summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* [SCTP] bug: endianness problem in sctp_getsockopt_sctp_status()Al Viro2006-12-021-2/+2
| | | | | | | | Again, invalid sockaddr passed to userland - host-endiand sin_port. Potential leak, again, but less dramatic than in previous case. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP] bug: sctp_assoc_control_transport() breakageAl Viro2006-12-021-2/+4
| | | | | | | | | | | a) struct sockaddr_storage * passed to sctp_ulpevent_make_peer_addr_change() actually points at union sctp_addr field in a structure. Then that sucker gets copied to userland, with whatever junk we might have there. b) it's actually having host-endian sin_port. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP] bug: sctp_find_unmatch_addr() compares net-endian to host-endianAl Viro2006-12-021-1/+3
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP] bug: sctp_assoc_lookup_laddr() is broken with ipv6.Al Viro2006-12-021-1/+3
| | | | | | | | | It expects (and gets) laddr with net-endian sin_port. And then it calls sctp_bind_addr_match(), which *does* care about port numbers in case of ipv6 and expects them to be host-endian. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: Beginning of sin_port fixes.Al Viro2006-12-022-17/+34
| | | | | | | | | | That's going to be a long series. Introduced temporary helpers doing copy-and-convert for sctp_addr; they are used to kill flip-in-place in global data structures and will be used to gradually push host-endian uses of sctp_addr out of existence. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: Trivial sctp endianness annotations.Al Viro2006-12-028-17/+17
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: Annotate tsn_dups.Al Viro2006-12-021-2/+2
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: SCTP_CMD_ASSOC_FAILED annotations.Al Viro2006-12-022-13/+13
| | | | | | | also always get __be16 protocol error; switch to SCTP_PERR() Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: SCTP_CMD_INIT_FAILED annotations.Al Viro2006-12-023-7/+9
| | | | | | | | | | argument stored for SCTP_CMD_INIT_FAILED is always __be16 (protocol error). Introduced new field and accessor for it (SCTP_PERR()); switched to their use (from SCTP_U32() and .u32) Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: sctp_stop_t1_and_abort() annotations.Al Viro2006-12-021-4/+4
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: sctp_make_op_error() annotations.Al Viro2006-12-022-2/+2
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: Annotate sctp_init_cause().Al Viro2006-12-022-2/+2
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: Annotate SCTP headers.Al Viro2006-12-021-36/+36
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPV6] net/ipv6/sit.c: make 2 functions staticAdrian Bunk2006-12-022-6/+2
| | | | | | | This patch makes two needlessly global functions static. Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: David S. Miller <davem@davemloft.net>
* [XFRM]: Make copy_to_user_policy_type take a typeJamal Hadi Salim2006-12-021-7/+7
| | | | | | | | Make copy_to_user_policy_type take a type instead a policy and fix its users to pass the type Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca> Signed-off-by: David S. Miller <davem@davemloft.net>
* [BRIDGE] netlink: Convert bridge netlink code to new netlink interfaceThomas Graf2006-12-021-54/+38
| | | | | | | | Removes dependency on buggy rta_buf, fixes a memory corruption bug due to a unvalidated netlink attribute, and simplifies the code. Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
* [DCCP]: Adds the tx buffer sysctlsIan McDonald2006-12-023-0/+14
| | | | | | | This one got lost on the way from Ian to Gerrit to me, fix it. Signed-off-by: Ian McDonald <ian.mcdonald@jandi.co.nz> Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
* [DCCP] CCID3: Remove non-referenced variableIan McDonald2006-12-021-3/+0
| | | | | | | This removes a non-referenced variable. Signed-off-by: Ian McDonald <ian.mcdonald@jandi.co.nz> Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
* [DCCP]: Update DocumentationIan McDonald2006-12-021-15/+8
| | | | | | | This patch just updates DCCP documentation a bit. Signed-off-by: Ian McDonald <ian.mcdonald@jandi.co.nz> Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
* [DCCP]: Make dccp_probe more portableIan McDonald2006-12-021-2/+4
| | | | | | | This makes the code of the dccp_probe module more portable. Signed-off-by: Ian McDonald <ian.mcdonald@jandi.co.nz> Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
* [CCID 3]: Add annotations for socket structuresGerrit Renker2006-12-021-35/+55
| | | | | | | | This adds documentation to the CCID 3 rx/tx socket fields, plus some minor re-formatting. Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk> Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
* [DCCP]: Simplified conditions due to use of enum:8 statesGerrit Renker2006-12-0214-156/+115
| | | | | | | | | | | | | | | | | | | | | | This reaps the benefit of the earlier patch, which changed the type of CCID 3 states to use enums, in that many conditions are now simplified and the number of possible (unexpected) values is greatly reduced. In a few instances, this also allowed to simplify pre-conditions; where care has been taken to retain logical equivalence. [DCCP]: Introduce a consistent BUG/WARN message scheme This refines the existing set of DCCP messages so that * BUG(), BUG_ON(), WARN_ON() have meaningful DCCP-specific counterparts * DCCP_CRIT (for severe warnings) is not rate-limited * DCCP_WARN() is introduced as rate-limited wrapper Using these allows a faster and cleaner transition to their original counterparts once the code has matured into a full DCCP implementation. Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk> Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
* [DCCP]: Set TX Queue Length Bounds via SysctlIan McDonald2006-12-022-0/+11
| | | | | | | | | | | | | | Previously the transmit queue was unbounded. This patch: * puts a limit on transmit queue length and sends back EAGAIN if the buffer is full * sets the TX queue length to a sensible default * implements tx buffer sysctls for DCCP Signed-off-by: Ian McDonald <ian.mcdonald@jandi.co.nz> Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk> Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
* [DCCP]: Add CCID3 debug support to KconfigGerrit Renker2006-12-022-8/+19
| | | | | | | | | | | | | | | This adds a CCID3 debug option to the configuration menu which is missing in Kconfig, but already used by the code. CCID 2 already provides such an entry. To enable debugging, set CONFIG_IP_DCCP_CCID3_DEBUG=y NOTE: The use of ccid3_{t,r}x_state_name is safe, since now only enum values can appear. Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk> Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
* [DCCP]: enable debug messages also for static buildsGerrit Renker2006-12-025-26/+37
| | | | | | | | | | | This patch * makes debugging (when configured) work both for static / module build * provides generic debugging macros for use in other DCCP / CCID modules * adds missing information about debug parameters to Kconfig * performs some code tidy-up Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk> Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
* [BNX2]: Update version and rel date.Michael Chan2006-12-021-2/+2
| | | | | | | Update version to 1.5.1. Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [BNX2]: Add 5709 PCI ID.Michael Chan2006-12-022-2/+12
| | | | | | | Add PCI ID and detection for 5709 copper and SerDes chips. Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [BNX2]: Download 5709 firmware.Michael Chan2006-12-021-4/+38
| | | | | Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [BNX2]: New firmware to support 5709 (part 4).Michael Chan2006-12-021-0/+1037
| | | | | Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [BNX2]: New firmware to support 5709 (part 3).Michael Chan2006-12-021-0/+712
| | | | | Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [BNX2]: New firmware to support 5709 (part 2).Michael Chan2006-12-021-0/+1259
| | | | | Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [BNX2]: New firmware to support 5709 (part 1).Michael Chan2006-12-021-0/+1078
| | | | | Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [BNX2]: Add 5709 reset and runtime code.Michael Chan2006-12-021-24/+37
| | | | | Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [BNX2]: Add 5709 init code.Michael Chan2006-12-021-37/+130
| | | | | | | Add basic support to initialize the 5709 chip. Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [BNX2]: Add new 5709 registers (part 2).Michael Chan2006-12-021-22/+1410
| | | | | Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [BNX2]: Add new 5709 registers (part 1).Michael Chan2006-12-021-146/+1311
| | | | | Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [BNX2]: Re-organize firmware structures.Michael Chan2006-12-023-218/+187
| | | | | | | | Re-organize the firmware handling code and declarations a bit to make the code more compact. Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [BNX2]: Remove udelay() in copper PHY code.Michael Chan2006-12-021-7/+6
| | | | | | | Change a long udelay() in bnx2_setup_copper_phy() to msleep(). Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [BNX2]: Add 5708S parallel detection.Michael Chan2006-12-022-21/+57
| | | | | | | Add code to parallel detect 1Gbps and 2.5Gbps link speeds. Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [BNX2]: Add bnx2_5706_serdes_timer().Michael Chan2006-12-021-56/+55
| | | | | | | | Separate the 5706S SerDes handling code in bnx2_timer() and put it in a new function. Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [BNX2]: Improve SerDes handling.Michael Chan2006-12-022-21/+41
| | | | | | | | | 1. Add support for 2.5Gbps forced speed setting. 2. Remove a long udelay() loop and change to msleep(). 3. Other misc. SerDes fixes. Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [BNX2]: Fix Xen problem.Michael Chan2006-12-022-381/+691
| | | | | | | | | | | | | This fixes the problem of not receiving packets in the Xen bridging environment. The Xen script sets the device's MAC address to FE:FF:FF:FF:FF:FF and puts the device in promiscuous mode. The firmware had problem receiving all packets in this configuration. New firmware and setting the PROM_VLAN bit when in promiscuous mode will fix this problem. Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* Compile fix for "peer secid consolidation for external network labeling"James Morris2006-12-021-1/+2
| | | | | | | Use a forward declaration instead of dragging in skbuff.h and related junk. Signed-off-by: James Morris <jmorris@namei.org>
* NetLabel: honor the audit_enabled flagPaul Moore2006-12-024-39/+50
| | | | | | | | | | | The audit_enabled flag is used to signal when syscall auditing is to be performed. While NetLabel uses a Netlink interface instead of syscalls, it is reasonable to consider the NetLabel Netlink interface as a form of syscall so pay attention to the audit_enabled flag when generating audit messages in NetLabel. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org>
* SELinux: peer secid consolidation for external network labelingPaul Moore2006-12-026-150/+52
| | | | | | | | | | | | Now that labeled IPsec makes use of the peer_sid field in the sk_security_struct we can remove a lot of the special cases between labeled IPsec and NetLabel. In addition, create a new function, security_skb_extlbl_sid(), which we can use in several places to get the security context of the packet's external label which allows us to further simplify the code in a few places. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org>
* NetLabel: SELinux cleanupsPaul Moore2006-12-024-54/+86
| | | | | | | | | | | | | | | | | This patch does a lot of cleanup in the SELinux NetLabel support code. A summary of the changes include: * Use RCU locking for the NetLabel state variable in the skk_security_struct instead of using the inode_security_struct mutex. * Remove unnecessary parameters in selinux_netlbl_socket_post_create(). * Rename selinux_netlbl_sk_clone_security() to selinux_netlbl_sk_security_clone() to better fit the other NetLabel sk_security functions. * Improvements to selinux_netlbl_inode_permission() to help reduce the cost of the common case. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org>
* NetLabel: use cipso_v4_doi_search() for local CIPSOv4 functionsPaul Moore2006-12-021-3/+3
| | | | | | | | | | The cipso_v4_doi_search() function behaves the same as cipso_v4_doi_getdef() but is a local, static function so use it whenever possibile in the CIPSOv4 code base. Signed-of-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org>
* NetLabel: use the correct CIPSOv4 MLS label limitsPaul Moore2006-12-021-2/+2
| | | | | | | | | The CIPSOv4 engine currently has MLS label limits which are slightly larger than what the draft allows. This is not a major problem due to the current implementation but we should fix this so it doesn't bite us later. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org>
* NetLabel: return the correct error for translated CIPSOv4 tagsPaul Moore2006-12-021-0/+4
| | | | | | | | | | | | The CIPSOv4 translated tag #1 mapping does not always return the correct error code if the desired mapping does not exist; instead of returning -EPERM it returns -ENOSPC indicating that the buffer is not large enough to hold the translated value. This was caused by failing to check a specific error condition. This patch fixes this so that unknown mappings return -EPERM which is consistent with the rest of the related CIPSOv4 code. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org>
* NetLabel: fixup the handling of CIPSOv4 tags to allow for multiple tag typesPaul Moore2006-12-021-60/+53
| | | | | | | | | | While the original CIPSOv4 code had provisions for multiple tag types the implementation was not as great as it could be, pushing a lot of non-tag specific processing into the tag specific code blocks. This patch fixes that issue making it easier to support multiple tag types in the future. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org>