提交 8002cedc 编写于 作者: L Linus Torvalds

Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/net-2.6

* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/net-2.6: (27 commits)
  [INET]: Fix inet_diag dead-lock regression
  [NETNS]: Fix /proc/net breakage
  [TEXTSEARCH]: Do not allow zero length patterns in the textsearch infrastructure
  [NETFILTER]: fix forgotten module release in xt_CONNMARK and xt_CONNSECMARK
  [NETFILTER]: xt_TCPMSS: remove network triggerable WARN_ON
  [DECNET]: dn_nl_deladdr() almost always returns no error
  [IPV6]: Restore IPv6 when MTU is big enough
  [RXRPC]: Add missing select on CRYPTO
  mac80211: rate limit wep decrypt failed messages
  rfkill: fix double-mutex-locking
  mac80211: drop unencrypted frames if encryption is expected
  mac80211: Fix behavior of ieee80211_open and ieee80211_close
  ieee80211: fix unaligned access in ieee80211_copy_snap
  mac80211: free ifsta->extra_ie and clear IEEE80211_STA_PRIVACY_INVOKED
  SCTP: Fix build issues with SCTP AUTH.
  SCTP: Fix chunk acceptance when no authenticated chunks were listed.
  SCTP: Fix the supported extensions paramter
  SCTP: Fix SCTP-AUTH to correctly add HMACS paramter.
  SCTP: Fix the number of HB transmissions.
  [TCP] illinois: Incorrect beta usage
  ...
......@@ -2281,14 +2281,12 @@ static void gem_reset_task(struct work_struct *work)
mutex_lock(&gp->pm_mutex);
napi_disable(&gp->napi);
if (gp->opened)
napi_disable(&gp->napi);
spin_lock_irq(&gp->lock);
spin_lock(&gp->tx_lock);
if (gp->running == 0)
goto not_running;
if (gp->running) {
netif_stop_queue(gp->dev);
......@@ -2298,13 +2296,14 @@ static void gem_reset_task(struct work_struct *work)
gem_set_link_modes(gp);
netif_wake_queue(gp->dev);
}
not_running:
gp->reset_task_pending = 0;
spin_unlock(&gp->tx_lock);
spin_unlock_irq(&gp->lock);
napi_enable(&gp->napi);
if (gp->opened)
napi_enable(&gp->napi);
mutex_unlock(&gp->pm_mutex);
}
......
......@@ -374,9 +374,16 @@ static int proc_delete_dentry(struct dentry * dentry)
return 1;
}
static int proc_revalidate_dentry(struct dentry *dentry, struct nameidata *nd)
{
d_drop(dentry);
return 0;
}
static struct dentry_operations proc_dentry_operations =
{
.d_delete = proc_delete_dentry,
.d_revalidate = proc_revalidate_dentry,
};
/*
......@@ -397,8 +404,11 @@ struct dentry *proc_lookup(struct inode * dir, struct dentry *dentry, struct nam
if (de->namelen != dentry->d_name.len)
continue;
if (!memcmp(dentry->d_name.name, de->name, de->namelen)) {
unsigned int ino = de->low_ino;
unsigned int ino;
if (de->shadow_proc)
de = de->shadow_proc(current, de);
ino = de->low_ino;
de_get(de);
spin_unlock(&proc_subdir_lock);
error = -EINVAL;
......
......@@ -50,89 +50,14 @@ struct net *get_proc_net(const struct inode *inode)
}
EXPORT_SYMBOL_GPL(get_proc_net);
static struct proc_dir_entry *proc_net_shadow;
static struct proc_dir_entry *shadow_pde;
static struct dentry *proc_net_shadow_dentry(struct dentry *parent,
static struct proc_dir_entry *proc_net_shadow(struct task_struct *task,
struct proc_dir_entry *de)
{
struct dentry *shadow = NULL;
struct inode *inode;
if (!de)
goto out;
de_get(de);
inode = proc_get_inode(parent->d_inode->i_sb, de->low_ino, de);
if (!inode)
goto out_de_put;
shadow = d_alloc_name(parent, de->name);
if (!shadow)
goto out_iput;
shadow->d_op = parent->d_op; /* proc_dentry_operations */
d_instantiate(shadow, inode);
out:
return shadow;
out_iput:
iput(inode);
out_de_put:
de_put(de);
goto out;
}
static void *proc_net_follow_link(struct dentry *parent, struct nameidata *nd)
{
struct net *net = current->nsproxy->net_ns;
struct dentry *shadow;
shadow = proc_net_shadow_dentry(parent, net->proc_net);
if (!shadow)
return ERR_PTR(-ENOENT);
dput(nd->dentry);
/* My dentry count is 1 and that should be enough as the
* shadow dentry is thrown away immediately.
*/
nd->dentry = shadow;
return NULL;
return task->nsproxy->net_ns->proc_net;
}
static struct dentry *proc_net_lookup(struct inode *dir, struct dentry *dentry,
struct nameidata *nd)
{
struct net *net = current->nsproxy->net_ns;
struct dentry *shadow;
shadow = proc_net_shadow_dentry(nd->dentry, net->proc_net);
if (!shadow)
return ERR_PTR(-ENOENT);
dput(nd->dentry);
nd->dentry = shadow;
return shadow->d_inode->i_op->lookup(shadow->d_inode, dentry, nd);
}
static int proc_net_setattr(struct dentry *dentry, struct iattr *iattr)
{
struct net *net = current->nsproxy->net_ns;
struct dentry *shadow;
int ret;
shadow = proc_net_shadow_dentry(dentry->d_parent, net->proc_net);
if (!shadow)
return -ENOENT;
ret = shadow->d_inode->i_op->setattr(shadow, iattr);
dput(shadow);
return ret;
}
static const struct file_operations proc_net_dir_operations = {
.read = generic_read_dir,
};
static struct inode_operations proc_net_dir_inode_operations = {
.follow_link = proc_net_follow_link,
.lookup = proc_net_lookup,
.setattr = proc_net_setattr,
};
static __net_init int proc_net_ns_init(struct net *net)
{
struct proc_dir_entry *root, *netd, *net_statd;
......@@ -185,9 +110,8 @@ static struct pernet_operations __net_initdata proc_net_ns_ops = {
int __init proc_net_init(void)
{
proc_net_shadow = proc_mkdir("net", NULL);
proc_net_shadow->proc_iops = &proc_net_dir_inode_operations;
proc_net_shadow->proc_fops = &proc_net_dir_operations;
shadow_pde = proc_mkdir("net", NULL);
shadow_pde->shadow_proc = proc_net_shadow;
return register_pernet_subsys(&proc_net_ns_ops);
}
......@@ -48,6 +48,8 @@ typedef int (read_proc_t)(char *page, char **start, off_t off,
typedef int (write_proc_t)(struct file *file, const char __user *buffer,
unsigned long count, void *data);
typedef int (get_info_t)(char *, char **, off_t, int);
typedef struct proc_dir_entry *(shadow_proc_t)(struct task_struct *task,
struct proc_dir_entry *pde);
struct proc_dir_entry {
unsigned int low_ino;
......@@ -79,6 +81,7 @@ struct proc_dir_entry {
int pde_users; /* number of callers into module in progress */
spinlock_t pde_unload_lock; /* proc_fops checks and pde_users bumps */
struct completion *pde_unload_completion;
shadow_proc_t *shadow_proc;
};
struct kcore_list {
......
......@@ -441,11 +441,14 @@ enum {
SCTP_AUTH_HMAC_ID_RESERVED_0,
SCTP_AUTH_HMAC_ID_SHA1,
SCTP_AUTH_HMAC_ID_RESERVED_2,
SCTP_AUTH_HMAC_ID_SHA256
#if defined (CONFIG_CRYPTO_SHA256) || defined (CONFIG_CRYPTO_SHA256_MODULE)
SCTP_AUTH_HMAC_ID_SHA256,
#endif
__SCTP_AUTH_HMAC_MAX
};
#define SCTP_AUTH_HMAC_ID_MAX SCTP_AUTH_HMAC_ID_SHA256
#define SCTP_AUTH_NUM_HMACS (SCTP_AUTH_HMAC_ID_SHA256 + 1)
#define SCTP_AUTH_HMAC_ID_MAX __SCTP_AUTH_HMAC_MAX - 1
#define SCTP_AUTH_NUM_HMACS __SCTP_AUTH_HMAC_MAX
#define SCTP_SHA1_SIG_SIZE 20
#define SCTP_SHA256_SIG_SIZE 32
......
......@@ -7,7 +7,7 @@
* 2 of the License, or (at your option) any later version.
*
* Authors: Thomas Graf <tgraf@suug.ch>
* Pablo Neira Ayuso <pablo@eurodev.net>
* Pablo Neira Ayuso <pablo@netfilter.org>
*
* ==========================================================================
*
......@@ -250,7 +250,8 @@ unsigned int textsearch_find_continuous(struct ts_config *conf,
* the various search algorithms.
*
* Returns a new textsearch configuration according to the specified
* parameters or a ERR_PTR().
* parameters or a ERR_PTR(). If a zero length pattern is passed, this
* function returns EINVAL.
*/
struct ts_config *textsearch_prepare(const char *algo, const void *pattern,
unsigned int len, gfp_t gfp_mask, int flags)
......@@ -259,6 +260,9 @@ struct ts_config *textsearch_prepare(const char *algo, const void *pattern,
struct ts_config *conf;
struct ts_ops *ops;
if (len == 0)
return ERR_PTR(-EINVAL);
ops = lookup_ts_algo(algo);
#ifdef CONFIG_KMOD
/*
......
......@@ -462,7 +462,8 @@ int vlan_dev_hard_start_xmit(struct sk_buff *skb, struct net_device *dev)
* OTHER THINGS LIKE FDDI/TokenRing/802.3 SNAPs...
*/
if (veth->h_vlan_proto != htons(ETH_P_8021Q)) {
if (veth->h_vlan_proto != htons(ETH_P_8021Q) ||
VLAN_DEV_INFO(dev)->flags & VLAN_FLAG_REORDER_HDR) {
int orig_headroom = skb_headroom(skb);
unsigned short veth_TCI;
......
......@@ -39,7 +39,7 @@ static int __init br_init(void)
err = br_fdb_init();
if (err)
goto err_out1;
goto err_out;
err = br_netfilter_init();
if (err)
......@@ -65,6 +65,8 @@ static int __init br_init(void)
err_out2:
br_netfilter_fini();
err_out1:
br_fdb_fini();
err_out:
llc_sap_put(br_stp_sap);
return err;
}
......
......@@ -122,6 +122,7 @@ static inline int is_link_local(const unsigned char *dest)
struct sk_buff *br_handle_frame(struct net_bridge_port *p, struct sk_buff *skb)
{
const unsigned char *dest = eth_hdr(skb)->h_dest;
int (*rhook)(struct sk_buff *skb);
if (!is_valid_ether_addr(eth_hdr(skb)->h_source))
goto drop;
......@@ -147,9 +148,9 @@ struct sk_buff *br_handle_frame(struct net_bridge_port *p, struct sk_buff *skb)
switch (p->state) {
case BR_STATE_FORWARDING:
if (br_should_route_hook) {
if (br_should_route_hook(skb))
rhook = rcu_dereference(br_should_route_hook);
if (rhook != NULL) {
if (rhook(skb))
return skb;
dest = eth_hdr(skb)->h_dest;
}
......
......@@ -70,13 +70,13 @@ static int __init ebtable_broute_init(void)
if (ret < 0)
return ret;
/* see br_input.c */
br_should_route_hook = ebt_broute;
rcu_assign_pointer(br_should_route_hook, ebt_broute);
return ret;
}
static void __exit ebtable_broute_fini(void)
{
br_should_route_hook = NULL;
rcu_assign_pointer(br_should_route_hook, NULL);
synchronize_net();
ebt_unregister_table(&broute_table);
}
......
......@@ -651,16 +651,18 @@ static int dn_nl_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
struct dn_dev *dn_db;
struct ifaddrmsg *ifm;
struct dn_ifaddr *ifa, **ifap;
int err = -EADDRNOTAVAIL;
int err;
err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, dn_ifa_policy);
if (err < 0)
goto errout;
err = -ENODEV;
ifm = nlmsg_data(nlh);
if ((dn_db = dn_dev_by_index(ifm->ifa_index)) == NULL)
goto errout;
err = -EADDRNOTAVAIL;
for (ifap = &dn_db->ifa_list; (ifa = *ifap); ifap = &ifa->ifa_next) {
if (tb[IFA_LOCAL] &&
nla_memcmp(tb[IFA_LOCAL], &ifa->ifa_local, 2))
......
......@@ -144,7 +144,8 @@ static int ieee80211_copy_snap(u8 * data, u16 h_proto)
snap->oui[1] = oui[1];
snap->oui[2] = oui[2];
*(u16 *) (data + SNAP_SIZE) = htons(h_proto);
h_proto = htons(h_proto);
memcpy(data + SNAP_SIZE, &h_proto, sizeof(u16));
return SNAP_SIZE + sizeof(u16);
}
......
......@@ -51,6 +51,29 @@ static struct sock *idiagnl;
#define INET_DIAG_PUT(skb, attrtype, attrlen) \
RTA_DATA(__RTA_PUT(skb, attrtype, attrlen))
static DEFINE_MUTEX(inet_diag_table_mutex);
static const struct inet_diag_handler *inet_diag_lock_handler(int type)
{
#ifdef CONFIG_KMOD
if (!inet_diag_table[type])
request_module("net-pf-%d-proto-%d-type-%d", PF_NETLINK,
NETLINK_INET_DIAG, type);
#endif
mutex_lock(&inet_diag_table_mutex);
if (!inet_diag_table[type])
return ERR_PTR(-ENOENT);
return inet_diag_table[type];
}
static inline void inet_diag_unlock_handler(
const struct inet_diag_handler *handler)
{
mutex_unlock(&inet_diag_table_mutex);
}
static int inet_csk_diag_fill(struct sock *sk,
struct sk_buff *skb,
int ext, u32 pid, u32 seq, u16 nlmsg_flags,
......@@ -235,9 +258,12 @@ static int inet_diag_get_exact(struct sk_buff *in_skb,
struct inet_hashinfo *hashinfo;
const struct inet_diag_handler *handler;
handler = inet_diag_table[nlh->nlmsg_type];
BUG_ON(handler == NULL);
handler = inet_diag_lock_handler(nlh->nlmsg_type);
if (!handler)
return -ENOENT;
hashinfo = handler->idiag_hashinfo;
err = -EINVAL;
if (req->idiag_family == AF_INET) {
sk = inet_lookup(hashinfo, req->id.idiag_dst[0],
......@@ -255,11 +281,12 @@ static int inet_diag_get_exact(struct sk_buff *in_skb,
}
#endif
else {
return -EINVAL;
goto unlock;
}
err = -ENOENT;
if (sk == NULL)
return -ENOENT;
goto unlock;
err = -ESTALE;
if ((req->id.idiag_cookie[0] != INET_DIAG_NOCOOKIE ||
......@@ -296,6 +323,8 @@ static int inet_diag_get_exact(struct sk_buff *in_skb,
else
sock_put(sk);
}
unlock:
inet_diag_unlock_handler(handler);
return err;
}
......@@ -678,8 +707,10 @@ static int inet_diag_dump(struct sk_buff *skb, struct netlink_callback *cb)
const struct inet_diag_handler *handler;
struct inet_hashinfo *hashinfo;
handler = inet_diag_table[cb->nlh->nlmsg_type];
BUG_ON(handler == NULL);
handler = inet_diag_lock_handler(cb->nlh->nlmsg_type);
if (!handler)
goto no_handler;
hashinfo = handler->idiag_hashinfo;
s_i = cb->args[1];
......@@ -743,7 +774,7 @@ static int inet_diag_dump(struct sk_buff *skb, struct netlink_callback *cb)
}
if (!(r->idiag_states & ~(TCPF_LISTEN | TCPF_SYN_RECV)))
return skb->len;
goto unlock;
for (i = s_i; i < hashinfo->ehash_size; i++) {
struct inet_ehash_bucket *head = &hashinfo->ehash[i];
......@@ -805,6 +836,9 @@ static int inet_diag_dump(struct sk_buff *skb, struct netlink_callback *cb)
done:
cb->args[1] = i;
cb->args[2] = num;
unlock:
inet_diag_unlock_handler(handler);
no_handler:
return skb->len;
}
......@@ -816,15 +850,6 @@ static int inet_diag_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
nlmsg_len(nlh) < hdrlen)
return -EINVAL;
#ifdef CONFIG_KMOD
if (inet_diag_table[nlh->nlmsg_type] == NULL)
request_module("net-pf-%d-proto-%d-type-%d", PF_NETLINK,
NETLINK_INET_DIAG, nlh->nlmsg_type);
#endif
if (inet_diag_table[nlh->nlmsg_type] == NULL)
return -ENOENT;
if (nlh->nlmsg_flags & NLM_F_DUMP) {
if (nlmsg_attrlen(nlh, hdrlen)) {
struct nlattr *attr;
......@@ -853,8 +878,6 @@ static void inet_diag_rcv(struct sk_buff *skb)
mutex_unlock(&inet_diag_mutex);
}
static DEFINE_SPINLOCK(inet_diag_register_lock);
int inet_diag_register(const struct inet_diag_handler *h)
{
const __u16 type = h->idiag_type;
......@@ -863,13 +886,13 @@ int inet_diag_register(const struct inet_diag_handler *h)
if (type >= INET_DIAG_GETSOCK_MAX)
goto out;
spin_lock(&inet_diag_register_lock);
mutex_lock(&inet_diag_table_mutex);
err = -EEXIST;
if (inet_diag_table[type] == NULL) {
inet_diag_table[type] = h;
err = 0;
}
spin_unlock(&inet_diag_register_lock);
mutex_unlock(&inet_diag_table_mutex);
out:
return err;
}
......@@ -882,11 +905,9 @@ void inet_diag_unregister(const struct inet_diag_handler *h)
if (type >= INET_DIAG_GETSOCK_MAX)
return;
spin_lock(&inet_diag_register_lock);
mutex_lock(&inet_diag_table_mutex);
inet_diag_table[type] = NULL;
spin_unlock(&inet_diag_register_lock);
synchronize_rcu();
mutex_unlock(&inet_diag_table_mutex);
}
EXPORT_SYMBOL_GPL(inet_diag_unregister);
......
......@@ -298,7 +298,7 @@ static u32 tcp_illinois_ssthresh(struct sock *sk)
struct illinois *ca = inet_csk_ca(sk);
/* Multiplicative decrease */
return max((tp->snd_cwnd * ca->beta) >> BETA_SHIFT, 2U);
return max(tp->snd_cwnd - ((tp->snd_cwnd * ca->beta) >> BETA_SHIFT), 2U);
}
......
......@@ -2293,6 +2293,9 @@ static int addrconf_notify(struct notifier_block *this, unsigned long event,
break;
}
if (!idev && dev->mtu >= IPV6_MIN_MTU)
idev = ipv6_add_dev(dev);
if (idev)
idev->if_flags |= IF_READY;
} else {
......@@ -2357,12 +2360,18 @@ static int addrconf_notify(struct notifier_block *this, unsigned long event,
break;
case NETDEV_CHANGEMTU:
if ( idev && dev->mtu >= IPV6_MIN_MTU) {
if (idev && dev->mtu >= IPV6_MIN_MTU) {
rt6_mtu_change(dev, dev->mtu);
idev->cnf.mtu6 = dev->mtu;
break;
}
if (!idev && dev->mtu >= IPV6_MIN_MTU) {
idev = ipv6_add_dev(dev);
if (idev)
break;
}
/* MTU falled under IPV6_MIN_MTU. Stop IPv6 on this interface. */
case NETDEV_DOWN:
......
......@@ -216,6 +216,7 @@ static int ieee80211_open(struct net_device *dev)
res = local->ops->start(local_to_hw(local));
if (res)
return res;
ieee80211_hw_config(local);
}
switch (sdata->type) {
......@@ -232,7 +233,6 @@ static int ieee80211_open(struct net_device *dev)
netif_tx_unlock_bh(local->mdev);
local->hw.conf.flags |= IEEE80211_CONF_RADIOTAP;
ieee80211_hw_config(local);
}
break;
case IEEE80211_IF_TYPE_STA:
......@@ -334,8 +334,7 @@ static int ieee80211_stop(struct net_device *dev)
ieee80211_configure_filter(local);
netif_tx_unlock_bh(local->mdev);
local->hw.conf.flags |= IEEE80211_CONF_RADIOTAP;
ieee80211_hw_config(local);
local->hw.conf.flags &= ~IEEE80211_CONF_RADIOTAP;
}
break;
case IEEE80211_IF_TYPE_STA:
......@@ -357,6 +356,11 @@ static int ieee80211_stop(struct net_device *dev)
cancel_delayed_work(&local->scan_work);
}
flush_workqueue(local->hw.workqueue);
sdata->u.sta.flags &= ~IEEE80211_STA_PRIVACY_INVOKED;
kfree(sdata->u.sta.extra_ie);
sdata->u.sta.extra_ie = NULL;
sdata->u.sta.extra_ie_len = 0;
/* fall through */
default:
conf.if_id = dev->ifindex;
......
......@@ -997,7 +997,7 @@ ieee80211_rx_h_drop_unencrypted(struct ieee80211_txrx_data *rx)
if (unlikely(!(rx->fc & IEEE80211_FCTL_PROTECTED) &&
(rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA &&
(rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_NULLFUNC &&
rx->sdata->drop_unencrypted &&
(rx->key || rx->sdata->drop_unencrypted) &&
(rx->sdata->eapol == 0 || !ieee80211_is_eapol(rx->skb)))) {
if (net_ratelimit())
printk(KERN_DEBUG "%s: RX non-WEP frame, but expected "
......
......@@ -265,7 +265,8 @@ int ieee80211_wep_decrypt(struct ieee80211_local *local, struct sk_buff *skb,
if (ieee80211_wep_decrypt_data(local->wep_rx_tfm, rc4key, klen,
skb->data + hdrlen + WEP_IV_LEN,
len)) {
printk(KERN_DEBUG "WEP decrypt failed (ICV)\n");
if (net_ratelimit())
printk(KERN_DEBUG "WEP decrypt failed (ICV)\n");
ret = -1;
}
......
......@@ -86,11 +86,6 @@ checkentry(const char *tablename,
{
const struct xt_connmark_target_info *matchinfo = targinfo;
if (nf_ct_l3proto_try_module_get(target->family) < 0) {
printk(KERN_WARNING "can't load conntrack support for "
"proto=%d\n", target->family);
return false;
}
if (matchinfo->mode == XT_CONNMARK_RESTORE) {
if (strcmp(tablename, "mangle") != 0) {
printk(KERN_WARNING "CONNMARK: restore can only be "
......@@ -103,6 +98,11 @@ checkentry(const char *tablename,
printk(KERN_WARNING "CONNMARK: Only supports 32bit mark\n");
return false;
}
if (nf_ct_l3proto_try_module_get(target->family) < 0) {
printk(KERN_WARNING "can't load conntrack support for "
"proto=%d\n", target->family);
return false;
}
return true;
}
......
......@@ -90,11 +90,6 @@ static bool checkentry(const char *tablename, const void *entry,
{
const struct xt_connsecmark_target_info *info = targinfo;
if (nf_ct_l3proto_try_module_get(target->family) < 0) {
printk(KERN_WARNING "can't load conntrack support for "
"proto=%d\n", target->family);
return false;
}
switch (info->mode) {
case CONNSECMARK_SAVE:
case CONNSECMARK_RESTORE:
......@@ -105,6 +100,11 @@ static bool checkentry(const char *tablename, const void *entry,
return false;
}
if (nf_ct_l3proto_try_module_get(target->family) < 0) {
printk(KERN_WARNING "can't load conntrack support for "
"proto=%d\n", target->family);
return false;
}
return true;
}
......
......@@ -174,10 +174,8 @@ xt_tcpmss_target6(struct sk_buff *skb,
nexthdr = ipv6h->nexthdr;
tcphoff = ipv6_skip_exthdr(skb, sizeof(*ipv6h), &nexthdr);
if (tcphoff < 0) {
WARN_ON(1);
if (tcphoff < 0)
return NF_DROP;
}
ret = tcpmss_mangle_packet(skb, targinfo, tcphoff,
sizeof(*ipv6h) + sizeof(struct tcphdr));
if (ret < 0)
......
......@@ -60,11 +60,7 @@ static void rfkill_led_trigger(struct rfkill *rfkill,
static int rfkill_toggle_radio(struct rfkill *rfkill,
enum rfkill_state state)
{
int retval;
retval = mutex_lock_interruptible(&rfkill->mutex);
if (retval)
return retval;
int retval = 0;
if (state != rfkill->state) {
retval = rfkill->toggle_radio(rfkill->data, state);
......@@ -74,7 +70,6 @@ static int rfkill_toggle_radio(struct rfkill *rfkill,
}
}
mutex_unlock(&rfkill->mutex);
return retval;
}
......@@ -158,12 +153,13 @@ static ssize_t rfkill_state_store(struct device *dev,
if (!capable(CAP_NET_ADMIN))
return -EPERM;
if (mutex_lock_interruptible(&rfkill->mutex))
return -ERESTARTSYS;
error = rfkill_toggle_radio(rfkill,
state ? RFKILL_STATE_ON : RFKILL_STATE_OFF);
if (error)
return error;
mutex_unlock(&rfkill->mutex);
return count;
return error ? error : count;
}
static ssize_t rfkill_claim_show(struct device *dev,
......
......@@ -5,6 +5,7 @@
config AF_RXRPC
tristate "RxRPC session sockets"
depends on INET && EXPERIMENTAL
select CRYPTO
select KEYS
help
Say Y or M here to include support for RxRPC session sockets (just
......
......@@ -6,9 +6,9 @@ menuconfig IP_SCTP
tristate "The SCTP Protocol (EXPERIMENTAL)"
depends on INET && EXPERIMENTAL
depends on IPV6 || IPV6=n
select CRYPTO if SCTP_HMAC_SHA1 || SCTP_HMAC_MD5
select CRYPTO_HMAC if SCTP_HMAC_SHA1 || SCTP_HMAC_MD5
select CRYPTO_SHA1 if SCTP_HMAC_SHA1
select CRYPTO
select CRYPTO_HMAC
select CRYPTO_SHA1
select CRYPTO_MD5 if SCTP_HMAC_MD5
---help---
Stream Control Transmission Protocol
......
......@@ -54,11 +54,13 @@ static struct sctp_hmac sctp_hmac_list[SCTP_AUTH_NUM_HMACS] = {
/* id 2 is reserved as well */
.hmac_id = SCTP_AUTH_HMAC_ID_RESERVED_2,
},
#if defined (CONFIG_CRYPTO_SHA256) || defined (CONFIG_CRYPTO_SHA256_MODULE)
{
.hmac_id = SCTP_AUTH_HMAC_ID_SHA256,
.hmac_name="hmac(sha256)",
.hmac_len = SCTP_SHA256_SIG_SIZE,
}
#endif
};
......@@ -631,7 +633,7 @@ static int __sctp_auth_cid(sctp_cid_t chunk, struct sctp_chunks_param *param)
int found = 0;
int i;
if (!param)
if (!param || param->param_hdr.length == 0)
return 0;
len = ntohs(param->param_hdr.length) - sizeof(sctp_paramhdr_t);
......
......@@ -77,6 +77,8 @@ static int sctp_process_param(struct sctp_association *asoc,
union sctp_params param,
const union sctp_addr *peer_addr,
gfp_t gfp);
static void *sctp_addto_param(struct sctp_chunk *chunk, int len,
const void *data);
/* What was the inbound interface for this chunk? */
int sctp_chunk_iif(const struct sctp_chunk *chunk)
......@@ -207,11 +209,7 @@ struct sctp_chunk *sctp_make_init(const struct sctp_association *asoc,
chunksize = sizeof(init) + addrs_len + SCTP_SAT_LEN(num_types);
chunksize += sizeof(ecap_param);
if (sctp_prsctp_enable) {
chunksize += sizeof(prsctp_param);
extensions[num_ext] = SCTP_CID_FWD_TSN;
num_ext += 1;
}
/* ADDIP: Section 4.2.7:
* An implementation supporting this extension [ADDIP] MUST list
* the ASCONF,the ASCONF-ACK, and the AUTH chunks in its INIT and
......@@ -243,7 +241,7 @@ struct sctp_chunk *sctp_make_init(const struct sctp_association *asoc,
if (auth_chunks->length)
chunksize += ntohs(auth_chunks->length);
else
auth_hmacs = NULL;
auth_chunks = NULL;
extensions[num_ext] = SCTP_CID_AUTH;
num_ext += 1;
......@@ -297,7 +295,7 @@ struct sctp_chunk *sctp_make_init(const struct sctp_association *asoc,
htons(sizeof(sctp_supported_ext_param_t) + num_ext);
sctp_addto_chunk(retval, sizeof(sctp_supported_ext_param_t),
&ext_param);
sctp_addto_chunk(retval, num_ext, extensions);
sctp_addto_param(retval, num_ext, extensions);
}
if (sctp_prsctp_enable)
......@@ -371,20 +369,12 @@ struct sctp_chunk *sctp_make_init_ack(const struct sctp_association *asoc,
if (asoc->peer.ecn_capable)
chunksize += sizeof(ecap_param);
/* Tell peer that we'll do PR-SCTP only if peer advertised. */
if (asoc->peer.prsctp_capable) {
chunksize += sizeof(prsctp_param);
extensions[num_ext] = SCTP_CID_FWD_TSN;
num_ext += 1;
}
if (sctp_addip_enable) {
extensions[num_ext] = SCTP_CID_ASCONF;
extensions[num_ext+1] = SCTP_CID_ASCONF_ACK;
num_ext += 2;
}
chunksize += sizeof(ext_param) + num_ext;
chunksize += sizeof(aiparam);
if (asoc->peer.auth_capable) {
......@@ -407,6 +397,9 @@ struct sctp_chunk *sctp_make_init_ack(const struct sctp_association *asoc,
num_ext += 1;
}
if (num_ext)
chunksize += sizeof(sctp_supported_ext_param_t) + num_ext;
/* Now allocate and fill out the chunk. */
retval = sctp_make_chunk(asoc, SCTP_CID_INIT_ACK, 0, chunksize);
if (!retval)
......@@ -428,7 +421,7 @@ struct sctp_chunk *sctp_make_init_ack(const struct sctp_association *asoc,
htons(sizeof(sctp_supported_ext_param_t) + num_ext);
sctp_addto_chunk(retval, sizeof(sctp_supported_ext_param_t),
&ext_param);
sctp_addto_chunk(retval, num_ext, extensions);
sctp_addto_param(retval, num_ext, extensions);
}
if (asoc->peer.prsctp_capable)
sctp_addto_chunk(retval, sizeof(prsctp_param), &prsctp_param);
......
......@@ -959,7 +959,7 @@ sctp_disposition_t sctp_sf_sendbeat_8_3(const struct sctp_endpoint *ep,
{
struct sctp_transport *transport = (struct sctp_transport *) arg;
if (asoc->overall_error_count >= asoc->max_retrans) {
if (asoc->overall_error_count > asoc->max_retrans) {
sctp_add_cmd_sf(commands, SCTP_CMD_SET_SK_ERR,
SCTP_ERROR(ETIMEDOUT));
/* CMD_ASSOC_FAILED calls CMD_DELETE_TCB. */
......
......@@ -1637,8 +1637,15 @@ static int unix_dgram_recvmsg(struct kiocb *iocb, struct socket *sock,
mutex_lock(&u->readlock);
skb = skb_recv_datagram(sk, flags, noblock, &err);
if (!skb)
if (!skb) {
unix_state_lock(sk);
/* Signal EOF on disconnected non-blocking SEQPACKET socket. */
if (sk->sk_type == SOCK_SEQPACKET && err == -EAGAIN &&
(sk->sk_shutdown & RCV_SHUTDOWN))
err = 0;
unix_state_unlock(sk);
goto out_unlock;
}
wake_up_interruptible_sync(&u->peer_wait);
......
......@@ -1344,6 +1344,7 @@ int __xfrm_lookup(struct dst_entry **dst_p, struct flowi *fl,
xfrm_nr += pols[0]->xfrm_nr;
switch (policy->action) {
default:
case XFRM_POLICY_BLOCK:
/* Prohibit the flow */
err = -EPERM;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册