summaryrefslogtreecommitdiff
path: root/net
AgeCommit message (Collapse)AuthorFilesLines
2005-07-27[XFRM]: Fix possible overflow of sock->sk_policyHerbert Xu1-0/+3
Spotted by, and original patch by, Balazs Scheidler. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-25[EMATCH]: Remove feature ifdefs in meta ematch.Patrick McHardy1-8/+8
Signed-off-by: Patrick McHardy <kaber@trash.net> Acked-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-25[IPV6]: fix implicit declaration of function `xfrm6_tunnel_unregister'Cal Peake1-1/+1
Signed-off-by: Cal Peake <cp@absolutedigital.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-23[PKT_SCHED]: em_meta: Kill TCF_META_ID_{INDEV,SECURITY,TCVERDICT}David S. Miller1-25/+3
More unusable TCF_META_* match types that need to get eliminated before 2.6.13 goes out the door. Signed-off-by: David S. Miller <davem@davemloft.net> Acked-by: Thomas Graf <tgraf@suug.ch>
2005-07-22[NETFILTER]: Fix ip6t_LOG MAC formatPatrick McHardy1-4/+7
I broke this in the patch that consolidated MAC logging. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-22[NETFILTER]: Use correct byteorder in ICMP NATPatrick McHardy1-3/+4
Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-22[NETFILTER]: Wait until all references to ip_conntrack_untracked are dropped ↵Patrick McHardy1-0/+3
on unload Fixes a crash when unloading ip_conntrack. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-22[NETFILTER]: Fix potential memory corruption in NAT code (aka memory NAT)Patrick McHardy2-2/+4
The portptr pointing to the port in the conntrack tuple is declared static, which could result in memory corruption when two packets of the same protocol are NATed at the same time and one conntrack goes away. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-22[NETFILTER]: Fix deadlock in ip6_queuePatrick McHardy1-0/+2
Already fixed in ip_queue, ip6_queue was missed. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-22[PKT_SCHED]: Kill TCF_META_ID_REALDEV from meta ematch.David S. Miller1-12/+0
It won't exist any longer when we shrink the SKB in 2.6.14, and we should kill this off before anyone in userspace starts using it. Signed-off-by: David S. Miller <davem@davemloft.net> Acked-by: Thomas Graf <tgraf@suug.ch>
2005-07-22[NETFILTER]: ip_conntrack_expect_related must not free expectationRusty Russell10-57/+39
If a connection tracking helper tells us to expect a connection, and we're already expecting that connection, we simply free the one they gave us and return success. The problem is that NAT helpers (eg. FTP) have to allocate the expectation first (to see what port is available) then rewrite the packet. If that rewrite fails, they try to remove the expectation, but it was freed in ip_conntrack_expect_related. This is one example of a larger problem: having registered the expectation, the pointer is no longer ours to use. Reference counting is needed for ctnetlink anyway, so introduce it now. To have a single "put" path, we need to grab the reference to the connection on creation, rather than open-coding it in the caller. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-20[NET]: Fix tc_verd thinko in skb_clone()David S. Miller1-2/+2
It was overwriting the computer n->tc_verd value over and over with skb->tc_verd, by mistake. Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-20[NET]: Make ipip/ip6_tunnel independant of XFRMPatrick McHardy5-13/+66
Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-20[IPV4]: Fix up lots of little whitespace indentation stuff in fib_trie.Stephen Hemminger2-386/+388
Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-20[NET]: BRIDGE_EBT_ARPREPLY must depend on INETAdrian Bunk1-1/+1
BRIDGE_EBT_ARPREPLY=y and INET=n results in the following compile error: net/built-in.o: In function `ebt_target_reply': ebt_arpreply.c:(.text+0x68fb9): undefined reference to `arp_send' make: *** [.tmp_vmlinux1] Error 1 Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-20[IPV4]: Don't select XFRM for ip_grePatrick McHardy1-1/+0
Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-20[NET]: Only build flow.o if CONFIG_XFRM=yPatrick McHardy1-1/+2
Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-20[ATM]: Trivial spelling fix patch for net/KconfigJesper Juhl1-2/+2
Signed-off-by: Jesper Juhl <juhl-lkml@dif.dk> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Chas Williams <chas@cmf.nrl.navy.mil> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-20[ATM]: allow bind() on point-to-multpoint svcs (from Martin Whitaker ↵Chas Williams1-4/+0
<martin_whitaker@ntlworld.com>) Signed-off-by: Chas Williams <chas@cmf.nrl.navy.mil> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-19[EMATCH]: Kill TCF_META_ID_TCCLASSID reference from meta ematch as well.David S. Miller1-6/+0
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-19[IPV4]: fix IP_FIB_HASH kconfig warningAdrian Bunk1-7/+3
This patch fixes the following kconfig warning: net/ipv4/Kconfig:92:warning: defaults for choice values not supported Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-19[NET]: Kconfig: NETCONSOLE and NETPOLL togetherRandy Dunlap1-16/+0
Put NETCONSOLE and NETPOLL options together since they are related. This cuts down on the hassle of flipping back and forth between the Networking menu and the Network drivers menu to change their config settings. Tested with menuconfig, gconfig, and xconfig. gconfig has a small problem with this. I think that it's a bug in gconfig and I will take it up with Romain Lievin. Signed-off-by: Randy Dunlap <rdunlap@xenotime.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-19[SCTP]: Fix potential null pointer dereference while handling an icmp errorSridhar Samudrala2-37/+15
Signed-off-by: Sridhar Samudrala <sri@us.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-19[SCTP]: Audit return code of create_proc_*Christophe Lucas1-1/+5
From: Christophe Lucas <clucas@rotomalug.org> Audit return of create_proc_* functions. Signed-off-by: Christophe Lucas <clucas@rotomalug.org> Signed-off-by: Domen Puncer <domen@coderock.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-19[NETLINK]: Fix "nocast type" warningsVictor Fusco1-2/+3
From: Victor Fusco <victor@cetuc.puc-rio.br> Fix the sparse warning "implicit cast to nocast type" Signed-off-by: Victor Fusco <victor@cetuc.puc-rio.br> Signed-off-by: Domen Puncer <domen@coderock.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-19[PKT_SCHED]: Reduce branch mispredictions in pfifo_fast_dequeueThomas Graf1-4/+3
The current call to __qdisc_dequeue_head leads to a branch misprediction for every loop iteration, the fact that the most common priority is 2 makes this even worse. This issue has been brought up by Eric Dumazet <dada1@cosmosbay.com> but unlike his solution which was to manually unroll the loop, this approach preserves the possibility to increase the number of bands at compile time. Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-19[PKT_SCHED]: Remove debugging leftover from textsearch ematchThomas Graf1-3/+0
Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-12[VLAN]: Fix early vlan adding leads to not functional deviceTommy Christensen1-0/+8
OK, I can see what's happening here. eth0 doesn't detect link-up until after a few seconds, so when the vlan interface is opened immediately after eth0 has been opened, it inherits the link-down state. Subsequently the vlan interface is never properly activated and are thus unable to transmit any packets. dev->state bits are not supposed to be manipulated directly. Something similar is probably needed for the netif_device_present() bit, although I don't know how this is meant to work for a virtual device. Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-12[NET]: __be'ify *_type_trans()Alexey Dobriyan4-8/+7
tr_type_trans(), hippi_type_trans() left as-is. Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-12[NETFILTER]: Revert nf_reset changePhil Oester3-9/+13
Revert the nf_reset change that caused so much trouble, drop conntrack references manually before packets are queued to packet sockets. Signed-off-by: Phil Oester <kernel@linuxace.com> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-12[NET]: move config options out to individual protocolsSam Ravnborg17-452/+447
Move the protocol specific config options out to the specific protocols. With this change net/Kconfig now starts to become readable and serve as a good basis for further re-structuring. The menu structure is left almost intact, except that indention is fixed in most cases. Most visible are the INET changes where several "depends on INET" are replaced with a single ifdef INET / endif pair. Several new files were created to accomplish this change - they are small but serve the purpose that config options are now distributed out where they belongs. Signed-off-by: Sam Ravnborg <sam@ravnborg.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-12[NET]: add a top-level Networking menu to *configSam Ravnborg1-5/+5
Create a new top-level menu named "Networking" thus moving net related options and protocol selection way from the drivers menu and up on the top-level where they belong. To implement this all architectures has to source "net/Kconfig" before drivers/*/Kconfig in their Kconfig file. This change has been implemented for all architectures. Device drivers for ordinary NIC's are still to be found in the Device Drivers section, but Bluetooth, IrDA and ax25 are located with their corresponding menu entries under the new networking menu item. Signed-off-by: Sam Ravnborg <sam@ravnborg.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-12[IPV4]: Prevent oops when printing martian sourceOlaf Kirch1-1/+1
In some cases, we may be generating packets with a source address that qualifies as martian. This can happen when we're in the middle of setting up the network, and netfilter decides to reject a packet with an RST. The IPv4 routing code would try to print a warning and oops, because locally generated packets do not have a valid skb->mac.raw pointer at this point. Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-12[IPVS]: Add and reorder bh locks after moving to keventd.Julian Anastasov2-6/+9
An addition to the last ipvs changes that move update_defense_level/si_meminfo to keventd: - ip_vs_random_dropentry now runs in process context and should use _bh locks to protect from softirqs - update_defense_level still needs _bh locks after si_meminfo is called, for the same purpose Signed-off-by: Julian Anastasov <ja@ssi.bg> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-12[NET]: Trivial spelling fix patch for net/KconfigJesper Juhl1-2/+2
Signed-off-by: Jesper Juhl <juhl-lkml@dif.dk> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-12[SCTP]: __nocast annotationsAlexey Dobriyan11-44/+59
Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-09[SCTP]: Use struct list_head for chunk lists, not sk_buff_head.David S. Miller7-53/+79
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-09[IPV6]: Fix warning in ip6_mc_msfilter.David S. Miller1-0/+1
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-09[IPV4]: fix IPv4 leave-group group matchingDavid L Stevens1-12/+13
This patch fixes the multicast group matching for IP_DROP_MEMBERSHIP, similar to the IP_ADD_MEMBERSHIP fix in a prior patch. Groups are identifiedby <group address,interface> and including the interface address in the match will fail if a leave-group is done by address when the join was done by index, or if different addresses on the same interface are used in the join and leave. Signed-off-by: David L Stevens <dlstevens@us.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-09[IPV4]: (INCLUDE,empty)/leave-group equivalence for full-state MSF APIs & ↵David L Stevens2-2/+19
errno fix 1) Adds (INCLUDE, empty)/leave-group equivalence to the full-state multicast source filter APIs (IPv4 and IPv6) 2) Fixes an incorrect errno in the IPv6 leave-group (ENOENT should be EADDRNOTAVAIL) Signed-off-by: David L Stevens <dlstevens@us.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-09[IPV4]: multicast API "join" issuesDavid L Stevens2-12/+24
1) In the full-state API when imsf_numsrc == 0 errno should be "0", but returns EADDRNOTAVAIL 2) An illegal filter mode change errno should be EINVAL, but returns EADDRNOTAVAIL 3) Trying to do an any-source option without IP_ADD_MEMBERSHIP errno should be EINVAL, but returns EADDRNOTAVAIL 4) Adds comments for the less obvious error return values Signed-off-by: David L Stevens <dlstevens@us.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-09[IPV4]: multicast API "join" issuesDavid L Stevens2-3/+12
1) Changes IP_ADD_SOURCE_MEMBERSHIP and MCAST_JOIN_SOURCE_GROUP to ignore EADDRINUSE errors on a "courtesy join" -- prior membership or not is ok for these. 2) Adds "leave group" equivalence of (INCLUDE, empty) filters in the delta-based API. Without this, mixing delta-based API calls that end in an (INCLUDE, empty) filter would not allow a subsequent regular IP_ADD_MEMBERSHIP. It also frees socket buffer memory that isn't needed for both the multicast group record and source filter. Signed-off-by: David L Stevens <dlstevens@us.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-09[IPV4]: multicast API "join" issuesDavid L Stevens1-23/+12
This patch corrects a few problems with the IP_ADD_MEMBERSHIP socket option: 1) The existing code makes an attempt at reference counting joins when using the ip_mreqn/imr_ifindex interface. Joining the same group on the same socket is an error, whatever the API. This leads to unexpected results when mixing ip_mreqn by index with ip_mreqn by address, ip_mreq, or other API's. For example, ip_mreq followed by ip_mreqn of the same group will "work" while the same two reversed will not. Fixed to always return EADDRINUSE on a duplicate join and removed the (now unused) reference count in ip_mc_socklist. 2) The group-search list in ip_mc_join_group() is comparing a full ip_mreqn structure and all of it must match for it to find the group. This doesn't correctly match a group that was joined with ip_mreq or ip_mreqn with an address (with or without an index). It also doesn't match groups that are joined by different addresses on the same interface. All of these are the same multicast group, which is identified by group address and interface index. Fixed the check to correctly match groups so we don't get duplicate group entries on the ip_mc_socklist. 3) The old code allocates a multicast address before searching for duplicates requiring it to free in various error cases. This patch moves the allocate until after the search and igmp_max_memberships check, so never a need to allocate, then free an entry. Signed-off-by: David L Stevens <dlstevens@us.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-09[IPV4]: Apply sysctl_icmp_echo_ignore_broadcasts to ICMP_TIMESTAMP as well.Alexey Kuznetsov1-1/+2
This was the full intention of the original code. Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-09[NET]: Fix sparse warningsVictor Fusco4-13/+19
From: Victor Fusco <victor@cetuc.puc-rio.br> Fix the sparse warning "implicit cast to nocast type" Signed-off-by: Victor Fusco <victor@cetuc.puc-rio.br> Signed-off-by: Domen Puncer <domen@coderock.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-09[NET]: Transform skb_queue_len() binary tests into skb_queue_empty()David S. Miller17-50/+44
This is part of the grand scheme to eliminate the qlen member of skb_queue_head, and subsequently remove the 'list' member of sk_buff. Most users of skb_queue_len() want to know if the queue is empty or not, and that's trivially done with skb_queue_empty() which doesn't use the skb_queue_head->qlen member and instead uses the queue list emptyness as the test. Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-08[PATCH] coverity: sunrpc/xprt task null checkKAMBAROV, ZAUR1-2/+0
In __xprt_lock_write() we check to see if `task' is NULL, but in other places we just go and dereference it. `task' shouldn't be NULL anyway, so remove this test. This defect was found automatically by Coverity Prevent, a static analysis tool. Signed-off-by: Zaur Kambarov <zkambarov@coverity.com> Acked-by: Trond Myklebust <trond.myklebust@fys.uio.no> Cc: Neil Brown <neilb@cse.unsw.edu.au> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-07-06[TCP]: Never TSO defer under periods of congestion.David S. Miller1-0/+3
Congestion window recover after loss depends upon the fact that if we have a full MSS sized frame at the head of the send queue, we will send it. TSO deferral can defeat the ACK clocking necessary to exit cleanly from recovery. Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-06[PKT_SCHED]: Blackhole queueing disciplineThomas Graf2-1/+55
Useful in combination with classful qdiscs to drop or temporary disable certain flows, e.g. one could block specific ds flows with dsmark. Unlike the noop qdisc it can be controlled by the user and statistic accounting is done. Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-06[TCP]: Move to new TSO segmenting scheme.David S. Miller5-237/+381
Make TSO segment transmit size decisions at send time not earlier. The basic scheme is that we try to build as large a TSO frame as possible when pulling in the user data, but the size of the TSO frame output to the card is determined at transmit time. This is guided by tp->xmit_size_goal. It is always set to a multiple of MSS and tells sendmsg/sendpage how large an SKB to try and build. Later, tcp_write_xmit() and tcp_push_one() chop up the packet if necessary and conditions warrant. These routines can also decide to "defer" in order to wait for more ACKs to arrive and thus allow larger TSO frames to be emitted. A general observation is that TSO elongates the pipe, thus requiring a larger congestion window and larger buffering especially at the sender side. Therefore, it is important that applications 1) get a large enough socket send buffer (this is accomplished by our dynamic send buffer expansion code) 2) do large enough writes. Signed-off-by: David S. Miller <davem@davemloft.net>