summaryrefslogtreecommitdiff
path: root/include/net
AgeCommit message (Collapse)AuthorFilesLines
2011-08-06net: Compute protocol sequence numbers and fragment IDs using MD5.David S. Miller1-0/+20
Computers have become a lot faster since we compromised on the partial MD4 hash which we use currently for performance reasons. MD5 is a much safer choice, and is inline with both RFC1948 and other ISS generators (OpenBSD, Solaris, etc.) Furthermore, only having 24-bits of the sequence number be truly unpredictable is a very serious limitation. So the periodic regeneration and 8-bit counter have been removed. We compute and use a full 32-bit sequence number. For ipv6, DCCP was found to use a 32-bit truncated initial sequence number (it needs 43-bits) and that is fixed here as well. Reported-by: Dan Kaminsky <dan@doxpara.com> Tested-by: Willy Tarreau <w@1wt.eu> Signed-off-by: David S. Miller <davem@davemloft.net>
2011-08-03net: fix NULL dereferences in check_peer_redir()Eric Dumazet1-4/+13
Gergely Kalman reported crashes in check_peer_redir(). It appears commit f39925dbde778 (ipv4: Cache learned redirect information in inetpeer.) added a race, leading to possible NULL ptr dereference. Since we can now change dst neighbour, we should make sure a reader can safely use a neighbour. Add RCU protection to dst neighbour, and make sure check_peer_redir() can be called safely by different cpus in parallel. As neighbours are already freed after one RCU grace period, this patch should not add typical RCU penalty (cache cold effects) Many thanks to Gergely for providing a pretty report pointing to the bug. Reported-by: Gergely Kalman <synapse@hippy.csoma.elte.hu> Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2011-08-01doc: Update the email address for Paul Moore in various source filesPaul Moore2-2/+2
My @hp.com will no longer be valid starting August 5, 2011 so an update is necessary. My new email address is employer independent so we don't have to worry about doing this again any time soon. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: Paul Moore <paul@paul-moore.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2011-07-26atomic: use <linux/atomic.h>Arun Sharma15-15/+15
This allows us to move duplicated code in <asm/atomic.h> (atomic_inc_not_zero() for now) to <linux/atomic.h> Signed-off-by: Arun Sharma <asharma@fb.com> Reviewed-by: Eric Dumazet <eric.dumazet@gmail.com> Cc: Ingo Molnar <mingo@elte.hu> Cc: David Miller <davem@davemloft.net> Cc: Eric Dumazet <eric.dumazet@gmail.com> Acked-by: Mike Frysinger <vapier@gentoo.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-07-25Merge branch 'for-linus' of ↵Linus Torvalds1-2/+1
git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial: (43 commits) fs: Merge split strings treewide: fix potentially dangerous trailing ';' in #defined values/expressions uwb: Fix misspelling of neighbourhood in comment net, netfilter: Remove redundant goto in ebt_ulog_packet trivial: don't touch files that are removed in the staging tree lib/vsprintf: replace link to Draft by final RFC number doc: Kconfig: `to be' -> `be' doc: Kconfig: Typo: square -> squared doc: Konfig: Documentation/power/{pm => apm-acpi}.txt drivers/net: static should be at beginning of declaration drivers/media: static should be at beginning of declaration drivers/i2c: static should be at beginning of declaration XTENSA: static should be at beginning of declaration SH: static should be at beginning of declaration MIPS: static should be at beginning of declaration ARM: static should be at beginning of declaration rcu: treewide: Do not use rcu_read_lock_held when calling rcu_dereference_check Update my e-mail address PCIe ASPM: forcedly -> forcibly gma500: push through device driver tree ... Fix up trivial conflicts: - arch/arm/mach-ep93xx/dma-m2p.c (deleted) - drivers/gpio/gpio-ep93xx.c (renamed and context nearby) - drivers/net/r8169.c (just context changes)
2011-07-24Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netLinus Torvalds2-4/+89
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (145 commits) bnx2x: use pci_pcie_cap() bnx2x: fix bnx2x_stop_on_error flow in bnx2x_sp_rtnl_task bnx2x: enable internal target-read for 57712 and up only bnx2x: count statistic ramrods on EQ to prevent MC assert bnx2x: fix loopback for non 10G link bnx2x: dcb - send all unmapped priorities to same COS as L2 iwlwifi: Fix build with CONFIG_PM disabled. gre: fix improper error handling ipv4: use RT_TOS after some rt_tos conversions via-velocity: remove duplicated #include qlge: remove duplicated #include igb: remove duplicated #include can: c_can: remove duplicated #include bnad: remove duplicated #include net: allow netif_carrier to be called safely from IRQ bna: Header File Consolidation bna: HW Error Counter Fix bna: Add HW Semaphore Unlock Logic bna: IOC Event Name Change bna: Mboxq Flush When IOC Disabled ...
2011-07-23fs/9p: add 9P2000.L unlinkat operationAneesh Kumar K.V2-0/+3
unlinkat - Remove a directory entry size[4] Tunlinkat tag[2] dirfid[4] name[s] flag[4] size[4] Runlinkat tag[2] older Tremove have the below request format size[4] Tremove tag[2] fid[4] The remove message is used to remove a directory entry either file or directory The remove opreation is actually a directory opertation and should ideally have dirfid, if not we cannot represent the fid on server with anything other than name. We will have to derive the directory name from fid in the Tremove request. NOTE: The operation doesn't clunk the unlink fid. Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
2011-07-23fs/9p: add 9P2000.L renameat operationAneesh Kumar K.V2-1/+6
renameat - change name of file or directory size[4] Trenameat tag[2] olddirfid[4] oldname[s] newdirfid[4] newname[s] size[4] Rrenameat tag[2] older Trename have the below request format size[4] Trename tag[2] fid[4] newdirfid[4] name[s] The rename message is used to change the name of a file, possibly moving it to a new directory. The rename opreation is actually a directory opertation and should ideally have olddirfid, if not we cannot represent the fid on server with anything other than name. We will have to derive the old directory name from fid in the Trename request. Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
2011-07-23fs/9p: Clean-up get_protocol_version() to use strcmpPrem Karat2-4/+4
Signed-off-by: Prem Karat <prem.karat@linux.vnet.ibm.com> Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
2011-07-23net/9p: Remove structure not used in the codeAneesh Kumar K.V1-178/+5
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
2011-07-239p: clean up packet dump codeEric Van Hensbergen1-0/+6
Switch to generic kernel hexdump library and cleanup macros to be more consistent with the way we do normal debug prints. Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
2011-07-22Merge branch 'master' of ↵John W. Linville2-4/+89
git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6 into for-davem
2011-07-21ipv6: make fragment identifications less predictableEric Dumazet2-14/+11
IPv6 fragment identification generation is way beyond what we use for IPv4 : It uses a single generator. Its not scalable and allows DOS attacks. Now inetpeer is IPv6 aware, we can use it to provide a more secure and scalable frag ident generator (per destination, instead of system wide) This patch : 1) defines a new secure_ipv6_id() helper 2) extends inet_getid() to provide 32bit results 3) extends ipv6_select_ident() with a new dest parameter Reported-by: Fernando Gont <fernando@gont.com.ar> Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2011-07-20mac80211: sync driver before TXJohannes Berg1-0/+42
In P2P client mode, the GO (AP) to connect to might have periods of time where it is not available due to powersave. To allow the driver to sync with it and send frames to the GO only when it is available add a new callback tx_sync (and the corresponding finish_tx_sync). These callbacks can sleep unlike the actual TX. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2011-07-19cfg80211: allow userspace to control supported rates in scanJohannes Berg1-0/+3
Some P2P scans are not allowed to advertise 11b rates, but that is a rather special case so instead of having that, allow userspace to request the rate sets (per band) that are advertised in scan probe request frames. Since it's needed in two places now, factor out some common code parsing a rate array. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2011-07-18net: Add ->neigh_lookup() operation to dst_opsDavid S. Miller3-9/+6
In the future dst entries will be neigh-less. In that environment we need to have an easy transition point for current users of dst->neighbour outside of the packet output fast path. Signed-off-by: David S. Miller <davem@davemloft.net>
2011-07-17net: Abstract dst->neighbour accesses behind helpers.David S. Miller1-3/+15
dst_{get,set}_neighbour() Signed-off-by: David S. Miller <davem@davemloft.net>
2011-07-17ipv6: Get rid of rt6i_nexthop macro.David S. Miller1-1/+0
It just makes it harder to see 1) what the code is doing and 2) grep for all users of dst{->,.}neighbour Signed-off-by: David S. Miller <davem@davemloft.net>
2011-07-17neigh: Pass neighbour entry to output ops.David S. Miller1-9/+10
This will get us closer to being able to do "neigh stuff" completely independent of the underlying dst_entry for protocols (ipv4/ipv6) that wish to do so. We will also be able to make dst entries neigh-less. Signed-off-by: David S. Miller <davem@davemloft.net>
2011-07-16neigh: Kill ndisc_ops->queue_xmitDavid S. Miller1-1/+0
It is always dev_queue_xmit(). Signed-off-by: David S. Miller <davem@davemloft.net>
2011-07-16neigh: Kill hh_cache->hh_outputDavid S. Miller1-2/+2
It's just taking on one of two possible values, either neigh_ops->output or dev_queue_xmit(). And this is purely depending upon whether nud_state has NUD_CONNECTED set or not. Signed-off-by: David S. Miller <davem@davemloft.net>
2011-07-16neigh: Kill neigh_ops->hh_outputDavid S. Miller1-1/+0
It's always dev_queue_xmit(). Signed-off-by: David S. Miller <davem@davemloft.net>
2011-07-16net: Create and use new helper, neigh_output().David S. Miller1-0/+9
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-07-15mac80211: let key iteration get keys in install orderJohannes Berg1-0/+4
ieee80211_iter_keys() currently returns keys in the backward order they were installed in, which is a bit confusing. Add them to the tail of the key list to make sure iterations go in the same order that keys were originally installed in. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2011-07-15mac80211: allow driver access to TKIP RX P1KJohannes Berg1-0/+14
When the driver wants to pre-program the TKIP RX phase 1 key, it needs to be able to obtain it for the peer's TA. Add API to allow it to generate it. The generation uses a dummy on-stack context since it doesn't know the RX queue. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2011-07-15nl80211/cfg80211: add max_sched_scan_ie_len in the hw descriptionLuciano Coelho1-0/+3
Some chips may support different lengths of user-supplied IEs with a single scheduled scan command than with a single normal scan command. To support this, this patch creates a separate hardware description element that describes the maximum size of user-supplied information element data supported in scheduled scans. Signed-off-by: Luciano Coelho <coelho@ti.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2011-07-15nl80211/cfg80211: add max_sched_scan_ssids in the hw descriptionLuciano Coelho1-0/+3
Some chips can scan more SSIDs with a single scheduled scan command than with a single normal scan command (eg. wl12xx chips). To support this, this patch creates a separate hardware description element that describes the amount of SSIDs supported in scheduled scans. Signed-off-by: Luciano Coelho <coelho@ti.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2011-07-15nl80211: advertise GTK rekey support, new triggersJohannes Berg1-4/+20
Since we now have the necessary API in place to support GTK rekeying, applications will need to know whether it is supported by a device. Add a pseudo-trigger that is used only to advertise that capability. Also, add some new triggers that match what iwlagn devices can do. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2011-07-15Merge branch 'master' of ↵John W. Linville8-38/+221
git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6 into for-davem Conflicts: net/bluetooth/l2cap_core.c
2011-07-14Merge branch 'master' of ↵David S. Miller2-1/+2
master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 Conflicts: net/bluetooth/l2cap_core.c
2011-07-14net: Embed hh_cache inside of struct neighbour.David S. Miller2-10/+10
Now that there is a one-to-one correspondance between neighbour and hh_cache entries, we no longer need: 1) dynamic allocation 2) attachment to dst->hh 3) refcounting Initialization of the hh_cache entry is indicated by hh_len being non-zero, and such initialization is always done with the neighbour's lock held as a writer. Signed-off-by: David S. Miller <davem@davemloft.net>
2011-07-13mac80211: allow driver to disconnect after resumeJohannes Berg1-0/+23
In WoWLAN, devices may use crypto keys for TX/RX and could also implement GTK rekeying. If the driver isn't able to retrieve replay counters and similar information from the device upon resume, or if the device isn't responsive due to platform issues, it isn't safe to keep the connection up as GTK rekey messages from during the sleep time could be replayed against it. The only protection against that is disconnecting from the AP. Modifying mac80211 to do that while it is resuming would be very complex and invasive in the case that the driver requires a reconfig, so do it after it has resumed completely. In that case, however, packets might be replayed since it can then only happen after TX/RX are up again, so mark keys for interfaces that need to disconnect as "tainted" and drop all packets that are sent or received with those keys. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2011-07-13ipv4: Inline neigh binding.David Miller1-1/+32
Get rid of all of the useless and costly indirection by doing the neigh hash table lookup directly inside of the neighbour binding. Rename from arp_bind_neighbour to rt_bind_neighbour. Use new helpers {__,}ipv4_neigh_lookup() In rt_bind_neighbour() get rid of useless tests which are never true in the context this function is called, namely dev is never NULL and the dst->neighbour is always NULL. Signed-off-by: David S. Miller <davem@davemloft.net>
2011-07-11cfg80211: fix docbookJohannes Berg1-0/+1
Looks like I forgot to document the "gfp" parameter to cfg80211_gtk_rekey_notify, add it. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2011-07-11mac80211: add driver RSSI threshold eventsMeenakshi Venkataraman1-0/+20
mac80211 maintains a running average of the RSSI when a STA is associated to an AP. Report threshold events to any driver that has registered callbacks for getting RSSI measurements. Implement callbacks in mac80211 so that driver can set thresholds. Add callbacks in mac80211 which is invoked when an RSSI threshold event occurs. mac80211: add tracing to rssi_reports api and remove extraneous fn argument mac80211: scale up rssi thresholds from driver by 16 before storing Signed-off-by: Meenakshi Venkataraman <meenakshi.venkataraman@intel.com> Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2011-07-11Merge branch 'master' of ↵John W. Linville6-12/+75
master.kernel.org:/pub/scm/linux/kernel/git/padovan/bluetooth-next-2.6 Conflicts: net/bluetooth/l2cap_core.c
2011-07-11Merge branch 'master' into for-nextJiri Kosina4-2/+17
Sync with Linus' tree to be able to apply pending patches that are based on newer code already present upstream.
2011-07-11ipv4: Use universal hash for ARP.David S. Miller1-0/+7
We need to make sure the multiplier is odd. Signed-off-by: David S. Miller <davem@davemloft.net>
2011-07-11neigh: Store hash shift instead of mask.David S. Miller1-1/+1
And mask the hash function result by simply shifting down the "->hash_shift" most significant bits. Currently which bits we use is arbitrary since jhash produces entropy evenly across the whole hash function result. But soon we'll be using universal hashing functions, and in those cases more entropy exists in the higher bits than the lower bits, because they use multiplies. Signed-off-by: David S. Miller <davem@davemloft.net>
2011-07-11Bluetooth: Fixes l2cap "command reject" reply according to specIlia Kolomisnky1-1/+18
There can 3 reasons for the "command reject" reply produced by the stack. Each such reply should be accompanied by the relevand data ( as defined in spec. ). Currently there is one instance of "command reject" reply with reason "invalid cid" wich is fixed. Also, added clean-up definitions related to the "command reject" replies. Signed-off-by: Ilia Kolomisnky <iliak@ti.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-07-08Bluetooth: Add support for returning the encryption key sizeVinicius Costa Gomes1-0/+1
This will be useful when userspace wants to restrict some kinds of operations based on the length of the key size used to encrypt the link. Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-07-08Bluetooth: Add support for storing the key sizeVinicius Costa Gomes1-1/+2
In some cases it will be useful having the key size used for encrypting the link. For example, some profiles may restrict some operations depending on the key length. The key size is stored in the key that is passed to userspace using the pin_length field in the key structure. For now this field is only valid for LE controllers. 3.0+HS controllers define the Read Encryption Key Size command, this field is intended for storing the value returned by that command. Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-07-08Bluetooth: Remove unused field in hci_connVinicius Costa Gomes1-1/+0
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-07-08Bluetooth: Add functions to manipulate the link key list for SMPVinicius Costa Gomes1-0/+5
As the LTK (the new type of key being handled now) has more data associated with it, we need to store this extra data and retrieve the keys based on that data. Methods for searching for a key and for adding a new LTK are introduced here. Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-07-08Bluetooth: Add new structures for supporting SM key distributionVinicius Costa Gomes3-0/+22
We need these changes because SMP keys may have more information associated with them, for example, in the LTK case, it has an encrypted diversifier (ediv) and a random number (rand). Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-07-08rcu: treewide: Do not use rcu_read_lock_held when calling rcu_dereference_checkMichal Hocko1-2/+1
Since ca5ecddf (rcu: define __rcu address space modifier for sparse) rcu_dereference_check use rcu_read_lock_held as a part of condition automatically so callers do not have to do that as well. Signed-off-by: Michal Hocko <mhocko@suse.cz> Acked-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com> Signed-off-by: Jiri Kosina <jkosina@suse.cz>
2011-07-08Bluetooth: Add support for SMP phase 3 (key distribution)Vinicius Costa Gomes1-0/+1
This adds support for generating and distributing all the keys specified in the third phase of SMP. This will make possible to re-establish secure connections, resolve private addresses and sign commands. For now, the values generated are random. Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-07-08sctp: ABORT if receive, reassmbly, or reodering queue is not empty while ↵Thomas Graf1-1/+1
closing socket Trigger user ABORT if application closes a socket which has data queued on the socket receive queue or chunks waiting on the reassembly or ordering queue as this would imply data being lost which defeats the point of a graceful shutdown. This behavior is already practiced in TCP. We do not check the input queue because that would mean to parse all chunks on it to look for unacknowledged data which seems too much of an effort. Control chunks or duplicated chunks may also be in the input queue and should not be stopping a graceful shutdown. Signed-off-by: Thomas Graf <tgraf@infradead.org> Acked-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2011-07-08mac80211: allow driver to generate P1K for IV32Johannes Berg1-2/+22
In order to support pre-populating the P1K cache in iwlwifi hardware for WoWLAN, we need to calculate the P1K for the current IV32. Allow drivers to get the P1K for any given IV32 instead of for a given packet, but keep the packet-based version around as an inline. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2011-07-08mac80211: allow drivers to access key sequence counterJohannes Berg1-0/+60
In order to implement GTK rekeying, the device needs to be able to encrypt frames with the right PN/IV and check the PN/IV in RX frames. To be able to tell it about all those counters, we need to be able to get them from mac80211, this adds the required API. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>