1. 19 4月, 2007 1 次提交
  2. 18 4月, 2007 8 次提交
  3. 14 4月, 2007 4 次提交
    • D
      [NETFILTER] arp_tables: Fix unaligned accesses. · 49688c84
      David S. Miller 提交于
      There are two device string comparison loops in arp_packet_match().
      The first one goes byte-by-byte but the second one tries to be
      clever and cast the string to a long and compare by longs.
      
      The device name strings in the arp table entries are not guarenteed
      to be aligned enough to make this value, so just use byte-by-byte
      for both cases.
      
      Based upon a report by <drraid@gmail.com>.
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      49688c84
    • Y
      [IPV6] SNMP: Fix {In,Out}NoRoutes statistics. · 612f09e8
      YOSHIFUJI Hideaki 提交于
      A packet which is being discarded because of no routes in the
      forwarding path should not be counted as OutNoRoutes but as
      InNoRoutes.
      Additionally, on this occasion, a packet whose destinaion is
      not valid should be counted as InAddrErrors separately.
      
      Based on patch from Mitsuru Chinen <mitch@linux.vnet.ibm.com>.
      Signed-off-by: NYOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      612f09e8
    • J
      [IPSEC] XFRM_USER: kernel panic when large security contexts in ACQUIRE · 661697f7
      Joy Latten 提交于
      When sending a security context of 50+ characters in an ACQUIRE 
      message, following kernel panic occurred.
      
      kernel BUG in xfrm_send_acquire at net/xfrm/xfrm_user.c:1781!
      cpu 0x3: Vector: 700 (Program Check) at [c0000000421bb2e0]
          pc: c00000000033b074: .xfrm_send_acquire+0x240/0x2c8
          lr: c00000000033b014: .xfrm_send_acquire+0x1e0/0x2c8
          sp: c0000000421bb560
         msr: 8000000000029032
        current = 0xc00000000fce8f00
        paca    = 0xc000000000464b00
          pid   = 2303, comm = ping
      kernel BUG in xfrm_send_acquire at net/xfrm/xfrm_user.c:1781!
      enter ? for help
      3:mon> t
      [c0000000421bb650] c00000000033538c .km_query+0x6c/0xec
      [c0000000421bb6f0] c000000000337374 .xfrm_state_find+0x7f4/0xb88
      [c0000000421bb7f0] c000000000332350 .xfrm_tmpl_resolve+0xc4/0x21c
      [c0000000421bb8d0] c0000000003326e8 .xfrm_lookup+0x1a0/0x5b0
      [c0000000421bba00] c0000000002e6ea0 .ip_route_output_flow+0x88/0xb4
      [c0000000421bbaa0] c0000000003106d8 .ip4_datagram_connect+0x218/0x374
      [c0000000421bbbd0] c00000000031bc00 .inet_dgram_connect+0xac/0xd4
      [c0000000421bbc60] c0000000002b11ac .sys_connect+0xd8/0x120
      [c0000000421bbd90] c0000000002d38d0 .compat_sys_socketcall+0xdc/0x214
      [c0000000421bbe30] c00000000000869c syscall_exit+0x0/0x40
      --- Exception: c00 (System Call) at 0000000007f0ca9c
      SP (fc0ef8f0) is in userspace
      
      We are using size of security context from xfrm_policy to determine
      how much space to alloc skb and then putting security context from
      xfrm_state into skb. Should have been using size of security context 
      from xfrm_state to alloc skb. Following fix does that
      Signed-off-by: NJoy Latten <latten@austin.ibm.com>
      Acked-by: NJames Morris <jmorris@namei.org>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      661697f7
    • J
      [VLAN]: Allow VLAN interface on top of bridge interface · 279e172a
      Jerome Borsboom 提交于
      When a VLAN interface is created on top of a bridge interface and 
      netfilter is enabled to see the bridged packets, the packets can be 
      corrupted when passing through the netfilter code. This is caused by the 
      VLAN driver not setting the 'protocol' and 'nh' members of the sk_buff 
      structure. In general, this is no problem as the VLAN interface is mostly 
      connected to a physical ethernet interface which does not use the 
      'protocol' and 'nh' members. For a bridge interface, however, these 
      members do matter.
      Signed-off-by: NJerome Borsboom <j.borsboom@erasmusmc.nl>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      279e172a
  4. 13 4月, 2007 3 次提交
  5. 11 4月, 2007 1 次提交
  6. 10 4月, 2007 2 次提交
  7. 07 4月, 2007 1 次提交
  8. 06 4月, 2007 4 次提交
  9. 05 4月, 2007 4 次提交
  10. 04 4月, 2007 1 次提交
    • E
      [PATCH] net: Ignore sysfs network device rename bugs. · 92749821
      Eric W. Biederman 提交于
      The generic networking code ensures that no two networking devices
      have the same name, so  there is no time except when sysfs has
      implementation bugs that device_rename when called from
      dev_change_name will fail.
      
      The current error handling for errors from device_rename in
      dev_change_name is wrong and results in an unusable and unrecoverable
      network device if device_rename is happens to return an error.
      
      This patch removes the buggy error handling.  Which confines the mess
      when device_rename hits a problem to sysfs, instead of propagating it
      the rest of the network stack.  Making linux a little more robust.
      
      Without this patch you can observe what happens when sysfs has a bug
      when CONFIG_SYSFS_DEPRECATED is not set and you attempt to rename
      a real network device to a name like (broken_parity_status, device,
      modalias, power, resource2, subsystem_vendor, class,  driver, irq,
      msi_bus, resource, subsystem, uevent, config, enable, local_cpus,
      numa_node, resource0, subsystem_device, vendor)
      
      Greg has a patch that fixes the sysfs bugs but he doesn't trust it
      for a 2.6.21 timeframe.  This patch which just ignores errors should
      be safe and it keeps the system from going completely wacky.
      Signed-off-by: NEric W. Biederman <ebiederm@xmission.com>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      92749821
  11. 03 4月, 2007 4 次提交
  12. 30 3月, 2007 1 次提交
  13. 29 3月, 2007 2 次提交
  14. 28 3月, 2007 3 次提交
  15. 27 3月, 2007 1 次提交