]> err.no Git - linux-2.6/log
linux-2.6
16 years ago[NETFILTER]: nfnetlink_log: remove excessive debugging
Patrick McHardy [Tue, 18 Dec 2007 06:41:02 +0000 (22:41 -0800)]
[NETFILTER]: nfnetlink_log: remove excessive debugging

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: nfnetlink_{queue,log}: return ENOTSUPP for unknown cfg commands
Patrick McHardy [Tue, 18 Dec 2007 06:40:19 +0000 (22:40 -0800)]
[NETFILTER]: nfnetlink_{queue,log}: return ENOTSUPP for unknown cfg commands

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: nfnetlink_log: fix checks in nfulnl_recv_config
Patrick McHardy [Tue, 18 Dec 2007 06:39:55 +0000 (22:39 -0800)]
[NETFILTER]: nfnetlink_log: fix checks in nfulnl_recv_config

Similar to the nfnetlink_queue fixes:

The peer_pid must be checked in all cases when a logging instance exists,
additionally we must check whether an instance exists before attempting
to configure it to avoid NULL ptr dereferences.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: nf_log: remove incomprehensible comment
Patrick McHardy [Tue, 18 Dec 2007 06:39:27 +0000 (22:39 -0800)]
[NETFILTER]: nf_log: remove incomprehensible comment

Whatever that comment tries to say, I don't get it and it looks like
a leftover from the time when RCU wasn't used properly.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: nf_log: constify struct nf_logger and nf_log_packet loginfo arg
Patrick McHardy [Tue, 18 Dec 2007 06:39:08 +0000 (22:39 -0800)]
[NETFILTER]: nf_log: constify struct nf_logger and nf_log_packet loginfo arg

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: nf_log: move logging stuff to seperate header
Patrick McHardy [Tue, 18 Dec 2007 06:38:49 +0000 (22:38 -0800)]
[NETFILTER]: nf_log: move logging stuff to seperate header

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: nf_nat: pass manip type instead of hook to nf_nat_setup_info
Patrick McHardy [Tue, 18 Dec 2007 06:38:20 +0000 (22:38 -0800)]
[NETFILTER]: nf_nat: pass manip type instead of hook to nf_nat_setup_info

nf_nat_setup_info gets the hook number and translates that to the
manip type to perform. This is a relict from the time when one
manip per hook could exist, the exact hook number doesn't matter
anymore, its converted to the manip type. Most callers already
know what kind of NAT they want to perform, so pass the maniptype
in directly.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: nf_nat: sprinkle a few __read_mostlys
Patrick McHardy [Tue, 18 Dec 2007 06:37:52 +0000 (22:37 -0800)]
[NETFILTER]: nf_nat: sprinkle a few __read_mostlys

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: nf_nat: mark NAT protocols const
Patrick McHardy [Tue, 18 Dec 2007 06:37:36 +0000 (22:37 -0800)]
[NETFILTER]: nf_nat: mark NAT protocols const

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: nf_nat_proto_gre: add missing module reference
Patrick McHardy [Tue, 18 Dec 2007 06:37:20 +0000 (22:37 -0800)]
[NETFILTER]: nf_nat_proto_gre: add missing module reference

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: ctnetlink: fix expectation timeout dumping
Patrick McHardy [Tue, 18 Dec 2007 06:37:03 +0000 (22:37 -0800)]
[NETFILTER]: ctnetlink: fix expectation timeout dumping

When the timer is late its timeout might be before the current time,
in which case a very large value is dumped.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: ctnetlink: use netlink attribute helpers
Patrick McHardy [Tue, 18 Dec 2007 06:29:45 +0000 (22:29 -0800)]
[NETFILTER]: ctnetlink: use netlink attribute helpers

Use NLA_PUT_BE32, nla_get_be32() etc.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETLINK]: Add NLA_PUT_BE16/nla_get_be16()
Patrick McHardy [Tue, 18 Dec 2007 06:29:26 +0000 (22:29 -0800)]
[NETLINK]: Add NLA_PUT_BE16/nla_get_be16()

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: nf_conntrack_sctp: add ctnetlink support
Pablo Neira Ayuso [Tue, 18 Dec 2007 06:29:02 +0000 (22:29 -0800)]
[NETFILTER]: nf_conntrack_sctp: add ctnetlink support

This patch adds support for SCTP to ctnetlink.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: ctnetlink: add support for secmark
Pablo Neira Ayuso [Tue, 18 Dec 2007 06:28:41 +0000 (22:28 -0800)]
[NETFILTER]: ctnetlink: add support for secmark

This patch adds support for James Morris' connsecmark.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: ctnetlink: add support for master tuple event notification and dumping
Pablo Neira Ayuso [Tue, 18 Dec 2007 06:28:19 +0000 (22:28 -0800)]
[NETFILTER]: ctnetlink: add support for master tuple event notification and dumping

This patch adds support for master tuple event notification and
dumping.  Conntrackd needs this information to recover related
connections appropriately.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: ctnetlink: add support for NAT sequence adjustments
Pablo Neira Ayuso [Tue, 18 Dec 2007 06:28:00 +0000 (22:28 -0800)]
[NETFILTER]: ctnetlink: add support for NAT sequence adjustments

The combination of NAT and helpers may produce TCP sequence adjustments.
In failover setups, this information needs to be replicated in order to
achieve a successful recovery of mangled, related connections. This patch is
particularly useful for conntrackd, see:

http://people.netfilter.org/pablo/conntrack-tools/

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: xt_TCPMSS: don't allow netfilter --setmss to increase mss
Benjamin LaHaise [Tue, 18 Dec 2007 06:27:36 +0000 (22:27 -0800)]
[NETFILTER]: xt_TCPMSS: don't allow netfilter --setmss to increase mss

When terminating DSL connections for an assortment of random customers, I've
found it necessary to use iptables to clamp the MSS used for connections to
work around the various ICMP blackholes in the greater net.  Unfortunately,
the current behaviour in Linux is imperfect and actually make things worse,
so I'm proposing the following: increasing the MSS in a packet can never be
a good thing, so make --set-mss only lower the MSS in a packet.

Yes, I am aware of --clamp-mss-to-pmtu, but it doesn't work for outgoing
connections from clients (ie web traffic), as it only looks at the PMTU on
the destination route, not the source of the packet (the DSL interfaces in
question have a 1442 byte MTU while the destination ethernet interface is
1500 -- there are problematic hosts which use a 1300 byte MTU).  Reworking
that is probably a good idea at some point, but it's more work than this is.

Signed-off-by: Benjamin LaHaise <bcrl@kvack.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: arp_tables: add compat support
Patrick McHardy [Tue, 18 Dec 2007 06:26:54 +0000 (22:26 -0800)]
[NETFILTER]: arp_tables: add compat support

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: arp_tables: resync get_entries() with ip_tables
Patrick McHardy [Tue, 18 Dec 2007 06:26:38 +0000 (22:26 -0800)]
[NETFILTER]: arp_tables: resync get_entries() with ip_tables

Resync get_entries() with ip_tables.c by moving the checks from the
setsockopt handler to the function itself.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: arp_tables: move ARPT_SO_GET_INFO handling to seperate function
Patrick McHardy [Tue, 18 Dec 2007 06:26:24 +0000 (22:26 -0800)]
[NETFILTER]: arp_tables: move ARPT_SO_GET_INFO handling to seperate function

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: arp_tables: move counter allocation to seperate function
Patrick McHardy [Tue, 18 Dec 2007 05:56:48 +0000 (21:56 -0800)]
[NETFILTER]: arp_tables: move counter allocation to seperate function

More resyncing with ip_tables.c as preparation for compat support.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: arp_tables: move entry and target checks to seperate functions
Patrick McHardy [Tue, 18 Dec 2007 05:56:33 +0000 (21:56 -0800)]
[NETFILTER]: arp_tables: move entry and target checks to seperate functions

Resync with ip_tables.c as preparation for compat support.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: arp_tables: remove ipchains compat hack
Patrick McHardy [Tue, 18 Dec 2007 05:56:14 +0000 (21:56 -0800)]
[NETFILTER]: arp_tables: remove ipchains compat hack

Remove compatiblity hack copied from ip_tables.c - ipchains didn't even
support arp_tables :)

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: arp_tables: use vmalloc_node()
Patrick McHardy [Tue, 18 Dec 2007 05:55:59 +0000 (21:55 -0800)]
[NETFILTER]: arp_tables: use vmalloc_node()

Use vmalloc_node() as in ip_tables.c.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: arp_tables: use XT_ALIGN
Patrick McHardy [Tue, 18 Dec 2007 05:55:34 +0000 (21:55 -0800)]
[NETFILTER]: arp_tables: use XT_ALIGN

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: arp_tables: remove obsolete standard_check function
Patrick McHardy [Tue, 18 Dec 2007 05:55:16 +0000 (21:55 -0800)]
[NETFILTER]: arp_tables: remove obsolete standard_check function

The size check is already performed by xt_check_target, no need
to do it again.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: ip6_tables: use XT_ALIGN
Patrick McHardy [Tue, 18 Dec 2007 05:53:40 +0000 (21:53 -0800)]
[NETFILTER]: ip6_tables: use XT_ALIGN

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: ip_tables: remove ipchains compatibility hack
Patrick McHardy [Tue, 18 Dec 2007 05:53:18 +0000 (21:53 -0800)]
[NETFILTER]: ip_tables: remove ipchains compatibility hack

ipchains support has been removed years ago. kill last remains.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: ip6_tables: use raw_smp_processor_id() in do_add_counters()
Patrick McHardy [Tue, 18 Dec 2007 05:52:52 +0000 (21:52 -0800)]
[NETFILTER]: ip6_tables: use raw_smp_processor_id() in do_add_counters()

Use raw_smp_processor_id() in do_add_counters() as in ip_tables.c.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: ip6_tables: fix stack leagage
Patrick McHardy [Tue, 18 Dec 2007 05:52:35 +0000 (21:52 -0800)]
[NETFILTER]: ip6_tables: fix stack leagage

Fix leakage of local variable on stack. This already got fixed in
ip_tables silently by the compat patches.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: {ip,ip6}_tables: fix format strings
Patrick McHardy [Tue, 18 Dec 2007 05:52:15 +0000 (21:52 -0800)]
[NETFILTER]: {ip,ip6}_tables: fix format strings

Use %zu for sizeof() and remove casts.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: {ip,ip6}_tables: reformat to eliminate differences
Patrick McHardy [Tue, 18 Dec 2007 05:52:00 +0000 (21:52 -0800)]
[NETFILTER]: {ip,ip6}_tables: reformat to eliminate differences

Reformat ip_tables.c and ip6_tables.c in order to eliminate non-functional
differences and minimize diff output.

This allows to get a view of the real differences using:

sed -e 's/IP6T/IPT/g' \
    -e 's/IP6/IP/g' \
    -e 's/INET6/INET/g' \
    -e 's/ip6t/ipt/g' \
    -e 's/ip6/ip/g' \
    -e 's/ipv6/ip/g' \
    -e 's/icmp6/icmp/g' \
    net/ipv6/netfilter/ip6_tables.c | \
    diff -wup /dev/stdin net/ipv4/netfilter/ip_tables.c

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: xt_MARK: add compat support for revision 0
Patrick McHardy [Tue, 18 Dec 2007 05:51:33 +0000 (21:51 -0800)]
[NETFILTER]: xt_MARK: add compat support for revision 0

Old userspace doesn't support revision 1, especially for IPv6, which
is only available in the SVN snapshot.

Add compat support for revision 0.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: xt_MARK: support revision 1 for IPv6
Patrick McHardy [Tue, 18 Dec 2007 05:51:14 +0000 (21:51 -0800)]
[NETFILTER]: xt_MARK: support revision 1 for IPv6

The current netfilter SVN version includes support for this, so enable
it in the kernel as well.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: x_tables: enable compat translation for IPv6 matches/targets
Patrick McHardy [Tue, 18 Dec 2007 05:50:53 +0000 (21:50 -0800)]
[NETFILTER]: x_tables: enable compat translation for IPv6 matches/targets

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: ip6_tables: add compat support
Patrick McHardy [Tue, 18 Dec 2007 05:50:37 +0000 (21:50 -0800)]
[NETFILTER]: ip6_tables: add compat support

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: ip6_tables: resync get_entries() with ip_tables
Patrick McHardy [Tue, 18 Dec 2007 05:50:22 +0000 (21:50 -0800)]
[NETFILTER]: ip6_tables: resync get_entries() with ip_tables

Resync get_entries() with ip_tables.c by moving the checks from the
setsockopt handler to the function itself.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: ip6_tables: move IP6T_SO_GET_INFO handling to seperate function
Patrick McHardy [Tue, 18 Dec 2007 05:50:05 +0000 (21:50 -0800)]
[NETFILTER]: ip6_tables: move IP6T_SO_GET_INFO handling to seperate function

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: ip6_tables: move counter allocation to seperate function
Patrick McHardy [Tue, 18 Dec 2007 05:49:51 +0000 (21:49 -0800)]
[NETFILTER]: ip6_tables: move counter allocation to seperate function

More resyncing with ip_tables.c as preparation for compat support.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: ip6_tables: use vmalloc_node()
Patrick McHardy [Tue, 18 Dec 2007 05:48:33 +0000 (21:48 -0800)]
[NETFILTER]: ip6_tables: use vmalloc_node()

Consistently use vmalloc_node for all counter allocations.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: ip6_tables: move entry, match and target checks to seperate functions
Patrick McHardy [Tue, 18 Dec 2007 05:48:17 +0000 (21:48 -0800)]
[NETFILTER]: ip6_tables: move entry, match and target checks to seperate functions

Resync with ip_tables.c as preparation for compat support.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: ip6_tables: kill a few useless defines/forward declarations
Patrick McHardy [Tue, 18 Dec 2007 05:48:02 +0000 (21:48 -0800)]
[NETFILTER]: ip6_tables: kill a few useless defines/forward declarations

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: ip_tables: move compat offset calculation to x_tables
Patrick McHardy [Tue, 18 Dec 2007 05:47:48 +0000 (21:47 -0800)]
[NETFILTER]: ip_tables: move compat offset calculation to x_tables

Its needed by ip6_tables and arp_tables as well.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: ip_tables: fix compat types
Patrick McHardy [Tue, 18 Dec 2007 05:47:32 +0000 (21:47 -0800)]
[NETFILTER]: ip_tables: fix compat types

Use compat types and compat iterators when dealing with compat entries for
clarity. This doesn't actually make a difference for ip_tables, but is
needed for ip6_tables and arp_tables.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: ip_tables: account for struct ipt_entry/struct compat_ipt_entry size...
Patrick McHardy [Tue, 18 Dec 2007 05:47:14 +0000 (21:47 -0800)]
[NETFILTER]: ip_tables: account for struct ipt_entry/struct compat_ipt_entry size diff

Account for size differences when dumping entries or calculating the
entry positions. This doesn't actually make any difference for IPv4
since the structures have the same size, but its logically correct
and needed for IPv6.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: {ip,ip6,arp}_tables: consolidate iterator macros
Patrick McHardy [Tue, 18 Dec 2007 05:46:59 +0000 (21:46 -0800)]
[NETFILTER]: {ip,ip6,arp}_tables: consolidate iterator macros

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: x_tables: make xt_compat_match_from_user usable in iterator macros
Patrick McHardy [Tue, 18 Dec 2007 05:46:40 +0000 (21:46 -0800)]
[NETFILTER]: x_tables: make xt_compat_match_from_user usable in iterator macros

Make xt_compat_match_from_user return an int to make it usable in the
*tables iterator macros and kill a now unnecessary wrapper function.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: ip_tables: reformat compat code
Patrick McHardy [Tue, 18 Dec 2007 05:46:15 +0000 (21:46 -0800)]
[NETFILTER]: ip_tables: reformat compat code

The compat code has some very odd formating, clean it up before porting
it to ip6_tables.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETFILTER]: ip_tables: kill useless wrapper
Patrick McHardy [Tue, 18 Dec 2007 05:45:52 +0000 (21:45 -0800)]
[NETFILTER]: ip_tables: kill useless wrapper

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years agowireless: make drivers include the TSF RX flag where appropriate
Johannes Berg [Tue, 4 Dec 2007 19:33:40 +0000 (20:33 +0100)]
wireless: make drivers include the TSF RX flag where appropriate

These drivers pass full mactime information to the stack, make them
indicate this via the new RX_FLAG_TSFT to get mac80211 to show this
information in monitor mode.

Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years agointroduce WEXT scan capabilities
Dan Williams [Wed, 12 Dec 2007 15:25:07 +0000 (10:25 -0500)]
introduce WEXT scan capabilities

Introduce scan capabilities to WEXT so that userspace can do intelligent
things with scan behavior such as handling hidden SSIDs more gracefully.
If the driver reports a specific scan capability, the driver must
respect the options specified in the iw_scan_req structure when handling
the SIOCSIWSCAN call, unless it's mode or state does not allow it to do
so, in which case it must return an error.

This version switches to Dave Kilroy's suggestion of claiming unused
padding space for the scan_capa field.

Signed-off-by: Dan Williams <dcbw@redhat.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years agomac80211: conditionally include timestamp in radiotap information
Johannes Berg [Tue, 11 Dec 2007 20:33:42 +0000 (21:33 +0100)]
mac80211: conditionally include timestamp in radiotap information

This makes mac80211 include the low-level MAC timestamp
in the radiotap header if the driver indicated (by a new
RX flag) that the timestamp is valid.

Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[DCCP]: Remove unused inline function
Gerrit Renker [Mon, 17 Dec 2007 14:58:04 +0000 (12:58 -0200)]
[DCCP]: Remove unused inline function

The function follows48(), which is a special-case of dccp_delta_seqno(),
is nowhere used in the DCCP code, thus removed by this patch.

Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
Signed-off-by: Ian McDonald <ian.mcdonald@jandi.co.nz>
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[CCID3]: Nofeedback timer according to rfc3448bis
Gerrit Renker [Mon, 17 Dec 2007 14:57:43 +0000 (12:57 -0200)]
[CCID3]: Nofeedback timer according to rfc3448bis

This implements the changes to the nofeedback timer handling suggested
in draft rfc3448bis00, section 4.4. In particular, these changes mean:

 * better handling of the lossless case (p == 0)
 * the timestamp for computing t_ld becomes obsolete
 * much more recent document (RFC 3448 is almost 5 years old)
 * concepts in rfc3448bis arose from a real, working implementation
   (cf. sec. 12)

Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
Signed-off-by: Ian McDonald <ian.mcdonald@jandi.co.nz>
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[CCID3]: Implement rfc3448bis changes to feedback reception
Gerrit Renker [Mon, 17 Dec 2007 14:48:47 +0000 (12:48 -0200)]
[CCID3]: Implement rfc3448bis changes to feedback reception

This implements the algorithm to update the allowed sending rate X upon
receiving feedback packets, as described in draft rfc3448bis, 4.2/4.3.

Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
Signed-off-by: Ian McDonald <ian.mcdonald@jandi.co.nz>
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[CCID3]: Remove two irrelevant states in TX feedback handling
Gerrit Renker [Mon, 17 Dec 2007 12:25:06 +0000 (10:25 -0200)]
[CCID3]: Remove two irrelevant states in TX feedback handling

 * the NO_SENT state is only triggered in bidirectional mode,
   costing unnecessary processing.
 * the TERM (terminating) state is irrelevant.

Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
Signed-off-by: Ian McDonald <ian.mcdonald@jandi.co.nz>
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[CCID3]: Use a function to update p_inv, and p is never used
Gerrit Renker [Mon, 17 Dec 2007 12:07:44 +0000 (10:07 -0200)]
[CCID3]: Use a function to update p_inv, and p is never used

This patch
 1) concentrates previously scattered computation of p_inv into one function;
 2) removes the `p' element of the CCID3 RX sock (it is redundant);
 3) makes the tfrc_rx_info structure standalone, only used on demand.

Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
Signed-off-by: Ian McDonald <ian.mcdonald@jandi.co.nz>
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[PARISC]: Fix build after ipv4_is_*() changes.
Joe Perches [Mon, 17 Dec 2007 04:28:24 +0000 (20:28 -0800)]
[PARISC]: Fix build after ipv4_is_*() changes.

Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[SCTP]: Use crc32c library for checksum calculations.
Vlad Yasevich [Sun, 16 Dec 2007 22:06:41 +0000 (14:06 -0800)]
[SCTP]: Use crc32c library for checksum calculations.

The crc32c library used an identical table and algorithm
as SCTP.  Switch to using the library instead of carrying
our own table.  Using crypto layer proved to have too
much overhead compared to using the library directly.

Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[PACKET]: Fix /proc/net/packet crash due to bogus private pointer
Herbert Xu [Sun, 16 Dec 2007 22:04:02 +0000 (14:04 -0800)]
[PACKET]: Fix /proc/net/packet crash due to bogus private pointer

The seq_open_net patch changed the meaning of seq->private.
Unfortunately it missed two spots in AF_PACKET, which still
used the old way of dereferencing seq->private, thus causing
weird and wonderful crashes when reading /proc/net/packet.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IPV4]: Remove unused IPV4TYPE macros
Joe Perches [Sun, 16 Dec 2007 21:48:11 +0000 (13:48 -0800)]
[IPV4]: Remove unused IPV4TYPE macros

Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IPV4] drivers/infiniband: Use ipv4_is_<type>
Joe Perches [Sun, 16 Dec 2007 21:47:33 +0000 (13:47 -0800)]
[IPV4] drivers/infiniband: Use ipv4_is_<type>

Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IPV4] sctp: Use ipv4_is_<type>
Joe Perches [Sun, 16 Dec 2007 21:46:59 +0000 (13:46 -0800)]
[IPV4] sctp: Use ipv4_is_<type>

Signed-off-by: Joe Perches <joe@perches.com>
Acked-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IPV4] net/netfilter: Use ipv4_is_<type>
Joe Perches [Sun, 16 Dec 2007 21:46:15 +0000 (13:46 -0800)]
[IPV4] net/netfilter: Use ipv4_is_<type>

Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IPV4] net/ipv4: Use ipv4_is_<type>
Joe Perches [Sun, 16 Dec 2007 21:45:43 +0000 (13:45 -0800)]
[IPV4] net/ipv4: Use ipv4_is_<type>

Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IPV4] net/core: Use ipv4_is_<type>
Joe Perches [Sun, 16 Dec 2007 21:44:00 +0000 (13:44 -0800)]
[IPV4] net/core: Use ipv4_is_<type>

Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IPV4] include/net: Use ipv4_is_<type>
Joe Perches [Sun, 16 Dec 2007 21:43:24 +0000 (13:43 -0800)]
[IPV4] include/net: Use ipv4_is_<type>

Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IPV4]: Create ipv4_is_<type>(__be32 addr) functions
Joe Perches [Sun, 16 Dec 2007 21:42:49 +0000 (13:42 -0800)]
[IPV4]: Create ipv4_is_<type>(__be32 addr) functions

Change IPV4 specific macros LOOPBACK MULTICAST LOCAL_MCAST BADCLASS
and ZERONET macros to inline functions ipv4_is_<type>(__be32 addr)

Adds type safety and arguably some readability.

Changes since last submission:

Removed ipv4_addr_octets function
Used hex constants
Converted recently added rfc3330 macros

Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IPV4]: Switch users of ipv4_devconf(_all) to use the pernet one
Pavel Emelyanov [Sun, 16 Dec 2007 21:32:48 +0000 (13:32 -0800)]
[IPV4]: Switch users of ipv4_devconf(_all) to use the pernet one

These are scattered over the code, but almost all the
"critical" places already have the proper struct net
at hand except for snmp proc showing function and routing
rtnl handler.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IPV4]: Switch users of ipv4_devconf_dflt to use the pernet one
Pavel Emelyanov [Sun, 16 Dec 2007 21:32:16 +0000 (13:32 -0800)]
[IPV4]: Switch users of ipv4_devconf_dflt to use the pernet one

They are all collected in the net/ipv4/devinet.c file and
mostly use the IPV4_DEVCONF_DFLT macro.

So I add the net parameter to it and patch users accordingly.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IPV4]: Move the devinet pointers on the struct net
Pavel Emelyanov [Sun, 16 Dec 2007 21:31:47 +0000 (13:31 -0800)]
[IPV4]: Move the devinet pointers on the struct net

This is the core.

Add all and default pointers on the netns_ipv4 and register
a new pernet subsys to initialize them.

Also add the ctl_table_header to register the
net.ipv4.ip_forward ctl.

I don't allocate additional memory for init_net, but use
global devinets.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IPV4]: Store the net pointer on devinet's ctl tables
Pavel Emelyanov [Sun, 16 Dec 2007 21:31:14 +0000 (13:31 -0800)]
[IPV4]: Store the net pointer on devinet's ctl tables

Some handers and strategies of devinet sysctl tables need
to know the net to propagate the ctl change to all the
net devices.

I use the (currently unused) extra2 pointer on the tables
to get it.

Holding the reference on the struct net is not possible,
because otherwise we'll get a net->ctl_table->net circular
dependency. But since the ctl tables are unregistered during
the net destruction, this is safe to get it w/o additional
protection.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IPV4]: Pass the net pointer to the arp_req_set_proxy()
Pavel Emelyanov [Sun, 16 Dec 2007 21:30:39 +0000 (13:30 -0800)]
[IPV4]: Pass the net pointer to the arp_req_set_proxy()

This one will need to set the IPV4_DEVCONF_ALL(PROXY_ARP), but
there's no ways to get the net right in place, so we have to
pull one from the inet_ioctl's struct sock.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IPV4]: Make __devinet_sysctl_register return an error
Pavel Emelyanov [Sun, 16 Dec 2007 21:30:07 +0000 (13:30 -0800)]
[IPV4]: Make __devinet_sysctl_register return an error

Currently, this function is void, so failures in creating
sysctls for new/renamed devices are not reported to anywhere.

Fixing this is another complex (needed?) task, but this
return value is needed during the namespaces creation to
handle the case, when we failed to create "all" and "default"
entries.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[NETNS]: Add the netns_ipv4 struct
Pavel Emelyanov [Sun, 16 Dec 2007 21:29:36 +0000 (13:29 -0800)]
[NETNS]: Add the netns_ipv4 struct

The ipv4 will store its parameters inside this structure.
This one is empty now, but it will be eventually filled.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[XFRM]: Fix potential race vs xfrm_state(only)_find and xfrm_hash_resize.
Pavel Emelyanov [Fri, 14 Dec 2007 19:38:04 +0000 (11:38 -0800)]
[XFRM]: Fix potential race vs xfrm_state(only)_find and xfrm_hash_resize.

The _find calls calculate the hash value using the
xfrm_state_hmask, without the xfrm_state_lock. But the
value of this mask can change in the _resize call under
the state_lock, so we risk to fail in finding the desired
entry in hash.

I think, that the hash value is better to calculate
under the state lock.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[PPP] synchronous tty: convert dead_sem to completion
Matthias Kaehlcke [Fri, 14 Dec 2007 19:32:48 +0000 (11:32 -0800)]
[PPP] synchronous tty: convert dead_sem to completion

PPP synchronous tty channel driver: convert the semaphore dead_sem to a
completion

Signed-off-by: Matthias Kaehlcke <matthias.kaehlcke@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[UDP]: Move udp_stats_in6 into net/ipv4/udp.c
Herbert Xu [Fri, 14 Dec 2007 19:25:26 +0000 (11:25 -0800)]
[UDP]: Move udp_stats_in6 into net/ipv4/udp.c

Now that external users may increment the counters directly, we need
to ensure that udp_stats_in6 is always available.  Otherwise we'd
either have to requrie the external users to be built as modules or
ipv6 to be built-in.

This isn't too bad because udp_stats_in6 is just a pair of pointers
plus an EXPORT, e.g., just 40 (16 + 24) bytes on x86-64.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[SUNRPC]: Use htonl() where appropriate.
YOSHIFUJI Hideaki [Tue, 11 Dec 2007 18:55:42 +0000 (03:55 +0900)]
[SUNRPC]: Use htonl() where appropriate.

Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[RXRPC]: Use cpu_to_be32() where appropriate.
YOSHIFUJI Hideaki [Tue, 11 Dec 2007 18:55:22 +0000 (03:55 +0900)]
[RXRPC]: Use cpu_to_be32() where appropriate.

Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[MAC80211]: Use htons() where appropriate.
YOSHIFUJI Hideaki [Tue, 11 Dec 2007 18:54:23 +0000 (03:54 +0900)]
[MAC80211]: Use htons() where appropriate.

Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IRDA]: Use htons() where appropriate.
YOSHIFUJI Hideaki [Tue, 11 Dec 2007 18:53:26 +0000 (03:53 +0900)]
[IRDA]: Use htons() where appropriate.

Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IPVS]: Use htons() where appropriate.
YOSHIFUJI Hideaki [Tue, 11 Dec 2007 18:53:11 +0000 (03:53 +0900)]
[IPVS]: Use htons() where appropriate.

Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IEEE80211]: Use htons() where appropriate.
YOSHIFUJI Hideaki [Tue, 11 Dec 2007 18:52:26 +0000 (03:52 +0900)]
[IEEE80211]: Use htons() where appropriate.

Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[DECNET]: Use htons() where appropriate.
YOSHIFUJI Hideaki [Tue, 11 Dec 2007 18:51:49 +0000 (03:51 +0900)]
[DECNET]: Use htons() where appropriate.

Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[BRIDGE]: Use cpu_to_be16() where appropriate.
YOSHIFUJI Hideaki [Tue, 11 Dec 2007 18:51:03 +0000 (03:51 +0900)]
[BRIDGE]: Use cpu_to_be16() where appropriate.

Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[DCCP]: Introducing CCMPS
Gerrit Renker [Fri, 14 Dec 2007 01:37:55 +0000 (23:37 -0200)]
[DCCP]: Introducing CCMPS

This introduces a CCMPS field for setting a CCID-specific upper bound on the application payload
size, as is defined in RFC 4340, section 14.

Only the TX CCID is considered in setting this limit, since the RX CCID generates comparatively
small (DCCP-Ack) feedback packets. The CCMPS field includes network and transport layer header
lengths. The only current CCMPS customer is CCID4 (via RFC 4828).

A wrapper is used to allow querying the CCMPS even at times where the CCID modules may not have
been fully negotiated yet.

In dccp_sync_mss() the variable `mss_now' has been renamed into `cur_mps', to reflect that we are
dealing with an MPS, but not an MSS.
Since the DCCP code closely follows the TCP code, the identifiers `dccp_sync_mss' and
`dccps_mss_cache' have been kept, as they have direct TCP counterparts.

Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
Signed-off-by: Ian McDonald <ian.mcdonald@jandi.co.nz>
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[CCID]: More informative registration
Gerrit Renker [Fri, 14 Dec 2007 01:33:25 +0000 (23:33 -0200)]
[CCID]: More informative registration

The patch makes the registration messages of CCID 2/3 a bit more
informative: instead of repeating the CCID number as currently done,

        "CCID: Registered CCID 2 (ccid2)"  or
        "CCID: Registered CCID 3 (ccid3)",

the descriptive names of the CCID's (from RFCs) are now used:

"CCID: Registered CCID 2 (TCP-like)" and
"CCID: Registered CCID 3 (TCP-Friendly Rate Control)".

To allow spaces in the name, the slab name string has been changed to
refer to the numeric CCID identifier, using the same format as before.

Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
Signed-off-by: Ian McDonald <ian.mcdonald@jandi.co.nz>
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[DCCP]: Documentation for CCID operations
Gerrit Renker [Fri, 14 Dec 2007 01:31:14 +0000 (23:31 -0200)]
[DCCP]: Documentation for CCID operations

This adds documentation for the ccid_operations structure.

Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
Signed-off-by: Ian McDonald <ian.mcdonald@jandi.co.nz>
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IPV4]: Thresholds in fib_trie.c are used as consts, so make them const.
Denis V. Lunev [Thu, 13 Dec 2007 17:47:57 +0000 (09:47 -0800)]
[IPV4]: Thresholds in fib_trie.c are used as consts, so make them const.

There are several thresholds for trie fib hash management. They are used
in the code as a constants. Make them constants from the compiler point of
view.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IPV6] sit: Rebinding of SIT tunnels to other interfaces
Michal Schmidt [Thu, 13 Dec 2007 17:47:00 +0000 (09:47 -0800)]
[IPV6] sit: Rebinding of SIT tunnels to other interfaces

This is similar to the change already done for IPIP tunnels.

Once created, a SIT tunnel can't be bound to another device.
To reproduce:

# create a tunnel:
ip tunnel add tunneltest0 mode sit remote 10.0.0.1 dev eth0
# try to change the bounding device from eth0 to eth1:
ip tunnel change tunneltest0 dev eth1
# show the result:
ip tunnel show tunneltest0

tunneltest0: ipv6/ip  remote 10.0.0.1  local any  dev eth0  ttl inherit

Notice the bound device has not changed from eth0 to eth1.

This patch fixes it. When changing the binding, it also recalculates the
MTU according to the new bound device's MTU.

Signed-off-by: Michal Schmidt <mschmidt@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IP_GRE]: Rebinding of GRE tunnels to other interfaces
Michal Schmidt [Thu, 13 Dec 2007 17:46:32 +0000 (09:46 -0800)]
[IP_GRE]: Rebinding of GRE tunnels to other interfaces

This is similar to the change already done for IPIP tunnels.

Once created, a GRE tunnel can't be bound to another device.
To reproduce:

# create a tunnel:
ip tunnel add tunneltest0 mode gre remote 10.0.0.1 dev eth0
# try to change the bounding device from eth0 to eth1:
ip tunnel change tunneltest0 dev eth1
# show the result:
ip tunnel show tunneltest0

tunneltest0: gre/ip  remote 10.0.0.1  local any  dev eth0  ttl inherit

Notice the bound device has not changed from eth0 to eth1.

This patch fixes it. When changing the binding, it also recalculates the
MTU according to the new bound device's MTU.

Signed-off-by: Michal Schmidt <mschmidt@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IPV6]: Always pass a valid nl_info to inet6_rt_notify.
Denis V. Lunev [Thu, 13 Dec 2007 17:45:12 +0000 (09:45 -0800)]
[IPV6]: Always pass a valid nl_info to inet6_rt_notify.

This makes the code in the inet6_rt_notify more straightforward and provides
groud for namespace passing.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[IPSEC]: Fix zero return value in xfrm_lookup on error
Herbert Xu [Thu, 13 Dec 2007 17:30:59 +0000 (09:30 -0800)]
[IPSEC]: Fix zero return value in xfrm_lookup on error

Further testing shows that my ICMP relookup patch can cause xfrm_lookup
to return zero on error which isn't very nice since it leads to the caller
dying on null pointer dereference.  The bug is due to not setting err
to ENOENT just before we leave xfrm_lookup in case of no policy.

This patch moves the err setting to where it should be.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[DCCP]: Ignore feature negotiation on Data packets
Gerrit Renker [Thu, 13 Dec 2007 14:48:19 +0000 (12:48 -0200)]
[DCCP]: Ignore feature negotiation on Data packets

This implements [RFC 4340, p. 32]: "any feature negotiation options received
on DCCP-Data packets MUST be ignored".

Also added a FIXME for further processing, since the code currently (wrongly)
classifies empty Confirm options as invalid - this needs to be resolved in
a separate patch.

Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
Signed-off-by: Ian McDonald <ian.mcdonald@jandi.co.nz>
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[DCCP]: Make code assumptions explicit
Gerrit Renker [Thu, 13 Dec 2007 14:41:46 +0000 (12:41 -0200)]
[DCCP]: Make code assumptions explicit

This removes several `XXX' references which indicate a missing support
for non-1-byte feature values: this is unnecessary, as all currently known
(standardised) SP feature values are 1-byte quantities.

Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
Signed-off-by: Ian McDonald <ian.mcdonald@jandi.co.nz>
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[DCCP]: Remove unused and redundant validation functions
Gerrit Renker [Thu, 13 Dec 2007 14:40:40 +0000 (12:40 -0200)]
[DCCP]: Remove unused and redundant validation functions

This removes two inlines which were both called in a single function only:

 1) dccp_feat_change() is always called with either DCCPO_CHANGE_L or DCCPO_CHANGE_R as argument
    * from dccp_set_socktopt_change() via do_dccp_setsockopt() with DCCP_SOCKOPT_CHANGE_R/L
    * from __dccp_feat_init() via dccp_feat_init() also with DCCP_SOCKOPT_CHANGE_R/L.

    Hence the dccp_feat_is_valid_type() is completely unnecessary and always returns true.

 2) Due to (1), the length test reduces to 'len >= 4', which in turn makes
    dccp_feat_is_valid_length() unnecessary.

Furthermore, the inline function dccp_feat_is_reserved() was unfolded,
since only called in a single place.

Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
Signed-off-by: Ian McDonald <ian.mcdonald@jandi.co.nz>
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[DCCP]: Support inserting options during the 3-way handshake
Gerrit Renker [Thu, 13 Dec 2007 14:38:11 +0000 (12:38 -0200)]
[DCCP]: Support inserting options during the 3-way handshake

This provides a separate routine to insert options during the initial handshake.
The main purpose is to conduct feature negotiation, for the moment the only user
is the timestamp echo needed for the (CCID3) handshake RTT sample.

Padding of options has been put into a small separate routine, to be shared among
the two functions. This could also be used as a generic routine to finish inserting
options.

Also removed an `XXX' comment since its content was obvious.

Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
Signed-off-by: Ian McDonald <ian.mcdonald@jandi.co.nz>
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
16 years ago[DCCP]: Handle timestamps on Request/Response exchange separately
Gerrit Renker [Thu, 13 Dec 2007 14:37:19 +0000 (12:37 -0200)]
[DCCP]: Handle timestamps on Request/Response exchange separately

In DCCP, timestamps can occur on packets anytime, CCID3 uses a timestamp(/echo) on the Request/Response
exchange. This patch addresses the following situation:
* timestamps are recorded on the listening socket;
* Responses are sent from dccp_request_sockets;
* suppose two connections reach the listening socket with very small time in between:
* the first timestamp value gets overwritten by the second connection request.

This is not really good, so this patch separates timestamps into
 * those which are received by the server during the initial handshake (on dccp_request_sock);
 * those which are received by the client or the client after connection establishment.

As before, a timestamp of 0 is regarded as indicating that no (meaningful) timestamp has been
received (in addition, a warning message is printed if hosts send 0-valued timestamps).

The timestamp-echoing now works as follows:
 * when a timestamp is present on the initial Request, it is placed into dreq, due to the
   call to dccp_parse_options in dccp_v{4,6}_conn_request;
 * when a timestamp is present on the Ack leading from RESPOND => OPEN, it is copied over
   from the request_sock into the child cocket in dccp_create_openreq_child;
 * timestamps received on an (established) dccp_sock are treated as before.

Since Elapsed Time is measured in hundredths of milliseconds (13.2), the new dccp_timestamp()
function is used, as it is expected that the time between receiving the timestamp and
sending the timestamp echo will be very small against the wrap-around time. As a byproduct,
this allows smaller timestamping-time fields.

Furthermore, inserting the Timestamp Echo option has been taken out of the block starting with
'!dccp_packet_without_ack()', since Timestamp Echo can be carried on any packet (5.8 and 13.3).

Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
Acked-by: Ian McDonald <ian.mcdonald@jandi.co.nz>
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>