Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
* master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6: (23 commits)
[SCTP]: Fix compiler warning.
[IP] TUNNEL: Fix to be built with user application.
[IPV6]: Fixed the size of the netlink message notified by inet6_rt_notify().
[TCP]: rare bad TCP checksum with 2.6.19
[NET]: Process include/linux/if_{addr,link}.h with unifdef
[NETFILTER]: Fix iptables ABI breakage on (at least) CRIS
[IRDA] vlsi_ir.{h,c}: remove kernel 2.4 code
[TCP]: skb is unexpectedly freed.
[IPSEC]: Policy list disorder
[IrDA]: Removed incorrect IRDA_ASSERT()
[IrDA]: irda-usb TX path optimization (was Re: IrDA spams logfiles - since 2.6.19)
[X.25]: Add missing sock_put in x25_receive_data
[SCTP]: Fix SACK sequence during shutdown
[SCTP]: Correctly handle unexpected INIT-ACK chunk.
[SCTP]: Verify some mandatory parameters.
[SCTP]: Set correct error cause value for missing parameters
[NETFILTER]: fix xt_state compile failure
[NETFILTER]: ctnetlink: fix leak in ctnetlink_create_conntrack error path
[SELINUX]: increment flow cache genid
[IPV6] MCAST: Fix joining all-node multicast group on device initialization.
...
+104
-133
+20
-25
drivers/net/irda/irda-usb.c
+20
-25
drivers/net/irda/irda-usb.c
···
441
441
goto drop;
442
442
}
443
443
444
-
/* Make sure there is room for IrDA-USB header. The actual
445
-
* allocation will be done lower in skb_push().
446
-
* Also, we don't use directly skb_cow(), because it require
447
-
* headroom >= 16, which force unnecessary copies - Jean II */
448
-
if (skb_headroom(skb) < self->header_length) {
449
-
IRDA_DEBUG(0, "%s(), Insuficient skb headroom.\n", __FUNCTION__);
450
-
if (skb_cow(skb, self->header_length)) {
451
-
IRDA_WARNING("%s(), failed skb_cow() !!!\n", __FUNCTION__);
452
-
goto drop;
453
-
}
454
-
}
444
+
memcpy(self->tx_buff + self->header_length, skb->data, skb->len);
455
445
456
446
/* Change setting for next frame */
457
-
458
447
if (self->capability & IUC_STIR421X) {
459
448
__u8 turnaround_time;
460
-
__u8* frame;
449
+
__u8* frame = self->tx_buff;
461
450
turnaround_time = get_turnaround_time( skb );
462
-
frame= skb_push(skb, self->header_length);
463
451
irda_usb_build_header(self, frame, 0);
464
452
frame[2] = turnaround_time;
465
453
if ((skb->len != 0) &&
···
460
472
frame[1] = 0;
461
473
}
462
474
} else {
463
-
irda_usb_build_header(self, skb_push(skb, self->header_length), 0);
475
+
irda_usb_build_header(self, self->tx_buff, 0);
464
476
}
465
477
466
478
/* FIXME: Make macro out of this one */
467
479
((struct irda_skb_cb *)skb->cb)->context = self;
468
480
469
-
usb_fill_bulk_urb(urb, self->usbdev,
481
+
usb_fill_bulk_urb(urb, self->usbdev,
470
482
usb_sndbulkpipe(self->usbdev, self->bulk_out_ep),
471
-
skb->data, IRDA_SKB_MAX_MTU,
483
+
self->tx_buff, skb->len + self->header_length,
472
484
write_bulk_callback, skb);
473
-
urb->transfer_buffer_length = skb->len;
485
+
474
486
/* This flag (URB_ZERO_PACKET) indicates that what we send is not
475
487
* a continuous stream of data but separate packets.
476
488
* In this case, the USB layer will insert an empty USB frame (TD)
···
1443
1455
/* Remove the speed buffer */
1444
1456
kfree(self->speed_buff);
1445
1457
self->speed_buff = NULL;
1458
+
1459
+
kfree(self->tx_buff);
1460
+
self->tx_buff = NULL;
1446
1461
}
1447
1462
1448
1463
/********************** USB CONFIG SUBROUTINES **********************/
···
1515
1524
1516
1525
IRDA_DEBUG(0, "%s(), And our endpoints are : in=%02X, out=%02X (%d), int=%02X\n",
1517
1526
__FUNCTION__, self->bulk_in_ep, self->bulk_out_ep, self->bulk_out_mtu, self->bulk_int_ep);
1518
-
/* Should be 8, 16, 32 or 64 bytes */
1519
-
IRDA_ASSERT(self->bulk_out_mtu == 64, ;);
1520
1527
1521
1528
return((self->bulk_in_ep != 0) && (self->bulk_out_ep != 0));
1522
1529
}
···
1742
1753
1743
1754
memset(self->speed_buff, 0, IRDA_USB_SPEED_MTU);
1744
1755
1756
+
self->tx_buff = kzalloc(IRDA_SKB_MAX_MTU + self->header_length,
1757
+
GFP_KERNEL);
1758
+
if (self->tx_buff == NULL)
1759
+
goto err_out_4;
1760
+
1745
1761
ret = irda_usb_open(self);
1746
1762
if (ret)
1747
-
goto err_out_4;
1763
+
goto err_out_5;
1748
1764
1749
1765
IRDA_MESSAGE("IrDA: Registered device %s\n", net->name);
1750
1766
usb_set_intfdata(intf, self);
···
1760
1766
self->needspatch = (ret < 0);
1761
1767
if (self->needspatch) {
1762
1768
IRDA_ERROR("STIR421X: Couldn't upload patch\n");
1763
-
goto err_out_5;
1769
+
goto err_out_6;
1764
1770
}
1765
1771
1766
1772
/* replace IrDA class descriptor with what patched device is now reporting */
1767
1773
irda_desc = irda_usb_find_class_desc (self->usbintf);
1768
1774
if (irda_desc == NULL) {
1769
1775
ret = -ENODEV;
1770
-
goto err_out_5;
1776
+
goto err_out_6;
1771
1777
}
1772
1778
if (self->irda_desc)
1773
1779
kfree (self->irda_desc);
···
1776
1782
}
1777
1783
1778
1784
return 0;
1779
-
1780
-
err_out_5:
1785
+
err_out_6:
1781
1786
unregister_netdev(self->netdev);
1787
+
err_out_5:
1788
+
kfree(self->tx_buff);
1782
1789
err_out_4:
1783
1790
kfree(self->speed_buff);
1784
1791
err_out_3:
+1
drivers/net/irda/irda-usb.h
+1
drivers/net/irda/irda-usb.h
+8
-8
drivers/net/irda/vlsi_ir.c
+8
-8
drivers/net/irda/vlsi_ir.c
···
166
166
unsigned i;
167
167
168
168
seq_printf(seq, "\n%s (vid/did: %04x/%04x)\n",
169
-
PCIDEV_NAME(pdev), (int)pdev->vendor, (int)pdev->device);
169
+
pci_name(pdev), (int)pdev->vendor, (int)pdev->device);
170
170
seq_printf(seq, "pci-power-state: %u\n", (unsigned) pdev->current_state);
171
171
seq_printf(seq, "resources: irq=%u / io=0x%04x / dma_mask=0x%016Lx\n",
172
172
pdev->irq, (unsigned)pci_resource_start(pdev, 0), (unsigned long long)pdev->dma_mask);
···
1401
1401
1402
1402
if (vlsi_start_hw(idev))
1403
1403
IRDA_ERROR("%s: failed to restart hw - %s(%s) unusable!\n",
1404
-
__FUNCTION__, PCIDEV_NAME(idev->pdev), ndev->name);
1404
+
__FUNCTION__, pci_name(idev->pdev), ndev->name);
1405
1405
else
1406
1406
netif_start_queue(ndev);
1407
1407
}
···
1643
1643
pdev->current_state = 0; /* hw must be running now */
1644
1644
1645
1645
IRDA_MESSAGE("%s: IrDA PCI controller %s detected\n",
1646
-
drivername, PCIDEV_NAME(pdev));
1646
+
drivername, pci_name(pdev));
1647
1647
1648
1648
if ( !pci_resource_start(pdev,0)
1649
1649
|| !(pci_resource_flags(pdev,0) & IORESOURCE_IO) ) {
···
1728
1728
1729
1729
pci_set_drvdata(pdev, NULL);
1730
1730
1731
-
IRDA_MESSAGE("%s: %s removed\n", drivername, PCIDEV_NAME(pdev));
1731
+
IRDA_MESSAGE("%s: %s removed\n", drivername, pci_name(pdev));
1732
1732
}
1733
1733
1734
1734
#ifdef CONFIG_PM
···
1748
1748
1749
1749
if (!ndev) {
1750
1750
IRDA_ERROR("%s - %s: no netdevice \n",
1751
-
__FUNCTION__, PCIDEV_NAME(pdev));
1751
+
__FUNCTION__, pci_name(pdev));
1752
1752
return 0;
1753
1753
}
1754
1754
idev = ndev->priv;
···
1759
1759
pdev->current_state = state.event;
1760
1760
}
1761
1761
else
1762
-
IRDA_ERROR("%s - %s: invalid suspend request %u -> %u\n", __FUNCTION__, PCIDEV_NAME(pdev), pdev->current_state, state.event);
1762
+
IRDA_ERROR("%s - %s: invalid suspend request %u -> %u\n", __FUNCTION__, pci_name(pdev), pdev->current_state, state.event);
1763
1763
up(&idev->sem);
1764
1764
return 0;
1765
1765
}
···
1787
1787
1788
1788
if (!ndev) {
1789
1789
IRDA_ERROR("%s - %s: no netdevice \n",
1790
-
__FUNCTION__, PCIDEV_NAME(pdev));
1790
+
__FUNCTION__, pci_name(pdev));
1791
1791
return 0;
1792
1792
}
1793
1793
idev = ndev->priv;
···
1795
1795
if (pdev->current_state == 0) {
1796
1796
up(&idev->sem);
1797
1797
IRDA_WARNING("%s - %s: already resumed\n",
1798
-
__FUNCTION__, PCIDEV_NAME(pdev));
1798
+
__FUNCTION__, pci_name(pdev));
1799
1799
return 0;
1800
1800
}
1801
1801
-33
drivers/net/irda/vlsi_ir.h
-33
drivers/net/irda/vlsi_ir.h
···
41
41
#define PCI_CLASS_SUBCLASS_MASK 0xffff
42
42
#endif
43
43
44
-
/* in recent 2.5 interrupt handlers have non-void return value */
45
-
#ifndef IRQ_RETVAL
46
-
typedef void irqreturn_t;
47
-
#define IRQ_NONE
48
-
#define IRQ_HANDLED
49
-
#define IRQ_RETVAL(x)
50
-
#endif
51
-
52
-
/* some stuff need to check kernelversion. Not all 2.5 stuff was present
53
-
* in early 2.5.x - the test is merely to separate 2.4 from 2.5
54
-
*/
55
-
#include <linux/version.h>
56
-
57
-
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,5,0)
58
-
59
-
/* PDE() introduced in 2.5.4 */
60
-
#ifdef CONFIG_PROC_FS
61
-
#define PDE(inode) ((inode)->i_private)
62
-
#endif
63
-
64
-
/* irda crc16 calculation exported in 2.5.42 */
65
-
#define irda_calc_crc16(fcs,buf,len) (GOOD_FCS)
66
-
67
-
/* we use this for unified pci device name access */
68
-
#define PCIDEV_NAME(pdev) ((pdev)->name)
69
-
70
-
#else /* 2.5 or later */
71
-
72
-
/* whatever we get from the associated struct device - bus:slot:dev.fn id */
73
-
#define PCIDEV_NAME(pdev) (pci_name(pdev))
74
-
75
-
#endif
76
-
77
44
/* ================================================================ */
78
45
79
46
/* non-standard PCI registers */
+2
-2
include/linux/Kbuild
+2
-2
include/linux/Kbuild
···
69
69
header-y += i2c-dev.h
70
70
header-y += i8k.h
71
71
header-y += icmp.h
72
-
header-y += if_addr.h
73
72
header-y += if_arcnet.h
74
73
header-y += if_arp.h
75
74
header-y += if_bonding.h
···
78
79
header-y += if.h
79
80
header-y += if_hippi.h
80
81
header-y += if_infiniband.h
81
-
header-y += if_link.h
82
82
header-y += if_packet.h
83
83
header-y += if_plip.h
84
84
header-y += if_ppp.h
···
211
213
unifdef-y += i2c.h
212
214
unifdef-y += i2o-dev.h
213
215
unifdef-y += icmpv6.h
216
+
unifdef-y += if_addr.h
214
217
unifdef-y += if_bridge.h
215
218
unifdef-y += if_ec.h
216
219
unifdef-y += if_eql.h
···
219
220
unifdef-y += if_fddi.h
220
221
unifdef-y += if_frad.h
221
222
unifdef-y += if_ltalk.h
223
+
unifdef-y += if_link.h
222
224
unifdef-y += if_pppox.h
223
225
unifdef-y += if_shaper.h
224
226
unifdef-y += if_tr.h
+2
include/linux/if_tunnel.h
+2
include/linux/if_tunnel.h
+1
-1
include/linux/netfilter_ipv4/ip_tables.h
+1
-1
include/linux/netfilter_ipv4/ip_tables.h
···
28
28
#include <linux/netfilter/x_tables.h>
29
29
30
30
#define IPT_FUNCTION_MAXNAMELEN XT_FUNCTION_MAXNAMELEN
31
-
#define IPT_TABLE_MAXNAMELEN XT_FUNCTION_MAXNAMELEN
31
+
#define IPT_TABLE_MAXNAMELEN XT_TABLE_MAXNAMELEN
32
32
#define ipt_match xt_match
33
33
#define ipt_target xt_target
34
34
#define ipt_table xt_table
+1
include/net/netfilter/nf_conntrack_compat.h
+1
include/net/netfilter/nf_conntrack_compat.h
+1
include/net/sctp/sm.h
+1
include/net/sctp/sm.h
···
134
134
sctp_state_fn_t sctp_sf_discard_chunk;
135
135
sctp_state_fn_t sctp_sf_do_5_2_1_siminit;
136
136
sctp_state_fn_t sctp_sf_do_5_2_2_dupinit;
137
+
sctp_state_fn_t sctp_sf_do_5_2_3_initack;
137
138
sctp_state_fn_t sctp_sf_do_5_2_4_dupcook;
138
139
sctp_state_fn_t sctp_sf_unk_chunk;
139
140
sctp_state_fn_t sctp_sf_do_8_5_1_E_sa;
+8
-2
net/bluetooth/l2cap.c
+8
-2
net/bluetooth/l2cap.c
···
585
585
goto done;
586
586
}
587
587
588
+
if (la->l2_psm > 0 && btohs(la->l2_psm) < 0x1001 &&
589
+
!capable(CAP_NET_BIND_SERVICE)) {
590
+
err = -EACCES;
591
+
goto done;
592
+
}
593
+
588
594
write_lock_bh(&l2cap_sk_list.lock);
589
595
590
596
if (la->l2_psm && __l2cap_get_sock_by_addr(la->l2_psm, &la->l2_bdaddr)) {
···
2156
2150
2157
2151
str += sprintf(str, "%s %s %d %d 0x%4.4x 0x%4.4x %d %d 0x%x\n",
2158
2152
batostr(&bt_sk(sk)->src), batostr(&bt_sk(sk)->dst),
2159
-
sk->sk_state, pi->psm, pi->scid, pi->dcid, pi->imtu,
2160
-
pi->omtu, pi->link_mode);
2153
+
sk->sk_state, btohs(pi->psm), pi->scid, pi->dcid,
2154
+
pi->imtu, pi->omtu, pi->link_mode);
2161
2155
}
2162
2156
2163
2157
read_unlock_bh(&l2cap_sk_list.lock);
+8
-14
net/core/flow.c
+8
-14
net/core/flow.c
···
231
231
232
232
err = resolver(key, family, dir, &obj, &obj_ref);
233
233
234
-
if (fle) {
235
-
if (err) {
236
-
/* Force security policy check on next lookup */
237
-
*head = fle->next;
238
-
flow_entry_kill(cpu, fle);
239
-
} else {
240
-
fle->genid = atomic_read(&flow_cache_genid);
234
+
if (fle && !err) {
235
+
fle->genid = atomic_read(&flow_cache_genid);
241
236
242
-
if (fle->object)
243
-
atomic_dec(fle->object_ref);
237
+
if (fle->object)
238
+
atomic_dec(fle->object_ref);
244
239
245
-
fle->object = obj;
246
-
fle->object_ref = obj_ref;
247
-
if (obj)
248
-
atomic_inc(fle->object_ref);
249
-
}
240
+
fle->object = obj;
241
+
fle->object_ref = obj_ref;
242
+
if (obj)
243
+
atomic_inc(fle->object_ref);
250
244
}
251
245
local_bh_enable();
252
246
+1
-1
net/ipv4/netfilter/ip_conntrack_netlink.c
+1
-1
net/ipv4/netfilter/ip_conntrack_netlink.c
+4
-2
net/ipv4/tcp_input.c
+4
-2
net/ipv4/tcp_input.c
···
4420
4420
* But, this leaves one open to an easy denial of
4421
4421
* service attack, and SYN cookies can't defend
4422
4422
* against this problem. So, we drop the data
4423
-
* in the interest of security over speed.
4423
+
* in the interest of security over speed unless
4424
+
* it's still in use.
4424
4425
*/
4425
-
goto discard;
4426
+
kfree_skb(skb);
4427
+
return 0;
4426
4428
}
4427
4429
goto discard;
4428
4430
+2
-1
net/ipv4/tcp_output.c
+2
-1
net/ipv4/tcp_output.c
···
1650
1650
1651
1651
memcpy(skb_put(skb, next_skb_size), next_skb->data, next_skb_size);
1652
1652
1653
-
skb->ip_summed = next_skb->ip_summed;
1653
+
if (next_skb->ip_summed == CHECKSUM_PARTIAL)
1654
+
skb->ip_summed = CHECKSUM_PARTIAL;
1654
1655
1655
1656
if (skb->ip_summed != CHECKSUM_PARTIAL)
1656
1657
skb->csum = csum_block_add(skb->csum, next_skb->csum, skb_size);
+6
net/ipv6/addrconf.c
+6
net/ipv6/addrconf.c
···
341
341
static struct inet6_dev * ipv6_add_dev(struct net_device *dev)
342
342
{
343
343
struct inet6_dev *ndev;
344
+
struct in6_addr maddr;
344
345
345
346
ASSERT_RTNL();
346
347
···
426
425
#endif
427
426
/* protected by rtnl_lock */
428
427
rcu_assign_pointer(dev->ip6_ptr, ndev);
428
+
429
+
/* Join all-node multicast group */
430
+
ipv6_addr_all_nodes(&maddr);
431
+
ipv6_dev_mc_inc(dev, &maddr);
432
+
429
433
return ndev;
430
434
}
431
435
-6
net/ipv6/mcast.c
-6
net/ipv6/mcast.c
···
2258
2258
2259
2259
void ipv6_mc_init_dev(struct inet6_dev *idev)
2260
2260
{
2261
-
struct in6_addr maddr;
2262
-
2263
2261
write_lock_bh(&idev->lock);
2264
2262
rwlock_init(&idev->mc_lock);
2265
2263
idev->mc_gq_running = 0;
···
2273
2275
idev->mc_maxdelay = IGMP6_UNSOLICITED_IVAL;
2274
2276
idev->mc_v1_seen = 0;
2275
2277
write_unlock_bh(&idev->lock);
2276
-
2277
-
/* Add all-nodes address. */
2278
-
ipv6_addr_all_nodes(&maddr);
2279
-
ipv6_dev_mc_inc(idev->dev, &maddr);
2280
2278
}
2281
2279
2282
2280
/*
+1
net/ipv6/route.c
+1
net/ipv6/route.c
+1
-1
net/netfilter/nf_conntrack_netlink.c
+1
-1
net/netfilter/nf_conntrack_netlink.c
+4
-2
net/sctp/sm_make_chunk.c
+4
-2
net/sctp/sm_make_chunk.c
···
1562
1562
if (*errp) {
1563
1563
report.num_missing = htonl(1);
1564
1564
report.type = paramtype;
1565
-
sctp_init_cause(*errp, SCTP_ERROR_INV_PARAM,
1565
+
sctp_init_cause(*errp, SCTP_ERROR_MISS_PARAM,
1566
1566
&report, sizeof(report));
1567
1567
}
1568
1568
···
1775
1775
1776
1776
/* Verify stream values are non-zero. */
1777
1777
if ((0 == peer_init->init_hdr.num_outbound_streams) ||
1778
-
(0 == peer_init->init_hdr.num_inbound_streams)) {
1778
+
(0 == peer_init->init_hdr.num_inbound_streams) ||
1779
+
(0 == peer_init->init_hdr.init_tag) ||
1780
+
(SCTP_DEFAULT_MINWINDOW > ntohl(peer_init->init_hdr.a_rwnd))) {
1779
1781
1780
1782
sctp_process_inv_mandatory(asoc, chunk, errp);
1781
1783
return 0;
+1
-1
net/sctp/sm_sideeffect.c
+1
-1
net/sctp/sm_sideeffect.c
+22
-22
net/sctp/sm_statefuns.c
+22
-22
net/sctp/sm_statefuns.c
···
440
440
{
441
441
struct sctp_chunk *chunk = arg;
442
442
sctp_init_chunk_t *initchunk;
443
-
__u32 init_tag;
444
443
struct sctp_chunk *err_chunk;
445
444
struct sctp_packet *packet;
446
445
sctp_error_t error;
···
460
461
461
462
/* Grab the INIT header. */
462
463
chunk->subh.init_hdr = (sctp_inithdr_t *) chunk->skb->data;
463
-
464
-
init_tag = ntohl(chunk->subh.init_hdr->init_tag);
465
-
466
-
/* Verification Tag: 3.3.3
467
-
* If the value of the Initiate Tag in a received INIT ACK
468
-
* chunk is found to be 0, the receiver MUST treat it as an
469
-
* error and close the association by transmitting an ABORT.
470
-
*/
471
-
if (!init_tag) {
472
-
struct sctp_chunk *reply = sctp_make_abort(asoc, chunk, 0);
473
-
if (!reply)
474
-
goto nomem;
475
-
476
-
sctp_add_cmd_sf(commands, SCTP_CMD_REPLY, SCTP_CHUNK(reply));
477
-
return sctp_stop_t1_and_abort(commands, SCTP_ERROR_INV_PARAM,
478
-
ECONNREFUSED, asoc,
479
-
chunk->transport);
480
-
}
481
464
482
465
/* Verify the INIT chunk before processing it. */
483
466
err_chunk = NULL;
···
531
550
SCTP_CHUNK(err_chunk));
532
551
533
552
return SCTP_DISPOSITION_CONSUME;
534
-
535
-
nomem:
536
-
return SCTP_DISPOSITION_NOMEM;
537
553
}
538
554
539
555
/*
···
1531
1553
}
1532
1554
1533
1555
1556
+
/*
1557
+
* Unexpected INIT-ACK handler.
1558
+
*
1559
+
* Section 5.2.3
1560
+
* If an INIT ACK received by an endpoint in any state other than the
1561
+
* COOKIE-WAIT state, the endpoint should discard the INIT ACK chunk.
1562
+
* An unexpected INIT ACK usually indicates the processing of an old or
1563
+
* duplicated INIT chunk.
1564
+
*/
1565
+
sctp_disposition_t sctp_sf_do_5_2_3_initack(const struct sctp_endpoint *ep,
1566
+
const struct sctp_association *asoc,
1567
+
const sctp_subtype_t type,
1568
+
void *arg, sctp_cmd_seq_t *commands)
1569
+
{
1570
+
/* Per the above section, we'll discard the chunk if we have an
1571
+
* endpoint. If this is an OOTB INIT-ACK, treat it as such.
1572
+
*/
1573
+
if (ep == sctp_sk((sctp_get_ctl_sock()))->ep)
1574
+
return sctp_sf_ootb(ep, asoc, type, arg, commands);
1575
+
else
1576
+
return sctp_sf_discard_chunk(ep, asoc, type, arg, commands);
1577
+
}
1534
1578
1535
1579
/* Unexpected COOKIE-ECHO handler for peer restart (Table 2, action 'A')
1536
1580
*
+1
-1
net/sctp/sm_statetable.c
+1
-1
net/sctp/sm_statetable.c
···
152
152
/* SCTP_STATE_EMPTY */ \
153
153
TYPE_SCTP_FUNC(sctp_sf_ootb), \
154
154
/* SCTP_STATE_CLOSED */ \
155
-
TYPE_SCTP_FUNC(sctp_sf_discard_chunk), \
155
+
TYPE_SCTP_FUNC(sctp_sf_do_5_2_3_initack), \
156
156
/* SCTP_STATE_COOKIE_WAIT */ \
157
157
TYPE_SCTP_FUNC(sctp_sf_do_5_1C_ack), \
158
158
/* SCTP_STATE_COOKIE_ECHOED */ \
+1
net/x25/x25_dev.c
+1
net/x25/x25_dev.c
+5
-11
net/xfrm/xfrm_policy.c
+5
-11
net/xfrm/xfrm_policy.c
···
650
650
struct xfrm_policy *pol;
651
651
struct xfrm_policy *delpol;
652
652
struct hlist_head *chain;
653
-
struct hlist_node *entry, *newpos, *last;
653
+
struct hlist_node *entry, *newpos;
654
654
struct dst_entry *gc_list;
655
655
656
656
write_lock_bh(&xfrm_policy_lock);
657
657
chain = policy_hash_bysel(&policy->selector, policy->family, dir);
658
658
delpol = NULL;
659
659
newpos = NULL;
660
-
last = NULL;
661
660
hlist_for_each_entry(pol, entry, chain, bydst) {
662
-
if (!delpol &&
663
-
pol->type == policy->type &&
661
+
if (pol->type == policy->type &&
664
662
!selector_cmp(&pol->selector, &policy->selector) &&
665
-
xfrm_sec_ctx_match(pol->security, policy->security)) {
663
+
xfrm_sec_ctx_match(pol->security, policy->security) &&
664
+
!WARN_ON(delpol)) {
666
665
if (excl) {
667
666
write_unlock_bh(&xfrm_policy_lock);
668
667
return -EEXIST;
···
670
671
if (policy->priority > pol->priority)
671
672
continue;
672
673
} else if (policy->priority >= pol->priority) {
673
-
last = &pol->bydst;
674
+
newpos = &pol->bydst;
674
675
continue;
675
676
}
676
-
if (!newpos)
677
-
newpos = &pol->bydst;
678
677
if (delpol)
679
678
break;
680
-
last = &pol->bydst;
681
679
}
682
-
if (!newpos)
683
-
newpos = last;
684
680
if (newpos)
685
681
hlist_add_after(newpos, &policy->bydst);
686
682
else
+3
security/selinux/ss/services.c
+3
security/selinux/ss/services.c
···
1299
1299
avc_ss_reset(seqno);
1300
1300
selnl_notify_policyload(seqno);
1301
1301
selinux_netlbl_cache_invalidate();
1302
+
atomic_inc(&flow_cache_genid);
1302
1303
return 0;
1303
1304
}
1304
1305
···
1355
1354
avc_ss_reset(seqno);
1356
1355
selnl_notify_policyload(seqno);
1357
1356
selinux_netlbl_cache_invalidate();
1357
+
atomic_inc(&flow_cache_genid);
1358
1358
1359
1359
return 0;
1360
1360
···
1855
1853
if (!rc) {
1856
1854
avc_ss_reset(seqno);
1857
1855
selnl_notify_policyload(seqno);
1856
+
atomic_inc(&flow_cache_genid);
1858
1857
}
1859
1858
return rc;
1860
1859
}