- 12 Nov, 2007 5 commits
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6Linus Torvalds authored
* 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: (39 commits) [INET]: Small possible memory leak in FIB rules [NETNS]: init dev_base_lock only once [UNIX]: The unix_nr_socks limit can be exceeded [AF_UNIX]: Convert socks to unix_socks in scan_inflight, not in callbacks [AF_UNIX]: Make unix_tot_inflight counter non-atomic [AF_PACKET]: Allow multicast traffic to be caught by ORIGDEV when bonded ssb: Fix PCMCIA-host lowlevel bus access mac80211: fix MAC80211_RCSIMPLE Kconfig mac80211: make "decrypt failed" messages conditional upon MAC80211_DEBUG mac80211: use IW_AUTH_PRIVACY_INVOKED rather than IW_AUTH_KEY_MGMT mac80211: remove unused driver ops mac80211: remove ieee80211_common.h softmac: MAINTAINERS update rfkill: Fix sparse warning rfkill: Use mutex_lock() at register and add sanity check iwlwifi: select proper rate control algorithm mac80211: allow driver to ask for a rate control algorithm mac80211: don't allow registering the same rate control twice rfkill: Use subsys_initcall mac80211: make simple rate control algorithm built-in ...
-
git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6Linus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6: (21 commits) [CIFS] fix oops on second mount to same server when null auth is used [CIFS] Fix stale mode after readdir when cifsacl specified [CIFS] add mode to acl conversion helper function [CIFS] Fix incorrect mode when ACL had deny access control entries [CIFS] Add uid to key description so krb can handle user mounts [CIFS] Fix walking out end of cifs dacl [CIFS] Add upcall files for cifs to use spnego/kerberos [CIFS] add OIDs for KRB5 and MSKRB5 to ASN1 parsing routines [CIFS] Register and unregister cifs_spnego_key_type on module init/exit [CIFS] implement upcalls for SPNEGO blob via keyctl API [CIFS] allow cifs_calc_signature2 to deal with a zero length iovec [CIFS] If no Access Control Entries, set mode perm bits to zero [CIFS] when mount helper missing fix slash wrong direction in share [CIFS] Don't request too much permission when reading an ACL [CIFS] enable get mode from ACL when cifsacl mount option specified [CIFS] ACL support part 8 [CIFS] acl support part 7 [CIFS] acl support part 6 [CIFS] acl support part 6 [CIFS] remove unused funtion compile warning when experimental off ...
-
Siddha, Suresh B authored
restore sigcontext is taking a DNA exception while restoring FP context from the user stack, during the sigreturn. Appended patch fixes it by doing clts() if the app doesn't touch FP during the signal handler execution. This will stop generating a DNA, during the fxrstor in the sigreturn. This improves 64-bit lat_sig numbers by ~30% on my core2 platform. Signed-off-by:
Suresh Siddha <suresh.b.siddha@intel.com> Signed-off-by:
Linus Torvalds <torvalds@linux-foundation.org>
-
Denis Cheng authored
Since the macro "for_each_object" introduced, the "end" variable becomes unused anymore. Signed-off-by:
Denis Cheng <crquan@gmail.com> Signed-off-by:
-
Roland McGrath authored
The coredump code always calls set_dumpable(0) when it starts (even if RLIMIT_CORE prevents any core from being dumped). The effect of this (via task_dumpable) is to make /proc/pid/* files owned by root instead of the user, so the user can no longer examine his own process--in a case where there was never any privileged data to protect. This affects e.g. auxv, environ, fd; in Fedora (execshield) kernels, also maps. In practice, you can only notice this when a debugger has requested PTRACE_EVENT_EXIT tracing. set_dumpable was only used in do_coredump for synchronization and not intended for any security purpose. (It doesn't secure anything that wasn't already unsecured when a process dies by SIGTERM instead of SIGQUIT.) This changes do_coredump to check the core_waiters count as the means of synchronization, which is sufficient. Now we leave the "dumpable" bits alone. Signed-off-by:
Roland McGrath <roland@redhat.com> Signed-off-by:
-
- 11 Nov, 2007 35 commits
-
-
Denis V. Lunev authored
This patch fixes a small memory leak. Default fib rules can be deleted by the user if the rule does not carry FIB_RULE_PERMANENT flag, f.e. by ip rule flush Such a rule will not be freed as the ref-counter has 2 on start and becomes clearly unreachable after removal. Signed-off-by:
Denis V. Lunev <den@openvz.org> Acked-by:
Alexey Kuznetsov <kuznet@ms2.inr.ac.ru> Signed-off-by:
David S. Miller <davem@davemloft.net>
-
Alexey Dobriyan authored
* it already statically initialized * reinitializing live global spinlock every time netns is setup is also wrong Signed-off-by:
Alexey Dobriyan <adobriyan@sw.ru> Signed-off-by:
-
Pavel Emelyanov authored
The unix_nr_socks value is limited with the 2 * get_max_files() value, as seen from the unix_create1(). However, the check and the actual increment are separated with the GFP_KERNEL allocation, so this limit can be exceeded under a memory pressure - task may go to sleep freeing the pages and some other task will be allowed to allocate a new sock and so on and so forth. So make the increment before the check (similar thing is done in the sock_kmalloc) and go to kmalloc after this. Signed-off-by:
Pavel Emelyanov <xemul@openvz.org> Signed-off-by:
-
Pavel Emelyanov authored
The scan_inflight() routine scans through the unix sockets and calls some passed callback. The fact is that all these callbacks work with the unix_sock objects, not the sock ones, so make this conversion in the scan_inflight() before calling the callbacks. This removes one unneeded variable from the inc_inflight_move_tail(). Signed-off-by:
-
Pavel Emelyanov authored
This counter is _always_ modified under the unix_gc_lock spinlock, so its atomicity can be provided w/o additional efforts. Signed-off-by:
-
Peter P Waskiewicz Jr authored
The socket option for packet sockets to return the original ifindex instead of the bonded ifindex will not match multicast traffic. Since this socket option is the most useful for layer 2 traffic and multicast traffic, make the option multicast-aware. Signed-off-by:
Peter P Waskiewicz Jr <peter.p.waskiewicz.jr@intel.com> Signed-off-by:
-
Michael Buesch authored
This fixes the lowlevel bus access routines for PCMCIA based devices. There are still a few issues with register access sideeffects after this patch. This will be addressed in a later patch. Signed-off-by:
Michael Buesch <mb@bu3sch.de> Signed-off-by:
John W. Linville <linville@tuxdriver.com>
-
Johannes Berg authored
I meant for this to be selectable only with EMBEDDED, not enabled only with EMBEDDED. This does it that way. Sorry. Signed-off-by:
Johannes Berg <johannes@sipsolutions.net> Signed-off-by:
-
John W. Linville authored
Make "decrypt failed" and "have no key" debugging messages compile conditionally upon CONFIG_MAC80211_DEBUG. They have been useful for finding certain problems in the past, but in many cases they just clutter a user's logs. A typical example is an enviornment where multiple SSIDs are using a single BSSID but with different protection schemes or different keys for each SSID. In such an environment these messages are just noise. Let's just leave them for those interested enough to turn-on debugging. Signed-off-by: -
Johannes Berg authored
In the long bug-hunt for why dynamic WEP networks didn't work it turned out that mac80211 incorrectly uses IW_AUTH_KEY_MGMT while it should use IW_AUTH_PRIVACY_INVOKED to determine whether to associate to protected networks or not. This patch changes the behaviour to be that way and clarifies the existing code. Signed-off-by:
-
Johannes Berg authored
The driver operations set_ieee8021x(), set_port_auth() and set_privacy_invoked() are not used by any drivers, except set_privacy_invoked() they aren't even used by mac80211. Remove them at least until we need to support drivers with mac80211 that require getting this information. Signed-off-by:
Michael Wu <flamingice@sourmilk.net> Signed-off-by:
-
Johannes Berg authored
Robert pointed out that I missed this file when removing the management interface. Do it now. Signed-off-by:
-
Johannes Berg authored
This patch marks softmac as obsolete in MAINTAINERS and removes Joe and myself as maintainers, we're no longer using it nor interested in the code in any way. Also remove the website reference because I took it offline. Hopefully the code will go away in 2.6.25. Signed-off-by:
Joseph Jezak <josejx@gentoo.org> Signed-off-by:
-
Michael Buesch authored
Signed-off-by: -
Michael Buesch authored
Replace mutex_lock_interruptible() by mutex_lock() in rfkill_register(), as interruptible doesn't make sense there. Add a sanity check for rfkill->type, as that's used for an unchecked dereference in an array and might cause hard to debug crashes if the driver sets this to an invalid value. Signed-off-by:
Ivo van Doorn <IvDoorn@gmail.com> Signed-off-by:
-
Johannes Berg authored
Prior to this patch, iwlwifi would always use the first registered rate control algorithm which, depending on system setup, could be anything. After the mac80211 patch to make the simple algorithm built-in, it would always be simple. This has always been a bug in iwlwifi. This fixes it by requesting that mac80211 selects the right rate control algorithm. Signed-off-by:
-
Johannes Berg authored
This allows a driver to ask for a specific rate control algorithm. The rate control algorithm asked for must be registered and be available as a module or built-in. Signed-off-by:
-
Johannes Berg authored
Previously, mac80211 would allow registering the same rate control algorithm twice. This is a programming error in the registration and should not happen; additionally the second version could never be selected. Disallow this and warn about it. Signed-off-by:
-
Michael Buesch authored
We must use subsys_initcall, because we must initialize before a driver calls rfkill_register(). Signed-off-by:
-
Johannes Berg authored
Too frequently people do not have module autoloading enabled or fail to install the rate control module correctly, hence their hardware probing fails due to no rate control algorithm being available. This makes the 'simple' algorithm built into the mac80211 module unless EMBEDDED is enabled in which case it can be disabled (eg. if the wanted driver requires another rate control algorithm.) Signed-off-by:
-
Michael Buesch authored
Registering the switch triggers a LED event, so we must register LED triggers before the switch. This has a potential to fix a crash, depending on how the device driver initializes the rfkill data structure. Signed-off-by:
-
Michael Buesch authored
ssb must init after PCI but before the ssb drivers. Signed-off-by:
-
Johannes Berg authored
The MLME request reason code is host-endian and our passing it to the low level functions is host-endian as well since they do the swapping. I noticed that the reason code 768 was sent (0x300) rather than 3 when wpa_supplicant terminates. This removes the superfluous cpu_to_le16() call. Signed-off-by:
-
Radu Rendec authored
Computing the rank of the first set bit in the hash mask (for using later in u32_hash_fold()) was done with plain C code. Using ffs() instead makes the code more readable and improves performance (since ffs() is better optimized in assembler). Using the conditional operator on hash mask before applying ntohl() also saves one ntohl() call if mask is 0. Signed-off-by:
Radu Rendec <radu.rendec@ines.ro> Signed-off-by:
Jarek Poplawski <jarkao2@o2.pl> Acked-by:
Jamal Hadi Salim <hadi@cyberus.ca> Signed-off-by:
-
Chuck Lever authored
The intent of the assertion in skb_truesize_check() is to check for skb->truesize being decremented too much by other code, resulting in a wraparound below zero. The type of the right side of the comparison causes the compiler to promote the left side to an unsigned type, despite the presence of an explicit type cast. This defeats the check for negativity. Ensure both sides of the comparison are a signed type to prevent the implicit type conversion. Signed-off-by:
Chuck Lever <chuck.lever@oracle.com> Signed-off-by:
-
Patrick McHardy authored
Signed-off-by:
Patrick McHardy <kaber@trash.net> Signed-off-by:
-
Patrick McHardy authored
While the VLAN device is down, the unicast addresses are not configured on the underlying device, so we shouldn't attempt to sync them. Noticed by Dmitry Butskoy <buc@odusz.so-cdu.ru> Signed-off-by:
-
Pavel Emelyanov authored
Both check for the family to select an appropriate tunnel list. Consolidate this check and make the for() loop more readable. Signed-off-by:
-
Pavel Emelyanov authored
The tunnel64_protocol uses the tunnel4_protocol's err_handler and thus calls the tunnel4_protocol's handlers. This is not very good, as in case of (icmp) error the wrong error handlers will be called (e.g. ipip ones instead of sit) and this won't be noticed at all, because the error is not reported. Signed-off-by:
-
Pavel Emelyanov authored
Just like in the af_packet.c, the ipx_sock_nr variable is used for debugging purposes. Switch to using existing infrastructure. Thanks to Arnaldo for pointing this out. Signed-off-by:
Arnaldo Carvalho de Melo <acme@redhat.com> Signed-off-by:
-
Pavel Emelyanov authored
The packet_socks_nr variable is used purely for debugging the number of sockets. As Arnaldo pointed out, there's already an infrastructure for this purposes, so switch to using it. Signed-off-by:
-
Joe Perches authored
From: Joe Perches <joe@perches.com> Based upon an initial patch and report by Luis R. Rodriguez. Signed-off-by: -
Pavel Emelyanov authored
There are many places that get the dst entry, increase the __use counter and set the "lastuse" time stamp. Make a helper for this. Signed-off-by:
-
Pavel Emelyanov authored
Both places look like if (err == XXX) goto yyy; done: while both yyy targets look like err = XXX; goto done; so this is ok to remove the above if-s. yyy labels are used in other places and are not removed. Signed-off-by: -
Ilpo Jrvinen authored
In case we run out of mem when fragmenting, the clearing of FLAG_ONLY_ORIG_SACKED might get missed which then feeds FRTO with false information. Move clearing outside skb processing loop so that it will get executed even if the skb loop terminates prematurely due to out-of-mem. Besides, now the core of the loop truly deals with a single skb only, which also enables creation a more self-contained of tcp_sacktag_one later on. In addition, small reorganization of if branches was made. Signed-off-by:
Ilpo Järvinen <ilpo.jarvinen@helsinki.fi> Signed-off-by:
-
