- 11 3月, 2013 1 次提交
-
-
由 Samuel Ortiz 提交于
They really are remote peer parameters, and we need to distinguish them from the local ones as we'll modify the latter with socket options. Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
- 28 2月, 2013 1 次提交
-
-
由 Sasha Levin 提交于
I'm not sure why, but the hlist for each entry iterators were conceived list_for_each_entry(pos, head, member) The hlist ones were greedy and wanted an extra parameter: hlist_for_each_entry(tpos, pos, head, member) Why did they need an extra pos parameter? I'm not quite sure. Not only they don't really need it, it also prevents the iterator from looking exactly like the list iterator, which is unfortunate. Besides the semantic patch, there was some manual work required: - Fix up the actual hlist iterators in linux/list.h - Fix up the declaration of other iterators based on the hlist ones. - A very small amount of places were using the 'node' parameter, this was modified to use 'obj->member' instead. - Coccinelle didn't handle the hlist_for_each_entry_safe iterator properly, so those had to be fixed up manually. The semantic patch which is mostly the work of Peter Senna Tschudin is here: @@ iterator name hlist_for_each_entry, hlist_for_each_entry_continue, hlist_for_each_entry_from, hlist_for_each_entry_rcu, hlist_for_each_entry_rcu_bh, hlist_for_each_entry_continue_rcu_bh, for_each_busy_worker, ax25_uid_for_each, ax25_for_each, inet_bind_bucket_for_each, sctp_for_each_hentry, sk_for_each, sk_for_each_rcu, sk_for_each_from, sk_for_each_safe, sk_for_each_bound, hlist_for_each_entry_safe, hlist_for_each_entry_continue_rcu, nr_neigh_for_each, nr_neigh_for_each_safe, nr_node_for_each, nr_node_for_each_safe, for_each_gfn_indirect_valid_sp, for_each_gfn_sp, for_each_host; type T; expression a,c,d,e; identifier b; statement S; @@ -T b; <+... when != b ( hlist_for_each_entry(a, - b, c, d) S | hlist_for_each_entry_continue(a, - b, c) S | hlist_for_each_entry_from(a, - b, c) S | hlist_for_each_entry_rcu(a, - b, c, d) S | hlist_for_each_entry_rcu_bh(a, - b, c, d) S | hlist_for_each_entry_continue_rcu_bh(a, - b, c) S | for_each_busy_worker(a, c, - b, d) S | ax25_uid_for_each(a, - b, c) S | ax25_for_each(a, - b, c) S | inet_bind_bucket_for_each(a, - b, c) S | sctp_for_each_hentry(a, - b, c) S | sk_for_each(a, - b, c) S | sk_for_each_rcu(a, - b, c) S | sk_for_each_from -(a, b) +(a) S + sk_for_each_from(a) S | sk_for_each_safe(a, - b, c, d) S | sk_for_each_bound(a, - b, c) S | hlist_for_each_entry_safe(a, - b, c, d, e) S | hlist_for_each_entry_continue_rcu(a, - b, c) S | nr_neigh_for_each(a, - b, c) S | nr_neigh_for_each_safe(a, - b, c, d) S | nr_node_for_each(a, - b, c) S | nr_node_for_each_safe(a, - b, c, d) S | - for_each_gfn_sp(a, c, d, b) S + for_each_gfn_sp(a, c, d) S | - for_each_gfn_indirect_valid_sp(a, c, d, b) S + for_each_gfn_indirect_valid_sp(a, c, d) S | for_each_host(a, - b, c) S | for_each_host_safe(a, - b, c, d) S | for_each_mesh_entry(a, - b, c, d) S ) ...+> [akpm@linux-foundation.org: drop bogus change from net/ipv4/raw.c] [akpm@linux-foundation.org: drop bogus hunk from net/ipv6/raw.c] [akpm@linux-foundation.org: checkpatch fixes] [akpm@linux-foundation.org: fix warnings] [akpm@linux-foudnation.org: redo intrusive kvm changes] Tested-by: NPeter Senna Tschudin <peter.senna@gmail.com> Acked-by: NPaul E. McKenney <paulmck@linux.vnet.ibm.com> Signed-off-by: NSasha Levin <sasha.levin@oracle.com> Cc: Wu Fengguang <fengguang.wu@intel.com> Cc: Marcelo Tosatti <mtosatti@redhat.com> Cc: Gleb Natapov <gleb@redhat.com> Signed-off-by: NAndrew Morton <akpm@linux-foundation.org> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
- 09 2月, 2013 1 次提交
-
-
由 Dan Carpenter 提交于
If gb_len is less than 3 it would cause an integer underflow and possibly memory corruption in nfc_llcp_parse_gb_tlv(). I removed the old test for gb_len == 0. I also removed the test for ->remote_gb == NULL. It's not possible for ->remote_gb to be NULL and we have already dereferenced ->remote_gb_len so it's too late to test. The old test return -ENODEV but my test returns -EINVAL. Signed-off-by: NDan Carpenter <dan.carpenter@oracle.com> Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
-
- 11 1月, 2013 2 次提交
-
-
由 Samuel Ortiz 提交于
Safer and more robust than than memcpy_toiovec. Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
由 Samuel Ortiz 提交于
We can cast msg_name to a sockaddr_nfc_llcp pointer directly. Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
- 10 1月, 2013 3 次提交
-
-
由 Samuel Ortiz 提交于
The reference count bump on the llcp Rx path is leading to a memory leak whenever we're not receiving an I frame. We fix that by removing the refcount bump (drivers must not free their received skb) and using it only in the I frame path, when the frame is actually queued. In that case, the skb will only be freed when someone fetches it from userspace. in all other cases, LLCP received frames will be freed when leaving the Rx work queue. Reported-by: NEric Lapuyade <eric.lapuyade@linux.intel.com> Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
由 Samuel Ortiz 提交于
Not only it was improperly use to queue backlogged RX skbuffs, but it was also not processed at all. If the socket receive queue is full we simply drop the incoming packets. Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
由 Thierry Escande 提交于
Set timestamp in sent and received sk_buffs. timestamp is then put in msghdr structure in llcp_sock_recvmsg(). Signed-off-by: NThierry Escande <thierry.escande@linux.intel.com> Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
- 14 12月, 2012 1 次提交
-
-
由 Dave Jones 提交于
This is easily triggerable when fuzz-testing as an unprivileged user. We could rate-limit it, but given we don't print similar messages for other protocols, I just removed it. Signed-off-by: NDave Jones <davej@redhat.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 29 11月, 2012 1 次提交
-
-
由 Waldemar Rymarkiewicz 提交于
nfc_llcp_ns(s) dereferences the s pointer which is freed a line above. In a result, it can produce a crash or you will read incorrect value. Signed-off-by: NWaldemar Rymarkiewicz <waldemar.rymarkiewicz@tieto.com> Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
- 20 11月, 2012 4 次提交
-
-
由 Thierry Escande 提交于
list_add was called with swapped parameters Signed-off-by: NThierry Escande <thierry.escande@linux.intel.com> Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
由 Samuel Ortiz 提交于
Drivers are allowed to modify the sent skb and thus we need to make a copy of it before passing it to the driver. Without this fix, LLCP Tx skbs were not queued properly as the ptype check was failing due to e.g. the pn533 driver skb_pushing the Tx skb. Reported-by: NThierry Escande <thierry.escande@linux.intel.com> Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
由 Samuel Ortiz 提交于
When the tx pending queues and/or the socket tx queue is getting too deep, we have to let userspace know. We won't be queueing any more frames until the congestion is fixed. Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
由 Samuel Ortiz 提交于
Using the userspace IO vector directly is wrong, we should copy it from user space first. Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
- 29 10月, 2012 1 次提交
-
-
由 Thierry Escande 提交于
NFC_CMD_LLC_GET_PARAMS: request LTO, RW, and MIUX parameters for a device NFC_CMD_LLC_SET_PARAMS: set one or more of LTO, RW, and MIUX parameters for a device. LTO must be set before the link is up otherwise -EINPROGRESS is returned. RW and MIUX can be set at anytime and will be passed in subsequent CONNECT and CC messages. If one of the passed parameters is wrong none is set and -EINVAL is returned. Signed-off-by: NThierry Escande <thierry.escande@linux.intel.com> Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
- 27 10月, 2012 17 次提交
-
-
由 Samuel Ortiz 提交于
The Tx queues are no longer valid when we receive a disconnection or when the LLCP link goes down. In the later case we also purge the entire local Tx queue. Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
由 Kees Cook 提交于
This config item has not carried much meaning for a while now and is almost always enabled by default. As agreed during the Linux kernel summit, remove it. Acked-by: NDavid S. Miller <davem@davemloft.net> Signed-off-by: NKees Cook <keescook@chromium.org> Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
由 Szymon Janc 提交于
Signed-off-by: NSzymon Janc <szymon.janc@tieto.com> Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
由 Samuel Ortiz 提交于
The previous code was always returning the last socket from the LLCP socket list. Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
由 Samuel Ortiz 提交于
It simply involves getting the client dsap and ssap and calling the UI frame building and sending routine. Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
由 Samuel Ortiz 提交于
UI frames still need to follow the MIU rule, and they need to use the client passed dsap as the listening socket dsap is stuck on SDP. Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
由 Samuel Ortiz 提交于
With connection less PDUs we have to send the SSAP and DSAP as well. Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
由 Samuel Ortiz 提交于
UI (Unnumbered Information) frames are used for sending data over connection less links. Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
由 Samuel Ortiz 提交于
When DEP goes down, bound cl sockets can be kept alive as there is no reason to kill a connection less server socket because the LLCP link went down. Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
由 Samuel Ortiz 提交于
Connection less server sockets will be in BOUND state, not LISTEN. Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
由 Samuel Ortiz 提交于
Replying to an SNL (Service Name Lookup) means that the other end of the link can now rely on our answer (Which is an ssap) and thus we have to reserve it. Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
由 Szymon Janc 提交于
Logical continuations should be on the previous line. Signed-off-by: NSzymon Janc <szymon.janc@tieto.com> Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
由 Szymon Janc 提交于
There is no need for return statement at the end of function returning void. Signed-off-by: NSzymon Janc <szymon.janc@tieto.com> Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
由 Samuel Ortiz 提交于
SNL (Service Name Lookup) allows for LLCP peers to map service names with SAPs. This is mandatory for connection less support as peers need to get the right SAPs without sending the CONNECT frame. Here we only support the Rx part of SNL. The Tx one will be implemented when supporting connection less LLCP sockets. Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
由 Samuel Ortiz 提交于
SNL (Service Name Lookup) frames are used to respond to SNL requests. This is needed for SDP implementation. Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
由 Samuel Ortiz 提交于
We no longer need to be atomic as this is only called from llcp_sock_release(). Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
由 Samuel Ortiz 提交于
In some cases (SNL, DISC, DM) we need to send an LLCP skbs without having a sock owning it. I frames are an exception here since they may be requeued to the llcp_sock queue. Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
- 05 10月, 2012 1 次提交
-
-
由 Dave Jones 提交于
Validation of userspace input shouldn't trigger dmesg spamming. Signed-off-by: NDave Jones <davej@redhat.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 03 10月, 2012 1 次提交
-
-
由 Linus Torvalds 提交于
The network merge brought in a few users of functions that got deprecated by the workqueue cleanups: the 'system_nrt_wq' is now the same as the regular system_wq, since all workqueues are now non- reentrant. Similarly, remove one use of flush_work_sync() - the regular flush_work() has become synchronous, and the "_sync()" version is thus deprecated as being superfluous. Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
- 27 9月, 2012 3 次提交
-
-
由 Szymon Janc 提交于
nfc_llcp_socket_release is calling lock_sock/release_sock while holding write lock for rwlock. Use bh_lock/unlock_sock instead. BUG: sleeping function called from invalid context at net/core/sock.c:2138 in_atomic(): 1, irqs_disabled(): 0, pid: 56, name: kworker/1:1 4 locks held by kworker/1:1/56: Pid: 56, comm: kworker/1:1 Not tainted 3.5.0-999-nfc+ #7 Call Trace: [<ffffffff810952c5>] __might_sleep+0x145/0x200 [<ffffffff815d7686>] lock_sock_nested+0x36/0xa0 [<ffffffff81731569>] ? _raw_write_lock+0x49/0x50 [<ffffffffa04aa100>] ? nfc_llcp_socket_release+0x30/0x200 [nfc] [<ffffffffa04aa122>] nfc_llcp_socket_release+0x52/0x200 [nfc] [<ffffffffa04ab9f0>] nfc_llcp_mac_is_down+0x20/0x30 [nfc] [<ffffffffa04a6fea>] nfc_dep_link_down+0xaa/0xf0 [nfc] [<ffffffffa04a9bb5>] nfc_llcp_timeout_work+0x15/0x20 [nfc] [<ffffffff810825f7>] process_one_work+0x197/0x7c0 [<ffffffff81082596>] ? process_one_work+0x136/0x7c0 [<ffffffff8172fbc9>] ? __schedule+0x419/0x9c0 [<ffffffffa04a9ba0>] ? nfc_llcp_build_gb+0x1b0/0x1b0 [nfc] [<ffffffff81083090>] worker_thread+0x190/0x4c0 [<ffffffff81082f00>] ? rescuer_thread+0x2a0/0x2a0 [<ffffffff81088d1e>] kthread+0xae/0xc0 [<ffffffff810caafd>] ? trace_hardirqs_on+0xd/0x10 [<ffffffff8173acc4>] kernel_thread_helper+0x4/0x10 [<ffffffff81732174>] ? retint_restore_args+0x13/0x13 [<ffffffff81088c70>] ? flush_kthread_worker+0x150/0x150 [<ffffffff8173acc0>] ? gs_change+0x13/0x13 Signed-off-by: NSzymon Janc <szymon.janc@tieto.com> Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
由 Thierry Escande 提交于
This adds support for socket of type SOCK_RAW to LLCP. sk_buff are copied and sent to raw sockets with a 2 bytes extra header: The first byte header contains the nfc adapter index. The second one contains flags: - 0x01 - Direction (0=RX, 1=TX) - 0x02-0x80 - Reserved A raw socket has to be explicitly bound to a nfc adapter. This is achieved by specifying the adapter index to be bound to in the dev_idx field of the sockaddr_nfc_llcp struct passed to bind(). Signed-off-by: NThierry Escande <thierry.escande@linux.intel.com> Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
由 Szymon Janc 提交于
If rwlock is dynamically allocated but statically initialized it is missing proper lockdep annotation. INFO: trying to register non-static key. the code is fine but needs lockdep annotation. turning off the locking correctness validator. Pid: 3352, comm: neard Not tainted 3.5.0-999-nfc+ #2 Call Trace: [<ffffffff810c8526>] __lock_acquire+0x8f6/0x1bf0 [<ffffffff81739045>] ? printk+0x4d/0x4f [<ffffffff810c9eed>] lock_acquire+0x9d/0x220 [<ffffffff81702bfe>] ? nfc_llcp_sock_from_sn+0x4e/0x160 [<ffffffff81746724>] _raw_read_lock+0x44/0x60 [<ffffffff81702bfe>] ? nfc_llcp_sock_from_sn+0x4e/0x160 [<ffffffff81702bfe>] nfc_llcp_sock_from_sn+0x4e/0x160 [<ffffffff817034a7>] nfc_llcp_get_sdp_ssap+0xa7/0x1b0 [<ffffffff81706353>] llcp_sock_bind+0x173/0x210 [<ffffffff815d9c94>] sys_bind+0xe4/0x100 [<ffffffff8139209e>] ? trace_hardirqs_on_thunk+0x3a/0x3f [<ffffffff8174ea69>] system_call_fastpath+0x16/0x1b Signed-off-by: NSzymon Janc <szymon.janc@tieto.com> Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
- 25 9月, 2012 3 次提交
-
-
由 Wei Yongjun 提交于
nfc_llcp_build_tlv() malloced the memory and should be free in nfc_llcp_build_gb() after used, and the same in the error handling case, otherwise it will cause memory leak. spatch with a semantic match is used to found this problem. (http://coccinelle.lip6.fr/) Signed-off-by: NWei Yongjun <yongjun_wei@trendmicro.com.cn> Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
由 Tejun Heo 提交于
NFC is using a number of custom ordered workqueues w/ WQ_MEM_RECLAIM. WQ_MEM_RECLAIM is unnecessary unless NFC is gonna be used as transport for storage device, and all use cases match one work item to one ordered workqueue - IOW, there's no actual ordering going on at all and using system_nrt_wq gives the same behavior. There's nothing to be gained by using custom workqueues. Use system_nrt_wq instead and drop all the custom ones. Signed-off-by: NTejun Heo <tj@kernel.org> Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
由 Syam Sidhardhan 提交于
This patch remove the repeated code for checking llcp_sock & llcp_sock->dev against NULL. Signed-off-by: NSyam Sidhardhan <s.syam@samsung.com> Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-