summaryrefslogtreecommitdiff
path: root/net
diff options
context:
space:
mode:
Diffstat (limited to 'net')
-rw-r--r--net/can/af_can.c45
-rw-r--r--net/can/raw.c24
-rw-r--r--net/core/flow.c6
-rw-r--r--net/decnet/dn_route.c2
-rw-r--r--net/ipv4/netfilter/nf_nat_core.c6
-rw-r--r--net/ipv4/route.c2
-rw-r--r--net/iucv/af_iucv.c27
-rw-r--r--net/iucv/iucv.c4
-rw-r--r--net/netfilter/nf_conntrack_extend.c3
-rw-r--r--net/netfilter/nf_conntrack_proto_tcp.c32
-rw-r--r--net/netfilter/xt_iprange.c3
-rw-r--r--net/sched/em_meta.c10
-rw-r--r--net/tipc/addr.h5
-rw-r--r--net/tipc/bcast.h13
-rw-r--r--net/tipc/msg.h5
-rw-r--r--net/tipc/socket.c14
-rw-r--r--net/xfrm/xfrm_algo.c17
17 files changed, 119 insertions, 99 deletions
diff --git a/net/can/af_can.c b/net/can/af_can.c
index 5158e886630f..36b9f22ed83a 100644
--- a/net/can/af_can.c
+++ b/net/can/af_can.c
@@ -118,7 +118,6 @@ static int can_create(struct net *net, struct socket *sock, int protocol)
{
struct sock *sk;
struct can_proto *cp;
- char module_name[sizeof("can-proto-000")];
int err = 0;
sock->state = SS_UNCONNECTED;
@@ -129,26 +128,21 @@ static int can_create(struct net *net, struct socket *sock, int protocol)
if (net != &init_net)
return -EAFNOSUPPORT;
+#ifdef CONFIG_KMOD
/* try to load protocol module, when CONFIG_KMOD is defined */
if (!proto_tab[protocol]) {
- sprintf(module_name, "can-proto-%d", protocol);
- err = request_module(module_name);
+ err = request_module("can-proto-%d", protocol);
/*
* In case of error we only print a message but don't
* return the error code immediately. Below we will
* return -EPROTONOSUPPORT
*/
- if (err == -ENOSYS) {
- if (printk_ratelimit())
- printk(KERN_INFO "can: request_module(%s)"
- " not implemented.\n", module_name);
- } else if (err) {
- if (printk_ratelimit())
- printk(KERN_ERR "can: request_module(%s)"
- " failed.\n", module_name);
- }
+ if (err && printk_ratelimit())
+ printk(KERN_ERR "can: request_module "
+ "(can-proto-%d) failed.\n", protocol);
}
+#endif
spin_lock(&proto_tab_lock);
cp = proto_tab[protocol];
@@ -662,26 +656,26 @@ int can_proto_register(struct can_proto *cp)
return -EINVAL;
}
+ err = proto_register(cp->prot, 0);
+ if (err < 0)
+ return err;
+
spin_lock(&proto_tab_lock);
if (proto_tab[proto]) {
printk(KERN_ERR "can: protocol %d already registered\n",
proto);
err = -EBUSY;
- goto errout;
+ } else {
+ proto_tab[proto] = cp;
+
+ /* use generic ioctl function if not defined by module */
+ if (!cp->ops->ioctl)
+ cp->ops->ioctl = can_ioctl;
}
+ spin_unlock(&proto_tab_lock);
- err = proto_register(cp->prot, 0);
if (err < 0)
- goto errout;
-
- proto_tab[proto] = cp;
-
- /* use generic ioctl function if the module doesn't bring its own */
- if (!cp->ops->ioctl)
- cp->ops->ioctl = can_ioctl;
-
- errout:
- spin_unlock(&proto_tab_lock);
+ proto_unregister(cp->prot);
return err;
}
@@ -700,9 +694,10 @@ void can_proto_unregister(struct can_proto *cp)
printk(KERN_ERR "BUG: can: protocol %d is not registered\n",
proto);
}
- proto_unregister(cp->prot);
proto_tab[proto] = NULL;
spin_unlock(&proto_tab_lock);
+
+ proto_unregister(cp->prot);
}
EXPORT_SYMBOL(can_proto_unregister);
diff --git a/net/can/raw.c b/net/can/raw.c
index aeefd1419d00..94cd7f27c444 100644
--- a/net/can/raw.c
+++ b/net/can/raw.c
@@ -98,7 +98,6 @@ static void raw_rcv(struct sk_buff *skb, void *data)
struct sock *sk = (struct sock *)data;
struct raw_sock *ro = raw_sk(sk);
struct sockaddr_can *addr;
- int error;
if (!ro->recv_own_msgs) {
/* check the received tx sock reference */
@@ -121,14 +120,12 @@ static void raw_rcv(struct sk_buff *skb, void *data)
addr->can_family = AF_CAN;
addr->can_ifindex = skb->dev->ifindex;
- error = sock_queue_rcv_skb(sk, skb);
- if (error < 0)
+ if (sock_queue_rcv_skb(sk, skb) < 0)
kfree_skb(skb);
}
static int raw_enable_filters(struct net_device *dev, struct sock *sk,
- struct can_filter *filter,
- int count)
+ struct can_filter *filter, int count)
{
int err = 0;
int i;
@@ -163,8 +160,7 @@ static int raw_enable_errfilter(struct net_device *dev, struct sock *sk,
}
static void raw_disable_filters(struct net_device *dev, struct sock *sk,
- struct can_filter *filter,
- int count)
+ struct can_filter *filter, int count)
{
int i;
@@ -353,7 +349,6 @@ static int raw_bind(struct socket *sock, struct sockaddr *uaddr, int len)
/* filters set by default/setsockopt */
err = raw_enable_allfilters(dev, sk);
dev_put(dev);
-
} else {
ifindex = 0;
@@ -466,7 +461,6 @@ static int raw_setsockopt(struct socket *sock, int level, int optname,
if (err) {
if (count > 1)
kfree(filter);
-
goto out_fil;
}
@@ -673,25 +667,25 @@ static int raw_recvmsg(struct kiocb *iocb, struct socket *sock,
{
struct sock *sk = sock->sk;
struct sk_buff *skb;
- int error = 0;
+ int err = 0;
int noblock;
noblock = flags & MSG_DONTWAIT;
flags &= ~MSG_DONTWAIT;
- skb = skb_recv_datagram(sk, flags, noblock, &error);
+ skb = skb_recv_datagram(sk, flags, noblock, &err);
if (!skb)
- return error;
+ return err;
if (size < skb->len)
msg->msg_flags |= MSG_TRUNC;
else
size = skb->len;
- error = memcpy_toiovec(msg->msg_iov, skb->data, size);
- if (error < 0) {
+ err = memcpy_toiovec(msg->msg_iov, skb->data, size);
+ if (err < 0) {
skb_free_datagram(sk, skb);
- return error;
+ return err;
}
sock_recv_timestamp(msg, sk, skb);
diff --git a/net/core/flow.c b/net/core/flow.c
index 46b38e06e0d7..a77531c139b7 100644
--- a/net/core/flow.c
+++ b/net/core/flow.c
@@ -30,8 +30,8 @@ struct flow_cache_entry {
struct flow_cache_entry *next;
u16 family;
u8 dir;
- struct flowi key;
u32 genid;
+ struct flowi key;
void *object;
atomic_t *object_ref;
};
@@ -52,7 +52,7 @@ struct flow_percpu_info {
int hash_rnd_recalc;
u32 hash_rnd;
int count;
-} ____cacheline_aligned;
+};
static DEFINE_PER_CPU(struct flow_percpu_info, flow_hash_info) = { 0 };
#define flow_hash_rnd_recalc(cpu) \
@@ -346,7 +346,7 @@ static int __init flow_cache_init(void)
flow_cachep = kmem_cache_create("flow_cache",
sizeof(struct flow_cache_entry),
- 0, SLAB_HWCACHE_ALIGN|SLAB_PANIC,
+ 0, SLAB_PANIC,
NULL);
flow_hash_shift = 10;
flow_lwm = 2 * flow_hash_size;
diff --git a/net/decnet/dn_route.c b/net/decnet/dn_route.c
index 31be29b8b5a3..9dc0abb50eaf 100644
--- a/net/decnet/dn_route.c
+++ b/net/decnet/dn_route.c
@@ -94,7 +94,7 @@ struct dn_rt_hash_bucket
{
struct dn_route *chain;
spinlock_t lock;
-} __attribute__((__aligned__(8)));
+};
extern struct neigh_table dn_neigh_table;
diff --git a/net/ipv4/netfilter/nf_nat_core.c b/net/ipv4/netfilter/nf_nat_core.c
index dd07362d2b8f..0d5fa3a54d04 100644
--- a/net/ipv4/netfilter/nf_nat_core.c
+++ b/net/ipv4/netfilter/nf_nat_core.c
@@ -600,10 +600,10 @@ static void nf_nat_cleanup_conntrack(struct nf_conn *ct)
spin_unlock_bh(&nf_nat_lock);
}
-static void nf_nat_move_storage(struct nf_conn *conntrack, void *old)
+static void nf_nat_move_storage(void *new, void *old)
{
- struct nf_conn_nat *new_nat = nf_ct_ext_find(conntrack, NF_CT_EXT_NAT);
- struct nf_conn_nat *old_nat = (struct nf_conn_nat *)old;
+ struct nf_conn_nat *new_nat = new;
+ struct nf_conn_nat *old_nat = old;
struct nf_conn *ct = old_nat->ct;
if (!ct || !(ct->status & IPS_NAT_DONE_MASK))
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index 8842ecb9be48..525787b52b72 100644
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -2041,7 +2041,7 @@ int ip_route_input(struct sk_buff *skb, __be32 daddr, __be32 saddr,
int iif = dev->ifindex;
struct net *net;
- net = skb->dev->nd_net;
+ net = dev->nd_net;
tos &= IPTOS_RT_MASK;
hash = rt_hash(daddr, saddr, iif);
diff --git a/net/iucv/af_iucv.c b/net/iucv/af_iucv.c
index 2255e3c082ed..fee22caf1bad 100644
--- a/net/iucv/af_iucv.c
+++ b/net/iucv/af_iucv.c
@@ -482,6 +482,10 @@ static int iucv_sock_connect(struct socket *sock, struct sockaddr *addr,
/* Create path. */
iucv->path = iucv_path_alloc(IUCV_QUEUELEN_DEFAULT,
IPRMDATA, GFP_KERNEL);
+ if (!iucv->path) {
+ err = -ENOMEM;
+ goto done;
+ }
err = iucv_path_connect(iucv->path, &af_iucv_handler,
sa->siucv_user_id, NULL, user_data, sk);
if (err) {
@@ -1094,6 +1098,8 @@ static void iucv_callback_rx(struct iucv_path *path, struct iucv_message *msg)
save_message:
save_msg = kzalloc(sizeof(struct sock_msg_q), GFP_ATOMIC | GFP_DMA);
+ if (!save_msg)
+ return;
save_msg->path = path;
save_msg->msg = *msg;
@@ -1106,24 +1112,31 @@ static void iucv_callback_txdone(struct iucv_path *path,
struct iucv_message *msg)
{
struct sock *sk = path->private;
- struct sk_buff *this;
+ struct sk_buff *this = NULL;
struct sk_buff_head *list = &iucv_sk(sk)->send_skb_q;
struct sk_buff *list_skb = list->next;
unsigned long flags;
- if (list_skb) {
+ if (!skb_queue_empty(list)) {
spin_lock_irqsave(&list->lock, flags);
- do {
- this = list_skb;
+ while (list_skb != (struct sk_buff *)list) {
+ if (!memcmp(&msg->tag, list_skb->cb, 4)) {
+ this = list_skb;
+ break;
+ }
list_skb = list_skb->next;
- } while (memcmp(&msg->tag, this->cb, 4) && list_skb);
+ }
+ if (this)
+ __skb_unlink(this, list);
spin_unlock_irqrestore(&list->lock, flags);
- skb_unlink(this, &iucv_sk(sk)->send_skb_q);
- kfree_skb(this);
+ if (this)
+ kfree_skb(this);
}
+ if (!this)
+ printk(KERN_ERR "AF_IUCV msg tag %u not found\n", msg->tag);
if (sk->sk_state == IUCV_CLOSING) {
if (skb_queue_empty(&iucv_sk(sk)->send_skb_q)) {
diff --git a/net/iucv/iucv.c b/net/iucv/iucv.c
index f13fe8821cbd..2753b0c448f3 100644
--- a/net/iucv/iucv.c
+++ b/net/iucv/iucv.c
@@ -693,9 +693,9 @@ int iucv_register(struct iucv_handler *handler, int smp)
iucv_setmask_up();
INIT_LIST_HEAD(&handler->paths);
- spin_lock_irq(&iucv_table_lock);
+ spin_lock_bh(&iucv_table_lock);
list_add_tail(&handler->list, &iucv_handler_list);
- spin_unlock_irq(&iucv_table_lock);
+ spin_unlock_bh(&iucv_table_lock);
rc = 0;
out_mutex:
mutex_unlock(&iucv_register_mutex);
diff --git a/net/netfilter/nf_conntrack_extend.c b/net/netfilter/nf_conntrack_extend.c
index cf6ba6659a80..8b9be1e978cd 100644
--- a/net/netfilter/nf_conntrack_extend.c
+++ b/net/netfilter/nf_conntrack_extend.c
@@ -109,7 +109,8 @@ void *__nf_ct_ext_add(struct nf_conn *ct, enum nf_ct_ext_id id, gfp_t gfp)
rcu_read_lock();
t = rcu_dereference(nf_ct_ext_types[i]);
if (t && t->move)
- t->move(ct, ct->ext + ct->ext->offset[i]);
+ t->move((void *)new + new->offset[i],
+ (void *)ct->ext + ct->ext->offset[i]);
rcu_read_unlock();
}
kfree(ct->ext);
diff --git a/net/netfilter/nf_conntrack_proto_tcp.c b/net/netfilter/nf_conntrack_proto_tcp.c
index 3e0cccae5636..202d7fa09483 100644
--- a/net/netfilter/nf_conntrack_proto_tcp.c
+++ b/net/netfilter/nf_conntrack_proto_tcp.c
@@ -125,7 +125,7 @@ enum tcp_bit_set {
* CLOSE_WAIT: ACK seen (after FIN)
* LAST_ACK: FIN seen (after FIN)
* TIME_WAIT: last ACK seen
- * CLOSE: closed connection
+ * CLOSE: closed connection (RST)
*
* LISTEN state is not used.
*
@@ -824,7 +824,21 @@ static int tcp_packet(struct nf_conn *ct,
case TCP_CONNTRACK_SYN_SENT:
if (old_state < TCP_CONNTRACK_TIME_WAIT)
break;
- if ((ct->proto.tcp.seen[!dir].flags & IP_CT_TCP_FLAG_CLOSE_INIT)
+ /* RFC 1122: "When a connection is closed actively,
+ * it MUST linger in TIME-WAIT state for a time 2xMSL
+ * (Maximum Segment Lifetime). However, it MAY accept
+ * a new SYN from the remote TCP to reopen the connection
+ * directly from TIME-WAIT state, if..."
+ * We ignore the conditions because we are in the
+ * TIME-WAIT state anyway.
+ *
+ * Handle aborted connections: we and the server
+ * think there is an existing connection but the client
+ * aborts it and starts a new one.
+ */
+ if (((ct->proto.tcp.seen[dir].flags
+ | ct->proto.tcp.seen[!dir].flags)
+ & IP_CT_TCP_FLAG_CLOSE_INIT)
|| (ct->proto.tcp.last_dir == dir
&& ct->proto.tcp.last_index == TCP_RST_SET)) {
/* Attempt to reopen a closed/aborted connection.
@@ -838,15 +852,22 @@ static int tcp_packet(struct nf_conn *ct,
case TCP_CONNTRACK_IGNORE:
/* Ignored packets:
*
+ * Our connection entry may be out of sync, so ignore
+ * packets which may signal the real connection between
+ * the client and the server.
+ *
* a) SYN in ORIGINAL
* b) SYN/ACK in REPLY
* c) ACK in reply direction after initial SYN in original.
+ *
+ * If the ignored packet is invalid, the receiver will send
+ * a RST we'll catch below.
*/
if (index == TCP_SYNACK_SET
&& ct->proto.tcp.last_index == TCP_SYN_SET
&& ct->proto.tcp.last_dir != dir
&& ntohl(th->ack_seq) == ct->proto.tcp.last_end) {
- /* This SYN/ACK acknowledges a SYN that we earlier
+ /* b) This SYN/ACK acknowledges a SYN that we earlier
* ignored as invalid. This means that the client and
* the server are both in sync, while the firewall is
* not. We kill this session and block the SYN/ACK so
@@ -870,7 +891,7 @@ static int tcp_packet(struct nf_conn *ct,
write_unlock_bh(&tcp_lock);
if (LOG_INVALID(IPPROTO_TCP))
nf_log_packet(pf, 0, skb, NULL, NULL, NULL,
- "nf_ct_tcp: invalid packed ignored ");
+ "nf_ct_tcp: invalid packet ignored ");
return NF_ACCEPT;
case TCP_CONNTRACK_MAX:
/* Invalid packet */
@@ -924,8 +945,7 @@ static int tcp_packet(struct nf_conn *ct,
ct->proto.tcp.state = new_state;
if (old_state != new_state
- && (new_state == TCP_CONNTRACK_FIN_WAIT
- || new_state == TCP_CONNTRACK_CLOSE))
+ && new_state == TCP_CONNTRACK_CLOSE)
ct->proto.tcp.seen[dir].flags |= IP_CT_TCP_FLAG_CLOSE_INIT;
timeout = ct->proto.tcp.retrans >= nf_ct_tcp_max_retrans
&& tcp_timeouts[new_state] > nf_ct_tcp_timeout_max_retrans
diff --git a/net/netfilter/xt_iprange.c b/net/netfilter/xt_iprange.c
index 01035fc0e140..4f984dc60319 100644
--- a/net/netfilter/xt_iprange.c
+++ b/net/netfilter/xt_iprange.c
@@ -13,6 +13,7 @@
#include <linux/ip.h>
#include <linux/ipv6.h>
#include <linux/netfilter/x_tables.h>
+#include <linux/netfilter/xt_iprange.h>
#include <linux/netfilter_ipv4/ipt_iprange.h>
static bool
@@ -148,7 +149,7 @@ static struct xt_match iprange_mt_reg[] __read_mostly = {
{
.name = "iprange",
.revision = 1,
- .family = AF_INET6,
+ .family = AF_INET,
.match = iprange_mt4,
.matchsize = sizeof(struct xt_iprange_mtinfo),
.me = THIS_MODULE,
diff --git a/net/sched/em_meta.c b/net/sched/em_meta.c
index 2a7e648fbcf4..d417ec8e3ca3 100644
--- a/net/sched/em_meta.c
+++ b/net/sched/em_meta.c
@@ -735,11 +735,13 @@ static int em_meta_match(struct sk_buff *skb, struct tcf_ematch *m,
static inline void meta_delete(struct meta_match *meta)
{
- struct meta_type_ops *ops = meta_type_ops(&meta->lvalue);
+ if (meta) {
+ struct meta_type_ops *ops = meta_type_ops(&meta->lvalue);
- if (ops && ops->destroy) {
- ops->destroy(&meta->lvalue);
- ops->destroy(&meta->rvalue);
+ if (ops && ops->destroy) {
+ ops->destroy(&meta->lvalue);
+ ops->destroy(&meta->rvalue);
+ }
}
kfree(meta);
diff --git a/net/tipc/addr.h b/net/tipc/addr.h
index e4bd5335e48d..3ba67e6ce03e 100644
--- a/net/tipc/addr.h
+++ b/net/tipc/addr.h
@@ -57,11 +57,6 @@ static inline int in_own_cluster(u32 addr)
return !((addr ^ tipc_own_addr) >> 12);
}
-static inline int in_own_zone(u32 addr)
-{
- return !((addr ^ tipc_own_addr) >> 24);
-}
-
static inline int is_slave(u32 addr)
{
return addr & 0x800;
diff --git a/net/tipc/bcast.h b/net/tipc/bcast.h
index f910ed29d055..a2416fa6b906 100644
--- a/net/tipc/bcast.h
+++ b/net/tipc/bcast.h
@@ -74,19 +74,6 @@ extern char tipc_bclink_name[];
/**
- * nmap_get - determine if node exists in a node map
- */
-
-static inline int tipc_nmap_get(struct node_map *nm_ptr, u32 node)
-{
- int n = tipc_node(node);
- int w = n / WSIZE;
- int b = n % WSIZE;
-
- return nm_ptr->map[w] & (1 << b);
-}
-
-/**
* nmap_add - add a node to a node map
*/
diff --git a/net/tipc/msg.h b/net/tipc/msg.h
index ce2659836374..e9ef6df26562 100644
--- a/net/tipc/msg.h
+++ b/net/tipc/msg.h
@@ -663,11 +663,6 @@ static inline void msg_set_remote_node(struct tipc_msg *m, u32 a)
msg_set_word(m, msg_hdr_sz(m)/4, a);
}
-static inline int msg_dataoctet(struct tipc_msg *m, u32 pos)
-{
- return(msg_data(m)[pos + 4] != 0);
-}
-
static inline void msg_set_dataoctet(struct tipc_msg *m, u32 pos)
{
msg_data(m)[pos + 4] = 1;
diff --git a/net/tipc/socket.c b/net/tipc/socket.c
index 24ddfd2ca38b..22909036b9bc 100644
--- a/net/tipc/socket.c
+++ b/net/tipc/socket.c
@@ -71,9 +71,9 @@ struct tipc_sock {
static u32 dispatch(struct tipc_port *tport, struct sk_buff *buf);
static void wakeupdispatch(struct tipc_port *tport);
-static struct proto_ops packet_ops;
-static struct proto_ops stream_ops;
-static struct proto_ops msg_ops;
+static const struct proto_ops packet_ops;
+static const struct proto_ops stream_ops;
+static const struct proto_ops msg_ops;
static struct proto tipc_proto;
@@ -1615,7 +1615,7 @@ static int getsockopt(struct socket *sock,
* Protocol switches for the various types of TIPC sockets
*/
-static struct proto_ops msg_ops = {
+static const struct proto_ops msg_ops = {
.owner = THIS_MODULE,
.family = AF_TIPC,
.release = release,
@@ -1636,7 +1636,7 @@ static struct proto_ops msg_ops = {
.sendpage = sock_no_sendpage
};
-static struct proto_ops packet_ops = {
+static const struct proto_ops packet_ops = {
.owner = THIS_MODULE,
.family = AF_TIPC,
.release = release,
@@ -1657,7 +1657,7 @@ static struct proto_ops packet_ops = {
.sendpage = sock_no_sendpage
};
-static struct proto_ops stream_ops = {
+static const struct proto_ops stream_ops = {
.owner = THIS_MODULE,
.family = AF_TIPC,
.release = release,
@@ -1678,7 +1678,7 @@ static struct proto_ops stream_ops = {
.sendpage = sock_no_sendpage
};
-static struct net_proto_family tipc_family_ops = {
+static const struct net_proto_family tipc_family_ops = {
.owner = THIS_MODULE,
.family = AF_TIPC,
.create = tipc_create
diff --git a/net/xfrm/xfrm_algo.c b/net/xfrm/xfrm_algo.c
index 6cc15250de69..8aa6440d689f 100644
--- a/net/xfrm/xfrm_algo.c
+++ b/net/xfrm/xfrm_algo.c
@@ -399,6 +399,23 @@ static struct xfrm_algo_desc ealg_list[] = {
.sadb_alg_maxbits = 256
}
},
+{
+ .name = "rfc3686(ctr(aes))",
+
+ .uinfo = {
+ .encr = {
+ .blockbits = 128,
+ .defkeybits = 160, /* 128-bit key + 32-bit nonce */
+ }
+ },
+
+ .desc = {
+ .sadb_alg_id = SADB_X_EALG_AESCTR,
+ .sadb_alg_ivlen = 8,
+ .sadb_alg_minbits = 128,
+ .sadb_alg_maxbits = 256
+ }
+},
};
static struct xfrm_algo_desc calg_list[] = {