]> pilppa.com Git - linux-2.6-omap-h63xx.git/log
linux-2.6-omap-h63xx.git
16 years ago[IPV6]: Support Source Address Selection API (RFC5014).
YOSHIFUJI Hideaki [Tue, 25 Mar 2008 00:37:42 +0000 (09:37 +0900)]
[IPV6]: Support Source Address Selection API (RFC5014).

Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
16 years ago[IPV6]: Use bitfields for hop_limit and mcast_hops.
YOSHIFUJI Hideaki [Mon, 10 Mar 2008 14:56:55 +0000 (10:56 -0400)]
[IPV6]: Use bitfields for hop_limit and mcast_hops.

Save some bits for future extensions.

Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
16 years ago[IPV6]: Optimize hop-limit determination.
YOSHIFUJI Hideaki [Mon, 10 Mar 2008 10:00:30 +0000 (06:00 -0400)]
[IPV6]: Optimize hop-limit determination.

Last part of hop-limit determination is always:
    hoplimit = dst_metric(dst, RTAX_HOPLIMIT);
    if (hoplimit < 0)
        hoplimit = ipv6_get_hoplimit(dst->dev).

Let's consolidate it as ip6_dst_hoplimit(dst).

Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
16 years ago[IPV6]: Convert cork.hop_limit and cork.tclass into u8 instead of int.
YOSHIFUJI Hideaki [Mon, 10 Mar 2008 08:41:33 +0000 (04:41 -0400)]
[IPV6]: Convert cork.hop_limit and cork.tclass into u8 instead of int.

Values of those fields are always between 0 and 255 (inclusive),
so use u8 and save some memory on 32bit systems.

Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
16 years ago[IPV4,IPV6]: Share cork.rt between IPv4 and IPv6.
YOSHIFUJI Hideaki [Mon, 10 Mar 2008 08:30:37 +0000 (04:30 -0400)]
[IPV4,IPV6]: Share cork.rt between IPv4 and IPv6.

Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
16 years ago[IPV6] ADDRCONF: Clean-up ipv6_dev_get_saddr().
YOSHIFUJI Hideaki [Sun, 2 Mar 2008 01:48:21 +0000 (10:48 +0900)]
[IPV6] ADDRCONF: Clean-up ipv6_dev_get_saddr().

old:
|    text    data     bss     dec     hex filename
|   28599    1416      96   30111    759f net/ipv6/addrconf.o

new:
|    text    data     bss     dec     hex filename
|   28007    1416      96   29519    734f net/ipv6/addrconf.o

Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
16 years ago[XFRM] MIP6: Fix address keys for routing search.
YOSHIFUJI Hideaki [Fri, 22 Feb 2008 05:48:22 +0000 (14:48 +0900)]
[XFRM] MIP6: Fix address keys for routing search.

Each MIPv6 XFRM state (DSTOPT/RH2) holds either destination or source
address to be mangled in the IPv6 header (that is "CoA").
On Inter-MN communication after both nodes binds each other,
they use route optimized traffic two MIPv6 states applied, and
both source and destination address in the IPv6 header
are replaced by the states respectively.
The packet format is correct, however, next-hop routing search
are not.
This patch fixes it by remembering address pairs for later states.

Based on patch from Masahide NAKAMURA <nakam@linux-ipv6.org>.

Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org>
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
16 years ago[XFRM] IPV6: Optimize __xfrm_tunnel_alloc_spi().
YOSHIFUJI Hideaki [Tue, 19 Feb 2008 13:54:00 +0000 (22:54 +0900)]
[XFRM] IPV6: Optimize __xfrm_tunnel_alloc_spi().

| % size old/net/ipv6/xfrm6_tunnel.o new/net/ipv6/xfrm6_tunnel.o
|    text    data     bss     dec     hex filename
|    1606      40    2080    3726     e8e old/net/ipv6/xfrm6_tunnel.o
|    1574      40    2080    3694     e6e new/net/ipv6/xfrm6_tunnel.o

Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
16 years ago[XFRM] IPV6: Optimize xfrm6_input_addr().
YOSHIFUJI Hideaki [Tue, 19 Feb 2008 08:24:33 +0000 (17:24 +0900)]
[XFRM] IPV6: Optimize xfrm6_input_addr().

| % size old/net/ipv6/xfrm6_input.o new/net/ipv6/xfrm6_input.o
|    text    data     bss     dec     hex filename
|    1026       0       0    1026     402 old/net/ipv6/xfrm6_input.o
|     947       0       0     947     3b3 new/net/ipv6/xfrm6_input.o

Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
16 years ago[XFRM] IPV6: Use distribution counting sort for xfrm_state/xfrm_tmpl chain.
YOSHIFUJI Hideaki [Tue, 19 Feb 2008 01:15:27 +0000 (10:15 +0900)]
[XFRM] IPV6: Use distribution counting sort for xfrm_state/xfrm_tmpl chain.

Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
16 years ago[NETNS]: Enable TCP/UDP/ICMP inside namespace.
Denis V. Lunev [Mon, 24 Mar 2008 22:34:06 +0000 (15:34 -0700)]
[NETNS]: Enable TCP/UDP/ICMP inside namespace.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETNS]: Allow to create sockets in non-initial namespace.
Denis V. Lunev [Mon, 24 Mar 2008 22:33:42 +0000 (15:33 -0700)]
[NETNS]: Allow to create sockets in non-initial namespace.

Allow to create sockets in the namespace if the protocol ok with this.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETNS]: Drop packets in the non-initial namespace on the per/protocol basis.
Denis V. Lunev [Mon, 24 Mar 2008 22:33:00 +0000 (15:33 -0700)]
[NETNS]: Drop packets in the non-initial namespace on the per/protocol basis.

IP layer now can handle multiple namespaces normally. So, process such
packets normally and drop them only if the transport layer is not
aware about namespaces.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETNS]: Process netfilter hooks in initial namespace only.
Denis V. Lunev [Mon, 24 Mar 2008 22:32:09 +0000 (15:32 -0700)]
[NETNS]: Process netfilter hooks in initial namespace only.

There were no packets in the namespace other than initial
previously. This will be changed in the neareast future. Netfilters
are not namespace aware and should be processed in the initial
namespace only for now.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETNS]: Process INET socket layer in the correct namespace.
Denis V. Lunev [Mon, 24 Mar 2008 22:31:35 +0000 (15:31 -0700)]
[NETNS]: Process INET socket layer in the correct namespace.

Replace all the reast of the init_net with a proper net on the socket
layer.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETNS]: Process IP layer in the context of the correct namespace.
Denis V. Lunev [Mon, 24 Mar 2008 22:31:00 +0000 (15:31 -0700)]
[NETNS]: Process IP layer in the context of the correct namespace.

Replace all the rest of the init_net with a proper net on the IP layer.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETNS]: Add namespace parameter to ip_cmsg_send.
Denis V. Lunev [Mon, 24 Mar 2008 22:30:27 +0000 (15:30 -0700)]
[NETNS]: Add namespace parameter to ip_cmsg_send.

Pass the init_net there for now.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETNS]: Add namespace parameter to ip_options_get(...).
Denis V. Lunev [Mon, 24 Mar 2008 22:29:55 +0000 (15:29 -0700)]
[NETNS]: Add namespace parameter to ip_options_get(...).

Pass the init_net there for now.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETNS]: Add namespace parameter to ip_options_compile.
Denis V. Lunev [Mon, 24 Mar 2008 22:29:23 +0000 (15:29 -0700)]
[NETNS]: Add namespace parameter to ip_options_compile.

ip_options_compile uses inet_addr_type which requires a namespace. The
packet argument is optional, so parameter is the only way to obtain
it. Pass the init_net there for now.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETNS]: /proc/net/arp namespacing.
Denis V. Lunev [Mon, 24 Mar 2008 22:28:43 +0000 (15:28 -0700)]
[NETNS]: /proc/net/arp namespacing.

Seqfile operation showing /proc/net/arp are already namespace
aware. All we need is to register this file for each namespace.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETNS]: Process ARP in the context of the correct namespace.
Denis V. Lunev [Mon, 24 Mar 2008 22:28:12 +0000 (15:28 -0700)]
[NETNS]: Process ARP in the context of the correct namespace.

Get namespace from a device and pass it to the routing engine. Enable
ARP packet processing and device notifiers after that.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETNS]: Minor information leak via /proc/net/ptype file.
Pavel Emelyanov [Mon, 24 Mar 2008 21:57:45 +0000 (14:57 -0700)]
[NETNS]: Minor information leak via /proc/net/ptype file.

This file displays the registered packet types, but some of them
(packet sockets creates such) can be bound to a net device and showing
them in a wrong namespace is not correct.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETNS][UDP-Lite]: Register /proc/net/udplite(6) in a namespace.
Pavel Emelyanov [Mon, 24 Mar 2008 21:56:57 +0000 (14:56 -0700)]
[NETNS][UDP-Lite]: Register /proc/net/udplite(6) in a namespace.

UDP-Lite sockets are displayed in another files, rather than
UDP ones, so make the present in namespaces as well.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[UDP-Lite]: Clean up proc creation a bit.
Pavel Emelyanov [Mon, 24 Mar 2008 21:56:34 +0000 (14:56 -0700)]
[UDP-Lite]: Clean up proc creation a bit.

Just introduce a helper to remove ifdefs from inside the
udplite4_register function. This will help to make the next patch
nicer.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETNS][TCP]: Register /proc/net/tcp in a namespace.
Pavel Emelyanov [Mon, 24 Mar 2008 21:56:02 +0000 (14:56 -0700)]
[NETNS][TCP]: Register /proc/net/tcp in a namespace.

After the commit f40c8174d3c21bf178283f3ef3aa8c7bf238fdec ([NETNS][IPV4]
tcp - make proc handle the network namespaces) it is now possible to make
this file present in newly created namespaces.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETNS][UDP]: Register /proc/net/udp in a namespace.
Pavel Emelyanov [Mon, 24 Mar 2008 21:53:49 +0000 (14:53 -0700)]
[NETNS][UDP]: Register /proc/net/udp in a namespace.

After the commit a91275eff43a527e1a25d6d034cbcd19ee323e64 ([NETNS][IPV6]
udp - make proc handle the network namespace) it is now possible to make
this file present in newly created namespaces.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years agoMerge branch 'master' of ../net-2.6/
David S. Miller [Mon, 24 Mar 2008 05:54:03 +0000 (22:54 -0700)]
Merge branch 'master' of ../net-2.6/

Conflicts:

net/ipv6/ndisc.c

16 years ago[CASSINI]: Use shorter list_splice_init() macro for brevity.
Robert P. J. Day [Mon, 24 Mar 2008 05:47:53 +0000 (22:47 -0700)]
[CASSINI]: Use shorter list_splice_init() macro for brevity.

Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[SCTP]: Remove redundant wrapper functions.
Florian Westphal [Mon, 24 Mar 2008 05:47:08 +0000 (22:47 -0700)]
[SCTP]: Remove redundant wrapper functions.

sctp_datamsg_free and sctp_datamsg_track are just aliases for
sctp_datamsg_put and sctp_chunk_hold, respectively.

Saves 32 Bytes on x86.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[SCTP]: Replace char msg[] with static const char[].
Florian Westphal [Mon, 24 Mar 2008 05:46:34 +0000 (22:46 -0700)]
[SCTP]: Replace char msg[] with static const char[].

133886    2004     220  136110   213ae sctp.new/sctp.o
134018    2004     220  136242   21432 sctp.old/sctp.o

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years agofib_trie: print information on all routing tables
Stephen Hemminger [Mon, 24 Mar 2008 05:43:56 +0000 (22:43 -0700)]
fib_trie: print information on all routing tables

Make /proc/net/fib_trie and /proc/net/fib_triestat display
all routing tables, not just local and main.

Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[AF_PACKET]: Remove unused variable.
Jiri Olsa [Mon, 24 Mar 2008 05:42:34 +0000 (22:42 -0700)]
[AF_PACKET]: Remove unused variable.

Signed-off-by: Jiri Olsa <olsajiri@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[TCP]: Shrink syncookie_secret by 8 byte.
Florian Westphal [Mon, 24 Mar 2008 05:21:28 +0000 (22:21 -0700)]
[TCP]: Shrink syncookie_secret by 8 byte.

the first u32 copied from syncookie_secret is overwritten by the
minute-counter four lines below.  After adjusting the destination
address, the size of syncookie_secret can be reduced accordingly.

AFAICS, the only other user of syncookie_secret[] is the ipv6
syncookie support.  Because ipv6 syncookies only grab 44 bytes from
syncookie_secret[], this shouldn't affect them in any way.

With fixes from Glenn Griffin.

Signed-off-by: Florian Westphal <fw@strlen.de>
Acked-by: Glenn Griffin <ggriffin.kernel@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NET]: include/linux/udp.h - remove duplicate include
Joe Perches [Mon, 24 Mar 2008 05:06:51 +0000 (22:06 -0700)]
[NET]: include/linux/udp.h - remove duplicate include

Remove duplicate #include <linux/types.h>
Combine #ifdef __KERNEL__ blocks

Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NET]: include/linux/igmp.h - remove duplicate include
Joe Perches [Mon, 24 Mar 2008 05:05:44 +0000 (22:05 -0700)]
[NET]: include/linux/igmp.h - remove duplicate include

Removed duplicate #include <linux/skbuff.h>
Combined #ifdef __KERNEL__ blocks

Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NET]: include/linux/atalk.h - remove duplicate include
Joe Perches [Mon, 24 Mar 2008 05:04:31 +0000 (22:04 -0700)]
[NET]: include/linux/atalk.h - remove duplicate include

Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NET]: include/net/route.h - remove duplicate include
Joe Perches [Mon, 24 Mar 2008 05:03:56 +0000 (22:03 -0700)]
[NET]: include/net/route.h - remove duplicate include

Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years agosch_htb: fix "too many events" situation
Martin Devera [Mon, 24 Mar 2008 05:00:38 +0000 (22:00 -0700)]
sch_htb: fix "too many events" situation

HTB is event driven algorithm and part of its work is to apply
scheduled events at proper times. It tried to defend itself from
livelock by processing only limited number of events per dequeue.
Because of faster computers some users already hit this hardcoded
limit.

This patch limits processing up to 2 jiffies (why not 1 jiffie ?
because it might stop prematurely when only fraction of jiffie
remains).

Signed-off-by: Martin Devera <devik@cdi.cz>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IPV6]: Remove unused code in ndisc_send_redirect().
Rami Rosen [Mon, 24 Mar 2008 04:58:44 +0000 (21:58 -0700)]
[IPV6]: Remove unused code in ndisc_send_redirect().

This patches removes unused code in ndisc_send_redirect() method in
net/ipv6/ndisc.c.

Signed-off-by: Rami Rosen <ramirose@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years agoconnector: convert to single-threaded workqueue
Evgeniy Polyakov [Mon, 24 Mar 2008 04:51:12 +0000 (21:51 -0700)]
connector: convert to single-threaded workqueue

From: Evgeniy Polyakov <johnpol@2ka.mipt.ru>

We don't need one cqueue thread for each CPU.  cqueue is used for
receiving userspace datagrams, which are very rare and thus will
happily live with a single queue.

Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[ATM]: When proc_create() fails, do some error handling work and return -ENOMEM.
Wang Chen [Mon, 24 Mar 2008 04:45:36 +0000 (21:45 -0700)]
[ATM]: When proc_create() fails, do some error handling work and return -ENOMEM.

Signed-off-by: Wang Chen <wangchen@cn.fujitsu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[SUNGEM]: Fix NAPI assertion failure.
David S. Miller [Sun, 23 Mar 2008 10:35:12 +0000 (03:35 -0700)]
[SUNGEM]: Fix NAPI assertion failure.

As reported by Johannes Berg:

I started getting this warning with recent kernels:

[  773.908927] ------------[ cut here ]------------
[  773.908954] Badness at net/core/dev.c:2204
 ...

If we loop more than once in gem_poll(), we'll
use more than the real budget in our gem_rx()
calls, thus eventually trigger the caller's
assertions in net_rx_action().

Subtract "work_done" from "budget" for the second
arg to gem_rx() to fix the bug.

Signed-off-by: David S. Miller <davem@davemloft.net>
16 years agoBNX2X: prevent ethtool from setting port type
Eliezer Tamir [Sun, 23 Mar 2008 10:07:45 +0000 (03:07 -0700)]
BNX2X: prevent ethtool from setting port type

On 10GBaseT boards setting the type to TP will cause the driver to try
to configure 1GBaseT.
Since there are currently no boards that support setting of the port
type, disable this for now.

Signed-off-by: Eliezer Tamir <eliezert@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[8390]: Fix build error.
David S. Miller [Sun, 23 Mar 2008 01:33:28 +0000 (18:33 -0700)]
[8390]: Fix build error.

module_init() function reference is wrong.

Signed-off-by: David S. Miller <davem@davemloft.net>
16 years agoMerge branch 'upstream-net26' of master.kernel.org:/pub/scm/linux/kernel/git/jgarzik...
David S. Miller [Sun, 23 Mar 2008 01:22:42 +0000 (18:22 -0700)]
Merge branch 'upstream-net26' of master.kernel.org:/pub/scm/linux/kernel/git/jgarzik/netdev-2.6

Conflicts:

drivers/s390/net/qeth_main.c

16 years ago[9P] net/9p/trans_fd.c: remove unused variable
Julia Lawall [Sun, 23 Mar 2008 01:05:33 +0000 (18:05 -0700)]
[9P] net/9p/trans_fd.c: remove unused variable

The variable cb is initialized but never used otherwise.

The semantic patch that makes this change is as follows:
(http://www.emn.fr/x-info/coccinelle/)

// <smpl>
@@
type T;
identifier i;
constant C;
@@

(
extern T i;
|
- T i;
  <+... when != i
- i = C;
  ...+>
)
// </smpl>

Signed-off-by: Julia Lawall <julia@diku.dk>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IPV6] net/ipv6/ndisc.c: remove unused variable
Julia Lawall [Sun, 23 Mar 2008 01:04:16 +0000 (18:04 -0700)]
[IPV6] net/ipv6/ndisc.c: remove unused variable

The variable hlen is initialized but never used otherwise.

The semantic patch that makes this change is as follows:
(http://www.emn.fr/x-info/coccinelle/)

// <smpl>
@@
type T;
identifier i;
constant C;
@@

(
extern T i;
|
- T i;
  <+... when != i
- i = C;
  ...+>
)
// </smpl>

Signed-off-by: Julia Lawall <julia@diku.dk>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IPV4] fib_trie: fix warning from rcu_assign_poinger
Stephen Hemminger [Sun, 23 Mar 2008 00:59:58 +0000 (17:59 -0700)]
[IPV4] fib_trie: fix warning from rcu_assign_poinger

This gets rid of a warning caused by the test in rcu_assign_pointer.
I tried to fix rcu_assign_pointer, but that devolved into a long set
of discussions about doing it right that came to no real solution.
Since the test in rcu_assign_pointer for constant NULL would never
succeed in fib_trie, just open code instead.

Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
Acked-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IPV4] route: use read_mostly
Stephen Hemminger [Sun, 23 Mar 2008 00:43:59 +0000 (17:43 -0700)]
[IPV4] route: use read_mostly

The route table parameters are set based on system memory and sysctl
values that almost never change. Also the genid only changes every
10 minutes.

RTprint is defined by never used.

Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IPV4]: sk parameter is unused in ipv4_dst_blackhole.
Denis V. Lunev [Sun, 23 Mar 2008 00:42:37 +0000 (17:42 -0700)]
[IPV4]: sk parameter is unused in ipv4_dst_blackhole.

Just remove it.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NET]: NPROTO is redundant; it's equal to AF_MAX/PF_MAX.
Rusty Russell [Sun, 23 Mar 2008 00:18:47 +0000 (17:18 -0700)]
[NET]: NPROTO is redundant; it's equal to AF_MAX/PF_MAX.

DaveM pointed out NPROTO exposed to userspace, so keep it around,
just make sure it stays in sync.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[RAW]: Add raw_hashinfo member on struct proto.
Pavel Emelyanov [Sat, 22 Mar 2008 23:56:51 +0000 (16:56 -0700)]
[RAW]: Add raw_hashinfo member on struct proto.

Sorry for the patch sequence confusion :| but I found that the similar
thing can be done for raw sockets easily too late.

Expand the proto.h union with the raw_hashinfo member and use it in
raw_prot and rawv6_prot. This allows to drop the protocol specific
versions of hash and unhash callbacks.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[UDP]: Make full use of proto.h.udp_hash innovation.
Pavel Emelyanov [Sat, 22 Mar 2008 23:51:21 +0000 (16:51 -0700)]
[UDP]: Make full use of proto.h.udp_hash innovation.

After this we have only udp_lib_get_port to get the port and two
stubs for ipv4 and ipv6. No difference in udp and udplite except
for initialized h.udp_hash member.

I tried to find a graceful way to drop the only difference between
udp_v4_get_port and udp_v6_get_port (i.e. the rcv_saddr comparison
routine), but adding one more callback on the struct proto didn't
appear such :( Maybe later.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[SOCK]: Add udp_hash member to struct proto.
Pavel Emelyanov [Sat, 22 Mar 2008 23:50:58 +0000 (16:50 -0700)]
[SOCK]: Add udp_hash member to struct proto.

Inspired by the commit ab1e0a13 ([SOCK] proto: Add hashinfo member to
struct proto) from Arnaldo, I made similar thing for UDP/-Lite IPv4
and -v6 protocols.

The result is not that exciting, but it removes some levels of
indirection in udpxxx_get_port and saves some space in code and text.

The first step is to union existing hashinfo and new udp_hash on the
struct proto and give a name to this union, since future initialization
of tcpxxx_prot, dccp_vx_protinfo and udpxxx_protinfo will cause gcc
warning about inability to initialize anonymous member this way.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IPV4]: Always pass ip_options pointer into ip_options_compile.
Denis V. Lunev [Sat, 22 Mar 2008 23:36:20 +0000 (16:36 -0700)]
[IPV4]: Always pass ip_options pointer into ip_options_compile.

This makes code a bit more uniform and straigthforward.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IPV4]: Remove unused ip_options->is_data.
Denis V. Lunev [Sat, 22 Mar 2008 23:35:29 +0000 (16:35 -0700)]
[IPV4]: Remove unused ip_options->is_data.

ip_options->is_data is assigned only and never checked. The structure is
not a part of kernel interface to the userspace. So, it is safe to remove
this field.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IPV4]: Remove unnecessary check for opt->is_data in ip_options_compile.
Denis V. Lunev [Sat, 22 Mar 2008 23:35:00 +0000 (16:35 -0700)]
[IPV4]: Remove unnecessary check for opt->is_data in ip_options_compile.

There is the only way to reach ip_options compile with opt != NULL:

ip_options_get_finish
    opt->is_data = 1;
    ip_options_compile(opt, NULL)

So, checking for is_data inside opt != NULL branch is not needed.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[TCP]: Let skbs grow over a page on fast peers
Herbert Xu [Sat, 22 Mar 2008 22:47:05 +0000 (15:47 -0700)]
[TCP]: Let skbs grow over a page on fast peers

While testing the virtio-net driver on KVM with TSO I noticed
that TSO performance with a 1500 MTU is significantly worse
compared to the performance of non-TSO with a 16436 MTU.  The
packet dump shows that most of the packets sent are smaller
than a page.

Looking at the code this actually is quite obvious as it always
stop extending the packet if it's the first packet yet to be
sent and if it's larger than the MSS.  Since each extension is
bound by the page size, this means that (given a 1500 MTU) we're
very unlikely to construct packets greater than a page, provided
that the receiver and the path is fast enough so that packets can
always be sent immediately.

The fix is also quite obvious.  The push calls inside the loop
is just an optimisation so that we don't end up doing all the
sending at the end of the loop.  Therefore there is no specific
reason why it has to do so at MSS boundaries.  For TSO, the
most natural extension of this optimisation is to do the pushing
once the skb exceeds the TSO size goal.

This is what the patch does and testing with KVM shows that the
TSO performance with a 1500 MTU easily surpasses that of a 16436
MTU and indeed the packet sizes sent are generally larger than
16436.

I don't see any obvious downsides for slower peers or connections,
but it would be prudent to test this extensively to ensure that
those cases don't regress.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[TCP]: TCP_DEFER_ACCEPT updates - process as established
Patrick McManus [Fri, 21 Mar 2008 23:33:01 +0000 (16:33 -0700)]
[TCP]: TCP_DEFER_ACCEPT updates - process as established

Change TCP_DEFER_ACCEPT implementation so that it transitions a
connection to ESTABLISHED after handshake is complete instead of
leaving it in SYN-RECV until some data arrvies. Place connection in
accept queue when first data packet arrives from slow path.

Benefits:
  - established connection is now reset if it never makes it
   to the accept queue

 - diagnostic state of established matches with the packet traces
   showing completed handshake

 - TCP_DEFER_ACCEPT timeouts are expressed in seconds and can now be
   enforced with reasonable accuracy instead of rounding up to next
   exponential back-off of syn-ack retry.

Signed-off-by: Patrick McManus <mcmanus@ducksong.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[TCP]: TCP_DEFER_ACCEPT updates - dont retxmt synack
Patrick McManus [Fri, 21 Mar 2008 23:29:22 +0000 (16:29 -0700)]
[TCP]: TCP_DEFER_ACCEPT updates - dont retxmt synack

a socket in LISTEN that had completed its 3 way handshake, but not notified
userspace because of SO_DEFER_ACCEPT, would retransmit the already
acked syn-ack during the time it was waiting for the first data byte
from the peer.

Signed-off-by: Patrick McManus <mcmanus@ducksong.com>
Acked-by: Eric Dumazet <dada1@cosmosbay.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[TCP]: TCP_DEFER_ACCEPT updates - defer timeout conflicts with max_thresh
Patrick McManus [Fri, 21 Mar 2008 23:27:38 +0000 (16:27 -0700)]
[TCP]: TCP_DEFER_ACCEPT updates - defer timeout conflicts with max_thresh

timeout associated with SO_DEFER_ACCEPT wasn't being honored if it was
less than the timeout allowed by the maximum syn-recv queue size
algorithm. Fix by using the SO_DEFER_ACCEPT value if the ack has
arrived.

Signed-off-by: Patrick McManus <mcmanus@ducksong.com>
Acked-by: Eric Dumazet <dada1@cosmosbay.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[DLCI]: Fix tiny race between module unload and sock_ioctl.
Pavel Emelyanov [Fri, 21 Mar 2008 22:58:52 +0000 (15:58 -0700)]
[DLCI]: Fix tiny race between module unload and sock_ioctl.

This is a narrow pedantry :) but the dlci_ioctl_hook check and call
should not be parted with the mutex lock.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years agosocket: SOCK_DEBUG type checking
Stephen Hemminger [Fri, 21 Mar 2008 22:54:53 +0000 (15:54 -0700)]
socket: SOCK_DEBUG type checking

Use the inline trick (same as pr_debug) to get checking of debug
statements even if no code is generated.

Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NET]: NULL pointer dereference and other nasty things in /proc/net/(tcp|udp)[6]
Pavel Emelyanov [Fri, 21 Mar 2008 22:52:00 +0000 (15:52 -0700)]
[NET]: NULL pointer dereference and other nasty things in /proc/net/(tcp|udp)[6]

Commits f40c81 ([NETNS][IPV4] tcp - make proc handle the network
namespaces) and a91275 ([NETNS][IPV6] udp - make proc handle the
network namespace) both introduced bad checks on sockets and tw
buckets to belong to proper net namespace.

I.e. when checking for socket to belong to given net and family the

do {
sk = sk_next(sk);
} while (sk && sk->sk_net != net && sk->sk_family != family);

constructions were used. This is wrong, since as soon as the
sk->sk_net fits the net the socket is immediately returned, even if it
belongs to other family.

As the result four /proc/net/(udp|tcp)[6] entries show wrong info.
The udp6 entry even oopses when dereferencing inet6_sk(sk) pointer:

static void udp6_sock_seq_show(struct seq_file *seq, struct sock *sp, int bucket)
{
...
        struct ipv6_pinfo *np = inet6_sk(sp);
...

        dest  = &np->daddr; /* will be NULL for AF_INET sockets */
...
seq_printf(...
           dest->s6_addr32[0], dest->s6_addr32[1],
                   dest->s6_addr32[2], dest->s6_addr32[3],
...

Fix it by converting && to ||.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Acked-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years agonetlink: make socket filters work on netlink
Stephen Hemminger [Fri, 21 Mar 2008 22:46:12 +0000 (15:46 -0700)]
netlink: make socket filters work on netlink

Make socket filters work for netlink unicast and notifications.
This is useful for applications like Zebra that get overrun with
messages that are then ignored.

Note: netlink messages are in host byte order, but packet filter
state machine operations are done as network byte order.

Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[SCTP]: Fix build warnings with IPV6 disabled.
David S. Miller [Fri, 21 Mar 2008 22:40:47 +0000 (15:40 -0700)]
[SCTP]: Fix build warnings with IPV6 disabled.

Introduced by 270637abff0cdf848b910b9f96ad342e1da61c66
("[SCTP]: Fix a race between module load and protosw access")

Reported by Gabriel C:

In file included from net/sctp/sm_statetable.c:50:
include/net/sctp/sctp.h: In function 'sctp_v6_pf_init':
include/net/sctp/sctp.h:392: warning: 'return' with a value, in function returning void
In file included from net/sctp/sm_statefuns.c:62:
include/net/sctp/sctp.h: In function 'sctp_v6_pf_init':
include/net/sctp/sctp.h:392: warning: 'return' with a value, in function returning void
 ...

Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IPV4]: Fix null dereference in ip_defrag
Phil Oester [Fri, 21 Mar 2008 22:01:50 +0000 (15:01 -0700)]
[IPV4]: Fix null dereference in ip_defrag

Been seeing occasional panics in my testing of 2.6.25-rc in ip_defrag.
Offending line in ip_defrag is here:

net = skb->dev->nd_net

where dev is NULL.  Bisected the problem down to commit
ac18e7509e7df327e30d6e073a787d922eaf211d ([NETNS][FRAGS]: Make the
inet_frag_queue lookup work in namespaces).

Below patch (idea from Patrick McHardy) fixes the problem for me.

Signed-off-by: Phil Oester <kernel@linuxace.com>
Acked-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETNS][IPV6] tcp6 - make proc per namespace
Daniel Lezcano [Fri, 21 Mar 2008 11:14:45 +0000 (04:14 -0700)]
[NETNS][IPV6] tcp6 - make proc per namespace

Make the proc for tcp6 to be per namespace.

Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETNS][IPV6] udp6 - make proc per namespace
Daniel Lezcano [Fri, 21 Mar 2008 11:14:17 +0000 (04:14 -0700)]
[NETNS][IPV6] udp6 - make proc per namespace

The proc init/exit functions take a new network namespace parameter in
order to register/unregister /proc/net/udp6 for a namespace.

Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETNS][IPV4] tcp - make proc handle the network namespaces
Daniel Lezcano [Fri, 21 Mar 2008 11:13:54 +0000 (04:13 -0700)]
[NETNS][IPV4] tcp - make proc handle the network namespaces

This patch, like udp proc, makes the proc functions to take care of
which namespace the socket belongs.

Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETNS][IPV6] tcp - assign the netns for timewait sockets
Daniel Lezcano [Fri, 21 Mar 2008 11:12:54 +0000 (04:12 -0700)]
[NETNS][IPV6] tcp - assign the netns for timewait sockets

Copy the network namespace from the socket to the timewait socket.

Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETNS][IPV6] udp - make proc handle the network namespace
Daniel Lezcano [Fri, 21 Mar 2008 11:11:58 +0000 (04:11 -0700)]
[NETNS][IPV6] udp - make proc handle the network namespace

This patch makes the common udp proc functions to take care of which
socket they should show taking into account the namespace it belongs.

Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETNS][IPV6] mcast - fix compilation warning when procfs is not compiled in
Daniel Lezcano [Fri, 21 Mar 2008 11:10:53 +0000 (04:10 -0700)]
[NETNS][IPV6] mcast - fix compilation warning when procfs is not compiled in

When CONFIG_PROC_FS=no, the out_sock_create label is not used because
the code using it is disabled and that leads to a warning at compile
time.

This patch fix that by making a specific function to initialize proc
for igmp6, and remove the annoying CONFIG_PROC_FS sections in
init/exit function.

Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NET]: Add per-connection option to set max TSO frame size
Peter P Waskiewicz Jr [Fri, 21 Mar 2008 10:43:19 +0000 (03:43 -0700)]
[NET]: Add per-connection option to set max TSO frame size

Update: My mailer ate one of Jarek's feedback mails...  Fixed the
parameter in netif_set_gso_max_size() to be u32, not u16.  Fixed the
whitespace issue due to a patch import botch.  Changed the types from
u32 to unsigned int to be more consistent with other variables in the
area.  Also brought the patch up to the latest net-2.6.26 tree.

Update: Made gso_max_size container 32 bits, not 16.  Moved the
location of gso_max_size within netdev to be less hotpath.  Made more
consistent names between the sock and netdev layers, and added a
define for the max GSO size.

Update: Respun for net-2.6.26 tree.

Update: changed max_gso_frame_size and sk_gso_max_size from signed to
unsigned - thanks Stephen!

This patch adds the ability for device drivers to control the size of
the TSO frames being sent to them, per TCP connection.  By setting the
netdevice's gso_max_size value, the socket layer will set the GSO
frame size based on that value.  This will propogate into the TCP
layer, and send TSO's of that size to the hardware.

This can be desirable to help tune the bursty nature of TSO on a
per-adapter basis, where one may have 1 GbE and 10 GbE devices
coexisting in a system, one running multiqueue and the other not, etc.

This can also be desirable for devices that cannot support full 64 KB
TSO's, but still want to benefit from some level of segmentation
offloading.

Signed-off-by: Peter P Waskiewicz Jr <peter.p.waskiewicz.jr@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years agoMerge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6
David S. Miller [Fri, 21 Mar 2008 10:42:24 +0000 (03:42 -0700)]
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6

16 years ago[NET] ifb: set separate lockdep classes for queue locks
Jarek Poplawski [Fri, 21 Mar 2008 00:05:13 +0000 (17:05 -0700)]
[NET] ifb: set separate lockdep classes for queue locks

[   10.536424] =======================================================
[   10.536424] [ INFO: possible circular locking dependency detected ]
[   10.536424] 2.6.25-rc3-devel #3
[   10.536424] -------------------------------------------------------
[   10.536424] swapper/0 is trying to acquire lock:
[   10.536424]  (&dev->queue_lock){-+..}, at: [<c0299b4a>]
dev_queue_xmit+0x175/0x2f3
[   10.536424]
[   10.536424] but task is already holding lock:
[   10.536424]  (&p->tcfc_lock){-+..}, at: [<f8a67154>] tcf_mirred+0x20/0x178
[act_mirred]
[   10.536424]
[   10.536424] which lock already depends on the new lock.

lockdep warns of locking order while using ifb with sch_ingress and
act_mirred: ingress_lock, tcfc_lock, queue_lock (usually queue_lock
is at the beginning). This patch is only to tell lockdep that ifb is
a different device (e.g. from eth) and has its own pair of queue
locks. (This warning is a false-positive in common scenario of using
ifb; yet there are possible situations, when this order could be
dangerous; lockdep should warn in such a case.) (With suggestions by
David S. Miller)

Reported-and-tested-by: Denys Fedoryshchenko <denys@visp.net.lb>
Signed-off-by: Jarek Poplawski <jarkao2@gmail.com>
Acked-by: Jamal Hadi Salim <hadi@cyberus.ca>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IPV6] KCONFIG: Fix description about IPV6_TUNNEL.
YOSHIFUJI Hideaki [Thu, 20 Mar 2008 23:13:58 +0000 (16:13 -0700)]
[IPV6] KCONFIG: Fix description about IPV6_TUNNEL.

Based on notice from "Colin" <colins@sjtu.edu.cn>.

Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[TCP]: Fix shrinking windows with window scaling
Patrick McHardy [Thu, 20 Mar 2008 23:11:27 +0000 (16:11 -0700)]
[TCP]: Fix shrinking windows with window scaling

When selecting a new window, tcp_select_window() tries not to shrink
the offered window by using the maximum of the remaining offered window
size and the newly calculated window size. The newly calculated window
size is always a multiple of the window scaling factor, the remaining
window size however might not be since it depends on rcv_wup/rcv_nxt.
This means we're effectively shrinking the window when scaling it down.

The dump below shows the problem (scaling factor 2^7):

- Window size of 557 (71296) is advertised, up to 3111907257:

IP 172.2.2.3.33000 > 172.2.2.2.33000: . ack 3111835961 win 557 <...>

- New window size of 514 (65792) is advertised, up to 3111907217, 40 bytes
  below the last end:

IP 172.2.2.3.33000 > 172.2.2.2.33000: . 3113575668:3113577116(1448) ack 3111841425 win 514 <...>

The number 40 results from downscaling the remaining window:

3111907257 - 3111841425 = 65832
65832 / 2^7 = 514
65832 % 2^7 = 40

If the sender uses up the entire window before it is shrunk, this can have
chaotic effects on the connection. When sending ACKs, tcp_acceptable_seq()
will notice that the window has been shrunk since tcp_wnd_end() is before
tp->snd_nxt, which makes it choose tcp_wnd_end() as sequence number.
This will fail the receivers checks in tcp_sequence() however since it
is before it's tp->rcv_wup, making it respond with a dupack.

If both sides are in this condition, this leads to a constant flood of
ACKs until the connection times out.

Make sure the window is never shrunk by aligning the remaining window to
the window scaling factor.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years agonetpoll: zap_completion_queue: adjust skb->users counter
Jarek Poplawski [Thu, 20 Mar 2008 23:07:27 +0000 (16:07 -0700)]
netpoll: zap_completion_queue: adjust skb->users counter

zap_completion_queue() retrieves skbs from completion_queue where they have
zero skb->users counter.  Before dev_kfree_skb_any() it should be non-zero
yet, so it's increased now.

Reported-and-tested-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Jarek Poplawski <jarkao2@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years agobridge: use time_before() in br_fdb_cleanup()
Fabio Checconi [Thu, 20 Mar 2008 22:54:58 +0000 (15:54 -0700)]
bridge: use time_before() in br_fdb_cleanup()

In br_fdb_cleanup() next_timer and this_timer are in jiffies, so they
should be compared using the time_after() macro.

Signed-off-by: Fabio Checconi <fabio@gandalf.sssup.it>
Signed-off-by: Stephen Hemminger <stephen.hemminger@vyatta.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[TG3]: Fix build warning on sparc32.
David S. Miller [Thu, 20 Mar 2008 22:53:15 +0000 (15:53 -0700)]
[TG3]: Fix build warning on sparc32.

Sparc MAC address support should be protected consistently
with CONFIG_SPARC, but there was a stray CONFIG_SPARC64
case.

Bump driver version and release date.

Reported by Andrew Morton.

Signed-off-by: David S. Miller <davem@davemloft.net>
16 years agoMAINTAINERS: bluez-devel is subscribers-only
Pavel Machek [Thu, 20 Mar 2008 22:41:02 +0000 (15:41 -0700)]
MAINTAINERS: bluez-devel is subscribers-only

Signed-off-by: Pavel Machek <pavel@suse.cz>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years agoaudit: netlink socket can be auto-bound to pid other than current->pid (v2)
Pavel Emelyanov [Thu, 20 Mar 2008 22:39:41 +0000 (15:39 -0700)]
audit: netlink socket can be auto-bound to pid other than current->pid (v2)

From: Pavel Emelyanov <xemul@openvz.org>

This patch is based on the one from Thomas.

The kauditd_thread() calls the netlink_unicast() and passes
the audit_pid to it. The audit_pid, in turn, is received from
the user space and the tool (I've checked the audit v1.6.9)
uses getpid() to pass one in the kernel. Besides, this tool
doesn't bind the netlink socket to this id, but simply creates
it allowing the kernel to auto-bind one.

That's the preamble.

The problem is that netlink_autobind() _does_not_ guarantees
that the socket will be auto-bound to the current pid. Instead
it uses the current pid as a hint to start looking for a free
id. So, in case of conflict, the audit messages can be sent
to a wrong socket. This can happen (it's unlikely, but can be)
in case some task opens more than one netlink sockets and then
the audit one starts - in this case the audit's pid can be busy
and its socket will be bound to another id.

The proposal is to introduce an audit_nlk_pid in audit subsys,
that will point to the netlink socket to send packets to. It
will most often be equal to audit_pid. The socket id can be
got from the skb's netlink CB right in the audit_receive_msg.
The audit_nlk_pid reset to 0 is not required, since all the
decisions are taken based on audit_pid value only.

Later, if the audit tools will bind the socket themselves, the
kernel will have to provide a way to setup the audit_nlk_pid
as well.

A good side effect of this patch is that audit_pid can later
be converted to struct pid, as it is not longer safe to use
pid_t-s in the presence of pid namespaces. But audit code still
uses the tgid from task_struct in the audit_signal_info and in
the audit_filter_syscall.

Signed-off-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Acked-by: Eric Paris <eparis@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NET]: Fix permissions of /proc/net
Andre Noll [Thu, 20 Mar 2008 22:27:28 +0000 (15:27 -0700)]
[NET]: Fix permissions of /proc/net

commit e9720ac ([NET]: Make /proc/net a symlink on /proc/self/net (v3))
broke ganglia and probably other applications that read /proc/net/dev.

This is due to the change of permissions of /proc/net that was
introduced in that commit.

Before: dr-xr-xr-x 5 root root 0 Mar 19 11:30 /proc/net
After: dr-xr--r-- 5 root root 0 Mar 19 11:29 /proc/self/net

This patch restores the permissions to the old value which makes
ganglia happy again.

Pavel Emelyanov says:

This also broke the postfix, as it was reported in bug #10286
and described in detail by Benjamin.

Signed-off-by: Andre Noll <maan@systemlinux.org>
Acked-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[SCTP]: Fix a race between module load and protosw access
Vlad Yasevich [Thu, 20 Mar 2008 22:17:14 +0000 (15:17 -0700)]
[SCTP]: Fix a race between module load and protosw access

There is a race is SCTP between the loading of the module
and the access by the socket layer to the protocol functions.
In particular, a list of addresss that SCTP maintains is
not initialized prior to the registration with the protosw.
Thus it is possible for a user application to gain access
to SCTP functions before everything has been initialized.
The problem shows up as odd crashes during connection
initializtion when we try to access the SCTP address list.

The solution is to refactor how we do registration and
initialize the lists prior to registering with the protosw.
Care must be taken since the address list initialization
depends on some other pieces of SCTP initialization.  Also
the clean-up in case of failure now also needs to be refactored.

Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Acked-by: Sridhar Samudrala <sri@us.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: ipt_recent: sanity check hit count
Daniel Hokka Zakrisson [Thu, 20 Mar 2008 22:07:10 +0000 (15:07 -0700)]
[NETFILTER]: ipt_recent: sanity check hit count

If a rule using ipt_recent is created with a hit count greater than
ip_pkt_list_tot, the rule will never match as it cannot keep track
of enough timestamps. This patch makes ipt_recent refuse to create such
rules.

With ip_pkt_list_tot's default value of 20, the following can be used
to reproduce the problem.

nc -u -l 0.0.0.0 1234 &
for i in `seq 1 100`; do echo $i | nc -w 1 -u 127.0.0.1 1234; done

This limits it to 20 packets:
iptables -A OUTPUT -p udp --dport 1234 -m recent --set --name test \
         --rsource
iptables -A OUTPUT -p udp --dport 1234 -m recent --update --seconds \
         60 --hitcount 20 --name test --rsource -j DROP

While this is unlimited:
iptables -A OUTPUT -p udp --dport 1234 -m recent --set --name test \
         --rsource
iptables -A OUTPUT -p udp --dport 1234 -m recent --update --seconds \
         60 --hitcount 21 --name test --rsource -j DROP

With the patch the second rule-set will throw an EINVAL.

Reported-by: Sean Kennedy <skennedy@vcn.com>
Signed-off-by: Daniel Hokka Zakrisson <daniel@hozac.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: nf_conntrack_h323: logical-bitwise & confusion in process_setup()
Roel Kluin [Thu, 20 Mar 2008 22:06:23 +0000 (15:06 -0700)]
[NETFILTER]: nf_conntrack_h323: logical-bitwise & confusion in process_setup()

logical-bitwise & confusion

Signed-off-by: Roel Kluin <12o3l@tiscali.nl>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[RT2X00] drivers/net/wireless/rt2x00/rt2x00dev.c: remove dead code, fix warning
Andrew Morton [Wed, 19 Mar 2008 00:15:58 +0000 (17:15 -0700)]
[RT2X00] drivers/net/wireless/rt2x00/rt2x00dev.c: remove dead code, fix warning

Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NET]: Add debugging names to __RW_LOCK_UNLOCKED macros.
Robert P. J. Day [Tue, 18 Mar 2008 07:59:23 +0000 (00:59 -0700)]
[NET]: Add debugging names to __RW_LOCK_UNLOCKED macros.

Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years agoMerge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6
David S. Miller [Tue, 18 Mar 2008 07:37:55 +0000 (00:37 -0700)]
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6

Conflicts:

drivers/net/wireless/rt2x00/rt2x00dev.c
net/8021q/vlan_dev.c

16 years agoMerge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6
David S. Miller [Tue, 18 Mar 2008 06:44:31 +0000 (23:44 -0700)]
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6

16 years ago[IPV4]: esp_output() misannotations
Al Viro [Tue, 18 Mar 2008 05:50:23 +0000 (22:50 -0700)]
[IPV4]: esp_output() misannotations

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[8021Q]: vlan_dev misannotations
Al Viro [Tue, 18 Mar 2008 05:49:48 +0000 (22:49 -0700)]
[8021Q]: vlan_dev misannotations

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years agoxfrm: ->eth_proto is __be16
Al Viro [Tue, 18 Mar 2008 05:49:16 +0000 (22:49 -0700)]
xfrm: ->eth_proto is __be16

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IPV4]: ipv4_is_lbcast() misannotations
Al Viro [Tue, 18 Mar 2008 05:48:46 +0000 (22:48 -0700)]
[IPV4]: ipv4_is_lbcast() misannotations

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[SUNRPC]: net/* NULL noise
Al Viro [Tue, 18 Mar 2008 05:48:03 +0000 (22:48 -0700)]
[SUNRPC]: net/* NULL noise

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[SCTP]: fix misannotated __sctp_rcv_asconf_lookup()
Al Viro [Tue, 18 Mar 2008 05:47:32 +0000 (22:47 -0700)]
[SCTP]: fix misannotated __sctp_rcv_asconf_lookup()

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[PKT_SCHED]: annotate cls_u32
Al Viro [Tue, 18 Mar 2008 05:46:46 +0000 (22:46 -0700)]
[PKT_SCHED]: annotate cls_u32

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NET] endianness noise: INADDR_ANY
Al Viro [Tue, 18 Mar 2008 05:44:53 +0000 (22:44 -0700)]
[NET] endianness noise: INADDR_ANY

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years agoMerge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wirel...
David S. Miller [Mon, 17 Mar 2008 19:06:33 +0000 (12:06 -0700)]
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-2.6