1. 25 1月, 2008 2 次提交
  2. 21 1月, 2008 1 次提交
    • P
      [NETFILTER]: bridge-netfilter: fix net_device refcnt leaks · 2dc2f207
      Patrick McHardy 提交于
      When packets are flood-forwarded to multiple output devices, the
      bridge-netfilter code reuses skb->nf_bridge for each clone to store
      the bridge port. When queueing packets using NFQUEUE netfilter takes
      a reference to skb->nf_bridge->physoutdev, which is overwritten
      when the packet is forwarded to the second port. This causes
      refcount unterflows for the first device and refcount leaks for all
      others. Additionally this provides incorrect data to the iptables
      physdev match.
      
      Unshare skb->nf_bridge by copying it if it is shared before assigning
      the physoutdev device.
      
      Reported, tested and based on initial patch by
      Jan Christoph Nordholz <hesso@pool.math.tu-berlin.de>.
      Signed-off-by: NPatrick McHardy <kaber@trash.net>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      2dc2f207
  3. 12 1月, 2008 1 次提交
    • P
      [NETFILTER]: bridge: fix double POST_ROUTING invocation · 2948d2eb
      Patrick McHardy 提交于
      The bridge code incorrectly causes two POST_ROUTING hook invocations
      for DNATed packets that end up on the same bridge device. This
      happens because packets with a changed destination address are passed
      to dst_output() to make them go through the neighbour output function
      again to build a new destination MAC address, before they will continue
      through the IP hooks simulated by bridge netfilter.
      
      The resulting hook order is:
       PREROUTING	(bridge netfilter)
       POSTROUTING	(dst_output -> ip_output)
       FORWARD	(bridge netfilter)
       POSTROUTING	(bridge netfilter)
      
      The deferred hooks used to abort the first POST_ROUTING invocation,
      but since the only thing bridge netfilter actually really wants is
      a new MAC address, we can avoid going through the IP stack completely
      by simply calling the neighbour output function directly.
      
      Tested, reported and lots of data provided by: Damien Thebault <damien.thebault@gmail.com>
      Signed-off-by: NPatrick McHardy <kaber@trash.net>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      2948d2eb
  4. 17 12月, 2007 1 次提交
  5. 07 12月, 2007 1 次提交
  6. 29 11月, 2007 2 次提交
  7. 20 11月, 2007 1 次提交
  8. 13 11月, 2007 1 次提交
  9. 07 11月, 2007 1 次提交
  10. 20 10月, 2007 1 次提交
  11. 16 10月, 2007 4 次提交
  12. 13 10月, 2007 1 次提交
  13. 11 10月, 2007 8 次提交
    • J
      [NETFILTER]: bridge: remove broken netfilter binary sysctls · 58711741
      Joseph Fannin 提交于
      The netfilter sysctls in the bridging code don't set strategy routines:
      
       sysctl table check failed: /net/bridge/bridge-nf-call-arptables .3.10.1 Missing strategy
       sysctl table check failed: /net/bridge/bridge-nf-call-iptables .3.10.2 Missing strategy
       sysctl table check failed: /net/bridge/bridge-nf-call-ip6tables .3.10.3 Missing strategy
       sysctl table check failed: /net/bridge/bridge-nf-filter-vlan-tagged .3.10.4 Missing strategy
       sysctl table check failed: /net/bridge/bridge-nf-filter-pppoe-tagged .3.10.5 Missing strategy
      
          These binary sysctls can't work. The binary sysctl numbers of
      other netfilter sysctls with this problem are being removed.  These
      need to go as well.
      Signed-off-by: NJoseph Fannin <jfannin@gmail.com>
      Acked-by: N"Eric W. Biederman" <ebiederm@xmission.com>
      Signed-off-by: NPatrick McHardy <kaber@trash.net>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      58711741
    • J
      [ETHTOOL] Provide default behaviors for a few ethtool sub-ioctls · 88d3aafd
      Jeff Garzik 提交于
      For the operations
      	get-tx-csum
      	get-sg
      	get-tso
      	get-ufo
      the default ethtool_op_xxx behavior is fine for all drivers, so we
      permit op==NULL to imply the default behavior.
      
      This provides a more uniform behavior across all drivers, eliminating
      ethtool(8) "ioctl not supported" errors on older drivers that had
      not been updated for the latest sub-ioctls.
      
      The ethtool_op_xxx() functions are left exported, in case anyone
      wishes to call them directly from a driver-private implementation --
      a not-uncommon case.  Should an ethtool_op_xxx() helper remain unused
      for a while, except by net/core/ethtool.c, we can un-export it at a
      later date.
      
      [ Resolved conflicts with set/get value ethtool patch... -DaveM ]
      Signed-off-by: NJeff Garzik <jeff@garzik.org>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      88d3aafd
    • R
      [NET]: Nuke SET_MODULE_OWNER macro. · 10d024c1
      Ralf Baechle 提交于
      It's been a useless no-op for long enough in 2.6 so I figured it's time to
      remove it.  The number of people that could object because they're
      maintaining unified 2.4 and 2.6 drivers is probably rather small.
      
      [ Handled drivers added by netdev tree and some missed IRDA cases... -DaveM ]
      Signed-off-by: NRalf Baechle <ralf@linux-mips.org>
      Signed-off-by: NJeff Garzik <jeff@garzik.org>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      10d024c1
    • E
      [NET]: Make the device list and device lookups per namespace. · 881d966b
      Eric W. Biederman 提交于
      This patch makes most of the generic device layer network
      namespace safe.  This patch makes dev_base_head a
      network namespace variable, and then it picks up
      a few associated variables.  The functions:
      dev_getbyhwaddr
      dev_getfirsthwbytype
      dev_get_by_flags
      dev_get_by_name
      __dev_get_by_name
      dev_get_by_index
      __dev_get_by_index
      dev_ioctl
      dev_ethtool
      dev_load
      wireless_process_ioctl
      
      were modified to take a network namespace argument, and
      deal with it.
      
      vlan_ioctl_set and brioctl_set were modified so their
      hooks will receive a network namespace argument.
      
      So basically anthing in the core of the network stack that was
      affected to by the change of dev_base was modified to handle
      multiple network namespaces.  The rest of the network stack was
      simply modified to explicitly use &init_net the initial network
      namespace.  This can be fixed when those components of the network
      stack are modified to handle multiple network namespaces.
      
      For now the ifindex generator is left global.
      
      Fundametally ifindex numbers are per namespace, or else
      we will have corner case problems with migration when
      we get that far.
      
      At the same time there are assumptions in the network stack
      that the ifindex of a network device won't change.  Making
      the ifindex number global seems a good compromise until
      the network stack can cope with ifindex changes when
      you change namespaces, and the like.
      Signed-off-by: NEric W. Biederman <ebiederm@xmission.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      881d966b
    • E
      [NET]: Support multiple network namespaces with netlink · b4b51029
      Eric W. Biederman 提交于
      Each netlink socket will live in exactly one network namespace,
      this includes the controlling kernel sockets.
      
      This patch updates all of the existing netlink protocols
      to only support the initial network namespace.  Request
      by clients in other namespaces will get -ECONREFUSED.
      As they would if the kernel did not have the support for
      that netlink protocol compiled in.
      
      As each netlink protocol is updated to be multiple network
      namespace safe it can register multiple kernel sockets
      to acquire a presence in the rest of the network namespaces.
      
      The implementation in af_netlink is a simple filter implementation
      at hash table insertion and hash table look up time.
      Signed-off-by: NEric W. Biederman <ebiederm@xmission.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      b4b51029
    • E
      [NET]: Make device event notification network namespace safe · e9dc8653
      Eric W. Biederman 提交于
      Every user of the network device notifiers is either a protocol
      stack or a pseudo device.  If a protocol stack that does not have
      support for multiple network namespaces receives an event for a
      device that is not in the initial network namespace it quite possibly
      can get confused and do the wrong thing.
      
      To avoid problems until all of the protocol stacks are converted
      this patch modifies all netdev event handlers to ignore events on
      devices that are not in the initial network namespace.
      
      As the rest of the code is made network namespace aware these
      checks can be removed.
      Signed-off-by: NEric W. Biederman <ebiederm@xmission.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      e9dc8653
    • E
      [NET]: Make packet reception network namespace safe · e730c155
      Eric W. Biederman 提交于
      This patch modifies every packet receive function
      registered with dev_add_pack() to drop packets if they
      are not from the initial network namespace.
      
      This should ensure that the various network stacks do
      not receive packets in a anything but the initial network
      namespace until the code has been converted and is ready
      for them.
      Signed-off-by: NEric W. Biederman <ebiederm@xmission.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      e730c155
    • I
      [NET]: DIV_ROUND_UP cleanup (part two) · 172589cc
      Ilpo Järvinen 提交于
      Hopefully captured all single statement cases under net/. I'm
      not too sure if there is some policy about #includes that are
      "guaranteed" (ie., in the current tree) to be available through
      some other #included header, so I just added linux/kernel.h to
      each changed file that didn't #include it previously.
      Signed-off-by: NIlpo Järvinen <ilpo.jarvinen@helsinki.fi>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      172589cc
  14. 17 9月, 2007 2 次提交
  15. 11 9月, 2007 1 次提交
    • N
      [NETFILTER]: Fix/improve deadlock condition on module removal netfilter · 16fcec35
      Neil Horman 提交于
      So I've had a deadlock reported to me.  I've found that the sequence of
      events goes like this:
      
      1) process A (modprobe) runs to remove ip_tables.ko
      
      2) process B (iptables-restore) runs and calls setsockopt on a netfilter socket,
      increasing the ip_tables socket_ops use count
      
      3) process A acquires a file lock on the file ip_tables.ko, calls remove_module
      in the kernel, which in turn executes the ip_tables module cleanup routine,
      which calls nf_unregister_sockopt
      
      4) nf_unregister_sockopt, seeing that the use count is non-zero, puts the
      calling process into uninterruptible sleep, expecting the process using the
      socket option code to wake it up when it exits the kernel
      
      4) the user of the socket option code (process B) in do_ipt_get_ctl, calls
      ipt_find_table_lock, which in this case calls request_module to load
      ip_tables_nat.ko
      
      5) request_module forks a copy of modprobe (process C) to load the module and
      blocks until modprobe exits.
      
      6) Process C. forked by request_module process the dependencies of
      ip_tables_nat.ko, of which ip_tables.ko is one.
      
      7) Process C attempts to lock the request module and all its dependencies, it
      blocks when it attempts to lock ip_tables.ko (which was previously locked in
      step 3)
      
      Theres not really any great permanent solution to this that I can see, but I've
      developed a two part solution that corrects the problem
      
      Part 1) Modifies the nf_sockopt registration code so that, instead of using a
      use counter internal to the nf_sockopt_ops structure, we instead use a pointer
      to the registering modules owner to do module reference counting when nf_sockopt
      calls a modules set/get routine.  This prevents the deadlock by preventing set 4
      from happening.
      
      Part 2) Enhances the modprobe utilty so that by default it preforms non-blocking
      remove operations (the same way rmmod does), and add an option to explicity
      request blocking operation.  So if you select blocking operation in modprobe you
      can still cause the above deadlock, but only if you explicity try (and since
      root can do any old stupid thing it would like....  :)  ).
      Signed-off-by: NNeil Horman <nhorman@tuxdriver.com>
      Signed-off-by: NPatrick McHardy <kaber@trash.net>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      16fcec35
  16. 31 8月, 2007 2 次提交
  17. 27 8月, 2007 1 次提交
    • E
      [VLAN/BRIDGE]: Fix "skb_pull_rcsum - Fatal exception in interrupt" · e7c243c9
      Evgeniy Polyakov 提交于
      I tried to preserve bridging code as it was before, but logic is quite
      strange - I think we should free skb on error, since it is already
      unshared and thus will just leak.
      
      Herbert Xu states:
      
      > +	if ((skb = skb_share_check(skb, GFP_ATOMIC)) == NULL)
      > +		goto out;
      
      If this happens it'll be a double-free on skb since we'll
      return NF_DROP which makes the caller free it too.
      
      We could return NF_STOLEN to prevent that but I'm not sure
      whether that's correct netfilter semantics.  Patrick, could
      you please make a call on this?
      
      Patrick McHardy states:
      
      NF_STOLEN should work fine here.
      Signed-off-by: NEvgeniy Polyakov <johnpol@2ka.mipt.ru>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      e7c243c9
  18. 20 8月, 2007 1 次提交
  19. 15 8月, 2007 2 次提交
  20. 14 8月, 2007 1 次提交
  21. 01 8月, 2007 1 次提交
    • M
      [NET]: ethtool ops are the only way · 61a44b9c
      Matthew Wilcox 提交于
      During the transition to the ethtool_ops way of doing things, we supported
      calling the device's ->do_ioctl method to allow unconverted drivers to
      continue working.  Those days are long behind us, all in-tree drivers
      use the ethtool_ops way, and so we no longer need to support this.
      
      The bonding driver is the biggest beneficiary of this; it no longer
      needs to call ioctl() as a fallback if ethtool_ops aren't supported.
      
      Also put a proper copyright statement on ethtool.c.
      Signed-off-by: NMatthew Wilcox <matthew@wil.cx>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      61a44b9c
  22. 27 7月, 2007 1 次提交
  23. 25 7月, 2007 2 次提交
  24. 20 7月, 2007 1 次提交
    • P
      mm: Remove slab destructors from kmem_cache_create(). · 20c2df83
      Paul Mundt 提交于
      Slab destructors were no longer supported after Christoph's
      c59def9f change. They've been
      BUGs for both slab and slub, and slob never supported them
      either.
      
      This rips out support for the dtor pointer from kmem_cache_create()
      completely and fixes up every single callsite in the kernel (there were
      about 224, not including the slab allocator definitions themselves,
      or the documentation references).
      Signed-off-by: NPaul Mundt <lethal@linux-sh.org>
      20c2df83