determine whether the device is NIC or onboard. Previously, the EEPROM_WRITE_PROT flag was overloaded to also mean onboard. With the separation, we can support some devices that are onboard but do not use eeprom write protect. Signed-off-by:
Michael Chan <mchan@broadcom.com> Signed-off-by:
David S. Miller <davem@davemloft.net>
-
Michael Chan authored
Signed-off-by:
-
Michael Chan authored
Phy loopback on most 10/100 devices need to be run in 1Gbps mode in GMII mode. Signed-off-by:
-
David S. Miller authored
It duplicates what SLAB debug can do already. Signed-off-by: -
David S. Miller authored
As per Ralf Baechle's observations, the schedule_work() call should give enough of a memory barrier, so the explicit one here is totally unnecessary. Signed-off-by: -
Ralf Baechle authored
I believe all the below memory barriers only matter on SMP so therefore the smp_* variant of the barrier should be used. I'm wondering if the barrier in net/ipv4/inet_timewait_sock.c should be dropped entirely. schedule_work's implementation currently implies a memory barrier and I think sane semantics of schedule_work() should imply a memory barrier, as needed so the caller shouldn't have to worry. It's not quite obvious why the barrier in net/packet/af_packet.c is needed; maybe it should be implied through flush_dcache_page? Signed-off-by:
Ralf Baechle <ralf@linux-mips.org> Signed-off-by:
-
David S. Miller authored
We grab a reference to the route's inetpeer entry but forget to release it in xfrm4_dst_destroy(). Bug discovered by Kazunori MIYAZAWA <kazunori@miyazawa.org> Signed-off-by: -
Joy Latten authored
Disables auditing in ipsec when CONFIG_AUDITSYSCALL is disabled in the kernel. Also includes a bug fix for xfrm_state.c as a result of original ipsec audit patch. Signed-off-by:
Joy Latten <latten@austin.ibm.com> Signed-off-by:
James Morris <jmorris@namei.org> Signed-off-by:
-
Joy Latten authored
An audit message occurs when an ipsec SA or ipsec policy is created/deleted. Signed-off-by:
-
Randy Dunlap authored
include/net/irda/irlan_filter.h:31: warning: 'struct seq_file' declared inside parameter list include/net/irda/irlan_filter.h:31: warning: its scope is only this definition or declaration, which is probably not what you want Signed-off-by:
Randy Dunlap <randy.dunlap@oracle.com> Signed-off-by:
-
Jeet Chaudhuri authored
We must reserve SAR + MAX_HEADER bytes for IrLMP to fit in. Patch from Jeet Chaudhuri <jeetlinux@yahoo.co.in> Signed-off-by:
Samuel Ortiz <samuel@sortiz.org> Signed-off-by:
-
Paul Sokolovsky authored
pxaficp_ir.c was not converted to the device model framework. Signed-off-by:
Paul Sokolovsky <pmiscml@gmail.com> Signed-off-by:
Andrew Morton <akpm@osdl.org> Signed-off-by:
-
Jamal Hadi Salim authored
The command flags for dump and do were swapped.. Signed-off-by:
Jamal Hadi Salim <hadi@cyberus.ca> Signed-off-by:
-
Paul Moore authored
Add a pointer to the OSDL wiki page on Generic Netlink. Signed-off-by:
Paul Moore <paul.moore@hp.com> Signed-off-by:
-
Masahide NAKAMURA authored
When user builds IPv6 header and send it through raw socket, kernel tries to release unlocked sock. (Kernel log shows "BUG: bad unlock balance detected" with enabled debug option.) The lock is held only for non-hdrincl sock in this function then this patch fix to do nothing about lock for hdrincl one. Signed-off-by:
Masahide NAKAMURA <nakam@linux-ipv6.org> Signed-off-by:
-
YOSHIFUJI Hideaki authored
The commit "[IPV6]: Use kmemdup" (commit-id: af879cc7) broke IPv6 fragments. Bug was spotted by Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp>. Signed-off-by:
YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by:
-
Patrick McHardy authored
When the first fw classifier is initialized, there is a small window between the ->init() and ->change() calls, during which the classifier is active but not entirely set up and tp->root is still NULL (->init() does nothing). When a packet is queued during this window a NULL pointer dereference occurs in fw_classify() when trying to dereference head->mask; Signed-off-by:
Patrick McHardy <kaber@trash.net> Signed-off-by:
-
Bart De Schuymer authored
The attached patch resolves an issue where a IP DNATed packet with a martian source is forwarded while it's better to drop it. It also resolves messages complaining about ip forwarding being disabled while it's actually enabled. Thanks to lepton <ytht.net@gmail.com> for reporting this problem. This is probably a candidate for the -stable release. Signed-off-by:
Bart De Schuymer <bdschuym@pandora.be> Signed-off-by:
-
Yasuyuki Kozakai authored
The original code continues loop to find expectation in list if the master conntrack of the found expectation is unconfirmed. But it never success in that case, because nf_conntrack_expect_related() never insert clashed expectation to the list. This stops loop in that case. Signed-off-by:
Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp> Signed-off-by:
-
Yasuyuki Kozakai authored
Signed-off-by:
-
Dmitry Mishin authored
In compat mode, matches and targets valid hooks checks always successful due to not initialized e->comefrom field yet. This patch separates this checks from translation code and moves them after mark_source_chains() call, where these marks are initialized. Signed-off-by:
Dmitry Mishin <dim@openvz.org> Signed-off-by; Patrick McHardy <kaber@trash.net> Signed-off-by:
-
Dmitry Mishin authored
Commit 590bdf7f introduced a regression in match/target hook validation. mark_source_chains builds a bitmask for each rule representing the hooks it can be reached from, which is then used by the matches and targets to make sure they are only called from valid hooks. The patch moved the match/target specific validation before the mark_source_chains call, at which point the mask is always zero. This patch returns back to the old order and moves the standard checks to mark_source_chains. This allows to get rid of a special case for standard targets as a nice side-effect. Signed-off-by:
-
Herbert Xu authored
Rather than stuffing integers into pointers with casts, let's use a union. Signed-off-by:
Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by:
-
David S. Miller authored
Fixes: crypto/lrw.c:99: warning: conflicting types for built-in function ‘round’ Signed-off-by: -
Herbert Xu authored
As CBC is the default chaining method for cryptoloop, we should select it from cryptoloop to ease the transition. Signed-off-by: -
Rik Snel authored
Do modprobe tcrypt mode=10 to check the included test vectors, they are from: http://grouper.ieee.org/groups/1619/email/pdf00017.pdf and from http://www.mail-archive.com/stds-p1619@listserv.ieee.org/msg00173.html. To make the last test vector fit, I had to increase the buffer size of input and result to 512 bytes. Signed-off-by:
Rik Snel <rsnel@cube.dyndns.org> Signed-off-by:
-
Rik Snel authored
Main module, this implements the Liskov Rivest Wagner block cipher mode in the new blockcipher API. The implementation is based on ecb.c. The LRW-32-AES specification I used can be found at: http://grouper.ieee.org/groups/1619/email/pdf00017.pdf It implements the optimization specified as optional in the specification, and in addition it uses optimized multiplication routines from gf128mul.c. Since gf128mul.[ch] is not tested on bigendian, this cipher mode may currently fail badly on bigendian machines. Signed-off-by:
-
Rik Snel authored
A lot of cypher modes need multiplications in GF(2^128). LRW, ABL, GCM... I use functions from this library in my LRW implementation and I will also use them in my ABL (Arbitrary Block Length, an unencumbered (correct me if I am wrong, wide block cipher mode). Elements of GF(2^128) must be presented as u128 *, it encourages automatic and proper alignment. The library contains support for two different representations of GF(2^128), see the comment in gf128mul.h. There different levels of optimization (memory/speed tradeoff). The code is based on work by Dr Brian Gladman. Notable changes: - deletion of two optimization modes - change from u32 to u64 for faster handling on 64bit machines - support for 'bbe' representation in addition to the, already implemented, 'lle' representation. - move 'inline void' functions from header to 'static void' in the source file - update to use the linux coding style conventions The original can be found at: http://fp.gladman.plus.com/AES/modes.vc8.19-06-06.zip The copyright (and GPL statement) of the original author is preserved. Signed-off-by:
-
Rik Snel authored
128bit is a common blocksize in linux kernel cryptography, so it helps to centralize some common operations. The code, while mostly trivial, is based on a header file mode_hdr.h in http://fp.gladman.plus.com/AES/modes.vc8.19-06-06.zip The original copyright (and GPL statement) of the original author, Dr Brian Gladman, is preserved. Signed-off-by:
-
Adrian Bunk authored
This patch removes the following no longer used functions: - api.c: crypto_alg_available() - digest.c: crypto_digest_init() - digest.c: crypto_digest_update() - digest.c: crypto_digest_final() - digest.c: crypto_digest_digest() Signed-off-by:
Adrian Bunk <bunk@stusta.de> Signed-off-by:
-
Adrian Bunk authored
On Tue, Nov 14, 2006 at 01:41:25AM -0800, Andrew Morton wrote: >... > Changes since 2.6.19-rc5-mm2: >... > git-cryptodev.patch >... > git trees >... This patch makes the needlessly global geode_aes_crypt() static. Signed-off-by:
-
Adrian Bunk authored
On Tue, Nov 14, 2006 at 01:41:25AM -0800, Andrew Morton wrote: >... > Changes since 2.6.19-rc5-mm2: >... > git-cryptodev.patch >... > git trees >... This patch makes some needlessly global code static. Signed-off-by:
-
Kazunori MIYAZAWA authored
The glue of xfrm. Signed-off-by:
Kazunori MIYAZAWA <miyazawa@linux-ipv6.org> Signed-off-by:
-
Kazunori MIYAZAWA authored
est vectors of XCBC with AES-128. Signed-off-by:
-
Kazunori MIYAZAWA authored
This is core code of XCBC. XCBC is an algorithm that forms a MAC algorithm out of a cipher algorithm. For example, AES-XCBC-MAC is a MAC algorithm based on the AES cipher algorithm. Signed-off-by:
-
Herbert Xu authored
This patch makes the IV u64-aligned since essiv does a u64 store to it. Signed-off-by: -
Rik Snel authored
LRW-32-AES needs a certain IV. This IV should be provided dm-crypt. The block cipher mode could, in principle generate the correct IV from the plain IV, but I think that it is cleaner to supply the right IV directly. The sector -> narrow block calculation uses a shift for performance reasons. This shift is computed in .ctr and stored in cc->iv_gen_private (as a void *). Signed-off-by:
-
Jordan Crouse authored
Add a driver to support the AES hardware on the Geode LX processor. Signed-off-by:
Jordan Crouse <jordan.crouse@amd.com> Signed-off-by:
-
Jamal Hadi Salim authored
Same comments as in "[XFRM] Optimize policy dumping" The numbers are (20K SAs):
-
Jamal Hadi Salim authored
This change optimizes the dumping of Security policies. 1) Before this change .. speedopolis:~# time ./ip xf pol real 0m22.274s user 0m0.000s sys 0m22.269s 2) Turn off sub-policies speedopolis:~# ./ip xf pol real 0m13.496s user 0m0.000s sys 0m13.493s i suppose the above is to be expected 3) With this change .. speedopolis:~# time ./ip x policy real 0m7.901s user 0m0.008s sys 0m7.896s
-
