summaryrefslogtreecommitdiff
path: root/net
AgeCommit message (Collapse)AuthorFilesLines
2007-12-19[IPSEC]: Avoid undefined shift operation when testing algorithm IDHerbert Xu1-2/+12
The aalgos/ealgos fields are only 32 bits wide. However, af_key tries to test them with the expression 1 << id where id can be as large as 253. This produces different behaviour on different architectures. The following patch explicitly checks whether ID is greater than 31 and fails the check if that's the case. We cannot easily extend the mask to be longer than 32 bits due to exposure to user-space. Besides, this whole interface is obsolete anyway in favour of the xfrm_user interface which doesn't use this bit mask in templates (well not within the kernel anyway). Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-19[IPV4] ARP: Remove not used codeMark Ryden1-2/+1
In arp_process() (net/ipv4/arp.c), there is unused code: definition and assignment of tha (target hw address ). Signed-off-by: Mark Ryden <markryde@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-19NET: mac80211: fix inappropriate memory freeingCyrill Gorcunov1-1/+1
Fix inappropriate memory freeing in case of requested rate_control_ops was not found. In this case the list head entity is going to be accidentally wasted. Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com> Acked-by: Michael Wu <flamingice@sourmilk.net> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2007-12-19mac80211: fix header opsJohannes Berg1-1/+0
When using recvfrom() on a SOCK_DGRAM packet socket, I noticed that the MAC address passed back for wireless frames was always completely wrong. The reason for this is that the header parse function assigned to our virtual interfaces is a function parsing an 802.11 rather than 802.3 header. This patch fixes it by keeping the default ethernet header operations assigned. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2007-12-19mac80211: Drop out of associated state if link is lostMichael Wu1-6/+2
There is no point in staying in IEEE80211_ASSOCIATED if there is no sta_info entry to receive frames with. Signed-off-by: Michael Wu <flamingice@sourmilk.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2007-12-17Merge branch 'upstream-linus' of ā†µLinus Torvalds1-0/+1
git://git.kernel.org/pub/scm/linux/kernel/git/jgarzik/netdev-2.6 * 'upstream-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jgarzik/netdev-2.6: (23 commits) iwlwifi: fix rf_kill state inconsistent during suspend and resume b43: Fix rfkill radio LED bcm43xx_debugfs sscanf fix libertas: select WIRELESS_EXT iwlwifi3945/4965: fix rate control algo reference leak ieee80211_rate: missed unlock wireless/ipw2200.c: add __dev{init,exit} annotations zd1211rw: Fix alignment problems libertas: add Dan Williams as maintainer sis190 endianness ucc_geth: really fix section mismatch pcnet_cs: add new id ixgb: make sure jumbos stay enabled after reset Net: ibm_newemac, remove SPIN_LOCK_UNLOCKED net: smc911x: shut up compiler warnings ucc_geth: minor whitespace fix drivers/net/s2io.c section fixes drivers/net/sis190.c section fix hamachi endianness fixes e100: free IRQ to remove warningwhenrebooting ...
2007-12-17Merge branch 'fixes-jgarzik' of ā†µJeff Garzik1-0/+1
git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-2.6 into upstream-fixes
2007-12-17ieee80211_rate: missed unlockCyrill Gorcunov1-0/+1
Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2007-12-17Merge git://git.linux-nfs.org/pub/linux/nfs-2.6Linus Torvalds1-8/+1
* git://git.linux-nfs.org/pub/linux/nfs-2.6: MAINTAINERS: update the NFS CLIENT entry NFS: Fix an Oops in NFS unmount Revert "NFS: Ensure we return zero if applications attempt to write zero bytes" SUNRPC xprtrdma: fix XDR tail buf marshalling for all ops NFSv2/v3: Fix a memory leak when using -onolock NFS: Fix NFS mountpoint crossing...
2007-12-16[IRDA]: irda parameters warning fixes.Richard Knutsson1-3/+3
This patch fixes: CHECK /home/kernel/src/net/irda/parameters.c /home/kernel/src/net/irda/parameters.c:466:2: warning: Using plain integer as NULL pointer /home/kernel/src/net/irda/parameters.c:520:2: warning: Using plain integer as NULL pointer /home/kernel/src/net/irda/parameters.c:573:2: warning: Using plain integer as NULL pointer Signed-off-by: Richard Knutsson <ricknu-0@student.ltu.se> Signed-off-by: Samuel Ortiz <samuel@sortiz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-16[IRDA]: irlmp_unregister_link() needs to free lsaps.Hinko Kocevar1-0/+1
While testing the mcs7780 based IrDA USB dongle I've stumbled upon memory leak in irlmp_unregister_link(). Hashbin for lsaps is created in irlmp_register_link and should probably be freed in irlmp_unregister_link(). Signed-off-by: Hinko Kocevar <hinko.kocevar@cetrtapot.si> Signed-off-by: Samuel Ortiz <samuel@sortiz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-16[SCTP]: Flush fragment queue when exiting partial delivery.Vlad Yasevich1-0/+33
At the end of partial delivery, we may have complete messages sitting on the fragment queue. These messages are stuck there until a new fragment arrives. This can comletely stall a given association. When clearing partial delivery state, flush any complete messages from the fragment queue and send them on their way up. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-16[AX25]: Locking dependencies fix in ax25_disconnect().Jarek Poplawski1-0/+2
Bernard Pidoux reported these lockdep warnings: [ INFO: possible irq lock inversion dependency detected ] 2.6.23.1 #1 --------------------------------------------------------- fpac/4933 just changed the state of lock: (slock-AF_AX25){--..}, at: [<d8be3312>] ax25_disconnect+0x46/0xaf [ax25] but this lock was taken by another, soft-irq-safe lock in the past: (ax25_list_lock){-+..} and interrupts could create inverse lock ordering between them. [...] [ INFO: inconsistent lock state ] 2.6.23.1 #1 --------------------------------- inconsistent {in-softirq-W} -> {softirq-on-W} usage. ax25_call/4005 [HC0[0]:SC0[0]:HE1:SE1] takes: (slock-AF_AX25){-+..}, at: [<d8b79312>] ax25_disconnect+0x46/0xaf [ax25] [...] This means slock-AF_AX25 could be taken both from softirq and process context with softirqs enabled, so it's endangered itself, but also makes ax25_list_lock vulnerable. It was not 100% verified if the real lockup can happen, but this fix isn't very costly and looks safe anyway. (It was tested by Bernard with 2.6.23.9 and 2.6.24-rc5 kernels.) Reported_by: Bernard Pidoux <pidoux@ccr.jussieu.fr> Tested_by: Bernard Pidoux <pidoux@ccr.jussieu.fr> Signed-off-by: Jarek Poplawski <jarkao2@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-16[IPV4]: Make tcp_input_metrics() get minimum RTO via tcp_rto_min()Satoru SATOH1-1/+1
tcp_input_metrics() refers to the built-time constant TCP_RTO_MIN regardless of configured minimum RTO with iproute2. Signed-off-by: Satoru SATOH <satoru.satoh@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-16[IPV6]: Fix the return value of ipv6_getsockoptWei Yongjun1-7/+5
If CONFIG_NETFILTER if not selected when compile the kernel source code, ipv6_getsockopt will returen an EINVAL error if optname is not supported by the kernel. But if CONFIG_NETFILTER is selected, ENOPROTOOPT error will be return. This patch fix to always return ENOPROTOOPT error if optname argument of ipv6_getsockopt is not supported by the kernel. Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-16[BRIDGE]: Assign random address.Stephen Hemminger1-2/+1
Assigning a valid random address to bridge device solves problems when bridge device is brought up before adding real device to bridge. When the first real device is added to the bridge, it's address will overide the bridges random address. Note: any device added to a bridge must already have a valid ethernet address. br_add_if -> br_fdb_insert -> fdb_insert -> is_valid_ether_addr Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-14[IPV4]: Updates to nfsroot documentationAmos Waterland1-19/+1
The difference between ip=off and ip=::::::off has been a cause of much confusion. Document how each behaves, and do not contradict ourselves by saying that "off" is the default when in fact "any" is the default and is descibed as being so lower in the file. Signed-off-by: Amos Waterland <apw@us.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-14[TIPC]: Fix semaphore handling.Andrew Morton1-1/+1
As noted by Kevin, tipc's release() does down_interruptible() and ignores the return value. So if signal_pending() we'll end up doing up() on a non-downed semaphore. Fix. Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-14[NETFILTER]: xt_hashlimit should use time_after_eq()Eric Dumazet1-1/+1
In order to avoid jiffies wraparound and its effect, special care must be taken when doing comparisons ... Signed-off-by: Eric Dumazet <dada1@cosmosbay.com> Acked-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-14[XFRM]: Display the audited SPI value in host byte order.Paul Moore1-4/+6
Currently the IPsec protocol SPI values are written to the audit log in network byte order which is different from almost all other values which are recorded in host byte order. This patch corrects this inconsistency by writing the SPI values to the audit record in host byte order. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-14[NETFILTER]: ip_tables: fix compat copy racePatrick McHardy2-47/+18
When copying entries to user, the kernel makes two passes through the data, first copying all the entries, then fixing up names and counters. On the second pass it copies the kernel and match data from userspace to the kernel again to find the corresponding structures, expecting that kernel pointers contained in the data are still valid. This is obviously broken, fix by avoiding the second pass completely and fixing names and counters while dumping the ruleset, using the kernel-internal data structures. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-14[NETFILTER]: ctnetlink: set expected bit for related conntracksPablo Neira Ayuso1-1/+3
This patch is a fix. It sets IPS_EXPECTED for related conntracks. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-11SUNRPC xprtrdma: fix XDR tail buf marshalling for all opsJames Lentini1-8/+1
rpcrdma_convert_iovs is passed an xdr_buf representing either an RPC request or an RPC reply. In the case of a request, several calculations and tests involving pos are unnecessary. In the case of a reply, several calculations and tests involving pos are incorrect (the code tests pos against the reply xdr buf's len field, which is always 0 at the time rpcrdma_convert_iovs is executed). This change removes the incorrect/unnecessary calculations and tests involving pos. This fixes an observed problem when reading certain file sizes over NFS/RDMA. Signed-off-by: Tom Tucker <tom@opengridcomputing.com> Signed-off-by: Tom Talpey <talpey@netapp.com> Signed-off-by: James Lentini <jlentini@netapp.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
2007-12-11[IPSEC]: Fix potential dst leak in xfrm_lookupHerbert Xu1-3/+6
If we get an error during the actual policy lookup we don't free the original dst while the caller expects us to always free the original dst in case of error. This patch fixes that. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-11[VLAN]: Fix potential race in vlan_cleanup_module vs vlan_ioctl_handler.Pavel Emelyanov1-1/+1
The vlan module cleanup function starts with vlan_netlink_fini(); vlan_ioctl_set(NULL); The first call removes all the vlan devices and the second one closes the vlan ioctl. AFAIS there's a tiny race window between these two calls - after rtnl unregistered all the vlans, but the ioctl handler isn't set to NULL yet, user can manage to call this ioctl and create one vlan device, and that this function will later BUG_ON seeing non-emply hashes. I think, that we must first close the vlan ioctl and only after this remove all the vlans with the vlan_netlink_fini() call. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Acked-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-11[NET]: Fix wrong comments for unregister_net*Wang Chen1-4/+2
There are some return value comments for void functions. Fixed it. Signed-off-by: Wang Chen <wangchen@cn.fujitsu.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-11[IPv6] ESP: Discard dummy packets introduced in rfc4303Thomas Graf1-0/+6
RFC4303 introduces dummy packets with a nexthdr value of 59 to implement traffic confidentiality. Such packets need to be dropped silently and the payload may not be attempted to be parsed as it consists of random chunk. Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-11[IPv4] ESP: Discard dummy packets introduced in rfc4303Thomas Graf1-0/+5
RFC4303 introduces dummy packets with a nexthdr value of 59 to implement traffic confidentiality. Such packets need to be dropped silently and the payload may not be attempted to be parsed as it consists of random chunk. Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-11[IPV4]: Swap the ifa allocation with the"ipv4_devconf_setall" callPavel Emelyanov1-2/+1
According to Herbert, the ipv4_devconf_setall should be called only when the ifa is added to the device. However, failed ifa allocation may bring things into inconsistent state. Move the call to ipv4_devconf_setall after the ifa allocation. Fits both net-2.6 (with offsets) and net-2.6.25 (cleanly). Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-11[IPV6] XFRM: Fix auditing rt6i_flags; use RTF_xxx flags instead of RTCF_xxx.YOSHIFUJI Hideaki1-1/+1
RTCF_xxx flags, defined in include/linux/in_route.h) are available for IPv4 route (rtable) entries only. Use RTF_xxx flags instead, defined in include/linux/ipv6_route.h, for IPv6 route entries (rt6_info). Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-07[AF_RXRPC]: Add a missing gotoDavid Howells1-0/+1
Add a missing goto to error handling in the RXKAD security module for AF_RXRPC. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-07[VLAN]: Lost rtnl_unlock() in vlan_ioctl()Pavel Emelyanov1-1/+1
The SET_VLAN_NAME_TYPE_CMD command w/o CAP_NET_ADMIN capability doesn't release the rtnl lock. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-07[SCTP]: Fix the bind_addr info during migration.Vlad Yasevich2-10/+28
During accept/migrate the code attempts to copy the addresses from the parent endpoint to the new endpoint. However, if the parent was bound to a wildcard address, then we end up pointlessly copying all of the current addresses on the system. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-07[SCTP]: Add bind hash locking to the migrate codeVlad Yasevich1-0/+6
SCTP accept code tries to add a newliy created socket to a bind bucket without holding a lock. On a really busy system, that can causes slab corruptions. Add a lock around this code. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-07[IPV4]: Remove prototype of ip_rt_adviceDenis V. Lunev1-1/+1
ip_rt_advice has been gone, so no need to keep prototype and debug message. Signed-off-by: Denis V. Lunev <den@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-07[IPv4]: Reply net unreachable ICMP messageMitsuru Chinen1-0/+3
IPv4 stack doesn't reply any ICMP destination unreachable message with net unreachable code when IP detagrams are being discarded because of no route could be found in the forwarding path. Incidentally, IPv6 stack replies such ICMPv6 message in the similar situation. Signed-off-by: Mitsuru Chinen <mitch@linux.vnet.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-07[IPv6] SNMP: Increment OutNoRoutes when connecting to unreachable networkMitsuru Chinen1-0/+2
IPv6 stack doesn't increment OutNoRoutes counter when IP datagrams is being discarded because no route could be found to transmit them to their destination. IPv6 stack should increment the counter. Incidentally, IPv4 stack increments that counter in such situation. Signed-off-by: Mitsuru Chinen <mitch@linux.vnet.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-07[BRIDGE]: Section fix.Andrew Morton1-1/+1
WARNING: vmlinux.o(.init.text+0x204e2): Section mismatch: reference to .exit.text:br_fdb_fini (between 'br_init' and 'br_fdb_init') Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-05[LRO]: fix lro_gen_skb() alignmentAndrew Gallatin1-1/+2
Add a field to the lro_mgr struct so that drivers can specify how much padding is required to align layer 3 headers when a packet is copied into a freshly allocated skb by inet_lro.c:lro_gen_skb(). Without padding, skbs generated by LRO will cause alignment warnings on architectures which require strict alignment (seen on sparc64). Myri10GE is updated to use this field. Signed-off-by: Andrew Gallatin <gallatin@myri.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-05[TCP]: NAGLE_PUSH seems to be a wrong way aroundIlpo Järvinen1-2/+1
The comment in tcp_nagle_test suggests that. This bug is very very old, even 2.4.0 seems to have it. Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-05[TCP]: Move prior_in_flight collect to more robust placeIlpo Järvinen1-2/+1
The previous location is after sacktag processing, which affects counters tcp_packets_in_flight depends on. This may manifest as wrong behavior if new SACK blocks are present and all is clear for call to tcp_cong_avoid, which in the case of tcp_reno_cong_avoid bails out early because it thinks that TCP is not limited by cwnd. Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-05[TCP] FRTO: Use of existing funcs make code more obvious & robustIlpo Järvinen1-9/+5
Though there's little need for everything that tcp_may_send_now does (actually, even the state had to be adjusted to pass some checks FRTO does not want to occur), it's more robust to let it make the decision if sending is allowed. State adjustments needed: - Make sure snd_cwnd limit is not hit in there - Disable nagle (if necessary) through the frto_counter == 2 The result of check for frto_counter in argument to call for tcp_enter_frto_loss can just be open coded, therefore there isn't need to store the previous frto_counter past tcp_may_send_now. In addition, returns can then be combined. Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-05[IRDA]: Move ircomm_tty_line_info() under #ifdef CONFIG_PROC_FSPavel Emelyanov1-1/+1
The function in question is called only from ircomm_tty_read_proc, which is under this option. Move this helper to the same place. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-05[ROSE]: Trivial compilation CONFIG_INET=n casePavel Emelyanov1-1/+1
The rose_rebuild_header() consists only of some variables in case INET=n, and gcc will warn us about it. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-05[IPVS]: Fix sched registration race when checking for name collision.Pavel Emelyanov1-13/+14
The register_ip_vs_scheduler() checks for the scheduler with the same name under the read-locked __ip_vs_sched_lock, then drops, takes it for writing and puts the scheduler in list. This is racy, since we can have a race window between the lock being re-locked for writing. The fix is to search the scheduler with the given name right under the write-locked __ip_vs_sched_lock. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Acked-by: Simon Horman <horms@verge.net.au> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-05[IPVS]: Don't leak sysctl tables if the scheduler registration fails.Pavel Emelyanov2-2/+12
In case we load lblc or lblcr module we can leak some sysctl tables if the call to register_ip_vs_scheduler() fails. I've looked at the register_ip_vs_scheduler() code and saw, that the only reason to fail is the name collision, so I think that with some 3rd party schedulers this becomes a relevant issue. No? Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Acked-by: Simon Horman <horms@verge.net.au> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-03Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/net-2.6Linus Torvalds23-84/+124
* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/net-2.6: (27 commits) [INET]: Fix inet_diag dead-lock regression [NETNS]: Fix /proc/net breakage [TEXTSEARCH]: Do not allow zero length patterns in the textsearch infrastructure [NETFILTER]: fix forgotten module release in xt_CONNMARK and xt_CONNSECMARK [NETFILTER]: xt_TCPMSS: remove network triggerable WARN_ON [DECNET]: dn_nl_deladdr() almost always returns no error [IPV6]: Restore IPv6 when MTU is big enough [RXRPC]: Add missing select on CRYPTO mac80211: rate limit wep decrypt failed messages rfkill: fix double-mutex-locking mac80211: drop unencrypted frames if encryption is expected mac80211: Fix behavior of ieee80211_open and ieee80211_close ieee80211: fix unaligned access in ieee80211_copy_snap mac80211: free ifsta->extra_ie and clear IEEE80211_STA_PRIVACY_INVOKED SCTP: Fix build issues with SCTP AUTH. SCTP: Fix chunk acceptance when no authenticated chunks were listed. SCTP: Fix the supported extensions paramter SCTP: Fix SCTP-AUTH to correctly add HMACS paramter. SCTP: Fix the number of HB transmissions. [TCP] illinois: Incorrect beta usage ...
2007-12-03[INET]: Fix inet_diag dead-lock regressionHerbert Xu1-21/+46
The inet_diag register fix broke inet_diag module loading because the loaded module had to take the same mutex that's already held by the loader in order to register the new handler. This patch fixes it by introducing a separate mutex to protect the handling of handlers. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2007-12-01[NETFILTER]: fix forgotten module release in xt_CONNMARK and xt_CONNSECMARKJan Engelhardt2-10/+10
Fix forgotten module release in xt_CONNMARK and xt_CONNSECMARK When xt_CONNMARK is used outside the mangle table and the user specified "--restore-mark", the connmark_tg_check() function will (correctly) error out, but (incorrectly) forgets to release the L3 conntrack module. Same for xt_CONNSECMARK. Fix is to move the call to acquire the L3 module after the basic constraint checks. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2007-11-30[NETFILTER]: xt_TCPMSS: remove network triggerable WARN_ONPatrick McHardy1-3/+1
ipv6_skip_exthdr() returns -1 for invalid packets. don't WARN_ON that. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>