Commit graph

3926 commits

Author SHA1 Message Date
Chuck Ebbert
44f9a2fdc4 [NETFILTER]: ebtables: don't compute gap before checking struct type
We cannot compute the gap until we know we have a 'struct ebt_entry' and
not 'struct ebt_entries'.  Failure to check can cause crash.

Tested-by: Santiago Garcia Mantinan <manty@manty.net>
Acked-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Chuck Ebbert <76306.1226@compuserve.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-01-04 12:17:44 -08:00
Martin Josefsson
bbdc176a2f [NETFILTER]: nf_nat: fix MASQUERADE crash on device down
Check the return value of nfct_nat() in device_cmp(), we might very well
have non NAT conntrack entries as well (Netfilter bugzilla #528).

Signed-off-by: Martin Josefsson <gandalf@wlug.westbo.se>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-01-04 12:16:54 -08:00
Patrick McHardy
c9386cfddc [NETFILTER]: New connection tracking is not EXPERIMENTAL anymore
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-01-04 12:16:06 -08:00
Patrick McHardy
c68b8b687f [NETFILTER]: Fix routing of REJECT target generated packets in output chain
Packets generated by the REJECT target in the output chain have a local
destination address and a foreign source address. Make sure not to use
the foreign source address for the output route lookup.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-01-04 12:15:34 -08:00
Dmitry Mishin
e5b5ef7d2b [NETFILTER]: compat offsets size change
Used by compat code offsets of entries should be 'unsigned int' as entries
array size has this dimension.

Signed-off-by: Dmitry Mishin <dim@openvz.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-01-04 12:14:41 -08:00
Adrian Bunk
7f18ba6248 [X25]: proper prototype for x25_init_timers()
This patch adds a proper prototype for x25_init_timers() in 
include/net/x25.h

Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-01-03 18:48:13 -08:00
Mariusz Kozlowski
5e7c001c62 [AF_NETLINK]: module_put cleanup
This patch removes redundant argument check for module_put().

Signed-off-by: Mariusz Kozlowski <m.kozlowski@tuxland.pl>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-01-03 18:38:15 -08:00
Christoph Hellwig
22e7005023 [XFRM_USER]: avoid pointless void ** casts
All ->doit handlers want a struct rtattr **, so pass down the right
type.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-01-03 18:38:13 -08:00
Alexey Dobriyan
9c2440bbe8 [NETFILTER] xt_hashlimit.c: fix typo
Signed-off-by: Alexey Dobriyan <adobriyan@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-01-03 18:38:12 -08:00
David S. Miller
ee74baa7d8 [PKTGEN]: Convert to kthread API.
Based upon a suggestion from Christoph Hellwig.

This fixes various races in module load/unload handling
too.

Signed-off-by: David S. Miller <davem@davemloft.net>
2007-01-03 18:38:09 -08:00
Martin Willi
b836267aa7 [XFRM]: Algorithm lookup using .compat name
Installing an IPsec SA using old algorithm names (.compat) does not work
if the algorithm is not already loaded. When not using the PF_KEY
interface, algorithms are not preloaded in xfrm_probe_algs() and
installing a IPsec SA fails.

Signed-off-by: Martin Willi <martin@strongswan.org>
Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-12-31 14:06:51 -08:00
Jeff Garzik
3a960f7e35 Merge branch 'upstream-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-2.6 into upstream-fixes 2006-12-26 16:38:31 -05:00
David S. Miller
5c668704b7 [UDP]: Fix reversed logic in udp_get_port().
When this code was converted to use sk_for_each() the
logic for the "best hash chain length" code was reversed,
breaking everything.

The original code was of the form:

			size = 0;
			do {
				if (++size >= best_size_so_far)
					goto next;
			} while ((sk = sk->next) != NULL);
			best_size_so_far = size;
			best = result;
		next:;

and this got converted into:

			sk_for_each(sk2, node, head)
				if (++size < best_size_so_far) {
					best_size_so_far = size;
					best = result;
				}

Which does something very very different from the original.

Signed-off-by: David S. Miller <davem@davemloft.net>
2006-12-22 11:42:26 -08:00
Adrian Bunk
24123186fa [SCTP]: make 2 functions static
This patch makes the following needlessly global functions static:
- ipv6.c: sctp_inet6addr_event()
- protocol.c: sctp_inetaddr_event()

Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-12-22 11:12:05 -08:00
Ivan Skytte Jorgensen
0f3fffd8ab [SCTP]: Fix typo adaption -> adaptation as per the latest API draft.
Signed-off-by: Ivan Skytte Jorgensen <isj-sctp@i1.dk>
Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-12-22 11:12:04 -08:00
Paul Moore
caff5b6a6b NetLabel: correctly fill in unused CIPSOv4 level and category mappings
Back when the original NetLabel patches were being changed to use Netlink
attributes correctly some code was accidentially dropped which set all of the
undefined CIPSOv4 level and category mappings to a sentinel value.  The result
is the mappings data in the kernel contains bogus mappings which always map to
zero.  This patch restores the old/correct behavior by initializing the mapping
data to the correct sentinel value.

Signed-off-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
2006-12-22 11:11:58 -08:00
Paul Moore
1fd2a25b77 NetLabel: perform input validation earlier on CIPSOv4 DOI add ops
There are a couple of cases where the user input for a CIPSOv4 DOI add
operation was not being done soon enough; the result was unexpected behavior
which was resulting in oops/panics/lockups on some platforms.  This patch moves
the existing input validation code earlier in the code path to protect against
bogus user input.

Signed-off-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
2006-12-22 11:11:56 -08:00
Akinobu Mita
fadfc8e930 [PATCH] gss_spkm3: fix error handling in module init
Return error and prevent from loading module when gss_mech_register()
failed.

Cc: Andy Adamson <andros@citi.umich.edu>
Cc: J. Bruce Fields <bfields@citi.umich.edu>
Acked-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: Akinobu Mita <akinobu.mita@gmail.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-12-22 08:55:49 -08:00
Ulrich Kunitz
0c234ae655 [PATCH] ieee80211softmac: Fix mutex_lock at exit of ieee80211_softmac_get_genie
ieee80211softmac_wx_get_genie locks the associnfo mutex at
function exit. This patch fixes it. The patch is against Linus'
tree (commit af1713e0).

Signed-off-by: Ulrich Kunitz <kune@deine-taler.de>
Signed-off-by: Michael Buesch <mb@bu3sch.de>
Acked-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: Larry Finger <Larry.Finger@lwfinger.net>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2006-12-19 16:19:45 -05:00
Ulrich Kunitz
6f07a8a3eb [PATCH] ieee80211softmac: Fix errors related to the work_struct changes
The signature of work functions changed recently from a context
pointer to the work structure pointer. This caused a problem in
the ieee80211softmac code, because the ieee80211softmac_assox_work
function has  been called directly with a parameter explicitly
casted to (void*). This compiled correctly but resulted in a
softlock, because mutex_lock was called with the wrong memory
address. The patch fixes the problem. Another issue was a wrong
call of the schedule_work function. Softmac works again and this
fixes the problem I mentioned earlier in the zd1211rw rx tasklet
patch. The patch is against Linus' tree (commit af1713e0).

Signed-off-by: Ulrich Kunitz <kune@deine-taler.de>
Acked-by: Michael Buesch <mb@bu3sch.de>
Signed-off-by: Larry Finger <Larry.Finger@lwfinger.net>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2006-12-19 16:16:15 -05:00
Li Yewang
14fb8a7647 [IPV4]: Fix BUG of ip_rt_send_redirect()
Fix the redirect packet of the router if the jiffies wraparound.

Signed-off-by: Li Yewang <lyw@nanjing-fnst.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-12-18 00:26:35 -08:00
Leigh Brown
a9fc00cca8 [TCP]: Trivial fix to message in tcp_v4_inbound_md5_hash
The message logged in tcp_v4_inbound_md5_hash when the hash was expected
but not found was reversed.

Signed-off-by: Leigh Brown <leigh@solinno.co.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-12-17 21:59:26 -08:00
Leigh Brown
8228a18dd3 [TCP]: Fix oops caused by tcp_v4_md5_do_del
md5sig_info.alloced4 must be set to zero when freeing keys4, otherwise
it will not be alloc'd again when another key is added to the same
socket by tcp_v4_md5_do_add.

Signed-off-by: Leigh Brown <leigh@solinno.co.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-12-17 21:59:25 -08:00
David S. Miller
9b54d5c610 [NETFILTER] IPV6: Fix dependencies.
Although the menu dependencies in net/ipv6/netfilter/Kconfig
guard the entries in that file from the Kconfig GUI, this does
not prevent them from being selected still via "make oldconfig"
when IPV6 etc. is disabled.

So add explicit dependencies.

Signed-off-by: David S. Miller <davem@davemloft.net>
2006-12-17 21:59:18 -08:00
Ralf Baechle
a3d384029a [AX.25]: Fix unchecked rose_add_loopback_neigh uses
rose_add_loopback_neigh uses kmalloc and the callers were ignoring the
error value.  Rewrite to let the caller deal with the allocation.  This
allows the use of static allocation of kmalloc use entirely.

Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-12-17 21:59:14 -08:00
Ralf Baechle
a159aaa328 [AX.25]: Fix unchecked rose_add_loopback_node uses
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-12-17 21:59:13 -08:00
Ralf Baechle
a4282717c1 [AX.25]: Fix unchecked ax25_linkfail_register uses
ax25_linkfail_register uses kmalloc and the callers were ignoring the
error value.  Rewrite to let the caller deal with the allocation.  This
allows the use of static allocation of kmalloc use entirely.

Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-12-17 21:59:11 -08:00
Ralf Baechle
58bc574715 [AX.25]: Fix unchecked nr_add_node uses.
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-12-17 21:59:10 -08:00
Ralf Baechle
81dcd16906 [AX.25]: Fix unchecked ax25_listen_register uses
Fix ax25_listen_register to return something that's a sane error code,
then all callers to use it.

Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-12-17 21:59:09 -08:00
Ralf Baechle
8d5cf596d1 [AX.25]: Fix unchecked ax25_protocol_register uses.
Replace ax25_protocol_register by ax25_register_pid which assumes the
caller has done the memory allocation.  This allows replacing the
kmalloc allocations entirely by static allocations.

Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-12-17 21:59:08 -08:00
Ralf Baechle
c9266b99e2 [AX.25]: Mark all kmalloc users __must_check
The recent fix 0506d4068b made obvious that
error values were not being propagated through the AX.25 stack.  To help
with that this patch marks all kmalloc users in the AX.25, NETROM and
ROSE stacks as __must_check.

Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-12-17 21:59:07 -08:00
Patrick McHardy
2bf540b73e [NETFILTER]: bridge-netfilter: remove deferred hooks
Remove the deferred hooks and all related code as scheduled in
feature-removal-schedule.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-12-13 16:54:25 -08:00
Kim Nordlund
8bce65b95a [IPV6]: Make fib6_node subtree depend on IPV6_SUBTREES
Make fib6_node 'subtree' depend on IPV6_SUBTREES.

Signed-off-by: Kim Nordlund <kim.nordlund@nokia.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-12-13 16:48:31 -08:00
Ivan Skytte Jorgensen
6ab792f577 [SCTP]: Add support for SCTP_CONTEXT socket option.
Signed-off-by: Ivan Skytte Jorgensen <isj-sctp@i1.dk>
Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-12-13 16:48:29 -08:00
Sridhar Samudrala
882a382c3e [SCTP]: Enable auto loading of SCTP when creating an ipv6 SCTP socket.
Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-12-13 16:48:28 -08:00
Sridhar Samudrala
29c7cf9618 [SCTP]: Handle address add/delete events in a more efficient way.
Currently in SCTP, we maintain a local address list by rebuilding the whole
list from the device list whenever we get a address add/delete event.

This patch fixes it by only adding/deleting the address for which we
receive the event.

Also removed the sctp_local_addr_lock() which is no longer needed as we
now use list_for_each_safe() to traverse this list. This fixes the bugs
in sctp_copy_laddrs_xxx() routines where we do copy_to_user() while
holding this lock.

Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-12-13 16:48:27 -08:00
David S. Miller
6931ba7cef [TCP]: Fix oops caused by __tcp_put_md5sig_pool()
It should call tcp_free_md5sig_pool() not __tcp_free_md5sig_pool()
so that it does proper refcounting.

Signed-off-by: David S. Miller <davem@davemloft.net>
2006-12-13 16:48:26 -08:00
Brian Haley
befffe9016 [IPV6]: Fix IPV6_UNICAST_HOPS getsockopt().
> Relevant standard (RFC 3493) notes:
>
>    The IPV6_UNICAST_HOPS option may be used with getsockopt() to
>    determine the hop limit value that the system will use for subsequent
>    unicast packets sent via that socket.
>
> I don't reckon -1 could be the hop limit value.

-1 means un-initialized.

> IMHO, the value from
> case 1 (if socket is connected to some destination), otherwise case 2
> (if bound to a scope interface) or ultimately the default hop limit
> ought to be returned instead, as it will be most often correct, while
> the current behavior is always wrong, unless setsockopt() has been used
> first. I don't if some people may think doing a route lookup in
> getsockopt might be overly expensive, but at least the two other cases
> should be ok, particularly the last one.

The following patch seems to work for me, but this code has behaved this
way for a while, so don't know if it will break any existing apps.

Signed-off-by: Brian Haley <brian.haley@hp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-12-13 16:48:25 -08:00
Ian McDonald
832e3ca62d [DCCP] ccid3: return value in ccid3_hc_rx_calc_first_li
In a recent patch we introduced invalid return codes which will result in the
opposite of what is intended (i.e. send more packets in face of peculiar
network conditions).

This fixes it by returning ~0 which means not calculated as per
dccp_li_hist_calc_i_mean.

Signed-off-by: Ian McDonald <ian.mcdonald@jandi.co.nz>
Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
2006-12-13 16:48:24 -08:00
Al Viro
e1b4b9f398 [NETFILTER]: {ip,ip6,arp}_tables: fix exponential worst-case search for loops
If we come to node we'd already marked as seen and it's not a part of path
(i.e. we don't have a loop right there), we already know that it isn't a
part of any loop, so we don't need to revisit it.

That speeds the things up if some chain is refered to from several places
and kills O(exp(table size)) worst-case behaviour (without sleeping,
at that, so if you manage to self-LART that way, you are SOL for a long
time)...

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-12-13 16:48:23 -08:00
Dmitry Mishin
a96be24679 [NETFILTER]: ip_tables: ipt and ipt_compat checks unification
Matches and targets verification is duplicated in normal and compat processing
ways. This patch refactors code in order to remove this.

Signed-off-by: Dmitry Mishin <dim@openvz.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-12-13 16:48:22 -08:00
Yasuyuki Kozakai
11078c371e [NETFILTER]: x_tables: add missing try to load conntrack from match/targets
CLUSTERIP, CONNMARK, CONNSECMARK, and connbytes need ip_conntrack or
layer 3 protocol module of nf_conntrack.

Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-12-13 16:48:21 -08:00
Yasuyuki Kozakai
fe0b9294c9 [NETFILTER]: x_tables: error if ip_conntrack is asked to handle IPv6 packets
To do that, this makes nf_ct_l3proto_try_module_{get,put} compatible
functions. As a result we can remove '#ifdef' surrounds and direct call of
need_conntrack().

Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-12-13 16:48:20 -08:00
Yasuyuki Kozakai
083e69e99e [NETFILTER]: nf_nat: fix NF_NAT dependency
NF_NAT depends on NF_CONNTRACK_IPV4, not NF_CONNTRACK.

Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-12-13 16:48:19 -08:00
Patrick McHardy
3a411355bc [NETFILTER]: Fix INET=n linking error
Building with INET=n results in

WARNING: "ip_route_output_key" [net/netfilter/nf_conntrack_h323.ko] undefined!

The entire code in net/netfilter is only used for IPv4/IPv6 currently, so
let it depend on INET.

Noticed by Toralf Förster <toralf.foerster@gmx.de>.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-12-13 16:48:18 -08:00
Robert P. J. Day
5cbded585d [PATCH] getting rid of all casts of k[cmz]alloc() calls
Run this:

	#!/bin/sh
	for f in $(grep -Erl "\([^\)]*\) *k[cmz]alloc" *) ; do
	  echo "De-casting $f..."
	  perl -pi -e "s/ ?= ?\([^\)]*\) *(k[cmz]alloc) *\(/ = \1\(/" $f
	done

And then go through and reinstate those cases where code is casting pointers
to non-pointers.

And then drop a few hunks which conflicted with outstanding work.

Cc: Russell King <rmk@arm.linux.org.uk>, Ian Molton <spyro@f2s.com>
Cc: Mikael Starvik <starvik@axis.com>
Cc: Yoshinori Sato <ysato@users.sourceforge.jp>
Cc: Roman Zippel <zippel@linux-m68k.org>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Ralf Baechle <ralf@linux-mips.org>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Kyle McMartin <kyle@mcmartin.ca>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: Jeff Dike <jdike@addtoit.com>
Cc: Greg KH <greg@kroah.com>
Cc: Jens Axboe <jens.axboe@oracle.com>
Cc: Paul Fulghum <paulkf@microgate.com>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>
Cc: Karsten Keil <kkeil@suse.de>
Cc: Mauro Carvalho Chehab <mchehab@infradead.org>
Cc: Jeff Garzik <jeff@garzik.org>
Cc: James Bottomley <James.Bottomley@steeleye.com>
Cc: Ian Kent <raven@themaw.net>
Cc: Steven French <sfrench@us.ibm.com>
Cc: David Woodhouse <dwmw2@infradead.org>
Cc: Neil Brown <neilb@cse.unsw.edu.au>
Cc: Jaroslav Kysela <perex@suse.cz>
Cc: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-12-13 09:05:58 -08:00
NeilBrown
dd08d6ea44 [PATCH] knfsd: Don't ignore kstrdup failure in rpc caches
Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-12-13 09:05:54 -08:00
J.Bruce Fields
01f3bd1f03 [PATCH] knfsd: svcrpc: remove another silent drop from deferral code
There's no point deferring something just to immediately fail the deferral,
especially now that we can do something more useful in the failure case by
returning an error.

Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-12-13 09:05:54 -08:00
J.Bruce Fields
e0bb89ef03 [PATCH] knfsd: nfsd: don't drop silently on upcall deferral
To avoid tying up server threads when nfsd makes an upcall (to mountd, to get
export options, to idmapd, for nfsv4 name<->id mapping, etc.), we temporarily
"drop" the request and save enough information so that we can revisit it
later.

Certain failures during the deferral process can cause us to really drop the
request and never revisit it.

This is often less than ideal, and is unacceptable in the NFSv4 case--rfc 3530
forbids the server from dropping a request without also closing the
connection.

As a first step, we modify the deferral code to return -ETIMEDOUT (which is
translated to nfserr_jukebox in the v3 and v4 cases, and remains a drop in the
v2 case).

Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-12-13 09:05:54 -08:00
J.Bruce Fields
b797b5beac [PATCH] knfsd: svcrpc: fix gss krb5i memory leak
The memory leak here is embarassingly obvious.

This fixes a problem that causes the kernel to leak a small amount of memory
every time it receives a integrity-protected request.

Thanks to Aim Le Rouzic for the bug report.

Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-12-13 09:05:53 -08:00