Commit graph

33106 commits

Author SHA1 Message Date
Amy Griffis
73d3ec5aba [PATCH] fix missed create event for directory audit
When an object is created via a symlink into an audited directory, audit misses
the event due to not having collected the inode data for the directory.  Modify
__audit_inode_child() to copy the parent inode data if a parent wasn't found in
audit_names[].

Signed-off-by: Amy Griffis <amy.griffis@hp.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-08-03 10:50:30 -04:00
Amy Griffis
3e2efce067 [PATCH] fix faulty inode data collection for open() with O_CREAT
When the specified path is an existing file or when it is a symlink, audit
collects the wrong inode number, which causes it to miss the open() event.
Adding a second hook to the open() path fixes this.

Also add audit_copy_inode() to consolidate some code.

Signed-off-by: Amy Griffis <amy.griffis@hp.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-08-03 10:50:21 -04:00
Linus Torvalds
46f5960fdb Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
* master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6: (32 commits)
  [NET]: Fix more per-cpu typos
  [SECURITY]: Fix build with CONFIG_SECURITY disabled.
  [I/OAT]: Remove CPU hotplug lock from net_dma_rebalance
  [DECNET]: Fix for routing bug
  [AF_UNIX]: Kernel memory leak fix for af_unix datagram getpeersec patch
  [NET]: skb_queue_lock_key() is no longer used.
  [NET]: Remove lockdep_set_class() call from skb_queue_head_init().
  [IPV6]: SNMPv2 "ipv6IfStatsOutFragCreates" counter error
  [IPV6]: SNMPv2 "ipv6IfStatsInHdrErrors" counter error
  [NET]: Kill the WARN_ON() calls for checksum fixups.
  [NETFILTER]: xt_hashlimit/xt_string: missing string validation
  [NETFILTER]: SIP helper: expect RTP streams in both directions
  [E1000]: Convert to netdev_alloc_skb
  [TG3]: Convert to netdev_alloc_skb
  [NET]: Add netdev_alloc_skb().
  [TCP]: Process linger2 timeout consistently.
  [SECURITY] secmark: nul-terminate secdata
  [NET] infiniband: Cleanup ib_addr module to use the netevents
  [NET]: Core net changes to generate netevents
  [NET]: Network Event Notifier Mechanism.
  ...
2006-08-02 22:35:26 -07:00
Linus Torvalds
90eb29efd0 Merge master.kernel.org:/pub/scm/linux/kernel/git/gregkh/usb-2.6
* master.kernel.org:/pub/scm/linux/kernel/git/gregkh/usb-2.6: (24 commits)
  Revert "[PATCH] USB: move usb_device_class class devices to be real devices"
  Revert "[PATCH] USB: convert usb class devices to real devices"
  USB: UHCI: Don't test the Short Packet Detect bit
  USB: unusual_devs entry for Nokia 3250
  USB: dummy-hcd: disable interrupts during req->complete
  USB: fix the USB_GADGET_DUMMY_HCD dependencies
  USB: ati_remote.c: autorepeat fix
  USB: doc: fixes devio.c location in proc_usb_info.txt.
  USB: doc: usb-help.txt update.
  USB: Patch for rtl8150 to fix unplug problems
  USB: cypress driver comment updates
  USB: unusual_devs device removal
  usb-storage: Add US_FL_IGNORE_DEVICE flag; ignore ZyXEL G220F
  USB: New USB ID for Belkin Serial Adapter
  USB: Additional PID for the ftdi_sio driver
  USB: adding support for SHARP WS003SH to ipaq.c
  USB: Fix Freescale high-speed USB host dependency
  USB: Removed 3-port device handler from Option driver
  USB: Drop Sierra Wireless MC8755 from the Option driver
  USB: Let option driver handle Anydata CDMA modems. Remove anydata driver.
  ...
2006-08-02 20:25:35 -07:00
Linus Torvalds
1398ab7cb9 Merge master.kernel.org:/home/rmk/linux-2.6-arm
* master.kernel.org:/home/rmk/linux-2.6-arm:
  [ARM] 3743/1: ARM: OMAP: Fix compile for OMAP
  [ARM] 3739/1: genirq updates:  irq_chip, add and use irq_chip.name
2006-08-02 20:21:23 -07:00
Muli Ben-Yehuda
a166222cde [PATCH] x86_64: Fix CONFIG_IOMMU_DEBUG
If CONFIG_IOMMU_DEBUG is set force_iommu defaults to 1. In the case
where no HW IOMMU is present in the machine and we end up using nommu,
leaving force_iommu set to 1 causes dma_alloc_coherent to do the wrong
thing. Therefore, if we end up using nommu, make sure force_iommu is
0.

Signed-off-by: Muli Ben-Yehuda <muli@il.ibm.com>
Signed-off-by: Andi Kleen <ak@suse.de>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-08-02 20:19:54 -07:00
Andi Kleen
2699500b31 [PATCH] x86_64: Fix backtracing for interrupt stacks
Re-add backlink for old style unwinder to stack switching.  Add proper
stack frame and CFI annotations to call_softirq

This prevents a oops when backtracing with fallback through the
interrupt stack top.

Suggested by Jan Beulich and Herbert Xu wanted it in 2.6.18.

Cc: jbeulich@novell.com
Signed-off-by: Andi Kleen <ak@suse.de>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-08-02 20:19:54 -07:00
Linus Torvalds
ae74c3b69a Fix force_sig_info() semantics after cleanups
Suresh points out that commit b0423a0d9c
broke the semantics of a synchronous signal like SIGSEGV occurring
recursively inside its own handler handler (or, indeed, any other
context when the signal was blocked).

That was unintentional, and this fixes things up by reinstating the old
semantics, but without reverting the cleanups.

Cc: Paul E. McKenney <paulmck@us.ibm.com>
Acked-by: Suresh Siddha <suresh.b.siddha@intel.com>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-08-02 20:17:49 -07:00
Linus Torvalds
202668ecb6 Merge git://git.kernel.org/pub/scm/linux/kernel/git/sam/kbuild-2.6.18
* git://git.kernel.org/pub/scm/linux/kernel/git/sam/kbuild-2.6.18:
  gitignore: gitignore quilt's files
  kbuild: always use $(CC) for $(call cc-version)
  kconfig: correct oldconfig for unset choice options
  kbuild: -fno-stack-protector is not good
  kbuild: fix typo in modpost
  kbuild: improve error from file2alias
  kbuild: .gitignore utsrelease.h
  kbuild: version.h and new headers_* targets does not require a kernel config
  kbuild: hardcode value of YACC&LEX for aic7-triple-x
2006-08-02 20:12:25 -07:00
Greg Kroah-Hartman
cae74b30dd Revert "[PATCH] USB: move usb_device_class class devices to be real devices"
This reverts c182274ffe commit because it
required a newer version of udev to work properly than what is currently
documented in Documentation/Changes.

Cc: Kay Sievers <kay.sievers@vrfy.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-08-02 16:52:10 -07:00
Greg Kroah-Hartman
27fb4f0a7f Revert "[PATCH] USB: convert usb class devices to real devices"
This reverts bd00949647 commit because it
required a newer version of udev to work properly than what is currently
documented in Documentation/Changes.

Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-08-02 16:49:37 -07:00
Alan Stern
f443ddf105 USB: UHCI: Don't test the Short Packet Detect bit
Apparently some UHCI controllers change the value of the Short Packet
Detect (SPD) bit in the TD status word -- presumably when they receive a
short packet.  This patch (as759) changes uhci-hcd to avoid assuming
that the bit is unchanged; in fact, the driver no longer looks at SPD at
all.

This fixes the second problem reported in Bugzilla #6752.


Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-08-02 16:41:42 -07:00
Alan Stern
de1caa4751 USB: unusual_devs entry for Nokia 3250
Here is another unusual_devs entry (as760) for another Nokia device,
this time the 3250.

From: Mario Rettig <mariorettig@web.de>
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Phil Dibowitz <phil@ipom.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-08-02 16:41:42 -07:00
Alan Stern
b4dbda1a22 USB: dummy-hcd: disable interrupts during req->complete
This patch (as756) fixes a bug in dummy-hcd found by the lockdep
checker.  In one of the code paths, the driver did not disable
interrupts before calling a request completion routine.

Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-08-02 16:41:42 -07:00
Adrian Bunk
be0c8015a2 USB: fix the USB_GADGET_DUMMY_HCD dependencies
If USB=m, USB_GADGET=y, the option USB_GADGET_DUMMY_HCD mustn't be 
offered since selecting it results in a compile error.

This patch fixes kernel Bugzilla #6534 reported by Toralf Frster.

Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-08-02 16:41:42 -07:00
Marko Macek
168ffc4446 USB: ati_remote.c: autorepeat fix
When HZ is set to 250 (new default) or 100, the time span during which
repeated events from the device are ignored could be too small due to
ms->jiffies rounding.  This causes the auto repeat to kick in early making
it impossible for the user to generate individual press/release events. 
Increate the timeout to compensate.

Signed-off-by: Marko Macek <Marko.Macek@gmx.net>
Cc: Dmitry Torokhov <dtor_core@ameritech.net>
Cc: Vojtech Pavlik <vojtech@suse.cz>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-08-02 16:41:42 -07:00
Luiz Fernando N. Capitulino
064e875a4c USB: doc: fixes devio.c location in proc_usb_info.txt.
Signed-off-by: Luiz Fernando N. Capitulino <lcapitulino@mandriva.com.br>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-08-02 16:41:42 -07:00
Luiz Fernando N. Capitulino
0e74b06aff USB: doc: usb-help.txt update.
http://www.suse.cz/development/linux-usb/ doesn't exist anymore.

Signed-off-by: Luiz Fernando N. Capitulino <lcapitulino@mandriva.com.br>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-08-02 16:41:42 -07:00
Peter Chubb
23219c1348 USB: Patch for rtl8150 to fix unplug problems
The RTL8150 driver currently crashes the kernel if the USB lead is unplugged
while the device is active.  The attached patch adds error handling to
tell the network layer that the device has gone away when the device is
unplugged.  With this patch, the device can be plugged and unplugged
to one's hearts' content, without crashing anything.

Oh, I've also added rudimentary suspend and resume methods.

Signed-off-by: Peter Chubb <peter@gelato.unsw.edu.au>
Acked-by: Petko Manolov <petkan@nucleusys.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-08-02 16:41:42 -07:00
Oliver Bock
6ad576bb67 USB: cypress driver comment updates
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-08-02 16:41:42 -07:00
Phil Dibowitz
eda30fdeec USB: unusual_devs device removal
This entry has been a mystery for some time. I had sent this patch as an
RFC a while ago, and now we've had two reports of this not being needed,
so I'm removing it.

In the event there are reports of breakage, we should revert this patch,
but add a US_FL_NEED_OVERRIDE flag.

Signed-off-by: Phil Dibowitz <phil@ipom.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-08-02 16:41:42 -07:00
Daniel Drake
3c332422f7 usb-storage: Add US_FL_IGNORE_DEVICE flag; ignore ZyXEL G220F
This patch adds a new unusual_devs flag for when usb-storage needs to ignore
a device that it would otherwise claim.

We need to ignore the ZyXEL G220F as it is a virtual CDROM drive which
includes the windows driver for this USB-WLAN adapter. After the windows
driver is installed on a windows system, it converts it into a WLAN adapter
(by ejecting the virtual disc).

The virtual CDROM is of no interest to Linux users. The zd1211rw driver will
automatically perform the eject operation, we just need to ensure that
usb-storage does not claim the device.

Signed-off-by: Daniel Drake <dsd@gentoo.org>
Signed-off-by: Matthew Dharm <mdharm-usb@one-eyed-alien.net>
Signed-off-by: Phil Dibowitz <phil@ipom.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-08-02 16:41:42 -07:00
Kim Oldfield
b7aa94b682 USB: New USB ID for Belkin Serial Adapter
Can you add the USB IDs for the Belkin USB Serial adapter (P/N F5U257)
to the pl2303 driver in the Linux Kernel? Are you the appropriate person
to approach for this?

I recently purchased a Belkin USB Serial adapter (P/N F5U257) and found
that it didn't work. After a bit of experimentation I found that it
works with the pl2303 driver once the ID has been added. See attached
patch to fix this. Also attached is the output from lsusb -v just in
case you require any information from there.


From: Kim Oldfield <luv@oldfield.wattle.id.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-08-02 16:41:41 -07:00
Dave Platt
274a4bbc9d USB: Additional PID for the ftdi_sio driver
Here's a short patch which adds one PID to the set of devices
supported by the ftdi_sio driver.  The device in question is a
DLP module used as part of a ham radio USB-to-packet adapter.

From: Dave Platt <dplatt@radagast.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-08-02 16:41:41 -07:00
Norihiko Tomiyama
aec0d50b8a USB: adding support for SHARP WS003SH to ipaq.c
This small patch enables a support of "SHARP WS003SH".
"SHARP WS003SH" (usullary called "W-ZERO3") is most polular All-in-one handheld
CellPhone-plus-WindowsMobile5.0 in Japan.

"SHARP WS003SH" has two modes, "Modem" and "ActiveSync".
But, "ActiveSync" mode uses NDIS connection.
Therefore, ipaq.c can only support "Modem" mode.

http://www.sharp.co.jp/ws/ (Japanese Site)
http://greggman.com/edit/editheadlines/2005-12-24.htm

From: Norihiko Tomiyama <norihiko.tomiyama@ctc-g.co.jp>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-08-02 16:41:41 -07:00
Li Yang
a11570f2a4 USB: Fix Freescale high-speed USB host dependency
The high-speed USB SOC only exists on MPC834x family not MPC83xx family.

Signed-off-by: Li Yang <leoli@freescale.com>
Acked-by: Kumar Gala <galak@kernel.crashing.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-08-02 16:41:41 -07:00
Matthias Urlichs
a01c452ee3 USB: Removed 3-port device handler from Option driver
Dead code.

From: Matthias Urlichs <smurf@smurf.noris.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-08-02 16:41:41 -07:00
Matthias Urlichs
7c1c2f73e0 USB: Drop Sierra Wireless MC8755 from the Option driver
This device is now supported by sierra.c.

From: Matthias Urlichs <smurf@smurf.noris.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-08-02 16:41:41 -07:00
Matthias Urlichs
31fcbb7338 USB: Let option driver handle Anydata CDMA modems. Remove anydata driver.
Signed-off-by: Jon K Hellan <hellan@acm.org>
Signed-Off-By: Matthias Urlichs <smurf@smurf.noris.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-08-02 16:41:41 -07:00
Matthias Urlichs
02b2ac5b03 USB: Option driver: Short driver names were identical
The short driver names were not unique,
which prevented the driver from actually loading.

Also, one of the ioctl pointers was missing.

Signed-Off-By: Matthias Urlichs <smurf@smurf.noris.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-08-02 16:41:41 -07:00
Matthias Urlichs
b3fdab59b8 USB: Option driver: removed change history and linux/version.h include
Signed-off-by: Matthias Urlichs <smurf@smurf.noris.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-08-02 16:41:41 -07:00
David Brownell
0365ee0a8f USB: AT91 OHCI updates, mostly power management
OHCI updates for AT91 series processors:

 - Get ready for at91sam926x processors (ARMv5tej not ARMv4t)

 - Suspend/resume support now behaves properly

 - In "standby" mode, OHCI can be a source of system wakeup events
   (remote wakeup, device connect/disconnect, etc)

And minor cleanups.

Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Signed-off-by: Andrew Victor <andrew@sanpeople.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-08-02 16:41:41 -07:00
David Brownell
8b2e76687b USB: AT91 UDC updates, mostly power management
UDC updates for AT91 series processors:

 - Get ready for at91sam926x processors (ARMv5tej not ARMv4t)

 - Suspend/resume support now behaves properly

 - In "standby" mode, UDC can be a source of system wakeup events
   (host resume, device connect/disconnect, etc)

 - Fix IRQ storming issues, seemingly related to clock disabling
   changes that went in a while back

And minor cleanups, especially whitespace.

Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Signed-off-by: Andrew Victor  <andrew@sanpeople.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-08-02 16:41:41 -07:00
Alexey Dobriyan
29bbd72d6e [NET]: Fix more per-cpu typos
Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-08-02 15:02:31 -07:00
David S. Miller
95ce568812 [SECURITY]: Fix build with CONFIG_SECURITY disabled.
include/linux/security.h: In function ‘security_release_secctx’:
include/linux/security.h:2757: warning: ‘return’ with a value, in function returning void

Signed-off-by: David S. Miller <davem@davemloft.net>
2006-08-02 14:37:06 -07:00
Chris Leech
e6eb307d48 [I/OAT]: Remove CPU hotplug lock from net_dma_rebalance
Remove the lock_cpu_hotplug()/unlock_cpu_hotplug() calls from
net_dma_rebalance

The lock_cpu_hotplug()/unlock_cpu_hotplug() sequence in
net_dma_rebalance is both incorrect (as pointed out by David Miller)
because lock_cpu_hotplug() may sleep while the net_dma_event_lock
spinlock is held, and unnecessary (as pointed out by Andrew Morton) as
spin_lock() disables preemption which protects from CPU hotplug
events.

Signed-off-by: Chris Leech <christopher.leech@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-08-02 14:21:19 -07:00
Patrick Caulfield
9bbf28a1ff [DECNET]: Fix for routing bug
This patch fixes a bug in the DECnet routing code where we were
selecting a loopback device in preference to an outward facing device
even when the destination was known non-local. This patch should fix
the problem.

Signed-off-by: Patrick Caulfield <patrick@tykepenguin.com>
Signed-off-by: Steven Whitehouse <steve@chygwyn.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-08-02 14:14:44 -07:00
Catherine Zhang
dc49c1f94e [AF_UNIX]: Kernel memory leak fix for af_unix datagram getpeersec patch
From: Catherine Zhang <cxzhang@watson.ibm.com>

This patch implements a cleaner fix for the memory leak problem of the
original unix datagram getpeersec patch.  Instead of creating a
security context each time a unix datagram is sent, we only create the
security context when the receiver requests it.

This new design requires modification of the current
unix_getsecpeer_dgram LSM hook and addition of two new hooks, namely,
secid_to_secctx and release_secctx.  The former retrieves the security
context and the latter releases it.  A hook is required for releasing
the security context because it is up to the security module to decide
how that's done.  In the case of Selinux, it's a simple kfree
operation.

Acked-by:  Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-08-02 14:12:06 -07:00
Adrian Bunk
2b7e24b66d [NET]: skb_queue_lock_key() is no longer used.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Acked-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-08-02 14:07:58 -07:00
Arjan van de Ven
76f10ad0e6 [NET]: Remove lockdep_set_class() call from skb_queue_head_init().
The skb_queue_head_init() function is used both in drivers for private use
and in the core networking code.  The usage models are vastly set of
functions that is only softirq safe; while the driver usage tends to be
more limited to a few hardirq safe accessor functions.  Rather than
annotating all 133+ driver usages, for now just split this lock into a per
queue class.  This change is obviously safe and probably should make
2.6.18.

Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-08-02 14:06:55 -07:00
Wei Dong
dafee49085 [IPV6]: SNMPv2 "ipv6IfStatsOutFragCreates" counter error
When I tested linux kernel 2.6.71.7 about statistics
"ipv6IfStatsOutFragCreates", and found that it couldn't increase
correctly. The criteria is RFC 2465:

  ipv6IfStatsOutFragCreates OBJECT-TYPE
      SYNTAX      Counter32
      MAX-ACCESS  read-only
      STATUS      current
      DESCRIPTION
         "The number of output datagram fragments that have
         been generated as a result of fragmentation at
         this output interface."
      ::= { ipv6IfStatsEntry 15 }

I think there are two issues in Linux kernel. 
1st:
RFC2465 specifies the counter is "The number of output datagram
fragments...". I think increasing this counter after output a fragment
successfully is better. And it should not be increased even though a
fragment is created but failed to output.

2nd:
If we send a big ICMP/ICMPv6 echo request to a host, and receive
ICMP/ICMPv6 echo reply consisted of some fragments. As we know that in
Linux kernel first fragmentation occurs in ICMP layer(maybe saying
transport layer is better), but this is not the "real"
fragmentation,just do some "pre-fragment" -- allocate space for date,
and form a frag_list, etc. The "real" fragmentation happens in IP layer
-- set offset and MF flag and so on. So I think in "fast path" for
ip_fragment/ip6_fragment, if we send a fragment which "pre-fragment" by
upper layer we should also increase "ipv6IfStatsOutFragCreates".

Signed-off-by: Wei Dong <weid@nanjing-fnst.com>
Acked-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-08-02 13:41:21 -07:00
Wei Dong
32c524d1c4 [IPV6]: SNMPv2 "ipv6IfStatsInHdrErrors" counter error
When I tested Linux kernel 2.6.17.7 about statistics
"ipv6IfStatsInHdrErrors", found that this counter couldn't increase
correctly. The criteria is RFC2465:
  ipv6IfStatsInHdrErrors OBJECT-TYPE
      SYNTAX     Counter3
      MAX-ACCESS read-only
      STATUS     current
      DESCRIPTION
         "The number of input datagrams discarded due to
         errors in their IPv6 headers, including version
         number mismatch, other format errors, hop count
         exceeded, errors discovered in processing their
         IPv6 options, etc."
      ::= { ipv6IfStatsEntry 2 }

When I send TTL=0 and TTL=1 a packet to a router which need to be
forwarded, router just sends an ICMPv6 message to tell the sender that
TIME_EXCEED and HOPLIMITS, but no increments for this counter(in the
function ip6_forward).

Signed-off-by: Wei Dong <weid@nanjing-fnst.com>
Acked-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-08-02 13:39:57 -07:00
David S. Miller
b60dfc6c20 [NET]: Kill the WARN_ON() calls for checksum fixups.
We have a more complete solution in the works, involving
the seperation of CHECKSUM_HW on input vs. output, and
having netfilter properly do incremental checksums.

But that is a very involved patch and is thus 2.6.19
material.

What we have now is infinitely better than the past,
wherein all TSO packets were dropped due to corrupt
checksums as soon at the NAT module was loaded.  At
least now, the checksums do get fixed up, it just
isn't the cleanest nor most optimal solution.

Signed-off-by: David S. Miller <davem@davemloft.net>
2006-08-02 13:38:30 -07:00
Patrick McHardy
3ab720881b [NETFILTER]: xt_hashlimit/xt_string: missing string validation
The hashlimit table name and the textsearch algorithm need to be
terminated, the textsearch pattern length must not exceed the
maximum size.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-08-02 13:38:29 -07:00
Patrick McHardy
b10866fd7d [NETFILTER]: SIP helper: expect RTP streams in both directions
Since we don't know in which direction the first packet will arrive, we
need to create one expectation for each direction, which is currently
prevented by max_expected beeing set to 1.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-08-02 13:38:28 -07:00
David S. Miller
87f5032e0c [E1000]: Convert to netdev_alloc_skb
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-08-02 13:38:27 -07:00
David S. Miller
a20e9c6291 [TG3]: Convert to netdev_alloc_skb
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-08-02 13:38:26 -07:00
Christoph Hellwig
8af2745645 [NET]: Add netdev_alloc_skb().
Add a dev_alloc_skb variant that takes a struct net_device * paramater.
For now that paramater is unused, but I'll use it to allocate the skb
from node-local memory in a follow-up patch.  Also there have been some
other plans mentioned on the list that can use it.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-08-02 13:38:25 -07:00
David S. Miller
52499afe40 [TCP]: Process linger2 timeout consistently.
Based upon guidance from Alexey Kuznetsov.

When linger2 is active, we check to see if the fin_wait2
timeout is longer than the timewait.  If it is, we schedule
the keepalive timer for the difference between the timewait
timeout and the fin_wait2 timeout.

When this orphan socket is seen by tcp_keepalive_timer()
it will try to transform this fin_wait2 socket into a
fin_wait2 mini-socket, again if linger2 is active.

Not all paths were setting this initial keepalive timer correctly.
The tcp input path was doing it correctly, but tcp_close() wasn't,
potentially making the socket linger longer than it really needs to.

Signed-off-by: David S. Miller <davem@davemloft.net>
2006-08-02 13:38:24 -07:00
James Morris
a280b89982 [SECURITY] secmark: nul-terminate secdata
The patch below fixes a problem in the iptables SECMARK target, where
the user-supplied 'selctx' string may not be nul-terminated.

From initial analysis, it seems that the strlen() called from
selinux_string_to_sid() could run until it arbitrarily finds a zero,
and possibly cause a kernel oops before then.

The impact of this appears limited because the operation requires
CAP_NET_ADMIN, which is essentially always root.  Also, the module is
not yet in wide use.

Signed-off-by: James Morris <jmorris@namei.org>
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-08-02 13:38:23 -07:00