tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/net-2.6

* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/net-2.6: (27 commits)
[INET]: Fix inet_diag dead-lock regression
[NETNS]: Fix /proc/net breakage
[TEXTSEARCH]: Do not allow zero length patterns in the textsearch infrastructure
[NETFILTER]: fix forgotten module release in xt_CONNMARK and xt_CONNSECMARK
[NETFILTER]: xt_TCPMSS: remove network triggerable WARN_ON
[DECNET]: dn_nl_deladdr() almost always returns no error
[IPV6]: Restore IPv6 when MTU is big enough
[RXRPC]: Add missing select on CRYPTO
mac80211: rate limit wep decrypt failed messages
rfkill: fix double-mutex-locking
mac80211: drop unencrypted frames if encryption is expected
mac80211: Fix behavior of ieee80211_open and ieee80211_close
ieee80211: fix unaligned access in ieee80211_copy_snap
mac80211: free ifsta->extra_ie and clear IEEE80211_STA_PRIVACY_INVOKED
SCTP: Fix build issues with SCTP AUTH.
SCTP: Fix chunk acceptance when no authenticated chunks were listed.
SCTP: Fix the supported extensions paramter
SCTP: Fix SCTP-AUTH to correctly add HMACS paramter.
SCTP: Fix the number of HB transmissions.
[TCP] illinois: Incorrect beta usage
...

Linus Torvalds 8002cedc e87cb5db

+160 -177
+5 -6
drivers/net/sungem.c
··· 2281 2281 2282 2282 mutex_lock(&gp->pm_mutex); 2283 2283 2284 - napi_disable(&gp->napi); 2284 + if (gp->opened) 2285 + napi_disable(&gp->napi); 2285 2286 2286 2287 spin_lock_irq(&gp->lock); 2287 2288 spin_lock(&gp->tx_lock); 2288 - 2289 - if (gp->running == 0) 2290 - goto not_running; 2291 2289 2292 2290 if (gp->running) { 2293 2291 netif_stop_queue(gp->dev); ··· 2296 2298 gem_set_link_modes(gp); 2297 2299 netif_wake_queue(gp->dev); 2298 2300 } 2299 - not_running: 2301 + 2300 2302 gp->reset_task_pending = 0; 2301 2303 2302 2304 spin_unlock(&gp->tx_lock); 2303 2305 spin_unlock_irq(&gp->lock); 2304 2306 2305 - napi_enable(&gp->napi); 2307 + if (gp->opened) 2308 + napi_enable(&gp->napi); 2306 2309 2307 2310 mutex_unlock(&gp->pm_mutex); 2308 2311 }
+11 -1
fs/proc/generic.c
··· 374 374 return 1; 375 375 } 376 376 377 + static int proc_revalidate_dentry(struct dentry *dentry, struct nameidata *nd) 378 + { 379 + d_drop(dentry); 380 + return 0; 381 + } 382 + 377 383 static struct dentry_operations proc_dentry_operations = 378 384 { 379 385 .d_delete = proc_delete_dentry, 386 + .d_revalidate = proc_revalidate_dentry, 380 387 }; 381 388 382 389 /* ··· 404 397 if (de->namelen != dentry->d_name.len) 405 398 continue; 406 399 if (!memcmp(dentry->d_name.name, de->name, de->namelen)) { 407 - unsigned int ino = de->low_ino; 400 + unsigned int ino; 408 401 402 + if (de->shadow_proc) 403 + de = de->shadow_proc(current, de); 404 + ino = de->low_ino; 409 405 de_get(de); 410 406 spin_unlock(&proc_subdir_lock); 411 407 error = -EINVAL;
+5 -81
fs/proc/proc_net.c
··· 50 50 } 51 51 EXPORT_SYMBOL_GPL(get_proc_net); 52 52 53 - static struct proc_dir_entry *proc_net_shadow; 53 + static struct proc_dir_entry *shadow_pde; 54 54 55 - static struct dentry *proc_net_shadow_dentry(struct dentry *parent, 55 + static struct proc_dir_entry *proc_net_shadow(struct task_struct *task, 56 56 struct proc_dir_entry *de) 57 57 { 58 - struct dentry *shadow = NULL; 59 - struct inode *inode; 60 - if (!de) 61 - goto out; 62 - de_get(de); 63 - inode = proc_get_inode(parent->d_inode->i_sb, de->low_ino, de); 64 - if (!inode) 65 - goto out_de_put; 66 - shadow = d_alloc_name(parent, de->name); 67 - if (!shadow) 68 - goto out_iput; 69 - shadow->d_op = parent->d_op; /* proc_dentry_operations */ 70 - d_instantiate(shadow, inode); 71 - out: 72 - return shadow; 73 - out_iput: 74 - iput(inode); 75 - out_de_put: 76 - de_put(de); 77 - goto out; 58 + return task->nsproxy->net_ns->proc_net; 78 59 } 79 - 80 - static void *proc_net_follow_link(struct dentry *parent, struct nameidata *nd) 81 - { 82 - struct net *net = current->nsproxy->net_ns; 83 - struct dentry *shadow; 84 - shadow = proc_net_shadow_dentry(parent, net->proc_net); 85 - if (!shadow) 86 - return ERR_PTR(-ENOENT); 87 - 88 - dput(nd->dentry); 89 - /* My dentry count is 1 and that should be enough as the 90 - * shadow dentry is thrown away immediately. 91 - */ 92 - nd->dentry = shadow; 93 - return NULL; 94 - } 95 - 96 - static struct dentry *proc_net_lookup(struct inode *dir, struct dentry *dentry, 97 - struct nameidata *nd) 98 - { 99 - struct net *net = current->nsproxy->net_ns; 100 - struct dentry *shadow; 101 - 102 - shadow = proc_net_shadow_dentry(nd->dentry, net->proc_net); 103 - if (!shadow) 104 - return ERR_PTR(-ENOENT); 105 - 106 - dput(nd->dentry); 107 - nd->dentry = shadow; 108 - 109 - return shadow->d_inode->i_op->lookup(shadow->d_inode, dentry, nd); 110 - } 111 - 112 - static int proc_net_setattr(struct dentry *dentry, struct iattr *iattr) 113 - { 114 - struct net *net = current->nsproxy->net_ns; 115 - struct dentry *shadow; 116 - int ret; 117 - 118 - shadow = proc_net_shadow_dentry(dentry->d_parent, net->proc_net); 119 - if (!shadow) 120 - return -ENOENT; 121 - ret = shadow->d_inode->i_op->setattr(shadow, iattr); 122 - dput(shadow); 123 - return ret; 124 - } 125 - 126 - static const struct file_operations proc_net_dir_operations = { 127 - .read = generic_read_dir, 128 - }; 129 - 130 - static struct inode_operations proc_net_dir_inode_operations = { 131 - .follow_link = proc_net_follow_link, 132 - .lookup = proc_net_lookup, 133 - .setattr = proc_net_setattr, 134 - }; 135 60 136 61 static __net_init int proc_net_ns_init(struct net *net) 137 62 { ··· 110 185 111 186 int __init proc_net_init(void) 112 187 { 113 - proc_net_shadow = proc_mkdir("net", NULL); 114 - proc_net_shadow->proc_iops = &proc_net_dir_inode_operations; 115 - proc_net_shadow->proc_fops = &proc_net_dir_operations; 188 + shadow_pde = proc_mkdir("net", NULL); 189 + shadow_pde->shadow_proc = proc_net_shadow; 116 190 117 191 return register_pernet_subsys(&proc_net_ns_ops); 118 192 }
+3
include/linux/proc_fs.h
··· 48 48 typedef int (write_proc_t)(struct file *file, const char __user *buffer, 49 49 unsigned long count, void *data); 50 50 typedef int (get_info_t)(char *, char **, off_t, int); 51 + typedef struct proc_dir_entry *(shadow_proc_t)(struct task_struct *task, 52 + struct proc_dir_entry *pde); 51 53 52 54 struct proc_dir_entry { 53 55 unsigned int low_ino; ··· 81 79 int pde_users; /* number of callers into module in progress */ 82 80 spinlock_t pde_unload_lock; /* proc_fops checks and pde_users bumps */ 83 81 struct completion *pde_unload_completion; 82 + shadow_proc_t *shadow_proc; 84 83 }; 85 84 86 85 struct kcore_list {
+6 -3
include/net/sctp/constants.h
··· 441 441 SCTP_AUTH_HMAC_ID_RESERVED_0, 442 442 SCTP_AUTH_HMAC_ID_SHA1, 443 443 SCTP_AUTH_HMAC_ID_RESERVED_2, 444 - SCTP_AUTH_HMAC_ID_SHA256 444 + #if defined (CONFIG_CRYPTO_SHA256) || defined (CONFIG_CRYPTO_SHA256_MODULE) 445 + SCTP_AUTH_HMAC_ID_SHA256, 446 + #endif 447 + __SCTP_AUTH_HMAC_MAX 445 448 }; 446 449 447 - #define SCTP_AUTH_HMAC_ID_MAX SCTP_AUTH_HMAC_ID_SHA256 448 - #define SCTP_AUTH_NUM_HMACS (SCTP_AUTH_HMAC_ID_SHA256 + 1) 450 + #define SCTP_AUTH_HMAC_ID_MAX __SCTP_AUTH_HMAC_MAX - 1 451 + #define SCTP_AUTH_NUM_HMACS __SCTP_AUTH_HMAC_MAX 449 452 #define SCTP_SHA1_SIG_SIZE 20 450 453 #define SCTP_SHA256_SIG_SIZE 32 451 454
+6 -2
lib/textsearch.c
··· 7 7 * 2 of the License, or (at your option) any later version. 8 8 * 9 9 * Authors: Thomas Graf <tgraf@suug.ch> 10 - * Pablo Neira Ayuso <pablo@eurodev.net> 10 + * Pablo Neira Ayuso <pablo@netfilter.org> 11 11 * 12 12 * ========================================================================== 13 13 * ··· 250 250 * the various search algorithms. 251 251 * 252 252 * Returns a new textsearch configuration according to the specified 253 - * parameters or a ERR_PTR(). 253 + * parameters or a ERR_PTR(). If a zero length pattern is passed, this 254 + * function returns EINVAL. 254 255 */ 255 256 struct ts_config *textsearch_prepare(const char *algo, const void *pattern, 256 257 unsigned int len, gfp_t gfp_mask, int flags) ··· 260 259 struct ts_config *conf; 261 260 struct ts_ops *ops; 262 261 262 + if (len == 0) 263 + return ERR_PTR(-EINVAL); 264 + 263 265 ops = lookup_ts_algo(algo); 264 266 #ifdef CONFIG_KMOD 265 267 /*
+2 -1
net/8021q/vlan_dev.c
··· 462 462 * OTHER THINGS LIKE FDDI/TokenRing/802.3 SNAPs... 463 463 */ 464 464 465 - if (veth->h_vlan_proto != htons(ETH_P_8021Q)) { 465 + if (veth->h_vlan_proto != htons(ETH_P_8021Q) || 466 + VLAN_DEV_INFO(dev)->flags & VLAN_FLAG_REORDER_HDR) { 466 467 int orig_headroom = skb_headroom(skb); 467 468 unsigned short veth_TCI; 468 469
+3 -1
net/bridge/br.c
··· 39 39 40 40 err = br_fdb_init(); 41 41 if (err) 42 - goto err_out1; 42 + goto err_out; 43 43 44 44 err = br_netfilter_init(); 45 45 if (err) ··· 65 65 err_out2: 66 66 br_netfilter_fini(); 67 67 err_out1: 68 + br_fdb_fini(); 69 + err_out: 68 70 llc_sap_put(br_stp_sap); 69 71 return err; 70 72 }
+4 -3
net/bridge/br_input.c
··· 122 122 struct sk_buff *br_handle_frame(struct net_bridge_port *p, struct sk_buff *skb) 123 123 { 124 124 const unsigned char *dest = eth_hdr(skb)->h_dest; 125 + int (*rhook)(struct sk_buff *skb); 125 126 126 127 if (!is_valid_ether_addr(eth_hdr(skb)->h_source)) 127 128 goto drop; ··· 148 147 149 148 switch (p->state) { 150 149 case BR_STATE_FORWARDING: 151 - 152 - if (br_should_route_hook) { 153 - if (br_should_route_hook(skb)) 150 + rhook = rcu_dereference(br_should_route_hook); 151 + if (rhook != NULL) { 152 + if (rhook(skb)) 154 153 return skb; 155 154 dest = eth_hdr(skb)->h_dest; 156 155 }
+2 -2
net/bridge/netfilter/ebtable_broute.c
··· 70 70 if (ret < 0) 71 71 return ret; 72 72 /* see br_input.c */ 73 - br_should_route_hook = ebt_broute; 73 + rcu_assign_pointer(br_should_route_hook, ebt_broute); 74 74 return ret; 75 75 } 76 76 77 77 static void __exit ebtable_broute_fini(void) 78 78 { 79 - br_should_route_hook = NULL; 79 + rcu_assign_pointer(br_should_route_hook, NULL); 80 80 synchronize_net(); 81 81 ebt_unregister_table(&broute_table); 82 82 }
+3 -1
net/decnet/dn_dev.c
··· 651 651 struct dn_dev *dn_db; 652 652 struct ifaddrmsg *ifm; 653 653 struct dn_ifaddr *ifa, **ifap; 654 - int err = -EADDRNOTAVAIL; 654 + int err; 655 655 656 656 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, dn_ifa_policy); 657 657 if (err < 0) 658 658 goto errout; 659 659 660 + err = -ENODEV; 660 661 ifm = nlmsg_data(nlh); 661 662 if ((dn_db = dn_dev_by_index(ifm->ifa_index)) == NULL) 662 663 goto errout; 663 664 665 + err = -EADDRNOTAVAIL; 664 666 for (ifap = &dn_db->ifa_list; (ifa = *ifap); ifap = &ifa->ifa_next) { 665 667 if (tb[IFA_LOCAL] && 666 668 nla_memcmp(tb[IFA_LOCAL], &ifa->ifa_local, 2))
+2 -1
net/ieee80211/ieee80211_tx.c
··· 144 144 snap->oui[1] = oui[1]; 145 145 snap->oui[2] = oui[2]; 146 146 147 - *(u16 *) (data + SNAP_SIZE) = htons(h_proto); 147 + h_proto = htons(h_proto); 148 + memcpy(data + SNAP_SIZE, &h_proto, sizeof(u16)); 148 149 149 150 return SNAP_SIZE + sizeof(u16); 150 151 }
+45 -24
net/ipv4/inet_diag.c
··· 51 51 #define INET_DIAG_PUT(skb, attrtype, attrlen) \ 52 52 RTA_DATA(__RTA_PUT(skb, attrtype, attrlen)) 53 53 54 + static DEFINE_MUTEX(inet_diag_table_mutex); 55 + 56 + static const struct inet_diag_handler *inet_diag_lock_handler(int type) 57 + { 58 + #ifdef CONFIG_KMOD 59 + if (!inet_diag_table[type]) 60 + request_module("net-pf-%d-proto-%d-type-%d", PF_NETLINK, 61 + NETLINK_INET_DIAG, type); 62 + #endif 63 + 64 + mutex_lock(&inet_diag_table_mutex); 65 + if (!inet_diag_table[type]) 66 + return ERR_PTR(-ENOENT); 67 + 68 + return inet_diag_table[type]; 69 + } 70 + 71 + static inline void inet_diag_unlock_handler( 72 + const struct inet_diag_handler *handler) 73 + { 74 + mutex_unlock(&inet_diag_table_mutex); 75 + } 76 + 54 77 static int inet_csk_diag_fill(struct sock *sk, 55 78 struct sk_buff *skb, 56 79 int ext, u32 pid, u32 seq, u16 nlmsg_flags, ··· 258 235 struct inet_hashinfo *hashinfo; 259 236 const struct inet_diag_handler *handler; 260 237 261 - handler = inet_diag_table[nlh->nlmsg_type]; 262 - BUG_ON(handler == NULL); 238 + handler = inet_diag_lock_handler(nlh->nlmsg_type); 239 + if (!handler) 240 + return -ENOENT; 241 + 263 242 hashinfo = handler->idiag_hashinfo; 243 + err = -EINVAL; 264 244 265 245 if (req->idiag_family == AF_INET) { 266 246 sk = inet_lookup(hashinfo, req->id.idiag_dst[0], ··· 281 255 } 282 256 #endif 283 257 else { 284 - return -EINVAL; 258 + goto unlock; 285 259 } 286 260 261 + err = -ENOENT; 287 262 if (sk == NULL) 288 - return -ENOENT; 263 + goto unlock; 289 264 290 265 err = -ESTALE; 291 266 if ((req->id.idiag_cookie[0] != INET_DIAG_NOCOOKIE || ··· 323 296 else 324 297 sock_put(sk); 325 298 } 299 + unlock: 300 + inet_diag_unlock_handler(handler); 326 301 return err; 327 302 } 328 303 ··· 707 678 const struct inet_diag_handler *handler; 708 679 struct inet_hashinfo *hashinfo; 709 680 710 - handler = inet_diag_table[cb->nlh->nlmsg_type]; 711 - BUG_ON(handler == NULL); 681 + handler = inet_diag_lock_handler(cb->nlh->nlmsg_type); 682 + if (!handler) 683 + goto no_handler; 684 + 712 685 hashinfo = handler->idiag_hashinfo; 713 686 714 687 s_i = cb->args[1]; ··· 774 743 } 775 744 776 745 if (!(r->idiag_states & ~(TCPF_LISTEN | TCPF_SYN_RECV))) 777 - return skb->len; 746 + goto unlock; 778 747 779 748 for (i = s_i; i < hashinfo->ehash_size; i++) { 780 749 struct inet_ehash_bucket *head = &hashinfo->ehash[i]; ··· 836 805 done: 837 806 cb->args[1] = i; 838 807 cb->args[2] = num; 808 + unlock: 809 + inet_diag_unlock_handler(handler); 810 + no_handler: 839 811 return skb->len; 840 812 } 841 813 ··· 849 815 if (nlh->nlmsg_type >= INET_DIAG_GETSOCK_MAX || 850 816 nlmsg_len(nlh) < hdrlen) 851 817 return -EINVAL; 852 - 853 - #ifdef CONFIG_KMOD 854 - if (inet_diag_table[nlh->nlmsg_type] == NULL) 855 - request_module("net-pf-%d-proto-%d-type-%d", PF_NETLINK, 856 - NETLINK_INET_DIAG, nlh->nlmsg_type); 857 - #endif 858 - 859 - if (inet_diag_table[nlh->nlmsg_type] == NULL) 860 - return -ENOENT; 861 818 862 819 if (nlh->nlmsg_flags & NLM_F_DUMP) { 863 820 if (nlmsg_attrlen(nlh, hdrlen)) { ··· 878 853 mutex_unlock(&inet_diag_mutex); 879 854 } 880 855 881 - static DEFINE_SPINLOCK(inet_diag_register_lock); 882 - 883 856 int inet_diag_register(const struct inet_diag_handler *h) 884 857 { 885 858 const __u16 type = h->idiag_type; ··· 886 863 if (type >= INET_DIAG_GETSOCK_MAX) 887 864 goto out; 888 865 889 - spin_lock(&inet_diag_register_lock); 866 + mutex_lock(&inet_diag_table_mutex); 890 867 err = -EEXIST; 891 868 if (inet_diag_table[type] == NULL) { 892 869 inet_diag_table[type] = h; 893 870 err = 0; 894 871 } 895 - spin_unlock(&inet_diag_register_lock); 872 + mutex_unlock(&inet_diag_table_mutex); 896 873 out: 897 874 return err; 898 875 } ··· 905 882 if (type >= INET_DIAG_GETSOCK_MAX) 906 883 return; 907 884 908 - spin_lock(&inet_diag_register_lock); 885 + mutex_lock(&inet_diag_table_mutex); 909 886 inet_diag_table[type] = NULL; 910 - spin_unlock(&inet_diag_register_lock); 911 - 912 - synchronize_rcu(); 887 + mutex_unlock(&inet_diag_table_mutex); 913 888 } 914 889 EXPORT_SYMBOL_GPL(inet_diag_unregister); 915 890
+1 -1
net/ipv4/tcp_illinois.c
··· 298 298 struct illinois *ca = inet_csk_ca(sk); 299 299 300 300 /* Multiplicative decrease */ 301 - return max((tp->snd_cwnd * ca->beta) >> BETA_SHIFT, 2U); 301 + return max(tp->snd_cwnd - ((tp->snd_cwnd * ca->beta) >> BETA_SHIFT), 2U); 302 302 } 303 303 304 304
+10 -1
net/ipv6/addrconf.c
··· 2293 2293 break; 2294 2294 } 2295 2295 2296 + if (!idev && dev->mtu >= IPV6_MIN_MTU) 2297 + idev = ipv6_add_dev(dev); 2298 + 2296 2299 if (idev) 2297 2300 idev->if_flags |= IF_READY; 2298 2301 } else { ··· 2360 2357 break; 2361 2358 2362 2359 case NETDEV_CHANGEMTU: 2363 - if ( idev && dev->mtu >= IPV6_MIN_MTU) { 2360 + if (idev && dev->mtu >= IPV6_MIN_MTU) { 2364 2361 rt6_mtu_change(dev, dev->mtu); 2365 2362 idev->cnf.mtu6 = dev->mtu; 2366 2363 break; 2364 + } 2365 + 2366 + if (!idev && dev->mtu >= IPV6_MIN_MTU) { 2367 + idev = ipv6_add_dev(dev); 2368 + if (idev) 2369 + break; 2367 2370 } 2368 2371 2369 2372 /* MTU falled under IPV6_MIN_MTU. Stop IPv6 on this interface. */
+7 -3
net/mac80211/ieee80211.c
··· 216 216 res = local->ops->start(local_to_hw(local)); 217 217 if (res) 218 218 return res; 219 + ieee80211_hw_config(local); 219 220 } 220 221 221 222 switch (sdata->type) { ··· 233 232 netif_tx_unlock_bh(local->mdev); 234 233 235 234 local->hw.conf.flags |= IEEE80211_CONF_RADIOTAP; 236 - ieee80211_hw_config(local); 237 235 } 238 236 break; 239 237 case IEEE80211_IF_TYPE_STA: ··· 334 334 ieee80211_configure_filter(local); 335 335 netif_tx_unlock_bh(local->mdev); 336 336 337 - local->hw.conf.flags |= IEEE80211_CONF_RADIOTAP; 338 - ieee80211_hw_config(local); 337 + local->hw.conf.flags &= ~IEEE80211_CONF_RADIOTAP; 339 338 } 340 339 break; 341 340 case IEEE80211_IF_TYPE_STA: ··· 356 357 cancel_delayed_work(&local->scan_work); 357 358 } 358 359 flush_workqueue(local->hw.workqueue); 360 + 361 + sdata->u.sta.flags &= ~IEEE80211_STA_PRIVACY_INVOKED; 362 + kfree(sdata->u.sta.extra_ie); 363 + sdata->u.sta.extra_ie = NULL; 364 + sdata->u.sta.extra_ie_len = 0; 359 365 /* fall through */ 360 366 default: 361 367 conf.if_id = dev->ifindex;
+1 -1
net/mac80211/rx.c
··· 997 997 if (unlikely(!(rx->fc & IEEE80211_FCTL_PROTECTED) && 998 998 (rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA && 999 999 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_NULLFUNC && 1000 - rx->sdata->drop_unencrypted && 1000 + (rx->key || rx->sdata->drop_unencrypted) && 1001 1001 (rx->sdata->eapol == 0 || !ieee80211_is_eapol(rx->skb)))) { 1002 1002 if (net_ratelimit()) 1003 1003 printk(KERN_DEBUG "%s: RX non-WEP frame, but expected "
+2 -1
net/mac80211/wep.c
··· 265 265 if (ieee80211_wep_decrypt_data(local->wep_rx_tfm, rc4key, klen, 266 266 skb->data + hdrlen + WEP_IV_LEN, 267 267 len)) { 268 - printk(KERN_DEBUG "WEP decrypt failed (ICV)\n"); 268 + if (net_ratelimit()) 269 + printk(KERN_DEBUG "WEP decrypt failed (ICV)\n"); 269 270 ret = -1; 270 271 } 271 272
+5 -5
net/netfilter/xt_CONNMARK.c
··· 86 86 { 87 87 const struct xt_connmark_target_info *matchinfo = targinfo; 88 88 89 - if (nf_ct_l3proto_try_module_get(target->family) < 0) { 90 - printk(KERN_WARNING "can't load conntrack support for " 91 - "proto=%d\n", target->family); 92 - return false; 93 - } 94 89 if (matchinfo->mode == XT_CONNMARK_RESTORE) { 95 90 if (strcmp(tablename, "mangle") != 0) { 96 91 printk(KERN_WARNING "CONNMARK: restore can only be " ··· 96 101 } 97 102 if (matchinfo->mark > 0xffffffff || matchinfo->mask > 0xffffffff) { 98 103 printk(KERN_WARNING "CONNMARK: Only supports 32bit mark\n"); 104 + return false; 105 + } 106 + if (nf_ct_l3proto_try_module_get(target->family) < 0) { 107 + printk(KERN_WARNING "can't load conntrack support for " 108 + "proto=%d\n", target->family); 99 109 return false; 100 110 } 101 111 return true;
+5 -5
net/netfilter/xt_CONNSECMARK.c
··· 90 90 { 91 91 const struct xt_connsecmark_target_info *info = targinfo; 92 92 93 - if (nf_ct_l3proto_try_module_get(target->family) < 0) { 94 - printk(KERN_WARNING "can't load conntrack support for " 95 - "proto=%d\n", target->family); 96 - return false; 97 - } 98 93 switch (info->mode) { 99 94 case CONNSECMARK_SAVE: 100 95 case CONNSECMARK_RESTORE: ··· 100 105 return false; 101 106 } 102 107 108 + if (nf_ct_l3proto_try_module_get(target->family) < 0) { 109 + printk(KERN_WARNING "can't load conntrack support for " 110 + "proto=%d\n", target->family); 111 + return false; 112 + } 103 113 return true; 104 114 } 105 115
+1 -3
net/netfilter/xt_TCPMSS.c
··· 174 174 175 175 nexthdr = ipv6h->nexthdr; 176 176 tcphoff = ipv6_skip_exthdr(skb, sizeof(*ipv6h), &nexthdr); 177 - if (tcphoff < 0) { 178 - WARN_ON(1); 177 + if (tcphoff < 0) 179 178 return NF_DROP; 180 - } 181 179 ret = tcpmss_mangle_packet(skb, targinfo, tcphoff, 182 180 sizeof(*ipv6h) + sizeof(struct tcphdr)); 183 181 if (ret < 0)
+5 -9
net/rfkill/rfkill.c
··· 60 60 static int rfkill_toggle_radio(struct rfkill *rfkill, 61 61 enum rfkill_state state) 62 62 { 63 - int retval; 64 - 65 - retval = mutex_lock_interruptible(&rfkill->mutex); 66 - if (retval) 67 - return retval; 63 + int retval = 0; 68 64 69 65 if (state != rfkill->state) { 70 66 retval = rfkill->toggle_radio(rfkill->data, state); ··· 70 74 } 71 75 } 72 76 73 - mutex_unlock(&rfkill->mutex); 74 77 return retval; 75 78 } 76 79 ··· 153 158 if (!capable(CAP_NET_ADMIN)) 154 159 return -EPERM; 155 160 161 + if (mutex_lock_interruptible(&rfkill->mutex)) 162 + return -ERESTARTSYS; 156 163 error = rfkill_toggle_radio(rfkill, 157 164 state ? RFKILL_STATE_ON : RFKILL_STATE_OFF); 158 - if (error) 159 - return error; 165 + mutex_unlock(&rfkill->mutex); 160 166 161 - return count; 167 + return error ? error : count; 162 168 } 163 169 164 170 static ssize_t rfkill_claim_show(struct device *dev,
+1
net/rxrpc/Kconfig
··· 5 5 config AF_RXRPC 6 6 tristate "RxRPC session sockets" 7 7 depends on INET && EXPERIMENTAL 8 + select CRYPTO 8 9 select KEYS 9 10 help 10 11 Say Y or M here to include support for RxRPC session sockets (just
+3 -3
net/sctp/Kconfig
··· 6 6 tristate "The SCTP Protocol (EXPERIMENTAL)" 7 7 depends on INET && EXPERIMENTAL 8 8 depends on IPV6 || IPV6=n 9 - select CRYPTO if SCTP_HMAC_SHA1 || SCTP_HMAC_MD5 10 - select CRYPTO_HMAC if SCTP_HMAC_SHA1 || SCTP_HMAC_MD5 11 - select CRYPTO_SHA1 if SCTP_HMAC_SHA1 9 + select CRYPTO 10 + select CRYPTO_HMAC 11 + select CRYPTO_SHA1 12 12 select CRYPTO_MD5 if SCTP_HMAC_MD5 13 13 ---help--- 14 14 Stream Control Transmission Protocol
+3 -1
net/sctp/auth.c
··· 54 54 /* id 2 is reserved as well */ 55 55 .hmac_id = SCTP_AUTH_HMAC_ID_RESERVED_2, 56 56 }, 57 + #if defined (CONFIG_CRYPTO_SHA256) || defined (CONFIG_CRYPTO_SHA256_MODULE) 57 58 { 58 59 .hmac_id = SCTP_AUTH_HMAC_ID_SHA256, 59 60 .hmac_name="hmac(sha256)", 60 61 .hmac_len = SCTP_SHA256_SIG_SIZE, 61 62 } 63 + #endif 62 64 }; 63 65 64 66 ··· 633 631 int found = 0; 634 632 int i; 635 633 636 - if (!param) 634 + if (!param || param->param_hdr.length == 0) 637 635 return 0; 638 636 639 637 len = ntohs(param->param_hdr.length) - sizeof(sctp_paramhdr_t);
+9 -16
net/sctp/sm_make_chunk.c
··· 77 77 union sctp_params param, 78 78 const union sctp_addr *peer_addr, 79 79 gfp_t gfp); 80 + static void *sctp_addto_param(struct sctp_chunk *chunk, int len, 81 + const void *data); 80 82 81 83 /* What was the inbound interface for this chunk? */ 82 84 int sctp_chunk_iif(const struct sctp_chunk *chunk) ··· 209 207 210 208 chunksize = sizeof(init) + addrs_len + SCTP_SAT_LEN(num_types); 211 209 chunksize += sizeof(ecap_param); 212 - if (sctp_prsctp_enable) { 213 - chunksize += sizeof(prsctp_param); 214 - extensions[num_ext] = SCTP_CID_FWD_TSN; 215 - num_ext += 1; 216 - } 210 + 217 211 /* ADDIP: Section 4.2.7: 218 212 * An implementation supporting this extension [ADDIP] MUST list 219 213 * the ASCONF,the ASCONF-ACK, and the AUTH chunks in its INIT and ··· 241 243 if (auth_chunks->length) 242 244 chunksize += ntohs(auth_chunks->length); 243 245 else 244 - auth_hmacs = NULL; 246 + auth_chunks = NULL; 245 247 246 248 extensions[num_ext] = SCTP_CID_AUTH; 247 249 num_ext += 1; ··· 295 297 htons(sizeof(sctp_supported_ext_param_t) + num_ext); 296 298 sctp_addto_chunk(retval, sizeof(sctp_supported_ext_param_t), 297 299 &ext_param); 298 - sctp_addto_chunk(retval, num_ext, extensions); 300 + sctp_addto_param(retval, num_ext, extensions); 299 301 } 300 302 301 303 if (sctp_prsctp_enable) ··· 369 371 if (asoc->peer.ecn_capable) 370 372 chunksize += sizeof(ecap_param); 371 373 372 - /* Tell peer that we'll do PR-SCTP only if peer advertised. */ 373 - if (asoc->peer.prsctp_capable) { 374 - chunksize += sizeof(prsctp_param); 375 - extensions[num_ext] = SCTP_CID_FWD_TSN; 376 - num_ext += 1; 377 - } 378 - 379 374 if (sctp_addip_enable) { 380 375 extensions[num_ext] = SCTP_CID_ASCONF; 381 376 extensions[num_ext+1] = SCTP_CID_ASCONF_ACK; 382 377 num_ext += 2; 383 378 } 384 379 385 - chunksize += sizeof(ext_param) + num_ext; 386 380 chunksize += sizeof(aiparam); 387 381 388 382 if (asoc->peer.auth_capable) { ··· 397 407 num_ext += 1; 398 408 } 399 409 410 + if (num_ext) 411 + chunksize += sizeof(sctp_supported_ext_param_t) + num_ext; 412 + 400 413 /* Now allocate and fill out the chunk. */ 401 414 retval = sctp_make_chunk(asoc, SCTP_CID_INIT_ACK, 0, chunksize); 402 415 if (!retval) ··· 421 428 htons(sizeof(sctp_supported_ext_param_t) + num_ext); 422 429 sctp_addto_chunk(retval, sizeof(sctp_supported_ext_param_t), 423 430 &ext_param); 424 - sctp_addto_chunk(retval, num_ext, extensions); 431 + sctp_addto_param(retval, num_ext, extensions); 425 432 } 426 433 if (asoc->peer.prsctp_capable) 427 434 sctp_addto_chunk(retval, sizeof(prsctp_param), &prsctp_param);
+1 -1
net/sctp/sm_statefuns.c
··· 959 959 { 960 960 struct sctp_transport *transport = (struct sctp_transport *) arg; 961 961 962 - if (asoc->overall_error_count >= asoc->max_retrans) { 962 + if (asoc->overall_error_count > asoc->max_retrans) { 963 963 sctp_add_cmd_sf(commands, SCTP_CMD_SET_SK_ERR, 964 964 SCTP_ERROR(ETIMEDOUT)); 965 965 /* CMD_ASSOC_FAILED calls CMD_DELETE_TCB. */
+8 -1
net/unix/af_unix.c
··· 1637 1637 mutex_lock(&u->readlock); 1638 1638 1639 1639 skb = skb_recv_datagram(sk, flags, noblock, &err); 1640 - if (!skb) 1640 + if (!skb) { 1641 + unix_state_lock(sk); 1642 + /* Signal EOF on disconnected non-blocking SEQPACKET socket. */ 1643 + if (sk->sk_type == SOCK_SEQPACKET && err == -EAGAIN && 1644 + (sk->sk_shutdown & RCV_SHUTDOWN)) 1645 + err = 0; 1646 + unix_state_unlock(sk); 1641 1647 goto out_unlock; 1648 + } 1642 1649 1643 1650 wake_up_interruptible_sync(&u->peer_wait); 1644 1651
+1
net/xfrm/xfrm_policy.c
··· 1344 1344 xfrm_nr += pols[0]->xfrm_nr; 1345 1345 1346 1346 switch (policy->action) { 1347 + default: 1347 1348 case XFRM_POLICY_BLOCK: 1348 1349 /* Prohibit the flow */ 1349 1350 err = -EPERM;