- 11 10月, 2007 40 次提交
-
-
由 Eric W. Biederman 提交于
Each netlink socket will live in exactly one network namespace, this includes the controlling kernel sockets. This patch updates all of the existing netlink protocols to only support the initial network namespace. Request by clients in other namespaces will get -ECONREFUSED. As they would if the kernel did not have the support for that netlink protocol compiled in. As each netlink protocol is updated to be multiple network namespace safe it can register multiple kernel sockets to acquire a presence in the rest of the network namespaces. The implementation in af_netlink is a simple filter implementation at hash table insertion and hash table look up time. Signed-off-by: NEric W. Biederman <ebiederm@xmission.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Eric W. Biederman 提交于
Every user of the network device notifiers is either a protocol stack or a pseudo device. If a protocol stack that does not have support for multiple network namespaces receives an event for a device that is not in the initial network namespace it quite possibly can get confused and do the wrong thing. To avoid problems until all of the protocol stacks are converted this patch modifies all netdev event handlers to ignore events on devices that are not in the initial network namespace. As the rest of the code is made network namespace aware these checks can be removed. Signed-off-by: NEric W. Biederman <ebiederm@xmission.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Eric W. Biederman 提交于
This patch modifies every packet receive function registered with dev_add_pack() to drop packets if they are not from the initial network namespace. This should ensure that the various network stacks do not receive packets in a anything but the initial network namespace until the code has been converted and is ready for them. Signed-off-by: NEric W. Biederman <ebiederm@xmission.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Eric W. Biederman 提交于
Except for carefully selected pseudo devices all network interfaces should start out in the initial network namespace. Ultimately it will be register_netdev that examines what dev->nd_net is set to and places a device in a network namespace. This patch modifies alloc_netdev to initialize the network namespace a device is in with the initial network namespace. This gets it right for the vast majority of devices so their drivers need not be modified and for those few pseudo devices that need something different they can change this parameter before calling register_netdevice. The network namespace parameter on a network device is not reference counted as the devices are inside of a network namespace and cannot remain in that namespace past the lifetime of the network namespace. Signed-off-by: NEric W. Biederman <ebiederm@xmission.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Eric W. Biederman 提交于
This patch passes in the namespace a new socket should be created in and has the socket code do the appropriate reference counting. By virtue of this all socket create methods are touched. In addition the socket create methods are modified so that they will fail if you attempt to create a socket in a non-default network namespace. Failing if we attempt to create a socket outside of the default network namespace ensures that as we incrementally make the network stack network namespace aware we will not export functionality that someone has not audited and made certain is network namespace safe. Allowing us to partially enable network namespaces before all of the exotic protocols are supported. Any protocol layers I have missed will fail to compile because I now pass an extra parameter into the socket creation code. [ Integrated AF_IUCV build fixes from Andrew Morton... -DaveM ] Signed-off-by: NEric W. Biederman <ebiederm@xmission.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Eric W. Biederman 提交于
This patch makes /proc/net per network namespace. It modifies the global variables proc_net and proc_net_stat to be per network namespace. The proc_net file helpers are modified to take a network namespace argument, and all of their callers are fixed to pass &init_net for that argument. This ensures that all of the /proc/net files are only visible and usable in the initial network namespace until the code behind them has been updated to be handle multiple network namespaces. Making /proc/net per namespace is necessary as at least some files in /proc/net depend upon the set of network devices which is per network namespace, and even more files in /proc/net have contents that are relevant to a single network namespace. Signed-off-by: NEric W. Biederman <ebiederm@xmission.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Eric W. Biederman 提交于
This is the basic infrastructure needed to support network namespaces. This infrastructure is: - Registration functions to support initializing per network namespace data when a network namespaces is created or destroyed. - struct net. The network namespace data structure. This structure will grow as variables are made per network namespace but this is the minimal starting point. - Functions to grab a reference to the network namespace. I provide both get/put functions that keep a network namespace from being freed. And hold/release functions serve as weak references and will warn if their count is not zero when the data structure is freed. Useful for dealing with more complicated data structures like the ipv4 route cache. - A list of all of the network namespaces so we can iterate over them. - A slab for the network namespace data structure allowing leaks to be spotted. Signed-off-by: NEric W. Biederman <ebiederm@xmission.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Eric W. Biederman 提交于
This slightly improves code safety and clarity. Later network namespace patches touch this code so this is a preliminary cleanup. Signed-off-by: NEric W. Biederman <ebiederm@xmission.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Joy Latten 提交于
This patch modifies the current ipsec audit layer by breaking it up into purpose driven audit calls. So far, the only audit calls made are when add/delete an SA/policy. It had been discussed to give each key manager it's own calls to do this, but I found there to be much redundnacy since they did the exact same things, except for how they got auid and sid, so I combined them. The below audit calls can be made by any key manager. Hopefully, this is ok. Signed-off-by: NJoy Latten <latten@austin.ibm.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 John Heffner 提交于
The type of owner in sock_lock_t is currently (struct sock_iocb *), presumably for historical reasons. It is never used as this type, only tested as NULL or set to (void *)1. For clarity, this changes it to type int, and renames to owned, to avoid any possible type casting errors. Signed-off-by: NJohn Heffner <jheffner@psc.edu> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 John Heffner 提交于
Changes asserts in sunrpc to use sock_owned_by_user() macro instead of referencing sock_lock.owner directly. Signed-off-by: NJohn Heffner <jheffner@psc.edu> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Stephen Hemminger 提交于
Andi mentioned he did something like this already, but never submitted it. The dhcp client application uses AF_PACKET with a packet filter to receive data. The application doesn't even use timestamps, but because the AF_PACKET API has timestamps, they get turned on globally which causes an expensive time of day lookup for every packet received on any system that uses the standard DHCP client. The fix is to not enable the timestamp (but use if if available). This causes the time lookup to only occur on those packets that are destined for the AF_PACKET socket. The timestamping occurs after packet filtering so all packets dropped by filtering to not cause a clock call. The one downside of this a a few microseconds additional delay added from the normal timestamping location (netif_rx) until the receive callback in AF_PACKET. But since the offset is fairly consistent it should not upset applications that do want really use timestamps, like wireshark. Signed-off-by: NStephen Hemminger <shemminger@linux-foundation.org> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Micah Gruber 提交于
This trivial patch removes the unneeded pointer newdp, which is never used. Signed-off-by: NMicah Gruber <micah.gruber@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Micah Gruber 提交于
This trivial patch removes the unneeded pointer iph, which is never used. Signed-off-by: NMicah Gruber <micah.gruber@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Johannes Berg 提交于
The sta_info.assoc_ap value is used as a flag, move it into flags. Signed-off-by: NJohannes Berg <johannes@sipsolutions.net> Acked-by: NMichael Wu <flamingice@sourmilk.net> Signed-off-by: NJohn W. Linville <linville@tuxdriver.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Johannes Berg 提交于
This removes some definitions that are used only within ioctls that will never make it into mainline. Signed-off-by: NJohannes Berg <johannes@sipsolutions.net> Acked-by: NMichael Wu <flamingice@sourmilk.net> Signed-off-by: NJohn W. Linville <linville@tuxdriver.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Johannes Berg 提交于
When I changed the code there I forgot to mention what happens with multicast frames in a regular BSS and keep wondering myself if the code is correct. Add appropriate comments. Signed-off-by: NJohannes Berg <johannes@sipsolutions.net> Acked-by: NMichael Wu <flamingice@sourmilk.net> Signed-off-by: NJohn W. Linville <linville@tuxdriver.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 John W. Linville 提交于
In STA mode, the AP will echo our traffic. This includes multicast traffic. Receiving these frames confuses some protocols and applications, notably IPv6 Duplicate Address Detection. Signed-off-by: NJohn W. Linville <linville@tuxdriver.com> Signed-off-by: NJohannes Berg <johannes@sipsolutions.net> Acked-by: NMichael Wu <flamingice@sourmilk.net> Signed-off-by: NJohn W. Linville <linville@tuxdriver.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Johannes Berg 提交于
This cleans up some whitespace to make the mac80211 version in mainline diverge less from wireless-dev. Signed-off-by: NJohannes Berg <johannes@sipsolutions.net> Acked-by: NMichael Wu <flamingice@sourmilk.net> Signed-off-by: NJohn W. Linville <linville@tuxdriver.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Johannes Berg 提交于
It looks like in commit 28487a90 the condition was unintentionally negated by moving some code, fix it. Signed-off-by: NJohannes Berg <johannes@sipsolutions.net> Cc: Daniel Drake <dsd@gentoo.org> Acked-by: NMichael Wu <flamingice@sourmilk.net> Signed-off-by: NJohn W. Linville <linville@tuxdriver.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Larry Finger 提交于
The current version of wireless statistics contains a bug in the averaging that makes the numbers be too sticky and not react to small changes. This patch removes all averaging. Signed-off-by: NLarry Finger <Larry.Finger@lwfinger.net> Signed-off-by: NJiri Benc <jbenc@suse.cz> Signed-off-by: NJohn W. Linville <linville@tuxdriver.com> Signed-off-by: NJohannes Berg <johannes@sipsolutions.net> Acked-by: NMichael Wu <flamingice@sourmilk.net> Signed-off-by: NJohn W. Linville <linville@tuxdriver.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Johannes Berg 提交于
Add a new file 'ifindex' to each key's debugfs dir to allow finding which interface the key was configured on. This isn't done as a symlink because of possible netdev name changes. Signed-off-by: NJohannes Berg <johannes@sipsolutions.net> Acked-by: NMichael Wu <flamingice@sourmilk.net> Signed-off-by: NJohn W. Linville <linville@tuxdriver.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Johannes Berg 提交于
This moves all the key handling code out from ieee80211_ioctl.c into key.c and also does the following changes including documentation updates in mac80211.h: 1) Turn off hardware acceleration for keys when the interface is down. This is necessary because otherwise monitor interfaces could be decrypting frames for other interfaces that are down at the moment. Also, it should go some way towards better suspend/resume support, in any case the routines used here could be used for that as well. Additionally, this makes the driver interface nicer, keys for a specific local MAC address are only ever present while an interface with that MAC address is enabled. 2) Change driver set_key() callback interface to allow only return values of -ENOSPC, -EOPNOTSUPP and 0, warn on all other return values. This allows debugging the stack when a driver notices it's handed a key while it is down. 3) Invert the flag meaning to KEY_FLAG_UPLOADED_TO_HARDWARE. 4) Remove REMOVE_ALL_KEYS command as it isn't used nor do we want to use it, we'll use DISABLE_KEY for each key. It is hard to use REMOVE_ALL_KEYS because we can handle multiple virtual interfaces with different key configuration, so we'd have to keep track of a lot of state for this and that isn't worth it. 5) Warn when disabling a key fails, it musn't. 6) Remove IEEE80211_HW_NO_TKIP_WMM_HWACCEL in favour of per-key IEEE80211_KEY_FLAG_WMM_STA to let driver sort it out itself. 7) Tell driver that a (non-WEP) key is used only for transmission by using an all-zeroes station MAC address when configuring. 8) Change the set_key() callback to have access to the local MAC address the key is being added for. Signed-off-by: NJohannes Berg <johannes@sipsolutions.net> Acked-by: NMichael Wu <flamingice@sourmilk.net> Signed-off-by: NJohn W. Linville <linville@tuxdriver.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Johannes Berg 提交于
Remove adding a fake key with a NONE key algorithm for each associated STA. If we have hardware with such TX filtering we should probably extend the sta_table_notification() callback with the sta information instead; the fact that it's treated as a key for some atheros hardware shouldn't bother the stack. Signed-off-by: NJohannes Berg <johannes@sipsolutions.net> Acked-by: NMichael Wu <flamingice@sourmilk.net> Signed-off-by: NJohn W. Linville <linville@tuxdriver.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Johannes Berg 提交于
Remove the default_wep_only stuff, this wasn't really done well and no current driver actually cares. Signed-off-by: NJohannes Berg <johannes@sipsolutions.net> Acked-by: NMichael Wu <flamingice@sourmilk.net> Signed-off-by: NJohn W. Linville <linville@tuxdriver.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Johannes Berg 提交于
they aren't really refcounted anyway Signed-off-by: NJohannes Berg <johannes@sipsolutions.net> Acked-by: NMichael Wu <flamingice@sourmilk.net> Signed-off-by: NJohn W. Linville <linville@tuxdriver.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Johannes Berg 提交于
This patch embeds the struct ieee80211_key_conf into struct ieee80211_key and thus avoids allocations and having data present twice. This required some more changes: 1) The removal of the IEEE80211_KEY_DEFAULT_TX_KEY key flag. This flag isn't used by drivers nor should it be since we have a set_key_idx() callback. Maybe that callback needs to be extended to include the key conf, but only a driver that requires it will tell. 2) The removal of the IEEE80211_KEY_DEFAULT_WEP_ONLY key flag. This flag is global, so it shouldn't be passed in the key conf structure. Pass it to the function instead. Also, this patch removes the AID parameter to the set_key() callback because it is currently unused and the hardware currently cannot know about the AID anyway. I suspect this was used with some hardware that actually selected the AID itself, but that functionality was removed. Additionally, I've removed the ALG_NULL key algorithm since we have ALG_NONE. Signed-off-by: NJohannes Berg <johannes@sipsolutions.net> Acked-by: NMichael Wu <flamingice@sourmilk.net> Signed-off-by: NJohn W. Linville <linville@tuxdriver.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Jiri Slaby 提交于
mac80211, remove bitfields from struct ieee80211_sub_if_data Signed-off-by: NJiri Slaby <jirislaby@gmail.com> Signed-off-by: NJohannes Berg <johannes@sipsolutions.net> Acked-by: NMichael Wu <flamingice@sourmilk.net> Signed-off-by: NJohn W. Linville <linville@tuxdriver.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Jiri Slaby 提交于
mac80211, remove bitfields from struct ieee80211_if_sta Signed-off-by: NJiri Slaby <jirislaby@gmail.com> Signed-off-by: NJohannes Berg <johannes@sipsolutions.net> Acked-by: NMichael Wu <flamingice@sourmilk.net> Signed-off-by: NJohn W. Linville <linville@tuxdriver.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Jiri Slaby 提交于
mac80211, remove bitfields from struct ieee80211_txrx_data Signed-off-by: NJiri Slaby <jirislaby@gmail.com> Signed-off-by: NJohannes Berg <johannes@sipsolutions.net> Acked-by: NMichael Wu <flamingice@sourmilk.net> Signed-off-by: NJohn W. Linville <linville@tuxdriver.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Jiri Slaby 提交于
remove bitfields from struct ieee80211_tx_packet_data [Johannes: completely clear flags in ieee80211_remove_tx_extra] Signed-off-by: NJiri Slaby <jirislaby@gmail.com> Signed-off-by: NJohannes Berg <johannes@sipsolutions.net> Acked-by: NMichael Wu <flamingice@sourmilk.net> Signed-off-by: NJohn W. Linville <linville@tuxdriver.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Johannes Berg 提交于
The transmit code needs to set the addresses depending on the interface type, a likely() for AP/VLAN is quite wrong since most people will be using STA; convert to a switch statement to make it look nicer. Signed-off-by: NJohannes Berg <johannes@sipsolutions.net> Acked-by: NMichael Wu <flamingice@sourmilk.net> Signed-off-by: NJohn W. Linville <linville@tuxdriver.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Johannes Berg 提交于
Create a new file event.c that will contain code to send mac/mlme events to userspace. For now put the Michael MIC failure condition into it and remove sending of that condition via the management interface, hostapd interestingly doesn't do anything when it gets such a packet besides printing a message, it reacts only on the private iwevent. Signed-off-by: NJohannes Berg <johannes@sipsolutions.net> Acked-by: NMichael Wu <flamingice@sourmilk.net> Signed-off-by: NJohn W. Linville <linville@tuxdriver.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Johannes Berg 提交于
The key_mgmt variable for STA interfaces doesn't seem well-defined nor do we actually use the values other than "NONE", so change it to be named better. Signed-off-by: NJohannes Berg <johannes@sipsolutions.net> Acked-by: NMichael Wu <flamingice@sourmilk.net> Signed-off-by: NJohn W. Linville <linville@tuxdriver.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Johannes Berg 提交于
The ioctls * PRISM2_PARAM_RADAR_DETECT * PRISM2_PARAM_SPECTRUM_MGMT are not used by hostapd or wpa_supplicant, Signed-off-by: NJohannes Berg <johannes@sipsolutions.net> Acked-by: NMichael Wu <flamingice@sourmilk.net> Signed-off-by: NJohn W. Linville <linville@tuxdriver.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Johannes Berg 提交于
The ioctls * PRISM2_PARAM_STA_ANTENNA_SEL * PRISM2_PARAM_TX_POWER_REDUCTION * PRISM2_PARAM_DEFAULT_WEP_ONLY are not used by hostapd or wpa_supplicant. Signed-off-by: NJohannes Berg <johannes@sipsolutions.net> Acked-by: NMichael Wu <flamingice@sourmilk.net> Signed-off-by: NJohn W. Linville <linville@tuxdriver.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Johannes Berg 提交于
The ioctls * PRISM2_PARAM_ANTENNA_MODE * PRISM2_PARAM_STAT_TIME are not used by hostapd or wpa_supplicant. Signed-off-by: NJohannes Berg <johannes@sipsolutions.net> Acked-by: NMichael Wu <flamingice@sourmilk.net> Signed-off-by: NJohn W. Linville <linville@tuxdriver.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Johannes Berg 提交于
When doing key selection for software decryption, mac80211 gets a few things wrong: it always uses pairwise keys if configured, even if the frame is addressed to a multicast address. Also, it doesn't allow using a key index of zero if a pairwise key has also been found. This patch changes the key selection code to be (more) in line with the 802.11 specification. I have confirmed that with this, multicast frames are correctly decrypted and I've tested with WEP as well. While at it, I've cleaned up the semantics of the hardware flags IEEE80211_HW_WEP_INCLUDE_IV and IEEE80211_HW_DEVICE_HIDES_WEP and clarified them in the mac80211.h header; it is also now allowed to set the IEEE80211_HW_DEVICE_HIDES_WEP option even if it only applies to frames that have been decrypted by the hw, unencrypted frames must be dropped but encrypted frames that the hardware couldn't handle can be passed up unmodified. Signed-off-by: NJohannes Berg <johannes@sipsolutions.net> Acked-by: NMichael Wu <flamingice@sourmilk.net> Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
-
由 Johannes Berg 提交于
Unused in drivers, userspace and mac80211. Signed-off-by: NJohannes Berg <johannes@sipsolutions.net> Acked-by: NMichael Wu <flamingice@sourmilk.net> Signed-off-by: NJohn W. Linville <linville@tuxdriver.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Johannes Berg 提交于
Neither hostapd nor wpa_supplicant really use it. Signed-off-by: NJohannes Berg <johannes@sipsolutions.net> Acked-by: NMichael Wu <flamingice@sourmilk.net> Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
-